Andrew Bartlett [Fri, 19 Feb 2010 04:56:30 +0000 (15:56 +1100)]
s4:selftest Add infrastructure for testing against an RPC proxy
This also changes the 'testenv' code to use a new environment 'all'
(we may wish to make other complex tests depend on this in future),
and exports more names in more namespaces.
Andrew Bartlett
Andrew Bartlett [Fri, 19 Feb 2010 04:55:28 +0000 (15:55 +1100)]
misc.idl: Add reference to the slightly odd representation of if_version
I found this confusing, so explian for the next poor programmer who
has to get up to speed with this quickly.
Andrew Bartlett
Andrew Bartlett [Fri, 19 Feb 2010 04:53:31 +0000 (15:53 +1100)]
s4:rpc_server Record the remote connections association group ID
By recording the association group the remote server assigned to our
proxied RPC connection, we can ensure we use the same value when the
client wishes to use it.
This isn't stored in a private pointer, as mapiproxy will want to use
this feature too.
Andrew Bartlett
Andrew Bartlett [Fri, 19 Feb 2010 00:14:15 +0000 (11:14 +1100)]
s4:winbind Make the 'no SID found' message even more detailed
Now we give the user a clue as to what may be wrong, and the file path
that we could not find the domain SID in.
Andrew Bartlett
Jeremy Allison [Fri, 19 Feb 2010 00:12:04 +0000 (16:12 -0800)]
More fixes for bug #7146 - Samba miss-parses authenticated RPC packets.
Alignment space calculations are tricky :-).
Jeremy.
Günther Deschner [Thu, 18 Feb 2010 20:54:45 +0000 (21:54 +0100)]
s3-spoolss: add support for _spoolss_SetPrinter level 8.
Guenther
Michael Adam [Thu, 18 Feb 2010 23:33:45 +0000 (00:33 +0100)]
nss_wrapper: fix segfault in print_group() in the testsuite
Running
'TESTS=posix_s3 POSIX_SUBTESTS="RPC-SAMR-LARGE-DC LOCAL-NSS-WRAPPER" make test'
from s3 made smbtorture4 crash on my box.
Michael
Jeremy Allison [Thu, 18 Feb 2010 23:03:30 +0000 (15:03 -0800)]
More fixes for bug #7146 - Samba miss-parses authenticated RPC packets.
Ensure we calculate the space correctly (including the ss_padding_len)
when constructing reply packets.
Jeremy.
Günther Deschner [Thu, 18 Feb 2010 22:23:28 +0000 (23:23 +0100)]
s4-smbtorture: add LOCAL-NSS-WRAPPER-DUPLICATES test.
Guenther
Günther Deschner [Thu, 18 Feb 2010 22:22:52 +0000 (23:22 +0100)]
s4-smbtorture: be more verbose in LOCAL-NSS-WRAPPER.
Guenther
Björn Jacke [Thu, 18 Feb 2010 09:01:26 +0000 (10:01 +0100)]
s3: optimize strict allocate for XFS on IRIX
Günther Deschner [Thu, 18 Feb 2010 15:40:20 +0000 (16:40 +0100)]
testprogs: add tests for GetJob() to spoolss test.
Guenther
Jeremy Allison [Thu, 18 Feb 2010 20:21:10 +0000 (12:21 -0800)]
Fix bug #7155 - valgrind Conditional jump or move depends on uninitialised value(s) error when "mangling method = hash"
The charset array allocated in init_chartest() is allocated
by MALLOC, but only some elements of it being set after allocation. Fix is to
memset to zero after allocation.
Jeremy.
Jeremy Allison [Thu, 18 Feb 2010 19:22:44 +0000 (11:22 -0800)]
Fix bug #7154 - mangling method = hash can crash storing a name not containing a '.'
Fix use of uninitialized variable. This can lead to crashes if
mangling = hash processes names with no '.'.
Jeremy.
