ira/wip.git
11 years agoRework the kerberos-notes.txt in order and format
Don Davis [Tue, 30 Jun 2009 08:12:02 +0000 (18:12 +1000)]
Rework the kerberos-notes.txt in order and format

This reworks the notes file to be less stream-of-consciousness and more
task for porting, with a very particular focus on a potential port of
Samba4 to use MIT Kerberos.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
11 years agos4:ldb Allow rootdse module to build without ldb_private.h
Andrew Bartlett [Tue, 30 Jun 2009 05:30:13 +0000 (15:30 +1000)]
s4:ldb Allow rootdse module to build without ldb_private.h

It seems quite reasonable to allow modules to re-initialise the set of
cached DNs on the ldb context.

Andrew Bartlett

11 years agos4: dsdb Avoid using the internal ldb_private.h header
Andrew Bartlett [Tue, 30 Jun 2009 05:12:29 +0000 (15:12 +1000)]
s4: dsdb Avoid using the internal ldb_private.h header

This job is not complete (the partition module remains a unfinished
task), but now we do use the private ldb headers much less.

Andrew Bartlett

11 years agos4:heimdal Allow KRB5_NT_ENTERPRISE names in all DB lookups
Andrew Bartlett [Tue, 30 Jun 2009 02:11:14 +0000 (12:11 +1000)]
s4:heimdal Allow KRB5_NT_ENTERPRISE names in all DB lookups

The previous code only allowed an KRB5_NT_ENTERPRISE name (an e-mail
list user principal name) in an AS-REQ.  Evidence from the wild
(Win2k8 reportadely) indicates that this is instead valid for all
types of requests.

While this is now handled in heimdal/kdc/misc.c, a flag is now defined
in Heimdal's hdb so that we can take over this handling in future (once we start
using a system Heimdal, and if we find out there is more to be done
here).

Andrew Bartlett

11 years agos4:kdc Only get the lp_ctx once for a LDB_fetch()
Andrew Bartlett [Tue, 30 Jun 2009 02:06:38 +0000 (12:06 +1000)]
s4:kdc Only get the lp_ctx once for a LDB_fetch()

11 years agoRework hdb-samba4 to remove useless abstractions.
Andrew Bartlett [Tue, 30 Jun 2009 00:29:30 +0000 (10:29 +1000)]
Rework hdb-samba4 to remove useless abstractions.

The function LDB_lookup_principal() has been eliminated, and it's
contents spread back to it's callers.  Removing the abstraction makes
the code clearer.

Also ensure we never pass unescaped user input to a LDB search
function.

Andrew Bartlett

11 years agos4:dsdb Explain the parsing steps for userPrincipalName cracknames calls
Andrew Bartlett [Tue, 30 Jun 2009 00:19:19 +0000 (10:19 +1000)]
s4:dsdb Explain the parsing steps for userPrincipalName cracknames calls

11 years agos4-smbtorture: use torture_comment & torture_warning in RPC samr tests.
Günther Deschner [Mon, 29 Jun 2009 21:42:58 +0000 (23:42 +0200)]
s4-smbtorture: use torture_comment & torture_warning in RPC samr tests.

Guenther

11 years agos3:build: check for external liblua, link lua statically if using internal lib
Michael Adam [Mon, 29 Jun 2009 21:23:07 +0000 (23:23 +0200)]
s3:build: check for external liblua, link lua statically if using internal lib

So liblua is treated the same way as libtalloc and libtdb.

Michael

11 years agos4-smbtorture: correctly test comment behaviour in RPC-SAMR-USERS against s3.
Günther Deschner [Tue, 23 Jun 2009 22:24:03 +0000 (00:24 +0200)]
s4-smbtorture: correctly test comment behaviour in RPC-SAMR-USERS against s3.

Guenther

11 years agos3-pdb_tdb: give 'unknown_str' the proper name 'comment' and set comment in passdb.
Günther Deschner [Tue, 23 Jun 2009 22:23:09 +0000 (00:23 +0200)]
s3-pdb_tdb: give 'unknown_str' the proper name 'comment' and set comment in passdb.

pdb_{get,set}_comment were already existing in the API but were never used.

