sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-12 09:18:10 +03:00
Code
59,003 Commits 60 Branches 1,145 Tags 452 MiB
dbf9017a80
Commit Graph

21022 Commits

Author SHA1 Message Date
Andrew Tridgell
348bcfc8ff s4-dsdb: added replmd_delete, based on Eduardos work 
This implements repmld_delete(), which handles the meta_data updates
for an object when deleting. A delete gets mapped to a combination
of a rename followed by a modify request, which has the effect of
moving the object into the Deleted Objects container.

This is based on the code from Eduardo Lima
<eduardoll@gmail.com>. Eduardo's code was modified to take account of
the linked attributes changes that Andrew and I have been working on.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-01-02 08:16:49 +11:00
Andrew Tridgell
5964acfa74 s4-dsdb: the linked_attributes module no longer handles deletes 
delete handling is now moved into repl_meta_data

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-01-02 08:16:49 +11:00
Andrew Tridgell
bd5678f4be s4-dsdb: repl_meta_data now replaces objectguid in all cases 
We don't want to be debugging two different code paths through the ldb
module stack, so better to always do the work of repl_meta_data, even
for a standalone server

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-01-02 08:16:49 +11:00
Andrew Tridgell
3199e02884 s4-dsdb: add a comment on the use of ldb_rename() 
We need to use ldb_rename() and not dsdb_module_rename() here as we
need the rename to be processed by the current module
 2010-01-02 08:16:48 +11:00
Andrew Tridgell
c071af337a s4-dsdb: linked_attributes_modify no longer handles modifies 
This functionality has moved into repl_meta_data
 2010-01-02 08:16:48 +11:00
Andrew Tridgell
3b056061ff s4-dsdb: added support for backlinks in repl_meta_data 
backlinks need more careful handling now that we store the additional
meta data for deleted links. It is easier to handle this in
repl_meta_data than in linked_attributes.

Eventually linked_attributes will disappear, with the functionality
moved into repl_meta_data.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-01-02 08:16:48 +11:00
Andrew Tridgell
dee6b6fb3d s4-dsdb: implemeneted replmd_modify_la_replace() 
We now have the core code for handling storage of linked attribute
meta-data with local modifies

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-01-02 08:16:48 +11:00
Andrew Tridgell
d5020e3d91 s4-dsdb: add a TODO item for linked attributes in extended_dn_out 
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-01-02 08:16:48 +11:00
Andrew Tridgell
41c3c979ff s4-dsdb: add support for storing linked attribute meta data in extended DNs 
When in functional levels above w2k, we need to store much richer meta
data about linkked attributes. We also need to keep deleted linked
attributes around to allow the deletion to be propogated to other DCs.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-01-02 08:16:48 +11:00
Jelmer Vernooij
9085499bbb heimdal_build: Explicitly specify 'YES' when enabling external 
libraries.
 2010-01-01 18:32:37 +01:00
Jelmer Vernooij
0c29640358 s4/build: Indicate whether Samba4 is being built against the system 
Heimdal.
 2010-01-01 18:31:44 +01:00
Andrew Tridgell
de94857848 s4-net: fixed finddcs to use empty SID instead of NULL sid (NDR error) 2009-12-31 17:33:53 +11:00
Andrew Tridgell
3239872bbc s4-net: fixed pwsettings command 
Don't override user settings with current settings
 2009-12-31 17:33:33 +11:00
Jelmer Vernooij
dbd7a62baa py/security: Add test for dom_sid.split. 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-31 17:33:33 +11:00
Jelmer Vernooij
66f81d18ce samba: Fix whitespace, remove pointless 'pass' statement. 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-31 17:33:31 +11:00
Jelmer Vernooij
ea5af6e30c pyldb: Add dom_sid.split in favor of less powerful dom_sid_to_rid(). 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-31 17:33:30 +11:00
Jelmer Vernooij
7effe2d2e3 net: Support 'super' commands implemented in Python. 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-31 17:33:28 +11:00
Jelmer Vernooij
9e5ef916d4 net: Move 'newuser' to 'net newuser' 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-31 17:33:27 +11:00
Jelmer Vernooij
73594c248f net: Fix tests and documentation of setexpiry. 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-31 17:33:25 +11:00
Jelmer Vernooij
345b25d059 net: Move setexpiry to 'net setexpiry' 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-31 17:33:24 +11:00
Jelmer Vernooij
b531696a5b net: Move 'setpassword' to 'net setpassword'. 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-31 17:33:22 +11:00
Jelmer Vernooij
552e65679d net: Allow Python commands to return None instead of 0. 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-31 17:33:21 +11:00
Jelmer Vernooij
31cc963ba0 net: Allow python subcommands to provide commands that are not recognized by 
net itself.

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-31 17:33:02 +11:00
Matthias Dieter Wallnöfer
1aed373b11 s4:lib/registry/util.c - Reintroduce "FIXME"s 
Jelmer suggested to put them in again.
 2009-12-30 12:39:55 +01:00
Stefan Metzmacher
d5cbfbb93a s4:ntlmssp: remove mem_ctx from check_password() callback to match s3 
metze
 2009-12-29 17:06:25 +01:00
Stefan Metzmacher
f31d144e70 s4:ntlmssp_server: always call ntlmssp_server_postauth() and decide there if it's a noop 
metze
 2009-12-29 17:06:25 +01:00
Stefan Metzmacher
994d34b949 s4:ntlmssp_server: don't use a mem_ctx for ntlmssp_server_auth() 
metze
 2009-12-29 17:06:25 +01:00
Stefan Metzmacher
3f04b60fb9 s4:ntlmssp_server: don't use mem_ctx in auth_ntlmssp_check_password() 
metze
 2009-12-29 17:06:24 +01:00
Stefan Metzmacher
7d4692fa43 s4:ntlmssp_server: clear session key in ntlmssp_server_preauth() 
metze
 2009-12-29 17:06:24 +01:00
Stefan Metzmacher
dea456089a s4:ntlmssp: use data_blob_null in ntlmssp_server_auth() 
metze
 2009-12-29 17:06:24 +01:00
Stefan Metzmacher
60b9434492 s4:ntlmssp_server: remove unused variable 
metze
 2009-12-29 17:06:23 +01:00
Stefan Metzmacher
a8e61ac084 s4:auth/ntlmssp: let get_challenge() return a NTSTATUS and fill a stack buffer 
metze
 2009-12-29 17:06:23 +01:00
Jelmer Vernooij
fbb59b2dca dsdb: Fix dependencies when building against system ldb. 2009-12-29 16:26:21 +01:00
Jelmer Vernooij
94454ad073 net: Make arguments available to python commands as sys.argv. 2009-12-29 16:26:21 +01:00
Jelmer Vernooij
588b3e6181 python: When updating sys.path to include the Samba python path, avoid throwing away the changes made by site.py. 2009-12-29 16:26:20 +01:00
Jelmer Vernooij
e2c4d8281d s4/net: Allow options before arguments for Python commands. 2009-12-29 16:26:20 +01:00
Jelmer Vernooij
433f58f5a7 s4/net: Pass all arguments through to the Python commands. 2009-12-29 16:26:20 +01:00
Jelmer Vernooij
e60a40e287 s4/net: Add domainlevel subcommand. 2009-12-29 16:26:20 +01:00
Jelmer Vernooij
027f6ada63 s4/net: Use d_printf consistently when reporting errors. 2009-12-29 16:26:20 +01:00
Jelmer Vernooij
732a7630e9 Use CommandError exception to deal with problems during net commands. 2009-12-29 16:26:19 +01:00
Jelmer Vernooij
eaf4a9afb2 s4/net: Make pwsettings a net subcommand. 2009-12-29 16:26:19 +01:00
Jelmer Vernooij
8c19cd2dea netcmd: Add some basic tests. 2009-12-29 16:26:19 +01:00
Jelmer Vernooij
9e603dfb95 s4/net: Support parsing arguments in Python commands. 2009-12-29 16:26:19 +01:00
Jelmer Vernooij
9b1a210311 net: Support usage/help of subcommands implemented in Python. 2009-12-29 16:26:19 +01:00
Jelmer Vernooij
c064549e2e net: Support implementing subcommands in python. 2009-12-29 16:26:18 +01:00
Stefan Metzmacher
8b68349442 s4:auth: add auth_get_server_info_principal() prototype to auth.h 
metze
 2009-12-29 12:13:30 +01:00
Stefan Metzmacher
27349a68ea s4:auth: make auth_challenge_may_be_modified() public 
metze
 2009-12-29 12:13:29 +01:00
Stefan Metzmacher
af25fb55c0 s4:auth: remove autogenerated auth/ntlm/auth_proto.h 
metze
 2009-12-29 12:13:23 +01:00
Stefan Metzmacher
8ab62799ed s4:ntlmssp: fix whitespaces in ntlmssp.h 
metze
 2009-12-29 08:18:52 +01:00
Jelmer Vernooij
72d93599d9 python: Remove sys.path line rather than updating it when installing to python system path. 2009-12-27 17:30:59 +01:00
Jelmer Vernooij
ef453c63af py_net/libnet: Remove C++-style comments, add more error checking, move 
initialization of dcerpc subsystem to libnet.
 2009-12-25 14:48:45 +01:00
Kamen Mazdrashki
33699bb1be s4-libnet: Simple test for net.SetPassword() python binding 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2009-12-25 14:15:53 +01:00
Kamen Mazdrashki
20c7c27322 s4-libnet: Python binding for libnet_SetPassword() 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2009-12-25 14:15:42 +01:00
Kamen Mazdrashki
f03e88fa4b s4-net: Fix 'talloc_free with references ...' error 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2009-12-25 14:15:31 +01:00
Stefan Metzmacher
078482ad0e s4:auth: change auth_check_password_send/recv to tevent_req 
metze
 2009-12-24 17:38:34 +01:00
Stefan Metzmacher
577857d351 s4:gensec: change gensec_update_send/recv to tevent_req 
metze
 2009-12-24 17:38:34 +01:00
Stefan Metzmacher
5126b52810 s4:kdc: use the remote and local address from the stream_connection struct 
metze
 2009-12-24 17:38:33 +01:00
Stefan Metzmacher
500f55ca92 s4:smbd: hold tsocket_addresses on the stream_connection 
metze
 2009-12-24 17:38:33 +01:00
Stefan Metzmacher
4e2da423de s4:smb_server: fix mixing socket_address and tsocket_address 
metze
 2009-12-24 17:38:33 +01:00
Stefan Metzmacher
d3ee0f021b s4:lib/socket: add socket_get_{remote|local}_addr() to get a tsocket_address instead of a socket_address 
metze
 2009-12-24 17:38:33 +01:00
Stefan Metzmacher
445baf53a9 s4:lib/socket: add helpers functions to convert between socket_address and tsocket_address 
metze
 2009-12-24 17:38:32 +01:00
Simo Sorce
67d1af4384 s4:cleanups More trailing spaces and tabs 2009-12-23 15:17:56 -05:00
Simo Sorce
da27d4e465 s4:cleanups remove trailing spaces and tabs 2009-12-23 15:09:49 -05:00
Simo Sorce
7e8b042b07 s4:ldb Fix declaration in the middle of the code 2009-12-23 10:33:26 -05:00
Simo Sorce
4cc0bb7d04 s4: Fix the build 2009-12-23 10:28:44 -05:00
Matthieu Patou
8dc636ad67 s4: tests controls parsing and using for ldbadd/ldbedit/ldbmodify 2009-12-23 08:09:19 -05:00
Matthieu Patou
3bd4f6792c s4: make ldbadd/ldbmodify/ldbdelete really use the --controls switch 2009-12-23 08:09:19 -05:00
Andrew Bartlett
585900deb5 s4:gensec Don't give a warning when Windows client connects with NTLM 
We have had the workaround for a long time, but at the time the log
warnings remained.

