Andrew Bartlett [Sat, 22 Jun 2013 12:44:10 +0000 (22:44 +1000)]
dsdb-show_deleted: Check if the base DN is deleted before doing a full search
This avoids doing more work than we need to, such as a full database
scan, if the base DN is deleted. The tdb layer cannot handle this
because we do not know to check for the isDeleted attribute there.
This was inspired by an investigation of the samr.large-dc test, which
is slow in part because of attempted SD propegation on the deleted DNs.
The samba3sam code is not compatible with this change (which implies
having checkBaseOnSearch: TRUE set on @OPTIONS), so this module is now
replaced with show_deleted_dummy for this test.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Sun, 6 Oct 2013 21:39:25 +0000 (10:39 +1300)]
dsdb: Add show_deleted_dummy module, for use in samba3sam test
This simply consumes the critical flags from the show_deleted and
show_recycled controls, without implementing them.
This is needed because upcoming changes to show_deleted break this
test. Other parts of Samba set these flags as critical and while we
could skip the module, I would rather not change that just for this
quite strange but important test.
Andrew Bartlett
s3sam
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Mon, 7 Oct 2013 19:19:03 +0000 (08:19 +1300)]
samba_upgradeprovision: Improve error messages and only search for schema in the schema partition
This change is needed for the upcoming change to show_deleted to check the base DN.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Tue, 4 Jun 2013 23:22:45 +0000 (09:22 +1000)]
dsdb: Assert that incoming DRS objects are valid in the local schema
This should change some of the random segfaults seen in autobuild into
errors we can further debug.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Wed, 11 Sep 2013 11:54:37 +0000 (11:54 +0000)]
smbd: Remove byte_range_lock->read_only
With the rewritten brl_get_lock_readonly we only set the destructor for
r/w lock records anyway.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Sun Oct 6 22:20:05 CEST 2013 on sn-devel-104
Volker Lendecke [Wed, 11 Sep 2013 11:53:26 +0000 (11:53 +0000)]
smbd: Remove the brl_get_locks wrapper
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Wed, 11 Sep 2013 11:51:44 +0000 (11:51 +0000)]
smbd: brl_get_locks_internal is always called r/w now
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Wed, 11 Sep 2013 11:36:54 +0000 (11:36 +0000)]
smbd: Restructure brl_get_locks_readonly
This is step 1 to get rid of brl_get_locks_internal with its complex readonly
business. It also optimizes 2 things: First, it uses dbwrap_parse_record to
avoid a talloc and memcpy, and second it uses talloc_pooled_object.
And -- hopefully it is easier to understand the caching logic with
fsp->brlock_rec and the clustering escape.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Wed, 11 Sep 2013 10:17:05 +0000 (10:17 +0000)]
smbd: Avoid an if-statement per read/write in the non-clustered case
Without clustering, fsp->brlock_rec will never be set anyway. In the
clustering case we can't use the seqnum trick, so this is slow enough
that the additional if-statement does not matter in this case anyway. In
the non-clustered case it might. Have not measured it, but every little
bit helps I guess.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Wed, 11 Sep 2013 09:31:36 +0000 (09:31 +0000)]
smbd: Remove unused "brl->key" struct element
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Sun Oct 6 15:49:43 CEST 2013 on sn-devel-104
Volker Lendecke [Mon, 16 Sep 2013 02:18:41 +0000 (19:18 -0700)]
smbd: Convert some dbgtxt to DEBUG
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Fri, 27 Sep 2013 04:27:42 +0000 (21:27 -0700)]
torture: Remove an unused variable
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Fri, 27 Sep 2013 04:21:21 +0000 (21:21 -0700)]
torture: Continue buffer check after NOT_IMPLEMENTED infolevels
Patch from the SDC plugfest. Not every implementation supports every
infolevel, and we want to be able to test buffersize error behaviour
for all supported infolevels
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Fri, 27 Sep 2013 00:10:50 +0000 (17:10 -0700)]
libcli: Correct smb2_lease_pull
We don't really use leases yet, so so far this went by unnoticed. It's
the V2 lease requests that hold the parent lease key, not the V1 ones.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Wed, 21 Aug 2013 10:27:43 +0000 (10:27 +0000)]
libcli: Add const to smb2_lease_pull
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Mon, 23 Sep 2013 00:19:09 +0000 (17:19 -0700)]
torture: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Wed, 2 Oct 2013 15:20:16 +0000 (15:20 +0000)]
smbd: Fix a comment
This has been converted from a timed event to an immediate one in
e7dab403c0ca6f6
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Tue, 3 Sep 2013 13:31:27 +0000 (13:31 +0000)]
smbd: Fix confusing comments
The brlock-check is done in grant_fsp_oplock_type
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Mon, 23 Sep 2013 02:16:56 +0000 (19:16 -0700)]
smbd: Avoid calling serverid_exists twice
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Fri, 4 Oct 2013 10:39:57 +0000 (12:39 +0200)]
smbd:smb2: clarify and comment code treating dh2c blob check.
