Gerald Carter [Fri, 28 Sep 2007 20:15:30 +0000 (20:15 +0000)]
r25413: Formatting an typo fixes for release notes.
Gerald Carter [Fri, 28 Sep 2007 20:12:00 +0000 (20:12 +0000)]
r25412: Add note about including HTML of Using Samba
Gerald Carter [Fri, 28 Sep 2007 18:26:51 +0000 (18:26 +0000)]
r25408: Remove Longhorn join fixes from release notes
Gerald Carter [Fri, 28 Sep 2007 18:15:34 +0000 (18:15 +0000)]
r25407: Revert Longhorn join patch as it is not correct for the 3.2 tree.
The translate_name() used by cli_session_setup_spnego() cann rely
Winbindd since it is needed by the join process (and hence before
Winbind can be run).
Gerald Carter [Fri, 28 Sep 2007 04:21:54 +0000 (04:21 +0000)]
r25403: grab latest changes form 3.2 tree in preparation for release of 3.2.0pre1
Gerald Carter [Thu, 27 Sep 2007 22:50:48 +0000 (22:50 +0000)]
r25387: Sync with 3.2.0 svn tree
Gerald Carter [Thu, 27 Sep 2007 20:14:02 +0000 (20:14 +0000)]
r25382: Commit release notes for 3.2.0pre1:
Gerald Carter [Mon, 10 Sep 2007 21:58:21 +0000 (21:58 +0000)]
r25066: Building release branch for Samba 3.2
Simo Sorce [Mon, 10 Sep 2007 19:19:59 +0000 (19:19 +0000)]
r25064: We use BOOL/True/False not bool/true/false
Simo Sorce [Mon, 10 Sep 2007 19:14:22 +0000 (19:14 +0000)]
r25063: Fix segfault in smbldp_set_creds when we want to use anonymous, the
code was not passing in the "anon" flag correctly and was passing
NULL pointers.
Simo Sorce [Mon, 10 Sep 2007 19:04:57 +0000 (19:04 +0000)]
r25062: Reformat, remove trailing spaces and fit lines into 80 columns
Volker Lendecke [Mon, 10 Sep 2007 17:49:51 +0000 (17:49 +0000)]
r25061: Pro-actively shut up Coverity :-)
Simo Sorce [Mon, 10 Sep 2007 16:56:51 +0000 (16:56 +0000)]
r25060: Fix formatting, remove trailing spaces and cut lines longer than 80 chars
Simo Sorce [Mon, 10 Sep 2007 16:21:55 +0000 (16:21 +0000)]
r25059: Apply to 3.2 as well
Simo Sorce [Mon, 10 Sep 2007 15:14:39 +0000 (15:14 +0000)]
r25057: Add a schema file ready to be used in Fedora/RedHat Directory Server
Volker Lendecke [Mon, 10 Sep 2007 10:56:07 +0000 (10:56 +0000)]
r25055: Add file_id_string_tos
This removes file_id_string_static and file_id_string_static2
Andrew Bartlett [Mon, 10 Sep 2007 02:49:57 +0000 (02:49 +0000)]
r25050: Merge new, stricter NTLM password security requirements into Samba 3.2.0
As a client, we no longer send plaintext or LM responses, unless
reconfigured.
As a server, we no longer accept LM responses (encrypt passwords = yes
has been set for a while), unless reconfigured.
Andrew Bartlett
Volker Lendecke [Sat, 8 Sep 2007 20:30:51 +0000 (20:30 +0000)]
r25040: Add "net sam rights"
Not strictly in the SAM, but close enough. This command acts directly on
the local tdb, no running smbd required
This also changes the root-only check to a warning
Volker Lendecke [Sat, 8 Sep 2007 17:08:59 +0000 (17:08 +0000)]
r25036: Fix a become/unbecome_root() pair
Lars Müller [Sat, 8 Sep 2007 14:56:11 +0000 (14:56 +0000)]
r25032: Contact an off site DC if non is available on site.
Lars Müller [Sat, 8 Sep 2007 13:53:08 +0000 (13:53 +0000)]
r25030: ip_srv_nonsite and count_nonsite are initialized in get_kdc_list() in any
case.
