summaryrefslogtreecommitdiff
path: root/source4
AgeCommit message (Collapse)AuthorFilesLines
2011-01-25s4:dsdb/samdb/ldb_modules/objectclass.c - move LSA specific object checks ↵Matthias Dieter Wallnöfer2-32/+29
into "objectclass_attrs" LDB module LSA object classes are protected on both LDAP add and LDAP modify operations, so I've refactored the previous check in the objectclass LDB module only for LDAP adds in a new one in the objectclass_attrs LDB module for both adds and modifies. This is the result of the investigations done by Hongwei Sun and I in the last months. Interestingly these protection mechansim doesn't apply on LDAP deletes! Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2011-01-25waf: share libndr.so between samba3 and samba4.Günther Deschner1-11/+0
Guenther
2011-01-22s4-repl_meta_data: replmd_update_is_newer() should not return true if ↵Kamen Mazdrashki1-3/+3
metadata stamps are equal Autobuild-User: Kamen Mazdrashki <kamenim@samba.org> Autobuild-Date: Sat Jan 22 12:22:30 CET 2011 on sn-devel-104
2011-01-22s4-repl_meta_data: Print out what is wrong when we fail to modify objectKamen Mazdrashki1-0/+1
2011-01-22s4-repl_meta_data: We should not use USNs in metadata comparisonsKamen Mazdrashki1-11/+0
If object is changed by same DC, then version should be incremented
2011-01-21s4-smbtorture: make sure there is always driverextra data in spoolss devmode ↵Günther Deschner1-2/+10
size tests. Guenther
2011-01-21s4-smbtorture: add tests for the size member of spoolss devicemodes.Günther Deschner1-1/+5
Guenther
2011-01-21s4-smbtorture: prepare devicemode test for expected result tests.Günther Deschner1-9/+15
Guenther
2011-01-21s4-smbtorture: add some paranoia checks for 0 sized devmodes.Günther Deschner1-0/+15
Guenther
2011-01-20s4-auth Remove special case for account_sid from auth_serversupplied_infoAndrew Bartlett14-288/+257
This makes everything reference a server_info->sids list, which is now a struct dom_sid *, not a struct dom_sid **. This is in keeping with the other sid lists in the security_token etc. In the process, I also tidy up the talloc tree (move more structures under their logical parents) and check for some possible overflows in situations with a pathological number of sids. Andrew Bartlett
2011-01-20s4-gensec Add prototype for gensec_ntlmssp_init()Andrew Bartlett1-0/+2
Andrew Bartlett
2011-01-20libcli/auth move ntlmssp_wrap() and ntlmssp_unwrap() into common code.Andrew Bartlett1-123/+12
The idea here is to allow the source3/libads/sasl.c code to call this instead of the lower level ntlmssp_* functions. Andrew Bartlett
2011-01-20s4:selftest: mark samba4.nbt.winsreplication.owned as knownfailStefan Metzmacher1-0/+1
This sometimes fails on a busy server. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Thu Jan 20 09:29:12 CET 2011 on sn-devel-104
2011-01-20s4:selftest/skip: remove samba4.tokengroups.pythonStefan Metzmacher1-1/+0
metze
2011-01-20lib/util: add tests for anonymous_shared_allocate/free()Stefan Metzmacher2-1/+17
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Thu Jan 20 06:25:03 CET 2011 on sn-devel-104
2011-01-19s4-selftest Remove knownfail for tokengroups testAndrew Bartlett1-1/+0
The problem with this test (use of None rather than "" has been fixed) Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Wed Jan 19 23:56:31 CET 2011 on sn-devel-104
2011-01-19s4-dsdb Don't use None as the input to the GENSEC loop in tokengroups testAndrew Bartlett1-1/+1
The input to gensec.update() should always be a string. Andrew Bartlett
2011-01-19s4:selftest/skip: add samba4.tokengroups.pythonStefan Metzmacher2-1/+2
