14 years agor7990: An attempt at documenting the current state of cludges required to get
Andrew Bartlett [Wed, 29 Jun 2005 07:55:16 +0000 (07:55 +0000)]
r7990: An attempt at documenting the current state of cludges required to get
Samba4 going, with kerberos.

Andrew Bartlett

14 years agor7989: Allow the use of hashed passwords in the kerberos client and server,
Andrew Bartlett [Wed, 29 Jun 2005 03:01:35 +0000 (03:01 +0000)]
r7989: Allow the use of hashed passwords in the kerberos client and server,
and create the in-memory keytab with the correct kvno, if available.

Andrew Bartlett

14 years agor7988: Store the KVNO for the machine account, and set it up in the provision.
Andrew Bartlett [Wed, 29 Jun 2005 02:28:57 +0000 (02:28 +0000)]
r7988: Store the KVNO for the machine account, and set it up in the provision.

Andrew Bartlett

14 years agor7986: Fix the compile, thanks to HotaruT.
Andrew Bartlett [Tue, 28 Jun 2005 22:13:53 +0000 (22:13 +0000)]
r7986: Fix the compile, thanks to HotaruT.

This won't actually work until I get the keyblock filled in again, but
at least it will compile.

I first need to decide if we want to keep the server-side gensec_krb5
code at all, now we have the GSSAPI layer doing what we want.

Andrew Bartlett

14 years agor7980: Forgot to add kerberos_pac.c to this file.
Andrew Bartlett [Tue, 28 Jun 2005 10:58:41 +0000 (10:58 +0000)]
r7980: Forgot to add kerberos_pac.c to this file.

Andrew Bartlett

14 years agor7979: Metze reminded me to try one more combination, and we can now verify
Andrew Bartlett [Tue, 28 Jun 2005 09:37:04 +0000 (09:37 +0000)]
r7979: Metze reminded me to try one more combination, and we can now verify
the 'PAC', required for interopability with Active Directory.

This is still a cludge, as it doesn't handle different encryption
types, but that should be fairly easy to fix (needs PIDL/IDL changes).

Andrew Bartlett

14 years agor7978: A start again on PAC verification. I have noticed that the kerberos
Andrew Bartlett [Tue, 28 Jun 2005 08:27:50 +0000 (08:27 +0000)]
r7978: A start again on PAC verification.  I have noticed that the kerberos
keys appear at the end of the PAC, which I feel is deliberate (it
makes this much easier).

I still can't make it work, but I'm sure we are closer.

Andrew Bartlett

14 years agor7977: split up 'make clean' a little more as it is overflowing the command line...
Andrew Tridgell [Tue, 28 Jun 2005 02:49:35 +0000 (02:49 +0000)]
r7977: split up 'make clean' a little more as it is overflowing the command line size limits
on some platforms

14 years agor7971: structs.h update
Andrew Bartlett [Tue, 28 Jun 2005 00:57:38 +0000 (00:57 +0000)]
r7971: structs.h update

14 years agor7970: This SMB signing code (merged from 3.0) turned out to be bogus.
Andrew Bartlett [Tue, 28 Jun 2005 00:57:15 +0000 (00:57 +0000)]
r7970: This SMB signing code (merged from 3.0) turned out to be bogus.

Andrew Bartlett

14 years agor7969: It seems reasonable that our tickets be marked renewable, in the
Andrew Bartlett [Tue, 28 Jun 2005 00:56:39 +0000 (00:56 +0000)]
r7969: It seems reasonable that our tickets be marked renewable, in the
absense of an apparent AD flag to control this behaviour.

Andrew Bartlett

14 years agor7968: Pull the PAC from within GSSAPI, rather than only when using our own
Andrew Bartlett [Tue, 28 Jun 2005 00:55:44 +0000 (00:55 +0000)]
r7968: Pull the PAC from within GSSAPI, rather than only when using our own
'mock GSSAPI'.

