sfrench/samba-autobuild/.git
10 years agoheimdal - fix various warnings
Matthias Dieter Wallnöfer [Tue, 29 Sep 2009 09:43:17 +0000 (11:43 +0200)]
heimdal - fix various warnings

- Shadowed variables
- "const" related warnings
- Parameter names which shadow function declarations
- Non-void functions which have no return value

(patch also ported upstream)

10 years agos4:ldap.py - add tests for valid parent and RDN
Matthias Dieter Wallnöfer [Sat, 3 Oct 2009 09:37:30 +0000 (11:37 +0200)]
s4:ldap.py - add tests for valid parent and RDN

10 years agos4:dsdb Use possibleInferiors to restrict creation of child objects
Andrew Bartlett [Thu, 24 Sep 2009 22:14:49 +0000 (15:14 -0700)]
s4:dsdb Use possibleInferiors to restrict creation of child objects

This also uses systemPossibleInferiors when the 'relax' control is
specified, which is done by the provision.

Andrew Bartlett

10 years agos4:dsdb add systemPossibleInferiors to schema code
Andrew Bartlett [Thu, 24 Sep 2009 22:12:49 +0000 (15:12 -0700)]
s4:dsdb add systemPossibleInferiors to schema code

This allows us to figure out what the system can add, which will not
be in possibleInferiors due to the systemOnly flag.

Andrew Bartlett

10 years agos4:dsdb Add objectClass and RDN constraints to objectClass module
Andrew Bartlett [Thu, 24 Sep 2009 04:16:42 +0000 (21:16 -0700)]
s4:dsdb Add objectClass and RDN constraints to objectClass module

These additional constraints are applied, found by the Microsoft testsuite.

 - When the parent is not present, we now return 'NO_SUCH_OBJECT'.
 - Restrict the choice of RDN to the correct one per the schema
 - Honour the allowedChildClasses attribute from the parent's objectClass.

Andrew Bartlett

10 years agondr: rebuild lsa IDL after recent change
Andrew Tridgell [Sat, 3 Oct 2009 09:02:27 +0000 (19:02 +1000)]
ndr: rebuild lsa IDL after recent change

10 years agos4:ldap.py - add a test for the "systemOnly" classes
Matthias Dieter Wallnöfer [Sat, 3 Oct 2009 08:57:14 +0000 (10:57 +0200)]
s4:ldap.py - add a test for the "systemOnly" classes

10 years agos4:dsdb Don't allow creation of systemOnly objectclasses
Matthias Dieter Wallnöfer [Sat, 3 Oct 2009 08:52:53 +0000 (10:52 +0200)]
s4:dsdb Don't allow creation of systemOnly objectclasses

(except as part of the provision, which specifies the 'relax' control)

Andrew Bartlett

10 years agos4:rdn_name - fix up the rename operation
Matthias Dieter Wallnöfer [Sat, 3 Oct 2009 08:36:41 +0000 (10:36 +0200)]
s4:rdn_name - fix up the rename operation

A function call was wrong ("ldb_request" rathen than "ldb_next_request").

10 years agoidl: some lsa vars are uint3264
Andrew Tridgell [Sat, 3 Oct 2009 08:13:50 +0000 (18:13 +1000)]
idl: some lsa vars are uint3264

10 years agopidl: added int3264 as a base type
Andrew Tridgell [Sat, 3 Oct 2009 08:13:25 +0000 (18:13 +1000)]
pidl: added int3264 as a base type

This is the type used for a variable that is 32 bits for NDR32 and 64
bits for NDR64

10 years agos3:Makefile: minor clean up
Björn Jacke [Fri, 2 Oct 2009 22:19:30 +0000 (00:19 +0200)]
s3:Makefile: minor clean up

