Andrew Bartlett [Thu, 12 Jan 2006 11:36:16 +0000 (11:36 +0000)]
r12869: I have removed this hack. We now just do the lookups (netbios for now).
Andrew Bartlett
(This used to be commit
18eb3ca7cc1a728b7cc5d7102ca765c323f1a6fe)
Andrew Bartlett [Thu, 12 Jan 2006 09:56:15 +0000 (09:56 +0000)]
r12868: Remove unused code. This has moved to libcli/finddcs.c.
Andrew Bartlett
(This used to be commit
a30a359c45c3dac4b910ec130b73cc01324b399a)
Andrew Bartlett [Thu, 12 Jan 2006 09:54:48 +0000 (09:54 +0000)]
r12867: Remove deleted header.
(This used to be commit
a6833db4e6ab8046c8e7f808dfff90bb0529d2d7)
Andrew Bartlett [Thu, 12 Jan 2006 09:38:35 +0000 (09:38 +0000)]
r12866: This removes the abstraction layer in winbindd intended to deal with
multiple protocols, replacing it with the packet handling subsystem.
We don't have multiple protocols at present, and the abstraction layer
only serves to confuse matters. Also, the new packet subsystem removes
the need to handle partial reads.
We can easily add new protocols from the socket up instead, becaue the
difficult bits are done by the packet layer.
Andrew Bartlett
(This used to be commit
acf9dc8fe9e66f1dd3f18c0245375f502f03a24c)
Andrew Bartlett [Thu, 12 Jan 2006 09:33:49 +0000 (09:33 +0000)]
r12865: Upgrade the librpc and libnet code.
In librpc, always try SMB level authentication, even if trying
schannel, but allow fallback to anonymous. This should better
function with servers that set restrict anonymous.
There are too many parts of Samba that get, parse and modify the
binding parameters. Avoid the extra work, and add a binding element
to the struct dcerpc_pipe
The libnet vampire code has been refactored, to reduce extra layers
and to better conform with the standard argument pattern. Also, take
advantage of the new libnet_Lookup code, so we don't require the silly
'password server' smb.conf parameter.
To better support forcing traffic to be sealed for the vampire
operation, the dcerpc_bind_auth() function now takes an auth level
parameter.
Andrew Bartlett
(This used to be commit
d65b354959842326fdd4bd7eb7fbeea0390f4afa)
Andrew Bartlett [Thu, 12 Jan 2006 08:47:21 +0000 (08:47 +0000)]
r12864: Fix valgrind errors in NET-API-LOOKUP* tests.
Andrew Bartlett
(This used to be commit
21f87f87a9b79da4463bddc993df502beae50a16)
Andrew Bartlett [Thu, 12 Jan 2006 07:13:36 +0000 (07:13 +0000)]
r12863: As lha suggested to me a while back, it appears that the
gsskrb5_get_initiator_subkey() routine is bougs. We can indeed use
gss_krb5_get_subkey().
This is fortunate, as there was a segfault bug in 'initiator' version.
Andrew Bartlett
(This used to be commit
ec11870ca1f9231dd3eeae792fc3268b31477e11)
Andrew Bartlett [Thu, 12 Jan 2006 06:44:28 +0000 (06:44 +0000)]
r12862: Need to trim spaces off the end of the node status reply.
Andrew Bartlett
(This used to be commit
3e90e7edfa7d343a6b6bf073b8f4d018e3b463d0)
Andrew Bartlett [Thu, 12 Jan 2006 03:30:20 +0000 (03:30 +0000)]
r12861: Cope when we are not supplied the messaging context. This is just
another case where we have to fallback to the node status request.
Andrew Bartlett
(This used to be commit
181064dbcf102de80937fc30b3d3ba5114194a72)
Andrew Bartlett [Thu, 12 Jan 2006 03:07:04 +0000 (03:07 +0000)]
r12860: Remove unused function. (we handle this in the password_hash module).
Andrew Bartlett
(This used to be commit
daa4b76800024c1494eeda675c46af3790fac788)
Andrew Bartlett [Thu, 12 Jan 2006 03:06:14 +0000 (03:06 +0000)]
r12859: Make Samba4 match the Samba3 winbindd interface. trunk has moved too
far at this point, and there is no point being in between.
