samba.git
13 years agor13033: Thankyou very much to Brad Henry for fixing up many aspects of the
Andrew Bartlett [Thu, 19 Jan 2006 10:26:00 +0000 (10:26 +0000)]
r13033: Thankyou very much to Brad Henry for fixing up many aspects of the
release notes.  I will answer some questions and clarify some points
in the next commit.

Andrew Bartlett

13 years agor13031: A first stab at some release notes. Much work needed.
Andrew Bartlett [Thu, 19 Jan 2006 07:09:52 +0000 (07:09 +0000)]
r13031: A first stab at some release notes.  Much work needed.

Andrew Bartlett

13 years agor13019: Again protect us against format string mismatches, with the new split
Andrew Bartlett [Wed, 18 Jan 2006 21:52:19 +0000 (21:52 +0000)]
r13019: Again protect us against format string mismatches, with the new split
out proto headers.

The reason this is done in this way is that the attribute must be on
the prototype, not the actual function defintion.  Hence the macros
which expand to nothing in the C file, but expand to an __attribute__
in the prototype header.

Andrew Bartlett

13 years agor13018: Fix (correct) warning about mixing C/js interface function types. I
Andrew Bartlett [Wed, 18 Jan 2006 21:41:24 +0000 (21:41 +0000)]
r13018: Fix (correct) warning about mixing C/js interface function types.  I
don't use the arguments, but you must connect as the right type
anyway.

Andrew Bartlett

13 years agor13007: let our winsclient code register multihomed records with
Stefan Metzmacher [Wed, 18 Jan 2006 16:36:53 +0000 (16:36 +0000)]
r13007: let our winsclient code register multihomed records with
our winsserver and don't defend our local name against
our own register packets...

this won gave quite confusing logmessages...

metze

13 years agor13006: always debug the unicast and broadcast address
Stefan Metzmacher [Wed, 18 Jan 2006 16:32:24 +0000 (16:32 +0000)]
r13006: always debug the unicast and broadcast address

metze

13 years agor13005: - use nbtd:max_refresh_time=12345 also for name refresh with a wins server
Stefan Metzmacher [Wed, 18 Jan 2006 16:27:29 +0000 (16:27 +0000)]
r13005: - use nbtd:max_refresh_time=12345 also for name refresh with a wins server

metze

13 years agor13004: fix compiler warnings
Stefan Metzmacher [Wed, 18 Jan 2006 16:20:33 +0000 (16:20 +0000)]
r13004: fix compiler warnings

metze

13 years agor13002: fix compiler warning
Stefan Metzmacher [Wed, 18 Jan 2006 16:05:27 +0000 (16:05 +0000)]
r13002: fix compiler warning

metze

13 years agor13001: fix compiler warnings
Stefan Metzmacher [Wed, 18 Jan 2006 16:01:13 +0000 (16:01 +0000)]
r13001: fix compiler warnings

metze

13 years agor13000: fix compiler warnings
Stefan Metzmacher [Wed, 18 Jan 2006 15:51:50 +0000 (15:51 +0000)]
r13000: fix compiler warnings

metze

13 years agor12999: fix compiler warnings
Stefan Metzmacher [Wed, 18 Jan 2006 15:46:00 +0000 (15:46 +0000)]
r12999: fix compiler warnings

metze

13 years agor12998: A big update to samldb.c
Andrew Bartlett [Wed, 18 Jan 2006 12:06:36 +0000 (12:06 +0000)]
r12998: A big update to samldb.c

This updates the module to handle both SID allocation and nextRid
updating while importing users.  (As imported users already have a
SID, so don't go via the allocation step).  We also ensure that SIDs
in the database are unquie at create time.

Furthermore, at allocation time, we double-check the SID isn't already
in use, and that we don't create a foriegnSecurityPrincipal for a
'local' sid.

Also create random samAccountName entries for users without one (we
were setting $000000-000000000000).

We may want to seperate the uniqueness code from the rest of samldb,
and into a module with the objectguid code, which needs similar
checks.  These checks also need to apply to modification, or those
modifications denied outright.

Also update part of the testsuite to validate this.

