summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r14753: Fix the kerberized pam_auth: As we could have created a new credentialGünther Deschner1-14/+26
cache with a valid TGT in it but we werent able to get or verify the service ticket for this local host afterwards and therefor didn't get the PAC, we need to remove that ccache entirely. Also remove an ugly pair of (not needed) seteuid calls around the ticket destroy wrapper. Guenther (This used to be commit 25a2fb3896596380d9eecac80defbf247a35e6bb)
2007-10-10r14751: Use the noreturn attribute to try and tell coverity thatJeremy Allison2-9/+21
smb_panic can't return. Jeremy. (This used to be commit ba9c98983efbf4871e1ec07df37590d97ec52fba)
2007-10-10r14748: store the name/ip address combination when we doa reverse look up in ↵Gerald Carter1-2/+11
case future forward lookups would fail (This used to be commit d56ed46faec46dad74b469d25ff99c9002792c78)
2007-10-10r14746: Add the Samba4 replacements for opendir/readdir etc. toJeremy Allison6-8/+352
Samba3 - with some 64-bit macro madness. Attempt to fix the broken directory handling in the *BSD-of-the-month club. Jeremy. (This used to be commit fd98427f64f4206c01f16f82fadf24f5863878db)
2007-10-10r14744: allow ./timelimit 5 ./timelimit 20 ./ignore_all_signalsStefan Metzmacher1-3/+11
to work, this is needed when we enable samba3's make test in the build-farm metze (This used to be commit b120c21669a91a097f044530a1f7c59043465841)
2007-10-10r14743: Fix coverity bug #227. Possible deref of null pointerJeremy Allison1-5/+10
in error code path. Jeremy. (This used to be commit 9117713c5ee220331106d291425703aec4d7dd2c)
2007-10-10r14703: Clarify the return codes for the POSIX locking case. ThisJeremy Allison2-3/+7
was confusing. Jeremy. (This used to be commit bc1a605a39e58a7dbdcd4d132345e957e3ed9d5e)
2007-10-10r14699: allow 'net sam addmem' to accept a SID for the memberGerald Carter1-5/+19
(This used to be commit 08d201806f53f51fbed4a02a54cb0656f8287b12)
2007-10-10r14698: Make sure we expand our own local groups and notGerald Carter1-1/+13
just the BUILTIN group when calling winbindd_getgroups. $ id foo uid=502(foo) gid=100(users) groups=100(users),10007(RHEL4\staff), 10001(BUILTIN\users) (This used to be commit 603b4b501a759510d2ec66cbe5ab1e9f5dc5dbc1)
2007-10-10r14696: make pdb_find_backend_entry public (for use by an external "multi" ↵Jelmer Vernooij1-3/+1
pdb backend) (This used to be commit c149421ef7aca8763e21e6c7d467e94944c30e8b)
2007-10-10r14695: Patch from Björn Jacke:Volker Lendecke2-8/+26
- add DMAPI/XDSM support for AIX - find JFS DMAPI libs on Linux when only they are available Volker (This used to be commit b6b72f8c6a03001ae75457c9e7a78e189bea5a3f)
2007-10-10r14684: Remove obsolete file (belonged to pdb_xml)Jelmer Vernooij1-46/+0
(This used to be commit 15c36233fb2e5164ea0fbb2389a066e34838dd20)
2007-10-10r14683: Get rid of hardcoded output file. With no arg, print to stdout,Jim McDonough1-75/+59
otherwise append to output file specified. (This used to be commit b4ec93f5a26442d30ba2b8c91d03f3190975efd0)
2007-10-10r14682: Small cleanup in ads_verify_ticket.Günther Deschner1-6/+5
Guenther (This used to be commit 90df68634b508b0a58f0a15ab62e9cead85765b6)
2007-10-10r14681: Get rid of hardcoded /tmp/add.ldif and /tmp/mod.ldif files. Is there aJim McDonough1-14/+19
different directory the temp files should be in, or is /tmp ok? Still have to get rid of the output file hardcoding, but that is to come, because I need to cleanup stdout. (This used to be commit 0d4bd93a5ca4025bbdeb507f4a2d6217cfb39c79)
2007-10-10r14678: - we need to use 127.0.0.2/8 as interface for the serverStefan Metzmacher6-18/+104
as nmbd skip interfaces with address 127.0.0.1 - add samba3 smbclient -L tests - add samba3 smbtorture tests metze (This used to be commit 835f8f4339f41619ec890e38569b745c5ef5d44e)
2007-10-10r14676: add make valgrindtest and remove old 'make check' and old 'make test'Stefan Metzmacher1-39/+20
metze (This used to be commit 789694d12e53ccd327c4a3e4755ef5004503cb4e)
2007-10-10r14675: Protect against null sids and rids in the cached credentials functions.Günther Deschner1-2/+28
Guenther (This used to be commit e162253a32119a31dd652b00f942d4c1a16fab83)
2007-10-10r14674: Further cleanup for cached logins, only dump hashes with DEBUG_PASSWORD.Günther Deschner3-1/+9
Guenther (This used to be commit 24afdda2ae7626b8c0b378d158ede391924d1274)
2007-10-10r14669: Remove duplicate source caused by running patch(1) once too often.James Peach1-272/+0
