Stefan Metzmacher [Tue, 14 Sep 2010 15:11:13 +0000 (17:11 +0200)]
tdb: change version to 1.3.0 after using the jankins hash for non-persistent tdbs
metze
Stefan Metzmacher [Tue, 14 Sep 2010 10:34:56 +0000 (12:34 +0200)]
tdb: use jenkins hash for non persistent tdbs
The Jenkins hash produces much less collisions if the keys
only differ a few bits. This is important for the usage
of non-persistent TDBs in Samba.
We use the rwlock field in the TDB header to prevent older
TDB versions from opening.
metze
Stefan Metzmacher [Tue, 14 Sep 2010 10:44:42 +0000 (12:44 +0200)]
tdb: fix compiler warning
metze
Stefan Metzmacher [Tue, 7 Sep 2010 19:24:07 +0000 (21:24 +0200)]
s3:rpc_client: remove unused rpc_pipe_set_hnd_state()
metze
Stefan Metzmacher [Tue, 7 Sep 2010 18:52:58 +0000 (20:52 +0200)]
s3:rpc_client: use rpc_api_pipe_send() for auth3
metze
Stefan Metzmacher [Tue, 7 Sep 2010 18:51:38 +0000 (20:51 +0200)]
s3:rpc_client: rpc_pipe_bind_step_one_done() doesn't need reply_pdu
metze
Stefan Metzmacher [Tue, 7 Sep 2010 18:39:20 +0000 (20:39 +0200)]
s3:rpc_client: allow DCERPC_PKT_AUTH3 via rpc_api_pipe_send/recv
metze
Björn Jacke [Fri, 17 Sep 2010 12:05:53 +0000 (14:05 +0200)]
lib/util: usec_time_diff takes arguments the other way round than TvalDiff did
Björn Jacke [Fri, 17 Sep 2010 11:47:05 +0000 (13:47 +0200)]
s3: fix order of arguments in nsec_time_diff call
Kamen Mazdrashki [Fri, 17 Sep 2010 02:28:36 +0000 (05:28 +0300)]
s4-test: Add unit test for dsdb_schema_info_cmp()
Kamen Mazdrashki [Thu, 16 Sep 2010 23:54:46 +0000 (02:54 +0300)]
s4-schema: Helper func to compare schemaInfo signitures
Kamen Mazdrashki [Thu, 16 Sep 2010 23:48:50 +0000 (02:48 +0300)]
s4-schema: use dsdb_schema_info_blob_is_valid() to verify schemaInfo blob
instead of parsing it.
Kamen Mazdrashki [Thu, 16 Sep 2010 23:45:59 +0000 (02:45 +0300)]
s4-prefixMap: use dsdb_schema_info_blob_is_valid() for schemaInfo blob validation
This fixes a leaking dsdb_schema_info object also.
Kamen Mazdrashki [Thu, 16 Sep 2010 23:37:46 +0000 (02:37 +0300)]
s4-dsdb: Add dsdb_schema_info_blob_is_valid() to verify schemaInfo blobls
Kamen Mazdrashki [Wed, 15 Sep 2010 23:17:34 +0000 (02:17 +0300)]
s4-pyrpc: Print location and type name we got when checking for types
Sumit Bose [Fri, 17 Sep 2010 08:33:08 +0000 (10:33 +0200)]
Fix array size of a memmber of struct cli_ulogoff_state
The too small array makes UID-REGRESSION-FIX fail on 32bit
architectures.
Signed-off-by: Günther Deschner <gd@samba.org>
Andrew Tridgell [Fri, 17 Sep 2010 07:06:29 +0000 (17:06 +1000)]
s4-devel: developer script for adding DNS entries via netlogon RPC
this calls the netlogon DsrUpdateReadOnlyServerDnsRecords call to add
DNS entries for a RODC via RPC calls. The call is routed via a IRPC
call to winbind, as winbind is the one with the schannel credential
chaining setup.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Fri, 17 Sep 2010 07:04:28 +0000 (17:04 +1000)]
s4-pyrpc: allow python to access irpc interfaces
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Fri, 17 Sep 2010 07:03:54 +0000 (17:03 +1000)]
idl: build python interfaces for winbind and idmap IDL
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Fri, 17 Sep 2010 00:11:48 +0000 (10:11 +1000)]
s4-winbind Add a proxy method to update DNS records with a read-write DC
This must be done in winbindd as it already has the schannel connection
and the credential chain. If we re-established that elsewhere, we
would break the chain in winbindd.
