sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-03-05 20:58:40 +03:00
Code
17,102 Commits 62 Branches 1,154 Tags
Commit Graph

17102 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Oliver Liebel
805dd85291 Generate Multi-Master Replication configuration for OpenLDAP 
This patches provision-backend and the related scripts to generate the
correct configuration blobs for N-way multi-master replication using
OpenLDAP.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
(This used to be commit 6ed0b3f2475022288f636605492ca27fde97cd52)
 2008-08-19 12:03:04 +10:00
Andrew Bartlett
4bdb752cc5 Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartlet 
(This used to be commit b4b14b748e6babc93faee23fe8f5c03ec2d25cbb)
 2008-08-15 20:41:50 +10:00
Andrew Bartlett
16112762e7 Generate the subSchema in cn=Aggregate 
This reads the schema from the in-memory structure, when the magic
attributes are requested.  The code is a modified version of that used
in the ad2oLschema tool (now shared).

The schema_fsmo module handles the insertion of the generated result.

As such, this commit also removes these entries from the setup/schema.ldif

Metze's previous stub of this functionality is also removed.

Andrew Bartlett
(This used to be commit c7c32ec7b42bdf0f7b669644516438c71b364e60)
 2008-08-15 20:40:57 +10:00
Andrew Bartlett
e387677f51 Rework generation of the objectClass and attributeType lines. 
Now that these are subroutines, we can factor them out into a file the
CN=Aggregate schema code can also use.

Andrew Bartlett
(This used to be commit e3591a6a35ddb60398a03a4fa0545cc6158946ef)
 2008-08-15 13:18:48 +10:00
Andrew Bartlett
a3faed4bfe Paramaterise the seperator in ad2OLschema 
This will allow me to add a new mode, with the CN=Aggregate schema
format automatically generated.

Andrew Bartlett
(This used to be commit 7d2a890a7077e446e45527847f78bba84d22bc4c)
 2008-08-15 12:08:10 +10:00
Andrew Bartlett
427b3baba3 Don't segfault in RPC-ATSVC. 
(This used to be commit e711f7d26a632ec93c1e2a3db52c37e1c0de4214)
 2008-08-15 09:46:51 +10:00
Stefan Metzmacher
c1c6c1b609 RAW-OPEN: be more strict in create_option checking 
metze
(This used to be commit d548f5dee5980eae0aea25f1314238eb4f963568)
 2008-08-14 15:14:53 +02:00
Stefan Metzmacher
e75f1072b6 Revert "krb5: always generate the acceptor subkey as the same enctype as the used service key" 
This reverts commit dbb94133e0313cae933d261af0bf1210807a6d11.

As we fixed gensec_gssapi to only return a session key when it's
have the correct session key, this hack isn't needed anymore.

metze
(This used to be commit 697cd1896bccaa55ee422f17d9312d787ca699ed)
 2008-08-14 13:13:52 +02:00
Stefan Metzmacher
69d074af81 gsskrb5: always return an acceptor subkey 
For non cfx keys it's the same as the intiator subkey.
This matches windows behavior.

metze
(This used to be commit 6a8b07c39558f240b89e833ecba15d8b9fc020e8)
 2008-08-14 13:13:52 +02:00
Stefan Metzmacher
26853e4607 gensec_gssapi: only cache the session key in STAGE_DONE 
The key may change because we switch from initiator to acceptor
subkey.

metze
(This used to be commit 66244092a457b2cde6339cb31dcfa73b122ba9b5)
 2008-08-14 13:13:52 +02:00
Stefan Metzmacher
affba1f75c SMB2-CREATE: add a special test for FILE_ATTRIBUTE_ENCRYPTED 
Some standalone server (and samba4) doesn't support this.

metze
(This used to be commit 6d8fd4c0089d7e632ec91027a77321aca8c6acc7)
 2008-08-14 13:13:52 +02:00
Stefan Metzmacher
d6abf13510 SMB2-CREATE: be more strict in checking file attributes 
metze
(This used to be commit ba9d0f6b3c60346df757e7c4c3f5704c0bf26d11)
 2008-08-14 13:13:51 +02:00
Stefan Metzmacher
80f2f10839 SMB2-CREATE: be more strict in error checking 
metze
(This used to be commit d7d4df78c1de19d0cd7a63daaa2fa0863a243a12)
 2008-08-14 13:13:51 +02:00
Stefan Metzmacher
548ed8d958 ntvfs_generic: fix handling of create_options for SMB2 
metze
(This used to be commit cbd585d2a1e179615eba773cb07385524369c686)
 2008-08-14 13:13:51 +02:00
Stefan Metzmacher
2a336a63d7 libcli/smb2: add SMB2_CREATE_OPTIONS_NOT_SUPPORTED_MASK 
SMB2 returns NOT_SUPPORTED to some more NTCREATE_OPTIONS.

