summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r4636: Per tridge's wish (and probably correct behaviour), don't key off aAndrew Bartlett1-1/+3
specific GENSEC mech type, but on the behaviour of the mech. Andrew Bartlett (This used to be commit f2bd7a5a699b91d99d7dc2a0b3b6c7006274a59c)
2007-10-10r4635: Fix NTLMSSP to return NT_STATUS_OK when it has constructed the authAndrew Bartlett8-234/+146
token in the client (the final token in the negotiation). Consequential fixes in the SPNEGO code, which now uses the out.length as the indicator of 'I need to send something to the other side'. Merge the NTLM and SPNEGO DCE-RPC authentication routines in the client. Fix the RPC-MULTIBIND test consequent to this merge. Andrew Bartlett (This used to be commit 43e3516fc03008e97ebb4ad1a0cde464303f43c6)
2007-10-10r4634: disable sign and seal in ldap_server for now.Stefan Metzmacher1-6/+6
metze (This used to be commit 872c687184e5317b4477a184e0a954e6de0b8e9e)
2007-10-10r4632: added spnego testing and no-auth testing in test_w2k3.shAndrew Tridgell1-1/+1
(This used to be commit 4f30220a5aafb2843e486be4a743e0fe9e9f462c)
2007-10-10r4631: don't consider an epmapper insert as a failure for the momentAndrew Tridgell1-1/+2
(This used to be commit ba6caa99a454cb3393c8898f1e5be4a432b820c4)
2007-10-10r4630: for ncacn_np if we don't have an explicit request for one of theAndrew Tridgell2-2/+6
advanced auth types we should do a plain bind. This fixes rpc connections to ancient servers (like sun cascade) (This used to be commit 59a5a0b218f7182c541a06ffc4528c1160699033)
2007-10-10r4629: we now have a global macro NT_STATUS_HAVE_NO_MEMORY()Stefan Metzmacher2-56/+42
so don't use a local one metze (This used to be commit dd217f7916c885e1395f6f2a78e38e10f56e5f0f)
2007-10-10r4628: this function should be staticStefan Metzmacher1-1/+1
metze (This used to be commit 590afa88f15c32bc14b2c23e2c57b3401d9c3de7)
2007-10-10r4627: - simplified the dcerpc auth code using a common functionAndrew Tridgell6-118/+93
- added support for "spnego" in binding strings. This enables SPNEGO auth in the dcerpc client code, using as many allter_context calls as are needed To try SPNEGO do this: smbtorture ncacn_ip_tcp:SERVER[spnego,seal] -Uadministrator%password RPC-SAMR (This used to be commit 9c0a3423f03111c110d21c0d3910e16aa1a8bf87)
2007-10-10r4626: Jelmer, can you look at why this init is failing? It is preventing ↵Andrew Tridgell1-1/+1
all tools from working (This used to be commit e59c5adf39c2c840a40a62485195167f80b9ef53)
2007-10-10r4625: added a test that demonstrates that once a context_id is established,Andrew Tridgell1-0/+28
it can't be changed (so you have to create a new context_id, not change the interface bound to an existing one) (This used to be commit 5f10a8f8d04d627927d9870c87d6e7d8b98d563c)
2007-10-10r4624: Several crash fixes for DCOMJelmer Vernooij6-12/+64
More work on the example class implementation (This used to be commit 1f8f4dd179d5aa0472c676d115dc2fc1749ce32d)
2007-10-10r4623: Convert values from UTF8 to UTF16 in gconf registry backend (caughtJelmer Vernooij1-3/+4
by Andrew Bartlett) (This used to be commit da3c7712d234291f9c5a3c48daae02bdf0878bf0)
2007-10-10r4622: Clarify a comment a bitVolker Lendecke1-1/+2
(This used to be commit e76d486b04ee114087a69a659fbc47e585e71510)
2007-10-10r4621: Add torture tests for epm_Insert and epm_DeleteJelmer Vernooij1-0/+71
(This used to be commit b1ff60667038aa1e2d7c6ad2015ba33ac5a90dc6)
2007-10-10r4620: - add interface functions to the auth subsystem so that callers ↵Stefan Metzmacher20-1637/+1267
doesn't need to use function pointers anymore - make the module init much easier - a lot of cleanups don't try to read the diff in auth/ better read the new files it passes test_echo.sh and test_rpc.sh abartlet: please fix spelling fixes metze (This used to be commit 3c0d16b8236451f2cfd38fc3db8ae2906106d847)
2007-10-10r4619: Remove extern declaration of dcerpc_pipes, which is now staticJelmer Vernooij1-3/+0
(This used to be commit 95e849bf94160ae4807a54b28e351539c1119215)
2007-10-10r4618: - tidied up the alter_context client code a bitAndrew Tridgell11-143/+100
