kai/samba.git
13 years agoRemove last traces of the old 'subclass' feature
Andrew Bartlett [Wed, 20 Aug 2008 03:09:40 +0000 (13:09 +1000)]
Remove last traces of the old 'subclass' feature

13 years agoAdd a torture test for the new 'netlogon' flags.
Matthias Dieter Wallnöfer [Wed, 20 Aug 2008 02:46:37 +0000 (12:46 +1000)]
Add a torture test for the new 'netlogon' flags.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
13 years agoAdd extra bits to our 'netlogon' response in CLDAP and NBT.
Matthias Dieter Wallnöfer [Wed, 20 Aug 2008 02:45:41 +0000 (12:45 +1000)]
Add extra bits to our 'netlogon' response in CLDAP and NBT.

I've studied now the netlogon attribute from the CLDAP request and
have compared them with the table presented in the WSPP docs
(http://msdn.microsoft.com/en-us/library/cc201036.aspx). The first two
bytes seem to be correct, but that the third and fourth one is
completely clear with SAMBA 4.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
13 years agoUpdate OpenLDAP MMR configuration per comments by Oliver Liebel
Andrew Bartlett [Wed, 20 Aug 2008 02:21:36 +0000 (12:21 +1000)]
Update OpenLDAP MMR configuration per comments by Oliver Liebel
<oliver@itc.li>

This changes the RIDs to be <serverID><DBID>, to ease later debugging.

The need to specify the port on the MMR URLs is now included in the
help.

Andrew Bartlett

13 years agoMerge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartlet
Andrew Bartlett [Tue, 19 Aug 2008 04:11:51 +0000 (14:11 +1000)]
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartlet

13 years agoMerge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartlet
Andrew Bartlett [Tue, 19 Aug 2008 04:10:53 +0000 (14:10 +1000)]
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartlet

13 years agoFix up new OpenLDAP MMR code.
Andrew Bartlett [Tue, 19 Aug 2008 04:10:14 +0000 (14:10 +1000)]
Fix up new OpenLDAP MMR code.

This changes the MMR password from hard-coded value of 'linux',
adds tests and fixes the Fedora DS backend.

Currently the MMR password matches the admin password, but we can
change this to be another random value if required.

Also require the port to be specified on the command line, so we don't
hard-code a port of 9000.

Andrew Bartlett

13 years agoGenerate Multi-Master Replication configuration for OpenLDAP
Oliver Liebel [Tue, 19 Aug 2008 02:03:04 +0000 (12:03 +1000)]
Generate Multi-Master Replication configuration for OpenLDAP

This patches provision-backend and the related scripts to generate the
correct configuration blobs for N-way multi-master replication using
OpenLDAP.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
13 years agoFix templates.ldb reprovision handling.
Andrew Bartlett [Tue, 19 Aug 2008 01:43:41 +0000 (11:43 +1000)]
Fix templates.ldb reprovision handling.

This sets the attributes in a seperate transaction, and allows a
forced delete of the whole file.

Andrew Bartlett

13 years agolibrpc: don't build the old mszip decompression code
Stefan Metzmacher [Mon, 18 Aug 2008 13:33:11 +0000 (15:33 +0200)]
librpc: don't build the old mszip decompression code

metze

13 years agondr_compression: use zlib's inflate() for decompression
Stefan Metzmacher [Thu, 7 Aug 2008 16:24:57 +0000 (16:24 +0000)]
ndr_compression: use zlib's inflate() for decompression

metze

13 years agozlib: mark as modified for samba
Stefan Metzmacher [Mon, 18 Aug 2008 12:26:53 +0000 (14:26 +0200)]
zlib: mark as modified for samba

metze

13 years agozlib: fix compiler warnings
Stefan Metzmacher [Fri, 15 Aug 2008 11:32:51 +0000 (13:32 +0200)]
zlib: fix compiler warnings

metze

13 years agozlib: we don't need the inflateReset2 prototype twice
Stefan Metzmacher [Mon, 18 Aug 2008 12:25:41 +0000 (14:25 +0200)]
zlib: we don't need the inflateReset2 prototype twice

metze

13 years agolibrpc/ndr: add support for XPRESS decompression
Matthieu Suiche [Thu, 10 Jul 2008 09:31:43 +0000 (09:31 +0000)]
librpc/ndr: add support for XPRESS decompression