(This used to be commit 0ebbfc867c71002eaf921f4f4d8aa7d7b78973a7)
2007-10-10r14668: Set the FILE_STATUS_OFFLINE bit by observing the events a DMAPI-basedJames Peach13-7/+677
HSM is interested in. Tested on both IRIX and SLES9. (This used to be commit 514a767c57f8194547e5b708ad2573ab9a0719c6)
2007-10-10r14664: r13868@cabra: derrell | 2006-03-22 17:04:30 -0500Derrell Lipman5-27/+236
Implement enhancement request 3505. Two additional features are added here. There is now a method of saving an opaque user data handle in the smbc_ context, and there is now a way to request that the context be passed to the authentication function. See examples/libsmbclient/testbrowse.c for an example of using these features. (This used to be commit 203b4911c16bd7e10198a6f0e63960f2813025ef)
2007-10-10r14659: Fix installpammodules for shells where aLars Müller2-5/+11
for module in ; do ... ; done leads to an error (true64, solaris 8). We now use {,UN}INSTALL_PAM_MODULES to get replaced by configure. Therfore we don't run into the {,un}installpammodules rule if no PAM module is requested. Thanks to Björn Jacke for pointing to this issue. (This used to be commit 07a70f8f861235ba4037aacb9cc835b6d18f51c3)
2007-10-10r14646: Adding samr querygroup infolevels 2 & 5.Günther Deschner4-13/+152
Guenther (This used to be commit 6c4fe819c69f281915ad0f4c3bde4dfb194aa33a)
2007-10-10r14645: No idea how this happened, fixing the build.Günther Deschner1-55/+0
Guenther (This used to be commit d45b9abb0ec7d943e9fb374d64385d6c540fffe2)
2007-10-10r14643: Merge dcerpc_errstr from Samba 4.Günther Deschner5-4/+146
Might need to rework prs_dcerpc_status(). Guenther (This used to be commit 38b18f428ba941f4d9a14fa2de45cb0cd793a754)
2007-10-10r14634: Many bug fixes thanks to train rides and overnight stays in airportsGerald Carter8-27/+162
* Finally fix parsing idmap uid/gid ranges not to break with spaces surrounding the '-' * Allow local groups to renamed by adding info level 2 to _samr_set_aliasinfo() * Fix parsing bug in _samr_del_dom_alias() reply * Prevent root from being deleted via Samba * Prevent builting groups from being renamed or deleted * Fix bug in pdb_tdb that broke renaming user accounts * Make sure winbindd is running when trying to create the Administrators and Users BUILTIN groups automatically from smbd (and not just check the winbind nexted groups parameter value). * Have the top level rid allocator verify that the RID it is about to grant is not already assigned in our own SAM (retries up to 250 times). This fixes passdb with existing SIDs assigned to users from the RID algorithm but not monotonically allocating the RIDs from passdb. (This used to be commit db1162241f79c2af8afb7d8c26e8ed1c4a4b476f)
2007-10-10r14632: add basic 'make test' using samba4's smbtortureStefan Metzmacher9-274/+478
I'll try to add some tests using samba3's smbtorture and smbclient later. can someone check if this would be save to run on the build-farm without leaking child processes... metze (This used to be commit 899fd6808ebd04d039caf7199c60d34a4987b43a)
2007-10-10r14631: Add {,un}installpammodules rule and add it to the install rule.Lars Müller2-2/+37
Nothing happens if PAM_MODULES is empty which is our default. The default destination dir is "${LIBDIR}/security". It's possible to overwrite the default with --with-pammodulesdir while calling configure. (This used to be commit 7163c6860549378fa63907048c4eb34fe81835cc)
2007-10-10r14628: sync timelimit.c with the version from the build-farm repositoryStefan Metzmacher1-20/+39
metze (This used to be commit 1b6a64378553008127a85131fa4139842de4128b)
2007-10-10r14627: Adapt the linkage text from pam_smbpass to pam_winbind.Lars Müller1-1/+1
(This used to be commit 160626195bf44b94109ddb7a15da703344d8163f)
2007-10-10r14626: Only set libdir and mandir to the defaults if we haven't used --libdirLars Müller1-2/+2
or --mandir to set them already. Till now we overwrrote a setting made with --libdir or --mandir. (This used to be commit 94980a15be5eae2820c340d3d33b6c9df7053b24)
2007-10-10r14624: - add timelimit.cStefan Metzmacher3-0/+120
- add configure tests --with-selftest-prefix=/tmp/samba-test this is needed because the path name of unix socket can only be 108 chars long - add configure test --with-smbtorture4-path=/home/foo/prefix/samba4/bin/smbtorture this will be used to run samba4's smbtorture inside samba3's make test later metze (This used to be commit d9df1853b947c70f747ea30a353162f2985ef250)
2007-10-10r14618: add --no-process-group to all server programmsStefan Metzmacher5-12/+19
