summaryrefslogtreecommitdiff
path: root/source4
AgeCommit message (Collapse)AuthorFilesLines
2013-08-05s4:netlogon: make use of netlogon_creds_decrypt_samlogon_logon()Stefan Metzmacher1-22/+6
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05s4:librpc: fix netlogon connections against servers without AES supportStefan Metzmacher1-2/+6
LogonGetCapabilities() only works on the credential chain if the server supports AES, so we need to work on a temporary copy until we know the server replied a valid return authenticator. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05libcli/auth: also set secure channel type in netlogon_creds_client_init().Günther Deschner5-0/+8
Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05s4:ntlm_auth: make use of cli_credentials_[set_]callback_data*Stefan Metzmacher1-4/+6
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-05s4:torture/rpc: make use of cli_credentials_set_netlogon_creds()Stefan Metzmacher1-20/+16
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-05s4:torture/gentest: make use of cli_credentials_get_username()Stefan Metzmacher1-1/+2
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-05s4:torture/shell: simplify cli_credentials_set_password() callStefan Metzmacher1-4/+1
All we want is to avoid a possible callback... Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-07-30dsdb: Include MS-ADTS doc references on deleted object contstraintsAndrew Bartlett1-0/+16
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-07-30dsdb tests: Add member/memberOf checking to delete_objects testingAndrew Bartlett1-21/+257
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
2013-07-30dsdb: Improve DRS deleted link source/target handing in repl_meta_dataAndrew Bartlett1-8/+97
We now correctly ignore the link updates if the source or target is deleted locally. This fixes the long-standing failure in the vampire_dc dbcheck test. Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
2013-07-30dsdb: Ensure we always force deleted objects back under the deleted objects DNAndrew Bartlett1-26/+65
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-07-30dsdb/repl_meta_data: split out replmd_deletion_state()Stefan Metzmacher1-31/+71
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-07-30dsdb: Prune deleted objects of links and extra attributes of replicated deletesAndrew Bartlett1-71/+199
When an object is deleted, the links to be removed are not propogated, you have to watch out for them manually! We do this by calling back into the originating update delete code (ie what is called if you ldb_delete() locally) so that any extra attribute found locally and not on the remote server becomes removed remotely too. We currently do the same with links, but that isn't strictly correct, but for now our getNCChanges server code filters these out, so only the usn is bumped. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-07-29dns: Update TODO listKai Blin1-8/+5
A lot of the todo items have been resolved, avoid confusing people. Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Mon Jul 29 09:12:17 CEST 2013 on sn-devel-104
2013-07-25torture/drs: Expand an error message to aid debuggingAndrew Bartlett1-1/+1
Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Thu Jul 25 13:51:44 CEST 2013 on sn-devel-104
2013-07-25dsdb/samdb: use RECYCLED it implies DELETED...Stefan Metzmacher2-3/+3
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2013-07-24rpc_server-drsuapi: Improve comments and DEBUG linesAndrew Bartlett1-4/+3
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-07-24dsdb: Add assert in drepl_take_FSMO_roleAndrew Bartlett1-4/+3
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
2013-07-24dsdb-ridalloc: Rework ridalloc to return error strings where RID allocation ↵Andrew Bartlett1-15/+41
fails We now also only poke the RID manager once per request. This may help track down why RID allocation can fail, as while we never wait for the RID set to be created/updated, it may be the only clue the admin gets as to why the async allocations were failing. Andrew Bartlett Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-07-24dsdb: Rework subtree_rename module to use recursive LDB_SCOPE_ONELEVEL searchesAndrew Bartlett2-104/+99
