Stefan Metzmacher [Thu, 14 Feb 2008 15:13:16 +0000 (16:13 +0100)]
TODO: idl_types.h: remove unused string stuff
metze
Jeremy Allison [Fri, 5 Sep 2008 22:32:22 +0000 (15:32 -0700)]
Remove unecessary msync.
Jeremy.
(cherry picked from commit
0bae1ef3de8fda5e1e2d641b14a408e627396912)
Simo Sorce [Wed, 3 Sep 2008 14:44:09 +0000 (10:44 -0400)]
The msync manpage reports that msync *must* be called before munmap. Failure to do so may result in lost data. Fix an ifdef check, I really think we meant to check HAVE_MMAP here.
(cherry picked from commit
74c8575b3f3b90ea21ae6aa7ccd95947838af956)
Volker Lendecke [Tue, 12 Aug 2008 20:31:52 +0000 (22:31 +0200)]
Attempt to fix bug 5684
With the ctdb checkin
dde9f3f006 tdb optimized out write lock checks for
write-enabled transaction. Sadly, this also removed the possibility to ever
remove dead records left over from tdb_delete calls within a transaction.
Tridge, please check this! Did
dde9f3f006 have any reason beyond performance
optimizations?
Thanks,
Volker
(cherry picked from commit
3f884c4ae36f3260e63626bdd4989d9258ae6497)
Stefan Metzmacher [Sun, 14 Sep 2008 16:50:13 +0000 (18:50 +0200)]
Fix warnings on SuSE 9.0.
The macros "[un]likely" are already defined on SuSE 9.0.
Patch from Volker.
(partialy cherry-picked
30d181c92463aecd6e649330d3645d86d5a17e43)
metze
Volker Lendecke [Sat, 19 Apr 2008 14:56:44 +0000 (16:56 +0200)]
Fix bug 5400
Thanks to Jason Mader!
Volker
(cherry picked from commit
87d8a63ce4e6dd91ea3193d0a2574520a5857be2)
Stefan Metzmacher [Sun, 14 Sep 2008 16:46:34 +0000 (18:46 +0200)]
Fix out of tree build. Remove the embedded srcdir path from talloc and tdb.
(partialy cherry picked from commit
359921acd436684a0b4cf76ba15f82a224d2c337)
metze
Yannick Bergeron [Fri, 8 Aug 2008 17:32:15 +0000 (13:32 -0400)]
using NGROUPS_MAX instead of 32 for the max group value in rep_initgroups() subroutine in lib/replace/replace.c
(cherry picked from commit
13b1a232d2fe05ae3e924ea2503d05ff5084146e)
Yannick Bergeron [Wed, 6 Aug 2008 17:23:00 +0000 (13:23 -0400)]
Solve an IBM XL C/C++ compiler error encountered in get_exit_code() auth_errors array initialization in client/smbspool.c
(cherry picked from commit
b45e7fabc64e699e4fa013ef15f98a004dae3f32)
Karolin Seeger [Mon, 14 Jul 2008 14:40:36 +0000 (16:40 +0200)]
Fix typo.
retieve -> retrieve
Karolin
(partialy cherry-picked from
37c64130701ab13b6f34998ac17fec2d128c2e08)
metze
Volker Lendecke [Tue, 10 Jun 2008 14:14:30 +0000 (16:14 +0200)]
Correctly find a [u]int32_t replacement
(cherry picked from commit
346375cda557a675f8f882ca2ae8edffec725a72)
(cherry picked from commit
15a53945c9563b4517bd8b69a9bb0554eef5edff)
Jeremy Allison [Fri, 9 May 2008 21:51:45 +0000 (14:51 -0700)]
Fix replacement getpass. If we ^C at the prompt echo was left off.
Jeremy.