Andrew Bartlett
Signed-Off-By: Andrew Tridgell <tridge@samba.org>
Günther Deschner [Fri, 17 Sep 2010 08:06:16 +0000 (10:06 +0200)]
testprogs: skip two tests in spoolss tester.
Guenther
Günther Deschner [Fri, 17 Sep 2010 08:02:13 +0000 (10:02 +0200)]
s4-smbtorture: fix winreg querymultiplevalues NDR test warning.
Guenther
Björn Jacke [Thu, 16 Sep 2010 20:18:45 +0000 (22:18 +0200)]
ѕ3: remove smb_msleep prototype from here
Björn Jacke [Thu, 16 Sep 2010 19:36:00 +0000 (21:36 +0200)]
s3: remove TvalDiff macro, we can use the shared usec_time_diff function
Björn Jacke [Thu, 16 Sep 2010 19:36:37 +0000 (21:36 +0200)]
s3/s4: merge msleep and smb_msleep
the merged variant is renamed to smb_msleep as some platforms already have a
msleep function.
Björn Jacke [Thu, 16 Sep 2010 17:45:43 +0000 (19:45 +0200)]
s3: remove TspecDiff macro, we can use the shared nsec_time_diff function
Björn Jacke [Thu, 16 Sep 2010 17:02:27 +0000 (19:02 +0200)]
s3: use nsec_time_diff instead of TspecDiff
Björn Jacke [Thu, 16 Sep 2010 16:52:45 +0000 (18:52 +0200)]
s3/vfs_scannedonly: use smb_msleep instead of nanosleep
Thanks to Joachim Schmitz. This fixes bug #7478
Volker Lendecke [Thu, 16 Sep 2010 07:31:10 +0000 (09:31 +0200)]
s3: Add the PAC info3 struct to the netsamlogon_cache in ntlm_auth
Volker Lendecke [Thu, 16 Sep 2010 08:34:59 +0000 (10:34 +0200)]
s3: Correctly unwrap the krb ticket in gss-spnego
Volker Lendecke [Thu, 16 Sep 2010 08:22:00 +0000 (10:22 +0200)]
s3: Fall back to raw NTLMSSP for the gss-spnego protocol
This is to handle the mod_auth_ntlm_winbind protocol
sending "Negotiate" to IE, which sends raw NTLMSSP
instead of a SPNEGO wrapped NTLMSSP blob.
Volker Lendecke [Thu, 16 Sep 2010 08:21:20 +0000 (10:21 +0200)]
s3: Split off output generation from manage_squid_ntlmssp_request
Volker Lendecke [Thu, 16 Sep 2010 08:36:21 +0000 (10:36 +0200)]
s3: Wrap the ntlm_auth loop with a talloc_stackframe
Günther Deschner [Thu, 16 Sep 2010 16:41:37 +0000 (18:41 +0200)]
s4-smbtorture: add NDR spoolss_GetPrinterDriver2 in and out check functions.
Guenther
Günther Deschner [Thu, 16 Sep 2010 14:49:54 +0000 (16:49 +0200)]
s4-smbtorture: finally enable most of our NDR_OUT NDR tests that we couldnt handle previously.
Guenther
Günther Deschner [Thu, 16 Sep 2010 14:21:39 +0000 (16:21 +0200)]
s4-smbtorture: add functions to do NDR_OUT ndr_pull validation including NDR_IN context.
Guenther
Günther Deschner [Thu, 16 Sep 2010 14:25:51 +0000 (16:25 +0200)]
s4-smbtorture: fix some indentation in NDR testsuite.
Guenther
Günther Deschner [Thu, 16 Sep 2010 14:22:32 +0000 (16:22 +0200)]
s3-smbtorture: fixup trailing whitespace in ndr testsuite.
Guenther
Günther Deschner [Thu, 16 Sep 2010 12:42:22 +0000 (14:42 +0200)]
s4-smbtorture: add spoolss_GetPrinterDriver2 NDR tests.
