[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 99f2177 s3-ctdb: Make use of CTDB_CONTROL_CHECK_SRVIDS from da992be Fix bug 8636 - When returning an ACL without SECINFO_DACL requested, we still set SEC_DESC_DACL_PRESENT in the type field. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 99f2177e8fbf7f288fa896a0c64bfb6ae03b9ada Author: Volker Lendecke v...@samba.org Date: Mon Oct 31 16:30:38 2011 +0100 s3-ctdb: Make use of CTDB_CONTROL_CHECK_SRVIDS This should be a lot quicker than PROCESS_EXISTS followed by looking at serverid.tdb Autobuild-User: Volker Lendecke vlen...@samba.org Autobuild-Date: Wed Nov 30 12:47:27 CET 2011 on sn-devel-104 --- Summary of changes: source3/configure.in | 23 + source3/include/ctdbd_conn.h |4 + source3/lib/ctdbd_conn.c | 212 +- source3/lib/serverid.c | 13 +++ 4 files changed, 250 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/configure.in b/source3/configure.in index 529b29b..46c98aa 100644 --- a/source3/configure.in +++ b/source3/configure.in @@ -5548,6 +5548,29 @@ if test x$have_cluster_support = xyes ; then fi if test x$have_cluster_support = xyes ; then + AC_HAVE_DECL(CTDB_CONTROL_CHECK_SRVIDS,[ + #include confdefs.h + #define NO_CONFIG_H + #include replace.h + #include system/wait.h + #include system/network.h + #include talloc.h + #include tdb.h + #include ctdb.h + #include ctdb_private.h + ]) + if test x$ac_cv_have_CTDB_CONTROL_CHECK_SRVIDS_decl != xyes + then + if test x$enable_old_ctdb = xyes ; then + AC_MSG_WARN([ignoring missing CHECK_SRVIDS (--enable-old-ctdb)]) + else + ctdb_broken=support for CHECK_SRVIDS control missing + have_cluster_support=no + fi + fi +fi + +if test x$have_cluster_support = xyes ; then # In ctdb 1.0.57, ctdb_control_tcp was temporarily renamed # to ctdb_tcp_client. AC_CHECK_TYPE(struct ctdb_tcp_client,[ diff --git a/source3/include/ctdbd_conn.h b/source3/include/ctdbd_conn.h index 1d52577..9a3c27c 100644 --- a/source3/include/ctdbd_conn.h +++ b/source3/include/ctdbd_conn.h @@ -46,6 +46,9 @@ bool ctdbd_process_exists(struct ctdbd_connection *conn, uint32 vnn, bool ctdb_processes_exist(struct ctdbd_connection *conn, const struct server_id *pids, int num_pids, bool *results); +bool ctdb_serverids_exist(struct ctdbd_connection *conn, + const struct server_id *pids, unsigned num_pids, + bool *results); char *ctdbd_dbpath(struct ctdbd_connection *conn, TALLOC_CTX *mem_ctx, uint32_t db_id); @@ -79,5 +82,6 @@ NTSTATUS ctdbd_control_local(struct ctdbd_connection *conn, uint32 opcode, int *cstatus); NTSTATUS ctdb_watch_us(struct ctdbd_connection *conn); NTSTATUS ctdb_unwatch(struct ctdbd_connection *conn); +NTSTATUS register_with_ctdbd(struct ctdbd_connection *conn, uint64_t srvid); #endif /* _CTDBD_CONN_H */ diff --git a/source3/lib/ctdbd_conn.c b/source3/lib/ctdbd_conn.c index e0bdbd0..940d477 100644 --- a/source3/lib/ctdbd_conn.c +++ b/source3/lib/ctdbd_conn.c @@ -107,8 +107,7 @@ static void ctdb_packet_dump(struct ctdb_req_header *hdr) /* * Register a srvid with ctdbd */ -static NTSTATUS register_with_ctdbd(struct ctdbd_connection *conn, - uint64_t srvid) +NTSTATUS register_with_ctdbd(struct ctdbd_connection *conn, uint64_t srvid) { int cstatus; @@ -1032,6 +1031,215 @@ fail: return result; } +struct ctdb_vnn_list { + uint32_t vnn; + uint32_t reqid; + unsigned num_srvids; + unsigned num_filled; + uint64_t *srvids; + unsigned *pid_indexes; +}; + +/* + * Get a list of all vnns mentioned in a list of + * server_ids. vnn_indexes tells where in the vnns array we have to + * place the pids. + */ +static bool ctdb_collect_vnns(TALLOC_CTX *mem_ctx, + const struct server_id *pids, unsigned num_pids, + struct ctdb_vnn_list **pvnns, + unsigned *pnum_vnns) +{ + struct ctdb_vnn_list *vnns = NULL; + unsigned *vnn_indexes = NULL; + unsigned i, num_vnns = 0; + + vnn_indexes = talloc_array(mem_ctx, unsigned, num_pids); + if (vnn_indexes == NULL) { + goto fail; + } + + for (i=0; inum_pids; i++) { + unsigned j; + uint32_t vnn = pids[i].vnn; + + for (j=0; jnum_vnns; j++) { + if (vnn ==