Many thanks to Luke Howard for the work he has done on Heimdal for
XAD, to provide the right API hooks in GSSAPI.

Next step is to verify the signatures, and to build the PAC for the
KDC end.

Andrew Bartlett

14 years agor7967: We don't have the ms_krb5 stuff any more.
Andrew Bartlett [Tue, 28 Jun 2005 00:52:10 +0000 (00:52 +0000)]
r7967: We don't have the ms_krb5 stuff any more.

Andrew Bartlett

14 years agor7966: We need a better way to do this, but enable the KDC by default, if we
Andrew Bartlett [Tue, 28 Jun 2005 00:51:35 +0000 (00:51 +0000)]
r7966: We need a better way to do this, but enable the KDC by default, if we
have kerberos.

Andrew Bartlett

14 years agor7965: Remove the GENSEC password callback structure members, as these are no
Andrew Bartlett [Tue, 28 Jun 2005 00:50:40 +0000 (00:50 +0000)]
r7965: Remove the GENSEC password callback structure members, as these are no
longer used.

Andrew Bartlett

14 years agor7958: More debian packaging updates; packages build now with
Jelmer Vernooij [Mon, 27 Jun 2005 22:07:28 +0000 (22:07 +0000)]
r7958: More debian packaging updates; packages build now with
a few minor issues.

Move ldb manpages one level higher - there is no longer a need to have

14 years agor7955: we should not free a struct which is passed as a parameter, to a function
Stefan Metzmacher [Mon, 27 Jun 2005 19:32:52 +0000 (19:32 +0000)]
r7955: we should not free a struct which is passed as a parameter, to a function
the caller should free it

this fixed a double free bug noticed by
Дейтер Александр Валериевич <> 


14 years agor7943: Add 'make manpages', fix 'make installman' and 'make uninstallman'.
Jelmer Vernooij [Mon, 27 Jun 2005 12:09:52 +0000 (12:09 +0000)]
r7943: Add 'make manpages', fix 'make installman' and 'make uninstallman'.
Not part of the "all" make target yet, as it requires xsltproc

14 years agor7942: Debian packages updates and fixes. Use dh_install for diverting
Jelmer Vernooij [Mon, 27 Jun 2005 10:00:43 +0000 (10:00 +0000)]
r7942: Debian packages updates and fixes. Use dh_install for diverting
files to different packages.

14 years agor7941: fixed handling of ASN.1 objects bigger than 64k
Andrew Tridgell [Mon, 27 Jun 2005 07:02:39 +0000 (07:02 +0000)]
r7941: fixed handling of ASN.1 objects bigger than 64k

14 years agor7940: use local path first for ldbadd in provisioning
Andrew Tridgell [Mon, 27 Jun 2005 05:46:45 +0000 (05:46 +0000)]
r7940: use local path first for ldbadd in provisioning

14 years agor7939: fix default hostname in provision
Andrew Tridgell [Mon, 27 Jun 2005 05:28:09 +0000 (05:28 +0000)]
r7939: fix default hostname in provision

14 years agor7937: main file was missing
Simo Sorce [Mon, 27 Jun 2005 00:00:50 +0000 (00:00 +0000)]
r7937: main file was missing

14 years agor7936: new ldb_dn_explode and ldb_dn_casefold functions and co
Simo Sorce [Sun, 26 Jun 2005 23:59:22 +0000 (23:59 +0000)]
r7936: new ldb_dn_explode and ldb_dn_casefold functions and co

14 years agor7935: auth_unix now uses crypt(), so depend on -lcrypt.
Andrew Bartlett [Sun, 26 Jun 2005 23:21:25 +0000 (23:21 +0000)]
r7935: auth_unix now uses crypt(), so depend on -lcrypt.

This builds on the work tridge did to make -lcrypt conditional, rather
than globally linked.  This was needed for Heimdal stuff, but then I
'fixed' heimdal, and we now reintroduce it here.

