ira/wip.git
12 years agos3-ntlmssp: use generated ntlmssp code for debugging purpose.
Günther Deschner [Wed, 12 Aug 2009 18:22:58 +0000 (20:22 +0200)]
s3-ntlmssp: use generated ntlmssp code for debugging purpose.

Guenther

12 years agos3-ntlmssp: add NDR helper routines for ntlmssp.
Günther Deschner [Fri, 28 Aug 2009 09:37:28 +0000 (11:37 +0200)]
s3-ntlmssp: add NDR helper routines for ntlmssp.

Guenther

12 years agos4: fix the build after ntlmssp header change.
Günther Deschner [Fri, 28 Aug 2009 09:36:28 +0000 (11:36 +0200)]
s4: fix the build after ntlmssp header change.

Guenther

12 years agolibcli/auth: remove unused NTLMSSP_NAME_TYPE_ flags.
Günther Deschner [Tue, 25 Aug 2009 10:30:48 +0000 (12:30 +0200)]
libcli/auth: remove unused NTLMSSP_NAME_TYPE_ flags.

Guenther

12 years agos4-ntlmssp: use interface constants in TargetInfo blob.
Günther Deschner [Tue, 25 Aug 2009 10:27:51 +0000 (12:27 +0200)]
s4-ntlmssp: use interface constants in TargetInfo blob.

Guenther

12 years agos4-ntlmssp: use NTLMSSP headers from IDL and remove duplicate constants.
Günther Deschner [Tue, 25 Aug 2009 10:12:59 +0000 (12:12 +0200)]
s4-ntlmssp: use NTLMSSP headers from IDL and remove duplicate constants.

Guenther

12 years agos3-ntlmssp: use interface constants in TargetInfo blob.
Günther Deschner [Fri, 14 Aug 2009 12:08:45 +0000 (14:08 +0200)]
s3-ntlmssp: use interface constants in TargetInfo blob.

Guenther

12 years agos3-ntlmssp: use NTLMSSP headers from IDL and remove duplicate constants.
Günther Deschner [Wed, 12 Aug 2009 18:22:04 +0000 (20:22 +0200)]
s3-ntlmssp: use NTLMSSP headers from IDL and remove duplicate constants.

Guenther

12 years agontlmssp: add ndr_print_ntlmssp_{nt,lm}_response() function.
Günther Deschner [Fri, 21 Aug 2009 18:41:03 +0000 (20:41 +0200)]
ntlmssp: add ndr_print_ntlmssp_{nt,lm}_response() function.

Guenther

12 years agontlmssp: re-run make samba3-idl and add generated files.
Günther Deschner [Wed, 12 Aug 2009 18:19:47 +0000 (20:19 +0200)]
ntlmssp: re-run make samba3-idl and add generated files.

Guenther

12 years agontlmssp: add NTLMSSP_MESSAGE_SIGNATURE to IDL.
Günther Deschner [Thu, 13 Aug 2009 23:01:21 +0000 (01:01 +0200)]
ntlmssp: add NTLMSSP_MESSAGE_SIGNATURE to IDL.

Guenther

12 years agontlmssp: add AUTHENTICATE_MESSAGE to idl.
Günther Deschner [Wed, 12 Aug 2009 21:18:52 +0000 (23:18 +0200)]
ntlmssp: add AUTHENTICATE_MESSAGE to idl.

Guenther

12 years agontlmssp: add CHALLENGE_MESSAGE to IDL.
Günther Deschner [Wed, 12 Aug 2009 16:14:31 +0000 (18:14 +0200)]
ntlmssp: add CHALLENGE_MESSAGE to IDL.

Guenther

12 years agontlmssp: add NEGOTIATE_MESSAGE to IDL.
Günther Deschner [Thu, 13 Aug 2009 22:31:53 +0000 (00:31 +0200)]
ntlmssp: add NEGOTIATE_MESSAGE to IDL.

Guenther

12 years agontlmssp: add string helper functions to handle OEM and UNICODE charset.
Günther Deschner [Thu, 13 Aug 2009 22:48:58 +0000 (00:48 +0200)]
ntlmssp: add string helper functions to handle OEM and UNICODE charset.

