[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 7c0277c librpc: Fix blank line endings
via 816e68f libndr: Fix ndr_print_bitmap_flag for value=0
via 9ac3286 librpc: return a ndr_pull_error instead of just
NDR_ERR_NDR64 when upper bits of 64 bit value are not 0
from 280f21a net: allow net idmap get ranges to list all ranges
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 7c0277c923443402b8a292fd3b3b1faba1da6dd5
Author: Volker Lendecke v...@samba.org
Date: Sat Sep 14 13:44:54 2013 +0200
librpc: Fix blank line endings
Signed-off-by: Volker Lendecke v...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Wed Oct 2 15:02:07 CEST 2013 on sn-devel-104
commit 816e68f94fe500b9d68fd29021d432b84d3139b7
Author: Volker Lendecke v...@samba.org
Date: Sat Sep 14 13:43:03 2013 +0200
libndr: Fix ndr_print_bitmap_flag for value=0
Don't endlessly loop
Signed-off-by: Volker Lendecke v...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
commit 9ac32866db2c4244d867093e2594347f4707313f
Author: Matthieu Patou m...@matws.net
Date: Sun Sep 22 17:17:16 2013 -0700
librpc: return a ndr_pull_error instead of just NDR_ERR_NDR64 when upper
bits of 64 bit value are not 0
Signed-off-by: Matthieu Patou m...@matws.net
Signed-off-by: Stefan Metzmacher me...@samba.org
---
Summary of changes:
librpc/ndr/ndr_basic.c | 23 ++-
1 files changed, 14 insertions(+), 9 deletions(-)
Changeset truncated at 500 lines:
diff --git a/librpc/ndr/ndr_basic.c b/librpc/ndr/ndr_basic.c
index 5c653c8..ae5af7a 100644
--- a/librpc/ndr/ndr_basic.c
+++ b/librpc/ndr/ndr_basic.c
@@ -1,20 +1,20 @@
-/*
+/*
Unix SMB/CIFS implementation.
routines for marshalling/unmarshalling basic types
Copyright (C) Andrew Tridgell 2003
-
+
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
-
+
You should have received a copy of the GNU General Public License
along with this program. If not, see http://www.gnu.org/licenses/.
*/
@@ -169,7 +169,8 @@ _PUBLIC_ enum ndr_err_code ndr_pull_uint3264(struct
ndr_pull *ndr, int ndr_flags
if (unlikely(v64 != *v)) {
DEBUG(0,(__location__ : non-zero upper 32 bits 0x%016llx\n,
(unsigned long long)v64));
- return NDR_ERR_NDR64;
+ return ndr_pull_error(ndr, NDR_ERR_NDR64, __location__ :
non-zero upper 32 bits 0x%016llx\n,
+(unsigned long long)v64);
}
return err;
}
@@ -1004,7 +1005,7 @@ _PUBLIC_ void ndr_print_null(struct ndr_print *ndr)
ndr-print(ndr, UNEXPECTED NULL POINTER);
}
-_PUBLIC_ void ndr_print_enum(struct ndr_print *ndr, const char *name, const
char *type,
+_PUBLIC_ void ndr_print_enum(struct ndr_print *ndr, const char *name, const
char *type,
const char *val, uint32_t value)
{
if (ndr-flags LIBNDR_PRINT_ARRAY_HEX) {
@@ -1019,10 +1020,14 @@ _PUBLIC_ void ndr_print_bitmap_flag(struct ndr_print
*ndr, size_t size, const ch
/* this is an attempt to support multi-bit bitmap masks */
value = flag;
+ if (value == 0) {
+ return;
+ }
+
while (!(flag 1)) {
flag = 1;
value = 1;
- }
+ }
if (flag == 1) {
ndr-print(ndr,%d: %-25s, value, flag_name);
} else {
@@ -1160,7 +1165,7 @@ _PUBLIC_ void ndr_print_bad_level(struct ndr_print *ndr,
const char *name, uint1
ndr-print(ndr, UNKNOWN LEVEL %u, level);
}
-_PUBLIC_ void ndr_print_array_uint8(struct ndr_print *ndr, const char *name,
+_PUBLIC_ void ndr_print_array_uint8(struct ndr_print *ndr, const char *name,
const uint8_t *data, uint32_t count)
{
int i;
@@ -1195,7 +1200,7 @@ _PUBLIC_ void ndr_print_array_uint8(struct ndr_print
*ndr, const char *name,
free(idx);
}
}
- ndr-depth--;
+ ndr-depth--;
#undef _ONELINE_LIMIT
}
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via c3a5fec smbd:smb2: fix error code when the header says the request
is signed but we don't have a sesseion
via 4a7b792 s3:smb2_server: don't rely on the SMB2_HDR_FLAG_SIGNED if
signing is required
from 7c0277c librpc: Fix blank line endings
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit c3a5fecdc1ff0320f4979fa21aa636aacaac8abe
Author: Michael Adam ob...@samba.org
Date: Wed Sep 25 23:18:56 2013 +0200
smbd:smb2: fix error code when the header says the request is signed but we
don't have a sesseion
I.e. when the request is a session setup.
We replied with ACCESS_DENIED, but windows expects USER_SESSION_DELETED
Signed-off-by: Michael Adam ob...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Wed Oct 2 22:07:44 CEST 2013 on sn-devel-104
commit 4a7b792bc6d463a3aa4e1150a271ed6b929276cc
Author: Stefan Metzmacher me...@samba.org
Date: Mon Sep 23 20:51:30 2013 +0200
s3:smb2_server: don't rely on the SMB2_HDR_FLAG_SIGNED if signing is
required
Windows (at least the test suites) may skip the SMB2_HDR_FLAG_SIGNED
in a reauth session setup, but still provide a valid signature.
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Michael Adam ob...@samba.org
---
Summary of changes:
source3/smbd/smb2_server.c |4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/smbd/smb2_server.c b/source3/smbd/smb2_server.c
index b031c6d..1bebee1 100644
--- a/source3/smbd/smb2_server.c
+++ b/source3/smbd/smb2_server.c
@@ -1993,12 +1993,12 @@ NTSTATUS smbd_smb2_request_dispatch(struct
smbd_smb2_request *req)
if (req-do_encryption) {
signing_required = false;
- } else if (flags SMB2_HDR_FLAG_SIGNED) {
+ } else if (signing_required || (flags SMB2_HDR_FLAG_SIGNED)) {
DATA_BLOB signing_key;
if (x == NULL) {
return smbd_smb2_request_error(
- req, NT_STATUS_ACCESS_DENIED);
+ req, NT_STATUS_USER_SESSION_DELETED);
}
signing_key = x-global-channels[0].signing_key;
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-1-test updated
The branch, v4-1-test has been updated via 76c4a51 Merge tag 'samba-4.1.0rc4' into v4-1-test via fcf3fd6 VERSION: Disable git snapshots for the 4.1.0rc4 release. via 6a03c81 VERSION: Disable git snapshots for the 4.1.0rc3 release. via d9517d5 WHATSNEW: Update changes since 4.1.0rc2. from 7160446 VERSION: Bump version up to 4.1.0rc5... http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-1-test - Log - commit 76c4a517ad433aa87c62b7edd7c91a119928a9c4 Merge: 7160446d332dbc5f881fdd122eea8f0d87184fcd fcf3fd6478090e7bebb65d142edbd097ab260fc4 Author: Stefan Metzmacher me...@samba.org Date: Fri Sep 27 12:50:45 2013 +0200 Merge tag 'samba-4.1.0rc4' into v4-1-test samba: tag release samba-4.1.0rc4 --- Summary of changes: Changeset truncated at 500 lines: -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 89200c2 dsdb: Convert the full string from UTF16 to UTF8, including embedded NULLs from fc486d8 s4-openldap: Restored openldap-related options to the provision script http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 89200c227f36a063612eb38927ac8dee18e044d5 Author: Andrew Bartlett abart...@samba.org Date: Tue Sep 24 10:18:36 2013 -0700 dsdb: Convert the full string from UTF16 to UTF8, including embedded NULLs Bug: https://bugzilla.samba.org/show_bug.cgi?id=8077 Note that this doesn't fix the userParameters problem completely, but it doesn't truncate the userParameters value anymore. Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Thu Sep 26 22:05:12 CEST 2013 on sn-devel-104 --- Summary of changes: source4/dsdb/schema/schema_syntax.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/dsdb/schema/schema_syntax.c b/source4/dsdb/schema/schema_syntax.c index f7176cd..c2e0208 100644 --- a/source4/dsdb/schema/schema_syntax.c +++ b/source4/dsdb/schema/schema_syntax.c @@ -1529,7 +1529,7 @@ static WERROR dsdb_syntax_UNICODE_drsuapi_to_ldb(const struct dsdb_syntax_ctx *c return WERR_FOOBAR; } - out-values[i] = data_blob_string_const(str); + out-values[i] = data_blob_const(str, converted_size); } return WERR_OK; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 167e2f2 pidl: Generate wireshark that conforms to the rules of
Wireshark project
via 00dc30a pidl: Generate NDR64/NDR32 aware code for the wireshark
dissectors
via 26c1c15 idl: fix frsrpc idl with NDR64 fields
via aa5b369 idl: remove duplicate flag
via fc11bab frstrans.idl: add flag(NDR_PAHEX) to frstrans_BytePipe
via 51d8eba drsuapi.idl: change the range for attribute values to
26214400 bytes.
via c18c6c9 librpc/ndr: make use of ndr_dump_data() in
ndr_print_array_uint8()
via 3d3e8b5 librpc/ndr: make ndr_pull/push_DATA_BLOB NDR64 aware
from 4f69b58 s4:torture:ldap: Fix misleading output
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 167e2f2b5543008e02613dcd56e36f7326912cdb
Author: Matthieu Patou m...@matws.net
Date: Sun Sep 22 22:23:51 2013 -0700
pidl: Generate wireshark that conforms to the rules of Wireshark project
Signed-off-by: Matthieu Patou m...@matws.net
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Tue Sep 24 02:04:05 CEST 2013 on sn-devel-104
commit 00dc30a9ffafbd2bbf8041e81b443e9eb73f9dcf
Author: Matthieu Patou m...@matws.net
Date: Sun Sep 22 22:10:10 2013 -0700
pidl: Generate NDR64/NDR32 aware code for the wireshark dissectors
Signed-off-by: Matthieu Patou m...@matws.net
Pair-Programmed-With: Stefan Metzmacher me...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
commit 26c1c15da45ce3b024498c85fe8f5ebef0e6b9d2
Author: Matthieu Patou m...@matws.net
Date: Sun Sep 22 19:50:10 2013 -0700
idl: fix frsrpc idl with NDR64 fields
Signed-off-by: Matthieu Patou m...@matws.net
Pair-Programmed-With: Stefan Metzmacher me...@samba.org
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
commit aa5b3697346710138852b32d6fa479a75b371049
Author: Matthieu Patou m...@matws.net
Date: Sun Sep 22 18:29:56 2013 -0700
idl: remove duplicate flag
Signed-off-by: Matthieu Patou m...@matws.net
Reviewed-by: Stefan Metzmacher me...@samba.org
commit fc11bab20b8ba9548808d60c108fb81096aaffe3
Author: Stefan Metzmacher me...@samba.org
Date: Mon Sep 23 08:09:37 2013 +0200
frstrans.idl: add flag(NDR_PAHEX) to frstrans_BytePipe
That way we get hexdump -C style output for the content of the pipe chunks.
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Matthieu Patou m...@matws.net
commit 51d8eba8417c58c2ade30d58a838441008209542
Author: Stefan Metzmacher me...@samba.org
Date: Mon Sep 23 08:05:41 2013 +0200
drsuapi.idl: change the range for attribute values to 26214400 bytes.
This matches the IDL from [MS-DRSR].
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Matthieu Patou m...@matws.net
commit c18c6c9fb53a84e587f5ed951e47a1bb5f53a30e
Author: Stefan Metzmacher me...@samba.org
Date: Mon Sep 23 07:39:43 2013 +0200
librpc/ndr: make use of ndr_dump_data() in ndr_print_array_uint8()
It's much easier to look at hexdump -C style output than
a few thousand lines with 1 byte each.
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Matthieu Patou m...@matws.net
commit 3d3e8b53bf78c6ab442682b9fe22c902b9c45d73
Author: Stefan Metzmacher me...@samba.org
Date: Mon Sep 23 07:20:00 2013 +0200
librpc/ndr: make ndr_pull/push_DATA_BLOB NDR64 aware
Pair-Programmed-With: Matthieu Patou m...@matws.net
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Matthieu Patou m...@matws.net
---
Summary of changes:
librpc/idl/drsuapi.idl |2 +-
librpc/idl/frsrpc.idl|5 ++---
librpc/idl/frstrans.idl |2 +-
librpc/ndr/ndr_basic.c | 21 +++--
pidl/lib/Parse/Pidl/Wireshark/NDR.pm | 16
5 files changed, 31 insertions(+), 15 deletions(-)
Changeset truncated at 500 lines:
diff --git a/librpc/idl/drsuapi.idl b/librpc/idl/drsuapi.idl
index ed85205..063d135 100644
--- a/librpc/idl/drsuapi.idl
+++ b/librpc/idl/drsuapi.idl
@@ -546,7 +546,7 @@ interface drsuapi
/* Generic DATA_BLOB values */
typedef struct {
- [range(0,10485760),value(ndr_size_DATA_BLOB(0,blob,0))] uint32
__ndr_size;
+ [range(0,26214400),value(ndr_size_DATA_BLOB(0,blob,0))] uint32
__ndr_size;
DATA_BLOB *blob;
} drsuapi_DsAttributeValue;
diff --git a/librpc/idl/frsrpc.idl b/librpc/idl/frsrpc.idl
index fcc3119..a235702 100644
--- a/librpc/idl/frsrpc.idl
+++ b/librpc/idl/frsrpc.idl
@@ -43,7 +43,6 @@ interface frsrpc
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via af290a0 libcli/smb: fix non mendatory signing against some vendor
SMB2 servers.
via 1d54d8c libcli/smb: use SMB1 MID=0 for the initial Negprot
from 6ed5b1c Cleanup map return codes
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit af290a03cef63c3b08446c1980de064a3b1c8804
Author: Stefan Metzmacher me...@samba.org
Date: Tue Sep 17 04:12:30 2013 +0200
libcli/smb: fix non mendatory signing against some vendor SMB2 servers.
Windows and Samba always sign the final session setup response
even if signing is not mendatory, but it ensures that the signing
key is correctly in place.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10146
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Jeremy Allison j...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Tue Sep 17 09:40:10 CEST 2013 on sn-devel-104
commit 1d54d8c501afa151b6cc07b98a14caae2b31ec65
Author: Stefan Metzmacher me...@samba.org
Date: Tue Sep 17 04:09:03 2013 +0200
libcli/smb: use SMB1 MID=0 for the initial Negprot
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10144
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Jeremy Allison j...@samba.org
---
Summary of changes:
libcli/smb/smbXcli_base.c | 19 ++-
1 files changed, 18 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c
index 7176e8f..f59f1f7 100644
--- a/libcli/smb/smbXcli_base.c
+++ b/libcli/smb/smbXcli_base.c
@@ -737,6 +737,14 @@ static uint16_t smb1cli_alloc_mid(struct smbXcli_conn
*conn)
size_t num_pending = talloc_array_length(conn-pending);
uint16_t result;
+ if (conn-protocol == PROTOCOL_NONE) {
+ /*
+* This is what windows sends on the SMB1 Negprot request
+* and some vendors reuse the SMB1 MID as SMB2 sequence number.
+*/
+ return 0;
+ }
+
while (true) {
size_t i;
@@ -4835,7 +4843,16 @@ NTSTATUS smb2cli_session_set_session_key(struct
smbXcli_session *session,
session-conn-protocol,
recv_iov, 3);
if (!NT_STATUS_IS_OK(status)) {
- return status;
+ /*
+* Sadly some vendors don't sign the
+* final SMB2 session setup response
+*
+* At least Windows and Samba are always doing this
+* if there's a session key available.
+*/
+ if (conn-mandatory_signing) {
+ return status;
+ }
}
session-smb2-should_sign = false;
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 1c41feb s3: libsmb : The short name length is only a one byte field.
from af290a0 libcli/smb: fix non mendatory signing against some vendor
SMB2 servers.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 1c41feb7893ae4a4f42c035f3c83f8b2950b7816
Author: Jeremy Allison j...@samba.org
Date: Mon Sep 16 19:16:52 2013 -0700
s3: libsmb : The short name length is only a one byte field.
The next byte is undefined and some vendors set this to 0xff
(discovered in SNIA SDC lab tests).
Signed-off-by: Jeremy Allison j...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Tue Sep 17 12:27:18 CEST 2013 on sn-devel-104
---
Summary of changes:
source3/libsmb/cli_smb2_fnum.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/libsmb/cli_smb2_fnum.c b/source3/libsmb/cli_smb2_fnum.c
index 18b03f3..3253f9d 100644
--- a/source3/libsmb/cli_smb2_fnum.c
+++ b/source3/libsmb/cli_smb2_fnum.c
@@ -412,7 +412,7 @@ static NTSTATUS parse_finfo_id_both_directory_info(uint8_t
*dir_data,
if (namelen (dir_data_length - 104)) {
return NT_STATUS_INFO_LENGTH_MISMATCH;
}
- slen = SVAL(dir_data + 68, 0);
+ slen = CVAL(dir_data + 68, 0);
if (slen 24) {
return NT_STATUS_INFO_LENGTH_MISMATCH;
}
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 4879d08 libcli/smb: only check the SMB2 session setup signature if
required and valid
from 17a9a0f s3: libsmb : Bug 10150 - Not all OEM servers support the
ALTNAME info level.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 4879d0810a2ad741e32ad174a7a14cd35521aeaf
Author: Stefan Metzmacher me...@samba.org
Date: Wed Sep 18 02:24:30 2013 +0200
libcli/smb: only check the SMB2 session setup signature if required and
valid
This is an update to commit af290a03cef63c3b08446c1980de064a3b1c8804
that skips the scary debug messages.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10146
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Jeremy Allison j...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Wed Sep 18 04:46:00 CEST 2013 on sn-devel-104
---
Summary of changes:
libcli/smb/smbXcli_base.c | 26 +-
1 files changed, 21 insertions(+), 5 deletions(-)
Changeset truncated at 500 lines:
diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c
index f59f1f7..27ac2a8 100644
--- a/libcli/smb/smbXcli_base.c
+++ b/libcli/smb/smbXcli_base.c
@@ -4742,12 +4742,18 @@ NTSTATUS smb2cli_session_set_session_key(struct
smbXcli_session *session,
struct smbXcli_conn *conn = session-conn;
uint16_t no_sign_flags;
uint8_t session_key[16];
+ bool check_signature = true;
+ uint32_t hdr_flags;
NTSTATUS status;
if (conn == NULL) {
return NT_STATUS_INVALID_PARAMETER_MIX;
}
+ if (recv_iov[0].iov_len != SMB2_HDR_BODY) {
+ return NT_STATUS_INVALID_PARAMETER_MIX;
+ }
+
no_sign_flags = SMB2_SESSION_FLAG_IS_GUEST | SMB2_SESSION_FLAG_IS_NULL;
if (session-smb2-session_flags no_sign_flags) {
@@ -4839,18 +4845,28 @@ NTSTATUS smb2cli_session_set_session_key(struct
smbXcli_session *session,
return NT_STATUS_NO_MEMORY;
}
- status = smb2_signing_check_pdu(session-smb2_channel.signing_key,
- session-conn-protocol,
- recv_iov, 3);
- if (!NT_STATUS_IS_OK(status)) {
+ check_signature = conn-mandatory_signing;
+
+ hdr_flags = IVAL(recv_iov[0].iov_base, SMB2_HDR_FLAGS);
+ if (hdr_flags SMB2_HDR_FLAG_SIGNED) {
/*
* Sadly some vendors don't sign the
* final SMB2 session setup response
*
* At least Windows and Samba are always doing this
* if there's a session key available.
+*
+* We only check the signature if it's mandatory
+* or SMB2_HDR_FLAG_SIGNED is provided.
*/
- if (conn-mandatory_signing) {
+ check_signature = true;
+ }
+
+ if (check_signature) {
+ status =
smb2_signing_check_pdu(session-smb2_channel.signing_key,
+ session-conn-protocol,
+ recv_iov, 3);
+ if (!NT_STATUS_IS_OK(status)) {
return status;
}
}
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via ef830f7 samba-tool domain join: Set server role correctly to active directory domain controller via f75dc8f s4-rpc_server/drsuapi: Print ldb error showing why we failed to perform the access check via 1d92d5b samba-tool domian join: Only print adminpass warning on subdomain creation via 84dc9f8 samba-tool domain join: Add --quite and --verbose via 35e56d2 dsdb: Use dsdb_next_callback() rather than a no-op per-module callback via 650eca0 join.py: Restore support for joining as a subdomain via 0de dsdb: Add DSDB_SEARCH_ONE_ONLY support to dsdb_module_search*() via 3af4f03 join.py: Handle more error cases with useful exceptions via a5e4c45 samba-tool domain join subdomain: Set reveal_internals:0 control so we can see the ncName via 347b2c6 ldb: Show the type of failing operation in default error message via bbeca62 join.py: Show which database we failed to find the DN on (clarify local v remote) via ccb1beb join.py: Handle exceptions when looking for GUID in a DN from 20999fc tdb: Fix some typos in comments. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit ef830f7e7107cd5287903d83519588c9d31b526f Author: Andrew Bartlett abart...@samba.org Date: Mon Sep 9 12:15:36 2013 +1200 samba-tool domain join: Set server role correctly to active directory domain controller We changed the magic string when we reworked the list of server roles. Andrew Bartlett Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Mon Sep 16 23:33:41 CEST 2013 on sn-devel-104 commit f75dc8f4a54581ed207e7caa2e52211ea24e3554 Author: Andrew Bartlett abart...@samba.org Date: Mon Sep 9 09:57:27 2013 +1200 s4-rpc_server/drsuapi: Print ldb error showing why we failed to perform the access check Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 1d92d5b19b36ddf15a70e3110caabfe06ba78619 Author: Andrew Bartlett abart...@samba.org Date: Mon Sep 9 09:56:58 2013 +1200 samba-tool domian join: Only print adminpass warning on subdomain creation Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 84dc9f8cc17d49bef5b9c37fd818c7599bf5897a Author: Andrew Bartlett abart...@samba.org Date: Mon Sep 9 09:53:37 2013 +1200 samba-tool domain join: Add --quite and --verbose This means we now use logger consistently between doimin join, domain dcpromo and domain provision. Andrew Bartlett Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 35e56d2b71b1dcd906baa70509ec50af39504b5a Author: Andrew Bartlett abart...@samba.org Date: Fri Sep 6 15:46:36 2013 +1200 dsdb: Use dsdb_next_callback() rather than a no-op per-module callback Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 650eca0e061c731614b5fa49756872d11b7b67f0 Author: Andrew Bartlett abart...@samba.org Date: Fri Sep 6 15:46:05 2013 +1200 join.py: Restore support for joining as a subdomain This set of patches fixes up the errors that were introduced into the partial support during the past couple of years. Andrew Bartlett Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 0dee04e2e3aecd82ed4cf887f9e36dd4962d Author: Andrew Bartlett abart...@samba.org Date: Fri Sep 6 15:39:50 2013 +1200 dsdb: Add DSDB_SEARCH_ONE_ONLY support to dsdb_module_search*() Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 3af4f0377e1ff8b23d415bc4b241bf8cb83c130c Author: Andrew Bartlett abart...@samba.org Date: Fri Sep 6 15:38:36 2013 +1200 join.py: Handle more error cases with useful exceptions This will help track down strange failures in the future. Andrew Bartlett Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit a5e4c4520af9f7a99aac4117d1225c85b891554d Author: Andrew Bartlett abart...@samba.org Date: Mon Sep 16 10:23:07 2013 -0700 samba-tool domain join subdomain: Set reveal_internals:0 control so we can see the ncName The issue here is that we create the ncName remotely with DsAddEntry, and then replicate it back. However, at this point the naming context pointed at by the ncName does not exist! The issue is that the extended_dn_out module then hides the link, because it points to a missing object
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 6ef3c98 docs-xml: document SMB3_02 as available protocol for the client side via 4912378 s3:torture: add PROTOCOL_SMB3_02 handling via 66d3064 lib/param: add PROTOCOL_SMB3_02 handling via f8b3c71 libcli/smb: negotiate SMB3_DIALECT_REVISION_302 if PROTOCOL_SMB3_02 is requested via 80623b8 libcli/smb: add PROTOCOL_SMB3_02 via 4a401d6 libcli/smb: add SMB3_DIALECT_REVISION_302 from 4dacaef dsdb: Use credentials.get_forced_sasl_mech() http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 6ef3c98ade76e361d210366a0fe79fc3b66e63be Author: Stefan Metzmacher me...@samba.org Date: Sun Sep 15 17:09:35 2013 +0200 docs-xml: document SMB3_02 as available protocol for the client side Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Michael Adam ob...@samba.org Reviewed-by: Jeremy Allison j...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Tue Sep 17 05:55:04 CEST 2013 on sn-devel-104 commit 491237840269943550bb0189c19a460d7a3cf0e7 Author: Stefan Metzmacher me...@samba.org Date: Fri Sep 13 11:28:03 2013 +0200 s3:torture: add PROTOCOL_SMB3_02 handling Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Michael Adam ob...@samba.org Reviewed-by: Jeremy Allison j...@samba.org commit 66d306491bbd7e07e504c5d246498c1f748a Author: Stefan Metzmacher me...@samba.org Date: Fri Sep 13 11:27:39 2013 +0200 lib/param: add PROTOCOL_SMB3_02 handling Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Michael Adam ob...@samba.org Reviewed-by: Jeremy Allison j...@samba.org commit f8b3c712f0dcb635bb750ebd218df77eeb584940 Author: Stefan Metzmacher me...@samba.org Date: Fri Sep 13 11:27:01 2013 +0200 libcli/smb: negotiate SMB3_DIALECT_REVISION_302 if PROTOCOL_SMB3_02 is requested Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Michael Adam ob...@samba.org Reviewed-by: Jeremy Allison j...@samba.org commit 80623b8593700eb9b14e6d50b5687cc7d37de764 Author: Stefan Metzmacher me...@samba.org Date: Fri Sep 13 11:26:20 2013 +0200 libcli/smb: add PROTOCOL_SMB3_02 Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Michael Adam ob...@samba.org Reviewed-by: Jeremy Allison j...@samba.org commit 4a401d6fccfe75c34047427226bb1004e83a6563 Author: Stefan Metzmacher me...@samba.org Date: Fri Sep 13 11:25:42 2013 +0200 libcli/smb: add SMB3_DIALECT_REVISION_302 Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Michael Adam ob...@samba.org Reviewed-by: Jeremy Allison j...@samba.org --- Summary of changes: docs-xml/manpages/smb.conf.5.xml |2 +- docs-xml/smbdotconf/protocol/clientmaxprotocol.xml |3 +++ lib/param/param_table.c|1 + libcli/smb/smb2_constants.h|1 + libcli/smb/smbXcli_base.c |1 + libcli/smb/smb_constants.h |5 +++-- source3/torture/test_smb2.c|3 +++ 7 files changed, 13 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/manpages/smb.conf.5.xml b/docs-xml/manpages/smb.conf.5.xml index 975d105..399e996 100644 --- a/docs-xml/manpages/smb.conf.5.xml +++ b/docs-xml/manpages/smb.conf.5.xml @@ -471,7 +471,7 @@ chmod 1770 /usr/local/samba/lib/usershares varlistentry term%R/term listitemparathe selected protocol level after protocol negotiation. It can be one of CORE, COREPLUS, - LANMAN1, LANMAN2, NT1, SMB2_02, SMB2_10, SMB2_22, SMB2_24, SMB3_00 or SMB2_FF./para/listitem + LANMAN1, LANMAN2, NT1, SMB2_02, SMB2_10, SMB2_22, SMB2_24, SMB3_00, SMB3_02 or SMB2_FF./para/listitem /varlistentry varlistentry diff --git a/docs-xml/smbdotconf/protocol/clientmaxprotocol.xml b/docs-xml/smbdotconf/protocol/clientmaxprotocol.xml index 06fda5a..c7a9fd1 100644 --- a/docs-xml/smbdotconf/protocol/clientmaxprotocol.xml +++ b/docs-xml/smbdotconf/protocol/clientmaxprotocol.xml @@ -60,6 +60,9 @@ listitem paraconstantSMB3_00/constant: Windows 8 SMB3 version. (mostly the same as SMB2_24)/para /listitem + listitem + paraconstantSMB3_02/constant: Windows 8.1 SMB3 version./para + /listitem /itemizedlist paraBy default SMB3 selects the SMB3_00 variant./para /listitem diff --git a/lib/param/param_table.c b/lib/param/param_table.c index 7b32998..10cf046 100644 --- a/lib/param/param_table.c +++ b/lib
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 0af09f0 ldb: Do not build libldb-cmdline when using system ldb.
from b8100af gencache: Avoid a duplicate call to string_term_tdb_data
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 0af09f0179c024099e0776d3794f4b3d7fb3f6f6
Author: Jeroen Dekkers jer...@dekkers.ch
Date: Mon Sep 9 00:42:39 2013 +0200
ldb: Do not build libldb-cmdline when using system ldb.
Cleanup leftover include and linking of libldb-cmdline in
oLschema2ldif. Do not build libldb-cmdline anymore when using the
system ldb, oLschema2ldif was the only reason for building
libldb-cmdline.
Signed-off-by: Jeroen Dekkers jer...@dekkers.ch
Reviewed-by: Andreas Schneider a...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Tue Sep 10 12:52:26 CEST 2013 on sn-devel-104
---
Summary of changes:
lib/ldb/wscript |8
source4/utils/oLschema2ldif.c |1 -
source4/utils/wscript_build |2 +-
3 files changed, 5 insertions(+), 6 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/ldb/wscript b/lib/ldb/wscript
index f5647b1..071038c 100755
--- a/lib/ldb/wscript
+++ b/lib/ldb/wscript
@@ -257,10 +257,10 @@ def build(bld):
bld.SAMBA_BINARY('ldbdump', 'tools/ldbdump.c', deps='ldb-cmdline ldb',
install=False)
-bld.SAMBA_LIBRARY('ldb-cmdline',
- source='tools/ldbutil.c tools/cmdline.c',
- deps='ldb dl popt',
- private_library=True)
+bld.SAMBA_LIBRARY('ldb-cmdline',
+ source='tools/ldbutil.c tools/cmdline.c',
+ deps='ldb dl popt',
+ private_library=True)
def test(ctx):
diff --git a/source4/utils/oLschema2ldif.c b/source4/utils/oLschema2ldif.c
index be86daa..bcdf570 100644
--- a/source4/utils/oLschema2ldif.c
+++ b/source4/utils/oLschema2ldif.c
@@ -33,7 +33,6 @@
#include includes.h
#include ldb.h
-#include tools/cmdline.h
#include dsdb/samdb/samdb.h
#include ../lib/crypto/sha256.h
#include ../librpc/gen_ndr/ndr_misc.h
diff --git a/source4/utils/wscript_build b/source4/utils/wscript_build
index a5217b3..046e237 100644
--- a/source4/utils/wscript_build
+++ b/source4/utils/wscript_build
@@ -14,6 +14,6 @@ bld.SAMBA_BINARY('ntlm_auth4',
bld.SAMBA_BINARY('oLschema2ldif',
source='oLschema2ldif.c',
manpages='man/oLschema2ldif.1',
- deps='ldb-cmdline samdb POPT_SAMBA'
+ deps='samdb POPT_SAMBA'
)
--
Samba Shared Repository
[SCM] Samba Shared Repository - annotated tag talloc-2.1.0 created
The annotated tag, talloc-2.1.0 has been created at 3be5ea3325aa68d75510640ac90a8ad1c5cbfbd4 (tag) tagging 256d10f5792a37d20cbb45f2af3f8578bd354110 (commit) replaces tevent-0.9.19 tagged by Stefan Metzmacher on Sun Sep 8 16:48:15 2013 +0200 - Log - talloc: tag release talloc-2.1.0 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQEcBAABAgAGBQJSLI4vAAoJEEeTkWETCEAlLGQIAMPYK++eJ4CIDSoP/JaNe78Q NSdwmi2VCqEhH5CMzntL9IOMX8nUzbTIxdd0qVVoO2J9YdmfD85PU4VzyRtT9QWK A8uFAPtdr9TN71QMezEz0yFRKOTrehv1EfO1MmS83rtox8t0D/MVvvA07F+IpiSg iCFnTt9gdWWjCrXQ2xSBi1nMA1UyjBrlIZL7tXgE8QtAMW7QEstvHQIkkczIxLC+ rW4PGyRx0bxTshN7+4t/+4bQ8rloygvYYn7k/Rydzs05FQp3YOsGjXwld44sqD3g yl42+X87aNaxfNeiJqS4I5sXFDtIZUWnksq+6/mrQKpvYofXVduN4ZxF1Z0BERc= =Yhld -END PGP SIGNATURE- Abhidnya Joshi (1): s3: fix missing braces in nfs4_acls.c Anand Avati (1): vfs_glusterfs: Implement proper mashalling/unmarshalling of ACLs Andreas Schneider (6): s3-libads: Print a message if no realm has been specified. libcli: Add security_token_system_privilege(). s3-rpc_server: Grant the system token full access. s3-netlogon: Connecting with the system token should be sufficient. s3-winbind: Fix a segfault passing NULL to a fstring argument. Followup patch for BUG: https://bugzilla.samba.org/show_bug.cgi?id=10082 Andrew Bartlett (8): dfs_server: Use dsdb_search_one to catch 0 results as well as NO_SUCH_OBJECT errors provision: Rewrite named.txt to be more useful scripting/join.py: Handle creating the dns-NAME account during a DC join scripting/samba_upgradedns: Tighten up exception and attribute list handling selftest: Test creation of the dns-SERVER account during selftest selftest: Start internal DNS server on domain provisioned for BIND9_DLZ selftest: Add a basic test of samba_upgradedns torture: Ensure that GSSAPI and SPNEGO packets are accepted by dlz_bind9 Christian Ambach (5): s3:lib/system fix build on AIX 7 waf: fix build on AIX7 waf: add --without-gettext option waf: consolidate libintl related checks waf: replace dependency to libintl with samba_intl Christof Schmitt (3): FSCTL_GET_SHADOW_COPY_DATA: Initialize output array to zero FSCTL_GET_SHADOW_COPY_DATA: Don't return 4 extra bytes at end doc: Fix prefix parameter name in vfs_full_audit man page Christopher R. Hertel (1): vfs_glusterfs: Fix excessive debug output from vfs_gluster_open(). David Disseldorp (9): torture: split out ioctl test file creation helper lib: add FSCTL_[GET/SET]_COMPRESSION constants torture: add smb2 FSCTL_[GET/SET]_COMPRESSION test torture: extend FSCTL_[GET/SET]_COMPRESSION tests torture: check for filesystem compression capability torture: add compressed file attribute ioctl test torture: add file_attribs arg to file create helper torture: add more [no-]compress-on-open ioctl tests torture: support Windows 2k8 response for compress_invalid_buf Gregor Beck (2): security.idl: add new security_secinfo bits Fix bug 9678 - Windows 8 Roaming profiles fail Günther Deschner (37): s3-libads: Fail create_local_private_krb5_conf_for_domain() if parameters missing. s3-net: pass down ndr_interface_table to connect_dst_pipe(). s3-rpc_cli: remove prototype of nonexisting cli_rpc_pipe_open_krb5(). s3-libnetapi: pass down ndr_interface_table to libnetapi_get_binding_handle(). s3-libnetapi: pass down ndr_interface_table to libnetapi_open_pipe(). s3-libnetapi: pass down ndr_interface_table to pipe_cm() and friends. s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_open_ncalrpc(). s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_open_interface(). s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open_schannel(). s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open_ntlmssp_auth_schannel(). s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open_schannel_with_key(). s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open_noauth(). s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open_noauth_transport(). s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open(). s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_open_np(). s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_open_tcp(). s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_get_tcp_port(). s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_open_tcp_port(). s3-rpc_cli: pass down ndr_interface_table to rpc_transport_np_init(). s3-rpc_cli: pass down ndr_interface_table to rpc_transport_np_init_send(). libcli/auth: also set secure channel type in netlogon_creds_client_init(). s3: libnet_join: add
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 38e4396 torture: Ensure that GSSAPI and SPNEGO packets are accepted by dlz_bind9 via 16b26ea selftest: Add a basic test of samba_upgradedns via 013c499 selftest: Start internal DNS server on domain provisioned for BIND9_DLZ via e281037 selftest: Test creation of the dns-SERVER account during selftest via d19c437 scripting/samba_upgradedns: Tighten up exception and attribute list handling via b106d90 scripting/join.py: Handle creating the dns-NAME account during a DC join from bdab6f9 Optimization. Don't do the retry logic if sitename_fetch() returned NULL, we already did a NULL query. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 38e43961c01f6f491b069e7106fe2a2ec80bd840 Author: Andrew Bartlett abart...@samba.org Date: Fri Dec 28 21:00:28 2012 +1100 torture: Ensure that GSSAPI and SPNEGO packets are accepted by dlz_bind9 This exercises some more of the dlz_bind9 code outside BIND, by sending in a ticket to be access checked, wrapped either in SPNEGO or just in GSSAPI. Andrew Bartlett Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Wed Sep 4 11:25:10 CEST 2013 on sn-devel-104 commit 16b26eafa75280e576333975cff5dd1505c118fa Author: Andrew Bartlett abart...@samba.org Date: Fri Dec 28 10:06:39 2012 +1100 selftest: Add a basic test of samba_upgradedns This does not check that the command runs correctly, but does at least check that the command runs to completion without errors. Andrew Bartlett Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 013c4990c6f1412dd25592bf177ceffab4b5d16d Author: Andrew Bartlett abart...@samba.org Date: Fri Dec 28 09:25:11 2012 +1100 selftest: Start internal DNS server on domain provisioned for BIND9_DLZ This shows that the internal server can use the dns-SERVER account. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org Signed-off-by: Andrew Bartlett abart...@samba.org commit e281037c9bfa68ca3dc564ec7a36e5c790024902 Author: Andrew Bartlett abart...@samba.org Date: Wed Dec 26 10:03:47 2012 +1100 selftest: Test creation of the dns-SERVER account during selftest We do this by having the samba-tool domain dcpromo for promoted_vampire_dc also create a dns-SERVER account. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org Signed-off-by: Andrew Bartlett abart...@samba.org commit d19c437a36b26e71c24bc25e672d714e21ba50bd Author: Andrew Bartlett abart...@samba.org Date: Mon Dec 24 09:12:04 2012 +1100 scripting/samba_upgradedns: Tighten up exception and attribute list handling This avoids asking for attributes that will not be used, and looks only for the expected exceptions, rather than all exceptions. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org Signed-off-by: Andrew Bartlett abart...@samba.org commit b106d9090e8f8f44f02059d2ced3d10066787060 Author: Andrew Bartlett abart...@samba.org Date: Mon Dec 24 08:56:50 2012 +1100 scripting/join.py: Handle creating the dns-NAME account during a DC join This will ensure that the DLZ plugin works out of the box when joining a second Samba DC to the domain. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org Signed-off-by: Andrew Bartlett abart...@samba.org --- Summary of changes: python/samba/join.py| 73 +++-- python/samba/provision/sambadns.py | 11 +++- selftest/target/Samba4.pm |4 +- source4/scripting/bin/samba_upgradedns | 30 +++ source4/selftest/tests.py |3 +- source4/setup/secrets_dns.ldif |2 +- source4/torture/dns/dlz_bind9.c | 78 +++ source4/torture/winbind/winbind.c |1 + testprogs/blackbox/test_samba_upgradedns.sh | 37 + 9 files changed, 218 insertions(+), 21 deletions(-) create mode 100755 testprogs/blackbox/test_samba_upgradedns.sh Changeset truncated at 500 lines: diff --git a/python/samba/join.py b/python/samba/join.py index c55c22c..b2f4da4 100644 --- a/python/samba/join.py +++ b/python/samba/join.py @@ -26,9 +26,12 @@ from samba.ndr import ndr_pack from samba.dcerpc import security, drsuapi, misc, nbt, lsa, drsblobs from samba.credentials import Credentials, DONT_USE_KERBEROS from samba.provision import secretsdb_self_join, provision, provision_fill, FILL_DRS
[SCM] Samba Shared Repository - branch master updated
b706ca6e55aa76d4da901c69d991969602facc3b Author: Stefan Metzmacher me...@samba.org Date: Wed Aug 14 15:18:47 2013 -0700 s3:libsmb: call smb2cli_logoff() from cli_ulogoff() Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Jeremy Allison j...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Thu Aug 15 10:53:21 CEST 2013 on sn-devel-104 commit 1d7bdfc4feac35d92b003c3c78f502897ecc5d4e Author: Stefan Metzmacher me...@samba.org Date: Wed Aug 14 11:48:40 2013 +0200 s3:libsmb: make cli_ulogoff_send/recv static Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Jeremy Allison j...@samba.org commit e6be68fb5e4dc528f7365f3413b9b66090992f42 Author: Stefan Metzmacher me...@samba.org Date: Wed Aug 14 11:44:58 2013 +0200 s3:libsmb: call smb2cli_tdis() from cli_tdis() Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Jeremy Allison j...@samba.org commit d732e9aab3bbad3ea97f8b120e57b41152aaee3b Author: Stefan Metzmacher me...@samba.org Date: Wed Aug 14 11:44:10 2013 +0200 s3:libsmb: only set tcon to invalid in smb2cli_tdis* This matches the behavior of cli_tdis*. Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Jeremy Allison j...@samba.org commit 80d4f64352c0ddacb9ee15d2b48a42a0b7929501 Author: Stefan Metzmacher me...@samba.org Date: Wed Aug 14 11:38:22 2013 +0200 s3:libsmb: make cli_tdis_send/recv static Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Jeremy Allison j...@samba.org commit ccf7b3719121e03ed06d15b9af5373eecba3e828 Author: Stefan Metzmacher me...@samba.org Date: Tue Aug 13 18:38:57 2013 +0200 s3:libsmb: add support for SMB2 in cli_writeall() Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Jeremy Allison j...@samba.org commit a85d4511e6bc84938d60f090b44a5b1468ee4136 Author: Stefan Metzmacher me...@samba.org Date: Tue Aug 13 18:20:08 2013 +0200 s3:libsmb: add SMB2 support to cli_pull* Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Jeremy Allison j...@samba.org commit 6896bf0b28a07eb8ead5b3bd2bc50229aa59d439 Author: Stefan Metzmacher me...@samba.org Date: Tue Aug 13 16:33:30 2013 +0200 s3:libsmb: add SMB2 support to cli_push* Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Jeremy Allison j...@samba.org commit 80758e4b07c87280e778ba161c2c9c4a2ee47853 Author: Jeremy Allison j...@samba.org Date: Thu Aug 8 11:00:49 2013 -0700 s3:libsmb: Plumb cli_smb2_set_security_descriptor() inside cli_set_security_descriptor(). Signed-off-by: Jeremy Allison j...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 1db7e90451f31d75298508c19a859d98d56d7e7c Author: Jeremy Allison j...@samba.org Date: Thu Aug 8 11:00:08 2013 -0700 s3:libsmb: Plumb cli_smb2_query_security_descriptor() inside cli_query_security_descriptor(). Signed-off-by: Jeremy Allison j...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit de895bf228432f2a42bcdcadcf12ffd1be64022f Author: Jeremy Allison j...@samba.org Date: Wed Aug 7 16:50:03 2013 -0700 s3:libsmb: Plumb cli_smb2_qpathinfo_alt_name() inside cli_qpathinfo_alt_name(). Signed-off-by: Jeremy Allison j...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit cba3ed0466b8598e28a44809778b99e97b1bf1a1 Author: Jeremy Allison j...@samba.org Date: Thu Aug 8 10:52:02 2013 -0700 s3:libsmb: Plumb cli_smb2_qpathinfo_basic() inside cli_qpathinfo_basic(). Signed-off-by: Jeremy Allison j...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 2bb3e251d59910d9bf527a73271094702bceefe2 Author: Jeremy Allison j...@samba.org Date: Wed Aug 7 16:47:21 2013 -0700 s3:libsmb: Plumb cli_smb2_qfileinfo_basic() inside cli_qfileinfo_basic(). Signed-off-by: Jeremy Allison j...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit e96309ca1b057d430444531523bb2c9f59fcd624 Author: Jeremy Allison j...@samba.org Date: Wed Aug 7 16:46:05 2013 -0700 s3:libsmb: Plumb cli_smb2_qpathinfo_streams() inside cli_qpathinfo_streams(). Signed-off-by: Jeremy Allison j...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit f2f566b1cc8d55bd1cf93478b877a3e7f455855c Author: Jeremy Allison j...@samba.org Date: Wed Aug 7 16:45:05 2013 -0700 s3:libsmb: Plumb cli_smb2_qpathinfo2() inside cli_qpathinfo2(). Signed-off-by: Jeremy Allison j...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 73255d3ba912b3a112f9d766deae895f51e16cd9 Author: Jeremy Allison j...@samba.org Date: Wed Aug 7 16:43:33 2013 -0700 s3:libsmb: Plumb cli_smb2_list() inside cli_list(). Signed-off-by: Jeremy Allison j...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 7e2d969deb1d4bcf3add422d80852b2d386cfaac
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 5f75814 winbind3: Fix an invalid free
from 1b57fd1 s3-winbindd: fix fallback to ncacn_np in cm_connect_lsat().
