Simo Sorce [Thu, 23 Nov 2006 22:30:46 +0000 (22:30 +0000)]
r19871: simplify more
Simo Sorce [Thu, 23 Nov 2006 22:11:47 +0000 (22:11 +0000)]
r19870: Simplify code
Simo Sorce [Thu, 23 Nov 2006 22:06:07 +0000 (22:06 +0000)]
r19869: fix memleaks
Jelmer Vernooij [Thu, 23 Nov 2006 20:59:09 +0000 (20:59 +0000)]
r19868: Fix more tests.
Jelmer Vernooij [Thu, 23 Nov 2006 18:26:55 +0000 (18:26 +0000)]
r19866: Fix test compilation.
Jelmer Vernooij [Thu, 23 Nov 2006 18:03:11 +0000 (18:03 +0000)]
r19863: Create -uninstalled.pc files. This should reenable compilation and running
of the pidl testsuite as part of the testsuite.
Jelmer Vernooij [Thu, 23 Nov 2006 17:50:47 +0000 (17:50 +0000)]
r19862: Fix list concatenation
Jelmer Vernooij [Thu, 23 Nov 2006 17:27:04 +0000 (17:27 +0000)]
r19861: Add simple pkg-config replacement.
Jelmer Vernooij [Thu, 23 Nov 2006 16:02:20 +0000 (16:02 +0000)]
r19859: Reuse referrent ids when pushing full pointers (still need to
avoid pushing the referred object twice) and add test for full pointers.
Jelmer Vernooij [Thu, 23 Nov 2006 13:48:01 +0000 (13:48 +0000)]
r19856: Use sptr as basis for full ptr implementation. Will add checks for duplicates later.
Stefan Metzmacher [Thu, 23 Nov 2006 13:12:47 +0000 (13:12 +0000)]
r19855: toplevel pointers are 'ref' by default:
- we don't need to add 'ref' explicit
- we some toplevel pointers need to be 'ptr' ('sptr' for now) pointers
metze
Stefan Metzmacher [Thu, 23 Nov 2006 13:11:08 +0000 (13:11 +0000)]
r19854: readd support for 'sptr' pointers, to work against windows servers
until jelmer commits his 'ptr' support
metze
Jelmer Vernooij [Thu, 23 Nov 2006 00:34:31 +0000 (00:34 +0000)]
r19850: Fix IDL warnings.
Stefan Metzmacher [Wed, 22 Nov 2006 18:40:27 +0000 (18:40 +0000)]
r19847: add idl for DsRemoveDSServer(), this is used when a server unbecomes a DC
metze
Jelmer Vernooij [Wed, 22 Nov 2006 18:06:08 +0000 (18:06 +0000)]
r19846: Fix bunch of IDL warnings.
Jelmer Vernooij [Wed, 22 Nov 2006 17:13:19 +0000 (17:13 +0000)]
r19845: Add warning for pointer_default_top()
Jelmer Vernooij [Wed, 22 Nov 2006 16:55:21 +0000 (16:55 +0000)]
r19844: Fix warnings and errors in epmapper IDL.
Jelmer Vernooij [Wed, 22 Nov 2006 16:54:45 +0000 (16:54 +0000)]
r19843: Fix warning.
Jelmer Vernooij [Wed, 22 Nov 2006 16:53:30 +0000 (16:53 +0000)]
r19842: Complain about unknown pointer types.
Fallback to "unique" when "ptr" is specified instead of failing.
Jelmer Vernooij [Wed, 22 Nov 2006 14:56:40 +0000 (14:56 +0000)]
r19836: Fix warnings in some IDL files.
Jelmer Vernooij [Wed, 22 Nov 2006 13:59:14 +0000 (13:59 +0000)]
r19834: Prevent some inaccurate warnings.
Simo Sorce [Wed, 22 Nov 2006 02:05:19 +0000 (02:05 +0000)]
r19832: better prototypes for the linearization functions:
- ldb_dn_get_linearized
returns a const string
- ldb_dn_alloc_linearized
allocs astring with the linearized dn
Simo Sorce [Wed, 22 Nov 2006 00:59:34 +0000 (00:59 +0000)]
r19831: Big ldb_dn optimization and interfaces enhancement patch
This patch changes a lot of the code in ldb_dn.c, and also
removes and add a number of manipulation functions around.
The aim is to avoid validating a dn if not necessary as the
validation code is necessarily slow. This is mainly to speed up
internal operations where input is not user generated and so we
can assume the DNs need no validation. The code is designed to
keep the data as a string if possible.
The code is not yet 100% perfect, but pass all the tests so far.
A memleak is certainly present, I'll work on that next.
