summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2011-05-28s3: Use cli_connect_nb in cli_start_connectionVolker Lendecke1-47/+4
2011-05-28s3: Add cli_connect_nbVolker Lendecke2-0/+136
This builds up a cli_state until after the netbios session setup. It makes use of smbsock_connect, so it connects to 139 and 445 simultaneously. This improves the connection to Windows 2008 which does not listen on *SMBSERVER anymore.
2011-05-27packaging(RHEL-CTDB): align configure.rpm to the spec fileChristian Ambach1-1/+1
Signed-off-by: Michael Adam <obnox@samba.org> Autobuild-User: Michael Adam <obnox@samba.org> Autobuild-Date: Fri May 27 13:27:03 CEST 2011 on sn-devel-104
2011-05-27s3: Fix a typoVolker Lendecke1-1/+1
Thanks to Samba-JP oota <ribbon@samba.gr.jp> Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Fri May 27 10:12:12 CEST 2011 on sn-devel-104
2011-05-27s3: Fix a typoVolker Lendecke1-1/+1
Thanks to Samba-JP oota <ribbon@samba.gr.jp>
2011-05-27Fix bug #6911 - Kerberos authentication from vista to samba fails when ↵Jeremy Allison1-3/+25
security blob size is greater than 16 kB We were not correctly checking the output of asn1_start_tag(). asn1_start_tag() returns -1 and sets data->has_error if the remaining blob size is too short to contain the tag length. We were checking data->has_error and returning NT_STATUS_OK (to allow the second asn.1 parse to fail in that case). We should not be checking data->has_error in this case, but falling through to the code that already checks the length. Thanks to Jim for reproducing this for me. We don't get bitten by this as we announce a max buffer size of 16k, greater than Windows's 4k, which means that most krb5 spnego packets already fit. Jeremy. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Fri May 27 02:57:27 CEST 2011 on sn-devel-104
2011-05-26s3: Document "async smb echo handler"Volker Lendecke1-0/+15
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Thu May 26 12:50:55 CEST 2011 on sn-devel-104
2011-05-25Fix bug #8165 - Inverted WITH_SYSLOG condition in vfs_full_audit.c.Jeremy Allison1-1/+1
Found by freeserif@yahoo.com. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Wed May 25 22:37:23 CEST 2011 on sn-devel-104
2011-05-25Fix numerous missing dependencies in WAF build scriptsSean Finney10-25/+111
With the recent consolidation of code between s3 and s4, a number of new dependencies have been implicitly introduced. For example, previous s3 code gained an implicit dependency on talloc after the charset related consolidation (lib/util/charset/charset.h now includes talloc.h). When building against the embedded version of talloc this isn't a problem since the paths are automatically added to the search path, but when building against the external libraries build failures will occur for all components that don't directly or indirectly include talloc as a dependency. Since charset.h is included from util.h, which in turn is included from includes.h, this means most of the codebase (s3 and s4) has such an undeclared dependency. Therefore, samba-util-common and samba-util have been added as dependencies to the s3 and s4 code respectively, for all cases where the source would otherwise fail to build. Additionally, a few other dependencies are added in specific wscript_build files to address similar dependency-related problems. https://bugzilla.samba.org/show_bug.cgi?id=8128 Signed-off-by: Sean Finney <seanius@seanius.net> Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org> Signed-off-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Wed May 25 19:22:13 CEST 2011 on sn-devel-104
2011-05-25s3-winbind: BUG 8166 - Don't lockout users when offline.Jim McDonough1-1/+4
Windows does not track bad password attempts when offline. We were locking users out but not honoring the lockout duration. Autobuild-User: Jim McDonough <jmcd@samba.org> Autobuild-Date: Wed May 25 18:11:10 CEST 2011 on sn-devel-104
2011-05-25s4:samldb LDB module - check if the RODC group exists if creating an RODCMatthias Dieter Wallnöfer1-13/+43
Older AD deployments simply don't have it and hence there is no RODC support. Reviewed-by: abartlet Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Wed May 25 10:26:37 CEST 2011 on sn-devel-104
2011-05-25s4:samldb LDB module - better to call "samldb_prim_group_trigger"Matthias Dieter Wallnöfer1-1/+1
