Jeremy Allison [Fri, 25 Jun 2010 19:02:08 +0000 (12:02 -0700)]
Change talloc_autofree_context() to frame in Andrew's schannel.tdb TDB_CLEAR_IF_FIRST
changes. Using talloc_autofree_context() has undesirable effects when forked
subprocesses exit.
Jeremy.
Andrew Bartlett [Wed, 23 Jun 2010 00:37:13 +0000 (10:37 +1000)]
schannel Change to TDB_CLEAR_IF_FIRST to reduce fsync()
By making this DB TDB_NOSYNC, and by making that safe with
TDB_CLEAR_IF_FIRST, we greatly reduce the fsync() load on the server.
This particularly helps the source4/ 'make test', which otherwise tries
to disable fsync() in ldb.
Andrew Bartlett
Signed-off-by: Jeremy Allison <jra@samba.org>
Andrew Bartlett [Wed, 23 Jun 2010 00:36:32 +0000 (10:36 +1000)]
s3:schannel Open the schannel_state.tdb at startup
This will allow future TDB_CLEAR_IF_FIRST behaviour
Signed-off-by: Jeremy Allison <jra@samba.org>
Andrew Bartlett [Wed, 23 Jun 2010 00:33:15 +0000 (10:33 +1000)]
s4:schannel Open the schannel_store.tdb at startup
This will allow TDB_CLEAR_IF_FIRST behaviour in future
Signed-off-by: Jeremy Allison <jra@samba.org>
Andrew Bartlett [Wed, 23 Jun 2010 00:31:50 +0000 (10:31 +1000)]
libcli/auth make open_schannel_session_store() public
This will allow TDB_CLEAR_IF_FIRST to be used
Signed-off-by: Jeremy Allison <jra@samba.org>
Michael Adam [Fri, 25 Jun 2010 16:13:06 +0000 (18:13 +0200)]
s3:registry: use regdb_store_regdb_version() in regdb_init().
Michael Adam [Fri, 25 Jun 2010 16:12:28 +0000 (18:12 +0200)]
s3:registry: use regdb_store_regdb_version() in regdb_upgrade_v1_to_v2()
Michael Adam [Fri, 25 Jun 2010 16:11:35 +0000 (18:11 +0200)]
s3:registry: add a function regdb_store_regdb_version()
Michael Adam [Fri, 25 Jun 2010 16:04:52 +0000 (18:04 +0200)]
s3:registry: rename regdb_upgrade_to_version_2() -> regdb_upgrade_v1_to_v2()
Michael Adam [Fri, 25 Jun 2010 15:26:34 +0000 (17:26 +0200)]
s3:net [rpc] registry: be as user-friendly as possible wrt to the normalization change
The registry has been changed to use '\' as a key delimiter instead of '/'.
Originally, one could mix both characters in the specification of registry
key for net [rpc] registry. Now this can not work any more, since '/' is
generally treated as a valid character of a key name.
Now, to be as user-friendly as possible, the net [rpc] registry code has
been changed to still support '/' as a key name delimiter if no '\' character
is found in the given registry path string. In that case, all '/' characters
are converted to '\' characters before proceeding. If on the other hand,
a '\' character is found in the path string, then no conversion is assumed,
and it is hence assumed that the path is already in the correct form and
'/' characters are supposed to be part of the key names.
Michael Adam [Fri, 25 Jun 2010 12:34:04 +0000 (14:34 +0200)]
s3:registry: improve logic of upgrade code in regdb_init()
Don't overwrite unknown versions (0 or > 2) of the registry.
Michael Adam [Fri, 25 Jun 2010 10:32:22 +0000 (12:32 +0200)]
s3:registry: fix some debug messages in regdb_ini()
Andreas Schneider [Thu, 24 Jun 2010 14:33:37 +0000 (16:33 +0200)]
s3-registry: Convert registry key delimiter from slash to backslash.
This is needed to support keynames containing a '/' like TCP/IP. Which
is used in serveral standard paths.
