summaryrefslogtreecommitdiff
path: root/source4
AgeCommit message (Collapse)AuthorFilesLines
2012-05-24s4-provision: Make s3fs the default way to install a new Samba4 DCAndrew Bartlett1-2/+2
With s3fs now well settled into master, we now throw the swtich and make it the default. There is still much to do, but we need to be using s3fs by default to find out exactly what that is. Andrew Bartlett
2012-05-24dlz_bind9: Make the talloc destructor static and return 0.Amitay Isaacs1-1/+2
Autobuild-User: Amitay Isaacs <amitay@samba.org> Autobuild-Date: Thu May 24 03:32:50 CEST 2012 on sn-devel-104
2012-05-24dlz_bind9: Fix the named crash on reloading namedAmitay Isaacs1-1/+17
When reloading zones, named first creates new zone instance and then shuts down the old instance. Since ldb layer, keeps the same LDB open, talloc_free() on samdb handle, causes talloc "access after use" error. This patch keeps only single context (dlz_bind9_data) and uses reference counting to decide when to actually free the context. Since samdb handle is reused, use talloc_unlink() instead of talloc_free() on samdb handle.
2012-05-23gse: Use the smb_gss_oid_equal wrapper.Andreas Schneider2-2/+5
Signed-off-by: Andreas Schneider <asn@samba.org>
2012-05-23libcli/dns: make 'clidns' private library out of DNS code in WAF buildAlexander Bokovoy1-1/+1
After consolidating DNS resolver code to lib/addns, there is one piece that still needs to be moved into a common DNS resolver library: DNS_HOSTS_FILE subsystem. Unfortunately, direct move would require lib/addns to depend on libcli/util/{ntstatus.h,werror.h} (provided by errors subsystem). In addition, moving libcli/dns/* code to lib/addns/ would make conflicting the dns_tkey_record struct. The conflict comes from source4/dns_server/ and is due to use of IDL to define the struct. lib/addns/ library also provides its own definition so we either need to keep them in sync (rewrite code in lib/addns/ a bit) or depend on generated IDL headers. Thus, making a private library and subsystem clidns is an intermediate step that allows to buy some time fore refactoring.
2012-05-23Introduce system MIT krb5 build with --with-system-mitkrb5 option.Alexander Bokovoy29-434/+511
System MIT krb5 build also enabled by specifying --without-ad-dc When --with-system-mitkrb5 (or --withou-ad-dc) option is passed to top level configure in WAF build we are trying to detect and use system-wide MIT krb5 libraries. As result, Samba 4 DC functionality will be disabled due to the fact that it is currently impossible to implement embedded KDC server with MIT krb5. Thus, --with-system-mitkrb5/--without-ad-dc build will only produce * Samba 4 client libraries and their Python bindings * Samba 3 server (smbd, nmbd, winbindd from source3/) * Samba 3 client libraries In addition, Samba 4 DC server-specific tests will not be compiled into smbtorture. This in particular affects spoolss_win, spoolss_notify, and remote_pac rpc tests.
2012-05-23s4: samba-tool is usable without export-keytab command, make sure it does ↵Alexander Bokovoy1-19/+22
not break When export_keytab is not compiled in (pure client-side Samba 4 build as with system MIT krb5), export-keytab command of samba-tool will not be available. Make sure it is not provided but its absence does not break the Python tool.
2012-05-23dns: fix comments and make s4/libcli/resolve dns resolver workingAlexander Bokovoy1-1/+1
After migrating to use libaddns, reply_to_addrs() needed to change the way answers are iterated through. Originally libroken implementation gave all answers as separate records with last one being explicitly NULL. libaddns unmarshalling code gives all non-NULL answers and should be iterated with explicit reply->num_answers in use.