- there is no alter_nak or alter_ack packet, its all done in an alter_response - auto-allocated the contex_ids - tried to fix up the dcom code to work again with alter_context. Jelmer, please take a look :) (This used to be commit dd1c54add8884376601f2f8a56c01bfb8add030c)
2007-10-10r4617: basic alter_context requests now work in our client library. The testAndrew Tridgell8-22/+217
just does a simple LSA/DSSETUP combo, which is what w2k does in the ACL editor rpc calls that triggered this work (This used to be commit 0129ec947aa1fa5a7104dc3a666af3cb9bd104f1)
2007-10-10r4616: the first phase in the addition of proper support forAndrew Tridgell23-584/+627
dcerpc_alter_context and multiple context_ids in the dcerpc client library. This stage does the following: - split "struct dcerpc_pipe" into two parts, the main part being "struct dcerpc_connection", which contains all the parts not dependent on the context, and "struct dcerpc_pipe" which has the context dependent part. This is similar to the layering in libcli_*() for SMB - disable the current dcerpc_alter code. I've used a #warning until i get the 2nd phase finished. I don't know how portable #warning is, but it won't be long before I add full alter context support anyway, so it won't last long - cleanup the allocation of dcerpc_pipe structures. The previous code was quite awkward. (This used to be commit 4004c69937be7e5dae56f9567ca607f982d395d3)
2007-10-10r4615: added acl checking on directory search in pvfsAndrew Tridgell5-12/+24
(This used to be commit 0e61a422bd9a1596a284c176f033e958bbeaa8ce)
2007-10-10r4614: Fix RPC-SAMLOGON, to use the workstation context (forgot to globally ↵Andrew Bartlett2-5/+8
replace). Andrew Bartlett (This used to be commit ddb54d4ea1610b38e011e2f217ded7b6278d5290)
2007-10-10r4613: Fix stuff I broke in the last commit with the /x regexp flag.Tim Potter1-44/+45
(This used to be commit 20f9143221021ab050802d6aed359677bee978ed)
2007-10-10r4612: make the output for the w2k3 acl bug a bit clearerAndrew Tridgell1-0/+19
(This used to be commit 24ec8c4274241576683f1f6c86c33a2dfa43848c)
2007-10-10r4611: - renamed add_socket() to smb_add_socket() as that is less confusingAndrew Tridgell1-10/+6
- removed the spurious call to set_blocking() in the smb server setup. (This used to be commit 76d905d12e6f65a3670e4167ec79d8876b772ca6)
2007-10-10r4610: You can't join as a BDC and test against trusted domains. This testAndrew Bartlett1-1/+4
only needs WS privilages anyway. Andrew Bartlett (This used to be commit a093c4f98e833198ee59064b2cb9b9b45a188a59)
2007-10-10r4609: add a usefull data_blob_dup_talloc() macroStefan Metzmacher1-0/+1
metze (This used to be commit 11e006df1689d4b4b202bca640106fd789495284)
2007-10-10r4608: - use better error codesStefan Metzmacher1-12/+7
- use new NT_STATUS_* macros for error checking return - don't use talloc_p anymore metze (This used to be commit 372a8eeeefc2ebff50211985372888b5b6d4eb65)
2007-10-10r4607: add some usefull macros to make the code more readableStefan Metzmacher1-0/+36
metze (This used to be commit 62c45635ff8a158acefd4ae2aae2ffc352a97113)
2007-10-10r4606: Start adding some more comments and some indentation for the eparserTim Potter1-43/+93
regexps. Hopefully this will make things a bit easier to understand later on. (This used to be commit c325859eb6a0972638bbbb83ebb2dfda489ac8ee)
2007-10-10r4605: Fix a confusing comment :-)Volker Lendecke1-1/+1
(This used to be commit fbd2a90bcdb7426c9a15bd8dc09da9008a0bc1bf)
2007-10-10r4603: Test creating local and global secrets over LSA.Andrew Bartlett1-97/+102
Andrew Bartlett (This used to be commit 96806136ead3d1949516b2cfe7350a4e10681c28)
2007-10-10r4600: Remove Data::Dumper import leftover from debugging.Tim Potter1-12/+16
Return more ethereal types and bases for hf fields. Currently we assume that enums always fit into a uint16 which will probably have to change soon. (This used to be commit 25f6e11f3156e21c1dc03afa879e9cda2f5dd341)
2007-10-10r4599: Remove some duplicated code in pidl.pl.Tim Potter3-24/+42
Start working on adding support for bitmaps and enums. In progress tweaks for arrays of structures. (This used to be commit d39cb7ecb4c193cbba628ee6d6f9b5c5bbf89d33)
