ira/wip.git
14 years agor12868: Remove unused code. This has moved to libcli/finddcs.c.
Andrew Bartlett [Thu, 12 Jan 2006 09:56:15 +0000 (09:56 +0000)]
r12868: Remove unused code.  This has moved to libcli/finddcs.c.

Andrew Bartlett

14 years agor12867: Remove deleted header.
Andrew Bartlett [Thu, 12 Jan 2006 09:54:48 +0000 (09:54 +0000)]
r12867: Remove deleted header.

14 years agor12866: This removes the abstraction layer in winbindd intended to deal with
Andrew Bartlett [Thu, 12 Jan 2006 09:38:35 +0000 (09:38 +0000)]
r12866: This removes the abstraction layer in winbindd intended to deal with
multiple protocols, replacing it with the packet handling subsystem.

We don't have multiple protocols at present, and the abstraction layer
only serves to confuse matters.  Also, the new packet subsystem removes
the need to handle partial reads.

We can easily add new protocols from the socket up instead, becaue the
difficult bits are done by the packet layer.

Andrew Bartlett

14 years agor12865: Upgrade the librpc and libnet code.
Andrew Bartlett [Thu, 12 Jan 2006 09:33:49 +0000 (09:33 +0000)]
r12865: Upgrade the librpc and libnet code.

In librpc, always try SMB level authentication, even if trying
schannel, but allow fallback to anonymous.  This should better
function with servers that set restrict anonymous.

There are too many parts of Samba that get, parse and modify the
binding parameters.  Avoid the extra work, and add a binding element
to the struct dcerpc_pipe

The libnet vampire code has been refactored, to reduce extra layers
and to better conform with the standard argument pattern.  Also, take
advantage of the new libnet_Lookup code, so we don't require the silly
'password server' smb.conf parameter.

To better support forcing traffic to be sealed for the vampire
operation, the dcerpc_bind_auth() function now takes an auth level
parameter.

Andrew Bartlett

14 years agor12864: Fix valgrind errors in NET-API-LOOKUP* tests.
Andrew Bartlett [Thu, 12 Jan 2006 08:47:21 +0000 (08:47 +0000)]
r12864: Fix valgrind errors in NET-API-LOOKUP* tests.

Andrew Bartlett

14 years agor12863: As lha suggested to me a while back, it appears that the
Andrew Bartlett [Thu, 12 Jan 2006 07:13:36 +0000 (07:13 +0000)]
r12863: As lha suggested to me a while back, it appears that the
gsskrb5_get_initiator_subkey() routine is bougs.  We can indeed use
gss_krb5_get_subkey().

This is fortunate, as there was a segfault bug in 'initiator' version.

Andrew Bartlett

14 years agor12862: Need to trim spaces off the end of the node status reply.
Andrew Bartlett [Thu, 12 Jan 2006 06:44:28 +0000 (06:44 +0000)]
r12862: Need to trim spaces off the end of the node status reply.

Andrew Bartlett

14 years agor12861: Cope when we are not supplied the messaging context. This is just
Andrew Bartlett [Thu, 12 Jan 2006 03:30:20 +0000 (03:30 +0000)]
r12861: Cope when we are not supplied the messaging context.  This is just
another case where we have to fallback to the node status request.

Andrew Bartlett

14 years agor12860: Remove unused function. (we handle this in the password_hash module).
Andrew Bartlett [Thu, 12 Jan 2006 03:07:04 +0000 (03:07 +0000)]
r12860: Remove unused function.  (we handle this in the password_hash module).

Andrew Bartlett

14 years agor12859: Make Samba4 match the Samba3 winbindd interface. trunk has moved too
Andrew Bartlett [Thu, 12 Jan 2006 03:06:14 +0000 (03:06 +0000)]
r12859: Make Samba4 match the Samba3 winbindd interface.  trunk has moved too
far at this point, and there is no point being in between.

