Stefan Metzmacher [Mon, 16 Aug 2010 08:07:24 +0000 (10:07 +0200)]
pidl:Samba4/NDR/Client.pm: correctly copy fixed size out arrays
metze
Matthias Dieter Wallnöfer [Sun, 15 Aug 2010 17:45:29 +0000 (19:45 +0200)]
s4:samdb_set_password - fix formatting
(Sorry, I've overseen this)
Matthias Dieter Wallnöfer [Sun, 15 Aug 2010 16:19:52 +0000 (18:19 +0200)]
s4:passwords.py - proof the most important extended error codes
Matthias Dieter Wallnöfer [Sun, 15 Aug 2010 16:05:29 +0000 (18:05 +0200)]
s4:samdb_set_password - implement the extended LDAP error code detection
Matthias Dieter Wallnöfer [Sun, 15 Aug 2010 15:38:47 +0000 (17:38 +0200)]
s4:password_hash LDB module - introduce the extended LDAP error codes on the important failure cases
Matthias Dieter Wallnöfer [Sun, 15 Aug 2010 08:20:48 +0000 (10:20 +0200)]
s4:password_hash LDB module - support this new password set syntax
Matthias Dieter Wallnöfer [Sun, 15 Aug 2010 08:02:43 +0000 (10:02 +0200)]
s4:passwords.py - another special password test
This looks like a password change but it's rather a password set operation.
Matthias Dieter Wallnöfer [Sun, 15 Aug 2010 07:36:25 +0000 (09:36 +0200)]
s4:password_hash LDB module - allow to compare against both NT and LM hashes on password change operations
This is to match the SAMR password change behaviour.
Matthias Dieter Wallnöfer [Sun, 15 Aug 2010 16:45:09 +0000 (18:45 +0200)]
s4:ldap_backend.c - Windows returns WERROR codes in majuscule HEX format
Matthias Dieter Wallnöfer [Sun, 15 Aug 2010 07:25:58 +0000 (09:25 +0200)]
s4:ldap_backend.c - map error codes - add a change which allows custom WERROR codes
This is strictly needed by my recent passwords work, since I want to remove
most of the password change stuff in "samr_password.c". Since AD gives us
CONSTRAINT_VIOLATION on all change problems I cannot distinguish on the SAMR
level which the real cause was about. Therefore I need the extended WERROR codes
here.
Volker Lendecke [Sun, 15 Aug 2010 12:56:19 +0000 (14:56 +0200)]
s3: Remove some unused code
Andreas Schneider [Sun, 15 Aug 2010 11:17:36 +0000 (13:17 +0200)]
s3-test: Try to fix the build farm subunit parsing.
Volker Lendecke [Sun, 15 Aug 2010 07:48:53 +0000 (09:48 +0200)]
s3: Increase debug level for shutdown_other_smbds
Volker Lendecke [Sun, 15 Aug 2010 07:48:19 +0000 (09:48 +0200)]
s3: Add debugs to shutdown_other_smbds
Volker Lendecke [Sun, 15 Aug 2010 07:43:56 +0000 (09:43 +0200)]
s3: Fix a typo
Matthias Dieter Wallnöfer [Sun, 15 Aug 2010 07:24:22 +0000 (09:24 +0200)]
s4:subtree_rename.c - relax the checks when requested
(Needed by upgradeprovision for example)
Kamen Mazdrashki [Tue, 10 Aug 2010 22:54:05 +0000 (01:54 +0300)]
s4-test: Add drs.rpc.msDSIntId test to knownfail tests
Kamen Mazdrashki [Fri, 13 Aug 2010 20:42:34 +0000 (23:42 +0300)]
s4-test: Run all DRS-RPC.* tests in ncacn_ip_tcp_tests tests group
Andrew, please check.
Kamen Mazdrashki [Fri, 13 Aug 2010 19:30:39 +0000 (22:30 +0300)]
s4-drs-test: Make the two DRS test suite a top-level test suites
so that test cases gets visible with "smbtorture --list"
Matthias Dieter Wallnöfer [Sat, 14 Aug 2010 17:44:58 +0000 (19:44 +0200)]
s4:ldap_backend.c - fix a DS error code after WERROR change
Matthias Dieter Wallnöfer [Sat, 14 Aug 2010 17:41:46 +0000 (19:41 +0200)]
werror.h - fix order and duplicate DS error codes
Matthias Dieter Wallnöfer [Sat, 14 Aug 2010 16:47:15 +0000 (18:47 +0200)]
s4:libnet - free the "c" context also on error conditions
(and if it's NULL then "talloc_free" does ignore it)
Matthias Dieter Wallnöfer [Sat, 14 Aug 2010 16:36:49 +0000 (18:36 +0200)]
talloc:documentation - explain that "talloc_free" works also with "NULL" pointers
(talloc.c)
...