Andrew Bartlett

14 years agor7934: ported samba3 pass_check functions to auth_unix.c
Simo Sorce [Sun, 26 Jun 2005 22:33:50 +0000 (22:33 +0000)]
r7934: ported samba3 pass_check functions to auth_unix.c
not having these platforms they are untested,
let's hope the buildfarm can catch any problem

14 years agor7933: darn, forgot to add this
Andrew Tridgell [Sun, 26 Jun 2005 12:06:29 +0000 (12:06 +0000)]
r7933: darn, forgot to add this

14 years agor7932: don't use the nbt called name as server name, for dcerpc_server_name()
Stefan Metzmacher [Sun, 26 Jun 2005 11:35:50 +0000 (11:35 +0000)]
r7932: don't use the nbt called name as server name, for dcerpc_server_name()
in the ncacn_np trnaport

it's now supported to use the ip address in smbtorture for ncacn_np tests
that use dcerpc_server_name(),

and we can now pass the dns host name in the tree connect when we have the dns name
on the smbtorture command line


14 years agor7931: fixed a bug in the cifs backend found with the new test code
Andrew Tridgell [Sun, 26 Jun 2005 11:34:34 +0000 (11:34 +0000)]
r7931: fixed a bug in the cifs backend found with the new test code

14 years agor7930: - added testing of the cifs passthru backend
Andrew Tridgell [Sun, 26 Jun 2005 11:34:03 +0000 (11:34 +0000)]
r7930: - added testing of the cifs passthru backend

- removed redundent $ADDARG code in selftest

14 years agor7929: yet another attempt at fixing installswat on freebsd 5
Andrew Tridgell [Sun, 26 Jun 2005 10:47:31 +0000 (10:47 +0000)]
r7929: yet another attempt at fixing installswat on freebsd 5

nodie assures me this works now ...

14 years agor7928: Add rename, unlink and list commands.
Tim Potter [Sun, 26 Jun 2005 07:34:55 +0000 (07:34 +0000)]
r7928: Add rename, unlink and list commands.

list() returns a list of strings, but maybe it should be a list of
objects with size, attrib, short name etc.

14 years agor7927: fixed an error on partial socket writes in the rpc server
Andrew Tridgell [Sun, 26 Jun 2005 07:31:45 +0000 (07:31 +0000)]
r7927: fixed an error on partial socket writes in the rpc server

14 years agor7926: poptGetNextOpt() returns int, not char
Andrew Tridgell [Sun, 26 Jun 2005 06:09:03 +0000 (06:09 +0000)]
r7926: poptGetNextOpt() returns int, not char

this was breaking ldbadd on some platforms

14 years agor7925: small tidyup (please keep lines at a reasonable length)
Andrew Tridgell [Sun, 26 Jun 2005 06:08:19 +0000 (06:08 +0000)]
r7925: small tidyup (please keep lines at a reasonable length)

14 years agor7924: Add mkdir() and rmdir() functions.
Tim Potter [Sun, 26 Jun 2005 05:43:16 +0000 (05:43 +0000)]
r7924: Add mkdir() and rmdir() functions.

Write a macro to check tree handle parameters.

14 years agor7923: removed dependence on Data::Dumper
Andrew Tridgell [Sun, 26 Jun 2005 05:19:48 +0000 (05:19 +0000)]
r7923: removed dependence on Data::Dumper

please use util::MyDumper() rather than adding this back in

14 years agor7922: Comment out complicated connect/session/tree API for the moment. Replace
Tim Potter [Sun, 26 Jun 2005 05:18:50 +0000 (05:18 +0000)]
r7922: Comment out complicated connect/session/tree API for the moment.  Replace
with tree_connect() and tree_disconnect() functions.