Guenther
Günther Deschner [Thu, 16 Sep 2010 12:41:37 +0000 (14:41 +0200)]
s4-smbtorture: mention -v switch for hexdump imports into the NDR testsuites.
Guenther
Günther Deschner [Thu, 16 Sep 2010 12:31:53 +0000 (14:31 +0200)]
s4-smbtorture: activate spoolss_GetPrinterData NDR pull test.
Guenther
Andrew Tridgell [Thu, 16 Sep 2010 11:17:54 +0000 (21:17 +1000)]
s4-winbind: fixed two valgrind errors
- allocate the dc info on the right structure
- zero the number of group members when allocating the winbindd_gr
return
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Thu, 16 Sep 2010 10:12:20 +0000 (20:12 +1000)]
wbclient: gr_mem can be NULL
if the structure was partly created and an error occurred, then don't
crash
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Thu, 16 Sep 2010 10:11:47 +0000 (20:11 +1000)]
wbclient: paranoid check for double free
added while tracking down a crash in the wbinfo blackbox test
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Thu, 16 Sep 2010 10:06:44 +0000 (20:06 +1000)]
tdb: added TDB_NO_FSYNC env variable
this might help reduce test times and load on test machines
Andrew Bartlett [Thu, 16 Sep 2010 07:53:36 +0000 (17:53 +1000)]
torture/raw Allow one more 'not implemented' status return as a valid response
The Samba4 server responds to most ioctl calls with NT_STATUS_NOT_SUPPORTED
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Andrew Bartlett [Thu, 16 Sep 2010 05:47:42 +0000 (15:47 +1000)]
s4-torture assert that we get a temp datagram socket.
I've seen a segfault because we failed to check this isn't NULL
before we use it. This will still of course fail, but not so
spectacularly.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Andrew Bartlett [Thu, 16 Sep 2010 04:37:20 +0000 (14:37 +1000)]
libcli/auth/ntlmssp Be clear about talloc parents for session keys
The previous API was not clear as to who owned the returned session key.
This fixes a valgrind-found use-after-free in the NTLMSSP key derivation code,
and avoids making allocations - we steal and zero instead.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Andrew Tridgell [Thu, 16 Sep 2010 07:20:08 +0000 (17:20 +1000)]
s4-kdc: prevent segfault on bad trust strings
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Thu, 16 Sep 2010 07:05:58 +0000 (17:05 +1000)]
s4-netlogon: added IDL for netr_DsrUpdateReadOnlyServerDnsRecords
this is used by a RODC to do DNS updates, as TSIG updates are not
allowed by RODCs
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Thu, 16 Sep 2010 07:04:53 +0000 (17:04 +1000)]
s4-rpcserver: allow saving of bad RPC packets
use:
dcesrv:stubs directory = .
to save files like this:
RPC-netlogon-48-pullfail.dat
when a RPC packet can't be parsed or is unknown. Only enabled in
developer builds
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Thu, 16 Sep 2010 06:57:21 +0000 (16:57 +1000)]
pidl: prevent ndr_print_*() dying on NULL pointers
when using ndrdump you can get uninitialised structures containing
pointers. Don't segfault when trying to print them
Andreas Schneider [Mon, 30 Aug 2010 11:22:57 +0000 (13:22 +0200)]
idl: Added EPMAPPER_STATUS_CANT_PERFORM_OP.
Signed-off-by: Günther Deschner <gd@samba.org>
Andrew Tridgell [Thu, 16 Sep 2010 04:13:48 +0000 (14:13 +1000)]
s4-dns: use a non-forwardable ticket in samba_dnsupdate
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Thu, 16 Sep 2010 04:13:29 +0000 (14:13 +1000)]
s4-kerberos: obey the credentials setting for forwardable tickets
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Thu, 16 Sep 2010 04:12:57 +0000 (14:12 +1000)]
s4-pycredentials: expose forwardable setting via python
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Thu, 16 Sep 2010 04:12:37 +0000 (14:12 +1000)]
s4-credentials: added ability to control forwardable attribute on krb5 tickets
with the latest bind9 nsupdate, we need to be able to control if the
ticket we use is forwardable
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Thu, 16 Sep 2010 03:02:43 +0000 (13:02 +1000)]
s4-drs: make debugging DsUpdateRefs a bit easier
Andrew Tridgell [Thu, 16 Sep 2010 03:02:23 +0000 (13:02 +1000)]
s4-drs: initial skeleton for DrsReplica{Add,Del,Mod} calls
Andrew Tridgell [Thu, 16 Sep 2010 03:00:20 +0000 (13:00 +1000)]
s4-drs: removed a debug print in repl secret
Andrew Tridgell [Thu, 16 Sep 2010 00:58:03 +0000 (10:58 +1000)]
s4-test: enable valgrind on wbinfo tests
Andrew Tridgell [Wed, 15 Sep 2010 21:38:14 +0000 (07:38 +1000)]
s4-pydrs: fix for python 2.4
thanks to Kamen and David Gonzalez for spotting this
Jelmer Vernooij [Thu, 16 Sep 2010 00:02:14 +0000 (00:02 +0000)]
s3: Add convenience make target buildfarm-test.
