[SCM] Samba Shared Repository - branch v4-0-test updated - release-4-0-0alpha5-107-g532ccbb
The branch, v4-0-test has been updated
via 532ccbbe7aa360440f455dfa136f425b9996e998 (commit)
via f8628fa330abcd50923d995d5bda1f4811582ea9 (commit)
via 1c909973977ae117703c1ccf7589acc4625e76e5 (commit)
from b91bbc5fe4a47e5823be6be5f2f203f1f14105de (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test
- Log -
commit 532ccbbe7aa360440f455dfa136f425b9996e998
Merge: f8628fa330abcd50923d995d5bda1f4811582ea9
b91bbc5fe4a47e5823be6be5f2f203f1f14105de
Author: Andrew Bartlett [EMAIL PROTECTED]
Date: Wed Jul 23 16:15:46 2008 +1000
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into
4-0-local
commit f8628fa330abcd50923d995d5bda1f4811582ea9
Author: Andrew Bartlett [EMAIL PROTECTED]
Date: Wed Jul 23 16:14:20 2008 +1000
Remove the 'accoc_group_id' check in the RPC server.
This check breaks more than it fixes, and while technically not
correct, is the best solution we have at this time. Otherwise,
SCHANNEL binds from WinXP fail.
Andrew Bartlett
commit 1c909973977ae117703c1ccf7589acc4625e76e5
Author: Andrew Bartlett [EMAIL PROTECTED]
Date: Wed Jul 23 13:49:00 2008 +1000
Explain where some other OIDs are allocated.
This is an odd place for an OID registry - we perhaps need a central
wiki page.
Andrew Bartlett
---
Summary of changes:
source/rpc_server/dcerpc_server.c | 11 +++
source/setup/schema_samba4.ldif |6 ++
2 files changed, 17 insertions(+), 0 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/rpc_server/dcerpc_server.c
b/source/rpc_server/dcerpc_server.c
index d8dafd6..91ae5fc 100644
--- a/source/rpc_server/dcerpc_server.c
+++ b/source/rpc_server/dcerpc_server.c
@@ -534,9 +534,20 @@ static NTSTATUS dcesrv_bind(struct dcesrv_call_state *call)
uint32_t context_id;
const struct dcesrv_interface *iface;
+#if 0
+ /* It is not safe to enable this check - windows clients
+* (WinXP in particular) will use it for NETLOGON calls, for
+* the subsequent SCHANNEL bind. It turns out that NETLOGON
+* calls include no policy handles, so it is safe there. Let
+* the failure occour on the attempt to reuse a poilcy handle,
+* rather than here */
+
+ /* Association groups allow policy handles to be shared across
+* multiple client connections. We don't implement this yet. */
if (call-pkt.u.bind.assoc_group_id != 0) {
return dcesrv_bind_nak(call, 0);
}
+#endif
if (call-pkt.u.bind.num_contexts 1 ||
call-pkt.u.bind.ctx_list[0].num_transfer_syntaxes 1) {
diff --git a/source/setup/schema_samba4.ldif b/source/setup/schema_samba4.ldif
index 21d17c5..3e129e4 100644
--- a/source/setup/schema_samba4.ldif
+++ b/source/setup/schema_samba4.ldif
@@ -3,9 +3,15 @@
#
## Samba4 OID allocation from Samba3's examples/LDAP/samba.schema
## 1.3.6.1.4.1.7165.4.1.x - attributetypes
+
## 1.3.6.1.4.1.7165.4.2.x - objectclasses
+
## 1.3.6.1.4.1.7165.4.3.x - LDB/LDAP Controls
+### see dsdb/samdb/samdb.h
+
## 1.3.6.1.4.1.7165.4.4.x - LDB/LDAP Extended Operations
+### see dsdb/samdb/samdb.h
+
## 1.3.6.1.4.1.7165.4.255.x - mapped OIDs due to conflicts between AD and
standards-track
#
#
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-0-test updated - release-4-0-0alpha5-112-gae311d8
The branch, v4-0-test has been updated
via ae311d89d2d477b235a6a9294a8bb463ed0a8c05 (commit)
via af629a3738298d27eb2dbecf466ceb503cec9638 (commit)
via a93b20b85b7b35965c428f1543cb7bbe96e16d42 (commit)
via 136a85599815670c807f212d7d4003ec53a13729 (commit)
via 74d684f6b329d7dd573cdc55e16bb8e629474b02 (commit)
from 532ccbbe7aa360440f455dfa136f425b9996e998 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test
- Log -
commit ae311d89d2d477b235a6a9294a8bb463ed0a8c05
Merge: af629a3738298d27eb2dbecf466ceb503cec9638
532ccbbe7aa360440f455dfa136f425b9996e998
Author: Andrew Bartlett [EMAIL PROTECTED]
Date: Wed Jul 23 16:20:07 2008 +1000
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into
4-0-abartlet
commit af629a3738298d27eb2dbecf466ceb503cec9638
Author: Andrew Bartlett [EMAIL PROTECTED]
Date: Wed Jul 23 16:19:54 2008 +1000
The SMB session key must not be more than 16 bytes in SAMR (and
presumably LSA).
Tests show that Vista requires the sesion key to be truncated for a
domain join.
Andrew Bartlett
commit a93b20b85b7b35965c428f1543cb7bbe96e16d42
Merge: 136a85599815670c807f212d7d4003ec53a13729
b91bbc5fe4a47e5823be6be5f2f203f1f14105de
Author: Andrew Bartlett [EMAIL PROTECTED]
Date: Wed Jul 23 16:15:43 2008 +1000
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into
4-0-abartlet
commit 136a85599815670c807f212d7d4003ec53a13729
Author: Andrew Bartlett [EMAIL PROTECTED]
Date: Tue Jul 22 11:09:18 2008 +1000
Install'named.txt' to private/ as documentation.
This document is much more use when subbed with all the right things.
Andrew Bartlett
commit 74d684f6b329d7dd573cdc55e16bb8e629474b02
Author: Matthias Dieter Wallnöfer [EMAIL PROTECTED]
Date: Tue Jul 22 11:06:47 2008 +1000
Improve DNS and Group poicy configurations.