Signed-off-by: Michael Adam <obnox@samba.org>
Andreas Schneider [Thu, 24 Jun 2010 13:26:04 +0000 (15:26 +0200)]
s3-registry: Added a db upgrade function to normalize the key delimiter.
This converts the key delimiter from a slash to a blackslash. We need to
support keynames with a backslash.
Signed-off-by: Michael Adam <obnox@samba.org>
Volker Lendecke [Fri, 25 Jun 2010 15:06:00 +0000 (17:06 +0200)]
s3: In make_server_info_info3, check the result of copy_netr_SamInfo3
Volker Lendecke [Fri, 25 Jun 2010 14:56:38 +0000 (16:56 +0200)]
s3: In copy_netr_SamInfo3 copy all of the sids array
Volker Lendecke [Fri, 25 Jun 2010 09:47:30 +0000 (11:47 +0200)]
s3: Fix a winbind crash
nss_get_info_cached might deep inside sequence_number() invalidate the
ads_struct without telling its callers.
Volker Lendecke [Tue, 22 Jun 2010 13:59:44 +0000 (15:59 +0200)]
s3: Fix a winbind crash
nss_get_info_cached might have invalidated "ads" deep inside.
Matthieu Patou [Mon, 21 Jun 2010 20:58:48 +0000 (00:58 +0400)]
s4 python: Add unit tests related to PyLong/PyInt handling
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Matthieu Patou [Tue, 22 Jun 2010 15:57:22 +0000 (19:57 +0400)]
ldb: Fix a wrong changetype in unit test
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Matthieu Patou [Mon, 21 Jun 2010 06:48:58 +0000 (10:48 +0400)]
pidl: Finish to fix the python generated code for 64bit integers
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Jelmer Vernooij [Fri, 25 Jun 2010 00:40:37 +0000 (02:40 +0200)]
smbtorture: Fix loading of --load-list.
Jelmer Vernooij [Fri, 25 Jun 2010 00:35:29 +0000 (02:35 +0200)]
selftest: Clarify generation of idlist option.
Matthias Dieter Wallnöfer [Thu, 24 Jun 2010 14:06:11 +0000 (16:06 +0200)]
s4:lib/registry/ldb.c - cosmetic - fix comment
Matthias Dieter Wallnöfer [Thu, 24 Jun 2010 14:05:31 +0000 (16:05 +0200)]
s4:lib/registry/ldb.c - cosmetic - wrap lines
Michael Wood [Fri, 25 Jun 2010 06:46:13 +0000 (08:46 +0200)]
s4 upgradeprovision: Try to support older Pythons.
Use "...".split(sep, 1) instead of "...".partition(sep).
Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org>
Kamen Mazdrashki [Fri, 25 Jun 2010 01:34:42 +0000 (04:34 +0300)]
s4/drs: DsReplicaSync should search partition to Sync
by any valid DSName attribute given, be it - partition DN,
partition GUID or partition SID
Kamen Mazdrashki [Fri, 25 Jun 2010 01:31:41 +0000 (04:31 +0300)]
s4/utils: fix few 'net drs replicate' error messages
mainly for the output to be more informative
Kamen Mazdrashki [Fri, 25 Jun 2010 01:30:21 +0000 (04:30 +0300)]
s4/drs-test: Tests Deleted objects replication
Tests how deleted objects are replicated between two DCs.
Currently the test exploits following vulnerabilities:
- DsReplicaSync is not correctly implemented
- a 'deleted object' is restored (kind of) in case DC1 replicates
from DC2 before the 'deleted object' is replicated
Jelmer Vernooij [Thu, 24 Jun 2010 23:21:14 +0000 (01:21 +0200)]
selftest: Store the output of the last test run in st/subunit.
If a testrepository repository is present, add the test output when it
has completed.
Jelmer Vernooij [Thu, 24 Jun 2010 22:16:18 +0000 (00:16 +0200)]
pidl/python: Make sure to always increment reference counter when using
Py_None.
