sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-25 23:21:54 +03:00
Code
64,173 Commits 60 Branches 1,144 Tags 452 MiB
eb7bf9d730
Commit Graph

64173 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Andreas Schneider
eb7bf9d730 s3-net: Make sure we don't call free on garbage. 
Found by clang-analyzer.
 2010-06-29 11:12:12 +02:00
Andreas Schneider
1db7356fa1 s3-net: Use talloc_asprintf and return if file is in wrong format. 
Found by clang-analyzer.
 2010-06-29 11:12:12 +02:00
Andreas Schneider
e52f3d8637 s3-librpc: Fixed GUID_from_data_blob() with length of 32. 
If we hit the case that the blob length is 32. The code goes to the end
of the function and generates a GUID with garbage.
So try to convert the blob to the GUID and return.
 2010-06-29 11:12:12 +02:00
Nadezhda Ivanova
845e7a609d Fixed incorrect use of cn instead of lDAPDisplayName 2010-06-29 11:46:22 +03:00
Andrew Bartlett
cc7c572b3d s4:secrets Ensure secrets.ldb uses the same hooks as the rest of Samba 
This ensures that, for example, the utf8 functions are the same,
the GUID handler is the same and the NOSYNC flag is applied.

Andrew Bartlett
 2010-06-29 16:59:31 +10:00
Andrew Bartlett
48c8896f2e s4:selftest Split out PKINIT tests from test_kinit.sh and test enc types 
This allows us to run the PKINIT tests only against the main DC (for
which the certificates were generated), while testing the available
encryption types in each functional level.

In particular, we need to assert that AES encryption is available in
the 2008 functional level.

Andrew Bartlett
 2010-06-29 16:59:31 +10:00
Andrew Bartlett
d76e4852eb s4:kdc Rework the 'allowed enc types' calculation 
This changes the calculation to apply the allowed enc types to all
uses of the key (no point allowing a weak kinit to a key the server
wanted strongly protected).  It also ensures that all the non-DES keys
are available on the krbtgt in particular, even as it does not have a
msds-SupportedEncryptionTypes attributes.

Andrew Bartlett
 2010-06-29 16:59:30 +10:00
Andrew Bartlett
f41e711097 s4:auth Query LDB for msds-SupportedEncryptionTypes for the KDC 
The KDC needs this to determine what encryption types an entry supports

Andrew Bartlett
 2010-06-29 16:59:30 +10:00
Andrew Bartlett
5167b97ff2 s4:kerberos Add functions to convert msDS-SupportedEncryptionTypes 
This will allow us to interpret this attibute broadly in Samba.

Andrew Bartlett
 2010-06-29 16:59:30 +10:00
Andrew Bartlett
9fc3f8194d s4:libnet_join Fix typo in msDS-SupportedEncryptionTypes 2010-06-29 16:59:30 +10:00
Andrew Bartlett
94637e5fe4 s4:provision Add an msDS-SupportedEncryptionTypes entry to our DC 
This ensures that our DC will use all the available encyption types.

(The KDC reads this entry to determine what the server supports)

Andrew Bartlett
 2010-06-29 16:59:22 +10:00
Andrew Tridgell
30dc87dab9 build: only use git when found by configure 
this rebuilds version.h whenever the git version changes, so we always
get the right version with samba -V. That adds about 15s to the build
time on each git commit, which shouldn't be too onerous
 2010-06-29 14:28:08 +10:00
Andrew Tridgell
3774ba350e build: allow LOAD_ENVIRONMENT() to pass when no configure has been run 
this returns an empty environment
 2010-06-29 14:28:08 +10:00
Andrew Tridgell
8cbd36afe8 build: allow always=True/False on SAMBA_GENERATOR() 
this allows us to force a rule to always run. Will be used by 
samba_version

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2010-06-29 14:28:08 +10:00
Kamen Mazdrashki
1e8876a4f1 s4/repl_meta_data: remove duplicated (and commented out) log 2010-06-29 00:35:23 +03:00
Kamen Mazdrashki
12bc68d4d0 s4/ndr: Fix tuncating of constant to a 'long' type 2010-06-29 00:35:22 +03:00
Matthias Dieter Wallnöfer
e6371246ef s4:lib/registry/ldb.c - add a missing brace 
Sorry didn't check that earlier.
 2010-06-28 23:13:04 +02:00
Matthias Dieter Wallnöfer
ba01b216e2 s4:lib/registry/ldb.c - fix memory handling in "ldb_open_key" 2010-06-28 23:02:56 +02:00
Matthias Dieter Wallnöfer
094c1034d2 s4:lib/ldb/registry.c - handle the classname in the right way 
This is for "ldb_get_key_info".
 2010-06-28 23:02:56 +02:00
Matthias Dieter Wallnöfer
2fb3d8a6cc s4:lib/registry/ldb.c - remove really useless "local_ctx" 
"mem_ctx" should fit for these few local allocations.
 2010-06-28 23:02:56 +02:00
Matthias Dieter Wallnöfer
3935502c67 s4:lib/registry/ldb.c - retrieve the classname correctly in "ldb_get_subkey_by_id" 2010-06-28 23:02:56 +02:00
Matthias Dieter Wallnöfer
77e87e66b0 s4:lib/registry/ldb.c - change the "ldb_get_value" implementation to use the value cache and not an LDB lookup 
In addition this fixes the use of special characters in registry object names.
 2010-06-28 23:02:55 +02:00
Ira Cooper
3549425b30 s3: Change exit on immediate socket failure. 
This change makes it so socket errors early in the smbd child
    process cause orderly exits not coredumps.

