kai/samba-autobuild/.git
10 years agoPC Oota Edits.
John H Terpstra [Thu, 19 Nov 2009 21:41:59 +0000 (15:41 -0600)]
PC Oota Edits.

10 years agos3: Avoid races to change the machine password in winbind
Volker Lendecke [Thu, 19 Nov 2009 16:22:27 +0000 (17:22 +0100)]
s3: Avoid races to change the machine password in winbind

The machine password handler has code to deal with every node in the cluster
trying to change the machine password at the same time. However, it is not very
nice to the DC if everyone tries this simultaneously. This adds a random 0-255
second offset to our timed event. When this fires a bit later than strictly
calculated, someone else might have stepped in and have already changed it. The
timed event handler will handle this gracefully, it won't even try to do it
again.

10 years agos3: Protect against flooding the DC with pwchange requests
Volker Lendecke [Thu, 19 Nov 2009 16:20:47 +0000 (17:20 +0100)]
s3: Protect against flooding the DC with pwchange requests

When there is a temporary problem changing passwords we flooded the DC with
pwchange requests. This gives the DC a 60-second break to recover.

10 years agos3: Re-check the timeout in machine_password_change_handler()
Volker Lendecke [Thu, 19 Nov 2009 16:14:40 +0000 (17:14 +0100)]
s3: Re-check the timeout in machine_password_change_handler()

Someone else might have come in between and changed the password since we
created that timed request

10 years agos3: Add some debugs to the winbind machine pwchange machinery
Volker Lendecke [Thu, 19 Nov 2009 16:11:32 +0000 (17:11 +0100)]
s3: Add some debugs to the winbind machine pwchange machinery

10 years agos3: Factor timeval_string out of current_timestring()
Volker Lendecke [Thu, 19 Nov 2009 10:50:13 +0000 (11:50 +0100)]
s3: Factor timeval_string out of current_timestring()

10 years agos3: Do not kill the whole smb session if a machine pwchange failed
Volker Lendecke [Thu, 19 Nov 2009 16:56:46 +0000 (17:56 +0100)]
s3: Do not kill the whole smb session if a machine pwchange failed

10 years agos3:pdb_ldap: fix a comment typo
Michael Adam [Mon, 16 Nov 2009 10:01:53 +0000 (11:01 +0100)]
s3:pdb_ldap: fix a comment typo

Michael

10 years agos3: shortcut uid_to_sid when "ldapsam:trusted = yes"
Michael Adam [Mon, 16 Nov 2009 10:37:18 +0000 (11:37 +0100)]
s3: shortcut uid_to_sid when "ldapsam:trusted = yes"

The normal uid_to_sid behaviour is to call sys_getpwuid()
to get the name for the given uid and then call the
getsampwnam passdb method for the resulting name.

In the ldapsam:trusted case we can reduce the uid_to_sid
operation to one simple search for the uidNumber attribute
and only get the sambaSID attribute from the correspoinding
LDAP object. This reduces the number of ldap roundtrips
for this operation.

Michael

10 years agos3-build: really fix build of winbind_krb5_locator.
Günther Deschner [Thu, 19 Nov 2009 12:44:33 +0000 (13:44 +0100)]
s3-build: really fix build of winbind_krb5_locator.

Guenther

10 years agos3-build: make sure to remove libds and client object files on make clean.
Günther Deschner [Thu, 19 Nov 2009 12:39:24 +0000 (13:39 +0100)]
s3-build: make sure to remove libds and client object files on make clean.

Guenther

10 years agos4:ldbcli - Added encoder/decoder for relax control.
Endi S. Dewata [Wed, 18 Nov 2009 22:47:07 +0000 (16:47 -0600)]
s4:ldbcli - Added encoder/decoder for relax control.

10 years agos3: Replace some create_synthetic_smb_fname() calls
Volker Lendecke [Sun, 15 Nov 2009 09:46:23 +0000 (10:46 +0100)]
s3: Replace some create_synthetic_smb_fname() calls

In very hot codepaths like the statcache copy_smb_filename and the subsequent
recursive talloc_free is noticable in the CPU load.

