summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* gencache: don't fail gencache_stabilize if there were records to delete.Michael Adam2015-02-091-1/+1
| | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* nfs4: Fix a confusing debug messageVolker Lendecke2015-02-091-1/+1
| | | | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> Autobuild-User(master): Ralph Böhme <slow@samba.org> Autobuild-Date(master): Mon Feb 9 12:25:06 CET 2015 on sn-devel-104
* torture-krb5: Provide a generic handler to catch and print unexpected ↵Andrew Bartlett2015-02-081-10/+22
| | | | | | | | | | | | | KRB_ERROR packets This may aid debugging in the future. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Kamen Mazdrashki <kamenim@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Sun Feb 8 10:37:23 CET 2015 on sn-devel-104
* auth/kerberos: Use talloc_stackframe to avoid memory and FD leak of event ↵Andrew Bartlett2015-02-081-27/+33
| | | | | | | | | | | | | | context The smb_krb5_send_and_recv_func_forced and smb_krb5_send_and_recv_func functions could leak an event context including an epoll FD and some memory. This may explain a flapping test in krb5.kdc Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
* torture-krb5: Add test for TGS-REQ with type KRB5_NT_PRINCIPAL, ↵Andrew Bartlett2015-02-082-26/+158
| | | | | | | | KRB5_NT_SRV_INST, KRB5_NT_SRV_HST Signed-off-by: Andrew Bartlett <abartlet@samba.org> Pair-programmed-with: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Garming Sam <garming@catalyst.net.nz>
* torture-krb5: Add test in for normal TGS-REQAndrew Bartlett2015-02-081-1/+172
| | | | | | | | For example, host/server Signed-off-by: Andrew Bartlett <abartlet@samba.org> Pair-programmed-with: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Garming Sam <garming@catalyst.net.nz>
* torture-krb5: Split out TEST_AS_REQ_SELF recv testing routineAndrew Bartlett2015-02-081-50/+186
| | | | | | | | This duplicates more code, but re-using the callbacks makes it much, much harder to debug Signed-off-by: Andrew Bartlett <abartlet@samba.org> Pair-programmed-with: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Garming Sam <garming@catalyst.net.nz>
* torture-krb5: Add additional assertions for non-canon TGS-REPAndrew Bartlett2015-02-081-0/+9
| | | | | | | | This confirms that the KDC does not modify the returned principal in a TGS-REP unconditionally. Pair-programmed-with: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* torture-krb5: Further test improvements to cover KRB5_GC_CANONICALIZE on krbtgt/Andrew Bartlett2015-02-081-16/+243
| | | | | | | | This covers more of the protocol, and confirms which tests actually send network packets (and so actually run the assertions in the send_and_recv handlers. Signed-off-by: Garming Sam <garming@catalyst.net.nz> Pair-programmed-with: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* selftest: Run krb5.kdc with an account that has a UPN and an SPNAndrew Bartlett2015-02-082-1/+3
| | | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Pair-programmed-with: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Garming Sam <garming@catalyst.net.nz>
* torture-krb5: Add tests for AS-REQ to our own nameAndrew Bartlett2015-02-081-29/+166
| | | | | | | | | | This allows us to probe the behaviour of AS-REQ requests against a principal other than krbtgt/ This alos allows verification of behaviour of principals of type KRB5_NT_ENTERPRISE_PRINCIPAL Pair-programmed-with: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* torture-krb5: Improve the assertions in our KDC tests to be more explicitAndrew Bartlett2015-02-081-0/+11
| | | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Pair-programmed-with: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Garming Sam <garming@catalyst.net.nz>
