sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-12 09:18:10 +03:00
Code
82,623 Commits 60 Branches 1,145 Tags 452 MiB
1b96a6df19
Commit Graph

29348 Commits

Author SHA1 Message Date
Michael Adam
1b96a6df19 s4:torture:smb2: simplify the durable-v2.reopen2 test (using only one i/o struct) 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2012-09-07 23:39:34 +02:00
Michael Adam
fc0631cae6 s4:torture:smb2: simplify the durable-v2-open.reopen1 test 
only use one smb2_create i/o struct and store the create GUID centrally

Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2012-09-07 23:39:31 +02:00
Michael Adam
67290e7d2e s4:torture:smb2: in the durable-v2-reopen1 test, use a minimal request 
don't copy the old request, but only set the necessary fields

Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2012-09-07 23:39:29 +02:00
Michael Adam
d3946fed75 s4:torture:smb2: fix cut'n'paste error in the durable-v2-open.reopen2 test 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2012-09-07 23:39:25 +02:00
Michael Adam
e1dd2fc2fa s4:torture:smb2: fix name of test file in the durable-open.alloc-size test 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2012-09-07 23:39:21 +02:00
Alexander Bokovoy
dd2ab2e679 s4-torture: dns torture test depends on AD DC build 2012-09-07 12:31:42 +02:00
Michael Adam
972bf34332 s4:torture:smb2: add a test for alloc size behaviour under durable reconnect 
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
 2012-09-07 08:48:05 +02:00
Stefan Metzmacher
640752b969 s4:torture/smb2: add smb2.durable-v2-open.reopen{1,2} tests 
They show that only the content of the DH2C request matches and
all other values in the SMB2 Create request are ignored.

metze
 2012-09-07 00:32:30 +02:00
Stefan Metzmacher
1874ebeb37 s4:torture/smb2: check that the server should ignore the fname in a DHnC request 
metze
 2012-09-07 00:32:30 +02:00
Stefan Metzmacher
afaea04f1c s4:torture/smb2: don't expect a DHnQ response in a DHnC request 
This is fixed in Windows 2012 and matches the [MS-SMB2] documentation
now.

metze
 2012-09-07 00:32:30 +02:00
Kai Blin
8ba8020586 s4 dns: Make debug output less noisy 
Autobuild-User(master): Kai Blin <kai@samba.org>
Autobuild-Date(master): Fri Sep  7 00:31:56 CEST 2012 on sn-devel-104
 2012-09-07 00:31:56 +02:00
Kai Blin
319b239dc4 s4 dns: Check if signing user is allowed to update records 
This should fix bug #9142
 2012-09-06 22:43:05 +02:00
Andrew Bartlett
baf2db685f selftest: Test configure stage of dlz_bind9 
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Sep  6 09:07:11 CEST 2012 on sn-devel-104
 2012-09-06 09:07:11 +02:00
Andrew Bartlett
52f0dedc1a selftest: Add tests for the dlz_bind9 module 
This will help ensure that we do not break the fundemental loading etc.

From here, it should be easy to extend this to more comprehensive tests.

Andrew Bartlett
 2012-09-06 15:22:26 +10:00
Andrew Bartlett
0d99175f2a join.py: Only replicate DNS zones if the source DC had DNS zones 
This avoid folks needing to specify --dns-backend=NONE

