[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 632f672 s4-cldap: fixed the CLDAP response for IPv6 clients
via 285293c s4-ipv6: fixed a crash in the IPv6 DNS code
via a58e69a s4-dns: fixed samba_tool - samba-tool
via 6ea8db1 s4-build: install a build link bin/provision
from 78a0195 selftest: Fix 'make quicktest' on systems without LDAP
development support
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 632f672b0859cee995788a00ecd464a0a8d5c74a
Author: Andrew Tridgell tri...@samba.org
Date: Tue Jun 7 15:46:17 2011 +1000
s4-cldap: fixed the CLDAP response for IPv6 clients
Autobuild-User: Andrew Tridgell tri...@samba.org
Autobuild-Date: Tue Jun 7 08:57:48 CEST 2011 on sn-devel-104
commit 285293c8b5d85383aa5af9968dc73fba5beb9de0
Author: Andrew Tridgell tri...@samba.org
Date: Tue Jun 7 14:10:38 2011 +1000
s4-ipv6: fixed a crash in the IPv6 DNS code
commit a58e69a734085f9963b60042be3d9a33a90616a7
Author: Andrew Tridgell tri...@samba.org
Date: Tue Jun 7 13:46:24 2011 +1000
s4-dns: fixed samba_tool - samba-tool
commit 6ea8db1bd418aa5308a042d59e3288b68312739b
Author: Andrew Tridgell tri...@samba.org
Date: Tue Jun 7 13:15:15 2011 +1000
s4-build: install a build link bin/provision
---
Summary of changes:
source4/cldap_server/netlogon.c| 14 --
source4/libcli/resolve/dns_ex.c|2 +-
source4/scripting/bin/setup_dns.sh |2 +-
source4/setup/wscript_build|2 ++
4 files changed, 12 insertions(+), 8 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/cldap_server/netlogon.c b/source4/cldap_server/netlogon.c
index 92f7a4a..77f50ff 100644
--- a/source4/cldap_server/netlogon.c
+++ b/source4/cldap_server/netlogon.c
@@ -37,6 +37,7 @@
#include param/param.h
#include ../lib/tsocket/tsocket.h
#include libds/common/flag_mapping.h
+#include lib/util/util_net.h
/*
fill in the cldap netlogon union for a given version
@@ -292,16 +293,17 @@ NTSTATUS fill_netlogon_samlogon_response(struct
ldb_context *sam_ctx,
src_address, NULL);
NT_STATUS_HAVE_NO_MEMORY(client_site);
load_interface_list(mem_ctx, lp_ctx, ifaces);
- /*
-* TODO: the caller should pass the address which the client
-* used to trigger this call, as the client is able to reach
-* this ip.
-*/
+
if (src_address) {
pdc_ip = iface_list_best_ip(ifaces, src_address);
} else {
pdc_ip = iface_list_first_v4(ifaces);
}
+ if (pdc_ip == NULL || !is_ipaddress_v4(pdc_ip)) {
+ /* this matches windows behaviour */
+ pdc_ip = 127.0.0.1;
+ }
+
ZERO_STRUCTP(netlogon);
/* check if either of these bits is present */
@@ -325,7 +327,7 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context
*sam_ctx,
netlogon-data.nt5_ex.server_site = server_site;
netlogon-data.nt5_ex.client_site = client_site;
if (version NETLOGON_NT_VERSION_5EX_WITH_IP) {
- /* Clearly this needs to be fixed up for IPv6 */
+ /* note that this is always a IPV4 address */
extra_flags = NETLOGON_NT_VERSION_5EX_WITH_IP;
netlogon-data.nt5_ex.sockaddr.sockaddr_family= 2;
netlogon-data.nt5_ex.sockaddr.pdc_ip = pdc_ip;
diff --git a/source4/libcli/resolve/dns_ex.c b/source4/libcli/resolve/dns_ex.c
index cb2d2c3..1d56a4b 100644
--- a/source4/libcli/resolve/dns_ex.c
+++ b/source4/libcli/resolve/dns_ex.c
@@ -267,7 +267,7 @@ static void run_child_dns_lookup(struct dns_ex_state
*state, int fd)
port = state-port;
}
- switch (rr-type) {
+ switch (addrs_rr[i]-type) {
case rk_ns_t_a:
if (inet_ntop(AF_INET, addrs_rr[i]-u.a,
addrstr, sizeof(addrstr)) == NULL) {
diff --git a/source4/scripting/bin/setup_dns.sh
b/source4/scripting/bin/setup_dns.sh
index 646ee81..bc2ae96 100755
--- a/source4/scripting/bin/setup_dns.sh
+++ b/source4/scripting/bin/setup_dns.sh
@@ -13,7 +13,7 @@ IP=$3
RSUFFIX=$(echo $DOMAIN | sed s/[\.]/,DC=/g)
[ -z $PRIVATEDIR ] {
-PRIVATEDIR=$(bin/samba_tool testparm --section-name=global
--parameter-name='private dir' --suppress-prompt 2 /dev/null)
+PRIVATEDIR=$(bin/samba-tool testparm --section-name=global
--parameter-name='private dir' --suppress-prompt 2 /dev/null)
}
OBJECTGUID=$(bin/ldbsearch -s base -H $PRIVATEDIR/sam.ldb -b CN=NTDS
Settings,CN=$HOSTNAME,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=$RSUFFIX
objectguid|grep ^objectGUID| cut -d:
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated
via 13eb6f4 WHATSNEW: Add another change since rc1.
via 92248f6 Fix bug #8197 - winbind does not properly detect when a DC
connection is dead.
via 017f84a Add the same fix to the S3 event backend as the previous
commit added to the tevent poll backend.
via 4da2f8a Fix the poll() backend to correctly respond to
POLLHUP|POLLERR returns on a fd selected for TEVENT_FD_WRITE only.
from df4a86e WHATSNEW: Update changes since 3.6.0rc1.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test
- Log -
commit 13eb6f4cd91d0be1208523b47a4ac7c8d9bd91d5
Author: Karolin Seeger ksee...@samba.org
Date: Tue Jun 7 09:15:38 2011 +0200
WHATSNEW: Add another change since rc1.
Karolin
commit 92248f6e51f1e46de8c1a1304b2d48914f21e841
Author: Jeremy Allison j...@samba.org
Date: Fri Jun 3 10:22:44 2011 -0700
Fix bug #8197 - winbind does not properly detect when a DC connection is
dead.
Only waiting for writability doesn't get fd errors back with poll.
So always begin by selecting for readability, and if we get it then
see if bytes were available to read or it really is an error condition.
If bytes were available, remove the select on read as we know we
will retrieve the error when we've finished writing and start
reading the reply (or the write will timeout or fail).
Metze and Volker please check.
Autobuild-User: Jeremy Allison j...@samba.org
Autobuild-Date: Mon Jun 6 21:53:16 CEST 2011 on sn-devel-104
(cherry picked from commit 0efcc94fb834aeb03e8edc3034aa0cdeefdc0985)
commit 017f84a07dedf700c25da253ac7247633b616056
Author: Jeremy Allison j...@samba.org
Date: Fri Jun 3 12:55:19 2011 -0700
Add the same fix to the S3 event backend as the previous commit added to
the tevent poll backend.
Metze please check !
Autobuild-User: Jeremy Allison j...@samba.org
Autobuild-Date: Sat Jun 4 00:27:37 CEST 2011 on sn-devel-104
(cherry picked from commit 3c9b3b2befc524f21c59f46ea9be1602b4b1bfe8)
commit 4da2f8a8c578568d1e9a4770166c46240fce6664
Author: Jeremy Allison j...@samba.org
Date: Fri Jun 3 12:31:11 2011 -0700
Fix the poll() backend to correctly respond to POLLHUP|POLLERR returns on a
fd selected for TEVENT_FD_WRITE only.
Don't trigger the write handler and remove the POLLOUT flag for this fd.
Report errors on TEVENT_FD_READ requests only.
Metze please check !
Jeremy.
Autobuild-User: Jeremy Allison j...@samba.org
Autobuild-Date: Fri Jun 3 22:53:52 CEST 2011 on sn-devel-104
(cherry picked from commit dbcdf3e39c359241b743a9455ae695e14a30caa9)
---
Summary of changes:
WHATSNEW.txt |1 +
lib/async_req/async_sock.c | 38 --
lib/tevent/tevent_poll.c | 14 +-
source3/lib/events.c | 15 ++-
4 files changed, 60 insertions(+), 8 deletions(-)
Changeset truncated at 500 lines:
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 2827bbe..ec1d3fa 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -268,6 +268,7 @@ o Jeremy Allison j...@samba.org
* BUG 8163: Fix our asn.1 parser to handle negative numbers.
* BUG 8191: Split the ACE flag mapping between nfs4 and Windows into two
separate functions.
