13 years agor7763: fixed some circular dependencies
Andrew Tridgell [Sun, 19 Jun 2005 22:29:40 +0000 (22:29 +0000)]
r7763: fixed some circular dependencies
(This used to be commit 3bdf89b0f7521ca39d48dc4c32fe96971d4d60fd)

13 years agor7762: Clean up make help files.
Jelmer Vernooij [Sun, 19 Jun 2005 22:25:38 +0000 (22:25 +0000)]
r7762: Clean up make help files.
(This used to be commit fa1ab1982cb2ea49fc35d75fb32192fc1bea23cd)

13 years agor7761: Don't let phony targets cause a rebuild of the binaries. Thanks
Jelmer Vernooij [Sun, 19 Jun 2005 22:23:12 +0000 (22:23 +0000)]
r7761: Don't let phony targets cause a rebuild of the binaries. Thanks
to tridge for the idea on how to do this.
(This used to be commit fc099f24790367ea5b1e5e91085c9ddb8deb6dad)

13 years agor7760: make client tools get the right config file in 'make test'
Andrew Tridgell [Sun, 19 Jun 2005 21:43:34 +0000 (21:43 +0000)]
r7760: make client tools get the right config file in 'make test'
(This used to be commit 13fc167211272f5dba3540202f5842573178b740)

13 years agor7759: allow ldb_errstring() to be used when not connected
Andrew Tridgell [Sun, 19 Jun 2005 13:29:07 +0000 (13:29 +0000)]
r7759: allow ldb_errstring() to be used when not connected
(This used to be commit 818ae965afad37216d804aa630359d875794612e)

13 years agor7758: When not running on the build farm, print out the failed command line again.
Andrew Bartlett [Sun, 19 Jun 2005 13:27:22 +0000 (13:27 +0000)]
r7758: When not running on the build farm, print out the failed command line again.

Add NTLMv2 varients to the echo and session key tests.

Andrew Bartlett
(This used to be commit 544a38824e2b10c65e6f7ef0b373aa8575fa2cb1)

13 years agor7757: Add NTLMv2 support to the NT1 Session setup (ie, not SPNEGO/NTLMSSP)
Andrew Bartlett [Sun, 19 Jun 2005 13:26:32 +0000 (13:26 +0000)]
r7757: Add NTLMv2 support to the NT1 Session setup (ie, not SPNEGO/NTLMSSP)
Session Setup code.

Add a mem_ctx argument to a few of the NTLMv2 support functions, and
add smb.conf options to control client NTLMv2 behaviour.

Andrew Bartlett
(This used to be commit 3f35cdb218a3dae08a05e77452ca9f73716ceb28)

13 years agor7756: Don't segfault by trying to search for the NULL DN, if the wrong
Andrew Bartlett [Sun, 19 Jun 2005 12:55:46 +0000 (12:55 +0000)]
r7756: Don't segfault by trying to search for the NULL DN, if the wrong
password was entered.  We would not use the results of the search in
any case.

Andrew Bartlett
(This used to be commit edeb908acaaaaab13bef4d2e3fae18d87c07af81)

13 years agor7755: fixed an uninitialised event_ctx found by abartlet
Andrew Tridgell [Sun, 19 Jun 2005 12:49:51 +0000 (12:49 +0000)]
r7755: fixed an uninitialised event_ctx found by abartlet
(This used to be commit 1462da3b6d190eecfb82268e6f2f04a42d8d5298)

13 years agor7754: fixed the local port of accepted sockets in socket_wrapper. This fixes
Andrew Tridgell [Sun, 19 Jun 2005 12:34:59 +0000 (12:34 +0000)]
r7754: fixed the local port of accepted sockets in socket_wrapper. This fixes
the problem with the ldap tests in 'make test'
(This used to be commit 56fe27623ce31015a5a14f176f1445f51d57b0b8)

13 years agor7753: removed debugging code :-)
Andrew Tridgell [Sun, 19 Jun 2005 12:06:27 +0000 (12:06 +0000)]
r7753: removed debugging code :-)
(This used to be commit 51ea22db2df3a002de3779302cd455bfb2e3fec2)

13 years agor7751: only enable tls on the ldaps port in ldap server, and reject non-tls
Andrew Tridgell [Sun, 19 Jun 2005 11:10:15 +0000 (11:10 +0000)]
r7751: only enable tls on the ldaps port in ldap server, and reject non-tls
connections on that port
(This used to be commit 30da6a1cc41308a16a486111887f45bcf598f064)

13 years agor7750: handle STATUS_MORE_ENTRIES on send in tls
Andrew Tridgell [Sun, 19 Jun 2005 11:00:13 +0000 (11:00 +0000)]
r7750: handle STATUS_MORE_ENTRIES on send in tls
(This used to be commit 135c3367ff737246ea40030d3c852769666ff522)

13 years agor7749: some bug fixes from testing with socket:testnonblock
Andrew Tridgell [Sun, 19 Jun 2005 10:37:45 +0000 (10:37 +0000)]
r7749: some bug fixes from testing with socket:testnonblock

- fixed some infinite loops in asn1.c

- ensure asn1 callers know if an error is end of buffer or bad data

- handle npending 0 in ldap server
(This used to be commit f22c3b84c8912ccd36e676a782b58f1841be8875)

13 years agor7748: Use state structure in connection with io to get returned address.
Rafal Szczesniak [Sun, 19 Jun 2005 09:35:02 +0000 (09:35 +0000)]
r7748: Use state structure in connection with io to get returned address.