Andrew Bartlett

14 years agor12858: This moves the libnet_LookupPdc code to use a GetDC request to find
Andrew Bartlett [Thu, 12 Jan 2006 03:02:00 +0000 (03:02 +0000)]
r12858: This moves the libnet_LookupPdc code to use a GetDC request to find
the remote server's name, or in the absence of a local nbt_server to
communicate with (or without root access), a node status request.

The result is that we are in a better position to use kerberos, as well
as to remove the 'password server' mandatory parameter for the samsync
and samdump commands.  (I need this to put these into SWAT).

The only problem I have is that I must create a messaging context, which
requires a server ID.  As a client process, I don't expect to get
messages, but it is currently required for replies, so I generate a
random() number.  We probably need the servers to accept connections on
streamed sockets too, for client-only tasks that want IRPC.

Because I wanted to test this code, I have put the NET-API-* tests into
our test scripts, to ensure they pass and keep passing.  They are good
frontends onto the libnet system, and I see no reason not to test them.

In doing so the NET-API-RPCCONNECT test was simplified to take a
binding string on the command line, removing duplicate code, and
testing the combinations in the scripts instead.

(I have done a bit of work on the list shares code in libnet_share.c
to make it pass 'make test')

In the future, I would like to extend the libcli/findds.c code (based
off volker's winbind/wb_async_helpers.c, which is why it shows up a bit
odd in the patch) to handle getting multiple name replies, sending a
getdc request to each in turn.

(posted to samba-technical for review, and I'll happily update with
any comments)

Andrew Bartlett

14 years agor12856: make the logic much more sane
Stefan Metzmacher [Wed, 11 Jan 2006 20:38:10 +0000 (20:38 +0000)]
r12856: make the logic much more sane

metze

14 years agor12851: Fix some typos
Jelmer Vernooij [Wed, 11 Jan 2006 18:14:55 +0000 (18:14 +0000)]
r12851: Fix some typos

14 years agor12850: - add Doxygen comments to ldb
Stefan Metzmacher [Wed, 11 Jan 2006 16:31:57 +0000 (16:31 +0000)]
r12850: - add Doxygen comments to ldb
- 'make doxygen' generated the api documentation under apidocs/

Many thanks to Brad Hards <bradh@frogmouth.net> for the patches!

metze

14 years agor12849: fix typo
Stefan Metzmacher [Wed, 11 Jan 2006 16:29:02 +0000 (16:29 +0000)]
r12849: fix typo

metze

14 years agor12847: add some ldb examples from Brad Hards (bradh@frogmouth.net)
Stefan Metzmacher [Wed, 11 Jan 2006 16:20:16 +0000 (16:20 +0000)]
r12847: add some ldb examples from Brad Hards (bradh@frogmouth.net)

metze

14 years agor12846: some fixes
Stefan Metzmacher [Wed, 11 Jan 2006 16:04:28 +0000 (16:04 +0000)]
r12846: some fixes

metze

14 years agor12845: fix some typos
Stefan Metzmacher [Wed, 11 Jan 2006 16:00:27 +0000 (16:00 +0000)]
r12845: fix some typos

metze

14 years agor12844: don't include system headers directly
Stefan Metzmacher [Wed, 11 Jan 2006 15:07:14 +0000 (15:07 +0000)]
r12844: don't include system headers directly

metze

14 years agor12843: get special objects with ldbsearch -a too, to match ldbedit -a
Stefan Metzmacher [Wed, 11 Jan 2006 15:03:20 +0000 (15:03 +0000)]
r12843: get special objects with ldbsearch -a too, to match ldbedit -a

metze

14 years agor12842: don't include system headers directly
Stefan Metzmacher [Wed, 11 Jan 2006 15:01:21 +0000 (15:01 +0000)]
r12842: don't include system headers directly

metze

14 years agor12838: make the ntvfs function public
Stefan Metzmacher [Wed, 11 Jan 2006 10:53:52 +0000 (10:53 +0000)]
r12838: make the ntvfs function public

