summaryrefslogtreecommitdiff
path: root/source4
AgeCommit message (Collapse)AuthorFilesLines
2011-05-18s4:kdc: UF_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION => ↵Stefan Metzmacher1-0/+14
flags.trusted_for_delegation metze
2011-05-18s4:auth/credentials: S4U2Self should force CRED_MUST_USE_KERBEROSStefan Metzmacher1-0/+1
Otherwise we would not impersonate the desired principal. This still doesn't work for plaintext auth, but should avoid ntlmssp. metze
2011-05-18s4:auth/credentials: pass 'self_service' to ↵Stefan Metzmacher5-10/+36
cli_credentials_set_impersonate_principal() This also adds a cli_credentials_get_self_service() helper function. In order to support S4U2Proxy we need to be able to set the service principal for the S4U2Self step independent of the target principal. metze
2011-05-18s4:gensec_gssapi: avoid delegation if s4u2self/proxy is usedStefan Metzmacher1-0/+4
metze
2011-05-18HEIMDAL:kdc: check and regenerate the PAC in the s4u2proxy caseStefan Metzmacher1-13/+38
TODO: we need to add a S4U_DELEGATION_INFO to the PAC later. metze
2011-05-18HEIMDAL:kdc: pass the correct principal name for the resulting service ticketStefan Metzmacher1-38/+36
Depending on S4U2Proxy the principal name for the resulting ticket is not the principal of the client ticket. metze
2011-05-18HEIMDAL:kdc: let check_PAC() to verify the incoming server and krbtgt cheksumsStefan Metzmacher1-4/+7
For a normal TGS-REQ they're both signed with krbtgt key. But for S4U2Proxy requests which ask for contrained delegation, the keys differ. metze
2011-05-17s4-dfs: Use a workaround for ndr relative pointer bug/limitationMatthieu Patou1-11/+8
Autobuild-User: Matthieu Patou <mat@samba.org> Autobuild-Date: Tue May 17 01:33:27 CEST 2011 on sn-devel-104
2011-05-17s4-torture: Add more tests to DFS referral suiteMatthieu Patou1-4/+30
2011-05-17torture: adapt to idl evolutionroot2-48/+48
2011-05-17s4-dfs: clean the codeMatthieu Patou1-44/+50
2011-05-17s4-dfs: fix bugs in idl and adapt code accordinglyMatthieu Patou1-17/+23
2011-05-17s4-python: add an option for just fixing gpo foldersMatthieu Patou1-189/+196
2011-05-17s4-python: keep wheel_gid as an integerMatthieu Patou1-1/+1
2011-05-17s4-python: raise an error if unable to bind remote ldap while joiningMatthieu Patou1-0/+11
2011-05-16waf: Enable Samba3 torture tests in top level build.Andreas Schneider1-12/+12
Signed-off-by: Günther Deschner <gd@samba.org> Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Mon May 16 13:57:01 CEST 2011 on sn-devel-104
2011-05-16s4-smbtorture: add test_netremotetod.Günther Deschner2-0/+18
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Mon May 16 12:45:52 CEST 2011 on sn-devel-104
2011-05-16s4-libcli/rap: add smbcli_rap_netremotetod().Günther Deschner1-0/+47
Guenther
2011-05-13do an explicit A record search for SRV entriesLuke Howard1-4/+22
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2011-05-13s4/test/getnc_exop: Tune the the test to work against windowsKamen Mazdrashki1-17/+27
It turns out that sometimes, w2k8-r2 returns objects even when FSMO extended request has failed. Also verify that target DC returns source_dsa_guid and source_dsa_invocation_id correctly Autobuild-User: Kamen Mazdrashki <kamenim@samba.org> Autobuild-Date: Fri May 13 02:26:04 CEST 2011 on sn-devel-104
2011-05-11s4/drepl_fsmo: Add an CR so that message is visible in the logsKamen Mazdrashki1-1/+1
Autobuild-User: Kamen Mazdrashki <kamenim@samba.org> Autobuild-Date: Wed May 11 21:03:59 CEST 2011 on sn-devel-104
2011-05-11s4/getnc_exop: Initial implementation of a testsuite for GetNCChanges ↵Kamen Mazdrashki1-0/+136
extended opeartion handling
2011-05-11s4/getncchanges: Pre-mark extended requests as success in case a ↵Kamen Mazdrashki1-0/+4
sub-function "forget" to do this
2011-05-11s4/getncchanges: Implement placeholder for handling ex-op collection of objectsKamen Mazdrashki1-13/+44
Right now it is solely based on function that handles objects in normal DsGetNCChanges calls.
