summaryrefslogtreecommitdiff
path: root/source4
Commit message (Collapse)AuthorAgeFilesLines
* s4:torture/rpc: use dcerpc_secondary_auth_connection with anon credsStefan Metzmacher2015-07-072-8/+16
| | | | | | | This is the same as calling dcerpc_secondary_connection/dcerpc_bind_auth_none. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s4:torture/samba3rpc: use pipe_bind_smb_auth()Stefan Metzmacher2015-07-071-66/+32
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s4:torture/samba3rpc: add pipe_bind_smb_auth()Stefan Metzmacher2015-07-071-0/+38
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s4:torture/samba3rpc: use pipe_bind_smb2()Stefan Metzmacher2015-07-071-22/+8
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s4:torture/samba3rpc: add pipe_bind_smb2()Stefan Metzmacher2015-07-071-0/+33
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s4:torture/samba3rpc: use pipe_bind_smb() in more placesStefan Metzmacher2015-07-071-78/+20
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s4:torture/samba3rpc: move pipe_bind_smb() to the topStefan Metzmacher2015-07-071-37/+37
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s4:libnet: make use of dcerpc_secondary_auth_connection_send/recv()Stefan Metzmacher2015-07-072-13/+7
| | | | | | | This avoid the bogus usage of dcerpc_pipe_auth(). Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s4:libcli/clilsa: only remember the dcerpc_binding_handleStefan Metzmacher2015-07-071-12/+13
| | | | | | | We don't need the 'dcerpc_pipe'. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s4:librpc/rpc: add dcerpc_secondary_auth_connection()Stefan Metzmacher2015-07-072-0/+22
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* Introduce setting "desired" for 'smb encrypt' and 'client/server signing'Michael Adam2015-07-071-0/+1
| | | | | | | | | | | This should trigger the behaviour where the server requires signing when the client supports it, but does not reject clients that don't support it. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11372 Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s4:pyrpc: remove pointless alter_context() methodStefan Metzmacher2015-07-031-36/+0
| | | | | | | This will always result in a rpc protocol error. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s4:torture/rpc: expect NT_STATUS_CONNECTION_DISCONNECTED in ↵Stefan Metzmacher2015-07-031-1/+1
| | | | | | | torture_rpc_alter_context() Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s4:torture/rpc: expect NT_STATUS_CONNECTION_DISCONNECTED when a dcerpc ↵Stefan Metzmacher2015-07-031-4/+10
| | | | | | | | | connection is not connected We still also allow NT_STATUS_INVALID_HANDLE and NT_STATUS_IO_DEVICE_ERROR for now. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s4:pyrpc: add base.bind_time_features_syntax(features)Stefan Metzmacher2015-07-031-0/+44
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s4:ntvfs/ipc: fix ipc_close()Stefan Metzmacher2015-07-031-2/+4
| | | | | | | | | | Until now this always returned NT_STATUS_INVALID_LEVEL for everything but RAW_CLOSE_CLOSE. Now it maps everything correctly to RAW_CLOSE_GENERIC. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s4-torture: pull, push and compare a witness Notify struct in ndr test.Günther Deschner2015-07-031-0/+6
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s4-torture: add new torture_suite_add_ndr_pullpush_fn_test_flags().Günther Deschner2015-07-031-0/+9
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s4-torture: add torture_ndr_push_struct_blob_flags() in order to manipulate ↵Günther Deschner2015-07-031-1/+18
| | | | | | | | | push flags. Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* libndr: reformat libndr torture_suite macros to make differences more visible.Günther Deschner2015-07-031-7/+21
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s4-torture: using async dcerpc for witness async notifications.Günther Deschner2015-07-031-8/+15
| | | | | | | | | | This test toggles the online/offline resource state using the clusapi protocol between the send and receive. Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s4-torture: move torture_assert_sid_equal() out of ndr headers.Günther Deschner2015-07-031-10/+0
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s4-torture: finally enable witness_AsyncNotify ndr test.Günther Deschner2015-07-031-6/+8
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s4-torture: add clusapi resource online/offline toggle code to witness test.Günther Deschner2015-07-031-0/+66
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s4-torture: make some clusapi torture tests public.Günther Deschner2015-07-031-13/+13
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s4-torture: add some more tests for witness_AsyncNotify and RegisterEx with ↵Günther Deschner2015-07-031-0/+139
| | | | | | | | | different timeouts. Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s4-torture: make setup of the clusapi pipe non-critical in witness test.Günther Deschner2015-07-031-3/+7
| | | | | | | | | Samba currently does not implement clusapi. Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s4-torture: minor cleanup in test_witness_Register().Günther Deschner2015-07-031-2/+2
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s4-torture: open a clusapi connection to get list of cluster nodes, etc.Günther Deschner2015-07-031-0/+49
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s4:torture:vfs_fruit: check offset and length when reading AFP_AfpInfo streamRalph Boehme2015-07-031-0/+92
| | | | | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=11363 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Ralph Böhme <slow@samba.org> Autobuild-Date(master): Fri Jul 3 01:47:29 CEST 2015 on sn-devel-104
* dsdb: Rename a parameterVolker Lendecke2015-07-011-2/+2
