[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 7c0277c librpc: Fix blank line endings via 816e68f libndr: Fix ndr_print_bitmap_flag for value=0 via 9ac3286 librpc: return a ndr_pull_error instead of just NDR_ERR_NDR64 when upper bits of 64 bit value are not 0 from 280f21a net: allow net idmap get ranges to list all ranges http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 7c0277c923443402b8a292fd3b3b1faba1da6dd5 Author: Volker Lendecke v...@samba.org Date: Sat Sep 14 13:44:54 2013 +0200 librpc: Fix blank line endings Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Wed Oct 2 15:02:07 CEST 2013 on sn-devel-104 commit 816e68f94fe500b9d68fd29021d432b84d3139b7 Author: Volker Lendecke v...@samba.org Date: Sat Sep 14 13:43:03 2013 +0200 libndr: Fix ndr_print_bitmap_flag for value=0 Don't endlessly loop Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 9ac32866db2c4244d867093e2594347f4707313f Author: Matthieu Patou m...@matws.net Date: Sun Sep 22 17:17:16 2013 -0700 librpc: return a ndr_pull_error instead of just NDR_ERR_NDR64 when upper bits of 64 bit value are not 0 Signed-off-by: Matthieu Patou m...@matws.net Signed-off-by: Stefan Metzmacher me...@samba.org --- Summary of changes: librpc/ndr/ndr_basic.c | 23 ++- 1 files changed, 14 insertions(+), 9 deletions(-) Changeset truncated at 500 lines: diff --git a/librpc/ndr/ndr_basic.c b/librpc/ndr/ndr_basic.c index 5c653c8..ae5af7a 100644 --- a/librpc/ndr/ndr_basic.c +++ b/librpc/ndr/ndr_basic.c @@ -1,20 +1,20 @@ -/* +/* Unix SMB/CIFS implementation. routines for marshalling/unmarshalling basic types Copyright (C) Andrew Tridgell 2003 - + This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version. - + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/. */ @@ -169,7 +169,8 @@ _PUBLIC_ enum ndr_err_code ndr_pull_uint3264(struct ndr_pull *ndr, int ndr_flags if (unlikely(v64 != *v)) { DEBUG(0,(__location__ : non-zero upper 32 bits 0x%016llx\n, (unsigned long long)v64)); - return NDR_ERR_NDR64; + return ndr_pull_error(ndr, NDR_ERR_NDR64, __location__ : non-zero upper 32 bits 0x%016llx\n, +(unsigned long long)v64); } return err; } @@ -1004,7 +1005,7 @@ _PUBLIC_ void ndr_print_null(struct ndr_print *ndr) ndr-print(ndr, UNEXPECTED NULL POINTER); } -_PUBLIC_ void ndr_print_enum(struct ndr_print *ndr, const char *name, const char *type, +_PUBLIC_ void ndr_print_enum(struct ndr_print *ndr, const char *name, const char *type, const char *val, uint32_t value) { if (ndr-flags LIBNDR_PRINT_ARRAY_HEX) { @@ -1019,10 +1020,14 @@ _PUBLIC_ void ndr_print_bitmap_flag(struct ndr_print *ndr, size_t size, const ch /* this is an attempt to support multi-bit bitmap masks */ value = flag; + if (value == 0) { + return; + } + while (!(flag 1)) { flag = 1; value = 1; - } + } if (flag == 1) { ndr-print(ndr,%d: %-25s, value, flag_name); } else { @@ -1160,7 +1165,7 @@ _PUBLIC_ void ndr_print_bad_level(struct ndr_print *ndr, const char *name, uint1 ndr-print(ndr, UNKNOWN LEVEL %u, level); } -_PUBLIC_ void ndr_print_array_uint8(struct ndr_print *ndr, const char *name, +_PUBLIC_ void ndr_print_array_uint8(struct ndr_print *ndr, const char *name, const uint8_t *data, uint32_t count) { int i; @@ -1195,7 +1200,7 @@ _PUBLIC_ void ndr_print_array_uint8(struct ndr_print *ndr, const char *name, free(idx); } } - ndr-depth--; + ndr-depth--; #undef _ONELINE_LIMIT } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via c3a5fec smbd:smb2: fix error code when the header says the request is signed but we don't have a sesseion via 4a7b792 s3:smb2_server: don't rely on the SMB2_HDR_FLAG_SIGNED if signing is required from 7c0277c librpc: Fix blank line endings http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c3a5fecdc1ff0320f4979fa21aa636aacaac8abe Author: Michael Adam ob...@samba.org Date: Wed Sep 25 23:18:56 2013 +0200 smbd:smb2: fix error code when the header says the request is signed but we don't have a sesseion I.e. when the request is a session setup. We replied with ACCESS_DENIED, but windows expects USER_SESSION_DELETED Signed-off-by: Michael Adam ob...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Wed Oct 2 22:07:44 CEST 2013 on sn-devel-104 commit 4a7b792bc6d463a3aa4e1150a271ed6b929276cc Author: Stefan Metzmacher me...@samba.org Date: Mon Sep 23 20:51:30 2013 +0200 s3:smb2_server: don't rely on the SMB2_HDR_FLAG_SIGNED if signing is required Windows (at least the test suites) may skip the SMB2_HDR_FLAG_SIGNED in a reauth session setup, but still provide a valid signature. Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Michael Adam ob...@samba.org --- Summary of changes: source3/smbd/smb2_server.c |4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/smb2_server.c b/source3/smbd/smb2_server.c index b031c6d..1bebee1 100644 --- a/source3/smbd/smb2_server.c +++ b/source3/smbd/smb2_server.c @@ -1993,12 +1993,12 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req) if (req-do_encryption) { signing_required = false; - } else if (flags SMB2_HDR_FLAG_SIGNED) { + } else if (signing_required || (flags SMB2_HDR_FLAG_SIGNED)) { DATA_BLOB signing_key; if (x == NULL) { return smbd_smb2_request_error( - req, NT_STATUS_ACCESS_DENIED); + req, NT_STATUS_USER_SESSION_DELETED); } signing_key = x-global-channels[0].signing_key; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-1-test updated
The branch, v4-1-test has been updated via 76c4a51 Merge tag 'samba-4.1.0rc4' into v4-1-test via fcf3fd6 VERSION: Disable git snapshots for the 4.1.0rc4 release. via 6a03c81 VERSION: Disable git snapshots for the 4.1.0rc3 release. via d9517d5 WHATSNEW: Update changes since 4.1.0rc2. from 7160446 VERSION: Bump version up to 4.1.0rc5... http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-1-test - Log - commit 76c4a517ad433aa87c62b7edd7c91a119928a9c4 Merge: 7160446d332dbc5f881fdd122eea8f0d87184fcd fcf3fd6478090e7bebb65d142edbd097ab260fc4 Author: Stefan Metzmacher me...@samba.org Date: Fri Sep 27 12:50:45 2013 +0200 Merge tag 'samba-4.1.0rc4' into v4-1-test samba: tag release samba-4.1.0rc4 --- Summary of changes: Changeset truncated at 500 lines: -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 89200c2 dsdb: Convert the full string from UTF16 to UTF8, including embedded NULLs from fc486d8 s4-openldap: Restored openldap-related options to the provision script http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 89200c227f36a063612eb38927ac8dee18e044d5 Author: Andrew Bartlett abart...@samba.org Date: Tue Sep 24 10:18:36 2013 -0700 dsdb: Convert the full string from UTF16 to UTF8, including embedded NULLs Bug: https://bugzilla.samba.org/show_bug.cgi?id=8077 Note that this doesn't fix the userParameters problem completely, but it doesn't truncate the userParameters value anymore. Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Thu Sep 26 22:05:12 CEST 2013 on sn-devel-104 --- Summary of changes: source4/dsdb/schema/schema_syntax.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/dsdb/schema/schema_syntax.c b/source4/dsdb/schema/schema_syntax.c index f7176cd..c2e0208 100644 --- a/source4/dsdb/schema/schema_syntax.c +++ b/source4/dsdb/schema/schema_syntax.c @@ -1529,7 +1529,7 @@ static WERROR dsdb_syntax_UNICODE_drsuapi_to_ldb(const struct dsdb_syntax_ctx *c return WERR_FOOBAR; } - out-values[i] = data_blob_string_const(str); + out-values[i] = data_blob_const(str, converted_size); } return WERR_OK; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 167e2f2 pidl: Generate wireshark that conforms to the rules of Wireshark project via 00dc30a pidl: Generate NDR64/NDR32 aware code for the wireshark dissectors via 26c1c15 idl: fix frsrpc idl with NDR64 fields via aa5b369 idl: remove duplicate flag via fc11bab frstrans.idl: add flag(NDR_PAHEX) to frstrans_BytePipe via 51d8eba drsuapi.idl: change the range for attribute values to 26214400 bytes. via c18c6c9 librpc/ndr: make use of ndr_dump_data() in ndr_print_array_uint8() via 3d3e8b5 librpc/ndr: make ndr_pull/push_DATA_BLOB NDR64 aware from 4f69b58 s4:torture:ldap: Fix misleading output http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 167e2f2b5543008e02613dcd56e36f7326912cdb Author: Matthieu Patou m...@matws.net Date: Sun Sep 22 22:23:51 2013 -0700 pidl: Generate wireshark that conforms to the rules of Wireshark project Signed-off-by: Matthieu Patou m...@matws.net Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Tue Sep 24 02:04:05 CEST 2013 on sn-devel-104 commit 00dc30a9ffafbd2bbf8041e81b443e9eb73f9dcf Author: Matthieu Patou m...@matws.net Date: Sun Sep 22 22:10:10 2013 -0700 pidl: Generate NDR64/NDR32 aware code for the wireshark dissectors Signed-off-by: Matthieu Patou m...@matws.net Pair-Programmed-With: Stefan Metzmacher me...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 26c1c15da45ce3b024498c85fe8f5ebef0e6b9d2 Author: Matthieu Patou m...@matws.net Date: Sun Sep 22 19:50:10 2013 -0700 idl: fix frsrpc idl with NDR64 fields Signed-off-by: Matthieu Patou m...@matws.net Pair-Programmed-With: Stefan Metzmacher me...@samba.org Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit aa5b3697346710138852b32d6fa479a75b371049 Author: Matthieu Patou m...@matws.net Date: Sun Sep 22 18:29:56 2013 -0700 idl: remove duplicate flag Signed-off-by: Matthieu Patou m...@matws.net Reviewed-by: Stefan Metzmacher me...@samba.org commit fc11bab20b8ba9548808d60c108fb81096aaffe3 Author: Stefan Metzmacher me...@samba.org Date: Mon Sep 23 08:09:37 2013 +0200 frstrans.idl: add flag(NDR_PAHEX) to frstrans_BytePipe That way we get hexdump -C style output for the content of the pipe chunks. Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Matthieu Patou m...@matws.net commit 51d8eba8417c58c2ade30d58a838441008209542 Author: Stefan Metzmacher me...@samba.org Date: Mon Sep 23 08:05:41 2013 +0200 drsuapi.idl: change the range for attribute values to 26214400 bytes. This matches the IDL from [MS-DRSR]. Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Matthieu Patou m...@matws.net commit c18c6c9fb53a84e587f5ed951e47a1bb5f53a30e Author: Stefan Metzmacher me...@samba.org Date: Mon Sep 23 07:39:43 2013 +0200 librpc/ndr: make use of ndr_dump_data() in ndr_print_array_uint8() It's much easier to look at hexdump -C style output than a few thousand lines with 1 byte each. Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Matthieu Patou m...@matws.net commit 3d3e8b53bf78c6ab442682b9fe22c902b9c45d73 Author: Stefan Metzmacher me...@samba.org Date: Mon Sep 23 07:20:00 2013 +0200 librpc/ndr: make ndr_pull/push_DATA_BLOB NDR64 aware Pair-Programmed-With: Matthieu Patou m...@matws.net Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Matthieu Patou m...@matws.net --- Summary of changes: librpc/idl/drsuapi.idl |2 +- librpc/idl/frsrpc.idl|5 ++--- librpc/idl/frstrans.idl |2 +- librpc/ndr/ndr_basic.c | 21 +++-- pidl/lib/Parse/Pidl/Wireshark/NDR.pm | 16 5 files changed, 31 insertions(+), 15 deletions(-) Changeset truncated at 500 lines: diff --git a/librpc/idl/drsuapi.idl b/librpc/idl/drsuapi.idl index ed85205..063d135 100644 --- a/librpc/idl/drsuapi.idl +++ b/librpc/idl/drsuapi.idl @@ -546,7 +546,7 @@ interface drsuapi /* Generic DATA_BLOB values */ typedef struct { - [range(0,10485760),value(ndr_size_DATA_BLOB(0,blob,0))] uint32 __ndr_size; + [range(0,26214400),value(ndr_size_DATA_BLOB(0,blob,0))] uint32 __ndr_size; DATA_BLOB *blob; } drsuapi_DsAttributeValue; diff --git a/librpc/idl/frsrpc.idl b/librpc/idl/frsrpc.idl index fcc3119..a235702 100644 --- a/librpc/idl/frsrpc.idl +++ b/librpc/idl/frsrpc.idl @@ -43,7 +43,6 @@ interface frsrpc
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via af290a0 libcli/smb: fix non mendatory signing against some vendor SMB2 servers. via 1d54d8c libcli/smb: use SMB1 MID=0 for the initial Negprot from 6ed5b1c Cleanup map return codes http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit af290a03cef63c3b08446c1980de064a3b1c8804 Author: Stefan Metzmacher me...@samba.org Date: Tue Sep 17 04:12:30 2013 +0200 libcli/smb: fix non mendatory signing against some vendor SMB2 servers. Windows and Samba always sign the final session setup response even if signing is not mendatory, but it ensures that the signing key is correctly in place. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10146 Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Jeremy Allison j...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Tue Sep 17 09:40:10 CEST 2013 on sn-devel-104 commit 1d54d8c501afa151b6cc07b98a14caae2b31ec65 Author: Stefan Metzmacher me...@samba.org Date: Tue Sep 17 04:09:03 2013 +0200 libcli/smb: use SMB1 MID=0 for the initial Negprot Bug: https://bugzilla.samba.org/show_bug.cgi?id=10144 Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Jeremy Allison j...@samba.org --- Summary of changes: libcli/smb/smbXcli_base.c | 19 ++- 1 files changed, 18 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c index 7176e8f..f59f1f7 100644 --- a/libcli/smb/smbXcli_base.c +++ b/libcli/smb/smbXcli_base.c @@ -737,6 +737,14 @@ static uint16_t smb1cli_alloc_mid(struct smbXcli_conn *conn) size_t num_pending = talloc_array_length(conn-pending); uint16_t result; + if (conn-protocol == PROTOCOL_NONE) { + /* +* This is what windows sends on the SMB1 Negprot request +* and some vendors reuse the SMB1 MID as SMB2 sequence number. +*/ + return 0; + } + while (true) { size_t i; @@ -4835,7 +4843,16 @@ NTSTATUS smb2cli_session_set_session_key(struct smbXcli_session *session, session-conn-protocol, recv_iov, 3); if (!NT_STATUS_IS_OK(status)) { - return status; + /* +* Sadly some vendors don't sign the +* final SMB2 session setup response +* +* At least Windows and Samba are always doing this +* if there's a session key available. +*/ + if (conn-mandatory_signing) { + return status; + } } session-smb2-should_sign = false; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 1c41feb s3: libsmb : The short name length is only a one byte field. from af290a0 libcli/smb: fix non mendatory signing against some vendor SMB2 servers. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 1c41feb7893ae4a4f42c035f3c83f8b2950b7816 Author: Jeremy Allison j...@samba.org Date: Mon Sep 16 19:16:52 2013 -0700 s3: libsmb : The short name length is only a one byte field. The next byte is undefined and some vendors set this to 0xff (discovered in SNIA SDC lab tests). Signed-off-by: Jeremy Allison j...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Tue Sep 17 12:27:18 CEST 2013 on sn-devel-104 --- Summary of changes: source3/libsmb/cli_smb2_fnum.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/libsmb/cli_smb2_fnum.c b/source3/libsmb/cli_smb2_fnum.c index 18b03f3..3253f9d 100644 --- a/source3/libsmb/cli_smb2_fnum.c +++ b/source3/libsmb/cli_smb2_fnum.c @@ -412,7 +412,7 @@ static NTSTATUS parse_finfo_id_both_directory_info(uint8_t *dir_data, if (namelen (dir_data_length - 104)) { return NT_STATUS_INFO_LENGTH_MISMATCH; } - slen = SVAL(dir_data + 68, 0); + slen = CVAL(dir_data + 68, 0); if (slen 24) { return NT_STATUS_INFO_LENGTH_MISMATCH; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 4879d08 libcli/smb: only check the SMB2 session setup signature if required and valid from 17a9a0f s3: libsmb : Bug 10150 - Not all OEM servers support the ALTNAME info level. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 4879d0810a2ad741e32ad174a7a14cd35521aeaf Author: Stefan Metzmacher me...@samba.org Date: Wed Sep 18 02:24:30 2013 +0200 libcli/smb: only check the SMB2 session setup signature if required and valid This is an update to commit af290a03cef63c3b08446c1980de064a3b1c8804 that skips the scary debug messages. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10146 Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Jeremy Allison j...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Wed Sep 18 04:46:00 CEST 2013 on sn-devel-104 --- Summary of changes: libcli/smb/smbXcli_base.c | 26 +- 1 files changed, 21 insertions(+), 5 deletions(-) Changeset truncated at 500 lines: diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c index f59f1f7..27ac2a8 100644 --- a/libcli/smb/smbXcli_base.c +++ b/libcli/smb/smbXcli_base.c @@ -4742,12 +4742,18 @@ NTSTATUS smb2cli_session_set_session_key(struct smbXcli_session *session, struct smbXcli_conn *conn = session-conn; uint16_t no_sign_flags; uint8_t session_key[16]; + bool check_signature = true; + uint32_t hdr_flags; NTSTATUS status; if (conn == NULL) { return NT_STATUS_INVALID_PARAMETER_MIX; } + if (recv_iov[0].iov_len != SMB2_HDR_BODY) { + return NT_STATUS_INVALID_PARAMETER_MIX; + } + no_sign_flags = SMB2_SESSION_FLAG_IS_GUEST | SMB2_SESSION_FLAG_IS_NULL; if (session-smb2-session_flags no_sign_flags) { @@ -4839,18 +4845,28 @@ NTSTATUS smb2cli_session_set_session_key(struct smbXcli_session *session, return NT_STATUS_NO_MEMORY; } - status = smb2_signing_check_pdu(session-smb2_channel.signing_key, - session-conn-protocol, - recv_iov, 3); - if (!NT_STATUS_IS_OK(status)) { + check_signature = conn-mandatory_signing; + + hdr_flags = IVAL(recv_iov[0].iov_base, SMB2_HDR_FLAGS); + if (hdr_flags SMB2_HDR_FLAG_SIGNED) { /* * Sadly some vendors don't sign the * final SMB2 session setup response * * At least Windows and Samba are always doing this * if there's a session key available. +* +* We only check the signature if it's mandatory +* or SMB2_HDR_FLAG_SIGNED is provided. */ - if (conn-mandatory_signing) { + check_signature = true; + } + + if (check_signature) { + status = smb2_signing_check_pdu(session-smb2_channel.signing_key, + session-conn-protocol, + recv_iov, 3); + if (!NT_STATUS_IS_OK(status)) { return status; } } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via ef830f7 samba-tool domain join: Set server role correctly to active directory domain controller via f75dc8f s4-rpc_server/drsuapi: Print ldb error showing why we failed to perform the access check via 1d92d5b samba-tool domian join: Only print adminpass warning on subdomain creation via 84dc9f8 samba-tool domain join: Add --quite and --verbose via 35e56d2 dsdb: Use dsdb_next_callback() rather than a no-op per-module callback via 650eca0 join.py: Restore support for joining as a subdomain via 0de dsdb: Add DSDB_SEARCH_ONE_ONLY support to dsdb_module_search*() via 3af4f03 join.py: Handle more error cases with useful exceptions via a5e4c45 samba-tool domain join subdomain: Set reveal_internals:0 control so we can see the ncName via 347b2c6 ldb: Show the type of failing operation in default error message via bbeca62 join.py: Show which database we failed to find the DN on (clarify local v remote) via ccb1beb join.py: Handle exceptions when looking for GUID in a DN from 20999fc tdb: Fix some typos in comments. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit ef830f7e7107cd5287903d83519588c9d31b526f Author: Andrew Bartlett abart...@samba.org Date: Mon Sep 9 12:15:36 2013 +1200 samba-tool domain join: Set server role correctly to active directory domain controller We changed the magic string when we reworked the list of server roles. Andrew Bartlett Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Mon Sep 16 23:33:41 CEST 2013 on sn-devel-104 commit f75dc8f4a54581ed207e7caa2e52211ea24e3554 Author: Andrew Bartlett abart...@samba.org Date: Mon Sep 9 09:57:27 2013 +1200 s4-rpc_server/drsuapi: Print ldb error showing why we failed to perform the access check Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 1d92d5b19b36ddf15a70e3110caabfe06ba78619 Author: Andrew Bartlett abart...@samba.org Date: Mon Sep 9 09:56:58 2013 +1200 samba-tool domian join: Only print adminpass warning on subdomain creation Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 84dc9f8cc17d49bef5b9c37fd818c7599bf5897a Author: Andrew Bartlett abart...@samba.org Date: Mon Sep 9 09:53:37 2013 +1200 samba-tool domain join: Add --quite and --verbose This means we now use logger consistently between doimin join, domain dcpromo and domain provision. Andrew Bartlett Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 35e56d2b71b1dcd906baa70509ec50af39504b5a Author: Andrew Bartlett abart...@samba.org Date: Fri Sep 6 15:46:36 2013 +1200 dsdb: Use dsdb_next_callback() rather than a no-op per-module callback Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 650eca0e061c731614b5fa49756872d11b7b67f0 Author: Andrew Bartlett abart...@samba.org Date: Fri Sep 6 15:46:05 2013 +1200 join.py: Restore support for joining as a subdomain This set of patches fixes up the errors that were introduced into the partial support during the past couple of years. Andrew Bartlett Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 0dee04e2e3aecd82ed4cf887f9e36dd4962d Author: Andrew Bartlett abart...@samba.org Date: Fri Sep 6 15:39:50 2013 +1200 dsdb: Add DSDB_SEARCH_ONE_ONLY support to dsdb_module_search*() Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 3af4f0377e1ff8b23d415bc4b241bf8cb83c130c Author: Andrew Bartlett abart...@samba.org Date: Fri Sep 6 15:38:36 2013 +1200 join.py: Handle more error cases with useful exceptions This will help track down strange failures in the future. Andrew Bartlett Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit a5e4c4520af9f7a99aac4117d1225c85b891554d Author: Andrew Bartlett abart...@samba.org Date: Mon Sep 16 10:23:07 2013 -0700 samba-tool domain join subdomain: Set reveal_internals:0 control so we can see the ncName The issue here is that we create the ncName remotely with DsAddEntry, and then replicate it back. However, at this point the naming context pointed at by the ncName does not exist! The issue is that the extended_dn_out module then hides the link, because it points to a missing object
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 6ef3c98 docs-xml: document SMB3_02 as available protocol for the client side via 4912378 s3:torture: add PROTOCOL_SMB3_02 handling via 66d3064 lib/param: add PROTOCOL_SMB3_02 handling via f8b3c71 libcli/smb: negotiate SMB3_DIALECT_REVISION_302 if PROTOCOL_SMB3_02 is requested via 80623b8 libcli/smb: add PROTOCOL_SMB3_02 via 4a401d6 libcli/smb: add SMB3_DIALECT_REVISION_302 from 4dacaef dsdb: Use credentials.get_forced_sasl_mech() http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 6ef3c98ade76e361d210366a0fe79fc3b66e63be Author: Stefan Metzmacher me...@samba.org Date: Sun Sep 15 17:09:35 2013 +0200 docs-xml: document SMB3_02 as available protocol for the client side Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Michael Adam ob...@samba.org Reviewed-by: Jeremy Allison j...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Tue Sep 17 05:55:04 CEST 2013 on sn-devel-104 commit 491237840269943550bb0189c19a460d7a3cf0e7 Author: Stefan Metzmacher me...@samba.org Date: Fri Sep 13 11:28:03 2013 +0200 s3:torture: add PROTOCOL_SMB3_02 handling Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Michael Adam ob...@samba.org Reviewed-by: Jeremy Allison j...@samba.org commit 66d306491bbd7e07e504c5d246498c1f748a Author: Stefan Metzmacher me...@samba.org Date: Fri Sep 13 11:27:39 2013 +0200 lib/param: add PROTOCOL_SMB3_02 handling Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Michael Adam ob...@samba.org Reviewed-by: Jeremy Allison j...@samba.org commit f8b3c712f0dcb635bb750ebd218df77eeb584940 Author: Stefan Metzmacher me...@samba.org Date: Fri Sep 13 11:27:01 2013 +0200 libcli/smb: negotiate SMB3_DIALECT_REVISION_302 if PROTOCOL_SMB3_02 is requested Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Michael Adam ob...@samba.org Reviewed-by: Jeremy Allison j...@samba.org commit 80623b8593700eb9b14e6d50b5687cc7d37de764 Author: Stefan Metzmacher me...@samba.org Date: Fri Sep 13 11:26:20 2013 +0200 libcli/smb: add PROTOCOL_SMB3_02 Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Michael Adam ob...@samba.org Reviewed-by: Jeremy Allison j...@samba.org commit 4a401d6fccfe75c34047427226bb1004e83a6563 Author: Stefan Metzmacher me...@samba.org Date: Fri Sep 13 11:25:42 2013 +0200 libcli/smb: add SMB3_DIALECT_REVISION_302 Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Michael Adam ob...@samba.org Reviewed-by: Jeremy Allison j...@samba.org --- Summary of changes: docs-xml/manpages/smb.conf.5.xml |2 +- docs-xml/smbdotconf/protocol/clientmaxprotocol.xml |3 +++ lib/param/param_table.c|1 + libcli/smb/smb2_constants.h|1 + libcli/smb/smbXcli_base.c |1 + libcli/smb/smb_constants.h |5 +++-- source3/torture/test_smb2.c|3 +++ 7 files changed, 13 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/manpages/smb.conf.5.xml b/docs-xml/manpages/smb.conf.5.xml index 975d105..399e996 100644 --- a/docs-xml/manpages/smb.conf.5.xml +++ b/docs-xml/manpages/smb.conf.5.xml @@ -471,7 +471,7 @@ chmod 1770 /usr/local/samba/lib/usershares varlistentry term%R/term listitemparathe selected protocol level after protocol negotiation. It can be one of CORE, COREPLUS, - LANMAN1, LANMAN2, NT1, SMB2_02, SMB2_10, SMB2_22, SMB2_24, SMB3_00 or SMB2_FF./para/listitem + LANMAN1, LANMAN2, NT1, SMB2_02, SMB2_10, SMB2_22, SMB2_24, SMB3_00, SMB3_02 or SMB2_FF./para/listitem /varlistentry varlistentry diff --git a/docs-xml/smbdotconf/protocol/clientmaxprotocol.xml b/docs-xml/smbdotconf/protocol/clientmaxprotocol.xml index 06fda5a..c7a9fd1 100644 --- a/docs-xml/smbdotconf/protocol/clientmaxprotocol.xml +++ b/docs-xml/smbdotconf/protocol/clientmaxprotocol.xml @@ -60,6 +60,9 @@ listitem paraconstantSMB3_00/constant: Windows 8 SMB3 version. (mostly the same as SMB2_24)/para /listitem + listitem + paraconstantSMB3_02/constant: Windows 8.1 SMB3 version./para + /listitem /itemizedlist paraBy default SMB3 selects the SMB3_00 variant./para /listitem diff --git a/lib/param/param_table.c b/lib/param/param_table.c index 7b32998..10cf046 100644 --- a/lib/param/param_table.c +++ b/lib
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 0af09f0 ldb: Do not build libldb-cmdline when using system ldb. from b8100af gencache: Avoid a duplicate call to string_term_tdb_data http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 0af09f0179c024099e0776d3794f4b3d7fb3f6f6 Author: Jeroen Dekkers jer...@dekkers.ch Date: Mon Sep 9 00:42:39 2013 +0200 ldb: Do not build libldb-cmdline when using system ldb. Cleanup leftover include and linking of libldb-cmdline in oLschema2ldif. Do not build libldb-cmdline anymore when using the system ldb, oLschema2ldif was the only reason for building libldb-cmdline. Signed-off-by: Jeroen Dekkers jer...@dekkers.ch Reviewed-by: Andreas Schneider a...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Tue Sep 10 12:52:26 CEST 2013 on sn-devel-104 --- Summary of changes: lib/ldb/wscript |8 source4/utils/oLschema2ldif.c |1 - source4/utils/wscript_build |2 +- 3 files changed, 5 insertions(+), 6 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/ldb/wscript b/lib/ldb/wscript index f5647b1..071038c 100755 --- a/lib/ldb/wscript +++ b/lib/ldb/wscript @@ -257,10 +257,10 @@ def build(bld): bld.SAMBA_BINARY('ldbdump', 'tools/ldbdump.c', deps='ldb-cmdline ldb', install=False) -bld.SAMBA_LIBRARY('ldb-cmdline', - source='tools/ldbutil.c tools/cmdline.c', - deps='ldb dl popt', - private_library=True) +bld.SAMBA_LIBRARY('ldb-cmdline', + source='tools/ldbutil.c tools/cmdline.c', + deps='ldb dl popt', + private_library=True) def test(ctx): diff --git a/source4/utils/oLschema2ldif.c b/source4/utils/oLschema2ldif.c index be86daa..bcdf570 100644 --- a/source4/utils/oLschema2ldif.c +++ b/source4/utils/oLschema2ldif.c @@ -33,7 +33,6 @@ #include includes.h #include ldb.h -#include tools/cmdline.h #include dsdb/samdb/samdb.h #include ../lib/crypto/sha256.h #include ../librpc/gen_ndr/ndr_misc.h diff --git a/source4/utils/wscript_build b/source4/utils/wscript_build index a5217b3..046e237 100644 --- a/source4/utils/wscript_build +++ b/source4/utils/wscript_build @@ -14,6 +14,6 @@ bld.SAMBA_BINARY('ntlm_auth4', bld.SAMBA_BINARY('oLschema2ldif', source='oLschema2ldif.c', manpages='man/oLschema2ldif.1', - deps='ldb-cmdline samdb POPT_SAMBA' + deps='samdb POPT_SAMBA' ) -- Samba Shared Repository
[SCM] Samba Shared Repository - annotated tag talloc-2.1.0 created
The annotated tag, talloc-2.1.0 has been created at 3be5ea3325aa68d75510640ac90a8ad1c5cbfbd4 (tag) tagging 256d10f5792a37d20cbb45f2af3f8578bd354110 (commit) replaces tevent-0.9.19 tagged by Stefan Metzmacher on Sun Sep 8 16:48:15 2013 +0200 - Log - talloc: tag release talloc-2.1.0 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQEcBAABAgAGBQJSLI4vAAoJEEeTkWETCEAlLGQIAMPYK++eJ4CIDSoP/JaNe78Q NSdwmi2VCqEhH5CMzntL9IOMX8nUzbTIxdd0qVVoO2J9YdmfD85PU4VzyRtT9QWK A8uFAPtdr9TN71QMezEz0yFRKOTrehv1EfO1MmS83rtox8t0D/MVvvA07F+IpiSg iCFnTt9gdWWjCrXQ2xSBi1nMA1UyjBrlIZL7tXgE8QtAMW7QEstvHQIkkczIxLC+ rW4PGyRx0bxTshN7+4t/+4bQ8rloygvYYn7k/Rydzs05FQp3YOsGjXwld44sqD3g yl42+X87aNaxfNeiJqS4I5sXFDtIZUWnksq+6/mrQKpvYofXVduN4ZxF1Z0BERc= =Yhld -END PGP SIGNATURE- Abhidnya Joshi (1): s3: fix missing braces in nfs4_acls.c Anand Avati (1): vfs_glusterfs: Implement proper mashalling/unmarshalling of ACLs Andreas Schneider (6): s3-libads: Print a message if no realm has been specified. libcli: Add security_token_system_privilege(). s3-rpc_server: Grant the system token full access. s3-netlogon: Connecting with the system token should be sufficient. s3-winbind: Fix a segfault passing NULL to a fstring argument. Followup patch for BUG: https://bugzilla.samba.org/show_bug.cgi?id=10082 Andrew Bartlett (8): dfs_server: Use dsdb_search_one to catch 0 results as well as NO_SUCH_OBJECT errors provision: Rewrite named.txt to be more useful scripting/join.py: Handle creating the dns-NAME account during a DC join scripting/samba_upgradedns: Tighten up exception and attribute list handling selftest: Test creation of the dns-SERVER account during selftest selftest: Start internal DNS server on domain provisioned for BIND9_DLZ selftest: Add a basic test of samba_upgradedns torture: Ensure that GSSAPI and SPNEGO packets are accepted by dlz_bind9 Christian Ambach (5): s3:lib/system fix build on AIX 7 waf: fix build on AIX7 waf: add --without-gettext option waf: consolidate libintl related checks waf: replace dependency to libintl with samba_intl Christof Schmitt (3): FSCTL_GET_SHADOW_COPY_DATA: Initialize output array to zero FSCTL_GET_SHADOW_COPY_DATA: Don't return 4 extra bytes at end doc: Fix prefix parameter name in vfs_full_audit man page Christopher R. Hertel (1): vfs_glusterfs: Fix excessive debug output from vfs_gluster_open(). David Disseldorp (9): torture: split out ioctl test file creation helper lib: add FSCTL_[GET/SET]_COMPRESSION constants torture: add smb2 FSCTL_[GET/SET]_COMPRESSION test torture: extend FSCTL_[GET/SET]_COMPRESSION tests torture: check for filesystem compression capability torture: add compressed file attribute ioctl test torture: add file_attribs arg to file create helper torture: add more [no-]compress-on-open ioctl tests torture: support Windows 2k8 response for compress_invalid_buf Gregor Beck (2): security.idl: add new security_secinfo bits Fix bug 9678 - Windows 8 Roaming profiles fail Günther Deschner (37): s3-libads: Fail create_local_private_krb5_conf_for_domain() if parameters missing. s3-net: pass down ndr_interface_table to connect_dst_pipe(). s3-rpc_cli: remove prototype of nonexisting cli_rpc_pipe_open_krb5(). s3-libnetapi: pass down ndr_interface_table to libnetapi_get_binding_handle(). s3-libnetapi: pass down ndr_interface_table to libnetapi_open_pipe(). s3-libnetapi: pass down ndr_interface_table to pipe_cm() and friends. s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_open_ncalrpc(). s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_open_interface(). s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open_schannel(). s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open_ntlmssp_auth_schannel(). s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open_schannel_with_key(). s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open_noauth(). s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open_noauth_transport(). s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open(). s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_open_np(). s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_open_tcp(). s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_get_tcp_port(). s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_open_tcp_port(). s3-rpc_cli: pass down ndr_interface_table to rpc_transport_np_init(). s3-rpc_cli: pass down ndr_interface_table to rpc_transport_np_init_send(). libcli/auth: also set secure channel type in netlogon_creds_client_init(). s3: libnet_join: add
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 38e4396 torture: Ensure that GSSAPI and SPNEGO packets are accepted by dlz_bind9 via 16b26ea selftest: Add a basic test of samba_upgradedns via 013c499 selftest: Start internal DNS server on domain provisioned for BIND9_DLZ via e281037 selftest: Test creation of the dns-SERVER account during selftest via d19c437 scripting/samba_upgradedns: Tighten up exception and attribute list handling via b106d90 scripting/join.py: Handle creating the dns-NAME account during a DC join from bdab6f9 Optimization. Don't do the retry logic if sitename_fetch() returned NULL, we already did a NULL query. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 38e43961c01f6f491b069e7106fe2a2ec80bd840 Author: Andrew Bartlett abart...@samba.org Date: Fri Dec 28 21:00:28 2012 +1100 torture: Ensure that GSSAPI and SPNEGO packets are accepted by dlz_bind9 This exercises some more of the dlz_bind9 code outside BIND, by sending in a ticket to be access checked, wrapped either in SPNEGO or just in GSSAPI. Andrew Bartlett Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Wed Sep 4 11:25:10 CEST 2013 on sn-devel-104 commit 16b26eafa75280e576333975cff5dd1505c118fa Author: Andrew Bartlett abart...@samba.org Date: Fri Dec 28 10:06:39 2012 +1100 selftest: Add a basic test of samba_upgradedns This does not check that the command runs correctly, but does at least check that the command runs to completion without errors. Andrew Bartlett Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 013c4990c6f1412dd25592bf177ceffab4b5d16d Author: Andrew Bartlett abart...@samba.org Date: Fri Dec 28 09:25:11 2012 +1100 selftest: Start internal DNS server on domain provisioned for BIND9_DLZ This shows that the internal server can use the dns-SERVER account. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org Signed-off-by: Andrew Bartlett abart...@samba.org commit e281037c9bfa68ca3dc564ec7a36e5c790024902 Author: Andrew Bartlett abart...@samba.org Date: Wed Dec 26 10:03:47 2012 +1100 selftest: Test creation of the dns-SERVER account during selftest We do this by having the samba-tool domain dcpromo for promoted_vampire_dc also create a dns-SERVER account. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org Signed-off-by: Andrew Bartlett abart...@samba.org commit d19c437a36b26e71c24bc25e672d714e21ba50bd Author: Andrew Bartlett abart...@samba.org Date: Mon Dec 24 09:12:04 2012 +1100 scripting/samba_upgradedns: Tighten up exception and attribute list handling This avoids asking for attributes that will not be used, and looks only for the expected exceptions, rather than all exceptions. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org Signed-off-by: Andrew Bartlett abart...@samba.org commit b106d9090e8f8f44f02059d2ced3d10066787060 Author: Andrew Bartlett abart...@samba.org Date: Mon Dec 24 08:56:50 2012 +1100 scripting/join.py: Handle creating the dns-NAME account during a DC join This will ensure that the DLZ plugin works out of the box when joining a second Samba DC to the domain. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org Signed-off-by: Andrew Bartlett abart...@samba.org --- Summary of changes: python/samba/join.py| 73 +++-- python/samba/provision/sambadns.py | 11 +++- selftest/target/Samba4.pm |4 +- source4/scripting/bin/samba_upgradedns | 30 +++ source4/selftest/tests.py |3 +- source4/setup/secrets_dns.ldif |2 +- source4/torture/dns/dlz_bind9.c | 78 +++ source4/torture/winbind/winbind.c |1 + testprogs/blackbox/test_samba_upgradedns.sh | 37 + 9 files changed, 218 insertions(+), 21 deletions(-) create mode 100755 testprogs/blackbox/test_samba_upgradedns.sh Changeset truncated at 500 lines: diff --git a/python/samba/join.py b/python/samba/join.py index c55c22c..b2f4da4 100644 --- a/python/samba/join.py +++ b/python/samba/join.py @@ -26,9 +26,12 @@ from samba.ndr import ndr_pack from samba.dcerpc import security, drsuapi, misc, nbt, lsa, drsblobs from samba.credentials import Credentials, DONT_USE_KERBEROS from samba.provision import secretsdb_self_join, provision, provision_fill, FILL_DRS
[SCM] Samba Shared Repository - branch master updated
