12 years agor13649: Move the general introduction to Samba4 to README and
Jelmer Vernooij [Thu, 23 Feb 2006 09:33:44 +0000 (09:33 +0000)]
r13649: Move the general introduction to Samba4 to README and
prepare WHATSNEW.txt for release notes (similar as we do for Samba3).
(This used to be commit b4e9f0c99510413e851495bce5f02081beef38c3)

12 years agor13637: Adding more netr_UserFlags.
Günther Deschner [Wed, 22 Feb 2006 16:25:31 +0000 (16:25 +0000)]
r13637: Adding more netr_UserFlags.

(This used to be commit 3ad84a844c612104592ddee07c9512eddb3467ae)

12 years agor13634: Fix typo.
Günther Deschner [Wed, 22 Feb 2006 14:07:04 +0000 (14:07 +0000)]
r13634: Fix typo.

(This used to be commit cd569446a1bbfca08ff16a06b3af7bb94986a5ad)

12 years agor13633: Adding more SE_GROUP bits and make it a bitmask as well.
Günther Deschner [Wed, 22 Feb 2006 14:05:49 +0000 (14:05 +0000)]
r13633: Adding more SE_GROUP bits and make it a bitmask as well.

(This used to be commit 8e939896822e9727919a49638c818a7d7faabb78)

12 years agor13632: The "password_properties" is a bitmask as well.
Günther Deschner [Wed, 22 Feb 2006 13:56:46 +0000 (13:56 +0000)]
r13632: The "password_properties" is a bitmask as well.

(This used to be commit 0d918764b1f0c1aa65f826b9a845746c914f87df)

12 years agor13631: Add DOMAIN_PASSWORD_LOCKOUT_ADMINS (this bit only allows to lockout
Günther Deschner [Wed, 22 Feb 2006 13:53:33 +0000 (13:53 +0000)]
r13631: Add DOMAIN_PASSWORD_LOCKOUT_ADMINS (this bit only allows to lockout
Administrator, not Domain Admins in general).

(This used to be commit abad44a57dfdf492f548c05a897af341ba0f5e68)

12 years agor13630: Add new ACB-bits as seen in acct_flags in the PAC info3
Günther Deschner [Wed, 22 Feb 2006 13:52:00 +0000 (13:52 +0000)]
r13630: Add new ACB-bits as seen in acct_flags in the PAC info3
(merge from Samba 3).

(This used to be commit fa1127c5456fd112568e929e409953dcd3cb2e21)

12 years agor13629: export env-vars
Stefan Metzmacher [Wed, 22 Feb 2006 13:42:54 +0000 (13:42 +0000)]
r13629: export env-vars

(This used to be commit fbd78b6272eaca4b89071139e4b34cbdd15ed644)

12 years agor13628: fix the logic:-)
Stefan Metzmacher [Wed, 22 Feb 2006 13:37:21 +0000 (13:37 +0000)]
r13628: fix the logic:-)

(This used to be commit 7f1de54c84f86c292833c7e66ab2699ee4f83c52)

12 years agor13627: split the NBT-WINSREPLICATION tests into multiple tests
Stefan Metzmacher [Wed, 22 Feb 2006 12:10:29 +0000 (12:10 +0000)]
r13627: split the NBT-WINSREPLICATION tests into multiple tests

(This used to be commit ae559920e1d227e4e787fe34d908a965b922b284)

12 years agor13626: fix make test
Stefan Metzmacher [Wed, 22 Feb 2006 11:53:04 +0000 (11:53 +0000)]
r13626: fix make test

(This used to be commit 2acf203949998f3ca2423a8535302a777accacb7)

12 years agor13624: as abartlet requested, move the saslauthd parsing stuff to a seperate file
Stefan Metzmacher [Wed, 22 Feb 2006 11:19:46 +0000 (11:19 +0000)]
r13624: as abartlet requested, move the saslauthd parsing stuff to a seperate file

(This used to be commit 3c8bc98c1bc654287a3a16277c7c63c476ddfff4)

12 years agor13623: - make sure ntvfs_map_qfileinfo isn't used for async replies
Stefan Metzmacher [Wed, 22 Feb 2006 11:11:16 +0000 (11:11 +0000)]
r13623: - make sure ntvfs_map_qfileinfo isn't used for async replies
- add some comments

(This used to be commit e1611b622184b48d2cef1eff2646a09f9e691f9b)

12 years agor13621: add an idl structure to parse saslauthd requests
Stefan Metzmacher [Wed, 22 Feb 2006 10:23:14 +0000 (10:23 +0000)]
r13621: add an idl structure to parse saslauthd requests

(This used to be commit d003654b1c1cbc00602e994b83f40fcfcf349596)

12 years agor13620: initialize the CMD with 0 too
Stefan Metzmacher [Wed, 22 Feb 2006 09:50:07 +0000 (09:50 +0000)]
r13620: initialize the CMD with 0 too

(This used to be commit 7cf1423bc850aca93453d337b49ba593a034000d)

