Günther Deschner [Tue, 3 Feb 2009 19:21:05 +0000 (20:21 +0100)]
s3-net: use libnetjoin for "net rpc join" newstyle.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Tue, 3 Feb 2009 19:10:05 +0000 (20:10 +0100)]
s3-net: use libnetjoin for "net rpc testjoin".
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Thu, 13 Jun 2013 17:12:27 +0000 (19:12 +0200)]
s3:libnet: let the caller truncate the pw in libnet_join_joindomain_rpc_unsecure()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Thu, 6 Nov 2008 12:37:45 +0000 (13:37 +0100)]
s3-libnetjoin: move "net rpc oldjoin" to use libnetjoin.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Thu, 6 Nov 2008 10:40:03 +0000 (11:40 +0100)]
s3-libnetjoin: add machine_name length check.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Wed, 24 Sep 2008 09:05:37 +0000 (11:05 +0200)]
s3: libnet_join: use admin_domain in libnetjoin.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Wed, 24 Sep 2008 09:04:42 +0000 (11:04 +0200)]
s3: libnet_join: add admin_domain.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Wed, 19 Dec 2012 12:53:23 +0000 (13:53 +0100)]
libcli/auth: also set secure channel type in netlogon_creds_client_init().
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Fri, 24 May 2013 11:56:53 +0000 (13:56 +0200)]
s3-rpc_cli: pass down ndr_interface_table to rpc_transport_np_init_send().
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Fri, 24 May 2013 11:52:05 +0000 (13:52 +0200)]
s3-rpc_cli: pass down ndr_interface_table to rpc_transport_np_init().
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Fri, 24 May 2013 11:47:16 +0000 (13:47 +0200)]
s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_open_tcp_port().
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Fri, 24 May 2013 11:46:07 +0000 (13:46 +0200)]
s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_get_tcp_port().
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Fri, 24 May 2013 11:44:00 +0000 (13:44 +0200)]
s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_open_tcp().
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Fri, 24 May 2013 11:40:45 +0000 (13:40 +0200)]
s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_open_np().
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Fri, 24 May 2013 11:38:01 +0000 (13:38 +0200)]
s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open().
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Fri, 24 May 2013 11:33:03 +0000 (13:33 +0200)]
s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open_noauth_transport().
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Fri, 24 May 2013 11:29:28 +0000 (13:29 +0200)]
s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open_noauth().
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Fri, 24 May 2013 11:17:24 +0000 (13:17 +0200)]
s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open_schannel_with_key().
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Fri, 24 May 2013 11:08:33 +0000 (13:08 +0200)]
s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open_ntlmssp_auth_schannel().
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Fri, 24 May 2013 11:03:23 +0000 (13:03 +0200)]
s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open_schannel().
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Fri, 17 May 2013 14:44:05 +0000 (16:44 +0200)]
s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_open_interface().
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Fri, 17 May 2013 14:16:59 +0000 (16:16 +0200)]
s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_open_ncalrpc().
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Fri, 17 May 2013 14:13:26 +0000 (16:13 +0200)]
s3-libnetapi: pass down ndr_interface_table to pipe_cm() and friends.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Fri, 17 May 2013 14:10:13 +0000 (16:10 +0200)]
s3-libnetapi: pass down ndr_interface_table to libnetapi_open_pipe().
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Fri, 17 May 2013 14:08:16 +0000 (16:08 +0200)]
s3-libnetapi: pass down ndr_interface_table to libnetapi_get_binding_handle().
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Fri, 17 May 2013 14:24:42 +0000 (16:24 +0200)]
s3-rpc_cli: remove prototype of nonexisting cli_rpc_pipe_open_krb5().
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Fri, 17 May 2013 14:02:59 +0000 (16:02 +0200)]
s3-net: pass down ndr_interface_table to connect_dst_pipe().
