Andrew Bartlett [Wed, 24 Mar 2010 05:09:02 +0000 (16:09 +1100)]
s4:ntlmssp Ensure that we always negotiate signing if we negotiate sealing.
Without this, a sealed LDAP connection to windows does not work.
Andrew Bartlett
Volker Lendecke [Tue, 23 Mar 2010 17:36:55 +0000 (18:36 +0100)]
s3: Optimize gencache for smbd exit
If thousands of smbds try to gencache_stabilize at the same time because the
network died, all of them might be sitting in transaction_start. Don't do the
stabilize transaction if nothing has changed in gencache_notrans.tdb.
Volker
Andrew Tridgell [Tue, 23 Mar 2010 18:06:25 +0000 (05:06 +1100)]
libreplace: fixed declaration of dprintf() on FreeBSD
Andrew Tridgell [Wed, 24 Mar 2010 05:52:37 +0000 (16:52 +1100)]
s4-provision: FreeBSD uses 'staff' for users
Andrew Tridgell [Tue, 23 Mar 2010 15:02:32 +0000 (11:02 -0400)]
s4-provision: solaris uses the group "other"
Andrew Tridgell [Mon, 22 Mar 2010 07:40:44 +0000 (18:40 +1100)]
build: fixed nss_wrapper on solaris
solaris has different getpwnam_r syntax
Simo Sorce [Tue, 23 Mar 2010 22:45:20 +0000 (18:45 -0400)]
idl: fix forest trust information idl
--validate now passes
Günther Deschner [Tue, 23 Mar 2010 17:32:06 +0000 (18:32 +0100)]
s4-smbtorture: remove tailing whitespace in samba3rpc testsuite.
Guenther
Stefan Metzmacher [Thu, 18 Mar 2010 17:55:49 +0000 (18:55 +0100)]
s4:librpc/rpc/pyrpc.h: librpc/rpc/dcerpc.h isn't needed anymore
metze
Stefan Metzmacher [Thu, 18 Mar 2010 18:36:50 +0000 (19:36 +0100)]
s4:lib/messaging: pymessaging needs libndr.h
metze
Stefan Metzmacher [Thu, 18 Mar 2010 17:55:00 +0000 (18:55 +0100)]
pidl:Samba4/Python: librpc/rpc/dcerpc.h isn't needed anymore
metze
Stefan Metzmacher [Fri, 19 Mar 2010 12:02:26 +0000 (13:02 +0100)]
s4:libnet: don't include librpc/rpc/dcerpc.h directly
metze
Stefan Metzmacher [Fri, 19 Mar 2010 18:16:35 +0000 (19:16 +0100)]
s3:librpc/rpc: move prototypes to dcerpc.h
metze
Günther Deschner [Tue, 23 Mar 2010 16:28:55 +0000 (17:28 +0100)]
s4-smbtorture: use torture_context in samsync test.
Guenther
Günther Deschner [Tue, 23 Mar 2010 16:16:23 +0000 (17:16 +0100)]
s4-smbtorture: remove trailing whitespace from samsync torture test.
Guenther
Günther Deschner [Tue, 23 Mar 2010 15:30:05 +0000 (16:30 +0100)]
s4-smbtorture: use torture_context in libnet domain tests as well.
Guenther
Matthias Dieter Wallnöfer [Tue, 23 Mar 2010 15:43:41 +0000 (16:43 +0100)]
s4:WINREG torture - fix an error (missing "break" in a "switch")
Sorry my fault - I didn't discover that earlier since we had binary data types
support activated in s4.
Matthias Dieter Wallnöfer [Tue, 23 Mar 2010 15:19:26 +0000 (16:19 +0100)]
s4:registry - "reg_ldb_pack_value" - provide workarounds when the server receives non-standard data.
For now we reset/delete the "data" attribute. Anyway there is the need to find
a better solution (we probably want to change the format and save all data as
we got it like Windows itself does).
These workarounds are needed since for example the Windows 2000 Registry Editor
initialises empty REG_SZ strings with content '\0' and length 1 (not a valid
UTF16 sequence - "convert_string_talloc" breaks). So we simply reset/delete the
"data" attribute which works (no content).
Matthias Dieter Wallnöfer [Tue, 23 Mar 2010 15:17:25 +0000 (16:17 +0100)]
s4:registry - "LDB backend" - fix indentation
Günther Deschner [Tue, 23 Mar 2010 14:31:27 +0000 (15:31 +0100)]
s4-smbtorture: use torture_context for debugging output everywhere in libnet torture tests.
Mimir, please check.