+* BUG 8197: Winbind does not properly detect when a DC connection is dead.
o Christian Ambach a...@samba.org
diff --git a/lib/async_req/async_sock.c b/lib/async_req/async_sock.c
index 7ea66f5..2c90b6d 100644
--- a/lib/async_req/async_sock.c
+++ b/lib/async_req/async_sock.c
@@ -385,6 +385,7 @@ struct writev_state {
int count;
size_t total_size;
uint16_t flags;
+ bool err_on_readability;
};
static void writev_trigger(struct tevent_req *req, void *private_data);
@@ -412,10 +413,8 @@ struct tevent_req *writev_send(TALLOC_CTX *mem_ctx, struct
tevent_context *ev,
if (state-iov == NULL) {
goto fail;
}
- state-flags = TEVENT_FD_WRITE;
- if (err_on_readability) {
- state-flags |= TEVENT_FD_READ;
- }
+ state-flags = TEVENT_FD_WRITE|TEVENT_FD_READ;
+ state-err_on_readability = err_on_readability;
if (queue == NULL) {
struct tevent_fd *fde;
@@ -461,8 +460,35 @@ static void writev_handler(struct tevent_context *ev,
struct tevent_fd *fde,
to_write = 0;
if ((state-flags TEVENT_FD_READ) (flags TEVENT_FD_READ)) {
- tevent_req_error(req, EPIPE);
- return;
+ int ret, value;
+
+ if (state-err_on_readability) {
+ /* Readable and the caller wants an error on read. */
+ tevent_req_error(req, EPIPE);
+ return;
+
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated
via 838d69b s3-docs Add documentation for ncalrpc dir
from 13eb6f4 WHATSNEW: Add another change since rc1.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test
- Log -
commit 838d69be074dab8ba9626b50916c7d14f7c4954e
Author: Andrew Bartlett abart...@samba.org
Date: Tue Jun 7 09:47:26 2011 +1000
s3-docs Add documentation for ncalrpc dir
---
Summary of changes:
docs-xml/smbdotconf/misc/ncalrpcdir.xml | 13 +
1 files changed, 13 insertions(+), 0 deletions(-)
create mode 100644 docs-xml/smbdotconf/misc/ncalrpcdir.xml
Changeset truncated at 500 lines:
diff --git a/docs-xml/smbdotconf/misc/ncalrpcdir.xml
b/docs-xml/smbdotconf/misc/ncalrpcdir.xml
new file mode 100644
index 000..6ef3957
--- /dev/null
+++ b/docs-xml/smbdotconf/misc/ncalrpcdir.xml
@@ -0,0 +1,13 @@
+samba:parameter name=ncalrpc dir
+ context=G
+ advanced=1 developer=1
+type=string
+ xmlns:samba=http://www.samba.org/samba/DTD/samba-doc;
+description
+ paraThis directory will hold a series of named pipes to allow RPC
over inter-process communication. /para.
+ paraThis will allow Samba and other unix processes to interact over
DCE/RPC without using TCP/IP. Additionally a sub-directory 'np' has restricted
permissions, and allows a trusted communication channel between Samba
processes/para
+/description
+
+value type=default${prefix}/var/ncalrpc/value
+value type=example/var/run/samba/ncalrpc/value
+/samba:parameter
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via 6df3ff2 Fix bug 8196 - Many (newer) header files don't have copyright / GPL header comments. from 838d69b s3-docs Add documentation for ncalrpc dir http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit 6df3ff20620b3262ff232a478312c61a207ed4ff Author: Jeremy Allison j...@samba.org Date: Mon Jun 6 16:25:08 2011 -0700 Fix bug 8196 - Many (newer) header files don't have copyright / GPL header comments. Add missing GPL headers and (C) statements. --- Summary of changes: auth/auth_sam_reply.h | 19 examples/libsmbclient/get_auth_data_fn.h |3 + lib/compression/mszip.h |3 + lib/crypto/arcfour.h | 19 lib/crypto/crc32.h| 22 + lib/crypto/md4.h | 22 + lib/crypto/md5.h | 19 lib/replace/hdr_replace.h | 25 +++ lib/replace/replace-test.h| 19 lib/replace/system/readline.h |2 + lib/replace/win32_replace.h | 19 lib/talloc/talloc_testsuite.h | 19 lib/util/data_blob.h |2 + lib/util/time.h |2 + lib/util/util_ldb.h | 18 lib/util/util_tdb.h | 19 lib/util/wrap_xattr.h | 19 libcli/auth/libcli_auth.h |2 + libcli/auth/msrpc_parse.h | 19 libcli/auth/proto.h | 19 libcli/ldap/ldap_ndr.h| 19 libcli/nbt/nbt_proto.h| 19 libcli/netlogon/ndr_netlogon_proto.h | 19 libcli/netlogon/netlogon_proto.h | 19 libcli/smbreadline/smbreadline.h | 19 libcli/util/error.h |2 + libds/common/flag_mapping.h | 19 librpc/idl/idl_types.h| 23 ++ librpc/ndr/ndr_backupkey.h| 22 + librpc/ndr/ndr_compression.h | 19 librpc/ndr/ndr_dns.h | 23 ++ librpc/ndr/ndr_spoolss_buf.h | 19 librpc/ndr/ndr_table.h| 19 nsswitch/pam_winbind.h| 22 +- nsswitch/winbind_client.h | 22 + source3/auth/proto.h | 35 +++ source3/groupdb/proto.h | 26 +++ source3/include/ads.h | 20 + source3/include/krb5_env.h| 23 ++ source3/include/krb5_protos.h | 23 ++ source3/include/mangle.h | 20 + source3/include/smb_krb5.h| 19 source3/include/smb_ldap.h| 19 source3/intl/lang_tdb.h | 22 + source3/lib/eventlog/proto.h | 26 +++ source3/lib/idmap_cache.h | 24 ++ source3/lib/netapi/examples/common.h | 23 +- source3/lib/netapi/libnetapi.h| 19 source3/lib/privileges.h | 23 ++ source3/libads/ads_ldap_protos.h | 23 ++ source3/libads/ads_proto.h| 35 +++ source3/libads/ads_status.h | 19 source3/libads/cldap.h| 23 ++ source3/libads/kerberos_proto.h | 33 ++ source3/libads/ldap_schema.h | 23 ++ source3/libgpo/gpo_proto.h| 23 ++ source3/libnet/libnet_join.h | 23 ++ source3/librpc/ndr/util.h | 21 + source3/libsmb/clidgram.h | 23 ++ source3/libsmb/errormap_wbc.h | 23 ++ source3/libsmb/libsmb.h |2 + source3/libsmb/nmblib.h | 23 ++ source3/libsmb/proto.h|2 + source3/locking/proto.h | 25
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated
via f8e1eea Fix bug #8175 - smbd deadlock.
from 6df3ff2 Fix bug 8196 - Many (newer) header files don't have
copyright / GPL header comments.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test
- Log -
commit f8e1eea238a332ce503c40108d59862b32f83fee
Author: Jeremy Allison j...@samba.org
Date: Wed Jun 1 12:11:53 2011 -0700
Fix bug #8175 - smbd deadlock.
Force the open operation (which is the expensive one anyway) to
acquire and release locks in a way compatible with the more common
do_lock check.
Jeremy.
---
Summary of changes:
source3/smbd/open.c | 98 +--
1 files changed, 71 insertions(+), 27 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/smbd/open.c b/source3/smbd/open.c
index e537d0f..aea25fe 100644
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -1056,18 +1056,8 @@ static bool delay_for_exclusive_oplocks(files_struct
*fsp,
return false;
}
-static bool file_has_brlocks(files_struct *fsp)
-{
- struct byte_range_lock *br_lck;
-
- br_lck = brl_get_locks_readonly(fsp);
- if (!br_lck)
- return false;
-
- return br_lck-num_locks 0 ? true : false;
-}
-
static void grant_fsp_oplock_type(files_struct *fsp,
+ const struct byte_range_lock *br_lck,
int oplock_request,
bool got_level2_oplock,
bool got_a_none_oplock)
@@ -1085,7 +1075,7 @@ static void grant_fsp_oplock_type(files_struct *fsp,
DEBUG(10,(grant_fsp_oplock_type: oplock type 0x%x on file
%s\n,
fsp-oplock_type, fsp_str_dbg(fsp)));
return;
- } else if (lp_locking(fsp-conn-params) file_has_brlocks(fsp)) {
+ } else if (br_lck br_lck-num_locks 0) {
DEBUG(10,(grant_fsp_oplock_type: file %s has byte range
locks\n,
fsp_str_dbg(fsp)));
fsp-oplock_type = NO_OPLOCK;
@@ -1563,6 +1553,55 @@ void remove_deferred_open_entry(struct file_id id,
uint64_t mid,
}
}
+/
+ Ensure we get the brlock lock followed by the share mode lock
+ in the correct order to prevent deadlocks if other smbd's are
+ using the brlock database on this file simultaneously with this open
+ (that code also gets the locks in brlock - share mode lock order).
+/
+
+static bool acquire_ordered_locks(TALLOC_CTX *mem_ctx,
+ files_struct *fsp,
+ const struct file_id id,
+ const char *connectpath,
+ const struct smb_filename *smb_fname,
+ const struct timespec *p_old_write_time,
+ struct share_mode_lock **p_lck,
+ struct byte_range_lock **p_br_lck)
+{
+ /* Ordering - we must get the br_lck for this
+ file before the share mode. */
+ if (lp_locking(fsp-conn-params)) {
+ *p_br_lck = brl_get_locks_readonly(fsp);
+ if (*p_br_lck == NULL) {
+ DEBUG(0, (Could not get br_lock\n));
+ return false;
+ }
+ /* Note - we don't need to free the returned
+ br_lck explicitly as it was allocated on talloc_tos()
+ and so will be autofreed (and release the lock)
+ once the frame context disappears.
+
+ If it was set to fsp-brlock_rec then it was
+ talloc_move'd to hang off the fsp pointer and
+ in this case is guarenteed to not be holding the
+ lock on the brlock database. */
+ }
+
+ *p_lck = get_share_mode_lock(mem_ctx,
+ id,
+ connectpath,
+ smb_fname,
+ p_old_write_time);
+
+ if (*p_lck == NULL) {
+ DEBUG(0, (Could not get share mode lock\n));
+ TALLOC_FREE(*p_br_lck);
+ return false;
+ }
+ return true;
+}
+
/
Open a file with a share mode. Passed in an already created files_struct *.
