summaryrefslogtreecommitdiffstats
path: root/source4
Commit message (Collapse)AuthorAgeFilesLines
...
* Drop paged-search from OpenLDAP stackHoward Chu2013-09-231-1/+1
| | | | | | | | Unnecessary, waste of time Signed-off-by: Howard Chu <hyc@symas.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
* Add LDB_MAP_RENDROP optionHoward Chu2013-09-231-1/+1
| | | | | | | | | | Like LDB_MAP_RENAME, but drop the attribute if it occurs in an Add request. Used for distinguishedName attribute, is read-only and generated but for some bizarre reason AD allows it in an Add request. Signed-off-by: Howard Chu <hyc@symas.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
* Return a couple more attrs by defaultHoward Chu2013-09-231-0/+2
| | | | | | | | Seems to want name and distinguishedName to always be returned. Signed-off-by: Howard Chu <hyc@symas.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
* s4:torture:ldap: Fix misleading outputHoward Chu2013-09-231-2/+2
| | | | | | | | | | | Looks like an errant copy/paste from the Abandon test. Signed-off-by: Howard Chu <hyc@symas.com> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Mon Sep 23 22:47:50 CEST 2013 on sn-devel-104
* selftest: Add release-4-1-0rc3 saved provisionAndrew Bartlett2013-09-2232-0/+155536
| | | | | | | | | | | | | | | | This version has the regression where we would, on join, write an all-zero invocationID in the replPropertyMetaData attribute, on Deleted Objects in particular. To demonstrate this regression, this is based on the promoted_dc environment from make test, with the domain altered to match the pattern used in these trees. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* selftest: Add script to assist in writing out a tree undump.sh can restoreAndrew Bartlett2013-09-221-0/+48
| | | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* dsdb: Refuse to replicate an all-zero invocationID GUID in replPropertyMetaDataAndrew Bartlett2013-09-221-0/+9
| | | | | | | | | | This matches Windows 2008R2. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* Remove NEWS file containing confusing informationAndrew Bartlett2013-09-221-496/+0
| | | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* Remove confusing TODO fileAndrew Bartlett2013-09-221-276/+0
| | | | | | | | | | This makes no sense in the merged tree, and only confuses users. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* dsdb: Use WERR_DS_ATT_NOT_DEF_IN_SCHEMA for failed schema lookupsAndrew Bartlett2013-09-221-28/+28
| | | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:torture: remove and useless variable and assignment in smb2.session.reauth5Michael Adam2013-09-211-3/+1
| | | | | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat Sep 21 08:00:02 CEST 2013 on sn-devel-104
* libcli: continue to read from the socket even if the size is 0Matthieu Patou2013-09-201-1/+1
| | | | | | | | | | | | | | | This is an issue found by Codenomicon, with a malicious packet with 0 bytes UDP payload we will continiously be looping trying to react from the socket event and continiously do nothing as we will bail out thinking that we had a memory allocation error. Original fix comes from Volker Lendecke <vl@samba.org> Signed-off-by: Matthieu Patou <mat@matws.net> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Fri Sep 20 04:46:47 CEST 2013 on sn-devel-104
* lib/messaging: Check the server_id type correctlyAndrew Bartlett2013-09-191-1/+1
| | | | | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Thu Sep 19 23:19:16 CEST 2013 on sn-devel-104
* dsdb-repl_meta_data: Make handling of Deleted Objects DN clearer in deleteAndrew Bartlett2013-09-191-5/+10
| | | | | | | | | | This code no longer needs to handle not renaming Deleted Objects during a re-delete, because it is no longer called in that case. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* dsdb-repl_meta_data: Do not re-delete the Deleted Objects DN during replicationAndrew Bartlett2013-09-191-3/+5
| | | | | | | | | | | We need to ensure we do not re-delete the Deleted Objects DN during replication. It itself not entirely a deleted object, but has isDeleted set. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* dsdb: Refuse to return an all-zero invocationIDAndrew Bartlett2013-09-191-0/+8
| | | | | | | | | This could cause an all-zero GUID to be entered into the replPropertyMetaData, which will then fail to be replicated to other DCs. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* dsdb-repl_meta_data: Check for a NULL invocationID and do not proceedAndrew Bartlett2013-09-191-0/+4
| | | | | | | | | This can happen if we do not find the invocationID, with later patches. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* python/drs: Ensure to pass in the local invocationID during the domain joinAndrew Bartlett2013-09-193-4/+20