Guenther

11 years agos3:pdb_ads: we need to make the fd for tldap/tsocket non-blocking
Stefan Metzmacher [Mon, 29 Jun 2009 14:31:31 +0000 (16:31 +0200)]
s3:pdb_ads: we need to make the fd for tldap/tsocket non-blocking

metze

11 years agos3:fix build of old linux quota system and other unixes' quota implementation
Michael Adam [Mon, 29 Jun 2009 14:26:42 +0000 (16:26 +0200)]
s3:fix build of old linux quota system and other unixes' quota implementation

By fixing the use of struct stat_ex.

Michael

11 years agos3:lib/sysquotas: fix usage of SMB_STRUCT_STAT (struct stat_ex).
Michael Adam [Mon, 29 Jun 2009 14:11:13 +0000 (16:11 +0200)]
s3:lib/sysquotas: fix usage of SMB_STRUCT_STAT (struct stat_ex).

This fixes the build with quotas / configure time detection
of sys_quota interface.

Michael

11 years agolib/util: fix building tevent_ntstatus without config.h
Michael Adam [Mon, 29 Jun 2009 13:39:46 +0000 (15:39 +0200)]
lib/util: fix building tevent_ntstatus without config.h

(when called from places with "#define NO_CONFIG_H" set, such as configure)

 Michael

11 years agotsocket/bsd: also ask for TEVENT_FD_READ when we want to write into a stream socket
Stefan Metzmacher [Mon, 29 Jun 2009 11:13:05 +0000 (13:13 +0200)]
tsocket/bsd: also ask for TEVENT_FD_READ when we want to write into a stream socket

Otherwise we would not notice a broken connection.

metze

11 years agotsocket/bsd: more correctly check if the cached tevent_fd is still valid
Stefan Metzmacher [Mon, 29 Jun 2009 11:05:27 +0000 (13:05 +0200)]
tsocket/bsd: more correctly check if the cached tevent_fd is still valid

I some cases the pointer value of tevent_context is the same again,
if we do something like:

ev1 = tevent_context_init();
...
fde = tevent_add_fd(ev1, fd, TEVENT_FD_READ...);
...
talloc_free(ev1);
...
ev2 = tevent_context_init();

if (ev1 == ev2) {
/* this can happen! */
}

if (tevent_fd_get_flags(fde) == 0) {
/* this is always true */
}

But the "talloc_free(ev1)" will set fde->event_ctx to NULL
and tevent_fd_get_flags() will always return 0.

metze

11 years agos3-selftest: add RPC-SAMR-MACHINE-AUTH to list of test to run against s3.
Günther Deschner [Mon, 29 Jun 2009 12:34:49 +0000 (14:34 +0200)]
s3-selftest: add RPC-SAMR-MACHINE-AUTH to list of test to run against s3.

Guenther

11 years agos4-smbtorture: add RPC-SAMR-MACHINE-AUTH test.
Günther Deschner [Fri, 26 Jun 2009 14:53:51 +0000 (16:53 +0200)]
s4-smbtorture: add RPC-SAMR-MACHINE-AUTH test.

This test talks to a DC as a joined workstation member - in the same way
winbindd does, in particular the calls used in this test's query pattern
will all request for SEC_FLAG_MAXIMUM_ALLOWED access_mask
(which pretty much all of samba's client code does as well).

In fact this test verifies that winbind can correctly talk to a samba dc using
samr dcerpc calls.

Guenther

11 years agos4-smbtorture: add torture_suite_add_machine_workstation_rpc_iface_tcase.
Günther Deschner [Fri, 26 Jun 2009 14:51:53 +0000 (16:51 +0200)]
s4-smbtorture: add torture_suite_add_machine_workstation_rpc_iface_tcase.

Unlike torture_suite_add_machine_bdc_rpc_iface_tcase() which joins as a BDC
(ACB_SRVTRUST) this joins as a member workstation (ACB_WSTRUST).