/
@@ -1907,6 +1946,7 @@ static NTSTATUS open_file_ntcreate(connection_struct
*conn,
}
if (file_existed) {
+ struct byte_range_lock *br_lck = NULL;
struct
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated
via 5b5ef7f Fix bug #8203 - winbindd needs to reset the DC connection
if an RPC times out.
from f8e1eea Fix bug #8175 - smbd deadlock.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test
- Log -
commit 5b5ef7f20d34f4c6c1d3d02530ac7b13e051c960
Author: Jeremy Allison j...@samba.org
Date: Fri Jun 3 14:28:33 2011 -0700
Fix bug #8203 - winbindd needs to reset the DC connection if an RPC times
out.
Based on Volker's original code.
---
Summary of changes:
source3/winbindd/winbindd_dual_srv.c | 81 +++--
1 files changed, 66 insertions(+), 15 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/winbindd/winbindd_dual_srv.c
b/source3/winbindd/winbindd_dual_srv.c
index f42682e..f8316ce 100644
--- a/source3/winbindd/winbindd_dual_srv.c
+++ b/source3/winbindd/winbindd_dual_srv.c
@@ -35,6 +35,17 @@ void _wbint_Ping(struct pipes_struct *p, struct wbint_Ping
*r)
*r-out.out_data = r-in.in_data;
}
+static bool reset_cm_connection_on_error(struct winbindd_domain *domain,
+ NTSTATUS status)
+{
+ if (NT_STATUS_EQUAL(status, NT_STATUS_IO_TIMEOUT)) {
+ invalidate_cm_connection(domain-conn);
+ /* We invalidated the connection. */
+ return true;
+ }
+ return false;
+}
+
NTSTATUS _wbint_LookupSid(struct pipes_struct *p, struct wbint_LookupSid *r)
{
struct winbindd_domain *domain = wb_child_domain();
@@ -49,6 +60,7 @@ NTSTATUS _wbint_LookupSid(struct pipes_struct *p, struct
wbint_LookupSid *r)
status = domain-methods-sid_to_name(domain, p-mem_ctx, r-in.sid,
dom_name, name, type);
+ reset_cm_connection_on_error(domain, status);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
@@ -62,6 +74,7 @@ NTSTATUS _wbint_LookupSid(struct pipes_struct *p, struct
wbint_LookupSid *r)
NTSTATUS _wbint_LookupSids(struct pipes_struct *p, struct wbint_LookupSids *r)
{
struct winbindd_domain *domain = wb_child_domain();
+ NTSTATUS status;
if (domain == NULL) {
return NT_STATUS_REQUEST_NOT_ACCEPTED;
@@ -73,21 +86,26 @@ NTSTATUS _wbint_LookupSids(struct pipes_struct *p, struct
wbint_LookupSids *r)
* and winbindd_ad call into lsa_lookupsids anyway. Caching is
* done at the wbint RPC layer.
*/
- return rpc_lookup_sids(p-mem_ctx, domain, r-in.sids,
- r-out.domains, r-out.names);
+ status = rpc_lookup_sids(p-mem_ctx, domain, r-in.sids,
+r-out.domains, r-out.names);
+ reset_cm_connection_on_error(domain, status);
+ return status;
}
NTSTATUS _wbint_LookupName(struct pipes_struct *p, struct wbint_LookupName *r)
{
struct winbindd_domain *domain = wb_child_domain();
+ NTSTATUS status;
if (domain == NULL) {
return NT_STATUS_REQUEST_NOT_ACCEPTED;
}
- return domain-methods-name_to_sid(
+ status = domain-methods-name_to_sid(
domain, p-mem_ctx, r-in.domain, r-in.name, r-in.flags,
r-out.sid, r-out.type);
+ reset_cm_connection_on_error(domain, status);
+ return status;
}
NTSTATUS _wbint_Sid2Uid(struct pipes_struct *p, struct wbint_Sid2Uid *r)
@@ -251,53 +269,65 @@ NTSTATUS _wbint_AllocateGid(struct pipes_struct *p,
struct wbint_AllocateGid *r)
NTSTATUS _wbint_QueryUser(struct pipes_struct *p, struct wbint_QueryUser *r)
{
struct winbindd_domain *domain = wb_child_domain();
+ NTSTATUS status;
if (domain == NULL) {
return NT_STATUS_REQUEST_NOT_ACCEPTED;
}
- return domain-methods-query_user(domain, p-mem_ctx, r-in.sid,
- r-out.info);
+ status = domain-methods-query_user(domain, p-mem_ctx, r-in.sid,
+r-out.info);
+ reset_cm_connection_on_error(domain, status);
+ return status;
}
NTSTATUS _wbint_LookupUserAliases(struct pipes_struct *p,
struct wbint_LookupUserAliases *r)
{
struct winbindd_domain *domain = wb_child_domain();
+ NTSTATUS status;
if (domain == NULL) {
return NT_STATUS_REQUEST_NOT_ACCEPTED;
}
- return domain-methods-lookup_useraliases(
+ status = domain-methods-lookup_useraliases(
domain, p-mem_ctx, r-in.sids-num_sids, r-in.sids-sids,
r-out.rids-num_rids, r-out.rids-rids);
+ reset_cm_connection_on_error(domain, status);
+ return status;
}
NTSTATUS _wbint_LookupUserGroups(struct pipes_struct *p,
[SCM] Samba Shared Repository - branch v3-5-test updated
The branch, v3-5-test has been updated
via d9ea6a1 s3:lib/access: normalize IPv4 mapped IPv6 addresses in both
directions (bug #7383)
from 7e307ac WHATSNEW: Add more changes since 3.5.8.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-5-test
- Log -
commit d9ea6a10a8ba84e8a5a5a65c903ed96f9aa59aa5
Author: Stefan Metzmacher me...@samba.org
Date: Sun Apr 24 21:20:19 2011 +0200
s3:lib/access: normalize IPv4 mapped IPv6 addresses in both directions (bug
#7383)
metze
(cherry picked from commit 4bfe2d5655d97fbc7e65744425b5a098e77f5ba1)
(cherry picked from commit 62b2083c627abeb8a2fb7e5adc793c630d0d561c)
Signed-off-by: Stefan Metzmacher me...@samba.org
---
Summary of changes:
source3/lib/access.c | 31 +--
1 files changed, 17 insertions(+), 14 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/lib/access.c b/source3/lib/access.c
index 0b09e83..8fd0fbf 100644
--- a/source3/lib/access.c
+++ b/source3/lib/access.c
@@ -178,29 +178,32 @@ static bool string_match(const char *tok,const char *s)
bool client_match(const char *tok, const void *item)
{
const char **client = (const char **)item;
+ const char *tok_addr = tok;
+ const char *cli_addr = client[ADDR_INDEX];
+
+ /*
+* tok and client[ADDR_INDEX] can be an IPv4 mapped to IPv6,
+* we try and match the IPv4 part of address only.
+* Bug #5311 and #7383.
+*/
+
+ if (strnequal(tok_addr, :::,7)) {
+ tok_addr += 7;
+ }
+
+ if (strnequal(cli_addr,:::,7)) {
+ cli_addr += 7;
+ }
/*
* Try to match the address first. If that fails, try to match the host
* name if available.
*/
- if (string_match(tok, client[ADDR_INDEX])) {
+ if (string_match(tok_addr, cli_addr)) {
return true;
}
- if (strnequal(client[ADDR_INDEX],:::,7)
- !strnequal(tok, :::,7)) {
- /* client[ADDR_INDEX] is an IPv4 mapped to IPv6, but
-* the list item is not. Try and match the IPv4 part of
-* address only. This will happen a lot on IPv6 enabled
-* systems with IPv4 allow/deny lists in smb.conf.
-* Bug #5311. JRA.
-*/
- if (string_match(tok, (client[ADDR_INDEX])+7)) {
- return true;
- }
- }
-
if (client[NAME_INDEX][0] != 0) {
if (string_match(tok, client[NAME_INDEX])) {
return true;
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated
via 5c19b41 s3:idmap_ldap: allow creation of ldap stored mappings for
explicitly configured domains.
via 4a40ad0 s3:idmap_ldap: rename idmap_ldap_get_new_id to
idmap_ldap_allocate_id
via bf75cac s3:idmap_ldap: rename idmap_ldap_allocate_id to
idmap_ldap_allocate_id_internal
from 5b5ef7f Fix bug #8203 - winbindd needs to reset the DC connection
if an RPC times out.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test
- Log -
commit 5c19b41e2b844fddbb88fea8b7cd16bc0e830cfd
Author: Michael Adam ob...@samba.org
Date: Wed Jun 1 00:30:11 2011 +0200
s3:idmap_ldap: allow creation of ldap stored mappings for explicitly
configured domains.
After the preparations, this is achieved by using
idmap_ldap_allocate_id_internal()
as get_new_id rw method instead of idmap_ldap_allocate_id().
(cherry picked from commit 74cd06b3dff42bda4dd0a0f3fd250a975d0258ed)
The last 3 patches address bug #8200 (Add Support for multiple writable ldap
idmap domains).
commit 4a40ad004896ce30a997b5142fa73b50ab2762f3
Author: Michael Adam ob...@samba.org
Date: Wed Jun 1 00:25:23 2011 +0200
s3:idmap_ldap: rename idmap_ldap_get_new_id to idmap_ldap_allocate_id
This is in preparation of allowing allocating ldap based domain-specific
configs.
(cherry picked from commit dea3ef1ab689a3d01846147d2a83377b09335f8f)
commit bf75cacae075a503c08d60f04e2a858271d8b923
Author: Michael Adam ob...@samba.org
Date: Wed Jun 1 00:25:23 2011 +0200
s3:idmap_ldap: rename idmap_ldap_allocate_id to
idmap_ldap_allocate_id_internal
This is in preparation of allowing allocating ldap based domain-specific
configs.