Andrew Bartlett
 2009-12-22 17:30:05 +11:00
Andrew Bartlett
0809696dbf s4:auth Change 'get_challenge' API to be more like Samba3 
It is just easier to fill in the known to be 8 byte challenge than
stuff about with allocated pointers.

Andrew Bartlett
 2009-12-22 17:29:15 +11:00
Andrew Bartlett
383369e8f2 s4:auth generate the prototype file in the right place 2009-12-22 17:29:13 +11:00
Andrew Bartlett
551ea65c96 Samba4 and LDB requires talloc 2.0.1 
reported by ewoud@kohlvanwijngaarden.nl
 2009-12-22 17:27:03 +11:00
Tim Prouty
fd5350de1f s4 torture: Add RAW-OPLOCK-EXCLUSIVE7 which is similar to BATCH19 2009-12-21 17:27:37 -08:00
Tim Prouty
43a8b49f83 s4 torture: Update raw oplock to use win7 as the baseline for rename oplock break behavior 2009-12-21 17:27:36 -08:00
Tim Prouty
c33988c040 s4 torture: Be more permissive with share modes for oplock testing 
Share modes are tested elsewhere, and there is currently an outstanding
issue about share mode contention for nt-passthrough levels:

http://lists.samba.org/archive/cifs-protocol/2009-December/001227.html
 2009-12-21 17:27:36 -08:00
Tim Prouty
fd0c3a2264 s4 torture: Do a better job of closing open files in RAW-OPLOCK. 2009-12-21 17:27:36 -08:00
Jelmer Vernooij
2a9c22798d param: Fix build on systems without ldb installed. 2009-12-22 01:24:58 +01:00
Jelmer Vernooij
5b9e98a382 provision/pyldb: Avoid linking in static python ldb module. 2009-12-21 23:40:12 +01:00
Jelmer Vernooij
1d9a243d68 ldb_wrap: Fix compilation when using system ldb. 2009-12-21 23:40:12 +01:00
Jelmer Vernooij
c8e62797eb Fix initialisation of TypeObject samba.param.LoadparmService. 
Found by Ricardo Jorge <rvelhote@gmail.com>.
 2009-12-21 23:40:11 +01:00
Andrew Tridgell
0c362597c0 s4-schema: fixed the sorting of schema attributes 
another case of unsigned int subtracting breaking sorts. This one
surfaced now as attributeID_id now can be larger than 2^31
 2009-12-21 23:45:23 +11:00
Andrew Tridgell
ec7dc6a619 s4-torture: update uuid_compare test for new behaviour 2009-12-21 23:45:22 +11:00
Kamen Mazdrashki
ad35153ef4 s4-drs: Implement constraints on ATTID values in prefixMap 
Ref: MS-ADTS, 3.1.1.2.6 ATTRTYP

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-21 23:45:18 +11:00
Kamen Mazdrashki
911cefd48b s4-tort: Test handling of different ATTID values in prefixMap interface. 
It turns out ATTID values are separated in ranges.
Ref: MS-ADTS, 3.1.1.2.6 ATTRTYP

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-21 23:45:12 +11:00
Nadezhda Ivanova
35b8808b94 Adapted acl module to skip checks if as_system control is provided. 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-21 23:45:06 +11:00
Kamen Mazdrashki
9f6c81874f s4-drs: Save prefix map using LDB_CONTROL_AS_SYSTEM control 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-21 23:45:00 +11:00
Kamen Mazdrashki
7685bbbc4e s4-dsdb-util: Execute ldb_request using LDB_CONTROL_AS_SYSTEM 
This function is intended to be used when data needs
to be modified skipping access checks.

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-21 23:44:53 +11:00
Kamen Mazdrashki
11e2c5777d s4-dsdb-util: Utility function to process ldb_request in transaction 
This function is to be used later for manually crafted
ldb_requests from within dsdb layer

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-21 23:44:47 +11:00
Kamen Mazdrashki
516316b107 s4-schema: Implement msDS-IntId attribute generation 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-21 23:44:41 +11:00
Kamen Mazdrashki
a409c0f037 s4-schema: Constraints on msDS-IntId attribute 
This attribute can not be modified on existing schema object.

msDS-IntId is not allowed during attribute creation also.

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-21 23:44:36 +11:00
Kamen Mazdrashki
4e8ad284f5 s4-schema: Set ATTID in schema cache from "msDS-IntId" 
According to http://msdn.microsoft.com/en-us/library/cc223224%28PROT.13%29.aspx
some Attributes OIDs may not use prefixMap.
Setting ATTID in Schema Cache here should work, although
this code snippet should be moved in separate function.

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-21 23:44:29 +11:00
Kamen Mazdrashki
14bac3a3e6 Revert "s4-drs: cope with bogus empty attributes from w2k8-r2" 
This reverts commit 1287c1d115.

Next patch should fix the "not recognized ATTIDs" problem

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-21 23:44:19 +11:00
Kamen Mazdrashki
ee48f583b5 s4-tort: Tests for "msDS-IntId" attribute implemented 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-21 23:44:13 +11:00
Kamen Mazdrashki
c113be8526 s4-tort: Move Schema tests from ldap.py into separate module 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-21 23:44:05 +11:00
Kamen Mazdrashki
d9606d64dd s4-drs: Fix bug - prefixMap is not updated when adding new OIDs. 
The bug is that prefixMap is updated only memory when
adding new Classs/Attribute that has and OID not in
prefixMap already.

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-21 23:43:51 +11:00
Kamen Mazdrashki
03a1451bbc s4-drstest: Don't remove temp LDB so it can be reviewed if necessary 
This test makes temp directory which is not removed
so why not just leave LDB also.

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-21 23:43:17 +11:00
Andrew Tridgell
452fc0d6f4 s4-repl: give a reason why the prepare commit failed 2009-12-21 23:41:09 +11:00
Andrew Tridgell
92d75a4bfb s4-kcc: don't crash with a NULL ntds connection list 2009-12-21 23:41:09 +11:00
Andrew Tridgell
60acce584b s4-repl: only try to replicate for NCs that we are a master for 2009-12-21 23:41:09 +11:00
Andrew Tridgell
87f28cc267 s4-torture: another unsigned comparison bug 2009-12-21 23:41:08 +11:00
Andrew Tridgell
ec74ffa8f0 s4-schema: a unsigned comparison bug in the schema code 2009-12-21 23:41:08 +11:00
Andrew Tridgell
d3708109a1 s4-drs: another two unsigned comparison bugs 2009-12-21 23:41:07 +11:00
Andrew Tridgell
2a4a159a84 s4-repl: lower debug level of a common message 2009-12-21 23:41:07 +11:00
Andrew Tridgell
47560bfda9 s4-dsdb: don't use a non-constant format string for a printf format 2009-12-21 23:41:06 +11:00
Andrew Tridgell
a070119de3 s4-dsdb: added DSDB_MODIFY_RELAX flag to the dsdb_module_*() calls 2009-12-21 23:41:06 +11:00
Andrew Tridgell
9d56f656d4 s4-dsdb: added dsdb_get_extended_dn_uint64() 2009-12-21 23:41:05 +11:00
Andrew Tridgell
e89a2db4f2 s4-dsdb: use varargs expression in dsdb_module_search() 
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2009-12-21 23:41:05 +11:00
Andrew Tridgell
2c88ffb8f1 s4-dsdb: added two new dsdb_get_extended_dn_*() helper functions 
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2009-12-21 23:41:04 +11:00
Andrew Tridgell
dbda2c2db5 s4-provision: added a note about where invocationIDs come from 
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2009-12-21 23:41:04 +11:00
Andrew Tridgell
882768c878 s4-dsdb: give us an invocationID when in standalone mode 
To allow us to use the repl_meta_data module in standalone mode (and
thus not have two module stacks to test), we need a invocationID
stored somewhere when standalone. This creates a random one, and
stores it in @SAMBA_DSDB.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2009-12-21 23:41:04 +11:00
Stefan Metzmacher
fcbe8f0c80 s4:kdc: setup the local and remote tsocket_address at accept time 
metze
 2009-12-19 18:24:26 +01:00
Stefan Metzmacher
4dc958c7c8 s4:kdc: convert UDP based communication to tdgram_context 
metze
 2009-12-19 18:24:26 +01:00
Zachary Loafman
daa561d75b s4 torture: Add test to show archive bit behavior with directories 
Signed-off-by: Tim Prouty <tprouty@samba.org>
 2009-12-18 10:52:45 -08:00
Tim Prouty
9b869230a7 s4 torture: Fix RAW-STREAMS-DELETE to pass against samba3 2009-12-18 10:52:45 -08:00
Nadezhda Ivanova
ea365af4f5 Added freeing a successful req so it doesnt croud the ldb context 2009-12-18 17:57:08 +02:00
Nadezhda Ivanova
39616c0ea2 Added oid for AS_SYSTEM control, used to bypass access checks for system operations. 2009-12-18 15:40:11 +02:00
Andrew Tridgell
19cdcdec09 s4-dsdb: stop warnings about unknown struct GUID in prototypes 
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2009-12-18 21:03:40 +11:00
Andrew Tridgell
cb841c363a s4-ldb: fixed a valgrind error in ldbtest 
we were using msg->dn after the ldb it contained had been freed

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2009-12-18 21:03:40 +11:00
Andrew Tridgell
5d7805b07f s4-dsdb: greatly simplify the subtree_delete module 
We can use dsdb_module_search() to make this much simpler

