Matthias Dieter Wallnöfer [Sat, 3 Jul 2010 09:07:10 +0000 (11:07 +0200)]
s4:dsdb/tests/passwords.py - set and reset the "minPwdAge" properly
After a patch proposal of Nadya and some reflection I think that it's really
worth to change all tests which need a "0" "minPwdAge" to set it manually and
reset the default afterwards.
So we can finally introduce the default "minPwdAge" on provision.
Patch proposal by: Nadya Ivanova
Nadezhda Ivanova [Fri, 2 Jul 2010 13:38:05 +0000 (16:38 +0300)]
Tests for user-change-password and force-password-change access rights
Günther Deschner [Fri, 2 Jul 2010 11:08:00 +0000 (13:08 +0200)]
s3-net: forgot to set type in winreg getvalue operation.
Guenther
Anatoliy Atanasov [Fri, 2 Jul 2010 08:39:39 +0000 (11:39 +0300)]
s4/schema: remove unnecessary deletion of dsdb_schema cached pointer
This is needed so we can find and free old schemas based using
the cached pointer
Günther Deschner [Thu, 1 Jul 2010 09:22:20 +0000 (11:22 +0200)]
s3-registry: remove 2 byte winreg type limitation.
We already pull and push 4 byte winreg type in the registry.tdb, we were just
not using full 4 bytes within the reg_object functions.
With this change we finally pass the set extended value torture test.
Guenther
Günther Deschner [Thu, 1 Jul 2010 13:50:58 +0000 (15:50 +0200)]
s3-registry: allow to read NULL entries (that we allow to store) back from the tdb.
Guenther
Günther Deschner [Thu, 1 Jul 2010 01:04:39 +0000 (03:04 +0200)]
s4-smbtorture: enable extended SetValue test against Samba3.
Guenther
Günther Deschner [Thu, 1 Jul 2010 00:57:19 +0000 (02:57 +0200)]
s3-registry: remove unused reg_util_marshalling code.
Guenther
Günther Deschner [Tue, 29 Jun 2010 14:13:15 +0000 (16:13 +0200)]
s3-registry: avoid using registry_value union.
Just pull and push data as is.
Guenther
Andrew Tridgell [Fri, 2 Jul 2010 01:39:28 +0000 (11:39 +1000)]
s4-ldb: fixed error handling in openldap backend
fixed several bugs in error handling. the ldb context was used without
being initialised in the error paths, and several error paths did not
set an ldb error string.
Andrew Tridgell [Fri, 2 Jul 2010 01:37:50 +0000 (11:37 +1000)]
s4-ldb: fixed the parsing of references in the openldap backend
We need to use ldap_parse_reference() not ldap_parse_result()
Andrew Tridgell [Wed, 30 Jun 2010 03:49:05 +0000 (13:49 +1000)]
s4-dsdb: fixed use after free of sasl mechanisms opaque
the supportedSASLMechanisms opaque must live for at least as long as
the ldb, or we can crash when the first connection is torn down
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Wed, 30 Jun 2010 03:47:29 +0000 (13:47 +1000)]
s4-dsdb: fixed spelling of supportedSASLMechanisms
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Wed, 30 Jun 2010 13:25:32 +0000 (23:25 +1000)]
s4:dsdb Ensure we free old schema copies
It was reported by aatanasov that we kept around one whole schema per
modification made. This does not fix that, but I hope moves us closer
to a fix
The most important part of the fix is that:
- if (schema_out != schema_in) {
- talloc_unlink(schema_in, ldb);
- }
was the wrong way around. This is now handled in the schema_set calls.