metze
(This used to be commit 3ea08d430370717463ffab44fed9c42db1002d97)
 2008-08-14 13:13:51 +02:00
Stefan Metzmacher
cc60d5a032 pvfs: fix handling of create_option flags 
metze
(This used to be commit 3c6cadf76861d6522c5ec41953df1ba2fac4910d)
 2008-08-14 13:13:51 +02:00
Stefan Metzmacher
dbcdbb3348 libcli/raw: fix the special NTCREATE_OPTIONS_*_MASK values 
We now reuse ignored values for the ntvfs backend private flags.

metze
(This used to be commit 14eda93aeface307e1ffd1ea012d8f236fa78290)
 2008-08-14 13:13:50 +02:00
Stefan Metzmacher
2a36568129 smb2srv: async replies with STATUS_PENDING are not signed 
..., but the they may have the sign flag set.

metze
(This used to be commit 43e43dead030f6bffd06631007fdb162c3c6b2b5)
 2008-08-14 13:13:50 +02:00
Stefan Metzmacher
0294c678c0 smb2srv: sign replies when the request was also signed 
metze
(This used to be commit dd2f4f7a491debcc30e590f571272afd99e52940)
 2008-08-14 13:13:50 +02:00
Stefan Metzmacher
4a214dba30 smb2srv: use defines instead of hex values 
metze
(This used to be commit 7c4abf6614c47471ae005a12abe27d85890d867f)
 2008-08-14 13:13:50 +02:00
Stefan Metzmacher
f086e796d6 libcli/smb2: use smb2 signing in auto mode if the server supports it 
metze
(This used to be commit fe74faf13dc64eaa58d757de156aedcb24abed1f)
 2008-08-14 13:13:49 +02:00
Stefan Metzmacher
be92e7fc11 libcli/smb2: we don't need check the same thing twice... 
metze
(This used to be commit 1380fb954a7d9d4b543c4650a060fef9f357af7b)
 2008-08-14 13:13:49 +02:00
Stefan Metzmacher
be0a45d865 libcli/smb2: async replies with STATUS_PENDING are not signed 
metze
(This used to be commit 3f6cbece4a199a42ad6583ea4bd4302629399625)
 2008-08-14 13:13:49 +02:00
Stefan Metzmacher
150d7a1623 pidl: fix samba4.pidl.samba3-cli test 
metze
(This used to be commit 0449a5c8267873d7986c7c50adce57029192c456)
 2008-08-14 13:13:49 +02:00
Stefan Metzmacher
8b585deae4 NBT-WINSREPLICATION: be more robust to timing errors 
Also reenable disabled tests.

metze
(This used to be commit 76878a9c798e0acb0387b8352972d66db989c09a)
 2008-08-14 13:13:48 +02:00
Andrew Tridgell
336f6810ce expanded the SMB2-CREATE and RAW-OPEN tests to explore more of how the 
create options fields are supposed to work
(This used to be commit 0576875eccaa21ad529c9db41db91781ad400d0f)
 2008-08-14 17:26:30 +10:00
Andrew Tridgell
0eb1840994 cope with arbitrary unknown pac buffer types, so when MS adds 
a new one we don't break our server
(This used to be commit 5e08b285319e35afd3a9a6e6f5f59145350f2d80)
 2008-08-14 15:27:48 +10:00
Andrew Tridgell
88ec1aead4 cope with not knowing the kdc key 
(This used to be commit 7e48dad4c7724f3f11236171a777603574224c42)
 2008-08-14 15:27:22 +10:00
Stefan Metzmacher
8c0fbbf6e9 gensec_gssapi: add support for GENSEC_FEATURE_NEW_SPNEGO 
metze
(This used to be commit 9246924effd4d0b08ca1ef87e45ad510020df93e)
 2008-08-12 16:21:40 +02:00
Stefan Metzmacher
588cc81760 gensec_gssapi: fix compiler warnings 
metze
(This used to be commit f4f4bb7fe977301e468ab164ba750b69d9a92306)
 2008-08-12 16:21:40 +02:00
Stefan Metzmacher
b686328039 gensec_gssapi: add a function to load the lucid structure once 
metze
(This used to be commit daa986d1d04e59550bb5d33b5075daa414d087ba)
 2008-08-12 16:21:39 +02:00
Stefan Metzmacher
8ba2041bf3 gensec: add support for new style spnego and correctly handle mechListMIC 
metze
(This used to be commit 05a3403967d3cf64bca8b06536dc1b20cf835396)
 2008-08-12 16:21:39 +02:00
Stefan Metzmacher
0965b22ec5 dcerpc.idl: remove used DCERPC_MAX_SIGN_SIZE 
metze
(This used to be commit 54b873e49ff363609632fa2862208bf6b4c1b6ed)
 2008-08-11 18:15:59 +02:00
Stefan Metzmacher
97f59cb190 rpc_server: correct the chunk_size depending on the signature size 
metze
(This used to be commit 20fc0d7bfdaa60d6a8ac939dc64733a91652587e)
 2008-08-11 18:15:59 +02:00
Stefan Metzmacher
eb81a62d14 librpc/rpc: correct the chunk_size depending on the signature size 
metze
(This used to be commit 50eb0e726405580dc5ca3a8a3b15f3bd674f722a)
 2008-08-11 18:15:59 +02:00
Stefan Metzmacher
802b4596fe dcerpc.idl: add DCERPC_AUTH_TRAILER_LENGTH 
metze
(This used to be commit ce36448d74b0c6cdf8928e10c088bf0248a95cf7)
 2008-08-11 18:15:58 +02:00
Stefan Metzmacher
50fb2059c0 gensec_gssapi: use the correct signature size for cfx/rfc4121 style signatures 
metze
(This used to be commit fcabe24f96c9677146ca754a502f336c23050339)
 2008-08-08 15:30:06 +02:00
Stefan Metzmacher
5569132f45 gsskrb5: try to be compatible with windows for gss_wrap* and cfx 
The good thing is that windows and heimdal both use EC=0
in the non DCE_STYLE case, so we need the windows compat hack
only in DCE_STYLE mode.