metze

14 years agor12836: use: -fvisibility=hidden -D_PUBLIC_="__attribute__((visibility(\"default...
Stefan Metzmacher [Wed, 11 Jan 2006 00:56:49 +0000 (00:56 +0000)]
r12836: use: -fvisibility=hidden -D_PUBLIC_="__attribute__((visibility(\"default\")))"
if the compiler supports it, this will cause that modules can only access
public functions (gcc 4 supports this)

metze

14 years agor12835: RpcConnect test expansion to test connecting using ncacp_ip_tcp
Rafal Szczesniak [Tue, 10 Jan 2006 22:22:55 +0000 (22:22 +0000)]
r12835: RpcConnect test expansion to test connecting using ncacp_ip_tcp
as well as ncacn_np.

rafal

14 years agor12833: complete ldbsearch support for controls
Simo Sorce [Tue, 10 Jan 2006 17:19:32 +0000 (17:19 +0000)]
r12833: complete ldbsearch support for controls
now the three supported controls (paged_results,
server_sort, extended_dn) are fully functional
and the infrastructure to add more is in place.

valgrind is happy too :)

Simo.

14 years agor12832: make it possible to pass -D_PUBLIC_... to the compiler
Stefan Metzmacher [Tue, 10 Jan 2006 16:55:15 +0000 (16:55 +0000)]
r12832: make it possible to pass -D_PUBLIC_... to the compiler

metze

14 years agor12831: add 'extern' to public prototypes
Stefan Metzmacher [Tue, 10 Jan 2006 16:54:21 +0000 (16:54 +0000)]
r12831: add 'extern' to public prototypes

metze

14 years agor12830: this can be const
Stefan Metzmacher [Tue, 10 Jan 2006 16:51:46 +0000 (16:51 +0000)]
r12830: this can be const

metze

14 years agor12829: fix ldb headers, to not include '<...>' files in .c files
Stefan Metzmacher [Tue, 10 Jan 2006 16:48:32 +0000 (16:48 +0000)]
r12829: fix ldb headers, to not include '<...>' files in .c files

this helps in getting symbol -fvisibility=hidden (GCC 4 feature) working later.

metze

14 years agor12828: add a test to check white spaces comparison
Simo Sorce [Tue, 10 Jan 2006 14:27:48 +0000 (14:27 +0000)]
r12828: add a test to check white spaces comparison

14 years agor12827: This was a very well concealed bug.
Simo Sorce [Tue, 10 Jan 2006 14:21:24 +0000 (14:21 +0000)]
r12827: This was a very well concealed bug.
Thank to Andrew Bartlet for finding out a test case that showed it up.

Simo.

14 years agor12826: The base DN is very tied to the realm. Allowing it to be changed here
Andrew Bartlett [Tue, 10 Jan 2006 11:49:50 +0000 (11:49 +0000)]
r12826: The base DN is very tied to the realm.  Allowing it to be changed here
only allows stuffups, but doesn't benifit anyone.  (If we were to
allow it, we should have it change every time the realm is modified,
character by character).

The command line provision script doesn't allow this either.

Andrew Bartlett

14 years agor12825: Add \n
Günther Deschner [Tue, 10 Jan 2006 11:34:43 +0000 (11:34 +0000)]
r12825: Add \n

Guenther

14 years agor12824: Another typo.
Andrew Bartlett [Tue, 10 Jan 2006 10:54:45 +0000 (10:54 +0000)]
r12824: Another typo.

Andrew Bartlett

14 years agor12823: Fix up the provison and newuser code in SWAT. This also cleans up the
Andrew Bartlett [Tue, 10 Jan 2006 10:35:47 +0000 (10:35 +0000)]
r12823: Fix up the provison and newuser code in SWAT.  This also cleans up the
main provision script a bit, as the argument list was getting out of
control.  (It has been replaced in part with an object).

This also returns the session_info from the auth code into ejs.