12 years agor13619: fix compiler warning
Stefan Metzmacher [Wed, 22 Feb 2006 09:49:07 +0000 (09:49 +0000)]
r13619: fix compiler warning

(This used to be commit 7b284174aa36fdd5d6841dab4934f1f6ecfba4ce)

12 years agor13618: fix compiler warning
Stefan Metzmacher [Wed, 22 Feb 2006 09:48:35 +0000 (09:48 +0000)]
r13618: fix compiler warning

(This used to be commit 252d5edfb5b4c2a32f943e881f19b61698e9662f)

12 years agor13617: fix compiler warning
Stefan Metzmacher [Wed, 22 Feb 2006 09:48:13 +0000 (09:48 +0000)]
r13617: fix compiler warning

(This used to be commit 082f418fab867e1ca5ab9418514d5578a069eebb)

12 years agor13616: Add new ldb functions: ldb_msg_add_steal_string() and
Andrew Bartlett [Wed, 22 Feb 2006 09:28:58 +0000 (09:28 +0000)]
r13616: Add new ldb functions: ldb_msg_add_steal_string() and

These try to maintain the talloc heirachy, which must be correct
otherwise talloc_steal operations of entire attribute lists fails.

This fixes the currentTime value, found by using Microsoft's dcdiag
tool (before this commit, it pointed to invalid memory, due to the
changes in -r 13606)

Andrew Bartlett
(This used to be commit 424df1bb369fddcfd358cf26dd0da9d3851d181e)

12 years agor13615: Make ldb_set_errstring get ldb instead of module as parameter.
Simo Sorce [Wed, 22 Feb 2006 05:21:43 +0000 (05:21 +0000)]
r13615: Make ldb_set_errstring get ldb instead of module as parameter.
The module was just used to get to the ldb so it was meningless.

Also add LDB_WAIT_ONCE e relative code in ldb_ildap.c
(This used to be commit d5b467b7c132b0bd4d23918ba7bf3370b1afcce8)

12 years agor13609: Get in the initial work on making ldb async
Simo Sorce [Wed, 22 Feb 2006 01:31:35 +0000 (01:31 +0000)]
r13609: Get in the initial work on making ldb async
Currently only ldb_ildap is async, the plan
is to first make all backend support the async calls,
and then remove the sync functions from backends and
keep the only in the API.

Modules will need to be transformed along the way.

(This used to be commit 1e2c13b2d52de7c534493dd79a2c0596a3e8c1f5)

12 years agor13606: An attempt to fix #3525.
Andrew Bartlett [Wed, 22 Feb 2006 00:26:56 +0000 (00:26 +0000)]
r13606: An attempt to fix #3525.

The problem was that the supportedControls were being stolen into the
result sent to the client, then talloc_free()ed.  This caused them to
be invalid on the next rootDSE query.

This also tries to avoid attaching the result to the long-term samdb
context, and avoids an extra loop in the result processing (pointed
out by tridge).

Andrew BARtlett
(This used to be commit d0b8957f38fda4d84a318d6121ad87ba53a9ddb3)

12 years agor13605: Use $BASEDN to ensure this works outside of the 'make test' rig.
Andrew Bartlett [Wed, 22 Feb 2006 00:18:07 +0000 (00:18 +0000)]
r13605: Use $BASEDN to ensure this works outside of the 'make test' rig.

Andrew Bartlett
(This used to be commit b0e7a58cc9e513240c117ad5464c613c7b62410d)

12 years agor13592: Incredible how bugs like this can sweep in even after peer review and testing ...
Simo Sorce [Tue, 21 Feb 2006 16:03:58 +0000 (16:03 +0000)]
r13592: Incredible how bugs like this can sweep in even after peer review and testing ...
(This used to be commit 8483f61a1df0c80f3385b1ab5a2628c2a97d41a2)

12 years agor13584: Another try at SPNEGO stuff. I need to write a better testsuite for this.
Andrew Bartlett [Tue, 21 Feb 2006 00:17:52 +0000 (00:17 +0000)]
r13584: Another try at SPNEGO stuff.  I need to write a better testsuite for this.

This tries to ensure that when we are a client, we cope with mechs
(like GSSAPI) that only abort (unknown server) at first runtime.

Andrew Bartlett
(This used to be commit cb5d18c6190fa1809478aeb60e352cb93c4214f6)

12 years agor13583: Realise that the member server name appears in all calls that use the
Andrew Bartlett [Tue, 21 Feb 2006 00:07:59 +0000 (00:07 +0000)]
r13583: Realise that the member server name appears in all calls that use the

Consistantly rename these elements in the IDL to computer_name.

Fix the server-side code to always lookup by this name.

Add new, even nastier tests to RPC-SCHANNEL to prove this.

