Amitay Isaacs [Sun, 27 Nov 2011 23:33:53 +0000 (10:33 +1100)]
s4-repl: Check if GC SPN exists before using it for replication
Sometimes windows DC will set up dNSHostname before setting up
GC SPN and that causes replication errors since samba tries to
use GC SPN, which does not yet exist locally.
Pair-Programmed-With: Andrew Tridgell <tridge@samba.org>
Amitay Isaacs [Fri, 25 Nov 2011 04:43:53 +0000 (15:43 +1100)]
s4-provision: Make BIND9_DLZ as the default backend for DNS
Amitay Isaacs [Wed, 2 Nov 2011 03:32:37 +0000 (14:32 +1100)]
dlz_bind9: Added access check to verify dynamic update
This creates session info from kerberos ticket and verifies if
the signer has write access to a particular DN corresponding
to the name in dynamic update.
Pair-Programmed-With: Andrew Tridgell <tridge@samba.org>
Amitay Isaacs [Thu, 15 Sep 2011 22:54:05 +0000 (08:54 +1000)]
dlz_bind9: Use the sam database in dns/ as default
This change is introduced to access samdb copy directly, rather
than over ildap. The advantage is that the samba server does not
need to be running for bind9 to start.
Amitay Isaacs [Mon, 19 Sep 2011 23:58:42 +0000 (09:58 +1000)]
s4-provision: Create a samdb copy for access by dlz_bind9 module
This creates a copy of rootdse, configuration and schema partitions
for dlz_bind9 use in dns/ directory. Since dlz_bind9 requires write
access to DNS partitions (DomainDnsZones and ForestDnsZones), those
partitions are hard-linked (or symlinked) to the actual partitions.
An empty domain partition is created so samdb layer can work.
Amitay Isaacs [Wed, 23 Nov 2011 04:10:58 +0000 (15:10 +1100)]
s4-provision: Extract security descriptors in separate file
Need to use domain security descriptor from sambadns.py also.
Amitay Isaacs [Tue, 29 Nov 2011 00:15:05 +0000 (11:15 +1100)]
s4-test: Remove metadata and ldb.d directory on clean up
When using partitions, metadata.tdb automatically gets created in
${prefix}ldb.d/ directory. To correctly clean up check if metadata.tdb
exists, then remove metadata.tdb and directory.
Amitay Isaacs [Mon, 28 Nov 2011 06:19:50 +0000 (17:19 +1100)]
s4-samdb: seqence_number() operation must be in a transaction
Amitay Isaacs [Mon, 14 Nov 2011 06:38:04 +0000 (17:38 +1100)]
s4-dsdb: Added metadata to partition module for global sequence number
This adds support for global sequence number which is independent of
partition information.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Amitay Isaacs [Mon, 14 Nov 2011 03:14:58 +0000 (14:14 +1100)]
s4-dsdb: use dsdb_module_extended instead of duplicate code
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Amitay Isaacs [Mon, 14 Nov 2011 02:52:34 +0000 (13:52 +1100)]
s4-dsdb: Return ldb_result context in dsdb_module_extended
The result of the extended operation is now available in the calling
routine.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Amitay Isaacs [Tue, 22 Nov 2011 05:51:04 +0000 (16:51 +1100)]
s4-dsdb: Remove LDB_SEQ_HIGHEST_TIMESTAMP sequence number support
This was a hack for LDAP backends to store a sequence number as a
timestamp. It is still supported in standalone ldb tdb backend.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Volker Lendecke [Thu, 24 Nov 2011 09:55:30 +0000 (10:55 +0100)]
s3: Use tevent_req_simple_recv_ntstatus
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Mon Nov 28 17:14:27 CET 2011 on sn-devel-104
Volker Lendecke [Mon, 28 Nov 2011 13:50:03 +0000 (14:50 +0100)]
Fix Coverity ID 2638: OVERRUN_STATIC
Volker Lendecke [Mon, 28 Nov 2011 13:34:00 +0000 (14:34 +0100)]
Fix Coverity ID 2639: UNUSED_VALUE
Volker Lendecke [Mon, 28 Nov 2011 09:44:42 +0000 (10:44 +0100)]
s3: Fix a crash in group_mapping.ldb->tdb conversion
When we find a group_mapping.ldb entry without a comment, the upgrade code
would have crashed with a NULL dereference
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Mon Nov 28 12:24:08 CET 2011 on sn-devel-104
Matthias Dieter Wallnöfer [Thu, 24 Nov 2011 08:31:42 +0000 (09:31 +0100)]
s4:torture/ldap/cldap.c - remove the "test_cldap_netlogon_flag_ds_dns_forest" test
The test is wrong since the DNS_* (DS_DNS_CONTROLLER, DS_DNS_DOMAIN,
DS_DNS_FOREST_ROOT) flags are never set on the plain CLDAP pipe. They
get added only over the DsRGetDCName* calls over NETLOGON RPC.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Sun Nov 27 16:23:27 CET 2011 on sn-devel-104
Matthias Dieter Wallnöfer [Wed, 23 Nov 2011 20:05:54 +0000 (21:05 +0100)]
s4:selftest/test_samba_tool.sh - add a basic unit test for the new "domain info" command
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Matthias Dieter Wallnöfer [Wed, 23 Nov 2011 20:29:18 +0000 (21:29 +0100)]
samba-tool: domain info - add basic exception handling
It is nicer to get an error message rather than a stacktrace on wrong IP
addresses.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Matthieu Patou [Wed, 28 Sep 2011 00:46:14 +0000 (17:46 -0700)]
samba-tool: add a domain info command to get basic info
Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Matthias Dieter Wallnöfer [Wed, 23 Nov 2011 19:32:57 +0000 (20:32 +0100)]
s4:netlogon RPC server - DsRGetDcNameEx - set the DNS name flags correctly
The rules are explained in MS-NRPC 2.2.1.2.1.