We still need access control allowing only root to re-provision.

Andrew Bartlett

14 years agor12822: Given that talloc gives us this extra level of safety, use it.
Andrew Bartlett [Tue, 10 Jan 2006 09:43:00 +0000 (09:43 +0000)]
r12822: Given that talloc gives us this extra level of safety, use it.

Andrew Bartlett

14 years agor12821: Fix typos.
Andrew Bartlett [Tue, 10 Jan 2006 09:41:59 +0000 (09:41 +0000)]
r12821: Fix typos.

Andrew Bartlett

14 years agor12820: Remove duplicate entry caused by merge.
Andrew Bartlett [Tue, 10 Jan 2006 09:22:50 +0000 (09:22 +0000)]
r12820: Remove duplicate entry caused by merge.

Andrew Bartlett

14 years agor12819: Fix swat authentication again. We need to pass the socket_address
Andrew Bartlett [Tue, 10 Jan 2006 09:21:13 +0000 (09:21 +0000)]
r12819: Fix swat authentication again.  We need to pass the socket_address
structure around, so the auth code knows where the request came from.

Andrew Bartlett

14 years agor12818: When denying an operation, include what we think the username is in
Andrew Bartlett [Tue, 10 Jan 2006 09:18:48 +0000 (09:18 +0000)]
r12818: When denying an operation, include what we think the username is in
the error message.

Andrew Bartlett

14 years agor12817: Create a ESP variable with the struct socket_address * in it, so we
Andrew Bartlett [Tue, 10 Jan 2006 09:17:58 +0000 (09:17 +0000)]
r12817: Create a ESP variable with the struct socket_address * in it, so we
can pass that do the auth subsystem.

Andrew Bartlett

14 years agor12816: Ugly hacks to the auth_unix code to make a SYSTEM token for root. If
Andrew Bartlett [Tue, 10 Jan 2006 09:15:57 +0000 (09:15 +0000)]
r12816: Ugly hacks to the auth_unix code to make a SYSTEM token for root.  If
we are going to try and have a 'real' NT token for these users, it is
going to get messy fast.  I want to go down the idmap road, but we
don't have the infrustucure for that yet.

Andrew Bartlett

14 years agor12815: try to fix the build on AIX
Stefan Metzmacher [Tue, 10 Jan 2006 08:41:49 +0000 (08:41 +0000)]
r12815: try to fix the build on AIX

metze

14 years agor12814: we need this here too, as we'll include replace.h for building heimdal/*
Stefan Metzmacher [Tue, 10 Jan 2006 07:08:27 +0000 (07:08 +0000)]
r12814: we need this here too, as we'll include replace.h for building heimdal/*
too, and for this we don't include includes.h

(hopefully) fix the build on AIX

metze

14 years agor12813: Remove unused file to avoid confusion. We now go via the auth
Andrew Bartlett [Tue, 10 Jan 2006 03:45:15 +0000 (03:45 +0000)]
r12813: Remove unused file to avoid confusion.  We now go via the auth
subsystem.

Andrew Bartlett

14 years agor12812: speed up RPC-ECHO with validate some more, and re-enable it under
Andrew Tridgell [Tue, 10 Jan 2006 03:26:39 +0000 (03:26 +0000)]
r12812: speed up RPC-ECHO with validate some more, and re-enable it under
valgrind in 'make valgrindtest'

14 years agor12811: valgrind on RPC-ECHO with validate is extremely slow - speed it up if
Andrew Tridgell [Tue, 10 Jan 2006 03:18:33 +0000 (03:18 +0000)]
r12811: valgrind on RPC-ECHO with validate is extremely slow - speed it up if
torture:quick is set

14 years agor12810: handle control options gracefully and don't segfault
Simo Sorce [Tue, 10 Jan 2006 00:52:05 +0000 (00:52 +0000)]
r12810: handle control options gracefully and don't segfault

14 years agor12808: Actually, with that we can avoid roken compleatly.
Andrew Bartlett [Mon, 9 Jan 2006 22:34:34 +0000 (22:34 +0000)]
r12808: Actually, with that we can avoid roken compleatly.

