summaryrefslogtreecommitdiff
path: root/source4/torture
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r4698: - Initial implementation of trusted domains in LSA.Andrew Bartlett1-3/+3
- Use templates for Secrets and the new trusted domains - Auto-add modifiedTime, createdTime and objectGUID to records in the samdb layer. Andrew Bartlett (This used to be commit 271c8faadfe2d9e0f3d523a1cdc831f5f9e35d19)
2007-10-10r4694: 'fix' the behaviour for setting only the old, but not the new secret.Andrew Bartlett1-3/+9
(The behaviour is a little odd, but we wanted bug-for-bug, right? :-) Andrew Bartlett (This used to be commit 6a09a84320c9ab18568a66efb3839a8dcde834af)
2007-10-10r4690: - add support for async rpc server repliesStefan Metzmacher1-14/+35
the backend should check for (dce_call->state_flags & DCESRV_CALL_STATE_FLAG_MAY_ASYNC) then it's allowed to reply async then the backend should mark that call as async with dce_call->state_flags |= DCESRV_CALL_STATE_FLAG_ASYNC; later it has to manualy set r->out.result and then send the reply by calling status = dcesrv_reply(p->dce_call); NOTE: that ncacn_np doesn't support async replies yet - implement an async version of echo_TestSleep - reenable the echo_TestSleep torture test (this need to be more strict when we have support for async ncacn_np) metze (This used to be commit f0a0dbeb25b034b1333078ca085999359f5f6209)
2007-10-10r4683: fix the buildStefan Metzmacher1-1/+1
metze (This used to be commit b020dbec89a85619ae3ee12f4dd0e3828d30ba04)
2007-10-10r4682: A LDB-based secrets implementation in Samba4.Andrew Bartlett2-21/+58
This uses LDB (a local secrets.ldb and the global samdb) to fill out the secrets from an LSA perspective. Some small changes to come, but the bulk of the work is now done. A re-provision is required after this change. Andrew Bartlett (This used to be commit ded33033521a6a1c7ea80758c5c5aeeebb182a51)
2007-10-10r4675: Prevent global warming, and save tridge's sainity by short-cutting theAndrew Bartlett1-4/+8
testsuite for all the different flag types. (We really only need to know if we are getting the session key crypto stuff right, and one call can tell us that). Andrew Bartlett (This used to be commit 8807498f6d3ff248c4d42bf18db45cfe25bd3b2f)
2007-10-10r4674: Test SetSecret behaviour for local and global secrets, when settingAndrew Bartlett1-15/+103
only the OLD secret value. Andrew Bartlett (This used to be commit 5853af89c8dd5c4d6220f395bcc18708398999af)
2007-10-10r4673: Fix the IDL for the QuerySecret LSA call.Andrew Bartlett2-41/+125
This call uses a new IDL type, NTTIME_hyper. This is 8-byte aligned, as the name suggests. Expand the QuerySecret LSA calls in RPC-SAMLOGON and RPC-LSA, to validate the behaviour of times, and of the old secrets. Thanks to tridge for spotting the use of HYPER! Andrew Bartlett (This used to be commit 1fed79cb0f2ae7940639d08ef99576559d4cd06e)
2007-10-10r4671: Expand the RPC-LSA test to set secret values twice.Andrew Bartlett1-0/+60
Andrew Bartlett (This used to be commit 357d9114f002a607f80985588bbac150fa40d2bc)
2007-10-10r4660: Test what we should return for a secret that does not exist.Andrew Bartlett1-0/+9
Andrew Bartlett (This used to be commit a17a8fbf9a843c2c9e10940878b43ad8e1583091)
2007-10-10r4635: Fix NTLMSSP to return NT_STATUS_OK when it has constructed the authAndrew Bartlett1-2/+11
token in the client (the final token in the negotiation). Consequential fixes in the SPNEGO code, which now uses the out.length as the indicator of 'I need to send something to the other side'. Merge the NTLM and SPNEGO DCE-RPC authentication routines in the client. Fix the RPC-MULTIBIND test consequent to this merge. Andrew Bartlett (This used to be commit 43e3516fc03008e97ebb4ad1a0cde464303f43c6)
2007-10-10r4631: don't consider an epmapper insert as a failure for the momentAndrew Tridgell1-1/+2
(This used to be commit ba6caa99a454cb3393c8898f1e5be4a432b820c4)
