sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-06 13:18:07 +03:00
Code
57,479 Commits 60 Branches 1,144 Tags 452 MiB
8e2bbb8a33
Commit Graph

57479 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Günther Deschner
bb01aae1b9 s3-kerberos: use smb_krb5_get_credentials in ads_krb5_mk_req. 
Guenther
 2009-11-06 13:34:04 +01:00
Günther Deschner
60bf0eb607 s3-kerberos: modify cli_krb5_get_ticket to take a new impersonate_princ_s arg. 
Guenther
 2009-11-06 13:31:17 +01:00
Günther Deschner
6ca8a40976 s3-net: better use memory credential cache in net_ads_kerberos_pac(). 
Guenther
 2009-11-06 12:51:29 +01:00
Günther Deschner
58184b5fd4 s3-net: allow to call "net ads kerberos pac <impersonation principal> -P". 
Guenther
 2009-11-06 12:44:45 +01:00
Günther Deschner
5e26622510 s3-kerberos: add impersonate_principal for kerberos_return_pac_X calls. 
Guenther
 2009-11-06 12:44:15 +01:00
Günther Deschner
4ffbfc4475 s3-kerberos: add smb_krb5_get_tkt_from_creds(). 
Guenther
 2009-11-06 12:43:46 +01:00
Günther Deschner
bb75f713d6 s3-kerberos: fix some build warnings when building against heimdal. 
Guenther
 2009-11-06 12:43:33 +01:00
Günther Deschner
35dcc133c9 s3-kerberos: add smb_krb5_get_{creds,credentials} incl. support for S4U2SELF impersonation. 
Guenther
 2009-11-06 12:43:03 +01:00
Günther Deschner
0729df3661 s3-kerberos: remove duplicate prototype. 
Guenther
 2009-11-06 12:43:03 +01:00
Günther Deschner
17ef153b68 s3-kerberos: add smb_krb5_parse_name_flags(). 
Guenther
 2009-11-06 12:43:03 +01:00
Günther Deschner
2cd507fe14 s3-kerberos: add configure checks for krb5_get_creds_X api. 
Guenther
 2009-11-06 12:43:02 +01:00
Jeremy Allison
c99dd5c23e Got the logic simplification worked out so we still pass 
BASE-DELAYWRITE and also RAW-CLOSE.
Jeremy.
 2009-11-05 22:58:12 -08:00
Jeremy Allison
977fa4e377 Revert commit "0551284dc08eb93ef7b2b2227a45e5ec21d482fb" - simplify 
the logic. This was incorrect (I'll revisit this tomorrow).
Jeremy.
 2009-11-05 21:27:25 -08:00
Jeremy Allison
e434934526 Remove the smbd:writetimeupdatedelay change Metze added. Metze please 
explain why you added this. Change --maximum-runtime=900 for smbtorture4
with BASE-DELAYWRITE. Should allow it to successfully complete now.
Jeremy.
 2009-11-05 17:43:33 -08:00
Jeremy Allison
0551284dc0 Simplify the logic - remove extraneous argument and calls to set_close_write_time(). 
We were treating a file time set on close as a sticky write time set, and I don't
think it is. I will add a torture test later to RAW-CLOSE to confirm this.
Jeremy.
 2009-11-05 17:40:01 -08:00
Jeremy Allison
2f09516a6b Fix explicit set of write time on close. 
Jeremy.
 2009-11-05 17:12:11 -08:00
Jeremy Allison
7f9fe127ba Get closer to an accurate model of Windows timestamp changes. 
"Normal" non truncate writes always cause the timestamp to
be set on close. Once a close is done on a handle this can
reset the sticky write time to current time also.
Updated smbtorture4 confirms this.
Jeremy.
 2009-11-05 16:20:11 -08:00
Jeremy Allison
c2df97f57c Fix up some of the timing constants for DELAYWRITE. Add some extra tests up test_delayed_write_update6 
to investigate what happens to a sticky write handle after a second handle close.
Jeremy.
 2009-11-05 15:37:26 -08:00
Zahari Zahariev
5fb9d06607 Python tests for the acl module. 
Signed-off-by: Nadezhda Ivanova <nadezhda.ivanova@postpath.com>