Andrew Bartlett
Kamen Mazdrashki [Thu, 1 Jul 2010 20:47:02 +0000 (23:47 +0300)]
s4/dsdb: Assert DSDB_FLAG_*_MODULE is always passed in function call
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Kamen Mazdrashki [Mon, 28 Jun 2010 18:29:05 +0000 (21:29 +0300)]
s4-source4/dsdb/samdb/ldb_modules/util.c Use DSDB_FLAG_NEXT_MODULE flag
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Kamen Mazdrashki [Mon, 28 Jun 2010 18:28:46 +0000 (21:28 +0300)]
s4-source4/dsdb/samdb/ldb_modules/subtree_delete.c: Use DSDB_FLAG_NEXT_MODULE flag
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Kamen Mazdrashki [Mon, 28 Jun 2010 18:28:30 +0000 (21:28 +0300)]
s4-source4/dsdb/samdb/ldb_modules/schema_load.c: Use DSDB_FLAG_NEXT_MODULE flag
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Kamen Mazdrashki [Mon, 28 Jun 2010 18:28:10 +0000 (21:28 +0300)]
s4-source4/dsdb/samdb/ldb_modules/samldb.c: Use DSDB_FLAG_NEXT_MODULE flag
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Kamen Mazdrashki [Mon, 28 Jun 2010 18:27:51 +0000 (21:27 +0300)]
s4-source4/dsdb/samdb/ldb_modules/samba3sid.c: Use DSDB_FLAG_NEXT_MODULE flag
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Kamen Mazdrashki [Mon, 28 Jun 2010 18:27:32 +0000 (21:27 +0300)]
s4-source4/dsdb/samdb/ldb_modules/rootdse.c: Use DSDB_FLAG_NEXT_MODULE flag
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Kamen Mazdrashki [Mon, 28 Jun 2010 18:26:53 +0000 (21:26 +0300)]
s4-source4/dsdb/samdb/ldb_modules/ridalloc.c: Use DSDB_FLAG_NEXT_MODULE flag
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Kamen Mazdrashki [Mon, 28 Jun 2010 18:26:07 +0000 (21:26 +0300)]
s4-source4/dsdb/samdb/ldb_modules/repl_meta_data.c: Use DSDB_FLAG_NEXT_MODULE flag
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Kamen Mazdrashki [Mon, 28 Jun 2010 18:25:28 +0000 (21:25 +0300)]
s4-dsdb/samdb/ldb_modules/linked_attributes.c: make use of DSDB_FLAG_NEXT_MODULE flag
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Kamen Mazdrashki [Mon, 28 Jun 2010 18:07:51 +0000 (21:07 +0300)]
s4/dsdb: Add DSDB_FLAG_NEXT_MODULE flag
Although it is not currently used in implementation,
my intention is for callers to clearly state what
action they want to execute.
Currently when a caller wants to pass the call to the next
module in the chain, this flag is either omitted or 0 is used
(which is somewhat hacky, isn't it)
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Simo Sorce [Thu, 1 Jul 2010 21:47:46 +0000 (17:47 -0400)]
s3:auth Fix switch statement referencing a uninitialized variable
Looking at the original commit (
9a747d500fad699038ecf75615c680a9fd9e4cc7)
this seem the right solution.
Andrew please check.
Günther Deschner [Wed, 30 Jun 2010 22:44:15 +0000 (00:44 +0200)]
s3-nss_info: only include nss_info.h where needed.
Guenther
Günther Deschner [Wed, 30 Jun 2010 21:48:34 +0000 (23:48 +0200)]
s3-libads: move ldap posix schema defines to their own header file.
Guenther
Günther Deschner [Wed, 30 Jun 2010 21:47:03 +0000 (23:47 +0200)]
s3-libads: move spnego defines to their appropriate header file.
Guenther
Günther Deschner [Wed, 30 Jun 2010 21:38:57 +0000 (23:38 +0200)]
s3-libads: only include libds flags where needed.
Guenther
Günther Deschner [Wed, 30 Jun 2010 21:20:22 +0000 (23:20 +0200)]
s3-libads: move keytab macros out of ads.h.
Guenther
Günther Deschner [Wed, 30 Jun 2010 20:36:40 +0000 (22:36 +0200)]
s3-libads: move ads_dns out of main includes.