| | | | | | | | | | | | Coverity was confused by the 'seq_num' variable as an argument for the 'local_usn' parameter, where also a 'seq_num' parameter exists. Doesn't hurt, and if it kills a Coverity warning, why not... Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: "Stefan (metze) Metzmacher" <metze@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Wed Jul 1 14:09:14 CEST 2015 on sn-devel-104
* libldap: Fix CID 1308982 Unchecked return value from libraryVolker Lendecke2015-07-011-1/+7
| | | | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Jul 1 00:11:41 CEST 2015 on sn-devel-104
* Avoid segfault in durable_open testsDouglas Bagnall2015-06-261-4/+6
| | | | | | | | | | | | There are "goto done"s hiding in CHECK_STATUS in parts of the code where tree1 is unequivocally NULL. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Michael Adam <obnox@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri Jun 26 05:12:02 CEST 2015 on sn-devel-104
* s4-winbindd: Remove the winbind rewrite from the samba4 effortAndrew Bartlett2015-06-2440-8701/+5
| | | | | | | | | | | | | | This winbind implementation is undermaintained, out of date and not the future of even the AD DC, let alone any other purpose. Removing it will reduce our security and bug exposure on this off by default subsystem Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Jun 24 22:34:57 CEST 2015 on sn-devel-104
* Allow winbind removal by matching delays to Samba3.pmAndrew Bartlett2015-06-241-1/+1
| | | | | | | | | | | | | | | | When using winbindd with the ntvfs file server, the responses are faster than they were in the past. Therefore, set: posix:sharedelay = 100000 posix:writetimeupdatedelay = 500000 to the values used in Samba3.pm to allow the tests to pass against the NTVFS file server without the internal winbind. This allows the internal winbind to be removed. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* correct sense of macro variable name in SMB2 durable open testDouglas Bagnall2015-06-241-3/+3
| | | | | | | | | Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Jun 24 08:54:23 CEST 2015 on sn-devel-104
* Avoid casting pointer to unsigned long long for NULL checkDouglas Bagnall2015-06-241-1/+8
| | | | | | | | | | | | | | This allows compilation on i386 with -WError. Otherwise we see this: ../source4/torture/smb2/durable_open.c:41:23: error: cast from pointer to integer of different size [-Werror=pointer-to-int-cast] __location__, #v, (unsigned long long)v, (unsigned long long)correct); \ because the pointer is 32 bits, while long long is 64. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:gensec/gssapi: make use of add gssapi_get_sig_size() and ↵Stefan Metzmacher2015-06-242-214/+71
| | | | | | | | | | | | | gssapi_{seal,unseal,sign,check}_packet() helper functions This way are able to support GENSEC_FEATURE_SIGN_PKT_HEADER also together with GENSEC_FEATURE_SEAL. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Jun 24 04:00:43 CEST 2015 on sn-devel-104
* s3:librpc/gse: make use of add gssapi_get_sig_size() and ↵Stefan Metzmacher2015-06-241-0/+1
| | | | | | | | | gssapi_{seal,unseal,sign,check}_packet() helper functions This way are able to support GENSEC_FEATURE_SIGN_PKT_HEADER. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* heimdal:lib/gssapi/krb5: implement gss_[un]wrap_iov[_length] with ↵Stefan Metzmacher2015-06-242-3/+640
| | | | | | | | | | arcfour-hmac-md5 Pair-Programmed-With: Andreas Schneider <asn@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* heimdal:lib/gssapi/krb5: split out a arcfour_mic_cksum_iov() functionStefan Metzmacher2015-06-241-10/+73
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* heimdal:lib/gssapi/krb5: add const to arcfour_mic_key()Stefan Metzmacher2015-06-241-1/+1
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* heimdal:lib/gssapi/krb5: clear temporary buffer with cleartext data.Stefan Metzmacher2015-06-241-0/+1
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* heimdal:lib/gssapi/krb5: fix indentation in _gk_wrap_iov()Stefan Metzmacher2015-06-241-7/+7
| | | | | | | Now it matches _gk_unwrap_iov() and _gk_wrap_iov_length(). Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* heimdal:lib/gssapi/krb5: make _gssapi_verify_pad() more robustStefan Metzmacher2015-06-241-0/+3
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:selftest: add torture:run_removedollar_test=true to the machine account ↵Stefan Metzmacher2015-06-241-1/+5
| | | | | | | | | kdc tests Bug: https://bugzilla.samba.org/show_bug.cgi?id=11130 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:torture/krb5: add a --option=torture:run_removedollar_test=true option to ↵Stefan Metzmacher2015-06-241-3/+23
| | | | | | | | | | | | kdc-conon With this option a machine account is tested without the trailing '$' in the account name. Bug: https://bugzilla.samba.org/show_bug.cgi?id=11130 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:selftest: run samba4.rpc.lsa.secrets with more principal combinationsStefan Metzmacher2015-06-241-0/+3
| | | | | | | | | 'dcom/SERVER', 'SERVER$' and 'SERVER' as target principal names. Bug: https://bugzilla.samba.org/show_bug.cgi?id=11130 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:kdc/db-glue: allow principals in form of computer@EXAMPLE.COMStefan Metzmacher2015-06-241-19/+137
| | | | | | | | | | | | | | This should be translated to computer$@EXAMPLE.COM. Note the behavior differs between client and server lookup. In samba_kdc_lookup_client() we need to fallback in case of NO_SUCH_USER. samba_kdc_lookup_server() needs to do a single search and only use the result if it's unique. Bug: https://bugzilla.samba.org/show_bug.cgi?id=11130 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:kdc/db-glue: fix memory leak in samba_kdc_lookup_server()Stefan Metzmacher2015-06-241-4/+10
| | | | | | | We need to free enterprise_principal if generated. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
View Lorry Controller Status