Guenther

12 years agontlmssp: add ntlmssp helper skeleton.
Günther Deschner [Thu, 13 Aug 2009 15:11:07 +0000 (17:11 +0200)]
ntlmssp: add ntlmssp helper skeleton.

Guenther

12 years agontlmssp: add IDL.
Günther Deschner [Wed, 12 Aug 2009 13:23:28 +0000 (15:23 +0200)]
ntlmssp: add IDL.

Guenther

12 years agolib/tevent: close pipe_fds on event_context destruction
Rusty Russell [Fri, 28 Aug 2009 02:41:23 +0000 (12:11 +0930)]
lib/tevent: close pipe_fds on event_context destruction

The "hack_fds" were never closed before; now they're inside event_context
they should be closed when that is destroyed.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
12 years agolib/tevent: handle tevent_common_add_signal on different event contexts.
Rusty Russell [Fri, 28 Aug 2009 02:38:47 +0000 (12:08 +0930)]
lib/tevent: handle tevent_common_add_signal on different event contexts.

I don't know if this is a problem in real life.

The code assumes there's only one tevent_context; all signals will notify
the first event context.  That's counter-intuitive if you ever use more
than one, and there's nothing else in this code which prevents it AFAICT.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
12 years agolib/tevent: fix race with signals and tevent_common_add_signal
Rusty Russell [Fri, 28 Aug 2009 02:34:22 +0000 (12:04 +0930)]
lib/tevent: fix race with signals and tevent_common_add_signal

We carefully preserve the old signal handler, but we replace it before
we've set up everything; in particular, if we fail setting up the
pipe_hack we could write a NUL char to stdout (fd 0), instead of
calling the old signal handler.

Replace the signal handler as the very last thing we do.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
12 years agolib/tdb: don't overwrite TDBs with different version numbers.
Rusty Russell [Fri, 28 Aug 2009 02:26:34 +0000 (11:56 +0930)]
lib/tdb: don't overwrite TDBs with different version numbers.

In future, this may happen, and we don't want to clobber them.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
12 years agolib/tevent: remove spectacularly complicated manual subtraction
Rusty Russell [Wed, 26 Aug 2009 08:00:32 +0000 (17:30 +0930)]
lib/tevent: remove spectacularly complicated manual subtraction

To be completely honest, I don't quite know whether to laugh or cry at
this one:

1 + (0xFFFFFFFF & ~(s.seen - s.count))
== 1 + (~(s.seen - s.count)) # s.seen, s.count are uint32_t
== s.count - s.seen # -A == ~A + 1

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
12 years agoutil: fix comment and clarify argument name in DLIST_DEMOTE()
Michael Adam [Wed, 26 Aug 2009 10:58:47 +0000 (12:58 +0200)]
util: fix comment and clarify argument name in DLIST_DEMOTE()

Michael

12 years agos3:smbd: teach filename_convert() about fake files (2nd fix for bug #6642)
Stefan Metzmacher [Wed, 19 Aug 2009 07:58:38 +0000 (09:58 +0200)]
s3:smbd: teach filename_convert() about fake files (2nd fix for bug #6642)

metze

12 years agos3:smbd: add is_fake_file_path() that takes only the raw path as string
Stefan Metzmacher [Wed, 19 Aug 2009 07:57:47 +0000 (09:57 +0200)]
s3:smbd: add is_fake_file_path() that takes only the raw path as string

metze

12 years agos3:streams: check for :$DATA only in the backend (fix bug #6642)
Stefan Metzmacher [Tue, 18 Aug 2009 09:34:54 +0000 (11:34 +0200)]
s3:streams: check for :$DATA only in the backend (fix bug #6642)

We need to allow "\\$Extend\\$Quota:$Q:$INDEX_ALLOCATION" to pass
check_path(), so that the Quota Dialog works.

metze

12 years agos3:error_map: make NTSTATUS -> errno -> NTSTATUS mapping consistent for NT_STATUS_INV...
Stefan Metzmacher [Tue, 18 Aug 2009 09:32:37 +0000 (11:32 +0200)]
s3:error_map: make NTSTATUS -> errno -> NTSTATUS mapping consistent for NT_STATUS_INVALID_PARAMETER

Why have we mapped EINVAL -> NT_STATUS_INVALID_HANDLE before?

metze

12 years agos3-ntlmssp: remove trailing whitespace.
Günther Deschner [Thu, 13 Aug 2009 22:36:21 +0000 (00:36 +0200)]
s3-ntlmssp: remove trailing whitespace.

