Günther Deschner [Fri, 9 Jan 2015 11:54:51 +0000 (12:54 +0100)]
s3-vfs: Fix developer build of vfs_ceph module.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Michael Adam [Thu, 8 Jan 2015 23:10:37 +0000 (00:10 +0100)]
ctdb: improve helpfulness of debug message when taking reclock fails
Print out the errno if the fcntl call.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Richard Sharpe <rsharpe@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Fri Jan 9 04:25:02 CET 2015 on sn-devel-104
Martin Schwenke [Tue, 9 Dec 2014 02:40:23 +0000 (13:40 +1100)]
ctdb-daemon: Handle out-of-memory when setting recovery lock file
Log a message when the reclock file actually changes and avoid a
memory allocation when it doesn't change.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Michael Adam <obnox@samba.org>
Martin Schwenke [Fri, 19 Dec 2014 03:19:32 +0000 (14:19 +1100)]
ctdb-scripts: Don't use the GNU awk gensub() function
This is a gawk extension and can't be used reliably if just running
"awk". It is simple enough to switch to using the standard sub() and
gsub() functions.
The alternative is to switch to explicitly running "gawk". However,
although the eventscripts aren't exactly portable, it is probably
better to move closer to portability than further away.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Michael Adam <obnox@samba.org>
Martin Schwenke [Mon, 1 Dec 2014 01:21:16 +0000 (12:21 +1100)]
ctdb-scripts: Try to deal with Ubuntu having /usr/sbin/service
Falling back to running the initscript doesn't work because it detects
that upstart is being used and fails. This was observed when trying
to start winbind on Ubuntu 11.04.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Michael Adam <obnox@samba.org>
Martin Schwenke [Sat, 20 Dec 2014 08:54:13 +0000 (19:54 +1100)]
ctdb-tests: Fix tickle sniffing for IPv4
tcptickle_sniff_start() assumes that if $dst contains a ': then it
should use the IPv6 sniffing code. However, $dst is a socket, so has
a trailing ":<port>".
Strip the trailing ":<port>" before checking for ':' as a marker for
an IPv6 address.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Michael Adam <obnox@samba.org>
Led [Sun, 14 Dec 2014 19:06:44 +0000 (21:06 +0200)]
ctdb-scripts: Fix bashism in ctdbd_wrapper script
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11007
Signed-off-by: Oleksandr Chumachenko <ledest@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Michael Adam <obnox@samba.org>
Thomas Nagy [Mon, 16 Sep 2013 22:00:40 +0000 (00:00 +0200)]
wafadmin: backported the openbsd fixes from waf 1.7
This is a backport from waf 1.5...
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jan 9 02:02:07 CET 2015 on sn-devel-104
Michael Adam [Mon, 22 Dec 2014 10:30:21 +0000 (11:30 +0100)]
wafsamba: remove commented out code.
This code has only ever been there as commented out...
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Mon, 22 Dec 2014 10:27:40 +0000 (11:27 +0100)]
Revert "waf: added suncc_wrap"
This reverts commit
65743f932b511db009655847e77288c95c0aa525.
Conflicts:
buildtools/wafsamba/samba_optimisation.py
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Fri, 19 Dec 2014 12:10:30 +0000 (13:10 +0100)]
wafsamba: generate an empty.c file if a SAMBA_{LIBRARY,SUBSYSTEM} doesn't have any source files
This is better than passing '-' as filename to the compiler/linker.
This replaces commit
65743f932b511db009655847e77288c95c0aa525.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=9334
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10315
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Ralph Boehme [Fri, 19 Dec 2014 08:05:33 +0000 (09:05 +0100)]
wafsamba: flags from enviroment are put before our own internal versions
Ensure user provided CPPFLAGS and LDFLAGS are put *behind* our
internally computed compiler and linker flags.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10877
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Thu, 18 Dec 2014 20:36:07 +0000 (21:36 +0100)]
wafsamba: filter out standard library paths from RPATH and LIBPATH
We should avoid passing them explicitly to the compiler/linker.
We ask the compiler with the '-print-search-dirs' argument
or fallback to [ '/usr/lib', '/usr/lib64' ].
