sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-25 23:21:54 +03:00
Code
58,881 Commits 60 Branches 1,144 Tags 452 MiB
09d947f77c
Commit Graph

20955 Commits

Author SHA1 Message Date
Kamen Mazdrashki
a2044b9a61 s4: Fix result check for getaddrinfo() 
I think this completes commit 50feca550e.
Now result should be handled correctly both for systems that
support EAI_NODATA but returns EAI_NONAME (as my Ubuntu 9.x)
and systems that doesn't support EAI_NODATA at all.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2010-01-06 14:26:32 +01:00
Matthias Dieter Wallnöfer
a08a0ffd37 s4:SAMLDB LDB module - Fix trailing whitespaces 2010-01-05 20:55:47 +01:00
Matthias Dieter Wallnöfer
77ce33c419 s4:SAMLDB LDB module - Rework to allow checks for wrong "defaultObjectCategory" attributes 
This allows a stricter check for "defaultObjectCategory" attributes which is
performed when the "relax" control isn't specified.
Additional note: As the added comment points out this isn't complete.
And I personally think that moving this at some point to the "objectclass"
module is a better idea to make this fully work (since there we have direct
access to the schema). If someone has a good idea how to do this please inform
me.

Anyway, the SAMLDB module does require some restructure since at the moment it's
very overloaded and therefore a bit a mess. In the meantime I started to work
on a new approach to realise it in a better way.
 2010-01-05 20:55:47 +01:00
Matthias Dieter Wallnöfer
c051008540 s4:schema_load.c - Typo 2010-01-05 20:55:46 +01:00
Matthias Dieter Wallnöfer
bbf9885013 s4:ldap_schema.py - add an additional check for validity of "defaultObjectCategory" 2010-01-05 20:55:45 +01:00
Matthias Dieter Wallnöfer
d8ca002a8c s4:ldap_schema.py - Move generated attributes check 
Make more clear that they're created before the "schemaUpdateNow".
 2010-01-05 20:55:32 +01:00
Jeremy Allison
2a66db8f93 Fix the merged build. Probably not strictly correct but allows us to "make test". 
Jeremy.
 2010-01-04 13:27:48 -08:00
Stefan Metzmacher
f04e10f4c0 s4:dsdb/repl: convert dreplsrv_out_drsuapi_send/recv to tevent_req 
metze
 2010-01-04 09:36:25 +01:00
Stefan Metzmacher
a06e5cdb99 s4: Happy New Year 2010 
metze
 2010-01-04 08:42:49 +01:00
Andrew Tridgell
504754856e s4-dsdb: force REVISION_ADS for new and updated ACLs in dsdb 
w2k8-r2 gives a "schema mismatch" error if the revision is not set to
REVISION_ADS and you replicate the ntsecuritydescriptor using DRS.

Nadya, please check this!

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-01-02 17:28:36 +11:00
Andrew Tridgell
e809b721e9 s4-drs: don't give an error on repsTo delete if add is also specified 
w2k8-r2 in dcpromo asks for a delete+add during its initial join.
 2010-01-02 17:28:35 +11:00
Andrew Tridgell
0bc902ac84 s4-sddl: DRS replication needs REVISION_ADS for SDs 
DRS replication with w2k8-r2 fails with a schema mismatch error if we
set the revision to NT4
 2010-01-02 17:28:35 +11:00
Jelmer Vernooij
a214ebc3d6 ldb: Fix the standalone ldb build. 2010-01-02 02:40:30 +01:00
Andrew Tridgell
00b39c70f5 s4-dsdb: switched to using RMD_FLAGS instead of DELETED in extended DNs 
This allows for more flags in the future
 2010-01-02 08:16:57 +11:00
Andrew Tridgell
cced567364 s4-kcc: added a preiodic task to remove deleted objects 
we check for deleted objects in each partition every 10 minutes, using
onelevel searches
 2010-01-02 08:16:56 +11:00
Andrew Tridgell
08bad38035 s4-dsdb: fixed several memory leaks 
need to be careful with those temporary contexts
 2010-01-02 08:16:56 +11:00
Andrew Tridgell
031460b8a2 s4-dsdb: fixed samdb_create_foreign_security_principal() to use the wellknown GUID 
This also fixes a memory leak
 2010-01-02 08:16:56 +11:00
Andrew Tridgell
335af02218 s4-ldb: fixed valgrind error: ares can be freed by callback 2010-01-02 08:16:56 +11:00
Andrew Tridgell
8eaed073a7 s4-dsdb: make sure 'whenChanged' is set on modify 
We also should preserve (and then replace) whenChanged on delete
 2010-01-02 08:16:56 +11:00
Andrew Tridgell
9819d280d6 s4-dsdb: added dsdb_tombstone_lifetime() 2010-01-02 08:16:56 +11:00
Andrew Tridgell
23eb9f49a7 s4-dsdb: allow system to remove deleted objects 
This will be used by a periodic job to remove tombstoned objects
 2010-01-02 08:16:56 +11:00
Andrew Tridgell
1c5a268f34 s4-ldaptest: need to use MessageElement for modify messages 
Without MessageElement() the flags are not set, which is invalid
 2010-01-02 08:16:56 +11:00
Andrew Tridgell
e410a91ff4 s4-ldb: show an error string, as well as error message 
This makes it easier to track down error mismatches from the test
suite
 2010-01-02 08:16:56 +11:00
Andrew Tridgell
4eecfc80bc s4-drs: make sure the DNs we put in the db have a extended GUID 2010-01-02 08:16:56 +11:00
Andrew Tridgell
6628588dfb s4-dsdb: added dsdb_set_extended_dn_guid() 2010-01-02 08:16:55 +11:00
Andrew Tridgell
98d94cca6f s4-ldbtest: fixed message element in modify 
a flags value of zero is not valid
 2010-01-02 08:16:55 +11:00
Andrew Tridgell
81e8a18181 s4-ldb: allow modules to override error return values 
The samldb module overrides the error code for some returns when
handling primaryGroupID. We need to take the error from the async
callback to allow this to work reliably
 2010-01-02 08:16:55 +11:00
Andrew Tridgell
302dcd0226 s4-ldbmodify: show the error code as well as error string 2010-01-02 08:16:55 +11:00
Andrew Tridgell
1ab5020ef2 s4-ldb: declate ldb_val_to_time() 2010-01-02 08:16:55 +11:00
Andrew Tridgell
53e86ac5b2 s4-ldb: use safe length limited conversions for int64 and time 2010-01-02 08:16:55 +11:00
Andrew Tridgell
708ad42b0b s4-dsdb: use safe length limiting in string->integer conversion 
The ldap.py test suite could trigger a read past the end of the struct
ldb_val buffer
 2010-01-02 08:16:55 +11:00
Andrew Tridgell
c3061794ef s4-dsdb: use ldb_val_to_time() instead of ldb_string_to_time() 2010-01-02 08:16:55 +11:00
Andrew Tridgell
baae6ef9d2 s4-ldb: added ldb_val_to_time() 
This is intended as a replacement for ldb_string_to_time() for ldb_val
inputs. This ensures it is length limited and includes additional
validity checks
 2010-01-02 08:16:55 +11:00
Andrew Tridgell
e3cf818c27 s4-drs: sort linked attributes 
See MS-DRSR section 4.1.10.5.17 for a description of the sorting
comparison function
 2010-01-02 08:16:55 +11:00
Andrew Tridgell
d48237d547 s4-drs: re-resolve the DN in linked attribute processing 
w2k8-r2 sometimes sends the DN with an old target
 2010-01-02 08:16:54 +11:00
Andrew Tridgell
5dd6e089f1 s4-drs: use dsdb_module_rename() 
Use the new dsdb_module_rename() for DRS rename handling, instead of
ldb_rename(). This stops us going to the top of the module stack on a
rename.
 2010-01-02 08:16:54 +11:00
Andrew Tridgell
38160deac4 s4-drs: use dsdb linked attribute parse functions 
This makes the code considerably more readable
 2010-01-02 08:16:54 +11:00
Andrew Tridgell
5e52c7149f s4-dsdb: added parse functions for DRS linked attribute blobs 2010-01-02 08:16:54 +11:00
Andrew Tridgell
a81dd03917 s4-drs: set flag to indicate that we do support linked attributes 2010-01-02 08:16:54 +11:00
Andrew Tridgell
36f8ece9de s4-ldb: show the error code as well as errstr 
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-01-02 08:16:54 +11:00
Andrew Tridgell
db3f0e8ec1 s4-dsdb: fixed valgrind error in replmd modify 
We are using the values from a search result, so we need to steal them
onto the msg before we free the search results

