summaryrefslogtreecommitdiffstats
path: root/source4
Commit message (Collapse)AuthorAgeFilesLines
...
* selftest: Test auth_wbc, the auth4 winbind and winbind_wbclient modules ↵Andrew Bartlett2014-05-161-1/+5
| | | | | | | | | | | | | | | using pdbtest This ensures these authentication modules continue to operate correctly, and that the results are consistent. Andrew Bartlett Change-Id: I7f63cd93e55c6f73ceeafb14f1dc265291791803 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri May 16 12:50:44 CEST 2014 on sn-devel-104
* auth: Allow auth_samba4 to be forced to run a specific auth moduleAndrew Bartlett2014-05-162-2/+2
| | | | | | | | | | This will allow new tests to be written to validate winbindd authentication results Andrew Bartlett Change-Id: I008eba1de349b17ee4eb9f11be08338557dffecc Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s4:imessaging: Remove event context from irpc and imessaging structuresAndrew Bartlett2014-05-132-23/+19
| | | | | | | | | | | | | | | | | | | The only part of this code with a stored event context is now the binding_handle created by irpc_binding_handle() when in the client dcerpc_binding_handle_set_sync_ev() is called, otherwise a new nested event context is created for sync calls. Note that the FD event associated with the socket still implies the long term event context passed to imessaging_[client]_init(). Andrew Bartlett Change-Id: I9aeae94b26e3736370f449daa96808e6cdc2d55d Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Tue May 13 02:33:24 CEST 2014 on sn-devel-104
* s4:imessaging: Remove dcerpc_binding_handle_set_sync_ev() call from ↵Andrew Bartlett2014-05-131-2/+0
| | | | | | | | | | irpc_binding_handle() The callers do this explicitly now if required. Change-Id: I0e6f562aac4e3c0a75149c5850eb9f96269a3caf Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s4:irpc/tests: explicitly use dcerpc_binding_handle_set_sync_ev()Andrew Bartlett2014-05-131-0/+10
| | | | | | | | | | | | This indicates that we're using nested event loops... Andrew Bartlett Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Change-Id: I17d530a1f338cfdbd2e4e755b6f01a44a3e7ba7a Signed-off-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s4:pyrpc: explicitly use dcerpc_binding_handle_set_sync_ev() for irpcAndrew Bartlett2014-05-131-0/+6
| | | | | | | | | | | | This indicates that we may use nested event loops... Andrew Bartlett Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Change-Id: Id014dcc68699c86cb99015a91a6979e30795f727 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s4:service_task: explicitly use dcerpc_binding_handle_set_sync_ev() for irpcAndrew Bartlett2014-05-131-0/+2
| | | | | | | | | | | | This indicates that we're using nested event loops... Andrew Bartlett Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Change-Id: I7e147850566301a5ef2354b8615a044d121968b5 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s4:rpc_server/netlogon: explicitly use dcerpc_binding_handle_set_sync_ev() ↵Andrew Bartlett2014-05-131-0/+6
| | | | | | | | | | | | | | for irpc This indicates that we're using nested event loops... Andrew Bartlett Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Change-Id: I4dcc7bf3c624612980e53b6119a60989fc2ea3b6 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s4:auth_winbind: explicitly use dcerpc_binding_handle_set_sync_ev() for irpcAndrew Bartlett2014-05-131-0/+2
| | | | | | | | | | | | This indicates that we're using nested event loops... Andrew Bartlett Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Change-Id: I08f21876d42197f76fe3ae10b4f464626d70bf5a Signed-off-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s4:irpc/tests: make use explicit use of the top level event contextAndrew Bartlett2014-05-131-5/+6
| | | | | | | | Andrew Bartlett Change-Id: Ia193f97f62a1cb928aa814679578f90bde212013 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s4:nbt_server/wins: make use explicit use of the top level event contextAndrew Bartlett2014-05-131-2/+2
| | | | | | | | Andrew Bartlett Change-Id: I4b8e5c16bd03a038da6527cfb4c91fc874626b18 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* dsdb: Do not permit nested event loops when in a transaction, use a nested ↵Andrew Bartlett2014-05-061-13/+80