Andrew Bartlett

13 years agor12997: Feed the right event context to libnet in ejsnet and the auth code.
Andrew Bartlett [Wed, 18 Jan 2006 11:25:30 +0000 (11:25 +0000)]
r12997: Feed the right event context to libnet in ejsnet and the auth code.
This should give better behaviour in SWAT.

Fix authentication as Samba, rather than System, users in SWAT.

Andrew Bartlett

13 years agor12996: Restrict this search to domain objects.
Andrew Bartlett [Wed, 18 Jan 2006 11:22:30 +0000 (11:22 +0000)]
r12996: Restrict this search to domain objects.

Andrew Bartlett

13 years agor12995: Don't allow overrides on "name" from above, as it can't be correct.
Andrew Bartlett [Wed, 18 Jan 2006 11:21:52 +0000 (11:21 +0000)]
r12995: Don't allow overrides on "name" from above, as it can't be correct.

Andrew Bartlett

13 years agor12989: move the control parsing and handleng functions to cmdline.c
Simo Sorce [Wed, 18 Jan 2006 04:36:30 +0000 (04:36 +0000)]
r12989: move the control parsing and handleng functions to cmdline.c
so that they can be used by the other ldb tools as well

13 years agor12988: delete an ancient file that misteriously survived till now.
Simo Sorce [Wed, 18 Jan 2006 03:10:52 +0000 (03:10 +0000)]
r12988: delete an ancient file that misteriously survived till now.

13 years agor12984: add parse code and ldbsearch cmdline code for
Stefan Metzmacher [Tue, 17 Jan 2006 18:56:04 +0000 (18:56 +0000)]
r12984: add parse code and ldbsearch cmdline code for
NOTIFICATION LDAP Controls
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/ldap/ldap/ldap_server_notification_oid.asp

this doesn't work yet, but it shows that we need to extend ldb to correctly
handle async requests...

metze

13 years agor12983: - fix using a DIRSYNC cookie from the command line
Stefan Metzmacher [Tue, 17 Jan 2006 17:23:11 +0000 (17:23 +0000)]
r12983: - fix using a DIRSYNC cookie from the command line
- also w2k doesn't work correct with max_attrs = 0, so we should use
  a high number, with this I'm getting the same results from w2k and w2k3

metze

13 years agor12982: fix parsing of LDAP DIRSYNC cookies
Stefan Metzmacher [Tue, 17 Jan 2006 17:15:07 +0000 (17:15 +0000)]
r12982: fix parsing of LDAP DIRSYNC cookies

metze

13 years agor12979: Grr, I forgot to commit this file (from Brad Henry's libnet_site
Andrew Bartlett [Tue, 17 Jan 2006 10:27:18 +0000 (10:27 +0000)]
r12979: Grr, I forgot to commit this file (from Brad Henry's libnet_site
patch) before the power went out :-)

Andrew Bartlett

13 years agor12977: Some code to implement the client side of the Dirsync control
Simo Sorce [Tue, 17 Jan 2006 04:04:57 +0000 (04:04 +0000)]
r12977: Some code to implement the client side of the Dirsync control
Still investigating how it works.

Simo.

13 years agor12976: Patch from Brad Henry <j0j0@riod.ca>:
Andrew Bartlett [Tue, 17 Jan 2006 03:44:37 +0000 (03:44 +0000)]
r12976: Patch from Brad Henry <j0j0@riod.ca>:

This patch pulls the AD site name generation and site join code from
libnet/libnet_join.c and puts it into a new file, libnet/libnet_site.c.
This way, a common means for site name, configuration dn and server dn
generation exists so it doesn't need to be rewritten in new code (such
as the future libnet_leave for example).

I've made a couple of changes, but nothing dramatic.  Nice work Brad!

Andrew Bartlett

13 years agor12972: Use single quotes in the showflags and showlayout targets to stop the
James Peach [Tue, 17 Jan 2006 01:18:27 +0000 (01:18 +0000)]
r12972: Use single quotes in the showflags and showlayout targets to stop the
shell interpreting the expanded make variables.