Guenther

11 years agomount.cifs: don't pass text ro/rw options to kernel
Jeff Layton [Mon, 29 Jun 2009 10:16:38 +0000 (06:16 -0400)]
mount.cifs: don't pass text ro/rw options to kernel

/bin/mount strips off the ro/rw options after setting the MS_RDONLY
flag appropriately. Make mount.cifs do the same thing.

Signed-off-by: Jeff Layton <jlayton@samba.org>
11 years agoFix ndrdump to use a common setup_logging() API
Andrew Bartlett [Mon, 29 Jun 2009 10:12:23 +0000 (20:12 +1000)]
Fix ndrdump to use a common setup_logging() API

By adding a new common setup_logging_stdout() API, we no longer need to abuse the ABI compatability between the different setup_logging() calls in Samba3 and Samba4's DEBUG() subsystems.

The revert of 49a6d757b4d944cd22c91b2838beb83f04fbe1e9 works with this
to fix bug 6211.

Andrew Bartlett

11 years agoRevert "s4:debug: make setup_logging() a bit more compatible with samba3"
Andrew Bartlett [Mon, 29 Jun 2009 09:57:57 +0000 (19:57 +1000)]
Revert "s4:debug: make setup_logging() a bit more compatible with samba3"

The problem is that the enum was previously a 'rachet', that is, it
would only reset to a level higher than it was previouly set to.
Changing the order broke file-based logging for our production sites.

This reverts commit 49a6d757b4d944cd22c91b2838beb83f04fbe1e9.

11 years agoAdds the impersonation level in ntcreatex requests to SAMBA 3 misc torture test
Matthias Dieter Wallnöfer [Sat, 20 Jun 2009 20:47:19 +0000 (22:47 +0200)]
Adds the impersonation level in ntcreatex requests to SAMBA 3 misc torture test

Specifies the impersonation level according to the reporter commit in bug #6283

11 years agoFix bug 6514: net gives unhelpful "lp_load failed" when it's missing smb.conf
David Markey [Mon, 29 Jun 2009 06:12:03 +0000 (08:12 +0200)]
Fix bug 6514: net gives unhelpful "lp_load failed" when it's missing smb.conf

11 years agoCorrect some typos in the LDB partition module
Matthias Dieter Wallnöfer [Sat, 27 Jun 2009 12:16:19 +0000 (14:16 +0200)]
Correct some typos in the LDB partition module

11 years agoSAMDB: Don't check for "sAMAccountName" twice
Matthias Dieter Wallnöfer [Sat, 27 Jun 2009 11:38:38 +0000 (13:38 +0200)]
SAMDB: Don't check for "sAMAccountName" twice

11 years agoEnhancement of "simple ldap map" with "systemFlags" attribute
Matthias Dieter Wallnöfer [Tue, 23 Jun 2009 16:27:26 +0000 (18:27 +0200)]
Enhancement of "simple ldap map" with "systemFlags" attribute

Enhance the simple ldap map to support also the "systemFlags" attribute in the
correct way.

11 years agoldb: Properly handle NULL when copying attr lists.
Andrew Kroeger [Tue, 23 Jun 2009 12:26:17 +0000 (07:26 -0500)]
ldb: Properly handle NULL when copying attr lists.

When copying an attribute list, ensure the list itself is not NULL before
attempting to access elements of the list.

11 years agoCorrect the headers of some SAMBA 4 setup python scripts
Matthias Dieter Wallnöfer [Mon, 22 Jun 2009 18:51:43 +0000 (20:51 +0200)]
Correct the headers of some SAMBA 4 setup python scripts

11 years agoTwo patches which fix issues on cross compiling/building
Nathaniel McCallum [Mon, 22 Jun 2009 13:26:33 +0000 (15:26 +0200)]
Two patches which fix issues on cross compiling/building

11 years agoFixes for SAMBA3RPC torture test
Matthias Dieter Wallnöfer [Sun, 21 Jun 2009 17:07:02 +0000 (19:07 +0200)]
Fixes for SAMBA3RPC torture test

On calls where both NT_STATUS and WERROR results are returned and consulted
we have to make sure to form function results considering both.
This errors have been found through a run against SAMBA 4.