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | event context It is never safe to execute arbitary code inside a transaction - we need to get in and get out, not run other events for the rest of the server. This patch avoids that by creating a private event loop during transactions, so no unexpected operations fire, and returning the original one when we finish it. If an event fires during an LDB transaction, an unrelated operation can occur during the transaction, and if the transaction were to be cancelled, there would be a silent rollback (despite the client having been indicated success). Additionally, other processes could be called via IRPC that need to operate on the database but are locked out due to the ongoing transaction. Andrew Bartlett BUG: https://bugzilla.samba.org/show_bug.cgi?id=10582 Change-Id: I22322fc006e61d7291da17cdf6431416ebb7b30f Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Tue May 6 13:36:20 CEST 2014 on sn-devel-104
* dsdb: Rename private_data to rootdse_private_data in rootdseAndrew Bartlett2014-05-061-8/+8
| | | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=10582 Change-Id: I349a2be67333ada86c19cd6d2ed283cd5bbeb2aa Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* Fix an empty if statement.Jose A. Rivera2014-05-051-1/+1
| | | | | | | | | | Primarily following the precedent set by other uses of composite_is_ok(), but also making sure nothing tries to use c after this point if it is in fact not ok. Signed-off-by: Jose A. Rivera <jarrpa@redhat.com> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s4:samr: allow builtin groups for samr_OpenGroup.Michael Adam2014-05-031-7/+16
| | | | | | | This fixes nsswitch getgrgid for builtins. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* selftest: Add tests for dbcheck detection and removal of partial objectsAndrew Bartlett2014-05-0331-0/+80715
| | | | | | | | | | | To avoid listing all the provision snapshots, we use a broader blacklist for waf dist and a whitelist for dbcheck-oldrelease.sh Andrew Bartlett Change-Id: Iab0ff4be0b4287dc128a49302836a6f0f7b39678 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* dsdb: Make it harder to corrupt the database by requiring DBCHECK or RELAX ↵Andrew Bartlett2014-05-032-10/+32
| | | | | | | | | | | | | | | for final object deletion This kind of deletion can cause us to then replicate back a partial object. We allow dbcheck to directly remove totally corrupt objects (missing an objectclass) by specifying both DBCHECK and RELAX, and the tombstone sweep after 180 days is done with the RELAX control. Andrew Bartlett Change-Id: Ic21f68e507ba9b65e035ca568430e35e2d001c7d Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s4:repl_meta_data: fix array assignment in replmd_process_linked_attribute()Stefan Metzmacher2014-05-021-2/+2
| | | | | | Change-Id: I10357236108f68ab749ba0e1f07558302c573887 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* winbind: Allow winbindd to be run from inside "samba"Andrew Bartlett2014-04-292-0/+102
| | | | | | | | | Change-Id: I6b90a9b62ba5821e0feedb23cd20642078ba0ca6 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Kamen Mazdrashki <kamenim@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Tue Apr 29 05:28:39 CEST 2014 on sn-devel-104
* kerberos: Remove un-used event context argument from smb_krb5_init_context()Andrew Bartlett2014-04-2811-24/+5
| | | | | | | | | | | | | | | | | The event context here was only specified in the server or admin-tool context, which does not do network communication, so this only caused a talloc_reference() and never any useful result. The actual network communication code sets an event context directly before making the network call. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Mon Apr 28 02:24:57 CEST 2014 on sn-devel-104
* dsdb: Specify no event context to smb_krb5_init_context() in dsdbAndrew Bartlett2014-04-283-4/+6
| | | | | | | | | | These routines parse principals and generate keys only, no network communication is done. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* ad-dc: use exit_daemon() to communicate status of startup to systemdAlexander Bokovoy2014-04-231-12/+7
| | | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=10517 Signed-off-by: Alexander Bokovoy <ab@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Apr 23 04:44:46 CEST 2014 on sn-devel-104