> static inline int _talloc_free_internal(void *ptr, const char *location)
> {
> struct talloc_chunk *tc;
>
> if (unlikely(ptr == NULL)) {
> return -1;
> }
>
> tc = talloc_chunk_from_ptr(ptr);
...
Obviously this never had been documented before.
Matthias Dieter Wallnöfer [Sat, 14 Aug 2010 15:11:40 +0000 (17:11 +0200)]
s4:samdb_set_password - return "NT_STATUS_WRONG_PASSWORD" when a user account doesn't exist
This is for the (SAMR) account detection protection mechanism.
Matthias Dieter Wallnöfer [Sat, 14 Aug 2010 15:10:59 +0000 (17:10 +0200)]
s4:password_hash LDB module - improve an error message
Matthias Dieter Wallnöfer [Sat, 14 Aug 2010 09:51:47 +0000 (11:51 +0200)]
s4:password_hash LDB module - implement the SAMR behaviour when checking old passwords
Sooner or later this module should take over all password change actions.
Matthias Dieter Wallnöfer [Sat, 14 Aug 2010 09:19:29 +0000 (11:19 +0200)]
s4:password_hash LDB module - fix wrong error codes
To match the passwords.py test
Matthias Dieter Wallnöfer [Sat, 14 Aug 2010 09:59:47 +0000 (11:59 +0200)]
s4:passwords.py - test the error code when there doesn't exist any password yet
After the creation of a user object we don't have any password yet.
Matthias Dieter Wallnöfer [Sat, 14 Aug 2010 08:46:38 +0000 (10:46 +0200)]
s4:passwords.py - perform testing of wrong old passwords on change operations
Matthias Dieter Wallnöfer [Sat, 14 Aug 2010 09:19:53 +0000 (11:19 +0200)]
s4:torture/rpc/samr.c - fix a wrong torture error message
Volker Lendecke [Sat, 14 Aug 2010 10:23:13 +0000 (12:23 +0200)]
s3: Remove a conn NULL check from claim_connection
We've already dereferenced conn before
Volker Lendecke [Sat, 14 Aug 2010 08:06:55 +0000 (10:06 +0200)]
s3: Fix an uninitialized variable
Andrew Bartlett [Tue, 4 May 2010 13:44:50 +0000 (23:44 +1000)]
s3:auth Add error paths for invalid password_state values
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Andrew Bartlett [Mon, 17 May 2010 09:04:31 +0000 (19:04 +1000)]
s3:auth Change winbindd -> auth interface to more standard structures
This removes conversions to and from the source3 varient of the
server_info structure when replaced in s3compat, and presents a tidier
interface to winbindd in any case.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Andrew Bartlett [Mon, 17 May 2010 08:10:13 +0000 (18:10 +1000)]
s3:auth Change 'make_user_info' to be talloc based
This is an ideal candidate, as it already uses a free function. It
now uses talloc destructors to clear the passwords if required.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Andrew Bartlett [Tue, 1 Jun 2010 11:53:42 +0000 (21:53 +1000)]
s3:auth Whitespace fixes after auth merge
Andrew Bartlett [Tue, 1 Jun 2010 11:52:01 +0000 (21:52 +1000)]
s3:auth Make Samba3 use the new common struct auth_usersupplied_info
This common structure will make it much easier to produce an auth
module for s3compat that calls Samba4's auth subsystem.
In order the make the link work properly (and not map twice), we mark
both that we did try and map the user, as well as if we changed the
user during the mapping.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Andrew Bartlett [Tue, 4 May 2010 06:44:08 +0000 (16:44 +1000)]
s4:auth Move struct auth_usersupplied_info to a common location
This also changes the calling convention slightly - we should always
allocate this with talloc_zero() to allow some elements to be
optional. Some elements may only make sense in Samba3, which I hope
will use this common structure.