Günther Deschner [Thu, 18 Feb 2010 13:48:57 +0000 (14:48 +0100)]
testprogs: add RPC_S_PROCNUM_OUT_OF_RANGE error.
Guenther
Günther Deschner [Sat, 13 Feb 2010 02:45:25 +0000 (03:45 +0100)]
spoolss: use ndr_push_spoolss_PrinterInfo2 hand-marshalled version (moves devmode relative pointer down to sd).
Guenther
Günther Deschner [Tue, 16 Feb 2010 01:48:01 +0000 (02:48 +0100)]
spoolss: add spoolss_security_descriptor.
Guenther
Günther Deschner [Tue, 9 Feb 2010 15:47:32 +0000 (16:47 +0100)]
s3: re-run make samba3-idl.
Guenther
Günther Deschner [Tue, 16 Feb 2010 09:46:07 +0000 (10:46 +0100)]
security: make two bitmaps public.
Guenther
Günther Deschner [Sat, 13 Feb 2010 03:27:05 +0000 (04:27 +0100)]
spoolss: make two bitmaps public.
Guenther
Stefan Metzmacher [Thu, 18 Feb 2010 14:36:08 +0000 (15:36 +0100)]
spoolss: make all security descriptors and devicemodes 4 byte aligned and add missing subcontexts.
Guenther
Günther Deschner [Mon, 14 Dec 2009 16:22:39 +0000 (17:22 +0100)]
spoolss: set NDR_RELATIVE_REVERSE flag for various unions that have relative pointers.
Guenther
Stefan Metzmacher [Thu, 18 Feb 2010 14:17:42 +0000 (15:17 +0100)]
ndr_spoolss_buf: use LIBNDR_FLAG_NO_NDR_SIZE in NDR_SPOOLSS_SIZE_*
metze
Stefan Metzmacher [Wed, 23 Dec 2009 14:52:39 +0000 (15:52 +0100)]
spoolss: use subcontext in NDR_SPOOLSS_PUSH_ENUM_OUT macro.
metze
Stefan Metzmacher [Thu, 18 Feb 2010 14:13:20 +0000 (15:13 +0100)]
libndr: fix ndr_size_* calculation with relative reverse buffers
metze
Stefan Metzmacher [Thu, 18 Feb 2010 12:40:44 +0000 (13:40 +0100)]
libndr: for now align reverse relative pointers to 2 bytes by default.
This is just a hack and we should let the callers use FLAG_ALIGN2
explicit in future.
metze
Stefan Metzmacher [Wed, 17 Feb 2010 20:24:40 +0000 (21:24 +0100)]
libndr: implement LIBNDR_RELATIVE_REVERSE handling
This is based on Guenther's initial code.
metze
Günther Deschner [Mon, 14 Dec 2009 14:33:32 +0000 (15:33 +0100)]
libndr: store a subcontext buffer size in ndr_push_subcontext_start.
Guenther
Stefan Metzmacher [Wed, 17 Feb 2010 19:27:08 +0000 (20:27 +0100)]
libndr: give an error when ndr_push_relative_ptr2_start()/_end() is used with the RELATIVE_REVERSE flag
metze
Günther Deschner [Tue, 9 Feb 2010 17:27:37 +0000 (18:27 +0100)]
libndr: add LIBNDR_FLAG_NO_RELATIVE_REVERSE so that relative reverse processing
can be disabled for single structure elements.
Guenther
Günther Deschner [Mon, 14 Dec 2009 14:09:00 +0000 (15:09 +0100)]
libndr: add LIBNDR_FLAG_RELATIVE_REVERSE flag.
Guenther
Günther Deschner [Wed, 16 Dec 2009 21:54:02 +0000 (22:54 +0100)]
libndr: change subcontext buffer allocation to allocate on subcontext_start.