b706ca6e55aa76d4da901c69d991969602facc3b Author: Stefan Metzmacher me...@samba.org Date: Wed Aug 14 15:18:47 2013 -0700 s3:libsmb: call smb2cli_logoff() from cli_ulogoff() Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Jeremy Allison j...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Thu Aug 15 10:53:21 CEST 2013 on sn-devel-104 commit 1d7bdfc4feac35d92b003c3c78f502897ecc5d4e Author: Stefan Metzmacher me...@samba.org Date: Wed Aug 14 11:48:40 2013 +0200 s3:libsmb: make cli_ulogoff_send/recv static Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Jeremy Allison j...@samba.org commit e6be68fb5e4dc528f7365f3413b9b66090992f42 Author: Stefan Metzmacher me...@samba.org Date: Wed Aug 14 11:44:58 2013 +0200 s3:libsmb: call smb2cli_tdis() from cli_tdis() Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Jeremy Allison j...@samba.org commit d732e9aab3bbad3ea97f8b120e57b41152aaee3b Author: Stefan Metzmacher me...@samba.org Date: Wed Aug 14 11:44:10 2013 +0200 s3:libsmb: only set tcon to invalid in smb2cli_tdis* This matches the behavior of cli_tdis*. Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Jeremy Allison j...@samba.org commit 80d4f64352c0ddacb9ee15d2b48a42a0b7929501 Author: Stefan Metzmacher me...@samba.org Date: Wed Aug 14 11:38:22 2013 +0200 s3:libsmb: make cli_tdis_send/recv static Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Jeremy Allison j...@samba.org commit ccf7b3719121e03ed06d15b9af5373eecba3e828 Author: Stefan Metzmacher me...@samba.org Date: Tue Aug 13 18:38:57 2013 +0200 s3:libsmb: add support for SMB2 in cli_writeall() Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Jeremy Allison j...@samba.org commit a85d4511e6bc84938d60f090b44a5b1468ee4136 Author: Stefan Metzmacher me...@samba.org Date: Tue Aug 13 18:20:08 2013 +0200 s3:libsmb: add SMB2 support to cli_pull* Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Jeremy Allison j...@samba.org commit 6896bf0b28a07eb8ead5b3bd2bc50229aa59d439 Author: Stefan Metzmacher me...@samba.org Date: Tue Aug 13 16:33:30 2013 +0200 s3:libsmb: add SMB2 support to cli_push* Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Jeremy Allison j...@samba.org commit 80758e4b07c87280e778ba161c2c9c4a2ee47853 Author: Jeremy Allison j...@samba.org Date: Thu Aug 8 11:00:49 2013 -0700 s3:libsmb: Plumb cli_smb2_set_security_descriptor() inside cli_set_security_descriptor(). Signed-off-by: Jeremy Allison j...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 1db7e90451f31d75298508c19a859d98d56d7e7c Author: Jeremy Allison j...@samba.org Date: Thu Aug 8 11:00:08 2013 -0700 s3:libsmb: Plumb cli_smb2_query_security_descriptor() inside cli_query_security_descriptor(). Signed-off-by: Jeremy Allison j...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit de895bf228432f2a42bcdcadcf12ffd1be64022f Author: Jeremy Allison j...@samba.org Date: Wed Aug 7 16:50:03 2013 -0700 s3:libsmb: Plumb cli_smb2_qpathinfo_alt_name() inside cli_qpathinfo_alt_name(). Signed-off-by: Jeremy Allison j...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit cba3ed0466b8598e28a44809778b99e97b1bf1a1 Author: Jeremy Allison j...@samba.org Date: Thu Aug 8 10:52:02 2013 -0700 s3:libsmb: Plumb cli_smb2_qpathinfo_basic() inside cli_qpathinfo_basic(). Signed-off-by: Jeremy Allison j...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 2bb3e251d59910d9bf527a73271094702bceefe2 Author: Jeremy Allison j...@samba.org Date: Wed Aug 7 16:47:21 2013 -0700 s3:libsmb: Plumb cli_smb2_qfileinfo_basic() inside cli_qfileinfo_basic(). Signed-off-by: Jeremy Allison j...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit e96309ca1b057d430444531523bb2c9f59fcd624 Author: Jeremy Allison j...@samba.org Date: Wed Aug 7 16:46:05 2013 -0700 s3:libsmb: Plumb cli_smb2_qpathinfo_streams() inside cli_qpathinfo_streams(). Signed-off-by: Jeremy Allison j...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit f2f566b1cc8d55bd1cf93478b877a3e7f455855c Author: Jeremy Allison j...@samba.org Date: Wed Aug 7 16:45:05 2013 -0700 s3:libsmb: Plumb cli_smb2_qpathinfo2() inside cli_qpathinfo2(). Signed-off-by: Jeremy Allison j...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 73255d3ba912b3a112f9d766deae895f51e16cd9 Author: Jeremy Allison j...@samba.org Date: Wed Aug 7 16:43:33 2013 -0700 s3:libsmb: Plumb cli_smb2_list() inside cli_list(). Signed-off-by: Jeremy Allison j...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 7e2d969deb1d4bcf3add422d80852b2d386cfaac
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 5f75814 winbind3: Fix an invalid free from 1b57fd1 s3-winbindd: fix fallback to ncacn_np in cm_connect_lsat(). http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 5f75814586f2d6f7c2dc8fd9342cb045c1f7e68c Author: Volker Lendecke v...@samba.org Date: Wed Aug 14 09:27:59 2013 + winbind3: Fix an invalid free This fixes a warning I've never seen before :-) ../source3/winbindd/winbindd_cm.c:781:59: warning: attempt to free a non-heap object ‘machine_krb5_principal’ [-Wfree-nonheap-object] Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Wed Aug 14 14:04:16 CEST 2013 on sn-devel-104 --- Summary of changes: source3/winbindd/winbindd_cm.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c index 1832b2b..d89ca95 100644 --- a/source3/winbindd/winbindd_cm.c +++ b/source3/winbindd/winbindd_cm.c @@ -778,7 +778,7 @@ static NTSTATUS get_trust_creds(const struct winbindd_domain *domain, } if (!strupper_m(*machine_krb5_principal)) { - SAFE_FREE(machine_krb5_principal); + SAFE_FREE(*machine_krb5_principal); return NT_STATUS_INVALID_PARAMETER; } } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 1b57fd1 s3-winbindd: fix fallback to ncacn_np in cm_connect_lsat(). from 52d66d8 s3-winbind: Fix a segfault passing NULL to a fstring argument. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 1b57fd180c2640598c13d2459a7c7a6f04708388 Author: Günther Deschner g...@samba.org Date: Mon Aug 12 17:23:12 2013 +0200 s3-winbindd: fix fallback to ncacn_np in cm_connect_lsat(). Fallback to lsa named-pipe connection when tcp connection has failed twice (it could be a trusted domain connection where we cannot setup a secure channel). Guenther BUG: https://bugzilla.samba.org/show_bug.cgi?id=9615 BUG: https://bugzilla.samba.org/show_bug.cgi?id=9899 Signed-off-by: Günther Deschner g...@samba.org Signed-off-by: Andreas Schneider a...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Tested-by: Christof Schmitt christof.schm...@us.ibm.com Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Tue Aug 13 20:55:33 CEST 2013 on sn-devel-104 --- Summary of changes: source3/winbindd/winbindd_cm.c |9 +++-- 1 files changed, 7 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c index 08c763c..1832b2b 100644 --- a/source3/winbindd/winbindd_cm.c +++ b/source3/winbindd/winbindd_cm.c @@ -2651,11 +2651,16 @@ NTSTATUS cm_connect_lsat(struct winbindd_domain *domain, invalidate_cm_connection(domain-conn); status = cm_connect_lsa_tcp(domain, mem_ctx, cli); } - if (!NT_STATUS_IS_OK(status)) { + if (NT_STATUS_IS_OK(status)) { return status; } - return NT_STATUS_OK; + /* +* we tried twice to connect via ncan_ip_tcp and schannel and +* failed - maybe it is a trusted domain we can't connect to ? +* do not try tcp next time - gd +*/ + domain-can_do_ncacn_ip_tcp = false; } status = cm_connect_lsa(domain, mem_ctx, cli, lsa_policy); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 9177a0d libcli/auth: add more const to spnego_negTokenInit-mechTypes via f1e6014 libcli/auth: avoid possible mem leak in read_negTokenInit() via 966faef auth/gensec: treat struct gensec_security_ops as const if possible. via c81b6f7 auth/gensec: use 'const char * const *' for function parameters via e81550c auth/gensec: make it possible to implement async backends via 6a7a44d auth/gensec: avoid talloc_reference in gensec_security_mechs() via 3e3534f auth/gensec: avoid talloc_reference in gensec_use_kerberos_mechs() via 71c63e8 auth/gensec: introduce gensec_internal.h via 57bcbb9 libcli/auth/schannel: remove unused schannel_position via 4c978b6 libcli/auth/schannel: make struct schannel_state private via e90e1b5 s4:gensec/schannel: only require librpc/gen_ndr/dcerpc.h via 9b9ab1a s4:gensec/schannel: there's no point in having schannel_session_key() via a07049a s4:gensec/schannel: GENSEC_FEATURE_ASYNC_REPLIES is not supported via b510476 s4:gensec/schannel: use the correct computer_name from netlogon_creds_CredentialState via 49f347e s4:gensec/schannel: simplify the code by using netsec_create_state() via 4cad5dc s4:gensec/schannel: remove unused dcerpc_schannel_creds() via 2ea3a24 s4:torture: avoid usage of dcerpc_schannel_creds() via c014427 s4:libnet: avoid usage of dcerpc_schannel_creds() via a36ccdc s3:dcerpc_helpers: remove unused DEBUG message of schannel_state-seq_num. via a964309 s3:rpc_server: make use of netsec_create_state() via af4dc30 s3:cli_pipe.c: return NO_USER_SESSION_KEY in cli_get_session_key() for schannel via 838cb53 s3:cli_pipe: pass down creds-computer_name to NL_AUTH_MESSAGE via e96142f s3:cli_pipe: make use of netsec_create_state() via 3321539 libcli/auth: add netsec_create_state() via 9f2e81a libcli/auth: maintain the sequence number for the NETLOGON SSP as 64bit via 59b0956 auth/gensec: add gensec_security_by_auth_type() via 45c74c8 auth/gensec: first check GENSEC_FEATURE_SESSION_KEY before returning NOT_IMPLEMENTED via 04938cb s3:rpc_client: remove unused cli_rpc_pipe_open_ntlmssp_auth_schannel() via 3302356 s3:rpc_client: remove netr_LogonGetCapabilities check from rpc_pipe_bind* via eecb5ba s3:rpc_client: add netr_LogonGetCapabilities to cli_rpc_pipe_open_schannel_with_key() via e9c8e3f s3:rpc_client: use netlogon_creds_copy before rpc_pipe_bind via 90e28c1 s3:rpc_client: fix/add AES downgrade detection to rpc_pipe_bind_step_two_done() via e77a64f s3:rpcclient: try to use NETLOGON_NEG_SUPPORTS_AES via 0460063 s3:rpc_client: try to use NETLOGON_NEG_SUPPORTS_AES via beba326 s3:libnet_join: try to use NETLOGON_NEG_SUPPORTS_AES via d82ab705 s3:auth_domain: try to use NETLOGON_NEG_SUPPORTS_AES via 11e0be0 s3:libsmb: remove unused cli_state-is_guestlogin from d944841 torture: add smb2 FSCTL_[GET/SET]_COMPRESSION test http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 9177a0d1c1c92c45ef92fbda55fc6dd8aeb76b6c Author: Stefan Metzmacher me...@samba.org Date: Mon Aug 5 10:46:47 2013 +0200 libcli/auth: add more const to spnego_negTokenInit-mechTypes Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Sat Aug 10 11:11:54 CEST 2013 on sn-devel-104 commit f1e60142e12deb560e3c62441fd9ff2acd086b60 Author: Stefan Metzmacher me...@samba.org Date: Mon Aug 5 10:43:38 2013 +0200 libcli/auth: avoid possible mem leak in read_negTokenInit() Also add error checks. Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org commit 966faef9c61d2ec02d75fc3ccc82a61524fb77e4 Author: Stefan Metzmacher me...@samba.org Date: Mon Aug 5 11:20:21 2013 +0200 auth/gensec: treat struct gensec_security_ops as const if possible. Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org commit c81b6f7448d7f945635784de645bea4f7f2e230f Author: Stefan Metzmacher me...@samba.org Date: Mon Aug 5 11:10:55 2013 +0200 auth/gensec: use 'const char * const *' for function parameters Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org commit e81550c8117166d0fbf69ba1d3957cb950c42961 Author: Stefan Metzmacher me...@samba.org Date: Mon Aug 5 16:12:13 2013 +0200 auth/gensec: make it possible to implement async backends Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 859182d dfs_server: Use dsdb_search_one to catch 0 results as well as NO_SUCH_OBJECT errors from ba40d0d s3:lib/system fix build on AIX 7 http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 859182da6d06be0e9d37d7ed3448efc3dc78bdb2 Author: Andrew Bartlett abart...@samba.org Date: Tue Jul 30 10:40:39 2013 +1200 dfs_server: Use dsdb_search_one to catch 0 results as well as NO_SUCH_OBJECT errors This ensures we do not de-reference an invalid rs-msgs pointer if the pointed-to object was not objectclass=computer Andrew Bartlett Bug: https://bugzilla.samba.org/show_bug.cgi?id=10052 Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Fri Aug 2 13:11:20 CEST 2013 on sn-devel-104 --- Summary of changes: dfs_server/dfs_server_ad.c | 10 +- 1 files changed, 5 insertions(+), 5 deletions(-) Changeset truncated at 500 lines: diff --git a/dfs_server/dfs_server_ad.c b/dfs_server/dfs_server_ad.c index 249a1d1..062eb49 100644 --- a/dfs_server/dfs_server_ad.c +++ b/dfs_server/dfs_server_ad.c @@ -206,14 +206,14 @@ static NTSTATUS get_dcs_insite(TALLOC_CTX *ctx, struct ldb_context *ldb, for (i = 0; ir-count; i++) { struct ldb_dn *dn; - struct ldb_result *r2; + struct ldb_message *msg; dn = ldb_msg_find_attr_as_dn(ldb, ctx, r-msgs[i], serverReference); if (!dn) { return NT_STATUS_INTERNAL_ERROR; } - ret = ldb_search(ldb, r, r2, dn, LDB_SCOPE_BASE, attrs2, (objectClass=computer)); + ret = dsdb_search_one(ldb, r, msg, dn, LDB_SCOPE_BASE, attrs2, 0, (objectClass=computer)); if (ret != LDB_SUCCESS) { DEBUG(2,(__location__ : Search for computer on %s failed - %s\n, ldb_dn_get_linearized(dn), ldb_errstring(ldb))); @@ -221,7 +221,7 @@ static NTSTATUS get_dcs_insite(TALLOC_CTX *ctx, struct ldb_context *ldb, } if (dofqdn) { - const char *dns = ldb_msg_find_attr_as_string(r2-msgs[0], dNSHostName, NULL); + const char *dns = ldb_msg_find_attr_as_string(msg, dNSHostName, NULL); if (dns == NULL) { DEBUG(2,(__location__ : dNSHostName missing on %s\n, ldb_dn_get_linearized(dn))); @@ -233,7 +233,7 @@ static NTSTATUS get_dcs_insite(TALLOC_CTX *ctx, struct ldb_context *ldb, NT_STATUS_HAVE_NO_MEMORY_AND_FREE(list-names[list-count], r); } else { char *tmp; - const char *aname = ldb_msg_find_attr_as_string(r2-msgs[0], sAMAccountName, NULL); + const char *aname = ldb_msg_find_attr_as_string(msg, sAMAccountName, NULL); if (aname == NULL) { DEBUG(2,(__location__ : sAMAccountName missing on %s\n, ldb_dn_get_linearized(dn))); @@ -250,7 +250,7 @@ static NTSTATUS get_dcs_insite(TALLOC_CTX *ctx, struct ldb_context *ldb, list-names[list-count] = tmp; } list-count++; - talloc_free(r2); + talloc_free(msg); } talloc_free(r); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 8f98f5d tevent: change version to 0.9.19 via 066a642 tevent: Remove the signal pipe if no signal events are around from f9d19c4 Ensure gpfs kernel leases are wrapped in a become_root()/unbecome_root() pair. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 8f98f5d85ae30361f6bb9f6f42d6a7fd279301e1 Author: Stefan Metzmacher me...@samba.org Date: Thu Aug 1 13:13:04 2013 +0200 tevent: change version to 0.9.19 * Fix tevent testsuite issue on Solaris. * Add tevent tuturial and documentation updates * Fix Coverity ID 989236 Operands don't affect result * Bug: https://bugzilla.samba.org/show_bug.cgi?id=10012 Signed-off-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Thu Aug 1 17:05:02 CEST 2013 on sn-devel-104 commit 066a642f10cae7980eefb2d8ada3a6c3f5220542 Author: Volker Lendecke v...@samba.org Date: Wed Jul 31 11:31:57 2013 +0200 tevent: Remove the signal pipe if no signal events are around It makes adding/removing the first/last sigevents a bit more expensive, but it will fix tevent_loop_wait not finishing when one signal event was added and removed. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10012 Signed-off-by: Volker Lendecke v...@samba.org Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andreas Schneider a...@samba.org --- Summary of changes: .../ABI/{tevent-0.9.18.sigs = tevent-0.9.19.sigs} |0 lib/tevent/tevent_signal.c | 14 +- lib/tevent/wscript |2 +- 3 files changed, 14 insertions(+), 2 deletions(-) copy lib/tevent/ABI/{tevent-0.9.18.sigs = tevent-0.9.19.sigs} (100%) Changeset truncated at 500 lines: diff --git a/lib/tevent/ABI/tevent-0.9.18.sigs b/lib/tevent/ABI/tevent-0.9.19.sigs similarity index 100% copy from lib/tevent/ABI/tevent-0.9.18.sigs copy to lib/tevent/ABI/tevent-0.9.19.sigs diff --git a/lib/tevent/tevent_signal.c b/lib/tevent/tevent_signal.c index 0fdf646..8e13d73 100644 --- a/lib/tevent/tevent_signal.c +++ b/lib/tevent/tevent_signal.c @@ -175,7 +175,19 @@ static int tevent_signal_destructor(struct tevent_signal *se) struct tevent_common_signal_list); if (se-event_ctx) { - DLIST_REMOVE(se-event_ctx-signal_events, se); + struct tevent_context *ev = se-event_ctx; + + DLIST_REMOVE(ev-signal_events, se); + + if (ev-signal_events == NULL ev-pipe_fde != NULL) { + /* +* This was the last signal. Destroy the pipe. +*/ + TALLOC_FREE(ev-pipe_fde); + + close(ev-pipe_fds[0]); + close(ev-pipe_fds[1]); + } } talloc_free(sl); diff --git a/lib/tevent/wscript b/lib/tevent/wscript index 02bddb8..39f2ae4 100755 --- a/lib/tevent/wscript +++ b/lib/tevent/wscript @@ -1,7 +1,7 @@ #!/usr/bin/env python APPNAME = 'tevent' -VERSION = '0.9.18' +VERSION = '0.9.19' blddir = 'bin' -- Samba Shared Repository
[SCM] Samba Shared Repository - annotated tag tevent-0.9.19 created
The annotated tag, tevent-0.9.19 has been created at 9ab5377392768d4465f2d6529fa9dc8ada01502f (tag) tagging 8f98f5d85ae30361f6bb9f6f42d6a7fd279301e1 (commit) replaces ldb-1.1.16 tagged by Stefan Metzmacher on Thu Aug 1 17:11:55 2013 +0200 - Log - tevent: tag release tevent-0.9.19 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQEcBAABAgAGBQJR+nq7AAoJEEeTkWETCEAlnj0IAL5uIboUh4zDM0UFk3j/H+Re /cYnCufwHp1ROtiBsvhPRolpdVEFB/Fn57JLfbYvLPLTuzCrDzvnbQt3zr50W0au PnNe9hNNALsXDz78eha8qYkfkk1dVM4nTvIqUWU6iTbovd4iMT4x687FKLfJekeT o9ygHh4kyTp4DWD7Tai/PTWKCuhgrVz03Yz1Ao//vGuHaJEQclZsVdn0e3X2U9Bt WcNIo64u3C6Vx/+FDrpA1qrWD+0ZPxw9+ZfF+H6OZ8xcymbPQrlyWHeQxon1tStT 6ZvkhDlzVqzQfxOOoHZD/pjrTi67miejwfTgx6TBxPPsfo+rhDZFDk+X+wOXoVI= =AS6o -END PGP SIGNATURE- Alexander Werth (1): s3: Remove old mode special substitution. Andreas Schneider (22): tsocket: Pass the full port number to getaddrinfo(). tsocket: Pass the full port number to getaddrinfo(). torture: Fix comparsion of uninitalized bytes. torture: Don't segfault in raw.session on error. torture: Don't segfault in smb2.session on error. selftest: Fix domain name of plugindc. selftest: Add a newline to root entries in the nss files. selftest: Use higher ip numbers. s3-winbind: Allow sec_initial_uid() to store creds. torture: Fix comparsion of uninitalized bytes. torture: Don't segfault in raw.session on error. torture: Don't segfault in smb2.session on error. selftest: Fix domain name of plugindc. selftest: Add a newline to root entries in the nss files. selftest: Use higher ip numbers. s3-winbind: Allow sec_initial_uid() to store creds. waf: Build with RELRO if supported by the compiler. s3-winbind: Do not delete an existing valid credential cache. nsswitch: Don't enumerate all domains with wbinfo -u|-g. s3-waf: Rename regedit to samba-regedit. docs-xml: Remove obsolete swat manpage and references. nsswitch: Add OPT_KRB5CCNAME to avoid an error message. Andrew Bartlett (23): libcli/ldap: Cope with substring match with no chunks in ldap_push_filter torture: Add tests for LDAP substring search with no strings provided heimdal_build: Add missing dep on samba4kgetcred dsdb-ridalloc: Fix RID pools - RID numbers increase too quickly service_stream: Log if the connection termination is deferred or not (bug #9820) s4-winbindd: Do not terminate a connection that is still pending (bug #9820) s4-lib/socket: Allocate a the larger sockaddr_un and not just a sockaddr_in in unixdom_get_peer_addr() dynconfig: Remove last s3 markers now we have just one build system dsdb-descriptor: Do not do a subtree search unless we have child entries dsdb: Rework subtree_rename module to use recursive LDB_SCOPE_ONELEVEL searches dsdb-ridalloc: Rework ridalloc to return error strings where RID allocation fails selftest: Ensure the DC has started and and got a RID set before we proceed dsdb: Add assert in drepl_take_FSMO_role rpc_server-drsuapi: Improve comments and DEBUG lines selftest: ensure samba4.rpc.samr.large-dc.two.samr.many is always tested selftest: ensure samba4.nss.test.*using.*winbind is always tested torture/drs: Expand an error message to aid debugging dsdb: Prune deleted objects of links and extra attributes of replicated deletes dsdb: Ensure we always force deleted objects back under the deleted objects DN dsdb: Improve DRS deleted link source/target handing in repl_meta_data dsdb tests: Add member/memberOf checking to delete_objects testing dsdb: Include MS-ADTS doc references on deleted object contstraints samba-tool dbcheck: Correctly remove deleted DNs in dbcheck Aurélien Aptel (1): docs-xml/manpages/smbclient.1.xml: fix case of -T flag in example. Bill Parker (1): Fix bug 10025 - Lack of Sanity Checking in calls to malloc()/calloc(). Björn Baumbach (2): s3-lib: fix segf while reading incomplete session info (bug #10003) s3-smbstatus: display [u|g]id of -1 as -1 in connection list Björn Jacke (2): time: don't try to use the coarse clock time: prefer CLOCK_BOOTTIME for clock_gettime_mono() Christian Ambach (5): nsswitch: fix a comment s3:smbd/aio mark file as modified in the SMB2 case s3:lib add mapping for ETXTBSY s3:smbd/close use common exit path s3:smbd/close remove filesystem lock before removing sharemode Christof Schmitt (1): selftest: Print error message when smbd does not have ADS support Daniel Gan-Levi (1): s3-ctdb: Fix auto-enabling of CTDB readonly support David Disseldorp (1): tevent: document tevent_req_create state zeroing Günther Deschner (4): s3-printing: avoid KRB5CCNAME
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 7615b25 samba-tool dbcheck: Correctly remove deleted DNs in dbcheck via f2afdb6 dsdb: Include MS-ADTS doc references on deleted object contstraints via a9e565a dsdb tests: Add member/memberOf checking to delete_objects testing via 0162be3 dsdb: Improve DRS deleted link source/target handing in repl_meta_data via 32955a1 dsdb: Ensure we always force deleted objects back under the deleted objects DN via a796cad dsdb/repl_meta_data: split out replmd_deletion_state() via d3aad89 dsdb: Prune deleted objects of links and extra attributes of replicated deletes from 8f8e843 s3:winbind: add a warning DEBUG message when skipping a sid from the mapped GID list http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 7615b2549d9549683978cb3e85b926e2ba63e294 Author: Andrew Bartlett abart...@samba.org Date: Sun Apr 14 13:32:49 2013 +1000 samba-tool dbcheck: Correctly remove deleted DNs in dbcheck The previous pattern never matched, as it was a typo. Andrew Bartlett Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Tue Jul 30 12:55:00 CEST 2013 on sn-devel-104 commit f2afdb61698c37389be286f9443471d4aeba49b8 Author: Andrew Bartlett abart...@samba.org Date: Tue Jun 4 20:22:31 2013 +1000 dsdb: Include MS-ADTS doc references on deleted object contstraints Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit a9e565a5a4478f7b923f35311e170de2044ff848 Author: Andrew Bartlett abart...@samba.org Date: Mon Jun 3 17:51:41 2013 +1000 dsdb tests: Add member/memberOf checking to delete_objects testing Pair-Programmed-With: Stefan Metzmacher me...@samba.org Signed-off-by: Andrew Bartlett abart...@samba.org Signed-off-by: Stefan Metzmacher me...@samba.org commit 0162be32ab4f9716a4300d1f1a0caae8b0133f7c Author: Andrew Bartlett abart...@samba.org Date: Tue Jun 4 19:57:06 2013 +1000 dsdb: Improve DRS deleted link source/target handing in repl_meta_data We now correctly ignore the link updates if the source or target is deleted locally. This fixes the long-standing failure in the vampire_dc dbcheck test. Pair-Programmed-With: Stefan Metzmacher me...@samba.org Andrew Bartlett Signed-off-by: Andrew Bartlett abart...@samba.org Signed-off-by: Stefan Metzmacher me...@samba.org commit 32955a1dec3a97ab4550869dbeb5034247f3b1bc Author: Andrew Bartlett abart...@samba.org Date: Mon Jun 17 22:37:20 2013 +1000 dsdb: Ensure we always force deleted objects back under the deleted objects DN Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit a796cad90f1028ccc54a3539e34dc0728b990a96 Author: Stefan Metzmacher me...@samba.org Date: Wed Jun 5 09:35:42 2013 +0200 dsdb/repl_meta_data: split out replmd_deletion_state() Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org commit d3aad891c5759f66bd891cb47866d908a0562a8a Author: Andrew Bartlett abart...@samba.org Date: Fri May 31 20:01:17 2013 +1000 dsdb: Prune deleted objects of links and extra attributes of replicated deletes When an object is deleted, the links to be removed are not propogated, you have to watch out for them manually! We do this by calling back into the originating update delete code (ie what is called if you ldb_delete() locally) so that any extra attribute found locally and not on the remote server becomes removed remotely too. We currently do the same with links, but that isn't strictly correct, but for now our getNCChanges server code filters these out, so only the usn is bumped. Andrew Bartlett Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org --- Summary of changes: python/samba/dbchecker.py |2 +- selftest/knownfail |1 - source4/dsdb/samdb/ldb_modules/repl_meta_data.c | 568 ++- source4/torture/drs/python/delete_object.py | 278 ++- 4 files changed, 698 insertions(+), 151 deletions(-) Changeset truncated at 500 lines: diff --git a/python/samba/dbchecker.py b/python/samba/dbchecker.py index e88f876..8b175c2 100644 --- a/python/samba/dbchecker.py +++ b/python/samba/dbchecker.py @@ -271,7 +271,7 @@ newSuperior: %s % (str(from_dn), str(to_rdn), str(to_base))) handle a missing target DN (both GUID and DN string form are missing
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via a74c7d7 torture/drs: Expand an error message to aid debugging via 63c05e8 dsdb/samdb: use RECYCLED it implies DELETED... via 6016ba3 selftest: ensure samba4.nss.test.*using.*winbind is always tested via 93b8315 selftest: ensure samba4.rpc.samr.large-dc.two.samr.many is always tested via 5e1f279 rpc_server-drsuapi: Improve comments and DEBUG lines via e9faf50 dsdb: Add assert in drepl_take_FSMO_role via ae0ba6b selftest: Ensure the DC has started and and got a RID set before we proceed via db9c3c6 dsdb-ridalloc: Rework ridalloc to return error strings where RID allocation fails via 31fb7f9 dsdb: Rework subtree_rename module to use recursive LDB_SCOPE_ONELEVEL searches via 03b44d2 dsdb-descriptor: Do not do a subtree search unless we have child entries from ca98d81 dynconfig: Remove last s3 markers now we have just one build system http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit a74c7d780cb6a1e8a5a63ebbbcf36fd7cf717ea1 Author: Andrew Bartlett abart...@samba.org Date: Mon Jun 17 22:37:54 2013 +1000 torture/drs: Expand an error message to aid debugging Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Thu Jul 25 13:51:44 CEST 2013 on sn-devel-104 commit 63c05e820f1449b2dfa6e4f096d8270284a60bbb Author: Stefan Metzmacher me...@samba.org Date: Mon Jun 10 14:00:01 2013 +0200 dsdb/samdb: use RECYCLED it implies DELETED... Signed-off-by: Stefan Metzmacher me...@samba.org commit 6016ba3a02c5418b44bb61d434f3a25d6e5991b8 Author: Andrew Bartlett abart...@samba.org Date: Sat Jul 13 19:35:52 2013 +1000 selftest: ensure samba4.nss.test.*using.*winbind is always tested With the winbind fixes now in master this should be more reliable. Andrew Bartlett Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 93b83151c9563f4c1f47b925fed079d275f8ec43 Author: Andrew Bartlett abart...@samba.org Date: Sat Jul 13 19:34:45 2013 +1000 selftest: ensure samba4.rpc.samr.large-dc.two.samr.many is always tested This test should now be more reliable with the over-allocation of RID values now fixed. Andrew Bartlett Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 5e1f2795f28b0a213b4529e046edec68caa3bd41 Author: Andrew Bartlett abart...@samba.org Date: Fri Jun 28 09:19:48 2013 +1000 rpc_server-drsuapi: Improve comments and DEBUG lines Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit e9faf50ee123a8d1d647ebffa39107ca0dce756c Author: Andrew Bartlett abart...@samba.org Date: Fri Jun 28 09:15:16 2013 +1000 dsdb: Add assert in drepl_take_FSMO_role Pair-Programmed-With: Stefan Metzmacher me...@samba.org Signed-off-by: Andrew Bartlett abart...@samba.org Signed-off-by: Stefan Metzmacher me...@samba.org commit ae0ba6bd833f71c4337ae3b6621bf797cb3c48c2 Author: Andrew Bartlett abart...@samba.org Date: Wed Jun 19 11:33:36 2013 +1000 selftest: Ensure the DC has started and and got a RID set before we proceed This avoids errors when a busy DC has not yet fetched a RID set, showing up as flapping tests when users are created, such as the samr.large-dc test. Andrew Bartlett Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit db9c3c62c89e1328872e3fdedde22b78770728a9 Author: Andrew Bartlett abart...@samba.org Date: Wed Jun 19 10:30:48 2013 +1000 dsdb-ridalloc: Rework ridalloc to return error strings where RID allocation fails We now also only poke the RID manager once per request. This may help track down why RID allocation can fail, as while we never wait for the RID set to be created/updated, it may be the only clue the admin gets as to why the async allocations were failing. Andrew Bartlett Pair-Programmed-With: Stefan Metzmacher me...@samba.org Signed-off-by: Andrew Bartlett abart...@samba.org Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 31fb7f9c1b93b0f2114dec5096e43616ed317720 Author: Andrew Bartlett abart...@samba.org Date: Sun Jun 23 21:38:40 2013 +1000 dsdb: Rework subtree_rename module to use recursive LDB_SCOPE_ONELEVEL searches This should be more efficient, particularly in the leaf node case when renaming and deleting entries on large databases. Andrew Bartlett Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via ca98d81 dynconfig: Remove last s3 markers now we have just one build system from 077dfd0 s4-lib/socket: Allocate a the larger sockaddr_un and not just a sockaddr_in in unixdom_get_my_addr() http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit ca98d816cc898ed66a0aa065de65938bd4b71c1a Author: Andrew Bartlett abart...@samba.org Date: Thu Jun 13 19:33:42 2013 +1000 dynconfig: Remove last s3 markers now we have just one build system Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Wed Jul 24 16:29:15 CEST 2013 on sn-devel-104 --- Summary of changes: dynconfig/dynconfig.c |2 -- dynconfig/dynconfig.h |3 --- 2 files changed, 0 insertions(+), 5 deletions(-) Changeset truncated at 500 lines: diff --git a/dynconfig/dynconfig.c b/dynconfig/dynconfig.c index 5f67278..af9d735 100644 --- a/dynconfig/dynconfig.c +++ b/dynconfig/dynconfig.c @@ -83,7 +83,6 @@ const char *set_dyn_##name(const char *newpath) \ return dyn_##name;\ } -/* these are in common with s3 */ DEFINE_DYN_CONFIG_PARAM(SBINDIR) DEFINE_DYN_CONFIG_PARAM(BINDIR) DEFINE_DYN_CONFIG_PARAM(CONFIGFILE) /** Location of smb.conf file. **/ @@ -105,7 +104,6 @@ DEFINE_DYN_CONFIG_PARAM(NMBDSOCKETDIR) DEFINE_DYN_CONFIG_PARAM(DATADIR) DEFINE_DYN_CONFIG_PARAM(SETUPDIR) DEFINE_DYN_CONFIG_PARAM(WINBINDD_SOCKET_DIR) /* from winbind_struct_protocol.h in s3 autoconf */ - DEFINE_DYN_CONFIG_PARAM(WINBINDD_PRIVILEGED_SOCKET_DIR) DEFINE_DYN_CONFIG_PARAM(NTP_SIGND_SOCKET_DIR) DEFINE_DYN_CONFIG_PARAM(PYTHONDIR) diff --git a/dynconfig/dynconfig.h b/dynconfig/dynconfig.h index 4d24001..2a45f1f 100644 --- a/dynconfig/dynconfig.h +++ b/dynconfig/dynconfig.h @@ -30,7 +30,6 @@ const char *get_dyn_##name(void); \ const char *set_dyn_##name(const char *newpath); \ bool is_default_dyn_##name(void); -/* these are in common with s3 */ DEFINE_DYN_CONFIG_PROTO(SBINDIR) DEFINE_DYN_CONFIG_PROTO(BINDIR) DEFINE_DYN_CONFIG_PROTO(CONFIGFILE) /** Location of smb.conf file. **/ @@ -49,8 +48,6 @@ DEFINE_DYN_CONFIG_PROTO(SMB_PASSWD_FILE) DEFINE_DYN_CONFIG_PROTO(PRIVATE_DIR) DEFINE_DYN_CONFIG_PROTO(LOCALEDIR) DEFINE_DYN_CONFIG_PROTO(NMBDSOCKETDIR) - -/* these are not in s3 */ DEFINE_DYN_CONFIG_PROTO(DATADIR) DEFINE_DYN_CONFIG_PROTO(SETUPDIR) DEFINE_DYN_CONFIG_PROTO(WINBINDD_SOCKET_DIR) -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via e6a58d3 s4:rpc_server: make sure we don't terminate a connection with pending requests (bug #9820) via 2505d48 s4-winbindd: Do not terminate a connection that is still pending (bug #9820) via df929d6 service_stream: Log if the connection termination is deferred or not (bug #9820) from 577cef8 s3-smbstatus: display [u|g]id of -1 as -1 in connection list http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit e6a58d370403e818bc2cfb8389751b78adcc14fd Author: Stefan Metzmacher me...@samba.org Date: Tue Jul 9 16:38:59 2013 +0200 s4:rpc_server: make sure we don't terminate a connection with pending requests (bug #9820) Sadly we may have nested event loops, which won't work correctly with broken connections, that's why we have to do this... Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Wed Jul 10 08:47:38 CEST 2013 on sn-devel-104 commit 2505d48e4fbcd8a805a88ad0b05fb1a16a588197 Author: Andrew Bartlett abart...@samba.org Date: Thu Jun 27 11:28:03 2013 +1000 s4-winbindd: Do not terminate a connection that is still pending (bug #9820) Instead, wait until the call attempts to reply, and let it terminate then (often this happens in the attempt to then write to the broken pipe). Andrew Bartlett Pair-Programmed-With: Stefan Metzmacher me...@samba.org Signed-off-by: Andrew Bartlett abart...@samba.org Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit df929d6feb857668ad9da277213e9fae1480ff63 Author: Andrew Bartlett abart...@samba.org Date: Thu Jun 27 11:27:03 2013 +1000 service_stream: Log if the connection termination is deferred or not (bug #9820) Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org --- Summary of changes: source4/rpc_server/dcerpc_server.c | 55 - source4/rpc_server/dcerpc_server.h |8 - source4/smbd/service_stream.c|6 +++- source4/winbind/wb_samba3_protocol.c |5 +++ source4/winbind/wb_server.c | 51 ++- source4/winbind/wb_server.h | 10 +- 6 files changed, 129 insertions(+), 6 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/rpc_server/dcerpc_server.c b/source4/rpc_server/dcerpc_server.c index 389cbe3..10e711b 100644 --- a/source4/rpc_server/dcerpc_server.c +++ b/source4/rpc_server/dcerpc_server.c @@ -386,6 +386,8 @@ _PUBLIC_ NTSTATUS dcesrv_endpoint_connect(struct dcesrv_context *dce_ctx, return NT_STATUS_NO_MEMORY; } + p-prev = NULL; + p-next = NULL; p-dce_ctx = dce_ctx; p-endpoint = ep; p-contexts = NULL; @@ -402,7 +404,7 @@ _PUBLIC_ NTSTATUS dcesrv_endpoint_connect(struct dcesrv_context *dce_ctx, p-event_ctx = event_ctx; p-msg_ctx = msg_ctx; p-server_id = server_id; - p-processing = false; + p-terminate = NULL; p-state_flags = state_flags; ZERO_STRUCT(p-transport); @@ -1143,6 +1145,7 @@ _PUBLIC_ NTSTATUS dcesrv_init_context(TALLOC_CTX *mem_ctx, dce_ctx-lp_ctx = lp_ctx; dce_ctx-assoc_groups_idr = idr_init(dce_ctx); NT_STATUS_HAVE_NO_MEMORY(dce_ctx-assoc_groups_idr); + dce_ctx-broken_connections = NULL; for (i=0;endpoint_servers[i];i++) { const struct dcesrv_endpoint_server *ep_server; @@ -1269,12 +1272,45 @@ const struct dcesrv_critical_sizes *dcerpc_module_version(void) static void dcesrv_terminate_connection(struct dcesrv_connection *dce_conn, const char *reason) { + struct dcesrv_context *dce_ctx = dce_conn-dce_ctx; struct stream_connection *srv_conn; srv_conn = talloc_get_type(dce_conn-transport.private_data, struct stream_connection); - stream_terminate_connection(srv_conn, reason); + if (dce_conn-pending_call_list == NULL) { + char *full_reason = talloc_asprintf(dce_conn, dcesrv: %s, reason); + + DLIST_REMOVE(dce_ctx-broken_connections, dce_conn); + stream_terminate_connection(srv_conn, full_reason ? full_reason : reason); + return; + } + + if (dce_conn-terminate != NULL) { + return; + } + + DEBUG(3,(dcesrv: terminating connection due to '%s' defered due to pending calls\n, +reason)); + dce_conn-terminate = talloc_strdup(dce_conn, reason); + if (dce_conn
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 596b51c s4:server: avoid calling into nss_winbind from within 'samba' from 1573638 Fix typos in man-pages http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 596b51c666e549fb518d92931d8837922154a2fe Author: Stefan Metzmacher me...@samba.org Date: Wed Jul 10 14:48:18 2013 +0200 s4:server: avoid calling into nss_winbind from within 'samba' The most important part is that the 'winbind_server' doesn't recurse into itself. This could happen if the krb5 libraries call getlogin(). As we may run in single process mode, we need to set _NO_WINBINDD=1 everywhere, the only exception is the forked 'smbd'. Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Wed Jul 10 23:18:06 CEST 2013 on sn-devel-104 --- Summary of changes: file_server/file_server.c |9 + source4/smbd/server.c |7 +++ 2 files changed, 16 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/file_server/file_server.c b/file_server/file_server.c index 5d44d5a..aab5f39 100644 --- a/file_server/file_server.c +++ b/file_server/file_server.c @@ -28,6 +28,7 @@ #include source4/smbd/process_model.h #include file_server/file_server.h #include dynconfig.h +#include nsswitch/winbind_client.h /* called if smbd exits @@ -64,6 +65,8 @@ static void s3fs_task_init(struct task_server *task) smbd_path = talloc_asprintf(task, %s/smbd, dyn_SBINDIR); smbd_cmd[0] = smbd_path; + /* the child should be able to call through nss_winbind */ + (void)winbind_on(); /* start it as a child process */ subreq = samba_runcmd_send(task, task-event_ctx, timeval_zero(), 1, 0, smbd_cmd, @@ -72,6 +75,12 @@ static void s3fs_task_init(struct task_server *task) --foreground, debug_get_output_is_stdout()?--log-stdout:NULL, NULL); + /* the parent should not be able to call through nss_winbind */ + if (!winbind_off()) { + DEBUG(0,(Failed to re-disable recursive winbindd calls after forking smbd\n)); + task_server_terminate(task, Failed to re-disable recursive winbindd calls, true); + return; + } if (subreq == NULL) { DEBUG(0, (Failed to start smbd as child daemon\n)); task_server_terminate(task, Failed to startup s3fs smb task, true); diff --git a/source4/smbd/server.c b/source4/smbd/server.c index 0ad3e6b..37aac62 100644 --- a/source4/smbd/server.c +++ b/source4/smbd/server.c @@ -43,6 +43,7 @@ #include cluster/cluster.h #include dynconfig/dynconfig.h #include lib/util/samba_modules.h +#include nsswitch/winbind_client.h /* recursively delete a directory tree @@ -402,6 +403,12 @@ static int binary_smbd_main(const char *binary_name, int argc, const char *argv[ } } + /* make sure we won't go through nss_winbind */ + if (!winbind_off()) { + DEBUG(0,(Failed to disable recusive winbindd calls. Exiting.\n)); + exit(1); + } + gensec_init(); /* FIXME: */ ntptr_init(); /* FIXME: maybe run this in the initialization function -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 2bdaf53 VERSION: change to 4.2.0pre1 via a0130c6 Merge remote-tracking branch 'origin/v4-1-test' into master via e56343f VERSION: Set version to 4.1.0rc1-GITSNAPSHOT. via 0025e97 WHATSNEW: Start release notes for Samba 4.1.0rc1. via d641469 Make the output of the crackname script more readable via 47bd903 s3-winbind: Allow sec_initial_uid() to store creds. via c153e6c selftest: Use higher ip numbers. via bb122b0 selftest: Add a newline to root entries in the nss files. via 6a0cb7d selftest: Fix domain name of plugindc. via 99c800b torture: Don't segfault in smb2.session on error. via 096ff2e torture: Don't segfault in raw.session on error. via 67c8f87 torture: Fix comparsion of uninitalized bytes. via bef3fc8 tsocket: Pass the full port number to getaddrinfo(). from af6d9ce tevent: Fix a typo http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 2bdaf532cde6e5529cf7d0136b149eb82f7ef601 Author: Stefan Metzmacher me...@samba.org Date: Fri Jul 5 12:32:07 2013 +0200 VERSION: change to 4.2.0pre1 Signed-off-by: Stefan Metzmacher me...@samba.org commit a0130c662a40d6951fadae4bd9a6f7c230df05db Merge: af6d9cebaf3bc4b564952e445af035fe8aece662 e56343f1bba603852afcb816f7b5ebdf680c182e Author: Stefan Metzmacher me...@samba.org Date: Fri Jul 5 12:07:53 2013 +0200 Merge remote-tracking branch 'origin/v4-1-test' into master git merge -s ours origin/v4-1-test Signed-off-by: Stefan Metzmacher me...@samba.org --- Summary of changes: VERSION |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/VERSION b/VERSION index 766989c..59990a3 100644 --- a/VERSION +++ b/VERSION @@ -24,7 +24,7 @@ # - 3.0.0 # SAMBA_VERSION_MAJOR=4 -SAMBA_VERSION_MINOR=1 +SAMBA_VERSION_MINOR=2 SAMBA_VERSION_RELEASE=0 -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-1-test updated
