summaryrefslogtreecommitdiff
path: root/source4
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r7686: Check for a type of invalid account name.Andrew Bartlett1-0/+1
Andrew Bartlett (This used to be commit 7520879bb08d191f0ab97508f14f525886b1b48b)
2007-10-10r7685: Simply the test for session key logic, so we pass against NT4.Andrew Bartlett2-34/+191
Now, to try and figure out why this logic failed for jra... Andrew Bartlett (This used to be commit a32066a9ecf7cd82f66eb8381e07d014f5ac5eff)
2007-10-10r7684: Add a test aimed at checking we have agreement between client andAndrew Bartlett5-0/+87
server as to the CIFS session key. JRA had pain with this being wrong against NT4 (without spnego), hence this specific test. Andrew Bartlett (This used to be commit 47f433708ba38db9bf569567cc048e65f2786ebe)
2007-10-10r7683: The other file from the last commit. And it's ↵Andrew Bartlett1-1/+107
include/system/kerberos.h that I'm putting the #defines in... Andrew Bartlett (This used to be commit 31f7ec38e63fc86ad7c756de47414152d2809c8f)
2007-10-10r7682: Move the properties of our heimdal build from heimdal_build/config.hAndrew Bartlett1-108/+0
(which gets included by heimdal, or shoudl be) into auth/kerberos/kerberos.h (which is used by Samba, but not by the Heimdal code). Andrew Barteltt (This used to be commit 3f473a93778b1350df3f7aac07b64008988a059d)
2007-10-10r7681: This #define is unused.Andrew Bartlett1-1/+0
Andrew Bartlett (This used to be commit 2a22f413c9704dbfc3befb819d4183523f75d393)
2007-10-10r7680: Move to using our own private enum for the principal type inside theAndrew Bartlett1-30/+40
hdb-ldb module. This removes the need for the KRBTGT case to exist in the broader heimdal code. Andrew Bartlett (This used to be commit fb83465dbccae8af5eb26f735e60f3f40e944446)
2007-10-10r7679: update the documentation of security_description_create()Stefan Metzmacher1-2/+5
metze (This used to be commit 6ad7ffab043c3b510f4dff052973a054e5a75779)
2007-10-10r7678: fixed typoAndrew Tridgell1-1/+1
(This used to be commit df29f25140192b64b55012d0a3c36095fbbfb82d)
2007-10-10r7677: fixed ldap server to honor 'private path'Andrew Tridgell1-1/+1
(This used to be commit f6abed5660ad8f7298eb2aebbaa25a8c355861a6)
2007-10-10r7676: Make VUID and TID choice random, as this gives us protection againstAndrew Bartlett2-2/+2
replay attacks under SMB signing, where the session key is a fixed derivitive of the user's password. This removes the VID offset, but I'm not worried about random client bytes mattering here, given the space (and the fact that it applies to very, very old clients). Andrew Bartlett (This used to be commit eb1d37c5a91a6bc4515469e1ae026d28c12d7149)
2007-10-10r7675: Use correct memory context for anonymous session setup auth contextAndrew Bartlett2-2/+23
(no need for it to hang around forever). Add test for this behaviour. Andrew Bartlett (This used to be commit 36dc2491d778fbbff32c4abdf95faa9f83024e12)
2007-10-10r7674: Fix the printf() attribute suggestion by correctly prototyping, thenAndrew Bartlett1-1/+3
declaring the static function. The attribute only works on the prototype, not the function. Andrew Bartlett (This used to be commit 4c254754d25e5aa8b203d2d67a39895ffef3f393)
2007-10-10r7673: With current Heimdal we don't need this (correct) fix.Andrew Bartlett1-1/+1
This will however still be useful when we have crypt() based authentication. Andrew Bartlett (This used to be commit 005e2c0cfed11010685ebc3f3a69cf9f484c958a)
2007-10-10r7672: this should fix the crypt dependency problem (I hope!)Andrew Tridgell2-4/+4
(This used to be commit 3fe00b61147e09159ef02328a7f1d8f7805abf0d)
