sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-12 09:18:10 +03:00
Code
67,551 Commits 60 Branches 1,145 Tags 452 MiB
5548d3d41e
Commit Graph

2002 Commits

Author SHA1 Message Date
Michael Adam
15b60a7e3f s4:move the sddl code down to the top level 
Michael
 2010-03-03 09:16:34 +01:00
Endi S. Dewata
07669b0704 s4-libcli: Added NULL handlers for DSDB_CONTROL_DN_STORAGE_FORMAT_OID and LDB_CONTROL_AS_SYSTEM_OID 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2010-03-02 14:06:52 +11:00
Andrew Tridgell
781ad038c9 s4-krb5: propogate errors from a lot more kerberos functions 
We need to be able to give sensible error messages when a kerberos
calls fails. This propogates the kerberos error up the stack to the
caller.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-02-26 13:59:16 +11:00
Kamen Mazdrashki
8078614814 s4/ldap: Refactor the fix for ldap nested searches 
Current implementation synchronizes processing for
all types of LDAP request, not only LDAP_Search ones.

Synchronization for ldap replies processing is done
locally in ldb_ildap module as this concerns only
ildb_callback() function.

Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
 2010-02-17 18:03:31 +02:00
Kai Blin
ea055e8c79 s4: Switch to S3-style id mapping data types. 2010-02-11 23:56:35 +01:00
Andrew Tridgell
580f955664 s4-torture: allow host-only in unc lists in smbtorture 
Allow UNC lists like this:

 192.168.2.1
 192.168.2.2
 192.168.2.3

the share name will be taken from the command line
 2010-02-09 14:46:09 +11:00
Matt Kraai
d8071e7ed7 Change uint_t to unsigned int in source4 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2010-02-02 07:18:18 +01:00
Kamen Mazdrashki
a4d0ed5a10 s4/ldap: Fix nested searches SEGFAULT bug 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2010-01-29 14:09:53 +01:00
Stefan Metzmacher
ddd595e687 s4:libcli: remove unneeded talloc_reference() usage 
metze
 2010-01-29 11:16:13 +01:00
Andreas Schneider
dee1b41ae7 s4-libcli: Fixed a talloc_reference error. 
Signed-off-by: Andreas Schneider <asn@redhat.com>
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
 2010-01-26 17:14:51 +01:00
Stefan Metzmacher
bbaec01b37 libcli/util: add tstream_read_pdu_blob_send/recv 
This will take the some full_request callback function
as the Samba4 packet code.

metze
 2010-01-08 14:36:43 +01:00
Kamen Mazdrashki
a2044b9a61 s4: Fix result check for getaddrinfo() 
I think this completes commit 50feca550e.
Now result should be handled correctly both for systems that
support EAI_NODATA but returns EAI_NONAME (as my Ubuntu 9.x)
and systems that doesn't support EAI_NODATA at all.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2010-01-06 14:26:32 +01:00
Andrew Tridgell
0bc902ac84 s4-sddl: DRS replication needs REVISION_ADS for SDs 
DRS replication with w2k8-r2 fails with a schema mismatch error if we
set the revision to NT4
 2010-01-02 17:28:35 +11:00
Andrew Tridgell
de94857848 s4-net: fixed finddcs to use empty SID instead of NULL sid (NDR error) 2009-12-31 17:33:53 +11:00
Jelmer Vernooij
dbd7a62baa py/security: Add test for dom_sid.split. 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-31 17:33:33 +11:00
Nadezhda Ivanova
c0883fb451 Fixed incorrect checking of PRINCIPAL_SELF permissions. 
If an ace has the PRINCIPAL_SELF as trustee, this sid has to be replaced with
the onjectSid of the object being checked. PRINCIPAL_SELF is the way to grant rights
to an account over itself.
 2009-12-17 17:25:11 +02:00
Andrew Tridgell
62dc7f6b2d s4-libcli: GUID_from_ndr_blob() is strict about the blob size 
We need to create a blob of the right length
 2009-12-10 17:51:30 +11:00
Andrew Tridgell
b4ea96ecd9 s4-libcli: use GUID_to_ndr_blob() 2009-12-10 17:51:28 +11:00
Andrew Tridgell
498f2b879a s4-libcli: use new GUID functions in libcli 2009-12-10 17:51:26 +11:00
Zack Kirsch
8ceb428c55 s4 torure: Add SMB2 utility functions 
- Add a torture_setup_dir() equivalent in SMB2, called smb2_util_setup_dir().
- Add verify_sd() and verify_attrib() helper functions for SMB2.
 2009-12-07 16:54:16 -08:00
Steven Danneman
995b4800f8 s4/libcli: add define for exclusive lock mode 2009-12-07 16:10:24 -08:00
Zachary Loafman
f26a500d9f s4 torture: Add lockread_supported based off of CAP_LOCK_AND_READ 
Signed-off-by: Tim Prouty <tprouty@samba.org>
 2009-12-03 20:21:22 -08:00
Matthieu Patou
db41a0afc6 s4: fix SD update and password change in upgrade script 
- reserve a new Samba OID for recalculate SD control
- fix the update SD function
- fix handling of kvno in the update_machine_account_password function
- fix handling of handles in RPC winreg server