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2009-12-18 21:03:40 +11:00
Andrew Tridgell
b3c69e76ec s4-dsdb: declare ldb_dn_update_components() 2009-12-18 21:03:39 +11:00
Andrew Tridgell
82bf0d8bc6 s4-dsdb: added ldb_dn_update_components() 
This is used to udpate just the DN components of a ldb_dn, leaving the
other extended fields alone. It is needed to prevent linked attribute
updates from removing other extended components.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2009-12-18 21:03:39 +11:00
Andrew Tridgell
db76e65318 s4-dsdb: fixed the sort in dsdb_find_nc_root() 2009-12-18 21:03:39 +11:00
Andrew Tridgell
f392ae5169 s4-ldb: display msDS-OptionalFeatureGUID as a GUID 
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2009-12-18 21:03:39 +11:00
Andrew Tridgell
811b4054f9 s4-scripts: add a enablerecyclebin script 
This can be used to enable the recyclebin on a windows box. Once we
properly implement this feature in samba we will use this to enable
the feature on ourselves as well.
 2009-12-18 21:03:39 +11:00
Andrew Tridgell
20869a0bf0 s4-ldb: canonicalise the message on ldb_add 
This canonicalise avoids a problem with an add that has multiple
elements with the same el->name. That is allowed by MS servers, and by
ldb, but it breaks things like the tdb backend and the repl_meta_data
RPMD handling.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2009-12-18 21:03:39 +11:00
Brendan Powers
7cb858e151 s4-dsdb: Add a test for adding, deleting, and appending a posixAccount objectClass to a user 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2009-12-18 14:27:44 +11:00
Brendan Powers
08060068bf s4-dsdb: fix handling of AUX classes in objectclass_sort 
This is done by sorting the classes by subClass_order, which will
check if the last structural class is valid to add (in
objectclass_do_add instead checking the last class in the list).

They were being sorted by building a class tree, and adding the
classes to the list in that order. However, AUX classes usually don't
fit into that tree, so LDB_ERR_OBJECT_CLASS_VIOLATION was returned. I
have changed the behavior to sort the classes by subClass_order
instead.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2009-12-18 14:27:44 +11:00
Brendan Powers
8b88925654 s4-dsdb: return an error if samAccountName is not specified when creating a user. 
Makes sure samAccountName has been specified before adding a
user. This happened while I was trying to add a user with the
posixAccount objectclass. I forgot to specify the user objectClass,
and samba segfaulted. It now returns LDB_ERR_CONSTRAINT_VIOLATION.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2009-12-18 14:27:43 +11:00
Brendan Powers
d99084ffdb s4-dsdb: Move get_last_structural class from descriptor.c to util.c 
It can now also be used by objectclass.c

get_last_structural_class now ignores AUX classes, because they are
not structural

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2009-12-18 14:27:43 +11:00
Brendan Powers
2ad086e7f6 s4-dsdb: Add a check to prevent acl_modify from debuging a NULL message 
Check to see if there were any messages passed to acl_modify before
debugging the first one. I think I caused this by some malformed
LDIF.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2009-12-18 14:27:43 +11:00
Andrew Bartlett
c3d1e5ca0c s4:provision Give a more useful error message in guess_names 
The problem here is that as we start to get 'real users' they still
decide to do silly things, like load empty but existing smb.conf
files.  Let's give them a better chance to discover what they did
wrong.

Andrew Bartlett
 2009-12-18 14:27:43 +11:00
Tim Prouty
cfbf62dbfd s4 torture: RAW-STREAMS-NAMES Make sure the create time of the streams are different from the base file 2009-12-17 18:13:54 -08:00
Tim Prouty
c3582f923e s4 torture: Add RAW-STREAMS-RENAME3 to show error when trying to overwrite a stream with an open handle 
A normal file overwrite in this case would return NT_STATUS_ACCESS_DENIED,
but if a stream is the target NT_STATUS_INVALID_PARAMETER is returned.
 2009-12-17 18:13:48 -08:00
Tim Prouty
f8bb5a60e7 s4 torture: Parameterize streams delete behavior rather than commenting out the check. 2009-12-17 17:58:35 -08:00
Tim Prouty
f02206d933 s4 torture: RAW-STREAMS-CREATEDISP Use a normal deny mode 2009-12-17 17:58:35 -08:00
Tim Prouty
5c13a90abe s4 torture: close handle instead of using exit 2009-12-17 17:58:34 -08:00
Matthias Dieter Wallnöfer
bbec305135 s4:"samdb_set_password" - remove delete instructions 
They won't work when the LDB change is done using "samdb_replace"
(consider "samr_password.c" functions).

I think this has been a relict which has been useful before the "password_hash"
module existed. Basically it itself does now the updates.
 2009-12-17 20:00:19 +01:00
Günther Deschner
dc4c411242 s4-smbtorture: skip GetAliasMembership against s4. 
It returns NT_STATUS_INTERNAL_DB_CORRUPTION for unknown sids and I could not
figure out why.

Guenther
 2009-12-17 18:05:36 +01:00
Nadezhda Ivanova
c0883fb451 Fixed incorrect checking of PRINCIPAL_SELF permissions. 
If an ace has the PRINCIPAL_SELF as trustee, this sid has to be replaced with
the onjectSid of the object being checked. PRINCIPAL_SELF is the way to grant rights
to an account over itself.
 2009-12-17 17:25:11 +02:00
Günther Deschner
619ad0c6ec s4-smbtorture: add a samr_GetAliasMembership test to RPC-SAMR. 
Guenther
 2009-12-17 15:40:42 +01:00
Matthias Dieter Wallnöfer
1d0f364fad s4:dsdb/common/util - make NTTIME attribute wrappers use a "const" message 
There is no reason to have the message non-const here.
 2009-12-17 12:43:10 +01:00
Günther Deschner
a9689bb755 s4-smbtorture: fix smbtorture after setprinter IDL fixes. 
Guenther
 2009-12-17 10:43:32 +01:00
brendan powers
0708b2a0c9 s4-ntvfs: check if pvfs is NULL in pvfs_logoff 
pvfs can be NULL if the directory a share points to does not exist. In
this case, there would be no open files, so it is safe to just return
from the function.

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-17 11:48:39 +11:00
Stefan Metzmacher
fae70e1f54 s4:gensec: allow clearing local and remote address by passing NULL 
metze
 2009-12-16 20:34:15 +01:00
Andreas Schneider
c457d54434 s4-gensec: Remove obsolete socket_address vars and fns. 2009-12-16 20:28:39 +01:00
Andreas Schneider
1e5488859a s4-gensec: Replace gensec_get_peer_addr with new tsocket based fn. 2009-12-16 20:28:38 +01:00
Andreas Schneider
ac2d31e24c s4-gensec: Replace gensec_set_peer_addr with new tsocket based fn. 2009-12-16 20:28:38 +01:00
Andreas Schneider
8ca88042f0 s4-gensec: Replace gensec_get_my_addr with new tsocket based fn. 2009-12-16 20:28:38 +01:00
Andreas Schneider
226a9db2d9 s4-gensec: Replace gensec_set_my_addr() with new tsocket based fn. 2009-12-16 20:28:38 +01:00
Andreas Schneider
743e6363d5 s4-gensec: Added remote and local setter/getter using tsocket. 2009-12-16 20:28:37 +01:00
Andrew Tridgell
8d3fc23157 s4-dsdb: also mark the relax control non-critical when done 2009-12-16 20:56:24 +11:00
Andrew Tridgell
558a38671a s4-dsdb: it is a better pattern to mark a control as done than remove it 
removing a control means it can't be seen by any other modules, which
is usually not what is wanted. Better to just mark it non-critical,
which means anyone else who wants to look at it can, but if nobody
does its not an error.
 2009-12-16 20:56:24 +11:00
Andrew Tridgell
41e403adb0 s4-dsdb: when the SD_FLAGS control is set, don't remove nTSecurityDescriptor 2009-12-16 20:56:24 +11:00
Andrew Tridgell
934bb28ef3 s4-dsdb: don't actually remove the sd_flags control, just mark it non-critical 
For controls that need to be seen by more than one module, it is best
to just mark them non-critical when handled, instead of removing
them. Otherwise lower modules can't see them.

In this case we want the operational module to see the SD_FLAGS
control
 2009-12-16 20:56:24 +11:00
Andrew Tridgell
9955756314 s4-ldb: show the OID of any unhandled critical controls 
It isn't very useful just saying that a control is not supported,
without saying which one is the problem

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2009-12-16 20:56:23 +11:00
Andrew Tridgell
f8320b3559 s4-ldb: fixed a transaction error on prepare_commit 
when a prepare commit fails, we need to give a cancel to all modules,
not a commit!

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2009-12-16 20:56:23 +11:00
Andrew Tridgell
e14c72877f s4-ldb: added --show-deactivated-link command line option 
this adds the SHOW_DEACTIVATED_LINK control
 2009-12-16 20:56:23 +11:00
Andrew Tridgell
6c2125572c s4-dsdb: added dsdb_get_deleted_objects_dn() 
This is based on the code from Eduardo Lima <eduardoll@gmail.com>, but
uses the new helper functions added in the last couple of commits

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2009-12-16 20:56:22 +11:00
Andrew Tridgell
3c1f18c5e2 s4-dsdb: added dsdb_find_nc_root() 
This is based on the function of the same name from Eduardo Lima
<eduardoll@gmail.com>, but using ldb_dn_compare, to give us
comparisons consistent with what the rest of the code uses.