(This used to be commit 345a71a08e74ddf959680615d51488f8e989cba1)

13 years agor7747: - simplified the ldap server buffer handling
Andrew Tridgell [Sun, 19 Jun 2005 09:31:34 +0000 (09:31 +0000)]
r7747: - simplified the ldap server buffer handling

- got rid of the special cases for sasl buffers

- added a tls_socket_pending() call to determine how much data is waiting on a tls connection

- removed the attempt at async handling of ldap calls. The buffers/sockets are all async, but the calls themselves
  are sync.
(This used to be commit 73cb4aad229d08e17e22d5792580bd43a61b142a)

13 years agor7746: - added TLS support to our ldap server
Andrew Tridgell [Sun, 19 Jun 2005 07:21:18 +0000 (07:21 +0000)]
r7746: - added TLS support to our ldap server

- this involved changing the buffer handling in the ldap server quite a
  lot, as it didn't handle partial packets at all

- removed completely bogus asn1_object_length() function. You can't
  do that with BER/DER
(This used to be commit fed6f4cc6ceaf83aacb581499aeaf6af4ee8ddd2)

13 years agor7745: better handling of recv errors in tls library
Andrew Tridgell [Sun, 19 Jun 2005 07:19:42 +0000 (07:19 +0000)]
r7745: better handling of recv errors in tls library
(This used to be commit 42d8a1a222430bd64962da7cc4ac0193b5c003f7)

13 years agor7744: converted the web server to use the lib/tls/ generic tls code
Andrew Tridgell [Sun, 19 Jun 2005 04:21:45 +0000 (04:21 +0000)]
r7744: converted the web server to use the lib/tls/ generic tls code
(This used to be commit 023fc567badba38b87895ea73515b2ce0b703a8c)

13 years agor7743: be consistent in how stdin is supported for ldbadd and ldbmodify
Andrew Tridgell [Sun, 19 Jun 2005 04:20:54 +0000 (04:20 +0000)]
r7743: be consistent in how stdin is supported for ldbadd and ldbmodify
(This used to be commit 3d60b3a8eea5ac6c35cf2e579ae12cef3dc1794e)

13 years agor7742: abstracted out the tls code from the web server, so that our other servers
Andrew Tridgell [Sun, 19 Jun 2005 04:20:27 +0000 (04:20 +0000)]
r7742: abstracted out the tls code from the web server, so that our other servers
can easily become tls enabled. This will be used to add support for ldaps
(This used to be commit 950500f603725349d2a0e22878e83dd1b5975f9f)

13 years agor7741: fixed the verbose option in ldbedit
Andrew Tridgell [Sun, 19 Jun 2005 01:32:47 +0000 (01:32 +0000)]
r7741: fixed the verbose option in ldbedit
(This used to be commit a440133140a6adb5ea62d37690b9c4ae74dc6be0)

13 years agor7740: get rid of our duplicate base64 routines
Andrew Tridgell [Sun, 19 Jun 2005 01:31:27 +0000 (01:31 +0000)]
r7740: get rid of our duplicate base64 routines
(This used to be commit cf17f90a83cf04815544c5408eb56d00546b3e88)

13 years agor7739: fixed an off by one bug in the base64 decoder for ldb ldif
Andrew Tridgell [Sun, 19 Jun 2005 01:17:29 +0000 (01:17 +0000)]
r7739: fixed an off by one bug in the base64 decoder for ldb ldif
(This used to be commit fe2b77af2352f1964402a4286105916e990dc36f)

13 years agor7738: It's actually an API function test.
Rafal Szczesniak [Sat, 18 Jun 2005 23:18:31 +0000 (23:18 +0000)]
r7738: It's actually an API function test.

(This used to be commit ec29a1ffa7aec6f1822a92a8c62f5a0de51ec2ae)

13 years agor7737: Test for libnet_Lookup function.
Rafal Szczesniak [Sat, 18 Jun 2005 22:37:11 +0000 (22:37 +0000)]
r7737: Test for libnet_Lookup function.

(This used to be commit 4655881fac37dbf26a5d60385e5f0a70b8c1c775)

13 years agor7736: Propagate change in resolve_name function. Let's use default methods
Rafal Szczesniak [Sat, 18 Jun 2005 22:33:07 +0000 (22:33 +0000)]
r7736: Propagate change in resolve_name function. Let's use default methods
in this case.