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Fri, 17 May 2013 13:14:35 +0000 (15:14 +0200)]
s3-libads: Fail create_local_private_krb5_conf_for_domain() if parameters missing.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Wed, 31 Jul 2013 12:32:36 +0000 (14:32 +0200)]
auth/credentials: use CRED_CALLBACK_RESULT after a callback
We only do this if it's still CRED_CALLBACK after the callback,
this allowes the callback to overwrite it.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Aug 5 09:36:05 CEST 2013 on sn-devel-104
Stefan Metzmacher [Wed, 31 Jul 2013 12:25:54 +0000 (14:25 +0200)]
auth/credentials: simplify password_tries state
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Wed, 31 Jul 2013 11:39:17 +0000 (13:39 +0200)]
auth/credentials: get the old password from secrets.tdb
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Wed, 31 Jul 2013 10:41:40 +0000 (12:41 +0200)]
auth/credentials: keep cli_credentials private
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Wed, 31 Jul 2013 11:24:21 +0000 (13:24 +0200)]
s4:ntlm_auth: make use of cli_credentials_[set_]callback_data*
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Wed, 31 Jul 2013 11:23:41 +0000 (13:23 +0200)]
s4:torture/rpc: make use of cli_credentials_set_netlogon_creds()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Wed, 31 Jul 2013 11:23:08 +0000 (13:23 +0200)]
s4:torture/gentest: make use of cli_credentials_get_username()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Wed, 31 Jul 2013 11:22:10 +0000 (13:22 +0200)]
s4:torture/shell: simplify cli_credentials_set_password() call
All we want is to avoid a possible callback...
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Wed, 31 Jul 2013 11:20:13 +0000 (13:20 +0200)]
s3:ntlm_auth: remove pointless credentials->priv_data = NULL;
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Wed, 31 Jul 2013 11:21:14 +0000 (13:21 +0200)]
auth/credentials: add cli_credentials_shallow_copy()
This is useful for testing.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Wed, 31 Jul 2013 10:52:17 +0000 (12:52 +0200)]
auth/credentials: add cli_credentials_[set_]callback_data*
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Wed, 31 Jul 2013 10:33:25 +0000 (12:33 +0200)]
auth/credentials: remove pointless talloc_reference() from cli_credentials_get_principal_and_obtained()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Wed, 31 Jul 2013 10:33:25 +0000 (12:33 +0200)]
auth/credentials: remove pointless talloc_reference() from cli_credentials_get_unparsed_name()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Volker Lendecke [Tue, 23 Jul 2013 08:08:38 +0000 (10:08 +0200)]
tevent: Add echo server sample code
This is under a deliberately permissive license. I would like people to start
using libtevent and tevent_req (LGPL) without any worries about where to start
from.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Mon Aug 5 04:07:58 CEST 2013 on sn-devel-104
Jeremy Allison [Sat, 3 Aug 2013 00:05:58 +0000 (17:05 -0700)]
Ensure we can never integer wrap when working on client-supplied max_data_bytes.
This would only be possible with SMB2, and is already checked in the upper
SMB2 layers, but it really doesn't hurt to have these extra checks at time
of use also.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Sun Aug 4 16:54:04 CEST 2013 on sn-devel-104
Richard Sharpe [Mon, 22 Jul 2013 23:04:43 +0000 (16:04 -0700)]
There are tests all over the SMB1 code to check that srv_send_smb fails, but it never returns false.
Even if the write to the socket/fd fails, we never return false and
will keep reading stuff off of the input buffer until it is exhausted
and then we will exit.
Signed-off-by: Richard Sharpe <rsharpe@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Richard Sharpe <sharpe@samba.org>
Autobuild-Date(master): Sat Aug 3 17:41:22 CEST 2013 on sn-devel-104
Andrew Bartlett [Mon, 29 Jul 2013 22:40:39 +0000 (10:40 +1200)]
dfs_server: Use dsdb_search_one to catch 0 results as well as NO_SUCH_OBJECT errors
This ensures we do not de-reference an invalid rs->msgs pointer if the
pointed-to object was not objectclass=computer
Andrew Bartlett
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10052
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Aug 2 13:11:20 CEST 2013 on sn-devel-104
Christian Ambach [Thu, 20 Jun 2013 16:27:13 +0000 (18:27 +0200)]
s3:lib/system fix build on AIX 7
AIX uses struct stat64 with struct timespec64, so direct assignment does
not work any more.