10 years agos3: Do not talloc in readdir
Volker Lendecke [Mon, 16 Nov 2009 08:49:23 +0000 (09:49 +0100)]
s3: Do not talloc in readdir

This is a hot codepath (called from the stat cache)

10 years agos3:load_interfaces(): use function gfree_interfaces() that we have.
Michael Adam [Wed, 18 Nov 2009 14:19:09 +0000 (15:19 +0100)]
s3:load_interfaces(): use function gfree_interfaces() that we have.

To reduce code duplication.

Michael

10 years agoAdded control copying for message types other than ldb_search.
Nadezhda Ivanova [Wed, 18 Nov 2009 16:47:29 +0000 (18:47 +0200)]
Added control copying for message types other than ldb_search.

When ildap created a new message to forward, it only copied controls for ldb_search
requests. This caused controls for add and modify to be lost in transition
and tests for them could not be implemented.

10 years agos3/docs: Add "max protocol = smb2" to man smb.conf.
Karolin Seeger [Wed, 18 Nov 2009 12:05:24 +0000 (13:05 +0100)]
s3/docs: Add "max protocol = smb2" to man smb.conf.

Karolin

10 years agoREADME.coding: Update rules about code blocks and braces.
Kai Blin [Wed, 18 Nov 2009 10:43:01 +0000 (11:43 +0100)]
README.coding: Update rules about code blocks and braces.

10 years agoselftest: Subunit/Filter.pm only allow expected failures without errors
Stefan Metzmacher [Tue, 17 Nov 2009 14:27:29 +0000 (15:27 +0100)]
selftest: Subunit/Filter.pm only allow expected failures without errors

metze

10 years agos4:selftest: mark samba4.smb2.lock.*.VALID-REQUEST as known failure
Stefan Metzmacher [Wed, 18 Nov 2009 07:20:29 +0000 (08:20 +0100)]
s4:selftest: mark samba4.smb2.lock.*.VALID-REQUEST as known failure

metze

10 years agoSMB2-LOCK: make use of torture_assert_*()
Stefan Metzmacher [Wed, 18 Nov 2009 07:12:48 +0000 (08:12 +0100)]
SMB2-LOCK: make use of torture_assert_*()

This is needed in order to mark tests as known failures.

metze

10 years agos4:ntvfs_generic: check for valid SMB2_LOCK flags
Stefan Metzmacher [Wed, 18 Nov 2009 07:11:46 +0000 (08:11 +0100)]
s4:ntvfs_generic: check for valid SMB2_LOCK flags

metze

10 years agos4:selftest: fix logic for --option=torture:progress=no
Stefan Metzmacher [Tue, 17 Nov 2009 15:58:11 +0000 (16:58 +0100)]
s4:selftest: fix logic for --option=torture:progress=no

metze

10 years agos4:torture/test_gentest.sh: make use of the PREFIX argument
Stefan Metzmacher [Tue, 17 Nov 2009 14:23:39 +0000 (15:23 +0100)]
s4:torture/test_gentest.sh: make use of the PREFIX argument

We should not use hardcode pathes!

metze

10 years agoselftest: ignore empty lines in knownfailures
Stefan Metzmacher [Tue, 17 Nov 2009 15:59:20 +0000 (16:59 +0100)]
selftest: ignore empty lines in knownfailures

metze

10 years agoselftest/output/plain.pm: report the testuite name on error
Stefan Metzmacher [Tue, 17 Nov 2009 16:30:14 +0000 (17:30 +0100)]
selftest/output/plain.pm: report the testuite name on error

metze

10 years agos4:selftest: for now skip the BASE-DELAY-WRITE test completely
Stefan Metzmacher [Tue, 17 Nov 2009 11:03:54 +0000 (12:03 +0100)]
s4:selftest: for now skip the BASE-DELAY-WRITE test completely

This test randomly fails depending on the timing
(the tests are too strict with the values introduced in
commit 0fca2b078ceb314e429e24e3318b50451ccf423b)
and local filesystem features (timestamp resolution).

metze

10 years agos4:selftest: avoid running the slow BASE-DELAY-WRITE test on the cifs proxy share
Stefan Metzmacher [Tue, 17 Nov 2009 10:59:21 +0000 (11:59 +0100)]
s4:selftest: avoid running the slow BASE-DELAY-WRITE test on the cifs proxy share

