kai/samba.git
13 years agor24345: Add --format=html option to selftest.
Jelmer Vernooij [Sun, 12 Aug 2007 04:00:15 +0000 (04:00 +0000)]
r24345: Add --format=html option to selftest.
(This used to be commit de66bced9468b338e94d430a474616016c6078a5)

13 years agor24342: Move environments into a separate directory.
Jelmer Vernooij [Sun, 12 Aug 2007 01:49:38 +0000 (01:49 +0000)]
r24342: Move environments into a separate directory.
(This used to be commit e3fe7ef92bae1a870c9de9f90becb3a3c67f98fe)

13 years agor24339: Move output functions to separate files.
Jelmer Vernooij [Sun, 12 Aug 2007 00:50:25 +0000 (00:50 +0000)]
r24339: Move output functions to separate files.
(This used to be commit f4ff4c5f61189c71ab60a5455272302add9e1d97)

13 years agor24338: Add callbacks for starting and finishing tests.
Jelmer Vernooij [Sat, 11 Aug 2007 22:14:07 +0000 (22:14 +0000)]
r24338: Add callbacks for starting and finishing tests.
(This used to be commit 824833b59a1c9c829cea4e5c4bfd2387b1bc7a2f)

13 years agor24337: Make libreplace provide offsetof.
Jelmer Vernooij [Sat, 11 Aug 2007 21:30:19 +0000 (21:30 +0000)]
r24337: Make libreplace provide offsetof.
(This used to be commit 48d1aa4fcf6a323e3e6a14825f83cd20e3fc3a26)

13 years agor24336: Use standard data type uint32_t rather than tdb-specific u32.
Jelmer Vernooij [Sat, 11 Aug 2007 21:19:24 +0000 (21:19 +0000)]
r24336: Use standard data type uint32_t rather than tdb-specific u32.
(This used to be commit f90a698387c53508862eb6359bd4d1fba1d2b4b0)

13 years agor24335: Fix -N support.
Jelmer Vernooij [Sat, 11 Aug 2007 18:31:27 +0000 (18:31 +0000)]
r24335: Fix -N support.
(This used to be commit 18ea767d396bf6d956fd83ee3d2687d98897ae36)

13 years agor24333: Add convenience function for checking the contents of a file in tests.
Jelmer Vernooij [Sat, 11 Aug 2007 17:08:22 +0000 (17:08 +0000)]
r24333: Add convenience function for checking the contents of a file in tests.
(This used to be commit 4e304101241ea7bcb9111b757bb51b16665d492d)

13 years agor24313: Merge r23377 from 3_2
Volker Lendecke [Fri, 10 Aug 2007 11:53:52 +0000 (11:53 +0000)]
r24313: Merge r23377 from 3_2

Patch from Bjoern Jacke <bjoern@j3e.de> to deal
with non-GNU implementations of tr in autogen.sh
(This used to be commit c77c74efdbca414ffc51415c52206eff6ca57fe3)

13 years agor24301: The less escape characters the better. This changes the winbind
Andrew Bartlett [Fri, 10 Aug 2007 08:46:29 +0000 (08:46 +0000)]
r24301: The less escape characters the better.  This changes the winbind
seperator to /, which is not an escape character, and uses the fact
that we always support / as the DOMAIN/username seperator.

Andrew Bartlett
(This used to be commit 84c1bea458518a1550619a5103d8237fc4db2503)

13 years agor24300: Try to get the LOCAL-EVENT test to pass on hosts with epoll() in
Andrew Bartlett [Fri, 10 Aug 2007 07:40:50 +0000 (07:40 +0000)]
r24300: Try to get the LOCAL-EVENT test to pass on hosts with epoll() in
glibc, but not in the host kernel.

Andrew Bartlett
(This used to be commit bd70b0d1063c2ad471b1580361b818d64aadfe29)

13 years agor24286: (missed from previous commit)
Andrew Bartlett [Thu, 9 Aug 2007 08:43:15 +0000 (08:43 +0000)]
r24286: (missed from previous commit)

A number of machines on the build farm fail because while they use
SOCKET_WRAPPER, they don't compile with --enable-developer.  As such
the winbind tests fail.

We need to ensure that on production systems we never have
SOCKET_WRAPPER set, or this could be a security issue.

Andrew Bartlett
(This used to be commit 3d2dbcf50dbe3d36ec86e1bc1d7bdcb72dbdef00)

13 years agor24285: A number of machines on the build farm fail because while they use
Andrew Bartlett [Thu, 9 Aug 2007 08:08:09 +0000 (08:08 +0000)]
r24285: A number of machines on the build farm fail because while they use
SOCKET_WRAPPER, they don't compile with --enable-developer.  As such
the winbind tests fail.

We need to ensure that on production systems we never have
SOCKET_WRAPPER set, or this could be a security issue.

Andrew Bartlett
(This used to be commit eccc2d11da86661cb2086a6f5ce970571d744ec9)

13 years agor24284: change brlock_tdb.c to use the dbwrap API. This actually makes the
Andrew Tridgell [Thu, 9 Aug 2007 06:36:16 +0000 (06:36 +0000)]
r24284: change brlock_tdb.c to use the dbwrap API. This actually makes the
backend abstraction for brlock pointless, but I have left it in place
for now. It would be useful for other clustering systems that can't
map to dbwrap, and would also be useful if we wanted to keep the
remote function call capabilities in ctdb instead of the less
efficient fetch_locked() call in dbwrap
(This used to be commit 912c014b7c131ab051ff6eb2db4e68cb6fbbeb14)

13 years agor24283: added a dbwrap API for temporary databases, based on the one from the
Andrew Tridgell [Thu, 9 Aug 2007 06:34:20 +0000 (06:34 +0000)]
r24283: added a dbwrap API for temporary databases, based on the one from the
s3 clustering code.