This makes the code that checks for extra create blobs in the
case of the dh2c blob look very similar to the corresponding
(slightly mode complex) code for the dhnc blob.
With this preparation it will be easier and more obvious how
to add proper treatment of the lease request blobs when leases
get implemented.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Sat Oct 5 15:56:11 CEST 2013 on sn-devel-104
Michael Adam [Thu, 26 Sep 2013 05:48:42 +0000 (07:48 +0200)]
smbd:smb2: ignore an dhnq blob along with a dhnc in create
This is according to MS-SMB2, 3.3.5.9.7
"Handling the SMB2_CREATE_DURABLE_HANDLE_RECONNECT Create Context"
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Wed, 25 Sep 2013 18:39:17 +0000 (20:39 +0200)]
smbd:smb2_create: fix return code for durable handle create blob combinations
According to MS-SMB2:
3.3.5.9.7 Handling the SMB2_CREATE_DURABLE_HANDLE_RECONNECT Create Context
3.3.5.9.12 Handling the SMB2_CREATE_DURABLE_HANDLE_RECONNECT_V2 Create Context
and verified by test results.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Thu, 26 Sep 2013 05:00:33 +0000 (07:00 +0200)]
s4:torture:smb2: add durable-v2-open.reopen2c
- create durable with v1 request
- reconnect with v2 reconnect request
==> fails
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Thu, 26 Sep 2013 04:06:01 +0000 (06:06 +0200)]
s4:torture:smb2: add durable-v2-open.reopen2b
- connect with durable v2
- reconnect with durable v1
=> succeeds
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Thu, 26 Sep 2013 03:47:47 +0000 (05:47 +0200)]
s4:torture:smb2: add durable-v2-open.create-blob
test various combinations of durable create and reconnect
request blobs, according to
MS-SMB2, 3.3.5.9.12:
"Handling the SMB2_CREATE_DURABLE_HANDLE_RECONNECT_V2 Create Context"
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Thu, 26 Sep 2013 03:35:19 +0000 (05:35 +0200)]
s4:torture:smb2: extend the durable-open.reopen2 test
Add tests for:
- filename and many other things don't matter in reconnect
- additionally specified DHnQ request blob is ignored.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Thu, 26 Sep 2013 03:12:02 +0000 (05:12 +0200)]
s4:torture:smb2: extend the durable-v2-open.reopen2 test
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Wed, 25 Sep 2013 21:20:18 +0000 (23:20 +0200)]
smbd:smb2: successfully answer a DHnC request when the initial create was DH2Q
I.e. the durable reconnect attempt is v1 while the original create was durable
v2 including the create guid.
Implement this by skipping the create_guid verification when
the reconnect request is v1.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Wed, 25 Sep 2013 18:40:11 +0000 (20:40 +0200)]
smbd:smb2_create: add comment about validity of check reconnect blob being only one
With leases this will not be true any more.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Wed, 25 Sep 2013 16:31:10 +0000 (18:31 +0200)]
s4:torture:smb2: add a durable-open.reopen-lease-v2 test
like durable-open.reopen2-lease but with v2 lease requets
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Tue, 24 Sep 2013 21:21:37 +0000 (23:21 +0200)]
s4:torture:smb2: add durable-v2-open.reopen2-lease-v2
lease v2 variant of the reopen2 test.
