summaryrefslogtreecommitdiff
path: root/source3/include
AgeCommit message (Collapse)AuthorFilesLines
2008-05-26Add function is_dc_trusted_domain_situation().Michael Adam1-0/+1
This is like is_trusted_domain_situation() except that it does not check for lp_allow_trusted_domains(). Michael (This used to be commit a284c8843528972904d142b573f1170a08c97751)
2008-05-25Move ber_[read|write]_OID_String protypes to proto.hVolker Lendecke1-0/+2
(This used to be commit 2dbbd81677af9c470ee9370ca5414876d21c6b9b)
2008-05-25Remove the reference to current_user_info from share_access.cVolker Lendecke1-1/+4
This required to pass around the domain a bit (This used to be commit 17b0db20d28d1b737c5e86b78106657e8ca5ce9c)
2008-05-23drsuapi: add all code required for our drsuapi rpc client.Günther Deschner2-1/+5
Guenther (This used to be commit 7c93190843e77764be4d0f6d4f0b93061c192c98)
2008-05-23Manually merge Steven Danneman's patch for SPNEGO auth to a trustedGerald W. Carter1-1/+3
Win2008 domain (merged from v3-0-test). commit 8dc4e979776aae0ecaa74b51dc1eac78a7631405 Author: Steven Danneman <sdanneman@isilon.com> Date: Wed May 7 13:34:26 2008 -0700 spnego SPN fix when contacting trusted domains cli_session_setup_spnego() was not taking into consideration the situation where we're connecting to a trusted domain, specifically one (like W2K8) which doesn't return a SPN in the NegTokenInit. This caused two problems: 1) When guessing the SPN using kerberos_get_default_realm_from_ccache() we were always using our default realm, not the realm of the domain we're connecting to. 2) When falling back on NTLMSSP for authentication we were passing the name of the domain we're connecting to for use in our credentials when we should be passing our own workgroup name. The fix for both was to split the single "domain" parameter into "user_domain" and "dest_realm" parameters. We use the "user_domain" parameter to pass into the NTLM call, and we used "dest_realm" to create an SPN if none was returned in the NegTokenInit2 packet. If no "dest_realm" is provided we assume we're connecting to our own domain and use the credentials cache to build the SPN. Since we have a reasonable guess at the SPN, I removed the check that defaults us directly to NTLM when negHint is empty. (This used to be commit b78b14c88e8354aadf9ba7644bdb1c29245fe419)
2008-05-22rpc_client: make rpc_pipe_open_tcp_port and rpc_pipe_get_tcp_port static.Michael Adam1-7/+0
Slim the interface... Michael (This used to be commit 9971118c23900d81e885a013e738a67df790c90c)
2008-05-22rpc_client: use endpoint mapper to get the port for rpc_pipe_open_tcp().Michael Adam1-1/+7
Michael (This used to be commit f7db445c828c0eef2c08b538bd07d485dc248689)
2008-05-21Compile endpoint mapper pidl outputVolker Lendecke2-1/+5
(This used to be commit fe8f9e427af3eb42d63fde96c4fe20a255facb95)
2008-05-21Add client support for NCACN_UNIX_STREAMVolker Lendecke1-0/+3
(This used to be commit 24ac40518f79fd480baaedc1d42f3b6fe8ea1c94)
2008-05-21rpccli_schannel_bind_data only needs the schannel keyVolker Lendecke1-1/+1
(This used to be commit be5d54a363a57113e494202a2d22dd9bbcf13b41)
2008-05-21Rename rpc_pipe_client.tcp.sock to rpc_pipe_client.sock.fdVolker Lendecke1-2/+2
(This used to be commit 2ff908a902ec857856518eaddb5246dd5067063d)
2008-05-20Cleanup size_t return values in callers of convert_string_allocateTim Prouty1-13/+20
This patch is the second iteration of an inside-out conversion to cleanup functions in charcnv.c returning size_t == -1 to indicate failure. (This used to be commit 6b189dabc562d86dcaa685419d0cb6ea276f100d)
2008-05-19Remove conn_find_byname now it's no longer used inJeremy Allison1-1/+0
the msdfs.c code. Jeremy (This used to be commit 54556df561d03d30b2fc21b9eaabe56b8c758301)
2008-05-18build: freeze proto.hMichael Adam1-0/+10475