Volker Lendecke [Sat, 8 Sep 2007 10:30:11 +0000 (10:30 +0000)]
r25025: Remove an unused function
Volker Lendecke [Sat, 8 Sep 2007 09:15:08 +0000 (09:15 +0000)]
r25024: Fix a whole bunch of Coverity bugs
The callers of get_domain_group_from_sid() with some justification
expected map->gid to be initialized when get_domain_group_from_sid
returned True.
Jeremy Allison [Sat, 8 Sep 2007 05:35:10 +0000 (05:35 +0000)]
r25023: Coverity #455. Not actually a bug, but this clarifies
the code a lot.
Jeremy.
Jeremy Allison [Sat, 8 Sep 2007 05:18:08 +0000 (05:18 +0000)]
r25022: Fix coverity #395. Resource leak on error.
Jeremy.
Jeremy Allison [Sat, 8 Sep 2007 05:12:17 +0000 (05:12 +0000)]
r25021: Fix coverity #435. Use of -1.
Jeremy.
Jeremy Allison [Sat, 8 Sep 2007 04:57:17 +0000 (04:57 +0000)]
r25020: Fix coverity #374, possible null deref.
Jeremy.
Jeremy Allison [Sat, 8 Sep 2007 04:45:59 +0000 (04:45 +0000)]
r25019: Fix coverity bug #105, run #332. Use of uninitialized variable.
Jeremy.
Michael Adam [Fri, 7 Sep 2007 15:45:39 +0000 (15:45 +0000)]
r25002: Refactor out code duplication created by the previous
unification of r24998.
Michael
Michael Adam [Fri, 7 Sep 2007 14:54:30 +0000 (14:54 +0000)]
r24999: Use the new regval_compose() function in regval_ctr_addvalue().
Michael
Michael Adam [Fri, 7 Sep 2007 14:41:49 +0000 (14:41 +0000)]
r24998: Add a function regval_compose() to compose a REGISTRY_VALUE from
input data. Use this function in a first step to refactor
the canonicalization code of smbconf_store_values().
Michael
Michael Adam [Fri, 7 Sep 2007 13:54:56 +0000 (13:54 +0000)]
r24996: Eliminate more trailing spaces...
Volker Lendecke [Fri, 7 Sep 2007 12:13:16 +0000 (12:13 +0000)]
r24993: Apply some const
Michael Adam [Fri, 7 Sep 2007 09:14:44 +0000 (09:14 +0000)]
r24991: Kill all those lots of trailing whitespaces from secrets.c.
These red bars in vi really hurt my eyes... :-o
Michael
Michael Adam [Fri, 7 Sep 2007 08:54:48 +0000 (08:54 +0000)]
r24990: Kill an incredible amount of trailing whitespaces...
Further reformat get_trust_pw to conform to coding rules.
Michael
Derrell Lipman [Thu, 6 Sep 2007 13:20:56 +0000 (13:20 +0000)]
r24980: - Use the formal syntax for calling functions through pointers. I've wanted
to make this change for ages, but now with the issue of "open" requiring it,
this is the time to just do all of them.
Derrell
Rafal Szczesniak [Thu, 6 Sep 2007 12:45:12 +0000 (12:45 +0000)]
r24979: Ensure negative caching for name2sid, sid2name and rids2names
mappings.
rafal
Stefan Metzmacher [Thu, 6 Sep 2007 11:07:13 +0000 (11:07 +0000)]
r24976: move domain_init_recv() near the functions that uses it
metze
Stefan Metzmacher [Thu, 6 Sep 2007 10:52:21 +0000 (10:52 +0000)]
r24975: catch SIGINT and SIGQUIT like SIGTERM
metze
Michael Adam [Wed, 5 Sep 2007 16:01:27 +0000 (16:01 +0000)]
r24970: Polish some comments and add my (C).
Michael
Simo Sorce [Wed, 5 Sep 2007 12:53:38 +0000 (12:53 +0000)]
r24968: Fwd port "open" patch
Michael Adam [Wed, 5 Sep 2007 09:44:05 +0000 (09:44 +0000)]
r24962: This merges the winreg rpc server and client code from 3_2,
i.e. it removes the hand woven parsing and marshalling code
and useses the pidl generated code instead.
