Anatoliy Atanasov [Mon, 20 Sep 2010 03:33:50 +0000 (20:33 -0700)]
fix KnowsOfRoles test a part of dcdiag test suite
Anatoliy Atanasov [Mon, 20 Sep 2010 03:33:00 +0000 (20:33 -0700)]
s4/fsmo: Separate the code for retrieving fsmo dn and role owner
This call will be needed for DsCrackNames list_roles call
Anatoliy Atanasov [Mon, 20 Sep 2010 03:30:56 +0000 (20:30 -0700)]
s4/drsuapi: added the rest of the formatOffered value definitions from the docs
Ref: [MS-DRSR] 4.1.4.1.2
Andrew Tridgell [Sun, 19 Sep 2010 19:31:58 +0000 (12:31 -0700)]
s4-libnet: use the right domain name in libnet_lookup
Anatoliy Atanasov [Sun, 19 Sep 2010 15:29:33 +0000 (08:29 -0700)]
s4/getnc: Added test to verify access rights during the GetNCChanges call
Anatoliy Atanasov [Sun, 19 Sep 2010 17:48:31 +0000 (10:48 -0700)]
s4/fsmo: Naming master support added
Test suite for fsmo is extended with a test case for naming master too.
Günther Deschner [Tue, 14 Sep 2010 15:27:55 +0000 (17:27 +0200)]
s4-smbtorture: add LOCAL-NDR-NTLMSSP.
Guenther
Andrew Tridgell [Sun, 19 Sep 2010 03:57:26 +0000 (20:57 -0700)]
s4-rodc: added RODC DNS update support to samba_dnsupdate
for DNS updates that have a netlogon equivalent, send via netlogon
Andrew Tridgell [Sun, 19 Sep 2010 03:22:44 +0000 (20:22 -0700)]
s4-finddcs: added some debug messages on failure
Andrew Tridgell [Sun, 19 Sep 2010 03:22:23 +0000 (20:22 -0700)]
s4-pydsdb: added am_rodc() method on samdb
Andrew Tridgell [Sun, 19 Sep 2010 02:28:05 +0000 (19:28 -0700)]
s4-pydsdb: don't force am_rodc unless it is set by caller
we should normally get the rodc flag by looking at the database, not
by forcing it in the database connect
Jelmer Vernooij [Sun, 19 Sep 2010 17:42:29 +0000 (10:42 -0700)]
pytdb: Make filename argument optional.
Kirill Smelkov [Sun, 19 Sep 2010 09:53:29 +0000 (13:53 +0400)]
pytdb: Add support for tdb_freelist_size()
Cc: 597386@bugs.debian.org
Signed-off-by: Kirill Smelkov <kirr@landau.phys.spbu.ru>
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Kirill Smelkov [Sun, 19 Sep 2010 09:53:32 +0000 (13:53 +0400)]
pytdb: Add support for tdb_transaction_prepare_commit()
Cc: 597386@bugs.debian.org
Signed-off-by: Kirill Smelkov <kirr@landau.phys.spbu.ru>
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Kirill Smelkov [Sun, 19 Sep 2010 16:34:33 +0000 (09:34 -0700)]
pytdb: Add support for tdb_enable_seqnum, tdb_get_seqnum and tdb_increment_seqnum_nonblock
Cc: 597386@bugs.debian.org
Signed-off-by: Kirill Smelkov <kirr@landau.phys.spbu.ru>
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Kirill Smelkov [Sun, 19 Sep 2010 09:53:19 +0000 (13:53 +0400)]
pytdb: Update open flags to match those for tdb_open() in tdb.h
Namely TDB_NOSYNC, TDB_SEQNUM, TDB_VOLATILE, TDB_ALLOW_NESTING and
TDB_DISALLOW_NESTING were missing.
Cc: 597386@bugs.debian.org
Signed-off-by: Kirill Smelkov <kirr@mns.spb.ru>
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Kirill Smelkov [Sun, 19 Sep 2010 09:53:21 +0000 (13:53 +0400)]
pytdb: Fix repr segfault for internal db
The problem was tdb->name is NULL for TDB_INTERNAL databases, and
so it was crashing ...
