sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-10 13:57:47 +03:00
Code
56,059 Commits 62 Branches 1,150 Tags
Commit Graph

56059 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Günther Deschner
f0b52b8c31 s3-winbindd: add and use winbindd_lookup_sids(). 
Guenther
 2009-09-17 08:54:19 +02:00
Günther Deschner
c708338682 cifs-upcall: fix the build after spnego merge. 
Guenther
 2009-09-17 08:53:29 +02:00
Kamen Mazdrashki
35f4b88c7c w32err: use WERR_DC_NOT_FOUND name instead of WERR_DOMAIN_CONTROLLER_NOT_FOUND 
Signed-off-by: Günther Deschner <gd@samba.org>
 2009-09-17 07:18:51 +02:00
Kamen Mazdrashki
8bebce45d3 w32err: Set hex format values for all errors 
Signed-off-by: Günther Deschner <gd@samba.org>
 2009-09-17 07:18:46 +02:00
Kamen Mazdrashki
3f835eb947 w32err: Re-define errors with numeric values 
Signed-off-by: Günther Deschner <gd@samba.org>
 2009-09-17 07:18:41 +02:00
Kamen Mazdrashki
91d3d3c6a2 w32err: Sorting error codes in ascending order 
Signed-off-by: Günther Deschner <gd@samba.org>
 2009-09-17 07:18:36 +02:00
Kamen Mazdrashki
fc1ac736d6 w32err: NERR_ codes grouped together 
Signed-off-by: Günther Deschner <gd@samba.org>
 2009-09-17 07:18:31 +02:00
Kamen Mazdrashki
1cfac63fa4 w32err: WERR_CLASS_NOT_REGISTERED updated 
Error code move to COM/OLE group.
Error value changed to as REGDB_E_CLASSNOTREG in Windows

Signed-off-by: Günther Deschner <gd@samba.org>
 2009-09-17 07:18:29 +02:00
Abhidnya Chirmule
277597de85 To set file create/birth time in GPFS. Signed-off-by: Abhidnya Chirmule <achirmul@in.ibm.com> 2009-09-17 02:24:13 +02:00
Volker Lendecke
919559573c s3:vfs: Fix the build of vfs_tsmsm after the VFS rewrite 2009-09-17 02:07:11 +02:00
Günther Deschner
43e198c188 spnego: add spnego_proto.h. 
Guenther
 2009-09-17 01:39:12 +02:00
Günther Deschner
503d035814 spnego: share spnego_parse. 
Guenther
 2009-09-17 01:12:20 +02:00
Günther Deschner
83023462f9 libcli/auth: remove trailing whitespace. 
Guenther
 2009-09-16 18:00:16 +02:00
Günther Deschner
44e44310d1 s3-netlogon: support validation level 6 in netr_SamLogon calls. 
Guenther
 2009-09-16 18:00:03 +02:00
Günther Deschner
5ddde4e19d s3-netlogon: match all logon levels in netr_SamLogon calls. 
Guenther
 2009-09-16 17:59:56 +02:00
Günther Deschner
42e393af28 s3-rpcclient: fix netr_LogonGetCapabilities command. 
Guenther
 2009-09-16 17:59:38 +02:00
Nadezhda Ivanova
53d6dd3d52 security:idl Generated files 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2009-09-16 07:52:15 -07:00
Nadezhda Ivanova
d70e171719 Owner and group defaulting. 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2009-09-16 07:52:05 -07:00
Zahari Zahariev
fec33db90e Tests for descriptor inheritance 
Signed-off-by: Nadezhda Ivanova <nadezhda.ivanova@postpath.com>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2009-09-16 07:51:45 -07:00
Andrew Bartlett
932690c093 s4:kdc In the kpasswd server, don't use the client address in mk_priv 
This code eventually calls into mk_priv in the Heimdal code, and if
the client is behind NAT, or somehow has an odd idea about it's own
network addresses, it will fail to accept this packet if we set an
address.  It seems easiser not to.  (Found by testing with NetAPP at
plugfest)

Andrew Bartlett
 2009-09-16 07:18:16 -07:00
Andrew Bartlett
e8e8e40505 s4:rpc_server netgotiate max xmit size with RPC client 
Testing against NetAPP showed that clients can object to being told a
larger max xmit fragment size than they negotiated.  Choose the
minimum of the server and client values.

Andrew Bartlett
 2009-09-16 07:18:16 -07:00
Bo Yang
89ed2af69d s3: Don't overwrite password in pam_winbind, subsequent pam modules 
might use the old password and new password.

Signed-off-by: Bo Yang <boyang@samba.org>
 2009-09-16 22:03:57 +08:00
Andrew Tridgell
45cebf7f11 s4-repl: raise a debug level 2009-09-16 03:58:17 -07:00
Andrew Tridgell
98f2a3b6a3 s4-dsdb: treat uSNHighest as 0 if @REPLCHANGED doesn't exist 
When a partition is first created it still needs a uSNHighest value
 2009-09-16 03:58:17 -07:00
Stefan Metzmacher
033ced60ac libcli/auth: rewrite schannel sign/seal code to be more generic 
This prepares support for HMAC-SHA256/AES.