Pair-Programmed-With: Volker Lendecke <vl@samba.org>
Signed-off-by: Christian Ambach <ambi@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Aug 2 09:47:43 CEST 2013 on sn-devel-104
Gregor Beck [Thu, 1 Aug 2013 12:16:24 +0000 (14:16 +0200)]
Fix bug 9678 - Windows 8 Roaming profiles fail
Windows 8 tries to set 'ATTRIBUTE_SECURITY_INFORMATION' on some
dirs. Ignoring it makes roaming profiles work again.
Just like w2k3 gracefully ignore all the other bits.
Signed-off-by: Gregor Beck <gbeck@sernet.de>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Aug 1 20:58:25 CEST 2013 on sn-devel-104
Gregor Beck [Wed, 31 Jul 2013 13:28:51 +0000 (15:28 +0200)]
security.idl: add new security_secinfo bits
[MS-DTYP].pdf 2.4.7
Signed-off-by: Gregor Beck <gbeck@sernet.de>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Thu, 1 Aug 2013 11:13:04 +0000 (13:13 +0200)]
tevent: change version to 0.9.19
* Fix tevent testsuite issue on Solaris.
* Add tevent tuturial and documentation updates
* Fix Coverity ID 989236 Operands don't affect result
* Bug: https://bugzilla.samba.org/show_bug.cgi?id=10012
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Aug 1 17:05:02 CEST 2013 on sn-devel-104
Volker Lendecke [Wed, 31 Jul 2013 09:31:57 +0000 (11:31 +0200)]
tevent: Remove the signal pipe if no signal events are around
It makes adding/removing the first/last sigevents a bit more expensive, but it
will fix tevent_loop_wait not finishing when one signal event was added and
removed.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10012
Signed-off-by: Volker Lendecke <vl@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Ralph Wuerthner [Wed, 31 Jul 2013 23:33:48 +0000 (16:33 -0700)]
Ensure gpfs kernel leases are wrapped in a become_root()/unbecome_root() pair.
Ensures correct lease owner for signal delivery.
Signed-off-by: Ralph Wuerthner <ralphw@de.ibm.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Simo Sorce <idra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Aug 1 03:57:11 CEST 2013 on sn-devel-104
Jeremy Allison [Wed, 31 Jul 2013 23:32:20 +0000 (16:32 -0700)]
Wrap setting leases in become_root()/unbecome_root() to ensure correct delivery of signals.
Remove workaround for Linux kernel bug https://bugzilla.kernel.org/show_bug.cgi?id=43336
as we don't need to set capabilities when we're already root.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Simo Sorce <idra@samba.org>
Jeff Layton [Wed, 31 Jul 2013 14:38:23 +0000 (10:38 -0400)]
torture: add LOCAL-sid_to_string testcase
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Jeff Layton [Wed, 31 Jul 2013 14:38:22 +0000 (10:38 -0400)]
torture: add more string_to_sid torture testcases
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Jeff Layton [Wed, 31 Jul 2013 14:38:21 +0000 (10:38 -0400)]
libcli: fix conversion logic in dom_sid_string_buf
Signed-off-by: Jeff Layton <jlayton@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Jeff Layton [Wed, 31 Jul 2013 14:38:20 +0000 (10:38 -0400)]
libcli: fix conversion logic in dom_sid_parse_endp
Signed-off-by: Jeff Layton <jlayton@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Jeff Layton [Wed, 31 Jul 2013 14:38:19 +0000 (10:38 -0400)]
wbclient: fix conversion logic in wbcSidToStringBuf
Might as well fix it to handle large authority values properly. Also
correct some of the formatting.