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-11-28 09:56:06 +11:00
Matthias Dieter Wallnöfer
207067d1a8 s4:security/sddl - rework of the security descriptor abbreviations 
- Reoder them
- Add some new ones (needed for the security descriptor in the provision script)
 2009-11-27 22:45:43 +01:00
Steven Danneman
7f14388721 s4/libcli: rename previously reserved field in SMB2 LOCK struct 
The lock.in.reserved field has been renamed lock_sequence in the
SMB 2.1 dialect.  See MS-SMB 2.2.26.
 2009-11-25 12:55:48 -08:00
Steven Danneman
65a611ec72 s4/libcli: Initialize client PID for SMB2 connections 
Set the SMB pid to the Unix pid of the client process.
 2009-11-25 12:55:47 -08:00
Endi S. Dewata
3a8393c8aa s4:ldbcli - Added encoder/decoder for relax control. 2009-11-19 13:04:47 +11:00
Aravind Srinivasan
74471387e0 s4/libcli: add a FILE_NOTIFY_CHANGE_ALL macro 
This macro encompasses all possible file notifications that can
be raised.
 2009-11-17 17:06:26 -08:00
Nadezhda Ivanova
a97460d657 Fixed incorrect SID for RAS Servers. 2009-11-17 17:10:23 +02:00
Nadezhda Ivanova
55d2cec640 Fixed some major bugs in inheritance and access checks. 
Fixed sd creation not working on LDAP modify.
Fixed incorrect replacement of CO and CG.
Fixed incorrect access check on modify for SD modification.
Fixed failing sec_descriptor test and enabled it.
Fixed failing sd add test in ldap.python
 2009-11-15 22:31:44 +02:00
Andrew Bartlett
68639bfd64 s4:libcli/ldap Add 'relax' OID to known network representations 
This patch, inspired by a patche by Endi S. Dewata
<edewata@redhat.com>, allows this control to be passed to the LDAP
backend.