The branch, v4-1-test has been updated via fd036b8 WHATSNEW: Start release notes for Samba 4.1.0rc1. via e5465d7 VERSION: Set version to 4.1.0rc1-GITSNAPSHOT. via a0130c6 Merge remote-tracking branch 'origin/v4-1-test' into master via af6d9ce tevent: Fix a typo via a68cea6 docs: Fix typos in use ntdb section. via 2763cad dsdb-ridalloc: Fix RID pools - RID numbers increase too quickly via 2536ee8 Make the output of the crackname script more readable via caf3af3 s3-winbind: Allow sec_initial_uid() to store creds. via a4af4fa selftest: Use higher ip numbers. via d5511b1 selftest: Add a newline to root entries in the nss files. via 7392985 selftest: Fix domain name of plugindc. via bf5bc72 torture: Don't segfault in smb2.session on error. via d295e18 torture: Don't segfault in raw.session on error. via 474eee0 torture: Fix comparsion of uninitalized bytes. via 0b58eed tsocket: Pass the full port number to getaddrinfo(). from e56343f VERSION: Set version to 4.1.0rc1-GITSNAPSHOT. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-1-test - Log - commit fd036b8df5b57fb6da6bc99e383d19070c22889c Author: Karolin Seeger ksee...@samba.org Date: Fri Jul 5 10:04:37 2013 +0200 WHATSNEW: Start release notes for Samba 4.1.0rc1. Signed-off-by: Karolin Seeger ksee...@samba.org (cherry picked from commit 0025e9782d6a2d9df56556871566a3354996a999) commit e5465d78711ea04da8ba801b8313109cfa6465c5 Author: Karolin Seeger ksee...@samba.org Date: Fri Jul 5 10:05:19 2013 +0200 VERSION: Set version to 4.1.0rc1-GITSNAPSHOT. Signed-off-by: Karolin Seeger ksee...@samba.org Autobuild-User(v4-1-test): Karolin Seeger ksee...@samba.org Autobuild-Date(v4-1-test): Fri Jul 5 11:56:40 CEST 2013 on sn-devel-104 (cherry picked from commit e56343f1bba603852afcb816f7b5ebdf680c182e) --- Summary of changes: docs-xml/smbdotconf/tuning/usentdb.xml|4 ++-- lib/tevent/doc/tevent_request.dox |2 +- source4/dsdb/samdb/ldb_modules/ridalloc.c |3 ++- 3 files changed, 5 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/smbdotconf/tuning/usentdb.xml b/docs-xml/smbdotconf/tuning/usentdb.xml index 9a0d2cd..6d5ca48 100644 --- a/docs-xml/smbdotconf/tuning/usentdb.xml +++ b/docs-xml/smbdotconf/tuning/usentdb.xml @@ -6,9 +6,9 @@ paraBeginning in Samba 4.1, a growing number of databases can use the NTDB format rather than TDB. /para -paraIf you enable this option these databases will defaul to a +paraIf you enable this option these databases will default to a filename.ntdb/filename extension rather than -filename.tdb/filename: If the filename.tdb/filename file +filename.tdb/filename. If the filename.tdb/filename file exists, it will automatically be converted to NTDB and renamed to filename.tdb.bak/filename. /para diff --git a/lib/tevent/doc/tevent_request.dox b/lib/tevent/doc/tevent_request.dox index 1461384..3358cfb 100644 --- a/lib/tevent/doc/tevent_request.dox +++ b/lib/tevent/doc/tevent_request.dox @@ -1,6 +1,6 @@ /** @page tevent_request Chapter 4: Tevent request -@section request Tevent requst +@section request Tevent request A specific feature of the library is the tevent request API that provides for asynchronous computation and allows much more interconnected working and diff --git a/source4/dsdb/samdb/ldb_modules/ridalloc.c b/source4/dsdb/samdb/ldb_modules/ridalloc.c index 73ecb03..c0859d3 100644 --- a/source4/dsdb/samdb/ldb_modules/ridalloc.c +++ b/source4/dsdb/samdb/ldb_modules/ridalloc.c @@ -606,7 +606,8 @@ int ridalloc_allocate_rid(struct ldb_module *module, uint32_t *rid, struct ldb_r /* * if we are half-exhausted then try to get a new pool. */ - if (nridset.next_rid (prev_pool_hi + prev_pool_lo)/2) { + if (nridset.next_rid (prev_pool_hi + prev_pool_lo)/2 + nridset.alloc_pool == nridset.prev_pool) { /* * if we are the RID Manager, * we can get a new pool localy. -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 2763cad dsdb-ridalloc: Fix RID pools - RID numbers increase too quickly from 2536ee8 Make the output of the crackname script more readable http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 2763cad409430c183f7f1f6f57bc6b38ae616ed9 Author: Andrew Bartlett abart...@samba.org Date: Sat Jun 22 19:30:50 2013 +1000 dsdb-ridalloc: Fix RID pools - RID numbers increase too quickly A patch by Cove Schneider cov...@yahoo.com who reports: I noticed that the RID numbers seem to increase incrementally, then will suddenly jump by 124501. Unless I'm misunderstanding, shouldn't RID pool allocations just be 500 at a time? e.g. Adding accounts one after another on a single test instance here's how they're incrementing (from 4.0.6): 1596 1597 1598 1599 126100 126101 126102 ... 126599 251100 ... 251599 376100 ... The problem is that this complicates using sssd's AD integration, as that it doesn't expect the RIDs to increase in a single domain so quickly. Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Thu Jul 4 20:13:05 CEST 2013 on sn-devel-104 --- Summary of changes: source4/dsdb/samdb/ldb_modules/ridalloc.c |3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/dsdb/samdb/ldb_modules/ridalloc.c b/source4/dsdb/samdb/ldb_modules/ridalloc.c index 73ecb03..c0859d3 100644 --- a/source4/dsdb/samdb/ldb_modules/ridalloc.c +++ b/source4/dsdb/samdb/ldb_modules/ridalloc.c @@ -606,7 +606,8 @@ int ridalloc_allocate_rid(struct ldb_module *module, uint32_t *rid, struct ldb_r /* * if we are half-exhausted then try to get a new pool. */ - if (nridset.next_rid (prev_pool_hi + prev_pool_lo)/2) { + if (nridset.next_rid (prev_pool_hi + prev_pool_lo)/2 + nridset.alloc_pool == nridset.prev_pool) { /* * if we are the RID Manager, * we can get a new pool localy. -- Samba Shared Repository
[SCM] Samba Shared Repository - annotated tag ldb-1.1.16 created
The annotated tag, ldb-1.1.16 has been created at f65b680fb3eac352a3e40b321c51af6d7561b217 (tag) tagging 4ca963926938917bf32af4eead61ded2a8275139 (commit) replaces tdb-1.2.12 tagged by Stefan Metzmacher on Tue Jun 25 00:04:29 2013 +0200 - Log - ldb: tag release ldb-1.1.16 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQEcBAABAgAGBQJRyMJtAAoJEEeTkWETCEAl3a8IALW0VMaCfICo6ahU+fHpY30P 4Hxvw6u0imspX1B8coeG/MSvQU2iROI5k5+05gEoyrTmXOgA9akCioapl7VM19KB qWVoprIPsy9q+R1lchGkZ7t+e9aOoGAiwYiP44SxNLeQ8SCpZaOubhz9UAzn5DUX 7scZ1I594xd1xcDFlKPFqYRylLD85gTD9RTwd2/6fmWe/Ie4N3xjxWesD7TMobk4 A1fxH6BE4w/W1tbXf2aMLmsqoG+5D6C0zikIri+RXo82YXi1fGYy5dbfFrpItIks d/FpICwkAx2/aK9j5YUU6fSrMGpWbtdrh7TZpsbbXbyejTjrYrwSwv9Fq+Ay09Q= =v1DI -END PGP SIGNATURE- Andreas Schneider (3): krb5wrap: Move mask to the right position. s3-libads: Print the debug string of a failed call with LDAP_OTHER. tevent: Link the tutorial on the mainpage. Andrew Bartlett (17): .gitignore: Tidy up after removal of the autoconf build Revert s4-dsdb: Remove strcasecmp() fallback in replmd_ldb_message_element_attid_sort auth: Remove password level docs: Do not encourage unix passwords, and remove reference to password level Remove remaining references to password level in the tree python samba-tool drs: Correctly print KCC references to deleted servers dsdb: Allow dsdb_find_dn_by_guid to show deleted DNs dsdb: Fix behaviour for when to update the USN when there is no change dsdb-tests ldap.py: Fix quoting of print statements dsdb-tests ldap.py: Add test for usn behaviour on certain changes dsdb repl_meta_data: Use dsdb_request_add_controls() build: Build with system md5.h on OpenIndiana s4-winbind: Add special case for BUILTIN domain ldb: Ensure not to segfault on a filter such as (mail=) build: Remove the struct MD5Context conf file check. ldb: Cope with substring match with no chunks in ldb_filter_from_tree ldb: bump version to allow a depencency on the substring crash fix Björn Baumbach (1): s4-dfs_server: check for netbios aliases in ad_get_referrals Christian Ambach (15): s3:utils/net_lookup fix a format-error s3:passdb/samba_dsdb fix a compiler warning s3:passdb/samba_dsdb fix some compiler warnings s3:passdb add idmap control functions s3:passdb add pdb_*_is_responsible_for* functions s3:lib/util_sid_passdb make use of pdb_is_responsible_for_* functions s3:passdb/pdb_samba_dsdb make the module handle well-known s3:passdb make pdb_sid_to_id honor backend responsibilities s3:passdb/pdb_ldap make the module handle well-known s3:passdb/pdb_ldap remove an unnecessary check s3:passdb/pdb_tdb add parameter to control handling of BUILTIN s3:passdb expose pdb_create_builtin function s3:utils/net_sam make use of pdb_create_builtin helper function s3:passdb add a gid argument to pdb_create_builtin_alias s3:passdb/pdb_util make pdb_create_builtin consider whether backend deals with BUILTIN Christof Schmitt (3): smbd: Change logging when SET_OFFLINE is not supported Initialize the file descriptor in the files_struct before trying to close it. Otherwise, if one of the SETXATTR calls had failed, the close() call will return EBADF. vfs_streams_xattr: Do not attempt to write empty attribute twice David Disseldorp (5): libsmb: add ABI/smbclient-0.2.1.sigs vfs_catia: use translate direction enum instead of int docs/vfs_catia: remove space-char mapping recommendation docs/vfs_catia: rework man page s3/smbclient: fix incorrect command tab completions David Koňař (1): tevent: Add tevent tutorial files. Jeremy Allison (14): Check for fstatat. Optimization on POSIX platforms that have fstatat. Add the ability to parse out the port to SMBC_parse_path(). Add port argument to SMBC_attr_server(). Does nothing as yet. Add the port argument to SMBC_server(). Plumb the 'port' parameter into the connect code. Add smbc_getPort(), smbc_setPort(). Bump the .so minor number. Fix xx_path() - return check from mkdir() is incorrect. Re-add umask(0) code removed by commit 3a7c2777ee0de37d758fe81d67d6836a8354825e Fix bug #9166 - Starting smbd or nmbd with stdin from /dev/null results in EOF on stdin Fix glusterfs backend crash found at the Microsoft interop event. Use existing acl map full control parameter to control the adding of the DELETE_CHILD parameter on NFSv4/ZFS/GPFS file ACE's. Add missing documentation for vfs_zfsacl. Note how vfs_gpfs uses the acl map full control parameter. Matthias Dieter Wallnöfer (4): s4:samldb LDB module - userAccountControl = 0 means UF_NORMAL_ACCOUNT on add s4:samldb
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 9f25ad4 librpc: Shorten dcerpc_binding_handle_call a bit via 7982d2a librpc: Use tevent_req_poll_ntstatus via 20bede7 libsmbclient: Fix typos via fffb701 tsocket: Add some const via cf86f3e gencache: Simplify gencache_init a bit from c71d6ec genrand: Slightly simplify do_reseed http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 9f25ad44a93da09b3a7c14a4a1a0e78c5a1b529c Author: Volker Lendecke v...@samba.org Date: Thu Jun 6 11:37:59 2013 +0200 librpc: Shorten dcerpc_binding_handle_call a bit ... saves 200 bytes on 64 bit Linux with -O3 Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Fri Jun 14 22:27:43 CEST 2013 on sn-devel-104 commit 7982d2aff89c7ff8a2371163bad5f9f88be6af46 Author: Volker Lendecke v...@samba.org Date: Thu Jun 6 11:31:37 2013 +0200 librpc: Use tevent_req_poll_ntstatus Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 20bede7baa3576aa0f97ceb2533db6e33d587b69 Author: Volker Lendecke v...@samba.org Date: Thu May 16 10:26:09 2013 +0200 libsmbclient: Fix typos Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit fffb70168d8031dc1999fab963263ac7d3a2442a Author: Volker Lendecke v...@samba.org Date: Tue Jun 11 19:36:09 2013 +0200 tsocket: Add some const Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit cf86f3e81b4e228d5f85cac283c51ca7d5e0cd16 Author: Volker Lendecke v...@samba.org Date: Tue Jun 11 21:03:22 2013 +0200 gencache: Simplify gencache_init a bit Use the implicit cleanup facility CLEAR_IF_FIRST provides Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org --- Summary of changes: lib/tsocket/tsocket.h |4 ++-- lib/tsocket/tsocket_bsd.c |2 +- librpc/rpc/binding_handle.c| 22 +++--- source3/include/libsmbclient.h |8 source3/lib/gencache.c | 29 - 5 files changed, 30 insertions(+), 35 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/tsocket/tsocket.h b/lib/tsocket/tsocket.h index 98f864e..6b0eef6 100644 --- a/lib/tsocket/tsocket.h +++ b/lib/tsocket/tsocket.h @@ -897,12 +897,12 @@ struct sockaddr; * @return 0 on success, -1 on error with errno set. */ int tsocket_address_bsd_from_sockaddr(TALLOC_CTX *mem_ctx, - struct sockaddr *sa, + const struct sockaddr *sa, size_t sa_socklen, struct tsocket_address **addr); #else int _tsocket_address_bsd_from_sockaddr(TALLOC_CTX *mem_ctx, - struct sockaddr *sa, + const struct sockaddr *sa, size_t sa_socklen, struct tsocket_address **_addr, const char *location); diff --git a/lib/tsocket/tsocket_bsd.c b/lib/tsocket/tsocket_bsd.c index 89e5f4c..4417f8e 100644 --- a/lib/tsocket/tsocket_bsd.c +++ b/lib/tsocket/tsocket_bsd.c @@ -209,7 +209,7 @@ struct tsocket_address_bsd { }; int _tsocket_address_bsd_from_sockaddr(TALLOC_CTX *mem_ctx, - struct sockaddr *sa, + const struct sockaddr *sa, size_t sa_socklen, struct tsocket_address **_addr, const char *location) diff --git a/librpc/rpc/binding_handle.c b/librpc/rpc/binding_handle.c index 89ada1d..9354bbd 100644 --- a/librpc/rpc/binding_handle.c +++ b/librpc/rpc/binding_handle.c @@ -515,7 +515,7 @@ NTSTATUS dcerpc_binding_handle_call(struct dcerpc_binding_handle *h, TALLOC_CTX *frame = talloc_stackframe(); struct tevent_context *ev; struct tevent_req *subreq; - NTSTATUS status; + NTSTATUS status = NT_STATUS_NO_MEMORY; /* * TODO: allow only one sync call @@ -527,30 +527,22 @@ NTSTATUS dcerpc_binding_handle_call(struct dcerpc_binding_handle *h, ev = samba_tevent_context_init(frame); } if (ev == NULL) { - talloc_free(frame); - return NT_STATUS_NO_MEMORY; + goto fail; } subreq = dcerpc_binding_handle_call_send(frame, ev
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 6c8 dsdb repl_meta_data: Use dsdb_request_add_controls() from 5c488cf Initialize the file descriptor in the files_struct before trying to close it. Otherwise, if one of the SETXATTR calls had failed, the close() call will return EBADF. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 6c81fbf4966f707286343b19e79513915c01 Author: Andrew Bartlett abart...@samba.org Date: Fri May 31 15:36:34 2013 +1000 dsdb repl_meta_data: Use dsdb_request_add_controls() This makes the code easier to read. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Thu Jun 13 11:15:01 CEST 2013 on sn-devel-104 --- Summary of changes: source4/dsdb/samdb/ldb_modules/repl_meta_data.c | 19 +-- 1 files changed, 1 insertions(+), 18 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c index 0f2aa58..b6ff7ff 100644 --- a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c +++ b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c @@ -4462,7 +4462,6 @@ static int replmd_replicated_apply_next(struct replmd_replicated_request *ar) char *tmp_str; char *filter; struct ldb_request *search_req; - struct ldb_search_options_control *options; if (ar-index_current = ar-objs-num_objects) { /* done with it, go to next stage */ @@ -4492,24 +4491,8 @@ static int replmd_replicated_apply_next(struct replmd_replicated_request *ar) ar-req); LDB_REQ_SET_LOCATION(search_req); - ret = ldb_request_add_control(search_req, LDB_CONTROL_SHOW_RECYCLED_OID, - true, NULL); - if (ret != LDB_SUCCESS) { - return ret; - } - - /* we need to cope with cross-partition links, so search for - the GUID over all partitions */ - options = talloc(search_req, struct ldb_search_options_control); - if (options == NULL) { - DEBUG(0, (__location__ : out of memory\n)); - return LDB_ERR_OPERATIONS_ERROR; - } - options-search_options = LDB_SEARCH_OPTION_PHANTOM_ROOT; + ret = dsdb_request_add_controls(search_req, DSDB_SEARCH_SEARCH_ALL_PARTITIONS|DSDB_SEARCH_SHOW_RECYCLED); - ret = ldb_request_add_control(search_req, - LDB_CONTROL_SEARCH_OPTIONS_OID, - true, options); if (ret != LDB_SUCCESS) { return ret; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via f1781ad dsdb: remove a wrong comment in dsdb_check_access_on_dn_internal() via 122214b dsdb: don't allow a missing nTSecurityDescriptor in dsdb_get_sd_from_ldb_message() via 5959aff dsdb: use AS_SYSTEM | SHOW_RECYCLED for access check searches via afb2bcc s4:smb_server: call irpc_add_name() at startup (bug #9905) via 12d9728 s4:rpc_server: call irpc_add_name() at startup (bug #9905) via a1a s4:ldap_server: call irpc_add_name() at startup (bug #9905) from 6c8 dsdb repl_meta_data: Use dsdb_request_add_controls() http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit f1781adb051bb5a166d619ed9db6bdb252b1acb5 Author: Stefan Metzmacher me...@samba.org Date: Thu Jun 13 14:16:43 2013 +0200 dsdb: remove a wrong comment in dsdb_check_access_on_dn_internal() Signed-off-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Thu Jun 13 18:19:24 CEST 2013 on sn-devel-104 commit 122214b16bb2d247c8040728a6b0964531596ea9 Author: Stefan Metzmacher me...@samba.org Date: Thu Jun 13 14:13:26 2013 +0200 dsdb: don't allow a missing nTSecurityDescriptor in dsdb_get_sd_from_ldb_message() Every object has a nTSecurityDescriptor attribute. This also avoids potential segfaults in the callers. Signed-off-by: Stefan Metzmacher me...@samba.org commit 5959affa031843d741513000fb382efe54ff147b Author: Stefan Metzmacher me...@samba.org Date: Mon Jun 10 13:31:59 2013 +0200 dsdb: use AS_SYSTEM | SHOW_RECYCLED for access check searches We need AS_SYSTEM in order to get the nTSecurityDescriptor attribute. Also the result of this search not controlled by the client nor is the result exposed to the client. Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org commit afb2bcc08489dbece732fc8f842cbd83862320be Author: Stefan Metzmacher me...@samba.org Date: Mon May 27 12:10:57 2013 +0200 s4:smb_server: call irpc_add_name() at startup (bug #9905) We should call irpc_add_name() when we start the smb_server task. Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org commit 12d9728131afab7fa093a9cd7ccaff076a74f271 Author: Stefan Metzmacher me...@samba.org Date: Mon May 27 12:10:57 2013 +0200 s4:rpc_server: call irpc_add_name() at startup (bug #9905) We should call irpc_add_name() when we start the rpc_server task. Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org commit a1a4302a4eaf7e210e8084416cd2a0d14384 Author: Stefan Metzmacher me...@samba.org Date: Mon May 27 12:10:57 2013 +0200 s4:ldap_server: call irpc_add_name() at startup (bug #9905) We should call irpc_add_name() when we start the ldap_server task. Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org --- Summary of changes: source4/dsdb/common/dsdb_access.c | 19 +++ source4/ldap_server/ldap_server.c |3 +++ source4/rpc_server/service_rpc.c |1 + source4/smb_server/service_smb.c |1 + 4 files changed, 16 insertions(+), 8 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/dsdb/common/dsdb_access.c b/source4/dsdb/common/dsdb_access.c index 6af5c3a..5c02daa 100644 --- a/source4/dsdb/common/dsdb_access.c +++ b/source4/dsdb/common/dsdb_access.c @@ -64,9 +64,9 @@ int dsdb_get_sd_from_ldb_message(struct ldb_context *ldb, enum ndr_err_code ndr_err; sd_element = ldb_msg_find_element(acl_res, nTSecurityDescriptor); - if (!sd_element) { - *sd = NULL; - return LDB_SUCCESS; + if (sd_element == NULL) { + return ldb_error(ldb, LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS, +nTSecurityDescriptor is missing); } *sd = talloc(mem_ctx, struct security_descriptor); if(!*sd) { @@ -101,10 +101,7 @@ int dsdb_check_access_on_dn_internal(struct ldb_context *ldb, if (ret != LDB_SUCCESS) { return ldb_operr(ldb); } - /* Theoretically we pass the check if the object has no sd */ - if (!sd) { - return LDB_SUCCESS; - } + sid = samdb_result_dom_sid(mem_ctx, acl_res-msgs[0], objectSid); if (guid) { if (!insert_in_object_tree(mem_ctx, guid, access_mask, NULL, @@ -159,7 +156,13 @@ int dsdb_check_access_on_dn(struct ldb_context *ldb, } } - ret = dsdb_search_dn(ldb, mem_ctx, acl_res, dn, acl_attrs, DSDB_SEARCH_SHOW_DELETED); + /* +* We
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 68f8f4e dsdb-tests ldap.py: Add test for usn behaviour on certain changes via 51298d3 dsdb-tests ldap.py: Fix quoting of print statements via 96980f7 dsdb: Fix behaviour for when to update the USN when there is no change via e461ff5 dsdb: Allow dsdb_find_dn_by_guid to show deleted DNs via eec29db python samba-tool drs: Correctly print KCC references to deleted servers from 3e66cb7 Fix bug #9932 - Currently the maximum number of aces in an SD is limited to 1000, but Microsoft supports around 1800. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 68f8f4ec4dbbdb20c4c51a6059535b5ef669373f Author: Andrew Bartlett abart...@samba.org Date: Fri May 31 14:14:54 2013 +1000 dsdb-tests ldap.py: Add test for usn behaviour on certain changes This probes when the usn is updated, and when it is not. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Wed Jun 12 11:54:01 CEST 2013 on sn-devel-104 commit 51298d33dd28e034967db38312e0129935a27a66 Author: Andrew Bartlett abart...@samba.org Date: Fri May 31 11:15:51 2013 +1000 dsdb-tests ldap.py: Fix quoting of print statements While python didn't mind (oddly) it really confused my editor. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org commit 96980f7c04cc4226ed109654025b8254921f8d58 Author: Andrew Bartlett abart...@samba.org Date: Fri May 31 14:16:02 2013 +1000 dsdb: Fix behaviour for when to update the USN when there is no change This handles deletions and replacements with no value, or with an exactly specified value, as well as modifies. Pair-Programmed-With: Stefan Metzmacher me...@samba.org Andrew Bartlett Signed-off-by: Stefan Metzmacher me...@samba.org commit e461ff530046199b7e647b81d6dfb2746f68b0d7 Author: Andrew Bartlett abart...@samba.org Date: Mon Jun 10 12:22:40 2013 +1000 dsdb: Allow dsdb_find_dn_by_guid to show deleted DNs This helps us in the KCC as we need to return the deleted DN for the GUID in DsReplicaGetInfo calls (tested for deleted servers against Windows 2008R2). Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org commit eec29db7c237c70732f94e33147c960fa8df39fb Author: Andrew Bartlett abart...@samba.org Date: Mon Jun 10 11:43:18 2013 +1000 python samba-tool drs: Correctly print KCC references to deleted servers Tested against Windows 2008R2, presumably before the KCC ran. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org --- Summary of changes: python/samba/netcmd/drs.py | 15 ++- source4/dsdb/common/util.c |6 +- source4/dsdb/kcc/kcc_connection.c |4 +- source4/dsdb/kcc/kcc_drs_replica_info.c | 10 +- source4/dsdb/repl/drepl_partitions.c|2 +- source4/dsdb/samdb/ldb_modules/repl_meta_data.c | 34 +++- source4/dsdb/tests/python/ldap.py | 229 --- source4/rpc_server/drsuapi/getncchanges.c |4 +- 8 files changed, 222 insertions(+), 82 deletions(-) Changeset truncated at 500 lines: diff --git a/python/samba/netcmd/drs.py b/python/samba/netcmd/drs.py index ff8d830..de78ac7 100644 --- a/python/samba/netcmd/drs.py +++ b/python/samba/netcmd/drs.py @@ -170,10 +170,19 @@ class cmd_drs_showrepl(Command): self.message( KCC CONNECTION OBJECTS \n) for c in conn: -c_rdn, sep, c_server_dn = c['fromServer'][0].partition(',') -c_server_res = self.samdb.search(base=c_server_dn, scope=ldb.SCOPE_BASE, attrs=[dnsHostName]) -c_server_dns = c_server_res[0][dnsHostName][0] self.message(Connection --) + +c_rdn, sep, c_server_dn = c['fromServer'][0].partition(',') +try: +c_server_res = self.samdb.search(base=c_server_dn, scope=ldb.SCOPE_BASE, attrs=[dnsHostName]) +c_server_dns = c_server_res[0][dnsHostName][0] +except ldb.LdbError, (errno, _): +if errno == ldb.ERR_NO_SUCH_OBJECT: +self.message(\tWARNING: Connection to DELETED server!) +c_server_dns = +except KeyError: +c_server_dns = + self.message(\tConnection name: %s % c['name'][0]) self.message(\tEnabled: %s % attr_default(c, 'enabledConnection', 'TRUE')) self.message(\tServer DNS name : %s % c_server_dns) diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c index 8e40776..7a243c3 100644 --- a/source4/dsdb/common/util.c
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 3fba9ba dsdb: reset schema-{classes,attributes}_to_remove_size to 0 via d2f8471 dsdb: use the correct talloc parent in dsdb_repl_merge_working_schema() via 5263f0a Revert s4-dsdb: Remove strcasecmp() fallback in replmd_ldb_message_element_attid_sort from 424a990 s4-dfs_server: check for netbios aliases in ad_get_referrals http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 3fba9ba7ea85e33faac2718d2463c5d0cd2d85f4 Author: Stefan Metzmacher me...@samba.org Date: Mon Jun 10 10:46:41 2013 +0200 dsdb: reset schema-{classes,attributes}_to_remove_size to 0 Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Tue Jun 11 11:40:39 CEST 2013 on sn-devel-104 commit d2f847149d3d1310c829169564704b45ac43e978 Author: Stefan Metzmacher me...@samba.org Date: Mon Jun 10 10:45:25 2013 +0200 dsdb: use the correct talloc parent in dsdb_repl_merge_working_schema() schema-{classes,attributes} are the DLIST pointer not an array. Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org commit 5263f0a626dac3ac1fc48ece2324438279f187f0 Author: Andrew Bartlett abart...@samba.org Date: Wed Jun 5 20:44:17 2013 +1000 Revert s4-dsdb: Remove strcasecmp() fallback in replmd_ldb_message_element_attid_sort This reverts commit d799b25dd3ed0f72ee03949225ba241c5538d7d6. Sometimes the schema just isn't right. A segfault is not the correct answer in those cases. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org --- Summary of changes: source4/dsdb/repl/replicated_objects.c |4 ++-- source4/dsdb/samdb/ldb_modules/repl_meta_data.c |7 +++ source4/dsdb/schema/schema_set.c|4 +++- 3 files changed, 12 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/dsdb/repl/replicated_objects.c b/source4/dsdb/repl/replicated_objects.c index b0abc1a..e018aa4 100644 --- a/source4/dsdb/repl/replicated_objects.c +++ b/source4/dsdb/repl/replicated_objects.c @@ -58,7 +58,7 @@ static WERROR dsdb_repl_merge_working_schema(struct ldb_context *ldb, * as the rest won't be modified and this is for * a short lived object. */ - tmp2 = talloc(dest_schema-classes, struct dsdb_class); + tmp2 = talloc(dest_schema, struct dsdb_class); if (tmp2 == NULL) { return WERR_NOMEM; } @@ -85,7 +85,7 @@ static WERROR dsdb_repl_merge_working_schema(struct ldb_context *ldb, * as the rest won't be modified and this is for * a short lived object. */ - tmp2 = talloc(dest_schema-attributes, struct dsdb_attribute); + tmp2 = talloc(dest_schema, struct dsdb_attribute); if (tmp2 == NULL) { return WERR_NOMEM; } diff --git a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c index 98e60d7..24dcc6f 100644 --- a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c +++ b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c @@ -663,6 +663,13 @@ static int replmd_ldb_message_element_attid_sort(const struct ldb_message_elemen a1 = dsdb_attribute_by_lDAPDisplayName(schema, e1-name); a2 = dsdb_attribute_by_lDAPDisplayName(schema, e2-name); + /* +* TODO: remove this check, we should rely on e1 and e2 having valid attribute names +* in the schema +*/ + if (!a1 || !a2) { + return strcasecmp(e1-name, e2-name); + } if (a1-attributeID_id == a2-attributeID_id) { return 0; } diff --git a/source4/dsdb/schema/schema_set.c b/source4/dsdb/schema/schema_set.c index 73264f9..ce8facb 100644 --- a/source4/dsdb/schema/schema_set.c +++ b/source4/dsdb/schema/schema_set.c @@ -338,8 +338,10 @@ int dsdb_setup_sorted_accessors(struct ldb_context *ldb, TALLOC_FREE(schema-attributes_to_remove[i]); } - TALLOC_FREE(schema-attributes_to_remove); TALLOC_FREE(schema-classes_to_remove); + schema-classes_to_remove_size = 0; + TALLOC_FREE(schema-attributes_to_remove); + schema-attributes_to_remove_size = 0; /* free all caches */ dsdb_sorted_accessors_free(schema); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via d1feccb tdb: change version to tdb-1.2.12 from 55add52 smbcquotas.c: fix a bug of -t http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit d1feccb35e987545f4ae8e3f4eb0b4fc741e7e7e Author: Stefan Metzmacher me...@samba.org Date: Tue Jun 4 10:48:20 2013 +0200 tdb: change version to tdb-1.2.12 * internal code cleanups * crash fix for pytdb * fix for 4GB overflow detection See http://permalink.gmane.org/gmane.network.samba.internals/42906 for an example of what happens. Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andreas Schneider a...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Tue Jun 4 16:07:55 CEST 2013 on sn-devel-104 --- Summary of changes: lib/tdb/ABI/{tdb-1.2.11.sigs = tdb-1.2.12.sigs} |0 lib/tdb/wscript |2 +- 2 files changed, 1 insertions(+), 1 deletions(-) copy lib/tdb/ABI/{tdb-1.2.11.sigs = tdb-1.2.12.sigs} (100%) Changeset truncated at 500 lines: diff --git a/lib/tdb/ABI/tdb-1.2.11.sigs b/lib/tdb/ABI/tdb-1.2.12.sigs similarity index 100% copy from lib/tdb/ABI/tdb-1.2.11.sigs copy to lib/tdb/ABI/tdb-1.2.12.sigs diff --git a/lib/tdb/wscript b/lib/tdb/wscript index 7a3d0fa..00a1c34 100644 --- a/lib/tdb/wscript +++ b/lib/tdb/wscript @@ -1,7 +1,7 @@ #!/usr/bin/env python APPNAME = 'tdb' -VERSION = '1.2.11' +VERSION = '1.2.12' blddir = 'bin' -- Samba Shared Repository
[SCM] Samba Shared Repository - annotated tag tdb-1.2.12 created
The annotated tag, tdb-1.2.12 has been created at e88be38520d8ec2c0af18897082bd881f0a3ee24 (tag) tagging d1feccb35e987545f4ae8e3f4eb0b4fc741e7e7e (commit) replaces tevent-0.9.18 tagged by Stefan Metzmacher on Tue Jun 4 16:28:29 2013 +0200 - Log - tdb: tag release tdb-1.2.12 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQEcBAABAgAGBQJRrfmNAAoJEEeTkWETCEAlCS0IAMcsCJRSu5+Gtew7Kv39Ewp8 2un+vZZid1OakiBJnakl7U2qoF65e2Rup9vwj4b2vAWqCNFXlJ+xzERjWpBj5UhG HQUcJGYinqSGJo7k3bUy2QNQu0duHJj/bvf1tBjcYX14OLH0qWKIxYujZ2VSR/sB tiA20e0O8GyauZBasibmHpJMJTCHuCBC51Tzzl5Wj6hSrvEZcrY8LYYhULttmiXN oUF4sVqg6meMalduwhzb8YZLnO3kmDcNo5UiD41y02ObbgCmvb63qrqm6SBmBo5U dtukFdvcJBVqBvRrIByp4x1v/d0DzWR5YVrEry5qBD22av0iprpjoHc9i1hmZ7g= =wQpl -END PGP SIGNATURE- Abhidnya Joshi (2): s3:winbindd/autorid multiple range support docs-xml: manpage update for autorid multirange support Alexander Bokovoy (4): wafsamba: fix samba_abi for default catch-all case s3-waf: filter out ldapsam internal init functions PASSDB: add support to set and enumerate UPN suffixes associated with our forest s3-netlogon: enumerate UPN suffixes from PASSDB when available Alexander Werth (13): vfs: Fix compile of vfs_gpfs.c. vfs: Add inheritance emulation to vfs_nfs4acl_xattr. s4-smbtorture: Set result message when failing the inheritance test. s3: Move up declaration of params struct and related function. s3: Change smbacl4_get_vfs_params to use connection_struct instead of fsp. s3: Add params parameter to smbacl4_nfs42win function. s3: Mapping of special entries to creator owner in mode simple. s3: Mapping of cifs creator owner to nfs owner@ ace. s3: Add changes that keep nfs4:mode special behavior. s3: Use mode bits in some cases in mode simple. s3: Update README.nfs4acls.txt s3: Update vfs_gpfs man page with new nfs4:mode help text. s4-smbtorture: Run tests for nfs4:modes simple and special. Amitay Isaacs (8): samba-tool/dns: Fix a typo in ttl variable name s4-dns: Print/Set minimumTTL value in SOA record s4-rpc: dnsserver: Fix removal of trailing '.' in soa mname s4-rpc: dnsserver: dns_name_equal() returns boolean s4-rpc: dnsserver: When updating SOA record, use the specified serial s4-dns: Support update of SOA records samba-tool/dns: Pass on additional flags when creating zones samba-tool/dns: Set secure zone update flag after creating new zone Anand Avati (3): check_parent_exists() can change errno. Ensure we preserve it across calls. building RPMs on RHEL fail because of a typo. vfs_glusterfs: Samba VFS module for glusterfs Andreas Schneider (35): winbind: Use talloc for allocating domain, dns, forest and dc name. winbind: Correctly use names in the domain struct. winbind: Fix samba3.winbind.struct test. waf: Correctly check for prctl in just one place. lib: Add prctl_set_comment to utils. s3-daemons: Set the comment field of the daemons. krb5_wrap: Make sure we don't dereference a NULL pointer. winbind: Fix no memory check in _wbint_PingDc(). s4-client: Make sure entry is a valid string. s4-libregistry: Make sure we don't dereference a NULL pointer. s4-libregistry: Fix path check and improve while loops. gensec: recv_handler can't be NULL at that point. dsdb: Check for pointers before we deference them. s4-libregistry: Improve NULL handling of name. Make sure to set umask() before calling mkstemp(). pidl: Add skip option to elements. ndr: Add ndr_ntprinting_string_flags() function. idl: Add flags for strings in ntprinting idl. ndr: Pass down string_flags in ndr_pull_ntprinting_printer(). s3-net: Add encoding=CP to 'net printing migrate'. s3-net: Add encoding=CP to 'net printing dump'. torture: Add ntprinting latin1 test. torture: Update ndr README. BUG 9735: Fix winbind seperator in upn to username conversion. epm: Increase debug level for already registered endpoints. BUG 9758: Don't leak the epm_Map policy handle. BUG 9699: Fix adding case sensitive spn. BUG 9139: Fix the username map optimization. BUG 9766: Cache name_to_sid/sid_to_name correctly. BUG 9817: Fix 'map untrusted to domain' with NTLMv2. waf: Create a better wscript for finding ncurses. regedit: Don't panic if we can't open the file. regedit: Remove talloc leak report. regedit: Improve the while loop. regedit: Use color only when available. Andrew Bartlett (144): build: Rename samba_python waf node to avoid duplicate name build: Change bin/default/python - bin/python symlink to bin/default/python_modules samba-tool dbcheck: fix comment on err_wrong_sd samba-tool
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 277831e dsdb-repl_meta_data: Move TODO comment about conflicts and missing parents via 2d38009 torture: Add tests of rename behaviour to replica_sync.py via 6960f8e dsdb-repl_meta_data: Handle renames better, considering only the RDN as given, and then the parent as given via 54e092b dsdb-linked_attributes: Do not crash if the target GUID can not be found from 3bd686c tdb: fix logging of offets and lengths. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 277831eaf140c06bb25a3549434bc4acd4f533ec Author: Andrew Bartlett abart...@samba.org Date: Thu May 16 17:51:56 2013 +1000 dsdb-repl_meta_data: Move TODO comment about conflicts and missing parents Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Tue May 28 18:11:00 CEST 2013 on sn-devel-104 commit 2d38009852487ab3572b66817ed0492333b5ec7d Author: Andrew Bartlett abart...@samba.org Date: Thu May 16 15:24:25 2013 +1000 torture: Add tests of rename behaviour to replica_sync.py Reviewed-by: Stefan Metzmacher me...@samba.org commit 6960f8e4c3d683103580aa91605f951bc227dbed Author: Andrew Bartlett abart...@samba.org Date: Thu May 16 15:19:20 2013 +1000 dsdb-repl_meta_data: Handle renames better, considering only the RDN as given, and then the parent as given This ignores the full DN as given, because the parent compents might be out of date. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org commit 54e092bb31001879f4d7a49e36a226c27b4d9843 Author: Andrew Bartlett abart...@samba.org Date: Thu May 16 13:52:51 2013 +1000 dsdb-linked_attributes: Do not crash if the target GUID can not be found Note that we must not give an error when we cannot find the object that should hold the backlink, there really isn't anything we can do in this case. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org --- Summary of changes: source4/dsdb/samdb/ldb_modules/linked_attributes.c | 15 ++ source4/dsdb/samdb/ldb_modules/repl_meta_data.c| 230 --- source4/torture/drs/python/replica_sync.py | 104 + 3 files changed, 264 insertions(+), 85 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/dsdb/samdb/ldb_modules/linked_attributes.c b/source4/dsdb/samdb/ldb_modules/linked_attributes.c index a55ec87..eb57f91 100644 --- a/source4/dsdb/samdb/ldb_modules/linked_attributes.c +++ b/source4/dsdb/samdb/ldb_modules/linked_attributes.c @@ -4,6 +4,7 @@ Copyright (C) Andrew Bartlett abart...@samba.org 2007 Copyright (C) Simo Sorce i...@samba.org 2008 Copyright (C) Matthieu Patou m...@matws.net 2011 + Copyright (C) Andrew Tridgell 2009 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -729,6 +730,20 @@ static int linked_attributes_fix_links(struct ldb_module *module, talloc_free(tmp_ctx); return ret; } + if (res-count == 0) { + /* Forward link without backlink object remaining - nothing to do here */ + continue; + } + if (res-count != 1) { + ldb_asprintf_errstring(ldb, Linked attribute %s-%s between %s and %s - target GUID %s found more than once!, + el-name, target-lDAPDisplayName, + ldb_dn_get_linearized(old_dn), + ldb_dn_get_linearized(dsdb_dn-dn), + GUID_string(tmp_ctx, link_guid)); + talloc_free(tmp_ctx); + return LDB_ERR_OPERATIONS_ERROR; + } + msg = res-msgs[0]; if (msg-num_elements == 0) { diff --git a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c index 651cdf1..98e60d7 100644 --- a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c +++ b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c @@ -94,6 +94,8 @@ struct replmd_replicated_request { bool is_urgent; }; +static int replmd_replicated_apply_merge(struct replmd_replicated_request *ar); + enum urgent_situation { REPL_URGENT_ON_CREATE = 1, REPL_URGENT_ON_UPDATE = 2, @@ -3656,15 +3658,6 @@ static int replmd_replicated_apply_add(struct replmd_replicated_request *ar) int ret; bool remote_isDeleted = false; - /* -* TODO: check if the parent object exist