- fixes bug #4813 (simplify DNS setup)
- This reworks the named.conf to be a fully fledged include
- This also moves the documentation into named.txt
- improves bug #4900 (Group policy support in Samba)
- by creating an empty GPT.INI
- fixes bug #5582 (DNS: Enhanced zone file)
- This is now closer to the zone file AD creates
committed by Andrew Bartlett
---
Summary of changes:
source/librpc/rpc/dcerpc_util.c| 14 +-
source/rpc_server/dcerpc_server.c | 11 -
source/scripting/python/samba/provision.py | 31 -
source/setup/named.conf| 63 ++--
source/setup/named.txt | 46
source/setup/provision.zone|7 +++-
6 files changed, 115 insertions(+), 57 deletions(-)
create mode 100644 source/setup/named.txt
Changeset truncated at 500 lines:
diff --git a/source/librpc/rpc/dcerpc_util.c b/source/librpc/rpc/dcerpc_util.c
index 71c6d5f..32646e8 100644
--- a/source/librpc/rpc/dcerpc_util.c
+++ b/source/librpc/rpc/dcerpc_util.c
@@ -647,11 +647,21 @@ NTSTATUS dcerpc_generic_session_key(struct
dcerpc_connection *c,
/*
fetch the user session key - may be default (above) or the SMB session key
+
+ The key is always truncated to 16 bytes
*/
_PUBLIC_ NTSTATUS dcerpc_fetch_session_key(struct dcerpc_pipe *p,
- DATA_BLOB *session_key)
+ DATA_BLOB *session_key)
{
- return p-conn-security_state.session_key(p-conn, session_key);
+ NTSTATUS status;
+ status = p-conn-security_state.session_key(p-conn, session_key);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+
+ session_key-length = MIN(session_key-length, 16);
+
+ return NT_STATUS_OK;
}
diff --git a/source/rpc_server/dcerpc_server.c
b/source/rpc_server/dcerpc_server.c
index 91ae5fc..a2ca897 100644
--- a/source/rpc_server/dcerpc_server.c
+++ b/source/rpc_server/dcerpc_server.c
@@ -270,11 +270,20 @@ NTSTATUS dcesrv_generic_session_key(struct
dcesrv_connection *p,
/*
fetch the user session key - may be default (above) or the SMB session key
+
+ The key is always truncated to 16 bytes
*/
_PUBLIC_ NTSTATUS dcesrv_fetch_session_key(struct dcesrv_connection *p,
DATA_BLOB *session_key)
{
- return p-auth_state.session_key(p, session_key);
+ NTSTATUS status = p-auth_state.session_key(p, session_key);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+
+ session_key-length = MIN(session_key-length, 16);
+
+ return NT_STATUS_OK;
}
diff --git a/source/scripting/python/samba/provision.py
b/source/scripting/python/samba/provision.py
index 6eb47c8..4b31038 100644
--- a/source/scripting/python/samba/provision.py
+++
Re: [SCM] Samba Shared Repository - branch v4-0-test updated - release-4-0-0alpha5-107-g532ccbb
Andrew Bartlett schrieb:
The branch, v4-0-test has been updated
via 532ccbbe7aa360440f455dfa136f425b9996e998 (commit)
via f8628fa330abcd50923d995d5bda1f4811582ea9 (commit)
via 1c909973977ae117703c1ccf7589acc4625e76e5 (commit)
from b91bbc5fe4a47e5823be6be5f2f203f1f14105de (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test
- Log -
commit 532ccbbe7aa360440f455dfa136f425b9996e998
Merge: f8628fa330abcd50923d995d5bda1f4811582ea9
b91bbc5fe4a47e5823be6be5f2f203f1f14105de
Author: Andrew Bartlett [EMAIL PROTECTED]
Date: Wed Jul 23 16:15:46 2008 +1000
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into
4-0-local
commit f8628fa330abcd50923d995d5bda1f4811582ea9
Author: Andrew Bartlett [EMAIL PROTECTED]
Date: Wed Jul 23 16:14:20 2008 +1000
Remove the 'accoc_group_id' check in the RPC server.
This check breaks more than it fixes, and while technically not
correct, is the best solution we have at this time. Otherwise,
SCHANNEL binds from WinXP fail.
Andrew Bartlett
commit 1c909973977ae117703c1ccf7589acc4625e76e5
Author: Andrew Bartlett [EMAIL PROTECTED]
Date: Wed Jul 23 13:49:00 2008 +1000
Explain where some other OIDs are allocated.
This is an odd place for an OID registry - we perhaps need a central
wiki page.
Andrew Bartlett
---
Summary of changes:
source/rpc_server/dcerpc_server.c | 11 +++
source/setup/schema_samba4.ldif |6 ++
2 files changed, 17 insertions(+), 0 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/rpc_server/dcerpc_server.c
b/source/rpc_server/dcerpc_server.c
index d8dafd6..91ae5fc 100644
--- a/source/rpc_server/dcerpc_server.c
+++ b/source/rpc_server/dcerpc_server.c
@@ -534,9 +534,20 @@ static NTSTATUS dcesrv_bind(struct dcesrv_call_state
*call)
uint32_t context_id;
const struct dcesrv_interface *iface;
+#if 0
+ /* It is not safe to enable this check - windows clients
+ * (WinXP in particular) will use it for NETLOGON calls, for
+ * the subsequent SCHANNEL bind. It turns out that NETLOGON
+ * calls include no policy handles, so it is safe there. Let
+ * the failure occour on the attempt to reuse a poilcy handle,
+ * rather than here */
+
+ /* Association groups allow policy handles to be shared across
+ * multiple client connections. We don't implement this yet. */
if (call-pkt.u.bind.assoc_group_id != 0) {
return dcesrv_bind_nak(call, 0);
}
+#endif
I think we should just allow 0 or the 0x12345678 value we give away
and fail all other values...
Would that be enough to make WinXP work?
metze
signature.asc
Description: OpenPGP digital signature
[SCM] Samba Shared Repository - branch v4-0-test updated - release-4-0-0alpha5-113-g26d1f93
The branch, v4-0-test has been updated
via 26d1f9366d8611af1a69095b4cede2d2c95c982d (commit)
from ae311d89d2d477b235a6a9294a8bb463ed0a8c05 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test
- Log -
commit 26d1f9366d8611af1a69095b4cede2d2c95c982d
Author: Stefan Metzmacher [EMAIL PROTECTED]
Date: Thu Jul 17 13:36:59 2008 +0200
libnet/become_dc: add a comment and explain why it's important to specify
krb5
metze
---
Summary of changes:
source/libnet/libnet_become_dc.c |9 +
1 files changed, 9 insertions(+), 0 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/libnet/libnet_become_dc.c b/source/libnet/libnet_become_dc.c
index 556ba80..31a9206 100644
--- a/source/libnet/libnet_become_dc.c
+++ b/source/libnet/libnet_become_dc.c
@@ -1516,6 +1516,15 @@ static void becomeDC_drsuapi_connect_send(struct
libnet_BecomeDC_state *s,
drsuapi-s = s;
if (!drsuapi-binding) {
+ /*
+* Note: It's important to pass 'krb5' as auth_type here
+* otherwise the replication will not work with
+* Windows 2000. If NTLMSSP is used Windows 2000
+* returns garbage in the DsGetNCChanges() response
+* if encrypted password attributes would be in the
response.
+* That means the replication of the schema and
configuration
+* partition works fine, but it fails for the domain
partition.
+*/
if (lp_parm_bool(s-libnet-lp_ctx, NULL, become_dc, print,
false)) {
binding_str = talloc_asprintf(s,
ncacn_ip_tcp:%s[krb5,print,seal], s-source_dsa.dns_name);
if (composite_nomem(binding_str, c)) return;
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-0-test updated - release-4-0-0alpha5-115-g7ee9910
The branch, v4-0-test has been updated
via 7ee99105ea3a50d8ee2c83ecd39e834ed9efb98c (commit)
via 67a99e445871861945fd0a45784cffb358bdccf3 (commit)
from 26d1f9366d8611af1a69095b4cede2d2c95c982d (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test
- Log -
commit 7ee99105ea3a50d8ee2c83ecd39e834ed9efb98c
Author: Michael Adam [EMAIL PROTECTED]
Date: Wed Jul 23 11:06:50 2008 +0200
smbtorture: add a warning for unknown BindInfo length to the RPC-DSSYNC test
Michael
commit 67a99e445871861945fd0a45784cffb358bdccf3
Author: Michael Adam [EMAIL PROTECTED]
Date: Wed Jul 23 11:05:24 2008 +0200
smbtorture: add support for the DSBindInfo48 to the RPC-DSSYNC test.
