Andrew Bartlett [Wed, 26 Mar 2008 04:42:20 +0000 (15:42 +1100)]
Remove old js versions of newuser and provision.
Andrew Bartlett
Andrew Bartlett [Wed, 26 Mar 2008 04:18:17 +0000 (15:18 +1100)]
Clean up the ldb python bindings to be 64 bit safe.
Thanks in particular to arkanes and KirkMcDonald on #python for their
assistance, suggesting breaking the DN check.
I eventually found it while trying to cut down on the number of gcc
warnings, which is why we also add printf annotations.
Andrew Bartlett
Andrew Bartlett [Tue, 25 Mar 2008 05:36:13 +0000 (16:36 +1100)]
Remove pointless cast
Andrew Bartlett [Tue, 25 Mar 2008 04:25:13 +0000 (15:25 +1100)]
Remove useless extra argument to samdb_result_account_expires().
Andrew Bartlett
Andrew Bartlett [Mon, 24 Mar 2008 23:29:35 +0000 (10:29 +1100)]
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-local
Volker Lendecke [Fri, 21 Mar 2008 09:35:54 +0000 (10:35 +0100)]
Add my copyright
If I remember it right and when I look at the git log, then this way to do the
async functions was designed by me.
Volker Lendecke [Thu, 20 Mar 2008 20:59:46 +0000 (21:59 +0100)]
Prove that a setuserinfo level 25 does set the pwdlastset field
Very likely this is not the full story, but as it happens so often this proof
is needed to fix a direct s3 bug.
Volker Lendecke [Thu, 20 Mar 2008 20:11:49 +0000 (21:11 +0100)]
Add the workstation to the anon sessetup credentials
Without this patch the RPC-SAMBA3SESSIONKEY against W2k3 gives
INVALID_PARAMETER for the anonymous session setup
Volker Lendecke [Thu, 20 Mar 2008 20:10:39 +0000 (21:10 +0100)]
Fix a warning
Without this patch I get
./libcli/security/proto.h:45: warning: 'struct auth_session_info' declared inside parameter list
Andrew Bartlett [Thu, 20 Mar 2008 04:14:49 +0000 (15:14 +1100)]
Explain why this attribute should be skipped.
Andrew Bartlett
Andrew Bartlett [Thu, 20 Mar 2008 02:25:05 +0000 (13:25 +1100)]
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-local
Andrew Bartlett [Thu, 20 Mar 2008 01:12:10 +0000 (12:12 +1100)]
More kludge ACLs!
Rather than killing off the nasty 'kludge ACLs' stuff, this patch
extends it, to ensure that LSA secrets and the registry are also
protected.
Andrew Bartlett
Kai Blin [Wed, 19 Mar 2008 23:42:42 +0000 (00:42 +0100)]
ntlm_auth: Improve compliance to the Squid helper protocol.
This fixes bug #4235 for Samba4.
Andrew Bartlett [Wed, 19 Mar 2008 01:12:24 +0000 (12:12 +1100)]
Extend the ldap.js test to prove faults with the LDAP backend.
Try to provide more information to see why OpenLDAP isn't quite up to
being a Samba4 Backend.
Andrew Bartlett
Andrew Bartlett [Wed, 19 Mar 2008 01:06:37 +0000 (12:06 +1100)]
Indent
Andrew Bartlett
Andrew Bartlett [Wed, 19 Mar 2008 00:15:04 +0000 (11:15 +1100)]
Remove unused variable.
Andrew Bartlett [Wed, 19 Mar 2008 00:11:55 +0000 (11:11 +1100)]
More safety around ldb_dn C functions in python bindings.
Ensure that the ldb python binding 'TypeError dn not set' errors are
not in the SWIG wrapper's use of ldb functions, put some more error
checks in.
Andrew Bartlett
Andrew Bartlett [Wed, 19 Mar 2008 00:10:19 +0000 (11:10 +1100)]
Supply HDB_DB_DIR macro
While we don't use the default HDB directories, the code needs this
macro defined.