This fails randomly like this with an error (not a failure): [651/695 in 27m37s] samba4.tokengroups.python(dc) running client gensec_update UNEXPECTED(error): samba4.tokengroups.python(dc).__main__.TokenTest.test_pac_groups REASON: _StringException: _StringException: Content-Type: text/x-traceback;charset=utf8,language=python traceback 1E2 Traceback (most recent call last): File "/usr/lib/python2.6/dist-packages/testtools/runtest.py", line 128, in _run_user return fn(*args) File "/usr/lib/python2.6/dist-packages/testtools/testcase.py", line 368, in _run_test_method testMethod() File "/memdisk/tridge/flakey/b2413/source4/source4/dsdb/tests/python/token_group.py", line 142, in test_pac_groups (client_finished, client_to_server) = gensec_client.update(server_to_client) TypeError: expected a string 0 FAILED (0 failures and 1 errors in 0 testsuites) A summary with detailed information can be found in: ./st/summary test: running (/usr/bin/perl /memdisk/tridge/flakey/b2413/source4/source4/../selftest/selftest.pl --prefix=./st --builddir=. --srcdir=. --exclude=./selftest/skip --testlist="/usr/bin/python ./selftest/tests.py|" --exclude=./selftest/slow --socket-wrapper && touch ./st/st_done) | /usr/bin/python -u ../selftest/filter-subunit --expected-failures=./selftest/knownfail --fail-immediately | tee ./st/subunit | /usr/bin/python -u ../selftest/format-subunit --prefix=./st --immediate ERROR: test failed with exit code 1 metze
2011-01-19s4-dsdb Add PAC validation test to tokengroups test.Andrew Bartlett2-21/+79
This confirms that the groups obtained from a Kerberos PAC match those that a manual search of a target LDAP server would reveal. This should allow mixing of a KDC specified by krb5.conf to test Samba or Windows alternatly. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Wed Jan 19 13:13:48 CET 2011 on sn-devel-104
2011-01-19s4-pyauth Fix AuthContext wrapperAndrew Bartlett1-2/+13
2011-01-19s4-auth Allow NULL methods to be specified to auth_context_create_methods()Andrew Bartlett1-14/+3
This allows us to init an auth context that isn't going to do any NTLM authentication, but is used by other subsystems. Andrew Bartlett
2011-01-19s4-dsdb Add a test of the tokenGroups behaviour on the user's DN.Andrew Bartlett1-3/+21
Andrew Bartlett
2011-01-19s4-gensec Remove special case 'for SASL' that is not required any more.Andrew Bartlett1-13/+0
I've examined the code paths involved, and it appears an alternative fix has been made in the ldap_server/ldap_bind.c code, and there is no code path that uses this behaviour. Andrew Bartlett
2011-01-19pygensec: remove special case handling for None for buffersAndrew Tridgell2-36/+29
always returning a buffer makes life easier for callers Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-01-18s4:tls_tstream: also use a dynamic buffer for the pull sideStefan Metzmacher1-3/+12
Maybe that fixes the remaining issues with some gnutls versions. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Tue Jan 18 17:26:08 CET 2011 on sn-devel-104
2011-01-18s4:tls_tstream: fix partial reads, so that the gnutls layer doesn't read the ↵Stefan Metzmacher1-1/+6
same data twice metze
2011-01-18s4-tests: Added a test for correct inheritance of IO flagged ACEs.Nadezhda Ivanova1-0/+18
Autobuild-User: Nadezhda Ivanova <nivanova@samba.org> Autobuild-Date: Tue Jan 18 15:53:46 CET 2011 on sn-devel-104
2011-01-18s4-gensec Extend python bindings for GENSEC and the associated testAndrew Bartlett3-28/+275
This now tests a real GENSEC exchange, including wrap and unwrap, using GSSAPI. Therefore, it now needs to access a KDC. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Tue Jan 18 11:41:26 CET 2011 on sn-devel-104
2011-01-18s4-auth Extend python bindings to allow ldb and message to be specifiedAndrew Bartlett3-11/+61
This will allow for some more tokenGroups tests in future. Andrew Bartlett
2011-01-18s4-pygensec Fix indentation of py_gensec_start_mech_by_name()Andrew Bartlett1-11/+11
2011-01-18s4-torture Remove unused temp dirs from the RPC-PAC test.Andrew Bartlett1-9/+0
The code previously required the creation of a messaging context, but this isn't done any more, so we don't need the tmp dir to put it in. Andrew Bartlett
2011-01-18s4-pyldb Fix tp_basicsize for PyLdbDnAndrew Bartlett1-1/+1
This wasn't actually causing problems before, as the structures were the same size. Andrew Bartlett
2011-01-18s4-pygensec Add bindings for server_start() and update()Andrew Bartlett1-4/+96