Michael
---
Summary of changes:
source/torture/rpc/dssync.c | 12
1 files changed, 12 insertions(+), 0 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/torture/rpc/dssync.c b/source/torture/rpc/dssync.c
index 35fd4df..3279047 100644
--- a/source/torture/rpc/dssync.c
+++ b/source/torture/rpc/dssync.c
@@ -214,9 +214,21 @@ static bool _test_DsBind(struct torture_context *tctx,
b-peer_bind_info28.repl_epoch = 0;
break;
}
+ case 48: {
+ struct drsuapi_DsBindInfo48 *info48;
+ info48 = b-req.out.bind_info-info.info48;
+ b-peer_bind_info28.supported_extensions=
info48-supported_extensions;
+ b-peer_bind_info28.site_guid =
info48-site_guid;
+ b-peer_bind_info28.pid = info48-pid;
+ b-peer_bind_info28.repl_epoch =
info48-repl_epoch;
+ break;
+ }
case 28:
b-peer_bind_info28 = b-req.out.bind_info-info.info28;
break;
+ default:
+ printf(DsBind - warning: unknown BindInfo length:
%u\n,
+ b-req.out.bind_info-length);
}
}
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-0-test updated - release-4-0-0alpha5-116-gc123e59
The branch, v4-0-test has been updated
via c123e597cc84685abf2b0d3564e1a26d80bbef2f (commit)
from 7ee99105ea3a50d8ee2c83ecd39e834ed9efb98c (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test
- Log -
commit c123e597cc84685abf2b0d3564e1a26d80bbef2f
Author: Stefan Metzmacher [EMAIL PROTECTED]
Date: Wed Jul 23 14:41:16 2008 +0200
rpc_server: be more strict with the incoming assoc_group_id
Allow 0 and 0x12345678 only.
This fixes the RPC-HANDLES test.
metze
---
Summary of changes:
source/rpc_server/dcerpc_server.c | 24
1 files changed, 12 insertions(+), 12 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/rpc_server/dcerpc_server.c
b/source/rpc_server/dcerpc_server.c
index a2ca897..ac36825 100644
--- a/source/rpc_server/dcerpc_server.c
+++ b/source/rpc_server/dcerpc_server.c
@@ -543,20 +543,20 @@ static NTSTATUS dcesrv_bind(struct dcesrv_call_state
*call)
uint32_t context_id;
const struct dcesrv_interface *iface;
-#if 0
- /* It is not safe to enable this check - windows clients
-* (WinXP in particular) will use it for NETLOGON calls, for
-* the subsequent SCHANNEL bind. It turns out that NETLOGON
-* calls include no policy handles, so it is safe there. Let
-* the failure occour on the attempt to reuse a poilcy handle,
-* rather than here */
-
- /* Association groups allow policy handles to be shared across
-* multiple client connections. We don't implement this yet. */
- if (call-pkt.u.bind.assoc_group_id != 0) {
+ /*
+* Association groups allow policy handles to be shared across
+* multiple client connections. We don't implement this yet.
+*
+* So we just allow 0 if the client wants to create a new
+* association group.
+*
+* And we allow the 0x12345678 value, we give away as
+* assoc_group_id back to the clients
+*/
+ if (call-pkt.u.bind.assoc_group_id != 0
+ call-pkt.u.bind.assoc_group_id != 0x12345678) {
return dcesrv_bind_nak(call, 0);
}
-#endif
if (call-pkt.u.bind.num_contexts 1 ||
call-pkt.u.bind.ctx_list[0].num_transfer_syntaxes 1) {
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-0-test updated - release-4-0-0alpha5-133-g08618bb
The branch, v4-0-test has been updated via 08618bbd508ede0bb9e1922fae562cffdca41cbd (commit) via 8300259f103f8cfe014988fad0f7ee0d49bb1ac2 (commit) via 97b7901afbccc9647ad2958d4cf12300de2655d1 (commit) via ca9cd81a1798fb15195566422b3cad7c282fce89 (commit) via 4ad73a0bf8952783d3d9a7339c0c4fd8ca28981a (commit) via 5edff84429ef0d03b47a438e18861d26c97e17b6 (commit) via 1bf552856f3a930c4716ceb73d9ba9adf7502d3d (commit) via da9ceb2bf17f964334d9317829d40483e2c04b10 (commit) via 7219740ef434091617c6bb727374251987ff2a62 (commit) via 19b8c8e37bafab050ab61266c35006efada2947c (commit) via 24c5b10136f6e640832193aaf9e6d7e865c288bc (commit) via 5b860572686167d0291161f6597f143e538e2f3a (commit) via 9a70b2237d4fdd523edfbca0329ad35e71faf998 (commit) via 26e9169d454349795ad0bc64d7f65059541ab89e (commit) via ca28d05b11e602e0f98cda0e02f973562c199dc6 (commit) via ac02d6a0f765e3b66fb6796f129edb1a348ecd84 (commit) via 6a7637b12e4a34915a53e81a0f47571da21fdc5a (commit) from c123e597cc84685abf2b0d3564e1a26d80bbef2f (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test - Log - commit 08618bbd508ede0bb9e1922fae562cffdca41cbd Author: Stefan Metzmacher [EMAIL PROTECTED] Date: Wed Jul 23 09:35:19 2008 +0200 password_hash: add generation of the Primary:Kerberos-Newer-Keys blob But it's still of by default until we now what triggers this generation. It could be that the value is always generated but the KDC only uses it when in a specific funtional level, but it could also be that it's only generated in a specific functional level. metze commit 8300259f103f8cfe014988fad0f7ee0d49bb1ac2 Author: Stefan Metzmacher [EMAIL PROTECTED] Date: Tue Jul 22 18:47:27 2008 +0200 hdb-ldb: try to find Primary:Kerberos-Newer-Keys and fallback to Primary:Kerberos Now provide AES tickets if we find the keys in the supplementalCredentials attribute metze commit 97b7901afbccc9647ad2958d4cf12300de2655d1 Author: Stefan Metzmacher [EMAIL PROTECTED] Date: Tue Jul 22 12:28:07 2008 +0200 drsblobs.idl: add idl for Primary:Kerberos-Newer-Keys blob in supplementalCredentials metze commit ca9cd81a1798fb15195566422b3cad7c282fce89 Author: Stefan Metzmacher [EMAIL PROTECTED] Date: Tue Jul 22 18:54:21 2008 +0200 password_hash: order the supplementalCredentials Packages in the same order like windows metze commit 4ad73a0bf8952783d3d9a7339c0c4fd8ca28981a Author: Stefan Metzmacher [EMAIL PROTECTED] Date: Tue Jul 22 18:27:36 2008 +0200 password_hash: split the generation of krb5 keys into a different function metze commit 5edff84429ef0d03b47a438e18861d26c97e17b6 Author: Stefan Metzmacher [EMAIL PROTECTED] Date: Tue Jul 22 18:32:49 2008 +0200 password_hash: simplify the logic if we have cleartext we always generate the hashes metze commit 1bf552856f3a930c4716ceb73d9ba9adf7502d3d Author: Stefan Metzmacher [EMAIL PROTECTED] Date: Wed Jul 23 10:05:43 2008 +0200 