summaryrefslogtreecommitdiff
path: root/source4/libnet
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r11995: A big kerberos-related update.Andrew Bartlett1-0/+35
This merges Samba4 up to current lorikeet-heimdal, which includes a replacement for some Samba-specific hacks. In particular, the credentials system now supplies GSS client and server credentials. These are imported into GSS with gss_krb5_import_creds(). Unfortunetly this can't take an MEMORY keytab, so we now create a FILE based keytab as provision and join time. Because the keytab is now created in advance, we don't spend .4s at negprot doing sha1 s2k calls. Also, because the keytab is read in real time, any change in the server key will be correctly picked up by the the krb5 code. To mark entries in the secrets which should be exported to a keytab, there is a new kerberosSecret objectClass. The new routine cli_credentials_update_all_keytabs() searches for these, and updates the keytabs. This is called in the provision.js via the ejs wrapper credentials_update_all_keytabs(). We can now (in theory) use a system-provided /etc/krb5.keytab, if krb5Keytab: FILE:/etc/krb5.keytab is added to the secrets.ldb record. By default the attribute privateKeytab: secrets.keytab is set, pointing to allow the whole private directory to be moved without breaking the internal links. (This used to be commit 6b75573df49c6210e1b9d71e108a9490976bd41d)
2007-10-10r11815: A bit more comments and spaces for better readability.Rafal Szczesniak2-1/+11
rafal (This used to be commit 1e831aead17b399289b8161e521e1afd5873c556)
2007-10-10r11813: Const-ify name resolution method list and use string listRafal Szczesniak2-11/+2
utilities to set the context field. rafal (This used to be commit 5da8b457c34236b21f6e88e3a7a12338d0390a4f)
2007-10-10r11794: - fixed a valgrind error in libnet, caused by using a stack variableAndrew Tridgell3-10/+8
after the function has returned (the *address variable was assigned into the state). - changed libnet to use event_context_find() instead of event_context_init(), so it works as a child of existing code that uses a event context (This used to be commit 47ceb2d3558304b4c4fb00582fb25a885cea2ef5)
2007-10-10r11750: More comments.Rafal Szczesniak1-3/+4
(This used to be commit d277b13ced0983d67b22d78e06d692a966e3c6f1)
2007-10-10r11749: 1) Buffer allocation's been moved and isn't needed here.Rafal Szczesniak1-3/+1
2) Connect to a server instead of pdc after locating it. rafal (This used to be commit a7bf9ada34c31f26d13c1575de2ec79ea5948a71)
2007-10-10r11747: Move buffer allocation to libnet_Lookup function so that theRafal Szczesniak1-1/+6
caller is not required to ensure it. rafal (This used to be commit 85456e6c0b50540d9f6ae15a460148a328cf002c)
2007-10-10r11708: Fix allocation of too small buffer to hold ip address.Rafal Szczesniak1-1/+1
Thanks metze for catching that. rafal (This used to be commit 5114ef8d1cc9b6f2206463d4ba76653669728403)
2007-10-10r11705: Fix segfaulting create user function.Rafal Szczesniak1-0/+4
rafal (This used to be commit 6b0c083c9b714bf25709e1db3b2113eb8305e8ef)
2007-10-10r11567: Ldb API change patch.Simo Sorce1-7/+8
This patch changes the way lsb_search is called and the meaning of the returned integer. The last argument of ldb_search is changed from struct ldb_message to struct ldb_result which contains a pointer to a struct ldb_message list and a count of the number of messages. The return is not the count of messages anymore but instead it is an ldb error value. I tryed to keep the patch as tiny as possible bu as you can guess I had to change a good amount of places. I also tried to double check all my changes being sure that the calling functions would still behave as before. But this patch is big enough that I fear some bug may have been introduced anyway even if it passes the test suite. So if you are currently working on any file being touched please give it a deep look and blame me for any error. Simo. (This used to be commit 22c8c97e6fb466b41859e090e959d7f1134be780)