"samldb_prim_group_trigger" which as a wrapper calls "samldb_prim_group_change" for a LDB modify operation. Reviewed-by: abartlet
2011-05-25s4:samldb LDB module - convert a "dsdb_module_search" into ↵Matthias Dieter Wallnöfer1-5/+2
"dsdb_module_search_dn" It saves us from checking the number of returned entries. Reviewed-by: abartlet
2011-05-25s4:sam.py - uncomment/enhance some account type testsMatthias Dieter Wallnöfer1-30/+48
Reviewed-by: abartlet
2011-05-25s4:samldb LDB modules - only objectClass "computer" is allowed to embed all ↵Matthias Dieter Wallnöfer1-3/+33
types of account Reviewed-by: abartlet
2011-05-25s4:sam.py - tests for "isCriticalSystemObject" attributeMatthias Dieter Wallnöfer1-0/+132
Reviewed-by: abartlet
2011-05-25s4:samldb LDB module - fix "isCriticalSystemObject" behaviourMatthias Dieter Wallnöfer1-3/+22
Tests against Windows Server show that it gets set to "FALSE" (not deleted) if we change the account type to a domain member. Reviewed-by: abartlet
2011-05-25s4:sam.py - unchanged "primaryGroupID" when account type remains the sameMatthias Dieter Wallnöfer1-0/+38
Enhance the testcase with a workstation example. Reviewed-by: abartlet
2011-05-25s4:samldb LDB module - fix the behaviour when changing the "userAccountControl"Matthias Dieter Wallnöfer1-14/+31
Ekacnet was not quite right yet but his patch made me think further. This primary group changing is only needed if the account type changes. With this patch we do one more search if the "userAccountControl" changes but we save us from doing these unneeded and wrong modify replace operations most of the time. Reviewed-by: abartlet
2011-05-25s3-testparm Warn about incorrect use of 'password server'Andrew Bartlett1-4/+4
This merges master with v3-6-test Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Wed May 25 05:20:57 CEST 2011 on sn-devel-104
2011-05-25s3-param Depricate 'password server = foo:12389' syntaxAndrew Bartlett1-0/+5
This was originally intended to allow the LDAP port on a DC to be varied, but makes little sense to change one port when in an environment where krb5, ldap, smb and potentially DCE/RPC over TCP are involved. Andrew Bartlett
2011-05-25docs: Rewrite 'password server' documentationAndrew Bartlett1-52/+54
I think this new version is more clear. Andrew Bartlett
2011-05-25s4-provision Use correct tkey-gssapi-credentialAndrew Bartlett2-2/+4
We changed to ${DNSNAME} (the fully qualified domain name) a while back, and while it's usually functionally idential to the previous setting, this breaks down if there is more than one DNS server. Andrew Bartlett
2011-05-25docs: Clarify the 'security=server' fails for NTLMv2Andrew Bartlett1-0/+3
2011-05-25selftest: Make knowfail/skip files consistent, always use ^prefixAndrew Bartlett3-114/+114
Except in one case (where we mark printing tests as knownfail), this has all our regular expressions start with ^, which ensures we don't accidentially mix up the samba3/samba4 prefix here. Because of the particular values in these files at the moment, this should not change the set of tests, but it will help to ensure that future edits follow the correct pattern. Andrew Bartlett
2011-05-24Fix our asn.1 parser to handle negative numbers.Jeremy Allison1-0/+9
Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Tue May 24 22:57:16 CEST 2011 on sn-devel-104
2011-05-24lib/util Add Volker's asn1_Integer test into code that runs in 'make test'Andrew Bartlett1-0/+94
The comfychair test harness isn't hooked up, and with the current infrustructure C code is better tested directly here. Andrew Bartlett
2011-05-24Actually make use of the SMBTA_SUBRELEASE define in smb_traffic_analyzer.h. ↵Holger Hetterich2-1/+12
This will allow to introduce new features or fixes into the protocol after the 3.6.0 release. The client software is designed to take care for the subrelease number. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Tue May 24 21:23:22 CEST 2011 on sn-devel-104
2011-05-24Fix bug #7054 - X account flag does not work when pwdlastset is 0.Jeremy Allison2-3/+11
Don't allow pass_last_set_time to be set to zero (which means "user must change password on next logon") if user object doesn't allow password change. Don't automatically allow user object password change if "user must change password on next logon" is set. Jim please check. Jeremy.