Andrew Bartlett
Andrew Tridgell [Mon, 9 Aug 2010 06:39:13 +0000 (16:39 +1000)]
waf: enable gccdeps in developer mode
there are some bugs in the waf builtin preproc this that avoids
Andrew Tridgell [Mon, 9 Aug 2010 06:38:33 +0000 (16:38 +1000)]
s4-build: fixed library name in dcerpc_server.pc.in
Thanks to Metze for spotting this
Andrew Tridgell [Mon, 9 Aug 2010 06:37:52 +0000 (16:37 +1000)]
ndr: allow ndr_print to print DATA_BLOB
this prints DATA_BLOB structures using the ndr->print() calls
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Mon, 9 Aug 2010 06:36:50 +0000 (16:36 +1000)]
dnsp: dnsp_name is 2 byte aligned
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Michael Adam [Fri, 13 Aug 2010 15:26:36 +0000 (17:26 +0200)]
s3:idmap: fix sid_to_unixid for builtin and own domain.
The old idmap code created a new mapping if asking the backends failed.
Now with the new layering, if passdb (which is used for our own domain
and builtin), then we need to continue and ask the backends, giving
tdb or whatever the default backend is a chance to create a mapping.
Michael Adam [Fri, 13 Aug 2010 14:15:38 +0000 (16:15 +0200)]
s3:idmap: fix spacing/indentation
Michael Adam [Wed, 23 Jun 2010 10:02:31 +0000 (12:02 +0200)]
s3:idmap_ldap: use idmap_rw_new_mapping in idmap_ldap_new_mapping
Michael Adam [Wed, 23 Jun 2010 10:18:35 +0000 (12:18 +0200)]
s3:idmap_ldap: add idmap_rw_ops to idmap_ldap_context and init in db_init()
Michael Adam [Wed, 23 Jun 2010 10:02:31 +0000 (12:02 +0200)]
s3:idmap_tdb: use idmap_rw_new_mapping in idmap_tdb_new_mapping
Michael Adam [Wed, 23 Jun 2010 10:12:37 +0000 (12:12 +0200)]
s3:idmap_tdb: add idmap_rw_ops to idmap_tdb_context and initialize them in init_db
Michael Adam [Wed, 23 Jun 2010 10:02:31 +0000 (12:02 +0200)]
s3:idmap_tdb2: use idmap_rw_new_mapping in idmap_tdb2_new_mapping
Michael Adam [Wed, 23 Jun 2010 10:01:47 +0000 (12:01 +0200)]
s3:idmap_tdb2: add rw_ops to idmap_tdb2_context and initialize in idmap_tdb2_db_init
Michael Adam [Mon, 31 May 2010 15:12:32 +0000 (17:12 +0200)]
s3:idmap: add abstract idmap_rw new_mapping mechanism without registering backends
Michael Adam [Tue, 22 Jun 2010 12:13:55 +0000 (14:13 +0200)]
s3:idmap_ad: untangle two assignments from checks
Michael Adam [Tue, 22 Jun 2010 12:12:14 +0000 (14:12 +0200)]
s3:idmap_ad: remove unused filter_low_id and filter_high_id from idmap_ad_context
The filter range from the idmap_domain is used now.
Michael Adam [Tue, 22 Jun 2010 12:09:57 +0000 (14:09 +0200)]
s3:idmap_ad: use range from idmap_domain in idmap_ad_sids_to_unixids()
Michael Adam [Tue, 22 Jun 2010 11:13:57 +0000 (13:13 +0200)]
s3:idmap_ad: use range from idmap_domain in idmap_ad_unixids_to_sids()
Michael Adam [Tue, 22 Jun 2010 10:47:41 +0000 (12:47 +0200)]
s3:idmap_rid: remove a comment that does not apply in that place.
Probably got copied from a different location.
Michael Adam [Tue, 22 Jun 2010 10:44:22 +0000 (12:44 +0200)]
s3:idmap_rid: remove unused domain_name from the idmap_rid_context.
Michael Adam [Tue, 22 Jun 2010 10:42:52 +0000 (12:42 +0200)]
s3:idmap_rid: remove range from idmap_rid_context()
Now, the idmap_domain range that is centrally parsed is used.
