summaryrefslogtreecommitdiff
path: root/python
AgeCommit message (Collapse)AuthorFilesLines
2016-05-03tests/dns_forwarder: Add additional testing for no flag recursiveGarming Sam1-0/+27
Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-05-03tests/dns_forwarder: Add an extra test for inactive forwardersGarming Sam1-0/+27
Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-05-03tests/dns_forwarder: remove statically defined IPsGarming Sam1-17/+33
Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-05-03tests/dns: Add additional testing of CNAME handlingGarming Sam1-14/+77
RFC 1034, for instance, describes that all intermediate CNAMEs should be returned. As it is, CNAME do not return all found intermediate results in the case of straightforward failure. It should be noted that in the case of forwarding success, ALL intermediate paths are returned, including the failure ones. Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-05-03tests/dns_forwarder: Add testing for DNS forwardingGarming Sam2-0/+624
The new tests show that single and multiple forwarders work as expected. They also describe the behaviour encountered when the DNS server encounters a CNAME from a forwarded request (which is not to pursue any further). Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Pair-programmed-with: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2016-04-20dbcheck: Avoid pathological behaviour in operational moduleGarming Sam1-0/+4
Because replPropertyMetadata was repeated for every object in the database, the attrs list became very long. This single line saves 20% of the time for make test TESTS=dbcheck. Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Garming Sam <garming@samba.org> Autobuild-Date(master): Wed Apr 20 09:12:47 CEST 2016 on sn-devel-144
2016-04-18tests/rodc: Check that preload will skip broken usersGarming Sam1-1/+35
Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Garming Sam <garming@samba.org> Autobuild-Date(master): Mon Apr 18 07:40:07 CEST 2016 on sn-devel-144
2016-04-18rodc: Allow RODC preload to continue with invalid usersGarming Sam1-3/+35
Either the user may be missing from the database, or the user is not included in the RODC password replication group. Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-04-12CVE-2015-5370: python/samba/tests: add some dcerpc raw_protocol testsStefan Metzmacher1-0/+2623
These are independent from our client library and allow testing of invalid pdus. It can be used like this in standalone mode: SMB_CONF_PATH=/dev/null SERVER=172.31.9.188 python/samba/tests/dcerpc/raw_protocol.py or SMB_CONF_PATH=/dev/null SERVER=172.31.9.188 python/samba/tests/dcerpc/raw_protocol.py -v -f TestDCERPC_BIND.test_invalid_auth_noctx BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12CVE-2015-5370: python/samba/tests: add infrastructure to do raw protocol ↵Stefan Metzmacher1-0/+525
tests for DCERPC These are independent from our client library and allow testing of invalid pdus. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344 Signed-off-by: Stefan Metzmacher <metze@samba.org>
2016-04-12CVE-2016-2118: python:tests/dcerpc: use [sign] for dnsserver testsStefan Metzmacher1-1/+1
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11616 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-01Bug 11818 : obvious missing word When trying to demote a dc, ↵Rowland Penny1-1/+1
'remove_dc.remove_sysvol_references' is sent 'remote_samdb, dc_name' , it expects 'remote_samdb, logger, dc_name' BUG: https://bugzilla.samba.org/show_bug.cgi?id=11818 Signed-off-by: Rowland Penny <rpenny@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Apr 1 22:54:22 CEST 2016 on sn-devel-144
2016-03-10CVE-2016-0771: tests/dns: Remove dependencies on env variablesGarming Sam1-45/+25
Now that it is invoked as a normal script, there should be less of them. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-10CVE-2016-0771: tests/dns: change samba.tests.dns from being a unittestGarming Sam1-8/+39
This makes it easier to invoke, particularly against Windows. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-10CVE-2016-0771: tests: rename test getopt to get_optGarming Sam1-0/+0
This avoids any conflicts in this directory with the original toplevel getopt. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-10CVE-2016-0771: tests/dns: RPC => DNS roundtrip testGarming Sam1-13/+189
Make sure that TXT entries stored via RPC come out the same in DNS. This has one caveat in that adding over RPC in Windows eats slashes, and so fails there. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-10CVE-2016-0771: tests/dns: modify tests to check via RPCGarming Sam1-106/+160