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-01-02 08:16:54 +11:00
Andrew Tridgell
9f053d43de s4-drs: don't try to remove backlinks directly 
backlinks need to be removed as a side effect of removing the forward
link

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-01-02 08:16:53 +11:00
Andrew Tridgell
0bf7f95273 s4-drs: isRecycled only exists in FL W2K8-R2 
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-01-02 08:16:53 +11:00
Andrew Tridgell
530503290d s4-drs: use DSDB_FLAG_OWN_MODULE 
We need DRS driven replication changes to update replPropertyMetaData,
so it needs to call into the repl_meta_data module logic

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-01-02 08:16:53 +11:00
Andrew Tridgell
9572535940 s4-drs: update comment to refect only forward link in this fn 
This function only update forward links

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-01-02 08:16:53 +11:00
Andrew Tridgell
5b31cb20dd s4-drs: fixed typo for uSNCreated 
This broke DRS replication from samba to windows

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-01-02 08:16:53 +11:00
Andrew Tridgell
7a39340c8e s4-drs: use dsdb_module_guid_by_dn() 
We should not be going to the top of the module stack
 2010-01-02 08:16:53 +11:00
Andrew Tridgell
e3054ce0fe s4-drs: cope better with NULL GUIDS from DRS 
It is valid to get a NULL GUID over DRS for a deleted forward link. We
need to match by DN if possible when seeing if we should update an
existing link.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-01-02 08:16:53 +11:00
Andrew Tridgell
2e114484e5 s4-drs: give an error message in repl_meta_data if we don't get a partition control 2010-01-02 08:16:53 +11:00
Andrew Tridgell
0d5d7f5847 s4-drs: treat a zero GUID as not present in replmd_add_fix_la 
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-01-02 08:16:53 +11:00
Andrew Tridgell
0c2afdd5a9 s4-drs: update highwatermark after successfully encoding the object 2010-01-02 08:16:52 +11:00
Andrew Tridgell
ff6dd4a67f s4-drs: send all linked attributes at the end of a replication cycle 
This ensures that a link is not seen before the object it points to
 2010-01-02 08:16:52 +11:00
Andrew Tridgell
5bf257fa9b s4-drs: use the extended linearized form for DRS replication 
We were sending zero GUIDs. Not good!

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-01-02 08:16:52 +11:00
Andrew Tridgell
7653f56bd4 s4-drs: implemented sorting functions based on replication flags 
I think we probably have more work to do on the sort order, but this
brings us a bit closer.
 2010-01-02 08:16:52 +11:00
Andrew Tridgell
701148bbe9 s4-drs: we are doing the sorting for getncchanges in the app code now 
the sorting is quite delicate, and easier to get right in the
getncchanges code

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-01-02 08:16:52 +11:00
Andrew Tridgell
cb00e443a3 s4-drs: give a reason when an AddEntry commit fails 
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-01-02 08:16:52 +11:00
Andrew Tridgell
9f02898080 s4-schema: don't fill in the extended DN with a zero GUID 
sometimes windows sends us a zero GUID in a DRS DN.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-01-02 08:16:52 +11:00
Andrew Tridgell
d4853fed00 sd-schema: order DRS classes on the wire in reverse order 
windows sends objectclasses in DRS in the opposite order to what LDAP
uses
 2010-01-02 08:16:52 +11:00
Andrew Tridgell
ca5c3a0a02 s4-dsdb: added DSDB_FLAG_OWN_MODULE 
This allows you to call dsdb_module_*() functions while including the
current module in the module stack to be used

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-01-02 08:16:52 +11:00
Andrew Tridgell
e1ffcfc783 s4-ldb: added ldb_module_get_ops() 
This is needed to support DSDB_FLAG_OWN_MODULE