10 years agos3:Makefile: fix libnetapi dependencies with static build
Björn Jacke [Fri, 2 Oct 2009 22:15:19 +0000 (00:15 +0200)]
s3:Makefile: fix libnetapi dependencies with static build

analogical to previous libtalloc fix

10 years agos3:Makefile: eventlogadm dependency cleanup
Björn Jacke [Fri, 2 Oct 2009 21:08:11 +0000 (23:08 +0200)]
s3:Makefile: eventlogadm dependency cleanup

no need to link against popt lib

10 years agos3:Makefile: fix libwbclient dependencies with static build
Björn Jacke [Fri, 2 Oct 2009 21:05:27 +0000 (23:05 +0200)]
s3:Makefile: fix libwbclient dependencies with static build

analogical to previous libtalloc fix

10 years agos3:Makefile: fix libtdb dependencies with static build
Björn Jacke [Fri, 2 Oct 2009 21:01:18 +0000 (23:01 +0200)]
s3:Makefile: fix libtdb dependencies with static build

analogical to previous libtalloc fix

10 years agos3:Makefile: fix talloc dependencies with static build (2nd try)
Björn Jacke [Fri, 2 Oct 2009 20:43:14 +0000 (22:43 +0200)]
s3:Makefile: fix talloc dependencies with static build (2nd try)

When configure options --with-libtalloc=no --enable-shared-libs=no are used,
LIBTALLOC_TARGET stays empty. Actually LIBTALLOC_TARGET which is only used for
Makefile dependencies is obsolete as LIBTALLOC contains exactly the targets
that we depend on, libtalloc finally is the target to depend on.

10 years agoRevert "s3:Makefile: fix talloc dependencies with static build"
Björn Jacke [Fri, 2 Oct 2009 20:00:50 +0000 (22:00 +0200)]
Revert "s3:Makefile: fix talloc dependencies with static build"

This reverts commit 2af2334522bc3d2c44bdcf7c9f1e80d2bcbf2024.

a more correct way to fix the libtalloc dependencies follows

10 years agos3:Makefile: libsmbsharemode dependency cleanup
Björn Jacke [Fri, 2 Oct 2009 00:18:50 +0000 (02:18 +0200)]
s3:Makefile: libsmbsharemode dependency cleanup

no need to link against ldap and krb5 libs

10 years agos3:Makefile: net utility dependency cleanup
Björn Jacke [Fri, 2 Oct 2009 00:28:56 +0000 (02:28 +0200)]
s3:Makefile: net utility dependency cleanup

no need to link against iniparser lib

10 years agos3:configure: use --aѕ-needed linker option when supported
Björn Jacke [Fri, 2 Oct 2009 17:53:53 +0000 (19:53 +0200)]
s3:configure: use --aѕ-needed linker option when supported

Based on a patch from Andreas Schneider but modified that --aѕ-needed is also
used when own libs are not build shared (--enable-shared). Also change order of
options so that user supplied LDFLAGS are put *after* the automatic --aѕ-needed
flag. This way it's pollible to force not use as-needed by setting LDFLAGS
environment variable to "-Wl,--no-as-needed".

10 years agos3:doc: add some detail about lanman auth parameter
Björn Jacke [Fri, 2 Oct 2009 15:55:50 +0000 (17:55 +0200)]
s3:doc: add some detail about lanman auth parameter

add interesting detail: lm passwords will be removed from databaѕe with
lanman auth = no

10 years agoRevert "s4:LDB/LDAP - Re-allow renames"
Matthias Dieter Wallnöfer [Fri, 2 Oct 2009 22:06:41 +0000 (00:06 +0200)]
Revert "s4:LDB/LDAP - Re-allow renames"

This reverts commit 767fce6fccf484b547219abd5e6abc941eacaf92.

Simo pointed out that the patch generates race conditions. We need to solve this
using a new control.

10 years agos4:repl_meta_data - various
Matthias Dieter Wallnöfer [Fri, 2 Oct 2009 21:26:35 +0000 (23:26 +0200)]
s4:repl_meta_data - various

- Add more "talloc_free"s and right error values where needed
- Add a pre-lookup for entries before searching for metadata attribute
  (also suggested by TODO list)
- Now the most part of "ldap.py" works again

10 years agoRemove lots of duplicate code and move it into one
Jeremy Allison [Fri, 2 Oct 2009 20:45:38 +0000 (13:45 -0700)]
Remove lots of duplicate code and move it into one
function vfs_stat_fsp(). Stops code looking at fsp->posix_open
except for exceptional circumstances.
Jeremy.