Andrew Bartlett
 2009-11-12 22:23:22 +11:00
Nadezhda Ivanova
1fc47e1228 Version 1.0 of the directory service acls module. 
At this point, support for checks on LDAP add, delete, rename and modify.
Old kludge_acl is still there to handle the searches.
This module is synchronous as the async version was impossible to debug,
will be converted to async after some user testing.
 2009-11-05 17:34:12 +02:00
Nadezhda Ivanova
25d9cc8383 Fixed some missing flags and bugs in the security creation. 
Also, added some logging. It needs improvement, possibly ability to
turn in on and off via configuration file.
 2009-11-03 13:33:30 +02:00
Nadezhda Ivanova
0abfc90ac9 Fixed a bug in object specific access checks. 2009-11-03 12:43:51 +02:00
Matthias Dieter Wallnöfer
0defcfb4f7 s4:libcli/security/access_check - Add "const" in front of "type" 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2009-10-22 10:02:38 +11:00
Andrew Tridgell
c3b09d18a8 s4-acl: SEC_FLAG_MAXIMUM_ALLOWED doesn't auto-apply privilege access masks 2009-10-17 13:01:03 +11:00
Andrew Tridgell
9da4af062b s4-security: honor more of the privilege access bits 2009-10-17 13:01:03 +11:00
Andrew Tridgell
4a4f420481 s4-libcli: fixed structure element bug in ntcreatexreadx 
This one didn't matter until the root_fid changed the alignment of the
two structures.
 2009-10-15 20:03:00 +11:00
Andrew Tridgell
3c028ff88b s4-smb: declare root_fid as a file handle 
In order to implement root_fid in the s4 SMB server we need to declare
it as a handle type, just as for other fnum values in SMB. This
required some extensive (but simple) changes in many bits of code.
 2009-10-15 20:03:00 +11:00
Matthias Dieter Wallnöfer
e9686985cb s4: Changes the old occurences of "lp_realm" in "lp_dnsdomain" where needed 
For KERBEROS applications the realm should be upcase (function "lp_realm") but
for DNS ones it should be used lowcase (function "lp_dnsdomain"). This patch
implements the use of both in the right way.
 2009-10-14 10:50:43 +02:00
Matthias Dieter Wallnöfer
44df2488e3 s4: fix various warnings (not "const" related ones) 2009-10-02 15:33:48 +02:00
Aravind Srinivasan
b529a1e987 s4/torture: Add two new SMB RAW-OPEN tests 
* Add chained NTCREATEX_READX test which first tries to open/read
  a non-existant file failing on the open, then attempts the same
  operation on a file that does exist, opening and reading
  successfully.

* Add test for open_dispositions on directories.
 2009-10-01 17:14:53 -07:00
Steven Danneman
1160d68062 s4/torture: Ported SMB oplock torture tests to SMB2 
I've ported all applicable SMB oplock torture tests to SMB2, giving us
a good base for SMB2 oplock testing.

There are several differences between oplocks in SMB and SMB2, mostly
because of differences in W2K3 and W2K8.  The existing SMB oplock
tests all pass against W2K3, but several fail against W2K8.  These
same tests were failing in SMB2, util I reworked them.

BATCH19, BATCH20: In W2K3/SMB a setfileinfo - rename command wouldn't
cause a sharing violation or break an existing oplock.  It appears that
in W2K8/SMB2 a sharing violation is raised.

BATCH22: In W2K3/SMB when a second opener was waiting the full timeout
of an oplock break, it would receive NT_STATUS_SHARING_VIOLATION after
about 35 seconds.  This bug has been fixed in W2K8/SMB2 and instead
the second opener succeeds.

LEVELII500: Added 1 new test checking that the server returns a proper
error code when a client improperly replies to a levelII to none break
notification.

STREAM1: W2K8 now grants oplocks on alternate data streams.
 2009-10-01 14:59:52 -07:00
Andrew Tridgell
5acd8bc01b s4-acl: fixed SD creation 
Thanks for Nadya and Metze for this. The SDs were being created with
invalid fields (noticed by w2k8-r2 client when joining our domain)
 2009-09-28 10:21:33 +10:00
Nadezhda Ivanova
df0d629f37 Fixed a dereferenced null pointer. 2009-09-24 18:54:14 -07:00
Nadezhda Ivanova
10c6f3f71a Initial Implementation of the DS objects access checks. 
Currently disabled. The search will be greatly modified,
also the object tree stuff will be simplified.
 2009-09-21 17:27:50 -07:00
Nadezhda Ivanova
6283f2caaa Initial implementation of security descriptor creation in DS 
TODO's:
ACE sorting and clarifying the inheritance of object specific ace's.
 2009-09-20 15:16:17 -07:00
Andrew Tridgell
92786aebf1 s4-resolve: fixed a crash bug on timeout 
We were creating the name resolution context as a child of lp_ctx,
which meant when we gave up on a connection the timer on name
resolution kept running, and when it timed out the callback crashed as
the socket was already removed.
 2009-09-19 08:23:03 -07:00
Matthieu Patou
aadf5e3910 pyldb: Don't segfault when invalid type is specified to as_sddl and from_sddl. 
Fix bug #6723
 2009-09-17 19:36:32 +02:00
Nadezhda Ivanova
d70e171719 Owner and group defaulting. 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2009-09-16 07:52:05 -07:00
Andrew Tridgell
7ded0741d9 s4-security: added a new security level SECURITY_DOMAIN_CONTROLLER 
This will be used as a simple way to lock down DRS replication to
administrators and domain controllers
 2009-09-15 19:25:45 -07:00
Andrew Bartlett
668470c992 libcli:nbt make the lmhosts parsing code and dependicies common 
This starts the process to have Samba4 use lmhosts.