Jelmer Vernooij [Thu, 24 Jun 2010 21:17:51 +0000 (23:17 +0200)]
pidl/python: Increment reference counter on Py_None to prevent us from
accidentally deallocating it.
Aravind Srinivasan [Tue, 22 Jun 2010 17:42:20 +0000 (10:42 -0700)]
s4 torture: Warn on NOT_IMPLEMENTED in addition to NOT_SUPPORTED for RAW-QFILEINFO
Signed-off-by: Tim Prouty <tprouty@samba.org>
Michael Adam [Thu, 24 Jun 2010 13:32:46 +0000 (15:32 +0200)]
s3:registry: remove unused function normalize_dbkey()
Michael Adam [Thu, 24 Jun 2010 13:31:06 +0000 (15:31 +0200)]
s3:registry: use normalize_reg_path() in regdb_set_secdesc()
instead of normalize_dbkey
Michael Adam [Thu, 24 Jun 2010 13:30:31 +0000 (15:30 +0200)]
s3:registry: use normalize_reg_path() in regdb_get_secdesc()
instead of normalize_dbkey.
Matthias Dieter Wallnöfer [Thu, 24 Jun 2010 13:11:25 +0000 (15:11 +0200)]
Revert "s4:provision.ldif - fix the number of available RIDs"
This reverts commit
41cdcd54b7b7e3fb70fdb220e74a1daf30e1891a.
As per request of metze revert this (cause written on the mailing list).
Matthias Dieter Wallnöfer [Thu, 24 Jun 2010 09:05:41 +0000 (11:05 +0200)]
s4:auth/gensec/gensec_gssapi.c - reorder constructor
To have the same order as in the structure definition.
Andrew Tridgell [Thu, 24 Jun 2010 06:03:02 +0000 (16:03 +1000)]
s4-ldb: use CHECK_XSLTPROC_MANPAGES()
Andrew Tridgell [Thu, 24 Jun 2010 06:02:43 +0000 (16:02 +1000)]
build: check if the manpages stylesheet is available locally
this avoids trying to fetch the stylesheet from the internet. If we
can't process the stylesheet with --nonet at configure time then don't
build manpages.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Thu, 24 Jun 2010 04:33:58 +0000 (14:33 +1000)]
s4-python: python is not always in /usr/bin
Using "#!/usr/bin/env python" is more portable. It still isn't ideal
though, as we should really use the python path found at configure
time. We do that in many places already, but some don't.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Matthias Dieter Wallnöfer [Thu, 24 Jun 2010 07:35:58 +0000 (09:35 +0200)]
s4:provision.ldif - fix the number of available RIDs
There should be
4611686014132422209 and not
4611686014132422109.
Matthias Dieter Wallnöfer [Thu, 24 Jun 2010 07:23:32 +0000 (09:23 +0200)]
s4:provision.ldif - this Win2003 revision level seems always to be "9" on Windows Server 2008 machines
Matthias Dieter Wallnöfer [Thu, 24 Jun 2010 07:14:24 +0000 (09:14 +0200)]
s4:provision_users.ldif - change a group description to be correct
Matthias Dieter Wallnöfer [Thu, 24 Jun 2010 07:06:49 +0000 (09:06 +0200)]
s4:upgradeprovision - fix include order for "ldb"
Patch originally posted on the list by Matthieu Patou.
Endi S. Dewata [Wed, 23 Jun 2010 12:26:25 +0000 (07:26 -0500)]
s4/ldb: ldb_msg_el_map_remote() should rename the remote attribute names into local names as defined in simple_ldap_map.c.
Matthias Dieter Wallnöfer [Sun, 7 Mar 2010 20:13:27 +0000 (21:13 +0100)]
s4:setup/provision.reg - raise version to Windows Server 2008 R2
Matthias Dieter Wallnöfer [Wed, 23 Jun 2010 15:30:10 +0000 (17:30 +0200)]
s4:libnet_join.c - always use LDB constants
Jeremy Allison [Wed, 23 Jun 2010 20:25:15 +0000 (13:25 -0700)]
Add parse_setjob_command() to make setting job state easier for users.