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-01-02 08:16:51 +11:00
Andrew Tridgell
dd33a22f1d s4-dsdb: use a common method for finding a link pair 
Use ^1 everywhere, to ensure it works for both forward and backward
links
 2010-01-02 08:16:51 +11:00
Andrew Tridgell
340d7e807b s4-drs: fixed the UDV return in getncchanges 
We should overwrite an existing entry if found
 2010-01-02 08:16:51 +11:00
Andrew Tridgell
bcc952d19d s4-drs: some useful debugging options for getncchanges 
Added two debugging parametric options

  drs:max object sync = 
  drs:extra filter =
 2010-01-02 08:16:51 +11:00
Andrew Tridgell
bf8ccd21f1 s4-dsdb: fill in the correct version number of links that come over DRS 2010-01-02 08:16:51 +11:00
Andrew Tridgell
5dcb903f26 s4-dsdb: move checking for single valued links to samba modules 
This uses the RELAX control and checking of single valued attributes
in ldb modules to avoid problems with multi-valued links where all
values but one are deleted
 2010-01-02 08:16:51 +11:00
Andrew Tridgell
3c1259f10e s4-dsdb: added dsdb_check_single_valued_link() 
This is used in conjunction with the RELAX control, to check for
violations of single value rules for linked attributes
 2010-01-02 08:16:51 +11:00
Andrew Tridgell
225bcfa4e6 s4-drs: handle mixtures of old and new style links in getncchanges 
We need to send non-upgraded links using the old format
 2010-01-02 08:16:51 +11:00
Andrew Tridgell
64802c5e27 s4-dsdb: added dsdb_dn_is_upgraded_link_val() 
This is used to detect if a link has been stored in the w2k3 extended
format
 2010-01-02 08:16:51 +11:00
Andrew Tridgell
b34db0840d s4-ldb: use the RELAX control to disable single value checking on replace 
When using w2k3 linked attributes we are allowed to have multiple
values on a single valued attribute. This happens when the other
values are deleted.

Setting the RELAX control tell the ldb-tdb backend to not check for
this on replace, which means the caller has to check for single valued
violations.
 2010-01-02 08:16:51 +11:00
Andrew Tridgell
26ec526d02 s4-dsdb: auto-upgrade w2k formatted linked attributes when modified 
When any value of a w2k formatted linked attribute is modified,
upgrade the links.
 2010-01-02 08:16:50 +11:00
Andrew Tridgell
fde3f64373 s4-drs: added linked attribute replication to getncchanges 2010-01-02 08:16:50 +11:00
Andrew Tridgell
beba977213 s4-dsdb: ask for REVEAL_INTERNALS in getncchanges 
We need this for the linked attribute meta data
 2010-01-02 08:16:50 +11:00
Andrew Tridgell
809bcfca3d s4-dsdb: minor cleanup in DRS replicated objects code 2010-01-02 08:16:50 +11:00
Andrew Tridgell
4dbcab45f2 s4-dsdb: store full meta data from DRS for linked attributes 
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-01-02 08:16:50 +11:00
Andrew Tridgell
312ef9df3c s4-dsdb: add REVEAL_INTERNALS in the search for linked_attributes 
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-01-02 08:16:50 +11:00
Andrew Tridgell
b1db66a501 s4-dsdb: allow the component name to be specified in dsdb_get_extended_dn_guid() 
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-01-02 08:16:50 +11:00
Andrew Tridgell
f1b6484232 s4-dsdb: split RMD_USN into RMD_LOCAL_USN and RMD_ORIGINATING_USN 
We need a separate RMD_LOCAL_USN to allow us to tell what attributes
need to be sent in a getncchanges request. Thanks to Metze for
pointing this out.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-01-02 08:16:50 +11:00
Andrew Tridgell
e4a6f5c8b8 s4-dsdb: handle links with no backlinks in replmd_delete 2010-01-02 08:16:50 +11:00
Andrew Tridgell
5eefff915e s4-dsdb: simplify the linked_attributes module 
The linked_attributes module only has to deal with renames now, as
other linked attribute updates happen in repl_meta_data. This allows
it to be much simpler.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-01-02 08:16:49 +11:00
Andrew Tridgell
e9699e9cb9 s4-dsdb: do the rename after the modify in replmd_delete 
This makes updating the links a bit easier
 2010-01-02 08:16:49 +11:00
Andrew Tridgell
2b5cd3dba2 s4-dsdb: some backlinks can be processed immediately 
backlinks in add and delete operations can be processed immediately,
rather than at the end of a transaction. This can save on backlink
list processing time.
 2010-01-02 08:16:49 +11:00
Andrew Tridgell
3fe9244796 s4-dsdb: remove linked_attributes_add 
This is now handled in the repl_meta_data module
 2010-01-02 08:16:49 +11:00
Andrew Tridgell
9e96ae8ddc s4-dsdb: add linked attributes meta_data handling to replmd_add 
This also handles the backlink creation that was previously in the
linked_attributes module

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-01-02 08:16:49 +11:00
Andrew Tridgell
348bcfc8ff s4-dsdb: added replmd_delete, based on Eduardos work 
This implements repmld_delete(), which handles the meta_data updates
for an object when deleting. A delete gets mapped to a combination
of a rename followed by a modify request, which has the effect of
moving the object into the Deleted Objects container.

This is based on the code from Eduardo Lima
<eduardoll@gmail.com>. Eduardo's code was modified to take account of
the linked attributes changes that Andrew and I have been working on.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-01-02 08:16:49 +11:00
Andrew Tridgell
5964acfa74 s4-dsdb: the linked_attributes module no longer handles deletes 
delete handling is now moved into repl_meta_data

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-01-02 08:16:49 +11:00
Andrew Tridgell
bd5678f4be s4-dsdb: repl_meta_data now replaces objectguid in all cases 
We don't want to be debugging two different code paths through the ldb
module stack, so better to always do the work of repl_meta_data, even
for a standalone server

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-01-02 08:16:49 +11:00
Andrew Tridgell
3199e02884 s4-dsdb: add a comment on the use of ldb_rename() 
We need to use ldb_rename() and not dsdb_module_rename() here as we
need the rename to be processed by the current module
 2010-01-02 08:16:48 +11:00
Andrew Tridgell
c071af337a s4-dsdb: linked_attributes_modify no longer handles modifies 
This functionality has moved into repl_meta_data
 2010-01-02 08:16:48 +11:00
Andrew Tridgell
3b056061ff s4-dsdb: added support for backlinks in repl_meta_data 
backlinks need more careful handling now that we store the additional
meta data for deleted links. It is easier to handle this in
repl_meta_data than in linked_attributes.

