summaryrefslogtreecommitdiff
path: root/source4
AgeCommit message (Collapse)AuthorFilesLines
2009-06-12Add supportedCapabilities to our rootDSEAndrew Bartlett1-0/+3
This makes AD client tools happier, as they know they are talking to an AD server. per Bug 6229 by Matthieu Patou <mat@matws.net> Andrew Bartlett
2009-06-12s4:heimdal: import lorikeet-heimdal-200906080040 (commit ↵Andrew Bartlett327-7112/+9481
904d0124b46eed7a8ad6e5b73e892ff34b6865ba) Also including the supporting changes required to pass make test A number of heimdal functions and constants have changed since we last imported a tree (for the better, but inconvenient for us). Andrew Bartlett
2009-06-11selftest: Fix handling of testsuite, reintroduce progress indication.Jelmer Vernooij1-1/+4
2009-06-11selftest: Fix subunit stream to include the right prefixes rather thanJelmer Vernooij1-1/+1
extending the subunit protocol.
2009-06-11selftest: Use external processes for filtering known failures and prettyJelmer Vernooij1-16/+14
formatting.
2009-06-11selftest: Use filter-xfail for known failuresJelmer Vernooij1-2/+5
2009-06-11selftest: Use subunit internally, and a separate test output formatter.Jelmer Vernooij1-18/+19
2009-06-11A script to compare the differences in nTSecurityDescriptor between 2 hostsNadezhda Ivanova1-0/+153
This script walks the schema, configuration and domain partitions of the locally installed Ldb and a remote hosts and compares the descriptors disregarding the difference in domain SID. The goal is to make sure a freshly provisioned Samba has the correct descriptors so ACLs work correctly. It outputs the descriptors in short SDDL, where the correct SIDs are to be replaced during provisioning. Optionally it can be output as an LDIF file with the current local domain and domain SIDs.
2009-06-10fixed some places where RPC-SECRETS needs to be changed to RPC-LSA-SECRETSAndrew Tridgell1-6/+6
this copes with a rename of SECRETS to LSA-SECRETS in an earlier patch by gd
2009-06-10fixed the encoding/decoding of the reverse attribute for server side sortAndrew Tridgell1-3/+10
2009-06-10Clarify and expand the Kerberos notes made by Andrew Bartlett in 2005Donald T. Davis1-154/+448
Compiled with Andrew over a series of phone calls and gobby sessions, with the aim of documenting Kerberos requirements for Samba to us an alternate (ie, MIT) Kerberos library. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2009-06-10Remove copy of kerberos-notes.txt added in incorrect locationAndrew Bartlett1-760/+0
2009-06-10Clarify and expand the Kerberos notes made by Andrew Bartlett in 2005Donald T. Davis1-0/+760
Compiled with Andrew over a series of phone calls and gobby sessions with Andrew, with the aim of documenting Kerberos requirements for Samba to us an alternate (ie, MIT) Kerberos library. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2009-06-10fixed server side sort controlAndrew Tridgell1-4/+7
when sorting a record that does not have the requested sort attribute then put those records last in the sort result
2009-06-10fixed server side sorting of case-insensitive stringsAndrew Tridgell1-3/+0
The sort module uses ldb_comparison_fold() as the comparison function for case-insensitive attributes. In other places the function is being used to produce a boolean, but for sorting we care about ordering. The n1 - n2 return was sorting by length, not value
2009-06-09Fix installation path of the subunit python modules.Timur I Bakeyev1-1/+1
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
2009-06-09s4-tests: Add separate variable for tap2subunit.Jelmer Vernooij1-2/+3
2009-06-09SMB2-COMPOUND: add some tests for invalid requestsStefan Metzmacher1-0/+201
TODO: check why the INVALID1 tests fails with --signing=required. metze
2009-06-09s4:smb2srv: don't allow the related flag on the first request in a ↵Stefan Metzmacher1-0/+7
compounded chain metze
2009-06-09s4: smbcli_transport_send hit the socket right away if possibleSam Liddicott1-0/+7
[Metze; "make test" on git master outputs exactly the same test summary with our without this patch (apart from the "using seed" lines)] If the transport socket is writable, then push the queue along rather than wait until the caller returns back to the tevent loop. This strategy keeps the sockets piping hot, and is particularly good for cases where reading requests from one socket causes lots of writes on another socket, or where lots of writes are made in a batch. It doesn't matter if the socket is not writeable yet, packet_queue_run will return quite cheaply in such a case. Signed-off-by: Sam Liddicott <sam@liddicott.com> Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-06-09s4:torture: add SMB2-COMPOUND testStefan Metzmacher3-1/+245
metze
2009-06-09s4:smb2srv: correctly fail remaining compounded requests after a failureStefan Metzmacher2-5/+18
metze
2009-06-09s4:smb2srv: remove old TODO comment, we already check the seqnumStefan Metzmacher1-2/+0
metze
2009-06-09s4:smb2srv: fix handling of multiple compounded requestsStefan Metzmacher1-7/+12