Andrew Bartlett
Andrew Bartlett [Wed, 19 Mar 2008 00:04:42 +0000 (11:04 +1100)]
Merge branch 'v4-0-logon' of git://git.id10ts.net/samba into 4-0-local
Andrew Bartlett [Tue, 18 Mar 2008 23:18:35 +0000 (10:18 +1100)]
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-local
Andrew Bartlett [Tue, 18 Mar 2008 23:17:42 +0000 (10:17 +1100)]
Merge lorikeet-heimdal -r 787 into Samba4 tree.
Andrew Bartlett
Stefan Metzmacher [Tue, 18 Mar 2008 17:03:18 +0000 (18:03 +0100)]
lib/util: use LIBREPLACE_NETWORK as EXT_NSL doesn't exist anymore
metze
Stefan Metzmacher [Tue, 18 Mar 2008 17:02:23 +0000 (18:02 +0100)]
libndr: EXT_NSL doesn't exist anymore, but it wasn't needed anyway
metze
Stefan Metzmacher [Tue, 18 Mar 2008 16:59:31 +0000 (17:59 +0100)]
socket_wrapper: use LIBREPLACE_NETWORK because EXT_SOCKET and EXT_NSL doesn't exist anymore
metze
Stefan Metzmacher [Tue, 18 Mar 2008 16:58:36 +0000 (17:58 +0100)]
heimdal_build: use LIBREPLACE_NETWORK because EXT_SOCKET and EXT_NSL doesn't exist anymore
metze
Michael Adam [Tue, 18 Mar 2008 16:50:23 +0000 (17:50 +0100)]
libreplace: replace.c does not need system/network.h anymore.
Michael
Michael Adam [Tue, 18 Mar 2008 16:20:47 +0000 (17:20 +0100)]
libreplace: move rep_socketpair() to its own module.
Prototype is now in system/network.h,
implementation in socketpair.c, and
check in socketpair.m4.
Now the last networking function has vanished from replace.c.
Michael
Stefan Metzmacher [Tue, 18 Mar 2008 15:53:21 +0000 (16:53 +0100)]
ldb: not every shell supports '==' so use '='
metze
Gerald W. Carter [Thu, 28 Feb 2008 17:58:05 +0000 (11:58 -0600)]
Fix macro name (no 's' in ifr_addr).
Interface detection on Solaris still failing due to items pointed out here:
http://lists.samba.org/archive/samba-technical/2007-November/056701.html
(cherry picked from commit
37c87acc9d48c1fb5d4806374ca8e992300db1ff)
Volker Lendecke [Sat, 15 Mar 2008 21:27:05 +0000 (22:27 +0100)]
Fix Coverity ID 554
(cherry picked from commit
471b1b0c58bc2def5d2fe9d98401def34724d447)
Volker Lendecke [Sat, 23 Feb 2008 09:42:43 +0000 (10:42 +0100)]
Check the return value of fgets
(cherry picked from commit
b8aaa9a69fd6217ce0387ef8e84f316706186d70)
Michael Adam [Tue, 18 Mar 2008 15:31:15 +0000 (16:31 +0100)]
libreplace: remove duplicate entry of inet_ntoa from README.
Michael
Michael Adam [Tue, 18 Mar 2008 12:10:22 +0000 (13:10 +0100)]
libreplace: remove trailing white spaces.
Michael
Michael Adam [Tue, 18 Mar 2008 11:16:47 +0000 (12:16 +0100)]
libreplace: replace inet_ntoa() when it is missing
...not only replace it when it is broken.
This moves the defintion of rep_inet_ntoa from replace.c
to inet_ntoa.c and adds configure checks for existence
of inet_ntoa(). Checks are moved to an include file of its own.
NOTE: The original rep_inet_ntoa in replace.c was wrapped
into a "#ifndef WITH_PTHREADS" but the prototype in replace.h
and the define in system/network.h were not. I removed that
ifndef since the inet_ntoa() function is usually not thread safe
anyways, since it returns a pointer to a static buffer.