This commit just establishes the API. The ctdb backend for this will
come soon.
(This used to be commit 3767e755db7b58aee4ff375896beb00b133cc413)

13 years agor24282: Try to fix the occasional Samba4 crash in BASE-BENCH-READWRITE, as
Andrew Bartlett [Thu, 9 Aug 2007 06:26:19 +0000 (06:26 +0000)]
r24282: Try to fix the occasional Samba4 crash in BASE-BENCH-READWRITE, as
seen in particular on opi.

This looked like a Heimdal problem, but I think it was simply that we
didn't do a talloc_reference() to keep tabs on the memory we were
using, and in between obtaining the pointer and using it, it was
assigned to unrelated memory.

Andrew Bartlett
(This used to be commit a650ad8b37d58ba64458a33313714d1abfc4850b)

13 years agor24277: Tidyup as requested by metze.
Andrew Bartlett [Wed, 8 Aug 2007 06:37:37 +0000 (06:37 +0000)]
r24277: Tidyup as requested by metze.

Andrew Bartlett
(This used to be commit 43d62181f204fb32e487b7689729c1a91b8d23ad)

13 years agor24276: don't mark a stream readable until after the messaging setup is
Andrew Tridgell [Wed, 8 Aug 2007 03:20:37 +0000 (03:20 +0000)]
r24276: don't mark a stream readable until after the messaging setup is
complete. This is needed because messaging setup with ctdb involve
events, and we don't want a SMB packet to be processed on this stream
until after the stream structure is fully setup
(This used to be commit 8e378051e594372dfb2c00a380ef4bc151021ea2)

13 years agor24275: - setup the connection to the ctdb daemon
Andrew Tridgell [Wed, 8 Aug 2007 03:19:38 +0000 (03:19 +0000)]
r24275: - setup the connection to the ctdb daemon

- disable the brlock ctdb backend for now
(This used to be commit b04bcf46e135af597b89994148a28275d29cdba6)

13 years agor24274: - merge from ctdb bzr tree
Andrew Tridgell [Wed, 8 Aug 2007 03:18:51 +0000 (03:18 +0000)]
r24274: - merge from ctdb bzr tree

- use ctdb_attach() instead of ctdb_db_handle()

- make ctdb_attach() return an existing db handle if it exists
(This used to be commit be85c48f8d4a22fd4ed922be6f7f1979f349d291)

13 years agor24273: Fix bug #4817 by <mwallnoefer@yahoo.de>. (Unable to add a computer
Andrew Bartlett [Wed, 8 Aug 2007 02:41:12 +0000 (02:41 +0000)]
r24273: Fix bug #4817 by <mwallnoefer@yahoo.de>.  (Unable to add a computer
from MMC Active Directory Users and Computers).

Windows sets a 14 UCS2 char buffer as the password in this case.

We need to allow random buffers to be accepted as complex passwords,
even if they don't have ASCII upper or lower case characters.  (If
half the bytes are > 127, then it's likely a random buffer).

Also make the test match the documented windows behaviour of '3 of the
4 classes: upper, lower, digit, special'.

Andrew Bartlett
(This used to be commit 5ef26a2ba3561580f0a73ee61eb707573cc98cd3)

13 years agor24263: Fix bug 4846 (unable to copy users in MMC Active Directory Users and
Andrew Bartlett [Tue, 7 Aug 2007 09:01:08 +0000 (09:01 +0000)]
r24263: Fix bug 4846 (unable to copy users in MMC Active Directory Users and
Computers).

We now generate a security descriptor for each object, when it is
created.  This seems to keep MMC happy.  The next step is to honour
it.

Andrew Bartlett
(This used to be commit 72f4ae82463c5c1f9f6b7f18f125c4c8fb56ae4f)

13 years agor24262: Set the objectCategory by default in the objectclass module, rather than...
Andrew Bartlett [Tue, 7 Aug 2007 05:58:47 +0000 (05:58 +0000)]
r24262: Set the objectCategory by default in the objectclass module, rather than using templates.

Modify the samba3sam test to be less fussy, and not use the
objectclass module (which requires proper schema stuff now).

Andrew Bartlett
(This used to be commit 53c248c2645e86fbc8720860aed92a479483b528)

13 years agor24261: Fix the standalone ldb build after I moved the objectclass module out.
Andrew Bartlett [Tue, 7 Aug 2007 04:29:42 +0000 (04:29 +0000)]
r24261: Fix the standalone ldb build after I moved the objectclass module out.

Andrew Bartlett
(This used to be commit c4c3afcdcb6ac5dc220f353b25689056484ac6c9)

13 years agor24260: Ensure we always override any existing values for these generated
Andrew Bartlett [Tue, 7 Aug 2007 03:35:45 +0000 (03:35 +0000)]
r24260: Ensure we always override any existing values for these generated
attributes.  Anything else leads to madness.

Andrew Bartlett
(This used to be commit af092a361df6b98e1890cbd3e2d1fed168701364)

13 years agor24259: Rework the objectclass module to use the new schema, rather than the
Andrew Bartlett [Tue, 7 Aug 2007 03:33:26 +0000 (03:33 +0000)]
r24259: Rework the objectclass module to use the new schema, rather than the
ldb_subclass list.

Next step will be to have this module also set the objectCategory and
default ntSecurityDescriptor

Andrew Bartlett
(This used to be commit 0f7135a4685a1117a54c2f019df6c6de22b8dd32)

13 years agor24249: Thse generated attributes should not be pushed this far down the stack
Andrew Bartlett [Mon, 6 Aug 2007 05:43:54 +0000 (05:43 +0000)]
r24249: Thse generated attributes should not be pushed this far down the stack
in any cse.

