Volker Lendecke [Mon, 5 Oct 2009 20:00:16 +0000 (22:00 +0200)]
s3:winbind: Fix typos
Volker Lendecke [Sun, 4 Oct 2009 13:47:33 +0000 (15:47 +0200)]
s3: Attempt to fix machine password change
Jeremy Allison [Mon, 5 Oct 2009 17:27:48 +0000 (10:27 -0700)]
Fix bug 6776 - Running overlapping Byte Lock test will core dump Samba daemon.
Re-write core of POSIX locking logic.
Jeremy.
Günther Deschner [Mon, 5 Oct 2009 13:10:35 +0000 (15:10 +0200)]
libndr: add int3264 ndr prototype.
Guenther
Günther Deschner [Mon, 5 Oct 2009 11:01:53 +0000 (13:01 +0200)]
s3-net: print error when "net rpc changetrustpw" has failed.
Guenther
Volker Lendecke [Sun, 4 Oct 2009 13:19:19 +0000 (15:19 +0200)]
s3: Remove a scary error message -- talloc_move can not fail :-)
Signed-off-by: Günther Deschner <gd@samba.org>
Volker Lendecke [Sun, 4 Oct 2009 13:13:44 +0000 (15:13 +0200)]
s3: Fix nonempty blank lines
Signed-off-by: Günther Deschner <gd@samba.org>
Günther Deschner [Thu, 1 Oct 2009 23:25:13 +0000 (01:25 +0200)]
lib/tdr: get rid of build warning when using TDR_ALLOC macro.
Guenther
Günther Deschner [Thu, 1 Oct 2009 11:42:29 +0000 (13:42 +0200)]
s3: remove unused PRS_POINTER_CAST macro.
Guenther
Günther Deschner [Thu, 1 Oct 2009 10:52:46 +0000 (12:52 +0200)]
s3: remove unused SYSTEMTIME struct.
Guenther
Matthias Dieter Wallnöfer [Tue, 29 Sep 2009 10:01:15 +0000 (12:01 +0200)]
s3/s4 common: fix up header file
Björn Jacke [Sat, 3 Oct 2009 23:40:34 +0000 (01:40 +0200)]
s3:Makefile: another attempt to fix the wbclient dependency
in the dependencies we always used a variable that was not jet defined.
Björn Jacke [Sat, 3 Oct 2009 23:33:12 +0000 (01:33 +0200)]
s3:Makefile: another attempt to fix the netapi dependency
in the dependencies we always used a variable that was not jet defined.
Björn Jacke [Sat, 3 Oct 2009 23:30:43 +0000 (01:30 +0200)]
s3:Makefile: another attempt to fix the tdb dependency
in the dependencies we always used a variable that was not jet defined.
Björn Jacke [Sat, 3 Oct 2009 23:20:38 +0000 (01:20 +0200)]
s3:Makefile: another attempt to fix the talloc dependency
in the dependencies we always used a variable that was not jet defined.
Björn Jacke [Sat, 3 Oct 2009 21:04:12 +0000 (23:04 +0200)]
Revert "s3:Makefile: fix talloc dependencies with static build (2nd try)"
This reverts commit
b60d87c20712bd3d83166bd13fe1d2bab0315609.
Björn Jacke [Sat, 3 Oct 2009 21:00:37 +0000 (23:00 +0200)]
Revert "s3:Makefile: fix libtdb dependencies with static build"
This reverts commit
da15726630b0f796aef52a20d96898e269058456.
Björn Jacke [Sat, 3 Oct 2009 20:53:52 +0000 (22:53 +0200)]
Revert "s3:Makefile: fix libwbclient dependencies with static build"
This reverts commit
d7795f2afa3779399fe9e7b4f050d19a412f8bcd.
Björn Jacke [Sat, 3 Oct 2009 20:53:15 +0000 (22:53 +0200)]
Revert "s3:Makefile: fix libnetapi dependencies with static build"
This reverts commit
110897a057af01f3c01a1783e06080b54631ba2d.