Signed-off-by: Stefan Metzmacher <metze@samba.org>
13 years agolib/compression: Import of lzxpress decompression algorithm
Matthieu Suiche [Thu, 10 Jul 2008 09:31:43 +0000 (09:31 +0000)]
lib/compression: Import of lzxpress decompression algorithm

Signed-off-by: Stefan Metzmacher <metze@samba.org>
13 years agoNote the ldb syntax for attribute syntaxes in the table.
Andrew Bartlett [Mon, 18 Aug 2008 10:30:27 +0000 (20:30 +1000)]
Note the ldb syntax for attribute syntaxes in the table.

This includes additional Samba-specific syntaxes made available from
the ldif_handlers code.

This commit also changes some table to use #defines, to ensure
consistancy in other parts of the code.

Andrew Bartlett

13 years agoAllow attributes to be overwritten, not just added to
Andrew Bartlett [Mon, 18 Aug 2008 10:21:31 +0000 (20:21 +1000)]
Allow attributes to be overwritten, not just added to

13 years agoFix segfaults when loading the schema fails.
Andrew Bartlett [Mon, 18 Aug 2008 10:20:24 +0000 (20:20 +1000)]
Fix segfaults when loading the schema fails.

13 years agoEnsure we fail to proceed if the schema won't load.
Andrew Bartlett [Mon, 18 Aug 2008 05:12:08 +0000 (15:12 +1000)]
Ensure we fail to proceed if the schema won't load.

13 years agoRemove references to the unused @SUBCLASS feature.
Andrew Bartlett [Mon, 18 Aug 2008 02:01:27 +0000 (12:01 +1000)]
Remove references to the unused @SUBCLASS feature.

This was removed from ldb_tdb a while ago

Andrew Bartlett

13 years agoMerge the two attribute syntax tables.
Andrew Bartlett [Mon, 18 Aug 2008 00:16:45 +0000 (10:16 +1000)]
Merge the two attribute syntax tables.

This merges the table once found in the oLschema2ldif tool (and moved
many times) with the table used for DRSUAPI.

The OpenLDAP schema map has been updated, to ensure that despite a
number of attributes being declared as OIDs, they are actually used as
strings (as they are actually LDAP class/attribute names).

Andrew Bartlett

13 years agoconfigure: use AS_HELP_STRING for --with-disable-ext-lib
Michael Adam [Fri, 15 Aug 2008 22:37:26 +0000 (00:37 +0200)]
configure: use AS_HELP_STRING for --with-disable-ext-lib

Michael

13 years agoconfigure: use AS_HELP_STRING for --enable-developer
Michael Adam [Fri, 15 Aug 2008 22:35:52 +0000 (00:35 +0200)]
configure: use AS_HELP_STRING for --enable-developer

Michael

13 years agoconfigure: use AS_HELP_STRING for --enable-debug.
Michael Adam [Fri, 15 Aug 2008 22:34:43 +0000 (00:34 +0200)]
configure: use AS_HELP_STRING for --enable-debug.

Michael

13 years agoconfigure: use AS_HELP_STRING for --with-selftest-prefix.
Michael Adam [Fri, 15 Aug 2008 22:33:04 +0000 (00:33 +0200)]
configure: use AS_HELP_STRING for --with-selftest-prefix.

Michael

13 years agoconfigure: use AS_HELP_STRING for --with-logfilebase.
Michael Adam [Fri, 15 Aug 2008 22:31:23 +0000 (00:31 +0200)]
configure: use AS_HELP_STRING for --with-logfilebase.

