1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
Commit Graph

7167 Commits

Author SHA1 Message Date
Andrew Tridgell
4298fab790 r11436: this is work in progress for generating the schema we need for our ADS
ldap server. It's still not quite right, and I'm chasing down a few
errors that mmc throws up, but its a lot closer than it was. I had to
change the approach quite substantially over the last couple of days,
but this approach now seems to be working out.
(This used to be commit 38ea11510c)
2007-10-10 13:45:37 -05:00
Stefan Metzmacher
187b7a9e53 r11429: - add owned,active,sgroup vs. unique, group and mhomed replica
special group vs. special group will be done later

metze
(This used to be commit 25a35c6977)
2007-10-10 13:45:36 -05:00
Stefan Metzmacher
18a98ecd7a r11426: add owned,active,normalgroup vs. * replica sections
metze
(This used to be commit 70166bb2a9)
2007-10-10 13:45:36 -05:00
Stefan Metzmacher
e173352f1b r11425: add owned,active,unique vs. multi homed section
metze
(This used to be commit a70cf6f87b)
2007-10-10 13:45:36 -05:00
Volker Lendecke
8f91998e04 r11424: Fix an uninitialized variable warning
(This used to be commit fed26bc4fd)
2007-10-10 13:45:36 -05:00
Volker Lendecke
4bb85c2939 r11423: Add some TALLOC_CTX
(This used to be commit a043ef33dc)
2007-10-10 13:45:36 -05:00
Volker Lendecke
5ca7979b2c r11422: Remove unused args
(This used to be commit d5aef4e2f9)
2007-10-10 13:45:35 -05:00
Stefan Metzmacher
f07cb3f35f r11419: add owned,unique,active vs. special group replica section
metze
(This used to be commit 061e2e67da)
2007-10-10 13:45:35 -05:00
Stefan Metzmacher
bc5e112f5b r11418: - add unique,owned,active vs. normal group section
- we handle incoming release demands for that

metze
(This used to be commit 1db4d8e456)
2007-10-10 13:45:35 -05:00
Jelmer Vernooij
b839c75c5d r11417: Add TODO for the build system
(This used to be commit ad0019ad4e)
2007-10-10 13:45:35 -05:00
Stefan Metzmacher
4400cf2c31 r11416: add some more comments
metze
(This used to be commit dccaceee18)
2007-10-10 13:45:35 -05:00
Stefan Metzmacher
7675309bd7 r11415: - create a seperate nbt socket for handling incoming packets
- remove useless .release attribute, we have seperate tests for this
  now
- add first owned,active vs. replica test, including handling incoming
  name queries from the server

metze
(This used to be commit 7843b6c5c8)
2007-10-10 13:45:34 -05:00
Andrew Bartlett
87d9cd202a r11414: Add passing around of logon_parameters to Samba4 auth_winbind
Andrew Bartlett
(This used to be commit 7e3c22f57b)
2007-10-10 13:45:34 -05:00
Andrew Bartlett
55c6d93184 r11413: More comments, plus always check (and update) the credentials chain,
regardless the authentication result on a particular user.

Andrew Bartlett
(This used to be commit 2ee7ed000e)
2007-10-10 13:45:34 -05:00
Andrew Bartlett
ceff9881e4 r11412: These comments may not be much, but my eyes scan code with even
minimal comments much better (much like volker scans code of less than
80 cols better ;-)

Andrew Bartlett
(This used to be commit 8800e9b5b0)
2007-10-10 13:45:34 -05:00
Andrew Bartlett
0f44011f6f r11411: Add to Samba4 the Samba3 patch I just posted for machine account
logins (changing the winbindd interface).

Clean up the wbsrv_samba3_async_epilogue() handling, as it was mixing
auth and other replies, such that all replies were having the auth
error strings set.  We now do a better job of filling in the right
errors in the right places.

Andrew Bartlett
(This used to be commit 8ed975df52)
2007-10-10 13:45:33 -05:00
Andrew Bartlett
56d3064db6 r11410: Fix rejoin as a BDC by modifying, rather than trying to recreate, the
server reference.

Andrew Bartlett
(This used to be commit 302219928f)
2007-10-10 13:45:33 -05:00
Andrew Bartlett
4e65f39ca9 r11409: The use of 'password server = ' here is still bogus, but for now at
least don't allow binding to become uninitialised.