Eventually linked_attributes will disappear, with the functionality
moved into repl_meta_data.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-01-02 08:16:48 +11:00
Andrew Tridgell
dee6b6fb3d s4-dsdb: implemeneted replmd_modify_la_replace() 
We now have the core code for handling storage of linked attribute
meta-data with local modifies

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-01-02 08:16:48 +11:00
Andrew Tridgell
d5020e3d91 s4-dsdb: add a TODO item for linked attributes in extended_dn_out 
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-01-02 08:16:48 +11:00
Andrew Tridgell
41c3c979ff s4-dsdb: add support for storing linked attribute meta data in extended DNs 
When in functional levels above w2k, we need to store much richer meta
data about linkked attributes. We also need to keep deleted linked
attributes around to allow the deletion to be propogated to other DCs.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-01-02 08:16:48 +11:00
Jelmer Vernooij
9085499bbb heimdal_build: Explicitly specify 'YES' when enabling external 
libraries.
 2010-01-01 18:32:37 +01:00
Jelmer Vernooij
0c29640358 s4/build: Indicate whether Samba4 is being built against the system 
Heimdal.
 2010-01-01 18:31:44 +01:00
Andrew Tridgell
de94857848 s4-net: fixed finddcs to use empty SID instead of NULL sid (NDR error) 2009-12-31 17:33:53 +11:00
Andrew Tridgell
3239872bbc s4-net: fixed pwsettings command 
Don't override user settings with current settings
 2009-12-31 17:33:33 +11:00
Jelmer Vernooij
dbd7a62baa py/security: Add test for dom_sid.split. 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-31 17:33:33 +11:00
Jelmer Vernooij
66f81d18ce samba: Fix whitespace, remove pointless 'pass' statement. 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-31 17:33:31 +11:00
Jelmer Vernooij
ea5af6e30c pyldb: Add dom_sid.split in favor of less powerful dom_sid_to_rid(). 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-31 17:33:30 +11:00
Jelmer Vernooij
7effe2d2e3 net: Support 'super' commands implemented in Python. 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-31 17:33:28 +11:00
Jelmer Vernooij
9e5ef916d4 net: Move 'newuser' to 'net newuser' 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-31 17:33:27 +11:00
Jelmer Vernooij
73594c248f net: Fix tests and documentation of setexpiry. 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-31 17:33:25 +11:00
Jelmer Vernooij
345b25d059 net: Move setexpiry to 'net setexpiry' 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-31 17:33:24 +11:00
Jelmer Vernooij
b531696a5b net: Move 'setpassword' to 'net setpassword'. 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-31 17:33:22 +11:00
Jelmer Vernooij
552e65679d net: Allow Python commands to return None instead of 0. 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-31 17:33:21 +11:00
Jelmer Vernooij
31cc963ba0 net: Allow python subcommands to provide commands that are not recognized by 
net itself.