(This used to be commit b0bae584a4936845732d68aa7d2ccce4411dd1d7)

13 years agor7735: Extend resolve_name function so that it's possible to pass resolve
Rafal Szczesniak [Sat, 18 Jun 2005 22:32:14 +0000 (22:32 +0000)]
r7735: Extend resolve_name function so that it's possible to pass resolve
methods explicitly or NULL for defaults saved in smb.conf.

(This used to be commit 121cf5ec3e075a6e37df52caad9fbc8bf7d59339)

13 years agor7734: A few missing pieces...
Rafal Szczesniak [Sat, 18 Jun 2005 22:29:41 +0000 (22:29 +0000)]
r7734: A few missing pieces...

(This used to be commit 15e2a67fe08daa722c55cd3afd46e838eb653e22)

13 years agor7733: New io structure for name lookup function.
Rafal Szczesniak [Sat, 18 Jun 2005 22:12:20 +0000 (22:12 +0000)]
r7733: New io structure for name lookup function.

(This used to be commit 12b468417da04a2b7ddcacdf224ed7d055f0d3d9)

13 years agor7732: Implementation of very basic lookup function (to be used in more
Rafal Szczesniak [Sat, 18 Jun 2005 22:10:32 +0000 (22:10 +0000)]
r7732: Implementation of very basic lookup function (to be used in more
specific routines like resolving a pdc).
Also, couple of formatting fixes.

(This used to be commit b9deaa995da3a732514d5ceab0010adb58be5fe0)

13 years agor7731: change debug level to not spam the build-farm smbd log
Stefan Metzmacher [Sat, 18 Jun 2005 20:32:21 +0000 (20:32 +0000)]
r7731: change debug level to not spam the build-farm smbd log

(This used to be commit 3a1ed83fd0714fa46055c8fe5b039986909f9a45)

13 years agor7729: Small fixes to the charset stuff.
Jelmer Vernooij [Sat, 18 Jun 2005 16:31:48 +0000 (16:31 +0000)]
r7729: Small fixes to the charset stuff.
(This used to be commit 5122b9f608399a6c90521e2f8bd96154755fe397)

13 years agor7728: handle 64 bit integers in INTEGER match
Andrew Tridgell [Sat, 18 Jun 2005 13:39:51 +0000 (13:39 +0000)]
r7728: handle 64 bit integers in INTEGER match
(This used to be commit 57132344b4e39a670e683b3db00665e5f7a899fd)

13 years agor7727: we need to mark some attributes as INTEGER, so that the standard searches
Andrew Tridgell [Sat, 18 Jun 2005 13:37:44 +0000 (13:37 +0000)]
r7727: we need to mark some attributes as INTEGER, so that the standard searches
that w2k does work. For example, w2k asks for sAMAccountType=805306369 which
will only match if we know its an integer
(This used to be commit 941509ee58253b671bb74b2d8d8667cc6a1a4328)

13 years agor7726: - removed some unused variables
Andrew Tridgell [Sat, 18 Jun 2005 13:18:43 +0000 (13:18 +0000)]
r7726: - removed some unused variables

- handle ldb_errstring() calls on failed connect
(This used to be commit 8698a20fcc6a04ccbe533afd742e7a5df94423ee)

13 years agor7725: fixed a bug with partial asn1 frames in the ldap client
Andrew Tridgell [Sat, 18 Jun 2005 13:15:09 +0000 (13:15 +0000)]
r7725: fixed a bug with partial asn1 frames in the ldap client
(This used to be commit 0f22306a9c61c1b00aeb0f3bf7e875d9b7b4606d)

13 years agor7724: added encoding of LDB_OP_NOT search components
Andrew Tridgell [Sat, 18 Jun 2005 12:48:42 +0000 (12:48 +0000)]
r7724: added encoding of LDB_OP_NOT search components
(This used to be commit 82b1feeafea57ca1b8d7bf79f777eebcc703769c)

13 years agor7723: - fix a mismatched asn1 push/pop on bind
Andrew Tridgell [Sat, 18 Jun 2005 12:45:28 +0000 (12:45 +0000)]
r7723: - fix a mismatched asn1 push/pop on bind

- add error checking to ldap_encode()

- fixed the asn1 codes for extended search

- use asn1 context macros
(This used to be commit 25d500b6e559b9a530ae65a21046cfde0f8c41af)

13 years agor7722: when we get a zero read, the connection is dead
Andrew Tridgell [Sat, 18 Jun 2005 12:44:36 +0000 (12:44 +0000)]
r7722: when we get a zero read, the connection is dead
(This used to be commit 060323530454edf21b217550b373513e5860146c)

13 years agor7721: solve a problem with null arguments to testit()
Andrew Tridgell [Sat, 18 Jun 2005 11:10:54 +0000 (11:10 +0000)]
r7721: solve a problem with null arguments to testit()
(This used to be commit 73a21737cea295c09255997e5830c68ad390a4de)

13 years agor7720: - simplify the asn1 decode of ldap_search() a lot, taking advantage of
Andrew Tridgell [Sat, 18 Jun 2005 10:38:06 +0000 (10:38 +0000)]
r7720: - simplify the asn1 decode of ldap_search() a lot, taking advantage of
  the fact that the ldap data structures now use ldb_message_element.