Test various success and failure cases.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Tue, 24 Sep 2013 21:09:18 +0000 (23:09 +0200)]
s4:torture:smb2: add smb2_lease_v2_create() wrapper to smb2_lease_v2_create_share()
that sets share all. similar to smb2_lease_create()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Tue, 24 Sep 2013 21:20:39 +0000 (23:20 +0200)]
s4:torture:smb2: add durable-v2-open.reopen2-lease
lease v1 variant of the reopen2 test
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Tue, 24 Sep 2013 21:08:24 +0000 (23:08 +0200)]
s4:torture:smb2: add durable-open.reopen2-lease test
lease-variant of the reopen2 test
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Tue, 24 Sep 2013 23:25:49 +0000 (01:25 +0200)]
s4:torture:smb2: fix durable-open lease tests to pass against windows.
Fix is: reconnect with same client-guid as on the first connection.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Michael Adam [Wed, 25 Sep 2013 05:20:30 +0000 (07:20 +0200)]
s4:torture:smb2: add smbcli_options argument to torture_smb2_connection_ext()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Michael Adam [Wed, 25 Sep 2013 05:16:39 +0000 (07:16 +0200)]
s4:libcli:smb2: make smbcli_options argument to smb2_connect_(send|ext) const
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Michael Adam [Wed, 25 Sep 2013 04:57:23 +0000 (06:57 +0200)]
s4:libcli:smb2: add the smb2_capabilities to the smbcli_options
and initialize them in lpcfg_smbcli_options() instead of
in smb2_transport_init() as previously.
This will allow us to control them from callers later.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Michael Adam [Wed, 25 Sep 2013 04:46:47 +0000 (06:46 +0200)]
s4:libcli:smb2: add the client_guid to the smbcli_options
and initialize it in lpcfg_smbcli_options() instead of
in smb2_transport_init() as previously.
Having the client guid in the smbcli_options will allow
us to control them from callers later.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Michael Adam [Wed, 25 Sep 2013 04:21:38 +0000 (06:21 +0200)]
s4:torture:spoolss: use smb2_connect() instead of smb2_connet_ext()
in print_test_smbd: we don't need to pass the previous_session_id.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Mon, 23 Sep 2013 20:55:55 +0000 (22:55 +0200)]
s4:torture:smb2: fix a comment in the durable-open.lock-oplock test
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Brian Martin [Thu, 26 Sep 2013 00:01:24 +0000 (17:01 -0700)]
samba_backup: fix bug, add command line parameter, improve error messages
Also remove .bak suffix from tdb/ldb backups for more consistent restore procedures
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Matthieu Patou <mat@matws.net>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sat Oct 5 13:51:34 CEST 2013 on sn-devel-104
Michael Adam [Thu, 30 May 2013 22:46:01 +0000 (00:46 +0200)]
shadow_copy2: use stored mount_point instead of recalculating.
In the case of snapdirseverywhere but NOT crossmountpoints.
This spares stat calls.
And is the only correct thing to do if the mount point was
specified in the configuration.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Adam [Thu, 30 May 2013 22:45:16 +0000 (00:45 +0200)]
shadow_copy2: improve debug in shadow_copy2_convert() in snapdirseverywhere mode
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Adam [Thu, 23 May 2013 14:23:03 +0000 (16:23 +0200)]
shadow_copy2: fix shadow_copy2_convert() in the classical case.
I.e. the non-snapdirseverywhere case.
This in particular fixes the case of a snapdir hierarchy
that is parallel to the share or mountpoint and not subordinate.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Adam [Wed, 29 May 2013 13:06:22 +0000 (15:06 +0200)]
shadow_copy2: add some blank lines for visual separation to shadow_copy2_convert()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Adam [Tue, 28 May 2013 14:59:25 +0000 (16:59 +0200)]
shadow_copy2: initialize "converted" string to null in shadow_copy2_convert()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Adam [Wed, 29 May 2013 15:16:23 +0000 (17:16 +0200)]
shadow_copy2: fix shadow_copy2_strip_snapshot() in the classical case
I.e., fix detection of already converted names.
