Stefan Metzmacher [Tue, 26 Aug 2008 09:29:33 +0000 (11:29 +0200)]
heimdal_build: add fallback for AC_WARNING_ENABLE()
metze
Stefan Metzmacher [Tue, 26 Aug 2008 09:25:10 +0000 (11:25 +0200)]
heimdal: remove unused old files
metze
Stefan Metzmacher [Tue, 26 Aug 2008 13:30:18 +0000 (15:30 +0200)]
heimdal_build: split heimdal/lib/asn1 file lists
metze
Stefan Metzmacher [Tue, 26 Aug 2008 09:57:29 +0000 (11:57 +0200)]
heimdal_build: split handwritten and generated hx509 file lists
metze
Stefan Metzmacher [Tue, 26 Aug 2008 09:56:37 +0000 (11:56 +0200)]
heimdal_build: split out gssapi_spnego and gssapi_krb5 file lists
metze
Stefan Metzmacher [Tue, 26 Aug 2008 10:19:52 +0000 (12:19 +0200)]
heimdal_build: add a fake sqlite keytab implementation
This remove a difference against lorikeet-heimdal.
metze
Stefan Metzmacher [Tue, 26 Aug 2008 09:42:13 +0000 (11:42 +0200)]
heimdal_build: split glue.c into krb5 and gssapi parts
metze
Stefan Metzmacher [Mon, 25 Aug 2008 14:12:42 +0000 (16:12 +0200)]
kdc: move references to heimdal internals into heimdal_build/kpasswd-glue.h
metze
Stefan Metzmacher [Tue, 26 Aug 2008 10:25:54 +0000 (12:25 +0200)]
Revert "gsskrb5: add support for DCE_STYLE and des and des3 keys"
This reverts commit
86848dd0f217774faed81af8fbf68618013e20a1.
This should come back via a merge from heimdal's trunk later.
metze
Stefan Metzmacher [Tue, 26 Aug 2008 10:23:13 +0000 (12:23 +0200)]
Revert "gsskrb5: always return an acceptor subkey"
This reverts commit
6a8b07c39558f240b89e833ecba15d8b9fc020e8.
This isn't strictly needed and will come back in the next merge
from heimdal's trunk.
metze
Stefan Metzmacher [Tue, 26 Aug 2008 08:32:28 +0000 (10:32 +0200)]
build: generate :: rules for automatic dependencies
metze
Andrew Bartlett [Tue, 26 Aug 2008 06:27:10 +0000 (16:27 +1000)]
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartlet
Andrew Bartlett [Tue, 26 Aug 2008 06:26:46 +0000 (16:26 +1000)]
Don't use lsa_Delete any more, as smbd now refuses it.
Andrew Bartlett [Tue, 26 Aug 2008 02:18:26 +0000 (12:18 +1000)]
More LSA server and testuite work.
- Implement QueryDomainInformationPolicy in Samba4
- Allow RPC-LSA to pass against Windows 2008 (which does not allow
the Audit privilage to be removed)
Andrew Bartlett
Andrew Bartlett [Tue, 26 Aug 2008 00:56:16 +0000 (10:56 +1000)]
Make RPC-LSA test deterministic with an msleep(200).
Andrew Bartlett [Tue, 26 Aug 2008 00:33:41 +0000 (10:33 +1000)]
Implement matching logic to Windows 2008 on handling of secrets.
This is enforced by the new RPC-LSA test.
Andrew Bartlett
Andrew Bartlett [Tue, 26 Aug 2008 00:32:49 +0000 (10:32 +1000)]
Fix LSA server to pass more of RPC-LSA and match Windows 2008
This fixes some info levels in the QueryTrustedDomainInfo call, and
changes from implementing lsa_Delete to lsa_DeleteObject (which has an
explicit close and reutrns a NULL handle).
Andrew Bartlett
Andrew Bartlett [Tue, 26 Aug 2008 00:27:00 +0000 (10:27 +1000)]
Only allow the trust in the correct direction (per the flags).
Andrew Bartlett [Mon, 25 Aug 2008 23:49:54 +0000 (09:49 +1000)]
Update RPC-LSA to (almost) pass against Windows 2008.
