tprouty/samba.git
11 years agoMerge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartlet
Andrew Bartlett [Tue, 19 Aug 2008 04:11:51 +0000 (14:11 +1000)]
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartlet
(This used to be commit fc6b4f03ebba015a13a6ab93221b0bc3ef8ef2ed)

11 years agoMerge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartlet
Andrew Bartlett [Tue, 19 Aug 2008 04:10:53 +0000 (14:10 +1000)]
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartlet
(This used to be commit 27d07df301d60e49d36efd003f2fd2305c83c3fe)

11 years agoFix up new OpenLDAP MMR code.
Andrew Bartlett [Tue, 19 Aug 2008 04:10:14 +0000 (14:10 +1000)]
Fix up new OpenLDAP MMR code.

This changes the MMR password from hard-coded value of 'linux',
adds tests and fixes the Fedora DS backend.

Currently the MMR password matches the admin password, but we can
change this to be another random value if required.

Also require the port to be specified on the command line, so we don't
hard-code a port of 9000.

Andrew Bartlett
(This used to be commit 08257c6d6ce809fcd53f9b2b4d558fef616b74ce)

11 years agoGenerate Multi-Master Replication configuration for OpenLDAP
Oliver Liebel [Tue, 19 Aug 2008 02:03:04 +0000 (12:03 +1000)]
Generate Multi-Master Replication configuration for OpenLDAP

This patches provision-backend and the related scripts to generate the
correct configuration blobs for N-way multi-master replication using
OpenLDAP.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
(This used to be commit 6ed0b3f2475022288f636605492ca27fde97cd52)

11 years agoFix templates.ldb reprovision handling.
Andrew Bartlett [Tue, 19 Aug 2008 01:43:41 +0000 (11:43 +1000)]
Fix templates.ldb reprovision handling.

This sets the attributes in a seperate transaction, and allows a
forced delete of the whole file.

Andrew Bartlett
(This used to be commit 423db2468ba3dac89cebc59c8498c0b08c5f3d7b)

11 years agolibrpc: don't build the old mszip decompression code
Stefan Metzmacher [Mon, 18 Aug 2008 13:33:11 +0000 (15:33 +0200)]
librpc: don't build the old mszip decompression code

metze
(This used to be commit f48dfd87badcddc64a1c0bf52939188a4a8f4add)

11 years agondr_compression: use zlib's inflate() for decompression
Stefan Metzmacher [Thu, 7 Aug 2008 16:24:57 +0000 (16:24 +0000)]
ndr_compression: use zlib's inflate() for decompression

metze
(This used to be commit 25876fc4ab8ba11f00d24bb8ceb517c0e4a4d72d)

11 years agozlib: mark as modified for samba
Stefan Metzmacher [Mon, 18 Aug 2008 12:26:53 +0000 (14:26 +0200)]
zlib: mark as modified for samba

metze
(This used to be commit 0fb265e567d700b3c16eb8f28bc5f26653a819fa)

11 years agozlib: fix compiler warnings
Stefan Metzmacher [Fri, 15 Aug 2008 11:32:51 +0000 (13:32 +0200)]
zlib: fix compiler warnings

metze
(This used to be commit ce44a608f66bf27070fd43d576551fde6f545d7c)

11 years agozlib: we don't need the inflateReset2 prototype twice
Stefan Metzmacher [Mon, 18 Aug 2008 12:25:41 +0000 (14:25 +0200)]
zlib: we don't need the inflateReset2 prototype twice

metze
(This used to be commit 0dbbc287f65a51330c5309df5a96b3acd4d044d5)

11 years agolibrpc/ndr: add support for XPRESS decompression
Matthieu Suiche [Thu, 10 Jul 2008 09:31:43 +0000 (09:31 +0000)]
librpc/ndr: add support for XPRESS decompression

Signed-off-by: Stefan Metzmacher <metze@samba.org>
(This used to be commit 6a9720c99d36a575ea8ed92e94ff6d2fe6f3e27d)

11 years agolib/compression: Import of lzxpress decompression algorithm
Matthieu Suiche [Thu, 10 Jul 2008 09:31:43 +0000 (09:31 +0000)]
lib/compression: Import of lzxpress decompression algorithm

Signed-off-by: Stefan Metzmacher <metze@samba.org>
(This used to be commit 531882dadd57eb6fa048c5d6e5fe3accc20df751)

11 years agoNote the ldb syntax for attribute syntaxes in the table.
Andrew Bartlett [Mon, 18 Aug 2008 10:30:27 +0000 (20:30 +1000)]
Note the ldb syntax for attribute syntaxes in the table.