metze
2009-06-09s4:smb2srv: remove the chained file handle on closeStefan Metzmacher1-0/+4
metze
2009-06-09s4:libcli/smb2: add smb2_transport_credits_ask_num()Stefan Metzmacher3-2/+13
metze
2009-06-09s4:libcli/smb2: only add the 1 byte dynamic buffer padding for non ↵Stefan Metzmacher1-2/+6
compounded requests metze
2009-06-09s4:libcli/smb2: add support sending compounded requestsStefan Metzmacher3-50/+205
metze
2009-06-09s4:libcli/smb2: prepare SMB2 signing code for compounded requestsStefan Metzmacher1-2/+8
metze
2009-06-09s4-selftest: change rpc.secrets to rpc.lsa.secrets here as well.Günther Deschner1-5/+5
Guenther
2009-06-09s4-smbtorture: rename SECRETS to LSA-SECRETS.Günther Deschner1-1/+1
Guenther
2009-06-09work around conflict in pidfile() prototype for heimdal on NetBSD5Andrew Tridgell1-0/+7
2009-06-08s4-smbtorture: when testing RPC-SAMR-LARGE-DC its fine to just close the ↵Günther Deschner1-13/+17
objects. Guenther
2009-06-08s4-smbtorture: add test_QueryDisplayInfo_level to RPC-SAMR-LARGE-DC.Günther Deschner1-6/+79
Guenther
2009-06-08python: Fix samba4.dcerpc.rpcecho.RpcEchoTests.test_surrounding test.Jelmer Vernooij1-1/+1
2009-06-08s4:heimdal: fix build on FreeBSDBjörn Jacke2-1/+4
Patch from Timur I. Bakeyev sent to samba-technical: Heimdal requires openpty() presence. FreeBSD has in in standard libc, so autodetection works, but compilation fails, as declaration of this function is missing. This patch adds proper header detection and inclusion for openpty().
2009-06-08s4-smbtorture: also test for "all" architecture in enum driver tests in ↵Günther Deschner1-5/+28
RPC-SPOOLSS. Guenther
2009-06-08s4-smbtorture: fix test_ReportEventLog in RPC-EVENTLOG.Günther Deschner1-2/+2
Guenther
2009-06-08Make tunable for modulesdirTimur I. Bakeyev1-0/+16
This patch is for Samba4. It adds configure tunable for modulesdir - location, where modules should be installed. In the case, when no FHS compliance is used and libdir is redefined, modulesdir still points to $PREFIX/modules. In some installations it may be not desired. I'd rather set it myself :) So, here is the patch. With regards, Timur Bakeyev. Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-06-08rl_event_hook detectionTimur I. Bakeyev1-1/+4
This patch is relevant for Samba4 source mostly. The way, how readline compiled under FreeBSD makes it require stdio.h to get all the necessary declarations. Without this addition rl_event_hook is not properly detected. With regards, Timur Bakeyev. Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-06-08s4-smbtorture: exclude oem_information checking for s3 in RPC-SAMR.Günther Deschner1-4/+10
Guenther
2009-06-07s4-smbtorture: skip samr MultipleMember alias tests for 3 as well as we do ↵Günther Deschner1-2/+3
already for s4. Guenther
2009-06-06Allow access as SYSTEM on a privileged ldapi connectionVolker Lendecke1-13/+83
This patch creates ldap_priv/ as a subdirectory under the private dir with the appropriate permissions to only allow the same access as the privileged winbind socket allows. Connecting to ldap_priv/ldapi gives SYSTEM access to the ldap database.
2009-06-06Fix some nonempty blank linesVolker Lendecke2-64/+60
2009-06-05fixed handling of change notify buffer overrunsAndrew Tridgell1-2/+9
When the notify buffer overruns and there are no pending notify requests, the notify buffer doesn't actually get destroyed, it just gets put in a state where new notifies are discarded and the next notify change request will return 0 changes.
2009-06-04s4-smbtorture: fix comment in RPC-SAMR-LARGE-DC test.Günther Deschner1-3/+3
Andrew, I think you wanted to print this instead. Guenther
2009-06-04Increase tevent version for tevent_req_notify_callback()Volker Lendecke1-1/+1
2009-06-04s4:torture Cut the RPC-SAMR-LARGE-DC test down to sizeAndrew Bartlett1-7/+16
This removes the validation of the estimated number of accounts, because MS-SAMR 3.1.5.5.1.1 makes clear the number returned cannot be relied apon. I've also converted a bit more of the test to use torture_assert(), and where that is impractical, to print error messages when things fail. Andrew Bartlett
2009-06-04s4:torture assert that we get a Mailslot allocated before we dereferenceAndrew Bartlett1-0/+2
2009-06-04changed the auth path to use extended DN ops to avoid non-indexed searchesAndrew Tridgell3-92/+91
Logs showed that every SAM authentication was causing a non-indexed ldb search for member=XXX. This was previously indexed in Samba4, but since we switched to using the indexes from the full AD schema it now isn't. The fix is to use the extended DN operations to allow us to ask the server for the memberOf attribute instead, with with the SIDs attached to the result. This also means one less search on every authentication. The patch is made more complex by the fact that some common routines use the result of these user searches, so we had to update all searches that uses user_attrs and those common routines to make sure they all returned a ldb_message with a memberOf filled in and the SIDs attached.