Andrew Bartlett
(This used to be commit
10fb19add65ba534ea7cf3357b02d642e94fe535)
Andrew Bartlett [Thu, 12 Jan 2006 03:02:00 +0000 (03:02 +0000)]
r12858: This moves the libnet_LookupPdc code to use a GetDC request to find
the remote server's name, or in the absence of a local nbt_server to
communicate with (or without root access), a node status request.
The result is that we are in a better position to use kerberos, as well
as to remove the 'password server' mandatory parameter for the samsync
and samdump commands. (I need this to put these into SWAT).
The only problem I have is that I must create a messaging context, which
requires a server ID. As a client process, I don't expect to get
messages, but it is currently required for replies, so I generate a
random() number. We probably need the servers to accept connections on
streamed sockets too, for client-only tasks that want IRPC.
Because I wanted to test this code, I have put the NET-API-* tests into
our test scripts, to ensure they pass and keep passing. They are good
frontends onto the libnet system, and I see no reason not to test them.
In doing so the NET-API-RPCCONNECT test was simplified to take a
binding string on the command line, removing duplicate code, and
testing the combinations in the scripts instead.
(I have done a bit of work on the list shares code in libnet_share.c
to make it pass 'make test')
In the future, I would like to extend the libcli/findds.c code (based
off volker's winbind/wb_async_helpers.c, which is why it shows up a bit
odd in the patch) to handle getting multiple name replies, sending a
getdc request to each in turn.
(posted to samba-technical for review, and I'll happily update with
any comments)
Andrew Bartlett
(This used to be commit
7ccddfd3515fc2c0d6f447c768ccbf7a220c3380)
Stefan Metzmacher [Wed, 11 Jan 2006 20:38:10 +0000 (20:38 +0000)]
r12856: make the logic much more sane
metze
(This used to be commit
ed4a3e53fd71679fbdfc2f2932c1098e03026285)
Jelmer Vernooij [Wed, 11 Jan 2006 18:14:55 +0000 (18:14 +0000)]
r12851: Fix some typos
(This used to be commit
61ae77beecd573809d917dd86d1fac6cc40e967d)
Stefan Metzmacher [Wed, 11 Jan 2006 16:31:57 +0000 (16:31 +0000)]
r12850: - add Doxygen comments to ldb
- 'make doxygen' generated the api documentation under apidocs/
Many thanks to Brad Hards <bradh@frogmouth.net> for the patches!
metze
(This used to be commit
e98d483174c555366e62dd27600e6b242cab7a7f)
Stefan Metzmacher [Wed, 11 Jan 2006 16:29:02 +0000 (16:29 +0000)]
r12849: fix typo
metze
(This used to be commit
552e12c05d10ddad55bfc0997303096055ddecdd)
Stefan Metzmacher [Wed, 11 Jan 2006 16:20:16 +0000 (16:20 +0000)]
r12847: add some ldb examples from Brad Hards (bradh@frogmouth.net)
metze
(This used to be commit
4d32d50ccd8bd0bfb3e2d6f5aee23bce38abbc03)
Stefan Metzmacher [Wed, 11 Jan 2006 16:04:28 +0000 (16:04 +0000)]
r12846: some fixes
metze
(This used to be commit
bf6065b11fd84454f8bc881ff96fb1846a59405b)
Stefan Metzmacher [Wed, 11 Jan 2006 16:00:27 +0000 (16:00 +0000)]
r12845: fix some typos
metze
(This used to be commit
5d0ae1d2aef3fc7ddb4cb9269bb028beeaee6dfb)
Stefan Metzmacher [Wed, 11 Jan 2006 15:07:14 +0000 (15:07 +0000)]
r12844: don't include system headers directly
metze
(This used to be commit
75a98047d6829cadf4b9082bec2733055dad3465)
Stefan Metzmacher [Wed, 11 Jan 2006 15:03:20 +0000 (15:03 +0000)]
r12843: get special objects with ldbsearch -a too, to match ldbedit -a
metze
(This used to be commit
bb68f2e602dbcc94c05b2dd764c163be1e5a583d)
Stefan Metzmacher [Wed, 11 Jan 2006 15:01:21 +0000 (15:01 +0000)]
r12842: don't include system headers directly
metze
(This used to be commit
976052c6561dee7232c1a10fb977b1c4776825a2)
Stefan Metzmacher [Wed, 11 Jan 2006 10:53:52 +0000 (10:53 +0000)]
r12838: make the ntvfs function public
metze
(This used to be commit
41a564fdba5969fc7e518439520764fd56cfa280)
Stefan Metzmacher [Wed, 11 Jan 2006 00:56:49 +0000 (00:56 +0000)]
r12836: use: -fvisibility=hidden -D_PUBLIC_="__attribute__((visibility(\"default\")))"
if the compiler supports it, this will cause that modules can only access
public functions (gcc 4 supports this)
metze
(This used to be commit
bcf4c362556b8168fc0b63af5708e4a78c7b93fb)
Rafal Szczesniak [Tue, 10 Jan 2006 22:22:55 +0000 (22:22 +0000)]
r12835: RpcConnect test expansion to test connecting using ncacp_ip_tcp
as well as ncacn_np.
