IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Aug 25 04:10:25 CEST 2017 on sn-devel-144
- Update IDL comments to include Microsoft reference doc
- Add support for sending v10 GetNCChanges request (needed for the
GET_TGT flag, which is in the new 'more_flags' field)
- Update to also set the GET_TGT flag in the same place we were setting
GET_ANC (I split this logic out into a separate function).
- The state struct now needs to hold a 'more_flags' field as well (this
flag is different to the GET_ANC replica flag)
Note that using the GET_TGT when replicating from a Windows DC could be
highly inefficient. Because Samba keeps the GET_TGT flag set throughout
the replication cycle, it will basically receive a repeated object from
Windows for every single linked attribute that it receives.
I believe Windows behaviour only expects the client to set the GET_TGT
flag when it actually needs to (i.e. when it receives a target object it
doesn't know about), rather than throughout the replication cycle.
However, this approach won't work with Samba-to-Samba replication,
because when the server receives the GET_TGT flag it restarts the
replication cycle from scratch. So if we only set the GET_TGT flag when
the client encountered an unknown target then Samba-to-Samba could
potentially get into an endless replication loop.
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12972
Add checks for the maximum permitted length, maximum number of labels
and the maximum label length. These extra checks will be used by the
DNS wild card handling.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12952
Allocate them off the NULL context not the talloc_autofree_context().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12932
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This is string is used several places in the code and tests, so it
should be a constant.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12865
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
STORAGE_OFFLOAD_TOKEN_TYPE_ZERO_DATA is defined as 0xffff0001 in MS-FSCC
2.3.79.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
The range included the unused (1<<14) before.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Add a String constructor, str and repr methods to the
samba.dcerpc.lsa.String python object
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
See [MS-NRPC] 3.5.4.5.1 NetrLogonSamLogonEx (Opnum 39).
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This allows you to forward bad password count resets to 0. Currently,
there is a missing access check for the RODC to ensure it only applies
to cached users (msDS-Allowed-Password-Replication-Group).
(further patches still need to address forcing a RWDC contact)
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Enable the DCERPC_SCHANNEL_AUTO option in dceprc bindings. If not enabled
calls to netlogon.netlogon from python fail with NT_STATUS_DOWNGRADE_DETECTED
if schannel bindings are specified.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Add the blobs required to allow the storing of an sha256 or sha512 hash of
the password in supplemental credentials
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
The wscript_build files convey what header files belong to which
logical package. For example,
# lib/util/wscript_build:
bld.SAMBA_LIBRARY('samba-util',
public_headers='... data_blob.h ...'
# auth/credentials/wscript_build:
bld.SAMBA_LIBRARY('samba-credentials',
public_headers='credentials.h',
Now, credentials.h #includes <util/data_blob.h> and therefore,
samba-credentials.pc must have a Requires: samba-util.
Similarly for other parts.
Signed-off-by: Jan Engelhardt <jengelh@inai.de>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
While these names may have been clear, much of Samba uses
remote_address and local_address, and this difference has hidden bugs.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-by: Gary Lockyer <gary@catalyst.net.nz>
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
This will allow AUTH_EVENT_NAME and MSG_AUTH_LOG to be accessed from python
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Mar 28 13:19:03 CEST 2017 on sn-devel-144
This makes it easy to ensure we use the same name in the python and the C
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Pair-Programmed-by: Gary Lockyer <gary@catalyst.net.nz>
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
The ndr token code keeps a temporary store of tokens which are
referred to a small number of times (often once) before being
discarded. The access patterns are somewhat stack-like, with recently
placed tokens being accessed most often.
The old code kept these tokens in a linked list, which we replace with
a self-resizing array.
This keeps everything roughly the same in big-O terms, but makes it
all faster in practice by vastly reducing the amount of tallocing and
pointer-chasing.
The peak memory use is strictly reduced. On a 64 bit machine each core
token struct fits in 16 bytes (after padding) while the two pointers
used by the DLIST add another 16 bytes, so the overall list allocation
is the same as the peak 2n array allocation -- except in the list case
it is dwarfed by the talloc and malloc metadata overhead.
Before settling on the resized arrays, we tried red-black trees, which
are bound to be better for large ndr structures. As it happens, we
don't deal with large structures (the size of replication clumps is
limited to 400 objects) and the asymptotic benefits of the trees are
not realised in practice.
With luck you should find graphs comparing the performance of these
various techniques at:
https://www.samba.org/~dbagnall/perf-tests/ndr-token/
This necessarily breaks the ABI because the linked list implementation
was publicly exposed.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Mar 2 08:38:22 CET 2017 on sn-devel-144