14 years agor7921: fixed newuser script (letting samldb module allocate the sid)
Andrew Tridgell [Sun, 26 Jun 2005 04:58:26 +0000 (04:58 +0000)]
r7921: fixed newuser script (letting samldb module allocate the sid)

14 years agor7920: another attempt at making portable
Andrew Tridgell [Sun, 26 Jun 2005 04:30:48 +0000 (04:30 +0000)]
r7920: another attempt at making portable

14 years agor7919: use more portable shell syntax for MALLOC_CHECK_
Andrew Tridgell [Sun, 26 Jun 2005 03:39:48 +0000 (03:39 +0000)]
r7919: use more portable shell syntax for MALLOC_CHECK_

14 years agor7918: fixed a crash bug in the ldap server
Andrew Tridgell [Sun, 26 Jun 2005 03:29:26 +0000 (03:29 +0000)]
r7918: fixed a crash bug in the ldap server

14 years agor7917: macosx doesn't have a group called 'users'
Andrew Tridgell [Sun, 26 Jun 2005 02:01:32 +0000 (02:01 +0000)]
r7917: macosx doesn't have a group called 'users'

14 years agor7916: - got rid of the in_client global
Andrew Tridgell [Sun, 26 Jun 2005 01:11:12 +0000 (01:11 +0000)]
r7916: - got rid of the in_client global

- make not finding smb.conf a level 1 message, not level 0. Most of our
  tools handle no smb.conf, and those that don't should check for the
  specific parameters they need, or use the defaults

14 years agor7915: report the number of failed tests so far when running 'make test' interactively
Andrew Tridgell [Sun, 26 Jun 2005 00:23:06 +0000 (00:23 +0000)]
r7915: report the number of failed tests so far when running 'make test' interactively

14 years agor7914: - we don't need to override the database locations in selftest any more
Andrew Tridgell [Sun, 26 Jun 2005 00:22:33 +0000 (00:22 +0000)]
r7914: - we don't need to override the database locations in selftest any more

- make sure we create the tls directory

14 years agor7913: prevent recursion in the socket wrapper code
Andrew Tridgell [Sun, 26 Jun 2005 00:20:22 +0000 (00:20 +0000)]
r7913: prevent recursion in the socket wrapper code

14 years agor7912: make private_path() recognise a non-relative filename, so we can have
Andrew Tridgell [Sun, 26 Jun 2005 00:12:44 +0000 (00:12 +0000)]
r7912: make private_path() recognise a non-relative filename, so we can have

  sam database = sam.ldb

and it will know to put it in the private dir, but if you use

  sam database = ldap://server

it knows to use it as-is

14 years agor7911: task_terminate() is defined in the macosx headers, so change the name
Andrew Tridgell [Sat, 25 Jun 2005 23:53:14 +0000 (23:53 +0000)]
r7911: task_terminate() is defined in the macosx headers, so change the name
to task_server_terminate()

14 years agor7910: fixed typo in _SAMBA_BUILD_ macro
Andrew Tridgell [Sat, 25 Jun 2005 23:38:03 +0000 (23:38 +0000)]
r7910: fixed typo in _SAMBA_BUILD_ macro

14 years agor7909: don't consider not finding a list of network interfaces from the kernel a...
Andrew Tridgell [Sat, 25 Jun 2005 23:35:37 +0000 (23:35 +0000)]
r7909: don't consider not finding a list of network interfaces from the kernel a fatal error,
the individual services that need at least one known interface check for it anyway

this should fix provisioning on macosx

14 years agor7907: the old solaris perl doesn't handle mkdir() without a mode
Andrew Tridgell [Sat, 25 Jun 2005 14:18:34 +0000 (14:18 +0000)]
r7907: the old solaris perl doesn't handle mkdir() without a mode

14 years agor7906: some portability fixes for ldap testing on solaris (solaris grep doesn't handle ^)
Andrew Tridgell [Sat, 25 Jun 2005 14:18:01 +0000 (14:18 +0000)]
r7906: some portability fixes for ldap testing on solaris (solaris grep doesn't handle ^)