Simo.
Jelmer Vernooij [Tue, 21 Nov 2006 23:21:08 +0000 (23:21 +0000)]
r19830: Warn about non-ref top-level pointers.
Jelmer Vernooij [Tue, 21 Nov 2006 23:15:57 +0000 (23:15 +0000)]
r19829: Update documentation.
Andrew Bartlett [Mon, 20 Nov 2006 20:58:00 +0000 (20:58 +0000)]
r19805: Add the (harmless, but apparently default)
NTLMSSP_NEGOTIATE_ALWAYS_SIGN flags into the default set.
Andrew Bartlett
Volker Lendecke [Sun, 19 Nov 2006 17:56:35 +0000 (17:56 +0000)]
r19790: Check in the PIDL change and the converted unixinfo and winbind pipes without
waiting for comments. This is what version control is for, and it does fix a
segfault I ran into ;-)
Nevertheless, Jelmer & Jerry, please take a look!
Thanks,
Volker
Andrew Bartlett [Fri, 17 Nov 2006 11:27:33 +0000 (11:27 +0000)]
r19761: This may need work, but here is an initial implementation of
DsWriteAccountSpn().
It passes the client toture test.
Andrew Bartlett
Andrew Bartlett [Fri, 17 Nov 2006 11:19:15 +0000 (11:19 +0000)]
r19760: Create a DC account for the drsuapi tests to work on, rather than
choosing an existing DC.
Allow to skip some tests under Samba4.
Andrew Bartlett
Andrew Bartlett [Fri, 17 Nov 2006 05:17:32 +0000 (05:17 +0000)]
r19759: Allow a join to occour against ncacn_ip_tcp again (useful for torture
tests). The issue is that Win2k3 SP1 will not answer many LSA
requests on that port (I think this is as a security measure).
In this case, we need to skip ahead in the composite functions.
We were also checking the wrong variable to determine sucess/failure
of the LsaOpenPolicy2.
Andrew Bartlett
Andrew Bartlett [Fri, 17 Nov 2006 01:21:13 +0000 (01:21 +0000)]
r19757: Don't do the strrchr twice. Pointed out by Martin Kuhl.
Andrew Bartlett
Rafal Szczesniak [Thu, 16 Nov 2006 23:40:35 +0000 (23:40 +0000)]
r19753: verify result of received request before sending the next one.
I don't know why I forgot this...
rafal
Jelmer Vernooij [Thu, 16 Nov 2006 22:13:44 +0000 (22:13 +0000)]
r19752: Remove support for the `depends' attribute (use "import") instead.
Jelmer Vernooij [Thu, 16 Nov 2006 22:11:32 +0000 (22:11 +0000)]
r19751: Add some tests for parsing the "include", "import" and "importlib" statements.
Stefan Metzmacher [Thu, 16 Nov 2006 11:15:02 +0000 (11:15 +0000)]
r19743: merge from samba3:
remove old unused schema module
metze
Stefan Metzmacher [Thu, 16 Nov 2006 11:11:30 +0000 (11:11 +0000)]
r19742: fix compiler warnings
metze
Stefan Metzmacher [Thu, 16 Nov 2006 11:05:37 +0000 (11:05 +0000)]
r19740: fix compiler warning
metze
Stefan Metzmacher [Thu, 16 Nov 2006 10:52:17 +0000 (10:52 +0000)]
r19738: tp3 is already released, so we have tp4-svn now
metze
Stefan Metzmacher [Thu, 16 Nov 2006 10:48:51 +0000 (10:48 +0000)]
r19737: - add some more CLDAP rootdse tests
- don't ignore CLDAP rootdse errors anymore
metze
Stefan Metzmacher [Thu, 16 Nov 2006 10:47:15 +0000 (10:47 +0000)]
r19736: handle rootdse call via CLDAP
metze
Stefan Metzmacher [Thu, 16 Nov 2006 10:42:07 +0000 (10:42 +0000)]
r19735: report the LDAP error code in the CLDAP replies to the caller
metze
Stefan Metzmacher [Thu, 16 Nov 2006 10:37:21 +0000 (10:37 +0000)]
r19734: display LDAP error code nicer
metze
Andrew Bartlett [Thu, 16 Nov 2006 09:55:58 +0000 (09:55 +0000)]
r19733: More work to fix ldb_map. With the wildcard present,
map_attr_find_local() always returns, which is exactly what we don't
want. Instead, rely on the overwrite behaviour.
Andrew Bartlett
Andrew Bartlett [Thu, 16 Nov 2006 09:34:19 +0000 (09:34 +0000)]
r19732: The 'res' from ldb_search is only valid if the call returns LDB_SUCCESS.
