kai/samba.git
13 years agoFix bug #5713 by correcting the generated schema.
Andrew Bartlett [Tue, 9 Sep 2008 06:18:27 +0000 (16:18 +1000)]
Fix bug #5713 by correcting the generated schema.

This bug is entitled 'Schema patch breaks interoperability with
Microsoft MMC consoles.', and it does so very spectacularly.

The issue is that we would include an entry:
objectClasses: ( 2.5.6.0 NAME 'top' SUP top ABSTRACT..

The MMC Active Directory Users and Computers snap in presumably
objected to the 'loop' this would present. The fixed entry is:

objectClasses: ( 2.5.6.0 NAME 'top' ABSTRACT

Thanks to Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de> for his
persistance in getting me to look at this.

Andrew Bartlett

13 years agoMake it easier to see when tests start/end.
Jeremy Allison [Mon, 8 Sep 2008 21:58:58 +0000 (14:58 -0700)]
Make it easier to see when tests start/end.
Jeremy.

13 years agoBASE-DELAYWRITE: test behavior of SMBwrite truncate, writeX, SMBwrite truncate and...
Stefan Metzmacher [Mon, 8 Sep 2008 12:11:17 +0000 (14:11 +0200)]
BASE-DELAYWRITE: test behavior of SMBwrite truncate, writeX, SMBwrite truncate and writeX again

metze

13 years agoBASE-DELAYWRITE: test behavior of writeX, SMBwrite truncate, writeX and SMBwrite...
Stefan Metzmacher [Mon, 8 Sep 2008 11:59:51 +0000 (13:59 +0200)]
BASE-DELAYWRITE: test behavior of writeX, SMBwrite truncate, writeX and SMBwrite again

metze

13 years agoBASE-DELAYWRITE: demonstrate that a truncate write doesn't update the write time...
Stefan Metzmacher [Mon, 8 Sep 2008 10:27:43 +0000 (12:27 +0200)]
BASE-DELAYWRITE: demonstrate that a truncate write doesn't update the write time after SET_FILE_INFO

metze

13 years agoBASE-DELAYWRITE: demonstrate that the time between the open and the first write doesn...
Stefan Metzmacher [Mon, 8 Sep 2008 10:12:25 +0000 (12:12 +0200)]
BASE-DELAYWRITE: demonstrate that the time between the open and the first write doesn't matter

metze

13 years agoBASE-DELAYWRITE: test more details of the truncate write time update behavior
Stefan Metzmacher [Mon, 8 Sep 2008 06:31:34 +0000 (08:31 +0200)]
BASE-DELAYWRITE: test more details of the truncate write time update behavior

metze

13 years agoMake it clear that the MMR password can differ from the admin passsword
Andrew Bartlett [Mon, 8 Sep 2008 05:09:06 +0000 (15:09 +1000)]
Make it clear that the MMR password can differ from the admin passsword

In the future, we might simply randomly generate this, or allow the
admin to specify it seperate to the admin password.  However, both are
highly sensitive, as they imply read access to the krbtgt.

Andrew Bartlett

13 years agoUse DIGEST-MD5 authentication for OpenLDAP replication
Oliver Liebel [Mon, 8 Sep 2008 04:39:54 +0000 (14:39 +1000)]
Use DIGEST-MD5 authentication for OpenLDAP replication

This avoids passing rootdn passwords or replicated data in cleartext
across the network.

Signed-of-by: Andrew Bartlett <abartlet@samba.org>
13 years agoAdd definition for SYSTEM_FLAG_ATTR_IS_RDN
Andrew Bartlett [Mon, 8 Sep 2008 04:33:05 +0000 (14:33 +1000)]
Add definition for SYSTEM_FLAG_ATTR_IS_RDN

13 years agoMove blackbox.smbclient to test against the member server.
Andrew Bartlett [Mon, 8 Sep 2008 04:18:04 +0000 (14:18 +1000)]
Move blackbox.smbclient to test against the member server.

The DC is now using smb signing, so testing for the old SMB versions
won't work.

Add a new test script to check 'net join' independent of
blackbox.smbclient.