14 years agor7905: this should fix installswat on FreeBSD. Thanks to nodie for testing this for me
Andrew Tridgell [Sat, 25 Jun 2005 14:12:30 +0000 (14:12 +0000)]
r7905: this should fix installswat on FreeBSD. Thanks to nodie for testing this for me

14 years agor7901: check if system supports UTF-16LE at all in LOCAL-ICONV test
Andrew Tridgell [Sat, 25 Jun 2005 06:13:29 +0000 (06:13 +0000)]
r7901: check if system supports UTF-16LE at all in LOCAL-ICONV test

14 years agor7900: the existing ltdb indexing code does in fact cope with binary fields, so re...
Andrew Tridgell [Sat, 25 Jun 2005 05:03:29 +0000 (05:03 +0000)]
r7900: the existing ltdb indexing code does in fact cope with binary fields, so re-enable
indexing on objectSid

14 years agor7899: fixed a crash bug in the RAW-CONTEXT test
Andrew Tridgell [Sat, 25 Jun 2005 04:56:06 +0000 (04:56 +0000)]
r7899: fixed a crash bug in the RAW-CONTEXT test

14 years agor7898: don't die on bad iconv libs in LOCAL-ICONV test
Andrew Tridgell [Sat, 25 Jun 2005 04:48:20 +0000 (04:48 +0000)]
r7898: don't die on bad iconv libs in LOCAL-ICONV test

14 years agor7897: work in progress
Derrell Lipman [Sat, 25 Jun 2005 03:43:33 +0000 (03:43 +0000)]
r7897: work in progress

14 years agor7896: don't output null rules for blank targets (caued make failure on irix)
Andrew Tridgell [Sat, 25 Jun 2005 03:40:34 +0000 (03:40 +0000)]
r7896: don't output null rules for blank targets (caued make failure on irix)

14 years agor7895: hopefully this will fix the popt build on solaris
Andrew Tridgell [Sat, 25 Jun 2005 03:18:22 +0000 (03:18 +0000)]
r7895: hopefully this will fix the popt build on solaris

14 years agor7894: remove portability experiments until its working in the smb-build test project
Andrew Tridgell [Sat, 25 Jun 2005 03:10:57 +0000 (03:10 +0000)]
r7894: remove portability experiments until its working in the smb-build test project
(this change broke irix)

14 years agor7891: Improve output of unused macro find script
Jelmer Vernooij [Fri, 24 Jun 2005 22:49:14 +0000 (22:49 +0000)]
r7891: Improve output of unused macro find script
Remove duplicate find-missing-doc script (already in samba-docs repository)

14 years agor7875: try to see if this is portable
Stefan Metzmacher [Fri, 24 Jun 2005 09:55:34 +0000 (09:55 +0000)]
r7875: try to see if this is portable


14 years agor7874: reverted metzes patch svn 7837 as it is not portable to make on
Andrew Tridgell [Fri, 24 Jun 2005 05:20:27 +0000 (05:20 +0000)]
r7874: reverted metzes patch svn 7837 as it is not portable to make on
several platforms (such as FreeBSD)

14 years agor7873: hopefully fixed build of ldb_explode_dn() on AIX
Andrew Tridgell [Fri, 24 Jun 2005 05:17:36 +0000 (05:17 +0000)]
r7873: hopefully fixed build of ldb_explode_dn() on AIX

I'd really rather see this code completely replaced, but I'll leave
that to simo (he has volunteered) :-)

14 years agor7872: another place we were relying on the old behaviour of value()
Andrew Tridgell [Fri, 24 Jun 2005 04:42:05 +0000 (04:42 +0000)]
r7872: another place we were relying on the old behaviour of value()

14 years agor7871: setup spoolss, wins and hklm dbs correctly in selftest
Andrew Tridgell [Fri, 24 Jun 2005 04:33:37 +0000 (04:33 +0000)]
r7871: setup spoolss, wins and hklm dbs correctly in selftest

14 years agor7870: fixed the RPC-SCHANNEL test. It turned out it was my const changes, as
Andrew Tridgell [Fri, 24 Jun 2005 04:25:40 +0000 (04:25 +0000)]
r7870: fixed the RPC-SCHANNEL test. It turned out it was my const changes, as
they slightly changed the semantics of value() in pidl, which broke
a optimisation hack in some of our IDL files.