Guenther
Günther Deschner [Mon, 31 May 2010 10:51:58 +0000 (12:51 +0200)]
s3-libads: move ads_status to a separate header file.
Guenther
Günther Deschner [Mon, 31 May 2010 10:51:29 +0000 (12:51 +0200)]
s3-libads: move ads_protos.h to ads_ldap_protos.h.
Guenther
Günther Deschner [Thu, 1 Jul 2010 21:15:13 +0000 (23:15 +0200)]
s3-waf: fix the build after smbd/change_trust_pw.c removal.
Guenther
Günther Deschner [Thu, 3 Jun 2010 17:05:43 +0000 (19:05 +0200)]
tdb: fix the build on mac os x 10.6.4.
Guenther
Günther Deschner [Wed, 30 Jun 2010 23:19:39 +0000 (01:19 +0200)]
s3-libnet_join: small IDL enhancement.
Guenther
Günther Deschner [Wed, 30 Jun 2010 21:09:05 +0000 (23:09 +0200)]
s3-libads: use shared well known guids.
Guenther
Günther Deschner [Wed, 30 Jun 2010 20:32:00 +0000 (22:32 +0200)]
s3-libads: move KRB5_ENV_CCNAME to separate header krb5_env.h.
Guenther
Matthias Dieter Wallnöfer [Thu, 1 Jul 2010 15:23:01 +0000 (17:23 +0200)]
s4:dsdb/tests/python/passwords.py - add the right result codes for user password changes
They will be enabled once the ACL modules supports it. It was my fault to not
import them earlier.
Matthias Dieter Wallnöfer [Thu, 1 Jul 2010 14:35:12 +0000 (16:35 +0200)]
s4:lib/registry/ldb.c - free some "msg" objects earlier through explicit "talloc_free"s
No other functional change
Matthias Dieter Wallnöfer [Tue, 29 Jun 2010 14:10:32 +0000 (16:10 +0200)]
s4:registry - move some common constraint checks to the "local" backend
They should also be enforced when we don't use "ldb".
Matthias Dieter Wallnöfer [Tue, 29 Jun 2010 16:27:49 +0000 (18:27 +0200)]
s4:lib/registry/tests/registry.c - test recursive key generation
Matthias Dieter Wallnöfer [Tue, 29 Jun 2010 16:08:47 +0000 (18:08 +0200)]
s4:registry - on key add operations we have to handle with paths not always only a name
Recursive key generations are allowed.
Matthias Dieter Wallnöfer [Tue, 29 Jun 2010 13:45:37 +0000 (15:45 +0200)]
s4:lib/registry/local.c - support recursive key generation
Code taken from "local_open_key".
Matthias Dieter Wallnöfer [Thu, 24 Jun 2010 19:12:19 +0000 (21:12 +0200)]
s4:lib/registry/ldb.c - refactor "reg_path_to_ldb"
This makes it easier to understand and would also support splitting in more
DN components.
Matthias Dieter Wallnöfer [Tue, 29 Jun 2010 15:37:45 +0000 (17:37 +0200)]
s4:lib/registry/ldb.c - use "ldb_path" rather than "ldap_path" as LDB key varibale identifiers
Matthias Dieter Wallnöfer [Tue, 29 Jun 2010 13:52:19 +0000 (15:52 +0200)]
s4:lib/registry/ldb.c - "ldb_add_key" - fix talloc handling
- free "msg" when possible
- prevent "talloc_strdup"s where not necessary
Günther Deschner [Thu, 1 Jul 2010 11:46:55 +0000 (13:46 +0200)]
s3-printing: Fix Bug #7541, %D in "printer admin" causing smbd crash.
Guenther
Günther Deschner [Wed, 30 Jun 2010 23:22:11 +0000 (01:22 +0200)]
s3-registry: fix malloc/talloc mismatch upon free in reg_enumvalue().
