Stefan Metzmacher [Tue, 17 Sep 2013 02:25:39 +0000 (04:25 +0200)]
s3:winbindd: don't hide the error in cm_connect_lsa()
We should not overwrite the error with NT_STATUS_PIPE_NOT_AVAILABLE.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Tue, 17 Sep 2013 05:19:42 +0000 (07:19 +0200)]
s4:librpc/rpc: remove unused dcerpc_smb_tree()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Tue, 17 Sep 2013 05:18:19 +0000 (07:18 +0200)]
s4:librpc/rpc: make use of dcerpc_secondary_smb_send/recv() in dcerpc_secondary_context()
This avoids the use of dcerpc_smb_tree(), which is a layer violation.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Tue, 17 Sep 2013 05:16:29 +0000 (07:16 +0200)]
s4:librpc/rpc: add dcerpc_secondary_smb_send/recv()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Tue, 17 Sep 2013 05:04:55 +0000 (07:04 +0200)]
s4:librpc/rpc: remove unused dcerpc_smb_fnum()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Gregor Beck [Fri, 13 Sep 2013 09:18:42 +0000 (11:18 +0200)]
cli_np_tstream: remove unused tstream_cli_np_get_cli_state()
Signed-off-by: Gregor Beck <gbeck@sernet.de>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Fri, 13 Sep 2013 09:06:30 +0000 (11:06 +0200)]
s3:rpcclient: make use of rpcclient_cli_state
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Fri, 13 Sep 2013 09:06:00 +0000 (11:06 +0200)]
s3:rpcclient: introduce global rpcclient_cli_state
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Gregor Beck [Fri, 13 Sep 2013 09:15:18 +0000 (11:15 +0200)]
s3:rpc_client: remove unused rpc_pipe_np_smb_conn()
Signed-off-by: Gregor Beck <gbeck@sernet.de>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Gregor Beck [Fri, 13 Sep 2013 09:13:15 +0000 (11:13 +0200)]
s3-spoolss: do not use rpc_pipe_np_smb_conn()
Signed-off-by: Gregor Beck <gbeck@sernet.de>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Gregor Beck [Fri, 13 Sep 2013 09:12:25 +0000 (11:12 +0200)]
s3:lib/netapi: do not use rpc_pipe_np_smb_conn()
Signed-off-by: Gregor Beck <gbeck@sernet.de>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Gregor Beck [Fri, 13 Sep 2013 09:11:55 +0000 (11:11 +0200)]
s3-net: do not use rpc_pipe_np_smb_conn()
Signed-off-by: Gregor Beck <gbeck@sernet.de>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Tue, 17 Sep 2013 05:01:57 +0000 (07:01 +0200)]
s4:tortore:raw/qfileinfo: don't use dcerpc_pipe_open_smb() to open a named pipe
We can directly use smb_raw_open() to open a handle to a named pipe.
This avoids the need for the layer violation functions
dcerpc_smb_tree() and dcerpc_smb_fnum().
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Tue, 17 Sep 2013 11:15:38 +0000 (13:15 +0200)]
s4:torture/samba3rpc: let rpc.authcontext be more robust against low level changes (part2)
We now use smbXcli_conn_is_connected() and
dcerpc_binding_handle_is_connected() to verify only the dcerpc layer
got an error. The expected error is EIO mapped to NT_STATUS_IO_DEVICE_ERROR.