2007-10-10r11410: Fix rejoin as a BDC by modifying, rather than trying to recreate, theAndrew Bartlett1-2/+37
server reference. Andrew Bartlett (This used to be commit 302219928f47cdc3822c3a7d9444339092d9d33c)
2007-10-10r11409: The use of 'password server = ' here is still bogus, but for now atAndrew Bartlett1-0/+2
least don't allow binding to become uninitialised. Andrew Bartlett (This used to be commit e754234a17ebc601720caa66a229d9a842dfebda)
2007-10-10r11407: Push 'recreate account' logic into libnet/libnet_join.c. We don'tAndrew Bartlett2-2/+34
return the pesky USER_EXISTS 'error' code any more, and it is much easier to handle this inline. Andrew Bartlett (This used to be commit a7eb796cf544db3fe16986d8e233d2defe7a7d1b)
2007-10-10r11382: Require number of required M4 macrosJelmer Vernooij1-0/+3
Make MODULE handling a bit more like BINARY, LIBRARY and SUBSYSTEM Add some more PUBLIC_HEADERS (This used to be commit 875eb8f4cc658e6aebab070029fd499a726ad520)
2007-10-10r11377: Add support for building LIBRARY elements as shared libraries:Jelmer Vernooij1-1/+4
- Adds -rpath bin/ so you don't have to install Samba in order to use compiled binaries. - Writes out pkg-config files when building shared libs - Supports automatic fallback to MERGEDOBJ (which is the default) or OBJ_LIST (if ld -r is not supported) Building with shared libs reduces the size of the Samba binaries from 197 Mb to 60 Mb (including libraries) on my system (GCC4, with debugging). To build with shared libraries support enabled, run: LIBRARY_OUTPUT_TYPE=SHARED_LIBRARY ./config.status init functions don't get called correctly yet when using shared libs, so you won't be able to actually run anything with success :-) Once init functions are done, I'll look at support for loading shared modules once again. Based on a patch by Peter Novodvorsky (nidd on IRC). (This used to be commit 0b54405685674a2b19a28d77aae5b1136b5a4728)
2007-10-10r11349: Actually add all the new spns...Andrew Bartlett1-12/+6
Andrew Bartlett (This used to be commit 63eede2ad3f0238e1a925325c0be08d79f48c33b)
2007-10-10r11348: Fixes for 'net join':Andrew Bartlett1-18/+19
- Add more servicePrincipalNames - Always add them, not just for BDC accounts, and not just the first time the account is created (it might be an upgrade from an NT4 account). This should fix us for being a domain member in ADS again. (This used to be commit 3821821d4cb459edd331d40be8b84b3c82616a0a)
2007-10-10r11287: Understand the new behaviour of the LSA pipe on ncacn_ip_tcp in ↵Andrew Bartlett1-48/+66
Win2k3 SP1. Only a few operations are supported (LookupSids3 and LookupNames4), and these are only supported under schannel. This appears to be the operations Win2k3 SP1 uses to verify part of the PAC back to the server. The test is setup to pass, but not enforce (so far) this new behaviour. Andrew Bartlett (This used to be commit e15e39866e9775ba662f669a19836d33f7633f6f)
2007-10-10r11244: Relative path names in .mk filesJelmer Vernooij1-14/+14
(This used to be commit 24e10300906c380919d2d631bfb3b8fd6b3f54ba)
2007-10-10r11214: Remove scons files (see ↵Jelmer Vernooij1-6/+0
http://lists.samba.org/archive/samba-technical/2005-October/043443.html) (This used to be commit 7fffc5c9178158249be632ac0ca179c13bd1f98f)
2007-10-10r11197: indentAndrew Bartlett1-2/+2
(This used to be commit a432ba105cbf2ea7b9010365c0a7d1dcc9ff5f7f)
2007-10-10r11094: Connect to SAM, implement getdcnameVolker Lendecke1-1/+1
(This used to be commit a14398715eceecf204caf815a8769ba8214d0576)
2007-10-10r10913: This patch isn't as big as it looks ...Andrew Tridgell1-3/+3