This should be more efficient, particularly in the leaf node case when renaming and deleting entries on large databases. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-07-24dsdb-descriptor: Do not do a subtree search unless we have child entriesAndrew Bartlett1-1/+32
This avoids a subtree search here in most cases where an object is deleted. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-07-24s4-lib/socket: Allocate a the larger sockaddr_un and not just a sockaddr_in ↵Stefan Metzmacher1-2/+2
in unixdom_get_my_addr() This caused crashes in _tsocket_address_bsd_from_sockaddr() when we read past the end of the allocation. (similar to commit e9ae36e9683372b86f1efbd29904722a33fea083) Bug: https://bugzilla.samba.org/show_bug.cgi?id=10042 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Jul 24 14:37:43 CEST 2013 on sn-devel-104
2013-07-23s4-lib/socket: Allocate a the larger sockaddr_un and not just a sockaddr_in ↵Andrew Bartlett1-2/+2
in unixdom_get_peer_addr() This caused crashes in _tsocket_address_bsd_from_sockaddr() when we read past the end of the allocation. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-07-19Add torture tests to raw.eas to check sending Windows invalid names in the ↵Jeremy Allison1-0/+114
middle of an EA list. Add torture tests to probe the set of invalid Windows EA names. Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing ":" Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri Jul 19 11:50:25 CEST 2013 on sn-devel-104
2013-07-17Fix bug 10025 - Lack of Sanity Checking in calls to malloc()/calloc().Bill Parker2-0/+11
In reviewing various files in Samba-4.0.7, I found a number of instances where malloc()/calloc() were called without the checking the return value for a value of NULL, which would indicate failure. (NB. The changes needed to ccan, iniparser, popt and heimdal will be reported upstream, not patched inside Samba). Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Simo Source <idra@samba.org>
2013-07-10s4:server: avoid calling into nss_winbind from within 'samba'Stefan Metzmacher1-0/+7
The most important part is that the 'winbind_server' doesn't recurse into itself. This could happen if the krb5 libraries call getlogin(). As we may run in single process mode, we need to set _NO_WINBINDD=1 everywhere, the only exception is the forked 'smbd'. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed Jul 10 23:18:06 CEST 2013 on sn-devel-104
2013-07-10s4:rpc_server: make sure we don't terminate a connection with pending ↵Stefan Metzmacher2-3/+60
requests (bug #9820) Sadly we may have nested event loops, which won't work correctly with broken connections, that's why we have to do this... Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed Jul 10 08:47:38 CEST 2013 on sn-devel-104
2013-07-10s4-winbindd: Do not terminate a connection that is still pending (bug #9820)Andrew Bartlett3-2/+64
Instead, wait until the call attempts to reply, and let it terminate then (often this happens in the attempt to then write to the broken pipe). Andrew Bartlett Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-07-10service_stream: Log if the connection termination is deferred or not (bug #9820)Andrew Bartlett1-1/+5
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-07-04dsdb-ridalloc: Fix RID pools - RID numbers increase too quicklyAndrew Bartlett1-1/+2
A patch by Cove Schneider <cove_s@yahoo.com> who reports: I noticed that the RID numbers seem to increase incrementally, then will suddenly jump by 124501. Unless I'm misunderstanding, shouldn't RID pool allocations just be 500 at a time? e.g. Adding accounts one after another on a single test instance here's how they're incrementing (from 4.0.6): 1596 1597 1598 1599 126100 126101 126102 ... 126599 251100 ... 251599 376100 ... The problem is that this complicates using sssd's AD integration, as that it doesn't expect the RIDs to increase in a single domain so quickly. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Thu Jul 4 20:13:05 CEST 2013 on sn-devel-104
2013-07-03Make the output of the crackname script more readableMatthieu Patou1-4/+4
Signed-off-by: Matthieu Patou <mat@matws.net> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Jul 3 23:17:57 CEST 2013 on sn-devel-104
2013-07-02torture: Don't segfault in smb2.session on error.Andreas Schneider1-1/+1