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 5f75814586f2d6f7c2dc8fd9342cb045c1f7e68c
Author: Volker Lendecke v...@samba.org
Date: Wed Aug 14 09:27:59 2013 +
winbind3: Fix an invalid free
This fixes a warning I've never seen before :-)
../source3/winbindd/winbindd_cm.c:781:59: warning: attempt to free a
non-heap object ‘machine_krb5_principal’ [-Wfree-nonheap-object]
Signed-off-by: Volker Lendecke v...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Wed Aug 14 14:04:16 CEST 2013 on sn-devel-104
---
Summary of changes:
source3/winbindd/winbindd_cm.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c
index 1832b2b..d89ca95 100644
--- a/source3/winbindd/winbindd_cm.c
+++ b/source3/winbindd/winbindd_cm.c
@@ -778,7 +778,7 @@ static NTSTATUS get_trust_creds(const struct
winbindd_domain *domain,
}
if (!strupper_m(*machine_krb5_principal)) {
- SAFE_FREE(machine_krb5_principal);
+ SAFE_FREE(*machine_krb5_principal);
return NT_STATUS_INVALID_PARAMETER;
}
}
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 1b57fd1 s3-winbindd: fix fallback to ncacn_np in cm_connect_lsat().
from 52d66d8 s3-winbind: Fix a segfault passing NULL to a fstring
argument.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 1b57fd180c2640598c13d2459a7c7a6f04708388
Author: Günther Deschner g...@samba.org
Date: Mon Aug 12 17:23:12 2013 +0200
s3-winbindd: fix fallback to ncacn_np in cm_connect_lsat().
Fallback to lsa named-pipe connection when tcp connection has failed twice
(it
could be a trusted domain connection where we cannot setup a secure
channel).
Guenther
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9615
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9899
Signed-off-by: Günther Deschner g...@samba.org
Signed-off-by: Andreas Schneider a...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
Tested-by: Christof Schmitt christof.schm...@us.ibm.com
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Tue Aug 13 20:55:33 CEST 2013 on sn-devel-104
---
Summary of changes:
source3/winbindd/winbindd_cm.c |9 +++--
1 files changed, 7 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c
index 08c763c..1832b2b 100644
--- a/source3/winbindd/winbindd_cm.c
+++ b/source3/winbindd/winbindd_cm.c
@@ -2651,11 +2651,16 @@ NTSTATUS cm_connect_lsat(struct winbindd_domain *domain,
invalidate_cm_connection(domain-conn);
status = cm_connect_lsa_tcp(domain, mem_ctx, cli);
}
- if (!NT_STATUS_IS_OK(status)) {
+ if (NT_STATUS_IS_OK(status)) {
return status;
}
- return NT_STATUS_OK;
+ /*
+* we tried twice to connect via ncan_ip_tcp and schannel and
+* failed - maybe it is a trusted domain we can't connect to ?
+* do not try tcp next time - gd
+*/
+ domain-can_do_ncacn_ip_tcp = false;
}
status = cm_connect_lsa(domain, mem_ctx, cli, lsa_policy);
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 9177a0d libcli/auth: add more const to spnego_negTokenInit-mechTypes via f1e6014 libcli/auth: avoid possible mem leak in read_negTokenInit() via 966faef auth/gensec: treat struct gensec_security_ops as const if possible. via c81b6f7 auth/gensec: use 'const char * const *' for function parameters via e81550c auth/gensec: make it possible to implement async backends via 6a7a44d auth/gensec: avoid talloc_reference in gensec_security_mechs() via 3e3534f auth/gensec: avoid talloc_reference in gensec_use_kerberos_mechs() via 71c63e8 auth/gensec: introduce gensec_internal.h via 57bcbb9 libcli/auth/schannel: remove unused schannel_position via 4c978b6 libcli/auth/schannel: make struct schannel_state private via e90e1b5 s4:gensec/schannel: only require librpc/gen_ndr/dcerpc.h via 9b9ab1a s4:gensec/schannel: there's no point in having schannel_session_key() via a07049a s4:gensec/schannel: GENSEC_FEATURE_ASYNC_REPLIES is not supported via b510476 s4:gensec/schannel: use the correct computer_name from netlogon_creds_CredentialState via 49f347e s4:gensec/schannel: simplify the code by using netsec_create_state() via 4cad5dc s4:gensec/schannel: remove unused dcerpc_schannel_creds() via 2ea3a24 s4:torture: avoid usage of dcerpc_schannel_creds() via c014427 s4:libnet: avoid usage of dcerpc_schannel_creds() via a36ccdc s3:dcerpc_helpers: remove unused DEBUG message of schannel_state-seq_num. via a964309 s3:rpc_server: make use of netsec_create_state() via af4dc30 s3:cli_pipe.c: return NO_USER_SESSION_KEY in cli_get_session_key() for schannel via 838cb53 s3:cli_pipe: pass down creds-computer_name to NL_AUTH_MESSAGE via e96142f s3:cli_pipe: make use of netsec_create_state() via 3321539 libcli/auth: add netsec_create_state() via 9f2e81a libcli/auth: maintain the sequence number for the NETLOGON SSP as 64bit via 59b0956 auth/gensec: add gensec_security_by_auth_type() via 45c74c8 auth/gensec: first check GENSEC_FEATURE_SESSION_KEY before returning NOT_IMPLEMENTED via 04938cb s3:rpc_client: remove unused cli_rpc_pipe_open_ntlmssp_auth_schannel() via 3302356 s3:rpc_client: remove netr_LogonGetCapabilities check from rpc_pipe_bind* via eecb5ba s3:rpc_client: add netr_LogonGetCapabilities to cli_rpc_pipe_open_schannel_with_key() via e9c8e3f s3:rpc_client: use netlogon_creds_copy before rpc_pipe_bind via 90e28c1 s3:rpc_client: fix/add AES downgrade detection to rpc_pipe_bind_step_two_done() via e77a64f s3:rpcclient: try to use NETLOGON_NEG_SUPPORTS_AES via 0460063 s3:rpc_client: try to use NETLOGON_NEG_SUPPORTS_AES via beba326 s3:libnet_join: try to use NETLOGON_NEG_SUPPORTS_AES via d82ab705 s3:auth_domain: try to use NETLOGON_NEG_SUPPORTS_AES via 11e0be0 s3:libsmb: remove unused cli_state-is_guestlogin from d944841 torture: add smb2 FSCTL_[GET/SET]_COMPRESSION test http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 9177a0d1c1c92c45ef92fbda55fc6dd8aeb76b6c Author: Stefan Metzmacher me...@samba.org Date: Mon Aug 5 10:46:47 2013 +0200 libcli/auth: add more const to spnego_negTokenInit-mechTypes Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Sat Aug 10 11:11:54 CEST 2013 on sn-devel-104 commit f1e60142e12deb560e3c62441fd9ff2acd086b60 Author: Stefan Metzmacher me...@samba.org Date: Mon Aug 5 10:43:38 2013 +0200 libcli/auth: avoid possible mem leak in read_negTokenInit() Also add error checks. Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org commit 966faef9c61d2ec02d75fc3ccc82a61524fb77e4 Author: Stefan Metzmacher me...@samba.org Date: Mon Aug 5 11:20:21 2013 +0200 auth/gensec: treat struct gensec_security_ops as const if possible. Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org commit c81b6f7448d7f945635784de645bea4f7f2e230f Author: Stefan Metzmacher me...@samba.org Date: Mon Aug 5 11:10:55 2013 +0200 auth/gensec: use 'const char * const *' for function parameters Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org commit e81550c8117166d0fbf69ba1d3957cb950c42961 Author: Stefan Metzmacher me...@samba.org Date: Mon Aug 5 16:12:13 2013 +0200 auth/gensec: make it possible to implement async backends Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 859182d dfs_server: Use dsdb_search_one to catch 0 results as well
as NO_SUCH_OBJECT errors
from ba40d0d s3:lib/system fix build on AIX 7
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 859182da6d06be0e9d37d7ed3448efc3dc78bdb2
Author: Andrew Bartlett abart...@samba.org
Date: Tue Jul 30 10:40:39 2013 +1200
dfs_server: Use dsdb_search_one to catch 0 results as well as
NO_SUCH_OBJECT errors
This ensures we do not de-reference an invalid rs-msgs pointer if the
pointed-to object was not objectclass=computer
Andrew Bartlett
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10052
Signed-off-by: Andrew Bartlett abart...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Fri Aug 2 13:11:20 CEST 2013 on sn-devel-104
---
Summary of changes:
dfs_server/dfs_server_ad.c | 10 +-
1 files changed, 5 insertions(+), 5 deletions(-)
Changeset truncated at 500 lines:
diff --git a/dfs_server/dfs_server_ad.c b/dfs_server/dfs_server_ad.c
index 249a1d1..062eb49 100644
--- a/dfs_server/dfs_server_ad.c
+++ b/dfs_server/dfs_server_ad.c
@@ -206,14 +206,14 @@ static NTSTATUS get_dcs_insite(TALLOC_CTX *ctx, struct
ldb_context *ldb,
for (i = 0; ir-count; i++) {
struct ldb_dn *dn;
- struct ldb_result *r2;
+ struct ldb_message *msg;
dn = ldb_msg_find_attr_as_dn(ldb, ctx, r-msgs[i],
serverReference);
if (!dn) {
return NT_STATUS_INTERNAL_ERROR;
}
- ret = ldb_search(ldb, r, r2, dn, LDB_SCOPE_BASE, attrs2,
(objectClass=computer));
+ ret = dsdb_search_one(ldb, r, msg, dn, LDB_SCOPE_BASE, attrs2,
0, (objectClass=computer));
if (ret != LDB_SUCCESS) {
DEBUG(2,(__location__ : Search for computer on %s
failed - %s\n,
ldb_dn_get_linearized(dn),
ldb_errstring(ldb)));
@@ -221,7 +221,7 @@ static NTSTATUS get_dcs_insite(TALLOC_CTX *ctx, struct
ldb_context *ldb,
}
if (dofqdn) {
- const char *dns =
ldb_msg_find_attr_as_string(r2-msgs[0], dNSHostName, NULL);
+ const char *dns = ldb_msg_find_attr_as_string(msg,
dNSHostName, NULL);
if (dns == NULL) {
DEBUG(2,(__location__ : dNSHostName missing on
%s\n,
ldb_dn_get_linearized(dn)));
@@ -233,7 +233,7 @@ static NTSTATUS get_dcs_insite(TALLOC_CTX *ctx, struct
ldb_context *ldb,
NT_STATUS_HAVE_NO_MEMORY_AND_FREE(list-names[list-count], r);
} else {
char *tmp;
- const char *aname =
ldb_msg_find_attr_as_string(r2-msgs[0], sAMAccountName, NULL);
+ const char *aname = ldb_msg_find_attr_as_string(msg,
sAMAccountName, NULL);
if (aname == NULL) {
DEBUG(2,(__location__ : sAMAccountName missing
on %s\n,
ldb_dn_get_linearized(dn)));
@@ -250,7 +250,7 @@ static NTSTATUS get_dcs_insite(TALLOC_CTX *ctx, struct
ldb_context *ldb,
list-names[list-count] = tmp;
}
list-count++;
- talloc_free(r2);
+ talloc_free(msg);
}
talloc_free(r);
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 8f98f5d tevent: change version to 0.9.19
via 066a642 tevent: Remove the signal pipe if no signal events are
around
from f9d19c4 Ensure gpfs kernel leases are wrapped in a
become_root()/unbecome_root() pair.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 8f98f5d85ae30361f6bb9f6f42d6a7fd279301e1
Author: Stefan Metzmacher me...@samba.org
Date: Thu Aug 1 13:13:04 2013 +0200
tevent: change version to 0.9.19
* Fix tevent testsuite issue on Solaris.
* Add tevent tuturial and documentation updates
* Fix Coverity ID 989236 Operands don't affect result
* Bug: https://bugzilla.samba.org/show_bug.cgi?id=10012
Signed-off-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Thu Aug 1 17:05:02 CEST 2013 on sn-devel-104
commit 066a642f10cae7980eefb2d8ada3a6c3f5220542
Author: Volker Lendecke v...@samba.org
Date: Wed Jul 31 11:31:57 2013 +0200
tevent: Remove the signal pipe if no signal events are around
It makes adding/removing the first/last sigevents a bit more expensive, but
it
will fix tevent_loop_wait not finishing when one signal event was added and
removed.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10012
Signed-off-by: Volker Lendecke v...@samba.org
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andreas Schneider a...@samba.org
---
Summary of changes:
.../ABI/{tevent-0.9.18.sigs = tevent-0.9.19.sigs} |0
lib/tevent/tevent_signal.c | 14 +-
lib/tevent/wscript |2 +-
3 files changed, 14 insertions(+), 2 deletions(-)
copy lib/tevent/ABI/{tevent-0.9.18.sigs = tevent-0.9.19.sigs} (100%)
Changeset truncated at 500 lines:
diff --git a/lib/tevent/ABI/tevent-0.9.18.sigs
b/lib/tevent/ABI/tevent-0.9.19.sigs
similarity index 100%
copy from lib/tevent/ABI/tevent-0.9.18.sigs
copy to lib/tevent/ABI/tevent-0.9.19.sigs
diff --git a/lib/tevent/tevent_signal.c b/lib/tevent/tevent_signal.c
index 0fdf646..8e13d73 100644
--- a/lib/tevent/tevent_signal.c
+++ b/lib/tevent/tevent_signal.c
@@ -175,7 +175,19 @@ static int tevent_signal_destructor(struct tevent_signal
*se)
struct tevent_common_signal_list);
if (se-event_ctx) {
- DLIST_REMOVE(se-event_ctx-signal_events, se);
+ struct tevent_context *ev = se-event_ctx;
+
+ DLIST_REMOVE(ev-signal_events, se);
+
+ if (ev-signal_events == NULL ev-pipe_fde != NULL) {
+ /*
+* This was the last signal. Destroy the pipe.
+*/
+ TALLOC_FREE(ev-pipe_fde);
+
+ close(ev-pipe_fds[0]);
+ close(ev-pipe_fds[1]);
+ }
}
talloc_free(sl);
diff --git a/lib/tevent/wscript b/lib/tevent/wscript
index 02bddb8..39f2ae4 100755
--- a/lib/tevent/wscript
+++ b/lib/tevent/wscript
@@ -1,7 +1,7 @@
#!/usr/bin/env python
APPNAME = 'tevent'
-VERSION = '0.9.18'
+VERSION = '0.9.19'
blddir = 'bin'
--
Samba Shared Repository
[SCM] Samba Shared Repository - annotated tag tevent-0.9.19 created
The annotated tag, tevent-0.9.19 has been created at 9ab5377392768d4465f2d6529fa9dc8ada01502f (tag) tagging 8f98f5d85ae30361f6bb9f6f42d6a7fd279301e1 (commit) replaces ldb-1.1.16 tagged by Stefan Metzmacher on Thu Aug 1 17:11:55 2013 +0200 - Log - tevent: tag release tevent-0.9.19 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQEcBAABAgAGBQJR+nq7AAoJEEeTkWETCEAlnj0IAL5uIboUh4zDM0UFk3j/H+Re /cYnCufwHp1ROtiBsvhPRolpdVEFB/Fn57JLfbYvLPLTuzCrDzvnbQt3zr50W0au PnNe9hNNALsXDz78eha8qYkfkk1dVM4nTvIqUWU6iTbovd4iMT4x687FKLfJekeT o9ygHh4kyTp4DWD7Tai/PTWKCuhgrVz03Yz1Ao//vGuHaJEQclZsVdn0e3X2U9Bt WcNIo64u3C6Vx/+FDrpA1qrWD+0ZPxw9+ZfF+H6OZ8xcymbPQrlyWHeQxon1tStT 6ZvkhDlzVqzQfxOOoHZD/pjrTi67miejwfTgx6TBxPPsfo+rhDZFDk+X+wOXoVI= =AS6o -END PGP SIGNATURE- Alexander Werth (1): s3: Remove old mode special substitution. Andreas Schneider (22): tsocket: Pass the full port number to getaddrinfo(). tsocket: Pass the full port number to getaddrinfo(). torture: Fix comparsion of uninitalized bytes. torture: Don't segfault in raw.session on error. torture: Don't segfault in smb2.session on error. selftest: Fix domain name of plugindc. selftest: Add a newline to root entries in the nss files. selftest: Use higher ip numbers. s3-winbind: Allow sec_initial_uid() to store creds. torture: Fix comparsion of uninitalized bytes. torture: Don't segfault in raw.session on error. torture: Don't segfault in smb2.session on error. selftest: Fix domain name of plugindc. selftest: Add a newline to root entries in the nss files. selftest: Use higher ip numbers. s3-winbind: Allow sec_initial_uid() to store creds. waf: Build with RELRO if supported by the compiler. s3-winbind: Do not delete an existing valid credential cache. nsswitch: Don't enumerate all domains with wbinfo -u|-g. s3-waf: Rename regedit to samba-regedit. docs-xml: Remove obsolete swat manpage and references. nsswitch: Add OPT_KRB5CCNAME to avoid an error message. Andrew Bartlett (23): libcli/ldap: Cope with substring match with no chunks in ldap_push_filter torture: Add tests for LDAP substring search with no strings provided heimdal_build: Add missing dep on samba4kgetcred dsdb-ridalloc: Fix RID pools - RID numbers increase too quickly service_stream: Log if the connection termination is deferred or not (bug #9820) s4-winbindd: Do not terminate a connection that is still pending (bug #9820) s4-lib/socket: Allocate a the larger sockaddr_un and not just a sockaddr_in in unixdom_get_peer_addr() dynconfig: Remove last s3 markers now we have just one build system dsdb-descriptor: Do not do a subtree search unless we have child entries dsdb: Rework subtree_rename module to use recursive LDB_SCOPE_ONELEVEL searches dsdb-ridalloc: Rework ridalloc to return error strings where RID allocation fails selftest: Ensure the DC has started and and got a RID set before we proceed dsdb: Add assert in drepl_take_FSMO_role rpc_server-drsuapi: Improve comments and DEBUG lines selftest: ensure samba4.rpc.samr.large-dc.two.samr.many is always tested selftest: ensure samba4.nss.test.*using.*winbind is always tested torture/drs: Expand an error message to aid debugging dsdb: Prune deleted objects of links and extra attributes of replicated deletes dsdb: Ensure we always force deleted objects back under the deleted objects DN dsdb: Improve DRS deleted link source/target handing in repl_meta_data dsdb tests: Add member/memberOf checking to delete_objects testing dsdb: Include MS-ADTS doc references on deleted object contstraints samba-tool dbcheck: Correctly remove deleted DNs in dbcheck Aurélien Aptel (1): docs-xml/manpages/smbclient.1.xml: fix case of -T flag in example. Bill Parker (1): Fix bug 10025 - Lack of Sanity Checking in calls to malloc()/calloc(). Björn Baumbach (2): s3-lib: fix segf while reading incomplete session info (bug #10003) s3-smbstatus: display [u|g]id of -1 as -1 in connection list Björn Jacke (2): time: don't try to use the coarse clock time: prefer CLOCK_BOOTTIME for clock_gettime_mono() Christian Ambach (5): nsswitch: fix a comment s3:smbd/aio mark file as modified in the SMB2 case s3:lib add mapping for ETXTBSY s3:smbd/close use common exit path s3:smbd/close remove filesystem lock before removing sharemode Christof Schmitt (1): selftest: Print error message when smbd does not have ADS support Daniel Gan-Levi (1): s3-ctdb: Fix auto-enabling of CTDB readonly support David Disseldorp (1): tevent: document tevent_req_create state zeroing Günther Deschner (4): s3-printing: avoid KRB5CCNAME
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 7615b25 samba-tool dbcheck: Correctly remove deleted DNs in dbcheck via f2afdb6 dsdb: Include MS-ADTS doc references on deleted object contstraints via a9e565a dsdb tests: Add member/memberOf checking to delete_objects testing via 0162be3 dsdb: Improve DRS deleted link source/target handing in repl_meta_data via 32955a1 dsdb: Ensure we always force deleted objects back under the deleted objects DN via a796cad dsdb/repl_meta_data: split out replmd_deletion_state() via d3aad89 dsdb: Prune deleted objects of links and extra attributes of replicated deletes from 8f8e843 s3:winbind: add a warning DEBUG message when skipping a sid from the mapped GID list http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 7615b2549d9549683978cb3e85b926e2ba63e294 Author: Andrew Bartlett abart...@samba.org Date: Sun Apr 14 13:32:49 2013 +1000 samba-tool dbcheck: Correctly remove deleted DNs in dbcheck The previous pattern never matched, as it was a typo. Andrew Bartlett Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Tue Jul 30 12:55:00 CEST 2013 on sn-devel-104 commit f2afdb61698c37389be286f9443471d4aeba49b8 Author: Andrew Bartlett abart...@samba.org Date: Tue Jun 4 20:22:31 2013 +1000 dsdb: Include MS-ADTS doc references on deleted object contstraints Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit a9e565a5a4478f7b923f35311e170de2044ff848 Author: Andrew Bartlett abart...@samba.org Date: Mon Jun 3 17:51:41 2013 +1000 dsdb tests: Add member/memberOf checking to delete_objects testing Pair-Programmed-With: Stefan Metzmacher me...@samba.org Signed-off-by: Andrew Bartlett abart...@samba.org Signed-off-by: Stefan Metzmacher me...@samba.org commit 0162be32ab4f9716a4300d1f1a0caae8b0133f7c Author: Andrew Bartlett abart...@samba.org Date: Tue Jun 4 19:57:06 2013 +1000 dsdb: Improve DRS deleted link source/target handing in repl_meta_data We now correctly ignore the link updates if the source or target is deleted locally. This fixes the long-standing failure in the vampire_dc dbcheck test. Pair-Programmed-With: Stefan Metzmacher me...@samba.org Andrew Bartlett Signed-off-by: Andrew Bartlett abart...@samba.org Signed-off-by: Stefan Metzmacher me...@samba.org commit 32955a1dec3a97ab4550869dbeb5034247f3b1bc Author: Andrew Bartlett abart...@samba.org Date: Mon Jun 17 22:37:20 2013 +1000 dsdb: Ensure we always force deleted objects back under the deleted objects DN Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit a796cad90f1028ccc54a3539e34dc0728b990a96 Author: Stefan Metzmacher me...@samba.org Date: Wed Jun 5 09:35:42 2013 +0200 dsdb/repl_meta_data: split out replmd_deletion_state() Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org commit d3aad891c5759f66bd891cb47866d908a0562a8a Author: Andrew Bartlett abart...@samba.org Date: Fri May 31 20:01:17 2013 +1000 dsdb: Prune deleted objects of links and extra attributes of replicated deletes When an object is deleted, the links to be removed are not propogated, you have to watch out for them manually! We do this by calling back into the originating update delete code (ie what is called if you ldb_delete() locally) so that any extra attribute found locally and not on the remote server becomes removed remotely too. We currently do the same with links, but that isn't strictly correct, but for now our getNCChanges server code filters these out, so only the usn is bumped. Andrew Bartlett Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org --- Summary of changes: python/samba/dbchecker.py |2 +- selftest/knownfail |1 - source4/dsdb/samdb/ldb_modules/repl_meta_data.c | 568 ++- source4/torture/drs/python/delete_object.py | 278 ++- 4 files changed, 698 insertions(+), 151 deletions(-) Changeset truncated at 500 lines: diff --git a/python/samba/dbchecker.py b/python/samba/dbchecker.py index e88f876..8b175c2 100644 --- a/python/samba/dbchecker.py +++ b/python/samba/dbchecker.py @@ -271,7 +271,7 @@ newSuperior: %s % (str(from_dn), str(to_rdn), str(to_base))) handle a missing target DN (both GUID and DN string form are missing
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via a74c7d7 torture/drs: Expand an error message to aid debugging via 63c05e8 dsdb/samdb: use RECYCLED it implies DELETED... via 6016ba3 selftest: ensure samba4.nss.test.*using.*winbind is always tested via 93b8315 selftest: ensure samba4.rpc.samr.large-dc.two.samr.many is always tested via 5e1f279 rpc_server-drsuapi: Improve comments and DEBUG lines via e9faf50 dsdb: Add assert in drepl_take_FSMO_role via ae0ba6b selftest: Ensure the DC has started and and got a RID set before we proceed via db9c3c6 dsdb-ridalloc: Rework ridalloc to return error strings where RID allocation fails via 31fb7f9 dsdb: Rework subtree_rename module to use recursive LDB_SCOPE_ONELEVEL searches via 03b44d2 dsdb-descriptor: Do not do a subtree search unless we have child entries from ca98d81 dynconfig: Remove last s3 markers now we have just one build system http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit a74c7d780cb6a1e8a5a63ebbbcf36fd7cf717ea1 Author: Andrew Bartlett abart...@samba.org Date: Mon Jun 17 22:37:54 2013 +1000 torture/drs: Expand an error message to aid debugging Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Thu Jul 25 13:51:44 CEST 2013 on sn-devel-104 commit 63c05e820f1449b2dfa6e4f096d8270284a60bbb Author: Stefan Metzmacher me...@samba.org Date: Mon Jun 10 14:00:01 2013 +0200 dsdb/samdb: use RECYCLED it implies DELETED... Signed-off-by: Stefan Metzmacher me...@samba.org commit 6016ba3a02c5418b44bb61d434f3a25d6e5991b8 Author: Andrew Bartlett abart...@samba.org Date: Sat Jul 13 19:35:52 2013 +1000 selftest: ensure samba4.nss.test.*using.*winbind is always tested With the winbind fixes now in master this should be more reliable. Andrew Bartlett Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 93b83151c9563f4c1f47b925fed079d275f8ec43 Author: Andrew Bartlett abart...@samba.org Date: Sat Jul 13 19:34:45 2013 +1000 selftest: ensure samba4.rpc.samr.large-dc.two.samr.many is always tested This test should now be more reliable with the over-allocation of RID values now fixed. Andrew Bartlett Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 5e1f2795f28b0a213b4529e046edec68caa3bd41 Author: Andrew Bartlett abart...@samba.org Date: Fri Jun 28 09:19:48 2013 +1000 rpc_server-drsuapi: Improve comments and DEBUG lines Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit e9faf50ee123a8d1d647ebffa39107ca0dce756c Author: Andrew Bartlett abart...@samba.org Date: Fri Jun 28 09:15:16 2013 +1000 dsdb: Add assert in drepl_take_FSMO_role Pair-Programmed-With: Stefan Metzmacher me...@samba.org Signed-off-by: Andrew Bartlett abart...@samba.org Signed-off-by: Stefan Metzmacher me...@samba.org commit ae0ba6bd833f71c4337ae3b6621bf797cb3c48c2 Author: Andrew Bartlett abart...@samba.org Date: Wed Jun 19 11:33:36 2013 +1000 selftest: Ensure the DC has started and and got a RID set before we proceed This avoids errors when a busy DC has not yet fetched a RID set, showing up as flapping tests when users are created, such as the samr.large-dc test. Andrew Bartlett Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit db9c3c62c89e1328872e3fdedde22b78770728a9 Author: Andrew Bartlett abart...@samba.org Date: Wed Jun 19 10:30:48 2013 +1000 dsdb-ridalloc: Rework ridalloc to return error strings where RID allocation fails We now also only poke the RID manager once per request. This may help track down why RID allocation can fail, as while we never wait for the RID set to be created/updated, it may be the only clue the admin gets as to why the async allocations were failing. Andrew Bartlett Pair-Programmed-With: Stefan Metzmacher me...@samba.org Signed-off-by: Andrew Bartlett abart...@samba.org Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 31fb7f9c1b93b0f2114dec5096e43616ed317720 Author: Andrew Bartlett abart...@samba.org Date: Sun Jun 23 21:38:40 2013 +1000 dsdb: Rework subtree_rename module to use recursive LDB_SCOPE_ONELEVEL searches This should be more efficient, particularly in the leaf node case when renaming and deleting entries on large databases. Andrew Bartlett Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via ca98d81 dynconfig: Remove last s3 markers now we have just one build system from 077dfd0 s4-lib/socket: Allocate a the larger sockaddr_un and not just a sockaddr_in in unixdom_get_my_addr() http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit ca98d816cc898ed66a0aa065de65938bd4b71c1a Author: Andrew Bartlett abart...@samba.org Date: Thu Jun 13 19:33:42 2013 +1000 dynconfig: Remove last s3 markers now we have just one build system Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Wed Jul 24 16:29:15 CEST 2013 on sn-devel-104 --- Summary of changes: dynconfig/dynconfig.c |2 -- dynconfig/dynconfig.h |3 --- 2 files changed, 0 insertions(+), 5 deletions(-) Changeset truncated at 500 lines: diff --git a/dynconfig/dynconfig.c b/dynconfig/dynconfig.c index 5f67278..af9d735 100644 --- a/dynconfig/dynconfig.c +++ b/dynconfig/dynconfig.c @@ -83,7 +83,6 @@ const char *set_dyn_##name(const char *newpath) \ return dyn_##name;\ } -/* these are in common with s3 */ DEFINE_DYN_CONFIG_PARAM(SBINDIR) DEFINE_DYN_CONFIG_PARAM(BINDIR) DEFINE_DYN_CONFIG_PARAM(CONFIGFILE) /** Location of smb.conf file. **/ @@ -105,7 +104,6 @@ DEFINE_DYN_CONFIG_PARAM(NMBDSOCKETDIR) DEFINE_DYN_CONFIG_PARAM(DATADIR) DEFINE_DYN_CONFIG_PARAM(SETUPDIR) DEFINE_DYN_CONFIG_PARAM(WINBINDD_SOCKET_DIR) /* from winbind_struct_protocol.h in s3 autoconf */ - DEFINE_DYN_CONFIG_PARAM(WINBINDD_PRIVILEGED_SOCKET_DIR) DEFINE_DYN_CONFIG_PARAM(NTP_SIGND_SOCKET_DIR) DEFINE_DYN_CONFIG_PARAM(PYTHONDIR) diff --git a/dynconfig/dynconfig.h b/dynconfig/dynconfig.h index 4d24001..2a45f1f 100644 --- a/dynconfig/dynconfig.h +++ b/dynconfig/dynconfig.h @@ -30,7 +30,6 @@ const char *get_dyn_##name(void); \ const char *set_dyn_##name(const char *newpath); \ bool is_default_dyn_##name(void); -/* these are in common with s3 */ DEFINE_DYN_CONFIG_PROTO(SBINDIR) DEFINE_DYN_CONFIG_PROTO(BINDIR) DEFINE_DYN_CONFIG_PROTO(CONFIGFILE) /** Location of smb.conf file. **/ @@ -49,8 +48,6 @@ DEFINE_DYN_CONFIG_PROTO(SMB_PASSWD_FILE) DEFINE_DYN_CONFIG_PROTO(PRIVATE_DIR) DEFINE_DYN_CONFIG_PROTO(LOCALEDIR) DEFINE_DYN_CONFIG_PROTO(NMBDSOCKETDIR) - -/* these are not in s3 */ DEFINE_DYN_CONFIG_PROTO(DATADIR) DEFINE_DYN_CONFIG_PROTO(SETUPDIR) DEFINE_DYN_CONFIG_PROTO(WINBINDD_SOCKET_DIR) -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via e6a58d3 s4:rpc_server: make sure we don't terminate a connection
with pending requests (bug #9820)
via 2505d48 s4-winbindd: Do not terminate a connection that is still
pending (bug #9820)
via df929d6 service_stream: Log if the connection termination is
deferred or not (bug #9820)
from 577cef8 s3-smbstatus: display [u|g]id of -1 as -1 in connection
list
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit e6a58d370403e818bc2cfb8389751b78adcc14fd
Author: Stefan Metzmacher me...@samba.org
Date: Tue Jul 9 16:38:59 2013 +0200
s4:rpc_server: make sure we don't terminate a connection with pending
requests (bug #9820)
Sadly we may have nested event loops, which won't work correctly with
broken connections, that's why we have to do this...
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andrew Bartlett abart...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Wed Jul 10 08:47:38 CEST 2013 on sn-devel-104
commit 2505d48e4fbcd8a805a88ad0b05fb1a16a588197
Author: Andrew Bartlett abart...@samba.org
Date: Thu Jun 27 11:28:03 2013 +1000
s4-winbindd: Do not terminate a connection that is still pending (bug #9820)
Instead, wait until the call attempts to reply, and let it terminate then
(often this happens in the attempt to then write to the broken pipe).
Andrew Bartlett
Pair-Programmed-With: Stefan Metzmacher me...@samba.org
Signed-off-by: Andrew Bartlett abart...@samba.org
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andrew Bartlett abart...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
commit df929d6feb857668ad9da277213e9fae1480ff63
Author: Andrew Bartlett abart...@samba.org
Date: Thu Jun 27 11:27:03 2013 +1000
service_stream: Log if the connection termination is deferred or not (bug
#9820)
Signed-off-by: Andrew Bartlett abart...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
---
Summary of changes:
source4/rpc_server/dcerpc_server.c | 55 -
source4/rpc_server/dcerpc_server.h |8 -
source4/smbd/service_stream.c|6 +++-
source4/winbind/wb_samba3_protocol.c |5 +++
source4/winbind/wb_server.c | 51 ++-
source4/winbind/wb_server.h | 10 +-
6 files changed, 129 insertions(+), 6 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/rpc_server/dcerpc_server.c
b/source4/rpc_server/dcerpc_server.c
index 389cbe3..10e711b 100644
--- a/source4/rpc_server/dcerpc_server.c
+++ b/source4/rpc_server/dcerpc_server.c
@@ -386,6 +386,8 @@ _PUBLIC_ NTSTATUS dcesrv_endpoint_connect(struct
dcesrv_context *dce_ctx,
return NT_STATUS_NO_MEMORY;
}
+ p-prev = NULL;
+ p-next = NULL;
p-dce_ctx = dce_ctx;
p-endpoint = ep;
p-contexts = NULL;
@@ -402,7 +404,7 @@ _PUBLIC_ NTSTATUS dcesrv_endpoint_connect(struct
dcesrv_context *dce_ctx,
p-event_ctx = event_ctx;
p-msg_ctx = msg_ctx;
p-server_id = server_id;
- p-processing = false;
+ p-terminate = NULL;
p-state_flags = state_flags;
ZERO_STRUCT(p-transport);
@@ -1143,6 +1145,7 @@ _PUBLIC_ NTSTATUS dcesrv_init_context(TALLOC_CTX *mem_ctx,
dce_ctx-lp_ctx = lp_ctx;
dce_ctx-assoc_groups_idr = idr_init(dce_ctx);
NT_STATUS_HAVE_NO_MEMORY(dce_ctx-assoc_groups_idr);
+ dce_ctx-broken_connections = NULL;
for (i=0;endpoint_servers[i];i++) {
const struct dcesrv_endpoint_server *ep_server;
@@ -1269,12 +1272,45 @@ const struct dcesrv_critical_sizes
*dcerpc_module_version(void)
static void dcesrv_terminate_connection(struct dcesrv_connection *dce_conn,
const char *reason)
{
+ struct dcesrv_context *dce_ctx = dce_conn-dce_ctx;
struct stream_connection *srv_conn;
srv_conn = talloc_get_type(dce_conn-transport.private_data,
struct stream_connection);
- stream_terminate_connection(srv_conn, reason);
+ if (dce_conn-pending_call_list == NULL) {
+ char *full_reason = talloc_asprintf(dce_conn, dcesrv: %s,
reason);
+
+ DLIST_REMOVE(dce_ctx-broken_connections, dce_conn);
+ stream_terminate_connection(srv_conn, full_reason ? full_reason
: reason);
+ return;
+ }
+
+ if (dce_conn-terminate != NULL) {
+ return;
+ }
+
+ DEBUG(3,(dcesrv: terminating connection due to '%s' defered due to
pending calls\n,
+reason));
+ dce_conn-terminate = talloc_strdup(dce_conn, reason);
+ if (dce_conn
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 596b51c s4:server: avoid calling into nss_winbind from within
'samba'
from 1573638 Fix typos in man-pages
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 596b51c666e549fb518d92931d8837922154a2fe
Author: Stefan Metzmacher me...@samba.org
Date: Wed Jul 10 14:48:18 2013 +0200
s4:server: avoid calling into nss_winbind from within 'samba'
The most important part is that the 'winbind_server' doesn't
recurse into itself. This could happen if the krb5 libraries
call getlogin().
As we may run in single process mode, we need to set
_NO_WINBINDD=1 everywhere, the only exception is the forked
'smbd'.
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andrew Bartlett abart...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Wed Jul 10 23:18:06 CEST 2013 on sn-devel-104
---
Summary of changes:
file_server/file_server.c |9 +
source4/smbd/server.c |7 +++
2 files changed, 16 insertions(+), 0 deletions(-)
Changeset truncated at 500 lines:
diff --git a/file_server/file_server.c b/file_server/file_server.c
index 5d44d5a..aab5f39 100644
--- a/file_server/file_server.c
+++ b/file_server/file_server.c
@@ -28,6 +28,7 @@
#include source4/smbd/process_model.h
#include file_server/file_server.h
#include dynconfig.h
+#include nsswitch/winbind_client.h
/*
called if smbd exits
@@ -64,6 +65,8 @@ static void s3fs_task_init(struct task_server *task)
smbd_path = talloc_asprintf(task, %s/smbd, dyn_SBINDIR);
smbd_cmd[0] = smbd_path;
+ /* the child should be able to call through nss_winbind */
+ (void)winbind_on();
/* start it as a child process */
subreq = samba_runcmd_send(task, task-event_ctx, timeval_zero(), 1, 0,
smbd_cmd,
@@ -72,6 +75,12 @@ static void s3fs_task_init(struct task_server *task)
--foreground,
debug_get_output_is_stdout()?--log-stdout:NULL,
NULL);
+ /* the parent should not be able to call through nss_winbind */
+ if (!winbind_off()) {
+ DEBUG(0,(Failed to re-disable recursive winbindd calls after
forking smbd\n));
+ task_server_terminate(task, Failed to re-disable recursive
winbindd calls, true);
+ return;
+ }
if (subreq == NULL) {
DEBUG(0, (Failed to start smbd as child daemon\n));
task_server_terminate(task, Failed to startup s3fs smb task,
true);
diff --git a/source4/smbd/server.c b/source4/smbd/server.c
index 0ad3e6b..37aac62 100644
--- a/source4/smbd/server.c
+++ b/source4/smbd/server.c
@@ -43,6 +43,7 @@
#include cluster/cluster.h
#include dynconfig/dynconfig.h
#include lib/util/samba_modules.h
+#include nsswitch/winbind_client.h
/*
recursively delete a directory tree
@@ -402,6 +403,12 @@ static int binary_smbd_main(const char *binary_name, int
argc, const char *argv[
}
}
+ /* make sure we won't go through nss_winbind */
+ if (!winbind_off()) {
+ DEBUG(0,(Failed to disable recusive winbindd calls.
Exiting.\n));
+ exit(1);
+ }
+
gensec_init(); /* FIXME: */
ntptr_init(); /* FIXME: maybe run this in the initialization function
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 2bdaf53 VERSION: change to 4.2.0pre1 via a0130c6 Merge remote-tracking branch 'origin/v4-1-test' into master via e56343f VERSION: Set version to 4.1.0rc1-GITSNAPSHOT. via 0025e97 WHATSNEW: Start release notes for Samba 4.1.0rc1. via d641469 Make the output of the crackname script more readable via 47bd903 s3-winbind: Allow sec_initial_uid() to store creds. via c153e6c selftest: Use higher ip numbers. via bb122b0 selftest: Add a newline to root entries in the nss files. via 6a0cb7d selftest: Fix domain name of plugindc. via 99c800b torture: Don't segfault in smb2.session on error. via 096ff2e torture: Don't segfault in raw.session on error. via 67c8f87 torture: Fix comparsion of uninitalized bytes. via bef3fc8 tsocket: Pass the full port number to getaddrinfo(). from af6d9ce tevent: Fix a typo http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 2bdaf532cde6e5529cf7d0136b149eb82f7ef601 Author: Stefan Metzmacher me...@samba.org Date: Fri Jul 5 12:32:07 2013 +0200 VERSION: change to 4.2.0pre1 Signed-off-by: Stefan Metzmacher me...@samba.org commit a0130c662a40d6951fadae4bd9a6f7c230df05db Merge: af6d9cebaf3bc4b564952e445af035fe8aece662 e56343f1bba603852afcb816f7b5ebdf680c182e Author: Stefan Metzmacher me...@samba.org Date: Fri Jul 5 12:07:53 2013 +0200 Merge remote-tracking branch 'origin/v4-1-test' into master git merge -s ours origin/v4-1-test Signed-off-by: Stefan Metzmacher me...@samba.org --- Summary of changes: VERSION |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/VERSION b/VERSION index 766989c..59990a3 100644 --- a/VERSION +++ b/VERSION @@ -24,7 +24,7 @@ # - 3.0.0 # SAMBA_VERSION_MAJOR=4 -SAMBA_VERSION_MINOR=1 +SAMBA_VERSION_MINOR=2 SAMBA_VERSION_RELEASE=0 -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-1-test updated
The branch, v4-1-test has been updated
via fd036b8 WHATSNEW: Start release notes for Samba 4.1.0rc1.
via e5465d7 VERSION: Set version to 4.1.0rc1-GITSNAPSHOT.
via a0130c6 Merge remote-tracking branch 'origin/v4-1-test' into master
via af6d9ce tevent: Fix a typo
via a68cea6 docs: Fix typos in use ntdb section.
via 2763cad dsdb-ridalloc: Fix RID pools - RID numbers increase too
quickly
via 2536ee8 Make the output of the crackname script more readable
via caf3af3 s3-winbind: Allow sec_initial_uid() to store creds.
via a4af4fa selftest: Use higher ip numbers.
via d5511b1 selftest: Add a newline to root entries in the nss files.
via 7392985 selftest: Fix domain name of plugindc.
via bf5bc72 torture: Don't segfault in smb2.session on error.
via d295e18 torture: Don't segfault in raw.session on error.
via 474eee0 torture: Fix comparsion of uninitalized bytes.
via 0b58eed tsocket: Pass the full port number to getaddrinfo().
from e56343f VERSION: Set version to 4.1.0rc1-GITSNAPSHOT.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-1-test
- Log -
commit fd036b8df5b57fb6da6bc99e383d19070c22889c
Author: Karolin Seeger ksee...@samba.org
Date: Fri Jul 5 10:04:37 2013 +0200
WHATSNEW: Start release notes for Samba 4.1.0rc1.
Signed-off-by: Karolin Seeger ksee...@samba.org
(cherry picked from commit 0025e9782d6a2d9df56556871566a3354996a999)
commit e5465d78711ea04da8ba801b8313109cfa6465c5
Author: Karolin Seeger ksee...@samba.org
Date: Fri Jul 5 10:05:19 2013 +0200
VERSION: Set version to 4.1.0rc1-GITSNAPSHOT.