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-31 17:33:02 +11:00
Matthias Dieter Wallnöfer
1aed373b11 s4:lib/registry/util.c - Reintroduce "FIXME"s 
Jelmer suggested to put them in again.
 2009-12-30 12:39:55 +01:00
Stefan Metzmacher
d5cbfbb93a s4:ntlmssp: remove mem_ctx from check_password() callback to match s3 
metze
 2009-12-29 17:06:25 +01:00
Stefan Metzmacher
f31d144e70 s4:ntlmssp_server: always call ntlmssp_server_postauth() and decide there if it's a noop 
metze
 2009-12-29 17:06:25 +01:00
Stefan Metzmacher
994d34b949 s4:ntlmssp_server: don't use a mem_ctx for ntlmssp_server_auth() 
metze
 2009-12-29 17:06:25 +01:00
Stefan Metzmacher
3f04b60fb9 s4:ntlmssp_server: don't use mem_ctx in auth_ntlmssp_check_password() 
metze
 2009-12-29 17:06:24 +01:00
Stefan Metzmacher
7d4692fa43 s4:ntlmssp_server: clear session key in ntlmssp_server_preauth() 
metze
 2009-12-29 17:06:24 +01:00
Stefan Metzmacher
dea456089a s4:ntlmssp: use data_blob_null in ntlmssp_server_auth() 
metze
 2009-12-29 17:06:24 +01:00
Stefan Metzmacher
60b9434492 s4:ntlmssp_server: remove unused variable 
metze
 2009-12-29 17:06:23 +01:00
Stefan Metzmacher
a8e61ac084 s4:auth/ntlmssp: let get_challenge() return a NTSTATUS and fill a stack buffer 
metze
 2009-12-29 17:06:23 +01:00
Jelmer Vernooij
fbb59b2dca dsdb: Fix dependencies when building against system ldb. 2009-12-29 16:26:21 +01:00
Jelmer Vernooij
94454ad073 net: Make arguments available to python commands as sys.argv. 2009-12-29 16:26:21 +01:00
Jelmer Vernooij
588b3e6181 python: When updating sys.path to include the Samba python path, avoid throwing away the changes made by site.py. 2009-12-29 16:26:20 +01:00
Jelmer Vernooij
e2c4d8281d s4/net: Allow options before arguments for Python commands. 2009-12-29 16:26:20 +01:00
Jelmer Vernooij
433f58f5a7 s4/net: Pass all arguments through to the Python commands. 2009-12-29 16:26:20 +01:00
Jelmer Vernooij
e60a40e287 s4/net: Add domainlevel subcommand. 2009-12-29 16:26:20 +01:00
Jelmer Vernooij
027f6ada63 s4/net: Use d_printf consistently when reporting errors. 2009-12-29 16:26:20 +01:00
Jelmer Vernooij
732a7630e9 Use CommandError exception to deal with problems during net commands. 2009-12-29 16:26:19 +01:00
Jelmer Vernooij
eaf4a9afb2 s4/net: Make pwsettings a net subcommand. 2009-12-29 16:26:19 +01:00
Jelmer Vernooij
8c19cd2dea netcmd: Add some basic tests. 2009-12-29 16:26:19 +01:00
Jelmer Vernooij
9e603dfb95 s4/net: Support parsing arguments in Python commands. 2009-12-29 16:26:19 +01:00
Jelmer Vernooij
9b1a210311 net: Support usage/help of subcommands implemented in Python. 2009-12-29 16:26:19 +01:00
Jelmer Vernooij
c064549e2e net: Support implementing subcommands in python. 2009-12-29 16:26:18 +01:00
Stefan Metzmacher
8b68349442 s4:auth: add auth_get_server_info_principal() prototype to auth.h 
metze
 2009-12-29 12:13:30 +01:00
Stefan Metzmacher
27349a68ea s4:auth: make auth_challenge_may_be_modified() public 
metze
 2009-12-29 12:13:29 +01:00
Stefan Metzmacher
af25fb55c0 s4:auth: remove autogenerated auth/ntlm/auth_proto.h 
metze
 2009-12-29 12:13:23 +01:00
Stefan Metzmacher
8ab62799ed s4:ntlmssp: fix whitespaces in ntlmssp.h 
metze
 2009-12-29 08:18:52 +01:00
Jelmer Vernooij
72d93599d9 python: Remove sys.path line rather than updating it when installing to python system path. 2009-12-27 17:30:59 +01:00
Jelmer Vernooij
ef453c63af py_net/libnet: Remove C++-style comments, add more error checking, move 
initialization of dcerpc subsystem to libnet.
 2009-12-25 14:48:45 +01:00
Kamen Mazdrashki
33699bb1be s4-libnet: Simple test for net.SetPassword() python binding 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2009-12-25 14:15:53 +01:00
Kamen Mazdrashki
20c7c27322 s4-libnet: Python binding for libnet_SetPassword() 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2009-12-25 14:15:42 +01:00
Kamen Mazdrashki
f03e88fa4b s4-net: Fix 'talloc_free with references ...' error 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2009-12-25 14:15:31 +01:00
Stefan Metzmacher
078482ad0e s4:auth: change auth_check_password_send/recv to tevent_req 
metze
 2009-12-24 17:38:34 +01:00
Stefan Metzmacher
577857d351 s4:gensec: change gensec_update_send/recv to tevent_req 
metze
 2009-12-24 17:38:34 +01:00
Stefan Metzmacher
5126b52810 s4:kdc: use the remote and local address from the stream_connection struct 
metze
 2009-12-24 17:38:33 +01:00
Stefan Metzmacher
500f55ca92 s4:smbd: hold tsocket_addresses on the stream_connection 
metze
 2009-12-24 17:38:33 +01:00
Stefan Metzmacher
4e2da423de s4:smb_server: fix mixing socket_address and tsocket_address 
metze
 2009-12-24 17:38:33 +01:00
Stefan Metzmacher
d3ee0f021b s4:lib/socket: add socket_get_{remote|local}_addr() to get a tsocket_address instead of a socket_address 
metze
 2009-12-24 17:38:33 +01:00
Stefan Metzmacher
445baf53a9 s4:lib/socket: add helpers functions to convert between socket_address and tsocket_address 
metze
 2009-12-24 17:38:32 +01:00
Simo Sorce
67d1af4384 s4:cleanups More trailing spaces and tabs 2009-12-23 15:17:56 -05:00
Simo Sorce
da27d4e465 s4:cleanups remove trailing spaces and tabs 2009-12-23 15:09:49 -05:00
Simo Sorce
7e8b042b07 s4:ldb Fix declaration in the middle of the code 2009-12-23 10:33:26 -05:00
Simo Sorce
4cc0bb7d04 s4: Fix the build 2009-12-23 10:28:44 -05:00
Matthieu Patou
8dc636ad67 s4: tests controls parsing and using for ldbadd/ldbedit/ldbmodify 2009-12-23 08:09:19 -05:00
Matthieu Patou
3bd4f6792c s4: make ldbadd/ldbmodify/ldbdelete really use the --controls switch 2009-12-23 08:09:19 -05:00
Andrew Bartlett
585900deb5 s4:gensec Don't give a warning when Windows client connects with NTLM 
We have had the workaround for a long time, but at the time the log
warnings remained.

Andrew Bartlett
 2009-12-22 17:30:05 +11:00
Andrew Bartlett
0809696dbf s4:auth Change 'get_challenge' API to be more like Samba3 
It is just easier to fill in the known to be 8 byte challenge than
stuff about with allocated pointers.

Andrew Bartlett
 2009-12-22 17:29:15 +11:00
Andrew Bartlett
383369e8f2 s4:auth generate the prototype file in the right place 2009-12-22 17:29:13 +11:00
Andrew Bartlett
551ea65c96 Samba4 and LDB requires talloc 2.0.1 
reported by ewoud@kohlvanwijngaarden.nl
 2009-12-22 17:27:03 +11:00
Tim Prouty
fd5350de1f s4 torture: Add RAW-OPLOCK-EXCLUSIVE7 which is similar to BATCH19 2009-12-21 17:27:37 -08:00
Tim Prouty
43a8b49f83 s4 torture: Update raw oplock to use win7 as the baseline for rename oplock break behavior 2009-12-21 17:27:36 -08:00
Tim Prouty
c33988c040 s4 torture: Be more permissive with share modes for oplock testing 
Share modes are tested elsewhere, and there is currently an outstanding
issue about share mode contention for nt-passthrough levels:

http://lists.samba.org/archive/cifs-protocol/2009-December/001227.html
 2009-12-21 17:27:36 -08:00
Tim Prouty
fd0c3a2264 s4 torture: Do a better job of closing open files in RAW-OPLOCK. 2009-12-21 17:27:36 -08:00
Jelmer Vernooij
2a9c22798d param: Fix build on systems without ldb installed. 2009-12-22 01:24:58 +01:00
Jelmer Vernooij
5b9e98a382 provision/pyldb: Avoid linking in static python ldb module. 2009-12-21 23:40:12 +01:00
Jelmer Vernooij
1d9a243d68 ldb_wrap: Fix compilation when using system ldb. 2009-12-21 23:40:12 +01:00
Jelmer Vernooij
c8e62797eb Fix initialisation of TypeObject samba.param.LoadparmService. 
Found by Ricardo Jorge <rvelhote@gmail.com>.
 2009-12-21 23:40:11 +01:00
Andrew Tridgell
0c362597c0 s4-schema: fixed the sorting of schema attributes 
another case of unsigned int subtracting breaking sorts. This one
surfaced now as attributeID_id now can be larger than 2^31
 2009-12-21 23:45:23 +11:00
Andrew Tridgell
ec7dc6a619 s4-torture: update uuid_compare test for new behaviour 2009-12-21 23:45:22 +11:00
Kamen Mazdrashki
ad35153ef4 s4-drs: Implement constraints on ATTID values in prefixMap 
Ref: MS-ADTS, 3.1.1.2.6 ATTRTYP