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Michael Adam [Thu, 18 Dec 2014 17:09:15 +0000 (18:09 +0100)]
wafsamba: fix ordering problems with lib-provided and internal RPATHs
When a library or system (like cups) provides an RPATH,
e.g. with -Wl,-R or -Wl,-rpath, this was added by waf
to the LINKFLAGS, wich was later prepended to our RPATH.
But if the path by chance contains an older version of
one of our internal libraries like talloc, this would lead
to linking the too old talloc into our binaries.
This has been observed on, e.g., FreeBSD, but it is a general
problem.
This patch fixes the problem by specially parsing the RPATH
linker options from the pkg-config(, cups-config, ....) output
and putting the paths into the RPATH_<lib> container, which
is then later correctly appended to our internal RPATH.
This is a better fix than commit
64f5e24100a764ec198cab9a8d2c43fa86e7027c
as it touches wafsamba only.
64f5e24100a764ec198cab9a8d2c43fa86e7027c
is already in waf 1.5 upstream, but has some possible bugs,
e.g. it doesn't handle -Wl,-R, (with ',' at the end)
or some combinations where the path is given via an additional
-Wl,/path argument.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10548
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Wed, 7 Jan 2015 10:13:04 +0000 (11:13 +0100)]
wafsamba: make it possible to specify ADDITIONAL_{CFLAGS,LDFLAGS} as env var to ./configure
CFLAGS and LDFLAGS are also used during the configure checks and might impact
their results.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Wed, 7 Jan 2015 08:16:57 +0000 (09:16 +0100)]
wafsamba: improve -fvisibility=hidden, we should check it together this WERROR_CFLAGS
GCC ignores -fvisibility=hidden with a warning instead of failing
om some platforms (e.g. Solaris).
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11031
Based on a patch from Tom Schulz <schulz@adi.com>.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Wed, 7 Jan 2015 08:58:38 +0000 (09:58 +0100)]
wafsamba: let CURRENT_CFLAGS() use bld.env.VISIBILITY_CFLAGS
This is better than a hardcoded value in multiple places.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Wed, 7 Jan 2015 08:56:56 +0000 (09:56 +0100)]
wafsamba: move -fvisibility=hidden checks from lib/replace to wafsamba
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Wed, 7 Jan 2015 08:54:43 +0000 (09:54 +0100)]
wafsamba: move '-fstack-protector' checks from lib/replace to wafsamba
This moves the check to the end of the configure run,
which means we no longer use this on configure checks,
but only for the real build.
This behavior is similar than our developer cflags.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Wed, 7 Jan 2015 08:52:53 +0000 (09:52 +0100)]
wafsamba: move WERROR_CFLAGS checks from lib/replace to wafsamba
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Wed, 7 Jan 2015 08:48:38 +0000 (09:48 +0100)]
wafsamba: move compiler / cflags related stuff from lib/replace to wafsamba
We should have this just in one central place.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Wed, 7 Jan 2015 08:41:02 +0000 (09:41 +0100)]
wafsamba: let TO_LIST(mylist) return a copy of mylist
In most cases we have TO_LIST(mystring) which returns an independent
list.
newlist = TO_LIST(mylist) returned just a reference to mylist.
Which means newlist.append("end") would also modify mylist.
TO_LIST() should always return an independent list.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Thu, 8 Jan 2015 16:14:37 +0000 (17:14 +0100)]
vfs_fruit: mmap under FreeBSD needs PROT_READ
We memmove, which does read
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Böhme <rb@sernet.de>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andreas Schneider [Thu, 8 Jan 2015 09:24:36 +0000 (10:24 +0100)]
lib/util: Avoid collision which alread defined consumer DEBUG macro.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11033
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Thu Jan 8 21:41:30 CET 2015 on sn-devel-104
Ralph Boehme [Wed, 7 Jan 2015 21:47:13 +0000 (22:47 +0100)]
s4:torture:vfs_fruit: fix model name check
Don't abort when the model string is not "Samba", simply log it.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Jan 8 15:31:44 CET 2015 on sn-devel-104
Volker Lendecke [Tue, 6 Jan 2015 15:55:15 +0000 (15:55 +0000)]
vfs_fruit: fix base_fsp name conversion
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Richard Sharpe [Wed, 24 Dec 2014 01:33:34 +0000 (17:33 -0800)]
Add a script-only idmap module.