(cherry picked from commit
e54c71954ae484fe4a4e195db33440490e78e256)
Stefan Metzmacher [Fri, 12 Sep 2008 13:47:02 +0000 (15:47 +0200)]
rpc_server: don't send auth trailers in level connect
Also ignore auth trailers in level connect on receive.
This fixes [krb5,connect] against windows.
TODO: maybe the gensec mech need to decide if signatures
are needed in level connect.
metze
Stefan Metzmacher [Fri, 12 Sep 2008 12:39:57 +0000 (14:39 +0200)]
librpc/rpc: don't send auth trailers in level connect
Also ignore auth trailers in level connect on receive.
This fixes [krb5,connect] against windows.
TODO: maybe the gensec mech need to decide if signatures
are needed in level connect.
metze
Stefan Metzmacher [Sat, 13 Sep 2008 08:22:39 +0000 (10:22 +0200)]
rpc_server: correctly calculate the auth padding
metze
Stefan Metzmacher [Sat, 13 Sep 2008 16:49:03 +0000 (18:49 +0200)]
client free credentials when not needed anymore
Jeremy Allison [Fri, 12 Sep 2008 21:59:32 +0000 (14:59 -0700)]
Comment the delay write time tests so I know what they're
testing.
Jeremy.
Jelmer Vernooij [Fri, 12 Sep 2008 19:31:56 +0000 (21:31 +0200)]
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into manpage
Jelmer Vernooij [Fri, 12 Sep 2008 19:28:48 +0000 (21:28 +0200)]
Revert "Add option for generating coverage data from python tests."
This reverts commit
43c0fdfff02021caef2d8f73d6bfdc4b051a65ef.
Simo Sorce [Fri, 12 Sep 2008 17:57:50 +0000 (13:57 -0400)]
Remove ancient remains of first experimentations about
supporting a schema
Simo Sorce [Fri, 12 Sep 2008 17:26:45 +0000 (13:26 -0400)]
Fix spellings and file names
Stefan Metzmacher [Fri, 12 Sep 2008 09:51:08 +0000 (11:51 +0200)]
rename packaging => packaging4
metze
Stefan Metzmacher [Thu, 11 Sep 2008 14:50:49 +0000 (16:50 +0200)]
add '4' to the end of some filesnames
metze
Stefan Metzmacher [Thu, 11 Sep 2008 14:47:45 +0000 (16:47 +0200)]
rename swat => swat2, so that we don't conflict with samba3
metze
Andrew Bartlett [Thu, 11 Sep 2008 21:45:28 +0000 (07:45 +1000)]
Fix failure to load the schema on read-only DB.
This also tries to simplify the logic in the schema -> @ATTRIBUTES and
@INDEXES code.
Andrew Bartlett
Andrew Bartlett [Thu, 11 Sep 2008 10:51:26 +0000 (20:51 +1000)]
Remove the complexity of transactions from the attributes-setting code.
I think it is just too complex and error prone to init and cancel
transactions during the module init code. Instead, this isn't prone
to races as it will always achieve a steady state (eventually), and
most cases will never do the write.
Andrew Bartlett
Andrew Bartlett [Thu, 11 Sep 2008 02:36:58 +0000 (12:36 +1000)]
Make cn=aggregate output less pretty, by more like Win2008.
I'm not sure if this fixes bug #5713, as this is not consistantly
reproducably on my equipment.
Andrew Bartlett
Andrew Bartlett [Thu, 11 Sep 2008 01:49:24 +0000 (11:49 +1000)]
Fix failures in the winbind struct-based test.
Don't try to pass the 'privileged' socket directory around for expected value testing - it is just too hard...
A better test (once we unify the winbind protocol with Samba3) would
be a operation to see if you are on the priv pipe, and that will give
acutal end-to-end testing.
Andrew Bartlett
Jeremy Allison [Wed, 10 Sep 2008 04:25:03 +0000 (21:25 -0700)]
Merge branch 'v4-0-test' of ssh://jra@git.samba.org/data/git/samba into v4-0-test
Jeremy Allison [Wed, 10 Sep 2008 04:24:34 +0000 (21:24 -0700)]
A truncate write must be a smbcli_smbwrite, not a
smbcli_write.