metze
 2009-09-16 12:29:06 +02:00
Stefan Metzmacher
8f482ae663 lib/crypto: include aes.h into crypto.h 
metze
 2009-09-16 12:29:05 +02:00
Matt Kraai
4c5854fc2d Ignore source4/dsdb/kcc/kcc_service_proto.h. 2009-09-13 00:25:03 +02:00
Günther Deschner
a0d8698f65 s3-netapi: Fix Coverity #668: FORWARD_NULL. 
Guenther
 2009-09-16 10:30:08 +02:00
Günther Deschner
de43e39487 s3-netapi: Fix Coverity #669 FORWARD_NULL. 
Guenthe
 2009-09-16 10:30:01 +02:00
Günther Deschner
828b9a48fd s3-netapi: Fix Coverity #670: FORWARD_NULL. 
Guenther
 2009-09-16 10:29:54 +02:00
Günther Deschner
537ac20a92 s3-eventlogadm: Fix Coverity #938: UNINIT. 
Guenther
 2009-09-16 10:29:43 +02:00
Günther Deschner
6dab835fbb s3-rpcclient: Fix Coverity #935: UNINIT. 
Guenther
 2009-09-16 10:29:35 +02:00
Günther Deschner
94d83b62c9 s3-ntlmssp: add missing prototype. 
Guenther
 2009-09-16 08:55:59 +02:00
Günther Deschner
37bc806453 s3-dcerpc: remove more obsolete or duplicate headers. 
Guenther
 2009-09-16 08:55:51 +02:00
Günther Deschner
c5c04fcf90 s3-schannel: add dump_NL_AUTH_SIGNATURE. 
Guenther
 2009-09-16 07:54:02 +02:00
Andrew Tridgell
30d13288e5 s4-repl: take advantage of async RPC forwarding 
This uses async RPC forwarding for the DsReplicaSync call
 2009-09-15 20:51:10 -07:00
Andrew Tridgell
f80363c90a s4-rpc: added a module for forwarding RPC requests 
dcesrv_irpc_forward_rpc_call() can be used to forward an arbitrary RPC
request to another task in Samba4, with the return being handled
asynchronously.

This is useful for forwarding DRS requests to the repl or kcc tasks
 2009-09-15 20:50:30 -07:00
Andrew Tridgell
5d2dfd12cf s4-drs: lock down key DRS calls 
The key DRS calls should only be allowed by administrators or domain
controllers
 2009-09-15 19:52:25 -07:00
Andrew Tridgell
7ded0741d9 s4-security: added a new security level SECURITY_DOMAIN_CONTROLLER 
This will be used as a simple way to lock down DRS replication to
administrators and domain controllers
 2009-09-15 19:25:45 -07:00
Andrew Tridgell
10e25fc5e9 s4-ldb: ldap attribute names can contain a '.' 
When they are of the form of OIDs
 2009-09-15 18:45:43 -07:00
Andrew Tridgell
03d0005b25 s4-ldb: expose ldb_transaction_prepare_commit() in ldb 
It is useful to be able to control the 2 phase commit from application
code (s4 replication uses it)
 2009-09-15 18:45:43 -07:00
Andrew Tridgell
458dda1f15 s4-repl: don't do double replication 
When we replicate from a remote DC, we need to note the new uSN that
the local changes have resulted in, and modify the uSN that the notify
task uses to determine if it should send a ReplicaSync message back to
the remote DC. Otherwise we end up always triggering a ReplicaSync
every time we replicate from another DC
 2009-09-15 18:45:43 -07:00
Andrew Tridgell
654672008c tdb: allow reads after prepare commit 
We previously only allowed a commit to happen after a prepare
commit. It is in fact safe to allow reads between a prepare and a
commit, and the s4 replication code can make use of that, so allow it.
 2009-09-15 18:45:43 -07:00
Andrew Tridgell
9e0b1a3a1f s4-drs: filter based on local_usn 
The getncchanges uSN is in our local space, so we must compare it to
the local_usn in replPropertyMetaData
 2009-09-15 18:45:42 -07:00
Andrew Tridgell
bc3bbae6d2 s4-repl: make sure we marshal the replPropertyMetaData after the last change 
we were setting local_usn after the marshall, so it wasn't going into
the object
 2009-09-15 18:45:42 -07:00
Andrew Tridgell
ff8ad222cd s4-dsdb: use DLIST_ADD() not DLIST_ADD_END() 
Using DLIST_ADD_END() to construct a long list is very inefficient (it
is O(n^2). These lists are not ordered, so using DLIST_ADD() is much
better.
 2009-09-15 18:45:42 -07:00
Andrew Tridgell
12f689eef4 s4-ldb: cope better with corruption of tdb records 
When doing an indexed search if we hit a corrupt record we abandoned
the indexed search and did a full search. The problem was that we
might have sent some records to the caller already, which means the
caller ended up with duplicate records. Fix this by returning a search
error if indexing returns an error and we have given any records to
the caller.
 2009-09-15 18:45:42 -07:00
Andrew Tridgell
00fb6705ff talloc: when we enable NULL tracking, reparent the autofree context 
If NULL tracking is enabled after the autofree context is initialised
then autofree ends up separate from the null_context. This means that
talloc_report_full() doesn't report the autofree context. Fix this by
reparenting the autofree context when we create the null_context.
 2009-09-15 18:45:41 -07:00
Andrew Tridgell
089dc64cbb s4-repl: add a debug to make it easier to monitor replication 2009-09-15 18:45:41 -07:00
Volker Lendecke
444a05c28d s3: Fix reading beyond the end of a named stream in xattr_streams 
This was found thanks to a test by Sivani from Microsoft against Samba at the
SDC plugfest
 2009-09-16 03:42:36 +02:00