| | | | | | | | | | This ensures (and asserts) that we never write an all-zero GUID as an invocationID to the database in replPropertyMetaData. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* gensec: move schannel module to toplevel.Günther Deschner2013-09-192-340/+0
| | | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Pair-Programmed-With: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* OpenLDAP provisioning tweaksHoward Chu2013-09-184-32/+13
| | | | | | | | | | | | | Remove BerkeleyDB-specific setup. Streamline cn=samba partition initialization - allow any backend type for it. Use back-mdb instead of back-ldif for cn=samba partition Signed-off-by: Howard Chu <hyc@symas.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Nadezhda Ivanova <nivanova@symas.com> Autobuild-User(master): Nadezhda Ivanova <nivanova@samba.org> Autobuild-Date(master): Wed Sep 18 21:39:51 CEST 2013 on sn-devel-104
* Use SASL/EXTERNAL over ldapi://Howard Chu2013-09-182-50/+82
| | | | | | | | | The provision script will map the uid of the user running the script to the samba-admin LDAP DN. Signed-off-by: Howard Chu <hyc@symas.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
* Prepare for SASL/EXTERNAL supportHoward Chu2013-09-181-2/+11
| | | | | | Signed-off-by: Howard Chu <hyc@symas.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
* Free memory on errorAlistair Leslie-Hughes2013-09-181-0/+1
| | | | | | | | Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Sep 18 19:46:41 CEST 2013 on sn-devel-104
* Add an OpenLDAP-specific extended_dn_in moduleHoward Chu2013-09-182-5/+37
| | | | | | | | Don't "fix" plain DNs before sending them to OpenLDAP Signed-off-by: Howard Chu <hyc@symas.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
* Fix OpenLDAP partition configsHoward Chu2013-09-171-3/+50
| | | | | | | | Update to use LMDB backend, BDB is deprecated Update to support DomainDNSZones and ForestDNSZones partitions. Signed-off-by: Howard Chu <hyc@symas.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* dsdb: Use credentials.get_forced_sasl_mech()Andrew Bartlett2013-09-171-0/+1
| | | | | | | | | | | | | | This will allow us to force the use of only DIGEST-MD5, for example, which is useful to avoid hitting GSSAPI, SPNEGO or NTLM when talking to OpenLDAP and Cyrus-SASL. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Nadezhda Ivanova <nivanova@symas.com> Autobuild-User(master): Nadezhda Ivanova <nivanova@samba.org> Autobuild-Date(master): Tue Sep 17 01:41:41 CEST 2013 on sn-devel-104
* s4-rpc_server/drsuapi: Print ldb error showing why we failed to perform the ↵Andrew Bartlett2013-09-161-1/+1
| | | | | | | access check Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* dsdb: Use dsdb_next_callback() rather than a no-op per-module callbackAndrew Bartlett2013-09-161-38/+16
| | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* dsdb: Add DSDB_SEARCH_ONE_ONLY support to dsdb_module_search*()Andrew Bartlett2013-09-161-0/+13
| | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* dsdb: When using an LDAP backend, force use of the password from secrets.ldbAndrew Bartlett2013-09-111-0/+99
| | | | | | | | | | | | | | | | | This makes testing from the command line much easier, as ldbsearch -H sam.ldb will now just work as well as it did with a tdb-based provision. This code was removed from it's previous location outside the ldb module stack in aabda85a2fc9f6763abd56d61ff819012f2225ad. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Nadezhda Ivanova <nivanova@symas.com> Autobuild-User(master): Nadezhda Ivanova <nivanova@samba.org> Autobuild-Date(master): Wed Sep 11 21:15:50 CEST 2013 on sn-devel-104
* ldb: Do not build libldb-cmdline when using system ldb.Jeroen Dekkers2013-09-102-2/+1
| | | | | | | | | | | | | | Cleanup leftover include and linking of libldb-cmdline in oLschema2ldif. Do not build libldb-cmdline anymore when using the system ldb, oLschema2ldif was the only reason for building libldb-cmdline. Signed-off-by: Jeroen Dekkers <jeroen@dekkers.ch> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Tue Sep 10 12:52:26 CEST 2013 on sn-devel-104
* smbd: Remove FORCE_OPLOCK_BREAK_TO_NONEVolker Lendecke2013-09-061-0/+3
| | | | | | | | | | | | | | | This flag existed to break an exclusive or batch oplock in just one instead of two steps down to "no oplock" when we did an allocation or file size change. Running raw.oplock against W2k12 differs in this respect from W2k3: W2k12 takes two steps (via level2) to break to none. This removes the special flag that we only had for compatibility with systems older than W2k12... Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Sep 6 00:47:07 CEST 2013 on sn-devel-104
* torture: Adapt raw.oplock to w2k12Volker Lendecke2013-09-051-6/+18
