summaryrefslogtreecommitdiff
path: root/source4/scripting/ejs
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r13710: fix compiler warningsStefan Metzmacher3-7/+7
metze (This used to be commit 6ee7de9bbf6ff55221fc8e3a6f467e69e564e2e1)
2007-10-10r13655: Use new name of build headerJelmer Vernooij1-1/+1
(This used to be commit bca0e8054f6d9c7adc9d92e0c30d4323f994c9e9)
2007-10-10r13369: let's have a way to show the samba4 version through ejsSimo Sorce1-0/+11
and use it in provisioning to fullfill rfc 3045 requirements (This used to be commit 3fb9571a76481560304a826fc945983d52123299)
2007-10-10r13018: Fix (correct) warning about mixing C/js interface function types. IAndrew Bartlett1-1/+1
don't use the arguments, but you must connect as the right type anyway. Andrew Bartlett (This used to be commit f50186e9306714b25ae8f92eff9a3e95ad706274)
2007-10-10r12997: Feed the right event context to libnet in ejsnet and the auth code.Andrew Bartlett2-11/+22
This should give better behaviour in SWAT. Fix authentication as Samba, rather than System, users in SWAT. Andrew Bartlett (This used to be commit 498d72c4ad4d57d10f43ca58830d6ee8292a55f4)
2007-10-10r12931: Remove some prefixes. We have:Andrew Bartlett1-2/+1
Login failed: Login Failed: Logon failure - please try again In SWAT currently... Andrew Bartlett (This used to be commit 51eded818093320e7d6b9e95ad11fa21a81c3f93)
2007-10-10r12928: This patch improves the interaction between the vampire and provsion ↵Andrew Bartlett1-1/+6
code. Previously, we had to know (or guess) the host and domain guid at the provision stage. Now we query the database post-provision, to extract the values and fill in the zone file. This allows us to generate a correct zone file in the Windows migration case. In an effort to make SWAT easier to use, I have removed and renamed some of the provision options. I have also fixed a nasty issue in my js code. I had implictly declared a global variable of the name 'join', with disasterious results for any subsequent user of the string utility function: esp exception - ASSERT at lib/appweb/ejs/ejsParser.c:2064, 0 Backtrace: [ 0] substitute_var:20 -> list[i] = join("", list2) [ 1] setup_file:9 -> data = substitute_var(data, subobj) Andrew Bartlett (This used to be commit a38ceefd11f8b748f30383ef36a4752f178bfca1)
2007-10-10r12918: Don't tell the user the difference between 'no such user' and 'wrongAndrew Bartlett1-0/+5
password'. Andrew Bartlett (This used to be commit e13cb0ab175069eb670c8b2f57379ababacfcce3)
2007-10-10r12892: Add a 'Migrate from Windows' page to our installation section in SWAT.Andrew Bartlett3-48/+195
Doing this required reworking ejsnet, particularly so it could take a set of credentials, not just a username and password argument. This required fixing the ejsnet.js test script, which now adds and deletes a user, and is run from 'make test'. This should prevent it being broken again. Deleting a user from ejsnet required that the matching backend be added to libnet, hooking fortunetly onto already existing code for the actual deletion. The js credentials interface now handles the 'set machine account' flag. New functions have been added to provision.js to wrap the basic operations (so we can write a command line version, as well as the web based version). Andrew Bartlett (This used to be commit a5e7c17c348c45e61699cc1626a0d5eae2df4636)
2007-10-10r12823: Fix up the provison and newuser code in SWAT. This also cleans up theAndrew Bartlett1-1/+5
main provision script a bit, as the argument list was getting out of control. (It has been replaced in part with an object). This also returns the session_info from the auth code into ejs. We still need access control allowing only root to re-provision. Andrew Bartlett (This used to be commit 002cdcf3cab6563909d31edc5d825e857dc0a732)
2007-10-10r12822: Given that talloc gives us this extra level of safety, use it.Andrew Bartlett1-2/+2
Andrew Bartlett (This used to be commit a6028558dc19b0d105b1bfe4126a2b24afaf8dd2)
2007-10-10r12819: Fix swat authentication again. We need to pass the socket_addressAndrew Bartlett1-8/+17