Andrew Bartlett

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Sep  6 04:48:55 CEST 2012 on sn-devel-104
 2012-09-06 04:48:55 +02:00
Kai Blin
5e492f8d32 s4 dns: Allow configuring signed updates 
Autobuild-User(master): Kai Blin <kai@samba.org>
Autobuild-Date(master): Wed Sep  5 20:42:46 CEST 2012 on sn-devel-104
 2012-09-05 20:42:46 +02:00
Kai Blin
2b17566e89 s4 dns: Make sure to remember incoming tkey name 2012-09-05 19:08:33 +02:00
Kai Blin
53f602c374 s4 dns: Verify incoming TSIG signatures 2012-09-05 19:02:17 +02:00
Kai Blin
7fe5e2cdcb s4 dns: Handle GSS-TSIG signature creation 2012-09-05 19:02:17 +02:00
Kai Blin
956f41bddf s4 dns: When we got a TKEY, we need to remember which key to use for signing 2012-09-05 19:02:17 +02:00
Kai Blin
e81d026576 s4 dns: TKEY record needs to remember incoming algorithm 
Samba3 (and older windows versions) use gss.microsoft.com, win7 (and the RFC) use gss-tsig
 2012-09-05 19:02:17 +02:00
Kai Blin
c0e6a4b1b0 s4 dns: Move dns_find_tkey to an extra file 2012-09-05 19:02:16 +02:00
Andreas Schneider
58d8d9440f s4-dns: Fix linking the dns service. 
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Sep  5 18:40:00 CEST 2012 on sn-devel-104
 2012-09-05 18:40:00 +02:00
Andrew Bartlett
7b86c18f38 selftest: Add python blackbox tests for samba-tool ntacl get/set 
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Sep  5 15:47:55 CEST 2012 on sn-devel-104
 2012-09-05 15:47:55 +02:00
Andrew Bartlett
f9cee8d832 samba_tool: Improve samba-tool ntacl get/set to use the local sam.ldb SID 
This gets the SID for the local machine correctly.

We also add options for --use-ntvfs and --use-s3fs to help control
exactly which database is being read and written.

Andrew Bartlett
 2012-09-05 14:12:20 +02:00
Andrew Bartlett
7b5ba30138 samba_tool: Fix ntacl get to correctly output in sddl 2012-09-05 14:12:19 +02:00
Andrew Bartlett
c19208e93c s4-provision: Fix error message to contain the string SSDL of the failed-to-match ACL 2012-09-05 14:12:19 +02:00
Kai Blin
558fa4c45a s4 dns: Revert erroneous push from wrong branch 
I've pushed the wrong branch for this, sorry about that.

Autobuild-User(master): Kai Blin <kai@samba.org>
Autobuild-Date(master): Wed Sep  5 14:10:54 CEST 2012 on sn-devel-104
 2012-09-05 14:10:54 +02:00
Kai Blin
2311a2c9f5 s4 dns: Allow configuring signed updates 
Autobuild-User(master): Kai Blin <kai@samba.org>
Autobuild-Date(master): Wed Sep  5 10:45:22 CEST 2012 on sn-devel-104
 2012-09-05 10:45:22 +02:00
Kai Blin
b5dd26cc69 s4 dns: Make sure to remember incoming tkey name 2012-09-05 08:41:24 +02:00
Kai Blin
140a8d86ac more tsig_verify stuff 2012-09-05 08:41:24 +02:00
Kai Blin
17c91b5db0 drop me 2012-09-05 08:41:24 +02:00
Kai Blin
cf4333b0cd hack: dns_sign_tsig correct memcpy 2012-09-05 08:41:23 +02:00
Kai Blin
a0c2453405 HACK remove debug statement 2012-09-05 08:41:23 +02:00
Kai Blin
f3e44c390c s4 dns: Verify incoming TSIG signatures 2012-09-05 08:41:23 +02:00
Kai Blin
fc9de26497 s4 dns: Handle GSS-TSIG signatures 2012-09-05 08:41:23 +02:00
Andrew Bartlett
4437547afa s4-selftest: Try a more complex ACL - this example from a GPO 
Andrew Bartlett

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Sep  4 11:30:17 CEST 2012 on sn-devel-104
 2012-09-04 11:30:17 +02:00
Andrew Bartlett
97a1f8d20b s4-selftest: Try to make ntacl unit tests better match their names 
We are trying to test combinations of setting and getting via the VFS
and directly to the underlying DB.