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 4afbda2 s4:libcli/raw: implement on top of smbXcli_conn/req via 99ef6a4 s4:libcli: do the nbss session request within smbcli_sock_connect_*() via 52dd549 s4:libcli/raw: remove unused functions via b21f344 s4:libcli: use smbcli_sock_connect() in smbcli_socket_connect() via 4877be53 s4:libcli: move smbcli_transport_establish() logic into smbcli_socket_connect() via b51c92a s4:libcli: convert smbcli_transport_connect_* to tevent_req via 706e108 s4:lib/socket: add socket_connect_multi_ex_* from 99f2177 s3-ctdb: Make use of CTDB_CONTROL_CHECK_SRVIDS http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 4afbda221c20ffa36a1d1e37ef11f86073a49da6 Author: Stefan Metzmacher me...@samba.org Date: Fri Sep 23 08:35:17 2011 +0200 s4:libcli/raw: implement on top of smbXcli_conn/req metze Autobuild-User: Stefan Metzmacher me...@samba.org Autobuild-Date: Wed Nov 30 15:13:36 CET 2011 on sn-devel-104 commit 99ef6a4bec1058b3649e5e72f8ea85f6df93a154 Author: Stefan Metzmacher me...@samba.org Date: Wed Nov 30 08:50:11 2011 +0100 s4:libcli: do the nbss session request within smbcli_sock_connect_*() metze commit 52dd549eb64ea9b79bd4cbeba0fa4183aad7bb4c Author: Stefan Metzmacher me...@samba.org Date: Wed Nov 30 08:35:33 2011 +0100 s4:libcli/raw: remove unused functions metze commit b21f344079920194f94bbee7f44d8a6582e4d1a2 Author: Stefan Metzmacher me...@samba.org Date: Wed Nov 30 08:33:29 2011 +0100 s4:libcli: use smbcli_sock_connect() in smbcli_socket_connect() metze commit 4877be53df1181f75d603fa4edc67c34e1ba5141 Author: Stefan Metzmacher me...@samba.org Date: Wed Nov 30 07:17:31 2011 +0100 s4:libcli: move smbcli_transport_establish() logic into smbcli_socket_connect() metze commit b51c92a903877015acf268ab8ff0e07d3a82b295 Author: Stefan Metzmacher me...@samba.org Date: Tue Nov 29 11:57:11 2011 +0100 s4:libcli: convert smbcli_transport_connect_* to tevent_req metze commit 706e10820d490e0865b73f66a8665951aa6a71e3 Author: Stefan Metzmacher me...@samba.org Date: Tue Nov 29 16:25:03 2011 +0100 s4:lib/socket: add socket_connect_multi_ex_* This add an async establish hook, that gets called before a connection success is detected. This can be used to do a NBT session request and it makes sure that we don't cancel the connection on port 445, just because the tcp connect on port 139 worked. metze --- Summary of changes: source4/client/client.c | 18 +- source4/lib/socket/connect_multi.c | 129 - source4/lib/socket/socket.h | 28 + source4/libcli/cliconnect.c | 46 +- source4/libcli/libcli.h | 10 +- source4/libcli/raw/clioplock.c | 11 +- source4/libcli/raw/clisession.c |3 +- source4/libcli/raw/clisocket.c | 407 ++- source4/libcli/raw/clitransport.c| 713 ++- source4/libcli/raw/libcliraw.h | 73 +-- source4/libcli/raw/rawnegotiate.c| 253 +++ source4/libcli/raw/rawnotify.c | 64 +-- source4/libcli/raw/rawreadwrite.c|6 - source4/libcli/raw/rawrequest.c | 227 --- source4/libcli/raw/rawtrans.c| 1126 -- source4/libcli/raw/smb_signing.c | 175 - source4/libcli/smb2/connect.c| 56 +- source4/libcli/smb_composite/connect.c | 94 +-- source4/libcli/smb_composite/sesssetup.c | 42 +- source4/librpc/rpc/dcerpc_smb.c | 10 +- source4/ntvfs/cifs/vfs_cifs.c|3 +- source4/torture/basic/base.c | 36 +- source4/torture/raw/lockbench.c | 26 +- source4/torture/raw/openbench.c | 25 +- 24 files changed, 1486 insertions(+), 2095 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/client/client.c b/source4/client/client.c index 57686bb..d7adc41 100644 --- a/source4/client/client.c +++ b/source4/client/client.c @@ -3184,6 +3184,7 @@ static int do_message_op(const char *netbios_name, const char *desthost, struct nbt_name called, calling; const char *server_name; struct smbcli_state *cli; + bool ok; make_nbt_name_client(calling, netbios_name); @@ -3191,17 +3192,18 @@ static int do_message_op(const char *netbios_name, const char *desthost, server_name = destip ? destip : desthost; - if (!(cli = smbcli_state_init(NULL)) || - !smbcli_socket_connect(cli, server_name, destports, - ev_ctx, resolve_ctx, options, - socket_options)) { -
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via de553b5 s4:gensec/spnego: only try the mechs that match the client given ones from 4afbda2 s4:libcli/raw: implement on top of smbXcli_conn/req http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit de553b52f2bacf54b57b56216fbb91f9108026be Author: Stefan Metzmacher me...@samba.org Date: Wed Nov 30 15:17:05 2011 +0100 s4:gensec/spnego: only try the mechs that match the client given ones Windows-Members of NT4/Samba3 domains, send MechTypes: 1.3.6.1.4.1.311.2.2.10 [NTLMSSP] 1.2.840.48018.1.2.2[krb5 broken] 1.2.840.113554.1.2.2 [krb5] MechToken for NTLMSSP. This patch makes sure we start NTLMSSP with the given MechToken, instead of trying to pass the NTLMSSP MechToken to the krb5 backend first. As that would fail the authentication with an error instead of trying fallbacks. metze Autobuild-User: Stefan Metzmacher me...@samba.org Autobuild-Date: Wed Nov 30 17:03:29 CET 2011 on sn-devel-104 --- Summary of changes: source4/auth/gensec/spnego.c |4 1 files changed, 4 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/auth/gensec/spnego.c b/source4/auth/gensec/spnego.c index fd3caaa..fae32d8 100644 --- a/source4/auth/gensec/spnego.c +++ b/source4/auth/gensec/spnego.c @@ -428,6 +428,10 @@ static NTSTATUS gensec_spnego_parse_negTokenInit(struct gensec_security *gensec_ uint32_t j; for (j=0; mechType mechType[j]; j++) { for (i=0; all_sec all_sec[i].op; i++) { + if (strcmp(mechType[j], all_sec[i].oid) != 0) { + continue; + } + nt_status = gensec_subcontext_start(spnego_state, gensec_security, spnego_state-sub_sec_security); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 9c4d498 s3-waf: fix the build with CTDB_CONTROL_CHECK_SRVIDS. from de553b5 s4:gensec/spnego: only try the mechs that match the client given ones http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 9c4d49863a80ebe6dedd8faeb4bf41270f7ba685 Author: Günther Deschner g...@samba.org Date: Wed Nov 30 16:34:52 2011 +0100 s3-waf: fix the build with CTDB_CONTROL_CHECK_SRVIDS. Volker, Michael, please check. Guenther Autobuild-User: Günther Deschner g...