summaryrefslogtreecommitdiff
path: root/source4
AgeCommit message (Collapse)AuthorFilesLines
2009-10-16s4/drs(tort): oid_from_attid() reference implementationKamen Mazdrashki2-1/+96
Decode Attribute OID using prefixMap and ATTID received during replication Based on MS documentation. See MS-DRSR.pdf - 5.16.4
2009-10-16s4/drs(tort): TORTURE_DRS torture module - initial implementationKamen Mazdrashki4-0/+95
Drsuapi tests module registers two suites: - DRS-RPC - tests to be executed against remote machine - DRS-UNIT - unit test for internal testing
2009-10-16s4/drs: Propagate redefinition of drsuapi_DsReplicaOID into code baseKamen Mazdrashki2-69/+134
The biggest change is that 'oid' field is transmited in binary format. Also the field name is changed to 'binary_oid' so that field format to be clear for callers. After those changes, Samba4 should work the way it works before - i.e. no added value here but we should not fail when partial-oid is part of prefixMap transmited from Win server. Also, thre is a bug in this patch - partial-binary-OIDs are not handled correctly. Partial-binary-OIDs received during replication will be encoded, but not handled correctly.
2009-10-16s4-winsrepl: don't put in attributes with no elementsAndrew Tridgell1-2/+2
Empty attributes are no longer allowed by ldb. This also fixes the error checking in winsdb_message() This fixes the samba4.nbt.winsreplication test
2009-10-16s4-smbtorture: add very basic libwbclient testsuite.Günther Deschner2-2/+3
Guenther
2009-10-16s4-pvfs: fixed mask handling for SEC_FLAG_MAXIMUM_ALLOWEDAndrew Tridgell1-2/+2
This matches the sec_access_check() code
2009-10-16s4-torture: take privileges into account in BASE-MAXIMUM_ALLOWEDAndrew Tridgell1-10/+48
The correct answer depends on the users privileges.
2009-10-15s4:dcerpc_server - Read the generic session key out from ↵Matthias Dieter Wallnöfer1-5/+2
"dcerpc_generic_session_key" I don't think that this code needs to exist identically on the server and on the client side. This patch leaves it on the client side (dcerpc lib) and calls it from the server.
2009-10-15s4:w32err_code.py script - put it under "scripting/bin"Matthias Dieter Wallnöfer1-0/+0
I think this is a better location for this script. Since the subdirectory "script" of "source4" contains only scripts for "make install" and "make uninstall".
2009-10-15s4-smb: fill in fnum as well for root_fidAndrew Tridgell2-1/+3
This helps with the CIFS NTVFS backend, but doesn't solve all problems
2009-10-15s4-selftest: mark some CIFS backend tests as known failAndrew Tridgell1-0/+4
The CIFS passthru NTVFS doesn't handle some options yet (eg. root_fid)
2009-10-15s4-smbserver: fixed root_fid in nttrans createAndrew Tridgell1-1/+1
2009-10-15s4-libcli: fixed structure element bug in ntcreatexreadxAndrew Tridgell1-1/+1
This one didn't matter until the root_fid changed the alignment of the two structures.
2009-10-15s4-torture: catch bad command line optionsAndrew Tridgell1-0/+3
It is annoying when you mistype a command line option and aren't told.
2009-10-15s4-pvfs: implement root_fid support in posix backendAndrew Tridgell1-0/+15
Construct the filename from the old handle and the new name.
2009-10-15s4-smb: declare root_fid as a file handleAndrew Tridgell29-139/+139
In order to implement root_fid in the s4 SMB server we need to declare it as a handle type, just as for other fnum values in SMB. This required some extensive (but simple) changes in many bits of code.
2009-10-15s4-pvfs: fixed handling of SEC_FLAG_MAXIMUM_ALLOWEDAndrew Tridgell1-1/+1
The CREATEX_ACCESS test shows that this is used as a bit test, not a equality test
2009-10-15s4-ldaptest: "testgroup" is a bit too commonAndrew Tridgell1-2/+2
This failed on one of my test boxes that has a group called "testgroup". using "testgroupXX" should be a bit better.
2009-10-15s4:ntlmssp server - use also here the new "lp_dnsdomain()" callMatthias Dieter Wallnöfer1-2/+1
2009-10-15s4:auth/credentials/credentials - fix uninitalised pointersMatthias Dieter Wallnöfer1-7/+35
This should fix bug #6755.
2009-10-15s4-ldap: test the rDN size limitAndrew Tridgell1-0/+25
2009-10-15s4-dsdb: implement limit on rDN lengthAndrew Tridgell1-3/+11
w2k8 imposes a limit of 64 characters on the rDN
2009-10-15s4-ldb: removed incorrect rDN length testAndrew Tridgell1-13/+0
This is a property of AD, not ldb, so should be in our ldb modules.
2009-10-15s4-ldb: removed bugus RDN length checkAndrew Tridgell1-5/+0
This isn't the rDN !