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-21 23:45:18 +11:00
Kamen Mazdrashki
911cefd48b s4-tort: Test handling of different ATTID values in prefixMap interface. 
It turns out ATTID values are separated in ranges.
Ref: MS-ADTS, 3.1.1.2.6 ATTRTYP

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-21 23:45:12 +11:00
Nadezhda Ivanova
35b8808b94 Adapted acl module to skip checks if as_system control is provided. 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-21 23:45:06 +11:00
Kamen Mazdrashki
9f6c81874f s4-drs: Save prefix map using LDB_CONTROL_AS_SYSTEM control 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-21 23:45:00 +11:00
Kamen Mazdrashki
7685bbbc4e s4-dsdb-util: Execute ldb_request using LDB_CONTROL_AS_SYSTEM 
This function is intended to be used when data needs
to be modified skipping access checks.

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-21 23:44:53 +11:00
Kamen Mazdrashki
11e2c5777d s4-dsdb-util: Utility function to process ldb_request in transaction 
This function is to be used later for manually crafted
ldb_requests from within dsdb layer

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-21 23:44:47 +11:00
Kamen Mazdrashki
516316b107 s4-schema: Implement msDS-IntId attribute generation 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-21 23:44:41 +11:00
Kamen Mazdrashki
a409c0f037 s4-schema: Constraints on msDS-IntId attribute 
This attribute can not be modified on existing schema object.

msDS-IntId is not allowed during attribute creation also.

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-21 23:44:36 +11:00
Kamen Mazdrashki
4e8ad284f5 s4-schema: Set ATTID in schema cache from "msDS-IntId" 
According to http://msdn.microsoft.com/en-us/library/cc223224%28PROT.13%29.aspx
some Attributes OIDs may not use prefixMap.
Setting ATTID in Schema Cache here should work, although
this code snippet should be moved in separate function.

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-21 23:44:29 +11:00
Kamen Mazdrashki
14bac3a3e6 Revert "s4-drs: cope with bogus empty attributes from w2k8-r2" 
This reverts commit 1287c1d115.

Next patch should fix the "not recognized ATTIDs" problem

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-21 23:44:19 +11:00
Kamen Mazdrashki
ee48f583b5 s4-tort: Tests for "msDS-IntId" attribute implemented 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-21 23:44:13 +11:00
Kamen Mazdrashki
c113be8526 s4-tort: Move Schema tests from ldap.py into separate module 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-21 23:44:05 +11:00
Kamen Mazdrashki
d9606d64dd s4-drs: Fix bug - prefixMap is not updated when adding new OIDs. 
The bug is that prefixMap is updated only memory when
adding new Classs/Attribute that has and OID not in
prefixMap already.

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-21 23:43:51 +11:00
Kamen Mazdrashki
03a1451bbc s4-drstest: Don't remove temp LDB so it can be reviewed if necessary 
This test makes temp directory which is not removed
so why not just leave LDB also.

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-21 23:43:17 +11:00
Andrew Tridgell
452fc0d6f4 s4-repl: give a reason why the prepare commit failed 2009-12-21 23:41:09 +11:00
Andrew Tridgell
92d75a4bfb s4-kcc: don't crash with a NULL ntds connection list 2009-12-21 23:41:09 +11:00
Andrew Tridgell
60acce584b s4-repl: only try to replicate for NCs that we are a master for 2009-12-21 23:41:09 +11:00
Andrew Tridgell
87f28cc267 s4-torture: another unsigned comparison bug 2009-12-21 23:41:08 +11:00
Andrew Tridgell
ec74ffa8f0 s4-schema: a unsigned comparison bug in the schema code 2009-12-21 23:41:08 +11:00
Andrew Tridgell
d3708109a1 s4-drs: another two unsigned comparison bugs 2009-12-21 23:41:07 +11:00
Andrew Tridgell
2a4a159a84 s4-repl: lower debug level of a common message 2009-12-21 23:41:07 +11:00
Andrew Tridgell
47560bfda9 s4-dsdb: don't use a non-constant format string for a printf format 2009-12-21 23:41:06 +11:00
Andrew Tridgell
a070119de3 s4-dsdb: added DSDB_MODIFY_RELAX flag to the dsdb_module_*() calls 2009-12-21 23:41:06 +11:00
Andrew Tridgell
9d56f656d4 s4-dsdb: added dsdb_get_extended_dn_uint64() 2009-12-21 23:41:05 +11:00
Andrew Tridgell
e89a2db4f2 s4-dsdb: use varargs expression in dsdb_module_search() 
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2009-12-21 23:41:05 +11:00
Andrew Tridgell
2c88ffb8f1 s4-dsdb: added two new dsdb_get_extended_dn_*() helper functions 
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2009-12-21 23:41:04 +11:00
Andrew Tridgell
dbda2c2db5 s4-provision: added a note about where invocationIDs come from 
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2009-12-21 23:41:04 +11:00
Andrew Tridgell
882768c878 s4-dsdb: give us an invocationID when in standalone mode 
To allow us to use the repl_meta_data module in standalone mode (and
thus not have two module stacks to test), we need a invocationID
stored somewhere when standalone. This creates a random one, and
stores it in @SAMBA_DSDB.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2009-12-21 23:41:04 +11:00
Stefan Metzmacher
fcbe8f0c80 s4:kdc: setup the local and remote tsocket_address at accept time 
metze
 2009-12-19 18:24:26 +01:00
Stefan Metzmacher
4dc958c7c8 s4:kdc: convert UDP based communication to tdgram_context 
metze
 2009-12-19 18:24:26 +01:00
Zachary Loafman
daa561d75b s4 torture: Add test to show archive bit behavior with directories 
Signed-off-by: Tim Prouty <tprouty@samba.org>
 2009-12-18 10:52:45 -08:00
Tim Prouty
9b869230a7 s4 torture: Fix RAW-STREAMS-DELETE to pass against samba3 2009-12-18 10:52:45 -08:00
Nadezhda Ivanova
ea365af4f5 Added freeing a successful req so it doesnt croud the ldb context 2009-12-18 17:57:08 +02:00
Nadezhda Ivanova
39616c0ea2 Added oid for AS_SYSTEM control, used to bypass access checks for system operations. 2009-12-18 15:40:11 +02:00
Andrew Tridgell
19cdcdec09 s4-dsdb: stop warnings about unknown struct GUID in prototypes 
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2009-12-18 21:03:40 +11:00
Andrew Tridgell
cb841c363a s4-ldb: fixed a valgrind error in ldbtest 
we were using msg->dn after the ldb it contained had been freed