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 2ed6b08 auth: Ensure auth_sam is not used on the AD DC via 9b24f65 dsdb: Expand on what the error finding the ntSecurityDescriptor was in acl_read via 60d1c2d autobuild.py add ntdb to the samba-libs task, to ensure it works as an external library via 73628e9 rpc_server-drsuapi: Include the failing DN when unable to convert DB objects to DRS via 11e716a dsdb-schema: Print clear debug message when we find a OID in our local DB we cannot convert via 25402e0 dsdb-repl: Allow the name attribute (and name-based schema lookups) to be skipped in dsdb_repl_make_working_schema() via 3482060 python-samba-tool domain classicupgrade: Use transactions when adding users/groups/members via ef895fe samba-tool dbcheck: Use dsdb.DS_GUID_DELETED_OBJECTS_CONTAINER rather than the literal value via 9c5756c python-samba-tool domain classicupgrade: Correct message about re-promoting BDCs via 1165776 pdb_ldap: Do not skip accounts without a sambaAcctFlags value via 2c04719 python-samba-tool domain classicupgrade: Actually Skip domain trust accounts via 2e1f143 python-samba-tool domain classicupgrade: Skip machine accounts that do not end in $ via 2044541 build: Do not set PATH in install_with_python now we set $PYTHON via 10f6926 s3-rpc_server: Ensure we are root when starting and usiing gensec via 9430310 gensec: Make the no-hostname status message much less scary via 768c3bb build: Blacklist the release-4-0-0 provision as well from 46e98cf dns: Fix allocation of txt_record in txt record tests http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 2ed6b0818a68ac07bd9c4270522aa8e2098ec140 Author: Andrew Bartlett abart...@samba.org Date: Thu May 16 10:32:50 2013 +1000 auth: Ensure auth_sam is not used on the AD DC Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Thu May 16 22:51:26 CEST 2013 on sn-devel-104 commit 9b24f6523e8c78879ada3e6d2927ebbb21dabfdc Author: Andrew Bartlett abart...@samba.org Date: Mon May 13 14:06:14 2013 +1200 dsdb: Expand on what the error finding the ntSecurityDescriptor was in acl_read Reviewed-by: Stefan Metzmacher me...@samba.org commit 60d1c2d5288b01bd9a99f90bb0a9d0ff3c873412 Author: Andrew Bartlett abart...@samba.org Date: Mon May 13 14:05:28 2013 +1200 autobuild.py add ntdb to the samba-libs task, to ensure it works as an external library Reviewed-by: Stefan Metzmacher me...@samba.org commit 73628e9cd9005478cdb225f01917eb54270a3c05 Author: Andrew Bartlett abart...@samba.org Date: Tue Apr 2 16:10:03 2013 +1100 rpc_server-drsuapi: Include the failing DN when unable to convert DB objects to DRS This is a very serious situation (it should not happen) so getting information on the objects that this happens for would be very helpful. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org commit 11e716ae0736067272868b997367e94ebf1cdf3b Author: Andrew Bartlett abart...@samba.org Date: Tue Apr 2 15:36:47 2013 +1100 dsdb-schema: Print clear debug message when we find a OID in our local DB we cannot convert We need to work out why we are unable to make a mapping for an OID in our database, because we should not have been able to add it without such a mapping. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org commit 25402e06bcdf98e346fdbbfa7e8740504329b42f Author: Andrew Bartlett abart...@samba.org Date: Tue Mar 26 11:51:38 2013 +1100 dsdb-repl: Allow the name attribute (and name-based schema lookups) to be skipped in dsdb_repl_make_working_schema() This allows us to use a schema that may only be valid for attributeID based lookups, during the schema load. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org commit 34820602715cc8936179091e188993f7a42808ac Author: Andrew Bartlett abart...@samba.org Date: Sun Apr 14 14:36:08 2013 +1000 python-samba-tool domain classicupgrade: Use transactions when adding users/groups/members This should make things a bit faster when importing very large numbers of users as we will not constantly rewrite the indicies on disk. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org commit ef895fe9e4e4043bd4ce1db5007fd2016f0b8673 Author: Andrew Bartlett abart...@samba.org Date: Sun Apr 14 13:32:05 2013 +1000 samba-tool dbcheck: Use dsdb.DS_GUID_DELETED_OBJECTS_CONTAINER rather than the literal value This is better practice. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org commit 9c5756c077896e6a3ff8e610acf706f203e4dede Author
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via fbb12b5 samba-tool/tests: Force the gecos of the user to a fixed value. via 54f4536 dsdb-drepl: create a new schedulable event for running pending operations from 8c3fa00 lib/param: remove unused 'printer_admin' http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit fbb12b574df69a1cda0a3f201f21279650ddc4c4 Author: Matthieu Patou m...@matws.net Date: Tue May 14 06:20:18 2013 -0700 samba-tool/tests: Force the gecos of the user to a fixed value. When --gecos is not specified samba-tool user add will try to read the gecos field from a getpw call. And if user's GECOS is empty (like the build user on sn-devel-104) then the test will fail because we can't add an empty gecos. Signed-off-by: Matthieu Patou m...@matws.net Reviewed-by: Jelmer Vernooij jel...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Wed May 15 16:19:23 CEST 2013 on sn-devel-104 commit 54f4536980d86faf532708c92890dd9e8b09667a Author: Matthieu Patou m...@matws.net Date: Wed May 15 04:46:33 2013 -0700 dsdb-drepl: create a new schedulable event for running pending operations So instead of running dreplsrv_periodic_schedule when receiving a DRS_REPLICA_SYNC request which will force the DC to look for changes with all the DC it usually replicate to, we reduce it to the DC specified in the DRS_REPLICA_SYNC request. It will allow also to do have the correct options as set by the client who send the DRS_REPLICA_SYNC. Signed-off-by: Matthieu Patou m...@matws.net Reviewed-by: Stefan Metzmacher me...@samba.org --- Summary of changes: python/samba/tests/samba_tool/user.py | 11 +- source4/dsdb/repl/drepl_periodic.c| 61 + source4/dsdb/repl/drepl_service.c |2 +- source4/dsdb/repl/drepl_service.h | 17 + 4 files changed, 89 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/python/samba/tests/samba_tool/user.py b/python/samba/tests/samba_tool/user.py index 89fa22b..645eb40 100644 --- a/python/samba/tests/samba_tool/user.py +++ b/python/samba/tests/samba_tool/user.py @@ -212,12 +212,20 @@ class UserCmdTestCase(SambaToolCmdTest): self.skipTest(Skipping getpwent test, current EUID not found in NSS) return + +# samba-tool user add command didn't support users with empty gecos if none is +# specified on the command line and the user hasn't one in the passwd file it +# will fail, so let's add some contents + +gecos = u[4] +if (gecos is None or len(gecos) == 0): +gecos = Foo GECOS user = self._randomPosixUser({ name: u[0], uid: u[0], uidNumber: u[2], gidNumber: u[3], -gecos: u[4], +gecos: gecos, loginShell: u[6], }) # check if --rfc2307-from-nss sets the same values as we got from pwd.getpwuid() @@ -228,6 +236,7 @@ class UserCmdTestCase(SambaToolCmdTest): --department=%s % user[department], --description=%s % user[description], --company=%s % user[company], +--gecos=%s % user[gecos], --rfc2307-from-nss, -H, ldap://%s; % os.environ[DC_SERVER], -U%s%%%s % (os.environ[DC_USERNAME], os.environ[DC_PASSWORD])) diff --git a/source4/dsdb/repl/drepl_periodic.c b/source4/dsdb/repl/drepl_periodic.c index 62b4092..d6b9467 100644 --- a/source4/dsdb/repl/drepl_periodic.c +++ b/source4/dsdb/repl/drepl_periodic.c @@ -133,3 +133,64 @@ void dreplsrv_run_pending_ops(struct dreplsrv_service *s) dreplsrv_notify_run_ops(s); } } + +static void dreplsrv_pending_run(struct dreplsrv_service *service); + +static void dreplsrv_pending_handler_te(struct tevent_context *ev, struct tevent_timer *te, + struct timeval t, void *ptr) +{ + struct dreplsrv_service *service = talloc_get_type(ptr, struct dreplsrv_service); + + service-pending.te = NULL; + + dreplsrv_pending_run(service); +} + +WERROR dreplsrv_pendingops_schedule(struct dreplsrv_service *service, uint32_t next_interval) +{ + TALLOC_CTX *tmp_mem; + struct tevent_timer *new_te; + struct timeval next_time; + + /* prevent
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 8c3fa00 lib/param: remove unused 'printer_admin' via 0ffd074 doc-xml/smbdotconf: fix server [min|max] protocol documentation via 8a878ec talloc: only provide the --enable-talloc-compat1 in standalone build via f08205b winbind/idmap_ad: be verbose about the user that we fail to map from 5868acc vfs_gpfs: slightly simplify connect() http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 8c3fa009ca6e80bf6e8f9daf786b3ec490c735af Author: Stefan Metzmacher me...@samba.org Date: Mon Apr 29 12:27:25 2013 +0200 lib/param: remove unused 'printer_admin' Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Michael Adam ob...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Tue May 14 21:45:19 CEST 2013 on sn-devel-104 commit 0ffd074690529a1833e29829b552b3cf6ebcd914 Author: Stefan Metzmacher me...@samba.org Date: Tue Apr 30 08:39:00 2013 +0200 doc-xml/smbdotconf: fix server [min|max] protocol documentation Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Michael Adam ob...@samba.org commit 8a878ec74bd24180aa73cfb39ff4a6c3e72d9d0b Author: Stefan Metzmacher me...@samba.org Date: Tue May 7 14:15:35 2013 +0200 talloc: only provide the --enable-talloc-compat1 in standalone build The compat library is already only built in standalone build, so we need the configure option also only in the standalone build. Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Michael Adam ob...@samba.org commit f08205be7003f6c0a15fd5fd99d01951164ad15c Author: Björn Jacke b...@sernet.de Date: Tue May 14 16:51:28 2013 +0200 winbind/idmap_ad: be verbose about the user that we fail to map Reviewed-by: Stefan Metzmacher me...@samba.org --- Summary of changes: docs-xml/smbdotconf/protocol/servermaxprotocol.xml | 10 -- docs-xml/smbdotconf/protocol/serverminprotocol.xml |2 +- lib/param/param_functions.c|1 - lib/talloc/wscript | 10 ++ source3/winbindd/idmap_ad.c|5 +++-- 5 files changed, 10 insertions(+), 18 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/smbdotconf/protocol/servermaxprotocol.xml b/docs-xml/smbdotconf/protocol/servermaxprotocol.xml index 94184c8..822e42b 100644 --- a/docs-xml/smbdotconf/protocol/servermaxprotocol.xml +++ b/docs-xml/smbdotconf/protocol/servermaxprotocol.xml @@ -10,16 +10,6 @@ paraPossible values are :/para itemizedlist listitem - paraconstantCORE/constant: Earliest version. No - concept of user names./para - /listitem - - listitem - paraconstantCOREPLUS/constant: Slight improvements on - CORE for efficiency./para - /listitem - - listitem paraconstantLANMAN1/constant: First emphasismodern/emphasis version of the protocol. Long filename support./para /listitem diff --git a/docs-xml/smbdotconf/protocol/serverminprotocol.xml b/docs-xml/smbdotconf/protocol/serverminprotocol.xml index c62ebb3..fc249fc 100644 --- a/docs-xml/smbdotconf/protocol/serverminprotocol.xml +++ b/docs-xml/smbdotconf/protocol/serverminprotocol.xml @@ -18,6 +18,6 @@ relatedserver max protocol/related -value type=defaultCORE/value +value type=defaultLANMAN1/value value type=exampleNT1/value /samba:parameter diff --git a/lib/param/param_functions.c b/lib/param/param_functions.c index 7cb3a69..6fc7801 100644 --- a/lib/param/param_functions.c +++ b/lib/param/param_functions.c @@ -72,7 +72,6 @@ FN_LOCAL_STRING(force_user, force_user) FN_LOCAL_STRING(force_group, force_group) FN_LOCAL_LIST(readlist, readlist) FN_LOCAL_LIST(writelist, writelist) -FN_LOCAL_LIST(printer_admin, printer_admin) FN_LOCAL_LIST(vfs_objects, szVfsObjects) FN_LOCAL_STRING(msdfs_proxy, szMSDfsProxy) static FN_LOCAL_STRING(volume, volume) diff --git a/lib/talloc/wscript b/lib/talloc/wscript index bd7708e..ecc5e24 100644 --- a/lib/talloc/wscript +++ b/lib/talloc/wscript @@ -27,10 +27,10 @@ def set_options(opt): opt.BUILTIN_DEFAULT('replace') opt.PRIVATE_EXTENSION_DEFAULT('talloc', noextension='talloc') opt.RECURSE('lib/replace') -opt.add_option('--enable-talloc-compat1', - help=(Build talloc 1.x.x compat library [False]), - action=store_true, dest='TALLOC_COMPAT1', default=False) if opt.IN_LAUNCH_DIR(): +opt.add_option('--enable-talloc-compat1', + help=(Build talloc 1.x.x compat library [False]), + action=store_true, dest='TALLOC_COMPAT1', default=False) opt.add_option
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 99c95fc libsmb: call directly tevent_req_simple_finish_ntstatus from bf33239 Fix warnings and one compile error caused by newer gcc 4.7. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 99c95fc98309a7aa08cfc37c4de5105d90696b7a Author: Matthieu Patou m...@matws.net Date: Sun May 5 14:53:40 2013 -0700 libsmb: call directly tevent_req_simple_finish_ntstatus The CC compiler on openindiana is not pleased with a void function doing a return of another void function. It should help the build of openindiana on the buildfarm Signed-off-by: Matthieu Patou m...@matws.net Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Mon May 6 08:35:10 CEST 2013 on sn-devel-104 --- Summary of changes: source3/libsmb/cliconnect.c |4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c index 3242d8c..7179c4f 100644 --- a/source3/libsmb/cliconnect.c +++ b/source3/libsmb/cliconnect.c @@ -2687,13 +2687,13 @@ static struct tevent_req *cli_tree_connect_send( static void cli_tree_connect_smb2_done(struct tevent_req *subreq) { - return tevent_req_simple_finish_ntstatus( + tevent_req_simple_finish_ntstatus( subreq, smb2cli_tcon_recv(subreq)); } static void cli_tree_connect_andx_done(struct tevent_req *subreq) { - return tevent_req_simple_finish_ntstatus( + tevent_req_simple_finish_ntstatus( subreq, cli_tcon_andx_recv(subreq)); } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 5f82641 libsmb: Use sizeof instead of explicit numbers via b8c1e30 libsmb: Use smb2_lease_push in smb2_create_send via a8edad3 libcli: Add smb2_lease marshalling via 96a8f6e libsmb: Move struct smb2_lease to common from 7e80793 check_parent_exists() can change errno. Ensure we preserve it across calls. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 5f82641553e33bc236b6c8a4f5cfc1cf3b722eea Author: Volker Lendecke v...@samba.org Date: Thu Apr 25 14:24:08 2013 +0200 libsmb: Use sizeof instead of explicit numbers Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Tue Apr 30 16:02:19 CEST 2013 on sn-devel-104 commit b8c1e30a6f2213c0dbb43a55bd5e1f498a610cab Author: Volker Lendecke v...@samba.org Date: Thu Apr 25 14:19:36 2013 +0200 libsmb: Use smb2_lease_push in smb2_create_send Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit a8edad3743a60b9521b2cd759e22e6350c41cc06 Author: Volker Lendecke v...@samba.org Date: Wed Apr 17 17:04:38 2013 +0200 libcli: Add smb2_lease marshalling Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 96a8f6e0fb9042fe125c9552dfb4c3f6d19cb225 Author: Volker Lendecke v...@samba.org Date: Wed Apr 17 16:48:21 2013 +0200 libsmb: Move struct smb2_lease to common Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org --- Summary of changes: libcli/smb/smb2_lease.c | 86 +++ libcli/smb/smb2_lease.h | 50 ++ libcli/smb/smb_common.h |1 + libcli/smb/wscript |2 + source4/libcli/raw/interfaces.h | 17 source4/libcli/smb2/create.c| 34 +++ 6 files changed, 155 insertions(+), 35 deletions(-) create mode 100644 libcli/smb/smb2_lease.c create mode 100644 libcli/smb/smb2_lease.h Changeset truncated at 500 lines: diff --git a/libcli/smb/smb2_lease.c b/libcli/smb/smb2_lease.c new file mode 100644 index 000..10beaca --- /dev/null +++ b/libcli/smb/smb2_lease.c @@ -0,0 +1,86 @@ +/* + Unix SMB/CIFS implementation. + + SMB2 Lease context handling + + Copyright (C) Stefan Metzmacher 2012 + Copyright (C) Volker Lendecke 2013 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see http://www.gnu.org/licenses/. +*/ + +#include includes.h +#include ../libcli/smb/smb_common.h + +ssize_t smb2_lease_pull(uint8_t *buf, size_t len, struct smb2_lease *lease) +{ + int version; + + switch (len) { + case 32: + version = 1; + break; + case 52: + version = 2; + break; + default: + return -1; + } + + memcpy(lease-lease_key, buf, 16); + lease-lease_state = IVAL(buf, 16); + lease-lease_flags = IVAL(buf, 20); + lease-lease_duration = BVAL(buf, 24); + + switch (version) { + case 1: + memcpy(lease-parent_lease_key, buf+32, 16); + lease-lease_epoch = SVAL(buf, 48); + break; + case 2: + ZERO_STRUCT(lease-parent_lease_key); + lease-lease_epoch = 0; + break; + } + + return len; +} + +bool smb2_lease_push(const struct smb2_lease *lease, uint8_t *buf, size_t len) +{ + int version; + + switch (len) { + case 32: + version = 1; + break; + case 52: + version = 2; + break; + default: + return false; + } + + memcpy(buf[0], lease-lease_key, 16); + SIVAL(buf, 16, lease-lease_state); + SIVAL(buf, 20, lease-lease_flags); + SBVAL(buf, 24, lease-lease_duration); + + if (version == 2) { + memcpy(buf[32], lease-parent_lease_key, 16); + SIVAL(buf, 48, lease-lease_epoch); + } + + return true; +} diff --git a/libcli/smb/smb2_lease.h b/libcli/smb
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 77f7a46 s4:dsdb: Fix warnings about not set / set but unused / shadowed variables from 31714c9 s3:smbd:smb2:scavenger: fix format error for debugging open_persistent_id in scavenger_timer() http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 77f7a46e180596fa081f4069edea9efd23e3f0c5 Author: Matthieu Patou m...@matws.net Date: Thu Apr 11 22:30:27 2013 -0700 s4:dsdb: Fix warnings about not set / set but unused / shadowed variables Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Fri Apr 19 13:15:40 CEST 2013 on sn-devel-104 --- Summary of changes: source4/dsdb/common/dsdb_dn.c |3 --- source4/dsdb/samdb/ldb_modules/linked_attributes.c |6 +++--- source4/dsdb/samdb/ldb_modules/partition.c |3 --- source4/dsdb/samdb/ldb_modules/resolve_oids.c |2 -- source4/dsdb/samdb/ldb_modules/samba_dsdb.c|6 ++ source4/dsdb/samdb/ldb_modules/simple_ldap_map.c |3 --- source4/dsdb/samdb/ldb_modules/subtree_rename.c|2 -- 7 files changed, 5 insertions(+), 20 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/dsdb/common/dsdb_dn.c b/source4/dsdb/common/dsdb_dn.c index 0029f5d..ab42776 100644 --- a/source4/dsdb/common/dsdb_dn.c +++ b/source4/dsdb/common/dsdb_dn.c @@ -76,7 +76,6 @@ struct dsdb_dn *dsdb_dn_parse(TALLOC_CTX *mem_ctx, struct ldb_context *ldb, { struct dsdb_dn *dsdb_dn; struct ldb_dn *dn; - const char *data; size_t len; TALLOC_CTX *tmp_ctx; char *p1; @@ -127,8 +126,6 @@ struct dsdb_dn *dsdb_dn_parse(TALLOC_CTX *mem_ctx, struct ldb_context *ldb, if (tmp_ctx == NULL) { return NULL; } - - data = (const char *)dn_blob-data; len = dn_blob-length - 2; p1 = talloc_strndup(tmp_ctx, (const char *)dn_blob-data + 2, len); diff --git a/source4/dsdb/samdb/ldb_modules/linked_attributes.c b/source4/dsdb/samdb/ldb_modules/linked_attributes.c index 6e08209..a55ec87 100644 --- a/source4/dsdb/samdb/ldb_modules/linked_attributes.c +++ b/source4/dsdb/samdb/ldb_modules/linked_attributes.c @@ -752,7 +752,7 @@ static int linked_attributes_fix_links(struct ldb_module *module, /* find our DN in the values */ for (j=0; jel2-num_values; j++) { struct dsdb_dn *dsdb_dn2; - struct GUID link_guid; + struct GUID link_guid2; dsdb_dn2 = dsdb_dn_parse(msg, ldb, el2-values[j], target-syntax-ldap_oid); if (dsdb_dn2 == NULL) { @@ -760,7 +760,7 @@ static int linked_attributes_fix_links(struct ldb_module *module, return LDB_ERR_INVALID_DN_SYNTAX; } - ret = la_guid_from_dn(module, parent, dsdb_dn2-dn, link_guid); + ret = la_guid_from_dn(module, parent, dsdb_dn2-dn, link_guid2); if (ret != LDB_SUCCESS) { talloc_free(tmp_ctx); return ret; @@ -776,7 +776,7 @@ static int linked_attributes_fix_links(struct ldb_module *module, * more costly, but still give us a GUID. * dbcheck will fix this if run. */ - if (!GUID_equal(self_guid, link_guid)) { + if (!GUID_equal(self_guid, link_guid2)) { continue; } diff --git a/source4/dsdb/samdb/ldb_modules/partition.c b/source4/dsdb/samdb/ldb_modules/partition.c index 435a791..63835d8 100644 --- a/source4/dsdb/samdb/ldb_modules/partition.c +++ b/source4/dsdb/samdb/ldb_modules/partition.c @@ -1089,13 +1089,10 @@ int partition_sequence_number_from_partitions(struct ldb_module *module, */ static int partition_sequence_number(struct ldb_module *module, struct ldb_request *req) { - struct partition_private_data *data = talloc_get_type(ldb_module_get_private(module), - struct partition_private_data); struct ldb_extended *ext; struct ldb_seqnum_request *seq; struct ldb_seqnum_result *seqr; uint64_t seq_number; - struct dsdb_partition *p; int ret; seq = talloc_get_type_abort(req-op.extended.data, struct ldb_seqnum_request); diff --git a/source4/dsdb/samdb/ldb_modules/resolve_oids.c b/source4/dsdb/samdb/ldb_modules/resolve_oids.c index 71f9a30..b5c5f8e 100644 --- a/source4/dsdb/samdb/ldb_modules/resolve_oids.c +++ b/source4/dsdb/samdb/ldb_modules
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 7f366d7 tevent: Only set poll_ev-delete=false if it was true from a7f067c BUG 9699: Fix adding case sensitive spn. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 7f366d745c1d4e833470d853ec484459157616e7 Author: Volker Lendecke v...@samba.org Date: Thu Apr 4 10:23:02 2013 +0200 tevent: Only set poll_ev-delete=false if it was true Might not be noticable, but I thought it would be an obvious tiny optimization. Possibly the compiler already does this. Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Thu Apr 4 18:32:39 CEST 2013 on sn-devel-104 --- Summary of changes: lib/tevent/tevent_poll.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/tevent/tevent_poll.c b/lib/tevent/tevent_poll.c index 92fcc44..c6e2a00 100644 --- a/lib/tevent/tevent_poll.c +++ b/lib/tevent/tevent_poll.c @@ -419,8 +419,8 @@ static bool poll_event_setup_fresh(struct tevent_context *ev, poll_ev-fdes[i]-additional_flags = i; } } + poll_ev-deleted = false; } - poll_ev-deleted = false; if (poll_ev-fresh == NULL) { return true; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via ed76e65 ntvfs: support setfileinfo with FULL_EA_INFORMATION from 7903839 s3:wscript: change --with-dmapi to default=auto to match the autoconf build http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit ed76e65172ba1a21ef21b3c0267ed5ef1aa8aa9b Author: David Disseldorp dd...@samba.org Date: Wed Apr 3 14:01:00 2013 +0200 ntvfs: support setfileinfo with FULL_EA_INFORMATION Use existing unmarshall and set helper functions. This allows the smb2.setinfo.setinfo test to run against the ntvfs file server. Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Wed Apr 3 16:14:33 CEST 2013 on sn-devel-104 --- Summary of changes: selftest/knownfail |1 - source4/ntvfs/posix/pvfs_setfileinfo.c |7 ++- source4/smb_server/blob.c |6 ++ 3 files changed, 12 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/selftest/knownfail b/selftest/knownfail index e4b4694..61a0a0e 100644 --- a/selftest/knownfail +++ b/selftest/knownfail @@ -162,7 +162,6 @@ ^samba4.blackbox.upgradeprovision.alpha13.ldapcmp_sd\(none\) # Due to something rewriting the NT ACL on DNS objects ^samba4.blackbox.upgradeprovision.alpha13.ldapcmp_full_sd\(none\) # Due to something rewriting the NT ACL on DNS objects ^samba4.blackbox.upgradeprovision.release-4-0-0.ldapcmp_sd\(none\) # Due to something rewriting the NT ACL on DNS objects -^samba4.smb2.setinfo.setinfo # ntvfs doesn't support FULL_EA_INFORMATION set. ^samba3.smb2.create.gentest ^samba3.smb2.create.blob ^samba3.smb2.create.open diff --git a/source4/ntvfs/posix/pvfs_setfileinfo.c b/source4/ntvfs/posix/pvfs_setfileinfo.c index 3c9b18d..7fd4e35 100644 --- a/source4/ntvfs/posix/pvfs_setfileinfo.c +++ b/source4/ntvfs/posix/pvfs_setfileinfo.c @@ -367,7 +367,7 @@ NTSTATUS pvfs_setfileinfo(struct ntvfs_module_context *ntvfs, break; case RAW_SFILEINFO_EA_SET: - return pvfs_setfileinfo_ea_set(pvfs, h-name, h-fd, + return pvfs_setfileinfo_ea_set(pvfs, h-name, h-fd, info-ea_set.in.num_eas, info-ea_set.in.eas); @@ -420,6 +420,11 @@ NTSTATUS pvfs_setfileinfo(struct ntvfs_module_context *ntvfs, h-position = info-position_information.in.position; break; + case RAW_SFILEINFO_FULL_EA_INFORMATION: + return pvfs_setfileinfo_ea_set(pvfs, h-name, h-fd, + info-full_ea_information.in.eas.num_eas, + info-full_ea_information.in.eas.eas); + case RAW_SFILEINFO_MODE_INFORMATION: /* this one is a puzzle */ if (info-mode_information.in.mode != 0 diff --git a/source4/smb_server/blob.c b/source4/smb_server/blob.c index c0077c0..a3e1123 100644 --- a/source4/smb_server/blob.c +++ b/source4/smb_server/blob.c @@ -625,6 +625,12 @@ NTSTATUS smbsrv_pull_passthru_sfileinfo(TALLOC_CTX *mem_ctx, return NT_STATUS_OK; + case RAW_SFILEINFO_FULL_EA_INFORMATION: + return ea_pull_list_chained(blob, + mem_ctx, + st-full_ea_information.in.eas.num_eas, + st-full_ea_information.in.eas.eas); + case RAW_SFILEINFO_MODE_INFORMATION: BLOB_CHECK_MIN_SIZE(blob, 4); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via b5d5b9a libsmbclient: Fix cli_session_setup_guest_send from ed76e65 ntvfs: support setfileinfo with FULL_EA_INFORMATION http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit b5d5b9a40eb13f89a552e29096deed52229c147e Author: Volker Lendecke v...@samba.org Date: Wed Apr 3 13:24:53 2013 +0200 libsmbclient: Fix cli_session_setup_guest_send This worked fine so far, but for the wrong reason: We only ever called this through the sync wrapper. The tevent_req_nterror in the NT_STATUS_OK case does not call tevent_req_finish. So the tevent_loop_poll did call into the core send/receive smb code. This is a fix for the case when smb1cli_req_chain_submit fails for some reason. Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Wed Apr 3 18:39:30 CEST 2013 on sn-devel-104 --- Summary of changes: source3/libsmb/cliconnect.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c index 872900c..ec5c273 100644 --- a/source3/libsmb/cliconnect.c +++ b/source3/libsmb/cliconnect.c @@ -446,7 +446,7 @@ struct tevent_req *cli_session_setup_guest_send(TALLOC_CTX *mem_ctx, } status = smb1cli_req_chain_submit(subreq, 1); - if (NT_STATUS_IS_OK(status)) { + if (!NT_STATUS_IS_OK(status)) { tevent_req_nterror(req, status); return tevent_req_post(req, ev); } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via e865788 dbwrap: Add a comment explaining a restriction from e3f5e47 smbd: Remove an optimization that became unnecessary http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit e8657887a9c1deadbd4e98c8b66cd46bdf36402a Author: Volker Lendecke v...@samba.org Date: Wed Mar 27 10:23:50 2013 +0100 dbwrap: Add a comment explaining a restriction Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Wed Mar 27 13:40:15 CET 2013 on sn-devel-104 --- Summary of changes: lib/dbwrap/dbwrap.c | 11 +++ 1 files changed, 11 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/dbwrap/dbwrap.c b/lib/dbwrap/dbwrap.c index f0b7a9a..f03514d 100644 --- a/lib/dbwrap/dbwrap.c +++ b/lib/dbwrap/dbwrap.c @@ -453,6 +453,17 @@ int dbwrap_get_seqnum(struct db_context *db) int dbwrap_transaction_start(struct db_context *db) { if (!db-persistent) { + /* +* dbwrap_ctdb has two different data models for persistent +* and non-persistent databases. Transactions are supported +* only for the persistent databases. This check is here to +* prevent breakages of the cluster case, autobuild at this +* point only tests non-clustered Samba. Before removing this +* check, please make sure that this facility has also been +* added to dbwrap_ctdb. +* +* Thanks, vl +*/ DEBUG(1, (transactions not supported on non-persistent database %s\n, db-name)); return -1; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via e3f5e47 smbd: Remove an optimization that became unnecessary via 07ae7e2 smbd: We don't collect our own vnn anymore via ebb027b smbd: Slightly simplify notify_trigger via eb885d1 smbd: Slightly simplify notify_trigger via 032da72 smbd: Avoid some talloc_realloc in notify_internal via c2b26a4 dbwrap-ctdb: Avoid a talloc_stackframe() via d147194 ctdb-conn: remove ctdbd_fetch via 1409895 dbwrap-ctdb: Use ctdbd_parse in db_ctdb_parse_record via abe4046 ctdb-conn: Add ctdbd_parse via c8c0bf7 tdb: Fix blank line endings via a92c08e tdb: Little format change via d4ebeeb smbd: Avoid sending 0-sized keys to dbwrap from bbb4068 dbwrap: Use tdb_null in db_ctdb_delete http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit e3f5e474c826940ebaf43256cb06a50309ba3ef5 Author: Volker Lendecke v...@samba.org Date: Wed Oct 31 13:13:50 2012 +0100 smbd: Remove an optimization that became unnecessary After we only collect nonlocal vnns in idx_state.vnns now, at this point we *know* we have something to send to a remote node. The previous code avoided the call to notify_push_remote_blob with an if-statement that has now become unnecessary. Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Tue Mar 26 13:16:39 CET 2013 on sn-devel-104 commit 07ae7e22f789a67bbd5e9536e1227a1c394990f9 Author: Volker Lendecke v...@samba.org Date: Wed Oct 31 13:11:19 2012 +0100 smbd: We don't collect our own vnn anymore notify_trigger_index_parser will not anymore add ourselves into the vnn list that it collects. Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit ebb027b738d0addd3ee5c205c5370b01859aee71 Author: Volker Lendecke v...@samba.org Date: Wed Oct 31 13:10:12 2012 +0100 smbd: Slightly simplify notify_trigger We have a good chance that we did not collect any remote vnns. This avoids trying to walk the remote vnns altogether. Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit eb885d1fdd6a2be603061aeef63790c92ca9ba56 Author: Volker Lendecke v...@samba.org Date: Wed Oct 31 13:08:18 2012 +0100 smbd: Slightly simplify notify_trigger This straightens the for-loop walking the path components slightly Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 032da72e2b81685f292622cfd2ced14af257849d Author: Volker Lendecke v...@samba.org Date: Wed Oct 31 13:02:19 2012 +0100 smbd: Avoid some talloc_realloc in notify_internal For the nonclustered case we will only ever have one vnn in notify_index.tdb. For this case, without this patch we did talloc_realloc when collecting vnns to be able to do the memcpy instead of explicit copy with a for-loop. This new code will partition the new vnns we see when parsing a notify_index.tdb record into ourselves and all foreign vnns, only really collecting the foreign ones in an array. Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit c2b26a43ffae22c9dff7929c48531fec9e6ed922 Author: Volker Lendecke v...@samba.org Date: Sat Nov 24 14:42:06 2012 + dbwrap-ctdb: Avoid a talloc_stackframe() We have only a single allocation in this routine, so I think we can live without a stackframe. Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit d147194466560488cda9f6e5e993c985cea02289 Author: Volker Lendecke v...@samba.org Date: Sat Nov 24 14:15:38 2012 + ctdb-conn: remove ctdbd_fetch Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 1409895d9e271744060d3f1ef2c71da5b5151f6a Author: Volker Lendecke v...@samba.org Date: Sat Nov 24 14:14:37 2012 + dbwrap-ctdb: Use ctdbd_parse in db_ctdb_parse_record Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit abe4046643735cf0bc5bcdfe330dd946ab221808 Author: Volker Lendecke v...@samba.org Date: Fri Nov 23 17:54:57 2012 +0100 ctdb-conn: Add ctdbd_parse Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit c8c0bf74805c61b1379dab1d4529df0004872bb4 Author: Volker Lendecke v...@samba.org Date: Mon Mar 18 14:39:04 2013 +0100 tdb: Fix blank line endings Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 30adf0c scripting: Fill the ProvisionNames hash with strings, not ldb.MessageElement or Dn via 5d42260 samba-tool ldapcmp: Remove the GUID - name mappings via 1589e46 selftest: Add tests for samba-tool dbcheck --reset-well-known-acls via 874a93b scripting: Modify samba.descriptor.get_diff_sds() to cope with a missing reference owner via 4789a30 samba-tool dbcheck: Allow dbcheck to correct an nTSecurityDescriptor without an owner or group via 810f8b4 samba-tool dbcheck: Add --reset-well-known-acls via 9040e26 scripting: Move get_diff_sds from samba.upgradehelpers to samba.descriptor via a113ddb scripting: Modify samba.descriptor.get_wellknown_sds() use samdb calls only via 352aff8 scripting: Move samba.provision.descriptor to samba.descriptor via e81a97d scripting: Make samba.provision.descriptor.get_wellknown_sds() return ldb.Dn objects via 6df17fe scripting: Fix documentation comment on upgradehelpers.py:get_clean_sd via 3da89b0 scripting: Move the list of well known SDs to samba.provision.descriptor via afe9343 build: Do not pass CPP= to pidl, skip the env variable entirely via 7dc6dfd build: Remove the forced use of only the first part of the compiler string from d27f00c vfs-btrfs: Fix build on 32 bit platforms by using long long types http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 30adf0cdbae6d9aaf2e72513d9c33267248f20c0 Author: Andrew Bartlett abart...@samba.org Date: Fri Mar 22 21:58:25 2013 +1100 scripting: Fill the ProvisionNames hash with strings, not ldb.MessageElement or Dn This avoids the need to fix it up again in samba_upgradedns. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Mon Mar 25 13:25:30 CET 2013 on sn-devel-104 commit 5d42260eecfd4f26cc82637ce1bc989083c9eb9d Author: Andrew Bartlett abart...@samba.org Date: Fri Mar 22 21:36:49 2013 +1100 samba-tool ldapcmp: Remove the GUID - name mappings These mappings are very convenient, however because they are not one-to-one, they lead to differences being reported when none exist, dependent only on the order the schema searches return results in. Sadly the time saved by the names is offset by the time wasted chasing the 'differences' that don't exist. This in turn fixes some tests that were previously knownfail Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org commit 1589e46d11f29551f3598876b62e29fcbad06580 Author: Andrew Bartlett abart...@samba.org Date: Fri Mar 22 17:12:43 2013 +1100 selftest: Add tests for samba-tool dbcheck --reset-well-known-acls Reviewed-by: Stefan Metzmacher me...@samba.org commit 874a93bc1c437543474a6c574b0065b7b953ad38 Author: Andrew Bartlett abart...@samba.org Date: Fri Mar 22 22:16:03 2013 +1100 scripting: Modify samba.descriptor.get_diff_sds() to cope with a missing reference owner This allows the reference SD not to have an owner specified, and still have the comparison with a database SD that does have an owner pass. (And the same for owning group). Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org commit 4789a3072a4241841c096115dbdb0c3259968e68 Author: Andrew Bartlett abart...@samba.org Date: Mon Feb 11 14:49:01 2013 +1100 samba-tool dbcheck: Allow dbcheck to correct an nTSecurityDescriptor without an owner or group This is done by making a modification to the SD, which triggers it to be filled in if we have the correct session_info established on the DB. However, we normally want dbcheck running as system, so we wrap the session_info set around this operation only. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org commit 810f8b48d925ea15f3439c4b228741d8fddaccd8 Author: Andrew Bartlett abart...@samba.org Date: Mon Feb 11 14:49:01 2013 +1100 samba-tool dbcheck: Add --reset-well-known-acls This will allow an upgrade from Samba 4.0.0 without needing to run samba_upgradeprovision, which for now is not the preferred upgrade tool. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org commit 9040e2684161ce75738e9da0fee191aa34858607 Author: Andrew Bartlett abart...@samba.org Date: Fri Mar 22 16:19:27 2013 +1100 scripting: Move get_diff_sds from samba.upgradehelpers to samba.descriptor This helps avoid a dependency loop when we use get_diff_sds in dbcheck. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org commit a113ddbf881c5905bbf7072638c7ba8843eeb85e Author: Andrew Bartlett abart...@samba.org Date: Fri
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 1d15fc7 Fix bug #9724 - is_encrypted_packet() function incorrectly used inside server. from fd8b258 examples/libsmbclient: Cast mode_t to unsigned int for GNU/Solaris build http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 1d15fc75a33b7368049876368f4b70c188bbd55e Author: Jeremy Allison j...@samba.org Date: Fri Mar 15 15:05:31 2013 -0700 Fix bug #9724 - is_encrypted_packet() function incorrectly used inside server. The is_encrypted_packet() function should only be used on the raw received data to determine if a packet came in encrypted. Once we're inside the SMB1 processing code in smbd/reply.c we should be looking at the smb1request-encrypted field to determine if a packet was really encrypted or not. Signed-off-by: Jeremy Allison j...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Sat Mar 16 12:44:44 CET 2013 on sn-devel-104 --- Summary of changes: source3/smbd/reply.c |5 ++--- 1 files changed, 2 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 64c4fdb..2c31f15 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3294,8 +3294,7 @@ void reply_readbraw(struct smb_request *req) START_PROFILE(SMBreadbraw); - if (srv_is_signing_active(sconn) || - is_encrypted_packet(sconn, req-inbuf)) { + if (srv_is_signing_active(sconn) || req-encrypted) { exit_server_cleanly(reply_readbraw: SMB signing/sealing is active - raw reads/writes are disallowed.); } @@ -3698,7 +3697,7 @@ static void send_file_readX(connection_struct *conn, struct smb_request *req, */ if (!req_is_in_chain(req) - !is_encrypted_packet(req-sconn, req-inbuf) + !req-encrypted (fsp-base_fsp == NULL) (fsp-wcp == NULL) lp_use_sendfile(SNUM(conn), req-sconn-smb1.signing_state) ) { -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 68698b4 tdb: Slightly simplify tdb_expand_file from 70e1b61 tsocket_bsd: Attempt to increase the SO_SNDBUF if we get EMSGSIZE in sendto() http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 68698b4e64831d2fdf762b5f8577ff404f10a3cb Author: Volker Lendecke v...@samba.org Date: Mon Mar 4 13:06:05 2013 +0100 tdb: Slightly simplify tdb_expand_file The else keywords are not necessary here, we return in the preceding if clause Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Tue Mar 5 14:00:47 CET 2013 on sn-devel-104 --- Summary of changes: lib/tdb/common/io.c |6 -- 1 files changed, 4 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/tdb/common/io.c b/lib/tdb/common/io.c index 0563635..b9caffb 100644 --- a/lib/tdb/common/io.c +++ b/lib/tdb/common/io.c @@ -328,12 +328,14 @@ static int tdb_expand_file(struct tdb_context *tdb, tdb_off_t size, tdb_off_t ad returned 0 twice: giving up!\n)); errno = ENOSPC; return -1; - } else if (written == -1) { + } + if (written == -1) { TDB_LOG((tdb, TDB_DEBUG_FATAL, expand_file write of %d bytes failed (%s)\n, (int)n, strerror(errno))); return -1; - } else if (written != n) { + } + if (written != n) { TDB_LOG((tdb, TDB_DEBUG_WARNING, expand_file: wrote only %d of %d bytes - retrying\n, (int)written, (int)n)); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 70e1b61 tsocket_bsd: Attempt to increase the SO_SNDBUF if we get EMSGSIZE in sendto() via 50b42d1 s4-lib/socket: Return the original EMSGSIZE when sendto() and setsockopt() both fail via b9b6375 selftest: Remove output directories to save disk space via d5d88bd samba_upgradeprovision: Do not reset every DN when changing an SD via 0f247dc samba_upgradeprovision: do not maintain dnNotToRecalculate as a list via 9bc32bf samba_upgradeprovision: only run rebuild_sd in --full mode via 81cda85 samba_upgradeprovision: Remove alwaysRecalculate, this is too dangerous via 09b82d5 samba_upgradeprovision: Remove unused checkKeepAttributeOldMtd via 9b8d5bb samba_upgradeprovision: Remove inherited ACEs before comparing the SDs via 5074b98 scripting: Rework samba.upgradehelpers.get_diff_sddls to be get_diff_sds via 787a6aa samba_upgradeprovision: Remove auto-detection of pre-alpha9 databases via 9d6af49 selftest: Rename samba4.blackbox.upgradeprovision.py to samba4.blackbox.upgradeprovision.current via 08f0562 selftest: Run dbcheck and improved upgrdeprovision tests against release-4-0-0 via d7936ee selftest: Add ldapcmp to ensure upgradeprovision of a fresh DB is a no-op via f1f36ad selftest: Add in a provision from 4.0.0 to run tests against via 72f73eb selftest: Do an ldapcmp run against the upgraded domain via 24c4d81 samba-tool ldapcmp: Add support for checking DNSDOMAIN and DNSFOREST by default via f508435 samba-tool dbcheck: fix msDS-HasInstantiatedNCs attributes to match instanceType on our ntdsDSA via 97389c3 scripting: Correct parsing of binary DN via 0180a02 subunit: Add a sh macro for skipping a test from c692bb0 Handle EMSGSIZE on UNIX domain sockets. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 70e1b6185e3fb35fdc72eeb529ffb4b50122dc40 Author: Andrew Bartlett abart...@samba.org Date: Mon Mar 4 14:06:14 2013 +1100 tsocket_bsd: Attempt to increase the SO_SNDBUF if we get EMSGSIZE in sendto() This matches what was done for lib/socket/socket_unix.c in c692bb02b039ae8fef6ba968fd13b36ad7d62a72. (and is based on that patch by Landon Fuller land...@bikemonkey.org) Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Mon Mar 4 11:15:35 CET 2013 on sn-devel-104 commit 50b42d1c5bb19e3a5050d7d23ac96e273d3974ee Author: Andrew Bartlett abart...@samba.org Date: Mon Mar 4 14:07:38 2013 +1100 s4-lib/socket: Return the original EMSGSIZE when sendto() and setsockopt() both fail This ensures that should we be unable to increase the socket size, we return an error that the application layer above might expect and be able to make as reasonable response to (such as switching to a stream-based transport). This fixes up c692bb02b039ae8fef6ba968fd13b36ad7d62a72. As suggested by metze in https://bugzilla.samba.org/show_bug.cgi?id=9697#c4 Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org commit b9b637569960ae7eef5ee12436624af34a718a9a Author: Andrew Bartlett abart...@samba.org Date: Sun Feb 17 22:45:59 2013 +1100 selftest: Remove output directories to save disk space Reviewed-by: Stefan Metzmacher me...@samba.org commit d5d88bd82b1cb51da09cf3b3dec40f180f5ed29f Author: Andrew Bartlett abart...@samba.org Date: Mon Feb 18 15:56:18 2013 +1100 samba_upgradeprovision: Do not reset every DN when changing an SD SD propogation is handled by an LDB module, we do not need to touch each and every DN to make it happen. Now that we do not need to put this via a hash, the dnToRecalculate list is changed to be a list of Dn objects, not strings so that: if dn in listWellknown is handled using a schema comparison (avoiding different case forms tripping it up). Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org commit 0f247dce00fd26230cdb0566ce4f51a2ea8cfc2b Author: Andrew Bartlett abart...@samba.org Date: Mon Feb 18 15:15:52 2013 +1100 samba_upgradeprovision: do not maintain dnNotToRecalculate as a list We only need a boolean indication, not the actual values. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org commit 9bc32bfd65700c816ebb2a3004ad568327218f86 Author: Andrew Bartlett abart...@samba.org Date: Mon Feb 18 15:05:00 2013 +1100 samba_upgradeprovision: only run rebuild_sd in --full mode This is a potentially destructive routine, and should not be run by default. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org