Jeremy.
Andrew Bartlett [Wed, 10 Sep 2008 04:09:07 +0000 (14:09 +1000)]
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartlet
Andrew Bartlett [Wed, 10 Sep 2008 04:08:40 +0000 (14:08 +1000)]
Return the same privilaged winbindd socket as we actually use.
Andrew Bartlett
Matthias Dieter Wallnöfer [Tue, 9 Sep 2008 22:09:28 +0000 (00:09 +0200)]
Fix uninstalling of binaries.
Jelmer Vernooij [Tue, 9 Sep 2008 22:05:37 +0000 (00:05 +0200)]
Merge branch 'v4-0-regClient' of git://repo.or.cz/Samba/mdw into manpage
Jelmer Vernooij [Tue, 9 Sep 2008 21:49:07 +0000 (23:49 +0200)]
Only try with -LPYTHONDIR/lib when python-config output didn't work.
Volker Lendecke [Tue, 9 Sep 2008 21:35:17 +0000 (23:35 +0200)]
Attempt to correctly find python on host sunx
Jelmer Vernooij [Tue, 9 Sep 2008 19:56:57 +0000 (21:56 +0200)]
Remove unused scripts for installing binaries.
Matthias Dieter Wallnöfer [Tue, 9 Sep 2008 16:03:54 +0000 (18:03 +0200)]
Fix up the "reg_common_open_remote" call
This fixes up the "reg_common_open_remote" call because it didn't work anymore without the event context.
Matthias Dieter Wallnöfer [Tue, 9 Sep 2008 16:01:20 +0000 (18:01 +0200)]
Two useful "regshell" improvements
This patch corrects the "change key" command (Follow up isn't supported yet) and adds a newline in a error message.
Jelmer Vernooij [Tue, 9 Sep 2008 14:01:37 +0000 (16:01 +0200)]
Remove calls to unused uninstallbin.sh
Jelmer Vernooij [Tue, 9 Sep 2008 13:55:10 +0000 (15:55 +0200)]
Add option for generating coverage data from python tests.
Stefan Metzmacher [Tue, 9 Sep 2008 11:01:34 +0000 (13:01 +0200)]
UNIX-WHOAMI: fix compiler warnings
metze
Stefan Metzmacher [Tue, 9 Sep 2008 09:27:03 +0000 (11:27 +0200)]
drsblobs.idl: add parser for ExtendedErrorInfo see [MS-EERR]: ExtendedError Remote Data Structure
metze
Andrew Bartlett [Tue, 9 Sep 2008 08:02:05 +0000 (18:02 +1000)]
Fix reversed test trying to fix bug #5713
(It instead ensured that only 'top' had a SUP keyword)
This clearly shows that
937b466266256d26d02cf8d48e72a26272fe8627 was
not a full or correct fix, but despite this I can no longer reproduce
the issue. Further investigation is required.
Andrew Bartlett
Andrew Bartlett [Tue, 9 Sep 2008 06:18:27 +0000 (16:18 +1000)]
Fix bug #5713 by correcting the generated schema.
This bug is entitled 'Schema patch breaks interoperability with
Microsoft MMC consoles.', and it does so very spectacularly.
The issue is that we would include an entry:
objectClasses: ( 2.5.6.0 NAME 'top' SUP top ABSTRACT..
The MMC Active Directory Users and Computers snap in presumably
objected to the 'loop' this would present. The fixed entry is:
objectClasses: ( 2.5.6.0 NAME 'top' ABSTRACT
Thanks to Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de> for his
persistance in getting me to look at this.
Andrew Bartlett
Jeremy Allison [Mon, 8 Sep 2008 21:58:58 +0000 (14:58 -0700)]
Make it easier to see when tests start/end.