#0 0xb76944f3 in strlen () from /lib/i686/cmov/libc.so.6
#1 0x0809862b in PyString_FromFormatV (format=0xb72b6a26 "Tdb('%s')", vargs=0xbfc26a94 "")
at ../Objects/stringobject.c:211
#2 0x08098888 in PyString_FromFormat (format=0xb72b6a26 "Tdb('%s')") at ../Objects/stringobject.c:358
#3 0xb72b65f2 in tdb_object_repr (self=0xb759e060) at ./pytdb.c:439
Cc: 597089@bugs.debian.org
Signed-off-by: Kirill Smelkov <kirr@mns.spb.ru>
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Kirill Smelkov [Sun, 19 Sep 2010 09:53:20 +0000 (13:53 +0400)]
pytdb: Add support for tdb_add_flags() & tdb_remove_flags()
Note, unlike tdb_open where flags is `int', tdb_{add,remove}_flags want
flags as `unsigned', so instead of "i" I used "I" in PyArg_ParseTuple.
Cc: 597386@bugs.debian.org
Signed-off-by: Kirill Smelkov <kirr@mns.spb.ru>
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Stefan Metzmacher [Sat, 18 Sep 2010 16:45:41 +0000 (18:45 +0200)]
waf: add a '+' to the git hash if the working tree isn't clean
metze
Stefan Metzmacher [Sun, 19 Sep 2010 05:26:54 +0000 (07:26 +0200)]
waf: fix typos in GIT_COMMIT_* strings
metze
Günther Deschner [Fri, 17 Sep 2010 11:17:12 +0000 (13:17 +0200)]
s3-rpcclient: add some winreg commands.
Guenther
Günther Deschner [Fri, 17 Sep 2010 11:16:26 +0000 (13:16 +0200)]
s3-nltest: add dsregdns command to nltest.
Guenther
Günther Deschner [Fri, 17 Sep 2010 11:15:35 +0000 (13:15 +0200)]
s3-libnetapi: support NETLOGON_CONTROL_FORCE_DNS_REG in I_NetLogonControl().
Guenther
Günther Deschner [Fri, 17 Sep 2010 11:14:50 +0000 (13:14 +0200)]
libnetapi: deal with NULL data in I_NetLogonControl2().
Guenther
Volker Lendecke [Sat, 18 Sep 2010 07:31:32 +0000 (09:31 +0200)]
s3: Add a missing prototype
Volker Lendecke [Sat, 18 Sep 2010 14:37:04 +0000 (07:37 -0700)]
s3: Fix bug 7688, rpcclient command line completion crashing
We've grown more than 100 rpcclient commands by now, so this would overwrite
the array of 100 completions. There's nicer ways to fix this problem, but 1000
rpcclient commands should be at least a bit away.
Volker Lendecke [Fri, 17 Sep 2010 19:16:24 +0000 (21:16 +0200)]
s3: Fix some nonempty blank lines
Kamen Mazdrashki [Sat, 18 Sep 2010 12:09:22 +0000 (15:09 +0300)]
s4-drs: Check for schema changes only in case we are *not* applying Schema replica
This fixes the problem when we fail to replicate with
a partner DC that has a newer Schema with attributeSchema
objects with OIDs that we don't have in our local prefixMap.
Kamen Mazdrashki [Fri, 17 Sep 2010 23:28:29 +0000 (02:28 +0300)]
werror: Add W_ERROR_HAVE_NO_MEMORY_AND_FREE() macro
Kamen Mazdrashki [Fri, 17 Sep 2010 21:44:17 +0000 (00:44 +0300)]
s4-ldapcmp: Fix options parsing for common Samba options
And also set 'creds2' to be equal to 'creds' in case
username2 paramater is not supplied on cmd line
Stefan Metzmacher [Tue, 7 Sep 2010 19:24:07 +0000 (21:24 +0200)]
s3:rpc_client: remove unused rpc_pipe_set_hnd_state()
metze
Stefan Metzmacher [Tue, 7 Sep 2010 18:52:58 +0000 (20:52 +0200)]
s3:rpc_client: use rpc_api_pipe_send() for auth3
metze
Stefan Metzmacher [Tue, 7 Sep 2010 18:51:38 +0000 (20:51 +0200)]
s3:rpc_client: rpc_pipe_bind_step_one_done() doesn't need reply_pdu
metze
Stefan Metzmacher [Tue, 7 Sep 2010 18:39:20 +0000 (20:39 +0200)]
s3:rpc_client: allow DCERPC_PKT_AUTH3 via rpc_api_pipe_send/recv
metze
Björn Jacke [Fri, 17 Sep 2010 12:05:53 +0000 (14:05 +0200)]
lib/util: usec_time_diff takes arguments the other way round than TvalDiff did
Björn Jacke [Fri, 17 Sep 2010 11:47:05 +0000 (13:47 +0200)]
s3: fix order of arguments in nsec_time_diff call
Kamen Mazdrashki [Fri, 17 Sep 2010 02:28:36 +0000 (05:28 +0300)]
s4-test: Add unit test for dsdb_schema_info_cmp()
Kamen Mazdrashki [Thu, 16 Sep 2010 23:54:46 +0000 (02:54 +0300)]
s4-schema: Helper func to compare schemaInfo signitures
Kamen Mazdrashki [Thu, 16 Sep 2010 23:48:50 +0000 (02:48 +0300)]
s4-schema: use dsdb_schema_info_blob_is_valid() to verify schemaInfo blob
instead of parsing it.