Signed-off-by: Jeremy Allison <jra@samba.org>
 2010-06-28 12:08:03 -07:00
Matthias Dieter Wallnöfer
b6eb17eb1e s4:auth/sam.c - "authsam_expand_nested_groups" - small performance improvement 
We can save one search operation if "only_childs" is false and when we had no
SID passed as extended DN component.
 2010-06-28 20:31:37 +02:00
Matthias Dieter Wallnöfer
a782eaa2fd s4:auth/sam.c - "authsam_expand_nested_groups" - cosmetic/comments 2010-06-28 20:31:37 +02:00
Matthias Dieter Wallnöfer
03ffed73db s4:auth/sam.c - "authsam_expand_nested_groups" - use "dsdb_search_dn" where possible 
And always catch LDB errors
 2010-06-28 20:31:37 +02:00
Jelmer Vernooij
5f9a053d63 selftest: Remove accidentally committed dummy test. 2010-06-28 20:10:08 +02:00
Endi S. Dewata
7cb98a0cdc s4/spnupdate: Fixed spnupdate to use secrets credentials when accessing SamDB. 
Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org>
 2010-06-28 19:33:47 +02:00
Endi S. Dewata
5bee3efaca s4/libcli: Register LDB_CONTROL_REVEAL_INTERNALS and DSDB_CONTROL_PASSWORD_CHANGE_STATUS_OID controls. 
Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org>
 2010-06-28 19:33:46 +02:00
Endi S. Dewata
ed4c107bc1 s4/dsdb: Fixed partition_search() not to pass special DN's to LDAP backend. 
Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org>
 2010-06-28 19:33:45 +02:00
Endi S. Dewata
fa9557fee3 s4/auth: Fixed authsam_expand_nested_groups() to find entry SID if not available in the DN. 
Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org>
 2010-06-28 19:33:44 +02:00
Volker Lendecke
ba0ba4e85b s3: Make some routines static in smbldap 2010-06-28 16:57:04 +02:00
Matthias Dieter Wallnöfer
4fc51ad07a s4:repl_meta_data LDB module - fix counter type 2010-06-28 14:51:09 +02:00
Matthias Dieter Wallnöfer
fc2d8fcb83 s4:acl LDB module - fix counter type 2010-06-28 14:51:09 +02:00
Matthias Dieter Wallnöfer
e5c5d371d1 s4:dcesrv_drsuapi.c - fix a counter variable 2010-06-28 14:51:09 +02:00
Matthias Dieter Wallnöfer
666b611182 s4:selftest - also "rpc.samr.users.privileges" does work now 2010-06-28 14:51:08 +02:00
Matthias Dieter Wallnöfer
4826fdf95f s4:lsa RPC server - Fix up "dcesrv_lsa_DeleteObject" 
- Return always "NT_STATUS_OK" on success
- Remove "talloc_free"s on handles since the frees are automatically performed by
  the DCE/RPC server code
 2010-06-28 14:51:08 +02:00
Matthias Dieter Wallnöfer
d01e36e647 s4:knownfail - "pwdLastSet" test does work now 2010-06-28 14:51:08 +02:00
Matthias Dieter Wallnöfer
5606173997 s4:torture/rpc/samr.c - test_SetPassword_LastSet - introduce the delays also for s4 2010-06-28 14:51:07 +02:00
Matthias Dieter Wallnöfer
c0160d0614 s4:torture - SAMR password tests - activate support for password sets on level "18" and "21" 2010-06-28 14:51:06 +02:00
Matthias Dieter Wallnöfer
b200d8a5ca s4:selftest - activate the lanman password changes 
This is needed for a working "OemChangePasswordUser2" operation.
 2010-06-28 14:51:05 +02:00
Matthias Dieter Wallnöfer
d6098de507 s4:dcesrv_samr_SetUserInfo - implement right "pwdLastSet" behaviour 
Behaviour as the torture SAMR passwords tests show.
 2010-06-28 14:51:05 +02:00
Matthias Dieter Wallnöfer
3c1a9fb87f s4:dcesrv_samr_SetUserInfo - deny operations when "fields_present" is 0 
Taken from s3
 2010-06-28 14:51:05 +02:00
Matthias Dieter Wallnöfer
ea83d21341 s4:dcesrv_samr_SetUserInfo - port the "SAMR_FIELD_LAST_PWD_CHANGE" check from s3 to s4 2010-06-28 14:51:04 +02:00
Matthias Dieter Wallnöfer
4c63bb312f s4:dcesrv_samr_SetUserInfo - implement password set level 21 2010-06-28 14:51:04 +02:00
Matthias Dieter Wallnöfer
b705026771 s4:dcesrv_samr_SetUserInfo - implement case 18 which allows to reset the user password 2010-06-28 14:51:04 +02:00
Matthias Dieter Wallnöfer
8feda76d4f s4:OemChangePasswordUser2 - return "NT_STATUS_WRONG_PASSWORD" when we haven't activated the the lanman auth 
This is what s3 does.
 2010-06-28 14:51:03 +02:00
Matthias Dieter Wallnöfer
8f20a5512a s4:samr_password.c - add a function which sets the password through encrypted password hashes 
Used for password sets on "samr_SetUserInfo" level 18 and 21.
 2010-06-28 14:51:03 +02:00
Günther Deschner
427c953273 s4-smbtorture: fix typo. 
Not my day...

Guenther
 2010-06-28 14:47:16 +02:00
Matthias Dieter Wallnöfer
f2e0ca2662 s4:torture/rpc/samr.c - test_SetPassword_LastSet - fix "pwdLastSet" test 
- Remove superflous checks (on level 18, 24, 26 we do always have "pwdLastSet"
  resets if "password_expired" > 0)
- Fixed some bugs

Signed-off-by: Günther Deschner <gd@samba.org>
 2010-06-28 14:33:17 +02:00