samba.git
9 years agos4 unittests: add blackblox test for ktpass
Matthieu Patou [Sun, 11 Jul 2010 20:07:20 +0000 (00:07 +0400)]
s4 unittests: add blackblox test for ktpass

9 years agos4: create a simple version of ktpass
Matthieu Patou [Mon, 28 Jun 2010 17:38:35 +0000 (21:38 +0400)]
s4: create a simple version of ktpass

This script is intended to be a replacement for the ktutil of Windows.
It's use is for exporting keytab that will be used for kerberized
services.

9 years agos3-build: add LIBNDR_XATTR_OBJ.
Günther Deschner [Fri, 16 Jul 2010 21:25:12 +0000 (23:25 +0200)]
s3-build: add LIBNDR_XATTR_OBJ.

Guenther

9 years agoFix bug #7570 - New smb2 max parameters are undocumented.
Jeremy Allison [Fri, 16 Jul 2010 21:39:52 +0000 (14:39 -0700)]
Fix bug #7570 - New smb2 max parameters are undocumented.

Jeremy.

9 years agos3-dcerpc: rename SCHANNEL_SIG_SIZE to NL_AUTH_SIGNATURE_SIZE and move to IDL.
Günther Deschner [Fri, 16 Jul 2010 21:09:54 +0000 (23:09 +0200)]
s3-dcerpc: rename SCHANNEL_SIG_SIZE to NL_AUTH_SIGNATURE_SIZE and move to IDL.

Guenther

9 years agos3-perfcount: make it possible to compile the example perfcount daemon.
Günther Deschner [Fri, 16 Jul 2010 21:00:17 +0000 (23:00 +0200)]
s3-perfcount: make it possible to compile the example perfcount daemon.

Guenther

9 years agos4-smbtorture: run all testcases with bigendian push as well in RPC-BIND.
Günther Deschner [Fri, 16 Jul 2010 20:46:58 +0000 (22:46 +0200)]
s4-smbtorture: run all testcases with bigendian push as well in RPC-BIND.

Guenther

9 years agos4-smbtorture: rearrange testlist in RPC-BIND.
Günther Deschner [Fri, 16 Jul 2010 20:42:11 +0000 (22:42 +0200)]
s4-smbtorture: rearrange testlist in RPC-BIND.

Guenther

9 years agos4-smbtorture: make sure to wipe out dcerpc auth flags before RPC-BIND starts.
Günther Deschner [Fri, 16 Jul 2010 20:41:32 +0000 (22:41 +0200)]
s4-smbtorture: make sure to wipe out dcerpc auth flags before RPC-BIND starts.

Guenther

9 years agos3-dcerpc: Fix ability to receive Big Endian PDUs
Simo Sorce [Fri, 16 Jul 2010 19:15:48 +0000 (15:15 -0400)]
s3-dcerpc: Fix ability to receive Big Endian PDUs

9 years agosmbtorture shell: Allow any config option to be set.
James Peach [Fri, 16 Jul 2010 18:07:31 +0000 (11:07 -0700)]
smbtorture shell: Allow any config option to be set.

Not sure what I was thinking by restricting the shell to "torture:"
parametric options. It's really extemely useful to be able to set
arbitrary options.

9 years agoMake the "map to guest" parameter work correctly with NTLMSSP (spnego
Jeremy Allison [Fri, 16 Jul 2010 18:05:34 +0000 (11:05 -0700)]
Make the "map to guest" parameter work correctly with NTLMSSP (spnego
and raw) under SMB2. Still need to investigate fixing this with krb5
auth (does this make sense ?).

Jeremy.

9 years agos4-loadparm: 2nd half of lp_ to lpcfg_ conversion
Andrew Tridgell [Fri, 16 Jul 2010 04:32:42 +0000 (14:32 +1000)]
s4-loadparm: 2nd half of lp_ to lpcfg_ conversion

this converts all callers that use the Samba4 loadparm lp_ calling
convention to use the lpcfg_ prefix.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
9 years agos4-loadparm: change lp_*() to lpcfg_*() and provide s3 compatibility lp_*()
Andrew Tridgell [Fri, 16 Jul 2010 04:32:10 +0000 (14:32 +1000)]
s4-loadparm: change lp_*() to lpcfg_*() and provide s3 compatibility lp_*()

This patch changes all Samba4 loadparm functions that take a
loadparm_context or a loadparm_service structure to use a lpcfg_*()
prefix. It then creates lp_*() functions which are wrappers around the
lpcfg_*() functions. This should allow us to mix Samba3 and Samba4
code which uses loadparm calls.