2009-10-15s4-script: flush DNS after adding new addressesAndrew Tridgell1-0/+1
2009-10-15s4-devel: for devel scripts its better to use bin/ than $PREFIX/binAndrew Tridgell2-6/+7
This avoids having to do make install after each change when using the drs devel scripts
2009-10-15s4-drs: support DRSUAPI_DRS_ADD_REF flagAndrew Tridgell1-5/+29
The DRSUAPI_DRS_ADD_REF flag tells the DRS server to run an UpdateRefs call on behalf of the client after the DsGetNCChanges call. The lack of support for this option may explain why the repsTo attribute was not being created for w2k8-r2 replication partners.
2009-10-15s4-drs: implement more of DsUpdateRefsAndrew Tridgell2-27/+63
The DsUpdateRefs calls takes a set of flags that indicates if the server should ignore specific add/delete error codes. This patch also exposes the core UpdateRefs call into a public function, so that it can be called from DsGetNCChanges
2009-10-15ldb: fixed display of replUpToDateVectorAndrew Tridgell1-1/+1
2009-10-15drs: improved error checkingAndrew Tridgell1-16/+49
Check the validity of the requested options in DsGetNCChanges
2009-10-15s4-dsdb: added samdb_rodc() and samdb_ntds_options()Andrew Tridgell2-1/+51
Later we will need to make samdb_rodc() look in the database, but for now we should at least have the function in a central place
2009-10-14s4:torture cldap test - Add checks for the right forest DNS nameMatthias Dieter Wallnöfer1-1/+6
2009-10-14s4:password_hash - load the domain parameters from the "loadparm context"Matthias Dieter Wallnöfer1-42/+11
And don't cut them out from the DNS hostname.
2009-10-14s4:torture - fix up "ldap_basic" testMatthias Dieter Wallnöfer1-5/+6
2009-10-14s4: Changes the old occurences of "lp_realm" in "lp_dnsdomain" where neededMatthias Dieter Wallnöfer15-49/+43
For KERBEROS applications the realm should be upcase (function "lp_realm") but for DNS ones it should be used lowcase (function "lp_dnsdomain"). This patch implements the use of both in the right way.
2009-10-14s4:loadparm - adapt "realm" handlingMatthias Dieter Wallnöfer2-3/+24
Change "lp_realm" behaviour to return the realm always upcased and add a function "lp_dnsdomain" which returns it always lowcased.
2009-10-14Revert "s4:hdb-samba4 - Don't double-free "db""Andrew Bartlett1-0/+1
This reverts commit 11a8a54c825a52d7dd6ab78bc7aeff2d719327d2. The actual fix for bug 6801 is in hdb_end_seq_get() - this attempt leaks 'db' instead. Andrew Bartlett
2009-10-14s4:heimdal A real fix for bug 6801Andrew Bartlett1-3/+3
The issue was that we would free the entry after the database, not knowing that the entry was a talloc child of the database. Andrew Bartlett
2009-10-13s4:hdb-samba4 - Don't double-free "db"Matthias Dieter Wallnöfer1-1/+0
"db" is freed anyway after the destructor terminates so this does really make no sense here (rather it makes code crash). Should fix bug #6801.
2009-10-13s4:dcesrv_samr - add another constantMatthias Dieter Wallnöfer1-1/+1
2009-10-13s4:dcesrv_samr - prevent "ldb_modify" on a possibly empty messageMatthias Dieter Wallnöfer1-8/+10
In this code part under certain circumstances we can end up with an empty message. Since our new behaviour denies them (like the real AD) we need to bypass them on LDB modify calls.
2009-10-13s4:dcesrv_samr - Add additional "talloc_free"sMatthias Dieter Wallnöfer1-0/+4
2009-10-13s4:dcesrv_samr - CosmeticsMatthias Dieter Wallnöfer1-23/+31
Make more use of constants and add some braces around "if" blocks
2009-10-12s4:ldb_tdb - Revert some introduced "trivial gotos"Matthias Dieter Wallnöfer1-21/+11
I hope that this makes abartlet & simo happy again (consider mailing list).
2009-10-13s4-repl: check that a DsGetNCChanges is a continuation, and fix sortingAndrew Tridgell2-4/+17
When we indicate that a getncchanges request is not complete, we set the more_data flag to true in the response. The client usually then asks for the next block of data. If the client decides it wants to skip that replication and do a different replication then we need to make sure that the next call is in fact a continuation of the existing call, and not a new call. This relies on returning the results sorted by uSNChanged, as the client uses the tmp_highest_usn in each result to see if progress is being made.
2009-10-12s4:provision.py - simplify the "realm" variable handling a bitMatthias Dieter Wallnöfer1-6/+5
(Remove unneeded "upper"s)
2009-10-12s4:objectclass ldb module - Check for empty messagesMatthias Dieter Wallnöfer1-1/+8
I think the check for empty messages fits best here.
2009-10-12Revert "s4:ldb - add a check which has to be done on beginning of a "modify" ↵Matthias Dieter Wallnöfer1-8/+0
operation" This reverts commit f9990e9b391f330a8e6c5c158ee4e4eaa50f6176. abartlet claims that this behaviour is too AD specific to put here. Btw I had also some doubts if this is clean enough. I put it only here to make "ldap.py" pass. I'll try to find a new solution soon.
2009-10-12s4:ldb Allow a NULL module listAndrew Bartlett1-1/+1
2009-10-12Allow (and ignore) distinguishedName on special recordsAndrew Bartlett1-0/+2
They are not stored, so we can ignore them (makes copying records much easier) Andrew Bartlett