Guenther
Stefan Metzmacher [Wed, 17 Feb 2010 19:00:36 +0000 (20:00 +0100)]
librpc/ndr: make ndr_push_relative_ptr2() static
metze
Stefan Metzmacher [Wed, 17 Feb 2010 19:00:04 +0000 (20:00 +0100)]
librpc/ndr_krb5pac: use ndr_push_relative_ptr2_start()/_end()
metze
Stefan Metzmacher [Wed, 17 Feb 2010 18:59:19 +0000 (19:59 +0100)]
librpc/ndr_drsblobs: use ndr_push_relative_ptr2_start()/_end()
metze
Günther Deschner [Thu, 11 Feb 2010 17:54:31 +0000 (18:54 +0100)]
spoolss: fix relative pointers in ndr_push_spoolss_DriverInfo101.
Guenther
Günther Deschner [Mon, 14 Dec 2009 13:17:05 +0000 (14:17 +0100)]
s3: re-run make full_idl.
Guenther
Günther Deschner [Mon, 14 Dec 2009 13:09:22 +0000 (14:09 +0100)]
pidl: use ndr_push_relative_ptr2_start and ndr_push_relative_ptr2_end.
Guenther
Günther Deschner [Mon, 14 Dec 2009 13:08:34 +0000 (14:08 +0100)]
libndr: add ndr_push_relative_ptr2_start and ndr_push_relative_ptr2_end.
Guenther
Karolin Seeger [Thu, 18 Feb 2010 12:10:21 +0000 (13:10 +0100)]
s3-docs: Remove trailing whitespaces and fix a typo.
Karolin
Björn Jacke [Wed, 17 Feb 2010 22:03:32 +0000 (23:03 +0100)]
s3:docs: add some advice for usage of strict allocate
Günther Deschner [Thu, 18 Feb 2010 11:40:00 +0000 (12:40 +0100)]
s3-spoolss: Fix _spoolss_EnumPrinters servername handling.
Guenther
Günther Deschner [Thu, 18 Feb 2010 10:20:49 +0000 (11:20 +0100)]
s3-selftest: fix return code for modprinter.pl -a.
Background is: the SetPrinter level 2 calls "addprinter command" an fails if a
share already existed (and the addprinter command returned a non-0 return code).
Removing the non-0 return code is fine, as in AddPrinter{Ex}, we have checks to
see if a share already exists before calling out the addprinter command.
Maybe one day, we need to have a "changeprinter command"...
Guenther
Stefan Metzmacher [Wed, 17 Feb 2010 18:11:11 +0000 (19:11 +0100)]
tsocket/bsd: fix comment in tdgram_bsd_recvfrom_handler()
metze
Jeremy Allison [Thu, 18 Feb 2010 03:42:49 +0000 (19:42 -0800)]
Revert "Got back to 16-byte padding on auth RPC. S3 clients and servers now cope with this. Jeremy"
This reverts commit
38c50c7027d2a2a9a3df060b74b2a2efce4d9e6f.
As tridge requested, we need this to work with older S3
servers, not just for smbtorture4.
Jeremy.
Günther Deschner [Thu, 18 Feb 2010 01:17:01 +0000 (02:17 +0100)]
s3-selftest: finally enable RPC-SPOOLSS-PRINTER against Samba 3.
Guenther
Günther Deschner [Wed, 17 Feb 2010 23:48:58 +0000 (00:48 +0100)]
s3-selftest: include addprinter/deleteprinter command.
Guenther
Günther Deschner [Thu, 18 Feb 2010 01:14:26 +0000 (02:14 +0100)]
s3-spoolss: fix return code of spoolss_DeletePrinter.
When the printer has been removed by the "deleteprinter command", we need to
check if it is still there and then fail, not fail if we successfully removed
it (found by RPC-SPOOLSS-PRINTER).
Guenther
Günther Deschner [Thu, 18 Feb 2010 01:03:53 +0000 (02:03 +0100)]
s3-spoolss: in spoolss_EnumPrinters r->in.server is a *unique* pointer!
