1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
Commit Graph

540 Commits

Author SHA1 Message Date
Jelmer Vernooij
71ef7ae824 Remove duplicate copy of manual page. 2008-10-08 12:08:52 +02:00
Jelmer Vernooij
6e493fc631 Add manpage for nmblookup, move nmblookup closer to nbt library. 2008-10-08 11:56:46 +02:00
Andrew Bartlett
7d9f18609b Remove DESCRIPTION from generated schema lines.
This is not permitted in the AD aggregate schema, and more trouble
than it is worth in the OpenLDAP schema due to escaping issues.

Andrew Bartlett
2008-10-06 14:16:30 -07:00
Simo Sorce
508527890a Merge ldb_search() and ldb_search_exp_fmt() into a simgle function.
The previous ldb_search() interface made it way too easy to leak results,
and being able to use a printf-like expression turns to be really useful.
2008-09-23 18:17:46 -04:00
Günther Deschner
a1a92688ba s4-nbt: use ../libcli/nbt
Guenther
2008-09-23 09:37:24 +02:00
Andrew Bartlett
171986aea2 Move blackbox.smbclient to test against the member server.
The DC is now using smb signing, so testing for the old SMB versions
won't work.

Add a new test script to check 'net join' independent of
blackbox.smbclient.

Andrew Bartlett
(This used to be commit 44ff392ffe)
2008-09-08 14:18:04 +10:00
Andrew Bartlett
46c94dd8b2 Merge the two attribute syntax tables.
This merges the table once found in the oLschema2ldif tool (and moved
many times) with the table used for DRSUAPI.

The OpenLDAP schema map has been updated, to ensure that despite a
number of attributes being declared as OIDs, they are actually used as
strings (as they are actually LDAP class/attribute names).

Andrew Bartlett
(This used to be commit 61f2958c84)
2008-08-18 10:16:45 +10:00
Andrew Bartlett
76bcaa10ac Fix the build, after the ad2oLschema changes.
(This used to be commit 7361821b21)
2008-08-15 21:20:05 +10:00
Andrew Bartlett
16112762e7 Generate the subSchema in cn=Aggregate
This reads the schema from the in-memory structure, when the magic
attributes are requested.  The code is a modified version of that used
in the ad2oLschema tool (now shared).

The schema_fsmo module handles the insertion of the generated result.

As such, this commit also removes these entries from the setup/schema.ldif

Metze's previous stub of this functionality is also removed.

Andrew Bartlett
(This used to be commit c7c32ec7b4)
2008-08-15 20:40:57 +10:00
Andrew Bartlett
e387677f51 Rework generation of the objectClass and attributeType lines.
Now that these are subroutines, we can factor them out into a file the
CN=Aggregate schema code can also use.

Andrew Bartlett
(This used to be commit e3591a6a35)
2008-08-15 13:18:48 +10:00
Andrew Bartlett
a3faed4bfe Paramaterise the seperator in ad2OLschema
This will allow me to add a new mode, with the CN=Aggregate schema
format automatically generated.

Andrew Bartlett
(This used to be commit 7d2a890a70)
2008-08-15 12:08:10 +10:00
Jelmer Vernooij
8d8ccc57e9 Fix location of manpages.
(This used to be commit 6f5b4ef1d0)
2008-07-27 19:56:20 +02:00
Andrew Bartlett
83d90d6cd6 Make ad2oLschema even simpler, by moving the heavy work into dsdb.
This will allow the kludge_acl and schema code to leverage the same
work.  (We might even get schema validation soon! :-)

Andrew Bartlett
(This used to be commit cecd04ce1f)
2008-07-10 15:52:44 +10:00
Andrew Bartlett
7e851ada55 Move ad2oLschema and oLschema2ldif into Samba4, out of LDB
LDB does not know about nor process the AD schema, so it makes no
sense to have this tool there.  I've been changing it anyway, to use a
common schema manipulation library, and will enhance these links in
the future.

Andrew Bartlett
(This used to be commit c7704805b9)
2008-07-02 21:30:08 +10:00
Michael Adam
261d41a639 ntlm_auth: eliminate "cast pointer from integer of different size" warnings on 64bit.
Michael
(This used to be commit a0b2440c70)
2008-06-27 14:27:30 +02:00
Simo Sorce
2daf2897d5 Use a custom init function for samba4 that sets a samba4
specific debug function.
By default do not debug, this is the most appropriate action for a library
as we cannot assume what stderr is use for in the main app.
The main app is responsible to set ev_debug_stderr if they so desire.
(This used to be commit e566a2f308)
2008-06-14 13:00:53 -04:00
Jelmer Vernooij
4c70cda986 Fix a couple (well, little more than that..) of typos.
(This used to be commit a6b5211994)
2008-05-18 23:02:47 +02:00
Jelmer Vernooij
4c8756f147 Create prototype headers from Makefile directory, without smb_build in the middle.
(This used to be commit f4a77b96f9)
2008-05-18 22:30:08 +02:00
Jelmer Vernooij
03643aec88 Use variables for source directory in a couple more places.
(This used to be commit c41bd3005f)
2008-05-18 19:54:27 +02:00
Andrew Bartlett
7ee76eeae5 Move NTLM authentication details into auth/ntlm
This should help clarify the role of the various files around here
(done on Jelmer's request).

Andrew Bartlett
(This used to be commit efa3990375)
2008-05-05 15:23:57 +10:00
Simo Sorce
4e83011f72 Remove more event_context_init() uses from function calls within deep down the code.
Make sure we pass around the event_context where we need it instead.
All test but a few python ones fail. Jelmer promised to fix them.
(This used to be commit 3045d39162)
2008-04-21 18:12:33 -04:00
Jelmer Vernooij
1efbd5fbf6 Remove event context tracking from the credentials struct.
(This used to be commit 4d7fc946b2)
2008-04-17 01:03:18 +02:00
Jelmer Vernooij
a5d52174bd Avoid event_find_context() when the event context is already available
in the net utility.
(This used to be commit d40804777e)
2008-04-16 22:30:15 +02:00
Jelmer Vernooij
b1bdcd4a8a Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into v4-0-gmake4
(This used to be commit 7fd98e492e)
2008-04-14 22:57:07 +02:00
Jelmer Vernooij
2bc26db97f Fix the build.
(This used to be commit a70cbd63d9)
2008-04-14 20:39:12 +02:00
Jelmer Vernooij
18f8f5d656 Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into v4-0-gmake4
(This used to be commit 1ef3830bb0)
2008-04-14 20:00:32 +02:00
Simo Sorce
4f51b0246d Fix problems with event context not being the parent.
(This used to be commit 957c4d893a)
2008-04-14 12:45:51 -04:00
Jelmer Vernooij
e9017ba418 Use _OBJ_FILES variables in a couple more places.
(This used to be commit 92856d5054)
2008-04-14 17:22:58 +02:00
Andrew Bartlett
8a982108a4 Link the new vampire code togeather.
This adds in the newly attached secrets handling, as well as an
interface to the command line 'net' tool.