Michael (This used to be commit ff7f0cad2eb108daa61a910cd9171ab0811a5f60)
2008-05-16Simplify fake_file logicVolker Lendecke3-15/+5
(This used to be commit 93111ea0a1191e8547ad6cf112e2699d3bb3799b)
2008-05-10Remove "user" from connection_structVolker Lendecke1-1/+0
(This used to be commit 368454a27cb53a408ec416cbf37235b304592fb5)
2008-05-10Add a comment explaining server_info in connection_structVolker Lendecke1-0/+4
(This used to be commit 35438a940734340d5d6389ae0551fe3c25902f93)
2008-05-10Remove the unix token info from connection_structVolker Lendecke1-8/+0
(This used to be commit 2834dacc8d49f77fe55fb5d7e3eb2dda431d1d3d)
2008-05-10Replace nt_user_token with server_info in connection_structVolker Lendecke1-1/+1
(This used to be commit a3738aef59e97d4533010b048534d937d36c0950)
2008-05-10Next try at making the vuid cache circularVolker Lendecke1-1/+1
Jeremy, please check! (This used to be commit a34f73521712e3820d417f0d9ed811723b7681d6)
2008-05-10Add "server_info" to connection_structVolker Lendecke1-0/+2
This will replace all the user identity stuff in connection_struct, for now it is just a source where the other fields in connection_struct are filled from. (This used to be commit 0f53f9e7db9f99f239c4d0950452d0e2cde2ae8b)
2008-05-10Remove unused "force_group" from connection_structVolker Lendecke1-1/+0
(This used to be commit 03944f8d8934cff74e19fc036f7611c1491e0d57)
2008-05-10net: Remove globalsKai Blin1-2/+4
(This used to be commit 1e9319cf88b65a2a8d4f5099a1fe5297e405ed2e)
2008-05-08Yay ! Remove a VFS entry. Removed the set_nt_acl() call,Jeremy Allison3-15/+3
this can only be done via fset_nt_acl() using an open file/directory handle. I'd like to do the same with get_nt_acl() but am concerned about efficiency problems with "hide unreadable/hide unwritable" when doing a directory listing (this would mean opening every file in the dir on list). Moving closer to rationalizing the ACL model and maybe moving the POSIX calls into a posix_acl VFS module rather than having them as first class citizens of the VFS. Jeremy. (This used to be commit f487f742cb903a06fbf2be006ddc9ce9063339ed)
2008-05-07Rename server_info->was_mapped to server_info->nss_tokenVolker Lendecke1-1/+5
"nss_token" from my point of view much better reflects what this flag actually represents (This used to be commit b121a5acb2ef0bb3067d953b028696175432f10d)
2008-05-05Merge branch 'v3-3-test' of ssh://jra@git.samba.org/data/git/samba into ↵Jeremy Allison1-10/+0
v3-3-test (This used to be commit bb8f098cdfd902bbb36426df2c4f8532881b3fcd)
2008-05-05Try and fix bug #5095, "Manage Documents privilege is not functional".Jeremy Allison1-4/+5
Should map the created sd to printer jobs, not printer. Jerry please test and I'll add to 3.2 if it passes. Thanks, Jeremy. (This used to be commit 0a1fe8d6013d925ab6695f6b7f189b731ec42ccc)
2008-05-05Remove unused dir_status_structVolker Lendecke1-10/+0
(This used to be commit 425ca59cce886daed0d6c63fe4382aee140c9518)
2008-05-05Remove "userdom_struct user" from "struct user_struct"Volker Lendecke2-3/+9
(This used to be commit 420de035237bb08bc470c9eb820f3da2edaa6805)
2008-05-05Remove "session_key" from "struct user_struct"Volker Lendecke1-2/+0
This one took a bit -- I hope I covered all data paths (This used to be commit 74c88a44422f88d6e2f2cdbfdfa0bafe0dbe06c4)
2008-05-05Remove "guest" from "struct user_struct"Volker Lendecke1-2/+0
(This used to be commit 570a6b80feb5b0dc23213ba936c721e766cd4818)
2008-05-05Remove the unix token info from "struct user_struct"Volker Lendecke1-7/+0
(This used to be commit aa2299d42adf4d27e707ac755e07be70d0af1bb4)
2008-05-05Remove "nt_user_token" from "struct user_struct"Volker Lendecke1-2/+0
(This used to be commit 51d5d512f28eadc74eced43e5e7f4e5bdff3ff69)
2008-05-05Remove "logon_script" from "struct user_struct"Volker Lendecke1-2/+1
