IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
samba-too: Allow 'samba-tool fsmo' to cope with empty or missing fsmo roles
Signed-off-by: Rowland Penny <rpenny@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
This allows 'import time' to work.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu May 19 15:21:58 CEST 2016 on sn-devel-144
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Tue May 17 07:39:03 CEST 2016 on sn-devel-144
While invalid for samAccountName values, when also used for
samAccountName we should be dealing with this at the samldb layer, not
here.
This comes from unvalidated Samba3 data that can contain a , or =
without a problem in that codebase.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue May 10 05:11:42 CEST 2016 on sn-devel-144
This avoids touching the LDAP connection after the long replicate cycle, as it may
have timed out
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
In autobuild this print causes an IOError when stdout is dead,
which hides the exception you care about and prevents the actual
clean up.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
RFC 1034, for instance, describes that all intermediate CNAMEs should be
returned. As it is, CNAME do not return all found intermediate results
in the case of straightforward failure. It should be noted that in the
case of forwarding success, ALL intermediate paths are returned,
including the failure ones.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
The new tests show that single and multiple forwarders work as expected.
They also describe the behaviour encountered when the DNS server
encounters a CNAME from a forwarded request (which is not to pursue any
further).
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Pair-programmed-with: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Because replPropertyMetadata was repeated for every object in the
database, the attrs list became very long.
This single line saves 20% of the time for make test TESTS=dbcheck.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Wed Apr 20 09:12:47 CEST 2016 on sn-devel-144
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Mon Apr 18 07:40:07 CEST 2016 on sn-devel-144
Either the user may be missing from the database, or the user is not
included in the RODC password replication group.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
These are independent from our client library and allow
testing of invalid pdus.
It can be used like this in standalone mode:
SMB_CONF_PATH=/dev/null SERVER=172.31.9.188 python/samba/tests/dcerpc/raw_protocol.py
or
SMB_CONF_PATH=/dev/null SERVER=172.31.9.188 python/samba/tests/dcerpc/raw_protocol.py -v -f TestDCERPC_BIND.test_invalid_auth_noctx
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Make sure that TXT entries stored via RPC come out the same in DNS.
This has one caveat in that adding over RPC in Windows eats slashes,
and so fails there.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This was on the client side, due the a strlen(NULL) on the previously
DOS-encoded TXT field. With a new IDL structure, this segfault no longer exists.
Note that both Samba and Windows return NXRRSET instead of FORMERR.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Two requests with identical parameters which are poorly formatted, can
non-deterministically return FORMERR or simply fail to give a response.
Setting the timeout to a number allows Windows to succeed.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This can happen with three DCs and custom schema, but we test
it by just forcing the values directly into the backing tdb.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
If custom schema is used in a replicated DC environment, these are created as soon as
an attribute is modified on more than one DC. We have to remove these.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11443
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
The new talloc.BaseObject allow us to hold a talloc context per
python object (there may be many referring to the same C object)
and the talloc context that the actual object pointer is under.
Another advantage is that talloc.BaseObject(), has less of
an ABI surface.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Rowland Penny rpenny@samba.org
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Mon Mar 7 08:13:42 CET 2016 on sn-devel-144
Based on patches by Adrian Cochrane
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Feb 25 07:58:55 CET 2016 on sn-devel-144
No tests use this any more, hence we should not
parse the file anymore either. It is generated
directly from the parametersr.all.xml file.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11699
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Feb 3 11:42:29 CET 2016 on sn-devel-144
This works with Crypto.Cipher.ARC4 (from python*-crypto) and
fallback to M2Crypto.RC4.RC4 (from [python*-]m2crypto).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11699
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
We should avoid implementing this again and again.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11699
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
A subnet name needs to be a valid CIDR address range -- that's the
ones that look like 10.9.8.0/22, where the number after the /
determines how many bits are in the address suffix. It can be IPv4 or
IPv6. There are a few odd constraints (see MS-ADTS v20150630
6.1.1.2.2.2.1 "Subnet Object") -- for example, with IPv4, the implied
bit mask can't equal the address. That is, you can't have a subnet
named "255.255.255.0/24" in a Windows subnet. This rule does not apply
to IPv6.
Windows and Samba both make some ensure that subnets have a unique
valid name, though unfortunately Windows 2008R2 is rather slack when
it comes to IPv6. We follow Windows 2012R2, which roughly follows
RFC5952 -- with one caveat: Windows will allow an address like
"::ffff:0:1:2", which translates to the IPv4 address "0.1.0.2" using
the SIIT translation scheme, and which inet_ntop() would render as
"::ffff:0:0.1.0.2". In the Samba implementation we use an inet_pton()/
inet_ntop() round-trip to establish canonicality, so these addresses
fail. Windows wisely does not allow the SIIT style addresses (the
acronym is widely agreed to be off-by-one in the second letter), and
it will regard "::ffff:0:1:2" as simply "::ffff:0:1:2" and allow it.
We would like to do that too.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This allows you to add, remove, or shift subnets.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This new routine is safe against escape characters and works
against Windows 2012R2.
The dn= filter in the old code was samba-specific.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