Andrew Bartlett
(This used to be commit 5f08a686a6b002a21803a0dd2f9ee0ae9ef928f5)

13 years agor24248: Attempt to fix bug #4830 by <mwallnoefer@yahoo.de>. If there is no
Andrew Bartlett [Mon, 6 Aug 2007 04:07:05 +0000 (04:07 +0000)]
r24248: Attempt to fix bug #4830 by <mwallnoefer@yahoo.de>.  If there is no
payload to the control, we still need to inialise *value, as otherwise
we read uninitialised data later.

Andrew Bartlett
(This used to be commit f6566480b7f1b4036b38284aa539f3a69f5c4573)

13 years agor24247: Remove extra newlines from ldb_debug() calls - it already adds one.
Andrew Bartlett [Mon, 6 Aug 2007 03:48:56 +0000 (03:48 +0000)]
r24247: Remove extra newlines from ldb_debug() calls - it already adds one.

Andrew Bartlett
(This used to be commit e5fdcda2a1e97c587d48baf3521b18515277f6de)

13 years agor24246: Avoid the annoying 'probable memory leak in ldb' messages, by fixing
Andrew Bartlett [Mon, 6 Aug 2007 03:01:59 +0000 (03:01 +0000)]
r24246: Avoid the annoying 'probable memory leak in ldb' messages, by fixing
some issues in the NBT server (this was a false positive, but easily
worked around) and DRSUAPI server.

We should take care not to use the ldb_context as a talloc pool, and
to always ensure that any results from ldb_search() are moved off that
pool with talloc_steal or talloc_free().

To work around the issue in provision, for which I can find no fault
(other than a lot of work being done in provision), I've moved the
detector trigger to 400 additional blocks.

This fixes Bug #4810 by <mwallnoefer@yahoo.de>

Andrew Bartlett
(This used to be commit 42bcf856203ae3cf43130519904828a143ac8d18)

13 years agor24245: Fix bug #4828 - we need to set the samba LDB debug handler early, so
Andrew Bartlett [Mon, 6 Aug 2007 01:36:49 +0000 (01:36 +0000)]
r24245: Fix bug #4828 - we need to set the samba LDB debug handler early, so
we catch messages pushed out by modules during startup.

This also sets an explict mapping between ldb and Samba debug levels.

Andrew Bartlett
(This used to be commit 50913a401dda9fb29a8c05f1926c41d3473efa93)

13 years agor24157: Merge from kai/samba4-gsoc.git;h=728deba680f8cf85cab168a6278a2cf657f65fdb
Kai Blin [Fri, 3 Aug 2007 13:51:12 +0000 (13:51 +0000)]
r24157: Merge from kai/samba4-gsoc.git;h=728deba680f8cf85cab168a6278a2cf657f65fdb

Make WBSRV_SAMBA3_SET_STRING use safe_strcpy instead of strncpy.
(This used to be commit 6b92b816fc70278d83d23f835275acf5f227dd74)

13 years agor24146: It is not an error for a Win2k3-only server not to support the NT4
Andrew Bartlett [Fri, 3 Aug 2007 08:25:15 +0000 (08:25 +0000)]
r24146: It is not an error for a Win2k3-only server not to support the NT4
replication call.

Andrew Bartlett
(This used to be commit 59cba32c09f5b014788e4fb0479ed31f26a3d7e2)

13 years agor24127: Set the Domain SID into the libnet context, and have libnet_UserInfo
Andrew Bartlett [Thu, 2 Aug 2007 13:08:39 +0000 (13:08 +0000)]
r24127: Set the Domain SID into the libnet context, and have libnet_UserInfo
return full SIDs for the user SID and primary group sid.

This should help kai with his getpwnam work in winbind.

Andrew Bartlett
(This used to be commit 078671d5015c63e4bcd96815e150dae918763b83)

13 years agor24118: Start fixing #4842 (usrmgr polcies menu not working) by removing range
Andrew Bartlett [Thu, 2 Aug 2007 01:30:03 +0000 (01:30 +0000)]
r24118: Start fixing #4842 (usrmgr polcies menu not working) by removing range
restriction on the maximum returned size.  There isn't a good reason
to have a limit on this one.

Andrew Bartlett
(This used to be commit 9a8315019e20f736c6977451c1d1f1f3fcba16f2)

13 years agor24112: Complete initialistion of the libnet_ctx when setting up the domain.
Andrew Bartlett [Wed, 1 Aug 2007 04:05:06 +0000 (04:05 +0000)]
r24112: Complete initialistion of the libnet_ctx when setting up the domain.
We need to set the access_mask and the domain name, or else libnet
will try to do this itself.

This seems to fix the issues Kai was having.

Andrew Bartlett
(This used to be commit 44c193272b05959c756ee0078d666bcdf1374023)

13 years agor24111: Untested code is broken code, untested code is broken code...
Andrew Bartlett [Wed, 1 Aug 2007 01:22:53 +0000 (01:22 +0000)]
r24111: Untested code is broken code, untested code is broken code...

Apologies for my previous commit, which should never have been
commited untested.

Andrew Bartlett
(This used to be commit ec69f41d093df598cb3969be0efdd6b8b804d423)

13 years agor24110: I hate seeing callers manually filling in the composite context. Use
Andrew Bartlett [Wed, 1 Aug 2007 00:38:53 +0000 (00:38 +0000)]
r24110: I hate seeing callers manually filling in the composite context.  Use
the helper functions instead (and in kai's new code, which just copied
the previous bad practice).