Volker Lendecke [Sat, 3 Oct 2009 15:10:53 +0000 (17:10 +0200)]
s3:winbind: use wb_fill_pwent in wb_getpwsid
Volker Lendecke [Sat, 3 Oct 2009 15:11:43 +0000 (17:11 +0200)]
s3:winbind: No point in using strequal to detect a 0-length string
Matthias Dieter Wallnöfer [Sat, 3 Oct 2009 14:50:34 +0000 (16:50 +0200)]
s4:ldap.py - commented out the UTF8 tests (and fixed some deletion DNs)
Volker Lendecke [Sat, 3 Oct 2009 14:43:01 +0000 (16:43 +0200)]
s3:winbind: use talloc_tos() instead of NULL in fillup_pw_field
Volker Lendecke [Sat, 3 Oct 2009 14:36:11 +0000 (16:36 +0200)]
s3:winbind: Fix a debug message
Matthias Dieter Wallnöfer [Sat, 3 Oct 2009 13:37:25 +0000 (15:37 +0200)]
s4:ldb_tdb - fix memory leaks
Matthias Dieter Wallnöfer [Sat, 3 Oct 2009 13:36:44 +0000 (15:36 +0200)]
heimdal kerberos - fix memory leak (free the plugin list always - not only in error cases)
Matthias Dieter Wallnöfer [Sat, 3 Oct 2009 13:08:19 +0000 (15:08 +0200)]
s4:objectclass - Free unused memory from responses
Matthias Dieter Wallnöfer [Sat, 3 Oct 2009 13:08:00 +0000 (15:08 +0200)]
s4:schema_inferiors - Fix wrong check
Volker Lendecke [Sat, 3 Oct 2009 12:21:13 +0000 (14:21 +0200)]
s3: Make default_[static|shared]_modules a bit more readable
Matthias Dieter Wallnöfer [Thu, 1 Oct 2009 09:37:01 +0000 (11:37 +0200)]
s4:ldb.h - add constant for LDAP EXOP password change
Also enhance some other comments.
Matthias Dieter Wallnöfer [Tue, 29 Sep 2009 09:43:17 +0000 (11:43 +0200)]
heimdal - fix various warnings
- Shadowed variables
- "const" related warnings
- Parameter names which shadow function declarations
- Non-void functions which have no return value
(patch also ported upstream)
Matthias Dieter Wallnöfer [Sat, 3 Oct 2009 09:37:30 +0000 (11:37 +0200)]
s4:ldap.py - add tests for valid parent and RDN
Andrew Bartlett [Thu, 24 Sep 2009 22:14:49 +0000 (15:14 -0700)]
s4:dsdb Use possibleInferiors to restrict creation of child objects
This also uses systemPossibleInferiors when the 'relax' control is
specified, which is done by the provision.
Andrew Bartlett
Andrew Bartlett [Thu, 24 Sep 2009 22:12:49 +0000 (15:12 -0700)]
s4:dsdb add systemPossibleInferiors to schema code
This allows us to figure out what the system can add, which will not
be in possibleInferiors due to the systemOnly flag.
Andrew Bartlett
Andrew Bartlett [Thu, 24 Sep 2009 04:16:42 +0000 (21:16 -0700)]
s4:dsdb Add objectClass and RDN constraints to objectClass module
These additional constraints are applied, found by the Microsoft testsuite.
- When the parent is not present, we now return 'NO_SUCH_OBJECT'.
- Restrict the choice of RDN to the correct one per the schema
- Honour the allowedChildClasses attribute from the parent's objectClass.