This first patch just makes the manual changes to the core loadparm
code. The tree will not build with just this patch. The next patch
replaces all of the callers, and was generated automatically with a
perl script.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
9 years agoWHATSNEW: Start 3.6.0pre1 release notes.
Karolin Seeger [Fri, 16 Jul 2010 08:02:39 +0000 (10:02 +0200)]
WHATSNEW: Start 3.6.0pre1 release notes.

Karolin

9 years agolibcli/netlogon: re-enable debugging.
Günther Deschner [Fri, 16 Jul 2010 00:37:51 +0000 (02:37 +0200)]
libcli/netlogon: re-enable debugging.

Now that we do not share binary objects anymore, we can safely enable
debugging here again.

Guenther

This reverts commit 3eb122069b9f81196ac658375fcb828924af3e94.

9 years agos3-registry: use some prs macros to the only place where they are used.
Günther Deschner [Fri, 16 Jul 2010 00:20:34 +0000 (02:20 +0200)]
s3-registry: use some prs macros to the only place where they are used.

Guenther

9 years agos3-waf: fix the build.
Günther Deschner [Fri, 16 Jul 2010 00:07:51 +0000 (02:07 +0200)]
s3-waf: fix the build.

Guenther

9 years agos3-dcerpc: fix c++ warning.
Günther Deschner [Thu, 15 Jul 2010 23:11:39 +0000 (01:11 +0200)]
s3-dcerpc: fix c++ warning.

Guenther

9 years agoMove the remnants of rpc_parse code under registry/
Simo Sorce [Thu, 15 Jul 2010 21:45:29 +0000 (17:45 -0400)]
Move the remnants of rpc_parse code under registry/

The registry code is the only last user of this code.
Move everything under registry/ and hope someone will get rid od
it completely from there in the future.

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agos3-parse_prs: Remove unuesd functions
Simo Sorce [Thu, 15 Jul 2010 21:27:11 +0000 (17:27 -0400)]
s3-parse_prs: Remove unuesd functions

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agos3-dcerpc: Use a local function to dump pdu regions
Simo Sorce [Thu, 15 Jul 2010 20:54:14 +0000 (16:54 -0400)]
s3-dcerpc: Use a local function to dump pdu regions

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agos3-misc: Move smb_io_time() to regfio.c
Simo Sorce [Thu, 15 Jul 2010 20:19:04 +0000 (16:19 -0400)]
s3-misc: Move smb_io_time() to regfio.c

This is the last file using this function and we do not want anyone
else to keep using hand marshalled stuff anyway.
So make it also private to that file.

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agos3-dcerpc: Use DATA_BLOB for pipes_struct input data
Simo Sorce [Thu, 15 Jul 2010 14:28:59 +0000 (10:28 -0400)]
s3-dcerpc: Use DATA_BLOB for pipes_struct input data

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agos3-dcerpc: Use DATA_BLOB instead of prs_struct for req_data
Simo Sorce [Thu, 15 Jul 2010 12:48:51 +0000 (08:48 -0400)]
s3-dcerpc: Use DATA_BLOB instead of prs_struct for req_data

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agos3-dcerpc: Use DATA_BLOB instead of prs_struct for rpc_out
Simo Sorce [Thu, 15 Jul 2010 03:31:38 +0000 (23:31 -0400)]
s3-dcerpc: Use DATA_BLOB instead of prs_struct for rpc_out

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agos3-dcerpc: Avoid unnecessary memory allocation for dcerpc_ctx_list
Simo Sorce [Wed, 14 Jul 2010 23:57:01 +0000 (19:57 -0400)]
s3-dcerpc: Avoid unnecessary memory allocation for dcerpc_ctx_list

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agos3-dcerpc: Use DATA_BLOB instead of prs_struct for reply_pdu
Simo Sorce [Wed, 14 Jul 2010 23:39:54 +0000 (19:39 -0400)]
s3-dcerpc: Use DATA_BLOB instead of prs_struct for reply_pdu

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agos3-dcerpc: Use DATA_BLOB instead of prs_struct for incoming fragments
Simo Sorce [Wed, 14 Jul 2010 22:29:32 +0000 (18:29 -0400)]
s3-dcerpc: Use DATA_BLOB instead of prs_struct for incoming fragments

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agos3-dcerpc: Read a pdu in 2 steps, header first the payload
Simo Sorce [Wed, 14 Jul 2010 20:15:13 +0000 (16:15 -0400)]
s3-dcerpc: Read a pdu in 2 steps, header first the payload

We can't really cope with receiving more data than expected anyway
as there is code that checks if the size of the buffer is consistent with
pkt->frag_length and throws an error if not.