rafal
(This used to be commit
70cf8a4b67657f7c51e95ae5321e5a2e7f52832d)
Simo Sorce [Tue, 10 Jan 2006 17:19:32 +0000 (17:19 +0000)]
r12833: complete ldbsearch support for controls
now the three supported controls (paged_results,
server_sort, extended_dn) are fully functional
and the infrastructure to add more is in place.
valgrind is happy too :)
Simo.
(This used to be commit
bd8e2629378700198e16287823970f52d1150a86)
Stefan Metzmacher [Tue, 10 Jan 2006 16:55:15 +0000 (16:55 +0000)]
r12832: make it possible to pass -D_PUBLIC_... to the compiler
metze
(This used to be commit
5540509f10e3fee4c653081a3bc56213d40869df)
Stefan Metzmacher [Tue, 10 Jan 2006 16:54:21 +0000 (16:54 +0000)]
r12831: add 'extern' to public prototypes
metze
(This used to be commit
d4d2f011e2ba11dee67aa6933a75bb6088f92fc0)
Stefan Metzmacher [Tue, 10 Jan 2006 16:51:46 +0000 (16:51 +0000)]
r12830: this can be const
metze
(This used to be commit
1876e245c49d521e89674dc1662a61e8f4cdc9b5)
Stefan Metzmacher [Tue, 10 Jan 2006 16:48:32 +0000 (16:48 +0000)]
r12829: fix ldb headers, to not include '<...>' files in .c files
this helps in getting symbol -fvisibility=hidden (GCC 4 feature) working later.
metze
(This used to be commit
380938e97f31c7860aed1e73cc0110c6e17b472e)
Simo Sorce [Tue, 10 Jan 2006 14:27:48 +0000 (14:27 +0000)]
r12828: add a test to check white spaces comparison
(This used to be commit
ad189553f420d70c4a726cf118e1273ea053f4d6)
Simo Sorce [Tue, 10 Jan 2006 14:21:24 +0000 (14:21 +0000)]
r12827: This was a very well concealed bug.
Thank to Andrew Bartlet for finding out a test case that showed it up.
Simo.
(This used to be commit
72a86d74a95c2b38d25159027f612075c50a1f3c)
Andrew Bartlett [Tue, 10 Jan 2006 11:49:50 +0000 (11:49 +0000)]
r12826: The base DN is very tied to the realm. Allowing it to be changed here
only allows stuffups, but doesn't benifit anyone. (If we were to
allow it, we should have it change every time the realm is modified,
character by character).
The command line provision script doesn't allow this either.
Andrew Bartlett
(This used to be commit
fd176997b691ecf8a1126b0afba3a5cb28818ed1)
Günther Deschner [Tue, 10 Jan 2006 11:34:43 +0000 (11:34 +0000)]
r12825: Add \n
Guenther
(This used to be commit
909ef011b1343a33c4da4b2230062fd0468736ce)
Andrew Bartlett [Tue, 10 Jan 2006 10:54:45 +0000 (10:54 +0000)]
r12824: Another typo.
Andrew Bartlett
(This used to be commit
08f8b2aadbc815f91fbe50a5ebcbf33504bcd7cc)
Andrew Bartlett [Tue, 10 Jan 2006 10:35:47 +0000 (10:35 +0000)]
r12823: Fix up the provison and newuser code in SWAT. This also cleans up the
main provision script a bit, as the argument list was getting out of
control. (It has been replaced in part with an object).