Signed-off-by: Karolin Seeger ksee...@samba.org
Autobuild-User(v4-1-test): Karolin Seeger ksee...@samba.org
Autobuild-Date(v4-1-test): Fri Jul 5 11:56:40 CEST 2013 on sn-devel-104
(cherry picked from commit e56343f1bba603852afcb816f7b5ebdf680c182e)
---
Summary of changes:
docs-xml/smbdotconf/tuning/usentdb.xml|4 ++--
lib/tevent/doc/tevent_request.dox |2 +-
source4/dsdb/samdb/ldb_modules/ridalloc.c |3 ++-
3 files changed, 5 insertions(+), 4 deletions(-)
Changeset truncated at 500 lines:
diff --git a/docs-xml/smbdotconf/tuning/usentdb.xml
b/docs-xml/smbdotconf/tuning/usentdb.xml
index 9a0d2cd..6d5ca48 100644
--- a/docs-xml/smbdotconf/tuning/usentdb.xml
+++ b/docs-xml/smbdotconf/tuning/usentdb.xml
@@ -6,9 +6,9 @@
paraBeginning in Samba 4.1, a growing number of databases can
use the NTDB format rather than TDB.
/para
-paraIf you enable this option these databases will defaul to a
+paraIf you enable this option these databases will default to a
filename.ntdb/filename extension rather than
-filename.tdb/filename: If the filename.tdb/filename file
+filename.tdb/filename. If the filename.tdb/filename file
exists, it will automatically be converted to NTDB and renamed to
filename.tdb.bak/filename.
/para
diff --git a/lib/tevent/doc/tevent_request.dox
b/lib/tevent/doc/tevent_request.dox
index 1461384..3358cfb 100644
--- a/lib/tevent/doc/tevent_request.dox
+++ b/lib/tevent/doc/tevent_request.dox
@@ -1,6 +1,6 @@
/**
@page tevent_request Chapter 4: Tevent request
-@section request Tevent requst
+@section request Tevent request
A specific feature of the library is the tevent request API that provides for
asynchronous computation and allows much more interconnected working and
diff --git a/source4/dsdb/samdb/ldb_modules/ridalloc.c
b/source4/dsdb/samdb/ldb_modules/ridalloc.c
index 73ecb03..c0859d3 100644
--- a/source4/dsdb/samdb/ldb_modules/ridalloc.c
+++ b/source4/dsdb/samdb/ldb_modules/ridalloc.c
@@ -606,7 +606,8 @@ int ridalloc_allocate_rid(struct ldb_module *module,
uint32_t *rid, struct ldb_r
/*
* if we are half-exhausted then try to get a new pool.
*/
- if (nridset.next_rid (prev_pool_hi + prev_pool_lo)/2) {
+ if (nridset.next_rid (prev_pool_hi + prev_pool_lo)/2
+ nridset.alloc_pool == nridset.prev_pool) {
/*
* if we are the RID Manager,
* we can get a new pool localy.
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 2763cad dsdb-ridalloc: Fix RID pools - RID numbers increase too
quickly
from 2536ee8 Make the output of the crackname script more readable
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 2763cad409430c183f7f1f6f57bc6b38ae616ed9
Author: Andrew Bartlett abart...@samba.org
Date: Sat Jun 22 19:30:50 2013 +1000
dsdb-ridalloc: Fix RID pools - RID numbers increase too quickly
A patch by Cove Schneider cov...@yahoo.com who reports:
I noticed that the RID numbers seem to increase incrementally, then
will suddenly jump by 124501. Unless I'm misunderstanding, shouldn't
RID pool allocations just be 500 at a time?
e.g. Adding accounts one after another on a single test instance here's
how they're incrementing (from 4.0.6):
1596
1597
1598
1599
126100
126101
126102
...
126599
251100
...
251599
376100
...
The problem is that this complicates using sssd's AD integration, as
that it doesn't expect the RIDs to increase in a single domain so
quickly.
Signed-off-by: Andrew Bartlett abart...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Thu Jul 4 20:13:05 CEST 2013 on sn-devel-104
---
Summary of changes:
source4/dsdb/samdb/ldb_modules/ridalloc.c |3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dsdb/samdb/ldb_modules/ridalloc.c
b/source4/dsdb/samdb/ldb_modules/ridalloc.c
index 73ecb03..c0859d3 100644
--- a/source4/dsdb/samdb/ldb_modules/ridalloc.c
+++ b/source4/dsdb/samdb/ldb_modules/ridalloc.c
@@ -606,7 +606,8 @@ int ridalloc_allocate_rid(struct ldb_module *module,
uint32_t *rid, struct ldb_r
/*
* if we are half-exhausted then try to get a new pool.
*/
- if (nridset.next_rid (prev_pool_hi + prev_pool_lo)/2) {
+ if (nridset.next_rid (prev_pool_hi + prev_pool_lo)/2
+ nridset.alloc_pool == nridset.prev_pool) {
/*
* if we are the RID Manager,
* we can get a new pool localy.
--
Samba Shared Repository
[SCM] Samba Shared Repository - annotated tag ldb-1.1.16 created
The annotated tag, ldb-1.1.16 has been created at f65b680fb3eac352a3e40b321c51af6d7561b217 (tag) tagging 4ca963926938917bf32af4eead61ded2a8275139 (commit) replaces tdb-1.2.12 tagged by Stefan Metzmacher on Tue Jun 25 00:04:29 2013 +0200 - Log - ldb: tag release ldb-1.1.16 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQEcBAABAgAGBQJRyMJtAAoJEEeTkWETCEAl3a8IALW0VMaCfICo6ahU+fHpY30P 4Hxvw6u0imspX1B8coeG/MSvQU2iROI5k5+05gEoyrTmXOgA9akCioapl7VM19KB qWVoprIPsy9q+R1lchGkZ7t+e9aOoGAiwYiP44SxNLeQ8SCpZaOubhz9UAzn5DUX 7scZ1I594xd1xcDFlKPFqYRylLD85gTD9RTwd2/6fmWe/Ie4N3xjxWesD7TMobk4 A1fxH6BE4w/W1tbXf2aMLmsqoG+5D6C0zikIri+RXo82YXi1fGYy5dbfFrpItIks d/FpICwkAx2/aK9j5YUU6fSrMGpWbtdrh7TZpsbbXbyejTjrYrwSwv9Fq+Ay09Q= =v1DI -END PGP SIGNATURE- Andreas Schneider (3): krb5wrap: Move mask to the right position. s3-libads: Print the debug string of a failed call with LDAP_OTHER. tevent: Link the tutorial on the mainpage. Andrew Bartlett (17): .gitignore: Tidy up after removal of the autoconf build Revert s4-dsdb: Remove strcasecmp() fallback in replmd_ldb_message_element_attid_sort auth: Remove password level docs: Do not encourage unix passwords, and remove reference to password level Remove remaining references to password level in the tree python samba-tool drs: Correctly print KCC references to deleted servers dsdb: Allow dsdb_find_dn_by_guid to show deleted DNs dsdb: Fix behaviour for when to update the USN when there is no change dsdb-tests ldap.py: Fix quoting of print statements dsdb-tests ldap.py: Add test for usn behaviour on certain changes dsdb repl_meta_data: Use dsdb_request_add_controls() build: Build with system md5.h on OpenIndiana s4-winbind: Add special case for BUILTIN domain ldb: Ensure not to segfault on a filter such as (mail=) build: Remove the struct MD5Context conf file check. ldb: Cope with substring match with no chunks in ldb_filter_from_tree ldb: bump version to allow a depencency on the substring crash fix Björn Baumbach (1): s4-dfs_server: check for netbios aliases in ad_get_referrals Christian Ambach (15): s3:utils/net_lookup fix a format-error s3:passdb/samba_dsdb fix a compiler warning s3:passdb/samba_dsdb fix some compiler warnings s3:passdb add idmap control functions s3:passdb add pdb_*_is_responsible_for* functions s3:lib/util_sid_passdb make use of pdb_is_responsible_for_* functions s3:passdb/pdb_samba_dsdb make the module handle well-known s3:passdb make pdb_sid_to_id honor backend responsibilities s3:passdb/pdb_ldap make the module handle well-known s3:passdb/pdb_ldap remove an unnecessary check s3:passdb/pdb_tdb add parameter to control handling of BUILTIN s3:passdb expose pdb_create_builtin function s3:utils/net_sam make use of pdb_create_builtin helper function s3:passdb add a gid argument to pdb_create_builtin_alias s3:passdb/pdb_util make pdb_create_builtin consider whether backend deals with BUILTIN Christof Schmitt (3): smbd: Change logging when SET_OFFLINE is not supported Initialize the file descriptor in the files_struct before trying to close it. Otherwise, if one of the SETXATTR calls had failed, the close() call will return EBADF. vfs_streams_xattr: Do not attempt to write empty attribute twice David Disseldorp (5): libsmb: add ABI/smbclient-0.2.1.sigs vfs_catia: use translate direction enum instead of int docs/vfs_catia: remove space-char mapping recommendation docs/vfs_catia: rework man page s3/smbclient: fix incorrect command tab completions David Koňař (1): tevent: Add tevent tutorial files. Jeremy Allison (14): Check for fstatat. Optimization on POSIX platforms that have fstatat. Add the ability to parse out the port to SMBC_parse_path(). Add port argument to SMBC_attr_server(). Does nothing as yet. Add the port argument to SMBC_server(). Plumb the 'port' parameter into the connect code. Add smbc_getPort(), smbc_setPort(). Bump the .so minor number. Fix xx_path() - return check from mkdir() is incorrect. Re-add umask(0) code removed by commit 3a7c2777ee0de37d758fe81d67d6836a8354825e Fix bug #9166 - Starting smbd or nmbd with stdin from /dev/null results in EOF on stdin Fix glusterfs backend crash found at the Microsoft interop event. Use existing acl map full control parameter to control the adding of the DELETE_CHILD parameter on NFSv4/ZFS/GPFS file ACE's. Add missing documentation for vfs_zfsacl. Note how vfs_gpfs uses the acl map full control parameter. Matthias Dieter Wallnöfer (4): s4:samldb LDB module - userAccountControl = 0 means UF_NORMAL_ACCOUNT on add s4:samldb
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 9f25ad4 librpc: Shorten dcerpc_binding_handle_call a bit
via 7982d2a librpc: Use tevent_req_poll_ntstatus
via 20bede7 libsmbclient: Fix typos
via fffb701 tsocket: Add some const
via cf86f3e gencache: Simplify gencache_init a bit
from c71d6ec genrand: Slightly simplify do_reseed
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 9f25ad44a93da09b3a7c14a4a1a0e78c5a1b529c
Author: Volker Lendecke v...@samba.org
Date: Thu Jun 6 11:37:59 2013 +0200
librpc: Shorten dcerpc_binding_handle_call a bit
... saves 200 bytes on 64 bit Linux with -O3
Signed-off-by: Volker Lendecke v...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Fri Jun 14 22:27:43 CEST 2013 on sn-devel-104
commit 7982d2aff89c7ff8a2371163bad5f9f88be6af46
Author: Volker Lendecke v...@samba.org
Date: Thu Jun 6 11:31:37 2013 +0200
librpc: Use tevent_req_poll_ntstatus
Signed-off-by: Volker Lendecke v...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
commit 20bede7baa3576aa0f97ceb2533db6e33d587b69
Author: Volker Lendecke v...@samba.org
Date: Thu May 16 10:26:09 2013 +0200
libsmbclient: Fix typos
Signed-off-by: Volker Lendecke v...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
commit fffb70168d8031dc1999fab963263ac7d3a2442a
Author: Volker Lendecke v...@samba.org
Date: Tue Jun 11 19:36:09 2013 +0200
tsocket: Add some const
Signed-off-by: Volker Lendecke v...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
commit cf86f3e81b4e228d5f85cac283c51ca7d5e0cd16
Author: Volker Lendecke v...@samba.org
Date: Tue Jun 11 21:03:22 2013 +0200
gencache: Simplify gencache_init a bit
Use the implicit cleanup facility CLEAR_IF_FIRST provides
Signed-off-by: Volker Lendecke v...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
---
Summary of changes:
lib/tsocket/tsocket.h |4 ++--
lib/tsocket/tsocket_bsd.c |2 +-
librpc/rpc/binding_handle.c| 22 +++---
source3/include/libsmbclient.h |8
source3/lib/gencache.c | 29 -
5 files changed, 30 insertions(+), 35 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/tsocket/tsocket.h b/lib/tsocket/tsocket.h
index 98f864e..6b0eef6 100644
--- a/lib/tsocket/tsocket.h
+++ b/lib/tsocket/tsocket.h
@@ -897,12 +897,12 @@ struct sockaddr;
* @return 0 on success, -1 on error with errno set.
*/
int tsocket_address_bsd_from_sockaddr(TALLOC_CTX *mem_ctx,
- struct sockaddr *sa,
+ const struct sockaddr *sa,
size_t sa_socklen,
struct tsocket_address **addr);
#else
int _tsocket_address_bsd_from_sockaddr(TALLOC_CTX *mem_ctx,
- struct sockaddr *sa,
+ const struct sockaddr *sa,
size_t sa_socklen,
struct tsocket_address **_addr,
const char *location);
diff --git a/lib/tsocket/tsocket_bsd.c b/lib/tsocket/tsocket_bsd.c
index 89e5f4c..4417f8e 100644
--- a/lib/tsocket/tsocket_bsd.c
+++ b/lib/tsocket/tsocket_bsd.c
@@ -209,7 +209,7 @@ struct tsocket_address_bsd {
};
int _tsocket_address_bsd_from_sockaddr(TALLOC_CTX *mem_ctx,
- struct sockaddr *sa,
+ const struct sockaddr *sa,
size_t sa_socklen,
struct tsocket_address **_addr,
const char *location)
diff --git a/librpc/rpc/binding_handle.c b/librpc/rpc/binding_handle.c
index 89ada1d..9354bbd 100644
--- a/librpc/rpc/binding_handle.c
+++ b/librpc/rpc/binding_handle.c
@@ -515,7 +515,7 @@ NTSTATUS dcerpc_binding_handle_call(struct
dcerpc_binding_handle *h,
TALLOC_CTX *frame = talloc_stackframe();
struct tevent_context *ev;
struct tevent_req *subreq;
- NTSTATUS status;
+ NTSTATUS status = NT_STATUS_NO_MEMORY;
/*
* TODO: allow only one sync call
@@ -527,30 +527,22 @@ NTSTATUS dcerpc_binding_handle_call(struct
dcerpc_binding_handle *h,
ev = samba_tevent_context_init(frame);
}
if (ev == NULL) {
- talloc_free(frame);
- return NT_STATUS_NO_MEMORY;
+ goto fail;
}
subreq = dcerpc_binding_handle_call_send(frame, ev
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 6c8 dsdb repl_meta_data: Use dsdb_request_add_controls()
from 5c488cf Initialize the file descriptor in the files_struct before
trying to close it. Otherwise, if one of the SETXATTR calls had failed, the
close() call will return EBADF.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 6c81fbf4966f707286343b19e79513915c01
Author: Andrew Bartlett abart...@samba.org
Date: Fri May 31 15:36:34 2013 +1000
dsdb repl_meta_data: Use dsdb_request_add_controls()
This makes the code easier to read.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Thu Jun 13 11:15:01 CEST 2013 on sn-devel-104
---
Summary of changes:
source4/dsdb/samdb/ldb_modules/repl_meta_data.c | 19 +--
1 files changed, 1 insertions(+), 18 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
index 0f2aa58..b6ff7ff 100644
--- a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
+++ b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
@@ -4462,7 +4462,6 @@ static int replmd_replicated_apply_next(struct
replmd_replicated_request *ar)
char *tmp_str;
char *filter;
struct ldb_request *search_req;
- struct ldb_search_options_control *options;
if (ar-index_current = ar-objs-num_objects) {
/* done with it, go to next stage */
@@ -4492,24 +4491,8 @@ static int replmd_replicated_apply_next(struct
replmd_replicated_request *ar)
ar-req);
LDB_REQ_SET_LOCATION(search_req);
- ret = ldb_request_add_control(search_req, LDB_CONTROL_SHOW_RECYCLED_OID,
- true, NULL);
- if (ret != LDB_SUCCESS) {
- return ret;
- }
-
- /* we need to cope with cross-partition links, so search for
- the GUID over all partitions */
- options = talloc(search_req, struct ldb_search_options_control);
- if (options == NULL) {
- DEBUG(0, (__location__ : out of memory\n));
- return LDB_ERR_OPERATIONS_ERROR;
- }
- options-search_options = LDB_SEARCH_OPTION_PHANTOM_ROOT;
+ ret = dsdb_request_add_controls(search_req,
DSDB_SEARCH_SEARCH_ALL_PARTITIONS|DSDB_SEARCH_SHOW_RECYCLED);
- ret = ldb_request_add_control(search_req,
- LDB_CONTROL_SEARCH_OPTIONS_OID,
- true, options);
if (ret != LDB_SUCCESS) {
return ret;
}
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via f1781ad dsdb: remove a wrong comment in
dsdb_check_access_on_dn_internal()
via 122214b dsdb: don't allow a missing nTSecurityDescriptor in
dsdb_get_sd_from_ldb_message()
via 5959aff dsdb: use AS_SYSTEM | SHOW_RECYCLED for access check
searches
via afb2bcc s4:smb_server: call irpc_add_name() at startup (bug #9905)
via 12d9728 s4:rpc_server: call irpc_add_name() at startup (bug #9905)
via a1a s4:ldap_server: call irpc_add_name() at startup (bug #9905)
from 6c8 dsdb repl_meta_data: Use dsdb_request_add_controls()
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit f1781adb051bb5a166d619ed9db6bdb252b1acb5
Author: Stefan Metzmacher me...@samba.org
Date: Thu Jun 13 14:16:43 2013 +0200
dsdb: remove a wrong comment in dsdb_check_access_on_dn_internal()
Signed-off-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Thu Jun 13 18:19:24 CEST 2013 on sn-devel-104
commit 122214b16bb2d247c8040728a6b0964531596ea9
Author: Stefan Metzmacher me...@samba.org
Date: Thu Jun 13 14:13:26 2013 +0200
dsdb: don't allow a missing nTSecurityDescriptor in
dsdb_get_sd_from_ldb_message()
Every object has a nTSecurityDescriptor attribute.
This also avoids potential segfaults in the callers.
Signed-off-by: Stefan Metzmacher me...@samba.org
commit 5959affa031843d741513000fb382efe54ff147b
Author: Stefan Metzmacher me...@samba.org
Date: Mon Jun 10 13:31:59 2013 +0200
dsdb: use AS_SYSTEM | SHOW_RECYCLED for access check searches
We need AS_SYSTEM in order to get the nTSecurityDescriptor attribute.
Also the result of this search not controlled by the client
nor is the result exposed to the client.
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andrew Bartlett abart...@samba.org
commit afb2bcc08489dbece732fc8f842cbd83862320be
Author: Stefan Metzmacher me...@samba.org
Date: Mon May 27 12:10:57 2013 +0200
s4:smb_server: call irpc_add_name() at startup (bug #9905)
We should call irpc_add_name() when we start the smb_server task.
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andrew Bartlett abart...@samba.org
commit 12d9728131afab7fa093a9cd7ccaff076a74f271
Author: Stefan Metzmacher me...@samba.org
Date: Mon May 27 12:10:57 2013 +0200
s4:rpc_server: call irpc_add_name() at startup (bug #9905)
We should call irpc_add_name() when we start the rpc_server task.
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andrew Bartlett abart...@samba.org
commit a1a4302a4eaf7e210e8084416cd2a0d14384
Author: Stefan Metzmacher me...@samba.org
Date: Mon May 27 12:10:57 2013 +0200
s4:ldap_server: call irpc_add_name() at startup (bug #9905)
We should call irpc_add_name() when we start the ldap_server task.
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andrew Bartlett abart...@samba.org
---
Summary of changes:
source4/dsdb/common/dsdb_access.c | 19 +++
source4/ldap_server/ldap_server.c |3 +++
source4/rpc_server/service_rpc.c |1 +
source4/smb_server/service_smb.c |1 +
4 files changed, 16 insertions(+), 8 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dsdb/common/dsdb_access.c
b/source4/dsdb/common/dsdb_access.c
index 6af5c3a..5c02daa 100644
--- a/source4/dsdb/common/dsdb_access.c
+++ b/source4/dsdb/common/dsdb_access.c
@@ -64,9 +64,9 @@ int dsdb_get_sd_from_ldb_message(struct ldb_context *ldb,
enum ndr_err_code ndr_err;
sd_element = ldb_msg_find_element(acl_res, nTSecurityDescriptor);
- if (!sd_element) {
- *sd = NULL;
- return LDB_SUCCESS;
+ if (sd_element == NULL) {
+ return ldb_error(ldb, LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS,
+nTSecurityDescriptor is missing);
}
*sd = talloc(mem_ctx, struct security_descriptor);
if(!*sd) {
@@ -101,10 +101,7 @@ int dsdb_check_access_on_dn_internal(struct ldb_context
*ldb,
if (ret != LDB_SUCCESS) {
return ldb_operr(ldb);
}
- /* Theoretically we pass the check if the object has no sd */
- if (!sd) {
- return LDB_SUCCESS;
- }
+
sid = samdb_result_dom_sid(mem_ctx, acl_res-msgs[0], objectSid);
if (guid) {
if (!insert_in_object_tree(mem_ctx, guid, access_mask, NULL,
@@ -159,7 +156,13 @@ int dsdb_check_access_on_dn(struct ldb_context *ldb,
}
}
- ret = dsdb_search_dn(ldb, mem_ctx, acl_res, dn, acl_attrs,
DSDB_SEARCH_SHOW_DELETED);
+ /*
+* We
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 68f8f4e dsdb-tests ldap.py: Add test for usn behaviour on certain
changes
via 51298d3 dsdb-tests ldap.py: Fix quoting of print statements
via 96980f7 dsdb: Fix behaviour for when to update the USN when there
is no change
via e461ff5 dsdb: Allow dsdb_find_dn_by_guid to show deleted DNs
via eec29db python samba-tool drs: Correctly print KCC references to
deleted servers
from 3e66cb7 Fix bug #9932 - Currently the maximum number of aces in an
SD is limited to 1000, but Microsoft supports around 1800.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 68f8f4ec4dbbdb20c4c51a6059535b5ef669373f
Author: Andrew Bartlett abart...@samba.org
Date: Fri May 31 14:14:54 2013 +1000
dsdb-tests ldap.py: Add test for usn behaviour on certain changes
This probes when the usn is updated, and when it is not.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Wed Jun 12 11:54:01 CEST 2013 on sn-devel-104
commit 51298d33dd28e034967db38312e0129935a27a66
Author: Andrew Bartlett abart...@samba.org
Date: Fri May 31 11:15:51 2013 +1000
dsdb-tests ldap.py: Fix quoting of print statements
While python didn't mind (oddly) it really confused my editor.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher me...@samba.org
commit 96980f7c04cc4226ed109654025b8254921f8d58
Author: Andrew Bartlett abart...@samba.org
Date: Fri May 31 14:16:02 2013 +1000
dsdb: Fix behaviour for when to update the USN when there is no change
This handles deletions and replacements with no value, or with an
exactly specified value, as well as modifies.
Pair-Programmed-With: Stefan Metzmacher me...@samba.org
Andrew Bartlett
Signed-off-by: Stefan Metzmacher me...@samba.org
commit e461ff530046199b7e647b81d6dfb2746f68b0d7
Author: Andrew Bartlett abart...@samba.org
Date: Mon Jun 10 12:22:40 2013 +1000
dsdb: Allow dsdb_find_dn_by_guid to show deleted DNs
This helps us in the KCC as we need to return the deleted DN for the GUID
in DsReplicaGetInfo calls (tested for deleted servers against Windows
2008R2).
Andrew Bartlett
Reviewed-by: Stefan Metzmacher me...@samba.org
commit eec29db7c237c70732f94e33147c960fa8df39fb
Author: Andrew Bartlett abart...@samba.org
Date: Mon Jun 10 11:43:18 2013 +1000
python samba-tool drs: Correctly print KCC references to deleted servers
Tested against Windows 2008R2, presumably before the KCC ran.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher me...@samba.org
---
Summary of changes:
python/samba/netcmd/drs.py | 15 ++-
source4/dsdb/common/util.c |6 +-
source4/dsdb/kcc/kcc_connection.c |4 +-
source4/dsdb/kcc/kcc_drs_replica_info.c | 10 +-
source4/dsdb/repl/drepl_partitions.c|2 +-
source4/dsdb/samdb/ldb_modules/repl_meta_data.c | 34 +++-
source4/dsdb/tests/python/ldap.py | 229 ---
source4/rpc_server/drsuapi/getncchanges.c |4 +-
8 files changed, 222 insertions(+), 82 deletions(-)
Changeset truncated at 500 lines:
diff --git a/python/samba/netcmd/drs.py b/python/samba/netcmd/drs.py
index ff8d830..de78ac7 100644
--- a/python/samba/netcmd/drs.py
+++ b/python/samba/netcmd/drs.py
@@ -170,10 +170,19 @@ class cmd_drs_showrepl(Command):
self.message( KCC CONNECTION OBJECTS \n)
for c in conn:
-c_rdn, sep, c_server_dn = c['fromServer'][0].partition(',')
-c_server_res = self.samdb.search(base=c_server_dn,
scope=ldb.SCOPE_BASE, attrs=[dnsHostName])
-c_server_dns = c_server_res[0][dnsHostName][0]
self.message(Connection --)
+
+c_rdn, sep, c_server_dn = c['fromServer'][0].partition(',')
+try:
+c_server_res = self.samdb.search(base=c_server_dn,
scope=ldb.SCOPE_BASE, attrs=[dnsHostName])
+c_server_dns = c_server_res[0][dnsHostName][0]
+except ldb.LdbError, (errno, _):
+if errno == ldb.ERR_NO_SUCH_OBJECT:
+self.message(\tWARNING: Connection to DELETED server!)
+c_server_dns =
+except KeyError:
+c_server_dns =
+
self.message(\tConnection name: %s % c['name'][0])
self.message(\tEnabled: %s % attr_default(c,
'enabledConnection', 'TRUE'))
self.message(\tServer DNS name : %s % c_server_dns)
diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c
index 8e40776..7a243c3 100644
--- a/source4/dsdb/common/util.c
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 3fba9ba dsdb: reset schema-{classes,attributes}_to_remove_size to 0
via d2f8471 dsdb: use the correct talloc parent in
dsdb_repl_merge_working_schema()
via 5263f0a Revert s4-dsdb: Remove strcasecmp() fallback in
replmd_ldb_message_element_attid_sort
from 424a990 s4-dfs_server: check for netbios aliases in ad_get_referrals
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 3fba9ba7ea85e33faac2718d2463c5d0cd2d85f4
Author: Stefan Metzmacher me...@samba.org
Date: Mon Jun 10 10:46:41 2013 +0200
dsdb: reset schema-{classes,attributes}_to_remove_size to 0
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andrew Bartlett abart...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Tue Jun 11 11:40:39 CEST 2013 on sn-devel-104
commit d2f847149d3d1310c829169564704b45ac43e978
Author: Stefan Metzmacher me...@samba.org
Date: Mon Jun 10 10:45:25 2013 +0200
dsdb: use the correct talloc parent in dsdb_repl_merge_working_schema()
schema-{classes,attributes} are the DLIST pointer not an array.
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andrew Bartlett abart...@samba.org
commit 5263f0a626dac3ac1fc48ece2324438279f187f0
Author: Andrew Bartlett abart...@samba.org
Date: Wed Jun 5 20:44:17 2013 +1000
Revert s4-dsdb: Remove strcasecmp() fallback in
replmd_ldb_message_element_attid_sort
This reverts commit d799b25dd3ed0f72ee03949225ba241c5538d7d6.
Sometimes the schema just isn't right. A segfault is not the correct
answer in those cases.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher me...@samba.org
---
Summary of changes:
source4/dsdb/repl/replicated_objects.c |4 ++--
source4/dsdb/samdb/ldb_modules/repl_meta_data.c |7 +++
source4/dsdb/schema/schema_set.c|4 +++-
3 files changed, 12 insertions(+), 3 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dsdb/repl/replicated_objects.c
b/source4/dsdb/repl/replicated_objects.c
index b0abc1a..e018aa4 100644
--- a/source4/dsdb/repl/replicated_objects.c
+++ b/source4/dsdb/repl/replicated_objects.c
@@ -58,7 +58,7 @@ static WERROR dsdb_repl_merge_working_schema(struct
ldb_context *ldb,
* as the rest won't be modified and this is for
* a short lived object.
*/
- tmp2 = talloc(dest_schema-classes, struct dsdb_class);
+ tmp2 = talloc(dest_schema, struct dsdb_class);
if (tmp2 == NULL) {
return WERR_NOMEM;
}
@@ -85,7 +85,7 @@ static WERROR dsdb_repl_merge_working_schema(struct
ldb_context *ldb,
* as the rest won't be modified and this is for
* a short lived object.
*/
- tmp2 = talloc(dest_schema-attributes, struct dsdb_attribute);
+ tmp2 = talloc(dest_schema, struct dsdb_attribute);
if (tmp2 == NULL) {
return WERR_NOMEM;
}
diff --git a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
index 98e60d7..24dcc6f 100644
--- a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
+++ b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
@@ -663,6 +663,13 @@ static int replmd_ldb_message_element_attid_sort(const
struct ldb_message_elemen
a1 = dsdb_attribute_by_lDAPDisplayName(schema, e1-name);
a2 = dsdb_attribute_by_lDAPDisplayName(schema, e2-name);
+ /*
+* TODO: remove this check, we should rely on e1 and e2 having valid
attribute names
+* in the schema
+*/
+ if (!a1 || !a2) {
+ return strcasecmp(e1-name, e2-name);
+ }
if (a1-attributeID_id == a2-attributeID_id) {
return 0;
}
diff --git a/source4/dsdb/schema/schema_set.c b/source4/dsdb/schema/schema_set.c
index 73264f9..ce8facb 100644
--- a/source4/dsdb/schema/schema_set.c
+++ b/source4/dsdb/schema/schema_set.c
@@ -338,8 +338,10 @@ int dsdb_setup_sorted_accessors(struct ldb_context *ldb,
TALLOC_FREE(schema-attributes_to_remove[i]);
}
- TALLOC_FREE(schema-attributes_to_remove);
TALLOC_FREE(schema-classes_to_remove);
+ schema-classes_to_remove_size = 0;
+ TALLOC_FREE(schema-attributes_to_remove);
+ schema-attributes_to_remove_size = 0;
/* free all caches */
dsdb_sorted_accessors_free(schema);
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via d1feccb tdb: change version to tdb-1.2.12
from 55add52 smbcquotas.c: fix a bug of -t
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit d1feccb35e987545f4ae8e3f4eb0b4fc741e7e7e
Author: Stefan Metzmacher me...@samba.org
Date: Tue Jun 4 10:48:20 2013 +0200
tdb: change version to tdb-1.2.12
* internal code cleanups
* crash fix for pytdb
* fix for 4GB overflow detection
See http://permalink.gmane.org/gmane.network.samba.internals/42906 for
an example of what happens.
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andreas Schneider a...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Tue Jun 4 16:07:55 CEST 2013 on sn-devel-104
---
Summary of changes:
lib/tdb/ABI/{tdb-1.2.11.sigs = tdb-1.2.12.sigs} |0
lib/tdb/wscript |2 +-
2 files changed, 1 insertions(+), 1 deletions(-)
copy lib/tdb/ABI/{tdb-1.2.11.sigs = tdb-1.2.12.sigs} (100%)
Changeset truncated at 500 lines:
diff --git a/lib/tdb/ABI/tdb-1.2.11.sigs b/lib/tdb/ABI/tdb-1.2.12.sigs
similarity index 100%
copy from lib/tdb/ABI/tdb-1.2.11.sigs
copy to lib/tdb/ABI/tdb-1.2.12.sigs
diff --git a/lib/tdb/wscript b/lib/tdb/wscript
index 7a3d0fa..00a1c34 100644
--- a/lib/tdb/wscript
+++ b/lib/tdb/wscript
@@ -1,7 +1,7 @@
#!/usr/bin/env python
APPNAME = 'tdb'
-VERSION = '1.2.11'
+VERSION = '1.2.12'
blddir = 'bin'
--
Samba Shared Repository
[SCM] Samba Shared Repository - annotated tag tdb-1.2.12 created
The annotated tag, tdb-1.2.12 has been created at e88be38520d8ec2c0af18897082bd881f0a3ee24 (tag) tagging d1feccb35e987545f4ae8e3f4eb0b4fc741e7e7e (commit) replaces tevent-0.9.18 tagged by Stefan Metzmacher on Tue Jun 4 16:28:29 2013 +0200 - Log - tdb: tag release tdb-1.2.12 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQEcBAABAgAGBQJRrfmNAAoJEEeTkWETCEAlCS0IAMcsCJRSu5+Gtew7Kv39Ewp8 2un+vZZid1OakiBJnakl7U2qoF65e2Rup9vwj4b2vAWqCNFXlJ+xzERjWpBj5UhG HQUcJGYinqSGJo7k3bUy2QNQu0duHJj/bvf1tBjcYX14OLH0qWKIxYujZ2VSR/sB tiA20e0O8GyauZBasibmHpJMJTCHuCBC51Tzzl5Wj6hSrvEZcrY8LYYhULttmiXN oUF4sVqg6meMalduwhzb8YZLnO3kmDcNo5UiD41y02ObbgCmvb63qrqm6SBmBo5U dtukFdvcJBVqBvRrIByp4x1v/d0DzWR5YVrEry5qBD22av0iprpjoHc9i1hmZ7g= =wQpl -END PGP SIGNATURE- Abhidnya Joshi (2): s3:winbindd/autorid multiple range support docs-xml: manpage update for autorid multirange support Alexander Bokovoy (4): wafsamba: fix samba_abi for default catch-all case s3-waf: filter out ldapsam internal init functions PASSDB: add support to set and enumerate UPN suffixes associated with our forest s3-netlogon: enumerate UPN suffixes from PASSDB when available Alexander Werth (13): vfs: Fix compile of vfs_gpfs.c. vfs: Add inheritance emulation to vfs_nfs4acl_xattr. s4-smbtorture: Set result message when failing the inheritance test. s3: Move up declaration of params struct and related function. s3: Change smbacl4_get_vfs_params to use connection_struct instead of fsp. s3: Add params parameter to smbacl4_nfs42win function. s3: Mapping of special entries to creator owner in mode simple. s3: Mapping of cifs creator owner to nfs owner@ ace. s3: Add changes that keep nfs4:mode special behavior. s3: Use mode bits in some cases in mode simple. s3: Update README.nfs4acls.txt s3: Update vfs_gpfs man page with new nfs4:mode help text. s4-smbtorture: Run tests for nfs4:modes simple and special. Amitay Isaacs (8): samba-tool/dns: Fix a typo in ttl variable name s4-dns: Print/Set minimumTTL value in SOA record s4-rpc: dnsserver: Fix removal of trailing '.' in soa mname s4-rpc: dnsserver: dns_name_equal() returns boolean s4-rpc: dnsserver: When updating SOA record, use the specified serial s4-dns: Support update of SOA records samba-tool/dns: Pass on additional flags when creating zones samba-tool/dns: Set secure zone update flag after creating new zone Anand Avati (3): check_parent_exists() can change errno. Ensure we preserve it across calls. building RPMs on RHEL fail because of a typo. vfs_glusterfs: Samba VFS module for glusterfs Andreas Schneider (35): winbind: Use talloc for allocating domain, dns, forest and dc name. winbind: Correctly use names in the domain struct. winbind: Fix samba3.winbind.struct test. waf: Correctly check for prctl in just one place. lib: Add prctl_set_comment to utils. s3-daemons: Set the comment field of the daemons. krb5_wrap: Make sure we don't dereference a NULL pointer. winbind: Fix no memory check in _wbint_PingDc(). s4-client: Make sure entry is a valid string. s4-libregistry: Make sure we don't dereference a NULL pointer. s4-libregistry: Fix path check and improve while loops. gensec: recv_handler can't be NULL at that point. dsdb: Check for pointers before we deference them. s4-libregistry: Improve NULL handling of name. Make sure to set umask() before calling mkstemp(). pidl: Add skip option to elements. ndr: Add ndr_ntprinting_string_flags() function. idl: Add flags for strings in ntprinting idl. ndr: Pass down string_flags in ndr_pull_ntprinting_printer(). s3-net: Add encoding=CP to 'net printing migrate'. s3-net: Add encoding=CP to 'net printing dump'. torture: Add ntprinting latin1 test. torture: Update ndr README. BUG 9735: Fix winbind seperator in upn to username conversion. epm: Increase debug level for already registered endpoints. BUG 9758: Don't leak the epm_Map policy handle. BUG 9699: Fix adding case sensitive spn. BUG 9139: Fix the username map optimization. BUG 9766: Cache name_to_sid/sid_to_name correctly. BUG 9817: Fix 'map untrusted to domain' with NTLMv2. waf: Create a better wscript for finding ncurses. regedit: Don't panic if we can't open the file. regedit: Remove talloc leak report. regedit: Improve the while loop. regedit: Use color only when available. Andrew Bartlett (144): build: Rename samba_python waf node to avoid duplicate name build: Change bin/default/python - bin/python symlink to bin/default/python_modules samba-tool dbcheck: fix comment on err_wrong_sd samba-tool
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 277831e dsdb-repl_meta_data: Move TODO comment about conflicts and
missing parents
via 2d38009 torture: Add tests of rename behaviour to replica_sync.py
via 6960f8e dsdb-repl_meta_data: Handle renames better, considering
only the RDN as given, and then the parent as given
via 54e092b dsdb-linked_attributes: Do not crash if the target GUID can
not be found
from 3bd686c tdb: fix logging of offets and lengths.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 277831eaf140c06bb25a3549434bc4acd4f533ec
Author: Andrew Bartlett abart...@samba.org
Date: Thu May 16 17:51:56 2013 +1000
dsdb-repl_meta_data: Move TODO comment about conflicts and missing parents
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Tue May 28 18:11:00 CEST 2013 on sn-devel-104
commit 2d38009852487ab3572b66817ed0492333b5ec7d
Author: Andrew Bartlett abart...@samba.org
Date: Thu May 16 15:24:25 2013 +1000
torture: Add tests of rename behaviour to replica_sync.py
Reviewed-by: Stefan Metzmacher me...@samba.org
commit 6960f8e4c3d683103580aa91605f951bc227dbed
Author: Andrew Bartlett abart...@samba.org
Date: Thu May 16 15:19:20 2013 +1000
dsdb-repl_meta_data: Handle renames better, considering only the RDN as
given, and then the parent as given
This ignores the full DN as given, because the parent compents might be out
of date.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher me...@samba.org
commit 54e092bb31001879f4d7a49e36a226c27b4d9843
Author: Andrew Bartlett abart...@samba.org
Date: Thu May 16 13:52:51 2013 +1000
dsdb-linked_attributes: Do not crash if the target GUID can not be found
Note that we must not give an error when we cannot find the object
that should hold the backlink, there really isn't anything we can do
in this case.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher me...@samba.org
---
Summary of changes:
source4/dsdb/samdb/ldb_modules/linked_attributes.c | 15 ++
source4/dsdb/samdb/ldb_modules/repl_meta_data.c| 230 ---
source4/torture/drs/python/replica_sync.py | 104 +
3 files changed, 264 insertions(+), 85 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dsdb/samdb/ldb_modules/linked_attributes.c
b/source4/dsdb/samdb/ldb_modules/linked_attributes.c
index a55ec87..eb57f91 100644
--- a/source4/dsdb/samdb/ldb_modules/linked_attributes.c
+++ b/source4/dsdb/samdb/ldb_modules/linked_attributes.c
@@ -4,6 +4,7 @@
Copyright (C) Andrew Bartlett abart...@samba.org 2007
Copyright (C) Simo Sorce i...@samba.org 2008
Copyright (C) Matthieu Patou m...@matws.net 2011
+ Copyright (C) Andrew Tridgell 2009
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -729,6 +730,20 @@ static int linked_attributes_fix_links(struct ldb_module
*module,
talloc_free(tmp_ctx);
return ret;
}
+ if (res-count == 0) {
+ /* Forward link without backlink object remaining -
nothing to do here */
+ continue;
+ }
+ if (res-count != 1) {
+ ldb_asprintf_errstring(ldb, Linked attribute %s-%s
between %s and %s - target GUID %s found more than once!,
+ el-name,
target-lDAPDisplayName,
+ ldb_dn_get_linearized(old_dn),
+
ldb_dn_get_linearized(dsdb_dn-dn),
+ GUID_string(tmp_ctx,
link_guid));
+ talloc_free(tmp_ctx);
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+
msg = res-msgs[0];
if (msg-num_elements == 0) {
diff --git a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
index 651cdf1..98e60d7 100644
--- a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
+++ b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
@@ -94,6 +94,8 @@ struct replmd_replicated_request {
bool is_urgent;
};
+static int replmd_replicated_apply_merge(struct replmd_replicated_request *ar);
+
enum urgent_situation {
REPL_URGENT_ON_CREATE = 1,
REPL_URGENT_ON_UPDATE = 2,
@@ -3656,15 +3658,6 @@ static int replmd_replicated_apply_add(struct
replmd_replicated_request *ar)
int ret;
bool remote_isDeleted = false;
- /*
-* TODO: check if the parent object exist
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 2ed6b08 auth: Ensure auth_sam is not used on the AD DC via 9b24f65 dsdb: Expand on what the error finding the ntSecurityDescriptor was in acl_read via 60d1c2d autobuild.py add ntdb to the samba-libs task, to ensure it works as an external library via 73628e9 rpc_server-drsuapi: Include the failing DN when unable to convert DB objects to DRS via 11e716a dsdb-schema: Print clear debug message when we find a OID in our local DB we cannot convert via 25402e0 dsdb-repl: Allow the name attribute (and name-based schema lookups) to be skipped in dsdb_repl_make_working_schema() via 3482060 python-samba-tool domain classicupgrade: Use transactions when adding users/groups/members via ef895fe samba-tool dbcheck: Use dsdb.DS_GUID_DELETED_OBJECTS_CONTAINER rather than the literal value via 9c5756c python-samba-tool domain classicupgrade: Correct message about re-promoting BDCs via 1165776 pdb_ldap: Do not skip accounts without a sambaAcctFlags value via 2c04719 python-samba-tool domain classicupgrade: Actually Skip domain trust accounts via 2e1f143 python-samba-tool domain classicupgrade: Skip machine accounts that do not end in $ via 2044541 build: Do not set PATH in install_with_python now we set $PYTHON via 10f6926 s3-rpc_server: Ensure we are root when starting and usiing gensec via 9430310 gensec: Make the no-hostname status message much less scary via 768c3bb build: Blacklist the release-4-0-0 provision as well from 46e98cf dns: Fix allocation of txt_record in txt record tests http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 2ed6b0818a68ac07bd9c4270522aa8e2098ec140 Author: Andrew Bartlett abart...@samba.org Date: Thu May 16 10:32:50 2013 +1000 auth: Ensure auth_sam is not used on the AD DC Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Thu May 16 22:51:26 CEST 2013 on sn-devel-104 commit 9b24f6523e8c78879ada3e6d2927ebbb21dabfdc Author: Andrew Bartlett abart...@samba.org Date: Mon May 13 14:06:14 2013 +1200 dsdb: Expand on what the error finding the ntSecurityDescriptor was in acl_read Reviewed-by: Stefan Metzmacher me...@samba.org commit 60d1c2d5288b01bd9a99f90bb0a9d0ff3c873412 Author: Andrew Bartlett abart...@samba.org Date: Mon May 13 14:05:28 2013 +1200 autobuild.py add ntdb to the samba-libs task, to ensure it works as an external library Reviewed-by: Stefan Metzmacher me...@samba.org commit 73628e9cd9005478cdb225f01917eb54270a3c05 Author: Andrew Bartlett abart...@samba.org Date: Tue Apr 2 16:10:03 2013 +1100 rpc_server-drsuapi: Include the failing DN when unable to convert DB objects to DRS This is a very serious situation (it should not happen) so getting information on the objects that this happens for would be very helpful. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org commit 11e716ae0736067272868b997367e94ebf1cdf3b Author: Andrew Bartlett abart...@samba.org Date: Tue Apr 2 15:36:47 2013 +1100 dsdb-schema: Print clear debug message when we find a OID in our local DB we cannot convert We need to work out why we are unable to make a mapping for an OID in our database, because we should not have been able to add it without such a mapping. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org commit 25402e06bcdf98e346fdbbfa7e8740504329b42f Author: Andrew Bartlett abart...@samba.org Date: Tue Mar 26 11:51:38 2013 +1100 dsdb-repl: Allow the name attribute (and name-based schema lookups) to be skipped in dsdb_repl_make_working_schema() This allows us to use a schema that may only be valid for attributeID based lookups, during the schema load. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org commit 34820602715cc8936179091e188993f7a42808ac Author: Andrew Bartlett abart...@samba.org Date: Sun Apr 14 14:36:08 2013 +1000 python-samba-tool domain classicupgrade: Use transactions when adding users/groups/members This should make things a bit faster when importing very large numbers of users as we will not constantly rewrite the indicies on disk. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org commit ef895fe9e4e4043bd4ce1db5007fd2016f0b8673 Author: Andrew Bartlett abart...@samba.org Date: Sun Apr 14 13:32:05 2013 +1000 samba-tool dbcheck: Use dsdb.DS_GUID_DELETED_OBJECTS_CONTAINER rather than the literal value This is better practice. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org commit 9c5756c077896e6a3ff8e610acf706f203e4dede Author
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via fbb12b5 samba-tool/tests: Force the gecos of the user to a fixed
value.
via 54f4536 dsdb-drepl: create a new schedulable event for running
pending operations
from 8c3fa00 lib/param: remove unused 'printer_admin'
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit fbb12b574df69a1cda0a3f201f21279650ddc4c4
Author: Matthieu Patou m...@matws.net
Date: Tue May 14 06:20:18 2013 -0700
samba-tool/tests: Force the gecos of the user to a fixed value.
