summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Introduce system MIT krb5 build with --with-system-mitkrb5 option.Alexander Bokovoy2012-05-2348-471/+598
| | | | | | | | | | | | | | | | | System MIT krb5 build also enabled by specifying --without-ad-dc When --with-system-mitkrb5 (or --withou-ad-dc) option is passed to top level configure in WAF build we are trying to detect and use system-wide MIT krb5 libraries. As result, Samba 4 DC functionality will be disabled due to the fact that it is currently impossible to implement embedded KDC server with MIT krb5. Thus, --with-system-mitkrb5/--without-ad-dc build will only produce * Samba 4 client libraries and their Python bindings * Samba 3 server (smbd, nmbd, winbindd from source3/) * Samba 3 client libraries In addition, Samba 4 DC server-specific tests will not be compiled into smbtorture. This in particular affects spoolss_win, spoolss_notify, and remote_pac rpc tests.
* s4: samba-tool is usable without export-keytab command, make sure it does ↵Alexander Bokovoy2012-05-231-19/+22
| | | | | | | | not break When export_keytab is not compiled in (pure client-side Samba 4 build as with system MIT krb5), export-keytab command of samba-tool will not be available. Make sure it is not provided but its absence does not break the Python tool.
* auth-credentials: Support using pre-fetched ccache when obtaining kerberos ↵Alexander Bokovoy2012-05-231-2/+12
| | | | | | | | | credentials When credentials API is used by a client-side program that already as fetched required tickets into a ccache, we need to skip re-initializing ccache. This is used in FreeIPA when Samba 4 Python bindings are run after mod_auth_kerb has obtained user tickets already.
* s3-passdb: add unixid_from_uid/unixid_from_gid/unixid_from_both APIAlexander Bokovoy2012-05-233-1/+54
| | | | | | | | | | | | | struct unixid is defined in idmap.idl and therefore to use it one would need generated headers from librpc/gen_ndr. Not all of these files are installed and available as public headers. Also, they pull in some support headers which requires them to be available via specific locations like <librpc/gen_ndr/*> or <libcli/util>. Instead of pulling the headers to get structure and enum definitions, introduce three simple helpers to fill in 'struct unixid' based on the type of id. This is sufficient for PASSDB users and does not require exposing generated headers or code.
* dns: fix comments and make s4/libcli/resolve dns resolver workingAlexander Bokovoy2012-05-232-4/+4
| | | | | | | | After migrating to use libaddns, reply_to_addrs() needed to change the way answers are iterated through. Originally libroken implementation gave all answers as separate records with last one being explicitly NULL. libaddns unmarshalling code gives all non-NULL answers and should be iterated with explicit reply->num_answers in use.
* lib/krb5_wrap: implement krb5_cc_get_lifetime for MIT KerberosAlexander Bokovoy2012-05-231-19/+22
| | | | | | | In case krb5_cc_get_lifetime is not available, iterate over existing tickets in the keytab, find the one marked as TKT_FLAG_INITIAL, and use its lifetime. This is how it is implemented in Heimdal and how it was suggested to be done by MIT Kerberos developers.
* gensec_gssapi: Make it possible to build with MIT krb5Simo Sorce2012-05-234-11/+40
| | | | | | | | | | We need to ifdef out some minor things here because there is no available API to set these options in MIT. The realm and canonicalize options should be not interesting in the client case. Same for the send_to_kdc hacks. Also the OLD DES3 enctype is not at all interesting. I am not aware that Windows will ever use DES3 and no modern implementation relies on that enctype anymore as it has been fully deprecated long ago, so we can simply ignore it.