So whoever calls inet_ntoa() should be aware that it is not
thread safe anyways.
Michael
Michael Adam [Fri, 14 Mar 2008 14:53:38 +0000 (15:53 +0100)]
libreplace: put inet_aton.c under LGPL instead of GPL.
Michael
Michael Adam [Tue, 18 Mar 2008 12:02:32 +0000 (13:02 +0100)]
smbtorture: fix typos in RAW-OPLOCK output.
Michael
Stefan Metzmacher [Tue, 18 Mar 2008 14:01:34 +0000 (15:01 +0100)]
libreplace: remove unused SOCKET_LIBS and NSL_LIBS
metze
Stefan Metzmacher [Tue, 18 Mar 2008 13:59:10 +0000 (14:59 +0100)]
lib/socket: use LIBREPLACE_NETWORK instead of EXT_SOCKET and EXT_NSL
The configure checks are also in libreplace now.
metze
Stefan Metzmacher [Tue, 18 Mar 2008 13:55:05 +0000 (14:55 +0100)]
libreplace: for samba4 create LIBREPLACE_NETWORK as EXT_LIB
metze
Stefan Metzmacher [Tue, 18 Mar 2008 13:53:59 +0000 (14:53 +0100)]
libreplace: use LIBREPLACE_NETWORK_LIBS within some configure checks
...instead of using SOCKET_LIBS and NSL_LIBS.
metze
Stefan Metzmacher [Tue, 18 Mar 2008 13:52:36 +0000 (14:52 +0100)]
libreplace: combine SOCKET_LIBS and NSL_LIBS to LIBREPLACE_NETWORK_LIBS
But keep the old ones untill the callers are fixed.
metze
Stefan Metzmacher [Tue, 18 Mar 2008 13:31:49 +0000 (14:31 +0100)]
ldb: remove configure with 'make realdistclean'
configure.in doesn't exist at all...
metze
Stefan Metzmacher [Tue, 18 Mar 2008 13:29:43 +0000 (14:29 +0100)]
ldb: nothing uses "system/network.h" so don't include it
metze
Stefan Metzmacher [Tue, 18 Mar 2008 13:29:13 +0000 (14:29 +0100)]
ldb: fix the standalone build
metze
Stefan Metzmacher [Tue, 18 Mar 2008 14:36:03 +0000 (15:36 +0100)]
Volker Lendecke [Sat, 15 Mar 2008 20:47:22 +0000 (21:47 +0100)]
Allocate one 0-byte in asprintf replacement when len==0
Some S3 code depends on this.
(cherry picked from commit
dc3d5e16452bf30055638ba3cfe99097fb557156)
Stefan Metzmacher [Tue, 18 Mar 2008 08:36:29 +0000 (09:36 +0100)]
selftest: use a separate var for printing out sub parts of lines with \r
This restores the bahavior of the $_ variable in the code
that detects expected failures.
metze
Kai Blin [Wed, 5 Mar 2008 23:52:37 +0000 (00:52 +0100)]
idmap: Map SIDs to unixids instead of uids/gids
Kai Blin [Tue, 18 Mar 2008 09:53:25 +0000 (10:53 +0100)]
make: Fix make valgrindtest-env
Stefan Metzmacher [Mon, 17 Mar 2008 11:11:44 +0000 (12:11 +0100)]
RAW-BENCH-OPEN: avoid sync calls before the main loop
On multi cpu machines the server may reply to the
first requests while the test is still in setup mode.
Now we setup the first opens, but send them all together
when entering the main loop.
metze
Stefan Metzmacher [Mon, 17 Mar 2008 08:59:30 +0000 (09:59 +0100)]
RAW-BENCH-OPEN: fix the output and calculate the total operations
metze
Stefan Metzmacher [Mon, 17 Mar 2008 14:17:19 +0000 (15:17 +0100)]
selftest: handle progress output in verbose mode
metze
Stefan Metzmacher [Mon, 17 Mar 2008 13:08:57 +0000 (14:08 +0100)]
socket_wrapper: make pcap code more portable
Now the pcap support works on x86_64.
metze
Andrew Bartlett [Mon, 17 Mar 2008 04:22:52 +0000 (15:22 +1100)]
Don't require users of credentials.h to have krb5.h and gssapi.h
Rather than require users of Samba4's headers to have krb5-devel
installed (presumably in their system paths), don't expose the minor
functions which require this by default.