When --gecos is not specified samba-tool user add will try to read the
gecos field from a getpw call. And if user's GECOS is empty (like the
build user on sn-devel-104) then the test will fail because we can't add
an empty gecos.
Signed-off-by: Matthieu Patou m...@matws.net
Reviewed-by: Jelmer Vernooij jel...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Wed May 15 16:19:23 CEST 2013 on sn-devel-104
commit 54f4536980d86faf532708c92890dd9e8b09667a
Author: Matthieu Patou m...@matws.net
Date: Wed May 15 04:46:33 2013 -0700
dsdb-drepl: create a new schedulable event for running pending operations
So instead of running dreplsrv_periodic_schedule when receiving a
DRS_REPLICA_SYNC request which will force the DC to look for changes
with all the DC it usually replicate to, we reduce it to the DC
specified in the DRS_REPLICA_SYNC request. It will allow also to do have the
correct options as set by the client who send the DRS_REPLICA_SYNC.
Signed-off-by: Matthieu Patou m...@matws.net
Reviewed-by: Stefan Metzmacher me...@samba.org
---
Summary of changes:
python/samba/tests/samba_tool/user.py | 11 +-
source4/dsdb/repl/drepl_periodic.c| 61 +
source4/dsdb/repl/drepl_service.c |2 +-
source4/dsdb/repl/drepl_service.h | 17 +
4 files changed, 89 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/python/samba/tests/samba_tool/user.py
b/python/samba/tests/samba_tool/user.py
index 89fa22b..645eb40 100644
--- a/python/samba/tests/samba_tool/user.py
+++ b/python/samba/tests/samba_tool/user.py
@@ -212,12 +212,20 @@ class UserCmdTestCase(SambaToolCmdTest):
self.skipTest(Skipping getpwent test, current EUID not found in
NSS)
return
+
+# samba-tool user add command didn't support users with empty gecos if none is
+# specified on the command line and the user hasn't one in the passwd file it
+# will fail, so let's add some contents
+
+gecos = u[4]
+if (gecos is None or len(gecos) == 0):
+gecos = Foo GECOS
user = self._randomPosixUser({
name: u[0],
uid: u[0],
uidNumber: u[2],
gidNumber: u[3],
-gecos: u[4],
+gecos: gecos,
loginShell: u[6],
})
# check if --rfc2307-from-nss sets the same values as we got from
pwd.getpwuid()
@@ -228,6 +236,7 @@ class UserCmdTestCase(SambaToolCmdTest):
--department=%s %
user[department],
--description=%s %
user[description],
--company=%s %
user[company],
+--gecos=%s % user[gecos],
--rfc2307-from-nss,
-H, ldap://%s; %
os.environ[DC_SERVER],
-U%s%%%s %
(os.environ[DC_USERNAME], os.environ[DC_PASSWORD]))
diff --git a/source4/dsdb/repl/drepl_periodic.c
b/source4/dsdb/repl/drepl_periodic.c
index 62b4092..d6b9467 100644
--- a/source4/dsdb/repl/drepl_periodic.c
+++ b/source4/dsdb/repl/drepl_periodic.c
@@ -133,3 +133,64 @@ void dreplsrv_run_pending_ops(struct dreplsrv_service *s)
dreplsrv_notify_run_ops(s);
}
}
+
+static void dreplsrv_pending_run(struct dreplsrv_service *service);
+
+static void dreplsrv_pending_handler_te(struct tevent_context *ev, struct
tevent_timer *te,
+ struct timeval t, void *ptr)
+{
+ struct dreplsrv_service *service = talloc_get_type(ptr, struct
dreplsrv_service);
+
+ service-pending.te = NULL;
+
+ dreplsrv_pending_run(service);
+}
+
+WERROR dreplsrv_pendingops_schedule(struct dreplsrv_service *service, uint32_t
next_interval)
+{
+ TALLOC_CTX *tmp_mem;
+ struct tevent_timer *new_te;
+ struct timeval next_time;
+
+ /* prevent
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 8c3fa00 lib/param: remove unused 'printer_admin'
via 0ffd074 doc-xml/smbdotconf: fix server [min|max] protocol
documentation
via 8a878ec talloc: only provide the --enable-talloc-compat1 in
standalone build
via f08205b winbind/idmap_ad: be verbose about the user that we fail to
map
from 5868acc vfs_gpfs: slightly simplify connect()
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 8c3fa009ca6e80bf6e8f9daf786b3ec490c735af
Author: Stefan Metzmacher me...@samba.org
Date: Mon Apr 29 12:27:25 2013 +0200
lib/param: remove unused 'printer_admin'
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Michael Adam ob...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Tue May 14 21:45:19 CEST 2013 on sn-devel-104
commit 0ffd074690529a1833e29829b552b3cf6ebcd914
Author: Stefan Metzmacher me...@samba.org
Date: Tue Apr 30 08:39:00 2013 +0200
doc-xml/smbdotconf: fix server [min|max] protocol documentation
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Michael Adam ob...@samba.org
commit 8a878ec74bd24180aa73cfb39ff4a6c3e72d9d0b
Author: Stefan Metzmacher me...@samba.org
Date: Tue May 7 14:15:35 2013 +0200
talloc: only provide the --enable-talloc-compat1 in standalone build
The compat library is already only built in standalone build,
so we need the configure option also only in the standalone build.
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Michael Adam ob...@samba.org
commit f08205be7003f6c0a15fd5fd99d01951164ad15c
Author: Björn Jacke b...@sernet.de
Date: Tue May 14 16:51:28 2013 +0200
winbind/idmap_ad: be verbose about the user that we fail to map
Reviewed-by: Stefan Metzmacher me...@samba.org
---
Summary of changes:
docs-xml/smbdotconf/protocol/servermaxprotocol.xml | 10 --
docs-xml/smbdotconf/protocol/serverminprotocol.xml |2 +-
lib/param/param_functions.c|1 -
lib/talloc/wscript | 10 ++
source3/winbindd/idmap_ad.c|5 +++--
5 files changed, 10 insertions(+), 18 deletions(-)
Changeset truncated at 500 lines:
diff --git a/docs-xml/smbdotconf/protocol/servermaxprotocol.xml
b/docs-xml/smbdotconf/protocol/servermaxprotocol.xml
index 94184c8..822e42b 100644
--- a/docs-xml/smbdotconf/protocol/servermaxprotocol.xml
+++ b/docs-xml/smbdotconf/protocol/servermaxprotocol.xml
@@ -10,16 +10,6 @@
paraPossible values are :/para
itemizedlist
listitem
- paraconstantCORE/constant: Earliest version. No
- concept of user names./para
- /listitem
-
- listitem
- paraconstantCOREPLUS/constant: Slight improvements on
- CORE for efficiency./para
- /listitem
-
- listitem
paraconstantLANMAN1/constant: First
emphasismodern/emphasis
version of the protocol. Long filename support./para
/listitem
diff --git a/docs-xml/smbdotconf/protocol/serverminprotocol.xml
b/docs-xml/smbdotconf/protocol/serverminprotocol.xml
index c62ebb3..fc249fc 100644
--- a/docs-xml/smbdotconf/protocol/serverminprotocol.xml
+++ b/docs-xml/smbdotconf/protocol/serverminprotocol.xml
@@ -18,6 +18,6 @@
relatedserver max protocol/related
-value type=defaultCORE/value
+value type=defaultLANMAN1/value
value type=exampleNT1/value
/samba:parameter
diff --git a/lib/param/param_functions.c b/lib/param/param_functions.c
index 7cb3a69..6fc7801 100644
--- a/lib/param/param_functions.c
+++ b/lib/param/param_functions.c
@@ -72,7 +72,6 @@ FN_LOCAL_STRING(force_user, force_user)
FN_LOCAL_STRING(force_group, force_group)
FN_LOCAL_LIST(readlist, readlist)
FN_LOCAL_LIST(writelist, writelist)
-FN_LOCAL_LIST(printer_admin, printer_admin)
FN_LOCAL_LIST(vfs_objects, szVfsObjects)
FN_LOCAL_STRING(msdfs_proxy, szMSDfsProxy)
static FN_LOCAL_STRING(volume, volume)
diff --git a/lib/talloc/wscript b/lib/talloc/wscript
index bd7708e..ecc5e24 100644
--- a/lib/talloc/wscript
+++ b/lib/talloc/wscript
@@ -27,10 +27,10 @@ def set_options(opt):
opt.BUILTIN_DEFAULT('replace')
opt.PRIVATE_EXTENSION_DEFAULT('talloc', noextension='talloc')
opt.RECURSE('lib/replace')
-opt.add_option('--enable-talloc-compat1',
- help=(Build talloc 1.x.x compat library [False]),
- action=store_true, dest='TALLOC_COMPAT1', default=False)
if opt.IN_LAUNCH_DIR():
+opt.add_option('--enable-talloc-compat1',
+ help=(Build talloc 1.x.x compat library [False]),
+ action=store_true, dest='TALLOC_COMPAT1',
default=False)
opt.add_option
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 99c95fc libsmb: call directly tevent_req_simple_finish_ntstatus
from bf33239 Fix warnings and one compile error caused by newer gcc 4.7.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 99c95fc98309a7aa08cfc37c4de5105d90696b7a
Author: Matthieu Patou m...@matws.net
Date: Sun May 5 14:53:40 2013 -0700
libsmb: call directly tevent_req_simple_finish_ntstatus
The CC compiler on openindiana is not pleased with a void function doing
a return of another void function.
It should help the build of openindiana on the buildfarm
Signed-off-by: Matthieu Patou m...@matws.net
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Mon May 6 08:35:10 CEST 2013 on sn-devel-104
---
Summary of changes:
source3/libsmb/cliconnect.c |4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c
index 3242d8c..7179c4f 100644
--- a/source3/libsmb/cliconnect.c
+++ b/source3/libsmb/cliconnect.c
@@ -2687,13 +2687,13 @@ static struct tevent_req *cli_tree_connect_send(
static void cli_tree_connect_smb2_done(struct tevent_req *subreq)
{
- return tevent_req_simple_finish_ntstatus(
+ tevent_req_simple_finish_ntstatus(
subreq, smb2cli_tcon_recv(subreq));
}
static void cli_tree_connect_andx_done(struct tevent_req *subreq)
{
- return tevent_req_simple_finish_ntstatus(
+ tevent_req_simple_finish_ntstatus(
subreq, cli_tcon_andx_recv(subreq));
}
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 5f82641 libsmb: Use sizeof instead of explicit numbers
via b8c1e30 libsmb: Use smb2_lease_push in smb2_create_send
via a8edad3 libcli: Add smb2_lease marshalling
via 96a8f6e libsmb: Move struct smb2_lease to common
from 7e80793 check_parent_exists() can change errno. Ensure we preserve
it across calls.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 5f82641553e33bc236b6c8a4f5cfc1cf3b722eea
Author: Volker Lendecke v...@samba.org
Date: Thu Apr 25 14:24:08 2013 +0200
libsmb: Use sizeof instead of explicit numbers
Signed-off-by: Volker Lendecke v...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Tue Apr 30 16:02:19 CEST 2013 on sn-devel-104
commit b8c1e30a6f2213c0dbb43a55bd5e1f498a610cab
Author: Volker Lendecke v...@samba.org
Date: Thu Apr 25 14:19:36 2013 +0200
libsmb: Use smb2_lease_push in smb2_create_send
Signed-off-by: Volker Lendecke v...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
commit a8edad3743a60b9521b2cd759e22e6350c41cc06
Author: Volker Lendecke v...@samba.org
Date: Wed Apr 17 17:04:38 2013 +0200
libcli: Add smb2_lease marshalling
Signed-off-by: Volker Lendecke v...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
commit 96a8f6e0fb9042fe125c9552dfb4c3f6d19cb225
Author: Volker Lendecke v...@samba.org
Date: Wed Apr 17 16:48:21 2013 +0200
libsmb: Move struct smb2_lease to common
Signed-off-by: Volker Lendecke v...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
---
Summary of changes:
libcli/smb/smb2_lease.c | 86 +++
libcli/smb/smb2_lease.h | 50 ++
libcli/smb/smb_common.h |1 +
libcli/smb/wscript |2 +
source4/libcli/raw/interfaces.h | 17
source4/libcli/smb2/create.c| 34 +++
6 files changed, 155 insertions(+), 35 deletions(-)
create mode 100644 libcli/smb/smb2_lease.c
create mode 100644 libcli/smb/smb2_lease.h
Changeset truncated at 500 lines:
diff --git a/libcli/smb/smb2_lease.c b/libcli/smb/smb2_lease.c
new file mode 100644
index 000..10beaca
--- /dev/null
+++ b/libcli/smb/smb2_lease.c
@@ -0,0 +1,86 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ SMB2 Lease context handling
+
+ Copyright (C) Stefan Metzmacher 2012
+ Copyright (C) Volker Lendecke 2013
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see http://www.gnu.org/licenses/.
+*/
+
+#include includes.h
+#include ../libcli/smb/smb_common.h
+
+ssize_t smb2_lease_pull(uint8_t *buf, size_t len, struct smb2_lease *lease)
+{
+ int version;
+
+ switch (len) {
+ case 32:
+ version = 1;
+ break;
+ case 52:
+ version = 2;
+ break;
+ default:
+ return -1;
+ }
+
+ memcpy(lease-lease_key, buf, 16);
+ lease-lease_state = IVAL(buf, 16);
+ lease-lease_flags = IVAL(buf, 20);
+ lease-lease_duration = BVAL(buf, 24);
+
+ switch (version) {
+ case 1:
+ memcpy(lease-parent_lease_key, buf+32, 16);
+ lease-lease_epoch = SVAL(buf, 48);
+ break;
+ case 2:
+ ZERO_STRUCT(lease-parent_lease_key);
+ lease-lease_epoch = 0;
+ break;
+ }
+
+ return len;
+}
+
+bool smb2_lease_push(const struct smb2_lease *lease, uint8_t *buf, size_t len)
+{
+ int version;
+
+ switch (len) {
+ case 32:
+ version = 1;
+ break;
+ case 52:
+ version = 2;
+ break;
+ default:
+ return false;
+ }
+
+ memcpy(buf[0], lease-lease_key, 16);
+ SIVAL(buf, 16, lease-lease_state);
+ SIVAL(buf, 20, lease-lease_flags);
+ SBVAL(buf, 24, lease-lease_duration);
+
+ if (version == 2) {
+ memcpy(buf[32], lease-parent_lease_key, 16);
+ SIVAL(buf, 48, lease-lease_epoch);
+ }
+
+ return true;
+}
diff --git a/libcli/smb/smb2_lease.h b/libcli/smb
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 77f7a46 s4:dsdb: Fix warnings about not set / set but unused /
shadowed variables
from 31714c9 s3:smbd:smb2:scavenger: fix format error for debugging
open_persistent_id in scavenger_timer()
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 77f7a46e180596fa081f4069edea9efd23e3f0c5
Author: Matthieu Patou m...@matws.net
Date: Thu Apr 11 22:30:27 2013 -0700
s4:dsdb: Fix warnings about not set / set but unused / shadowed variables
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Fri Apr 19 13:15:40 CEST 2013 on sn-devel-104
---
Summary of changes:
source4/dsdb/common/dsdb_dn.c |3 ---
source4/dsdb/samdb/ldb_modules/linked_attributes.c |6 +++---
source4/dsdb/samdb/ldb_modules/partition.c |3 ---
source4/dsdb/samdb/ldb_modules/resolve_oids.c |2 --
source4/dsdb/samdb/ldb_modules/samba_dsdb.c|6 ++
source4/dsdb/samdb/ldb_modules/simple_ldap_map.c |3 ---
source4/dsdb/samdb/ldb_modules/subtree_rename.c|2 --
7 files changed, 5 insertions(+), 20 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dsdb/common/dsdb_dn.c b/source4/dsdb/common/dsdb_dn.c
index 0029f5d..ab42776 100644
--- a/source4/dsdb/common/dsdb_dn.c
+++ b/source4/dsdb/common/dsdb_dn.c
@@ -76,7 +76,6 @@ struct dsdb_dn *dsdb_dn_parse(TALLOC_CTX *mem_ctx, struct
ldb_context *ldb,
{
struct dsdb_dn *dsdb_dn;
struct ldb_dn *dn;
- const char *data;
size_t len;
TALLOC_CTX *tmp_ctx;
char *p1;
@@ -127,8 +126,6 @@ struct dsdb_dn *dsdb_dn_parse(TALLOC_CTX *mem_ctx, struct
ldb_context *ldb,
if (tmp_ctx == NULL) {
return NULL;
}
-
- data = (const char *)dn_blob-data;
len = dn_blob-length - 2;
p1 = talloc_strndup(tmp_ctx, (const char *)dn_blob-data + 2, len);
diff --git a/source4/dsdb/samdb/ldb_modules/linked_attributes.c
b/source4/dsdb/samdb/ldb_modules/linked_attributes.c
index 6e08209..a55ec87 100644
--- a/source4/dsdb/samdb/ldb_modules/linked_attributes.c
+++ b/source4/dsdb/samdb/ldb_modules/linked_attributes.c
@@ -752,7 +752,7 @@ static int linked_attributes_fix_links(struct ldb_module
*module,
/* find our DN in the values */
for (j=0; jel2-num_values; j++) {
struct dsdb_dn *dsdb_dn2;
- struct GUID link_guid;
+ struct GUID link_guid2;
dsdb_dn2 = dsdb_dn_parse(msg, ldb, el2-values[j],
target-syntax-ldap_oid);
if (dsdb_dn2 == NULL) {
@@ -760,7 +760,7 @@ static int linked_attributes_fix_links(struct ldb_module
*module,
return LDB_ERR_INVALID_DN_SYNTAX;
}
- ret = la_guid_from_dn(module, parent, dsdb_dn2-dn,
link_guid);
+ ret = la_guid_from_dn(module, parent, dsdb_dn2-dn,
link_guid2);
if (ret != LDB_SUCCESS) {
talloc_free(tmp_ctx);
return ret;
@@ -776,7 +776,7 @@ static int linked_attributes_fix_links(struct ldb_module
*module,
* more costly, but still give us a GUID.
* dbcheck will fix this if run.
*/
- if (!GUID_equal(self_guid, link_guid)) {
+ if (!GUID_equal(self_guid, link_guid2)) {
continue;
}
diff --git a/source4/dsdb/samdb/ldb_modules/partition.c
b/source4/dsdb/samdb/ldb_modules/partition.c
index 435a791..63835d8 100644
--- a/source4/dsdb/samdb/ldb_modules/partition.c
+++ b/source4/dsdb/samdb/ldb_modules/partition.c
@@ -1089,13 +1089,10 @@ int partition_sequence_number_from_partitions(struct
ldb_module *module,
*/
static int partition_sequence_number(struct ldb_module *module, struct
ldb_request *req)
{
- struct partition_private_data *data =
talloc_get_type(ldb_module_get_private(module),
- struct
partition_private_data);
struct ldb_extended *ext;
struct ldb_seqnum_request *seq;
struct ldb_seqnum_result *seqr;
uint64_t seq_number;
- struct dsdb_partition *p;
int ret;
seq = talloc_get_type_abort(req-op.extended.data, struct
ldb_seqnum_request);
diff --git a/source4/dsdb/samdb/ldb_modules/resolve_oids.c
b/source4/dsdb/samdb/ldb_modules/resolve_oids.c
index 71f9a30..b5c5f8e 100644
--- a/source4/dsdb/samdb/ldb_modules/resolve_oids.c
+++ b/source4/dsdb/samdb/ldb_modules
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 7f366d7 tevent: Only set poll_ev-delete=false if it was true
from a7f067c BUG 9699: Fix adding case sensitive spn.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 7f366d745c1d4e833470d853ec484459157616e7
Author: Volker Lendecke v...@samba.org
Date: Thu Apr 4 10:23:02 2013 +0200
tevent: Only set poll_ev-delete=false if it was true
Might not be noticable, but I thought it would be an obvious tiny
optimization. Possibly the compiler already does this.
Signed-off-by: Volker Lendecke v...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Thu Apr 4 18:32:39 CEST 2013 on sn-devel-104
---
Summary of changes:
lib/tevent/tevent_poll.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/tevent/tevent_poll.c b/lib/tevent/tevent_poll.c
index 92fcc44..c6e2a00 100644
--- a/lib/tevent/tevent_poll.c
+++ b/lib/tevent/tevent_poll.c
@@ -419,8 +419,8 @@ static bool poll_event_setup_fresh(struct tevent_context
*ev,
poll_ev-fdes[i]-additional_flags = i;
}
}
+ poll_ev-deleted = false;
}
- poll_ev-deleted = false;
if (poll_ev-fresh == NULL) {
return true;
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via ed76e65 ntvfs: support setfileinfo with FULL_EA_INFORMATION from 7903839 s3:wscript: change --with-dmapi to default=auto to match the autoconf build http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit ed76e65172ba1a21ef21b3c0267ed5ef1aa8aa9b Author: David Disseldorp dd...@samba.org Date: Wed Apr 3 14:01:00 2013 +0200 ntvfs: support setfileinfo with FULL_EA_INFORMATION Use existing unmarshall and set helper functions. This allows the smb2.setinfo.setinfo test to run against the ntvfs file server. Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Wed Apr 3 16:14:33 CEST 2013 on sn-devel-104 --- Summary of changes: selftest/knownfail |1 - source4/ntvfs/posix/pvfs_setfileinfo.c |7 ++- source4/smb_server/blob.c |6 ++ 3 files changed, 12 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/selftest/knownfail b/selftest/knownfail index e4b4694..61a0a0e 100644 --- a/selftest/knownfail +++ b/selftest/knownfail @@ -162,7 +162,6 @@ ^samba4.blackbox.upgradeprovision.alpha13.ldapcmp_sd\(none\) # Due to something rewriting the NT ACL on DNS objects ^samba4.blackbox.upgradeprovision.alpha13.ldapcmp_full_sd\(none\) # Due to something rewriting the NT ACL on DNS objects ^samba4.blackbox.upgradeprovision.release-4-0-0.ldapcmp_sd\(none\) # Due to something rewriting the NT ACL on DNS objects -^samba4.smb2.setinfo.setinfo # ntvfs doesn't support FULL_EA_INFORMATION set. ^samba3.smb2.create.gentest ^samba3.smb2.create.blob ^samba3.smb2.create.open diff --git a/source4/ntvfs/posix/pvfs_setfileinfo.c b/source4/ntvfs/posix/pvfs_setfileinfo.c index 3c9b18d..7fd4e35 100644 --- a/source4/ntvfs/posix/pvfs_setfileinfo.c +++ b/source4/ntvfs/posix/pvfs_setfileinfo.c @@ -367,7 +367,7 @@ NTSTATUS pvfs_setfileinfo(struct ntvfs_module_context *ntvfs, break; case RAW_SFILEINFO_EA_SET: - return pvfs_setfileinfo_ea_set(pvfs, h-name, h-fd, + return pvfs_setfileinfo_ea_set(pvfs, h-name, h-fd, info-ea_set.in.num_eas, info-ea_set.in.eas); @@ -420,6 +420,11 @@ NTSTATUS pvfs_setfileinfo(struct ntvfs_module_context *ntvfs, h-position = info-position_information.in.position; break; + case RAW_SFILEINFO_FULL_EA_INFORMATION: + return pvfs_setfileinfo_ea_set(pvfs, h-name, h-fd, + info-full_ea_information.in.eas.num_eas, + info-full_ea_information.in.eas.eas); + case RAW_SFILEINFO_MODE_INFORMATION: /* this one is a puzzle */ if (info-mode_information.in.mode != 0 diff --git a/source4/smb_server/blob.c b/source4/smb_server/blob.c index c0077c0..a3e1123 100644 --- a/source4/smb_server/blob.c +++ b/source4/smb_server/blob.c @@ -625,6 +625,12 @@ NTSTATUS smbsrv_pull_passthru_sfileinfo(TALLOC_CTX *mem_ctx, return NT_STATUS_OK; + case RAW_SFILEINFO_FULL_EA_INFORMATION: + return ea_pull_list_chained(blob, + mem_ctx, + st-full_ea_information.in.eas.num_eas, + st-full_ea_information.in.eas.eas); + case RAW_SFILEINFO_MODE_INFORMATION: BLOB_CHECK_MIN_SIZE(blob, 4); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via b5d5b9a libsmbclient: Fix cli_session_setup_guest_send
from ed76e65 ntvfs: support setfileinfo with FULL_EA_INFORMATION
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit b5d5b9a40eb13f89a552e29096deed52229c147e
Author: Volker Lendecke v...@samba.org
Date: Wed Apr 3 13:24:53 2013 +0200
libsmbclient: Fix cli_session_setup_guest_send
This worked fine so far, but for the wrong reason: We only ever called
this through the sync wrapper. The tevent_req_nterror in the NT_STATUS_OK
case does not call tevent_req_finish. So the tevent_loop_poll did call
into the core send/receive smb code. This is a fix for the case when
smb1cli_req_chain_submit fails for some reason.
Signed-off-by: Volker Lendecke v...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Wed Apr 3 18:39:30 CEST 2013 on sn-devel-104
---
Summary of changes:
source3/libsmb/cliconnect.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c
index 872900c..ec5c273 100644
--- a/source3/libsmb/cliconnect.c
+++ b/source3/libsmb/cliconnect.c
@@ -446,7 +446,7 @@ struct tevent_req *cli_session_setup_guest_send(TALLOC_CTX
*mem_ctx,
}
status = smb1cli_req_chain_submit(subreq, 1);
- if (NT_STATUS_IS_OK(status)) {
+ if (!NT_STATUS_IS_OK(status)) {
tevent_req_nterror(req, status);
return tevent_req_post(req, ev);
}
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via e865788 dbwrap: Add a comment explaining a restriction
from e3f5e47 smbd: Remove an optimization that became unnecessary
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit e8657887a9c1deadbd4e98c8b66cd46bdf36402a
Author: Volker Lendecke v...@samba.org
Date: Wed Mar 27 10:23:50 2013 +0100
dbwrap: Add a comment explaining a restriction
Signed-off-by: Volker Lendecke v...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Wed Mar 27 13:40:15 CET 2013 on sn-devel-104
---
Summary of changes:
lib/dbwrap/dbwrap.c | 11 +++
1 files changed, 11 insertions(+), 0 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/dbwrap/dbwrap.c b/lib/dbwrap/dbwrap.c
index f0b7a9a..f03514d 100644
--- a/lib/dbwrap/dbwrap.c
+++ b/lib/dbwrap/dbwrap.c
@@ -453,6 +453,17 @@ int dbwrap_get_seqnum(struct db_context *db)
int dbwrap_transaction_start(struct db_context *db)
{
if (!db-persistent) {
+ /*
+* dbwrap_ctdb has two different data models for persistent
+* and non-persistent databases. Transactions are supported
+* only for the persistent databases. This check is here to
+* prevent breakages of the cluster case, autobuild at this
+* point only tests non-clustered Samba. Before removing this
+* check, please make sure that this facility has also been
+* added to dbwrap_ctdb.
+*
+* Thanks, vl
+*/
DEBUG(1, (transactions not supported on non-persistent
database %s\n, db-name));
return -1;
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via e3f5e47 smbd: Remove an optimization that became unnecessary via 07ae7e2 smbd: We don't collect our own vnn anymore via ebb027b smbd: Slightly simplify notify_trigger via eb885d1 smbd: Slightly simplify notify_trigger via 032da72 smbd: Avoid some talloc_realloc in notify_internal via c2b26a4 dbwrap-ctdb: Avoid a talloc_stackframe() via d147194 ctdb-conn: remove ctdbd_fetch via 1409895 dbwrap-ctdb: Use ctdbd_parse in db_ctdb_parse_record via abe4046 ctdb-conn: Add ctdbd_parse via c8c0bf7 tdb: Fix blank line endings via a92c08e tdb: Little format change via d4ebeeb smbd: Avoid sending 0-sized keys to dbwrap from bbb4068 dbwrap: Use tdb_null in db_ctdb_delete http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit e3f5e474c826940ebaf43256cb06a50309ba3ef5 Author: Volker Lendecke v...@samba.org Date: Wed Oct 31 13:13:50 2012 +0100 smbd: Remove an optimization that became unnecessary After we only collect nonlocal vnns in idx_state.vnns now, at this point we *know* we have something to send to a remote node. The previous code avoided the call to notify_push_remote_blob with an if-statement that has now become unnecessary. Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Tue Mar 26 13:16:39 CET 2013 on sn-devel-104 commit 07ae7e22f789a67bbd5e9536e1227a1c394990f9 Author: Volker Lendecke v...@samba.org Date: Wed Oct 31 13:11:19 2012 +0100 smbd: We don't collect our own vnn anymore notify_trigger_index_parser will not anymore add ourselves into the vnn list that it collects. Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit ebb027b738d0addd3ee5c205c5370b01859aee71 Author: Volker Lendecke v...@samba.org Date: Wed Oct 31 13:10:12 2012 +0100 smbd: Slightly simplify notify_trigger We have a good chance that we did not collect any remote vnns. This avoids trying to walk the remote vnns altogether. Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit eb885d1fdd6a2be603061aeef63790c92ca9ba56 Author: Volker Lendecke v...@samba.org Date: Wed Oct 31 13:08:18 2012 +0100 smbd: Slightly simplify notify_trigger This straightens the for-loop walking the path components slightly Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 032da72e2b81685f292622cfd2ced14af257849d Author: Volker Lendecke v...@samba.org Date: Wed Oct 31 13:02:19 2012 +0100 smbd: Avoid some talloc_realloc in notify_internal For the nonclustered case we will only ever have one vnn in notify_index.tdb. For this case, without this patch we did talloc_realloc when collecting vnns to be able to do the memcpy instead of explicit copy with a for-loop. This new code will partition the new vnns we see when parsing a notify_index.tdb record into ourselves and all foreign vnns, only really collecting the foreign ones in an array. Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit c2b26a43ffae22c9dff7929c48531fec9e6ed922 Author: Volker Lendecke v...@samba.org Date: Sat Nov 24 14:42:06 2012 + dbwrap-ctdb: Avoid a talloc_stackframe() We have only a single allocation in this routine, so I think we can live without a stackframe. Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit d147194466560488cda9f6e5e993c985cea02289 Author: Volker Lendecke v...@samba.org Date: Sat Nov 24 14:15:38 2012 + ctdb-conn: remove ctdbd_fetch Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 1409895d9e271744060d3f1ef2c71da5b5151f6a Author: Volker Lendecke v...@samba.org Date: Sat Nov 24 14:14:37 2012 + dbwrap-ctdb: Use ctdbd_parse in db_ctdb_parse_record Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit abe4046643735cf0bc5bcdfe330dd946ab221808 Author: Volker Lendecke v...@samba.org Date: Fri Nov 23 17:54:57 2012 +0100 ctdb-conn: Add ctdbd_parse Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit c8c0bf74805c61b1379dab1d4529df0004872bb4 Author: Volker Lendecke v...@samba.org Date: Mon Mar 18 14:39:04 2013 +0100 tdb: Fix blank line endings Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 30adf0c scripting: Fill the ProvisionNames hash with strings, not ldb.MessageElement or Dn via 5d42260 samba-tool ldapcmp: Remove the GUID - name mappings via 1589e46 selftest: Add tests for samba-tool dbcheck --reset-well-known-acls via 874a93b scripting: Modify samba.descriptor.get_diff_sds() to cope with a missing reference owner via 4789a30 samba-tool dbcheck: Allow dbcheck to correct an nTSecurityDescriptor without an owner or group via 810f8b4 samba-tool dbcheck: Add --reset-well-known-acls via 9040e26 scripting: Move get_diff_sds from samba.upgradehelpers to samba.descriptor via a113ddb scripting: Modify samba.descriptor.get_wellknown_sds() use samdb calls only via 352aff8 scripting: Move samba.provision.descriptor to samba.descriptor via e81a97d scripting: Make samba.provision.descriptor.get_wellknown_sds() return ldb.Dn objects via 6df17fe scripting: Fix documentation comment on upgradehelpers.py:get_clean_sd via 3da89b0 scripting: Move the list of well known SDs to samba.provision.descriptor via afe9343 build: Do not pass CPP= to pidl, skip the env variable entirely via 7dc6dfd build: Remove the forced use of only the first part of the compiler string from d27f00c vfs-btrfs: Fix build on 32 bit platforms by using long long types http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 30adf0cdbae6d9aaf2e72513d9c33267248f20c0 Author: Andrew Bartlett abart...@samba.org Date: Fri Mar 22 21:58:25 2013 +1100 scripting: Fill the ProvisionNames hash with strings, not ldb.MessageElement or Dn This avoids the need to fix it up again in samba_upgradedns. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Mon Mar 25 13:25:30 CET 2013 on sn-devel-104 commit 5d42260eecfd4f26cc82637ce1bc989083c9eb9d Author: Andrew Bartlett abart...@samba.org Date: Fri Mar 22 21:36:49 2013 +1100 samba-tool ldapcmp: Remove the GUID - name mappings These mappings are very convenient, however because they are not one-to-one, they lead to differences being reported when none exist, dependent only on the order the schema searches return results in. Sadly the time saved by the names is offset by the time wasted chasing the 'differences' that don't exist. This in turn fixes some tests that were previously knownfail Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org commit 1589e46d11f29551f3598876b62e29fcbad06580 Author: Andrew Bartlett abart...@samba.org Date: Fri Mar 22 17:12:43 2013 +1100 selftest: Add tests for samba-tool dbcheck --reset-well-known-acls Reviewed-by: Stefan Metzmacher me...@samba.org commit 874a93bc1c437543474a6c574b0065b7b953ad38 Author: Andrew Bartlett abart...@samba.org Date: Fri Mar 22 22:16:03 2013 +1100 scripting: Modify samba.descriptor.get_diff_sds() to cope with a missing reference owner This allows the reference SD not to have an owner specified, and still have the comparison with a database SD that does have an owner pass. (And the same for owning group). Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org commit 4789a3072a4241841c096115dbdb0c3259968e68 Author: Andrew Bartlett abart...@samba.org Date: Mon Feb 11 14:49:01 2013 +1100 samba-tool dbcheck: Allow dbcheck to correct an nTSecurityDescriptor without an owner or group This is done by making a modification to the SD, which triggers it to be filled in if we have the correct session_info established on the DB. However, we normally want dbcheck running as system, so we wrap the session_info set around this operation only. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org commit 810f8b48d925ea15f3439c4b228741d8fddaccd8 Author: Andrew Bartlett abart...@samba.org Date: Mon Feb 11 14:49:01 2013 +1100 samba-tool dbcheck: Add --reset-well-known-acls This will allow an upgrade from Samba 4.0.0 without needing to run samba_upgradeprovision, which for now is not the preferred upgrade tool. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org commit 9040e2684161ce75738e9da0fee191aa34858607 Author: Andrew Bartlett abart...@samba.org Date: Fri Mar 22 16:19:27 2013 +1100 scripting: Move get_diff_sds from samba.upgradehelpers to samba.descriptor This helps avoid a dependency loop when we use get_diff_sds in dbcheck. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org commit a113ddbf881c5905bbf7072638c7ba8843eeb85e Author: Andrew Bartlett abart...@samba.org Date: Fri
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 1d15fc7 Fix bug #9724 - is_encrypted_packet() function incorrectly
used inside server.
from fd8b258 examples/libsmbclient: Cast mode_t to unsigned int for
GNU/Solaris build
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 1d15fc75a33b7368049876368f4b70c188bbd55e
Author: Jeremy Allison j...@samba.org
Date: Fri Mar 15 15:05:31 2013 -0700
Fix bug #9724 - is_encrypted_packet() function incorrectly used inside
server.
The is_encrypted_packet() function should only be used on the raw received
data
to determine if a packet came in encrypted. Once we're inside the SMB1
processing code in smbd/reply.c we should be looking at the
smb1request-encrypted field to determine if a packet was really encrypted
or
not.