* auth and s4-rpc_server: Do not use features we currently can't implement ↵Simo Sorce2012-05-232-1/+10
| | | | with MIT Kerbros build
* s4-resolve: Remove dependency on librokenSimo Sorce2012-05-234-206/+156
| | | | Use available native samba resolver functions
* addns: Make ads_dns_lookup_srv pulicSimo Sorce2012-05-232-1/+6
|
* Move source3/libads/dns.c to lib/addnsSimo Sorce2012-05-2312-15/+27
|
* s3-ads-dns: Avoid unnecessary dependenciesSimo Sorce2012-05-233-12/+11
|
* s3-ads-dns: Break dependency on lp_parmSimo Sorce2012-05-237-33/+69
| | | | In preparation of making this code common to s3 and s4
* s3-ad-dns: Use more standard uint and booleans defsSimo Sorce2012-05-231-35/+35
| | | | In preparation of making this code common to s3 and s4
* addns: Fix talloc hiereachySimo Sorce2012-05-231-1/+1
| | | | Attach request to local memory context not to potentially long lived connection
* s3:smbd: use reply_force_doserror(req, ERRSRV, ERRbaduid) on SMBulogoffStefan Metzmacher2012-05-231-0/+5
| | | | | | | | | | | | We don't support security = share anymore, so we should always have a valid session. Found by the raw.context test. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Wed May 23 12:47:37 CEST 2012 on sn-devel-104
* Second part of fix for bug 8953 - winbind can hang as nbt_getdc() has no ↵Herb Lewis2012-05-231-0/+1
| | | | | | | | | | | | | timeout. If we're running with SEC_ADS and we don't get a cldap response from the server when querying its name, don't fall back to NetBIOS requests as they're unlikely to succeed. Signed-off-by: Jeremy Allison <jra@samba.org> Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Wed May 23 03:49:36 CEST 2012 on sn-devel-104
* Fix bug #8953 - winbind can hang as nbt_getdc() has no timeout.Jeremy Allison2012-05-224-2/+15
| | | | | Add a timeout_in_seconds parameter to nbt_getdc() to make it fail after that time with NT_STATUS_IO_TIMEOUT.
* s3:smbd: remove unused 'connection_struct->used'Michael Adam2012-05-223-4/+0
| | | | | | | Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Tue May 22 16:42:22 CEST 2012 on sn-devel-104
* Added torture test for bug #8910. Test remove_duplicate_addrs2().Jeremy Allison2012-05-224-2/+108
| | | | | Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Tue May 22 01:31:17 CEST 2012 on sn-devel-104
* s3: Fix vfs_xattr_tdb.cVolker Lendecke2012-05-211-1/+1
| | | | | | | | | | | "size" is the maximum buffer, only copy what we actually got. For me, this fixes valgrind errors in the DIR1 test that might potentially make DIR1 non-flaky again. Signed-off-by: Jeremy Allison <jra@samba.org> Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Mon May 21 22:10:15 CEST 2012 on sn-devel-104
* s3:smb2_ioctl: Fix Coverity ID 701771 Uninitialized scalar variableStefan Metzmacher2012-05-211-0/+10
| | | | | | | metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Mon May 21 19:27:44 CEST 2012 on sn-devel-104
* s4-dsdb: allow modification of some deleted object if the show-deleted ↵Matthieu Patou2012-05-191-4/+9
| | | | | | | control is presented Autobuild-User: Matthieu Patou <mat@samba.org> Autobuild-Date: Sat May 19 20:28:01 CEST 2012 on sn-devel-104
* s4-dsdb: naming context needs to have the extended-dn syntax tooMatthieu Patou2012-05-191-0/+1
|
* libcli: make it easier to understand that a control was not correctly encodedMatthieu Patou2012-05-191-1/+1
|
* Move the set_write_time() call to after get_existing_share_mode_lock() ↵Jeremy Allison2012-05-191-3/+15
| | | | | | | | | | | | | | | | | | | | | | returns with a share mode. get_existing_share_mode_lock() isn't really the right call here, as we're being called after close_remove_share_mode() inside close_normal_file() so it's quite normal to not have an existing share mode here. However, get_share_mode_lock() doesn't work because that will create a new share mode if one doesn't exist - so stick with this call (just ignore any error we get if the share mode doesn't exist. The previous commit raised the error message debug level inside get_share_mode_lock_internal() so we don't always get a level 1 error message if get_existing_share_mode_lock() fails. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Sat May 19 06:26:33 CEST 2012 on sn-devel-104
* Raise the debug level from 1 to 5 in get_share_mode_lock_internal()Jeremy Allison2012-05-181-1/+2
| | | | | This isn't a fatal condition, there is a valid codepath that can cause this message.