Guenther
Günther Deschner [Tue, 23 Mar 2010 15:04:30 +0000 (16:04 +0100)]
s4-smbtorture: remove trailing whitespace in libnet torture tests.
Guenther
Karolin Seeger [Tue, 23 Mar 2010 13:53:49 +0000 (14:53 +0100)]
s3-builtin: Add missing builtin groups.
Karolin
Karolin Seeger [Tue, 23 Mar 2010 14:24:25 +0000 (15:24 +0100)]
s3: Re-run make samba3-idl.
Karolin
Karolin Seeger [Tue, 23 Mar 2010 13:26:51 +0000 (14:26 +0100)]
security.idl: Add missing builtin groups.
Karolin
Stefan Metzmacher [Sat, 20 Mar 2010 10:29:46 +0000 (11:29 +0100)]
librpc/rpc: fix dcerpc_errstr() to handle all nca_s_* status codes and fallback to WERROR codes
metze
Günther Deschner [Tue, 23 Mar 2010 13:37:40 +0000 (14:37 +0100)]
s3:re-run make samba3-idl.
Guenther
Stefan Metzmacher [Sat, 20 Mar 2010 09:57:26 +0000 (10:57 +0100)]
dcerpc.idl: add nca_s_* status codes from the DCE 1.1 specification
metze
Karolin Seeger [Tue, 23 Mar 2010 10:39:05 +0000 (11:39 +0100)]
s3-builtin: Add some builtin groups.
Karolin
Simo Sorce [Tue, 23 Mar 2010 05:06:24 +0000 (01:06 -0400)]
idl:drsblobs add code to interpret msDS-TrustForestTrustInfo
Simo Sorce [Tue, 16 Mar 2010 20:15:39 +0000 (16:15 -0400)]
s4:lsa Functions to set Domain Trust Information
Simo Sorce [Mon, 22 Mar 2010 20:37:24 +0000 (16:37 -0400)]
s4:lsa move code to add trusted domain user into its own function
Simo Sorce [Mon, 22 Mar 2010 14:48:31 +0000 (10:48 -0400)]
s4:lsa Abstract crypto (un)wrapping in separate functions
Matthias Dieter Wallnöfer [Mon, 22 Mar 2010 23:24:32 +0000 (00:24 +0100)]
s4:registry - "LDB backend" - revert the length check for UTF16 strings
Let this do the "convert_string_talloc" function as it was before.
Matthias Dieter Wallnöfer [Mon, 22 Mar 2010 23:13:26 +0000 (00:13 +0100)]
Revert "s4:torture - WINREG RPC - reactivate test "SetValueExtended" for s4"
This reverts commit
0f2cf82e5e52da6fc71742df7b13c9f372bcf113.
Naturally we have to revert this for s4 until a new storage mechanism for binary
REG_SZ and REG_*WORD values has been found.
Matthias Dieter Wallnöfer [Mon, 22 Mar 2010 23:09:22 +0000 (00:09 +0100)]
s4:registry - "LDB backend" - revert the binary storage of "REG_SZ", "REG_DWORD" and "REG_QWORD"
We agreed that this hack isn't the best of the possible solutions.
Matthias Dieter Wallnöfer [Mon, 22 Mar 2010 22:53:17 +0000 (23:53 +0100)]
s4:ldb_modules/util.c - fix two counter variables to be "unsigned"
Jeremy Allison [Mon, 22 Mar 2010 22:57:31 +0000 (15:57 -0700)]
share_info.tdb could use non-canonicalized sharenames.
Fix this by moving canonicalization into lib/sharesec.c. Update the
db version to 3. Ensures we always find share names with security
descriptors attached.
Jeremy.
Matthias Dieter Wallnöfer [Mon, 22 Mar 2010 22:16:26 +0000 (23:16 +0100)]
convert_string_talloc_convenience - print out the input buffer in a better way (using dump_data since it isn't always directly readable)
Matthias Dieter Wallnöfer [Mon, 22 Mar 2010 21:38:45 +0000 (22:38 +0100)]
s4:registry - "reg_key_del/add_abs": call "talloc_free" only on valid objects
Matthias Dieter Wallnöfer [Mon, 22 Mar 2010 21:23:08 +0000 (22:23 +0100)]
s4:registry - "reg_import_hive_key" - change a "talloc_steal" into a "talloc_reference"
Use a "talloc_reference" since the "hive" variable can continue to exist also
after the destructed "struct local_key" object. It is also referenced by the
"mountpoints" structure under the "ctx" object.
