[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via ae4e545 WHATSNEW.txt: Updated with VFS ABI changes for 4.9.0. from 0fb122a tests/demote: replace demote test bash script to python https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit ae4e54563e69d3cd82ad6cf83ededb130a284c40 Author: Jeremy Allison Date: Thu Jun 7 00:47:30 2018 -0700 WHATSNEW.txt: Updated with VFS ABI changes for 4.9.0. Signed-off-by: Jeremy Allison Reviewed-by: Kai Blin Autobuild-User(master): Kai Blin Autobuild-Date(master): Thu Jun 7 13:48:25 CEST 2018 on sn-devel-144 --- Summary of changes: WHATSNEW.txt | 15 +++ 1 file changed, 15 insertions(+) Changeset truncated at 500 lines: diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 574e9b2..b9c80cf 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -72,6 +72,21 @@ to allow better Windows fileserver compatibility in a default install. store dos attributes Default changed yes ea support Default changed yes +VFS interface changes += + +The VFS ABI interface version has changed to 39. Function changes +are: + +SMB_VFS_FSYNC: Removed: Only async versions are used. +SMB_VFS_READ: Removed: Only PREAD or async versions are used. +SMB_VFS_WRITE: Removed: Only PWRITE or async versions are used. +SMB_VFS_CHMOD_ACL: Removed: Only CHMOD is used. +SMB_VFS_FCHMOD_ACL: Removed: Only FCHMOD is used. + +Any external VFS modules will need to be updated to match these +changes in order to work with 4.9.x. + KNOWN ISSUES -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via f052b60 talloc: Fix some typos in the comments from 1531fcd vfs_gpfs: Use full_path_tos instead of talloc_asprintf https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit f052b6057294baed1fdf0e916200d3f653bba8ca Author: Kai Blin <k...@samba.org> Date: Sun May 27 08:38:19 2018 +0200 talloc: Fix some typos in the comments Now with even more typos fixed. Thanks Rowland. Signed-off-by: Kai Blin <k...@samba.org> Reviewed-by: Rowland Penny <rpe...@samba.org> Autobuild-User(master): Kai Blin <k...@samba.org> Autobuild-Date(master): Mon May 28 16:16:17 CEST 2018 on sn-devel-144 --- Summary of changes: lib/talloc/talloc.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/talloc/talloc.h b/lib/talloc/talloc.h index dda308d..7372df1 100644 --- a/lib/talloc/talloc.h +++ b/lib/talloc/talloc.h @@ -1898,8 +1898,8 @@ void talloc_set_log_stderr(void); * This affects all children of this context and constrain any * allocation in the hierarchy to never exceed the limit set. * The limit can be removed by setting 0 (unlimited) as the - * max_size by calling the funciton again on the sam context. - * Memory limits can also be nested, meaning a hild can have + * max_size by calling the function again on the same context. + * Memory limits can also be nested, meaning a child can have * a stricter memory limit than a parent. * Memory limits are enforced only at memory allocation time. * Stealing a context into a 'limited' hierarchy properly -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 5a72a2e dns_server: Remove unused handle_question
via 6adec93 dns_server: Add handle_authoritative_send()
via 3b7f99e dns_server: Add add_dns_res_rec()
via b6aaf77 dns_server: Convert "ask_forwarder" params
via 4b54e14 dns_server: Simplify array length handling
via 3f2cbb6 dns_server: Simplify talloc handling
via 9de59c7 dns_server: Consolidate talloc_realloc
from 4807577 Fix bug 10881 Wrong keytab permissions when joining
additional DC with BIND backend
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 5a72a2ed0d28004d51039313e84047554c0a8f63
Author: Volker Lendecke <v...@samba.org>
Date: Tue Aug 11 07:40:50 2015 +0200
dns_server: Remove unused handle_question
Signed-off-by: Volker Lendecke <v...@samba.org>
Reviewed-by: Kai Blin <k...@samba.org>
Autobuild-User(master): Kai Blin <k...@samba.org>
Autobuild-Date(master): Tue Dec 15 17:50:32 CET 2015 on sn-devel-104
commit 6adec9339dee488e41c7552451eca45ebae4b917
Author: Volker Lendecke <v...@samba.org>
Date: Tue Aug 11 07:39:31 2015 +0200
dns_server: Add handle_authoritative_send()
An async version of handle_question
Bug: https://bugzilla.samba.org/show_bug.cgi?id=9409
Signed-off-by: Volker Lendecke <v...@samba.org>
Reviewed-by: Kai Blin <k...@samba.org>
commit 3b7f99e6f4996cfd97220b3a6d5cceeab6ab5b79
Author: Volker Lendecke <v...@samba.org>
Date: Sat Aug 8 14:36:43 2015 +0200
dns_server: Add add_dns_res_rec()
Same as add_response_rr(), but it copies over a dns_res_rec
Signed-off-by: Volker Lendecke <v...@samba.org>
Reviewed-by: Kai Blin <k...@samba.org>
commit b6aaf77897082c6ac447e9514260b435ac3ad854
Author: Volker Lendecke <v...@samba.org>
Date: Sat Aug 8 07:20:26 2015 +0200
dns_server: Convert "ask_forwarder" params
Usually we have mem_ctx and ev first when doing a _send function
Signed-off-by: Volker Lendecke <v...@samba.org>
Reviewed-by: Kai Blin <k...@samba.org>
commit 4b54e14b7cf456e327b176b365e8471e0899210b
Author: Volker Lendecke <v...@samba.org>
Date: Sat Aug 8 06:54:11 2015 +0200
dns_server: Simplify array length handling
talloc objects carry an implicit length
Signed-off-by: Volker Lendecke <v...@samba.org>
Reviewed-by: Kai Blin <k...@samba.org>
commit 3f2cbb616f8b0becf8a3479e72dda11433126e65
Author: Volker Lendecke <v...@samba.org>
Date: Sat Aug 8 06:49:16 2015 +0200
dns_server: Simplify talloc handling
By making sure that the answers are always allocated, we don't have
to pass an explicit mem_ctx anymore
Signed-off-by: Volker Lendecke <v...@samba.org>
Reviewed-by: Kai Blin <k...@samba.org>
commit 9de59c7e3f01c578831a8e352ff8e9ee2312c77f
Author: Volker Lendecke <v...@samba.org>
Date: Fri Aug 7 08:27:19 2015 +0200
dns_server: Consolidate talloc_realloc
This puts the talloc_realloc into add_response_rr instead of before
create_response_rr. It is a bit less efficient, but as we do not expect
hundreds of answers, I think this code is a bit easier to understand.
Signed-off-by: Volker Lendecke <v...@samba.org>
Reviewed-by: Kai Blin <k...@samba.org>
---
Summary of changes:
source4/dns_server/dns_query.c | 531 +
1 file changed, 425 insertions(+), 106 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dns_server/dns_query.c b/source4/dns_server/dns_query.c
index 956898e..63c219a 100644
--- a/source4/dns_server/dns_query.c
+++ b/source4/dns_server/dns_query.c
@@ -40,15 +40,27 @@
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_DNS
-static WERROR create_response_rr(const char *name,
-const struct dnsp_DnssrvRpcRecord *rec,
-struct dns_res_rec **answers, uint16_t
*ancount)
+static WERROR add_response_rr(const char *name,
+ const struct dnsp_DnssrvRpcRecord *rec,
+ struct dns_res_rec **answers)
{
struct dns_res_rec *ans = *answers;
- uint16_t ai = *ancount;
+ uint16_t ai = talloc_array_length(ans);
char *tmp;
uint32_t i;
+ if (ai == UINT16_MAX) {
+ return WERR_BUFFER_OVERFLOW;
+ }
+
+ /*
+* "ans" is always non-NULL and thus its own talloc context
+*/
+ ans = talloc_realloc(ans, ans, struct dns_res_rec, ai+1);
+ if (ans == NULL) {
+ return WERR_NOMEM;
+ }
+
ZERO_STRUCT(ans[ai]);
switch (rec->wType) {
@@
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 42f38fe dns: always add authority records
via d9a3f19 dns: Add a SOA record to error replies
via bda1a73 dns: Also pass nsrecs to handle_question()
via 0e11c08 dns: Just pass the name to create_response_rr
via d7a54f3 dns: Add dns_get_authoritative_zone helper function
from 54cbecb script/librelease.sh: this is replaced by script/release.sh
now
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 42f38fe8d9a34a9d3710dcddfe642257f41ece87
Author: Kai Blin k...@samba.org
Date: Fri Jul 17 15:27:51 2015 +0200
dns: always add authority records
Signed-off-by: Kai Blin k...@samba.org
Reviewed-by: Andreas Schneider a...@samba.org
Autobuild-User(master): Kai Blin k...@samba.org
Autobuild-Date(master): Thu Aug 6 14:06:52 CEST 2015 on sn-devel-104
commit d9a3f197495951f2b85e042f1bc4525bab389879
Author: Kai Blin k...@samba.org
Date: Wed Oct 29 13:41:53 2014 +0100
dns: Add a SOA record to error replies
Signed-off-by: Kai Blin k...@samba.org
Reviewed-by: Andreas Schneider a...@samba.org
commit bda1a7320f72049cf7aad2233899eaf2a55d6973
Author: Kai Blin k...@samba.org
Date: Wed Oct 29 13:39:16 2014 +0100
dns: Also pass nsrecs to handle_question()
Signed-off-by: Kai Blin k...@samba.org
Reviewed-by: Andreas Schneider a...@samba.org
commit 0e11c08d3e11c83b21e1366e9e91b6d841fbbd6c
Author: Kai Blin k...@samba.org
Date: Wed Oct 29 13:36:58 2014 +0100
dns: Just pass the name to create_response_rr
Signed-off-by: Kai Blin k...@samba.org
Reviewed-by: Andreas Schneider a...@samba.org
commit d7a54f33ef5d4f45127c9264f0c4f16a2a8a6541
Author: Kai Blin k...@samba.org
Date: Wed Oct 29 13:35:36 2014 +0100
dns: Add dns_get_authoritative_zone helper function
Signed-off-by: Kai Blin k...@samba.org
Reviewed-by: Andreas Schneider a...@samba.org
---
Summary of changes:
python/samba/tests/dns.py | 34 +++
source4/dns_server/dns_query.c | 96 ++---
source4/dns_server/dns_server.c | 6 ++-
source4/dns_server/dns_server.h | 2 +
source4/dns_server/dns_utils.c | 16 +++
5 files changed, 121 insertions(+), 33 deletions(-)
Changeset truncated at 500 lines:
diff --git a/python/samba/tests/dns.py b/python/samba/tests/dns.py
index 04ac356..044eaf6 100644
--- a/python/samba/tests/dns.py
+++ b/python/samba/tests/dns.py
@@ -247,23 +247,23 @@ class TestSimpleQueries(DNSTest):
response = self.dns_transaction_udp(p)
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_NOTIMP)
-# Only returns an authority section entry in BIND and Win DNS
-# FIXME: Enable one Samba implements this feature
-#def test_soa_hostname_query(self):
-#create a SOA query for a hostname
-#p = self.make_name_packet(dns.DNS_OPCODE_QUERY)
-#questions = []
-#
-#name = %s.%s % (os.getenv('SERVER'), self.get_dns_domain())
-#q = self.make_name_question(name, dns.DNS_QTYPE_SOA,
dns.DNS_QCLASS_IN)
-#questions.append(q)
-#
-#self.finish_name_packet(p, questions)
-#response = self.dns_transaction_udp(p)
-#self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
-#self.assert_dns_opcode_equals(response, dns.DNS_OPCODE_QUERY)
-## We don't get SOA records for single hosts
-#self.assertEquals(response.ancount, 0)
+def test_soa_hostname_query(self):
+create a SOA query for a hostname
+p = self.make_name_packet(dns.DNS_OPCODE_QUERY)
+questions = []
+
+name = %s.%s % (os.getenv('SERVER'), self.get_dns_domain())
+q = self.make_name_question(name, dns.DNS_QTYPE_SOA, dns.DNS_QCLASS_IN)
+questions.append(q)
+
+self.finish_name_packet(p, questions)
+response = self.dns_transaction_udp(p)
+self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
+self.assert_dns_opcode_equals(response, dns.DNS_OPCODE_QUERY)
+# We don't get SOA records for single hosts
+self.assertEquals(response.ancount, 0)
+# But we do respond with an authority section
+self.assertEqual(response.nscount, 1)
def test_soa_domain_query(self):
create a SOA query for a domain
diff --git a/source4/dns_server/dns_query.c b/source4/dns_server/dns_query.c
index 3cafc23..94f5d49 100644
--- a/source4/dns_server/dns_query.c
+++ b/source4/dns_server/dns_query.c
@@ -40,7 +40,7 @@
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_DNS
-static WERROR create_response_rr(const struct dns_name_question *question,
+static WERROR create_response_rr(const char *name,
const struct dnsp_DnssrvRpcRecord *rec,
struct dns_res_rec **answers
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 634f116 provision: Correctly provision the SOA record minimum TTL from 392ec4d bug #10609: CVE-2014-0239 Don't reply to replies http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 634f116fbb89d723a627f4501b4cd89342cecb8e Author: Kai Blin k...@samba.org Date: Fri May 16 18:33:42 2014 +0200 provision: Correctly provision the SOA record minimum TTL This fixes bug #10466 Signed-off-by: Kai Blin k...@samba.org Reviewed-by: Guenter Kukkukk ku...@samba.org Autobuild-User(master): Kai Blin k...@samba.org Autobuild-Date(master): Wed May 21 10:55:00 CEST 2014 on sn-devel-104 --- Summary of changes: python/samba/provision/sambadns.py |1 + python/samba/tests/dns.py |1 + 2 files changed, 2 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/python/samba/provision/sambadns.py b/python/samba/provision/sambadns.py index 13e03ab..f1cb1e2 100644 --- a/python/samba/provision/sambadns.py +++ b/python/samba/provision/sambadns.py @@ -130,6 +130,7 @@ class SOARecord(dnsp.DnssrvRpcRecord): soa.expire = expire soa.mname = mname soa.rname = rname +soa.minimum = minimum self.data = soa diff --git a/python/samba/tests/dns.py b/python/samba/tests/dns.py index 400321f..f93e13f 100644 --- a/python/samba/tests/dns.py +++ b/python/samba/tests/dns.py @@ -289,6 +289,7 @@ class TestSimpleQueries(DNSTest): self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK) self.assert_dns_opcode_equals(response, dns.DNS_OPCODE_QUERY) self.assertEquals(response.ancount, 1) +self.assertEquals(response.answers[0].rdata.minimum, 3600) class TestDNSUpdates(DNSTest): -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 392ec4d bug #10609: CVE-2014-0239 Don't reply to replies
from e5649ef smbd: fix creation of BUILTIN\{Administrators,Users} when
tdbsam:map builtin = false
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 392ec4d241eb19c812cd49ff73bd32b2b09d8533
Author: Kai Blin k...@samba.org
Date: Tue May 13 08:13:29 2014 +0200
bug #10609: CVE-2014-0239 Don't reply to replies
Due to insufficient input checking, the DNS server will reply to a packet
that
has the reply bit set. Over UDP, this allows to send a packet with a
spoofed
sender address and have two servers DOS each other with circular replies.
This patch fixes bug #10609 and adds a test to make sure we don't regress.
CVE-2014-2039 has been assigned to this issue.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10609
Signed-off-by: Kai Blin k...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Kai Blin k...@samba.org
Autobuild-Date(master): Tue May 20 04:15:44 CEST 2014 on sn-devel-104
---
Summary of changes:
python/samba/tests/dns.py | 29 +
source4/dns_server/dns_server.c |6 ++
2 files changed, 35 insertions(+), 0 deletions(-)
Changeset truncated at 500 lines:
diff --git a/python/samba/tests/dns.py b/python/samba/tests/dns.py
index 9c0b274..400321f 100644
--- a/python/samba/tests/dns.py
+++ b/python/samba/tests/dns.py
@@ -833,6 +833,35 @@ class TestInvalidQueries(DNSTest):
self.assertEquals(response.answers[0].rdata,
os.getenv('SERVER_IP'))
+def test_one_a_reply(self):
+send a reply instead of a query
+
+p = self.make_name_packet(dns.DNS_OPCODE_QUERY)
+questions = []
+
+name = %s.%s % ('fakefakefake', self.get_dns_domain())
+q = self.make_name_question(name, dns.DNS_QTYPE_A, dns.DNS_QCLASS_IN)
+print asking for , q.name
+questions.append(q)
+
+self.finish_name_packet(p, questions)
+p.operation |= dns.DNS_FLAG_REPLY
+s = None
+try:
+send_packet = ndr.ndr_pack(p)
+s = socket.socket(socket.AF_INET, socket.SOCK_STREAM, 0)
+host=os.getenv('SERVER_IP')
+s.connect((host, 53))
+tcp_packet = struct.pack('!H', len(send_packet))
+tcp_packet += send_packet
+s.send(tcp_packet, 0)
+recv_packet = s.recv(0x + 2, 0)
+self.assertEquals(0, len(recv_packet))
+finally:
+if s is not None:
+s.close()
+
+
if __name__ == __main__:
import unittest
unittest.main()
diff --git a/source4/dns_server/dns_server.c b/source4/dns_server/dns_server.c
index 976774d..60ce27c 100644
--- a/source4/dns_server/dns_server.c
+++ b/source4/dns_server/dns_server.c
@@ -156,6 +156,12 @@ static struct tevent_req *dns_process_send(TALLOC_CTX
*mem_ctx,
return tevent_req_post(req, ev);
}
+ if (state-in_packet.operation DNS_FLAG_REPLY) {
+ DEBUG(1, (Won't reply to replies.\n));
+ tevent_req_werror(req, WERR_INVALID_PARAM);
+ return tevent_req_post(req, ev);
+ }
+
state-state.flags = state-in_packet.operation;
state-state.flags |= DNS_FLAG_REPLY;
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via f27d8b8 lib: Fix build --without-winbind by adding
winbind_lookup_usersids dummy
from c664859 selftest: Test auth_wbc, the auth4 winbind and
winbind_wbclient modules using pdbtest
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit f27d8b813c085cf2527a36d8ce671073acdb4b16
Author: Kai Blin k...@samba.org
Date: Fri May 9 15:01:23 2014 +0200
lib: Fix build --without-winbind by adding winbind_lookup_usersids dummy
When building without winbind lib/winbind_util.c was missing a dummy
function for winbind_lookup_usersids()
Signed-off-by: Kai Blin k...@samba.org
Reviewed-by: Volker Lendecke v...@samba.org
Autobuild-User(master): Kai Blin k...@samba.org
Autobuild-Date(master): Fri May 16 17:19:18 CEST 2014 on sn-devel-104
---
Summary of changes:
source3/lib/winbind_util.c |8
1 files changed, 8 insertions(+), 0 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/lib/winbind_util.c b/source3/lib/winbind_util.c
index f62682b..3189dd3 100644
--- a/source3/lib/winbind_util.c
+++ b/source3/lib/winbind_util.c
@@ -485,4 +485,12 @@ bool winbind_get_sid_aliases(TALLOC_CTX *mem_ctx,
return false;
}
+bool winbind_lookup_usersids(TALLOC_CTX *mem_ctx,
+const struct dom_sid *user_sid,
+uint32_t *p_num_sids,
+struct dom_sid **p_sids)
+{
+ return false;
+}
+
#endif /* WITH_WINBIND */
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via e9cff21 ldbsamba: Move pyldb-utils dependency to python_samba__ldb
from a581f23 smbd: Remove unused code for dos attributes in stat struct
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit e9cff2183196f25eb734c8779e84fc382ab1e342
Author: Kai Blin k...@samba.org
Date: Wed May 14 00:22:01 2014 +0200
ldbsamba: Move pyldb-utils dependency to python_samba__ldb
This allows to build smbd statically again.
Pair-programmed-with: Stefan Metzmacher me...@samba.org
Signed-off-by: Kai Blin k...@samba.org
Signed-off-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Kai Blin k...@samba.org
Autobuild-Date(master): Wed May 14 04:01:46 CEST 2014 on sn-devel-104
---
Summary of changes:
lib/ldb-samba/wscript_build |4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/ldb-samba/wscript_build b/lib/ldb-samba/wscript_build
index 63ff5b1..7016b2f 100644
--- a/lib/ldb-samba/wscript_build
+++ b/lib/ldb-samba/wscript_build
@@ -8,7 +8,7 @@ bld.SAMBA_LIBRARY('ldbsamba',
source='ldif_handlers.c',
autoproto='ldif_handlers_proto.h',
public_deps='ldb',
- deps='samba-security ndr NDR_DRSBLOBS NDR_DNSP ldbwrap
samdb-common SAMDB_SCHEMA tdb pyldb-util errors',
+ deps='samba-security ndr NDR_DRSBLOBS NDR_DNSP ldbwrap
samdb-common SAMDB_SCHEMA tdb errors',
private_library=True
)
@@ -20,7 +20,7 @@ bld.SAMBA_SUBSYSTEM('ldbwrap',
bld.SAMBA_PYTHON('python_samba__ldb', 'pyldb.c',
- deps='ldbsamba pyparam_util ldbwrap',
+ deps='ldbsamba pyparam_util ldbwrap pyldb-util',
realname='samba/_ldb.so')
bld.SAMBA_MODULE('ldbsamba_extensions',
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 5bd47bb dns: Extend tests for records with another type
via d9829df bug #10471: Don't respond with NXDOMAIN to records that
exist with another type
from 6f092cf autobuild: Run make dist to ensure non-waf docs build is
run
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 5bd47bb563c3736b9de1a3a93bdf46a498928643
Author: Kai Blin k...@samba.org
Date: Fri Feb 28 10:35:07 2014 +0100
dns: Extend tests for records with another type
Add another check to the one added for bug #10471, for added paranoia
Signed-off-by: Kai Blin k...@samba.org
Reviewed-by: Andrew Bartlett abart...@samba.org
Autobuild-User(master): Kai Blin k...@samba.org
Autobuild-Date(master): Tue Mar 4 15:47:10 CET 2014 on sn-devel-104
commit d9829df13317b38677d92a499134727ab31fbb0e
Author: Kai Blin k...@samba.org
Date: Thu Feb 27 23:49:24 2014 +0100
bug #10471: Don't respond with NXDOMAIN to records that exist with another
type
DNS queries for records with the wrong type need to trigger an empty
response with RCODE_OK instead of returning NXDOMAIN.
This adds a test and fixes bug #10471
Signed-off-by: Kai Blin k...@samba.org
Reviewed-by: Andrew Bartlett abart...@samba.org
---
Summary of changes:
python/samba/tests/dns.py | 30 ++
source4/dns_server/dns_query.c | 14 --
2 files changed, 38 insertions(+), 6 deletions(-)
Changeset truncated at 500 lines:
diff --git a/python/samba/tests/dns.py b/python/samba/tests/dns.py
index 0ac9cf4..f2c5685 100644
--- a/python/samba/tests/dns.py
+++ b/python/samba/tests/dns.py
@@ -171,6 +171,36 @@ class TestSimpleQueries(DNSTest):
self.assertEquals(response.answers[0].rdata,
os.getenv('SERVER_IP'))
+def test_one_mx_query(self):
+create a query packet causing an empty RCODE_OK answer
+p = self.make_name_packet(dns.DNS_OPCODE_QUERY)
+questions = []
+
+name = %s.%s % (os.getenv('SERVER'), self.get_dns_domain())
+q = self.make_name_question(name, dns.DNS_QTYPE_MX, dns.DNS_QCLASS_IN)
+print asking for , q.name
+questions.append(q)
+
+self.finish_name_packet(p, questions)
+response = self.dns_transaction_udp(p)
+self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
+self.assert_dns_opcode_equals(response, dns.DNS_OPCODE_QUERY)
+self.assertEquals(response.ancount, 0)
+
+p = self.make_name_packet(dns.DNS_OPCODE_QUERY)
+questions = []
+
+name = invalid-%s.%s % (os.getenv('SERVER'), self.get_dns_domain())
+q = self.make_name_question(name, dns.DNS_QTYPE_MX, dns.DNS_QCLASS_IN)
+print asking for , q.name
+questions.append(q)
+
+self.finish_name_packet(p, questions)
+response = self.dns_transaction_udp(p)
+self.assert_dns_rcode_equals(response, dns.DNS_RCODE_NXDOMAIN)
+self.assert_dns_opcode_equals(response, dns.DNS_OPCODE_QUERY)
+self.assertEquals(response.ancount, 0)
+
def test_two_queries(self):
create a query packet containing two query records
p = self.make_name_packet(dns.DNS_OPCODE_QUERY)
diff --git a/source4/dns_server/dns_query.c b/source4/dns_server/dns_query.c
index 5414e1d..77f797b 100644
--- a/source4/dns_server/dns_query.c
+++ b/source4/dns_server/dns_query.c
@@ -258,7 +258,7 @@ static WERROR handle_question(struct dns_server *dns,
struct dns_res_rec **answers, uint16_t *ancount)
{
struct dns_res_rec *ans = *answers;
- WERROR werror;
+ WERROR werror, werror_return;
unsigned int ri;
struct dnsp_DnssrvRpcRecord *recs;
uint16_t rec_count, ai = *ancount;
@@ -275,6 +275,9 @@ static WERROR handle_question(struct dns_server *dns,
return WERR_NOMEM;
}
+ /* Set up for an NXDOMAIN reply if no match is found */
+ werror_return = DNS_ERR(NAME_ERROR);
+
for (ri = 0; ri rec_count; ri++) {
if ((recs[ri].wType == DNS_TYPE_CNAME)
((question-question_type == DNS_QTYPE_A) ||
@@ -319,28 +322,27 @@ static WERROR handle_question(struct dns_server *dns,
if (!W_ERROR_IS_OK(werror)) {
return werror;
}
+ werror_return = WERR_OK;
continue;
}
if ((question-question_type != DNS_QTYPE_ALL)
(recs[ri].wType != question-question_type)) {
+ werror_return = WERR_OK;
continue;
}
werror = create_response_rr(question, recs[ri], ans, ai
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 096c962 Backport 0e97908 from WAF repository: symlink fix for
OpenBSD
from d5eb3b2 s4:torture: remove and useless variable and assignment in
smb2.session.reauth5
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 096c962bfe4646274c08b2953d9fbaebb892a689
Author: Matthieu Patou m...@matws.net
Date: Fri Sep 6 23:23:07 2013 -0700
Backport 0e97908 from WAF repository: symlink fix for OpenBSD
Author: Thomas Nagy tnagy1...@gmail.com
Signed-off-by: Matthieu Patou m...@matws.net
Reviewed-by: Kai Blin k...@samba.org
Autobuild-User(master): Kai Blin k...@samba.org
Autobuild-Date(master): Sat Sep 21 11:14:30 CEST 2013 on sn-devel-104
---
Summary of changes:
buildtools/wafadmin/Tools/ccroot.py |9 ++---
1 files changed, 6 insertions(+), 3 deletions(-)
Changeset truncated at 500 lines:
diff --git a/buildtools/wafadmin/Tools/ccroot.py
b/buildtools/wafadmin/Tools/ccroot.py
index f54c82f..264bdc7 100644
--- a/buildtools/wafadmin/Tools/ccroot.py
+++ b/buildtools/wafadmin/Tools/ccroot.py
@@ -597,9 +597,12 @@ def apply_vnum(self):
path = self.install_path
if not path: return
- bld.install_as(path + os.sep + name3, node, env=self.env)
- bld.symlink_as(path + os.sep + name2, name3)
- bld.symlink_as(path + os.sep + libname, name3)
+ if self.env.DEST_OS == 'openbsd':
+ bld.install_as(path + os.sep + name2, node, env=self.env,
chmod=self.link_task.chmod)
+ else:
+ bld.install_as(path + os.sep + name3, node, env=self.env)
+ bld.symlink_as(path + os.sep + name2, name3)
+ bld.symlink_as(path + os.sep + libname, name3)
# the following task is just to enable execution from the build dir :-/
self.create_task('vnum', node, [node.parent.find_or_declare(name2),
node.parent.find_or_declare(name3)])
--
Samba Shared Repository
Re: [Samba] DNSMasq and OpenWRT as DHCP and Internal DNS
On 2013-09-07 09:06, Szymon Życiński wrote: DNSMasq is providing only DHCP and NAT. DNS thing is provided by samba internal dns. Today i saw only 5 clinents with host A created in DNS. All of them was working with WIN7. How to diagnose this situation? What operating systems are running on the clients? What exact version of Samba are you running? Cheers, Kai -- Kai Blin Worldforge developer http://www.worldforge.org/ Wine developer http://wiki.winehq.org/KaiBlin Samba team member http://www.samba.org/samba/team/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 573b455 pkgconfig: Do not hardcode library version numbers in pc
files.
via a0b245c s3-pkgconfig: remove leftovers from autoconf build.
from db1d034 client: add missing newlines to error messages for invalid
iosize parameter.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 573b455de9a45990446af26eea01539a32fef209
Author: Günther Deschner g...@samba.org
Date: Thu Aug 22 15:00:32 2013 +0200
pkgconfig: Do not hardcode library version numbers in pc files.
We control version numbers via 'vnum' from the wscript_build files for all
other
libraries. In case of libndr we already reported a wrong 0.0.1 version via
pkgconfig while in fact the library is versioned as 0.0.2.
Guenther
Signed-off-by: Günther Deschner g...@samba.org
Reviewed-by: Kai Blin k...@samba.org
Autobuild-User(master): Kai Blin k...@samba.org
Autobuild-Date(master): Thu Aug 22 20:48:44 CEST 2013 on sn-devel-104
commit a0b245c78271d060d59f763fb586221ec10edd7b
Author: Günther Deschner g...@samba.org
Date: Thu Aug 22 14:59:08 2013 +0200
s3-pkgconfig: remove leftovers from autoconf build.
No worries, we still ship appropriate pc files for these libs.