Andrew Bartlett
Stefan Metzmacher [Sat, 15 Mar 2008 11:36:20 +0000 (12:36 +0100)]
pvfs_open: set h->have_opendb_entry directly after odb_open_file()
Otherwise we may not clean up in the destructor.
metze
Stefan Metzmacher [Sat, 15 Mar 2008 11:35:04 +0000 (12:35 +0100)]
pvfs_open: the pvfs_odb_retry structs need to be children of the request
Otherwise they're not cleaned up when the request is finished.
metze
Stefan Metzmacher [Sat, 15 Mar 2008 11:22:36 +0000 (12:22 +0100)]
pvfs_unlink: disable async retries for wildcard deletes
We would setup multiple retries per client request.
metze
Stefan Metzmacher [Sat, 15 Mar 2008 11:21:06 +0000 (12:21 +0100)]
messaging: fix a valgrind warning on 64bit hosts zero out padding
metze
Andrew Bartlett [Sat, 15 Mar 2008 08:03:04 +0000 (19:03 +1100)]
Rework memberof handling in slapd.conf (used for OpenLDAP backend)
Instead of using an include file, put the generated configurationd
directly into slapd.conf.
Andrew Bartlett
Stefan Metzmacher [Fri, 14 Mar 2008 13:33:18 +0000 (14:33 +0100)]
swig: regenerate _wrap.c files
metze
Stefan Metzmacher [Fri, 14 Mar 2008 13:32:26 +0000 (14:32 +0100)]
swig: make the code more portable and use NT_STATUS_V() and W_ERROR_V()
metze
Michael Adam [Fri, 14 Mar 2008 08:39:58 +0000 (09:39 +0100)]
libreplace: fix samba4 build (by not setting global LIBS).
This corrects the earlier fix of the standalone build, by setting
LIBS to the desired value only in configure.ac but not in getifaddrs.m4.
Not that this changes the standalone build in that it adds these libs
undconditionally and not only if they are needed by the getifaddrs
replacement functions.
Michael
Michael Adam [Fri, 14 Mar 2008 07:52:16 +0000 (08:52 +0100)]
libreplace: add -I$libreplacedir to CPPFLAGS for getifaddrs tests.
This is needed, otherwise $libreplacedir/system/network.h does not
find $libreplacedir/getaddrinfo.h on some systems (solaris, e.g.).
Michael
Michael Adam [Fri, 14 Mar 2008 08:04:00 +0000 (09:04 +0100)]
heimdal_build: fix linkage of asn1_compile and compile_et.
Now inet_aton is available from libreplace.
Michael
Michael Adam [Fri, 14 Mar 2008 07:49:34 +0000 (08:49 +0100)]
libreplace: add an inet_aton() function that calls inet_pton().
inet_aton() is even needed inside libreplace, in the implementation
of rep_getaddrinfo().
Michael
Andrew Bartlett [Fri, 14 Mar 2008 01:32:07 +0000 (12:32 +1100)]
Allow more 'domain' objects when looking for a unqiue SID.
Andrew Bartlett
Andrew Bartlett [Fri, 14 Mar 2008 01:26:03 +0000 (12:26 +1100)]
Rework our SAMR test and SAMR server.
Now that we don't create users/domain groups/aliases in the builtin
domain, we hit some bugs in the server-side implementation of the
enumeration functions.
In essence, it turns out to be: don't treat 0 as a special case.
Also, fix up the PDC name to always be returned. I'm sure nothing
actually uses it, particularly for BUILTIN...