Andrew Bartlett [Sun, 24 Aug 2008 22:27:06 +0000 (08:27 +1000)]
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-local
Andrew Tridgell [Sun, 24 Aug 2008 07:42:29 +0000 (17:42 +1000)]
fixed the data in SAVEFILE op in RAW-OFFLINE
Andrew Tridgell [Sun, 24 Aug 2008 07:38:43 +0000 (17:38 +1000)]
show the bad data in RAW-OFFLINE
also show the worst case latencies so far, matching tsm_torture
Andrew Tridgell [Sat, 23 Aug 2008 01:54:02 +0000 (11:54 +1000)]
don't use zero data for the first file in RAW-OFFLINE
the most likely bugs in HSM involve zero data, due to the
dm_punch_hole() request
Andrew Tridgell [Fri, 22 Aug 2008 11:54:21 +0000 (21:54 +1000)]
disable the anr== tests until they are understood
Andrew Tridgell [Fri, 22 Aug 2008 11:26:32 +0000 (21:26 +1000)]
now that ldap integers are 32 bit, we need to put the right 32 bit
value in for group type to avoid sign extension, otherwise we don't
find the builtin groups
Andrew Tridgell [Fri, 22 Aug 2008 10:50:07 +0000 (20:50 +1000)]
fixed the DomainDNS searches in the netlogon code
Andrew Tridgell [Fri, 22 Aug 2008 08:39:52 +0000 (18:39 +1000)]
Merge commit 'origin/v4-0-test' into v4-0-test
Andrew Tridgell [Fri, 22 Aug 2008 08:37:34 +0000 (18:37 +1000)]
fixed the GUID and objectSID canonicalisation functions
Andrew Tridgell [Fri, 22 Aug 2008 08:37:11 +0000 (18:37 +1000)]
fixed a speellling erra
Andrew Tridgell [Fri, 22 Aug 2008 07:37:43 +0000 (17:37 +1000)]
Merge branch 'abartlet-4-0-local' into v4-0-test
Andrew Tridgell [Fri, 22 Aug 2008 07:36:56 +0000 (17:36 +1000)]
fixed a problem with length limited ldap values
The core ldb code for string matching assumed NULL terminated strings,
whereas the anr module used data_blob_const() to effectively truncate
a ldb_val by changing its length. The ldb code is supposed to be based
around length limited blobs, not NULL terminated strings, so the
correct fix was to change the string comparison functions to be length
limited
Andrew Tridgell [Fri, 22 Aug 2008 04:32:27 +0000 (14:32 +1000)]
fixed error handling in ANR code
when we can't process an ANR request we need to continue with the
parse tree we were given, not a NULL tree
Stefan Metzmacher [Wed, 20 Aug 2008 13:48:00 +0000 (15:48 +0200)]
ndr_compression: implement mszip compression based on deflate()
The output doesn't match the output from windows servers,
but it's a start...
metze
Stefan Metzmacher [Wed, 20 Aug 2008 19:53:21 +0000 (21:53 +0200)]
drsuapi.idl: use hand written push functions for the compressed blobs
This isn't really the final solution, as we compress the data twice,
but it works.
metze
Stefan Metzmacher [Thu, 7 Aug 2008 16:26:45 +0000 (16:26 +0000)]
ndr_compression: add common parts of ndr compression
metze
Andrew Bartlett [Thu, 21 Aug 2008 09:24:58 +0000 (19:24 +1000)]
Don't walk past the end of ldb values.
This is a partial fix towards bugs due to us walking past the end of
what we think are strings in ldb. There is much more work to do in
this area.
Andrew Bartlett
Andrew Bartlett [Thu, 21 Aug 2008 07:29:47 +0000 (17:29 +1000)]
Push loading the objectGUID and objectSID handlers earlier.
Andrew Bartlett
Andrew Bartlett [Thu, 21 Aug 2008 06:42:03 +0000 (16:42 +1000)]
Stop every ldb startup doing a write to the database.
Something in the search stack adds a distinguisedName record, which
isn't in the message we generate. So we compare, fail and rewrite the
record - every time ldb starts up...
Andrew Bartlett
Andrew Bartlett [Thu, 21 Aug 2008 06:09:42 +0000 (16:09 +1000)]
Validate input in the CLDAP and DGRAM 'netlogon' responder.
Andrew Bartlett [Thu, 21 Aug 2008 05:10:40 +0000 (15:10 +1000)]
Handle error cases in attribute handlers better.