Andrew Bartlett
(This used to be commit 0908d8232e8621e5c7bce74b19e5d1e75fc115ab)

13 years agor24109: Add a wb_name2domain call
Kai Blin [Tue, 31 Jul 2007 23:49:04 +0000 (23:49 +0000)]
r24109: Add a wb_name2domain call
(This used to be commit a6a45ab9706961ea2a9a7451d9a38cb8dea7baf2)

13 years agor24108: Split out samba3_parse_domuser to a seperate file and rename, so it can be
Kai Blin [Tue, 31 Jul 2007 23:43:59 +0000 (23:43 +0000)]
r24108: Split out samba3_parse_domuser to a seperate file and rename, so it can be
used for a name2domain call.
(This used to be commit 75e41da039e10127820635500e185e24ea55c777)

13 years agor24083: Don't fail the test (looking for the user in the enum) if we didn't
Andrew Bartlett [Mon, 30 Jul 2007 10:43:50 +0000 (10:43 +0000)]
r24083: Don't fail the test (looking for the user in the enum) if we didn't
create the user in the first place.

Andrew Bartlett
(This used to be commit db0f81734d39b228dbfcf53b911edf83a2a2fd8c)

13 years agor24082: Following the removal of a fanstsy condition from the SAMR testsuite,
Andrew Bartlett [Mon, 30 Jul 2007 10:37:33 +0000 (10:37 +0000)]
r24082: Following the removal of a fanstsy condition from the SAMR testsuite,
allow the server side to enumerate all domain controllers and domain
members...

Andrew Bartlett
(This used to be commit d42150ff0a05e891d36d1d3f1ec93952e6d4affd)

13 years agor24081: Domain Controllers are also shown in this enumeration.
Andrew Bartlett [Mon, 30 Jul 2007 10:34:23 +0000 (10:34 +0000)]
r24081: Domain Controllers are also shown in this enumeration.

Andrew Bartlett
(This used to be commit 3e332ff77120003da2a23df8e0d30a330847f0f1)

13 years agor24080: Set the primary group (matching windows) when creating new users in
Andrew Bartlett [Mon, 30 Jul 2007 10:30:34 +0000 (10:30 +0000)]
r24080: Set the primary group (matching windows) when creating new users in
SAMR.  This can't be done in the ldb templates code, as it doesn't
happen over direct LDAP.

As noted in bug #4829.

Andrew Bartlett
(This used to be commit 3bfa6dbf7ded06df78310f7bd39d8a8d4edbb4ef)

13 years agor24076: Make ldap.js pass against Win2k3 again (looks like we don't match AD
Andrew Bartlett [Mon, 30 Jul 2007 10:05:47 +0000 (10:05 +0000)]
r24076: Make ldap.js pass against Win2k3 again (looks like we don't match AD
on this error code, but allow both for now).

Also prove that bug #4829 needs a different solution: we can't fix
this by changing the template.  I think this fix needs to be in the
SAMR server.

Andrew Bartlett
(This used to be commit c3554e3ee79cdb15f05e7968ccde62c086748c80)

13 years agor24075: As suggested by metze, match the behaviour of ntvfs_posix, and remove
Andrew Bartlett [Mon, 30 Jul 2007 09:04:28 +0000 (09:04 +0000)]
r24075: As suggested by metze, match the behaviour of ntvfs_posix, and remove
the backend data (effectivly closing the handle) when we close an IPC
FD.

This should fix #4821.

Andrew Bartlett
(This used to be commit efaf91b9d53c1d9b882c53e069e8e7c15394e0f3)

13 years agor24074: Test both permitted logon hours and permitted workstations in the
Andrew Bartlett [Mon, 30 Jul 2007 08:58:39 +0000 (08:58 +0000)]
r24074: Test both permitted logon hours and permitted workstations in the
RPC-SAMLOGON test.

This showed that, as noted by bug #4823, we didn't test for invalid
workstations.  In fact, the code had been ported across, but because
untested code is broken code, it never worked...

Andrew Bartlett
(This used to be commit 5e07417ada56d189a911ef888b0c87adebe60763)

13 years agor24061: Anther part of bug #4823, which is that until now Samba4 didn't parse
Andrew Bartlett [Fri, 27 Jul 2007 06:31:12 +0000 (06:31 +0000)]
r24061: Anther part of bug #4823, which is that until now Samba4 didn't parse
the logon hours, even if set.

This code happily stolen from the great work in Samba3 :-)

Andrew Bartlett
(This used to be commit a4939ab629e0af0615bcecf63c7cd55e6e833505)

13 years agor24060: Fix bug #4806 by Matthias Wallnöfer <mwallnoefer@yahoo.de>: We need to
Andrew Bartlett [Fri, 27 Jul 2007 03:08:15 +0000 (03:08 +0000)]
r24060: Fix bug #4806 by Matthias Wallnöfer <mwallnoefer@yahoo.de>: We need to
include the attribute allowedChildClassesEffective for MMC to allow
the creation of containers.

This may need further refinement, but it seems to work for now.

Andrew Bartlett
(This used to be commit d053b8e218767cb12e20a00fb18995e30869db11)

13 years agor24059: Fix bug 4822 reported by Matthias Wallnöfer <mwallnoefer@yahoo.de>.
Andrew Bartlett [Fri, 27 Jul 2007 02:07:17 +0000 (02:07 +0000)]
r24059: Fix bug 4822 reported by Matthias Wallnöfer <mwallnoefer@yahoo.de>.

Any SAMR client (usrmgr.exe in this case) that attempted to set a
property to a zero length string found instead the the old value was
kept.

In fixing this, rework the macros to be cleaner (add the
always-present .string) to every macro, and remove the use of the
samdb_modify() and samdb_replace() wrappers where possible.

Andrew Bartlett
(This used to be commit b05fe693047c09b85c7fc0e1ea8d931c99910375)

13 years agor24054: Fix some warnings
Volker Lendecke [Thu, 26 Jul 2007 07:48:14 +0000 (07:48 +0000)]
r24054: Fix some warnings
(This used to be commit b3473db397476d05e7ffca50a5f7a9b65e0a5b4a)

13 years agor24053: Ensure we filter EnumDomainUsers with the supplied mask.
Andrew Bartlett [Thu, 26 Jul 2007 07:27:46 +0000 (07:27 +0000)]
r24053: Ensure we filter EnumDomainUsers with the supplied mask.