- fixed null termination of elements in ildap
(This used to be commit 09060994c1ed12073ae6e1131d7074db8fdc523c)

13 years agor7719: make the ildap ldb backend use the defaultNamingContext if the basedn
Andrew Tridgell [Sat, 18 Jun 2005 09:48:17 +0000 (09:48 +0000)]
r7719: make the ildap ldb backend use the defaultNamingContext if the basedn
is not specified, so:

  ldbsearch ldap://hostname '(objectclass=user)'

works without knowing the domain name
(This used to be commit f6c2c5190737ca11f55a147f5295ccca505fb58b)

13 years agor7717: fixed some typos
Andrew Tridgell [Sat, 18 Jun 2005 09:09:27 +0000 (09:09 +0000)]
r7717: fixed some typos
(This used to be commit fc8feee56034fe165359c804d111f80e5b3ebb65)

13 years agor7716: a single wrapped ldap blob can contain multiple ldap messages
Andrew Tridgell [Sat, 18 Jun 2005 09:08:08 +0000 (09:08 +0000)]
r7716: a single wrapped ldap blob can contain multiple ldap messages
(This used to be commit de5f265b6c586335965a6de844c203206261cc3b)

13 years agor7715: ensure we don't print null strings in ldap_errstr()
Andrew Tridgell [Sat, 18 Jun 2005 09:01:51 +0000 (09:01 +0000)]
r7715: ensure we don't print null strings in ldap_errstr()
(This used to be commit dc419fc89973c2d7fa333df389b75cb218e8a848)

13 years agor7714: enable samba credentials handling in ldb tools. So you can now do a
Andrew Tridgell [Sat, 18 Jun 2005 09:01:09 +0000 (09:01 +0000)]
r7714: enable samba credentials handling in ldb tools. So you can now do a
encrypted ldbedit against w2k3
(This used to be commit 6277c3923e7d9c26753424b1e77ac62f8e0729a4)

13 years agor7713: fixed error display in ildap_search()
Andrew Tridgell [Sat, 18 Jun 2005 07:54:14 +0000 (07:54 +0000)]
r7713: fixed error display in ildap_search()
(This used to be commit abc9f4bd89d0eda655f7de01db49cbbb64682bf4)

13 years agor7712: ldb/common/util.c is gone
Andrew Tridgell [Sat, 18 Jun 2005 07:48:59 +0000 (07:48 +0000)]
r7712: ldb/common/util.c is gone
(This used to be commit aec0544962483b3cd8507b2de6d1552691e72932)

13 years agor7711: update callers of ldb_connect() for new syntax
Andrew Tridgell [Sat, 18 Jun 2005 07:44:36 +0000 (07:44 +0000)]
r7711: update callers of ldb_connect() for new syntax
(This used to be commit f852661463624714ad8e7adc0547b2f07b8f9f6d)

13 years agor7710: new command line handling code for ldb
Andrew Tridgell [Sat, 18 Jun 2005 07:43:52 +0000 (07:43 +0000)]
r7710: new command line handling code for ldb
(This used to be commit 5e8db1c9b3bb6c5196652a7af877b4204148c305)

13 years agor7709: - convert ldb to use popt, so that it can interact with the samba
Andrew Tridgell [Sat, 18 Jun 2005 07:42:21 +0000 (07:42 +0000)]
r7709: - convert ldb to use popt, so that it can interact with the samba
  cmdline credentials code (which will be done soon)

- added a ldb_init() call, and changed ldb_connect() to take a ldb
  context. This allows for much better error handling in
  ldb_connect(), and also made the popt conversion easier

- fixed up all the existing backends with the new syntax

- improved error handling in *_connect()

- fixed a crash bug in the new case_fold_required() code

- ensured that ltdb_rename() and all ltdb_search() paths get the read lock

- added a ldb_oom() macro to make it easier to report out of memory
  situations in ldb code
(This used to be commit f648fdf187669d6d87d01dd4e786b03cd420f220)

13 years agor7706: Move ParseExpr() to util.
Jelmer Vernooij [Sat, 18 Jun 2005 01:58:36 +0000 (01:58 +0000)]
r7706: Move ParseExpr() to util.
(This used to be commit 72efb695291f0ad3cdc80daa9f979454f6a81c04)

13 years agor7705: prevent SIGPIPE. this is what causes BASE-NEGNOWAIT to sometimes fail
Andrew Tridgell [Sat, 18 Jun 2005 00:30:49 +0000 (00:30 +0000)]
r7705: prevent SIGPIPE. this is what causes BASE-NEGNOWAIT to sometimes fail
(This used to be commit 0163d7fe99caee54c6c2bd614e4f076fd00a6176)

