summaryrefslogtreecommitdiff
path: root/source4
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r8051: separate out the MAX EAs test, as it fills disk too much to be run ↵Andrew Tridgell2-2/+30
regularly (This used to be commit dac526845ea89ba732300105b3f82210b0828102)
2007-10-10r8050: - make use of more [value()] propertiesStefan Metzmacher4-23/+17
- the out subcontext's need to have a fixed size of r->in.offered, to make windows clients happy metze (This used to be commit 054e1ca434b2f81de199eeb41cb6233524fc5779)
2007-10-10r8049: add function that returns the build version (of w2k3 here 3790)Stefan Metzmacher1-0/+6
metze (This used to be commit 81abbdaeb180a1618e34ab56275f6eeacfcc99ce)
2007-10-10r8046: - add somemore failure checks in the RPC-SPOOLSS testStefan Metzmacher5-79/+121
- test AddForm on the PrintServer object - GetForm() isn't allowed on the PrintServer object so remove NTPTR function for it - accept the dns name as servername in the spoolss server metze (This used to be commit d8c308a4653d59514915021607fe55c5f2b38749)
2007-10-10r8045: fix valgrind warning, add zero padding when the string doesn't fill ↵Stefan Metzmacher1-1/+5
the full FIXLEN metze (This used to be commit d8175b01db69436d8af64b97d7b7beca4ba4b552)
2007-10-10r8044: give a better error codeStefan Metzmacher1-3/+3
metze (This used to be commit fdbf822f1c90cba110d91720ea586ceef9de38b2)
2007-10-10r8043: increase shell compatibility of ldb testsAndrew Tridgell1-1/+1
(This used to be commit 60863b6faf7f78566052491340607cbb4b3f2e72)
2007-10-10r8042: give better error messageStefan Metzmacher1-1/+1
metze (This used to be commit 70118e9529aaf7af9129df7cb3a6749598b17568)
2007-10-10r8041: remove a mis-spelled debug message :-)Andrew Tridgell1-1/+0
(This used to be commit 912fa269d293b3b55fc5fa65f9532614fe2e202d)
2007-10-10r8040: run ldb test suite as part of samba 'make test'Andrew Tridgell1-1/+3
(This used to be commit 3671459d9a4b4409904adff57548dd35da6afd42)
2007-10-10r8039: allow ldb test suite to be run outside of the ldb directoryAndrew Tridgell4-33/+41
(This used to be commit f3e3b2ccd93b87c1c240cf7e44106389b089b526)
2007-10-10r8038: - fixed indexing on binary values that need base64 encoding and ↵Andrew Tridgell2-3/+24
canonicalisation - added support for recognising the S- form of objectsid in search expressions. I thought this could be done with just a comparison modified comparison function, but it turns out it also needs a canonicalisation function so that indexing can work (This used to be commit 7d2bee2c5619f284375ecbed14371c5e8639ed1c)
2007-10-10r8037: a fairly major update to the internals of ldb. Changes are:Andrew Tridgell19-684/+1368
- moved the knowledge of attribute types out of ldb_tdb and into the generic ldb code. This allows the ldb_match() message match logic to be generic, so it can be used by other backend - added the generic ability to load attribute handlers, for canonicalisation, compare, ldif read and ldif write. In the future this will be used by the schema module to allow us to correctly obey the attributetype schema elements - added attribute handlers for some of the core ldap attribute types, Integer, DirectoryString, DN, ObjectClass etc - added automatic registration of attribute handlers for well-known attribute names 'cn', 'dc', 'dn', 'ou' and 'objectClass' - converted the objectSid special handlers for Samba to the new system - added more correct handling of indexing in tdb backend based on the attribute canonicalisation function - added generic support for subclasses, moving it out of the tdb backend. This will be used in future by the schema module - fixed several bugs in the dn_explode code. It still needs more work, but doesn't corrupt ldb dbs any more. (This used to be commit 944c5844ab441b96d8e5d7b2d151982139d1fab9)
2007-10-10r8036: revert rev 8023/8024 as they have a bugs.Stefan Metzmacher3-81/+71
metze (This used to be commit 66d6b1d5783cba98f2f8e1c8eed1bdc26a5bad4f)
2007-10-10r8035: added indexing tests. current ldb fails the integer indexing, will be ↵Andrew Tridgell1-4/+24
fixed shortly (This used to be commit a9c32445035a09978c5fdbc189a2767e7650dfc2)
2007-10-10r8033: - add easier valgrind testingAndrew Tridgell1-11/+25
- add tests for the @SUBCLASSES ltdb special (This used to be commit ad6e62fdcf0432fcf4d41edb1727cbba1b7528b7)