Guenther
Signed-off-by: Günther Deschner g...@samba.org
Reviewed-by: Kai Blin k...@samba.org
---
Summary of changes:
lib/torture/torture.pc.in |2 +-
lib/util/samba-util.pc.in |2 +-
librpc/ndr.pc.in |2 +-
librpc/ndr_krb5pac.pc.in |2 +-
librpc/ndr_nbt.pc.in |2 +-
librpc/ndr_standard.pc.in |2 +-
source3/pkgconfig/netapi.pc.in| 14 --
source3/pkgconfig/smbclient.pc.in | 14 --
source3/pkgconfig/smbsharemodes.pc.in | 14 --
source3/pkgconfig/wbclient.pc.in | 13 -
10 files changed, 6 insertions(+), 61 deletions(-)
delete mode 100644 source3/pkgconfig/netapi.pc.in
delete mode 100644 source3/pkgconfig/smbclient.pc.in
delete mode 100644 source3/pkgconfig/smbsharemodes.pc.in
delete mode 100644 source3/pkgconfig/wbclient.pc.in
Changeset truncated at 500 lines:
diff --git a/lib/torture/torture.pc.in b/lib/torture/torture.pc.in
index 459b35c..e0421b0 100644
--- a/lib/torture/torture.pc.in
+++ b/lib/torture/torture.pc.in
@@ -7,6 +7,6 @@ modulesdir=${prefix}/modules/torture
Name: torture
Description: Samba torture (test) suite
Requires: talloc
-Version: 0.0.1
+Version: @PACKAGE_VERSION@
Libs: @LIB_RPATH@ -L${libdir} -ltorture
Cflags: -I${includedir} -DHAVE_IMMEDIATE_STRUCTURES=1
diff --git a/lib/util/samba-util.pc.in b/lib/util/samba-util.pc.in
index a49c1d0..65876c4 100644
--- a/lib/util/samba-util.pc.in
+++ b/lib/util/samba-util.pc.in
@@ -6,6 +6,6 @@ includedir=@includedir@
Name: samba-util
Description: Samba utility functions
Requires: talloc tevent
-Version: 0.0.1
+Version: @PACKAGE_VERSION@
Libs: @LIB_RPATH@ -L${libdir} -lsamba-util
Cflags: -I${includedir} -DHAVE_IMMEDIATE_STRUCTURES=1
diff --git a/librpc/ndr.pc.in b/librpc/ndr.pc.in
index 1ee50cc..6828ac0 100644
--- a/librpc/ndr.pc.in
+++ b/librpc/ndr.pc.in
@@ -6,6 +6,6 @@ includedir=@includedir@
Name: ndr
Description: Network Data Representation Core Library
Requires: samba-util talloc
-Version: 0.0.1
+Version: @PACKAGE_VERSION@
Libs: @LIB_RPATH@ -L${libdir} -lndr
Cflags: -I${includedir} -DHAVE_IMMEDIATE_STRUCTURES=1 -D_GNU_SOURCE=1
diff --git a/librpc/ndr_krb5pac.pc.in b/librpc/ndr_krb5pac.pc.in
index 21ecb55..597bbd1 100644
--- a/librpc/ndr_krb5pac.pc.in
+++ b/librpc/ndr_krb5pac.pc.in
@@ -6,6 +6,6 @@ includedir=@includedir@
Name: ndr-krb5pac
Description: NDR marshallers for the KRB5 PAC formats
Requires: ndr
-Version: 0.0.1
+Version: @PACKAGE_VERSION@
Libs: @LIB_RPATH@ -L${libdir} -lndr-krb5pac
Cflags: -I${includedir} -DHAVE_IMMEDIATE_STRUCTURES=1 -D_GNU_SOURCE=1
diff --git a/librpc/ndr_nbt.pc.in b/librpc/ndr_nbt.pc.in
index 5b69699..2083e2d 100644
--- a/librpc/ndr_nbt.pc.in
+++ b/librpc/ndr_nbt.pc.in
@@ -6,6 +6,6 @@ includedir=@includedir@
Name: ndr-nbt
Description: NDR marshallers for nbt formats
Requires: ndr
-Version: 0.0.1
+Version: @PACKAGE_VERSION@
Libs: @LIB_RPATH@ -L${libdir} -lndr-nbt
Cflags: -I${includedir} -DHAVE_IMMEDIATE_STRUCTURES=1 -D_GNU_SOURCE=1
diff --git a/librpc/ndr_standard.pc.in b/librpc/ndr_standard.pc.in
index d400ef1..97687ba 100644
--- a/librpc/ndr_standard.pc.in
+++ b/librpc/ndr_standard.pc.in
@@ -6,6 +6,6 @@ includedir=@includedir@
Name: ndr-standard
Description: NDR marshallers for the standard set of DCE/RPC interfaces
Requires: ndr
-Version: 0.0.1
+Version: @PACKAGE_VERSION@
Libs: @LIB_RPATH@ -L${libdir} -lndr-standard
Cflags: -I${includedir} -DHAVE_IMMEDIATE_STRUCTURES=1
Re: [Samba] Samba 4 internal DNS - how to modify SOA record
On 2013-08-07 14:56, Rustam K. wrote: Thank you for you emails. Unfortunately samba tool can't update SOA records. IIRC that was fixed recently, but you seem to be running 4.0 rc3, if I understand the email correctly. That misses a lot of bug fixes, some for DNS as well. Cheers, Kai -- Kai Blin Worldforge developer http://www.worldforge.org/ Wine developer http://wiki.winehq.org/KaiBlin Samba team member http://www.samba.org/samba/team/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 4 internal DNS - how to modify SOA record
On 2013-08-08 10:02, Rustam K. wrote: Hello, I run samba 4.0.7, samba tool can't do the job, at least help/syntax doesn't show that I can Ah, yes. Apparently this functionality only exists in 4.1 and master, sorry. Should you try and run with that the command syntax is samba-tool dns update SOA fqdn_dns fqdn_email serial refresh retry expire minimumttl HTH, Kai -- Kai Blin Worldforge developer http://www.worldforge.org/ Wine developer http://wiki.winehq.org/KaiBlin Samba team member http://www.samba.org/samba/team/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via d7708fd talloc: Fix a typo
from 96f9724 ldb_tdb: Warn when reindexing is done
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit d7708fd360c1fa1e3111fd4df266b52c96cca196
Author: Volker Lendecke v...@samba.org
Date: Mon May 20 14:26:08 2013 +0200
talloc: Fix a typo
Signed-off-by: Volker Lendecke v...@samba.org
Reviewed-by: Kai Blin k...@samba.org
Autobuild-User(master): Kai Blin k...@samba.org
Autobuild-Date(master): Mon May 20 18:48:49 CEST 2013 on sn-devel-104
---
Summary of changes:
lib/talloc/talloc.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/talloc/talloc.c b/lib/talloc/talloc.c
index 885d700..76f0aee 100644
--- a/lib/talloc/talloc.c
+++ b/lib/talloc/talloc.c
@@ -255,7 +255,7 @@ struct talloc_chunk {
* if 'limit' is set it means all *new* children of the context will
* be limited to a total aggregate size ox max_size for memory
* allocations.
-* cur_size is used to kep track of the current use
+* cur_size is used to keep track of the current use
*/
struct talloc_memlimit *limit;
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 61a2ad3 swat: Remove swat. from a3a3086 dns: Also print packet information for DBGC_DNS http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 61a2ad3c020424cead067cbdc89ea6f25708fde4 Author: Kai Blin k...@samba.org Date: Fri May 17 14:16:26 2013 +0200 swat: Remove swat. Signed-off-by: Kai Blin k...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org Autobuild-User(master): Kai Blin k...@samba.org Autobuild-Date(master): Sat May 18 16:32:38 CEST 2013 on sn-devel-104 --- Summary of changes: buildtools/wafsamba/samba_patterns.py |1 - dynconfig/config.m4 |3 - dynconfig/dynconfig.c |1 - dynconfig/dynconfig.h |1 - dynconfig/wscript |4 - examples/misc/swat.pl | 122 -- source3/Makefile.in | 33 +- source3/configure.in|2 - source3/lib/popt_common.c | 10 - source3/m4/swat.m4 | 27 - source3/param/loadparm.c|2 +- source3/po/de.msg | 616 -- source3/po/en.msg | 592 -- source3/po/fi.msg | 610 -- source3/po/fr.msg | 592 -- source3/po/genmsg | 40 - source3/po/it.msg | 592 -- source3/po/ja.msg | 594 -- source3/po/nl.msg | 592 -- source3/po/pl.msg | 592 -- source3/po/ru.msg | 606 -- source3/po/tr.msg | 593 -- source3/script/installmsg.sh| 65 - source3/script/installswat.sh | 296 - source3/script/mkbuildoptions.awk |1 - source3/web/cgi.c | 798 - source3/web/diagnose.c | 80 -- source3/web/neg_lang.c | 120 -- source3/web/startstop.c | 130 -- source3/web/statuspage.c| 467 source3/web/swat.c | 1683 +-- source3/web/swat_proto.h| 76 -- source3/wscript |4 - source3/wscript_build | 33 - source4/smbd/server.c |1 - swat/help/welcome-no-samba-doc.html |3 - swat/help/welcome.html | 63 - swat/images/globals.gif | Bin 2004 - 0 bytes swat/images/home.gif| Bin 2044 - 0 bytes swat/images/passwd.gif | Bin 1993 - 0 bytes swat/images/printers.gif| Bin 2077 - 0 bytes swat/images/samba.gif | Bin 3643 - 0 bytes swat/images/shares.gif | Bin 2006 - 0 bytes swat/images/status.gif | Bin 2080 - 0 bytes swat/images/viewconfig.gif | Bin 1939 - 0 bytes swat/images/wizard.gif | Bin 2554 - 0 bytes swat/include/footer.html|3 - swat/include/header.html| 11 - swat/lang/ja/help/welcome.html | 66 -- swat/lang/ru/help/welcome-no-samba-doc.html |6 - swat/lang/ru/help/welcome.html | 65 - swat/lang/ru/images/globals.gif | Bin 2041 - 0 bytes swat/lang/ru/images/home.gif| Bin 2190 - 0 bytes swat/lang/ru/images/passwd.gif | Bin 1936 - 0 bytes swat/lang/ru/images/printers.gif| Bin 2139 - 0 bytes swat/lang/ru/images/shares.gif | Bin 2081 - 0 bytes swat/lang/ru/images/status.gif | Bin 2305 - 0 bytes swat/lang/ru/images/viewconfig.gif | Bin 2096 - 0 bytes swat/lang/ru/images/wizard.gif | Bin 2605 - 0 bytes swat/lang/ru/include/header.html| 14 - swat/lang/tr/help/welcome.html | 66 -- swat/lang/tr/images/globals.gif | Bin 442 - 0 bytes swat/lang/tr/images/home.gif| Bin 608 - 0 bytes swat/lang/tr/images/passwd.gif | Bin 326 - 0 bytes swat/lang/tr/images/printers.gif| Bin 519 - 0 bytes swat/lang/tr/images/samba.gif | Bin 3643 - 0 bytes swat/lang/tr/images/shares.gif | Bin 474 - 0 bytes swat/lang/tr/images/status.gif | Bin 431 - 0 bytes swat/lang/tr/images/viewconfig.gif | Bin 455 - 0 bytes 69 files changed, 41 insertions(+), 10235 deletions(-) delete
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 9f36d0c build: default --with-regedit to auto instead of yes
via 431eeef build: fix --with-regedit to properly honour the
yes/no/auto scheme
via 356b825 build: simplify ncurses checks: --with-regedit does not
take a path list
from 8d34f2f docs: update the description of the formulas in the
idmap_autorid manpage
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 9f36d0c447b2107798e560ce257026318952c5e2
Author: Michael Adam ob...@samba.org
Date: Mon May 6 13:16:49 2013 +0200
build: default --with-regedit to auto instead of yes
This means we don't build regedit when there is no ncurses
and this is not an error for the overall build.
Signed-off-by: Michael Adam ob...@samba.org
Reviewed-by: Kai Blin k...@samba.org
Autobuild-User(master): Kai Blin k...@samba.org
Autobuild-Date(master): Mon May 6 20:11:09 CEST 2013 on sn-devel-104
commit 431eeef9311a8e172dc782bc91492c94cc5fcde7
Author: Michael Adam ob...@samba.org
Date: Mon May 6 14:14:02 2013 +0200
build: fix --with-regedit to properly honour the yes/no/auto scheme
I.e. fail configure when ncurses support is not found but
regedit build was requested.
Signed-off-by: Michael Adam ob...@samba.org
Reviewed-by: Kai Blin k...@samba.org
commit 356b825838cd97cc43aaa4b108267d1bd5f16ca1
Author: Michael Adam ob...@samba.org
Date: Mon May 6 13:19:24 2013 +0200
build: simplify ncurses checks: --with-regedit does not take a path list
--with-regedit is defined using SAMBA3_ADD_OPTION(), and can hence
take the values yes, no, and auto. So it is not possible to
hand in paths to look for ncurses-config via this option.
Signed-off-by: Michael Adam ob...@samba.org
Reviewed-by: Kai Blin k...@samba.org
---
Summary of changes:
source3/wscript | 19 +--
source3/wscript_configure_system_ncurses | 18 ++
2 files changed, 27 insertions(+), 10 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/wscript b/source3/wscript
index 28fa11f..5e45fac 100644
--- a/source3/wscript
+++ b/source3/wscript
@@ -47,7 +47,7 @@ def set_options(opt):
opt.SAMBA3_ADD_OPTION('cluster-support', default=None)
-opt.SAMBA3_ADD_OPTION('regedit', default=True)
+opt.SAMBA3_ADD_OPTION('regedit', default=None)
opt.add_option('--with-ctdb-dir',
help=(Directory under which ctdb is installed),
@@ -1713,8 +1713,23 @@ main() {
if conf.CHECK_HEADERS('cephfs/libcephfs.h', False, False, 'cephfs') and
conf.CHECK_LIB('cephfs'):
conf.DEFINE('HAVE_CEPH', '1')
-if Options.options.with_regedit:
+conf.env.build_regedit = False
+if not Options.options.with_regedit == False:
conf.PROCESS_SEPARATE_RULE('system_ncurses')
+if conf.CONFIG_SET('HAVE_NCURSES'):
+conf.env.build_regedit = True
+
+if conf.env.build_regedit:
+Logs.info(building regedit)
+else:
+if Options.options.with_regedit == False:
+Logs.info(not building regedit (--without-regedit))
+elif Options.options.with_regedit == True:
+Logs.error(ncurses not available, cannot build regedit)
+conf.fatal(ncurses not available, but --with-regedit was
specified)
+else:
+Logs.info(ncurses not available, not building regedit)
+
default_static_modules.extend(TO_LIST('''pdb_smbpasswd pdb_tdbsam
pdb_wbc_sam
auth_sam auth_unix auth_winbind auth_wbc
diff --git a/source3/wscript_configure_system_ncurses
b/source3/wscript_configure_system_ncurses
index e8c4ab5..5c80429 100644
--- a/source3/wscript_configure_system_ncurses
+++ b/source3/wscript_configure_system_ncurses
@@ -2,19 +2,13 @@ import Logs, Options, sys
Logs.info(Looking for ncurses features)
-if isinstance(Options.options.with_regedit, list):
-path_ncurses_config = [x+'/bin' for x in Options.options.with_regedit]
-else:
-path_ncurses_config = None
-
-conf.find_program('ncurses5-config', path_list=path_ncurses_config,
var='NCURSES_CONFIG')
+conf.find_program('ncurses5-config', var='NCURSES_CONFIG')
if not conf.env.NCURSES_CONFIG:
-conf.find_program('ncurses6-config', path_list=path_ncurses_config,
var='NCURSES_CONFIG')
+conf.find_program('ncurses6-config', var='NCURSES_CONFIG')
if conf.env.NCURSES_CONFIG:
conf.check_cfg(path=conf.env.NCURSES_CONFIG, args=--cflags --libs,
package=, uselib_store=NCURSES)
-conf.env.build_regedit = True
conf.CHECK_HEADERS('ncurses.h menu.h panel.h form.h', lib='ncurses')
@@ -22,3 +16,11 @@ conf.CHECK_FUNCS_IN('initscr', 'ncurses')
conf.CHECK_FUNCS_IN('set_menu_items item_count', 'menu
Re: [Samba] Samba4 Internal DNS - CNAME not working
On 2013-01-31 16:50, Thomas Simmons wrote: Hi Thomas, It seems Samba4 is having problems with CNAME records. I am seeing the same behavior as mentioned in the thread below. Is there any ETA on a fix for this? This is identical to the problem with MX records. This is currently a much bigger problem than the MX records. I appreciate any assistance. Is your CNAME pointing at a CNAME outside of the DNS server's control? If so, you're likely running into https://bugzilla.samba.org/show_bug.cgi?id=9409 Don't have an ETA for a fix, I'm afraid. Cheers, Kai -- Kai Blin Worldforge developer http://www.worldforge.org/ Wine developer http://wiki.winehq.org/KaiBlin Samba team member http://www.samba.org/samba/team/ signature.asc Description: OpenPGP digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 DNS: recursion requested but not available
On 2013-01-29 14:37, Thomas Simmons wrote: Hi Thomas, Do you know if this will be fixed in 4.0.2? Thanks. I'm afraid I didn't get around to work on this yet. I'll update the bug report as soon as I have some new patches. Sorry for the inconvenience, Kai -- Kai Blin Worldforge developer http://www.worldforge.org/ Wine developer http://wiki.winehq.org/KaiBlin Samba team member http://www.samba.org/samba/team/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 DNS: recursion requested but not available
On 2013-01-17 19:27, Thomas Simmons wrote: Hi Thomas, Has this problem been fixed? It looks like the patch referenced above had issues, but there were no further follow-ups in bugzilla. I'm still trying to figure out why the proposed patch doesn't work. Currently I'm getting a better debugging infrastructure in place for all things DNS, I'm hoping to tackle this issue next. My current state is at https://gitweb.samba.org/?p=kai/samba.git;a=shortlog;h=refs/heads/bug9485 but note that this currently has the same issues as the patch on bug #9485. Cheers, Kai -- Kai Blin Worldforge developer http://www.worldforge.org/ Wine developer http://wiki.winehq.org/KaiBlin Samba team member http://www.samba.org/samba/team/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 Internal DNS CNAME entries
On 2013-01-04 15:14, Dominic Evans wrote: I am currently in the progress of testing the replacement of a Windows 2003 DC with a Samba4-based one. In the DNS of old Windows DC we had CNAME entries to alias www.domain.com to serverX.domain.com and ftp.domain.com to serverY.domain.com. This is working and can be tested successfully with dig Is domain.com the zone managed by the internal DNS server? There's a known bug about CNAMEs pointing to A records outside the database, see https://bugzilla.samba.org/show_bug.cgi?id=9409 The CNAME entries were correctly replicated across to the internal DNS server on the new Samba4 DC after it joined the domain, but querying that server for www.domain.com through dig returns no results. However, samba-tool dns query localhost does correctly show the CNAME entry as present. Does the internal DNS server of samba4 not yet support CNAME lookups? It does, with the exception of CNAMEs that point to outside A/ records. We also never set the recursion bit on error returns, which is what causes the warning in dig. Feel free to ignore that. Cheers, Kai -- Kai Blin Worldforge developer http://www.worldforge.org/ Wine developer http://wiki.winehq.org/KaiBlin Samba team member http://www.samba.org/samba/team/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 DNS: recursion requested but not available
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 2012-12-09 08:37, Michael B. Trausch wrote:
Hi Mike,
I am trying to get mail working for a subdomain that is being
managed by Samba 4. I added an MX record, but the problem here is
that the Samba 4 DNS server isn't replying with the record:
=
[mbt@aloe ~]$ dig -t MX nautest.naunetcorp.com @s4.nautest.naunetcorp.com
; DiG 9.9.2-P1-RedHat-9.9.2-5.P1.fc18 -t MX
nautest.naunetcorp.com @s4.nautest.naunetcorp.com ;; global
options: +cmd ;; Got answer: ;; -HEADER- opcode: QUERY, status:
NOTIMP, id: 5782
^^
This one is the important bit. MX queries return NOTIMP. I'm a bit
surprised about that because I was sure I had seen code in the dns
update logc handling this. But apparently I forgot to add code to the
query logic to actually return MX records. Sorry.
;; flags: qr rd ad; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL:
1 ;; WARNING: recursion requested but not available
This is just caused by our error handling code not bothering to set
the 'recursion available' bit on error replies.
The query should return the name and priority of the MX server that
I have defined. The MX shows up in the samba-tool dns query
output, so it's just the DNS server that isn't responding
correctly.
Is this a bug, or is this the result of something I've done wrong?
This clearly is a bug in the DNS server. Attached is a patch that
should fix MX queries for both the 4.0 release branch and master.
I'm afraid we just missed the window for the 4.0.0 release, but I've
opened bug #9485 in Samba Bugzilla to track this bug and get it in for
the next bugfix release.
Thanks for the catch and sorry for any inconvenience.
Kai
- --
Kai Blin
Worldforge developer http://www.worldforge.org/
Wine developer http://wiki.winehq.org/KaiBlin
Samba team member http://www.samba.org/samba/team/
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/
iEYEARECAAYFAlDE7Q0ACgkQEKXX/bF2FpR9pgCfeV1AFdWyF2zHGCZXvy4LcgJ6
SYYAn04b4BCtCCc6oE/+zxA+fxu2S/49
=rGcM
-END PGP SIGNATURE-
From e6b772c3215c3cf677e0268c7283f5b0e6e75abf Mon Sep 17 00:00:00 2001
From: Kai Blin k...@samba.org
Date: Mon, 10 Dec 2012 05:50:05 +1000
Subject: [PATCH] dns: Add support for MX queries
Due to an oversight, the internal DNS server supports MX record updates,
but not MX record queries. Add support for MX queries and tests.
This should fix bug #9485
Signed-off-by: Kai Blin k...@samba.org
---
source4/dns_server/dns_query.c |8 +
source4/scripting/python/samba/tests/dns.py | 42 +++
2 files changed, 50 insertions(+), 0 deletions(-)
diff --git a/source4/dns_server/dns_query.c b/source4/dns_server/dns_query.c
index 54e0c7f..75f0e9f 100644
--- a/source4/dns_server/dns_query.c
+++ b/source4/dns_server/dns_query.c
@@ -89,6 +89,14 @@ static WERROR create_response_rr(const struct dns_name_question *question,
case DNS_QTYPE_PTR:
ans[ai].rdata.ptr_record = talloc_strdup(ans, rec-data.ptr);
break;
+ case DNS_QTYPE_MX:
+ ans[ai].rdata.mx_record.preference = rec-data.mx.wPriority;
+ ans[ai].rdata.mx_record.exchange = talloc_strdup(
+ ans, rec-data.mx.nameTarget);
+ if (ans[ai].rdata.mx_record.exchange == NULL) {
+ return WERR_NOMEM;
+ }
+ break;
case DNS_QTYPE_TXT:
tmp = talloc_asprintf(ans, \%s\, rec-data.txt.str[0]);
W_ERROR_HAVE_NO_MEMORY(tmp);
diff --git a/source4/scripting/python/samba/tests/dns.py b/source4/scripting/python/samba/tests/dns.py
index 49d699e..d01c8ff 100644
--- a/source4/scripting/python/samba/tests/dns.py
+++ b/source4/scripting/python/samba/tests/dns.py
@@ -510,6 +510,48 @@ class TestDNSUpdates(DNSTest):
response = self.dns_transaction_udp(p)
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_NXDOMAIN)
+def test_update_add_mx_record(self):
+test adding MX records works
+p = self.make_name_packet(dns.DNS_OPCODE_UPDATE)
+updates = []
+
+name = self.get_dns_domain()
+
+u = self.make_name_question(name, dns.DNS_QTYPE_SOA, dns.DNS_QCLASS_IN)
+updates.append(u)
+self.finish_name_packet(p, updates)
+
+updates = []
+r = dns.res_rec()
+r.name = %s % self.get_dns_domain()
+r.rr_type = dns.DNS_QTYPE_MX
+r.rr_class = dns.DNS_QCLASS_IN
+r.ttl = 900
+r.length = 0x
+r.rdata = dns.mx_record()
+r.rdata.preference = 10
+r.rdata.exchange = 'mail.%s' % self.get_dns_domain()
+updates.append(r)
+p.nscount = len(updates)
+p.nsrecs = updates
+
+response = self.dns_transaction_udp(p)
+self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
+
+p = self.make_name_packet(dns.DNS_OPCODE_QUERY)
+questions = []
+
+name = %s
Re: [Samba] Samba4-rc4 Internal DNS ACL sync problem
On 2012-11-08 18:27, Innocent Yevide wrote: Hi, I am trying to connect to samba4 internal DNS server from Win7 using DNS manager. but I cannot connect to it; however I am able to connect to the same on windows server. Can you please get a network trace of this? (https://wiki.samba.org/index.php/Capture_Packets) the samba4 dns is however working fine. I can resolve hosts properly. It looks to me like the dns server is working and the dnsserver RPC service is causing trouble. do I need may be to configure anything, or set server role parameter to something? What is your server role set to? Cheers, Kai -- Kai Blin Worldforge developer http://www.worldforge.org/ Wine developer http://wiki.winehq.org/KaiBlin Samba team member http://www.samba.org/samba/team/ signature.asc Description: OpenPGP digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] [SAMBA4 RC1] Strange internal DNS behaviour
On 2012-11-08 22:16, Szymon Życiński wrote: Hi Szymon, I'm using samba4 rc1 since 2 months as PDC with samba4 internal DNS. Everything works but i can't ping domain clients even from samba machine. Clients are named as station00x.domain.lan where x is station number. But even on SambaPDC i can't ping it with for exapmle: ping station004.domain.lan or ping stacja003. Nslookup says that there is no host like that. Funny becouse domain works ok, from machines joined to domain i can't also ping other stations with their names. Query to samba internal dns returns that the hostnames are unknown. Can you check if the DNS entries for these machines exist in the active directory? samba-tool dns query should be able to do that, or the Windows DNS management snap-in. Cheers, Kai -- Kai Blin Worldforge developer http://www.worldforge.org/ Wine developer http://wiki.winehq.org/KaiBlin Samba team member http://www.samba.org/samba/team/ signature.asc Description: OpenPGP digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Internal DNS - TTL enforcement for dynamic updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 2012-10-31 22:25, Dmitry Khromov wrote: Samba 4 rc 3. I had noticed a strange behavior. If host creates a record, it won't be further updated until the record gets deleted manually. What could cause this? What updates are you expecting? Another question: how could the dynamically added record's TTL be enforced? For example, we have a user-based VLAN assignment in our networks. When Windows host boots, it authenticates with machine account and goes to the one of parking VLANs. Later, when user logs in, he gets a different VLAN and different IP address. So, we really want other DNS servers to not cache this records for too long. Normally, this is done by modifying SOA record (and, as I recall, Samba's internal DNS respects TTLs in SOA). But samba-tool can't edit SOA records, MMC DNS snap-in fails to do it too. The TTL only affects caching decisions on the resolver side, so the internal DNS actually doesn't do anything with the TTLs apart from serving them out with the record. Now, if your clients register their DNS records, they get to pick the TTL of the entry themselves. This can probably be affected with a GPO somehow, but I don't know the AD stuff enough to know where to look. I don't think the TTL of the SOA record should affect anything apart from how long resolvers cache the SOA record. Cheers, Kai - -- Kai Blin Worldforge developer http://www.worldforge.org/ Wine developer http://wiki.winehq.org/KaiBlin Samba team member http://www.samba.org/samba/team/ -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iEYEARECAAYFAlCSLckACgkQEKXX/bF2FpSe2wCgjnUF23yZkp4qp7c21o0Kjcj6 M2EAoI2MO2KA5AsoB64OTCORJ7PClAJf =24+4 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Internal DNS - TTL enforcement for dynamic updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 2012-11-01 09:40, Dmitry Khromov wrote: Hi, When Windows DHCP client receives a lease or when you manually issue ipconfig /renew command, Windows sends out DNS messages (unsigned, then signed if needed) with UPDATE opcode towards a NS specified in NS field of SOA with a new IP address for the record. I expected Samba to behave like MS DNS server and replace the old record with a new one. Yes, that should work. If it doesn't work for you, you need to tell us some more details about your smb.conf and maybe provide a network capture of the failing DNS update. That's true. But you may specify expire for the whole zone in SOA to force other DNS servers that provide clients with cached recursion to query upstream NS again after the zone is expired, no matter what the TTL for individual records is - that is what I need. Fair enough. Again, we probably need a network capture to see what's going on with the DNS MMC failing to update the SOA record. Cheers, Kai - -- Kai Blin Worldforge developer http://www.worldforge.org/ Wine developer http://wiki.winehq.org/KaiBlin Samba team member http://www.samba.org/samba/team/ -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iEYEARECAAYFAlCSOyQACgkQEKXX/bF2FpR3JgCbB7Yo+UfygC5vXlv8/Y3p4+dV tnMAn1nlhAe0QttmuPuvna+22CYMW2Cv =SQUJ -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Change DNS method?
On 2012-10-16 05:40, Andrew Bartlett wrote: Hi, I'm having trouble parsing that, but yes, additional patches are required to have the internal DNS server accept static keys. We would need a key storage mechanism, and then code to implement that TSIG method. I've had patches to do this, but ditched them in favour for conflicting patches to implement GSS-TSIG. I think it would be a very valuable improvement. The algorithm is pretty straightforward, but I couldn't get the signature right the last time I tried. However, the logic on what parts of the packet to use for the signature is a bit tricky, but I'm sure I've now got that right for GSS-TSIG. Using a static key with md5 instead of gensec_sign should be straightforward, the interesting question is how and where we store the keys. Cheers, Kai -- Kai Blin Worldforge developer http://www.worldforge.org/ Wine developer http://wiki.winehq.org/KaiBlin Samba team member http://www.samba.org/samba/team/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 2c3a808 s4-dns: Fix the comments about ignoring zones in internal
server
from bddd118 s3:smb2_getinfo ensure proper error for not yet present
quota support
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 2c3a8081ea2fd7eaa2d7bacffc35e0a58c54
Author: Matthieu Patou m...@matws.net
Date: Sat Oct 13 01:36:06 2012 -0700
s4-dns: Fix the comments about ignoring zones in internal server
Acked-By: Kai Blin k...@samba.org
Autobuild-User(master): Kai Blin k...@samba.org
Autobuild-Date(master): Sat Oct 13 12:37:53 CEST 2012 on sn-devel-104
---
Summary of changes:
source4/dns_server/dns_server.c |8 +++-
1 files changed, 7 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dns_server/dns_server.c b/source4/dns_server/dns_server.c
index d139eb7..8e25396 100644
--- a/source4/dns_server/dns_server.c
+++ b/source4/dns_server/dns_server.c
@@ -832,7 +832,13 @@ static void dns_task_init(struct task_server *task)
z-name = ldb_msg_find_attr_as_string(res-msgs[i], name,
NULL);
z-dn = talloc_move(z, res-msgs[i]-dn);
- /* Ignore the RootDNSServers zone and zones that we don't
support yet */
+ /*
+* Ignore the RootDNSServers zone and zones that we don't
support yet
+* RootDNSServers should never be returned (Windows DNS server
don't)
+* ..TrustAnchors should never be returned as is, (Windows
returns
+* TrustAnchors) and for the moment we don't support DNSSEC so
we'd better
+* not return this zone.
+*/
if ((strcmp(z-name, RootDNSServers) == 0) ||
(strcmp(z-name, ..TrustAnchors) == 0)) {
DEBUG(10, (Ignoring zone %s\n, z-name));
--
Samba Shared Repository
Re: [SCM] Samba Shared Repository - branch master updated
On 2012-10-11 21:23, Stefan (metze) Metzmacher wrote: Hi Jelmer, - Log - commit c2d14747d608d406de6410556807d467cd0b85ef Author: Jelmer Vernooij jel...@samba.org Date: Thu Oct 11 14:45:10 2012 +0200 provision: Always create DNS user. The DNS user is currently only used by the bind9 plugin. This makes it easier to later on switch between the builtin DNS server and bind backend. In addition, ideally the internal DNS server would use that (separate) user too. Why? Isn't that the job of samba_upgradedns? I removed this behavior because I want us to match windows as much as possible. +1 Cheers, Kai -- Kai Blin Worldforge developer http://www.worldforge.org/ Wine developer http://wiki.winehq.org/KaiBlin Samba team member http://www.samba.org/samba/team/
Re: [Samba] Internal DNS stops forwarding
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 2012-10-09 15:13, fe...@epepm.cupet.cu wrote: Hi Felix, I think it is. Because all the connections I see when the error occurs are related to the forwarder I declared in smb.conf. The number of connections keeps growing again until the error appears. So I have to restart samba. And, yes, lsof, shows that all connections but 2 are related to the forwarder. An interesting question of course is why your forwarder never answers the requests from the internal DNS server. Is it set up correctly? I agree we really need to fix the timeout, but even then your DNS setup would be broken if the forwarder never answers to queries. Cheers, Kai - -- Kai Blin Worldforge developer http://www.worldforge.org/ Wine developer http://wiki.winehq.org/KaiBlin Samba team member http://www.samba.org/samba/team/ -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iEYEARECAAYFAlB1DJYACgkQEKXX/bF2FpSfqgCcDxrlGPLFYrnY5e4coGOiqZDl /+8An1jOxoJZFxmsNWMlEMs8rOHDL1Bi =8dz/ -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via f4b9007 s4-dns: fix a non handled memory out of memory
from 9f83968 Add samba3.samba3badnameblob test to check regressions in
bug #9215.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit f4b9007faf901db6f703b5109df055081949c3f1
Author: Matthieu Patou m...@matws.net
Date: Mon Oct 1 21:43:11 2012 -0700
s4-dns: fix a non handled memory out of memory
Signed-off-by: Kai Blin k...@samba.org
Autobuild-User(master): Kai Blin k...@samba.org
Autobuild-Date(master): Tue Oct 2 09:43:52 CEST 2012 on sn-devel-104
---
Summary of changes:
source4/dns_server/dns_server.c |1 +
1 files changed, 1 insertions(+), 0 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dns_server/dns_server.c b/source4/dns_server/dns_server.c
index dbdc300..003dd4e 100644
--- a/source4/dns_server/dns_server.c
+++ b/source4/dns_server/dns_server.c
@@ -828,6 +828,7 @@ static void dns_task_init(struct task_server *task)
z = talloc_zero(dns, struct dns_server_zone);
if (z == NULL) {
+ task_server_terminate(task, dns failed to allocate
memory, true);
}
z-name = ldb_msg_find_attr_as_string(res-msgs[i], name,
NULL);
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 8180522 s4 dns: Fix return code for deleted records
via ecb4a8a s4 dns: Get rid of deprecated allocation result check
from 7d0a9f5 selftest: use an array when starting testenv with system()
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 81805222ec7a652e188bd106199820570c9dcaad
Author: Kai Blin k...@samba.org
Date: Sun Sep 30 11:26:24 2012 +0200
s4 dns: Fix return code for deleted records
This fixes bug #9225. We already had a test for this scenario, but the test
wasn't
correct. This patch fixes the test, and also fixes the bug.
