1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-17 02:05:21 +03:00

57587 Commits

Author SHA1 Message Date
Michael Adam
d2673253e3 s3:smbd: make idmap cache persistent for "ldapsam:trusted".
This stores the mappings found in the idmap cache (which lives
inside gencache). This cache is already read in sid_to_Xid()
and Xid_to_sid() for ldapsam:trusted, this fills the opposite
direction, massively reducing the number of ldap roundtrips
across smbd restarts.

Michael
2009-11-13 16:19:31 +01:00
Kamen Mazdrashki
5b75201dbb util: str_list_unique() bugfix
j is actually the index of the last element in the list
size of the list though is j+1 <- to make room for the
terminating NULL element
2009-11-13 23:19:06 +11:00
Kamen Mazdrashki
b7839b73b1 util: str_list_unique_2() test implementation
Difference with previous test for str_list_unique() is
that this test allows number of elements and number
of duplicates to be supplied on command line using
--option="list_unique:count=47"
--option="list_unique:dups=7"
2009-11-13 23:19:06 +11:00
Andrew Bartlett
ca12e7bc8f s4:heimdal Import generated files from heimdal tree
We should be able to rebuild these, but a cp is easier :-)
2009-11-13 23:19:06 +11:00
Andrew Bartlett
4f8ba5ad6a s4:heimdal: import lorikeet-heimdal-200911122202 (commit 9291fd2d101f3eecec550178634faa94ead3e9a1) 2009-11-13 23:19:05 +11:00
Andrew Bartlett
5bc87c14a1 s4:heimdal: import lorikeet-heimdal-200909210500 (commit 290db8d23647a27c39b97c189a0b2ef6ec21ca69) 2009-11-13 23:19:05 +11:00
Volker Lendecke
1220534716 Fix large paged search
Signed-off-by: Michael Adam <obnox@samba.org>
2009-11-13 11:36:06 +01:00
Volker Lendecke
92a16b91e8 fix bogus "out of memory" winbind msg
Signed-off-by: Michael Adam <obnox@samba.org>
2009-11-13 11:36:06 +01:00
Andrew Tridgell
c8884e1cf2 s4-ldb: changed the DN checks for \n to warnings
a \n is sometimes allowed in AD (eg in deleted DNs). Until we know
when is really is allowed, treat it as a warning only.
2009-11-13 19:32:47 +11:00
Andrew Tridgell
dbae29de1c s4-ldb: make DN escaping/unescaping consistent
The DN escape function was using the form \c where c is any
character. The unescape function was using \XX where XX is a 2 digit
hex number. The asymmetry led to quite a few problems when we start to
deal with DNs containing escape chars, such as CN=foo\0ADEL:XXX. The
result was a DN that was not accessible.

This patch changes the escaping to follow RFC2253 much more
closely. We accept either type of escape, and produce the two types of
escape, depending on the character being escaped
2009-11-13 19:32:46 +11:00
Volker Lendecke
f9ad5cd133 s3: Convert cli_unix_extensions_version to async 2009-11-13 09:30:30 +01:00
Günther Deschner
3732798008 s3-rpcclient: use the parsed binding string flags for auth choice.
This allows rpcclient to be called like this:

rpcclient ncacn_ip_tcp:w2k8r2[sign,seal] -U administrator%secret -c "dscracknames gd"

Guenther
2009-11-13 01:13:06 +01:00
Jeremy Allison
d2a9f4a272 Remove unused variable warning.
Jeremy.
2009-11-12 14:09:25 -08:00
Jeremy Allison
0363713031 Remove erroneous 'presult = NULL' changes. Now presult only gets set
if NTSTATUS == OK.
Jeremy.
2009-11-12 13:59:25 -08:00
Jeremy Allison
496d147dc4 Revert "Ensure every return path initializes presult as NULL."
Vl is correct, this is the wrong way to fix this.

This reverts commit 83c2c177a5e86d04da37384f1f04230c8274e1e6.
2009-11-12 13:57:13 -08:00
Jeremy Allison
5363d6e62c Ensure all callers to the rpc_client/cli_pipe functions correctly
initialize return variables.
Jeremy.
2009-11-12 13:56:33 -08:00
Jeremy Allison
6747a91ca0 Fix bug 6891 - using windows explorer to change ownership on a folder fails with Bad File Descriptor.
Jeremy.
2009-11-12 13:08:04 -08:00
Jeremy Allison
83c2c177a5 Ensure every return path initializes presult as NULL.
Ensures no crashes in calling code that forgets to
init return as null.
Jeremy.
2009-11-12 11:49:54 -08:00
Stefan Metzmacher
21644c5fed s4:heimdal_build: allow flex-2.5.35 with bison-2.3
metze
2009-11-12 18:51:21 +01:00
Günther Deschner
61f0b24763 s3-kerberos: remove smb_krb5_get_tkt_from_creds().
Now that cli_krb5_get_ticket() already handles S4U2SELF impersonation, remove
smb_krb5_get_tkt_from_creds() which is not required anymore.

Guenther
2009-11-12 15:50:38 +01:00
Günther Deschner
0f8bf47d94 s3-kerberos: avoid using ERROR_TABLE_BASE_krb5 without checking.
Guenther
2009-11-12 15:50:37 +01:00
Andrew Bartlett
0d6c3058b2 s4:dsdb Make callbacks in extended_dn_out clearer to follow 2009-11-12 22:23:23 +11:00
Andrew Bartlett
5740648279 s4:selftest Mark the RPC-DSSYNC test as knownfail for now
We need to work on the provision or LDB modules to avoid DN attributes
without GUIDs (caused because the target does not exist at creation
time).