Jeremy.
Günther Deschner [Wed, 23 Jun 2010 13:00:06 +0000 (15:00 +0200)]
s4-smbtorture: test more valid key names in RPC-WINREG.
Guenther
Günther Deschner [Wed, 23 Jun 2010 12:59:27 +0000 (14:59 +0200)]
s4-smbtorture: more work on test values WINREG test.
Guenther
Lukasz Zalewski [Wed, 23 Jun 2010 09:05:50 +0000 (10:05 +0100)]
Fix to undo nasty hack for for grouptype conversion
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Jelmer Vernooij [Wed, 23 Jun 2010 08:09:02 +0000 (10:09 +0200)]
Per Andrews request, revert
"heimdal/waf: Initial work on making it possible to use the system"
as the hdb_check_s4u2self function handling is incorrect.
This reverts commit
b099631f428d0ecc641d59bd3c94674e6348dde9.
Günther Deschner [Wed, 23 Jun 2010 10:09:35 +0000 (12:09 +0200)]
s4-smbtorture: add test for different winreg SetValue value names.
Guenther
Andrew Bartlett [Wed, 23 Jun 2010 03:50:55 +0000 (13:50 +1000)]
s4:selftest Fix up netbios names for rpc_echo test
Andrew Bartlett [Wed, 23 Jun 2010 00:24:14 +0000 (10:24 +1000)]
s4:selftest For the moment the server role '2008_R2' is case sensitive
Andrew Bartlett [Tue, 22 Jun 2010 23:53:20 +0000 (09:53 +1000)]
s4:selftest Change netbios aliases to shorter names.
This makes the netbios names more sensible, and the aliases shorter.
(the name localfl2008rc2dc7 was too long...)
Andrew Bartlett
Andrew Bartlett [Mon, 21 Jun 2010 12:17:40 +0000 (22:17 +1000)]
s4:selftest Add 2003 and 2008R2 test environments and tests
These tests were chosen particularly because they are known to test things
that vary across the functional levels.
Andrew Bartlett
Andrew Bartlett [Mon, 21 Jun 2010 11:41:49 +0000 (21:41 +1000)]
s4:net Remove warnings for 2000 native mode and Samba4.
We now support 2000 native mode, and so we just need to warn about mixed mode.
Andrew Bartlett
Andrew Bartlett [Mon, 21 Jun 2010 11:40:15 +0000 (21:40 +1000)]
s4:provision Raise default max functional level to 2008R2
We don't support many of the extra features, but that applies across many
other parts of AD. Allow the admin to join a 2008R2 domain if he or she wants.
This also makes it possible to test 2008R2 domain code in 'make test'
Andrew Bartlett
Andrew Bartlett [Mon, 21 Jun 2010 13:18:53 +0000 (23:18 +1000)]
s4:provision Remove am_rodc from Schema
The SamDB created in the schema code isn't real enough to care if it's an
rodc or not.
Andrew Bartlett [Mon, 21 Jun 2010 11:20:27 +0000 (21:20 +1000)]
s4:libnet When joining a domain, update msDS-SupportedEncryptionTypes
We need this for our DC to have clients use AES keys to us
Andrew Bartlett [Mon, 21 Jun 2010 10:19:02 +0000 (20:19 +1000)]
libds:common Remove DS_DC_* domain functionality flags
These are just a subset of the DS_DOMAIN_ functionality flags, are compared and often confused with each other. Just make them one set.
Andrew Bartlett
Andrew Bartlett [Sun, 13 Jun 2010 03:19:23 +0000 (13:19 +1000)]
s4:kdc Use msDS-SupportedEncTypes in our KDC
We need to honour this, otherwise we will send AES-encrypted tickets
to unprepared Kerberos targets.
Andrew Bartlett
Andreas Schneider [Wed, 23 Jun 2010 08:59:55 +0000 (10:59 +0200)]
doc: Remove the documentation of the sequence command of wbinfo.
The command is deprecated, see --online-status.
