Age | Commit message (Collapse) | Author | Files | Lines |
|
By setting the event context to use for this operation (only) onto
the krb5_context just before we call that operation, we can try
and emulate the specification of an event context to the actual send_to_kdc()
This eliminates the specification of an event context to many other
cli_credentials calls, and the last use of event_context_find()
Special care is taken to restore the event context in the event of
nesting in the send_to_kdc function.
Andrew Bartlett
|
|
|
|
|
|
|
|
we can't link).
|
|
|
|
applicable.
Allow using both pyembed and pyext, to prevent unresolved symbols.
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sun Oct 10 03:54:01 UTC 2010 on sn-devel-104
|
|
|
|
this ensures that make test detects a failure if samba is killed by
SIGTERM
|
|
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
it doesn't actually work, but at least it now compiles
|
|
metze
|
|
|
|
|
|
this converts all callers that use the Samba4 loadparm lp_ calling
convention to use the lpcfg_ prefix.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
This will allow TDB_CLEAR_IF_FIRST behaviour in future
Signed-off-by: Jeremy Allison <jra@samba.org>
|
|
This is needed to remove samba specifc symbols from the bundled
ldb, in order to get the ABI right.
metze
Signed-off-by: Andreas Schneider <asn@samba.org>
|
|
|
|
|
|
Pair-programmed-with: Stefan Metzmacher <metze@samba.org>
|
|
|
|
This allows us to control what groups should be added in what use
cases, and in particular to more carefully control the introduction of
the 'authenticated' group.
In particular, in the 'service_named_pipe' protocol, we do not have
control over the addition of the authenticated users group, so we key
of 'is this user the anonymous SID'.
This also takes more care to allocate the right length ptoken->sids
Andrew Bartlett
|
|
|
|
multiple event contexts
It is NEVER valid to free an event context that anybody else may have
a reference to, and never normally valid to have two 'live' at once.
We must instead call tevent_re_initialise() to wipe clean an existing
pointer.
Andrew Bartlett
|
|
This will fork off exactly one child to handle some task, ensuring
that if it dies or changes global state, that this does not change
everything.
Andrew Bartlett
|
|
This reverts most of commit 1765732f82719a4bc925f21ef4999bd19a8d1f6c.
The s3compat build needs the SWAT location to be compatible with
Samba3.
|
|
metze
|
|
This gives the rpc server code the correct client and server
ip addresses for ncacn_np.
metze
|
|
My first patch in a while...
Tim.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
|
|
This was left over from the automatic conversion of the config.mk
files
|
|
The auth context was in the past only for NTLM authentication, but we
need a SAM, an event context and and loadparm context for calculating
the local groups too, so re-use that infrustructure we already have in
place.
However, to avoid problems where we may not have an auth_context (in
torture tests, for example), allow a simpler 'session_info' to be
generated, by passing this via an indirection in gensec and an
generate_session_info() function pointer in the struct auth_context.
In the smb_server (for old-style session setups) we need to change the
async context to a new 'struct sesssetup_context'. This allows us to
use the auth_context in processing the authentication reply .
Andrew Bartlett
|
|
we won't be using the mk -> wscript generator again
|
|
these are needed so we can support a system talloc without using the
bundled talloc.h
|
|
|
|
them
|
|
|
|
Rewrote wafsamba using a new dependency handling system, and started
adding the waf test code
|
|
|
|
this shows the config paths. Useful for debugging --enable-fhs
|
|
|
|
This fixes a crash bug on startup
|
|
and tstream_context
metze
|
|
This is an improved version of commit 69d5cea2e59162f19460e7ce4b6382fc5fdd6ca0,
which was reverted by commit 71c20f703b0c603d6aada63ed5634070a26df052.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
We need to be able to give sensible error messages when a kerberos
calls fails. This propogates the kerberos error up the stack to the
caller.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
This reverts commit 69d5cea2e59162f19460e7ce4b6382fc5fdd6ca0.
This commit causes issues with the RPC server, revert it until we find the
exact issue and possibly have a torture test to avoid it happening again.
Found playing with w2k8r2 and forest trusts.
|
|
After looking at the s4 side of the (s)channel :) I found out that it makes
more sense to simply make it use the tdb based code than redo the same changes
done to s3 to simplify the interface.
Ldb is slow, to the point it needs haks to pre-open the db to speed it up, yet
that does not solve the lookup speed, with ldb it is always going to be slower.
Looking through the history it is evident that the schannel database doesn't
really need greate expanadability. And lookups are always done with a single
Key. This seem a perfet fit for tdb while ldb looks unnecessarily complicated.
The schannel database is not really a persistent one. It can be discared during
an upgrade without causing any real issue. all it contains is temproary session
data.
|
|
|
|
|
|
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
|