It's enough to run it on the posix share.

metze

10 years agos4:selftest: add "rpc.netlogon.*.GetDomainInfo"
Stefan Metzmacher [Mon, 16 Nov 2009 15:54:53 +0000 (16:54 +0100)]
s4:selftest: add "rpc.netlogon.*.GetDomainInfo"

We need to expand the test to work against w2k8 and w2k8r2...

metze

10 years agofixed the build
Andrew Tridgell [Wed, 18 Nov 2009 01:46:45 +0000 (12:46 +1100)]
fixed the build

whoever pushed 15d93a5d8e21893e1cca5c989dbf97010aae1622, please check
that what you push compiles and passes tests. In this case it didn't
compile.

10 years agos4/torture: Port SMBv1 Change Notify tests to SMBv2
Aravind Srinivasan [Tue, 17 Nov 2009 23:30:11 +0000 (15:30 -0800)]
s4/torture: Port SMBv1 Change Notify tests to SMBv2

* Ported all tests from raw/notify.c to smb2/notify.c
* Parameterized the max_buffer_size so it can be set on a
  per-target basis.
* Fixed CHECK macros to use torture_result
* Created a SMB2-NOTIFY test suite

10 years agos4/libcli: add a FILE_NOTIFY_CHANGE_ALL macro
Aravind Srinivasan [Tue, 17 Nov 2009 23:24:40 +0000 (15:24 -0800)]
s4/libcli: add a FILE_NOTIFY_CHANGE_ALL macro

This macro encompasses all possible file notifications that can
be raised.

10 years agos4/torture: add a new ulong parameteric torture option
Aravind Srinivasan [Tue, 17 Nov 2009 23:23:23 +0000 (15:23 -0800)]
s4/torture: add a new ulong parameteric torture option

10 years agotorture/smb2: make SMB2 BRL tests pass against W2K8R2
Steven Danneman [Fri, 13 Nov 2009 23:13:19 +0000 (15:13 -0800)]
torture/smb2: make SMB2 BRL tests pass against W2K8R2

The BRL tests previously based their results off several bugs in the
W2K8 byte range lock code.  I've fixed up the tests to pass against
Win7 which has fixed these bugs, and assume that the Win7 behavior
is the default.

I have inverted the test behavior for >63-bit lock requests.  The
tests previously expected NT_STATUS_OK as their default in this
case.  I've changed that default to expect STATUS_INVALID_LOCK_RANGE.
This may requires some changing of make test to compensate.

I've also removed a few test scenarios from VALID-REQUEST in preparation
of replacing them with separate tests ported from RAW-LOCK.

10 years agoStart removing SMB_STRUCT_STAT variables except for
Jeremy Allison [Wed, 18 Nov 2009 00:06:08 +0000 (16:06 -0800)]
Start removing SMB_STRUCT_STAT variables except for
the directory enumeration code (which needs it).
Jeremy.

10 years agoRemove "store create time" code, cause create time to be stored
Jeremy Allison [Tue, 17 Nov 2009 22:55:02 +0000 (14:55 -0800)]
Remove "store create time" code, cause create time to be stored
in the "user.DOSATTRIB" EA. From the docs:
In Samba 3.5.0 and above the "user.DOSATTRIB" extended attribute has been extended to store
the create time for a file as well as the DOS attributes. This is done in a backwards compatible
way so files created by Samba 3.5.0 and above can still have the DOS attribute read from this
extended attribute by earlier versions of Samba, but they will not be able to read the create
time stored there. Storing the create time separately from the normal filesystem meta-data
allows Samba to faithfully reproduce NTFS semantics on top of a POSIX filesystem.
Passes make test but will need more testing.
Jeremy.

10 years agos4:WINREG RPC server - remove a "talloc_free"
Matthias Dieter Wallnöfer [Tue, 17 Nov 2009 18:56:14 +0000 (19:56 +0100)]
s4:WINREG RPC server - remove a "talloc_free"

I assume that this "talloc_free" isn't necessary since the DCERPC server frees
the handle itself (we got always warnings about this).

