Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2011-02-02 | s3:groupdb: allow machine accounts as members. | Stefan Metzmacher | 1 | -4/+4 | |
metze | |||||
2011-02-02 | s3:winbindd: catch lookup_names/sids schannel errors over ncacn_ip_tcp (bug ↵ | Stefan Metzmacher | 1 | -0/+28 | |
#7944) If winbindd connects to a domain controller it doesn't establish the lsa connection over ncacn_ip_tcp direct. This happens only on demand. If someone does a 'net rpc testjoin' and then a wbinfo -n DOMAIN\\administrator, we'll get DCERPC faults with ACCESS_DENIED/SEC_PKG_ERROR, because winbindd's in memory copy of the schannel session key is invalidated. This problem can also happen on other calls, but the lookup_names/sids calls on thet lsa ncacn_ip_tcp connection are the most important ones. The long term fix is to store the schannel client state in a tdb, but for now it's enough to catch the error and invalidate the all connections to the dc and reestablish the schannel session key. The fix for bug 7568 (commit be396411a4e1f3a174f8a44b6c062d834135e70a) made this worse, as it assumes winbindd's in memory session key is always the current one. metze | |||||
2011-02-02 | s3: Remove superfluous ; | Günther Deschner | 13 | -18/+18 | |
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Wed Feb 2 15:44:21 CET 2011 on sn-devel-104 | |||||
2011-02-02 | nsswitch: remove unused code from wbinfo.c | Günther Deschner | 1 | -27/+0 | |
Guenther | |||||
2011-02-02 | s3: Fix a typo | Volker Lendecke | 1 | -1/+1 | |
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Wed Feb 2 14:58:52 CET 2011 on sn-devel-104 | |||||
2011-02-02 | s3-winbind: prefer dcerpc_samr_X functions in winbindd/winbindd_msrpc.c. | Günther Deschner | 1 | -24/+59 | |
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Wed Feb 2 14:14:43 CET 2011 on sn-devel-104 | |||||
2011-02-02 | s3-winbind: prefer dcerpc_samr_X functions in winbindd/winbindd_pam.c. | Günther Deschner | 1 | -13/+37 | |
Guenther | |||||
2011-02-02 | s3-winbind: prefer dcerpc_samr_X functions in winbindd/winbindd_rpc.c. | Günther Deschner | 1 | -58/+134 | |
Guenther | |||||
2011-02-02 | s3-winbind: prefer dcerpc_samr_X functions in winbindd/winbindd_samr.c. | Günther Deschner | 1 | -43/+92 | |
Guenther | |||||
2011-02-02 | s3-winbind: prefer dcerpc_samr_X functions in invalidate_cm_connection. | Günther Deschner | 1 | -3/+6 | |
Guenther | |||||
2011-02-02 | s3-winbind: prefer dcerpc_samr_X functions in cm_connect_sam. | Günther Deschner | 1 | -13/+35 | |
Guenther | |||||
2011-02-02 | s3-winbind: use status variable name in cm_connect_sam. | Günther Deschner | 1 | -33/+33 | |
Guenther | |||||
2011-02-02 | s3-selftest: Enable RPC-EPMAPPER tests. | Andreas Schneider | 1 | -1/+1 | |
Autobuild-User: Andreas Schneider <asn@cryptomilk.org> Autobuild-Date: Wed Feb 2 13:28:41 CET 2011 on sn-devel-104 | |||||
2011-02-02 | s3-smbd: Disable the endpoint mapper by default. | Andreas Schneider | 3 | -2/+32 | |
2011-02-02 | s3-smbd: Added a function to setup rpc services. | Andreas Schneider | 4 | -90/+411 | |
Move the complete setup of the rpc service to its own file and use callbacks to register at the endpoint mapper. | |||||
2011-02-02 | s3-rpc_server: Only allow registering endpoints on priviledged pipes. | Andreas Schneider | 1 | -4/+21 | |
2011-02-02 | s3-librpc: Added dcerpc_binding_vector_create function. | Andreas Schneider | 2 | -16/+107 | |
2011-02-02 | s3-librpc: Added dcerpc register endpoint functions. | Andreas Schneider | 3 | -0/+233 | |
2011-02-02 | s3-epmapper: Commented unimplemented functions. | Andreas Schneider | 1 | -4/+10 | |
2011-02-02 | s3-epmapper: Improved the epm_Map function. | Andreas Schneider | 1 | -44/+210 | |
2011-02-02 | s3-epmapper: Implemented epm_Lookup. | Andreas Schneider | 1 | -8/+327 | |
2011-02-02 | s3-epmapper: Implemented epm_LookupHandleFree. | Andreas Schneider | 1 | -5/+14 | |
2011-02-02 | s3-epmapper: Added arg to match uuid in build_ep_list(). | Andreas Schneider | 1 | -1/+16 | |
2011-02-02 | s3-epmapper: Added epm_Map function from Samba4. | Andreas Schneider | 1 | -4/+77 | |
2011-02-02 | s3-epmapper: Added epm_Delete function. | Andreas Schneider | 1 | -7/+87 | |
2011-02-02 | s3-epmapper: Added epm_Insert function. | Andreas Schneider | 1 | -8/+234 | |
2011-02-02 | s3-epmapper: Added a endpoint mapper skeleton. | Andreas Schneider | 3 | -1/+131 | |
2011-02-02 | s4:torture/rpc/netlogon: add invalid level tests for netr_LogonControl2 | Stefan Metzmacher | 1 | -0/+24 | |
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Wed Feb 2 12:43:32 CET 2011 on sn-devel-104 | |||||
