summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2010-05-12s4-smbtorture: add RAP-SAM testsuite with a rap_NetUserPasswordSet2 test.Günther Deschner4-2/+63
Guenther
2010-05-12s4-smbtorture: getting serious about checking rap status return codes.Günther Deschner1-0/+18
Guenther
2010-05-12s4-smbtorture: add torture_create_testuser_max_pwlen() that allows to set ↵Günther Deschner1-6/+16
maxpwlen. required for upcoming rap pwd tests. Guenther
2010-05-12s4-smbtorture: autolookup domain in torture_create_testuser() if none was given.Günther Deschner1-15/+70
Guenther
2010-05-11Fix more SMB2-OPLOCK bugs. Only 3 more issues to address then we're good to ↵Jeremy Allison2-2/+15
go on this test. Jeremy.
2010-05-11s3:kerberos Return PAC_LOGON_INFO rather than the full PAC_DATAAndrew Bartlett7-163/+50
All the callers just want the PAC_LOGON_INFO, so search for that in ads_verify_ticket(), and don't bother the callers with the rest of the PAC. This change makes sense on it's own (removing boilerplate wrappers that just confuse the code), but it also makes it much easier to implement a matching ads_verify_ticket() function in Samba4 for the s3compat proposal. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-11s4-smbtorture: test netservergetinfo level 1 also against s3.Günther Deschner2-8/+4
Guenther
2010-05-11not all versions of env like more than one argument...Björn Jacke1-1/+1
2010-05-11pidl: fix build on systems that don't have perl in /usr/bin/Björn Jacke1-1/+1
2010-05-11s4:dsdb: cached results of samdb_rodc()Stefan Metzmacher1-1/+29
metze
2010-05-11tdb: commit ABI/tdb-1.2.2.sigsStefan Metzmacher1-0/+60
metze
2010-05-11s4:heimdal: remove unused heimdal/lib/hcrypto/evp-cc.cStefan Metzmacher1-659/+0
metze
2010-05-11s4:heimdal_build: remove heimdal/lib/hcrypto/evp-cc.c from the buildStefan Metzmacher1-1/+1
This is not needed and contains one big #ifdef __APPLE__ and breaks the build on Mac OS 10. metze
2010-05-11s3:configure: fix a messageMichael Adam1-1/+1
2010-05-11s4:torture/rpc/netlogon.c - don't use constant "AF_LOCAL" but do use ↵Matthias Dieter Wallnöfer1-2/+2
"AF_UNIX" instead "AF_LOCAL" isn't portable but has the same value as "AF_UNIX".
2010-05-11s3:Makefile: build smbtorture4 as static binary with socket_wrapper supportStefan Metzmacher1-1/+2
metze
2010-05-11waf:libreplace: set _OSF_SOURCE to fix build on Tru64Björn Jacke1-0/+4
2010-05-11README.Coding - cosmetic changesMatthias Dieter Wallnöfer1-42/+45
- Fix typos - Wrap lines - Remove trailing whitespaces - use ":" instead of "::" - one colon should in all cases be enough
2010-05-11build: skip missing executables in testwaf.shKai Blin1-2/+12
2010-05-11tdb: remove unused variable in tdb_new_database().Günther Deschner1-1/+0
Guenther
2010-05-11Revert "s4-rodc: Fix provision warnings by creating ntds objectGUID in ↵Anatoliy Atanasov3-32/+1
provision" This reverts commit c3cbb846d0bfbaa11fd255bada7fa5fe502d4d96. The fix is not correct, we should cache a bool to answer amIRODC
2010-05-11Revert "s4:password_hash LDB module - don't break the provision"Stefan Metzmacher1-3/+0
This reverts commit 6276343ce1b7dd7d217e5a419c09f209f5f87379. This is not needed anymore. metze
2010-05-11Revert "s4:password hash LDB module - check that password hashes are != NULL ↵Stefan Metzmacher1-10/+6
before copying them" This reverts commit fa87027592f71179c22f132e375038217bc9d36a. This check is done one level above now. metze
2010-05-11s4:dsdb/password_hash: only try to handle a hash in the unicodePwd field if ↵Stefan Metzmacher1-2/+2
it's given Sorry, I removed this logic while cleaning up indentation levels... metze
2010-05-11README.Coding: fix good exampleStefan Metzmacher1-1/+2
metze
2010-05-11s4-smbtorture: fix smbcli_rap_netuserpasswordset2().Günther Deschner1-2/+2
Guenther
2010-05-11s4-smbtorture: fix smbcli_rap_netoemchangepassword.Günther Deschner1-4/+3
Guenther
2010-05-11s4-smbtorture: correctly fill in trans.in.data in rap_cli_do_call().Günther Deschner1-2/+14
Guenther
2010-05-10s4:password_hash LDB module - we might not have a cleartext password at allMatthias Dieter Wallnöfer1-26/+29
When we don't have the cleartext of the new password then don't check it using "samdb_check_password".