10 years agos4:provision_users.ldif - Descriptions generally begin with a majuscle
Matthias Dieter Wallnöfer [Tue, 17 Nov 2009 18:46:59 +0000 (19:46 +0100)]
s4:provision_users.ldif - Descriptions generally begin with a majuscle

10 years agos4:SAMLDB DSDB module - Add "\n"s on debug messages
Matthias Dieter Wallnöfer [Tue, 17 Nov 2009 18:22:00 +0000 (19:22 +0100)]
s4:SAMLDB DSDB module - Add "\n"s on debug messages

10 years agos4:SAMLDB DSDB module - Remove "\n" in LDB error messages
Matthias Dieter Wallnöfer [Tue, 17 Nov 2009 17:45:17 +0000 (18:45 +0100)]
s4:SAMLDB DSDB module - Remove "\n" in LDB error messages

abartlet suggested me to not use anymore "\n"s in those kind of outputs.
Plus, enhance a search filter to consider also "builtinDomain" objects which
are basically domain objects too.

10 years agoFixed incorrect SID for RAS Servers.
Nadezhda Ivanova [Tue, 17 Nov 2009 15:10:23 +0000 (17:10 +0200)]
Fixed incorrect SID for RAS Servers.

10 years agos3: Fix the build on Solaris
Volker Lendecke [Tue, 17 Nov 2009 14:15:35 +0000 (15:15 +0100)]
s3: Fix the build on Solaris

10 years agos4:dsdb/schema: let schema_supclasses() return the correct pointer
Stefan Metzmacher [Mon, 16 Nov 2009 18:41:46 +0000 (19:41 +0100)]
s4:dsdb/schema: let schema_supclasses() return the correct pointer

str_list_unique() changes the pointer via talloc_realloc().

metze

10 years agolibrpc: rerun "make idl"
Stefan Metzmacher [Mon, 16 Nov 2009 18:41:05 +0000 (19:41 +0100)]
librpc: rerun "make idl"

metze

10 years agonetlogon.idl: fix ndr_pull_netr_DatabaseRedo()
Stefan Metzmacher [Mon, 16 Nov 2009 18:38:32 +0000 (19:38 +0100)]
netlogon.idl: fix ndr_pull_netr_DatabaseRedo()

We can't use subcontext_size() here, as
change_log_entry_size is encoded after the subcontext.

metze

10 years agos4:selftest: use "dc:local" instead of a hardcoded config file
Stefan Metzmacher [Mon, 16 Nov 2009 17:00:42 +0000 (18:00 +0100)]
s4:selftest: use "dc:local" instead of a hardcoded config file

If a tests needs access to the dc's config, it should run
as "dc:local", then it can also access unix named pipes...

If we pass a hardcoded config file the test fails if you use
a selftest_prefix.

metze

10 years agos4:selftest: allways start with $(ST_RM)
Stefan Metzmacher [Mon, 16 Nov 2009 15:53:51 +0000 (16:53 +0100)]
s4:selftest: allways start with $(ST_RM)

metze

10 years agos4:selftest: place summary file into selftest-prefix
Stefan Metzmacher [Mon, 16 Nov 2009 15:48:18 +0000 (16:48 +0100)]
s4:selftest: place summary file into selftest-prefix

metze

10 years agoselftest: make sure we don't buffer any output
Stefan Metzmacher [Mon, 16 Nov 2009 15:34:13 +0000 (16:34 +0100)]
selftest: make sure we don't buffer any output

metze

10 years agoselftest: Fix unexpected failure handline in Subunit/Filter.pm
Stefan Metzmacher [Mon, 16 Nov 2009 15:27:39 +0000 (16:27 +0100)]
selftest: Fix unexpected failure handline in Subunit/Filter.pm

We should only mark the testsuite as expected failure,
if there were more than 1 expected failure, but 0 unexpected
failures.