structure around, so the auth code knows where the request came from. Andrew Bartlett (This used to be commit 7a7b2668c00d4d22bcf8aa3ba256af88f70c38c4)
2007-10-10r12804: This patch reworks the Samba4 sockets layer to use a socket_addressAndrew Bartlett1-14/+7
structure that is more generic than just 'IP/port'. It now passes make test, and has been reviewed and updated by metze. (Thankyou *very* much). This passes 'make test' as well as kerberos use (not currently in the testsuite). The original purpose of this patch was to have Samba able to pass a socket address stucture from the BSD layer into the kerberos routines and back again. It also removes nbt_peer_addr, which was being used for a similar purpose. It is a large change, but worthwhile I feel. Andrew Bartlett (This used to be commit 88198c4881d8620a37086f80e4da5a5b71c5bbb2)
2007-10-10r12746: An initial version of the kludge_acls module.Andrew Bartlett2-4/+24
This should be replaced with real ACLs, which tridge is working on. In the meantime, the rules are very simple: - SYSTEM and Administrators can read all. - Users and anonymous cannot read passwords, can read everything else - list of 'password' attributes is hard-coded Most of the difficult work in this was fighting with the C/js interface to add a system_session() all, as it still doesn't get on with me :-) Andrew Bartlett (This used to be commit be9d0cae8989429ef47a713d8f0a82f12966fc78)
2007-10-10r12744: For correctly written scripts, we don't need this anymore. Only useAndrew Bartlett1-3/+1
the cmdline credentials if we ask for it. Andrew Bartlett (This used to be commit 874dd09759eb0243988f39363c94785ae2e68485)
2007-10-10r12738: Use a talloc_reference to ensure this doesn't get free()'ed too early.Andrew Bartlett1-0/+3
Andrew Bartlett (This used to be commit 0f8c162211662de59f42a96fe5bdf56ed5be883f)
2007-10-10r12708: This is equivilant, but doesn't cause a warning.Andrew Bartlett1-2/+1
Andrew Bartlett (This used to be commit 964f7fc6ca4ac7578ca0d467392d4e174211b6e2)
2007-10-10r12699: correctly escape invalid DN characters (reported by Steinar H. ↵Jelmer Vernooij1-1/+30
Gunderson). this still doesn't work as a bug in ldb causes it to not understand escaped characters in DNs when parsing DNs (This used to be commit 10da56fb6cc57b6c0650a8dc81ded5faa643a96e)
2007-10-10r12694: Move some headers to the directory of the subsystem they belong to.Jelmer Vernooij1-1/+1
(This used to be commit c722f665c90103f3ed57621c460e32ad33e7a8a3)
2007-10-10r12622: Move table.c prototypes to seperate header to prevent circular ↵Jelmer Vernooij1-0/+1
dependencies with proto.h (This used to be commit 9e0ba380374db028358158b9e4457dd930b5ab13)
2007-10-10r12620: Get rid of automatically generated lists of init functions of ↵Jelmer Vernooij2-2/+4
subsystems. This allows Samba libraries to be used by other projects (and parts of Samba to be built as shared libraries). (This used to be commit 44f0aba715bfedc7e1ee3d07e9a101a91dbd84b3)
2007-10-10r12608: Remove some unused #include lines.Jelmer Vernooij1-1/+0
(This used to be commit 70e7449318aa0e9d2639c76730a7d1683b2f4981)
2007-10-10r12596: This variable is unused.Andrew Bartlett1-3/+0
Andrew Bartlett (This used to be commit 2853ccfc8ad58c6af751e01487b8a9e7e68a01e7)
2007-10-10r12592: Remove some useless dependenciesJelmer Vernooij1-2/+3
(This used to be commit ca8db1a0cd77682ac2c6dc4718f5d753a4fcc4db)
2007-10-10r12531: 'make quicktest' was taking 15 minutes on my system due to failing DNSAndrew Tridgell1-1/+1
lookups in load_interfaces(). The reason was my eth0 interface was down, and it was being interpreted as a DNS name. This patch changes load_interfaces() to happening automatically when interfaces are first needed instead of on the startup of every samba binary. This means that (for example) ldbadd doesn't call load_interfaces(), which means no slow DNS lookups. I also reduced the number of static globals in interface.c to 1, and changed from malloc to talloc When you want to force a reload of the interfaces list, you now call unload_interfaces(), which means the next call that needs the interfaces list will reload it (This used to be commit f79d90bd1364b970adb2981b2572e77066431f1e)