This includes additional Samba-specific syntaxes made available from
the ldif_handlers code.

This commit also changes some table to use #defines, to ensure
consistancy in other parts of the code.

Andrew Bartlett
(This used to be commit e26a5efd9a580ed3728e1f449e367b1cd4a73b5f)

11 years agoAllow attributes to be overwritten, not just added to
Andrew Bartlett [Mon, 18 Aug 2008 10:21:31 +0000 (20:21 +1000)]
Allow attributes to be overwritten, not just added to
(This used to be commit 0aebae91be0fba7ffa94d73946a94aea930a252a)

11 years agoFix segfaults when loading the schema fails.
Andrew Bartlett [Mon, 18 Aug 2008 10:20:24 +0000 (20:20 +1000)]
Fix segfaults when loading the schema fails.
(This used to be commit 9643db1a011edc95aa903908cec708b3a3566e71)

11 years agoEnsure we fail to proceed if the schema won't load.
Andrew Bartlett [Mon, 18 Aug 2008 05:12:08 +0000 (15:12 +1000)]
Ensure we fail to proceed if the schema won't load.
(This used to be commit 07107c45c35a11979bf68a14b2c4df9415880fcb)

11 years agoRemove references to the unused @SUBCLASS feature.
Andrew Bartlett [Mon, 18 Aug 2008 02:01:27 +0000 (12:01 +1000)]
Remove references to the unused @SUBCLASS feature.

This was removed from ldb_tdb a while ago

Andrew Bartlett
(This used to be commit fcb87e77860b449ac3483ccec5e6b5ed087540f2)

11 years agoMerge the two attribute syntax tables.
Andrew Bartlett [Mon, 18 Aug 2008 00:16:45 +0000 (10:16 +1000)]
Merge the two attribute syntax tables.

This merges the table once found in the oLschema2ldif tool (and moved
many times) with the table used for DRSUAPI.

The OpenLDAP schema map has been updated, to ensure that despite a
number of attributes being declared as OIDs, they are actually used as
strings (as they are actually LDAP class/attribute names).

Andrew Bartlett
(This used to be commit 61f2958c84beeedcf369ccdc02afed0c8055b108)

11 years agoconfigure: use AS_HELP_STRING for --with-disable-ext-lib
Michael Adam [Fri, 15 Aug 2008 22:37:26 +0000 (00:37 +0200)]
configure: use AS_HELP_STRING for --with-disable-ext-lib

Michael
(This used to be commit 88cf5d8b708d6247772b33128f0e212a4c2e9ba8)

11 years agoconfigure: use AS_HELP_STRING for --enable-developer
Michael Adam [Fri, 15 Aug 2008 22:35:52 +0000 (00:35 +0200)]
configure: use AS_HELP_STRING for --enable-developer

Michael
(This used to be commit b10d4723891c39693100bfaaf1ac29adce9f7a86)

11 years agoconfigure: use AS_HELP_STRING for --enable-debug.
Michael Adam [Fri, 15 Aug 2008 22:34:43 +0000 (00:34 +0200)]
configure: use AS_HELP_STRING for --enable-debug.

Michael
(This used to be commit 1f4bf8fbd5bfc9c58bb5668fe25586766605b268)

11 years agoconfigure: use AS_HELP_STRING for --with-selftest-prefix.
Michael Adam [Fri, 15 Aug 2008 22:33:04 +0000 (00:33 +0200)]
configure: use AS_HELP_STRING for --with-selftest-prefix.

Michael
(This used to be commit eea4f597acf743fa783be3e5809e24aebc79f238)

11 years agoconfigure: use AS_HELP_STRING for --with-logfilebase.
Michael Adam [Fri, 15 Aug 2008 22:31:23 +0000 (00:31 +0200)]
configure: use AS_HELP_STRING for --with-logfilebase.

Michael
(This used to be commit f9c15b817a24bed26a339479c53fc2f5cc5b36df)

11 years agoconfigure: use AS_HELP_STRING for --with-piddir
Michael Adam [Fri, 15 Aug 2008 22:30:02 +0000 (00:30 +0200)]
configure: use AS_HELP_STRING for --with-piddir

Michael
(This used to be commit f05a9fe46ff428e48be9a5af4a6769cd78712c11)

11 years agoconfigure: use AS_HELP_STRING for --with-lockdir.
Michael Adam [Fri, 15 Aug 2008 22:28:36 +0000 (00:28 +0200)]
configure: use AS_HELP_STRING for --with-lockdir.