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agos3-dceprc: Use IDL defined constants for length calculations
Simo Sorce [Wed, 14 Jul 2010 17:56:13 +0000 (13:56 -0400)]
s3-dceprc: Use IDL defined constants for length calculations

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agoReformat and cleanup
Simo Sorce [Wed, 14 Jul 2010 18:01:44 +0000 (14:01 -0400)]
Reformat and cleanup

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agos3-dcerpc: Move common helpers into a common file
Simo Sorce [Wed, 14 Jul 2010 16:18:49 +0000 (12:18 -0400)]
s3-dcerpc: Move common helpers into a common file

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agos3-dcerpc: Padding is never done on a DCERPC_PKT_BIND_ACK packet.
Simo Sorce [Wed, 14 Jul 2010 15:09:04 +0000 (11:09 -0400)]
s3-dcerpc: Padding is never done on a DCERPC_PKT_BIND_ACK packet.

Empirically verified against Windows.
It never pads the auth credentials on this packet type.

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agodcerpc: remove ncacn_packet_header and related functions
Simo Sorce [Wed, 14 Jul 2010 06:04:04 +0000 (02:04 -0400)]
dcerpc: remove ncacn_packet_header and related functions

ncacn_packet_header was an artifact and it is not necessary anymore

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agos3-dcerpc: Refactor code and stop using ncacn_packet_header
Simo Sorce [Wed, 14 Jul 2010 05:59:10 +0000 (01:59 -0400)]
s3-dcerpc: Refactor code and stop using ncacn_packet_header

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agos3-dcerpc: consolidate respones packet creation code
Simo Sorce [Wed, 14 Jul 2010 03:56:01 +0000 (23:56 -0400)]
s3-dcerpc: consolidate respones packet creation code

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agos3-dcerpc: Convert frag from prs_struct to a simple DATA_BLOB
Simo Sorce [Tue, 13 Jul 2010 22:01:16 +0000 (18:01 -0400)]
s3-dcerpc: Convert frag from prs_struct to a simple DATA_BLOB

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agos3-dcerpc: Convert rdata from prs_struct to a simple DATA_BLOB
Simo Sorce [Tue, 13 Jul 2010 19:43:44 +0000 (15:43 -0400)]
s3-dcerpc: Convert rdata from prs_struct to a simple DATA_BLOB

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agos3-dcerpc: Remove unused functions and headers
Simo Sorce [Tue, 13 Jul 2010 16:03:21 +0000 (12:03 -0400)]
s3-dcerpc: Remove unused functions and headers

parse_rpc.c is dead, long live parse_rpc.c !

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agos3-dcerpc: Stop using hand marshalling in create_next_pdu_noauth()
Simo Sorce [Tue, 13 Jul 2010 15:53:41 +0000 (11:53 -0400)]
s3-dcerpc: Stop using hand marshalling in create_next_pdu_noauth()

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agos3-dcerpc: Stop using hand marshalling in create_next_pdu_schannel()
Simo Sorce [Tue, 13 Jul 2010 13:52:56 +0000 (09:52 -0400)]
s3-dcerpc: Stop using hand marshalling in create_next_pdu_schannel()

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agos3-dcerpc: Stop using hand marshalling in create_next_pdu_ntlmssp()
Simo Sorce [Tue, 13 Jul 2010 13:26:13 +0000 (09:26 -0400)]
s3-dcerpc: Stop using hand marshalling in create_next_pdu_ntlmssp()

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agos3-dcerpc: Stop using hand marshalling in rpc_finish_auth3_bind_send()
Simo Sorce [Tue, 13 Jul 2010 14:27:37 +0000 (10:27 -0400)]
s3-dcerpc: Stop using hand marshalling in rpc_finish_auth3_bind_send()

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agos3-dcerpc: Do not parse the packet twice.
Simo Sorce [Tue, 13 Jul 2010 12:49:35 +0000 (08:49 -0400)]
s3-dcerpc: Do not parse the packet twice.