Kamen Mazdrashki [Thu, 16 Sep 2010 23:45:59 +0000 (02:45 +0300)]
s4-prefixMap: use dsdb_schema_info_blob_is_valid() for schemaInfo blob validation
This fixes a leaking dsdb_schema_info object also.
Kamen Mazdrashki [Thu, 16 Sep 2010 23:37:46 +0000 (02:37 +0300)]
s4-dsdb: Add dsdb_schema_info_blob_is_valid() to verify schemaInfo blobls
Kamen Mazdrashki [Wed, 15 Sep 2010 23:17:34 +0000 (02:17 +0300)]
s4-pyrpc: Print location and type name we got when checking for types
Sumit Bose [Fri, 17 Sep 2010 08:33:08 +0000 (10:33 +0200)]
Fix array size of a memmber of struct cli_ulogoff_state
The too small array makes UID-REGRESSION-FIX fail on 32bit
architectures.
Signed-off-by: Günther Deschner <gd@samba.org>
Andrew Tridgell [Fri, 17 Sep 2010 07:06:29 +0000 (17:06 +1000)]
s4-devel: developer script for adding DNS entries via netlogon RPC
this calls the netlogon DsrUpdateReadOnlyServerDnsRecords call to add
DNS entries for a RODC via RPC calls. The call is routed via a IRPC
call to winbind, as winbind is the one with the schannel credential
chaining setup.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Fri, 17 Sep 2010 07:04:28 +0000 (17:04 +1000)]
s4-pyrpc: allow python to access irpc interfaces
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Fri, 17 Sep 2010 07:03:54 +0000 (17:03 +1000)]
idl: build python interfaces for winbind and idmap IDL
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Fri, 17 Sep 2010 00:11:48 +0000 (10:11 +1000)]
s4-winbind Add a proxy method to update DNS records with a read-write DC
This must be done in winbindd as it already has the schannel connection
and the credential chain. If we re-established that elsewhere, we
would break the chain in winbindd.
Andrew Bartlett
Signed-Off-By: Andrew Tridgell <tridge@samba.org>
Günther Deschner [Fri, 17 Sep 2010 08:06:16 +0000 (10:06 +0200)]
testprogs: skip two tests in spoolss tester.
Guenther
Günther Deschner [Fri, 17 Sep 2010 08:02:13 +0000 (10:02 +0200)]
s4-smbtorture: fix winreg querymultiplevalues NDR test warning.
Guenther
Björn Jacke [Thu, 16 Sep 2010 20:18:45 +0000 (22:18 +0200)]
ѕ3: remove smb_msleep prototype from here
Björn Jacke [Thu, 16 Sep 2010 19:36:00 +0000 (21:36 +0200)]
s3: remove TvalDiff macro, we can use the shared usec_time_diff function
Björn Jacke [Thu, 16 Sep 2010 19:36:37 +0000 (21:36 +0200)]
s3/s4: merge msleep and smb_msleep
the merged variant is renamed to smb_msleep as some platforms already have a
msleep function.
Björn Jacke [Thu, 16 Sep 2010 17:45:43 +0000 (19:45 +0200)]
s3: remove TspecDiff macro, we can use the shared nsec_time_diff function
Björn Jacke [Thu, 16 Sep 2010 17:02:27 +0000 (19:02 +0200)]
s3: use nsec_time_diff instead of TspecDiff
Björn Jacke [Thu, 16 Sep 2010 16:52:45 +0000 (18:52 +0200)]
s3/vfs_scannedonly: use smb_msleep instead of nanosleep
Thanks to Joachim Schmitz. This fixes bug #7478
Volker Lendecke [Thu, 16 Sep 2010 07:31:10 +0000 (09:31 +0200)]
s3: Add the PAC info3 struct to the netsamlogon_cache in ntlm_auth
Volker Lendecke [Thu, 16 Sep 2010 08:34:59 +0000 (10:34 +0200)]
s3: Correctly unwrap the krb ticket in gss-spnego
Volker Lendecke [Thu, 16 Sep 2010 08:22:00 +0000 (10:22 +0200)]
s3: Fall back to raw NTLMSSP for the gss-spnego protocol
This is to handle the mod_auth_ntlm_winbind protocol
sending "Negotiate" to IE, which sends raw NTLMSSP
instead of a SPNEGO wrapped NTLMSSP blob.