This removes the files rpc_server/srv_winreg.c,
rpc_parse/parse_reg.c, include/rpc_reg.h and
registry/reg_frontend_legacy.c. It effectively *copies*
the files rpc_client/cli_reg.c and rpc_server/srv_winreg_nt.c.
So not only the rewrite of srv_winreg_nt to use the pidl
based rpc code ist taken but also Volker's rewrite to use
the new reg_api code in r19991 and following.
Furthermore, net_rpc_registry.c is copied from 3_2,
giving us a full command line regedit replacement in 3_2_0.
Michael
PS: This patch sums up to 6309 lines in total, but of this,
there are 2848 lines removed by the four deleted files alone.
Diffstat says: 1098 insertions(+), 4562 deletions(-).
So it's not that bad... :-)
Gerald Carter [Wed, 5 Sep 2007 01:25:38 +0000 (01:25 +0000)]
r24961: remove --with-python files from release since no one has stepped up to maintain them
Gerald Carter [Wed, 5 Sep 2007 01:23:48 +0000 (01:23 +0000)]
r24960: remove traces of libmsrpc AC variables from 3.2.0
Volker Lendecke [Tue, 4 Sep 2007 19:52:59 +0000 (19:52 +0000)]
r24957: Merge 21867, 21869, 21870 and 21871:
Simplify calling convention of timeout_processing. lp_deadtime is only
referenced in conn_idle_all().
Move sending keepalives out of the main processing loop into idle event.
On the way, make lp_keepalive() a proper parameter.
Move sending auth_server keepalives out of the main loop into an idle event.
Move deadtime processing into an idle event. While there, simplify
conn_idle_all() a bit.
Volker Lendecke [Tue, 4 Sep 2007 15:01:57 +0000 (15:01 +0000)]
r24956: Merge r21879:
Move process_blocking_lock_queue to a timed event.
The idea is that we have blocking.c:brl_timeout as a timed
event that is present whenever we do have a blocking lock
pending. It fires brl_timeout_fn() which calls
process_blocking_lock_queue().
Whenever we make changes to blocking_lock_queue, we trigger
a recalc_brl_timeout() which sets a new brl_timout event if
necessary. This makes the call to
blocking_locks_timeout_ms() in setup_select_timeout()
unnecessary, this is implicitly done in
event_add_to_select_args() from the timed events.
Volker
Michael Adam [Tue, 4 Sep 2007 14:54:00 +0000 (14:54 +0000)]
r24955: Reformat some object lists in Makefile.in to minimize the diff.
Günther Deschner [Tue, 4 Sep 2007 14:32:28 +0000 (14:32 +0000)]
r24954: Fix the build without krb5.
Guenther
Volker Lendecke [Tue, 4 Sep 2007 14:10:23 +0000 (14:10 +0000)]
r24953: Merge r21785 and r23121:
Avoid an unnecessary gettimeofday() call
Volker
Fix Bug #2727 and let pam_smbpass at least link and dlopen correctly again.
Thanks to Bartlomiej Solarz-Niesluchowski <Bartlomiej.Solarz-Niesluchowski@wit.edu.pl>.
Guenther
Günther Deschner [Tue, 4 Sep 2007 14:06:33 +0000 (14:06 +0000)]
r24952: Set the kdc locator env vars. This makes the krb5 locator plugin fully
operational (from within winbindd and outside).
Guenther
Volker Lendecke [Tue, 4 Sep 2007 13:21:24 +0000 (13:21 +0000)]
r24951: Warn if "os level" > 255
Thanks to Karolin Seeger <ks@sernet.de>
Volker Lendecke [Tue, 4 Sep 2007 11:21:42 +0000 (11:21 +0000)]
r24950: Merge r21784
Replace smb_register_idle_event() with event_add_timed(). This fixes winbind
which did not run the idle events to drop ldap connections.