This is done by using the shadow_copy2_snapshot_path() function
and comparing if the input string starts with that.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Adam [Wed, 29 May 2013 21:57:30 +0000 (23:57 +0200)]
shadow_copy2: add some debug to shadow_copy2_strip_snapshot()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Adam [Wed, 29 May 2013 15:14:49 +0000 (17:14 +0200)]
shadow_copy2: add comments explaining decisions in shadow_copy2_strip_snapshot()
This should make it more easy to understand what the cases are.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Adam [Thu, 30 May 2013 22:18:52 +0000 (00:18 +0200)]
shadow_copy2: introduce shadow_copy2_snapshot_path()
This builds the posix snapshot path for the connection
at the provided timestamp. For the non-snapdirseverywhere case.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Adam [Thu, 30 May 2013 21:51:02 +0000 (23:51 +0200)]
shadow_copy2: factor shadow_copy2_posix_gmt_string() out of shadow_copy2_insert_string()
for re-use..
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Adam [Wed, 29 May 2013 15:12:21 +0000 (17:12 +0200)]
shadow_copy2: shadow_copy2_insert_string(): do not prepend a "/" in absolute mode
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Adam [Tue, 28 May 2013 15:01:20 +0000 (17:01 +0200)]
shadow_copy2: make shadow_copy2_find_snapdir() return const char *
instead of char *. This eliminates compiler warnings.
snapdir is a const string in all occasions.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Adam [Thu, 23 May 2013 14:21:46 +0000 (16:21 +0200)]
shadow_copy2: in the classical case, use configured path in shadow_copy2_find_snapdir()
There is no point in searching for snapdir if not in snapdirseverywhere mode.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Adam [Sat, 1 Jun 2013 00:14:41 +0000 (02:14 +0200)]
shadow_copy2: implement disk_free
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Adam [Fri, 31 May 2013 15:17:27 +0000 (17:17 +0200)]
shadow_copy2: log resulting config at the end of shadow_copy2_connect()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Adam [Thu, 3 Oct 2013 22:07:15 +0000 (00:07 +0200)]
shadow_copy2: add snapshot_basepath to the config.
This is the absolute version of snapdir.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Adam [Thu, 3 Oct 2013 22:04:06 +0000 (00:04 +0200)]
shadow_copy2: add rel_connectpath to config.
This is the share root, relative to the basedir.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Adam [Fri, 31 May 2013 14:36:33 +0000 (16:36 +0200)]
shadow_copy2: introduce "shadow:mountpoint" option
Possiblity to explicitly set the share's mount point.
This is useful mainly for debugging and testing purposes.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Adam [Thu, 30 May 2013 15:26:44 +0000 (17:26 +0200)]
shadow_copy2: re-add the basedir option.
Disable basedir if it is not an absolute path or if
snapdirseverywhere or crossmountpoints is enabled.
Pair-Programmed-With: Björn Baumbach <bb@sernet.de>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Adam [Thu, 30 May 2013 11:19:50 +0000 (13:19 +0200)]
shadow_copy2: disable "snapdir:crossmountpoints" if the snapdir is absolute.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Adam [Wed, 29 May 2013 15:10:51 +0000 (17:10 +0200)]
shadow_copy2: introduce the bool "snapdir_absolute" in the config.
Not exposed but to be used internally.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Adam [Thu, 23 May 2013 23:35:44 +0000 (01:35 +0200)]
shadow_copy2: introduce config struct and function shadow_copy2_connect()
This moves the parsing of the config to a central place.
So users of configuation don't need to call lp_parm_... all the time.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Adam [Wed, 29 May 2013 15:11:44 +0000 (17:11 +0200)]
shadow_copy2: add comment explaining the SMB level GMT format pattern
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Adam [Tue, 28 May 2013 23:13:57 +0000 (01:13 +0200)]
shadow_copy2: add comment block explaining shadow_copy2_convert()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Adam [Fri, 24 May 2013 15:20:42 +0000 (17:20 +0200)]
shadow_copy2: add comment block explaining shadow_copy2_insert_string()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Adam [Thu, 23 May 2013 22:01:14 +0000 (00:01 +0200)]
shadow_copy2: add comment block explaining shadow_copy2_find_snapdir()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Adam [Thu, 23 May 2013 21:59:49 +0000 (23:59 +0200)]
shadow_copy2: add header comment explaining have_snapdir()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Adam [Thu, 23 May 2013 21:32:15 +0000 (23:32 +0200)]
shadow_copy2: add comment header describing shadow_copy2_strip_snapshot()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Adam [Fri, 4 Oct 2013 11:15:34 +0000 (13:15 +0200)]
shadow_copy2: break overly long lines in shadow_copy2_snapshot_to_gmt()
According to coding guidelines.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Thu, 3 Oct 2013 13:14:58 +0000 (15:14 +0200)]
Revert "Support UPN_DNS_INFO in the PAC"
This reverts commit
a6be8a97f705247c1b1cbb0595887d8924740a71.