Signed-off-by: Jeremy Allison j...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Sat Mar 16 12:44:44 CET 2013 on sn-devel-104
---
Summary of changes:
source3/smbd/reply.c |5 ++---
1 files changed, 2 insertions(+), 3 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index 64c4fdb..2c31f15 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -3294,8 +3294,7 @@ void reply_readbraw(struct smb_request *req)
START_PROFILE(SMBreadbraw);
- if (srv_is_signing_active(sconn) ||
- is_encrypted_packet(sconn, req-inbuf)) {
+ if (srv_is_signing_active(sconn) || req-encrypted) {
exit_server_cleanly(reply_readbraw: SMB signing/sealing is
active -
raw reads/writes are disallowed.);
}
@@ -3698,7 +3697,7 @@ static void send_file_readX(connection_struct *conn,
struct smb_request *req,
*/
if (!req_is_in_chain(req)
- !is_encrypted_packet(req-sconn, req-inbuf)
+ !req-encrypted
(fsp-base_fsp == NULL)
(fsp-wcp == NULL)
lp_use_sendfile(SNUM(conn), req-sconn-smb1.signing_state) ) {
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 68698b4 tdb: Slightly simplify tdb_expand_file
from 70e1b61 tsocket_bsd: Attempt to increase the SO_SNDBUF if we get
EMSGSIZE in sendto()
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 68698b4e64831d2fdf762b5f8577ff404f10a3cb
Author: Volker Lendecke v...@samba.org
Date: Mon Mar 4 13:06:05 2013 +0100
tdb: Slightly simplify tdb_expand_file
The else keywords are not necessary here, we return in the preceding
if clause
Signed-off-by: Volker Lendecke v...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Tue Mar 5 14:00:47 CET 2013 on sn-devel-104
---
Summary of changes:
lib/tdb/common/io.c |6 --
1 files changed, 4 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/tdb/common/io.c b/lib/tdb/common/io.c
index 0563635..b9caffb 100644
--- a/lib/tdb/common/io.c
+++ b/lib/tdb/common/io.c
@@ -328,12 +328,14 @@ static int tdb_expand_file(struct tdb_context *tdb,
tdb_off_t size, tdb_off_t ad
returned 0 twice: giving up!\n));
errno = ENOSPC;
return -1;
- } else if (written == -1) {
+ }
+ if (written == -1) {
TDB_LOG((tdb, TDB_DEBUG_FATAL, expand_file write of
%d bytes failed (%s)\n, (int)n,
strerror(errno)));
return -1;
- } else if (written != n) {
+ }
+ if (written != n) {
TDB_LOG((tdb, TDB_DEBUG_WARNING, expand_file: wrote
only %d of %d bytes - retrying\n,
(int)written,
(int)n));
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 70e1b61 tsocket_bsd: Attempt to increase the SO_SNDBUF if we get EMSGSIZE in sendto() via 50b42d1 s4-lib/socket: Return the original EMSGSIZE when sendto() and setsockopt() both fail via b9b6375 selftest: Remove output directories to save disk space via d5d88bd samba_upgradeprovision: Do not reset every DN when changing an SD via 0f247dc samba_upgradeprovision: do not maintain dnNotToRecalculate as a list via 9bc32bf samba_upgradeprovision: only run rebuild_sd in --full mode via 81cda85 samba_upgradeprovision: Remove alwaysRecalculate, this is too dangerous via 09b82d5 samba_upgradeprovision: Remove unused checkKeepAttributeOldMtd via 9b8d5bb samba_upgradeprovision: Remove inherited ACEs before comparing the SDs via 5074b98 scripting: Rework samba.upgradehelpers.get_diff_sddls to be get_diff_sds via 787a6aa samba_upgradeprovision: Remove auto-detection of pre-alpha9 databases via 9d6af49 selftest: Rename samba4.blackbox.upgradeprovision.py to samba4.blackbox.upgradeprovision.current via 08f0562 selftest: Run dbcheck and improved upgrdeprovision tests against release-4-0-0 via d7936ee selftest: Add ldapcmp to ensure upgradeprovision of a fresh DB is a no-op via f1f36ad selftest: Add in a provision from 4.0.0 to run tests against via 72f73eb selftest: Do an ldapcmp run against the upgraded domain via 24c4d81 samba-tool ldapcmp: Add support for checking DNSDOMAIN and DNSFOREST by default via f508435 samba-tool dbcheck: fix msDS-HasInstantiatedNCs attributes to match instanceType on our ntdsDSA via 97389c3 scripting: Correct parsing of binary DN via 0180a02 subunit: Add a sh macro for skipping a test from c692bb0 Handle EMSGSIZE on UNIX domain sockets. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 70e1b6185e3fb35fdc72eeb529ffb4b50122dc40 Author: Andrew Bartlett abart...@samba.org Date: Mon Mar 4 14:06:14 2013 +1100 tsocket_bsd: Attempt to increase the SO_SNDBUF if we get EMSGSIZE in sendto() This matches what was done for lib/socket/socket_unix.c in c692bb02b039ae8fef6ba968fd13b36ad7d62a72. (and is based on that patch by Landon Fuller land...@bikemonkey.org) Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Mon Mar 4 11:15:35 CET 2013 on sn-devel-104 commit 50b42d1c5bb19e3a5050d7d23ac96e273d3974ee Author: Andrew Bartlett abart...@samba.org Date: Mon Mar 4 14:07:38 2013 +1100 s4-lib/socket: Return the original EMSGSIZE when sendto() and setsockopt() both fail This ensures that should we be unable to increase the socket size, we return an error that the application layer above might expect and be able to make as reasonable response to (such as switching to a stream-based transport). This fixes up c692bb02b039ae8fef6ba968fd13b36ad7d62a72. As suggested by metze in https://bugzilla.samba.org/show_bug.cgi?id=9697#c4 Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org commit b9b637569960ae7eef5ee12436624af34a718a9a Author: Andrew Bartlett abart...@samba.org Date: Sun Feb 17 22:45:59 2013 +1100 selftest: Remove output directories to save disk space Reviewed-by: Stefan Metzmacher me...@samba.org commit d5d88bd82b1cb51da09cf3b3dec40f180f5ed29f Author: Andrew Bartlett abart...@samba.org Date: Mon Feb 18 15:56:18 2013 +1100 samba_upgradeprovision: Do not reset every DN when changing an SD SD propogation is handled by an LDB module, we do not need to touch each and every DN to make it happen. Now that we do not need to put this via a hash, the dnToRecalculate list is changed to be a list of Dn objects, not strings so that: if dn in listWellknown is handled using a schema comparison (avoiding different case forms tripping it up). Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org commit 0f247dce00fd26230cdb0566ce4f51a2ea8cfc2b Author: Andrew Bartlett abart...@samba.org Date: Mon Feb 18 15:15:52 2013 +1100 samba_upgradeprovision: do not maintain dnNotToRecalculate as a list We only need a boolean indication, not the actual values. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org commit 9bc32bfd65700c816ebb2a3004ad568327218f86 Author: Andrew Bartlett abart...@samba.org Date: Mon Feb 18 15:05:00 2013 +1100 samba_upgradeprovision: only run rebuild_sd in --full mode This is a potentially destructive routine, and should not be run by default. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org
[SCM] Samba Shared Repository - annotated tag tevent-0.9.18 created
The annotated tag, tevent-0.9.18 has been created at 5864b66090f42b08a89c8bf5abd3c24908adf129 (tag) tagging f9eb05509bdab08a350440eba47de38522f17036 (commit) replaces ldb-1.1.15 tagged by Stefan Metzmacher on Sat Mar 2 09:58:52 2013 +0100 - Log - tevent: tag release tevent-0.9.18 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQEcBAABAgAGBQJRMb9MAAoJEEeTkWETCEAlaMkH/jA9QnYUvujgps2ONQJ9WHnm L6qYySoAtmuC623YnA2XgGBGgwjBmDqT05QOl+Nj1J2FRBfF8IWgtoY4QAm2E1Qa G8F0oNNv6SCdjy6r0/uglJAlZMimZ3AWCciHMsmW4U9GMW4PpgyZU0KfNSjdD1pG dgftdDo82VmkOdCnQj2luxB6vH1Et6YYGEN6udpIhedqH++LixscS5/ez9fQ1Es9 zPMYOX2m2apo8nOGXTcIGd5p987O9TYWaSwBhRpe4ZcfApzZaHOO2C2f1T8AHfiK W/TZlGQ/DGKGEBz85P+otM6/hhDF0CWhL//HXBkySZw/a7qIYTXzL7I3n2aD+Bk= =/Qk8 -END PGP SIGNATURE- Alexander Bokovoy (4): PIDL: fix parsing linemarkers in preprocessor output source3/wscript: support 'pdb_ldap' module in configure autoconf: rename pdb_ldap module to pdb_ldapsam Make systemctl reference indirect in packaging/NetworkManager/30-winbind-systemd Andreas Schneider (47): Rename pdb_ldap to pdb_ldapsam waf: Make sure we link against samba-util. winbind: Make domain_name const in wcache_ndr_key(). messages: Use uint8_t type. winbind: Use uint8_t type and use const where needed. winbind: Correctly cast name to messaging_send_buf(). ndr: Comparing an array to null is always true. libsmb: Fix possible null pointer dereference. torture: Fix samsync domain_name checks. nmbd: Fix request data data processing. s4-libcli: Add null check for ndr functions in rap. s3-tldap: Make sure we don't deref a null pointer. librpc: Add NULL check for ndr functions for epm bindings. s4-libcli: Check return code of smbcli_request_setup(). ndrdump: Check return value of ndr_pull_init_blob(). pyauth: Check return value of lpcfg_from_py_object(). s4-libcli: Check return value of smbcli_request_setup(). pdb: Fix array overrun by one. torture: Fix array access in spoolss test. torture: Fix memcmp of short buffer. torture: Make sure we don't overrun the buffer. s4-client: Don't leak resource handle. s4-client: Don't leak file descriptor. s3-net: Don't leak username. s3-spoolss: Don't leak memory. s3-lsasd: Don't leak file descriptors. s3-param: Don't leak file descriptor. s3-vfs: Don't leak file descriptor. torture: Don't leak file resource handle in spoolss test. s3-smbd: Don't leak subcntarr array. winbind: Don't leak memory on return. wbinfo: Fix several memory leaks. s3-torture: Don't leak memory. s4-client: Don't leak memory. winbind: Don't leak centry memory. s4-registry: Don't leak memory on error. s4-registry: Don't leak file descriptor. s4-cifsdd: Don't leak memory. s4-policy: Fix memory leaks in push_recursive(). smbget: Fix file descriptor leak. smbpasswd: Don't leak memory. ndrdump: Don't leak plugin handle on error. s3-libsmb: Don't leak memory on error. s4-lib: Don't leak plugin handle on error. s3-vfs: Don't leak file descriptor on error. lib-util: Don't leak file descriptor on error. s3-rpc_server: Make sure that fd is really closed on error. Andrew Bartlett (24): pymessaging: Use correct unsigned types for server ID tuple elememnts pymessaging: Pass around the server_id struct to python callbacks rather than the tuple s4-process_single: Use pid,task_id as cluster_id in process_single just like process_prefork selftest: Add test of upgradeprovision using the old alpha13 tree vfs: Add helper function hash_blob_sha256 to vfs_acl_common.c vfs: Implement an improved vfs_acl_common that uses the hash of the system ACL vfs: Whitespace fix only to get_nt_acl_internal indentation vfs_acl_common: Do not fetch the underlying NT ACL unless we need it idl: Provide a common wrapper for the data to hash for a non-POSIX ACL vfs: Add helper function for non posix ACL modules s4-nbt: Ensure source4/ nbt client and server honour 'disable netbios' samba_upgradeprovision: Remove options to fix FS ACLs scripting: Make tdb_copy use the python subprocess module scripting: Make tdb_copy a common util function in samba.tdb_util samba_upgradeprovision: Do not update privileges.ldb any more (unchanged since 2009) samba_upgradeprovision: Use tdb_util.tdb_copy not shutil.copy2 build: Remove unused includes.h reference to avoid build-time talloc dep build: Remove includes.h dep in winbind client libraries ldb: Add missing dependency on replace for ldb torture-drs: Make the samba4.drs.repl_schema.python emit failures, not errors on add failure torture-drs
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via e4d85fa dsdb-descriptor: Avoid segfault copying an SD without an
owner or group
via 87db233 dsdb-descriptor: Spell out security descriptor flags as
constants
via a166a34 torture-drs: Fix comment in replica_sync test
via 59e8321 torture-drs: Make the samba4.drs.repl_schema.python emit
failures, not errors on add failure
via c89df54 ldb: Add missing dependency on replace for ldb
via 613f49a build: Remove includes.h dep in winbind client libraries
via f2c7f2c build: Remove unused includes.h reference to avoid
build-time talloc dep
from 46ab33d build:autoconf: fix output of syslog-facility check
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit e4d85fa73d3ce1f397fdd416af6b8c903a473824
Author: Andrew Bartlett abart...@samba.org
Date: Mon Feb 11 14:46:43 2013 +1100
dsdb-descriptor: Avoid segfault copying an SD without an owner or group
This is an unusual SD, but it does exist is some very old upgraded
databases.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Fri Feb 22 11:06:17 CET 2013 on sn-devel-104
commit 87db2331fc855473d8b3cad1c4149807823aa3c4
Author: Andrew Bartlett abart...@samba.org
Date: Mon Feb 11 14:45:57 2013 +1100
dsdb-descriptor: Spell out security descriptor flags as constants
Reviewed-by: Stefan Metzmacher me...@samba.org
commit a166a3484a68dc5328ee1d3e65221c30c081204b
Author: Andrew Bartlett abart...@samba.org
Date: Wed Jan 16 08:52:41 2013 +1100
torture-drs: Fix comment in replica_sync test
Reviewed-by: Stefan Metzmacher me...@samba.org
commit 59e8321324fe6b652724e71ba1df9da80f30cc67
Author: Andrew Bartlett abart...@samba.org
Date: Thu Feb 7 19:35:15 2013 +1100
torture-drs: Make the samba4.drs.repl_schema.python emit failures, not
errors on add failure
This then allows this particular failure to be masked with a knownfail.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher me...@samba.org
commit c89df544239dbaedbb7f231f4556aff8e4a3f288
Author: Andrew Bartlett abart...@samba.org
Date: Fri Feb 15 13:32:06 2013 +1100
ldb: Add missing dependency on replace for ldb
This brings in rep_timegm() on Solaris for example.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher me...@samba.org
commit 613f49ab8bf0bdcc7cd1e2c39bd624586a87cff3
Author: Andrew Bartlett abart...@samba.org
Date: Tue Feb 19 11:44:19 2013 +1100
build: Remove includes.h dep in winbind client libraries
Our LGPL winbind client libs do not link against our server-side code, and
should not use the server-side includes.h.
This removes a build-time dep on talloc that was brought in via includes.h
as
this code also does not use talloc.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher me...@samba.org
commit f2c7f2c93d54c77753e2a1b0663813e9778172a4
Author: Andrew Bartlett abart...@samba.org
Date: Tue Feb 19 11:15:20 2013 +1100
build: Remove unused includes.h reference to avoid build-time talloc dep
talloc is not a dependency of this library, but is required by includes.h.
By not including includes.h, we avoid needing to add an otherwise false
talloc dep.
(this comes up if talloc.h is not installed as a system package).
Andrew Bartlett
Reviewed-by: Stefan Metzmacher me...@samba.org
---
Summary of changes:
lib/ldb/wscript |2 +-
lib/util/setid.c|1 -
nsswitch/winbind_nss_solaris.c |1 -
source4/dsdb/samdb/ldb_modules/acl_util.c |2 +-
source4/dsdb/samdb/ldb_modules/descriptor.c | 18 +-
source4/torture/drs/python/repl_schema.py |6 +-
source4/torture/drs/python/replica_sync.py |2 +-
7 files changed, 21 insertions(+), 11 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/ldb/wscript b/lib/ldb/wscript
index 1ae5438..fbed6fd 100755
--- a/lib/ldb/wscript
+++ b/lib/ldb/wscript
@@ -133,7 +133,7 @@ def build(bld):
bld.SAMBA_LIBRARY('ldb',
COMMON_SRC + ' ' + LDB_MAP_SRC,
- deps='tevent LIBLDB_MAIN',
+ deps='tevent LIBLDB_MAIN replace',
includes='include',
public_headers='include/ldb.h include/ldb_errors.h '\
'include/ldb_module.h include/ldb_handlers.h',
diff --git a/lib/util/setid.c b/lib/util/setid.c
index ed86155..c5ee644 100644
--- a/lib/util/setid.c
+++ b/lib/util/setid.c
@@ -20,7 +20,6 @@
#ifndef AUTOCONF_TEST
#include replace.h
#include
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via cfebce3 s3:smbd: add debugging to close code (regarding disconnect of a durable) via 2954442 s4:torture: fix segfault in test_durable_open_open2_oplock() via 2f8a033 s4:torture:smb2: fix segfault on error condition in the durable-open.delete_on_close2 test via 1d3bd45 s4:torture:smb2: fix segfault on error condition in the durable-open.delete_on_close1 test via 98b0e90 s4:torture:smb2: fix segfault on error condition in the durable-open.reopen4 test via 10fcbc6 s4:torture:smb2: fix segfault on error condition in the durable-open.reopen3 test via cb9b897 s4:torture:smb2: fix segfault on error condition in the durable-open.reopen2a test via 6385f75 s4:torture:smb2: fix segfault on error condition in durable-open.reopen2 test via 6240a7d s4:torture:smb2:durable: make test functions static via 42bf98d s4:torture: add a durable-open-disconnect test (suite) via f0e6a9b s3:smbd: use smbXsrv_open_close() instead of smbXsrv_open_update() from 8adbd1c srv_epmapper.c: Fix typo. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit cfebce3c56474ac914474b57ed94f93418b0564b Author: Michael Adam ob...@samba.org Date: Tue Feb 12 17:44:51 2013 +0100 s3:smbd: add debugging to close code (regarding disconnect of a durable) Signed-off-by: Michael Adam ob...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Mon Feb 18 17:42:45 CET 2013 on sn-devel-104 commit 295444266d33863e3a8b7c8ffa5d193123db6132 Author: Stefan Metzmacher me...@samba.org Date: Wed Feb 13 14:11:57 2013 +0100 s4:torture: fix segfault in test_durable_open_open2_oplock() Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Michael Adam ob...@samba.org commit 2f8a033bf2563d547e42be5603074223078595f9 Author: Michael Adam ob...@samba.org Date: Wed Feb 13 15:05:40 2013 +0100 s4:torture:smb2: fix segfault on error condition in the durable-open.delete_on_close2 test Signed-off-by: Michael Adam ob...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 1d3bd45d6177c8af653dbacac934eb2061acf35e Author: Michael Adam ob...@samba.org Date: Wed Feb 13 15:04:10 2013 +0100 s4:torture:smb2: fix segfault on error condition in the durable-open.delete_on_close1 test Signed-off-by: Michael Adam ob...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 98b0e909b7b65bee694743617476d4d36fe595a3 Author: Michael Adam ob...@samba.org Date: Wed Feb 13 15:03:00 2013 +0100 s4:torture:smb2: fix segfault on error condition in the durable-open.reopen4 test Signed-off-by: Michael Adam ob...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 10fcbc6869dc2803e1c2dd3183c6781f4233550d Author: Michael Adam ob...@samba.org Date: Wed Feb 13 15:01:47 2013 +0100 s4:torture:smb2: fix segfault on error condition in the durable-open.reopen3 test Signed-off-by: Michael Adam ob...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit cb9b8975e5a9c032f7c4227c3eafb1ed6ada5e19 Author: Michael Adam ob...@samba.org Date: Wed Feb 13 15:00:26 2013 +0100 s4:torture:smb2: fix segfault on error condition in the durable-open.reopen2a test Signed-off-by: Michael Adam ob...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 6385f750f19a00a6ba16a0aec9bb91ab1cfcb2be Author: Michael Adam ob...@samba.org Date: Wed Feb 13 14:58:29 2013 +0100 s4:torture:smb2: fix segfault on error condition in durable-open.reopen2 test Signed-off-by: Michael Adam ob...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 6240a7d11e910027b42ac1d31ca13264e90d2266 Author: Michael Adam ob...@samba.org Date: Tue Feb 12 21:51:06 2013 +0100 s4:torture:smb2:durable: make test functions static Signed-off-by: Michael Adam ob...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 42bf98d54c36abd5f532a4510cdd4066fe82143d Author: Michael Adam ob...@samba.org Date: Tue Feb 12 17:45:23 2013 +0100 s4:torture: add a durable-open-disconnect test (suite) this opens a durable, disconnects it and exits Signed-off-by: Michael Adam ob...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit f0e6a9be00e441e50f0087c543e1b7c9012d126f Author: Stefan Metzmacher me...@samba.org Date: Wed Feb 13 08:26:43 2013 -0500 s3:smbd: use smbXsrv_open_close() instead of smbXsrv_open_update() This makes sure we store the correct disconnect_time for disconnected durable handles. Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Michael Adam ob...@samba.org
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 19c68f8 s3:idmap_autorid: fix freeing of non-talloced memory
(uninitialized pointer) (bug #9653)
from a64a617 Add a herald with version string to smbtorture
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 19c68f80251f443016e505c5cf87f697fb552e8c
Author: Michael Adam ob...@samba.org
Date: Mon Feb 11 22:52:55 2013 +0100
s3:idmap_autorid: fix freeing of non-talloced memory (uninitialized
pointer) (bug #9653)
Signed-off-by: Michael Adam ob...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Wed Feb 13 09:51:53 CET 2013 on sn-devel-104
---
Summary of changes:
source3/winbindd/idmap_autorid.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/winbindd/idmap_autorid.c b/source3/winbindd/idmap_autorid.c
index b7b1689..0747916 100644
--- a/source3/winbindd/idmap_autorid.c
+++ b/source3/winbindd/idmap_autorid.c
@@ -244,7 +244,7 @@ static NTSTATUS idmap_autorid_id_to_sid(struct
autorid_global_config *cfg,
struct id_map *map)
{
uint32_t range;
- TDB_DATA data;
+ TDB_DATA data = tdb_null;
char *keystr;
struct dom_sid sid;
NTSTATUS status;
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via beb6c13 winbind: Fix an incompatible pointer type warning
via c03d5c5 dbwrap: Prevent transactions on non-persistent dbs
via dc2e475 torture: We use transactions for CLEAR_IF_FIRST db
from 554ba5e ldb: Add more data test data for one level test cases
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit beb6c13e9a8c317bca240e875d9e3bcd940a02fb
Author: Volker Lendecke v...@samba.org
Date: Mon Feb 4 15:52:49 2013 +0100
winbind: Fix an incompatible pointer type warning
Signed-off-by: Volker Lendecke v...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Fri Feb 8 15:27:51 CET 2013 on sn-devel-104
commit c03d5c5740f9d1894a971110029e8f567d300d8a
Author: Volker Lendecke v...@samba.org
Date: Fri Jan 11 15:32:39 2013 +0100
dbwrap: Prevent transactions on non-persistent dbs
dbwrap_ctdb does not allow this anyway. This patch will avoid suprises
when going non-clustered to clustered. Not everybody is developing
against a clustered environment :-)
Signed-off-by: Volker Lendecke v...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
commit dc2e47508d7075cf6507e0dea03da6999ef9097e
Author: Volker Lendecke v...@samba.org
Date: Fri Jan 11 17:29:01 2013 +0100
torture: We use transactions for CLEAR_IF_FIRST db
This does not work in the ctdb case
Signed-off-by: Volker Lendecke v...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
---
Summary of changes:
lib/dbwrap/dbwrap.c |5 +
source3/torture/test_idmap_tdb_common.c |2 +-
source3/winbindd/wb_getgrsid.c |2 +-
3 files changed, 7 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/dbwrap/dbwrap.c b/lib/dbwrap/dbwrap.c
index 15eb239..f0b7a9a 100644
--- a/lib/dbwrap/dbwrap.c
+++ b/lib/dbwrap/dbwrap.c
@@ -452,6 +452,11 @@ int dbwrap_get_seqnum(struct db_context *db)
int dbwrap_transaction_start(struct db_context *db)
{
+ if (!db-persistent) {
+ DEBUG(1, (transactions not supported on non-persistent
+ database %s\n, db-name));
+ return -1;
+ }
return db-transaction_start(db);
}
diff --git a/source3/torture/test_idmap_tdb_common.c
b/source3/torture/test_idmap_tdb_common.c
index d081660..5681eef 100644
--- a/source3/torture/test_idmap_tdb_common.c
+++ b/source3/torture/test_idmap_tdb_common.c
@@ -89,7 +89,7 @@ static bool open_db(struct idmap_tdb_common_context *ctx)
return false;
}
- ctx-db = db_open(ctx, db_path, 0, TDB_DEFAULT | TDB_CLEAR_IF_FIRST,
+ ctx-db = db_open(ctx, db_path, 0, TDB_DEFAULT,
O_RDWR | O_CREAT, 0600,
DBWRAP_LOCK_ORDER_1);
diff --git a/source3/winbindd/wb_getgrsid.c b/source3/winbindd/wb_getgrsid.c
index fa376da..f3899b0 100644
--- a/source3/winbindd/wb_getgrsid.c
+++ b/source3/winbindd/wb_getgrsid.c
@@ -143,7 +143,7 @@ static void wb_getgrsid_sid2gid_done(struct tevent_req
*subreq)
* mapped to ID_TYPE_BOTH:
* create a group with the sid/xid as only member
*/
- char *name;
+ const char *name;
if (xid.type != ID_TYPE_BOTH) {
tevent_req_nterror(req, NT_STATUS_NO_SUCH_GROUP);
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 009cf6e s3:auth: wbcAuthenticateEx gives unix times (bug #9625) from cf27c2f selftest: skip smb2.ioctl tests on ntvfs http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 009cf6e9ceaef91805a8a7573090d051f8f74a92 Author: Stefan Metzmacher me...@samba.org Date: Thu Jan 31 13:39:42 2013 +0100 s3:auth: wbcAuthenticateEx gives unix times (bug #9625) We also need to convert last_logon, last_logoff and acct_expiry from unix time to nt time. Otherwise a windows member server will reject clients using CAP_DYNAMIC_REAUTH or smb2) with STATUS_NETWORK_SESSION_EXPIRED, if the logoff and kickoff time is expired. Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Michael Adam ob...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Fri Feb 1 18:42:42 CET 2013 on sn-devel-104 --- Summary of changes: source3/auth/server_info.c |6 +++--- 1 files changed, 3 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/auth/server_info.c b/source3/auth/server_info.c index 3f4f708..d2b7d6e 100644 --- a/source3/auth/server_info.c +++ b/source3/auth/server_info.c @@ -568,9 +568,9 @@ struct netr_SamInfo3 *wbcAuthUserInfo_to_netr_SamInfo3(TALLOC_CTX *mem_ctx, info3 = talloc_zero(mem_ctx, struct netr_SamInfo3); if (!info3) return NULL; - info3-base.logon_time = info-logon_time; - info3-base.logoff_time = info-logoff_time; - info3-base.kickoff_time = info-kickoff_time; + unix_to_nt_time(info3-base.logon_time, info-logon_time); + unix_to_nt_time(info3-base.logoff_time, info-logoff_time); + unix_to_nt_time(info3-base.kickoff_time, info-kickoff_time); unix_to_nt_time(info3-base.last_password_change, info-pass_last_set_time); unix_to_nt_time(info3-base.allow_password_change, info-pass_can_change_time); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 394622e s3:winbindd: change getpwsid() to return a passwd struct
for a group sid id-mapped with ID_TYPE_BOTH
via b7095e9 s3:winbindd: check the correct variable for talloc success
in rpc_query_user()
via 40e3df7 s3:winbindd:getgrnam: also produce a group struct for a
user with ID_TYPE_BOTH
via d2360fe s3:winbindd: create group structs for gids that are coming
from a user sid id-mapped with ID_TYPE_BOTH
via 729e2c3 s3:winbindd: factor add_wbint_Principal_to_dict() out of
wb_group_members_done()
via 3680cc4 s3:winbindd: fix a cut'n'paste comment typo in wb_fill_pwent
via c0f47d4 s3:winbindd: rename winbindd_getgrnam_lookupsid_done to
winbindd_getgrnam_lookupname_done
from bab61a2 s3:utils/net remove aclmapset command
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 394622ef8c916cf361f8596dba4664dc8d6bfc9e
Author: Michael Adam ob...@samba.org
Date: Tue Jan 22 18:08:25 2013 +0100
s3:winbindd: change getpwsid() to return a passwd struct for a group sid
id-mapped with ID_TYPE_BOTH
Signed-off-by: Michael Adam ob...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Tue Jan 29 23:46:19 CET 2013 on sn-devel-104
commit b7095e9818bba8c43065cc1b1f29551203dc098b
Author: Michael Adam ob...@samba.org
Date: Tue Jan 22 17:39:44 2013 +0100
s3:winbindd: check the correct variable for talloc success in
rpc_query_user()
Signed-off-by: Michael Adam ob...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
commit 40e3df7c37a15b28f170699ff9b8102416a9107f
Author: Michael Adam ob...@samba.org
Date: Fri Dec 7 00:55:18 2012 +0100
s3:winbindd:getgrnam: also produce a group struct for a user with
ID_TYPE_BOTH
Signed-off-by: Michael Adam ob...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
commit d2360fe56c860fa20051f6373eb2fcc3e4def6b6
Author: Michael Adam ob...@samba.org
Date: Thu Dec 6 22:02:32 2012 +0100
s3:winbindd: create group structs for gids that are coming from a user sid
id-mapped with ID_TYPE_BOTH
This fake group contains exctly one member, namely the user that the sid
is
actually belonging to.
Signed-off-by: Michael Adam ob...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
commit 729e2c36301620ccc61b1d97205fb3f482efbe15
Author: Michael Adam ob...@samba.org
Date: Thu Dec 6 18:06:49 2012 +0100
s3:winbindd: factor add_wbint_Principal_to_dict() out of
wb_group_members_done()
for later reuse
Signed-off-by: Michael Adam ob...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
commit 3680cc4a11ef5476457b580f8422d0ab82451173
Author: Michael Adam ob...@samba.org
Date: Fri Dec 7 16:13:19 2012 +0100
s3:winbindd: fix a cut'n'paste comment typo in wb_fill_pwent
Signed-off-by: Michael Adam ob...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
commit c0f47d43ecf8b603dc7a05822933c5a9a1d23c7c
Author: Michael Adam ob...@samba.org
Date: Fri Dec 7 01:12:11 2012 +0100
s3:winbindd: rename winbindd_getgrnam_lookupsid_done to
winbindd_getgrnam_lookupname_done
That's what it is.
Signed-off-by: Michael Adam ob...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
---
Summary of changes:
source3/winbindd/wb_fill_pwent.c |2 +-
source3/winbindd/wb_getgrsid.c | 49
source3/winbindd/wb_getpwsid.c | 52 -
source3/winbindd/wb_group_members.c | 59 --
source3/winbindd/winbindd_getgrnam.c | 21 +---
source3/winbindd/winbindd_proto.h|5 +++
source3/winbindd/winbindd_rpc.c |2 +-
7 files changed, 157 insertions(+), 33 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/winbindd/wb_fill_pwent.c b/source3/winbindd/wb_fill_pwent.c
index a6a9013..688afc6 100644
--- a/source3/winbindd/wb_fill_pwent.c
+++ b/source3/winbindd/wb_fill_pwent.c
@@ -120,7 +120,7 @@ static void wb_fill_pwent_sid2gid_done(struct tevent_req
*subreq)
* We are filtering further down in sids2xids, but that filtering
* depends on the actual type of the sid handed in (as determined
* by lookupsids). Here we need to filter for the type of object
-* actually requested, in this case uid.
+* actually requested, in this case gid.
*/
if (!(xid.type == ID_TYPE_GID || xid.type == ID_TYPE_BOTH)) {
tevent_req_nterror(req, NT_STATUS_NONE_MAPPED);
diff --git a/source3/winbindd/wb_getgrsid.c b/source3/winbindd/wb_getgrsid.c
index 2097539..fa376da 100644
--- a/source3/winbindd
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via e104e5a Regression test for bug #9571 - Unlink after open causes
smbd to panic
via 578909a Fix bug #9571 - Unlink after open causes smbd to panic.
from 34854ae Fix bug #9588 - ACLs are not inherited to directories for
DFS shares.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit e104e5a8192e9d9a2637035bec343de3c35ca21e
Author: Jeremy Allison j...@samba.org
Date: Thu Jan 24 16:20:14 2013 -0800
Regression test for bug #9571 - Unlink after open causes smbd to panic
Replicates the protocol activity that triggers the crash.
Signed-off-by: Jeremy Allison j...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Mon Jan 28 15:33:17 CET 2013 on sn-devel-104
commit 578909ae19d7ec9dacb960626bd1985a2915365b
Author: Pavel Shilovsky pias...@etersoft.ru
Date: Wed Jan 16 15:02:26 2013 +0400
Fix bug #9571 - Unlink after open causes smbd to panic.
s3:smbd: fix wrong lock order in posix unlink
Signed-off-by: Pavel Shilovsky pias...@etersoft.ru
Reviewed-by: Jeremy Allison j...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
---
Summary of changes:
source3/smbd/trans2.c |6 +++---
source3/torture/torture.c | 44
2 files changed, 47 insertions(+), 3 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c
index 9c77f4d..92d047a 100644
--- a/source3/smbd/trans2.c
+++ b/source3/smbd/trans2.c
@@ -7663,8 +7663,8 @@ static NTSTATUS smb_posix_unlink(connection_struct *conn,
continue;
}
/* Fail with sharing violation. */
- close_file(req, fsp, NORMAL_CLOSE);
TALLOC_FREE(lck);
+ close_file(req, fsp, NORMAL_CLOSE);
return NT_STATUS_SHARING_VIOLATION;
}
}
@@ -7678,12 +7678,12 @@ static NTSTATUS smb_posix_unlink(connection_struct
*conn,
fsp,
smb_fname);
+ TALLOC_FREE(lck);
+
if (!NT_STATUS_IS_OK(status)) {
close_file(req, fsp, NORMAL_CLOSE);
- TALLOC_FREE(lck);
return status;
}
- TALLOC_FREE(lck);
return close_file(req, fsp, NORMAL_CLOSE);
}
diff --git a/source3/torture/torture.c b/source3/torture/torture.c
index 799c911..b59ac30 100644
--- a/source3/torture/torture.c
+++ b/source3/torture/torture.c
@@ -5368,6 +5368,8 @@ static bool run_simple_posix_open_test(int dummy)
bool correct = false;
NTSTATUS status;
size_t nread;
+ const char *fname_windows = windows_file;
+ uint16_t fnum2 = (uint16_t)-1;
printf(Starting simple POSIX open test\n);
@@ -5390,6 +5392,8 @@ static bool run_simple_posix_open_test(int dummy)
cli_posix_unlink(cli1, hname);
cli_setatr(cli1, sname, 0, 0);
cli_posix_unlink(cli1, sname);
+ cli_setatr(cli1, fname_windows, 0, 0);
+ cli_posix_unlink(cli1, fname_windows);
/* Create a directory. */
status = cli_posix_mkdir(cli1, dname, 0777);
@@ -5681,6 +5685,39 @@ static bool run_simple_posix_open_test(int dummy)
goto out;
}
+ /*
+* Now create a Windows file, and attempt a POSIX unlink.
+* This should fail with a sharing violation but due to:
+*
+* [Bug 9571] Unlink after open causes smbd to panic
+*
+* ensure we've fixed the lock ordering violation.
+*/
+
+ status = cli_ntcreate(cli1, fname_windows, 0,
+ FILE_READ_DATA|FILE_WRITE_DATA, 0,
+ FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE,
+ FILE_CREATE,
+ 0x0, 0x0, fnum2);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf(Windows create of %s failed (%s)\n, fname_windows,
+ nt_errstr(status));
+ goto out;
+ }
+
+ /* Now try posix_unlink. */
+ status = cli_posix_unlink(cli1, fname_windows);
+ if (!NT_STATUS_EQUAL(status, NT_STATUS_SHARING_VIOLATION)) {
+ printf(POSIX unlink of %s should fail
+ with NT_STATUS_SHARING_VIOLATION
+ got %s instead !\n,
+ fname_windows,
+ nt_errstr(status));
+ goto out;
+ }
+
+ cli_close(cli1, fnum2);
+
printf(Simple POSIX open test passed\n);
correct = true;
@@ -5691,6 +5728,11
[SCM] Samba Shared Repository - annotated tag ldb-1.1.15 created
The annotated tag, ldb-1.1.15 has been created
at b49e3c4ed5525b4a49f55d994c9182af76162d1f (tag)
tagging 1d1ea72574cfa22ee6207d0e9787d0271db3b5c2 (commit)
replaces ldb-1.1.14
tagged by Stefan Metzmacher
on Sun Jan 27 13:17:00 2013 +0100
- Log -
ldb: tag release ldb-1.1.15
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
iQEcBAABAgAGBQJRBRq8AAoJEEeTkWETCEAl6DwH/3D8Ph7zSmkHVaONKKRE8qUG
mRB4nu6krk+2poD65Cv5KaR/aOKsLVQ4EJ+gAByX6dvdpXnMonpD7cK2aVTLhq5j
7Q1RBzO74aK1OgiOFb6LXVmD0duBAfSByuvy4r0iQt+egcldYVqe2FoDxX9rWS6V
oOy1rN9dbKblVgDBj8ZhTMS3RRcxtnnhiB3h/wjVvTCwEWbTPZ/lnezU/vOupH0c
l1b/YG1XbMUm854ZOn7rZK087RLC3MJcLmJHl7WgqSfZ6eK1mk3tPTzdXJ3/VmV5
jT3JUI024RMa9mMCeWU5KHgmJwEbgk80DXpa+p+OZ7rWkKZDscRO57A0Otwqt24=
=nrxA
-END PGP SIGNATURE-
Alexander Bokovoy (2):
wafsamba: Make sure md5 is really work before using it or overriding the
hash function
wafsamba: replace try:except: case with explicit comment about FIPS mode
Andreas Schneider (112):
BUG 9436: Fix leaking sockets of SMB connections to a DC.
s3-reg: Fix copy and paste error in debug message.
torture: Fix copy and paste error.
torture: Fix copy and paste error in debug message.
libnet: Fix copy and paste error in dbsync error message.
util: Add a UNIX platform independent samba_getpass().
wbinfo: Use new samba_getpass() function.
smbclient: Use new samba_getpass() function.
util: Use new samba_getpass() function.
torture: Use new samba_getpass() in locktest2.
torture: Use new samba_getpass() in smbtorture3.
torture: Use new samba_getpass() in masktest.
net: Use new samba_getpass() function for 'net ads'.
net: Use new samba_getpass() function for 'net rpc'.
net: Use samba_getpass() function in net util.
ntlm_auth: Use new samba_getpass() function.
util: Use new samba_getpass() function for passwd util.
smbget: Use new samba_getpass() function.
cmdline: Use new samba_getpass() function.
ntlm_auth4: Use new samba_getpass() function.
replace: Remove deprecated getpass() support.
BUG 9459: Install manpages only if we install the target.
winbind: Make the code more readable in trustdom_list_done().
s3-registry: Check return code of push_reg_sz().
s3-rpcclient: Check return value of add_string_to_array().
s3-net: Check return value of string_to_sid().
s3-net: Check the return value of strlower_m().
idl: Fix spoolss check for the size of the struct.
s3-printing: Don't call talloc_free on an uninitialized pointer.
vfs: Make sure we don't call talloc_free on an uninitialized pointer.
s3-netapi: Fix zeroing policy handles in NetLocalGroupAdd_r().
torture: Fix torture_rpc_spoolss_printer_teardown_common().
s3-netapi: Initialize group_handle of NetUserSetGroups_r.
s3-auth: Make sure we work on valid data_blobs.
s4-netapi: Initialize group_handle of NetGroupGetUsers_r().
s3-netapi: Initialize group_handle of NetGroupSetUsers_r().
util: Don't use the pid ret value uninitialized.
dfs_server: Don't allocate a subcontext twice.
misc: Add a config for clang complete.
tdb: Fix possible crash bugs in the python tdb code.
tdb: Improve the documentation of tdb_reopen() and tdb_close().
winbind: Use talloc in resolve_alias_to_username().
winbind: Use talloc in resolve_username_to_alias().
s3-lib: Remove unsused variable from sys_get_nfs_quota().
s3-nmbd: Cleanup code to make it more readable.
s4-libnet: Don't call talloc_get_type() for the same struct twice.
nsswitch: Cleanup code in parse_wbinfo_domain_user().
nsswitch: Remove unused variable in _pam_winbind_change_pwd().
nsswitch: Fix pam_get_{item,data} build warnings.
s3-utils: Cleanup code in wait_replies().
s4-client: Make sure we have a valid count if we goto cleanup.
s3-utils: Correctly handle getenv() for the later system() call.
s4-libcli: Fix comparison of chosen_oid.
s3-libsmb: Fix possible comparsion problems.
torture: Make sure we use the correct size for cxd.
s3-ctdb: Make sure addr.sun_path is null terminated.
s4-socket: Make sure unix socket addresses are null terminated.
s3-registry: Fix counters_directory() dir creation.
s3-printing: Correctly create the printing cache path.
s3-lib: Don't close the listener twice if we goto failed.
util: Remove unused fde_stdin in samba_runcmd.
s4-libnet: Fix setting the group handle and return codes.
s4-client: Check return codes in do_connect().
s3-smbd: Check return code of SMB_VFS_{L}STAT.
s4-lib: Use directory_create_or_exist() to create messaging dir.
s3-winbind: Check if we created the directories correctly.
s4-regsitry: Check return value
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via bb3238b s4:service_task: add missing imessaging_cleanup() to
task_server_terminate()
via 431692d s4:service_task: prevent a segfault if task-msg_ctx is not
initialized yet
via 7e7cd07 selftest: rename 'promoted_vampire_dc' to 'promoted_dc'
from 0f8ef5a selftest: Add test of upgradeprovision using the old
alpha13 tree
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit bb3238b46f0ffaf0bc8c0e16bdcc1cf5d2cad197
Author: Stefan Metzmacher me...@samba.org
Date: Sun Jan 27 11:09:39 2013 +0100
s4:service_task: add missing imessaging_cleanup() to task_server_terminate()
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andrew Bartlett abart...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Sun Jan 27 15:50:30 CET 2013 on sn-devel-104
commit 431692df422c3cac71ca12b7e89296172dfcf684
Author: Stefan Metzmacher me...@samba.org
Date: Sun Jan 27 11:01:07 2013 +0100
s4:service_task: prevent a segfault if task-msg_ctx is not initialized yet
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andrew Bartlett abart...@samba.org
commit 7e7cd07c405f8b66f5979047cb1a50e1e7a55edd
Author: Stefan Metzmacher me...@samba.org
Date: Sun Jan 27 12:15:50 2013 +0100
selftest: rename 'promoted_vampire_dc' to 'promoted_dc'
Unix domain socket are limited to 104 characters on Linux.
Using something like this fails as it uses more than 104 characters:
'/memdisk/autobuild/flakey/b232141/samba/bin/ab/promoted_vampire_dc/private/smbd.tmp/msg/msg.482379.2147483647'
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andrew Bartlett abart...@samba.org
---
Summary of changes:
selftest/target/Samba4.pm | 18 +-
source4/selftest/tests.py |4 ++--
source4/smbd/service_task.c |4 +++-
3 files changed, 14 insertions(+), 12 deletions(-)
Changeset truncated at 500 lines:
diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm
index a08e550..8ad6232 100644
--- a/selftest/target/Samba4.pm
+++ b/selftest/target/Samba4.pm
@@ -995,7 +995,7 @@ sub provision_rpc_proxy($$$)
return $ret;
}
-sub provision_promoted_vampire_dc($$$)
+sub provision_promoted_dc($$$)
{
my ($self, $prefix, $dcvars) = @_;
print PROVISIONING VAMPIRE DC...;
@@ -1056,9 +1056,9 @@ sub provision_promoted_vampire_dc($$$)
return undef;
}
- $ret-{PROMOTED_VAMPIRE_DC_SERVER} = $ret-{SERVER};
- $ret-{PROMOTED_VAMPIRE_DC_SERVER_IP} = $ret-{SERVER_IP};
- $ret-{PROMOTED_VAMPIRE_DC_NETBIOSNAME} = $ret-{NETBIOSNAME};
+ $ret-{PROMOTED_DC_SERVER} = $ret-{SERVER};
+ $ret-{PROMOTED_DC_SERVER_IP} = $ret-{SERVER_IP};
+ $ret-{PROMOTED_DC_NETBIOSNAME} = $ret-{NETBIOSNAME};
$ret-{DC_SERVER} = $dcvars-{DC_SERVER};
$ret-{DC_SERVER_IP} = $dcvars-{DC_SERVER_IP};
@@ -1632,11 +1632,11 @@ sub setup_env($$$)
$self-setup_dc($path/dc);
}
return $self-setup_vampire_dc($path/vampire_dc,
$self-{vars}-{dc});
- } elsif ($envname eq promoted_vampire_dc) {
+ } elsif ($envname eq promoted_dc) {
if (not defined($self-{vars}-{dc})) {
$self-setup_dc($path/dc);
}
- return
$self-setup_promoted_vampire_dc($path/promoted_vampire_dc,
$self-{vars}-{dc});
+ return $self-setup_promoted_dc($path/promoted_dc,
$self-{vars}-{dc});
} elsif ($envname eq subdom_dc) {
if (not defined($self-{vars}-{dc})) {
$self-setup_dc($path/dc);
@@ -1830,18 +1830,18 @@ sub setup_vampire_dc($$$)
return $env;
}
-sub setup_promoted_vampire_dc($$$)
+sub setup_promoted_dc($$$)
{
my ($self, $path, $dc_vars) = @_;
- my $env = $self-provision_promoted_vampire_dc($path, $dc_vars);
+ my $env = $self-provision_promoted_dc($path, $dc_vars);
if (defined $env) {
$self-check_or_start($env, single);
$self-wait_for_start($env);
- $self-{vars}-{promoted_vampire_dc} = $env;
+ $self-{vars}-{promoted_dc} = $env;
# force replicated DC to update repsTo/repsFrom
# for vampired partitions
diff --git a/source4/selftest/tests.py b/source4/selftest/tests.py
index 568d122..5321500 100755
--- a/source4/selftest/tests.py
+++ b/source4/selftest/tests.py
@@ -498,10 +498,10 @@ plantestsuite(samba4.blackbox.provision-backend,
none, [PYTHON=%s % python
plantestsuite(samba4.blackbox.renamedc.sh, none, [PYTHON=%s % python,
os.path.join(bbdir, renamedc.sh), '$PREFIX/provision'])
# Demote the vampire DC
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via b9f1c88 s4-process_single: Use pid,task_id as cluster_id in
process_single just like process_prefork
via a321dd3 pymessaging: Pass around the server_id struct to python
callbacks rather than the tuple
via a305432 pymessaging: Use correct unsigned types for server ID tuple
elememnts
via 1d1ea72 ldb: Ensure to decrement the transaction_active whenever we
delete a transaction
via 1ea6fab ldb: fix a warning by converting from TDB_DATA to struct
ldb_val
from d79485a Regression test for bug #9587 - archive flag is always set
on directories.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit b9f1c8887ed1c8c29259021d4f2b9a549caa4061
Author: Andrew Bartlett abart...@samba.org
Date: Fri Jan 25 23:00:12 2013 +1100
s4-process_single: Use pid,task_id as cluster_id in process_single just
like process_prefork
This avoids two different process single task servers (eg the drepl
server) sharing the same server id. The task id starts at 2^31 to
avoid collision with the fd based scheme for connections.
Fix-bug: https://bugzilla.samba.org/show_bug.cgi?id=9598
Reported-by: Matthieu Patou m...@matws.net
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Sat Jan 26 16:13:05 CET 2013 on sn-devel-104
commit a321dd3aafa0f6ec8b39cd4fc64146dfbf24ce65
Author: Andrew Bartlett abart...@samba.org
Date: Sat Jan 26 09:09:23 2013 +1100
pymessaging: Pass around the server_id struct to python callbacks rather
than the tuple
This is not used currently, but may avoid going to and from the python
types when we do not need to.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher me...@samba.org
commit a3054323d3fa1dadff1675e7f8ec672a991d8e56
Author: Andrew Bartlett abart...@samba.org
Date: Sat Jan 26 08:58:46 2013 +1100
pymessaging: Use correct unsigned types for server ID tuple elememnts
This is needed if we start using the top bits of these values.
Andrew Bartlett
Reviewed-by: Matthieu Patou m...@matws.net
Reviewed-by: Stefan Metzmacher me...@samba.org
commit 1d1ea72574cfa22ee6207d0e9787d0271db3b5c2
Author: Andrew Bartlett abart...@samba.org
Date: Sat Jan 26 09:35:21 2013 +1100
ldb: Ensure to decrement the transaction_active whenever we delete a
transaction
This is in the error path for prepare_commit, which rarely fails, but
when it does we need to ensure that when a new transaction is opened,
that it really starts a new transaction.
We bump the version to recognise critical fix for the AD DC
Without this fix, a single invalid inbound replicated link disables
all subsequent replication as we operate without a transaction (which
is refused by ldb_tdb).
