summaryrefslogtreecommitdiff
path: root/source4
AgeCommit message (Collapse)AuthorFilesLines
2011-12-29s4-gensec: Rename memory contexts in gensec_krb5 for greater clarityAndrew Bartlett1-16/+16
This should better follow the mem_ctx/tmp_ctx pattern used elsewhere in Samba. Thankyou Simo for the suggestion. Andrew Bartlett
2011-12-29s4-gensec: Rename memory contexts in gensec_gssapi for greater clarityAndrew Bartlett1-16/+16
This should better follow the mem_ctx/tmp_ctx pattern used elsewhere in Samba. Thankyou Simo for the suggestion. Andrew Bartlett
2011-12-29s4-auth: Rename memory contexts for greater clarityAndrew Bartlett2-10/+10
This should better follow the mem_ctx/tmp_ctx pattern used elsewhere in Samba. Thankyou Simo for the suggestion. Andrew Bartlett
2011-12-29s4-gensec remove auth_session dep from gensec_gssapi.cAndrew Bartlett1-1/+1
Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Thu Dec 29 05:37:11 CET 2011 on sn-devel-104
2011-12-29s4-gensec Remove fallback for simple privilegesAndrew Bartlett1-6/+2
This makes the dependencies simpler, as this code path is no longer required. (That is, it makes no sense to have an NTLM login without an auth context, and the gensec_gssapi and gensec_krb5 modules call the PAC blob function below instead). Andrew Bartlett
2011-12-29s4-torture: Demonstrate handling of the PAC in a custom auth_contextAndrew Bartlett3-62/+85
This demonstrates how a different function pointer can be supplied to handle the PAC blob, without depending on the provisioned samdb etc. Andrew Bartlett
2011-12-29s4-gensec: Pass the auth context in during gensec testAndrew Bartlett1-2/+3
2011-12-29s4-pyauth: Make sure event context allows nestingAndrew Bartlett1-1/+2
2011-12-29s4-gensec: Move parsing of the PAC blob and creating the session_info into authAndrew Bartlett8-169/+247
This uses a single callback to handle the PAC from the DATA_BLOB format until it becomes a struct auth_session_info. This allows a seperation between the GSS acceptor code and the PAC interpretation code based on the supplied auth context. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Thu Dec 29 01:10:59 CET 2011 on sn-devel-104
2011-12-29s4-gensec: fix cyrus sasl module after update() protype changeAndrew Bartlett1-0/+1
2011-12-28s4-auth Remove unused auth_context_create_from_ldb()Andrew Bartlett2-27/+0
2011-12-28s4-gensec: Allow a PAC to be obtained from any GSS mechAndrew Bartlett1-7/+0
This may allow Luke Howard's moonshot to work with a little less effort at some point in the future. Andrew Bartlett
2011-12-28auth/kerberos: Move gssapi_parse.c to the top levelAndrew Bartlett2-123/+2
This will help with writing a gensec module for the s3 gse layer. Andrew Bartlett
2011-12-28s4-ntlmssp Do not allow LM key without a LM passwordAndrew Bartlett1-3/+5
2011-12-23s4:torture/rpc/netlogon.c - factor out the computer name check in an own testMatthias Dieter Wallnöfer1-11/+61
This check is by no ways specific to "DsRGetSiteName" and hence it should be factored out in an own function. Samba at the moment does not implement the expected behaviour so I have added the "torture_skip" action. Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Fri Dec 23 12:17:48 CET 2011 on sn-devel-104
2011-12-23s4:netlogon RPC server - dcesrv_netr_DsRGetSiteName - add a small explainationMatthias Dieter Wallnöfer1-0/+5
NETLOGON pipe is only thought for DCs. Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-12-23s4:libcli/finddcs_nbt.c - free "req" consistently with "finddcs_cldap.c"Matthias Dieter Wallnöfer1-2/+4
It is more obvious to free where the context for the first time appears. Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-12-23s4:drsuapi/getncchanges: the default for isRecycled is FALSEStefan Metzmacher1-1/+1
metze Autobuild-User: Matthieu Patou <mat@samba.org> Autobuild-Date: Fri Dec 23 09:30:09 CET 2011 on sn-devel-104
2011-12-23s4-drsuapi: we store boolean in upppercase so we need to test them in uppercaseMatthieu Patou1-4/+4
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-12-23s4-kcc: Remove also deleted objects that are not in the Deleted Object containerMatthieu Patou2-2/+38
For the configuration container we do a full scan at every run of the kcc-delete service. For the base DN we introduce a new parameter that avoid the full scan to kick just when samba starts. Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-12-23s4-ldb: Add isRecycled when is defined in the schemaMatthieu Patou1-3/+9
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-12-23s4:rpc-dnsserver: Set the rank for the new DNS record correctlyAmitay Isaacs1-0/+8
Autobuild-User: Amitay Isaacs <amitay@samba.org> Autobuild-Date: Fri Dec 23 07:56:34 CET 2011 on sn-devel-104
2011-12-23test:dnsserver: Add zone creation and deletion testAmitay Isaacs1-0/+51
2011-12-23samba-tool:dns: Fix a typoAmitay Isaacs1-1/+1
2011-12-23samba-tool:dns: Add zone create/delete commandsAmitay Isaacs1-0/+85
2011-12-23s4:rpc-dnsserver: Add commentsAmitay Isaacs1-0/+7
2011-12-23s4:rpc-dnsserver: Make sure that zone information is filled inAmitay Isaacs1-0/+10
This fixes the problem of NULL zone in zone operations when specific zone is specified and no zone filter is specified.