Jeremy.
Stefan Metzmacher [Mon, 8 Sep 2008 12:11:17 +0000 (14:11 +0200)]
BASE-DELAYWRITE: test behavior of SMBwrite truncate, writeX, SMBwrite truncate and writeX again
metze
Stefan Metzmacher [Mon, 8 Sep 2008 11:59:51 +0000 (13:59 +0200)]
BASE-DELAYWRITE: test behavior of writeX, SMBwrite truncate, writeX and SMBwrite again
metze
Stefan Metzmacher [Mon, 8 Sep 2008 10:27:43 +0000 (12:27 +0200)]
BASE-DELAYWRITE: demonstrate that a truncate write doesn't update the write time after SET_FILE_INFO
metze
Stefan Metzmacher [Mon, 8 Sep 2008 10:12:25 +0000 (12:12 +0200)]
BASE-DELAYWRITE: demonstrate that the time between the open and the first write doesn't matter
metze
Stefan Metzmacher [Mon, 8 Sep 2008 06:31:34 +0000 (08:31 +0200)]
BASE-DELAYWRITE: test more details of the truncate write time update behavior
metze
Andrew Bartlett [Mon, 8 Sep 2008 05:09:06 +0000 (15:09 +1000)]
Make it clear that the MMR password can differ from the admin passsword
In the future, we might simply randomly generate this, or allow the
admin to specify it seperate to the admin password. However, both are
highly sensitive, as they imply read access to the krbtgt.
Andrew Bartlett
Oliver Liebel [Mon, 8 Sep 2008 04:39:54 +0000 (14:39 +1000)]
Use DIGEST-MD5 authentication for OpenLDAP replication
This avoids passing rootdn passwords or replicated data in cleartext
across the network.
Signed-of-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Mon, 8 Sep 2008 04:33:05 +0000 (14:33 +1000)]
Add definition for SYSTEM_FLAG_ATTR_IS_RDN
Andrew Bartlett [Mon, 8 Sep 2008 04:18:04 +0000 (14:18 +1000)]
Move blackbox.smbclient to test against the member server.
The DC is now using smb signing, so testing for the old SMB versions
won't work.
Add a new test script to check 'net join' independent of
blackbox.smbclient.
Andrew Bartlett
Andrew Bartlett [Mon, 8 Sep 2008 02:54:13 +0000 (12:54 +1000)]
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into trusted-domains
Andrew Bartlett [Mon, 8 Sep 2008 02:46:04 +0000 (12:46 +1000)]
Simplfy SetSecrets behaviour in line with RPC-LSA and Win2008.
Andrew Bartlett [Mon, 8 Sep 2008 01:10:24 +0000 (11:10 +1000)]
Try to implement the right logic for systemFlags
The MS-ADTS document has quite detailed instrucitons on how these
flags should be processed. This change also causes the correct
sign-wrapping to occour, as these are declared as signed integers.
Andrew Bartlett
Andrew Bartlett [Mon, 8 Sep 2008 01:09:02 +0000 (11:09 +1000)]
Don't expose passwords, even to the administrator.
This ensures they don't leak over LDAP, but does not prevent access,
as ldbsearch locally still bypasses these controls.
Andrew Bartlett
Andrew Bartlett [Mon, 8 Sep 2008 00:55:34 +0000 (10:55 +1000)]
More work towards trusted domains support in Samba4's LSA
Make 'lsar_CreateTrustedDomain' consistant with
lsar_CreateTrustedDomainEx{,2} by renaming handle -> policy_handle
Implement LSA server logic to create the cn=users trust account for
incoming trusts.
