summaryrefslogtreecommitdiff
path: root/source4
AgeCommit message (Collapse)AuthorFilesLines
2013-10-14s4-samldb: Do not allow deletion of objects with RID < 1000Nadezhda Ivanova3-3/+40
According to [MS-SAMR] 3.1.5.7 Delete Pattern we should not allow deletion of security objects with RID < 1000. This patch will prevent deletion of well-known accounts and groups. Signed-off-by: Nadezhda Ivanova <nivanova@symas.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Nadezhda Ivanova <nivanova@samba.org> Autobuild-Date(master): Mon Oct 14 13:31:50 CEST 2013 on sn-devel-104
2013-10-13libcli4: Remove an unused variableVolker Lendecke1-1/+0
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Sun Oct 13 17:58:23 CEST 2013 on sn-devel-104
2013-10-11torture: Extend the smb2.oplock.doc1 testVolker Lendecke1-6/+28
If delete_on_close is set, there is no oplock break. Check that. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-10-11torture: Extend the raw.oplock.doc1 testVolker Lendecke1-7/+21
If delete_on_close is set, there is no oplock break. Check that. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-10-11samba-tool domain join subdomain: Rework sambadns.py to allow setup of ↵Andrew Bartlett4-77/+19
DomainDNSZone only This skips handling the ForestDNSZone when we are setting up a subdomain. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Fri Oct 11 10:27:49 CEST 2013 on sn-devel-104
2013-10-11provision: Remove --username and --password options from samba-tool domain ↵Andrew Bartlett2-2/+2
provision This avoids confusion, because the LDAP backend does not use these, and they do not set the password for the administrator account either! This may break support for the 'existing' backend LDAP backend, but that is nothing more than a stub for future development anyway, and new work in this area should use EXTERNAL in any case. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-10-10dsdb: Provide a clearer error when we fail to store the sequence number in ↵Andrew Bartlett1-6/+19
metadata.tdb Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-10-10dsdb/tests/ldap: fix test_distinguished_name against w2k8r2Stefan Metzmacher1-2/+2
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-10-10s4:dsdb/rootdse: report 'dnsHostName' instead of 'dNSHostName'Stefan Metzmacher1-1/+1
The attribute on the RootDSE object is called 'dnsHostName' instead of 'dNSHostName' (which is used in the schema and on all other directory objects). Bug: https://bugzilla.samba.org/show_bug.cgi?id=10193 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-10-10dsdb/tests/ldap: fix test_ldapServiceName against w2k8r2Stefan Metzmacher1-4/+8
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10193 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-10-06torture: Remove an unused variableVolker Lendecke1-1/+0
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-10-06torture: Continue buffer check after NOT_IMPLEMENTED infolevelsVolker Lendecke1-0/+3
Patch from the SDC plugfest. Not every implementation supports every infolevel, and we want to be able to test buffersize error behaviour for all supported infolevels Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-10-06torture: Fix a typoVolker Lendecke1-1/+1
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-10-05s4:torture:smb2: add durable-v2-open.reopen2cMichael Adam1-0/+75
- create durable with v1 request - reconnect with v2 reconnect request ==> fails Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-10-05s4:torture:smb2: add durable-v2-open.reopen2bMichael Adam1-0/+91
- connect with durable v2 - reconnect with durable v1 => succeeds Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-10-05s4:torture:smb2: add durable-v2-open.create-blobMichael Adam1-0/+108
test various combinations of durable create and reconnect request blobs, according to MS-SMB2, 3.3.5.9.12: "Handling the SMB2_CREATE_DURABLE_HANDLE_RECONNECT_V2 Create Context" Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-10-05s4:torture:smb2: extend the durable-open.reopen2 testMichael Adam1-18/+83
Add tests for: - filename and many other things don't matter in reconnect - additionally specified DHnQ request blob is ignored. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-10-05s4:torture:smb2: extend the durable-v2-open.reopen2 testMichael Adam1-4/+44
Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-10-05s4:torture:smb2: add a durable-open.reopen-lease-v2 testMichael Adam1-0/+238
like durable-open.reopen2-lease but with v2 lease requets Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-10-05s4:torture:smb2: add durable-v2-open.reopen2-lease-v2Michael Adam1-0/+245
lease v2 variant of the reopen2 test. Test various success and failure cases. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-10-05s4:torture:smb2: add smb2_lease_v2_create() wrapper to ↵Michael Adam1-0/+16
smb2_lease_v2_create_share() that sets share all. similar to smb2_lease_create() Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-10-05s4:torture:smb2: add durable-v2-open.reopen2-leaseMichael Adam1-0/+247
lease v1 variant of the reopen2 test Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-10-05s4:torture:smb2: add durable-open.reopen2-lease testMichael Adam1-0/+238
lease-variant of the reopen2 test Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-10-05s4:torture:smb2: fix durable-open lease tests to pass against windows.Michael Adam1-2/+8
Fix is: reconnect with same client-guid as on the first connection. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-10-05s4:torture:smb2: add smbcli_options argument to torture_smb2_connection_ext()Michael Adam3-13/+46
Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-10-05s4:libcli:smb2: make smbcli_options argument to smb2_connect_(send|ext) constMichael Adam1-2/+2
Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-10-05s4:libcli:smb2: add the smb2_capabilities to the smbcli_optionsMichael Adam3-4/+3