Before we ignored unexpected failures if there was an expected failure
within a testsuite.

metze

10 years agos4:heimdal: import lorikeet-heimdal-200911170333 (commit b532c294d974cead40a1183c71be...
Andrew Bartlett [Tue, 17 Nov 2009 04:36:48 +0000 (15:36 +1100)]
s4:heimdal: import lorikeet-heimdal-200911170333 (commit b532c294d974cead40a1183c71be644c6ccc2832)

This fixes up connections to Windows 2003, because the previous import
had a broken arcfour-hmac-md5 implementation (fixed in Heimdal
316fc6ff8ffb0cbb1ef3689685e9977c37405bc4)

Andrew Bartlett

10 years agos4/drs(tort): Convert DSSYNC test to a test case fixture
Kamen Mazdrashki [Mon, 16 Nov 2009 01:28:01 +0000 (03:28 +0200)]
s4/drs(tort): Convert DSSYNC test to a test case fixture

Now it should be much more clear why and where a test
in DSSYNC test case has failed.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
10 years agos4/drs(tort): replace DEBUG with torture_asert/comment/fail
Kamen Mazdrashki [Mon, 16 Nov 2009 09:36:20 +0000 (11:36 +0200)]
s4/drs(tort): replace DEBUG with torture_asert/comment/fail

I left dumping of decrypted attributes values 'as is'
(using DEBUG and DEBUGADD) as it uses dump_data() function.
dump_data() uses DEBUGADD internally, so I have no way
to redirect its output to torture_context at this point.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
10 years agos4/drs(tort): use torture_drsuapi_assert_call() macro for error checking
Kamen Mazdrashki [Sat, 14 Nov 2009 13:51:53 +0000 (15:51 +0200)]
s4/drs(tort): use torture_drsuapi_assert_call() macro for error checking

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
10 years agos4/drs(tort): replace 'printf' with 'torture_...' calls
Kamen Mazdrashki [Thu, 12 Nov 2009 01:11:58 +0000 (03:11 +0200)]
s4/drs(tort): replace 'printf' with 'torture_...' calls

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
10 years agos4/drs(tort): 'DsSyncBindInfo.pipe' renamed - 'pipe' is a system call
Kamen Mazdrashki [Tue, 10 Nov 2009 16:12:40 +0000 (18:12 +0200)]
s4/drs(tort): 'DsSyncBindInfo.pipe' renamed - 'pipe' is a system call

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
10 years agos4/drs(tort): 'DsPrivate.pipe' renamed - 'pipe' is a system call
Kamen Mazdrashki [Sat, 14 Nov 2009 01:56:21 +0000 (03:56 +0200)]
s4/drs(tort): 'DsPrivate.pipe' renamed - 'pipe' is a system call

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
10 years agos4:dsdb With these workarounds, we now pass the RPC-DSSYNC test
Andrew Bartlett [Mon, 16 Nov 2009 23:37:04 +0000 (10:37 +1100)]
s4:dsdb With these workarounds, we now pass the RPC-DSSYNC test

10 years agos4:provision Split up reference creation, load schema earlier in the stack
Andrew Bartlett [Mon, 16 Nov 2009 07:51:17 +0000 (18:51 +1100)]
s4:provision Split up reference creation, load schema earlier in the stack

The schema needs to be loaded above the extended_dn_out modules as
otherwise we don't get an extended DN in the search results.

The reference split is to ensure we create references after the
objects they reference exist.

Andrew Bartlett

10 years agos4:schema Add the GUID to each defaultObjectCategory when loading from LDIF
Andrew Bartlett [Mon, 16 Nov 2009 07:48:46 +0000 (18:48 +1100)]
s4:schema Add the GUID to each defaultObjectCategory when loading from LDIF

This makes these full extended DNs, so we set the right values into
the database, even before we actually set the schema objects
themselves.

Andrew Bartlett

10 years agos4:dsdb Rework samdb code to use 'storage format' DNs for defaultObjectCategory
Andrew Bartlett [Mon, 16 Nov 2009 07:46:28 +0000 (18:46 +1100)]
s4:dsdb Rework samdb code to use 'storage format' DNs for defaultObjectCategory

It is important to always ensure that this attribute has an extended
DN if the rest of the database stores things that way.

The knowlege of what format the DN is stored on disk with is passed
around in an LDB opaque.

Andrew Bartlett

10 years agos4:provision Generate a random objectGUID for each schema record
Andrew Bartlett [Mon, 16 Nov 2009 07:45:21 +0000 (18:45 +1100)]
s4:provision Generate a random objectGUID for each schema record

This is needed to then create extended DNs with GUID attributes in
them, when importing from the LDIF

Andrew Bartlett

10 years agos4:dsdb Load objectGUID and extended DN defaultObjectCategory into the schema
Andrew Bartlett [Mon, 16 Nov 2009 07:40:24 +0000 (18:40 +1100)]
s4:dsdb Load objectGUID and extended DN defaultObjectCategory into the schema

The load of defaultObjectCategory as an extended DN means we need to
use the common parsing functions I just split out, rather than the
GET_DS_DN macro.