13 years agor7704: - fixed open_nbt_connection() to return NULL when the connection failed
Andrew Tridgell [Sat, 18 Jun 2005 00:02:36 +0000 (00:02 +0000)]
r7704: - fixed open_nbt_connection() to return NULL when the connection failed

- got rid of smbcli_shutdown() and use talloc_free() instead.
(This used to be commit 1011b1bf51d420d6702ef448c894ea8ebeafa284)

13 years agor7702: Implement [charset()] attribute.
Jelmer Vernooij [Fri, 17 Jun 2005 21:40:42 +0000 (21:40 +0000)]
r7702: Implement [charset()] attribute.
(This used to be commit 7012e10bb6252a7e602e80f05c914a783610088c)

13 years agor7695: Add support for the [string] attribute that works in the traditional sense...
Jelmer Vernooij [Fri, 17 Jun 2005 16:29:27 +0000 (16:29 +0000)]
r7695: Add support for the [string] attribute that works in the traditional sense. Not
used anywhere yet.
(This used to be commit a73a35cfc7b5b92cd95bd0d0fbd64d04acecccf3)

13 years agor7690: Move the NT hash generation into the credentials system, rather than
Andrew Bartlett [Fri, 17 Jun 2005 13:12:13 +0000 (13:12 +0000)]
r7690: Move the NT hash generation into the credentials system, rather than
in all the callers.  This also allows us to be more flexible in the
type of password we store.

Andrew Bartlett
(This used to be commit 00b8588c68526e1d86fda0bd81c0b86f690b62c3)

13 years agor7689: Add new file from previous commit (seperate file for session key test).
Andrew Bartlett [Fri, 17 Jun 2005 13:09:16 +0000 (13:09 +0000)]
r7689: Add new file from previous commit (seperate file for session key test).
(This used to be commit fbec0ed13bc20093da308dee0108721d88e9c322)

13 years agor7688: Fix the internal heimdal build - push one #define back to
Andrew Bartlett [Fri, 17 Jun 2005 12:59:30 +0000 (12:59 +0000)]
r7688: Fix the internal heimdal build - push one #define back to

Andrew Bartlett
(This used to be commit 337cb20ac45c95b8a6d0c90dfef4bdac591ba39a)

13 years agor7687: Some more tests that must be done only when krb5_config is absent.
Andrew Bartlett [Fri, 17 Jun 2005 12:45:45 +0000 (12:45 +0000)]
r7687: Some more tests that must be done only when krb5_config is absent.

Andrew Bartlett
(This used to be commit 898f72d19654c68ba68d36a099bf4dbed5d09fe9)

13 years agor7686: Check for a type of invalid account name.
Andrew Bartlett [Fri, 17 Jun 2005 12:24:44 +0000 (12:24 +0000)]
r7686: Check for a type of invalid account name.

Andrew Bartlett
(This used to be commit 7520879bb08d191f0ab97508f14f525886b1b48b)

13 years agor7685: Simply the test for session key logic, so we pass against NT4.
Andrew Bartlett [Fri, 17 Jun 2005 12:22:14 +0000 (12:22 +0000)]
r7685: Simply the test for session key logic, so we pass against NT4.

Now, to try and figure out why this logic failed for jra...

Andrew Bartlett
(This used to be commit a32066a9ecf7cd82f66eb8381e07d014f5ac5eff)

13 years agor7684: Add a test aimed at checking we have agreement between client and
Andrew Bartlett [Fri, 17 Jun 2005 11:48:01 +0000 (11:48 +0000)]
r7684: Add a test aimed at checking we have agreement between client and
server as to the CIFS session key.

JRA had pain with this being wrong against NT4 (without spnego), hence
this specific test.

Andrew Bartlett
(This used to be commit 47f433708ba38db9bf569567cc048e65f2786ebe)

13 years agor7683: The other file from the last commit. And it's include/system/kerberos.h that...
Andrew Bartlett [Fri, 17 Jun 2005 11:05:08 +0000 (11:05 +0000)]
r7683: The other file from the last commit.  And it's include/system/kerberos.h that I'm putting the #defines in...

Andrew Bartlett
(This used to be commit 31f7ec38e63fc86ad7c756de47414152d2809c8f)

13 years agor7682: Move the properties of our heimdal build from heimdal_build/config.h
Andrew Bartlett [Fri, 17 Jun 2005 11:02:35 +0000 (11:02 +0000)]
r7682: Move the properties of our heimdal build from heimdal_build/config.h
(which gets included by heimdal, or shoudl be) into
auth/kerberos/kerberos.h (which is used by Samba, but not by the
Heimdal code).

Andrew Barteltt
(This used to be commit 3f473a93778b1350df3f7aac07b64008988a059d)

13 years agor7681: This #define is unused.
Andrew Bartlett [Fri, 17 Jun 2005 10:58:47 +0000 (10:58 +0000)]
r7681: This #define is unused.