Patch inspired by Matthieu Patou.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Matthieu Patou [Tue, 27 Sep 2011 19:11:36 +0000 (15:11 -0400)]
s4-netlogon: return WERR_NO_SUCH_DOMAIN instead of WERR_DS_UNAVAILABLE if we are unable to translate the domain to a dn
Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Matthias Dieter Wallnöfer [Thu, 24 Nov 2011 08:25:35 +0000 (09:25 +0100)]
s4:cldap_server/netlogon.c - DS_SERVER_CLOSEST handling
DS_SERVER_CLOSEST is only set when the client and server site coincide.
MS-NRPC 2.2.1.2.1
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Matthias Dieter Wallnöfer [Tue, 22 Nov 2011 21:26:38 +0000 (22:26 +0100)]
s4:netcmd/common.py: add a "netcmd" function to do a cldap netlogon request
This is useful for a new "samba-tool domain info" command.
Patch inspired by Matthieu Patou.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Matthias Dieter Wallnöfer [Tue, 22 Nov 2011 21:26:06 +0000 (22:26 +0100)]
s4:libnet/py_net.c: "py_net_finddc" - add an "address" parameter
This is useful for a new "samba-tool domain info" command.
Patch inspired by Matthieu Patou.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Matthias Dieter Wallnöfer [Tue, 22 Nov 2011 21:06:15 +0000 (22:06 +0100)]
s4:libnet/py_net.c - initialise optional keyword arguments
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Matthias Dieter Wallnöfer [Wed, 23 Nov 2011 08:45:31 +0000 (09:45 +0100)]
s4:libcli/finddcs_cldap.c - let "finddcs_cldap" work either with the IP address or the domain name
This will be useful for a new "samba-tool domain info" command.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Matthieu Patou [Wed, 28 Sep 2011 00:30:16 +0000 (17:30 -0700)]
smbtorture: avoid sigsev if the password is not correct
Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Matthias Dieter Wallnöfer [Tue, 25 Oct 2011 18:06:45 +0000 (20:06 +0200)]
s4:update_keytab LDB module - no need to filter for the DN
We launch a search request with base scope on exactly the same DN (see
downwards).
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Matthias Dieter Wallnöfer [Wed, 23 Nov 2011 19:19:32 +0000 (20:19 +0100)]
idl:netlogon.idl - add the Active Directory Web Service bit (DS_SERVER_WEBSERV)
MS-NRPC 2.2.1.2.1
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Thu, 10 Nov 2011 22:11:54 +0000 (23:11 +0100)]
s3:locking:posix: remove uses of SMB_ASSERT() from get_windows_lock_ref_count()
SMB_ASSERT is useless, since in non-developer build it does not actually
fail after the log message, but usual flow just continues.
Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Fri Nov 25 14:59:53 CET 2011 on sn-devel-104
Michael Adam [Thu, 10 Nov 2011 21:55:28 +0000 (22:55 +0100)]
s3:locking:posix: adapt use of dbrwrap_fetch() to new NTSTATUS semantics
Gregor Beck [Mon, 7 Nov 2011 12:31:26 +0000 (13:31 +0100)]
s3:registry: write INFO/version if we create registry.tdb
Signed-off-by: Michael Adam <obnox@samba.org>
Gregor Beck [Tue, 25 Oct 2011 14:32:12 +0000 (16:32 +0200)]
s3:dbwrap: do not burden the user of db_open_ctdb with ifdef voodoo
Signed-off-by: Michael Adam <obnox@samba.org>
Gregor Beck [Fri, 21 Oct 2011 08:49:45 +0000 (10:49 +0200)]
s3:lib fix output of hex escapes > 0x7F with cbuf_print_quoted
(cherry picked from commit
a1fcb7e37a23dcc035686486d4afe32a67082ae1)
Gregor Beck [Fri, 21 Oct 2011 13:32:27 +0000 (15:32 +0200)]
s3:net registry check: improve console output
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Sun, 20 Nov 2011 22:45:05 +0000 (23:45 +0100)]
socket_wrapper: use libreplace headers based on "#ifdef HAVE_LIBREPLACE"
instead of "#ifdef _SAMBA_BUILD_".
This is to be able to use socket_wrapper in other projects
that also use libreplace.
Michael Adam [Fri, 18 Nov 2011 14:37:07 +0000 (15:37 +0100)]
socket_wrapper: simplify include path for replace.h
Volker Lendecke [Thu, 24 Nov 2011 09:58:52 +0000 (10:58 +0100)]
s3: user_domain is not used in wb_getpwsid
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Fri Nov 25 13:23:30 CET 2011 on sn-devel-104
Volker Lendecke [Fri, 25 Nov 2011 07:45:26 +0000 (08:45 +0100)]
s3: Add some const
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Fri Nov 25 10:21:07 CET 2011 on sn-devel-104
Stefan Metzmacher [Thu, 24 Nov 2011 11:33:19 +0000 (12:33 +0100)]
s3:torture: test smb2cli_logoff and smb2cli_tdis
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Thu Nov 24 20:36:31 CET 2011 on sn-devel-104
Stefan Metzmacher [Mon, 21 Nov 2011 15:30:09 +0000 (16:30 +0100)]
s3:smb2cli: zero tid in smb2cli_tdis*
metze
Stefan Metzmacher [Mon, 21 Nov 2011 15:30:09 +0000 (16:30 +0100)]
s3:smb2cli: free session in smb2cli_logoff*
metze
Volker Lendecke [Mon, 21 Nov 2011 11:12:53 +0000 (12:12 +0100)]
s3:libsmb: Fix a typo
Stefan Metzmacher [Sat, 22 Oct 2011 08:37:34 +0000 (10:37 +0200)]
s3:torture: add SMB2-SESSION-REAUTH
metze
Stefan Metzmacher [Sat, 22 Oct 2011 08:34:31 +0000 (10:34 +0200)]
s3:torture: add SMB2-MULTI-CHANNEL test
metze
Michael Adam [Mon, 19 Sep 2011 08:09:34 +0000 (10:09 +0200)]
s3:torture: add a new test SMB2-TCON-DEPENDENCE
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Mon, 19 Sep 2011 08:08:48 +0000 (10:08 +0200)]
s3:torture:smb2: add SMB2-SESSION-RECONNECT test
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Sat, 24 Sep 2011 07:36:58 +0000 (09:36 +0200)]
s4:libcli/smb2: use talloc_zero() in smb2_request_init()
metze
Stefan Metzmacher [Mon, 21 Nov 2011 16:43:11 +0000 (17:43 +0100)]
s4:libcli/smb2: fix compiler warning in smb2_push_o16s16_string()
metze
Stefan Metzmacher [Tue, 20 Sep 2011 18:59:45 +0000 (20:59 +0200)]
s4:libcli/smb2: implement on top of smbXcli_conn/req
metze
Stefan Metzmacher [Sun, 25 Sep 2011 01:15:54 +0000 (03:15 +0200)]
s3:smbXcli: keep two fd per connection in order to work with the epoll tevent backend
metze