11 years agoSmall patch for SPOOLSS pipe
Matthias Dieter Wallnöfer [Sat, 20 Jun 2009 21:36:10 +0000 (23:36 +0200)]
Small patch for SPOOLSS pipe

Prevents a crash of the SAMBA 4 daemon on the torture SPOOLSS test due to not
initialised structures.

11 years ago_lsa_QueryInfoPolicy: Use symbolic info level names
Volker Lendecke [Sun, 28 Jun 2009 15:48:07 +0000 (17:48 +0200)]
_lsa_QueryInfoPolicy: Use symbolic info level names

11 years agoTurn the pdb_rid_algorithm into a capabilities call that returns flags
Volker Lendecke [Sun, 28 Jun 2009 15:36:12 +0000 (17:36 +0200)]
Turn the pdb_rid_algorithm into a capabilities call that returns flags

11 years agoMake pdb_ads survive a restart of Samba4
Volker Lendecke [Sun, 28 Jun 2009 13:30:08 +0000 (15:30 +0200)]
Make pdb_ads survive a restart of Samba4

The search function retries once, the modifying call that hits a dead smbd
returns an error. The next try will reconnect. This was simple to implement and
provides a good compromise against Samba4 idling our connection. Most of the
modifying calls are quickly after a search (like OpenUser) anyway.

11 years agoIf the connection is down, don't try another write.
Volker Lendecke [Sun, 28 Jun 2009 13:29:38 +0000 (15:29 +0200)]
If the connection is down, don't try another write.

11 years agoAdd tldap_search_va
Volker Lendecke [Sun, 28 Jun 2009 12:41:11 +0000 (14:41 +0200)]
Add tldap_search_va

11 years agotldap_msg_received: Properly free the asn1_struct in case of an error
Volker Lendecke [Sun, 28 Jun 2009 11:03:14 +0000 (13:03 +0200)]
tldap_msg_received: Properly free the asn1_struct in case of an error

11 years agoMove read_ldap_done after read_ldap_send
Volker Lendecke [Sat, 27 Jun 2009 18:03:55 +0000 (20:03 +0200)]
Move read_ldap_done after read_ldap_send

11 years agoConvert tldap to tstream
Volker Lendecke [Sat, 27 Jun 2009 16:14:25 +0000 (18:14 +0200)]
Convert tldap to tstream

11 years agoAdd tstream_read_packet
Volker Lendecke [Sat, 27 Jun 2009 15:21:19 +0000 (17:21 +0200)]
Add tstream_read_packet

11 years agoProperly free a downlevel readv request. Metze, please check
Volker Lendecke [Sat, 27 Jun 2009 18:04:37 +0000 (20:04 +0200)]
Properly free a downlevel readv request. Metze, please check

11 years agotldap: Don't fire off more than one read_ldap request during searches
Volker Lendecke [Sat, 27 Jun 2009 20:28:47 +0000 (22:28 +0200)]
tldap: Don't fire off more than one read_ldap request during searches

11 years agoStop listening for inotify data when there's none
Volker Lendecke [Sat, 27 Jun 2009 10:20:18 +0000 (12:20 +0200)]
Stop listening for inotify data when there's none

There have been some reports that we're flooding syslog with "No data on
inotify fd?!". I haven't been able to reproduce this yet. Until then, it is
better to just list this message once.

11 years agoFix some nonempty blank lines
Volker Lendecke [Sat, 27 Jun 2009 09:31:53 +0000 (11:31 +0200)]
Fix some nonempty blank lines

11 years agos3/lanman: Workaround for KB932762.
Volker Lendecke [Tue, 16 Jun 2009 09:51:11 +0000 (11:51 +0200)]
s3/lanman: Workaround for KB932762.

This addresses bug #6498.

11 years agoThe solaris linker seems to require an extra mention of dependent libs
Volker Lendecke [Fri, 26 Jun 2009 19:52:34 +0000 (21:52 +0200)]
The solaris linker seems to require an extra mention of dependent libs

11 years agoDon't use ads realm name for non-ads case. #6481
Jim McDonough [Fri, 26 Jun 2009 19:24:57 +0000 (15:24 -0400)]
Don't use ads realm name for non-ads case.  #6481

Also check that the connection to ads worked.