We don't need to just bail, for all these error cases there is still
real result that can be made - just fall back to binary copy/compare.
Andrew Bartlett
Andrew Bartlett [Thu, 21 Aug 2008 02:59:16 +0000 (12:59 +1000)]
The index handling is now configured from the schema load, not by a
template.
Andrew Bartlett
Andrew Bartlett [Thu, 21 Aug 2008 02:58:00 +0000 (12:58 +1000)]
Set both attributes and indexes into the database on schema load.
This ensures that a rudementary schema is always present (for
bootstrapping), and that the indexes are maintained equal to the
schema (rather than hard-coded).
Andrew Bartlett
Andrew Bartlett [Thu, 21 Aug 2008 02:56:34 +0000 (12:56 +1000)]
All these syntaxes are now handled by the schema.
Andrew Bartlett [Thu, 21 Aug 2008 02:56:04 +0000 (12:56 +1000)]
Don't hardcode attributes to be treated as a DN
This is now handled by reading the schema into the attributes.
Also, when we do set something here, mark it as FIXED, so the schema
and any reload from @ATTRIBUTES won't touch it.
Andrew Bartlett
Andrew Bartlett [Thu, 21 Aug 2008 02:51:55 +0000 (12:51 +1000)]
Correct anr search commants and error messages in ldap.js
Andrew Bartlett [Thu, 21 Aug 2008 02:51:06 +0000 (12:51 +1000)]
Don't allow a NULL syntax
Andrew Bartlett [Thu, 21 Aug 2008 02:50:22 +0000 (12:50 +1000)]
Don't maniplate control entries in samldb
Stefan Metzmacher [Tue, 19 Aug 2008 06:51:45 +0000 (08:51 +0200)]
krb5pac.idl: make use of subcontext(0xFFFFFC01) to handle the type Serialization header
Now we should be able to handle bigendian PAC_LOGON_INFO buffers.
metze
Stefan Metzmacher [Tue, 19 Aug 2008 11:23:09 +0000 (13:23 +0200)]
kdc/pac-glue: pull/push the logon_info via the PAC_INFO union
This prepares the next commit...
metze
Stefan Metzmacher [Tue, 19 Aug 2008 08:36:24 +0000 (10:36 +0200)]
drsuapi: fix samba4 callers after drsuapi.idl changes
metze
Stefan Metzmacher [Tue, 19 Aug 2008 08:35:15 +0000 (10:35 +0200)]
drsuapi.idl: readd type serialization headers to compressed DsGetNCChangesCtr*
metze
Stefan Metzmacher [Tue, 19 Aug 2008 08:33:03 +0000 (10:33 +0200)]
ndr_compression: remove the type serialization handling from the compression layer
metze
Stefan Metzmacher [Tue, 19 Aug 2008 08:29:40 +0000 (10:29 +0200)]
ndr_compression: unify the common handling of mszip and xpress compression
metze
Stefan Metzmacher [Mon, 18 Aug 2008 15:10:59 +0000 (17:10 +0200)]
librpc/ndr: add support for Type Serialization Version 1 to subcontext
We use the header size 0xFFFFFC01 as magic for constructed types.
See [MS-RPCE] 2.2.6 Type Serialization Version 1 for more details.
metze
Stefan Metzmacher [Wed, 20 Aug 2008 12:41:38 +0000 (14:41 +0200)]
pidl/NDR::Parser: pass typedefs through the ParseElement*Level() functions
metze
Stefan Metzmacher [Wed, 20 Aug 2008 12:41:05 +0000 (14:41 +0200)]
pidl/NDR: generate a LEVELS array for typedefs
metze
Stefan Metzmacher [Wed, 20 Aug 2008 08:18:42 +0000 (10:18 +0200)]
pidl/NDR: correctly check for valid properties
grep($str, @array) returns the number of elements in @array!
We need grep(/^$str$/, @array) to the only the amount of matches.