Andreas Schneider [Wed, 23 Jun 2010 08:58:37 +0000 (10:58 +0200)]
wbinfo: Document the deprecated sequence option correctly.
I didn't find a way in popt to hide it.
Günther Deschner [Wed, 23 Jun 2010 08:47:01 +0000 (10:47 +0200)]
s4-smbtorture: Fix test_SetPrinterDataEx_keys and test_SetPrinterDataEx_values.
We want to continue, not to skip here.
Guenther
Matthias Dieter Wallnöfer [Wed, 23 Jun 2010 07:53:23 +0000 (09:53 +0200)]
s4:operational LDB module - fix a misleading comment
Matthias Dieter Wallnöfer [Mon, 21 Jun 2010 20:19:21 +0000 (22:19 +0200)]
s4:samr RPC server - make use of LDB constants in macros
Matthias Dieter Wallnöfer [Mon, 21 Jun 2010 17:40:50 +0000 (19:40 +0200)]
s4:password_hash LDB module - fix another problem regarding the lanman hash
When a user only provides only the lanman hash (and nothing else) and the
lanman authentication is deactivated then we end in an account with no
password attribute at all! Lock this down.
Jeremy Allison [Tue, 22 Jun 2010 19:19:05 +0000 (12:19 -0700)]
Fix bug 7528 - Solaris with NIS autohome.
Ensure entries containing "\n" are stripped.
Jeremy.
Günther Deschner [Tue, 22 Jun 2010 13:45:45 +0000 (15:45 +0200)]
s4-smbtorture: add "printerdata_values" test to RPC-SPOOLSS-PRINTER.
Guenther
Günther Deschner [Tue, 22 Jun 2010 13:25:01 +0000 (15:25 +0200)]
s4-smbtorture: also test keynames with '/' in it in SetPrinterDataEx keyname tests.
Guenther
Günther Deschner [Tue, 22 Jun 2010 13:22:03 +0000 (15:22 +0200)]
s4-smbtorture: activate all keys in SetPrinterData keys test.
(just skip some of them still against s3).
Guenther
Günther Deschner [Tue, 22 Jun 2010 12:55:20 +0000 (14:55 +0200)]
s4-smbtorture: split out a "printerdata_keys" test for RPC-SPOOLSS-PRINTER.
This separates key and value tests for SetPrinterDataEx and GetPrinterDataEx
(and also speeds up the whole testsuite).
Guenther
Stefan Metzmacher [Mon, 31 May 2010 08:02:38 +0000 (10:02 +0200)]
testprogs/win32: add prepare_dcpromo tool
This tool can set the DOMAIN-SID and nextRid counter in
the local SAM on windows servers (tested with w2k8r2)
dcpromo will use this values for the ad domain it creates.
This might be useful for upgrades from a Samba3 domain.
metze
Kamen Mazdrashki [Tue, 22 Jun 2010 01:42:15 +0000 (04:42 +0300)]
s4/dsdb-test: fix usage comment
Kamen Mazdrashki [Tue, 22 Jun 2010 01:41:49 +0000 (04:41 +0300)]
s4/test: fix DC password in selftest-vars.sh
Aravind Srinivasan [Thu, 21 Jan 2010 18:18:03 +0000 (18:18 +0000)]
s4 torture: RAW-SFILEINFO display warning instead of error on unsupported info level
Also add a test to make sure setting the directory attribute is
disallowed.
Signed-off-by: Tim Prouty <tprouty@samba.org>
James Peach [Mon, 21 Jun 2010 21:11:58 +0000 (14:11 -0700)]
smbtorture: Fix missing includes.
Matthieu Patou [Mon, 21 Jun 2010 07:24:18 +0000 (11:24 +0400)]
s4 upgradeprovision: fix the logging stuff so that it actually log
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Volker Lendecke [Mon, 21 Jun 2010 20:20:10 +0000 (22:20 +0200)]
s3: Fix some valgrind errors
With -d 10, there were a ton of uninitialized variables: The "NegotiateFlags"
in the automatically parsed ntlmssp structures were not initialized.