Andrew Bartlett
(This used to be commit 341a0abeb4a9f88d64ffd4681249cb1f643a7a5a)

12 years agor13582: Indent
Andrew Bartlett [Tue, 21 Feb 2006 00:05:01 +0000 (00:05 +0000)]
r13582: Indent
(This used to be commit 06ddac2bb1899937b79e3bf89cb84c750c3ce4c5)

12 years agor13580: fix broken client side sort
Simo Sorce [Mon, 20 Feb 2006 22:21:21 +0000 (22:21 +0000)]
r13580: fix broken client side sort
(This used to be commit cbbc0d7cc4f589235d209011bdb0a0401b492d9e)

12 years agor13577: Move some (possibly system-defined) defines to replace.h
Jelmer Vernooij [Mon, 20 Feb 2006 20:40:51 +0000 (20:40 +0000)]
r13577: Move some (possibly system-defined) defines to replace.h
(This used to be commit 2b3d56e153b229119fddfa7b378f4d671ee0092c)

12 years agor13572: Comments to async pipe open functions and copyright note.
Rafal Szczesniak [Mon, 20 Feb 2006 18:03:58 +0000 (18:03 +0000)]
r13572: Comments to async pipe open functions and copyright note.

(This used to be commit 7dde77942bfcb73dfdd7a9840d3ba2a984c05064)

12 years agor13568: Comments to async rpc connect functions.
Rafal Szczesniak [Mon, 20 Feb 2006 17:30:15 +0000 (17:30 +0000)]
r13568: Comments to async rpc connect functions.

(This used to be commit 9ef2275f6179869f2683e96c6f91d9569a6360c8)

12 years agor13561: Turn all dcerpc connect and socket functions to async version.
Rafal Szczesniak [Sun, 19 Feb 2006 16:58:48 +0000 (16:58 +0000)]
r13561: Turn all dcerpc connect and socket functions to async version.
Now, each rpc interface (named pipe, tcp/ip, lrpc and unix
socket) works asynchronously.
Comments to follow.

(This used to be commit 789f9d43db7ea59e79d5aa498e2e9fd077448825)

12 years agor13551: Add an accessor function for the user sid.
Andrew Bartlett [Fri, 17 Feb 2006 23:51:43 +0000 (23:51 +0000)]
r13551: Add an accessor function for the user sid.

Andrew Bartlett
(This used to be commit 273cb8fd4288f7bf15e0bcad9f6a4cbf4f142b24)

12 years agor13516: We can't bind to both and specific network interfaces at the
Andrew Bartlett [Wed, 15 Feb 2006 21:08:10 +0000 (21:08 +0000)]
r13516: We can't bind to both and specific network interfaces at the
same time.

This was causing the kdc to shut itself down if 'bind interfaces only = no'.

Andrew Bartlett
(This used to be commit 02ff22a25050687478cfcca4dce35c2346cc2241)

12 years agor13508: some ASN.1 element in LDAP are optional,
Stefan Metzmacher [Wed, 15 Feb 2006 15:19:10 +0000 (15:19 +0000)]
r13508: some ASN.1 element in LDAP are optional,
make it possible to code the difference between a zero length and a NULL DATA_BLOB...

(This used to be commit 54f0b19c55df8ad3882f31a114e2ea0e4cf940ae)

12 years agor13507: the 'data' element of LDAP controls is optional.
Stefan Metzmacher [Wed, 15 Feb 2006 15:13:05 +0000 (15:13 +0000)]
r13507: the 'data' element of LDAP controls is optional.
(prepare the next commit)

(This used to be commit a1bbf7f2982185cb6cd544b65b4709ab33a850c5)

12 years agor13506: zero memory as some ASN.1 elements are optional, and we should initialize
Stefan Metzmacher [Wed, 15 Feb 2006 13:33:33 +0000 (13:33 +0000)]
r13506: zero memory as some ASN.1 elements are optional, and we should initialize
them for the internal use...

found by 'make valgrindtest'

(This used to be commit 1db9501c5261a974c6da1938537c7991ff6cfefd)

12 years agor13505: allow servers to bind to non-broadcast interfaces. Servers now
Andrew Tridgell [Wed, 15 Feb 2006 04:18:11 +0000 (04:18 +0000)]
r13505: allow servers to bind to non-broadcast interfaces. Servers now
specifically ask for iface_n_bcast() and have to check if it returns
NULL, in which case it is a non-broadcast interface
(This used to be commit d004e250b6710251ea089ac242775481f13b5c2b)

12 years agor13504: add back in a comment noting fred as the contributor of the address
Andrew Tridgell [Wed, 15 Feb 2006 02:56:31 +0000 (02:56 +0000)]
r13504: add back in a comment noting fred as the contributor of the address
calculation code. This was originally done in 1997, and has been
morphed a lot since then, but fred should still get credit
(This used to be commit 172e41596fb3b4d2768d6885aea43295cc2f81c1)

12 years agor13481: As far as I can tell, my changes in -r 12863 were dangerously untested.
Andrew Bartlett [Mon, 13 Feb 2006 00:08:16 +0000 (00:08 +0000)]
r13481: As far as I can tell, my changes in -r 12863 were dangerously untested.

We do need the gsskrb5_get_initiator_subkey() routine.  But we should
ensure that we do always get a valid key, to prevent any segfaults.