Andrew Bartlett
Andrew Bartlett [Thu, 13 Mar 2008 23:11:03 +0000 (10:11 +1100)]
Check for Administrator as a Alias (copy&paste bug)
Andrew Bartlett
Andrew Bartlett [Thu, 13 Mar 2008 22:59:24 +0000 (09:59 +1100)]
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-local
Stefan Metzmacher [Thu, 13 Mar 2008 15:26:37 +0000 (16:26 +0100)]
build: compile_et also needs inet_aton()
metze
Stefan Metzmacher [Thu, 13 Mar 2008 14:55:56 +0000 (15:55 +0100)]
build: we don't rely on bash yet:-) '==' should be just '='
metze
Michael Adam [Thu, 13 Mar 2008 13:30:23 +0000 (14:30 +0100)]
fix build of asn1_compile when there is no system inet_aton() function.
Michael
Stefan Metzmacher [Thu, 13 Mar 2008 13:27:10 +0000 (14:27 +0100)]
configure: when detecting python we should disable pyconfig.h
This fixes the detection on HP-UX where the pyconfig.h contains
bogus defines.
metze
Andrew Bartlett [Thu, 13 Mar 2008 06:26:01 +0000 (17:26 +1100)]
Rework SAMR functions to avoid gendb_search()
The gendb_*() API does not return error codes, and mixes error returns
with the count of returned entries.
Andrew Bartlett
Andrew Kroeger [Thu, 13 Mar 2008 04:21:14 +0000 (23:21 -0500)]
kdc: Provide extended error information in AS-REP error replies.
This change utilizes the addition of the e_data parameter to the windc_plugin in
the heimdal code to pass extended information back to the client. The extended
information is provided in an e-data block as part of the kerberos error
message, and allows the client to determine which specific error condition
occurred.
Andrew Kroeger [Thu, 13 Mar 2008 04:11:48 +0000 (23:11 -0500)]
heimdal: Add parameter to windc_plugin to allow extended return codes.
These changes add a krb5_data parameter named e_data to the windc_plugin to
allow the samba KDC to return extended error information in addition to the
standard KRB5KDC_ERR_* codes. Windows uses the extended information to provide
detailed information in user dialogs (e.g. account disabled, logon hours
restriction, must change password, etc.).
This particular commit modifies only heimdal code. Hopefully this can be
submitted and accepted into the upstream heimdal codebase.
Andrew Bartlett [Thu, 13 Mar 2008 05:35:53 +0000 (16:35 +1100)]
Don't use 'dn', this attribute does not exist with the LDAP backend,
or in AD.
Andrew Bartlett
Andrew Bartlett [Thu, 13 Mar 2008 05:35:11 +0000 (16:35 +1100)]
Show why a LookupName fails (help debugging)
Andrew Bartlett
Andrew Bartlett [Thu, 13 Mar 2008 03:13:31 +0000 (14:13 +1100)]
Report binding in libnet failure message.
Andrew Bartlett
Andrew Bartlett [Thu, 13 Mar 2008 03:12:50 +0000 (14:12 +1100)]
Bail out, rather than segfault on no domain sid.
Andrew Bartlett
Andrew Bartlett [Thu, 13 Mar 2008 03:12:18 +0000 (14:12 +1100)]
Correctly normalise records against OpenLDAP.
Fixing this simple typo allows more of the ldap.js test to pass.
Andrew Bartlett
Andrew Bartlett [Thu, 13 Mar 2008 03:11:06 +0000 (14:11 +1100)]
Don't search the whole tree for the domains's sid
This change removes a dependency on objectclass=domainDNS, and avoids
a subtree search when we really know exactly where this record is.
Andrew Bartlett
Andrew Bartlett [Thu, 13 Mar 2008 00:36:58 +0000 (11:36 +1100)]
Rework to have member server 'domains' be CN=NETBIOSNAME
This reworks quite a few parts of our provision system to use
CN=NETBIOSNAME as the domain for member servers.
This makes it clear that these domains are not in the DNS structure,
while complying with our own schema (found by OpenLDAP's schema
validation).