Andrew Bartlett

14 years agor12807: I'm wondering if this might fix AIX on the build farm...
Andrew Bartlett [Mon, 9 Jan 2006 22:30:08 +0000 (22:30 +0000)]
r12807: I'm wondering if this might fix AIX on the build farm...

Andrew Bartlett

14 years agor12806: tridge: in revision 12634 you introduced to validate the ndr_print output
Stefan Metzmacher [Mon, 9 Jan 2006 22:28:26 +0000 (22:28 +0000)]
r12806: tridge: in revision 12634 you introduced to validate the ndr_print output
and RPC-ECHO doesn't pass under valgrind anymore with this

metze

14 years agor12805: merge from samba3
Stefan Metzmacher [Mon, 9 Jan 2006 22:19:51 +0000 (22:19 +0000)]
r12805: merge from samba3

metze

14 years agor12804: This patch reworks the Samba4 sockets layer to use a socket_address
Andrew Bartlett [Mon, 9 Jan 2006 22:12:53 +0000 (22:12 +0000)]
r12804: This patch reworks the Samba4 sockets layer to use a socket_address
structure that is more generic than just 'IP/port'.

It now passes make test, and has been reviewed and updated by
metze. (Thankyou *very* much).

This passes 'make test' as well as kerberos use (not currently in the
testsuite).

The original purpose of this patch was to have Samba able to pass a
socket address stucture from the BSD layer into the kerberos routines
and back again.   It also removes nbt_peer_addr, which was being used
for a similar purpose.

It is a large change, but worthwhile I feel.

Andrew Bartlett

14 years agor12803: if we free the ndr structure how should we access the private pointer anymore?
Stefan Metzmacher [Mon, 9 Jan 2006 21:59:42 +0000 (21:59 +0000)]
r12803: if we free the ndr structure how should we access the private pointer anymore?

thanks valgrind!

metze

14 years agor12801: Some more include/ cleanups (remove unused macros + move files
Jelmer Vernooij [Mon, 9 Jan 2006 21:44:30 +0000 (21:44 +0000)]
r12801: Some more include/ cleanups (remove unused macros + move files
to specific dirs)

14 years agor12800: Replace tmp_ctx with mem_ctx to make variables name more
Rafal Szczesniak [Mon, 9 Jan 2006 21:22:27 +0000 (21:22 +0000)]
r12800: Replace tmp_ctx with mem_ctx to make variables name more
consistent along the file.

rafal

14 years agor12799: print out function and location too
Stefan Metzmacher [Mon, 9 Jan 2006 20:30:44 +0000 (20:30 +0000)]
r12799: print out function and location too

metze

14 years agor12798: print timestamps into the log file, this is not nice code,
Stefan Metzmacher [Mon, 9 Jan 2006 18:25:06 +0000 (18:25 +0000)]
r12798: print timestamps into the log file, this is not nice code,
but it works for now

metze

14 years agor12797: check for a error
Stefan Metzmacher [Mon, 9 Jan 2006 17:43:48 +0000 (17:43 +0000)]
r12797: check for a error

metze

14 years agor12796: use the correct address as initiator
Stefan Metzmacher [Mon, 9 Jan 2006 17:03:17 +0000 (17:03 +0000)]
r12796: use the correct address as initiator

metze

14 years agor12795: remember the gensec_security context
Stefan Metzmacher [Mon, 9 Jan 2006 16:20:02 +0000 (16:20 +0000)]
r12795: remember the gensec_security context

metze

14 years agor12793: fix bugs
Stefan Metzmacher [Mon, 9 Jan 2006 15:50:08 +0000 (15:50 +0000)]
r12793: fix bugs

metze

14 years agor12792: fix compiler warning
Stefan Metzmacher [Mon, 9 Jan 2006 15:45:12 +0000 (15:45 +0000)]
r12792: fix compiler warning