11 years agoFix some dead code warnings from SUN Studio
Volker Lendecke [Fri, 26 Jun 2009 15:38:58 +0000 (17:38 +0200)]
Fix some dead code warnings from SUN Studio

11 years agoFix a typo in a comment
Volker Lendecke [Fri, 26 Jun 2009 14:45:25 +0000 (16:45 +0200)]
Fix a typo in a comment

11 years agoUpgrade ntvfs_map_*info to ntvfs_map_async_setup/ntvfs_map_async_finish
Sam Liddicott [Fri, 26 Jun 2009 11:31:19 +0000 (12:31 +0100)]
Upgrade ntvfs_map_*info to ntvfs_map_async_setup/ntvfs_map_async_finish

ntvfs_map_fsinfo, ntvfs_map_qpathinfo, ntvfs_map_qfileinfo used an
old synchronous mapping technique, acceptable on the grounds that
they were only used by the simple vfs which was synchronous.

Other vfs may/do use these functions, and by upgrading them to use the
ntvfs_map_async_setup/ntvfs_map_async_finish framework, they can now be
used asynchronously.

Signed-off-by: Sam Liddicott <sam@liddicott.com>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
11 years agos3:passdb: fix bug #6509: use gid (not uid) cache in fetch_gid_from_cache().
Michael Adam [Fri, 26 Jun 2009 12:09:10 +0000 (14:09 +0200)]
s3:passdb: fix bug #6509: use gid (not uid) cache in fetch_gid_from_cache().

With the previous code, the cache can never have been hit at all.

Michael

11 years agos3-vlp: drastically shrink size and dependencies of the virtual line printer.
Günther Deschner [Thu, 25 Jun 2009 15:43:28 +0000 (17:43 +0200)]
s3-vlp: drastically shrink size and dependencies of the virtual line printer.

This gets vlp from 13M down to 214K on my box.

Guenther

11 years agos3: pass a valid stat into file_ntimes()
Tim Prouty [Fri, 26 Jun 2009 01:40:17 +0000 (18:40 -0700)]
s3: pass a valid stat into file_ntimes()

file_ntimes() calls can_write_to_file() which expects a valid stat struct

11 years agos3 file_access: Convert some more functions over to use smb_filneame
Tim Prouty [Fri, 26 Jun 2009 01:19:09 +0000 (18:19 -0700)]
s3 file_access: Convert some more functions over to use smb_filneame

11 years agos3: simplify some redundant logic in is_ntfs_default_stream_smb_fname()
Tim Prouty [Fri, 26 Jun 2009 00:24:19 +0000 (17:24 -0700)]
s3: simplify some redundant logic in is_ntfs_default_stream_smb_fname()

11 years agos3: Remove get_full_smb_filename() from open_directory()
Tim Prouty [Thu, 25 Jun 2009 21:44:23 +0000 (14:44 -0700)]
s3: Remove get_full_smb_filename() from open_directory()

This is possible because open_directory() returns an error if
the fname is a stream, so the base_name can be used.

11 years agos3 onefs: Plumb smb_filename through onefs createfile path
Tim Prouty [Thu, 25 Jun 2009 18:20:36 +0000 (11:20 -0700)]
s3 onefs: Plumb smb_filename through onefs createfile path

11 years agos3: Change set_ea() and its callers to use smb_filename
Tim Prouty [Thu, 25 Jun 2009 21:16:46 +0000 (14:16 -0700)]
s3: Change set_ea() and its callers to use smb_filename

11 years agoFix bug #6506 - SMBD server doesn't set EAs when a file is overwritten in NT_TRANSACT...
Jeremy Allison [Thu, 25 Jun 2009 19:57:15 +0000 (12:57 -0700)]
Fix bug #6506 - SMBD server doesn't set EAs when a file is overwritten in NT_TRANSACT_CREATE.
Reported and verified by Long Li <longli@microsoft.com>
Jeremy.