Volker Lendecke [Thu, 16 Sep 2010 08:21:20 +0000 (10:21 +0200)]
s3: Split off output generation from manage_squid_ntlmssp_request
Volker Lendecke [Thu, 16 Sep 2010 08:36:21 +0000 (10:36 +0200)]
s3: Wrap the ntlm_auth loop with a talloc_stackframe
Günther Deschner [Thu, 16 Sep 2010 16:41:37 +0000 (18:41 +0200)]
s4-smbtorture: add NDR spoolss_GetPrinterDriver2 in and out check functions.
Guenther
Günther Deschner [Thu, 16 Sep 2010 14:49:54 +0000 (16:49 +0200)]
s4-smbtorture: finally enable most of our NDR_OUT NDR tests that we couldnt handle previously.
Guenther
Günther Deschner [Thu, 16 Sep 2010 14:21:39 +0000 (16:21 +0200)]
s4-smbtorture: add functions to do NDR_OUT ndr_pull validation including NDR_IN context.
Guenther
Günther Deschner [Thu, 16 Sep 2010 14:25:51 +0000 (16:25 +0200)]
s4-smbtorture: fix some indentation in NDR testsuite.
Guenther
Günther Deschner [Thu, 16 Sep 2010 14:22:32 +0000 (16:22 +0200)]
s3-smbtorture: fixup trailing whitespace in ndr testsuite.
Guenther
Günther Deschner [Thu, 16 Sep 2010 12:42:22 +0000 (14:42 +0200)]
s4-smbtorture: add spoolss_GetPrinterDriver2 NDR tests.
Guenther
Günther Deschner [Thu, 16 Sep 2010 12:41:37 +0000 (14:41 +0200)]
s4-smbtorture: mention -v switch for hexdump imports into the NDR testsuites.
Guenther
Günther Deschner [Thu, 16 Sep 2010 12:31:53 +0000 (14:31 +0200)]
s4-smbtorture: activate spoolss_GetPrinterData NDR pull test.
Guenther
Andrew Tridgell [Thu, 16 Sep 2010 11:17:54 +0000 (21:17 +1000)]
s4-winbind: fixed two valgrind errors
- allocate the dc info on the right structure
- zero the number of group members when allocating the winbindd_gr
return
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Thu, 16 Sep 2010 10:12:20 +0000 (20:12 +1000)]
wbclient: gr_mem can be NULL
if the structure was partly created and an error occurred, then don't
crash
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Thu, 16 Sep 2010 10:11:47 +0000 (20:11 +1000)]
wbclient: paranoid check for double free
added while tracking down a crash in the wbinfo blackbox test
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Thu, 16 Sep 2010 10:06:44 +0000 (20:06 +1000)]
tdb: added TDB_NO_FSYNC env variable
this might help reduce test times and load on test machines
Andrew Bartlett [Thu, 16 Sep 2010 07:53:36 +0000 (17:53 +1000)]
torture/raw Allow one more 'not implemented' status return as a valid response
The Samba4 server responds to most ioctl calls with NT_STATUS_NOT_SUPPORTED
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Andrew Bartlett [Thu, 16 Sep 2010 05:47:42 +0000 (15:47 +1000)]
s4-torture assert that we get a temp datagram socket.
I've seen a segfault because we failed to check this isn't NULL
before we use it. This will still of course fail, but not so
spectacularly.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Andrew Bartlett [Thu, 16 Sep 2010 04:37:20 +0000 (14:37 +1000)]
libcli/auth/ntlmssp Be clear about talloc parents for session keys
The previous API was not clear as to who owned the returned session key.
This fixes a valgrind-found use-after-free in the NTLMSSP key derivation code,
and avoids making allocations - we steal and zero instead.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Andrew Tridgell [Thu, 16 Sep 2010 07:20:08 +0000 (17:20 +1000)]
s4-kdc: prevent segfault on bad trust strings
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Thu, 16 Sep 2010 07:05:58 +0000 (17:05 +1000)]
s4-netlogon: added IDL for netr_DsrUpdateReadOnlyServerDnsRecords
this is used by a RODC to do DNS updates, as TSIG updates are not
allowed by RODCs
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Thu, 16 Sep 2010 07:04:53 +0000 (17:04 +1000)]
s4-rpcserver: allow saving of bad RPC packets
use:
dcesrv:stubs directory = .
to save files like this:
RPC-netlogon-48-pullfail.dat
when a RPC packet can't be parsed or is unknown. Only enabled in
developer builds
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Thu, 16 Sep 2010 06:57:21 +0000 (16:57 +1000)]
pidl: prevent ndr_print_*() dying on NULL pointers
when using ndrdump you can get uninitialised structures containing
pointers. Don't segfault when trying to print them
Andreas Schneider [Mon, 30 Aug 2010 11:22:57 +0000 (13:22 +0200)]
idl: Added EPMAPPER_STATUS_CANT_PERFORM_OP.