This also returns the session_info from the auth code into ejs.
We still need access control allowing only root to re-provision.
Andrew Bartlett
(This used to be commit
002cdcf3cab6563909d31edc5d825e857dc0a732)
Andrew Bartlett [Tue, 10 Jan 2006 09:43:00 +0000 (09:43 +0000)]
r12822: Given that talloc gives us this extra level of safety, use it.
Andrew Bartlett
(This used to be commit
a6028558dc19b0d105b1bfe4126a2b24afaf8dd2)
Andrew Bartlett [Tue, 10 Jan 2006 09:41:59 +0000 (09:41 +0000)]
r12821: Fix typos.
Andrew Bartlett
(This used to be commit
f4386f7af17add82e88373adb1d585261d13355c)
Andrew Bartlett [Tue, 10 Jan 2006 09:22:50 +0000 (09:22 +0000)]
r12820: Remove duplicate entry caused by merge.
Andrew Bartlett
(This used to be commit
8d5156f98c452b051a8ddc14fc7c5733e2f171d9)
Andrew Bartlett [Tue, 10 Jan 2006 09:21:13 +0000 (09:21 +0000)]
r12819: Fix swat authentication again. We need to pass the socket_address
structure around, so the auth code knows where the request came from.
Andrew Bartlett
(This used to be commit
7a7b2668c00d4d22bcf8aa3ba256af88f70c38c4)
Andrew Bartlett [Tue, 10 Jan 2006 09:18:48 +0000 (09:18 +0000)]
r12818: When denying an operation, include what we think the username is in
the error message.
Andrew Bartlett
(This used to be commit
36c1f67f12d5ac83a7a205c0ec152a79c4a8ba4b)
Andrew Bartlett [Tue, 10 Jan 2006 09:17:58 +0000 (09:17 +0000)]
r12817: Create a ESP variable with the struct socket_address * in it, so we
can pass that do the auth subsystem.
Andrew Bartlett
(This used to be commit
699f06e5e8ef326808d010fadb51da04972ab385)
Andrew Bartlett [Tue, 10 Jan 2006 09:15:57 +0000 (09:15 +0000)]
r12816: Ugly hacks to the auth_unix code to make a SYSTEM token for root. If
we are going to try and have a 'real' NT token for these users, it is
going to get messy fast. I want to go down the idmap road, but we
don't have the infrustucure for that yet.
Andrew Bartlett
(This used to be commit
c90d5e82ff4836765f328b2acf20fd09ec91189b)
Stefan Metzmacher [Tue, 10 Jan 2006 08:41:49 +0000 (08:41 +0000)]
r12815: try to fix the build on AIX
metze
(This used to be commit
21bc072c7addafc6f692fb8e998bd4dd9ab88b49)
Stefan Metzmacher [Tue, 10 Jan 2006 07:08:27 +0000 (07:08 +0000)]
r12814: we need this here too, as we'll include replace.h for building heimdal/*
too, and for this we don't include includes.h
(hopefully) fix the build on AIX
metze
(This used to be commit
32f2cf433f65aaa9bcc5e33958d6f9c72c7f13d9)
Andrew Bartlett [Tue, 10 Jan 2006 03:45:15 +0000 (03:45 +0000)]
r12813: Remove unused file to avoid confusion. We now go via the auth
subsystem.
Andrew Bartlett
(This used to be commit
15a6f098ff28369bd7fa0a215e2ab150d18ac9f3)
Andrew Tridgell [Tue, 10 Jan 2006 03:26:39 +0000 (03:26 +0000)]
r12812: speed up RPC-ECHO with validate some more, and re-enable it under
valgrind in 'make valgrindtest'
(This used to be commit
b2030d527a75fecd907148d13860b4ba5193f218)
Andrew Tridgell [Tue, 10 Jan 2006 03:18:33 +0000 (03:18 +0000)]
r12811: valgrind on RPC-ECHO with validate is extremely slow - speed it up if
torture:quick is set
(This used to be commit
b591b28567eba148509c5dec060efaef2fd95ff6)
Simo Sorce [Tue, 10 Jan 2006 00:52:05 +0000 (00:52 +0000)]
r12810: handle control options gracefully and don't segfault
(This used to be commit
300d48bc9daa13e1475c10eaa1ec0717c822a7f7)
Andrew Bartlett [Mon, 9 Jan 2006 22:34:34 +0000 (22:34 +0000)]
r12808: Actually, with that we can avoid roken compleatly.