Andrew Bartlett
Stefan Metzmacher [Wed, 20 Aug 2008 20:12:51 +0000 (22:12 +0200)]
ndr_compression: add XPRESS compression support
metze
Matthieu Suiche [Thu, 10 Jul 2008 09:31:43 +0000 (09:31 +0000)]
lzxpress: Import of lzxpress compression
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Sun, 7 Sep 2008 16:52:29 +0000 (18:52 +0200)]
ndr_compression: fix the build after lzxpress_decompress() prototype change
metze
Matthieu Suiche [Thu, 10 Jul 2008 09:31:43 +0000 (09:31 +0000)]
lzxpress: fix for decompression...
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Simo Sorce [Sat, 6 Sep 2008 16:31:50 +0000 (12:31 -0400)]
Always free tmp contexts before returning
Stefan Metzmacher [Sat, 6 Sep 2008 10:04:00 +0000 (12:04 +0200)]
zlib: we require zlib-1.2.3 or higher
metze
Stefan Metzmacher [Sat, 6 Sep 2008 08:58:53 +0000 (10:58 +0200)]
Revert "zlib: add inflateReset2()..."
This reverts commit
2a4fb661d7e3d601a5eb9ccecb4d4f2b07073097.
(we don't need inflateReset2 anymore)
metze
Stefan Metzmacher [Sat, 6 Sep 2008 08:57:33 +0000 (10:57 +0200)]
Revert "zlib: we don't need the inflateReset2 prototype twice"
This reverts commit
0dbbc287f65a51330c5309df5a96b3acd4d044d5.
(we don't need inflateReset2 anymore)
metze
Stefan Metzmacher [Sat, 6 Sep 2008 08:55:04 +0000 (10:55 +0200)]
ndr_compression: change debug levels
metze
Stefan Metzmacher [Sat, 6 Sep 2008 14:16:00 +0000 (16:16 +0200)]
ndr_compression: use deflateReset() together with defalteSetDictionary()
metze
Stefan Metzmacher [Fri, 5 Sep 2008 18:18:07 +0000 (20:18 +0200)]
ndr_compression: use inflateReset() and inflateSetDictionary() instead of inflateReset2()
Now we can use an unmodified system zlib-1.2.3
metze
Jeremy Allison [Sat, 6 Sep 2008 04:47:06 +0000 (21:47 -0700)]
Don't compare identity, it'll never be different.
Jeremy.
Oliver Liebel [Sat, 6 Sep 2008 03:12:19 +0000 (13:12 +1000)]
Remove <tab> in OpenLDAP MMR config
Signed-of-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Fri, 5 Sep 2008 23:07:41 +0000 (09:07 +1000)]
Make SMB signing work with Windows 2008 and kerberos.
Pinched from
b53e6387e30010509034835acf88b91b380ff44a by metze.
Andrew Bartlett
Jeremy Allison [Fri, 5 Sep 2008 21:24:36 +0000 (14:24 -0700)]
Added tests that show that write time update is immediate
when changing file size using SMBwrite of size zero,
SET_END_OF_FILE, or SET_ALLOCATION_SIZE - no 2 second
delay in these cases.
Jeremy.
Andrew Bartlett [Fri, 5 Sep 2008 06:46:12 +0000 (16:46 +1000)]
Add a new error code
Andrew Bartlett [Fri, 5 Sep 2008 06:45:58 +0000 (16:45 +1000)]
Update copyright
Andrew Bartlett [Fri, 5 Sep 2008 06:45:37 +0000 (16:45 +1000)]
Update copyright, I've been working here many long years...
Andrew Bartlett [Fri, 5 Sep 2008 06:45:10 +0000 (16:45 +1000)]
Move our DC to implement mandetory signing.
(this does not change the file server role, and only really changes
what 'server signing = auto' means)
Optional signing really isn't any benifit to network security.
In doing so, allow anonymous clients (if permitted by policy) to log
in without signing, as Samba3 does not sign these connections (which
would use an all-zero key, so pointless).
Andrew Bartlett
Andrew Bartlett [Fri, 5 Sep 2008 06:24:44 +0000 (16:24 +1000)]
With a windows 2008 client, even anonymous requires signing...