Guenther

12 years agolibcli/auth: add netlogon_creds_step_crypt() and netlogon_creds_first_step()
Stefan Metzmacher [Tue, 25 Aug 2009 09:25:47 +0000 (11:25 +0200)]
libcli/auth: add netlogon_creds_step_crypt() and netlogon_creds_first_step()

This abstracts the usage of crypto functions instead of directly calling
des_crypt112().

metze

Signed-off-by: Günther Deschner <gd@samba.org>
12 years agolibcli/auth: remove some useless lines
Stefan Metzmacher [Tue, 25 Aug 2009 09:12:48 +0000 (11:12 +0200)]
libcli/auth: remove some useless lines

metze

Signed-off-by: Günther Deschner <gd@samba.org>
12 years agolibcli/auth: remember schannel type in netlogon_creds_server_init()
Stefan Metzmacher [Tue, 25 Aug 2009 10:02:38 +0000 (12:02 +0200)]
libcli/auth: remember schannel type in netlogon_creds_server_init()

metze

Signed-off-by: Günther Deschner <gd@samba.org>
12 years agos3-schannel: remove remaining code that was using "struct dcinfo".
Günther Deschner [Tue, 25 Aug 2009 22:45:02 +0000 (00:45 +0200)]
s3-schannel: remove remaining code that was using "struct dcinfo".

Guenther

12 years agos3-credentials: remove unused code.
Günther Deschner [Tue, 25 Aug 2009 20:45:15 +0000 (22:45 +0200)]
s3-credentials: remove unused code.

Guenther

12 years agos3-schannel: upgrade old format schannel_store.tdb.
Günther Deschner [Wed, 26 Aug 2009 09:46:58 +0000 (11:46 +0200)]
s3-schannel: upgrade old format schannel_store.tdb.

Guenther

12 years agos3-netlogon: use shared credential and schannel storage infrastructure for netlogon...
Günther Deschner [Tue, 25 Aug 2009 20:38:55 +0000 (22:38 +0200)]
s3-netlogon: use shared credential and schannel storage infrastructure for netlogon server.

Guenther

12 years agos3-netlogon: add netr_creds_server_step_check() convenience wrapper.
Günther Deschner [Tue, 25 Aug 2009 20:26:34 +0000 (22:26 +0200)]
s3-netlogon: add netr_creds_server_step_check() convenience wrapper.

Guenther

12 years agos3-schannel: add simple wrappers to fetch and store schannel auth info.
Günther Deschner [Tue, 25 Aug 2009 22:31:27 +0000 (00:31 +0200)]
s3-schannel: add simple wrappers to fetch and store schannel auth info.

Guenther

12 years agos3-schannel: make open_schannel_session_store() public.
Günther Deschner [Tue, 25 Aug 2009 19:45:24 +0000 (21:45 +0200)]
s3-schannel: make open_schannel_session_store() public.

Guenther

12 years agolibcli/auth: add tdb backend for schannel state.
Günther Deschner [Tue, 25 Aug 2009 19:16:27 +0000 (21:16 +0200)]
libcli/auth: add tdb backend for schannel state.

Guenther

12 years agolibcli/auth: move netlogon_creds_CredentialState out of libcli.
Günther Deschner [Wed, 26 Aug 2009 13:08:32 +0000 (15:08 +0200)]
libcli/auth: move netlogon_creds_CredentialState out of libcli.