Andrew Bartlett
(This used to be commit
37f342b01095787d4a63a419c6ab3657680c2637)
Andrew Bartlett [Mon, 9 Jan 2006 22:30:08 +0000 (22:30 +0000)]
r12807: I'm wondering if this might fix AIX on the build farm...
Andrew Bartlett
(This used to be commit
8f70d6270a788494dd07430f778ee90a51551e66)
Stefan Metzmacher [Mon, 9 Jan 2006 22:28:26 +0000 (22:28 +0000)]
r12806: tridge: in revision 12634 you introduced to validate the ndr_print output
and RPC-ECHO doesn't pass under valgrind anymore with this
metze
(This used to be commit
2482bf969d5b903a01ace8fa9237dd440b98196c)
Stefan Metzmacher [Mon, 9 Jan 2006 22:19:51 +0000 (22:19 +0000)]
r12805: merge from samba3
metze
(This used to be commit
e6dff57793c302f8537274a628dba8ab01a2fed8)
Andrew Bartlett [Mon, 9 Jan 2006 22:12:53 +0000 (22:12 +0000)]
r12804: This patch reworks the Samba4 sockets layer to use a socket_address
structure that is more generic than just 'IP/port'.
It now passes make test, and has been reviewed and updated by
metze. (Thankyou *very* much).
This passes 'make test' as well as kerberos use (not currently in the
testsuite).
The original purpose of this patch was to have Samba able to pass a
socket address stucture from the BSD layer into the kerberos routines
and back again. It also removes nbt_peer_addr, which was being used
for a similar purpose.
It is a large change, but worthwhile I feel.
Andrew Bartlett
(This used to be commit
88198c4881d8620a37086f80e4da5a5b71c5bbb2)
Stefan Metzmacher [Mon, 9 Jan 2006 21:59:42 +0000 (21:59 +0000)]
r12803: if we free the ndr structure how should we access the private pointer anymore?
thanks valgrind!
metze
(This used to be commit
ab58decf8248f3923703fabdaab697f1a8d116c8)
Jelmer Vernooij [Mon, 9 Jan 2006 21:44:30 +0000 (21:44 +0000)]
r12801: Some more include/ cleanups (remove unused macros + move files
to specific dirs)
(This used to be commit
243cf760b077e155f5ac508aeebf819f7708a84e)
Rafal Szczesniak [Mon, 9 Jan 2006 21:22:27 +0000 (21:22 +0000)]
r12800: Replace tmp_ctx with mem_ctx to make variables name more
consistent along the file.
rafal
(This used to be commit
aaccb91cca5da8a869878326da298d22a3b8b2ae)
Stefan Metzmacher [Mon, 9 Jan 2006 20:30:44 +0000 (20:30 +0000)]
r12799: print out function and location too
metze
(This used to be commit
a5ef3eef9cbedd273556068ba59c07ccb0060098)
Stefan Metzmacher [Mon, 9 Jan 2006 18:25:06 +0000 (18:25 +0000)]
r12798: print timestamps into the log file, this is not nice code,
but it works for now
metze
(This used to be commit
ec7dbb5a98c112e86399ffcff14eb42c99d8e31d)
Stefan Metzmacher [Mon, 9 Jan 2006 17:43:48 +0000 (17:43 +0000)]
r12797: check for a error
metze
(This used to be commit
ed4fbfcf3e5b7133e73ee031ad5c68659690e2b1)
Stefan Metzmacher [Mon, 9 Jan 2006 17:03:17 +0000 (17:03 +0000)]
r12796: use the correct address as initiator
metze
(This used to be commit
ba97e7c06af6f919a66622c1a6b6e58980ab2b9e)
Stefan Metzmacher [Mon, 9 Jan 2006 16:20:02 +0000 (16:20 +0000)]