2007-10-10r4625: added a test that demonstrates that once a context_id is established,Andrew Tridgell1-0/+28
it can't be changed (so you have to create a new context_id, not change the interface bound to an existing one) (This used to be commit 5f10a8f8d04d627927d9870c87d6e7d8b98d563c)
2007-10-10r4624: Several crash fixes for DCOMJelmer Vernooij1-6/+14
More work on the example class implementation (This used to be commit 1f8f4dd179d5aa0472c676d115dc2fc1749ce32d)
2007-10-10r4621: Add torture tests for epm_Insert and epm_DeleteJelmer Vernooij1-0/+71
(This used to be commit b1ff60667038aa1e2d7c6ad2015ba33ac5a90dc6)
2007-10-10r4618: - tidied up the alter_context client code a bitAndrew Tridgell1-1/+8
- there is no alter_nak or alter_ack packet, its all done in an alter_response - auto-allocated the contex_ids - tried to fix up the dcom code to work again with alter_context. Jelmer, please take a look :) (This used to be commit dd1c54add8884376601f2f8a56c01bfb8add030c)
2007-10-10r4617: basic alter_context requests now work in our client library. The testAndrew Tridgell5-9/+81
just does a simple LSA/DSSETUP combo, which is what w2k does in the ACL editor rpc calls that triggered this work (This used to be commit 0129ec947aa1fa5a7104dc3a666af3cb9bd104f1)
2007-10-10r4616: the first phase in the addition of proper support forAndrew Tridgell8-42/+41
dcerpc_alter_context and multiple context_ids in the dcerpc client library. This stage does the following: - split "struct dcerpc_pipe" into two parts, the main part being "struct dcerpc_connection", which contains all the parts not dependent on the context, and "struct dcerpc_pipe" which has the context dependent part. This is similar to the layering in libcli_*() for SMB - disable the current dcerpc_alter code. I've used a #warning until i get the 2nd phase finished. I don't know how portable #warning is, but it won't be long before I add full alter context support anyway, so it won't last long - cleanup the allocation of dcerpc_pipe structures. The previous code was quite awkward. (This used to be commit 4004c69937be7e5dae56f9567ca607f982d395d3)
2007-10-10r4614: Fix RPC-SAMLOGON, to use the workstation context (forgot to globally ↵Andrew Bartlett2-5/+8
replace). Andrew Bartlett (This used to be commit ddb54d4ea1610b38e011e2f217ded7b6278d5290)
2007-10-10r4612: make the output for the w2k3 acl bug a bit clearerAndrew Tridgell1-0/+19
(This used to be commit 24ec8c4274241576683f1f6c86c33a2dfa43848c)
2007-10-10r4610: You can't join as a BDC and test against trusted domains. This testAndrew Bartlett1-1/+4
only needs WS privilages anyway. Andrew Bartlett (This used to be commit a093c4f98e833198ee59064b2cb9b9b45a188a59)
2007-10-10r4603: Test creating local and global secrets over LSA.Andrew Bartlett1-97/+102
Andrew Bartlett (This used to be commit 96806136ead3d1949516b2cfe7350a4e10681c28)
2007-10-10r4597: Recently I've come across a case where I suspect the GetAnyDCName ↵Volker Lendecke1-0/+94
request to kill the domain controller I'm asking. In samba4 torturing the DC is just so easy, commit the test to randomized ask for DCs for all trusted domains. Volker (This used to be commit edb918762e1e46909520f13e28dcf8cedb2919b1)
2007-10-10r4596: added a dynamic inheritance ACLs test. As far as I can tell w2k3 does ↵Andrew Tridgell1-10/+148
not do dynamic inheritance (This used to be commit ebe6b002843196bc6d6fadfa646aa3bc8eb27af8)
2007-10-10r4591: - converted the other _p talloc functions to not need _pAndrew Tridgell8-17/+18
- added #if TALLOC_DEPRECATED around the _p functions - fixes the code that broke from the above while doing this I fixed quite a number of places that were incorrectly using the non type-safe talloc functions to use the type safe ones. Some were even doing multiplies for array allocation, which is potentially unsafe. (This used to be commit 6e7754abd0c225527fb38363996a6e241b87b37e)