[SCM] Samba Shared Repository - annotated tag tevent-0.9.18 created
The annotated tag, tevent-0.9.18 has been created at 5864b66090f42b08a89c8bf5abd3c24908adf129 (tag) tagging f9eb05509bdab08a350440eba47de38522f17036 (commit) replaces ldb-1.1.15 tagged by Stefan Metzmacher on Sat Mar 2 09:58:52 2013 +0100 - Log - tevent: tag release tevent-0.9.18 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQEcBAABAgAGBQJRMb9MAAoJEEeTkWETCEAlaMkH/jA9QnYUvujgps2ONQJ9WHnm L6qYySoAtmuC623YnA2XgGBGgwjBmDqT05QOl+Nj1J2FRBfF8IWgtoY4QAm2E1Qa G8F0oNNv6SCdjy6r0/uglJAlZMimZ3AWCciHMsmW4U9GMW4PpgyZU0KfNSjdD1pG dgftdDo82VmkOdCnQj2luxB6vH1Et6YYGEN6udpIhedqH++LixscS5/ez9fQ1Es9 zPMYOX2m2apo8nOGXTcIGd5p987O9TYWaSwBhRpe4ZcfApzZaHOO2C2f1T8AHfiK W/TZlGQ/DGKGEBz85P+otM6/hhDF0CWhL//HXBkySZw/a7qIYTXzL7I3n2aD+Bk= =/Qk8 -END PGP SIGNATURE- Alexander Bokovoy (4): PIDL: fix parsing linemarkers in preprocessor output source3/wscript: support 'pdb_ldap' module in configure autoconf: rename pdb_ldap module to pdb_ldapsam Make systemctl reference indirect in packaging/NetworkManager/30-winbind-systemd Andreas Schneider (47): Rename pdb_ldap to pdb_ldapsam waf: Make sure we link against samba-util. winbind: Make domain_name const in wcache_ndr_key(). messages: Use uint8_t type. winbind: Use uint8_t type and use const where needed. winbind: Correctly cast name to messaging_send_buf(). ndr: Comparing an array to null is always true. libsmb: Fix possible null pointer dereference. torture: Fix samsync domain_name checks. nmbd: Fix request data data processing. s4-libcli: Add null check for ndr functions in rap. s3-tldap: Make sure we don't deref a null pointer. librpc: Add NULL check for ndr functions for epm bindings. s4-libcli: Check return code of smbcli_request_setup(). ndrdump: Check return value of ndr_pull_init_blob(). pyauth: Check return value of lpcfg_from_py_object(). s4-libcli: Check return value of smbcli_request_setup(). pdb: Fix array overrun by one. torture: Fix array access in spoolss test. torture: Fix memcmp of short buffer. torture: Make sure we don't overrun the buffer. s4-client: Don't leak resource handle. s4-client: Don't leak file descriptor. s3-net: Don't leak username. s3-spoolss: Don't leak memory. s3-lsasd: Don't leak file descriptors. s3-param: Don't leak file descriptor. s3-vfs: Don't leak file descriptor. torture: Don't leak file resource handle in spoolss test. s3-smbd: Don't leak subcntarr array. winbind: Don't leak memory on return. wbinfo: Fix several memory leaks. s3-torture: Don't leak memory. s4-client: Don't leak memory. winbind: Don't leak centry memory. s4-registry: Don't leak memory on error. s4-registry: Don't leak file descriptor. s4-cifsdd: Don't leak memory. s4-policy: Fix memory leaks in push_recursive(). smbget: Fix file descriptor leak. smbpasswd: Don't leak memory. ndrdump: Don't leak plugin handle on error. s3-libsmb: Don't leak memory on error. s4-lib: Don't leak plugin handle on error. s3-vfs: Don't leak file descriptor on error. lib-util: Don't leak file descriptor on error. s3-rpc_server: Make sure that fd is really closed on error. Andrew Bartlett (24): pymessaging: Use correct unsigned types for server ID tuple elememnts pymessaging: Pass around the server_id struct to python callbacks rather than the tuple s4-process_single: Use pid,task_id as cluster_id in process_single just like process_prefork selftest: Add test of upgradeprovision using the old alpha13 tree vfs: Add helper function hash_blob_sha256 to vfs_acl_common.c vfs: Implement an improved vfs_acl_common that uses the hash of the system ACL vfs: Whitespace fix only to get_nt_acl_internal indentation vfs_acl_common: Do not fetch the underlying NT ACL unless we need it idl: Provide a common wrapper for the data to hash for a non-POSIX ACL vfs: Add helper function for non posix ACL modules s4-nbt: Ensure source4/ nbt client and server honour 'disable netbios' samba_upgradeprovision: Remove options to fix FS ACLs scripting: Make tdb_copy use the python subprocess module scripting: Make tdb_copy a common util function in samba.tdb_util samba_upgradeprovision: Do not update privileges.ldb any more (unchanged since 2009) samba_upgradeprovision: Use tdb_util.tdb_copy not shutil.copy2 build: Remove unused includes.h reference to avoid build-time talloc dep build: Remove includes.h dep in winbind client libraries ldb: Add missing dependency on replace for ldb torture-drs: Make the samba4.drs.repl_schema.python emit failures, not errors on add failure torture-drs
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via e4d85fa dsdb-descriptor: Avoid segfault copying an SD without an owner or group via 87db233 dsdb-descriptor: Spell out security descriptor flags as constants via a166a34 torture-drs: Fix comment in replica_sync test via 59e8321 torture-drs: Make the samba4.drs.repl_schema.python emit failures, not errors on add failure via c89df54 ldb: Add missing dependency on replace for ldb via 613f49a build: Remove includes.h dep in winbind client libraries via f2c7f2c build: Remove unused includes.h reference to avoid build-time talloc dep from 46ab33d build:autoconf: fix output of syslog-facility check http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit e4d85fa73d3ce1f397fdd416af6b8c903a473824 Author: Andrew Bartlett abart...@samba.org Date: Mon Feb 11 14:46:43 2013 +1100 dsdb-descriptor: Avoid segfault copying an SD without an owner or group This is an unusual SD, but it does exist is some very old upgraded databases. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Fri Feb 22 11:06:17 CET 2013 on sn-devel-104 commit 87db2331fc855473d8b3cad1c4149807823aa3c4 Author: Andrew Bartlett abart...@samba.org Date: Mon Feb 11 14:45:57 2013 +1100 dsdb-descriptor: Spell out security descriptor flags as constants Reviewed-by: Stefan Metzmacher me...@samba.org commit a166a3484a68dc5328ee1d3e65221c30c081204b Author: Andrew Bartlett abart...@samba.org Date: Wed Jan 16 08:52:41 2013 +1100 torture-drs: Fix comment in replica_sync test Reviewed-by: Stefan Metzmacher me...@samba.org commit 59e8321324fe6b652724e71ba1df9da80f30cc67 Author: Andrew Bartlett abart...@samba.org Date: Thu Feb 7 19:35:15 2013 +1100 torture-drs: Make the samba4.drs.repl_schema.python emit failures, not errors on add failure This then allows this particular failure to be masked with a knownfail. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org commit c89df544239dbaedbb7f231f4556aff8e4a3f288 Author: Andrew Bartlett abart...@samba.org Date: Fri Feb 15 13:32:06 2013 +1100 ldb: Add missing dependency on replace for ldb This brings in rep_timegm() on Solaris for example. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org commit 613f49ab8bf0bdcc7cd1e2c39bd624586a87cff3 Author: Andrew Bartlett abart...@samba.org Date: Tue Feb 19 11:44:19 2013 +1100 build: Remove includes.h dep in winbind client libraries Our LGPL winbind client libs do not link against our server-side code, and should not use the server-side includes.h. This removes a build-time dep on talloc that was brought in via includes.h as this code also does not use talloc. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org commit f2c7f2c93d54c77753e2a1b0663813e9778172a4 Author: Andrew Bartlett abart...@samba.org Date: Tue Feb 19 11:15:20 2013 +1100 build: Remove unused includes.h reference to avoid build-time talloc dep talloc is not a dependency of this library, but is required by includes.h. By not including includes.h, we avoid needing to add an otherwise false talloc dep. (this comes up if talloc.h is not installed as a system package). Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org --- Summary of changes: lib/ldb/wscript |2 +- lib/util/setid.c|1 - nsswitch/winbind_nss_solaris.c |1 - source4/dsdb/samdb/ldb_modules/acl_util.c |2 +- source4/dsdb/samdb/ldb_modules/descriptor.c | 18 +- source4/torture/drs/python/repl_schema.py |6 +- source4/torture/drs/python/replica_sync.py |2 +- 7 files changed, 21 insertions(+), 11 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/ldb/wscript b/lib/ldb/wscript index 1ae5438..fbed6fd 100755 --- a/lib/ldb/wscript +++ b/lib/ldb/wscript @@ -133,7 +133,7 @@ def build(bld): bld.SAMBA_LIBRARY('ldb', COMMON_SRC + ' ' + LDB_MAP_SRC, - deps='tevent LIBLDB_MAIN', + deps='tevent LIBLDB_MAIN replace', includes='include', public_headers='include/ldb.h include/ldb_errors.h '\ 'include/ldb_module.h include/ldb_handlers.h', diff --git a/lib/util/setid.c b/lib/util/setid.c index ed86155..c5ee644 100644 --- a/lib/util/setid.c +++ b/lib/util/setid.c @@ -20,7 +20,6 @@ #ifndef AUTOCONF_TEST #include replace.h #include
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via cfebce3 s3:smbd: add debugging to close code (regarding disconnect of a durable) via 2954442 s4:torture: fix segfault in test_durable_open_open2_oplock() via 2f8a033 s4:torture:smb2: fix segfault on error condition in the durable-open.delete_on_close2 test via 1d3bd45 s4:torture:smb2: fix segfault on error condition in the durable-open.delete_on_close1 test via 98b0e90 s4:torture:smb2: fix segfault on error condition in the durable-open.reopen4 test via 10fcbc6 s4:torture:smb2: fix segfault on error condition in the durable-open.reopen3 test via cb9b897 s4:torture:smb2: fix segfault on error condition in the durable-open.reopen2a test via 6385f75 s4:torture:smb2: fix segfault on error condition in durable-open.reopen2 test via 6240a7d s4:torture:smb2:durable: make test functions static via 42bf98d s4:torture: add a durable-open-disconnect test (suite) via f0e6a9b s3:smbd: use smbXsrv_open_close() instead of smbXsrv_open_update() from 8adbd1c srv_epmapper.c: Fix typo. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit cfebce3c56474ac914474b57ed94f93418b0564b Author: Michael Adam ob...@samba.org Date: Tue Feb 12 17:44:51 2013 +0100 s3:smbd: add debugging to close code (regarding disconnect of a durable) Signed-off-by: Michael Adam ob...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Mon Feb 18 17:42:45 CET 2013 on sn-devel-104 commit 295444266d33863e3a8b7c8ffa5d193123db6132 Author: Stefan Metzmacher me...@samba.org Date: Wed Feb 13 14:11:57 2013 +0100 s4:torture: fix segfault in test_durable_open_open2_oplock() Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Michael Adam ob...@samba.org commit 2f8a033bf2563d547e42be5603074223078595f9 Author: Michael Adam ob...@samba.org Date: Wed Feb 13 15:05:40 2013 +0100 s4:torture:smb2: fix segfault on error condition in the durable-open.delete_on_close2 test Signed-off-by: Michael Adam ob...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 1d3bd45d6177c8af653dbacac934eb2061acf35e Author: Michael Adam ob...@samba.org Date: Wed Feb 13 15:04:10 2013 +0100 s4:torture:smb2: fix segfault on error condition in the durable-open.delete_on_close1 test Signed-off-by: Michael Adam ob...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 98b0e909b7b65bee694743617476d4d36fe595a3 Author: Michael Adam ob...@samba.org Date: Wed Feb 13 15:03:00 2013 +0100 s4:torture:smb2: fix segfault on error condition in the durable-open.reopen4 test Signed-off-by: Michael Adam ob...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 10fcbc6869dc2803e1c2dd3183c6781f4233550d Author: Michael Adam ob...@samba.org Date: Wed Feb 13 15:01:47 2013 +0100 s4:torture:smb2: fix segfault on error condition in the durable-open.reopen3 test Signed-off-by: Michael Adam ob...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit cb9b8975e5a9c032f7c4227c3eafb1ed6ada5e19 Author: Michael Adam ob...@samba.org Date: Wed Feb 13 15:00:26 2013 +0100 s4:torture:smb2: fix segfault on error condition in the durable-open.reopen2a test Signed-off-by: Michael Adam ob...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 6385f750f19a00a6ba16a0aec9bb91ab1cfcb2be Author: Michael Adam ob...@samba.org Date: Wed Feb 13 14:58:29 2013 +0100 s4:torture:smb2: fix segfault on error condition in durable-open.reopen2 test Signed-off-by: Michael Adam ob...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 6240a7d11e910027b42ac1d31ca13264e90d2266 Author: Michael Adam ob...@samba.org Date: Tue Feb 12 21:51:06 2013 +0100 s4:torture:smb2:durable: make test functions static Signed-off-by: Michael Adam ob...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 42bf98d54c36abd5f532a4510cdd4066fe82143d Author: Michael Adam ob...@samba.org Date: Tue Feb 12 17:45:23 2013 +0100 s4:torture: add a durable-open-disconnect test (suite) this opens a durable, disconnects it and exits Signed-off-by: Michael Adam ob...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit f0e6a9be00e441e50f0087c543e1b7c9012d126f Author: Stefan Metzmacher me...@samba.org Date: Wed Feb 13 08:26:43 2013 -0500 s3:smbd: use smbXsrv_open_close() instead of smbXsrv_open_update() This makes sure we store the correct disconnect_time for disconnected durable handles. Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Michael Adam ob...@samba.org
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 19c68f8 s3:idmap_autorid: fix freeing of non-talloced memory (uninitialized pointer) (bug #9653) from a64a617 Add a herald with version string to smbtorture http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 19c68f80251f443016e505c5cf87f697fb552e8c Author: Michael Adam ob...@samba.org Date: Mon Feb 11 22:52:55 2013 +0100 s3:idmap_autorid: fix freeing of non-talloced memory (uninitialized pointer) (bug #9653) Signed-off-by: Michael Adam ob...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Wed Feb 13 09:51:53 CET 2013 on sn-devel-104 --- Summary of changes: source3/winbindd/idmap_autorid.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/winbindd/idmap_autorid.c b/source3/winbindd/idmap_autorid.c index b7b1689..0747916 100644 --- a/source3/winbindd/idmap_autorid.c +++ b/source3/winbindd/idmap_autorid.c @@ -244,7 +244,7 @@ static NTSTATUS idmap_autorid_id_to_sid(struct autorid_global_config *cfg, struct id_map *map) { uint32_t range; - TDB_DATA data; + TDB_DATA data = tdb_null; char *keystr; struct dom_sid sid; NTSTATUS status; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via beb6c13 winbind: Fix an incompatible pointer type warning via c03d5c5 dbwrap: Prevent transactions on non-persistent dbs via dc2e475 torture: We use transactions for CLEAR_IF_FIRST db from 554ba5e ldb: Add more data test data for one level test cases http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit beb6c13e9a8c317bca240e875d9e3bcd940a02fb Author: Volker Lendecke v...@samba.org Date: Mon Feb 4 15:52:49 2013 +0100 winbind: Fix an incompatible pointer type warning Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Fri Feb 8 15:27:51 CET 2013 on sn-devel-104 commit c03d5c5740f9d1894a971110029e8f567d300d8a Author: Volker Lendecke v...@samba.org Date: Fri Jan 11 15:32:39 2013 +0100 dbwrap: Prevent transactions on non-persistent dbs dbwrap_ctdb does not allow this anyway. This patch will avoid suprises when going non-clustered to clustered. Not everybody is developing against a clustered environment :-) Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit dc2e47508d7075cf6507e0dea03da6999ef9097e Author: Volker Lendecke v...@samba.org Date: Fri Jan 11 17:29:01 2013 +0100 torture: We use transactions for CLEAR_IF_FIRST db This does not work in the ctdb case Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org --- Summary of changes: lib/dbwrap/dbwrap.c |5 + source3/torture/test_idmap_tdb_common.c |2 +- source3/winbindd/wb_getgrsid.c |2 +- 3 files changed, 7 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/dbwrap/dbwrap.c b/lib/dbwrap/dbwrap.c index 15eb239..f0b7a9a 100644 --- a/lib/dbwrap/dbwrap.c +++ b/lib/dbwrap/dbwrap.c @@ -452,6 +452,11 @@ int dbwrap_get_seqnum(struct db_context *db) int dbwrap_transaction_start(struct db_context *db) { + if (!db-persistent) { + DEBUG(1, (transactions not supported on non-persistent + database %s\n, db-name)); + return -1; + } return db-transaction_start(db); } diff --git a/source3/torture/test_idmap_tdb_common.c b/source3/torture/test_idmap_tdb_common.c index d081660..5681eef 100644 --- a/source3/torture/test_idmap_tdb_common.c +++ b/source3/torture/test_idmap_tdb_common.c @@ -89,7 +89,7 @@ static bool open_db(struct idmap_tdb_common_context *ctx) return false; } - ctx-db = db_open(ctx, db_path, 0, TDB_DEFAULT | TDB_CLEAR_IF_FIRST, + ctx-db = db_open(ctx, db_path, 0, TDB_DEFAULT, O_RDWR | O_CREAT, 0600, DBWRAP_LOCK_ORDER_1); diff --git a/source3/winbindd/wb_getgrsid.c b/source3/winbindd/wb_getgrsid.c index fa376da..f3899b0 100644 --- a/source3/winbindd/wb_getgrsid.c +++ b/source3/winbindd/wb_getgrsid.c @@ -143,7 +143,7 @@ static void wb_getgrsid_sid2gid_done(struct tevent_req *subreq) * mapped to ID_TYPE_BOTH: * create a group with the sid/xid as only member */ - char *name; + const char *name; if (xid.type != ID_TYPE_BOTH) { tevent_req_nterror(req, NT_STATUS_NO_SUCH_GROUP); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 009cf6e s3:auth: wbcAuthenticateEx gives unix times (bug #9625) from cf27c2f selftest: skip smb2.ioctl tests on ntvfs http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 009cf6e9ceaef91805a8a7573090d051f8f74a92 Author: Stefan Metzmacher me...@samba.org Date: Thu Jan 31 13:39:42 2013 +0100 s3:auth: wbcAuthenticateEx gives unix times (bug #9625) We also need to convert last_logon, last_logoff and acct_expiry from unix time to nt time. Otherwise a windows member server will reject clients using CAP_DYNAMIC_REAUTH or smb2) with STATUS_NETWORK_SESSION_EXPIRED, if the logoff and kickoff time is expired. Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Michael Adam ob...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Fri Feb 1 18:42:42 CET 2013 on sn-devel-104 --- Summary of changes: source3/auth/server_info.c |6 +++--- 1 files changed, 3 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/auth/server_info.c b/source3/auth/server_info.c index 3f4f708..d2b7d6e 100644 --- a/source3/auth/server_info.c +++ b/source3/auth/server_info.c @@ -568,9 +568,9 @@ struct netr_SamInfo3 *wbcAuthUserInfo_to_netr_SamInfo3(TALLOC_CTX *mem_ctx, info3 = talloc_zero(mem_ctx, struct netr_SamInfo3); if (!info3) return NULL; - info3-base.logon_time = info-logon_time; - info3-base.logoff_time = info-logoff_time; - info3-base.kickoff_time = info-kickoff_time; + unix_to_nt_time(info3-base.logon_time, info-logon_time); + unix_to_nt_time(info3-base.logoff_time, info-logoff_time); + unix_to_nt_time(info3-base.kickoff_time, info-kickoff_time); unix_to_nt_time(info3-base.last_password_change, info-pass_last_set_time); unix_to_nt_time(info3-base.allow_password_change, info-pass_can_change_time); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 394622e s3:winbindd: change getpwsid() to return a passwd struct for a group sid id-mapped with ID_TYPE_BOTH via b7095e9 s3:winbindd: check the correct variable for talloc success in rpc_query_user() via 40e3df7 s3:winbindd:getgrnam: also produce a group struct for a user with ID_TYPE_BOTH via d2360fe s3:winbindd: create group structs for gids that are coming from a user sid id-mapped with ID_TYPE_BOTH via 729e2c3 s3:winbindd: factor add_wbint_Principal_to_dict() out of wb_group_members_done() via 3680cc4 s3:winbindd: fix a cut'n'paste comment typo in wb_fill_pwent via c0f47d4 s3:winbindd: rename winbindd_getgrnam_lookupsid_done to winbindd_getgrnam_lookupname_done from bab61a2 s3:utils/net remove aclmapset command http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 394622ef8c916cf361f8596dba4664dc8d6bfc9e Author: Michael Adam ob...@samba.org Date: Tue Jan 22 18:08:25 2013 +0100 s3:winbindd: change getpwsid() to return a passwd struct for a group sid id-mapped with ID_TYPE_BOTH Signed-off-by: Michael Adam ob...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Tue Jan 29 23:46:19 CET 2013 on sn-devel-104 commit b7095e9818bba8c43065cc1b1f29551203dc098b Author: Michael Adam ob...@samba.org Date: Tue Jan 22 17:39:44 2013 +0100 s3:winbindd: check the correct variable for talloc success in rpc_query_user() Signed-off-by: Michael Adam ob...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 40e3df7c37a15b28f170699ff9b8102416a9107f Author: Michael Adam ob...@samba.org Date: Fri Dec 7 00:55:18 2012 +0100 s3:winbindd:getgrnam: also produce a group struct for a user with ID_TYPE_BOTH Signed-off-by: Michael Adam ob...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit d2360fe56c860fa20051f6373eb2fcc3e4def6b6 Author: Michael Adam ob...@samba.org Date: Thu Dec 6 22:02:32 2012 +0100 s3:winbindd: create group structs for gids that are coming from a user sid id-mapped with ID_TYPE_BOTH This fake group contains exctly one member, namely the user that the sid is actually belonging to. Signed-off-by: Michael Adam ob...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 729e2c36301620ccc61b1d97205fb3f482efbe15 Author: Michael Adam ob...@samba.org Date: Thu Dec 6 18:06:49 2012 +0100 s3:winbindd: factor add_wbint_Principal_to_dict() out of wb_group_members_done() for later reuse Signed-off-by: Michael Adam ob...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 3680cc4a11ef5476457b580f8422d0ab82451173 Author: Michael Adam ob...@samba.org Date: Fri Dec 7 16:13:19 2012 +0100 s3:winbindd: fix a cut'n'paste comment typo in wb_fill_pwent Signed-off-by: Michael Adam ob...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit c0f47d43ecf8b603dc7a05822933c5a9a1d23c7c Author: Michael Adam ob...@samba.org Date: Fri Dec 7 01:12:11 2012 +0100 s3:winbindd: rename winbindd_getgrnam_lookupsid_done to winbindd_getgrnam_lookupname_done That's what it is. Signed-off-by: Michael Adam ob...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org --- Summary of changes: source3/winbindd/wb_fill_pwent.c |2 +- source3/winbindd/wb_getgrsid.c | 49 source3/winbindd/wb_getpwsid.c | 52 - source3/winbindd/wb_group_members.c | 59 -- source3/winbindd/winbindd_getgrnam.c | 21 +--- source3/winbindd/winbindd_proto.h|5 +++ source3/winbindd/winbindd_rpc.c |2 +- 7 files changed, 157 insertions(+), 33 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/winbindd/wb_fill_pwent.c b/source3/winbindd/wb_fill_pwent.c index a6a9013..688afc6 100644 --- a/source3/winbindd/wb_fill_pwent.c +++ b/source3/winbindd/wb_fill_pwent.c @@ -120,7 +120,7 @@ static void wb_fill_pwent_sid2gid_done(struct tevent_req *subreq) * We are filtering further down in sids2xids, but that filtering * depends on the actual type of the sid handed in (as determined * by lookupsids). Here we need to filter for the type of object -* actually requested, in this case uid. +* actually requested, in this case gid. */ if (!(xid.type == ID_TYPE_GID || xid.type == ID_TYPE_BOTH)) { tevent_req_nterror(req, NT_STATUS_NONE_MAPPED); diff --git a/source3/winbindd/wb_getgrsid.c b/source3/winbindd/wb_getgrsid.c index 2097539..fa376da 100644 --- a/source3/winbindd
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via e104e5a Regression test for bug #9571 - Unlink after open causes smbd to panic via 578909a Fix bug #9571 - Unlink after open causes smbd to panic. from 34854ae Fix bug #9588 - ACLs are not inherited to directories for DFS shares. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit e104e5a8192e9d9a2637035bec343de3c35ca21e Author: Jeremy Allison j...@samba.org Date: Thu Jan 24 16:20:14 2013 -0800 Regression test for bug #9571 - Unlink after open causes smbd to panic Replicates the protocol activity that triggers the crash. Signed-off-by: Jeremy Allison j...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Mon Jan 28 15:33:17 CET 2013 on sn-devel-104 commit 578909ae19d7ec9dacb960626bd1985a2915365b Author: Pavel Shilovsky pias...@etersoft.ru Date: Wed Jan 16 15:02:26 2013 +0400 Fix bug #9571 - Unlink after open causes smbd to panic. s3:smbd: fix wrong lock order in posix unlink Signed-off-by: Pavel Shilovsky pias...@etersoft.ru Reviewed-by: Jeremy Allison j...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org --- Summary of changes: source3/smbd/trans2.c |6 +++--- source3/torture/torture.c | 44 2 files changed, 47 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c index 9c77f4d..92d047a 100644 --- a/source3/smbd/trans2.c +++ b/source3/smbd/trans2.c @@ -7663,8 +7663,8 @@ static NTSTATUS smb_posix_unlink(connection_struct *conn, continue; } /* Fail with sharing violation. */ - close_file(req, fsp, NORMAL_CLOSE); TALLOC_FREE(lck); + close_file(req, fsp, NORMAL_CLOSE); return NT_STATUS_SHARING_VIOLATION; } } @@ -7678,12 +7678,12 @@ static NTSTATUS smb_posix_unlink(connection_struct *conn, fsp, smb_fname); + TALLOC_FREE(lck); + if (!NT_STATUS_IS_OK(status)) { close_file(req, fsp, NORMAL_CLOSE); - TALLOC_FREE(lck); return status; } - TALLOC_FREE(lck); return close_file(req, fsp, NORMAL_CLOSE); } diff --git a/source3/torture/torture.c b/source3/torture/torture.c index 799c911..b59ac30 100644 --- a/source3/torture/torture.c +++ b/source3/torture/torture.c @@ -5368,6 +5368,8 @@ static bool run_simple_posix_open_test(int dummy) bool correct = false; NTSTATUS status; size_t nread; + const char *fname_windows = windows_file; + uint16_t fnum2 = (uint16_t)-1; printf(Starting simple POSIX open test\n); @@ -5390,6 +5392,8 @@ static bool run_simple_posix_open_test(int dummy) cli_posix_unlink(cli1, hname); cli_setatr(cli1, sname, 0, 0); cli_posix_unlink(cli1, sname); + cli_setatr(cli1, fname_windows, 0, 0); + cli_posix_unlink(cli1, fname_windows); /* Create a directory. */ status = cli_posix_mkdir(cli1, dname, 0777); @@ -5681,6 +5685,39 @@ static bool run_simple_posix_open_test(int dummy) goto out; } + /* +* Now create a Windows file, and attempt a POSIX unlink. +* This should fail with a sharing violation but due to: +* +* [Bug 9571] Unlink after open causes smbd to panic +* +* ensure we've fixed the lock ordering violation. +*/ + + status = cli_ntcreate(cli1, fname_windows, 0, + FILE_READ_DATA|FILE_WRITE_DATA, 0, + FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, + FILE_CREATE, + 0x0, 0x0, fnum2); + if (!NT_STATUS_IS_OK(status)) { + printf(Windows create of %s failed (%s)\n, fname_windows, + nt_errstr(status)); + goto out; + } + + /* Now try posix_unlink. */ + status = cli_posix_unlink(cli1, fname_windows); + if (!NT_STATUS_EQUAL(status, NT_STATUS_SHARING_VIOLATION)) { + printf(POSIX unlink of %s should fail + with NT_STATUS_SHARING_VIOLATION + got %s instead !\n, + fname_windows, + nt_errstr(status)); + goto out; + } + + cli_close(cli1, fnum2); + printf(Simple POSIX open test passed\n); correct = true; @@ -5691,6 +5728,11
[SCM] Samba Shared Repository - annotated tag ldb-1.1.15 created
The annotated tag, ldb-1.1.15 has been created at b49e3c4ed5525b4a49f55d994c9182af76162d1f (tag) tagging 1d1ea72574cfa22ee6207d0e9787d0271db3b5c2 (commit) replaces ldb-1.1.14 tagged by Stefan Metzmacher on Sun Jan 27 13:17:00 2013 +0100 - Log - ldb: tag release ldb-1.1.15 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQEcBAABAgAGBQJRBRq8AAoJEEeTkWETCEAl6DwH/3D8Ph7zSmkHVaONKKRE8qUG mRB4nu6krk+2poD65Cv5KaR/aOKsLVQ4EJ+gAByX6dvdpXnMonpD7cK2aVTLhq5j 7Q1RBzO74aK1OgiOFb6LXVmD0duBAfSByuvy4r0iQt+egcldYVqe2FoDxX9rWS6V oOy1rN9dbKblVgDBj8ZhTMS3RRcxtnnhiB3h/wjVvTCwEWbTPZ/lnezU/vOupH0c l1b/YG1XbMUm854ZOn7rZK087RLC3MJcLmJHl7WgqSfZ6eK1mk3tPTzdXJ3/VmV5 jT3JUI024RMa9mMCeWU5KHgmJwEbgk80DXpa+p+OZ7rWkKZDscRO57A0Otwqt24= =nrxA -END PGP SIGNATURE- Alexander Bokovoy (2): wafsamba: Make sure md5 is really work before using it or overriding the hash function wafsamba: replace try:except: case with explicit comment about FIPS mode Andreas Schneider (112): BUG 9436: Fix leaking sockets of SMB connections to a DC. s3-reg: Fix copy and paste error in debug message. torture: Fix copy and paste error. torture: Fix copy and paste error in debug message. libnet: Fix copy and paste error in dbsync error message. util: Add a UNIX platform independent samba_getpass(). wbinfo: Use new samba_getpass() function. smbclient: Use new samba_getpass() function. util: Use new samba_getpass() function. torture: Use new samba_getpass() in locktest2. torture: Use new samba_getpass() in smbtorture3. torture: Use new samba_getpass() in masktest. net: Use new samba_getpass() function for 'net ads'. net: Use new samba_getpass() function for 'net rpc'. net: Use samba_getpass() function in net util. ntlm_auth: Use new samba_getpass() function. util: Use new samba_getpass() function for passwd util. smbget: Use new samba_getpass() function. cmdline: Use new samba_getpass() function. ntlm_auth4: Use new samba_getpass() function. replace: Remove deprecated getpass() support. BUG 9459: Install manpages only if we install the target. winbind: Make the code more readable in trustdom_list_done(). s3-registry: Check return code of push_reg_sz(). s3-rpcclient: Check return value of add_string_to_array(). s3-net: Check return value of string_to_sid(). s3-net: Check the return value of strlower_m(). idl: Fix spoolss check for the size of the struct. s3-printing: Don't call talloc_free on an uninitialized pointer. vfs: Make sure we don't call talloc_free on an uninitialized pointer. s3-netapi: Fix zeroing policy handles in NetLocalGroupAdd_r(). torture: Fix torture_rpc_spoolss_printer_teardown_common(). s3-netapi: Initialize group_handle of NetUserSetGroups_r. s3-auth: Make sure we work on valid data_blobs. s4-netapi: Initialize group_handle of NetGroupGetUsers_r(). s3-netapi: Initialize group_handle of NetGroupSetUsers_r(). util: Don't use the pid ret value uninitialized. dfs_server: Don't allocate a subcontext twice. misc: Add a config for clang complete. tdb: Fix possible crash bugs in the python tdb code. tdb: Improve the documentation of tdb_reopen() and tdb_close(). winbind: Use talloc in resolve_alias_to_username(). winbind: Use talloc in resolve_username_to_alias(). s3-lib: Remove unsused variable from sys_get_nfs_quota(). s3-nmbd: Cleanup code to make it more readable. s4-libnet: Don't call talloc_get_type() for the same struct twice. nsswitch: Cleanup code in parse_wbinfo_domain_user(). nsswitch: Remove unused variable in _pam_winbind_change_pwd(). nsswitch: Fix pam_get_{item,data} build warnings. s3-utils: Cleanup code in wait_replies(). s4-client: Make sure we have a valid count if we goto cleanup. s3-utils: Correctly handle getenv() for the later system() call. s4-libcli: Fix comparison of chosen_oid. s3-libsmb: Fix possible comparsion problems. torture: Make sure we use the correct size for cxd. s3-ctdb: Make sure addr.sun_path is null terminated. s4-socket: Make sure unix socket addresses are null terminated. s3-registry: Fix counters_directory() dir creation. s3-printing: Correctly create the printing cache path. s3-lib: Don't close the listener twice if we goto failed. util: Remove unused fde_stdin in samba_runcmd. s4-libnet: Fix setting the group handle and return codes. s4-client: Check return codes in do_connect(). s3-smbd: Check return code of SMB_VFS_{L}STAT. s4-lib: Use directory_create_or_exist() to create messaging dir. s3-winbind: Check if we created the directories correctly. s4-regsitry: Check return value
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via bb3238b s4:service_task: add missing imessaging_cleanup() to task_server_terminate() via 431692d s4:service_task: prevent a segfault if task-msg_ctx is not initialized yet via 7e7cd07 selftest: rename 'promoted_vampire_dc' to 'promoted_dc' from 0f8ef5a selftest: Add test of upgradeprovision using the old alpha13 tree http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit bb3238b46f0ffaf0bc8c0e16bdcc1cf5d2cad197 Author: Stefan Metzmacher me...@samba.org Date: Sun Jan 27 11:09:39 2013 +0100 s4:service_task: add missing imessaging_cleanup() to task_server_terminate() Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Sun Jan 27 15:50:30 CET 2013 on sn-devel-104 commit 431692df422c3cac71ca12b7e89296172dfcf684 Author: Stefan Metzmacher me...@samba.org Date: Sun Jan 27 11:01:07 2013 +0100 s4:service_task: prevent a segfault if task-msg_ctx is not initialized yet Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org commit 7e7cd07c405f8b66f5979047cb1a50e1e7a55edd Author: Stefan Metzmacher me...@samba.org Date: Sun Jan 27 12:15:50 2013 +0100 selftest: rename 'promoted_vampire_dc' to 'promoted_dc' Unix domain socket are limited to 104 characters on Linux. Using something like this fails as it uses more than 104 characters: '/memdisk/autobuild/flakey/b232141/samba/bin/ab/promoted_vampire_dc/private/smbd.tmp/msg/msg.482379.2147483647' Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org --- Summary of changes: selftest/target/Samba4.pm | 18 +- source4/selftest/tests.py |4 ++-- source4/smbd/service_task.c |4 +++- 3 files changed, 14 insertions(+), 12 deletions(-) Changeset truncated at 500 lines: diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm index a08e550..8ad6232 100644 --- a/selftest/target/Samba4.pm +++ b/selftest/target/Samba4.pm @@ -995,7 +995,7 @@ sub provision_rpc_proxy($$$) return $ret; } -sub provision_promoted_vampire_dc($$$) +sub provision_promoted_dc($$$) { my ($self, $prefix, $dcvars) = @_; print PROVISIONING VAMPIRE DC...; @@ -1056,9 +1056,9 @@ sub provision_promoted_vampire_dc($$$) return undef; } - $ret-{PROMOTED_VAMPIRE_DC_SERVER} = $ret-{SERVER}; - $ret-{PROMOTED_VAMPIRE_DC_SERVER_IP} = $ret-{SERVER_IP}; - $ret-{PROMOTED_VAMPIRE_DC_NETBIOSNAME} = $ret-{NETBIOSNAME}; + $ret-{PROMOTED_DC_SERVER} = $ret-{SERVER}; + $ret-{PROMOTED_DC_SERVER_IP} = $ret-{SERVER_IP}; + $ret-{PROMOTED_DC_NETBIOSNAME} = $ret-{NETBIOSNAME}; $ret-{DC_SERVER} = $dcvars-{DC_SERVER}; $ret-{DC_SERVER_IP} = $dcvars-{DC_SERVER_IP}; @@ -1632,11 +1632,11 @@ sub setup_env($$$) $self-setup_dc($path/dc); } return $self-setup_vampire_dc($path/vampire_dc, $self-{vars}-{dc}); - } elsif ($envname eq promoted_vampire_dc) { + } elsif ($envname eq promoted_dc) { if (not defined($self-{vars}-{dc})) { $self-setup_dc($path/dc); } - return $self-setup_promoted_vampire_dc($path/promoted_vampire_dc, $self-{vars}-{dc}); + return $self-setup_promoted_dc($path/promoted_dc, $self-{vars}-{dc}); } elsif ($envname eq subdom_dc) { if (not defined($self-{vars}-{dc})) { $self-setup_dc($path/dc); @@ -1830,18 +1830,18 @@ sub setup_vampire_dc($$$) return $env; } -sub setup_promoted_vampire_dc($$$) +sub setup_promoted_dc($$$) { my ($self, $path, $dc_vars) = @_; - my $env = $self-provision_promoted_vampire_dc($path, $dc_vars); + my $env = $self-provision_promoted_dc($path, $dc_vars); if (defined $env) { $self-check_or_start($env, single); $self-wait_for_start($env); - $self-{vars}-{promoted_vampire_dc} = $env; + $self-{vars}-{promoted_dc} = $env; # force replicated DC to update repsTo/repsFrom # for vampired partitions diff --git a/source4/selftest/tests.py b/source4/selftest/tests.py index 568d122..5321500 100755 --- a/source4/selftest/tests.py +++ b/source4/selftest/tests.py @@ -498,10 +498,10 @@ plantestsuite(samba4.blackbox.provision-backend, none, [PYTHON=%s % python plantestsuite(samba4.blackbox.renamedc.sh, none, [PYTHON=%s % python, os.path.join(bbdir, renamedc.sh), '$PREFIX/provision']) # Demote the vampire DC