(cherry picked from commit 2de65b97b98e2c8cc218b60da749ac17195d8413)
---
Summary of changes:
source3/winbindd/idmap_ldap.c | 18 +-
1 files changed, 9 insertions(+), 9 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/winbindd/idmap_ldap.c b/source3/winbindd/idmap_ldap.c
index 7195912..a9cb4fc 100644
--- a/source3/winbindd/idmap_ldap.c
+++ b/source3/winbindd/idmap_ldap.c
@@ -232,8 +232,8 @@ done:
Allocate a new uid or gid
/
-static NTSTATUS idmap_ldap_allocate_id(struct idmap_domain *dom,
- struct unixid *xid)
+static NTSTATUS idmap_ldap_allocate_id_internal(struct idmap_domain *dom,
+ struct unixid *xid)
{
TALLOC_CTX *mem_ctx;
NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
@@ -391,21 +391,21 @@ done:
* For now this is for the default idmap domain only.
* Should be extended later on.
*/
-static NTSTATUS idmap_ldap_get_new_id(struct idmap_domain *dom,
- struct unixid *id)
+static NTSTATUS idmap_ldap_allocate_id(struct idmap_domain *dom,
+ struct unixid *id)
{
NTSTATUS ret;
if (!strequal(dom-name, *)) {
- DEBUG(3, (idmap_ldap_get_new_id:
+ DEBUG(3, (idmap_ldap_allocate_id:
Refusing allocation of a new unixid for domain'%s'.
- Currently only supported for the default
+ This is only supported for the default
domain \*\.\n,
dom-name));
return NT_STATUS_NOT_IMPLEMENTED;
}
- ret = idmap_ldap_allocate_id(dom, id);
+ ret = idmap_ldap_allocate_id_internal(dom, id);
return ret;
}
@@ -484,7 +484,7 @@ static NTSTATUS idmap_ldap_db_init(struct idmap_domain *dom)
ctx-rw_ops = talloc_zero(ctx, struct idmap_rw_ops);
CHECK_ALLOC_DONE(ctx-rw_ops);
- ctx-rw_ops-get_new_id = idmap_ldap_get_new_id;
+ ctx-rw_ops-get_new_id = idmap_ldap_allocate_id_internal;
ctx-rw_ops-set_mapping = idmap_ldap_set_mapping;
ret = smbldap_init(ctx, winbind_event_context(), ctx-url,
@@ -1144,7 +1144,7 @@ static struct idmap_methods idmap_ldap_methods = {
.init = idmap_ldap_db_init,
.unixids_to_sids = idmap_ldap_unixids_to_sids,
.sids_to_unixids = idmap_ldap_sids_to_unixids,
- .allocate_id = idmap_ldap_get_new_id,
+ .allocate_id = idmap_ldap_allocate_id,
};
NTSTATUS idmap_ldap_init(void);
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via cd8dc47 s3:idmap_autorid: fail initialization if the domain is not
*
via 95d35dd s3:docs: fix the example in the idmap_autorid manpage to
use idmap config * : rangesize
via b0b0b62 s3:idmap_autorid: use idmap config DOMAIN : rangesize
instead of autorid:rangesize
via 65490ea s3:idmap_autorid: add a talloc_stackframe() to
idmap_autorid_initialize()
from 632f672 s4-cldap: fixed the CLDAP response for IPv6 clients
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit cd8dc47bf17d2cdb1558dc6ab49320ba12af8f34
Author: Michael Adam ob...@samba.org
Date: Tue Jun 7 15:53:49 2011 +0200
s3:idmap_autorid: fail initialization if the domain is not *
autorid can only be used as a backend for the default idmap configuration.
Autobuild-User: Michael Adam ob...@samba.org
Autobuild-Date: Tue Jun 7 19:13:18 CEST 2011 on sn-devel-104
commit 95d35dde9cecac120c0a9bcd06957cd3748b15a0
Author: Michael Adam ob...@samba.org
Date: Tue Jun 7 15:21:34 2011 +0200
s3:docs: fix the example in the idmap_autorid manpage to use idmap config
* : rangesize
commit b0b0b625b588057c8c97371934bf21eb1fd985d8
Author: Michael Adam ob...@samba.org
Date: Tue Jun 7 13:02:04 2011 +0200
s3:idmap_autorid: use idmap config DOMAIN : rangesize instead of
autorid:rangesize
commit 65490ea4e67bf82cf8fb0b8e4e74047c3f63c509
Author: Michael Adam ob...@samba.org
Date: Tue Jun 7 15:16:24 2011 +0200
s3:idmap_autorid: add a talloc_stackframe() to idmap_autorid_initialize()
---
Summary of changes:
docs-xml/manpages-3/idmap_autorid.8.xml |2 +-
source3/winbindd/idmap_autorid.c| 29 +++--
2 files changed, 24 insertions(+), 7 deletions(-)
Changeset truncated at 500 lines:
diff --git a/docs-xml/manpages-3/idmap_autorid.8.xml
b/docs-xml/manpages-3/idmap_autorid.8.xml
index ac66384..b5a9bde 100644
--- a/docs-xml/manpages-3/idmap_autorid.8.xml
+++ b/docs-xml/manpages-3/idmap_autorid.8.xml
@@ -109,7 +109,7 @@
idmap config * : backend = autorid
idmap config * : range = 100-1999
- autorid:rangesize = 100
+ idmap config * : rangesize = 100
idmap config TRUSTED : backend = ad
idmap config TRUSTED : range= 5 - 9
diff --git a/source3/winbindd/idmap_autorid.c b/source3/winbindd/idmap_autorid.c
index 1f4af33..80d8ed1 100644
--- a/source3/winbindd/idmap_autorid.c
+++ b/source3/winbindd/idmap_autorid.c
@@ -435,11 +435,22 @@ static NTSTATUS idmap_autorid_initialize(struct
idmap_domain *dom)
struct autorid_global_config *storedconfig = NULL;
NTSTATUS status;
uint32_t hwm;
+ TALLOC_CTX *frame = talloc_stackframe();
+ char *config_option = NULL;
- config = TALLOC_ZERO_P(dom, struct autorid_global_config);
+ if (!strequal(dom-name, *)) {
+ DEBUG(0, (idmap_autorid_initialize: Error: autorid configured
+ for domain '%s'. But autorid can only be used for
+ the default idmap configuration.\n, dom-name));
+ status = NT_STATUS_INVALID_PARAMETER;
+ goto error;
+ }
+
+ config = TALLOC_ZERO_P(frame, struct autorid_global_config);
if (!config) {
DEBUG(0, (Out of memory!\n));
- return NT_STATUS_NO_MEMORY;
+ status = NT_STATUS_NO_MEMORY;
+ goto error;
}
status = idmap_autorid_db_init();
@@ -447,8 +458,15 @@ static NTSTATUS idmap_autorid_initialize(struct
idmap_domain *dom)
goto error;
}
+ config_option = talloc_asprintf(frame, idmap config %s, dom-name);
+ if (config_option == NULL) {
+ DEBUG(0, (Out of memory!\n));
+ status = NT_STATUS_NO_MEMORY;
+ goto error;
+ }
+
config-minvalue = dom-low_id;
- config-rangesize = lp_parm_int(-1, autorid, rangesize, 10);
+ config-rangesize = lp_parm_int(-1, config_option, rangesize, 10);
if (config-rangesize 2000) {
DEBUG(1, (autorid rangesize must be at least 2000\n));
@@ -480,7 +498,7 @@ static NTSTATUS idmap_autorid_initialize(struct
idmap_domain *dom)
config-minvalue, config-rangesize, config-maxranges));
/* read previously stored config and current HWM */
- storedconfig = idmap_autorid_loadconfig(talloc_tos());
+ storedconfig = idmap_autorid_loadconfig(frame);
if (!dbwrap_fetch_uint32(autorid_db, HWM, hwm)) {
DEBUG(1, (Fatal error while fetching current
@@ -530,8 +548,7 @@ static NTSTATUS idmap_autorid_initialize(struct
idmap_domain *dom)
return NT_STATUS_OK;
error:
- talloc_free(config);
-
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via 664e45a Revert Fix bug 8196 - Many (newer) header files don't have copyright / GPL header comments. from 5c19b41 s3:idmap_ldap: allow creation of ldap stored mappings for explicitly configured domains. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit 664e45ad111ed67b16c0e07b7c2362457d5312c2 Author: Karolin Seeger ksee...@samba.org Date: Tue Jun 7 19:52:06 2011 +0200 Revert Fix bug 8196 - Many (newer) header files don't have copyright / GPL header comments. This reverts commit 6df3ff20620b3262ff232a478312c61a207ed4ff. --- Summary of changes: auth/auth_sam_reply.h | 19 examples/libsmbclient/get_auth_data_fn.h |3 - lib/compression/mszip.h |3 - lib/crypto/arcfour.h | 19 lib/crypto/crc32.h| 22 - lib/crypto/md4.h | 22 - lib/crypto/md5.h | 19 lib/replace/hdr_replace.h | 25 --- lib/replace/replace-test.h| 19 lib/replace/system/readline.h |2 - lib/replace/win32_replace.h | 19 lib/talloc/talloc_testsuite.h | 19 lib/util/data_blob.h |2 - lib/util/time.h |2 - lib/util/util_ldb.h | 18 lib/util/util_tdb.h | 19 lib/util/wrap_xattr.h | 19 libcli/auth/libcli_auth.h |2 - libcli/auth/msrpc_parse.h | 19 libcli/auth/proto.h | 19 libcli/ldap/ldap_ndr.h| 19 libcli/nbt/nbt_proto.h| 19 libcli/netlogon/ndr_netlogon_proto.h | 19 libcli/netlogon/netlogon_proto.h | 19 libcli/smbreadline/smbreadline.h | 19 libcli/util/error.h |2 - libds/common/flag_mapping.h | 19 librpc/idl/idl_types.h| 23 -- librpc/ndr/ndr_backupkey.h| 22 - librpc/ndr/ndr_compression.h | 19 librpc/ndr/ndr_dns.h | 23 -- librpc/ndr/ndr_spoolss_buf.h | 19 librpc/ndr/ndr_table.h| 19 nsswitch/pam_winbind.h| 22 +- nsswitch/winbind_client.h | 22 - source3/auth/proto.h | 35 --- source3/groupdb/proto.h | 26 --- source3/include/ads.h | 20 - source3/include/krb5_env.h| 23 -- source3/include/krb5_protos.h | 23 -- source3/include/mangle.h | 20 - source3/include/smb_krb5.h| 19 source3/include/smb_ldap.h| 19 source3/intl/lang_tdb.h | 22 - source3/lib/eventlog/proto.h | 26 --- source3/lib/idmap_cache.h | 24 -- source3/lib/netapi/examples/common.h | 23 +- source3/lib/netapi/libnetapi.h| 19 source3/lib/privileges.h | 23 -- source3/libads/ads_ldap_protos.h | 23 -- source3/libads/ads_proto.h| 35 --- source3/libads/ads_status.h | 19 source3/libads/cldap.h| 23 -- source3/libads/kerberos_proto.h | 33 -- source3/libads/ldap_schema.h | 23 -- source3/libgpo/gpo_proto.h| 23 -- source3/libnet/libnet_join.h | 23 -- source3/librpc/ndr/util.h | 21 - source3/libsmb/clidgram.h | 23 -- source3/libsmb/errormap_wbc.h | 23 -- source3/libsmb/libsmb.h |2 - source3/libsmb/nmblib.h | 23 -- source3/libsmb/proto.h