Andrew Bartlett

13 years agoMerge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into trusted-domains
Andrew Bartlett [Mon, 8 Sep 2008 02:54:13 +0000 (12:54 +1000)]
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into trusted-domains

13 years agoSimplfy SetSecrets behaviour in line with RPC-LSA and Win2008.
Andrew Bartlett [Mon, 8 Sep 2008 02:46:04 +0000 (12:46 +1000)]
Simplfy SetSecrets behaviour in line with RPC-LSA and Win2008.

13 years agoTry to implement the right logic for systemFlags
Andrew Bartlett [Mon, 8 Sep 2008 01:10:24 +0000 (11:10 +1000)]
Try to implement the right logic for systemFlags

The MS-ADTS document has quite detailed instrucitons on how these
flags should be processed.  This change also causes the correct
sign-wrapping to occour, as these are declared as signed integers.

Andrew Bartlett

13 years agoDon't expose passwords, even to the administrator.
Andrew Bartlett [Mon, 8 Sep 2008 01:09:02 +0000 (11:09 +1000)]
Don't expose passwords, even to the administrator.

This ensures they don't leak over LDAP, but does not prevent access,
as ldbsearch locally still bypasses these controls.

Andrew Bartlett

13 years agoMore work towards trusted domains support in Samba4's LSA
Andrew Bartlett [Mon, 8 Sep 2008 00:55:34 +0000 (10:55 +1000)]
More work towards trusted domains support in Samba4's LSA

Make 'lsar_CreateTrustedDomain' consistant with
lsar_CreateTrustedDomainEx{,2} by renaming handle -> policy_handle

Implement LSA server logic to create the cn=users trust account for
incoming trusts.

Andrew Bartlett

13 years agondr_compression: add XPRESS compression support
Stefan Metzmacher [Wed, 20 Aug 2008 20:12:51 +0000 (22:12 +0200)]
ndr_compression: add XPRESS compression support

metze

13 years agolzxpress: Import of lzxpress compression
Matthieu Suiche [Thu, 10 Jul 2008 09:31:43 +0000 (09:31 +0000)]
lzxpress: Import of lzxpress compression

Signed-off-by: Stefan Metzmacher <metze@samba.org>
13 years agondr_compression: fix the build after lzxpress_decompress() prototype change
Stefan Metzmacher [Sun, 7 Sep 2008 16:52:29 +0000 (18:52 +0200)]
ndr_compression: fix the build after lzxpress_decompress() prototype change

metze

13 years agolzxpress: fix for decompression...
Matthieu Suiche [Thu, 10 Jul 2008 09:31:43 +0000 (09:31 +0000)]
lzxpress: fix for decompression...

Signed-off-by: Stefan Metzmacher <metze@samba.org>
13 years agoAlways free tmp contexts before returning
Simo Sorce [Sat, 6 Sep 2008 16:31:50 +0000 (12:31 -0400)]
Always free tmp contexts before returning

13 years agozlib: we require zlib-1.2.3 or higher
Stefan Metzmacher [Sat, 6 Sep 2008 10:04:00 +0000 (12:04 +0200)]
zlib: we require zlib-1.2.3 or higher

metze

13 years agoRevert "zlib: add inflateReset2()..."
Stefan Metzmacher [Sat, 6 Sep 2008 08:58:53 +0000 (10:58 +0200)]
Revert "zlib: add inflateReset2()..."

This reverts commit 2a4fb661d7e3d601a5eb9ccecb4d4f2b07073097.

(we don't need inflateReset2 anymore)

metze

13 years agoRevert "zlib: we don't need the inflateReset2 prototype twice"
Stefan Metzmacher [Sat, 6 Sep 2008 08:57:33 +0000 (10:57 +0200)]
Revert "zlib: we don't need the inflateReset2 prototype twice"

This reverts commit 0dbbc287f65a51330c5309df5a96b3acd4d044d5.