2007-10-10r7671: added ldap testing to the set of standard testsAndrew Tridgell2-10/+16
(This used to be commit dcdf44024aa93e7eca54247d9058904c6950fae7)
2007-10-10r7670: fixed rootDSE search in ldap serverAndrew Tridgell1-1/+1
(This used to be commit 0981a375cfa9d8d75b6c89613eadb9d14cf1064f)
2007-10-10r7669: removed ldap from our configure testsAndrew Tridgell3-18/+0
This takes our link dependencies from this: tridge@blu:~/samba/samba4/source$ ldd bin/ldbsearch libdl.so.2 => /lib/tls/libdl.so.2 (0xb7fc9000) libldap_r.so.2 => /usr/lib/libldap_r.so.2 (0xb7f92000) liblber.so.2 => /usr/local/lib/liblber.so.2 (0xb7f85000) libpam.so.0 => /lib/libpam.so.0 (0xb7f7d000) libc.so.6 => /lib/tls/libc.so.6 (0xb7e48000) /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0xb7fea000) libresolv.so.2 => /lib/tls/libresolv.so.2 (0xb7e36000) libcrypt.so.1 => /lib/tls/libcrypt.so.1 (0xb7e09000) libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0xb7df3000) libgnutls.so.11 => /usr/lib/libgnutls.so.11 (0xb7d8c000) libpthread.so.0 => /lib/tls/libpthread.so.0 (0xb7d7d000) libtasn1.so.2 => /usr/lib/libtasn1.so.2 (0xb7d6d000) libgcrypt.so.11 => /usr/lib/libgcrypt.so.11 (0xb7d20000) libgpg-error.so.0 => /usr/lib/libgpg-error.so.0 (0xb7d1c000) libz.so.1 => /usr/lib/libz.so.1 (0xb7d09000) libnsl.so.1 => /lib/tls/libnsl.so.1 (0xb7cf5000) to this: tridge@blu:~/samba/samba4/source$ ldd bin/ldbsearch libdl.so.2 => /lib/tls/libdl.so.2 (0xb7fc9000) libpam.so.0 => /lib/libpam.so.0 (0xb7fc0000) libc.so.6 => /lib/tls/libc.so.6 (0xb7e8b000) /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0xb7fea000) this finally gets rid of the implicit dependency on pthreads! Yay! (This used to be commit 844d2a20830a4666b6c38f6a58305be64b6b76fa)
2007-10-10r7668: - setup HAVE_ILDAP to enable the ildap backend in ldbAndrew Tridgell2-1/+5
- fixed a bug in socket_connect_ev() (This used to be commit 3f77b879a035929a843e02b798d54eba6625bde7)
2007-10-10r7667: added a ldb ildap backend, using our internal ldap client library. ↵Andrew Tridgell4-1/+421
Next step is to remove the check for the ldap libraries in configure (This used to be commit 74841dbb2a86bb1c584b5c26c4cd24a818a65a34)
2007-10-10r7666: fixed a memory leak in the ldap ldb backendAndrew Tridgell1-3/+2
(This used to be commit ac3f33c61555a2afa30fe446676013564982e257)
2007-10-10r7665: - added a ildap_*() interface to our internal ldap library. ThisAndrew Tridgell5-2/+241
interface is very similar to the traditional ldap interface, and will be used as part of a ldb backend based on the current ldb_ldap backend - fixed some allocation issues in ldb_msg.c (This used to be commit b34a29dcf26f68a2f47380a6c74a4095fdfd2fbe)
2007-10-10r7661: patch from tburdi1@uic.edu to fix autogen.sh on freebsdAndrew Tridgell1-2/+2
(This used to be commit ffe1b5e6f4cd8cc9ddd0ceda882ad76917ebd1d3)
2007-10-10r7660: improved error handling in socket_connect_ev() (it matters when nameAndrew Tridgell1-0/+3
resolution fails) (This used to be commit 4013c2ddea0cd03f875e2acf40d2a34344017d05)
2007-10-10r7659: fixup the ordering of socket destruction for ncacn_ip_tcp so we don't ↵Andrew Tridgell1-4/+3
try and remove an epoll descriptor for a closed fd (This used to be commit bec5e9f80a934e6472e8d227214a9baba4f15054)
2007-10-10r7658: don't timeout at the smb level for rpc requests as otherwise some rpcAndrew Tridgell1-0/+4
level sign/seal mechanisms can break (This used to be commit 9df569f023f9a1e0d8c35de8135a344933bc69bf)
2007-10-10r7657: test addone again after request timeout and destruction to ensure the ↵Andrew Tridgell1-3/+2
pipe is still OK (This used to be commit 9f7f70124fc67109bc9ace7a57490851341ad759)