Andrew Bartlett
Andrew Bartlett [Thu, 4 Sep 2008 06:06:38 +0000 (16:06 +1000)]
More work to implement LSA CreateTrustedDomainEx2
We still don't get the format inside the encrypted blob correct
however.
Andrew Bartlett
Andrew Tridgell [Thu, 4 Sep 2008 02:49:29 +0000 (12:49 +1000)]
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into v4-0-test
Andrew Bartlett [Thu, 4 Sep 2008 01:32:32 +0000 (11:32 +1000)]
Merge commit 'origin/v4-0-test' into trusted-domains
Jelmer Vernooij [Wed, 3 Sep 2008 20:55:24 +0000 (22:55 +0200)]
Regenerate SWIG file.
Jelmer Vernooij [Wed, 3 Sep 2008 20:29:53 +0000 (22:29 +0200)]
Avoid using version call for version string.
Jelmer Vernooij [Wed, 3 Sep 2008 20:26:02 +0000 (22:26 +0200)]
Allow overriding shared library policy using environment variable.
Jelmer Vernooij [Wed, 3 Sep 2008 12:10:35 +0000 (14:10 +0200)]
Fix embedding of Samba 4.
Andrew Bartlett [Wed, 3 Sep 2008 05:34:44 +0000 (15:34 +1000)]
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartlet
Andrew Bartlett [Wed, 3 Sep 2008 05:30:17 +0000 (15:30 +1000)]
Implement NETLOGON PAC verfication on the server-side
This is implemented by means of a message to the KDC, to avoid having
to link most of the KDC into netlogon.
Andrew Bartlett
Andrew Bartlett [Wed, 3 Sep 2008 04:20:30 +0000 (14:20 +1000)]
Merge krb5_cksumtype_to_enctype from Heimdal svn -r 23719
Andrew Bartlett [Wed, 3 Sep 2008 04:19:16 +0000 (14:19 +1000)]
Test a few more error cases in RPC-PAC
Andrew Bartlett [Tue, 2 Sep 2008 01:31:46 +0000 (11:31 +1000)]
Start testing CreateTrustedDomainEx2
Andrew Bartlett
Andrew Bartlett [Tue, 2 Sep 2008 01:31:17 +0000 (11:31 +1000)]
Share IDL between the LSA and drsblob representations of trusts
Andrew Bartlett [Mon, 1 Sep 2008 04:43:00 +0000 (14:43 +1000)]
Follow MS-LSAD 3.1.4.7.12 and set defaults when creating a trust.
Also check we get the defaults correct with a query in the torture
suite.
Andrew Bartlett
Andrew Tridgell [Fri, 29 Aug 2008 21:38:02 +0000 (07:38 +1000)]
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into v4-0-test
Andrew Tridgell [Fri, 29 Aug 2008 21:32:44 +0000 (07:32 +1000)]
Add a setexpiry operation in samdb.py
This makes it easy to set the expiry (or no expiry) for a samdb user
Andrew Tridgell [Fri, 29 Aug 2008 21:23:06 +0000 (07:23 +1000)]
added a simple script for setting password expiry
Andrew Bartlett [Fri, 29 Aug 2008 08:05:06 +0000 (18:05 +1000)]
Start implementing the server-sde NETLOGON PAC verification.
Andrew Bartlett [Fri, 29 Aug 2008 05:06:30 +0000 (15:06 +1000)]
It turns out that the Netlogon PAC verification is encrypted.
This test now passes against Win2k3, and a implementation in the
Samba4 server should follow shortly.
Andrew Bartlett
Andrew Bartlett [Fri, 29 Aug 2008 03:01:52 +0000 (13:01 +1000)]
Update packaging per suggestions on the review
Also make the build more C++ friendly with a patch from Brad Hards.
Andrew Bartlett
git.samba.org / metze / samba / wb-ndr.git / log