We will use this function in combination with dsdb_wellknown_dn() to
find the Deleted Objects container for any object.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2009-12-16 20:56:22 +11:00
Andrew Tridgell
7d0fdcae1e s4-dsdb: added dsdb_wellknown_dn() 
This finds a wellknown object given its GUID

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2009-12-16 20:56:22 +11:00
Andrew Tridgell
8a74633eaa s4-dsdb: added a dsdb_module_rename() call 
This will be used by the replmd_delete() code

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2009-12-16 20:56:21 +11:00
Andrew Tridgell
9fa1f96172 s4-dsdb: added dsdb_module_modify() 
This is used to do a sync modify in a module

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2009-12-16 20:56:21 +11:00
Andrew Tridgell
4b970c00ae s4-dsdb: fixed dsdb_module_dn_by_guid() 
needs to ask for the DN in storage format, plus fix compilation errors
 2009-12-16 20:56:21 +11:00
Andrew Tridgell
cd4574ff84 s4-dsdb: dsdb_flags should be unsigned 
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2009-12-16 20:56:21 +11:00
Andrew Tridgell
57b10b664b s4-dsdb: rename dsdb_module_search_handle_flags to dsdb_request_add_controls 
This function will be used for non-search controls, like relax
 2009-12-16 20:56:21 +11:00
Andrew Tridgell
951592687a s4-dsdb: added dsdb_module_dn_by_guid() 
This finds a DN given a GUID, searching below the current module in
the module stack.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2009-12-16 20:56:20 +11:00
Andrew Tridgell
32995e84a2 s4-dsdb: use dsdb_dn_is_deleted_val() 
This also moves the check to before we parse the DN, which saves some
unnecessary work

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2009-12-16 20:56:20 +11:00
Andrew Tridgell
152f415ba8 s4-dsdb: added dsdb_dn_is_deleted_val() 
This is used to determine if a extedned DN has the 'DELETED=1'
component

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2009-12-16 20:56:20 +11:00
Andrew Tridgell
d31b6360d6 s4-ntvfs: try to fix bug 6989 
bug 6989 is a rare crash that has occurred in production. My best
guess as to the cause is the talloc_free() not being specific enough
as to which parent needs to be freed.
 2009-12-16 20:56:20 +11:00
Matthias Dieter Wallnöfer
e22e336f41 s4:drsuapi/getncchanges.c - Update the list of operational attributes 
- Reorder them as specified in "operational.c"
- Add also the lan manager hash password attribute
 2009-12-16 09:45:22 +01:00
Günther Deschner
308b50a7bb s4-smbtorture: run GetPrinterDriver2 tests against each printer's driver. 
Guenther
 2009-12-16 01:13:43 +01:00
Andreas Schneider
b55d07615b s4-kdc: Migrate to tsocket_address. 2009-12-15 23:34:23 +01:00
Volker Lendecke
4a19adadcc smbtorture4: Add rpc-samba3-getaliasmembership-0 2009-12-15 12:28:16 -08:00
Nadezhda Ivanova
4330efe0f2 Removed ldb_modify_ctrl from ldb, implemented as a static in ldap_backend. 2009-12-15 20:29:20 +02:00
Aravind Srinivasan
b85f6f63e6 s4 torture: Add new RAW-SEARCH test to explore strange max count behavior 
Signed-off-by: Tim Prouty <tprouty@samba.org>
 2009-12-15 09:51:36 -08:00
Aravind Srinivasan
8ba02d9ed9 s4 torture: Update RAW-QFILEINFO to only test info levels that are supported by the server 
Signed-off-by: Tim Prouty <tprouty@samba.org>
 2009-12-15 09:40:05 -08:00
Zach Loafman
5930f770d2 s4 torture: Convert RAW-OPEN to suite form 2009-12-15 09:13:24 -08:00
Tim Prouty
d732fb43a6 s4 torture: Add SHARE_DELETE to create_directory_handle 
Tests explicitly checking share modes should open the dir/file
with the share mode they want to test.
 2009-12-15 09:13:24 -08:00
Brian Lu
f346079083 s4:tls: fix the build on Solaris 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2009-12-15 12:56:50 +01:00
Nadezhda Ivanova
4deaa84ce4 Fixed a problem with duplicate values of allowedAttributesEffective. 2009-12-15 12:02:20 +02:00
Matthieu Patou
ef5508bc78 s4: rename res/res2 to something more explicit 2009-12-15 10:04:05 +11:00
Matthieu Patou
d2ec67eb53 s4: upgradeprovision handle renaming and knownobjects 2009-12-15 10:04:05 +11:00
Matthieu Patou
fb85977d7c s4: upgradeprovision rename also when there is a mismatch on the case of name attribute 
Renaming not only helps when name attribute is not here
  it also helps when the case is not the good one. So
  in order to avoid problem and have as much as possible similar provision
  we should use the rename whenever a name difference appear.
 2009-12-15 10:04:04 +11:00
Matthieu Patou
3357319620 s4: reorder action to permit old provision to be correctly upgraded 2009-12-15 10:04:04 +11:00
Endi Sukma Dewata
f871de7def s4:provision - Remap conflicting thumbnailPhoto and thumbnailLogo OID's. 2009-12-15 10:04:04 +11:00
Andrew Tridgell
9260396bbc s4-dsdb: added REVEAL_INTERNALS flag to dsdb_module_search_handle_flags() 2009-12-14 22:29:58 +11:00
Andrew Tridgell
7f6b524bf6 s4-devel: support vampire_ad.sh with no initial smb.conf 2009-12-14 22:29:58 +11:00
Andrew Tridgell
b11b22752a s4-loadparm: call reload_charcnv() also for a missing smb.conf 
bin/net vampire with a missing smb.conf would segfault as the iconv
convenience pointer had not been setup.
 2009-12-14 22:29:58 +11:00
Andrew Tridgell
7f16da7473 s4-dsdb: return a zero guid on error in samdb_result_guid() 2009-12-14 22:29:58 +11:00
Andrew Tridgell
bb009412d3 heimdal: work around differences between GNU and XSI strerror_r() 
This is a fairly ugly workaround, but then again, strerror_r() is a
very ugly mess.
 2009-12-14 22:29:57 +11:00
Andrew Tridgell
665e57f956 s4-dsdb: use the reveal control to hide/show extended DN components 
When reveal is set, then we show deleted linked attributes and all
linkked attribute components. When not set we show a normal extended
DN.
 2009-12-14 22:29:57 +11:00
Andrew Tridgell
e3c2309dcd s4-ldb: added new ldb_dn extended components for linked attributes 
These will store linked attribute replication meta data
 2009-12-14 22:29:57 +11:00
Andrew Tridgell
0d76df9953 s4-ldb: added a function to filter extended components of a ldb_dn 
We need to be able to filter out components that should not be exposed
to users
 2009-12-14 22:29:57 +11:00
Andrew Tridgell
725e25a206 s4-ldb: added a new "reveal" control 
This control will allow inspection of internal ldb values, which would
normally be stripped before being presented to users. The first use
will be stripping linked attribute meta data extended components.
 2009-12-14 22:29:57 +11:00
Andrew Tridgell
56b90acbf6 s4-ldb: sort the linearized extended DN by component name 
This will make life easier when handling deleted linked attributes
 2009-12-14 22:29:57 +11:00
Matthieu Patou
155bdea7b2 torture: add new tests for dfsblobs 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2009-12-14 10:58:32 +01:00
Günther Deschner
801fbd0569 s4-smbtorture: check whether a returned buffer size is a multiple of 4 in RPC-SPOOLSS. 
This gives a good indication where our IDL (and the s3 spoolss implementation) is still wrong.

Guenther
 2009-12-14 10:37:41 +01:00
Matthias Dieter Wallnöfer
f8c34c4df1 s4:"samdb_set_password_sid" - clean up created objects correctly 
- We should clean up such "helper" objects created in this function to don't
  have them around until "mem_ctx" is destroyed
- Remove a from my view pointless comment "This is a password set, not change"
  since an external argument "user_change" decides this ("modify" or "(re)set")
 2009-12-13 16:13:34 +01:00
Matthias Dieter Wallnöfer
1788abba14 s4:operational LDB module - cosmetic - reorder an attribute list 
This matches the default handling order in the "password_hash" module (it's nice
to have this consistent).
 2009-12-12 17:59:05 +01:00
Matthias Dieter Wallnöfer
5767b1dacc s4:utils/oLschema2ldif.c - remove (now) unused variables 2009-12-11 20:20:02 +01:00
Matthias Dieter Wallnöfer
31321ac868 s4:libnet/libnet_become_dc - Fix a small glitch in "becomeDC_drsuapi1_add_entry_send" 
We shouldn't use the now uninitialised "status" variable anymore.
 2009-12-11 11:19:32 +01:00
Günther Deschner
dc71d1c29d s4-smbtorture: add more spoolss_EnumPrinterKey tests for local NDR test. 
Guenther
 2009-12-10 22:49:15 +01:00
Günther Deschner
ce33967f4a s4-smbtorture: fix and extend enum printerkey test. 
Guenther
 2009-12-10 17:48:50 +01:00
Nadezhda Ivanova
56b754e09a Implementation of sDRightsEffective, allowedAttributesEffective and allowedChildClassesEffective. 
Behavior as documented in WSPP and tested. Needs optimisation though.
 2009-12-10 15:49:53 +02:00
Andrew Tridgell
c59372b0b8 s4-ldb: fixed 2 bugs in ldb_dn_set_extended_component() 
The first bug was that setting a component twice could cause it to
appear twice in the DN.

The second bug was that using an existing ldb_val from a previous call
of ldb_dn_get_extended_component() as an argument to
ldb_dn_set_extended_component() would cause a valgrind error (as the
array the val pointed into will change).
 2009-12-10 17:51:30 +11:00
Andrew Tridgell
62dc7f6b2d s4-libcli: GUID_from_ndr_blob() is strict about the blob size 
We need to create a blob of the right length
 2009-12-10 17:51:30 +11:00
Andrew Tridgell
c7c97b61ae s4-schema: use GUID_to_ndr_blob() 2009-12-10 17:51:29 +11:00
Andrew Tridgell
d35b7d0aa4 s4-schema: use binsearch.h 2009-12-10 17:51:29 +11:00
Andrew Tridgell
261ba40e77 s4-dsdb: use GUID_to_ndr_blob() 2009-12-10 17:51:29 +11:00
Andrew Tridgell
215cc5a9ed s4-ldb: use GUID_to_ndr_blob() 2009-12-10 17:51:29 +11:00
Andrew Tridgell
982228605f s4-libnet: use GUID_to_ndr_blob() 2009-12-10 17:51:28 +11:00
Andrew Tridgell
b4ea96ecd9 s4-libcli: use GUID_to_ndr_blob() 2009-12-10 17:51:28 +11:00
Andrew Tridgell
33cbe9c631 s4-server: use GUID_to_ndr_blob() in cldap and smb servers 2009-12-10 17:51:28 +11:00
Andrew Tridgell
2493776f59 s4-ldb: simplify ldif handlers using new GUID functions 2009-12-10 17:51:27 +11:00
Andrew Tridgell
d337cefa92 s4-dsdb: simplify samdb_result_guid() 2009-12-10 17:51:27 +11:00
Andrew Tridgell
56b887e5b9 s4-dsdb: simplify linked attributes code using GUID functions 2009-12-10 17:51:27 +11:00
Andrew Tridgell
81bc561330 s4-dsdb: simplify schema code using new GUID functions 2009-12-10 17:51:27 +11:00
Andrew Tridgell
f01ea8bf58 s4-smb2: use new GUID function in smb2 negprot 2009-12-10 17:51:27 +11:00
Andrew Tridgell
498f2b879a s4-libcli: use new GUID functions in libcli 2009-12-10 17:51:26 +11:00
Andrew Tridgell
08e8988bd8 s4-dsdb: use GUID_from_ndr_blob() to create dsdb_get_extended_dn_guid() 2009-12-10 17:51:26 +11:00
Günther Deschner
d2f13dd688 s4-smbtorture: enhance spoolss_EnumPrinterKey torture test. 
This demonstrates that s3 still does not have that call implemented correctly.