Should fix another part (list of domains in usrmgr incorrectly
including accounts) of bug #4815 by mwallnoefer@yahoo.de.

Andrew Bartlett
(This used to be commit 7f7e4fe2989ef4cb7ec0f855b25e558f3bbd18c5)

13 years agor24052: Fix some of the NT4 usrmgr.exe portions of bug 4815.
Andrew Bartlett [Thu, 26 Jul 2007 03:50:24 +0000 (03:50 +0000)]
r24052: Fix some of the NT4 usrmgr.exe portions of bug 4815.

 - The icons in usermgr were incorrect, because the acct_flags were
   not filled in (due to missing attribute in ldb query)

 - The Full name was missing, and the description used as the full
   name (due to missing attributes in ldb query and incorrect IDL)

To prove the correctness of these fixes, I added a substantial new
test to RPC-SAMR-USERS, to ensure cross-consistancy between
QueryDisplayInfo and QueryUserInfo on each user.

This showed that for some reason, we must add ACB_NORMAL to the
acct_flags on level 2 queries (for machine trust accounts)...

Getting this right is important, because Samba3's RPC winbind methods
uses these queries.

Andrew Bartlett
(This used to be commit 9475d94a61e36b3507e5fd2e6bb6f0667db4a607)

13 years agor24051: more monitor function calls and monitor msg names
Rafal Szczesniak [Wed, 25 Jul 2007 23:17:02 +0000 (23:17 +0000)]
r24051: more monitor function calls and monitor msg names
convention change.

rafal
(This used to be commit 6ab10b2ed256fa3c55d1af8ddcc9dfdaf4598a1e)

13 years agor24041: After metze's ack, check in torture_comment from Zack Krisch
Volker Lendecke [Wed, 25 Jul 2007 09:57:14 +0000 (09:57 +0000)]
r24041: After metze's ack, check in torture_comment from Zack Krisch
<zack.kirsch@isilon.com>
(This used to be commit b1148b7ab84a18d4fea771c887ed7d535841982b)

13 years agor24012: Remove duplicate code block (from bad merge).
Andrew Bartlett [Tue, 24 Jul 2007 06:03:03 +0000 (06:03 +0000)]
r24012: Remove duplicate code block (from bad merge).

Andrew Bartlett
(This used to be commit 68bdbd732fc02ce5a8ef8eb0107459ff3b7eb723)

13 years agor24011: Keep the connect handle around in libnet, in case we want it.
Andrew Bartlett [Tue, 24 Jul 2007 06:02:32 +0000 (06:02 +0000)]
r24011: Keep the connect handle around in libnet, in case we want it.

Andrew Bartlett
(This used to be commit e6ccdb6cea267b992d1b586757f0b84afbc5e45f)

13 years agor24010: Fix warning for the function paramter to qsort().
Andrew Bartlett [Tue, 24 Jul 2007 06:01:30 +0000 (06:01 +0000)]
r24010: Fix warning for the function paramter to qsort().

Andrew Bartlett
(This used to be commit 51862c4c5299da02d3d781b3e9255823bc9b59af)

13 years agor23995: Work to allow mimir's libnet code to be called from winbind.
Andrew Bartlett [Mon, 23 Jul 2007 02:56:51 +0000 (02:56 +0000)]
r23995: Work to allow mimir's libnet code to be called from winbind.

We now setup a libnet_ctx for each domain.  We should then be able to
replace/merge some more of the winbind code with libnet calls,
referencing domain->libnet_ctx.

Andrew Bartlett
(This used to be commit bad2dc14d704be59300f619c84694c11620559e0)

13 years agor23994: Finish my work to ensure that non-root and non-administrator users
Andrew Bartlett [Mon, 23 Jul 2007 02:10:11 +0000 (02:10 +0000)]
r23994: Finish my work to ensure that non-root and non-administrator users
cannot vampire, provision or upgrade a Samba4 server via SWAT.

(The previous commit was an accident, and not complete).

This should get Samba4 closer to being 'secure' for an alpha release.

Andrew Bartlett
(This used to be commit 3b6695de36bcea8a76001c9a5585eac871646450)

13 years agor23993: Attempt to fix bug #4808, reported by mwallnoefer@yahoo.de. The issue
Andrew Bartlett [Mon, 23 Jul 2007 01:46:39 +0000 (01:46 +0000)]
r23993: Attempt to fix bug #4808, reported by mwallnoefer@yahoo.de.  The issue
is that when we all ldb_msg_add_empty(), we might realloc() the
msg->elements array.  We need to ensure the source pointer (when
copying an element from the same msg) is still valid, or the data
copied.

Andrew Bartlett
(This used to be commit 0fbea30577233d00e7c6cdd4faaece0f99fc57b1)

13 years agor23982: Fix use-after-realloc() found by valgrind and mwallnoefer@yahoo.de.
Andrew Bartlett [Sat, 21 Jul 2007 10:14:46 +0000 (10:14 +0000)]
r23982: Fix use-after-realloc() found by valgrind and mwallnoefer@yahoo.de.

Should fix bug #4804.

Andrew Bartlett
(This used to be commit 848336dc617b72d189fe82e10c0b08a518d6d073)

13 years agor23980: Fix one more use of pwrite in expand_file.
Michael Adam [Fri, 20 Jul 2007 16:31:32 +0000 (16:31 +0000)]
r23980: Fix one more use of pwrite in expand_file.