* add systemd integrationAlexander Bokovoy2014-04-231-0/+4
| | | | | | | | | | | | | | | Add --with-systemd / --without-systemd options to check whether libsystemd-daemon library is available and use it to report service startup status to systemd for smbd/winbindd/nmbd and AD DC. The problem it solves is correct reporting of the Samba services at the point when they are ready to serve clients, important for high availability software integration. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10517 Signed-off-by: Alexander Bokovoy <ab@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s4:samba_kcc: Use 'dburl' passed from command line rather than lp.samdb_url()Kamen Mazdrashki2014-04-221-3/+3
| | | | | | | | This patch makes '-H, --URL' param to actually work as expected Change-Id: Ie7f4e9e3fc1f79a938473312e200f36de6886596 Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
* s4:samba_kcc: fix reference to DSA object while building partial replica listKamen Mazdrashki2014-04-221-1/+1
| | | | | | Change-Id: I33209dfd42d8c3af8d80b862ba0022d15385311b Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
* s4:samba_kcc: Fix error handling opening export ldif fileKamen Mazdrashki2014-04-221-2/+2
| | | | | | Change-Id: If52440272513ef244e33481476da0e884969153c Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
* s4:KCC: Use dsdb.DS_DOMAIN_FUNCTION_2008 constant for DS-Behavior comparisonsKamen Mazdrashki2014-04-221-4/+4
| | | | | | | | | DS_BEHAVIOR_WIN2008 was used so far which is a leftover from previous KCC implementation in "C" Change-Id: Id9b6551073c0b17cc27e086faa315b01305f39a5 Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
* s4-auth: Make the auth_winbind_wbclient use more correct code now in ↵Andrew Bartlett2014-04-181-86/+8
| | | | | | | auth/wbc_auth_util.c Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s4-torture: Remove socket_wrapper testsuite.Andreas Schneider2014-04-172-7/+0
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* selftest: Rename WINBINDD_SOCKET_DIR environment variable.Andreas Schneider2014-04-172-2/+2
| | | | | | | | It is very confusing if the env var uses the same name as the define in the source code. So prefix it with SELFTEST. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* Remove special nss_wrapper codeAndreas Schneider2014-04-171-3/+3
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s4-torture: Remove nss_wrapper testsuite.Andreas Schneider2014-04-172-7/+0
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s4-ntfs: Improve uid check in wrapper mode.Andreas Schneider2014-04-171-3/+19
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* lib: Change uid_wrapper to preloadable version.Andreas Schneider2014-04-171-2/+2
| | | | | | | This imports version 1.0.1 of uid_wrapper. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* lib-util: rename memdup to smb_memdup and fix all callersBjörn Baumbach2014-04-161-2/+2
| | | | | Signed-off-by: Björn Baumbach <bb@sernet.de> Reviewed-by: Volker Lendecke <vl@samba.org>
* auth: Remove support for HAVE_TRUNCATED_SALT from pass_check.cAndrew Bartlett2014-04-151-5/+0
| | | | | | | | | | | The comments indicate that this was needed for HP-UX at one point, but the configure code was never ported to WAF. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Tue Apr 15 12:32:09 CEST 2014 on sn-devel-104
* auth: Remove USE_BOTH_CRYPT_CALLS block from pass_check.cAndrew Bartlett2014-04-151-20/+0
| | | | | | | | This code is dead since the move to the WAF build system, but was set for HP-UX 9, 10 and 11 in the autoconf build system. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* auth: Remove linux_bigcrypt support from pass_check.cAndrew Bartlett2014-04-151-8/+0
| | | | | | | This is dead code, and probably has been for quite some time. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* auth: Remove support for plaintext auth on systems that use getprpwnam()Andrew Bartlett2014-04-151-9/+0
| | | | | | | | The WAF build does not have the code to detect getprpwnam, so this is dead code. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* auth: Remove afs_auth() from pass_check.c and s4's auth_unixAndrew Bartlett2014-04-151-4/+0
