1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00
Commit Graph

197 Commits

Author SHA1 Message Date
Andrew Tridgell
fede78f29d s4-cldap: don't set the writable bit when we are a RODC
when we are a RODC, don't respond with the writable bit in the server
type response of netlogon requests

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-15 15:39:35 +10:00
Matthias Dieter Wallnöfer
a4b7fac86d s4:cosmetic - the SID attribute is called objectSid - not objectSID 2010-09-13 22:39:50 +02:00
Andrew Tridgell
6b266b85cf s4-loadparm: 2nd half of lp_ to lpcfg_ conversion
this converts all callers that use the Samba4 loadparm lp_ calling
convention to use the lpcfg_ prefix.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-16 18:24:27 +10:00
Matthias Dieter Wallnöfer
837a975c2b s4:cldap_server/rootdse.c - simplify the code a bit
Remove "NULL"-content variables and use "NULL"s directly as arguments. Add some
linewraps where needed.
2010-06-18 19:21:34 +02:00
Matthias Dieter Wallnöfer
9969cfc36c s4:cldap_server.c - here the counter variable should be "signed" 2010-06-18 18:57:38 +02:00
Andrew Bartlett
c8a23147fe s4:libcli/ldap Rename ldap.h to libcli_ldap.h
It is a problem if a samba header is called ldap.h if we also want
to use OpenLDAP's ldap.h

Andrew Bartlett
2010-05-21 17:39:15 +10:00
Jelmer Vernooij
f9ca9e46ad Finish removal of iconv_convenience in public API's. 2010-05-18 11:45:30 +02:00
Matthias Dieter Wallnöfer
79a29a8cd6 s4:cldap_server/netlogon.c - handle the domain SID correctly 2010-04-27 18:45:41 +02:00
Matthias Dieter Wallnöfer
eceffe6909 nbt: samlogon/netlogon structures - unify denominations 2010-04-27 18:45:41 +02:00
Matthias Dieter Wallnöfer
3f1bd92306 s4:fill_netlogon_samlogon_response - reorder assign operations (to be consistent) 2010-04-27 18:45:40 +02:00
Matthias Dieter Wallnöfer
a89ba9e21d s4:fill_netlogon_samlogon_response - use "lp_workgroup" for the short netbios domainname
This call is only for the DC mode.
2010-04-27 18:45:40 +02:00
Andrew Tridgell
91bb4893c4 s4-netlogon: fixed getDcNameEx2 for blank inputs
w2k8r2 returns the local DC information on no inputs for
getDcNameEx2. This is needed for starting dsa.msc (ADUC) on
Win7.

CDLAP on the same call returns an error. This uses a parameter
fill_on_blank_request to distinguish the two cases.
2010-04-28 00:19:30 +10:00
Stefan Metzmacher
cf3c595b9c s4:cldap_server: allow src_address = NULL in fill_netlogon_samlogon_response()
If we don't have the client address, we assume it's a local call,
maybe ncalrpc.

metze
2010-04-27 13:00:24 +02:00
Matthias Dieter Wallnöfer
cf73bc63e5 s4:CLDAP server - make use of the new "samdb_client_site_name" call
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-04-27 15:24:41 +10:00
Andrew Tridgell
404f7ac029 s4-cldap: we should set the w2k8 flags even if not the PDC emulator
these two tests are independent

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-04-22 19:36:17 +10:00
Matthias Dieter Wallnöfer
84c901a619 s4:"samdb_server_site_name" uses - proof for out of memory 2010-04-13 15:45:29 +02:00
Matthias Dieter Wallnöfer
1e08449136 s4:fill_netlogon_samlogon_reponse - fix a typo 2010-04-13 15:29:12 +02:00
Matthias Dieter Wallnöfer
aa02f44255 s4:dcesrv_netr_DsRGetDCNameEx2 - provide a much better implementation
On the base of the "fill_netlogon_samlogon_response" call.