13 years agor12971: Fix spelling.
Tim Potter [Mon, 16 Jan 2006 23:42:07 +0000 (23:42 +0000)]
r12971: Fix spelling.

13 years agor12959: hopefully fix bug #3365 this time
Stefan Metzmacher [Mon, 16 Jan 2006 15:23:06 +0000 (15:23 +0000)]
r12959: hopefully fix bug #3365 this time

metze

13 years agor12958: don't bind to '255.255.255.255'
Stefan Metzmacher [Mon, 16 Jan 2006 14:01:34 +0000 (14:01 +0000)]
r12958: don't bind to '255.255.255.255'

fix bug #3411

metze

13 years agor12948: fix compiler warning
Stefan Metzmacher [Sun, 15 Jan 2006 19:04:51 +0000 (19:04 +0000)]
r12948: fix compiler warning

metze

13 years agor12947: added some error checking that I stumbled across while testing domain migration
Andrew Tridgell [Sun, 15 Jan 2006 16:24:55 +0000 (16:24 +0000)]
r12947: added some error checking that I stumbled across while testing domain migration

13 years agor12945: Try to move closer to getting Samba3 import working again.
Andrew Bartlett [Sun, 15 Jan 2006 09:03:28 +0000 (09:03 +0000)]
r12945: Try to move closer to getting Samba3 import working again.

There still a few things to work out

Andrew Bartlett

13 years agor12944: Update scripts in setup to match changes in the provision.js
Andrew Bartlett [Sun, 15 Jan 2006 07:02:34 +0000 (07:02 +0000)]
r12944: Update scripts in setup to match changes in the provision.js

DNS is now done as a seperate step, to assist in migrations.

Andrew Bartlett

13 years agor12943: Generate a SID for the domain join account using the modules, rather
Andrew Bartlett [Sun, 15 Jan 2006 06:59:56 +0000 (06:59 +0000)]
r12943: Generate a SID for the domain join account using the modules, rather
than a hardcoded SID.

Fix the samldb module to return the what *was* the nextrid, rather
than the new nextrid (that is for next time).

Andrew Bartlett

13 years agor12942: this way is better
Simo Sorce [Sun, 15 Jan 2006 06:43:43 +0000 (06:43 +0000)]
r12942: this way is better

13 years agor12941: Add Attribute Scoped Search control
Simo Sorce [Sun, 15 Jan 2006 06:12:29 +0000 (06:12 +0000)]
r12941: Add Attribute Scoped Search control

want to see what it does ?

do aq make test and try:
./bin/ldbsearch -H st/private/sam.ldb --controls=asq:1:member -s base -b 'CN=Administrators,CN=Builtin,DC=samba,DC=example,DC=com' 'objectclass=*'

have fun.
simo.

13 years agor12934: do somemore debugging of the received browse packets,
Stefan Metzmacher [Sat, 14 Jan 2006 10:11:04 +0000 (10:11 +0000)]
r12934: do somemore debugging of the received browse packets,
(so I may learn about the protocol, while watching the debug output)

metze

13 years agor12933: fix parsing of browse packets based on the infos on http://ubiqx.org/cifs...
Stefan Metzmacher [Sat, 14 Jan 2006 10:06:18 +0000 (10:06 +0000)]
r12933: fix parsing of browse packets based on the infos on ubiqx.org/cifs/Browsing.html

metze

13 years agor12932: export function prototypes
Stefan Metzmacher [Sat, 14 Jan 2006 10:03:18 +0000 (10:03 +0000)]
r12932: export function prototypes

metze

13 years agor12931: Remove some prefixes. We have:
Andrew Bartlett [Sat, 14 Jan 2006 07:46:04 +0000 (07:46 +0000)]
r12931: Remove some prefixes.  We have:

Login failed: Login Failed: Logon failure - please try again

In SWAT currently...

Andrew Bartlett

13 years agor12930: Fix ADS join: I wasn't filling in the flag 'realm' variable any more.
Andrew Bartlett [Sat, 14 Jan 2006 07:27:01 +0000 (07:27 +0000)]
r12930: Fix ADS join:  I wasn't filling in the flag 'realm' variable any more.