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via 8db38ec WHATSNEW: Update changes since rc1. from 664e45a Revert Fix bug 8196 - Many (newer) header files don't have copyright / GPL header comments. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit 8db38ec99bcecd80b892f26cf676acb13292c20e Author: Karolin Seeger ksee...@samba.org Date: Tue Jun 7 20:12:24 2011 +0200 WHATSNEW: Update changes since rc1. Karolin --- Summary of changes: WHATSNEW.txt |6 ++ 1 files changed, 6 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/WHATSNEW.txt b/WHATSNEW.txt index ec1d3fa..c3c514c 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -255,6 +255,10 @@ o Andreas Schneider a...@samba.org Changes since 3.6.0rc1 -- +o Michael Adam ob...@samba.org +* BUG 8200: Add support for multiple writeable ldap idmap domains. + + o Jeremy Allison j...@samba.org * BUG 6911: Fix Kerberos authentication from Vista to Samba. * BUG 7054: Fix X account flag when pwdlastset is 0. @@ -266,9 +270,11 @@ o Jeremy Allison j...@samba.org * BUG 8156: Fix 'net ads join' using the user's Kerberos ticket. * BUG 8157: Fix parsing a cups printcap file. * BUG 8163: Fix our asn.1 parser to handle negative numbers. +* BUG 8175: Fix smbd deadlock. * BUG 8191: Split the ACE flag mapping between nfs4 and Windows into two separate functions. * BUG 8197: Winbind does not properly detect when a DC connection is dead. +* BUG 8203: Winbind needs to reset the DC connection if an RPC times out. o Christian Ambach a...@samba.org -- Samba Shared Repository
[SCM] Samba Shared Repository - annotated tag release-3-6-0rc2 created
The annotated tag, release-3-6-0rc2 has been created at cfd35c40cee3adbb17743b98f0f7038077c2861e (tag) tagging 314f161c00cfe3957f10b0f6f24adab737dfbe88 (commit) replaces release-3-6-0rc1 tagged by Karolin Seeger on Tue Jun 7 20:15:09 2011 +0200 - Log - tag release-3-6-0rc2 -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.15 (GNU/Linux) iD8DBQBN7msSbzORW2Vot+oRAgjOAJ97H2XlWAwsicLBvoXcNBihkpdwZACgiYlA iRvvnlcL0mMrH4CGF600szY= =m2mH -END PGP SIGNATURE- Andreas Schneider (1): s3-epmapper: Fixed endpoint registration. Andrew Bartlett (7): ncalrpc: Force ncalrpc dir to be mode 755 in all users docs: Rewrite 'password server' documentation docs: Clarify the 'security=server' fails for NTLMv2 s3-param Deprecate a number of security parameters for 3.6 s3-param Depricate 'password server = foo:12389' syntax s3-testparm Warn about incorrect use of 'password server' s3-docs Add documentation for ncalrpc dir Benjamin Brunner (1): s3-docs: Fix some typos. Björn Jacke (1): replace: remove waring if IOV_MAX is not defined Christian Ambach (1): Fix Bug 8152 - smbd crash in release_ip() Gregor Beck (3): s3:smbcacls: fix parsing of multiple flags nfs4_acls: pass ACE_FLAG_INHERITED_ACE up to the client nfs4_acls: pass ACE_FLAG_INHERITED_ACE down from the client Holger Hetterich (2): Make protocol version 2 the default protocol, and only run on version 1 if V1 is explcitly given as a module option. Actually make use of the SMBTA_SUBRELEASE define in smb_traffic_analyzer.h. This will allow to introduce new features or fixes into the protocol after the 3.6.0 release. The client software is designed to take care for the subrelease number. Jeremy Allison (16): Fix bug #8144 - touch /mnt/newfile fails to set timestamp with CIFS client. Fix bug 8153 found when building on an IPv6-only system by Kai Blin. Optimization. If the attributes passed to can_rename() include both FILE_ATTRIBUTE_HIDDEN and FILE_ATTRIBUTE_SYSTEM then there's no point in reading the source DOS attribute, as we're not going to deny the rename on attribute match. Fix bug 8133 - strange behavior for the file (whose filename first character is period ) in SMB2 case. Patch for bug #8156 - net ads join fails to use the user's kerberos ticket. Fix bug #8157 - std_pcap_cache_reload() fails to parse a cups printcap file correctly. Fix bug #8150 - Ban 'dos charset = utf8' Fix bug #7054 - X account flag does not work when pwdlastset is 0. Fix our asn.1 parser to handle negative numbers. Fix bug #6911 - Kerberos authentication from vista to samba fails when security blob size is greater than 16 kB Split the ACE flag mapping between nfs4 and Windows into two separate functions rather than trying to do it inline. Allows us to carefully control what flags are mapped to what in one place. Modification to bug #8191 - vfs_gpfs dosn't honor ACE_FLAG_INHERITED_ACE Fix the poll() backend to correctly respond to POLLHUP|POLLERR returns on a fd selected for TEVENT_FD_WRITE only. Add the same fix to the S3 event backend as the previous commit added to the tevent poll backend. Fix bug #8197 - winbind does not properly detect when a DC connection is dead. Fix bug #8175 - smbd deadlock. Fix bug #8203 - winbindd needs to reset the DC connection if an RPC times out. Jim McDonough (1): s3-winbind: BUG 8166 - Don't lockout users when offline. Karolin Seeger (8): VERSION: Bump version up to 3.6.0rc2. WHATSNEW: Start release notes. WHATSNEW: Start adding changes since rc1. WHATSNEW: Update changes since rc1. s3-docs: Fix version. WHATSNEW: Update changes since 3.6.0rc1. WHATSNEW: Add another change since rc1. WHATSNEW: Update changes since rc1. Luk Claes (23): idmap_ad.8: use new syntax in ad backend example idmap_adex.8: Use new syntax in adex backend example idmap_hash.8: Use new syntax for hash backend idmap_nss.8: Use new syntax for nss backend idmap_rid.8: Use new syntax in rid backend example idmap_autorid.8: Use new syntax in autorid backend examples idmap_autorid.8: Avoid confusion with idmap uid and idmap gid options wbinfo.1: Avoid confusion with idmap uid option winbindd.8: Use new syntax in example idmap_tdb2.8: Use new syntax in example idmap_tdb2.8: Remove part about alloc backend idmap_tdb2.8: Avoid confusion with idmap uid and idmap gid options idmap_tdb2.8: Remove mentioning of deprecated idmap uid and idmap gid options as fallback idmap_ldap.8: Rework example to use new idmap syntax idmap_ldap.8: Remove references to idmap alloc backend idmap_ldap.8: Backend is not only used for searching idmap_ldap.8:
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via c3ac298 s3:libsmb/cli_np_tstream: use larger buffers to avoid a bug
NT4 servers (bug #8195)
from cd8dc47 s3:idmap_autorid: fail initialization if the domain is not
*
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit c3ac298a1fe4f5cada6d09376e2d4a3df271a093
Author: Stefan Metzmacher me...@samba.org
Date: Tue Jun 7 18:27:41 2011 +0200
s3:libsmb/cli_np_tstream: use larger buffers to avoid a bug NT4 servers
(bug #8195)
NT4 servers return NT_STATUS_PIPE_BUSY if we try a SMBtrans
and the SMBwriteX before hasn't transmited the whole DCERPC fragment.
W2K and above is happy with that.
As a result we try to match the behavior of Windows and older Samba clients,
they use write and read buffers of 4280 bytes instead of 1024 bytes.