Volker
Volker Lendecke [Tue, 4 Sep 2007 10:15:04 +0000 (10:15 +0000)]
r24949: Remove some static buffers
Volker Lendecke [Tue, 4 Sep 2007 10:03:31 +0000 (10:03 +0000)]
r24948: There is no point testing UNIXINFO -- 3.2.0 does not do it
Volker Lendecke [Tue, 4 Sep 2007 05:39:06 +0000 (05:39 +0000)]
r24943: Some stackframes
Günther Deschner [Mon, 3 Sep 2007 12:23:45 +0000 (12:23 +0000)]
r24920: Reformatting.
Guenther
Volker Lendecke [Sun, 2 Sep 2007 17:50:05 +0000 (17:50 +0000)]
r24903: One more tick in #if 0 code
Volker Lendecke [Sun, 2 Sep 2007 17:48:01 +0000 (17:48 +0000)]
r24902: DEBUG might use talloc_tos() itself...
Michael Adam [Sun, 2 Sep 2007 00:32:57 +0000 (00:32 +0000)]
r24879: Activate the winbindd cache-validation message handler.
Now the winbindd cache can be checked at runtime by
calling "smbcontrol winbindd validate-cache".
For the execution of the validation code, I fork a child
and in the child restore the default SIGCHLD handler in
order for the fork/waitpid mechanism of tdb_validate to work.
Michael
Michael Adam [Sun, 2 Sep 2007 00:23:02 +0000 (00:23 +0000)]
r24877: Don't panic in tdb validation code when the fork or waitpid fails.
Return error instead.
Michael
Derrell Lipman [Sat, 1 Sep 2007 18:35:57 +0000 (18:35 +0000)]
r24865: - Correct failure of libsmbclient against a version of Windows found on a NAS
device. The device resets a NBT connection on port 139 when it receives a
NetBIOS keepalive request. That request should be supported when NetBIOS is
in use; Windows is behaving badly.
libsmbclient needs a way to determine if a connection is still alive, and
was using a NetBIOS keepalive request if port 139 was in use (on the
assumption that it was probably NBT), and getpeername() when port 139 was
not being used (assuming naked transport).
This patch simplifies the code by exclusively using getpeername() to check
whether a connection is still alive. The NetBIOS keepalive request is
optional anyway (with preference being given to using TCP mechanisms for the
same purpose), so this should be both simpler and more reliable.
Derrell
Rafal Szczesniak [Fri, 31 Aug 2007 21:43:09 +0000 (21:43 +0000)]
r24854: Rename function as Jerry asked.
s/net_use_upn_machine_account/net_use_krb_machine_account/
rafal
Michael Adam [Fri, 31 Aug 2007 16:30:40 +0000 (16:30 +0000)]
r24848: Make tdb_validate() take an open tdb handle instead of a file name.
A new wrapper tdb_validate_open() takes a filename an opens and closes
the tdb before and after calling tdb_validate() respectively.
winbindd_validata_cache_nobackup() now dynamically calls one of
the above functions depending on whether the cache tdb has already
been opened or not.
Michael
Michael Adam [Fri, 31 Aug 2007 15:51:05 +0000 (15:51 +0000)]
r24847: Change standard failure return code of tdb_validate from "-1" to "1".
(This is more safely used with casts from int to uint8, e.g.)
Michael
Michael Adam [Fri, 31 Aug 2007 15:34:26 +0000 (15:34 +0000)]
r24845: Fix a segfault in smbcontrol when called with parameters but no extra args.
Michael
Michael Adam [Fri, 31 Aug 2007 15:24:43 +0000 (15:24 +0000)]
r24843: Add a "validate-cache" control message to winbindd.
So there is a new subcommand "smbcontrol winbindd validate-cache" now.
This change provides the infrastructure:
The function currently returns "true" unconditionally.
The call of a real cache validation function will be incorporated
in subsequent changes.
Michael
Günther Deschner [Fri, 31 Aug 2007 15:01:50 +0000 (15:01 +0000)]
r24842: Fix build warning.
Guenther
Günther Deschner [Fri, 31 Aug 2007 14:58:26 +0000 (14:58 +0000)]
r24841: The locator has no dependencies to ldap libs anymore. Also fix the build.
