summaryrefslogtreecommitdiffstats
path: root/source4
Commit message (Collapse)AuthorAgeFilesLines
...
* s4-socket: Make sure unix socket addresses are null terminated.Andreas Schneider2012-12-121-5/+5
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* torture: Make sure we use the correct size for cxd.Andreas Schneider2012-12-121-2/+3
| | | | | | | Found by Coverity. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* s4-libcli: Fix comparison of chosen_oid.Andreas Schneider2012-12-121-1/+1
| | | | | | | Found by Coverity. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* s4-client: Make sure we have a valid count if we goto cleanup.Andreas Schneider2012-12-121-1/+2
| | | | | | | Found by Coverity. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* s4-libnet: Don't call talloc_get_type() for the same struct twice.Andreas Schneider2012-12-121-2/+2
| | | | | | | Found by Coverity. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* s4-selftest: make sure to test rpc.samr.passwords.validate over ncacn_ip_tcp.Günther Deschner2012-12-121-1/+1
| | | | | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed Dec 12 13:13:47 CET 2012 on sn-devel-104
* s4-rpc_server: limit allowed transports for samr_ValidatePassword().Günther Deschner2012-12-121-0/+5
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s4-torture: move samr_ValidatePassword test out of main samr test.Günther Deschner2012-12-122-4/+18
| | | | | | | | | | Makes it easier to call with ncacn_ip_tcp transport (Windows does not allow other transports). Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* torture: Fix torture_rpc_spoolss_printer_teardown_common().Andreas Schneider2012-12-121-3/+1
| | | | | | | Found by Coverity. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s4:torture:rpc:samr: fix password age calculation in test_ChangePasswordUser3()Michael Adam2012-12-111-2/+2
| | | | | | | | | The min_password_age field is the negative of the age. Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s4:torture/samr: allow STATUS_PASSWORD_RESTRICTIONS from ChangePasswordUserMichael Adam2012-12-111-8/+16
| | | | | | | Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s4:rpc_server/samr: do WRONG_PASSWORD checks after the complexity checksMichael Adam2012-12-111-47/+65
| | | | | | | | | This matches the windows behavior. Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s4:dsdb/password_hash: do the min password age checks firstMichael Adam2012-12-111-11/+13
| | | | | | | Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s4:dsdb/common: only pass the DSDB_CONTROL_PASSWORD_HASH_VALUES_OID if requiredStefan Metzmacher2012-12-111-7/+11
| | | | | | | | This should give the password_hash module a chance to detect if the called was the cleartext password or not. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:torture:rpc:samr: add debugging of result of (many) dcerpc_samr_* callsMichael Adam2012-12-111-1/+106
| | | | | | | Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s4:dsdb/password_hash: Honor password complexity settings.Stefan Metzmacher2012-12-111-5/+0
| | | | | | | | | | | | | | | | | | | | | | | | Honor password complexity settings when creating new users. Without this patch, you could set simple passwords although the complexity settings were enabled. This was an issue with 'samba-tool user add' and also when adding new users via Windows' "Active Directory Users and Computers" MMC Snap-In. The following scenarios were tested successfully after applying the patch: -'samba-tool user add' against s4 -'samba-tool user add -H' against a Windows DC -Adding a new user on a s4 DC using Windows' "Active Directory Users and Computers" MMC Snap-In. Please note that this bug was caused by a mistake in the documentation. Fix bug #9414 - 'samba-tool user add' ignores password complexity settings. Pair-programmed-with: Karolin Seeger <kseeger@samba.org> Pair-Programmed-With: Michael Adam <obnox@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Michael Adam <obnox@samba.org>
* Revert "s4:dsdb/password_hash: Honor password complexity settings."Stefan Metzmacher2012-12-111-7/+1
| | | | | | | | | This reverts commit f8056b7a6998e002f473b0ad79eee046236a7032. A better fix will follow. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:provision: set the correct nTSecurityDescriptor on CN=Domain ↵Stefan Metzmacher2012-12-113-0/+16
| | | | | | | | | | Controllers,... (bug #9481) Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Tue Dec 11 07:05:39 CET 2012 on sn-devel-104
* s4:provision: set the correct nTSecurityDescriptor on CN=Users,... (bug #9481)Stefan Metzmacher2012-12-113-1/+19
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:provision: set the correct nTSecurityDescriptor on CN=Computers,... (bug ↵Stefan Metzmacher2012-12-113-1/+20
| | | | | | | #9481) Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:provision: set the correct nTSecurityDescriptor on CN=Builtin,... (bug #9481)Stefan Metzmacher2012-12-113-0/+61
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:provision: set the correct nTSecurityDescriptor on CN=Infrastructure,... ↵Stefan Metzmacher2012-12-113-2/+15
| | | | | | | (bug #9481) Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:provision: set the correct nTSecurityDescriptor on ↵Stefan Metzmacher2012-12-113-0/+19
| | | | | | | CN=Sites,CN=Configuration... (bug #9481) Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:provision: set the correct nTSecurityDescriptor on ↵Stefan Metzmacher2012-12-113-0/+21
