summaryrefslogtreecommitdiff
path: root/source4
AgeCommit message (Collapse)AuthorFilesLines
2009-08-06s4:heimdal: import lorikeet-heimdal-200908052208 (commit ↵Andrew Bartlett33-117/+31
370a73a74199a5a55188340906e15fd795f67a74) This removes some of the portability changes made to code under heimdal/ If these are still required, then we will re-add them with code under heimdal_build/ (so that we can simply 'drop in' future heimdal releases). Andrew Bartlett
2009-08-05s4:ldb Cosmetic corrections in "rdn_name" moduleMatthias Dieter Wallnöfer1-4/+4
2009-08-05changed BCC handling for SMBwriteX to handle broken MacOSX clientAndrew Tridgell1-13/+8
see bug #6610 The MacOSX SMB client sets the BCC value in SMBwriteX calls to zero instead of the correct size. Checking against WindowsXP, I've found that Windows uses the maximum of the computed buffer size and the given BCC value. I've changed Samba4 to do the same to allow MacOSX to work. I've limited this change to non-chained packets to ensure we don't get the possibility of exploits based on overlapping chained requests
2009-08-05on buffer overflow windows gives SMBSRV:ERRerror hereAndrew Tridgell1-1/+1
2009-08-05s4:torture The test logic for the target was wrong. This should correct it.Matthias Dieter Wallnöfer1-4/+4
2009-08-05s4:heimdal_build: define HEIMDAL_LOCALEDIRStefan Metzmacher1-0/+1
metze
2009-08-05s4:ldap_server: make sure we shutdown the tls socket before ↵Stefan Metzmacher1-0/+1
stream_terminate_connection() removes the fd event This fixes a crash bug where tls_destructor() relies on the fd event still being there. metze
2009-08-05s4:torture Remove some unwanted code in the LDAP test - hope this fixes up ↵Matthias Dieter Wallnöfer1-12/+0
the test failures
2009-08-05fixed a problem with group policy writes causing policy corruptionAndrew Tridgell3-4/+48
This bug was caused by two things: 1) in the unix ACL mapping, we were not taking into account group write permssions for the SEC_STD_DELETE flag 2) when a file is created using OVERWRITE mode, a fchmod() would fail if the user is not the file owner. We resolve that by only doing the fchmod() if the mapped file attribute does not match the desired file attribute
2009-08-05handle large directories in smb2_deltree()Andrew Tridgell1-36/+42
2009-08-05s4:heimdal: import lorikeet-heimdal-200908050050 (commit ↵Andrew Bartlett50-367/+1155
8714779fa7376fd9f7761587639e68b48afc8c9c) This also adds a new hdb-glue.c file, to cope with Heimdal's uncondtional enabling of SQLITE. (Very reasonable, but not required for Samba4's use). Andrew Bartlett
2009-08-05s4 now supports the large readx extensionAndrew Tridgell1-6/+11
2009-08-05fixed the sense of the pvfs_acl uwrap checkAndrew Tridgell1-1/+1
2009-08-05pyldb: Fix reference counting on ldb_message_elements, add extra typeJelmer Vernooij1-1/+9
check.
2009-08-05skip the readbraw tests if the server does not support itAndrew Tridgell1-0/+5
This allows the RAW-READ test to pass against w2k8
2009-08-05make the UID_WRAPPER skip checks at runtimeAndrew Tridgell3-9/+17
This fixes two issues pointed out by Andrew. It adds a runtime uwrap_enabled() call that wraps the skips needed for uid emulation. It also makes the skip in the directory_create_or_exist() function only change the uid checking code, not the permissions code
2009-08-05added a uid_wrapper libraryAndrew Tridgell9-3/+25
This library intercepts seteuid and related calls, and simulates them in a manner similar to the nss_wrapper and socket_wrapper libraries. This allows us to enable the vfs_unixuid NTVFS module in the build farm, which means we are more likely to catch errors in the token manipulation. The simulation is not complete, but it is enough for Samba4 for now. The major areas of incompleteness are: - no emulation of setreuid, setresuid or saved uids. These would be needed for use in Samba3 - no emulation of ruid changing. That would also be needed for Samba3 - no attempt to emulate file ownership changing, so code that (for example) tests whether st.st_uid matches geteuid() needs special handling
2009-08-05s4:ldb initialise e->values[i].length before use in python bindingsAndrew Bartlett1-1/+1
2009-08-05s4:dsdb Don't cast an ldb_val into a const char * for schema lookupsAndrew Bartlett5-52/+129
This removes a number of cases where we did a cast into a const char * of an ldb_val. While convention is to alway have an extra \0 at data[length] in the ldb_val, this is not required, and does not occour at least on build farm host 'svart'. Andrew Bartlett
2009-08-04s4: make install: prevent overwriting failureRusty Russell1-1/+1
We don't have to remove the eventual write privileges to enable the execute ones.