10 years agos4:ldap.py - add a very special rename test (with invalid - empty RDN)
Matthias Dieter Wallnöfer [Fri, 2 Oct 2009 19:26:35 +0000 (21:26 +0200)]
s4:ldap.py - add a very special rename test (with invalid - empty RDN)

10 years agos4:ldb_ildap - Don't segfault on a empty RDN
Matthias Dieter Wallnöfer [Fri, 2 Oct 2009 19:26:12 +0000 (21:26 +0200)]
s4:ldb_ildap - Don't segfault on a empty RDN

10 years agos4:LDB/LDAP - Re-allow renames
Matthias Dieter Wallnöfer [Fri, 2 Oct 2009 19:23:23 +0000 (21:23 +0200)]
s4:LDB/LDAP - Re-allow renames

The main problem is that the "rdn_name" module launches on a rename request also
a modification one with the "special attributes" which can't be changed directly.
An introduced flag helps to bypass the restriction.

10 years agoMissed one VFS_STAT -> VFS_LSTAT
Jeremy Allison [Fri, 2 Oct 2009 18:07:17 +0000 (11:07 -0700)]
Missed one VFS_STAT -> VFS_LSTAT
Jeremy.

10 years agoFix more use of VFS_STAT when posix pathnames selected.
Jeremy Allison [Fri, 2 Oct 2009 18:05:03 +0000 (11:05 -0700)]
Fix more use of VFS_STAT when posix pathnames selected.
Jeremy.

10 years agos4:ldap.py - major enhancements
Matthias Dieter Wallnöfer [Fri, 2 Oct 2009 16:31:38 +0000 (18:31 +0200)]
s4:ldap.py - major enhancements

- Clean up and reorder it a bit
- Test which adds invalid attributes
- Test which makes sure that the 'distinguishedName' attribute cannot be modified
- Test which makes sure that we cannot change the RDN/'name' attribute through a modify request

10 years agos4:ldb Don't allow RDN to be modified with an LDB modify message
Andrew Bartlett [Thu, 24 Sep 2009 04:12:00 +0000 (21:12 -0700)]
s4:ldb Don't allow RDN to be modified with an LDB modify message

Found by the Microsoft testsuite at the AD interop event.

Andrew Bartlett

10 years agos4:rdn_name module - a normal error message should be enough for this failure
Matthias Dieter Wallnöfer [Fri, 2 Oct 2009 17:09:13 +0000 (19:09 +0200)]
s4:rdn_name module - a normal error message should be enough for this failure

I don't think that we really want to have this error printed out on the server
console (stdout) since this hasn't serious results as DB or data corruption
and similar.

10 years agos4:ldb Don't allow modifcation of distinguishedName
Andrew Bartlett [Fri, 25 Sep 2009 00:20:55 +0000 (17:20 -0700)]
s4:ldb Don't allow modifcation of distinguishedName

10 years agos4:dsdb Return correct error on invalid attribute
Andrew Bartlett [Fri, 25 Sep 2009 23:40:30 +0000 (16:40 -0700)]
s4:dsdb Return correct error on invalid attribute

This error per the Microsoft testsuite

10 years agos4:dsdb Pass down the exact error code on failure in repl_meta_data
Andrew Bartlett [Thu, 24 Sep 2009 04:13:22 +0000 (21:13 -0700)]
s4:dsdb Pass down the exact error code on failure in repl_meta_data

10 years agos4:samdb_set_password - Return the maximum password age when requested (not the minim...
Matthias Dieter Wallnöfer [Fri, 25 Sep 2009 16:03:31 +0000 (18:03 +0200)]
s4:samdb_set_password - Return the maximum password age when requested (not the minimum one)

10 years agos4:samdb_set_password - cosmetic fixes
Matthias Dieter Wallnöfer [Wed, 23 Sep 2009 17:23:17 +0000 (19:23 +0200)]
s4:samdb_set_password - cosmetic fixes

10 years agos4: fix various warnings (not "const" related ones)
Matthias Dieter Wallnöfer [Tue, 29 Sep 2009 09:49:50 +0000 (11:49 +0200)]
s4: fix various warnings (not "const" related ones)

10 years agos4/srvsvc: deactivate a "ntvfs_connect" with a wrong parameter
Matthias Dieter Wallnöfer [Tue, 29 Sep 2009 09:49:50 +0000 (11:49 +0200)]
s4/srvsvc: deactivate a "ntvfs_connect" with a wrong parameter

In the srvsvc code for s4 (NTVFS module) there exists a call to "ntvfs_connect"
which is performed with a totally wrong argument. Since I'm not able to fix
this, I commented it out and added a "FIXME" comment.