Signed-off-by: Jeff Layton <jlayton@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Jeff Layton [Wed, 31 Jul 2013 14:38:18 +0000 (10:38 -0400)]
wbclient: fix conversion logic in wbcStringToSid
Signed-off-by: Jeff Layton <jlayton@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 31 Jul 2013 19:58:25 +0000 (21:58 +0200)]
schannel: Fix an unused variable
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andrew Bartlett [Sun, 14 Apr 2013 03:32:49 +0000 (13:32 +1000)]
samba-tool dbcheck: Correctly remove deleted DNs in dbcheck
The previous pattern never matched, as it was a typo.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Jul 30 12:55:00 CEST 2013 on sn-devel-104
Andrew Bartlett [Tue, 4 Jun 2013 10:22:31 +0000 (20:22 +1000)]
dsdb: Include MS-ADTS doc references on deleted object contstraints
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Mon, 3 Jun 2013 07:51:41 +0000 (17:51 +1000)]
dsdb tests: Add member/memberOf checking to delete_objects testing
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Tue, 4 Jun 2013 09:57:06 +0000 (19:57 +1000)]
dsdb: Improve DRS deleted link source/target handing in repl_meta_data
We now correctly ignore the link updates if the source or target is
deleted locally.
This fixes the long-standing failure in the vampire_dc dbcheck test.
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Mon, 17 Jun 2013 12:37:20 +0000 (22:37 +1000)]
dsdb: Ensure we always force deleted objects back under the deleted objects DN
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Wed, 5 Jun 2013 07:35:42 +0000 (09:35 +0200)]
dsdb/repl_meta_data: split out replmd_deletion_state()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Fri, 31 May 2013 10:01:17 +0000 (20:01 +1000)]
dsdb: Prune deleted objects of links and extra attributes of replicated deletes
When an object is deleted, the links to be removed are not propogated,
you have to watch out for them manually!
We do this by calling back into the originating update delete code (ie
what is called if you ldb_delete() locally) so that any extra
attribute found locally and not on the remote server becomes removed
remotely too.
We currently do the same with links, but that isn't strictly correct,
but for now our getNCChanges server code filters these out, so only
the usn is bumped.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Fri, 26 Jul 2013 10:26:30 +0000 (12:26 +0200)]
s3:winbind: add a warning DEBUG message when skipping a sid from the mapped GID list
This presents a potential security problem when ACLs contain DENY ACEs.
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Mon Jul 29 14:42:27 CEST 2013 on sn-devel-104
Michael Adam [Fri, 26 Jul 2013 10:25:27 +0000 (12:25 +0200)]
s3:winbind: change getgroups to only do one sids2xids call instead of many
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Fri, 26 Jul 2013 09:32:34 +0000 (11:32 +0200)]
s3:winbind: fix the getgroups implementation to include the user sid's GID in case of ID_TYPE_BOTH
This is important for acl checks on the unix level where only a group ace
has been added to the ACL for the user sid, e.g. when accessing Files with
nfs or local unix processes.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Fri, 26 Jul 2013 09:31:41 +0000 (11:31 +0200)]
s3:winbind: fix gid counting and error handling in the getgroups implementation
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Kai Blin [Sun, 28 Jul 2013 21:59:18 +0000 (23:59 +0200)]
dns: Update TODO list
A lot of the todo items have been resolved, avoid confusing people.
Signed-off-by: Kai Blin <kai@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Jul 29 09:12:17 CEST 2013 on sn-devel-104
Christof Schmitt [Wed, 3 Jul 2013 19:49:43 +0000 (12:49 -0700)]
selftest: Print error message when smbd does not have ADS support
When smbd cannot be compiled with ADS support, setting up the s3member
environment fails with:
samba: using 'standard' process model
Samba can't provide environment 's3member' at /test/samba/selftest/target/Samba.pm line 44.
Can't use string ("UNKNOWN") as a HASH ref while "strict refs" in use at /test/samba/selftest/selftest.pl line 852.
samba: EOF on stdin - terminating
Add an explicit error message for the missing ADS support to make this
easier to debug and also avoid the warning about the hash reference:
samba: using 'standard' process model
Samba can't provide environment 's3member' at /test/samba/selftest/target/Samba.pm line 44.