Andrew Bartlett

13 years agor12929: Fix more implict global and shadowing variables.
Andrew Bartlett [Sat, 14 Jan 2006 07:24:15 +0000 (07:24 +0000)]
r12929: Fix more implict global and shadowing variables.

Andrew Bartlett

13 years agor12928: This patch improves the interaction between the vampire and provsion code.
Andrew Bartlett [Sat, 14 Jan 2006 06:17:24 +0000 (06:17 +0000)]
r12928: This patch improves the interaction between the vampire and provsion code.

Previously, we had to know (or guess) the host and domain guid at the
provision stage.  Now we query the database post-provision, to extract
the values and fill in the zone file.

This allows us to generate a correct zone file in the Windows migration case.

In an effort to make SWAT easier to use, I have removed and renamed
some of the provision options.

I have also fixed a nasty issue in my js code.  I had implictly
declared a global variable of the name 'join', with disasterious
results for any subsequent user of the string utility function:

esp exception - ASSERT at lib/appweb/ejs/ejsParser.c:2064, 0

Backtrace:
        [ 0]       substitute_var:20   ->               list[i] = join("", list2)
        [ 1]           setup_file:9    ->       data = substitute_var(data, subobj)

Andrew Bartlett

13 years agor12927: Fix typo.
Andrew Bartlett [Sat, 14 Jan 2006 01:43:21 +0000 (01:43 +0000)]
r12927: Fix typo.

13 years agor12926: Syncronsise GUIDs on users and domains from the server. These also
Andrew Bartlett [Sat, 14 Jan 2006 01:29:38 +0000 (01:29 +0000)]
r12926: Syncronsise GUIDs on users and domains from the server.  These also
appear in DNS, so need to match.

Andrew Bartlett

13 years agor12925: implement client side of ASQ control
Simo Sorce [Sat, 14 Jan 2006 01:06:16 +0000 (01:06 +0000)]
r12925: implement client side of ASQ control

13 years agor12919: Ensure we never 'extend' the session key length, or fill in past the
Andrew Bartlett [Fri, 13 Jan 2006 23:08:20 +0000 (23:08 +0000)]
r12919: Ensure we never 'extend' the session key length, or fill in past the
length of the (possibly null) pointer.

In reality this should come to us either 16 or 0 bytes in length, but
this is the safest test.

This is bug 3401 in Samba3, thanks to Yau Lam Yiu <yiuext at cs.ust.hk>

Andrew Bartlett

13 years agor12918: Don't tell the user the difference between 'no such user' and 'wrong
Andrew Bartlett [Fri, 13 Jan 2006 22:55:23 +0000 (22:55 +0000)]
r12918: Don't tell the user the difference between 'no such user' and 'wrong
password'.

Andrew Bartlett

13 years agor12917: fix decoding of ldap controls
Simo Sorce [Fri, 13 Jan 2006 22:48:08 +0000 (22:48 +0000)]
r12917: fix decoding of ldap controls
some more work on timeouts

13 years agor12911: try to fix bug #3365
Stefan Metzmacher [Fri, 13 Jan 2006 17:32:43 +0000 (17:32 +0000)]
r12911: try to fix bug #3365

metze

13 years agor12910: fix bug #3069
Stefan Metzmacher [Fri, 13 Jan 2006 17:07:28 +0000 (17:07 +0000)]
r12910: fix bug #3069

metze

13 years agor12909: add an ldb module for the wins.ldb,
Stefan Metzmacher [Fri, 13 Jan 2006 16:58:04 +0000 (16:58 +0000)]
r12909: add an ldb module for the wins.ldb,

it currently doesn't do much, but it's later
prevent adding corrupted records via ldbedit,
and will take care of the versionID counter

metze

13 years agor12908: use '_' also for indication we want to ask for the localmaster browser,
Stefan Metzmacher [Fri, 13 Jan 2006 16:49:00 +0000 (16:49 +0000)]
r12908: use '_' also for indication we want to ask for the localmaster browser,