Michael
(This used to be commit ed4a6e780a3f57854338520e4608cfc8dce4ef3e)

11 years agoconfigure: use AS_HELP_STRING for --ntp-signd-socket-dir.
Michael Adam [Fri, 15 Aug 2008 22:27:15 +0000 (00:27 +0200)]
configure: use AS_HELP_STRING for --ntp-signd-socket-dir.

Michael
(This used to be commit dd07dcbc916236d80d9a7087860a6f504bbb09e8)

11 years agoconfigure: use AS_HELP_STRING for --with-winbindd-privileged-socket-dir.
Michael Adam [Fri, 15 Aug 2008 22:25:42 +0000 (00:25 +0200)]
configure: use AS_HELP_STRING for --with-winbindd-privileged-socket-dir.

Michael
(This used to be commit 3bf8116531d4eb0cc25bc7bac70ae3c77642a5a3)

11 years agoconfigure: use AS_HELP_STRING for --with-winbindd-socket-dir .
Michael Adam [Fri, 15 Aug 2008 22:25:09 +0000 (00:25 +0200)]
configure: use AS_HELP_STRING for --with-winbindd-socket-dir .

Michael
(This used to be commit 1304eda283b29fff8960633b1329c0a1611e1ca3)

11 years agoconfigure: use AS_HELP_STRING for --with-privatedir
Michael Adam [Fri, 15 Aug 2008 22:13:34 +0000 (00:13 +0200)]
configure: use AS_HELP_STRING for --with-privatedir

Michael
(This used to be commit eafde5bee0a68fd4cf61ae64dfb24e4deb16b95a)

11 years agoconfigure: format help string for --with-fhs with AS_HELP_STRING().
Michael Adam [Fri, 15 Aug 2008 22:07:54 +0000 (00:07 +0200)]
configure: format help string for --with-fhs with AS_HELP_STRING().

Michael
(This used to be commit 837d0b3eb213ce6d0ce5345308d1b42ae2b08d67)

11 years agoconfigure: remove duplicate definition of --with-winbindd-socket-dir.
Michael Adam [Fri, 15 Aug 2008 22:23:47 +0000 (00:23 +0200)]
configure: remove duplicate definition of --with-winbindd-socket-dir.

I think this should have gone with fa361354433fb9a5c09c84997a7c51f3052c294e.

Michael
(This used to be commit 91fcaac68b215461a13c1b517f6cede29af5e55c)

11 years agoFix the build, after the ad2oLschema changes.
Andrew Bartlett [Fri, 15 Aug 2008 11:20:05 +0000 (21:20 +1000)]
Fix the build, after the ad2oLschema changes.
(This used to be commit 7361821b21ef78c564c41466783048606a0b6e98)

11 years agoMerge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartlet
Andrew Bartlett [Fri, 15 Aug 2008 11:16:40 +0000 (21:16 +1000)]
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartlet
(This used to be commit fa03d750e4577a610dc410d45d49789110b1b4f1)

11 years agoMerge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartlet
Andrew Bartlett [Fri, 15 Aug 2008 10:41:50 +0000 (20:41 +1000)]
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartlet
(This used to be commit b4b14b748e6babc93faee23fe8f5c03ec2d25cbb)

11 years agoGenerate the subSchema in cn=Aggregate
Andrew Bartlett [Fri, 15 Aug 2008 10:40:57 +0000 (20:40 +1000)]
Generate the subSchema in cn=Aggregate

This reads the schema from the in-memory structure, when the magic
attributes are requested.  The code is a modified version of that used
in the ad2oLschema tool (now shared).

The schema_fsmo module handles the insertion of the generated result.

As such, this commit also removes these entries from the setup/schema.ldif

Metze's previous stub of this functionality is also removed.

Andrew Bartlett
(This used to be commit c7c32ec7b42bdf0f7b669644516438c71b364e60)

11 years agoRework generation of the objectClass and attributeType lines.
Andrew Bartlett [Fri, 15 Aug 2008 03:18:48 +0000 (13:18 +1000)]
Rework generation of the objectClass and attributeType lines.

Now that these are subroutines, we can factor them out into a file the
CN=Aggregate schema code can also use.

Andrew Bartlett
(This used to be commit e3591a6a35ddb60398a03a4fa0545cc6158946ef)

11 years agoParamaterise the seperator in ad2OLschema
Andrew Bartlett [Fri, 15 Aug 2008 02:08:10 +0000 (12:08 +1000)]
Paramaterise the seperator in ad2OLschema

This will allow me to add a new mode, with the CN=Aggregate schema
format automatically generated.