The objectGUIDs are loaded so that we can create the extended DN when
we load from LDIF (and are loaded for the other cases for
consistency).

Also adapt callers to API changes needed for common parsing code

Andrew Bartlett

10 years agos4:dsdb Use the new flags to dsdb_module_search in schema_load
Andrew Bartlett [Mon, 16 Nov 2009 07:37:51 +0000 (18:37 +1100)]
s4:dsdb Use the new flags to dsdb_module_search in schema_load

This loads the defaultObjectCategory DN as an extended DN, so we can
apply it, with the associated GUID, when setting this on records in
the objectClass module.

Previously we would not store the extended DN components for
objectCategory.

Andrew Bartlett

10 years agos4:dsdb Break up 'parse a DN from DRSUAPI' into a subfunction
Andrew Bartlett [Mon, 16 Nov 2009 07:35:08 +0000 (18:35 +1100)]
s4:dsdb Break up 'parse a DN from DRSUAPI' into a subfunction

This should make it easier to call this function from the DRS schema
load code, rather than duplicate it.

(we may do the same with other functions in future).

Andrew Bartlett

10 years agos4:dsdb Add 'dsdb_flags' to dsdb_module_search() to enable often-used features
Andrew Bartlett [Mon, 16 Nov 2009 07:32:17 +0000 (18:32 +1100)]
s4:dsdb Add 'dsdb_flags' to dsdb_module_search() to enable often-used features

These flags, also on dsdb_module_search_dn() allow us to add commonly
set controls to this pre-packaged blocking search, without rebuilding
the whole function in each caller.

Andrew Bartlett

10 years agoDon't overwrite a dynamic pointer with the address of a stack
Jeremy Allison [Mon, 16 Nov 2009 22:55:21 +0000 (14:55 -0800)]
Don't overwrite a dynamic pointer with the address of a stack
variable.
Jeremy.

10 years agos4:SAMLDB module
Matthias Dieter Wallnöfer [Mon, 16 Nov 2009 16:57:50 +0000 (17:57 +0100)]
s4:SAMLDB module

- Add more "\n" to make sure that error messages are displayed immediately
- Add a "NULL" in a attribute list

10 years agoRevert "s4:dsdb/repl/replicated_objects - Applicate also here the new "lDAPDisplayNam...
Matthias Dieter Wallnöfer [Mon, 16 Nov 2009 16:01:43 +0000 (17:01 +0100)]
Revert "s4:dsdb/repl/replicated_objects - Applicate also here the new "lDAPDisplayName" generator"

This reverts commit df95d5c29292968b465bff24c3cf78800677a4d4.

abartlet pointed out in a post on the samba-technical list that this isn't
necessary at all (lDAPDisplayName normalisation algorithm). Rather it breaks
functionality of the replication.

10 years agoREADME.Coding: add section about usage of helper variables
Stefan Metzmacher [Mon, 16 Nov 2009 09:52:27 +0000 (10:52 +0100)]
README.Coding: add section about usage of helper variables

metze

10 years agoREADME.Coding: fix error in "good example"
Stefan Metzmacher [Mon, 16 Nov 2009 09:51:31 +0000 (10:51 +0100)]
README.Coding: fix error in "good example"

metze

10 years agos3:libsmb: avoid passing a function call as function parameter
Stefan Metzmacher [Mon, 16 Nov 2009 08:59:58 +0000 (09:59 +0100)]
s3:libsmb: avoid passing a function call as function parameter

Using a helper variable makes it easier to "step" into the desired function
within gdb.

metze

10 years agos4:dsdb LDB attribute lists must always be a static const char **.
Andrew Bartlett [Sun, 15 Nov 2009 23:19:42 +0000 (10:19 +1100)]
s4:dsdb LDB attribute lists must always be a static const char **.

(If they are not, then due to the async code, they will cause a segfault as they reference a reclaimed portion of the stack).