10 years agos4:provision_users.ldif - Put potential primary groups in front of the file
Matthias Dieter Wallnöfer [Fri, 2 Oct 2009 13:21:17 +0000 (15:21 +0200)]
s4:provision_users.ldif - Put potential primary groups in front of the file

(So they can be always found by the SAMLDB module)

10 years agoRevert "s4:ldb-samba Use temp talloc contexts and talloc_steal avoid leaks."
Andrew Tridgell [Fri, 2 Oct 2009 12:40:50 +0000 (22:40 +1000)]
Revert "s4:ldb-samba Use temp talloc contexts and talloc_steal avoid leaks."

This reverts commit 38f87f40bfd7892043d49009067ae28431279580.

10 years agoRevert "s4:ldb Fix ldb_list_find() folowing the change from char * to TDB_DATA"
Andrew Tridgell [Fri, 2 Oct 2009 12:40:31 +0000 (22:40 +1000)]
Revert "s4:ldb Fix ldb_list_find() folowing the change from char * to TDB_DATA"

This reverts commit f0c2c9854c7659221fe9480110a7d9b2b48afbf9.

10 years agoRevert "s4:ldb always talloc_free() the ldb_ldif_write context, even on success"
Andrew Tridgell [Fri, 2 Oct 2009 12:40:02 +0000 (22:40 +1000)]
Revert "s4:ldb always talloc_free() the ldb_ldif_write context, even on success"

This reverts commit a610843e9f21ee77fd29356313d2ef05fe25a1ed.

10 years agoRevert "s4:ldb Remove LTDB_PACKING_FORMAT_NODN"
Andrew Tridgell [Fri, 2 Oct 2009 12:39:44 +0000 (22:39 +1000)]
Revert "s4:ldb Remove LTDB_PACKING_FORMAT_NODN"

This reverts commit bcbf0ae1e707c2355824800dc213d364070f070a.

10 years agoRevert "s4-ldb: merged with master"
Andrew Tridgell [Fri, 2 Oct 2009 12:39:19 +0000 (22:39 +1000)]
Revert "s4-ldb: merged with master"

This reverts commit 14c9070322d089dd96b389e8087c4f4bf1a6c7cc.

10 years agoRevert "s4-ldb: overallocate idxptr to reduce memory fragmentation"
Andrew Tridgell [Fri, 2 Oct 2009 12:39:10 +0000 (22:39 +1000)]
Revert "s4-ldb: overallocate idxptr to reduce memory fragmentation"

This reverts commit e7846f69cacdd0551fcd777a71bf833a2fc9ca2b.

10 years agoRevert "s4-ldb: fixed a memory leak"
Andrew Tridgell [Fri, 2 Oct 2009 12:38:58 +0000 (22:38 +1000)]
Revert "s4-ldb: fixed a memory leak"

This reverts commit c7358d989034c9d936c04f2a7e4f89db252b798e.

10 years agos4-winbind: support the s3 response flags on krb5 auth too
Andrew Tridgell [Fri, 2 Oct 2009 12:17:42 +0000 (22:17 +1000)]
s4-winbind: support the s3 response flags on krb5 auth too

This fixes the samba4.blackbox.wbinfo test, which was failing on a
wbinfo -K command

10 years agos4-winbind: support the Samba3 TXT form of the info3 for wbinfo -a
Andrew Tridgell [Fri, 2 Oct 2009 11:31:05 +0000 (21:31 +1000)]
s4-winbind: support the Samba3 TXT form of the info3 for wbinfo -a

This sends the info3 as hand marshalled data

10 years agos4:ldb.h - cosmetic - add whitespace
Matthias Dieter Wallnöfer [Fri, 2 Oct 2009 10:23:25 +0000 (12:23 +0200)]
s4:ldb.h - cosmetic - add whitespace

10 years agos4:provision - Cosmetic - right indentations
Matthias Dieter Wallnöfer [Fri, 2 Oct 2009 10:18:03 +0000 (12:18 +0200)]
s4:provision - Cosmetic - right indentations

10 years agos4:dsdb Fix crash from LDAP login of DOM\\
Andrew Bartlett [Sat, 26 Sep 2009 00:37:21 +0000 (17:37 -0700)]
s4:dsdb Fix crash from LDAP login of DOM\\

The issue here is that when we resolve DOM\\ into an NT4 name, we
would not initilise the nt4_account output.