password_hash: fix callers after idl change for package_PrimaryKerberos metze commit da9ceb2bf17f964334d9317829d40483e2c04b10 Author: Stefan Metzmacher [EMAIL PROTECTED] Date: Wed Jul 23 08:53:34 2008 +0200 drsblobs.idl: fix unknowns in package_PrimaryKerberos idl metze commit 7219740ef434091617c6bb727374251987ff2a62 Author: Stefan Metzmacher [EMAIL PROTECTED] Date: Wed Jul 23 13:41:51 2008 +0200 hdb-ldb: check the SUPPLEMENTAL_CREDENTIALS_SIGNATURE metze commit 19b8c8e37bafab050ab61266c35006efada2947c Author: Stefan Metzmacher [EMAIL PROTECTED] Date: Wed Jul 23 13:31:14 2008 +0200 password_hash: check the SUPPLEMENTAL_CREDENTIALS_SIGNATURE metze commit 24c5b10136f6e640832193aaf9e6d7e865c288bc Author: Stefan Metzmacher [EMAIL PROTECTED] Date: Wed Jul 23 13:06:32 2008 +0200 drsblobs.idl: fix idl for supplementalCredentialsSubBlob metze commit 5b860572686167d0291161f6597f143e538e2f3a Author: Stefan Metzmacher [EMAIL PROTECTED] Date: Wed Jul 23 12:00:42 2008 +0200 password_hash: ignore reserved value, but still set it like windows does metze commit 9a70b2237d4fdd523edfbca0329ad35e71faf998 Author: Stefan Metzmacher [EMAIL PROTECTED] Date: Wed Jul 23 13:53:03 2008 +0200 drsblobs.idl: rename unknown1 - reserved metze commit 26e9169d454349795ad0bc64d7f65059541ab89e Author: Stefan Metzmacher [EMAIL PROTECTED] Date: Tue Jul 22 18:31:45 2008 +0200 password_hash: don't add zero padding as w2k8 also don't add it metze commit ca28d05b11e602e0f98cda0e02f973562c199dc6 Author: Stefan Metzmacher [EMAIL PROTECTED] Date: Tue Jul 22 18:46:24 2008 +0200 hdb-ldb: fix comment about padding metze commit ac02d6a0f765e3b66fb6796f129edb1a348ecd84
[SCM] Samba Shared Repository - branch v4-0-test updated - release-4-0-0alpha5-137-g1f5704e
The branch, v4-0-test has been updated
via 1f5704e2dee5900e8d1d87699b76f67c0e12854e (commit)
via 97e8d5813df19cae294b6de2a880606f0f8c2c59 (commit)
via 7d80fab912576923c7474d77b8ed960b01296914 (commit)
via a8aea9274170a2b472c45c97a4904bd299d2a92e (commit)
from 08618bbd508ede0bb9e1922fae562cffdca41cbd (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test
- Log -
commit 1f5704e2dee5900e8d1d87699b76f67c0e12854e
Author: Michael Adam [EMAIL PROTECTED]
Date: Wed Jul 23 15:34:45 2008 +0200
drsuapi: always set the pid field of the outgoing DsBindInfo to 0.
This is for debugging and informational purposes only.
The assignment is implementation specific.
(WSPP docs, sec. 5.35).
Michael
commit 97e8d5813df19cae294b6de2a880606f0f8c2c59
Author: Michael Adam [EMAIL PROTECTED]
Date: Wed Jul 23 15:21:44 2008 +0200
libnet_unbecome_dc: teach unbecomeDC_drsuapi_bind_recv() DsBindInfo48.
..to work agains w2k8.
Michael
commit 7d80fab912576923c7474d77b8ed960b01296914
Author: Michael Adam [EMAIL PROTECTED]
Date: Wed Jul 23 15:18:57 2008 +0200
libnet_become_cd: teach becomeDC_drsuapi_bind_recv() DsBindInfo48.
To work with w2k8.
Michael
commit a8aea9274170a2b472c45c97a4904bd299d2a92e
Author: Michael Adam [EMAIL PROTECTED]
Date: Wed Jul 23 14:07:06 2008 +0200
dsdb: teach dreplsrv_out_drsuapi_bind_recv() knowledge of DsBindInfo48.
To make it work against w2k8.
Michael
---
Summary of changes:
source/dsdb/repl/drepl_out_helpers.c |9 +
source/libnet/libnet_become_dc.c | 16 ++--
source/libnet/libnet_unbecome_dc.c | 11 ++-
source/torture/rpc/dssync.c |2 +-
4 files changed, 30 insertions(+), 8 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/dsdb/repl/drepl_out_helpers.c
b/source/dsdb/repl/drepl_out_helpers.c
index 0700867..345e3db 100644
--- a/source/dsdb/repl/drepl_out_helpers.c
+++ b/source/dsdb/repl/drepl_out_helpers.c
@@ -146,6 +146,15 @@ static void dreplsrv_out_drsuapi_bind_recv(struct
rpc_request *req)
st-drsuapi-remote_info28.repl_epoch = 0;
break;
}
+ case 48: {
+ struct drsuapi_DsBindInfo48 *info48;
+ info48 = st-bind_r.out.bind_info-info.info48;
+ st-drsuapi-remote_info28.supported_extensions =
info48-supported_extensions;
+ st-drsuapi-remote_info28.site_guid=
info48-site_guid;
+ st-drsuapi-remote_info28.pid =
info48-pid;
+ st-drsuapi-remote_info28.repl_epoch =
info48-repl_epoch;
+ break;
+ }
case 28:
st-drsuapi-remote_info28 =
st-bind_r.out.bind_info-info.info28;
break;
diff --git a/source/libnet/libnet_become_dc.c b/source/libnet/libnet_become_dc.c
index 31a9206..6a13974 100644
--- a/source/libnet/libnet_become_dc.c
+++ b/source/libnet/libnet_become_dc.c
@@ -1611,12 +1611,7 @@ static void becomeDC_drsuapi_bind_send(struct
libnet_BecomeDC_state *s,
bind_info28-supported_extensions |=
DRSUAPI_SUPPORTED_EXTENSION_XPRESS_COMPRESS;
#endif
bind_info28-site_guid = s-dest_dsa.site_guid;
- if (s-domain.behavior_version == 2) {
- /* TODO: find out how this is really triggered! */
- bind_info28-pid= 528;
- } else {
- bind_info28-pid= 516;
- }
+ bind_info28-pid= 0;
bind_info28-repl_epoch = 0;
drsuapi-bind_info_ctr.length = 28;
@@ -1649,6 +1644,15 @@ static WERROR becomeDC_drsuapi_bind_recv(struct
libnet_BecomeDC_state *s,
drsuapi-remote_info28.repl_epoch = 0;
break;
}
+ case 48: {
+ struct drsuapi_DsBindInfo48 *info48;
+ info48 = drsuapi-bind_r.out.bind_info-info.info48;
+ drsuapi-remote_info28.supported_extensions =
info48-supported_extensions;
+ drsuapi-remote_info28.site_guid=
info48-site_guid;
+ drsuapi-remote_info28.pid =
info48-pid;
+ drsuapi-remote_info28.repl_epoch =
info48-repl_epoch;
+ break;
+ }
case 28:
drsuapi-remote_info28 =
drsuapi-bind_r.out.bind_info-info.info28;
break;
diff --git
[SCM] Samba Shared Repository - branch v4-0-test updated - release-4-0-0alpha5-139-ga7bfa1f
The branch, v4-0-test has been updated
via a7bfa1fb1bc6fb8e412990b7ff4c3ce9bc55099d (commit)
via af85aad8147b85a0b9ea2ccc66b8f04efdfe5cf3 (commit)
from 1f5704e2dee5900e8d1d87699b76f67c0e12854e (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test
- Log -
commit a7bfa1fb1bc6fb8e412990b7ff4c3ce9bc55099d
Author: Michael Adam [EMAIL PROTECTED]
Date: Wed Jul 23 16:23:31 2008 +0200
libnet_become_dc: send msDS_Behavior_Version == 3 (win2k8) in DsAddEntry
instead of version 2 (win2k3).