This removes duplicated code.
2010-04-13 15:26:54 +02:00
Matthias Dieter Wallnöfer
4d7d6ee820 s4:fill_netlogon_samlogon_response - some rework of the detection code
To make it compatible by the use of the "dcesrv_netr_DsRGetDCName*" calls.
Some result checks were redundant so I removed them. In other cases I added
debug outputs. Sometimes the debug messages were misleading.
2010-04-13 15:26:54 +02:00
Matthias Dieter Wallnöfer
6661ecbe94 s4:CLDAP - "fill_netlogon_samlogon_reponse" - check for out of memory 2010-04-13 09:32:35 +02:00
Matthias Dieter Wallnöfer
0dffa9caec s4:use "samdb_forest_name" for the forest DNS domainname lookup 2010-04-13 09:32:33 +02:00
Matthias Dieter Wallnöfer
ad9e407357 Revert "s4:prefer "samdb_*_dn" basedn calls over the "ldb_get_*_dn" functions"
We should use the "ldb_get_*_basedn" calls since they are available in the LDB
library.
2010-04-13 08:55:15 +02:00
Matthias Dieter Wallnöfer
98ce053efd s4:prefer "samdb_*_dn" basedn calls over the "ldb_get_*_dn" functions
Purely cosmetic change.
2010-04-12 18:49:01 +02:00
Andrew Tridgell
b690fedef5 s4-waf: removed the AUTOGENERATED markers
we won't be using the mk -> wscript generator again
2010-04-06 20:27:16 +10:00
Andrew Tridgell
f9eae32f4b s4-waf: mark the wscript files as python so vim/emacs knows how to highlight them 2010-04-06 20:27:11 +10:00
Andrew Tridgell
845e0cbe6f build: commit all the waf build files in the tree 2010-04-06 20:26:48 +10:00
Matthias Dieter Wallnöfer
f10fc7c16e s4:cldap_server - make it "signed-safe"
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-02-25 08:17:11 +11:00
Andrew Tridgell
33cbe9c631 s4-server: use GUID_to_ndr_blob() in cldap and smb servers 2009-12-10 17:51:28 +11:00
Andrew Tridgell
0fca76e577 s4-dsdb: added dsdb_functional_level() helper function 2009-12-09 18:18:26 +11:00
Andrew Tridgell
98e4393df9 s4-dsdb: create a static system_session context
This patch adds a system_session cache, preventing us from having to
recreate it on every ldb open, and allowing us to detect when the same
session is being used in ldb_wrap
2009-10-23 14:52:17 +11:00
Matthias Dieter Wallnöfer
85e4995364 s4:sites - get the server site (name) from DSDB 2009-10-18 14:33:43 +02:00
Matthias Dieter Wallnöfer
e9686985cb s4: Changes the old occurences of "lp_realm" in "lp_dnsdomain" where needed
For KERBEROS applications the realm should be upcase (function "lp_realm") but
for DNS ones it should be used lowcase (function "lp_dnsdomain"). This patch
implements the use of both in the right way.
2009-10-14 10:50:43 +02:00
Andrew Tridgell
634d9d6476 s4-cldap: match w2k8-r2 for cldap netlogon bits
Windows does not set the 3 high bits, which is strange given their
meaning. I've submitted a CAR on this.
2009-10-02 12:03:04 +10:00
Andrew Tridgell
5c51560d43 s4-cldap: return domainFunctionality from SAM 2009-09-23 13:57:59 -07:00
Andrew Tridgell
e9a589feac s4-server: kill main daemon if a task fails to initialise
When one of our core tasks fails to initialise it can now ask for the
server as a whole to die, rather than limping along in a degraded
state.
2009-09-18 18:05:55 -07:00
Günther Deschner
05fbe0c7f7 libds: merge the UF<->ACB flag mapping functions.
Guenther
2009-07-13 15:36:07 +02:00
Jelmer Vernooij
6ace18904d Fix more unresolved symbols. 2009-06-02 18:05:41 +02:00
Andrew Bartlett
6ef65389fd Don't use crossRef records to find our own domain
A single AD server can only host a single domain, so don't stuff about
with looking up our crossRef record in the cn=Partitions container.
We instead trust that lp_realm() and lp_workgroup() works correctly.