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agos3-dcerpc: Remove unused function
Simo Sorce [Tue, 13 Jul 2010 12:39:03 +0000 (08:39 -0400)]
s3-dcerpc: Remove unused function

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agos3-dcerpc: Do not reparse the header
Simo Sorce [Tue, 13 Jul 2010 12:29:21 +0000 (08:29 -0400)]
s3-dcerpc: Do not reparse the header

Instead pass back and use the packet we have already parsed.

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agos3-dcerpc: Pull the whole packet at once instead of fetching just the header
Simo Sorce [Tue, 13 Jul 2010 11:59:12 +0000 (07:59 -0400)]
s3-dcerpc: Pull the whole packet at once instead of fetching just the header

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agos3-dcerpc: Delay parsing rpc header in client code
Simo Sorce [Mon, 12 Jul 2010 13:36:39 +0000 (09:36 -0400)]
s3-dcerpc: Delay parsing rpc header in client code

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agoFix bug - 7551 smbclient does not return proper exit code.
Jeremy Allison [Thu, 15 Jul 2010 23:06:11 +0000 (16:06 -0700)]
Fix bug - 7551 smbclient does not return proper exit code.

Catch error in cli_push.

Jeremy.

9 years agos4:testprogs Operate the blackbox kinit and net tests using the :local config
Andrew Bartlett [Thu, 15 Jul 2010 06:45:13 +0000 (16:45 +1000)]
s4:testprogs Operate the blackbox kinit and net tests using the :local config

This :local tells selftest.pl to use the local smb.conf for the test
environment, not the generic client smb.conf

This then makes the rest work properly - otherwise, it may attempt to
connect to the wrong KDC for example.

The only problem is that we can't test the 'net join' with this set,
so this is removed from the test.  The member server test environment
checks this anyway.

Andrew Bartlett

9 years agos4:testprogs Show that we no longer delete the old keytab entries
Andrew Bartlett [Thu, 15 Jul 2010 04:05:23 +0000 (14:05 +1000)]
s4:testprogs Show that we no longer delete the old keytab entries

By using a CCACHE obtained while the old password was still valid, we
can tell if the server still accepts incoming Kerberos connections
with the old password.

Andrew Bartlett

9 years agos4:provision Handle machine account password changes while keeping keytab
Andrew Bartlett [Thu, 15 Jul 2010 04:03:11 +0000 (14:03 +1000)]
s4:provision Handle machine account password changes while keeping keytab

The challenge here is to update the existing record if it already
exists, rather than deleting the old record.  This ensures that the
secrets.keytab handling code keeps the previous password in the
keytab.

Andrew Bartlett

9 years agos4:pyldb whitespace fix
Andrew Bartlett [Thu, 15 Jul 2010 04:01:56 +0000 (14:01 +1000)]
s4:pyldb whitespace fix

9 years agos4:pyldb Fix memory handling for ldb_message_element
Andrew Bartlett [Thu, 15 Jul 2010 04:00:48 +0000 (14:00 +1000)]
s4:pyldb Fix memory handling for ldb_message_element

The problem here is that we need to use the array, not the individual
message element as the memory context.

Andrew Bartlett

9 years agos4:testprogs Prove kerberos still works after a password change
Andrew Bartlett [Thu, 15 Jul 2010 00:54:08 +0000 (10:54 +1000)]
s4:testprogs Prove kerberos still works after a password change

Changing the machine account password should not prevent connections
with a current, valid CCACHE.  This is because when the password is
changed, the server-side keytab keeps one old password around.

Andrew Bartlett

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
9 years agos4 upgradeprovision: Adapt the list of attribute modified
Matthieu Patou [Sun, 11 Jul 2010 13:27:13 +0000 (17:27 +0400)]
s4 upgradeprovision: Adapt the list of attribute modified

* isMemberOfPartialAttributeSet is now allowed to be deleted (on schema
 objects)
* attributeDisplayNames is now allowed to be added and modified (used on
  display specifiers)
* spnMapping is now allowed to be altered on Directory Service objects
* minPwdAge is now modified if the previous value was 0