In this third version I have cleaned up some unused variable warnings that
only the Samba 3 build found and added a man page based on the idmap_tdb2
man page. I have also added support for ID_TYPE_BOTH mappings and replaced
calls to popen with something safer. Also, I removed some non-PC macros.
Signed-off-by: Richard Sharpe <rsharpe@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jan 8 04:30:32 CET 2015 on sn-devel-104
Noel Power [Thu, 2 Oct 2014 15:13:18 +0000 (16:13 +0100)]
allow net ads join accept new osServicePack parameter
osServicePack paramater allows the default behaviour ( which is to use
the samba version string as the operatingSystemServicePack attribute )
to be overridden
Additionally make sure if blank string is passed that it is treated
as attribute deletion. This is necessary as values for the os attributes
are eventually passed to ads_modlist_add if the value is "" then the
attempt to add this attribute fails in the underlying ldap
'ldap_modfiy_ext_s' function. In this case we need to pass NULL as the
value to force deletion of the ldap attribute
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jan 8 00:18:05 CET 2015 on sn-devel-104
Andreas Schneider [Wed, 7 Jan 2015 16:12:54 +0000 (17:12 +0100)]
s3-libads: Fix a possible segfault in kerberos_fetch_pac().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11037
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Günther Deschner [Wed, 17 Dec 2014 12:48:53 +0000 (13:48 +0100)]
vfs: Add glusterfs manpage.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10240
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Wed Jan 7 20:57:57 CET 2015 on sn-devel-104
Volker Lendecke [Mon, 5 Jan 2015 15:34:29 +0000 (16:34 +0100)]
passdb: Cache output from pdb_[ug]id_to_sid
A customer complained that after upgrading to Samba 4.0 fileserver
its LDAP server was flooded with uid2sid and gid2sid request for id
0. With 4.0 we do a lot more user-space ACL checking which involves
uid2sid/gid2sid. This caches the corresponding results.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Jan 7 12:00:10 CET 2015 on sn-devel-104
Garming Sam [Tue, 6 Jan 2015 23:18:55 +0000 (12:18 +1300)]
selftest: fix dns_host_file in samba3 target
When setting up s3member twice in a row, the join ending up attempting kerberos
and using an old ticket in the st folder, failing with bad credentials.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jan 7 03:58:10 CET 2015 on sn-devel-104
Ralph Boehme [Tue, 6 Jan 2015 23:56:16 +0000 (15:56 -0800)]
fixup: check for NULL pointers
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Mon, 5 Jan 2015 15:01:16 +0000 (16:01 +0100)]
s4:rpc_server/lsa: remove msDS-TrustForestTrustInfo if FOREST_TRANSITIVE is cleared
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Simo Sorce <idra@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Jan 6 22:50:23 CET 2015 on sn-devel-104
Stefan Metzmacher [Mon, 5 Jan 2015 14:59:31 +0000 (15:59 +0100)]
s4:rpc_server/lsa: allow LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE to be changed.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Simo Sorce <idra@samba.org>
Christof Schmitt [Fri, 19 Dec 2014 19:24:53 +0000 (12:24 -0700)]
winbind: Retry after SESSION_EXPIRED error in ping-dc
Trying to establish a netlogon connection when the service ticket
expires might fail with NT_STATUS_NETWORK_SESSION_EXPIRED. The
underlying client code already marks the session as invalid, so retry
the netlogon connect in this case.
Signed-off-by: Christof Schmit <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jan 6 02:58:57 CET 2015 on sn-devel-104
Volker Lendecke [Wed, 31 Dec 2014 13:27:03 +0000 (14:27 +0100)]
smbd: Properly handle EINTR in vfs_aio_fork
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Wed, 31 Dec 2014 13:26:43 +0000 (14:26 +0100)]
smbd: Use msghdr.[ch] in vfs_aio_fork
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Wed, 31 Dec 2014 13:19:13 +0000 (14:19 +0100)]
lib: Use msghdr_prep_recv_fds in unix_msg
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Wed, 31 Dec 2014 13:18:59 +0000 (14:18 +0100)]
lib: Add msghdr_prep_recv_fds
This will prepare a msghdr for receiving fd's. Same pattern as before: First
get the buffer size, then fill in msghdr.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Wed, 31 Dec 2014 12:33:48 +0000 (13:33 +0100)]
lib: Use msghdr_extract_fds in unix_msg
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Wed, 31 Dec 2014 12:14:41 +0000 (13:14 +0100)]
lib: Add msghdr_extract_fds
This is a copy of the extract_fd_array_from_msghdr routine in unix_msg.c, with
a similar use pattern: First call it without an output array to get the length
and then call it a second time to actually fill in the array.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Wed, 31 Dec 2014 12:03:24 +0000 (13:03 +0100)]
smbd: Use msghdr_prep_fds in vfs_aio_fork
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Tue, 30 Dec 2014 14:05:02 +0000 (14:05 +0000)]
lib: Use msghdr in unix_msg
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Tue, 30 Dec 2014 13:36:46 +0000 (13:36 +0000)]
lib: Add msghdr.[ch]
This is a little set of routines to deal with the ugly fd-passing macros.