* torture-krb5: Reformat and re-work test to be easier to followAndrew Bartlett2015-02-081-282/+573
| | | | | | | | | | | | | | | | The behaviour is the same as in the previous commit, but it is much easier to follow as the main test code now indicates to the send_and_recv callbacks what stage of the test we are at, and resets the packet counter between stages. This also re-orders the code so that the send and recv callbacks for each stage are next to each other, and uses a case statement in the main send_and_recv driver for clarity. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Pair-programmed-with: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Garming Sam <garming@catalyst.net.nz>
* torture-krb5: Add tests for the canonicalise TGS-REQ caseAndrew Bartlett2015-02-081-26/+173
| | | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Pair-programmed-with: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Garming Sam <garming@catalyst.net.nz>
* torture-krb5: add TGS-REQ testing to krb5.kdc.canon testsuiteAndrew Bartlett2015-02-082-26/+295
| | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* kdc: make Samba KDC pass new TGS-REQ and AS-REQ (to self) testingAndrew Bartlett2015-02-081-58/+148
| | | | | | | | This also reverts 51b94ab3fd4d13ee38813eb7d20db11edaa667a8 as our testing shows Windows 2012R2 does not have this behaviour. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* kdc: fixup KDC to use functions portable to MIT krb5Andrew Bartlett2015-02-081-1/+1
| | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* torture-krb5: Do not do post-recv checks if the packet recv failedAndrew Bartlett2015-02-082-2/+8
| | | | | | | | | This may be the cause of the flapping tests in this code previously, as the recv_buf would be 0 length. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
* ctdb-tests: Add new "ctdb setreclock" testMartin Schwenke2015-02-041-0/+117
| | | | | | | | Signed-off-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Amitay Isaacs <amitay@gmail.com> Autobuild-User(master): Amitay Isaacs <amitay@samba.org> Autobuild-Date(master): Wed Feb 4 05:40:55 CET 2015 on sn-devel-104
* ctdb-daemon: Fix SET_RECLOCK_FILE regressionMartin Schwenke2015-02-041-1/+2
| | | | | | | | | If the recovery lock file is unset then this dereferences a NULL pointer. The regression is due to commit 6f1ac7af0f87d85402d708231e45a69713bba026. Signed-off-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Amitay Isaacs <amitay@gmail.com>
* samba-tool: Create NIS enabled users and unixHomeDirectory attributeMarc Muehlfeld2015-02-032-4/+39
| | | | | | | | | | | | | | | | | | | | Allow to create NIS enabled user accounts via 'samba-tool user add'. To create NIS enabled accounts, the parameters --uid-number=, --login-shell=, --unix-home=, --gid-number= are mandatory. Because we didn't had a parameter to set unixHomeDirectory yet, this patch also adds this feature. 'unixUserPassword: ABCD!efgh12345$67890' is added by default, when you enable NIS on an account in ADUC. The same we do in samba-tool. See: https://bugzilla.samba.org/show_bug.cgi?id=10909 Signed-off-by: Marc Muehlfeld <mmuehlfeld@samba.org> Reviewed-By: Jelmer Vernooij <jelmer@samba.org> Autobuild-User(master): Marc Muehlfeld <mmuehlfeld@samba.org> Autobuild-Date(master): Tue Feb 3 17:18:32 CET 2015 on sn-devel-104
* s4-samdb/tests: Assert on expected set of attributes for new User objectKamen Mazdrashki2015-02-031-0/+60
| | | | | | | | | | Change-Id: I225b64ff7492b41852fecb914f464a6c8d504a2c Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Tue Feb 3 07:30:17 CET 2015 on sn-devel-104
* s4-dsdb/tests: Assert on expected set of attributes for restored objectsKamen Mazdrashki2015-02-031-5/+104
| | | | | | Change-Id: I788406d9c3839d108cea508cf2a59488d495f141 Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4-dsdb: Refactor user objects defaults setter to use attribute/value mapKamen Mazdrashki2015-02-031-28/+49