Signed-off-by: Kai Blin k...@samba.org
Autobuild-User(master): Kai Blin k...@samba.org
Autobuild-Date(master): Sun Sep 30 13:09:14 CEST 2012 on sn-devel-104
commit ecb4a8a824faf89a442bdd0eeb5ab9f79a14fb40
Author: Kai Blin k...@samba.org
Date: Sun Sep 30 10:44:03 2012 +0200
s4 dns: Get rid of deprecated allocation result check
---
Summary of changes:
source4/dns_server/dns_utils.c |6 ++-
source4/scripting/python/samba/tests/dns.py | 46 +--
2 files changed, 47 insertions(+), 5 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dns_server/dns_utils.c b/source4/dns_server/dns_utils.c
index 11ded68..3988393 100644
--- a/source4/dns_server/dns_utils.c
+++ b/source4/dns_server/dns_utils.c
@@ -201,11 +201,13 @@ WERROR dns_lookup_records(struct dns_server *dns,
if (el == NULL) {
*records = NULL;
*rec_count = 0;
- return WERR_OK;
+ return DNS_ERR(NAME_ERROR);
}
recs = talloc_zero_array(mem_ctx, struct dnsp_DnssrvRpcRecord,
el-num_values);
- W_ERROR_HAVE_NO_MEMORY(recs);
+ if (recs == NULL) {
+ return WERR_NOMEM;
+ }
for (ri = 0; ri el-num_values; ri++) {
struct ldb_val *v = el-values[ri];
enum ndr_err_code ndr_err;
diff --git a/source4/scripting/python/samba/tests/dns.py
b/source4/scripting/python/samba/tests/dns.py
index 7401124..49d699e 100644
--- a/source4/scripting/python/samba/tests/dns.py
+++ b/source4/scripting/python/samba/tests/dns.py
@@ -434,6 +434,10 @@ class TestDNSUpdates(DNSTest):
def test_delete_record(self):
Test if deleting records works
+
+NAME = deleterec.%s % self.get_dns_domain()
+
+# First, create a record to make sure we have a record to delete.
p = self.make_name_packet(dns.DNS_OPCODE_UPDATE)
updates = []
@@ -445,7 +449,43 @@ class TestDNSUpdates(DNSTest):
updates = []
r = dns.res_rec()
-r.name = textrec.%s % self.get_dns_domain()
+r.name = NAME
+r.rr_type = dns.DNS_QTYPE_TXT
+r.rr_class = dns.DNS_QCLASS_IN
+r.ttl = 900
+r.length = 0x
+r.rdata = dns.txt_record()
+r.rdata.txt = 'This is a test'
+updates.append(r)
+p.nscount = len(updates)
+p.nsrecs = updates
+
+response = self.dns_transaction_udp(p)
+self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
+
+# Now check the record is around
+p = self.make_name_packet(dns.DNS_OPCODE_QUERY)
+questions = []
+q = self.make_name_question(NAME, dns.DNS_QTYPE_TXT, dns.DNS_QCLASS_IN)
+questions.append(q)
+
+self.finish_name_packet(p, questions)
+response = self.dns_transaction_udp(p)
+self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
+
+# Now delete the record
+p = self.make_name_packet(dns.DNS_OPCODE_UPDATE)
+updates = []
+
+name = self.get_dns_domain()
+
+u = self.make_name_question(name, dns.DNS_QTYPE_SOA, dns.DNS_QCLASS_IN)
+updates.append(u)
+self.finish_name_packet(p, updates)
+
+updates = []
+r = dns.res_rec()
+r.name = NAME
r.rr_type = dns.DNS_QTYPE_TXT
r.rr_class = dns.DNS_QCLASS_NONE
r.ttl = 0
@@ -459,11 +499,11 @@ class TestDNSUpdates(DNSTest):
response = self.dns_transaction_udp(p)
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
+# And finally check it's gone
p = self.make_name_packet(dns.DNS_OPCODE_QUERY)
questions = []
-name = textrec.%s % self.get_dns_domain()
-q = self.make_name_question(name, dns.DNS_QTYPE_TXT, dns.DNS_QCLASS_IN)
+q = self.make_name_question(NAME, dns.DNS_QTYPE_TXT, dns.DNS_QCLASS_IN)
questions.append(q)
self.finish_name_packet(p, questions)
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 5f97363 s4:dns_server - introduce the wildcard binding feature
from 9e6070b s3-pylibsmb: Add get_oplock_break
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 5f973631b6baecf5f026d07dded9da15650e
Author: Matthias Dieter Wallnöfer m...@samba.org
Date: Sun Aug 12 18:08:20 2012 +0200
s4:dns_server - introduce the wildcard binding feature
We need the wildcard binding feature otherwise we might get bound to a
private interface in case of multiple interfaces and no interfaces
parameter in smb.conf.
Code taken from source4/ldap_server/ldap_server.c
Signed-off-by: Kai Blin k...@samba.org
Autobuild-User(master): Kai Blin k...@samba.org
Autobuild-Date(master): Sun Sep 23 23:44:03 CEST 2012 on sn-devel-104
---
Summary of changes:
source4/dns_server/dns_server.c | 38 --
1 files changed, 28 insertions(+), 10 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dns_server/dns_server.c b/source4/dns_server/dns_server.c
index c88ea83..dbdc300 100644
--- a/source4/dns_server/dns_server.c
+++ b/source4/dns_server/dns_server.c
@@ -669,13 +669,29 @@ static NTSTATUS dns_startup_interfaces(struct dns_server
*dns, struct loadparm_c
return NT_STATUS_INTERNAL_ERROR;
}
- num_interfaces = iface_list_count(ifaces);
+ if (ifaces != NULL) {
+ num_interfaces = iface_list_count(ifaces);
- for (i=0; inum_interfaces; i++) {
- const char *address = talloc_strdup(tmp_ctx,
iface_list_n_ip(ifaces, i));
+ for (i=0; inum_interfaces; i++) {
+ const char *address = talloc_strdup(tmp_ctx,
+
iface_list_n_ip(ifaces, i));
- status = dns_add_socket(dns, model_ops, dns, address,
DNS_SERVICE_PORT);
- NT_STATUS_NOT_OK_RETURN(status);
+ status = dns_add_socket(dns, model_ops, dns, address,
+ DNS_SERVICE_PORT);
+ NT_STATUS_NOT_OK_RETURN(status);
+ }
+ } else {
+ const char **wcard;
+ wcard = iface_list_wildcard(tmp_ctx, lp_ctx);
+ if (wcard == NULL) {
+ DEBUG(0, (No wildcard address available\n));
+ return NT_STATUS_INTERNAL_ERROR;
+ }
+ for (i = 0; wcard[i] != NULL; i++) {
+ status = dns_add_socket(dns, model_ops, dns, wcard[i],
+ DNS_SERVICE_PORT);
+ NT_STATUS_NOT_OK_RETURN(status);
+ }
}
talloc_free(tmp_ctx);
@@ -729,7 +745,7 @@ static void dns_task_init(struct task_server *task)
{
struct dns_server *dns;
NTSTATUS status;
- struct interface *ifaces;
+ struct interface *ifaces = NULL;
int ret;
struct ldb_result *res;
static const char * const attrs[] = { name, NULL};
@@ -747,11 +763,13 @@ static void dns_task_init(struct task_server *task)
break;
}
- load_interface_list(task, task-lp_ctx, ifaces);
+ if (lpcfg_interfaces(task-lp_ctx)
lpcfg_bind_interfaces_only(task-lp_ctx)) {
+ load_interface_list(task, task-lp_ctx, ifaces);
- if (iface_list_count(ifaces) == 0) {
- task_server_terminate(task, dns: no network interfaces
configured, false);
- return;
+ if (iface_list_count(ifaces) == 0) {
+ task_server_terminate(task, dns: no network interfaces
configured, false);
+ return;
+ }
}
task_server_set_title(task, task[dns]);
--
Samba Shared Repository
Re: [Samba] New DNS implementation
On 2012-09-14 05:14, Zane Zakraisek wrote: Hi Zane, Hey everyone. I compiled Beta 9 and used the Bind9 DNS server for Samba DNS. Now I'd like to compile and set up RC1. I hear that it uses the new internal DNS server by default. Is there any additional configuration that needs to be set up here with the new DNS implementation? Depends on if you want to keep running the bind_dlz backend you set up with the beta or not. If you want to keep running the bind plugin, add server services = -dns to your smb.conf globals section. If you want to run the internal dns server, you probably don't need to set up anything, but make sure /etc/resolv.conf points at your server's IP address and not at 127.0.0.1. Cheers, Kai -- Kai Blin Worldforge developer http://www.worldforge.org/ Wine developer http://wiki.winehq.org/KaiBlin Samba team member http://www.samba.org/samba/team/ signature.asc Description: OpenPGP digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] reverse dns zone managed by samba4
On 2012-09-12 20:28, Hleb Valoshka wrote: While it's possible to create reverse zone in samba4 directory, it's impossible to update it the same way as forward zone. Why? How did you create the zone, how did you try to update it, and what exactly happens? Does any solution exist which allows to store in samba4 AD? If it doesn't work, that's just a bug or setup problem somewhere. Let's find and fix it. :) Cheers, Kai -- Kai Blin Worldforge developer http://www.worldforge.org/ Wine developer http://wiki.winehq.org/KaiBlin Samba team member http://www.samba.org/samba/team/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 8ba8020 s4 dns: Make debug output less noisy
via 319b239 s4 dns: Check if signing user is allowed to update records
from 44fd8e7 fileserver:sysquotas: remove wrong cast
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 8ba802058644910741dc80940420781450a924b7
Author: Kai Blin k...@samba.org
Date: Thu Sep 6 22:53:32 2012 +0200
s4 dns: Make debug output less noisy
Autobuild-User(master): Kai Blin k...@samba.org
Autobuild-Date(master): Fri Sep 7 00:31:56 CEST 2012 on sn-devel-104
commit 319b239dc4aeb2c6a928a70fc7a7dbad56d273cd
Author: Kai Blin k...@samba.org
Date: Thu Sep 6 22:40:56 2012 +0200
s4 dns: Check if signing user is allowed to update records
This should fix bug #9142
---
Summary of changes:
source4/dns_server/dns_crypto.c |4 +-
source4/dns_server/dns_query.c |2 +-
source4/dns_server/dns_server.c |2 +-
source4/dns_server/dns_update.c | 86 --
4 files changed, 67 insertions(+), 27 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dns_server/dns_crypto.c b/source4/dns_server/dns_crypto.c
index 7362adc..7604a05 100644
--- a/source4/dns_server/dns_crypto.c
+++ b/source4/dns_server/dns_crypto.c
@@ -121,7 +121,7 @@ WERROR dns_verify_tsig(struct dns_server *dns,
/* The TSIG record needs to be the last additional record */
if (found_tsig i + 1 != packet-arcount) {
- DEBUG(0, (TSIG record not the last additional record!\n));
+ DEBUG(1, (TSIG record not the last additional record!\n));
return DNS_ERR(FORMAT_ERROR);
}
@@ -218,7 +218,7 @@ WERROR dns_verify_tsig(struct dns_server *dns,
}
if (!NT_STATUS_IS_OK(status)) {
- DEBUG(0, (Verifying tsig failed: %s\n, nt_errstr(status)));
+ DEBUG(1, (Verifying tsig failed: %s\n, nt_errstr(status)));
return ntstatus_to_werror(status);
}
diff --git a/source4/dns_server/dns_query.c b/source4/dns_server/dns_query.c
index 98ebc63..54e0c7f 100644
--- a/source4/dns_server/dns_query.c
+++ b/source4/dns_server/dns_query.c
@@ -509,7 +509,7 @@ static WERROR handle_tkey(struct dns_server *dns,
return WERR_NOMEM;
}
} else {
- DEBUG(0, (GSS key negotiation returned %s\n,
nt_errstr(status)));
+ DEBUG(1, (GSS key negotiation returned %s\n,
nt_errstr(status)));
ret_tkey-rdata.tkey_record.error = DNS_RCODE_BADKEY;
}
diff --git a/source4/dns_server/dns_server.c b/source4/dns_server/dns_server.c
index d9851b1..be1fecc 100644
--- a/source4/dns_server/dns_server.c
+++ b/source4/dns_server/dns_server.c
@@ -147,7 +147,7 @@ static struct tevent_req *dns_process_send(TALLOC_CTX
*mem_ctx,
ret = dns_verify_tsig(dns, state, state-state, state-in_packet, in);
if (!W_ERROR_IS_OK(ret)) {
- DEBUG(0, (Bailing out early!\n));
+ DEBUG(1, (Failed to verify TSIG!\n));
state-dns_err = werr_to_dns_err(ret);
tevent_req_done(req);
return tevent_req_post(req, ev);
diff --git a/source4/dns_server/dns_update.c b/source4/dns_server/dns_update.c
index 61850a1..2df0b58 100644
--- a/source4/dns_server/dns_update.c
+++ b/source4/dns_server/dns_update.c
@@ -31,6 +31,7 @@
#include dsdb/common/util.h
#include smbd/service_task.h
#include dns_server/dns_server.h
+#include auth/auth.h
static WERROR dns_rr_to_dnsp(TALLOC_CTX *mem_ctx,
const struct dns_res_rec *rrec,
@@ -381,7 +382,8 @@ done:
static WERROR handle_one_update(struct dns_server *dns,
TALLOC_CTX *mem_ctx,
const struct dns_name_question *zone,
- const struct dns_res_rec *update)
+ const struct dns_res_rec *update,
+ const struct dns_server_tkey *tkey)
{
struct dnsp_DnssrvRpcRecord *recs = NULL;
uint16_t rcount = 0;
@@ -389,6 +391,7 @@ static WERROR handle_one_update(struct dns_server *dns,
uint16_t i;
WERROR werror;
bool needs_add = false;
+ uint32_t access_mask = 0;
DEBUG(2, (Looking at record: \n));
if (DEBUGLVL(2)) {
@@ -421,9 +424,24 @@ static WERROR handle_one_update(struct dns_server *dns,
rcount = 0;
needs_add = true;
werror = WERR_OK;
+ access_mask = SEC_ADS_CREATE_CHILD;
}
W_ERROR_NOT_OK_RETURN(werror);
+ access_mask = SEC_STD_REQUIRED | SEC_ADS_SELF_WRITE;
+
+ if (tkey != NULL
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 2311a2c s4 dns: Allow configuring signed updates
via b5dd26c s4 dns: Make sure to remember incoming tkey name
via 140a8d8 more tsig_verify stuff
via 17c91b5 drop me
via cf4333b hack: dns_sign_tsig correct memcpy
via a0c2453 HACK remove debug statement
via f3e44c3 s4 dns: Verify incoming TSIG signatures
via fc9de26 s4 dns: Handle GSS-TSIG signatures
from 15e3991 build: Remove unused deps from vfs modules
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 2311a2c9f5fdcb6f8336dbdb972963a35890a200
Author: Kai Blin k...@samba.org
Date: Wed Sep 5 01:27:00 2012 +0200
s4 dns: Allow configuring signed updates
Autobuild-User(master): Kai Blin k...@samba.org
Autobuild-Date(master): Wed Sep 5 10:45:22 CEST 2012 on sn-devel-104
commit b5dd26cc694230ce9526369eb2ac4175a2d90abb
Author: Kai Blin k...@samba.org
Date: Wed Sep 5 01:26:16 2012 +0200
s4 dns: Make sure to remember incoming tkey name
commit 140a8d86acd9fe1b00a2865552f16f6250280d32
Author: Kai Blin k...@samba.org
Date: Wed Sep 5 08:09:22 2012 +0200
more tsig_verify stuff
commit 17c91b5db0363b61c5f41d62b1c8073e89b40f09
Author: Kai Blin k...@samba.org
Date: Wed Sep 5 08:08:49 2012 +0200
drop me
commit cf4333b0cd675271628d89ec263b9a352fa63906
Author: Kai Blin k...@samba.org
Date: Wed Sep 5 08:08:24 2012 +0200
hack: dns_sign_tsig correct memcpy
commit a0c2453405fe8e92e0871b79eec0ceb76eec0aaa
Author: Kai Blin k...@samba.org
Date: Wed Sep 5 08:07:45 2012 +0200
HACK remove debug statement
commit f3e44c390c0082e585aec83372cdcdde19d76016
Author: Kai Blin k...@samba.org
Date: Mon Sep 3 08:06:55 2012 +0200
s4 dns: Verify incoming TSIG signatures
commit fc9de264972ba46cfd9e8fc67e25aa7ee1fd51a2
Author: Kai Blin k...@samba.org
Date: Sun Sep 2 21:43:52 2012 +0200
s4 dns: Handle GSS-TSIG signatures
---
Summary of changes:
librpc/idl/dns.idl | 14 ++
source4/dns_server/dns_crypto.c | 359 ++
source4/dns_server/dns_query.c | 110 ++--
source4/dns_server/dns_server.c | 23 +++
source4/dns_server/dns_server.h | 18 ++
source4/dns_server/dns_update.c |7 +-
source4/dns_server/dns_utils.c |2 +
source4/dns_server/wscript_build |2 +-
8 files changed, 475 insertions(+), 60 deletions(-)
create mode 100644 source4/dns_server/dns_crypto.c
Changeset truncated at 500 lines:
diff --git a/librpc/idl/dns.idl b/librpc/idl/dns.idl
index a92c418..984f2b3 100644
--- a/librpc/idl/dns.idl
+++ b/librpc/idl/dns.idl
@@ -192,6 +192,20 @@ interface dns
uint8 other_data[other_size];
} dns_tsig_record;
+ typedef [flag(NDR_NOALIGN|NDR_BIG_ENDIAN|NDR_PAHEX),public] struct {
+ dns_string name;
+ dns_qclass rr_class;
+ uint32 ttl;
+ dns_string algorithm_name;
+ uint16 time_prefix; /* 0 until February 2106*/
+ uint32 time;
+ uint16 fudge;
+ uint16 original_id;
+ uint16 error;
+ uint16 other_size;
+ uint8 other_data[other_size];
+ } dns_fake_tsig_rec;
+
typedef [nodiscriminant,public,flag(NDR_NOALIGN)] union {
[case(DNS_QTYPE_A)] ipv4address ipv4_record;
[case(DNS_QTYPE_NS)]dns_string ns_record;
diff --git a/source4/dns_server/dns_crypto.c b/source4/dns_server/dns_crypto.c
new file mode 100644
index 000..7362adc
--- /dev/null
+++ b/source4/dns_server/dns_crypto.c
@@ -0,0 +1,359 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ DNS server handler for signed packets
+
+ Copyright (C) 2012 Kai Blin k...@samba.org
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see http://www.gnu.org/licenses/.
+*/
+
+#include includes.h
+#include lib/crypto/hmacmd5.h
+#include system/network.h
+#include librpc/ndr/libndr.h
+#include librpc/gen_ndr/ndr_dns.h
+#include dns_server/dns_server.h
+#include libcli/util/ntstatus.h
+#include auth/auth.h
+#include auth/gensec/gensec.h
+
+static WERROR
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 558fa4c s4 dns: Revert erroneous push from wrong branch
from 92bd7b0 s3:smb2_create: check for SMB2_CREATE_TAG_DHNC first
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 558fa4c45a87704c57893d61a5431fc8bb51385a
Author: Kai Blin k...@samba.org
Date: Wed Sep 5 11:07:55 2012 +0200
s4 dns: Revert erroneous push from wrong branch
I've pushed the wrong branch for this, sorry about that.
Autobuild-User(master): Kai Blin k...@samba.org
Autobuild-Date(master): Wed Sep 5 14:10:54 CEST 2012 on sn-devel-104
---
Summary of changes:
librpc/idl/dns.idl | 14 --
source4/dns_server/dns_crypto.c | 359 --
source4/dns_server/dns_query.c | 110 ++--
source4/dns_server/dns_server.c | 23 ---
source4/dns_server/dns_server.h | 18 --
source4/dns_server/dns_update.c |7 +-
source4/dns_server/dns_utils.c |2 -
source4/dns_server/wscript_build |2 +-
8 files changed, 60 insertions(+), 475 deletions(-)
delete mode 100644 source4/dns_server/dns_crypto.c
Changeset truncated at 500 lines:
diff --git a/librpc/idl/dns.idl b/librpc/idl/dns.idl
index 984f2b3..a92c418 100644
--- a/librpc/idl/dns.idl
+++ b/librpc/idl/dns.idl
@@ -192,20 +192,6 @@ interface dns
uint8 other_data[other_size];
} dns_tsig_record;
- typedef [flag(NDR_NOALIGN|NDR_BIG_ENDIAN|NDR_PAHEX),public] struct {
- dns_string name;
- dns_qclass rr_class;
- uint32 ttl;
- dns_string algorithm_name;
- uint16 time_prefix; /* 0 until February 2106*/
- uint32 time;
- uint16 fudge;
- uint16 original_id;
- uint16 error;
- uint16 other_size;
- uint8 other_data[other_size];
- } dns_fake_tsig_rec;
-
typedef [nodiscriminant,public,flag(NDR_NOALIGN)] union {
[case(DNS_QTYPE_A)] ipv4address ipv4_record;
[case(DNS_QTYPE_NS)]dns_string ns_record;
diff --git a/source4/dns_server/dns_crypto.c b/source4/dns_server/dns_crypto.c
deleted file mode 100644
index 7362adc..000
--- a/source4/dns_server/dns_crypto.c
+++ /dev/null
@@ -1,359 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
-
- DNS server handler for signed packets
-
- Copyright (C) 2012 Kai Blin k...@samba.org
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 3 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program. If not, see http://www.gnu.org/licenses/.
-*/
-
-#include includes.h
-#include lib/crypto/hmacmd5.h
-#include system/network.h
-#include librpc/ndr/libndr.h
-#include librpc/gen_ndr/ndr_dns.h
-#include dns_server/dns_server.h
-#include libcli/util/ntstatus.h
-#include auth/auth.h
-#include auth/gensec/gensec.h
-
-static WERROR dns_copy_tsig(TALLOC_CTX *mem_ctx,
- struct dns_res_rec *old,
- struct dns_res_rec *new_rec)
-{
- new_rec-name = talloc_strdup(mem_ctx, old-name);
- W_ERROR_HAVE_NO_MEMORY(new_rec-name);
-
- new_rec-rr_type = old-rr_type;
- new_rec-rr_class = old-rr_class;
- new_rec-ttl = old-ttl;
- new_rec-length = old-length;
- new_rec-rdata.tsig_record.algorithm_name = talloc_strdup(mem_ctx,
- old-rdata.tsig_record.algorithm_name);
- W_ERROR_HAVE_NO_MEMORY(new_rec-rdata.tsig_record.algorithm_name);
-
- new_rec-rdata.tsig_record.time_prefix =
old-rdata.tsig_record.time_prefix;
- new_rec-rdata.tsig_record.time = old-rdata.tsig_record.time;
- new_rec-rdata.tsig_record.fudge = old-rdata.tsig_record.fudge;
- new_rec-rdata.tsig_record.mac_size = old-rdata.tsig_record.mac_size;
- new_rec-rdata.tsig_record.mac = talloc_memdup(mem_ctx,
- old-rdata.tsig_record.mac,
- old-rdata.tsig_record.mac_size);
- W_ERROR_HAVE_NO_MEMORY(new_rec-rdata.tsig_record.mac);
-
- new_rec-rdata.tsig_record.original_id =
old-rdata.tsig_record.original_id;
- new_rec-rdata.tsig_record.error = old-rdata.tsig_record.error
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 5e492f8 s4 dns: Allow configuring signed updates
via 2b17566 s4 dns: Make sure to remember incoming tkey name
via 53f602c s4 dns: Verify incoming TSIG signatures
via 7fe5e2c s4 dns: Handle GSS-TSIG signature creation
via 956f41b s4 dns: When we got a TKEY, we need to remember which key
to use for signing
via e81d026 s4 dns: TKEY record needs to remember incoming algorithm
via c0e6a4b s4 dns: Move dns_find_tkey to an extra file
via 22fda8c s4 dns: Create IDL entry for TSIG-like record needed for
signature check
from 58d8d94 s4-dns: Fix linking the dns service.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 5e492f8d324d269c2eb0e12f6dca2cb8133c4b8e
Author: Kai Blin k...@samba.org
Date: Wed Sep 5 01:27:00 2012 +0200
s4 dns: Allow configuring signed updates
Autobuild-User(master): Kai Blin k...@samba.org
Autobuild-Date(master): Wed Sep 5 20:42:46 CEST 2012 on sn-devel-104
commit 2b17566e8902a326253257e1665b3b7a49e1aa26
Author: Kai Blin k...@samba.org
Date: Wed Sep 5 01:26:16 2012 +0200
s4 dns: Make sure to remember incoming tkey name
commit 53f602c3744c0952f3385a39d5984d5a47b9905c
Author: Kai Blin k...@samba.org
Date: Wed Sep 5 08:34:49 2012 +0200
s4 dns: Verify incoming TSIG signatures
commit 7fe5e2cdcb17cee06ebde2717439c0aa964ac026
Author: Kai Blin k...@samba.org
Date: Wed Sep 5 08:34:04 2012 +0200
s4 dns: Handle GSS-TSIG signature creation
commit 956f41bddf946d5e1e35f06632f40e7ac71b6588
Author: Kai Blin k...@samba.org
Date: Wed Sep 5 08:29:38 2012 +0200
s4 dns: When we got a TKEY, we need to remember which key to use for signing
commit e81d026576cd1df9eb406c8ef0b0f27b7188b8ea
Author: Kai Blin k...@samba.org
Date: Wed Sep 5 08:27:28 2012 +0200
s4 dns: TKEY record needs to remember incoming algorithm
Samba3 (and older windows versions) use gss.microsoft.com, win7 (and the
RFC) use gss-tsig
commit c0e6a4b1b07c7aff49f19c4d8cf3de1ff020afab
Author: Kai Blin k...@samba.org
Date: Wed Sep 5 08:24:52 2012 +0200
s4 dns: Move dns_find_tkey to an extra file
commit 22fda8cb155041556a51106e5b1f058378c2c05b
Author: Kai Blin k...@samba.org
Date: Wed Sep 5 08:16:43 2012 +0200
s4 dns: Create IDL entry for TSIG-like record needed for signature check
---
Summary of changes:
librpc/idl/dns.idl | 14 ++
source4/dns_server/dns_crypto.c | 359 ++
source4/dns_server/dns_query.c | 110 ++--
source4/dns_server/dns_server.c | 20 ++
source4/dns_server/dns_server.h | 18 ++
source4/dns_server/dns_update.c |7 +-
source4/dns_server/dns_utils.c |2 +
source4/dns_server/wscript_build |2 +-
8 files changed, 472 insertions(+), 60 deletions(-)
create mode 100644 source4/dns_server/dns_crypto.c
Changeset truncated at 500 lines:
diff --git a/librpc/idl/dns.idl b/librpc/idl/dns.idl
index a92c418..984f2b3 100644
--- a/librpc/idl/dns.idl
+++ b/librpc/idl/dns.idl
@@ -192,6 +192,20 @@ interface dns
uint8 other_data[other_size];
} dns_tsig_record;
+ typedef [flag(NDR_NOALIGN|NDR_BIG_ENDIAN|NDR_PAHEX),public] struct {
+ dns_string name;
+ dns_qclass rr_class;
+ uint32 ttl;
+ dns_string algorithm_name;
+ uint16 time_prefix; /* 0 until February 2106*/
+ uint32 time;
+ uint16 fudge;
+ uint16 original_id;
+ uint16 error;
+ uint16 other_size;
+ uint8 other_data[other_size];
+ } dns_fake_tsig_rec;
+
typedef [nodiscriminant,public,flag(NDR_NOALIGN)] union {
[case(DNS_QTYPE_A)] ipv4address ipv4_record;
[case(DNS_QTYPE_NS)]dns_string ns_record;
diff --git a/source4/dns_server/dns_crypto.c b/source4/dns_server/dns_crypto.c
new file mode 100644
index 000..7362adc
--- /dev/null
+++ b/source4/dns_server/dns_crypto.c
@@ -0,0 +1,359 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ DNS server handler for signed packets
+
+ Copyright (C) 2012 Kai Blin k...@samba.org
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via c256566 s4 dns: Store TKEYs in a ringbuffer
from e4505fc tdb: return unpack error on strdup failure
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit c256566aa97e040a9b3007c779b1006d20462ccb
Author: Kai Blin k...@samba.org
Date: Fri Aug 31 13:41:19 2012 +0200
s4 dns: Store TKEYs in a ringbuffer
This stops us from potentially being DoSed by tons of TKEYs
Autobuild-User(master): Kai Blin k...@samba.org
Autobuild-Date(master): Fri Aug 31 22:46:01 CEST 2012 on sn-devel-104
---
Summary of changes:
source4/dns_server/dns_query.c | 125 ++-
source4/dns_server/dns_server.c | 27
source4/dns_server/dns_server.h | 11 +++-
3 files changed, 106 insertions(+), 57 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dns_server/dns_query.c b/source4/dns_server/dns_query.c
index e9c3a24..530b7b2 100644
--- a/source4/dns_server/dns_query.c
+++ b/source4/dns_server/dns_query.c
@@ -36,7 +36,6 @@
#include auth/auth.h
#include auth/credentials/credentials.h
#include auth/gensec/gensec.h
-#include lib/util/dlinklist.h
static WERROR create_response_rr(const struct dns_name_question *question,
const struct dnsp_DnssrvRpcRecord *rec,
@@ -321,19 +320,73 @@ static WERROR handle_question(struct dns_server *dns,
return WERR_OK;
}
-static NTSTATUS create_new_tkey(TALLOC_CTX *mem_ctx,
- struct dns_server *dns,
- struct dns_server_tkey **tkey,
- const char* name)
+static NTSTATUS accept_gss_ticket(TALLOC_CTX *mem_ctx,
+ struct dns_server *dns,
+ struct dns_server_tkey *tkey,
+ const DATA_BLOB *key,
+ DATA_BLOB *reply,
+ uint16_t *dns_auth_error)
+{
+ NTSTATUS status;
+
+ status = gensec_update(tkey-gensec, mem_ctx, dns-task-event_ctx,
+ *key, reply);
+
+ if (NT_STATUS_EQUAL(NT_STATUS_MORE_PROCESSING_REQUIRED, status)) {
+ *dns_auth_error = DNS_RCODE_OK;
+ return status;
+ }
+
+ if (NT_STATUS_IS_OK(status)) {
+
+ status = gensec_session_info(tkey-gensec, tkey,
tkey-session_info);
+ if (!NT_STATUS_IS_OK(status)) {
+ *dns_auth_error = DNS_RCODE_BADKEY;
+ return status;
+ }
+ *dns_auth_error = DNS_RCODE_OK;
+ }
+
+ return status;
+}
+
+static struct dns_server_tkey *find_tkey(struct dns_server_tkey_store *store,
+const char *name)
+{
+ struct dns_server_tkey *tkey = NULL;
+ uint16_t i = 0;
+
+ do {
+ struct dns_server_tkey *tmp_key = store-tkeys[i];
+
+ i++;
+ i %= TKEY_BUFFER_SIZE;
+
+ if (tmp_key == NULL) {
+ continue;
+ }
+ if (dns_name_equal(name, tmp_key-name)) {
+ tkey = tmp_key;
+ break;
+ }
+ } while (i != 0);
+
+ return tkey;
+}
+
+static NTSTATUS create_tkey(struct dns_server *dns,
+ const char* name,
+ struct dns_server_tkey **tkey)
{
NTSTATUS status;
- struct dns_server_tkey *k = talloc_zero(mem_ctx, struct
dns_server_tkey);
+ struct dns_server_tkey_store *store = dns-tkeys;
+ struct dns_server_tkey *k = talloc_zero(store, struct dns_server_tkey);
if (k == NULL) {
return NT_STATUS_NO_MEMORY;
}
- k-name = talloc_strdup(mem_ctx, name);
+ k-name = talloc_strdup(k, name);
if (k-name == NULL) {
return NT_STATUS_NO_MEMORY;
@@ -363,52 +416,16 @@ static NTSTATUS create_new_tkey(TALLOC_CTX *mem_ctx,
return status;
}
- *tkey = k;
- return NT_STATUS_OK;
-}
-
-static NTSTATUS accept_gss_ticket(TALLOC_CTX *mem_ctx,
- struct dns_server *dns,
- struct dns_server_tkey *tkey,
- const DATA_BLOB *key,
- DATA_BLOB *reply,
- uint16_t *dns_auth_error)
-{
- NTSTATUS status;
-
- status = gensec_update(tkey-gensec, mem_ctx, dns-task-event_ctx,
- *key, reply);
-
- if (NT_STATUS_EQUAL(NT_STATUS_MORE_PROCESSING_REQUIRED, status)) {
- *dns_auth_error = DNS_RCODE_OK;
- return status;
+ if (store-tkeys
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via cea3bdb wintest: enable dns forwarding for internal dns
via 1318b5b wintest: get original nameserver for forwarding on a more
general place
via 5305570 wintest: extend get_is_dc function with additional
expectations
via 884e28f6 wintest: check netcats exitstatus instead of output
via ed3ded1 wintest: set recursive queries for internal dns
via b45d4be wintest: add option to select the dns backend
via 09bee25 wintest: set nameserver on a more general place
via 226dbc1 wintest: add option to use ntvfs instead of s3fs
via 9fcd4a8 wintest: add working bbaumbach.conf file for use with
VirtualBox
from dd763d6 Fix bug #8974 - Kernel oplocks are broken when uid(file) !=
uid(process).
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit cea3bdb1031c95b874447676bcecfdd3b4731968
Author: Björn Baumbach b...@sernet.de
Date: Thu Jun 21 13:45:18 2012 +0200
wintest: enable dns forwarding for internal dns
Internal DNS will forward dns requests to the original nameserver
(specified in resolv.conf).
Signed-off-by: Kai Blin k...@samba.org
Autobuild-User(master): Kai Blin k...@samba.org
Autobuild-Date(master): Thu Jun 21 23:47:35 CEST 2012 on sn-devel-104
commit 1318b5bb2c6ebc2a810cb899a27daf5d90505559
Author: Björn Baumbach b...@sernet.de
Date: Thu Jun 21 13:43:22 2012 +0200
wintest: get original nameserver for forwarding on a more general place
Signed-off-by: Kai Blin k...@samba.org
commit 5305570758e93cbe84f58161d71d65b219dde467
Author: Björn Baumbach b...@sernet.de
Date: Tue Jun 5 13:57:59 2012 +0200
wintest: extend get_is_dc function with additional expectations
Windows Server 2003 r2 answers wintest2k3 is not a DC.