Michael
(This used to be commit b97acdc67b1a55529e69bb7b2b78a317a34b1eba)

13 years agor23979: Fix another occurence of (written != requested) as an
Michael Adam [Fri, 20 Jul 2007 15:00:58 +0000 (15:00 +0000)]
r23979: Fix another occurence of (written != requested) as an
error condition to write. This is in tdb_new_database.

Fix one call to tdb_new_database in tdb_open_ex to not
overwrite the newly propagated errno (typically ENOSPC).

Michael
(This used to be commit eb524df0a52783de6c94a11b44f268e0f26fbb2c)

13 years agor23978: Merge r23161 from Samba3:
Michael Adam [Fri, 20 Jul 2007 14:52:47 +0000 (14:52 +0000)]
r23978: Merge r23161 from Samba3:

Add TDB_VOLATILE as open_flag to activate the per-hashchain dead record
optimization.
(This used to be commit 868cdb1781fe94afbc1658e72bf06de20193bcd7)

13 years agor23977: Im prove the pwrite-patch to tdb_expand_file of r23972:
Michael Adam [Fri, 20 Jul 2007 14:23:12 +0000 (14:23 +0000)]
r23977: Im prove the pwrite-patch to tdb_expand_file of r23972:

* prevent infinite loops due to 0 bytes written:
  try once more. if we still get 0 as return,
  set errno to ENOSPC and return -1 (error)

* replace int by correct types (ssize_t and size_t).

* print a warning log message in case "written < requested to write"
  usually this means, that the next call to pwrite will fail
  with return value -1 and set errno accordingly.

  Note that the former error condition "written != requested to write"
  is not a correct error condition of write/pwrite. If this is due
  to an error, a subsequent call to (p)write will reveal the cause
  (typically "no space left on device" - ENOSPC).

Michael
(This used to be commit 7f415d12239fc67eb2c7894c6359b9507fe122c6)

13 years agor23972: Fix a bug in pwrite error detection in tdb_expand_file():
Michael Adam [Thu, 19 Jul 2007 13:46:26 +0000 (13:46 +0000)]
r23972: Fix a bug in pwrite error detection in tdb_expand_file():
The proper error condition is (ret == -1) instead of
(ret != number_of_byte_told_to_write).

Michael
(This used to be commit 4c3c6363f860ec01d3c789ef8ee2aa3eb77000dc)

13 years agor23966: It isn't great, but at least now we have some access control in SWAT
Andrew Bartlett [Thu, 19 Jul 2007 07:48:26 +0000 (07:48 +0000)]
r23966: It isn't great, but at least now we have some access control in SWAT

This patch prevents non-root and non-administrator users from running
the provision, upgrade and vampire pages.  *I think* the rest of SWAT
is LDB operations, or otherwise authenticated, so we should now be
secure.

I wish I had a better way to 'prove' we got this right, but this is better than nothing, and moves us closer to an alpha.

Andrew Bartlett
(This used to be commit d61061052dc4711f886199e49bc303002c8f9b11)

13 years agor23965: Add testing the 'net time' command to the script.
Andrew Bartlett [Thu, 19 Jul 2007 06:44:18 +0000 (06:44 +0000)]
r23965: Add testing the 'net time' command to the script.

Andrew Bartlett
(This used to be commit 4fab53432a3599cf62a7ebef977bc33ef5a5f734)

13 years agor23964: Update blackbox selftest scripts to cover more code, and to more
Andrew Bartlett [Thu, 19 Jul 2007 06:40:42 +0000 (06:40 +0000)]
r23964: Update blackbox selftest scripts to cover more code, and to more
consistantly report errors.  (Some were being lost due to the "echo
foo | cmd" calling convention).

Andrew Bartlett
(This used to be commit d0a994d0ce7b1d4a33bbca5348c2da868401971f)

13 years agor23961: Allow SWAT to operate on x86_64 machines.
Andrew Bartlett [Thu, 19 Jul 2007 04:00:32 +0000 (04:00 +0000)]
r23961: Allow SWAT to operate on x86_64 machines.

On machines with a 4 byte int, and a 8 byte pointer, the ESP could would fail.

The problem is that 0 != NULL.  0 is an int (4 bytes) and NULL is a
pointer (8), and this matters critically to varargs functions.

If a 0 was passed as the 'terminating' argument, then only 4 bytes
would be written to the stack, but va_arg(ap, char *) would try and
pull 8, reading uninitalised memory.

Andrew Bartlett
(This used to be commit 72ca8e3b2a45179b731790e6329b978b22ac1ec0)

13 years agor23960: Don't destory the 'reason' for terminating the service before printing it.
Andrew Bartlett [Thu, 19 Jul 2007 03:57:44 +0000 (03:57 +0000)]
r23960: Don't destory the 'reason' for terminating the service before printing it.

Andrew Bartlett
(This used to be commit 18d2680f357cef68e0e9714ce5404be70759d2ad)

13 years agor23959: add more monitor messages support that's been sitting around on my
Rafal Szczesniak [Wed, 18 Jul 2007 21:24:37 +0000 (21:24 +0000)]
r23959: add more monitor messages support that's been sitting around on my
laptop for a while.

rafal
(This used to be commit c257363adbc2e8ab577bb86a5b4dbef3caf802ef)

13 years agor23950: unlink before rename is superfluous.
Michael Adam [Wed, 18 Jul 2007 08:29:00 +0000 (08:29 +0000)]
r23950: unlink before rename is superfluous.

Michael
(This used to be commit dc0104be9acfcd97f95388029a421204723b641a)

13 years agor23925: Use NULL instead of 0 for a void * argument.
Michael Adam [Tue, 17 Jul 2007 10:30:13 +0000 (10:30 +0000)]
r23925: Use NULL instead of 0 for a void * argument.
(This used to be commit bf7774360bbcf557e3cbc4ef0c45f750b4ba89c3)

13 years agor23912: We always accept / as a seperator, and it is far less confusing
Andrew Bartlett [Tue, 17 Jul 2007 05:40:36 +0000 (05:40 +0000)]
r23912: We always accept / as a seperator, and it is far less confusing
compared with a shell-escape (\).