Andrew Bartlett
Andrew Tridgell [Sat, 3 Oct 2009 09:02:27 +0000 (19:02 +1000)]
ndr: rebuild lsa IDL after recent change
Matthias Dieter Wallnöfer [Sat, 3 Oct 2009 08:57:14 +0000 (10:57 +0200)]
s4:ldap.py - add a test for the "systemOnly" classes
Matthias Dieter Wallnöfer [Sat, 3 Oct 2009 08:52:53 +0000 (10:52 +0200)]
s4:dsdb Don't allow creation of systemOnly objectclasses
(except as part of the provision, which specifies the 'relax' control)
Andrew Bartlett
Matthias Dieter Wallnöfer [Sat, 3 Oct 2009 08:36:41 +0000 (10:36 +0200)]
s4:rdn_name - fix up the rename operation
A function call was wrong ("ldb_request" rathen than "ldb_next_request").
Andrew Tridgell [Sat, 3 Oct 2009 08:13:50 +0000 (18:13 +1000)]
idl: some lsa vars are uint3264
Andrew Tridgell [Sat, 3 Oct 2009 08:13:25 +0000 (18:13 +1000)]
pidl: added int3264 as a base type
This is the type used for a variable that is 32 bits for NDR32 and 64
bits for NDR64
Björn Jacke [Fri, 2 Oct 2009 22:19:30 +0000 (00:19 +0200)]
s3:Makefile: minor clean up
Björn Jacke [Fri, 2 Oct 2009 22:15:19 +0000 (00:15 +0200)]
s3:Makefile: fix libnetapi dependencies with static build
analogical to previous libtalloc fix
Björn Jacke [Fri, 2 Oct 2009 21:08:11 +0000 (23:08 +0200)]
s3:Makefile: eventlogadm dependency cleanup
no need to link against popt lib
Björn Jacke [Fri, 2 Oct 2009 21:05:27 +0000 (23:05 +0200)]
s3:Makefile: fix libwbclient dependencies with static build
analogical to previous libtalloc fix
Björn Jacke [Fri, 2 Oct 2009 21:01:18 +0000 (23:01 +0200)]
s3:Makefile: fix libtdb dependencies with static build
analogical to previous libtalloc fix
Björn Jacke [Fri, 2 Oct 2009 20:43:14 +0000 (22:43 +0200)]
s3:Makefile: fix talloc dependencies with static build (2nd try)
When configure options --with-libtalloc=no --enable-shared-libs=no are used,
LIBTALLOC_TARGET stays empty. Actually LIBTALLOC_TARGET which is only used for
Makefile dependencies is obsolete as LIBTALLOC contains exactly the targets
that we depend on, libtalloc finally is the target to depend on.
Björn Jacke [Fri, 2 Oct 2009 20:00:50 +0000 (22:00 +0200)]
Revert "s3:Makefile: fix talloc dependencies with static build"
This reverts commit
2af2334522bc3d2c44bdcf7c9f1e80d2bcbf2024.
a more correct way to fix the libtalloc dependencies follows
Björn Jacke [Fri, 2 Oct 2009 00:18:50 +0000 (02:18 +0200)]
s3:Makefile: libsmbsharemode dependency cleanup
no need to link against ldap and krb5 libs
Björn Jacke [Fri, 2 Oct 2009 00:28:56 +0000 (02:28 +0200)]
s3:Makefile: net utility dependency cleanup
no need to link against iniparser lib
Björn Jacke [Fri, 2 Oct 2009 17:53:53 +0000 (19:53 +0200)]
s3:configure: use --aѕ-needed linker option when supported
Based on a patch from Andreas Schneider but modified that --aѕ-needed is also
used when own libs are not build shared (--enable-shared). Also change order of
options so that user supplied LDFLAGS are put *after* the automatic --aѕ-needed
flag. This way it's pollible to force not use as-needed by setting LDFLAGS
environment variable to "-Wl,--no-as-needed".
Björn Jacke [Fri, 2 Oct 2009 15:55:50 +0000 (17:55 +0200)]
s3:doc: add some detail about lanman auth parameter
add interesting detail: lm passwords will be removed from databaѕe with
lanman auth = no
Matthias Dieter Wallnöfer [Fri, 2 Oct 2009 22:06:41 +0000 (00:06 +0200)]
Revert "s4:LDB/LDAP - Re-allow renames"
This reverts commit
767fce6fccf484b547219abd5e6abc941eacaf92.