Matthias Dieter Wallnöfer [Mon, 22 Mar 2010 21:01:31 +0000 (22:01 +0100)]
s4:registry - "patchfile" - add another "W_ERROR_HAVE_NO_MEMORY" macro call
Matthias Dieter Wallnöfer [Mon, 22 Mar 2010 20:46:39 +0000 (21:46 +0100)]
s4:registry - "local" - add also here more "W_ERROR_HAVE_NO_MEMORY" macro tests
Matthias Dieter Wallnöfer [Mon, 22 Mar 2010 20:34:54 +0000 (21:34 +0100)]
s4:registry - "util.c" - initialise "result" in "reg_key_add_abs"
Matthias Dieter Wallnöfer [Mon, 22 Mar 2010 19:14:51 +0000 (20:14 +0100)]
s4:WINREG RPC - add also here a "W_ERROR_HAVE_NO_MEMORY"
Matthias Dieter Wallnöfer [Mon, 22 Mar 2010 19:12:13 +0000 (20:12 +0100)]
s4:registry - "samba.c" - add a "talloc_free"
Matthias Dieter Wallnöfer [Mon, 22 Mar 2010 19:10:26 +0000 (20:10 +0100)]
s4:registry - add more "W_ERROR_HAVE_NO_MEMORY" invocations (on talloc'ed stuff)
Matthias Dieter Wallnöfer [Mon, 22 Mar 2010 18:53:23 +0000 (19:53 +0100)]
s4:registry - "util" - remove "const" from "reg_abs_path"
Here it's not really needed
Matthias Dieter Wallnöfer [Mon, 22 Mar 2010 18:56:52 +0000 (19:56 +0100)]
s4:registry - adaptions for "add also a memory context argument for "reg_key_del_abs"
Matthias Dieter Wallnöfer [Mon, 22 Mar 2010 18:47:49 +0000 (19:47 +0100)]
s4:registry - "util" - add also a memory context argument for "reg_key_del_abs"
Matthias Dieter Wallnöfer [Mon, 22 Mar 2010 18:45:21 +0000 (19:45 +0100)]
s4:registry - "util" - make "reg_key_add_abs" consistent with "reg_key_del_abs"
Matthias Dieter Wallnöfer [Mon, 22 Mar 2010 18:44:19 +0000 (19:44 +0100)]
s4:registry - "util" - fix up memory allocated data
Matthias Dieter Wallnöfer [Mon, 22 Mar 2010 18:26:59 +0000 (19:26 +0100)]
s4:registry - "dir.c" - fix up dynamic memory allocation operations
- Added free operations where needed
- Use always the "mem_ctx" for temporary data
- Proof with W_ERROR_HAVE_NO_MEMORY if stuff was allocated
Matthias Dieter Wallnöfer [Mon, 22 Mar 2010 18:18:56 +0000 (19:18 +0100)]
s4:registry - adaptions for "add memory contexts for delete value/key functions"
Matthias Dieter Wallnöfer [Mon, 22 Mar 2010 17:51:20 +0000 (18:51 +0100)]
s4:registry - registry.h - add memory contexts for delete value/key functions
Volker Lendecke [Sun, 14 Mar 2010 19:07:58 +0000 (20:07 +0100)]
tdb: Fix bug 7248, avoid the nanosleep dependency
Jeremy Allison [Mon, 22 Mar 2010 20:05:29 +0000 (13:05 -0700)]
Fix valgrind error when running under share level security. plaintext_password
is a data blob with a data pointer pointing to an allocation of length zero.
Jeremy.
Volker Lendecke [Fri, 5 Mar 2010 15:46:36 +0000 (16:46 +0100)]
s3: Add the "ctdb locktime warn threshold" parameter
This is mainly a debugging aid for post-mortem analysis in case a cluster file
system is slow.
Volker Lendecke [Thu, 18 Mar 2010 11:50:22 +0000 (12:50 +0100)]
s3: Implement an asynchronous echo responder process
This replies to echo requests when the main smbd is stuck somewhere
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Mon, 22 Mar 2010 08:06:07 +0000 (09:06 +0100)]
s3:smbd: don't allow SMB2 if the async echo handler is active
metze
Stefan Metzmacher [Fri, 19 Mar 2010 14:47:11 +0000 (15:47 +0100)]
s3:smbd: disable SMB encryption when the echo handler is active
metze
Stefan Metzmacher [Mon, 22 Mar 2010 08:11:05 +0000 (09:11 +0100)]
s3:smbd: disallow readbraw and writebraw if the echo handler is active
metze
Stefan Metzmacher [Fri, 19 Mar 2010 11:08:13 +0000 (12:08 +0100)]
s3:smbd: disable sendfile if the echo handler is active
metze
Stefan Metzmacher [Thu, 18 Mar 2010 19:22:26 +0000 (20:22 +0100)]
s3:smbd: don't use recvfile if the echo handler is active
metze
Stefan Metzmacher [Fri, 19 Mar 2010 13:59:19 +0000 (14:59 +0100)]
s3:smbd: setup a shared memory area for the signing state
metze
Stefan Metzmacher [Mon, 22 Mar 2010 07:42:13 +0000 (08:42 +0100)]
s3:smbd: add echo handler information to struct smbd_server_connection
metze
Stefan Metzmacher [Mon, 22 Mar 2010 07:35:33 +0000 (08:35 +0100)]
s3:param: add "async smb echo handler" option
This will enable an extra forked process that will reply
to SMBecho requests, while the main process is blocked by another
request.