2011-01-18s4-pyauth Add bindings for auth_context_create() as AuthContext()Andrew Bartlett2-1/+81
2011-01-18s4-pyauth Use py_talloc_get_type() for greater talloc binding safetyAndrew Bartlett2-12/+15
This does a talloc check of the returned pointer before casting it. Andrew Bartlett
2011-01-18s4-gensec Don't steal the auth_context, reference it.Andrew Bartlett2-6/+17
We don't want to steal this pointer away from the caller if it's been set up from python. Andrew Bartlett
2011-01-18s4-ldb_ldif: Take into account LDB_FLG_SHOW_BINARYKamen Mazdrashki1-1/+4
when user requires binary data to be displayed using samba user-friendly ldif handlers Found using following test search: bin/ldbsearch -H st/dc/private/sam.ldb -b "CN=Deleted Objects,DC=samba,DC=example,DC=com" \ "(objectGUID=97b52eac-6d89-434d-b935-1e5f2e086ffc)" replPropertyMetaData --show-deleted --show-binary Autobuild-User: Kamen Mazdrashki <kamenim@samba.org> Autobuild-Date: Tue Jan 18 00:40:01 CET 2011 on sn-devel-104
2011-01-18s4-ldb_ldif: Don't check for LDB_FLG_SHOW_BINARY in ldb_should_b64_encodeKamen Mazdrashki1-4/+0
LDB_FLG_SHOW_BINARY is data representation flag and should not modify behavior of data checking functions. This lead to a bug in lib/ldb/ldb_tdb/ldb_index.c as ltdb_index_key() function relies on ldb_should_b64_encode function to determine how to process index keys. Found using following test search: bin/ldbsearch -H st/dc/private/sam.ldb -b "CN=Deleted Objects,DC=samba,DC=example,DC=com" \ "(objectGUID=97b52eac-6d89-434d-b935-1e5f2e086ffc)" replPropertyMetaData --show-deleted --show-binary
2011-01-17s4-provision: Fixed owner/group for hard-coded Sites descriptor.Nadezhda Ivanova1-3/+1
We must not specify explicitly owner and group. As there is a difference between WIN_2003 and WIN_2008, we should let descriptor module compute the correct default ones. Also removed inherited ACEs, they are ignored during SD creation anyway. Autobuild-User: Nadezhda Ivanova <nivanova@samba.org> Autobuild-Date: Mon Jan 17 18:23:24 CET 2011 on sn-devel-104
2011-01-17s4-tools: Fixed a bug in ldapcmp - DACL was not retrieved correctly if the ↵Nadezhda Ivanova1-1/+4
object had no SACL. --Pair-Programmed-With: Zahari Zahariev
2011-01-17s4-tools: Added a --sort-aces option to ldapcmpNadezhda Ivanova1-6/+12
This option sorts the ACE lists during SD comparison in collision view to make it easier to determine of a difference is only in ACE order, and if not, where do differences start. Autobuild-User: Nadezhda Ivanova <nivanova@samba.org> Autobuild-Date: Mon Jan 17 14:09:09 CET 2011 on sn-devel-104
2011-01-17ldb: new ABI sigs fileAndrew Tridgell1-0/+248
Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Mon Jan 17 06:09:23 CET 2011 on sn-devel-104
2011-01-17s4-dsdb: replaced the calls to ldb_search() in dsdb modules with ↵Andrew Tridgell4-26/+32
dsdb_module_search() this ensures we follow the module stack, and set the parent on child requests
2011-01-17s4-dsdb: pass parent request to dsdb_module_*() functions Andrew Tridgell25-235/+335
this preserves the request hierarchy for dsdb_module_*() calls inside dsdb ldb modules Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-01-17ldb: added ldb_req_mark_trusted()Andrew Tridgell3-1/+14
this is used to mark a ldb child request trusted, if the caller has validated all inputs. This will be used when creating new child requests with trusted inputs. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-01-17ldb: inherit parent flags on child requests in modulesMatthias Dieter Wallnöfer1-0/+11
2011-01-17web_server: Display trivial placeholder page if SWAT could not be found.Jelmer Vernooij1-6/+19
Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Mon Jan 17 01:27:10 CET 2011 on sn-devel-104
2011-01-17web_server: Fix initialization.Jelmer Vernooij1-3/+6
2011-01-17web_server: Avoid references to swat. Load samba.web_server instead.Jelmer Vernooij2-8/+11
2011-01-17param: Load web service by default.Jelmer Vernooij1-1/+1
generated by cgit (git 2.34.1) at 2024-07-09 17:26:04 +0000