Signed-off-by: Kai Blin k...@samba.org
commit 884e28f66b01a8bf21f855f91875f22defa121ab
Author: Björn Baumbach b...@sernet.de
Date: Tue Jun 12 19:45:51 2012 +0200
wintest: check netcats exitstatus instead of output
There are many netcat implementations with different output messages.
Signed-off-by: Kai Blin k...@samba.org
commit ed3ded11220d16c5ebfefd7e165eeb32e185f452
Author: Björn Baumbach b...@sernet.de
Date: Tue Jun 5 10:35:19 2012 +0200
wintest: set recursive queries for internal dns
Need dns recursive queries = yes, since
host expects answers with RA-bit.
Signed-off-by: Kai Blin k...@samba.org
commit b45d4beca54428cb71994fed40d44c9ba06bb4d3
Author: Björn Baumbach b...@sernet.de
Date: Thu May 31 14:15:47 2012 +0200
wintest: add option to select the dns backend
This is an option to use the internal dns.
Signed-off-by: Kai Blin k...@samba.org
commit 09bee254f028368e59a462ab5d487546da6f940a
Author: Björn Baumbach b...@sernet.de
Date: Fri Jun 1 16:16:16 2012 +0200
wintest: set nameserver on a more general place
Signed-off-by: Kai Blin k...@samba.org
commit 226dbc116da7eb59fd59a9fb8a88c05a13b74e05
Author: Björn Baumbach b...@sernet.de
Date: Thu May 31 11:13:59 2012 +0200
wintest: add option to use ntvfs instead of s3fs
Signed-off-by: Kai Blin k...@samba.org
commit 9fcd4a83a5c75d227846467756c64d2bf5adde9a
Author: Björn Baumbach b...@sernet.de
Date: Wed May 30 15:00:07 2012 +0200
wintest: add working bbaumbach.conf file for use with VirtualBox
Signed-off-by: Kai Blin k...@samba.org
---
Summary of changes:
wintest/conf/bbaumbach.conf | 97 +++
wintest/test-s4-howto.py| 36 +++-
wintest/wintest.py | 46
3 files changed, 158 insertions(+), 21 deletions(-)
create mode 100644 wintest/conf/bbaumbach.conf
Changeset truncated at 500 lines:
diff --git a/wintest/conf/bbaumbach.conf b/wintest/conf/bbaumbach.conf
new file mode 100644
index 000..aaacd32
--- /dev/null
+++ b/wintest/conf/bbaumbach.conf
@@ -0,0 +1,97 @@
+# Björn Baumbachs wintest config file
+# Using VirtualBox in headless mode. Since it's not possible to
+# startup VMs in gui mode.
+
+# where the git checkout is
+SOURCETREE: /home/bbaumba/src/git/samba
+
+# where to install Samba to
+PREFIX: /smbTest/wintest
+
+# debug level which will be put in smb.conf
+DEBUGLEVEL : 1
+
+# commands to control VMs
+VM_POWEROFF : su bbaumba -c VBoxManage controlvm ${VMNAME} poweroff
+VM_RESTORE: su bbaumba -c VBoxManage snapshot ${VMNAME} restore
${SNAPSHOT} VBoxManage startvm ${VMNAME} --type headless
+VM_RESET : su bbaumba -c VBoxManage controlvm ${VMNAME} reset
+
+# interfaces to listen on
+INTERFACE : wintest
+
+# this is an additional IP that will be used for named to listen
+# on. It should
Re: [Samba] Samba 4 samba-tool dns question
On 2012-06-13 11:21, Trever L. Adams wrote: Hi Trever, /usr/local/samba/bin/samba-tool dns add s4server.example.org example.org example.org TXT v=spf1 mx -all I am not sure it is because it is showing up with dig as v=spf1 mx -all where it should be all one string, I believe. Well, this is how the current code is set up, Amitay added this behavior to the DLZ backend recently, and I followed along for the internal server. I'm not aware of how the string tokenization is actually described in the standard. I'm also not sure if the issue actually is that samba-tool doesn't preserve the quotes around the string, so the data is tokenized when added to the AD record. Amitay, any insights on that one? Cheers, Kai -- Kai Blin Worldforge developer http://www.worldforge.org/ Wine developer http://wiki.winehq.org/KaiBlin Samba team member http://www.samba.org/samba/team/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via f3df298 s4 dns: Correctly handle A questions for CNAMEs
via 754c60e s4 dns: Structure tests a bit better
from 02d9ba6 s3:smbd: change user_struct-vuid to uint64_t
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit f3df2988ba6928cde0bd89da321bbe74fd76f53f
Author: Kai Blin k...@samba.org
Date: Fri Jun 1 08:05:54 2012 +0200
s4 dns: Correctly handle A questions for CNAMEs
When an A/ lookup is made for a name that actually is a CNAME
record, we need to return the CNAME record, and then do the A/
lookup for the name the CNAME points at.
This still fails for CNAMEs pointing at records for domains we need to
ask our forwarders for.
Autobuild-User: Kai Blin k...@samba.org
Autobuild-Date: Wed Jun 6 15:23:55 CEST 2012 on sn-devel-104
commit 754c60e4175c8cd077766cd6ea762bd46cdd41af
Author: Kai Blin k...@samba.org
Date: Wed May 30 08:08:53 2012 +0200
s4 dns: Structure tests a bit better
---
Summary of changes:
source4/dns_server/dns_query.c | 61 +++--
source4/scripting/python/samba/tests/dns.py | 79 +++
2 files changed, 135 insertions(+), 5 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dns_server/dns_query.c b/source4/dns_server/dns_query.c
index 0e63058..40df3a1 100644
--- a/source4/dns_server/dns_query.c
+++ b/source4/dns_server/dns_query.c
@@ -231,11 +231,11 @@ static WERROR handle_question(struct dns_server *dns,
const struct dns_name_question *question,
struct dns_res_rec **answers, uint16_t *ancount)
{
- struct dns_res_rec *ans;
+ struct dns_res_rec *ans = *answers;
WERROR werror;
unsigned int ri;
struct dnsp_DnssrvRpcRecord *recs;
- uint16_t rec_count, ai = 0;
+ uint16_t rec_count, ai = *ancount;
struct ldb_dn *dn = NULL;
werror = dns_name2dn(dns, mem_ctx, question-name, dn);
@@ -244,16 +244,67 @@ static WERROR handle_question(struct dns_server *dns,
werror = dns_lookup_records(dns, mem_ctx, dn, recs, rec_count);
W_ERROR_NOT_OK_RETURN(werror);
- ans = talloc_zero_array(mem_ctx, struct dns_res_rec, rec_count);
- W_ERROR_HAVE_NO_MEMORY(ans);
+ ans = talloc_realloc(mem_ctx, ans, struct dns_res_rec, rec_count + ai);
+ if (ans == NULL) {
+ return WERR_NOMEM;
+ }
for (ri = 0; ri rec_count; ri++) {
+ if ((recs[ri].wType == DNS_TYPE_CNAME)
+ ((question-question_type == DNS_QTYPE_A) ||
+(question-question_type == DNS_QTYPE_))) {
+ struct dns_name_question *new_q =
+ talloc(mem_ctx, struct dns_name_question);
+
+ if (new_q == NULL) {
+ return WERR_NOMEM;
+ }
+
+ /* We reply with one more record, so grow the array */
+ ans = talloc_realloc(mem_ctx, ans, struct dns_res_rec,
+rec_count + 1);
+ if (ans == NULL) {
+ TALLOC_FREE(new_q);
+ return WERR_NOMEM;
+ }
+
+ /* First put in the CNAME record */
+ werror = create_response_rr(question, recs[ri], ans,
ai);
+ if (!W_ERROR_IS_OK(werror)) {
+ return werror;
+ }
+
+ /* And then look up the name it points at.. */
+
+ /* First build up the new question */
+ new_q-question_type = question-question_type;
+ new_q-question_class = question-question_class;
+ if (new_q-question_type == DNS_QTYPE_A) {
+ new_q-name = talloc_strdup(new_q,
recs[ri].data.ipv4);
+ } else if (new_q-question_type == DNS_QTYPE_) {
+ new_q-name = talloc_strdup(new_q,
recs[ri].data.ipv6);
+ }
+ if (new_q-name == NULL) {
+ TALLOC_FREE(new_q);
+ return WERR_NOMEM;
+ }
+ /* and then call the lookup again */
+ werror = handle_question(dns, mem_ctx, new_q, ans,
ai);
+ if (!W_ERROR_IS_OK(werror)) {
+ return werror;
+ }
+
+
+ continue;
+ }
if ((question-question_type != DNS_QTYPE_ALL
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via aa01908 libcli/dns: Rename UDP-based calls to reflect their use via 42e1b94 Add myself as libcli/dns maintainer via 6a1ad76 s4-dns: Use W_ERROR_HAVE_NO_MEMORY in create_response_rr via 9d128bb s4-dns: Use proper talloc hierarchy for NS records in create_response_rr via ffc568e s4-dns: Use proper talloc hierarchy for records in create_response_rr via d5ce36b s4-dns: Remove sync dns_process via d4998cc s4-dns: Make the TCP dns server async via 230f933b s4-dns: Make the UDP dns server async via 4dbbd30 s4-dns: Remove sync dns_server_process_query via 2b6b7c6 s4-dns: Make dns_process_send asyn via 28b5219 s4-dns: Remove unused sync ask_forwarder wrapper via 03b3521 s4-dns: Make dns_server_process_query async via e2c1a8b s4-dns: Make ask_forwarder async via 54cde76 lib: add tevent_req_poll_werror via 6cdbce2 s4-dns: Create a proper talloc hierarchy in create_response_rr via 1171c56 s4-dns: Add debug output for unmappable WERROR to DNS errcode via 0b2743c s4-dns: Fix some typos via 5bc261f librpc: Fix some typos via da74d54 s4-dns: Remove some break; statements via 577a065 s4-dns: Fix an unlikely potential memleak via 1bdaf4b s4-dns: Use talloc_asprintf_append_buffer in create_response_rr via 1bbdf22 s4-dns: Add some NULL checks to create_response_rr from 40e47d0 s4:dbchecker - handle the none case correctly http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit aa0190825d4dcd9d6680638a06df5b4b7d89fd29 Author: Kai Blin k...@samba.org Date: Tue May 29 23:05:14 2012 +0200 libcli/dns: Rename UDP-based calls to reflect their use Autobuild-User: Kai Blin k...@samba.org Autobuild-Date: Wed May 30 02:35:27 CEST 2012 on sn-devel-104 commit 42e1b94f88dd47e4999af751b6d6c3278de3e422 Author: Kai Blin k...@samba.org Date: Fri May 25 07:54:39 2012 +0200 Add myself as libcli/dns maintainer commit 6a1ad76c5ef7f77475192cb17a26dd0ecc26aade Author: Kai Blin k...@samba.org Date: Wed May 30 00:30:29 2012 +0200 s4-dns: Use W_ERROR_HAVE_NO_MEMORY in create_response_rr commit 9d128bbb628bb2240cc95695c114d8befa331a6e Author: Kai Blin k...@samba.org Date: Wed May 30 00:23:33 2012 +0200 s4-dns: Use proper talloc hierarchy for NS records in create_response_rr commit ffc568eb4202e50d7ac203d491a6716bdea74e9a Author: Kai Blin k...@samba.org Date: Wed May 30 00:23:14 2012 +0200 s4-dns: Use proper talloc hierarchy for records in create_response_rr commit d5ce36b1487d679ef22198427d298ecad38b8af6 Author: Volker Lendecke v...@samba.org Date: Tue May 29 10:03:13 2012 +0200 s4-dns: Remove sync dns_process Signed-off-by: Kai Blin k...@samba.org commit d4998ccce73e1ca782b8bd40430be1a625a4c8fb Author: Volker Lendecke v...@samba.org Date: Mon May 28 18:42:54 2012 +0200 s4-dns: Make the TCP dns server async Signed-off-by: Kai Blin k...@samba.org commit 230f933babe72536a1bbb930b6c9d71df8b2b903 Author: Volker Lendecke v...@samba.org Date: Mon May 28 18:42:54 2012 +0200 s4-dns: Make the UDP dns server async Signed-off-by: Kai Blin k...@samba.org commit 4dbbd304e65cc9687fa4eaf1a1f3422588720ac4 Author: Volker Lendecke v...@samba.org Date: Mon May 28 18:23:50 2012 +0200 s4-dns: Remove sync dns_server_process_query Signed-off-by: Kai Blin k...@samba.org commit 2b6b7c64e137145dc5c3786eb8acb85645c51ba2 Author: Volker Lendecke v...@samba.org Date: Thu May 24 17:02:57 2012 +0200 s4-dns: Make dns_process_send asyn Signed-off-by: Kai Blin k...@samba.org commit 28b5219ad9abcefbee7c466ae42901d0e0d207ca Author: Volker Lendecke v...@samba.org Date: Thu May 24 16:46:29 2012 +0200 s4-dns: Remove unused sync ask_forwarder wrapper Signed-off-by: Kai Blin k...@samba.org commit 03b35211ab7ca659edf1f23fe84b49f0b3ee6ab5 Author: Volker Lendecke v...@samba.org Date: Thu May 24 14:53:47 2012 +0200 s4-dns: Make dns_server_process_query async Signed-off-by: Kai Blin k...@samba.org commit e2c1a8b87ae9fc563711e9fe5d02b915eec2cd3b Author: Volker Lendecke v...@samba.org Date: Thu May 24 13:49:41 2012 +0200 s4-dns: Make ask_forwarder async Signed-off-by: Kai Blin k...@samba.org commit 54cde76e376b7e6a781ff2841234d7f37eb6ea93 Author: Volker Lendecke v...@samba.org Date: Thu May 24 13:49:26 2012 +0200 lib: add tevent_req_poll_werror Signed-off-by: Kai Blin k...@samba.org commit 6cdbce266b6ecccf181429949104df700d58351c Author: Volker Lendecke v...@samba.org Date: Tue May 29 15:20:21 2012 +0200 s4-dns: Create a proper talloc hierarchy in create_response_rr Pair-Programmed-With: Michael Adam ob...@samba.org Signed-off-by: Kai Blin k...@samba.org
Re: [Samba] cross-compile samba4
On 2012-05-17 14:06, Andrew Bartlett wrote: Hi Mike, I've CC'ed Kai, who is our expert on Samba4 on ARM. Hopefully he can help you out. I have to admit that so far I've resorted to building natively on the ARM hardware I run things on. You need a target Python version in your path, and cross-compiling Python has so far been a stumbling block for me. The dreamplug is a Kirkwood-based ARMv5, right? With a reasonably fast disk, I can build on similar hardware in ~2 hours, iirc. Make sure you have enough RAM, the build takes 128 megs. HTH, Kai -- Kai Blin Worldforge developer http://www.worldforge.org/ Wine developer http://wiki.winehq.org/KaiBlin Samba team member http://www.samba.org/samba/team/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] cross-compile samba4
On 2012-05-18 09:45, Mike Howard wrote: Hi Mike, I have compiled natively on the dreamplug and it did take ~2hrs. In the past I've usually had to compile numerous times and time is money as they say :), so compiling on my desktop, at just under 5mins, would be a boon. The Archlinux|ARM folks have a guide on using distcc cross-compiling guide on their website, http://archlinuxarm.org/developers/distcc-cross-compiling I haven't tried this myself yet, but it should be adaptable to your set-up and allow you to launch ARM builds that are distributed to your desktop machine. HTH, Kai -- Kai Blin Worldforge developer http://www.worldforge.org/ Wine developer http://wiki.winehq.org/KaiBlin Samba team member http://www.samba.org/samba/team/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via f01c6cf s4 dns: unify error handling when bailing out
via 7420698 s4 dns: Add TSIG and TKEY records to idl
from e42e87d s3-docs: Fix several typos.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit f01c6cf707087141fe244a1d90c5cdcb69322820
Author: Kai Blin k...@samba.org
Date: Wed Mar 28 12:19:51 2012 +0200
s4 dns: unify error handling when bailing out
Autobuild-User: Kai Blin k...@samba.org
Autobuild-Date: Tue May 8 15:48:25 CEST 2012 on sn-devel-104
commit 74206984daa9c707a38675df88d6bbe660d876bc
Author: Kai Blin k...@samba.org
Date: Tue Mar 13 08:04:14 2012 +0100
s4 dns: Add TSIG and TKEY records to idl
---
Summary of changes:
librpc/idl/dns.idl | 67 --
source4/dns_server/dns_server.c | 23 ++---
2 files changed, 67 insertions(+), 23 deletions(-)
Changeset truncated at 500 lines:
diff --git a/librpc/idl/dns.idl b/librpc/idl/dns.idl
index e012162..a92c418 100644
--- a/librpc/idl/dns.idl
+++ b/librpc/idl/dns.idl
@@ -46,17 +46,23 @@ interface dns
/* rcode values */
typedef [public] enum {
- DNS_RCODE_OK = 0x0,
- DNS_RCODE_FORMERR = 0x1,
- DNS_RCODE_SERVFAIL = 0x2,
- DNS_RCODE_NXDOMAIN = 0x3,
- DNS_RCODE_NOTIMP = 0x4,
- DNS_RCODE_REFUSED = 0x5,
- DNS_RCODE_YXDOMAIN = 0x6,
- DNS_RCODE_YXRRSET = 0x7,
- DNS_RCODE_NXRRSET = 0x8,
- DNS_RCODE_NOTAUTH = 0x9,
- DNS_RCODE_NOTZONE = 0xA
+ DNS_RCODE_OK = 0x00,
+ DNS_RCODE_FORMERR = 0x01,
+ DNS_RCODE_SERVFAIL = 0x02,
+ DNS_RCODE_NXDOMAIN = 0x03,
+ DNS_RCODE_NOTIMP = 0x04,
+ DNS_RCODE_REFUSED = 0x05,
+ DNS_RCODE_YXDOMAIN = 0x06,
+ DNS_RCODE_YXRRSET = 0x07,
+ DNS_RCODE_NXRRSET = 0x08,
+ DNS_RCODE_NOTAUTH = 0x09,
+ DNS_RCODE_NOTZONE = 0x0A,
+ DNS_RCODE_BADSIG = 0x10,
+ DNS_RCODE_BADKEY = 0x11,
+ DNS_RCODE_BADTIME = 0x12,
+ DNS_RCODE_BADMODE = 0x13,
+ DNS_RCODE_BADNAME = 0x14,
+ DNS_RCODE_BADALG = 0x15
} dns_rcode;
typedef [public,enum16bit] enum {
@@ -105,12 +111,24 @@ interface dns
DNS_QTYPE_NSEC = 0x002F,
DNS_QTYPE_DNSKEY = 0x0030,
DNS_QTYPE_DHCID = 0x0031,
+ DNS_QTYPE_TKEY = 0x00F9,
+ DNS_QTYPE_TSIG = 0x00FA,
DNS_QTYPE_AXFR = 0x00FC,
DNS_QTYPE_MAILB = 0x00FD,
DNS_QTYPE_MAILA = 0x00FE,
DNS_QTYPE_ALL= 0x00FF
} dns_qtype;
+ typedef [public,enum16bit] enum {
+ DNS_TKEY_MODE_NULL = 0x,
+ DNS_TKEY_MODE_SERVER = 0x0001,
+ DNS_TKEY_MODE_DH = 0x0002,
+ DNS_TKEY_MODE_GSSAPI = 0x0003,
+ DNS_TKEY_MODE_CLIENT = 0x0004,
+ DNS_TKEY_MODE_DELETE = 0x0005,
+ DNS_TKEY_MODE_LAST = 0x
+ } dns_tkey_mode;
+
typedef [public] struct {
dns_string name;
dns_qtype question_type;
@@ -149,6 +167,31 @@ interface dns
dns_string target;
} dns_srv_record;
+ typedef [public] struct {
+ dns_string algorithm;
+ uint32 inception;
+ uint32 expiration;
+ dns_tkey_mode mode;
+ uint16 error;
+ uint16 key_size;
+ uint8 key_data[key_size];
+ uint16 other_size;
+ uint8 other_data[other_size];
+ } dns_tkey_record;
+
+ typedef [public] struct {
+ dns_string algorithm_name;
+ uint16 time_prefix; /* 0 until February 2106*/
+ uint32 time;
+ uint16 fudge;
+ uint16 mac_size;
+ uint8 mac[mac_size];
+ uint16 original_id;
+ uint16 error;
+ uint16 other_size;
+ uint8 other_data[other_size];
+ } dns_tsig_record;
+
typedef [nodiscriminant,public,flag(NDR_NOALIGN)] union {
[case(DNS_QTYPE_A)] ipv4address ipv4_record;
[case(DNS_QTYPE_NS)]dns_string ns_record;
@@ -159,6 +202,8 @@ interface dns
[case(DNS_QTYPE_TXT)] dns_txt_record txt_record;
[case(DNS_QTYPE_)] ipv6address ipv6_record;
[case(DNS_QTYPE_SRV
Re: [Samba] Samba4 internal DNS problems with smb.conf
On 2012-04-04 08:15, steve wrote: Hi, Provision: /usr/local/samba/sbin/provision --realm=hh3.site --domain=MARINA --adminpass=123@Abc --server-role=dc --dns-backend=SAMBA_INTERNAL I set smb.conf according to the wiki at: https://wiki.samba.org/index.php/DNS smb.conf [global] server role = domain controller workgroup = MARINA realm = hh3.site netbios name = HH3 passdb backend = samba4 server services = smb, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbind, ntp_signd, kcc, dnsupdate, dns allow dns updates = True dns forwarder = 192.168.1.1 dns recursive queries = yes but: testparm Load smb config files from /usr/local/samba/etc/smb.conf rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384) Unknown parameter encountered: server services Ignoring unknown parameter server services Unknown parameter encountered: allow dns updates Ignoring unknown parameter allow dns updates Unknown parameter encountered: dns forwarder Ignoring unknown parameter dns forwarder Unknown parameter encountered: dns recursive queries Ignoring unknown parameter dns recursive queries What have I done wrong? Uh, testparm is the samba3 tool. You'll want to run samba-tool testparm until our configuration parsers are merged. HTH, Kai -- Kai Blin Worldforge developer http://www.worldforge.org/ Wine developer http://wiki.winehq.org/KaiBlin Samba team member http://www.samba.org/samba/team/ signature.asc Description: OpenPGP digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 how to get a reverse dlz zone
On 2012-04-03 06:45, steve wrote: Thanks. That's good news. But for that to work, I would need to have a fixed IP for each client no? No idea about the BIND stuff, but in principle if there's a reverse zone in DNS, the windows clients will try to update that when updating their forward entry. Sans TKEY/TSIG, I've seen this working just fine with the internal DNS. I see no reason why it shouldn't work with BIND. Cheers, Kai -- Kai Blin Worldforge developer http://www.worldforge.org/ Wine developer http://wiki.winehq.org/KaiBlin Samba team member http://www.samba.org/samba/team/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 how to get a reverse dlz zone
On 2012-04-03 11:41, Konstantin Pobudzey wrote: Hi Konstantin, It worked for me. I did exactly same as for forward zone. But that's using the flat-file backend, not the DLZ AD-based backend, right? Cheers, Kai -- Kai Blin Worldforge developer http://www.worldforge.org/ Wine developer http://wiki.winehq.org/KaiBlin Samba team member http://www.samba.org/samba/team/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 how to get a reverse dlz zone
On 2012-04-03 14:04, steve wrote: I want the reverse lookup for my Linux clients. As far as I can see, the only way I can get the reverse lookup working is to use static IP. I want my Linux clients using DHCP as do the windows clients. Can it be done? Is it easier if I switch to SAMBA_INTERNAL perhaps? What I'm saying is that it should make no difference if you run the BIND DLZ or the internal server. No idea what DHCP client you're using, and how that does DNS updates. If your DHCP client is able to do GSS-TSIG updates against windows, it should be able to do the same against Samba4. If the DHCP client can't update, you'll have to figure out how to fix the client side of things. I just want a reverse lookup in the same way that forward lookup and update works for windows. And I'm saying that it should work the same way, from the server side of things. Cheers, Kai -- Kai Blin Worldforge developer http://www.worldforge.org/ Wine developer http://wiki.winehq.org/KaiBlin Samba team member http://www.samba.org/samba/team/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 60eb162 s4 dns: Allow updating PTR records. from 1e24997 s3: Avoid a crash with debug level 10 http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 60eb1621d2c3224a2c7e8bec947741446ecbc4b1 Author: Kai Blin k...@samba.org Date: Fri Mar 30 17:19:48 2012 +0200 s4 dns: Allow updating PTR records. Autobuild-User: Kai Blin k...@samba.org Autobuild-Date: Fri Mar 30 19:26:52 CEST 2012 on sn-devel-104 --- Summary of changes: source4/dns_server/dns_update.c |4 1 files changed, 4 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/dns_server/dns_update.c b/source4/dns_server/dns_update.c index d6b7640..3473a70 100644 --- a/source4/dns_server/dns_update.c +++ b/source4/dns_server/dns_update.c @@ -331,6 +331,10 @@ static WERROR dns_rr_to_dnsp(TALLOC_CTX *mem_ctx, rrec-rdata.srv_record.target); W_ERROR_HAVE_NO_MEMORY(r-data.srv.nameTarget); break; + case DNS_QTYPE_PTR: + r-data.ptr = talloc_strdup(mem_ctx, rrec-rdata.ptr_record); + W_ERROR_HAVE_NO_MEMORY(r-data.ptr); + break; case DNS_QTYPE_MX: r-data.mx.wPriority = rrec-rdata.mx_record.preference; r-data.mx.nameTarget = talloc_strdup(mem_ctx, -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 26f7a67 s4 dns: Only do recursive queries when allowed/desired
via 06dd4d8 s4 dns: Check smb.conf if we should allow recursion
via 533b2e6 s4 dns: Allow changing the dns operation flags in handlers
via 8d9da67 s4 dns: Only forward for zones we don't own
via a991391 s4 dns: Forward questions we can't answer to another server
via 10b14fa s4 dns: Add a simple dns lookup helper
via 7566e6a s4 dns: Add a simple async client library
from 95ebb11 selftest.py: Add get_interface.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 26f7a676f9a0f6f8c5ae3bef9247c675734f35cd
Author: Kai Blin k...@samba.org
Date: Tue Mar 27 15:00:01 2012 +0200
s4 dns: Only do recursive queries when allowed/desired
If recursive queries are switched off in smb.conf or the client doesn't ask
for
recursion, don't recurse.
Autobuild-User: Kai Blin k...@samba.org
Autobuild-Date: Tue Mar 27 17:39:26 CEST 2012 on sn-devel-104
commit 06dd4d8ee1c5440809fa87fd8a1f3cfac8e9036a
Author: Kai Blin k...@samba.org
Date: Tue Mar 27 14:42:15 2012 +0200
s4 dns: Check smb.conf if we should allow recursion
commit 533b2e6612bd6497c1d53c31912bccba0260a3e9
Author: Kai Blin k...@samba.org
Date: Tue Mar 27 13:59:03 2012 +0200
s4 dns: Allow changing the dns operation flags in handlers
commit 8d9da67185aac48d7d0bc1e7b90262ae9afc6a64
Author: Kai Blin k...@samba.org
Date: Tue Mar 27 13:36:16 2012 +0200
s4 dns: Only forward for zones we don't own
commit a99139160555072339f8f9cc5912c570158fc236
Author: Kai Blin k...@samba.org
Date: Tue Mar 27 08:42:22 2012 +0200
s4 dns: Forward questions we can't answer to another server
This makes use of libdns and currently hardcodes the forward server, but
it works. :)
commit 10b14fa1c03fa9d686e94be20a2700954ae090fa
Author: Kai Blin k...@samba.org
Date: Mon Mar 26 20:47:42 2012 +0200
s4 dns: Add a simple dns lookup helper
commit 7566e6a5347b9d6b2b0b8b27f9211599febd8da1
Author: Kai Blin k...@samba.org
Date: Sun Mar 11 10:13:51 2012 +0100
s4 dns: Add a simple async client library
---
Summary of changes:
lib/param/loadparm.c | 21 +
libcli/dns/dns.c | 172 ++
libcli/dns/libdns.h | 53
libcli/dns/wscript_build |5 +
source4/dns_server/dns_query.c | 109 ++--
source4/dns_server/dns_server.c | 21 -
source4/dns_server/dns_server.h |7 ++
source4/dns_server/dns_update.c |1 +
source4/dns_server/dns_utils.c | 28 ++
source4/dns_server/wscript_build |2 +-
utils/samba-dig.c| 160 +++
utils/wscript_build |7 ++
wscript_build|2 +
13 files changed, 575 insertions(+), 13 deletions(-)
create mode 100644 libcli/dns/dns.c
create mode 100644 libcli/dns/libdns.h
create mode 100644 libcli/dns/wscript_build
create mode 100644 utils/samba-dig.c
create mode 100644 utils/wscript_build
Changeset truncated at 500 lines:
diff --git a/lib/param/loadparm.c b/lib/param/loadparm.c
index bb59a79..e3792b6 100644
--- a/lib/param/loadparm.c
+++ b/lib/param/loadparm.c
@@ -1256,6 +1256,22 @@ static struct parm_struct parm_table[] = {
.special= NULL,
.enum_list = enum_dns_update_settings
},
+ {
+ .label = dns forwarder,
+ .type = P_STRING,
+ .p_class= P_GLOBAL,
+ .offset = GLOBAL_VAR(dns_forwarder),
+ .special= NULL,
+ .enum_list = NULL
+ },
+ {
+ .label = dns recursive queries,
+ .type = P_BOOL,
+ .p_class= P_GLOBAL,
+ .offset = GLOBAL_VAR(dns_recursive_queries),
+ .special= NULL,
+ .enum_list = NULL
+ },
{NULL, P_BOOL, P_NONE, 0, NULL, NULL, 0}
};
@@ -1536,7 +1552,10 @@ FN_GLOBAL_INTEGER(srv_minprotocol, srv_minprotocol)
FN_GLOBAL_INTEGER(cli_maxprotocol, cli_maxprotocol)
FN_GLOBAL_INTEGER(cli_minprotocol, cli_minprotocol)
FN_GLOBAL_BOOL(paranoid_server_security, paranoid_server_security)
+
FN_GLOBAL_INTEGER(allow_dns_updates, allow_dns_updates)
+FN_GLOBAL_CONST_STRING(dns_forwarder, dns_forwarder)
+FN_GLOBAL_BOOL(dns_recursive_queries, dns_recursive_queries)
FN_GLOBAL_INTEGER(server_signing, server_signing)
FN_GLOBAL_INTEGER(client_signing, client_signing)
@@ -3403,6 +3422,8 @@ struct loadparm_context *loadparm_init(TALLOC_CTX
*mem_ctx)
lpcfg_do_global_parameter(lp_ctx, nsupdate command
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 26a0e7a s4 dns: Test deleting records and fix a small bu
via 1e6ef24 s4 dns: Be less chatty during tests
via a4bc7dc s4 dns: Clean up tests a bit
via 98ae359 s4 dns: Support TXT updates, add tests
via e6c6f49 s4 dns: Support TXT queries
via f9f1d98 s3 selftest: Allow DNS updates during testing
from ce4531e tdb_wrap: Move to specific directory.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 26a0e7a3f5ba7f8d6af2d2b8d7a6acf1323e8c57
Author: Kai Blin k...@samba.org
Date: Sun Mar 11 00:25:57 2012 +0100
s4 dns: Test deleting records and fix a small bu
Autobuild-User: Kai Blin k...@samba.org
Autobuild-Date: Sun Mar 11 02:27:45 CET 2012 on sn-devel-104
commit 1e6ef242ec65e4f8e9c8ffa44a09581b28c2599a
Author: Kai Blin k...@samba.org
Date: Sun Mar 11 00:25:05 2012 +0100
s4 dns: Be less chatty during tests
commit a4bc7dc281237c88682de796691cb458e4802e02
Author: Kai Blin k...@samba.org
Date: Sat Mar 10 23:49:18 2012 +0100
s4 dns: Clean up tests a bit
commit 98ae3592ad058619b4953c08a0cb91e6fb44e573
Author: Kai Blin k...@samba.org
Date: Sat Mar 10 23:48:44 2012 +0100
s4 dns: Support TXT updates, add tests
commit e6c6f4959558d89f811c3da281b10e3525660179
Author: Kai Blin k...@samba.org
Date: Sat Mar 10 23:47:29 2012 +0100
s4 dns: Support TXT queries
commit f9f1d98e747e9126b9d301052f639bbc25db7a88
Author: Kai Blin k...@samba.org
Date: Sat Mar 10 23:43:44 2012 +0100
s3 selftest: Allow DNS updates during testing
---
Summary of changes:
selftest/target/Samba4.pm |4 +-
source4/dns_server/dns_query.c | 11 +++
source4/dns_server/dns_update.c | 51 +---
source4/scripting/python/samba/tests/dns.py | 123 ++-
4 files changed, 174 insertions(+), 15 deletions(-)
Changeset truncated at 500 lines:
diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm
index 698cd12..d9385c8 100644
--- a/selftest/target/Samba4.pm
+++ b/selftest/target/Samba4.pm
@@ -1090,6 +1090,8 @@ sub provision_dc($$)
my ($self, $prefix) = @_;
print PROVISIONING DC...;
+my $extra_conf_options = netbios aliases = localDC1-a
+allow dns updates = True;
my $ret = $self-provision($prefix,
domain controller,
localdc,
@@ -1097,7 +1099,7 @@ sub provision_dc($$)
samba.example.com,
2008,
locDCpass1,
- undef, netbios aliases = localDC1-a);
+ undef, $extra_conf_options);
return undef unless(defined $ret);
unless($self-add_wins_config($prefix/private)) {
diff --git a/source4/dns_server/dns_query.c b/source4/dns_server/dns_query.c
index 42aa11f..4277659 100644
--- a/source4/dns_server/dns_query.c
+++ b/source4/dns_server/dns_query.c
@@ -35,6 +35,8 @@ static WERROR create_response_rr(const struct
dns_name_question *question,
{
struct dns_res_rec *ans = *answers;
uint16_t ai = *ancount;
+ char *tmp;
+ uint32_t i;
ZERO_STRUCT(ans[ai]);
@@ -69,7 +71,16 @@ static WERROR create_response_rr(const struct
dns_name_question *question,
case DNS_QTYPE_PTR:
ans[ai].rdata.ptr_record = talloc_strdup(ans, rec-data.ptr);
break;
+ case DNS_QTYPE_TXT:
+ tmp = talloc_asprintf(ans, \%s\, rec-data.txt.str[0]);
+ for (i=1; irec-data.txt.count; i++) {
+ tmp = talloc_asprintf_append(tmp, \%s\,
+rec-data.txt.str[i]);
+ }
+ ans[ai].rdata.txt_record.txt = tmp;
+ break;
default:
+ DEBUG(0, (Got unhandled type %u query.\n, rec-wType));
return DNS_ERR(NOT_IMPLEMENTED);
}
diff --git a/source4/dns_server/dns_update.c b/source4/dns_server/dns_update.c
index 62cf9e5..3d7ecce 100644
--- a/source4/dns_server/dns_update.c
+++ b/source4/dns_server/dns_update.c
@@ -285,6 +285,10 @@ static WERROR dns_rr_to_dnsp(TALLOC_CTX *mem_ctx,
const struct dns_res_rec *rrec,
struct dnsp_DnssrvRpcRecord *r)
{
+ char *tmp;
+ char *txt_record_txt;
+ char *saveptr = NULL;
+
if (rrec-rr_type == DNS_QTYPE_ALL) {
return DNS_ERR(FORMAT_ERROR);
}
@@ -334,15 +338,30 @@ static WERROR dns_rr_to_dnsp(TALLOC_CTX *mem_ctx,
W_ERROR_HAVE_NO_MEMORY(r-data.mx.nameTarget);
break;
case DNS_QTYPE_TXT:
- /* FIXME
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 9a93f43 s4 dns: Add support for PTR queries.
from 1930781 s4-librpc: Remove unused new_ev
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 9a93f43cebcb6b677548919f57badc1a857cb13b
Author: Kai Blin k...@samba.org
Date: Fri Mar 9 10:43:27 2012 +0100
s4 dns: Add support for PTR queries.