(we don't need inflateReset2 anymore)

metze

13 years agondr_compression: change debug levels
Stefan Metzmacher [Sat, 6 Sep 2008 08:55:04 +0000 (10:55 +0200)]
ndr_compression: change debug levels

metze

13 years agondr_compression: use deflateReset() together with defalteSetDictionary()
Stefan Metzmacher [Sat, 6 Sep 2008 14:16:00 +0000 (16:16 +0200)]
ndr_compression: use deflateReset() together with defalteSetDictionary()

metze

13 years agondr_compression: use inflateReset() and inflateSetDictionary() instead of inflateReset2()
Stefan Metzmacher [Fri, 5 Sep 2008 18:18:07 +0000 (20:18 +0200)]
ndr_compression: use inflateReset() and inflateSetDictionary() instead of inflateReset2()

Now we can use an unmodified system zlib-1.2.3

metze

13 years agoDon't compare identity, it'll never be different.
Jeremy Allison [Sat, 6 Sep 2008 04:47:06 +0000 (21:47 -0700)]
Don't compare identity, it'll never be different.
Jeremy.

13 years agoRemove <tab> in OpenLDAP MMR config
Oliver Liebel [Sat, 6 Sep 2008 03:12:19 +0000 (13:12 +1000)]
Remove <tab> in OpenLDAP MMR config

Signed-of-by: Andrew Bartlett <abartlet@samba.org>
13 years agoMake SMB signing work with Windows 2008 and kerberos.
Andrew Bartlett [Fri, 5 Sep 2008 23:07:41 +0000 (09:07 +1000)]
Make SMB signing work with Windows 2008 and kerberos.

Pinched from b53e6387e30010509034835acf88b91b380ff44a by metze.

Andrew Bartlett

13 years agoAdded tests that show that write time update is immediate
Jeremy Allison [Fri, 5 Sep 2008 21:24:36 +0000 (14:24 -0700)]
Added tests that show that write time update is immediate
when changing file size using SMBwrite of size zero,
SET_END_OF_FILE, or SET_ALLOCATION_SIZE - no 2 second
delay in these cases.
Jeremy.

13 years agoAdd a new error code
Andrew Bartlett [Fri, 5 Sep 2008 06:46:12 +0000 (16:46 +1000)]
Add a new error code

13 years agoUpdate copyright
Andrew Bartlett [Fri, 5 Sep 2008 06:45:58 +0000 (16:45 +1000)]
Update copyright

13 years agoUpdate copyright, I've been working here many long years...
Andrew Bartlett [Fri, 5 Sep 2008 06:45:37 +0000 (16:45 +1000)]
Update copyright, I've been working here many long years...

13 years agoMove our DC to implement mandetory signing.
Andrew Bartlett [Fri, 5 Sep 2008 06:45:10 +0000 (16:45 +1000)]
Move our DC to implement mandetory signing.

(this does not change the file server role, and only really changes
what 'server signing = auto' means)

Optional signing really isn't any benifit to network security.

In doing so, allow anonymous clients (if permitted by policy) to log
in without signing, as Samba3 does not sign these connections (which
would use an all-zero key, so pointless).

Andrew Bartlett

13 years agoWith a windows 2008 client, even anonymous requires signing...
Andrew Bartlett [Fri, 5 Sep 2008 06:24:44 +0000 (16:24 +1000)]
With a windows 2008 client, even anonymous requires signing...

Andrew Bartlett

13 years agoMore work to implement LSA CreateTrustedDomainEx2
Andrew Bartlett [Thu, 4 Sep 2008 06:06:38 +0000 (16:06 +1000)]
More work to implement LSA CreateTrustedDomainEx2

We still don't get the format inside the encrypted blob correct
however.

Andrew Bartlett

13 years agoMerge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into v4-0-test
Andrew Tridgell [Thu, 4 Sep 2008 02:49:29 +0000 (12:49 +1000)]
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into v4-0-test

13 years agoMerge commit 'origin/v4-0-test' into trusted-domains
Andrew Bartlett [Thu, 4 Sep 2008 01:32:32 +0000 (11:32 +1000)]
Merge commit 'origin/v4-0-test' into trusted-domains

13 years agoRegenerate SWIG file.
Jelmer Vernooij [Wed, 3 Sep 2008 20:55:24 +0000 (22:55 +0200)]
Regenerate SWIG file.

13 years agoAvoid using version call for version string.
Jelmer Vernooij [Wed, 3 Sep 2008 20:29:53 +0000 (22:29 +0200)]
Avoid using version call for version string.