Jelmer Vernooij [Thu, 16 Sep 2010 00:01:51 +0000 (00:01 +0000)]
s3-selftest: Move Samba3-specific script to source3/selftest.
Björn Jacke [Wed, 15 Sep 2010 22:57:39 +0000 (00:57 +0200)]
s3/printing: avoid a possible race condition in the cache timeout
Jeremy Allison [Wed, 15 Sep 2010 22:40:15 +0000 (15:40 -0700)]
Fix all sid_parse returns to be checked. Tidy up some checks and error
messages.
Jeremy.
Günther Deschner [Wed, 15 Sep 2010 22:19:51 +0000 (00:19 +0200)]
s3-smbd: prevent call_nt_transact_ioctl() crash in FSCTL_FIND_FILES_BY_SID case.
Jeremy, please check.
Guenther
Günther Deschner [Wed, 15 Sep 2010 21:02:43 +0000 (23:02 +0200)]
s4-smbtorture: try FSCTL_FIND_FILES_BY_SID with random blob data in RAW-IOCTL.
Guenther
Andrew Tridgell [Wed, 15 Sep 2010 10:54:09 +0000 (20:54 +1000)]
s4-repl: if we are an RODC don't set WRIT_REP in replication
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Wed, 15 Sep 2010 10:24:50 +0000 (20:24 +1000)]
s4-repl: add partial attribute set to getncchanges calls for RODCs
when we are a RODC we must supply a partial attribute set in the
getncchanges call
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Wed, 15 Sep 2010 10:23:47 +0000 (20:23 +1000)]
s4-repl: added min_usn to extended replication call
the repl_secret code needs to set it to avoid too many duplicate
attributes
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Wed, 15 Sep 2010 09:00:01 +0000 (19:00 +1000)]
s4-repl: added repl_secret handling
initiate a repl secret extended op when requested
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Wed, 15 Sep 2010 08:59:17 +0000 (18:59 +1000)]
s4-repl: cleanup the extended op calls in repl server
- use generic parameter names
- trigger a run of pending ops on all extended ops
- don't prevent parallel fsmo transfers
- moved extended op code into drepl_extended
Andrew Tridgell [Wed, 15 Sep 2010 08:52:11 +0000 (18:52 +1000)]
s4-pyjoin: use new pynet finddc interface
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Wed, 15 Sep 2010 08:51:09 +0000 (18:51 +1000)]
s4-pynet: return the full netlogon response from python finddc
this gives the caller the other server parameters
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Wed, 15 Sep 2010 08:50:09 +0000 (18:50 +1000)]
s4-pyjoin: fill in the dns name in the python replication method
this is needed to get the repsFrom DNS entry right
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Wed, 15 Sep 2010 08:49:34 +0000 (18:49 +1000)]
s4-drs: get lpcfg_dnsdomain() instead of lpcfg_realm()
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Wed, 15 Sep 2010 08:49:06 +0000 (18:49 +1000)]
s4-pyrpc: added py_return_ndr_struct()
This can be used to return structures from other python interfaces as
python objects
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Wed, 15 Sep 2010 06:19:26 +0000 (16:19 +1000)]
s4-repl: split out the extended op handling
this is not part of the rid allocation logic
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Wed, 15 Sep 2010 06:15:12 +0000 (16:15 +1000)]
s4-repl: cleanup getncchanges extended op calls
Multiple calls are allowed to run in parallel as long as they don't
conflict.