Autobuild-User: Kai Blin k...@samba.org
Autobuild-Date: Fri Mar 9 12:27:38 CET 2012 on sn-devel-104
---
Summary of changes:
source4/dns_server/dns_query.c |6 +-
1 files changed, 5 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dns_server/dns_query.c b/source4/dns_server/dns_query.c
index 5320e21..42aa11f 100644
--- a/source4/dns_server/dns_query.c
+++ b/source4/dns_server/dns_query.c
@@ -66,6 +66,9 @@ static WERROR create_response_rr(const struct
dns_name_question *question,
ans[ai].rdata.soa_record.expire = rec-data.soa.expire;
ans[ai].rdata.soa_record.minimum = rec-data.soa.minimum;
break;
+ case DNS_QTYPE_PTR:
+ ans[ai].rdata.ptr_record = talloc_strdup(ans, rec-data.ptr);
+ break;
default:
return DNS_ERR(NOT_IMPLEMENTED);
}
@@ -109,7 +112,8 @@ static WERROR handle_question(struct dns_server *dns,
(recs[ri].wType != question-question_type)) {
continue;
}
- create_response_rr(question, recs[ri], ans, ai);
+ werror = create_response_rr(question, recs[ri], ans, ai);
+ W_ERROR_NOT_OK_RETURN(werror);
}
if (ai == 0) {
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via c7f6714 s4 dns: Fix TCP handling in the DNS server
from 1f62df5 s3: Move a talloc_strdup out of the main code path
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit c7f67142c0693e73355e1a5748f729fad04415e0
Author: Kai Blin k...@samba.org
Date: Tue Mar 6 08:49:16 2012 +0100
s4 dns: Fix TCP handling in the DNS server
Autobuild-User: Kai Blin k...@samba.org
Autobuild-Date: Tue Mar 6 21:17:19 CET 2012 on sn-devel-104
---
Summary of changes:
source4/dns_server/dns_server.c | 26 ++--
source4/lib/stream/packet.c | 12 +
source4/lib/stream/packet.h |1 +
source4/scripting/python/samba/tests/dns.py | 34 +++
4 files changed, 60 insertions(+), 13 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dns_server/dns_server.c b/source4/dns_server/dns_server.c
index 25873c2..cf43590 100644
--- a/source4/dns_server/dns_server.c
+++ b/source4/dns_server/dns_server.c
@@ -233,13 +233,13 @@ static void dns_tcp_call_loop(struct tevent_req *subreq)
return;
}
- DEBUG(10,(Received krb5 TCP packet of length %lu from %s\n,
+ DEBUG(10,(Received DNS TCP packet of length %lu from %s\n,
(long) call-in.length,
tsocket_address_string(dns_conn-conn-remote_address, call)));
/* skip length header */
- call-in.data += 4;
- call-in.length -= 4;
+ call-in.data += 2;
+ call-in.length -= 2;
/* Call dns */
status = dns_process(dns_conn-dns_socket-dns, call, call-in,
call-out);
@@ -251,9 +251,9 @@ static void dns_tcp_call_loop(struct tevent_req *subreq)
}
/* First add the length of the out buffer */
- RSIVAL(call-out_hdr, 0, call-out.length);
+ RSSVAL(call-out_hdr, 0, call-out.length);
call-out_iov[0].iov_base = (char *) call-out_hdr;
- call-out_iov[0].iov_len = 4;
+ call-out_iov[0].iov_len = 2;
call-out_iov[1].iov_base = (char *) call-out.data;
call-out_iov[1].iov_len = call-out.length;
@@ -271,14 +271,14 @@ static void dns_tcp_call_loop(struct tevent_req *subreq)
tevent_req_set_callback(subreq, dns_tcp_call_writev_done, call);
/*
-* The krb5 tcp pdu's has the length as 4 byte (initial_read_size),
-* packet_full_request_u32 provides the pdu length then.
+* The dns tcp pdu's has the length as 2 byte (initial_read_size),
+* packet_full_request_u16 provides the pdu length then.
*/
subreq = tstream_read_pdu_blob_send(dns_conn,
dns_conn-conn-event.ctx,
dns_conn-tstream,
- 4, /* initial_read_size */
- packet_full_request_u32,
+ 2, /* initial_read_size */
+ packet_full_request_u16,
dns_conn);
if (subreq == NULL) {
dns_tcp_terminate_connection(dns_conn, dns_tcp_call_loop:
@@ -358,14 +358,14 @@ static void dns_tcp_accept(struct stream_connection *conn)
conn-private_data = dns_conn;
/*
-* The krb5 tcp pdu's has the length as 4 byte (initial_read_size),
-* packet_full_request_u32 provides the pdu length then.
+* The dns tcp pdu's has the length as 2 byte (initial_read_size),
+* packet_full_request_u16 provides the pdu length then.
*/
subreq = tstream_read_pdu_blob_send(dns_conn,
dns_conn-conn-event.ctx,
dns_conn-tstream,
- 4, /* initial_read_size */
- packet_full_request_u32,
+ 2, /* initial_read_size */
+ packet_full_request_u16,
dns_conn);
if (subreq == NULL) {
dns_tcp_terminate_connection(dns_conn, dns_tcp_accept:
diff --git a/source4/lib/stream/packet.c b/source4/lib/stream/packet.c
index 3a7f600..b36d650 100644
--- a/source4/lib/stream/packet.c
+++ b/source4/lib/stream/packet.c
@@ -612,3 +612,15 @@ _PUBLIC_ NTSTATUS packet_full_request_u32(void
*private_data, DATA_BLOB blob, si
}
return NT_STATUS_OK;
}
+
+_PUBLIC_ NTSTATUS packet_full_request_u16(void *private_data, DATA_BLOB blob,
size_t *size)
+{
+ if (blob.length 2) {
+ return STATUS_MORE_ENTRIES;
+ }
+ *size = 2 + RSVAL(blob.data, 0
Re: [Samba] Samba4 xidNumber and idmap.ldb
On 2012-02-26 18:15, steve wrote: Hi Steve, Sorry. Just one more thing. Could you point me at the code which finds the next free xid when e.g. you create a new user? That's not how samba4 id mapping works at the moment I'm afraid. It will ignore the Posix attributes that might exist in the AD. It's non-trivial to manage the mappings across servers. Cheers, Kai -- Kai Blin Worldforge developer http://www.worldforge.org/ Wine developer http://wiki.winehq.org/KaiBlin Samba team member http://www.samba.org/samba/team/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba 4 how to enable winbindd
On 2012-02-27 14:13, Alain Toussaint wrote: Hi Alain, I configured a domain controller on a ubuntu server using samba 4 alpha 15 using ubuntu's distribution packages and followed this howto: https://wiki.samba.org/index.php/Samba4/Winbind to have unix account for domain users but winbindd is not running; these two commands from the howto does not work: Wbinfo -p Wbinfo -u Are you running a version of wbinfo that was compiled with your Samba4 install, or is this one your package manager installed at some point? The winbind named pipe wbinfo uses for communication changed location at some point, and your wbinfo might be looking at the wrong place. HTH, Kai -- Kai Blin Worldforge developer http://www.worldforge.org/ Wine developer http://wiki.winehq.org/KaiBlin Samba team member http://www.samba.org/samba/team/ signature.asc Description: OpenPGP digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 internal dns server cannot find ldap
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 2012-02-12 10:23, steve wrote: Hi Steve, ../source4/dsdb/dns/dns_update.c:294: Failed DNS update - NT_STATUS_IO_TIMEOUT dns child failed to find name '_ldap._tcp.HH3.SITE' of type SRV finddcs: Failed to find SRV record for _ldap._tcp.HH3.SITE Is there anything I need to configure in the internal server? That's the client component throwing the error message. What's your resolv.conf setup, and what's your smb.conf and provision settings? Cheers, Kai - -- Kai Blin Worldforge developer http://www.worldforge.org/ Wine developer http://wiki.winehq.org/KaiBlin Samba team member http://www.samba.org/samba/team/ -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk86BasACgkQEKXX/bF2FpR6BACeJy/cTlmrIuWOMKbmaEFP/A90 xqUAn1KNLR0fWy2Hq61W6LQTB9qxeA18 =DN0p -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 4 latest git failed to provision: DNS
On 2012-02-08 13:19, steve wrote: Hi Steve, I've wasted quite a bit of time with cases like this. Would it be OK for one of us here to subscribe to samba-technical if we promise not to post? You're always free to subscribe to samba-technical. You're also free to post things to samba-technical if it's development-related, too. In this case, this seems like a problem with the build system, which clearly is a fit topic for samba-technical. Just know that if you bring your problems to samba-technical, you'll be expected to test patches (hopefully). :) Cheers, Kai -- Kai Blin Worldforge developer http://www.worldforge.org/ Wine developer http://wiki.winehq.org/KaiBlin Samba team member http://www.samba.org/samba/team/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Great LWN Samba article !
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 2012-01-18 18:51, Daniel Müller wrote: Hi Daniel, In this article there is told about an internal dns server for samba4. Is there a version of samba4 out where I can test it. This is checked into the master branch. A current checkout should get you there. provision with --dns_backend=SAMBA_INTERNAL There is also an allow dns updates setting that you can set to True to allow unsigned DNS updates from your clients. Signed updates are not supported so far. I'll try to make some time to document this stuff on the wiki, but I'm currently at a conference, so no promises on when I'll get around to this. Cheers, Kai - -- Kai Blin Worldforge developer http://www.worldforge.org/ Wine developer http://wiki.winehq.org/KaiBlin Samba team member http://www.samba.org/samba/team/ -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk8Xir8ACgkQEKXX/bF2FpTvHACcCFS8yBk1J/9PoNOymyjKt8n0 tPMAnRzOnzTPZxdHqgGlnqXrBi6O+mQK =tGUI -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 803dc38 s4:provision: add +dns to server services if the dns backend is SAMBA_INTERNAL via 83c149d s4:provision: add a server services line to the smb.conf template for the dc via f489c68 s4:provision: add the possibility to provision server services in smb.conf via a876d51 s4:provision: improve a message from 0f79184 samba: check for AES encryption type defines. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 803dc389d1ade89708a3fedc91dd2c271f4a495b Author: Michael Adam ob...@samba.org Date: Sun Jan 8 01:02:58 2012 +0100 s4:provision: add +dns to server services if the dns backend is SAMBA_INTERNAL Signed-off-by: Kai Blin k...@samba.org Autobuild-User: Kai Blin k...@samba.org Autobuild-Date: Tue Jan 10 21:17:45 CET 2012 on sn-devel-104 commit 83c149de4d7ba91f799959bc411516fd163917df Author: Michael Adam ob...@samba.org Date: Thu Jan 5 00:45:12 2012 +0100 s4:provision: add a server services line to the smb.conf template for the dc Signed-off-by: Kai Blin k...@samba.org commit f489c681ea4dcdf13c62876cb0e21ca93882599b Author: Michael Adam ob...@samba.org Date: Thu Jan 5 00:44:39 2012 +0100 s4:provision: add the possibility to provision server services in smb.conf Signed-off-by: Kai Blin k...@samba.org commit a876d519fedc50ad4958ae772a2b836f00dcea48 Author: Michael Adam ob...@samba.org Date: Thu Jan 5 00:05:26 2012 +0100 s4:provision: improve a message Signed-off-by: Kai Blin k...@samba.org --- Summary of changes: .../scripting/python/samba/provision/__init__.py | 22 +++ source4/setup/provision.smb.conf.dc|2 + 2 files changed, 19 insertions(+), 5 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/scripting/python/samba/provision/__init__.py b/source4/scripting/python/samba/provision/__init__.py index 5c4866c..295e272 100644 --- a/source4/scripting/python/samba/provision/__init__.py +++ b/source4/scripting/python/samba/provision/__init__.py @@ -554,7 +554,8 @@ def guess_names(lp=None, hostname=None, domain=None, dnsdomain=None, def make_smbconf(smbconf, hostname, domain, realm, serverrole, - targetdir, sid_generator=internal, eadb=False, lp=None): + targetdir, sid_generator=internal, eadb=False, lp=None, + server_services=None): Create a new smb.conf file based on a couple of basic settings. assert smbconf is not None @@ -603,6 +604,11 @@ def make_smbconf(smbconf, hostname, domain, realm, serverrole, privdir = lp.get(private dir) lp.set(posix:eadb, os.path.abspath(os.path.join(privdir, eadb.tdb))) +if server_services is not None: +server_services_line = server services = + .join(server_services) +else: +server_services_line = + if targetdir is not None: privatedir_line = private dir = + os.path.abspath(os.path.join(targetdir, private)) lockdir_line = lock dir = + os.path.abspath(targetdir) @@ -632,7 +638,8 @@ def make_smbconf(smbconf, hostname, domain, realm, serverrole, PRIVATEDIR_LINE: privatedir_line, LOCKDIR_LINE: lockdir_line, STATEDIR_LINE: statedir_line, -CACHEDIR_LINE: cachedir_line +CACHEDIR_LINE: cachedir_line, +SERVER_SERVICES_LINE: server_services_line }) # reload the smb.conf @@ -1586,6 +1593,10 @@ def provision(logger, session_info, credentials, smbconf=None, if not os.path.exists(os.path.dirname(smbconf)): os.makedirs(os.path.dirname(smbconf)) +server_services = None +if dns_backend == SAMBA_INTERNAL: +server_services = [ +dns ] + # only install a new smb.conf if there isn't one there already if os.path.exists(smbconf): # if Samba Team members can't figure out the weird errors @@ -1596,10 +1607,11 @@ def provision(logger, session_info, credentials, smbconf=None, if data is None or data == : make_smbconf(smbconf, hostname, domain, realm, serverrole, targetdir, sid_generator, useeadb, - lp=lp) + lp=lp, server_services=server_services) else: make_smbconf(smbconf, hostname, domain, realm, serverrole, - targetdir, sid_generator, useeadb, lp=lp) + targetdir, sid_generator, useeadb, lp=lp, + server_services=server_services) if lp is None: lp = samba.param.LoadParm() @@ -1776,7 +1788,7 @@ def provision(logger, session_info, credentials, smbconf=None, logger.info(Failed to chown %s to bind gid %u
Re: [Samba] Samba4 DNS Update failing and crashing Bind
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 2011-12-11 16:39, Alex MacCuish wrote: Dec 11 15:21:23 CNSRV01 named[3457]: samba_dlz: starting transaction on zone carlyle.internal Dec 11 15:21:23 CNSRV01 named[3457]: client 192.168.1.114#61086: update 'carlyle.internal/IN' denied Dec 11 15:21:23 CNSRV01 named[3457]: samba_dlz: cancelling transaction on zone carlyle.internal It seems like some policy disallows the update, and you're seeing a crash during the cleanup. Are you using the DNS server for anything besides AD? If not, you might want to give the samba internal DNS server a go. That's still pretty new and experimental, but likely easier for me to debug than the DLZ module. :) Cheers, Kai - -- Kai Blin Worldforge developer http://www.worldforge.org/ Wine developer http://wiki.winehq.org/KaiBlin Samba team member http://www.samba.org/samba/team/ -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk7ybo0ACgkQEKXX/bF2FpQE2ACbBVP53DfrkW2eUw2h5NUv6LRr yMcAmwcXXAOB0yOVOEHXxkYFZNBWdHgC =VFMB -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via b1fdf40 s4 dns: Allow updates based on smb.conf setting
via afa98bd s4 dns: Add some debug output
via d8a499a s4 dns: Actually handle the update request
via c191ad7 s4 dns: Implement RFC-compatible update prescan
via 02c9e18 s4 dns: Update prerequisite checking conforming to RFC
via 589d995 s4 dns: Give better test output on RCODE mismatch
via 8b82bad s4 dns: Move record lookup to dns_utils.c
via 0922953 s4 dns: Implement dns record comparison function
via db2573e s4 dns: Implement dns name equality check
via a00709e s4 dns: Fix some typos in comments and a whitespace
from b939144 check_name() not needed in mkdir.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit b1fdf4065e4569e58ffceb44e9f4105fa1f8740e
Author: Kai Blin k...@samba.org
Date: Fri Dec 16 14:25:57 2011 +0100
s4 dns: Allow updates based on smb.conf setting
Autobuild-User: Kai Blin k...@samba.org
Autobuild-Date: Sat Dec 17 04:19:40 CET 2011 on sn-devel-104
commit afa98bdc51c635cb7d7cc8c63497598e522610fd
Author: Kai Blin k...@samba.org
Date: Fri Dec 16 14:22:51 2011 +0100
s4 dns: Add some debug output
commit d8a499a27b1cc19189be7cf51f01888389346950
Author: Kai Blin k...@samba.org
Date: Fri Dec 16 14:21:52 2011 +0100
s4 dns: Actually handle the update request
commit c191ad7e130c637faef23e7cec9d37c097da5a8b
Author: Kai Blin k...@samba.org
Date: Fri Dec 16 14:07:11 2011 +0100
s4 dns: Implement RFC-compatible update prescan
commit 02c9e18094f68d9014fe56c4d1b1c51fd22bd1b5
Author: Kai Blin k...@samba.org
Date: Fri Dec 16 13:45:22 2011 +0100
s4 dns: Update prerequisite checking conforming to RFC
commit 589d995276f4868a1801d5d41f9a527a6323dbb9
Author: Kai Blin k...@samba.org
Date: Fri Dec 16 11:36:47 2011 +0100
s4 dns: Give better test output on RCODE mismatch
commit 8b82bad0065895e0417f095c6b9ed2ada31fbdaa
Author: Kai Blin k...@samba.org
Date: Fri Dec 16 09:43:47 2011 +0100
s4 dns: Move record lookup to dns_utils.c
commit 0922953b10f3495e5d62867025e7e99ebc3e6613
Author: Kai Blin k...@samba.org
Date: Fri Dec 16 09:24:18 2011 +0100
s4 dns: Implement dns record comparison function
commit db2573eadfd9389391f6daf73432de7f73b46e81
Author: Kai Blin k...@samba.org
Date: Fri Dec 16 09:21:51 2011 +0100
s4 dns: Implement dns name equality check
commit a00709eff1c3f9e53fcfbbc93ac498cb182c9ac7
Author: Kai Blin k...@samba.org
Date: Fri Dec 16 09:13:31 2011 +0100
s4 dns: Fix some typos in comments and a whitespace
---
Summary of changes:
lib/param/loadparm.c | 12 +
lib/param/param.h |1 +
lib/param/param_enums.c|8 +
librpc/idl/dns.idl |7 +-
source3/param/loadparm.c |1 +
source4/dns_server/dns_query.c | 43 +--
source4/dns_server/dns_server.c|8 +-
source4/dns_server/dns_server.h| 17 +-
source4/dns_server/dns_update.c| 624 ++--
.../libnet/grouptest.h = dns_server/dns_update.h} | 11 +-
source4/dns_server/dns_utils.c | 183 ++
source4/scripting/python/samba/tests/dns.py| 100 +++-
12 files changed, 922 insertions(+), 93 deletions(-)
copy source4/{torture/libnet/grouptest.h = dns_server/dns_update.h} (81%)
Changeset truncated at 500 lines:
diff --git a/lib/param/loadparm.c b/lib/param/loadparm.c
index 8ed9ced..2c59a3e 100644
--- a/lib/param/loadparm.c
+++ b/lib/param/loadparm.c
@@ -65,6 +65,7 @@
#include s3_param.h
#include lib/util/bitmap.h
#include libcli/smb/smb_constants.h
+#include source4/dns_server/dns_update.h
#define standard_sub_basic talloc_strdup
@@ -1223,6 +1224,14 @@ static struct parm_struct parm_table[] = {
.special= NULL,
.enum_list = NULL
},
+ {
+ .label = allow dns updates,
+ .type = P_ENUM,
+ .p_class= P_GLOBAL,
+ .offset = GLOBAL_VAR(allow_dns_updates),
+ .special= NULL,
+ .enum_list = enum_dns_update_settings
+ },
{NULL, P_BOOL, P_NONE, 0, NULL, NULL, 0}
};
@@ -1503,6 +1512,7 @@ FN_GLOBAL_INTEGER(srv_minprotocol, srv_minprotocol)
FN_GLOBAL_INTEGER(cli_maxprotocol, cli_maxprotocol)
FN_GLOBAL_INTEGER(cli_minprotocol, cli_minprotocol)
FN_GLOBAL_BOOL(paranoid_server_security, paranoid_server_security)
+FN_GLOBAL_INTEGER(allow_dns_updates, allow_dns_updates)
FN_GLOBAL_INTEGER(server_signing, server_signing)
FN_GLOBAL_INTEGER(client_signing
Re: [Samba] Join Win7 to Samba
On 2011-12-15 08:02, Kai Blin wrote: Hi Piotr, These two settings are not related to domain controllers, they control if the box wants to be a domain master browser for the NetBIOS browsing elections. Hm, actually the domain master setting does matter for the PDC. It's really been a while since I last worked with NT4.0 style domains. :) Still, you might want to make sure the settings are ok using testparm and then force a browser election. All this NetBIOS browsing is pretty messy. Cheers, Kai -- Kai Blin Worldforge developer http://www.worldforge.org/ Wine developer http://wiki.winehq.org/KaiBlin Samba team member http://www.samba.org/samba/team/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Join Win7 to Samba
On 2011-12-14 22:18, Piotr Zacharzewski wrote: Hi Piotr, The samba-technical list isn't really the appropriate list for non-development questions like that, moving this to the samba@lists.samba.org list. I have a problem with join Windows 7 client to Samba domain I have 1 domain with two domain controllers A,B ... preferred master = yes domain master = yes These two settings are not related to domain controllers, they control if the box wants to be a domain master browser for the NetBIOS browsing elections. Cheers, Kai -- Kai Blin Worldforge developer http://www.worldforge.org/ Wine developer http://wiki.winehq.org/KaiBlin Samba team member http://www.samba.org/samba/team/ signature.asc Description: OpenPGP digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via c01efc1 s4 dns: Update requests with QCLASS != IN or ALL trigger
NOTIMPLEMENTED errors
via 358a81e s4 dns: Add test to prove two updates in one packet are a
FORMERR
via 509acc7 s4 dns: More explicitly use the first question of an update
packet only
via 3fbb76c s4 dns: Get rid of const qualifier for prereqs, we do need
to allocate those
from 85f8d97 Revert Install (platform-independent) python scripts to
the PYTHONDIR rather than PYTHONARCHDIR.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit c01efc1207b097517623d71b2ed9a24bb9c255de
Author: Kai Blin k...@samba.org
Date: Fri Dec 9 01:26:39 2011 +0100
s4 dns: Update requests with QCLASS != IN or ALL trigger NOTIMPLEMENTED
errors
Autobuild-User: Kai Blin k...@samba.org
Autobuild-Date: Fri Dec 9 03:32:28 CET 2011 on sn-devel-104
commit 358a81eff5279a69270964226b553fb5243ecb84
Author: Kai Blin k...@samba.org
Date: Fri Dec 9 01:14:35 2011 +0100
s4 dns: Add test to prove two updates in one packet are a FORMERR
commit 509acc71dd8534539021b0ec57dd83a841119793
Author: Kai Blin k...@samba.org
Date: Fri Dec 9 00:59:34 2011 +0100
s4 dns: More explicitly use the first question of an update packet only
commit 3fbb76c119eaa1becb2df72d54cd4685771628df
Author: Kai Blin k...@samba.org
Date: Fri Dec 9 00:58:32 2011 +0100
s4 dns: Get rid of const qualifier for prereqs, we do need to allocate those
---
Summary of changes:
source4/dns_server/dns_server.h |6 ++--
source4/dns_server/dns_update.c | 13 ---
source4/scripting/python/samba/tests/dns.py | 30 +++
3 files changed, 42 insertions(+), 7 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dns_server/dns_server.h b/source4/dns_server/dns_server.h
index 28351e8..d658b2a 100644
--- a/source4/dns_server/dns_server.h
+++ b/source4/dns_server/dns_server.h
@@ -49,9 +49,9 @@ WERROR dns_server_process_query(struct dns_server *dns,
WERROR dns_server_process_update(struct dns_server *dns,
TALLOC_CTX *mem_ctx,
struct dns_name_packet *in,
-const struct dns_res_rec *prereqs, uint16_t
prereq_count,
-struct dns_res_rec **updates, uint16_t
*update_count,
-struct dns_res_rec **additional, uint16_t
*arcount);
+struct dns_res_rec *prereqs, uint16_t
prereq_count,
+struct dns_res_rec **updates,uint16_t
*update_count,
+struct dns_res_rec **additional, uint16_t
*arcount);
uint8_t werr_to_dns_err(WERROR werror);
bool dns_name_match(const char *zone, const char *name, size_t *host_part_len);
diff --git a/source4/dns_server/dns_update.c b/source4/dns_server/dns_update.c
index a9fabf6..55589d2 100644
--- a/source4/dns_server/dns_update.c
+++ b/source4/dns_server/dns_update.c
@@ -126,9 +126,9 @@ static WERROR update_prescan(const struct dns_name_question
*zone,
WERROR dns_server_process_update(struct dns_server *dns,
TALLOC_CTX *mem_ctx,
struct dns_name_packet *in,
-const struct dns_res_rec *prereqs, uint16_t
prereq_count,
-struct dns_res_rec **updates, uint16_t
*update_count,
-struct dns_res_rec **additional, uint16_t
*arcount)
+struct dns_res_rec *prereqs, uint16_t
prereq_count,
+struct dns_res_rec **updates,uint16_t
*update_count,
+struct dns_res_rec **additional, uint16_t
*arcount)
{
struct dns_name_question *zone;
const struct dns_server_zone *z;
@@ -140,7 +140,12 @@ WERROR dns_server_process_update(struct dns_server *dns,
return DNS_ERR(FORMAT_ERROR);
}
- zone = in-questions;
+ zone = in-questions[0];
+
+ if (zone-question_class != DNS_QCLASS_IN
+ zone-question_class != DNS_QCLASS_ANY) {
+ return DNS_ERR(NOT_IMPLEMENTED);
+ }
if (zone-question_type != DNS_QTYPE_SOA) {
return DNS_ERR(FORMAT_ERROR);
diff --git a/source4/scripting/python/samba/tests/dns.py
b/source4/scripting/python/samba/tests/dns.py
index 9f53225..60003fc 100644
--- a/source4/scripting/python/samba/tests/dns.py
+++ b/source4/scripting/python/samba/tests/dns.py
@@ -187,6 +187,36 @@ class DNSTest(TestCase):
self.assert_dns_opcode_equals(response, dns.DNS_OPCODE_QUERY)
self.assertEquals(response.ancount, 1)
+def
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via c326b37 s4 dns: Test SOA queries
from 05bc4de Revert making public of the samba-module library.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit c326b37358260ba4f3a95463acdbf02ddae0ab97
Author: Kai Blin k...@samba.org
Date: Sat Dec 3 19:08:09 2011 +0100
s4 dns: Test SOA queries
Autobuild-User: Kai Blin k...@samba.org
Autobuild-Date: Sat Dec 3 20:52:51 CET 2011 on sn-devel-104
---
Summary of changes:
source4/scripting/python/samba/tests/dns.py | 32 +++
1 files changed, 32 insertions(+), 0 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/scripting/python/samba/tests/dns.py
b/source4/scripting/python/samba/tests/dns.py
index df10b71..9f53225 100644
--- a/source4/scripting/python/samba/tests/dns.py
+++ b/source4/scripting/python/samba/tests/dns.py
@@ -154,6 +154,38 @@ class DNSTest(TestCase):
response = self.dns_transaction_udp(p)
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_NOTIMP)
+# Only returns an authority section entry in BIND and Win DNS
+# FIXME: Enable one Samba implements this feature
+#def test_soa_hostname_query(self):
+#create a SOA query for a hostname
+#p = self.make_name_packet(dns.DNS_OPCODE_QUERY)
+#questions = []
+#
+#name = %s.%s % (os.getenv('DC_SERVER'), self.get_dns_domain())
+#q = self.make_name_question(name, dns.DNS_QTYPE_SOA,
dns.DNS_QCLASS_IN)
+#questions.append(q)
+#
+#self.finish_name_packet(p, questions)
+#response = self.dns_transaction_udp(p)
+#self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
+#self.assert_dns_opcode_equals(response, dns.DNS_OPCODE_QUERY)
+## We don't get SOA records for single hosts
+#self.assertEquals(response.ancount, 0)
+
+def test_soa_domain_query(self):
+create a SOA query for a domain
+p = self.make_name_packet(dns.DNS_OPCODE_QUERY)
+questions = []
+
+name = self.get_dns_domain()
+q = self.make_name_question(name, dns.DNS_QTYPE_SOA, dns.DNS_QCLASS_IN)
+questions.append(q)
+
+self.finish_name_packet(p, questions)
+response = self.dns_transaction_udp(p)
+self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
+self.assert_dns_opcode_equals(response, dns.DNS_OPCODE_QUERY)
+self.assertEquals(response.ancount, 1)
if __name__ == __main__:
import unittest
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 9f1eb8a s4 dns: Test QCLASS_NONE query
via 8685a35 s4 dns: Test QTYPE_ALL query
via 16d9ebb s4 dns: Check more of the returned values for the A query
via 1a599da s4 dns: Move dns_transaction_udp to other helper functions
from 12123e7 pidl:Samba4/NDR/Parser: don't generate code for [ignore]
pointers
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 9f1eb8ab8ef17a48653f3af51cfd2e678b032595
Author: Kai Blin k...@samba.org
Date: Thu Nov 24 12:14:55 2011 +0100
s4 dns: Test QCLASS_NONE query
Autobuild-User: Kai Blin k...@samba.org
Autobuild-Date: Thu Nov 24 14:10:45 CET 2011 on sn-devel-104
commit 8685a35e9c3ce9d84ef8c1b9af12213701e50fa8
Author: Kai Blin k...@samba.org
Date: Thu Nov 24 12:11:26 2011 +0100
s4 dns: Test QTYPE_ALL query
commit 16d9ebb396db2552de77706b644f299a3c2be79d
Author: Kai Blin k...@samba.org
Date: Thu Nov 24 12:10:40 2011 +0100
s4 dns: Check more of the returned values for the A query
commit 1a599da550fb54fd6fb4cc2db827e7ea435ad51d
Author: Kai Blin k...@samba.org
Date: Thu Nov 24 12:09:58 2011 +0100
s4 dns: Move dns_transaction_udp to other helper functions
---
Summary of changes:
source4/scripting/python/samba/tests/dns.py | 69 ++-
1 files changed, 56 insertions(+), 13 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/scripting/python/samba/tests/dns.py
b/source4/scripting/python/samba/tests/dns.py
index 25505d9..df10b71 100644
--- a/source4/scripting/python/samba/tests/dns.py
+++ b/source4/scripting/python/samba/tests/dns.py
@@ -66,6 +66,20 @@ class DNSTest(TestCase):
Helper to get dns domain
return os.getenv('REALM', 'example.com').lower()
+def dns_transaction_udp(self, packet, host=os.getenv('DC_SERVER_IP')):
+send a DNS query and read the reply
+s = None
+try:
+send_packet = ndr.ndr_pack(packet)
+s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, 0)
+s.connect((host, 53))
+s.send(send_packet, 0)
+recv_packet = s.recv(2048, 0)
+return ndr.ndr_unpack(dns.name_packet, recv_packet)
+finally:
+if s is not None:
+s.close()
+
def test_one_a_query(self):
create a query packet containing one query record
p = self.make_name_packet(dns.DNS_OPCODE_QUERY)
@@ -80,6 +94,9 @@ class DNSTest(TestCase):
response = self.dns_transaction_udp(p)
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
self.assert_dns_opcode_equals(response, dns.DNS_OPCODE_QUERY)
+self.assertEquals(response.ancount, 1)
+self.assertEquals(response.answers[0].rdata,
+ os.getenv('DC_SERVER_IP'))
def test_two_queries(self):
create a query packet containing two query records
@@ -98,19 +115,45 @@ class DNSTest(TestCase):
response = self.dns_transaction_udp(p)
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_FORMERR)
-def dns_transaction_udp(self, packet, host=os.getenv('DC_SERVER_IP')):
-send a DNS query and read the reply
-s = None
-try:
-send_packet = ndr.ndr_pack(packet)
-s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, 0)
-s.connect((host, 53))
-s.send(send_packet, 0)
-recv_packet = s.recv(2048, 0)
-return ndr.ndr_unpack(dns.name_packet, recv_packet)
-finally:
-if s is not None:
-s.close()
+def test_qtype_all_query(self):
+create a QTYPE_ALL query
+p = self.make_name_packet(dns.DNS_OPCODE_QUERY)
+questions = []
+
+name = %s.%s % (os.getenv('DC_SERVER'), self.get_dns_domain())
+q = self.make_name_question(name, dns.DNS_QTYPE_ALL, dns.DNS_QCLASS_IN)
+print asking for , q.name
+questions.append(q)
+
+self.finish_name_packet(p, questions)
+response = self.dns_transaction_udp(p)
+
+num_answers = 1
+dc_ipv6 = os.getenv('DC_SERVER_IPV6')
+if dc_ipv6 is not None:
+num_answers += 1
+
+self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
+self.assert_dns_opcode_equals(response, dns.DNS_OPCODE_QUERY)
+self.assertEquals(response.ancount, num_answers)
+self.assertEquals(response.answers[0].rdata,
+ os.getenv('DC_SERVER_IP'))
+if dc_ipv6 is not None:
+self.assertEquals(response.answers[1].rdata, dc_ipv6)
+
+def test_qclass_none_query(self):
+create a QCLASS_NONE query
+p = self.make_name_packet(dns.DNS_OPCODE_QUERY)
+questions = []
+
+name = %s.%s % (os.getenv
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 81b4db7 s3 libaddns: Prevent a crash when dns_create_update fails from b16f539 s4-dns: added --no-credentials option to samba_dnsupdate http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 81b4db74a704fbc57e7fed8b8a75fc6de18a4e8d Author: Kai Blin k...@samba.org Date: Tue Nov 22 11:26:04 2011 +0100 s3 libaddns: Prevent a crash when dns_create_update fails When dns_create_update() fails, it does not initialize *req, and then TALLOC_FREE(req) in the error handling crashes if we're lucky. Instead of going into the generic error handling, treat the failure in dns_create_update() like dns_create_update_request() and just pass on the error. Thanks to Harry Mason for reporting this issue. Autobuild-User: Kai Blin k...@samba.org Autobuild-Date: Tue Nov 22 14:29:07 CET 2011 on sn-devel-104 --- Summary of changes: lib/addns/dnsrecord.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/addns/dnsrecord.c b/lib/addns/dnsrecord.c index 045fd46..de70bca 100644 --- a/lib/addns/dnsrecord.c +++ b/lib/addns/dnsrecord.c @@ -377,7 +377,7 @@ DNS_ERROR dns_create_probe(TALLOC_CTX *mem_ctx, const char *zone, uint16 i; err = dns_create_update(mem_ctx, zone, req); - if (!ERR_DNS_IS_OK(err)) goto error; + if (!ERR_DNS_IS_OK(err)) return err; err = dns_create_name_not_in_use_record(req, host, QTYPE_CNAME, rec); if (!ERR_DNS_IS_OK(err)) goto error; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 468fa95 s4 dns: Reduce test output noise by upping log level for
dns_name_packet logging
via e5ebda4 s4 dns: Add a first test case
via ef4bda5 s4 dns: Turn on internal DNS server during testing
via bd8aafc socket_wrapper: Added python interface to socket_wrapper
from f7c8af7 samba.tests.dsdb: Import TestCase from samba.tests.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 468fa95df2a682c39bd46c8e451961994b91f3c4
Author: Kai Blin k...@samba.org
Date: Tue Nov 15 08:38:27 2011 +0100
s4 dns: Reduce test output noise by upping log level for dns_name_packet
logging
Autobuild-User: Kai Blin k...@samba.org
Autobuild-Date: Thu Nov 17 20:10:05 CET 2011 on sn-devel-104
commit e5ebda41563ed6152bae9ffcf873679878de
Author: Kai Blin k...@samba.org
Date: Fri Nov 11 00:32:09 2011 +0100
s4 dns: Add a first test case
commit ef4bda5c767215f09c035192587a9a29e8a3754a
Author: Kai Blin k...@samba.org
Date: Tue Nov 8 00:34:01 2011 +0100
s4 dns: Turn on internal DNS server during testing
commit bd8aafc530ba473acefd53665b73a47d1ebbb3a5
Author: Amitay Isaacs ami...@gmail.com
Date: Fri Oct 14 17:24:16 2011 +1100
socket_wrapper: Added python interface to socket_wrapper
The socket_wrapper does not support setting blocking flag or
timeouts on the sockets.