Andrew Bartlett
 2009-09-15 07:42:54 -07:00
Andrew Tridgell
294e7cd566 s4/libcli: when we get a DNS lookup failure show the name 
When tracking down complex connection problems its useful knowing what
name lookups failed.
 2009-09-11 14:07:18 +10:00
Andrew Bartlett
7496095c1b s4:libcli/ldap Explain why we set a hostname for ldapi:// connections 
It is a pretty odd thing to do, and it's only because of the
restrictions of DIGEST-MD5 in Cyrus SASL that we do it.

Andrew Bartlett
 2009-08-17 11:08:42 +10:00
Stefan Metzmacher
1d75a6e224 libcli/smb: move smb2_create_blob code to libcli/smb/ 
I want to use this in source3/smbd/

metze
 2009-08-12 19:22:06 +02:00
Stefan Metzmacher
1df883aa39 libcli: move some common SMB and SMB2 stuff into libcli/smb/ 
This will hold code that's shared between source3 and source4.

metze
 2009-08-12 18:28:32 +02:00
Stefan Metzmacher
aef96af916 s4:libcli/smb2: move SMB2_GETINFO_* flags into smb2_constants.h 
metze
 2009-08-07 14:56:23 +02:00
Stefan Metzmacher
acbb9da530 s4:libcli/smb2: remove unused and redundant SMB2 security flags 
metze
 2009-08-07 14:56:23 +02:00
Stefan Metzmacher
c2c4d489b6 s4:libcli: move SMB2 Find constants to smb2_constants.h 
metze
 2009-08-07 14:56:22 +02:00
Stefan Metzmacher
21d6f276fb s4:libcli/raw: we don't need to include "smb.h" explicit 
metze
 2009-08-07 14:56:22 +02:00
Stefan Metzmacher
93ec5d27e4 s4:libcli/raw: also include smb2_constants.h into interfaces.h 
metze
 2009-08-07 14:56:21 +02:00
Andrew Tridgell
e2d4ae1510 fixed several places that unnecessarily take a reference to the event context 
These references were triggering the ambiguous talloc_free errors from
the recent talloc changes when the server is run using the 'standard'
process model instead of the 'single' process model. I am aiming to
move the build farm to use the 'standard' process model soon, as part
of an effort to make our test environment better match the real
deployment of Samba4.

The references are not needed as the way that the event context is
used is as the 'top parent', so when the event context is freed then
all of the structures that were taking a reference to the event
context were actually freed as well, thus making the references
redundent.
 2009-08-07 17:24:48 +10:00
Andrew Tridgell
ddd13c6816 handle large directories in smb2_deltree() 2009-08-05 15:05:13 +10:00
Matthias Dieter Wallnöfer
a08bffa358 Adds new error codes (needed for enhancing error messages for SAMBA 4 AD LDAP server) 2009-07-31 17:40:46 +02:00
Stefan Metzmacher
a3bcbd1775 s4:libcli/ldap: the tls code steals the original socket on its own now 
metze
 2009-07-31 14:42:05 +02:00
Stefan Metzmacher
c4274e3480 s4:libcli/ldap: add support for new Recycle Bin Feature LDAP Controls 
LDAP_SERVER_SHOW_RECYCLED_OID         1.2.840.113556.1.4.2064
LDAP_SERVER_SHOW_DEACTIVATED_LINK_OID 1.2.840.113556.1.4.2065