I've changed the idl files to remove the hack for now. Sometime we
need to find a better way to handle these :-)

14 years agor7869: revert the configure changes from jelmers commit for heimdal_build
Andrew Tridgell [Fri, 24 Jun 2005 03:52:08 +0000 (03:52 +0000)]
r7869: revert the configure changes from jelmers commit for heimdal_build
(they are needed when you use the in-tree heimdal)

14 years agor7868: canonicalise the message before using ldb_add() in the ldbadd utility.
Andrew Tridgell [Fri, 24 Jun 2005 01:58:40 +0000 (01:58 +0000)]
r7868: canonicalise the message before using ldb_add() in the ldbadd utility.

14 years agor7867: a couple of bug fixes for from kukks
Andrew Tridgell [Fri, 24 Jun 2005 01:50:50 +0000 (01:50 +0000)]
r7867: a couple of bug fixes for from kukks

I'm looking forward to deleting this file when we can add users using
the web intgerface (and maybe ejs scripts for the command line)

14 years agor7866: Remove some unused autoconf macro calls.
Jelmer Vernooij [Fri, 24 Jun 2005 01:27:34 +0000 (01:27 +0000)]
r7866: Remove some unused autoconf macro calls.

Some of these should probably be re-added again later when
we need them. They should then be added to the appropriate config.m4 file
in the source tree rather then in rewrite.m4.

14 years agor7865: changed pidl to take a "const void *" instead of a "void *" for the
Andrew Tridgell [Fri, 24 Jun 2005 01:18:56 +0000 (01:18 +0000)]
r7865: changed pidl to take a "const void *" instead of a "void *" for the
structure in ndr_push_*() and ndr_print_*(). The push and print
functions really should not modify the structure.

metze, to make this work I had to change your spoolss hand
marshaller. Can you please check it is OK? I think that the IN and OUT
sides of that function are not ever called on the same structure, so I
think that attempt at remembering the value by assigning to
r->in._offered was not doing anything anyway, but please correct me if
I have misunderstood it.

If you really do need to remember something on those structures I'd
suggest the ndr_token_store() and ndr_token_retrieve() functions,
which are used by pidl for just this sort of thing.

14 years agor7864: fixed some const bugs
Andrew Tridgell [Fri, 24 Jun 2005 01:14:43 +0000 (01:14 +0000)]
r7864: fixed some const bugs

14 years agor7863: removed an unused variable
Andrew Tridgell [Fri, 24 Jun 2005 01:13:57 +0000 (01:13 +0000)]
r7863: removed an unused variable

14 years agor7862: Updates to the Kerberos notes, based on recent changes and discoveries.
Andrew Bartlett [Fri, 24 Jun 2005 01:13:35 +0000 (01:13 +0000)]
r7862: Updates to the Kerberos notes, based on recent changes and discoveries.

Andrew Bartlett

14 years agor7861: Nicer output, remove some false warnings.
Jelmer Vernooij [Fri, 24 Jun 2005 00:35:20 +0000 (00:35 +0000)]
r7861: Nicer output, remove some false warnings.