Andrew Bartlett
(This used to be commit 1282e3c394)
2008-04-09 14:59:32 +10:00
Jelmer Vernooij
f41b9a9dde Rename libsamba-config to libsamba-hostconfig.
(This used to be commit c46b7e90e3)
2008-04-01 15:08:30 +02:00
Kai Blin
028ba4682c ntlm_auth: Improve compliance to the Squid helper protocol.
This fixes bug #4235 for Samba4.
(This used to be commit b6bb762105)
2008-03-20 00:44:29 +01:00
Jelmer Vernooij
d8d9a6ef04 Move manpage management out of the perl build system.
(This used to be commit 1dd6bea507)
2008-02-29 14:12:23 +01:00
Jelmer Vernooij
2ba62662f8 Remove sDefault as static variable.
(This used to be commit 16f36ce499)
2008-02-28 20:04:58 +01:00
Jelmer Vernooij
c38c2765d1 Remove yet more uses of global_loadparm.
(This used to be commit e01c1e87c0)
2008-02-21 17:17:37 +01:00
Jelmer Vernooij
0020793515 Fix static module list generation for ldb.
(This used to be commit 92c1c0e913)
2008-02-20 03:40:44 +01:00
Jelmer Vernooij
b5bfabf152 Move nmblookup blackbox test closer to the code it tests.
(This used to be commit 3f24136b56)
2008-02-09 17:17:21 +01:00
Jelmer Vernooij
0500b87092 r26540: Revert my previous commit after concerns raised by Andrew.
(This used to be commit 6ac86f8be7)
2007-12-21 05:52:06 +01:00
Jelmer Vernooij
3e75f222bc r26539: Remove unnecessary statics.
(This used to be commit e53e79eebe)
2007-12-21 05:52:05 +01:00
Kai Blin
3dc7779c61 r26465: ntlm_auth: Remoce pstring.
(This used to be commit 15b388ce51)
2007-12-21 05:50:30 +01:00
Jelmer Vernooij
84b4763947 r26441: Remove global_loadparm uses.
(This used to be commit 32007c6277)
2007-12-21 05:50:09 +01:00
Jelmer Vernooij
d1e716cf43 r26432: Require ndr_pull users to specify iconv_convenience.
(This used to be commit 28b1d36551)
2007-12-21 05:50:02 +01:00
Jelmer Vernooij
a2cea02584 r26430: require explicit specification of loadparm context.
(This used to be commit 1b947fe0e6)
2007-12-21 05:49:58 +01:00
Jelmer Vernooij
70f1f33af8 r26402: Require a talloc context in libnetif.
(This used to be commit a35e51871b)
2007-12-21 05:49:33 +01:00
Jelmer Vernooij
6f2252dace r26401: Don't cache interfaces context in libnetif.
(This used to be commit 9f975417cc)
2007-12-21 05:49:32 +01:00
Jelmer Vernooij
51ef1b606f r26377: Specify port explicitly.
(This used to be commit 8c767ca139)
2007-12-21 05:49:12 +01:00
Jelmer Vernooij
b65dba2245 r26355: Eliminate global_loadparm in more places.
(This used to be commit 5d589a0d94)
2007-12-21 05:49:01 +01:00
Jelmer Vernooij
dd7e5ed88c r26352: Don't make lp_load create a new context.
(This used to be commit d0d5c1a823)
2007-12-21 05:48:56 +01:00
Jelmer Vernooij
b0eec88131 r26344: Fix memory access.
(This used to be commit 966248108f)
2007-12-21 05:48:51 +01:00
Jelmer Vernooij
a48fdda5fe r26339: Make loadparm talloc-allocated.
(This used to be commit 1e02cd8db1)
2007-12-21 05:48:49 +01:00
Jelmer Vernooij
4c4323009f r26327: Explicit loadparm_context for RPC client functions.
(This used to be commit eeb2251d22)
2007-12-21 05:48:41 +01:00
Jelmer Vernooij
c5bf20c5fe r26325: Remove use of global_loadparm in netif.
(This used to be commit e452cb2859)
2007-12-21 05:48:37 +01:00
Jelmer Vernooij
fb29325f1d r26312: Move specification of port higher up the call stack.
(This used to be commit 49be7e43ff)
2007-12-21 05:48:23 +01:00
Jelmer Vernooij
b84be078c1 r26309: Move specification of port higher up the all stack.
(This used to be commit 7de55cde7c)
2007-12-21 05:48:21 +01:00
Jelmer Vernooij
a693e6f1c7 r26295: Remove use of global_loadparm for net and wb_pam_auth.
(This used to be commit 47696b4298)
2007-12-21 05:48:12 +01:00
Jelmer Vernooij
b038240ac7 r26275: return loadparm context in lp_load.
(This used to be commit d01f0f4c20)
2007-12-21 05:48:01 +01:00
Jelmer Vernooij
b83a7a135f r26268: Avoid more use of global_loadparm - put lp_ctx in smb_server and wbsrv_connection.
(This used to be commit 7c00866423)
2007-12-21 05:47:47 +01:00
Jelmer Vernooij
ecea5ce245 r26260: Store loadparm context in gensec context.
(This used to be commit b9e3a4862e)
2007-12-21 05:47:34 +01:00
Jelmer Vernooij
43696d2752 r26252: Specify loadparm_context explicitly when creating sessions.
(This used to be commit 7280c1e941)
2007-12-21 05:47:29 +01:00
Jelmer Vernooij
ab69eb8d89 r26250: Avoid global_loadparm in a couple more places.
(This used to be commit 2c6b755309)
2007-12-21 05:47:28 +01:00
Jelmer Vernooij
0a2f1a46a0 r26249: Remove a couple more uses of global_loadparm.
(This used to be commit 80a6120050)
2007-12-21 05:47:27 +01:00
Jelmer Vernooij
6c999cd123 r26236: Remove more uses of global_loadparm or specify loadparm_context explicitly.
(This used to be commit 5b29ef7c03)
2007-12-21 05:47:15 +01:00
Jelmer Vernooij
fface33dd7 r26231: Spell check: credentails -> credentials.
(This used to be commit 4b46888bd0)
2007-12-21 05:47:09 +01:00
Jelmer Vernooij
b5594df87d r26230: Use task-provided loadparm context in a couple more places, avoid loadparm context inside ntlm_auth.
(This used to be commit 3a946d1ffd)
2007-12-21 05:47:07 +01:00
Jelmer Vernooij
51db4c3f3d r26228: Store loadparm context in auth context, move more loadparm_contexts up the call stack.
(This used to be commit ba75f1613a)
2007-12-21 05:47:05 +01:00
Jelmer Vernooij
f4a1083cf9 r26227: Make loadparm_context part of a server task, move loadparm_contexts further up the call stack.
(This used to be commit 0721a07aad)
2007-12-21 05:47:04 +01:00
Jelmer Vernooij
2fa338cdc9 r26226: Avoid more uses of global_loadparm.
(This used to be commit 6cbce47a3e)
2007-12-21 05:47:02 +01:00
Jelmer Vernooij
dc2273ba37 r26006: Improve some dependencies.
(This used to be commit 28f05bb5ef)
2007-12-21 05:45:41 +01:00
Stefan Metzmacher
529763a9aa r25920: ndr: change NTSTAUS into enum ndr_err_code (samba4 callers)
lib/messaging/
lib/registry/
lib/ldb-samba/
librpc/rpc/
auth/auth_winbind.c
auth/gensec/
auth/kerberos/
dsdb/repl/
dsdb/samdb/
dsdb/schema/
torture/
cluster/ctdb/
kdc/
ntvfs/ipc/
torture/rap/
ntvfs/
utils/getntacl.c
ntptr/
smb_server/
libcli/wrepl/
wrepl_server/
libcli/cldap/
libcli/dgram/
libcli/ldap/
libcli/raw/
libcli/nbt/
libnet/
winbind/
rpc_server/

metze
(This used to be commit 6223c7fddc)
2007-12-21 05:45:02 +01:00
Stefan Metzmacher
f1374b02ea r25790: - remove some nesting by using error and out logic
- print in the print_* function ...

metze
(This used to be commit dbd7e8bcce)
2007-12-21 05:44:00 +01:00
Jelmer Vernooij
efa384375f r25454: Use standard bool types in a couple more places.
(This used to be commit 9243b551f3)
2007-10-10 15:07:38 -05:00
Jelmer Vernooij
2f3551ca7c r25446: Merge some changes I made on the way home from SFO:
2007-09-29 More higher-level passing around of lp_ctx.
2007-09-29 Fix warning.
2007-09-29 Pass loadparm contexts on a higher level.
2007-09-29 Avoid using global loadparm context.
(This used to be commit 3468952e77)
2007-10-10 15:07:34 -05:00
Jelmer Vernooij
37d53832a4 r25398: Parse loadparm context to all lp_*() functions.
(This used to be commit 3fcc960839)
2007-10-10 15:07:25 -05:00
Jelmer Vernooij
3048e9ad65 r25392: Add loadparm context as argument in a couple more places.
(This used to be commit c62f51cc28)
2007-10-10 15:07:24 -05:00
Jelmer Vernooij
5e2f9cd8e2 r25379: Use loadparm context parameter in a lot more places.
(This used to be commit 091961b13b)
2007-10-10 15:07:22 -05:00
Stefan Metzmacher
68256289a4 r25213: use talloc_strdup_append_buffer() instead of talloc_append_string()
metze
(This used to be commit d0306ed16b)
2007-10-10 15:06:55 -05:00
Jeremy Allison
9a012df08e r25175: Change to talloc_asprintf_append_buffer().
Jeremy.
(This used to be commit 0844dbf597)
2007-10-10 15:06:46 -05:00
Jelmer Vernooij
7e297ecfa4 r25047: Fix more warnings.
(This used to be commit 69de86d2d2)
2007-10-10 15:05:49 -05:00
Jelmer Vernooij
98b57d5eb6 r25035: Fix some more warnings, use service pointer rather than service number in more places.
(This used to be commit df9cebcb97)
2007-10-10 15:05:43 -05:00
Jelmer Vernooij
dccf3f99e4 r25027: Fix more warnings.
(This used to be commit 5085c53fcf)
2007-10-10 15:05:41 -05:00
Jelmer Vernooij
ffeee68e4b r25026: Move param/param.h out of includes.h
(This used to be commit abe8349f9b)
2007-10-10 15:05:38 -05:00
Jelmer Vernooij
b50ef4caef r25007: Remove more uses of pstring, move ntlmauth-specific utility function to ntlm-auth.c
(This used to be commit 6f224480b2)
2007-10-10 15:05:32 -05:00
Jelmer Vernooij
cd962355ab r25000: Fix some more C++ compatibility warnings.
(This used to be commit 08bb1ef643)
2007-10-10 15:05:27 -05:00
Kai Blin
d510accb39 r24796: Add bounds checking to ntlm_auth, increase initial buffer size to 300 to avoid
one talloc/fgets loop in the common case, which is slightly over 200 for the KK
response.
(This used to be commit ba5ac4eeb8)
2007-10-10 15:03:11 -05:00
Kai Blin
96539eb143 r24795: When talking to squid, allocate the buffer size dynamically.
(This used to be commit 2b72738e4e)
2007-10-10 15:03:11 -05:00
Andrew Tridgell
0479a2f1cb r23792: convert Samba4 to GPLv3
There are still a few tidyups of old FSF addresses to come (in both s3
and s4). More commits soon.
(This used to be commit fcf38a38ac)
2007-10-10 14:59:12 -05:00
Stefan Metzmacher
3c3869cea6 r22607: work with the solaris version of popt
metze
(This used to be commit c992e882b5)
2007-10-10 14:51:51 -05:00
Jelmer Vernooij
7870652898 r21564: Move ndrdump to librpc/tools.
(This used to be commit e3cc94e7d1)
2007-10-10 14:48:57 -05:00
Stefan Metzmacher
6496fab3b6 r21334: compare the original buffer and the validated one byte by byte
and print out the first mismatch