2007-10-10r7656: added testing of rpc request timeouts and destructionAndrew Tridgell1-0/+62
(This used to be commit eddf41d5e4ca43073b96f96b96dbadf7b8b91df5)
2007-10-10r7655: test the evnt friendly socket_connect() in the LOCAL-SOCKET testAndrew Tridgell1-1/+3
(This used to be commit b9ed92d550f1b821c5402a516eb2dfc2c8d69f0a)
2007-10-10r7654: - add a timeout to all smb requests (default 60 seconds)Andrew Tridgell2-0/+50
- add a request destructor, to make it safe to destroy a pending request with talloc_free() (This used to be commit 72c6988767249caa585f37fec4c0afbf41557ec2)
2007-10-10r7653: when a dcerpc request times out, we need to ensure that if the serverAndrew Tridgell1-1/+11
does finally answer the request and it is on the smb transport that we don't die in the callback code as the rpc request state is gone. (This used to be commit d47477c5c3acbaa7242fa3a06d4095258db86297)
2007-10-10r7652: use event friendly connect in dcerpc socket codeAndrew Tridgell1-1/+1
(This used to be commit 154effd781c901abfcd8f89721c4a6d03c07b670)
2007-10-10r7651: Only convert SERVER requests to KRBTGT requests.Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit a948e743bbc691798e6a956b35d8e09cfc91f988)
2007-10-10r7650: fixed a typoAndrew Tridgell1-1/+1
(This used to be commit 331afee4ca5bc6a6f7e4fe3333846881424314fe)
2007-10-10r7646: - only allow modification of SPOOLSS_FORM_USER FromsStefan Metzmacher1-18/+52
- some minor fixes and comments metze (This used to be commit 87b1f9a2e027f4318a3104d13c091ca8ec5f16f4)
2007-10-10r7644: - remove some dublicate structures SetForm and AddForm uses the same ↵Stefan Metzmacher3-40/+241
struct - fix some typos in EnumPrintServerForms()/GetPrintServerForms() - add AddPrintServerForms()/SetPrintServerForms() and DeletePrintServerForms metze (This used to be commit 73906388421beebb34f2a00c9e0d1fc8b400a42a)
2007-10-10r7643: This patch adds a new NTPTR subsystem:Stefan Metzmacher13-669/+1839
- this is an abstraction layer for print services, like out NTVFS subsystem for file services - all protocol specific details are still in rpc_server/spoolss/ - like the stupid in and out Buffer handling - checking of the r->in.server_name - ... - this subsystem can have multiple implementation selected by the "ntptr providor" global-section parameter - I currently added a "simple_ldb" backend, that stores Printers, Forms, Ports, Monitors, ... in the spoolss.db, and does no real printing this backend is basicly for testing, how the spoolss protocol works - the interface is just a prototype and will be changed a bit the next days or weeks, till the simple_ldb backend can handle all calls that are used by normal w2k3/xp clients - I'll also make the api async, as the ntvfs api this will make things like the RemoteFindFirstPrinterChangeNotifyEx(), that opens a connection back to the client, easier to implement, as we should not block the whole smbd for that - the idea is to later implement a "unix" backend that works like the current samba3 code - and maybe some embedded print server vendors can write there own backend that can directly talk to a printer without having cups or something like this - the default settings are (it currently makes no sense to change them :-): ntptr providor = simple_ldb spoolss database = $private_dir/spoolss.db metze (This used to be commit 455b5536d41bc31ebef8290812f45d4a38afa8e9)
2007-10-10r7642: - test NULL server_name in GetPrinterDriverDirectory() too, (same ↵Stefan Metzmacher1-2/+12
result as "") - test EnumForms() on the PrintServer (NT4 returns WERR_BADFID) (jerry: how do it get the lists of forms in the printserver gui) metze (This used to be commit fddfe1f04b3ae594e75d702aba4d17ee4d103b8e)