Unable to setup environment s3member at /test/samba/selftest/selftest.pl line 851.
smbd does not have ADS support
samba: EOF on stdin - terminating
Signed-off-by: Christof Schmitt <christof.schmitt@us.ibm.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sat Jul 27 08:31:14 CEST 2013 on sn-devel-104
Andreas Schneider [Fri, 26 Jul 2013 13:36:02 +0000 (15:36 +0200)]
nsswitch: Add OPT_KRB5CCNAME to avoid an error message.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10048
Reviewed-by: Günther Deschner <gd@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Jul 26 17:40:26 CEST 2013 on sn-devel-104
Andrew Bartlett [Mon, 17 Jun 2013 12:37:54 +0000 (22:37 +1000)]
torture/drs: Expand an error message to aid debugging
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jul 25 13:51:44 CEST 2013 on sn-devel-104
Stefan Metzmacher [Mon, 10 Jun 2013 12:00:01 +0000 (14:00 +0200)]
dsdb/samdb: use RECYCLED it implies DELETED...
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Sat, 13 Jul 2013 09:35:52 +0000 (19:35 +1000)]
selftest: ensure samba4.nss.test.*using.*winbind is always tested
With the winbind fixes now in master this should be more reliable.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Sat, 13 Jul 2013 09:34:45 +0000 (19:34 +1000)]
selftest: ensure samba4.rpc.samr.large-dc.two.samr.many is always tested
This test should now be more reliable with the over-allocation of
RID values now fixed.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Thu, 27 Jun 2013 23:19:48 +0000 (09:19 +1000)]
rpc_server-drsuapi: Improve comments and DEBUG lines
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Thu, 27 Jun 2013 23:15:16 +0000 (09:15 +1000)]
dsdb: Add assert in drepl_take_FSMO_role
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Wed, 19 Jun 2013 01:33:36 +0000 (11:33 +1000)]
selftest: Ensure the DC has started and and got a RID set before we proceed
This avoids errors when a busy DC has not yet fetched a RID set, showing up
as flapping tests when users are created, such as the samr.large-dc test.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Wed, 19 Jun 2013 00:30:48 +0000 (10:30 +1000)]
dsdb-ridalloc: Rework ridalloc to return error strings where RID allocation fails
We now also only poke the RID manager once per request.
This may help track down why RID allocation can fail, as while we
never wait for the RID set to be created/updated, it may be the only
clue the admin gets as to why the async allocations were failing.
Andrew Bartlett
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Sun, 23 Jun 2013 11:38:40 +0000 (21:38 +1000)]
dsdb: Rework subtree_rename module to use recursive LDB_SCOPE_ONELEVEL searches
This should be more efficient, particularly in the leaf node case when renaming and
deleting entries on large databases.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Sun, 23 Jun 2013 09:47:35 +0000 (19:47 +1000)]
dsdb-descriptor: Do not do a subtree search unless we have child entries
This avoids a subtree search here in most cases where an object is deleted.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Thu, 13 Jun 2013 09:33:42 +0000 (19:33 +1000)]
dynconfig: Remove last s3 markers now we have just one build system
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Jul 24 16:29:15 CEST 2013 on sn-devel-104
Stefan Metzmacher [Tue, 23 Jul 2013 22:19:26 +0000 (10:19 +1200)]
s4-lib/socket: Allocate a the larger sockaddr_un and not just a sockaddr_in in unixdom_get_my_addr()
This caused crashes in _tsocket_address_bsd_from_sockaddr() when we
read past the end of the allocation.
