summaryrefslogtreecommitdiff
path: root/source4/torture/ldap
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r19831: Big ldb_dn optimization and interfaces enhancement patchSimo Sorce2-5/+5
This patch changes a lot of the code in ldb_dn.c, and also removes and add a number of manipulation functions around. The aim is to avoid validating a dn if not necessary as the validation code is necessarily slow. This is mainly to speed up internal operations where input is not user generated and so we can assume the DNs need no validation. The code is designed to keep the data as a string if possible. The code is not yet 100% perfect, but pass all the tests so far. A memleak is certainly present, I'll work on that next. Simo. (This used to be commit a580c871d3784602a9cce32d33419e63c8236e63)
2007-10-10r19737: - add some more CLDAP rootdse testsStefan Metzmacher1-9/+26
- don't ignore CLDAP rootdse errors anymore metze (This used to be commit 712577d9e284445e9257b691aefb719511d6a57c)
2007-10-10r19507: Merge my DSO fixes branch. Building Samba's libraries as shared ↵Jelmer Vernooij1-2/+2
libraries works again now, by specifying --enable-dso to configure. (This used to be commit 7a01235067a4800b07b8919a6a475954bfb0b04c)
2007-10-10r19392: Use torture_setting_* rather than lp_parm_* where possible.Jelmer Vernooij4-6/+6
(This used to be commit b28860978fe29c5b10abfb8c59d7182864e21dd6)
2007-10-10r19339: Merge my 4.0-unittest branch. This adds an API for more fine-grainedJelmer Vernooij1-4/+13
output in the testsuite rather than just True or False for a set of tests. The aim is to use this for: * known failure lists (run all tests and detect tests that started working or started failing). This would allow us to get rid of the RPC-SAMBA3-* tests * nicer torture output * simplification of the testsuite system * compatibility with other unit testing systems * easier usage of smbtorture (being able to run one test and automatically set up the environment for that) This is still a work-in-progress; expect more updates over the next couple of days. (This used to be commit 0eb6097305776325c75081356309115f445a7218)
2007-10-10r19331: Respect the mem hierarchySimo Sorce1-2/+2
(This used to be commit de45756ea6ee0893247ba74738d25b3699f42ffa)
2007-10-10r19299: Fix possible memleaksSimo Sorce1-0/+1
(This used to be commit 6fad80bb09113a60689061a2de67711c9924708b)
2007-10-10r18309: FreeBSD 6.1 has a symbol ldap_new_connection() in the system ldapAndrew Tridgell1-1/+1
library. Even though we don't like to that library, it gets loaded via nss-ldap, which means nss-ldap calls into the samba ldap lib with the wrong parameters, and crashes. We really need to use a completely different namespace in libcli/ldap/ (This used to be commit c440e0eed9afae5fe69995a7416971e7c8560779)
2007-10-10r17930: Merge noinclude branch:Jelmer Vernooij1-1/+1
* Move dlinklist.h, smb.h to subsystem-specific directories * Clean up ads.h and move what is left of it to dsdb/ (only place where it's used) (This used to be commit f7afa1cb77f3cfa7020b57de12e6003db7cfcc42)
2007-10-10r17516: Change helper function names to make more clear what they are meant ↵Simo Sorce1-4/+4
to do (This used to be commit ad75cf869550af66119d0293503024d41d834e02)
2007-10-10r17186: "async" word abuse clean-up part 2Simo Sorce1-3/+3
(This used to be commit c6aa60c7e69abf1f83efc150b1c3ed02751c45fc)
2007-10-10r17185: Oh, I wanted to do this for sooo long time.Simo Sorce1-6/+6
Finally acknowledge that ldb is inherently async and does not have a dual personality anymore Rename all ldb_async_XXX functions to ldb_XXX except for ldb_async_result, it is now ldb_reply to reflect the real function of this structure. Simo. (This used to be commit 25fc7354049d62efeba17681ef1cdd326bc3f2ef)
2007-10-10r16333: Move more code out of the core smbtorture. It now no longerJelmer Vernooij1-0/+12
contains protocol-specific code. (This used to be commit 819d3b457648ffb7526a770e842badc17b6061fb)
2007-10-10r16036: Add a couple of new functions to corretly deal with timeouts.Simo Sorce1-1/+1
Check timeouts are correctly verified. Some minor fixed and removal of unused code. (This used to be commit b52e5d6a0cb1a32e62759eaa49ce3e4cc804cc92)
2007-10-10r15962: fix a crash when connect failsStefan Metzmacher1-0/+1
