summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2013-08-05auth/credentials: keep cli_credentials privateStefan Metzmacher6-93/+126
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-05s4:ntlm_auth: make use of cli_credentials_[set_]callback_data*Stefan Metzmacher1-4/+6
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-05s4:torture/rpc: make use of cli_credentials_set_netlogon_creds()Stefan Metzmacher1-20/+16
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-05s4:torture/gentest: make use of cli_credentials_get_username()Stefan Metzmacher1-1/+2
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-05s4:torture/shell: simplify cli_credentials_set_password() callStefan Metzmacher1-4/+1
All we want is to avoid a possible callback... Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-05s3:ntlm_auth: remove pointless credentials->priv_data = NULL;Stefan Metzmacher1-1/+0
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-05auth/credentials: add cli_credentials_shallow_copy()Stefan Metzmacher2-0/+18
This is useful for testing. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-05auth/credentials: add cli_credentials_[set_]callback_data*Stefan Metzmacher2-0/+19
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-05auth/credentials: remove pointless talloc_reference() from ↵Stefan Metzmacher1-1/+1
cli_credentials_get_principal_and_obtained() Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-05auth/credentials: remove pointless talloc_reference() from ↵Stefan Metzmacher1-1/+1
cli_credentials_get_unparsed_name() Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-05tevent: Add echo server sample codeVolker Lendecke1-0/+664
This is under a deliberately permissive license. I would like people to start using libtevent and tevent_req (LGPL) without any worries about where to start from. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Amitay Isaacs <amitay@gmail.com> Autobuild-User(master): Amitay Isaacs <amitay@samba.org> Autobuild-Date(master): Mon Aug 5 04:07:58 CEST 2013 on sn-devel-104
2013-08-04Ensure we can never integer wrap when working on client-supplied max_data_bytes.Jeremy Allison1-0/+22
This would only be possible with SMB2, and is already checked in the upper SMB2 layers, but it really doesn't hurt to have these extra checks at time of use also. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org> Autobuild-User(master): David Disseldorp <ddiss@samba.org> Autobuild-Date(master): Sun Aug 4 16:54:04 CEST 2013 on sn-devel-104
2013-08-03There are tests all over the SMB1 code to check that srv_send_smb fails, but ↵Richard Sharpe1-1/+1
it never returns false. Even if the write to the socket/fd fails, we never return false and will keep reading stuff off of the input buffer until it is exhausted and then we will exit. Signed-off-by: Richard Sharpe <rsharpe@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Richard Sharpe <sharpe@samba.org> Autobuild-Date(master): Sat Aug 3 17:41:22 CEST 2013 on sn-devel-104
2013-08-02dfs_server: Use dsdb_search_one to catch 0 results as well as NO_SUCH_OBJECT ↵Andrew Bartlett1-5/+5
errors This ensures we do not de-reference an invalid rs->msgs pointer if the pointed-to object was not objectclass=computer Andrew Bartlett Bug: https://bugzilla.samba.org/show_bug.cgi?id=10052 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Fri Aug 2 13:11:20 CEST 2013 on sn-devel-104
2013-08-02s3:lib/system fix build on AIX 7Christian Ambach1-3/+12
AIX uses struct stat64 with struct timespec64, so direct assignment does not work any more. Pair-Programmed-With: Volker Lendecke <vl@samba.org> Signed-off-by: Christian Ambach <ambi@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Fri Aug 2 09:47:43 CEST 2013 on sn-devel-104
2013-08-01Fix bug 9678 - Windows 8 Roaming profiles failGregor Beck1-7/+2
Windows 8 tries to set 'ATTRIBUTE_SECURITY_INFORMATION' on some dirs. Ignoring it makes roaming profiles work again. Just like w2k3 gracefully ignore all the other bits. Signed-off-by: Gregor Beck <gbeck@sernet.de> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Aug 1 20:58:25 CEST 2013 on sn-devel-104
2013-08-01security.idl: add new security_secinfo bitsGregor Beck1-0/+3
[MS-DTYP].pdf 2.4.7 Signed-off-by: Gregor Beck <gbeck@sernet.de> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-08-01tevent: change version to 0.9.19Stefan Metzmacher2-1/+84
