Age | Commit message (Collapse) | Author | Files | Lines |
|
This is a much better solution than we had before - so all important DN
checks are enforced for each type of LDB database (and not limited to DSDB).
Many "ldb_dn_validate" checks will now become obsolete.
Reviewed by: Tridge
|
|
Reviewed by: Tridge
|
|
Reviewed by: Tridge
|
|
building smbtorture4 with configure --disable-shared failed
with an error that ldb.h could not be found
Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org>
Reviewed by: Tridge
|
|
This should test the non proxy rodc kdc path.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Fri Mar 4 22:06:10 CET 2011 on sn-devel-104
|
|
By having kdc_tcp_proxy_send/recv(), which just asks any writeable
dc for a reponse blob, we simplify the interaction between
client-local and local-writeable sockets.
This allows us to make kdc_socket, kdc_process_fn_t, kdc_tcp_call and kdc_tcp_socket
private to kdc.c again.
metze
|
|
By having kdc_udp_proxy_send/recv(), which just asks any writeable
dc for a reponse blob, we simplify the interaction between
client-local and local-writeable sockets.
This allows us to make kdc_udp_call and kdc_udp_socket private to
kdc.c again.
metze
|
|
metze
|
|
Bit shifting is non-trivial in C:-)
This
int32_t a = 0x12340000;
uint32_t b = (a >> 16);
results in 0x00001234, but this
int32_t a = 0xEDCB0000;
uint32_t b = (a >> 16);
results in 0xFFFFEDCB, while we expected 0x0000EDCB.
metze
|
|
tgs_parse_request() and _kdc_tgs_rep()
metze
|
|
Reviewed by: Tridge
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Fri Mar 4 09:39:22 CET 2011 on sn-devel-104
|
|
Not all LDB databases have further DN checks.
Reviewed by: Tridge
|
|
I've forgotten this in my first patchset.
Reviewed by: Tridge
|
|
We should rather try to let the LDB modules perform these checks
otherwise different backends behaviour differently.
Reviewed by: Tridge
|
|
is invalid
ERR_INVALID_DN_SYNTAX fits better than ERR_OPERATION_ERROR in this case. This
one gets triggered if we perform "add" requests without the LDAP server.
Reviewed by: Tridge
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Wed Mar 2 18:38:58 CET 2011 on sn-devel-104
|
|
Guenther
|
|
Guenther
|
|
This was already done in repl_meta_data, but it needs to be done here
as well to cope with Windows 2000 level links.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Wed Mar 2 02:03:58 CET 2011 on sn-devel-104
|
|
Reviewed by: Jelmer
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Tue Mar 1 17:57:47 CET 2011 on sn-devel-104
|
|
This is needed to complete the transition from "samdb_msg_add_string" to
"ldb_msg_add_string".
And this patch yields better NTSTATUS error results than before
(INVALID_PARAMETER rather than OUT_OF_MEMORY).
Reviewed-by: Jelmer
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Tue Mar 1 14:42:15 CET 2011 on sn-devel-104
|
|
The SPN attribute could derive from an untrusted source (client).
Reviewed-by: Jelmer
|
|
It is defined as LDAP syntax 2.5.5.9 so no need at all to treat it as
64-bit integer.
Reviewed by: Kamenim and Metze
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Tue Mar 1 12:46:15 CET 2011 on sn-devel-104
|
|
This isn't used anymore.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
This isn't needed anymore and will be substituted by
"ldb_msg_add_string".
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
Add this in order to allow the "ADD_OR_DEL" macros to work.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
This call can be substituted by "ldb_msg_add_string". We only need to be
careful on local objects or talloc'ed ones which live shorter than the message.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
This is the s3 debug system, with a number of changes to tidy it up
for common use. The debug class system is simplified by the removal of the
ISSET table, the system no longer attempts to cope with assignment of
DEBUGLEVEL, and the full class table is always available (rather than
just DEBUGLEVEL_CLASS[DBCG_ALL]) from startup. It is also no longer
confusingly described as a hack, but as the initial table.
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Mar 1 04:32:12 CET 2011 on sn-devel-104
|
|
This will allow a modified version of the s3 debug system to be the
new common debug system.
Andrew Bartlett
|
|
Working schema cache will be used to convert replicated Schema objects
again later, i.e. used as reference, so we don't need to resolve all
attribute OIDs for working Schema cache to be usable.
Autobuild-User: Kamen Mazdrashki <kamenim@samba.org>
Autobuild-Date: Tue Mar 1 03:45:16 CET 2011 on sn-devel-104
|
|
We don't need all object attributes resolved and converted for a working
schema to be functional.
|
|
during replicated object convert stage.
The problem is that we may have loops in schema graph and we can't
resolve those loops in just one pass. Ignoring some attributes
conversion will allow us to have a functional schema cache that we
can use later to resolve all attribute OIDs on another pass
|
|
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Mon Feb 28 23:30:06 CET 2011 on sn-devel-104
|
|
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Mon Feb 28 21:57:16 CET 2011 on sn-devel-104
|
|
against system tdb.
|
|
building against
system tdb.
|
|
|
|
Autobuild-User: Kamen Mazdrashki <kamenim@samba.org>
Autobuild-Date: Sun Feb 27 00:10:45 CET 2011 on sn-devel-104
|
|
|
|
|
|
DCs synchronization is moved to the test case setUp method
as there is no guarantee for the order of execution of tests
in a test case - thus netReplicateCmd may be executed after
ReplicateDeleteOjbect test
|
|
This allows us to remove the patch that prevents the test failure.
Also pass 'forced' flag to samba-tool drs replicate command, otherwise
DsReplicaSync will fail with 'replication not permitted' error
|
|
can re-use them
|