Michael Adam [Tue, 22 Jun 2010 10:42:06 +0000 (12:42 +0200)]
s3:idmap_rid: use range from idmap_domain in idmap_rid_sid_to_id()
Michael Adam [Tue, 22 Jun 2010 10:38:19 +0000 (12:38 +0200)]
s3:idmap_rid: use ranges from idmap_domain struct in idmap_rid_id_to_sid()
Michael Adam [Tue, 22 Jun 2010 10:32:35 +0000 (12:32 +0200)]
s3:idmap_rid: remove unused talloc context var from idmap_rid_sids_to_unixids()
Michael Adam [Tue, 22 Jun 2010 10:31:41 +0000 (12:31 +0200)]
s3:idmap_rid: remove unused talloc context arg from idmap_rid_sid_to_id()
Michael Adam [Tue, 22 Jun 2010 10:30:58 +0000 (12:30 +0200)]
s3:idmap_rid: remove unused talloc context var from idmap_rid_unixids_to_sids()
Michael Adam [Tue, 22 Jun 2010 10:29:57 +0000 (12:29 +0200)]
s3:idmap_rid: remove unused talloc ctx argument from idmap_rid_id_to_sid()
Michael Adam [Mon, 21 Jun 2010 15:28:37 +0000 (17:28 +0200)]
s3:idmap_rid: untangle assignment from check in idmap_rid_initialize()
Michael Adam [Wed, 23 Jun 2010 10:39:59 +0000 (12:39 +0200)]
s3:idmap_ldap: add my (C)
Michael Adam [Thu, 17 Jun 2010 19:55:02 +0000 (21:55 +0200)]
s3:idmap_ldap: create mappings for unmapped sids in idmap_ldap_sids_to_unixids()
Michael Adam [Thu, 17 Jun 2010 18:19:46 +0000 (20:19 +0200)]
s3:idmap_ldap: add a idmap_ldap_new_mapping().
High level function to create a new mapping for an unmapped sid.
This builds logic that used to reside in the top level idmap code
in the backend.
Michael Adam [Thu, 17 Jun 2010 18:18:27 +0000 (20:18 +0200)]
s3:idmap_ldap: add idmap_ldap_get_new_id() to allocate a new id given a domain
Currently this only works with the default domain, calling out
to idmap_ldap_allocate_id(). In the future this will be extended
to also work for non-default domains.
Michael Adam [Thu, 17 Jun 2010 18:15:25 +0000 (20:15 +0200)]
s3:idmap_ldap: move idmap_ldap_set_mapping() further up.
Michael Adam [Thu, 17 Jun 2010 17:45:39 +0000 (19:45 +0200)]
s3:idmap_ldap: make idmap_ldap_alloc_context a member of idmap_ldap_context
this hides this beneath the idmap structure and removes a global variable
Michael Adam [Thu, 17 Jun 2010 17:17:48 +0000 (19:17 +0200)]
s3:idmap_ldap: call idmap_ldap_alloc_init from idmap_ldap_init.
The alloc subsystem is now subordinate to the idmap system.
Michael Adam [Thu, 17 Jun 2010 17:03:46 +0000 (19:03 +0200)]
s3:idmap_ldap: remove the (now unused) range from idmap_ldap_alloc_context
Michael Adam [Thu, 17 Jun 2010 17:03:12 +0000 (19:03 +0200)]
s3:idmap_ldap: use ranges from idmap domain in idmap_ldap_allocate_id()
Second step in removing the idmap range from the idmap_ldap_alloc_context.
Michael Adam [Thu, 17 Jun 2010 16:59:28 +0000 (18:59 +0200)]
s3:idmap_ldap: add idmap_domain arg to idmap_ldap_alloc_init and verify_idpool
First step in removing idmap ranges from the idmap_ldap_alloc_context.
The range from the domain is to be used now.
Michael Adam [Thu, 17 Jun 2010 08:16:54 +0000 (10:16 +0200)]
s3:idmap_ldap: remove unused filter range from struct idmap_ldap_context
Michael Adam [Thu, 17 Jun 2010 08:16:20 +0000 (10:16 +0200)]
s3:idmap_ldap: don't load ranges - they have been loaded into struct idmap_domain
Michael Adam [Thu, 17 Jun 2010 08:00:49 +0000 (10:00 +0200)]
s3:idmap_ldap: use filter range from idmap domain, not idmap_ldap_context
Michael Adam [Tue, 22 Jun 2010 12:49:00 +0000 (14:49 +0200)]
s3:idmap_ldap: re-implement allocate_id in idmap methods.