Guenther
Günther Deschner [Wed, 30 Jun 2010 15:13:42 +0000 (17:13 +0200)]
s4-smbtorture: in extended setvalue winreg test, reduce max random buffer length to 16 bytes.
Guenther
Günther Deschner [Wed, 30 Jun 2010 11:25:28 +0000 (13:25 +0200)]
s3-docs: try to make "default case" explanation a little clearer.
Guenther
Günther Deschner [Wed, 30 Jun 2010 10:10:55 +0000 (12:10 +0200)]
s3-libsmb: move change_trust_account_password out of smbd into libsmb.
Guenther
Günther Deschner [Wed, 30 Jun 2010 00:07:15 +0000 (02:07 +0200)]
s4-smbtorture: enable QueryMultipleValues{2} torture tests against samba3.
Guenther
Günther Deschner [Wed, 30 Jun 2010 14:31:46 +0000 (16:31 +0200)]
s3-winreg: implement _winreg_QueryMultipleValues().
Guenther
Günther Deschner [Wed, 30 Jun 2010 00:03:27 +0000 (02:03 +0200)]
s3-winreg: implement _winreg_QueryMultipleValues2().
Guenther
Günther Deschner [Wed, 30 Jun 2010 00:02:43 +0000 (02:02 +0200)]
s3-registry: add reg_querymultiplevalues() to reg_api.
Guenther
Günther Deschner [Wed, 30 Jun 2010 15:13:14 +0000 (17:13 +0200)]
s4-smbtorture: add some more multiple_values_tests to RPC-WINREG.
Guenther
Stefan Metzmacher [Wed, 30 Jun 2010 09:09:10 +0000 (11:09 +0200)]
s4:dsdb: move dsdb python tests from lib/ldb/ to dsdb/
metze
Stefan Metzmacher [Wed, 30 Jun 2010 08:57:37 +0000 (10:57 +0200)]
s4:ldb/python: make it possible to run tests standalone
metze
Andreas Schneider [Wed, 30 Jun 2010 08:19:07 +0000 (10:19 +0200)]
libcli: Fixed a build warning for a missing prototype.
Matthias Dieter Wallnöfer [Wed, 30 Jun 2010 07:37:08 +0000 (09:37 +0200)]
s4:auth/session.c - suppress a warning when freeing "group_string"
Anatoliy Atanasov [Thu, 24 Jun 2010 17:48:07 +0000 (20:48 +0300)]
s4:schema/schema_set.c - free LDB message diffs
Especially the "free"s after "ldb_msg_diff" are very important since the diff
message is allocated on the long-living LDB context.
Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org>
Anatoliy Atanasov [Thu, 24 Jun 2010 17:48:07 +0000 (20:48 +0300)]
s4:auth/session.c - free "group_string" when not needed
Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org>
Andrew Bartlett [Wed, 30 Jun 2010 00:20:11 +0000 (10:20 +1000)]
s4:dsdb Fix possible schema segfaults for DRS-replication based schema
The problem here is that if the schema has been modified on the source
domain, there may be attributes that appear over DRS with 0 values (to
indicate that any existing values on the target should be deleted).
This would confuse the previous version of this macro.
Andrew Bartlett
Günther Deschner [Tue, 29 Jun 2010 21:35:45 +0000 (23:35 +0200)]
s4-smbtorture: remove duplicate torture_assert_sid_equal macro.
Guenther
Günther Deschner [Tue, 29 Jun 2010 21:10:47 +0000 (23:10 +0200)]
s4-smbtorture: fix incorrect IDL for QueryMultipleValue (aka RVALENT).
Found by torture test.
Guenther
Günther Deschner [Tue, 29 Jun 2010 19:53:00 +0000 (21:53 +0200)]
s4-smbtorture: add more sophisticated tests for winreg_QueryMultipleValues{2}.