This makes the NET-API-BECOME-DC test work against windows 2003 and 2008.
Michael
commit af85aad8147b85a0b9ea2ccc66b8f04efdfe5cf3
Author: Michael Adam [EMAIL PROTECTED]
Date: Wed Jul 23 17:54:25 2008 +0200
libnet_become_cd: add boolean option become_dc:force krb5 to control krb5
auth.
This allows controlling whether krb5 auth is forced for the rpc bind in
libnet_become_dc. It defaults to yes. For Windows 2000, DsGetNCChanges
only krb5 auth works due to a bug in Windows (it returns garbage - a
positive object count is returned along with first object == NULL).
For Windows 2008, on the other hand, krb5 auth does not work currently
due to the lack of support for AES keys. (Metze is working on that.)
Michael
---
Summary of changes:
source/dsdb/common/flags.h |1 +
source/libnet/libnet_become_dc.c | 30 +++---
2 files changed, 20 insertions(+), 11 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/dsdb/common/flags.h b/source/dsdb/common/flags.h
index 3611141..e8802fd 100644
--- a/source/dsdb/common/flags.h
+++ b/source/dsdb/common/flags.h
@@ -122,3 +122,4 @@
#define DS_BEHAVIOR_WIN20000
#define DS_BEHAVIOR_WIN2003_INTERIM1
#define DS_BEHAVIOR_WIN20032
+#define DS_BEHAVIOR_WIN20083
diff --git a/source/libnet/libnet_become_dc.c b/source/libnet/libnet_become_dc.c
index 6a13974..1ce067c 100644
--- a/source/libnet/libnet_become_dc.c
+++ b/source/libnet/libnet_become_dc.c
@@ -1516,22 +1516,30 @@ static void becomeDC_drsuapi_connect_send(struct
libnet_BecomeDC_state *s,
drsuapi-s = s;
if (!drsuapi-binding) {
+ char *krb5_str = ;
+ char *print_str = ;
/*
-* Note: It's important to pass 'krb5' as auth_type here
-* otherwise the replication will not work with
-* Windows 2000. If NTLMSSP is used Windows 2000
-* returns garbage in the DsGetNCChanges() response
+* Note: Replication only works with Windows 2000 when 'krb5' is
+* passed as auth_type here. If NTLMSSP is used, Windows
+* 2000 returns garbage in the DsGetNCChanges() response
* if encrypted password attributes would be in the
response.
* That means the replication of the schema and
configuration
* partition works fine, but it fails for the domain
partition.
*/
- if (lp_parm_bool(s-libnet-lp_ctx, NULL, become_dc, print,
false)) {
- binding_str = talloc_asprintf(s,
ncacn_ip_tcp:%s[krb5,print,seal], s-source_dsa.dns_name);
- if (composite_nomem(binding_str, c)) return;
- } else {
- binding_str = talloc_asprintf(s,
ncacn_ip_tcp:%s[krb5,seal], s-source_dsa.dns_name);
- if (composite_nomem(binding_str, c)) return;
+ if (lp_parm_bool(s-libnet-lp_ctx, NULL, become_dc,
+force krb5, true))
+ {
+ krb5_str = krb5,;
}
+ if (lp_parm_bool(s-libnet-lp_ctx, NULL, become_dc,
+print, false))
+ {
+ print_str = print,;
+ }
+ binding_str = talloc_asprintf(s, ncacn_ip_tcp:%s[%s%sseal],
+ s-source_dsa.dns_name,
+ krb5_str, print_str);
+ if (composite_nomem(binding_str, c)) return;
c-status = dcerpc_parse_binding(s, binding_str,
drsuapi-binding);
talloc_free(binding_str);
if (!composite_is_ok(c)) return;
@@ -2096,7 +2104,7 @@ static void becomeDC_drsuapi1_add_entry_send(struct
libnet_BecomeDC_state *s)
vd[0] = data_blob_talloc(vd, NULL, 4);
if (composite_nomem(vd[0].data, c)) return;
- SIVAL(vd[0].data, 0, DS_BEHAVIOR_WIN2003);
+ SIVAL(vd[0].data, 0, DS_BEHAVIOR_WIN2008);
vs[0].blob = vd[0];
--
Samba Shared
[SCM] Samba Shared Repository - branch v3-3-test updated - release-3-2-0pre2-3395-g4b8362f
The branch, v3-3-test has been updated
via 4b8362f9777debd21c47154e786b7017fbf847f7 (commit)
from 5ab391d466ce9ddea31f6f6bf467aa6c5f3a7efb (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test
- Log -
commit 4b8362f9777debd21c47154e786b7017fbf847f7
Author: Steve French [EMAIL PROTECTED]
Date: Wed Jul 23 14:25:17 2008 -0500
cifs.upcall: fix compile warning
Steve French noticed these warnings when building cifs.upcall:
Compiling client/cifs.upcall.c
client/cifs.upcall.c: In function 'usage':
client/cifs.upcall.c:204: warning: declaration of 'prog' shadows a
global declaration
client/cifs.upcall.c:33: warning: shadowed declaration is here
Change the usage function to not take and arg and have it just use the
global
prog variable. Fix a typo in the log message generated when an unknown
option is specified. Also getopt() always returns '?' when it sees an
unknown
option so there's no point in printing it out.
Signed-off-by: Jeff Layton [EMAIL PROTECTED]
---
Summary of changes:
source/client/cifs.upcall.c |6 +++---
1 files changed, 3 insertions(+), 3 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/client/cifs.upcall.c b/source/client/cifs.upcall.c
index 3860f33..e389326 100644
--- a/source/client/cifs.upcall.c
+++ b/source/client/cifs.upcall.c
@@ -201,7 +201,7 @@ int cifs_resolver(const key_serial_t key, const char
*key_descr)
}
void
-usage(const char *prog)
+usage()
{
syslog(LOG_WARNING, Usage: %s [-c] [-v] key_serial, prog);
fprintf(stderr, Usage: %s [-c] [-v] key_serial\n, prog);
@@ -234,7 +234,7 @@ int main(const int argc, char *const argv[])
goto out;
}
default:{
- syslog(LOG_WARNING, unknow option: %c, c);
+ syslog(LOG_WARNING, unknown option: %c, c);
goto out;
}
}
@@ -242,7 +242,7 @@ int main(const int argc, char *const argv[])
/* is there a key? */
if (argc = optind) {
- usage(prog);
+ usage();
goto out;
}
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-3-test updated - release-3-2-0pre2-3403-gd78667c
The branch, v3-3-test has been updated
via d78667c88515aa4fffc49b44c00f470f7d25bd4d (commit)
via 5db983d1538453f0ba35d67a099396a18c7ab736 (commit)
via a5de166833631dbc8450277d180c69086deacd4b (commit)
via 5459745369092a4d48fee18fb1be53f195405370 (commit)
via e33af40ad41816531c3189ef146f192a902d3229 (commit)
via 38aca9c11783daf30e19b4951451ec9a6b85cd30 (commit)
via 398702a818a0c292ab5b4f76be95168de83ffa25 (commit)
via fb0379aede4665987679c2e1b5ae943f124804b6 (commit)
from 4b8362f9777debd21c47154e786b7017fbf847f7 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test
- Log -
commit d78667c88515aa4fffc49b44c00f470f7d25bd4d
Author: Michael Adam [EMAIL PROTECTED]
Date: Wed Jul 23 23:10:34 2008 +0200
re-run make idl after adding idl for idl for Primary:Kerberos-Newer-Keys
Michael
commit 5db983d1538453f0ba35d67a099396a18c7ab736
Author: Stefan Metzmacher [EMAIL PROTECTED]
Date: Tue Jul 22 12:28:07 2008 +0200
drsblobs.idl: add idl for Primary:Kerberos-Newer-Keys blob in
supplementalCredentials
metze
(cherry picked from commit 97b7901afbccc9647ad2958d4cf12300de2655d1)
commit a5de166833631dbc8450277d180c69086deacd4b
Author: Michael Adam [EMAIL PROTECTED]
Date: Wed Jul 23 23:06:30 2008 +0200
re-run make idl after fixing unknowns in package_PrimaryKerberos
(drsblobs.idl)
Michael
commit 5459745369092a4d48fee18fb1be53f195405370
Author: Stefan Metzmacher [EMAIL PROTECTED]
Date: Wed Jul 23 08:53:34 2008 +0200
drsblobs.idl: fix unknowns in package_PrimaryKerberos idl
metze
(cherry picked from commit da9ceb2bf17f964334d9317829d40483e2c04b10)
commit e33af40ad41816531c3189ef146f192a902d3229
Author: Michael Adam [EMAIL PROTECTED]
Date: Wed Jul 23 23:02:09 2008 +0200
re-run make idl after fixing idl for supplementalCredentialsSubBlob.