2012-05-23gensec_gssapi: Make it possible to build with MIT krb5Simo Sorce2-11/+21
We need to ifdef out some minor things here because there is no available API to set these options in MIT. The realm and canonicalize options should be not interesting in the client case. Same for the send_to_kdc hacks. Also the OLD DES3 enctype is not at all interesting. I am not aware that Windows will ever use DES3 and no modern implementation relies on that enctype anymore as it has been fully deprecated long ago, so we can simply ignore it.
2012-05-23auth and s4-rpc_server: Do not use features we currently can't implement ↵Simo Sorce1-0/+6
with MIT Kerbros build
2012-05-23s4-resolve: Remove dependency on librokenSimo Sorce2-198/+153
Use available native samba resolver functions
2012-05-19s4-dsdb: allow modification of some deleted object if the show-deleted ↵Matthieu Patou1-4/+9
control is presented Autobuild-User: Matthieu Patou <mat@samba.org> Autobuild-Date: Sat May 19 20:28:01 CEST 2012 on sn-devel-104
2012-05-19s4-dsdb: naming context needs to have the extended-dn syntax tooMatthieu Patou1-0/+1
2012-05-18s4:torture: Add raw.session.reauth2 testVolker Lendecke1-0/+142
Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Fri May 18 18:25:42 CEST 2012 on sn-devel-104
2012-05-18s4:torture: rename raw.session.reauth => raw.session.reauth1Stefan Metzmacher1-3/+3
metze
2012-05-18s4-torture: Improve torture test boilerplate, use torture_assert()Andrew Bartlett18-279/+93
This ensures that if this fails, it is reported as a subunit error correctly. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Fri May 18 09:35:13 CEST 2012 on sn-devel-104
2012-05-18s4-torture: Always use torture_assert() to handle failuresAndrew Bartlett1-9/+6
2012-05-18s4-torture: provide correct torture failures for failure to connectAndrew Bartlett1-11/+9
2012-05-18s4-torture: Fix rpc.samr.priv test to use torture_assert() macrosAndrew Bartlett1-51/+16
2012-05-18pygensec: Fix init of variable if not specified.Jelmer Vernooij1-1/+1
Thanks to Wolfgang Sourdeau for reporting this. Bug: https://bugzilla.samba.org/show_bug.cgi?id=8946 Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Fri May 18 04:50:17 CEST 2012 on sn-devel-104
2012-05-17s4:torture: add smb2.session.expire1Stefan Metzmacher1-1/+116
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Thu May 17 21:53:11 CEST 2012 on sn-devel-104
2012-05-17s4:torture: add smb2.session.reconnect2 testStefan Metzmacher1-0/+64
This uses just one transport connection and demonstrates the implicit logoff of the previous session. metze
2012-05-17s4:torture: rename smb2.session.reconnect to smb2.session.reconnect1Stefan Metzmacher1-2/+2
metze
2012-05-17s4:torture: remove unused vars in smb2.session.reauth*Stefan Metzmacher1-2/+2
metze
2012-05-17s4:auth/gensec_gssapi: add "gensec_gssapi:requested_life_time" optionStefan Metzmacher1-1/+6
metze
2012-05-17s4:auth/gensec: implement gensec_gssapi_expire_time()Stefan Metzmacher1-0/+13
metze
2012-05-17s4:auth/gensec_gssapi: add missing 'break' statementsStefan Metzmacher1-0/+2
metze
2012-05-17s4:auth/gensec_gssapi: remember the expire timeStefan Metzmacher2-2/+9
metze
2012-05-15s4:ntvfs/smb2: remove misleading comment regarding security=serverStefan Metzmacher1-1/+0
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Tue May 15 10:12:53 CEST 2012 on sn-devel-104
2012-05-15s4:ntvfs/cifs: remove misleading comment regarding security=serverStefan Metzmacher1-1/+0
metze
2012-05-15s4:auth: remove unused auth_server.cStefan Metzmacher2-245/+0
metze
2012-05-15s4:param/tests: remove "security=server" testStefan Metzmacher1-10/+0
metze
2012-05-15samba-upgradedns: Use the correct magic incantation of sys.path.insert()Amitay Isaacs1-1/+1
This replaces "bin/python" with the correct path for python libraries. The pattern requires double quotes (") instead of single quotes ('). Autobuild-User: Amitay Isaacs <amitay@samba.org> Autobuild-Date: Tue May 15 05:19:46 CEST 2012 on sn-devel-104
2012-05-14s4:lib/events: no longer define TEVENT_COMPAT_DEFINESStefan Metzmacher1-3/+0
metze
2012-05-14s4:lib/events: remove unused event_context_find() prototypeStefan Metzmacher1-1/+0
metze
2012-05-14move the dbwrap library to the top levelMichael Adam1-3/+3
Autobuild-User: Michael Adam <obnox@samba.org> Autobuild-Date: Mon May 14 04:04:55 CEST 2012 on sn-devel-104
2012-05-11s4:lib: remove unused wscript_build fileMichael Adam1-7/+0
This only contains a "GENCACHE" subsystem that is not referenced anywhere.