Michael Adam [Thu, 17 Jun 2010 07:39:11 +0000 (09:39 +0200)]
s3:idmap_tdb: add my (C)
Michael Adam [Tue, 22 Jun 2010 07:01:32 +0000 (09:01 +0200)]
s3:idmap_tdb: properly initialize the idmap_tdb context with zero
Michael Adam [Thu, 17 Jun 2010 07:35:52 +0000 (09:35 +0200)]
s3:idmap_tdb: prevent opening the idmap db more than once.
Michael Adam [Thu, 17 Jun 2010 06:53:54 +0000 (08:53 +0200)]
s3:idmap_tdb: rewrite sids_to_unixids to create mappings for unmapped sids.
Michael Adam [Thu, 17 Jun 2010 06:44:04 +0000 (08:44 +0200)]
s3:idmap_tdb: add a idmap_tdb_new_mapping().
High level function to create a new mapping for an unmapped sid.
This builds logic that used to reside in the top level idmap code
in the backend. To be called inside a transaction to guarantee
atomicity of the operation.
Michael Adam [Thu, 17 Jun 2010 06:43:11 +0000 (08:43 +0200)]
s3:idmap_tdb: move the set_mapping code up
Michael Adam [Thu, 17 Jun 2010 06:35:28 +0000 (08:35 +0200)]
s3:idmap_tdb: use transaction wrapper for idmap_tdb_set_mapping().
Michael Adam [Thu, 17 Jun 2010 07:47:27 +0000 (09:47 +0200)]
s3:idmap_tdb: remove unused struct idmap_tdb_state.
Michael Adam [Thu, 17 Jun 2010 06:17:39 +0000 (08:17 +0200)]
s3:idmap_tdb: remove unused idmap_alloc_db
Michael Adam [Thu, 17 Jun 2010 06:17:06 +0000 (08:17 +0200)]
s3:idmap_tdb: remove unused idmap_tdb_alloc_close().
Michael Adam [Thu, 17 Jun 2010 06:16:05 +0000 (08:16 +0200)]
s3:idmap_tdb: give idmap_domain arg to idmap_tdb_allocate_id and use ctx->db
instead of alloc_db
Michael Adam [Thu, 17 Jun 2010 06:12:43 +0000 (08:12 +0200)]
s3:idmap_tdb: call idmap_tdb_init_hwm() from idmap_tdb_open_db().
Michael Adam [Thu, 17 Jun 2010 06:11:19 +0000 (08:11 +0200)]
s3:idmap_tdb: move idmap_tdb_init_hwm up.
Michael Adam [Thu, 17 Jun 2010 06:07:40 +0000 (08:07 +0200)]
s3:idmap_tdb: remove unused idmap_tdb_load_ranges()
The idmap_tdb_state (which should actually be called idmap_tdb_alloc_context)
is being removed since the alloc part is combined with the id mapping part.
Michael Adam [Wed, 23 Jun 2010 08:53:29 +0000 (10:53 +0200)]
s3:idmap_tdb: have idmap_tdb_open_db take an idmap_domain struct as argument
the other arguments are not needed any more and are removed.
Michael Adam [Thu, 17 Jun 2010 05:56:46 +0000 (07:56 +0200)]
s3:idmap_tdb: rename idmap_tdb_alloc_init->idmap_tdb_init_hwm and use db from idmap_tdb_context
instead of the special idmap_alloc_db
Michael Adam [Thu, 17 Jun 2010 05:51:15 +0000 (07:51 +0200)]
s3:idmap_tdb: move definition of struct idmap_tdb_context up.
Michael Adam [Thu, 17 Jun 2010 05:43:14 +0000 (07:43 +0200)]
s3:idmap_tdb: remove filter_low_id,filter_high_id from idmap_tdb_context
These are now taken from the idmap_domain struct.
Michael Adam [Thu, 17 Jun 2010 07:46:08 +0000 (09:46 +0200)]
s3:idmap_tdb: add idmap domain arg to idmap_tdb_upgrade and use domain range
Michael Adam [Thu, 17 Jun 2010 05:42:00 +0000 (07:42 +0200)]
s3:idmap_tdb: use filter from idmap_domain rather than from idmap_tdb_context
Michael Adam [Thu, 17 Jun 2010 05:35:28 +0000 (07:35 +0200)]
s3:idmap_tdb: give idmap domain argument to idmap_tdb_sid_to_id
instead of idmap_tdb_context. This is in preparation of using the
filter from the idmap_domain struct.