summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2011-09-05s4-dsdb Print clearer error messages when invalid account flags are ↵Andrew Bartlett1-0/+9
specified on add
2011-09-05s4-provision Use ProvisioningError and the eadbAndrew Bartlett2-6/+27
The eadb flag tells us to avoid using system extended attributes, typcially if we are not running as root (ie, in a test environment). The ProvisioningError class allows us to return failures to the upgrade_from_s3 script which can then be detected correctly by the selftest framework. Andrew Bartlett
2011-09-05s4-provision Add realm to DC configuration in upgrade_from_s3 testAndrew Bartlett1-0/+1
2011-09-04s4-provision Allow a missing idmap DB in upgrade.pyAndrew Bartlett1-2/+9
Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Sun Sep 4 06:34:16 CEST 2011 on sn-devel-104
2011-09-04s4-provision cope with SID_NAME_WKN_GRP mappings in upgrade.pyAndrew Bartlett1-1/+5
Some incorrect LDAP backends have entries with this group type, but due to the pdb_ldap code, we cannot read the group members, and we already skip them in add_group_from_mapping_entry(). Andrew Bartlett
2011-09-03s3:smb2cli: ask for a session key in smb2cli_sesssetup_send()Stefan Metzmacher1-0/+3
This is needed if we want to support SMB2 signing later. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Sat Sep 3 16:21:35 CEST 2011 on sn-devel-104
2011-09-03s3-spoolss: Fix bug #8236 empty notify servername.Andreas Schneider1-0/+9
Signed-off-by: Andreas Schneider <asn@samba.org> Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Sat Sep 3 02:58:42 CEST 2011 on sn-devel-104
2011-09-03Part 5 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid for set ↵Jeremy Allison1-4/+21
(Invalid argument) Be smarter about setting default permissions when a ACL_GROUP_OBJ isn't given. Use the principle of least surprises for the user. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Sat Sep 3 00:16:05 CEST 2011 on sn-devel-104
2011-09-02Part 4 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid for set ↵Jeremy Allison1-8/+11
(Invalid argument) Be smarter about setting default permissions when a ACL_USER_OBJ isn't given. Use the principle of least surprises for the user.
2011-09-02Part 3 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid for set ↵Jeremy Allison1-7/+6
(Invalid argument) Don't call check_owning_objs() to convert ACL_USER->ACL_USER_OBJ and AC_GROUP->ACL_GROUP_OBJ for default (directory) ACLs, we do this separately inside ensure_canon_entry_valid().
2011-09-02Part 2 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid for set ↵Jeremy Allison1-0/+38
(Invalid argument) Only map CREATOR_OWNER/CREATOR_GROUP to ACL_USER_OBJ/ACL_GROUP_OBJ in a default(directory) ACL set.
2011-09-02Part 1 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid for set ↵Jeremy Allison1-72/+0
(Invalid argument) Remove the code I added for bug "6878 - Cannot change ACL's inherit flag". It is incorrect and causes the POSIX ACL ACL_USER_OBJ duplication.
2011-09-02s3:registry: fix a debug message typoMichael Adam1-1/+1
Autobuild-User: Michael Adam <obnox@samba.org> Autobuild-Date: Fri Sep 2 11:47:11 CEST 2011 on sn-devel-104
2011-09-02s3:registry: introduce a define REGDB_CODE_VERSION and use it in regdb code.Michael Adam2-9/+9
This is to not use the precise code version REGDB_VERSION_V3 explicitly in the code.
2011-09-02s3:registry: rename REGVE_Vx toREGDB_VERSION_Vx for consistencyMichael Adam2-15/+15
2011-09-02s3:registry: implement regdb_set_secdesc() with regdb_trans_do()Michael Adam1-22/+43
Autobuild-User: Michael Adam <obnox@samba.org> Autobuild-Date: Fri Sep 2 00:51:40 CEST 2011 on sn-devel-104
2011-09-01s3:registry: implement regdb_store_values() with regdb_trans_do()Michael Adam1-1/+26
This adds the runtime check for changed regdb format version to store_values
2011-09-01s3:registry: change regdb_store_values_internal() from bool to NTSTATUS ↵Michael Adam1-11/+15
return code
2011-09-01s3:registry: use the regdb_trans_do wrapper instead of using dbwrap_trans_do ↵Michael Adam1-18/+18
directly in the registry db code. This verifies the regdb format version number before the corresponding write operations.
2011-09-01s3:registry: add regdb_trans_do(): a transaction wrapper that will check the ↵Michael Adam1-0/+42
regdb version If the version has changed since initialization, the write will fail with ACCESS_DENIED.
2011-09-01s3:registry: drop log level of unknown regdb version message in regdb_init() ↵Michael Adam1-1/+1
to 0
2011-09-01Fix bug 8433, segfault in iconv.cVolker Lendecke1-1/+0
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Thu Sep 1 18:25:34 CEST 2011 on sn-devel-104
2011-09-01s3-rpc_server: Add missing rng_fault_state in epmapper.Andreas Schneider1-0/+2
We need to raise an exception so we need to set the rng_fault_state for epm_Insert and epm_Delete if someone connects over a transport other than NCALRPC. Autobuild-User: Andreas Schneider <asn@cryptomilk.org> Autobuild-Date: Thu Sep 1 15:59:50 CEST 2011 on sn-devel-104
2011-09-01s3-rpc_server: Handle services with multiple pipe names.Andreas Schneider2-4/+10
The configuration should only use the default pipe name to configure all of them correctly.