Without this code, we get a different session key compared with
Win2k3, and so kerberised smb signing fails.

Andrew Bartlett
(This used to be commit cfd0df16b74b0432670b33c7bf26316b741b1bde)

12 years agor13480: Explain a little about how these credentials structures should be used.
Andrew Bartlett [Mon, 13 Feb 2006 00:04:28 +0000 (00:04 +0000)]
r13480: Explain a little about how these credentials structures should be used.

Andrew Bartlett
(This used to be commit b90959f7968ebbfc82ac55d4775d5574b1fc6925)

12 years agor13479: Return the joined domain SID and user SID as structures, not strings.
Andrew Bartlett [Mon, 13 Feb 2006 00:02:31 +0000 (00:02 +0000)]
r13479: Return the joined domain SID and user SID as structures, not strings.

Andrew Bartlett
(This used to be commit e1de45bce47292eef1f9c56ea5576c0436e6151d)

12 years agor13472: After Volker's advise, try every combination of parameters. This
Andrew Bartlett [Sun, 12 Feb 2006 14:19:31 +0000 (14:19 +0000)]
r13472: After Volker's advise, try every combination of parameters.  This
isn't every parameter on NTLMSSP, but it is most of the important

This showed up that we had the '128bit && LM_KEY' case messed up.
This isn't supported, so we must look instead at the 56 bit flag.

Andrew Bartlett
(This used to be commit 990da31b5f63f1e707651af8bf1a3241a8309811)

12 years agor13471: With more 'try all options' testing, I found this 'simple' but in the
Andrew Bartlett [Sun, 12 Feb 2006 13:53:42 +0000 (13:53 +0000)]
r13471: With more 'try all options' testing, I found this 'simple' but in the
NTLM2 signing code.

Andrew Bartlett
(This used to be commit 16e5c968756c40b8595503da47a1adb9cb09c447)

12 years agor13470: Thanks to a report from VL:
Andrew Bartlett [Sun, 12 Feb 2006 12:42:37 +0000 (12:42 +0000)]
r13470: Thanks to a report from VL:

We were causing mayhem by weakening the keys at the wrong point in time.

I think this is the correct place to do it.  The session key for SMB
signing, and the 'smb session key' (used for encrypting password sets)
is never weakened.

The session key used for bulk data encryption/signing is weakened.

This also makes more sense, when we look at the NTLM2 code.

Andrew Bartlett
(This used to be commit 3fd32a12094ff2b6df52f5ab2af7c0ffceb5a4a0)

12 years agor13467: Add new parametric options (for testing) controlling LM_KEY and 56-bit
Andrew Bartlett [Sun, 12 Feb 2006 12:06:08 +0000 (12:06 +0000)]
r13467: Add new parametric options (for testing) controlling LM_KEY and 56-bit
encryption behaviour.

Andrew Bartlett
(This used to be commit 2b3b2f33a4c531f2b0f65521cc352e6d762e95bd)

12 years agor13466: Make it easier to understand what this function actually does.
Andrew Bartlett [Sun, 12 Feb 2006 12:04:41 +0000 (12:04 +0000)]
r13466: Make it easier to understand what this function actually does.

Andrew Bartlett
(This used to be commit f075497926f3b8131bf8427ee3a3d5c9e5ee77d7)

12 years agor13405: Allow a fallback if SPNEGO is somehow disabled in the client, to just NTLMSSP.
Andrew Bartlett [Thu, 9 Feb 2006 03:06:02 +0000 (03:06 +0000)]
r13405: Allow a fallback if SPNEGO is somehow disabled in the client, to just NTLMSSP.

Andrew Bartlett
(This used to be commit 3e96975d910496db87e8e34e310f0f6d283210bf)

12 years agor13404: Comments, whitespace.
Andrew Bartlett [Thu, 9 Feb 2006 03:05:22 +0000 (03:05 +0000)]
r13404: Comments, whitespace.

Andrew Bartlett
(This used to be commit 04e2fe8b6d293092af86a54215c1fa037bbb20e9)

12 years agor13403: Try to better handle a case where SPNEGO isn't available (allow us to
Andrew Bartlett [Thu, 9 Feb 2006 03:04:48 +0000 (03:04 +0000)]
r13403: Try to better handle a case where SPNEGO isn't available (allow us to
emulate the behaviour of XP standalone if required).

Andrew Bartlett
(This used to be commit 7f821097fbdbc9f35d96e05f85cf008f36c0eea3)

12 years agor13402: Make Samba4 pass a nastier RPC-SCHANNEL test.
Andrew Bartlett [Thu, 9 Feb 2006 02:30:43 +0000 (02:30 +0000)]
r13402: Make Samba4 pass a nastier RPC-SCHANNEL test.

The new RPC-SCHANNEL test shows that the full credentials state must
be kept in some shared memory, for some length of time.  In
particular, clients will reconnect with SCHANNEL (after loosing all
connections) and expect that the credentials chain will remain in the
same place.