metze
Stefan Metzmacher [Thu, 18 Mar 2010 14:36:19 +0000 (15:36 +0100)]
s3:smbd: pass down trusted_channel via receive_smb_talloc()
metze
Stefan Metzmacher [Fri, 19 Mar 2010 11:04:32 +0000 (12:04 +0100)]
s3:smbd: let reply_readbraw_error use the locked socket
metze
Stefan Metzmacher [Fri, 19 Mar 2010 11:02:27 +0000 (12:02 +0100)]
s3:smbd: send keepalive packets under the socket lock
metze
Stefan Metzmacher [Thu, 18 Mar 2010 08:23:48 +0000 (09:23 +0100)]
s3:smbd: smbd_[un]lock_socket() while accessing the socket to the client
metze
Stefan Metzmacher [Thu, 18 Mar 2010 08:17:43 +0000 (09:17 +0100)]
s3:smbd: add smbd_[un]lock_socket() dummies
metze
Stefan Metzmacher [Thu, 18 Mar 2010 08:14:40 +0000 (09:14 +0100)]
s3:smbd: add an option to skip signings checks srv_check_sign_mac for trusted channels
metze
Stefan Metzmacher [Wed, 17 Mar 2010 14:07:07 +0000 (15:07 +0100)]
s3:libsmb: add a smb_signing_init_ex() function
Make it possible to overload memory handling functions.
metze
Stefan Metzmacher [Mon, 22 Mar 2010 07:27:58 +0000 (08:27 +0100)]
lib/util: add allocate_anonymous_shared()
metze
Volker Lendecke [Mon, 22 Mar 2010 14:29:19 +0000 (15:29 +0100)]
s3: Fix a bad memleak in winbind
Matthias Dieter Wallnöfer [Mon, 22 Mar 2010 13:00:02 +0000 (14:00 +0100)]
s4:registry - "RPC backend" - use "talloc_steal" and not "talloc_reference"
No need to create additional references but we need to assign the strings to the
right context.
Matthias Dieter Wallnöfer [Mon, 22 Mar 2010 12:39:40 +0000 (13:39 +0100)]
s4:registry - "patchfile" - check if strings could be allocated
Matthias Dieter Wallnöfer [Mon, 22 Mar 2010 12:33:04 +0000 (13:33 +0100)]
s4:registry - "patchfile" - initialise the data blobs
Matthias Dieter Wallnöfer [Mon, 22 Mar 2010 11:42:21 +0000 (12:42 +0100)]
s4:registry - "patchfile" - add more "talloc_free"s to save memory
Matthias Dieter Wallnöfer [Mon, 22 Mar 2010 11:22:13 +0000 (12:22 +0100)]
s4:registry - "util.c" - "reg_string_to_val" - consider always the return values
In some cases we didn't consider them.
Matthias Dieter Wallnöfer [Mon, 22 Mar 2010 11:15:19 +0000 (12:15 +0100)]
s4:registry - "patchfile_preg.c" - also here don't accumulate the memory usage
Free always the unused stuff.
Matthias Dieter Wallnöfer [Mon, 22 Mar 2010 11:00:57 +0000 (12:00 +0100)]
s4:registry - "patchfile_dotreg.c" - fix a memory leak
Here we allocate memory on the "NULL" context through "reg_val_data_string" on
each call of "set_value". So when we have written out the allocated data on the
specified file descriptor we should immediately free this memory! Otherwise we
may end up with a big memory consumption on big registry databases.
Matthias Dieter Wallnöfer [Mon, 22 Mar 2010 10:45:20 +0000 (11:45 +0100)]
s4:registry - "patchfile" - add comments
Helps to understand when we need to generate the hive diffs.