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-07-02torture: Don't segfault in raw.session on error.Andreas Schneider1-1/+1
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-07-02torture: Fix comparsion of uninitalized bytes.Andreas Schneider1-0/+2
As we compare string make sure we have the null terminator. Found by valgrind. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-07-01smbtorture: Make cracksname easier to debug by outputing the offered formatMatthieu Patou1-18/+49
Reviewed-By: Jelmer Vernooij <jelmer@samba.org> Signed-off-by: Matthieu Patou <mat@matws.net> Autobuild-User(master): Matthieu Patou <mat@samba.org> Autobuild-Date(master): Mon Jul 1 11:22:57 CEST 2013 on sn-devel-104
2013-06-30Fix a missing parenthesis in the LDAP search requestMatthieu Patou1-1/+1
Signed-off-by: Matthieu Patou <mat@matws.net> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Sun Jun 30 13:34:13 CEST 2013 on sn-devel-104
2013-06-25heimdal_build: Add missing dep on samba4kgetcredAndrew Bartlett1-1/+1
This started to fail on current Debian Sid with system Heimdal after a binutils update. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-By: Jelmer Vernooij <jelmer@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Tue Jun 25 02:30:59 CEST 2013 on sn-devel-104
2013-06-24torture: Add tests for LDAP substring search with no strings providedAndrew Bartlett1-0/+110
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Mon Jun 24 23:55:07 CEST 2013 on sn-devel-104
2013-06-24lsa4: Fix a set but unused variable warningSimo Sorce1-2/+12
Also insure that we exit immediately on any error. Signed-off-by: Volker Lendecke <vl@samba.org> Signed-off-by: Simo Sorce <idra@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Mon Jun 24 12:17:52 CEST 2013 on sn-devel-104
2013-06-21lsa4: Fix a set but unused variable warningVolker Lendecke1-2/+0
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-06-21lsa4: Remove an unused variableVolker Lendecke1-3/+0
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-06-21lsa4: Remove an unused variableVolker Lendecke1-3/+0
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-06-21lsa4: Remove an unused variableVolker Lendecke1-3/+0
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-06-21Fix some blank line endingsVolker Lendecke1-292/+287
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Fri Jun 21 19:57:06 CEST 2013 on sn-devel-104
2013-06-21dns: Fix CID 1034969 Uninitialized scalar variableVolker Lendecke1-1/+1
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-By: Amitay Isaacs <amitay@gmail.com> Autobuild-User(master): Amitay Isaacs <amitay@samba.org> Autobuild-Date(master): Fri Jun 21 17:32:16 CEST 2013 on sn-devel-104
2013-06-20s4-winbind: Add special case for BUILTIN domainAndrew Bartlett3-20/+37
This should mean that lookups for the BUILTIN domain cause less trouble then they have in the past, because they will no longer go via the trusted domain handler. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Thu Jun 20 15:30:00 CEST 2013 on sn-devel-104
2013-06-20Fix bug #9166 - Starting smbd or nmbd with stdin from /dev/null results in ↵Jeremy Allison1-3/+14
"EOF on stdin" Only install the stdin handler if it's a pipe or fifo. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-06-19build: Build with system md5.h on OpenIndianaAndrew Bartlett9-14/+14
This changes (again...) our system md5 detection to cope with how OpenIndiana does md5. I'm becoming increasingly convinced this isn't worth our while (we should have just done samba_md5...), but for now this change seems to work on FreeBSD, OpenIndiana and Linux with libbsd. This needs us to rename struct MD5Context -> MD5_CTX, but we provide a config.h define to rename the type bad if MD5_CTX does not exist (it does however exist in the md5.h from libbsd). Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Jun 19 21:32:36 CEST 2013 on sn-devel-104
2013-06-13dsdb: remove a wrong comment in dsdb_check_access_on_dn_internal()Stefan Metzmacher1-4/+1
Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Thu Jun 13 18:19:24 CEST 2013 on sn-devel-104
2013-06-13dsdb: don't allow a missing nTSecurityDescriptor in ↵Stefan Metzmacher1-3/+3
dsdb_get_sd_from_ldb_message() Every object has a nTSecurityDescriptor attribute. This also avoids potential segfaults in the callers. Signed-off-by: Stefan Metzmacher <metze@samba.org>