Andrew Bartlett
(This used to be commit e754234a17)
2007-10-10 13:45:33 -05:00
Andrew Tridgell
da048ad7ca r11408: fixed the mapping of ldb errors to ldap errors in the ldap server
(This used to be commit 647cb90360)
2007-10-10 13:45:33 -05:00
Andrew Bartlett
9bdc1a77f5 r11407: Push 'recreate account' logic into libnet/libnet_join.c. We don't
return the pesky USER_EXISTS 'error' code any more, and it is much
easier to handle this inline.

Andrew Bartlett
(This used to be commit a7eb796cf5)
2007-10-10 13:45:32 -05:00
Andrew Bartlett
b4b155c970 r11406: Clean up uninitialised value warnings found by -01.
The warnings were caused by the structure assignements, which we don't
need to do.  The actual values are filled in by the NDR layer later.

Andrew Bartlett
(This used to be commit f140117535)
2007-10-10 13:45:32 -05:00
Andrew Bartlett
6779373ec4 r11405: Ensure we can never have secret4 be uninitialised. Found after
volker's urging on the use of -O1.

Andrew Bartlett
(This used to be commit 6a7bb391ba)
2007-10-10 13:45:32 -05:00
Andrew Bartlett
b1d3d75c68 r11404: Another torture test and a new WERR.
Andrew Bartlett
(This used to be commit de83b8cd18)
2007-10-10 13:45:32 -05:00
Andrew Tridgell
375fe21ad6 r11403: improved the error handling in the ildap ldb backend. Now passes
through all ldap errors except on search. Search errors are only
available via ldb_errstring() until we decide how to fix ldb_search().
(This used to be commit c192bcb79d)
2007-10-10 13:45:31 -05:00
Andrew Bartlett
56b4e4b62c r11402: In response to comments by volker, expand our Netlogon DsRGetDCName
IDL and testsuites.  The server-side of this remains a stub, we should
probably be doing ldb searches for the server reference record.

Andrew Bartlett
(This used to be commit 0141ed309a)
2007-10-10 13:45:31 -05:00
Andrew Bartlett
cfa2adf040 r11401: A simple hack to have our central credentials system deny sending LM
authentication for user@realm logins and machine account logins.

This should avoid various protocol downgrade attacks.

Andrew Bartlett
(This used to be commit 76c2d204d0)
2007-10-10 13:45:31 -05:00
Stefan Metzmacher
fb2bceea6e r11400: fix compiler warnings
metze
(This used to be commit a29a107d95)
2007-10-10 13:45:31 -05:00
Andrew Bartlett
d0831d27a5 r11399: Add another case where we need to fallback, if the KDC isn't there.
Andrew Bartlett
(This used to be commit e82fbb58dd)
2007-10-10 13:45:31 -05:00
Andrew Bartlett
12d4dd28a5 r11394: Allow KDC unreachable as another 'forget about gssapi' error on SPNEGO.
Andrew Bartlett
(This used to be commit da24074860)
2007-10-10 13:45:30 -05:00
Andrew Bartlett
5e456b38ed r11393: Avoid error messages and get more correctness with long plaintext passwords.
Andrew Bartlett
(This used to be commit cb0b3c0057)
2007-10-10 13:45:30 -05:00
Volker Lendecke
0ea06b97c2 r11392: After confirmation from Love, fix a compiler warning
(This used to be commit a0b4036ba6)
2007-10-10 13:45:30 -05:00
Jelmer Vernooij
66014ca14d r11391: Add includedir to the list of directories to create
(This used to be commit dab450a501)
2007-10-10 13:45:30 -05:00
Jelmer Vernooij
fc6bdfa8be r11388: Move dot-generating to a seperate perl executable
(This used to be commit 31406f7aa5)
2007-10-10 13:45:30 -05:00
Jelmer Vernooij
3f2136b919 r11387: Remove pidl from the default 'install' target as it doesn't obey the
user specified install paths.
(This used to be commit d537a35ec3)
2007-10-10 13:45:29 -05:00
Jelmer Vernooij
42c5211bf4 r11386: Add install rule for pidl
(This used to be commit b740d0d280)
2007-10-10 13:45:29 -05:00
Jelmer Vernooij
773f0ecf5a r11385: Fix issues in module.c. Calling function should pass in path
to directory rather then subsystem name now.
(This used to be commit 2a868ab3b5)
2007-10-10 13:45:29 -05:00
Jelmer Vernooij
a4e7bf3a89 r11382: Require number of required M4 macros
Make MODULE handling a bit more like BINARY, LIBRARY and SUBSYSTEM
Add some more PUBLIC_HEADERS
(This used to be commit 875eb8f4cc)
2007-10-10 13:45:29 -05:00
Volker Lendecke
5a67b508d8 r11378: Fix an uninitialized variable warning. Tridge, I'm 99.999% sure this was a
simple cut&paste error, but you might recheck this.