On Windows only the SMBtrans based read uses 1024 (while we also use 4280
there).
metze
Autobuild-User: Stefan Metzmacher me...@samba.org
Autobuild-Date: Tue Jun 7 20:25:32 CEST 2011 on sn-devel-104
---
Summary of changes:
source3/libsmb/cli_np_tstream.c | 19 +--
1 files changed, 17 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/libsmb/cli_np_tstream.c b/source3/libsmb/cli_np_tstream.c
index ba37ea5..5e11a92 100644
--- a/source3/libsmb/cli_np_tstream.c
+++ b/source3/libsmb/cli_np_tstream.c
@@ -28,9 +28,24 @@
static const struct tstream_context_ops tstream_cli_np_ops;
/*
- * Window uses 1024 hardcoded for read size and trans max data
+ * Windows uses 4280 (the max xmit/recv size negotiated on DCERPC).
+ * This is fits into the max_xmit negotiated at the SMB layer.
+ *
+ * On the sending side they may use SMBtranss if the request does not
+ * fit into a single SMBtrans call.
+ *
+ * Windows uses 1024 as max data size of a SMBtrans request and then
+ * possibly reads the rest of the DCERPC fragment (up to 3256 bytes)
+ * via a SMBreadX.
+ *
+ * For now we just ask for the full 4280 bytes (max data size) in the SMBtrans
+ * request to get the whole fragment at once (like samba 3.5.x and below did.
+ *
+ * It is important that we use do SMBwriteX with the size of a full fragment,
+ * otherwise we may get NT_STATUS_PIPE_BUSY on the SMBtrans request
+ * from NT4 servers. (See bug #8195)
*/
-#define TSTREAM_CLI_NP_BUF_SIZE 1024
+#define TSTREAM_CLI_NP_BUF_SIZE 4280
struct tstream_cli_np {
struct cli_state *cli;
--
Samba Shared Repository
[SCM] Samba Website Repository - branch master updated
The branch, master has been updated via d8da42e Announce Samba 3.6.0rc2. from a3e4abb Added Univention entry to verdors list. http://gitweb.samba.org/?p=samba-web.git;a=shortlog;h=master - Log - commit d8da42ed967bfe5f2e16ccabd48cc7c211a4a175 Author: Karolin Seeger ksee...@samba.org Date: Tue Jun 7 20:39:57 2011 +0200 Announce Samba 3.6.0rc2. Karolin --- Summary of changes: generated_news/latest_10_bodies.html| 35 +- generated_news/latest_10_headlines.html |4 +- generated_news/latest_2_bodies.html | 26 +++--- 3 files changed, 35 insertions(+), 30 deletions(-) Changeset truncated at 500 lines: diff --git a/generated_news/latest_10_bodies.html b/generated_news/latest_10_bodies.html index 50f4a51..5b45b32 100644 --- a/generated_news/latest_10_bodies.html +++ b/generated_news/latest_10_bodies.html @@ -1,3 +1,23 @@ + h5a name=3.6.0rc27 June 2011/a/h5 + p class=headlineSamba 3.6.0rc2 Available for Download/p + pSamba 3.6.0rc2 is available for download. This is the + first release candidate of the next upgrade production release version of Samba 3.6.0. + It is intended for btesting purposes only/b. Please test and + a href=https://bugzilla.samba.org/;report any bugs that you + find/a. Please read the changes in the + a href=http://samba.org/samba/ftp/rc/WHATSNEW-3-6-0rc2.txt;Release Notes/a + for details on new features and difference in behavior from + previous releases./p + + pThe a href=http://samba.org/samba/ftp/rc/samba-3.6.0rc2.tar.gz;Samba 3.6.0rc2 + source code/a can be downloaded now. The a + href=http://samba.org/samba/ftp/rc/samba-3.6.0rc2.tar.asc;GnuPG + signature is for the emun/emcompressed tarball/a. + Precompiled packages will + be made available on a volunteer basis and can be found in the + a href=http://samba.org/samba/ftp/Binary_Packages/;Binary_Packages download area/a./p + + h5a name=3.6.0rc117 May 2011/a/h5 p class=headlineSamba 3.6.0rc1 Available for Download/p pSamba 3.6.0rc1 is available for download. This is the @@ -123,18 +143,3 @@ against Samba 3.4.10/a is also available. See a href=http://samba.org/samba/history/samba-3.4.11.html;the release notes for more info/a./p - - -h5a name=3.4.10 22 January 2011/a/h5 -p class=headlineSamba 3.4.10 Available for Download/p -pThis is the latest stable release of the Samba 3.4 series./p - -pThe uncompressed tarballs and patch files have been signed -using GnuPG (ID 6568B7EA). The source code can be -a href=http://samba.org/samba/ftp/stable/samba-3.4.10.tar.gz;downloaded -now/a. A a -href=http://samba.org/samba/ftp/patches/patch-3.4.9-3.4.10.diffs.gz;patch -against -Samba 3.4.9/a is also available. See a -href=http://samba.org/samba/history/samba-3.4.10.html;the -release notes for more info/a./p diff --git a/generated_news/latest_10_headlines.html b/generated_news/latest_10_headlines.html index e80df71..e91199c 100644 --- a/generated_news/latest_10_headlines.html +++ b/generated_news/latest_10_headlines.html @@ -1,4 +1,6 @@ ul + li 7 June 2011 a href=#3.6.0rc2Samba 3.6.0rc2 Available for Download/a/li + li 17 May 2011 a href=#3.6.0rc1Samba 3.6.0rc1 Available for Download/a/li li 26 April 2011 a href=#3.6.0pre3Samba 3.6.0pre3 Available for Download/a/li @@ -16,6 +18,4 @@ li 28 February 2011 a href=#3.3.15Samba 3.3.15 Available for Download/a/li li 23 January 2011 a href=#3.4.11Samba 3.4.11 Available for Download/a/li - - li 22 January 2011 a href=#3.4.10Samba 3.4.10 Available for Download/a/li /ul diff --git a/generated_news/latest_2_bodies.html b/generated_news/latest_2_bodies.html index 368bd1c..97b91b1 100644 --- a/generated_news/latest_2_bodies.html +++ b/generated_news/latest_2_bodies.html @@ -1,36 +1,36 @@ - h5a name=3.6.0rc117 May 2011/a/h5 - p class=headlineSamba 3.6.0rc1 Available for Download/p - pSamba 3.6.0rc1 is available for download. This is the + h5a name=3.6.0rc27 June 2011/a/h5 + p class=headlineSamba 3.6.0rc2 Available for Download/p + pSamba 3.6.0rc2 is available for download. This is the first release candidate of the next upgrade production release version of Samba 3.6.0. It is intended for btesting purposes only/b. Please test and a href=https://bugzilla.samba.org/;report any bugs that you find/a. Please read the changes in the - a href=http://samba.org/samba/ftp/rc/WHATSNEW-3-6-0rc1.txt;Release Notes/a + a href=http://samba.org/samba/ftp/rc/WHATSNEW-3-6-0rc2.txt;Release Notes/a for details on new features and difference in behavior from previous releases./p - pThe a href=http://samba.org/samba/ftp/rc/samba-3.6.0rc1.tar.gz;Samba 3.6.0rc1 + pThe a
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via aff6c52 Fix re-opened bug 8083 - inherit owner = yes doesn't
interact correctly with vfs_acl_xattr or vfs_acl_tdb module.
from c3ac298 s3:libsmb/cli_np_tstream: use larger buffers to avoid a bug
NT4 servers (bug #8195)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit aff6c52370f853d447fc089796b0e4aa29c24d75
Author: Jeremy Allison j...@samba.org
Date: Tue Jun 7 11:54:35 2011 -0700
Fix re-opened bug 8083 - inherit owner = yes doesn't interact correctly
with vfs_acl_xattr or vfs_acl_tdb module.
Fix incorrect interaction when all of
inherit permissions = yes
inherit acls = yes
inherit owner = yes
are set. Found by Björn Jacke. Thanks Björn !
Autobuild-User: Jeremy Allison j...@samba.org
Autobuild-Date: Tue Jun 7 22:32:18 CEST 2011 on sn-devel-104
---
Summary of changes:
source3/modules/vfs_acl_common.c | 21 +
1 files changed, 17 insertions(+), 4 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/modules/vfs_acl_common.c b/source3/modules/vfs_acl_common.c
index a177146..fc9c3cd 100644
--- a/source3/modules/vfs_acl_common.c
+++ b/source3/modules/vfs_acl_common.c
@@ -448,10 +448,14 @@ static NTSTATUS inherit_new_acl(vfs_handle_struct *handle,
struct security_descriptor *psd = NULL;
struct dom_sid *owner_sid = NULL;
struct dom_sid *group_sid = NULL;
+ uint32_t security_info_sent = (SECINFO_OWNER | SECINFO_GROUP |
SECINFO_DACL);
bool inherit_owner = lp_inherit_owner(SNUM(handle-conn));
+ bool inheritable_components = sd_has_inheritable_components(parent_desc,
+ is_directory);
size_t size;
- if (!sd_has_inheritable_components(parent_desc, is_directory)) {
+ if (!inheritable_components !inherit_owner) {
+ /* Nothing to inherit and not setting owner. */
return NT_STATUS_OK;
}
@@ -487,6 +491,17 @@ static NTSTATUS inherit_new_acl(vfs_handle_struct *handle,
return status;
}
+ /* If inheritable_components == false,
+ se_create_child_secdesc()
+ creates a security desriptor with a NULL dacl
+ entry, but with SEC_DESC_DACL_PRESENT. We need
+ to remove that flag. */
+
+ if (!inheritable_components) {
+ security_info_sent = ~SECINFO_DACL;
+ psd-type = ~SEC_DESC_DACL_PRESENT;
+ }
+
if (DEBUGLEVEL = 10) {
DEBUG(10,(inherit_new_acl: child acl for %s is:\n,
fsp_str_dbg(fsp) ));
@@ -498,9 +513,7 @@ static NTSTATUS inherit_new_acl(vfs_handle_struct *handle,
become_root();
}
status = SMB_VFS_FSET_NT_ACL(fsp,
- (SECINFO_OWNER |
-SECINFO_GROUP |
-SECINFO_DACL),
+ security_info_sent,
psd);
if (inherit_owner) {
unbecome_root();
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 5fb2781 Part 3 of bugfix for #8211 - inherit owner = yes doesn't
interact correctly with inherit permissions = yes and POSIX ACLs
via 40c54a7 Part 2 of bugfix for #8211 - inherit owner = yes doesn't
interact correctly with inherit permissions = yes and POSIX ACLs
via cabed2f Part 1 of bugfix for #8211 - inherit owner = yes doesn't
interact correctly with inherit permissions = yes and POSIX ACLs
from aff6c52 Fix re-opened bug 8083 - inherit owner = yes doesn't
interact correctly with vfs_acl_xattr or vfs_acl_tdb module.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 5fb27814ad5566b264acf0f014d1721afc39b176
Author: Jeremy Allison j...@samba.org
Date: Tue Jun 7 16:55:20 2011 -0700
Part 3 of bugfix for #8211 - inherit owner = yes doesn't interact
correctly with inherit permissions = yes and POSIX ACLs
When changing ownership on a new file make sure we
must have a valid stat struct before making the inheritance
calls (as they may look at it), and if we make changes we
must have a valid stat struct after them.