2009-08-04s4: Change my nested groups patch to don't include user's SID itself in the ↵Matthias Dieter Wallnöfer1-17/+24
"groupSID"s structure
2009-08-04s4:torture Make RPC-NETLOGON pass against ncaclrpc serversAndrew Bartlett1-122/+132
The original patch didn't cope with a NULL target server name - we now key off that to decide it isn't worth checking against LDAP for this host. I still can't get this to pass against Windows 2008, but mdw was testing against Windows 2008R2. at least 'make test' is happy, and the rest should not be too hard... Andrew Bartlett
2009-08-04Add constAndrew Bartlett1-1/+1
2009-08-04s4:ldif_handlers Allow a binary nTsecurityDescriptor when parsing LDIFAndrew Bartlett1-1/+17
Also allow a SDDL security descriptor, using the domain SID attached to the session (it will search for it during the LDIF parse if need be). Andrew Bartlett
2009-08-04s4:netlogon Fix warnings and segfault in GetDomainInfo callAndrew Bartlett1-4/+5
- Correctly use samdb_search_string to do a 'base' search (this needs a NULL, not a "" argument for the format string) - There is no need (and it caused a security hole) to use talloc_asprintf() with the only argument being the string to duplicate. Andrew Bartlett
2009-08-04Merge branch 'master' of ssh://git.samba.org/data/git/sambaAndrew Tridgell5-11/+163
2009-08-04fixed support for readx greater than 64kAndrew Tridgell2-3/+4
This fixes bug 6547, where smbclient in S3 reads more than 64k at a time with readx.
2009-08-04s4:torture rework LDAP sort testAndrew Bartlett4-79/+45
This reworks the test to be part of the LDAP tests, to make better use of the torture API and the ldb API (in particular around adding controls), and a general cleanup. This also adds the test to the 'make test' run. Andrew Bartlett
2009-08-04s4:torture Add test for correct server-side sorting over LDAPMatthieu Patou3-3/+194
2009-08-04Use smbclient binary for the test file in smbclient testAndrew Bartlett1-7/+2
In the vein hope that a larger file might show problems better than a small file. Andrew Bartlett
2009-08-04param/pyparam: Cope with string list parameters being empty.Ricardo Jorge1-1/+7
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
2009-08-04python/loadparm: Get shares listing working.Ricardo Jorge1-5/+6
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
2009-08-04pyldb: Properly keep copies of Python string contents, rather thanJelmer Vernooij1-9/+21
relying on reference leaks :-)
2009-08-04s4-ldap_server: fix generated error string in map_ldb_error().Günther Deschner1-1/+1
Guenther
2009-08-03pyldb: Raise proper exception when attempting to assign a string to a dnJelmer Vernooij2-5/+24
attribute.
2009-08-03s4: Change constant to comply with the merged buildMatthias Dieter Wallnöfer1-1/+1
2009-08-03s4: Torture test for enhancements in "netr_LogonGetDomainInformations" callMatthias Dieter Wallnöfer1-26/+275
This corrects and enhances the torture test of the mentioned call.
2009-08-03s4: Enhancements in the "netr_LogonGetDomainInformations" callMatthias Dieter Wallnöfer1-65/+194
This addresses bug #4888 and #6596 in SAMBA 4 Bugzilla - It implements the call in the complete form as specified in the MSPP/WSPP docs and on the discussion on the "cifs-protocol" list - Therefore client informations (OS name, OS version, "servicePrincipalName"...) are now saved in the AD each time the client invokes the call
2009-08-03Return infinite time for last last logoff when last logoff = 0Matthieu Patou3-2/+18
2009-07-31s4: Correct renamed constantsMatthias Dieter Wallnöfer2-6/+6
2009-07-31s4: Adds a small test for the new enhanced error messages from the AD LDAP ↵Matthias Dieter Wallnöfer1-4/+183
server
2009-07-31s4: Enhances the LDAP server to display error messages like Windows ServerMatthias Dieter Wallnöfer1-27/+178
Those error messages also include the WERROR code of the failed operation(s) in this manner: <error code eight chars in HEX>: <further error message> This also addresses bug #4949
2009-07-31Adds new error codes (needed for enhancing error messages for SAMBA 4 AD ↵Matthias Dieter Wallnöfer1-1/+1
LDAP server)
2009-07-31s4:libcli/ldap: the tls code steals the original socket on its own nowStefan Metzmacher1-3/+0
metze
2009-07-31s4:ldap_server: the tls code steals the original socket on its own nowStefan Metzmacher2-2/+2
metze
2009-07-31s4:tls: avoid using talloc_reference() in tls_init_client()Stefan Metzmacher1-6/+2
metze
2009-07-31s4:tls: avoid using talloc_reference() in tls_init_server()Stefan Metzmacher1-8/+1
metze
2009-07-31s4:libnet: use talloc_strdup() instead of talloc_reference()Stefan Metzmacher2-2/+2
metze
2009-07-31s4:build: make sure that we regenerate proto headers when source files changeStefan Metzmacher1-0/+2
metze
2009-07-31s4:auth: make sure we have elements returned at all in ↵Stefan Metzmacher1-0/+6
authsam_expand_nested_groups() metze