2007-10-10r7641: Fix based on work from "Shlomi Yaakobovich" <Shlomi@exanet.com> to catchJeremy Allison1-6/+7
loops in corrupted tdb files. Jeremy. (This used to be commit f9f3037d6855259edd56fd5a23d63dbb37f0a751)
2007-10-10r7638: krb5_closelog in heimdal-0.7 not longer leaks memory, so remove that ↵Love Hörnquist Åstrand1-4/+0
comment (This used to be commit 3aa80b8e585a0acc57d4b7738dcccfba232948ca)
2007-10-10r7637: Another useful Heimdal feature we need.Andrew Bartlett1-0/+5
Andrew Bartlett (This used to be commit 57ddedc954f49fd370225494758326fcbd0bb500)
2007-10-10r7635: change the license of this file to lgpl like the rest of ldbSimo Sorce1-14/+30
(This used to be commit 8735188b46d4bb6c3d63d22a8c6f3fad2c82df89)
2007-10-10r7634: move TestSleep functions so that all of them are togetherStefan Metzmacher1-22/+22
metze (This used to be commit 520d5c67329e957121e3b71c1ffc0be3893c2033)
2007-10-10r7633: this patch started as an attempt to make the dcerpc code use a givenAndrew Tridgell65-160/+221
event_context for the socket_connect() call, so that when things that use dcerpc are running alongside anything else it doesn't block the whole process during a connect. Then of course I needed to change any code that created a dcerpc connection (such as the auth code) to also take an event context, and anything that called that and so on .... thus the size of the patch. There were 3 places where I punted: - abartlet wanted me to add a gensec_set_event_context() call instead of adding it to the gensec init calls. Andrew, my apologies for not doing this. I didn't do it as adding a new parameter allowed me to catch all the callers with the compiler. Now that its done, we could go back and use gensec_set_event_context() - the ejs code calls auth initialisation, which means it should pass in the event context from the web server. I punted on that. Needs fixing. - I used a NULL event context in dcom_get_pipe(). This is equivalent to what we did already, but should be fixed to use a callers event context. Jelmer, can you think of a clean way to do that? I also cleaned up a couple of things: - libnet_context_destroy() makes no sense. I removed it. - removed some unused vars in various places (This used to be commit 3a3025485bdb8f600ab528c0b4b4eef0c65e3fc9)
2007-10-10r7631: - remove unused function, as the disgn of samba4 doesn't allow the ↵Stefan Metzmacher1-39/+2
old style auto homedir share stuff - add TODO: for checking the password on share mode security metze (This used to be commit d9a0c61801f19e55a41c573ea96565946314ecb3)
2007-10-10r7630: Unused variable.Tim Potter1-1/+0
(This used to be commit 0c1f54461cea633dbacb9692925b8c971a34a831)
2007-10-10r7629: Unused labels.Tim Potter1-2/+0
(This used to be commit c01c176da640c012e1e6c9f0553b5075ef0e93bf)
2007-10-10r7628: Unused variables.Tim Potter1-4/+0
(This used to be commit b2529307aaf1e47ce74632b4e516494ac71fe8d1)
2007-10-10r7627: Fix warning in unused (?) function.Tim Potter1-1/+1
(This used to be commit a4d05988637b4e607c3cdad83bfb1e9cf923b7f0)
2007-10-10r7626: a new ldap client library. Main features are:Andrew Tridgell16-1099/+947
- hooked into events system, so requests can be truly async and won't interfere with other processing happening at the same time - uses NTSTATUS codes for errors (previously errors were mostly ignored). In a similar fashion to the DOS error handling, I have reserved a range of the NTSTATUS code 32 bit space for LDAP error codes, so a function can return a LDAP error code in a NTSTATUS - much cleaner packet handling (This used to be commit 2e3c660b2fc20e046d82bf1cc296422b6e7dfad0)