2007-10-10r4590: Make RPC-SAMSYNC pass againt Win2k3.Andrew Bartlett1-4/+9
Andrew Bartlett (This used to be commit 7bb00a80ac55252b8c05b33fd576b8606470e9be)
2007-10-10r4585: don't consider LookupSids3 failing with NT_STATUS_ACCESS_DENIED (as ↵Andrew Tridgell1-1/+38
w2k3 does) or NT_STATUS_RPC_PROTSEQ_NOT_SUPPORTED (as longhorn does) to be an error. fixed the CreateTrustedDomain test to cope with the "torturedomain" being left over from a previous aborted run (This used to be commit 429d79815c260781fae6eed28160d7507e780f34)
2007-10-10r4583: print which bit failed in the owner bits checkAndrew Tridgell1-0/+4
(This used to be commit f893ad9c45d6d06fa1b6f1f949a7834e7bf99ba7)
2007-10-10r4582: finally worked out what is going on with the inherited ACLs test and ↵Andrew Tridgell1-12/+197
win2003. It is a win2003 bug! This new test code works against w2k, and against longhorn, but fails against w2k3. When tested against w2k3 it allows a open with an access mask that should be denied by the given ACL, after setting up the ACL using inheritance. Note that only the very specific SEC_RIGHTS_FILE_ALL mask incorrectly succeeds, so they must have a special case for that mask. Maybe its an optimisation gone wrong? I don't know if there are any serious security implications to this, but it is pretty clearly wrong, and has been fixed in longhorn. (This used to be commit 4f9fd767dbb5e47f3786f5acda17267d57e839e0)
2007-10-10r4566: Fix Samba4 to pass it's own RPC-SAMLOGON torture test.Andrew Bartlett1-28/+34
Include RPC-SAMLOGON in the list of tests expected to pass Remove silly extra loops from the RPC-SAMLOGON test, which mostly just slowed htings down. Andrew Bartlett (This used to be commit 518ca9fb695b0f9d480122a74a2159f7f17a3219)
2007-10-10r4560: - fixed crash bugs in the RPC-SCHANNEL and RPC-NETLOGON testsAndrew Tridgell2-77/+31
- disabled the async netlogon tests for now until we better understand async rpc - added a test_w2k3.sh script that runs rpc tests that a w2k3 DC should pass. This is useful for regression testing when PIDL changes are made. (This used to be commit f7d4d3db489ad79457de70a85ad990159f6e74f8)
2007-10-10r4559: prevent the RPC-EPMAPPER test from looping forever against w2k3Andrew Tridgell1-4/+11
(This used to be commit fa3cecddd8065885dd461000de683eb0143eb481)
2007-10-10r4549: got rid of a lot more uses of plain talloc(), instead usingAndrew Tridgell9-19/+19
talloc_size() or talloc_array_p() where appropriate. also fixed a memory leak in pvfs_copy_file() (failed to free a memory context) (This used to be commit 89b74b53546e1570b11b3702f40bee58aed8c503)
2007-10-10r4547: - added talloc_new(ctx) macro that is a neater form of the common ↵Andrew Tridgell4-6/+6
talloc(ctx, 0) call. - cleaned up some talloc usage in various files I'd like to get to the point that we have no calls to talloc(), at which point we will rename talloc_p() to talloc(), to encourage everyone to use the typesafe functions. (This used to be commit e6c81d7c9f8a6938947d3c1c8a971a0d6d50b67a)
2007-10-10r4532: - rename bitmap -> bitsStefan Metzmacher2-7/+7
the next commit is support for typedef bitmap {...}; in pidl metze (This used to be commit bd06a85cb747aea29a400050cb9d25a3240ef1cc)
2007-10-10r4520: added a enum test function to the echo pipeAndrew Tridgell1-0/+39
(This used to be commit f9e0aa1ab1faac039893db241819907c9c4bb510)
2007-10-10r4510: Some more tests for RPC-NETLOGON, checking the idea that we couldAndrew Bartlett1-0/+147
combine the NTLM and LMv2 responses, for maximum compatability from a client perspective, allowing access to servers that require NTLMv2, as well as those that don't support it. Currently, this is unfortunetly not possible against Win2k3 (and Samba is being coded to match that behaviour at this point). Andrew Bartlett (This used to be commit 93b46ebe0f3cccd26b5ddd213553667e612c3701)