Andrew Bartlett
Reviewed-by: Matthieu Patou m...@matws.net
Reviewed-by: Stefan Metzmacher me...@samba.org
commit 1ea6fabcde6cbd57aed06926193ac68f5887e96b
Author: Stefan Metzmacher me...@samba.org
Date: Thu Jan 24 14:21:51 2013 +0100
ldb: fix a warning by converting from TDB_DATA to struct ldb_val
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andrew Bartlett abart...@samba.org
---
Summary of changes:
lib/ldb/ABI/{ldb-1.1.14.sigs = ldb-1.1.15.sigs} |0
...ldb-util-1.1.10.sigs = pyldb-util-1.1.15.sigs} |0
lib/ldb/common/ldb.c |1 +
lib/ldb/tools/ldbdump.c|6 -
lib/ldb/wscript|2 +-
source4/lib/messaging/pymessaging.c| 20 ++
source4/smbd/process_single.c | 21 ---
7 files changed, 35 insertions(+), 15 deletions(-)
copy lib/ldb/ABI/{ldb-1.1.14.sigs = ldb-1.1.15.sigs} (100%)
copy lib/ldb/ABI/{pyldb-util-1.1.10.sigs = pyldb-util-1.1.15.sigs} (100%)
Changeset truncated at 500 lines:
diff --git a/lib/ldb/ABI/ldb-1.1.14.sigs b/lib/ldb/ABI/ldb-1.1.15.sigs
similarity index 100%
copy from lib/ldb/ABI/ldb-1.1.14.sigs
copy to lib/ldb/ABI/ldb-1.1.15.sigs
diff --git a/lib/ldb/ABI/pyldb-util-1.1.10.sigs
b/lib/ldb/ABI/pyldb-util-1.1.15.sigs
similarity index 100%
copy from lib/ldb/ABI/pyldb-util-1.1.10.sigs
copy to lib/ldb/ABI/pyldb-util-1.1.15.sigs
diff --git a/lib/ldb/common/ldb.c b/lib/ldb/common/ldb.c
index 7a997f7..3dc6d87 100644
--- a/lib/ldb/common/ldb.c
+++ b/lib/ldb/common/ldb.c
@@ -408,6 +408,7 @@ int ldb_transaction_prepare_commit(struct ldb_context *ldb)
status = module-ops-prepare_commit(module);
if (status != LDB_SUCCESS) {
+ ldb-transaction_active--;
/* if a module fails the prepare then we need
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 875a172 docs: ldbsearch.1.xml: Correct meta data.
via 99e2a63 docs: ldbrename.1.xml: Correct meta data.
via 25cc400 docs: ldbmodify.1.xml: Correct meta data.
via f585052 docs: ldbedit.1.xml: Correct meta data.
via 918057b docs: ldbdel.1.xml: Correct meta data.
via 1d4346d docs: ldbadd.1.xml: Correct meta data.
via 7d56b94 docs: ldb.3.xml: Correct meta data.
via df004b5 gensec: Allow login without a PAC by default (bug #9581)
from 497febf Fix bug #9586 - smbd[29175]: disk_free: sys_popen() failed
message logged in /var/log/message many times.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 875a1721ae014cbb580d9596344675e890cf9964
Author: Karolin Seeger ksee...@samba.org
Date: Thu Jan 24 11:52:37 2013 +0100
docs: ldbsearch.1.xml: Correct meta data.
Signed-off-by: Karolin Seeger ksee...@samba.org
Karolin
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Thu Jan 24 16:09:37 CET 2013 on sn-devel-104
commit 99e2a63a0c64de4c3c26e66984a6c542052e97ba
Author: Karolin Seeger ksee...@samba.org
Date: Thu Jan 24 11:52:15 2013 +0100
docs: ldbrename.1.xml: Correct meta data.
Signed-off-by: Karolin Seeger ksee...@samba.org
Karolin
Reviewed-by: Stefan Metzmacher me...@samba.org
commit 25cc400c64958e2e2e2e812a0d34064f1957d0c4
Author: Karolin Seeger ksee...@samba.org
Date: Thu Jan 24 11:51:49 2013 +0100
docs: ldbmodify.1.xml: Correct meta data.
Signed-off-by: Karolin Seeger ksee...@samba.org
Karolin
Reviewed-by: Stefan Metzmacher me...@samba.org
commit f585052d888a3bb4f9c81d9a9512eca7f7867c98
Author: Karolin Seeger ksee...@samba.org
Date: Thu Jan 24 11:51:28 2013 +0100
docs: ldbedit.1.xml: Correct meta data.
Signed-off-by: Karolin Seeger ksee...@samba.org
Karolin
Reviewed-by: Stefan Metzmacher me...@samba.org
commit 918057bd11e9ed1457cf0119f4c0c1f9c418c566
Author: Karolin Seeger ksee...@samba.org
Date: Thu Jan 24 11:50:55 2013 +0100
docs: ldbdel.1.xml: Correct meta data.
Signed-off-by: Karolin Seeger ksee...@samba.org
Karolin
Reviewed-by: Stefan Metzmacher me...@samba.org
commit 1d4346d4b7c7afc4f578afb3b8d0e08e36812b39
Author: Karolin Seeger ksee...@samba.org
Date: Thu Jan 24 11:50:26 2013 +0100
docs: ldbadd.1.xml: Correct meta data.
Signed-off-by: Karolin Seeger ksee...@samba.org
Karolin
Reviewed-by: Stefan Metzmacher me...@samba.org
commit 7d56b9401129c18a948bbd0bb4fea547d4b3a7c4
Author: Karolin Seeger ksee...@samba.org
Date: Thu Jan 24 11:50:00 2013 +0100
docs: ldb.3.xml: Correct meta data.
Signed-off-by: Karolin Seeger ksee...@samba.org
Karolin
Reviewed-by: Stefan Metzmacher me...@samba.org
commit df004b5014b92b987f907047d2ca9f567e3d0ac1
Author: Andrew Bartlett abart...@samba.org
Date: Tue Jan 22 14:45:14 2013 +1100
gensec: Allow login without a PAC by default (bug #9581)
The sense of this test was inverted. We only want to take the
ACCESS_DENIED error
if gensec:require_pac=true.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher me...@samba.org
---
Summary of changes:
auth/gensec/gensec_util.c |2 +-
lib/ldb/man/ldb.3.xml |4 ++--
lib/ldb/man/ldbadd.1.xml|6 +++---
lib/ldb/man/ldbdel.1.xml|6 +++---
lib/ldb/man/ldbedit.1.xml |6 +++---
lib/ldb/man/ldbmodify.1.xml |6 +++---
lib/ldb/man/ldbrename.1.xml |6 +++---
lib/ldb/man/ldbsearch.1.xml |6 +++---
8 files changed, 21 insertions(+), 21 deletions(-)
Changeset truncated at 500 lines:
diff --git a/auth/gensec/gensec_util.c b/auth/gensec/gensec_util.c
index d732213..64952b1 100644
--- a/auth/gensec/gensec_util.c
+++ b/auth/gensec/gensec_util.c
@@ -42,7 +42,7 @@ NTSTATUS gensec_generate_session_info_pac(TALLOC_CTX *mem_ctx,
session_info_flags |= AUTH_SESSION_INFO_DEFAULT_GROUPS;
if (!pac_blob) {
- if (!gensec_setting_bool(gensec_security-settings, gensec,
require_pac, false)) {
+ if (gensec_setting_bool(gensec_security-settings, gensec,
require_pac, false)) {
DEBUG(1, (Unable to find PAC in ticket from %s,
failing to allow access\n,
principal_string));
return NT_STATUS_ACCESS_DENIED;
diff --git a/lib/ldb/man/ldb.3.xml b/lib/ldb/man/ldb.3.xml
index 37c4e80..b93d532 100644
--- a/lib/ldb/man/ldb.3.xml
+++ b/lib/ldb/man/ldb.3.xml
@@ -5,9 +5,9 @@
refmeta
refentrytitleldb/refentrytitle
manvolnum3/manvolnum
- refmiscinfo class=sourceSamba
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 1915b17 dsdb-acl: remove unused variable
via f9868b7 smbd: Fix a NULL vs false return error
from 3d1abb9 waf: Fix pdb_ldap which cannot be built as a module.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 1915b17d09485b9491caf3410b0c5186f6c2c616
Author: Stefan Metzmacher me...@samba.org
Date: Thu Jan 17 17:19:03 2013 +0100
dsdb-acl: remove unused variable
Signed-off-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Wed Jan 23 20:04:09 CET 2013 on sn-devel-104
commit f9868b7ffd44a76155dbac1dc4b12f2d89af5380
Author: Volker Lendecke v...@samba.org
Date: Tue Jan 22 13:14:41 2013 +0100
smbd: Fix a NULL vs false return error
Reviewed-by: Stefan Metzmacher me...@samba.org
---
Summary of changes:
source3/smbd/server.c |2 +-
source4/dsdb/samdb/ldb_modules/acl_util.c |1 -
2 files changed, 1 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/smbd/server.c b/source3/smbd/server.c
index 00472db..57fe7b6 100644
--- a/source3/smbd/server.c
+++ b/source3/smbd/server.c
@@ -282,7 +282,7 @@ static bool smbd_parent_notify_init(TALLOC_CTX *mem_ctx,
state = talloc(mem_ctx, struct smbd_parent_notify_state);
if (state == NULL) {
- return NULL;
+ return false;
}
state-msg = msg;
state-ev = ev;
diff --git a/source4/dsdb/samdb/ldb_modules/acl_util.c
b/source4/dsdb/samdb/ldb_modules/acl_util.c
index 795a39c..9be376d 100644
--- a/source4/dsdb/samdb/ldb_modules/acl_util.c
+++ b/source4/dsdb/samdb/ldb_modules/acl_util.c
@@ -203,7 +203,6 @@ int acl_check_extended_right(TALLOC_CTX *mem_ctx,
NTSTATUS status;
uint32_t access_granted;
struct object_tree *root = NULL;
- struct object_tree *new_node = NULL;
TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
GUID_from_string(ext_right, right);
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via abc0030 dsdb: Fix warning about unused var
via c52408f dsdb: Explain ordering constraints on the ACL module as
well.
via 8f078cd dsdb: Ensure authenticated users is processed for group
memberships
via d36c030 libcli/security: remove useless if (root-num_of_children
0) statements
via 853ecd4 libcli/security: add init_mask to existing children in
insert_in_object_tree
via 5b4e3de libcli/security: handle node initialisation in one spot in
insert_in_object_tree()
via a359aef libcli/security: avoid usage of dom_sid_parse_talloc() in
sec_access_check_ds()
via a3fffde libcli/security: simplify get_ace_object_type()
via b0f731f libcli/security: fix formating in access_check.c
via 10a90ce libcli/security: fix whitespaces in access_check.c
via 0ebb937 dsdb-acl: the SEC_ADS_DELETE_CHILD checks need
objectclass-schemaIDGUID
via 8f8d97f dsdb-acl: make use of acl_check_access_on_objectclass() for
the object in acl_delete()
via 8aa8555 dsdb-acl: make use of
acl_check_access_on_{attribute,objectclass} in acl_rename()
via 8d31e42 dsdb-acl: make use of acl_check_access_on_attribute() in
acl_modify()
via 8e47e64 dsdb-acl: remove unused acl_check_access_on_class()
via 34f1a52 dsdb-acl: use acl_check_access_on_objectclass() instead of
acl_check_access_on_class()
via 6a4063f dsdb-acl: Use the structural objectClass in
acl_check_access_on_attribute()
via e8cc59e dsdb-acl: Pass the structural objectClass into
acl_check_access_on_attribute
via 93944ea dsdb-acl: Remove unused get_oc_guid_from_message()
via a1b421e dsdb-acl: ask for the objectClass attribute if it's not in
the scope of the clients search
via 6ab4150 dsdb-acl: use dsdb_get_structural_oc_from_msg() rather than
class_schemaid_guid_by_lDAPDisplayName
via 7304339 dsdb-acl: Use dsdb_get_structural_oc_from_msg() in
acl_rename()
via 6d7e53a dsdb-acl: Use dsdb_get_structural_oc_from_msg() in
acl_modify()
via 097fae2 dsdb-acl: add acl_check_access_on_objectclass() helper
via 74bfec0 dsdb-acl: Add helper function
dsdb_get_structural_oc_from_msg()
via 2685a4e dsdb-acl: attr is not optional to
acl_check_access_on_attribute()
via d695b8a dsdb-acl: dsdb_attribute_by_lDAPDisplayName() is needed for
all attributes
via ddfb8fe dsdb-acl: introduce a 'el' helper variable to acl_modify()
via 71b856a dsdb-acl: introduce a 'msg' helper variable to acl_modify()
via c2853f5 dsdb-schema: make sure we build [system]PossibleInferiors
completely
via 1f673bf dsdb-schema: make sure use clean caches in
schema_inferiors.c
via c4b9ee2 dsdb-schema: make schema_subclasses_order_recurse() static
from 58fadf2 BUG 9474: Downgrade v4 printer driver requests to v3.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit abc0030f780b775bf7656b572ee754ebd8079b5d
Author: Matthieu Patou m...@matws.net
Date: Sat Dec 29 16:43:44 2012 -0800
dsdb: Fix warning about unused var
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Mon Jan 21 17:51:16 CET 2013 on sn-devel-104
commit c52408f461fb3515cde17eebb458b566fd0a049c
Author: Andrew Bartlett abart...@samba.org
Date: Wed Jan 2 09:27:51 2013 +1100
dsdb: Explain ordering constraints on the ACL module as well.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andrew Bartlett abart...@samba.org
commit 8f078cdf247476fad511bb6d7e00c8654fd26e85
Author: Andrew Bartlett abart...@samba.org
Date: Sat Dec 29 15:13:54 2012 +1100
dsdb: Ensure authenticated users is processed for group memberships
This change moves the addition of Authenticated Users from the very end
of the
token processing to the start. The reason is that we need to see if
Authenticated Users is a member of other builtin groups, just as we
would for any other SID. This picks up the Pre-Windows 2000 Compatible
Access
group, which is in turn often used in ACLs on LDAP objects.
Without this change, the eventual token does not contain S-1-5-32-554
and users other than Administrator are unable to read uidNumber
(in particular).
Andrew Bartlett
Reviewed-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andrew Bartlett abart...@samba.org
commit d36c03056fb85dfedbafd3a59497e35db63ade17
Author: Andrew Bartlett abart...@samba.org
Date: Thu Jan 3 21:30:12 2013 +1100
libcli/security: remove useless if (root-num_of_children 0) statements
The for loop does this implicitly when comparing for (i = 0; i
root-num_of_children; i++)
Andrew Bartlett
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 853360b Fix warnings with mismatched sizes in arguments to DEBUG
statements.
via 80a6fe8 Remove some unused variables.
via dda4814 heimdal_build: Try again to sort out the strerror_r mess
via d90b709 printing: Free talloc_stackframe() on all exit paths
from 63a7d38 nsswitch: Fix two bitfield constants being the same.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 853360b8e558f39218fc150ead367255f3a010b2
Author: Jeremy Allison j...@samba.org
Date: Fri Jan 18 13:57:16 2013 -0800
Fix warnings with mismatched sizes in arguments to DEBUG statements.
This can cause compile errors on 32-bit systems.
Signed-off-by: Jeremy Allison j...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Sat Jan 19 12:14:13 CET 2013 on sn-devel-104
commit 80a6fe84271d15cc22caa3d08768ab5559ef9ed7
Author: Jeremy Allison j...@samba.org
Date: Wed Jan 16 16:12:29 2013 -0800
Remove some unused variables.
Signed-off-by: Jeremy Allison j...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
commit dda48146a2781fe685eeb9dc5194d142ee5ca0ef
Author: Andrew Bartlett abart...@samba.org
Date: Mon Nov 19 23:25:45 2012 +1100
heimdal_build: Try again to sort out the strerror_r mess
Reviewed-by: Stefan Metzmacher me...@samba.org
commit d90b709ebb22fb40cbd46b28d9ec1be7b0ce
Author: Andrew Bartlett abart...@samba.org
Date: Fri Jan 18 13:39:13 2013 +1100
printing: Free talloc_stackframe() on all exit paths
Reviewed-by: Stefan Metzmacher me...@samba.org
---
Summary of changes:
lib/replace/replace.c |2 +-
lib/replace/replace.h |3 ++-
lib/tdb/tools/tdbdump.c |3 ---
source3/printing/nt_printing.c |2 ++
source3/smbd/smb2_ioctl_network_fs.c| 16
source4/heimdal_build/roken.h |8
source4/heimdal_build/wscript_build |1 +
source4/heimdal_build/wscript_configure |7 +++
8 files changed, 21 insertions(+), 21 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/replace/replace.c b/lib/replace/replace.c
index 8f1315a..37edb31 100644
--- a/lib/replace/replace.c
+++ b/lib/replace/replace.c
@@ -785,7 +785,7 @@ char *rep_get_current_dir_name(void)
}
#endif
-#if !defined(HAVE_STRERROR_R) !defined(strerror_r)
+#ifndef HAVE_STRERROR_R
int rep_strerror_r(int errnum, char *buf, size_t buflen)
{
char *s = strerror(errnum);
diff --git a/lib/replace/replace.h b/lib/replace/replace.h
index 62172a9..9774da4 100644
--- a/lib/replace/replace.h
+++ b/lib/replace/replace.h
@@ -570,7 +570,8 @@ ssize_t rep_pwrite(int __fd, const void *__buf, size_t
__nbytes, off_t __offset)
char *rep_get_current_dir_name(void);
#endif
-#if !defined(HAVE_STRERROR_R) !defined(strerror_r)
+#ifndef HAVE_STRERROR_R
+#define strerror_r rep_strerror_r
int rep_strerror_r(int errnum, char *buf, size_t buflen);
#endif
diff --git a/lib/tdb/tools/tdbdump.c b/lib/tdb/tools/tdbdump.c
index bcd395f..47a84d2 100644
--- a/lib/tdb/tools/tdbdump.c
+++ b/lib/tdb/tools/tdbdump.c
@@ -55,9 +55,6 @@ static void log_stderr(struct tdb_context *tdb, enum
tdb_debug_level level,
const char *fmt, ...)
{
va_list ap;
- char *ptr = NULL;
- int debuglevel = 0;
- int ret;
const char *name = tdb_name(tdb);
const char *prefix = ;
diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c
index 7bf2c55..1539b89 100644
--- a/source3/printing/nt_printing.c
+++ b/source3/printing/nt_printing.c
@@ -85,11 +85,13 @@ static bool print_driver_directories_init(void)
if (service 0) {
/* We don't have a print$ share */
DEBUG(5, (No print$ share has been configured.\n));
+ talloc_free(mem_ctx);
return true;
}
driver_path = lp_pathname(mem_ctx, service);
if (driver_path == NULL) {
+ talloc_free(mem_ctx);
return false;
}
diff --git a/source3/smbd/smb2_ioctl_network_fs.c
b/source3/smbd/smb2_ioctl_network_fs.c
index a8d64e3..1e1e3e5 100644
--- a/source3/smbd/smb2_ioctl_network_fs.c
+++ b/source3/smbd/smb2_ioctl_network_fs.c
@@ -160,7 +160,7 @@ static struct tevent_req
*fsctl_srv_copychunk_send(TALLOC_CTX *mem_ctx,
if (in_max_output sizeof(struct srv_copychunk_rsp)) {
DEBUG(3, (max output %d not large enough to hold copy chunk
response %lu\n, (int)in_max_output,
- sizeof(struct srv_copychunk_rsp)));
+ (unsigned long)sizeof(struct
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via e1d50a6 dsdb-operational: Avoid doing the ldb_attr_cmp if bypass
flag is not set
via a0faf16 torture: Fix fsmo test to use correct -H samba-tool syntax
via 18d7e5d dsdb: Do not hold the transaction over the IRPC call to
perform a role transfer
via b40d134 selftest: also skip raw.search as it also spins
via 316fd08 drs-fsmo: Improve handling of FSMO role takeover.
from 6a10255 dsdb-acl: calculate sDRightsEffective based on
nTSecurityDescriptor
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit e1d50a6b24012b42f9987b439a4b94cd8db7
Author: Matthieu Patou m...@matws.net
Date: Thu Dec 27 00:01:49 2012 -0800
dsdb-operational: Avoid doing the ldb_attr_cmp if bypass flag is not set
Most of the time this flag is not set and so we can avoid the strcasecmp
in ldb_attr_cmp()
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Thu Jan 17 17:10:32 CET 2013 on sn-devel-104
commit a0faf16ae9aefc4963b2583970509b1b23e27ce1
Author: Andrew Bartlett abart...@samba.org
Date: Sat Nov 17 13:49:00 2012 +1100
torture: Fix fsmo test to use correct -H samba-tool syntax
However, the test still does not pass.
Reviewed-by: Stefan Metzmacher me...@samba.org
commit 18d7e5df0eb8fb593e66daf25d142584f44b5b87
Author: Andrew Bartlett abart...@samba.org
Date: Tue Jan 15 09:56:46 2013 +1100
dsdb: Do not hold the transaction over the IRPC call to perform a role
transfer
This avoids one samba process locking out another from the DB.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher me...@samba.org
commit b40d134bc1866dd7e5b5e7dfc5bf01f6d55b1c1f
Author: Andrew Bartlett abart...@samba.org
Date: Sun Jan 13 13:03:13 2013 +1100
selftest: also skip raw.search as it also spins
Reviewed-by: Stefan Metzmacher me...@samba.org
commit 316fd085ad2b587b82d817358240f84ae054a543
Author: Andrew Bartlett abart...@samba.org
Date: Tue Nov 20 14:59:17 2012 +1100
drs-fsmo: Improve handling of FSMO role takeover.
This needs to be more async, and give less scary errors.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher me...@samba.org
---
Summary of changes:
selftest/knownfail |1 -
selftest/skip|1 +
source4/dsdb/repl/drepl_fsmo.c |5 +--
source4/dsdb/samdb/ldb_modules/operational.c |2 +-
source4/dsdb/samdb/ldb_modules/rootdse.c | 38 -
source4/rpc_server/drsuapi/getncchanges.c|3 +-
source4/torture/drs/python/fsmo.py |4 +-
7 files changed, 44 insertions(+), 10 deletions(-)
Changeset truncated at 500 lines:
diff --git a/selftest/knownfail b/selftest/knownfail
index bdeb92b..39485af 100644
--- a/selftest/knownfail
+++ b/selftest/knownfail
@@ -135,7 +135,6 @@
^samba4.smb2.acls.*.owner
^samba4.ldap.dirsync.python.dc..__main__.ExtendedDirsyncTests.test_dirsync_deleted_items
#^samba4.ldap.dirsync.python.dc..__main__.ExtendedDirsyncTests.*
-^samba4.drs.fsmo.python
^samba4.libsmbclient.opendir.opendir # This requires netbios browsing
^samba4.rpc.drsuapi.*.drsuapi.DsGetDomainControllerInfo\(.*\)$
^samba4.rpc.drsuapi.*.drsuapi.DsCrackNames\(.*\)$
diff --git a/selftest/skip b/selftest/skip
index 43866bb..5c49306 100644
--- a/selftest/skip
+++ b/selftest/skip
@@ -107,3 +107,4 @@ bench # don't run benchmarks in our selftest
^samba4.rpc.unixinfo # This contains a server-side getpwuid call which hangs
the server when nss_winbindd is in use
^samba.tests.dcerpc.unix # This contains a server-side getpwuid call which
hangs the server when nss_winbindd is in use
base.dir2 # This test spins on modern ext4, so we have to skip it
+raw.search # This test spins on modern ext4, so we have to skip it
diff --git a/source4/dsdb/repl/drepl_fsmo.c b/source4/dsdb/repl/drepl_fsmo.c
index 0e83982..37fb684 100644
--- a/source4/dsdb/repl/drepl_fsmo.c
+++ b/source4/dsdb/repl/drepl_fsmo.c
@@ -108,9 +108,8 @@ NTSTATUS drepl_take_FSMO_role(struct irpc_message *msg,
return NT_STATUS_OK;
}
- if (is_us ||
- (extended_op == DRSUAPI_EXOP_NONE)) {
- DEBUG(0,(FSMO role check failed for DN %s and owner %s \n,
+ if (is_us) {
+ DEBUG(5,(FSMO role check failed, we already own DN %s with
%s\n,
ldb_dn_get_linearized(fsmo_role_dn),
ldb_dn_get_linearized(role_owner_dn)));
r-out.result = WERR_OK;
diff --git a/source4/dsdb/samdb/ldb_modules/operational.c
b/source4/dsdb/samdb/ldb_modules/operational.c
index c642ad8..b1122b3 100644
--- a/source4/dsdb
[SCM] Samba Shared Repository - branch v4-0-test updated
The branch, v4-0-test has been updated via 9712362 Merge tag 'samba-4.0.1' into v4-0-test via d2e9007 VERSION: Bump version number up to 4.0.1. (CVE-2013-0172) via 0c02492 WHATSNEW: Update release notes for Samba 4.0.1. (CVE-2013-0172) via 8bafe08 dsdb: Add test for modification of two attributes, one permitted, one denied (bug #9554 - CVE-2013-0172) via d776fd8 dsdb-acl: Run sec_access_check_ds on each attribute proposed to modify (bug #9554 - CVE-2013-0172) via a758054 libcli/security: Ensure to fill in remaining_access for the initial case (bug #9554 - CVE-2013-0172) from 15652ef selftest: show that Samba honours write list and valid users http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test - Log - commit 9712362a563bfdfe71334071c35c7429e9462811 Merge: 15652efca8644c03a48e258473fe5b58168df333 d2e900757d8e8e2a82cb14e79814ed3cbc8d93c1 Author: Stefan Metzmacher me...@samba.org Date: Tue Jan 15 09:39:07 2013 +0100 Merge tag 'samba-4.0.1' into v4-0-test samba: tag release samba-4.0.1 --- Summary of changes: WHATSNEW.txt | 56 ++ libcli/security/object_tree.c|1 + source4/dsdb/samdb/ldb_modules/acl.c | 55 - source4/dsdb/tests/python/acl.py | 15 + 4 files changed, 99 insertions(+), 28 deletions(-) Changeset truncated at 500 lines: diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 520075f..5c69ca9 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,4 +1,60 @@ = + Release Notes for Samba 4.0.1 + January 15, 2013 + = + + +This is a security release in order to address CVE-2013-0172. + +o CVE-2013-0172: + Samba 4.0.0 as an AD DC may provide authenticated users with write access + to LDAP directory objects. + + In AD, Access Control Entries can be assigned based on the objectClass + of the object. If a user or a group the user is a member of has any + access based on the objectClass, then that user has write access to that + object. + + Additionally, if a user has write access to any attribute on the object, + they may have access to write to all attributes. + + An important mitigation is that anonymous access is totally disabled by + default. The second important mitigation is that normal users are + typically only given the problematic per-objectClass right via the + pre-windows 2000 compatible access group, and Samba 4.0.0 incorrectly + does not make authenticated users part of this group. + +Changes since 4.0.0: + + +o Andrew Bartlett abart...@samba.org +* Bug 9554 - CVE-2013-0172 - Samba 4.0 as an AD DC may provide authenticated + users with write access to LDAP directory objects. + +### +Reporting bugs Development Discussion +### + +Please discuss this release on the samba-technical mailing list or by +joining the #samba-technical IRC channel on irc.freenode.net. + +If you do report problems then please try to send high quality +feedback. If you don't provide vital information to help us track down +the problem then you will probably be ignored. All bug reports should +be filed under the Samba 4.0 product in the project's Bugzilla +database (https://bugzilla.samba.org/). + + +== +== Our Code, Our Bugs, Our Responsibility. +== The Samba Team +== + + +Release notes for older releases follow: + + + = Release Notes for Samba 4.0.0 December 11, 2012 = diff --git a/libcli/security/object_tree.c b/libcli/security/object_tree.c index 6809c8e..dcbd310 100644 --- a/libcli/security/object_tree.c +++ b/libcli/security/object_tree.c @@ -53,6 +53,7 @@ bool insert_in_object_tree(TALLOC_CTX *mem_ctx, return false; } (*root)-guid = *guid; + (*root)-remaining_access = init_access; *new_node = *root; return true; } diff --git a/source4/dsdb/samdb/ldb_modules/acl.c b/source4/dsdb/samdb/ldb_modules/acl.c index 9bf2612..3f09760 100644 --- a/source4/dsdb/samdb/ldb_modules/acl.c +++ b/source4/dsdb/samdb/ldb_modules/acl.c @@ -977,8 +977,6 @@ static int acl_modify(struct ldb_module *module, struct ldb_request *req) unsigned int i; const struct GUID *guid; uint32_t access_granted
[SCM] Samba Shared Repository - branch v4-0-test updated
The branch, v4-0-test has been updated via 6907b3f VERSION: Bump version number up to 4.0.2. from 9712362 Merge tag 'samba-4.0.1' into v4-0-test http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test - Log - commit 6907b3f0c3dddf1b53fbbe2631395d2db48f3e9a Author: Stefan Metzmacher me...@samba.org Date: Tue Jan 15 11:33:01 2013 +0100 VERSION: Bump version number up to 4.0.2. Signed-off-by: Stefan Metzmacher me...@samba.org --- Summary of changes: VERSION |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/VERSION b/VERSION index dc13d87..e3efbd7 100644 --- a/VERSION +++ b/VERSION @@ -25,7 +25,7 @@ SAMBA_VERSION_MAJOR=4 SAMBA_VERSION_MINOR=0 -SAMBA_VERSION_RELEASE=1 +SAMBA_VERSION_RELEASE=2 # If a official release has a serious bug # -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 8f8ca58 tevent: Fix bug 9550 - sigprocmask does not work on FreeBSD
to stop further signals in a signal handler
via 0258138 lib/replace: Include sys/ucontext.h if available.
via fe6e323 lib/replace: Add ucontext configure autoconf checks.
via 7fe400d lib/replace: Add ucontext configure waf checks.
via e54252c lib/replace: Add missing check for sys/wait.h
from a82db92 smbd: Fix bug 9544, part 2
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 8f8ca589d2aa7f9deaae6a05cb5ab73da95372bf
Author: Jeremy Allison j...@samba.org
Date: Mon Jan 14 15:22:11 2013 -0800
tevent: Fix bug 9550 - sigprocmask does not work on FreeBSD to stop further
signals in a signal handler
Mask off signals the correct way from the signal handler.
Signed-off-by: Jeremy Allison j...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Tue Jan 15 12:13:43 CET 2013 on sn-devel-104
commit 0258138e207c8f3e8bb05a47599aa04b4e9567cf
Author: Jeremy Allison j...@samba.org
Date: Mon Jan 14 15:21:52 2013 -0800
lib/replace: Include sys/ucontext.h if available.
Signed-off-by: Jeremy Allison j...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
commit fe6e323addb967b392bfd406c499a6f67fcdc152
Author: Jeremy Allison j...@samba.org
Date: Mon Jan 14 15:21:35 2013 -0800
lib/replace: Add ucontext configure autoconf checks.
Signed-off-by: Jeremy Allison j...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
commit 7fe400de4c189c8bdf0cc8afdebde2f21680fac2
Author: Jeremy Allison j...@samba.org
Date: Mon Jan 14 15:21:12 2013 -0800
lib/replace: Add ucontext configure waf checks.
Signed-off-by: Jeremy Allison j...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
commit e54252ceec213644a8d812e6374476639f764643
Author: Jeremy Allison j...@samba.org
Date: Mon Jan 14 15:06:12 2013 -0800
lib/replace: Add missing check for sys/wait.h
Signed-off-by: Jeremy Allison j...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
---
Summary of changes:
lib/replace/libreplace.m4 | 15 ++-
lib/replace/system/wait.h |4
lib/replace/wscript| 11 ++-
lib/tevent/tevent_signal.c | 29 +
4 files changed, 57 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/replace/libreplace.m4 b/lib/replace/libreplace.m4
index 5a41844..f4ae715 100644
--- a/lib/replace/libreplace.m4
+++ b/lib/replace/libreplace.m4
@@ -68,7 +68,7 @@ AC_FUNC_MEMCMP
AC_CHECK_FUNCS([pipe strftime srandom random srand rand usleep setbuffer lstat
getpgrp utime utimes])
AC_CHECK_HEADERS(stdbool.h stdint.h sys/select.h)
-AC_CHECK_HEADERS(setjmp.h utime.h)
+AC_CHECK_HEADERS(setjmp.h utime.h sys/wait.h)
LIBREPLACE_PROVIDE_HEADER([stdint.h])
LIBREPLACE_PROVIDE_HEADER([stdbool.h])
@@ -126,6 +126,7 @@ AC_CHECK_HEADERS(unix.h)
AC_CHECK_HEADERS(malloc.h)
AC_CHECK_HEADERS(syscall.h)
AC_CHECK_HEADERS(sys/syscall.h)
+AC_CHECK_HEADERS(sys/ucontext.h)
AC_CHECK_FUNCS(syscall setuid seteuid setreuid setresuid setgid setegid
setregid setresgid setgroups)
AC_CHECK_FUNCS(chroot bzero strerror strerror_r memalign posix_memalign
getpagesize)
@@ -415,6 +416,18 @@ if test x$libreplace_cv_struct_timespec = xyes; then
AC_DEFINE(HAVE_STRUCT_TIMESPEC,1,[Whether we have struct timespec])
fi
+AC_CACHE_CHECK([for ucontext_t type],libreplace_cv_ucontext_t, [
+AC_TRY_COMPILE([
+#include signal.h
+#if HAVE_SYS_UCONTEXT_H
+#include sys/ucontext.h
+# endif
+],[ucontext_t uc; sigaddset(uc.uc_sigmask, SIGUSR1);],
+ libreplace_cv_ucontext_t=yes,libreplace_cv_ucontext_t=no)])
+if test x$libreplace_cv_ucontext_t = xyes; then
+ AC_DEFINE(HAVE_UCONTEXT_T,1,[Whether we have ucontext_t])
+fi
+
AC_CHECK_FUNCS([printf memset memcpy],,[AC_MSG_ERROR([Required function not
found])])
echo LIBREPLACE_BROKEN_CHECKS: END
diff --git a/lib/replace/system/wait.h b/lib/replace/system/wait.h
index f0c3bdc..146c61a 100644
--- a/lib/replace/system/wait.h
+++ b/lib/replace/system/wait.h
@@ -40,6 +40,10 @@
#include setjmp.h
#endif
+#ifdef HAVE_SYS_UCONTEXT_H
+#include sys/ucontext.h
+#endif
+
#if !defined(HAVE_SIG_ATOMIC_T_TYPE)
typedef int sig_atomic_t;
#endif
diff --git a/lib/replace/wscript b/lib/replace/wscript
index 674b99d..dff5847 100644
--- a/lib/replace/wscript
+++ b/lib/replace/wscript
@@ -79,7 +79,7 @@ struct foo bar = { .y = 'X', .x = 1 };
conf.CHECK_HEADERS('sys/id.h sys/ioctl.h sys/ipc.h sys/mman.h sys/mode.h
sys/ndir.h sys/priv.h')
conf.CHECK_HEADERS('sys/resource.h sys/security.h sys/shm.h sys/statfs.h
sys/statvfs.h sys
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 065c0ec dsdb: Add test for modification of two attributes, one
permitted, one denied (bug #9554 - CVE-2013-0172)
via b7b91c8 dsdb-acl: Run sec_access_check_ds on each attribute
proposed to modify (bug #9554 - CVE-2013-0172)
via b26668c libcli/security: Ensure to fill in remaining_access for the
initial case (bug #9554 - CVE-2013-0172)
from 8f8ca58 tevent: Fix bug 9550 - sigprocmask does not work on FreeBSD
to stop further signals in a signal handler
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 065c0ec16259f8d57baec5dfe4e6eb9bdea0002a
Author: Andrew Bartlett abart...@samba.org
Date: Thu Jan 10 09:30:38 2013 +1100
dsdb: Add test for modification of two attributes, one permitted, one
denied (bug #9554 - CVE-2013-0172)
Reviewed-by: Stefan Metzmacher me...@samba.org
(cherry picked from commit 8bafe0871526cd5d5e7fdbe123ab661379f64cb1)
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Tue Jan 15 14:03:47 CET 2013 on sn-devel-104
commit b7b91c85945fab87e55cd8fd65a5b4c50a61d03b
Author: Andrew Bartlett abart...@samba.org
Date: Wed Jan 9 16:59:18 2013 +1100
dsdb-acl: Run sec_access_check_ds on each attribute proposed to modify (bug
#9554 - CVE-2013-0172)
This seems inefficient, but is needed for correctness. The
alternative might be to have the sec_access_check_ds code confirm that
*all* of the nodes in the object tree have been cleared to
node-remaining_bits == 0.
Otherwise, I fear that write access to one attribute will become write
access to all attributes.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
(cherry picked from commit d776fd807e0c9a62f428ce666ff812655f98bc47)
commit b26668c606057fb30b20efd912284c3e79d547ff
Author: Andrew Bartlett abart...@samba.org
Date: Thu Jan 3 20:39:23 2013 +1100
libcli/security: Ensure to fill in remaining_access for the initial case
(bug #9554 - CVE-2013-0172)
It is critically important that we initialise this element as otherwise
all access is permitted.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher me...@samba.org
(cherry picked from commit a75805490d96a85786287f5d0522dd7671d6816e)
---
Summary of changes:
libcli/security/object_tree.c|1 +
source4/dsdb/samdb/ldb_modules/acl.c | 55 -
source4/dsdb/tests/python/acl.py | 15 +
3 files changed, 43 insertions(+), 28 deletions(-)
Changeset truncated at 500 lines:
diff --git a/libcli/security/object_tree.c b/libcli/security/object_tree.c
index 6809c8e..dcbd310 100644
--- a/libcli/security/object_tree.c
+++ b/libcli/security/object_tree.c
@@ -53,6 +53,7 @@ bool insert_in_object_tree(TALLOC_CTX *mem_ctx,
return false;
}
(*root)-guid = *guid;
+ (*root)-remaining_access = init_access;
*new_node = *root;
return true;
}
diff --git a/source4/dsdb/samdb/ldb_modules/acl.c
b/source4/dsdb/samdb/ldb_modules/acl.c
index 2de16b7..9056a41 100644
--- a/source4/dsdb/samdb/ldb_modules/acl.c
+++ b/source4/dsdb/samdb/ldb_modules/acl.c
@@ -977,8 +977,6 @@ static int acl_modify(struct ldb_module *module, struct
ldb_request *req)
unsigned int i;
const struct GUID *guid;
uint32_t access_granted;
- struct object_tree *root = NULL;
- struct object_tree *new_node = NULL;
NTSTATUS status;
struct ldb_result *acl_res;
struct security_descriptor *sd;
@@ -1044,12 +1042,6 @@ static int acl_modify(struct ldb_module *module, struct
ldb_request *req)
acl_modify: Error retrieving object class
GUID.);
}
sid = samdb_result_dom_sid(req, acl_res-msgs[0], objectSid);
- if (!insert_in_object_tree(tmp_ctx, guid, SEC_ADS_WRITE_PROP,
- root, new_node)) {
- talloc_free(tmp_ctx);
- return ldb_error(ldb, LDB_ERR_OPERATIONS_ERROR,
-acl_modify: Error adding new node in object
tree.);
- }
for (i=0; i req-op.mod.message-num_elements; i++){
const struct dsdb_attribute *attr;
attr = dsdb_attribute_by_lDAPDisplayName(schema,
@@ -1130,6 +1122,8 @@ static int acl_modify(struct ldb_module *module, struct
ldb_request *req)
goto fail;
}
} else {
+ struct object_tree *root = NULL;
+ struct object_tree *new_node = NULL;
/* This basic attribute existence check
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 95c891c dsdb: Make linked_attributes module GUID based for renames
via a8c745a selftest: skip base.dir2 tests as they just spin on modern
ext4
via bdc172a s4-resolve: Fix parsing of IPv6/ in dns_lookup (bug
#9555)
from 8ae1c46 winbind: Fix some missing NULL checks
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 95c891cf44143e12b2f90047f3fefe6d23c598fd
Author: Andrew Bartlett abart...@samba.org
Date: Fri Jan 11 16:42:41 2013 +1100
dsdb: Make linked_attributes module GUID based for renames
This ensures that when we have the backlink out of sync with the forward
link (perhaps due
to another operation that has put the backlink handling in an
end-of-transaction
TODO list in repl_meta_data) that we do not error out, we just cope as well
as we can.