NT_STATUS_INVALID_HANDLE should only be visible at the SMB layer,
but we keep this as allowed return value for now, until
the dcerpc layer is fixed.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Tue, 17 Sep 2013 11:15:38 +0000 (13:15 +0200)]
s4:torture/samba3rpc: let rpc.authcontext be more robust against low level code changes (part1)
Some code uses the low level smbXcli_session structure instead of
the smbcli_session structure and doesn't 'see' updates to the
smbcli_session structure.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Tue, 27 Aug 2013 11:23:04 +0000 (13:23 +0200)]
s3:rpc_client: pass object and table to rpccli_bh_create()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Mon, 12 Aug 2013 06:19:57 +0000 (08:19 +0200)]
s4:librpc: implement dcerpc_binding_handle_auth_info()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Mon, 12 Aug 2013 06:19:35 +0000 (08:19 +0200)]
s3:rpc_client: implement dcerpc_binding_handle_auth_info()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Mon, 12 Aug 2013 06:19:08 +0000 (08:19 +0200)]
librpc/rpc: add dcerpc_binding_handle_auth_info()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
David Disseldorp [Mon, 14 Oct 2013 10:01:58 +0000 (12:01 +0200)]
doc: add "spoolss: architecture" parameter usage
Windows spoolss print clients only allow association of server-side
drivers with printers when the driver architecture matches the
advertised print server architecture. Samba's spoolss print server
architecture can be changed using this parameter.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Wed Oct 16 17:12:34 CEST 2013 on sn-devel-104
Andrew Bartlett [Wed, 16 Oct 2013 01:45:31 +0000 (14:45 +1300)]
lib/param: Add documentation on how loadparm works
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Oct 16 11:39:41 CEST 2013 on sn-devel-104
Andrew Bartlett [Mon, 14 Oct 2013 02:49:25 +0000 (15:49 +1300)]
proto: Remove manually written lp_ prototypes
This also ensures we remove prototypes from parameters we remove or
rename, and easily see how many special cases we have left.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Mon, 14 Oct 2013 02:46:43 +0000 (15:46 +1300)]
param: Autogenerate s3 lp_ctx glue table
This allows us to use more lpcfg_ functions without adding them
manually.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Mon, 14 Oct 2013 02:39:10 +0000 (15:39 +1300)]
s3/param: Autogenerate parameters prototypes again after proto.h was frozen
This autogenerates the parameters so that we can keep everything in sync easier,
particularly when adding new parameters. This will also make it easier to move
to a fully autogenerated system in the future, as it reduces special cases.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Mon, 14 Oct 2013 02:36:18 +0000 (15:36 +1300)]
param: Skip generating hooks for local and string parameters
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Mon, 14 Oct 2013 02:34:40 +0000 (15:34 +1300)]
lib/param: Do not attempt to access the s3 function for allocated and subbed string parameters
This allows us not to generate array entries for these, which in turn allows
us to avoid initialising them. The issue is that we do not have the
% macro sub context nor a talloc context handy (yet).
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Mon, 14 Oct 2013 00:47:27 +0000 (13:47 +1300)]
build: Move loadparm-related build rules to source3/param/wscript_build
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Mon, 14 Oct 2013 02:33:20 +0000 (15:33 +1300)]
lib/param: lp_magicchar takes a const struct share_params *p so should be FN_LOCAL_PARM_CHAR
This was found when trying to autogenerate prototypes for lp_ functions again.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Hans Leidekker [Mon, 14 Oct 2013 18:43:27 +0000 (20:43 +0200)]
Add NetWkstaGetInfo.