This seems to show up (as an abort() from talloc) particularly under
ldb_ildap.
Andrew Bartlett
Andrew Bartlett [Thu, 16 Nov 2006 09:16:17 +0000 (09:16 +0000)]
r19731: Modify the ldb_map infrustructure to always map from requested
attributes to backend (remote) attributes.
We can't do a reverse mapping safely where the remote attribute may be
a source for multiple local attributes. (We end up with the wrong
attributes returned).
In doing this, I've modified the samba3sam.js test to be more
realistic, and fixed some failures in the handling of primaryGroupID.
I've added a new (private) helper function ldb_msg_remove_element() to
avoid a double lookup of the element name.
I've also re-formatted many of the function headers, to fit into
standard editor widths.
Andrew Bartlett
Stefan Metzmacher [Wed, 15 Nov 2006 18:33:53 +0000 (18:33 +0000)]
r19729: - split basedn related tests to a new function
- and add some 'netlogon' attriubte related tests
metze
Stefan Metzmacher [Wed, 15 Nov 2006 18:14:37 +0000 (18:14 +0000)]
r19727: make it possible to run the ldap.js tests against non global catalog servers
metze
Stefan Metzmacher [Wed, 15 Nov 2006 17:35:24 +0000 (17:35 +0000)]
r19726: when a client explicit asks for the 'netlogon' attriubute on LDAP
the result entry is skipped!
metze
Stefan Metzmacher [Wed, 15 Nov 2006 17:08:45 +0000 (17:08 +0000)]
r19724: add a helper functions to return an CLDAP error
metze
Stefan Metzmacher [Wed, 15 Nov 2006 17:01:26 +0000 (17:01 +0000)]
r19723: don't use [,],(,) in test names to make the build-farm output happy
metze
Stefan Metzmacher [Wed, 15 Nov 2006 16:53:32 +0000 (16:53 +0000)]
r19722: fix memory leaks and hierachie bugs
metze
Stefan Metzmacher [Wed, 15 Nov 2006 16:36:14 +0000 (16:36 +0000)]
r19721: ldapsrv_SearchCallback isn't needed any more
ldb_search_default_callback does the same...
metze
Stefan Metzmacher [Wed, 15 Nov 2006 16:09:36 +0000 (16:09 +0000)]
r19720: - don't pass a pointer reference to ldb_search_default_callback()
as it's ugly when it free's the callers memory on failure!
- only steal the controls on a LDB_REPLY_EXTENDED, LDB_REPLY_DONE
and ignore them on LDB_REPLY_ENTRY, LDB_REPLY_REFERRAL as we currently
have not way to return them in a ldb_result (we should fix this!)
metze
Stefan Metzmacher [Wed, 15 Nov 2006 15:33:38 +0000 (15:33 +0000)]
r19719: don't use 'new' as var name samba3 doesn't like it...
metze
Stefan Metzmacher [Wed, 15 Nov 2006 14:31:47 +0000 (14:31 +0000)]
r19714: - add an explicit default target (needs to be the first target in the Makefile)
- let 'make nss' work alone
metze
Rafal Szczesniak [Tue, 14 Nov 2006 23:17:39 +0000 (23:17 +0000)]
r19708: add a script for running net tests separately
rafal
Stefan Metzmacher [Mon, 13 Nov 2006 19:12:47 +0000 (19:12 +0000)]
r19699: - use better names for the site strings
- use the client_site when creating the server object
metze
Stefan Metzmacher [Mon, 13 Nov 2006 19:08:11 +0000 (19:08 +0000)]
r19698: fix whitespaces...
metze
Stefan Metzmacher [Mon, 13 Nov 2006 19:04:32 +0000 (19:04 +0000)]
r19697: use the same mailslot name as windows does,
this also let wireshark match the responses
metze
Volker Lendecke [Mon, 13 Nov 2006 09:18:36 +0000 (09:18 +0000)]
r19684: Talloc_guide text on multithreading by Remi Turboult
Andrew Bartlett [Mon, 13 Nov 2006 03:21:13 +0000 (03:21 +0000)]
r19683: Guard GUID_from_string from walking off the end.
Andrew Bartlett
Andrew Bartlett [Mon, 13 Nov 2006 03:20:24 +0000 (03:20 +0000)]
r19682: Fix comments.
Andrew Bartlett
Andrew Bartlett [Mon, 13 Nov 2006 03:19:59 +0000 (03:19 +0000)]
r19681: Update to current lorikeet-heimdal. I'm looking at using the realm
lookup plugin, the new PAC validation code as well as Heimdal's SPNEGO
implementation.