Michael
commit 38aca9c11783daf30e19b4951451ec9a6b85cd30
Author: Stefan Metzmacher [EMAIL PROTECTED]
Date: Wed Jul 23 13:06:32 2008 +0200
drsblobs.idl: fix idl for supplementalCredentialsSubBlob
metze
(cherry picked from commit 24c5b10136f6e640832193aaf9e6d7e865c288bc)
commit 398702a818a0c292ab5b4f76be95168de83ffa25
Author: Michael Adam [EMAIL PROTECTED]
Date: Wed Jul 23 22:42:18 2008 +0200
re-run make idl after changing unknown1-reserved in drsblobs.idl
Michael
commit fb0379aede4665987679c2e1b5ae943f124804b6
Author: Stefan Metzmacher [EMAIL PROTECTED]
Date: Wed Jul 23 13:53:03 2008 +0200
drsblobs.idl: rename unknown1 - reserved
metze
---
Summary of changes:
source/librpc/gen_ndr/drsblobs.h | 68 -
source/librpc/gen_ndr/ndr_drsblobs.c | 542 +
source/librpc/gen_ndr/ndr_drsblobs.h | 20 +-
source/librpc/idl/drsblobs.idl | 64 -
4 files changed, 605 insertions(+), 89 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/librpc/gen_ndr/drsblobs.h b/source/librpc/gen_ndr/drsblobs.h
index e6df05f..c0db9e9 100644
--- a/source/librpc/gen_ndr/drsblobs.h
+++ b/source/librpc/gen_ndr/drsblobs.h
@@ -7,7 +7,7 @@
#ifndef _HEADER_drsblobs
#define _HEADER_drsblobs
-#define SUPPLEMENTAL_CREDENTIALS_PREFIX(
P )
+#define SUPPLEMENTAL_CREDENTIALS_PREFIX(
)
enum drsuapi_DsAttributeId;
struct replPropertyMetaData1 {
@@ -149,13 +149,25 @@ struct ldapControlDirSyncCookie {
struct supplementalCredentialsPackage {
uint16_t name_len;/* [value(2*strlen_m(name))] */
uint16_t data_len;/* [value(strlen(data))] */
- uint16_t unknown1;
+ uint16_t reserved;
const char *name;/* [charset(UTF16)] */
const char *data;/* [charset(DOS)] */
};
+enum supplementalCredentialsSignature
+#ifndef USE_UINT_ENUMS
+ {
+ SUPPLEMENTAL_CREDENTIALS_SIGNATURE=0x0050
+}
+#else
+ { __donnot_use_enum_supplementalCredentialsSignature=0x7FFF}
+#define SUPPLEMENTAL_CREDENTIALS_SIGNATURE ( 0x0050 )
+#endif
+;
+
struct supplementalCredentialsSubBlob {
const char *prefix;/*
[value(SUPPLEMENTAL_CREDENTIALS_PREFIX),charset(UTF16)] */
+ enum supplementalCredentialsSignature signature;/*
[value(SUPPLEMENTAL_CREDENTIALS_SIGNATURE)] */
uint16_t num_packages;
struct supplementalCredentialsPackage *packages;
}/* [gensize] */;
@@ -179,23 +191,25 @@ struct package_PrimaryKerberosString {
};
struct package_PrimaryKerberosKey {
+ uint16_t reserved1;/* [value(0)] */
+ uint16_t reserved2;/* [value(0)] */
+ uint32_t reserved3;/* [value(0)] */
uint32_t keytype;
uint32_t value_len;/* [value((value?value-length:0))] */
DATA_BLOB *value;/*
[SCM] CTDB repository - branch master updated - b1fed105ad780e89a128a611ef0bd659818eeebf
The branch, master has been updated
via b1fed105ad780e89a128a611ef0bd659818eeebf (commit)
via 8fed021d11160b137f4140ea02947347250e2959 (commit)
via e8ef9891aa31c374921b23cc74e1eda1f8218bf0 (commit)
from 0de79352c9b36c118e36905f08ebbe38ecbb957e (commit)
http://gitweb.samba.org/?p=sahlberg/ctdb.git;a=shortlog;h=master
- Log -
commit b1fed105ad780e89a128a611ef0bd659818eeebf
Author: Andrew Tridgell [EMAIL PROTECTED]
Date: Wed Jul 23 15:36:23 2008 +1000
run the testparm commands in 50.samba in the background, only running
in the foreground if something fails
commit 8fed021d11160b137f4140ea02947347250e2959
Author: Andrew Tridgell [EMAIL PROTECTED]
Date: Wed Jul 23 15:35:46 2008 +1000
allow for probing of directories without raising an error
commit e8ef9891aa31c374921b23cc74e1eda1f8218bf0
Author: Andrew Tridgell [EMAIL PROTECTED]
Date: Wed Jul 23 15:25:52 2008 +1000
fixed buffering in ctdb logging code to handle multiple lines
correctly
---
Summary of changes:
config/events.d/50.samba | 96 +-
config/functions | 25 +---
server/ctdb_logging.c| 39 ++-
3 files changed, 125 insertions(+), 35 deletions(-)
Changeset truncated at 500 lines:
diff --git a/config/events.d/50.samba b/config/events.d/50.samba
index 9aa21e2..498aa17 100755
--- a/config/events.d/50.samba
+++ b/config/events.d/50.samba
@@ -17,10 +17,81 @@ shift
SAMBA_CLEANUP_PERIOD=10
}
+# we keep a cached copy of smb.conf here
+smbconf_cache=$CTDB_BASE/state/samba/smb.conf.cache
+
+
+#
+# update the smb.conf cache in the foreground
+testparm_foreground_update() {
+mkdir -p $CTDB_BASE/state/samba || exit 1
+testparm -s 2 /dev/null | egrep -v 'registry.shares.=|include.='
$smbconf_cache
+}
+
+#
+# update the smb.conf cache in the background
+testparm_background_update() {
+# if the cache doesn't exist, then update in the foreground
+[ -f $smbconf_cache ] || {
+ testparm_foreground_update
+}
+# otherwise do a background update
+(
+ tmpfile=${smbconf_cache}.$$
+ testparm -s $tmpfile 2 /dev/null
+ # remember the pid of the teamparm process
+ pid=$!