metze
 2009-07-23 18:04:31 +02:00
Matthias Dieter Wallnöfer
295c3724a3 Fix typo 2009-07-19 16:00:14 +02:00
Stefan Metzmacher
da737f2447 s4:libcli/smb2: add smb2_transport_credits_set_charge() to change the CreditsCharge value for the next request 
metze
 2009-07-15 10:57:32 +02:00
Stefan Metzmacher
c281638bc4 s4:libcli: move SMB2 lock flags to smb2_constants.h 
metze
 2009-07-02 22:25:49 +02:00
Andrew Tridgell
ddce3b5ac8 two more NT status codes that we get on DRS with w2k8-R2 2009-06-12 12:23:46 +10:00
Andrew Bartlett
9b261c008a s4:heimdal: import lorikeet-heimdal-200906080040 (commit 904d0124b46eed7a8ad6e5b73e892ff34b6865ba) 
Also including the supporting changes required to pass make test

A number of heimdal functions and constants have changed since we last
imported a tree (for the better, but inconvenient for us).

Andrew Bartlett
 2009-06-12 07:45:48 +10:00
Andrew Tridgell
a5003de56b fixed the encoding/decoding of the reverse attribute for server side sort 2009-06-10 11:45:53 +10:00
Sam Liddicott
ebf5523b6e s4: smbcli_transport_send hit the socket right away if possible 
[Metze; "make test" on git master outputs exactly the same test summary
with our without this patch (apart from the "using seed" lines)]

If the transport socket is writable, then push the queue along
rather than wait until the caller returns back to the tevent loop.

This strategy keeps the sockets piping hot, and is particularly good
for cases where reading requests from one socket causes lots of
writes on another socket, or where lots of writes are made in a batch.

It doesn't matter if the socket is not writeable yet, packet_queue_run
will return quite cheaply in such a case.

Signed-off-by: Sam Liddicott <sam@liddicott.com>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2009-06-09 18:51:31 +02:00
Stefan Metzmacher
d153430e32 s4:libcli/smb2: add smb2_transport_credits_ask_num() 
metze
 2009-06-09 16:49:30 +02:00
Stefan Metzmacher
5b99fa5c4f s4:libcli/smb2: only add the 1 byte dynamic buffer padding for non compounded requests 
metze
 2009-06-09 16:49:30 +02:00
Stefan Metzmacher
d777879aaa s4:libcli/smb2: add support sending compounded requests 
metze
 2009-06-09 16:49:29 +02:00
Stefan Metzmacher
81275c84d3 s4:libcli/smb2: prepare SMB2 signing code for compounded requests 
metze
 2009-06-09 16:49:29 +02:00
Kai Blin
57ea909b32 libwbclient: Add async call framework. 2009-05-30 09:17:37 +02:00
Andrew Kroeger
554923ce1b s4: Add additional 2-letter SID/RID mappings. 
Information from http://msdn.microsoft.com/en-us/library/aa379602(VS.85).aspx
 2009-05-29 12:37:26 +10:00
Stefan Metzmacher
53df343644 s4:libcli/smb2: remove old dialect revision constants 
metze
 2009-05-26 09:50:50 +02:00
Stefan Metzmacher
01b05df766 s4:libcli/smb2: use new SMB2_DIVELECT_REVISION constants 
Also send them in the order a windows client would
send them (the lowest first).

metze
 2009-05-26 09:50:43 +02:00
Stefan Metzmacher
d0051462b9 s4:libcli/smb2: add some more SMB2 constants 
metze
 2009-05-26 09:39:25 +02:00
Stefan Metzmacher
04ceabf56f s4:libcli/smb2: fix session setup with raw NTLMSSP 
metze
 2009-05-20 19:58:37 +02:00
Stefan Metzmacher
540b713075 s4:libcli/smb2: use raw ntlmssp if the server didn't provide a sec blob 
metze
 2009-05-20 19:58:37 +02:00
Stefan Metzmacher
5b55e47b71 s4:libcli/smb2: fill in transport->negotiate.secblob with the correct data 
metze
 2009-05-20 19:58:36 +02:00
Günther Deschner
9a13af9a99 s4: try to fix privileges implementation in order to pass the RPC-SAMR-USERS-PRIVILEGES test. 
Guenther
 2009-05-20 13:35:05 +02:00
Stefan Metzmacher
ac7f4fa380 s4:libcli/raw: initialy read the first 4 bytes only 
metze
 2009-05-20 10:16:42 +02:00
Jelmer Vernooij
88876ac571 errormap: Remove wbc -> NTSTATUS error map for now. It is not used. 
This was breaking the Samba 4 installation since it added dependencies
on header files we weren't installing.