The GUID is the unique identifier, not the DN.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Sat Jan 12 12:52:28 CET 2013 on sn-devel-104
commit a8c745a28c3278e9fbee6f802dc340fe660f27ca
Author: Andrew Bartlett abart...@samba.org
Date: Fri Jan 11 08:26:07 2013 +1100
selftest: skip base.dir2 tests as they just spin on modern ext4
Reviewed-by: Stefan Metzmacher me...@samba.org
commit bdc172aca541046fd03b2b0cd69e054fe03d3a89
Author: Arvid Requate requ...@univention.de
Date: Fri Jan 11 14:17:06 2013 +0100
s4-resolve: Fix parsing of IPv6/ in dns_lookup (bug #9555)
Reviewed-by: Stefan Metzmacher me...@samba.org
---
Summary of changes:
selftest/skip |1 +
source4/dsdb/samdb/ldb_modules/linked_attributes.c | 77
source4/libcli/resolve/dns_ex.c|1 +
3 files changed, 66 insertions(+), 13 deletions(-)
Changeset truncated at 500 lines:
diff --git a/selftest/skip b/selftest/skip
index 2ee5d8e..4101aa2 100644
--- a/selftest/skip
+++ b/selftest/skip
@@ -107,3 +107,4 @@ bench # don't run benchmarks in our selftest
^samba4.drs.delete_object.python # flakey test
^samba4.rpc.unixinfo # This contains a server-side getpwuid call which hangs
the server when nss_winbindd is in use
^samba.tests.dcerpc.unix # This contains a server-side getpwuid call which
hangs the server when nss_winbindd is in use
+base.dir2 # This test spins on modern ext4, so we have to skip it
diff --git a/source4/dsdb/samdb/ldb_modules/linked_attributes.c
b/source4/dsdb/samdb/ldb_modules/linked_attributes.c
index 5ebf4ef..6e08209 100644
--- a/source4/dsdb/samdb/ldb_modules/linked_attributes.c
+++ b/source4/dsdb/samdb/ldb_modules/linked_attributes.c
@@ -141,7 +141,9 @@ static struct la_context *linked_attributes_init(struct
ldb_module *module,
/*
turn a DN into a GUID
*/
-static int la_guid_from_dn(struct la_context *ac, struct ldb_dn *dn, struct
GUID *guid)
+static int la_guid_from_dn(struct ldb_module *module,
+ struct ldb_request *parent,
+ struct ldb_dn *dn, struct GUID *guid)
{
NTSTATUS status;
int ret;
@@ -153,10 +155,10 @@ static int la_guid_from_dn(struct la_context *ac, struct
ldb_dn *dn, struct GUID
if (!NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
DEBUG(4,(__location__ : Unable to parse GUID for dn %s\n,
ldb_dn_get_linearized(dn)));
- return ldb_operr(ldb_module_get_ctx(ac-module));
+ return ldb_operr(ldb_module_get_ctx(module));
}
- ret = dsdb_module_guid_by_dn(ac-module, dn, guid, ac-req);
+ ret = dsdb_module_guid_by_dn(module, dn, guid, parent);
if (ret != LDB_SUCCESS) {
DEBUG(4,(__location__ : Failed to find GUID for dn %s\n,
ldb_dn_get_linearized(dn)));
@@ -193,7 +195,7 @@ static int la_store_op(struct la_context *ac,
os-op = op;
- ret = la_guid_from_dn(ac, op_dn, os-guid);
+ ret = la_guid_from_dn(ac-module, ac-req, op_dn, os-guid);
talloc_free(op_dn);
if (ret == LDB_ERR_NO_SUCH_OBJECT ac-req-operation == LDB_DELETE) {
/* we are deleting an object, and we've found it has a
@@ -658,6 +660,7 @@ static int linked_attributes_modify(struct ldb_module
*module, struct ldb_reques
}
static int linked_attributes_fix_links(struct ldb_module *module,
+ struct GUID self_guid,
struct ldb_dn *old_dn, struct ldb_dn
*new_dn,
struct ldb_message_element *el, struct
dsdb_schema *schema,
const struct dsdb_attribute *schema_attr,
@@ -684,6 +687,7
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 8ae1c46 winbind: Fix some missing NULL checks
via 54e01f6 winbind: Fix error check in unpack_tdc_domains
via aea49ed dbwrap: Use INCOMPATIBLE_HASH for dbwrap_watchers.tdb
from edbc26b scripting/samba_upgradedns: Only look for IPv4/IPv6
addresses if we actually them
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 8ae1c4636ebfbdb8d77a04dbad6edb52dfb671fc
Author: Volker Lendecke v...@samba.org
Date: Fri Jan 11 14:51:42 2013 +0100
winbind: Fix some missing NULL checks
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Fri Jan 11 18:55:41 CET 2013 on sn-devel-104
commit 54e01f68e7a6869a203bfdbdcc6c0294835b841f
Author: Volker Lendecke v...@samba.org
Date: Fri Jan 11 14:02:52 2013 +0100
winbind: Fix error check in unpack_tdc_domains
Reviewed-by: Stefan Metzmacher me...@samba.org
commit aea49ed37afe49d12fbb6303f6ea5e7f984b2fda
Author: Volker Lendecke v...@samba.org
Date: Fri Jan 11 17:04:39 2013 +0100
dbwrap: Use INCOMPATIBLE_HASH for dbwrap_watchers.tdb
Reviewed-by: Stefan Metzmacher me...@samba.org
---
Summary of changes:
source3/lib/dbwrap/dbwrap_watch.c |7 ++--
source3/winbindd/winbindd_cache.c | 60 +
2 files changed, 38 insertions(+), 29 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/lib/dbwrap/dbwrap_watch.c
b/source3/lib/dbwrap/dbwrap_watch.c
index d7392a3..d8f1b74 100644
--- a/source3/lib/dbwrap/dbwrap_watch.c
+++ b/source3/lib/dbwrap/dbwrap_watch.c
@@ -31,9 +31,10 @@ static struct db_context *dbwrap_record_watchers_db(void)
static struct db_context *watchers_db;
if (watchers_db == NULL) {
- watchers_db = db_open(NULL, lock_path(dbwrap_watchers.tdb),
- 0, TDB_CLEAR_IF_FIRST, O_RDWR|O_CREAT,
- 0600, DBWRAP_LOCK_ORDER_3);
+ watchers_db = db_open(
+ NULL, lock_path(dbwrap_watchers.tdb), 0,
+ TDB_CLEAR_IF_FIRST | TDB_INCOMPATIBLE_HASH,
+ O_RDWR|O_CREAT, 0600, DBWRAP_LOCK_ORDER_3);
}
return watchers_db;
}
diff --git a/source3/winbindd/winbindd_cache.c
b/source3/winbindd/winbindd_cache.c
index 76970d6..252cf4a 100644
--- a/source3/winbindd/winbindd_cache.c
+++ b/source3/winbindd/winbindd_cache.c
@@ -4455,7 +4455,9 @@ static size_t unpack_tdc_domains( unsigned char *buf, int
buflen,
}
for ( i=0; inum_domains; i++ ) {
- len += tdb_unpack( buf+len, buflen-len, fffddd,
+ int this_len;
+
+ this_len = tdb_unpack( buf+len, buflen-len, fffddd,
domain_name,
dns_name,
sid_string,
@@ -4463,11 +4465,12 @@ static size_t unpack_tdc_domains( unsigned char *buf,
int buflen,
attribs,
type );
- if ( len == -1 ) {
+ if ( this_len == -1 ) {
DEBUG(5,(unpack_tdc_domains: Failed to unpack domain
array\n));
TALLOC_FREE( list );
return 0;
}
+ len += this_len;
DEBUG(11,(unpack_tdc_domains: Unpacking domain %s (%s)
SID %s, flags = 0x%x, attribs = 0x%x, type = 0x%x\n,
@@ -4602,6 +4605,33 @@ bool wcache_tdc_add_domain( struct winbindd_domain
*domain )
return ret;
}
+static struct winbindd_tdc_domain *wcache_tdc_dup_domain(
+ TALLOC_CTX *mem_ctx, const struct winbindd_tdc_domain *src)
+{
+ struct winbindd_tdc_domain *dst;
+
+ dst = talloc(mem_ctx, struct winbindd_tdc_domain);
+ if (dst == NULL) {
+ goto fail;
+ }
+ dst-domain_name = talloc_strdup(dst, src-domain_name);
+ if (dst-domain_name == NULL) {
+ goto fail;
+ }
+ dst-dns_name = talloc_strdup(dst, src-dns_name);
+ if (dst-dns_name == NULL) {
+ goto fail;
+ }
+ sid_copy(dst-sid, src-sid);
+ dst-trust_flags = src-trust_flags;
+ dst-trust_type = src-trust_type;
+ dst-trust_attribs = src-trust_attribs;
+ return dst;
+fail:
+ TALLOC_FREE(dst);
+ return NULL;
+}
+
/*
/
@@ -4629,17 +4659,7 @@ struct winbindd_tdc_domain * wcache_tdc_fetch_domain(
TALLOC_CTX *ctx, const cha
DEBUG(10,(wcache_tdc_fetch_domain
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 213e726 build: Set LD_LIBRARY_PATH in install_with_python.sh
via 5a1deec build: Make install_with_python.sh more portable
via 8e84c33 build: In install_with_python.sh force using the python
from the install we just made
via 7acacdf build: Make install_with_python.sh executable
via 489ad49 swat: move russian swat files alongside ja and tr
via b9fbce2 passdb: Add discard_const_p() to pdb_samba_dsdb
via 26bae89 vfs: Fix compilation of solaris ACL module
via 9dfd0a0 build: Remove bashism from SAMBAMANPAGES rule
from 313da9d smb.conf(5): update list of available protocols (bug #9552)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 213e7260a83d4349132e8c159798b476cec3f814
Author: Andrew Bartlett abart...@samba.org
Date: Thu Jan 10 12:00:03 2013 +1100
build: Set LD_LIBRARY_PATH in install_with_python.sh
This ensures that the python install finishes correctly.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Thu Jan 10 14:00:13 CET 2013 on sn-devel-104
commit 5a1deec38a7ff7287b31a47ae61769c66e10de17
Author: Andrew Bartlett abart...@samba.org
Date: Thu Jan 10 09:00:37 2013 +1100
build: Make install_with_python.sh more portable
Reviewed-by: Stefan Metzmacher me...@samba.org
commit 8e84c33a6094288ec2c8964588c679a71742e855
Author: Andrew Bartlett abart...@samba.org
Date: Thu Jan 10 08:51:34 2013 +1100
build: In install_with_python.sh force using the python from the install we
just made
Reviewed-by: Stefan Metzmacher me...@samba.org
commit 7acacdfc05d3162b2879b6ac80d0809b5af96f1e
Author: Andrew Bartlett abart...@samba.org
Date: Thu Jan 10 08:50:53 2013 +1100
build: Make install_with_python.sh executable
Reviewed-by: Stefan Metzmacher me...@samba.org
commit 489ad498ab14340eb99f35a8814418db9db788a5
Author: Andrew Bartlett abart...@samba.org
Date: Thu Dec 20 18:36:40 2012 +1100
swat: move russian swat files alongside ja and tr
Reviewed-by: Stefan Metzmacher me...@samba.org
commit b9fbce20613952ead92dde3981a57f6d825c0584
Author: Andrew Bartlett abart...@samba.org
Date: Thu Dec 13 10:33:04 2012 +1100
passdb: Add discard_const_p() to pdb_samba_dsdb
Reviewed-by: Stefan Metzmacher me...@samba.org
commit 26bae894f2ae898c51535dda14060ecf4786c6ec
Author: Andrew Bartlett abart...@samba.org
Date: Sat Jan 5 14:53:13 2013 +1100
vfs: Fix compilation of solaris ACL module
Andrew Bartlett
Reviewed-by: Stefan Metzmacher me...@samba.org
commit 9dfd0a0dc980b521905399e0b409cb81fbbe6b37
Author: Andrew Bartlett abart...@samba.org
Date: Wed Jan 9 09:39:59 2013 +1100
build: Remove bashism from SAMBAMANPAGES rule
In sh, you must assign the variable, then export it.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher me...@samba.org
---
Summary of changes:
buildtools/wafsamba/wafsamba.py|3 ++-
install_with_python.sh |7 ++-
source3/modules/vfs_solarisacl.c |2 +-
source3/passdb/pdb_samba_dsdb.c|4 ++--
.../lang}/ru/help/welcome-no-samba-doc.html|0
{source3/po = swat/lang}/ru/help/welcome.html |0
{source3/po = swat/lang}/ru/images/globals.gif| Bin 2041 - 2041 bytes
{source3/po = swat/lang}/ru/images/home.gif | Bin 2190 - 2190 bytes
{source3/po = swat/lang}/ru/images/passwd.gif | Bin 1936 - 1936 bytes
{source3/po = swat/lang}/ru/images/printers.gif | Bin 2139 - 2139 bytes
{source3/po = swat/lang}/ru/images/shares.gif | Bin 2081 - 2081 bytes
{source3/po = swat/lang}/ru/images/status.gif | Bin 2305 - 2305 bytes
{source3/po = swat/lang}/ru/images/viewconfig.gif | Bin 2096 - 2096 bytes
{source3/po = swat/lang}/ru/images/wizard.gif | Bin 2605 - 2605 bytes
{source3/po = swat/lang}/ru/include/header.html |0
15 files changed, 11 insertions(+), 5 deletions(-)
mode change 100644 = 100755 install_with_python.sh
rename {source3/po = swat/lang}/ru/help/welcome-no-samba-doc.html (100%)
rename {source3/po = swat/lang}/ru/help/welcome.html (100%)
rename {source3/po = swat/lang}/ru/images/globals.gif (100%)
rename {source3/po = swat/lang}/ru/images/home.gif (100%)
rename {source3/po = swat/lang}/ru/images/passwd.gif (100%)
rename {source3/po = swat/lang}/ru/images/printers.gif (100%)
rename {source3/po = swat/lang}/ru/images/shares.gif (100%)
rename {source3/po = swat/lang}/ru/images/status.gif (100%)
rename {source3/po = swat/lang}/ru/images/viewconfig.gif (100%)
rename {source3/po = swat/lang}/ru/images/wizard.gif (100
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 051a1a9 samba-tool classicupgrade: Do not print the admin password
during upgrade
via 5e0fcb0 s4-idmap: Remove requirement that posixAccount or
posixGroup be set for rfc2307
via c9d2ca5 selftest: Add test for rfc2307 mapping handling
via 5812eb3 dsdb-acl: give error string if we can not obtain the schema
via 99d872e s4-dbcheck: Allow forcing an override of an old @MODULES
record
from 213e726 build: Set LD_LIBRARY_PATH in install_with_python.sh
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 051a1a9c6417c2cbffa7d091ae477a6c7922d363
Author: Andrew Bartlett abart...@samba.org
Date: Sat Dec 22 09:28:05 2012 +1100
samba-tool classicupgrade: Do not print the admin password during upgrade
This changes the code to only set and show a new password if no admin
user is found during the upgrade.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Thu Jan 10 16:55:23 CET 2013 on sn-devel-104
commit 5e0fcb04a48d96669ed4376bfa17f679e3582236
Author: Andrew Bartlett abart...@samba.org
Date: Wed Dec 26 20:48:12 2012 +1100
s4-idmap: Remove requirement that posixAccount or posixGroup be set for
rfc2307
This change matches the source3/idmap/idmap_ad.c code, and allows this
feature to work with only the setting of the UID/GID in Active
Directory Users and Computers.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher me...@samba.org
commit c9d2ca585e198b1006bbf7f1a3c988c1188b66cb
Author: Andrew Bartlett abart...@samba.org
Date: Fri Dec 28 12:36:06 2012 +1100
selftest: Add test for rfc2307 mapping handling
Reviewed-by: Stefan Metzmacher me...@samba.org
commit 5812eb3c1deac51891f01338b4771b1e397dc24d
Author: Andrew Bartlett abart...@samba.org
Date: Thu Jan 3 21:31:22 2013 +1100
dsdb-acl: give error string if we can not obtain the schema
Reviewed-by: Stefan Metzmacher me...@samba.org
commit 99d872ee9261a299add4718c38234dfe9f7658fc
Author: Andrew Bartlett abart...@samba.org
Date: Thu Aug 23 15:18:13 2012 +1000
s4-dbcheck: Allow forcing an override of an old @MODULES record
Reviewed-by: Stefan Metzmacher me...@samba.org
---
Summary of changes:
nsswitch/tests/test_rfc2307_mapping.sh | 181 ++
selftest/selftest.pl |5 +-
selftest/target/Samba4.pm|8 +-
source4/dsdb/samdb/ldb_modules/acl.c |5 +-
source4/scripting/python/samba/dbchecker.py |9 +
source4/scripting/python/samba/netcmd/dbcheck.py | 24 +++-
source4/scripting/python/samba/upgrade.py| 11 ++-
source4/selftest/tests.py|1 +
source4/winbind/idmap.c |9 +-
testprogs/blackbox/dbcheck.sh|5 +
10 files changed, 243 insertions(+), 15 deletions(-)
create mode 100755 nsswitch/tests/test_rfc2307_mapping.sh
Changeset truncated at 500 lines:
diff --git a/nsswitch/tests/test_rfc2307_mapping.sh
b/nsswitch/tests/test_rfc2307_mapping.sh
new file mode 100755
index 000..f1e3ea9
--- /dev/null
+++ b/nsswitch/tests/test_rfc2307_mapping.sh
@@ -0,0 +1,181 @@
+#!/bin/sh
+# Blackbox test for wbinfo and rfc2307 mappings
+if [ $# -lt 4 ]; then
+cat EOF
+Usage: test_rfc2307_mapping.sh DOMAIN USERNAME PASSWORD SERVER UID_RFC2307TEST
GID_RFC2307TEST
+EOF
+exit 1;
+fi
+
+DOMAIN=$1
+USERNAME=$2
+PASSWORD=$3
+SERVER=$4
+UID_RFC2307TEST=$5
+GID_RFC2307TEST=$6
+shift 6
+
+failed=0
+samba4bindir=$BINDIR
+wbinfo=$VALGRIND $samba4bindir/wbinfo
+samba_tool=$VALGRIND $samba4bindir/samba-tool
+ldbmodify=$samba4bindir/ldbmodify
+
+. `dirname $0`/../../testprogs/blackbox/subunit.sh
+
+testfail() {
+ name=$1
+ shift
+ cmdline=$*
+ echo test: $name
+ $cmdline
+ status=$?
+if [ x$status = x0 ]; then
+echo failure: $name
+else
+echo success: $name
+fi
+return $status
+}
+
+knownfail() {
+name=$1
+shift
+cmdline=$*
+echo test: $name
+$cmdline
+status=$?
+if [ x$status = x0 ]; then
+echo failure: $name [unexpected success]
+ status=1
+else
+echo knownfail: $name
+ status=0
+fi
+return $status
+}
+
+
+# Create new testing account
+testit user add $samba_tool user create --given-name=rfc2307
--surname=Tester --initial=UT rfc2307_test_user testp@ssw0Rd $@
+
+#test creation of six different groups
+testit group add $samba_tool group add $CONFIG --group-scope='Domain
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via edbc26b scripting/samba_upgradedns: Only look for IPv4/IPv6
addresses if we actually them
from 051a1a9 samba-tool classicupgrade: Do not print the admin password
during upgrade
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit edbc26bca84ee77b5a9571ba8dc9416c0db25906
Author: Andrew Bartlett abart...@samba.org
Date: Fri Dec 28 10:05:40 2012 +1100
scripting/samba_upgradedns: Only look for IPv4/IPv6 addresses if we
actually them
This allows the script to be used to create/remove the samba-specific
dns-SERVER account
when we do not need to create the in-directory partition.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Thu Jan 10 20:56:50 CET 2013 on sn-devel-104
---
Summary of changes:
source4/scripting/bin/samba_upgradedns | 43 ---
1 files changed, 22 insertions(+), 21 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/scripting/bin/samba_upgradedns
b/source4/scripting/bin/samba_upgradedns
index ba597cf..f389ef7 100755
--- a/source4/scripting/bin/samba_upgradedns
+++ b/source4/scripting/bin/samba_upgradedns
@@ -278,27 +278,6 @@ if __name__ == '__main__':
logger.error(Cannot create AD based DNS for OS level 2003)
sys.exit(1)
-logger.info(Looking up IPv4 addresses)
-hostip = interface_ips_v4(lp)
-try:
-hostip.remove('127.0.0.1')
-except ValueError:
-pass
-if not hostip:
-logger.error(No IPv4 addresses found)
-sys.exit(1)
-else:
-hostip = hostip[0]
-logger.debug(IPv4 addresses: %s % hostip)
-
-logger.info(Looking up IPv6 addresses)
-hostip6 = interface_ips_v6(lp, linklocal=False)
-if not hostip6:
-hostip6 = None
-else:
-hostip6 = hostip6[0]
-logger.debug(IPv6 addresses: %s % hostip6)
-
domaindn = names.domaindn
forestdn = names.rootdn
@@ -351,6 +330,28 @@ if __name__ == '__main__':
ncname = msg[0]['nCName'][0]
except Exception, e:
logger.info(Creating DNS partitions)
+
+logger.info(Looking up IPv4 addresses)
+hostip = interface_ips_v4(lp)
+try:
+hostip.remove('127.0.0.1')
+except ValueError:
+pass
+if not hostip:
+logger.error(No IPv4 addresses found)
+sys.exit(1)
+else:
+hostip = hostip[0]
+logger.debug(IPv4 addresses: %s % hostip)
+
+logger.info(Looking up IPv6 addresses)
+hostip6 = interface_ips_v6(lp, linklocal=False)
+if not hostip6:
+hostip6 = None
+else:
+hostip6 = hostip6[0]
+logger.debug(IPv6 addresses: %s % hostip6)
+
create_dns_partitions(ldbs.sam, domainsid, names, domaindn, forestdn,
dnsadmins_sid)
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via e2e2d72 selftest/flapping: more samba4.rpc.samr.large-dc.two
subtests are flakey
via 6f31848 Happy New Year 2013
from bcacd8f subunit: Update to latest upstream version.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit e2e2d72b0f373793458c0fda3d2ce28e2f3aea29
Author: Stefan Metzmacher me...@samba.org
Date: Tue Jan 1 15:43:57 2013 +0100
selftest/flapping: more samba4.rpc.samr.large-dc.two subtests are flakey
Signed-off-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Tue Jan 1 18:47:42 CET 2013 on sn-devel-104
commit 6f318483709fd1fecd1a1ee1f892eb1c7ca17b94
Author: Stefan Metzmacher me...@samba.org
Date: Tue Jan 1 15:43:36 2013 +0100
Happy New Year 2013
Signed-off-by: Stefan Metzmacher me...@samba.org
---
Summary of changes:
selftest/flapping |2 +-
source3/include/smb.h |2 +-
source4/smbd/server.c |2 +-
3 files changed, 3 insertions(+), 3 deletions(-)
Changeset truncated at 500 lines:
diff --git a/selftest/flapping b/selftest/flapping
index bf7325c..170bf7b 100644
--- a/selftest/flapping
+++ b/selftest/flapping
@@ -25,4 +25,4 @@
^samba3.raw.samba3checkfsp.samba3checkfsp\(plugin_s4_dc\) # Seems to flap -
succeeds on sn-devel, fails on Fedora 16
^samba3.raw.samba3closeerr.samba3closeerr\(plugin_s4_dc\) # Seems to flap -
succeeds on sn-devel, fails on Fedora 16
^samba4.nss.test.*using.*winbind # fails sometimes on sn-devel
-^samba4.rpc.samr.large-dc.two.samr.many_accounts\(vampire_dc\) # often fails
on sn-devel-104
+^samba4.rpc.samr.large-dc.two.samr.many.*\(vampire_dc\) # often fails on
sn-devel-104, rid allocation?
diff --git a/source3/include/smb.h b/source3/include/smb.h
index 2aa2ab3..a163e9e 100644
--- a/source3/include/smb.h
+++ b/source3/include/smb.h
@@ -30,7 +30,7 @@
#include libds/common/roles.h
/* logged when starting the various Samba daemons */
-#define COPYRIGHT_STARTUP_MESSAGE Copyright Andrew Tridgell and the
Samba Team 1992-2012
+#define COPYRIGHT_STARTUP_MESSAGE Copyright Andrew Tridgell and the
Samba Team 1992-2013
#define BUFFER_SIZE (128*1024)
diff --git a/source4/smbd/server.c b/source4/smbd/server.c
index b3d8ae5..193d504 100644
--- a/source4/smbd/server.c
+++ b/source4/smbd/server.c
@@ -367,7 +367,7 @@ static int binary_smbd_main(const char *binary_name, int
argc, const char *argv[
umask(0);
DEBUG(0,(%s version %s started.\n, binary_name,
SAMBA_VERSION_STRING));
- DEBUGADD(0,(Copyright Andrew Tridgell and the Samba Team
1992-2012\n));
+ DEBUGADD(0,(Copyright Andrew Tridgell and the Samba Team
1992-2013\n));
if (sizeof(uint16_t) 2 || sizeof(uint32_t) 4 || sizeof(uint64_t)
8) {
DEBUG(0,(ERROR: Samba is not configured correctly for the word
size on your machine\n));
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via f77bfed s4:drsuapi: try to behave more like windows for usn order (bug #9508) via 16aef75 s4:drsuapi: make use of LDB_TYPESAFE_QSORT() and pass getnc_state via 88833b0 s4:drsuapi: make sure we report the meta data from the cycle start (bug #9508) via 1f89d64 s4:drsuapi: check the source_dsa_invocation_id (bug #9508) via 91f7f2c s4:drsuapi: make sure we never return the same highwatermark twice in a replication cycle (bug #9508) via 7e511b5 s4:drsuapi: add drsuapi_DsReplicaHighWaterMark_cmp() via 02de5b1 s4:drsuapi: always use the current uptodateness_vector via 025c6d6 s4:drsuapi: avoid a ldb_dn_copy() and use talloc_move() instead via 30be17b s4:drsuapi: remove unused 'highest_usn' from drsuapi_getncchanges_state via 551bb2c s4:drsuapi: move struct drsuapi_getncchanges_state to the top of getncchanges.c via 2e9b064 s4:dsdb/drepl: update the source_dsa_obj/invocation_id in repsFrom via e7a26d0 s4:dsdb/common: use 01.01.1970 as last_sync_success for our entry in the uptodatevector via 81fa179 s4:dsdb/common: use LDB_SEQ_HIGHEST_SEQ for our entry in the uptodatevector via 5ecbc89 s4:dsdb/repl_meta_data: don't merge highwatermark and uptodatevector (bug #9508) via ad43bb6 s4:dsdb/repl_meta_data: also update the last_sync_success in replUpToDateVector via 634f8cf s4:dsdb/repl_meta_data: store the last results and timestamps in the repsFrom via a37f46a s4:dsdb/repl_meta_data: always treat the highwatermark as opaque (bug #9508) via 257ae54 s4:scripting/python: always treat the highwatermark as opaque (bug #9508) from e2e2d72 selftest/flapping: more samba4.rpc.samr.large-dc.two subtests are flakey http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit f77bfed088b93f3ed0f00d0c172ad495c6c2b09b Author: Stefan Metzmacher me...@samba.org Date: Sat Dec 15 10:18:08 2012 +0100 s4:drsuapi: try to behave more like windows for usn order (bug #9508) We don't behave completely like a Windows server, but it's much more identical than before. The partition head is always the first object followed by the rest sorted by uSNChanged. Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Tue Jan 1 21:09:42 CET 2013 on sn-devel-104 commit 16aef75c4f83c114206aa7637fedc9c2c2486877 Author: Stefan Metzmacher me...@samba.org Date: Tue Dec 18 15:16:28 2012 +0100 s4:drsuapi: make use of LDB_TYPESAFE_QSORT() and pass getnc_state Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org commit 88833b089a90e8f685d15b508f2e4615afb3a16f Author: Stefan Metzmacher me...@samba.org Date: Tue Dec 18 14:59:20 2012 +0100 s4:drsuapi: make sure we report the meta data from the cycle start (bug #9508) We should build the final highwatermark and uptodatevector of a replication cycle at the start of the cycle. Before we search for the currently missing objects. Otherwise we risk that some objects get lost. Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org commit 1f89d641d09ef983f6a5055bb75099dc0ce57aa8 Author: Stefan Metzmacher me...@samba.org Date: Tue Dec 18 13:40:33 2012 +0100 s4:drsuapi: check the source_dsa_invocation_id (bug #9508) The given highwatermark is only valid relative to the specified source_dsa_invocation_id. Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org commit 91f7f2c04fd00e281b0755a331ca632a4905e3b5 Author: Stefan Metzmacher me...@samba.org Date: Mon Dec 17 11:30:26 2012 +0100 s4:drsuapi: make sure we never return the same highwatermark twice in a replication cycle (bug #9508) If the highwatermark given by the client is not the one we expect, we need to start a new replication cycle. Otherwise the destination dsa skips objects and linked attribute values. Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org commit 7e511b58318cef1b325a8191685ee156a7fc0cb7 Author: Stefan Metzmacher me...@samba.org Date: Mon Dec 17 11:13:43 2012 +0100 s4:drsuapi: add drsuapi_DsReplicaHighWaterMark_cmp() Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org commit 02de5b140cfe6ea31e0686e5f0ff726a22153020 Author: Stefan Metzmacher me...@samba.org Date: Mon Dec 17 16:34:25 2012 +0100 s4:drsuapi: always use the current uptodateness_vector Signed-off-by: Stefan Metzmacher me...@samba.org
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 3e28c29 selftest/flapping: mark samba4.rpc.samr.large-dc.two as knownfail from f2a6afb selftest.pl: Fix typo 'snprintf' - 'sprintf'. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 3e28c29e6bd09bf0067ca6948aa3c538c055d4c5 Author: Stefan Metzmacher me...@samba.org Date: Thu Dec 27 15:35:58 2012 +0100 selftest/flapping: mark samba4.rpc.samr.large-dc.two as knownfail This is really flakey lately: https://git.samba.org/autobuild.flakey/2012-12-27-1533/samba.stdout ... https://git.samba.org/autobuild.flakey/2012-12-10-2338/samba.stdout ... https://git.samba.org/autobuild.flakey/2012-12-09-0135/samba.stdout ... https://git.samba.org/autobuild.flakey/2012-12-06-0333/samba.stdout ... https://git.samba.org/autobuild.flakey/2012-12-05-0731/samba.stdout ... https://git.samba.org/autobuild.flakey/2012-12-03-0334/samba.stdout ... https://git.samba.org/autobuild.flakey/2012-12-02-1532/samba.stdout Signed-off-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Thu Dec 27 17:36:07 CET 2012 on sn-devel-104 --- Summary of changes: selftest/flapping |1 + 1 files changed, 1 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/selftest/flapping b/selftest/flapping index afeae65..bf7325c 100644 --- a/selftest/flapping +++ b/selftest/flapping @@ -25,3 +25,4 @@ ^samba3.raw.samba3checkfsp.samba3checkfsp\(plugin_s4_dc\) # Seems to flap - succeeds on sn-devel, fails on Fedora 16 ^samba3.raw.samba3closeerr.samba3closeerr\(plugin_s4_dc\) # Seems to flap - succeeds on sn-devel, fails on Fedora 16 ^samba4.nss.test.*using.*winbind # fails sometimes on sn-devel +^samba4.rpc.samr.large-dc.two.samr.many_accounts\(vampire_dc\) # often fails on sn-devel-104 -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via a444bb9 tdb: Add a comment explaining the check
via 3109b54 tdb: Make tdb_new_database() follow a more conventional
style
via d972e6f tdb: Fix a typo
via c04de8f tdb: Fix a typo
via 24755d7 tdb: Use tdb_lock_covered_by_allrecord_lock in tdb_unlock
via f8dafe5 tdb: Factor out tdb_lock_covered_by_allrecord_lock from
tdb_lock_list
via 26b8545 tdb: Simplify logic in tdb_lock_list slightly
via 0f4e7a1 tdb: Slightly simplify tdb_lock_list
via 116ec13 tdb: Fix blank line endings
via 7237fdd tdb: Fix a comment
via d2b852d tdb: Fix a typo
via 2c3fd8a tdb: Fix a missing CONVERT
from 2148d86 Fix bug #9196 - defer_open is triggered multiple times on
the same request.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit a444bb95a270ca5b331041c11a7e785c1e0559b7
Author: Volker Lendecke v...@samba.org
Date: Fri Dec 14 16:07:11 2012 +0100
tdb: Add a comment explaining the check
I had to ask git blame to find why we have to do it here...
Reviewed-by: Rusty Russell ru...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Fri Dec 21 13:54:39 CET 2012 on sn-devel-104
commit 3109b541c9b2f0063e1ccb0cdaec0a8e388b29b4
Author: Volker Lendecke v...@samba.org
Date: Fri Dec 14 15:53:08 2012 +0100
tdb: Make tdb_new_database() follow a more conventional style
We usually goto fail on every error and then in normal flow set the
return variable to success. This patch removes a comment which from my
point of view is now obsolete. It violates the {} rule from README.Coding
here in favor of the style used in this function.
Reviewed-by: Rusty Russell ru...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
commit d972e6fa74b6499403d4c3d3c6a84cbda7eded39
Author: Volker Lendecke v...@samba.org
Date: Fri Dec 14 14:50:08 2012 +0100
tdb: Fix a typo
Reviewed-by: Rusty Russell ru...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
commit c04de8f3a4deba0062f8cdbcbe74d3735a80b735
Author: Volker Lendecke v...@samba.org
Date: Fri Dec 14 14:48:31 2012 +0100
tdb: Fix a typo
Reviewed-by: Rusty Russell ru...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
commit 24755d75b0ee7170195bc26cf28bab4ffdb6f752
Author: Volker Lendecke v...@samba.org
Date: Fri Dec 14 09:24:06 2012 +0100
tdb: Use tdb_lock_covered_by_allrecord_lock in tdb_unlock
Reviewed-by: Rusty Russell ru...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
commit f8dafe5685008671f4f983a4defc90b4a05cf992
Author: Volker Lendecke v...@samba.org
Date: Fri Dec 14 09:21:42 2012 +0100
tdb: Factor out tdb_lock_covered_by_allrecord_lock from tdb_lock_list
Reviewed-by: Rusty Russell ru...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
commit 26b8545df44df7e60ba0ba7336ffbdda8a14e423
Author: Volker Lendecke v...@samba.org
Date: Thu Dec 13 22:14:34 2012 +0100
tdb: Simplify logic in tdb_lock_list slightly
Reviewed-by: Rusty Russell ru...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
commit 0f4e7a1401998746a6818b9469ab369d70418ac1
Author: Volker Lendecke v...@samba.org
Date: Thu Dec 13 21:58:00 2012 +0100
tdb: Slightly simplify tdb_lock_list
Avoid an else {} branch when we can do an early return
Reviewed-by: Rusty Russell ru...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
commit 116ec13bb0718eb1de1ac1f4410d5c33f1db616f
Author: Volker Lendecke v...@samba.org
Date: Thu Dec 13 13:31:59 2012 +0100
tdb: Fix blank line endings
Reviewed-by: Rusty Russell ru...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
commit 7237fdd4ddc0b9c848b5936431b4f8731ce56dba
Author: Volker Lendecke v...@samba.org
Date: Fri Dec 14 08:01:12 2012 +0100
tdb: Fix a comment
Reviewed-by: Rusty Russell ru...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
commit d2b852d79bd83754d8952a0e3dece00e513549f2
Author: Volker Lendecke v...@samba.org
Date: Thu Dec 13 12:36:29 2012 +0100
tdb: Fix a typo
Reviewed-by: Rusty Russell ru...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
commit 2c3fd8a13e7dde23a23404cd88078a04c8b338ea
Author: Volker Lendecke v...@samba.org
Date: Tue Dec 11 21:04:58 2012 +0100
tdb: Fix a missing CONVERT
methods-tdb_write expects data in on-disk format. For reading that
record, methods-tdb_read() has taken care of the on-disk to in-memory
representation according to the DOCONV() flag passed down. tdb_rec_write()
is a wrapper around methods-tdb_write just doing the CONVERT() on the
way to disk.
Reviewed-by: Rusty
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 2148d86 Fix bug #9196 - defer_open is triggered multiple times on
the same request.
from d846199 s4-rpc_server: use netlogon_creds_encrypt_samlogon().
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 2148d86c7a2facd6e128b753aef98722843af3e1
Author: Jeremy Allison j...@samba.org
Date: Fri Dec 14 08:39:26 2012 -0800
Fix bug #9196 - defer_open is triggered multiple times on the same request.
get_deferred_open_message_state_smb2() is buggy in that it is checking
the wrong things to determine if an open is in the deferred state.
It checks if (smb2req-async_te == NULL) which is incorrect,
as we're not always async in a deferred open - remove this.
It should check instead state-open_was_deferred as this
is explicity set to 'true' when an open is going deferred,
so add this check.
Signed-off-by: Jeremy Allison j...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Tue Dec 18 14:19:13 CET 2012 on sn-devel-104
---
Summary of changes:
source3/smbd/smb2_create.c |6 +++---
1 files changed, 3 insertions(+), 3 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/smbd/smb2_create.c b/source3/smbd/smb2_create.c
index 812d9db..21f2549 100644
--- a/source3/smbd/smb2_create.c
+++ b/source3/smbd/smb2_create.c
@@ -1133,9 +1133,6 @@ bool get_deferred_open_message_state_smb2(struct
smbd_smb2_request *smb2req,
if (!smb2req) {
return false;
}
- if (smb2req-async_te == NULL) {
- return false;
- }
req = smb2req-subreq;
if (!req) {
return false;
@@ -1144,6 +1141,9 @@ bool get_deferred_open_message_state_smb2(struct
smbd_smb2_request *smb2req,
if (!state) {
return false;
}
+ if (!state-open_was_deferred) {
+ return false;
+ }
if (p_request_time) {
*p_request_time = state-request_time;
}
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 34ac9d8 s4-selftest: make sure to test rpc.samr.passwords.validate
over ncacn_ip_tcp.
via 6a59126 s3-selftest: make sure to test rpc.samr.passwords.validate
over ncacn_ip_tcp.
via 4fd7aaf s4-rpc_server: limit allowed transports for
samr_ValidatePassword().
via c9055a0 s3-rpc_server: limit allowed transports for
samr_ValidatePassword().
via f22efd4 s4-torture: move samr_ValidatePassword test out of main
samr test.
from 014512f dfs_server: Don't allocate a subcontext twice.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 34ac9d878687443c40e9df9941f45d9bc6040529
Author: Günther Deschner g...@samba.org
Date: Tue Dec 11 16:43:12 2012 +0100
s4-selftest: make sure to test rpc.samr.passwords.validate over
ncacn_ip_tcp.
Guenther
Signed-off-by: Günther Deschner g...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Wed Dec 12 13:13:47 CET 2012 on sn-devel-104
commit 6a59126d591b3a9f6a7c505cb8973b826f5cc0b0
Author: Günther Deschner g...@samba.org
Date: Tue Dec 11 16:42:53 2012 +0100
s3-selftest: make sure to test rpc.samr.passwords.validate over
ncacn_ip_tcp.
Guenther
Signed-off-by: Günther Deschner g...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
commit 4fd7aaf2b148fff7d5efc15e9f1923bf56b5b54a
Author: Günther Deschner g...@samba.org
Date: Tue Dec 11 14:43:07 2012 +0100
s4-rpc_server: limit allowed transports for samr_ValidatePassword().
Guenther
Signed-off-by: Günther Deschner g...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
commit c9055a0be444260ddbf44eb13007399bf7dff5e1
Author: Günther Deschner g...@samba.org
Date: Tue Dec 11 14:41:34 2012 +0100
s3-rpc_server: limit allowed transports for samr_ValidatePassword().
Guenther
Signed-off-by: Günther Deschner g...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
commit f22efd402adf61842dd0a97e462a097e80d878a4
Author: Günther Deschner g...@samba.org
Date: Tue Dec 11 09:25:53 2012 +0100
s4-torture: move samr_ValidatePassword test out of main samr test.
Makes it easier to call with ncacn_ip_tcp transport (Windows does not allow
other transports).
Guenther
Signed-off-by: Günther Deschner g...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
---
Summary of changes:
source3/rpc_server/samr/srv_samr_nt.c |5 +
source3/selftest/tests.py |5 -
source4/rpc_server/samr/dcesrv_samr.c |5 +
source4/selftest/tests.py |2 +-
source4/torture/rpc/rpc.c |1 +
source4/torture/rpc/samr.c| 21 +
6 files changed, 33 insertions(+), 6 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/rpc_server/samr/srv_samr_nt.c
b/source3/rpc_server/samr/srv_samr_nt.c
index 1065f2a..580638b 100644
--- a/source3/rpc_server/samr/srv_samr_nt.c
+++ b/source3/rpc_server/samr/srv_samr_nt.c
@@ -6807,6 +6807,11 @@ NTSTATUS _samr_ValidatePassword(struct pipes_struct *p,
struct samr_GetDomPwInfo pw;
struct samr_PwInfo dom_pw_info;
+ if (p-transport != NCACN_IP_TCP p-transport != NCALRPC) {
+ p-fault_state = DCERPC_FAULT_ACCESS_DENIED;
+ return NT_STATUS_ACCESS_DENIED;
+ }
+
if (r-in.level 1 || r-in.level 3) {
return NT_STATUS_INVALID_INFO_CLASS;
}
diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py
index def4d83..57a67ed 100755
--- a/source3/selftest/tests.py
+++ b/source3/selftest/tests.py
@@ -270,7 +270,7 @@ rpc = [rpc.authcontext, rpc.samba3.bind,
rpc.samba3.srvsvc, rpc.samba3.sh
rpc.lsa.privileges, rpc.lsa.secrets,
rpc.samr, rpc.samr.users, rpc.samr.users.privileges,
rpc.samr.passwords,
rpc.samr.passwords.pwdlastset, rpc.samr.large-dc,
rpc.samr.machine.auth,
- rpc.samr.priv,
+ rpc.samr.priv, rpc.samr.passwords.validate,
rpc.netlogon.admin,
rpc.schannel, rpc.schannel2, rpc.bench-schannel1, rpc.join,
rpc.bind]
@@ -327,6 +327,9 @@ for t in tests:
plansmbtorture4testsuite(t, s3dc, 'ncacn_ip_tcp:$SERVER_IP
-U$USERNAME%$PASSWORD', 'over ncacn_ip_tcp ')
plansmbtorture4testsuite(t, plugin_s4_dc, '//$SERVER_IP/tmp
-U$USERNAME%$PASSWORD', 'over ncacn_np ')
plansmbtorture4testsuite(t, plugin_s4_dc, 'ncacn_ip_tcp:$SERVER_IP
-U$USERNAME%$PASSWORD', 'over ncacn_ip_tcp ')
+elif t == rpc.samr.passwords.validate:
+plansmbtorture4testsuite(t, s3dc, 'ncacn_ip_tcp:$SERVER_IP
-U$USERNAME%$PASSWORD', 'over ncacn_ip_tcp ')
+plansmbtorture4testsuite(t
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via ade5bfd s4-torture: call the s4u2self tests with arcfour and aes.
via d0bad6c s4-torture: precalculate expected session keys from
samlogon in schannel test.
via f6cb804 libcli/auth: support AES decryption in
netlogon_creds_decrypt_samlogon().
via be296a2 libcli/auth: remove trailing whitespace.
via f2d9589 s3-auth: remove crypto from serverinfo_to_SamInfoX calls.
via c1fb595 s3-rpc_server: Remove obsolete process_creds boolean in
samlogon server.
via 7f435bd s3-auth: session keys in validation level 6 samlogon
replies are *not* encrypted.
via 6452892 s3-rpc_server: support AES for interactive netlogon
samlogon password decryption.
via 7157263 s4-rpc_server: support AES encryption in interactive and
generic samlogon.
via a52115c s3-rpc_server: we need to encrypt OWFs using DES in
_netr_ServerGetTrustInfo().
via 6aec126 s4-torture: validate owf password hash and negotiate AES in
forest trust test.
via 83b00af s4-torture: validate owf password hash and negotiate AES
ServerGetTrustInfo test.
via 306a78d s3-rpc_server: pass down netlogon cred state in
_netr_ServerGetTrustInfo().
via fd70870 s4-torture: use netlogon_creds_arcfour_crypt() in samba3rpc
test.
via 4afb7dc s4-torture: exit early when join fails in samba3rpc tests.
via 5089442 s4-torture: support AES encryption in interactive samlogon
tests in rpc.samr.
via d94f012 s4-torture: support AES encryption in pac_verify/generic
samlogon netlogon tests.
via 3dffd29 s4-torture: use names for r.in.logon_level of netlogon
samlogon requests.
via 7ea9da0 s4-torture: remove trailing whitespace in smbtorture
remote_pac test.
via c6f4745 s3-rpc_client: use netlogon_creds_aes_encrypt in
interactive netlogon samlogon.
via 01e6970 s4-rpc_server: support AES decryption in
netr_ServerPasswordSet2 server.
via 3dc8c20 s4-torture: add AES support for netr_ServerPasswordSet2
tests.
via 0a09160 s4-torture: pass down netlogon flags in
netr_ServerPasswordSet2 tests.
via d1f481f s4-torture: remove trailing whitespace from netlogon test.
via 1362d54 s3-rpc_server: support AES decryption in
netr_ServerPasswordSet2 server.
via 6434501 s3-rpc_client: support AES encryption in
netr_ServerPasswordSet2 client.
via ec06c81 s3-rpc_client: use netlogon_creds_arcfour_crypt() in
init_netr_CryptPassword.
via 429600c libcli/auth: add netlogon_creds_aes_{en|de}crypt routines.
from b6e2be8 wafsamba: replace try:except: case with explicit comment
about FIPS mode
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit ade5bfd304cc806758a58f04b35834cd730dd9ba
Author: Günther Deschner g...@samba.org
Date: Fri Dec 7 12:51:10 2012 +0100
s4-torture: call the s4u2self tests with arcfour and aes.
Guenther
Signed-off-by: Günther Deschner g...@samba.org
Signed-off-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Sun Dec 9 21:24:44 CET 2012 on sn-devel-104
commit d0bad6c3350698b26ba009bb0c91d0265cc22f60
Author: Günther Deschner g...@samba.org
Date: Fri Dec 7 12:57:18 2012 +0100
s4-torture: precalculate expected session keys from samlogon in schannel
test.
Guenther
Signed-off-by: Günther Deschner g...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
commit f6cb8049b2fe62054d254a006b8a39f000d1d1d5
Author: Günther Deschner g...@samba.org
Date: Fri Dec 7 12:38:16 2012 +0100
libcli/auth: support AES decryption in netlogon_creds_decrypt_samlogon().
Guenther
Signed-off-by: Günther Deschner g...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
commit be296a21fc509cacaedb5aad0c3ca4ccd44b4a62
Author: Günther Deschner g...@samba.org
Date: Fri Dec 7 01:05:00 2012 +0100
libcli/auth: remove trailing whitespace.
Guenther
Signed-off-by: Günther Deschner g...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
commit f2d9589b178c0e3374e1c1ad363639b9e2bdce5f
Author: Günther Deschner g...@samba.org
Date: Thu Dec 6 15:21:02 2012 +0100
s3-auth: remove crypto from serverinfo_to_SamInfoX calls.
All crypto is dealt with within the netlogon samlogon server now.
Guenther
Signed-off-by: Günther Deschner g...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
commit c1fb595081c2b0bf66bce06c09750f53e8031311
Author: Günther Deschner g...@samba.org
Date: Thu Dec 6 14:54:25 2012 +0100
s3-rpc_server: Remove obsolete process_creds boolean in samlogon server.
Guenther
Signed-off-by: Günther Deschner g...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
commit
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 4a8028a s3:smbd:vfs_acl: fix a PANIC when setting an ACL fails with
ACCESS_DENIED
from 61e8b80 s3:passdb: fix building pdb_ldap as shared module
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 4a8028a96e20f140c2d423efd4c010a7d300ca72
Author: Michael Adam ob...@samba.org
Date: Tue Dec 4 02:02:07 2012 +0100
s3:smbd:vfs_acl: fix a PANIC when setting an ACL fails with ACCESS_DENIED
Omission to free the talloc frame causes a panic (at least in developer
mode)
in the next main event loop due to Frame not freed in order.
(Freed frame ../source3/smbd/process.c:3617, expected
../source3/modules/vfs_acl_common.c:534.)