2007-10-10r12517: Don't generate empty init functionsJelmer Vernooij1-2/+2
(This used to be commit 832a1092c9c11c293b5748e2e78da872fcba2a42)
2007-10-10r12516: Fix drsuapi and netlogon javascript bindingsJelmer Vernooij2-0/+25
(This used to be commit b46eeba9fcb059ef83743de8be7dab26f9ef21b2)
2007-10-10r12514: Move DCE/RPC interface table to a seperate fileJelmer Vernooij1-1/+1
Be a bit more strict when checking for duplicate interfaces (This used to be commit b1286a6d27e2b5aa26f288f6aff70601b0d8ae74)
2007-10-10r12510: Change the DCE/RPC interfaces to take a pointer to aJelmer Vernooij1-3/+1
dcerpc_interface_table struct rather then a tuple of interface name, UUID and version. This removes the requirement for having a global list of DCE/RPC interfaces, except for these parts of the code that use that list explicitly (ndrdump and the scanner torture test). This should also allow us to remove the hack that put the authservice parameter in the dcerpc_binding struct as it can now be read directly from dcerpc_interface_table. I will now modify some of these functions to take a dcerpc_syntax_id structure rather then a full dcerpc_interface_table. (This used to be commit 8aae0f168e54c01d0866ad6e0da141dbd828574f)
2007-10-10r12501: Merge EJSHeader.pm into EJS.pm and simplify smbcalls_rpc.c a bit,Jelmer Vernooij3-38/+17
now that it is guaranteed that the smbcalls modules are always initialized after the EJS subsystem itself. (This used to be commit 1e8670874bb7415c3e00a42516680fdb4ee2fca1)
2007-10-10r12500: Use init functions explicitly in a few more places. 'gensec' and ↵Jelmer Vernooij1-0/+12
'librpc' are the only two subsystems left to convert. (This used to be commit f6bbc72996aeee8607fc583140fd60be0e06e969)
2007-10-10r12499: Move smb_build.h out of includes.hJelmer Vernooij1-0/+1
(This used to be commit c92ace494f92084ddf178626cdf392d151043bc7)
2007-10-10r12323: fixeed the use of options.get_credentials() for ldbAndrew Tridgell1-2/+6
(This used to be commit b27d81dca9fd07c83b11a5bb3a883ec3f28cca6a)
2007-10-10r12322: automatically use cmdline_credentials if the ldb object doesn't haveAndrew Tridgell1-0/+4
its own credentials element (This used to be commit de8975bdd3dc9b4f4d65000e126bbd11c43b3f06)
2007-10-10r12227: I realised that I wasn't yet seeing authenticated LDAP for the ldbAndrew Bartlett2-5/+29
backend. The idea is that every time we open an LDB, we can provide a session_info and/or credentials. This would allow any ldb to be remote to LDAP. We should also support provisioning to a authenticated ldap server. (They are separate so we can say authenticate as foo for remote, but here we just want a token of SYSTEM). Andrew Bartlett (This used to be commit ae2f3a64ee0b07575624120db45299c65204210b)
2007-10-10r12104: Move to (sync) smb_composite_connect from smbcli_tree_full_connection()Rafal Szczesniak1-2/+13
This is one of the last places using the latter function. rafal (This used to be commit c95d30d38c4969c070766d320ed52e332e131195)
2007-10-10r12014: free the irpc_request structure with the irpc_call_recv functions,Stefan Metzmacher1-1/+0
to match all other _recv functions we have metze (This used to be commit bd4f85ab5f60c7430ac88062fa6a9f6cffa9596f)
2007-10-10r12013: fix compiler warningsStefan Metzmacher2-6/+6
metze (This used to be commit 4d35c2b8e671cc8fe44971cf2a577236afd1abbd)
2007-10-10r11995: A big kerberos-related update.Andrew Bartlett1-0/+12
This merges Samba4 up to current lorikeet-heimdal, which includes a replacement for some Samba-specific hacks. In particular, the credentials system now supplies GSS client and server credentials. These are imported into GSS with gss_krb5_import_creds(). Unfortunetly this can't take an MEMORY keytab, so we now create a FILE based keytab as provision and join time. Because the keytab is now created in advance, we don't spend .4s at negprot doing sha1 s2k calls. Also, because the keytab is read in real time, any change in the server key will be correctly picked up by the the krb5 code. To mark entries in the secrets which should be exported to a keytab, there is a new kerberosSecret objectClass. The new routine cli_credentials_update_all_keytabs() searches for these, and updates the keytabs. This is called in the provision.js via the ejs wrapper credentials_update_all_keytabs(). We can now (in theory) use a system-provided /etc/krb5.keytab, if krb5Keytab: FILE:/etc/krb5.keytab is added to the secrets.ldb record. By default the attribute privateKeytab: secrets.keytab is set, pointing to allow the whole private directory to be moved without breaking the internal links. (This used to be commit 6b75573df49c6210e1b9d71e108a9490976bd41d)