Andrew Bartlett
(This used to be commit 2a22f413c9704dbfc3befb819d4183523f75d393)

13 years agor7680: Move to using our own private enum for the principal type inside the
Andrew Bartlett [Fri, 17 Jun 2005 10:57:55 +0000 (10:57 +0000)]
r7680: Move to using our own private enum for the principal type inside the
hdb-ldb module.  This removes the need for the KRBTGT case to exist in
the broader heimdal code.

Andrew Bartlett
(This used to be commit fb83465dbccae8af5eb26f735e60f3f40e944446)

13 years agor7679: update the documentation of security_description_create()
Stefan Metzmacher [Fri, 17 Jun 2005 07:18:30 +0000 (07:18 +0000)]
r7679: update the documentation of security_description_create()

(This used to be commit 6ad7ffab043c3b510f4dff052973a054e5a75779)

13 years agor7678: fixed typo
Andrew Tridgell [Fri, 17 Jun 2005 07:06:03 +0000 (07:06 +0000)]
r7678: fixed typo
(This used to be commit df29f25140192b64b55012d0a3c36095fbbfb82d)

13 years agor7677: fixed ldap server to honor 'private path'
Andrew Tridgell [Fri, 17 Jun 2005 07:03:32 +0000 (07:03 +0000)]
r7677: fixed ldap server to honor 'private path'
(This used to be commit f6abed5660ad8f7298eb2aebbaa25a8c355861a6)

13 years agor7676: Make VUID and TID choice random, as this gives us protection against
Andrew Bartlett [Fri, 17 Jun 2005 06:36:13 +0000 (06:36 +0000)]
r7676: Make VUID and TID choice random, as this gives us protection against
replay attacks under SMB signing, where the session key is a fixed
derivitive of the user's password.

This removes the VID offset, but I'm not worried about random client
bytes mattering here, given the space (and the fact that it applies to
very, very old clients).

Andrew Bartlett
(This used to be commit eb1d37c5a91a6bc4515469e1ae026d28c12d7149)

13 years agor7675: Use correct memory context for anonymous session setup auth context
Andrew Bartlett [Fri, 17 Jun 2005 06:30:03 +0000 (06:30 +0000)]
r7675: Use correct memory context for anonymous session setup auth context
(no need for it to hang around forever).

Add test for this behaviour.

Andrew Bartlett
(This used to be commit 36dc2491d778fbbff32c4abdf95faa9f83024e12)

13 years agor7674: Fix the printf() attribute suggestion by correctly prototyping, then
Andrew Bartlett [Fri, 17 Jun 2005 06:13:47 +0000 (06:13 +0000)]
r7674: Fix the printf() attribute suggestion by correctly prototyping, then
declaring the static function.  The attribute only works on the
prototype, not the function.

Andrew Bartlett
(This used to be commit 4c254754d25e5aa8b203d2d67a39895ffef3f393)

13 years agor7673: With current Heimdal we don't need this (correct) fix.
Andrew Bartlett [Fri, 17 Jun 2005 05:43:31 +0000 (05:43 +0000)]
r7673: With current Heimdal we don't need this (correct) fix.

This will however still be useful when we have crypt() based

Andrew Bartlett
(This used to be commit 005e2c0cfed11010685ebc3f3a69cf9f484c958a)

13 years agor7672: this should fix the crypt dependency problem (I hope!)
Andrew Tridgell [Fri, 17 Jun 2005 05:18:08 +0000 (05:18 +0000)]
r7672: this should fix the crypt dependency problem (I hope!)
(This used to be commit 3fe00b61147e09159ef02328a7f1d8f7805abf0d)

13 years agor7671: added ldap testing to the set of standard tests
Andrew Tridgell [Fri, 17 Jun 2005 03:30:49 +0000 (03:30 +0000)]
r7671: added ldap testing to the set of standard tests
(This used to be commit dcdf44024aa93e7eca54247d9058904c6950fae7)

13 years agor7670: fixed rootDSE search in ldap server
Andrew Tridgell [Fri, 17 Jun 2005 03:21:27 +0000 (03:21 +0000)]
r7670: fixed rootDSE search in ldap server
(This used to be commit 0981a375cfa9d8d75b6c89613eadb9d14cf1064f)

13 years agor7669: removed ldap from our configure tests
Andrew Tridgell [Fri, 17 Jun 2005 03:07:30 +0000 (03:07 +0000)]
r7669: removed ldap from our configure tests

This takes our link dependencies from this:

tridge@blu:~/samba/samba4/source$ ldd bin/ldbsearch => /lib/tls/ (0xb7fc9000) => /usr/lib/ (0xb7f92000) => /usr/local/lib/ (0xb7f85000) => /lib/ (0xb7f7d000) => /lib/tls/ (0xb7e48000)
        /lib/ => /lib/ (0xb7fea000) => /lib/tls/ (0xb7e36000) => /lib/tls/ (0xb7e09000) => /usr/lib/ (0xb7df3000) => /usr/lib/ (0xb7d8c000) => /lib/tls/ (0xb7d7d000) => /usr/lib/ (0xb7d6d000) => /usr/lib/ (0xb7d20000) => /usr/lib/ (0xb7d1c000) => /usr/lib/ (0xb7d09000) => /lib/tls/ (0xb7cf5000)

to this:

tridge@blu:~/samba/samba4/source$ ldd bin/ldbsearch => /lib/tls/ (0xb7fc9000) => /lib/ (0xb7fc0000) => /lib/tls/ (0xb7e8b000)
        /lib/ => /lib/ (0xb7fea000)

this finally gets rid of the implicit dependency on pthreads! Yay!
(This used to be commit 844d2a20830a4666b6c38f6a58305be64b6b76fa)