as '-' make problems with popt

metze

13 years agor12907: skip some tests for make quicktest in NBT-WINSREPLICATION
Stefan Metzmacher [Fri, 13 Jan 2006 16:44:32 +0000 (16:44 +0000)]
r12907: skip some tests for make quicktest in NBT-WINSREPLICATION

metze

13 years agor12906: return the correct nb_flags
Stefan Metzmacher [Fri, 13 Jan 2006 16:27:47 +0000 (16:27 +0000)]
r12906: return the correct nb_flags

metze

13 years agor12905: add some ldap policies
Simo Sorce [Fri, 13 Jan 2006 15:40:15 +0000 (15:40 +0000)]
r12905: add some ldap policies
not yet enforced except for the initial connection timeout

13 years agor12903: Factor out a new routine libnet_RpcConnectDCInfo, to both connect to
Andrew Bartlett [Fri, 13 Jan 2006 12:52:56 +0000 (12:52 +0000)]
r12903: Factor out a new routine libnet_RpcConnectDCInfo, to both connect to
the remote sever, and to query it for domain information.

Provide and use this information in the SamSync/Vampire callbacks, to allow a
parallel connection to LDAP, if we are talking to AD.  This allows us
to get at some important attributes not exposed in the old protocol.

With this, we are able to do a all-GUI vampire of a AD domain from
SWAT, including getting all the SIDs, servicePrincipalNames and the
like correct.

Andrew Bartlett

13 years agor12902: Fix 'make quicktest'.
Andrew Bartlett [Fri, 13 Jan 2006 12:48:53 +0000 (12:48 +0000)]
r12902: Fix 'make quicktest'.

Andrew Bartlett

13 years agor12899: - fix warnings on AIX
Stefan Metzmacher [Fri, 13 Jan 2006 10:37:14 +0000 (10:37 +0000)]
r12899: - fix warnings on AIX
- fix compilation of auth/kerberos/krb5_init_context.c on AIX

metze

13 years agor12898: prepare the 'wins hook' feature, but we only debug out a 'TODO: run script...
Stefan Metzmacher [Fri, 13 Jan 2006 10:26:47 +0000 (10:26 +0000)]
r12898: prepare the 'wins hook' feature, but we only debug out a 'TODO: run script ...'

metze

13 years agor12897: make it possible to use nosync transaction to speed things up,
Stefan Metzmacher [Fri, 13 Jan 2006 08:38:11 +0000 (08:38 +0000)]
r12897: make it possible to use nosync transaction to speed things up,
(just for testing)

metze

13 years agor12896: IRIX make will fallback to gmake with this,
Stefan Metzmacher [Fri, 13 Jan 2006 08:22:21 +0000 (08:22 +0000)]
r12896: IRIX make will fallback to gmake with this,
as normal IRIX make doesn't support shell commands or functions
in $(FOO) variables

metze

13 years agor12895: Error strings save lives.
Andrew Bartlett [Fri, 13 Jan 2006 04:49:49 +0000 (04:49 +0000)]
r12895: Error strings save lives.

err, they save time at least.  The correct use of an error string in
this case quickly pinpoited an overzealous check, and saved me hours
of painful debugging.

Andrew Bartlett

13 years agor12894: Add more detail to error messages.
Andrew Bartlett [Fri, 13 Jan 2006 04:36:58 +0000 (04:36 +0000)]
r12894: Add more detail to error messages.

Andrew Bartlett

13 years agor12893: Filling in *error_string is critical for SWAT, as the errors otherwise
Andrew Bartlett [Fri, 13 Jan 2006 04:30:18 +0000 (04:30 +0000)]
r12893: Filling in *error_string is critical for SWAT, as the errors otherwise
do not propogate back to the user, they just end up in the logfile.

Andrew Bartlett

13 years agor12892: Add a 'Migrate from Windows' page to our installation section in SWAT.
Andrew Bartlett [Fri, 13 Jan 2006 03:39:49 +0000 (03:39 +0000)]
r12892: Add a 'Migrate from Windows' page to our installation section in SWAT.

Doing this required reworking ejsnet, particularly so it could take a
set of credentials, not just a username and password argument.

