summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2009-10-02pythonbindings: allow add() to have an array of controls as second parameterMatthieu Patou1-0/+1
2009-10-02s4-ldb: Use relax control to check in replace metadata module if we accept ↵Matthieu Patou1-5/+38
request that specify objectGUID attribute.
2009-10-02s4-ldb: Add new relax controls that allow relaxed x500 constraints checksMatthieu Patou2-0/+35
2009-10-02s4:ntvfs Don't attempt to follow NULL in unixuid_setup_security()Andrew Bartlett1-1/+4
This segfault occoured in cases where we rejected (or never attempted) the tree connect, so had an invalid private pointer for the logoff codepath. Andrew Bartlett
2009-10-02s4:Ensure the selected RDN is the right one per the schemaAndrew Bartlett1-1/+7
The relative DN must be the one that the most specific structural objectclass specifies. Andrew Bartlett
2009-10-02s4-samldb: the samldb module requires that the primary group existsAndrew Tridgell1-9/+17
We need to create Domain Users in the test ldb
2009-10-02s4-samdb: added some debuggingAndrew Tridgell1-2/+8
This helped track down the samba3sam.py failures
2009-10-02s4-test: skip python gensec test until its finishedAndrew Tridgell1-0/+1
2009-10-02s4-pygensec: a bit closer to workingAndrew Tridgell3-9/+56
I'll need help from Andrew on how to get gensec to initialise it's ops element
2009-10-02pidl: fixed unit tests for trailer alignmentAndrew Tridgell1-0/+2
2009-10-02pid: update ndr testsuite for new union alignmentAndrew Tridgell1-1/+2
2009-10-02s4-torture: added a very simple samr ValidatePassword testAndrew Tridgell1-0/+32
2009-10-02s4-samr: fake up a samr_ValidatePassword responseAndrew Tridgell1-1/+5
mdw is working on the correct call to check the password strength
2009-10-02idl: rebuilt the IDL for the build farmAndrew Tridgell27-6/+1635
2009-10-02s4-libnet: give sane error messages when functional levels don't matchAndrew Tridgell1-8/+12
It is nice to tell the user why their command failed :-)
2009-10-02s4:dsdb/common/sidmap - RemoveMatthias Dieter Wallnöfer2-613/+0
As metze pointed out - this seems to be completely dead code. I too didn't find any dependencies in other code parts. Therefore remove it.
2009-10-02s4:provision - Change the default forest/domain function level back to ↵Matthias Dieter Wallnöfer2-2/+2
Windows 2003 Native
2009-10-02s4:libnet_become_dc - add checks for valid domain/forest function levelsMatthias Dieter Wallnöfer1-10/+52
Add checks to make sure that we join only supported AD domains (we agreed that those are >= (Windows) 2003 Native per default - this is changeable with the "ads:function level" option). Add also checks to make sure that we cannot join domains which have a bigger function level than our DC capable function level (e.g. a (Windows) 2008 DC cannot join a (Windows) 2008 R2 domain).
2009-10-02ndr64: added support for trailing gap alignmentAndrew Tridgell3-0/+24
NDR64 has a 'trailing gap' alignment, which aligns the end of a structure on the overall structure alignment. This explains the discrepancy we had with the RPC-SAMR test and NDR64
2009-10-02s4-ldb: accept the binary DN OIDs in extended DN modulesAndrew Tridgell2-4/+8
2009-10-02s4-ldb: Add support for binary blobs in DNsAndrew Tridgell3-53/+408
AD has the concept of a DN prefixed with B:NN:XXXXXX: that contains a binary blob. We need to support those in order to give correctly formatted binary blobs for things like wellKnownObjects This implementation is not ideal, as it allows for binary blobs on all DNs, whereas it should only allow them on those with a syntax of 2.5.5.7. We should clean this up in the future, but meanwhile this implementation at least gets us a working DC join of w2k8 to s4. This patch also uses a static function for marking DNs as invalid, which is very useful when debugging this code, as you can break on it in gdb.
2009-10-02s4-cldap: match w2k8-r2 for cldap netlogon bitsAndrew Tridgell1-10/+17
Windows does not set the 3 high bits, which is strange given their meaning. I've submitted a CAR on this.
2009-10-02ds-flags: use the new name DS_DNS_FOREST_ROOTAndrew Tridgell3-7/+7
Update to use the new DS_DNS_FOREST_ROOT name, which makes it clearer what this bit means (according to MS-ADTS doc)
2009-10-02s3-ads: removed 3 unused definesAndrew Tridgell1-3/+0
These are in nbt.idl and netlogon.idl as well, no need to have them here under different names, especially when the comments are wrong
2009-10-02idl: use common netlogon bit definitionsAndrew Tridgell2-4/+7
The DS_ bits had got a bit ahead of the NBT_ bits. Ideally we'd make these a single set of bits at some point. This also removes NBT_SERVER_DNS_FOREST as this bit doesn't exist. I think it came from someone mis-reading the docs, which show the bits in reverse order within bytes (one of the worst bit table representations I have ever seen!)