2011-05-24s3:modules properly terminate enums in nfs4 acl codeChristian Ambach1-1/+3
same issue as with the audit modules: using a wrong parameter leads to smbd crash as lp_enum() will not terminate on last entry of the array Autobuild-User: Christian Ambach <ambi@samba.org> Autobuild-Date: Tue May 24 20:13:39 CEST 2011 on sn-devel-104
2011-05-24s3:vfs properly terminate enums in audit modulesChristian Ambach3-6/+12
without the proper terminations of the enums, invalid arguments for the audit modules will lead to a smbd crash as the loop in lp_enum() will attempt to access memory behind the array
2011-05-24Fix bug #8150 - Ban 'dos charset = utf8'Jeremy Allison1-1/+39
Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Tue May 24 03:52:50 CEST 2011 on sn-devel-104
2011-05-23s3: Remove unused cli_get_nt_errorVolker Lendecke2-18/+0
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Mon May 23 16:54:21 CEST 2011 on sn-devel-104
2011-05-23s3: Remove unused cli_set_nt_errorVolker Lendecke2-10/+0
2011-05-23s3: Remove unused cli_reset_errorVolker Lendecke2-13/+0
2011-05-23s3: Remove a reference to cli->inbufVolker Lendecke1-1/+1
This is only used for utf16 alignment calculations, "rdata" is aligned the same way as cli->inbuf is.
2011-05-23s3: Remove two false references to cli->inbufVolker Lendecke1-2/+2
2011-05-23s3: Fix a leftover from fstring removal in cli_stateVolker Lendecke1-4/+7
Jeremy, please check!
2011-05-23selftest: create ncalrpcdir with 0755 permissionsStefan Metzmacher1-2/+11
We need to reset the umask in order to set to the desired permissions. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Mon May 23 13:26:33 CEST 2011 on sn-devel-104
2011-05-23s3: Remove unused cli_[en|de]crypt_messageVolker Lendecke2-45/+0
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Mon May 23 12:15:33 CEST 2011 on sn-devel-104
2011-05-23s3: Directly call common_encrypt_buffer in cli_smb_req_iov_sendVolker Lendecke1-2/+2
2011-05-22s3: Remove cli_send/receive_smbVolker Lendecke2-284/+0
A moment of silence is due here, R.I.P. Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Sun May 22 22:17:12 CEST 2011 on sn-devel-104
2011-05-22s3: Remove the smbtorture3 OPLOCK3 testVolker Lendecke4-62/+2
This is the last user of cli_receive_smb. Oplocks are nowadays tested in smbtorture4, this mainly has historic value
2011-05-22s3: Convert the OPEN4 test to async oplock handlingVolker Lendecke1-32/+96
This removes a caller of cli_receive_smb
2011-05-21s3: Remove clistr_align_outVolker Lendecke2-6/+0
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Sat May 21 23:31:12 CEST 2011 on sn-devel-104
2011-05-21s3: Remove unused cli_setup_bccVolker Lendecke2-10/+0
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Sat May 21 21:24:13 CEST 2011 on sn-devel-104
2011-05-21s4:sam.py - add tests to check that setting "userAccountValue" on usersdon't ↵Matthieu Patou1-2/+40
impact the "primaryGroupID" attribute Notice: The domain administrators groups isn't referenced as "Domain Admins" since this name could differ. Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Sat May 21 19:19:57 CEST 2011 on sn-devel-104
2011-05-21s4:samldb LDB module - don't change the "primaryGroupId" on LDB ↵Matthieu Patou1-1/+16
modifications unless we are a computer/dc/rodc Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org>
2011-05-21s4:lsa RPC server - handle LDB flags as "unsigned"Matthias Dieter Wallnöfer1-1/+1
Signed-off-by: Metze
2011-05-21s4:ldb-samba/ldb_wrap.*-dsdb/samdb/samdb.c - handle LDB connection flags as ↵Matthias Dieter Wallnöfer3-7/+7
unsigned The LDB API ("ldb_connect") prescribes that they should be "unsigned". Signed-off-by: Metze