@samba.org Autobuild-Date: Wed Nov 30 18:37:29 CET 2011 on sn-devel-104 --- Summary of changes: source3/wscript | 29 + 1 files changed, 29 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/wscript b/source3/wscript index 2514048..4dc4560 100644 --- a/source3/wscript +++ b/source3/wscript @@ -1545,6 +1545,35 @@ main() { includes=includes, msg='Checking for ctdb ipv6 support') +if have_cluster_support: +conf.CHECK_CODE(''' +#define NO_CONFIG_H +#include replace.h +#include system/wait.h +#include system/network.h +#include talloc.h +#include tdb.h +#include ctdb.h +#include ctdb_private.h + +int main(void) +{ +int i = (int)CTDB_CONTROL_CHECK_SRVIDS; +return 0; +} +''', +'HAVE_CTDB_CONTROL_CHECK_SRVIDS_DECL', +addmain=False, +includes=includes, + msg='Checking for CHECK_SRVIDS control') + +if not conf.CONFIG_SET('HAVE_CTDB_CONTROL_CHECK_SRVIDS_DECL'): +if not Options.options.enable_old_ctdb: +have_cluster_support = False +ctdb_broken = CHECK_SRVIDS control missing +else: +Logs.warn(ignoring missing CHECK_SRVIDS control (--enable-old-ctdb)) + if have_cluster_support: Logs.info(building with cluster support) conf.DEFINE('CLUSTER_SUPPORT', 1); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 456c69f s4:lib/tls - call gnutls_transport_set_lowat only on GNUTLS 3.0 from 9c4d498 s3-waf: fix the build with CTDB_CONTROL_CHECK_SRVIDS. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 456c69f95e7a672c4cc9a5e6e52fb37e14012304 Author: Matthias Dieter Wallnöfer m...@samba.org Date: Mon Nov 28 20:55:37 2011 +0100 s4:lib/tls - call gnutls_transport_set_lowat only on GNUTLS 3.0 This function call together with the lowat feature has been removed in release 3.0 as described in this mailing list post: http://old.nabble.com/gnutls_transport_set_lowat-deprecated-td32554230.html. Since we do not make any use of lowat (esprimed by each function call) we are free to simply omit it on v3.0 and later. This addresses bug #8537. Reviewed by: abartlet + metze Autobuild-User: Matthias Dieter Wallnöfer m...@samba.org Autobuild-Date: Wed Nov 30 20:11:14 CET 2011 on sn-devel-104 --- Summary of changes: source4/lib/tls/tls.c |4 source4/lib/tls/tls_tstream.c |4 2 files changed, 8 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/lib/tls/tls.c b/source4/lib/tls/tls.c index 00c2d13..3a49e2f 100644 --- a/source4/lib/tls/tls.c +++ b/source4/lib/tls/tls.c @@ -505,7 +505,9 @@ struct socket_context *tls_init_server(struct tls_params *params, gnutls_transport_set_ptr(tls-session, (gnutls_transport_ptr)tls); gnutls_transport_set_pull_function(tls-session, (gnutls_pull_func)tls_pull); gnutls_transport_set_push_function(tls-session, (gnutls_push_func)tls_push); +#if GNUTLS_VERSION_MAJOR 3 gnutls_transport_set_lowat(tls-session, 0); +#endif tls-plain_chars = plain_chars; if (plain_chars) { @@ -574,7 +576,9 @@ struct socket_context *tls_init_client(struct socket_context *socket_ctx, gnutls_transport_set_ptr(tls-session, (gnutls_transport_ptr)tls); gnutls_transport_set_pull_function(tls-session, (gnutls_pull_func)tls_pull); gnutls_transport_set_push_function(tls-session, (gnutls_push_func)tls_push); +#if GNUTLS_VERSION_MAJOR 3 gnutls_transport_set_lowat(tls-session, 0); +#endif tls-tls_detect = false; tls-output_pending = false; diff --git a/source4/lib/tls/tls_tstream.c b/source4/lib/tls/tls_tstream.c index c64b2ea..eb4a6d9 100644 --- a/source4/lib/tls/tls_tstream.c +++ b/source4/lib/tls/tls_tstream.c @@ -1029,7 +1029,9 @@ struct tevent_req *_tstream_tls_connect_send(TALLOC_CTX *mem_ctx, (gnutls_pull_func)tstream_tls_pull_function); gnutls_transport_set_push_function(tlss-tls_session, (gnutls_push_func)tstream_tls_push_function); +#if GNUTLS_VERSION_MAJOR 3 gnutls_transport_set_lowat(tlss-tls_session, 0); +#endif tlss-handshake.req = req; tstream_tls_retry_handshake(state-tls_stream); @@ -1278,7 +1280,9 @@ struct tevent_req *_tstream_tls_accept_send(TALLOC_CTX *mem_ctx, (gnutls_pull_func)tstream_tls_pull_function); gnutls_transport_set_push_function(tlss-tls_session, (gnutls_push_func)tstream_tls_push_function); +#if GNUTLS_VERSION_MAJOR 3 gnutls_transport_set_lowat(tlss-tls_session, 0); +#endif tlss-handshake.req = req; tstream_tls_retry_handshake(state-tls_stream); -- Samba Shared Repository