Andrew Bartlett
(This used to be commit 7d2a890a7077e446e45527847f78bba84d22bc4c)

11 years agoDon't segfault in RPC-ATSVC.
Andrew Bartlett [Thu, 14 Aug 2008 23:46:51 +0000 (09:46 +1000)]
Don't segfault in RPC-ATSVC.
(This used to be commit e711f7d26a632ec93c1e2a3db52c37e1c0de4214)

11 years agoRAW-OPEN: be more strict in create_option checking
Stefan Metzmacher [Thu, 14 Aug 2008 13:14:53 +0000 (15:14 +0200)]
RAW-OPEN: be more strict in create_option checking

metze
(This used to be commit d548f5dee5980eae0aea25f1314238eb4f963568)

11 years agoRevert "krb5: always generate the acceptor subkey as the same enctype as the used...
Stefan Metzmacher [Wed, 13 Aug 2008 05:22:36 +0000 (07:22 +0200)]
Revert "krb5: always generate the acceptor subkey as the same enctype as the used service key"

This reverts commit dbb94133e0313cae933d261af0bf1210807a6d11.

As we fixed gensec_gssapi to only return a session key when it's
have the correct session key, this hack isn't needed anymore.

metze
(This used to be commit 697cd1896bccaa55ee422f17d9312d787ca699ed)

11 years agogsskrb5: always return an acceptor subkey
Stefan Metzmacher [Wed, 13 Aug 2008 07:52:20 +0000 (09:52 +0200)]
gsskrb5: always return an acceptor subkey

For non cfx keys it's the same as the intiator subkey.
This matches windows behavior.

metze
(This used to be commit 6a8b07c39558f240b89e833ecba15d8b9fc020e8)

11 years agogensec_gssapi: only cache the session key in STAGE_DONE
Stefan Metzmacher [Wed, 13 Aug 2008 05:18:35 +0000 (07:18 +0200)]
gensec_gssapi: only cache the session key in STAGE_DONE

The key may change because we switch from initiator to acceptor
subkey.

metze
(This used to be commit 66244092a457b2cde6339cb31dcfa73b122ba9b5)

11 years agoSMB2-CREATE: add a special test for FILE_ATTRIBUTE_ENCRYPTED
Stefan Metzmacher [Thu, 14 Aug 2008 11:12:07 +0000 (13:12 +0200)]
SMB2-CREATE: add a special test for FILE_ATTRIBUTE_ENCRYPTED

Some standalone server (and samba4) doesn't support this.

metze
(This used to be commit 6d8fd4c0089d7e632ec91027a77321aca8c6acc7)

11 years agoSMB2-CREATE: be more strict in checking file attributes
Stefan Metzmacher [Thu, 14 Aug 2008 07:54:51 +0000 (09:54 +0200)]
SMB2-CREATE: be more strict in checking file attributes

metze
(This used to be commit ba9d0f6b3c60346df757e7c4c3f5704c0bf26d11)

11 years agoSMB2-CREATE: be more strict in error checking
Stefan Metzmacher [Thu, 14 Aug 2008 07:54:22 +0000 (09:54 +0200)]
SMB2-CREATE: be more strict in error checking

metze
(This used to be commit d7d4df78c1de19d0cd7a63daaa2fa0863a243a12)

11 years agontvfs_generic: fix handling of create_options for SMB2
Stefan Metzmacher [Thu, 14 Aug 2008 07:52:45 +0000 (09:52 +0200)]
ntvfs_generic: fix handling of create_options for SMB2

metze
(This used to be commit cbd585d2a1e179615eba773cb07385524369c686)

11 years agolibcli/smb2: add SMB2_CREATE_OPTIONS_NOT_SUPPORTED_MASK
Stefan Metzmacher [Thu, 14 Aug 2008 10:48:37 +0000 (12:48 +0200)]
libcli/smb2: add SMB2_CREATE_OPTIONS_NOT_SUPPORTED_MASK

SMB2 returns NOT_SUPPORTED to some more NTCREATE_OPTIONS.

metze
(This used to be commit 3ea08d430370717463ffab44fed9c42db1002d97)

11 years agopvfs: fix handling of create_option flags
Stefan Metzmacher [Thu, 14 Aug 2008 10:37:31 +0000 (12:37 +0200)]
pvfs: fix handling of create_option flags

metze
(This used to be commit 3c6cadf76861d6522c5ec41953df1ba2fac4910d)

11 years agolibcli/raw: fix the special NTCREATE_OPTIONS_*_MASK values
Stefan Metzmacher [Thu, 14 Aug 2008 10:44:25 +0000 (12:44 +0200)]
libcli/raw: fix the special NTCREATE_OPTIONS_*_MASK values