Michael

13 years agoconfigure: use AS_HELP_STRING for --with-piddir
Michael Adam [Fri, 15 Aug 2008 22:30:02 +0000 (00:30 +0200)]
configure: use AS_HELP_STRING for --with-piddir

Michael

13 years agoconfigure: use AS_HELP_STRING for --with-lockdir.
Michael Adam [Fri, 15 Aug 2008 22:28:36 +0000 (00:28 +0200)]
configure: use AS_HELP_STRING for --with-lockdir.

Michael

13 years agoconfigure: use AS_HELP_STRING for --ntp-signd-socket-dir.
Michael Adam [Fri, 15 Aug 2008 22:27:15 +0000 (00:27 +0200)]
configure: use AS_HELP_STRING for --ntp-signd-socket-dir.

Michael

13 years agoconfigure: use AS_HELP_STRING for --with-winbindd-privileged-socket-dir.
Michael Adam [Fri, 15 Aug 2008 22:25:42 +0000 (00:25 +0200)]
configure: use AS_HELP_STRING for --with-winbindd-privileged-socket-dir.

Michael

13 years agoconfigure: use AS_HELP_STRING for --with-winbindd-socket-dir .
Michael Adam [Fri, 15 Aug 2008 22:25:09 +0000 (00:25 +0200)]
configure: use AS_HELP_STRING for --with-winbindd-socket-dir .

Michael

13 years agoconfigure: use AS_HELP_STRING for --with-privatedir
Michael Adam [Fri, 15 Aug 2008 22:13:34 +0000 (00:13 +0200)]
configure: use AS_HELP_STRING for --with-privatedir

Michael

13 years agoconfigure: format help string for --with-fhs with AS_HELP_STRING().
Michael Adam [Fri, 15 Aug 2008 22:07:54 +0000 (00:07 +0200)]
configure: format help string for --with-fhs with AS_HELP_STRING().

Michael

13 years agoconfigure: remove duplicate definition of --with-winbindd-socket-dir.
Michael Adam [Fri, 15 Aug 2008 22:23:47 +0000 (00:23 +0200)]
configure: remove duplicate definition of --with-winbindd-socket-dir.

I think this should have gone with fa361354433fb9a5c09c84997a7c51f3052c294e.

Michael

13 years agoFix the build, after the ad2oLschema changes.
Andrew Bartlett [Fri, 15 Aug 2008 11:20:05 +0000 (21:20 +1000)]
Fix the build, after the ad2oLschema changes.

13 years agoMerge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartlet
Andrew Bartlett [Fri, 15 Aug 2008 11:16:40 +0000 (21:16 +1000)]
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartlet

13 years agoMerge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartlet
Andrew Bartlett [Fri, 15 Aug 2008 10:41:50 +0000 (20:41 +1000)]
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartlet

13 years agoGenerate the subSchema in cn=Aggregate
Andrew Bartlett [Fri, 15 Aug 2008 10:40:57 +0000 (20:40 +1000)]
Generate the subSchema in cn=Aggregate

This reads the schema from the in-memory structure, when the magic
attributes are requested.  The code is a modified version of that used
in the ad2oLschema tool (now shared).

The schema_fsmo module handles the insertion of the generated result.

As such, this commit also removes these entries from the setup/schema.ldif

Metze's previous stub of this functionality is also removed.

Andrew Bartlett

13 years agoRework generation of the objectClass and attributeType lines.
Andrew Bartlett [Fri, 15 Aug 2008 03:18:48 +0000 (13:18 +1000)]
Rework generation of the objectClass and attributeType lines.

Now that these are subroutines, we can factor them out into a file the
CN=Aggregate schema code can also use.

Andrew Bartlett

13 years agoParamaterise the seperator in ad2OLschema
Andrew Bartlett [Fri, 15 Aug 2008 02:08:10 +0000 (12:08 +1000)]
Paramaterise the seperator in ad2OLschema

This will allow me to add a new mode, with the CN=Aggregate schema
format automatically generated.

Andrew Bartlett

13 years agoDon't segfault in RPC-ATSVC.
Andrew Bartlett [Thu, 14 Aug 2008 23:46:51 +0000 (09:46 +1000)]
Don't segfault in RPC-ATSVC.