* Fix tevent testsuite issue on Solaris. * Add tevent tuturial and documentation updates * Fix Coverity ID 989236 Operands don't affect result * Bug: https://bugzilla.samba.org/show_bug.cgi?id=10012 Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Thu Aug 1 17:05:02 CEST 2013 on sn-devel-104
2013-08-01tevent: Remove the signal pipe if no signal events are aroundVolker Lendecke1-1/+13
It makes adding/removing the first/last sigevents a bit more expensive, but it will fix tevent_loop_wait not finishing when one signal event was added and removed. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10012 Signed-off-by: Volker Lendecke <vl@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-01Ensure gpfs kernel leases are wrapped in a become_root()/unbecome_root() pair.Ralph Wuerthner1-0/+6
Ensures correct lease owner for signal delivery. Signed-off-by: Ralph Wuerthner <ralphw@de.ibm.com> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Simo Sorce <idra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Aug 1 03:57:11 CEST 2013 on sn-devel-104
2013-07-31Wrap setting leases in become_root()/unbecome_root() to ensure correct ↵Jeremy Allison1-13/+20
delivery of signals. Remove workaround for Linux kernel bug https://bugzilla.kernel.org/show_bug.cgi?id=43336 as we don't need to set capabilities when we're already root. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Simo Sorce <idra@samba.org>
2013-07-31torture: add LOCAL-sid_to_string testcaseJeff Layton2-0/+31
Signed-off-by: Jeff Layton <jlayton@redhat.com> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-07-31torture: add more string_to_sid torture testcasesJeff Layton1-0/+16
Signed-off-by: Jeff Layton <jlayton@redhat.com> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-07-31libcli: fix conversion logic in dom_sid_string_bufJeff Layton1-10/+18
Signed-off-by: Jeff Layton <jlayton@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-07-31libcli: fix conversion logic in dom_sid_parse_endpJeff Layton1-14/+15
Signed-off-by: Jeff Layton <jlayton@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-07-31wbclient: fix conversion logic in wbcSidToStringBufJeff Layton1-14/+17
Might as well fix it to handle large authority values properly. Also correct some of the formatting. Signed-off-by: Jeff Layton <jlayton@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-07-31wbclient: fix conversion logic in wbcStringToSidJeff Layton1-17/+20
Signed-off-by: Jeff Layton <jlayton@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-07-31schannel: Fix an unused variableVolker Lendecke1-1/+0
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-07-30samba-tool dbcheck: Correctly remove deleted DNs in dbcheckAndrew Bartlett1-1/+1
The previous pattern never matched, as it was a typo. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Tue Jul 30 12:55:00 CEST 2013 on sn-devel-104
2013-07-30dsdb: Include MS-ADTS doc references on deleted object contstraintsAndrew Bartlett1-0/+16
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-07-30dsdb tests: Add member/memberOf checking to delete_objects testingAndrew Bartlett1-21/+257
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
2013-07-30dsdb: Improve DRS deleted link source/target handing in repl_meta_dataAndrew Bartlett2-9/+97
We now correctly ignore the link updates if the source or target is deleted locally. This fixes the long-standing failure in the vampire_dc dbcheck test. Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
2013-07-30dsdb: Ensure we always force deleted objects back under the deleted objects DNAndrew Bartlett1-26/+65
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-07-30dsdb/repl_meta_data: split out replmd_deletion_state()Stefan Metzmacher1-31/+71
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-07-30dsdb: Prune deleted objects of links and extra attributes of replicated deletesAndrew Bartlett1-71/+199
When an object is deleted, the links to be removed are not propogated, you have to watch out for them manually! We do this by calling back into the originating update delete code (ie what is called if you ldb_delete() locally) so that any extra attribute found locally and not on the remote server becomes removed remotely too. We currently do the same with links, but that isn't strictly correct, but for now our getNCChanges server code filters these out, so only the usn is bumped. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-07-29s3:winbind: add a warning DEBUG message when skipping a sid from the mapped ↵Michael Adam1-0/+18