Guenther

12 years agoschannel: add netlogon_creds_CredentialState to IDL.
Günther Deschner [Wed, 26 Aug 2009 12:45:35 +0000 (14:45 +0200)]
schannel: add netlogon_creds_CredentialState to IDL.

Guenther

12 years agos4-schannel: add ldb suffix to schannel functions.
Günther Deschner [Tue, 25 Aug 2009 19:09:53 +0000 (21:09 +0200)]
s4-schannel: add ldb suffix to schannel functions.

Guenther

12 years agolibcli/auth: rename schannel_state.c to schannel_state_ldb.c.
Günther Deschner [Tue, 25 Aug 2009 16:59:39 +0000 (18:59 +0200)]
libcli/auth: rename schannel_state.c to schannel_state_ldb.c.

Guenther

12 years agos3-build: add SCHANNEL_OBJ to Makefile.in.
Günther Deschner [Wed, 26 Aug 2009 14:48:00 +0000 (16:48 +0200)]
s3-build: add SCHANNEL_OBJ to Makefile.in.

Guenther

12 years agos3:winbind: Convert WINBINDD_GETUSERSIDS to the new API
Volker Lendecke [Thu, 27 Aug 2009 12:55:41 +0000 (14:55 +0200)]
s3:winbind: Convert WINBINDD_GETUSERSIDS to the new API

12 years agos3:winbind: Fix a typo
Volker Lendecke [Thu, 27 Aug 2009 12:34:59 +0000 (14:34 +0200)]
s3:winbind: Fix a typo

12 years agos3:winbind: Remove the manual caching for the async wb_ functions
Volker Lendecke [Thu, 27 Aug 2009 12:16:22 +0000 (14:16 +0200)]
s3:winbind: Remove the manual caching for the async wb_ functions

The generic NDR-based cache in winbindd_dual_ndr.c replaces this.

12 years agos3:winbind: Some calls are not cacheable
Volker Lendecke [Tue, 25 Aug 2009 10:25:12 +0000 (12:25 +0200)]
s3:winbind: Some calls are not cacheable

12 years agos3:winbind: Factor out wcache_store_seqnum()
Volker Lendecke [Tue, 25 Aug 2009 09:26:14 +0000 (11:26 +0200)]
s3:winbind: Factor out wcache_store_seqnum()

12 years agos3:winbind: Add a generic cache for NDR based parent-child requests
Volker Lendecke [Sun, 23 Aug 2009 22:13:02 +0000 (00:13 +0200)]
s3:winbind: Add a generic cache for NDR based parent-child requests

12 years agos3:winbind: Factor out wcache_fetch_seqnum
Volker Lendecke [Sun, 23 Aug 2009 22:08:14 +0000 (00:08 +0200)]
s3:winbind: Factor out wcache_fetch_seqnum

12 years agos4-smbtorture: do not hard code BDC secure channel type into RPC-NETLOGON tests.
Günther Deschner [Thu, 27 Aug 2009 11:37:06 +0000 (13:37 +0200)]
s4-smbtorture: do not hard code BDC secure channel type into RPC-NETLOGON tests.

Guenther

12 years agos4-smbtorture: add test_SetPassword_flags to RPC-NETLOGON-S3 testsuite.
Günther Deschner [Thu, 27 Aug 2009 10:32:56 +0000 (12:32 +0200)]
s4-smbtorture: add test_SetPassword_flags to RPC-NETLOGON-S3 testsuite.

Guenther

12 years agos4:python Add helper to get at the domain SID
Andrew Bartlett [Thu, 27 Aug 2009 09:38:04 +0000 (19:38 +1000)]
s4:python Add helper to get at the domain SID

12 years agos3/smbd: open the share_info.tdb on startup instead of tconx
Steven Danneman [Wed, 26 Aug 2009 23:17:38 +0000 (16:17 -0700)]
s3/smbd: open the share_info.tdb on startup instead of tconx

This is a small performance optimization.  Instead of opening the tdb
on every smb connection in the forked child process, we now open it in
the parent and share the fd.

This also reduces the total fd usage in the system.