(This used to be commit b36fd84186a656f86e4cfb9166fc0ecbffb422cb)
2008-05-05Remove unix_homedir from struct user_structVolker Lendecke2-2/+0
This makes pdb_get_unix_homedir unused. I wonder if that was ever really used... (This used to be commit 36bfd32f1ff878e827db91e9bf233719ecca5b01)
2008-05-05Remove "homedir" from "struct user_struct"Volker Lendecke1-1/+0
(This used to be commit 41f9afd62d8cc6067582d452f3d53a5c67253b69)
2008-05-05pipes_struct->pipe_user_name is unused, remove itVolker Lendecke1-1/+0
(This used to be commit 32cd4bf34b614f7bb0b05a7ae5d7eb51d208a7c7)
2008-05-05Fix client authentication with -P switch in client tools (Bug 5435).Günther Deschner1-0/+1
Guenther (This used to be commit d077ef64cd1d9bbaeb936566c2c70da508de829f)
2008-05-05Remove connection_struct->mem_ctx, connection_struct is its own parentVolker Lendecke1-1/+0
(This used to be commit 559180f7d30606d1999399d954ceedc798c669a4)
2008-05-02Remove the "stat_open()" function, flag, and all associated code. It was onlyJeremy Allison1-1/+0
being (correctly) used in the can_read/can_write checks for hide unreadable/unwritable and this is more properly done using the functions in smbd/file_access.c. Preparing to do NT access checks on all file access. Jeremy. (This used to be commit 6bfb06ad95963ae2acb67c4694a98282d3b29faa)
2008-04-30ntlmssp: replace UNKNOWN_02000000 with NTLMSSP_NEGOTIATE_VERSION.Günther Deschner1-1/+1
Guenther (This used to be commit 2c41d69bcf6f0897ef9d444a8f167aff1772d562)
2008-04-29errors: add WERR_NOT_FOUND.Günther Deschner1-0/+1
Guenther (This used to be commit b9ac03bdfa5763c713674acd966ab5d4371992a5)
2008-04-26Fix bug 5419: memory leak in ads_do_search_all_args() when enumerating 1000s ↵Steven Danneman1-0/+2
of entries The ads_do_search_all_args() function attempts to string together several LDAPMessage structures, returned across several paged ldap requests, into a single LDAPMessage structure. It does this by pulling entries off the second LDAPMessage structure and appending them to the first via the OpenLDAP specific ldap_add_result_entry() call. The problem with this approach is it skips non-entry messages such as the result, and controls. These messages are leaked. The short term solution as suggested by Volker is to replace the ads_*_entry() calls with ads_*_message() calls so we don't leak any messages. This fixes the leak but doesn't remove the dependence on the OpenLDAP specific implementation of ldap_add_result_entry(). (This used to be commit f1a5405409c396df394611e2a234522572d2860a)
2008-04-25errors: add WERR_INVALID_DOMAINNAME.Günther Deschner1-0/+1
Guenther (This used to be commit b11a5e70d38239fb50ba4606656e2168cc398a12)
2008-04-25Introduce a redirection for ncacn_np and ncacn_ip_tcp in rpc_pipe_clientVolker Lendecke1-3/+11
Should be no functional change, just a change in the data structure (This used to be commit 3433f430b0c1f7d350a40eac783385a2d30d905c)
2008-04-25Make use of rpccli_xxx_bind_dataVolker Lendecke1-1/+0
(This used to be commit f9bc336affd2ce21a3c62880ecea2622f35653d1)
2008-04-25Move user/domain from rpc_pipe_client to cli_pipe_auth_dataVolker Lendecke1-3/+4
(This used to be commit 42de50d2cd43e760d776694f7b5f003ba51d7f84)
2008-04-25Refactoring: Make cli_pipe_auth_data a pointer off rpc_pipe_clientVolker Lendecke1-1/+1
(This used to be commit f665afaaa3eff9ef54112e08ed034a6e1bb30edc)
2008-04-21Remove the "pwd" struct from rpc_pipe_clientVolker Lendecke1-1/+0
The only user of this was decrypt_trustdom_secret, and this only needs the NT hash anyway. (This used to be commit 3d8c2a47e677a4c4aacf4abf148b1bd8163c3351)
2008-04-21cldap: avoid duplicate definitions so remove ads_cldap.h.Günther Deschner2-61/+0
Guenther (This used to be commit 538eefe22ad69540b9f73ffaa613d6be045de199)