Simo pointed out that the patch generates race conditions. We need to solve this
using a new control.
Matthias Dieter Wallnöfer [Fri, 2 Oct 2009 21:26:35 +0000 (23:26 +0200)]
s4:repl_meta_data - various
- Add more "talloc_free"s and right error values where needed
- Add a pre-lookup for entries before searching for metadata attribute
(also suggested by TODO list)
- Now the most part of "ldap.py" works again
Jeremy Allison [Fri, 2 Oct 2009 20:45:38 +0000 (13:45 -0700)]
Remove lots of duplicate code and move it into one
function vfs_stat_fsp(). Stops code looking at fsp->posix_open
except for exceptional circumstances.
Jeremy.
Matthias Dieter Wallnöfer [Fri, 2 Oct 2009 19:26:35 +0000 (21:26 +0200)]
s4:ldap.py - add a very special rename test (with invalid - empty RDN)
Matthias Dieter Wallnöfer [Fri, 2 Oct 2009 19:26:12 +0000 (21:26 +0200)]
s4:ldb_ildap - Don't segfault on a empty RDN
Matthias Dieter Wallnöfer [Fri, 2 Oct 2009 19:23:23 +0000 (21:23 +0200)]
s4:LDB/LDAP - Re-allow renames
The main problem is that the "rdn_name" module launches on a rename request also
a modification one with the "special attributes" which can't be changed directly.
An introduced flag helps to bypass the restriction.
Jeremy Allison [Fri, 2 Oct 2009 18:07:17 +0000 (11:07 -0700)]
Missed one VFS_STAT -> VFS_LSTAT
Jeremy.
Jeremy Allison [Fri, 2 Oct 2009 18:05:03 +0000 (11:05 -0700)]
Fix more use of VFS_STAT when posix pathnames selected.
Jeremy.
Matthias Dieter Wallnöfer [Fri, 2 Oct 2009 16:31:38 +0000 (18:31 +0200)]
s4:ldap.py - major enhancements
- Clean up and reorder it a bit
- Test which adds invalid attributes
- Test which makes sure that the 'distinguishedName' attribute cannot be modified
- Test which makes sure that we cannot change the RDN/'name' attribute through a modify request
Andrew Bartlett [Thu, 24 Sep 2009 04:12:00 +0000 (21:12 -0700)]
s4:ldb Don't allow RDN to be modified with an LDB modify message
Found by the Microsoft testsuite at the AD interop event.
Andrew Bartlett
Matthias Dieter Wallnöfer [Fri, 2 Oct 2009 17:09:13 +0000 (19:09 +0200)]
s4:rdn_name module - a normal error message should be enough for this failure
I don't think that we really want to have this error printed out on the server
console (stdout) since this hasn't serious results as DB or data corruption
and similar.
Andrew Bartlett [Fri, 25 Sep 2009 00:20:55 +0000 (17:20 -0700)]
s4:ldb Don't allow modifcation of distinguishedName
Andrew Bartlett [Fri, 25 Sep 2009 23:40:30 +0000 (16:40 -0700)]
s4:dsdb Return correct error on invalid attribute
This error per the Microsoft testsuite
Andrew Bartlett [Thu, 24 Sep 2009 04:13:22 +0000 (21:13 -0700)]
s4:dsdb Pass down the exact error code on failure in repl_meta_data
Matthias Dieter Wallnöfer [Fri, 25 Sep 2009 16:03:31 +0000 (18:03 +0200)]
s4:samdb_set_password - Return the maximum password age when requested (not the minimum one)
Matthias Dieter Wallnöfer [Wed, 23 Sep 2009 17:23:17 +0000 (19:23 +0200)]
s4:samdb_set_password - cosmetic fixes
Matthias Dieter Wallnöfer [Tue, 29 Sep 2009 09:49:50 +0000 (11:49 +0200)]
s4: fix various warnings (not "const" related ones)
Matthias Dieter Wallnöfer [Tue, 29 Sep 2009 09:49:50 +0000 (11:49 +0200)]
s4/srvsvc: deactivate a "ntvfs_connect" with a wrong parameter
In the srvsvc code for s4 (NTVFS module) there exists a call to "ntvfs_connect"
which is performed with a totally wrong argument. Since I'm not able to fix
this, I commented it out and added a "FIXME" comment.