Autobuild-User: Jeremy Allison j...@samba.org
Autobuild-Date: Wed Jun 8 03:07:04 CEST 2011 on sn-devel-104
commit 40c54a736dff751dcdc66d6cd5c5d2307aeda75c
Author: Jeremy Allison j...@samba.org
Date: Tue Jun 7 16:48:14 2011 -0700
Part 2 of bugfix for #8211 - inherit owner = yes doesn't interact
correctly with inherit permissions = yes and POSIX ACLs
When changing ownership on a new file make sure we
also change the returned stat struct to have the correct uid.
commit cabed2fb179ea38ac93f8b9872dc3be7825d13f8
Author: Jeremy Allison j...@samba.org
Date: Tue Jun 7 16:42:02 2011 -0700
Part 1 of bugfix for #8211 - inherit owner = yes doesn't interact
correctly with inherit permissions = yes and POSIX ACLs
When changing ownership on a new directory make sure we
also change the returned stat struct to have the correct uid.
---
Summary of changes:
source3/smbd/open.c | 64 +-
1 files changed, 47 insertions(+), 17 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/smbd/open.c b/source3/smbd/open.c
index d4b0934..3603a81 100644
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -241,6 +241,8 @@ void change_file_owner_to_parent(connection_struct *conn,
DEBUG(10,(change_file_owner_to_parent: changed new file %s to
parent directory uid %u.\n, fsp_str_dbg(fsp),
(unsigned int)smb_fname_parent-st.st_ex_uid));
+ /* Ensure the uid entry is updated. */
+ fsp-fsp_name-st.st_ex_uid = smb_fname_parent-st.st_ex_uid;
}
TALLOC_FREE(smb_fname_parent);
@@ -350,6 +352,8 @@ NTSTATUS change_dir_owner_to_parent(connection_struct *conn,
DEBUG(10,(change_dir_owner_to_parent: changed ownership of new
directory %s to parent directory uid %u.\n,
fname, (unsigned int)smb_fname_parent-st.st_ex_uid ));
+ /* Ensure the uid entry is updated. */
+ psbuf-st_ex_uid = smb_fname_parent-st.st_ex_uid;
}
chdir:
@@ -378,6 +382,7 @@ static NTSTATUS open_file(files_struct *fsp,
int accmode = (flags O_ACCMODE);
int local_flags = flags;
bool file_existed = VALID_STAT(fsp-fsp_name-st);
+ bool file_created = false;
fsp-fh-fd = -1;
errno = EPERM;
@@ -477,23 +482,7 @@ static NTSTATUS open_file(files_struct *fsp,
}
if ((local_flags O_CREAT) !file_existed) {
-
- /* Inherit the ACL if required */
- if (lp_inherit_perms(SNUM(conn))) {
- inherit_access_posix_acl(conn, parent_dir,
-smb_fname-base_name,
-unx_mode);
- }
-
- /* Change the owner if required. */
- if (lp_inherit_owner(SNUM(conn))) {
- change_file_owner_to_parent(conn, parent_dir,
- fsp);
- }
-
- notify_fname(conn, NOTIFY_ACTION_ADDED,
-FILE_NOTIFY_CHANGE_FILE_NAME,
-smb_fname-base_name);
+ file_created = true;
}
} else {
@@ -603,6 +592,47 @@ static NTSTATUS open_file(files_struct *fsp,
fd_close(fsp);
return status;
}
+
+ if (file_created) {
+
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via c790213 s4-gensec bring GSS_S_CONTEXT_EXPIRED into it's own error
handler
via 9cf686f s4-credentials Don't use expired Kerberos or GSSAPI
credentials
via 8dbab93 s4-credentials Allow use of file-based credentials caches
for debugging.
from 5fb2781 Part 3 of bugfix for #8211 - inherit owner = yes doesn't
interact correctly with inherit permissions = yes and POSIX ACLs
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit c79021382b3feda518440f7627a78959b96d0619
Author: Andrew Bartlett abart...@samba.org
Date: Wed Jun 8 08:55:19 2011 +1000
s4-gensec bring GSS_S_CONTEXT_EXPIRED into it's own error handler
This allows us to print much more debugging in this critical situation.
Andrew Bartlett
Autobuild-User: Andrew Bartlett abart...@samba.org
Autobuild-Date: Wed Jun 8 04:19:58 CEST 2011 on sn-devel-104
commit 9cf686f56fa50932a67f80a455c36025ca3470db
Author: Andrew Bartlett abart...@samba.org
Date: Wed Jun 8 08:53:16 2011 +1000
s4-credentials Don't use expired Kerberos or GSSAPI credentials
In a long-lived credentials cache situation, we may need to refetch
the ticket after (say) 10 hours. This code should help that happen,
by checking the lifetime before returning any credentials cache or
GSSAPI credentials.
Andrew Bartlett
commit 8dbab93f28d8ddbce8f44116f45a107a05a59a15
Author: Andrew Bartlett abart...@samba.org
Date: Wed Jun 8 08:51:56 2011 +1000
s4-credentials Allow use of file-based credentials caches for debugging.
This means that we will leave a slew of file based credentials caches
in /tmp, which should give some clues to the administrator or
developer via klist as to what has gone wrong.
Andrew Bartlett
---
Summary of changes:
source4/auth/credentials/credentials_krb5.c | 73 ---
source4/auth/gensec/gensec_gssapi.c | 59 +
2 files changed, 125 insertions(+), 7 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/auth/credentials/credentials_krb5.c
b/source4/auth/credentials/credentials_krb5.c
index bfba167..26fa809 100644
--- a/source4/auth/credentials/credentials_krb5.c
+++ b/source4/auth/credentials/credentials_krb5.c
@@ -235,9 +235,15 @@ static int cli_credentials_new_ccache(struct
cli_credentials *cred,
if (!ccache_name) {
must_free_cc_name = true;
- ccache_name = talloc_asprintf(ccc, MEMORY:%p,
- ccc);
-
+
+ if (lpcfg_parm_bool(lp_ctx, NULL, credentials,
krb5_cc_file, false)) {
+ ccache_name = talloc_asprintf(ccc,
FILE:/tmp/krb5_cc_samba_%u_%p,
+ (unsigned int)getpid(),
ccc);
+ } else {
+ ccache_name = talloc_asprintf(ccc, MEMORY:%p,
+ ccc);
+ }
+
if (!ccache_name) {
talloc_free(ccc);
(*error_string) = strerror(ENOMEM);
@@ -288,8 +294,38 @@ _PUBLIC_ int cli_credentials_get_named_ccache(struct
cli_credentials *cred,
if (cred-ccache_obtained = cred-ccache_threshold
cred-ccache_obtained CRED_UNINITIALISED) {
- *ccc = cred-ccache;
- return 0;
+ time_t lifetime;
+ bool expired = false;
+ ret =
krb5_cc_get_lifetime(cred-ccache-smb_krb5_context-krb5_context,
+ cred-ccache-ccache, lifetime);
+ if (ret == KRB5_CC_END) {
+ /* If we have a particular ccache set, without
+* an initial ticket, then assume there is a
+* good reason */
+ } else if (ret == 0) {
+ if (lifetime == 0) {
+ DEBUG(3, (Ticket in credentials cache for %s
expired, will refresh\n,
+ cli_credentials_get_principal(cred,
cred)));
+ expired = true;
+ } else if (lifetime 300) {
+ DEBUG(3, (Ticket in credentials cache for %s
will shortly expire (%u secs), will refresh\n,
+ cli_credentials_get_principal(cred,
cred), (unsigned int)lifetime));
+ expired = true;
+ }
+ } else {
+ (*error_string) = talloc_asprintf(cred, failed to get
ccache lifetime: %s\n,
+
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 4afe426 s4-ipv6: fill in pdc_ip in DsRGetDCNameEx2
via e14538d s4-wins: ensure we only use IPv4 for WINS owner
via 79ef434 s4-interface: raise the debug level for interface discovery
from c790213 s4-gensec bring GSS_S_CONTEXT_EXPIRED into it's own error
handler
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 4afe426877fed3ed4d1dae4a8d96dce3f4983b91
Author: Andrew Tridgell tri...@samba.org
Date: Wed Jun 8 11:49:24 2011 +1000
s4-ipv6: fill in pdc_ip in DsRGetDCNameEx2
this may be different from the CLDAP response, as it can be IPv6
Autobuild-User: Andrew Tridgell tri...@samba.org
Autobuild-Date: Wed Jun 8 06:07:29 CEST 2011 on sn-devel-104
commit e14538d9394fc5d21a5e3ec34574b9fb5c468ba2
Author: Andrew Tridgell tri...@samba.org
Date: Wed Jun 8 10:42:02 2011 +1000
s4-wins: ensure we only use IPv4 for WINS owner
commit 79ef434b900288f23f352dcce083c37308baef2d
Author: Andrew Tridgell tri...@samba.org
Date: Wed Jun 8 10:41:38 2011 +1000
s4-interface: raise the debug level for interface discovery
---
Summary of changes:
source4/lib/socket/interface.c|6 +++---
source4/nbt_server/wins/wins_ldb.c|2 +-