| | | | | | | | The waf build does not have code to detect support for AFS plaintext authentication, so this is dead code. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* auth: Remove dfs_auth() from pass_check.c and s4's auth_unixAndrew Bartlett2014-04-151-4/+0
| | | | | | | | The waf build has no logic to detect DCE/DFS, so this plaintext authentication mechanism is dead code. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* Do not install smbclient4 and nmblookup4Jeroen Dekkers2014-04-151-1/+2
| | | | | | | | | | Change-Id: I2d91d9c9faa2df084321d10fbdc948acbd2bb735 Signed-off-by: Jeroen Dekkers <jeroen@dekkers.ch> Reviewed-by: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Jelmer Vernooij <jelmer@samba.org> Autobuild-Date(master): Tue Apr 15 03:25:13 CEST 2014 on sn-devel-104
* Typo: s/preceeded/preceded/Jelmer Vernooij2014-04-141-1/+1
| | | | | | | | | | | Caught by lintian, the Debian package linter :) Change-Id: Ia7162ea8c2b1845155345526b66d71ae64f15227 Reviewed-on: https://gerrit.samba.org/216 Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Jelmer Vernooij <jelmer@samba.org> Autobuild-Date(master): Mon Apr 14 03:51:15 CEST 2014 on sn-devel-104
* s4-wbclient: Fix wbc_sids_to_xids to correctly indicate the length of the ↵Andrew Bartlett2014-04-091-1/+1
| | | | | | | | | | | | | | | | | | SID list This uses the fact that we know the end of the string in p to avoid needing a strlen() call. Otherwise the winbindd validation that the extra_data is terminated may fail, if the un-initiliased memory is not zero. Andrew Bartlett Change-Id: I9b28068e4fbd3754c8d14724af93638d657810dd Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Wed Apr 9 18:26:40 CEST 2014 on sn-devel-104
* torture: add local verification trailer parsing testDavid Disseldorp2014-04-093-1/+104
| | | | | | | | Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Apr 9 03:44:15 CEST 2014 on sn-devel-104
* s4-wbclient: Cope with winbind returning an errorAndrew Bartlett2014-04-081-0/+4
| | | | | | | | | Change-Id: I8eaf858f9e9e55eec20aa2c585db5459fb73b887 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Tue Apr 8 12:53:13 CEST 2014 on sn-devel-104
* script to generate content for libcli/util/nterr.c & libcli/util/ntstatus.hNoel Power2014-04-021-0/+243
| | | | | | | | | | | | | | A ropey script to generate some missing NT_STATUS error codes and and descriptions. The script generates ntstatus.c & ntstatus.h whose contents are used to extend the existing contents of libcli/util/nterr.c & libcli/util/ntstatus.h Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed Apr 2 22:40:06 CEST 2014 on sn-devel-104
* script to generate libcli/util/hresult.c & libcli/util/hresult.hNoel Power2014-04-021-0/+207
| | | | | | | | | | | This hacky script was used to generate the contents of libcli/util/hresult.c & libcli/util/hresult.h. It expects the table contents of http://msdn.microsoft.com/en-us/library/cc704587.aspx cut'n'pasted into the text file specified as it's single required input param Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* Allow FSRVP access generic HRESULT error message descriptionsNoel Power2014-04-021-2/+3
| | | | | | | | | | | | FSRVP can possibly return any HRESULT error in addition to it's own specific errors. This change searches the HRESULT errors for a description if the error doesn't match any of the known FSRVP ones. Also removed some errors defined in fsrvp.idl (now that they are defined in hresult.h) Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* torture-samr: Add testing of account lockout and password change behaviourAndrew Bartlett2014-04-021-39/+346
| | | | | | | | | | | | | | | | | | | | This is the regression test to avoid a repeat of CVE-2013-4496 This includes confirming that badPwdCount is updated on login, not just on first failure However the badPwdCount is not updated if the account is disabled Note: that samr_QueryUserInfo return the effective bad_password_count in level 5, 16 and 21, while it returns the raw value in level 3. (Sadly the s3 code does not do this correctly, so a knownfail is added) Change-Id: I4fd8ac5c3b1357e7a98386756dac2a43eb778ecf Signed-off-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed Apr 2 19:30:59 CEST 2014 on sn-devel-104
generated by cgit (git 2.34.1) at 2025-09-24 23:58:49 +0000