summaryrefslogtreecommitdiff
path: root/source4
AgeCommit message (Collapse)AuthorFilesLines
2009-12-21s4-dsdb: give us an invocationID when in standalone modeAndrew Tridgell1-1/+79
To allow us to use the repl_meta_data module in standalone mode (and thus not have two module stacks to test), we need a invocationID stored somewhere when standalone. This creates a random one, and stores it in @SAMBA_DSDB. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2009-12-19s4:kdc: setup the local and remote tsocket_address at accept timeStefan Metzmacher1-44/+49
metze
2009-12-19s4:kdc: convert UDP based communication to tdgram_contextStefan Metzmacher2-177/+138
metze
2009-12-18s4 torture: Add test to show archive bit behavior with directoriesZachary Loafman1-0/+153
Signed-off-by: Tim Prouty <tprouty@samba.org>
2009-12-18s4 torture: Fix RAW-STREAMS-DELETE to pass against samba3Tim Prouty1-1/+2
2009-12-18Added freeing a successful req so it doesnt croud the ldb contextNadezhda Ivanova1-2/+4
2009-12-18Added oid for AS_SYSTEM control, used to bypass access checks for system ↵Nadezhda Ivanova1-0/+6
operations.
2009-12-18s4-dsdb: stop warnings about unknown struct GUID in prototypesAndrew Tridgell1-0/+1
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2009-12-18s4-ldb: fixed a valgrind error in ldbtestAndrew Tridgell1-0/+2
we were using msg->dn after the ldb it contained had been freed Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2009-12-18s4-dsdb: greatly simplify the subtree_delete moduleAndrew Tridgell1-117/+20
We can use dsdb_module_search() to make this much simpler Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2009-12-18s4-dsdb: declare ldb_dn_update_components()Andrew Tridgell1-0/+1
2009-12-18s4-dsdb: added ldb_dn_update_components()Andrew Tridgell1-0/+23
This is used to udpate just the DN components of a ldb_dn, leaving the other extended fields alone. It is needed to prevent linked attribute updates from removing other extended components. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2009-12-18s4-dsdb: fixed the sort in dsdb_find_nc_root()Andrew Tridgell1-1/+6
2009-12-18s4-ldb: display msDS-OptionalFeatureGUID as a GUIDAndrew Tridgell1-0/+1
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2009-12-18s4-scripts: add a enablerecyclebin scriptAndrew Tridgell1-0/+54
This can be used to enable the recyclebin on a windows box. Once we properly implement this feature in samba we will use this to enable the feature on ourselves as well.
2009-12-18s4-ldb: canonicalise the message on ldb_addAndrew Tridgell1-0/+9
This canonicalise avoids a problem with an add that has multiple elements with the same el->name. That is allowed by MS servers, and by ldb, but it breaks things like the tdb backend and the repl_meta_data RPMD handling. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2009-12-18s4-dsdb: Add a test for adding, deleting, and appending a posixAccount ↵Brendan Powers1-0/+30
objectClass to a user Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2009-12-18s4-dsdb: fix handling of AUX classes in objectclass_sortBrendan Powers1-146/+133
This is done by sorting the classes by subClass_order, which will check if the last structural class is valid to add (in objectclass_do_add instead checking the last class in the list). They were being sorted by building a class tree, and adding the classes to the list in that order. However, AUX classes usually don't fit into that tree, so LDB_ERR_OBJECT_CLASS_VIOLATION was returned. I have changed the behavior to sort the classes by subClass_order instead. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2009-12-18s4-dsdb: return an error if samAccountName is not specified when creating a ↵Brendan Powers1-0/+7
user. Makes sure samAccountName has been specified before adding a user. This happened while I was trying to add a user with the posixAccount objectclass. I forgot to specify the user objectClass, and samba segfaulted. It now returns LDB_ERR_CONSTRAINT_VIOLATION. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2009-12-18s4-dsdb: Move get_last_structural class from descriptor.c to util.cBrendan Powers3-16/+30
It can now also be used by objectclass.c get_last_structural_class now ignores AUX classes, because they are not structural Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2009-12-18s4-dsdb: Add a check to prevent acl_modify from debuging a NULL messageBrendan Powers1-1/+5
Check to see if there were any messages passed to acl_modify before debugging the first one. I think I caused this by some malformed LDIF. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2009-12-18s4:provision Give a more useful error message in guess_namesAndrew Bartlett1-3/+11
The problem here is that as we start to get 'real users' they still decide to do silly things, like load empty but existing smb.conf files. Let's give them a better chance to discover what they did wrong. Andrew Bartlett
2009-12-17s4 torture: RAW-STREAMS-NAMES Make sure the create time of the streams are ↵Tim Prouty1-0/+24
different from the base file
2009-12-17s4 torture: Add RAW-STREAMS-RENAME3 to show error when trying to overwrite a ↵Tim Prouty1-0/+92
stream with an open handle A normal file overwrite in this case would return NT_STATUS_ACCESS_DENIED, but if a stream is the target NT_STATUS_INVALID_PARAMETER is returned.