Guenther
Günther Deschner [Thu, 18 Feb 2010 00:58:56 +0000 (01:58 +0100)]
s3-spoolss: more AddPrinter{Ex} checks.
Windows will allow to add a non-shared printer that is returned by EnumPrinters.
Samba has no notion of non-shared local printers yet, so just make sure to
behave like we do elsewhere: a printer autoloaded by samba or added to samba is
shared.
Guenther
Günther Deschner [Tue, 14 Jul 2009 12:34:30 +0000 (14:34 +0200)]
s3-spoolss: add some printer info validation for AddPrinter calls.
Guenther
Günther Deschner [Tue, 16 Feb 2010 15:21:02 +0000 (16:21 +0100)]
testprogs: print SDDL string of printer security descriptors
Günther Deschner [Thu, 18 Feb 2010 01:13:07 +0000 (02:13 +0100)]
s3-modules: fix get_acl_blob in the acl_tdb VFS module.
Shuttle-reviewed by jra :)
Guenther
Günther Deschner [Thu, 18 Feb 2010 00:45:06 +0000 (01:45 +0100)]
s4-smbtorture: skip printer info cross tests against samba 3 for now.
Not even w2k8r2 passes them atm.
Guenther
Günther Deschner [Thu, 18 Feb 2010 00:43:08 +0000 (01:43 +0100)]
s4-smbtorture: try more combinations to find printers in test_EnumPrinters_findname().
Also take a note of servers returning full UNC printer paths although we did not
set the servername.
Guenther
Günther Deschner [Thu, 18 Feb 2010 00:41:46 +0000 (01:41 +0100)]
s4-smbtorture: simplify test_PrinterInfo_DevMode a bit.
Guenther
Günther Deschner [Wed, 17 Feb 2010 19:45:26 +0000 (20:45 +0100)]
s4-smbtorture: avoid potential loop while adding a new printer in RPC-SPOOLSS-PRINTER.
Guenther
Günther Deschner [Wed, 17 Feb 2010 14:15:47 +0000 (15:15 +0100)]
s3-rpcclient: fix uninitialized variable in wkssvc_enumerateusers.
Guenther
Jeremy Allison [Thu, 18 Feb 2010 00:40:28 +0000 (16:40 -0800)]
Got back to 16-byte padding on auth RPC. S3 clients and servers now cope with this. Jeremy
Andrew Bartlett [Wed, 17 Feb 2010 23:54:53 +0000 (10:54 +1100)]
s4:param Modify secrets_get_domain_sid to give more useful errors
This also moves the calls to secrets_get_domain_sid back into
winbind_task_init(), so that we can terminate with a much more
detailed error message. (The previous message was simply
NT_STATUS_CANT_ACCESS_DOMAIN_INFO).
Andrew Bartlett
Jeremy Allison [Wed, 17 Feb 2010 23:27:59 +0000 (15:27 -0800)]
Fix bug #7146 - Samba miss-parses authenticated RPC packets.
Parts of the Samba RPC client and server code misinterpret authenticated
packets.
DCE authenticated packets actually look like this :
+--------------------------+
|header |
| ... frag_len (packet len)|
| ... auth_len |
+--------------------------+
| |
| Data payload |
... ....
| |
+--------------------------+
| |
| auth_pad_len bytes |
+--------------------------+
| |
| Auth footer |
| auth_pad_len value |
+--------------------------+
| |
| Auth payload |
| (auth_len bytes long) |
+--------------------------+
That's right. The pad bytes come *before* the footer specifying how many pad
bytes there are. In order to read this you must seek to the end of the packet
and subtract the auth_len (in the packet header) and the auth footer length (a
known value).
The client and server code gets this right (mostly) in 3.0.x -> 3.4.x so long
as the pad alignment is on an 8 byte boundary (there are some special cases in
the code for this).
Tridge discovered there are some (DRS replication) cases where on 64-bit
machines where the pad alignment is on a 16-byte boundary. This breaks the
existing S3 hand-optimized rpc code.