r12795: remember the gensec_security context
metze
(This used to be commit
ec1a7b5cefc32172ea97338a7101fe8416071b69)
Stefan Metzmacher [Mon, 9 Jan 2006 15:50:08 +0000 (15:50 +0000)]
r12793: fix bugs
metze
(This used to be commit
65be02a9801444c01230903d130b2d71b6c15617)
Stefan Metzmacher [Mon, 9 Jan 2006 15:45:12 +0000 (15:45 +0000)]
r12792: fix compiler warning
metze
(This used to be commit
1eca5f46c60d09fccbef5e605c06b1b3e3b65feb)
Stefan Metzmacher [Mon, 9 Jan 2006 14:58:39 +0000 (14:58 +0000)]
r12791: fix compiler warning
metze
(This used to be commit
6647feb761a272b687d12685bc096e4ebdd02abe)
Stefan Metzmacher [Mon, 9 Jan 2006 14:19:24 +0000 (14:19 +0000)]
r12790: fix compiler warning
metze
(This used to be commit
c65ebc8b5574f9bd05270964dee9d4882e2d1828)
Andrew Tridgell [Mon, 9 Jan 2006 02:43:38 +0000 (02:43 +0000)]
r12785: make the iface_*() functions return strings which do not get
overwritten by another call (due to the implied static in
iface_ntoa()). This should save abartlet some pain
(This used to be commit
2244f298ace9f8832695cafd17c54324c11416f1)
Stefan Metzmacher [Sun, 8 Jan 2006 23:32:15 +0000 (23:32 +0000)]
r12784: implement a simplified version of verifying old active replicas, with the owner
server, we you nbt name queries for this....
I assume w2k3 uses DCERPC calls or some WINSREPL calls for this,
but our version should work till I find out more details...
metze
(This used to be commit
ff81f9e78043d29feb4832acee682ec93a9c8ed6)
Andrew Tridgell [Sun, 8 Jan 2006 22:58:59 +0000 (22:58 +0000)]
r12783: add a comment about matching more than 1 handler per message (andrew
thought this might be a bug)
(This used to be commit
e1cd3f4b89e10c9a42f5939377df0eafb8c184a4)
Andrew Bartlett [Sun, 8 Jan 2006 22:00:57 +0000 (22:00 +0000)]
r12782: Don't segfault if we cannot setup messaging.
Andrew Bartlett
(This used to be commit
59c380e048423d706ab65513c09dbefecb5819ae)
Stefan Metzmacher [Sun, 8 Jan 2006 21:25:38 +0000 (21:25 +0000)]
r12780: propagate local records, when replicas are rejected on conflicts
metze
(This used to be commit
c64aef570eea8bde685aeb66cb482586e36ea020)
Stefan Metzmacher [Sun, 8 Jan 2006 20:57:26 +0000 (20:57 +0000)]
r12779: allow static tomstones
metze
(This used to be commit
966872646e5ac38ed5b3eb41cf339ec8f1583f17)
Stefan Metzmacher [Sun, 8 Jan 2006 20:50:18 +0000 (20:50 +0000)]
r12778: export TEST_DATA_PREFIX in make test
metze
(This used to be commit
beea805a61d15dbb38add0a9c333e01279f71ada)
Stefan Metzmacher [Sun, 8 Jan 2006 20:47:48 +0000 (20:47 +0000)]
r12777: use TEST_DATA_PREFIX if available
metze
(This used to be commit
7e702939faf70d0c02fa71b315043795bc4a1d84)
Stefan Metzmacher [Sun, 8 Jan 2006 20:20:18 +0000 (20:20 +0000)]
r12776: use $ENV{TEST_DATA_PREFIX} for test files if available
metze
(This used to be commit
5552eaa37c228872736688bb65b4f678bdfeddf4)
Stefan Metzmacher [Sun, 8 Jan 2006 18:25:40 +0000 (18:25 +0000)]
r12775: free elements early...