metze (This used to be commit 0540a5f220bac6f9b9782c22e23a0b19f9aa86cb)
2007-10-10r15957: - add a test that fetches the schema from an windows LDAP server,Stefan Metzmacher1-0/+517
and stores it into structures. - this prints out some useful information on the screen about attributes (will be extended for objectClasses too) - the plan is to create hide the relation of structures behind an interface we can later use this interface in a lot of places: - our schema module for ldb - the ndr_print code for DsGetNCChanges, to translate the uint32 attribute and objectClass id's into names, display attribute values depending on the attribute syntax - ... metze (This used to be commit 1908f0cd6230c22aabb0e1eab2f9d37d17f12f18)
2007-10-10r15788: Do not crash when no result is returnedSimo Sorce1-0/+4
(This used to be commit efb7e39e512eb71deaeef1315bc88a902e5cd848)
2007-10-10r15530: added testing of generic CLDAP requests, looking at the rootDSE. JerryAndrew Tridgell1-5/+91
has found that w2k3 does respond to rootDSE cldap requests. This test shows that it does indeed work, but the expression handling is not what you would expect (This used to be commit 388e98e77cfd1603156ea431877e40ac886d9c08)
2007-10-10r14721: Fix a couple of warnings.Jelmer Vernooij1-0/+1
(This used to be commit 426ac78108b35adc8412d12d2d888c3d5ddf4171)
2007-10-10r14720: Add torture_context argument to all torture testsJelmer Vernooij3-3/+5
(This used to be commit 3c7a5ce29108dd82210dc3e1f00414f545949e1d)
2007-10-10r14464: Don't include ndr_BASENAME.h files unless strictly required, insteadJelmer Vernooij1-0/+1
try to include just the BASENAME.h files (containing only structs) (This used to be commit 3dd477ca5147f28a962b8437e2611a8222d706bd)
2007-10-10r13924: Split more prototypes out of include/proto.h + initial work on headerJelmer Vernooij1-0/+1
file dependencies (This used to be commit 122835876748a3eaf5e8d31ad1abddab9acb8781)
2007-10-10r13346: use private proto header files for the torture testsStefan Metzmacher1-0/+2
metze (This used to be commit 67837dbd2bcff8ec1917ba02884ee2eaa0776b46)
2007-10-10r12637: test CLDAP with both NULL and non-NULL userAndrew Tridgell1-0/+6
(This used to be commit 2b603d3ecf2f3108942422bda864e41c8addbf60)
2007-10-10r12608: Remove some unused #include lines.Jelmer Vernooij3-5/+0
(This used to be commit 70e7449318aa0e9d2639c76730a7d1683b2f4981)
2007-10-10r12510: Change the DCE/RPC interfaces to take a pointer to aJelmer Vernooij1-1/+0
dcerpc_interface_table struct rather then a tuple of interface name, UUID and version. This removes the requirement for having a global list of DCE/RPC interfaces, except for these parts of the code that use that list explicitly (ndrdump and the scanner torture test). This should also allow us to remove the hack that put the authservice parameter in the dcerpc_binding struct as it can now be read directly from dcerpc_interface_table. I will now modify some of these functions to take a dcerpc_syntax_id structure rather then a full dcerpc_interface_table. (This used to be commit 8aae0f168e54c01d0866ad6e0da141dbd828574f)
2007-10-10r9702: r9680@blu: tridge | 2005-08-27 18:45:08 +1000Andrew Tridgell1-1/+1
- fixed ncacn_ip_tcp to use the generic async name resolution methods, so NBT names now work (as requested several times by abartlet!) - changed resolve_name() to take an event_context, so it doesn't cause the whole process to block - cleaned up the talloc_find_parent_bytype() calls to go via a cleaner event_context_find() call (This used to be commit b3d491b210a8b889a25efcb273e70fefbd01b7f7)
2007-10-10r8520: fixed a pile of warnings from the build farm gcc -Wall output onAndrew Tridgell1-3/+3
S390. This is an attempt to avoid the panic we're seeing in the automatic builds. The main fixes are: - assumptions that sizeof(size_t) == sizeof(int), mostly in printf formats - use of NULL format statements to perform dn searches. - assumption that sizeof() returns an int (This used to be commit a58ea6b3854973b694d2b1e22323ed7eb00e3a3f)
2007-10-10r8368: the type filed depends on the user being present or notStefan Metzmacher1-12/+7
call ndr_print for each call metze (This used to be commit 0a07e4ef8d869d35ceb0761495e367077f2361ba)