This checks that TXT records added over DNS, look the same over RPC. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-10CVE-2016-0771: tests/dns: Add some more test cases for TXT recordsGarming Sam1-39/+71
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-10CVE-2016-0771: tests/dns: Correct error code for formerly unrun testGarming Sam1-1/+1
Both Samba and Windows returned NXRRSET BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-10CVE-2016-0771: tests/dns: restore formerly segfaulting testGarming Sam1-26/+25
This was on the client side, due the a strlen(NULL) on the previously DOS-encoded TXT field. With a new IDL structure, this segfault no longer exists. Note that both Samba and Windows return NXRRSET instead of FORMERR. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-10CVE-2016-0771: tests/dns: Add a comment regarding odd Windows behaviourGarming Sam1-0/+1
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-10CVE-2016-0771: tests/dns: FORMERR can simply timeout against WindowsGarming Sam1-10/+53
Two requests with identical parameters which are poorly formatted, can non-deterministically return FORMERR or simply fail to give a response. Setting the timeout to a number allows Windows to succeed. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-10CVE-2016-0771: tests/dns: prepare script for further testingGarming Sam1-6/+6
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-10CVE-2016-0771: tests/dns: Modify dns tests to match new IDLGarming Sam1-18/+20
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-08dbcheck: Check for and remove duplicate values in attributesAndrew Bartlett1-0/+26
This can happen with three DCs and custom schema, but we test it by just forcing the values directly into the backing tdb. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2016-03-08dbcheck: Avoid spurious warnings in dbcheck due to objectclass sortingAndrew Bartlett1-1/+13
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11433 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2016-03-08dbcheck: Fix incorrect/duplicate attrid in replPropertMetaDataAndrew Bartlett1-19/+101
If custom schema is used in a replicated DC environment, these are created as soon as an attribute is modified on more than one DC. We have to remove these. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11443 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2016-03-08pidl: Fix our python reference handlingAndrew Bartlett2-6/+179
The new talloc.BaseObject allow us to hold a talloc context per python object (there may be many referring to the same C object) and the talloc context that the actual object pointer is under. Another advantage is that talloc.BaseObject(), has less of an ABI surface. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2016-03-07Remove posixAccount from samdb.pyRowland Penny1-1/+0
Signed-off-by: Rowland Penny rpenny@samba.org Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Garming Sam <garming@samba.org> Autobuild-Date(master): Mon Mar 7 08:13:42 CET 2016 on sn-devel-144
2016-02-25samba-tool: Support preloading multiple usersAndrew Bartlett2-22/+131
Based on patches by Adrian Cochrane Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Thu Feb 25 07:58:55 CET 2016 on sn-devel-144
2016-02-25python: Allow optional multi-value arguements for samba-tool commandsAndrew Bartlett1-2/+3
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2016-02-08test:docs: remove unused param_table/get_param_table_full()Michael Adam1-64/+0
No tests use this any more, hence we should not parse the file anymore either. It is generated directly from the parametersr.all.xml file. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
2016-02-03python:tests/core: add tests for arcfour_encrypt() and string_to_byte_array()Stefan Metzmacher1-0/+16
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11699 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed Feb 3 11:42:29 CET 2016 on sn-devel-144
2016-02-03python:samba/netcmd/domain: make use of the generic arcfour_encrypt() and ↵Stefan Metzmacher1-18/+5
string_to_byte_array() functions BUG: https://bugzilla.samba.org/show_bug.cgi?id=11699 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
2016-02-03python:samba/join.py: make use of the generic arcfour_encrypt() and ↵Stefan Metzmacher1-16/+3
string_to_byte_array() functions BUG: https://bugzilla.samba.org/show_bug.cgi?id=11699 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
2016-02-03python:samba: add a generic arcfour_encrypt() helper functionStefan Metzmacher1-0/+16