11 years agos4 auth_winbind: Internally, info3 has utf8 buffers, not utf16 buffers.
Kai Blin [Thu, 25 Jun 2009 19:36:49 +0000 (21:36 +0200)]
s4 auth_winbind: Internally, info3 has utf8 buffers, not utf16 buffers.

Thanks to gd for the catch.

11 years agos4 auth_winbind: Don't allocate the rids for the info3 structure within the loop
Kai Blin [Thu, 25 Jun 2009 17:38:51 +0000 (19:38 +0200)]
s4 auth_winbind: Don't allocate the rids for the info3 structure within the loop

11 years agos4: Add libwbclient backend to auth_winbind
Kai Blin [Thu, 25 Jun 2009 17:16:02 +0000 (19:16 +0200)]
s4: Add libwbclient backend to auth_winbind

11 years agos3-netlogon: remove remaining netlogon init functions.
Günther Deschner [Thu, 25 Jun 2009 14:38:39 +0000 (16:38 +0200)]
s3-netlogon: remove remaining netlogon init functions.

Guenther

11 years agoAdd a \n to a debug message in smbacl4_nfs42win
Volker Lendecke [Thu, 25 Jun 2009 12:46:17 +0000 (14:46 +0200)]
Add a \n to a debug message in smbacl4_nfs42win

11 years agomount.cifs: add support for sending IPv6 scope ID to kernel
Jeff Layton [Thu, 25 Jun 2009 11:27:25 +0000 (07:27 -0400)]
mount.cifs: add support for sending IPv6 scope ID to kernel

When getaddrinfo returns an IPv6 address with a non-zero scope_id, send
that to the kernel appended to the address with a '%' delimiter. This
allows people to mount servers via their link-local IPv6 addresses
(given a kernel that understands this address format, of course).

Signed-off-by: Jeff Layton <jlayton@redhat.com>
11 years agos3-netlogon: remove init_netr_SamInfo functions.
Günther Deschner [Thu, 25 Jun 2009 10:12:05 +0000 (12:12 +0200)]
s3-netlogon: remove init_netr_SamInfo functions.

Guenther

11 years agos3-netlogon: fix validation level 2 support in netr_SamLogon and friends.
Günther Deschner [Thu, 25 Jun 2009 10:00:20 +0000 (12:00 +0200)]
s3-netlogon: fix validation level 2 support in netr_SamLogon and friends.

Guenther

11 years agos3-examples: make get_next_oid exectuable.
Günther Deschner [Tue, 23 Jun 2009 22:24:55 +0000 (00:24 +0200)]
s3-examples: make get_next_oid exectuable.

Guenther

11 years agos3-samr: refactor _samr_SetDomainInfo().
Günther Deschner [Thu, 25 Jun 2009 00:06:21 +0000 (02:06 +0200)]
s3-samr: refactor _samr_SetDomainInfo().

Guenther

11 years agos3-samr: refactor _samr_QueryDomainInfo().
Günther Deschner [Wed, 24 Jun 2009 23:52:06 +0000 (01:52 +0200)]
s3-samr: refactor _samr_QueryDomainInfo().

Guenther

11 years agos3: Plumb smb_filename through SMB_VFS_STAT and SMB_VFS_LSTAT
Tim Prouty [Mon, 22 Jun 2009 22:26:56 +0000 (15:26 -0700)]
s3: Plumb smb_filename through SMB_VFS_STAT and SMB_VFS_LSTAT

This patch introduces two new temporary helper functions
vfs_stat_smb_fname and vfs_lstat_smb_fname.  They basically allowed me
to call the new smb_filename version of stat, while avoiding plumbing
it through callers that are still too inconvenient.  As the conversion
moves along, I will be able to remove callers of this, with the goal
being to remove all callers.

There was also a bug in create_synthetic_smb_fname_split (also a
temporary utility function) that caused it to incorrectly handle
filenames with ':'s in them when in posix mode.  This is now fixed.