This required fixing the ejsnet.js test script, which now adds and
deletes a user, and is run from 'make test'.  This should prevent it
being broken again.

Deleting a user from ejsnet required that the matching backend be
added to libnet, hooking fortunetly onto already existing code for the
actual deletion.

The js credentials interface now handles the 'set machine account' flag.

New functions have been added to provision.js to wrap the basic
operations (so we can write a command line version, as well as the web
based version).

Andrew Bartlett

13 years agor12891: We no longer manually set the 'name' attribute.
Andrew Bartlett [Fri, 13 Jan 2006 03:34:00 +0000 (03:34 +0000)]
r12891: We no longer manually set the 'name' attribute.

Andrew Bartlett

13 years agor12887: Add the icon from samba.org to SWAT.
Andrew Bartlett [Fri, 13 Jan 2006 02:59:08 +0000 (02:59 +0000)]
r12887: Add the icon from samba.org to SWAT.

Andrew Bartlett

13 years agor12886: Rename 'secure_channel_type' parameter to domain join as 'join_type'.
Andrew Bartlett [Fri, 13 Jan 2006 02:58:35 +0000 (02:58 +0000)]
r12886: Rename 'secure_channel_type' parameter to domain join as 'join_type'.

Andrew Bartlett

13 years agor12883: Fix the build...
Andrew Bartlett [Fri, 13 Jan 2006 02:01:15 +0000 (02:01 +0000)]
r12883: Fix the build...

Andrew Bartlett

13 years agor12882: Allow the netbios name to be specified at all times.
Andrew Bartlett [Fri, 13 Jan 2006 00:55:30 +0000 (00:55 +0000)]
r12882: Allow the netbios name to be specified at all times.

Andrew Bartlett

13 years agor12881: Hard-coded defaults are silly. We have smb.conf for a reason.
Andrew Bartlett [Fri, 13 Jan 2006 00:54:53 +0000 (00:54 +0000)]
r12881: Hard-coded defaults are silly.  We have smb.conf for a reason.

Andrew Bartlett

13 years agor12880: Remove ldap partitions useless now and probably we
Simo Sorce [Fri, 13 Jan 2006 00:38:35 +0000 (00:38 +0000)]
r12880: Remove ldap partitions useless now and probably we
will not use it anyway as we plan to support
partitions in ldb directly like with rootdse

Merge ldap_simple_ldb into ldap_backend, it is
not simple anymore and makes no sense to have
it separated now that ldap partitions are gone

Initial attempt at working to some limit to avoid DOSs
for the ldap server.

Simo.

13 years agor12874: Try to give the startup a few more seconds, so that hosts with
Andrew Bartlett [Thu, 12 Jan 2006 21:51:02 +0000 (21:51 +0000)]
r12874: Try to give the startup a few more seconds, so that hosts with
gnutls-devel installed do not miss the first test.

Andrew Bartlett

13 years agor12873: Fix valgrind-found uninitialised value.
Andrew Bartlett [Thu, 12 Jan 2006 21:42:59 +0000 (21:42 +0000)]
r12873: Fix valgrind-found uninitialised value.

Andrew Bartlett

13 years agor12872: Add some more detail to debug message.
Andrew Bartlett [Thu, 12 Jan 2006 21:42:26 +0000 (21:42 +0000)]
r12872: Add some more detail to debug message.

Andrew Bartlett

13 years agor12869: I have removed this hack. We now just do the lookups (netbios for now).
Andrew Bartlett [Thu, 12 Jan 2006 11:36:16 +0000 (11:36 +0000)]
r12869: I have removed this hack.  We now just do the lookups (netbios for now).

Andrew Bartlett

13 years agor12868: Remove unused code. This has moved to libcli/finddcs.c.
Andrew Bartlett [Thu, 12 Jan 2006 09:56:15 +0000 (09:56 +0000)]
r12868: Remove unused code.  This has moved to libcli/finddcs.c.

Andrew Bartlett

13 years agor12867: Remove deleted header.
Andrew Bartlett [Thu, 12 Jan 2006 09:54:48 +0000 (09:54 +0000)]
r12867: Remove deleted header.