13 years agor7668: - setup HAVE_ILDAP to enable the ildap backend in ldb
Andrew Tridgell [Fri, 17 Jun 2005 02:48:48 +0000 (02:48 +0000)]
r7668: - setup HAVE_ILDAP to enable the ildap backend in ldb

- fixed a bug in socket_connect_ev()
(This used to be commit 3f77b879a035929a843e02b798d54eba6625bde7)

13 years agor7667: added a ldb ildap backend, using our internal ldap client library. Next step...
Andrew Tridgell [Fri, 17 Jun 2005 02:47:26 +0000 (02:47 +0000)]
r7667: added a ldb ildap backend, using our internal ldap client library. Next step is to
remove the check for the ldap libraries in configure
(This used to be commit 74841dbb2a86bb1c584b5c26c4cd24a818a65a34)

13 years agor7666: fixed a memory leak in the ldap ldb backend
Andrew Tridgell [Fri, 17 Jun 2005 02:46:25 +0000 (02:46 +0000)]
r7666: fixed a memory leak in the ldap ldb backend
(This used to be commit ac3f33c61555a2afa30fe446676013564982e257)

13 years agor7665: - added a ildap_*() interface to our internal ldap library. This
Andrew Tridgell [Fri, 17 Jun 2005 02:45:40 +0000 (02:45 +0000)]
r7665: - added a ildap_*() interface to our internal ldap library. This
  interface is very similar to the traditional ldap interface, and will
  be used as part of a ldb backend based on the current ldb_ldap backend

- fixed some allocation issues in ldb_msg.c
(This used to be commit b34a29dcf26f68a2f47380a6c74a4095fdfd2fbe)

13 years agor7661: patch from to fix on freebsd
Andrew Tridgell [Fri, 17 Jun 2005 00:48:00 +0000 (00:48 +0000)]
r7661: patch from to fix on freebsd
(This used to be commit ffe1b5e6f4cd8cc9ddd0ceda882ad76917ebd1d3)

13 years agor7660: improved error handling in socket_connect_ev() (it matters when name
Andrew Tridgell [Fri, 17 Jun 2005 00:10:13 +0000 (00:10 +0000)]
r7660: improved error handling in socket_connect_ev() (it matters when name
resolution fails)
(This used to be commit 4013c2ddea0cd03f875e2acf40d2a34344017d05)

13 years agor7659: fixup the ordering of socket destruction for ncacn_ip_tcp so we don't try and
Andrew Tridgell [Fri, 17 Jun 2005 00:09:17 +0000 (00:09 +0000)]
r7659: fixup the ordering of socket destruction for ncacn_ip_tcp so we don't try and
remove an epoll descriptor for a closed fd
(This used to be commit bec5e9f80a934e6472e8d227214a9baba4f15054)

13 years agor7658: don't timeout at the smb level for rpc requests as otherwise some rpc
Andrew Tridgell [Thu, 16 Jun 2005 23:47:06 +0000 (23:47 +0000)]
r7658: don't timeout at the smb level for rpc requests as otherwise some rpc
level sign/seal mechanisms can break
(This used to be commit 9df569f023f9a1e0d8c35de8135a344933bc69bf)

13 years agor7657: test addone again after request timeout and destruction to ensure the pipe...
Andrew Tridgell [Thu, 16 Jun 2005 23:30:02 +0000 (23:30 +0000)]
r7657: test addone again after request timeout and destruction to ensure the pipe is still OK
(This used to be commit 9f7f70124fc67109bc9ace7a57490851341ad759)

13 years agor7656: added testing of rpc request timeouts and destruction
Andrew Tridgell [Thu, 16 Jun 2005 23:28:24 +0000 (23:28 +0000)]
r7656: added testing of rpc request timeouts and destruction
(This used to be commit eddf41d5e4ca43073b96f96b96dbadf7b8b91df5)

13 years agor7655: test the evnt friendly socket_connect() in the LOCAL-SOCKET test
Andrew Tridgell [Thu, 16 Jun 2005 23:19:35 +0000 (23:19 +0000)]
r7655: test the evnt friendly socket_connect() in the LOCAL-SOCKET test
(This used to be commit b9ed92d550f1b821c5402a516eb2dfc2c8d69f0a)

13 years agor7654: - add a timeout to all smb requests (default 60 seconds)
Andrew Tridgell [Thu, 16 Jun 2005 23:19:03 +0000 (23:19 +0000)]
r7654:  - add a timeout to all smb requests (default 60 seconds)