Fixes bug #4765

Andrew Bartlett
(This used to be commit 417e0ef87fdf8ea69c66089485bd4e0f7b4ca495)

13 years agor23907: Fix bug 4790 reported by mwallnoefer@yahoo.de:
Andrew Bartlett [Tue, 17 Jul 2007 00:10:53 +0000 (00:10 +0000)]
r23907: Fix bug 4790 reported by mwallnoefer@yahoo.de:

Before the provisioning enters to the function provision_default_paths (in
scripting/libjs/provision.js), the variable subobj.DNSDOMAIN isn't properly set
(for example for the filename of the DNS zonefile).

Andrew Bartlett
(This used to be commit 07a9db1438df93442c5b50b1b97ca69662749608)

13 years agor23905: SATOH Fumiyasu <fumiyas@osstech.jp> points out that we want &&, not ; here...
Andrew Bartlett [Mon, 16 Jul 2007 23:38:29 +0000 (23:38 +0000)]
r23905: SATOH Fumiyasu <fumiyas@osstech.jp> points out that we want &&, not ; here...

(We don't want to make a distclean of the main user tree, just because
they don't have the parent directory checked out).

Andrew Bartlett
(This used to be commit 70bf6936850dede51d085a1f1f22f43b98823ff2)

13 years agor23895: reapply rev 23493:
Stefan Metzmacher [Mon, 16 Jul 2007 15:03:03 +0000 (15:03 +0000)]
r23895: reapply rev 23493:

regenerate lex.c files with flex 2.5.33
this makes sure we include config.h as first header

hopefully fixes the build on SerNet-aix

abartlet: please don't revert that again with your next
          heimdal merge...:-)

metze
(This used to be commit 8da4e9a9ac0fb09a7b84de87e1671a8689e20fcb)

13 years agor23890: Allow wbinfo -a to work against Samba4's winbind.
Andrew Bartlett [Mon, 16 Jul 2007 11:27:29 +0000 (11:27 +0000)]
r23890: Allow wbinfo -a to work against Samba4's winbind.

Add a test for wbinfo -a to test_member.sh

Reimplement the server-side 'pam_auth' and 'pam_auth_crap' calls to
use the same SamLogon code as auth_winbind uses.

In my previous code, we did not bind to the LSA and SAMR pipes, before
attempting operations.  We now do this (how we passed any tests before
is beyond me).

This required some rework, particularly to make it easier to setup
secondary connections.  The new rpc_secondary_auth_connection()
function also performs the bind.

The dcerpc_connect.c file was getting to big, so things have been
merged into dcerpc_secondary.c.

Andrew Bartlett
(This used to be commit 365778a993b7d76af6d53ba2a598b7e271741dc5)

13 years agor23881: A quick fix from davecb@spamcop.net to be more portable to non-GNU
Andrew Bartlett [Mon, 16 Jul 2007 01:48:07 +0000 (01:48 +0000)]
r23881: A quick fix from davecb@spamcop.net to be more portable to non-GNU
make in autogen.sh.

Andrew Bartlett
(This used to be commit f47e5f716137b08380b17fdd95d2f454f53d6ce6)

13 years agor23880: Don't crash when we run wbinfo -a against our own winbind when we are a DC.
Andrew Bartlett [Sun, 15 Jul 2007 10:46:34 +0000 (10:46 +0000)]
r23880: Don't crash when we run wbinfo -a against our own winbind when we are a DC.

Next step is to make it work...

Andrew Bartlett
(This used to be commit a1b6c9ecb9a6f17bcbabf81a8128398df6447490)

13 years agor23876: Prepare to run nsstest from make test, just not add it to tests_all.sh yet.
Kai Blin [Sun, 15 Jul 2007 07:51:31 +0000 (07:51 +0000)]
r23876: Prepare to run nsstest from make test, just not add it to tests_all.sh yet.
(This used to be commit f45ae8a878c3d34ea2e4e1c7770e57cd96fa845b)

13 years agor23875: As pointed out by mwallnoefer@yahoo.de:
Andrew Bartlett [Sat, 14 Jul 2007 00:12:25 +0000 (00:12 +0000)]
r23875: As pointed out by mwallnoefer@yahoo.de:
On default Active Directory installations, the NETLOGON share isn't
an indipendent directory. In fact it's mapped to the subdirectory
"scripts" from the share SYSVOL under <Domain name>.

Andrew Bartlett
(This used to be commit 923d67ea9d78da46235221375b49b6f1d0d6a862)

13 years agor23862: Explain who requested unknown dependency. Helps a lot in chasing dependency...
Alexander Bokovoy [Fri, 13 Jul 2007 10:02:44 +0000 (10:02 +0000)]
r23862: Explain who requested unknown dependency. Helps a lot in chasing dependency hell when trimming down s4 platform
(This used to be commit 6c95eabac684c70ac0080b6ab7ca723f5c58869b)

13 years agor23860: export WINBINDD_SOCKET_DIR into the testenv
Stefan Metzmacher [Fri, 13 Jul 2007 08:38:51 +0000 (08:38 +0000)]
r23860: export WINBINDD_SOCKET_DIR into the testenv

metze
(This used to be commit 0d27c1b54e2ea2f7cc0bdcd80f484faa2933a998)

13 years agor23859: Work to have Group Policy work 'out of the box' in Samba4.
Andrew Bartlett [Fri, 13 Jul 2007 08:01:36 +0000 (08:01 +0000)]
r23859: Work to have Group Policy work 'out of the box' in Samba4.