Matthias Dieter Wallnöfer [Fri, 2 Oct 2009 13:21:17 +0000 (15:21 +0200)]
s4:provision_users.ldif - Put potential primary groups in front of the file
(So they can be always found by the SAMLDB module)
Andrew Tridgell [Fri, 2 Oct 2009 12:40:50 +0000 (22:40 +1000)]
Revert "s4:ldb-samba Use temp talloc contexts and talloc_steal avoid leaks."
This reverts commit
38f87f40bfd7892043d49009067ae28431279580.
Andrew Tridgell [Fri, 2 Oct 2009 12:40:31 +0000 (22:40 +1000)]
Revert "s4:ldb Fix ldb_list_find() folowing the change from char * to TDB_DATA"
This reverts commit
f0c2c9854c7659221fe9480110a7d9b2b48afbf9.
Andrew Tridgell [Fri, 2 Oct 2009 12:40:02 +0000 (22:40 +1000)]
Revert "s4:ldb always talloc_free() the ldb_ldif_write context, even on success"
This reverts commit
a610843e9f21ee77fd29356313d2ef05fe25a1ed.
Andrew Tridgell [Fri, 2 Oct 2009 12:39:44 +0000 (22:39 +1000)]
Revert "s4:ldb Remove LTDB_PACKING_FORMAT_NODN"
This reverts commit
bcbf0ae1e707c2355824800dc213d364070f070a.
Andrew Tridgell [Fri, 2 Oct 2009 12:39:19 +0000 (22:39 +1000)]
Revert "s4-ldb: merged with master"
This reverts commit
14c9070322d089dd96b389e8087c4f4bf1a6c7cc.
Andrew Tridgell [Fri, 2 Oct 2009 12:39:10 +0000 (22:39 +1000)]
Revert "s4-ldb: overallocate idxptr to reduce memory fragmentation"
This reverts commit
e7846f69cacdd0551fcd777a71bf833a2fc9ca2b.
Andrew Tridgell [Fri, 2 Oct 2009 12:38:58 +0000 (22:38 +1000)]
Revert "s4-ldb: fixed a memory leak"
This reverts commit
c7358d989034c9d936c04f2a7e4f89db252b798e.
Andrew Tridgell [Fri, 2 Oct 2009 12:17:42 +0000 (22:17 +1000)]
s4-winbind: support the s3 response flags on krb5 auth too
This fixes the samba4.blackbox.wbinfo test, which was failing on a
wbinfo -K command
Andrew Tridgell [Fri, 2 Oct 2009 11:31:05 +0000 (21:31 +1000)]
s4-winbind: support the Samba3 TXT form of the info3 for wbinfo -a
This sends the info3 as hand marshalled data
Matthias Dieter Wallnöfer [Fri, 2 Oct 2009 10:23:25 +0000 (12:23 +0200)]
s4:ldb.h - cosmetic - add whitespace
Matthias Dieter Wallnöfer [Fri, 2 Oct 2009 10:18:03 +0000 (12:18 +0200)]
s4:provision - Cosmetic - right indentations
Andrew Bartlett [Sat, 26 Sep 2009 00:37:21 +0000 (17:37 -0700)]
s4:dsdb Fix crash from LDAP login of DOM\\
The issue here is that when we resolve DOM\\ into an NT4 name, we
would not initilise the nt4_account output.
Andrew Bartlett
Andrew Bartlett [Thu, 24 Sep 2009 22:06:11 +0000 (15:06 -0700)]
s4:dsdb rework instanceType module - put instanceType in provision
The instanceType needs to be specified in future because that's how
the partitions are actually created.