Signed-off-by: Michael Adam ob...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Tue Dec 4 09:03:25 CET 2012 on sn-devel-104
---
Summary of changes:
source3/modules/vfs_acl_common.c |1 +
1 files changed, 1 insertions(+), 0 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/modules/vfs_acl_common.c b/source3/modules/vfs_acl_common.c
index 59ced29..4e3aa72 100644
--- a/source3/modules/vfs_acl_common.c
+++ b/source3/modules/vfs_acl_common.c
@@ -590,6 +590,7 @@ static NTSTATUS fset_nt_acl_common(vfs_handle_struct
*handle, files_struct *fsp,
if (get_current_uid(handle-conn) == 0 ||
chown_needed == false ||
!(fsp-access_mask SEC_STD_WRITE_OWNER)) {
+ TALLOC_FREE(frame);
return NT_STATUS_ACCESS_DENIED;
}
--
Samba Shared Repository
[SCM] Samba Shared Repository - annotated tag ldb-1.1.14 created
The annotated tag, ldb-1.1.14 has been created at ae3f7139cf13ee222beeb7468977e5c8d2484f28 (tag) tagging 6f47497610352f72128bdbcd3b45313ea9a265ab (commit) replaces ldb-1.1.13 tagged by Stefan Metzmacher on Fri Nov 30 09:50:10 2012 +0100 - Log - ldb: tag release ldb-1.1.14 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQEcBAABAgAGBQJQuHNCAAoJEEeTkWETCEAlj4sH/RkMg/tO7q7u25comSE21hRr YuTxqEGpZ5v0DEW0pi10necOWKdzRsnd1aTHj7VMhYhupxb6uKUi0uZ8BpJ+snzf jJyneDDWm9yUhQsbF2lyBEqjix/F/L6jxE7QDe6XOotJhF/uNIfT52ireFfqfT9J GQHwO1nnnkgnP2C/geWlht1MEuf6WJISPNju5Xtu+58TzdAFu6eImaUhwsp4pSL2 6BU+wueWpYbe6JSQr67CMpg71gDGK3C1kw4p3p5Nj9yXjw1vxn/irLPXWEqL3m3k u5+9DbVIQWCK2rVdI8w07n9AMfd8wzFAxsXT6oo4+ryOED4EEYwZLO2+azksgDQ= =Hlq3 -END PGP SIGNATURE- Alexander Bokovoy (1): Fix release script to build full set of documentation Alexander Wuerstlein (3): Set RFC2307 attributes in samba-tool create Tests for 'samba-tool user create' with RFC2307 attributes Warn when setting UID/GID without idmap_ldb:use rfc2307 = Yes Amitay Isaacs (3): s4-dns: dlz_bind9: Ignore zones that are not used by BIND9 DLZ plugin s4-rpc: dnsserver: Ignore DNS zones that are not used by RPC dnsserver s4-dns: Fix format string vulnerability in an error message (bug #9354) Andreas Schneider (24): s3-printing: Increase debug level for info that the db is empty. s3-smbd: Don't segfault if user specified ports out for range. s3-spoolss: Fix builtin forms order to match Windows again. s3fs-smbd: Move housekeeping to the background process. waf: Build pam_smbpass module only if enabled. s3fs-smbd: Make sure the registry is set up before we init printing. s3fs-printing: Fix RAW printing for normal users. packaging: Add config for systemd-tmpfiles. packaging: Add support for reloading systemd services. s3fs-printing: Simplify the comment and location handling. BUG #9295: Build standard auth modules as internal modules. wafsamba: If we define a realname and a soname create a symlink. waf: Create a libnss_winbind.so symlink. waf: Create a libnss_wins.so symlink. ntlm_auth: Increase debug level if we use config domain name. packaging: Move smbprint to a comman location. BUG 9326: Fix net ads join message for the dns domain. packaging: Add NetworkManager dispatcher script for winbind. s3fs-net: Use talloc for memory allocation. s3fs-utils: Free the popt context in smbcacls and smbquotas. s3fs-popt: Add function to burn the commandline password. s3fs-client: Burn commandline password of client utils. torture: Fix smb2.create.blob test. s3:winbind: BUG 9386: Failover if netlogon pipe is not available. Andrew Bartlett (128): libwbclient: bump ABI to 0.11 as wbcAuthenticateUserEx now provides PAC parsing auth/kerberos: add HAVE_KRB5 guard to fix non-krb5 build after winbindd pac changes build: Try not build with LDAP if we do not have ldap.h build: Fix enabled handling for HAVE_LDAP, we need to use bld.CONFIG_SET ntdb: Try to fix the build on Solaris which does not have err lib/replace: Try to fix build on HP-UX for os2_delete test build: Remove unused IRIX and IRIX6 defines lib/util: Remove unbuilt file util_getent.c and BROKEN_GETGRNAM build: Rework waf STAT_ST_BLOCKSIZE to match autoconf, with 512 as the default build: Make waf configure match autoconf for HPUX ACLs lib/replace: Remove unused nap and therefore the SCO define build: Remove unused define UNIXWARE lib/replace: Improve mkstemp test in autoconf and waf lib/replace: Look for special flags needed for c99 build: Add missing dep on tdb_compat torture: tidy up rpc.lsa OpenPolicy2 test to more clearly use torture_fail() torture: use torture_assert rather than return false in rpc.lsa torture: More torture_assert() calls in rpc.lsa build: Fix detection of quotas on macos client: Fix talloc_stackframe() free order assertion in developer mode docs: Update TOSHARG-Install docs: Remove references to default paramters in TOSHARG-PDC docs: Explain the no-domain-logons restriction applies to all HOME editions docs: Add mention of AD DC support in TOSHARG-PDC docs: Remove Win9X/WinMe mentions from TOSHARG-PDC docs: Fix typo in TOSHARG-Passdb docs: Remove mention of auth methods in TOSHARG-Passdb docs: Change TOSHARG-VFS to avoid suggesting VFS modules are Linux/IRIX only lib/util/charset: Try to find iconv on HP-UX lib/util/charset: We do not use fucntions from wchar.h any more selftest: Remove invalid security=share and rename secshare to simpleserver samba_dnsupdate: Move to using tmpfile/rename to keep the dns_hosts_file
[SCM] Samba Shared Repository - annotated tag talloc-2.0.8 created
The annotated tag, talloc-2.0.8 has been created at 055edd4901a0cfe837b0a5e39fd6ad0ea2190b40 (tag) tagging 36ea39edf8dd9ede756debaf9632f3ded2a51abb (commit) replaces ldb-1.1.13 tagged by Stefan Metzmacher on Fri Nov 30 09:52:48 2012 +0100 - Log - talloc: tag release talloc-2.0.8 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQEcBAABAgAGBQJQuHPgAAoJEEeTkWETCEAlczAIAJLSLF2aHYivKcn/su9PuGQK LZOJEfyGpdrCiNpW5h6GWgmCYTP8Z/zVtxhAj/sH2IAafIcFFR44ppuMoNemaOg0 L9fbpLwvfsCrxkw+FR454bAcr83DL6TyDJHCv0qBGU8BFmUNBx+ltJZJwWvzfsfB 7vKl7qBKaGDQot+kJ59n4JldNbUukW5APZ6RPDpV4kKgNMzIs7gZFSRcE837Hxix +tt7sdDgG+4xsYqvViFbdvZ9FiKFbKbAEEZUUeLGU7OA6zPlXKEddEnjbpSptbvt z3Qot0J9DiUgf52JD5Au7ETnpgXYA6lEkNkWES0+2Wl2CGNzhEJW45OH4y69gIo= =4oo1 -END PGP SIGNATURE- Alexander Bokovoy (1): Fix release script to build full set of documentation Andreas Schneider (6): s3-printing: Increase debug level for info that the db is empty. s3-smbd: Don't segfault if user specified ports out for range. s3-spoolss: Fix builtin forms order to match Windows again. s3fs-smbd: Move housekeeping to the background process. waf: Build pam_smbpass module only if enabled. s3fs-smbd: Make sure the registry is set up before we init printing. Andrew Bartlett (48): libwbclient: bump ABI to 0.11 as wbcAuthenticateUserEx now provides PAC parsing auth/kerberos: add HAVE_KRB5 guard to fix non-krb5 build after winbindd pac changes build: Try not build with LDAP if we do not have ldap.h build: Fix enabled handling for HAVE_LDAP, we need to use bld.CONFIG_SET ntdb: Try to fix the build on Solaris which does not have err lib/replace: Try to fix build on HP-UX for os2_delete test build: Remove unused IRIX and IRIX6 defines lib/util: Remove unbuilt file util_getent.c and BROKEN_GETGRNAM build: Rework waf STAT_ST_BLOCKSIZE to match autoconf, with 512 as the default build: Make waf configure match autoconf for HPUX ACLs lib/replace: Remove unused nap and therefore the SCO define build: Remove unused define UNIXWARE lib/replace: Improve mkstemp test in autoconf and waf lib/replace: Look for special flags needed for c99 build: Add missing dep on tdb_compat torture: tidy up rpc.lsa OpenPolicy2 test to more clearly use torture_fail() torture: use torture_assert rather than return false in rpc.lsa torture: More torture_assert() calls in rpc.lsa build: Fix detection of quotas on macos client: Fix talloc_stackframe() free order assertion in developer mode docs: Update TOSHARG-Install docs: Remove references to default paramters in TOSHARG-PDC docs: Explain the no-domain-logons restriction applies to all HOME editions docs: Add mention of AD DC support in TOSHARG-PDC docs: Remove Win9X/WinMe mentions from TOSHARG-PDC docs: Fix typo in TOSHARG-Passdb docs: Remove mention of auth methods in TOSHARG-Passdb docs: Change TOSHARG-VFS to avoid suggesting VFS modules are Linux/IRIX only lib/util/charset: Try to find iconv on HP-UX lib/util/charset: We do not use fucntions from wchar.h any more selftest: Remove invalid security=share and rename secshare to simpleserver samba_dnsupdate: Move to using tmpfile/rename to keep the dns_hosts_file consistent samba_dnsupdate: Safely update/create names for Samba3 targets as well build: Add waf configure support for non-linux quotas build: Remove unused samba_cv_sysquotas_file variable from autoconf configure build: Set HAVE_SYS_QUOTAS and WITH_QUOTAS if we have any supported sysquota backend build: Remove unused --with-sys-quotas option nsswitch: Add waf tests for solaris special cases lib/replace: Add test for what flag we need for -Werror behaviour build: Fix quota tests, including move of sysquotas.c to the top level build: Remove duplicate check for struct getquota_rslt member getquota_rslt_u selftest: use an array when starting testenv with system() selftest: Always build a linux-style nss_winbind for nss_wrapper nsswitch: Build nss_winbind on all supported platforms wintest: bump version to 4.1 wintest: Add config file for a second host wintest: Give netdom join more time to complete wintest: Give dcpromo more time Björn Baumbach (5): s3: make recursive_rmdir function non-static s3: vfs_streams_depot: add delete_lost option s4: samba_backup: Fix typos. s3-docs: Fix opening and ending tag mismatch in Samba3-HOWTO (Bug #9235) s3-docs: add delete_lost option to vfs_streams_depot.8 Björn Jacke (2): quota: add supprt for gfs2 replace: fix 520c9b0b0ae33 Christian Ambach (12): s3:utils/net fix a compiler warning s3:rpcclient fix a compiler
[SCM] Samba Shared Repository - annotated tag tdb-1.2.11 created
The annotated tag, tdb-1.2.11 has been created at 259e276dc908ff053142cb9feab0ef2a962bffd1 (tag) tagging c62f8baff878001ead921112dd653ff69d1cfe7d (commit) replaces talloc-2.0.8 tagged by Stefan Metzmacher on Fri Nov 30 09:54:21 2012 +0100 - Log - tdb: tag release tdb-1.2.11 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQEcBAABAgAGBQJQuHQ9AAoJEEeTkWETCEAlsN8H/33Gt7Bb5uyjvslBICrWgwTV 8p89Paa21FXVYVmiR1lJhnu7RIi2mYD4LhVimgpT88WSUzCVkuXRXGYMXI9Po0JR VJd0tXfaUOq78sE7ApewsDy1ls4OGGc6jhwz2r8OUtQqdjZ/BoSbXnBBDUa5aFVX H5FofP36J10xL+z4hBsSIz/AqiIfIOATAAIa+qlizoVbSLUqnKGKIwsihIrG6Q3Z /AXiMc7HVsSkqdXdnTFtRj5te00XCyrdoXqspf0wYMzN/DFXU2PclHVaDHQPwTrf I9vGGbBd6RW7rHrD6qzUYvNkn2gtbTpKOPeWRv+hThKF+s5GCGWcSHzgvW+Pr+I= =KMWW -END PGP SIGNATURE- Jeremy Allison (3): Simplify ensure_canon_entry_valid by splitting out the _get codepath. Modify ensure_canon_entry_valid() into ensure_canon_entry_valid_on_set() - makes the logic clearer. We should never just assign an st_mode to an ace-perms field, theoretically Rusty Russell (1): tdb: Make robust against shrinking tdbs Volker Lendecke (1): tdb: Make tdb robust against improper CLEAR_IF_FIRST restart --- -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via b11ba24 s3-rpc_client: try to use socket_addr if available in
rpc_pipe_open_tcp() (bug #9426)
from 8336061 s4:torture/rpc/handles: try to make all assoc_group tests
less flakey
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit b11ba248837ae9bf1df1c5ae1ca1768d57e582bb
Author: Günther Deschner g...@samba.org
Date: Fri Nov 23 18:15:30 2012 +0100
s3-rpc_client: try to use socket_addr if available in rpc_pipe_open_tcp()
(bug #9426)
Guenther
Signed-off-by: Günther Deschner g...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Mon Nov 26 17:36:20 CET 2012 on sn-devel-104
---
Summary of changes:
source3/rpc_client/cli_pipe.c | 23 ---
source3/rpc_client/cli_pipe.h |1 +
source3/torture/rpc_open_tcp.c |3 ++-
3 files changed, 19 insertions(+), 8 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c
index f8c7b24..61e6cce 100644
--- a/source3/rpc_client/cli_pipe.c
+++ b/source3/rpc_client/cli_pipe.c
@@ -2420,6 +2420,7 @@ NTSTATUS rpccli_schannel_bind_data(TALLOC_CTX *mem_ctx,
const char *domain,
* Create an rpc pipe client struct, connecting to a tcp port.
*/
static NTSTATUS rpc_pipe_open_tcp_port(TALLOC_CTX *mem_ctx, const char *host,
+ const struct sockaddr_storage *ss_addr,
uint16_t port,
const struct ndr_syntax_id
*abstract_syntax,
struct rpc_pipe_client **presult)
@@ -2448,9 +2449,13 @@ static NTSTATUS rpc_pipe_open_tcp_port(TALLOC_CTX
*mem_ctx, const char *host,
result-max_xmit_frag = RPC_MAX_PDU_FRAG_LEN;
result-max_recv_frag = RPC_MAX_PDU_FRAG_LEN;
- if (!resolve_name(host, addr, NBT_NAME_SERVER, false)) {
- status = NT_STATUS_NOT_FOUND;
- goto fail;
+ if (ss_addr == NULL) {
+ if (!resolve_name(host, addr, NBT_NAME_SERVER, false)) {
+ status = NT_STATUS_NOT_FOUND;
+ goto fail;
+ }
+ } else {
+ addr = *ss_addr;
}
status = open_socket_out(addr, port, 60*1000, fd);
@@ -2487,6 +2492,7 @@ static NTSTATUS rpc_pipe_open_tcp_port(TALLOC_CTX
*mem_ctx, const char *host,
* target host.
*/
static NTSTATUS rpc_pipe_get_tcp_port(const char *host,
+ const struct sockaddr_storage *addr,
const struct ndr_syntax_id
*abstract_syntax,
uint16_t *pport)
{
@@ -2517,7 +2523,7 @@ static NTSTATUS rpc_pipe_get_tcp_port(const char *host,
}
/* open the connection to the endpoint mapper */
- status = rpc_pipe_open_tcp_port(tmp_ctx, host, 135,
+ status = rpc_pipe_open_tcp_port(tmp_ctx, host, addr, 135,
ndr_table_epmapper.syntax_id,
epm_pipe);
@@ -2631,18 +2637,19 @@ done:
* host.
*/
NTSTATUS rpc_pipe_open_tcp(TALLOC_CTX *mem_ctx, const char *host,
+ const struct sockaddr_storage *addr,
const struct ndr_syntax_id *abstract_syntax,
struct rpc_pipe_client **presult)
{
NTSTATUS status;
uint16_t port = 0;
- status = rpc_pipe_get_tcp_port(host, abstract_syntax, port);
+ status = rpc_pipe_get_tcp_port(host, addr, abstract_syntax, port);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
- return rpc_pipe_open_tcp_port(mem_ctx, host, port,
+ return rpc_pipe_open_tcp_port(mem_ctx, host, addr, port,
abstract_syntax, presult);
}
@@ -2816,7 +2823,9 @@ static NTSTATUS cli_rpc_pipe_open(struct cli_state *cli,
{
switch (transport) {
case NCACN_IP_TCP:
- return rpc_pipe_open_tcp(NULL,
smbXcli_conn_remote_name(cli-conn),
+ return rpc_pipe_open_tcp(NULL,
+smbXcli_conn_remote_name(cli-conn),
+
smbXcli_conn_remote_sockaddr(cli-conn),
interface, presult);
case NCACN_NP:
return rpc_pipe_open_np(cli, interface, presult);
diff --git a/source3/rpc_client/cli_pipe.h b/source3/rpc_client/cli_pipe.h
index 3984cf0..343bd0a 100644
--- a/source3/rpc_client/cli_pipe.h
+++ b/source3/rpc_client/cli_pipe.h
@@ -66,6 +66,7 @@ NTSTATUS rpccli_schannel_bind_data(TALLOC_CTX *mem_ctx,
NTSTATUS
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 8f4b871 Fix MD5 detection in the autoconf build
from 0d9bdcf web_server: Load SWAT if it is available.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 8f4b871e9776245f599a302f569594aaba9d25c9
Author: Matthieu Patou m...@matws.net
Date: Wed Nov 21 12:07:42 2012 -0800
Fix MD5 detection in the autoconf build
This is a front port of patches made in 3.6.x branch for bugs:
* 9037
* 9086
* 9094
* 9418
It checks if there is a library for md5 related functions (libmd or
libmd5) and if so it checks for the presence of md5.h headers it also
respect the need for osX build to not use samba's md5 implementation as
it's already present in the system libs.
Signed-off-by: Matthieu Patou m...@matws.net
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Fri Nov 23 10:05:34 CET 2012 on sn-devel-104
---
Summary of changes:
source3/configure.in | 41 ++---
1 files changed, 34 insertions(+), 7 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/configure.in b/source3/configure.in
index b872ab7..b74b4c2 100644
--- a/source3/configure.in
+++ b/source3/configure.in
@@ -602,18 +602,45 @@ AC_CHECK_HEADERS(netgroup.h)
AC_CHECK_HEADERS(linux/falloc.h)
AC_CHECK_HEADERS(CommonCrypto/CommonDigest.h)
+dnl check for OS implementation of md5 conformant to rfc1321
+samba_cv_md5lib=none
+
+AC_CHECK_LIB(c, MD5Update, [samba_cv_md5lib=])
+
+if test x$samba_cv_md5lib = xnone ; then
+ AC_CHECK_LIB(md, MD5Update, [samba_cv_md5lib=md])
+fi
+
+if test x$samba_cv_md5lib = xnone ; then
+ AC_CHECK_LIB(md5, MD5Update, [samba_cv_md5lib=md5])
+fi
+
+if test x$samba_cv_md5lib != xnone ; then
+ AC_CHECK_HEADERS(md5.h)
+fi
+
+CRYPTO_MD5_OBJ=../lib/crypto/md5.o
+if test x$ac_cv_header_md5_h = xyes -a \
+x$samba_cv_md5lib != xnone ; then
+ if test x$samba_cv_md5lib != x ; then
+ LIBS=${LIBS} -l${samba_cv_md5lib}
+ AC_DEFINE(HAVE_LIBMD5, 1,
+ [Whether libmd5 conformant to rfc1321 is
available.])
+ fi
+ CRYPTO_MD5_OBJ=
+fi
+
+if test x$ac_cv_header_CommonCrypto_CommonDigest_h == xyes; then
+ CRYPTO_MD5_OBJ=
+fi
+
+AC_SUBST(CRYPTO_MD5_OBJ)
+
AC_CHECK_HEADERS(rpcsvc/yp_prot.h,,,[[
#if HAVE_RPC_RPC_H
#include rpc/rpc.h
#endif
]])
-CRYPTO_MD5_OBJ=
-if test x$ac_cv_header_CommonCrypto_CommonDigest_h != xyes
-then
- CRYPTO_MD5_OBJ=../lib/crypto/md5.o
-fi
-AC_SUBST(CRYPTO_MD5_OBJ)
-
## These fail to compile on IRIX so just check for their presence
AC_CHECK_HEADERS(sys/mode.h,,,)
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 2032f27 s3-rpc_client: lookup nametype 0x20 in
rpc_pipe_open_tcp_port(). (bug #9426)
from 8f4b871 Fix MD5 detection in the autoconf build
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 2032f2746d70bbebd1af26a7a046eb1cc61ac175
Author: Günther Deschner g...@samba.org
Date: Fri Nov 23 13:19:53 2012 +0100
s3-rpc_client: lookup nametype 0x20 in rpc_pipe_open_tcp_port(). (bug #9426)
The server name type (0x20) is much more likely to be available in the name
cache, as
this type gets stored by winbind itself - the primary user of the
ncacn_ip_tcp
code currently.
Guenther
Signed-off-by: Günther Deschner g...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Fri Nov 23 16:30:57 CET 2012 on sn-devel-104
---
Summary of changes:
source3/rpc_client/cli_pipe.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c
index edb3876..f8c7b24 100644
--- a/source3/rpc_client/cli_pipe.c
+++ b/source3/rpc_client/cli_pipe.c
@@ -2448,7 +2448,7 @@ static NTSTATUS rpc_pipe_open_tcp_port(TALLOC_CTX
*mem_ctx, const char *host,
result-max_xmit_frag = RPC_MAX_PDU_FRAG_LEN;
result-max_recv_frag = RPC_MAX_PDU_FRAG_LEN;
- if (!resolve_name(host, addr, 0, false)) {
+ if (!resolve_name(host, addr, NBT_NAME_SERVER, false)) {
status = NT_STATUS_NOT_FOUND;
goto fail;
}
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 095c762 selftest: Add --tmpdir to 'samba-tool gpo create' test
from c5f53ed Revert selftest/skip: add samba.tests.samba_tool.gpo until
it's stable
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 095c7627dfbc1e25665d342699ea004dc8d0880b
Author: Andrew Bartlett abart...@samba.org
Date: Tue Nov 13 13:31:53 2012 +1100
selftest: Add --tmpdir to 'samba-tool gpo create' test
This was the cause of the flakey test, and was only noticed when
multiple different users ran autobuild at the same time on the same
server.
We use shutil.rmtree to wipe the directory before the tests finishes
as required by the TestCaseInTempDir class.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Tue Nov 13 10:50:56 CET 2012 on sn-devel-104
---
Summary of changes:
.../python/samba/tests/samba_tool/base.py |2 +-
.../scripting/python/samba/tests/samba_tool/gpo.py | 10 --
2 files changed, 9 insertions(+), 3 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/scripting/python/samba/tests/samba_tool/base.py
b/source4/scripting/python/samba/tests/samba_tool/base.py
index 26ce459..60ccaa5 100644
--- a/source4/scripting/python/samba/tests/samba_tool/base.py
+++ b/source4/scripting/python/samba/tests/samba_tool/base.py
@@ -29,7 +29,7 @@ from cStringIO import StringIO
from samba.netcmd.main import cmd_sambatool
import samba.tests
-class SambaToolCmdTest(samba.tests.TestCase):
+class SambaToolCmdTest(samba.tests.TestCaseInTempDir):
def getSamDB(self, *argv):
a convenience function to get a samdb instance so that we can query
it
diff --git a/source4/scripting/python/samba/tests/samba_tool/gpo.py
b/source4/scripting/python/samba/tests/samba_tool/gpo.py
index c2e069d..7ada91f 100644
--- a/source4/scripting/python/samba/tests/samba_tool/gpo.py
+++ b/source4/scripting/python/samba/tests/samba_tool/gpo.py
@@ -20,6 +20,7 @@
import os
from samba.tests.samba_tool.base import SambaToolCmdTest
+import shutil
class GpoCmdTestCase(SambaToolCmdTest):
Tests for samba-tool time subcommands
@@ -39,13 +40,18 @@ os.environ[SERVER])
def test_fetch(self):
Run against a real GPO, and make sure it passes
-(result, out, err) = self.runsubcmd(gpo, fetch, self.gpo_guid,
-H, ldap://%s; % os.environ[SERVER], --tmpdir,
os.environ['SELFTEST_PREFIX'])
+(result, out, err) = self.runsubcmd(gpo, fetch, self.gpo_guid,
-H, ldap://%s; % os.environ[SERVER], --tmpdir, self.tempdir)
self.assertCmdSuccess(result, Ensuring gpo fetched successfully)
+shutil.rmtree(os.path.join(self.tempdir, policy))
def setUp(self):
set up a temporary GPO to work with
super(GpoCmdTestCase, self).setUp()
-(result, out, err) = self.runsubcmd(gpo, create, self.gpo_name,
-H, ldap://%s; % os.environ[SERVER], -U%s%%%s % (os.environ[USERNAME],
os.environ[PASSWORD]))
+(result, out, err) = self.runsubcmd(gpo, create, self.gpo_name,
+-H, ldap://%s; %
os.environ[SERVER],
+-U%s%%%s %
(os.environ[USERNAME], os.environ[PASSWORD]),
+--tmpdir, self.tempdir)
+shutil.rmtree(os.path.join(self.tempdir, policy))
self.assertCmdSuccess(result, Ensuring gpo created successfully)
try:
self.gpo_guid = {%s} % out.split({)[1].split(})[0]
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 3b01dd5 s3:winbind: BUG 9386: Failover if netlogon pipe is not
available.
from 3bbe690 Use work around for 'winbind use default domain' only if it
is set
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 3b01dd5f59841b11e9906b8c23345946e0d0ea8c
Author: Andreas Schneider a...@samba.org
Date: Fri Nov 9 15:33:09 2012 +0100
s3:winbind: BUG 9386: Failover if netlogon pipe is not available.
Samba continues to query a broken DC while the DC did not finish to
rebuild Sysvol (after a Windows crash, for example). It causes end users
to received strange codes while trying to authenticate, even if there is
a secondary DC available.
Signed-off-by: Andreas Schneider a...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Mon Nov 12 18:57:18 CET 2012 on sn-devel-104
---
Summary of changes:
source3/winbindd/winbindd_pam.c | 52 +-
1 files changed, 39 insertions(+), 13 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c
index 5b6b77b..b23d421 100644
--- a/source3/winbindd/winbindd_pam.c
+++ b/source3/winbindd/winbindd_pam.c
@@ -1175,6 +1175,7 @@ static NTSTATUS winbind_samlogon_retry_loop(struct
winbindd_domain *domain,
struct netr_SamInfo3 **info3)
{
int attempts = 0;
+ int netr_attempts = 0;
bool retry = false;
NTSTATUS result;
@@ -1189,22 +1190,47 @@ static NTSTATUS winbind_samlogon_retry_loop(struct
winbindd_domain *domain,
result = cm_connect_netlogon(domain, netlogon_pipe);
if (!NT_STATUS_IS_OK(result)) {
- DEBUG(3,(could not open handle to NETLOGON pipe
(error: %s)\n,
- nt_errstr(result)));
- if (NT_STATUS_EQUAL(result, NT_STATUS_IO_TIMEOUT)) {
- if (attempts 0) {
- DEBUG(3, (This is the second problem
for this
- particular call, forcing the
close of
- this connection\n));
- invalidate_cm_connection(domain-conn);
- } else {
- DEBUG(3, (First call to
cm_connect_netlogon
- has timed out, retrying\n));
- continue;
- }
+ DEBUG(3,(Could not open handle to NETLOGON pipe
+(error: %s, attempts: %d)\n,
+ nt_errstr(result), netr_attempts));
+
+ /* After the first retry always close the connection */
+ if (netr_attempts 0) {
+ DEBUG(3, (This is again a problem for this
+ particular call, forcing the close
+ of this connection\n));
+ invalidate_cm_connection(domain-conn);
+ }
+
+ /* After the second retry failover to the next DC */
+ if (netr_attempts 1) {
+ /*
+* If the netlogon server is not reachable then
+* it is possible that the DC is rebuilding
+* sysvol and shutdown netlogon for that time.
+* We should failover to the next dc.
+*/
+ DEBUG(3, (This is the third problem for this
+ particular call, adding DC to the
+ negative cache list\n));
+ add_failed_connection_entry(domain-name,
+ domain-dcname,
+ result);
+ saf_delete(domain-name);
+ }
+
+ /* Only allow 3 retries */
+ if (netr_attempts 3) {
+ DEBUG(3, (The connection to netlogon
+ failed, retrying\n));
+ netr_attempts++;
+ retry = true;
+ continue;
}
return
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 47bbf98 selftest/skip: add samba.tests.samba_tool.gpo until it's stable from 6073d21 ldb_secrets_tdb_sync: Add dependency on gssapi. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 47bbf9886f0cebf994435a32bafa07e36cce191b Author: Stefan Metzmacher me...@samba.org Date: Tue Nov 6 12:16:37 2012 +0100 selftest/skip: add samba.tests.samba_tool.gpo until it's stable See: https://git.samba.org/autobuild.flakey/2012-11-06-0314/samba.stdout https://git.samba.org/autobuild.flakey/2012-11-06-0514/samba.stdout https://git.samba.org/autobuild.flakey/2012-11-06-0713/samba.stdout Signed-off-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Tue Nov 6 14:24:08 CET 2012 on sn-devel-104 --- Summary of changes: selftest/skip |1 + 1 files changed, 1 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/selftest/skip b/selftest/skip index 66bb85c..097147e 100644 --- a/selftest/skip +++ b/selftest/skip @@ -105,3 +105,4 @@ bench # don't run benchmarks in our selftest ^samba4.drs.delete_object.python # flakey test ^samba4.rpc.unixinfo # This contains a server-side getpwuid call which hangs the server when nss_winbindd is in use ^samba.tests.dcerpc.unix # This contains a server-side getpwuid call which hangs the server when nss_winbindd is in use +^samba.tests.samba_tool.gpo # This is flakey, but reports an error -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 73fa347 s3:smbd:smb2: fix a comment typo in the crediting code. from 2a3eb64 s3:winbindd: use PROTOCOL_LATEST instead of PROTOCOL_SMB2_02 (bug #9175) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 73fa347507e6b551205725abd276b03b7e1f934c Author: Michael Adam ob...@samba.org Date: Thu Nov 1 17:55:59 2012 +0100 s3:smbd:smb2: fix a comment typo in the crediting code. Signed-off-by: Michael Adam ob...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Fri Nov 2 10:09:36 CET 2012 on sn-devel-104 --- Summary of changes: source3/smbd/smb2_server.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/smb2_server.c b/source3/smbd/smb2_server.c index d92302e..8cf3a04 100644 --- a/source3/smbd/smb2_server.c +++ b/source3/smbd/smb2_server.c @@ -757,7 +757,7 @@ static void smb2_set_operation_credit(struct smbd_server_connection *sconn, * * Windows also starts with the 1/16th and then grants * more later. I was only able to trigger higher -* values, when using a verify high credit charge. +* values, when using a very high credit charge. * * TODO: scale up depending one load, free memory * or other stuff. -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 2b4672f libcli/smb: fix unitialized padding in
smb2_create_blob_push_one() (bug #9209)
from 3180a10 sefltest: use TestCaseInTempDir and setUp/tearDown for
posixacl.py temp file
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 2b4672f2d30c01a4767acf660ddb061676c59908
Author: Stefan Metzmacher me...@samba.org
Date: Sat Oct 27 08:11:14 2012 +0200
libcli/smb: fix unitialized padding in smb2_create_blob_push_one() (bug
#9209)
Signed-off-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Sat Oct 27 10:05:22 CEST 2012 on sn-devel-104
---
Summary of changes:
libcli/smb/smb2_create_blob.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/libcli/smb/smb2_create_blob.c b/libcli/smb/smb2_create_blob.c
index 92387db..c6b2e1e 100644
--- a/libcli/smb/smb2_create_blob.c
+++ b/libcli/smb/smb2_create_blob.c
@@ -113,7 +113,7 @@ static NTSTATUS smb2_create_blob_push_one(TALLOC_CTX
*mem_ctx, DATA_BLOB *buffer
size_t next_pad = 0;
bool ok;
- blob_offset = 0x14 + tag_length;
+ blob_offset = 0x10 + tag_length;
blob_pad = smb2_create_blob_padding(blob_offset, 8);
next_offset = blob_offset + blob_pad + blob-data.length;
if (!last) {
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via a9a3841 s4:dns_server: fix formatting difference compared to
v4-0-test
from 8697acd dsdb-cracknames: Always use talloc_zero()
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit a9a38415e52e3f341da4dd3bf1be6c56bd8ad6ef
Author: Stefan Metzmacher me...@samba.org
Date: Tue Oct 23 15:00:27 2012 +0200
s4:dns_server: fix formatting difference compared to v4-0-test
Signed-off-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Wed Oct 24 10:12:51 CEST 2012 on sn-devel-104
---
Summary of changes:
source4/dns_server/dns_server.c |3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dns_server/dns_server.c b/source4/dns_server/dns_server.c
index 6824fef..29953c3 100644
--- a/source4/dns_server/dns_server.c
+++ b/source4/dns_server/dns_server.c
@@ -873,7 +873,8 @@ static void dns_task_init(struct task_server *task)
* not return this zone.
*/
if ((strcmp(z-name, RootDNSServers) == 0) ||
- (strcmp(z-name, ..TrustAnchors) == 0)) {
+ (strcmp(z-name, ..TrustAnchors) == 0))
+ {
DEBUG(10, (Ignoring zone %s\n, z-name));
talloc_free(z);
continue;
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via d18591c s3:rpc_server: avoid a level 0 DEBUG if
tstream_npa_connect_recv fails (bug #9309)
from 3da5d96 s3: Fix some blank line endings
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit d18591c97e1856bb48fd6d288db59065530f3a9b
Author: Stefan Metzmacher me...@samba.org
Date: Sat Oct 20 11:08:19 2012 +0200
s3:rpc_server: avoid a level 0 DEBUG if tstream_npa_connect_recv fails (bug
#9309)
metze
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Sat Oct 20 12:56:23 CEST 2012 on sn-devel-104
---
Summary of changes:
source3/rpc_server/rpc_ncacn_np.c |6 +-
1 files changed, 5 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/rpc_server/rpc_ncacn_np.c
b/source3/rpc_server/rpc_ncacn_np.c
index 67176a8..25ad857 100644
--- a/source3/rpc_server/rpc_ncacn_np.c
+++ b/source3/rpc_server/rpc_ncacn_np.c
@@ -611,7 +611,11 @@ struct np_proxy_state *make_external_rpc_pipe_p(TALLOC_CTX
*mem_ctx,
result-allocation_size);
TALLOC_FREE(subreq);
if (ret != 0) {
- DEBUG(0, (tstream_npa_connect_recv to %s for pipe %s and
+ int l = 1;
+ if (errno == ENOENT) {
+ l = 2;
+ }
+ DEBUG(l, (tstream_npa_connect_recv to %s for pipe %s and
user %s\\%s failed: %s\n,
socket_np_dir, pipe_name,
session_info_t-session_info-info-domain_name,
session_info_t-session_info-info-account_name,
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 7d05ff7 s3:smbd:durable: store stat info for disconnected durables
and check at reconnect.
via a6726f9 s3:open_files.idl: add stat-info to
vfs_default_durable_cookie.
via 660e90d s3:smbd/durable: remove an extra blank line from
vfs_default_durable_reconnect()
from 24d225f s3:smbd/durable: add write_time specific stuff to
vfs_default_durable_cookie
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 7d05ff77264cf48d1ee82ca19c8c7e6951e64cf5
Author: Michael Adam ob...@samba.org
Date: Fri Oct 19 16:00:05 2012 +0200
s3:smbd:durable: store stat info for disconnected durables and check at
reconnect.
At durable reconnect, we check the stat info stored in the cookie against
the
current stat data from the file we just opened. If any detail differs, we
deny
the durable reconnect, because in that case it is very likely that someone
opened the file while the handle was disconnected, which has to be
interpreted
as an oplock break.
Pair-programmed-with: Stefan Metzmacher me...@samba.org
Signed-off-by: Michael Adam ob...@samba.org
Signed-off-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Fri Oct 19 18:56:19 CEST 2012 on sn-devel-104
commit a6726f9023c899415441a619473ea9a7819d7c36
Author: Michael Adam ob...@samba.org
Date: Fri Oct 19 15:57:24 2012 +0200
s3:open_files.idl: add stat-info to vfs_default_durable_cookie.
Pair-programmed-with: Stefan Metzmacher me...@samba.org
Signed-off-by: Michael Adam ob...@samba.org
Signed-off-by: Stefan Metzmacher me...@samba.org
commit 660e90d39174fbfea0e93f40adfe03fefb86916f
Author: Michael Adam ob...@samba.org
Date: Fri Oct 19 15:53:50 2012 +0200
s3:smbd/durable: remove an extra blank line from
vfs_default_durable_reconnect()
Pair-programmed-with: Stefan Metzmacher me...@samba.org
Signed-off-by: Michael Adam ob...@samba.org
Signed-off-by: Stefan Metzmacher me...@samba.org
---
Summary of changes:
source3/librpc/idl/open_files.idl | 23 ++
source3/smbd/durable.c| 457 -
2 files changed, 479 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/librpc/idl/open_files.idl
b/source3/librpc/idl/open_files.idl
index 0dd9859..fa87bc7 100644
--- a/source3/librpc/idl/open_files.idl
+++ b/source3/librpc/idl/open_files.idl
@@ -52,6 +52,28 @@ interface open_files
VFS_DEFAULT_DURABLE_COOKIE_MAGIC;
const uint32 VFS_DEFAULT_DURABLE_COOKIE_VERSION = 0;
+ /* this corresponds to struct stat_ex (SMB_STRUCT_STAT) */
+ typedef struct {
+ hyper st_ex_dev;
+ hyper st_ex_ino;
+ hyper st_ex_mode;
+ hyper st_ex_nlink;
+ hyper st_ex_uid;
+ hyper st_ex_gid;
+ hyper st_ex_rdev;
+ hyper st_ex_size;
+ timespecst_ex_atime;
+ timespecst_ex_mtime;
+ timespecst_ex_ctime;
+ timespecst_ex_btime;
+ boolean8st_ex_calculated_birthtime;
+ hyper st_ex_blksize;
+ hyper st_ex_blocks;
+ uint32 st_ex_flags;
+ uint32 st_ex_mask;
+ hyper vfs_private;
+ } vfs_default_durable_stat;
+
typedef [public] struct {
[value(VFS_DEFAULT_DURABLE_COOKIE_MAGIC),charset(DOS)] uint8
magic[0x30];
[value(VFS_DEFAULT_DURABLE_COOKIE_VERSION)] uint32 version;
@@ -65,5 +87,6 @@ interface open_files
boolean8 update_write_time_on_close;
boolean8 write_time_forced;
timespec close_write_time;
+ vfs_default_durable_stat stat_info;
} vfs_default_durable_cookie;
}
diff --git a/source3/smbd/durable.c b/source3/smbd/durable.c
index 348135c..4c6ff67 100644
--- a/source3/smbd/durable.c
+++ b/source3/smbd/durable.c
@@ -104,6 +104,25 @@ NTSTATUS vfs_default_durable_cookie(struct files_struct
*fsp,
cookie.write_time_forced = fsp-write_time_forced;
cookie.close_write_time = fsp-close_write_time;
+ cookie.stat_info.st_ex_dev = fsp-fsp_name-st.st_ex_dev;
+ cookie.stat_info.st_ex_ino = fsp-fsp_name-st.st_ex_ino;
+ cookie.stat_info.st_ex_mode = fsp-fsp_name-st.st_ex_mode;
+ cookie.stat_info.st_ex_nlink = fsp-fsp_name-st.st_ex_nlink;
+ cookie.stat_info.st_ex_uid = fsp-fsp_name-st.st_ex_uid;
+ cookie.stat_info.st_ex_gid = fsp
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 1861213 selftest/knownfail: add
samba3.rpc.lsa.privileges.lsa.Privileges
via 266b4c5 Revert provision: Always create DNS user.
from 2c3a808 s4-dns: Fix the comments about ignoring zones in internal
server
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 1861213d147e0d96fd637813c5badb4908ec14d1
Author: Stefan Metzmacher me...@samba.org
Date: Tue Oct 16 08:34:35 2012 +0200
selftest/knownfail: add samba3.rpc.lsa.privileges.lsa.Privileges
This failed more than 20 times in the last few weeks, e.g.
https://git.samba.org/autobuild.flakey/2012-10-16-0629/samba3.stdout
https://git.samba.org/autobuild.flakey/2012-10-16-0829/samba3.stdout
[530/717 in 14m32s] samba3.rpc.lsa.privileges(s3dc)
Using seed 1350368974
Testing OpenPolicy
Testing OpenPolicy2
Testing CreateAccount
Testing Delete
Testing DeleteObject
Testing EnumAccounts
Testing LookupSids
Testing LookupNames with 7 names
LookupName of sharesec_user was unmapped
LookupName of Everyone failed to return a result
UNEXPECTED(failure): samba3.rpc.lsa.privileges.lsa.Privileges(s3dc)
REASON: _StringException: _StringException:
../source4/torture/rpc/lsa.c:319: r.out.result was STATUS_SOME_UNMAPPED,
expected NT_STATUS_OK: LookupNames failed
FAILED (1 failures, 0 errors and 0 unexpected successes in 0 testsuites)
metze
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Tue Oct 16 10:43:02 CEST 2012 on sn-devel-104
commit 266b4c596346095f71a651e0a0231256c7409b0f
Author: Stefan Metzmacher me...@samba.org
Date: Tue Oct 16 08:30:17 2012 +0200
Revert provision: Always create DNS user.
This reverts commit c2d14747d608d406de6410556807d467cd0b85ef.
samba_upgradedns handles creates/removed the dns acount.
See
https://lists.samba.org/archive/samba-technical/2012-October/thread.html#87578
metze
---
Summary of changes:
selftest/flapping |1 +
.../scripting/python/samba/provision/__init__.py | 31 +++
2 files changed, 19 insertions(+), 13 deletions(-)
Changeset truncated at 500 lines:
diff --git a/selftest/flapping b/selftest/flapping
index f0b1528..afeae65 100644
--- a/selftest/flapping
+++ b/selftest/flapping
@@ -15,6 +15,7 @@
^samba3.rpc.spoolss.printer.*addprinterex.print_test # another intermittent
failure
^samba3.rap.printing # fails sometimes on sn-devel
^samba3.rpc.spoolss.printer.*addprinter.print_test # fails on some hosts due
to timing issues ?
+^samba3.rpc.lsa.privileges.lsa.Privileges\(s3dc\) # fails sometimes on sn-devel
^samba3.smb2.lock.*.rw-exclusive # another intermittent failure
^samba4.blackbox.gentest # is flakey due to timing
^samba3.smb2.acls.INHERITANCE\(plugin_s4_dc\) # Seems to flap - succeeds on
sn-devel, fails on Fedora 16
diff --git a/source4/scripting/python/samba/provision/__init__.py
b/source4/scripting/python/samba/provision/__init__.py
index d9ba90c..9966192 100644
--- a/source4/scripting/python/samba/provision/__init__.py
+++ b/source4/scripting/python/samba/provision/__init__.py
@@ -969,7 +969,7 @@ def setup_samdb_rootdse(samdb, names):
def setup_self_join(samdb, admin_session_info, names, fill, machinepass,
-dnspass, domainsid, next_rid, invocationid,
+dns_backend, dnspass, domainsid, next_rid, invocationid,
policyguid, policyguid_dc,
domainControllerFunctionality, ntdsguid=None, dc_rid=None):
Join a host to its own domain.
@@ -1048,14 +1048,17 @@ def setup_self_join(samdb, admin_session_info, names,
fill, machinepass,
samdb.set_session_info(admin_session_info)
-setup_add_ldif(samdb, setup_path(provision_dns_add_samba.ldif), {
- DNSDOMAIN: names.dnsdomain,
- DOMAINDN: names.domaindn,
- DNSPASS_B64: b64encode(dnspass.encode('utf-16-le')),
- HOSTNAME : names.hostname,
- DNSNAME : '%s.%s' % (
- names.netbiosname.lower(), names.dnsdomain.lower())
- })
+if dns_backend != SAMBA_INTERNAL:
+# This is Samba4 specific and should be replaced by the correct
+# DNS AD-style setup
+setup_add_ldif(samdb, setup_path(provision_dns_add_samba.ldif), {
+ DNSDOMAIN: names.dnsdomain,
+ DOMAINDN: names.domaindn,
+ DNSPASS_B64: b64encode(dnspass.encode('utf-16-le')),
+ HOSTNAME : names.hostname,
+ DNSNAME : '%s.%s' % (
+ names.netbiosname.lower(), names.dnsdomain.lower())
+ })
def getpolicypath(sysvolpath, dnsdomain, guid):
@@ -1143,7