Andrew Bartlett
2009-05-26 12:37:09 +10:00
Stefan Metzmacher
c600e8ef42 s4:cldap: rewrite the cldap library based on tsocket
metze
2009-03-19 16:25:59 +01:00
Stefan Metzmacher
1bb0104070 s4:cldap: s/private/private_data
metze
2009-02-02 13:08:42 +01:00
Jelmer Vernooij
c023828962 Fix missing symbols issues when building with shared libraries. 2008-12-22 21:03:09 +01:00
Günther Deschner
d242491488 idl: finally fully share nbt.idl in s3 and s4.
Guenther
2008-10-15 21:44:39 +02:00
Jelmer Vernooij
a9d8ed748e Sync with Samba 3. 2008-10-14 15:43:04 +02:00
Andrew Tridgell
23ec448f83 Merge commit 'master/master' 2008-10-03 12:23:00 -07:00
Andrew Tridgell
c5fdb82d32 fixed the sense of ldb base dn comparisons in two places, and use a
direct comparison instead of a sub-tree comparison in another

this fixes basedn searches on the global catalog port
2008-10-02 21:58:46 -07:00
Andrew Tridgell
89a67bb60c we need to listen on all interfaces in the CLDAP server as the windows
CDLAP client ignores replies from the wrong IP
2008-10-02 21:55:26 -07:00
Volker Lendecke
af1c802791 The IRIX compiler does not like embedded unnamed unions 2008-10-02 08:09:25 +02:00
Simo Sorce
b2901da479 LDB ASYNC: misc changes 2008-09-29 04:22:20 +02:00
Jelmer Vernooij
6a689c23e8 Rename smbd -> samba.
This reverts commit 05ea5e23cf.

Conflicts:

	source4/smbd/server.c
2008-09-24 03:16:15 +02:00
Simo Sorce
508527890a Merge ldb_search() and ldb_search_exp_fmt() into a simgle function.
The previous ldb_search() interface made it way too easy to leak results,
and being able to use a printf-like expression turns to be really useful.
2008-09-23 18:17:46 -04:00
Andrew Tridgell
53ecaf4a42 fixed the DomainDNS searches in the netlogon code
(This used to be commit 7dce38f989)
2008-08-22 20:50:07 +10:00
Andrew Bartlett
53a35b2655 Validate input in the CLDAP and DGRAM 'netlogon' responder.
(This used to be commit 682ca3cae1)
2008-08-21 16:09:42 +10:00
Matthias Dieter Wallnöfer
bec7a95207 Add extra bits to our 'netlogon' response in CLDAP and NBT.
I've studied now the netlogon attribute from the CLDAP request and
have compared them with the table presented in the WSPP docs
(http://msdn.microsoft.com/en-us/library/cc201036.aspx). The first two
bytes seem to be correct, but that the third and fourth one is
completely clear with SAMBA 4.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
(This used to be commit 3024a43c25)
2008-08-20 12:45:41 +10:00
Andrew Bartlett
6f55742b4c Rework samdb handling for 'netlogon' packets.
Don't reopen the samdb for every netlogon packet, and use the
system_session(), as we must access data not available to anonymous.
Perhaps we should consider a 'authenticated but not system' token, if
we want more control on this.

Andrew Bartlett
(This used to be commit d10c9b71ea)
2008-06-30 12:22:50 +10:00
Andrew Bartlett
3a29c33e82 Fix creation of sockaddr in netlogon datagram generator.
The previous code sent uninitialised data, and was the wrong length.

Andrew Bartlett
(This used to be commit 8e070293cf)
2008-05-21 14:29:20 +10:00
Andrew Bartlett
f67156fc92 Extend the 'netlogon' CLDAP and NBT implementation.
This now handles checking if the user exists, including validating the
ACB mask on the user.