2011-05-11s4/getncchanges: Move the code that collects objects into separate functionKamen Mazdrashki1-41/+67
2011-05-11s4/getncchanges: Don't mask Extended operation result - callers need itKamen Mazdrashki1-1/+0
2011-05-11s4/getncchanges: Fail extended request rather than failing whole requestKamen Mazdrashki1-1/+3
in case that destination_dsa_guid is not valid
2011-05-09build: Remove --disable-s3build so we can rely on these subsystemsAndrew Bartlett1-6/+1
This will make it easier to write code that uses the whole codebase. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Mon May 9 12:25:33 CEST 2011 on sn-devel-104
2011-05-09selftest: Test both users created in plugin_s4_dc environmentAndrew Bartlett1-0/+1
Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Mon May 9 06:10:52 CEST 2011 on sn-devel-104
2011-05-08selftest: Polish selftest-vars.sh a little so it can be used againKamen Mazdrashki1-10/+14
Autobuild-User: Kamen Mazdrashki <kamenim@samba.org> Autobuild-Date: Sun May 8 22:50:01 CEST 2011 on sn-devel-104
2011-05-08s4-selftest Add tests for proxy_samba4_dcAndrew Bartlett1-0/+1
Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Sun May 8 20:03:45 CEST 2011 on sn-devel-104
2011-05-08ncalrpc: Force ncalrpc dir to be mode 755 in all usersAndrew Bartlett1-0/+7
This allows this directory to be shared between Samba3 and Samba4 in a Franky-style setup easily. Andrew Bartlett
2011-05-08s4-dsdb Add transactions to dsdb modify helpersAndrew Bartlett1-0/+18
2011-05-08s4-samr Remove incorrect transaction_cancel() in error pathAndrew Bartlett1-1/+0
The transactions are now handled entirely within dsdb_add_user() Andrew Bartlett
2011-05-08s4-param cope with doulbe-parsing of -foo and +foo listsAndrew Bartlett1-3/+9
For some reason these lists are parsed twice, and so any -foo was failing as it was already removed the first time. Andrew Bartlett
2011-05-08s4-interfaces: keep interfaces in the order they were declaredAndrew Tridgell1-1/+5
the spoolss notify test depends on the interfaces order Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Sun May 8 13:57:58 CEST 2011 on sn-devel-104
2011-05-08s4-interfaces Rename interfaces code so not to conflict with source3/Andrew Bartlett28-113/+113
The iface_count, iface_n_bcast, and load_interfaces functions conflicted with functions of the same name in source3, so the source4 functions were renamed. Hopefully we can actually wrap one around the other in future. Andrew Bartlett
2011-05-08lib/socket move interfaces code to the top levelAndrew Bartlett3-334/+6
2011-05-08s4-lib/socket Samba4 is not IPv6 compatibleAndrew Bartlett1-0/+5
Don't add IPv6 interfaces until we actually support them. I'll soon have IPv6 service at home, and then I'll make it my buisness to sort this out once and for all. Andrew Bartlett
2011-05-08s4-lib merge get_interfaces() from Samba3 to Samba4Andrew Bartlett3-100/+375
2011-05-08s4-param Don't set variables such as the debuglevel unless globalAndrew Bartlett1-2/+18
This ensures that when a second lp_ctx is created, that it does not set global variables such as the debug level, log file etc, potentially overriding the settings created by another context. In particular this matters when loading Samba4 modules into Samba3. Andrew Bartlett
2011-05-08Improve debug messages when creating socket directoriesAndrew Bartlett1-1/+1
This makes clear what the permissions error and directory name actually is Andrew Bartlett
2011-05-08libds: moved enum security_types to a common headerAndrew Tridgell2-2/+2
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-05-08s4-auth Rename auth -> auth4 to avoid conflict with s3 authAndrew Bartlett23-78/+80
2011-05-08s4-ntvfs: Rename brl_*() -> brlock_*() to avoid conflict with brlock_init in s3Andrew Bartlett7-24/+24
2011-05-08s4-auth: remove unused prototypeAndrew Tridgell1-4/+1
2011-05-06s4-smbd: fix randseed_init() usage.Günther Deschner1-1/+1
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Fri May 6 17:37:11 CEST 2011 on sn-devel-104
2011-05-06libcli/smb Move cifs posix helper functions and headers in commonAndrew Bartlett4-191/+2
unix_perms_to_wire() was a duplicate symbol in the top level build. Andrew Bartlett
2011-05-06lib/util Rename ms_fnmatch() to ms_fnmatch_protocol() to avoid dup symbolAndrew Bartlett5-9/+9
This verison of the function takes a protcol as argument to determine matching rules. Andrew Bartlett
2011-05-06errors: Remove unused unix_to_werror()Andrew Bartlett1-5/+0