To use socket module in python, use
from samba import socket
Signed-off-by: Kai Blin k...@samba.org
---
Summary of changes:
lib/socket_wrapper/py_socket_wrapper.c | 876 +++
lib/socket_wrapper/socket.py| 52 ++
lib/socket_wrapper/wscript_build| 10 +
selftest/target/Samba4.pm |2 +-
source4/dns_server/dns_server.c |9 +-
source4/scripting/python/samba/tests/dns.py | 117
source4/selftest/tests.py |3 +
7 files changed, 1065 insertions(+), 4 deletions(-)
create mode 100644 lib/socket_wrapper/py_socket_wrapper.c
create mode 100644 lib/socket_wrapper/socket.py
create mode 100644 source4/scripting/python/samba/tests/dns.py
Changeset truncated at 500 lines:
diff --git a/lib/socket_wrapper/py_socket_wrapper.c
b/lib/socket_wrapper/py_socket_wrapper.c
new file mode 100644
index 000..405a43a
--- /dev/null
+++ b/lib/socket_wrapper/py_socket_wrapper.c
@@ -0,0 +1,876 @@
+/*
+ * Copyright (C) Amitay Isaacs 2011
+ *
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *notice, this list of conditions and the following disclaimer in the
+ *documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the author nor the names of its contributors
+ *may be used to endorse or promote products derived from this software
+ *without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ */
+
+/*
+ Python interface to socket wrapper library.
+
+ Passes all socket communication over unix domain sockets if the environment
+ variable SOCKET_WRAPPER_DIR is set.
+*/
+
+#include Python.h
+#include pytalloc.h
+#include replace/replace.h
+#include system/network.h
+#include socket_wrapper.h
+
+#ifndef Py_RETURN_NONE
+#define Py_RETURN_NONE return Py_INCREF(Py_None), Py_None
+#endif
+
+#ifndef Py_TYPE /* Py_TYPE is only available on Python 2.6 */
+#define Py_TYPE(ob)(((PyObject*)(ob))-ob_type)
+#endif
+
+#ifndef PY_CHECK_TYPE
+#define PY_CHECK_TYPE(type, var, fail) \
+ if (!PyObject_TypeCheck(var, type)) {\
+ PyErr_Format(PyExc_TypeError, __location__ : Expected type
'%s' for '%s' of type '%s', (type)-tp_name, #var, Py_TYPE(var)-tp_name
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 55e448f s4 provision/dns: Move DNS-related setup to sambadns module
via eeb370f s4 provision/dns: Move secretsdb_setup_dns to the AD DNS
specific setup
from e308927 s3:selftest: improve logging in the registry upgrade test
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 55e448fe2d1ce63f1262bb02f8e0dd36e916ca32
Author: Kai Blin k...@samba.org
Date: Fri Oct 21 11:56:10 2011 +0200
s4 provision/dns: Move DNS-related setup to sambadns module
Autobuild-User: Kai Blin k...@samba.org
Autobuild-Date: Fri Nov 4 09:15:54 CET 2011 on sn-devel-104
commit eeb370f77a2cdbafe0b87a2af2299a8c5cdfcf6f
Author: Kai Blin k...@samba.org
Date: Fri Oct 21 11:04:07 2011 +0200
s4 provision/dns: Move secretsdb_setup_dns to the AD DNS specific setup
---
Summary of changes:
.../scripting/python/samba/provision/__init__.py | 216 +-
.../scripting/python/samba/provision/sambadns.py | 250 +++-
2 files changed, 252 insertions(+), 214 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/scripting/python/samba/provision/__init__.py
b/source4/scripting/python/samba/provision/__init__.py
index a44bb8e..a8a5a57 100644
--- a/source4/scripting/python/samba/provision/__init__.py
+++ b/source4/scripting/python/samba/provision/__init__.py
@@ -74,7 +74,7 @@ from samba.provision.backend import (
LDBBackend,
OpenLDAPBackend,
)
-from samba.provision.sambadns import setup_ad_dns
+from samba.provision.sambadns import setup_ad_dns, create_dns_update_list
import samba.param
import samba.registry
@@ -922,29 +922,6 @@ def secretsdb_self_join(secretsdb, domain,
secretsdb.add(msg)
-def secretsdb_setup_dns(secretsdb, names, private_dir, realm,
-dnsdomain, dns_keytab_path, dnspass):
-Add DNS specific bits to a secrets database.
-
-:param secretsdb: Ldb Handle to the secrets database
-:param machinepass: Machine password
-
-try:
-os.unlink(os.path.join(private_dir, dns_keytab_path))
-except OSError:
-pass
-
-setup_ldb(secretsdb, setup_path(secrets_dns.ldif), {
-REALM: realm,
-DNSDOMAIN: dnsdomain,
-DNS_KEYTAB: dns_keytab_path,
-DNSPASS_B64: b64encode(dnspass),
-HOSTNAME: names.hostname,
-DNSNAME : '%s.%s' % (
-names.netbiosname.lower(), names.dnsdomain.lower())
-})
-
-
def setup_secretsdb(paths, session_info, backend_credentials, lp):
Setup the secrets database.
@@ -1616,40 +1593,15 @@ def provision_fill(samdb, secrets_ldb, logger, names,
paths,
# It might be that this attribute does not exist in this schema
raise
-secretsdb_setup_dns(secrets_ldb, names,
-paths.private_dir, realm=names.realm,
-dnsdomain=names.dnsdomain,
-dns_keytab_path=paths.dns_keytab, dnspass=dnspass)
-
-setup_ad_dns(samdb, names, logger, hostip=hostip, hostip6=hostip6,
- dns_backend=dns_backend, os_level=dom_for_fun_level)
+setup_ad_dns(samdb, secrets_ldb, names, paths, lp, logger,
+ hostip=hostip, hostip6=hostip6, dns_backend=dns_backend,
+ dnspass=dnspass, os_level=dom_for_fun_level,
+ targetdir=targetdir, site=DEFAULTSITE)
domainguid = samdb.searchone(basedn=samdb.get_default_basedn(),
attribute=objectGUID)
assert isinstance(domainguid, str)
-create_dns_dir(logger, paths)
-
-# Only make a zone file on the first DC, it should be
-# replicated with DNS replication
-if dns_backend == BIND9_FLATFILE:
-create_zone_file(lp, logger, paths, targetdir,
- dnsdomain=names.dnsdomain, hostip=hostip,
hostip6=hostip6,
- hostname=names.hostname, realm=names.realm,
- domainguid=domainguid, ntdsguid=names.ntdsguid)
-
-create_named_conf(paths, realm=names.realm,
- dnsdomain=names.dnsdomain, dns_backend=dns_backend)
-
-create_named_txt(paths.namedtxt,
- realm=names.realm, dnsdomain=names.dnsdomain,
- dnsname = %s.%s % (names.hostname, names.dnsdomain),
- private_dir=paths.private_dir,
- keytab_name=paths.dns_keytab)
-logger.info(See %s for an example configuration include file for
BIND, paths.namedconf)
-logger.info(and %s for further documentation required for secure DNS
-updates, paths.namedtxt)
-
lastProvisionUSNs
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 468fcfd dns: Fix offset check in ndr_pull_component
via 7f24a2b nbt: Fix offset check in ndr_pull_component
via a243473 s4 dns: the opcode is called OPCODE_UPDATE in the RFC, not
OPCODE_REGISTER
via 57bf64b s4 dns: Handle QCLASS_NONE queries
via 61913f8 s4 dns: Support DNS_QTYPE_ALL queries
via 23000bc dns: Build the python bindings
from 9b4c300 s3:smbd: also send the server name in the negprot response
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 468fcfd8be4a246d9860272a286eb0fe7555a819
Author: Kai Blin k...@samba.org
Date: Thu Sep 29 19:31:07 2011 -0700
dns: Fix offset check in ndr_pull_component
Autobuild-User: Kai Blin k...@samba.org
Autobuild-Date: Fri Nov 4 17:25:16 CET 2011 on sn-devel-104
commit 7f24a2b9136dae2c1dd1feced8c92801b25b5fb3
Author: Kai Blin k...@samba.org
Date: Thu Sep 29 19:30:39 2011 -0700
nbt: Fix offset check in ndr_pull_component
commit a243473b490c7345333eba7ad3f2033dfdbafdaa
Author: Kai Blin k...@samba.org
Date: Tue Sep 27 19:51:55 2011 -0700
s4 dns: the opcode is called OPCODE_UPDATE in the RFC, not OPCODE_REGISTER
commit 57bf64b37569c93fecfbdd3e9fe0c4f0acfb679e
Author: Kai Blin k...@samba.org
Date: Tue Sep 27 18:05:38 2011 -0700
s4 dns: Handle QCLASS_NONE queries
commit 61913f85062eb6425bc6eb0a3f2e10aadd075a36
Author: Kai Blin k...@samba.org
Date: Tue Sep 27 17:36:42 2011 -0700
s4 dns: Support DNS_QTYPE_ALL queries
commit 23000bcf2e6cfdb362d7cdbedd6a95d5422080da
Author: Kai Blin k...@samba.org
Date: Mon Sep 26 22:25:51 2011 -0700
dns: Build the python bindings
---
Summary of changes:
librpc/idl/dns.idl |2 +-
librpc/ndr/ndr_dns.c|2 +-
librpc/ndr/ndr_nbt.c|2 +-
librpc/wscript_build|7 ++-
source4/dns_server/dns_query.c | 173 ++
source4/dns_server/dns_server.c |2 +-
source4/librpc/wscript_build|6 ++
7 files changed, 80 insertions(+), 114 deletions(-)
Changeset truncated at 500 lines:
diff --git a/librpc/idl/dns.idl b/librpc/idl/dns.idl
index 08a1699..a60c314 100644
--- a/librpc/idl/dns.idl
+++ b/librpc/idl/dns.idl
@@ -36,7 +36,7 @@ interface dns
DNS_OPCODE_QUERY = (0x011),
DNS_OPCODE_IQUERY = (0x111),
DNS_OPCODE_STATUS = (0x211),
- DNS_OPCODE_REGISTER = (0x511),
+ DNS_OPCODE_UPDATE = (0x511),
DNS_OPCODE_RELEASE= (0x611),
DNS_OPCODE_WACK = (0x711),
DNS_OPCODE_REFRESH= (0x811),
diff --git a/librpc/ndr/ndr_dns.c b/librpc/ndr/ndr_dns.c
index 1004db0..27d8493 100644
--- a/librpc/ndr/ndr_dns.c
+++ b/librpc/ndr/ndr_dns.c
@@ -88,7 +88,7 @@ static enum ndr_err_code ndr_pull_component(struct ndr_pull
*ndr,
reserved lenght field: 0x%02x,
(len 0xC));
}
- if (*offset + len + 2 ndr-data_size) {
+ if (*offset + len + 1 ndr-data_size) {
return ndr_pull_error(ndr, NDR_ERR_STRING,
BAD DNS NAME component, \
length too long);
diff --git a/librpc/ndr/ndr_nbt.c b/librpc/ndr/ndr_nbt.c
index 02297d3..f2a1ca3 100644
--- a/librpc/ndr/ndr_nbt.c
+++ b/librpc/ndr/ndr_nbt.c
@@ -76,7 +76,7 @@ static enum ndr_err_code ndr_pull_component(struct ndr_pull
*ndr,
return ndr_pull_error(ndr, NDR_ERR_STRING,
BAD NBT NAME component);
}
- if (*offset + len + 2 ndr-data_size) {
+ if (*offset + len + 1 ndr-data_size) {
return ndr_pull_error(ndr, NDR_ERR_STRING,
BAD NBT NAME component);
}
diff --git a/librpc/wscript_build b/librpc/wscript_build
index f0b461d..f35fd02 100644
--- a/librpc/wscript_build
+++ b/librpc/wscript_build
@@ -378,6 +378,11 @@ bld.SAMBA_SUBSYSTEM('RPC_NDR_AUDIOSRV',
public_deps='NDR_AUDIOSRV dcerpc-binding'
)
+bld.SAMBA_SUBSYSTEM('RPC_NDR_DNS',
+ source='gen_ndr/ndr_dns_c.c',
+ public_deps='dcerpc-binding NDR_DNS'
+ )
+
bld.SAMBA_SUBSYSTEM('RPC_NDR_ECHO',
source='gen_ndr/ndr_echo_c.c',
public_deps='dcerpc-binding NDR_ECHO'
@@ -583,7 +588,7 @@ bld.SAMBA_LIBRARY('dcerpc-samba',
source='',
deps='''RPC_NDR_LSA RPC_NDR_SAMR RPC_NDR_NETLOGON
RPC_NDR_EVENTLOG RPC_NDR_DFS
RPC_NDR_NTSVCS RPC_NDR_SVCCTL RPC_NDR_INITSHUTDOWN
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 8c07686 s4 provision: DNS backend should be set by caller via d58f266 s4 provision/dns: Clean up os level handling via 6382721 s4 provision/dns: Clean up backend handling via b42b812 s4 provision: Default to win2k3 domain function level via 41d4862 s4 provision: Reword opinionated dns backend help text, add NONE backend via 292554c s4 provision: Rename bind9 flatfile backend to BIND9_FLATFILE from 009b97d provision: fix the doc http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 8c076862ad0b1b14bb6addef323c5678368051af Author: Kai Blin k...@samba.org Date: Sat Oct 15 13:54:45 2011 +0200 s4 provision: DNS backend should be set by caller Autobuild-User: Kai Blin k...@samba.org Autobuild-Date: Mon Oct 17 09:51:12 CEST 2011 on sn-devel-104 commit d58f266d19750484b72ad0e18de3e83c88e81169 Author: Kai Blin k...@samba.org Date: Sat Oct 15 13:52:57 2011 +0200 s4 provision/dns: Clean up os level handling commit 6382721ce0559bd60a9abd08b0a9353db9f7d731 Author: Kai Blin k...@samba.org Date: Sat Oct 15 13:48:28 2011 +0200 s4 provision/dns: Clean up backend handling commit b42b81249c5f6006e743b186a3d58a3763aeabe8 Author: Kai Blin k...@samba.org Date: Sat Oct 15 12:36:50 2011 +0200 s4 provision: Default to win2k3 domain function level commit 41d48626e24324c726793856c3c907c0dd89f3a1 Author: Kai Blin k...@samba.org Date: Sat Oct 15 12:27:55 2011 +0200 s4 provision: Reword opinionated dns backend help text, add NONE backend commit 292554c396d0a848bb73423e08a5f30eba1d4907 Author: Kai Blin k...@samba.org Date: Sat Oct 15 12:17:14 2011 +0200 s4 provision: Rename bind9 flatfile backend to BIND9_FLATFILE --- Summary of changes: source4/scripting/python/samba/join.py |6 ++- .../scripting/python/samba/provision/__init__.py |8 +--- .../scripting/python/samba/provision/sambadns.py | 41 source4/scripting/python/samba/upgrade.py |8 +++- source4/scripting/python/samba/upgradehelpers.py |3 +- source4/setup/provision| 16 ++-- 6 files changed, 52 insertions(+), 30 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/scripting/python/samba/join.py b/source4/scripting/python/samba/join.py index 731f0b5..6a8ac97 100644 --- a/source4/scripting/python/samba/join.py +++ b/source4/scripting/python/samba/join.py @@ -584,7 +584,8 @@ class dc_join(object): serverdn=ctx.server_dn, domain=ctx.domain_name, hostname=ctx.myname, domainsid=ctx.domsid, machinepass=ctx.acct_pass, serverrole=domain controller, -sitename=ctx.site, lp=ctx.lp, ntdsguid=ctx.ntds_guid) +sitename=ctx.site, lp=ctx.lp, ntdsguid=ctx.ntds_guid, +dns_backend=NONE) print Provision OK for domain DN %s % presult.domaindn ctx.local_samdb = presult.samdb ctx.lp = presult.lp @@ -622,7 +623,8 @@ class dc_join(object): domainguid=domguid, targetdir=ctx.targetdir, samdb_fill=FILL_SUBDOMAIN, machinepass=ctx.acct_pass, serverrole=domain controller, - lp=ctx.lp, hostip=ctx.names.hostip, hostip6=ctx.names.hostip6) + lp=ctx.lp, hostip=ctx.names.hostip, hostip6=ctx.names.hostip6, + dns_backend=BIND9_FLATFILE) print(Provision OK for domain %s % ctx.names.dnsdomain) diff --git a/source4/scripting/python/samba/provision/__init__.py b/source4/scripting/python/samba/provision/__init__.py index a3633ab..5e7e374 100644 --- a/source4/scripting/python/samba/provision/__init__.py +++ b/source4/scripting/python/samba/provision/__init__.py @@ -1625,10 +1625,6 @@ def provision_fill(samdb, secrets_ldb, logger, names, paths, dnsdomain=names.dnsdomain, dns_keytab_path=paths.dns_keytab, dnspass=dnspass) -# Default DNS backend is BIND9 using txt files for zone information -if not dns_backend: -dns_backend = BIND9 - setup_ad_dns(samdb, names, logger, hostip=hostip, hostip6=hostip6, dns_backend=dns_backend, os_level=dom_for_fun_level) @@ -1640,7 +1636,7 @@ def provision_fill(samdb, secrets_ldb, logger, names, paths, # Only make a zone file on the first DC, it should be # replicated with DNS replication -if dns_backend == BIND9: +if dns_backend == BIND9_FLATFILE: create_zone_file(lp, logger, paths
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 002694c s3 waf: Use upper case uselib_store parameter, otherwise
the following checks won't find it
from 7fff4e7 s3:dbwrap: remove m_all marshall buffer from ctdb
transaction.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 002694c38d6b4e9231c19e8f830697f02d814923
Author: Kai Blin k...@samba.org
Date: Wed Oct 12 08:17:02 2011 +0200
s3 waf: Use upper case uselib_store parameter, otherwise the following
checks won't find it
Autobuild-User: Kai Blin k...@samba.org
Autobuild-Date: Wed Oct 12 09:49:50 CEST 2011 on sn-devel-104
---
Summary of changes:
source3/wscript |4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/wscript b/source3/wscript
index 47ef847..82434a5 100644
--- a/source3/wscript
+++ b/source3/wscript
@@ -487,7 +487,7 @@ msg.msg_acctrightslen = sizeof(fd);
# gssapi_krb5 and other libraries to its --libs output. That
breaks the use
# of an in-tree heimdal kerberos
conf.check_cfg(path=conf.env.CUPS_CONFIG, args=--cflags --ldflags,
- package=, uselib_store=cups)
+ package=, uselib_store=CUPS)
conf.CHECK_HEADERS('cups/cups.h cups/language.h', lib='cups')
conf.CHECK_FUNCS_IN('httpConnect httpConnectEncrypt', 'cups')
if conf.CONFIG_SET('HAVE_CUPS_CUPS_H') and
conf.CONFIG_SET('HAVE_CUPS_LANGUAGE_H'):
@@ -554,7 +554,7 @@ msg.msg_acctrightslen = sizeof(fd);
conf.find_program('krb5-config', var='KRB5_CONFIG')
if conf.env.KRB5_CONFIG:
conf.check_cfg(path=krb5-config, args=--cflags --libs,
- package=gssapi, uselib_store=krb5)
+ package=gssapi, uselib_store=KRB5)
conf.CHECK_HEADERS('krb5.h krb5/locate_plugin.h', lib='krb5')
conf.CHECK_HEADERS('gssapi.h gssapi/gssapi_generic.h gssapi/gssapi.h
gssapi/gssapi_ext.h gssapi/gssapi_krb5.h com_err.h', lib='krb5')
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 1dbcb61 dns: Move the dns_srv_record to the correct place in the
idl file
via f163bd1 dns: Add support for TXT record to idl file
via d5dcb9e wscript: Also generate ctags for python files
via 5c890ad s4 provision: Set server role default when called from
command line to 'dc'
from 95bb2c2 s3:registry: fix the test for a REG_SZ blob possibly being
a zero terminated ucs2 string
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 1dbcb61c79a0c06fdcfa36bb9304fb0fb66d7ff8
Author: Kai Blin k...@samba.org
Date: Thu Sep 29 19:34:08 2011 -0700
dns: Move the dns_srv_record to the correct place in the idl file
Autobuild-User: Kai Blin k...@samba.org
Autobuild-Date: Sun Oct 2 13:35:49 CEST 2011 on sn-devel-104
commit f163bd1dac691d396725ac27e4493f6d217a66ce
Author: Kai Blin k...@samba.org
Date: Thu Sep 29 19:32:57 2011 -0700
dns: Add support for TXT record to idl file
commit d5dcb9eef1aaf78ae24bca90235acc263bc04a26
Author: Kai Blin k...@samba.org
Date: Wed Sep 28 12:07:27 2011 -0700
wscript: Also generate ctags for python files
commit 5c890ad17ff84bd6ed1dfb26df3cac439fcf37c3
Author: Kai Blin k...@samba.org
Date: Fri Sep 30 16:23:39 2011 -0700
s4 provision: Set server role default when called from command line to 'dc'
---
Summary of changes:
librpc/idl/dns.idl | 16 +++-
source4/setup/provision |3 +++
wscript |2 +-
3 files changed, 15 insertions(+), 6 deletions(-)
Changeset truncated at 500 lines:
diff --git a/librpc/idl/dns.idl b/librpc/idl/dns.idl
index 66390b8..08a1699 100644
--- a/librpc/idl/dns.idl
+++ b/librpc/idl/dns.idl
@@ -132,17 +132,22 @@ interface dns
} dns_soa_record;
typedef [public] struct {
+ uint16 preference;
+ dns_string exchange;
+ } dns_mx_record;
+
+ typedef [public] struct {
+ [value(strlen(txt))] uint8 length;
+ [charset(DOS)] uint8 txt[length];
+ } dns_txt_record;
+
+ typedef [public] struct {
uint16 priority;
uint16 weight;
uint16 port;
dns_string target;
} dns_srv_record;
- typedef [public] struct {
- uint16 preference;
- dns_string exchange;
- } dns_mx_record;
-
typedef [nodiscriminant,public,flag(NDR_NOALIGN)] union {
[case(DNS_QTYPE_A)] ipv4address ipv4_record;
[case(DNS_QTYPE_NS)]dns_string ns_record;
@@ -150,6 +155,7 @@ interface dns
[case(DNS_QTYPE_SOA)] dns_soa_record soa_record;
[case(DNS_QTYPE_PTR)] dns_string ptr_record;
[case(DNS_QTYPE_MX)]dns_mx_recordmx_record;
+ [case(DNS_QTYPE_TXT)] dns_txt_record txt_record;
[case(DNS_QTYPE_)] ipv6address ipv6_record;
[case(DNS_QTYPE_SRV)] dns_srv_record srv_record;
[default];
diff --git a/source4/setup/provision b/source4/setup/provision
index 315de78..d05af51 100755
--- a/source4/setup/provision
+++ b/source4/setup/provision
@@ -198,6 +198,9 @@ elif opts.server_role == member:
else:
server_role = opts.server_role
+if server_role is None:
+server_role = domain controller
+
if opts.function_level is None:
dom_for_fun_level = None
elif opts.function_level == 2000:
diff --git a/wscript b/wscript
index 8454146..1b50baf 100755
--- a/wscript
+++ b/wscript
@@ -146,7 +146,7 @@ def ctags(ctx):
build 'tags' file using ctags
import Utils
source_root = os.path.dirname(Utils.g_module.root_path)
-cmd = 'ctags $(find %s -name *.[ch] | grep -v *_proto\.h | egrep -v
\.inst\.)' % source_root
+cmd = 'ctags --python-kinds=-i $(find %s -name *.[ch] | grep -v
*_proto\.h | egrep -v \.inst\.) $(find %s -name *.py)' % (source_root,
source_root)
print(Running: %s % cmd)
os.system(cmd)
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 1210b8a dns: Do as BIND and MS DNS and drop quries with qdcount != 1
via f98ebcf dns: The QCLASS is called IN, not IP
via da0cae0 s3 net: Fix a discard const warning
via df88e66 errormap: Add unix_to_werror() function
from e8ed54d s3:libsmb: remove unused TALLOC_FREE(subreq) calls in
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 1210b8abe73f39f85f363cbbfa2a990e2ccd4517
Author: Kai Blin k...@samba.org
Date: Mon Sep 26 22:31:46 2011 -0700
dns: Do as BIND and MS DNS and drop quries with qdcount != 1
Autobuild-User: Kai Blin k...@samba.org
Autobuild-Date: Wed Sep 28 03:37:22 CEST 2011 on sn-devel-104
commit f98ebcf43f9b77266ef900a12b019f62d107096a
Author: Kai Blin k...@samba.org
Date: Mon Sep 26 23:37:06 2011 -0700
dns: The QCLASS is called IN, not IP
commit da0cae010a4a4050bb1d740a3df68776cc3c7b0e
Author: Kai Blin k...@samba.org
Date: Sun Sep 25 13:24:50 2011 -0700
s3 net: Fix a discard const warning
commit df88e66250375fec2d0991bf379f4fe6f2550a7c
Author: Kai Blin k...@samba.org
Date: Wed Jan 26 22:17:43 2011 +0100
errormap: Add unix_to_werror() function
While this function technically is closest to the
map_nt_status_from_unix() function, I think it is better to keep the new
function in line with our usual fooerror_to_barerror() naming scheme.