We now reuse ignored values for the ntvfs backend private flags.

metze
(This used to be commit 14eda93aeface307e1ffd1ea012d8f236fa78290)

11 years agosmb2srv: async replies with STATUS_PENDING are not signed
Stefan Metzmacher [Wed, 13 Aug 2008 07:48:44 +0000 (09:48 +0200)]
smb2srv: async replies with STATUS_PENDING are not signed

..., but the they may have the sign flag set.

metze
(This used to be commit 43e43dead030f6bffd06631007fdb162c3c6b2b5)

11 years agosmb2srv: sign replies when the request was also signed
Stefan Metzmacher [Wed, 13 Aug 2008 13:20:18 +0000 (15:20 +0200)]
smb2srv: sign replies when the request was also signed

metze
(This used to be commit dd2f4f7a491debcc30e590f571272afd99e52940)

11 years agosmb2srv: use defines instead of hex values
Stefan Metzmacher [Wed, 13 Aug 2008 07:45:44 +0000 (09:45 +0200)]
smb2srv: use defines instead of hex values

metze
(This used to be commit 7c4abf6614c47471ae005a12abe27d85890d867f)

11 years agolibcli/smb2: use smb2 signing in auto mode if the server supports it
Stefan Metzmacher [Wed, 13 Aug 2008 13:19:01 +0000 (15:19 +0200)]
libcli/smb2: use smb2 signing in auto mode if the server supports it

metze
(This used to be commit fe74faf13dc64eaa58d757de156aedcb24abed1f)

11 years agolibcli/smb2: we don't need check the same thing twice...
Stefan Metzmacher [Wed, 13 Aug 2008 07:44:06 +0000 (09:44 +0200)]
libcli/smb2: we don't need check the same thing twice...

metze
(This used to be commit 1380fb954a7d9d4b543c4650a060fef9f357af7b)

11 years agolibcli/smb2: async replies with STATUS_PENDING are not signed
Stefan Metzmacher [Wed, 13 Aug 2008 07:42:27 +0000 (09:42 +0200)]
libcli/smb2: async replies with STATUS_PENDING are not signed

metze
(This used to be commit 3f6cbece4a199a42ad6583ea4bd4302629399625)

11 years agopidl: fix samba4.pidl.samba3-cli test
Stefan Metzmacher [Wed, 13 Aug 2008 14:58:12 +0000 (16:58 +0200)]
pidl: fix samba4.pidl.samba3-cli test

metze
(This used to be commit 0449a5c8267873d7986c7c50adce57029192c456)

11 years agoNBT-WINSREPLICATION: be more robust to timing errors
Stefan Metzmacher [Wed, 13 Aug 2008 14:53:13 +0000 (16:53 +0200)]
NBT-WINSREPLICATION: be more robust to timing errors

Also reenable disabled tests.

metze
(This used to be commit 76878a9c798e0acb0387b8352972d66db989c09a)

11 years agoexpanded the SMB2-CREATE and RAW-OPEN tests to explore more of how the
Andrew Tridgell [Thu, 14 Aug 2008 07:26:30 +0000 (17:26 +1000)]
expanded the SMB2-CREATE and RAW-OPEN tests to explore more of how the
create options fields are supposed to work
(This used to be commit 0576875eccaa21ad529c9db41db91781ad400d0f)

11 years agocope with arbitrary unknown pac buffer types, so when MS adds
Andrew Tridgell [Thu, 14 Aug 2008 05:27:48 +0000 (15:27 +1000)]
cope with arbitrary unknown pac buffer types, so when MS adds
a new one we don't break our server
(This used to be commit 5e08b285319e35afd3a9a6e6f5f59145350f2d80)

11 years agocope with not knowing the kdc key
Andrew Tridgell [Thu, 14 Aug 2008 05:27:22 +0000 (15:27 +1000)]
cope with not knowing the kdc key
(This used to be commit 7e48dad4c7724f3f11236171a777603574224c42)

11 years agoMerge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartlet
Andrew Bartlett [Tue, 12 Aug 2008 23:47:18 +0000 (09:47 +1000)]
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartlet
(This used to be commit e85abe7db21eec47adecae8243a25f145aa7ec9a)

11 years agogensec_gssapi: add support for GENSEC_FEATURE_NEW_SPNEGO
Stefan Metzmacher [Tue, 12 Aug 2008 13:02:02 +0000 (15:02 +0200)]
gensec_gssapi: add support for GENSEC_FEATURE_NEW_SPNEGO

metze
(This used to be commit 9246924effd4d0b08ca1ef87e45ad510020df93e)