This would be a nasty security hole, if Kerberos did not already
expose this information anonymously...

Andrew Bartlett
(This used to be commit 441b286c00)
2008-05-21 12:37:36 +10:00
Andrew Bartlett
343fea32cc Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-local
Fix config.mk due to changing syntax.

Conflicts:

	source/libcli/config.mk
	source/nbt_server/config.mk
(This used to be commit 6a1c76f29f)
2008-05-20 08:03:35 +10:00
Jelmer Vernooij
4c70cda986 Fix a couple (well, little more than that..) of typos.
(This used to be commit a6b5211994)
2008-05-18 23:02:47 +02:00
Jelmer Vernooij
4c8756f147 Create prototype headers from Makefile directory, without smb_build in the middle.
(This used to be commit f4a77b96f9)
2008-05-18 22:30:08 +02:00
Jelmer Vernooij
03643aec88 Use variables for source directory in a couple more places.
(This used to be commit c41bd3005f)
2008-05-18 19:54:27 +02:00
Andrew Bartlett
fd0d47b746 Handle netbios domains in the CLDAP server too.
This commit also fixes a number of issues found by the NBT-DGRAM and
LDAP-CLDAP tests.

Andrew Bartlett
(This used to be commit 8f99a4b94e)
2008-05-17 20:53:29 +10:00
Andrew Bartlett
326d591d57 Convert the CLDAP server to use the new netlogon structures.
This also makes the CLDAP server the place where we create the
NETLOGON SAMLOGON replies, regardless of protocol (NBT mailslots or
CLDAP).

Andrew Bartlett
(This used to be commit 8b00a94294)
2008-05-17 12:41:42 +10:00
Jelmer Vernooij
cc9c4aaa8d Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into v4-0-gmake3
Conflicts:

	source/Makefile
	source/auth/config.mk
	source/auth/gensec/config.mk
	source/build/m4/public.m4
	source/build/make/python.mk
	source/build/make/rules.mk
	source/build/smb_build/header.pm
	source/build/smb_build/main.pl
	source/build/smb_build/makefile.pm
	source/dsdb/config.mk
	source/dsdb/samdb/ldb_modules/config.mk
	source/kdc/config.mk
	source/lib/events/config.mk
	source/lib/events/events.c
	source/lib/ldb/config.mk
	source/lib/nss_wrapper/config.mk
	source/lib/policy/config.mk
	source/lib/util/config.mk
	source/libcli/smb2/config.mk
	source/libnet/config.mk
	source/librpc/config.mk
	source/nbt_server/config.mk
	source/ntptr/ntptr_base.c
	source/ntvfs/posix/config.mk
	source/ntvfs/sysdep/config.mk
	source/param/config.mk
	source/rpc_server/config.mk
	source/rpc_server/service_rpc.c
	source/scripting/ejs/config.mk
	source/scripting/python/config.mk
	source/smb_server/config.mk
	source/smbd/server.c
	source/torture/config.mk
	source/torture/smb2/config.mk
	source/wrepl_server/config.mk
(This used to be commit 13bbd42068)
2008-04-25 10:04:20 +01:00
Jelmer Vernooij
21fc767378 Specify event_context to ldb_wrap_connect explicitly.
(This used to be commit b4e1ae07a2)
2008-04-17 12:23:44 +02:00
Jelmer Vernooij
ffc5cbfe80 Move object files lists to makefile rather than smb_build.
(This used to be commit 5628d58990)
2008-04-14 16:53:00 +02:00
Jelmer Vernooij
f78bc8c489 Remove prototypes from build.h in preparation of removing build.h
altogether.
(This used to be commit dbeab2a9cd)
2008-04-14 11:54:50 +02:00
Jelmer Vernooij
b5d84a74d1 Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into v4-0-gmake3
Conflicts:

	source/auth/credentials/config.mk
	source/auth/gensec/config.mk
	source/build/smb_build/makefile.pm
	source/heimdal_build/config.mk
	source/lib/events/config.mk
	source/lib/nss_wrapper/config.mk
	source/lib/policy/config.mk
	source/lib/registry/config.mk
	source/lib/socket_wrapper/config.mk
	source/lib/tdb/config.mk
	source/lib/tls/config.mk
	source/lib/util/config.mk
	source/libcli/config.mk
	source/libcli/ldap/config.mk
	source/libnet/config.mk
	source/librpc/config.mk
	source/param/config.mk
	source/rpc_server/config.mk
	source/scripting/ejs/config.mk
	source/smbd/process_model.mk
(This used to be commit 760378e029)
2008-04-08 03:45:06 +02:00
Stefan Metzmacher
2e3cf7843f cldap_server: fix compiler warning
metze
(This used to be commit a6cd4e7509)
2008-03-28 09:39:03 +01:00
Jelmer Vernooij
fb6fdfce37 Fix the build.
(This used to be commit f2e4974471)
2008-03-08 17:02:40 +01:00
Jelmer Vernooij
6cf92e604d Fix the build.
(This used to be commit 49ef8d0c19)
2008-03-04 13:06:08 +01:00
Jelmer Vernooij
b29d47edcf Move object file lists to the Makefile.
(This used to be commit a7e6d2a183)
2008-03-03 18:25:28 +01:00
Jelmer Vernooij
c38c2765d1 Remove yet more uses of global_loadparm.
(This used to be commit e01c1e87c0)
2008-02-21 17:17:37 +01:00
Andrew Bartlett
0f8eeb81ec Remove useless layer of indirection, where every service called
task_service_init() manually.  Now this is called from service.c for
all services.

Andrew Bartlett
(This used to be commit 9c9a4731ca)
2008-02-04 21:58:29 +11:00
Andrew Bartlett
23d681caf9 Rework service init functions to pass down service name. This is
needed to change prefork behaviour based on what service is being
started.

Andrew Bartlett and David Disseldorp
(This used to be commit 0d830580e3)
2008-02-04 17:48:51 +11:00
Andrew Bartlett
97273d37fc r26681: Use fewer magic numbers.
Andrew Bartlett
(This used to be commit 16edbe1d60)
2008-01-06 21:21:02 -06:00
Andrew Bartlett
654282b885 r26680: Don't always advertise GC functionality.
Andrew Bartlett
(This used to be commit 2f228bcbf6)
2008-01-06 18:51:02 -06:00
Jelmer Vernooij
df408d056e r26672: Janitorial: Remove uses of global_loadparm.
(This used to be commit 18cd08623e)
2008-01-05 13:06:03 -06:00
Andrew Bartlett
4d0514b38a r26649: Only claim to be a PDC if we are a PDC.
Andrew Bartlett
(This used to be commit fc5746ae95)
2008-01-03 12:33:35 -06:00
Jelmer Vernooij
70f1f33af8 r26402: Require a talloc context in libnetif.
(This used to be commit a35e51871b)
2007-12-21 05:49:33 +01:00
Jelmer Vernooij
6f2252dace r26401: Don't cache interfaces context in libnetif.
(This used to be commit 9f975417cc)
2007-12-21 05:49:32 +01:00
Jelmer Vernooij
c5bf20c5fe r26325: Remove use of global_loadparm in netif.
(This used to be commit e452cb2859)
2007-12-21 05:48:37 +01:00
Jelmer Vernooij
41db2ab12c r26319: Split encoding functions out of libcli_ldap.
(This used to be commit 95a6ef7fc8)
2007-12-21 05:48:33 +01:00
Jelmer Vernooij
da0f222f43 r26271: Remove some more uses of global_loadparm.
(This used to be commit e9875fcd56)
2007-12-21 05:47:53 +01:00
Jelmer Vernooij
ecea5ce245 r26260: Store loadparm context in gensec context.
(This used to be commit b9e3a4862e)
2007-12-21 05:47:34 +01:00
Jelmer Vernooij
291ddf4336 r26237: Add loadparm context to the server service interface.
(This used to be commit 1386c5c925)
2007-12-21 05:47:15 +01:00
Jelmer Vernooij
934e932387 r26235: Avoid global_loadparm.
(This used to be commit e903978220)
2007-12-21 05:47:13 +01:00
Jelmer Vernooij
f4a1083cf9 r26227: Make loadparm_context part of a server task, move loadparm_contexts further up the call stack.
(This used to be commit 0721a07aad)
2007-12-21 05:47:04 +01:00
Jelmer Vernooij
3b281c3081 r26222: Avoid global_loadparm in a couple more places.
(This used to be commit 5bd053a570)
2007-12-21 05:46:58 +01:00
Jelmer Vernooij
ca0b72a1fd r26003: Split up DB_WRAP, as first step in an attempt to sanitize dependencies.
(This used to be commit 56dfcb4f2f)
2007-12-21 05:45:40 +01:00
Andrew Bartlett
cadf696f8b r25939: Rework the CLDAP server not to use gendb_search but to call ldb_search
directly.