GID list This presents a potential security problem when ACLs contain DENY ACEs. Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Mon Jul 29 14:42:27 CEST 2013 on sn-devel-104
2013-07-29s3:winbind: change getgroups to only do one sids2xids call instead of manyMichael Adam1-26/+42
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
2013-07-29s3:winbind: fix the getgroups implementation to include the user sid's GID ↵Michael Adam1-3/+5
in case of ID_TYPE_BOTH This is important for acl checks on the unix level where only a group ace has been added to the ACL for the user sid, e.g. when accessing Files with nfs or local unix processes. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-07-29s3:winbind: fix gid counting and error handling in the getgroups implementationMichael Adam1-6/+10
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
2013-07-29dns: Update TODO listKai Blin1-8/+5
A lot of the todo items have been resolved, avoid confusing people. Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Mon Jul 29 09:12:17 CEST 2013 on sn-devel-104
2013-07-27selftest: Print error message when smbd does not have ADS supportChristof Schmitt2-1/+4
When smbd cannot be compiled with ADS support, setting up the s3member environment fails with: samba: using 'standard' process model Samba can't provide environment 's3member' at /test/samba/selftest/target/Samba.pm line 44. Can't use string ("UNKNOWN") as a HASH ref while "strict refs" in use at /test/samba/selftest/selftest.pl line 852. samba: EOF on stdin - terminating Add an explicit error message for the missing ADS support to make this easier to debug and also avoid the warning about the hash reference: samba: using 'standard' process model Samba can't provide environment 's3member' at /test/samba/selftest/target/Samba.pm line 44. Unable to setup environment s3member at /test/samba/selftest/selftest.pl line 851. smbd does not have ADS support samba: EOF on stdin - terminating Signed-off-by: Christof Schmitt <christof.schmitt@us.ibm.com> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Sat Jul 27 08:31:14 CEST 2013 on sn-devel-104
2013-07-26nsswitch: Add OPT_KRB5CCNAME to avoid an error message.Andreas Schneider1-2/+4
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10048 Reviewed-by: Günther Deschner <gd@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Fri Jul 26 17:40:26 CEST 2013 on sn-devel-104
2013-07-25torture/drs: Expand an error message to aid debuggingAndrew Bartlett1-1/+1
Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Thu Jul 25 13:51:44 CEST 2013 on sn-devel-104
2013-07-25dsdb/samdb: use RECYCLED it implies DELETED...Stefan Metzmacher2-3/+3
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2013-07-24selftest: ensure samba4.nss.test.*using.*winbind is always testedAndrew Bartlett1-1/+0
With the winbind fixes now in master this should be more reliable. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-07-24selftest: ensure samba4.rpc.samr.large-dc.two.samr.many is always testedAndrew Bartlett1-1/+0
This test should now be more reliable with the over-allocation of RID values now fixed. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-07-24rpc_server-drsuapi: Improve comments and DEBUG linesAndrew Bartlett1-4/+3
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-07-24dsdb: Add assert in drepl_take_FSMO_roleAndrew Bartlett1-4/+3
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
2013-07-24selftest: Ensure the DC has started and and got a RID set before we proceedAndrew Bartlett1-1/+21
This avoids errors when a busy DC has not yet fetched a RID set, showing up as flapping tests when users are created, such as the samr.large-dc test. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-07-24dsdb-ridalloc: Rework ridalloc to return error strings where RID allocation ↵Andrew Bartlett1-15/+41
fails We now also only poke the RID manager once per request. This may help track down why RID allocation can fail, as while we never wait for the RID set to be created/updated, it may be the only clue the admin gets as to why the async allocations were failing. Andrew Bartlett Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>