2009-10-01s4/torture: Add two new SMB RAW-OPEN testsAravind Srinivasan3-1/+296
* Add chained NTCREATEX_READX test which first tries to open/read a non-existant file failing on the open, then attempts the same operation on a file that does exist, opening and reading successfully. * Add test for open_dispositions on directories.
2009-10-01s4/torture: convert printf to torture_comment() in RAW-OPENAravind Srinivasan1-58/+103
Allows "make test" and other harnesses to print cleaner output.
2009-10-01Fix bug #6769 - symlink unlink does nothing.Jeremy Allison1-1/+5
Always use LSTAT for POSIX pathnames. Jeremy.
2009-10-01s4/torture: second try on renaming oplocks.c to oplock.cSteven Danneman1-0/+3617
Forgot to "git add" the new file in commit b2bcfaae
2009-10-01NULL is not a valid event context.Jeremy Allison1-1/+1
Jeremy.
2009-10-01s4/torture: rename oplocks.c to oplock.c to match SMB1 file layoutSteven Danneman2-3618/+1
2009-10-01s4/torture: Ported SMB oplock torture tests to SMB2Steven Danneman3-68/+3519
I've ported all applicable SMB oplock torture tests to SMB2, giving us a good base for SMB2 oplock testing. There are several differences between oplocks in SMB and SMB2, mostly because of differences in W2K3 and W2K8. The existing SMB oplock tests all pass against W2K3, but several fail against W2K8. These same tests were failing in SMB2, util I reworked them. BATCH19, BATCH20: In W2K3/SMB a setfileinfo - rename command wouldn't cause a sharing violation or break an existing oplock. It appears that in W2K8/SMB2 a sharing violation is raised. BATCH22: In W2K3/SMB when a second opener was waiting the full timeout of an oplock break, it would receive NT_STATUS_SHARING_VIOLATION after about 35 seconds. This bug has been fixed in W2K8/SMB2 and instead the second opener succeeds. LEVELII500: Added 1 new test checking that the server returns a proper error code when a client improperly replies to a levelII to none break notification. STREAM1: W2K8 now grants oplocks on alternate data streams.
2009-10-01s4/torture: fix typo in test commentSteven Danneman1-1/+1
2009-10-01s4/asn1: ber_read_OID_String() to be based on _ber_read_OID_String_impl()Kamen Mazdrashki1-30/+3
2009-10-01s4/asn1: local TALLOC_CTX should be child of torture_contextKamen Mazdrashki1-2/+2
2009-10-01s4/asn1: fixed typo in torture messagesKamen Mazdrashki1-2/+2
2009-10-01s4/asn1: Added test for ber_read_partial_OID_String()Kamen Mazdrashki1-0/+45
2009-10-01s4/asn1: Added test for ber_read_OID_String()Kamen Mazdrashki1-0/+32
2009-10-01s4/asn1: Added test for ber_write_partial_OID_String()Kamen Mazdrashki1-0/+74
2009-10-01s4/asn1: Added test for ber_write_OID_String()Kamen Mazdrashki1-0/+74
2009-10-01s4/asn1: Added torture suite for ASN1Kamen Mazdrashki3-0/+37
2009-10-01util: strhex_to_str() fixed to handle '0x' correctlyKamen Mazdrashki1-6/+6
2009-10-01util: fixed compile time "discards qualifiers" warningKamen Mazdrashki1-3/+3
2009-10-01s4/drsuapi: ber_read_partial_OID_String() implementationKamen Mazdrashki2-0/+37
2009-10-01s4/drsuapi: Internal implementation for ber_read_OID_StringKamen Mazdrashki1-0/+40
Modified implementation _ber_read_OID_String_impl() returns how much bytes are converted. The intentation is to use this implementation both for reading OIDs and partial-OIDs in the future
2009-10-01s4/drsuapi: ber_write_partial_OID_String() implementationKamen Mazdrashki2-0/+36
2009-10-01s3:Makefile: fix talloc dependencies with static buildBjörn Jacke1-65/+64
When configure options --with-libtalloc=no --enable-shared-libs=no are used, LIBTALLOC_TARGET stays empty. Actually LIBTALLOC_TARGET which is only used for Makefile dependencies is obsolete as LIBTALLOC contains exactly the targets that make the dependencies are. Obnox, pleaѕe check!
2009-10-01s3:configure: don't throw away PRINT_LIBSBjörn Jacke1-1/+1
PRINT_LIBS might have been set before intentionally, so don't thow it away.
2009-10-01s3: update comment about (deprecated) a6 recordsBjörn Jacke1-1/+2
2009-10-01Fix for CVE-2009-2813.Jeremy Allison2-2/+11
=========================================================== == Subject: Misconfigured /etc/passwd file may share folders unexpectedly == == CVE ID#: CVE-2009-2813 == == Versions: All versions of Samba later than 3.0.11 == == Summary: If a user in /etc/passwd is misconfigured to have == an empty home directory then connecting to the home == share of this user will use the root of the filesystem == as the home directory. ===========================================================