12 years agos3/debug: make SPENGO OID list appear under one debug header
Steven Danneman [Wed, 26 Aug 2009 17:36:48 +0000 (10:36 -0700)]
s3/debug: make SPENGO OID list appear under one debug header

12 years agos3/winbindd: Remove unnecessary check for NULL SID
Steven Danneman [Wed, 29 Jul 2009 23:13:44 +0000 (16:13 -0700)]
s3/winbindd: Remove unnecessary check for NULL SID

There's a known bug in some Windows implementations of
DsEnumerateDomainTrusts() where domain SIDs are not returned for
transitively trusted domains within the same forest.

Jerry originally worked around this in the winbindd parent by checking
for S-0-0 and converting it to S-1-0 in 8b0fce0b.  Guenter later moved
these checks into the child process in commit 3bdfcbac making the
initial patch unecessary.

I've removed it and added a clarifying comment to the child process.

If ever this SID is needed we could add an extra DsEnumerateDomainTrusts()
call in trusted_domains() as suggested by the Microsoft KB.

12 years agos3-selftest: enable running RPC-NETLOGON-S3 against samba3.
Günther Deschner [Wed, 26 Aug 2009 21:03:42 +0000 (23:03 +0200)]
s3-selftest: enable running RPC-NETLOGON-S3 against samba3.

Guenther

12 years agos4-smbtorture: add RPC-NETLOGON-S3 to test samba3 netlogon server.
Günther Deschner [Wed, 26 Aug 2009 20:27:07 +0000 (22:27 +0200)]
s4-smbtorture: add RPC-NETLOGON-S3 to test samba3 netlogon server.

Guenther

12 years agos3 onefs: Canonicalize the ACL in the correct order
tprouty [Wed, 26 Aug 2009 01:38:17 +0000 (01:38 +0000)]
s3 onefs: Canonicalize the ACL in the correct order

12 years agos3: Allow full_audit to play nice with smbd if it's using syslog
tprouty [Wed, 26 Aug 2009 01:38:14 +0000 (01:38 +0000)]
s3: Allow full_audit to play nice with smbd if it's using syslog

Explictly pass the facility from both smbd and full_audit to syslog.
Really the only major change is to not call openlog() in full_audit if
WITH_SYSLOG is defined, which implies that smbd is already using
syslog.  This allows full audit to piggy-back on the same ident as
smbd, while still differentiating the logging via the facility.

12 years agos3 audit: Change create_file in full_audit to print whether a directory or file was...
tprouty [Wed, 26 Aug 2009 01:38:07 +0000 (01:38 +0000)]
s3 audit: Change create_file in full_audit to print whether a directory or file was requested

full_audit will now print out whether the createfile was requested for
a file or directory.  The create disposition is also printed out.

12 years agos3:winbind: Fix Coverity ID 942: Resource Leak
Volker Lendecke [Wed, 26 Aug 2009 16:20:06 +0000 (18:20 +0200)]
s3:winbind: Fix Coverity ID 942: Resource Leak

12 years agos4:heimdal_build: lib/hcrypto/evp-aes-cts.o belongs to HEIMDAL_HCRYPTO
Stefan Metzmacher [Wed, 26 Aug 2009 06:10:35 +0000 (08:10 +0200)]
s4:heimdal_build: lib/hcrypto/evp-aes-cts.o belongs to HEIMDAL_HCRYPTO

metze

12 years agos3-netlogon: let get_md4pw() return a struct dom_sid.
Günther Deschner [Wed, 26 Aug 2009 09:35:40 +0000 (11:35 +0200)]
s3-netlogon: let get_md4pw() return a struct dom_sid.

Guenther

12 years agoschannel: add generated files.
Günther Deschner [Tue, 24 Mar 2009 17:33:28 +0000 (18:33 +0100)]
schannel: add generated files.

Guenther

12 years agoschannel: move schannel.idl to main directory.
Günther Deschner [Mon, 23 Mar 2009 13:08:09 +0000 (14:08 +0100)]
schannel: move schannel.idl to main directory.