autobuild: intermittent test failure detected
The autobuild test system has detected an intermittent failing test in the current master tree. The autobuild log of the failure is available here: http://git.samba.org/autobuild.flakey/2011-11-30-2102/flakey.log The samba3 build logs are available here: http://git.samba.org/autobuild.flakey/2011-11-30-2102/samba3.stderr http://git.samba.org/autobuild.flakey/2011-11-30-2102/samba3.stdout The source4 build logs are available here: http://git.samba.org/autobuild.flakey/2011-11-30-2102/samba4.stderr http://git.samba.org/autobuild.flakey/2011-11-30-2102/samba4.stdout The top commit at the time of the failure was: commit 9c4d49863a80ebe6dedd8faeb4bf41270f7ba685 Author: Günther Deschner g...@samba.org Date: Wed Nov 30 16:34:52 2011 +0100 s3-waf: fix the build with CTDB_CONTROL_CHECK_SRVIDS. Volker, Michael, please check. Guenther Autobuild-User: Günther Deschner g...@samba.org Autobuild-Date: Wed Nov 30 18:37:29 CET 2011 on sn-devel-104
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via b638abf s3: Attempt to fix the vfs_commit module from 456c69f s4:lib/tls - call gnutls_transport_set_lowat only on GNUTLS 3.0 http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit b638abf70a3c9b2815344454946c0931295551be Author: Volker Lendecke v...@samba.org Date: Wed Nov 30 18:51:27 2011 +0100 s3: Attempt to fix the vfs_commit module This bug went in in 2007. I wonder how much this module is actually used Autobuild-User: Volker Lendecke vlen...@samba.org Autobuild-Date: Wed Nov 30 21:46:09 CET 2011 on sn-devel-104 --- Summary of changes: source3/modules/vfs_commit.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_commit.c b/source3/modules/vfs_commit.c index 8bd8181..af1f98b 100644 --- a/source3/modules/vfs_commit.c +++ b/source3/modules/vfs_commit.c @@ -235,7 +235,7 @@ static int commit_open( c-eof = st.st_ex_size; } -return 0; +return fd; } static ssize_t commit_write( -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 503aeab selftest: Fix typo in socket wrapper test. via ce359c1 selftest: Drop broken and unused Kvm target. via 454c450 selftest: Don't acquire target when --list was specified. via 91c5bd2 Update ldb API sigs. via 0c8887c Bump ldb version to 1.1.4 after introduction of ldb_module_error. via 83cad86 selftest: Don't generate subunit file when writing subunit to stdout. via 3eb5cf2 selftest: Prevent error about unfinished test command when using --list. via 7c1a884 s4-tests: Use long option names in test list script, to prevent 'eating' --list argument when e.g. is not set. via 928936a testr: Use test lists. via 64cfb79 s4-testlist: Write diagnostic info to stderr, and purely test info to stdout. via 4a9235f selftest: Don't use fancy subunit formatters when generating a test list. via 956733a selftest: Don't write subunit output in --list mode. via 1caa3b8 selftesthelpers: write warnings to stderr rather than stdout. from b638abf s3: Attempt to fix the vfs_commit module http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 503aeabd101bb029e25dda15158df2c8a697c088 Author: Jelmer Vernooij jel...