metze
(This used to be commit 6ac574660a)
2007-10-10 14:48:14 -05:00
Stefan Metzmacher
76a1ecccc5 r21333: fix POPT handling in ndrdump
make --validate, --dump-data work again

metze
(This used to be commit 654acc6734)
2007-10-10 14:48:14 -05:00
Jelmer Vernooij
95caeb1046 r19678: Fix the build for now (ugly hack because of circular dependencies)
(This used to be commit 0953bb7d5f)
2007-10-10 14:25:30 -05:00
Andrew Bartlett
13dbee3ffe r19598: Ahead of a merge to current lorikeet-heimdal:
Break up auth/auth.h not to include the world.

Add credentials_krb5.h with the kerberos dependent prototypes.

Andrew Bartlett
(This used to be commit 2b569c42e0)
2007-10-10 14:25:00 -05:00
Jelmer Vernooij
5d034a9d5d r19558: Make behaviour of "OK" match that of Samba3's ntlm_auth. Patch by
Kai Blin.
(This used to be commit d599bb8f98)
2007-10-10 14:24:50 -05:00
Jelmer Vernooij
a882f619c9 r19555: Silently ignore --use-cached-creds for compatibility with Samba3's ntlm_auth.
Patch by Kai Blin.
(This used to be commit 2167552b9a)
2007-10-10 14:24:50 -05:00
Andrew Bartlett
5bfc0d6317 r19463: Make it clear what argument is incorrect
Andrew Bartlett
(This used to be commit a28a17c508)
2007-10-10 14:21:36 -05:00
Stefan Metzmacher
00cb032c0f r18915: fix usage of popt, do make -W setting the recursive flag on SuSE 10.1
metze
(This used to be commit 0fef3f807d)
2007-10-10 14:20:21 -05:00
Andrew Tridgell
a8421e8107 r18343: fixed setlinebuf() prototype, added test for it, and use it in two
places to avoid a #ifdef
(This used to be commit 095b805774)
2007-10-10 14:18:13 -05:00
Jelmer Vernooij
873749f218 r18168: Use {NULL} rather than POPT_TABLEEND, which is not always available.
(This used to be commit 8b622c5ded)
2007-10-10 14:17:45 -05:00
Jelmer Vernooij
a59706f721 r18121: Simplify m4 code, hopefully fix Samba4 build problems.
(This used to be commit 1adf65b4d7)
2007-10-10 14:17:35 -05:00
Andrew Tridgell
b7477fb388 r18117: first steps in making samba4 use libreplace
(This used to be commit c079cedb08)
2007-10-10 14:17:34 -05:00
Stefan Metzmacher
a2eca9174c r17586: merge lib/netif into lib/socket and use -lnsl -lsocket on the
configure check for the interfaces.

should fix the build on some old sun boxes

metze
(This used to be commit f20e251bfd)
2007-10-10 14:15:39 -05:00
Andrew Bartlett
7d6bfb45ba r17577: Patch from Kai Blin <kai.blin@gmail.com>:
This is the Samba4 version of the ntlm_auth patch that was committed
to Samba3 in revision 17216.

The purpose of this patch is to return session key information, as
well as NTLMSSP negotiated flags to ntlm_auth's caller.  This allows
the bulk data signing and sealing to be handled in a library, supplied
by the caller.

This also allows the caller to ask for features, so that the right
flags get negotiated.
(This used to be commit eb28aff4e0)
2007-10-10 14:15:38 -05:00
Stefan Metzmacher
7a845bcb01 r17341: pass a messaging context to auth_context_create()
and gensec_server_start().

calling them with NULL for event context or messaging context
is no longer allowed!

metze
(This used to be commit 679ac74e71)
2007-10-10 14:15:17 -05:00
Jelmer Vernooij
927cbf74ae r16824: Rename Ethereal -> Wireshark (patch from Joerg Mayer)
(This used to be commit a789aa468b)
2007-10-10 14:09:47 -05:00
Andrew Bartlett
ca62ddd8d9 r16051: Move the XATTR compatability code into a new file, so I can use it for
the getntacl utility.

Andrew Bartlett
(This used to be commit b1e0d4747b)
2007-10-10 14:08:53 -05:00
Rafal Szczesniak
787d67c2cd r15941: We don't use call levels, at the moment. Remove them until we do.
rafal
(This used to be commit 592387a769)
2007-10-10 14:08:42 -05:00
Jelmer Vernooij
172a83d724 r15573: Fix build of systems that have iconv headers in non-standard locations
Split of system/locale.h header from system/iconv.h

Previously, iconv wasn't being used on these systems
(This used to be commit aa6d66fda6)
2007-10-10 14:05:58 -05:00
Rafal Szczesniak
ece95aad3d r15490: Typo fixes and remove long forgotten commented piece.
rafal
(This used to be commit a2f6dc7860)
2007-10-10 14:05:41 -05:00
Jelmer Vernooij
46f627ea7a r15384: Improve naming of socket library, disable Requires(.private)? fields in pkg-config files for now as
they break external projects.
(This used to be commit f919fd6655)
2007-10-10 14:05:30 -05:00
Jelmer Vernooij
6275553bae r15373: Rename SOCKET to LIBSAMBA-SOCKET to prevent name clashes with -lsocket on SUN
boxes.
(This used to be commit c95ad11307)
2007-10-10 14:05:28 -05:00
Jelmer Vernooij
e0e8743baf r15363: Fix dependencies for shared library
(This used to be commit f2ca71f122)
2007-10-10 14:05:26 -05:00
Jelmer Vernooij
20b3b0f2e3 r15338: Fix build of most things with shared libs enabled.
(This used to be commit 8985093d3f)
2007-10-10 14:05:18 -05:00
Jelmer Vernooij
e002300f23 r15328: Move some functions around, remove dependencies.
Remove some autogenerated headers (which had prototypes now autogenerated by pidl)
Remove ndr_security.h from a few places - it's no longer necessary
(This used to be commit c19c2b51d3)
2007-10-10 14:05:17 -05:00
Jelmer Vernooij
620d759f49 r15298: Fix the build using a few hacks in the build system.
Recursive dependencies are now forbidden (the build system
will bail out if there are any).