Guenther
Günther Deschner [Fri, 31 Aug 2007 13:51:02 +0000 (13:51 +0000)]
r24838: Now for real: build the locator, if we can.
Guenther
Michael Adam [Fri, 31 Aug 2007 13:39:51 +0000 (13:39 +0000)]
r24836: Initialize some uninitialized variables.
This prevents a segfault when get_kdc_ip_string() is called
with sitename == NULL.
Michael
Günther Deschner [Fri, 31 Aug 2007 12:21:18 +0000 (12:21 +0000)]
r24833: Move locator to nsswitch (does not belong to libads anymore).
Guenther
Günther Deschner [Fri, 31 Aug 2007 12:18:21 +0000 (12:18 +0000)]
r24832: In the winbind-locator recursion case, try to pick up the kdc from the
environment.
Guenther
Michael Adam [Fri, 31 Aug 2007 10:47:42 +0000 (10:47 +0000)]
r24830: Add a winbindd cache validation function that does not do
backup and corrupt file handling. (To be used in subsequent
changes.)
Michael Adam [Fri, 31 Aug 2007 10:30:14 +0000 (10:30 +0000)]
r24829: Make use of a variable, that is available... :-)
Michael Adam [Fri, 31 Aug 2007 10:06:37 +0000 (10:06 +0000)]
r24828: Give smbcontrol an initial talloc stackframe.
Michael Adam [Fri, 31 Aug 2007 09:54:30 +0000 (09:54 +0000)]
r24827: Give smbstatus an initial talloc stackframe.
Rewrite main() so as to exit only at a single point
where the stack frame is freed, too.
Michael
Volker Lendecke [Fri, 31 Aug 2007 09:39:11 +0000 (09:39 +0000)]
r24826: Fix two memleaks in idmap_cache.c, bug 4917
Thanks again to Patrick Rynhart for persisting :-)
Simo, please check!
Michael Adam [Fri, 31 Aug 2007 09:15:57 +0000 (09:15 +0000)]
r24825: Give testparm an initial talloc stackframe, so it does not complain
it is leaking.
Michael Adam [Fri, 31 Aug 2007 09:10:54 +0000 (09:10 +0000)]
r24824: Create an initial talloc stackframe for the net binary.
Jeremy Allison [Thu, 30 Aug 2007 23:07:10 +0000 (23:07 +0000)]
r24813: Reformat to 80 columns.
Jeremy.
Jeremy Allison [Thu, 30 Aug 2007 21:46:42 +0000 (21:46 +0000)]
r24811: Simple reformatting to fit the 80 columns rule.
Jeremy.
Volker Lendecke [Thu, 30 Aug 2007 19:48:31 +0000 (19:48 +0000)]
r24809: Consolidate the use of temporary talloc contexts.
This adds the two functions talloc_stackframe() and talloc_tos().
* When a new talloc stackframe is allocated with talloc_stackframe(), then
* the TALLOC_CTX returned with talloc_tos() is reset to that new
* frame. Whenever that stack frame is TALLOC_FREE()'ed, then the reverse
* happens: The previous talloc_tos() is restored.
*
* This API is designed to be robust in the sense that if someone forgets to
* TALLOC_FREE() a stackframe, then the next outer one correctly cleans up and
* resets the talloc_tos().
The original motivation for this patch was to get rid of the
sid_string_static & friends buffers. Explicitly passing talloc context
everywhere clutters code too much for my taste, so an implicit
talloc_tos() is introduced here. Many of these static buffers are
replaced by a single static pointer.
The intended use would thus be that low-level functions can rather
freely push stuff to talloc_tos, the upper layers clean up by freeing
the stackframe. The more of these stackframes are used and correctly
freed the more exact the memory cleanup happens.
This patch removes the main_loop_talloc_ctx, tmp_talloc_ctx and
lp_talloc_ctx (did I forget any?)
So, never do a
tmp_ctx = talloc_init("foo");
anymore, instead, use
tmp_ctx = talloc_stackframe()
:-)
Volker
Jeremy Allison [Thu, 30 Aug 2007 17:34:47 +0000 (17:34 +0000)]
r24808: Fix the same problem Volker noticed.