to make the following possible: timelimit 20000 bin/nmbd -F -S --no-process-group timelimit 20000 bin/smbd -F -S --no-process-group this is needed to 'make test' working without losing child processes metze (This used to be commit c3a9f30e2a12cc852c9fa3a7d161f5c6ee0694ce)
2007-10-10r14617: Fix typo in comment.Lars Müller1-1/+1
(This used to be commit df6d69e78fb0f604a7bfc34fc9ac8f391252520d)
2007-10-10r14611: Fix init_creds_opts issue jerry discovered when using MIT krb5 1.3:Günther Deschner2-11/+1
We were using a far too short renewable_time in the request; newer MIT releases take care interally that the renewable time is never shorter then the default ticket lifetime. Guenther (This used to be commit bde4a4018e26bc9aab4b928ec9811c05b21574f3)
2007-10-10r14602: Fix another logic bug in new oplock handling. JustJeremy Allison1-12/+17
because lck->num_share_modes != 0 doesn't mean that there *are* other valid share modes. They may be all marked "UNUSED" or be deferred open entries. In that case don't downgrade the granted oplock to level2 needlessly - a client can have an exclusive oplock in this case. The original code handled this correctly in the lck->num_share_modes == 0 case but not in the case where there were no valid share modes but lck->num_share_modes != 0. I'll clean up my Samba4 torture tester for this and commit it tomorrow. Jeremy. (This used to be commit 306061c93d9181262298516fefd83444f5a65ce5)
2007-10-10r14600: Refactor capability interface from being IRIX-specific to using onlyJames Peach7-88/+111
the POSIX interface. Note that this removes support for inherited capabilities. This wasn't used, and probably should not be. (This used to be commit 763f4c01488a96aec000c18bca313da37ed1df1b)
2007-10-10r14597: Merge DCERPC_FAULT constants from Samba 4.Günther Deschner5-9/+19
Guenther (This used to be commit 3f195f8248c88ec8bf8ceb195575ce6bb49d7fc4)
2007-10-10r14596: Fix a logic bug with multiple oplock contention.Jeremy Allison1-18/+33
The sad thing is the core of this bug fix is just removing a paranoia "exit_server" call, as the rest of the logic was already correct :-). Lots of comments to explain the logic added. I will look at adding tests to exercise this, might be possible. Jeremy. (This used to be commit c2488db727e1a00f112be7b169de9e6208e311f3)
2007-10-10r14585: Tighten argument list of kerberos_kinit_password again,Günther Deschner7-25/+40
kerberos_kinit_password_ext provides access to more options. Guenther (This used to be commit afc519530f94b420b305fc28f83c16db671d0d7f)
2007-10-10r14584: Really follow with roosbindir by defaulr the setting we use for sbindir.Lars Müller1-1/+1
(This used to be commit 1829d22720612b0e61cec7e66d7cba46c04160b9)
2007-10-10r14580: add 'net sam createbuiltingroup' to map BUILTIN local groups to a gidGerald Carter1-0/+59
(This used to be commit 3137fe5068e4b0c1724b92f49ca8e1d254324801)
2007-10-10r14579: Add REJECT_REASON_OTHER in the rpcclient chgpasswd3.Günther Deschner1-1/+2
Guenther (This used to be commit 9de3e9e6b26bebc580b771f9020fc7934e44d51c)
2007-10-10r14578: fix incorrect comment in fill_sam_account(). This function is ↵Gerald Carter1-4/+1
called from multiple places now (krb5, winbindd auth and domain_client_validate() (This used to be commit ddad66ec58d09f89105ceb822b7bea534dafd9e6)
2007-10-10r14577: BUG Fixes:Gerald Carter6-25/+215
* Add back in the import/export support to pdbedit * Fix segv in pam_smbpass * Cleanup some error paths in pdb_tdb and pdb_interface (This used to be commit df53d64910fbb96eb810102e986b3c337d54c463)
2007-10-10r14576: Skip remaining keytab entries when we have a clear indication thatGünther Deschner1-1/+23
krb5_rd_req could decrypt the ticket but that ticket is just not valid at the moment (either not yet valid or already expired). (This also prevents an MIT kerberos related crash) Guenther (This used to be commit 8a0c1933d3f354a8aff67482b8c7d0d1083e0c8f)
2007-10-10r14574: Allow use of sendfile as long as the write cache has not been enabledJames Peach1-3/+4
on the particular file we are performing I/O on, irrespective of whether the write cache is globally enabled (This used to be commit 0809e2cb1dfff1cd0e8631b23b415cb2d8a67312)
2007-10-10r14559: Oplocks have changed, process_smb can be static againVolker Lendecke1-3/+2
(This used to be commit 19e9bc03f81d8d000b683cf5c5f478ba25ddeb0d)
2007-10-10r14530: removing unused 'winbind max idle children' parameterGerald Carter1-3/+0
(This used to be commit 0e789b7e43388b0e7155708981b4ab52ec6d3961)