I've split up auth_sam.c into auth_sam.c and sam.c. Andrew,
please rename sam.c / move its contents to whatever/wherever you think suits
best.
(This used to be commit 6646384aaf)
2007-10-10 14:05:04 -05:00
Jelmer Vernooij
70d10653ad r15296: Move ntlm_auth-specific functions from util to ntlm_auth so libutil doesn't need ldb
(This used to be commit 137ace965e)
2007-10-10 14:05:03 -05:00
Jelmer Vernooij
0d5587b5d1 r15274: Drop default EXT_LIB_ prefix for external libraries. Fixes issues with local
(empty) libpopt.a overriding global one
(This used to be commit 2f06305e53)
2007-10-10 14:05:00 -05:00
Jelmer Vernooij
69b51f702a r15207: Introduce PRIVATE_DEPENDENCIES and PUBLIC_DEPENDENCIES as replacement
for REQUIRED_SUBSYSTEMS.
(This used to be commit adc8a019b6)
2007-10-10 14:04:18 -05:00
Jelmer Vernooij
a4d7c38c38 r14991: Add option -l to allow ndrdump to load dcerpc_interface_tables from .so files.
(This used to be commit eb34d5b8b1)
2007-10-10 14:00:51 -05:00
Andrew Tridgell
9a357370b5 r14982: mark a deliberate missing break
(This used to be commit 3b66cf35a7)
2007-10-10 14:00:50 -05:00
Stefan Metzmacher
64587cbf9e r14858: fix bugs noticed by the ibm code checker
metze
(This used to be commit 152e7e3d02)
2007-10-10 13:59:43 -05:00
Jelmer Vernooij
184955ffd7 r14572: Give libraries saner names, remove some .pc files, make some things
subsystems in case a library doesn't make sense.
(This used to be commit ed382873fd)
2007-10-10 13:58:49 -05:00
Jelmer Vernooij
35349a58df r14542: Remove librpc, libndr and libnbt from includes.h
(This used to be commit 51b4270513)
2007-10-10 13:58:42 -05:00
Jelmer Vernooij
8528016978 r14464: Don't include ndr_BASENAME.h files unless strictly required, instead
try to include just the BASENAME.h files (containing only structs)
(This used to be commit 3dd477ca51)
2007-10-10 13:57:27 -05:00
Jelmer Vernooij
e3f2414cf9 r14380: Reduce the size of structs.h
(This used to be commit 1a16a6f1df)
2007-10-10 13:57:16 -05:00
Jelmer Vernooij
3f16241a1d r14363: Remove credentials.h from the global includes.
(This used to be commit 98c4c30513)
2007-10-10 13:57:14 -05:00
Stefan Metzmacher
429a23c48d r14110: make ndr interface parsing code libraries,
so it will not included in multiple modules or binaries

metze
(This used to be commit 13c1059747)
2007-10-10 13:56:52 -05:00
Stefan Metzmacher
9ff35d2679 r13932: fix dependency
metze
(This used to be commit 93c77bf14b)
2007-10-10 13:52:28 -05:00
Stefan Metzmacher
141658d1ea r13930: this tools are currently just oneliners, which depend on printf()
metze
(This used to be commit f4e1855dec)
2007-10-10 13:52:27 -05:00
Stefan Metzmacher
d817c83744 r13928: fix dependency
metze
(This used to be commit ad83fc46bf)
2007-10-10 13:52:27 -05:00
Jelmer Vernooij
4ac2be9958 r13924: Split more prototypes out of include/proto.h + initial work on header
file dependencies
(This used to be commit 1228358767)
2007-10-10 13:52:24 -05:00
Jelmer Vernooij
49efc49541 r13904: Make sure LDB gets initialized
(This used to be commit 4339e3e7d7)
2007-10-10 13:52:21 -05:00
Jelmer Vernooij
86dda20562 r13899: Get the shared library build building again. Just compiles for now,
but modules don't work yet..
(Run LIBRARY_OUTPUT_TYPE=SHARED_LIBRARY MODULE_OUTPUT_TYPE=SHARED_LIBRARY ./config.status)
(This used to be commit ba74f24e42)
2007-10-10 13:52:20 -05:00
Andrew Tridgell
048704a7e5 r13505: allow servers to bind to non-broadcast interfaces. Servers now
specifically ask for iface_n_bcast() and have to check if it returns
NULL, in which case it is a non-broadcast interface
(This used to be commit d004e250b6)
2007-10-10 13:51:56 -05:00
Andrew Bartlett
05ea155858 r13149: DEBUG is a bad choice for 'net', it should print to stderr
Andrew Bartlett
(This used to be commit 4dd6afa6d1)
2007-10-10 13:51:28 -05:00
Jelmer Vernooij
dcb960e601 r13073: Add manpage for getntacl, disable setntacl
(This used to be commit 656e202233)
2007-10-10 13:51:22 -05:00
Andrew Bartlett
f3db23ac75 r12928: This patch improves the interaction between the vampire and provsion code.
Previously, we had to know (or guess) the host and domain guid at the
provision stage.  Now we query the database post-provision, to extract
the values and fill in the zone file.

This allows us to generate a correct zone file in the Windows migration case.

In an effort to make SWAT easier to use, I have removed and renamed
some of the provision options.

I have also fixed a nasty issue in my js code.  I had implictly
declared a global variable of the name 'join', with disasterious
results for any subsequent user of the string utility function:

esp exception - ASSERT at lib/appweb/ejs/ejsParser.c:2064, 0

Backtrace:
        [ 0]       substitute_var:20   ->               list[i] = join("", list2)
        [ 1]           setup_file:9    ->       data = substitute_var(data, subobj)

Andrew Bartlett
(This used to be commit a38ceefd11)
2007-10-10 13:51:07 -05:00
Stefan Metzmacher
ef1572dbc1 r12908: use '_' also for indication we want to ask for the localmaster browser,
as '-' make problems with popt

metze
(This used to be commit d300d56fb7)
2007-10-10 13:51:01 -05:00
Andrew Bartlett
58f78fa182 r12892: Add a 'Migrate from Windows' page to our installation section in SWAT.
Doing this required reworking ejsnet, particularly so it could take a
set of credentials, not just a username and password argument.

This required fixing the ejsnet.js test script, which now adds and
deletes a user, and is run from 'make test'.  This should prevent it
being broken again.

Deleting a user from ejsnet required that the matching backend be
added to libnet, hooking fortunetly onto already existing code for the
actual deletion.

The js credentials interface now handles the 'set machine account' flag.

New functions have been added to provision.js to wrap the basic
operations (so we can write a command line version, as well as the web
based version).

Andrew Bartlett
(This used to be commit a5e7c17c34)
2007-10-10 13:50:59 -05:00
Andrew Bartlett
d790d8d6ed r12886: Rename 'secure_channel_type' parameter to domain join as 'join_type'.
Andrew Bartlett
(This used to be commit a3b3e09a9a)
2007-10-10 13:50:58 -05:00
Andrew Bartlett
a5a79e8b8c r12865: Upgrade the librpc and libnet code.
In librpc, always try SMB level authentication, even if trying
schannel, but allow fallback to anonymous.  This should better
function with servers that set restrict anonymous.

There are too many parts of Samba that get, parse and modify the
binding parameters.  Avoid the extra work, and add a binding element
to the struct dcerpc_pipe

The libnet vampire code has been refactored, to reduce extra layers
and to better conform with the standard argument pattern.  Also, take
advantage of the new libnet_Lookup code, so we don't require the silly
'password server' smb.conf parameter.

To better support forcing traffic to be sealed for the vampire
operation, the dcerpc_bind_auth() function now takes an auth level
parameter.

Andrew Bartlett
(This used to be commit d65b354959)
2007-10-10 13:50:55 -05:00
Andrew Bartlett
f55ea8bb3d r12804: This patch reworks the Samba4 sockets layer to use a socket_address
structure that is more generic than just 'IP/port'.

It now passes make test, and has been reviewed and updated by
metze. (Thankyou *very* much).

This passes 'make test' as well as kerberos use (not currently in the
testsuite).

The original purpose of this patch was to have Samba able to pass a
socket address stucture from the BSD layer into the kerberos routines
and back again.   It also removes nbt_peer_addr, which was being used
for a similar purpose.

It is a large change, but worthwhile I feel.

Andrew Bartlett
(This used to be commit 88198c4881)
2007-10-10 13:49:57 -05:00
Andrew Bartlett
e011ab7e1d r12732: This option does nothing.
Andrew Bartlett
(This used to be commit 708ce7de30)
2007-10-10 13:49:47 -05:00
Andrew Bartlett
c66bc0dadb r12731: Simplify and re-implemenet support for --parameter-name=foo
--service-name=bar in testparm.

Andrew Bartlett
(This used to be commit be067e9a04)
2007-10-10 13:49:46 -05:00
Andrew Bartlett
1b29552e70 r12730: Reimplement --parameter-name, and bring in common samba options.
This changes -s from meaning 'suppress prompt' to 'services file'.

Andrew Bartlett
(This used to be commit 0f78bd743b)
2007-10-10 13:49:46 -05:00
Andrew Bartlett
03ab342909 r12729: Implement the --section-name option, for dumping only one section.
Andrew Bartlett
(This used to be commit 3c49dd9219)
2007-10-10 13:49:46 -05:00
Andrew Bartlett
37bc6b5f81 r12728: Revive testparm.
It needs work to not dump defaults from loadparm.c, but otherwise it works.