2007-10-10r11814: 1) Set name resolution methods according to smb.confRafal Szczesniak1-1/+4
2) Set credentials workstation name, otherwise rpc bind function segfaults on auth stage rafal (This used to be commit 6dc67ba6a30e6fc3fc21821d009ea940b093eec2)
2007-10-10r11748: By default, use name resolution method provided by meansRafal Szczesniak1-0/+1
of smb.conf. rafal (This used to be commit 739169e8eda74ad53d728fe6d11a30513c218853)
2007-10-10r11588: Remove unused (at the moment) variable and quiet compiler warning.Rafal Szczesniak1-1/+0
rafal (This used to be commit 90db7f13bc0df0a276dc736d2f9439616cb3b2f7)
2007-10-10r11586: Further work on ejs interface for libnet. The idea is to split libnetRafal Szczesniak2-4/+57
functionalities into groups of subcontexts of net subcontext just the way it's done in net tool. This way we can pass common arguments when creating subcontext. Also, this may allow easier writing net tool completely as a script. At the moment there's a name resolve code segfault to be fixed. rafal (This used to be commit 25310d05927dab69d37248977f974bcaedbd081b)
2007-10-10r11567: Ldb API change patch.Simo Sorce1-3/+4
This patch changes the way lsb_search is called and the meaning of the returned integer. The last argument of ldb_search is changed from struct ldb_message to struct ldb_result which contains a pointer to a struct ldb_message list and a count of the number of messages. The return is not the count of messages anymore but instead it is an ldb error value. I tryed to keep the patch as tiny as possible bu as you can guess I had to change a good amount of places. I also tried to double check all my changes being sure that the calling functions would still behave as before. But this patch is big enough that I fear some bug may have been introduced anyway even if it passes the test suite. So if you are currently working on any file being touched please give it a deep look and blame me for any error. Simo. (This used to be commit 22c8c97e6fb466b41859e090e959d7f1134be780)
2007-10-10r11498: added an optional extra argument to split to limit the number ofAndrew Tridgell1-8/+19
pieces a string is split into. This allows for a fix in the variable substitution used in provisioning (This used to be commit be06785d4835abcbc7d75c0176c85a8ecc0cc11d)
2007-10-10r11474: - enable ldb transactions from ejsAndrew Tridgell1-0/+81
- speed up provisioning a bit using a ldb transaction (also means you can't end up with a ldb being half done) (This used to be commit 91dfe304cf688bb81b69ff3192ac84b78b34b311)
2007-10-10r11458: fixed our ejs smbscript interfaces to use arrays where appropriate. InAndrew Tridgell5-27/+34
js arrays are a special type of object where the length property is automatic, and cannot be modified manually. Our code was manually setting length, which made it abort when someone passed in a real ejs array. To fix this we need to create real arrays instead of objects, and remove the code that manually sets the length (This used to be commit ebdd1393fde44a0a35446d1a922d29a7c1769ba7)
2007-10-10r11439: Make presedence on strcmp comparison clear, and fill inAndrew Bartlett1-1/+3
logon_parameters for the auth subsystem. Andrew Bartlett (This used to be commit 767c5ca7bec3737d1261e209cd895d1300354f25)
2007-10-10r11365: fixed a comment typoAndrew Tridgell1-1/+1
(This used to be commit 3333d71ab6594c1e8977098c31c9437686039f1c)
2007-10-10r11354: - generate a ejs error on bad ldif to add/modifyAndrew Tridgell1-3/+7
- fixed a double free error in ldb.close() (This used to be commit 7f797e7097cffa1f5b5bac34e100af77d4026f89)