Modified to include common.h entry for netapitest_wksta function by Kai
Blin <kai@samba.org>
Signed-off-by: Hans Leidekker <hans@meelstraat.net>
Reviewed-by: Kai Blin <kai@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Oct 16 07:00:45 CEST 2013 on sn-devel-104
Volker Lendecke [Thu, 26 Sep 2013 22:20:36 +0000 (15:20 -0700)]
smbd: Simplify open_file_ntcreate
Only one call to delay_for_oplocks left. Metze showed me the new logic:
BATCH is broken if we have a sharing violation. Exclusive is broken
otherwise. That's it.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Wed Oct 16 02:51:53 CEST 2013 on sn-devel-104
Volker Lendecke [Thu, 26 Sep 2013 21:32:09 +0000 (14:32 -0700)]
smbd: Remove "file_existed" handling from open_mode_check
No clue what this does. In open_directory, "dir_existed" is not used after
open_mode_check. In open_file_ntcreate it's used, but I can't think of a case
right now where we would find a formerly nonexisting file to exist suddenly.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Volker Lendecke [Tue, 3 Sep 2013 09:02:12 +0000 (09:02 +0000)]
smbd: Decouple grant_fsp_oplock_type from oplock validation
This makes grant_fsp_oplock_type independent from the values computed
in validate_oplock_types. It *might* make oplock calculation a bit
slower for heavily shared files, as we are walking the share mode array
twice. But we are doing so much stuff in open that I doubt the difference
is measurable. It clears up the code for me however, and I think that's
worth it.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Volker Lendecke [Mon, 2 Sep 2013 12:25:07 +0000 (12:25 +0000)]
smbd: Reduce the complexity of open_file_ntcreate
This removes two variables in open_file_ntcreate based on the observation
that for exclusive and batch oplocks there can only be one entry. So
in these cases we don't need to keep pointers from find_oplock_types to
delay_for_oplocks. We can just reference the only share mode entry around.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Volker Lendecke [Mon, 2 Sep 2013 11:37:57 +0000 (11:37 +0000)]
smbd: Factor out remove_stale_share_mode_entries
Will be used in the next commit
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Volker Lendecke [Tue, 15 Oct 2013 10:01:54 +0000 (10:01 +0000)]
smbd: Make find_oplock_types return bool
smb_panic() does not take a printf style argument. This improves debug
output by easily printing the index that we fell over. Also, doing
smb_panic deep down is bad style IMHO.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Volker Lendecke [Tue, 15 Oct 2013 09:56:21 +0000 (09:56 +0000)]
smbd: Make loop index type match loop limit
share_mode_data.num_share_modes is a uint32.
48 bytes less in .o text size for -O3 :-)
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Volker Lendecke [Tue, 20 Aug 2013 11:58:15 +0000 (11:58 +0000)]
smbd: Unify delay_for_*_oplocks
This is the same code in both routines
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Volker Lendecke [Mon, 2 Sep 2013 12:33:40 +0000 (12:33 +0000)]
smbd: Simplify find_oplock_types a bit
Define a variable to dereference lck->data just once. Believe it or not,
this saves a few bytes .o with -O3 :-)
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Michael Adam [Thu, 19 Sep 2013 20:00:19 +0000 (22:00 +0200)]
s4:torture: add smb2.session.reauth6 : test failing reauth
This attempts reauth with invalid creds, hence
triggering the error path in the reauth code.
This invalidates the session and subsequente requests
on that connection fail.
https://bugzilla.samba.org/show_bug.cgi?id=10208
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Oct 15 22:50:27 CEST 2013 on sn-devel-104
Michael Adam [Fri, 20 Sep 2013 05:46:54 +0000 (07:46 +0200)]
libcli/smb: add smb2cli_tcon_is_encryption_on()
https://bugzilla.samba.org/show_bug.cgi?id=10208
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Michael Adam [Thu, 19 Sep 2013 21:41:51 +0000 (23:41 +0200)]
smbd:smb2: fix crash when smb2 session reauth fails
https://bugzilla.samba.org/show_bug.cgi?id=10208
Authentication error in smb2 session reauth invalidates
the session. In this case the session must in contrast
to successful session setup requests be torn down and live
no longer than the request.
The talloc move of the session from the global session
table to the request ensures that the session setup
reply can still be correctly signed, but subsequent
requests on the connection don't find a session any more.