metze

14 years agor12791: fix compiler warning
Stefan Metzmacher [Mon, 9 Jan 2006 14:58:39 +0000 (14:58 +0000)]
r12791: fix compiler warning

metze

14 years agor12790: fix compiler warning
Stefan Metzmacher [Mon, 9 Jan 2006 14:19:24 +0000 (14:19 +0000)]
r12790: fix compiler warning

metze

14 years agor12785: make the iface_*() functions return strings which do not get
Andrew Tridgell [Mon, 9 Jan 2006 02:43:38 +0000 (02:43 +0000)]
r12785: make the iface_*() functions return strings which do not get
overwritten by another call (due to the implied static in
iface_ntoa()). This should save abartlet some pain

14 years agor12784: implement a simplified version of verifying old active replicas, with the...
Stefan Metzmacher [Sun, 8 Jan 2006 23:32:15 +0000 (23:32 +0000)]
r12784: implement a simplified version of verifying old active replicas, with the owner
server, we you nbt name queries for this....

I assume w2k3 uses DCERPC calls or some WINSREPL calls for this,
but our version should work till I find out more details...

metze

14 years agor12783: add a comment about matching more than 1 handler per message (andrew
Andrew Tridgell [Sun, 8 Jan 2006 22:58:59 +0000 (22:58 +0000)]
r12783: add a comment about matching more than 1 handler per message (andrew
thought this might be a bug)

14 years agor12782: Don't segfault if we cannot setup messaging.
Andrew Bartlett [Sun, 8 Jan 2006 22:00:57 +0000 (22:00 +0000)]
r12782: Don't segfault if we cannot setup messaging.

Andrew Bartlett

14 years agor12780: propagate local records, when replicas are rejected on conflicts
Stefan Metzmacher [Sun, 8 Jan 2006 21:25:38 +0000 (21:25 +0000)]
r12780: propagate local records, when replicas are rejected on conflicts

metze

14 years agor12779: allow static tomstones
Stefan Metzmacher [Sun, 8 Jan 2006 20:57:26 +0000 (20:57 +0000)]
r12779: allow static tomstones

metze

14 years agor12778: export TEST_DATA_PREFIX in make test
Stefan Metzmacher [Sun, 8 Jan 2006 20:50:18 +0000 (20:50 +0000)]
r12778: export TEST_DATA_PREFIX in make test

metze

14 years agor12777: use TEST_DATA_PREFIX if available
Stefan Metzmacher [Sun, 8 Jan 2006 20:47:48 +0000 (20:47 +0000)]
r12777: use TEST_DATA_PREFIX if available

metze

14 years agor12776: use $ENV{TEST_DATA_PREFIX} for test files if available
Stefan Metzmacher [Sun, 8 Jan 2006 20:20:18 +0000 (20:20 +0000)]
r12776: use $ENV{TEST_DATA_PREFIX} for test files if available

metze

14 years agor12775: free elements early...
Stefan Metzmacher [Sun, 8 Jan 2006 18:25:40 +0000 (18:25 +0000)]
r12775: free elements early...

metze

14 years agor12774: - fix the build on OpenBSD
Stefan Metzmacher [Sun, 8 Jan 2006 18:20:56 +0000 (18:20 +0000)]
r12774: - fix the build on OpenBSD

I'll try to remove TIME_T_MIN/TIME_T_MAX completly later,
but for now I try to build on all platfarms

metze

14 years agor12773: - remove unused variable, fix the build with some old compilers
Stefan Metzmacher [Sun, 8 Jan 2006 18:12:35 +0000 (18:12 +0000)]
r12773: - remove unused variable, fix the build with some old compilers

metze

14 years agor12772: - create variables for the %(patsubst ...) statements for the idl files
Stefan Metzmacher [Sun, 8 Jan 2006 17:13:13 +0000 (17:13 +0000)]
r12772: - create variables for the %(patsubst ...) statements for the idl files
- this also fixes the build on BSD systems

metze

14 years agor12770: Remove the alloca.h header as it is not used in the code afaics
Simo Sorce [Sun, 8 Jan 2006 14:00:28 +0000 (14:00 +0000)]
r12770: Remove the alloca.h header as it is not used in the code afaics