This patch removes all the special cases in client and server code, and allows
the pad alignment for generated packets to be specified by changing a constant
in include/local.h (this doesn't affect received packets, the new code always
handles them correctly whatever pad alignment is used).
This patch also works correctly with rpcclient using sign+seal from
the 3.4.x and 3.3.x builds (testing with 3.0.x and 3.2.x to follow)
so even as a server it should still work with older libsmbclient and
winbindd code.
Jeremy
Jeremy Allison [Wed, 17 Feb 2010 19:13:35 +0000 (11:13 -0800)]
Fix bug #6557 - Do not work VFS full_audit
Re-arrange the operations order so SMB_VFS_CONNECT is done
first as root (to allow modules to correctly initialize themselves).
Reviewed modules to check if they needed CONNECT invoked as
a user (which we previously did) and it turns out any of them
that cared needed root permissions anyway.
Jeremy.
Lars Müller [Wed, 17 Feb 2010 18:00:01 +0000 (19:00 +0100)]
s3: go straight to winbindd_dual_pam_auth() in case of !NT_STATUS_OK
At the formerly used process_result statement we have alone one
NT_STATUS_IS_OK() which never could be hit in our case as we only go here
if NT_STATUS_EQUAL is not ok.
Lars Müller [Fri, 5 Feb 2010 21:47:39 +0000 (22:47 +0100)]
s3: let the pam_winbind po files reference the correct location
Jeremy Allison [Wed, 17 Feb 2010 17:24:34 +0000 (09:24 -0800)]
Fix commit
d07cd37b993d3c9beded20323174633b806196b5
Which was:
tsocket/bsd: fix bug #7115 FreeBSD includes the UDP header in FIONREAD
Metze, this has to have been wrong - you are throwing away the talloc_realloc
pointer returned. Also no error checking. Please review.
Thank goodness for gcc warnings :-).
Jeremy.
Anatoliy Atanasov [Wed, 17 Feb 2010 16:01:31 +0000 (18:01 +0200)]
s4/rodc: change the libnet_become_dc code to do RODC join
Anatoliy Atanasov [Wed, 17 Feb 2010 16:00:41 +0000 (18:00 +0200)]
s4/drs: add DRSUAPI_ATTRIBUTE_options attribute
Anatoliy Atanasov [Tue, 16 Feb 2010 23:21:28 +0000 (01:21 +0200)]
s4/drs:kccdrs_replica_get_info_obj_metadata implementation
Fix the names of the drsuapi_DsReplicaInfoType enum and rebuild the .idl
The get_info_obj_metadata implementation is ported from implementation
i developed and tested at the samba io lab 2009
Kamen Mazdrashki [Fri, 29 Jan 2010 17:05:51 +0000 (19:05 +0200)]
s4/ldap: Refactor the fix for ldap nested searches
Current implementation synchronizes processing for
all types of LDAP request, not only LDAP_Search ones.
Synchronization for ldap replies processing is done
locally in ldb_ildap module as this concerns only
ildb_callback() function.
Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
Stefan Metzmacher [Wed, 17 Feb 2010 12:53:02 +0000 (13:53 +0100)]
tsocket/bsd: fix bug #7115 FreeBSD includes the UDP header in FIONREAD
metze
Stefan Metzmacher [Wed, 17 Feb 2010 08:33:18 +0000 (09:33 +0100)]
tsocket/bsd: set IPV6_V6ONLY on AF_INET6 sockets
Some system already have this as default. It's easier
to behave the same way on all systems and handle ipv6
and ipv4 sockets separate.
metze
Stefan Metzmacher [Wed, 17 Feb 2010 07:49:28 +0000 (08:49 +0100)]
tsocket/bsd: fix bug #7140 autodetect ipv4 and ipv6 based on the remote address if the local address is any
metze
Stefan Metzmacher [Wed, 17 Feb 2010 07:45:58 +0000 (08:45 +0100)]
tsocket/bsd: fix bug #7140 use calculated sa_socklen for bind() in tstream_bsd_connect_send()
This is needed because, we can't use sizeof(sockaddr_storage) for AF_UNIX
sockets. Also some platforms require exact values for AF_INET and AF_INET6.