Pair-Programmed-With: Jeremy Allison <jra@samba.org>
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Volker Lendecke [Fri, 4 Oct 2013 10:11:38 +0000 (10:11 +0000)]
smbd: Inline break_level2_to_none_async
With the special case for bug 5980 in do_break_to_none we only have
one caller: process_oplock_async_level2_break_message. The further
goal is to merge process_oplock_async_level2_break_message with
process_oplock_break_message.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Oct 15 03:42:53 CEST 2013 on sn-devel-104
Volker Lendecke [Fri, 4 Oct 2013 09:24:29 +0000 (09:24 +0000)]
smbd: Remove a special case for level2 break
With the level2 indicator in brlock.tdb this race condition does not
exist anymore
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 13 Sep 2013 13:18:15 +0000 (15:18 +0200)]
smbd: Remove some FAKE_LEVEL_II comments
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 13 Sep 2013 12:13:51 +0000 (14:13 +0200)]
smbd: Add debugs to brlock.c
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Mon, 9 Sep 2013 18:53:15 +0000 (18:53 +0000)]
torture: Extend raw.oplock.batch10
With FAKE_LEVEL_II_OPLOCKS around we did not grant LEVEL2 after
a NO_OPLOCK file got written to. Windows does grant LEVEL2 in this
case. With the have_level2_oplocks in brlocks.tdb we can now grant LEVEL2
in this case as well.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 11 Sep 2013 16:07:33 +0000 (16:07 +0000)]
smbd: Remove FAKE_LEVEL_II_OPLOCK
FAKE_LEVEL_II_OPLOCK was an indicator to break level2 oplock holders
on write. This information is now being held in brlock.tdb, which makes
the FAKE_LEVEL_II_OPLOCK type unnecessary.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 11 Sep 2013 12:48:14 +0000 (12:48 +0000)]
smbd: Put "have_read_oplocks" into brlock.tdb
This implements an idea by metze: Right now Samba does not grant level2
oplocks where it should: After an initial no-oplock open that has been
written to, we don't have the FAKE_LEVEL2_OPLOCK entry in locking.tdb
around anymore, this downgraded to NO_OPLOCK. Windows in this case will
grant level2 if being asked, we don't. Part of the reason for this
is that we don't have a proper mechanism to communicate the fact that
level2 needs to be broken to other smbds. Metze's insight was that we
have to look into brlock.tdb for every write anyway, so this might be
the right place to store this information.
My first reaction was that this is really hackish, but on further thought
this is not. oplocks depend on brlocks anyway, and we have the proper
mechanisms in place for brlocks.
The format for this change is to add one byte to the end of the brlock.tdb
record with value 1 if we have level2 oplocks around. Thus this patch
effectively reverts
8f41142 which I discovered while writing this
change. We now legally have unaligned records.
We can certainly talk about the format, but I'm not yet convinced we
need an idl for this yet. This is a potentially very hot code path,
and ndr marshalling has a cost.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andrew Bartlett [Fri, 11 Oct 2013 00:39:09 +0000 (13:39 +1300)]
docs: Explain why this option should not be used
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Oct 15 01:51:39 CEST 2013 on sn-devel-104
Andrew Bartlett [Fri, 11 Oct 2013 00:34:13 +0000 (13:34 +1300)]
s3-winbindd: Remove undocumented winbindd:socket dir parameter
This uses the documeted "winbindd socket directory" parameter instead.
This came about due to the merge of the two smb.conf tables in s3 and
s4 for the Samba 4.0 release. The s4 code used a real parameter,
which caused this to be documented, whereas no automatic procedure
existed to notice the parametric option and the need to document that.
The fact that this was not used consistently in both codebases is one
of the many areas of technical debt we still need to pay off here.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Volker Lendecke [Sun, 13 Oct 2013 11:58:44 +0000 (13:58 +0200)]
auth4: Remove an unused variable
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Mon, 14 Oct 2013 11:17:12 +0000 (13:17 +0200)]
talloc: Add a warning to talloc_reference() documentation.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Kai Blin <kai@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Oct 14 23:05:54 CEST 2013 on sn-devel-104
David Disseldorp [Mon, 14 Oct 2013 11:53:22 +0000 (13:53 +0200)]
param: disable print notify backchannel by default
In handling RemoteFindFirstPrinterChangeNotifyEx requests, the spoolss
server can establish a "backchannel" connection to the print client, as
a mechanism for sending print notifications. This behaviour is governed
by the "print notify backchannel" smb.conf parameter.
This change sets "print notify backchannel" to "no" by default, which
sees Samba respond to RemoteFindFirstPrinterChangeNotifyEx requests with
WERR_SERVER_UNAVAILABLE. In recieving such a response, print clients can
fall back to polling for print queue changes.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Mon Oct 14 18:49:41 CEST 2013 on sn-devel-104
Jeff Layton [Mon, 14 Oct 2013 01:26:55 +0000 (21:26 -0400)]
asn1: fix use-after-free in asn1_write
On talloc_realloc failure, asn1_write calls talloc_free on an asn1_data
pointer and then tries to immediately set the has_error flag on it.