2011-12-23s4:rpc-dnsserver: Implement zone management RPC operationsAmitay Isaacs3-2/+436
- ZoneCreate operation to create zone. - DeleteZoneFromDs operation to delete zone When a zone is deleted, all the records in that zone are also deleted.
2011-12-23s4:rpc-dnsserver: Add multiple DNS records in a single operationAmitay Isaacs1-11/+16
This allows to add dnsNode objectclass with multiple DNS records in a single operation. Useful for creating @ record which has NS and SOA records.
2011-12-23s4:rpc-dnsserver: Use handy macros for error checkingAmitay Isaacs1-11/+3
2011-12-23s4:rpc-dnsserver: Implement DirectoryPartitionInfo RPC operationAmitay Isaacs3-1/+151
2011-12-23s4:rpc-dnsserver: Fix the enumeration of DNS recordsAmitay Isaacs1-0/+10
If a node has data and children, do not return the children unless the node is the top level node.
2011-12-23s4:rpc-dnsserver: Use cached zone information to get rootserversAmitay Isaacs1-9/+6
This removes the hardcoded search for DC=RootDNSServers, and uses the cached zone information.
2011-12-23s4:rpc-dnsserver: Implement EnumDirectoryPartition operationAmitay Isaacs2-1/+36
2011-12-23s4:rpc-dnsserver: Cache DNS partition informationAmitay Isaacs4-89/+151
This information will be used for the RPC calls for partition information.
2011-12-23s4:rpc-dnsserver: If a zone is reverse zone, set the fReverse flagAmitay Isaacs2-3/+14
And use fReverse flag in the enumeration of zones.
2011-12-23s4:rpc-dnsserver: For PTR records, use dns_name_equal instead of strcmp to ↵Amitay Isaacs1-1/+1
compare
2011-12-23samba-tool:dns: Add support for reverse names (PTR records)Amitay Isaacs1-5/+33
2011-12-23s4-provision: Set dNSProperty attribute for dns zonesAmitay Isaacs1-2/+71
2011-12-22s4-torture: Test rpc schannel netr_LogonGetCapability.Stefan Metzmacher2-0/+62
metze
2011-12-22s4-librpc: Fix netlogon schannel client connect.Andreas Schneider1-0/+2
As a client we request as much flags as possible. The server checks which flags it supports and returns the same negotiation flags or less. So we need to store the negotiate flags from the server. We need them later if we have to call netr_LogonGetCapabilities.
2011-12-20samba-tool: Add transaction wrapper for creating GPOAmitay Isaacs1-51/+44
This ensures that if the GPT files are not copied via SMB, AD changes are rolled back. Autobuild-User: Amitay Isaacs <amitay@samba.org> Autobuild-Date: Tue Dec 20 09:12:41 CET 2011 on sn-devel-104
2011-12-19s4-dsdb: Relax the conditions where we can't do a subtree deleteMatthieu Patou1-1/+19
If the parent object is a SAM object (as defined in 3.1.1.5.2.3 Special Classes and Attributes of MS-ADTS) then we can use the subtree delete control even if the object is a critical one. Autobuild-User: Matthieu Patou <mat@samba.org> Autobuild-Date: Mon Dec 19 14:32:19 CET 2011 on sn-devel-104
2011-12-19s4:drsuapi/getncchanges: return WERR_NOMEM if talloc_array() failsStefan Metzmacher1-0/+3
metze
2011-12-19s4-drs: introduce a timeout in the getncchanges processing to always return ↵Matthieu Patou1-6/+27
something in less than x seconds Signed-off-by: Andrew Tridgell <tridge@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-12-19s4-drs: avoid calling unecesserly ldb_msg_find_attr_as_* as this call in ↵Matthieu Patou1-26/+45
unefficient Current implementation of ldb_msg_find_attr_as_* iterate on the list of attributes returned by the search and make a string comparison. As we sorting the array of messages / guids we tend to call this function many times. By storing the GUID and the USN in a separate structure we are sure to call this function only once per attribute and object. Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-12-19s4-becomedc: replicate first with DRS_CRITICAL_ONLY and DRS_GET_ANC objects ↵Matthieu Patou1-0/+13
for the base dn partition Windows dcpromo do the same: getncchanges with DRS_GET_ANC and DRS_CRITICAL_ONLY, then it does a getncchanges without those flags for the rest. Signed-off-by: Andrew Tridgell <tridge@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-12-19s4-join: replicate first with DRS_CRITICAL_ONLY and DRS_GET_ANC objects for ↵Matthieu Patou1-0/+10
the base dn partition Windows dcpromo do the same: getncchanges with DRS_GET_ANC and DRS_CRITICAL_ONLY, then it does a getncchanges without those flags for the rest. Signed-off-by: Andrew Tridgell <tridge@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-12-17s3: Fix the clustering buildVolker Lendecke3-5/+5
ctdb_private.h already defines set_close_on_exec. Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Sat Dec 17 18:41:39 CET 2011 on sn-devel-104
2011-12-17s4 dns: Allow updates based on smb.conf settingKai Blin2-2/+29
Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Sat Dec 17 04:19:40 CET 2011 on sn-devel-104