summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2009-09-16Merge branch 'master' of /home/tridge/samba/git/combinedAndrew Tridgell0-0/+0
2009-09-16s4-repl: raise a debug levelAndrew Tridgell1-1/+1
2009-09-16s4-dsdb: treat uSNHighest as 0 if @REPLCHANGED doesn't existAndrew Tridgell1-0/+8
When a partition is first created it still needs a uSNHighest value
2009-09-16Merge branch 'master' of /home/tridge/samba/git/combinedAndrew Tridgell19-393/+387
2009-09-16s4-repl: raise a debug levelAndrew Tridgell1-1/+1
2009-09-16Merge branch 'master' of ssh://git.samba.org/data/git/sambaAndrew Tridgell18-392/+386
2009-09-16Merge branch 'master' of /home/tridge/samba/git/combinedAndrew Tridgell1-0/+8
2009-09-16s4-dsdb: treat uSNHighest as 0 if @REPLCHANGED doesn't existAndrew Tridgell1-0/+8
When a partition is first created it still needs a uSNHighest value
2009-09-16libcli/auth: rewrite schannel sign/seal code to be more genericStefan Metzmacher5-229/+263
This prepares support for HMAC-SHA256/AES. metze
2009-09-16lib/crypto: include aes.h into crypto.hStefan Metzmacher1-1/+1
metze
2009-09-15Merge branch 'master' of /home/tridge/samba/git/combinedAndrew Tridgell5-35/+123
2009-09-15s4-repl: take advantage of async RPC forwardingAndrew Tridgell2-26/+7
This uses async RPC forwarding for the DsReplicaSync call
2009-09-15s4-rpc: added a module for forwarding RPC requestsAndrew Tridgell3-9/+116
dcesrv_irpc_forward_rpc_call() can be used to forward an arbitrary RPC request to another task in Samba4, with the return being handled asynchronously. This is useful for forwarding DRS requests to the repl or kcc tasks
2009-09-15Merge branch 'master' of /home/tridge/samba/git/combinedAndrew Tridgell6-22/+64
2009-09-15s4-drs: lock down key DRS callsAndrew Tridgell4-22/+54
The key DRS calls should only be allowed by administrators or domain controllers
2009-09-15s4-security: added a new security level SECURITY_DOMAIN_CONTROLLERAndrew Tridgell2-0/+10
This will be used as a simple way to lock down DRS replication to administrators and domain controllers
2009-09-15Merge branch 'master' of /home/tridge/samba/git/combinedAndrew Tridgell22-439/+1748
2009-09-15s4-ldb: ldap attribute names can contain a '.'Andrew Tridgell1-1/+2
When they are of the form of OIDs
2009-09-15s4-ldb: expose ldb_transaction_prepare_commit() in ldbAndrew Tridgell3-21/+64
It is useful to be able to control the 2 phase commit from application code (s4 replication uses it)
2009-09-15s4-repl: don't do double replicationAndrew Tridgell4-6/+44
When we replicate from a remote DC, we need to note the new uSN that the local changes have resulted in, and modify the uSN that the notify task uses to determine if it should send a ReplicaSync message back to the remote DC. Otherwise we end up always triggering a ReplicaSync every time we replicate from another DC
2009-09-15tdb: allow reads after prepare commitAndrew Tridgell1-8/+0
We previously only allowed a commit to happen after a prepare commit. It is in fact safe to allow reads between a prepare and a commit, and the s4 replication code can make use of that, so allow it.
2009-09-15s4-drs: filter based on local_usnAndrew Tridgell1-1/+1
The getncchanges uSN is in our local space, so we must compare it to the local_usn in replPropertyMetaData
2009-09-15s4-repl: make sure we marshal the replPropertyMetaData after the last changeAndrew Tridgell1-10/+10
we were setting local_usn after the marshall, so it wasn't going into the object
2009-09-15s4-dsdb: use DLIST_ADD() not DLIST_ADD_END()Andrew Tridgell2-4/+4
Using DLIST_ADD_END() to construct a long list is very inefficient (it is O(n^2). These lists are not ordered, so using DLIST_ADD() is much better.
2009-09-15s4-ldb: cope better with corruption of tdb recordsAndrew Tridgell4-5/+30
When doing an indexed search if we hit a corrupt record we abandoned the indexed search and did a full search. The problem was that we might have sent some records to the caller already, which means the caller ended up with duplicate records. Fix this by returning a search error if indexing returns an error and we have given any records to the caller.