14 years agor12769: Make ldb_next_request() evident, I was much confused on first sight
Simo Sorce [Sun, 8 Jan 2006 13:50:06 +0000 (13:50 +0000)]
r12769: Make ldb_next_request() evident, I was much confused on first sight

Simo.

14 years agor12767: Add some trusted lookups
Volker Lendecke [Sun, 8 Jan 2006 13:26:04 +0000 (13:26 +0000)]
r12767: Add some trusted lookups

14 years agor12766: fix the build
Volker Lendecke [Sun, 8 Jan 2006 12:44:41 +0000 (12:44 +0000)]
r12766: fix the build

14 years agor12765: Revert an accidential commit
Volker Lendecke [Sun, 8 Jan 2006 12:31:06 +0000 (12:31 +0000)]
r12765: Revert an accidential commit

14 years agor12764: Add a test for lsa_lookup. This will be expanded when I get around to add
Volker Lendecke [Sun, 8 Jan 2006 12:29:11 +0000 (12:29 +0000)]
r12764: Add a test for lsa_lookup. This will be expanded when I get around to add
trusted domains.

Volker

14 years agor12763: Oops. If you call ldb_search from within an ldb module's search
Andrew Bartlett [Sun, 8 Jan 2006 02:05:20 +0000 (02:05 +0000)]
r12763: Oops.  If you call ldb_search from within an ldb module's search
request handler, you really have to watch the recursion issues...

Andrew Bartlett

14 years agor12762: Simo correctly asked that the policy logic (which attributes contain
Andrew Bartlett [Sun, 8 Jan 2006 01:46:30 +0000 (01:46 +0000)]
r12762: Simo correctly asked that the policy logic (which attributes contain
passwords) be moved into the database, and not be hard-coded in the
module source.

Andrew Bartlett

14 years agor12761: get the TIME_T_MIN and TIME_T_MAX right again, merging from samba3 was a...
Stefan Metzmacher [Sun, 8 Jan 2006 00:09:49 +0000 (00:09 +0000)]
r12761: get the TIME_T_MIN and TIME_T_MAX right again, merging from samba3 was a bad idea...
as in samba4 we use TIME_T_MIN = 0 (maybe we should do this in samba3 too) because
negativ values mean error.

but still restrict TIME_T_MAX to INT32_MAX, to not overflow gmtime() on 64 bit systems,
is this behavior documented somewhere?

metze

14 years agor12755: check the return value of ldb_timestring(), as this fails,
Stefan Metzmacher [Sat, 7 Jan 2006 10:56:55 +0000 (10:56 +0000)]
r12755: check the return value of ldb_timestring(), as this fails,
when gmtime() fails...

metze

14 years agor12754: - sync TIME_T_MAX calculation from samba3
Stefan Metzmacher [Sat, 7 Jan 2006 10:28:48 +0000 (10:28 +0000)]
r12754: - sync TIME_T_MAX calculation from samba3
- but limit TIME_T_MAX to INT32_MAX, otherwise 64 platfroms are broken
  because gmtime() will fail with INT64_MAX passed in!

I'm not sure if that's the best fix for this problem, but it works...

Should we port the INT32_MAX limitation to samba3?

Comments, please?

metze

14 years agor12753: Try to fix the build after a 'make clean'. (the wildcards will not
Andrew Bartlett [Sat, 7 Jan 2006 00:06:58 +0000 (00:06 +0000)]
r12753: Try to fix the build after a 'make clean'.  (the wildcards will not
expand because they don't exist yet).  Thanks again to HotaruT.