11 years agogensec_gssapi: fix compiler warnings
Stefan Metzmacher [Tue, 12 Aug 2008 12:57:14 +0000 (14:57 +0200)]
gensec_gssapi: fix compiler warnings

metze
(This used to be commit f4f4bb7fe977301e468ab164ba750b69d9a92306)

11 years agogensec_gssapi: add a function to load the lucid structure once
Stefan Metzmacher [Tue, 12 Aug 2008 12:56:36 +0000 (14:56 +0200)]
gensec_gssapi: add a function to load the lucid structure once

metze
(This used to be commit daa986d1d04e59550bb5d33b5075daa414d087ba)

11 years agogensec: add support for new style spnego and correctly handle mechListMIC
Stefan Metzmacher [Tue, 12 Aug 2008 12:26:21 +0000 (14:26 +0200)]
gensec: add support for new style spnego and correctly handle mechListMIC

metze
(This used to be commit 05a3403967d3cf64bca8b06536dc1b20cf835396)

11 years agoMerge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartlet
Andrew Bartlett [Tue, 12 Aug 2008 07:46:48 +0000 (17:46 +1000)]
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartlet
(This used to be commit 7ad0d8dd4dab6119ca6f94b64b35c8f975a27d0a)

11 years agodcerpc.idl: remove used DCERPC_MAX_SIGN_SIZE
Stefan Metzmacher [Mon, 11 Aug 2008 16:14:51 +0000 (18:14 +0200)]
dcerpc.idl: remove used DCERPC_MAX_SIGN_SIZE

metze
(This used to be commit 54b873e49ff363609632fa2862208bf6b4c1b6ed)

11 years agorpc_server: correct the chunk_size depending on the signature size
Stefan Metzmacher [Mon, 11 Aug 2008 16:12:54 +0000 (18:12 +0200)]
rpc_server: correct the chunk_size depending on the signature size

metze
(This used to be commit 20fc0d7bfdaa60d6a8ac939dc64733a91652587e)

11 years agolibrpc/rpc: correct the chunk_size depending on the signature size
Stefan Metzmacher [Mon, 11 Aug 2008 16:00:11 +0000 (18:00 +0200)]
librpc/rpc: correct the chunk_size depending on the signature size

metze
(This used to be commit 50eb0e726405580dc5ca3a8a3b15f3bd674f722a)

11 years agodcerpc.idl: add DCERPC_AUTH_TRAILER_LENGTH
Stefan Metzmacher [Mon, 11 Aug 2008 15:59:38 +0000 (17:59 +0200)]
dcerpc.idl: add DCERPC_AUTH_TRAILER_LENGTH

metze
(This used to be commit ce36448d74b0c6cdf8928e10c088bf0248a95cf7)

11 years agoOnly allow trust accounts access to the NTP signing service.
Andrew Bartlett [Mon, 11 Aug 2008 01:45:45 +0000 (11:45 +1000)]
Only allow trust accounts access to the NTP signing service.
(This used to be commit 30da1b534f00ba6ef6cf86cba603732bc6e1ad43)

11 years agogensec_gssapi: use the correct signature size for cfx/rfc4121 style signatures
Stefan Metzmacher [Fri, 8 Aug 2008 10:39:11 +0000 (12:39 +0200)]
gensec_gssapi: use the correct signature size for cfx/rfc4121 style signatures

metze
(This used to be commit fcabe24f96c9677146ca754a502f336c23050339)

11 years agogsskrb5: try to be compatible with windows for gss_wrap* and cfx
Stefan Metzmacher [Fri, 8 Aug 2008 13:01:15 +0000 (15:01 +0200)]
gsskrb5: try to be compatible with windows for gss_wrap* and cfx

The good thing is that windows and heimdal both use EC=0
in the non DCE_STYLE case, so we need the windows compat hack
only in DCE_STYLE mode.

metze
(This used to be commit 0fa41a94e466d5e11bcf362ccd8ff41b72733d1a)

11 years agogensec_gssapi: use gsskrb5_get_subkey() to get the session key
Stefan Metzmacher [Fri, 8 Aug 2008 13:27:40 +0000 (15:27 +0200)]
gensec_gssapi: use gsskrb5_get_subkey() to get the session key

This is needed to get the correct key, when aes keys are used.

metze
(This used to be commit 7587a7d8b65f27a5865d6873f63a450488da02c9)

11 years agokrb5: always generate the acceptor subkey as the same enctype as the used service key
Stefan Metzmacher [Fri, 8 Aug 2008 13:22:39 +0000 (15:22 +0200)]
krb5: always generate the acceptor subkey as the same enctype as the used service key