2010-05-10SMB2 always have level2 oplock capability. Correct mapping from break ↵Jeremy Allison4-3/+6
messages to SMB2 oplock levels. Jeremy.
2010-05-10Stop us crashing in SMB2-OPLOCK test. Don't allow more than one outstanding ↵Jeremy Allison1-5/+33
immediate event. Jeremy.
2010-05-10s4/tort: Add test for comparing special DNsKamen Mazdrashki1-0/+18
2010-05-10s4/dn: handle case 'base' dn has no componentsKamen Mazdrashki1-1/+1
This could if the 'base' dn is special for example.
2010-05-10s4-smbtorture: add smbcli_rap_netoemchangepassword().Günther Deschner1-0/+49
Guenther
2010-05-10rap: add rap_NetOEMChangePassword() to IDL.Günther Deschner1-0/+8
Guenther
2010-05-10Fix the processing of unlocks followed by locks. We now pass SMB2-LOCK test.Jeremy Allison1-9/+5
Jeremy.
2010-05-10Fix more of the SMB2-LOCK tests. Correctly unlock locks on error.Jeremy Allison1-3/+19
Jeremy.
2010-05-10s4:password_hash LDB module - quiet a warningMatthias Dieter Wallnöfer1-1/+1
2010-05-10s4:password hash LDB module - check that password hashes are != NULL before ↵Matthias Dieter Wallnöfer1-6/+10
copying them
2010-05-10s4:password_hash LDB module - don't break the provisionMatthias Dieter Wallnöfer1-0/+3
This is to don't break the provision process at the moment. We need to find a better solution.
2010-05-10s4:passwords.py - add a python unittest for additional testing of my ↵Matthias Dieter Wallnöfer2-0/+580
passwords work This performs checks on direct password changes over LDB/LDAP. Indirect password changes over the RPCs are already tested by some torture suite (SAMR passwords). So no need to do this again here.
2010-05-10s4:samdb_set_password - adapt it for the user password change handlingMatthias Dieter Wallnöfer1-0/+12
Make use of the new "change old password checked" control.
2010-05-10s4:samdb_set_password/samdb_set_password_sid - ReworkMatthias Dieter Wallnöfer4-383/+159
Adapt the two functions for the restructured "password_hash" module. This means that basically all checks are now performed in the mentioned module. An exception consists in the SAMR password change calls since they need very precise NTSTATUS return codes on wrong constraints ("samr_password.c") file
2010-05-10s4:password_hash - Implement password restrictionsStefan Metzmacher1-0/+195
Based on the Patch from Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>. metze
2010-05-10s4:password_hash - Rework to handle password changesMatthias Dieter Wallnöfer1-138/+450
- Implement the password restrictions as specified in "samdb_set_password" (complexity, minimum password length, minimum password age...). - We support only (administrative) password reset operations at the moment - Support password (administrative) reset and change operations (consider MS-ADTS 3.1.1.3.1.5)
2010-05-10s4:password_hash - Rework unique value checksMatthias Dieter Wallnöfer1-49/+71
Windows Server performs the constraint checks in a different way than we do. All testing has been done using "passwords.py".
2010-05-10s4:password_hash - Various (mostly cosmetic) preworkMatthias Dieter Wallnöfer1-176/+240
- Enhance comments - Get some more attributes from the domain and user object (needed later) - Check for right objectclass on change/set operations (instances of "user" and/or "inetOrgPerson") - otherwise forward the request - (Cosmetic) cleanup in asynchronous results regarding return values
2010-05-10s4:dsdb: add new controlsMatthias Dieter Wallnöfer2-0/+24
- Add a new control for getting status informations (domain informations, password change status) directly from the module - Add a new control for allowing direct hash changes - Introduce an addtional control "change_old password checked" for the password
2010-05-10s4:setup: mark DSDB_CONTROL_DN_STORAGE_FORMAT_OID 1.3.6.1.4.1.7165.4.3.4 as ↵Stefan Metzmacher1-2/+4
allocated metze
2010-05-10v2 Latest enhancements in ldapcmp toolZahari Zahariev1-140/+262
- Added support for replicating hosts versus hosts in different domains - Added switches for the following modes: = two - ignores additional attributes that cannot be the same in two different provisions (domains) = quiet - display nothing, only return code = verbose - display all dn objects through compare fase = default - display only objects with differences - Added more placeholders for nETBIOSDomainName and ServerName