Confirmed with Kai.
 2009-05-15 16:05:37 +02:00
Volker Lendecke
993bdd87b5 Move SMB2 constants to a separate file 2009-05-11 15:54:24 +02:00
Volker Lendecke
ce8f3528f1 Fix SMB2_CAP_DFS 2009-05-11 15:54:24 +02:00
Stefan Metzmacher
5604e8d614 s4:libcli: remember operating system and lan manager strings from session setup 
metze
 2009-05-01 15:46:08 +02:00
Stefan Metzmacher
b97a591e2c s4:libcli/raw: write can return STATUS_BUFFER_OVERFLOW as a real error 
We should not try to parse the result if the status is not NT_STATUS_OK.

metze
 2009-05-01 15:12:07 +02:00
nadezhda ivanova
90cc5e72ba Fix of a bug in the security.descriptor.as_sddl() method 
security.descriptor.as_sddl() method did not work correctly when invoked without
supplying the domain sid. Returned the same value as when the sid was provided.
Test added for this case in  libcli/security/tests/bindings.py

Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2009-04-23 18:21:25 +02:00
Kai Blin
c93e2d9d43 errormap: Change the WBC_ERR_UNKNOWN_ERROR to map to NT_STATUS_UNSUCCESSFUL 
This allows us to distinguish on NTSTATUS level if we got a
WBC_ERR_UNKNOWN_ERROR or WBC_ERR_NSS_ERROR.
 2009-04-23 00:23:56 +02:00
Kai Blin
7a9be21916 errormap: Add wbcErr to NTSTATUS mappings 2009-04-22 00:14:45 +02:00
Björn Jacke
42e3ae6550 libcli: fix a "not handled in switch" compile warning 
return NULL also for RAW_CLOSE_GENERIC
 2009-04-22 00:03:22 +02:00
Björn Jacke
c78a4ac7ce ѕ4: fix a "not handled in switch" compile warning 2009-04-22 00:03:21 +02:00
Jelmer Vernooij
2eff2de2f8 Move the security_descriptor utility code to the top-level. 2009-04-21 15:14:35 +02:00
Andrew Bartlett
6c9caed481 Merge commit 'origin/master' into libcli-auth-merge-without-netlogond 2009-04-20 16:53:02 +02:00
Jelmer Vernooij
5df2795ffc Add a unit test for security_descriptor.as_sddl() without arguments. 2009-04-20 15:10:29 +02:00
Andrew Bartlett
927a8b3304 Move libcli/auth to the top level 2009-04-14 14:19:39 +10:00
Zach Loafman
9d95f8704d s/NT_STATUS_WIN7_INVALID_RANGE/NT_STATUS_INVALID_LOCK_RANGE/g 2009-04-01 20:59:52 -07:00
Zach Loafman
afa71fbad9 s4:smb2: Add lease break support for SMB2.1 
Add the structures and marshalling for the lease break variants of the
oplock break / oplock break ack messages.
 2009-04-01 08:30:25 -07:00
Zach Loafman
92f3686c96 s4:smb2: Add rudimentary SMB2.1 lease support to libcli 
Add the structures, constants, and marshalling for SMB2.1 leases.
 2009-03-28 01:01:47 -07:00
Jelmer Vernooij
c42fc5e103 display_sec: Move to common libcli/security directory. 2009-03-25 21:29:13 +01:00
Stefan Metzmacher
84a140f187 move source4/libcli/cldap => libcli/cldap 
metze
 2009-03-19 16:25:59 +01:00
Stefan Metzmacher
c600e8ef42 s4:cldap: rewrite the cldap library based on tsocket 
metze
 2009-03-19 16:25:59 +01:00
Zach Loafman
8595f260eb s4 libcli: Add back Longhorn beta dialect as a constant 
Also tweak how the dialect array and count is initialized.
 2009-03-18 11:03:33 -07:00
Zach Loafman
7bf2a213cd s4 torture: Add a string version for NT_STATUS_WIN7_INVALID_RANGE 
Also submitted a request to cifs-protocol for a real name for this
thing. Use win7 target logic in smb2 lock test, SMB2-LOCK now passes
against Win7.
 2009-03-17 13:43:27 -07:00
Zach Loafman
6c08e329fa s4 libcli: Add SMB2.1 dialect to libcli 
Negotiate 2.1 if possible, leave negotiate results in
transport->negotiate.dialect_revision.
 2009-03-17 13:43:27 -07:00
Stefan Metzmacher
df145c3382 s4:errormap: map ECANCELED to NT_STATUS_CANCELLED 
metze
 2009-03-06 07:31:33 +01:00
Jelmer Vernooij
9551ab8f7b Merge branch 'master' of git://git.samba.org/samba into convenience 2009-03-01 22:25:57 +01:00
Jelmer Vernooij
7ab8f373c8 Use common header file for character set handling in Samba 3 and Samba 4. 2009-03-01 22:24:34 +01:00
Jelmer Vernooij
8568b4fa9f Add header files for secace and secacl. 2009-03-01 20:06:55 +01:00
Jelmer Vernooij
94069bd274 s4: Use same function signature for convert_* as s3. 2009-03-01 19:55:46 +01:00
Jelmer Vernooij
da6721e323 Move secacl to top-level. 2009-03-01 18:15:36 +01:00
Jelmer Vernooij
99b288156f Move secace.c to top-level. 2009-03-01 18:00:26 +01:00
Jelmer Vernooij
9ffb6d2d9e Add allow_badcharcnv argument to all conversion function, for 
consistency with Samba 3.
 2009-03-01 06:33:40 +01:00
Stefan Metzmacher
f6b0a99cef libcli/ldap: move generic ldap control encoding code to ldap_message.c 
As they can we static there, we pass the specific handlers as parameter
where we need to support controls.