13 years agoAllow overriding shared library policy using environment variable.
Jelmer Vernooij [Wed, 3 Sep 2008 20:26:02 +0000 (22:26 +0200)]
Allow overriding shared library policy using environment variable.

13 years agoFix embedding of Samba 4.
Jelmer Vernooij [Wed, 3 Sep 2008 12:10:35 +0000 (14:10 +0200)]
Fix embedding of Samba 4.

13 years agoMerge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartlet
Andrew Bartlett [Wed, 3 Sep 2008 05:34:44 +0000 (15:34 +1000)]
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartlet

13 years agoImplement NETLOGON PAC verfication on the server-side
Andrew Bartlett [Wed, 3 Sep 2008 05:30:17 +0000 (15:30 +1000)]
Implement NETLOGON PAC verfication on the server-side

This is implemented by means of a message to the KDC, to avoid having
to link most of the KDC into netlogon.

Andrew Bartlett

13 years agoMerge krb5_cksumtype_to_enctype from Heimdal svn -r 23719
Andrew Bartlett [Wed, 3 Sep 2008 04:20:30 +0000 (14:20 +1000)]
Merge krb5_cksumtype_to_enctype from Heimdal svn -r 23719

13 years agoTest a few more error cases in RPC-PAC
Andrew Bartlett [Wed, 3 Sep 2008 04:19:16 +0000 (14:19 +1000)]
Test a few more error cases in RPC-PAC

13 years agoStart testing CreateTrustedDomainEx2
Andrew Bartlett [Tue, 2 Sep 2008 01:31:46 +0000 (11:31 +1000)]
Start testing CreateTrustedDomainEx2

Andrew Bartlett

13 years agoShare IDL between the LSA and drsblob representations of trusts
Andrew Bartlett [Tue, 2 Sep 2008 01:31:17 +0000 (11:31 +1000)]
Share IDL between the LSA and drsblob representations of trusts

13 years agoFollow MS-LSAD 3.1.4.7.12 and set defaults when creating a trust.
Andrew Bartlett [Mon, 1 Sep 2008 04:43:00 +0000 (14:43 +1000)]
Follow MS-LSAD 3.1.4.7.12 and set defaults when creating a trust.

Also check we get the defaults correct with a query in the torture
suite.

Andrew Bartlett

13 years agoMerge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into v4-0-test
Andrew Tridgell [Fri, 29 Aug 2008 21:38:02 +0000 (07:38 +1000)]
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into v4-0-test

13 years agoAdd a setexpiry operation in samdb.py
Andrew Tridgell [Fri, 29 Aug 2008 21:32:44 +0000 (07:32 +1000)]
Add a setexpiry operation in samdb.py

This makes it easy to set the expiry (or no expiry) for a samdb user

13 years agoadded a simple script for setting password expiry
Andrew Tridgell [Fri, 29 Aug 2008 21:23:06 +0000 (07:23 +1000)]
added a simple script for setting password expiry

13 years agoStart implementing the server-sde NETLOGON PAC verification.
Andrew Bartlett [Fri, 29 Aug 2008 08:05:06 +0000 (18:05 +1000)]
Start implementing the server-sde NETLOGON PAC verification.

13 years agoIt turns out that the Netlogon PAC verification is encrypted.
Andrew Bartlett [Fri, 29 Aug 2008 05:06:30 +0000 (15:06 +1000)]
It turns out that the Netlogon PAC verification is encrypted.

This test now passes against Win2k3, and a implementation in the
Samba4 server should follow shortly.

Andrew Bartlett

13 years agoUpdate packaging per suggestions on the review
Andrew Bartlett [Fri, 29 Aug 2008 03:01:52 +0000 (13:01 +1000)]
Update packaging per suggestions on the review

Also make the build more C++ friendly with a patch from Brad Hards.

Andrew Bartlett

13 years agoFurther rework the RPC-PAC test.
Andrew Bartlett [Thu, 28 Aug 2008 06:30:17 +0000 (16:30 +1000)]
Further rework the RPC-PAC test.