Andrew Bartlett
(This used to be commit 1260fcf465)
2007-10-10 13:49:46 -05:00
Jelmer Vernooij
046a54f963 r12622: Move table.c prototypes to seperate header to prevent circular dependencies
with proto.h
(This used to be commit 9e0ba38037)
2007-10-10 13:49:06 -05:00
Jelmer Vernooij
aa9f67163c r12620: Get rid of automatically generated lists of init functions of subsystems.
This allows Samba libraries to be used by other projects (and parts of
Samba to be built as shared libraries).
(This used to be commit 44f0aba715)
2007-10-10 13:49:06 -05:00
Jelmer Vernooij
d4de4c2d21 r12608: Remove some unused #include lines.
(This used to be commit 70e7449318)
2007-10-10 13:49:03 -05:00
Jelmer Vernooij
46aa296cc9 r12592: Remove some useless dependencies
(This used to be commit ca8db1a0cd)
2007-10-10 13:49:00 -05:00
Jelmer Vernooij
2cd5ca7d25 r12542: Move some more prototypes out to seperate headers
(This used to be commit 0aca5fd513)
2007-10-10 13:47:55 -05:00
Jelmer Vernooij
d658de65d3 r12512: Use GUID structs in API functions everywhere rather then converting back and
forth between GUID structs and strings in several places.
(This used to be commit 3564e2f967)
2007-10-10 13:47:48 -05:00
Jelmer Vernooij
acd6a086b3 r12510: Change the DCE/RPC interfaces to take a pointer to a
dcerpc_interface_table struct rather then a tuple of interface
name, UUID and version.

This removes the requirement for having a global list of DCE/RPC interfaces,
except for these parts of the code that use that list explicitly
(ndrdump and the scanner torture test).

This should also allow us to remove the hack that put the authservice parameter
in the dcerpc_binding struct as it can now be read directly from
dcerpc_interface_table.

I will now modify some of these functions to take a dcerpc_syntax_id
structure rather then a full dcerpc_interface_table.
(This used to be commit 8aae0f168e)
2007-10-10 13:47:48 -05:00
Jelmer Vernooij
6aafed9600 r12499: Move smb_build.h out of includes.h
(This used to be commit c92ace494f)
2007-10-10 13:47:45 -05:00
Andrew Bartlett
758873b9fb r12423: Remove DEBUG(0) printouts in favor of more information to the caller.
I assume this works better with SWAT and the like anyway.

Andrew Bartlett
(This used to be commit b11975703d)
2007-10-10 13:47:36 -05:00
Andrew Bartlett
8e0948bbad r12421: Handle the case where we are a joining as different account types far better.
Andrew Bartlett
(This used to be commit 0ce82e8a41)
2007-10-10 13:47:35 -05:00
Andrew Bartlett
221c1512a8 r12411: Add 'net samdump keytab <keytab>'.
This extracts a remote windows domain into a keytab, suitable for use
in ethereal for kerberos decryption.

For the moment, like net samdump and net samsync, the 'password
server' smb.conf option must be set to the binding string for the
server. eg:

password server = ncacn_np:mypdc

Andrew Bartlett
(This used to be commit 272013438f)
2007-10-10 13:47:35 -05:00
Jelmer Vernooij
d0f4663771 r12209: Fix some issues with XML entities.
(This used to be commit 754e51b19d)
2007-10-10 13:47:18 -05:00
Stefan Metzmacher
57b98a7436 r11553: give an error when the lookup failed
metze
(This used to be commit 363c000944)
2007-10-10 13:45:53 -05:00
Andrew Bartlett
ea2d6d482f r11371: Fix the ntlm_auth build.
Andrew Bartlett
(This used to be commit 708476d0b2)
2007-10-10 13:45:27 -05:00
Jelmer Vernooij
8ee1ee66ed r11303: Support defining and installing public headers for libraries.
Support installing libraries.
Get rid of pkg-config file (will be autogenerated later on).
(This used to be commit b4745032a2)
2007-10-10 13:45:16 -05:00
Jelmer Vernooij
4c5a4a7e02 r11244: Relative path names in .mk files
(This used to be commit 24e1030090)
2007-10-10 13:45:06 -05:00
Jelmer Vernooij
f4d590662e r11214: Remove scons files (see http://lists.samba.org/archive/samba-technical/2005-October/043443.html)
(This used to be commit 7fffc5c917)
2007-10-10 13:45:03 -05:00
Andrew Bartlett
372ca26b20 r11200: Reposition the creation of the kerberos keytab for GSSAPI and Krb5
authentication.  This pulls the creating of the keytab back to the
credentials code, and removes the special case of 'use keberos keytab
= yes' for now.

This allows (and requires) the callers to specify the credentials for
the server credentails to GENSEC.  This allows kpasswdd (soon to be
added) to use a different set of kerberos credentials.

The 'use kerberos keytab' code will be moved into the credentials
layer, as the layers below now expect a keytab.

We also now allow for the old secret to be stored into the
credentials, allowing service password changes.

Andrew Bartlett
(This used to be commit 205f77c579)
2007-10-10 13:45:00 -05:00
Andrew Bartlett
c690be462d r10711: An error of 'user exists' is not an error, just an indication of how
the join was processed.

Andrew Bartlett
(This used to be commit 0d93f11c89)
2007-10-10 13:39:23 -05:00
Jelmer Vernooij
42b81d7c3e r10528: Add credentials.h back into includes.h as some compilers don't
seem to be able to handle incomplete enum types.
(This used to be commit 540155fad3)
2007-10-10 13:39:02 -05:00
Jelmer Vernooij
49839f356f r10513: Reduce some use of pstring. The main reason some parts of the code still
use pstring is next_token() now.
(This used to be commit a5b88bcd42)
2007-10-10 13:38:58 -05:00
Jelmer Vernooij
f801ad3592 r10510: Decrease the amount of data included by includes.h a bit
(This used to be commit 03647e1321)
2007-10-10 13:38:58 -05:00
Andrew Bartlett
5a522b3100 r10486: This is a merge of Brad Henry's 'net join' rework, to better perform
an ADS join, particularly as a DC.  This represents the bulk of his
Google SOC work, and I'm very pleased to intergrate it into the tree.
(Metze will intergrate the DRSUAPI work later).

Both metze and myself have also put a lot of time into this patch, and
in mentoring Brad in general.  In return, Brad has been a very good
student, and has taken the comments well.

Since it's last appearance on samba-technical@, I have made
correctness and valgrind fixups, as well as adding a new 'BINDING'
mode to the libnet_rpc routines.  This allows the exact binding string
to be passed down from the torture code, including options and exact
target host.

Andrew Bartlett
(This used to be commit d6fa105fda)
2007-10-10 13:38:53 -05:00
Andrew Bartlett
51cbc188df r10402: Make the RPC-SAMLOGON test pass against Win2k3 SP0 again.
I still have issues with Win2k3 SP1, and Samba4 doesn't pass it's own
test for the moment, but I'm working on these issues :-)

This required a change to the credentials API, so that the special
case for NTLM logins using a principal was indeed handled as a
special, not general case.

Also don't set the realm from a ccache, as then it overrides --option=realm=.

Andrew Bartlett
(This used to be commit 194e8f07c0)
2007-10-10 13:38:39 -05:00
Jelmer Vernooij
6812c73534 r10348: Add scons scripts for remaining subsystems. Most subsystems build now,
but final linking still fails (as does generating files asn1, et, idl and proto
files)
(This used to be commit 4f0d7f75b9)
2007-10-10 13:38:30 -05:00
Jelmer Vernooij
d2a666acbe r10316: More dynconfig fixes
(This used to be commit 0963ab9c14)
2007-10-10 13:38:17 -05:00
Jelmer Vernooij
349294d358 r10315: Remove use of fstring and pstring in dynconfig.c
Remove unused includes of dynconfig.h
(This used to be commit 59083b7ba6)
2007-10-10 13:38:17 -05:00
Stefan Metzmacher
869ae3b7a0 r10144: dump the whole data blob
metze
(This used to be commit 4f933165c2)
2007-10-10 13:38:02 -05:00
Stefan Metzmacher
859f270d03 r10143: don't exit when the not all bytes are consumed,
(this happens with relative pointers)

metze
(This used to be commit 3ba227aafd)
2007-10-10 13:38:02 -05:00
Tim Potter
48c945034c r9991: Some more 64-bit size_t warnings. There are a few more but they are
too hard to fix right now.  (-:
(This used to be commit a64b813ff7)
2007-10-10 13:36:27 -05:00
Stefan Metzmacher
550eac8ea6 r9954: getntacl depends on EXT_LIB_XATTR
(maybe we need to disable this binary when EXT_LIB_XATTR isn't enabled)

metze
(This used to be commit 0e5cac10cb)
2007-10-10 13:36:25 -05:00
Jelmer Vernooij
b674411eb4 r9792: Rename StrCaseCmp -> strcasecmp_m. All these years I was thinking
StrCaseCmp was sys_strcasecmp, while it is in fact strcasecmp_m!
(This used to be commit 200a8f6652)
2007-10-10 13:35:01 -05:00
Andrew Bartlett
6f9b901fa0 r9772: Make credentials callbacks more consistant with the abstraction
function interface used in the credentials code.