Andrew Bartlett

10 years agos4:provision - Removed dependency on full Samba 3 schema from FDS
Endi S. Dewata [Fri, 13 Nov 2009 15:58:20 +0000 (09:58 -0600)]
s4:provision - Removed dependency on full Samba 3 schema from FDS

10 years agoFixed some major bugs in inheritance and access checks.
Nadezhda Ivanova [Sun, 15 Nov 2009 20:31:44 +0000 (22:31 +0200)]
Fixed some major bugs in inheritance and access checks.

Fixed sd creation not working on LDAP modify.
Fixed incorrect replacement of CO and CG.
Fixed incorrect access check on modify for SD modification.
Fixed failing sec_descriptor test and enabled it.
Fixed failing sd add test in ldap.python

10 years agos3: Remove two more DFSG-nonfree text documents at release time. (Debian bug
Jelmer Vernooij [Sun, 15 Nov 2009 19:52:11 +0000 (20:52 +0100)]
s3: Remove two more DFSG-nonfree text documents at release time. (Debian bug

10 years agoFix writing corrupt registries because of hardcoded version string in IDL.
Wilco Baan Hofman [Thu, 15 Oct 2009 11:18:52 +0000 (13:18 +0200)]
Fix writing corrupt registries because of hardcoded version string in IDL.

Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
10 years agoFix NULL pointer dereference in libgpo when listing Local Policy which has no securit...
Wilco Baan Hofman [Sat, 10 Oct 2009 22:12:28 +0000 (00:12 +0200)]
Fix NULL pointer dereference in libgpo when listing Local Policy which has no security descriptor.

Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
10 years agoFix writing corrupt REG_SZ to the registry.
Wilco Baan Hofman [Sat, 10 Oct 2009 19:42:27 +0000 (21:42 +0200)]
Fix writing corrupt REG_SZ to the registry.

Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
10 years agoFix trailing garbage in the hbin block.
Wilco Baan Hofman [Thu, 8 Oct 2009 10:36:30 +0000 (12:36 +0200)]
Fix trailing garbage in the hbin block.

This specifically fixes a problem showing extra bytes of garbage in list and
print in regshell, even though the vk.data_length has the correct size.

Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
10 years agoAdded tests for descriptor inheritance on ldap modify.
Zahari Zahariev [Sun, 15 Nov 2009 17:26:02 +0000 (19:26 +0200)]
Added tests for descriptor inheritance on ldap modify.

Fixed some expected owners and groups.

Signed-off-by: Nadezhda Ivanova <nadezhda.ivanova@postpath.com>
10 years agoldb:python bindings - add a context on "py_ldb_delete"
Matthias Dieter Wallnöfer [Sun, 15 Nov 2009 13:23:32 +0000 (14:23 +0100)]
ldb:python bindings - add a context on "py_ldb_delete"

So the converted DN will be freed after usage.

10 years agos4:ldap.py - enhance schema addition test
Matthias Dieter Wallnöfer [Fri, 13 Nov 2009 21:31:53 +0000 (22:31 +0100)]
s4:ldap.py - enhance schema addition test

Don't add only a new objectclass but also a new attribute. Plus let now the
server itself calculate the "lDAPDisplayName" attribute and compare the result.

10 years agos4:dsdb/repl/replicated_objects - Applicate also here the new "lDAPDisplayName" generator
Matthias Dieter Wallnöfer [Sat, 14 Nov 2009 19:14:45 +0000 (20:14 +0100)]
s4:dsdb/repl/replicated_objects - Applicate also here the new "lDAPDisplayName" generator

Also here we've to be sure to generate the attribute correctly if it doesn't
exist yet.

10 years agos4:SAMLDB module - Add support for required and generated schema attributes
Andrew Bartlett [Thu, 24 Sep 2009 04:14:37 +0000 (21:14 -0700)]
s4:SAMLDB module - Add support for required and generated schema attributes

This missing support found by Microsoft test suite at AD interop event.

Patch by Andrew Bartlett
Enhancements by Matthias Dieter Wallnöfer

10 years agos4:samdb util - add a call for generating a correct "lDAPDisplayName"
Matthias Dieter Wallnöfer [Sat, 14 Nov 2009 19:12:42 +0000 (20:12 +0100)]
s4:samdb util - add a call for generating a correct "lDAPDisplayName"

This is needed for the SAMLDB module enhancement regarding schema objects.
The algorithm in pseudo code is located in MS-ADTS 3.1.1.2.3.4.