With this patch samba4 can use gsskrb5_get_subkey() to get the session key.

metze
(This used to be commit dbb94133e0313cae933d261af0bf1210807a6d11)

11 years agogsskrb5: add support for DCE_STYLE and des and des3 keys
Stefan Metzmacher [Fri, 25 Jul 2008 11:11:46 +0000 (13:11 +0200)]
gsskrb5: add support for DCE_STYLE and des and des3 keys

Only the des keys are tested as windows doesn't support des3

metze
(This used to be commit 86848dd0f217774faed81af8fbf68618013e20a1)

11 years agoAlways set a session key, even for the 'no password' case.
Andrew Bartlett [Fri, 8 Aug 2008 04:05:16 +0000 (14:05 +1000)]
Always set a session key, even for the 'no password' case.

This is for bug 5664 reported by Tom <hto@arcor.de>.

Andrew Bartlett
(This used to be commit b345c9cf535af35c83da040ac965d9690dc802fe)

11 years agoClarify comment
Andrew Bartlett [Fri, 8 Aug 2008 04:04:08 +0000 (14:04 +1000)]
Clarify comment
(This used to be commit 580cce9de38ddd9d59b272b58caadce528321d09)

11 years agoWe can't use ndr_pull_struct_blob_all in combinatin with relative pointers
Andrew Bartlett [Fri, 8 Aug 2008 00:32:21 +0000 (10:32 +1000)]
We can't use ndr_pull_struct_blob_all in combinatin with relative pointers
(This used to be commit d0a128f35b259d4891edc68fc24aa04a6da7aab7)

11 years agolib: prepare the build of zlib
Stefan Metzmacher [Tue, 29 Jul 2008 20:06:18 +0000 (20:06 +0000)]
lib: prepare the build of zlib

metze
(This used to be commit 159df68c04c9ae437ab48991154e91161ef72754)

11 years agozlib: add inflateReset2()...
Stefan Metzmacher [Thu, 7 Aug 2008 16:20:11 +0000 (16:20 +0000)]
zlib: add inflateReset2()...

metze
(This used to be commit 2a4fb661d7e3d601a5eb9ccecb4d4f2b07073097)

11 years agoimport of zlib-1.2.3
Stefan Metzmacher [Tue, 29 Jul 2008 20:01:23 +0000 (20:01 +0000)]
import of zlib-1.2.3

We want to use zlib for the mszip ndr (de)compression
later, we'll need to add some new functions to zlib.

metze
(This used to be commit 65c9e91a1bb24851a030a304d011558562cc50d6)

11 years agodrsuapi: fix callers after idl change
Stefan Metzmacher [Thu, 7 Aug 2008 17:15:30 +0000 (19:15 +0200)]
drsuapi: fix callers after idl change

metze
(This used to be commit 7dee6fb62d5adbd2eaaaf4d8ba9e87a72ef9f94b)

11 years agodrsuapi.idl: directly use mszip in level 2
Stefan Metzmacher [Thu, 7 Aug 2008 16:15:26 +0000 (16:15 +0000)]
drsuapi.idl: directly use mszip in level 2

This fixes the push because the switch_level doesn't work
otherwise because the pointer is the same as for
the outer switch_level.

metze
(This used to be commit a4c81ee68c91b2d7a9abe668e8b23246c5c9b00d)

11 years agorpc_server: add support for DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN
Stefan Metzmacher [Wed, 6 Aug 2008 20:28:04 +0000 (22:28 +0200)]
rpc_server: add support for DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN

you need "dcesrv:header signing=yes" to enable it.

metze
(This used to be commit bde2496e6b7034c99243b22434a97aebeb8f75b9)

11 years agolibrpc/rpc: add support DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN
Stefan Metzmacher [Wed, 6 Aug 2008 19:35:07 +0000 (21:35 +0200)]
librpc/rpc: add support DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN

You can trigger it like this:

ncacn_ip_tcp:172.31.9.234[sign,hdrsign]

or

ncacn_ip_tcp:172.31.9.234[seal,hdrsign]

metze
(This used to be commit 54f1fca582b1474693b5ee11b7b847086d27f75f)

11 years agolibrpc/rpc: pass struct dcerpc_pipe to dcerpc_auth3()
Stefan Metzmacher [Wed, 6 Aug 2008 19:34:00 +0000 (21:34 +0200)]
librpc/rpc: pass struct dcerpc_pipe to dcerpc_auth3()

metze
(This used to be commit 60b3523da485d845b1d930d990688d8434d39ef3)