Fix bug in ntlm_auth, where we would overwrite the PW specified as a
first input.  (Reported and chased by Kai Blin <blin@gmx.net>, bug
#3040)

Andrew Bartlett
(This used to be commit 04af95bd31)
2007-10-10 13:34:59 -05:00
Andrew Bartlett
24186a80eb r9728: A *major* update to the credentials system, to incorporate the
Kerberos CCACHE into the system.

This again allows the use of the system ccache when no username is
specified, and brings more code in common between gensec_krb5 and
gensec_gssapi.

It also has a side-effect that may (or may not) be expected: If there
is a ccache, even if it is not used (perhaps the remote server didn't
want kerberos), it will change the default username.

Andrew Bartlett
(This used to be commit 6202267f6e)
2007-10-10 13:34:54 -05:00
Andrew Tridgell
d42e54648e r9569: fixed an uninitialised variable
(This used to be commit 5c71547703)
2007-10-10 13:34:30 -05:00
Stefan Metzmacher
ab5bd6a41d r9482: add --validate and --dump-data options to ndrdump,
this allows us to check the differences in our pull and push code

metze
(This used to be commit f12ab6a9d3)
2007-10-10 13:34:21 -05:00
Andrew Bartlett
bfe1ea6244 r9396: ntlm_auth updates, including again support for the NTLMSSP client
mode, and specification of the workstation.

Andrew Bartlett
(This used to be commit 8f53d995c6)
2007-10-10 13:33:33 -05:00
Tim Potter
878e139f09 r9357: Remove DBGC_CLASS cruft copied over from Samba 3. I would like to
replace this with something funkier.
(This used to be commit 8d376d56c7)
2007-10-10 13:33:27 -05:00
Stefan Metzmacher
3be75a4c6d r9240: - move struct security_token to the idl file, with this we can
the ndr_pull/push/print functions for it in the ntacl-lsm module

- fix compiler warnings in the ldap_encode_ndr_* code

metze
(This used to be commit 83d65d0d7e)
2007-10-10 13:31:37 -05:00
Stefan Metzmacher
8dde143765 r9152: fix a crash bug
metze
(This used to be commit d1868bd591)
2007-10-10 13:31:24 -05:00
Jelmer Vernooij
9f611ffdde r8966: Simplify the makefile generation system a bit.
Autogenerate list of binaries (rather then having them hardcoded in build/smb_build/makefile.pm)
Add INSTALLDIR keyword to .mk files
(This used to be commit ce0935112b)
2007-10-10 13:31:00 -05:00
Andrew Bartlett
46a41994c9 r8901: Fix ntlm_auth segfault (invalid free()). We have moved to talloc
here.

Andrew Bartlett
(This used to be commit b341bd4487)
2007-10-10 13:30:16 -05:00
Andrew Bartlett
6cec8025b0 r8847: Rework the Samba4 'net join' code. I'm trying to get this closer to
what WinXP does when joining an AD domain, but in the meantime this
removes the excess unions, and uses the LSA pipe in same way XP does.

Andrew Bartlett
(This used to be commit d2789c4260)
2007-10-10 13:30:11 -05:00
Andrew Bartlett
6d26a7114f r8752: With all the infrustructure done, details like a SamSync migration
into LDB are actually quite easy.

This brings us the users, and sets basic domain information.

You are expected to have provisioned with the settings for the target
domain, and have joined the domain as a BDC.  Then simply 'net
samsync'.

Now we just need to flesh out the delta types.

Andrew Bartlett
(This used to be commit 1e0f7792bb)
2007-10-10 13:30:02 -05:00
Andrew Tridgell
27ab60f5d4 r8748: fixed build. Andrew, please check.
(This used to be commit 9411bd4e5e)
2007-10-10 13:30:01 -05:00
Andrew Tridgell
4d28d20a02 r8702: fixed ntlm_auth build. Andrew, can you check I got this right?
(This used to be commit 3c12b46e32)
2007-10-10 13:29:55 -05:00
Andrew Tridgell
e835621799 r8520: fixed a pile of warnings from the build farm gcc -Wall output on
S390. This is an attempt to avoid the panic we're seeing in the
automatic builds.

The main fixes are:

 - assumptions that sizeof(size_t) == sizeof(int), mostly in printf formats

 - use of NULL format statements to perform dn searches.

 - assumption that sizeof() returns an int
(This used to be commit a58ea6b385)
2007-10-10 13:29:34 -05:00
Love Hörnquist Åstrand
61edb97bdf r8394: Make sure the argument to ctype is*(3) macros are unsigned char as
required by ISO C99.
(This used to be commit 56fd21c806)
2007-10-10 13:20:14 -05:00
Andrew Tridgell
76ecf81428 r8273: fixed some memory leaks in smbscript. This required converting
file_load() to use talloc, which impacted quite a few bits of code,
including our smb.conf processing.

took the opportunity to remove the gloabls in params.c while doing this
(This used to be commit b220756cb4)
2007-10-10 13:19:29 -05:00
Jelmer Vernooij
fa8d539e0f r7943: Add 'make manpages', fix 'make installman' and 'make uninstallman'.
Not part of the "all" make target yet, as it requires xsltproc
(This used to be commit fd3f463643)
2007-10-10 13:18:53 -05:00
Andrew Tridgell
56cc328000 r7740: get rid of our duplicate base64 routines
(This used to be commit cf17f90a83)
2007-10-10 13:18:29 -05:00
Andrew Bartlett
b11efd3e50 r7674: Fix the printf() attribute suggestion by correctly prototyping, then
declaring the static function.  The attribute only works on the
prototype, not the function.

Andrew Bartlett
(This used to be commit 4c254754d2)
2007-10-10 13:18:20 -05:00
Andrew Tridgell
af237084ec r7633: this patch started as an attempt to make the dcerpc code use a given
event_context for the socket_connect() call, so that when things that
use dcerpc are running alongside anything else it doesn't block the
whole process during a connect.

Then of course I needed to change any code that created a dcerpc
connection (such as the auth code) to also take an event context, and
anything that called that and so on .... thus the size of the patch.

There were 3 places where I punted:

  - abartlet wanted me to add a gensec_set_event_context() call
    instead of adding it to the gensec init calls. Andrew, my
    apologies for not doing this. I didn't do it as adding a new
    parameter allowed me to catch all the callers with the
    compiler. Now that its done, we could go back and use
    gensec_set_event_context()

  - the ejs code calls auth initialisation, which means it should pass
    in the event context from the web server. I punted on that. Needs fixing.

  - I used a NULL event context in dcom_get_pipe(). This is equivalent
    to what we did already, but should be fixed to use a callers event
    context. Jelmer, can you think of a clean way to do that?

I also cleaned up a couple of things:

 - libnet_context_destroy() makes no sense. I removed it.

 - removed some unused vars in various places
(This used to be commit 3a3025485b)
2007-10-10 13:18:15 -05:00
Andrew Bartlett
2b4791ae73 r7525: Unify lp_load(), load_interfaces and logging setup into popt().
There is now a new --debug-stderr option to enable debug to STDERR.

popt isn't perfect, but the callbacks are used in all the main Samba
binaries, and should be used in the rest.  This avoids duplicated
code, and ensures every binary is setup correctly.

This also ensures the setup happens early enough to have -s function,
and have a correct impact on the credentials code.  (Fixing a bug that
frustrated tridge earlier today).

The only 'subtle' aspect of all this is that I'm pretty sure that the
SAMBA_COMMON popt code must be above the CREDENTIALS code, in the
popt tables.

Andrew Bartlett
(This used to be commit 50f3c2b3a2)
2007-10-10 13:18:06 -05:00
Rafal Szczesniak
9bbfe84cb9 r7382: Convert net_user code so that is can be compiled against
changed CreateUser call. Doesn't work yet, but the test
passes.

rafal
(This used to be commit a50ebd4a16)
2007-10-10 13:17:48 -05:00
Jelmer Vernooij
0a40093ef3 r7249: Cope with struct member rename
(This used to be commit e7549f33f5)
2007-10-10 13:17:31 -05:00
Jelmer Vernooij
c5981f6db0 r7117: Move more manpages to the source repository
(This used to be commit b00355bf0c)
2007-10-10 13:17:18 -05:00
Jelmer Vernooij
e427f58622 r6973: Merge new version of pidl into the main SAMBA_4_0 branch.
The main difference in this new version is the extra data structure generated
between the IDL data structure and the NDR parser:

IDL -> NDR -> { ndr_parser, ndr_header, eparser, etc }

This makes the ndr_parser.pm internals much more sane.