This also cleans up the talloc use a bit: do early TALLOC_FREE()
Günther, please check!
Thanks,
Volker
James Peach [Mon, 21 Jun 2010 18:09:45 +0000 (11:09 -0700)]
smbtorture: Fixx off-by-one command line parsing.
If we are not in shell mode we require both the target and test name
arguments. Make sure we process these from the correct index.
James Peach [Tue, 23 Mar 2010 04:55:49 +0000 (21:55 -0700)]
smbtorture: Add "target" command to interactive shell.
Add a "target" command to set the target server to test. Refactor
the command line argument processing a little so that you can run
--shell without any additional arguments.
James Peach [Mon, 22 Mar 2010 05:04:37 +0000 (22:04 -0700)]
smbtorture: Enhance shell "help" command.
Sort the command list alphabetically. Let the help command print
usage info for other commands.
James Peach [Mon, 22 Mar 2010 04:56:05 +0000 (21:56 -0700)]
smbtorture: Add "auth" command to the shell.
Add a new "auth" command to set the cmdline credentials from withing
the smbtorture shell.
James Peach [Sat, 20 Mar 2010 05:04:08 +0000 (22:04 -0700)]
smbtorture: Refactor interactive shell into independent commands.
Refactor the smbtorture interactive shell into a set of independent
command callbacks to make it easier to add more independent commands.
James Peach [Sat, 20 Mar 2010 04:24:15 +0000 (21:24 -0700)]
smbtorture: Move interactive shell into a separate file.
James Peach [Fri, 19 Mar 2010 04:59:35 +0000 (21:59 -0700)]
smbtorture: Print global options for interactive "list" command.
James Peach [Fri, 19 Mar 2010 04:25:17 +0000 (21:25 -0700)]
smbtorture: Add history support to shell mode.
James Peach [Fri, 19 Mar 2010 04:14:47 +0000 (21:14 -0700)]
smbtorture: Add list command to smbtorture shell.
Volker Lendecke [Mon, 29 Mar 2010 14:13:14 +0000 (16:13 +0200)]
s3-winbind: Make KRB5_EVENT_REFRESH_TIME a function
Stefan Metzmacher [Mon, 21 Jun 2010 14:20:25 +0000 (16:20 +0200)]
libcli/named_pipe_auth: fix error handling in _tstream_npa_connect_recv()
metze
Stefan Metzmacher [Mon, 21 Jun 2010 14:13:14 +0000 (16:13 +0200)]
libcli/named_pipe_auth: fix memory handling for temporary data
In a tevent_req based function tevent_req_create() should be the first
function! If it fails it's the only reason, why the function
could every return NULL.
And all temporary data belongs to 'state' and gets free'ed by
tevent_req_received() in the _recv function.
metze
Volker Lendecke [Mon, 21 Jun 2010 06:47:38 +0000 (08:47 +0200)]
tldap: Fix a type-punned warning
Volker Lendecke [Mon, 21 Jun 2010 06:42:58 +0000 (08:42 +0200)]
tsocket: Fix some type-punned warnings
Volker Lendecke [Mon, 21 Jun 2010 06:41:56 +0000 (08:41 +0200)]
s3: Fix some enum/int mixup warnings
Volker Lendecke [Mon, 21 Jun 2010 06:39:54 +0000 (08:39 +0200)]
s3: Remove an unreachable line of code
Volker Lendecke [Mon, 21 Jun 2010 06:38:51 +0000 (08:38 +0200)]
s3: Fix a type-punned warning
Michael Adam [Mon, 21 Jun 2010 10:32:57 +0000 (12:32 +0200)]
s3:net rpc registry: make getsd succeed when key sd only gives access to SD not key contents
You don't need the REG_KEY_READ permissions to access the SD of a key.
And for instance, the key HKLM\security ususally has no specific bits
set for builtin\administrators, but the READ_CONTROL_ACCESS.
I.e. builtin\administrators can get the sd but not enumerate the key.