11 years agogensec_gssapi: add support for GENSEC_FEATURE_SIGN_PKT_HEADER
Stefan Metzmacher [Wed, 6 Aug 2008 19:30:17 +0000 (21:30 +0200)]
gensec_gssapi: add support for GENSEC_FEATURE_SIGN_PKT_HEADER

This only works for sign/verify_packet() yet,
seal/unseal_packet() doesn't work yet...

metze
(This used to be commit c62e5d23a69789d23516a6d150fd3b756e270998)

11 years agogensec: add GENSEC_FEATURE_SIGN_PKT_HEADER flag
Stefan Metzmacher [Wed, 6 Aug 2008 19:26:20 +0000 (21:26 +0200)]
gensec: add GENSEC_FEATURE_SIGN_PKT_HEADER flag

metze
(This used to be commit d7dfdbaf34843cb6783d8e686e659c53c5ac27ef)

11 years agoMerge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into manpage
Jelmer Vernooij [Fri, 1 Aug 2008 19:36:49 +0000 (21:36 +0200)]
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into manpage
(This used to be commit 8e201ecf3e86c3c8865c7276fad8dad07106efaf)

11 years agoAdd helper object Hostconfig to make it easier to get to e.g. the
Jelmer Vernooij [Fri, 1 Aug 2008 19:12:37 +0000 (21:12 +0200)]
Add helper object Hostconfig to make it easier to get to e.g. the
SAM database.
(This used to be commit be75b2a36ee49f66ada3ec3ababa82d74085d559)

11 years agoheimdal: add experimental --enable-external-heimdal
Stefan Metzmacher [Fri, 1 Aug 2008 16:15:11 +0000 (18:15 +0200)]
heimdal: add experimental --enable-external-heimdal

This should only be used for testing and when you're
absolutly sure the installed heimdal libraries
support the features we need.

(E.g. heimdal-1.2 or lower should NOT work)

metze
(This used to be commit 66b76b018d6048cec63a75b24ec4c099f6a2eb8c)

11 years agolibreplace: include <krb5.h> and <com_err.h> and no heimdal specific headers
Stefan Metzmacher [Fri, 1 Aug 2008 17:30:16 +0000 (19:30 +0200)]
libreplace: include <krb5.h> and <com_err.h> and no heimdal specific headers

metze
(This used to be commit cffed8e19e22a1fa7b7a322b153df5d54e4c3be2)

11 years agoauth/kerberos: remove dependencies to internal heimdal
Stefan Metzmacher [Fri, 1 Aug 2008 17:29:08 +0000 (19:29 +0200)]
auth/kerberos: remove dependencies to internal heimdal

metze
(This used to be commit ed0fc19ac6a1194e6fd9a6534cbf7453fa870066)

11 years agoheimdal_build/internal: add some useful defines
Stefan Metzmacher [Fri, 1 Aug 2008 17:24:09 +0000 (19:24 +0200)]
heimdal_build/internal: add some useful defines

metze
(This used to be commit b9727d612bd2e9cf67ca2d4a9c60dc13d4bed5be)

11 years agoheimdal: fix dependency
Stefan Metzmacher [Fri, 1 Aug 2008 18:27:38 +0000 (20:27 +0200)]
heimdal: fix dependency

metze
(This used to be commit 9e8b95dc8d577ea33504f0fb463d4648393e045b)

11 years agolib/crypto: remove dependency to internal heimdal
Stefan Metzmacher [Fri, 1 Aug 2008 17:23:29 +0000 (19:23 +0200)]
lib/crypto: remove dependency to internal heimdal

metze
(This used to be commit 9138fc6639fae7a5567c395254277199c89b0dcb)

11 years agobuild: remove warning about missing generated include file
Stefan Metzmacher [Fri, 1 Aug 2008 18:15:52 +0000 (20:15 +0200)]
build: remove warning about missing generated include file

metze
(This used to be commit 495d068df55a94d48f2a4d2e7f2060fb42f66dbd)

11 years agoUse new style python classes.
Jelmer Vernooij [Fri, 1 Aug 2008 19:00:09 +0000 (21:00 +0200)]
Use new style python classes.
(This used to be commit 2a39aae0cef310a79427feb1b85f6794ea36849a)

11 years agoMove domain DN determination out of newuser function.
Jelmer Vernooij [Fri, 1 Aug 2008 18:47:22 +0000 (20:47 +0200)]
Move domain DN determination out of newuser function.
(This used to be commit cbac27e6faa99ebaa3e6d653017c968db836560a)