Andrew Bartlett
 2012-09-04 09:52:23 +02:00
Andrew Bartlett
30253c11cc s4-samba-tool: Ensure we also sync the SACL as well as the DACL during sysvolreset 2012-09-04 09:52:23 +02:00
Andrew Bartlett
9983ad7a80 s3-passdb: Rename pdb_samba4 to samba_dsdb and autoconfigure when we are a AD DC 
The name samba_dsdb is not ideal, but it matches the primary ldb
module we use, and more importantly it avoids having '4' in the name.
We should slowly avoid using the term samba4 in long-term places like
the smb.conf because it is confusing to users given we are shipping
Samba 4.0 as an AD DC as well as all the other supported roles (domain
member/standalone server/classic DC)

Additionally, samba4 will be an odd name when we eventually release
Samba 5.0!

samba4 remains accepted as an alias to ensure existing smb.conf files
load, but to allow changes here in the future, we set the value during
the smb.conf load, and not during the provision when we are an AD DC.

This simplifies the default smb.conf for the vast majority of our
users and reduces the number of things listed in smb.conf files that
we later have to work around if we wish to change the
name/implementation of the passdb glue module again.

Andrew Bartlett

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Sep  4 04:45:16 CEST 2012 on sn-devel-104
 2012-09-04 04:45:16 +02:00
Andrew Bartlett
2dd0e7141f s4-classicupgrade: Show more clearly what is wrong with the Adminstrator SID 2012-09-03 19:24:10 +10:00
Jeremy Allison
5e0365dfe8 Now SEC_RIGHTS_PRIV_RESTORE and SEC_RIGHTS_PRIV_BACKUP don't include any generic bits (they're used directly in the fileserver where the generic bits have already been mapped into file specific bits) we need to add the generic bits to the test when we have these privileges. 
Mark samba4.base.maximum_allowed knownfail until we implement NTCREATEX_OPTIONS_BACKUP_INTENT.
 2012-08-31 20:32:37 -07:00
Jeremy Allison
6550bc0d26 Rewrite torture_samba3_rpc_sharesec() to use a non-privileged user for share security descriptor testing. 2012-08-31 20:29:13 -07:00
Andrew Bartlett
4d7dad1315 s4-dsdb: Remove unused variables 
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sat Sep  1 05:10:47 CEST 2012 on sn-devel-104
 2012-09-01 05:10:47 +02:00
Andrew Bartlett
8557c692f6 s4-kdc: Improve grammer and clarity of password change failure messages. 
This can still be improved further, but avoid mentioning reasons that
clearly do not apply in this case.

Andrew Bartlett
 2012-09-01 03:33:21 +02:00
Andrew Bartlett
01ade93c7c s4-dsdb: Remove unused tmp_ctx leaked onto long-term ldb_context 
This was found based on a log provided by Ricky Nance
<ricky.nance@weaubleau.k12.mo.us>.  Thanks Ricky!

Andrew Bartlett
 2012-09-01 03:33:20 +02:00
Kai Blin
c256566aa9 s4 dns: Store TKEYs in a ringbuffer 
This stops us from potentially being DoSed by tons of TKEYs

Autobuild-User(master): Kai Blin <kai@samba.org>
Autobuild-Date(master): Fri Aug 31 22:46:01 CEST 2012 on sn-devel-104
 2012-08-31 22:46:01 +02:00
Kai Blin
7204dc9708 s4 dns: Negotiate GSSAPI-based TKEYs 
Autobuild-User(master): Kai Blin <kai@samba.org>
Autobuild-Date(master): Fri Aug 31 10:38:35 CEST 2012 on sn-devel-104
 2012-08-31 10:38:35 +02:00
Andrew Bartlett
d2c0387d66 s4-kdc: Give information on how long the password history is 
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Aug 31 08:06:17 CEST 2012 on sn-devel-104
 2012-08-31 08:06:17 +02:00
Andrew Bartlett
efec5a9299 s4-libnet: Fix memory leak of lsa_RefDomainList and lsa_String onto libnet_ctx 
These are only needed for as long as the call, and should be children of the
private context.

This was found based on a log provided by Ricky Nance
<ricky.nance@weaubleau.k12.mo.us>.  Thanks Ricky!

Andrew Bartlett
 2012-08-31 14:30:38 +10:00