Guenther

12 years agonetlogon: make netr_NegotiateFlags a public bitmap.
Günther Deschner [Wed, 26 Aug 2009 12:46:17 +0000 (14:46 +0200)]
netlogon: make netr_NegotiateFlags a public bitmap.

Guenther

12 years agoAdd a parameter to disable the automatic creation of krb5.conf files
Volker Lendecke [Wed, 26 Aug 2009 12:56:41 +0000 (14:56 +0200)]
Add a parameter to disable the automatic creation of krb5.conf files

This is necessary because MIT 1.5 can't deal with certain types (Tree Root) of
transitive AD trusts. The workaround is to add a [capaths] directive to
/etc/krb5.conf, which we don't automatically put into the krb5.conf winbind
creates.

The alternative would have been something like a "krb5 conf include", but I
think if someone has to mess with /etc/krb5.conf at this level, it should be
easy to add the site-local KDCs as well.

Next alternative is to correctly figure out the [capaths] parameter for all
trusted domains, but for that I don't have the time right now. Sorry :-)

12 years agocifs.upcall: make using ip address conditional on new option
Jeff Layton [Wed, 26 Aug 2009 10:26:02 +0000 (06:26 -0400)]
cifs.upcall: make using ip address conditional on new option

Igor Mammedov pointed out that reverse resolving an IP address to get
the hostname portion of a principal could open a possible attack
vector. If an attacker were to gain control of DNS, then he could
redirect the mount to a server of his choosing, and fix the reverse
resolution to point to a hostname of his choosing (one where he has
the key for the corresponding cifs/ or host/ principal).

That said, we often trust DNS for other reasons and it can be useful
to do so. Make the code that allows trusting DNS to be enabled by
adding --trust-dns to the cifs.upcall invocation.

Signed-off-by: Jeff Layton <jlayton@redhat.com>
12 years agocifs.upcall: switch to getopt_long
Jeff Layton [Wed, 26 Aug 2009 10:15:42 +0000 (06:15 -0400)]
cifs.upcall: switch to getopt_long

...to allow long option names.

Signed-off-by: Jeff Layton <jlayton@redhat.com>
12 years agos4:provision Ensure that @OPTIONS is mirrored into each partition
Andrew Bartlett [Wed, 26 Aug 2009 07:31:44 +0000 (17:31 +1000)]
s4:provision Ensure that @OPTIONS is mirrored into each partition

The previous patches to the provision system cut down on the number of
reconnects, and disabled the partition handling for part of the
process.  This means we lost the setting of @OPTIONS as a replicated
attribute into the partitions.

Andrew Bartlett

12 years agos4:ldb Add ldb_ldif_write_string() and python wrappers
Andrew Bartlett [Wed, 26 Aug 2009 05:59:00 +0000 (15:59 +1000)]
s4:ldb Add ldb_ldif_write_string() and python wrappers

This allows us to turn a python LdbMessage back into a string.

Andrew Bartlett

12 years agos4:ldb Add hooks to get/set the flags on a ldb_message_element
Andrew Bartlett [Wed, 26 Aug 2009 05:01:12 +0000 (15:01 +1000)]
s4:ldb Add hooks to get/set the flags on a ldb_message_element

Also add tests to prove that we got this correct, and correct the
existing tests which used the wrong constants.

Andrew Bartlett

12 years agos4:schema Rework dsdb_write_prefixes_from_schema_to_ldb() to use talloc
Andrew Bartlett [Wed, 26 Aug 2009 03:44:50 +0000 (13:44 +1000)]
s4:schema Rework dsdb_write_prefixes_from_schema_to_ldb() to use talloc

This changes dsdb_write_prefixes_from_schema_to_ldb() to use an
internal talloc hirarchy, so we can safely give it a NULL context from
the python.

It also fixes manual construction of the ldb_message - we now use the
right helper functions.

Andrew Bartlett

12 years agos4:provison Add prefixes to ldb using same code a later modify will use
Andrew Bartlett [Wed, 26 Aug 2009 03:43:33 +0000 (13:43 +1000)]
s4:provison Add prefixes to ldb using same code a later modify will use

This allows us to test out the code that will do the modify of the
prefixMap, and to provide the bindings that may assist a future
upgrade script.