most of the changes are fixes to make all the ldb code compile without warnings on gcc4. Unfortunately That required a lot of casts :-( I have also added the start of an 'operational' module, which will replace the timestamp module, plus add support for some other operational attributes In ldb_msg_*() I added some new utility functions to make the operational module sane, and remove the 'ldb' argument from the ldb_msg_add_*() functions. That argument was only needed back in the early days of ldb when we didn't use the hierarchical talloc and thus needed a place to get the allocation function from. Now its just a pain to pass around everywhere. Also added a ldb_debug_set() function that calls ldb_debug() plus sets the result using ldb_set_errstring(). That saves on some awkward coding in a few places. (This used to be commit f6818daecca95760c12f79fd307770cbe3346f57)
2007-10-10r10894: make the handling of dn/distinguishedName much closer to realAndrew Tridgell1-5/+2
ldap. Also ensure we put a objectclass on our private ldb's, so they have some chance of being stored in ldap if you want to (This used to be commit 1af2cc067f70f6654d08387fc28def67229bb06a)
2007-10-10r10810: This adds the hooks required to communicate the current user from theAndrew Bartlett2-3/+3
authenticated session down into LDB. This associates a session info structure with the open LDB, allowing a future ldb_ntacl module to allow/deny operations on that basis. Along the way, I cleaned up a few things, and added new helper functions to assist. In particular the LSA pipe uses simpler queries for some of the setup. In ldap_server, I have removed the 'ldasrv:hacked' module, which hasn't been worked on (other than making it continue to compile) since January, and I think the features of this module are being put into ldb anyway. I have also changed the partitions in ldap_server to be initialised after the connection, with the private pointer used to associate the ldb with the incoming session. Andrew Bartlett (This used to be commit fd7203789a2c0929eecea8125b57b833a67fed71)
2007-10-10r10701: Ensure we return the right user handle.Andrew Bartlett1-2/+2
Andrew Bartlett (This used to be commit 732b247a498e0b90b9f0c711baaac51ad6402496)
2007-10-10r10696: Return the realm to the caller, not NULL...Andrew Bartlett1-2/+1
Also return an indication of if the join was of a new account, or reworking an existing account. Andrew Bartlett (This used to be commit b6e4b36c4f1f90e42dd0543538956a1d89e3724b)
2007-10-10r10679: Monitor messages should be issued from usermod functions.Rafal Szczesniak2-8/+52
Also a bit of formatting. rafal (This used to be commit 1fefca2c172085d6bc05bfac1c10e52066e42606)
2007-10-10r10633: Formatting.Rafal Szczesniak1-3/+4
rafal (This used to be commit 0e45dc3bac0e699b2da5b7f8df9d4bf7bd80a0f5)
2007-10-10r10631: Formatting.Rafal Szczesniak1-3/+3
rafal (This used to be commit 426797f7b0d0321f6842db0b8d94c193726e8008)
2007-10-10r10586: Add MergedObject() builder. Default to Library() ratherJelmer Vernooij1-1/+1
then StaticLibrary() (This used to be commit b53313dc517986c69a4e4cb8fe3885b696f8faa1)
2007-10-10r10566: Clean up error messages to provide more accurate info.Andrew Bartlett1-5/+10
Andrew Bartlett (This used to be commit 640815008b78ca19a73beb523e6823dd61feffa5)
2007-10-10r10504: - seperate implementation specific stuff, from the generic compositeStefan Metzmacher5-65/+72
stuff. - don't use SMBCLI_REQUEST_* state's in the genreic composite stuff - move monitor_fn to libnet. NOTE: I have maybe found some bugs, in code that is dirrectly in DONE or ERROR state in the _send() function. I haven't fixed this bugs in this commit! We may need some composite_trigger_*() functions or so. And maybe some other generic helper functions... metze (This used to be commit 4527815a0a9b96e460f301cb1f0c0b3964c166fc)
2007-10-10r10486: This is a merge of Brad Henry's 'net join' rework, to better performAndrew Bartlett5-372/+921