This would seem to match the documentation requirements for the PAC
verfication over NETLOGON, but I can't get Win2k3 to accept it so far.

Andrew Bartlett

13 years agoHeimdal provides Kerberos PAC parsing routines. Use them.
Andrew Bartlett [Thu, 28 Aug 2008 06:28:47 +0000 (16:28 +1000)]
Heimdal provides Kerberos PAC parsing routines.  Use them.

This uses Heimdal's PAC parsing code in the:
 - LOCAL-PAC test
 - gensec_gssapi server
 - KDC (where is was already used, the support code refactored from here)

In addition, the service and KDC checksums are recorded in the struct
auth_serversupplied_info, allowing them to be extracted for validation
across NETLOGON.

Andrew Bartlett

13 years agoDon't wipe the PAC checksums, the caller may actually need them.
Andrew Bartlett [Thu, 28 Aug 2008 06:19:16 +0000 (16:19 +1000)]
Don't wipe the PAC checksums, the caller may actually need them.

13 years agoAdd missing file - netlogon.h
Andrew Bartlett [Wed, 27 Aug 2008 12:26:25 +0000 (22:26 +1000)]
Add missing file - netlogon.h

This file allows the remote_pac.c code to call into netlogon.c's setup
credentials code.

Andrew Bartlett

13 years agoAdd a test to explore Netlogon PAC validation
Andrew Bartlett [Wed, 27 Aug 2008 11:36:27 +0000 (21:36 +1000)]
Add a test to explore Netlogon PAC validation

However, I have still not figured out this protocol yet, and the docs
are rather unclear... :-(

Andrew Bartlett

13 years agoPut the internal gensec_gssapi state into a header.
Andrew Bartlett [Wed, 27 Aug 2008 06:24:05 +0000 (16:24 +1000)]
Put the internal gensec_gssapi state into a header.

This will allow a torture suite to inspect some otherwise internal
details.

Andrew Bartlett

13 years agoFix the build on Win32, and use NEGOTIATE security (to allow kerberos)
Andrew Bartlett [Wed, 27 Aug 2008 06:22:45 +0000 (16:22 +1000)]
Fix the build on Win32, and use NEGOTIATE security (to allow kerberos)

13 years agoMerge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into pac-verify
Andrew Bartlett [Wed, 27 Aug 2008 01:01:55 +0000 (11:01 +1000)]
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into pac-verify

13 years agoAdd definition for NT_STATUS_DOWNGRADE_DETECTED
Andrew Bartlett [Wed, 27 Aug 2008 00:29:54 +0000 (10:29 +1000)]
Add definition for NT_STATUS_DOWNGRADE_DETECTED

13 years agoheimdal: add missing heimdal/lib/hcrypto/{evp-aes-cts.c,evp-hcrypto.c}, sorry...
Stefan Metzmacher [Tue, 26 Aug 2008 19:36:09 +0000 (21:36 +0200)]
heimdal: add missing heimdal/lib/hcrypto/{evp-aes-cts.c,evp-hcrypto.c}, sorry...

metze

13 years agoheimdal_build: include heimdal's new EVP code to fix the build
Stefan Metzmacher [Tue, 26 Aug 2008 09:31:57 +0000 (11:31 +0200)]
heimdal_build: include heimdal's new EVP code to fix the build

metze

13 years agoheimdal: import heimdal's trunk svn rev 23697 + lorikeet-heimdal patches
Stefan Metzmacher [Tue, 26 Aug 2008 17:35:52 +0000 (19:35 +0200)]
heimdal: import heimdal's trunk svn rev 23697 + lorikeet-heimdal patches

This is based on f56a3b1846c7d462542f2e9527f4d0ed8a34748d in my heimdal-wip repo.

metze

13 years agoheimdal_build: fix parse.h lex.c dependencies
Stefan Metzmacher [Tue, 26 Aug 2008 17:33:23 +0000 (19:33 +0200)]
heimdal_build: fix parse.h lex.c dependencies

metze

13 years agoheimdal_build: autogenerate the heimdal private/proto headers
Stefan Metzmacher [Tue, 26 Aug 2008 09:20:54 +0000 (11:20 +0200)]
heimdal_build: autogenerate the heimdal private/proto headers