+ # give it 10 seconds to run
+ timeleft=10
+ while [ $timeleft -gt 0 ]; do
+ timeleft=$(($timeleft - 1))
+ # see if the process still exists
+ kill -0 $pid /dev/null 21 || {
+ # it doesn't exist, grab its exit status
+ wait $pid
+ [ $? = 0 ] || {
+ echo 50.samba: smb.conf background update exited with
status $?
+ rm -f ${tmpfile}
+ exit 1
+ }
+ # put the new smb.conf contents in the cache (atomic rename)
+ # make sure we remove references to the registry while doing
+ # this to ensure that running testparm on the cache does
+ # not use the registry
+ egrep -v 'registry.shares.=|include.=' $tmpfile
${tmpfile}.2
+ rm -f $tmpfile
+ mv -f ${tmpfile}.2 $smbconf_cache || {
+ echo 50.samba: failed to update background cache
+ rm -f ${tmpfile}.2
+ exit 1
+ }
+ exit 0
+ }
+ # keep waiting for testparm to finish
+ sleep 1
+ done
+ # it took more than 10 seconds - kill it off
+ rm -f ${tmpfile}
+ kill -9 $pid /dev/null 21
+ echo 50.samba: timed out updating smbconf cache in background
+ exit 1
+)
+}
+
+##
+# show the testparm output using a cached smb.conf
+# to avoid registry access
+testparm_cat() {
+[ -f $smbconf_cache ] || {
+ testparm_foreground_update
+}
+testparm -s $smbconf_cache $@ 2/dev/null
+}
+
# function to see if ctdb manages winbind
check_ctdb_manages_winbind() {
[ -z $CTDB_MANAGES_WINBIND ] {
-secmode=`testparm -s --parameter-name=security 2 /dev/null`
+secmode=`testparm_cat --parameter-name=security`
case $secmode in
ADS|DOMAIN)
CTDB_MANAGES_WINBIND=yes;
@@ -108,21 +179,26 @@ case $cmd in
touch $CTDB_BASE/state/samba/periodic_cleanup
}
- [ $CTDB_SAMBA_SKIP_CONF_CHECK != yes ] {
- testparm -s 21 | egrep '^WARNING|^ERROR|^Unknown' {
- echo ERROR: testparm shows smb.conf is not clean
- exit 1
- }
+ testparm_background_update
+
+ testparm_cat | egrep '^WARNING|^ERROR|^Unknown' {
+ testparm_foreground_update
+
Build status as of Thu Jul 24 00:00:02 2008
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2008-07-23 00:00:33.0 + +++ /home/build/master/cache/broken_results.txt 2008-07-24 00:00:09.0 + @@ -1,22 +1,22 @@ -Build status as of Wed Jul 23 00:00:03 2008 +Build status as of Thu Jul 24 00:00:02 2008 Build counts: Tree Total Broken Panic build_farm 0 0 0 -ccache 33 8 0 +ccache 34 8 0 ctdb 0 0 0 distcc 1 0 0 -ldb 32 32 0 -libreplace 32 12 0 -lorikeet-heimdal 26 19 0 -pidl 18 17 0 -ppp 10 0 0 -rsync33 11 0 +ldb 34 33 0 +libreplace 33 12 0 +lorikeet-heimdal 27 20 0 +pidl 19 18 0 +ppp 11 0 0 +rsync34 11 0 samba-docs 0 0 0 -samba-gtk3 3 0 -samba_3_2_test 33 21 0 -samba_4_0_test 31 28 0 -smb-build31 5 0 -talloc 33 7 0 -tdb 33 14 0 +samba-gtk4 4 0 +samba_3_2_test 34 22 0 +samba_4_0_test 32 29 1 +smb-build32 5 0 +talloc 34 7 0 +tdb 34 14 0
[SCM] Samba Shared Repository - branch v4-0-test updated - release-4-0-0alpha5-141-gbbe895d
The branch, v4-0-test has been updated
via bbe895db7144b192981fad9ab6bbd3ebacb8d299 (commit)
via 39f9184ddf215f2b512319211c0a05702218ef87 (commit)
from a7bfa1fb1bc6fb8e412990b7ff4c3ce9bc55099d (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test
- Log -
commit bbe895db7144b192981fad9ab6bbd3ebacb8d299
Author: Anatoliy Atanasov [EMAIL PROTECTED]
Date: Mon Jul 21 17:04:49 2008 +0300
dsdb_create_prefix_mapping() implementation checks for existing prefix
maping in ldb.
if one not found it creates a mapping for it and updates the prefixMap
schema attribute in ldb.
commit 39f9184ddf215f2b512319211c0a05702218ef87
Author: Anatoliy Atanasov [EMAIL PROTECTED]
Date: Wed Jul 23 09:59:17 2008 +0300
Handle schema reloading request.
The ldif for that operation looks like this:
dn:
changetype: Modify
add: schemaUpdateNow
schemaUpdateNow: 1
It uses the rootdse's object functional attribute schemaUpdateNow.
In rootdse_modify() this command is being recognized and it is send as
extended operation with DSDB_EXTENDED_SCHEMA_UPDATE_NOW_OID.
In the partition module its dispatched to the schema_fsmo module.
The request is processed in the schema_fsmo module by
schema_fsmo_extended().