To achive this, we do the server-side crypto in a transaction,
including the fetch/store of the shared state.

Andrew Bartlett
(This used to be commit 982a6aa871c9fce17410a9712cd9fa726025ff90)

12 years agor13401: remove the rename of the snprintf functions that simo accidentially
Andrew Tridgell [Thu, 9 Feb 2006 00:50:48 +0000 (00:50 +0000)]
r13401: remove the rename of the snprintf functions that simo accidentially
included in his last commit
(This used to be commit 487b374b4359b2cb5f4e249e595c43bfa568a853)

12 years agor13400: Only return NULL from talloc_asprintf if vsnprintf returns an
James Peach [Thu, 9 Feb 2006 00:49:03 +0000 (00:49 +0000)]
r13400: Only return NULL from talloc_asprintf if vsnprintf returns an
error (ie. zero is not an error).
(This used to be commit 1ab4674196b9df0b2b7b6eb4991358cc2f86c0d9)

12 years agor13397: Propagate the error return from vsnprintf to trap the case where
James Peach [Wed, 8 Feb 2006 23:44:17 +0000 (23:44 +0000)]
r13397: Propagate the error return from vsnprintf to trap the case where
we aren't linked against a C99 vsnprintf.
(This used to be commit 23782f899aaa5fe488d86d5e67e91be99ff7a146)

12 years agor13388: Report a more helpful error with malformed file options of
James Peach [Wed, 8 Feb 2006 05:14:48 +0000 (05:14 +0000)]
r13388: Report a more helpful error with malformed file options of
the form //server/share (ie. remote path missing).
(This used to be commit 443677f58d4ba8d6aa2963ca5848d3e717ee2cac)

12 years agor13387: Make sure smbcli_parse_unc reports a failure for strings of
James Peach [Wed, 8 Feb 2006 05:13:11 +0000 (05:13 +0000)]
r13387: Make sure smbcli_parse_unc reports a failure for strings of
the form //server. Make sure failure cases are well-defined.
(This used to be commit e0020df66bf38873eaaacb95cadac55e17f432be)

12 years agor13381: Test the SamLogonEx SamLogon call in the schannel test. This is only
Andrew Bartlett [Tue, 7 Feb 2006 23:49:35 +0000 (23:49 +0000)]
r13381: Test the SamLogonEx SamLogon call in the schannel test.  This is only
available under schannel, and performs a netlogon authentication.

Andrew Bartlett
(This used to be commit 561a690915f9d3ca2fbb76f16c47cf2f6be1b825)

12 years agor13380: Drop the socket, then try SAMR operations secured with netlogon on the new...
Andrew Bartlett [Tue, 7 Feb 2006 23:30:50 +0000 (23:30 +0000)]
r13380: Drop the socket, then try SAMR operations secured with netlogon on the new socket.

We should also test netlogon operations, but there are issues with
what state is expected to be stored (far more than we currently do).

Andrew Bartlett
(This used to be commit 39ddba0d0dc4475f9f7c5b7aa19ffff42c9fd1f5)

12 years agor13374: new revision of the snprintf replace code
Simo Sorce [Tue, 7 Feb 2006 00:50:38 +0000 (00:50 +0000)]
r13374: new revision of the snprintf replace code

still missing a configure test to make us
substitute our snprintf to system one when
the system one does not have positional parameters support
(This used to be commit 398f989d6580587eb1fa4fec0b1ed858b5cbe8e1)

12 years agor13373: Implement the -p option for smbtorture.
James Peach [Mon, 6 Feb 2006 23:01:17 +0000 (23:01 +0000)]
r13373: Implement the -p option for smbtorture.
(This used to be commit fc17a50b48189c60af60b9163695b48c6b87c5c7)

12 years agor13372: fixes ... still no joy
Simo Sorce [Mon, 6 Feb 2006 22:55:34 +0000 (22:55 +0000)]
r13372: fixes ... still no joy
(This used to be commit 0e2cca9153619d646b90f32620905ab66b017c6a)

12 years agor13370: Added deltest21 - pull the rug out from a connection by socket
Jeremy Allison [Mon, 6 Feb 2006 19:43:24 +0000 (19:43 +0000)]
r13370: Added deltest21 - pull the rug out from a connection by socket
close after setting delete on close flag.
(This used to be commit fbea18e78f8a3c6dbb36aa935b7044c0fcf61da4)

12 years agor13369: let's have a way to show the samba4 version through ejs
Simo Sorce [Mon, 6 Feb 2006 18:29:57 +0000 (18:29 +0000)]
r13369: let's have a way to show the samba4 version through ejs
and use it in provisioning to fullfill rfc 3045 requirements
(This used to be commit 3fb9571a76481560304a826fc945983d52123299)

12 years agor13362: Rename variables for better consistency.
James Peach [Mon, 6 Feb 2006 04:06:55 +0000 (04:06 +0000)]
r13362: Rename variables for better consistency.
(This used to be commit dc20bb0ddc0824fc458e7fc4a9bce5059f4fc0d5)