Andrew Bartlett [Fri, 25 Sep 2009 15:34:33 +0000 (08:34 -0700)]
s4:dsdb Don't allow creating of new objects with an isDefunct schema class
Andrew Bartlett [Fri, 25 Sep 2009 15:08:18 +0000 (08:08 -0700)]
s4:dsdb Add 'lazy_commit' module to swallow the 'lazy commit' OID
This allows this control to be specified as critical. We support the
control because we choose to always be durable in our transactions.
We really, really need a 'duplicate request' API, as at the
moment we can't do this without a large, error-prone set of code that
cannot cope with new request fields or types.
Andrew Bartlett
Andrew Bartlett [Fri, 25 Sep 2009 15:06:37 +0000 (08:06 -0700)]
s4:ldap_server Ensure we don't segfault when sent a NULL new RDN
The Microsoft testsuite tried to rename
cn=administrator,cn=users,... into "",cn=users... which didn't go so well.
Andrew Bartlett
Andrew Bartlett [Fri, 25 Sep 2009 00:21:47 +0000 (17:21 -0700)]
s4:provision Ensure we add the schema with the 'relax' control
(allows addition of systemOnly classes)
Andrew Tridgell [Wed, 23 Sep 2009 05:15:11 +0000 (22:15 -0700)]
s4-ldb: fixed a memory leak
Andrew Tridgell [Wed, 23 Sep 2009 05:14:30 +0000 (22:14 -0700)]
s4-ldb: overallocate idxptr to reduce memory fragmentation
Andrew Bartlett [Wed, 23 Sep 2009 04:11:41 +0000 (21:11 -0700)]
s4-ldb: merged with master
Andrew Bartlett [Tue, 1 Sep 2009 09:55:30 +0000 (19:55 +1000)]
s4:ldb Remove LTDB_PACKING_FORMAT_NODN
The restructured code makes this hader to support, and we have not had
this kind of LDB for a very long time now.
Andrew Bartlett
Andrew Bartlett [Tue, 1 Sep 2009 02:07:49 +0000 (12:07 +1000)]
s4:ldb always talloc_free() the ldb_ldif_write context, even on success
Andrew Bartlett [Tue, 1 Sep 2009 02:01:03 +0000 (12:01 +1000)]
s4:ldb Fix ldb_list_find() folowing the change from char * to TDB_DATA
(The format of index records in the internal manipulation changed)
Andrew Bartlett
Andrew Bartlett [Tue, 1 Sep 2009 01:59:50 +0000 (11:59 +1000)]
s4:ldb-samba Use temp talloc contexts and talloc_steal avoid leaks.
We would use the mem_ctx for internal work, but previously we did not
clean it up on exit.
Andrew Bartlett
Matthieu Patou [Tue, 22 Sep 2009 21:49:22 +0000 (01:49 +0400)]
s4: Improve provisioning: use relax control
Give the possibility to specify controls when loading ldif files.
Relax control is specified by default for all ldb_add_diff (request Andrew B).
Set domainguid if specified at the creation of object instead of modifying afterward
Allow to specify objectGUID for NTDS object of the first DC this option is used during provision upgrade.
Matthieu Patou [Tue, 22 Sep 2009 20:51:25 +0000 (00:51 +0400)]
pythonbindings: allow add() to have an array of controls as second parameter
Matthieu Patou [Wed, 23 Sep 2009 09:36:40 +0000 (13:36 +0400)]
s4-ldb: Use relax control to check in replace metadata module if we accept request that specify objectGUID attribute.
Matthieu Patou [Wed, 23 Sep 2009 09:34:58 +0000 (13:34 +0400)]
s4-ldb: Add new relax controls that allow relaxed x500 constraints checks
Andrew Bartlett [Tue, 22 Sep 2009 21:14:19 +0000 (14:14 -0700)]
s4:ntvfs Don't attempt to follow NULL in unixuid_setup_security()
This segfault occoured in cases where we rejected (or never attempted)
the tree connect, so had an invalid private pointer for the logoff
codepath.
Andrew Bartlett