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2009-12-18 21:03:40 +11:00
Andrew Tridgell
5d7805b07f s4-dsdb: greatly simplify the subtree_delete module 
We can use dsdb_module_search() to make this much simpler

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2009-12-18 21:03:40 +11:00
Andrew Tridgell
b3c69e76ec s4-dsdb: declare ldb_dn_update_components() 2009-12-18 21:03:39 +11:00
Andrew Tridgell
82bf0d8bc6 s4-dsdb: added ldb_dn_update_components() 
This is used to udpate just the DN components of a ldb_dn, leaving the
other extended fields alone. It is needed to prevent linked attribute
updates from removing other extended components.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2009-12-18 21:03:39 +11:00
Andrew Tridgell
db76e65318 s4-dsdb: fixed the sort in dsdb_find_nc_root() 2009-12-18 21:03:39 +11:00
Andrew Tridgell
f392ae5169 s4-ldb: display msDS-OptionalFeatureGUID as a GUID 
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2009-12-18 21:03:39 +11:00
Andrew Tridgell
811b4054f9 s4-scripts: add a enablerecyclebin script 
This can be used to enable the recyclebin on a windows box. Once we
properly implement this feature in samba we will use this to enable
the feature on ourselves as well.
 2009-12-18 21:03:39 +11:00
Andrew Tridgell
20869a0bf0 s4-ldb: canonicalise the message on ldb_add 
This canonicalise avoids a problem with an add that has multiple
elements with the same el->name. That is allowed by MS servers, and by
ldb, but it breaks things like the tdb backend and the repl_meta_data
RPMD handling.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2009-12-18 21:03:39 +11:00
Brendan Powers
7cb858e151 s4-dsdb: Add a test for adding, deleting, and appending a posixAccount objectClass to a user 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2009-12-18 14:27:44 +11:00
Brendan Powers
08060068bf s4-dsdb: fix handling of AUX classes in objectclass_sort 
This is done by sorting the classes by subClass_order, which will
check if the last structural class is valid to add (in
objectclass_do_add instead checking the last class in the list).

They were being sorted by building a class tree, and adding the
classes to the list in that order. However, AUX classes usually don't
fit into that tree, so LDB_ERR_OBJECT_CLASS_VIOLATION was returned. I
have changed the behavior to sort the classes by subClass_order
instead.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2009-12-18 14:27:44 +11:00
Brendan Powers
8b88925654 s4-dsdb: return an error if samAccountName is not specified when creating a user. 
Makes sure samAccountName has been specified before adding a
user. This happened while I was trying to add a user with the
posixAccount objectclass. I forgot to specify the user objectClass,
and samba segfaulted. It now returns LDB_ERR_CONSTRAINT_VIOLATION.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2009-12-18 14:27:43 +11:00
Brendan Powers
d99084ffdb s4-dsdb: Move get_last_structural class from descriptor.c to util.c 
It can now also be used by objectclass.c

get_last_structural_class now ignores AUX classes, because they are
not structural

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2009-12-18 14:27:43 +11:00
Brendan Powers
2ad086e7f6 s4-dsdb: Add a check to prevent acl_modify from debuging a NULL message 
Check to see if there were any messages passed to acl_modify before
debugging the first one. I think I caused this by some malformed
LDIF.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2009-12-18 14:27:43 +11:00
Andrew Bartlett
c3d1e5ca0c s4:provision Give a more useful error message in guess_names 
The problem here is that as we start to get 'real users' they still
decide to do silly things, like load empty but existing smb.conf
files.  Let's give them a better chance to discover what they did
wrong.

Andrew Bartlett
 2009-12-18 14:27:43 +11:00
Tim Prouty
cfbf62dbfd s4 torture: RAW-STREAMS-NAMES Make sure the create time of the streams are different from the base file 2009-12-17 18:13:54 -08:00
Tim Prouty
c3582f923e s4 torture: Add RAW-STREAMS-RENAME3 to show error when trying to overwrite a stream with an open handle 
A normal file overwrite in this case would return NT_STATUS_ACCESS_DENIED,
but if a stream is the target NT_STATUS_INVALID_PARAMETER is returned.
 2009-12-17 18:13:48 -08:00
Tim Prouty
f8bb5a60e7 s4 torture: Parameterize streams delete behavior rather than commenting out the check. 2009-12-17 17:58:35 -08:00
Tim Prouty
f02206d933 s4 torture: RAW-STREAMS-CREATEDISP Use a normal deny mode 2009-12-17 17:58:35 -08:00
Tim Prouty
5c13a90abe s4 torture: close handle instead of using exit 2009-12-17 17:58:34 -08:00
Matthias Dieter Wallnöfer
bbec305135 s4:"samdb_set_password" - remove delete instructions 
They won't work when the LDB change is done using "samdb_replace"
(consider "samr_password.c" functions).

I think this has been a relict which has been useful before the "password_hash"
module existed. Basically it itself does now the updates.
 2009-12-17 20:00:19 +01:00
Günther Deschner
dc4c411242 s4-smbtorture: skip GetAliasMembership against s4. 
It returns NT_STATUS_INTERNAL_DB_CORRUPTION for unknown sids and I could not
figure out why.