12 years agor13361: initial implementation of the vlv control
Simo Sorce [Mon, 6 Feb 2006 01:21:17 +0000 (01:21 +0000)]
r13361: initial implementation of the vlv control
seem still buggy, can't make w2k3 to like it yet
(This used to be commit e1318383e91f6f6db39e3e3c9946fbb089753947)

12 years agor13360: Fix crash bug when 0 results are returned on the internal base search
Simo Sorce [Mon, 6 Feb 2006 00:39:05 +0000 (00:39 +0000)]
r13360: Fix crash bug when 0 results are returned on the internal base search
(This used to be commit fbee725ae87efbcf5887c923d55d7cb0d05476a6)

12 years agor13359: make sure we don't look at s[-1]
Stefan Metzmacher [Mon, 6 Feb 2006 00:27:02 +0000 (00:27 +0000)]
r13359: make sure we don't look at s[-1]

(This used to be commit 24c6e2f73175befa33f9758634e3ee183916e387)

12 years agor13358: removed some unused functions and make some local functions static
Andrew Tridgell [Sun, 5 Feb 2006 23:13:44 +0000 (23:13 +0000)]
r13358: removed some unused functions and make some local functions static
(This used to be commit a73b76a36a70703738945d42795da6cf90c85105)

12 years agor13357: more docs
Simo Sorce [Sun, 5 Feb 2006 21:59:50 +0000 (21:59 +0000)]
r13357: more docs
(This used to be commit 5af9086deafc88aa1f9256cc0090592ecbd62203)

12 years agor13356: test utf8 usernames
Simo Sorce [Sun, 5 Feb 2006 21:25:18 +0000 (21:25 +0000)]
r13356: test utf8 usernames
(This used to be commit 7ddec83a602372765711bff7207657b73922aaea)

12 years agor13355: check controls are correctly exported
Simo Sorce [Sun, 5 Feb 2006 20:57:15 +0000 (20:57 +0000)]
r13355: check controls are correctly exported
(This used to be commit 07fa55db32dcb93bfb4406baca0cfba31d3bc189)

12 years agor13354: Add tests to check that controls work properly
Simo Sorce [Sun, 5 Feb 2006 20:48:27 +0000 (20:48 +0000)]
r13354: Add tests to check that controls work properly
Fix asq module, add a second_stage_init to register with rootdse
Fix asq control ldap parsing routines (this was nasty to find out)
(This used to be commit 933a80397d137f7d5b79c82a068d62bb6928ef47)

12 years agor13353: Fix a crash bug in rootdse when we do not pass in credentials
Simo Sorce [Sun, 5 Feb 2006 18:18:29 +0000 (18:18 +0000)]
r13353: Fix a crash bug in rootdse when we do not pass in credentials
a plain ldbsearch would just crash

Fix kludge_acl, not passing on the second stage registration
phase to other modules

(This used to be commit bec99c5cb65d8c32fd4f636ed2f5383fb1b39830)

12 years agor13352: Integrate Patch to support the ManageDSAIT control
Simo Sorce [Sun, 5 Feb 2006 17:28:27 +0000 (17:28 +0000)]
r13352: Integrate Patch to support the ManageDSAIT control
from Pete Rowley <>
(This used to be commit bf20a848fda1607ca1b0d84791c299c0035793a1)

12 years agor13349: In the end I could not use ldb_caseless_cmp
Simo Sorce [Sat, 4 Feb 2006 18:30:30 +0000 (18:30 +0000)]
r13349: In the end I could not use ldb_caseless_cmp
in attrib_handler.c functions

remove it again

(This used to be commit 513ff499071e6cb5e608a82430718021f72997bd)

12 years agor13348: Put a reminder for now.
Simo Sorce [Sat, 4 Feb 2006 16:46:40 +0000 (16:46 +0000)]
r13348: Put a reminder for now.
Until we do not have an internal utf8 compliant
casefloding function we cannot pass this test
in the non-samba build
(This used to be commit 5d93c1eeba8f64784294f3aabcaefa4aaf798355)

12 years agor13347: - Now we compare values with an optimized utf8
Simo Sorce [Sat, 4 Feb 2006 16:44:27 +0000 (16:44 +0000)]
r13347: - Now we compare values with an optimized utf8
safe function if the user provides an utf8
compliant casefold function to ldb.

- Fix toupper_m and tolower_m to not crash if
the case tables are not found

- Let load_case_table() search into the correct
directory in the search tree for the case
tables so that we can test utf8

(This used to be commit e12f070958eb3c144beb81c5cb878db122249021)

12 years agor13346: use private proto header files for the torture tests
Stefan Metzmacher [Sat, 4 Feb 2006 14:08:24 +0000 (14:08 +0000)]
r13346: use private proto header files for the torture tests

(This used to be commit 67837dbd2bcff8ec1917ba02884ee2eaa0776b46)

12 years agor13345: let us replicate with NT4sp6a
Stefan Metzmacher [Sat, 4 Feb 2006 13:54:30 +0000 (13:54 +0000)]
r13345: let us replicate with NT4sp6a

I don't yet know what the extra data in the start_association call mean...