13 years agor12866: This removes the abstraction layer in winbindd intended to deal with
Andrew Bartlett [Thu, 12 Jan 2006 09:38:35 +0000 (09:38 +0000)]
r12866: This removes the abstraction layer in winbindd intended to deal with
multiple protocols, replacing it with the packet handling subsystem.

We don't have multiple protocols at present, and the abstraction layer
only serves to confuse matters.  Also, the new packet subsystem removes
the need to handle partial reads.

We can easily add new protocols from the socket up instead, becaue the
difficult bits are done by the packet layer.

Andrew Bartlett

13 years agor12865: Upgrade the librpc and libnet code.
Andrew Bartlett [Thu, 12 Jan 2006 09:33:49 +0000 (09:33 +0000)]
r12865: Upgrade the librpc and libnet code.

In librpc, always try SMB level authentication, even if trying
schannel, but allow fallback to anonymous.  This should better
function with servers that set restrict anonymous.

There are too many parts of Samba that get, parse and modify the
binding parameters.  Avoid the extra work, and add a binding element
to the struct dcerpc_pipe

The libnet vampire code has been refactored, to reduce extra layers
and to better conform with the standard argument pattern.  Also, take
advantage of the new libnet_Lookup code, so we don't require the silly
'password server' smb.conf parameter.

To better support forcing traffic to be sealed for the vampire
operation, the dcerpc_bind_auth() function now takes an auth level
parameter.

Andrew Bartlett

13 years agor12864: Fix valgrind errors in NET-API-LOOKUP* tests.
Andrew Bartlett [Thu, 12 Jan 2006 08:47:21 +0000 (08:47 +0000)]
r12864: Fix valgrind errors in NET-API-LOOKUP* tests.

Andrew Bartlett

13 years agor12863: As lha suggested to me a while back, it appears that the
Andrew Bartlett [Thu, 12 Jan 2006 07:13:36 +0000 (07:13 +0000)]
r12863: As lha suggested to me a while back, it appears that the
gsskrb5_get_initiator_subkey() routine is bougs.  We can indeed use
gss_krb5_get_subkey().

This is fortunate, as there was a segfault bug in 'initiator' version.

Andrew Bartlett

13 years agor12862: Need to trim spaces off the end of the node status reply.
Andrew Bartlett [Thu, 12 Jan 2006 06:44:28 +0000 (06:44 +0000)]
r12862: Need to trim spaces off the end of the node status reply.

Andrew Bartlett

13 years agor12861: Cope when we are not supplied the messaging context. This is just
Andrew Bartlett [Thu, 12 Jan 2006 03:30:20 +0000 (03:30 +0000)]
r12861: Cope when we are not supplied the messaging context.  This is just
another case where we have to fallback to the node status request.

Andrew Bartlett

13 years agor12860: Remove unused function. (we handle this in the password_hash module).
Andrew Bartlett [Thu, 12 Jan 2006 03:07:04 +0000 (03:07 +0000)]
r12860: Remove unused function.  (we handle this in the password_hash module).

Andrew Bartlett

13 years agor12859: Make Samba4 match the Samba3 winbindd interface. trunk has moved too
Andrew Bartlett [Thu, 12 Jan 2006 03:06:14 +0000 (03:06 +0000)]
r12859: Make Samba4 match the Samba3 winbindd interface.  trunk has moved too
far at this point, and there is no point being in between.

Andrew Bartlett

13 years agor12858: This moves the libnet_LookupPdc code to use a GetDC request to find
Andrew Bartlett [Thu, 12 Jan 2006 03:02:00 +0000 (03:02 +0000)]
r12858: This moves the libnet_LookupPdc code to use a GetDC request to find
the remote server's name, or in the absence of a local nbt_server to
communicate with (or without root access), a node status request.

The result is that we are in a better position to use kerberos, as well
as to remove the 'password server' mandatory parameter for the samsync
and samdump commands.  (I need this to put these into SWAT).