13 years agoRAW-OPEN: be more strict in create_option checking
Stefan Metzmacher [Thu, 14 Aug 2008 13:14:53 +0000 (15:14 +0200)]
RAW-OPEN: be more strict in create_option checking

metze

13 years agoRevert "krb5: always generate the acceptor subkey as the same enctype as the used...
Stefan Metzmacher [Wed, 13 Aug 2008 05:22:36 +0000 (07:22 +0200)]
Revert "krb5: always generate the acceptor subkey as the same enctype as the used service key"

This reverts commit dbb94133e0313cae933d261af0bf1210807a6d11.

As we fixed gensec_gssapi to only return a session key when it's
have the correct session key, this hack isn't needed anymore.

metze

13 years agogsskrb5: always return an acceptor subkey
Stefan Metzmacher [Wed, 13 Aug 2008 07:52:20 +0000 (09:52 +0200)]
gsskrb5: always return an acceptor subkey

For non cfx keys it's the same as the intiator subkey.
This matches windows behavior.

metze

13 years agogensec_gssapi: only cache the session key in STAGE_DONE
Stefan Metzmacher [Wed, 13 Aug 2008 05:18:35 +0000 (07:18 +0200)]
gensec_gssapi: only cache the session key in STAGE_DONE

The key may change because we switch from initiator to acceptor
subkey.

metze

13 years agoSMB2-CREATE: add a special test for FILE_ATTRIBUTE_ENCRYPTED
Stefan Metzmacher [Thu, 14 Aug 2008 11:12:07 +0000 (13:12 +0200)]
SMB2-CREATE: add a special test for FILE_ATTRIBUTE_ENCRYPTED

Some standalone server (and samba4) doesn't support this.

metze

13 years agoSMB2-CREATE: be more strict in checking file attributes
Stefan Metzmacher [Thu, 14 Aug 2008 07:54:51 +0000 (09:54 +0200)]
SMB2-CREATE: be more strict in checking file attributes

metze

13 years agoSMB2-CREATE: be more strict in error checking
Stefan Metzmacher [Thu, 14 Aug 2008 07:54:22 +0000 (09:54 +0200)]
SMB2-CREATE: be more strict in error checking

metze

13 years agontvfs_generic: fix handling of create_options for SMB2
Stefan Metzmacher [Thu, 14 Aug 2008 07:52:45 +0000 (09:52 +0200)]
ntvfs_generic: fix handling of create_options for SMB2

metze

13 years agolibcli/smb2: add SMB2_CREATE_OPTIONS_NOT_SUPPORTED_MASK
Stefan Metzmacher [Thu, 14 Aug 2008 10:48:37 +0000 (12:48 +0200)]
libcli/smb2: add SMB2_CREATE_OPTIONS_NOT_SUPPORTED_MASK

SMB2 returns NOT_SUPPORTED to some more NTCREATE_OPTIONS.

metze

13 years agopvfs: fix handling of create_option flags
Stefan Metzmacher [Thu, 14 Aug 2008 10:37:31 +0000 (12:37 +0200)]
pvfs: fix handling of create_option flags

metze

13 years agolibcli/raw: fix the special NTCREATE_OPTIONS_*_MASK values
Stefan Metzmacher [Thu, 14 Aug 2008 10:44:25 +0000 (12:44 +0200)]
libcli/raw: fix the special NTCREATE_OPTIONS_*_MASK values

We now reuse ignored values for the ntvfs backend private flags.

metze

13 years agosmb2srv: async replies with STATUS_PENDING are not signed
Stefan Metzmacher [Wed, 13 Aug 2008 07:48:44 +0000 (09:48 +0200)]
smb2srv: async replies with STATUS_PENDING are not signed

..., but the they may have the sign flag set.