2007-10-10r8032: added loop detection into talloc. Robert Collins found a way to make aAndrew Tridgell2-16/+67
memory loop with talloc_unlink(), so now we detect it and handle it (This used to be commit 563058e78b8c74e821fabf6a43fa861c1ad09944)
2007-10-10r8028: fix a crash bug in ulogoff, when the tree_connect failed beforeStefan Metzmacher1-0/+4
metze (This used to be commit a2e34475d723eb74fc58b9afa9f4a863b1277b0d)
2007-10-10r8024: avoid one memcpy in the ipc_trans dcesrv_output() callbackStefan Metzmacher1-30/+41
we now can reference the DATA_BLOB that is used inside the dcesrv subsystem metze (This used to be commit 078f42bc3f74c66b69c7f76005812b221d691f7a)
2007-10-10r8023: use a pointer to a DATA_BLOB for each reply,Stefan Metzmacher2-41/+40
that will allow the write_fn callback of dcesrv_output() to reference the memory with a valid TALLOC pointer metze (This used to be commit d0574d407f426f5c001e943dee5c03d24f4fb21c)
2007-10-10r8021: we only need to return STATUS_BUFFER_OVERFLOW for the ipc_trans repliesStefan Metzmacher3-48/+44
and not for the ipc_read() replies as here the client explicit says how much data it wants the write_fn() in dcesrv_output() now returns NTSTATUS and the ipc specific implementations are moved to the ntvfs_ipc module metze (This used to be commit fe483dcd874b7243d61e9623840c672b4ea06b2c)
2007-10-10r8020: - add --with-selftest-prefix option that specify the prefix used in ↵Stefan Metzmacher3-8/+30
make test - also we use ./prefix test as default and not `pwd`/prefix-test to workaround the path length limit for unix sockets ... char sun_path[108]; ... metze (This used to be commit d04057b932266325b1267597b2bc202db392a88a)
2007-10-10r8016: Get the keyblock arguments correct. (the context struct changed, butAndrew Bartlett1-2/+2
I forgot to update the users) Andrew Bartlett (This used to be commit 44b86b7e6570e31ab07ce12593fb8834325c52c8)
2007-10-10r8013: Remember to add the header containing the prototype for the pacAndrew Bartlett2-0/+8
generating function... Andrew Bartlett (This used to be commit 707cf5fba8e5652043d392d3ee77d042eb9c3a90)
2007-10-10r8012: Add UUID for NDR64 transfer syntax.Jelmer Vernooij1-0/+3
(This used to be commit 6a3f62222285fa091968bb025edfe21fcf5dfb86)
2007-10-10r8011: arrgh, commit the right version this timeAndrew Tridgell1-5/+4
(This used to be commit 5efea40ea63b6951b3bd4362f1ae57f960fefecf)
2007-10-10r8010: added testing of wildcard attributesAndrew Tridgell1-0/+20
(This used to be commit 25d3872a6ebbc152a83695e667f5d08e69c8c8ea)
2007-10-10r8009: expanded the ldb test suite. It worried me that some changes I haveAndrew Tridgell2-1/+81
pending, which I know break lots of features, still passed our test suite! Now they don't. (This used to be commit 5801167c8dfc8a61bfeac396bca8ffd3d5270296)
2007-10-10r8006: I have seen w2k3 send multiple encoding syntaxes in rpc bindAndrew Tridgell1-1/+2
requests. This is a simple change to accept that, as long as the first one is NDR. (This used to be commit 330293ddff39266abb688c6292e59472ff47aebe)
2007-10-10r8005: escape '"' characters in ldap expressions. Makes scripting easier.Andrew Tridgell1-2/+2
(This used to be commit 2de986455c9b616132f06a69c2f135019da2bb8b)
2007-10-10r8004: added a maximum EAs size test from Kukks.Andrew Tridgell1-1/+228
(This used to be commit 426c4d08ac9191c02dcd604a21ea390b7d255a41)
2007-10-10r8003: ensure that we don't try to send a trans request with more than 64k ↵Andrew Tridgell1-0/+8
data or params (This used to be commit b4f2d17ace6a609ec87da103a89e36edee8903f9)
2007-10-10r8002: favor addresses on our local interfaces in NBT name resolution ifAndrew Tridgell2-1/+27
possible. This is needed because w2k3 will return bogus IPs in its name resolution replies when it has an unplugged network interface. (This used to be commit 2fafc230520fb5bbe9f763de94aaba87b56f5411)
2007-10-10r8001: Also fill in the krbtgt checksum, and make sure to put the rightAndrew Bartlett4-9/+30
checksum in the right place... Andrew Bartlett (This used to be commit 90d0f502da20add6784c883b2085cde519604933)
2007-10-10r7999: Fix lacking structure definition.Rafal Szczesniak1-0/+1
rafal (This used to be commit 6886aefe4c78e3e208eacb3c4b76f1189bd1352a)