and initialize them in lpcfg_smbcli_options() instead of in smb2_transport_init() as previously. This will allow us to control them from callers later. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-10-05s4:libcli:smb2: add the client_guid to the smbcli_optionsMichael Adam3-4/+4
and initialize it in lpcfg_smbcli_options() instead of in smb2_transport_init() as previously. Having the client guid in the smbcli_options will allow us to control them from callers later. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-10-05s4:torture:spoolss: use smb2_connect() instead of smb2_connet_ext()Michael Adam1-12/+11
in print_test_smbd: we don't need to pass the previous_session_id. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-10-05s4:torture:smb2: fix a comment in the durable-open.lock-oplock testMichael Adam1-1/+1
Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-10-05samba_backup: fix bug, add command line parameter, improve error messagesBrian Martin1-15/+37
Also remove .bak suffix from tdb/ldb backups for more consistent restore procedures Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Matthieu Patou <mat@matws.net> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Sat Oct 5 13:51:34 CEST 2013 on sn-devel-104
2013-09-26dsdb: Convert the full string from UTF16 to UTF8, including embedded NULLsAndrew Bartlett1-1/+1
Bug: https://bugzilla.samba.org/show_bug.cgi?id=8077 Note that this doesn't fix the userParameters problem completely, but it doesn't truncate the userParameters value anymore. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Thu Sep 26 22:05:12 CEST 2013 on sn-devel-104
2013-09-26s4-openldap: Restored openldap-related options to the provision scriptNadezhda Ivanova1-6/+6
At the moment they are only available if TEST_LDAP=yes to avoid accidental use as the openldap backend is still failing some tests Signed-off-by: Nadezhda Ivanova <nivanova@symas.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Nadezhda Ivanova <nivanova@samba.org> Autobuild-Date(master): Thu Sep 26 07:31:05 CEST 2013 on sn-devel-104
2013-09-24pydsdb: Raise a more useful exception when dsdb_wellknown_dn fails.Andrew Bartlett1-0/+5
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2013-09-24pydsdb: Give KeyError when we fail a schema lookup in pythonAndrew Bartlett1-8/+8
This allows sensible exception handling. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2013-09-24Fix DN RDN case in partition namesHoward Chu3-31/+35
Move fix_dn from extended_dn_out.c to util.c Signed-off-by: Howard Chu <hyc@symas.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Nadezhda Ivanova <nivanova@symas.com> Autobuild-User(master): Nadezhda Ivanova <nivanova@samba.org> Autobuild-Date(master): Tue Sep 24 07:43:39 CEST 2013 on sn-devel-104
2013-09-23Fix entryCSN formatHoward Chu1-1/+7
Signed-off-by: Howard Chu <hyc@symas.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
2013-09-23Drop paged-search from OpenLDAP stackHoward Chu1-1/+1
Unnecessary, waste of time Signed-off-by: Howard Chu <hyc@symas.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
2013-09-23Add LDB_MAP_RENDROP optionHoward Chu1-1/+1
Like LDB_MAP_RENAME, but drop the attribute if it occurs in an Add request. Used for distinguishedName attribute, is read-only and generated but for some bizarre reason AD allows it in an Add request. Signed-off-by: Howard Chu <hyc@symas.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
2013-09-23Return a couple more attrs by defaultHoward Chu1-0/+2
Seems to want name and distinguishedName to always be returned. Signed-off-by: Howard Chu <hyc@symas.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
2013-09-23s4:torture:ldap: Fix misleading outputHoward Chu1-2/+2
Looks like an errant copy/paste from the Abandon test. Signed-off-by: Howard Chu <hyc@symas.com> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Mon Sep 23 22:47:50 CEST 2013 on sn-devel-104
2013-09-22selftest: Add release-4-1-0rc3 saved provisionAndrew Bartlett32-0/+155536
This version has the regression where we would, on join, write an all-zero invocationID in the replPropertyMetaData attribute, on Deleted Objects in particular. To demonstrate this regression, this is based on the promoted_dc environment from make test, with the domain altered to match the pattern used in these trees. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2013-09-22selftest: Add script to assist in writing out a tree undump.sh can restoreAndrew Bartlett1-0/+48
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2013-09-22dsdb: Refuse to replicate an all-zero invocationID GUID in replPropertyMetaDataAndrew Bartlett1-0/+9
This matches Windows 2008R2. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2013-09-22Remove NEWS file containing confusing informationAndrew Bartlett1-496/+0
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2013-09-22Remove confusing TODO fileAndrew Bartlett1-276/+0
This makes no sense in the merged tree, and only confuses users. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2013-09-22dsdb: Use WERR_DS_ATT_NOT_DEF_IN_SCHEMA for failed schema lookupsAndrew Bartlett1-28/+28
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2013-09-21s4:torture: remove and useless variable and assignment in smb2.session.reauth5Michael Adam1-3/+1
Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat Sep 21 08:00:02 CEST 2013 on sn-devel-104
2013-09-20libcli: continue to read from the socket even if the size is 0Matthieu Patou1-1/+1
This is an issue found by Codenomicon, with a malicious packet with 0 bytes UDP payload we will continiously be looping trying to react from the socket event and continiously do nothing as we will bail out thinking that we had a memory allocation error. Original fix comes from Volker Lendecke <vl@samba.org> Signed-off-by: Matthieu Patou <mat@matws.net> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Fri Sep 20 04:46:47 CEST 2013 on sn-devel-104
2013-09-19lib/messaging: Check the server_id type correctlyAndrew Bartlett1-1/+1
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Thu Sep 19 23:19:16 CEST 2013 on sn-devel-104