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via b9f1c88 s4-process_single: Use pid,task_id as cluster_id in process_single just like process_prefork via a321dd3 pymessaging: Pass around the server_id struct to python callbacks rather than the tuple via a305432 pymessaging: Use correct unsigned types for server ID tuple elememnts via 1d1ea72 ldb: Ensure to decrement the transaction_active whenever we delete a transaction via 1ea6fab ldb: fix a warning by converting from TDB_DATA to struct ldb_val from d79485a Regression test for bug #9587 - archive flag is always set on directories. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit b9f1c8887ed1c8c29259021d4f2b9a549caa4061 Author: Andrew Bartlett abart...@samba.org Date: Fri Jan 25 23:00:12 2013 +1100 s4-process_single: Use pid,task_id as cluster_id in process_single just like process_prefork This avoids two different process single task servers (eg the drepl server) sharing the same server id. The task id starts at 2^31 to avoid collision with the fd based scheme for connections. Fix-bug: https://bugzilla.samba.org/show_bug.cgi?id=9598 Reported-by: Matthieu Patou m...@matws.net Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Sat Jan 26 16:13:05 CET 2013 on sn-devel-104 commit a321dd3aafa0f6ec8b39cd4fc64146dfbf24ce65 Author: Andrew Bartlett abart...@samba.org Date: Sat Jan 26 09:09:23 2013 +1100 pymessaging: Pass around the server_id struct to python callbacks rather than the tuple This is not used currently, but may avoid going to and from the python types when we do not need to. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org commit a3054323d3fa1dadff1675e7f8ec672a991d8e56 Author: Andrew Bartlett abart...@samba.org Date: Sat Jan 26 08:58:46 2013 +1100 pymessaging: Use correct unsigned types for server ID tuple elememnts This is needed if we start using the top bits of these values. Andrew Bartlett Reviewed-by: Matthieu Patou m...@matws.net Reviewed-by: Stefan Metzmacher me...@samba.org commit 1d1ea72574cfa22ee6207d0e9787d0271db3b5c2 Author: Andrew Bartlett abart...@samba.org Date: Sat Jan 26 09:35:21 2013 +1100 ldb: Ensure to decrement the transaction_active whenever we delete a transaction This is in the error path for prepare_commit, which rarely fails, but when it does we need to ensure that when a new transaction is opened, that it really starts a new transaction. We bump the version to recognise critical fix for the AD DC Without this fix, a single invalid inbound replicated link disables all subsequent replication as we operate without a transaction (which is refused by ldb_tdb). Andrew Bartlett Reviewed-by: Matthieu Patou m...@matws.net Reviewed-by: Stefan Metzmacher me...@samba.org commit 1ea6fabcde6cbd57aed06926193ac68f5887e96b Author: Stefan Metzmacher me...@samba.org Date: Thu Jan 24 14:21:51 2013 +0100 ldb: fix a warning by converting from TDB_DATA to struct ldb_val Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org --- Summary of changes: lib/ldb/ABI/{ldb-1.1.14.sigs = ldb-1.1.15.sigs} |0 ...ldb-util-1.1.10.sigs = pyldb-util-1.1.15.sigs} |0 lib/ldb/common/ldb.c |1 + lib/ldb/tools/ldbdump.c|6 - lib/ldb/wscript|2 +- source4/lib/messaging/pymessaging.c| 20 ++ source4/smbd/process_single.c | 21 --- 7 files changed, 35 insertions(+), 15 deletions(-) copy lib/ldb/ABI/{ldb-1.1.14.sigs = ldb-1.1.15.sigs} (100%) copy lib/ldb/ABI/{pyldb-util-1.1.10.sigs = pyldb-util-1.1.15.sigs} (100%) Changeset truncated at 500 lines: diff --git a/lib/ldb/ABI/ldb-1.1.14.sigs b/lib/ldb/ABI/ldb-1.1.15.sigs similarity index 100% copy from lib/ldb/ABI/ldb-1.1.14.sigs copy to lib/ldb/ABI/ldb-1.1.15.sigs diff --git a/lib/ldb/ABI/pyldb-util-1.1.10.sigs b/lib/ldb/ABI/pyldb-util-1.1.15.sigs similarity index 100% copy from lib/ldb/ABI/pyldb-util-1.1.10.sigs copy to lib/ldb/ABI/pyldb-util-1.1.15.sigs diff --git a/lib/ldb/common/ldb.c b/lib/ldb/common/ldb.c index 7a997f7..3dc6d87 100644 --- a/lib/ldb/common/ldb.c +++ b/lib/ldb/common/ldb.c @@ -408,6 +408,7 @@ int ldb_transaction_prepare_commit(struct ldb_context *ldb) status = module-ops-prepare_commit(module); if (status != LDB_SUCCESS) { + ldb-transaction_active--; /* if a module fails the prepare then we need
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 875a172 docs: ldbsearch.1.xml: Correct meta data. via 99e2a63 docs: ldbrename.1.xml: Correct meta data. via 25cc400 docs: ldbmodify.1.xml: Correct meta data. via f585052 docs: ldbedit.1.xml: Correct meta data. via 918057b docs: ldbdel.1.xml: Correct meta data. via 1d4346d docs: ldbadd.1.xml: Correct meta data. via 7d56b94 docs: ldb.3.xml: Correct meta data. via df004b5 gensec: Allow login without a PAC by default (bug #9581) from 497febf Fix bug #9586 - smbd[29175]: disk_free: sys_popen() failed message logged in /var/log/message many times. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 875a1721ae014cbb580d9596344675e890cf9964 Author: Karolin Seeger ksee...@samba.org Date: Thu Jan 24 11:52:37 2013 +0100 docs: ldbsearch.1.xml: Correct meta data. Signed-off-by: Karolin Seeger ksee...@samba.org Karolin Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Thu Jan 24 16:09:37 CET 2013 on sn-devel-104 commit 99e2a63a0c64de4c3c26e66984a6c542052e97ba Author: Karolin Seeger ksee...@samba.org Date: Thu Jan 24 11:52:15 2013 +0100 docs: ldbrename.1.xml: Correct meta data. Signed-off-by: Karolin Seeger ksee...@samba.org Karolin Reviewed-by: Stefan Metzmacher me...@samba.org commit 25cc400c64958e2e2e2e812a0d34064f1957d0c4 Author: Karolin Seeger ksee...@samba.org Date: Thu Jan 24 11:51:49 2013 +0100 docs: ldbmodify.1.xml: Correct meta data. Signed-off-by: Karolin Seeger ksee...@samba.org Karolin Reviewed-by: Stefan Metzmacher me...@samba.org commit f585052d888a3bb4f9c81d9a9512eca7f7867c98 Author: Karolin Seeger ksee...@samba.org Date: Thu Jan 24 11:51:28 2013 +0100 docs: ldbedit.1.xml: Correct meta data. Signed-off-by: Karolin Seeger ksee...@samba.org Karolin Reviewed-by: Stefan Metzmacher me...@samba.org commit 918057bd11e9ed1457cf0119f4c0c1f9c418c566 Author: Karolin Seeger ksee...@samba.org Date: Thu Jan 24 11:50:55 2013 +0100 docs: ldbdel.1.xml: Correct meta data. Signed-off-by: Karolin Seeger ksee...@samba.org Karolin Reviewed-by: Stefan Metzmacher me...@samba.org commit 1d4346d4b7c7afc4f578afb3b8d0e08e36812b39 Author: Karolin Seeger ksee...@samba.org Date: Thu Jan 24 11:50:26 2013 +0100 docs: ldbadd.1.xml: Correct meta data. Signed-off-by: Karolin Seeger ksee...@samba.org Karolin Reviewed-by: Stefan Metzmacher me...@samba.org commit 7d56b9401129c18a948bbd0bb4fea547d4b3a7c4 Author: Karolin Seeger ksee...@samba.org Date: Thu Jan 24 11:50:00 2013 +0100 docs: ldb.3.xml: Correct meta data. Signed-off-by: Karolin Seeger ksee...@samba.org Karolin Reviewed-by: Stefan Metzmacher me...@samba.org commit df004b5014b92b987f907047d2ca9f567e3d0ac1 Author: Andrew Bartlett abart...@samba.org Date: Tue Jan 22 14:45:14 2013 +1100 gensec: Allow login without a PAC by default (bug #9581) The sense of this test was inverted. We only want to take the ACCESS_DENIED error if gensec:require_pac=true. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org --- Summary of changes: auth/gensec/gensec_util.c |2 +- lib/ldb/man/ldb.3.xml |4 ++-- lib/ldb/man/ldbadd.1.xml|6 +++--- lib/ldb/man/ldbdel.1.xml|6 +++--- lib/ldb/man/ldbedit.1.xml |6 +++--- lib/ldb/man/ldbmodify.1.xml |6 +++--- lib/ldb/man/ldbrename.1.xml |6 +++--- lib/ldb/man/ldbsearch.1.xml |6 +++--- 8 files changed, 21 insertions(+), 21 deletions(-) Changeset truncated at 500 lines: diff --git a/auth/gensec/gensec_util.c b/auth/gensec/gensec_util.c index d732213..64952b1 100644 --- a/auth/gensec/gensec_util.c +++ b/auth/gensec/gensec_util.c @@ -42,7 +42,7 @@ NTSTATUS gensec_generate_session_info_pac(TALLOC_CTX *mem_ctx, session_info_flags |= AUTH_SESSION_INFO_DEFAULT_GROUPS; if (!pac_blob) { - if (!gensec_setting_bool(gensec_security-settings, gensec, require_pac, false)) { + if (gensec_setting_bool(gensec_security-settings, gensec, require_pac, false)) { DEBUG(1, (Unable to find PAC in ticket from %s, failing to allow access\n, principal_string)); return NT_STATUS_ACCESS_DENIED; diff --git a/lib/ldb/man/ldb.3.xml b/lib/ldb/man/ldb.3.xml index 37c4e80..b93d532 100644 --- a/lib/ldb/man/ldb.3.xml +++ b/lib/ldb/man/ldb.3.xml @@ -5,9 +5,9 @@ refmeta refentrytitleldb/refentrytitle manvolnum3/manvolnum - refmiscinfo class=sourceSamba
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 1915b17 dsdb-acl: remove unused variable via f9868b7 smbd: Fix a NULL vs false return error from 3d1abb9 waf: Fix pdb_ldap which cannot be built as a module. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 1915b17d09485b9491caf3410b0c5186f6c2c616 Author: Stefan Metzmacher me...@samba.org Date: Thu Jan 17 17:19:03 2013 +0100 dsdb-acl: remove unused variable Signed-off-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Wed Jan 23 20:04:09 CET 2013 on sn-devel-104 commit f9868b7ffd44a76155dbac1dc4b12f2d89af5380 Author: Volker Lendecke v...@samba.org Date: Tue Jan 22 13:14:41 2013 +0100 smbd: Fix a NULL vs false return error Reviewed-by: Stefan Metzmacher me...@samba.org --- Summary of changes: source3/smbd/server.c |2 +- source4/dsdb/samdb/ldb_modules/acl_util.c |1 - 2 files changed, 1 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/server.c b/source3/smbd/server.c index 00472db..57fe7b6 100644 --- a/source3/smbd/server.c +++ b/source3/smbd/server.c @@ -282,7 +282,7 @@ static bool smbd_parent_notify_init(TALLOC_CTX *mem_ctx, state = talloc(mem_ctx, struct smbd_parent_notify_state); if (state == NULL) { - return NULL; + return false; } state-msg = msg; state-ev = ev; diff --git a/source4/dsdb/samdb/ldb_modules/acl_util.c b/source4/dsdb/samdb/ldb_modules/acl_util.c index 795a39c..9be376d 100644 --- a/source4/dsdb/samdb/ldb_modules/acl_util.c +++ b/source4/dsdb/samdb/ldb_modules/acl_util.c @@ -203,7 +203,6 @@ int acl_check_extended_right(TALLOC_CTX *mem_ctx, NTSTATUS status; uint32_t access_granted; struct object_tree *root = NULL; - struct object_tree *new_node = NULL; TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx); GUID_from_string(ext_right, right); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via abc0030 dsdb: Fix warning about unused var via c52408f dsdb: Explain ordering constraints on the ACL module as well. via 8f078cd dsdb: Ensure authenticated users is processed for group memberships via d36c030 libcli/security: remove useless if (root-num_of_children 0) statements via 853ecd4 libcli/security: add init_mask to existing children in insert_in_object_tree via 5b4e3de libcli/security: handle node initialisation in one spot in insert_in_object_tree() via a359aef libcli/security: avoid usage of dom_sid_parse_talloc() in sec_access_check_ds() via a3fffde libcli/security: simplify get_ace_object_type() via b0f731f libcli/security: fix formating in access_check.c via 10a90ce libcli/security: fix whitespaces in access_check.c via 0ebb937 dsdb-acl: the SEC_ADS_DELETE_CHILD checks need objectclass-schemaIDGUID via 8f8d97f dsdb-acl: make use of acl_check_access_on_objectclass() for the object in acl_delete() via 8aa8555 dsdb-acl: make use of acl_check_access_on_{attribute,objectclass} in acl_rename() via 8d31e42 dsdb-acl: make use of acl_check_access_on_attribute() in acl_modify() via 8e47e64 dsdb-acl: remove unused acl_check_access_on_class() via 34f1a52 dsdb-acl: use acl_check_access_on_objectclass() instead of acl_check_access_on_class() via 6a4063f dsdb-acl: Use the structural objectClass in acl_check_access_on_attribute() via e8cc59e dsdb-acl: Pass the structural objectClass into acl_check_access_on_attribute via 93944ea dsdb-acl: Remove unused get_oc_guid_from_message() via a1b421e dsdb-acl: ask for the objectClass attribute if it's not in the scope of the clients search via 6ab4150 dsdb-acl: use dsdb_get_structural_oc_from_msg() rather than class_schemaid_guid_by_lDAPDisplayName via 7304339 dsdb-acl: Use dsdb_get_structural_oc_from_msg() in acl_rename() via 6d7e53a dsdb-acl: Use dsdb_get_structural_oc_from_msg() in acl_modify() via 097fae2 dsdb-acl: add acl_check_access_on_objectclass() helper via 74bfec0 dsdb-acl: Add helper function dsdb_get_structural_oc_from_msg() via 2685a4e dsdb-acl: attr is not optional to acl_check_access_on_attribute() via d695b8a dsdb-acl: dsdb_attribute_by_lDAPDisplayName() is needed for all attributes via ddfb8fe dsdb-acl: introduce a 'el' helper variable to acl_modify() via 71b856a dsdb-acl: introduce a 'msg' helper variable to acl_modify() via c2853f5 dsdb-schema: make sure we build [system]PossibleInferiors completely via 1f673bf dsdb-schema: make sure use clean caches in schema_inferiors.c via c4b9ee2 dsdb-schema: make schema_subclasses_order_recurse() static from 58fadf2 BUG 9474: Downgrade v4 printer driver requests to v3. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit abc0030f780b775bf7656b572ee754ebd8079b5d Author: Matthieu Patou m...@matws.net Date: Sat Dec 29 16:43:44 2012 -0800 dsdb: Fix warning about unused var Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Mon Jan 21 17:51:16 CET 2013 on sn-devel-104 commit c52408f461fb3515cde17eebb458b566fd0a049c Author: Andrew Bartlett abart...@samba.org Date: Wed Jan 2 09:27:51 2013 +1100 dsdb: Explain ordering constraints on the ACL module as well. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org commit 8f078cdf247476fad511bb6d7e00c8654fd26e85 Author: Andrew Bartlett abart...@samba.org Date: Sat Dec 29 15:13:54 2012 +1100 dsdb: Ensure authenticated users is processed for group memberships This change moves the addition of Authenticated Users from the very end of the token processing to the start. The reason is that we need to see if Authenticated Users is a member of other builtin groups, just as we would for any other SID. This picks up the Pre-Windows 2000 Compatible Access group, which is in turn often used in ACLs on LDAP objects. Without this change, the eventual token does not contain S-1-5-32-554 and users other than Administrator are unable to read uidNumber (in particular). Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org commit d36c03056fb85dfedbafd3a59497e35db63ade17 Author: Andrew Bartlett abart...@samba.org Date: Thu Jan 3 21:30:12 2013 +1100 libcli/security: remove useless if (root-num_of_children 0) statements The for loop does this implicitly when comparing for (i = 0; i root-num_of_children; i++) Andrew Bartlett
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 853360b Fix warnings with mismatched sizes in arguments to DEBUG statements. via 80a6fe8 Remove some unused variables. via dda4814 heimdal_build: Try again to sort out the strerror_r mess via d90b709 printing: Free talloc_stackframe() on all exit paths from 63a7d38 nsswitch: Fix two bitfield constants being the same. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 853360b8e558f39218fc150ead367255f3a010b2 Author: Jeremy Allison j...@samba.org Date: Fri Jan 18 13:57:16 2013 -0800 Fix warnings with mismatched sizes in arguments to DEBUG statements. This can cause compile errors on 32-bit systems. Signed-off-by: Jeremy Allison j...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Sat Jan 19 12:14:13 CET 2013 on sn-devel-104 commit 80a6fe84271d15cc22caa3d08768ab5559ef9ed7 Author: Jeremy Allison j...@samba.org Date: Wed Jan 16 16:12:29 2013 -0800 Remove some unused variables. Signed-off-by: Jeremy Allison j...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit dda48146a2781fe685eeb9dc5194d142ee5ca0ef Author: Andrew Bartlett abart...@samba.org Date: Mon Nov 19 23:25:45 2012 +1100 heimdal_build: Try again to sort out the strerror_r mess Reviewed-by: Stefan Metzmacher me...@samba.org commit d90b709ebb22fb40cbd46b28d9ec1be7b0ce Author: Andrew Bartlett abart...@samba.org Date: Fri Jan 18 13:39:13 2013 +1100 printing: Free talloc_stackframe() on all exit paths Reviewed-by: Stefan Metzmacher me...@samba.org --- Summary of changes: lib/replace/replace.c |2 +- lib/replace/replace.h |3 ++- lib/tdb/tools/tdbdump.c |3 --- source3/printing/nt_printing.c |2 ++ source3/smbd/smb2_ioctl_network_fs.c| 16 source4/heimdal_build/roken.h |8 source4/heimdal_build/wscript_build |1 + source4/heimdal_build/wscript_configure |7 +++ 8 files changed, 21 insertions(+), 21 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/replace/replace.c b/lib/replace/replace.c index 8f1315a..37edb31 100644 --- a/lib/replace/replace.c +++ b/lib/replace/replace.c @@ -785,7 +785,7 @@ char *rep_get_current_dir_name(void) } #endif -#if !defined(HAVE_STRERROR_R) !defined(strerror_r) +#ifndef HAVE_STRERROR_R int rep_strerror_r(int errnum, char *buf, size_t buflen) { char *s = strerror(errnum); diff --git a/lib/replace/replace.h b/lib/replace/replace.h index 62172a9..9774da4 100644 --- a/lib/replace/replace.h +++ b/lib/replace/replace.h @@ -570,7 +570,8 @@ ssize_t rep_pwrite(int __fd, const void *__buf, size_t __nbytes, off_t __offset) char *rep_get_current_dir_name(void); #endif -#if !defined(HAVE_STRERROR_R) !defined(strerror_r) +#ifndef HAVE_STRERROR_R +#define strerror_r rep_strerror_r int rep_strerror_r(int errnum, char *buf, size_t buflen); #endif diff --git a/lib/tdb/tools/tdbdump.c b/lib/tdb/tools/tdbdump.c index bcd395f..47a84d2 100644 --- a/lib/tdb/tools/tdbdump.c +++ b/lib/tdb/tools/tdbdump.c @@ -55,9 +55,6 @@ static void log_stderr(struct tdb_context *tdb, enum tdb_debug_level level, const char *fmt, ...) { va_list ap; - char *ptr = NULL; - int debuglevel = 0; - int ret; const char *name = tdb_name(tdb); const char *prefix = ; diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c index 7bf2c55..1539b89 100644 --- a/source3/printing/nt_printing.c +++ b/source3/printing/nt_printing.c @@ -85,11 +85,13 @@ static bool print_driver_directories_init(void) if (service 0) { /* We don't have a print$ share */ DEBUG(5, (No print$ share has been configured.\n)); + talloc_free(mem_ctx); return true; } driver_path = lp_pathname(mem_ctx, service); if (driver_path == NULL) { + talloc_free(mem_ctx); return false; } diff --git a/source3/smbd/smb2_ioctl_network_fs.c b/source3/smbd/smb2_ioctl_network_fs.c index a8d64e3..1e1e3e5 100644 --- a/source3/smbd/smb2_ioctl_network_fs.c +++ b/source3/smbd/smb2_ioctl_network_fs.c @@ -160,7 +160,7 @@ static struct tevent_req *fsctl_srv_copychunk_send(TALLOC_CTX *mem_ctx, if (in_max_output sizeof(struct srv_copychunk_rsp)) { DEBUG(3, (max output %d not large enough to hold copy chunk response %lu\n, (int)in_max_output, - sizeof(struct srv_copychunk_rsp))); + (unsigned long)sizeof(struct
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via e1d50a6 dsdb-operational: Avoid doing the ldb_attr_cmp if bypass flag is not set via a0faf16 torture: Fix fsmo test to use correct -H samba-tool syntax via 18d7e5d dsdb: Do not hold the transaction over the IRPC call to perform a role transfer via b40d134 selftest: also skip raw.search as it also spins via 316fd08 drs-fsmo: Improve handling of FSMO role takeover. from 6a10255 dsdb-acl: calculate sDRightsEffective based on nTSecurityDescriptor http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit e1d50a6b24012b42f9987b439a4b94cd8db7 Author: Matthieu Patou m...@matws.net Date: Thu Dec 27 00:01:49 2012 -0800 dsdb-operational: Avoid doing the ldb_attr_cmp if bypass flag is not set Most of the time this flag is not set and so we can avoid the strcasecmp in ldb_attr_cmp() Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Thu Jan 17 17:10:32 CET 2013 on sn-devel-104 commit a0faf16ae9aefc4963b2583970509b1b23e27ce1 Author: Andrew Bartlett abart...@samba.org Date: Sat Nov 17 13:49:00 2012 +1100 torture: Fix fsmo test to use correct -H samba-tool syntax However, the test still does not pass. Reviewed-by: Stefan Metzmacher me...@samba.org commit 18d7e5df0eb8fb593e66daf25d142584f44b5b87 Author: Andrew Bartlett abart...@samba.org Date: Tue Jan 15 09:56:46 2013 +1100 dsdb: Do not hold the transaction over the IRPC call to perform a role transfer This avoids one samba process locking out another from the DB. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org commit b40d134bc1866dd7e5b5e7dfc5bf01f6d55b1c1f Author: Andrew Bartlett abart...@samba.org Date: Sun Jan 13 13:03:13 2013 +1100 selftest: also skip raw.search as it also spins Reviewed-by: Stefan Metzmacher me...@samba.org commit 316fd085ad2b587b82d817358240f84ae054a543 Author: Andrew Bartlett abart...@samba.org Date: Tue Nov 20 14:59:17 2012 +1100 drs-fsmo: Improve handling of FSMO role takeover. This needs to be more async, and give less scary errors. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org --- Summary of changes: selftest/knownfail |1 - selftest/skip|1 + source4/dsdb/repl/drepl_fsmo.c |5 +-- source4/dsdb/samdb/ldb_modules/operational.c |2 +- source4/dsdb/samdb/ldb_modules/rootdse.c | 38 - source4/rpc_server/drsuapi/getncchanges.c|3 +- source4/torture/drs/python/fsmo.py |4 +- 7 files changed, 44 insertions(+), 10 deletions(-) Changeset truncated at 500 lines: diff --git a/selftest/knownfail b/selftest/knownfail index bdeb92b..39485af 100644 --- a/selftest/knownfail +++ b/selftest/knownfail @@ -135,7 +135,6 @@ ^samba4.smb2.acls.*.owner ^samba4.ldap.dirsync.python.dc..__main__.ExtendedDirsyncTests.test_dirsync_deleted_items #^samba4.ldap.dirsync.python.dc..__main__.ExtendedDirsyncTests.* -^samba4.drs.fsmo.python ^samba4.libsmbclient.opendir.opendir # This requires netbios browsing ^samba4.rpc.drsuapi.*.drsuapi.DsGetDomainControllerInfo\(.*\)$ ^samba4.rpc.drsuapi.*.drsuapi.DsCrackNames\(.*\)$ diff --git a/selftest/skip b/selftest/skip index 43866bb..5c49306 100644 --- a/selftest/skip +++ b/selftest/skip @@ -107,3 +107,4 @@ bench # don't run benchmarks in our selftest ^samba4.rpc.unixinfo # This contains a server-side getpwuid call which hangs the server when nss_winbindd is in use ^samba.tests.dcerpc.unix # This contains a server-side getpwuid call which hangs the server when nss_winbindd is in use base.dir2 # This test spins on modern ext4, so we have to skip it +raw.search # This test spins on modern ext4, so we have to skip it diff --git a/source4/dsdb/repl/drepl_fsmo.c b/source4/dsdb/repl/drepl_fsmo.c index 0e83982..37fb684 100644 --- a/source4/dsdb/repl/drepl_fsmo.c +++ b/source4/dsdb/repl/drepl_fsmo.c @@ -108,9 +108,8 @@ NTSTATUS drepl_take_FSMO_role(struct irpc_message *msg, return NT_STATUS_OK; } - if (is_us || - (extended_op == DRSUAPI_EXOP_NONE)) { - DEBUG(0,(FSMO role check failed for DN %s and owner %s \n, + if (is_us) { + DEBUG(5,(FSMO role check failed, we already own DN %s with %s\n, ldb_dn_get_linearized(fsmo_role_dn), ldb_dn_get_linearized(role_owner_dn))); r-out.result = WERR_OK; diff --git a/source4/dsdb/samdb/ldb_modules/operational.c b/source4/dsdb/samdb/ldb_modules/operational.c index c642ad8..b1122b3 100644 --- a/source4/dsdb
[SCM] Samba Shared Repository - branch v4-0-test updated
The branch, v4-0-test has been updated via 9712362 Merge tag 'samba-4.0.1' into v4-0-test via d2e9007 VERSION: Bump version number up to 4.0.1. (CVE-2013-0172) via 0c02492 WHATSNEW: Update release notes for Samba 4.0.1. (CVE-2013-0172) via 8bafe08 dsdb: Add test for modification of two attributes, one permitted, one denied (bug #9554 - CVE-2013-0172) via d776fd8 dsdb-acl: Run sec_access_check_ds on each attribute proposed to modify (bug #9554 - CVE-2013-0172) via a758054 libcli/security: Ensure to fill in remaining_access for the initial case (bug #9554 - CVE-2013-0172) from 15652ef selftest: show that Samba honours write list and valid users http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test - Log - commit 9712362a563bfdfe71334071c35c7429e9462811 Merge: 15652efca8644c03a48e258473fe5b58168df333 d2e900757d8e8e2a82cb14e79814ed3cbc8d93c1 Author: Stefan Metzmacher me...@samba.org Date: Tue Jan 15 09:39:07 2013 +0100 Merge tag 'samba-4.0.1' into v4-0-test samba: tag release samba-4.0.1 --- Summary of changes: WHATSNEW.txt | 56 ++ libcli/security/object_tree.c|1 + source4/dsdb/samdb/ldb_modules/acl.c | 55 - source4/dsdb/tests/python/acl.py | 15 + 4 files changed, 99 insertions(+), 28 deletions(-) Changeset truncated at 500 lines: diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 520075f..5c69ca9 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,4 +1,60 @@ = + Release Notes for Samba 4.0.1 + January 15, 2013 + = + + +This is a security release in order to address CVE-2013-0172. + +o CVE-2013-0172: + Samba 4.0.0 as an AD DC may provide authenticated users with write access + to LDAP directory objects. + + In AD, Access Control Entries can be assigned based on the objectClass + of the object. If a user or a group the user is a member of has any + access based on the objectClass, then that user has write access to that + object. + + Additionally, if a user has write access to any attribute on the object, + they may have access to write to all attributes. + + An important mitigation is that anonymous access is totally disabled by + default. The second important mitigation is that normal users are + typically only given the problematic per-objectClass right via the + pre-windows 2000 compatible access group, and Samba 4.0.0 incorrectly + does not make authenticated users part of this group. + +Changes since 4.0.0: + + +o Andrew Bartlett abart...@samba.org +* Bug 9554 - CVE-2013-0172 - Samba 4.0 as an AD DC may provide authenticated + users with write access to LDAP directory objects. + +### +Reporting bugs Development Discussion +### + +Please discuss this release on the samba-technical mailing list or by +joining the #samba-technical IRC channel on irc.freenode.net. + +If you do report problems then please try to send high quality +feedback. If you don't provide vital information to help us track down +the problem then you will probably be ignored. All bug reports should +be filed under the Samba 4.0 product in the project's Bugzilla +database (https://bugzilla.samba.org/). + + +== +== Our Code, Our Bugs, Our Responsibility. +== The Samba Team +== + + +Release notes for older releases follow: + + + = Release Notes for Samba 4.0.0 December 11, 2012 = diff --git a/libcli/security/object_tree.c b/libcli/security/object_tree.c index 6809c8e..dcbd310 100644 --- a/libcli/security/object_tree.c +++ b/libcli/security/object_tree.c @@ -53,6 +53,7 @@ bool insert_in_object_tree(TALLOC_CTX *mem_ctx, return false; } (*root)-guid = *guid; + (*root)-remaining_access = init_access; *new_node = *root; return true; } diff --git a/source4/dsdb/samdb/ldb_modules/acl.c b/source4/dsdb/samdb/ldb_modules/acl.c index 9bf2612..3f09760 100644 --- a/source4/dsdb/samdb/ldb_modules/acl.c +++ b/source4/dsdb/samdb/ldb_modules/acl.c @@ -977,8 +977,6 @@ static int acl_modify(struct ldb_module *module, struct ldb_request *req) unsigned int i; const struct GUID *guid; uint32_t access_granted
[SCM] Samba Shared Repository - branch v4-0-test updated
The branch, v4-0-test has been updated via 6907b3f VERSION: Bump version number up to 4.0.2. from 9712362 Merge tag 'samba-4.0.1' into v4-0-test http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test - Log - commit 6907b3f0c3dddf1b53fbbe2631395d2db48f3e9a Author: Stefan Metzmacher me...@samba.org Date: Tue Jan 15 11:33:01 2013 +0100 VERSION: Bump version number up to 4.0.2. Signed-off-by: Stefan Metzmacher me...@samba.org --- Summary of changes: VERSION |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/VERSION b/VERSION index dc13d87..e3efbd7 100644 --- a/VERSION +++ b/VERSION @@ -25,7 +25,7 @@ SAMBA_VERSION_MAJOR=4 SAMBA_VERSION_MINOR=0 -SAMBA_VERSION_RELEASE=1 +SAMBA_VERSION_RELEASE=2 # If a official release has a serious bug # -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 8f8ca58 tevent: Fix bug 9550 - sigprocmask does not work on FreeBSD to stop further signals in a signal handler via 0258138 lib/replace: Include sys/ucontext.h if available. via fe6e323 lib/replace: Add ucontext configure autoconf checks. via 7fe400d lib/replace: Add ucontext configure waf checks. via e54252c lib/replace: Add missing check for sys/wait.h from a82db92 smbd: Fix bug 9544, part 2 http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 8f8ca589d2aa7f9deaae6a05cb5ab73da95372bf Author: Jeremy Allison j...@samba.org Date: Mon Jan 14 15:22:11 2013 -0800 tevent: Fix bug 9550 - sigprocmask does not work on FreeBSD to stop further signals in a signal handler Mask off signals the correct way from the signal handler. Signed-off-by: Jeremy Allison j...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Tue Jan 15 12:13:43 CET 2013 on sn-devel-104 commit 0258138e207c8f3e8bb05a47599aa04b4e9567cf Author: Jeremy Allison j...@samba.org Date: Mon Jan 14 15:21:52 2013 -0800 lib/replace: Include sys/ucontext.h if available. Signed-off-by: Jeremy Allison j...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit fe6e323addb967b392bfd406c499a6f67fcdc152 Author: Jeremy Allison j...@samba.org Date: Mon Jan 14 15:21:35 2013 -0800 lib/replace: Add ucontext configure autoconf checks. Signed-off-by: Jeremy Allison j...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 7fe400de4c189c8bdf0cc8afdebde2f21680fac2 Author: Jeremy Allison j...@samba.org Date: Mon Jan 14 15:21:12 2013 -0800 lib/replace: Add ucontext configure waf checks. Signed-off-by: Jeremy Allison j...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit e54252ceec213644a8d812e6374476639f764643 Author: Jeremy Allison j...@samba.org Date: Mon Jan 14 15:06:12 2013 -0800 lib/replace: Add missing check for sys/wait.h Signed-off-by: Jeremy Allison j...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org --- Summary of changes: lib/replace/libreplace.m4 | 15 ++- lib/replace/system/wait.h |4 lib/replace/wscript| 11 ++- lib/tevent/tevent_signal.c | 29 + 4 files changed, 57 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/replace/libreplace.m4 b/lib/replace/libreplace.m4 index 5a41844..f4ae715 100644 --- a/lib/replace/libreplace.m4 +++ b/lib/replace/libreplace.m4 @@ -68,7 +68,7 @@ AC_FUNC_MEMCMP AC_CHECK_FUNCS([pipe strftime srandom random srand rand usleep setbuffer lstat getpgrp utime utimes]) AC_CHECK_HEADERS(stdbool.h stdint.h sys/select.h) -AC_CHECK_HEADERS(setjmp.h utime.h) +AC_CHECK_HEADERS(setjmp.h utime.h sys/wait.h) LIBREPLACE_PROVIDE_HEADER([stdint.h]) LIBREPLACE_PROVIDE_HEADER([stdbool.h]) @@ -126,6 +126,7 @@ AC_CHECK_HEADERS(unix.h) AC_CHECK_HEADERS(malloc.h) AC_CHECK_HEADERS(syscall.h) AC_CHECK_HEADERS(sys/syscall.h) +AC_CHECK_HEADERS(sys/ucontext.h) AC_CHECK_FUNCS(syscall setuid seteuid setreuid setresuid setgid setegid setregid setresgid setgroups) AC_CHECK_FUNCS(chroot bzero strerror strerror_r memalign posix_memalign getpagesize) @@ -415,6 +416,18 @@ if test x$libreplace_cv_struct_timespec = xyes; then AC_DEFINE(HAVE_STRUCT_TIMESPEC,1,[Whether we have struct timespec]) fi +AC_CACHE_CHECK([for ucontext_t type],libreplace_cv_ucontext_t, [ +AC_TRY_COMPILE([ +#include signal.h +#if HAVE_SYS_UCONTEXT_H +#include sys/ucontext.h +# endif +],[ucontext_t uc; sigaddset(uc.uc_sigmask, SIGUSR1);], + libreplace_cv_ucontext_t=yes,libreplace_cv_ucontext_t=no)]) +if test x$libreplace_cv_ucontext_t = xyes; then + AC_DEFINE(HAVE_UCONTEXT_T,1,[Whether we have ucontext_t]) +fi + AC_CHECK_FUNCS([printf memset memcpy],,[AC_MSG_ERROR([Required function not found])]) echo LIBREPLACE_BROKEN_CHECKS: END diff --git a/lib/replace/system/wait.h b/lib/replace/system/wait.h index f0c3bdc..146c61a 100644 --- a/lib/replace/system/wait.h +++ b/lib/replace/system/wait.h @@ -40,6 +40,10 @@ #include setjmp.h #endif +#ifdef HAVE_SYS_UCONTEXT_H +#include sys/ucontext.h +#endif + #if !defined(HAVE_SIG_ATOMIC_T_TYPE) typedef int sig_atomic_t; #endif diff --git a/lib/replace/wscript b/lib/replace/wscript index 674b99d..dff5847 100644 --- a/lib/replace/wscript +++ b/lib/replace/wscript @@ -79,7 +79,7 @@ struct foo bar = { .y = 'X', .x = 1 }; conf.CHECK_HEADERS('sys/id.h sys/ioctl.h sys/ipc.h sys/mman.h sys/mode.h sys/ndir.h sys/priv.h') conf.CHECK_HEADERS('sys/resource.h sys/security.h sys/shm.h sys/statfs.h sys/statvfs.h sys
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 065c0ec dsdb: Add test for modification of two attributes, one permitted, one denied (bug #9554 - CVE-2013-0172) via b7b91c8 dsdb-acl: Run sec_access_check_ds on each attribute proposed to modify (bug #9554 - CVE-2013-0172) via b26668c libcli/security: Ensure to fill in remaining_access for the initial case (bug #9554 - CVE-2013-0172) from 8f8ca58 tevent: Fix bug 9550 - sigprocmask does not work on FreeBSD to stop further signals in a signal handler http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 065c0ec16259f8d57baec5dfe4e6eb9bdea0002a Author: Andrew Bartlett abart...@samba.org Date: Thu Jan 10 09:30:38 2013 +1100 dsdb: Add test for modification of two attributes, one permitted, one denied (bug #9554 - CVE-2013-0172) Reviewed-by: Stefan Metzmacher me...@samba.org (cherry picked from commit 8bafe0871526cd5d5e7fdbe123ab661379f64cb1) Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Tue Jan 15 14:03:47 CET 2013 on sn-devel-104 commit b7b91c85945fab87e55cd8fd65a5b4c50a61d03b Author: Andrew Bartlett abart...@samba.org Date: Wed Jan 9 16:59:18 2013 +1100 dsdb-acl: Run sec_access_check_ds on each attribute proposed to modify (bug #9554 - CVE-2013-0172) This seems inefficient, but is needed for correctness. The alternative might be to have the sec_access_check_ds code confirm that *all* of the nodes in the object tree have been cleared to node-remaining_bits == 0. Otherwise, I fear that write access to one attribute will become write access to all attributes. Andrew Bartlett Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org (cherry picked from commit d776fd807e0c9a62f428ce666ff812655f98bc47) commit b26668c606057fb30b20efd912284c3e79d547ff Author: Andrew Bartlett abart...@samba.org Date: Thu Jan 3 20:39:23 2013 +1100 libcli/security: Ensure to fill in remaining_access for the initial case (bug #9554 - CVE-2013-0172) It is critically important that we initialise this element as otherwise all access is permitted. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org (cherry picked from commit a75805490d96a85786287f5d0522dd7671d6816e) --- Summary of changes: libcli/security/object_tree.c|1 + source4/dsdb/samdb/ldb_modules/acl.c | 55 - source4/dsdb/tests/python/acl.py | 15 + 3 files changed, 43 insertions(+), 28 deletions(-) Changeset truncated at 500 lines: diff --git a/libcli/security/object_tree.c b/libcli/security/object_tree.c index 6809c8e..dcbd310 100644 --- a/libcli/security/object_tree.c +++ b/libcli/security/object_tree.c @@ -53,6 +53,7 @@ bool insert_in_object_tree(TALLOC_CTX *mem_ctx, return false; } (*root)-guid = *guid; + (*root)-remaining_access = init_access; *new_node = *root; return true; } diff --git a/source4/dsdb/samdb/ldb_modules/acl.c b/source4/dsdb/samdb/ldb_modules/acl.c index 2de16b7..9056a41 100644 --- a/source4/dsdb/samdb/ldb_modules/acl.c +++ b/source4/dsdb/samdb/ldb_modules/acl.c @@ -977,8 +977,6 @@ static int acl_modify(struct ldb_module *module, struct ldb_request *req) unsigned int i; const struct GUID *guid; uint32_t access_granted; - struct object_tree *root = NULL; - struct object_tree *new_node = NULL; NTSTATUS status; struct ldb_result *acl_res; struct security_descriptor *sd; @@ -1044,12 +1042,6 @@ static int acl_modify(struct ldb_module *module, struct ldb_request *req) acl_modify: Error retrieving object class GUID.); } sid = samdb_result_dom_sid(req, acl_res-msgs[0], objectSid); - if (!insert_in_object_tree(tmp_ctx, guid, SEC_ADS_WRITE_PROP, - root, new_node)) { - talloc_free(tmp_ctx); - return ldb_error(ldb, LDB_ERR_OPERATIONS_ERROR, -acl_modify: Error adding new node in object tree.); - } for (i=0; i req-op.mod.message-num_elements; i++){ const struct dsdb_attribute *attr; attr = dsdb_attribute_by_lDAPDisplayName(schema, @@ -1130,6 +1122,8 @@ static int acl_modify(struct ldb_module *module, struct ldb_request *req) goto fail; } } else { + struct object_tree *root = NULL; + struct object_tree *new_node = NULL; /* This basic attribute existence check
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 95c891c dsdb: Make linked_attributes module GUID based for renames via a8c745a selftest: skip base.dir2 tests as they just spin on modern ext4 via bdc172a s4-resolve: Fix parsing of IPv6/ in dns_lookup (bug #9555) from 8ae1c46 winbind: Fix some missing NULL checks http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 95c891cf44143e12b2f90047f3fefe6d23c598fd Author: Andrew Bartlett abart...@samba.org Date: Fri Jan 11 16:42:41 2013 +1100 dsdb: Make linked_attributes module GUID based for renames This ensures that when we have the backlink out of sync with the forward link (perhaps due to another operation that has put the backlink handling in an end-of-transaction TODO list in repl_meta_data) that we do not error out, we just cope as well as we can. The GUID is the unique identifier, not the DN. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Sat Jan 12 12:52:28 CET 2013 on sn-devel-104 commit a8c745a28c3278e9fbee6f802dc340fe660f27ca Author: Andrew Bartlett abart...@samba.org Date: Fri Jan 11 08:26:07 2013 +1100 selftest: skip base.dir2 tests as they just spin on modern ext4 Reviewed-by: Stefan Metzmacher me...@samba.org commit bdc172aca541046fd03b2b0cd69e054fe03d3a89 Author: Arvid Requate requ...@univention.de Date: Fri Jan 11 14:17:06 2013 +0100 s4-resolve: Fix parsing of IPv6/ in dns_lookup (bug #9555) Reviewed-by: Stefan Metzmacher me...@samba.org --- Summary of changes: selftest/skip |1 + source4/dsdb/samdb/ldb_modules/linked_attributes.c | 77 source4/libcli/resolve/dns_ex.c|1 + 3 files changed, 66 insertions(+), 13 deletions(-) Changeset truncated at 500 lines: diff --git a/selftest/skip b/selftest/skip index 2ee5d8e..4101aa2 100644 --- a/selftest/skip +++ b/selftest/skip @@ -107,3 +107,4 @@ bench # don't run benchmarks in our selftest ^samba4.drs.delete_object.python # flakey test ^samba4.rpc.unixinfo # This contains a server-side getpwuid call which hangs the server when nss_winbindd is in use ^samba.tests.dcerpc.unix # This contains a server-side getpwuid call which hangs the server when nss_winbindd is in use +base.dir2 # This test spins on modern ext4, so we have to skip it diff --git a/source4/dsdb/samdb/ldb_modules/linked_attributes.c b/source4/dsdb/samdb/ldb_modules/linked_attributes.c index 5ebf4ef..6e08209 100644 --- a/source4/dsdb/samdb/ldb_modules/linked_attributes.c +++ b/source4/dsdb/samdb/ldb_modules/linked_attributes.c @@ -141,7 +141,9 @@ static struct la_context *linked_attributes_init(struct ldb_module *module, /* turn a DN into a GUID */ -static int la_guid_from_dn(struct la_context *ac, struct ldb_dn *dn, struct GUID *guid) +static int la_guid_from_dn(struct ldb_module *module, + struct ldb_request *parent, + struct ldb_dn *dn, struct GUID *guid) { NTSTATUS status; int ret; @@ -153,10 +155,10 @@ static int la_guid_from_dn(struct la_context *ac, struct ldb_dn *dn, struct GUID if (!NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) { DEBUG(4,(__location__ : Unable to parse GUID for dn %s\n, ldb_dn_get_linearized(dn))); - return ldb_operr(ldb_module_get_ctx(ac-module)); + return ldb_operr(ldb_module_get_ctx(module)); } - ret = dsdb_module_guid_by_dn(ac-module, dn, guid, ac-req); + ret = dsdb_module_guid_by_dn(module, dn, guid, parent); if (ret != LDB_SUCCESS) { DEBUG(4,(__location__ : Failed to find GUID for dn %s\n, ldb_dn_get_linearized(dn))); @@ -193,7 +195,7 @@ static int la_store_op(struct la_context *ac, os-op = op; - ret = la_guid_from_dn(ac, op_dn, os-guid); + ret = la_guid_from_dn(ac-module, ac-req, op_dn, os-guid); talloc_free(op_dn); if (ret == LDB_ERR_NO_SUCH_OBJECT ac-req-operation == LDB_DELETE) { /* we are deleting an object, and we've found it has a @@ -658,6 +660,7 @@ static int linked_attributes_modify(struct ldb_module *module, struct ldb_reques } static int linked_attributes_fix_links(struct ldb_module *module, + struct GUID self_guid, struct ldb_dn *old_dn, struct ldb_dn *new_dn, struct ldb_message_element *el, struct dsdb_schema *schema, const struct dsdb_attribute *schema_attr, @@ -684,6 +687,7