metze
(This used to be commit 0fa41a94e466d5e11bcf362ccd8ff41b72733d1a)
 2008-08-08 15:29:17 +02:00
Stefan Metzmacher
dd35840d9b gensec_gssapi: use gsskrb5_get_subkey() to get the session key 
This is needed to get the correct key, when aes keys are used.

metze
(This used to be commit 7587a7d8b65f27a5865d6873f63a450488da02c9)
 2008-08-08 15:29:16 +02:00
Stefan Metzmacher
610b1ada15 krb5: always generate the acceptor subkey as the same enctype as the used service key 
With this patch samba4 can use gsskrb5_get_subkey() to get the session key.

metze
(This used to be commit dbb94133e0313cae933d261af0bf1210807a6d11)
 2008-08-08 15:29:16 +02:00
Stefan Metzmacher
4ad02f5185 gsskrb5: add support for DCE_STYLE and des and des3 keys 
Only the des keys are tested as windows doesn't support des3

metze
(This used to be commit 86848dd0f217774faed81af8fbf68618013e20a1)
 2008-08-08 12:52:14 +02:00
Andrew Bartlett
bf0f1f6d1a Always set a session key, even for the 'no password' case. 
This is for bug 5664 reported by Tom <hto@arcor.de>.

Andrew Bartlett
(This used to be commit b345c9cf535af35c83da040ac965d9690dc802fe)
 2008-08-08 14:06:42 +10:00
Andrew Bartlett
08d20ece96 Clarify comment 
(This used to be commit 580cce9de38ddd9d59b272b58caadce528321d09)
 2008-08-08 14:06:40 +10:00
Andrew Bartlett
a0b5ec7797 We can't use ndr_pull_struct_blob_all in combinatin with relative pointers 
(This used to be commit d0a128f35b259d4891edc68fc24aa04a6da7aab7)
 2008-08-08 10:41:48 +10:00
Stefan Metzmacher
9bf122145f lib: prepare the build of zlib 
metze
(This used to be commit 159df68c04c9ae437ab48991154e91161ef72754)
 2008-08-07 19:16:00 +02:00
Stefan Metzmacher
ed3bdf38d7 zlib: add inflateReset2()... 
metze
(This used to be commit 2a4fb661d7e3d601a5eb9ccecb4d4f2b07073097)
 2008-08-07 19:16:00 +02:00
Stefan Metzmacher
05235802f7 import of zlib-1.2.3 
We want to use zlib for the mszip ndr (de)compression
later, we'll need to add some new functions to zlib.

metze
(This used to be commit 65c9e91a1bb24851a030a304d011558562cc50d6)
 2008-08-07 19:15:59 +02:00
Stefan Metzmacher
8275d511bc drsuapi: fix callers after idl change 
metze
(This used to be commit 7dee6fb62d5adbd2eaaaf4d8ba9e87a72ef9f94b)
 2008-08-07 19:15:58 +02:00
Stefan Metzmacher
8a01bdc99a drsuapi.idl: directly use mszip in level 2 
This fixes the push because the switch_level doesn't work
otherwise because the pointer is the same as for
the outer switch_level.

metze
(This used to be commit a4c81ee68c91b2d7a9abe668e8b23246c5c9b00d)
 2008-08-07 18:44:49 +02:00
Stefan Metzmacher
746d3c8ff9 rpc_server: add support for DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN 
you need "dcesrv:header signing=yes" to enable it.

metze
(This used to be commit bde2496e6b7034c99243b22434a97aebeb8f75b9)
 2008-08-07 15:40:20 +02:00