@samba.org Date: Wed Nov 30 22:57:18 2011 +0100 selftest: Fix typo in socket wrapper test. Autobuild-User: Jelmer Vernooij jel...@samba.org Autobuild-Date: Thu Dec 1 00:30:00 CET 2011 on sn-devel-104 commit ce359c14f27c21b0f36ac0ca3078331bbcc7e917 Author: Jelmer Vernooij jel...@samba.org Date: Wed Nov 30 20:42:58 2011 +0100 selftest: Drop broken and unused Kvm target. commit 454c4502f333cedf32e553b649d235e5c6f1dd05 Author: Jelmer Vernooij jel...@samba.org Date: Wed Nov 30 20:42:14 2011 +0100 selftest: Don't acquire target when --list was specified. commit 91c5bd23a76340d9642f7d318bce6ca3f15b2dc9 Author: Jelmer Vernooij jel...@samba.org Date: Wed Nov 30 20:22:47 2011 +0100 Update ldb API sigs. commit 0c8887c1cb1560ed9d85e374c9025c54f02d95aa Author: Jelmer Vernooij jel...@samba.org Date: Wed Nov 30 18:46:31 2011 +0100 Bump ldb version to 1.1.4 after introduction of ldb_module_error. commit 83cad86821b1addd8ec960ca30b5ff83f2e0ab12 Author: Jelmer Vernooij jel...@samba.org Date: Sun Nov 27 21:50:23 2011 +0100 selftest: Don't generate subunit file when writing subunit to stdout. commit 3eb5cf2914de4ab185c91136fc2de115933a4a37 Author: Jelmer Vernooij jel...@samba.org Date: Sun Nov 27 21:07:07 2011 +0100 selftest: Prevent error about unfinished test command when using --list. commit 7c1a88439664d8c19341cecddb428cac918042be Author: Jelmer Vernooij jel...@samba.org Date: Sun Nov 27 21:05:09 2011 +0100 s4-tests: Use long option names in test list script, to prevent 'eating' --list argument when e.g. is not set. commit 928936ae0a6ff8db59762769df13ce7b0c99aedd Author: Jelmer Vernooij jel...@samba.org Date: Sun Nov 27 19:59:01 2011 +0100 testr: Use test lists. commit 64cfb79cd5428bb0bdae5e6a2d5eb4e5d5626725 Author: Jelmer Vernooij jel...@samba.org Date: Sun Nov 27 19:58:30 2011 +0100 s4-testlist: Write diagnostic info to stderr, and purely test info to stdout. commit 4a9235f903cc25628cb4a46aec845763b55c4b26 Author: Jelmer Vernooij jel...@samba.org Date: Sun Nov 27 19:57:53 2011 +0100 selftest: Don't use fancy subunit formatters when generating a test list. commit 956733a0e7b62203c0e7f09d15466f696c498d74 Author: Jelmer Vernooij jel...@samba.org Date: Sun Nov 27 19:53:35 2011 +0100 selftest: Don't write subunit output in --list mode. commit 1caa3b8eaea10c342d0dd60e2bfe43221922e8d3 Author: Jelmer Vernooij jel...@samba.org Date: Sun Nov 27 19:52:57 2011 +0100 selftesthelpers: write warnings to stderr rather than stdout. --- Summary of changes: .testr.conf|3 +- lib/ldb/ABI/{ldb-1.1.2.sigs = ldb-1.1.4.sigs} |0 ...pyldb-util-1.1.2.sigs = pyldb-util-1.1.4.sigs} |0 lib/ldb/wscript|2 +- selftest/selftest.pl | 79 +- selftest/selftesthelpers.py|5 +- selftest/target/Kvm.pm | 162 selftest/wscript | 21 ++-- source4/selftest/tests.py | 80 +- 9 files changed, 95 insertions(+), 257 deletions(-) copy lib/ldb/ABI/{ldb-1.1.2.sigs = ldb-1.1.4.sigs} (100%) copy lib/ldb/ABI/{pyldb-util-1.1.2.sigs = pyldb-util-1.1.4.sigs} (100%) delete mode 100644 selftest/target/Kvm.pm Changeset truncated at 500 lines: diff --git a/.testr.conf b/.testr.conf index e58becd..00d0857 100644 --- a/.testr.conf +++ b/.testr.conf @@ -1,3 +1,4 @@ [DEFAULT]