Guenther
 2009-12-09 15:34:45 +01:00
Andrew Tridgell
0fca76e577 s4-dsdb: added dsdb_functional_level() helper function 2009-12-09 18:18:26 +11:00
Andrew Tridgell
732c701c52 s4-drs: ensure we fill in ncRoot_dn in getncchanges 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-09 18:18:26 +11:00
Andrew Tridgell
16eb25b35b s4-drs: use parentGUID attribute in getncchanges 
Now that parentGUID is reliable again, use it instead
of building our own

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-09 18:18:25 +11:00
Andrew Tridgell
4bb2958f16 s4-ldb: fixed nested searches inside ldb modules 
We need to keep a search count in ltdb to allow for nesting
of searches inside a module

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-09 18:18:25 +11:00
Andrew Tridgell
e5a478d3a2 s4-ldb: added a missing ltdb_unlock_read() 2009-12-09 18:18:25 +11:00
Andrew Tridgell
33976711e3 s4-dsdb: use dsdb_module_search_dn in repl_meta_data 
This allows us to search below the current module. That
will be important when we start using the results of this
search to get the linked attributes meta data right
 2009-12-09 18:18:25 +11:00
Andrew Tridgell
707cd30cda s4-dsdb: fixed steal of parentGUID for empty msg 
msg->elements could be NULL before we add parentGUID
 2009-12-09 18:18:25 +11:00
Andrew Bartlett
18530985ec s4: On the way to alpha11 2009-12-09 11:52:41 +11:00
Andrew Bartlett
100e249c79 This is alpha10 2009-12-09 00:16:17 +11:00
Stefan Metzmacher
dd650edff2 s4:selftest: skip SMB2-ACLS for now 
metze
 2009-12-08 13:50:16 +01:00
Stefan Metzmacher
33ecfb05a4 s4:selftest: run RAW-STREAMS again 
metze
 2009-12-08 13:50:16 +01:00
Stefan Metzmacher
d3d2e3988f RAW-STREAMS: convert failing tests to torture api 
This is needed as we want to mark failing tests as
known failures.

metze
 2009-12-08 13:50:15 +01:00
Günther Deschner
5e8e5dfe88 s4-smbtorture: make level 8 the reference for PrinterDriverEnum test. 
Guenther
 2009-12-08 11:51:09 +01:00
Günther Deschner
35c067782b s4-smbtorture: fill in COMPARE_STRING_ARRAY macro in spoolss driver test. 
Guenther
 2009-12-08 10:37:13 +01:00
Stefan Metzmacher
ed5c3372de s4:selftest: use ${selftest_prefix} instead of hardcoded st/ 
metze
 2009-12-08 09:19:35 +01:00
Andrew Tridgell
52083a8547 s4-selftest: show the test summary at the end of 'make test' in the build farm 
This should make it easier to see what tests are failing with what
parameters
 2009-12-08 15:59:10 +11:00
Andrew Tridgell
29c87ef830 s4-heimdal: fixed a use-after-free heimdal bug 
This caused samba4kinit to segfault on some systems
 2009-12-08 15:16:13 +11:00
Andrew Tridgell
cc9d4d5181 s4-drs: use -r to ldbdel in unvampire devel script 
This ensures we delete any nTDSConnection objects
 2009-12-08 14:43:50 +11:00
Andrew Tridgell
ff984cdfac s4-ldb: fixed ldbdel with -r (recursive deletion) 
We need to delete the deepest DNs first
 2009-12-08 14:43:50 +11:00
Andrew Bartlett
b2d8e1118d s4:build Bump ldb and tdb required versions. 
Hopefully this will ensure we don't get an older version from the system.
 2009-12-08 14:07:45 +11:00
Tim Prouty
1bf825b6f8 s4 torture: Cleanup RAW-ACLS a bit 
Don't check SEC_DESC_DACL_AUTO_INHERITED right now
Disable RAW-ACLS-INHERITFLAGS for the short term
Update samba4's knownfail accordingly
 2009-12-07 17:59:28 -08:00
Andrew Tridgell
978dc61b56 s4-selftest: don't consider spoolss failures to be an error in s4 2009-12-08 12:39:11 +11:00
Kamen Mazdrashki
f1d9382b18 s4/smbstreams: Fix memory use after free. 
The bug is that sometimes 'streams' is parent for 'new_name'.
With this said, 'new_name' must be dupped before 'streams'
pointer is freed.

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-08 12:39:11 +11:00
Kamen Mazdrashki
bf7cc3262e krb5: Fix leaked hx509_context pointer 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-08 12:39:10 +11:00
Tim Prouty
105eb95a57 s4 quicktest: exclude raw-streams from quicktest until bug is fixed 2009-12-07 16:54:17 -08:00
Tim Prouty
f717a79eff s4 torture: Add a new torture:hide_on_access_denied parameter 
It appears some newer versions of windows return
NT_STATUS_OBJECT_NAME_NOT_FOUND on a createfile when access is denied
rather than NT_STATUS_ACCESS_DENIED.  I'm not sure how this translates
to directory enumeration yet, but for now make this a parameter that
can be checked in the various torture tests.

This also gets RAW-ACLS and SMB2-CREATE passing against win7.
 2009-12-07 16:54:17 -08:00
Tim Prouty
f4aa47b5ab s4 torture: win 7 doesn't like the sequential_only flag for directories 
Remove it for now
 2009-12-07 16:54:16 -08:00
Zack Kirsch
d252d23ff1 s4 torture: Port RAW-ACLS tests to SMB2 
- The smblsa calls had to be commented out for now and should be fixed
  later, but they aren't crucial to the test.
- The first two tests from RAW-ACLS were already ported to
  torture_smb2_setinfo() and test_create_acl(). Modifications were
  made similar to the RAW-ACLS changes.
- test_sd_get_set() was ported, but does not pass against XP or Vista;
  it is not added to the SMB2-ACLS test suite.
- printf -> torture_comment / torture_warning / torture_result
 2009-12-07 16:54:16 -08:00
Zack Kirsch
8ceb428c55 s4 torure: Add SMB2 utility functions 
- Add a torture_setup_dir() equivalent in SMB2, called smb2_util_setup_dir().
- Add verify_sd() and verify_attrib() helper functions for SMB2.
 2009-12-07 16:54:16 -08:00
Zack Kirsch
1724273ab9 s4 torture: RAW-ACL Improvements 
- Change RAW-ACLS test suite so each test can be run individually.
- Add verify_sd() and verify_attrib() helper functions.
- Change test_nttrans_create() to work for both files and directories.
- Fix a segfault in test_inheritance() when the test errors out early.
- test_sd_get_set() does not pass against XP or Vista, so it is no longer added
  to the RAW-ACLS test suite.
- Minor fixes to test_inheritance().
- New INHERITFLAGS test, which tests the auto inheritance flags a bit more.
- printf -> torture_comment / torture_warning / torture_result
 2009-12-07 16:54:16 -08:00
Tim Prouty
919440a2aa s4 torture: Convert RAW-STREAMS to a set of test suites rather than a monolithic test 2009-12-07 16:52:16 -08:00
Tim Prouty
6bc8a2bf0a s4 torture: Update RAW-RENAME to pass against win7 2009-12-07 16:52:15 -08:00
Tim Prouty
cd72301efa s4 torture: Add a new RAW-STREAMS test to simulate the summary tab 2009-12-07 16:52:15 -08:00
Tim Prouty
5d66d43667 s4 torture: Fix the streams create disposition tests to actually return an error on failure 2009-12-07 16:52:15 -08:00
Steven Danneman
47f5aac39d s4/torture: add test for zero byte read contention with byte range locks 2009-12-07 16:10:25 -08:00
Steven Danneman
995b4800f8 s4/libcli: add define for exclusive lock mode 2009-12-07 16:10:24 -08:00
Steven Danneman
b4c72e44a8 s4/torture: fix >80 column spacing issues 2009-12-07 16:10:24 -08:00
Aravind Srinivasan
0c42d65d7c s4/torture: add delete-on-close test for directories 
This test opens a directory with delete on close, opens it again,
and checks to make sure that the second open returned with
NT_STATUS_DELETE_PENDING.
 2009-12-07 16:10:24 -08:00
Günther Deschner
8de6f7178c s4-smbtorture: disable some spoolss printerdata tests which s3 does not pass at the moment. 
Guenther
 2009-12-07 14:42:13 +01:00
Günther Deschner
123d8d1c2c s4-smbtorture: fix RPC-SPOOLSS after _spoolss_SetPrinterDataEx IDL change. 
Guenther
 2009-12-07 14:42:13 +01:00
Andrew Bartlett
9b0780cf00 s4:dsdb Use ldb_match_msg_objectclass in operational.c 
This avoids not only a possibly non-portable compiler expression, but
also the need to look up the schema each time.

Andrew Bartlett
 2009-12-07 15:28:51 +11:00
Andrew Bartlett
54ea4b17f0 s4:ldb Add a function to match a message against an objectClass 
(as objectClass will always be a case insensitive ascii string, we can
make a much simpler match function here than for the general case).

Andrew Bartlett
 2009-12-07 15:27:43 +11:00
Andrew Bartlett
b2db28b634 s4:ldap.py Improve testsuite for primaryGroupToken behaviour 
This tries to show that the domain object should not have a
primaryGroupToken, for example.  (This passes against the old and new
code, as the failure case requires an object with an objectSid, and
exactly one group in it's subtree.  Sadly I don't know of a valid structure
that I can construct to test this).

Andrew Bartlett
 2009-12-07 13:08:06 +11:00
Andrew Bartlett
354b80b3ae s4:dsdb Make primaryGroupToken calculation more efficient and correct 
The original code here would do a subtree search under each object,
attempting to determine if it was a group.  This was incorrect, and
inefficient - we just need to ask for the objectClass attribute, and
check that value before returning the group's RID.

(Much of this patch reworks operational.c to allow a search for 2
attributes for this calculation).

Andrew Bartlett
 2009-12-07 13:07:56 +11:00
Andrew Bartlett
45cd4c93fb s4:dsdb Make parentGUID handler use dsdb_module_search_dn() 
This avoids doing a new search from the top of the module stack.