10 years agos3: Fix a memleak in sys_popen
Volker Lendecke [Sat, 14 Nov 2009 16:23:08 +0000 (17:23 +0100)]
s3: Fix a memleak in sys_popen

Found with "dfree command" set

10 years agos4:ldap.py - Deactivates some at the moment pointless test parts
Matthias Dieter Wallnöfer [Sat, 14 Nov 2009 20:56:59 +0000 (21:56 +0100)]
s4:ldap.py - Deactivates some at the moment pointless test parts

I think those parts should be deactivated since they're result set checks for
lookups which are commented out already.

10 years agoMention typedef struct in README.Coding
Volker Lendecke [Sat, 14 Nov 2009 11:55:41 +0000 (12:55 +0100)]
Mention typedef struct in README.Coding

10 years agos3: Add min_setup, min_param and min_data to cli_trans_recv
Volker Lendecke [Sat, 14 Nov 2009 10:12:50 +0000 (11:12 +0100)]
s3: Add min_setup, min_param and min_data to cli_trans_recv

Every caller that expects to receive something needs to check if enough was
sent. Make this check mandatory for everyone.

Yes, this makes the parameter list for cli_trans a bit silly, but that's just
the way it is: A silly protocol request :-)

While there, convert some _done functions to tevent_req_simple_finish_ntstatus.

10 years agoAttempt to fix the s4 build -- we can not use map_nt_error_from_unix in lib/
Volker Lendecke [Sat, 14 Nov 2009 10:32:00 +0000 (11:32 +0100)]
Attempt to fix the s4 build -- we can not use map_nt_error_from_unix in lib/

10 years agos3: Convert cli_set_unix_extensions_capabilities_send to async
Volker Lendecke [Fri, 13 Nov 2009 23:40:21 +0000 (00:40 +0100)]
s3: Convert cli_set_unix_extensions_capabilities_send to async

10 years agoIntroduce tevent_req_poll_ntstatus
Volker Lendecke [Sat, 14 Nov 2009 09:01:44 +0000 (10:01 +0100)]
Introduce tevent_req_poll_ntstatus

10 years agoIntroduce tevent_req_simple_finish_ntstatus
Volker Lendecke [Sat, 14 Nov 2009 08:38:20 +0000 (09:38 +0100)]
Introduce tevent_req_simple_finish_ntstatus

10 years agos3: Tiny logic simplification
Volker Lendecke [Thu, 12 Nov 2009 19:44:37 +0000 (20:44 +0100)]
s3: Tiny logic simplification

10 years agos4-drs: DsExecuteKCC() implementation
Erick Nascimento [Wed, 11 Nov 2009 20:25:13 +0000 (18:25 -0200)]
s4-drs: DsExecuteKCC() implementation

I implemented the DsExecuteKCC() handling code on kccsrv_execute_kcc().

Signed-off-by: Andrew Tridgell <tridge@samba.org>
10 years agopam_winbind: fix a printf type mismatch warning
Björn Jacke [Sat, 14 Nov 2009 00:52:49 +0000 (01:52 +0100)]
pam_winbind: fix a printf type mismatch warning

10 years agos3:fix a comment typo
Michael Adam [Sat, 14 Nov 2009 00:23:05 +0000 (01:23 +0100)]
s3:fix a comment typo

Michael

10 years agos3:is_trusted_domain: shortcut if domain name == global_sam_name
Michael Adam [Sat, 14 Nov 2009 00:21:42 +0000 (01:21 +0100)]
s3:is_trusted_domain: shortcut if domain name == global_sam_name

A domain can't have a trust with itself.
This saves some roundtrips to the ldap server for ldapsam.

Michael

10 years agos3:is_trusted_domain: shortcut if domain name is NULL or empty
Michael Adam [Sat, 14 Nov 2009 00:12:22 +0000 (01:12 +0100)]
s3:is_trusted_domain: shortcut if domain name is NULL or empty

This saves some roundtrips to LDAP in an ldapsm setup.

Michael