14 years agor7860: switch our ldb storage format to use a NDR encoded objectSid. This is
Andrew Tridgell [Fri, 24 Jun 2005 00:18:20 +0000 (00:18 +0000)]
r7860: switch our ldb storage format to use a NDR encoded objectSid. This is
quite a large change as we had lots of code that assumed that
objectSid was a string in S- format.

metze and simo tried to convince me to use NDR format months ago, but
I didn't listen, so its fair that I have the pain of fixing all the
code now :-)

This builds on the ldb_register_samba_handlers() and ldif handlers
code I did earlier this week. There are still three parts of this
conversion I have not finished:

 - the ltdb index records need to use the string form of the objectSid
   (to keep the DNs sane). Until that it done I have disabled indexing on
   objectSid, which is a big performance hit, but allows us to pass
   all our tests while I rejig the indexing system to use a externally
   supplied conversion function

 - I haven't yet put in place the code that allows client to use the
   "S-xxx-yyy" form for objectSid in ldap search expressions. w2k3
   supports this, presumably by looking for the "S-" prefix to
   determine what type of objectSid form is being used by the client. I
   have been working on ways to handle this, but am not happy with
   them yet so they aren't part of this patch

 - I need to change pidl to generate push functions that take a
   "const void *" instead of a "void*" for the data pointer. That will
   fix the couple of new warnings this code generates.

Luckily it many places the conversion to NDR formatted records
actually simplified the code, as it means we no longer need as many
calls to dom_sid_parse_talloc(). In some places it got more complex,
but not many.

14 years agor7859: Merge a few scripts to one script that checks for the following unused
Jelmer Vernooij [Fri, 24 Jun 2005 00:07:04 +0000 (00:07 +0000)]
r7859: Merge a few scripts to one script that checks for the following unused
(used in, but their output is never used) autoconf macros:

14 years agor7858: removed some unused variables
Andrew Tridgell [Fri, 24 Jun 2005 00:06:04 +0000 (00:06 +0000)]
r7858: removed some unused variables

14 years agor7857: improved the handling of end-of-file on sockets in the smb server
Andrew Tridgell [Fri, 24 Jun 2005 00:05:41 +0000 (00:05 +0000)]
r7857: improved the handling of end-of-file on sockets in the smb server

14 years agor7856: fixed warning of 'methods' shadowed variable
Andrew Tridgell [Fri, 24 Jun 2005 00:04:26 +0000 (00:04 +0000)]
r7856: fixed warning of 'methods' shadowed variable

14 years agor7855: fixed a typo
Andrew Tridgell [Fri, 24 Jun 2005 00:03:47 +0000 (00:03 +0000)]
r7855: fixed a typo

14 years agor7854: only enable wrapping in the ldap server if it was negotiated by gensec
Andrew Tridgell [Fri, 24 Jun 2005 00:03:17 +0000 (00:03 +0000)]
r7854: only enable wrapping in the ldap server if it was negotiated by gensec

14 years agor7851: We are case preserving let the DN be returned the same the user put it into.
Simo Sorce [Thu, 23 Jun 2005 23:19:31 +0000 (23:19 +0000)]
r7851: We are case preserving let the DN be returned the same the user put it into.

14 years agor7850: Support mkdir() with just one parameter. Patch from
Jelmer Vernooij [Thu, 23 Jun 2005 22:30:26 +0000 (22:30 +0000)]
r7850: Support mkdir() with just one parameter. Patch from
Steven Edwards <>.

I've moved the Win32-specific tests to win32.m4 so it does not
make any of the POSIX configure stuff more complicated.

14 years agor7845: remove unused files
Stefan Metzmacher [Thu, 23 Jun 2005 15:23:02 +0000 (15:23 +0000)]
r7845: remove unused files

and remove all generated files with make distclean and make realdistclean


14 years agor7844: eliminate superfluous attribute tables
Derrell Lipman [Thu, 23 Jun 2005 04:26:23 +0000 (04:26 +0000)]
r7844: eliminate superfluous attribute tables

14 years agor7843: Use the new Heimdal gsskrb_acquire_creds API. This has the right
Andrew Bartlett [Thu, 23 Jun 2005 01:50:04 +0000 (01:50 +0000)]
r7843: Use the new Heimdal gsskrb_acquire_creds API.  This has the right
lifetime constraints, and works with the in-memory keytab.