We fail (often) to parse a krb5pac type 12 buffer due to the incomplete change
which came in via
a6be8a97f705247c1b1cbb0595887d8924740a71. This change came
into master and has only been released in RCs so no regression to published
4.0.x releases. We should revert this for 4.1 for now until we can make it work
in all cases (see work on this in
https://git.samba.org/?p=gd/samba/.git;a=shortlog;h=refs/heads/master-krb5pac_type12).
Without this revert the entire PAC parsing may fail which can effect serious
implications (krb5 smb session setup not working).
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10178
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Oct 3 17:08:46 CEST 2013 on sn-devel-104
Jeremy Allison [Fri, 27 Sep 2013 13:29:41 +0000 (06:29 -0700)]
Remove dead code. Now we have no SWAT we don't use the invalid_services array or associated counter.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@suse.de>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Oct 3 03:22:36 CEST 2013 on sn-devel-104
Michael Adam [Wed, 25 Sep 2013 21:18:56 +0000 (23:18 +0200)]
smbd:smb2: fix error code when the header says the request is signed but we don't have a sesseion
I.e. when the request is a session setup.
We replied with ACCESS_DENIED, but windows expects USER_SESSION_DELETED
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Oct 2 22:07:44 CEST 2013 on sn-devel-104
Stefan Metzmacher [Mon, 23 Sep 2013 18:51:30 +0000 (20:51 +0200)]
s3:smb2_server: don't rely on the SMB2_HDR_FLAG_SIGNED if signing is required
Windows (at least the test suites) may skip the SMB2_HDR_FLAG_SIGNED
in a reauth session setup, but still provide a valid signature.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Volker Lendecke [Sat, 14 Sep 2013 11:44:54 +0000 (13:44 +0200)]
librpc: Fix blank line endings
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Oct 2 15:02:07 CEST 2013 on sn-devel-104
Volker Lendecke [Sat, 14 Sep 2013 11:43:03 +0000 (13:43 +0200)]
libndr: Fix ndr_print_bitmap_flag for value=0
Don't endlessly loop
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Matthieu Patou [Mon, 23 Sep 2013 00:17:16 +0000 (17:17 -0700)]
librpc: return a ndr_pull_error instead of just NDR_ERR_NDR64 when upper bits of 64 bit value are not 0
Signed-off-by: Matthieu Patou <mat@matws.net>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Tue, 1 Oct 2013 22:43:27 +0000 (00:43 +0200)]
net: allow "net idmap get ranges" to list all ranges
Omission of SID parameter lists ranges for all domains.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Wed Oct 2 12:23:33 CEST 2013 on sn-devel-104
Michael Adam [Tue, 1 Oct 2013 22:39:07 +0000 (00:39 +0200)]
idmap_autorid: allow iterate functions to operate on all domain ranges
by allowing handed in domsid to be NULL
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Michael Adam [Wed, 18 Sep 2013 01:19:58 +0000 (03:19 +0200)]
net: implement "net idmap delete ranges"
Inspired by a patch by Atul Kulkarni <atul.kulkarni@in.ibm.com>.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Michael Adam [Wed, 18 Sep 2013 01:04:52 +0000 (03:04 +0200)]
idmap_autorid: add idmap_autorid_delete_domain_ranges()
This uses the new idmap_autorid_iterate_domain_ranges() function.