metze

13 years agosmb2srv: sign replies when the request was also signed
Stefan Metzmacher [Wed, 13 Aug 2008 13:20:18 +0000 (15:20 +0200)]
smb2srv: sign replies when the request was also signed

metze

13 years agosmb2srv: use defines instead of hex values
Stefan Metzmacher [Wed, 13 Aug 2008 07:45:44 +0000 (09:45 +0200)]
smb2srv: use defines instead of hex values

metze

13 years agolibcli/smb2: use smb2 signing in auto mode if the server supports it
Stefan Metzmacher [Wed, 13 Aug 2008 13:19:01 +0000 (15:19 +0200)]
libcli/smb2: use smb2 signing in auto mode if the server supports it

metze

13 years agolibcli/smb2: we don't need check the same thing twice...
Stefan Metzmacher [Wed, 13 Aug 2008 07:44:06 +0000 (09:44 +0200)]
libcli/smb2: we don't need check the same thing twice...

metze

13 years agolibcli/smb2: async replies with STATUS_PENDING are not signed
Stefan Metzmacher [Wed, 13 Aug 2008 07:42:27 +0000 (09:42 +0200)]
libcli/smb2: async replies with STATUS_PENDING are not signed

metze

13 years agopidl: fix samba4.pidl.samba3-cli test
Stefan Metzmacher [Wed, 13 Aug 2008 14:58:12 +0000 (16:58 +0200)]
pidl: fix samba4.pidl.samba3-cli test

metze

13 years agoNBT-WINSREPLICATION: be more robust to timing errors
Stefan Metzmacher [Wed, 13 Aug 2008 14:53:13 +0000 (16:53 +0200)]
NBT-WINSREPLICATION: be more robust to timing errors

Also reenable disabled tests.

metze

13 years agoexpanded the SMB2-CREATE and RAW-OPEN tests to explore more of how the
Andrew Tridgell [Thu, 14 Aug 2008 07:26:30 +0000 (17:26 +1000)]
expanded the SMB2-CREATE and RAW-OPEN tests to explore more of how the
create options fields are supposed to work

13 years agocope with arbitrary unknown pac buffer types, so when MS adds
Andrew Tridgell [Thu, 14 Aug 2008 05:27:48 +0000 (15:27 +1000)]
cope with arbitrary unknown pac buffer types, so when MS adds
a new one we don't break our server

13 years agocope with not knowing the kdc key
Andrew Tridgell [Thu, 14 Aug 2008 05:27:22 +0000 (15:27 +1000)]
cope with not knowing the kdc key

13 years agoMerge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartlet
Andrew Bartlett [Tue, 12 Aug 2008 23:47:18 +0000 (09:47 +1000)]
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartlet

13 years agogensec_gssapi: add support for GENSEC_FEATURE_NEW_SPNEGO
Stefan Metzmacher [Tue, 12 Aug 2008 13:02:02 +0000 (15:02 +0200)]
gensec_gssapi: add support for GENSEC_FEATURE_NEW_SPNEGO

metze

13 years agogensec_gssapi: fix compiler warnings
Stefan Metzmacher [Tue, 12 Aug 2008 12:57:14 +0000 (14:57 +0200)]
gensec_gssapi: fix compiler warnings

metze

13 years agogensec_gssapi: add a function to load the lucid structure once
Stefan Metzmacher [Tue, 12 Aug 2008 12:56:36 +0000 (14:56 +0200)]
gensec_gssapi: add a function to load the lucid structure once

metze

13 years agogensec: add support for new style spnego and correctly handle mechListMIC
Stefan Metzmacher [Tue, 12 Aug 2008 12:26:21 +0000 (14:26 +0200)]
gensec: add support for new style spnego and correctly handle mechListMIC

metze

13 years agoMerge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartlet
Andrew Bartlett [Tue, 12 Aug 2008 07:46:48 +0000 (17:46 +1000)]
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartlet

13 years agodcerpc.idl: remove used DCERPC_MAX_SIGN_SIZE
Stefan Metzmacher [Mon, 11 Aug 2008 16:14:51 +0000 (18:14 +0200)]
dcerpc.idl: remove used DCERPC_MAX_SIGN_SIZE

metze

13 years agorpc_server: correct the chunk_size depending on the signature size
Stefan Metzmacher [Mon, 11 Aug 2008 16:12:54 +0000 (18:12 +0200)]
rpc_server: correct the chunk_size depending on the signature size

metze

13 years agolibrpc/rpc: correct the chunk_size depending on the signature size
Stefan Metzmacher [Mon, 11 Aug 2008 16:00:11 +0000 (18:00 +0200)]
librpc/rpc: correct the chunk_size depending on the signature size

metze

13 years agodcerpc.idl: add DCERPC_AUTH_TRAILER_LENGTH
Stefan Metzmacher [Mon, 11 Aug 2008 15:59:38 +0000 (17:59 +0200)]
dcerpc.idl: add DCERPC_AUTH_TRAILER_LENGTH

metze

13 years agoOnly allow trust accounts access to the NTP signing service.
Andrew Bartlett [Mon, 11 Aug 2008 01:45:45 +0000 (11:45 +1000)]
Only allow trust accounts access to the NTP signing service.

13 years agogensec_gssapi: use the correct signature size for cfx/rfc4121 style signatures
Stefan Metzmacher [Fri, 8 Aug 2008 10:39:11 +0000 (12:39 +0200)]
gensec_gssapi: use the correct signature size for cfx/rfc4121 style signatures

metze

13 years agogsskrb5: try to be compatible with windows for gss_wrap* and cfx
Stefan Metzmacher [Fri, 8 Aug 2008 13:01:15 +0000 (15:01 +0200)]
gsskrb5: try to be compatible with windows for gss_wrap* and cfx

The good thing is that windows and heimdal both use EC=0
in the non DCE_STYLE case, so we need the windows compat hack
only in DCE_STYLE mode.

metze

13 years agogensec_gssapi: use gsskrb5_get_subkey() to get the session key
Stefan Metzmacher [Fri, 8 Aug 2008 13:27:40 +0000 (15:27 +0200)]
gensec_gssapi: use gsskrb5_get_subkey() to get the session key

This is needed to get the correct key, when aes keys are used.

metze

13 years agokrb5: always generate the acceptor subkey as the same enctype as the used service key
Stefan Metzmacher [Fri, 8 Aug 2008 13:22:39 +0000 (15:22 +0200)]
krb5: always generate the acceptor subkey as the same enctype as the used service key

With this patch samba4 can use gsskrb5_get_subkey() to get the session key.

metze

13 years agogsskrb5: add support for DCE_STYLE and des and des3 keys
Stefan Metzmacher [Fri, 25 Jul 2008 11:11:46 +0000 (13:11 +0200)]
gsskrb5: add support for DCE_STYLE and des and des3 keys

Only the des keys are tested as windows doesn't support des3

metze

13 years agoAlways set a session key, even for the 'no password' case.
Andrew Bartlett [Fri, 8 Aug 2008 04:05:16 +0000 (14:05 +1000)]
Always set a session key, even for the 'no password' case.

This is for bug 5664 reported by Tom <hto@arcor.de>.

Andrew Bartlett

13 years agoClarify comment
Andrew Bartlett [Fri, 8 Aug 2008 04:04:08 +0000 (14:04 +1000)]
Clarify comment

13 years agoWe can't use ndr_pull_struct_blob_all in combinatin with relative pointers
Andrew Bartlett [Fri, 8 Aug 2008 00:32:21 +0000 (10:32 +1000)]
We can't use ndr_pull_struct_blob_all in combinatin with relative pointers

13 years agolib: prepare the build of zlib
Stefan Metzmacher [Tue, 29 Jul 2008 20:06:18 +0000 (20:06 +0000)]
lib: prepare the build of zlib

metze

13 years agozlib: add inflateReset2()...
Stefan Metzmacher [Thu, 7 Aug 2008 16:20:11 +0000 (16:20 +0000)]
zlib: add inflateReset2()...

metze

13 years agoimport of zlib-1.2.3
Stefan Metzmacher [Tue, 29 Jul 2008 20:01:23 +0000 (20:01 +0000)]
import of zlib-1.2.3

We want to use zlib for the mszip ndr (de)compression
later, we'll need to add some new functions to zlib.