We issue a clear information about the userControl attribute for
administrator to invite the user to modify himself the value.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
9 years agos4 ldb modules: relax some tests about attributes that should not be here
Matthieu Patou [Sat, 10 Jul 2010 10:48:40 +0000 (14:48 +0400)]
s4 ldb modules: relax some tests about attributes that should not be here

For attributes that we know that are harmless and that used to be stored
in the ldb we relax the tests on the existance in a given objectclass.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
9 years agos4 upgradeprovision: Synchronize the calculated keyversionnumber with the one previou...
Matthieu Patou [Sun, 4 Jul 2010 21:00:13 +0000 (01:00 +0400)]
s4 upgradeprovision: Synchronize the calculated keyversionnumber with the one previously stored

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
9 years agos4 upgradeprovision: do not copy RID Set it's automaticaly created by the RID manager
Matthieu Patou [Mon, 5 Jul 2010 19:46:46 +0000 (23:46 +0400)]
s4 upgradeprovision: do not copy RID Set it's automaticaly created by the RID manager

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
9 years agos4 upgradeprovision: add function to backup the provision before updating
Matthieu Patou [Sat, 3 Jul 2010 12:26:24 +0000 (16:26 +0400)]
s4 upgradeprovision: add function to backup the provision before updating

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
9 years agos4 upgradeprovision: fix whitespaces
Matthieu Patou [Sat, 3 Jul 2010 12:53:44 +0000 (16:53 +0400)]
s4 upgradeprovision: fix whitespaces

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
9 years agos4: Add unit test for increment_calculated_keyversion_number
Matthieu Patou [Tue, 15 Jun 2010 08:54:05 +0000 (12:54 +0400)]
s4: Add unit test for increment_calculated_keyversion_number

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
9 years agos4 upgradeprovision: introduce a new function to update the field use for calculating...
Matthieu Patou [Tue, 15 Jun 2010 08:49:19 +0000 (12:49 +0400)]
s4 upgradeprovision: introduce a new function to update the field use for calculating msds-keyversionnumber

This function change the version field of the unicodePwd in the
replPropertyMetaData so that the version is equal or
superior to the reference value passed.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
9 years agos4 python: Add functions to samdb to manipulate version of replPropertyMetaData attribute
Matthieu Patou [Tue, 22 Jun 2010 16:03:15 +0000 (20:03 +0400)]
s4 python: Add functions to samdb to manipulate version of replPropertyMetaData attribute

This change contains also helpers for attribute id to attribute oid
conversion and from attribute id to attribute name.
It brings also unit tests

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
9 years agos4 dsdb: Use the changereplmetadata control
Matthieu Patou [Wed, 16 Jun 2010 14:47:18 +0000 (18:47 +0400)]
s4 dsdb: Use the changereplmetadata control

This control allow to specify the replPropertyMetaData attribute to
be specified on modify request. It can be used for very specific needs
to tweak the content of the replication data.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
9 years agos4 dsdb: create a new control: changereplmetadata
Matthieu Patou [Tue, 22 Jun 2010 15:56:37 +0000 (19:56 +0400)]
s4 dsdb: create a new control: changereplmetadata

This control is designed to allow replmetadata to be specified

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
9 years agoldb: allow ldb_sequence_number to be called in python
Matthieu Patou [Mon, 21 Jun 2010 06:55:18 +0000 (10:55 +0400)]
ldb: allow ldb_sequence_number to be called in python

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
9 years agos4: Unit test update_machine_account_password through kinit
Matthieu Patou [Sun, 4 Jul 2010 12:39:17 +0000 (16:39 +0400)]
s4: Unit test update_machine_account_password through kinit

This patch is for testing the chgdcpass script which is mostly a call to
update_machine_account_password.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
9 years agos4: Add a simple script to change dc password
Matthieu Patou [Mon, 28 Jun 2010 09:49:08 +0000 (13:49 +0400)]
s4: Add a simple script to change dc password

This script will mostly be used by unit test (blackbox type) to test the
change of the dc password

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
9 years agos4 provision: move update_machine_account_password to helpers
Matthieu Patou [Sun, 4 Jul 2010 12:38:54 +0000 (16:38 +0400)]
s4 provision: move update_machine_account_password to helpers

This is to allow reuse of this function and also unit tests

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
9 years agos3: Fix crashes in the printing code
Volker Lendecke [Thu, 15 Jul 2010 08:36:40 +0000 (10:36 +0200)]
s3: Fix crashes in the printing code

create_conn_struct did not create the conn->sconn!=NULL assumption we now
depend on. Thanks to Andreas Schneider for testing!