Andrew Bartlett

12 years agos4:provision Only create references to our server DN after the self join
Andrew Bartlett [Wed, 26 Aug 2009 02:39:44 +0000 (12:39 +1000)]
s4:provision Only create references to our server DN after the self join

This will ensure that the GUID can be filled in correctly, and assist
us to validate DN targets in the future.

Andrew Bartlett

12 years agos4:scheam quiet a 'const' warning
Andrew Bartlett [Wed, 26 Aug 2009 02:32:47 +0000 (12:32 +1000)]
s4:scheam quiet a 'const' warning

12 years agos4:dsdb Rework dsdb_write_prefixes_to_ldb() to take a schema
Andrew Bartlett [Wed, 26 Aug 2009 02:29:45 +0000 (12:29 +1000)]
s4:dsdb Rework dsdb_write_prefixes_to_ldb() to take a schema

The aim is to create a function that is more easily wrapped for
python, so that we can write the updated prefixMap in an upgrade
script.

Andrew Bartlett

12 years agos4:dsdb Use helper function to add 'show deleted' control
Andrew Bartlett [Wed, 26 Aug 2009 01:01:27 +0000 (11:01 +1000)]
s4:dsdb Use helper function to add 'show deleted' control

This revises tridge's commit 61ca4c491e1c13eb7d97847f743b0f540f1117c4
to use ldb_request_add_control() instead of a manual construction.

Andrew Bartlett

12 years agos3-netlogon: fix default case when _netr_LogonSamLogon is called from other opcodes.
Günther Deschner [Tue, 25 Aug 2009 23:03:47 +0000 (01:03 +0200)]
s3-netlogon: fix default case when _netr_LogonSamLogon is called from other opcodes.

Guenther

12 years agoRevert "s3: Fix uninitialized const char *"
Günther Deschner [Tue, 25 Aug 2009 23:01:43 +0000 (01:01 +0200)]
Revert "s3: Fix uninitialized const char *"

Tim, I am reverting this as this eliminates "_netr_LogonSamLogonEx" from the
debug messages completely. Followup fix to come immediately.

This reverts commit add9b4afb14d3426d1f3bf5b8e7c86926f462578.

12 years agos3-netlogon: get rid of init_net_r_req_chal().
Günther Deschner [Tue, 25 Aug 2009 16:47:15 +0000 (18:47 +0200)]
s3-netlogon: get rid of init_net_r_req_chal().

Guenther

12 years agos3-netlogon: let get_md4pw() return a struct samr_Password.
Günther Deschner [Tue, 25 Aug 2009 16:44:24 +0000 (18:44 +0200)]
s3-netlogon: let get_md4pw() return a struct samr_Password.

(in preparation of credential merge).

Guenther

12 years agos3-netlogon: make _netr_ServerAuthenticate a callback to _netr_ServerAuthenticate3.
Günther Deschner [Tue, 25 Aug 2009 16:36:28 +0000 (18:36 +0200)]
s3-netlogon: make _netr_ServerAuthenticate a callback to _netr_ServerAuthenticate3.

Guenther

12 years agoAllow for name array strings that don't end in a slash
Zach Loafman [Tue, 25 Aug 2009 17:46:37 +0000 (10:46 -0700)]
Allow for name array strings that don't end in a slash

Fix set_namearray to allow for strings that don't end in a slash. Also
remove unnecessary strdup()s.

Signed-off-by: Tim Prouty <tprouty@samba.org>
12 years agoAdd some const to dsgetdcname
Volker Lendecke [Tue, 25 Aug 2009 15:03:26 +0000 (17:03 +0200)]
Add some const to dsgetdcname

12 years agoDo an early TALLOC_FREE
Volker Lendecke [Tue, 25 Aug 2009 15:02:53 +0000 (17:02 +0200)]
Do an early TALLOC_FREE

12 years agonetlogon: give netlogon w7/w2k8r2 AES negotiate flag proper name (see bug #6099 for...
Günther Deschner [Tue, 25 Aug 2009 09:10:53 +0000 (11:10 +0200)]
netlogon: give netlogon w7/w2k8r2 AES negotiate flag proper name (see bug #6099 for details).