This also removes the helper function dsdb_find_parentguid_by_dn()
which is now unused.

Andrew Bartlett
 2009-12-07 13:07:03 +11:00
Andrew Bartlett
a4725f5880 s4:build torturedir and -DTORTUREDIR is unused 
(And made building RPMs much more difficult for JHT)
 2009-12-07 13:07:03 +11:00
Andrew Bartlett
972ee4b97b s4:dsdb Hide the LM password by default too 2009-12-07 13:07:03 +11:00
Kamen Mazdrashki
9b265a68cc s4-ldif: Fix memory leek in ldb_ldif_write() 2009-12-05 16:57:40 -05:00
Jeremy Allison
1d3942c534 Make smbtorture4 match Windows behavior. 
Jeremy.
 2009-12-04 14:02:52 -08:00
Günther Deschner
02fe863039 s4-smbtorture: heavily expand printerdata tests in RPC-SPOOLSS. 
Including new tests for:
- spoolss_SetPrinterDataEx
- spoolss_DeletePrinterDataEx
- spoolss_DeletePrinterKey

Guenther
 2009-12-04 12:55:52 +01:00
Andrew Tridgell
be78d4a70d s4-ldb: fixed show_deleted module not to corrupt parse trees 
The show_deleted module was using a static private ptr in the module
to hold a parse tree to save on parsing. The code caused this
static ptr to change with each search, which caused incorrect
searches and numerous valgrind errors.

This patch replaces it with a hand-built parse tree.
 2009-12-04 17:49:19 +11:00
Andrew Tridgell
ced3eef776 s4-drsutil: fixed a memory leak in samdb_search_count 
In general functions that don't return any memory should not take a memory context.
Otherwise it is too easy to have a bug like this where memory is leaked
 2009-12-04 17:49:19 +11:00
Zachary Loafman
4f6d5d0b86 s4 torture: Convert create_complex_file to use BASIC_INFO instead of deprecated command 
Signed-off-by: Tim Prouty <tprouty@samba.org>
 2009-12-03 20:46:29 -08:00
Zachary Loafman
3507350ad2 s4 torture: Fix call to smbcli_open 
Signed-off-by: Tim Prouty <tprouty@samba.org>
 2009-12-03 20:46:29 -08:00
Zachary Loafman
a3df55b26f s4 torture: Make RAW-SEARCH pass against win7 
Signed-off-by: Tim Prouty <tprouty@samba.org>
 2009-12-03 20:46:25 -08:00
Zachary Loafman
2dc5bd19d4 s4 torture: Parameterize WRITE_AND_CLOSE support 
Signed-off-by: Tim Prouty <tprouty@samba.org>
 2009-12-03 20:21:22 -08:00
Zachary Loafman
f26a500d9f s4 torture: Add lockread_supported based off of CAP_LOCK_AND_READ 
Signed-off-by: Tim Prouty <tprouty@samba.org>
 2009-12-03 20:21:22 -08:00
Zachary Loafman
5882282dea s4 torture: Allow READ to be parameterized, add more readx tests 
Signed-off-by: Tim Prouty <tprouty@samba.org>
 2009-12-03 20:21:22 -08:00
Zachary Loafman
60d9828ade s4-torture: Allow the legacy DENY_FCB/DENY_DOS share modes to be ignored 
Signed-off-by: Tim Prouty <tprouty@samba.org>
 2009-12-03 19:07:54 -08:00
Tim Prouty
5c857768d1 s4 selftest/quicktest: Update known failures for the sfileinfo and oplock changes 
Two new samba4 bugs have been filed for the two corresponding known
failures.  For the short term raw.sfileinfo had to be removed from
quicktest.  It is no longer an individual test, but a test-suite and
quicktest can only run top level tests.
 2009-12-03 18:54:52 -08:00
Tim Prouty
15e1c61027 s4 torture: Add a new RAW-OPLOCK test: BATCH26 
Try a rename with a wide-open share mode on an already open file
and the there is still share mode contention.  For the reason why
see:

http://social.msdn.microsoft.com/Forums/en-US/os_fileservices/thread/3ca14dc9-da1f-4786-a8f7-a86e9903db0c

Msft's anser:

   After further review, The reason for server to fail with sharing
   violation is that the windows server that executes a path-based
   rename request opens the file for DELETE access, but only with
   FILE_SHARED_READ as ShareAccess .  Therefore, the existing
   open(frame 76), which has shared read/write/delete , is compatible
   with the Windows servers access mode (DELETE), but Windows servers
   open is not compatible with access mode in existing open.

   Note that it is correct to state that the logic in Windows server
   could have been written to allow shared read/write/delete in which
   case it would succeed as you mention. The behavior here is
   historical based on the existing implementation.
 2009-12-03 18:54:52 -08:00
Tim Prouty
8f7e5732ef s4 torture: Close the third handle in RAW-OPLOCK-BATCH22 2009-12-03 18:54:52 -08:00
Tim Prouty
522d6bc588 s4 torture: Convert an error to a warning in RAW-OPLOCK-BATCH22 
Some servers choose to mark a client as bad if they fail an oplock
break request by timing out (win7 is an example).  Once the client is
marked as bad, future oplock requests will timeout instantly.  This
causes subsequent runs of this test to fail, so rather than erroring
out as a failure, a warning is printed instead.

There is also a bug in w2k3 where it was incorrectly returning
contending a share mode lock.  It worked in XP and has been re-fixed
in win7.

This can also now be run against samba3.
 2009-12-03 18:54:52 -08:00
Tim Prouty
b14da4f7c5 s4 torture: Add a few more windows target types 2009-12-03 18:54:52 -08:00
Tim Prouty
fc7832602d s4 torture: Convert to a more modern version of read in RAW-OPLOCK-BATCH4 2009-12-03 18:54:52 -08:00
Tim Prouty
af8b7857ca s4 torture: Allow some implementations to break from level1 to none with two breaks 2009-12-03 18:54:52 -08:00
Günther Deschner
2f0548fd98 s4-smbtorture: check more WERRORs in RPC-SPOOLSS. 
Guenther
 2009-12-03 23:48:59 +01:00
Günther Deschner
4e20a6f83b s4-smbtorture: call test_EnumPrinterDrivers with architecture in RPC-SPOOLSS. 
Guenther
 2009-12-03 22:16:24 +01:00
Matthias Dieter Wallnöfer
80e066112c s4:operational LDB module - Fix usage of LDB constants 2009-12-03 12:51:16 +01:00
Matthias Dieter Wallnöfer
fed6ac05d0 s4:ntvfs/posix/pvfs_streams - Fix "discard const" warning 
I removed one "const" in front of a string declaration to achieve this.

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-03 21:46:31 +11:00
Matthias Dieter Wallnöfer
1a855eb741 s4:ntvfs/posix/pvfs_resolve - Fix "discard const" warning 
I removed two "const"s in front of string declarations to achieve this.

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-03 21:46:31 +11:00
Steven Danneman
76be0f6a11 s4/selftest: knownfail some locking tests until bugs are fixed 2009-12-02 17:55:34 -08:00
Steven Danneman
48358b3eaa s4/torture: add multiple lock cancel test 
See what happens when we have multiple outstanding lock requests and
we try to cancel both of them within a single LockingAndX.

On Windows, it seems only the first lock in the array is cancelled,
and the second is left pending.  Though, this behavior goes against
the MS-CIFS spec.
 2009-12-02 17:28:52 -08:00
Steven Danneman
ad9c5a7b88 s4/torture: add addition multiple lock tests 
* test that 2 locks in a single LockAndX are transactional
* test that 1 unlock and 1 lock in a single LockAndX are not
  transactional
* test that SMB2 doesn't like mixed lock/unlock in a single
  PDU
 2009-12-02 17:28:52 -08:00
Steven Danneman
dfbb92e2a1 s4/torture: fix build warnings by removing unecessary const 2009-12-02 17:28:51 -08:00
Steven Danneman
438b7c41ae s4/torture: Add target functionality parameters to SMBv1 BRL tests 
Abstract the server requirements to pass some BRL tests.

* The new default for >64bit lock tests, is that the server should
  return STATUS_INVALID_LOCK_RANGE.
* Add parameter for targets that don't implement DENY_DOS
 2009-12-02 17:28:51 -08:00
Günther Deschner
450211b610 s4-smbtorture: be very strict in checking spools_EnumPrinterKey results. 
Guenther
 2009-12-03 01:04:02 +01:00
Andrew Tridgell
8d7a43fed7 s4-drs: fixed UDV and overlapping sync calls in DRS 
When windows abandons a DRS sync, it will sometimes re-use the same bind handle for
a new sync. This means we need to check the DN of the sync and blank the getnc_state
if the DN has changed.

This also fixes the UDV to use the highest uSN for the partition, not for
the whole SAM.
 2009-12-03 10:27:59 +11:00
Andrew Tridgell
b65b88740c s4-drs: fixed updating of uSNChanged in replmd_modify 
Updating of uSNChanged broke in a recent change
 2009-12-03 10:27:59 +11:00
Günther Deschner
5f60855ba2 samba-spoolss: use spoolss_StringArray2 in spoolss_EnumPrinterKey. 
This should finally resolve the endian issues we were seeing on sparc and is
much cleaner for spoolss clients and servers.

Guenther
 2009-12-02 14:56:17 +01:00
Tim Prouty
4e8b6c5992 s4 torture: Change oplock to use passthrough for exclusive3/batch11 
In light of the INVALID_LEVEL that is seen for RAW_SFILEINFO_END_OF_FILE_INFO
requests on a path, I'm changing these back to using the passthrough
RAW_SFILEINFO_END_OF_FILE_INFORMATION to test the oplock break behavior as
originally intended
 2009-12-01 11:12:51 -08:00
Tim Prouty
5035a90005 s4 torture: Update RAW-SFILEINFO-END-OF-FILE to test some additional corner cases 
It turns out setting the end-of-file with Trans2SetPathInfo using the
snia spec's info level will attempt to open the file, enforcing share
modes, but then subsequentlys fail the setpathinfo with a dos error of
INVALID_LEVEL.  Doing a Trans2SetFileInfo with either end-of-file info
level succeeds as expected.
 2009-12-01 11:12:51 -08:00
Tim Prouty
5a934fd8da Revert "s4 torture: Allow onefs to be checked like samba3 and samba4" 
This reverts commit 98f595036e.