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 3c4af39 s4-ntvfs: added allow_override check based on use of NT ACL via d1274f7 s4-ntvfs: fixed a unix ACL mapping bug from 503aeab selftest: Fix typo in socket wrapper test. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 3c4af39aa506a25fc6d6753dbe34e4e1c0dd0b43 Author: Andrew Tridgell tri...@samba.org Date: Thu Dec 1 13:40:49 2011 +1100 s4-ntvfs: added allow_override check based on use of NT ACL This disables the posix permission override if the calculated permissions did not come from a NT ACL. Autobuild-User: Andrew Tridgell tri...@samba.org Autobuild-Date: Thu Dec 1 05:14:49 CET 2011 on sn-devel-104 commit d1274f7f6236b47a1c6aa1737b054ed521d31b67 Author: Andrew Tridgell tri...@samba.org Date: Thu Dec 1 12:59:23 2011 +1100 s4-ntvfs: fixed a unix ACL mapping bug the ACL mapping code was incorrectly allowing creation of directories in some situations where it should be denied by the unix permissions --- Summary of changes: source4/ntvfs/posix/pvfs_acl.c | 60 source4/ntvfs/posix/pvfs_mkdir.c | 12 +++--- source4/ntvfs/posix/pvfs_open.c| 16 source4/ntvfs/posix/pvfs_rename.c |5 ++- source4/ntvfs/posix/pvfs_resolve.c |3 ++ source4/ntvfs/posix/pvfs_setfileinfo.c |4 +- source4/ntvfs/posix/pvfs_sys.c | 28 +++--- source4/ntvfs/posix/pvfs_unlink.c |2 +- source4/ntvfs/posix/pvfs_util.c| 15 source4/ntvfs/posix/vfs_posix.h|1 + 10 files changed, 84 insertions(+), 62 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/ntvfs/posix/pvfs_acl.c b/source4/ntvfs/posix/pvfs_acl.c index d040537..810dcdd 100644 --- a/source4/ntvfs/posix/pvfs_acl.c +++ b/source4/ntvfs/posix/pvfs_acl.c @@ -508,32 +508,36 @@ static NTSTATUS pvfs_access_check_unix(struct pvfs_state *pvfs, uint32_t *access_mask) { uid_t uid = geteuid(); - uint32_t max_bits = SEC_RIGHTS_FILE_READ | SEC_FILE_ALL; + uint32_t max_bits = 0; struct security_token *token = req-session_info-security_token; if (pvfs_read_only(pvfs, *access_mask)) { return NT_STATUS_ACCESS_DENIED; } - if (name == NULL || uid == name-st.st_uid) { - max_bits |= SEC_STD_ALL; - } else if (security_token_has_privilege(token, SEC_PRIV_RESTORE)) { - max_bits |= SEC_STD_DELETE; - } - - if (name == NULL || - (name-st.st_mode S_IWOTH) || - ((name-st.st_mode S_IWGRP) -pvfs_group_member(pvfs, name-st.st_gid))) { - max_bits |= SEC_STD_ALL; - } - - if (uwrap_enabled()) { - /* when running with the uid wrapper, files will be created - owned by the ruid, but we may have a different simulated - euid. We need to force the permission bits as though the - files owner matches the euid */ - max_bits |= SEC_STD_ALL; + if (name == NULL) { + max_bits |= SEC_RIGHTS_FILE_ALL | SEC_STD_ALL; + } else if (uid == name-st.st_uid || uwrap_enabled()) { + /* use the IxUSR bits */ + if ((name-st.st_mode S_IWUSR)) { + max_bits |= SEC_RIGHTS_FILE_ALL | SEC_STD_ALL; + } else if ((name-st.st_mode (S_IRUSR | S_IXUSR))) { + max_bits |= SEC_RIGHTS_FILE_READ | SEC_RIGHTS_FILE_EXECUTE | SEC_STD_ALL; + } + } else if (pvfs_group_member(pvfs, name-st.st_gid)) { + /* use the IxGRP bits */ + if ((name-st.st_mode S_IWGRP)) { + max_bits |= SEC_RIGHTS_FILE_ALL | SEC_STD_ALL; + } else if ((name-st.st_mode (S_IRGRP | S_IXGRP))) { + max_bits |= SEC_RIGHTS_FILE_READ | SEC_RIGHTS_FILE_EXECUTE | SEC_STD_ALL; + } + } else { + /* use the IxOTH bits */ + if ((name-st.st_mode S_IWOTH)) { + max_bits |= SEC_RIGHTS_FILE_ALL | SEC_STD_ALL; + } else if ((name-st.st_mode (S_IROTH | S_IXOTH))) { + max_bits |= SEC_RIGHTS_FILE_READ | SEC_RIGHTS_FILE_EXECUTE | SEC_STD_ALL; + } } if (*access_mask SEC_FLAG_MAXIMUM_ALLOWED) { @@ -556,7 +560,7 @@ static NTSTATUS pvfs_access_check_unix(struct pvfs_state *pvfs, } if (*access_mask ~max_bits) { - DEBUG(0,(__location__ denied access to '%s' - wanted 0x%08x but got 0x%08x (missing 0x%08x)\n, + DEBUG(5,(__location__ denied access to '%s' - wanted 0x%08x but got 0x%08x