---
Summary of changes:
source/dsdb/samdb/ldb_modules/partition.c | 49 +
source/dsdb/samdb/ldb_modules/rootdse.c | 47 -
source/dsdb/samdb/ldb_modules/schema_fsmo.c | 64 ++-
source/dsdb/samdb/samdb.h |2 +
source/dsdb/schema/schema_init.c| 293 +++
5 files changed, 415 insertions(+), 40 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/dsdb/samdb/ldb_modules/partition.c
b/source/dsdb/samdb/ldb_modules/partition.c
index 22826e4..9285d6d 100644
--- a/source/dsdb/samdb/ldb_modules/partition.c
+++ b/source/dsdb/samdb/ldb_modules/partition.c
@@ -699,6 +699,50 @@ static int partition_extended_replicated_objects(struct
ldb_module *module, stru
return partition_replicate(module, req, ext-partition_dn);
}
+static int partition_extended_schema_update_now(struct ldb_module *module,
struct ldb_request *req)
+{
+ struct dsdb_control_current_partition *partition;
+ struct partition_private_data *data;
+ struct ldb_dn *schema_dn;
+ struct partition_context *ac;
+ struct ldb_module *backend;
+ int ret;
+
+ schema_dn = talloc_get_type(req-op.extended.data, struct ldb_dn);
+ if (!schema_dn) {
+ ldb_debug(module-ldb, LDB_DEBUG_FATAL, partition_extended:
invalid extended data\n);
+ return LDB_ERR_PROTOCOL_ERROR;
+ }
+
+ data = talloc_get_type(module-private_data, struct
partition_private_data);
+ if (!data) {
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+
+ partition = find_partition( data, schema_dn );
+ if (!partition) {
+ return ldb_next_request(module, req);
+ }
+
+ ac = partition_init_handle(req, module);
+ if (!ac) {
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+
+ backend = make_module_for_next_request(req, module-ldb,
partition-module);
+ if (!backend) {
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+
+ ret = ldb_request_add_control(req, DSDB_CONTROL_CURRENT_PARTITION_OID,
false, partition);
+ if (ret != LDB_SUCCESS) {
+ return ret;
+ }
+
+ return ldb_next_request(backend, req);
+}
+
+
/* extended */
static int partition_extended(struct ldb_module *module, struct ldb_request
*req)
{
@@ -708,6 +752,11 @@ static int partition_extended(struct ldb_module *module,
struct ldb_request *req
return partition_extended_replicated_objects(module, req);
}
+ /* forward schemaUpdateNow operation to schema_fsmo module*/
+ if (strcmp(req-op.extended.oid, DSDB_EXTENDED_SCHEMA_UPDATE_NOW_OID)
== 0) {
+ return partition_extended_schema_update_now( module, req );
+ }
+
/*
* as the extended operation has no dn
* we need to send it to all partitions
diff --git a/source/dsdb/samdb/ldb_modules/rootdse.c
b/source/dsdb/samdb/ldb_modules/rootdse.c
index 75f99a1..97491a2 100644
--- a/source/dsdb/samdb/ldb_modules/rootdse.c
+++ b/source/dsdb/samdb/ldb_modules/rootdse.c
@@ -391,9 +391,50 @@ static int rootdse_init(struct ldb_module *module)
return ldb_next_init(module);
}
+static int rootdse_modify(struct ldb_module *module, struct ldb_request *req)
+{
+ struct ldb_result *ext_res;
+ int ret;
+ struct ldb_dn *schema_dn;
+ struct ldb_message_element *schemaUpdateNowAttr;
+
+ /*
+ If dn is not we should let it pass through
+ */
+
[SCM] Samba Shared Repository - branch v4-0-test updated - release-4-0-0alpha5-147-g24309db
The branch, v4-0-test has been updated
via 24309dbf4d9622fcfafa29ef98bc0459fdaa814b (commit)
via 4f6646f06988b1fb8be9e0c8ae833bb9792184af (commit)
via 4b3af09450cf33c6785a3d8fc68047f2e388 (commit)
via 036f73d39a7ef882fd76afcd3c11eef483f6c308 (commit)
via 341f64834e13cdbc7d4742a4652ae39b70a4231f (commit)
via af7fb2e38ba27cf8058eb1cef1f96bbc7b19849f (commit)
from bbe895db7144b192981fad9ab6bbd3ebacb8d299 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test
- Log -
commit 24309dbf4d9622fcfafa29ef98bc0459fdaa814b
Merge: 4f6646f06988b1fb8be9e0c8ae833bb9792184af
bbe895db7144b192981fad9ab6bbd3ebacb8d299
Author: Andrew Tridgell [EMAIL PROTECTED]
Date: Thu Jul 24 14:26:30 2008 +1000
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into
v4-0-test
commit 4f6646f06988b1fb8be9e0c8ae833bb9792184af
Author: Andrew Tridgell [EMAIL PROTECTED]
Date: Thu Jul 24 14:21:52 2008 +1000
we can't query the ACL on a new file till it exists!
commit 4b3af09450cf33c6785a3d8fc68047f2e388
Author: Andrew Tridgell [EMAIL PROTECTED]
Date: Thu Jul 24 14:21:31 2008 +1000
initialise query_maximal_access here too
commit 036f73d39a7ef882fd76afcd3c11eef483f6c308
Author: Andrew Tridgell [EMAIL PROTECTED]
Date: Thu Jul 24 14:20:02 2008 +1000
make sure we initialise query_maximal_access
commit 341f64834e13cdbc7d4742a4652ae39b70a4231f
Author: Andrew Tridgell [EMAIL PROTECTED]
Date: Thu Jul 24 14:19:49 2008 +1000
fixed spelling error
commit af7fb2e38ba27cf8058eb1cef1f96bbc7b19849f
Author: Andrew Tridgell [EMAIL PROTECTED]
Date: Thu Jul 24 11:48:27 2008 +1000
fixd a bug in the signal handling code - we could get phantom signals
(signum 64)
---
Summary of changes:
source/lib/events/events_signal.c | 10 +-
source/ntvfs/posix/pvfs_open.c| 12 ++--
source/ntvfs/posix/xattr_system.c |2 +-
source/smb_server/smb/nttrans.c |1 +
source/smb_server/smb/reply.c |1 +
5 files changed, 14 insertions(+), 12 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/lib/events/events_signal.c
b/source/lib/events/events_signal.c
index 80a14ac..652df53 100644
--- a/source/lib/events/events_signal.c
+++ b/source/lib/events/events_signal.c
@@ -46,15 +46,15 @@ struct sigcounter {
the poor design of signals means that this table must be static global
*/
static struct sig_state {
- struct signal_event *sig_handlers[NUM_SIGNALS];
- struct sigaction *oldact[NUM_SIGNALS];
- struct sigcounter signal_count[NUM_SIGNALS];
+ struct signal_event *sig_handlers[NUM_SIGNALS+1];
+ struct sigaction *oldact[NUM_SIGNALS+1];
+ struct sigcounter signal_count[NUM_SIGNALS+1];
struct sigcounter got_signal;
int pipe_hack[2];
#ifdef SA_SIGINFO
/* with SA_SIGINFO we get quite a lot of info per signal */
- siginfo_t *sig_info[NUM_SIGNALS];
- struct sigcounter sig_blocked[NUM_SIGNALS];
+ siginfo_t *sig_info[NUM_SIGNALS+1];
+ struct sigcounter sig_blocked[NUM_SIGNALS+1];
#endif
} *sig_state;
diff --git a/source/ntvfs/posix/pvfs_open.c b/source/ntvfs/posix/pvfs_open.c
index 01a249c..6114b20 100644
--- a/source/ntvfs/posix/pvfs_open.c
+++ b/source/ntvfs/posix/pvfs_open.c
@@ -631,12 +631,6 @@ static NTSTATUS pvfs_create_file(struct pvfs_state *pvfs,
status = pvfs_access_check_create(pvfs, req, name, access_mask);
NT_STATUS_NOT_OK_RETURN(status);
- if (io-generic.in.query_maximal_access) {
- status = pvfs_access_maximal_allowed(pvfs, req, name,
-
io-generic.out.maximal_access);
- NT_STATUS_NOT_OK_RETURN(status);
- }
-
/* check that the parent isn't opened with delete on close set */
status = pvfs_resolve_parent(pvfs, req, name, parent);
if (NT_STATUS_IS_OK(status)) {
@@ -707,6 +701,12 @@ static NTSTATUS pvfs_create_file(struct pvfs_state *pvfs,
goto cleanup_delete;
}
+ if (io-generic.in.query_maximal_access) {
+ status = pvfs_access_maximal_allowed(pvfs, req, name,
+
io-generic.out.maximal_access);
+ NT_STATUS_NOT_OK_RETURN(status);
+ }
+
/* form the lock context used for byte range locking and
opendb locking */
status = pvfs_locking_key(name, f-handle, f-handle-odb_locking_key);
diff --git a/source/ntvfs/posix/xattr_system.c
b/source/ntvfs/posix/xattr_system.c
index 7283d71..9a89f2a 100644
--- a/source/ntvfs/posix/xattr_system.c
+++ b/source/ntvfs/posix/xattr_system.c
@@ -74,7 +74,7 @@ again:
return NT_STATUS_NOT_FOUND;
} else {
-