metze
(This used to be commit
49f78e21fe4a293fdb4d9d49d16dbed3ef8137b1)
Stefan Metzmacher [Sun, 8 Jan 2006 18:20:56 +0000 (18:20 +0000)]
r12774: - fix the build on OpenBSD
I'll try to remove TIME_T_MIN/TIME_T_MAX completly later,
but for now I try to build on all platfarms
metze
(This used to be commit
d51244b6613dc07076da56937d09e4020c596475)
Stefan Metzmacher [Sun, 8 Jan 2006 18:12:35 +0000 (18:12 +0000)]
r12773: - remove unused variable, fix the build with some old compilers
metze
(This used to be commit
1253784c923b569593b5207c14567c637f3a7ae7)
Stefan Metzmacher [Sun, 8 Jan 2006 17:13:13 +0000 (17:13 +0000)]
r12772: - create variables for the %(patsubst ...) statements for the idl files
- this also fixes the build on BSD systems
metze
(This used to be commit
31ff172773f1700bfd7ff24fc764d37d9b6e82c1)
Simo Sorce [Sun, 8 Jan 2006 14:00:28 +0000 (14:00 +0000)]
r12770: Remove the alloca.h header as it is not used in the code afaics
(This used to be commit
d4454287cf14cfdf1ceeb090da40492314703fb9)
Simo Sorce [Sun, 8 Jan 2006 13:50:06 +0000 (13:50 +0000)]
r12769: Make ldb_next_request() evident, I was much confused on first sight
Simo.
(This used to be commit
2f0c7b896274e5e15e150c70d7ebe70355f6c4c0)
Volker Lendecke [Sun, 8 Jan 2006 13:26:04 +0000 (13:26 +0000)]
r12767: Add some trusted lookups
(This used to be commit
568fc8a3412e07ac3084f441e693bc82b9ea912b)
Volker Lendecke [Sun, 8 Jan 2006 12:44:41 +0000 (12:44 +0000)]
r12766: fix the build
(This used to be commit
d73c343904f32956ba97e4ad82af9c9a75f5d70c)
Volker Lendecke [Sun, 8 Jan 2006 12:31:06 +0000 (12:31 +0000)]
r12765: Revert an accidential commit
(This used to be commit
d96c84126dcc1ec97e39814f21de167528fe886f)
Volker Lendecke [Sun, 8 Jan 2006 12:29:11 +0000 (12:29 +0000)]
r12764: Add a test for lsa_lookup. This will be expanded when I get around to add
trusted domains.
Volker
(This used to be commit
8b8bb85ad365721bfa1cf5309d53d851f2013c22)
Andrew Bartlett [Sun, 8 Jan 2006 02:05:20 +0000 (02:05 +0000)]
r12763: Oops. If you call ldb_search from within an ldb module's search
request handler, you really have to watch the recursion issues...
Andrew Bartlett
(This used to be commit
46628e86a2be6d334b2d0427e7052517c7ab1d4c)
Andrew Bartlett [Sun, 8 Jan 2006 01:46:30 +0000 (01:46 +0000)]
r12762: Simo correctly asked that the policy logic (which attributes contain
passwords) be moved into the database, and not be hard-coded in the
module source.
Andrew Bartlett
(This used to be commit
1fbe09ce818ac1603bd747610262865b8698fe04)
Stefan Metzmacher [Sun, 8 Jan 2006 00:09:49 +0000 (00:09 +0000)]
r12761: get the TIME_T_MIN and TIME_T_MAX right again, merging from samba3 was a bad idea...
as in samba4 we use TIME_T_MIN = 0 (maybe we should do this in samba3 too) because
negativ values mean error.
but still restrict TIME_T_MAX to INT32_MAX, to not overflow gmtime() on 64 bit systems,
is this behavior documented somewhere?
metze
(This used to be commit
333b1b8c4885c47a0d14d83896fce6740fa4d663)
Stefan Metzmacher [Sat, 7 Jan 2006 10:56:55 +0000 (10:56 +0000)]
r12755: check the return value of ldb_timestring(), as this fails,
when gmtime() fails...
metze
(This used to be commit
523746f2712371041800301294c73bb7686bf2d5)
Stefan Metzmacher [Sat, 7 Jan 2006 10:28:48 +0000 (10:28 +0000)]
r12754: - sync TIME_T_MAX calculation from samba3
- but limit TIME_T_MAX to INT32_MAX, otherwise 64 platfroms are broken
because gmtime() will fail with INT64_MAX passed in!
I'm not sure if that's the best fix for this problem, but it works...
Should we port the INT32_MAX limitation to samba3?