metze
Stefan Metzmacher [Wed, 17 Feb 2010 07:42:22 +0000 (08:42 +0100)]
tsocket/bsd: fix do_bind logic for AF_INET
We want the explicit bind() when we don't use the any address.
metze
Stefan Metzmacher [Wed, 17 Feb 2010 08:43:00 +0000 (09:43 +0100)]
socket_wrapper: also ignore AF_INET6 in swrap_setsockopt()
metze
Jeff Layton [Tue, 16 Feb 2010 14:16:42 +0000 (09:16 -0500)]
cifs.upcall: allocate a talloc context for smb_krb5_unparse_name
cifs.upcall calls smb_krb5_unparse_name with a NULL talloc context.
Older versions of this function though will conditionally use
SMB_REALLOC instead of TALLOC_REALLOC when a NULL context is passed
in. To make it more consistent, just spawn a talloc context that
we can pass into this function.
Resolves:
https://bugzilla.redhat.com/show_bug.cgi?id=565446
https://bugzilla.samba.org/show_bug.cgi?id=6868
Reported-by: Ludek Finstrle <luf@seznam.cz>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Günther Deschner <gd@samba.org>
Volker Lendecke [Tue, 16 Feb 2010 22:29:48 +0000 (23:29 +0100)]
s3: Fix bug 7139
To provide the user with the same SID when doing Kerberos logins, attempt to do
a make_server_info_sam instead of a make_server_info_pw.
Günther Deschner [Wed, 17 Feb 2010 10:21:56 +0000 (11:21 +0100)]
s4-smbtorture: unify test list to run against single created printers in RPC-SPOOLSS-PRINTER.
This is to make sure we run the same tests for printers created via AddPrinter
and via AddPrinterEx.
Guenther
Günther Deschner [Tue, 16 Feb 2010 16:42:58 +0000 (17:42 +0100)]
s4-smbtorture: also test level 2 sets for devicemodes and see if they persist.
Guenther
Günther Deschner [Tue, 16 Feb 2010 16:42:19 +0000 (17:42 +0100)]
s4-smbtorture: refactor setprinter devicemode calls in RPC-SPOOLSS-PRINTER.
Guenther
Andrew Tridgell [Wed, 17 Feb 2010 08:43:26 +0000 (19:43 +1100)]
s4-provision: freeze the DNS zone before creating the zone file
This prevents bind from getting confused if it has a journal for the
zone.
Andrew Tridgell [Wed, 17 Feb 2010 08:29:37 +0000 (19:29 +1100)]
s4-dnsupdate: use samba_runcmd() in the dns update task
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Wed, 17 Feb 2010 07:18:28 +0000 (18:18 +1100)]
s4-param: added "rndc command" smb.conf option
Andrew Tridgell [Wed, 17 Feb 2010 07:18:05 +0000 (18:18 +1100)]
util: added samba_runcmd()
This allows us to run a child command in an async fashion, with
control over logging of stdout and stderr (which appears in the Samba
log file). This is useful for ensuring we don't miss important
messages from rndc commands (for example).
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Wed, 17 Feb 2010 05:34:33 +0000 (16:34 +1100)]
examples: add bind9 patches for TSIG-GSS support
We will point at these from the Samba4 HOWTO
Andrew Tridgell [Wed, 17 Feb 2010 05:29:17 +0000 (16:29 +1100)]
s4-provision: fix permissions on generated DNS zone file
The zone file needs to be writeable by bind to allow for it to flush
its journal on dynamic updates
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Simo Sorce [Sun, 14 Feb 2010 08:33:15 +0000 (03:33 -0500)]
s3:rpc streamline memory handling
Andrew Tridgell [Tue, 16 Feb 2010 23:23:14 +0000 (10:23 +1100)]
s4-rpc: paranoid check for auth_length
This is not strictly needed as the ndr_pull_advance() checks it a few
lines further down, but I want to save Jeremy getting more grey hairs :-)
Günther Deschner [Tue, 16 Feb 2010 15:12:52 +0000 (16:12 +0100)]
testprogs: add rather simple device mode tests to spoolss test.