2007-10-10r8223: fix the values of nt_version and type we reply in the server code,Stefan Metzmacher1-6/+6
also name the struct like the nt_version number metze (This used to be commit 1e3af5cc1f68b7fa54b8ba77ed9836a619a69436)
2007-10-10r7626: a new ldap client library. Main features are:Andrew Tridgell2-93/+81
- hooked into events system, so requests can be truly async and won't interfere with other processing happening at the same time - uses NTSTATUS codes for errors (previously errors were mostly ignored). In a similar fashion to the DOS error handling, I have reserved a range of the NTSTATUS code 32 bit space for LDAP error codes, so a function can return a LDAP error code in a NTSTATUS - much cleaner packet handling (This used to be commit 2e3c660b2fc20e046d82bf1cc296422b6e7dfad0)
2007-10-10r7593: simplified the memory management in the ldap code. Having a mem_ctxAndrew Tridgell1-4/+4
element in a structure is not necessary any more. (This used to be commit 912d0427f52eac811b27bf7e385b0642f7dc7f53)
2007-10-10r7527: - added a ldb_search_bytree() interface, which takes a ldb_parse_treeAndrew Tridgell1-1/+2
instead of a search expression. This allows our ldap server to pass its ASN.1 parsed search expressions straight to ldb, instead of going via strings. - updated all the ldb modules code to handle the new interface - got rid of the separate ldb_parse.h now that the ldb_parse structures are exposed externally - moved to C99 structure initialisation in ldb - switched ldap server to using ldb_search_bytree() (This used to be commit 96620ab2ee5d440bbbc51c1bc0cad9977770f897)
2007-10-10r6933: Add a couple of helper functions for creating nbt names.Tim Potter1-3/+1
(This used to be commit b896daf11c3efb1b3ca939575da9dab82b395777)
2007-10-10r6875: added a BENCH-CLDAP test. Speed of the cldap server isn't all that ↵Andrew Tridgell1-0/+129
important, but it does help find memory leaks (and in fact, there was one, fixed in next commit) (This used to be commit ab19e38c236366f2a93ea1f44911c56519779c9d)
2007-10-10r6816: - fixed debug display of ndr netlogon unionAndrew Tridgell1-2/+5
- send a username when scanning to make structure elements clearer (This used to be commit 7d19eb9433b615fdf789cb07aeb331df92b05abd)
2007-10-10r6795: Make some functions static and remove some unused ones.Jelmer Vernooij1-3/+3
(This used to be commit 46509eb89980bfe6dabd71264d570ea356ee5a22)
2007-10-10r6776: make the cldap torture test not dependent on the realm being setAndrew Tridgell1-27/+54
correctly - it gets the realm from an initial no-attribute search (This used to be commit 52d10c8d99521f9dd02891a30688472d96860aef)
2007-10-10r6766: some more cldap tests ...Andrew Tridgell1-2/+23
my best guess now is that w2k3 converts the & in the cldap query to an | for the ldap search. at least it behaves roughly like that. (This used to be commit 1d6ab9aaefee71e3d0f87c1afae8ccdbae1f0e04)
2007-10-10r6765: expanded the cldap test suite to test the usage of the DomainGuid,Andrew Tridgell1-5/+60
AAC, and User attributes in cldap netlogon queries interestingly, while WinXP generated cldap filters with these set, the w2k3 cldap server seems to completely ignore them, so I didn't need to alter our cldap server at all to pass the test :-) (This used to be commit 177c8becd2051c9d1f261358baf4b85ca89700d8)
2007-10-10r6732: - move sasl send recv code to the ldap libStefan Metzmacher2-152/+31
- support 'modrdn' ldif metze (This used to be commit b6a1734699953964fcde6fe6ea7048496492eb33)
2007-10-10r6720: added support for the remaining 2 types of CLDAP netlogonAndrew Tridgell1-13/+7
response. To work around the fact that the type of the returned data is not encoded in the packet, this required adding ndr_pull_union_blob() which allows us to pull a blob into a union with a specified switch value, in this case the switch value comes from the calling NtVer field. (This used to be commit bd27e626c27be72913d1a1569ee6e2e2711df84e)
2007-10-10r6694: a simple CLDAP torture testAndrew Tridgell1-0/+81
interestingly, w2k3 seems to have 4 different varients of the netlogon cldap response. We decode two of them so far. The other two are tricky as they aren't distinguished by a command code, they use the same command codes (0x13 and 0x17) but have quite a different format. Very strange! (This used to be commit 58f1c39282e281450fe94ceab7ca0a53ec7172e1)