2011-02-02 | s4:torture/rpc/netlogon: improve comments in test_LogonControl2() | Stefan Metzmacher | 1 | -12/+12 | |
metze | |||||
2011-02-02 | s4:torture/rpc/netlogon: test invalid netr_LogonControl() level | Stefan Metzmacher | 1 | -0/+7 | |
metze | |||||
2011-02-02 | s4:torture/rpc/netlogon: test invalid LogonSamLogon levels | Stefan Metzmacher | 1 | -0/+90 | |
This proves that the invalid parameter/info class checks need to be done before the credential chain checks. metze | |||||
2011-02-02 | s4:torture/rpc/netlogon: test validation levels 2 and 3 | Stefan Metzmacher | 1 | -1/+1 | |
metze | |||||
2011-02-02 | netlogon.idl: remove pointless union arms of netr_DELTA_UNION | Stefan Metzmacher | 1 | -16/+4 | |
These were just padding, which was needed as we didn't have 'ms_union' support. metze | |||||
2011-02-02 | netlogon.idl: use 'ms_union' as specified in [MS-NRPC] | Stefan Metzmacher | 1 | -0/+1 | |
metze | |||||
2011-02-02 | netlogon.idl: add missing [default]; union arms | Stefan Metzmacher | 1 | -0/+4 | |
metze | |||||
2011-02-02 | s3:rpc_server/netlogon: add _netr_LogonSamLogon_check() | Stefan Metzmacher | 1 | -14/+87 | |
We need to check for invalid parameters before we check for access denied. metze | |||||
2011-02-02 | s4:rpc_server/netlogon: add dcesrv_netr_LogonSamLogon_check() | Stefan Metzmacher | 1 | -10/+83 | |
We need to check for invalid parameters before we check for access denied. metze | |||||
2011-02-02 | s4:rpc_server/netlogon: set *r->out.authoritative = 1 even on ↵ | Stefan Metzmacher | 1 | -2/+3 | |
INVALID_PARAMETER/INFO_CLASS metze | |||||
2011-02-02 | s4:rpc_server/netlogon: return INVALID_INFO_CLASS for invalid ↵ | Stefan Metzmacher | 1 | -1/+1 | |
netr_Validation levels metze | |||||
2011-02-02 | replace: Try to fix broken sys/capabilites.h on Linux. | Andreas Schneider | 3 | -1/+6 | |
As this is more or less a broken header we need to include linux/types.h before sys/capabilities.h to avoid redefinitions. Autobuild-User: Andreas Schneider <asn@cryptomilk.org> Autobuild-Date: Wed Feb 2 11:57:04 CET 2011 on sn-devel-104 | |||||
2011-02-02 | s4/samba-tool: Add --sync-forced flag to 'drs replicate' command | Kamen Mazdrashki | 1 | -1/+4 | |
We are going to need this to trigger replication when inbound replication is disabled for a given DC Autobuild-User: Kamen Mazdrashki <kamenim@samba.org> Autobuild-Date: Wed Feb 2 09:03:22 CET 2011 on sn-devel-104 | |||||
2011-02-02 | s4-dsdb Add tests to ensure we don't break the rootDSE function levels again | Andrew Bartlett | 1 | -0/+33 | |
This both checks that the levels make sense, and they match what they should be based on in the DB. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Wed Feb 2 06:09:53 CET 2011 on sn-devel-104 | |||||
2011-02-02 | s4-dsdb Fix generation of rootDSE domainControllerFunctionality | Andrew Bartlett | 1 | -1/+3 | |
The issue here is that when the samdb calls were removed, this call relied on going back to the top of the module stack, so as to re-enter the rootDSE search handler. It makes more sense to check the @ROOTDSE record directly, and therefore not to invoke the search() handler during the init. Andrew Bartlett | |||||
2011-02-02 | wintest Return debug info when dcpromo fails from the log | Andrew Bartlett | 1 | -1/+11 | |
2011-02-02 | s4-waf Don't install any Samba packages into PYTHONDIR | Andrew Bartlett | 3 | -4/+4 | |
This causes the parts of Samba installed into PYTHONARCHDIR to then be missed in mixed python/C module namespaces. Andrew Bartlett | |||||
2011-02-02 | s4-python Remove manipuation of python path from samba module | Andrew Bartlett | 1 | -2/+1 | |
This manipulation should be done by top level scripts, otherwise we won't find samba in the first place (and these can be munged correctly for the install). Andrew Bartlett | |||||
2011-02-02 | s4-python Ensure we add the Samba python path first. | Andrew Bartlett | 16 | -16/+16 | |
This exact form of the construction is important, and we match on it in the installation scripts. Andrew Bartlett | |||||
2011-02-02 | waf: Replace python installation rule to allow PYTHONARCHDIR and PYTHONDIR | Andrew Bartlett | 1 | -7/+23 | |
The old rule could only substitute one part of one line, but we need to add a second line to handle when PYTHONDIR and PYTHONARCHDIR do not match. This also avoids shelling out to sed with a regex, which was difficult to read. Andrew Bartlett | |||||
2011-02-02 | s4-python Remove unused missing.py (used by old build system) | Andrew Bartlett | 1 | -17/+0 | |
2011-02-02 | Remove unused installmisc.sh script, from old build system | Andrew Bartlett | 1 | -98/+0 | |