Now it's possible to just use a plain heimdal tree in source/heimdal/
without any pregenerated files.

metze

13 years agoheimdal_build: autogenerate table files in heimdal/lib/wind/
Stefan Metzmacher [Tue, 26 Aug 2008 09:22:17 +0000 (11:22 +0200)]
heimdal_build: autogenerate table files in heimdal/lib/wind/

metze

13 years agoheimdal_build: autogenerate heimdal/lib/roken/roken.h
Stefan Metzmacher [Tue, 26 Aug 2008 08:49:40 +0000 (10:49 +0200)]
heimdal_build: autogenerate heimdal/lib/roken/roken.h

metze

13 years agoheimdal_build: add fallback for AC_WARNING_ENABLE()
Stefan Metzmacher [Tue, 26 Aug 2008 09:29:33 +0000 (11:29 +0200)]
heimdal_build: add fallback for AC_WARNING_ENABLE()

metze

13 years agoheimdal: remove unused old files
Stefan Metzmacher [Tue, 26 Aug 2008 09:25:10 +0000 (11:25 +0200)]
heimdal: remove unused old files

metze

13 years agoheimdal_build: split heimdal/lib/asn1 file lists
Stefan Metzmacher [Tue, 26 Aug 2008 13:30:18 +0000 (15:30 +0200)]
heimdal_build: split heimdal/lib/asn1 file lists

metze

13 years agoheimdal_build: split handwritten and generated hx509 file lists
Stefan Metzmacher [Tue, 26 Aug 2008 09:57:29 +0000 (11:57 +0200)]
heimdal_build: split handwritten and generated hx509 file lists

metze

13 years agoheimdal_build: split out gssapi_spnego and gssapi_krb5 file lists
Stefan Metzmacher [Tue, 26 Aug 2008 09:56:37 +0000 (11:56 +0200)]
heimdal_build: split out gssapi_spnego and gssapi_krb5 file lists

metze

13 years agoheimdal_build: add a fake sqlite keytab implementation
Stefan Metzmacher [Tue, 26 Aug 2008 10:19:52 +0000 (12:19 +0200)]
heimdal_build: add a fake sqlite keytab implementation

This remove a difference against lorikeet-heimdal.

metze

13 years agoheimdal_build: split glue.c into krb5 and gssapi parts
Stefan Metzmacher [Tue, 26 Aug 2008 09:42:13 +0000 (11:42 +0200)]
heimdal_build: split glue.c into krb5 and gssapi parts

metze

13 years agokdc: move references to heimdal internals into heimdal_build/kpasswd-glue.h
Stefan Metzmacher [Mon, 25 Aug 2008 14:12:42 +0000 (16:12 +0200)]
kdc: move references to heimdal internals into heimdal_build/kpasswd-glue.h

metze

13 years agoRevert "gsskrb5: add support for DCE_STYLE and des and des3 keys"
Stefan Metzmacher [Tue, 26 Aug 2008 10:25:54 +0000 (12:25 +0200)]
Revert "gsskrb5: add support for DCE_STYLE and des and des3 keys"

This reverts commit 86848dd0f217774faed81af8fbf68618013e20a1.

This should come back via a merge from heimdal's trunk later.

metze

13 years agoRevert "gsskrb5: always return an acceptor subkey"
Stefan Metzmacher [Tue, 26 Aug 2008 10:23:13 +0000 (12:23 +0200)]
Revert "gsskrb5: always return an acceptor subkey"

This reverts commit 6a8b07c39558f240b89e833ecba15d8b9fc020e8.

This isn't strictly needed and will come back in the next merge
from heimdal's trunk.

metze

13 years agobuild: generate :: rules for automatic dependencies
Stefan Metzmacher [Tue, 26 Aug 2008 08:32:28 +0000 (10:32 +0200)]
build: generate :: rules for automatic dependencies

metze

13 years agoMerge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into pac-verify
Andrew Bartlett [Tue, 26 Aug 2008 06:28:59 +0000 (16:28 +1000)]
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into pac-verify

13 years agoMerge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartlet
Andrew Bartlett [Tue, 26 Aug 2008 06:27:10 +0000 (16:27 +1000)]
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartlet

13 years agoDon't use lsa_Delete any more, as smbd now refuses it.
Andrew Bartlett [Tue, 26 Aug 2008 06:26:46 +0000 (16:26 +1000)]
Don't use lsa_Delete any more, as smbd now refuses it.