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 8ae1c46 winbind: Fix some missing NULL checks via 54e01f6 winbind: Fix error check in unpack_tdc_domains via aea49ed dbwrap: Use INCOMPATIBLE_HASH for dbwrap_watchers.tdb from edbc26b scripting/samba_upgradedns: Only look for IPv4/IPv6 addresses if we actually them http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 8ae1c4636ebfbdb8d77a04dbad6edb52dfb671fc Author: Volker Lendecke v...@samba.org Date: Fri Jan 11 14:51:42 2013 +0100 winbind: Fix some missing NULL checks Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Fri Jan 11 18:55:41 CET 2013 on sn-devel-104 commit 54e01f68e7a6869a203bfdbdcc6c0294835b841f Author: Volker Lendecke v...@samba.org Date: Fri Jan 11 14:02:52 2013 +0100 winbind: Fix error check in unpack_tdc_domains Reviewed-by: Stefan Metzmacher me...@samba.org commit aea49ed37afe49d12fbb6303f6ea5e7f984b2fda Author: Volker Lendecke v...@samba.org Date: Fri Jan 11 17:04:39 2013 +0100 dbwrap: Use INCOMPATIBLE_HASH for dbwrap_watchers.tdb Reviewed-by: Stefan Metzmacher me...@samba.org --- Summary of changes: source3/lib/dbwrap/dbwrap_watch.c |7 ++-- source3/winbindd/winbindd_cache.c | 60 + 2 files changed, 38 insertions(+), 29 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/lib/dbwrap/dbwrap_watch.c b/source3/lib/dbwrap/dbwrap_watch.c index d7392a3..d8f1b74 100644 --- a/source3/lib/dbwrap/dbwrap_watch.c +++ b/source3/lib/dbwrap/dbwrap_watch.c @@ -31,9 +31,10 @@ static struct db_context *dbwrap_record_watchers_db(void) static struct db_context *watchers_db; if (watchers_db == NULL) { - watchers_db = db_open(NULL, lock_path(dbwrap_watchers.tdb), - 0, TDB_CLEAR_IF_FIRST, O_RDWR|O_CREAT, - 0600, DBWRAP_LOCK_ORDER_3); + watchers_db = db_open( + NULL, lock_path(dbwrap_watchers.tdb), 0, + TDB_CLEAR_IF_FIRST | TDB_INCOMPATIBLE_HASH, + O_RDWR|O_CREAT, 0600, DBWRAP_LOCK_ORDER_3); } return watchers_db; } diff --git a/source3/winbindd/winbindd_cache.c b/source3/winbindd/winbindd_cache.c index 76970d6..252cf4a 100644 --- a/source3/winbindd/winbindd_cache.c +++ b/source3/winbindd/winbindd_cache.c @@ -4455,7 +4455,9 @@ static size_t unpack_tdc_domains( unsigned char *buf, int buflen, } for ( i=0; inum_domains; i++ ) { - len += tdb_unpack( buf+len, buflen-len, fffddd, + int this_len; + + this_len = tdb_unpack( buf+len, buflen-len, fffddd, domain_name, dns_name, sid_string, @@ -4463,11 +4465,12 @@ static size_t unpack_tdc_domains( unsigned char *buf, int buflen, attribs, type ); - if ( len == -1 ) { + if ( this_len == -1 ) { DEBUG(5,(unpack_tdc_domains: Failed to unpack domain array\n)); TALLOC_FREE( list ); return 0; } + len += this_len; DEBUG(11,(unpack_tdc_domains: Unpacking domain %s (%s) SID %s, flags = 0x%x, attribs = 0x%x, type = 0x%x\n, @@ -4602,6 +4605,33 @@ bool wcache_tdc_add_domain( struct winbindd_domain *domain ) return ret; } +static struct winbindd_tdc_domain *wcache_tdc_dup_domain( + TALLOC_CTX *mem_ctx, const struct winbindd_tdc_domain *src) +{ + struct winbindd_tdc_domain *dst; + + dst = talloc(mem_ctx, struct winbindd_tdc_domain); + if (dst == NULL) { + goto fail; + } + dst-domain_name = talloc_strdup(dst, src-domain_name); + if (dst-domain_name == NULL) { + goto fail; + } + dst-dns_name = talloc_strdup(dst, src-dns_name); + if (dst-dns_name == NULL) { + goto fail; + } + sid_copy(dst-sid, src-sid); + dst-trust_flags = src-trust_flags; + dst-trust_type = src-trust_type; + dst-trust_attribs = src-trust_attribs; + return dst; +fail: + TALLOC_FREE(dst); + return NULL; +} + /* / @@ -4629,17 +4659,7 @@ struct winbindd_tdc_domain * wcache_tdc_fetch_domain( TALLOC_CTX *ctx, const cha DEBUG(10,(wcache_tdc_fetch_domain
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 213e726 build: Set LD_LIBRARY_PATH in install_with_python.sh via 5a1deec build: Make install_with_python.sh more portable via 8e84c33 build: In install_with_python.sh force using the python from the install we just made via 7acacdf build: Make install_with_python.sh executable via 489ad49 swat: move russian swat files alongside ja and tr via b9fbce2 passdb: Add discard_const_p() to pdb_samba_dsdb via 26bae89 vfs: Fix compilation of solaris ACL module via 9dfd0a0 build: Remove bashism from SAMBAMANPAGES rule from 313da9d smb.conf(5): update list of available protocols (bug #9552) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 213e7260a83d4349132e8c159798b476cec3f814 Author: Andrew Bartlett abart...@samba.org Date: Thu Jan 10 12:00:03 2013 +1100 build: Set LD_LIBRARY_PATH in install_with_python.sh This ensures that the python install finishes correctly. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Thu Jan 10 14:00:13 CET 2013 on sn-devel-104 commit 5a1deec38a7ff7287b31a47ae61769c66e10de17 Author: Andrew Bartlett abart...@samba.org Date: Thu Jan 10 09:00:37 2013 +1100 build: Make install_with_python.sh more portable Reviewed-by: Stefan Metzmacher me...@samba.org commit 8e84c33a6094288ec2c8964588c679a71742e855 Author: Andrew Bartlett abart...@samba.org Date: Thu Jan 10 08:51:34 2013 +1100 build: In install_with_python.sh force using the python from the install we just made Reviewed-by: Stefan Metzmacher me...@samba.org commit 7acacdfc05d3162b2879b6ac80d0809b5af96f1e Author: Andrew Bartlett abart...@samba.org Date: Thu Jan 10 08:50:53 2013 +1100 build: Make install_with_python.sh executable Reviewed-by: Stefan Metzmacher me...@samba.org commit 489ad498ab14340eb99f35a8814418db9db788a5 Author: Andrew Bartlett abart...@samba.org Date: Thu Dec 20 18:36:40 2012 +1100 swat: move russian swat files alongside ja and tr Reviewed-by: Stefan Metzmacher me...@samba.org commit b9fbce20613952ead92dde3981a57f6d825c0584 Author: Andrew Bartlett abart...@samba.org Date: Thu Dec 13 10:33:04 2012 +1100 passdb: Add discard_const_p() to pdb_samba_dsdb Reviewed-by: Stefan Metzmacher me...@samba.org commit 26bae894f2ae898c51535dda14060ecf4786c6ec Author: Andrew Bartlett abart...@samba.org Date: Sat Jan 5 14:53:13 2013 +1100 vfs: Fix compilation of solaris ACL module Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org commit 9dfd0a0dc980b521905399e0b409cb81fbbe6b37 Author: Andrew Bartlett abart...@samba.org Date: Wed Jan 9 09:39:59 2013 +1100 build: Remove bashism from SAMBAMANPAGES rule In sh, you must assign the variable, then export it. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org --- Summary of changes: buildtools/wafsamba/wafsamba.py|3 ++- install_with_python.sh |7 ++- source3/modules/vfs_solarisacl.c |2 +- source3/passdb/pdb_samba_dsdb.c|4 ++-- .../lang}/ru/help/welcome-no-samba-doc.html|0 {source3/po = swat/lang}/ru/help/welcome.html |0 {source3/po = swat/lang}/ru/images/globals.gif| Bin 2041 - 2041 bytes {source3/po = swat/lang}/ru/images/home.gif | Bin 2190 - 2190 bytes {source3/po = swat/lang}/ru/images/passwd.gif | Bin 1936 - 1936 bytes {source3/po = swat/lang}/ru/images/printers.gif | Bin 2139 - 2139 bytes {source3/po = swat/lang}/ru/images/shares.gif | Bin 2081 - 2081 bytes {source3/po = swat/lang}/ru/images/status.gif | Bin 2305 - 2305 bytes {source3/po = swat/lang}/ru/images/viewconfig.gif | Bin 2096 - 2096 bytes {source3/po = swat/lang}/ru/images/wizard.gif | Bin 2605 - 2605 bytes {source3/po = swat/lang}/ru/include/header.html |0 15 files changed, 11 insertions(+), 5 deletions(-) mode change 100644 = 100755 install_with_python.sh rename {source3/po = swat/lang}/ru/help/welcome-no-samba-doc.html (100%) rename {source3/po = swat/lang}/ru/help/welcome.html (100%) rename {source3/po = swat/lang}/ru/images/globals.gif (100%) rename {source3/po = swat/lang}/ru/images/home.gif (100%) rename {source3/po = swat/lang}/ru/images/passwd.gif (100%) rename {source3/po = swat/lang}/ru/images/printers.gif (100%) rename {source3/po = swat/lang}/ru/images/shares.gif (100%) rename {source3/po = swat/lang}/ru/images/status.gif (100%) rename {source3/po = swat/lang}/ru/images/viewconfig.gif (100%) rename {source3/po = swat/lang}/ru/images/wizard.gif (100
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 051a1a9 samba-tool classicupgrade: Do not print the admin password during upgrade via 5e0fcb0 s4-idmap: Remove requirement that posixAccount or posixGroup be set for rfc2307 via c9d2ca5 selftest: Add test for rfc2307 mapping handling via 5812eb3 dsdb-acl: give error string if we can not obtain the schema via 99d872e s4-dbcheck: Allow forcing an override of an old @MODULES record from 213e726 build: Set LD_LIBRARY_PATH in install_with_python.sh http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 051a1a9c6417c2cbffa7d091ae477a6c7922d363 Author: Andrew Bartlett abart...@samba.org Date: Sat Dec 22 09:28:05 2012 +1100 samba-tool classicupgrade: Do not print the admin password during upgrade This changes the code to only set and show a new password if no admin user is found during the upgrade. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Thu Jan 10 16:55:23 CET 2013 on sn-devel-104 commit 5e0fcb04a48d96669ed4376bfa17f679e3582236 Author: Andrew Bartlett abart...@samba.org Date: Wed Dec 26 20:48:12 2012 +1100 s4-idmap: Remove requirement that posixAccount or posixGroup be set for rfc2307 This change matches the source3/idmap/idmap_ad.c code, and allows this feature to work with only the setting of the UID/GID in Active Directory Users and Computers. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org commit c9d2ca585e198b1006bbf7f1a3c988c1188b66cb Author: Andrew Bartlett abart...@samba.org Date: Fri Dec 28 12:36:06 2012 +1100 selftest: Add test for rfc2307 mapping handling Reviewed-by: Stefan Metzmacher me...@samba.org commit 5812eb3c1deac51891f01338b4771b1e397dc24d Author: Andrew Bartlett abart...@samba.org Date: Thu Jan 3 21:31:22 2013 +1100 dsdb-acl: give error string if we can not obtain the schema Reviewed-by: Stefan Metzmacher me...@samba.org commit 99d872ee9261a299add4718c38234dfe9f7658fc Author: Andrew Bartlett abart...@samba.org Date: Thu Aug 23 15:18:13 2012 +1000 s4-dbcheck: Allow forcing an override of an old @MODULES record Reviewed-by: Stefan Metzmacher me...@samba.org --- Summary of changes: nsswitch/tests/test_rfc2307_mapping.sh | 181 ++ selftest/selftest.pl |5 +- selftest/target/Samba4.pm|8 +- source4/dsdb/samdb/ldb_modules/acl.c |5 +- source4/scripting/python/samba/dbchecker.py |9 + source4/scripting/python/samba/netcmd/dbcheck.py | 24 +++- source4/scripting/python/samba/upgrade.py| 11 ++- source4/selftest/tests.py|1 + source4/winbind/idmap.c |9 +- testprogs/blackbox/dbcheck.sh|5 + 10 files changed, 243 insertions(+), 15 deletions(-) create mode 100755 nsswitch/tests/test_rfc2307_mapping.sh Changeset truncated at 500 lines: diff --git a/nsswitch/tests/test_rfc2307_mapping.sh b/nsswitch/tests/test_rfc2307_mapping.sh new file mode 100755 index 000..f1e3ea9 --- /dev/null +++ b/nsswitch/tests/test_rfc2307_mapping.sh @@ -0,0 +1,181 @@ +#!/bin/sh +# Blackbox test for wbinfo and rfc2307 mappings +if [ $# -lt 4 ]; then +cat EOF +Usage: test_rfc2307_mapping.sh DOMAIN USERNAME PASSWORD SERVER UID_RFC2307TEST GID_RFC2307TEST +EOF +exit 1; +fi + +DOMAIN=$1 +USERNAME=$2 +PASSWORD=$3 +SERVER=$4 +UID_RFC2307TEST=$5 +GID_RFC2307TEST=$6 +shift 6 + +failed=0 +samba4bindir=$BINDIR +wbinfo=$VALGRIND $samba4bindir/wbinfo +samba_tool=$VALGRIND $samba4bindir/samba-tool +ldbmodify=$samba4bindir/ldbmodify + +. `dirname $0`/../../testprogs/blackbox/subunit.sh + +testfail() { + name=$1 + shift + cmdline=$* + echo test: $name + $cmdline + status=$? +if [ x$status = x0 ]; then +echo failure: $name +else +echo success: $name +fi +return $status +} + +knownfail() { +name=$1 +shift +cmdline=$* +echo test: $name +$cmdline +status=$? +if [ x$status = x0 ]; then +echo failure: $name [unexpected success] + status=1 +else +echo knownfail: $name + status=0 +fi +return $status +} + + +# Create new testing account +testit user add $samba_tool user create --given-name=rfc2307 --surname=Tester --initial=UT rfc2307_test_user testp@ssw0Rd $@ + +#test creation of six different groups +testit group add $samba_tool group add $CONFIG --group-scope='Domain
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via edbc26b scripting/samba_upgradedns: Only look for IPv4/IPv6 addresses if we actually them from 051a1a9 samba-tool classicupgrade: Do not print the admin password during upgrade http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit edbc26bca84ee77b5a9571ba8dc9416c0db25906 Author: Andrew Bartlett abart...@samba.org Date: Fri Dec 28 10:05:40 2012 +1100 scripting/samba_upgradedns: Only look for IPv4/IPv6 addresses if we actually them This allows the script to be used to create/remove the samba-specific dns-SERVER account when we do not need to create the in-directory partition. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Thu Jan 10 20:56:50 CET 2013 on sn-devel-104 --- Summary of changes: source4/scripting/bin/samba_upgradedns | 43 --- 1 files changed, 22 insertions(+), 21 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/scripting/bin/samba_upgradedns b/source4/scripting/bin/samba_upgradedns index ba597cf..f389ef7 100755 --- a/source4/scripting/bin/samba_upgradedns +++ b/source4/scripting/bin/samba_upgradedns @@ -278,27 +278,6 @@ if __name__ == '__main__': logger.error(Cannot create AD based DNS for OS level 2003) sys.exit(1) -logger.info(Looking up IPv4 addresses) -hostip = interface_ips_v4(lp) -try: -hostip.remove('127.0.0.1') -except ValueError: -pass -if not hostip: -logger.error(No IPv4 addresses found) -sys.exit(1) -else: -hostip = hostip[0] -logger.debug(IPv4 addresses: %s % hostip) - -logger.info(Looking up IPv6 addresses) -hostip6 = interface_ips_v6(lp, linklocal=False) -if not hostip6: -hostip6 = None -else: -hostip6 = hostip6[0] -logger.debug(IPv6 addresses: %s % hostip6) - domaindn = names.domaindn forestdn = names.rootdn @@ -351,6 +330,28 @@ if __name__ == '__main__': ncname = msg[0]['nCName'][0] except Exception, e: logger.info(Creating DNS partitions) + +logger.info(Looking up IPv4 addresses) +hostip = interface_ips_v4(lp) +try: +hostip.remove('127.0.0.1') +except ValueError: +pass +if not hostip: +logger.error(No IPv4 addresses found) +sys.exit(1) +else: +hostip = hostip[0] +logger.debug(IPv4 addresses: %s % hostip) + +logger.info(Looking up IPv6 addresses) +hostip6 = interface_ips_v6(lp, linklocal=False) +if not hostip6: +hostip6 = None +else: +hostip6 = hostip6[0] +logger.debug(IPv6 addresses: %s % hostip6) + create_dns_partitions(ldbs.sam, domainsid, names, domaindn, forestdn, dnsadmins_sid) -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via e2e2d72 selftest/flapping: more samba4.rpc.samr.large-dc.two subtests are flakey via 6f31848 Happy New Year 2013 from bcacd8f subunit: Update to latest upstream version. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit e2e2d72b0f373793458c0fda3d2ce28e2f3aea29 Author: Stefan Metzmacher me...@samba.org Date: Tue Jan 1 15:43:57 2013 +0100 selftest/flapping: more samba4.rpc.samr.large-dc.two subtests are flakey Signed-off-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Tue Jan 1 18:47:42 CET 2013 on sn-devel-104 commit 6f318483709fd1fecd1a1ee1f892eb1c7ca17b94 Author: Stefan Metzmacher me...@samba.org Date: Tue Jan 1 15:43:36 2013 +0100 Happy New Year 2013 Signed-off-by: Stefan Metzmacher me...@samba.org --- Summary of changes: selftest/flapping |2 +- source3/include/smb.h |2 +- source4/smbd/server.c |2 +- 3 files changed, 3 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/selftest/flapping b/selftest/flapping index bf7325c..170bf7b 100644 --- a/selftest/flapping +++ b/selftest/flapping @@ -25,4 +25,4 @@ ^samba3.raw.samba3checkfsp.samba3checkfsp\(plugin_s4_dc\) # Seems to flap - succeeds on sn-devel, fails on Fedora 16 ^samba3.raw.samba3closeerr.samba3closeerr\(plugin_s4_dc\) # Seems to flap - succeeds on sn-devel, fails on Fedora 16 ^samba4.nss.test.*using.*winbind # fails sometimes on sn-devel -^samba4.rpc.samr.large-dc.two.samr.many_accounts\(vampire_dc\) # often fails on sn-devel-104 +^samba4.rpc.samr.large-dc.two.samr.many.*\(vampire_dc\) # often fails on sn-devel-104, rid allocation? diff --git a/source3/include/smb.h b/source3/include/smb.h index 2aa2ab3..a163e9e 100644 --- a/source3/include/smb.h +++ b/source3/include/smb.h @@ -30,7 +30,7 @@ #include libds/common/roles.h /* logged when starting the various Samba daemons */ -#define COPYRIGHT_STARTUP_MESSAGE Copyright Andrew Tridgell and the Samba Team 1992-2012 +#define COPYRIGHT_STARTUP_MESSAGE Copyright Andrew Tridgell and the Samba Team 1992-2013 #define BUFFER_SIZE (128*1024) diff --git a/source4/smbd/server.c b/source4/smbd/server.c index b3d8ae5..193d504 100644 --- a/source4/smbd/server.c +++ b/source4/smbd/server.c @@ -367,7 +367,7 @@ static int binary_smbd_main(const char *binary_name, int argc, const char *argv[ umask(0); DEBUG(0,(%s version %s started.\n, binary_name, SAMBA_VERSION_STRING)); - DEBUGADD(0,(Copyright Andrew Tridgell and the Samba Team 1992-2012\n)); + DEBUGADD(0,(Copyright Andrew Tridgell and the Samba Team 1992-2013\n)); if (sizeof(uint16_t) 2 || sizeof(uint32_t) 4 || sizeof(uint64_t) 8) { DEBUG(0,(ERROR: Samba is not configured correctly for the word size on your machine\n)); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via f77bfed s4:drsuapi: try to behave more like windows for usn order (bug #9508) via 16aef75 s4:drsuapi: make use of LDB_TYPESAFE_QSORT() and pass getnc_state via 88833b0 s4:drsuapi: make sure we report the meta data from the cycle start (bug #9508) via 1f89d64 s4:drsuapi: check the source_dsa_invocation_id (bug #9508) via 91f7f2c s4:drsuapi: make sure we never return the same highwatermark twice in a replication cycle (bug #9508) via 7e511b5 s4:drsuapi: add drsuapi_DsReplicaHighWaterMark_cmp() via 02de5b1 s4:drsuapi: always use the current uptodateness_vector via 025c6d6 s4:drsuapi: avoid a ldb_dn_copy() and use talloc_move() instead via 30be17b s4:drsuapi: remove unused 'highest_usn' from drsuapi_getncchanges_state via 551bb2c s4:drsuapi: move struct drsuapi_getncchanges_state to the top of getncchanges.c via 2e9b064 s4:dsdb/drepl: update the source_dsa_obj/invocation_id in repsFrom via e7a26d0 s4:dsdb/common: use 01.01.1970 as last_sync_success for our entry in the uptodatevector via 81fa179 s4:dsdb/common: use LDB_SEQ_HIGHEST_SEQ for our entry in the uptodatevector via 5ecbc89 s4:dsdb/repl_meta_data: don't merge highwatermark and uptodatevector (bug #9508) via ad43bb6 s4:dsdb/repl_meta_data: also update the last_sync_success in replUpToDateVector via 634f8cf s4:dsdb/repl_meta_data: store the last results and timestamps in the repsFrom via a37f46a s4:dsdb/repl_meta_data: always treat the highwatermark as opaque (bug #9508) via 257ae54 s4:scripting/python: always treat the highwatermark as opaque (bug #9508) from e2e2d72 selftest/flapping: more samba4.rpc.samr.large-dc.two subtests are flakey http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit f77bfed088b93f3ed0f00d0c172ad495c6c2b09b Author: Stefan Metzmacher me...@samba.org Date: Sat Dec 15 10:18:08 2012 +0100 s4:drsuapi: try to behave more like windows for usn order (bug #9508) We don't behave completely like a Windows server, but it's much more identical than before. The partition head is always the first object followed by the rest sorted by uSNChanged. Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Tue Jan 1 21:09:42 CET 2013 on sn-devel-104 commit 16aef75c4f83c114206aa7637fedc9c2c2486877 Author: Stefan Metzmacher me...@samba.org Date: Tue Dec 18 15:16:28 2012 +0100 s4:drsuapi: make use of LDB_TYPESAFE_QSORT() and pass getnc_state Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org commit 88833b089a90e8f685d15b508f2e4615afb3a16f Author: Stefan Metzmacher me...@samba.org Date: Tue Dec 18 14:59:20 2012 +0100 s4:drsuapi: make sure we report the meta data from the cycle start (bug #9508) We should build the final highwatermark and uptodatevector of a replication cycle at the start of the cycle. Before we search for the currently missing objects. Otherwise we risk that some objects get lost. Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org commit 1f89d641d09ef983f6a5055bb75099dc0ce57aa8 Author: Stefan Metzmacher me...@samba.org Date: Tue Dec 18 13:40:33 2012 +0100 s4:drsuapi: check the source_dsa_invocation_id (bug #9508) The given highwatermark is only valid relative to the specified source_dsa_invocation_id. Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org commit 91f7f2c04fd00e281b0755a331ca632a4905e3b5 Author: Stefan Metzmacher me...@samba.org Date: Mon Dec 17 11:30:26 2012 +0100 s4:drsuapi: make sure we never return the same highwatermark twice in a replication cycle (bug #9508) If the highwatermark given by the client is not the one we expect, we need to start a new replication cycle. Otherwise the destination dsa skips objects and linked attribute values. Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org commit 7e511b58318cef1b325a8191685ee156a7fc0cb7 Author: Stefan Metzmacher me...@samba.org Date: Mon Dec 17 11:13:43 2012 +0100 s4:drsuapi: add drsuapi_DsReplicaHighWaterMark_cmp() Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org commit 02de5b140cfe6ea31e0686e5f0ff726a22153020 Author: Stefan Metzmacher me...@samba.org Date: Mon Dec 17 16:34:25 2012 +0100 s4:drsuapi: always use the current uptodateness_vector Signed-off-by: Stefan Metzmacher me...@samba.org
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 3e28c29 selftest/flapping: mark samba4.rpc.samr.large-dc.two as knownfail from f2a6afb selftest.pl: Fix typo 'snprintf' - 'sprintf'. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 3e28c29e6bd09bf0067ca6948aa3c538c055d4c5 Author: Stefan Metzmacher me...@samba.org Date: Thu Dec 27 15:35:58 2012 +0100 selftest/flapping: mark samba4.rpc.samr.large-dc.two as knownfail This is really flakey lately: https://git.samba.org/autobuild.flakey/2012-12-27-1533/samba.stdout ... https://git.samba.org/autobuild.flakey/2012-12-10-2338/samba.stdout ... https://git.samba.org/autobuild.flakey/2012-12-09-0135/samba.stdout ... https://git.samba.org/autobuild.flakey/2012-12-06-0333/samba.stdout ... https://git.samba.org/autobuild.flakey/2012-12-05-0731/samba.stdout ... https://git.samba.org/autobuild.flakey/2012-12-03-0334/samba.stdout ... https://git.samba.org/autobuild.flakey/2012-12-02-1532/samba.stdout Signed-off-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Thu Dec 27 17:36:07 CET 2012 on sn-devel-104 --- Summary of changes: selftest/flapping |1 + 1 files changed, 1 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/selftest/flapping b/selftest/flapping index afeae65..bf7325c 100644 --- a/selftest/flapping +++ b/selftest/flapping @@ -25,3 +25,4 @@ ^samba3.raw.samba3checkfsp.samba3checkfsp\(plugin_s4_dc\) # Seems to flap - succeeds on sn-devel, fails on Fedora 16 ^samba3.raw.samba3closeerr.samba3closeerr\(plugin_s4_dc\) # Seems to flap - succeeds on sn-devel, fails on Fedora 16 ^samba4.nss.test.*using.*winbind # fails sometimes on sn-devel +^samba4.rpc.samr.large-dc.two.samr.many_accounts\(vampire_dc\) # often fails on sn-devel-104 -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via a444bb9 tdb: Add a comment explaining the check via 3109b54 tdb: Make tdb_new_database() follow a more conventional style via d972e6f tdb: Fix a typo via c04de8f tdb: Fix a typo via 24755d7 tdb: Use tdb_lock_covered_by_allrecord_lock in tdb_unlock via f8dafe5 tdb: Factor out tdb_lock_covered_by_allrecord_lock from tdb_lock_list via 26b8545 tdb: Simplify logic in tdb_lock_list slightly via 0f4e7a1 tdb: Slightly simplify tdb_lock_list via 116ec13 tdb: Fix blank line endings via 7237fdd tdb: Fix a comment via d2b852d tdb: Fix a typo via 2c3fd8a tdb: Fix a missing CONVERT from 2148d86 Fix bug #9196 - defer_open is triggered multiple times on the same request. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit a444bb95a270ca5b331041c11a7e785c1e0559b7 Author: Volker Lendecke v...@samba.org Date: Fri Dec 14 16:07:11 2012 +0100 tdb: Add a comment explaining the check I had to ask git blame to find why we have to do it here... Reviewed-by: Rusty Russell ru...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Fri Dec 21 13:54:39 CET 2012 on sn-devel-104 commit 3109b541c9b2f0063e1ccb0cdaec0a8e388b29b4 Author: Volker Lendecke v...@samba.org Date: Fri Dec 14 15:53:08 2012 +0100 tdb: Make tdb_new_database() follow a more conventional style We usually goto fail on every error and then in normal flow set the return variable to success. This patch removes a comment which from my point of view is now obsolete. It violates the {} rule from README.Coding here in favor of the style used in this function. Reviewed-by: Rusty Russell ru...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit d972e6fa74b6499403d4c3d3c6a84cbda7eded39 Author: Volker Lendecke v...@samba.org Date: Fri Dec 14 14:50:08 2012 +0100 tdb: Fix a typo Reviewed-by: Rusty Russell ru...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit c04de8f3a4deba0062f8cdbcbe74d3735a80b735 Author: Volker Lendecke v...@samba.org Date: Fri Dec 14 14:48:31 2012 +0100 tdb: Fix a typo Reviewed-by: Rusty Russell ru...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 24755d75b0ee7170195bc26cf28bab4ffdb6f752 Author: Volker Lendecke v...@samba.org Date: Fri Dec 14 09:24:06 2012 +0100 tdb: Use tdb_lock_covered_by_allrecord_lock in tdb_unlock Reviewed-by: Rusty Russell ru...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit f8dafe5685008671f4f983a4defc90b4a05cf992 Author: Volker Lendecke v...@samba.org Date: Fri Dec 14 09:21:42 2012 +0100 tdb: Factor out tdb_lock_covered_by_allrecord_lock from tdb_lock_list Reviewed-by: Rusty Russell ru...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 26b8545df44df7e60ba0ba7336ffbdda8a14e423 Author: Volker Lendecke v...@samba.org Date: Thu Dec 13 22:14:34 2012 +0100 tdb: Simplify logic in tdb_lock_list slightly Reviewed-by: Rusty Russell ru...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 0f4e7a1401998746a6818b9469ab369d70418ac1 Author: Volker Lendecke v...@samba.org Date: Thu Dec 13 21:58:00 2012 +0100 tdb: Slightly simplify tdb_lock_list Avoid an else {} branch when we can do an early return Reviewed-by: Rusty Russell ru...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 116ec13bb0718eb1de1ac1f4410d5c33f1db616f Author: Volker Lendecke v...@samba.org Date: Thu Dec 13 13:31:59 2012 +0100 tdb: Fix blank line endings Reviewed-by: Rusty Russell ru...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 7237fdd4ddc0b9c848b5936431b4f8731ce56dba Author: Volker Lendecke v...@samba.org Date: Fri Dec 14 08:01:12 2012 +0100 tdb: Fix a comment Reviewed-by: Rusty Russell ru...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit d2b852d79bd83754d8952a0e3dece00e513549f2 Author: Volker Lendecke v...@samba.org Date: Thu Dec 13 12:36:29 2012 +0100 tdb: Fix a typo Reviewed-by: Rusty Russell ru...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 2c3fd8a13e7dde23a23404cd88078a04c8b338ea Author: Volker Lendecke v...@samba.org Date: Tue Dec 11 21:04:58 2012 +0100 tdb: Fix a missing CONVERT methods-tdb_write expects data in on-disk format. For reading that record, methods-tdb_read() has taken care of the on-disk to in-memory representation according to the DOCONV() flag passed down. tdb_rec_write() is a wrapper around methods-tdb_write just doing the CONVERT() on the way to disk. Reviewed-by: Rusty
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 2148d86 Fix bug #9196 - defer_open is triggered multiple times on the same request. from d846199 s4-rpc_server: use netlogon_creds_encrypt_samlogon(). http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 2148d86c7a2facd6e128b753aef98722843af3e1 Author: Jeremy Allison j...@samba.org Date: Fri Dec 14 08:39:26 2012 -0800 Fix bug #9196 - defer_open is triggered multiple times on the same request. get_deferred_open_message_state_smb2() is buggy in that it is checking the wrong things to determine if an open is in the deferred state. It checks if (smb2req-async_te == NULL) which is incorrect, as we're not always async in a deferred open - remove this. It should check instead state-open_was_deferred as this is explicity set to 'true' when an open is going deferred, so add this check. Signed-off-by: Jeremy Allison j...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Tue Dec 18 14:19:13 CET 2012 on sn-devel-104 --- Summary of changes: source3/smbd/smb2_create.c |6 +++--- 1 files changed, 3 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/smb2_create.c b/source3/smbd/smb2_create.c index 812d9db..21f2549 100644 --- a/source3/smbd/smb2_create.c +++ b/source3/smbd/smb2_create.c @@ -1133,9 +1133,6 @@ bool get_deferred_open_message_state_smb2(struct smbd_smb2_request *smb2req, if (!smb2req) { return false; } - if (smb2req-async_te == NULL) { - return false; - } req = smb2req-subreq; if (!req) { return false; @@ -1144,6 +1141,9 @@ bool get_deferred_open_message_state_smb2(struct smbd_smb2_request *smb2req, if (!state) { return false; } + if (!state-open_was_deferred) { + return false; + } if (p_request_time) { *p_request_time = state-request_time; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 34ac9d8 s4-selftest: make sure to test rpc.samr.passwords.validate over ncacn_ip_tcp. via 6a59126 s3-selftest: make sure to test rpc.samr.passwords.validate over ncacn_ip_tcp. via 4fd7aaf s4-rpc_server: limit allowed transports for samr_ValidatePassword(). via c9055a0 s3-rpc_server: limit allowed transports for samr_ValidatePassword(). via f22efd4 s4-torture: move samr_ValidatePassword test out of main samr test. from 014512f dfs_server: Don't allocate a subcontext twice. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 34ac9d878687443c40e9df9941f45d9bc6040529 Author: Günther Deschner g...@samba.org Date: Tue Dec 11 16:43:12 2012 +0100 s4-selftest: make sure to test rpc.samr.passwords.validate over ncacn_ip_tcp. Guenther Signed-off-by: Günther Deschner g...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Wed Dec 12 13:13:47 CET 2012 on sn-devel-104 commit 6a59126d591b3a9f6a7c505cb8973b826f5cc0b0 Author: Günther Deschner g...@samba.org Date: Tue Dec 11 16:42:53 2012 +0100 s3-selftest: make sure to test rpc.samr.passwords.validate over ncacn_ip_tcp. Guenther Signed-off-by: Günther Deschner g...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 4fd7aaf2b148fff7d5efc15e9f1923bf56b5b54a Author: Günther Deschner g...@samba.org Date: Tue Dec 11 14:43:07 2012 +0100 s4-rpc_server: limit allowed transports for samr_ValidatePassword(). Guenther Signed-off-by: Günther Deschner g...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit c9055a0be444260ddbf44eb13007399bf7dff5e1 Author: Günther Deschner g...@samba.org Date: Tue Dec 11 14:41:34 2012 +0100 s3-rpc_server: limit allowed transports for samr_ValidatePassword(). Guenther Signed-off-by: Günther Deschner g...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit f22efd402adf61842dd0a97e462a097e80d878a4 Author: Günther Deschner g...@samba.org Date: Tue Dec 11 09:25:53 2012 +0100 s4-torture: move samr_ValidatePassword test out of main samr test. Makes it easier to call with ncacn_ip_tcp transport (Windows does not allow other transports). Guenther Signed-off-by: Günther Deschner g...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org --- Summary of changes: source3/rpc_server/samr/srv_samr_nt.c |5 + source3/selftest/tests.py |5 - source4/rpc_server/samr/dcesrv_samr.c |5 + source4/selftest/tests.py |2 +- source4/torture/rpc/rpc.c |1 + source4/torture/rpc/samr.c| 21 + 6 files changed, 33 insertions(+), 6 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/rpc_server/samr/srv_samr_nt.c b/source3/rpc_server/samr/srv_samr_nt.c index 1065f2a..580638b 100644 --- a/source3/rpc_server/samr/srv_samr_nt.c +++ b/source3/rpc_server/samr/srv_samr_nt.c @@ -6807,6 +6807,11 @@ NTSTATUS _samr_ValidatePassword(struct pipes_struct *p, struct samr_GetDomPwInfo pw; struct samr_PwInfo dom_pw_info; + if (p-transport != NCACN_IP_TCP p-transport != NCALRPC) { + p-fault_state = DCERPC_FAULT_ACCESS_DENIED; + return NT_STATUS_ACCESS_DENIED; + } + if (r-in.level 1 || r-in.level 3) { return NT_STATUS_INVALID_INFO_CLASS; } diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py index def4d83..57a67ed 100755 --- a/source3/selftest/tests.py +++ b/source3/selftest/tests.py @@ -270,7 +270,7 @@ rpc = [rpc.authcontext, rpc.samba3.bind, rpc.samba3.srvsvc, rpc.samba3.sh rpc.lsa.privileges, rpc.lsa.secrets, rpc.samr, rpc.samr.users, rpc.samr.users.privileges, rpc.samr.passwords, rpc.samr.passwords.pwdlastset, rpc.samr.large-dc, rpc.samr.machine.auth, - rpc.samr.priv, + rpc.samr.priv, rpc.samr.passwords.validate, rpc.netlogon.admin, rpc.schannel, rpc.schannel2, rpc.bench-schannel1, rpc.join, rpc.bind] @@ -327,6 +327,9 @@ for t in tests: plansmbtorture4testsuite(t, s3dc, 'ncacn_ip_tcp:$SERVER_IP -U$USERNAME%$PASSWORD', 'over ncacn_ip_tcp ') plansmbtorture4testsuite(t, plugin_s4_dc, '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD', 'over ncacn_np ') plansmbtorture4testsuite(t, plugin_s4_dc, 'ncacn_ip_tcp:$SERVER_IP -U$USERNAME%$PASSWORD', 'over ncacn_ip_tcp ') +elif t == rpc.samr.passwords.validate: +plansmbtorture4testsuite(t, s3dc, 'ncacn_ip_tcp:$SERVER_IP -U$USERNAME%$PASSWORD', 'over ncacn_ip_tcp ') +plansmbtorture4testsuite(t
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via ade5bfd s4-torture: call the s4u2self tests with arcfour and aes. via d0bad6c s4-torture: precalculate expected session keys from samlogon in schannel test. via f6cb804 libcli/auth: support AES decryption in netlogon_creds_decrypt_samlogon(). via be296a2 libcli/auth: remove trailing whitespace. via f2d9589 s3-auth: remove crypto from serverinfo_to_SamInfoX calls. via c1fb595 s3-rpc_server: Remove obsolete process_creds boolean in samlogon server. via 7f435bd s3-auth: session keys in validation level 6 samlogon replies are *not* encrypted. via 6452892 s3-rpc_server: support AES for interactive netlogon samlogon password decryption. via 7157263 s4-rpc_server: support AES encryption in interactive and generic samlogon. via a52115c s3-rpc_server: we need to encrypt OWFs using DES in _netr_ServerGetTrustInfo(). via 6aec126 s4-torture: validate owf password hash and negotiate AES in forest trust test. via 83b00af s4-torture: validate owf password hash and negotiate AES ServerGetTrustInfo test. via 306a78d s3-rpc_server: pass down netlogon cred state in _netr_ServerGetTrustInfo(). via fd70870 s4-torture: use netlogon_creds_arcfour_crypt() in samba3rpc test. via 4afb7dc s4-torture: exit early when join fails in samba3rpc tests. via 5089442 s4-torture: support AES encryption in interactive samlogon tests in rpc.samr. via d94f012 s4-torture: support AES encryption in pac_verify/generic samlogon netlogon tests. via 3dffd29 s4-torture: use names for r.in.logon_level of netlogon samlogon requests. via 7ea9da0 s4-torture: remove trailing whitespace in smbtorture remote_pac test. via c6f4745 s3-rpc_client: use netlogon_creds_aes_encrypt in interactive netlogon samlogon. via 01e6970 s4-rpc_server: support AES decryption in netr_ServerPasswordSet2 server. via 3dc8c20 s4-torture: add AES support for netr_ServerPasswordSet2 tests. via 0a09160 s4-torture: pass down netlogon flags in netr_ServerPasswordSet2 tests. via d1f481f s4-torture: remove trailing whitespace from netlogon test. via 1362d54 s3-rpc_server: support AES decryption in netr_ServerPasswordSet2 server. via 6434501 s3-rpc_client: support AES encryption in netr_ServerPasswordSet2 client. via ec06c81 s3-rpc_client: use netlogon_creds_arcfour_crypt() in init_netr_CryptPassword. via 429600c libcli/auth: add netlogon_creds_aes_{en|de}crypt routines. from b6e2be8 wafsamba: replace try:except: case with explicit comment about FIPS mode http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit ade5bfd304cc806758a58f04b35834cd730dd9ba Author: Günther Deschner g...@samba.org Date: Fri Dec 7 12:51:10 2012 +0100 s4-torture: call the s4u2self tests with arcfour and aes. Guenther Signed-off-by: Günther Deschner g...@samba.org Signed-off-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Sun Dec 9 21:24:44 CET 2012 on sn-devel-104 commit d0bad6c3350698b26ba009bb0c91d0265cc22f60 Author: Günther Deschner g...@samba.org Date: Fri Dec 7 12:57:18 2012 +0100 s4-torture: precalculate expected session keys from samlogon in schannel test. Guenther Signed-off-by: Günther Deschner g...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit f6cb8049b2fe62054d254a006b8a39f000d1d1d5 Author: Günther Deschner g...@samba.org Date: Fri Dec 7 12:38:16 2012 +0100 libcli/auth: support AES decryption in netlogon_creds_decrypt_samlogon(). Guenther Signed-off-by: Günther Deschner g...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit be296a21fc509cacaedb5aad0c3ca4ccd44b4a62 Author: Günther Deschner g...@samba.org Date: Fri Dec 7 01:05:00 2012 +0100 libcli/auth: remove trailing whitespace. Guenther Signed-off-by: Günther Deschner g...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit f2d9589b178c0e3374e1c1ad363639b9e2bdce5f Author: Günther Deschner g...@samba.org Date: Thu Dec 6 15:21:02 2012 +0100 s3-auth: remove crypto from serverinfo_to_SamInfoX calls. All crypto is dealt with within the netlogon samlogon server now. Guenther Signed-off-by: Günther Deschner g...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit c1fb595081c2b0bf66bce06c09750f53e8031311 Author: Günther Deschner g...@samba.org Date: Thu Dec 6 14:54:25 2012 +0100 s3-rpc_server: Remove obsolete process_creds boolean in samlogon server. Guenther Signed-off-by: Günther Deschner g...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 4a8028a s3:smbd:vfs_acl: fix a PANIC when setting an ACL fails with ACCESS_DENIED from 61e8b80 s3:passdb: fix building pdb_ldap as shared module http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 4a8028a96e20f140c2d423efd4c010a7d300ca72 Author: Michael Adam ob...@samba.org Date: Tue Dec 4 02:02:07 2012 +0100 s3:smbd:vfs_acl: fix a PANIC when setting an ACL fails with ACCESS_DENIED Omission to free the talloc frame causes a panic (at least in developer mode) in the next main event loop due to Frame not freed in order. (Freed frame ../source3/smbd/process.c:3617, expected ../source3/modules/vfs_acl_common.c:534.) Signed-off-by: Michael Adam ob...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Tue Dec 4 09:03:25 CET 2012 on sn-devel-104 --- Summary of changes: source3/modules/vfs_acl_common.c |1 + 1 files changed, 1 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_acl_common.c b/source3/modules/vfs_acl_common.c index 59ced29..4e3aa72 100644 --- a/source3/modules/vfs_acl_common.c +++ b/source3/modules/vfs_acl_common.c @@ -590,6 +590,7 @@ static NTSTATUS fset_nt_acl_common(vfs_handle_struct *handle, files_struct *fsp, if (get_current_uid(handle-conn) == 0 || chown_needed == false || !(fsp-access_mask SEC_STD_WRITE_OWNER)) { + TALLOC_FREE(frame); return NT_STATUS_ACCESS_DENIED; } -- Samba Shared Repository