Andrew Bartlett
Jelmer Vernooij [Sun, 12 Nov 2006 03:40:38 +0000 (03:40 +0000)]
r19680: Allow specifying basedir for test data.
Create temporary directories in base directory.
Jelmer Vernooij [Sun, 12 Nov 2006 03:36:47 +0000 (03:36 +0000)]
r19679: Fix shared library build as well.
Jelmer Vernooij [Sun, 12 Nov 2006 03:26:11 +0000 (03:26 +0000)]
r19678: Fix the build for now (ugly hack because of circular dependencies)
Jelmer Vernooij [Sun, 12 Nov 2006 02:55:34 +0000 (02:55 +0000)]
r19677: Fix more dependencies.
Jelmer Vernooij [Sun, 12 Nov 2006 02:49:05 +0000 (02:49 +0000)]
r19676: Fix some more dependencies.
Stefan Metzmacher [Sun, 12 Nov 2006 02:17:23 +0000 (02:17 +0000)]
r19675: the process model don't depend on heimdal anymore
and only have private depdendencies
metze
Stefan Metzmacher [Sun, 12 Nov 2006 02:15:56 +0000 (02:15 +0000)]
r19674: auth didn't depdend on process_model!
metze
Jelmer Vernooij [Sun, 12 Nov 2006 01:30:45 +0000 (01:30 +0000)]
r19673: Build shared libs against shared libs.
Jelmer Vernooij [Sun, 12 Nov 2006 00:54:43 +0000 (00:54 +0000)]
r19672: Make LIBSAMBA-UTIL a subsystem again for now because it has interdependencies
with LIBSAMBA-CONFIG.
Jelmer Vernooij [Sat, 11 Nov 2006 23:14:58 +0000 (23:14 +0000)]
r19671: Fix remaining unresolved symbols in shared library build.
Fix starting tests in shared library build.
Jelmer Vernooij [Sat, 11 Nov 2006 22:44:28 +0000 (22:44 +0000)]
r19670: Reduce the number of unresolved symbols when building with shared libraries.
Stefan Metzmacher [Sat, 11 Nov 2006 15:11:21 +0000 (15:11 +0000)]
r19664: fix compiler warnings...
should _krb5_find_type_in_ad() also take a const?
metze
Stefan Metzmacher [Sat, 11 Nov 2006 14:00:24 +0000 (14:00 +0000)]
r19663: merge changes from lorikeet heimdal:
support for netbios domain based realms
metze
Stefan Metzmacher [Sat, 11 Nov 2006 12:52:04 +0000 (12:52 +0000)]
r19662: windows 2003 kdc's only rewrite the realm to the full form,
when the client is using the netbios domain name as realm.
we should match this and not rewrite the principal.
This matches what windows give:
metze@SERNOX:~/prefix/lorikeet-heimdal/bin> ./kinit administrator@SERNOXDOM4
administrator@SERNOXDOM4's Password:
metze@SERNOX:~/prefix/lorikeet-heimdal/bin> ./klist
Credentials cache: FILE:/tmp/krb5cc_10000
Principal: administrator@SERNOXDOM4.MX.BASE
Issued Expires Principal
Nov 11 13:37:52 Nov 11 23:37:52 krbtgt/SERNOXDOM4@SERNOXDOM4.MX.BASE
Note:
I need to disable the principal checks in heimdal's
_krb5_extract_ticket() for the kinit to work.
Any ideas how to change heimdal to support this.
For the service principal we should use
the realm and principal in req->kdc_rep.enc_part
instead of the unencrypted req->kdc.ticket.sname
and req->kdc.ticket.realm to have a trusted value.
I'm not sure what we can do with the client realm...
metze
Stefan Metzmacher [Sat, 11 Nov 2006 11:00:19 +0000 (11:00 +0000)]
r19661: - add resolve stage to dcerpc connects over tcp
- remove ipv6 support untill the resolve layer can give ipv6 addresses
metze
Andrew Bartlett [Sat, 11 Nov 2006 03:41:50 +0000 (03:41 +0000)]
r19660: Forgot to tell gsskrb5 not to canonicalize hostnames. Shoudl fix
valrind issues on fort, because we won't hit NSS any more.
Andrew Bartlett
Andrew Bartlett [Fri, 10 Nov 2006 02:44:38 +0000 (02:44 +0000)]
r19650: Allow Samba to use Heimdal's SPNEGO code. Currently this can only
negotiate krb5, but if this works, I'll add NTLM as a GSSAPI backend
by some means or other.
