| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Fixed sd creation not working on LDAP modify.
Fixed incorrect replacement of CO and CG.
Fixed incorrect access check on modify for SD modification.
Fixed failing sec_descriptor test and enabled it.
Fixed failing sd add test in ldap.python
|
|
This patch, inspired by a patche by Endi S. Dewata
<edewata@redhat.com>, allows this control to be passed to the LDAP
backend.
Andrew Bartlett
|
|
At this point, support for checks on LDAP add, delete, rename and modify.
Old kludge_acl is still there to handle the searches.
This module is synchronous as the async version was impossible to debug,
will be converted to async after some user testing.
|
|
Also, added some logging. It needs improvement, possibly ability to
turn in on and off via configuration file.
|
|
|
|
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
|
|
This one didn't matter until the root_fid changed the alignment of the
two structures.
|
|
In order to implement root_fid in the s4 SMB server we need to declare
it as a handle type, just as for other fnum values in SMB. This
required some extensive (but simple) changes in many bits of code.
|
|
For KERBEROS applications the realm should be upcase (function "lp_realm") but
for DNS ones it should be used lowcase (function "lp_dnsdomain"). This patch
implements the use of both in the right way.
|
|
|
|
* Add chained NTCREATEX_READX test which first tries to open/read
a non-existant file failing on the open, then attempts the same
operation on a file that does exist, opening and reading
successfully.
* Add test for open_dispositions on directories.
|
|
I've ported all applicable SMB oplock torture tests to SMB2, giving us
a good base for SMB2 oplock testing.
There are several differences between oplocks in SMB and SMB2, mostly
because of differences in W2K3 and W2K8. The existing SMB oplock
tests all pass against W2K3, but several fail against W2K8. These
same tests were failing in SMB2, util I reworked them.
BATCH19, BATCH20: In W2K3/SMB a setfileinfo - rename command wouldn't
cause a sharing violation or break an existing oplock. It appears that
in W2K8/SMB2 a sharing violation is raised.
BATCH22: In W2K3/SMB when a second opener was waiting the full timeout
of an oplock break, it would receive NT_STATUS_SHARING_VIOLATION after
about 35 seconds. This bug has been fixed in W2K8/SMB2 and instead
the second opener succeeds.
LEVELII500: Added 1 new test checking that the server returns a proper
error code when a client improperly replies to a levelII to none break
notification.
STREAM1: W2K8 now grants oplocks on alternate data streams.
|
|
Thanks for Nadya and Metze for this. The SDs were being created with
invalid fields (noticed by w2k8-r2 client when joining our domain)
|
|
|
|
Currently disabled. The search will be greatly modified,
also the object tree stuff will be simplified.
|
|
TODO's:
ACE sorting and clarifying the inheritance of object specific ace's.
|
|
We were creating the name resolution context as a child of lp_ctx,
which meant when we gave up on a connection the timer on name
resolution kept running, and when it timed out the callback crashed as
the socket was already removed.
|
|
Fix bug #6723
|
|
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
This will be used as a simple way to lock down DRS replication to
administrators and domain controllers
|
|
This starts the process to have Samba4 use lmhosts.
Andrew Bartlett
|
|
When tracking down complex connection problems its useful knowing what
name lookups failed.
|
|
It is a pretty odd thing to do, and it's only because of the
restrictions of DIGEST-MD5 in Cyrus SASL that we do it.
Andrew Bartlett
|
|
I want to use this in source3/smbd/
metze
|
|
This will hold code that's shared between source3 and source4.
metze
|
|
metze
|
|
metze
|
|
metze
|
|
metze
|
|
metze
|
|
These references were triggering the ambiguous talloc_free errors from
the recent talloc changes when the server is run using the 'standard'
process model instead of the 'single' process model. I am aiming to
move the build farm to use the 'standard' process model soon, as part
of an effort to make our test environment better match the real
deployment of Samba4.
The references are not needed as the way that the event context is
used is as the 'top parent', so when the event context is freed then
all of the structures that were taking a reference to the event
context were actually freed as well, thus making the references
redundent.
|
|
|
|
LDAP server)
|
|
metze
|
|
LDAP_SERVER_SHOW_RECYCLED_OID 1.2.840.113556.1.4.2064
LDAP_SERVER_SHOW_DEACTIVATED_LINK_OID 1.2.840.113556.1.4.2065
metze
|
|
|
|
CreditsCharge value for the next request
metze
|
|
metze
|
|
|
|
904d0124b46eed7a8ad6e5b73e892ff34b6865ba)
Also including the supporting changes required to pass make test
A number of heimdal functions and constants have changed since we last
imported a tree (for the better, but inconvenient for us).
Andrew Bartlett
|
|
|
|
[Metze; "make test" on git master outputs exactly the same test summary
with our without this patch (apart from the "using seed" lines)]
If the transport socket is writable, then push the queue along
rather than wait until the caller returns back to the tevent loop.
This strategy keeps the sockets piping hot, and is particularly good
for cases where reading requests from one socket causes lots of
writes on another socket, or where lots of writes are made in a batch.
It doesn't matter if the socket is not writeable yet, packet_queue_run
will return quite cheaply in such a case.
Signed-off-by: Sam Liddicott <sam@liddicott.com>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
metze
|
|
compounded requests
metze
|
|
metze
|
|
metze
|
|
|
|
Information from http://msdn.microsoft.com/en-us/library/aa379602(VS.85).aspx
|