2007-10-10r4499: Almost make our Samba4 server pass the RPC-SAMLOGON torture test.Andrew Bartlett2-3/+24
I just need to fix a couple of NTLMv2 issues before we can fully pass, and put this in test_rpc.sh, as a 'should pass' test. Andrew Bartlett (This used to be commit 4b52409e385366d87724bb79f4fad4803e8ecfec)
2007-10-10r4492: r.in.info is a pointer that needs to be allocated before useAndrew Tridgell1-0/+1
(This used to be commit f830adc54ada7f38f964a6ccb5270d2791325dd5)
2007-10-10r4491: don't dereference q1.out.sam unless we know it is not NULLAndrew Tridgell1-1/+1
(This used to be commit 77e14c28584c5917f22672b304cb0f8e37e883fd)
2007-10-10r4483: - rename same structs, enums and uninons of the dssetup pipeStefan Metzmacher1-8/+16
to match the style we are using in other pipes - first fillin local vars and only set the out parameter on success - for the server code only to the samdb lookup when it's needed NOTE: the DsRoleGetPrimaryDomainInformation() code with DS_ROLE_MEMBER_SERVER is not tested yet, does someone has a w2k3 member server to test with? metze (This used to be commit e6d1136497f501fe0687bfb34a155db6a9d87bde)
2007-10-10r4475: fixed smbd to work with the small changes in the ldb API (the most ↵Andrew Tridgell1-1/+3
important change was in the ldb_msg_add_*() routines, which now use the msg as a context, and thus it needs to be a talloc ptr) (This used to be commit 1a4713bfd0e519f3eb7b3241121ff914a6eeef18)
2007-10-10r4473: - moved talloc into its own lib/talloc/ areaAndrew Tridgell2-725/+1
- added gcov flags to Makefile.talloc - expanded talloc testsuite to add a test for realloc with a child ptr - fixed a bug in talloc_realloc() with realloc of a ptr that has child ptrs (This used to be commit 98b5f73c1ba34d7576c5995069b485c1c5ede324)
2007-10-10r4466: rather than defining "STANDALONE" for building tdb, ldb and tallocAndrew Tridgell1-7/+6
outside the tree, instead defined _SAMBA_BUILD_ inside the Samba build. This makes it easier to pull code out of Samba for external use. (This used to be commit 09e98c8745cca7ccb1ad7134c0c09b8e4c0f4f06)
2007-10-10r4463: added testing of the special SID_CREATOR_OWNER inheritance rulesAndrew Tridgell1-21/+56
(This used to be commit 5448c72ebe58e264ee772f8e1c4caee2250c328c)
2007-10-10r4461: finished the remaining information levels in the DSSETUP pipe. The ↵Andrew Tridgell1-6/+11
pipe is now complete! The only glitch is that I am returning DS_ROLE_MEMBER_SERVER when I should be returning DS_ROLE_PRIMARY_DC. This is needed for the moment or ACL editing doesn't work from w2k3. Once we have some more ADS calls we should be able to fix this. (This used to be commit 6566dc2805a9f6473ebab70b0dbd381c4dbd42c8)
2007-10-10r4459: GENSEC refinements:Andrew Bartlett1-31/+26
In developing a GSSAPI plugin for GENSEC, it became clear that the API needed to change: - GSSAPI exposes only a wrap() and unwrap() interface, and determines the location of the signature itself. - The 'have feature' API did not correctly function in the recursive SPNEGO environment. As such, NTLMSSP has been updated to support these methods. The LDAP client and server have been updated to use the new wrap() and unwrap() methods, and now pass the LDAP-* tests in our smbtorture. (Unfortunely I still get valgrind warnings, in the code that was previously unreachable). Andrew Bartlett (This used to be commit 9923c3bc1b5a6e93a5996aadb039bd229e888ac6)
2007-10-10r4457: Fix IDL + add torture test for InqObjectJelmer Vernooij1-1/+22
(This used to be commit dbcaff7c71c9b7ee984a2ed458b6c3ce27772740)
2007-10-10r4451: added initial RPC-DSSETUP torture test. It works for level1 ofAndrew Tridgell3-2/+73
ds_RolerGetPrimaryDomainInformation() (This used to be commit 7aec3dac6fd5165cfca5c650aaa29234e278d95d)
2007-10-10r4445: put the unlink test in a subdirectory, and ensure it cleans upAndrew Tridgell1-2/+6
(This used to be commit 382231ca365eccec8024af9420b1ebe41953bdb5)