Skip the free and just set the has_error flag.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Oct 14 16:54:35 CEST 2013 on sn-devel-104
Nadezhda Ivanova [Mon, 14 Oct 2013 09:38:10 +0000 (12:38 +0300)]
s4-samldb: Do not allow deletion of objects with RID < 1000
According to [MS-SAMR] 3.1.5.7 Delete Pattern we should not allow deletion
of security objects with RID < 1000. This patch will prevent deletion of
well-known accounts and groups.
Signed-off-by: Nadezhda Ivanova <nivanova@symas.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Nadezhda Ivanova <nivanova@samba.org>
Autobuild-Date(master): Mon Oct 14 13:31:50 CEST 2013 on sn-devel-104
Volker Lendecke [Sun, 13 Oct 2013 10:20:29 +0000 (12:20 +0200)]
libcli4: Remove an unused variable
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Sun Oct 13 17:58:23 CEST 2013 on sn-devel-104
Volker Lendecke [Thu, 26 Sep 2013 21:42:59 +0000 (14:42 -0700)]
smbd: Remove unused create_options from open_mode_check
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Sun Oct 13 14:35:26 CEST 2013 on sn-devel-104
Volker Lendecke [Thu, 26 Sep 2013 21:35:15 +0000 (14:35 -0700)]
smbd: Remove name_hash param from open_mode_check
This came from delete_on_close handling which was factored out.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Christof Schmitt [Fri, 11 Oct 2013 22:24:53 +0000 (15:24 -0700)]
s3/time_audit: Add offline and durable functions
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Sat Oct 12 13:00:02 CEST 2013 on sn-devel-104
Christof Schmitt [Fri, 11 Oct 2013 22:22:13 +0000 (15:22 -0700)]
vfs: Fix parentheses in SMB_VFS_NEXT_DURABLE_COOKIE
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Volker Lendecke [Thu, 26 Sep 2013 01:41:07 +0000 (18:41 -0700)]
smbd: Fix the extended *.oplock.doc1 tests
We need to check for DELETE_PENDING before the first oplock break
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Oct 12 01:56:18 CEST 2013 on sn-devel-104
Volker Lendecke [Thu, 26 Sep 2013 06:04:50 +0000 (23:04 -0700)]
torture: Extend the smb2.oplock.doc1 test
If delete_on_close is set, there is no oplock break. Check that.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 26 Sep 2013 02:00:57 +0000 (19:00 -0700)]
torture: Extend the raw.oplock.doc1 test
If delete_on_close is set, there is no oplock break. Check that.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andreas Schneider [Thu, 10 Oct 2013 16:23:42 +0000 (18:23 +0200)]
ntdb: Make sure variables passed by value are initialized.
This fixes a GCC warning.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Oct 11 18:05:19 CEST 2013 on sn-devel-104
Volker Lendecke [Fri, 11 Oct 2013 09:59:25 +0000 (11:59 +0200)]
pidl: fix an error message typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Andreas Schneider [Thu, 10 Oct 2013 08:03:32 +0000 (10:03 +0200)]
s3-winbind: Send online/offline message of the domain to the parent.