Stefan Metzmacher [Thu, 22 Sep 2011 19:30:13 +0000 (21:30 +0200)]
s4:torture/smb2: use tctx->ev as event context for polling
metze
Stefan Metzmacher [Thu, 24 Nov 2011 12:03:11 +0000 (13:03 +0100)]
s3:torture: use cli_tree_connect() instead of smb2cli_tcon()
metze
Stefan Metzmacher [Mon, 31 Oct 2011 16:51:47 +0000 (17:51 +0100)]
s3:client: make use of cli_tree_connect()
metze
Stefan Metzmacher [Mon, 31 Oct 2011 16:51:11 +0000 (17:51 +0100)]
s3:libsmb: make use of cli_tree_connect()
metze
Stefan Metzmacher [Mon, 31 Oct 2011 16:50:32 +0000 (17:50 +0100)]
s3:nmbd: make use of cli_tree_connect()
metze
Stefan Metzmacher [Mon, 31 Oct 2011 16:49:29 +0000 (17:49 +0100)]
s3:torture: make use of cli_tree_connect()
metze
Stefan Metzmacher [Mon, 31 Oct 2011 16:48:57 +0000 (17:48 +0100)]
s3:utils: make use of cli_tree_connect()
metze
Stefan Metzmacher [Mon, 31 Oct 2011 16:48:20 +0000 (17:48 +0100)]
s3:winbindd_cm: make use of cli_tree_connect()
metze
Stefan Metzmacher [Tue, 20 Sep 2011 04:57:37 +0000 (06:57 +0200)]
s3:libsmb: add cli_tree_connect() for a generic tree connect
metze
Stefan Metzmacher [Fri, 21 Oct 2011 08:08:39 +0000 (10:08 +0200)]
s3:smb2cli: remove unused smb2cli_sesssetup_ntlmssp*
metze
Stefan Metzmacher [Tue, 27 Sep 2011 22:58:28 +0000 (00:58 +0200)]
s3:torture: replace smb2cli_sesssetup_ntlmssp() with the more generic cli_session_setup()
metze
Stefan Metzmacher [Tue, 20 Sep 2011 03:07:27 +0000 (05:07 +0200)]
s3:libsmb: add SMB2 support to cli_session_setup()
metze
Stefan Metzmacher [Sun, 28 Aug 2011 16:05:04 +0000 (18:05 +0200)]
s3:libsmb: implement cli_trans* on top of smb1cli_trans*
metze
Stefan Metzmacher [Sat, 17 Sep 2011 21:38:09 +0000 (23:38 +0200)]
smbXcli: rework smb1cli_trans.c to use smbXcli_conn/smbXcli_req
metze
Stefan Metzmacher [Sat, 17 Sep 2011 21:34:12 +0000 (23:34 +0200)]
smbXcli: cp source3/libsmb/clitrans.c libcli/smb/smb1cli_trans.c
metze
Stefan Metzmacher [Tue, 30 Aug 2011 16:50:55 +0000 (18:50 +0200)]
s3:selftest: run SMB2-NEGPROT
metze
Stefan Metzmacher [Tue, 30 Aug 2011 16:50:35 +0000 (18:50 +0200)]
s3:torture: add SMB2-NEGPROT test
metze
Stefan Metzmacher [Sat, 17 Sep 2011 22:11:54 +0000 (00:11 +0200)]
s3:smb2cli: remove unused smb2cli_negprot()
metze
Stefan Metzmacher [Tue, 30 Aug 2011 09:38:26 +0000 (11:38 +0200)]
s3:SMB2-BASIC: use smbXcli_negprot() directly
metze
Stefan Metzmacher [Wed, 7 Sep 2011 16:44:21 +0000 (18:44 +0200)]
s3:smb2cli: pass struct smbXcli_conn directly to smb2cli_req_create/_send()
metze
Stefan Metzmacher [Thu, 22 Sep 2011 19:09:00 +0000 (21:09 +0200)]
s3:libsmb: implement cli_state based functions on top of smbXcli_conn/smbXcli_req
metze
Stefan Metzmacher [Thu, 27 Oct 2011 15:20:27 +0000 (17:20 +0200)]
smbXcli: add smb2cli_req_set_notify_async()
That can be used if the caller wants to be notified if
the async interim response arrives.
metze
Stefan Metzmacher [Sat, 24 Sep 2011 04:06:46 +0000 (06:06 +0200)]
smbXcli: add support for tevent_req_cancel() on smbXcli_req
metze
Stefan Metzmacher [Fri, 18 Nov 2011 08:24:11 +0000 (09:24 +0100)]
smbXcli: fix smb signing for SMBntcancel
metze
Stefan Metzmacher [Mon, 19 Sep 2011 17:05:20 +0000 (19:05 +0200)]
smbXcli: add smb2cli_session_create_channel()
This makes it possible to implement SMB 2.22 Multi-Channel
for testing.
