Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
memory leaks.
|
|
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
with the latest bind9 nsupdate, we need to be able to control if the
ticket we use is forwardable
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
This ensures we get whenChanged, which is needed by the s3 winbind
code to ensure we don't repeatedly try to change the password
|
|
|
|
this converts all callers that use the Samba4 loadparm lp_ calling
convention to use the lpcfg_ prefix.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
Using "#!/usr/bin/env python" is more portable. It still isn't ideal
though, as we should really use the python path found at configure
time. We do that in many places already, but some don't.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
setUp methods are called, fix formatting.
|
|
Otherwise it could remain uninitialised.
|
|
We perhaps need a more general API here, but for now extend the
credentials API to return the password last changed time that the
s3compat layer will need.
Andrew Bartlett
|
|
This allows us to tell the credentials code where we want the
credentials put.
Andrew Bartlett
|
|
This means that we consider the ccache only as reliable as the least
specified of the inputs we used.
This means that we will regenerate the ccache if any of the inputs change.
Andrew Bartlett
|
|
Andrew Bartlett
|
|
the talloc python interface for tp_alloc and tp_dealloc relies on a
cast to a py_talloc_Object to find the talloc_ctx (see
py_talloc_dealloc). This means we rely on the talloc_ctx for the
object being directly after the PyObject_HEAD
This fixes the talloc free with references bug in samba_dnsupdate
The actual problem was the tp_alloc() call in
PyCredentialCacheContainer_from_ccache_container() which used a cast
from a py_talloc_Object to a PyCredentialCacheContainerObject. That
case effectively changed the parent/child relationship between the
talloc_ctx and the ccc ptr.
This patch changes all the structures that follow this pattern to put
the TALLOC_CTX directly after the PyObject_HEAD, to ensure that if
anyone else decides to do a dangerous cast like this that it won't
cause the same sort of subtle breakage.
Pair-Programmed-With: Rusty Russell <rusty@samba.org>
|
|
use nt_errstr() when no error available
|
|
A torture test to demonstrate will be added soon.
Andrew Bartlett
|
|
This isn't used often, but it is generally better not to leak it onto
what may be a longer-term context.
Andrew Bartlett
|
|
|
|
we won't be using the mk -> wscript generator again
|
|
them
|
|
|
|
This macro assumed that all errors were runtime errors.
|
|
When we have a system talloc library, we still need to grab pytalloc.h
from lib/talloc. We don't want to just use -Ilib/talloc, as otherwise
we'll get the in-tree talloc.h which may not be compatible with the
system talloc.h
So we need to give the path to pytalloc.h
|
|
Now all data should be initialised
|
|
This should allow these to be manipulated by python scripts that need
encrypted connections.
Andrew Bartlett
|
|
We need to be able to give sensible error messages when a kerberos
calls fails. This propogates the kerberos error up the stack to the
caller.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
This allows the integration of external tools that can't be linked
into C or python, but need to authenticate as the local machine
account.
The machineaccountccache script demonstrates this, and debugging has
been improved in cli_credentials_set_secrets() by passing back and
error string.
Andrew Bartlett
|
|
"nt_response" structures
In some cases those structures are not initialised and the whole authentication
system crashes with a SIGSEGV. Bug discovered by Matthieu Patou in bug #6755.
|
|
This was needed only by Python 2.3 which we no longer support.
|
|
|
|
This avoids trouble when the secrets.ldb is updated with ldbedit but
an smb.conf is not specified.
Andrew Bartlett
|
|
If we don't include Python.h first then we get a pile of warnings due
to broken redefines of XOPEN_SOURCE in the Python includes.
|
|
|
|
This should fix bug #6755.
|
|
|
|
|
|
904d0124b46eed7a8ad6e5b73e892ff34b6865ba)
Also including the supporting changes required to pass make test
A number of heimdal functions and constants have changed since we last
imported a tree (for the better, but inconvenient for us).
Andrew Bartlett
|
|
|
|
than linking against the python module.
|
|
In particular, this is the rename from creds_ to netlogon_creds_, as
well as other links to use the new common crypto.
Andrew Bartlett
|
|
metze
|
|
metze
|
|
metze
|
|
|
|
since this will not be shipped with talloc/tdb/tevent/etc.
|
|
|
|
|
|
list=""
list="$list event_context:tevent_context"
list="$list fd_event:tevent_fd"
list="$list timed_event:tevent_timer"
for s in $list; do
o=`echo $s | cut -d ':' -f1`
n=`echo $s | cut -d ':' -f2`
r=`git grep "struct $o" |cut -d ':' -f1 |sort -u`
files=`echo "$r" | grep -v source3 | grep -v nsswitch | grep -v packaging4`
for f in $files; do
cat $f | sed -e "s/struct $o/struct $n/g" > $f.tmp
mv $f.tmp $f
done
done
metze
|
|
|