9 years agos3-dcerpc: Break memory hierarchy for shared structure
Simo Sorce [Wed, 14 Jul 2010 12:57:47 +0000 (08:57 -0400)]
s3-dcerpc: Break memory hierarchy for shared structure

Handles are shared among multiple pipes_struct. We cannot allocate
them on any specific pipes_struct or it will vanish for all others
as soon as that pipes_struct is freed, leaving back dangling
pointers.

Signed-off-by: Andreas Schneider <asn@samba.org>
9 years agos4: Added acl search tests for anonymous connection.
Nadezhda Ivanova [Wed, 14 Jul 2010 11:44:46 +0000 (14:44 +0300)]
s4: Added acl search tests for anonymous connection.

The tests make sure that we comply with dsHeuristics setting and
restrict anonymous access to rootDSE. They will be enabled when the
implementation is pushed. tests are verified against win2k8.

9 years agos3-dcerpc: fix crash bug in error path of process_complete_pdu().
Günther Deschner [Wed, 14 Jul 2010 10:35:39 +0000 (12:35 +0200)]
s3-dcerpc: fix crash bug in error path of process_complete_pdu().

Guenther

9 years agoFixed system_session_anon to actually make an anonymous session
Nadezhda Ivanova [Wed, 14 Jul 2010 07:30:40 +0000 (10:30 +0300)]
Fixed system_session_anon to actually make an anonymous session

It seems that because the flag is false, this always used the supplied credentials
rhather than establish anonymous connection.

9 years agos3:auth Change auth_ntlmssp_server_info API to return NTSTATUS
Andrew Bartlett [Mon, 12 Jul 2010 04:26:34 +0000 (14:26 +1000)]
s3:auth Change auth_ntlmssp_server_info API to return NTSTATUS

This fixes a bug where register_existing_vuid() could be called with a
NULL server_info if the alloction failed.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
9 years agos3:smbd Give the kerberos session key a parent
Andrew Bartlett [Mon, 12 Jul 2010 04:25:28 +0000 (14:25 +1000)]
s3:smbd Give the kerberos session key a parent

Nothing will free this, so this prevents a memory leak.

Andrew Bartlett

Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Signed-off-by: Andrew Tridgell <tridge@samba.org>
9 years agos3:smbd Fix segfault if register_existing_vuid() fails
Andrew Bartlett [Mon, 12 Jul 2010 04:21:34 +0000 (14:21 +1000)]
s3:smbd Fix segfault if register_existing_vuid() fails

The register_existing_vuid() call will handle both the ntlmssp_end and
vuid invalidation internally, so we don't want to do it again.

Andrew Bartlett

Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Signed-off-by: Andrew Tridgell <tridge@samba.org>
9 years agos3-selftest: enable RPC-BIND against s3.
Günther Deschner [Tue, 13 Jul 2010 23:32:02 +0000 (01:32 +0200)]
s3-selftest: enable RPC-BIND against s3.

Guenther

9 years agos4-smbtorture: add very simple RPC-BIND testsuite.
Günther Deschner [Tue, 13 Jul 2010 23:31:12 +0000 (01:31 +0200)]
s4-smbtorture: add very simple RPC-BIND testsuite.

Guenther

9 years agos4-smbtorture: rename rpc/bind.c to rpc/multi_bind.c.
Günther Deschner [Tue, 13 Jul 2010 21:57:07 +0000 (23:57 +0200)]
s4-smbtorture: rename rpc/bind.c to rpc/multi_bind.c.

Guenther

9 years agos3-libnet: add missing header file, sorry.
Günther Deschner [Tue, 13 Jul 2010 21:35:25 +0000 (23:35 +0200)]
s3-libnet: add missing header file, sorry.

Guenther

9 years agos3-libnet: better separate headers.
Günther Deschner [Thu, 1 Jul 2010 22:14:04 +0000 (00:14 +0200)]
s3-libnet: better separate headers.

Guenther

9 years agos3-winbind: Don't cache queries to builtin and own sam domain.
Andreas Schneider [Tue, 13 Jul 2010 13:37:13 +0000 (15:37 +0200)]
s3-winbind: Don't cache queries to builtin and own sam domain.