Andrew Bartlett
Andrew Bartlett [Fri, 10 Nov 2006 02:41:00 +0000 (02:41 +0000)]
r19649: Fix indentation.
Andrew Bartlett
Stefan Metzmacher [Thu, 9 Nov 2006 01:11:45 +0000 (01:11 +0000)]
r19645: don't pass NULL as mem_ctx...
metze
Andrew Bartlett [Thu, 9 Nov 2006 00:33:43 +0000 (00:33 +0000)]
r19644: Merge up to current lorikeet-heimdal, incling adding
gsskrb5_set_default_realm(), which should fix mimir's issues.
Andrew Bartlett
Stefan Metzmacher [Thu, 9 Nov 2006 00:29:32 +0000 (00:29 +0000)]
r19643: make process_model thread compile again
metze
Stefan Metzmacher [Wed, 8 Nov 2006 22:33:22 +0000 (22:33 +0000)]
r19642: convert host.c to new composite api
metze
Stefan Metzmacher [Wed, 8 Nov 2006 22:28:28 +0000 (22:28 +0000)]
r19641: ldap_delete() is only allowed as user, we need to give credentials to the ildap backend
metze
Rafal Szczesniak [Wed, 8 Nov 2006 21:40:11 +0000 (21:40 +0000)]
r19640: add some comments
rafal
Stefan Metzmacher [Wed, 8 Nov 2006 21:20:45 +0000 (21:20 +0000)]
r19639: convert nbtlist.c to new composite api
metze
Stefan Metzmacher [Wed, 8 Nov 2006 21:18:24 +0000 (21:18 +0000)]
r19638: convert resolve.c to the new composite api
metze
Rafal Szczesniak [Wed, 8 Nov 2006 21:11:25 +0000 (21:11 +0000)]
r19637: Leave --realm option only, as abartlet suggested.
rafal
Jelmer Vernooij [Wed, 8 Nov 2006 14:36:30 +0000 (14:36 +0000)]
r19636: Add URLs to ldb and talloc pkg-config files.
Always build and install .pc files as they make sense for static libs
as well.
Andrew Bartlett [Wed, 8 Nov 2006 04:54:56 +0000 (04:54 +0000)]
r19635: It appears that under CFX, different keys are used in each direction
(or something like that).
In any case, we need to stick with the initiator subkey for now, until
we figure out what Vista uses for the CIFS session key.
Andrew Bartlett
Jelmer Vernooij [Wed, 8 Nov 2006 02:01:31 +0000 (02:01 +0000)]
r19634: Only use --allow-undef-shlib for modules.
Andrew Bartlett [Wed, 8 Nov 2006 01:48:35 +0000 (01:48 +0000)]
r19633: Merge to lorikeet-heimdal, removing krb5_rd_req_return_keyblock in favour of a more tasteful replacement.
Remove kerberos_verify.c, as we don't need that code any more.
Replace with code for using the new krb5_rd_req_ctx() borrowed from
Heimdal's accecpt_sec_context.c
Andrew Bartlett
Andrew Bartlett [Wed, 8 Nov 2006 01:43:23 +0000 (01:43 +0000)]
r19632: This got missed in the heimdal merge. Without this, we don't keep the
full database name. The existing code (needed for when we use the HDB
as a keytab, such as for the kpasswd service) only works for HDB
keytabs not prefixed with a type.
Andrew Bartlett
Jelmer Vernooij [Wed, 8 Nov 2006 01:37:28 +0000 (01:37 +0000)]
r19631: Re-enable shared libraries, but don't use -rpath-link unless
shared libraries are actually used.
Rafal Szczesniak [Tue, 7 Nov 2006 23:48:02 +0000 (23:48 +0000)]
r19630: Support specifying the realm name from command line.
Useful when testing calls against windows servers with krb auth.
rafal
Andrew Bartlett [Tue, 7 Nov 2006 21:08:33 +0000 (21:08 +0000)]
r19629: No need to special case use of DCE_STYLE sign and seal away any more...
Andrew Bartlett
Andrew Bartlett [Tue, 7 Nov 2006 21:05:45 +0000 (21:05 +0000)]
r19628: This hint via Love at the IETF meeting:
Larry told me that most context flags needed to be set to, otherwise
it wouldn't work.
This fixes DCE_STYLE against Win2k3 SP1. It seems they just tightened
up their end of the GSSAPI code, as DCE_STYLE is explicity rejected in
the session setup too (being the wrong layer).
Andrew Bartlett
Stefan Metzmacher [Tue, 7 Nov 2006 16:14:14 +0000 (16:14 +0000)]
r19625: not all linkers like -Wl,rpath-link, so don't use it till we have configure checks
and working shared libraries
metze