summaryrefslogtreecommitdiff
path: root/source4
AgeCommit message (Collapse)AuthorFilesLines
2012-05-04s4-auth-krb: Disable code in MIT buildSimo Sorce1-1/+4
Unfortunately these functions are not available in MIT and there is no easy workaround or compat funciton I can see at this stage. Will fix properly once MIT gets the necessary functions or if another workaround can be found.
2012-05-04Move keytab_copy to krb5samba libSimo Sorce2-231/+1
This is a helper fucntion that uses purely krb5 code, so it belongs to krb5samba which is the krb5 wrapper for samba.
2012-05-04Fix keytab_copy to compile with MIT librariues tooSimo Sorce1-10/+12
2012-05-04keytab_copy: Fix style, whitespacesSimo Sorce1-8/+17
2012-05-04kerberos_pac: Fix code to work with MIT tooSimo Sorce1-3/+3
2012-05-04s4-auth-krb: smb_rd_req_return_stuff is used only in gensec_krb5Simo Sorce5-2/+13
Make it clearly a gensec_krb5 accessory file. This function should never be used anywhere else. This function was copied out from the Heimdal tree and is kept in a separate file for clarity and to keep the original license boilerplate.
2012-05-04Split normal kinit from s4u2 flavored kinitSimo Sorce1-7/+21
This makes it simpler to slowly integrate MIT support and also amkes it somewhat clearer what operation is really requested. The 24u2 part is really only used by the cifs proxy code so we can temporarily disable it in the MIT build w/o major consequences.
2012-05-04Move kerberos_kinit_password_cc to krb5samba libSimo Sorce3-427/+1
2012-05-04Move kerberos_kinit_keyblock_cc to krb5samba libSimo Sorce3-55/+1
Make it also work with MIT where krb5_get_in_tkt_with_keyblock is not available.
2012-05-04krb-init: define out heimdal specific stuff in mitkrb buildSimo Sorce1-3/+12
2012-05-04s4-auth-krb: avoid useless conditionSimo Sorce1-1/+1
Code bails out with ENOMEM 2 lines a bove if config_file is NULL anyways
2012-05-04s4:torture: add a check for talloc success in test_session_reauthVolker Lendecke1-0/+1
Autobuild-User: Volker Lendecke <vl@samba.org> Autobuild-Date: Fri May 4 16:50:59 CEST 2012 on sn-devel-104
2012-05-04s4-dsdb: Use data_blob_string_const and add explaination for open-coded ↵Andrew Bartlett1-4/+6
function in samldb Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Fri May 4 02:34:41 CEST 2012 on sn-devel-104
2012-05-04s4-dsdb: Use strcasecmp_m() to compare possibly multibyte strings in samldbAndrew Bartlett1-5/+5
2012-05-04s4:samldb LDB module - make sure to not add identical ↵Matthias Dieter Wallnöfer2-16/+88
"servicePrincipalName"s more than once The service principal names need to be case-insensitively unique, otherwise we end up in a LDB ERR_ATTRIBUTE_OR_VALUE_EXISTS error. This issue has been discovered on the technical mailing list (thread: cannot rename windows xp machine in samba4) when trying to rename a AD client workstation.
2012-05-03UTIL_TDB: lowercase name.Jelmer Vernooij3-3/+3
Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Thu May 3 20:18:22 CEST 2012 on sn-devel-104
2012-05-03s4:torture: add a new smb2.session.reauth3 test - getting security descriptorMichael Adam1-0/+100
Autobuild-User: Michael Adam <obnox@samba.org> Autobuild-Date: Thu May 3 17:38:14 CEST 2012 on sn-devel-104
2012-05-03provision: remove reference to no longer existing template files.Jelmer Vernooij2-9/+6
2012-05-03s4-samba-tool: make new samba-tool group listmembers use samAccountNameAndrew Bartlett2-4/+4
This is the unique username value. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Thu May 3 01:57:41 CEST 2012 on sn-devel-104
2012-05-03s4-s3upgrade: Force ldapsam:trusted = yesAndrew Bartlett1-0/+3
While this setting is not the default in Samba3, any domain that is in a suitable condition to upgrade to Samba4 should already be in the layout that ldapsam:trusted uses. It can be turned off by setting ldapsam:trusted=false in the smb.conf. Many upgrades to Samba4 happen on a different host to the old Samba3 domain and this avoids the need to configure nss_ldap only for the duration of the upgrade. Andrew Bartlett
2012-05-03Extension to the samba-tool group subcommand functionality to allow listing ↵Lukasz Zalewski3-0/+91
of the members of an AD group
2012-05-03s4-s3upgrade: Try harder to get group memberships on upgradeAndrew Bartlett1-5/+20
This fixes an issue where some group types were not upgraded, as we did not upgrade alias memberships. It also uses enum_group_memberships() to try and find the memberships from the other direction, by asking which groups a user is a member of. As Samba3 (and NT4) does not implement nested groups, this should be safe. Andrew Bartlett
2012-05-02s4:torture:rpc: add a new test samba3.smb2-pipe-read-logoffMichael Adam1-0/+85
- open a pipe via smb2 - trigger a read which hangs since there is nothing to read - do a logoff - wait for the read to return and check the status (STATUS_PIPE_BROKEN) Autobuild-User: Michael Adam <obnox@samba.org> Autobuild-Date: Wed May 2 19:57:45 CEST 2012 on sn-devel-104
2012-05-02s4:torture:rpc: add a new test samba3.smb2.pipe-read-tdisMichael Adam1-0/+85