* s4:torture: Add raw.session.reauth2 testVolker Lendecke2012-05-181-0/+142
| | | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Fri May 18 18:25:42 CEST 2012 on sn-devel-104
* s4:torture: rename raw.session.reauth => raw.session.reauth1Stefan Metzmacher2012-05-181-3/+3
| | | | metze
* s3:smbd: allow creating new spnego sessions only with a 0 vuidStefan Metzmacher2012-05-181-0/+5
| | | | | | Found by the raw.context test. metze
* s3:smbd: SMBtdis should return ERRSRV, ERRinvnid instead of NETWORK_NAME_DELETEDStefan Metzmacher2012-05-181-1/+1
| | | | | | Found by the raw.context test. metze
* selftest/Samba3: add 'smbd:suicide mode = yes'Stefan Metzmacher2012-05-181-0/+1
| | | | metze
* s3:idmap_cache: improve checks for format of value string in ↵Michael Adam2012-05-181-0/+15
| | | | | | | idmap_cache_find_sid2unixid() Autobuild-User: Michael Adam <obnox@samba.org> Autobuild-Date: Fri May 18 16:34:27 CEST 2012 on sn-devel-104
* s3:idmap_cache: add common exit point to idmap_cache_find_sid2unixid()Michael Adam2012-05-181-12/+10
|
* s3:idmap_cache: improve debug messages in idmap_cache_find_sid2unixid()Michael Adam2012-05-181-5/+24
|
* s3: Revert the serverid changes, they need more workVolker Lendecke2012-05-1811-262/+46
| | | | | Autobuild-User: Volker Lendecke <vl@samba.org> Autobuild-Date: Fri May 18 13:12:14 CEST 2012 on sn-devel-104
* s4-torture: Improve torture test boilerplate, use torture_assert()Andrew Bartlett2012-05-1818-279/+93
| | | | | | | | | This ensures that if this fails, it is reported as a subunit error correctly. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Fri May 18 09:35:13 CEST 2012 on sn-devel-104
* s4-torture: Always use torture_assert() to handle failuresAndrew Bartlett2012-05-181-9/+6
|
* s4-torture: provide correct torture failures for failure to connectAndrew Bartlett2012-05-181-11/+9
|
* build: Also look for iconv in /usr/local by defaultAndrew Bartlett2012-05-181-2/+2
| | | | | | | This should help the build find iconv on FreeBSD and similar systems, and make it possible to operate with 8-bit character sets. Andrew Bartlett
* Add include/lib folders from the commandlineThomas Nagy2012-05-182-1/+71
| | | | | | By using opt.add_option(..., match=['Checking for library iconv'], dest='iconvdir'), all configuration tests displaying 'Checking for library iconv' will get $(iconvdir)/lib and $(iconvdir)/include
* s4-torture: Fix rpc.samr.priv test to use torture_assert() macrosAndrew Bartlett2012-05-181-51/+16
|
* autobuild: Run ABI check on samba4-libs as well.Andrew Bartlett2012-05-181-5/+5
| | | | | | | Because this build is without the developer options (so as to check that we build without those) we do not do an ABI check by default. Andrew Bartlett
* build: Move generated files out of the normal build treeAndrew Bartlett2012-05-185-86/+96
| | | | | | This avoids some dual-build-system interactions. Andrew Bartlett
* build: Move generated version.h to a waf-invisible locationAndrew Bartlett2012-05-183-3/+3
| | | | | | | Generally, it is better if our generated header files for the autoconf build do not end up in places that the waf build can see. Andrew Bartlett
* pygensec: Fix init of variable if not specified.Jelmer Vernooij2012-05-181-1/+1
| | | | | | | | | Thanks to Wolfgang Sourdeau for reporting this. Bug: https://bugzilla.samba.org/show_bug.cgi?id=8946 Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Fri May 18 04:50:17 CEST 2012 on sn-devel-104
* Note that "keepalive" only applies to SMB1 connections.Jeremy Allison2012-05-181-0/+3
| | | | | Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Fri May 18 02:59:34 CEST 2012 on sn-devel-104
* Fix the waf build with the new "cleans up stale processes" test.Jeremy Allison2012-05-181-0/+1
| | | | | Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Fri May 18 00:20:36 CEST 2012 on sn-devel-104
* s3: Check for serverid_exists in close_directoryVolker Lendecke2012-05-171-0/+3
| | | | Signed-off-by: Jeremy Allison <jra@samba.org>
* s3: Check for serverid_exists in close_remove_share_modeVolker Lendecke2012-05-171-0/+3
| | | | Signed-off-by: Jeremy Allison <jra@samba.org>
View Lorry Controller Status