metze
 2009-02-24 17:55:41 +01:00
Stefan Metzmacher
7b1c5c94f6 s4:libcli/ldap: don't use 'void **out' as arguments as the behavior is not defined in C. 
metze
 2009-02-24 17:55:41 +01:00
Stefan Metzmacher
18b30e5646 libcli/ldap: move ldap_ndr from source4/ to toplevel 
metze
 2009-02-24 17:55:40 +01:00
Stefan Metzmacher
ef0fa403f1 libcli/ldap: move ldap_errors.h to the toplevel and install it 
metze
 2009-02-24 17:55:39 +01:00
Stefan Metzmacher
536318549f libcli/ldap: move ldap_message.[ch] from source4/ to the toplevel 
metze
 2009-02-24 17:55:39 +01:00
Stefan Metzmacher
1ab9c1a402 s4:libcli/ldap: remove reference to DEBUG() 
This prepares using ldap_message.c in source3/ later

metze
 2009-02-24 17:55:38 +01:00
Stefan Metzmacher
12184d4132 s4:libcli: split out LIBCLI_LDAP_MESSAGE subsystem 
metze
 2009-02-24 17:55:37 +01:00
Andrew Tridgell
bb7e6f0f51 Worked around a problem with select/poll/epoll and gnutls 
Our packet layer relies on the event system reliably telling us when a
packet is available. When we are using a socket layer like TLS then
things get a bit trickier, as there may be bytes in the encryption
buffer which could be read even if there are no bytes at the socket
level. The GNUTLS library is supposed to prevent this happening by
always leaving some data at the socket level when there is data to be
processed in its buffers, but it seems that this is not always
reliable.

To work around this I have added a new packet option
packet_set_unreliable_select() which tells the packet layer to not
assume that the socket layer has a reliable select, and to instead
keep trying to read from the socket until it gets back no data. This
option is set for the ldap client and server when TLS is negotiated.