This works with Crypto.Cipher.ARC4 (from python*-crypto) and fallback to M2Crypto.RC4.RC4 (from [python*-]m2crypto). BUG: https://bugzilla.samba.org/show_bug.cgi?id=11699 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
2016-02-03python:samba: add a generic string_to_byte_array() helper functionStefan Metzmacher1-0/+8
We should avoid implementing this again and again. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11699 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
2015-12-24samldb: ensure subnets have proper net rangesDouglas Bagnall1-0/+24
A subnet name needs to be a valid CIDR address range -- that's the ones that look like 10.9.8.0/22, where the number after the / determines how many bits are in the address suffix. It can be IPv4 or IPv6. There are a few odd constraints (see MS-ADTS v20150630 6.1.1.2.2.2.1 "Subnet Object") -- for example, with IPv4, the implied bit mask can't equal the address. That is, you can't have a subnet named "255.255.255.0/24" in a Windows subnet. This rule does not apply to IPv6. Windows and Samba both make some ensure that subnets have a unique valid name, though unfortunately Windows 2008R2 is rather slack when it comes to IPv6. We follow Windows 2012R2, which roughly follows RFC5952 -- with one caveat: Windows will allow an address like "::ffff:0:1:2", which translates to the IPv4 address "0.1.0.2" using the SIIT translation scheme, and which inet_ntop() would render as "::ffff:0:0.1.0.2". In the Samba implementation we use an inet_pton()/ inet_ntop() round-trip to establish canonicality, so these addresses fail. Windows wisely does not allow the SIIT style addresses (the acronym is widely agreed to be off-by-one in the second letter), and it will regard "::ffff:0:1:2" as simply "::ffff:0:1:2" and allow it. We would like to do that too. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2015-12-24samba-tool: add sites subnet subcommandsDouglas Bagnall3-2/+360
This allows you to add, remove, or shift subnets. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2015-12-24samba-tool tests: Add command line tests for sitesDouglas Bagnall1-0/+57
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2015-12-24python/sites: Rework site DN constructionAndrew Bartlett1-12/+22
This new routine is safe against escape characters and works against Windows 2012R2. The dn= filter in the old code was samba-specific. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2015-12-24samba.sites: reduce code duplication in Exception classesDouglas Bagnall1-16/+1
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2015-12-24samba.sites: improve grammar in an error messageDouglas Bagnall1-1/+1
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2015-12-24samba-tool sites: use -H to set URL with standard handlingDouglas Bagnall1-14/+19
samba-tool sites was defaulting to the local database, but we might want to use another URL. This allows that case while defaulting to the old behaviour. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2015-12-24sambatool sites: PEP8/flake8 improvementsDouglas Bagnall2-4/+6
We were nearly there, so lets make the jump. This involves removing some unused variables. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2015-12-24s4:samba-tool domain raise tool - make it aware of newer domain function levelsMatthias Dieter Wallnöfer1-8/+31
http://msdn.microsoft.com/en-us/library/Cc223742.aspx Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date(master): Thu Dec 24 04:08:04 CET 2015 on sn-devel-144
2015-12-24s4:samba-tool domain raise tool - handle Windows 2000 mode AD domains correctlyMatthias Dieter Wallnöfer1-16/+23
Considering http://msdn.microsoft.com/en-us/library/cc220262.aspx they do not provide any "msDS-Behavior-Version" attributes. gulikoza <gulikoza@users.sourceforge.net> noticed this correctly. Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2015-12-15Fix bug 10881 Wrong keytab permissions when joining additional DC with BIND ↵Andrew Bartlett1-0/+10
backend BUG: https://bugzilla.samba.org/show_bug.cgi?id=10881 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Tue Dec 15 11:47:21 CET 2015 on sn-devel-104
2015-12-15python: Give a more helpful error message when we do not have an smb.confAndrew Bartlett1-1/+1
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2015-12-07samba-tool: user create examples show 'add' instead of 'create'Rowland Penny1-4/+4
Signed-off-by: Rowland Penny <repenny241155@gmail.com> Reviewed-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
generated by cgit v1.2.3 (git 2.25.1) at 2026-05-07 15:55:54 +0000