(similar to commit
e9ae36e9683372b86f1efbd29904722a33fea083)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10042
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Jul 24 14:37:43 CEST 2013 on sn-devel-104
Andreas Schneider [Wed, 24 Jul 2013 08:12:19 +0000 (10:12 +0200)]
docs-xml: Remove obsolete swat manpage and references.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10041
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Kai Blin <kai@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Jul 24 12:42:29 CEST 2013 on sn-devel-104
Günther Deschner [Thu, 18 Jul 2013 17:09:14 +0000 (19:09 +0200)]
pam_winbind: update documentation for "DIR" krb5ccname pragma.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jul 24 02:43:10 CEST 2013 on sn-devel-104
Günther Deschner [Thu, 18 Jul 2013 17:05:51 +0000 (19:05 +0200)]
s3-winbindd: support the DIR pragma for raw kerberos user pam authentication.
It is currently only available in MIT. In addition, allow to define custom
filepaths for FILE, WRFILE and DIR pragmas and substitute one occurence of the
%u pattern.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Günther Deschner [Thu, 18 Jul 2013 17:04:29 +0000 (19:04 +0200)]
wbinfo: allow to define a custom krb5ccname for kerberized pam auth.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andrew Bartlett [Tue, 23 Jul 2013 22:19:26 +0000 (10:19 +1200)]
s4-lib/socket: Allocate a the larger sockaddr_un and not just a sockaddr_in in unixdom_get_peer_addr()
This caused crashes in _tsocket_address_bsd_from_sockaddr() when we
read past the end of the allocation.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 22 Jun 2013 11:06:34 +0000 (13:06 +0200)]
smbd: Fix CID
1035536 Uninitialized pointer read
rpc_pipe_open_interface just returns okay if the pipe in question is
already open. For this, it needs to read the value.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jul 23 02:05:19 CEST 2013 on sn-devel-104
Volker Lendecke [Sat, 22 Jun 2013 11:06:34 +0000 (13:06 +0200)]
smbd: Fix CID
1035537 Uninitialized pointer read
rpc_pipe_open_interface just returns okay if the pipe in question is
already open. For this, it needs to read the value.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 22 Jun 2013 11:06:34 +0000 (13:06 +0200)]
smbd: Fix CID
1035538 Uninitialized pointer read
rpc_pipe_open_interface just returns okay if the pipe in question is
already open. For this, it needs to read the value.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 22 Jun 2013 10:13:26 +0000 (12:13 +0200)]
tdb: Fix CID
1034959 Uninitialized scalar variable
log_ctx.log_private was used uninitialized. Not a real bug here,
as tdb_log does not access it, but tdb_open_ex still moves around
uninitialized data. So this would show up in valgrind as well.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 22 Jun 2013 10:13:26 +0000 (12:13 +0200)]
tdb: Fix CID
1034960 Uninitialized scalar variable
log_ctx.log_private was used uninitialized. Not a real bug here,
as tdb_log does not access it, but tdb_open_ex still moves around
uninitialized data. So this would show up in valgrind as well.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andreas Schneider [Fri, 19 Jul 2013 14:08:39 +0000 (16:08 +0200)]
s3-waf: Rename regedit to samba-regedit.
This is needed cause wine already provides a binary with the name
regedit.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10040
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Kai Blin <kai@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Jul 22 14:12:38 CEST 2013 on sn-devel-104
Günther Deschner [Fri, 19 Jul 2013 13:10:05 +0000 (15:10 +0200)]
s3-printing: avoid KRB5CCNAME overwrite in printer publishing (Bug #7444).
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Fri Jul 19 17:53:08 CEST 2013 on sn-devel-104
Jeremy Allison [Tue, 9 Jul 2013 23:37:48 +0000 (16:37 -0700)]
Add torture tests to raw.eas to check sending Windows invalid names in the middle of an EA list.
Add torture tests to probe the set of invalid
Windows EA names.
Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing ":"
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jul 19 11:50:25 CEST 2013 on sn-devel-104
Jeremy Allison [Tue, 16 Jul 2013 16:14:12 +0000 (09:14 -0700)]
Reply with correct trans2 message on a setpathinfo with a bad EA name.
Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing ":"
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jeremy Allison [Tue, 16 Jul 2013 18:05:10 +0000 (11:05 -0700)]
Ensure we do pathname processing before SD and EA processing in NTTRANS_CREATE.
Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing ":"
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>