2012-05-10When listing group members allow fallback to cn attribute when ↵Lukasz Zalewski1-2/+5
samAccountName is not available
2012-05-09s4:smb_server/smb: only create a new session with vuid == 0Stefan Metzmacher3-9/+17
metze
2012-05-09s4:torture/raw/context: test a session setup with a given invalid vuidStefan Metzmacher1-17/+29
On a session setup with EXTENDED_SECURITY we'll get ERRSRV:ERRbaduid, while a session setup without EXTENDED_SECURITY ignores the given vuid. Before this test was doing a reauth of a given vuid, which works for newer Windows versions, but Windows 2000 gives INVALID_PARAMETER. metze
2012-05-08s4:libcli:raw: fix a comment typo in smb_setfileinfo()Michael Adam1-1/+1
Autobuild-User: Michael Adam <obnox@samba.org> Autobuild-Date: Tue May 8 20:45:16 CEST 2012 on sn-devel-104
2012-05-08s4:torture: add a new smb2.session.reauth5 test: rename after reauth to anon ↵Michael Adam1-0/+228
- fails
2012-05-08s4:torture: add a new smb2.session.reauth4 test: setting security descriptor ↵Michael Adam1-0/+122
after reauth to anon - works
2012-05-08s4 dns: unify error handling when bailing outKai Blin1-12/+11
Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Tue May 8 15:48:25 CEST 2012 on sn-devel-104
2012-05-08krb5samba: Add smb_krb5_make_pac_checksum.Andreas Schneider1-0/+1
Signed-off-by: Simo Sorce <idra@samba.org> Autobuild-User: Simo Sorce <idra@samba.org> Autobuild-Date: Tue May 8 08:30:52 CEST 2012 on sn-devel-104
2012-05-08s4-auth: Use smb_krb5_make_pac_checksum.Andreas Schneider1-54/+24
Signed-off-by: Simo Sorce <idra@samba.org>
2012-05-08krb5samba: Add krb5_free_checksum_contents wrapperSimo Sorce1-0/+1
2012-05-08s4-provision Ensure we have posix ACLs before we permit a s3fs-based Samba4 ↵Andrew Bartlett1-0/+14
to be configured
2012-05-08s4:torture/raw/context: add subtests as torture testcasesStefan Metzmacher1-46/+20
TODO: add test_session with 'use spnego = false'. We need a way to do set an option just for one test case. Note: the 'use spnego = false' was ignored before as it's only used on the first session setup on a connection. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Tue May 8 04:50:39 CEST 2012 on sn-devel-104
2012-05-08s4:torture/raw/context: INVALID_PARAMETER vs. LOGON_FAILURE...Stefan Metzmacher1-1/+7
If the try a session setup without EXTENDED_SECURITY after one with EXTENDED_SECURITY Windows 2008 R2 returns INVALID_PARAMETER, while Windows 2000 sp4 returns LOGON_FAILURE... metze