This patch is the first step assisting the creation of msghrds for sending fds.
Receiving fd helpers will follow later.
The basic idea behind these routines is that they fill a variable-sized buffer.
They are supposed to be called twice per msghdr preparation. First with a
0-sized NULL output buffer to calculate the required bufsize, and then a second
time filling in the buffer as such.
This does not take care of the old msg_accrights way of passing file
descriptors. CMSG/SCM_RIGHTS is standardized for quite a while now, and I
believe this intreface can be made to also take care of msg_accrights if
needed.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Tue, 30 Dec 2014 11:26:16 +0000 (12:26 +0100)]
lib: unix_dgram_msg does not need "num_fds"
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Wed, 31 Dec 2014 09:39:25 +0000 (10:39 +0100)]
torture3: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Tue, 23 Dec 2014 09:43:19 +0000 (09:43 +0000)]
s3:winbindd: improve logic to use CLDAP for a given domain.
As an AC Domain Controller we should try CLDAP for active directory domains.
E.g. FreeIPA domains doesn't provide NBT at all...
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Mon Jan 5 19:23:40 CET 2015 on sn-devel-104
Stefan Metzmacher [Tue, 23 Dec 2014 09:43:03 +0000 (09:43 +0000)]
s3:winbindd: mark our primary as active_directory if possible
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Tue, 23 Dec 2014 11:09:04 +0000 (11:09 +0000)]
libcli/netlogon: We need to handle a bug in FreeIPA (at least <= 4.1.2).
They include the ip address information without setting
NETLOGON_NT_VERSION_5EX_WITH_IP, while using
ndr_push_NETLOGON_SAM_LOGON_RESPONSE_EX instead of
ndr_push_NETLOGON_SAM_LOGON_RESPONSE_EX_with_flags.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Wed, 24 Dec 2014 12:58:12 +0000 (13:58 +0100)]
s3:passdb: fix logic in pdb_set_pw_history()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10940
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Jan 5 16:51:30 CET 2015 on sn-devel-104
Stefan Metzmacher [Wed, 31 Dec 2014 23:23:35 +0000 (00:23 +0100)]
Happy New Year 2015!
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jan 1 02:47:59 CET 2015 on sn-devel-104
Garming Sam [Mon, 29 Dec 2014 20:36:37 +0000 (09:36 +1300)]
torture: NULL out after talloc_free
This appeared as a segmentation fault in rpc.spoolss.printer.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Dec 30 02:49:01 CET 2014 on sn-devel-104
Volker Lendecke [Sat, 27 Dec 2014 16:51:32 +0000 (16:51 +0000)]
lib: Fix a comment
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 27 Dec 2014 16:48:55 +0000 (16:48 +0000)]
lib: Use iov_advance in write_data_iov
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 27 Dec 2014 16:39:08 +0000 (16:39 +0000)]
lib: Use iov_advance in writev_handler
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 27 Dec 2014 13:16:20 +0000 (13:16 +0000)]
lib: Add iov_advance
This chops off n bytes from an iovec array. Used for short writev's
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 27 Dec 2014 12:24:13 +0000 (12:24 +0000)]
lib: iov_buf does not need talloc.h anymore
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 13 Dec 2014 08:52:42 +0000 (09:52 +0100)]
lib: Use talloc_memdup in messaging_rec_dup
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sun Dec 28 04:20:48 CET 2014 on sn-devel-104
Volker Lendecke [Mon, 15 Dec 2014 11:09:11 +0000 (12:09 +0100)]
lib: Simplify check_log_size
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 26 Dec 2014 19:41:23 +0000 (19:41 +0000)]
lib: Use talloc_zero_array instead of memset
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Sat Dec 27 01:27:08 CET 2014 on sn-devel-104
Richard Sharpe [Fri, 26 Dec 2014 14:42:40 +0000 (06:42 -0800)]
Fix a comment to indicate that TALLOC_FREE must be used to free an allocated array of strings.