For some funny reason us4/gcc seems to fall over the '
Jeremy.
Günther Deschner [Thu, 30 Aug 2007 16:24:51 +0000 (16:24 +0000)]
r24807: Add WINBINDD_LOCATOR_KDC_ADDRESS env which will be used for the case when the
locator gets called from within winbindd.
Guenther
Günther Deschner [Thu, 30 Aug 2007 16:02:22 +0000 (16:02 +0000)]
r24806: Fix the build, sorry...
Guenther
Günther Deschner [Thu, 30 Aug 2007 15:55:59 +0000 (15:55 +0000)]
r24805: When we can build the locator, build it.
Guenther
Günther Deschner [Thu, 30 Aug 2007 15:39:51 +0000 (15:39 +0000)]
r24804: As a temporary workaround, also try to guess the server's principal in the
"not_defined_in_RFC4178@please_ignore" case to make at least LDAP SASL binds
succeed with windows server 2008.
Guenther
Volker Lendecke [Thu, 30 Aug 2007 14:55:32 +0000 (14:55 +0000)]
r24803: For some funny reason us4/gcc seems to fall over the '
Volker Lendecke [Thu, 30 Aug 2007 14:16:20 +0000 (14:16 +0000)]
r24802: Activate new tests
RAW-SAMBA3CASEINSENSITIVE and RAW-SAMBA3POSIXTIMEDLOCK
Günther Deschner [Thu, 30 Aug 2007 11:26:17 +0000 (11:26 +0000)]
r24801: When told to ignore the winbind cache also do so while trying to store entries.
Thanks Michael for pointing this out.
Guenther
Günther Deschner [Thu, 30 Aug 2007 09:52:21 +0000 (09:52 +0000)]
r24799: Prefer IP address to dns name when replying in winbindd dsgetdcname.
Guenther
Günther Deschner [Thu, 30 Aug 2007 09:15:07 +0000 (09:15 +0000)]
r24797: Fix logic in dsgetdcname().
Guenther
Rafal Szczesniak [Wed, 29 Aug 2007 20:53:09 +0000 (20:53 +0000)]
r24792: Merge from 3_2:
Add machine-authenticated connections to netlogon pipe of win2k and newer
(which may have anonymous connections restricted) and leave anonymous
for winnt domain.
rafal
Jeremy Allison [Wed, 29 Aug 2007 20:49:09 +0000 (20:49 +0000)]
r24791: Fix logic error in timeout of blocking lock processing found by
Ronnie. If a lock timeout expires, we must check we can get the
lock before responding with failure. Volker is writing a torture test.
Jeremy.
Gerald Carter [Wed, 29 Aug 2007 19:03:20 +0000 (19:03 +0000)]
r24788: Cleanup some linking msgs and remove references to libmsrpc
in SAMBA_3_2_0
Jeremy Allison [Wed, 29 Aug 2007 17:14:54 +0000 (17:14 +0000)]
r24787: Janitor for Mimir. Mimir, you checked into SAMBA_3_2 and
SAMBA_3_0 - this second branch is defunct. You should
be checking into SAMBA_3_2_0 instead - this is what we
will be shipping as 3.2.0.
Jeremy.
Use infolevel 25 to set the machine account's password (just like winxp).
This correctly updates pwdLastSet field on win2k3 server.
Günther Deschner [Wed, 29 Aug 2007 14:50:04 +0000 (14:50 +0000)]
r24786: Fix another build warning.
Guenther
Günther Deschner [Wed, 29 Aug 2007 14:35:32 +0000 (14:35 +0000)]
r24785: Put checks in parentheses.
Guenther
Michael Adam [Wed, 29 Aug 2007 14:34:15 +0000 (14:34 +0000)]
r24784: Initialize uninitalized data to prevent segfaults.
Thanks to Volker for the hint!
Michael
Günther Deschner [Wed, 29 Aug 2007 14:08:29 +0000 (14:08 +0000)]
r24783: Remove unused off_t type.
Guenther