Other changes include:

- Remove unnecessary calls with NDR_BUFFERS (for example, GUID doesn't have any buffers, just scalars) as well as some (unnecessary) nested setting of flags.
- Parse array loops in the C code rather then calling ndr_pull_array(). This allows us to have, for example, arrays of pointers or arrays of pointers to arrays, etc..
- Use if() {} rather then if () goto foo; everywhere
- NDR_IN no longer implies LIBNDR_FLAG_REF_ALLOC
- By default, top level pointers are now "ref" (as is the default in
  most other IDL compilers). This can be overridden using the
  default_pointer_top() property.
- initial work on new ethereal parser generators by Alan DeKok and me
- pidl now writes errors in the standard format used by compilers, which
  is parsable by most editors
- ability to warn about the fact that pidl extension(s) have been used,
  useful for making sure IDL files work with other IDL compilers.

oh, and there's probably some other things I can't think of right now..
(This used to be commit 13cf227615)
2007-10-10 13:17:01 -05:00
Tim Potter
4867378592 r6951: Fix all calls to setup_logging() that use 'True' as a second argument.
In Samba4 this is now an enum.  Possibly by accident, True just happens
to map to the right value in this case.  (-:
(This used to be commit affacc5398)
2007-10-10 13:17:00 -05:00
Tim Potter
e4d5dde7c8 r6930: Use NBT_NAME_CLIENT instead of the number 0.
(This used to be commit e6b53ce177)
2007-10-10 13:16:57 -05:00
Jelmer Vernooij
e73d051e20 r6839: Add support for building subsystems as shared libraries. This can be
done by setting:
OUTPUT_TYPE = SHARED_LIBRARY
in the [SUBSYSTEM::...] section belonging to a subsystem.

The idea is to allow multiple values to OUTPUT_TYPE simultaneously
(e.g. OUTPUT_TYPE = SHARED_LIBRARY, STATIC_LIBRARY, OBJLIST )
(This used to be commit b9d0ae93ba)
2007-10-10 13:16:50 -05:00
Jelmer Vernooij
5b18cf2268 r6795: Make some functions static and remove some unused ones.
(This used to be commit 46509eb899)
2007-10-10 13:16:44 -05:00
Stefan Metzmacher
a0cb1b0a5f r6612: fix the build
metze
(This used to be commit a1c7fe2578)
2007-10-10 13:16:30 -05:00
Stefan Metzmacher
001f13eb4f r6609: remove double entry for [BINARY::getntacl]
metze
(This used to be commit 55c9746da8)
2007-10-10 13:16:30 -05:00
Andrew Bartlett
8bf57cf8f5 r6573: Start on my project to implement an NT4 compatible BDC in Samba4.
This brings in a compatability layer for Samba3 in Samba4 - where we
will start to define file formats and similar details.

The 'net samdump' command uses 'password server = ' for now, and
performs a similar task to Samba3's 'net rpc samsync'.

Andrew Bartlett
(This used to be commit 550f17f992)
2007-10-10 13:16:27 -05:00
Tim Potter
77255b7f9c r6527: Resurrect getntacl utility program. At the moment we only display the
output of ndr_print_xattr_NTACL() to stdout.
(This used to be commit b32c159c38)
2007-10-10 13:16:22 -05:00
Andrew Tridgell
e7dd6a1291 r6287: sorted out a small but surprisingly tricky dependency problem with the
ndr code for handling sids and security descriptors now that we have a
sid in the nbt IDL
(This used to be commit f8e77fcdea)
2007-10-10 13:11:29 -05:00
Andrew Bartlett
2eb3d68062 r6028: A MAJOR update to intergrate the new credentails system fully with
GENSEC, and to pull SCHANNEL into GENSEC, by making it less 'special'.

GENSEC now no longer has it's own handling of 'set username' etc,
instead it uses cli_credentials calls.

In order to link the credentails code right though Samba, a lot of
interfaces have changed to remove 'username, domain, password'
arguments, and these have been replaced with a single 'struct
cli_credentials'.

In the session setup code, a new parameter 'workgroup' contains the
client/server current workgroup, which seems unrelated to the
authentication exchange (it was being filled in from the auth info).

This allows in particular kerberos to only call back for passwords
when it actually needs to perform the kinit.

The kerberos code has been modified not to use the SPNEGO provided
'principal name' (in the mechListMIC), but to instead use the name the
host was connected to as.  This better matches Microsoft behaviour,
is more secure and allows better use of standard kerberos functions.

To achieve this, I made changes to our socket code so that the
hostname (before name resolution) is now recorded on the socket.

In schannel, most of the code from librpc/rpc/dcerpc_schannel.c is now
in libcli/auth/schannel.c, and it looks much more like a standard
GENSEC module.  The actual sign/seal code moved to
libcli/auth/schannel_sign.c in a previous commit.

The schannel credentails structure is now merged with the rest of the
credentails, as many of the values (username, workstation, domain)
where already present there.  This makes handling this in a generic
manner much easier, as there is no longer a custom entry-point.

The auth_domain module continues to be developed, but is now just as
functional as auth_winbind.  The changes here are consequential to the
schannel changes.

The only removed function at this point is the RPC-LOGIN test
(simulating the load of a WinXP login), which needs much more work to
clean it up (it contains copies of too much code from all over the
torture suite, and I havn't been able to penetrate its 'structure').

Andrew Bartlett
(This used to be commit 2301a4b38a)
2007-10-10 13:11:15 -05:00
Jelmer Vernooij
34cde06513 r5924: Use cli_credentials in libnet/.
(This used to be commit e5bc6f4f17)
2007-10-10 13:11:08 -05:00
Jelmer Vernooij
02075be0bb r5917: First step in using the new cli_credentials structure. This patch
puts support for it into popt_common, adds a few utility functions
(in lib/credentials.c) and the callback functions for the command-line
(lib/cmdline/credentials.c). Comments are welcome :-)
(This used to be commit 1d49b57c50)
2007-10-10 13:11:08 -05:00
Andrew Bartlett
df64302213 r5902: A rather large change...
I wanted to add a simple 'workstation' argument to the DCERPC
authenticated binding calls, but this patch kind of grew from there.

With SCHANNEL, the 'workstation' name (the netbios name of the client)
matters, as this is what ties the session between the NETLOGON ops and
the SCHANNEL bind.  This changes a lot of files, and these will again
be changed when jelmer does the credentials work.

I also correct some schannel IDL to distinguish between workstation
names and account names.  The distinction matters for domain trust
accounts.

Issues in handling this (issues with lifetime of talloc pointers)
caused me to change the 'creds_CredentialsState' and 'struct
dcerpc_binding' pointers to always be talloc()ed pointers.

In the schannel DB, we now store both the domain and computername, and
query on both.  This should ensure we fault correctly when the domain
is specified incorrectly in the SCHANNEL bind.

In the RPC-SCHANNEL test, I finally fixed a bug that vl pointed out,
where the comment claimed we re-used a connection, but in fact we made
a new connection.

This was achived by breaking apart some of the
dcerpc_secondary_connection() logic.

The addition of workstation handling was also propogated to NTLMSSP
and GENSEC, for completeness.

The RPC-SAMSYNC test has been cleaned up a little, using a loop over
usernames/passwords rather than manually expanded tests.  This will be
expanded further (the code in #if 0 in this patch) to use a newly
created user account for testing.

In making this test pass test_rpc.sh, I found a bug in the RPC-ECHO
server, caused by the removal of [ref] and the assoicated pointer from
the IDL.  This has been re-added, until the underlying pidl issues are
solved.
(This used to be commit 824289dcc2)
2007-10-10 13:11:07 -05:00
Tim Potter
1d64203954 r5827: Make ndrdump accept a uuid as well as a pipe name to specify
which rpc interface to use.
(This used to be commit d59bc9dc9b)
2007-10-10 13:11:04 -05:00
Tim Potter
d93d5f967f r5782: Use standard input for reading packet data if filename not specified.
(This used to be commit c3c6dafc31)
2007-10-10 13:11:03 -05:00
Rafal Szczesniak
308c7d26c1 r5425: Convert function tables to new structure (with description)
and remove unnecessary help functions as help is generated
automatically. Usage functions with precise information about
usage of each leaf node remain.

rafal
(This used to be commit eb66180d14)
2007-10-10 13:10:44 -05:00
Rafal Szczesniak
a19b2e84f8 r5424: Automatically generate basic help display on basis of name
and description from function table.

rafal
(This used to be commit 24f7a3860e)
2007-10-10 13:10:44 -05:00
Rafal Szczesniak
16f64ae6d6 r5423: Change function table structure to allow short description
of command groups. Also give up help function pointer in the
structure since it's needed only in leaf nodes of command tree,
and leaf nodes decide about help on their own. Usage function
is still available on all levels.