| | | | | | | CN=Partitions,CN=Configuration... (bug #9481) Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:dsdb/descriptor: pass object_list to create_security_descriptor()Stefan Metzmacher2012-12-111-2/+13
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:dsdb/tests/sec_descriptor: verify the search of a windows dc join keeps ↵Stefan Metzmacher2012-12-101-0/+7
| | | | | | | | | | | | working This is a regression test for bug #9470. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Mon Dec 10 15:41:12 CET 2012 on sn-devel-104
* s4:dsdb/tests/sec_descriptor: verify the nTSecurityDescriptor and sd_flags ↵Stefan Metzmacher2012-12-101-0/+116
| | | | | | | | | interaction This is a regression test for bug #9470. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:dsdb/operational: fix stripping of the nTSecurityDescriptor attributeStefan Metzmacher2012-12-101-2/+12
| | | | | | | | | | | If the sd_flags control is specified, we should return nTSecurityDescriptor only if the client asked for all attributes. If there's a list of only explicit attribute names, we should ignore the sd_flags control. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:dsdb/acl_read: return the nTSecurityDescriptor attr if the sd_flags ↵Stefan Metzmacher2012-12-101-2/+9
| | | | | | | | | control is given (bug #9470) Not returning the nTSecurityDescriptor causes a lot of problems. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:dsdb/acl_read: give some variables a better nameStefan Metzmacher2012-12-101-10/+13
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:dsdb/acl_read: fix the calculation of the attribute array for the sub searchStefan Metzmacher2012-12-101-14/+19
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:dsdb/acl_read: check the ldb_attr_list_copy_add() resultStefan Metzmacher2012-12-101-0/+12
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:dsdb/dirsync: fix potential talloc hierachy problems (bug #9470)Stefan Metzmacher2012-12-101-3/+3
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4-torture: call the s4u2self tests with arcfour and aes.Günther Deschner2012-12-091-12/+47
| | | | | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Sun Dec 9 21:24:44 CET 2012 on sn-devel-104
* s4-torture: precalculate expected session keys from samlogon in schannel test.Günther Deschner2012-12-091-7/+111
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s4-rpc_server: support AES encryption in interactive and generic samlogon.Günther Deschner2012-12-091-5/+23
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s4-torture: validate owf password hash and negotiate AES in forest trust test.Günther Deschner2012-12-091-1/+12
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s4-torture: validate owf password hash and negotiate AES ServerGetTrustInfo ↵Günther Deschner2012-12-091-4/+33
| | | | | | | | | test. Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s4-torture: use netlogon_creds_arcfour_crypt() in samba3rpc test.Günther Deschner2012-12-091-6/+3
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s4-torture: exit early when join fails in samba3rpc tests.Günther Deschner2012-12-091-2/+4
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s4-torture: support AES encryption in interactive samlogon tests in rpc.samr.Günther Deschner2012-12-091-2/+5
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s4-torture: support AES encryption in pac_verify/generic samlogon netlogon ↵Günther Deschner2012-12-091-19/+68
| | | | | | | | | tests. Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s4-torture: use names for r.in.logon_level of netlogon samlogon requests.Günther Deschner2012-12-096-10/+10
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s4-torture: remove trailing whitespace in smbtorture remote_pac test.Günther Deschner2012-12-091-41/+41
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s4-rpc_server: support AES decryption in netr_ServerPasswordSet2 server.Günther Deschner2012-12-091-1/+6
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s4-torture: add AES support for netr_ServerPasswordSet2 tests.Günther Deschner2012-12-091-6/+29
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s4-torture: pass down netlogon flags in netr_ServerPasswordSet2 tests.Günther Deschner2012-12-091-4/+12
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s4-torture: remove trailing whitespace from netlogon test.Günther Deschner2012-12-091-105/+105
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* samba-tool processes: Make the output a bit neaterRicky Nance2012-12-081-5/+5
| | | | | | | Reviewed-By: Jelmer Vernooij <jelmer@samba.org> Autobuild-User(master): Jelmer Vernooij <jelmer@samba.org> Autobuild-Date(master): Sat Dec 8 03:34:29 CET 2012 on sn-devel-104
* s4:dsdb/descriptor: fix replication of NC headsStefan Metzmacher2012-12-071-2/+2
| | | | | | | | | | | | The sub NC heads maybe replicated with the parent partition, if we don't need to recalculate the nTSecurityDescriptor attribute in that case, the replication of the of the sub partition should handle that. This fixes error messages like this: descriptor_sd_propagation_recursive: DC=ForestDnsZones,DC=s40dom,DC=base not found under DC=s40dom,DC=base Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
generated by cgit (git 2.34.1) at 2025-09-26 23:17:50 +0000