| | | | | | | Change-Id: Iaa32af4225219a4c5c42c663022e8be429b8a1d2 Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* dsdb: Do not use _ prefix in tombstone_reanimate moduleAndrew Bartlett2015-02-031-6/+6
| | | | | | | | | | This should only be used by the C library. Andrew Bartlett Change-Id: I00da64de1443a7c6b21aafae79e126180eb1a3d4 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
* s4-dsdb: common helper to determine "primaryGroupID" attribute valueKamen Mazdrashki2015-02-033-20/+49
| | | | | | | | | | At the moment current implementation does not check if group RID is existing group RID - this responsibility is left to the caller. Change-Id: I8c58dd23a7185d63fa2117be0617884eb78d13c1 Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* s4-dsdb: Common helper for setting "sAMAccountType" on User objectsKamen Mazdrashki2015-02-033-20/+43
| | | | | | | Change-Id: I4480e7d1ed0c754e960028e0be9a90ee56935e94 Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* s4-dsdb: Move User object default attribute values in separate helperKamen Mazdrashki2015-02-033-52/+46
| | | | | | | Change-Id: I1e291bcf0a5c9b2fca11323dc7f8be29f5145d42 Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* s4-tests: Add tombstone_reanimation test case to s4 test suiteKamen Mazdrashki2015-02-031-0/+5
| | | | | | | | | | DC, USERNAME and PASSWORD are passed as environment variables prefixed with TEST_ Change-Id: I84ff628496bfa3e0538011400328585d080f21b8 Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* s4-dsdb/tests: Do not pre-create LoadParm - connect_samdb_env() will handle itKamen Mazdrashki2015-02-031-5/+1
| | | | | | | Change-Id: I3483c5aa50de2f7aca19e4d7cc4fa49bbe5f889d Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* s4-dsdb-test: Use common base method for restoring Deleted objectsKamen Mazdrashki2015-02-031-25/+14
| | | | | | | Change-Id: I266b58ced814cf7ea3616862506df5b55f4f1d8c Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* s4-dsdb/samldb: Don't allow rename requests on Deleted objectKamen Mazdrashki2015-02-031-0/+11
| | | | | | | | | | | | | | | Windows behavior in case of renaming Deleted object is: * return ERR_NO_SUCH_OBJECT in case client is not providing SHOW_DELETED control * ERR_UNWILLING_TO_PERFORM otherwise Renaming of Deleted objects is allowed only through special Tombstone reanimation modify request Change-Id: I1eb33fc294a5de44917f6037988ea6362e6e21fc Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* s4-dsdb/test: Delete any leftover objects in the beginning of Cross-NC testKamen Mazdrashki2015-02-031-2/+4
| | | | | | | | | This way we ensure that samdb is clean before we make the test Change-Id: I3c6fc94763807394e52b6df41548e9aba8b452c1 Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* s4-dsdb/samldb: Relax a bit restrictions in Config partition while restoring ↵Kamen Mazdrashki2015-02-031-1/+2
| | | | | | | | | deleted object Change-Id: Iead460d24058b160b46cf3ddedaf4d84b844da4d Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* s4-dsdb/samdb: Don't relax contraint checking during rename for Deleted objectsKamen Mazdrashki2015-02-031-3/+0
| | | | | | | | | | Now we have a module to handle to handle Tombstone reanimation and it is better we do all the check here as usual Change-Id: Ia5d28d64e99f7a961cfe8b9aa7cc96e4ca56192e Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* s4-dsdb-test/reanimate: Fix whitespaces according to PEP8Kamen Mazdrashki2015-02-031-20/+19
| | | | | | | Change-Id: I7b46992c80178d40a0531b5afd71a7783068a9dd Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* s4-dsdb-tests: Move base tests for Tombstone reanimation in ↵Kamen Mazdrashki2015-02-032-174/+179