2009-12-17s4 torture: Parameterize streams delete behavior rather than commenting out ↵Tim Prouty1-3/+7
the check.
2009-12-17s4 torture: RAW-STREAMS-CREATEDISP Use a normal deny modeTim Prouty1-1/+1
2009-12-17s4 torture: close handle instead of using exitTim Prouty1-1/+1
2009-12-17s4:"samdb_set_password" - remove delete instructionsMatthias Dieter Wallnöfer1-7/+2
They won't work when the LDB change is done using "samdb_replace" (consider "samr_password.c" functions). I think this has been a relict which has been useful before the "password_hash" module existed. Basically it itself does now the updates.
2009-12-17s4-smbtorture: skip GetAliasMembership against s4.Günther Deschner1-0/+4
It returns NT_STATUS_INTERNAL_DB_CORRUPTION for unknown sids and I could not figure out why. Guenther
2009-12-17Fixed incorrect checking of PRINCIPAL_SELF permissions.Nadezhda Ivanova3-16/+139
If an ace has the PRINCIPAL_SELF as trustee, this sid has to be replaced with the onjectSid of the object being checked. PRINCIPAL_SELF is the way to grant rights to an account over itself.
2009-12-17s4-smbtorture: add a samr_GetAliasMembership test to RPC-SAMR.Günther Deschner1-0/+47
Guenther
2009-12-17s4:dsdb/common/util - make NTTIME attribute wrappers use a "const" messageMatthias Dieter Wallnöfer1-4/+6
There is no reason to have the message non-const here.
2009-12-17s4-smbtorture: fix smbtorture after setprinter IDL fixes.Günther Deschner1-4/+4
Guenther
2009-12-17s4-ntvfs: check if pvfs is NULL in pvfs_logoffbrendan powers1-0/+5
pvfs can be NULL if the directory a share points to does not exist. In this case, there would be no open files, so it is safe to just return from the function. Signed-off-by: Andrew Tridgell <tridge@samba.org>
2009-12-16s4:gensec: allow clearing local and remote address by passing NULLStefan Metzmacher1-0/+10
metze
2009-12-16s4-gensec: Remove obsolete socket_address vars and fns.Andreas Schneider2-35/+0
2009-12-16s4-gensec: Replace gensec_get_peer_addr with new tsocket based fn.Andreas Schneider8-32/+29
2009-12-16s4-gensec: Replace gensec_set_peer_addr with new tsocket based fn.Andreas Schneider3-12/+1
2009-12-16s4-gensec: Replace gensec_get_my_addr with new tsocket based fn.Andreas Schneider3-23/+24
2009-12-16s4-gensec: Replace gensec_set_my_addr() with new tsocket based fn.Andreas Schneider3-27/+1
2009-12-16s4-gensec: Added remote and local setter/getter using tsocket.Andreas Schneider3-4/+127
2009-12-16s4-dsdb: also mark the relax control non-critical when doneAndrew Tridgell1-5/+3
2009-12-16s4-dsdb: it is a better pattern to mark a control as done than remove itAndrew Tridgell3-21/+7
removing a control means it can't be seen by any other modules, which is usually not what is wanted. Better to just mark it non-critical, which means anyone else who wants to look at it can, but if nobody does its not an error.
2009-12-16s4-dsdb: when the SD_FLAGS control is set, don't remove nTSecurityDescriptorAndrew Tridgell1-10/+19
2009-12-16s4-dsdb: don't actually remove the sd_flags control, just mark it non-criticalAndrew Tridgell1-14/+10
For controls that need to be seen by more than one module, it is best to just mark them non-critical when handled, instead of removing them. Otherwise lower modules can't see them. In this case we want the operational module to see the SD_FLAGS control
2009-12-16s4-ldb: show the OID of any unhandled critical controlsAndrew Tridgell1-4/+9
It isn't very useful just saying that a control is not supported, without saying which one is the problem Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2009-12-16s4-ldb: fixed a transaction error on prepare_commitAndrew Tridgell1-2/+2
when a prepare commit fails, we need to give a cancel to all modules, not a commit! Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2009-12-16s4-ldb: added --show-deactivated-link command line optionAndrew Tridgell1-1/+8
this adds the SHOW_DEACTIVATED_LINK control
2009-12-16s4-dsdb: added dsdb_get_deleted_objects_dn()Andrew Tridgell1-0/+22
This is based on the code from Eduardo Lima <eduardoll@gmail.com>, but uses the new helper functions added in the last couple of commits Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2009-12-16s4-dsdb: added dsdb_find_nc_root()Andrew Tridgell1-0/+64
This is based on the function of the same name from Eduardo Lima <eduardoll@gmail.com>, but using ldb_dn_compare, to give us comparisons consistent with what the rest of the code uses. We will use this function in combination with dsdb_wellknown_dn() to find the Deleted Objects container for any object. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>