2007-10-10r4597: Recently I've come across a case where I suspect the GetAnyDCName ↵Volker Lendecke1-0/+94
request to kill the domain controller I'm asking. In samba4 torturing the DC is just so easy, commit the test to randomized ask for DCs for all trusted domains. Volker (This used to be commit edb918762e1e46909520f13e28dcf8cedb2919b1)
2007-10-10r4596: added a dynamic inheritance ACLs test. As far as I can tell w2k3 does ↵Andrew Tridgell1-10/+148
not do dynamic inheritance (This used to be commit ebe6b002843196bc6d6fadfa646aa3bc8eb27af8)
2007-10-10r4595: on create check access against parent not child ...Andrew Tridgell1-2/+2
(This used to be commit 5a1a17d3fc771b1e1c61297067f38c87901891d3)
2007-10-10r4594: Add more testes to the standard 'passes against win2k3' script.Andrew Bartlett1-2/+2
Andrew Bartlett (This used to be commit 07295b3b07984ec3d1de9ed27835dbda7b4b7d0f)
2007-10-10r4593: don't use the _p function in the testsuite, as when built standalone ↵Andrew Tridgell1-9/+9
it doesn't use TALLOC_DEPRECATED (This used to be commit 2fe0e2528f14627832942f6404a4b1be4b556c97)
2007-10-10r4592: fixed typo from talloc testsuite fixup for the new syntaxAndrew Tridgell1-1/+1
(This used to be commit 1177200dd9392c088f5b009f55390ad31c367e5f)
2007-10-10r4591: - converted the other _p talloc functions to not need _pAndrew Tridgell39-105/+136
- added #if TALLOC_DEPRECATED around the _p functions - fixes the code that broke from the above while doing this I fixed quite a number of places that were incorrectly using the non type-safe talloc functions to use the type safe ones. Some were even doing multiplies for array allocation, which is potentially unsafe. (This used to be commit 6e7754abd0c225527fb38363996a6e241b87b37e)
2007-10-10r4590: Make RPC-SAMSYNC pass againt Win2k3.Andrew Bartlett1-4/+9
Andrew Bartlett (This used to be commit 7bb00a80ac55252b8c05b33fd576b8606470e9be)
2007-10-10r4589: forgot to commit the new NT_STATUS_RPC_PROTSEQ_NOT_SUPPORTED error codeAndrew Tridgell2-0/+2
(This used to be commit f4337c988c15dc84e3cfd77b628e92a0996717ea)
2007-10-10r4588: fixed the double bind in ncalrpc with dcerpc_secondary_connection()Andrew Tridgell1-1/+1
(This used to be commit b65a95c11778fd778ad3c013664aea7d038e16ae)
2007-10-10r4587: fixed dcerpc_secondary_connection() for ncacn_ip_tcpAndrew Tridgell1-3/+1
this fixes RPC-SAMLOGON and some other tests on ncacn_ip_tcp (This used to be commit 244370d62424ab3c0f9d6689b0e674d057b3fc09)
2007-10-10r4586: RPC-LSA now passes against w2k3Andrew Tridgell1-2/+2
(This used to be commit e252f80f2bc5de4a3de84acf232f5334b5d448f6)
2007-10-10r4585: don't consider LookupSids3 failing with NT_STATUS_ACCESS_DENIED (as ↵Andrew Tridgell1-1/+38
w2k3 does) or NT_STATUS_RPC_PROTSEQ_NOT_SUPPORTED (as longhorn does) to be an error. fixed the CreateTrustedDomain test to cope with the "torturedomain" being left over from a previous aborted run (This used to be commit 429d79815c260781fae6eed28160d7507e780f34)
2007-10-10r4584: fix pvfs backend to pass the new enhanced RAW-ACLS test. Easy once I ↵Andrew Tridgell5-20/+43
really the strange behaviour I saw was a w2k3 bug :-) (This used to be commit e729061bcde25d0565a72222e4720ca8074ef23f)
2007-10-10r4583: print which bit failed in the owner bits checkAndrew Tridgell1-0/+4
(This used to be commit f893ad9c45d6d06fa1b6f1f949a7834e7bf99ba7)
2007-10-10r4582: finally worked out what is going on with the inherited ACLs test and ↵Andrew Tridgell1-12/+197
win2003. It is a win2003 bug! This new test code works against w2k, and against longhorn, but fails against w2k3. When tested against w2k3 it allows a open with an access mask that should be denied by the given ACL, after setting up the ACL using inheritance. Note that only the very specific SEC_RIGHTS_FILE_ALL mask incorrectly succeeds, so they must have a special case for that mask. Maybe its an optimisation gone wrong? I don't know if there are any serious security implications to this, but it is pretty clearly wrong, and has been fixed in longhorn. (This used to be commit 4f9fd767dbb5e47f3786f5acda17267d57e839e0)