Andrew Bartlett
Andrew Bartlett [Wed, 12 Mar 2008 23:27:09 +0000 (10:27 +1100)]
Don't segfault on invalid objectClass input.
If the objectClass found does not include a defaultSecurityDescriptor,
then we should not segfault in the SDDL parser.
Andrew Bartlett
Andrew Bartlett [Wed, 12 Mar 2008 23:00:57 +0000 (10:00 +1100)]
Merge branch 'v4-0-test' of git://git.samba.org/samba into 4-0-local
Andrew Bartlett [Wed, 12 Mar 2008 22:55:06 +0000 (09:55 +1100)]
Update the provision scripts and selftest for LDAP
This should allow us to provision onto an OpenLDAP backend again.
Also ensure we always have a sysvol and netlogon share in the selftest
environment.
Andrew Bartlett
Andrew Bartlett [Wed, 12 Mar 2008 22:53:32 +0000 (09:53 +1100)]
Don't talloc_free() the UUID before we return.
This error caused us to put a 0x80 byte at the end of GUID, which was
only detected by OpenLDAP's schema checking.
Andrew Bartlett
Andrew Bartlett [Wed, 12 Mar 2008 21:08:05 +0000 (08:08 +1100)]
Upgrade provision-backend to python.
This required a large rework of the provision code, so as to move much
of the 'guess' logic into subprocedures, rather than just inline in
the provision code.
Andrew Bartlett
Stefan Metzmacher [Wed, 12 Mar 2008 13:02:11 +0000 (14:02 +0100)]
pvfs_open: retry pvfs_open() after an EGAIN or EWOULDBLOCK from open()
In case a unix application as an oplock or share mode on
a file we need to retry periodicly as there's no way
to get a notification from the kernel when the oplock
is released.
metze
Stefan Metzmacher [Mon, 10 Mar 2008 11:48:02 +0000 (12:48 +0100)]
pvfs_open: pass O_NONBLOCK to open() so that we'll not block with kernel oplocks
metze
Stefan Metzmacher [Fri, 7 Mar 2008 11:21:11 +0000 (12:21 +0100)]
opendb_tdb: use sys_lease to setup kernel oplocks
metze
Stefan Metzmacher [Fri, 7 Mar 2008 11:19:06 +0000 (12:19 +0100)]
ntvfs/sysdep: implement linux kernel oplocks based F_SETLEASE
metze
Stefan Metzmacher [Fri, 7 Mar 2008 11:19:06 +0000 (12:19 +0100)]
ntvfs/sysdep: add sys_lease abstraction to later support kernel oplocks
metze
Stefan Metzmacher [Sat, 8 Mar 2008 08:20:08 +0000 (09:20 +0100)]
pvfs_open: pass down &f->handle->fd to odb_open_file()
metze
Stefan Metzmacher [Sat, 8 Mar 2008 08:12:09 +0000 (09:12 +0100)]
opendb: pass down a pointer to the fd in odb_open_file()
This prepares kernel oplock support.
metze
Stefan Metzmacher [Wed, 12 Mar 2008 16:34:16 +0000 (17:34 +0100)]
ntvfs/cifs: fix the fnum on RAW_RENAME_NTTRANS
metze
Stefan Metzmacher [Wed, 12 Mar 2008 14:12:26 +0000 (15:12 +0100)]
pvfs_rename: implement RAW_RENAME_NTTRANS as noop as w2k3
metze
Stefan Metzmacher [Wed, 12 Mar 2008 14:10:57 +0000 (15:10 +0100)]
RAW-RENAME: w2k3 just ignores a NTTRANS-RENAME!
metze
Stefan Metzmacher [Wed, 12 Mar 2008 13:21:50 +0000 (14:21 +0100)]
RAW-STREAMS: do a exit on the session after each sub tests
metze
Stefan Metzmacher [Wed, 12 Mar 2008 13:21:21 +0000 (14:21 +0100)]
RAW-STREAMS: do what the comments say
metze