Guenther
Matthias Dieter Wallnöfer [Tue, 29 Jun 2010 20:30:05 +0000 (22:30 +0200)]
s4:ntvfs/ipc/vfs_ipc.c - remove unused code
Spotted by the Solaris 10 compiler
Matthias Dieter Wallnöfer [Tue, 29 Jun 2010 20:33:32 +0000 (22:33 +0200)]
s4:ntvfs/ipc/vfs_ipc.c - add casts to suppress warnings on Solaris 10
Matthias Dieter Wallnöfer [Tue, 29 Jun 2010 20:33:32 +0000 (22:33 +0200)]
s4:ntp_signd/ntp_signd.c - add casts to suppress warnings on Solaris 10
Matthias Dieter Wallnöfer [Tue, 29 Jun 2010 20:30:05 +0000 (22:30 +0200)]
s4:rpc_server/browser.c - remove unused code
Spotted by the Solaris 10 compiler
Matthias Dieter Wallnöfer [Tue, 29 Jun 2010 20:30:05 +0000 (22:30 +0200)]
s4:smb_server/smb2/find.c - remove unused code
Spotted by the Solaris 10 compiler
Matthias Dieter Wallnöfer [Tue, 29 Jun 2010 20:30:05 +0000 (22:30 +0200)]
s4:smb_server/blob.c - remove unused code
Spotted by the Solaris 10 compiler
Matthias Dieter Wallnöfer [Tue, 29 Jun 2010 20:23:15 +0000 (22:23 +0200)]
s4:dsdb/new_partition.c - remove the "ldb_next_request" call which we find also below the "if" block
Matthias Dieter Wallnöfer [Tue, 29 Jun 2010 20:21:22 +0000 (22:21 +0200)]
ldb:ldb_map_outbound.c - "ldb_parse_tree_collect_attrs" - remove unneeded return value
Matthias Dieter Wallnöfer [Tue, 29 Jun 2010 20:16:15 +0000 (22:16 +0200)]
ldb:ldb_modules.c - "ldb_dso_load_symbol" - remove unneeded caste before "dlsym"
Matthias Dieter Wallnöfer [Tue, 29 Jun 2010 20:10:14 +0000 (22:10 +0200)]
s4:ldb - "ldb_dn_update_components" - fix free of invalid DN parts
Use "LDB_FREE" for such free operations and in addition wipe also the casefolded
DN out.
Matthias Dieter Wallnöfer [Tue, 29 Jun 2010 20:07:51 +0000 (22:07 +0200)]
ldb:ldb_dn.c - "ldb_dn_set_extended_component" - free the linearized string when the components change
Matthias Dieter Wallnöfer [Tue, 29 Jun 2010 20:04:24 +0000 (22:04 +0200)]
s4:ldb_dn.c - make the code parts which free extended components consistent
Cosmetic
Matthias Dieter Wallnöfer [Tue, 29 Jun 2010 19:59:37 +0000 (21:59 +0200)]
ldb:ldb_dn - "ldb_dn_explode" - move the "dn->comp_num" initalisation upwards and use "LDB_FREE" for freeing "dn->components"
Mostly cosmetic - no behaviour change
Günther Deschner [Tue, 29 Jun 2010 17:57:06 +0000 (19:57 +0200)]
s4-smbtorture: remove some pointless mem_equal tests in LOCAL-NDR-WINREG testsuite.
Guenther
Günther Deschner [Tue, 29 Jun 2010 15:19:28 +0000 (17:19 +0200)]
s4-smbtorture: handle NT_STATUS_NOT_IMPLEMENTED in GetForestTrustInformation test.
When skipping over it, we can at least verify the credential chain.
Guenther
Günther Deschner [Tue, 29 Jun 2010 15:16:25 +0000 (17:16 +0200)]
s4-smbtorture: use TEST_MACHINE_NAME in test_netr_GetForestTrustInformation().
Guenther
Günther Deschner [Tue, 29 Jun 2010 15:13:01 +0000 (17:13 +0200)]
s4-smbtorture: add netr_GetForestTrustInformation test to RPC-NETLOGON.