2009-09-15talloc: when we enable NULL tracking, reparent the autofree contextAndrew Tridgell1-0/+3
If NULL tracking is enabled after the autofree context is initialised then autofree ends up separate from the null_context. This means that talloc_report_full() doesn't report the autofree context. Fix this by reparenting the autofree context when we create the null_context.
2009-09-15s4-repl: add a debug to make it easier to monitor replicationAndrew Tridgell1-0/+5
2009-09-16s3: Fix reading beyond the end of a named stream in xattr_streamsVolker Lendecke1-2/+1
This was found thanks to a test by Sivani from Microsoft against Samba at the SDC plugfest
2009-09-16s3: Add some debugs to streams_xattrVolker Lendecke1-0/+6
2009-09-16schannel: remove last traces of gensec.Günther Deschner1-2/+0
Guenther
2009-09-16lib/crypto: link in AES crypto for s4 as well.Günther Deschner1-1/+2
Guenther
2009-09-16s3-schannel: remove unused schannel_decode/schannel_encode.Günther Deschner2-293/+0
Guenther
2009-09-16schannel: fully share schannel sign/seal between s3 and 4.Günther Deschner9-83/+144
Guenther
2009-09-16schannel: move schannel_sign to main directory.Günther Deschner6-9/+52
Guenther
2009-09-16s4-schannel: try to fix the build.Günther Deschner1-1/+1
Guenther
2009-09-16s4-schannel: first step of decoupling schannel from gensec.Günther Deschner2-20/+51
Guenther
2009-09-16s4-schannel: strip trailing whitespace.Günther Deschner1-36/+36
Guenther
2009-09-16s3-schannel: fix blob length when pulling off a NL_AUTH_SIGNATURE inGünther Deschner1-1/+1
cli_pipe_verify_schannel(). Guenther
2009-09-16lib/crypto: add aes encryption routines to main cryto lib.Günther Deschner5-1/+1464
Guenther
2009-09-15Merge branch 'master' of /home/tridge/samba/git/combinedAndrew Tridgell3-14/+16
2009-09-15s4-ldb: ldap attribute names can contain a '.'Andrew Tridgell1-1/+2
When they are of the form of OIDs
2009-09-15s4-ldb: expose ldb_transaction_prepare_commit() in ldbAndrew Tridgell3-21/+64
It is useful to be able to control the 2 phase commit from application code (s4 replication uses it)
2009-09-15s4-repl: don't do double replicationAndrew Tridgell4-6/+44
When we replicate from a remote DC, we need to note the new uSN that the local changes have resulted in, and modify the uSN that the notify task uses to determine if it should send a ReplicaSync message back to the remote DC. Otherwise we end up always triggering a ReplicaSync every time we replicate from another DC
2009-09-15tdb: allow reads after prepare commitAndrew Tridgell1-8/+0
We previously only allowed a commit to happen after a prepare commit. It is in fact safe to allow reads between a prepare and a commit, and the s4 replication code can make use of that, so allow it.
2009-09-15s4-drs: filter based on local_usnAndrew Tridgell1-1/+1
The getncchanges uSN is in our local space, so we must compare it to the local_usn in replPropertyMetaData
2009-09-15s4-repl: make sure we marshal the replPropertyMetaData after the last changeAndrew Tridgell1-10/+10
we were setting local_usn after the marshall, so it wasn't going into the object
2009-09-15s4-dsdb: use DLIST_ADD() not DLIST_ADD_END()Andrew Tridgell2-4/+4
Using DLIST_ADD_END() to construct a long list is very inefficient (it is O(n^2). These lists are not ordered, so using DLIST_ADD() is much better.
2009-09-15s4-ldb: cope better with corruption of tdb recordsAndrew Tridgell4-5/+30
When doing an indexed search if we hit a corrupt record we abandoned the indexed search and did a full search. The problem was that we might have sent some records to the caller already, which means the caller ended up with duplicate records. Fix this by returning a search error if indexing returns an error and we have given any records to the caller.
2009-09-15talloc: when we enable NULL tracking, reparent the autofree contextAndrew Tridgell1-0/+3
If NULL tracking is enabled after the autofree context is initialised then autofree ends up separate from the null_context. This means that talloc_report_full() doesn't report the autofree context. Fix this by reparenting the autofree context when we create the null_context.
2009-09-15s4-repl: add a debug to make it easier to monitor replicationAndrew Tridgell1-0/+5