No longer necessary
 2009-12-01 11:12:51 -08:00
Tim Prouty
66bf780e6e s4 torture: Change RAW-SFILEINFO-END-OF-FILE to check for share modes by default 
Since the windows behavior appears to be a bug, only check for
the windows-style share mode bug if target=<windows variant> is
specified
 2009-12-01 11:12:51 -08:00
Tim Prouty
2738e31674 s4 torture: Move target macros to a common header instead of redefining them in multiple files 2009-12-01 11:12:51 -08:00
Matthias Dieter Wallnöfer
2d1bd87f73 s4:torture/raw/lock - Fix "discard const" warnings by introducing "discard_const_p"s 2009-12-01 16:48:47 +11:00
Matthias Dieter Wallnöfer
262d26d05a s4:torture/nbt/wins - Add more casts 2009-12-01 16:48:38 +11:00
Matthias Dieter Wallnöfer
58a5e764a9 s4:torture/nbench/nbench - Add a cast before "str_list_make_shell" 2009-12-01 16:48:22 +11:00
Matthias Dieter Wallnöfer
8b4499942e s4:torture/ldap/ldap_sort - Add some casts to suppress warnings 2009-12-01 16:48:14 +11:00
Matthias Dieter Wallnöfer
7be99d3735 s4:schema - Make some more (result) variables const and fix up warnings with "discard_const_p" 2009-12-01 16:48:02 +11:00
Endi S. Dewata
9ce7e9ab84 s4:kdc - Merged kdc_tcp_accept() and kpasswdd_tcp_accept(). 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2009-12-01 16:41:02 +11:00
Endi S. Dewata
0c89a6f2aa s4:kdc - Merged kdc_add_kdc_socket() and kdc_add_kpasswd_socket(). 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2009-12-01 16:40:57 +11:00
Endi S. Dewata
bd17df71b5 s4 - Create default modules directory. 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2009-12-01 16:40:52 +11:00
Endi S. Dewata
c93fc3a10a s4:kdc - Disable KDC port when it's set to 0. 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2009-12-01 16:40:44 +11:00
Andrew Bartlett
183ea8220a Merge commit 'origin/master' into abartlet-devel 2009-12-01 16:12:53 +11:00
Andrew Bartlett
d58413d331 On our way to Samba4 alpha10! 2009-12-01 16:06:59 +11:00
Andrew Bartlett
ca2c645156 Fix build of Samba4 from tarball generated by mkrelease.sh 
Revert "Remove RFC's from the release tarballs to make the lives of the Debian"

This reverts commit eda7f35bc8.

These files are essential to the Samba4 build.

Andrew Bartlett
 2009-12-01 14:43:55 +11:00
Andrew Tridgell
83c106e084 s4-ldb: the '1' form of extended_dn search is easier to read 
The '1' form gives GUIDs and SIDs in the ascii form as normally used
for display.
 2009-12-01 12:36:23 +11:00
Andrew Bartlett
5203128130 This is alpha9 2009-12-01 12:27:09 +11:00
Andrew Bartlett
a88f086d96 s4:setup Adjust upgradeprovision blackbox test now we don't have --targetdir 2009-12-01 12:17:56 +11:00
Matthieu Patou
1d0d78ab3d s4: Remove targetdir as it can cause some trouble and can be replaced by an adapted -s smb.conf 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2009-12-01 12:17:52 +11:00
Matthieu Patou
fe1291227f s4: Handle the case in secrets.ldb without name attribute 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2009-12-01 12:17:46 +11:00
Matthieu Patou
4861ad57fb s4: don't forget to update defaultSecurityDescriptor 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2009-12-01 12:17:41 +11:00
Matthieu Patou
bf2c1e9c4f s4: load the domain level of the current provision and create a provision with the same domain level 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2009-12-01 12:17:32 +11:00
Andrew Bartlett
f65360840a s4:ldap.py Add test of namingContext behaviour after tridge found a bug 
Tridge found that the partitions.c module was being initialised twice,
and setting the partitions into the rootDSE twice.

Andrew Bartlett
 2009-12-01 12:17:00 +11:00
Volker Lendecke
6aef5e591f Fix bug 6546: Avoid accessing buf[-1] if NUL byte comes from fgets 2009-11-30 21:48:59 +01:00
Fernando J V da Silva
7399c04fd0 s4-drs: Test situations for runtime constructed parentGUID 
Includes the following verifications for the constructed parentGUID:
- Checks if it returns nothing when there is no parent object
- Ensures that attributes mentioned after the parentGUID
are returned correctly (this avoid a bug pointed out by Tridge
during sync constructed parentGUID development)

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-11-30 21:17:28 +11:00
Fernando J V da Silva
71e29cbf56 s4-drs: Using dsdb_msg_add_guid() utility function 
Uses the dsdb_msg_add_guid() to add any kind of GUID attribute
to a ldb_message in several places of samba4 code.

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-11-30 21:17:27 +11:00
Crístian Deives
1cf48022af s4-drs: add deletion of old connections 
the nTDSConnection objects that are not needed anymore will be deleted.
the function kccsrv_delete_connection wasn't tested yet.

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-11-30 20:22:13 +11:00
Crístian Deives
bed9efa6cd s4-ldb: changed ldb_msg_add_dn() to ldb_msg_add_linearized_dn() 
this makes the usage clearer

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-11-30 20:22:13 +11:00
Crístian Deives
7ca2ceb333 s4-drs: Create connection obejct (nTDSConnection) 
create nTDSConnection objects to match the list of servers

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-11-30 20:22:13 +11:00
Andrew Tridgell
8331b4c4f8 s4-ldb: check for -ve value for page size 
This comes from a tip from Howard Chu. Apparently some clients
will send a -ve page size value.
 2009-11-30 18:15:31 +11:00
Andrew Tridgell
a5e0f433de s4-dsdb: don't call ldb_next_init() twice in objectclass module 2009-11-30 16:49:36 +11:00
Matthias Dieter Wallnöfer
51bedf9395 lib/registry/util.c - Reorder the registry datatypes of the conversion functions 
This is absolutely cosmetic and makes the code easier to comprehend.
 2009-11-29 14:58:41 +01:00
Matthias Dieter Wallnöfer
df1d42fc1b Revert "s4:registry/util - Don't include the trailing '\0' in the internal data format but add it on the back-conversion to a string" 
This reverts commit 7d400715e9.

"convert_string_talloc_convenience" does always add the NULL termination. Didn't
know that. Thanks Jelmer for pointing out!
 2009-11-29 14:51:50 +01:00
Matthias Dieter Wallnöfer
b973c50836 s4:upgrade_from_s3 - Move it back to "setup" 
Suggested by Jelmer
 2009-11-28 19:25:12 +01:00
Matthias Dieter Wallnöfer
f0686645a9 s4:setup/provision - Rework 
- Revert change in "ask" - was previously correct
- Readd accidentally removed checks for non-null realm and domainname
- On interactive mode perform only one "ask" call per question
- Inform the user about the unset administrator password
 2009-11-28 18:59:33 +01:00
Matthias Dieter Wallnöfer
3ca61d9a01 s4:upgrade.py - remove my copyright 
First I wanted to add also other changes but then I didn't introduce them.
Therefore remove my copyright again.
 2009-11-28 18:50:27 +01:00
Matthias Dieter Wallnöfer
68f7b84140 s4:upgrade.py - readd accidentally removed empty lines 
Jelmer pointed out that this is against the PEP8 norm
 2009-11-28 18:29:49 +01:00
Matthias Dieter Wallnöfer
ecfd1dfcbd s4:samba3.py/upgrade.py: Revert 
This reverts commit 2175c0ed06.
This reverts commit 6c3e2417a0.
This reverts commit dbb8989e05.
This reverts commit 82adfa39b7.
This reverts commit f299efa8f0.

After a small discussion with Jelmer we agreed that this isn't the right way
to fix the problem. We should wait for a real patch rather to rely on temporal
hacks.
 2009-11-28 15:34:43 +01:00
Andrew Tridgell
8a34cf6f51 s4-ldb: make it much easier to use common ldb controls 2009-11-28 21:58:04 +11:00
Andrew Tridgell
1287c1d115 s4-drs: cope with bogus empty attributes from w2k8-r2 
w2k8-r2 sometimes sends empty attributes with completely bogus attrid
values in a DRS replication response. This allows us to continue with
the vampire operation despite these broken elements.
 2009-11-28 13:28:34 +11:00
Matthieu Patou
db41a0afc6 s4: fix SD update and password change in upgrade script 
- reserve a new Samba OID for recalculate SD control
- fix the update SD function
- fix handling of kvno in the update_machine_account_password function
- fix handling of handles in RPC winreg server