Author:    Zahari Zahariev <zahari.zahariev@postpath.com>
 2009-11-05 17:40:54 +02:00
Nadezhda Ivanova
1fc47e1228 Version 1.0 of the directory service acls module. 
At this point, support for checks on LDAP add, delete, rename and modify.
Old kludge_acl is still there to handle the searches.
This module is synchronous as the async version was impossible to debug,
will be converted to async after some user testing.
 2009-11-05 17:34:12 +02:00
Volker Lendecke
b6303f0372 s3: Fix a crash in notify_remove_onelevel when "change notify = no" 2009-11-05 15:08:57 +01:00
Volker Lendecke
b5afbb687d s3: Fix the talloc hierarchy in notify_remove_onelevel 
We want to free the record early, not when talloc_tos() is free'ed.
 2009-11-05 14:44:25 +01:00
Matthias Dieter Wallnöfer
1685ee3ee7 s4:torture/rpc/samr - Add a comment for "ValidatePassword" test 2009-11-05 12:43:03 +01:00
Matthias Dieter Wallnöfer
3372e2a0cc s4:dcesrv_samr - Implement "dcesrv_samr_ValidatePassword" using my new check password call 
This implements a very basic method for password validation using my new
"samdb_check_password" call.
 2009-11-05 12:43:03 +01:00
Matthias Dieter Wallnöfer
85f61e5342 s4:dsdb/common/util - Add a new utility function "samdb_check_password" 
This function performs basic password checks and will be used by the
"samrValidatePassword" call and the "password_hash" module.
 2009-11-05 12:43:02 +01:00
Matthias Dieter Wallnöfer
3a6bde799d s4:samdb_set_password/samdb_set_password_sid - Better comments and cosmetics 2009-11-05 12:43:02 +01:00
Volker Lendecke
d415d4d32f s3: Add parameter "ctdb timeout" 
When something in the cluster blocks, it can happen that we wait indefinitely
long for ctdb, just adding to the blocking condition. In theory, nothing should
block, but as someone said "In practice the difference between theory and
practice is larger than in theory". This adds a timeout parameter in seconds,
after which we stop waiting for ctdb and panic.
 2009-11-05 12:05:36 +01:00
Matthias Dieter Wallnöfer
49397a8b3e s4:samdb python bindings - add a wrapper for "dsdb_make_schema_global" 2009-11-05 11:56:22 +01:00
Matthias Dieter Wallnöfer
992d35d38a s4:samdb python bindings - make the python wrap connect more like the C one 
Add call for setting the create permissions.
 2009-11-05 11:56:22 +01:00
Matthias Dieter Wallnöfer
b2e91d4119 s4:samdb python bindings - Reorder some function bodies to match the order in "ldb_wrap_connect" 2009-11-05 11:56:22 +01:00
Stefan Metzmacher
a10b522a0a s4:kdc: remove unused struct kpasswd_socket 
metze
 2009-11-05 09:55:11 +01:00
Bo Yang
dde1c42003 s3: Fix kerberos refresh chain. 
Signed-off-by: Bo Yang <boyang@samba.org>
 2009-11-06 08:24:51 +08:00
Jeremy Allison
170d6a3084 Fix debug comment (brain wasn't working...). 
Jeremy.
 2009-11-04 16:04:41 -08:00
Jeremy Allison
f44d3754ee Filter the returned DOS attributes by 0xFF for clients 
using older protocols (LANMAN2 or below).
Jeremy.
 2009-11-04 15:25:15 -08:00
Jeremy Allison
cbafe17bb3 Remove "Protocol" as an extern, and add accessor functions. 
Jeremy.
 2009-11-04 15:15:50 -08:00
Björn Jacke
51cb96271b s3: add support for full windows timestamps resolution on files 
setting nanosecond timestamps using utimensat() was first supported by Linux
kernel 2.6.22 and glibc 2.6. It's specified in POSIX.1-2008.

This effectively makes us use Windows' full 100ns timestamp resolution -
actually just an improvement from 10^-6 to 10^-7.

For now Linux CIFS vfs will also just be able to make use of 100ns resolution,
not 1ns.
 2009-11-04 15:54:51 +01:00
Nadezhda Ivanova
b8ecf39d9f Added security descriptor for the domain NC to provisioning. 
Necessary for correct descriptor inheritance. Based on the default state
of a single DC. Will be modified later when we support multiple DCs.
 2009-11-04 15:58:54 +02:00
Endi S. Dewata
c9571f7277 s4:provisioning - Fixed minor bugs in provisioning tool and partition module. 2009-11-04 14:58:25 +11:00
Andrew Bartlett
b5ce97511a libcli/nbt Move more of lmhosts lookup into common code 
This aims to eventually share this with Samba4.

Andrew Bartlett
 2009-11-04 14:58:25 +11:00
Andrew Bartlett
5a8f21cb88 lib/util Fix comments in rfc1738.c. 
The Samba version does not use static buffers

Andrew Bartlett
 2009-11-04 14:58:24 +11:00
Günther Deschner
ccdd1462cc s3-netlogon: make sure we protect some function codes in _netr_LogonControl2Ex(). 
Guenther
 2009-11-04 00:55:49 +01:00
Günther Deschner
bb2e1ff631 s3-netlogon: let s3 pass against RPC-NETLOGON-S3 again. 
Guenther
 2009-11-04 00:55:45 +01:00
Günther Deschner
40f3f456bc s3-netlogon: implement _netr_NETLOGON_INFO_4 in netr_LogonControl2Ex() and friends as well. 
Guenther
 2009-11-04 00:55:18 +01:00
Günther Deschner
b3a2147497 s3-netlogon: implement remote trust account changing in netr_LogonControl2Ex() and friends. 
Guenther
 2009-11-04 00:55:09 +01:00
Günther Deschner
8be9ec604e security: re-run make samba3-idl after IDL change. 
Guenther
 2009-11-03 23:47:57 +01:00
Günther Deschner
97496bb3ca s3-lsa: fill in some more info levels in _lsa_QueryInfoPolicy(). 
Add dummys (just like s4 does) and fill in some more appropriate error codes.

Guenther
 2009-11-03 22:19:26 +01:00
Günther Deschner
a8de4f091e s4-smbtorture: skip three info levels while testing s3 with RPC-LSA. 
These are only supported by s3 when running pdb_ads atm.

Guenther
 2009-11-03 22:18:09 +01:00
Günther Deschner
58d401bb21 s4-smbtorture: skip QueryInfoPolicy2 while running RPC-LSA against s3. 
This is only supported by s3 when running pdb_ads atm.

Guenther
 2009-11-03 22:17:05 +01:00
Günther Deschner
bff9819521 s4-smbtorture: skip QueryDomainInformationPolicy test against s3 in RPC-LSA. 
Guenther
 2009-11-03 22:13:28 +01:00
Günther Deschner
074ad24653 s4-smbtorture: simplify some torture_comments in RPC-LSA. 
Guenther
 2009-11-03 22:10:31 +01:00