 - add a request destructor, to make it safe to destroy a pending
   request with talloc_free()
(This used to be commit 72c6988767249caa585f37fec4c0afbf41557ec2)

13 years agor7653: when a dcerpc request times out, we need to ensure that if the server
Andrew Tridgell [Thu, 16 Jun 2005 23:02:40 +0000 (23:02 +0000)]
r7653: when a dcerpc request times out, we need to ensure that if the server
does finally answer the request and it is on the smb transport that we
don't die in the callback code as the rpc request state is gone.
(This used to be commit d47477c5c3acbaa7242fa3a06d4095258db86297)

13 years agor7652: use event friendly connect in dcerpc socket code
Andrew Tridgell [Thu, 16 Jun 2005 23:01:42 +0000 (23:01 +0000)]
r7652: use event friendly connect in dcerpc socket code
(This used to be commit 154effd781c901abfcd8f89721c4a6d03c07b670)

13 years agor7651: Only convert SERVER requests to KRBTGT requests.
Andrew Bartlett [Thu, 16 Jun 2005 22:45:30 +0000 (22:45 +0000)]
r7651: Only convert SERVER requests to KRBTGT requests.

Andrew Bartlett
(This used to be commit a948e743bbc691798e6a956b35d8e09cfc91f988)

13 years agor7650: fixed a typo
Andrew Tridgell [Thu, 16 Jun 2005 21:07:45 +0000 (21:07 +0000)]
r7650: fixed a typo
(This used to be commit 331afee4ca5bc6a6f7e4fe3333846881424314fe)

13 years agor7646: - only allow modification of SPOOLSS_FORM_USER Froms
Stefan Metzmacher [Thu, 16 Jun 2005 20:25:19 +0000 (20:25 +0000)]
r7646: - only allow modification of SPOOLSS_FORM_USER Froms
- some minor fixes and comments

(This used to be commit 87b1f9a2e027f4318a3104d13c091ca8ec5f16f4)

13 years agor7644: - remove some dublicate structures SetForm and AddForm uses the same struct
Stefan Metzmacher [Thu, 16 Jun 2005 19:53:14 +0000 (19:53 +0000)]
r7644: - remove some dublicate structures SetForm and AddForm uses the same struct
- fix some typos in EnumPrintServerForms()/GetPrintServerForms()
- add AddPrintServerForms()/SetPrintServerForms() and DeletePrintServerForms

(This used to be commit 73906388421beebb34f2a00c9e0d1fc8b400a42a)

13 years agor7643: This patch adds a new NTPTR subsystem:
Stefan Metzmacher [Thu, 16 Jun 2005 17:27:57 +0000 (17:27 +0000)]
r7643: This patch adds a new NTPTR subsystem:

- this is an abstraction layer for print services,
  like out NTVFS subsystem for file services

- all protocol specific details are still in rpc_server/spoolss/
  - like the stupid in and out Buffer handling
  - checking of the r->in.server_name
  - ...

- this subsystem can have multiple implementation
  selected by the "ntptr providor" global-section parameter

- I currently added a "simple_ldb" backend,
  that stores Printers, Forms, Ports, Monitors, ...
  in the spoolss.db, and does no real printing
  this backend is basicly for testing, how the spoolss protocol

- the interface is just a prototype and will be changed a bit
  the next days or weeks, till the simple_ldb backend can
  handle all calls that are used by normal w2k3/xp clients

- I'll also make the api async, as the ntvfs api
  this will make things like the RemoteFindFirstPrinterChangeNotifyEx(),
  that opens a connection back to the client, easier to implement,
  as we should not block the whole smbd for that

- the idea is to later implement a "unix" backend
  that works like the current samba3 code

- and maybe some embedded print server vendors can write there own
  backend that can directly talk to a printer without having cups or something like this

- the default settings are (it currently makes no sense to change them :-):

ntptr providor = simple_ldb
spoolss database = $private_dir/spoolss.db

(This used to be commit 455b5536d41bc31ebef8290812f45d4a38afa8e9)

13 years agor7642: - test NULL server_name in GetPrinterDriverDirectory() too, (same result as "")
Stefan Metzmacher [Thu, 16 Jun 2005 16:46:42 +0000 (16:46 +0000)]
r7642: - test NULL server_name in GetPrinterDriverDirectory() too, (same result as "")
- test EnumForms() on the PrintServer (NT4 returns WERR_BADFID)
  (jerry: how do it get the lists of forms in the printserver gui)

(This used to be commit fddfe1f04b3ae594e75d702aba4d17ee4d103b8e)

13 years agor7641: Fix based on work from "Shlomi Yaakobovich" <> to catch
Jeremy Allison [Thu, 16 Jun 2005 16:43:23 +0000 (16:43 +0000)]
r7641: Fix based on work from  "Shlomi Yaakobovich" <> to catch
loops in corrupted tdb files.
(This used to be commit f9f3037d6855259edd56fd5a23d63dbb37f0a751)