an ADS join, particularly as a DC. This represents the bulk of his Google SOC work, and I'm very pleased to intergrate it into the tree. (Metze will intergrate the DRSUAPI work later). Both metze and myself have also put a lot of time into this patch, and in mentoring Brad in general. In return, Brad has been a very good student, and has taken the comments well. Since it's last appearance on samba-technical@, I have made correctness and valgrind fixups, as well as adding a new 'BINDING' mode to the libnet_rpc routines. This allows the exact binding string to be passed down from the torture code, including options and exact target host. Andrew Bartlett (This used to be commit d6fa105fdabbeb83a9b0e50dad49d1649afdb2a4)
2007-10-10r10348: Add scons scripts for remaining subsystems. Most subsystems build now,Jelmer Vernooij1-1/+0
but final linking still fails (as does generating files asn1, et, idl and proto files) (This used to be commit 4f0d7f75b99c7f4388d8acb0838577d86baf68b5)
2007-10-10r10336: Add sconscript for a couple more subsystems.Jelmer Vernooij1-0/+7
(This used to be commit 59d4450453c25f5cce9b67b808ff0c4433c1d194)
2007-10-10r9994: Unused variable.Tim Potter1-1/+0
(This used to be commit ce4902f8dea2b6f3568960278e08395ea3927146)
2007-10-10r9792: Rename StrCaseCmp -> strcasecmp_m. All these years I was thinkingJelmer Vernooij1-1/+1
StrCaseCmp was sys_strcasecmp, while it is in fact strcasecmp_m! (This used to be commit 200a8f6652cb2de7a8037a7a4c2a204b50aee2b1)
2007-10-10r9654: introduce the samdb_search_dn callSimo Sorce1-5/+3
(This used to be commit 333ebb40d55c60465564b894d5028b364e99ee00)
2007-10-10r9643: fixed samsync code for the new dn explode semanticsAndrew Tridgell1-17/+15
(This used to be commit 96298af202f994c3d5d0c7f5dacd1197a740f766)
2007-10-10r9392: Fix ldb_dn_compose to make build farm happySimo Sorce1-15/+6
Add ldb_dn_string_compose so that you can build a dn starting from a struct ldb_dn base and a set of parameters to be composed in a format string with the same syntax of printf (This used to be commit 31c69d0655752cc8ea3bc5b7ea87792291302091)
2007-10-10r9391: Convert all the code to use struct ldb_dn to ohandle ldap like ↵Simo Sorce2-54/+92
distinguished names Provide more functions to handle DNs in this form (This used to be commit 692e35b7797e39533dd2a1c4b63d9da30f1eb5ba)
2007-10-10r9309: Incorrect null pointer check in return from talloc.Steve French1-1/+1
Found by coverity. (This used to be commit bafd3afbef9b8d3a8baa55d4b31cc62bfeeed459)
2007-10-10r9090: Another field in usermod function - account flags.Rafal Szczesniak2-0/+7
rafal (This used to be commit f0d51b78c040937bd27857c063fae215a3f0f465)
2007-10-10r9037: New fields in usermod function - allow_password_change andRafal Szczesniak2-0/+15
force_password_change datetime. rafal (This used to be commit dfa2cc6c4ed8273b1d3ee604954c81c75f0890bd)
2007-10-10r8981: Add comments, fix typos (in attribute names) and check for errors inAndrew Bartlett2-8/+39
SamSync and 'net join'. Andrew Bartlett (This used to be commit 257240b0e29da14f7a2e660182b367304a5fa530)
2007-10-10r8974: Support makefile fragments in .mk filesJelmer Vernooij1-1/+0
(This used to be commit 8d9c18a1b4cf31ebae1d0c84b00b4d781f55de66)
2007-10-10r8970: Add 'ADS' join support to Samba4.Andrew Bartlett2-4/+71
We now fill in the servicePrincipalName over LDAP, just like XP does, and store the kvno in our local db. Andrew Bartlett (This used to be commit 5547c4e6f6a0c163aa38fa4d4ed8c627ae12bf80)
2007-10-10r8952: Partial work commit to find the DN of the new machine account - weAndrew Bartlett2-2/+109
will use ldb to add servicePrincipalNames to this. Andrew Bartlett (This used to be commit c1f8cab3e3d3eaf4af372675656fe1a4da68a9f8)
2007-10-10r8904: Split off the query stage as a separate function.Rafal Szczesniak1-5/+33
rafal (This used to be commit bbe7e726af8c61108a7bca1e10e9340bbe37f3ef)