Signed-off-by: Richard Sharpe <realrichardsharpe@gmail.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Dec 26 22:54:51 CET 2014 on sn-devel-104
Christof Schmitt [Mon, 22 Dec 2014 23:19:47 +0000 (15:19 -0800)]
winbind: Retry LogonControl RPC in ping-dc after session expiration
When the underlying session expires, the LogonControl RPC call used in
ping-dc returns NT_STATUS_IO_DEVICE_ERROR. Retry once in this case,
instead of returning the error to the caller.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Dec 23 02:46:34 CET 2014 on sn-devel-104
Garming Sam [Wed, 3 Dec 2014 22:53:12 +0000 (11:53 +1300)]
dsdb: Add tokenGroupsGlobalAndUniversal, tokenGroups, tokenGroupsNoGCAcceptable
This includes additional tests based directly on the docs, rather than
simply testing our internal implementation in client and server contexts,
that create a user and groups.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11022
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming-Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Dec 22 17:17:02 CET 2014 on sn-devel-104
Andrew Bartlett [Fri, 19 Dec 2014 02:14:22 +0000 (15:14 +1300)]
dns.py: Always remove the test zone in tearDown()
Change-Id: Ic6d6c51579f8859b4e396179123974382c253bf7
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Mon Dec 22 08:21:22 CET 2014 on sn-devel-104
Andrew Bartlett [Fri, 19 Dec 2014 01:42:08 +0000 (14:42 +1300)]
dsdb: Ignore errors from search in dns_notify module
This ensures the error messages are unchanged
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Fri, 19 Dec 2014 01:41:40 +0000 (14:41 +1300)]
dsdb: Use a fixed set of attributes in search in dns_notify module
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Fri, 19 Dec 2014 01:40:28 +0000 (14:40 +1300)]
dsdb: Use ldb_attr_cmp() for comparing objectclass names
This is the same as strcasecmp, but it is best to remain consistent.
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Tue, 16 Dec 2014 17:04:13 +0000 (18:04 +0100)]
dns.py: Test dns server reload zones from DSDB when are created or deleted
Signed-off-by: Samuel Cabrero <samuelcabrero@kernevil.me>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Samuel Cabrero [Tue, 16 Dec 2014 09:58:50 +0000 (10:58 +0100)]
s4-dns: Reload DNS zones from dsdb when zones are modified through RPC or DRS
Setup a RPC management call on the internal DNS server triggered a new LDB
module which sniffs dnsZone object add, delete and modify operations. This
way the notification is triggered when zones are modified either from RPC or
replicated by inbound DRS.
Signed-off-by: Samuel Cabrero <samuelcabrero@kernevil.me>
(shadowed variable error corrected by abartlet)
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Fri, 19 Dec 2014 01:58:01 +0000 (14:58 +1300)]
selftest: Run samba.tests.dns in :local environment so it can access credentials
This allows it to access the machine account, and use that to modify the DNS zones
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Fri, 19 Dec 2014 03:02:40 +0000 (16:02 +1300)]
lib/ldb-samba: Add comment dicouraging use of schemaUpgradeInProgress
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Mon Dec 22 02:42:42 CET 2014 on sn-devel-104
Andrew Bartlett [Fri, 19 Dec 2014 02:46:30 +0000 (15:46 +1300)]
dsdb: Only parse SAMBA_LDAP_MATCH_RULE_TRANSITIVE_EVAL as a DN
This avoids trying to parse some other rule, like bitwise and, that may be applied to this attribute
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Mon, 10 Nov 2014 15:06:45 +0000 (16:06 +0100)]
s4:dsdb: Fix not freed temp memory context
Signed-off-by: Samuel Cabrero <samuelcabrero@kernevil.me>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Mon, 27 Oct 2014 17:21:04 +0000 (18:21 +0100)]
ldb-samba-tests: Add tests for transitive matching rule
Signed-off-by: Samuel Cabrero <samuelcabrero@kernevil.me>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Samuel Cabrero [Fri, 24 Oct 2014 15:52:47 +0000 (17:52 +0200)]
ldb-samba: Implement transitive extended matching
Documented in [MS-ADTS] section 3.1.1.3.4.4.3 LDAP_MATCHING_RULE_TRANSITIVE_EVAL
This allows a search filter such as:
member:1.2.840.113556.1.4.1941:=cn=user,cn=users,dc=samba,dc=example,dc=com
This searches not only the member attribute, but also any member
attributes that point at an object with this member in them. All the
various DN syntax types are supported, not just plain DNs.