The only problem I have is that I must create a messaging context, which
requires a server ID.  As a client process, I don't expect to get
messages, but it is currently required for replies, so I generate a
random() number.  We probably need the servers to accept connections on
streamed sockets too, for client-only tasks that want IRPC.

Because I wanted to test this code, I have put the NET-API-* tests into
our test scripts, to ensure they pass and keep passing.  They are good
frontends onto the libnet system, and I see no reason not to test them.

In doing so the NET-API-RPCCONNECT test was simplified to take a
binding string on the command line, removing duplicate code, and
testing the combinations in the scripts instead.

(I have done a bit of work on the list shares code in libnet_share.c
to make it pass 'make test')

In the future, I would like to extend the libcli/findds.c code (based
off volker's winbind/wb_async_helpers.c, which is why it shows up a bit
odd in the patch) to handle getting multiple name replies, sending a
getdc request to each in turn.

(posted to samba-technical for review, and I'll happily update with
any comments)

Andrew Bartlett

13 years agor12856: make the logic much more sane
Stefan Metzmacher [Wed, 11 Jan 2006 20:38:10 +0000 (20:38 +0000)]
r12856: make the logic much more sane

metze

13 years agor12851: Fix some typos
Jelmer Vernooij [Wed, 11 Jan 2006 18:14:55 +0000 (18:14 +0000)]
r12851: Fix some typos

13 years agor12850: - add Doxygen comments to ldb
Stefan Metzmacher [Wed, 11 Jan 2006 16:31:57 +0000 (16:31 +0000)]
r12850: - add Doxygen comments to ldb
- 'make doxygen' generated the api documentation under apidocs/

Many thanks to Brad Hards <bradh@frogmouth.net> for the patches!

metze

13 years agor12849: fix typo
Stefan Metzmacher [Wed, 11 Jan 2006 16:29:02 +0000 (16:29 +0000)]
r12849: fix typo

metze

13 years agor12847: add some ldb examples from Brad Hards (bradh@frogmouth.net)
Stefan Metzmacher [Wed, 11 Jan 2006 16:20:16 +0000 (16:20 +0000)]
r12847: add some ldb examples from Brad Hards (bradh@frogmouth.net)

metze

13 years agor12846: some fixes
Stefan Metzmacher [Wed, 11 Jan 2006 16:04:28 +0000 (16:04 +0000)]
r12846: some fixes

metze

13 years agor12845: fix some typos
Stefan Metzmacher [Wed, 11 Jan 2006 16:00:27 +0000 (16:00 +0000)]
r12845: fix some typos

metze

13 years agor12844: don't include system headers directly
Stefan Metzmacher [Wed, 11 Jan 2006 15:07:14 +0000 (15:07 +0000)]
r12844: don't include system headers directly

metze

13 years agor12843: get special objects with ldbsearch -a too, to match ldbedit -a
Stefan Metzmacher [Wed, 11 Jan 2006 15:03:20 +0000 (15:03 +0000)]
r12843: get special objects with ldbsearch -a too, to match ldbedit -a

metze

13 years agor12842: don't include system headers directly
Stefan Metzmacher [Wed, 11 Jan 2006 15:01:21 +0000 (15:01 +0000)]
r12842: don't include system headers directly

metze

13 years agor12838: make the ntvfs function public
Stefan Metzmacher [Wed, 11 Jan 2006 10:53:52 +0000 (10:53 +0000)]
r12838: make the ntvfs function public

metze

13 years agor12836: use: -fvisibility=hidden -D_PUBLIC_="__attribute__((visibility(\"default...
Stefan Metzmacher [Wed, 11 Jan 2006 00:56:49 +0000 (00:56 +0000)]
r12836: use: -fvisibility=hidden -D_PUBLIC_="__attribute__((visibility(\"default\")))"
if the compiler supports it, this will cause that modules can only access
public functions (gcc 4 supports this)

metze

13 years agor12835: RpcConnect test expansion to test connecting using ncacp_ip_tcp
Rafal Szczesniak [Tue, 10 Jan 2006 22:22:55 +0000 (22:22 +0000)]
r12835: RpcConnect test expansion to test connecting using ncacp_ip_tcp
as well as ncacn_np.

rafal