This also let w2k use WREPL_REPL_INFORM messages to us, but w2k3 doesn't
it do it yet...

(This used to be commit 02d6dfa1da754857c28125392a561cfde0087c48)

12 years agor13344: Trust SASL to have subtle distinctions between NULL and zero-length
Andrew Bartlett [Sat, 4 Feb 2006 11:19:09 +0000 (11:19 +0000)]
r13344: Trust SASL to have subtle distinctions between NULL and zero-length

Also trust OpenLDAP to be pedantic about it, breaking connections to AD.

In any case, we now get this 'right' (by nasty overloading hacks, but
hey), and we can now use system-supplied OpenLDAP libs and SASL/GSSAPI
to talk to Samba4.

Andrew Bartlett
(This used to be commit 0cbe18211a95f811b51865bc0e8729e9a302ad25)

12 years agor13342: Make the GSSAPI SASL mech actually work, by (shock horror) reading the spec.
Andrew Bartlett [Sat, 4 Feb 2006 09:53:50 +0000 (09:53 +0000)]
r13342: Make the GSSAPI SASL mech actually work, by (shock horror) reading the spec.

GSSAPI differs from GSS-SPNEGO in an additional 3 packets, negotiating
a buffer size and what integrity protection/privacy should be used.

I worked off draft-ietf-sasl-gssapi-03, and this works against Win2k3.

I'm doing this in the hope that Apple clients as well as SASL-based
LDAP tools may get a bit further.

I still can't get ldapsearch to work, it fails with the ever-helpful
'Local error'.

Andrew Bartlett
(This used to be commit 3e462897754b30306c1983af2d137329dd937ad6)

12 years agor13341: Trivial.
Andrew Bartlett [Sat, 4 Feb 2006 09:50:02 +0000 (09:50 +0000)]
r13341: Trivial.
(This used to be commit b986278b367a6693f69a06e07ca90f8b5a23a0c0)

12 years agor13340: The gensec_init() needs to be after the popt processing, as it
Andrew Bartlett [Sat, 4 Feb 2006 09:49:33 +0000 (09:49 +0000)]
r13340: The gensec_init() needs to be after the popt processing, as it
disables modules based on parametric options.

Andrew Bartlett
(This used to be commit db32a81f3ea661e2308cccca8d6a251a3d57337e)

12 years agor13339: Propogate more error infomation into the error packet and reformat the
Andrew Bartlett [Sat, 4 Feb 2006 09:48:22 +0000 (09:48 +0000)]
r13339: Propogate more error infomation into the error packet and reformat the
code a little.  This also fixes a segfault when we didn't fill in the
error message.

Andrew Bartlett
(This used to be commit 3be01a4ac7efe8d161910e8339bfe42584c0db86)

12 years agor13336: Doh! We actually never optimized for the ascii case.
Simo Sorce [Sat, 4 Feb 2006 08:55:35 +0000 (08:55 +0000)]
r13336: Doh! We actually never optimized for the ascii case.
In the 3.0 branches it is fixed this but we missed it for samba4
(This used to be commit baccb3c9147e161a6d2cbe371a60bf2ddcc0585c)

12 years agor13335: Fix the build and add an utf8 safe ldb_hadler_fold function
Simo Sorce [Sat, 4 Feb 2006 07:57:57 +0000 (07:57 +0000)]
r13335: Fix the build and add an utf8 safe ldb_hadler_fold function
based on ldb_casefold
(This used to be commit 6104f900863c688707809d42c5429a42d654d5fb)

12 years agor13334: Add comments describing what these functions do.
Andrew Bartlett [Sat, 4 Feb 2006 07:56:30 +0000 (07:56 +0000)]
r13334: Add comments describing what these functions do.

We still need many more, but it is a start...

Andrew Bartlett
(This used to be commit b2bda127f681dc1e2003c86159a85fa613373f16)

12 years agor13333: revert previous commit I will use ldb_caseless_cmp in attrib_handlers
Simo Sorce [Sat, 4 Feb 2006 06:57:28 +0000 (06:57 +0000)]
r13333: revert previous commit I will use ldb_caseless_cmp in attrib_handlers
to correctly support utf8 comparisons

add an ldb_attr_Casefold function for attribute names and use it
instead of casefold in the right places
(This used to be commit 3b4eb2413bbce059dde69f35c03cdc3cc2ba85c5)

12 years agor13328: After the attribute name check cleanup it turned up ldb_caseless_cmp()
Simo Sorce [Sat, 4 Feb 2006 05:59:48 +0000 (05:59 +0000)]
r13328: After the attribute name check cleanup it turned up ldb_caseless_cmp()
was used just in one places and by mistake, as there we should have
been using ldb_attr_cmp()

Remove ldb_caseless_cmp() ... going on with the cleanup and utf8 compliance

(This used to be commit afda68d7bf655a9145648856d29e6e64b9f21aa3)

12 years agor13325: let samba register it's own utf8 aware functions in ldb
Simo Sorce [Sat, 4 Feb 2006 01:27:47 +0000 (01:27 +0000)]
r13325: let samba register it's own utf8 aware functions in ldb
(This used to be commit 12faf556833807d3f2aa4360c54e10583ac77fed)

12 years agor13324: From now on check attribute names obey rfc2251
Simo Sorce [Sat, 4 Feb 2006 00:38:48 +0000 (00:38 +0000)]
r13324: From now on check attribute names obey rfc2251
Also add a way to provide utf8 compliant functions
by registering them with ldb_set_utf8_fns()

Next comes code to register samba internal utf8 functions.