Guenther
Volker Lendecke [Tue, 16 Feb 2010 14:21:25 +0000 (15:21 +0100)]
s3: Fix timeout calculation if g_lock_lock is given a timeout < 60s
Detected while showing this code to obnox :-)
Volker Lendecke [Tue, 16 Feb 2010 11:31:58 +0000 (12:31 +0100)]
s3: Slightly increase parallelism in g_lock
There's no need to still hold the g_lock tdb-level lock while telling the
waiters to retry
Volker Lendecke [Tue, 16 Feb 2010 11:28:53 +0000 (12:28 +0100)]
s3: Avoid starving locks when many processes die at the same time
In g_lock_unlock we have a little race between the process_exists and
messaging_send call: We only send to 5 waiters now, they all might have died
between us checking their existence and sending the message. This change makes
g_lock_lock retry at least once every minute.
Volker Lendecke [Tue, 16 Feb 2010 11:22:08 +0000 (12:22 +0100)]
s3: Avoid a thundering herd in g_lock_unlock
Only notify the first 5 pending lock waiters. This avoids a thundering herd
problem that is really nasty in a cluster. It also makes acquiring a lock a bit
more FIFO, lock waiters are added to the end of the array.
Volker Lendecke [Mon, 15 Feb 2010 15:57:16 +0000 (16:57 +0100)]
s3: Optimize g_lock_lock for a heavily contended case
Only check the existence of the lock owner in g_lock_parse, check the rest of
the records only when we got the lock successfully. This reduces the load on
process_exists which can involve a network roundtrip in the clustered case.
Volker Lendecke [Mon, 15 Feb 2010 15:49:46 +0000 (16:49 +0100)]
s3: Fix handling of processes that died in g_lock
g_lock_parse might have thrown away entries from the locks array because the
processes were not around anymore. Don't store the orphaned entries.
Andrew Tridgell [Tue, 16 Feb 2010 11:41:45 +0000 (22:41 +1100)]
s4-kcc: remove a qsort() that snuck into the new topology code
Andrew Tridgell [Tue, 16 Feb 2010 11:18:16 +0000 (22:18 +1100)]
s4-rpc: don't use auth padding in rpc bind requests as it breaks s3
The s3 RPC server returns a bind_nak if it gets a rpc bind with auth
padding. This change forces a padding length of zero to maximimise
compatibility with s3 servers.
I've left the padding code in as a #if 0 to make it easier for us to
test/fix the s3 server code, which should be changed to correctly
handle arbitrary auth padding in all rpc requests with auth trailers.
Andrew Tridgell [Tue, 16 Feb 2010 09:21:29 +0000 (20:21 +1100)]
s4-dcerpc: fixed auth padding to be relative to the stub, not packet
The recent dcerpc padding changes made our padding relative to the
packet header, instead of the start of the stub. Surprisingly, this
broke w2k8r2 doing a dcpromo join to a s4 server. It seems that w2k8r2
is very fussy about the padding it gets in some circumstances.
Andrew Tridgell [Tue, 16 Feb 2010 05:39:49 +0000 (16:39 +1100)]
s4-dsdb: return LDB_ERR_CONSTRAINT_VIOLATION on num_recs != 1
In a single record search, LDB_ERR_CONSTRAINT_VIOLATION is more useful
than the generic LDB_ERR_OPERATIONS_ERROR
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Tue, 16 Feb 2010 05:09:07 +0000 (16:09 +1100)]
s4-samdb: use dsdb_search() in cracknames
greatly simplifies some of the cracknames code
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>