metze
Stefan Metzmacher [Thu, 22 Sep 2011 20:16:51 +0000 (22:16 +0200)]
s3:smb2cli: add forward declaration for struct cli_state
metze
Stefan Metzmacher [Mon, 19 Sep 2011 03:37:34 +0000 (05:37 +0200)]
s3:smb2cli: make smb2cli_session_setup_send/recv non-static
metze
Stefan Metzmacher [Sat, 3 Sep 2011 08:18:17 +0000 (10:18 +0200)]
s3:smb2cli: make use of smbXcli_session and setup the session key for SMB2 signing
metze
Stefan Metzmacher [Sat, 3 Sep 2011 08:18:32 +0000 (10:18 +0200)]
smbXcli: add support for smb2 signing
metze
Stefan Metzmacher [Sat, 3 Sep 2011 08:18:17 +0000 (10:18 +0200)]
smbXcli: add smbXcli_session infrastructure
metze
Stefan Metzmacher [Fri, 16 Sep 2011 15:26:22 +0000 (17:26 +0200)]
s3:smb2cli: implement smb2cli_negprot() on top of smbXcli_negprot()
metze
Stefan Metzmacher [Fri, 16 Sep 2011 14:12:50 +0000 (16:12 +0200)]
smbXcli: add support for PROTOCOL_SMB2_22 in smbXcli_negprot()
metze
Stefan Metzmacher [Tue, 6 Sep 2011 15:52:02 +0000 (17:52 +0200)]
smbXcli: add support for SMB2 multi-credit requests
metze
Stefan Metzmacher [Tue, 30 Aug 2011 09:04:46 +0000 (11:04 +0200)]
smbXcli: add support for 2.??? negprot and PROTOCOL_SMB2_10
metze
Stefan Metzmacher [Thu, 15 Sep 2011 11:21:42 +0000 (13:21 +0200)]
smbXcli: pass client_guid to smbXcli_conn_create()
metze
Stefan Metzmacher [Thu, 15 Sep 2011 11:12:43 +0000 (13:12 +0200)]
smbXcli: add smbXcli_negprot_*
This supports negotiation of any SMB1 or SMB2 dialect.
metze
Stefan Metzmacher [Thu, 15 Sep 2011 12:02:49 +0000 (14:02 +0200)]
smbXcli: add helper functions to access the negotiated features
metze
Stefan Metzmacher [Fri, 18 Nov 2011 09:30:33 +0000 (10:30 +0100)]
smbXcli: also notify chained requests about broken connections
metze
Stefan Metzmacher [Fri, 18 Nov 2011 09:28:40 +0000 (10:28 +0100)]
smbXcli: simplify smb1cli_req_chain_submit()
We should hang everything on the first request in the chain,
as that's the one that gets added to the pending array.
metze
Stefan Metzmacher [Wed, 16 Nov 2011 10:38:24 +0000 (11:38 +0100)]
smbXcli: remove unused smb1cli_have_andx_command()
metze
Stefan Metzmacher [Mon, 21 Nov 2011 12:08:58 +0000 (13:08 +0100)]
smbXcli: reorder smb1cli_conn_dispatch_incoming() to avoid too much nesting
metze
Stefan Metzmacher [Wed, 16 Nov 2011 10:37:05 +0000 (11:37 +0100)]
smbXcli: rework smb1cli_req_recv() to expose an iov with 3 elements
Each smb1cli_req has 3 iov elements
[SMB HDR, SMB Parameter Block, SMB Data Block].
The 'inbuf' is still exposed if the caller requires it
(until we fix all legacy callers).
The can now pass an array of expected [status,wct] combinations,
instead of just one expected min_wct.
metze
Stefan Metzmacher [Wed, 16 Nov 2011 10:35:50 +0000 (11:35 +0100)]
smbXcli: use smb1cli_inbuf_parse_chain() and remember more details per chain response
metze
Stefan Metzmacher [Wed, 16 Nov 2011 10:20:15 +0000 (11:20 +0100)]
smbXcli: add smb1cli_inbuf_parse_chain()
metze
Stefan Metzmacher [Wed, 16 Nov 2011 10:14:16 +0000 (11:14 +0100)]
smbXcli: pass hdr to smb1cli_pull_raw_error()
metze
Stefan Metzmacher [Wed, 16 Nov 2011 10:11:18 +0000 (11:11 +0100)]
smbXcli: add state->smb1.recv_{cmd,status,iov}
In the following commits we will need to remember a few more things.
metze
Stefan Metzmacher [Wed, 7 Sep 2011 17:07:51 +0000 (19:07 +0200)]
smbXcli: split out a smb1cli_req_flags() function
metze
Stefan Metzmacher [Thu, 22 Sep 2011 19:24:42 +0000 (21:24 +0200)]
smbXcli: set message id to UINT64_MAX for BREAK in smb2cli_req_create()
This way the caller can register an oplock handler.
Note that smb2cli_req_compound_submit() will overwrite this
if a request is send over the wire.
metze