2011-09-01ldb: make the 'spy' code more paranoidAndrew Tridgell2-10/+12
the spy code in ldb_tdb was added a while ago to overcome a memory hierarchy problem with async ldb errors. Recently we started to get valgrind errors related to the order of free in the spy code. This patch ensures that we don't try to use a freed spy pointer. This prevents the valgrind errors, although I suspect that the memory hierarchy we have here is more complex than it needs to be Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Thu Sep 1 08:54:23 CEST 2011 on sn-devel-104
2011-09-01s4-services: disable the web server by defaultAndrew Tridgell1-1/+1
the web server is not being actively maintained, and is causing problems with memory errors (as shown by valgrind). It is better to disable this until it can get some TLC Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-09-01ldb: fixed ldbsearch when no baseDN specified and cross-ncs is usedAndrew Tridgell1-4/+24
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-09-01pyldb: added OID_COMPARATOR constantsAndrew Tridgell2-10/+12
This also changes the other constants to remove the LDB_ prefix, which is redundent Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-09-01wintest: update snapshotsAndrew Bartlett1-5/+5
2011-08-31Fix bug 8429 - Compound SMB2 requests on an IPC connection can corrupt the ↵Jeremy Allison1-12/+17
reply stream. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Wed Aug 31 21:18:11 CEST 2011 on sn-devel-104
2011-08-31Based on metze's fix for Bug 8407 - SMB2 server can return requests ↵Jeremy Allison2-2/+39
out-of-order when processing a compound request. (cherry picked from commit 19db1c98c6ba3cb5e883e16e865c44900ce17444)
2011-08-31s3:smb2_server: keep compound_related on struct smbd_smb2_requestStefan Metzmacher2-4/+4
metze (cherry picked from commit cda93f04eb4e7e975b192a5fd33275ec638140ac)
2011-08-31s3-waf: fix unresolved symbols in the group policy client side extensions ↵Günther Deschner1-1/+1
subsystem. Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Wed Aug 31 19:48:39 CEST 2011 on sn-devel-104
2011-08-31s3-waf: convert libgpo into a private library.Günther Deschner1-5/+6
Guenther
2011-08-31s3-waf: allow undefined symbols in idmap_rid module.Günther Deschner1-0/+1
Guenther
2011-08-31s3: Fix bug 8334, do not fork the echo handler for smb2Volker Lendecke1-1/+2
If a smb1 negprot negotiated smb2 we forked the echo responder. This will eventually lead to a panic from [2011/08/30 10:33:29.212578, 0, pid=3846917] smbd/smb2_server.c:243(smbd_smb2_request_create) Invalid SMB packet: first request: 0x0009 because from the echo responder we always read using the normal smb1 protocol handling routine. If that is a bit down the smb2 stream, we get a non-negprot packet and panic. BTW, the echo responder is not required for smb2 anyway, Microsoft confirmed that it probes the server liveness using TCP keepalives and not smb2 echo requests. Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Wed Aug 31 17:58:48 CEST 2011 on sn-devel-104
2011-08-31s3-rpc_server: Disable epmapper by default.Andreas Schneider1-2/+2
We need more testing in the real world. We need to be sure that if a Windows client can access port 135 it doesn't require that a service is available via ncacn_ip_tcp. If possible please enable it using the following smb.conf options for testing: rpc_daemon:epmd = fork rpc_server:epmapper = external Autobuild-User: Andreas Schneider <asn@cryptomilk.org> Autobuild-Date: Wed Aug 31 16:29:20 CEST 2011 on sn-devel-104
2011-08-31docs: Add documentation for the rpc_daemon parametric option.Simo Sorce1-0/+69
2011-08-31doc: Reflect the latest changes to the rpc_server option.Andreas Schneider1-18/+66
bug #8425.
2011-08-31s3-waf: allow unresolved symbols in some idmap and nss_info modules.Günther Deschner1-0/+7
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Wed Aug 31 14:27:31 CEST 2011 on sn-devel-104
2011-08-31s3-waf: add missing tdb dependency to idmap_tdb2 module.Günther Deschner1-1/+1
Guenther
2011-08-31s3-waf: convert nss_info subsystem into a private library.Günther Deschner1-4/+5
Guenther
2011-08-31s4-smbtorture: For now, skip trusted domain auth validation tests against ↵Günther Deschner1-9/+15
the sambas. Guenther
2011-08-31s4-smbtorture: Add trust password to CreateTrust testSumit Bose1-32/+245
Instead of using empty authinfo and authinfo_internal structures a trust password is added to these structures. After creating the trust the trust account is used to validate that the trust password is set correctly. Signed-off-by: Günther Deschner <gd@samba.org>
2011-08-31s3-lsa: Add _lsa_SetInformationTrustedDomain() and related callsSumit Bose1-21/+312
The following LSA calls are added: - _lsa_SetInformationTrustedDomain() - _lsa_SetTrustedDomainInfo() -_lsa_SetTrustedDomainInfoByName() Signed-off-by: Günther Deschner <gd@samba.org>
2011-08-31s4-smbtorture: Add tests for lsaQueryTrustedDomainInfoByName() and ↵Sumit Bose1-0/+102
lsaSetTrustedDomainInfoByName() Signed-off-by: Günther Deschner <gd@samba.org>
2011-08-31s3-lsa: Update _lsa_QueryTrustedDomainInfo()Sumit Bose1-8/+63
Signed-off-by: Günther Deschner <gd@samba.org>
2011-08-31s3-pdb_ipa: Add supprted encryption types to struct pdb_trusted_domainSumit Bose2-0/+24
Signed-off-by: Günther Deschner <gd@samba.org>
2011-08-31s3-pdb_ipa: Add posix offset to struct pdb_trusted_domainSumit Bose2-0/+23
Signed-off-by: Günther Deschner <gd@samba.org>
2011-08-31s3-ldap: Add Posix offset and encryption types to LDAP schemaSumit Bose7-6/+43
Signed-off-by: Günther Deschner <gd@samba.org>