Handle the errors from ldb_search (now that we get more than just -1),
including NO_SUCH_ENTRY when the base DN doesn't exist.

Andrew Bartlett
(This used to be commit e47df4a0fe)
2007-12-21 05:45:10 +01:00
Andrew Bartlett
5294e82e21 r25938: We don't need the CLDAP server unless we are a DC.
Andrew Bartlett
(This used to be commit e8606bbcc6)
2007-12-21 05:45:10 +01:00
Jelmer Vernooij
37d53832a4 r25398: Parse loadparm context to all lp_*() functions.
(This used to be commit 3fcc960839)
2007-10-10 15:07:25 -05:00
Jelmer Vernooij
ffeee68e4b r25026: Move param/param.h out of includes.h
(This used to be commit abe8349f9b)
2007-10-10 15:05:38 -05:00
Andrew Tridgell
0479a2f1cb r23792: convert Samba4 to GPLv3
There are still a few tidyups of old FSF addresses to come (in both s3
and s4). More commits soon.
(This used to be commit fcf38a38ac)
2007-10-10 14:59:12 -05:00
Stefan Metzmacher
35ffca8932 r22403: this dependencies should be private
metze
(This used to be commit c3cc03ffb2)
2007-10-10 14:51:14 -05:00
Simo Sorce
a9e31b33b5 r19832: better prototypes for the linearization functions:
- ldb_dn_get_linearized
  returns a const string

- ldb_dn_alloc_linearized
  allocs astring with the linearized dn
(This used to be commit 3929c086d5)
2007-10-10 14:28:22 -05:00
Simo Sorce
4889eb9f7a r19831: Big ldb_dn optimization and interfaces enhancement patch
This patch changes a lot of the code in ldb_dn.c, and also
removes and add a number of manipulation functions around.

The aim is to avoid validating a dn if not necessary as the
validation code is necessarily slow. This is mainly to speed up
internal operations where input is not user generated and so we
can assume the DNs need no validation. The code is designed to
keep the data as a string if possible.

The code is not yet 100% perfect, but pass all the tests so far.
A memleak is certainly present, I'll work on that next.

Simo.
(This used to be commit a580c871d3)
2007-10-10 14:28:22 -05:00
Stefan Metzmacher
b471ed1a0c r19736: handle rootdse call via CLDAP
metze
(This used to be commit 39dc94b219)
2007-10-10 14:28:17 -05:00
Stefan Metzmacher
65a50f46c8 r19699: - use better names for the site strings
- use the client_site when creating the server object

metze
(This used to be commit b02d0e1be3)
2007-10-10 14:28:12 -05:00
Andrew Tridgell
b21b119cbc r17824: add a wrapper for the common partitions_basedn calculation
(This used to be commit 09007b0907)
2007-10-10 14:16:45 -05:00