Guenther
Günther Deschner [Tue, 29 Jun 2010 12:54:43 +0000 (14:54 +0200)]
s3-utils: remove rpccheck.
Impossible to get this to compile after the conversion to pidl.
Guenther
Matthias Dieter Wallnöfer [Tue, 29 Jun 2010 12:48:25 +0000 (14:48 +0200)]
Revert "s4/dsdb: Fixed partition_search() not to pass special DN's to LDAP backend."
This reverts commit
ed4c107bc1eac8531fdd8d09f7698efcbc7ecb14.
See post "Endi's Bug 7530 patches (LDAP backend)" on samba-technical.
Matthias Dieter Wallnöfer [Tue, 29 Jun 2010 12:52:43 +0000 (14:52 +0200)]
Revert "s4/auth: Fixed authsam_expand_nested_groups() to find entry SID if not available in the DN."
This reverts commit
fa9557fee3ca546878d99b77f1ff37f724c37024.
See post "Endi's Bug 7530 patches (LDAP backend)" on samba-technical.
Günther Deschner [Tue, 29 Jun 2010 10:26:24 +0000 (12:26 +0200)]
s4-smbtorture: add NDR torture test for winreg_QueryMultipleValues2.
Guenther
Günther Deschner [Tue, 29 Jun 2010 10:14:02 +0000 (12:14 +0200)]
s4-smbtorture: add RPC torture test for winreg_QueryMultipleValues2.
Guenther
Günther Deschner [Tue, 29 Jun 2010 10:04:56 +0000 (12:04 +0200)]
winreg: fix winreg_QueryMultipleValues2 IDL.
Guenther
Günther Deschner [Tue, 29 Jun 2010 09:40:24 +0000 (11:40 +0200)]
winreg: fix winreg_QueryMultipleValues() IDL and torture tests.
Guenther
Andreas Schneider [Tue, 29 Jun 2010 08:42:36 +0000 (10:42 +0200)]
s3-client: Make sure we only write to an opened file.
Found by clang-analyzer.
Andreas Schneider [Tue, 29 Jun 2010 08:34:17 +0000 (10:34 +0200)]
s3-winbind: Make sure we crash if domain is really not found.
Found by clang-analyzer.
Andreas Schneider [Tue, 29 Jun 2010 08:07:22 +0000 (10:07 +0200)]
s3-net: Make sure we don't call free on garbage.
Found by clang-analyzer.
Andreas Schneider [Mon, 28 Jun 2010 11:20:18 +0000 (13:20 +0200)]
s3-net: Use talloc_asprintf and return if file is in wrong format.
Found by clang-analyzer.
Andreas Schneider [Mon, 28 Jun 2010 19:00:30 +0000 (21:00 +0200)]
s3-librpc: Fixed GUID_from_data_blob() with length of 32.
If we hit the case that the blob length is 32. The code goes to the end
of the function and generates a GUID with garbage.
So try to convert the blob to the GUID and return.
Nadezhda Ivanova [Tue, 29 Jun 2010 08:46:22 +0000 (11:46 +0300)]
Fixed incorrect use of cn instead of lDAPDisplayName
Andrew Bartlett [Wed, 23 Jun 2010 11:15:43 +0000 (21:15 +1000)]
s4:secrets Ensure secrets.ldb uses the same hooks as the rest of Samba
This ensures that, for example, the utf8 functions are the same,
the GUID handler is the same and the NOSYNC flag is applied.
Andrew Bartlett
Andrew Bartlett [Wed, 23 Jun 2010 23:42:40 +0000 (09:42 +1000)]
s4:selftest Split out PKINIT tests from test_kinit.sh and test enc types
This allows us to run the PKINIT tests only against the main DC (for
which the certificates were generated), while testing the available
encryption types in each functional level.
In particular, we need to assert that AES encryption is available in
the 2008 functional level.
Andrew Bartlett