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-11-28 09:56:06 +11:00
Matthias Dieter Wallnöfer
f7c28db475 s4:WINREG RPC server - add another "talloc_unlink" in "DeleteKey" 
Also here we waste memory - therefore free the pointless handle after the delete.
 2009-11-27 23:23:32 +01:00
Matthias Dieter Wallnöfer
6f7cfb0e10 s4:WINREG RPC server - Reintroduce the free operation on "CloseKey" 
Better use "talloc_unlink" here Since we could have more than one reference.
 2009-11-27 23:23:31 +01:00
Günther Deschner
8f6df5d3ec s4-smbtorture: more and stricter tests for printer and data keys in RPC-SPOOLSS. 
Guenther
 2009-11-27 23:16:21 +01:00
Matthias Dieter Wallnöfer
f749e22cca s4:provision.py - remove hardcoded SIDs and RIDs 
After rework of the SDDL modules this is possible. In future: Never hardcode
them anymore! Always use the abbreviations.
 2009-11-27 22:46:05 +01:00
Matthias Dieter Wallnöfer
207067d1a8 s4:security/sddl - rework of the security descriptor abbreviations 
- Reoder them
- Add some new ones (needed for the security descriptor in the provision script)
 2009-11-27 22:45:43 +01:00
Matthias Dieter Wallnöfer
7d400715e9 s4:registry/util - Don't include the trailing '\0' in the internal data format but add it on the back-conversion to a string 
As far as I know the registry library saves all data (including) strings without
the null termination. So do it also here in a similar way.
 2009-11-27 21:17:59 +01:00
Matthias Dieter Wallnöfer
e79dd2ef7d s4:net utility - add a notice for the "help" operation and format it's output of the command list better 2009-11-27 21:17:59 +01:00
Matthias Dieter Wallnöfer
2175c0ed06 s4:samba3.py - deactivate also the assertion on line 599 2009-11-27 20:03:36 +01:00
Matthias Dieter Wallnöfer
663a1f599a s4:winbind - Fix it another time up 
The first fix attempt did break some configurations (incl. "make test").
This now is the right fix with the right comment.
 2009-11-27 17:45:20 +01:00
Matthias Dieter Wallnöfer
33188999b5 s4:provision.py - cosmetic 2009-11-27 17:39:02 +01:00
Matthias Dieter Wallnöfer
6c3e2417a0 s4:samba3.py (and test) - deactivate the tests until those parameters are fixed 2009-11-27 16:42:11 +01:00
Matthias Dieter Wallnöfer
08b3c396d7 s4:upgrade.py - Umlaut problem 2009-11-27 16:42:11 +01:00
Matthias Dieter Wallnöfer
1af31aed0b s4:tests.sh - Make also here the change from "upgrade" to "upgrade_from_s3" 2009-11-27 16:42:11 +01:00
Matthias Dieter Wallnöfer
0cc45b47dc s4:upgrade.py - rework to make the upgrade s3 -> s4 possible again 
Able to read basic settings "workgroup", "realm", "netbios name" and the
function mode from the s3 "smb.conf" and use them for the provision of s4.
 2009-11-27 16:06:07 +01:00
Matthias Dieter Wallnöfer
bd6c133e50 s4:upgrade_from_s3 - Fix message outputs 
The quiet parameter was interpreted in the reverse manner.
 2009-11-27 15:49:18 +01:00
Matthias Dieter Wallnöfer
dbb8989e05 s4:upgrade.py - the import of WINS databases don't seem to work always 
Disable it for now until the cause has been found
 2009-11-27 15:02:18 +01:00
Matthias Dieter Wallnöfer
70b3161090 s4:samba3.py - ignore comments in "smb.conf" files 2009-11-27 15:00:41 +01:00
Matthias Dieter Wallnöfer
82adfa39b7 s4:samba3.py - don't read those informations out from the TDB 
At the moment those three calls are broken
 2009-11-27 14:59:12 +01:00
Matthias Dieter Wallnöfer
f299efa8f0 s4:samba3.py - support the TDB version 3 2009-11-27 14:58:37 +01:00
Matthias Dieter Wallnöfer
a5d854afbc s4:provision - Fix up the provision of "standalone" and "member" mode 
Both modes weren't possible anymore since 1.) the secrets entry wasn't created,
2.) a lookup in winbindd was done using "lp_workgroup()" rather than
"lp_sam_name()" (since on the mentioned two configurations we use the netbios
name as domainname - and not the workgroup).
 2009-11-27 14:51:14 +01:00
Matthias Dieter Wallnöfer
a7fa3a9703 s4:provision.py - cosmetic output correction 2009-11-27 13:07:52 +01:00
Matthias Dieter Wallnöfer
6b835b0691 s4:setup/provision - make the interactive mode work again 2009-11-27 13:02:31 +01:00
Matthias Dieter Wallnöfer
fd313282a2 s4:upgrade script - rename it to "upgrade_from_s3" and do some rework 
- Give a better name to the script
- Move it to the location where also "upgradeprovision" resides
- Fix up trailing whitespaces and tabs
 2009-11-27 12:26:11 +01:00
Andrew Tridgell
e96f9a40ad s4-install: old systems don't have sed -i 
surprisingly, this failure came from SLES8. I didn't realise that the
-i option was so new!
 2009-11-27 19:58:29 +11:00
Andrew Tridgell
d5240822a5 s4-selftest: s4 passes all the SMB2-LOCK tests now 2009-11-27 19:42:11 +11:00
Andrew Tridgell
9f3ac810a6 s4-torture: fixed error code for s4 in SMB2-LOCK test 
s4 returns NETWORK_NAME_DELETED if you attempt to use an invalid tree connection
for a lock. This test (correctly I think) happens before we validate the file handle.
That implies that when you pass both a closed handle and a invalid tree you
should get NT_STATUS_NETWORK_NAME_DELETED.
 2009-11-27 19:42:11 +11:00
Andrew Tridgell
b3115f5cdc s4-ntvfs: win7 does not check for the NONE smb2 lock flag on unlock 2009-11-27 19:42:10 +11:00
Andrew Tridgell
af087f98ab s4-selftest: s4 passes this test now 2009-11-27 19:42:10 +11:00
Andrew Tridgell
7359a22219 s4-torture: mark s4 as doing valid lock range tests on SMB 2009-11-27 19:42:10 +11:00
Andrew Tridgell
186ea099c5 s4-ntvfs: move valid lock range test from smb2 layer to generic code 
win7 also fails invalid lock ranges on SMB
 2009-11-27 19:42:10 +11:00
Stefan Metzmacher
b62964d6fe s4:smb_server/smb2: don't reset highest_smb2_seqnum on SMB2 Cancel 
metze
 2009-11-27 08:19:46 +01:00
Andrew Tridgell
f6ecb4efb0 s4-torture: fixed expected error codes for s4 in SMB2-LOCK 
I think the error/success codes returned by windows for these tests
are quite bogus. The ones s4 gives are much more reasonable. The
locking ones returning NT_STATUS_SUCCESS could lead to data loss, as
an application thinks it has a file locked correctly when it fact it
doesn't, so it could do an unsafe modify.
 2009-11-27 16:05:06 +11:00
Andrew Tridgell
0920e0b63b s4-drstest: don't use getenv("LDB_URL") in test suites 
I was stumped for a while as to why the drs test suite was failing for
me. It turned out that it looked for LDB_URL in the environment, and
used it if set. I had it set in my terminal, and it was happily
munching on my sam.ldb while testing. Quite a cute bug really :-)
 2009-11-27 16:05:06 +11:00
Andrew Tridgell
d78921d78c s4-pvfs: fixed access check failure in SFILEINFO test 
matching windows behaviour is not always the right thing to do!
 2009-11-27 16:05:06 +11:00
Andrew Tridgell
d5387edb88 s4-ldb: improve detection of whether the server has a GC port 
We were trying to open $SERVER:3268 regardless, which could result in
creating a file called "localdc1:3268", which led to subsequent test
failures
 2009-11-27 16:05:06 +11:00
Andrew Tridgell
7ea485a1d2 s4-ldb: better to test for valid arguments in ldb library than commandline 
We were testing for valid DNs in ldbrename in the command line
tool. This hid a bug in the ldb library where we caught a bad DN in
the objectclass module rather than in the main ldb code. It is better
to do validation of the DNs passed on the command line in the library
code, as this gives us more consistent error handling between the
programming APIs for ldb and the command line.
 2009-11-27 16:05:06 +11:00
Andrew Tridgell
d3d7ca8eea s4-smb2: SMB2 uses NT_STATUS_CANCELLED for cancelled locks 2009-11-27 16:05:06 +11:00
Andrew Tridgell
7c158bdb1d s4-smb2: sequence numbers are not checked in SMB2_OP_CANCEL 2009-11-27 16:05:06 +11:00
Andrew Tridgell
056473d588 torture: fixed SMB2-LOCK valgrind error 2009-11-27 16:05:05 +11:00
Andrew Tridgell
04f235a9eb s4-smb2: check for invalid SMB2 lock ranges 2009-11-27 16:05:05 +11:00
Andrew Tridgell
aa4c516023 s4-smb2: check for an invalid lock flags combination 
UNLOCK with FAIL_IMMEDIATELY is not allowed
 2009-11-27 16:05:05 +11:00
Andrew Tridgell
61a278fd8a s4-install: fixed install path for python scripts 
when we install python scripts we need to fix the internal path used
to find modules. We also need to install the scripts in the right
place. Most of them should go in $SBINDIR not share/setup/
 2009-11-27 16:05:05 +11:00
Andrew Bartlett
8455a76516 s4:upgradeprovision Rework update_machine_account_password() tranactions 
This balances the transaction_begin() and transactin_prepare_commit() calls

Andrew Bartlett
 2009-11-27 16:05:05 +11:00
Andrew Bartlett
e6c1608e90 s4:dsdb Don't segfault with ldb_transaction_prepare_commit() without begin() 
It is up to other modules to complain if
ldb_transaction_prepare_commit() is called before
ldb_transaction_begin_transaction()

Andrew Bartlett
 2009-11-27 16:05:05 +11:00
Andrew Bartlett
731f560ecb s4:upgradeprovision add 'exit $failed' to blackbox test 2009-11-27 16:05:05 +11:00
Andrew Bartlett
d1faf7c90c s4:upgradeprovision Use mkdtemp to create unique tempoary directory names 2009-11-27 16:05:05 +11:00
Andrew Bartlett
6f0f82f7ed s4:selftest Add tests for upgradeprovision 2009-11-27 16:05:05 +11:00
Andrew Bartlett
b9f95882f0 s4:upgradeprovision Rework script, and reset machine account pw 
The rework corrects some duplication and errors in the original
script, found when preparing an automated test of the script.

The code to reset the machine account password avoids issues with AES
keys and salting, which may not otherwise be solved by the upgrade.

Andrew Bartlett
 2009-11-27 16:05:04 +11:00
Andrew Bartlett
2fd831407d s4:ldb Provide bindings for ldb_transaction_prepare_commit() 2009-11-27 16:05:04 +11:00
Andrew Bartlett
09338e60bc s4:provision Make setting the domain SID in the self join optional 2009-11-27 16:05:04 +11:00
Matthieu Patou
44bc8ac22c s4: Improve updateprovision 
* Define a simple upgrade process mode (module storage change, file name change, copy of new file)
  * Move the schema, configuration and current object upgrade into full upgrade mode
  * Added the --full switch to select the full upgrade mode, and made simple upgrade mode the default
  * Make updateprovision works without any switch (update the provision in the default location)
  * Cleanup the messages
  * Create the reference provision in a subdirectory of the updated provision
 2009-11-27 16:05:04 +11:00
Matthieu Patou
b25a42d907 s4: Rename the script 2009-11-27 16:05:03 +11:00
Stefan Metzmacher
49553d066b librpc: rerun "make idl" 
metze
 2009-11-26 11:47:42 +01:00
Matthias Dieter Wallnöfer
97553373d1 s4:ldap.py - add a test for the enhanced operational attributes check 
(Deny creation of entries with operational attributes specified)
 2009-11-26 11:21:02 +01:00
Matthias Dieter Wallnöfer
b6efbd5b4c s4:objectclass LDB module - Prevent write operations on constructed attributes 2009-11-26 11:21:01 +01:00
Matthias Dieter Wallnöfer
393b83979d s4:operational LDB module - Don't do the write checks here 
Let this perform the schema in the "objectclass" module.
 2009-11-26 11:21:01 +01:00
Günther Deschner
60419a0eb7 s4-smbtorture: refactor RPC-SAMR-LARGE-DC test a little more. 
Guenther
 2009-11-26 01:45:35 +01:00