https://bugzilla.samba.org/show_bug.cgi?id=10194
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Oct 11 13:37:56 CEST 2013 on sn-devel-104
Andreas Schneider [Thu, 10 Oct 2013 08:02:27 +0000 (10:02 +0200)]
s3-winbind: Register handlers for domain online/offline messages.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10194
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Andreas Schneider [Thu, 10 Oct 2013 08:01:40 +0000 (10:01 +0200)]
s3-winbind: Add functions for domain online/offline handling.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10194
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Andreas Schneider [Thu, 10 Oct 2013 07:15:57 +0000 (09:15 +0200)]
idl: Add a new message for winbind domain states.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10194
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Andrew Bartlett [Sun, 8 Sep 2013 23:54:23 +0000 (11:54 +1200)]
samba-tool domain join subdomain: Rework sambadns.py to allow setup of DomainDNSZone only
This skips handling the ForestDNSZone when we are setting up a subdomain.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Oct 11 10:27:49 CEST 2013 on sn-devel-104
Andrew Bartlett [Thu, 26 Sep 2013 00:09:30 +0000 (17:09 -0700)]
join.py: Reconnect to the DC based on the DC name in dnsHostName to allow connection to IPC$
The treeConnect&X of the GUID name fails against Windows 2003.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Thu, 10 Oct 2013 20:47:29 +0000 (09:47 +1300)]
join.py: Remove special full_ncs handling, we only need to updateRefs on an NC we replicate
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Thu, 10 Oct 2013 20:37:41 +0000 (09:37 +1300)]
join.py: Use ctx.forestdns_zone variable
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Thu, 10 Oct 2013 20:36:53 +0000 (09:36 +1300)]
join.py: Correct ctx.forestdns_zone and so remove the need for duplicate repl.replicate() call
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Thu, 26 Sep 2013 17:19:18 +0000 (10:19 -0700)]
provision: Remove --username and --password options from samba-tool domain provision
This avoids confusion, because the LDAP backend does not use these,
and they do not set the password for the administrator account either!
This may break support for the 'existing' backend LDAP backend, but
that is nothing more than a stub for future development anyway, and
new work in this area should use EXTERNAL in any case.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Wed, 9 Oct 2013 07:37:52 +0000 (09:37 +0200)]
provision/sambadns: CN=MicrosoftDNS,CN=System, is relative to DOMAINDN
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Oct 10 10:24:55 CEST 2013 on sn-devel-104
Andrew Bartlett [Thu, 26 Sep 2013 03:28:42 +0000 (20:28 -0700)]
provision: Fix comment to refer to correct file (krb5.conf)
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Thu, 26 Sep 2013 00:09:58 +0000 (17:09 -0700)]
dsdb: Provide a clearer error when we fail to store the sequence number in metadata.tdb
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Tue, 24 Sep 2013 23:30:23 +0000 (01:30 +0200)]
ldb:rdn_name: reject 'distinguishedName' depending of the MOD flags
This is what Windows 2008 R2 returns:
LDB_MOD_ADD => LDB_ERR_UNWILLING_TO_PERFORM
LDB_MOD_REPLACE => LDB_ERR_CONSTRAINT_VIOLATION
LDB_MOD_DEL => LDB_ERR_UNWILLING_TO_PERFORM
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Mon, 23 Sep 2013 01:39:58 +0000 (03:39 +0200)]
dsdb/tests/ldap: fix test_distinguished_name against w2k8r2
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Tue, 24 Sep 2013 22:49:19 +0000 (00:49 +0200)]
s4:dsdb/rootdse: report 'dnsHostName' instead of 'dNSHostName'
The attribute on the RootDSE object is called 'dnsHostName'
instead of 'dNSHostName' (which is used in the schema and on
all other directory objects).
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10193
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Sun, 22 Sep 2013 21:40:12 +0000 (23:40 +0200)]
dsdb/tests/ldap: fix test_ldapServiceName against w2k8r2
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10193
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Günther Deschner [Wed, 9 Oct 2013 15:47:29 +0000 (17:47 +0200)]
libndr: Avoid ommitting display of unset bitmap flags.
In
816e68f94fe500b9d68fd29021d432b84d3139b7 the display of unset bits has been
effectively disabled while only the check for 0 bits was supposed to be avoided
(because it creates the infite loop).
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Wed Oct 9 19:56:39 CEST 2013 on sn-devel-104
Matthieu Patou [Tue, 8 Oct 2013 19:23:21 +0000 (12:23 -0700)]
pidl-wireshark: fix the trailling white space in the generated headers
Signed-off-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Oct 9 10:31:25 CEST 2013 on sn-devel-104
Matthieu Patou [Tue, 8 Oct 2013 19:22:18 +0000 (12:22 -0700)]
pidl-wireshark: fix trailing white space in the HF definition
Signed-off-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Jeremy Allison [Tue, 8 Oct 2013 22:01:38 +0000 (15:01 -0700)]
Fix bug #10187 - Missing talloc_free can leak stackframe in error path.