Signed-off-by: Günther Deschner <gd@samba.org>
Andrew Tridgell [Thu, 16 Sep 2010 04:13:48 +0000 (14:13 +1000)]
s4-dns: use a non-forwardable ticket in samba_dnsupdate
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Thu, 16 Sep 2010 04:13:29 +0000 (14:13 +1000)]
s4-kerberos: obey the credentials setting for forwardable tickets
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Thu, 16 Sep 2010 04:12:57 +0000 (14:12 +1000)]
s4-pycredentials: expose forwardable setting via python
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Thu, 16 Sep 2010 04:12:37 +0000 (14:12 +1000)]
s4-credentials: added ability to control forwardable attribute on krb5 tickets
with the latest bind9 nsupdate, we need to be able to control if the
ticket we use is forwardable
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Thu, 16 Sep 2010 03:02:43 +0000 (13:02 +1000)]
s4-drs: make debugging DsUpdateRefs a bit easier
Andrew Tridgell [Thu, 16 Sep 2010 03:02:23 +0000 (13:02 +1000)]
s4-drs: initial skeleton for DrsReplica{Add,Del,Mod} calls
Andrew Tridgell [Thu, 16 Sep 2010 03:00:20 +0000 (13:00 +1000)]
s4-drs: removed a debug print in repl secret
Andrew Tridgell [Thu, 16 Sep 2010 00:58:03 +0000 (10:58 +1000)]
s4-test: enable valgrind on wbinfo tests
Andrew Tridgell [Wed, 15 Sep 2010 21:38:14 +0000 (07:38 +1000)]
s4-pydrs: fix for python 2.4
thanks to Kamen and David Gonzalez for spotting this
Jelmer Vernooij [Thu, 16 Sep 2010 00:02:14 +0000 (00:02 +0000)]
s3: Add convenience make target buildfarm-test.
Jelmer Vernooij [Thu, 16 Sep 2010 00:01:51 +0000 (00:01 +0000)]
s3-selftest: Move Samba3-specific script to source3/selftest.
Björn Jacke [Wed, 15 Sep 2010 22:57:39 +0000 (00:57 +0200)]
s3/printing: avoid a possible race condition in the cache timeout
Jeremy Allison [Wed, 15 Sep 2010 22:40:15 +0000 (15:40 -0700)]
Fix all sid_parse returns to be checked. Tidy up some checks and error
messages.
Jeremy.
Günther Deschner [Wed, 15 Sep 2010 22:19:51 +0000 (00:19 +0200)]
s3-smbd: prevent call_nt_transact_ioctl() crash in FSCTL_FIND_FILES_BY_SID case.
Jeremy, please check.
Guenther
Günther Deschner [Wed, 15 Sep 2010 21:02:43 +0000 (23:02 +0200)]
s4-smbtorture: try FSCTL_FIND_FILES_BY_SID with random blob data in RAW-IOCTL.
Guenther
Andrew Tridgell [Wed, 15 Sep 2010 10:54:09 +0000 (20:54 +1000)]
s4-repl: if we are an RODC don't set WRIT_REP in replication
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Wed, 15 Sep 2010 10:24:50 +0000 (20:24 +1000)]
s4-repl: add partial attribute set to getncchanges calls for RODCs
when we are a RODC we must supply a partial attribute set in the
getncchanges call
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Wed, 15 Sep 2010 10:23:47 +0000 (20:23 +1000)]
s4-repl: added min_usn to extended replication call
the repl_secret code needs to set it to avoid too many duplicate
attributes
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Wed, 15 Sep 2010 09:00:01 +0000 (19:00 +1000)]
s4-repl: added repl_secret handling
initiate a repl secret extended op when requested
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Wed, 15 Sep 2010 08:59:17 +0000 (18:59 +1000)]
s4-repl: cleanup the extended op calls in repl server
- use generic parameter names
- trigger a run of pending ops on all extended ops
- don't prevent parallel fsmo transfers
- moved extended op code into drepl_extended