Signed-off-by: Samuel Cabrero <samuelcabrero@kernevil.me>
(abartlet: Fixed compile error: return makes integer from pointer without a cast)
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Samuel Cabrero [Thu, 23 Oct 2014 14:47:07 +0000 (16:47 +0200)]
dsdb: Define syntax access point oid string as a macro
Signed-off-by: Samuel Cabrero <samuelcabrero@kernevil.me>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Fri, 19 Dec 2014 02:25:03 +0000 (15:25 +1300)]
ldb: bump to version 1.1.19
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Pair-programmed-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Samuel Cabrero [Wed, 5 Nov 2014 10:02:25 +0000 (11:02 +0100)]
ldb: Allow to register extended match rules
This allows to extend LDB by registering extended match rules from outside
the library itself. This is necessary when the implementation requires
knowledge about syntaxes implemented in samba extensions, like the
LDAP_MATCHING_RULE_TRANSITIVE_EVAL match.
Signed-off-by: Samuel Cabrero <samuelcabrero@kernevil.me>
Singed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Fri, 19 Dec 2014 02:39:59 +0000 (15:39 +1300)]
dsdb: Improve code clarity for ldb_extended_dn_in_openldap mode
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Tue, 28 Oct 2014 10:53:01 +0000 (11:53 +0100)]
s4:dsdb/extended_dn_in: Fix DNs and filter expressions in extended match ops
Signed-off-by: Samuel Cabrero <samuelcabrero@kernevil.me>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
David Disseldorp [Wed, 3 Dec 2014 17:44:37 +0000 (18:44 +0100)]
torture/spoolss: issue GetJob after StartDocPrinter
This reflects Windows XP spoolss client behaviour. This fails if the job
is not yet instantiated on the server, and prior to the bso#10984 fix
resulted in an unsable DCERPC pipe.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Dec 19 18:03:20 CET 2014 on sn-devel-104
David Disseldorp [Wed, 17 Dec 2014 15:54:42 +0000 (16:54 +0100)]
spoolss: clear PrinterInfo on GetPrinter error
If an error is returned without zeroing a pre-allocated @info pointer,
then marshalling of the response will fail.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10984
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
David Disseldorp [Wed, 17 Dec 2014 15:47:50 +0000 (16:47 +0100)]
spoolss: clear info on GetPrinterDriverDirectory error
If an error is returned without zeroing a pre-allocated @info pointer,
then marshalling of the response will fail.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10984
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
David Disseldorp [Wed, 17 Dec 2014 14:54:22 +0000 (15:54 +0100)]
spoolss: clear info on GetPrintProcessorDirectory error
If an error is returned without zeroing a pre-allocated @info pointer,
then marshalling of the response will fail.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10984
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
David Disseldorp [Wed, 17 Dec 2014 14:29:52 +0000 (15:29 +0100)]
spoolss: clear FormInfo on GetForm error
In handling a spoolss GetForm request, the handler may return an
immediate error if one of the input parameters is invalid. If this is
done without zeroing the pre-allocated @info pointer, then marshalling
of the response will fail.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10984
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
David Disseldorp [Wed, 17 Dec 2014 14:21:33 +0000 (15:21 +0100)]
spoolss: clear DriverInfo on GetPrinterDriver2 error
In handling a spoolss GetPrinterDriver2 request, the handler may
return an immediate error if one of the input parameters is invalid.