metze

13 years agodrsuapi: fix callers after idl change
Stefan Metzmacher [Thu, 7 Aug 2008 17:15:30 +0000 (19:15 +0200)]
drsuapi: fix callers after idl change

metze

13 years agodrsuapi.idl: directly use mszip in level 2
Stefan Metzmacher [Thu, 7 Aug 2008 16:15:26 +0000 (16:15 +0000)]
drsuapi.idl: directly use mszip in level 2

This fixes the push because the switch_level doesn't work
otherwise because the pointer is the same as for
the outer switch_level.

metze

13 years agorpc_server: add support for DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN
Stefan Metzmacher [Wed, 6 Aug 2008 20:28:04 +0000 (22:28 +0200)]
rpc_server: add support for DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN

you need "dcesrv:header signing=yes" to enable it.

metze

13 years agolibrpc/rpc: add support DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN
Stefan Metzmacher [Wed, 6 Aug 2008 19:35:07 +0000 (21:35 +0200)]
librpc/rpc: add support DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN

You can trigger it like this:

ncacn_ip_tcp:172.31.9.234[sign,hdrsign]

or

ncacn_ip_tcp:172.31.9.234[seal,hdrsign]

metze

13 years agolibrpc/rpc: pass struct dcerpc_pipe to dcerpc_auth3()
Stefan Metzmacher [Wed, 6 Aug 2008 19:34:00 +0000 (21:34 +0200)]
librpc/rpc: pass struct dcerpc_pipe to dcerpc_auth3()

metze

13 years agogensec_gssapi: add support for GENSEC_FEATURE_SIGN_PKT_HEADER
Stefan Metzmacher [Wed, 6 Aug 2008 19:30:17 +0000 (21:30 +0200)]
gensec_gssapi: add support for GENSEC_FEATURE_SIGN_PKT_HEADER

This only works for sign/verify_packet() yet,
seal/unseal_packet() doesn't work yet...

metze

13 years agogensec: add GENSEC_FEATURE_SIGN_PKT_HEADER flag
Stefan Metzmacher [Wed, 6 Aug 2008 19:26:20 +0000 (21:26 +0200)]
gensec: add GENSEC_FEATURE_SIGN_PKT_HEADER flag

metze

13 years agoMerge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into manpage
Jelmer Vernooij [Fri, 1 Aug 2008 19:36:49 +0000 (21:36 +0200)]
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into manpage

13 years agoAdd helper object Hostconfig to make it easier to get to e.g. the
Jelmer Vernooij [Fri, 1 Aug 2008 19:12:37 +0000 (21:12 +0200)]
Add helper object Hostconfig to make it easier to get to e.g. the
SAM database.

13 years agoheimdal: add experimental --enable-external-heimdal
Stefan Metzmacher [Fri, 1 Aug 2008 16:15:11 +0000 (18:15 +0200)]
heimdal: add experimental --enable-external-heimdal

This should only be used for testing and when you're
absolutly sure the installed heimdal libraries
support the features we need.

(E.g. heimdal-1.2 or lower should NOT work)

metze

13 years agolibreplace: include <krb5.h> and <com_err.h> and no heimdal specific headers
Stefan Metzmacher [Fri, 1 Aug 2008 17:30:16 +0000 (19:30 +0200)]
libreplace: include <krb5.h> and <com_err.h> and no heimdal specific headers

metze

13 years agoauth/kerberos: remove dependencies to internal heimdal
Stefan Metzmacher [Fri, 1 Aug 2008 17:29:08 +0000 (19:29 +0200)]
auth/kerberos: remove dependencies to internal heimdal

metze

13 years agoheimdal_build/internal: add some useful defines
Stefan Metzmacher [Fri, 1 Aug 2008 17:24:09 +0000 (19:24 +0200)]
heimdal_build/internal: add some useful defines

metze

13 years agoheimdal: fix dependency
Stefan Metzmacher [Fri, 1 Aug 2008 18:27:38 +0000 (20:27 +0200)]
heimdal: fix dependency

metze