2007-10-10r6028: A MAJOR update to intergrate the new credentails system fully withAndrew Bartlett2-8/+6
GENSEC, and to pull SCHANNEL into GENSEC, by making it less 'special'. GENSEC now no longer has it's own handling of 'set username' etc, instead it uses cli_credentials calls. In order to link the credentails code right though Samba, a lot of interfaces have changed to remove 'username, domain, password' arguments, and these have been replaced with a single 'struct cli_credentials'. In the session setup code, a new parameter 'workgroup' contains the client/server current workgroup, which seems unrelated to the authentication exchange (it was being filled in from the auth info). This allows in particular kerberos to only call back for passwords when it actually needs to perform the kinit. The kerberos code has been modified not to use the SPNEGO provided 'principal name' (in the mechListMIC), but to instead use the name the host was connected to as. This better matches Microsoft behaviour, is more secure and allows better use of standard kerberos functions. To achieve this, I made changes to our socket code so that the hostname (before name resolution) is now recorded on the socket. In schannel, most of the code from librpc/rpc/dcerpc_schannel.c is now in libcli/auth/schannel.c, and it looks much more like a standard GENSEC module. The actual sign/seal code moved to libcli/auth/schannel_sign.c in a previous commit. The schannel credentails structure is now merged with the rest of the credentails, as many of the values (username, workstation, domain) where already present there. This makes handling this in a generic manner much easier, as there is no longer a custom entry-point. The auth_domain module continues to be developed, but is now just as functional as auth_winbind. The changes here are consequential to the schannel changes. The only removed function at this point is the RPC-LOGIN test (simulating the load of a WinXP login), which needs much more work to clean it up (it contains copies of too much code from all over the torture suite, and I havn't been able to penetrate its 'structure'). Andrew Bartlett (This used to be commit 2301a4b38a21aa60917973451687063d83d18d66)
2007-10-10r5928: Use cli_credentials in:Jelmer Vernooij1-3/+4
- gtk+ (returned by GtkHostBindingDialog as well now) - torture/ - librpc/ - lib/com/dcom/ (This used to be commit ccefd782335e01e8e6ecb2bcd28a4f999c53b1a6)
2007-10-10r5305: removed libcli/ldap/ldap.h from includes.hAndrew Tridgell2-0/+2
(This used to be commit 0df3fdd8178085c40f9cd776cc3e1486ca559c8e)
2007-10-10r5107: moved the horrible ldap socket code, and the even worseAndrew Tridgell1-6/+59
asn1-tied-to-blocking-sockets code into the ldap client and torture suite, and out of the generic libs, so nobody else is tempted to use it for any new code. (This used to be commit 39d1ced21baeca40d1fca62ba65243ca8f15757e)
2007-10-10r5037: got rid of all of the TALLOC_DEPRECATED stuff. My apologies for theAndrew Tridgell1-1/+1
large commit. I thought this was worthwhile to get done for consistency. (This used to be commit ec32b22ed5ec224f6324f5e069d15e92e38e15c0)
2007-10-10r4459: GENSEC refinements:Andrew Bartlett1-31/+26
In developing a GSSAPI plugin for GENSEC, it became clear that the API needed to change: - GSSAPI exposes only a wrap() and unwrap() interface, and determines the location of the signature itself. - The 'have feature' API did not correctly function in the recursive SPNEGO environment. As such, NTLMSSP has been updated to support these methods. The LDAP client and server have been updated to use the new wrap() and unwrap() methods, and now pass the LDAP-* tests in our smbtorture. (Unfortunely I still get valgrind warnings, in the code that was previously unreachable). Andrew Bartlett (This used to be commit 9923c3bc1b5a6e93a5996aadb039bd229e888ac6)
2007-10-10r3583: - seperate the ldap client code and the ldap parsing codeStefan Metzmacher2-8/+8
(vl: we should only sync the parsing code with trunk) - use hierachical talloc in the ldap client code metze (This used to be commit 1e9c0b68ca9ddb28877d45fc1b47653b13a7446d)