amitay/samba.git
9 years agos4-provision handle a number of invalid but real-world upgrade cases
Andrew Bartlett [Mon, 5 Sep 2011 01:10:36 +0000 (11:10 +1000)]
s4-provision handle a number of invalid but real-world upgrade cases

Real world databass have the wrong account flags (U and W at the same time) and have the wrong
group type in group mapping databases.  Cope with these.

Andrew Bartlett

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Mon Sep  5 04:58:09 CEST 2011 on sn-devel-104

9 years agos4-provision Fix type error on existing idmap entries in s3 upgrade
Andrew Bartlett [Mon, 5 Sep 2011 01:09:14 +0000 (11:09 +1000)]
s4-provision Fix type error on existing idmap entries in s3 upgrade

This is already a DN object.

Andrew Bartlett

9 years agos4-dsdb Print clearer error messages when invalid account flags are specified on add
Andrew Bartlett [Mon, 5 Sep 2011 01:08:20 +0000 (11:08 +1000)]
s4-dsdb Print clearer error messages when invalid account flags are specified on add

9 years agos4-provision Use ProvisioningError and the eadb
Andrew Bartlett [Mon, 5 Sep 2011 01:07:39 +0000 (11:07 +1000)]
s4-provision Use ProvisioningError and the eadb

The eadb flag tells us to avoid using system extended attributes, typcially if we
are not running as root (ie, in a test environment).

The ProvisioningError class allows us to return failures to the upgrade_from_s3 script
which can then be detected correctly by the selftest framework.

Andrew Bartlett

9 years agos4-provision Add realm to DC configuration in upgrade_from_s3 test
Andrew Bartlett [Mon, 5 Sep 2011 01:04:42 +0000 (11:04 +1000)]
s4-provision Add realm to DC configuration in upgrade_from_s3 test

9 years agos4-provision Allow a missing idmap DB in upgrade.py
Andrew Bartlett [Sun, 4 Sep 2011 02:10:36 +0000 (12:10 +1000)]
s4-provision Allow a missing idmap DB in upgrade.py

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Sun Sep  4 06:34:16 CEST 2011 on sn-devel-104

9 years agos4-provision cope with SID_NAME_WKN_GRP mappings in upgrade.py
Andrew Bartlett [Sun, 4 Sep 2011 01:58:34 +0000 (11:58 +1000)]
s4-provision cope with SID_NAME_WKN_GRP mappings in upgrade.py

Some incorrect LDAP backends have entries with this group type, but
due to the pdb_ldap code, we cannot read the group members, and we
already skip them in add_group_from_mapping_entry().

Andrew Bartlett

9 years agos3:smb2cli: ask for a session key in smb2cli_sesssetup_send()
Stefan Metzmacher [Sat, 3 Sep 2011 07:53:13 +0000 (09:53 +0200)]
s3:smb2cli: ask for a session key in smb2cli_sesssetup_send()

This is needed if we want to support SMB2 signing later.

metze

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Sat Sep  3 16:21:35 CEST 2011 on sn-devel-104

9 years agos3-spoolss: Fix bug #8236 empty notify servername.
Andreas Schneider [Fri, 2 Sep 2011 15:03:43 +0000 (17:03 +0200)]
s3-spoolss: Fix bug #8236 empty notify servername.

Signed-off-by: Andreas Schneider <asn@samba.org>
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sat Sep  3 02:58:42 CEST 2011 on sn-devel-104

9 years agoPart 5 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid for set (Invalid...
Jeremy Allison [Fri, 2 Sep 2011 20:41:24 +0000 (13:41 -0700)]
Part 5 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid for set (Invalid argument)

Be smarter about setting default permissions when a ACL_GROUP_OBJ isn't given. Use the
principle of least surprises for the user.

Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sat Sep  3 00:16:05 CEST 2011 on sn-devel-104

9 years agoPart 4 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid for set (Invalid...
Jeremy Allison [Fri, 2 Sep 2011 20:36:10 +0000 (13:36 -0700)]
Part 4 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid for set (Invalid argument)

Be smarter about setting default permissions when a ACL_USER_OBJ isn't given. Use the
principle of least surprises for the user.

9 years agoPart 3 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid for set (Invalid...
Jeremy Allison [Fri, 2 Sep 2011 19:22:34 +0000 (12:22 -0700)]
Part 3 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid for set (Invalid argument)

Don't call check_owning_objs() to convert ACL_USER->ACL_USER_OBJ and
AC_GROUP->ACL_GROUP_OBJ for default (directory) ACLs, we do this separately
inside ensure_canon_entry_valid().

9 years agoPart 2 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid for set (Invalid...
Jeremy Allison [Fri, 2 Sep 2011 18:58:56 +0000 (11:58 -0700)]
Part 2 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid for set (Invalid argument)

Only map CREATOR_OWNER/CREATOR_GROUP to ACL_USER_OBJ/ACL_GROUP_OBJ in
a default(directory) ACL set.

9 years agoPart 1 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid for set (Invalid...
Jeremy Allison [Fri, 2 Sep 2011 18:21:08 +0000 (11:21 -0700)]
Part 1 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid for set (Invalid argument)

Remove the code I added for bug "6878 - Cannot change ACL's inherit flag". It is incorrect
and causes the POSIX ACL ACL_USER_OBJ duplication.