[SCM] Samba Shared Repository - annotated tag ldb-1.1.14 created
The annotated tag, ldb-1.1.14 has been created at ae3f7139cf13ee222beeb7468977e5c8d2484f28 (tag) tagging 6f47497610352f72128bdbcd3b45313ea9a265ab (commit) replaces ldb-1.1.13 tagged by Stefan Metzmacher on Fri Nov 30 09:50:10 2012 +0100 - Log - ldb: tag release ldb-1.1.14 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQEcBAABAgAGBQJQuHNCAAoJEEeTkWETCEAlj4sH/RkMg/tO7q7u25comSE21hRr YuTxqEGpZ5v0DEW0pi10necOWKdzRsnd1aTHj7VMhYhupxb6uKUi0uZ8BpJ+snzf jJyneDDWm9yUhQsbF2lyBEqjix/F/L6jxE7QDe6XOotJhF/uNIfT52ireFfqfT9J GQHwO1nnnkgnP2C/geWlht1MEuf6WJISPNju5Xtu+58TzdAFu6eImaUhwsp4pSL2 6BU+wueWpYbe6JSQr67CMpg71gDGK3C1kw4p3p5Nj9yXjw1vxn/irLPXWEqL3m3k u5+9DbVIQWCK2rVdI8w07n9AMfd8wzFAxsXT6oo4+ryOED4EEYwZLO2+azksgDQ= =Hlq3 -END PGP SIGNATURE- Alexander Bokovoy (1): Fix release script to build full set of documentation Alexander Wuerstlein (3): Set RFC2307 attributes in samba-tool create Tests for 'samba-tool user create' with RFC2307 attributes Warn when setting UID/GID without idmap_ldb:use rfc2307 = Yes Amitay Isaacs (3): s4-dns: dlz_bind9: Ignore zones that are not used by BIND9 DLZ plugin s4-rpc: dnsserver: Ignore DNS zones that are not used by RPC dnsserver s4-dns: Fix format string vulnerability in an error message (bug #9354) Andreas Schneider (24): s3-printing: Increase debug level for info that the db is empty. s3-smbd: Don't segfault if user specified ports out for range. s3-spoolss: Fix builtin forms order to match Windows again. s3fs-smbd: Move housekeeping to the background process. waf: Build pam_smbpass module only if enabled. s3fs-smbd: Make sure the registry is set up before we init printing. s3fs-printing: Fix RAW printing for normal users. packaging: Add config for systemd-tmpfiles. packaging: Add support for reloading systemd services. s3fs-printing: Simplify the comment and location handling. BUG #9295: Build standard auth modules as internal modules. wafsamba: If we define a realname and a soname create a symlink. waf: Create a libnss_winbind.so symlink. waf: Create a libnss_wins.so symlink. ntlm_auth: Increase debug level if we use config domain name. packaging: Move smbprint to a comman location. BUG 9326: Fix net ads join message for the dns domain. packaging: Add NetworkManager dispatcher script for winbind. s3fs-net: Use talloc for memory allocation. s3fs-utils: Free the popt context in smbcacls and smbquotas. s3fs-popt: Add function to burn the commandline password. s3fs-client: Burn commandline password of client utils. torture: Fix smb2.create.blob test. s3:winbind: BUG 9386: Failover if netlogon pipe is not available. Andrew Bartlett (128): libwbclient: bump ABI to 0.11 as wbcAuthenticateUserEx now provides PAC parsing auth/kerberos: add HAVE_KRB5 guard to fix non-krb5 build after winbindd pac changes build: Try not build with LDAP if we do not have ldap.h build: Fix enabled handling for HAVE_LDAP, we need to use bld.CONFIG_SET ntdb: Try to fix the build on Solaris which does not have err lib/replace: Try to fix build on HP-UX for os2_delete test build: Remove unused IRIX and IRIX6 defines lib/util: Remove unbuilt file util_getent.c and BROKEN_GETGRNAM build: Rework waf STAT_ST_BLOCKSIZE to match autoconf, with 512 as the default build: Make waf configure match autoconf for HPUX ACLs lib/replace: Remove unused nap and therefore the SCO define build: Remove unused define UNIXWARE lib/replace: Improve mkstemp test in autoconf and waf lib/replace: Look for special flags needed for c99 build: Add missing dep on tdb_compat torture: tidy up rpc.lsa OpenPolicy2 test to more clearly use torture_fail() torture: use torture_assert rather than return false in rpc.lsa torture: More torture_assert() calls in rpc.lsa build: Fix detection of quotas on macos client: Fix talloc_stackframe() free order assertion in developer mode docs: Update TOSHARG-Install docs: Remove references to default paramters in TOSHARG-PDC docs: Explain the no-domain-logons restriction applies to all HOME editions docs: Add mention of AD DC support in TOSHARG-PDC docs: Remove Win9X/WinMe mentions from TOSHARG-PDC docs: Fix typo in TOSHARG-Passdb docs: Remove mention of auth methods in TOSHARG-Passdb docs: Change TOSHARG-VFS to avoid suggesting VFS modules are Linux/IRIX only lib/util/charset: Try to find iconv on HP-UX lib/util/charset: We do not use fucntions from wchar.h any more selftest: Remove invalid security=share and rename secshare to simpleserver samba_dnsupdate: Move to using tmpfile/rename to keep the dns_hosts_file
[SCM] Samba Shared Repository - annotated tag talloc-2.0.8 created
The annotated tag, talloc-2.0.8 has been created at 055edd4901a0cfe837b0a5e39fd6ad0ea2190b40 (tag) tagging 36ea39edf8dd9ede756debaf9632f3ded2a51abb (commit) replaces ldb-1.1.13 tagged by Stefan Metzmacher on Fri Nov 30 09:52:48 2012 +0100 - Log - talloc: tag release talloc-2.0.8 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQEcBAABAgAGBQJQuHPgAAoJEEeTkWETCEAlczAIAJLSLF2aHYivKcn/su9PuGQK LZOJEfyGpdrCiNpW5h6GWgmCYTP8Z/zVtxhAj/sH2IAafIcFFR44ppuMoNemaOg0 L9fbpLwvfsCrxkw+FR454bAcr83DL6TyDJHCv0qBGU8BFmUNBx+ltJZJwWvzfsfB 7vKl7qBKaGDQot+kJ59n4JldNbUukW5APZ6RPDpV4kKgNMzIs7gZFSRcE837Hxix +tt7sdDgG+4xsYqvViFbdvZ9FiKFbKbAEEZUUeLGU7OA6zPlXKEddEnjbpSptbvt z3Qot0J9DiUgf52JD5Au7ETnpgXYA6lEkNkWES0+2Wl2CGNzhEJW45OH4y69gIo= =4oo1 -END PGP SIGNATURE- Alexander Bokovoy (1): Fix release script to build full set of documentation Andreas Schneider (6): s3-printing: Increase debug level for info that the db is empty. s3-smbd: Don't segfault if user specified ports out for range. s3-spoolss: Fix builtin forms order to match Windows again. s3fs-smbd: Move housekeeping to the background process. waf: Build pam_smbpass module only if enabled. s3fs-smbd: Make sure the registry is set up before we init printing. Andrew Bartlett (48): libwbclient: bump ABI to 0.11 as wbcAuthenticateUserEx now provides PAC parsing auth/kerberos: add HAVE_KRB5 guard to fix non-krb5 build after winbindd pac changes build: Try not build with LDAP if we do not have ldap.h build: Fix enabled handling for HAVE_LDAP, we need to use bld.CONFIG_SET ntdb: Try to fix the build on Solaris which does not have err lib/replace: Try to fix build on HP-UX for os2_delete test build: Remove unused IRIX and IRIX6 defines lib/util: Remove unbuilt file util_getent.c and BROKEN_GETGRNAM build: Rework waf STAT_ST_BLOCKSIZE to match autoconf, with 512 as the default build: Make waf configure match autoconf for HPUX ACLs lib/replace: Remove unused nap and therefore the SCO define build: Remove unused define UNIXWARE lib/replace: Improve mkstemp test in autoconf and waf lib/replace: Look for special flags needed for c99 build: Add missing dep on tdb_compat torture: tidy up rpc.lsa OpenPolicy2 test to more clearly use torture_fail() torture: use torture_assert rather than return false in rpc.lsa torture: More torture_assert() calls in rpc.lsa build: Fix detection of quotas on macos client: Fix talloc_stackframe() free order assertion in developer mode docs: Update TOSHARG-Install docs: Remove references to default paramters in TOSHARG-PDC docs: Explain the no-domain-logons restriction applies to all HOME editions docs: Add mention of AD DC support in TOSHARG-PDC docs: Remove Win9X/WinMe mentions from TOSHARG-PDC docs: Fix typo in TOSHARG-Passdb docs: Remove mention of auth methods in TOSHARG-Passdb docs: Change TOSHARG-VFS to avoid suggesting VFS modules are Linux/IRIX only lib/util/charset: Try to find iconv on HP-UX lib/util/charset: We do not use fucntions from wchar.h any more selftest: Remove invalid security=share and rename secshare to simpleserver samba_dnsupdate: Move to using tmpfile/rename to keep the dns_hosts_file consistent samba_dnsupdate: Safely update/create names for Samba3 targets as well build: Add waf configure support for non-linux quotas build: Remove unused samba_cv_sysquotas_file variable from autoconf configure build: Set HAVE_SYS_QUOTAS and WITH_QUOTAS if we have any supported sysquota backend build: Remove unused --with-sys-quotas option nsswitch: Add waf tests for solaris special cases lib/replace: Add test for what flag we need for -Werror behaviour build: Fix quota tests, including move of sysquotas.c to the top level build: Remove duplicate check for struct getquota_rslt member getquota_rslt_u selftest: use an array when starting testenv with system() selftest: Always build a linux-style nss_winbind for nss_wrapper nsswitch: Build nss_winbind on all supported platforms wintest: bump version to 4.1 wintest: Add config file for a second host wintest: Give netdom join more time to complete wintest: Give dcpromo more time Björn Baumbach (5): s3: make recursive_rmdir function non-static s3: vfs_streams_depot: add delete_lost option s4: samba_backup: Fix typos. s3-docs: Fix opening and ending tag mismatch in Samba3-HOWTO (Bug #9235) s3-docs: add delete_lost option to vfs_streams_depot.8 Björn Jacke (2): quota: add supprt for gfs2 replace: fix 520c9b0b0ae33 Christian Ambach (12): s3:utils/net fix a compiler warning s3:rpcclient fix a compiler
[SCM] Samba Shared Repository - annotated tag tdb-1.2.11 created
The annotated tag, tdb-1.2.11 has been created at 259e276dc908ff053142cb9feab0ef2a962bffd1 (tag) tagging c62f8baff878001ead921112dd653ff69d1cfe7d (commit) replaces talloc-2.0.8 tagged by Stefan Metzmacher on Fri Nov 30 09:54:21 2012 +0100 - Log - tdb: tag release tdb-1.2.11 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQEcBAABAgAGBQJQuHQ9AAoJEEeTkWETCEAlsN8H/33Gt7Bb5uyjvslBICrWgwTV 8p89Paa21FXVYVmiR1lJhnu7RIi2mYD4LhVimgpT88WSUzCVkuXRXGYMXI9Po0JR VJd0tXfaUOq78sE7ApewsDy1ls4OGGc6jhwz2r8OUtQqdjZ/BoSbXnBBDUa5aFVX H5FofP36J10xL+z4hBsSIz/AqiIfIOATAAIa+qlizoVbSLUqnKGKIwsihIrG6Q3Z /AXiMc7HVsSkqdXdnTFtRj5te00XCyrdoXqspf0wYMzN/DFXU2PclHVaDHQPwTrf I9vGGbBd6RW7rHrD6qzUYvNkn2gtbTpKOPeWRv+hThKF+s5GCGWcSHzgvW+Pr+I= =KMWW -END PGP SIGNATURE- Jeremy Allison (3): Simplify ensure_canon_entry_valid by splitting out the _get codepath. Modify ensure_canon_entry_valid() into ensure_canon_entry_valid_on_set() - makes the logic clearer. We should never just assign an st_mode to an ace-perms field, theoretically Rusty Russell (1): tdb: Make robust against shrinking tdbs Volker Lendecke (1): tdb: Make tdb robust against improper CLEAR_IF_FIRST restart --- -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via b11ba24 s3-rpc_client: try to use socket_addr if available in rpc_pipe_open_tcp() (bug #9426) from 8336061 s4:torture/rpc/handles: try to make all assoc_group tests less flakey http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit b11ba248837ae9bf1df1c5ae1ca1768d57e582bb Author: Günther Deschner g...@samba.org Date: Fri Nov 23 18:15:30 2012 +0100 s3-rpc_client: try to use socket_addr if available in rpc_pipe_open_tcp() (bug #9426) Guenther Signed-off-by: Günther Deschner g...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Mon Nov 26 17:36:20 CET 2012 on sn-devel-104 --- Summary of changes: source3/rpc_client/cli_pipe.c | 23 --- source3/rpc_client/cli_pipe.h |1 + source3/torture/rpc_open_tcp.c |3 ++- 3 files changed, 19 insertions(+), 8 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c index f8c7b24..61e6cce 100644 --- a/source3/rpc_client/cli_pipe.c +++ b/source3/rpc_client/cli_pipe.c @@ -2420,6 +2420,7 @@ NTSTATUS rpccli_schannel_bind_data(TALLOC_CTX *mem_ctx, const char *domain, * Create an rpc pipe client struct, connecting to a tcp port. */ static NTSTATUS rpc_pipe_open_tcp_port(TALLOC_CTX *mem_ctx, const char *host, + const struct sockaddr_storage *ss_addr, uint16_t port, const struct ndr_syntax_id *abstract_syntax, struct rpc_pipe_client **presult) @@ -2448,9 +2449,13 @@ static NTSTATUS rpc_pipe_open_tcp_port(TALLOC_CTX *mem_ctx, const char *host, result-max_xmit_frag = RPC_MAX_PDU_FRAG_LEN; result-max_recv_frag = RPC_MAX_PDU_FRAG_LEN; - if (!resolve_name(host, addr, NBT_NAME_SERVER, false)) { - status = NT_STATUS_NOT_FOUND; - goto fail; + if (ss_addr == NULL) { + if (!resolve_name(host, addr, NBT_NAME_SERVER, false)) { + status = NT_STATUS_NOT_FOUND; + goto fail; + } + } else { + addr = *ss_addr; } status = open_socket_out(addr, port, 60*1000, fd); @@ -2487,6 +2492,7 @@ static NTSTATUS rpc_pipe_open_tcp_port(TALLOC_CTX *mem_ctx, const char *host, * target host. */ static NTSTATUS rpc_pipe_get_tcp_port(const char *host, + const struct sockaddr_storage *addr, const struct ndr_syntax_id *abstract_syntax, uint16_t *pport) { @@ -2517,7 +2523,7 @@ static NTSTATUS rpc_pipe_get_tcp_port(const char *host, } /* open the connection to the endpoint mapper */ - status = rpc_pipe_open_tcp_port(tmp_ctx, host, 135, + status = rpc_pipe_open_tcp_port(tmp_ctx, host, addr, 135, ndr_table_epmapper.syntax_id, epm_pipe); @@ -2631,18 +2637,19 @@ done: * host. */ NTSTATUS rpc_pipe_open_tcp(TALLOC_CTX *mem_ctx, const char *host, + const struct sockaddr_storage *addr, const struct ndr_syntax_id *abstract_syntax, struct rpc_pipe_client **presult) { NTSTATUS status; uint16_t port = 0; - status = rpc_pipe_get_tcp_port(host, abstract_syntax, port); + status = rpc_pipe_get_tcp_port(host, addr, abstract_syntax, port); if (!NT_STATUS_IS_OK(status)) { return status; } - return rpc_pipe_open_tcp_port(mem_ctx, host, port, + return rpc_pipe_open_tcp_port(mem_ctx, host, addr, port, abstract_syntax, presult); } @@ -2816,7 +2823,9 @@ static NTSTATUS cli_rpc_pipe_open(struct cli_state *cli, { switch (transport) { case NCACN_IP_TCP: - return rpc_pipe_open_tcp(NULL, smbXcli_conn_remote_name(cli-conn), + return rpc_pipe_open_tcp(NULL, +smbXcli_conn_remote_name(cli-conn), + smbXcli_conn_remote_sockaddr(cli-conn), interface, presult); case NCACN_NP: return rpc_pipe_open_np(cli, interface, presult); diff --git a/source3/rpc_client/cli_pipe.h b/source3/rpc_client/cli_pipe.h index 3984cf0..343bd0a 100644 --- a/source3/rpc_client/cli_pipe.h +++ b/source3/rpc_client/cli_pipe.h @@ -66,6 +66,7 @@ NTSTATUS rpccli_schannel_bind_data(TALLOC_CTX *mem_ctx, NTSTATUS
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 8f4b871 Fix MD5 detection in the autoconf build from 0d9bdcf web_server: Load SWAT if it is available. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 8f4b871e9776245f599a302f569594aaba9d25c9 Author: Matthieu Patou m...@matws.net Date: Wed Nov 21 12:07:42 2012 -0800 Fix MD5 detection in the autoconf build This is a front port of patches made in 3.6.x branch for bugs: * 9037 * 9086 * 9094 * 9418 It checks if there is a library for md5 related functions (libmd or libmd5) and if so it checks for the presence of md5.h headers it also respect the need for osX build to not use samba's md5 implementation as it's already present in the system libs. Signed-off-by: Matthieu Patou m...@matws.net Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Fri Nov 23 10:05:34 CET 2012 on sn-devel-104 --- Summary of changes: source3/configure.in | 41 ++--- 1 files changed, 34 insertions(+), 7 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/configure.in b/source3/configure.in index b872ab7..b74b4c2 100644 --- a/source3/configure.in +++ b/source3/configure.in @@ -602,18 +602,45 @@ AC_CHECK_HEADERS(netgroup.h) AC_CHECK_HEADERS(linux/falloc.h) AC_CHECK_HEADERS(CommonCrypto/CommonDigest.h) +dnl check for OS implementation of md5 conformant to rfc1321 +samba_cv_md5lib=none + +AC_CHECK_LIB(c, MD5Update, [samba_cv_md5lib=]) + +if test x$samba_cv_md5lib = xnone ; then + AC_CHECK_LIB(md, MD5Update, [samba_cv_md5lib=md]) +fi + +if test x$samba_cv_md5lib = xnone ; then + AC_CHECK_LIB(md5, MD5Update, [samba_cv_md5lib=md5]) +fi + +if test x$samba_cv_md5lib != xnone ; then + AC_CHECK_HEADERS(md5.h) +fi + +CRYPTO_MD5_OBJ=../lib/crypto/md5.o +if test x$ac_cv_header_md5_h = xyes -a \ +x$samba_cv_md5lib != xnone ; then + if test x$samba_cv_md5lib != x ; then + LIBS=${LIBS} -l${samba_cv_md5lib} + AC_DEFINE(HAVE_LIBMD5, 1, + [Whether libmd5 conformant to rfc1321 is available.]) + fi + CRYPTO_MD5_OBJ= +fi + +if test x$ac_cv_header_CommonCrypto_CommonDigest_h == xyes; then + CRYPTO_MD5_OBJ= +fi + +AC_SUBST(CRYPTO_MD5_OBJ) + AC_CHECK_HEADERS(rpcsvc/yp_prot.h,,,[[ #if HAVE_RPC_RPC_H #include rpc/rpc.h #endif ]]) -CRYPTO_MD5_OBJ= -if test x$ac_cv_header_CommonCrypto_CommonDigest_h != xyes -then - CRYPTO_MD5_OBJ=../lib/crypto/md5.o -fi -AC_SUBST(CRYPTO_MD5_OBJ) - ## These fail to compile on IRIX so just check for their presence AC_CHECK_HEADERS(sys/mode.h,,,) -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 2032f27 s3-rpc_client: lookup nametype 0x20 in rpc_pipe_open_tcp_port(). (bug #9426) from 8f4b871 Fix MD5 detection in the autoconf build http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 2032f2746d70bbebd1af26a7a046eb1cc61ac175 Author: Günther Deschner g...@samba.org Date: Fri Nov 23 13:19:53 2012 +0100 s3-rpc_client: lookup nametype 0x20 in rpc_pipe_open_tcp_port(). (bug #9426) The server name type (0x20) is much more likely to be available in the name cache, as this type gets stored by winbind itself - the primary user of the ncacn_ip_tcp code currently. Guenther Signed-off-by: Günther Deschner g...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Fri Nov 23 16:30:57 CET 2012 on sn-devel-104 --- Summary of changes: source3/rpc_client/cli_pipe.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c index edb3876..f8c7b24 100644 --- a/source3/rpc_client/cli_pipe.c +++ b/source3/rpc_client/cli_pipe.c @@ -2448,7 +2448,7 @@ static NTSTATUS rpc_pipe_open_tcp_port(TALLOC_CTX *mem_ctx, const char *host, result-max_xmit_frag = RPC_MAX_PDU_FRAG_LEN; result-max_recv_frag = RPC_MAX_PDU_FRAG_LEN; - if (!resolve_name(host, addr, 0, false)) { + if (!resolve_name(host, addr, NBT_NAME_SERVER, false)) { status = NT_STATUS_NOT_FOUND; goto fail; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 095c762 selftest: Add --tmpdir to 'samba-tool gpo create' test from c5f53ed Revert selftest/skip: add samba.tests.samba_tool.gpo until it's stable http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 095c7627dfbc1e25665d342699ea004dc8d0880b Author: Andrew Bartlett abart...@samba.org Date: Tue Nov 13 13:31:53 2012 +1100 selftest: Add --tmpdir to 'samba-tool gpo create' test This was the cause of the flakey test, and was only noticed when multiple different users ran autobuild at the same time on the same server. We use shutil.rmtree to wipe the directory before the tests finishes as required by the TestCaseInTempDir class. Andrew Bartlett Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Tue Nov 13 10:50:56 CET 2012 on sn-devel-104 --- Summary of changes: .../python/samba/tests/samba_tool/base.py |2 +- .../scripting/python/samba/tests/samba_tool/gpo.py | 10 -- 2 files changed, 9 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/scripting/python/samba/tests/samba_tool/base.py b/source4/scripting/python/samba/tests/samba_tool/base.py index 26ce459..60ccaa5 100644 --- a/source4/scripting/python/samba/tests/samba_tool/base.py +++ b/source4/scripting/python/samba/tests/samba_tool/base.py @@ -29,7 +29,7 @@ from cStringIO import StringIO from samba.netcmd.main import cmd_sambatool import samba.tests -class SambaToolCmdTest(samba.tests.TestCase): +class SambaToolCmdTest(samba.tests.TestCaseInTempDir): def getSamDB(self, *argv): a convenience function to get a samdb instance so that we can query it diff --git a/source4/scripting/python/samba/tests/samba_tool/gpo.py b/source4/scripting/python/samba/tests/samba_tool/gpo.py index c2e069d..7ada91f 100644 --- a/source4/scripting/python/samba/tests/samba_tool/gpo.py +++ b/source4/scripting/python/samba/tests/samba_tool/gpo.py @@ -20,6 +20,7 @@ import os from samba.tests.samba_tool.base import SambaToolCmdTest +import shutil class GpoCmdTestCase(SambaToolCmdTest): Tests for samba-tool time subcommands @@ -39,13 +40,18 @@ os.environ[SERVER]) def test_fetch(self): Run against a real GPO, and make sure it passes -(result, out, err) = self.runsubcmd(gpo, fetch, self.gpo_guid, -H, ldap://%s; % os.environ[SERVER], --tmpdir, os.environ['SELFTEST_PREFIX']) +(result, out, err) = self.runsubcmd(gpo, fetch, self.gpo_guid, -H, ldap://%s; % os.environ[SERVER], --tmpdir, self.tempdir) self.assertCmdSuccess(result, Ensuring gpo fetched successfully) +shutil.rmtree(os.path.join(self.tempdir, policy)) def setUp(self): set up a temporary GPO to work with super(GpoCmdTestCase, self).setUp() -(result, out, err) = self.runsubcmd(gpo, create, self.gpo_name, -H, ldap://%s; % os.environ[SERVER], -U%s%%%s % (os.environ[USERNAME], os.environ[PASSWORD])) +(result, out, err) = self.runsubcmd(gpo, create, self.gpo_name, +-H, ldap://%s; % os.environ[SERVER], +-U%s%%%s % (os.environ[USERNAME], os.environ[PASSWORD]), +--tmpdir, self.tempdir) +shutil.rmtree(os.path.join(self.tempdir, policy)) self.assertCmdSuccess(result, Ensuring gpo created successfully) try: self.gpo_guid = {%s} % out.split({)[1].split(})[0] -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 3b01dd5 s3:winbind: BUG 9386: Failover if netlogon pipe is not available. from 3bbe690 Use work around for 'winbind use default domain' only if it is set http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 3b01dd5f59841b11e9906b8c23345946e0d0ea8c Author: Andreas Schneider a...@samba.org Date: Fri Nov 9 15:33:09 2012 +0100 s3:winbind: BUG 9386: Failover if netlogon pipe is not available. Samba continues to query a broken DC while the DC did not finish to rebuild Sysvol (after a Windows crash, for example). It causes end users to received strange codes while trying to authenticate, even if there is a secondary DC available. Signed-off-by: Andreas Schneider a...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Mon Nov 12 18:57:18 CET 2012 on sn-devel-104 --- Summary of changes: source3/winbindd/winbindd_pam.c | 52 +- 1 files changed, 39 insertions(+), 13 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c index 5b6b77b..b23d421 100644 --- a/source3/winbindd/winbindd_pam.c +++ b/source3/winbindd/winbindd_pam.c @@ -1175,6 +1175,7 @@ static NTSTATUS winbind_samlogon_retry_loop(struct winbindd_domain *domain, struct netr_SamInfo3 **info3) { int attempts = 0; + int netr_attempts = 0; bool retry = false; NTSTATUS result; @@ -1189,22 +1190,47 @@ static NTSTATUS winbind_samlogon_retry_loop(struct winbindd_domain *domain, result = cm_connect_netlogon(domain, netlogon_pipe); if (!NT_STATUS_IS_OK(result)) { - DEBUG(3,(could not open handle to NETLOGON pipe (error: %s)\n, - nt_errstr(result))); - if (NT_STATUS_EQUAL(result, NT_STATUS_IO_TIMEOUT)) { - if (attempts 0) { - DEBUG(3, (This is the second problem for this - particular call, forcing the close of - this connection\n)); - invalidate_cm_connection(domain-conn); - } else { - DEBUG(3, (First call to cm_connect_netlogon - has timed out, retrying\n)); - continue; - } + DEBUG(3,(Could not open handle to NETLOGON pipe +(error: %s, attempts: %d)\n, + nt_errstr(result), netr_attempts)); + + /* After the first retry always close the connection */ + if (netr_attempts 0) { + DEBUG(3, (This is again a problem for this + particular call, forcing the close + of this connection\n)); + invalidate_cm_connection(domain-conn); + } + + /* After the second retry failover to the next DC */ + if (netr_attempts 1) { + /* +* If the netlogon server is not reachable then +* it is possible that the DC is rebuilding +* sysvol and shutdown netlogon for that time. +* We should failover to the next dc. +*/ + DEBUG(3, (This is the third problem for this + particular call, adding DC to the + negative cache list\n)); + add_failed_connection_entry(domain-name, + domain-dcname, + result); + saf_delete(domain-name); + } + + /* Only allow 3 retries */ + if (netr_attempts 3) { + DEBUG(3, (The connection to netlogon + failed, retrying\n)); + netr_attempts++; + retry = true; + continue; } return
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 47bbf98 selftest/skip: add samba.tests.samba_tool.gpo until it's stable from 6073d21 ldb_secrets_tdb_sync: Add dependency on gssapi. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 47bbf9886f0cebf994435a32bafa07e36cce191b Author: Stefan Metzmacher me...@samba.org Date: Tue Nov 6 12:16:37 2012 +0100 selftest/skip: add samba.tests.samba_tool.gpo until it's stable See: https://git.samba.org/autobuild.flakey/2012-11-06-0314/samba.stdout https://git.samba.org/autobuild.flakey/2012-11-06-0514/samba.stdout https://git.samba.org/autobuild.flakey/2012-11-06-0713/samba.stdout Signed-off-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Tue Nov 6 14:24:08 CET 2012 on sn-devel-104 --- Summary of changes: selftest/skip |1 + 1 files changed, 1 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/selftest/skip b/selftest/skip index 66bb85c..097147e 100644 --- a/selftest/skip +++ b/selftest/skip @@ -105,3 +105,4 @@ bench # don't run benchmarks in our selftest ^samba4.drs.delete_object.python # flakey test ^samba4.rpc.unixinfo # This contains a server-side getpwuid call which hangs the server when nss_winbindd is in use ^samba.tests.dcerpc.unix # This contains a server-side getpwuid call which hangs the server when nss_winbindd is in use +^samba.tests.samba_tool.gpo # This is flakey, but reports an error -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 73fa347 s3:smbd:smb2: fix a comment typo in the crediting code. from 2a3eb64 s3:winbindd: use PROTOCOL_LATEST instead of PROTOCOL_SMB2_02 (bug #9175) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 73fa347507e6b551205725abd276b03b7e1f934c Author: Michael Adam ob...@samba.org Date: Thu Nov 1 17:55:59 2012 +0100 s3:smbd:smb2: fix a comment typo in the crediting code. Signed-off-by: Michael Adam ob...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Fri Nov 2 10:09:36 CET 2012 on sn-devel-104 --- Summary of changes: source3/smbd/smb2_server.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/smb2_server.c b/source3/smbd/smb2_server.c index d92302e..8cf3a04 100644 --- a/source3/smbd/smb2_server.c +++ b/source3/smbd/smb2_server.c @@ -757,7 +757,7 @@ static void smb2_set_operation_credit(struct smbd_server_connection *sconn, * * Windows also starts with the 1/16th and then grants * more later. I was only able to trigger higher -* values, when using a verify high credit charge. +* values, when using a very high credit charge. * * TODO: scale up depending one load, free memory * or other stuff. -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 2b4672f libcli/smb: fix unitialized padding in smb2_create_blob_push_one() (bug #9209) from 3180a10 sefltest: use TestCaseInTempDir and setUp/tearDown for posixacl.py temp file http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 2b4672f2d30c01a4767acf660ddb061676c59908 Author: Stefan Metzmacher me...@samba.org Date: Sat Oct 27 08:11:14 2012 +0200 libcli/smb: fix unitialized padding in smb2_create_blob_push_one() (bug #9209) Signed-off-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Sat Oct 27 10:05:22 CEST 2012 on sn-devel-104 --- Summary of changes: libcli/smb/smb2_create_blob.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/libcli/smb/smb2_create_blob.c b/libcli/smb/smb2_create_blob.c index 92387db..c6b2e1e 100644 --- a/libcli/smb/smb2_create_blob.c +++ b/libcli/smb/smb2_create_blob.c @@ -113,7 +113,7 @@ static NTSTATUS smb2_create_blob_push_one(TALLOC_CTX *mem_ctx, DATA_BLOB *buffer size_t next_pad = 0; bool ok; - blob_offset = 0x14 + tag_length; + blob_offset = 0x10 + tag_length; blob_pad = smb2_create_blob_padding(blob_offset, 8); next_offset = blob_offset + blob_pad + blob-data.length; if (!last) { -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via a9a3841 s4:dns_server: fix formatting difference compared to v4-0-test from 8697acd dsdb-cracknames: Always use talloc_zero() http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit a9a38415e52e3f341da4dd3bf1be6c56bd8ad6ef Author: Stefan Metzmacher me...@samba.org Date: Tue Oct 23 15:00:27 2012 +0200 s4:dns_server: fix formatting difference compared to v4-0-test Signed-off-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Wed Oct 24 10:12:51 CEST 2012 on sn-devel-104 --- Summary of changes: source4/dns_server/dns_server.c |3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/dns_server/dns_server.c b/source4/dns_server/dns_server.c index 6824fef..29953c3 100644 --- a/source4/dns_server/dns_server.c +++ b/source4/dns_server/dns_server.c @@ -873,7 +873,8 @@ static void dns_task_init(struct task_server *task) * not return this zone. */ if ((strcmp(z-name, RootDNSServers) == 0) || - (strcmp(z-name, ..TrustAnchors) == 0)) { + (strcmp(z-name, ..TrustAnchors) == 0)) + { DEBUG(10, (Ignoring zone %s\n, z-name)); talloc_free(z); continue; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via d18591c s3:rpc_server: avoid a level 0 DEBUG if tstream_npa_connect_recv fails (bug #9309) from 3da5d96 s3: Fix some blank line endings http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit d18591c97e1856bb48fd6d288db59065530f3a9b Author: Stefan Metzmacher me...@samba.org Date: Sat Oct 20 11:08:19 2012 +0200 s3:rpc_server: avoid a level 0 DEBUG if tstream_npa_connect_recv fails (bug #9309) metze Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Sat Oct 20 12:56:23 CEST 2012 on sn-devel-104 --- Summary of changes: source3/rpc_server/rpc_ncacn_np.c |6 +- 1 files changed, 5 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/rpc_server/rpc_ncacn_np.c b/source3/rpc_server/rpc_ncacn_np.c index 67176a8..25ad857 100644 --- a/source3/rpc_server/rpc_ncacn_np.c +++ b/source3/rpc_server/rpc_ncacn_np.c @@ -611,7 +611,11 @@ struct np_proxy_state *make_external_rpc_pipe_p(TALLOC_CTX *mem_ctx, result-allocation_size); TALLOC_FREE(subreq); if (ret != 0) { - DEBUG(0, (tstream_npa_connect_recv to %s for pipe %s and + int l = 1; + if (errno == ENOENT) { + l = 2; + } + DEBUG(l, (tstream_npa_connect_recv to %s for pipe %s and user %s\\%s failed: %s\n, socket_np_dir, pipe_name, session_info_t-session_info-info-domain_name, session_info_t-session_info-info-account_name, -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 7d05ff7 s3:smbd:durable: store stat info for disconnected durables and check at reconnect. via a6726f9 s3:open_files.idl: add stat-info to vfs_default_durable_cookie. via 660e90d s3:smbd/durable: remove an extra blank line from vfs_default_durable_reconnect() from 24d225f s3:smbd/durable: add write_time specific stuff to vfs_default_durable_cookie http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 7d05ff77264cf48d1ee82ca19c8c7e6951e64cf5 Author: Michael Adam ob...@samba.org Date: Fri Oct 19 16:00:05 2012 +0200 s3:smbd:durable: store stat info for disconnected durables and check at reconnect. At durable reconnect, we check the stat info stored in the cookie against the current stat data from the file we just opened. If any detail differs, we deny the durable reconnect, because in that case it is very likely that someone opened the file while the handle was disconnected, which has to be interpreted as an oplock break. Pair-programmed-with: Stefan Metzmacher me...@samba.org Signed-off-by: Michael Adam ob...@samba.org Signed-off-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Fri Oct 19 18:56:19 CEST 2012 on sn-devel-104 commit a6726f9023c899415441a619473ea9a7819d7c36 Author: Michael Adam ob...@samba.org Date: Fri Oct 19 15:57:24 2012 +0200 s3:open_files.idl: add stat-info to vfs_default_durable_cookie. Pair-programmed-with: Stefan Metzmacher me...@samba.org Signed-off-by: Michael Adam ob...@samba.org Signed-off-by: Stefan Metzmacher me...@samba.org commit 660e90d39174fbfea0e93f40adfe03fefb86916f Author: Michael Adam ob...@samba.org Date: Fri Oct 19 15:53:50 2012 +0200 s3:smbd/durable: remove an extra blank line from vfs_default_durable_reconnect() Pair-programmed-with: Stefan Metzmacher me...@samba.org Signed-off-by: Michael Adam ob...@samba.org Signed-off-by: Stefan Metzmacher me...@samba.org --- Summary of changes: source3/librpc/idl/open_files.idl | 23 ++ source3/smbd/durable.c| 457 - 2 files changed, 479 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/librpc/idl/open_files.idl b/source3/librpc/idl/open_files.idl index 0dd9859..fa87bc7 100644 --- a/source3/librpc/idl/open_files.idl +++ b/source3/librpc/idl/open_files.idl @@ -52,6 +52,28 @@ interface open_files VFS_DEFAULT_DURABLE_COOKIE_MAGIC; const uint32 VFS_DEFAULT_DURABLE_COOKIE_VERSION = 0; + /* this corresponds to struct stat_ex (SMB_STRUCT_STAT) */ + typedef struct { + hyper st_ex_dev; + hyper st_ex_ino; + hyper st_ex_mode; + hyper st_ex_nlink; + hyper st_ex_uid; + hyper st_ex_gid; + hyper st_ex_rdev; + hyper st_ex_size; + timespecst_ex_atime; + timespecst_ex_mtime; + timespecst_ex_ctime; + timespecst_ex_btime; + boolean8st_ex_calculated_birthtime; + hyper st_ex_blksize; + hyper st_ex_blocks; + uint32 st_ex_flags; + uint32 st_ex_mask; + hyper vfs_private; + } vfs_default_durable_stat; + typedef [public] struct { [value(VFS_DEFAULT_DURABLE_COOKIE_MAGIC),charset(DOS)] uint8 magic[0x30]; [value(VFS_DEFAULT_DURABLE_COOKIE_VERSION)] uint32 version; @@ -65,5 +87,6 @@ interface open_files boolean8 update_write_time_on_close; boolean8 write_time_forced; timespec close_write_time; + vfs_default_durable_stat stat_info; } vfs_default_durable_cookie; } diff --git a/source3/smbd/durable.c b/source3/smbd/durable.c index 348135c..4c6ff67 100644 --- a/source3/smbd/durable.c +++ b/source3/smbd/durable.c @@ -104,6 +104,25 @@ NTSTATUS vfs_default_durable_cookie(struct files_struct *fsp, cookie.write_time_forced = fsp-write_time_forced; cookie.close_write_time = fsp-close_write_time; + cookie.stat_info.st_ex_dev = fsp-fsp_name-st.st_ex_dev; + cookie.stat_info.st_ex_ino = fsp-fsp_name-st.st_ex_ino; + cookie.stat_info.st_ex_mode = fsp-fsp_name-st.st_ex_mode; + cookie.stat_info.st_ex_nlink = fsp-fsp_name-st.st_ex_nlink; + cookie.stat_info.st_ex_uid = fsp-fsp_name-st.st_ex_uid; + cookie.stat_info.st_ex_gid = fsp
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 1861213 selftest/knownfail: add samba3.rpc.lsa.privileges.lsa.Privileges via 266b4c5 Revert provision: Always create DNS user. from 2c3a808 s4-dns: Fix the comments about ignoring zones in internal server http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 1861213d147e0d96fd637813c5badb4908ec14d1 Author: Stefan Metzmacher me...@samba.org Date: Tue Oct 16 08:34:35 2012 +0200 selftest/knownfail: add samba3.rpc.lsa.privileges.lsa.Privileges This failed more than 20 times in the last few weeks, e.g. https://git.samba.org/autobuild.flakey/2012-10-16-0629/samba3.stdout https://git.samba.org/autobuild.flakey/2012-10-16-0829/samba3.stdout [530/717 in 14m32s] samba3.rpc.lsa.privileges(s3dc) Using seed 1350368974 Testing OpenPolicy Testing OpenPolicy2 Testing CreateAccount Testing Delete Testing DeleteObject Testing EnumAccounts Testing LookupSids Testing LookupNames with 7 names LookupName of sharesec_user was unmapped LookupName of Everyone failed to return a result UNEXPECTED(failure): samba3.rpc.lsa.privileges.lsa.Privileges(s3dc) REASON: _StringException: _StringException: ../source4/torture/rpc/lsa.c:319: r.out.result was STATUS_SOME_UNMAPPED, expected NT_STATUS_OK: LookupNames failed FAILED (1 failures, 0 errors and 0 unexpected successes in 0 testsuites) metze Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Tue Oct 16 10:43:02 CEST 2012 on sn-devel-104 commit 266b4c596346095f71a651e0a0231256c7409b0f Author: Stefan Metzmacher me...@samba.org Date: Tue Oct 16 08:30:17 2012 +0200 Revert provision: Always create DNS user. This reverts commit c2d14747d608d406de6410556807d467cd0b85ef. samba_upgradedns handles creates/removed the dns acount. See https://lists.samba.org/archive/samba-technical/2012-October/thread.html#87578 metze --- Summary of changes: selftest/flapping |1 + .../scripting/python/samba/provision/__init__.py | 31 +++ 2 files changed, 19 insertions(+), 13 deletions(-) Changeset truncated at 500 lines: diff --git a/selftest/flapping b/selftest/flapping index f0b1528..afeae65 100644 --- a/selftest/flapping +++ b/selftest/flapping @@ -15,6 +15,7 @@ ^samba3.rpc.spoolss.printer.*addprinterex.print_test # another intermittent failure ^samba3.rap.printing # fails sometimes on sn-devel ^samba3.rpc.spoolss.printer.*addprinter.print_test # fails on some hosts due to timing issues ? +^samba3.rpc.lsa.privileges.lsa.Privileges\(s3dc\) # fails sometimes on sn-devel ^samba3.smb2.lock.*.rw-exclusive # another intermittent failure ^samba4.blackbox.gentest # is flakey due to timing ^samba3.smb2.acls.INHERITANCE\(plugin_s4_dc\) # Seems to flap - succeeds on sn-devel, fails on Fedora 16 diff --git a/source4/scripting/python/samba/provision/__init__.py b/source4/scripting/python/samba/provision/__init__.py index d9ba90c..9966192 100644 --- a/source4/scripting/python/samba/provision/__init__.py +++ b/source4/scripting/python/samba/provision/__init__.py @@ -969,7 +969,7 @@ def setup_samdb_rootdse(samdb, names): def setup_self_join(samdb, admin_session_info, names, fill, machinepass, -dnspass, domainsid, next_rid, invocationid, +dns_backend, dnspass, domainsid, next_rid, invocationid, policyguid, policyguid_dc, domainControllerFunctionality, ntdsguid=None, dc_rid=None): Join a host to its own domain. @@ -1048,14 +1048,17 @@ def setup_self_join(samdb, admin_session_info, names, fill, machinepass, samdb.set_session_info(admin_session_info) -setup_add_ldif(samdb, setup_path(provision_dns_add_samba.ldif), { - DNSDOMAIN: names.dnsdomain, - DOMAINDN: names.domaindn, - DNSPASS_B64: b64encode(dnspass.encode('utf-16-le')), - HOSTNAME : names.hostname, - DNSNAME : '%s.%s' % ( - names.netbiosname.lower(), names.dnsdomain.lower()) - }) +if dns_backend != SAMBA_INTERNAL: +# This is Samba4 specific and should be replaced by the correct +# DNS AD-style setup +setup_add_ldif(samdb, setup_path(provision_dns_add_samba.ldif), { + DNSDOMAIN: names.dnsdomain, + DOMAINDN: names.domaindn, + DNSPASS_B64: b64encode(dnspass.encode('utf-16-le')), + HOSTNAME : names.hostname, + DNSNAME : '%s.%s' % ( + names.netbiosname.lower(), names.dnsdomain.lower()) + }) def getpolicypath(sysvolpath, dnsdomain, guid): @@ -1143,7