Andrew Bartlett

10 years agos4:dsdb rework instanceType module - put instanceType in provision
Andrew Bartlett [Thu, 24 Sep 2009 22:06:11 +0000 (15:06 -0700)]
s4:dsdb rework instanceType module - put instanceType in provision

The instanceType needs to be specified in future because that's how
the partitions are actually created.

10 years agos4:dsdb Don't allow creating of new objects with an isDefunct schema class
Andrew Bartlett [Fri, 25 Sep 2009 15:34:33 +0000 (08:34 -0700)]
s4:dsdb Don't allow creating of new objects with an isDefunct schema class

10 years agos4:dsdb Add 'lazy_commit' module to swallow the 'lazy commit' OID
Andrew Bartlett [Fri, 25 Sep 2009 15:08:18 +0000 (08:08 -0700)]
s4:dsdb Add 'lazy_commit' module to swallow the 'lazy commit' OID

This allows this control to be specified as critical.  We support the
control because we choose to always be durable in our transactions.

We really, really need a 'duplicate request' API, as at the
moment we can't do this without a large, error-prone set of code that
cannot cope with new request fields or types.

Andrew Bartlett

10 years agos4:ldap_server Ensure we don't segfault when sent a NULL new RDN
Andrew Bartlett [Fri, 25 Sep 2009 15:06:37 +0000 (08:06 -0700)]
s4:ldap_server Ensure we don't segfault when sent a NULL new RDN

The Microsoft testsuite tried to rename
cn=administrator,cn=users,... into "",cn=users... which didn't go so well.

Andrew Bartlett

10 years agos4:provision Ensure we add the schema with the 'relax' control
Andrew Bartlett [Fri, 25 Sep 2009 00:21:47 +0000 (17:21 -0700)]
s4:provision Ensure we add the schema with the 'relax' control

(allows addition of systemOnly classes)

10 years agos4-ldb: fixed a memory leak
Andrew Tridgell [Wed, 23 Sep 2009 05:15:11 +0000 (22:15 -0700)]
s4-ldb: fixed a memory leak

10 years agos4-ldb: overallocate idxptr to reduce memory fragmentation
Andrew Tridgell [Wed, 23 Sep 2009 05:14:30 +0000 (22:14 -0700)]
s4-ldb: overallocate idxptr to reduce memory fragmentation

10 years agos4-ldb: merged with master
Andrew Bartlett [Wed, 23 Sep 2009 04:11:41 +0000 (21:11 -0700)]
s4-ldb: merged with master

10 years agos4:ldb Remove LTDB_PACKING_FORMAT_NODN
Andrew Bartlett [Tue, 1 Sep 2009 09:55:30 +0000 (19:55 +1000)]
s4:ldb Remove LTDB_PACKING_FORMAT_NODN

The restructured code makes this hader to support, and we have not had
this kind of LDB for a very long time now.

Andrew Bartlett

10 years agos4:ldb always talloc_free() the ldb_ldif_write context, even on success
Andrew Bartlett [Tue, 1 Sep 2009 02:07:49 +0000 (12:07 +1000)]
s4:ldb always talloc_free() the ldb_ldif_write context, even on success

10 years agos4:ldb Fix ldb_list_find() folowing the change from char * to TDB_DATA
Andrew Bartlett [Tue, 1 Sep 2009 02:01:03 +0000 (12:01 +1000)]
s4:ldb Fix ldb_list_find() folowing the change from char * to TDB_DATA

(The format of index records in the internal manipulation changed)

Andrew Bartlett

10 years agos4:ldb-samba Use temp talloc contexts and talloc_steal avoid leaks.
Andrew Bartlett [Tue, 1 Sep 2009 01:59:50 +0000 (11:59 +1000)]
s4:ldb-samba Use temp talloc contexts and talloc_steal avoid leaks.