2007-10-10r7993: Further work on the Krb5 PAC.Andrew Bartlett20-118/+426
We now generate the PAC, and can verifiy both our own PAC and the PAC from Win2k3. This commit adds the PAC generation code, spits out the code to get the information we need from the NETLOGON server back into a auth/ helper function, and adds a number of glue functions. In the process of building the PAC generation code, some hints in the Microsoft PAC specification shed light on other parts of the code, and the updates to samr.idl and netlogon.idl come from those hints. Also in this commit: The Heimdal build package has been split up, so as to only link the KDC with smbd, not the client utils. To enable the PAC to be veified with gensec_krb5 (which isn't quite dead yet), the keyblock has been passed back to the calling layer. Andrew Bartlett (This used to be commit e2015671c2f7501f832ff402873ffe6e53b89466)
2007-10-10r7991: I forgot to free the keyblock once we are done with it.Andrew Bartlett1-0/+1
Andrew Bartlett (This used to be commit a68e348375ab026385e7d5162ed8da8f2adbd84e)
2007-10-10r7989: Allow the use of hashed passwords in the kerberos client and server,Andrew Bartlett2-17/+137
and create the in-memory keytab with the correct kvno, if available. Andrew Bartlett (This used to be commit 7b7b2b038e25f3d767b5db7d6e41dd947fdde091)
2007-10-10r7988: Store the KVNO for the machine account, and set it up in the provision.Andrew Bartlett4-1/+25
Andrew Bartlett (This used to be commit 90e94a4630c24282cd93ee05e258877b38e24a57)
2007-10-10r7986: Fix the compile, thanks to HotaruT.Andrew Bartlett1-1/+1
This won't actually work until I get the keyblock filled in again, but at least it will compile. I first need to decide if we want to keep the server-side gensec_krb5 code at all, now we have the GSSAPI layer doing what we want. Andrew Bartlett (This used to be commit 28e49de9293002ee89f0666144c9028daefdde88)
2007-10-10r7980: Forgot to add kerberos_pac.c to this config.mk file.Andrew Bartlett1-0/+1
Andrew Bartlett (This used to be commit bba58a1876353effbef540dd0db9e66db5343c35)
2007-10-10r7979: Metze reminded me to try one more combination, and we can now verifyAndrew Bartlett1-32/+14
the 'PAC', required for interopability with Active Directory. This is still a cludge, as it doesn't handle different encryption types, but that should be fairly easy to fix (needs PIDL/IDL changes). Andrew Bartlett (This used to be commit 690cfc44cef9b349cc31417d8353b6ce1c7832e1)
2007-10-10r7978: A start again on PAC verification. I have noticed that the kerberosAndrew Bartlett3-52/+43
keys appear at the end of the PAC, which I feel is deliberate (it makes this much easier). I still can't make it work, but I'm sure we are closer. Andrew Bartlett (This used to be commit 6f0e1c80ae7b1e31e7a3fbff84f07442ee5a31cf)
2007-10-10r7977: split up 'make clean' a little more as it is overflowing the command ↵Andrew Tridgell1-2/+6
line size limits on some platforms (This used to be commit e18dc32074fe56d7ccbcf9cc621a4b88abe957b1)
2007-10-10r7971: structs.h updateAndrew Bartlett1-4/+3
(This used to be commit 31e7df1392f39e170e3d072b8356e746208d0621)
2007-10-10r7970: This SMB signing code (merged from 3.0) turned out to be bogus.Andrew Bartlett1-8/+0
Andrew Bartlett (This used to be commit 817160ec1a85724c8bf482f128ea687396de0888)
2007-10-10r7969: It seems reasonable that our tickets be marked renewable, in theAndrew Bartlett1-0/+2
absense of an apparent AD flag to control this behaviour. Andrew Bartlett (This used to be commit 9886aa6f0e64cdb30774bfba3f2c683a3dbec9c4)
2007-10-10r7968: Pull the PAC from within GSSAPI, rather than only when using our ownAndrew Bartlett6-216/+278
'mock GSSAPI'. Many thanks to Luke Howard for the work he has done on Heimdal for XAD, to provide the right API hooks in GSSAPI. Next step is to verify the signatures, and to build the PAC for the KDC end. Andrew Bartlett (This used to be commit 2e82743c98e563e97c5a215d09efa0121854d0f7)
2007-10-10r7967: We don't have the ms_krb5 stuff any more.Andrew Bartlett1-1/+0
Andrew Bartlett (This used to be commit 56a5ccd7d924343609698b034b91b4891fb3f08a)
2007-10-10r7966: We need a better way to do this, but enable the KDC by default, if weAndrew Bartlett1-0/+4
have kerberos. Andrew Bartlett (This used to be commit 3d82b1417b9f2e31089cb8ee7e4f98bd226f2e75)