Based on earlier patch by Atul Kulkarni <atul.kulkarni@in.ibm.com>.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Michael Adam [Wed, 18 Sep 2013 00:39:51 +0000 (02:39 +0200)]
net: add "net idmap get ranges" operation for autorid
Implemented using the idmap_autorid_iterate_domain_ranges_read() function.
Based on earlier patch by Atul Kulkarni <atul.kulkarni@in.ibm.com>.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Michael Adam [Tue, 17 Sep 2013 23:54:58 +0000 (01:54 +0200)]
idmap_autorid: add idmap_autorid_iterate_domain_ranges[_read]()
Functions to perform an action on all domain range mappings for
a given domain, specified by the domain sid.
Inspired by a previous patch by Atul Kulkarni <atul.kulkarni@in.ibm.com>.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Michael Adam [Thu, 12 Sep 2013 11:45:22 +0000 (13:45 +0200)]
net: implement "net idmap delete range"
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Michael Adam [Thu, 12 Sep 2013 21:59:15 +0000 (23:59 +0200)]
idmap_autorid: add idmap_autorid_delete_range_by_num()
query and delete a mapping specified by the range number.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Michael Adam [Thu, 12 Sep 2013 11:44:53 +0000 (13:44 +0200)]
idmap_autorid: add idmap_autorid_delete_range_by_sid()
Delete a range mapping as specified by domain SID and range index.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Michael Adam [Sun, 15 Sep 2013 09:58:02 +0000 (11:58 +0200)]
idmap_autorid: add idmap_autorid_build_keystr_talloc()
talloc version of idmap_autorid_build_keystr()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Michael Adam [Thu, 12 Sep 2013 05:37:17 +0000 (07:37 +0200)]
idmap_autorid: extend idmap_autorid_addrange to allow to set mappings below the HWM
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Michael Adam [Tue, 10 Sep 2013 23:05:02 +0000 (01:05 +0200)]
net: implement "net idmap get range"
get the range for a domain sid and range index.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Michael Adam [Tue, 10 Sep 2013 11:35:56 +0000 (13:35 +0200)]
idmap_autorid: improve clarity of idmap_autorid_addrange_action() by adding mem_ctx.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Michael Adam [Mon, 9 Sep 2013 14:09:52 +0000 (16:09 +0200)]
net: add "net idmap set range" (for autorid backend)
This lets the admin store a range for a domain/index pair.
Call syntax is:
net idmap set range <RANGE> <DOMSID> [<INDEX>]
INDEX defaults to 0.
Pair-Programmed-With: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Volker Lendecke [Tue, 1 Oct 2013 21:29:53 +0000 (23:29 +0200)]
net idmap: add utility function parse_uint32()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Atul Kulkarni [Mon, 12 Aug 2013 07:39:31 +0000 (13:09 +0530)]
net: add "net idmap get config" to read the autorid config from the database
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Michael Adam [Mon, 9 Sep 2013 23:53:14 +0000 (01:53 +0200)]
net: add "net idmap get" command
This has no subcommands yet and is added in preparation of adding some.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Atul Kulkarni [Mon, 9 Sep 2013 23:47:46 +0000 (01:47 +0200)]
net: add "net idmap set config" command to store the autorid global config
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Michael Adam [Mon, 9 Sep 2013 23:45:52 +0000 (01:45 +0200)]
idmap_autorid: add idmap_autorid_saveconfigstr()
Store a configuration as provided by a config string
after parsing and validating the string.
Based on similar patch by Atul Kulkarni <atul.kulkarni@in.ibm.com>.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Atul Kulkarni [Mon, 9 Sep 2013 23:19:52 +0000 (01:19 +0200)]
net: add new function net_idmap_opendb_autorid()
This checks the backend is autorid, and opens the db if so.
If readonly == true, the DB is simply opened for reading.
If readonly == false, the DB is created if necessary and
initialized with HWMs.
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Michael Adam [Mon, 9 Sep 2013 23:19:05 +0000 (01:19 +0200)]
net: rename "idmap_dump_ctx" to "net_idmap_ctx".
This started specific, but is now generic.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Michael Adam [Mon, 9 Sep 2013 15:30:32 +0000 (17:30 +0200)]
net: move the "net idmap delete" functionality to subcommand "net idmap delete mapping"
This is in preparation of adding more types of entries to delete...
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>