We would use the mem_ctx for internal work, but previously we did not
clean it up on exit.

Andrew Bartlett

10 years agos4: Improve provisioning: use relax control
Matthieu Patou [Tue, 22 Sep 2009 21:49:22 +0000 (01:49 +0400)]
s4: Improve provisioning: use relax control

Give the possibility to specify controls when loading ldif files.
  Relax control is specified by default for all ldb_add_diff (request Andrew B).
  Set domainguid if specified at the creation of object instead of modifying afterward
  Allow to specify objectGUID for NTDS object of the first DC this option is used during provision upgrade.

10 years agopythonbindings: allow add() to have an array of controls as second parameter
Matthieu Patou [Tue, 22 Sep 2009 20:51:25 +0000 (00:51 +0400)]
pythonbindings: allow add() to have an array of controls as second parameter

10 years agos4-ldb: Use relax control to check in replace metadata module if we accept request...
Matthieu Patou [Wed, 23 Sep 2009 09:36:40 +0000 (13:36 +0400)]
s4-ldb: Use relax control to check in replace metadata module if we accept request that specify objectGUID attribute.

10 years agos4-ldb: Add new relax controls that allow relaxed x500 constraints checks
Matthieu Patou [Wed, 23 Sep 2009 09:34:58 +0000 (13:34 +0400)]
s4-ldb: Add new relax controls that allow relaxed x500 constraints checks

10 years agos4:ntvfs Don't attempt to follow NULL in unixuid_setup_security()
Andrew Bartlett [Tue, 22 Sep 2009 21:14:19 +0000 (14:14 -0700)]
s4:ntvfs Don't attempt to follow NULL in unixuid_setup_security()

This segfault occoured in cases where we rejected (or never attempted)
the tree connect, so had an invalid private pointer for the logoff
codepath.

Andrew Bartlett

10 years agos4:Ensure the selected RDN is the right one per the schema
Andrew Bartlett [Tue, 22 Sep 2009 00:24:43 +0000 (17:24 -0700)]
s4:Ensure the selected RDN is the right one per the schema

The relative DN must be the one that the most specific structural
objectclass specifies.

Andrew Bartlett

10 years agos4-samldb: the samldb module requires that the primary group exists
Andrew Tridgell [Fri, 2 Oct 2009 10:00:42 +0000 (20:00 +1000)]
s4-samldb: the samldb module requires that the primary group exists

We need to create Domain Users in the test ldb

10 years agos4-samdb: added some debugging
Andrew Tridgell [Fri, 2 Oct 2009 10:00:08 +0000 (20:00 +1000)]
s4-samdb: added some debugging

This helped track down the samba3sam.py failures

10 years agos4-test: skip python gensec test until its finished
Andrew Tridgell [Fri, 2 Oct 2009 08:52:51 +0000 (18:52 +1000)]
s4-test: skip python gensec test until its finished

10 years agos4-pygensec: a bit closer to working
Andrew Tridgell [Fri, 2 Oct 2009 08:50:59 +0000 (18:50 +1000)]
s4-pygensec: a bit closer to working

I'll need help from Andrew on how to get gensec to initialise it's ops
element

10 years agopidl: fixed unit tests for trailer alignment
Andrew Tridgell [Fri, 2 Oct 2009 07:14:15 +0000 (17:14 +1000)]
pidl: fixed unit tests for trailer alignment

10 years agopid: update ndr testsuite for new union alignment
Andrew Tridgell [Fri, 2 Oct 2009 07:11:26 +0000 (17:11 +1000)]
pid: update ndr testsuite for new union alignment

10 years agos4-torture: added a very simple samr ValidatePassword test
Andrew Tridgell [Fri, 2 Oct 2009 06:03:02 +0000 (16:03 +1000)]
s4-torture: added a very simple samr ValidatePassword test