This also cleans up the variable names in the extended op calls.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Kamen Mazdrashki [Wed, 15 Sep 2010 13:45:37 +0000 (16:45 +0300)]
s4-drs: Wait DsReplicaSync for as long as it takes to complete
In case the caller wants sync execution, we should
not cancel the call for internal timeout reason,
but rather wait for its execution
Kamen Mazdrashki [Wed, 15 Sep 2010 13:53:48 +0000 (16:53 +0300)]
s4-irpc: Don't install endtime-timer in case timeout is INFINITE for the call
Kamen Mazdrashki [Wed, 15 Sep 2010 13:41:47 +0000 (16:41 +0300)]
s4-irpc: Add 'timeout' param for dcesrv_irpc_forward_rpc_call() call
It is to be used when caller wants to explicitly
specify the timeout for the call
Kamen Mazdrashki [Wed, 15 Sep 2010 11:22:27 +0000 (14:22 +0300)]
s4-irpc: Add value for "infinite" timeout for IRPC calls
Björn Jacke [Wed, 15 Sep 2010 16:23:50 +0000 (18:23 +0200)]
s3/printing: make clock jump save and use monotonic time for cache timeout
Jelmer Vernooij [Wed, 15 Sep 2010 18:05:51 +0000 (20:05 +0200)]
subunit: Re-add outputmsg.
Jeremy Allison [Wed, 15 Sep 2010 17:50:50 +0000 (10:50 -0700)]
Add check for invalid data size.
Jeremy.
Volker Lendecke [Wed, 15 Sep 2010 08:29:44 +0000 (10:29 +0200)]
s3: Fix some debug msgs in ntlm_auth
Volker Lendecke [Tue, 14 Sep 2010 19:10:27 +0000 (21:10 +0200)]
Fix a typo
Andrew Tridgell [Wed, 15 Sep 2010 11:50:36 +0000 (21:50 +1000)]
s4-rpcserver: set unbind method to NULL in remote server
this prevents a possible crash on disconnect
Günther Deschner [Wed, 15 Sep 2010 12:34:50 +0000 (14:34 +0200)]
s3-docs: more typos in rpc_server manpage.
Guenther
Günther Deschner [Wed, 15 Sep 2010 12:31:39 +0000 (14:31 +0200)]
s3-waf: fix the build.
... this starts to get like "re-run make idl"...
Guenther
Günther Deschner [Wed, 15 Sep 2010 12:16:45 +0000 (14:16 +0200)]
s3-docs: fix rpc_server manpage type.
Guenther
Günther Deschner [Wed, 15 Sep 2010 11:24:44 +0000 (13:24 +0200)]
s3-rpc_server: fix some uninitalized variables and c++ build warnings.
Guenther
Günther Deschner [Wed, 15 Sep 2010 11:18:27 +0000 (13:18 +0200)]
s3-printing: fix print_spool_terminate().
Simo, Andreas, please check.
Guenther
Anatoliy Atanasov [Tue, 14 Sep 2010 15:07:09 +0000 (18:07 +0300)]
s4/fsmo: Extended fsmo test with infrastructure, pdc and rid roles
Anatoliy Atanasov [Wed, 15 Sep 2010 07:17:55 +0000 (10:17 +0300)]
s4/fsmo: Handle infrastructure, pdc and rid extended ops
With this change we can transfer all roles back and forward, except
for the naming master. Also this commit fixes the naming of
fsmo_role_dn - used to point to the DN from which we read fSMORoleOwner
role_owner_dn - used to point to the NTDSDSA who owns the role
Now we always pass fsmo_role_dn, role_owner_dn to the extended operation
and to drepl_create_role_owner_source_dsa
Conflicts:
source4/dsdb/repl/drepl_ridalloc.c
Anatoliy Atanasov [Tue, 14 Sep 2010 14:59:32 +0000 (17:59 +0300)]
s4/fsmo: Remove empty new lines
Simo Sorce [Tue, 6 Jul 2010 19:29:32 +0000 (15:29 -0400)]
s3-winbindd: Use rpc_open_pipe_interface in winbindd.
Signed-off-by: Andreas Schneider <asn@samba.org>
Andreas Schneider [Wed, 15 Sep 2010 09:38:53 +0000 (11:38 +0200)]
s3-rpc_server: Use talloc_stackframe.