13 years agoMerge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into pac-verify
Andrew Bartlett [Tue, 26 Aug 2008 06:26:08 +0000 (16:26 +1000)]
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into pac-verify

13 years agoMore LSA server and testuite work.
Andrew Bartlett [Tue, 26 Aug 2008 02:18:26 +0000 (12:18 +1000)]
More LSA server and testuite work.

 - Implement QueryDomainInformationPolicy in Samba4

 - Allow RPC-LSA to pass against Windows 2008 (which does not allow
   the Audit privilage to be removed)

Andrew Bartlett

13 years agoMake RPC-LSA test deterministic with an msleep(200).
Andrew Bartlett [Tue, 26 Aug 2008 00:56:16 +0000 (10:56 +1000)]
Make RPC-LSA test deterministic with an msleep(200).

13 years agoImplement matching logic to Windows 2008 on handling of secrets.
Andrew Bartlett [Tue, 26 Aug 2008 00:33:41 +0000 (10:33 +1000)]
Implement matching logic to Windows 2008 on handling of secrets.

This is enforced by the new RPC-LSA test.

Andrew Bartlett

13 years agoFix LSA server to pass more of RPC-LSA and match Windows 2008
Andrew Bartlett [Tue, 26 Aug 2008 00:32:49 +0000 (10:32 +1000)]
Fix LSA server to pass more of RPC-LSA and match Windows 2008

This fixes some info levels in the QueryTrustedDomainInfo call, and
changes from implementing lsa_Delete to lsa_DeleteObject (which has an
explicit close and reutrns a NULL handle).

Andrew Bartlett

13 years agoOnly allow the trust in the correct direction (per the flags).
Andrew Bartlett [Tue, 26 Aug 2008 00:27:00 +0000 (10:27 +1000)]
Only allow the trust in the correct direction (per the flags).

13 years agoUpdate RPC-LSA to (almost) pass against Windows 2008.
Andrew Bartlett [Mon, 25 Aug 2008 23:49:54 +0000 (09:49 +1000)]
Update RPC-LSA to (almost) pass against Windows 2008.

13 years agoMerge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-local
Andrew Bartlett [Sun, 24 Aug 2008 22:27:06 +0000 (08:27 +1000)]
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-local

13 years agofixed the data in SAVEFILE op in RAW-OFFLINE
Andrew Tridgell [Sun, 24 Aug 2008 07:42:29 +0000 (17:42 +1000)]
fixed the data in SAVEFILE op in RAW-OFFLINE

13 years agoshow the bad data in RAW-OFFLINE
Andrew Tridgell [Sun, 24 Aug 2008 07:38:43 +0000 (17:38 +1000)]
show the bad data in RAW-OFFLINE

also show the worst case latencies so far, matching tsm_torture

13 years agodon't use zero data for the first file in RAW-OFFLINE
Andrew Tridgell [Sat, 23 Aug 2008 01:54:02 +0000 (11:54 +1000)]
don't use zero data for the first file in RAW-OFFLINE

the most likely bugs in HSM involve zero data, due to the
dm_punch_hole() request

13 years agodisable the anr== tests until they are understood
Andrew Tridgell [Fri, 22 Aug 2008 11:54:21 +0000 (21:54 +1000)]
disable the anr== tests until they are understood

13 years agonow that ldap integers are 32 bit, we need to put the right 32 bit
Andrew Tridgell [Fri, 22 Aug 2008 11:26:32 +0000 (21:26 +1000)]
now that ldap integers are 32 bit, we need to put the right 32 bit
value in for group type to avoid sign extension, otherwise we don't
find the builtin groups

13 years agofixed the DomainDNS searches in the netlogon code
Andrew Tridgell [Fri, 22 Aug 2008 10:50:07 +0000 (20:50 +1000)]
fixed the DomainDNS searches in the netlogon code