11 years agos3: Convert is_visible_file to use talloc_asprintf instead of malloc
Tim Prouty [Thu, 18 Jun 2009 18:38:42 +0000 (11:38 -0700)]
s3: Convert is_visible_file to use talloc_asprintf instead of malloc

11 years agos3:smbd: send SMB2 interim responses for async calls
Stefan Metzmacher [Tue, 9 Jun 2009 20:34:14 +0000 (22:34 +0200)]
s3:smbd: send SMB2 interim responses for async calls

metze

11 years agos3:smbd: add support for async interim SMB2 responses and prepare SMB2 cancel
Stefan Metzmacher [Tue, 9 Jun 2009 20:33:32 +0000 (22:33 +0200)]
s3:smbd: add support for async interim SMB2 responses and prepare SMB2 cancel

metze

11 years agos3:smbd: keep a list of outstanding SMB2 requests
Stefan Metzmacher [Tue, 9 Jun 2009 19:29:40 +0000 (21:29 +0200)]
s3:smbd: keep a list of outstanding SMB2 requests

metze

11 years agos3:smbd: add smbd_smb2_send_oplock_break()
Stefan Metzmacher [Tue, 9 Jun 2009 18:44:13 +0000 (20:44 +0200)]
s3:smbd: add smbd_smb2_send_oplock_break()

metze

11 years agos3:smbd: the SMB2-COMPOUND test shows that the related vs. unrelated flags isn't...
Stefan Metzmacher [Tue, 9 Jun 2009 18:02:48 +0000 (20:02 +0200)]
s3:smbd: the SMB2-COMPOUND test shows that the related vs. unrelated flags isn't checked first

metze

11 years agoReenable the LDAPI socket for the merged build
Volker Lendecke [Wed, 24 Jun 2009 10:41:16 +0000 (12:41 +0200)]
Reenable the LDAPI socket for the merged build

It seems that the samba4 part of the merged build does not pick up the
DEVELOPER flag from the s3 configure.

Jelmer, can you fix that properly?

Thanks,

Volker

11 years agoOnly set the password if there is one
Volker Lendecke [Wed, 24 Jun 2009 10:39:21 +0000 (12:39 +0200)]
Only set the password if there is one

11 years agos4-smbtorture: more paranoid checks while testing group membership in RPC-SAMR.
Günther Deschner [Tue, 23 Jun 2009 22:27:33 +0000 (00:27 +0200)]
s4-smbtorture: more paranoid checks while testing group membership in RPC-SAMR.

Guenther

11 years agos3-printing: eliminate another non sec_initial_uid using security check.
Günther Deschner [Tue, 23 Jun 2009 18:27:05 +0000 (20:27 +0200)]
s3-printing: eliminate another non sec_initial_uid using security check.

Guenther

11 years agos3-spoolss: restructure _spoolss_EndDocPrinter().
Günther Deschner [Tue, 23 Jun 2009 18:26:27 +0000 (20:26 +0200)]
s3-spoolss: restructure _spoolss_EndDocPrinter().

Guenther

11 years agos3-lsa: Fix error path in _lsa_EnumAccountRights.
Günther Deschner [Tue, 23 Jun 2009 09:16:23 +0000 (11:16 +0200)]
s3-lsa: Fix error path in _lsa_EnumAccountRights.

This needs to return NT_STATUS_OBJECT_NAME_NOT_FOUND
again as described in MS-LSAD 3.1.4.5.10 and tested with the
RPC-SAMR-USER-PRIVILEGES test.

Guenther

11 years agos3-eventlog: implement _eventlog_ReportEventW().
Günther Deschner [Wed, 8 Apr 2009 17:18:13 +0000 (19:18 +0200)]
s3-eventlog: implement _eventlog_ReportEventW().

Guenther

11 years agos3: re-run make idl.
Günther Deschner [Tue, 23 Jun 2009 08:58:04 +0000 (10:58 +0200)]
s3: re-run make idl.

Guenther

11 years agosamr: add samr_UserInfoLevel and samr_DomainInfoClass enums based on MS-SAMR.
Günther Deschner [Tue, 23 Jun 2009 08:55:05 +0000 (10:55 +0200)]
samr: add samr_UserInfoLevel and samr_DomainInfoClass enums based on MS-SAMR.