Andrew Bartlett
2009-11-12 22:23:22 +11:00
Andrew Bartlett
68639bfd64 s4:libcli/ldap Add 'relax' OID to known network representations
This patch, inspired by a patche by Endi S. Dewata
<edewata@redhat.com>, allows this control to be passed to the LDAP
backend.

Andrew Bartlett
2009-11-12 22:23:22 +11:00
Endi S. Dewata
f3bc54a8f1 s4:provision - Added LDBBackend and ExistingBackend. 2009-11-12 22:23:22 +11:00
Endi S. Dewata
55bb60a5db s4:provision - Added constructors for FDSBackend and OpenLDAPBackend. 2009-11-12 22:23:22 +11:00
Endi S. Dewata
1564067fbc s4:provision - Added setup() method in LDAPBackend. 2009-11-12 22:23:21 +11:00
Endi S. Dewata
ba12eb99a0 s4:provision - Moved provision_xxx_backend() into backend-specific provision() method. 2009-11-12 22:23:21 +11:00
Endi S. Dewata
be766a3841 s4:provision - Added start() method in LDAPBackend. 2009-11-12 22:23:21 +11:00
Endi S. Dewata
fbc5696e38 s4:provision - Added initial implementation of FDSBackend and OpenLDAPBackend. 2009-11-12 22:23:21 +11:00
Volker Lendecke
8006e0e634 s3: Fix debug messages in check_reduced_name 2009-11-12 11:20:22 +01:00
Günther Deschner
b29eed492f cifs.upcall: Fix Bug #6868: support building with Heimdal we well as with MIT.
Guenther
2009-11-12 10:22:39 +01:00
Günther Deschner
b4e40958b7 s3-kerberos: add smb_krb5_principal_get_realm().
Guenther
2009-11-12 10:22:39 +01:00
Andrew Bartlett
bbe4a9cf0f s4:repl_meta_data Parse linked attributes with schema syntaxes
The bug here was that by assuming all linked attributes were 'normal
DNs', we would miss the binary portion of DN+Binary.

This patch then has us reparse the string to determine it's GUID, for
the GUID lookup, but maintains the binary porition into the on-disk
format.

Andrew Bartlett
2009-11-12 16:34:44 +11:00
Andrew Bartlett
a9f6a56227 s4:dsdb/schema Add more unit tests for DN+Binary syntaxes 2009-11-12 16:34:43 +11:00
Andrew Bartlett
95a12cdf21 s4:torture Use (some) torture_assert() calls in RPC-DSSYNC test 2009-11-12 16:34:23 +11:00
Andrew Bartlett
693ddf5ba0 s4:dsdb Improve debug message in extended_dn_out 2009-11-12 16:34:18 +11:00
Andrew Bartlett
06b234e811 s4:torture Remove _drs_util_verify_attids() from RPC-DSSYNC
I'm satisfied that the task this test does is already done by the time
we map the incoming schema, and process the objects.  If we have the
OID mapping wrong or incomplete, we will get any errors this test
found errors there.

(And this dramaticly reduces the test time, so we can now add
RPC-DSSYNC to 'make test').

Andrew Bartlett
2009-11-12 16:34:18 +11:00
Andrew Bartlett
6d1e60987b s4:torture/dsdb Add verification of the push-to-LDB functions in RPC-DSSYNC
This is done by comparing the values against the remote host's LDAP
server.

Andrew Bartlett
2009-11-12 16:34:17 +11:00
Andrew Bartlett
30a08005ca s4:torture Add const 2009-11-12 16:34:16 +11:00
Andrew Bartlett
ae72153daa s4:ldb Allow ldb_msg_canonicalize to handle empty elements
(These are deliberately there in DRS replication).

Andrew Bartlett
2009-11-12 16:34:15 +11:00
Andrew Bartlett
081d57345f s4:dsdb/schema Allow a schema set when bound against a remote LDAP server 2009-11-12 16:34:15 +11:00
Andrew Bartlett
5940ca60e2 s4:ldb Don't segfault if we somehow get an unknown extended dn element 2009-11-12 16:34:14 +11:00
Andrew Bartlett
716bba5457 s4:ldb Change ldb_request_add_control to the normal 'for loop' pattern 2009-11-12 16:34:14 +11:00
Andrew Bartlett
87e984f0bd s4:torture Convert RPC-DSSYNC test to use LDB rather than raw LDAP
(This should make it easier to do more 'compare DRS with LDAP'
operations, as LDB is an easier interface to program.)

Andrew Bartlett
2009-11-12 16:34:13 +11:00
Stefan Metzmacher
1012b806a7 NET-API-BECOME-DC: resolve the host name to an address before calling
libnet_BecomeDC and libnet_UnbecomeDC()

We're supposed to pass in source_dsa_address...

metze
2009-11-12 16:34:12 +11:00
Andrew Bartlett
2a601719f2 s4:dsdb Add expected value tests for most DRS syntax conversions
I've left out those for which I could not find an expected value in my
default Windows 2003 server's database, and the values that rely on
the current prefix map at the time.

Andrew Bartlett
2009-11-12 16:34:12 +11:00
Andrew Bartlett
9ba1870fb9 s4:Fix regression in dsdb_dn code - all parses of the DN would be rejected
This is most likely the cause of the DRS replication failures I
observed with my changes.

Andrew Bartlett
2009-11-12 16:34:11 +11:00
Andrew Bartlett
6b0b3fed31 s4:provision Add C binding to get at the generate schema
This will allow us to do local tests against that schema
2009-11-12 16:34:11 +11:00
Andrew Bartlett
6437c38aeb s4:provision Remove unused 'sambadn' parameter 2009-11-12 16:34:10 +11:00