10 years agos4-samr: fake up a samr_ValidatePassword response
Andrew Tridgell [Fri, 2 Oct 2009 06:02:42 +0000 (16:02 +1000)]
s4-samr: fake up a samr_ValidatePassword response

mdw is working on the correct call to check the password strength

10 years agoidl: rebuilt the IDL for the build farm
Andrew Tridgell [Fri, 2 Oct 2009 05:11:02 +0000 (15:11 +1000)]
idl: rebuilt the IDL for the build farm

10 years agos4-libnet: give sane error messages when functional levels don't match
Andrew Tridgell [Fri, 2 Oct 2009 05:09:59 +0000 (15:09 +1000)]
s4-libnet: give sane error messages when functional levels don't match

It is nice to tell the user why their command failed :-)

10 years agos4:dsdb/common/sidmap - Remove
Matthias Dieter Wallnöfer [Wed, 30 Sep 2009 18:34:35 +0000 (20:34 +0200)]
s4:dsdb/common/sidmap - Remove

As metze pointed out - this seems to be completely dead code. I too didn't find
any dependencies in other code parts. Therefore remove it.

10 years agos4:provision - Change the default forest/domain function level back to Windows 2003...
Matthias Dieter Wallnöfer [Tue, 29 Sep 2009 08:50:45 +0000 (10:50 +0200)]
s4:provision - Change the default forest/domain function level back to Windows 2003 Native

10 years agos4:libnet_become_dc - add checks for valid domain/forest function levels
Matthias Dieter Wallnöfer [Fri, 25 Sep 2009 08:44:19 +0000 (10:44 +0200)]
s4:libnet_become_dc - add checks for valid domain/forest function levels

Add checks to make sure that we join only supported AD domains (we agreed that
those are >= (Windows) 2003 Native per default - this is changeable with the
"ads:function level" option).
Add also checks to make sure that we cannot join domains which have a bigger
function level than our DC capable function level (e.g. a (Windows) 2008 DC
cannot join a (Windows) 2008 R2 domain).

10 years agondr64: added support for trailing gap alignment
Andrew Tridgell [Thu, 1 Oct 2009 06:08:02 +0000 (16:08 +1000)]
ndr64: added support for trailing gap alignment

NDR64 has a 'trailing gap' alignment, which aligns the end of a
structure on the overall structure alignment.

This explains the discrepancy we had with the RPC-SAMR test and NDR64

10 years agos4-ldb: accept the binary DN OIDs in extended DN modules
Andrew Tridgell [Thu, 24 Sep 2009 14:06:03 +0000 (07:06 -0700)]
s4-ldb: accept the binary DN OIDs in extended DN modules

10 years agos4-ldb: Add support for binary blobs in DNs
Andrew Tridgell [Fri, 2 Oct 2009 02:03:05 +0000 (12:03 +1000)]
s4-ldb: Add support for binary blobs in DNs

AD has the concept of a DN prefixed with B:NN:XXXXXX: that contains a
binary blob. We need to support those in order to give correctly
formatted binary blobs for things like wellKnownObjects

This implementation is not ideal, as it allows for binary blobs on all
DNs, whereas it should only allow them on those with a syntax of
2.5.5.7. We should clean this up in the future, but meanwhile this
implementation at least gets us a working DC join of w2k8 to s4.

This patch also uses a static function for marking DNs as invalid,
which is very useful when debugging this code, as you can break on it
in gdb.

10 years agos4-cldap: match w2k8-r2 for cldap netlogon bits
Andrew Tridgell [Fri, 2 Oct 2009 01:52:16 +0000 (11:52 +1000)]
s4-cldap: match w2k8-r2 for cldap netlogon bits

Windows does not set the 3 high bits, which is strange given their
meaning. I've submitted a CAR on this.

10 years agods-flags: use the new name DS_DNS_FOREST_ROOT
Andrew Tridgell [Fri, 2 Oct 2009 02:02:00 +0000 (12:02 +1000)]
ds-flags: use the new name DS_DNS_FOREST_ROOT

Update to use the new DS_DNS_FOREST_ROOT name, which makes it clearer
what this bit means (according to MS-ADTS doc)

10 years agos3-ads: removed 3 unused defines
Andrew Tridgell [Fri, 2 Oct 2009 01:49:58 +0000 (11:49 +1000)]
s3-ads: removed 3 unused defines

These are in nbt.idl and netlogon.idl as well, no need to have them
here under different names, especially when the comments are wrong

10 years agoidl: use common netlogon bit definitions
Andrew Tridgell [Thu, 1 Oct 2009 07:29:56 +0000 (17:29 +1000)]
idl: use common netlogon bit definitions

The DS_ bits had got a bit ahead of the NBT_ bits.