| | | | | | | | | | | | | | | tombstone_reanimation module So we have them all in one place. While moving, I have: * inherited from the base class for Tombstone reanimations * replace self.ldb with self.samdb Change-Id: Id3e4f02cc2e0877d736da812c14c91e2311203d2 Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* s4-dsdb-test: Fix duplicated key in a dictionary in sam.pyKamen Mazdrashki2015-02-031-2/+2
| | | | | | | Change-Id: Ie33d92bd308262d9bfda553d6d5e2cfd98f6d7b3 Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* s4-dsdb/objectclass: remove duplicated declaration for objectclass_do_addKamen Mazdrashki2015-02-031-2/+0
| | | | | | | Change-Id: Ib88a45cea64fb661a41ca3b4a3df9dabf509fc6c Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* s4-dsdb-test: remove trailing ';' in ldap.pyKamen Mazdrashki2015-02-031-32/+32
| | | | | | | Change-Id: I5edc6e017b576791c1575f71a625c49ccc88fe8f Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* s4-dsdb/reanimate: Group objects reanimation implementationKamen Mazdrashki2015-02-031-0/+36
| | | | | | | Change-Id: Iea92924ff6b33fa3723b104d5dfff1ce5a7a09b0 Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* s4-dsdb/reanimate: Swap rename->modify operations to modify->rename sequenceKamen Mazdrashki2015-02-031-16/+22
| | | | | | | | | | | | | This way it is more visible that we work on 'deleted object' during modify and also will help us to handle 'stop rename for deletec objects' propertly in future [MS-ADTS]: 3.1.1.5.3.7.3 Undelete Processing Specifics Change-Id: I9bb644e099a4a2afcb261ad22515c9c4ce4875bb Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* s4-dsdb/reanimate: Use 'show deleted' control in modify operations tooKamen Mazdrashki2015-02-031-0/+7
| | | | | | | | | Before committing changes, object is still deleted - isDeleted = true Change-Id: Ie1ab53dc594d1bfaf5b9e06316e7a1fc0dd4b8cb Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* s4-dsdb/samldb: Skip 'sAMAccountType' and 'primaryGroupID' during Tombstone ↵Kamen Mazdrashki2015-02-031-11/+23
| | | | | | | | | | | | reanimate tombstone_reanimate.c module is going to restore those attributes and it needs a way to propagate them to DB Change-Id: I36f30b33fa204fd28329eab01044a125f7a3f08e Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* s4-dsdb/samldb: Fix type "omputer" -> "computer"Kamen Mazdrashki2015-02-031-1/+1
| | | | | | | Change-Id: Ic56c6945528b7f60becc4f0b318429f4c22c3d2e Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* s4-dsdb/reanimate: Implement attribute_restore functionKamen Mazdrashki2015-02-031-0/+90
| | | | | | | | | | At the moment it works for objects with objectClass user + a common case of removing isRecycled attribute Change-Id: I70b0ef0ef65c13d3def82ca53ace52a85a078a37 Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* s4-dsdb-util: Mark attributes with ADD flag in samdb_find_or_add_attribute()Kamen Mazdrashki2015-02-031-1/+7
| | | | | | | | | | | | At the moment no flags are set and it works fine, since this function is solely used in samldb during ADD requests handling. Pre-setting a flag make it usefull for other modules and request handlers too Change-Id: I7e43dcbe2a8f34e3b0ec16ae2db80ef436df8bfe Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* s4-dsdb-test: Fix Undelete tests after subunit upgrade workKamen Mazdrashki2015-02-031-31/+31
| | | | | | | Change-Id: I4712a2a2163a57fde037511afcc1cb7bee05f12e Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* s4-dsdb-test: Use case insensitive comparison for DNs in undelete testKamen Mazdrashki2015-02-031-1/+1
| | | | | | | Change-Id: I4a009bb7ed58ab857ac74a235bb5f580911f0d92 Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* s4-dsdb-test: Initial implementation for Tombstone restore test suiteKamen Mazdrashki2015-02-031-0/+285
| | | | | | | Change-Id: Ib35ff930b6e7cee14317328b6fe25b59eec5262c Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
generated by cgit (git 2.34.1) at 2025-09-26 17:02:51 +0000