Guenther

12 years agofixed DRS rename of deleted objects
Andrew Tridgell [Tue, 25 Aug 2009 07:00:27 +0000 (17:00 +1000)]
fixed DRS rename of deleted objects

The objectclass module checks that the target parent exists, and
refuses renames if it doesn't exist. For this to work for deleted
objects we have to do the search in the objectclass module with the
"show deleted" control enabled.

12 years agofixed a double free bug on error in net export
Andrew Tridgell [Tue, 25 Aug 2009 06:59:25 +0000 (16:59 +1000)]
fixed a double free bug on error in net export

12 years agos4:python Fix the reprovision test by deleting 'deleted' objects too.
Andrew Bartlett [Tue, 25 Aug 2009 06:27:20 +0000 (16:27 +1000)]
s4:python Fix the reprovision test by deleting 'deleted' objects too.

We were failing because CN=Deleted Objects, which is marked as
'deleted' itself, could not be re-added in a reprovision.

Andrew Bartlett

12 years agos4:dsdb Rework show_deleted module not to liniearise the LDAP filter
Andrew Bartlett [Tue, 25 Aug 2009 06:25:55 +0000 (16:25 +1000)]
s4:dsdb Rework show_deleted module not to liniearise the LDAP filter

Instead, use the fact that the ldb_parse_tree structure is public to
construct the 'and not deleted' clause as a structure, and apply each
filter tree to that template.

Andrew Bartlett

12 years agoHelp debug for bug 6651 - smbd SIGSEGV when breaking oplocks.
Jeremy Allison [Tue, 25 Aug 2009 04:14:52 +0000 (21:14 -0700)]
Help debug for bug 6651 - smbd SIGSEGV when breaking oplocks.
Should help track if we get invoked with an invalid fd from
the signal handler.
Jeremy.

12 years agoSecond attempt at fix for bug 6529 - Offline files conflict with Vista and Office...
Jeremy Allison [Tue, 25 Aug 2009 03:57:37 +0000 (20:57 -0700)]
Second attempt at fix for bug 6529 - Offline files conflict with Vista and Office 2003.
Confirmation from reporter that this fixes the issue in master on ext3/ext4.
Back-ports to follow.
Jeremy.

12 years agoAllow systems with timestamp granularity of 1sec to work with
Jeremy Allison [Tue, 25 Aug 2009 01:21:23 +0000 (18:21 -0700)]
Allow systems with timestamp granularity of 1sec to work with
this test.
Jeremy.

12 years agoUse existing time_t rounding function, don't invent my own.
Jeremy Allison [Mon, 24 Aug 2009 22:09:29 +0000 (15:09 -0700)]
Use existing time_t rounding function, don't invent my own.
Jeremy.

12 years agonetlogon: add (yet) undocumented netlogon negotiate bit to bitmap.
Günther Deschner [Mon, 24 Aug 2009 21:02:20 +0000 (23:02 +0200)]
netlogon: add (yet) undocumented netlogon negotiate bit to bitmap.

This bit is set by the Win7 client while joining.

Guenther

12 years agos3-netlogon: Only hand out rid when netlogon credential chain has been setup sucessfully.
Günther Deschner [Mon, 24 Aug 2009 21:00:47 +0000 (23:00 +0200)]
s3-netlogon: Only hand out rid when netlogon credential chain has been setup sucessfully.

Guenther

12 years agoSecond part of fix for 6529 - Offline files conflict with Vista and Office 2003.
Jeremy Allison [Mon, 24 Aug 2009 19:30:05 +0000 (12:30 -0700)]
Second part of fix for 6529 - Offline files conflict with Vista and Office 2003.
ext4 may be able to store ns timestamps, but the only API to *set* timestamps
takes usec, not nsec. Round to usec on set requests.
Jeremy.