If this is done without zeroing the pre-allocated @info pointer, then
marshalling of the response will fail.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10984
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
David Disseldorp [Thu, 4 Dec 2014 19:03:39 +0000 (20:03 +0100)]
spoolss: clear JobInfo on GetJob error
In handling a spoolss GetJob request, the _spoolss_GetJob() handler may
return an immediate error if one of the input parameters is invalid. If
this is done without zeroing the pre-allocated @info pointer, then
api_spoolss_GetJob() will attempt to marshall @info, which in the case
of an @offered value of zero results in a marshalling error:
ndr_push_error(7): Bad subcontext (PUSH) content_size 64 is larger
than size_is(0)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10984
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Mon, 15 Dec 2014 15:48:27 +0000 (16:48 +0100)]
s4:kdc: add aes key support for trusted domains
We have a look at "msDS-SupportedEncryptionTypes" and >= DS_DOMAIN_FUNCTION_2008
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Dec 19 15:39:40 CET 2014 on sn-devel-104
Stefan Metzmacher [Mon, 15 Dec 2014 15:47:50 +0000 (16:47 +0100)]
s4:rpc_server/lsa: fix segfault in check_ft_info()
This is triggered by lsa_lsaRSetForestTrustInformation()
with ForestTrustInfo elements using FOREST_TRUST_TOP_LEVEL_NAME.
The nb_name variable was uninitialized and dereferenced without checking.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Mon, 15 Dec 2014 15:37:17 +0000 (16:37 +0100)]
s4:rpc_server/lsa: remove unused allow_warnings=True
We compile without warnings now.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Mon, 15 Dec 2014 15:33:38 +0000 (16:33 +0100)]
s4:rpc_server/lsa: remove trustAuthIncoming/trustAuthOutgoing when the related flag is removed.
When LSA_TRUST_DIRECTION_INBOUND or LSA_TRUST_DIRECTION_OUTBOUND flags is cleared
we should also remove the related credentials.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Mon, 15 Dec 2014 15:03:49 +0000 (16:03 +0100)]
s4:rpc_server/lsa: pass the correct variable to setInfoTrustedDomain_base()
This requires 'struct lsa_policy_state', we now pass this directly
instead of a instead of an opaque 'struct dcesrv_handle'.
dcesrv_lsa_SetInformationTrustedDomain() passes in a 'struct dcesrv_handle'
with 'struct lsa_trusted_domain_state' before, which results in segfaults.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Tue, 16 Dec 2014 15:57:49 +0000 (15:57 +0000)]
s3:pdb_samba_dsdb: use SEC_CHAN_DNS_DOMAIN in pdb_samba_dsdb_get_trusteddom_creds()
If both ends have a dns domain, we can use SEC_CHAN_DNS_DOMAIN in order to match
a Windows DC.
For kerberos we still need to use MY_NETBIOS_DOMAIN$@REMOTE_REALM.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Tue, 16 Dec 2014 15:06:56 +0000 (15:06 +0000)]
s3:pdb_samba_dsdb: add pdb_samba_dsdb_get_trusteddom_creds
We have the password as raw UTF16 blob, which might not be
valid utf16, so we need to use cli_credentials_set_utf16_password().
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11016
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Wed, 17 Dec 2014 13:05:45 +0000 (13:05 +0000)]
s3:winbindd: make use of cli_rpc_pipe_open_schannel_with_creds()
This way we pass down enough information for SEC_CHAN_DNS_DOMAIN to work.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Wed, 17 Dec 2014 08:48:38 +0000 (08:48 +0000)]
s3:winbindd: make use of rpccli_{create,setup}_netlogon_creds_with_creds()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Tue, 16 Dec 2014 23:17:52 +0000 (23:17 +0000)]
s3:winbindd: we only need a an netlogon connection to a rwdc if we're a rodc ourself
If we're a member or RWDC there's no need to require talking to a rwdc,
an rodc will forward the request if required.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Tue, 16 Dec 2014 23:17:52 +0000 (23:17 +0000)]
s3:winbindd: make sure we try to use NCACN_IP_TCP in cm_connect_netlogon
We need to call init_dc_connection_rpc() before we can decide if we want to try
NCACN_IP_TCP.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Wed, 17 Dec 2014 09:19:49 +0000 (09:19 +0000)]
s3:rpc_client: add cli_rpc_pipe_open_schannel_with_creds() helper function
This will simplify the callers and add potential support for SEC_CHAN_DNS_DOMAIN
as cli_credentials_get_realm() will return the correct value compared to
cli_credentials_get_domain().
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>