Volker
(This used to be commit 55b5b100e9)
2007-10-10 13:45:29 -05:00
Jelmer Vernooij
93fd08168f r11377: Add support for building LIBRARY elements as shared libraries:
- Adds -rpath bin/ so you don't have to install Samba in order to use compiled binaries.
 - Writes out pkg-config files when building shared libs
 - Supports automatic fallback to MERGEDOBJ (which is the default) or
   OBJ_LIST (if ld -r is not supported)

Building with shared libs reduces the size of the Samba binaries from
197 Mb to 60 Mb (including libraries) on my system (GCC4, with debugging).

To build with shared libraries support enabled, run:

LIBRARY_OUTPUT_TYPE=SHARED_LIBRARY ./config.status

init functions don't get called correctly yet when using shared libs, so
you won't be able to actually run anything with success :-)

Once init functions are done, I'll look at support for loading shared
modules once again.

Based on a patch by Peter Novodvorsky (nidd on IRC).
(This used to be commit 0b54405685)
2007-10-10 13:45:28 -05:00
Andrew Bartlett
17f8b87cb0 r11374: On request from VL, put the plaintext auth patch in.
I still have some gremlins that get in the my way in testing this.

Andrew Bartlett
(This used to be commit 3353e906ad)
2007-10-10 13:45:28 -05:00
Andrew Bartlett
4378c3c9cc r11373: Handle an apparent alias in NBT ntlogin replies.
Andrew Bartlett
(This used to be commit 51d55d2211)
2007-10-10 13:45:28 -05:00
Andrew Bartlett
a2b93c3f5f r11372: Now RPC-SAMLOGON works, place it into the default 'make test'.
Andrew Bartlett
(This used to be commit 381c4f9fef)
2007-10-10 13:45:28 -05:00
Andrew Bartlett
ea2d6d482f r11371: Fix the ntlm_auth build.
Andrew Bartlett
(This used to be commit 708476d0b2)
2007-10-10 13:45:27 -05:00
Andrew Bartlett
546f63df5b r11370: Samba4 now passes it's own RPC-SAMLOGON test again.
This avoids the nasty user@DOMAIN test for now, as it has very odd
semantics with NTLMv2.

Allow only user accounts to do an interactive login.

Andrew Bartlett
(This used to be commit 690cad8083)
2007-10-10 13:45:27 -05:00
Volker Lendecke
134b2488c8 r11369: Implement socket_connect_multi: Connect to multiple ipv4 tcp ports in
sequence, with a 2-millisecond timeout between firing the syn packets. Build
smbcli_sock_connect_send upon that.

Volker
(This used to be commit 5718df44d9)
2007-10-10 13:45:27 -05:00
Andrew Bartlett
3dc75cc84f r11367: Ensure to intialise the new logon_parameters (0 for session setups).
Andrew Bartlett
(This used to be commit abff53b633)
2007-10-10 13:45:26 -05:00
Andrew Bartlett
152988a828 r11366: Pass around the flags which indicate if we should support plaintext
logins and NTLM machine account logins.

Andrew Bartlett
(This used to be commit 421e64c2b4)
2007-10-10 13:45:26 -05:00
Andrew Tridgell
ea4ad9152a r11365: fixed a comment typo
(This used to be commit 3333d71ab6)
2007-10-10 13:45:26 -05:00
Andrew Tridgell
804cf59a48 r11364: added a ldb_attr_dn() function for testing if an attribute name is
"dn" or "distinguishedName". This makes us a bit more consistent
(This used to be commit b41b374b55)
2007-10-10 13:45:26 -05:00
Andrew Tridgell
c5b99e3c69 r11363: fixed a problem with provisioning when hklm already exists (the
problem is really caused by hklm not having objectclass attributes on
its records, but this is a workaround)
(This used to be commit 62d5253a03)
2007-10-10 13:45:26 -05:00