This seems to fix the problems with the ldaps tests.
 2009-02-18 17:37:45 +11:00
Stefan Metzmacher
3c9ad421fb s4:libcli/ldap: use const char * const *attributes as in all other places 
metze
 2009-02-13 13:44:36 +01:00
Stefan Metzmacher
f023bf94f1 s4:libcli/smb2: fix c++ warning 
metze
 2009-02-05 18:18:33 +01:00
Stefan Metzmacher
0963028d1d s4:libcli: remove unused line in config.mk 
metze
 2009-02-02 15:16:10 +01:00
Stefan Metzmacher
9c387c189e s4:resolve/dns_ex: undefine class because it's used in heimdal/lib/roken/resolve.h 
metze
 2009-02-02 13:09:08 +01:00
Stefan Metzmacher
87ce6b198a s4:libcli/raw: s/class/eclass 
metze
 2009-02-02 13:09:08 +01:00
Stefan Metzmacher
0ac7792e02 s4:libcliraw: s/private/private_data 
metze
 2009-02-02 13:08:51 +01:00
Stefan Metzmacher
e5e0a06485 s4:wrepl_request: s/private/private_data 
metze
 2009-02-02 13:08:50 +01:00
Stefan Metzmacher
476aa1f00d s4:smb2: s/private/private_data 
metze
 2009-02-02 13:08:49 +01:00
Stefan Metzmacher
e08dfe008e s4:dgram: s/private/private_data 
metze
 2009-02-02 13:08:48 +01:00
Stefan Metzmacher
1bb0104070 s4:cldap: s/private/private_data 
metze
 2009-02-02 13:08:42 +01:00
Stefan Metzmacher
096b4a9bd0 s4:libcli/smb2: s/class/info_class 
metze
 2009-02-02 13:08:39 +01:00
Stefan Metzmacher
58ca4d4e31 s4:libcli/wrepl: s/private/private_data 
metze
 2009-02-02 13:08:28 +01:00
Stefan Metzmacher
71e318cf31 s4:libcli/smb2: s/private/private_data 
metze
 2009-02-02 13:08:28 +01:00
Stefan Metzmacher
1ee4bbec1a s4:libcli/raw: s/private/private_data 
metze
 2009-02-02 13:08:28 +01:00
Stefan Metzmacher
0db079b9eb s4:libcli/dgram: s/private/private_data 
metze
 2009-02-02 13:08:27 +01:00
Stefan Metzmacher
8d37900828 s4:libcli/clilist.c: s/private/private_data 
metze
 2009-02-02 13:08:26 +01:00
Stefan Metzmacher
ea7ea27f2f s4:libcli/cldap: s/private/private_data 
metze
 2009-02-02 13:08:26 +01:00
Kai Blin
07aa05f678 shared: Move dom_sid_* utility functions to top level 2009-02-01 19:42:30 +01:00
Stefan Metzmacher
5f13710ced s4:irpc: avoid c++ reserved word 'private' 
metze
 2009-02-01 00:17:20 +01:00
Simo Sorce
380874ef86 Fix the mess with ldb includes. 
Separate again the public from the private headers.

Add a new header specific for modules.
Also add service function for modules as now ldb_context and ldb_module are
opaque structures for them.
 2009-01-30 01:02:03 -05:00
Jelmer Vernooij
a4afed1e9a Implement as_sddl. 2009-01-22 14:49:51 +01:00
Jelmer Vernooij
fc50f7ecba Support parsing sddl for security descriptors. 2009-01-22 14:37:59 +01:00
Stefan Metzmacher
d5b7240ac5 libcli/wrepl: return the major version of the server in wrepl_associate() 
metze
(from samba4wins tree 1ea02d50d1607b94e15ff07568fa5056cb6e4f09)
 2009-01-19 07:05:53 +01:00
Stefan Metzmacher
9967907190 util_str: setup the correct talloc name for strings 
metze
(partly from samba4wins tree 447e7f9532131117e896712db9def321c96718eb)
 2009-01-19 07:05:21 +01:00