Comments, please?
metze
(This used to be commit
396fa81be5b950aa2120cff19540a0236f79a685)
Andrew Bartlett [Sat, 7 Jan 2006 00:06:58 +0000 (00:06 +0000)]
r12753: Try to fix the build after a 'make clean'. (the wildcards will not
expand because they don't exist yet). Thanks again to HotaruT.
Andrew Bartlett
(This used to be commit
d3abfecec5c9468e93d2d40181ce5d20f8135566)
Andrew Bartlett [Fri, 6 Jan 2006 23:15:06 +0000 (23:15 +0000)]
r12752: Clean up compile_et and asn1_compile as well.
Andrew Bartlett
(This used to be commit
2a6023d7414c1c337bb24a8c6882a17380cbc658)
Andrew Bartlett [Fri, 6 Jan 2006 23:12:12 +0000 (23:12 +0000)]
r12751: Another make clean fix.
Andrew Bartlett
(This used to be commit
9e6997d5bde306f442b2c7379870af6495e11d25)
Andrew Bartlett [Fri, 6 Jan 2006 22:55:03 +0000 (22:55 +0000)]
r12750: Clean up more asn1 generated files (pointed out by <HotaruT>).
Andrew Bartlett
(This used to be commit
5d42638170245b684b45459d0538ea86fa811214)
Andrew Bartlett [Fri, 6 Jan 2006 21:45:36 +0000 (21:45 +0000)]
r12749: Fix the newuser script.
Andrew Bartlett
(This used to be commit
42cdad5e3f06c307baf80396fd8449b803ef84c3)
Simo Sorce [Fri, 6 Jan 2006 21:39:37 +0000 (21:39 +0000)]
r12748: Fix wrong handling of separation characters for RDNs
allow escaped separation chars as part of the attr value
of an RDN
(This used to be commit
7ba341d6c3745cd99c4c79933f9bd54f41e12a9c)
Andrew Bartlett [Fri, 6 Jan 2006 21:20:09 +0000 (21:20 +0000)]
r12747: Add a couple more token tests, used by the kludge ACL module.
Andrew Bartlett
(This used to be commit
10eadf48124d61f2eb586fb277a66aa4b9e6cad3)
Andrew Bartlett [Fri, 6 Jan 2006 21:04:32 +0000 (21:04 +0000)]
r12746: An initial version of the kludge_acls module.
This should be replaced with real ACLs, which tridge is working on.
In the meantime, the rules are very simple:
- SYSTEM and Administrators can read all.
- Users and anonymous cannot read passwords, can read everything else
- list of 'password' attributes is hard-coded
Most of the difficult work in this was fighting with the C/js
interface to add a system_session() all, as it still doesn't get on
with me :-)
Andrew Bartlett
(This used to be commit
be9d0cae8989429ef47a713d8f0a82f12966fc78)
Simo Sorce [Fri, 6 Jan 2006 19:42:08 +0000 (19:42 +0000)]
r12745: Initial work to support a syntax to pass over controls via
command line to ldbsearch. Very rough work, no checks are
done on the input yet (will segfault if you make it wrong).
Controls are passed via the --controls switch an are comma
separated (no escaping yet).
General syntax is <ctrl_name>:<criticality>
<ctrl_name> is a string
<criticality> is 1 or 0
Current semi-parsed controls are:
server_sort
syntax: server_sort:1:0:attributename
1st parm: criticality
2nd parm: reversed
3rd parm: attribute name to be used for sorting
todo: still missing suport for multiple sorting
attributes and ordering rule
no check on result code
paged_results
syntax: paged_results:1:100
1st parm: criticality
2nd parm: number of results to be returned
todo: ldbsearch will return only the first batch
(missing code to cycle over conditionally)
no check on result code
extended_dn
syntax: extended_dn:1:0
1st parm: criticality
2nd parm: type, see MS docs on meaning
Simo.
(This used to be commit
4c685ac0d1638a1d5392dfe733baf0db77e84858)
Andrew Bartlett [Fri, 6 Jan 2006 19:37:13 +0000 (19:37 +0000)]
r12744: For correctly written scripts, we don't need this anymore. Only use
the cmdline credentials if we ask for it.
Andrew Bartlett
(This used to be commit
874dd09759eb0243988f39363c94785ae2e68485)