source4/nbt_server/wins/winsserver.c |2 +-
source4/rpc_server/netlogon/dcerpc_netlogon.c | 15 ---
4 files changed, 17 insertions(+), 8 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/lib/socket/interface.c b/source4/lib/socket/interface.c
index 9cb8f5e..d5b610f 100644
--- a/source4/lib/socket/interface.c
+++ b/source4/lib/socket/interface.c
@@ -116,18 +116,18 @@ static void add_interface(TALLOC_CTX *mem_ctx, const
struct iface_struct *ifs, s
/* keep string versions too, to avoid people tripping over the implied
static in inet_ntoa() */
print_sockaddr(addr, sizeof(addr), iface-ip);
- DEBUG(2,(added interface %s ip=%s ,
+ DEBUG(4,(added interface %s ip=%s ,
iface-name, addr));
iface-ip_s = talloc_strdup(iface, addr);
print_sockaddr(addr, sizeof(addr),
iface-bcast);
- DEBUG(2,(bcast=%s , addr));
+ DEBUG(4,(bcast=%s , addr));
iface-bcast_s = talloc_strdup(iface, addr);
print_sockaddr(addr, sizeof(addr),
iface-netmask);
- DEBUG(2,(netmask=%s\n, addr));
+ DEBUG(4,(netmask=%s\n, addr));
iface-nmask_s = talloc_strdup(iface, addr);
/*
diff --git a/source4/nbt_server/wins/wins_ldb.c
b/source4/nbt_server/wins/wins_ldb.c
index 6519f9e..304c98d 100644
--- a/source4/nbt_server/wins/wins_ldb.c
+++ b/source4/nbt_server/wins/wins_ldb.c
@@ -93,7 +93,7 @@ static int wins_ldb_init(struct ldb_module *module)
if (!owner) {
struct interface *ifaces;
load_interface_list(module, lp_ctx, ifaces);
- owner = iface_list_n_ip(ifaces, 0);
+ owner = iface_list_first_v4(ifaces);
if (!owner) {
owner = 0.0.0.0;
}
diff --git a/source4/nbt_server/wins/winsserver.c
b/source4/nbt_server/wins/winsserver.c
index 604c86e..5f1f417 100644
--- a/source4/nbt_server/wins/winsserver.c
+++ b/source4/nbt_server/wins/winsserver.c
@@ -1058,7 +1058,7 @@ NTSTATUS nbtd_winsserver_init(struct nbtd_server *nbtsrv)
if (owner == NULL) {
struct interface *ifaces;
load_interface_list(nbtsrv-task, nbtsrv-task-lp_ctx,
ifaces);
- owner = iface_list_n_ip(ifaces, 0);
+ owner = iface_list_first_v4(ifaces);
}
nbtsrv-winssrv-wins_db = winsdb_connect(nbtsrv-winssrv,
nbtsrv-task-event_ctx,
diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c
b/source4/rpc_server/netlogon/dcerpc_netlogon.c
index 8964c1d..d5a7eeb 100644
--- a/source4/rpc_server/netlogon/dcerpc_netlogon.c
+++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c
@@ -37,6 +37,7 @@
#include lib/tsocket/tsocket.h
#include librpc/gen_ndr/ndr_netlogon.h
#include librpc/gen_ndr/ndr_irpc.h
+#include lib/socket/netif.h
struct netlogon_server_pipe_state {
struct netr_Credential client_challenge;
@@ -1233,6 +1234,7 @@ static NTSTATUS
dcesrv_netr_NetrEnumerateTrustedDomains(struct dcesrv_call_state
static NTSTATUS dcesrv_netr_LogonGetCapabilities(struct dcesrv_call_state
*dce_call, TALLOC_CTX *mem_ctx,
struct netr_LogonGetCapabilities *r)
{
+
/* we don't support AES yet */
return NT_STATUS_NOT_IMPLEMENTED;
}
@@ -1710,6 +1712,8 @@ static WERROR dcesrv_netr_DsRGetDCNameEx2(struct
dcesrv_call_state *dce_call,
NTSTATUS status;
const char *dc_name = NULL;
const char *domain_name = NULL;
+ struct
[SCM] CTDB repository - branch 1.2 updated - ctdb-1.9.1-440-gbfffe06
The branch, 1.2 has been updated via bfffe067a8152145ef54482dccb49529c6a4827f (commit) via d7ab0958609264df36b7db5591d7013c0d9f95d2 (commit) via 8f75f620f97672ad9ee65cb8d9c10d1916413ffb (commit) via 9051032bc1bdb1d26902800409a248c44836da58 (commit) via a9caac9eeed27d6d5efd22926a962a25d1a5ef7f (commit) via 19a41fdc40fada29046d102de34d6fbe0c7a3768 (commit) via 8df10dfdbd9b19514caadf236c34eadcb07419f7 (commit) from ee5e90f5ad43be8e3b0b3f0aa00e6fc0be982099 (commit) http://gitweb.samba.org/?p=ctdb.git;a=shortlog;h=1.2 - Log - commit bfffe067a8152145ef54482dccb49529c6a4827f Author: Martin Schwenke mar...@meltin.net Date: Mon May 23 15:33:12 2011 +1000 onnode: fix natgwlist nodespec This hasn't worked for a while if ever. We treat this case specially because the output has 2 works on the 1st line. We also handle the error case where /etc/ctdb_natgw_nodes exists but none of the other $NATGW_* configuration is done. Signed-off-by: Martin Schwenke mar...@meltin.net commit d7ab0958609264df36b7db5591d7013c0d9f95d2 Author: Martin Schwenke mar...@meltin.net Date: Mon May 23 15:24:52 2011 +1000 onnode: fix get_nodes_with_status() Setting IFS and looping though items with colons in them doesn't work. Change this to read through the output line by line. The header line needs to be thrown away by throwing away everything up to the 1st newline. Keep stderr from the ctdb status command, otherwise debugging is impossible. On error, append any output from ctdb to onnode's error message. Signed-off-by: Martin Schwenke mar...@meltin.net commit 8f75f620f97672ad9ee65cb8d9c10d1916413ffb Author: Martin Schwenke mar...@meltin.net Date: Tue May 17 14:26:55 2011 +1000 onnode: Remove an unnecessary comment. The comment about $CTDB_NODES_SOCKETS is meaningless. The code ti refers to works just find with $CTDB_NODES_SOCKETS. Signed-off-by: Martin Schwenke mar...@meltin.net commit 9051032bc1bdb1d26902800409a248c44836da58 Author: Martin Schwenke mar...@meltin.net Date: Tue May 17 14:24:30 2011 +1000 onnode: Future-proof get_nodes_with_status(). The current code requires knowledge of the number of status bits output by ctdb status -Y. This changes the code to be completely general. Signed-off-by: Martin Schwenke mar...@meltin.net commit a9caac9eeed27d6d5efd22926a962a25d1a5ef7f Author: Martin Schwenke mar...@meltin.net Date: Tue May 17 13:25:08 2011 +1000 onnode: Exit with error for unknown command-line flags. Use of local was masking errors in command-line processing. Signed-off-by: Martin Schwenke mar...@meltin.net commit 19a41fdc40fada29046d102de34d6fbe0c7a3768 Author: Martin Schwenke mar...@meltin.net Date: Tue May 17 13:20:51 2011 +1000 onnode: Be defensive when listing IPs of nodes with designated status. The current version gives the last item left after stripping the known fields. If an insufficent number of status fields is stripped then this would return a residual status field value, which turned out to be a valid IP address for localhost... so no error occurs. This change means that the node number is stripped and any residual status field value will stay appended, causing an error the first time this command is tested. Signed-off-by: Martin Schwenke mar...@meltin.net commit 8df10dfdbd9b19514caadf236c34eadcb07419f7 Author: Martin Schwenke mar...@meltin.net Date: Tue May 17 13:18:11 2011 +1000 onnode - Fix long standing bug in onnode healthy/ok/connected/con. When the output of ctdb status -Y changed to add an extra status column we didn't fix onnode. This adds a match for the extra column. Signed-off-by: Martin Schwenke mar...@meltin.net --- Summary of changes: tools/onnode | 93 +++-- 1 files changed, 57 insertions(+), 36 deletions(-) Changeset truncated at 500 lines: diff --git a/tools/onnode b/tools/onnode index fa61b47..804ab09 100755 --- a/tools/onnode +++ b/tools/onnode @@ -70,7 +70,9 @@ parse_options () # $POSIXLY_CORRECT means that the command passed to onnode can # take options and getopt won't reorder things to make them # options ot onnode. -local temp=$(POSIXLY_CORRECT=1 getopt -n $prog -o cf:hno:pqv -l help -- $@) +local temp +# Not on the previous line - local returns 0! +temp=$(POSIXLY_CORRECT=1 getopt -n $prog -o cf:hno:pqv -l help -- $@) [ $? != 0 ] usage @@ -136,44 +138,47 @@ get_nodes_with_status () local all_nodes=$1 local status=$2 -local bits -case $status in - healthy) - bits=0:0:0:0:0 -