Fix error path.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Wed Oct 9 03:50:56 CEST 2013 on sn-devel-104
Volker Lendecke [Mon, 7 Oct 2013 20:13:28 +0000 (20:13 +0000)]
smbd: Fix an error path in open_directory
In open_file_ntcreate we do the del_share_mode on error. We should do
it here as well.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Oct 9 01:58:55 CEST 2013 on sn-devel-104
Volker Lendecke [Mon, 16 Sep 2013 21:02:48 +0000 (14:02 -0700)]
smbd: Simplify set_share_mode
With the find_share_mode simplification we don't need fill_share_mode anymore.
So this coalesces add_share_mode as well.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Mon, 16 Sep 2013 20:58:54 +0000 (13:58 -0700)]
smbd: Simplify find_share_mode_entry callers
All callers used fill_share_mode_entry before calling
find_share_mode_entry. Remove that requirement.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 14 Sep 2013 11:49:14 +0000 (13:49 +0200)]
smbd: Convert set_share_mode to return bool for success
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 14 Sep 2013 11:48:03 +0000 (13:48 +0200)]
smbd: Make add_share_mode return bool
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 26 Sep 2013 01:39:27 +0000 (18:39 -0700)]
smbd: Change parameter from unsigned to uint32_t
share_mode_stale_pid internally only has to deal with uint32_t. Make
the parameter match this.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Günther Deschner [Tue, 8 Oct 2013 12:52:57 +0000 (14:52 +0200)]
lib/util: remove unused (and not even compiled) lib/util/capability.c.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Oct 8 17:32:59 CEST 2013 on sn-devel-104
Matthieu Patou [Sun, 6 Oct 2013 08:31:35 +0000 (01:31 -0700)]
Remove check_col from generated DCE/RPC dissectors.
This is a backport of
http://anonsvn.wireshark.org/viewvc?view=revision&revision=52313
Bug 8804 (https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8804).
Signed-off-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Andrew Bartlett <abartlett@samba.org>
Autobuild-User(master): Matthieu Patou <mat@samba.org>
Autobuild-Date(master): Mon Oct 7 08:09:51 CEST 2013 on sn-devel-104
Volker Lendecke [Wed, 11 Sep 2013 11:54:37 +0000 (11:54 +0000)]
smbd: Remove byte_range_lock->read_only
With the rewritten brl_get_lock_readonly we only set the destructor for
r/w lock records anyway.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Sun Oct 6 22:20:05 CEST 2013 on sn-devel-104
Volker Lendecke [Wed, 11 Sep 2013 11:53:26 +0000 (11:53 +0000)]
smbd: Remove the brl_get_locks wrapper
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Wed, 11 Sep 2013 11:51:44 +0000 (11:51 +0000)]
smbd: brl_get_locks_internal is always called r/w now
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Wed, 11 Sep 2013 11:36:54 +0000 (11:36 +0000)]
smbd: Restructure brl_get_locks_readonly
This is step 1 to get rid of brl_get_locks_internal with its complex readonly
business. It also optimizes 2 things: First, it uses dbwrap_parse_record to
avoid a talloc and memcpy, and second it uses talloc_pooled_object.
And -- hopefully it is easier to understand the caching logic with
fsp->brlock_rec and the clustering escape.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Wed, 11 Sep 2013 10:17:05 +0000 (10:17 +0000)]
smbd: Avoid an if-statement per read/write in the non-clustered case
Without clustering, fsp->brlock_rec will never be set anyway. In the
clustering case we can't use the seqnum trick, so this is slow enough
that the additional if-statement does not matter in this case anyway. In
the non-clustered case it might. Have not measured it, but every little
bit helps I guess.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Wed, 11 Sep 2013 09:31:36 +0000 (09:31 +0000)]
smbd: Remove unused "brl->key" struct element
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Sun Oct 6 15:49:43 CEST 2013 on sn-devel-104