sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-11 05:18:09 +03:00
Code
67,743 Commits 60 Branches 1,145 Tags 452 MiB
1229935aa9
Commit Graph

1640 Commits

Author SHA1 Message Date
Andrew Bartlett
8beaa29242 s4-libcli/security Use seperate subsystem for session related functions 
The merged I plan in this area require spliting security.h into
two header files, a common header and a session.h for the
remaining source4-specific code.

Andrew Bartlett
 2010-10-12 02:54:16 +00:00
Andrew Bartlett
0487ef0a70 libcli/security Add debug class to security_token_debug() et al 
This will allow it to replace functions in source3 that use debug classes.

Andrew Bartlett
 2010-10-12 02:54:16 +00:00
Andrew Bartlett
5cd9495fb3 s4-param Refactor secrets code to not require an event context. 
A new event context is constructed by LDB when required for secrets.ldb
This will be essentially unused, as LDB on TDB will only trigger 'fake'
events, and blocks on transactions and lock operations anyway.

Andrew Bartlett
 2010-10-11 13:02:15 +00:00
Jelmer Vernooij
ffd7cee150 torture: Link against rpc server itself, not service module. (against which we can't link). 2010-10-11 01:06:36 +02:00
Jelmer Vernooij
93126b3315 samdb: Add flags argument to samdb_connect(). 2010-10-10 23:08:49 +02:00
Günther Deschner
b7683a2c9d samr: for correctness, rename samr_RidTypeArray to samr_RidAttrArray. 
Guenther

Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Thu Oct  7 12:04:32 UTC 2010 on sn-devel-104
 2010-10-07 12:04:32 +00:00
Günther Deschner
e0b340247a s4-samr: Fix dcesrv_samr_QueryGroupMember. 
Guenther
 2010-10-07 13:24:22 +02:00
Matthias Dieter Wallnöfer
0e5b77bec4 s4:kdc - use "userAccountControl" always unsigned 
It doesn't change much but it's nicer to have it consistent.
 2010-10-05 08:43:19 +00:00
Jelmer Vernooij
5548d3d41e Add missing dependencies for com_err. 2010-10-05 00:38:35 +02:00
Günther Deschner
279e0c9610 spoolss: fill in spoolss_SetPort IDL. 
Guenther
 2010-10-04 09:29:47 +02:00
Matthias Dieter Wallnöfer
e3081b92c1 s4:dsdb - substitute the "show_deleted" with the "show_recycled" control 
We intend to see always all objects with the "show_deleted" control specified.
To see also recycled objects (beginning with 2008_R2 function level) we need to
use the new "show_recycled" control.

As far as I see this is only internal code and therefore we don't run into
problems if we do substitute it.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2010-10-03 15:23:18 +00:00
Matthias Dieter Wallnöfer
55e3720470 s4:getncchanges.c - fix some counter types 2010-10-03 12:05:13 +02:00
Stefan Metzmacher
d05ae9451a s4:rpc_server/echo: fix compiler warning 
metze

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Sun Oct  3 09:41:51 UTC 2010 on sn-devel-104
 2010-10-03 09:41:51 +00:00
Stefan Metzmacher
76232a40d8 s4:rpc_server/netlogon: don't use dcerpc_binding_handle_call_send/recv() directly 
metze

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Sat Oct  2 03:11:38 UTC 2010 on sn-devel-104
 2010-10-02 03:11:38 +00:00
Andrew Tridgell
75a542a1d9 s4-drs: put the GCSPN flag into the repsTo if requested 
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-09-30 14:36:12 -07:00
Andrew Tridgell
46ec7d7851 s4-drs: added support for level 10 of getncchanges 
added a simple mapping from req8
 2010-09-30 16:45:13 +00:00
Andrew Tridgell
1ec5f5c09c s4-drs: implement PAS checks and access checks for getncchanges 
This implements partial attribute set checking on getncchanges. If the
client sends a partial_attribute_set then we only return the specified 
attributes.

This also implements access checking on the NC root for the access
right GUIDs for requests with and without reveal secrets 

Pair-Programmed-With: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
 2010-09-29 16:36:22 -07:00
Andrew Tridgell
eebe5e1251 s4-drs: added drs_security_access_check_nc_root() 
this checks securiity on the NC root of the specified naming context
 2010-09-29 16:36:22 -07:00
Andrew Tridgell
f4177b66c5 s4-drs: added support for DRSUAPI_EXOP_REPL_OBJ 
this extended getncchanges operation replicates a single object
 2010-09-28 11:36:40 -07:00
Andrew Tridgell
9aa07e72c8 s4-drs: use drs_ObjectIdentifier_*() calls in getncchanges 
this allows for replication by GUID or SID
 2010-09-28 11:36:40 -07:00
Andrew Tridgell
d4939ce4fc s4-drs: moved the drs_ObjectIdentifier handling to dsdb_dn.c 
this will be used outside of the drs server.