- open a pipe via smb2 - trigger a read which hangs since there is nothing to read - do a tree disconnect - wait for the read to return and check the status (STATUS_PIPE_BROKEN)
2012-05-02s4:torture:rpc: add a test samba3.smb2-pipe-read-closeMichael Adam1-0/+87
* open a pipe via smb2 * trigger a read which hangs since there is nothing to read * close the pipe file handle * wait for the read to reaturn and check the status (NT_STATUS_PIPE_BROKEN)
2012-05-02s4:torture:rpc: fix a comment typo in samba3.smb2-reauth2Michael Adam1-1/+1
2012-05-02s4:torture:rpc: remove an accidentially committed character (in a comment)Michael Adam1-1/+1
2012-05-02s4-provision: Fix up --use-s3fs to create the directory for xattr.tdbAndrew Bartlett1-4/+8
Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Wed May 2 04:45:05 CEST 2012 on sn-devel-104
2012-05-02s4-provision: Fix --use-s3fs to parse correctlyAndrew Bartlett1-1/+1
2012-05-02s4-provision: set 'dcerpc endpoint servers' but not 'vfs objects'Andrew Bartlett1-1/+1
The VFS objects are now set in the fileserver.conf, but this is only read by smbd, so the provision-time smb.conf needs to turn off the extra Samba4 DCE/RPC services. Andrew Bartlett
2012-05-01s4-upgradedns: Update serverdn with only the attributes that have changedAmitay Isaacs1-11/+21
This fixes the issue of ldb 'Operations Error' when trying to modify hasPartialReplicaNCs attribute. Autobuild-User: Amitay Isaacs <amitay@samba.org> Autobuild-Date: Tue May 1 05:28:04 CEST 2012 on sn-devel-104
2012-04-30s4:samldb LDB module - homogenize LDB search attributes arraysMatthias Dieter Wallnöfer1-13/+13
First they do not need to be "static" any longer since we have abandoned asynchronous result handling (where global variables have been important). In addition add some "const" in order to protect us from unwanted writes. Reviewed-by: Andrew Bartlett Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Mon Apr 30 16:46:20 CEST 2012 on sn-devel-104
2012-04-30s4-libnet: Add mem_ctx to libnet_rpc_groupdel calls (bug #8889)Andrew Bartlett1-2/+3
Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Mon Apr 30 14:41:36 CEST 2012 on sn-devel-104
2012-04-30s4-libnet: Add mem_ctx to libnet_rpc_groupadd calls (bug #8889)Andrew Bartlett2-4/+5
2012-04-30s4-libnet: Add mem_ctx to libnet_rpc_usermod calls (bug #8889)Andrew Bartlett2-3/+4
2012-04-30s4-libnet: Add mem_ctx to libnet_rpc_userdel calls (bug #8889)Andrew Bartlett2-4/+5
2012-04-30s4-libnet: Add mem_ctx to libnet_rpc_useradd calls (bug #8889)Andrew Bartlett3-5/+6
2012-04-30s4-libnet: Add mem_ctx to libnet_rpc_groupinfo calls (bug #8889)Andrew Bartlett2-5/+6
2012-04-30s4-libnet: Add mem_ctx to libnet_DomainClose calls (bug #8889)Andrew Bartlett1-5/+8
2012-04-30s4-libnet: Add mem_ctx to libnet_DomainOpen calls (bug #8889)Andrew Bartlett5-20/+25
2012-04-30s4-libnet: Add mem_ctx to libnet_Lookup calls (bug #8889)Andrew Bartlett1-4/+6
2012-04-30s4-messaging: Fill in the whole server_id in all use casesAndrew Bartlett2-1/+9
This started per https://bugzilla.samba.org/show_bug.cgi?id=8872#c4 and avoids any possible collision with a different process. We also need to ensure that across a Samba installation on a single node that id.vnn is the same. Samba4 previously used 0, while Samba3 used NONCLUSTER_VNN. When a message is sent between these 'different' nodes, the error NT_STATUS_INVALID_DEVICE_REQUEST is raised. Andrew Bartlett
2012-04-30s4-torture: convert samba3misc tests to use torture_failure and torture_assertAndrew Bartlett1-148/+105
This helps us when these tests fail, as subunit-formatted failures can be declared as knownfail entries, and show up correctly in the make test output. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Mon Apr 30 08:34:52 CEST 2012 on sn-devel-104
2012-04-30s4-torture: move samba3 tests to use torture helper functionsAndrew Bartlett1-33/+4
2012-04-30s4-torture: Move various samba3 tests to the torture_suite_add_1smb_test wrapperAndrew Bartlett3-63/+14
2012-04-30s4:samldb LDB module - implement "fSMORoleOwner" attribute protectionMatthias Dieter Wallnöfer2-0/+153
This is a very essential attribute since it references to various domain master roles (PDC emulator, schema...) depending on which entry it has been set. Incautious modifications can cause severe problems. Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Mon Apr 30 02:04:24 CEST 2012 on sn-devel-104
2012-04-29s4:dsdb/common/util.c - samdb_is_pdc() - fail if the "fSMORoleOwner" ↵Matthias Dieter Wallnöfer1-1/+5
attribute has not been set
2012-04-29Add some debug for FOOBAR return case as they are hard to diagnoseMatthieu Patou2-2/+8
Autobuild-User: Matthieu Patou <mat@samba.org> Autobuild-Date: Sun Apr 29 09:08:15 CEST 2012 on sn-devel-104
2012-04-29dsdb: more RELAX to DBCHECK control shift so that only dbcheck can do ↵Matthieu Patou1-2/+2
uncontrolled changes
2012-04-29dsdb: change control from relax to dbcheckMatthieu Patou1-1/+1
Comment indicate that this is needed by dbcheck only and it permits other projects to push broken schema and remain undetected