Signed-off-by: Kai Blin k...@samba.org
---
Summary of changes:
libcli/util/error.h|5 +
libcli/util/errormap.c |5 +
librpc/idl/dns.idl |2 +-
source3/utils/net_dns.c|2 +-
source4/dns_server/dns_query.c | 28 +---
5 files changed, 29 insertions(+), 13 deletions(-)
Changeset truncated at 500 lines:
diff --git a/libcli/util/error.h b/libcli/util/error.h
index 5c4dc10..0972601 100644
--- a/libcli/util/error.h
+++ b/libcli/util/error.h
@@ -45,4 +45,9 @@ NTSTATUS map_nt_error_from_unix_common(int unix_error);
NTSTATUS nt_status_squash(NTSTATUS nt_status);
+/*
+convert a Unix error to a WERROR
+ */
+WERROR unix_to_werror(int unix_error);
+
#endif /* _SAMBA_ERROR_H */
diff --git a/libcli/util/errormap.c b/libcli/util/errormap.c
index f96d83f..714e62c 100644
--- a/libcli/util/errormap.c
+++ b/libcli/util/errormap.c
@@ -1238,3 +1238,8 @@ WERROR ntstatus_to_werror(NTSTATUS error)
return W_ERROR(NT_STATUS_V(error) 0x);
}
+/* Convert a Unix error code to a WERROR. */
+WERROR unix_to_werror(int unix_error)
+{
+ return ntstatus_to_werror(map_nt_error_from_unix_common(unix_error));
+}
diff --git a/librpc/idl/dns.idl b/librpc/idl/dns.idl
index 90ac47a..66390b8 100644
--- a/librpc/idl/dns.idl
+++ b/librpc/idl/dns.idl
@@ -60,7 +60,7 @@ interface dns
} dns_rcode;
typedef [public,enum16bit] enum {
- DNS_QCLASS_IP = 0x0001,
+ DNS_QCLASS_IN = 0x0001,
DNS_QCLASS_NONE = 0x00FE,
DNS_QCLASS_ANY = 0x00FF
} dns_qclass;
diff --git a/source3/utils/net_dns.c b/source3/utils/net_dns.c
index f146f29..559c14d 100644
--- a/source3/utils/net_dns.c
+++ b/source3/utils/net_dns.c
@@ -166,7 +166,7 @@ int get_my_ip_address( struct sockaddr_storage **pp_ss )
continue;
/* Don't register loopback addresses */
- if (is_loopback_addr((struct sockaddr *)nic_sa_storage)) {
+ if (is_loopback_addr((const struct sockaddr *)nic_sa_storage)) {
continue;
}
diff --git a/source4/dns_server/dns_query.c b/source4/dns_server/dns_query.c
index f730a70..2153ad9 100644
--- a/source4/dns_server/dns_query.c
+++ b/source4/dns_server/dns_query.c
@@ -86,7 +86,7 @@ static WERROR handle_question(struct dns_server *dns,
ZERO_STRUCT(ans[ai]);
ans[ai].name = talloc_strdup(ans, question-name);
ans[ai].rr_type = DNS_QTYPE_CNAME;
- ans[ai].rr_class = DNS_QCLASS_IP;
+ ans[ai].rr_class = DNS_QCLASS_IN;
ans[ai].ttl = recs[ri].dwTtlSeconds;
ans[ai].length = UINT16_MAX;
ans[ai].rdata.cname_record = talloc_strdup(ans,
recs[ri].data.cname);
@@ -104,7 +104,7 @@ static WERROR handle_question(struct dns_server *dns,
ZERO_STRUCT(ans[ai]);
ans[ai].name = talloc_strdup(ans, question-name);
ans[ai].rr_type = DNS_QTYPE_A;
- ans[ai].rr_class = DNS_QCLASS_IP;
+ ans[ai].rr_class
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via b567694 addns: Remove unused empty header file
via b02bbf2 net: Don't register link local addresses with DNS
via 7466612 addns: Allow creating records during updates
via 8eb80a9 libcli/smb: Get rid of set but unused variable
from 649bfc4 s4 winbind: Don't drop workgroup name for getpw*
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit b567694bb0ee6aa233f639efd6ac495c44e2e172
Author: Kai Blin k...@samba.org
Date: Sat Sep 24 22:40:43 2011 -0700
addns: Remove unused empty header file
Autobuild-User: Kai Blin k...@samba.org
Autobuild-Date: Sun Sep 25 09:15:09 CEST 2011 on sn-devel-104
commit b02bbf237cfd36cd736cefc78f1e3ba3278dc7bf
Author: Kai Blin k...@samba.org
Date: Sat Sep 24 18:18:14 2011 -0700
net: Don't register link local addresses with DNS
commit 7466612392272e70c60114fc035b62b16f6194aa
Author: Kai Blin k...@samba.org
Date: Sat Sep 24 18:17:11 2011 -0700
addns: Allow creating records during updates
commit 8eb80a9d832e08bb356507a870522b0b7180a10a
Author: Kai Blin k...@samba.org
Date: Sat Sep 24 18:28:52 2011 -0700
libcli/smb: Get rid of set but unused variable
---
Summary of changes:
lib/addns/addns.h | 30
lib/addns/dns.h |4 +++
lib/addns/dnsrecord.c | 60 ++---
lib/util/util_net.c | 23 +++
lib/util/util_net.h |1 +
libcli/smb/smb2_create_blob.c |4 ++-
source3/Makefile.in |1 -
source3/utils/net_dns.c |5 +++
8 files changed, 92 insertions(+), 36 deletions(-)
delete mode 100644 lib/addns/addns.h
Changeset truncated at 500 lines:
diff --git a/lib/addns/addns.h b/lib/addns/addns.h
deleted file mode 100644
index 6ef9329..000
--- a/lib/addns/addns.h
+++ /dev/null
@@ -1,30 +0,0 @@
-/*
- Public Interface file for Linux DNS client library implementation
-
- Copyright (C) 2006 Krishna Ganugapati krish...@centeris.com
- Copyright (C) 2006 Gerald Carter je...@samba.org
-
- ** NOTE! The following LGPL license applies to the libaddns
- ** library. This does NOT imply that all of Samba is released
- ** under the LGPL
-
- This library is free software; you can redistribute it and/or
- modify it under the terms of the GNU Lesser General Public
- License as published by the Free Software Foundation; either
- version 2.1 of the License, or (at your option) any later version.
-
- This library is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public
- License along with this library; if not, see http://www.gnu.org/licenses/.
-*/
-
-#ifndef _ADDNS_H
-#define _ADDNS_H
-
-
-#endif /* _ADDNS_H */
-
diff --git a/lib/addns/dns.h b/lib/addns/dns.h
index 6ccdbb6..d98a27e 100644
--- a/lib/addns/dns.h
+++ b/lib/addns/dns.h
@@ -205,6 +205,7 @@
#define QTYPE_MD3
#define QTYPE_CNAME5
#define QTYPE_SOA 6
+#define QTYPE_ 28
#define QTYPE_ANY 255
#defineQTYPE_TKEY 249
#define QTYPE_TSIG 250
@@ -408,6 +409,9 @@ DNS_ERROR dns_create_name_not_in_use_record(TALLOC_CTX
*mem_ctx,
DNS_ERROR dns_create_a_record(TALLOC_CTX *mem_ctx, const char *host,
uint32 ttl, const struct sockaddr_storage *pss,
struct dns_rrec **prec);
+DNS_ERROR dns_create__record(TALLOC_CTX *mem_ctx, const char *host,
+uint32 ttl, const struct sockaddr_storage *pss,
+struct dns_rrec **prec);
DNS_ERROR dns_unmarshall_tkey_record(TALLOC_CTX *mem_ctx, struct dns_rrec *rec,
struct dns_tkey_record **ptkey);
DNS_ERROR dns_create_tsig_record(TALLOC_CTX *mem_ctx, const char *keyname,
diff --git a/lib/addns/dnsrecord.c b/lib/addns/dnsrecord.c
index 2240d08..045fd46 100644
--- a/lib/addns/dnsrecord.c
+++ b/lib/addns/dnsrecord.c
@@ -127,8 +127,7 @@ DNS_ERROR dns_create_a_record(TALLOC_CTX *mem_ctx, const
char *host,
struct in_addr ip;
if (pss-ss_family != AF_INET) {
- /* Silently ignore this. */
- return ERROR_DNS_SUCCESS;
+ return ERROR_DNS_INVALID_PARAMETER;
}
ip = ((const struct sockaddr_in *)pss)-sin_addr;
@@ -147,13 +146,54 @@ DNS_ERROR dns_create_a_record(TALLOC_CTX *mem_ctx, const
char *host,
return err;
}
+DNS_ERROR dns_create__record(TALLOC_CTX *mem_ctx, const char *host,
+uint32 ttl, const struct
[SCM] Samba Website Repository - branch master updated
The branch, master has been updated via f3d7d2b Remove outdated information about mirroring via 89d6998 Fix samba-cvs mailing list description from e52a1f9 Remove table wrapper; tested with firefox and IE http://gitweb.samba.org/?p=samba-web.git;a=shortlog;h=master - Log - commit f3d7d2bdb16bbdf6c66e14436bad0c60c5dfc0ef Author: Kai Blin k...@samba.org Date: Sun Sep 25 22:15:16 2011 -0700 Remove outdated information about mirroring Signed-off-by: Kai Blin k...@samba.org commit 89d69985f398ed25dd171429e666f3e8c2accad8 Author: Kai Blin k...@samba.org Date: Sun Sep 25 22:14:49 2011 -0700 Fix samba-cvs mailing list description Signed-off-by: Kai Blin k...@samba.org --- Summary of changes: archives.html |2 +- mirroring.html | 188 2 files changed, 1 insertions(+), 189 deletions(-) delete mode 100755 mirroring.html Changeset truncated at 500 lines: diff --git a/archives.html b/archives.html index e0e1498..2f4cfc1 100755 --- a/archives.html +++ b/archives.html @@ -37,7 +37,7 @@ /tr tr tda href=http://lists.samba.org/pipermail/samba-cvs/;samba-cvs/a/td - tdSamba CVS and Subversion commit messages/td + tdSamba CVS, Subversion and Git commit messages/td /tr tr tda href=http://lists.samba.org/pipermail/samba-docs/;samba-docs/a/td diff --git a/mirroring.html b/mirroring.html deleted file mode 100755 index 8bb505a..000 --- a/mirroring.html +++ /dev/null @@ -1,188 +0,0 @@ -!--#include virtual=/samba/header.html -- - titleMirroring Samba/title -!--#include virtual=/samba/header_columns.html -- - -h2Mirroring Samba/h2 - -pQuite a few sites like to mirror the Samba ftp site, and sometimes the -web site. The problem with these mirrors is that they can cost us an -enormous amount in network charges. To try to minimise the costs, -please consider the following./p - -h3Is It Needed?/h3 - -pIf this mirror is for your personal use, then please -reconsider. Otherwise, check to see if there is -another mirror site within reasonable proximity to you already. -If there is, then think about whether your mirror is really needed./p - -h3Ask First/h3 - -pIf you decide to go ahead and setup a mirror, then please contact -us so we can add you to the list of available mirrors. Write to -a href=mailto:webmas...@samba.org;webmas...@samba.org/a./p - -h3Not Too Often/h3 - -pPlease don't be tempted to run your mirror script on an hourly -basis. Once a day really is good enough for Samba. /p - -h3Join the mirr...@samba.org List/h3 - -pIf you want to mirror this site, then please join the -mirr...@samba.org mailing list so you can be notified of -changes in the site that require your attention. The list has very low -traffic so it should not be a burden. See -a href=http://lists.samba.org/pipermail/mirrors/; -http://lists.samba.org/pipermail/mirrors//a for information on how to join the list./p - -pYou may also use this list to ask questions about mirroring problems -with this site./p - -h3Use Anonymous rsync/h3 - -pPlease do NOT use ftp mirror scripts or web robots to mirror our -site. Some of these mirroring systems are very inefficient. Not -only do they take a long time to run, but they also use a lot more -bandwidth than is necessary. Web mirror scripts are particularly bad./p - -pIf you do attempt to use a web robot then our automatic web robot -detector will probably catch you and ban your entire site./p - -pYou can use anonymous rsync to obtain a copy of the [sambaftp] -(minus the Binary_Packages download area) and [sambawww] repository. -Please note that official mirror can make use of the [sambaftp-mirror] -repository which includes the Binary_Packages/ directory. However, in -order to do so, you must first obtain the current username and password -for the share. To do this, please send email to a -href=mailto:webmas...@samba.org;webmas...@samba.org/a. -/p - -pYou can read more about rsync at a -href=http://rsync.samba.org/;http://rsync.samba.org//a, -but basically what you want to do is a -href=ftp://samba.org/pub/rsync/;download rsync/a, compile -it for your system then run something like this to do a mirror run:/p - -pre -rsync -az --delete --force mirror.samba.org::sambaftp/ ~ftp/pub/samba -/pre - -pThis will also give you a much better quality mirror than other -mirroring systems. The timestamps will be right to the second, -symbolic links will be preserved, and all the permissions will be -right./p - -h3Mirroring Web Pages/h3 - -pIf you want to mirror the Samba web pages, then it is especially -important that you do not use a web robot. We have had endless -problems with robots using enormous amounts of bandwidth by following -infinite loops in the web pages or downloading stuff that it just isn't -useful to have on a mirror site./p - -pInstead
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 649bfc4 s4 winbind: Don't drop workgroup name for getpw* from ca8c25a Fix bug 8480 - acl_xattr can free an invalid pointer if no blob is loaded. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 649bfc474dc85c921c2739008eb2b645fd7e2baf Author: Kai Blin k...@samba.org Date: Sat Sep 24 10:45:59 2011 -0700 s4 winbind: Don't drop workgroup name for getpw* Autobuild-User: Kai Blin k...@samba.org Autobuild-Date: Sat Sep 24 22:49:50 CEST 2011 on sn-devel-104 --- Summary of changes: source4/winbind/wb_cmd_getpwnam.c |9 - source4/winbind/wb_cmd_getpwuid.c |9 - 2 files changed, 16 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/winbind/wb_cmd_getpwnam.c b/source4/winbind/wb_cmd_getpwnam.c index ac72359..0ba4cb6 100644 --- a/source4/winbind/wb_cmd_getpwnam.c +++ b/source4/winbind/wb_cmd_getpwnam.c @@ -108,6 +108,7 @@ static void cmd_getpwnam_recv_user_info(struct composite_context *ctx) ctx-async.private_data, struct cmd_getpwnam_state); struct libnet_UserInfo *user_info; struct winbindd_pw *pw; + char *username_with_domain; DEBUG(5, (cmd_getpwnam_recv_user_info called\n)); @@ -120,7 +121,13 @@ static void cmd_getpwnam_recv_user_info(struct composite_context *ctx) state-ctx-status = libnet_UserInfo_recv(ctx, state, user_info); if(!composite_is_ok(state-ctx)) return; - WBSRV_SAMBA3_SET_STRING(pw-pw_name, user_info-out.account_name); + username_with_domain = talloc_asprintf(pw, %s%s%s, + state-workgroup_name, + lpcfg_winbind_separator(state-service-task-lp_ctx), + user_info-out.account_name); + if(composite_nomem(username_with_domain, state-ctx)) return; + + WBSRV_SAMBA3_SET_STRING(pw-pw_name, username_with_domain); WBSRV_SAMBA3_SET_STRING(pw-pw_passwd, *); WBSRV_SAMBA3_SET_STRING(pw-pw_gecos, user_info-out.full_name); WBSRV_SAMBA3_SET_STRING(pw-pw_dir, diff --git a/source4/winbind/wb_cmd_getpwuid.c b/source4/winbind/wb_cmd_getpwuid.c index f6f3cb2..73bbb59 100644 --- a/source4/winbind/wb_cmd_getpwuid.c +++ b/source4/winbind/wb_cmd_getpwuid.c @@ -129,6 +129,7 @@ static void cmd_getpwuid_recv_user_info(struct composite_context *ctx) struct cmd_getpwuid_state); struct libnet_UserInfo *user_info; struct winbindd_pw *pw; + char *username_with_domain; DEBUG(5, (cmd_getpwuid_recv_user_info called\n)); @@ -141,7 +142,13 @@ static void cmd_getpwuid_recv_user_info(struct composite_context *ctx) state-ctx-status = libnet_UserInfo_recv(ctx, state, user_info); if (!composite_is_ok(state-ctx)) return; - WBSRV_SAMBA3_SET_STRING(pw-pw_name, user_info-out.account_name); + username_with_domain = talloc_asprintf(pw, %s%s%s, + state-workgroup, + lpcfg_winbind_separator(state-service-task-lp_ctx), + user_info-out.account_name); + if(composite_nomem(username_with_domain, state-ctx)) return; + + WBSRV_SAMBA3_SET_STRING(pw-pw_name, username_with_domain); WBSRV_SAMBA3_SET_STRING(pw-pw_passwd, *); WBSRV_SAMBA3_SET_STRING(pw-pw_gecos, user_info-out.full_name); WBSRV_SAMBA3_SET_STRING(pw-pw_dir, -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 749d022 s4 provision: Add some of the AD-specific DNS records to
the directory
via a8d3bdb s4 provision: split up DNS provisioning into generic and
samba-specific ldifs
from 0b8184d s4:torture/smb2: s/smb2cli_unlock/test_smb2_unlock
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 749d022a0c68dd7d9f62b034e37fbe509dba2c46
Author: Kai Blin k...@samba.org
Date: Mon Jun 27 11:25:39 2011 +0200
s4 provision: Add some of the AD-specific DNS records to the directory
Signed-off-by: Kai Blin k...@samba.org
Autobuild-User: Kai Blin k...@samba.org
Autobuild-Date: Thu Jul 7 02:29:53 CEST 2011 on sn-devel-104
commit a8d3bdb48da71dd65385e4355e46a595ef32dbe0
Author: Kai Blin k...@samba.org
Date: Sun Jun 26 00:36:25 2011 +0200
s4 provision: split up DNS provisioning into generic and samba-specific
ldifs
Signed-off-by: Kai Blin k...@samba.org
---
Summary of changes:
.../scripting/python/samba/provision/__init__.py |8 +-
.../scripting/python/samba/provision/sambadns.py | 231
source4/setup/provision_dns_add.ldif | 23 +--
source4/setup/provision_dns_add_samba.ldif | 17 ++
4 files changed, 258 insertions(+), 21 deletions(-)
create mode 100644 source4/scripting/python/samba/provision/sambadns.py
create mode 100644 source4/setup/provision_dns_add_samba.ldif
Changeset truncated at 500 lines:
diff --git a/source4/scripting/python/samba/provision/__init__.py
b/source4/scripting/python/samba/provision/__init__.py
index 5aabd36..f2b8c04 100644
--- a/source4/scripting/python/samba/provision/__init__.py
+++ b/source4/scripting/python/samba/provision/__init__.py
@@ -74,6 +74,8 @@ from samba.provision.backend import (
LDBBackend,
OpenLDAPBackend,
)
+from samba.provision.sambadns import setup_ad_dns
+
import samba.param
import samba.registry
from samba.schema import Schema
@@ -1101,9 +1103,9 @@ def setup_self_join(samdb, names, machinepass, dnspass,
RIDALLOCATIONEND: str(next_rid + 100 + 499),
})
-# This is partially Samba4 specific and should be replaced by the correct
+# This is Samba4 specific and should be replaced by the correct
# DNS AD-style setup
-setup_add_ldif(samdb, setup_path(provision_dns_add.ldif), {
+setup_add_ldif(samdb, setup_path(provision_dns_add_samba.ldif), {
DNSDOMAIN: names.dnsdomain,
DOMAINDN: names.domaindn,
DNSPASS_B64: b64encode(dnspass.encode('utf-16-le')),
@@ -1761,6 +1763,8 @@ def provision(logger, session_info, credentials,
smbconf=None,
dnsdomain=names.dnsdomain,
dns_keytab_path=paths.dns_keytab, dnspass=dnspass)
+setup_ad_dns(samdb, names=names, hostip=hostip,
hostip6=hostip6)
+
domainguid = samdb.searchone(basedn=domaindn,
attribute=objectGUID)
assert isinstance(domainguid, str)
diff --git a/source4/scripting/python/samba/provision/sambadns.py
b/source4/scripting/python/samba/provision/sambadns.py
new file mode 100644
index 000..6b8561e
--- /dev/null
+++ b/source4/scripting/python/samba/provision/sambadns.py
@@ -0,0 +1,231 @@
+# Unix SMB/CIFS implementation.
+# backend code for provisioning DNS for a Samba4 server
+#
+# Copyright (C) Kai Blin k...@samba.org 2011
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see http://www.gnu.org/licenses/.
+#
+
+DNS-related provisioning
+
+import os
+import ldb
+import samba
+from samba.ndr import ndr_pack
+from samba import read_and_sub_file
+from samba.dcerpc import dnsp
+
+class ARecord(dnsp.DnssrvRpcRecord):
+def __init__(self, ip_addr, serial=1, ttl=3600):
+super(ARecord, self).__init__()
+self.wType = dnsp.DNS_TYPE_A
+self.dwSerial = serial
+self.dwTtlSeconds = ttl
+self.data = ip_addr
+
+class Record(dnsp.DnssrvRpcRecord):
+def __init__(self, ip6_addr, serial=1, ttl=3600):
+super(Record, self).__init__()
+self.wType = dnsp.DNS_TYPE_
+self.dwSerial = serial
+self.dwTtlSeconds = ttl
+self.data = ip6_addr
+
+class NSRecord(dnsp.DnssrvRpcRecord
[Samba] Porting CTDB to Solaris
We wanted to try out clustered Samba on a pair of small OpenSolaris/ Intel boxes. But after downloading the CTDB source from the Samba git repository, I discovered that it won't build on Solaris -- the configure script supports only Linux and AIX. Is there a Solaris port for CTDB, or is somebody working on one? (If not, I might take a crack at it; would it be a straightforward port?) -- Kai Lanz Stanford University School of Earth Sciences -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] How can I confirm that idmap_ad is being used?
Daniel, On May 18, 2011, at 12:00 AM, Zabel, Daniel wrote: I've looked at that file; it's empty. (Not a single entry.) I run my tests with winbindd -n -d 10 -D. Try to add to your smb.conf: log level = 3 idmap:10 winbind:10 to force idmap Logging also to Debuglevel 10. I've discovered that Samba is writing to log files under /usr/local/ samba/var, as well as to files under /var/log/samba. (Why is it doing that? In smb.conf it is told to put log files in /var/log/samba.) Anyway, now I can see that idmap_ad is being called and is making log entries at debug level 10. This enabled me to see that my idmap config SU : range settings were wrong -- I was filtering out values I wanted to see. Once I set the ranges correctly, wbinfo -S started to work. (I can now map a user SID to the correct Unix numerical UID.) The other wbinfo mappings still fail: U, G, and Y. Did net ads testjoin and net ads info work? Yes, both these commands work. Nsswicth.conf is important! Should look like this: passwd:files winbind group: files winbind I've configured my nsswitch.conf like this, but it made no difference. These winbind relevant seetings I have also in my config winbind nss info = rfc2307 template winbind normalize names = yes winbind use default domain = yes winbind offline logon = yes winbind cache time = 180 winbind enum users = yes winbind enum groups = yes winbind nested groups = yes winbind trusted domains only = no Thanks; I altered my config to match these settings, but again, it didn't affect my wbinfo tests. -- Kai Lanz On May 17, 2011, at 5:50 AM, Zabel, Daniel wrote: Have a look at: log.winbindd-idmap I've looked at that file; it's empty. (Not a single entry.) I run my tests with winbindd -n -d 10 -D. Also have a look at: https://bugzilla.samba.org/show_bug.cgi?id=6322 Now, this is interesting! The problem Edgar Holleis describes sounds exactly like the one I am facing. See my post to the Samba mailing list, Winbindd can't convert between SIDs and uid/gid. Edgar said: Winbind correctly resolves: User-Name-SID (wbinfo -n), Group-Name-SID (wbinfo -s) What doesn't work: SID-UID (wbinfo -S), UID-SID (wbinfo -U), GID (wbinfo -Y), GID-UID SID-(wbinfo -G) (Except, wbinfo -s is SID-User-name, the reverse of wbinfo -n, not Group-Name-SID as Edgar wrote...) That's the same pattern of success and failure I get in my wbinfo tests. So, how does one go from Edgar's bug report, with 4 failing wbinfo queries, to your comment, wbinfo resolves everything correctly? I'm running samba-3.5.8 on OpenSolaris. Following Michael Adam's example, I tried the following in my smb.conf: idmap backend = tdb idmap uid = 5 - 9 idmap gid = 5 - 9 idmap config SU : backend = ad idmap config SU : schema_mode = rfc2307 idmap config SU : range = 1 - 2 idmap config WIN : backend = ad idmap config WIN : schema_mode = rfc2307 idmap config WIN : range = 3 - 4 Note the disjoint ranges for each domain. I still get the same failures with wbinfo S, U, G, and Y. It seems I'm still missing something, since our wbinfo doesn't resolve everything correctly. Is nsswitch.conf important, perhaps? It doesn't seem to make any difference whether I add winbind to the passwd and group lines or not. Is that expected? -- Kai Lanz -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] How can I confirm that idmap_ad is being used?
Hi Daniel, On May 17, 2011, at 5:50 AM, Zabel, Daniel wrote: Have a look at: log.winbindd-idmap I've looked at that file; it's empty. (Not a single entry.) I run my tests with winbindd -n -d 10 -D. Also have a look at: https://bugzilla.samba.org/show_bug.cgi?id=6322 Now, this is interesting! The problem Edgar Holleis describes sounds exactly like the one I am facing. See my post to the Samba mailing list, Winbindd can't convert between SIDs and uid/gid. Edgar said: Winbind correctly resolves: User-Name-SID (wbinfo -n), Group-Name-SID (wbinfo -s) What doesn't work: SID-UID (wbinfo -S), UID-SID (wbinfo -U), SID-GID (wbinfo -Y), GID-UID (wbinfo -G) (Except, wbinfo -s is SID-User-name, the reverse of wbinfo -n, not Group-Name-SID as Edgar wrote...) That's the same pattern of success and failure I get in my wbinfo tests. So, how does one go from Edgar's bug report, with 4 failing wbinfo queries, to your comment, wbinfo resolves everything correctly? I'm running samba-3.5.8 on OpenSolaris. Following Michael Adam's example, I tried the following in my smb.conf: idmap backend = tdb idmap uid = 5 - 9 idmap gid = 5 - 9 idmap config SU : backend = ad idmap config SU : schema_mode = rfc2307 idmap config SU : range = 1 - 2 idmap config WIN : backend = ad idmap config WIN : schema_mode = rfc2307 idmap config WIN : range = 3 - 4 Note the disjoint ranges for each domain. I still get the same failures with wbinfo S, U, G, and Y. It seems I'm still missing something, since our wbinfo doesn't resolve everything correctly. Is nsswitch.conf important, perhaps? It doesn't seem to make any difference whether I add winbind to the passwd and group lines or not. Is that expected? -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org ] Im Auftrag von Kai Lanz Gesendet: Dienstag, 17. Mai 2011 02:56 An: samba@lists.samba.org Betreff: [Samba] How can I confirm that idmap_ad is being used? How can I confirm that idmap_ad is being called? I've configured Samba with --with-shared-modules=idmap_ad, built and installed it; the file ad.so is now present in /usr/local/samba/lib/ idmap/ as expected. I then added the following to smb.conf: idmap backend = tdb idmap uid = 65536 - 99 idmap gid = 65536 - 99 idmap config SU : backend = ad idmap config SU : schema_mode = rfc2307 idmap config SU : range = 1 - 65535 idmap config WIN : backend = ad idmap config WIN : schema_mode = rfc2307 idmap config WIN : range = 1 - 65535 Now I fire up winbindd with debug-level = 10, and issue some queries via wbinfo. Some requests work as expected, some fail, but when I look in log.winbindd I never see any reference to idmap.c or idmap_ad.c. I'd like to confirm that this module is being used. I went so far as to deliberately break the smb.conf by specifying idmap config SU range = 1 - which I expected to produce an error from idmap_ad_initialize(), invalid filter range. But that message is never logged; instead I see only errors from winbindd_util.c, add_trusted_domain(): [2011/05/16 16:57:11.442318, 1] winbindd/winbindd_util.c: 204(add_trusted_domain) invalid range syntax in idmap config SU: 1 - Have I missed out on some crucial bit of configuration that's required to enable idmap_ad? -- Kai Lanz Stanford University School of Earth Sciences -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- Kai Lanz -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Issue with Bind
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 2011-05-13 14:49, fe...@epepm.cupet.cu wrote: But I keep reveceiving the following message in log.samba: RuntimeError: kinit for sam...@mydomain.com failed (Cannot contact any KDC for requested realm) And Samba4 is up and running and configured as a domain controller? Cheers, Kai - -- Kai Blin Worldforge developer http://www.worldforge.org/ Wine developer http://wiki.winehq.org/KaiBlin Samba team member http://www.samba.org/samba/team/ -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk3TYAkACgkQEKXX/bF2FpQRiwCfRZkA88SZQTf27wEUSVUmDci+ rd0AoJhnfS9Xi/yuGFJxlqmyXXF8rrmk =86Zi -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] How can I confirm that idmap_ad is being used?
How can I confirm that idmap_ad is being called? I've configured Samba with --with-shared-modules=idmap_ad, built and installed it; the file ad.so is now present in /usr/local/samba/lib/ idmap/ as expected. I then added the following to smb.conf: idmap backend = tdb idmap uid = 65536 - 99 idmap gid = 65536 - 99 idmap config SU : backend = ad idmap config SU : schema_mode = rfc2307 idmap config SU : range = 1 - 65535 idmap config WIN : backend = ad idmap config WIN : schema_mode = rfc2307 idmap config WIN : range = 1 - 65535 Now I fire up winbindd with debug-level = 10, and issue some queries via wbinfo. Some requests work as expected, some fail, but when I look in log.winbindd I never see any reference to idmap.c or idmap_ad.c. I'd like to confirm that this module is being used. I went so far as to deliberately break the smb.conf by specifying idmap config SU range = 1 - which I expected to produce an error from idmap_ad_initialize(), invalid filter range. But that message is never logged; instead I see only errors from winbindd_util.c, add_trusted_domain(): [2011/05/16 16:57:11.442318, 1] winbindd/winbindd_util.c: 204(add_trusted_domain) invalid range syntax in idmap config SU: 1 - Have I missed out on some crucial bit of configuration that's required to enable idmap_ad? -- Kai Lanz Stanford University School of Earth Sciences -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] DLZ plugins for bind from samba4
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 2011-05-12 10:02, Daniel Müller wrote:
Hi Daniel,
is there a good HOWTO for the DLZ plugins available?
Not as far as I know, I'll add something to the wiki later today.
Based on what I've just played with, you need the following (on current
git):
Make sure your BIND 9.8.0 is compiled with support for the dlz-dlopen
driver.
In your named.conf file, set up the zone like this:
dlz demo.home.kblin.org {
database dlopen /usr/local/samba/lib/samba/libdlz_bind9.so;
};
Assuming your domain is demo.home.kblin.org and you use the default
/usr/local/samba prefix while compiling. Otherwise you need to adapt
accordingly.
Then, before starting up BIND, make sure to start samba. Then start BIND.
The only issue (working on this) so far is that after a provision, we
only have the root zones in our AD db. We need to fill in the
domain-specific records as well, but that's not done yet.