Also fix unitialized vars for the error case.
metze
Stefan Metzmacher [Tue, 19 Aug 2008 18:53:18 +0000 (20:53 +0200)]
pidl/NDR::Parser: pass $ndr to ->start_flags() and ->end_flags()
metze
Stefan Metzmacher [Tue, 19 Aug 2008 18:51:27 +0000 (20:51 +0200)]
pidl/NDR::Parser: pass $ndr to ParseMemCtxPull*()
metze
Stefan Metzmacher [Tue, 19 Aug 2008 18:48:53 +0000 (20:48 +0200)]
pidl/NDR::Parser: pass $ndr to ParsePtrPush()
metze
Stefan Metzmacher [Tue, 19 Aug 2008 18:34:00 +0000 (20:34 +0200)]
pidl/NDR::Parser: use my $ndr = "ndr" in the remaining top functions
metze
Stefan Metzmacher [Tue, 19 Aug 2008 18:27:15 +0000 (20:27 +0200)]
pidl/NDR::Parser: pass down $ndr from the top functions
metze
Stefan Metzmacher [Tue, 19 Aug 2008 18:12:03 +0000 (20:12 +0200)]
pidl/NDR::Parser: pass $ndr to ->PRINT_FN_BLOB()
metze
Stefan Metzmacher [Tue, 19 Aug 2008 11:24:05 +0000 (13:24 +0200)]
pidl/NDR::Parser: pass $ndr to ->PUSH_FN_BLOB()
metze
Stefan Metzmacher [Tue, 19 Aug 2008 11:04:38 +0000 (13:04 +0200)]
pidl/NDR::Parser: pass $ndr to ->PULL_FN_BODY()
metze
Stefan Metzmacher [Tue, 19 Aug 2008 10:34:49 +0000 (12:34 +0200)]
pidl/NDR::Parser: use $ndr instead of "ndr"
metze
Andrew Bartlett [Wed, 20 Aug 2008 06:18:44 +0000 (16:18 +1000)]
Use the new SEARCH_FLAG_ANR define
Andrew Bartlett [Wed, 20 Aug 2008 06:02:13 +0000 (16:02 +1000)]
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartlet
Andrew Tridgell [Wed, 20 Aug 2008 06:00:54 +0000 (16:00 +1000)]
don't overwrite fixed attributes with @ATTRIBUTES
Andrew Bartlett [Wed, 20 Aug 2008 05:52:08 +0000 (15:52 +1000)]
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartlet
Andrew Tridgell [Wed, 20 Aug 2008 05:50:58 +0000 (15:50 +1000)]
Merge commit 'origin/v4-0-test' into v4-0-test
Andrew Tridgell [Wed, 20 Aug 2008 05:46:58 +0000 (15:46 +1000)]
added a LDB_ATTR_FLAG_FIXED so the schema module can mark attributes
as never to be removed.
Andrew Bartlett [Wed, 20 Aug 2008 05:46:46 +0000 (15:46 +1000)]
Apply attributes (and their syntax) from the schema into ldb
This changes the @ATTRIBUTES record to be for bootstrapping only,
before we find the schema.
Andrew Bartlett
Andrew Bartlett [Wed, 20 Aug 2008 05:45:16 +0000 (15:45 +1000)]
Add schema search flags from MS-ADTS
Andrew Bartlett [Wed, 20 Aug 2008 03:22:16 +0000 (13:22 +1000)]
Split schema_init.c into smaller bits.
This should make schema manipulation a little easier to follow.
Andrew Bartlett
Andrew Bartlett [Wed, 20 Aug 2008 03:09:40 +0000 (13:09 +1000)]
Remove last traces of the old 'subclass' feature
Matthias Dieter Wallnöfer [Wed, 20 Aug 2008 02:46:37 +0000 (12:46 +1000)]
Add a torture test for the new 'netlogon' flags.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Matthias Dieter Wallnöfer [Wed, 20 Aug 2008 02:45:41 +0000 (12:45 +1000)]
Add extra bits to our 'netlogon' response in CLDAP and NBT.
I've studied now the netlogon attribute from the CLDAP request and
have compared them with the table presented in the WSPP docs
(http://msdn.microsoft.com/en-us/library/
cc201036.aspx). The first two
bytes seem to be correct, but that the third and fourth one is
completely clear with SAMBA 4.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Wed, 20 Aug 2008 02:21:36 +0000 (12:21 +1000)]
Update OpenLDAP MMR configuration per comments by Oliver Liebel
<oliver@itc.li>
This changes the RIDs to be <serverID><DBID>, to ease later debugging.
The need to specify the port on the MMR URLs is now included in the
help.