Andrew Bartlett

14 years agor12752: Clean up compile_et and asn1_compile as well.
Andrew Bartlett [Fri, 6 Jan 2006 23:15:06 +0000 (23:15 +0000)]
r12752: Clean up compile_et and asn1_compile as well.

Andrew Bartlett

14 years agor12751: Another make clean fix.
Andrew Bartlett [Fri, 6 Jan 2006 23:12:12 +0000 (23:12 +0000)]
r12751: Another make clean fix.

Andrew Bartlett

14 years agor12750: Clean up more asn1 generated files (pointed out by <HotaruT>).
Andrew Bartlett [Fri, 6 Jan 2006 22:55:03 +0000 (22:55 +0000)]
r12750: Clean up more asn1 generated files (pointed out by <HotaruT>).

Andrew Bartlett

14 years agor12749: Fix the newuser script.
Andrew Bartlett [Fri, 6 Jan 2006 21:45:36 +0000 (21:45 +0000)]
r12749: Fix the newuser script.

Andrew Bartlett

14 years agor12748: Fix wrong handling of separation characters for RDNs
Simo Sorce [Fri, 6 Jan 2006 21:39:37 +0000 (21:39 +0000)]
r12748: Fix wrong handling of separation characters for RDNs
allow escaped separation chars as part of the attr value
of an RDN

14 years agor12747: Add a couple more token tests, used by the kludge ACL module.
Andrew Bartlett [Fri, 6 Jan 2006 21:20:09 +0000 (21:20 +0000)]
r12747: Add a couple more token tests, used by the kludge ACL module.

Andrew Bartlett

14 years agor12746: An initial version of the kludge_acls module.
Andrew Bartlett [Fri, 6 Jan 2006 21:04:32 +0000 (21:04 +0000)]
r12746: An initial version of the kludge_acls module.

This should be replaced with real ACLs, which tridge is working on.
In the meantime, the rules are very simple:

- SYSTEM and Administrators can read all.

- Users and anonymous cannot read passwords, can read everything else

- list of 'password' attributes is hard-coded

Most of the difficult work in this was fighting with the C/js
interface to add a system_session() all, as it still doesn't get on
with me :-)

Andrew Bartlett

14 years agor12745: Initial work to support a syntax to pass over controls via
Simo Sorce [Fri, 6 Jan 2006 19:42:08 +0000 (19:42 +0000)]
r12745: Initial work to support a syntax to pass over controls via
command line to ldbsearch. Very rough work, no checks are
done on the input yet (will segfault if you make it wrong).
Controls are passed via the --controls switch an are comma
separated (no escaping yet).

General syntax is <ctrl_name>:<criticality>
<ctrl_name> is a string
<criticality> is 1 or 0

Current semi-parsed controls are:

server_sort
syntax: server_sort:1:0:attributename

1st parm: criticality
2nd parm: reversed
3rd parm: attribute name to be used for sorting

todo: still missing suport for multiple sorting
  attributes and ordering rule
no check on result code

paged_results
syntax: paged_results:1:100

1st parm: criticality
2nd parm: number of results to be returned

todo: ldbsearch will return only the first batch
  (missing code to cycle over conditionally)
no check on result code

extended_dn
syntax: extended_dn:1:0

1st parm: criticality
2nd parm: type, see MS docs on meaning

Simo.

14 years agor12744: For correctly written scripts, we don't need this anymore. Only use
Andrew Bartlett [Fri, 6 Jan 2006 19:37:13 +0000 (19:37 +0000)]
r12744: For correctly written scripts, we don't need this anymore.  Only use
the cmdline credentials if we ask for it.

Andrew Bartlett

14 years agor12743: Remove the ugly way we had to make a second stage init and introduce
Simo Sorce [Fri, 6 Jan 2006 16:12:45 +0000 (16:12 +0000)]
r12743: Remove the ugly way we had to make a second stage init and introduce
a second_stage_init private function for modules that need a second stage init.

Simo.