9 years agos3-winbind: Set status before we leave in some msrpc functions.
Andreas Schneider [Wed, 7 Jul 2010 12:27:04 +0000 (14:27 +0200)]
s3-winbind: Set status before we leave in some msrpc functions.

9 years agoRevert "Remove the global char *LastDir."
Jeremy Allison [Tue, 13 Jul 2010 16:30:35 +0000 (09:30 -0700)]
Revert "Remove the global char *LastDir."

Volker pointed out I'd missed the "last directory" cache
part of this code. Return us to caching the directory we're
in (reduces sys call load).

Mea maxima culpa.

Jeremy.

This reverts commit 2f30aea3324f32f9b8555e961256fc1280da2871.

9 years agos3-waf: fix the build.
Günther Deschner [Tue, 13 Jul 2010 15:07:49 +0000 (17:07 +0200)]
s3-waf: fix the build.

Guenther

9 years agos3-ldb: fix build warning.
Günther Deschner [Tue, 13 Jul 2010 14:45:52 +0000 (16:45 +0200)]
s3-ldb: fix build warning.

Guenther

9 years agos4: Reorganized dsHeuristics reset so the code can be reused
Nadezhda Ivanova [Tue, 13 Jul 2010 14:15:54 +0000 (17:15 +0300)]
s4: Reorganized dsHeuristics reset so the code can be reused

Moved the setting of dsHeuristics to a method as soon we will have to set other
values as well in different tests

9 years agos3-dcerpc: Remove unused functions and headers
Simo Sorce [Sun, 11 Jul 2010 21:49:06 +0000 (17:49 -0400)]
s3-dcerpc: Remove unused functions and headers

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agos3-dcerpc: Use dcerpc_push_ncacn_packet() in api_pipe_alter_context()
Simo Sorce [Sun, 11 Jul 2010 21:35:02 +0000 (17:35 -0400)]
s3-dcerpc: Use dcerpc_push_ncacn_packet() in api_pipe_alter_context()

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agos3-dcerpc: Use dcerpc_push_dcerpc_auth() for spnego auth continuations.
Simo Sorce [Sun, 11 Jul 2010 21:07:19 +0000 (17:07 -0400)]
s3-dcerpc: Use dcerpc_push_dcerpc_auth() for spnego auth continuations.

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agos3-dceprc: Use dcerpc_push_ncacn_packet() in api_pipe_bind_req()
Simo Sorce [Sun, 11 Jul 2010 15:48:22 +0000 (11:48 -0400)]
s3-dceprc: Use dcerpc_push_ncacn_packet() in api_pipe_bind_req()

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agos3-dcerpc: Use a DATA_BLOB in bind processing and avoid one mem copy
Simo Sorce [Sun, 11 Jul 2010 15:15:40 +0000 (11:15 -0400)]
s3-dcerpc: Use a DATA_BLOB in bind processing and avoid one mem copy

Also move dcerpc_push_dcerpc_auth() invocation in api_pipe_bind_req()
to simplify the workflow.

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agos3-dcerpc: Rearrange api_pipe_bind_req() to do checks before allocating memory
Simo Sorce [Sun, 11 Jul 2010 14:47:32 +0000 (10:47 -0400)]
s3-dcerpc: Rearrange api_pipe_bind_req() to do checks before allocating memory

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agos3-dcerpc: fix dcerpc_push_ncacn_packet, pass arg by address
Simo Sorce [Sun, 11 Jul 2010 16:18:13 +0000 (12:18 -0400)]
s3-dcerpc: fix dcerpc_push_ncacn_packet, pass arg by address

There is no need to copy the whole structure twice by passing it in by value.

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agos3-dcerpc: pass the packet to setup_bind_nack()
Simo Sorce [Sun, 11 Jul 2010 14:37:07 +0000 (10:37 -0400)]
s3-dcerpc: pass the packet to setup_bind_nack()

Allows to not rely on p->call_id but use the value directly from the request
packet header.

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agos3-dceprc: Add debug messages
Simo Sorce [Sat, 10 Jul 2010 22:53:36 +0000 (18:53 -0400)]
s3-dceprc: Add debug messages

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agos3-dcerpc: Remove unused members
Simo Sorce [Sat, 10 Jul 2010 21:05:58 +0000 (17:05 -0400)]
s3-dcerpc: Remove unused members

Signed-off-by: Günther Deschner <gd@samba.org>