This involves creating the SYSVOL and NETLOGON shares at provision
time, and creating the right subdirectories.

This also changes the behaviour of lp.get("foo") in ejs - we now
return undefined, rather than syntax error, if the parameter doesn't
exist (perhaps because the share isn't defined).

Andrew Bartlett
(This used to be commit 45cadf3bc0d38f6600666511a392e1ce353adee7)

13 years agor23853: Fix a very misleading error message in tdbbackup.
Michael Adam [Thu, 12 Jul 2007 13:41:34 +0000 (13:41 +0000)]
r23853: Fix a very misleading error message in tdbbackup.

Michael
(This used to be commit 1685057927e0ae37ed6be780ee0fb4b3bbefc00f)

13 years agor23852: Merge Samba 3.2's wbinfo into Samba4, so Kai can use it for testing.
Andrew Bartlett [Thu, 12 Jul 2007 10:16:59 +0000 (10:16 +0000)]
r23852: Merge Samba 3.2's wbinfo into Samba4, so Kai can use it for testing.

Andrew Bartlett
(This used to be commit 0fc9b015d734463416e7acb1981eb65216d200fc)

13 years agor23851: export _ABS versions of PREFIX and SRCDIR
Stefan Metzmacher [Thu, 12 Jul 2007 09:52:32 +0000 (09:52 +0000)]
r23851: export _ABS versions of PREFIX and SRCDIR

metze
(This used to be commit 759b5d94b378429a35c9901b870a89c99dad14f2)

13 years agor23849: ldap_server: Provide more info in debug traces
Andrew Bartlett [Thu, 12 Jul 2007 06:15:47 +0000 (06:15 +0000)]
r23849: ldap_server:  Provide more info in debug traces

blackbox tests:  increase test coverage by running more options.

Andrew Bartlett
(This used to be commit 46abf82675ea0ce06a162be5d733da0c236880c2)

13 years agor23848: Thanks to derrell for pointing out that I had not finished my patch to
Andrew Bartlett [Thu, 12 Jul 2007 04:56:33 +0000 (04:56 +0000)]
r23848: Thanks to derrell for pointing out that I had not finished my patch to
split out the auth methods.

This caused all SWAT logins to fail, except when using local system
authentication.

Andrew Bartlett
(This used to be commit b5a9d507a37cd46bd325ff3118c08b4362f267f2)

13 years agor23821: Extend the winreg test by a test for DeleteKey on a
Michael Adam [Tue, 10 Jul 2007 21:35:20 +0000 (21:35 +0000)]
r23821: Extend the winreg test by a test for DeleteKey on a
key that has subkeys. This should return WERR_ACCESS_DENIED.

Michael
(This used to be commit 9b8789a4b5f444e643ed7ee3ff55dc0c41986d07)

13 years agor23816: A little more static, but leave the dead code testjoin.c as documentation.
Andrew Bartlett [Tue, 10 Jul 2007 13:41:00 +0000 (13:41 +0000)]
r23816: A little more static, but leave the dead code testjoin.c as documentation.

Andrew Bartlett
(This used to be commit 6679003c0553804333f0090a91e1fe53837ceb47)

13 years agor23815: Thanks to Matthias Wallnoefer <mwallnoefer@yahoo.de> for pointing out
Andrew Bartlett [Tue, 10 Jul 2007 13:26:10 +0000 (13:26 +0000)]
r23815: Thanks to Matthias Wallnoefer <mwallnoefer@yahoo.de> for pointing out
that we had the wrong objectClass for OU=Domain
Controllers,${DOMAINDN} (was CN=Domain Controllers,${DOMAINDN})

This fixes both the SAMR server and the LDIF templates.

Andrew Bartlett
(This used to be commit 625a9e6c041bedc93925bdebb3a60af1dbdde317)

13 years agor23812: Remove more code found as dead by the find_static script, and make
Andrew Bartlett [Tue, 10 Jul 2007 11:56:01 +0000 (11:56 +0000)]
r23812: Remove more code found as dead by the find_static script, and make
other functions just static.

Andrew Bartlett
(This used to be commit 64fcec1da613dc8f16f0fba02fb3de0ec840671f)

13 years agor23811: Try to ensure struct nbt_name is always pre-declared. Might fix the
Andrew Bartlett [Tue, 10 Jul 2007 11:54:49 +0000 (11:54 +0000)]
r23811: Try to ensure struct nbt_name is always pre-declared.  Might fix the
build on aico.

Andrew Bartlett
(This used to be commit 5609bd9d219f517c25dbc6e6d265eed3ed517883)

13 years agor23810: Make things static, and remove unsued code.
Andrew Bartlett [Tue, 10 Jul 2007 11:37:30 +0000 (11:37 +0000)]
r23810: Make things static, and remove unsued code.

This includes some of the original ildap ldap client API.  ldb
provides a much easier abstraction on this to use, and doesn't use
these functions.

Andrew Bartlett
(This used to be commit dc27a7e41c297472675e8c251bb14327a1af3902)

13 years agor23809: Don't give users the fantasy that we can control choice of GENSEC
Andrew Bartlett [Tue, 10 Jul 2007 10:50:44 +0000 (10:50 +0000)]
r23809: Don't give users the fantasy that we can control choice of GENSEC
security mechanisms at the moment.  I'll put this back when I
implement the functionality.

Andrew Bartlett
(This used to be commit 9a38ddc86fe8c68520622678eae81e4e90f427cf)

13 years agor23807: added hex_encode_talloc()
Andrew Tridgell [Tue, 10 Jul 2007 08:07:42 +0000 (08:07 +0000)]
r23807: added hex_encode_talloc()
(This used to be commit 1b105097e3f4a8475d3a2623205ecdea2aef91cf)