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* torture: Add a new w2k12 targetVolker Lendecke2013-09-052-0/+3
| | | | | | | | W2k12 seems to do the 2-step break to none, try running raw.oplock.batch12 against it. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* torture: Ensure that GSSAPI and SPNEGO packets are accepted by dlz_bind9Andrew Bartlett2013-09-043-1/+80
| | | | | | | | | | | | | | This exercises some more of the dlz_bind9 code outside BIND, by sending in a ticket to be access checked, wrapped either in SPNEGO or just in GSSAPI. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed Sep 4 11:25:10 CEST 2013 on sn-devel-104
* selftest: Add a basic test of samba_upgradednsAndrew Bartlett2013-09-041-0/+1
| | | | | | | | | | This does not check that the command runs correctly, but does at least check that the command runs to completion without errors. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* scripting/samba_upgradedns: Tighten up exception and attribute list handlingAndrew Bartlett2013-09-041-9/+10
| | | | | | | | | | This avoids asking for attributes that will not be used, and looks only for the expected exceptions, rather than all exceptions. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* scripting/join.py: Handle creating the dns-NAME account during a DC joinAndrew Bartlett2013-09-042-2/+11
| | | | | | | | | | This will ensure that the DLZ plugin works out of the box when joining a second Samba DC to the domain. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s4:samba_upgradedns: don't pass linklocal=False to interface_ips_v6()Stefan Metzmacher2013-08-301-1/+1
| | | | | | | This is the default... Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Bjoern Jacke <bj@sernet.de>
* provision: Rewrite named.txt to be more usefulAndrew Bartlett2013-08-291-16/+20
| | | | | | | | | | | | | We already chown the dns.keytab file, so remove the suggestion to do that, and instead explain why we can not use chroot (an often-requested feature). Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Björn Jacke <bj@sernet.de> Autobuild-User(master): Björn Jacke <bj@sernet.de> Autobuild-Date(master): Thu Aug 29 13:53:25 CEST 2013 on sn-devel-104
* torture: Add buffercheck testsVolker Lendecke2013-08-291-18/+226
| | | | | | | | | | | | | Make sure we get the smb2 infolevel fixed portions right I could not find correct #defines for the infolevels Bug: https://bugzilla.samba.org/show_bug.cgi?id=10106 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Aug 29 01:27:11 CEST 2013 on sn-devel-104
* torture: Split the fsinfo check into a separate testVolker Lendecke2013-08-231-2/+8
| | | | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Aug 23 20:53:12 CEST 2013 on sn-devel-104
* torture: Split the buffercheck into a separate testVolker Lendecke2013-08-231-2/+9
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* torture: Change smb2.getinfo into a suiteVolker Lendecke2013-08-232-2/+11
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libsmb2: Fix opening the rootdirectory, part 2Volker Lendecke2013-08-231-1/+1
| | | | | | | | | | | | | | | smb2_push_o16s16_blob is wrong for the blob.data==NULL case. It does not do the same magic that the rest of the routine does with regards to padding_fix. padding_fix is wrong in its own respect, with a 0-length blob we end up with a negative padding fix. It's wrong, but it seems to work. Why am I doing this? I want to make smb2.getinfo work against w2k12. smb2_util_roothandle() always gives NT_STATUS_INVALID_PARAMETER without this and the preceding fix. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libsmb2: Fix opening the rootdirectory, part 1Volker Lendecke2013-08-231-0/+15
| | | | | | | | [MS-SMB2], 2.2.13 says: In the request, the Buffer field MUST be at least one byte in length. Implement that for the 0-length filename without create blobs. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* torture: Remove an unused variableVolker Lendecke2013-08-231-3/+0
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* registry4: Fix CID 1034911 Dereference before null checkVolker Lendecke2013-08-191-1/+1
| | | | | | | | | curbegin is always != NULL here (curend + 1) and is dereferenced by strchr. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* samdb: Fix CID 1034910 Dereference before null checkVolker Lendecke2013-08-191-3/+3
| | | | | | | | | strncmp("tdb://", sam_name, 6) dereferences sam_name. Check for NULL before that. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* samdb: Fix CID 1034910 Dereference before null checkVolker Lendecke2013-08-191-3/+3
| | | | | | | | | strncmp("tdb://", sam_name, 6) dereferences sam_name. Check for NULL before that. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
generated by cgit (git 2.34.1) at 2025-09-29 18:23:50 +0000