Andrew Bartlett
Andrew Tridgell [Tue, 19 Aug 2008 07:49:34 +0000 (17:49 +1000)]
added some comments at the request of a frustrated abartlet
Andrew Bartlett [Tue, 19 Aug 2008 04:54:30 +0000 (14:54 +1000)]
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-local
Andrew Bartlett [Tue, 19 Aug 2008 04:11:51 +0000 (14:11 +1000)]
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartlet
Andrew Bartlett [Tue, 19 Aug 2008 04:10:53 +0000 (14:10 +1000)]
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartlet
Andrew Bartlett [Tue, 19 Aug 2008 04:10:14 +0000 (14:10 +1000)]
Fix up new OpenLDAP MMR code.
This changes the MMR password from hard-coded value of 'linux',
adds tests and fixes the Fedora DS backend.
Currently the MMR password matches the admin password, but we can
change this to be another random value if required.
Also require the port to be specified on the command line, so we don't
hard-code a port of 9000.
Andrew Bartlett
Oliver Liebel [Tue, 19 Aug 2008 02:03:04 +0000 (12:03 +1000)]
Generate Multi-Master Replication configuration for OpenLDAP
This patches provision-backend and the related scripts to generate the
correct configuration blobs for N-way multi-master replication using
OpenLDAP.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Tue, 19 Aug 2008 01:43:41 +0000 (11:43 +1000)]
Fix templates.ldb reprovision handling.
This sets the attributes in a seperate transaction, and allows a
forced delete of the whole file.
Andrew Bartlett
Stefan Metzmacher [Mon, 18 Aug 2008 13:33:11 +0000 (15:33 +0200)]
librpc: don't build the old mszip decompression code
metze
Stefan Metzmacher [Thu, 7 Aug 2008 16:24:57 +0000 (16:24 +0000)]
ndr_compression: use zlib's inflate() for decompression
metze
Stefan Metzmacher [Mon, 18 Aug 2008 12:26:53 +0000 (14:26 +0200)]
zlib: mark as modified for samba
metze
Stefan Metzmacher [Fri, 15 Aug 2008 11:32:51 +0000 (13:32 +0200)]
zlib: fix compiler warnings
metze
Stefan Metzmacher [Mon, 18 Aug 2008 12:25:41 +0000 (14:25 +0200)]
zlib: we don't need the inflateReset2 prototype twice
metze
Matthieu Suiche [Thu, 10 Jul 2008 09:31:43 +0000 (09:31 +0000)]
librpc/ndr: add support for XPRESS decompression
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Matthieu Suiche [Thu, 10 Jul 2008 09:31:43 +0000 (09:31 +0000)]
lib/compression: Import of lzxpress decompression algorithm
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Mon, 18 Aug 2008 10:30:27 +0000 (20:30 +1000)]
Note the ldb syntax for attribute syntaxes in the table.
This includes additional Samba-specific syntaxes made available from
the ldif_handlers code.
This commit also changes some table to use #defines, to ensure
consistancy in other parts of the code.
Andrew Bartlett
Andrew Bartlett [Mon, 18 Aug 2008 10:21:31 +0000 (20:21 +1000)]
Allow attributes to be overwritten, not just added to
Andrew Bartlett [Mon, 18 Aug 2008 10:20:24 +0000 (20:20 +1000)]
Fix segfaults when loading the schema fails.
Andrew Bartlett [Mon, 18 Aug 2008 05:12:08 +0000 (15:12 +1000)]
Ensure we fail to proceed if the schema won't load.
Andrew Bartlett [Mon, 18 Aug 2008 02:01:27 +0000 (12:01 +1000)]
Remove references to the unused @SUBCLASS feature.
This was removed from ldb_tdb a while ago
Andrew Bartlett
Andrew Bartlett [Mon, 18 Aug 2008 00:16:45 +0000 (10:16 +1000)]
Merge the two attribute syntax tables.
This merges the table once found in the oLschema2ldif tool (and moved
many times) with the table used for DRSUAPI.
The OpenLDAP schema map has been updated, to ensure that despite a
number of attributes being declared as OIDs, they are actually used as
strings (as they are actually LDAP class/attribute names).
Andrew Bartlett
Michael Adam [Fri, 15 Aug 2008 22:37:26 +0000 (00:37 +0200)]
configure: use AS_HELP_STRING for --with-disable-ext-lib
Michael