(This used to be commit ac9b8a41ffca8e06c5e849d544d3203a665b8e0d)

12 years agor13321: Bind to each interface and to the interface on the KDC. This
Andrew Bartlett [Fri, 3 Feb 2006 23:19:00 +0000 (23:19 +0000)]
r13321: Bind to each interface and to the interface on the KDC.  This
was pointed out by Maurice Massar.  It ensures we get the addresses
for the krb5_mk_priv() correct (otherwise an MIT kpasswdd fails over

Also never run the KDC unless we are a DC.

Andrew Bartlett
(This used to be commit c17007918459678004a009ccaa50fb85e8b6a739)

12 years agor13320: Fix kpasswd's use of the local HDB. /dev/null was a bad idea, we want
Andrew Bartlett [Fri, 3 Feb 2006 23:07:58 +0000 (23:07 +0000)]
r13320: Fix kpasswd's use of the local HDB.  /dev/null was a bad idea, we want
'no filename' instead.

Andrew Bartlett
(This used to be commit 7de385dca4c40e98a40ef1e769826de8bff64323)

12 years agor13317: Create a new function messaging_client_init() which can be used when
Andrew Bartlett [Fri, 3 Feb 2006 22:30:30 +0000 (22:30 +0000)]
r13317: Create a new function messaging_client_init() which can be used when
we don't have a server messaging context.  We should replace the
datagram messages with stream sockets in this case, so we don't have
to create a unique socket.

Andrew Bartlett
(This used to be commit fd974fb64792f8f6c532b01d2a2e012be18eef7e)

12 years agor13307: docs
Simo Sorce [Fri, 3 Feb 2006 15:58:41 +0000 (15:58 +0000)]
r13307: docs
(This used to be commit e56630d1f8688ff3ff334893a4bc49dff8e36fe2)

12 years agor13297: It's a good thing the shipment of function headers tridge
Jeremy Allison [Fri, 3 Feb 2006 02:07:22 +0000 (02:07 +0000)]
r13297: It's a good thing the shipment of function headers tridge
sent me arrived on time... :-).
Refactor this code to make it comprehensible. Tested
against W2K3 SP 1 and W2K SP 4. Test 19 is different
from what I thought. Turns out delete on close on
"open" of a directory (not create) does have an
effect - even if not reported in the flag bit.
trige please test against Vista (my XP box is
refusing to serve at the moment - have to reinstall).

(This used to be commit 2b708e26185bfc0a909a33e74e67dd2101c3bbbe)

12 years agor13289: Check the tree is not NULL
Simo Sorce [Wed, 1 Feb 2006 20:48:05 +0000 (20:48 +0000)]
r13289: Check the tree is not NULL
Thanks to Aaron J. Seigo <> for spotting this
(This used to be commit 4b5c0493e2276a9eba1bada7c4bac99999a465e2)

12 years agor13283: added two optimisations to the tdb transactions code. The first is to
Andrew Tridgell [Wed, 1 Feb 2006 10:50:26 +0000 (10:50 +0000)]
r13283: added two optimisations to the tdb transactions code. The first is to
more agressively coalesce entries in the linked list of the undo
log. The second is to ensure that writes during a transaction into the
hash table don't cause the size of the undo log linked list to grow.

These optimisations don't affect Samba much, but they make a huge
difference to the use of ldb in kde
(This used to be commit a37d9434d1fa181fd3d060ad032ee4ec5135fc52)

12 years agor13282: Indentation, and ensure we handle the talloc_free in the right place
Andrew Bartlett [Wed, 1 Feb 2006 10:04:55 +0000 (10:04 +0000)]
r13282: Indentation, and ensure we handle the talloc_free in the right place
all the time.

Andrew Bartlett
(This used to be commit 2aa9fefbb30959f29e9d5a79c4880f33a747b68c)

12 years agor13281: Use TALLOC_CTX * not a void *, and use tmp_ctx as the name for consistancy.
Andrew Bartlett [Wed, 1 Feb 2006 10:04:11 +0000 (10:04 +0000)]
r13281: Use TALLOC_CTX * not a void *, and use tmp_ctx as the name for consistancy.

(I was chasing ghosts in this code, and decided to do a cleanup while
I was there).

Andrew Bartlett
(This used to be commit c05f6be09a0cffdd0b87483f5b3751cc3f96e7f5)