This also fixes the handling of the ndr_size elements of the
drs_ObjectIdentifier
 2010-09-28 11:36:40 -07:00
Nadezhda Ivanova
8045b35b1b s4-drs: Added check for drs-manage-topology to updateRefs. 2010-09-28 11:36:40 -07:00
Nadezhda Ivanova
440cee48b9 s4-drs: Added drs_security_access_check function 
It takes a security token, an ldb_context, and the desired CAR and checks
if the principal has this CAR granted
 2010-09-28 11:36:40 -07:00
Andrew Tridgell
c4d2b6fbc2 s4-netlogon: added RODC DNS update call fwded to dnsupdate task 
when we get a netlogon RODC DNS update, we send it to the dnsupdate
task
 2010-09-27 22:55:05 -07:00
Stefan Metzmacher
9d8b886b3e s4:rpc_server: use SOCKET_FLAG_NOCLOSE to avoid calling close() on the socket fd twice. 
metze
 2010-09-28 03:48:10 +02:00
Andrew Tridgell
8e1a3c8cca s4-drs: make getncchanges debug less verbose 
quieten make test a little
 2010-09-27 23:18:23 +00:00
Anatoliy Atanasov
2cf0525b23 s4/irpc: Add security token to the binding handle when doing irp call forwarding 2010-09-27 09:59:21 -07:00
Andrew Tridgell
785410c493 s4-drs: fixed comment in getncchanges code 
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Mon Sep 27 04:54:43 UTC 2010 on sn-devel-104
 2010-09-27 04:54:43 +00:00
Andrew Tridgell
f33fc39f37 s4-drs: use the system sam_ctx for updaterefs 
this is needed for RODC clients calling updaterefs
 2010-09-26 06:29:06 +00:00
Andrew Tridgell
d72dbe847e s4-repl: make getncchanges a bit less verbose 
this should reduce some of the clutter in make test
 2010-09-25 10:38:45 -07:00
Matthias Dieter Wallnöfer
80f3e92d0a s4:rpc_server/dcerpc_server.c - fix a "const" warning 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2010-09-24 09:25:41 +10:00
Anatoliy Atanasov
859f3cdd4a s4/eventlog6: Add dummy implementation for calls 0x5 and 0xB 
The code is enough to let us run all dcdiag tests against samba4 server
 2010-09-23 13:34:09 -07:00
Anatoliy Atanasov
411e6bc3f2 s4/eventlog6: Build and hook EventLog6 RPC endpont mapper and idl 2010-09-23 13:34:08 -07:00
Anatoliy Atanasov
b23609812a s4/eventlog6: Add endpoint server for EventLog6 RPC 
The file is generated using PIDL --template command.
 2010-09-23 13:34:08 -07:00
Anatoliy Atanasov
b4eba4268d s4/dcdiag: Handle ListRoles command for dcdiag:KnowsOfRoleHolders test 2010-09-20 09:46:10 -07:00
Andrew Tridgell
dc59de5627 s4-netlogon: added IDL for netr_DsrUpdateReadOnlyServerDnsRecords 
this is used by a RODC to do DNS updates, as TSIG updates are not
allowed by RODCs

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-09-16 21:09:17 +10:00
Andrew Tridgell
5958997a9b s4-rpcserver: allow saving of bad RPC packets 
use:
	dcesrv:stubs directory = .

to save files like this:

  RPC-netlogon-48-pullfail.dat

when a RPC packet can't be parsed or is unknown. Only enabled in
developer builds

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-09-16 21:09:17 +10:00
Andrew Tridgell
377ffcb029 s4-drs: make debugging DsUpdateRefs a bit easier 2010-09-16 16:08:46 +10:00
Andrew Tridgell
e5cd023a41 s4-drs: initial skeleton for DrsReplica{Add,Del,Mod} calls 2010-09-16 16:08:46 +10:00
Andrew Tridgell
4cf53c6d0b s4-drs: removed a debug print in repl secret 2010-09-16 16:08:46 +10:00
Andrew Tridgell
e2b6d171d4 s4-drs: get lpcfg_dnsdomain() instead of lpcfg_realm() 
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-09-16 07:24:01 +10:00
Kamen Mazdrashki
7f1db0d8df s4-drs: Wait DsReplicaSync for as long as it takes to complete 
In case the caller wants sync execution, we should
not cancel the call for internal timeout reason,
but rather wait for its execution
 2010-09-16 00:15:38 +03:00
Kamen Mazdrashki
ee169d7347 s4-irpc: Add 'timeout' param for dcesrv_irpc_forward_rpc_call() call 
It is to be used when caller wants to explicitly
specify the timeout for the call
 2010-09-16 00:15:38 +03:00
Andrew Tridgell
e7f21fa941 s4-rpcserver: set unbind method to NULL in remote server 
this prevents a possible crash on disconnect
 2010-09-15 23:08:18 +10:00
Anatoliy Atanasov
4608721935 s4/fsmo: Remove empty new lines 2010-09-15 14:00:27 +03:00
Andrew Tridgell
a498ab90fb s4-rpc: fixed double free in RPC proxy 
the unbind method is only called when the dcesrv_connection_context is
being destroyed (its called from the destructor). That means that priv
is either already free, or is about to be freed, so don't free it
again
 2010-09-15 15:39:36 +10:00
Jelmer Vernooij
48976ac497 rpc_server: Remove unnecessary dependency on server modules, build 
system will take care of that.
 2010-09-14 17:24:05 +02:00
Matthias Dieter Wallnöfer
7e710c4de9 s4:rpc_server/common/common.h - introduce two forward declarations to suppress parameter declaration warnings 
Always Tru64 in file "param/loadparm.c" and possibly others.
 2010-09-11 18:04:48 +02:00
Matthias Dieter Wallnöfer
83cd3f7630 s4:dcesrv_samr_GetGroupsForUser - also universal group memberships are returned here 
Tested using User Manager for Domains against Windows Server 2008.
MS-SAMR 3.1.5.9.1 is wrong in this case therefore I've informed the dochelp team.
 2010-09-11 14:34:37 +02:00
Andrew Bartlett
e84ab1b35f s4-privs Fix enum privileges in LSARPC server 
We were returning the index, not the LUID value

Andrew Bartlett
 2010-09-11 22:32:43 +10:00