Move initialize_krb5_error_table() into our kerberos startup code,
rather than in the GSSAPI code explitly.  (Hmm, we probably don't need
this at all..)

Andrew Bartlett

14 years agor7837: use some more 'make' features
Stefan Metzmacher [Wed, 22 Jun 2005 15:29:54 +0000 (15:29 +0000)]
r7837: use some more 'make' features
(I just commit this to see how portable it is)

I have a patch that remove the need of the recursiv make
and also fixes the HEIMDAL_EXTERNAL stuff cleanly


14 years agor7834: added comment about the "((" search test
Andrew Tridgell [Wed, 22 Jun 2005 04:01:27 +0000 (04:01 +0000)]
r7834: added comment about the "((" search test

14 years agor7833: changed ldbsearch and ldbedit to have command line syntax closer to
Andrew Tridgell [Wed, 22 Jun 2005 03:10:40 +0000 (03:10 +0000)]
r7833: changed ldbsearch and ldbedit to have command line syntax closer to
ldapsearch. They look for an '=' in the first argument to see if it is
a search expression, and if not then it does an 'all records' search

14 years agor7832: missed one
Andrew Tridgell [Wed, 22 Jun 2005 03:09:25 +0000 (03:09 +0000)]
r7832: missed one

14 years agor7831: use cn=TEST as base of test DNs so we don't interfere with potentially real...
Andrew Tridgell [Wed, 22 Jun 2005 03:08:06 +0000 (03:08 +0000)]
r7831: use cn=TEST as base of test DNs so we don't interfere with potentially real records

14 years agor7828: Although there is still plenty to do, ldb_sqlite3 now passes the set of tests
Derrell Lipman [Wed, 22 Jun 2005 02:39:07 +0000 (02:39 +0000)]
r7828: Although there is still plenty to do, ldb_sqlite3 now passes the set of tests
in tests/ (tests/

There are lots of optimizations still TBD, and some things are REALLY slow
right now (e.g. each add() operation takes 1/3 - 1/2 second) but it's ready for
interested parties to poke it and prod it and see how (un)reasonable it is.
Play away.

Still to be implemented or improved:
 - tdb specials (@MODULES, @SUBCLASSES, etc.)
 - all DNs are case-folded in their entirty right now (since doing otherwise
   would require @ATTRIBUTES to be implemented)
 - speed improvements and optimizations.  I am quite confident that the
   excessively slow add() operation can be much improved, and other areas
   can be somewhat improved.

14 years agor7827: Add in-memory keytab to Samba4, using the new MEMORY_WILDCARD keytab
Andrew Bartlett [Wed, 22 Jun 2005 02:12:26 +0000 (02:12 +0000)]
r7827: Add in-memory keytab to Samba4, using the new MEMORY_WILDCARD keytab
support in Heimdal.

This removes the 'ext_keytab' step from my Samba4/WinXP client howto.

In doing this work, I realised that the replay cache in Heimdal is
currently a no-op, so I have removed the calls to it, and therefore
the mutex calls from passdb/secrets.c.

This patch also includes a replacement 'magic' mechanism detection,
that does not issue extra error messages from deep inside the GSSAPI

Andrew Bartlett

14 years agor7816: Implementation of "shortcut" function for those (probably many) who
Rafal Szczesniak [Tue, 21 Jun 2005 20:22:38 +0000 (20:22 +0000)]
r7816: Implementation of "shortcut" function for those (probably many) who
don't like to bother with netbios type names when looking for common
types: hosts (servers) and domain controllers. Also, apropriate tests


14 years agor7814: Propagate the change in resolve_name_send function.
Rafal Szczesniak [Tue, 21 Jun 2005 20:19:17 +0000 (20:19 +0000)]
r7814: Propagate the change in resolve_name_send function.

14 years agor7813: Make async request independent from config file routines.
Rafal Szczesniak [Tue, 21 Jun 2005 20:18:08 +0000 (20:18 +0000)]
r7813: Make async request independent from config file routines.