Ideally we'd make these a single set of bits at some point.

This also removes NBT_SERVER_DNS_FOREST as this bit doesn't exist. I
think it came from someone mis-reading the docs, which show the bits
in reverse order within bytes (one of the worst bit table
representations I have ever seen!)

10 years agos4/torture: Add two new SMB RAW-OPEN tests
Aravind Srinivasan [Thu, 1 Oct 2009 23:13:37 +0000 (16:13 -0700)]
s4/torture: Add two new SMB RAW-OPEN tests

* Add chained NTCREATEX_READX test which first tries to open/read
  a non-existant file failing on the open, then attempts the same
  operation on a file that does exist, opening and reading
  successfully.

* Add test for open_dispositions on directories.

10 years agos4/torture: convert printf to torture_comment() in RAW-OPEN
Aravind Srinivasan [Thu, 1 Oct 2009 23:11:59 +0000 (16:11 -0700)]
s4/torture: convert printf to torture_comment() in RAW-OPEN

Allows "make test" and other harnesses to print cleaner output.

10 years agoFix bug #6769 - symlink unlink does nothing.
Jeremy Allison [Thu, 1 Oct 2009 23:54:06 +0000 (16:54 -0700)]
Fix bug #6769 - symlink unlink does nothing.
Always use LSTAT for POSIX pathnames.
Jeremy.

10 years agos4/torture: second try on renaming oplocks.c to oplock.c
Steven Danneman [Thu, 1 Oct 2009 23:38:40 +0000 (16:38 -0700)]
s4/torture: second try on renaming oplocks.c to oplock.c

Forgot to "git add" the new file in commit b2bcfaae

10 years agoNULL is not a valid event context.
Jeremy Allison [Thu, 1 Oct 2009 23:18:33 +0000 (16:18 -0700)]
NULL is not a valid event context.
Jeremy.

10 years agos4/torture: rename oplocks.c to oplock.c to match SMB1 file layout
Steven Danneman [Thu, 1 Oct 2009 20:47:28 +0000 (13:47 -0700)]
s4/torture: rename oplocks.c to oplock.c to match SMB1 file layout

10 years agos4/torture: Ported SMB oplock torture tests to SMB2
Steven Danneman [Thu, 30 Jul 2009 22:10:50 +0000 (15:10 -0700)]
s4/torture: Ported SMB oplock torture tests to SMB2

I've ported all applicable SMB oplock torture tests to SMB2, giving us
a good base for SMB2 oplock testing.

There are several differences between oplocks in SMB and SMB2, mostly
because of differences in W2K3 and W2K8.  The existing SMB oplock
tests all pass against W2K3, but several fail against W2K8.  These
same tests were failing in SMB2, util I reworked them.

BATCH19, BATCH20: In W2K3/SMB a setfileinfo - rename command wouldn't
cause a sharing violation or break an existing oplock.  It appears that
in W2K8/SMB2 a sharing violation is raised.

BATCH22: In W2K3/SMB when a second opener was waiting the full timeout
of an oplock break, it would receive NT_STATUS_SHARING_VIOLATION after
about 35 seconds.  This bug has been fixed in W2K8/SMB2 and instead
the second opener succeeds.

LEVELII500: Added 1 new test checking that the server returns a proper
error code when a client improperly replies to a levelII to none break
notification.

STREAM1: W2K8 now grants oplocks on alternate data streams.

10 years agos4/torture: fix typo in test comment
Steven Danneman [Thu, 1 Oct 2009 18:35:17 +0000 (11:35 -0700)]
s4/torture: fix typo in test comment

10 years agos4/asn1: ber_read_OID_String() to be based on _ber_read_OID_String_impl()
Kamen Mazdrashki [Fri, 25 Sep 2009 22:41:18 +0000 (01:41 +0300)]
s4/asn1: ber_read_OID_String() to be based on _ber_read_OID_String_impl()