rafal
(This used to be commit 48568959a8)
2007-10-10 13:10:44 -05:00
Andrew Tridgell
845f5596c8 r5413: enable standard samba command line options in ndrdump (so -d works)
(This used to be commit 6f9eb74ef8)
2007-10-10 13:10:43 -05:00
Andrew Tridgell
8f49e17044 r5412: don't force initial debug level up in ndrdump
(This used to be commit 9536936992)
2007-10-10 13:10:43 -05:00
Rafal Szczesniak
530d46f674 r5400: Slightly better handling of help messages in net tool.
rafal
(This used to be commit 5cebb4feed)
2007-10-10 13:10:41 -05:00
Rafal Szczesniak
082a568473 r5381: Added net_user.c with net tool interface for managing user accounts.
rafal
(This used to be commit 3005f0408c)
2007-10-10 13:09:49 -05:00
Rafal Szczesniak
1ad9bed79d r5380: Removed extra newline.
rafal
(This used to be commit d8fa9baf24)
2007-10-10 13:09:49 -05:00
Andrew Tridgell
dd689afdc8 r5328: - allow case sensitive nbt name lookups
- added --case-sensitive option to nmblookup

 - added case sensitivity tests to the NBT-WINS test
(This used to be commit 80a95d5688)
2007-10-10 13:09:42 -05:00
Andrew Tridgell
75ddf59ea1 r5308: trimmed back a lot of the old macros from smb_macros.h
(This used to be commit bf43c9bdcf)
2007-10-10 13:09:40 -05:00
Andrew Tridgell
bed7c9ec32 r5304: removed lib/socket/socket.h from includes.h
(This used to be commit b902ea546d)
2007-10-10 13:09:39 -05:00
Andrew Tridgell
8674eaa5cc r5300: more uint32 and system/filesys.h build fixes when developer mode is enabled
(This used to be commit 93931b1a74)
2007-10-10 13:09:39 -05:00
Andrew Tridgell
e82aad1ce3 r5298: - got rid of pstring.h from includes.h. This at least makes it a bit
less likely that anyone will use pstring for new code

 - got rid of winbind_client.h from includes.h. This one triggered a
   huge change, as winbind_client.h was including system/filesys.h and
   defining the old uint32 and uint16 types, as well as its own
   pstring and fstring.
(This used to be commit 9db6c79e90)
2007-10-10 13:09:38 -05:00
Andrew Tridgell
b9bb7f596d r5294: - added a separate NBT-WINS test for WINS operations (register, refresh, release and query)
- change the iface_n_*() functions to return a "const char *" instead of a "struct ipv4_addr"
  I think that in general we should move towards "const char *" for
  all IP addresses, as this makes IPv6 much easier, and is also easier
  to debug. Andrew, when you get a chance, could you fix some of the
  auth code to use strings for IPs ?

- return a NTSTATUS error on bad name queries and node status instead
  of using rcode. This makes the calling code simpler.

- added low level name release code in libcli/nbt/

- use a real IP in the register and wins nbt torture tests, as w2k3
  WINS server silently rejects some operations that don't come from the
  IP being used (eg. it says "yes" to a release, but does not in fact
  release the name)
(This used to be commit bb1ab11d8e)
2007-10-10 13:09:37 -05:00
Andrew Tridgell
b69a2c0d6b r5261: translate nbt rcode errors to NTSTATUS codes
(This used to be commit 554d1b70e7)
2007-10-10 13:09:35 -05:00
Andrew Tridgell
fcb78064bf r5260: - show an error message on nmblookup failure
- always try to enable broadcast on nbt name sockets (this matches
  samba3 behaviour better)
(This used to be commit 919bc14e7b)
2007-10-10 13:09:35 -05:00
Andrew Tridgell
7f10614e94 r5252: - fixed nmblookup for the nbt api changes
- added a simple WINS server name registration and query test
(This used to be commit d56e68ebf5)
2007-10-10 13:09:34 -05:00
Andrew Tridgell
414f6c80b2 r5114: the nbtd task can now act as a basic B-node server. It registers its
names on the network and answers name queries. Lots of details are
still missing, but at least this now means you don't need a Samba3
nmbd to use Samba4.

missing pieces include:

 - name registrations should be "shout 3 times, then demand"

 - no WINS server yet

 - no master browser code
(This used to be commit d7d31fdc66)
2007-10-10 13:09:23 -05:00
Andrew Tridgell
e6ea227235 r5054: added a nmblookup tool, based on the new nbt library
(This used to be commit 9587cbcb9e)
2007-10-10 13:09:18 -05:00
Andrew Tridgell
759da3b915 r5037: got rid of all of the TALLOC_DEPRECATED stuff. My apologies for the
large commit. I thought this was worthwhile to get done for
consistency.
(This used to be commit ec32b22ed5)
2007-10-10 13:09:15 -05:00
Andrew Tridgell
0b673687e5 r5004: add current samba3 nmblookup.c ready for updating to new nbt lib
(This used to be commit 854f7f376d)
2007-10-10 13:09:12 -05:00
Andrew Tridgell
51d61771f8 r5003: delete old nmblookup.c code
(This used to be commit b781a54244)
2007-10-10 13:09:12 -05:00
Andrew Tridgell
23478fe0ca r4889: make sure ndr print flags are initialised in ndrdump
(This used to be commit c5c65ad8fb)
2007-10-10 13:09:03 -05:00
Andrew Tridgell
4d7e4c8058 r4794: - disabled the ntacl command line utilities until they are rewritten to use the same
acl format as we use in pvfs (and hopefully use common code too)

- removed a lot of old cruft from our autoconf tests. This may well break some builds,
  but then we can fix them properly instead of the "if solaris version 5.1.2" crap

This was prompted by someone sending me solaris 10 patches that
patched the configure script with if statements for several more
versions of solaris to check for and do special stuff. That is just
silly.
(This used to be commit 1ea59d1146)
2007-10-10 13:08:56 -05:00
Andrew Bartlett
8799d6b44c r4762: Store the results of a 'net join' in the LDB.
Like Samba3, the storage of the primary domain password is keyed off
the domain name, so we can join multiple domains, and just swap
'workgroup =' around.

Andrew Bartlett
(This used to be commit 54a231780e)
2007-10-10 13:08:51 -05:00
Andrew Bartlett
335a277662 r4722: Start to add 'net join' to Samba4.
Andrew Bartlett
(This used to be commit a9b9606091)
2007-10-10 13:08:48 -05:00
Stefan Metzmacher
46a32687da r4620: - add interface functions to the auth subsystem so that callers doesn't need to
use function pointers anymore
- make the module init much easier
- a lot of cleanups

don't try to read the diff in auth/ better read the new files

it passes test_echo.sh and test_rpc.sh

abartlet: please fix spelling fixes

metze
(This used to be commit 3c0d16b823)
2007-10-10 13:08:34 -05:00
Andrew Tridgell
6836f5d0b1 r4616: the first phase in the addition of proper support for
dcerpc_alter_context and multiple context_ids in the dcerpc client
library.

This stage does the following:

 - split "struct dcerpc_pipe" into two parts, the main part being "struct dcerpc_connection", which
   contains all the parts not dependent on the context, and "struct dcerpc_pipe" which has
   the context dependent part. This is similar to the layering in libcli_*() for SMB

 - disable the current dcerpc_alter code. I've used a #warning until i
   get the 2nd phase finished. I don't know how portable #warning is, but
   it won't be long before I add full alter context support anyway, so it won't last long

 - cleanup the allocation of dcerpc_pipe structures. The previous code
   was quite awkward.
(This used to be commit 4004c69937)
2007-10-10 13:08:34 -05:00
Andrew Tridgell
11ce2cfd70 r4591: - converted the other _p talloc functions to not need _p
- added #if TALLOC_DEPRECATED around the _p functions

- fixes the code that broke from the above

while doing this I fixed quite a number of places that were
incorrectly using the non type-safe talloc functions to use the type
safe ones. Some were even doing multiplies for array allocation, which
is potentially unsafe.
(This used to be commit 6e7754abd0)
2007-10-10 13:08:30 -05:00
Andrew Tridgell
ddc10d4d37 r4549: got rid of a lot more uses of plain talloc(), instead using
talloc_size() or talloc_array_p() where appropriate.

also fixed a memory leak in pvfs_copy_file() (failed to free a memory
context)
(This used to be commit 89b74b5354)
2007-10-10 13:08:25 -05:00
Stefan Metzmacher
b5b1c52a98 r4419: move security_token stuff to the libcli/security/
and debug privileges

metze
(This used to be commit c981808ed4)
2007-10-10 13:07:47 -05:00
Andrew Bartlett
0f1444b772 r4358: At metze's request, the Christmas elves have removed gensec_end in
favor of talloc_free().

Andrew Bartlett
(This used to be commit 1933cd12fb)
2007-10-10 13:07:37 -05:00