Guenther
 2009-12-17 18:05:36 +01:00
Nadezhda Ivanova
c0883fb451 Fixed incorrect checking of PRINCIPAL_SELF permissions. 
If an ace has the PRINCIPAL_SELF as trustee, this sid has to be replaced with
the onjectSid of the object being checked. PRINCIPAL_SELF is the way to grant rights
to an account over itself.
 2009-12-17 17:25:11 +02:00
Günther Deschner
619ad0c6ec s4-smbtorture: add a samr_GetAliasMembership test to RPC-SAMR. 
Guenther
 2009-12-17 15:40:42 +01:00
Matthias Dieter Wallnöfer
1d0f364fad s4:dsdb/common/util - make NTTIME attribute wrappers use a "const" message 
There is no reason to have the message non-const here.
 2009-12-17 12:43:10 +01:00
Günther Deschner
a9689bb755 s4-smbtorture: fix smbtorture after setprinter IDL fixes. 
Guenther
 2009-12-17 10:43:32 +01:00
brendan powers
0708b2a0c9 s4-ntvfs: check if pvfs is NULL in pvfs_logoff 
pvfs can be NULL if the directory a share points to does not exist. In
this case, there would be no open files, so it is safe to just return
from the function.

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-17 11:48:39 +11:00
Stefan Metzmacher
fae70e1f54 s4:gensec: allow clearing local and remote address by passing NULL 
metze
 2009-12-16 20:34:15 +01:00
Andreas Schneider
c457d54434 s4-gensec: Remove obsolete socket_address vars and fns. 2009-12-16 20:28:39 +01:00
Andreas Schneider
1e5488859a s4-gensec: Replace gensec_get_peer_addr with new tsocket based fn. 2009-12-16 20:28:38 +01:00
Andreas Schneider
ac2d31e24c s4-gensec: Replace gensec_set_peer_addr with new tsocket based fn. 2009-12-16 20:28:38 +01:00
Andreas Schneider
8ca88042f0 s4-gensec: Replace gensec_get_my_addr with new tsocket based fn. 2009-12-16 20:28:38 +01:00
Andreas Schneider
226a9db2d9 s4-gensec: Replace gensec_set_my_addr() with new tsocket based fn. 2009-12-16 20:28:38 +01:00
Andreas Schneider
743e6363d5 s4-gensec: Added remote and local setter/getter using tsocket. 2009-12-16 20:28:37 +01:00
Andrew Tridgell
8d3fc23157 s4-dsdb: also mark the relax control non-critical when done 2009-12-16 20:56:24 +11:00
Andrew Tridgell
558a38671a s4-dsdb: it is a better pattern to mark a control as done than remove it 
removing a control means it can't be seen by any other modules, which
is usually not what is wanted. Better to just mark it non-critical,
which means anyone else who wants to look at it can, but if nobody
does its not an error.
 2009-12-16 20:56:24 +11:00
Andrew Tridgell
41e403adb0 s4-dsdb: when the SD_FLAGS control is set, don't remove nTSecurityDescriptor 2009-12-16 20:56:24 +11:00
Andrew Tridgell
934bb28ef3 s4-dsdb: don't actually remove the sd_flags control, just mark it non-critical 
For controls that need to be seen by more than one module, it is best
to just mark them non-critical when handled, instead of removing
them. Otherwise lower modules can't see them.

In this case we want the operational module to see the SD_FLAGS
control
 2009-12-16 20:56:24 +11:00
Andrew Tridgell
9955756314 s4-ldb: show the OID of any unhandled critical controls 
It isn't very useful just saying that a control is not supported,
without saying which one is the problem

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2009-12-16 20:56:23 +11:00
Andrew Tridgell
f8320b3559 s4-ldb: fixed a transaction error on prepare_commit 
when a prepare commit fails, we need to give a cancel to all modules,
not a commit!

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2009-12-16 20:56:23 +11:00
Andrew Tridgell
e14c72877f s4-ldb: added --show-deactivated-link command line option 
this adds the SHOW_DEACTIVATED_LINK control
 2009-12-16 20:56:23 +11:00
Andrew Tridgell
6c2125572c s4-dsdb: added dsdb_get_deleted_objects_dn() 
This is based on the code from Eduardo Lima <eduardoll@gmail.com>, but
uses the new helper functions added in the last couple of commits

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2009-12-16 20:56:22 +11:00
Andrew Tridgell
3c1f18c5e2 s4-dsdb: added dsdb_find_nc_root() 
This is based on the function of the same name from Eduardo Lima
<eduardoll@gmail.com>, but using ldb_dn_compare, to give us
comparisons consistent with what the rest of the code uses.

We will use this function in combination with dsdb_wellknown_dn() to
find the Deleted Objects container for any object.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2009-12-16 20:56:22 +11:00
Andrew Tridgell
7d0fdcae1e s4-dsdb: added dsdb_wellknown_dn() 
This finds a wellknown object given its GUID

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2009-12-16 20:56:22 +11:00
Andrew Tridgell
8a74633eaa s4-dsdb: added a dsdb_module_rename() call 
This will be used by the replmd_delete() code

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2009-12-16 20:56:21 +11:00
Andrew Tridgell
9fa1f96172 s4-dsdb: added dsdb_module_modify() 
This is used to do a sync modify in a module

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2009-12-16 20:56:21 +11:00
Andrew Tridgell
4b970c00ae s4-dsdb: fixed dsdb_module_dn_by_guid() 
needs to ask for the DN in storage format, plus fix compilation errors
 2009-12-16 20:56:21 +11:00
Andrew Tridgell
cd4574ff84 s4-dsdb: dsdb_flags should be unsigned 
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2009-12-16 20:56:21 +11:00
Andrew Tridgell
57b10b664b s4-dsdb: rename dsdb_module_search_handle_flags to dsdb_request_add_controls 
This function will be used for non-search controls, like relax
 2009-12-16 20:56:21 +11:00
Andrew Tridgell
951592687a s4-dsdb: added dsdb_module_dn_by_guid() 
This finds a DN given a GUID, searching below the current module in
the module stack.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2009-12-16 20:56:20 +11:00
Andrew Tridgell
32995e84a2 s4-dsdb: use dsdb_dn_is_deleted_val() 
This also moves the check to before we parse the DN, which saves some
unnecessary work

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2009-12-16 20:56:20 +11:00
Andrew Tridgell
152f415ba8 s4-dsdb: added dsdb_dn_is_deleted_val() 
This is used to determine if a extedned DN has the 'DELETED=1'
component

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2009-12-16 20:56:20 +11:00