HTH,
Kai
- --
Kai Blin
Worldforge developer http://www.worldforge.org/
Wine developer http://wiki.winehq.org/KaiBlin
Samba team member http://www.samba.org/samba/team/
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk3TXQwACgkQEKXX/bF2FpQp6ACggwsGI3c6wTn9iRYW7AHG0sjF
HWoAnRTYZT++t3IiQAlpwpzcOkn87Mqi
=JH5N
-END PGP SIGNATURE-
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
[Samba] Winbindd can't convert between SIDs and uid/gid
Samba 3.5.8 on OpenSolaris (SunOS 5.11) Intel platform; gcc 4.2.3; built with configure --with-winbind --with-krb5 --with-ldap --with-ads Samba is joined to our Windows-2008 AD domain. Pretty much everything works, except that winbindd can't convert between SIDs and uid/gid: 1. wbinfo -r WIN\\lanz (Returns nothing -- no output) First I obtain my SID from wbinfo -n WIN\\lanz, then: 2. wbinfo -S my_SID Could not convert my_SID to uid 3. wbinfo -U 2104 -- That's my correct Unix numerical uid Could not convert uid 2104 to sid 4. wbinfo -G 37 -- That's my correct Unix numerical gid Could not convert gid 37 to sid First I obtain my group SID on another machine, then: 5. wbinfo -Y my_group_SID Could not convert sid my_group_SID to gid These tests were all done with caching disabled on winbindd (-n option). Note that nscd is NOT running (no daemon, service is disabled). Here's the stuff I've tried that works: Forward/reverse DNS kinit/klist getent nslookup -query=SRV _ldap._tcp.dc._msdcs.su.win.stanford.edu nmblookup smbclient -L sestestns1 (from another machine, with anonymous login) net ads testjoin wbinfo -t wbinfo -g wbinfo -u wbinfo --all-domains wbinfo --user-sids wbinfo -n WIN\\lanz wbinfo -s my_SID wbinfo --name-to-sid group_name wbinfo -D SU Mounting a directory shared by Samba using Kerberos authentication (had to increase NGROUPS_MAX before this would work) I'm hoping someone can suggest where the problem is likely to be, given these examples of what works and what doesn't. I ran wbinfo -G 37 with winbindd debug level set to 10; here's the end of the log entries I got: [2011/05/12 11:11:49.492068, 10] winbindd/winbindd.c: 593(process_request) process_request: Handling async request 22838:GID_TO_SID [2011/05/12 11:11:49.492094, 3] winbindd/winbindd_gid_to_sid.c: 46(winbindd_gid_to_sid_send) gid_to_sid 37 [2011/05/12 11:11:49.492136, 10] winbindd/winbindd_dual.c: 1309(fork_domain_child) fork_domain_child called without domain. [2011/05/12 11:11:49.493161, 10] winbindd/winbindd_dual.c: 1342(fork_domain_child) Child process 22839 [2011/05/12 11:11:49.495592, 5] winbindd/winbindd_gid_to_sid.c: 82(winbindd_gid_to_sid_recv) Could not convert sid S-0-0: NT_STATUS_NONE_MAPPED [2011/05/12 11:11:49.495627, 10] winbindd/winbindd.c: 655(wb_request_done) wb_request_done[22838:GID_TO_SID]: NT_STATUS_NONE_MAPPED I'm suspicious of the fork_domain_child called without domain. Also, where did it get the idea to convert S-0-0? Excerpt from our smb.conf [global] section: workgroup = SU realm = SU.WIN.STANFORD.EDU client ntlmv2 auth = yes allow trusted domains = yes lanman auth = Yes client lanman auth = Yes client plaintext auth = Yes preferred master = Auto password server = sudc0.su.win.stanford.edu netbios name = sestestns1 wins server = 171.64.7.155 171.64.7.177 winbind enum groups = yes winbind enum users = yes winbind nested groups = no local master = no dns proxy = Yes name resolve order = lmhosts wins bcast host interfaces = e1000g0 client schannel = No security = ads passdb backend = smbpasswd domain master = auto idmap backend = idmap uid = 65001-65500 idmap gid = 21-31 -- Kai LanzStanford UniversitySchool of Earth Sciences -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 05d00ed nsswitch: Fix build check logic
from ecc030e selftest: Polish selftest-vars.sh a little so it can be
used again
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 05d00ed479e99dea28aead113a3de33546b44526
Author: Kai Blin k...@samba.org
Date: Sun May 8 21:50:34 2011 +0200
nsswitch: Fix build check logic
Only build pam_winbind.so if we want pam modules _and_ have the libs
Autobuild-User: Kai Blin k...@samba.org
Autobuild-Date: Sun May 8 23:56:33 CEST 2011 on sn-devel-104
---
Summary of changes:
nsswitch/wscript_build |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/nsswitch/wscript_build b/nsswitch/wscript_build
index 83b10a7..47f6fbc 100644
--- a/nsswitch/wscript_build
+++ b/nsswitch/wscript_build
@@ -21,7 +21,7 @@ bld.SAMBA_LIBRARY('nss_winbind',
vnum='2')
-if bld.CONFIG_SET('WITH_PAM_MODULES') or bld.CONFIG_SET('HAVE_PAM_START'):
+if bld.CONFIG_SET('WITH_PAM_MODULES') and bld.CONFIG_SET('HAVE_PAM_START'):
bld.SAMBA_LIBRARY('pamwinbind',
source='pam_winbind.c',
deps='intl talloc wbclient winbind-client LIBINIPARSER pam',
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 4b78956 s4 samba-tool: Implement testparm command
from 2d22bbf s3-selftest Look only under source3 for smb.conf files
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 4b7895698557149504773f4e74e8d4eb81c3b093
Author: Kai Blin k...@samba.org
Date: Wed Mar 23 23:06:18 2011 +0100
s4 samba-tool: Implement testparm command
This is a port of the existing testparm python script to a samba-tool
command.
Autobuild-User: Kai Blin k...@samba.org
Autobuild-Date: Tue Apr 5 07:49:13 CEST 2011 on sn-devel-104
---
Summary of changes:
source4/scripting/python/samba/netcmd/__init__.py |2 +
source4/scripting/python/samba/netcmd/testparm.py | 206 +
2 files changed, 208 insertions(+), 0 deletions(-)
create mode 100755 source4/scripting/python/samba/netcmd/testparm.py
Changeset truncated at 500 lines:
diff --git a/source4/scripting/python/samba/netcmd/__init__.py
b/source4/scripting/python/samba/netcmd/__init__.py
index aa74f65..cf514d5 100644
--- a/source4/scripting/python/samba/netcmd/__init__.py
+++ b/source4/scripting/python/samba/netcmd/__init__.py
@@ -213,3 +213,5 @@ from samba.netcmd.gpo import cmd_gpo
commands[gpo2] = cmd_gpo()
from samba.netcmd.ldapcmp import cmd_ldapcmp
commands[ldapcmp] = cmd_ldapcmp()
+from samba.netcmd.testparm import cmd_testparm
+commands[testparm] = cmd_testparm()
diff --git a/source4/scripting/python/samba/netcmd/testparm.py
b/source4/scripting/python/samba/netcmd/testparm.py
new file mode 100755
index 000..ec44858
--- /dev/null
+++ b/source4/scripting/python/samba/netcmd/testparm.py
@@ -0,0 +1,206 @@
+#!/usr/bin/env python
+# vim: expandtab ft=python
+#
+# Unix SMB/CIFS implementation.
+# Test validity of smb.conf
+# Copyright (C) Karl Auer 1993, 1994-1998
+#
+# Extensively modified by Andrew Tridgell, 1995
+# Converted to popt by Jelmer Vernooij (jel...@nl.linux.org), 2002
+# Updated for Samba4 by Andrew Bartlett abart...@samba.org 2006
+# Converted to Python by Jelmer Vernooij jel...@samba.org 2010
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see http://www.gnu.org/licenses/.
+#
+# Testbed for loadparm.c/params.c
+#
+# This module simply loads a specified configuration file and
+# if successful, dumps it's contents to stdout. Note that the
+# operation is performed with DEBUGLEVEL at 3.
+#
+# Useful for a quick 'syntax check' of a configuration file.
+#
+
+import os
+import sys
+import logging
+
+import samba
+import samba.getopt as options
+from samba.netcmd import Command, CommandError, Option
+
+class cmd_testparm(Command):
+Syntax check the configuration file
+
+synopsis =
+
+takes_optiongroups = {
+sambaopts: options.SambaOptions,
+versionopts: options.VersionOptions
+}
+
+takes_options = [
+Option(--section-name, type=str,
+ help=Limit testparm to a named section),
+Option(--parameter-name, type=str,
+ help=Limit testparm to a named parameter),
+Option(--client-name, type=str,
+ help=Client DNS name for 'hosts allow' checking
+(should match reverse lookup)),
+Option(--client-ip, type=str,
+ help=Client IP address for 'hosts allow' checking),
+Option(--suppress-prompt, action=store_true, default=False,
+ help=Suppress prompt for enter),
+Option(-v, --verbose, action=store_true,
+ default=False, help=Show default options too),
+# We need support for smb.conf macros before this will work again
+Option(--server, type=str, help=Set %%L macro to servername),
+# These are harder to do with the new code structure
+Option(--show-all-parameters, action=store_true, default=False,
+ help=Show the parameters, type, possible values)
+]
+
+takes_args = [hostname?, hostip?]
+
+def run(self, *args, **kwargs):
+if kwargs.get('hostname', None) is not None and \
+ kwargs.get('hostip', None) is None:
+raise CommandError(Both a DNS name and an IP address are \
+ required for the host access check)
+
+lp = kwargs
[SCM] Samba Website Repository - branch master updated
The branch, master has been updated via 02f252a Add Samba-S-only logo to have an almost square logo 65x65 pixels for the GSoC website from b5245a3 Announce Samba 3.5.8. http://gitweb.samba.org/?p=samba-web.git;a=shortlog;h=master - Log - commit 02f252aff7e9a7e40b98de13e8f420a48c4b36cc Author: Kai Blin k...@samba.org Date: Wed Mar 30 22:37:26 2011 +0200 Add Samba-S-only logo to have an almost square logo 65x65 pixels for the GSoC website Signed-off-by: Kai Blin k...@samba.org --- Summary of changes: style/2010/samba_2010_logo_transparent_s_only.png | Bin 0 - 7993 bytes .../samba_2010_logo_transparent_s_only_64x52.png | Bin 0 - 1048 bytes 2 files changed, 0 insertions(+), 0 deletions(-) create mode 100644 style/2010/samba_2010_logo_transparent_s_only.png create mode 100644 style/2010/samba_2010_logo_transparent_s_only_64x52.png Changeset truncated at 500 lines: diff --git a/style/2010/samba_2010_logo_transparent_s_only.png b/style/2010/samba_2010_logo_transparent_s_only.png new file mode 100644 index 000..988d7b9 Binary files /dev/null and b/style/2010/samba_2010_logo_transparent_s_only.png differ diff --git a/style/2010/samba_2010_logo_transparent_s_only_64x52.png b/style/2010/samba_2010_logo_transparent_s_only_64x52.png new file mode 100644 index 000..b39556d Binary files /dev/null and b/style/2010/samba_2010_logo_transparent_s_only_64x52.png differ -- Samba Website Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 278c6f8 errormap: Add unix_to_werror() function
from 67e578a Allow security = share with SMB2. We already handle this
in smb2/smb2_server.c
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 278c6f8fc538ad8ee069f0682229fad34abb3513
Author: Kai Blin k...@samba.org
Date: Wed Jan 26 22:17:43 2011 +0100
errormap: Add unix_to_werror() function
While this function technically is closest to the
map_nt_status_from_unix() function, I think it is better to keep the new
function in line with our usual fooerror_to_barerror() naming scheme.
Signed-off-by: Kai Blin k...@samba.org
Autobuild-User: Kai Blin k...@samba.org
Autobuild-Date: Wed Jan 26 23:07:24 CET 2011 on sn-devel-104
---
Summary of changes:
libcli/util/error.h|5 +
source3/lib/errmap_unix.c |6 ++
source4/libcli/util/errormap.c |6 ++
3 files changed, 17 insertions(+), 0 deletions(-)
Changeset truncated at 500 lines:
diff --git a/libcli/util/error.h b/libcli/util/error.h
index 5a7cc1b..77a2f5a 100644
--- a/libcli/util/error.h
+++ b/libcli/util/error.h
@@ -46,4 +46,9 @@ WERROR ntstatus_to_werror(NTSTATUS error);
*/
NTSTATUS map_nt_error_from_unix(int unix_error);
+/*
+convert a Unix error code to a WERROR
+*/
+WERROR unix_to_werror(int unix_error);
+
#endif /* _SAMBA_ERROR_H */
diff --git a/source3/lib/errmap_unix.c b/source3/lib/errmap_unix.c
index 91a620e..b4a98f9 100644
--- a/source3/lib/errmap_unix.c
+++ b/source3/lib/errmap_unix.c
@@ -141,6 +141,12 @@ NTSTATUS map_nt_error_from_unix(int unix_error)
return NT_STATUS_ACCESS_DENIED;
}
+/* Convert a Unix error code to a WERROR. */
+WERROR unix_to_werror(int unix_error)
+{
+ return ntstatus_to_werror(map_nt_error_from_unix(unix_error));
+}
+
/* Return a UNIX errno from a NT status code */
static const struct {
NTSTATUS status;
diff --git a/source4/libcli/util/errormap.c b/source4/libcli/util/errormap.c
index 8fcf60b..29f2331 100644
--- a/source4/libcli/util/errormap.c
+++ b/source4/libcli/util/errormap.c
@@ -1383,6 +1383,12 @@ NTSTATUS map_nt_error_from_unix(int unix_error)
return NT_STATUS_UNSUCCESSFUL;
}
+/* Convert a Unix error code to WERROR */
+WERROR unix_to_werror(int unix_error)
+{
+ return ntstatus_to_werror(map_nt_error_from_unix(unix_error));
+}
+
NTSTATUS ndr_map_error2ntstatus(enum ndr_err_code ndr_err)
{
switch (ndr_err) {
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 1f2518d s4 libcli: Add libcli_echo lib and torture test
via 9df1b40 s4: Implement UDP echo server example
from 5fcbb16 s4:pyrpc_util: s/typename/type_name to avoid c++ warnings
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 1f2518df5a4f21bb7a2bd2abc601517d7988c507
Author: Kai Blin k...@samba.org
Date: Mon Nov 15 23:01:57 2010 +0100
s4 libcli: Add libcli_echo lib and torture test
Autobuild-User: Kai Blin k...@samba.org
Autobuild-Date: Thu Dec 9 23:57:03 CET 2010 on sn-devel-104
commit 9df1b408c1b2432728ecc3d114854535f168b47a
Author: Kai Blin k...@samba.org
Date: Sun Nov 7 10:05:56 2010 +0100
s4: Implement UDP echo server example
This is a simple UDP-based echo server. It is mainly intended as an
example on how to do server service tasks in s4.
---
Summary of changes:
libcli/echo/echo.c| 204 ++
libcli/echo/libecho.h | 56 ++
libcli/echo/tests/echo.c | 93 ++
libcli/echo/tests/wscript_build |8 +
libcli/echo/wscript_build |7 +
selftest/target/Samba4.pm |1 +
source4/echo_server/echo_server.c | 345 +
source4/echo_server/echo_server.h | 33
source4/echo_server/wscript_build |9 +
source4/selftest/tests.py |2 +
source4/wscript_build |2 +
11 files changed, 760 insertions(+), 0 deletions(-)
create mode 100644 libcli/echo/echo.c
create mode 100644 libcli/echo/libecho.h
create mode 100644 libcli/echo/tests/echo.c
create mode 100644 libcli/echo/tests/wscript_build
create mode 100644 libcli/echo/wscript_build
create mode 100644 source4/echo_server/echo_server.c
create mode 100644 source4/echo_server/echo_server.h
create mode 100644 source4/echo_server/wscript_build
Changeset truncated at 500 lines:
diff --git a/libcli/echo/echo.c b/libcli/echo/echo.c
new file mode 100644
index 000..46d1e28
--- /dev/null
+++ b/libcli/echo/echo.c
@@ -0,0 +1,204 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ Echo example async client library
+
+ Copyright (C) 2010 Kai Blin k...@samba.org
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see http://www.gnu.org/licenses/.
+*/
+
+#include replace.h
+#include system/network.h
+#include tevent.h
+#include lib/tsocket/tsocket.h
+#include libcli/util/ntstatus.h
+#include libcli/echo/libecho.h
+#include lib/util/tevent_ntstatus.h
+#include libcli/util/error.h
+
+/*
+ * Following the Samba convention for async functions, set up a state struct
+ * for this set of calls. The state is always called function_name_state for
+ * the set of async functions related to function_name_send().
+ */
+struct echo_request_state {
+ struct tevent_context *ev;
+ ssize_t orig_len;
+ struct tdgram_context *dgram;
+ char *message;
+};
+
+/* Declare callback functions used below. */
+static void echo_request_get_reply(struct tevent_req *subreq);
+static void echo_request_done(struct tevent_req *subreq);
+
+struct tevent_req *echo_request_send(TALLOC_CTX *mem_ctx,
+struct tevent_context *ev,
+const char *server_addr_string,
+const char *message)
+{
+ struct tevent_req *req, *subreq;
+ struct echo_request_state *state;
+ struct tsocket_address *local_addr, *server_addr;
+ struct tdgram_context *dgram;
+ int ret;
+
+ /*
+* Creating the initial tevent_req is the only place where returning
+* NULL is allowed. Everything after that should return a more
+* meaningful error using tevent_req_post().
+*/
+ req = tevent_req_create(mem_ctx, state, struct echo_request_state);
+ if (req == NULL) {
+ return NULL;
+ }
+
+ /*
+* We need to dispatch new async functions in the callbacks, hold
+* on to the event context.
+*/
+ state-ev = ev;
+
+ /* libecho uses connected UDP sockets, take care of this here */
+ ret = tsocket_address_inet_from_strings(state, ip, NULL, 0,
+ local_addr
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 6e27ff3 s3 docs: Reword posix locking text to answer a common question from bf9c3ee s3: Attempt to please autobuild http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 6e27ff36b6b112d3b9eb6e4955b717190ab9fb0d Author: Kai Blin k...@samba.org Date: Tue Nov 30 15:58:05 2010 +0100 s3 docs: Reword posix locking text to answer a common question vl recently pointed me to a valid reason to use posix locking = no. Fix the smb.conf manpage to explain this reason, as this question comes up on the samba mailing list from time to time as well. Autobuild-User: Kai Blin k...@samba.org Autobuild-Date: Wed Dec 1 10:37:30 CET 2010 on sn-devel-104 --- Summary of changes: docs-xml/smbdotconf/locking/posixlocking.xml |3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/smbdotconf/locking/posixlocking.xml b/docs-xml/smbdotconf/locking/posixlocking.xml index e5a89f5..25476f0 100644 --- a/docs-xml/smbdotconf/locking/posixlocking.xml +++ b/docs-xml/smbdotconf/locking/posixlocking.xml @@ -8,7 +8,8 @@ daemon maintains an database of file locks obtained by SMB clients. The default behavior is to map this internal database to POSIX locks. This means that file locks obtained by SMB clients are consistent with those seen by POSIX compliant applications accessing the files via a non-SMB - method (e.g. NFS or local file access). You should never need to disable this parameter. + method (e.g. NFS or local file access). It is very unlikely that you need to set this parameter + to no, unless you are sharing from an NFS mount, which is not a good idea in the first place. /para /description value type=defaultyes/value -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via 8268e03 s3 docs: Reword posix locking text to answer a common question from e6d3146 s3: Fix bug 7832 http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit 8268e030235b6cb5e6288a53133bba1faa9e63b1 Author: Kai Blin k...@samba.org Date: Tue Nov 30 15:58:05 2010 +0100 s3 docs: Reword posix locking text to answer a common question vl recently pointed me to a valid reason to use posix locking = no. Fix the smb.conf manpage to explain this reason, as this question comes up on the samba mailing list from time to time as well. (cherry picked from commit fd17979293ecb37bdb16c5078fefb3f63cfb3730) --- Summary of changes: docs-xml/smbdotconf/locking/posixlocking.xml |3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/smbdotconf/locking/posixlocking.xml b/docs-xml/smbdotconf/locking/posixlocking.xml index e5a89f5..25476f0 100644 --- a/docs-xml/smbdotconf/locking/posixlocking.xml +++ b/docs-xml/smbdotconf/locking/posixlocking.xml @@ -8,7 +8,8 @@ daemon maintains an database of file locks obtained by SMB clients. The default behavior is to map this internal database to POSIX locks. This means that file locks obtained by SMB clients are consistent with those seen by POSIX compliant applications accessing the files via a non-SMB - method (e.g. NFS or local file access). You should never need to disable this parameter. + method (e.g. NFS or local file access). It is very unlikely that you need to set this parameter + to no, unless you are sharing from an NFS mount, which is not a good idea in the first place. /para /description value type=defaultyes/value -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 3f43b7e tevent: Fix docstring, tevent_req_is_in_progress does not destroy private data from 27df2e5 s4-test: added testing of w2k3 DC join to test-howto.py http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 3f43b7e54205298766d38f250afe0c9285ed427d Author: Kai Blin k...@samba.org Date: Wed Nov 17 07:07:08 2010 +0100 tevent: Fix docstring, tevent_req_is_in_progress does not destroy private data Autobuild-User: Kai Blin k...@samba.org Autobuild-Date: Wed Nov 17 07:23:51 UTC 2010 on sn-devel-104 --- Summary of changes: lib/tevent/tevent.h |2 -- 1 files changed, 0 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/tevent/tevent.h b/lib/tevent/tevent.h index 40fbbe6..82c1483 100644 --- a/lib/tevent/tevent.h +++ b/lib/tevent/tevent.h @@ -924,8 +924,6 @@ struct tevent_req *tevent_req_post(struct tevent_req *req, * * It is typically used by sync wrapper functions. * - * This function destroys the attached private data. - * * @param[in] req The request to poll. * * @return The boolean form of is in progress. -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 6cd9234 net: Add and fix some German translation from 16e73c6 s4:objectclass LDB module - implement the objectClass change restrictions on Windows 2000 forest function level http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 6cd92340b6b2003dbe3380819626a1f443b3456c Author: André Hentschel n...@dawncrow.de Date: Sun Nov 14 23:09:03 2010 +0100 net: Add and fix some German translation typo spotted by Michael Wood Signed-off-by: Kai Blin k...@samba.org Autobuild-User: Kai Blin k...@samba.org Autobuild-Date: Mon Nov 15 21:44:39 UTC 2010 on sn-devel-104 --- Summary of changes: source3/locale/net/de.po |8 1 files changed, 4 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/locale/net/de.po b/source3/locale/net/de.po index 36a4bb5..85b195e 100644 --- a/source3/locale/net/de.po +++ b/source3/locale/net/de.po @@ -3066,7 +3066,7 @@ msgstr \t-e oder --encrypt\t\t\tSMB Ãbertragung verschlüsseln (nur UNIX erwe #: ../../utils/net_help_common.c:54 msgid \t-k or --kerberos\t\tUse kerberos (active directory) authentication\n -msgstr \t-k oder --kerberos\t\tKerberos benutzen (active directory) authentication\n +msgstr \t-k oder --kerberos\t\tKerberos Authentifizierung benutzen (Active Directory)\ny #: ../../utils/net_idmap.c:26 msgid Out of memory!\n @@ -6161,12 +6161,12 @@ msgstr \t[%s:%s]: REG_SZ: %s\n #: ../../utils/net_rpc_printer.c:96 #, c-format msgid \t[%s:%s]: REG_BINARY: unknown length value not displayed\n -msgstr +msgstr \t[%s:%s]: REG_BINARY: unbekannte Länge, Daten werden nicht angezeigt\n #: ../../utils/net_rpc_printer.c:120 #, c-format msgid \t%s: unknown type %d\n -msgstr +msgstr \t%s: unbekannter Typ %d\n #: ../../utils/net_rpc_printer.c:254 #, c-format @@ -6544,7 +6544,7 @@ msgstr #: ../../utils/net_rpc_registry.c:1173 ../../utils/net_rpc_registry.c:1179 #, c-format msgid Closing %s... -msgstr +msgstr SchlieÃe %s... #: ../../utils/net_rpc_registry.c:1214 msgid net rpc registry getsd path secinfo\n -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via b73a05e s4 net: rename to samba-tool in order to not clash with s3 net from 5634f55 build: remove warnings about redifinition of boolean use -KPIC on suncc http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit b73a05e4e184238614d73c1519f2880cd946908d Author: Kai Blin k...@samba.org Date: Sat Oct 23 19:27:26 2010 -0700 s4 net: rename to samba-tool in order to not clash with s3 net Autobuild-User: Kai Blin k...@samba.org Autobuild-Date: Thu Oct 28 07:25:16 UTC 2010 on sn-devel-104 --- Summary of changes: selftest/target/Samba4.pm | 22 +- source4/samba_tool/drs/drs.c| 361 source4/samba_tool/drs/drs.h| 87 source4/samba_tool/drs/drs_bind.c | 136 ++ source4/samba_tool/drs/drs_kcc.c| 170 source4/samba_tool/drs/drs_replicate.c | 252 +++ source4/samba_tool/drs/drs_showrepl.c | 605 ++ source4/samba_tool/gpo.c| 618 +++ source4/samba_tool/password.c | 171 source4/samba_tool/samba_tool.c | 387 + source4/samba_tool/samba_tool.h | 39 ++ source4/samba_tool/vampire.c| 130 ++ source4/samba_tool/wscript_build| 17 + source4/selftest/skip |2 +- source4/selftest/tests.py |2 +- source4/setup/tests/blackbox_group.sh | 78 ++-- source4/setup/tests/blackbox_newuser.sh | 22 +- source4/setup/tests/blackbox_setpassword.sh | 10 +- source4/setup/tests/blackbox_spn.sh | 24 +- source4/torture/drs/python/delete_object.py |8 +- source4/torture/drs/python/fsmo.py |6 +- source4/utils/net/config.mk | 50 --- source4/utils/net/drs/net_drs.c | 361 source4/utils/net/drs/net_drs.h | 87 source4/utils/net/drs/net_drs_bind.c| 136 -- source4/utils/net/drs/net_drs_kcc.c | 170 source4/utils/net/drs/net_drs_replicate.c | 252 --- source4/utils/net/drs/net_drs_showrepl.c| 605 -- source4/utils/net/net.c | 387 - source4/utils/net/net.h | 39 -- source4/utils/net/net_gpo.c | 618 --- source4/utils/net/net_password.c| 171 source4/utils/net/net_vampire.c | 130 -- source4/utils/net/wscript_build | 18 - source4/utils/tests/test_net.sh | 40 -- source4/utils/tests/test_samba_tool.sh | 40 ++ source4/wscript_build |2 +- testprogs/blackbox/test_export_keytab.sh| 10 +- testprogs/blackbox/test_kinit.sh| 18 +- testprogs/blackbox/test_ktpass.sh |4 +- testprogs/blackbox/test_passwords.sh| 36 +- testprogs/blackbox/test_pkinit.sh |4 +- 42 files changed, 3137 insertions(+), 3188 deletions(-) create mode 100644 source4/samba_tool/drs/drs.c create mode 100644 source4/samba_tool/drs/drs.h create mode 100644 source4/samba_tool/drs/drs_bind.c create mode 100644 source4/samba_tool/drs/drs_kcc.c create mode 100644 source4/samba_tool/drs/drs_replicate.c create mode 100644 source4/samba_tool/drs/drs_showrepl.c create mode 100644 source4/samba_tool/gpo.c create mode 100644 source4/samba_tool/password.c create mode 100644 source4/samba_tool/samba_tool.c create mode 100644 source4/samba_tool/samba_tool.h create mode 100644 source4/samba_tool/vampire.c create mode 100644 source4/samba_tool/wscript_build delete mode 100644 source4/utils/net/config.mk delete mode 100644 source4/utils/net/drs/net_drs.c delete mode 100644 source4/utils/net/drs/net_drs.h delete mode 100644 source4/utils/net/drs/net_drs_bind.c delete mode 100644 source4/utils/net/drs/net_drs_kcc.c delete mode 100644 source4/utils/net/drs/net_drs_replicate.c delete mode 100644 source4/utils/net/drs/net_drs_showrepl.c delete mode 100644 source4/utils/net/net.c delete mode 100644 source4/utils/net/net.h delete mode 100644 source4/utils/net/net_gpo.c delete mode 100644 source4/utils/net/net_password.c delete mode 100644 source4/utils/net/net_vampire.c delete mode 100644 source4/utils/net/wscript_build delete mode 100755 source4/utils/tests/test_net.sh create mode 100755 source4/utils/tests/test_samba_tool.sh Changeset truncated at 500 lines: diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm index ba96f08..168fe42 100644 --- a/selftest/target/Samba4.pm +++ b/selftest/target/Samba4.pm @@ -880,11 +880,11 @@ sub provision_member
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 72c8ccd s4 dns: Implement update record prescan logic via 005a656 s4 dns: Add stub checking if updates are allowed via 1e670df s4 dns: Add a prerequisites check for updates via cfa4796 s4 dns: Switch to WERROR via 682a2e9 s4 dns: Split up the code into multiple files for easier development via cebce2b s4 dns: More work on updates via fb18175 s4 dns: Map between NTSTATUS and dns error codes via a6305c4 s4 dns: Better error handling when parsing invalid or unknown records via 69a5229 s4 dns: start handling update requests, return correct error codes via eb4f101 s4 dns: Allow more components as part of a domain name via 063727a s4 dns: Handle CNAME records via 32a1b71 s4 dns: Parse srv and soa records via 615857d s4 dns: Look up all names in the ldb database. via 678634a s4 dns: Look up records in the ldb database via 80f3088 s4 dns: Fix a data corruption in the dns_string parsing via 1c25cc7 dnsp: Can't have two memebers of a union with the same name via a7b833e s4 dns: Reply to a name request with an A record. via 719a6bb ndr dns: Add simple parser via 96195b2 s4 dns: Add a boilerplate DNS server implementation via caf4196 dns/nbt: Fix spelling of the authoritative flag. via 9786871 idl: Add idl describing DNS structures via 4ffdf09 netlogon.idl: Switch to explicit constants to remove dependency on nbt.idl via eeac222 s4 dns: Import DNS win32 error codes from MS-ERREF via e7358e7 s4 dsdb kcc: Prefer msDS-hasMasterNCs over hasMasterNCs when replicating via f26c9b3 s4 socket: increase the debuglevel to make add interface debug messages less verbose from 821a202 s4:rpc_server/netlogon: netr_ServerAuthenticate3 should return NO_TRUST_SAM_ACCOUNT http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 72c8ccd408070bcb3defba34865d31a1ea6311fe Author: Kai Blin k...@samba.org Date: Sun Oct 3 12:21:00 2010 +0200 s4 dns: Implement update record prescan logic Autobuild-User: Kai Blin k...@samba.org Autobuild-Date: Sat Oct 23 10:58:18 UTC 2010 on sn-devel-104 commit 005a65660d1d5a39cccdabca1970b7e56537df17 Author: Kai Blin k...@samba.org Date: Sun Oct 3 00:40:32 2010 +0200 s4 dns: Add stub checking if updates are allowed commit 1e670dff6a0b9b5e42849817deb3c79e4ea30f57 Author: Kai Blin k...@samba.org Date: Mon Oct 11 23:40:18 2010 +0200 s4 dns: Add a prerequisites check for updates commit cfa47965fe2aacf861a107c0db4daa5d43180471 Author: Kai Blin k...@samba.org Date: Mon Oct 11 23:39:44 2010 +0200 s4 dns: Switch to WERROR commit 682a2e93daddbd95e617dde9dcdc7dee7a739929 Author: Kai Blin k...@samba.org Date: Fri Oct 1 12:59:22 2010 -0700 s4 dns: Split up the code into multiple files for easier development commit cebce2b9a40db1f5d28e20b6eda7010e9c530a5d Author: Kai Blin k...@samba.org Date: Mon Oct 11 23:50:16 2010 +0200 s4 dns: More work on updates commit fb181752c5a8704140e36977c2723d4d3c4c8166 Author: Kai Blin k...@samba.org Date: Mon Oct 11 23:22:55 2010 +0200 s4 dns: Map between NTSTATUS and dns error codes commit a6305c4a168e7d3ac06f824dce05767bc7e9b9c0 Author: Kai Blin k...@samba.org Date: Thu Sep 30 20:35:00 2010 -0700 s4 dns: Better error handling when parsing invalid or unknown records commit 69a52290ce81c62f1d6af717c4bd9b6281f0886f Author: Kai Blin k...@samba.org Date: Thu Sep 30 18:21:53 2010 -0700 s4 dns: start handling update requests, return correct error codes commit eb4f101200f18fdf7482e14c4471d6e90b166af0 Author: Kai Blin k...@samba.org Date: Thu Sep 30 18:20:42 2010 -0700 s4 dns: Allow more components as part of a domain name commit 063727a88b10cbd27892d0e165fe18958849f7df Author: Kai Blin k...@samba.org Date: Thu Sep 30 17:05:23 2010 -0700 s4 dns: Handle CNAME records commit 32a1b71ec8e51a2e9486c174e4b23e3942e14079 Author: Stefan Metzmacher me...@samba.org Date: Fri Oct 1 01:41:29 2010 +0200 s4 dns: Parse srv and soa records Signed-off-by: Kai Blin k...@samba.org commit 615857d9899906b3505397b22e769538315a27ef Author: Kai Blin k...@samba.org Date: Thu Sep 30 16:35:04 2010 -0700 s4 dns: Look up all names in the ldb database. commit 678634abfb590a6819b125a04777c509e83e4a3f Author: Kai Blin k...@samba.org Date: Mon Oct 11 22:32:25 2010 +0200 s4 dns: Look up records in the ldb database commit 80f30889e9c947e6ddf31efd5d07d32d1a806209 Author: Kai Blin k...@samba.org Date: Mon Oct 11 22:31:14 2010 +0200 s4 dns: Fix a data corruption in the dns_string parsing commit 1c25cc705762366e2525e61df3d193b2ea2106bf Author: Kai Blin k...@samba.org Date: Mon Oct 11 22:29:05 2010 +0200 dnsp: Can't have two memebers of a union with the same name
Re: [Samba] samba 4 idmap problem
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 2010-10-06 17:35, Taylor, Jonn wrote: Seems that each system is making up it own id's. Both the centos and fedora systems have the same idmap settings. idmap uid = 300-400 idmap gid = 300-400 That means you're not setting an idmap backend, so this defaults to tdb on the 3.5 boxes. In turn, this means that all three systems are creating id mappings on an as-needed basis, creating uids and gids in the order of the users/groups that request ids. Unless you use some scheme that keeps the unixids in sync across the network, you'll always be seeing this. Possible solutions include using the rid backend to idmap, which will add the sid's RID part to the idmap base. If you only have users coming in from one domain, that should be fine for the 3.5 boxes. The Samba4 idmap implementation is less sophisticated and only knows about the tdb-like counting up unixids. Nothing much that can be done about this right now. We're currently investigating the most viable way to fix this. Cheers, Kai - -- Kai Blin Worldforge developer http://www.worldforge.org/ Wine developer http://wiki.winehq.org/KaiBlin Samba team member http://www.samba.org/samba/team/ -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkytXbgACgkQEKXX/bF2FpQ1YACdG4f1GRHoWzarY8W5Xw2TEh96 O00An1YSpVBmRzYCePySJHZr0xdw3ua8 =0Bmi -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