Volker Lendecke [Mon, 22 Mar 2010 10:19:10 +0000 (11:19 +0100)]
s3: Add "log writeable files on exit" parameter
This boolean option controls whether at exit time the server dumps a list of
files with debug level 0 that were still open for write. This is an
administrative aid to find the files that were potentially corrupt if the
network connection died.
Günther Deschner [Sat, 20 Mar 2010 23:05:00 +0000 (00:05 +0100)]
s4-selftest: fix selftest-vars script.
Tridge, please check.
Guenther
Andrew Bartlett [Mon, 22 Mar 2010 07:44:51 +0000 (18:44 +1100)]
s4:dsdb Add a shortcut sequence number for schema reloads
This uses the ldb sequence number, in a hope to detect an unchanged
schema quicker.
Andrew Bartlett
Andrew Bartlett [Mon, 22 Mar 2010 05:03:33 +0000 (16:03 +1100)]
s4:dsdb Rework schema loading and add schema reloading
This commit reworks Samba4's schema loading code to detect when it
needs to reload the schema. This is done by watching the @REPLCHANGED
special DN.
The reload happens by means of a callback, which is only set when the
schema is loaded from the ldb - not when loaded from an LDIF file or
DRS.
We also rework the global schema handling - instead of storing the
pointer to the global schema in each ldb, we store a flag indicating
that the global schema should be returned at run time. This makes it
much easier to switch to a new global schema.
Andrew Bartlett
Andrew Bartlett [Mon, 22 Mar 2010 05:00:39 +0000 (16:00 +1100)]
s4:dsdb Move dsdb_save_partition_usn() to be a module helper function
This function should not traverse the module stack again, but instead
run from this point. Also add a matching
dsdb_module_load_partition_usn() and change repl_meta_data to match.
Andrew Bartlett
Andrew Bartlett [Mon, 22 Mar 2010 04:41:51 +0000 (15:41 +1100)]
s4:schema Expand the schema structure
We now store the location of the schema in the schema, and provide
hooks for a future schema reloading mechanism.
Andrew Bartlett
Andrew Bartlett [Mon, 22 Mar 2010 04:20:47 +0000 (15:20 +1100)]
s4:dsdb Remove unused 'dsdb_make_schema_global' call from pyglue
Andrew Bartlett [Mon, 22 Mar 2010 04:19:55 +0000 (15:19 +1100)]
s4:dsdb Add 'const' to some struct dsdb_schema variables
We don't currently require this, but we may move this way in future.
Andrew Bartlett [Mon, 22 Mar 2010 04:17:58 +0000 (15:17 +1100)]
s4:dsdb Don't load the schema unconditionally
Schema loads now come at a price, so avoid doing them if we don't have
to (such as when doing an @REPLCHANGED or other special DN based
search).
Andrew Bartlett
Volker Lendecke [Mon, 22 Mar 2010 08:16:57 +0000 (09:16 +0100)]
s3: file_walk_table -> files_forall
This is more in line with the rest of the Samba code, like connections_forall
etc.
Volker Lendecke [Mon, 22 Mar 2010 08:11:24 +0000 (09:11 +0100)]
s3: Fix some nonempty blank lines
Matthias Dieter Wallnöfer [Sun, 21 Mar 2010 23:13:02 +0000 (00:13 +0100)]
s4:registry - "patchfile.c" - consider also the hives in the generated diffs
Apparently the diffs for the hives weren't generated previously.
Matthias Dieter Wallnöfer [Sun, 21 Mar 2010 23:02:06 +0000 (00:02 +0100)]
s4:registry - "patchfile.c" - fix a typo
Matthias Dieter Wallnöfer [Sun, 21 Mar 2010 22:41:50 +0000 (23:41 +0100)]
s4:regtree - fix counter variables to be "unsigned"
Matthias Dieter Wallnöfer [Sun, 21 Mar 2010 22:36:09 +0000 (23:36 +0100)]
s4:registry - "LDB backend" - "reg_ldb_unpack_value"
When the name isn't found it is the default value. Call it "" to be consistent.
Matthias Dieter Wallnöfer [Sun, 21 Mar 2010 21:01:06 +0000 (22:01 +0100)]
s4:registry - "LDB backend" - "reg_key_get_info"
Consider also the default value (if it exists) as value. That means:
- count it when setting "num_values"
- take also his buffer length as a candidate for the maximum value buffer length
This is what Windows does.
Matthias Dieter Wallnöfer [Sun, 21 Mar 2010 21:57:31 +0000 (22:57 +0100)]
s4:registry - "LDB backend" - "ldb_get_default_value"
There exist also key objects (the hives) which don't contain a "key" entry at
all. This prevented to display their default value (my fault).