Guenther

11 years agos3: forward MSG_DEBUG from smbd parent to all children
Aravind Srinivasan [Tue, 16 Jun 2009 22:11:32 +0000 (15:11 -0700)]
s3: forward MSG_DEBUG from smbd parent to all children

Before 3.3, an smbcontrol debug message sent to the target "smbd" would
actually be sent to all running processes including nmbd and winbindd.
This behavior was changed in 3.3 so that the "smbd" target would only
send a message to the process found in smbd.pid, while the "all" target
would send a message to all processes.

The ability to set the debug level of all processes within a single
daemon, without specifying each pid is quite useful.  This was implemented
in winbindd in 065760ed.  This patch does the same thing for smbd.

Upon receiving a MSG_DEBUG the parent smbd will rebroadcast it to all of
its children.

The printing process has been added to the list of smbd child processes,
and we now always track the number of smbd children regardless of the
"max smbd processes" setting.

11 years agos3-libnet: fix libnet_unjoin_remove_machine_acct() when called without ads struct.
Günther Deschner [Mon, 22 Jun 2009 20:35:58 +0000 (22:35 +0200)]
s3-libnet: fix libnet_unjoin_remove_machine_acct() when called without ads struct.

Guenther

11 years agoAdd tldap paged searches, together with two helper routines
Volker Lendecke [Sat, 20 Jun 2009 16:43:58 +0000 (18:43 +0200)]
Add tldap paged searches, together with two helper routines

11 years agoReorganize retrieving errors and server-sent controls
Volker Lendecke [Sat, 20 Jun 2009 16:42:18 +0000 (18:42 +0200)]
Reorganize retrieving errors and server-sent controls

This attaches the data to the tldap_message instead of the tevent_req.

It adds tldap_ctx_lastmsg() to retrieve the last message for the users of
the sync wrappers.

11 years agoMove asn1_load_nocopy() to lib/util/asn1.c
Volker Lendecke [Fri, 19 Jun 2009 16:20:20 +0000 (18:20 +0200)]
Move asn1_load_nocopy() to lib/util/asn1.c

11 years agoMove asn1_blob() to lib/util/asn1.c
Volker Lendecke [Fri, 19 Jun 2009 15:39:13 +0000 (17:39 +0200)]
Move asn1_blob() to lib/util/asn1.c

11 years agoAdd tldap_supports_control
Volker Lendecke [Fri, 19 Jun 2009 12:01:10 +0000 (14:01 +0200)]
Add tldap_supports_control

11 years agoAdd tldap_entry_has_attrvalue
Volker Lendecke [Fri, 19 Jun 2009 12:00:31 +0000 (14:00 +0200)]
Add tldap_entry_has_attrvalue

11 years agotldap control support
Volker Lendecke [Sat, 6 Jun 2009 21:21:01 +0000 (23:21 +0200)]
tldap control support

11 years agoPrepare control support
Volker Lendecke [Sat, 6 Jun 2009 19:06:33 +0000 (21:06 +0200)]
Prepare control support

We will have arrays of controls passed to tldap.c. Follow a mantra from the
classic book "Thinking Forth" by Leo Brodie: Favor counts over terminators :-)

This makes the parameter lists to tldap pretty long, but everyone will have
wrapper routines anyway, see for example tldap_search_fmt. And the OpenLDAP
manpages call the non-_ext routines deprecated, probably for a reason.

11 years agoFix setting passwords in pdb_ads
Volker Lendecke [Sat, 20 Jun 2009 09:46:42 +0000 (11:46 +0200)]
Fix setting passwords in pdb_ads

The samba4 password_hash module does not allow changing the password fields via
the "delete oldval" -> "add newval" set of modify operations, it requires a
single "replace with newval" operation.

Andrew, Samba3 by default uses that delete/add pair to detect if between
fetching the old value and storing the new one the old value has changed. This
is lost by using the "replace" operation.

Would it make sense to add this to the password_hash module?

Volker

11 years agoFix empty lines
Volker Lendecke [Sat, 20 Jun 2009 09:06:14 +0000 (11:06 +0200)]
Fix empty lines