9 years agos3:registry: fix a debug message typo
Michael Adam [Thu, 1 Sep 2011 22:36:21 +0000 (00:36 +0200)]
s3:registry: fix a debug message typo

Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Fri Sep  2 11:47:11 CEST 2011 on sn-devel-104

9 years agos3:registry: introduce a define REGDB_CODE_VERSION and use it in regdb code.
Michael Adam [Thu, 1 Sep 2011 22:34:12 +0000 (00:34 +0200)]
s3:registry: introduce a define REGDB_CODE_VERSION and use it in regdb code.

This is to not use the precise code version REGDB_VERSION_V3 explicitly
in the code.

9 years agos3:registry: rename REGVE_Vx toREGDB_VERSION_Vx for consistency
Michael Adam [Thu, 1 Sep 2011 22:07:58 +0000 (00:07 +0200)]
s3:registry: rename REGVE_Vx toREGDB_VERSION_Vx for consistency

9 years agos3:registry: implement regdb_set_secdesc() with regdb_trans_do()
Michael Adam [Tue, 30 Aug 2011 14:30:01 +0000 (16:30 +0200)]
s3:registry: implement regdb_set_secdesc() with regdb_trans_do()

Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Fri Sep  2 00:51:40 CEST 2011 on sn-devel-104

9 years agos3:registry: implement regdb_store_values() with regdb_trans_do()
Michael Adam [Tue, 30 Aug 2011 12:06:22 +0000 (14:06 +0200)]
s3:registry: implement regdb_store_values() with regdb_trans_do()

This adds the runtime check for changed regdb format version to store_values

9 years agos3:registry: change regdb_store_values_internal() from bool to NTSTATUS return code
Michael Adam [Tue, 30 Aug 2011 14:11:01 +0000 (16:11 +0200)]
s3:registry: change regdb_store_values_internal() from bool to NTSTATUS return code

9 years agos3:registry: use the regdb_trans_do wrapper instead of using dbwrap_trans_do directly...
Michael Adam [Tue, 30 Aug 2011 14:00:21 +0000 (16:00 +0200)]
s3:registry: use the regdb_trans_do wrapper instead of using dbwrap_trans_do directly in the registry db code.

This verifies the regdb format version number before the corresponding write operations.

9 years agos3:registry: add regdb_trans_do(): a transaction wrapper that will check the regdb...
Michael Adam [Mon, 29 Aug 2011 15:06:27 +0000 (17:06 +0200)]
s3:registry: add regdb_trans_do(): a transaction wrapper that will check the regdb version

If the version has changed since initialization, the write will
fail with ACCESS_DENIED.

9 years agos3:registry: drop log level of unknown regdb version message in regdb_init() to 0
Michael Adam [Tue, 30 Aug 2011 13:59:30 +0000 (15:59 +0200)]
s3:registry: drop log level of unknown regdb version message in regdb_init() to 0

9 years agoFix bug 8433, segfault in iconv.c
Volker Lendecke [Thu, 1 Sep 2011 14:55:03 +0000 (16:55 +0200)]
Fix bug 8433, segfault in iconv.c

Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Thu Sep  1 18:25:34 CEST 2011 on sn-devel-104

9 years agos3-rpc_server: Add missing rng_fault_state in epmapper.
Andreas Schneider [Thu, 1 Sep 2011 07:32:33 +0000 (09:32 +0200)]
s3-rpc_server: Add missing rng_fault_state in epmapper.

We need to raise an exception so we need to set the rng_fault_state for
epm_Insert and epm_Delete if someone connects over a transport other
than NCALRPC.

Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Thu Sep  1 15:59:50 CEST 2011 on sn-devel-104

9 years agos3-rpc_server: Handle services with multiple pipe names.
Andreas Schneider [Wed, 31 Aug 2011 14:46:35 +0000 (16:46 +0200)]
s3-rpc_server: Handle services with multiple pipe names.

The configuration should only use the default pipe name to configure all
of them correctly.

9 years agoldb: make the 'spy' code more paranoid
Andrew Tridgell [Thu, 1 Sep 2011 04:28:10 +0000 (14:28 +1000)]
ldb: make the 'spy' code more paranoid

the spy code in ldb_tdb was added a while ago to overcome a memory
hierarchy problem with async ldb errors. Recently we started to get
valgrind errors related to the order of free in the spy code. This
patch ensures that we don't try to use a freed spy pointer. This
prevents the valgrind errors, although I suspect that the memory
hierarchy we have here is more complex than it needs to be

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Thu Sep  1 08:54:23 CEST 2011 on sn-devel-104

9 years agos4-services: disable the web server by default
Andrew Tridgell [Thu, 1 Sep 2011 03:50:17 +0000 (13:50 +1000)]
s4-services: disable the web server by default

the web server is not being actively maintained, and is causing
problems with memory errors (as shown by valgrind). It is better to
disable this until it can get some TLC

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

9 years agoldb: fixed ldbsearch when no baseDN specified and cross-ncs is used
Andrew Tridgell [Wed, 31 Aug 2011 06:17:54 +0000 (16:17 +1000)]
ldb: fixed ldbsearch when no baseDN specified and cross-ncs is used

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

9 years agopyldb: added OID_COMPARATOR constants
Andrew Tridgell [Wed, 31 Aug 2011 05:55:27 +0000 (15:55 +1000)]
pyldb: added OID_COMPARATOR constants

This also changes the other constants to remove the LDB_ prefix, which
is redundent

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

9 years agowintest: update snapshots
Andrew Bartlett [Mon, 29 Aug 2011 23:02:01 +0000 (09:02 +1000)]
wintest: update snapshots

9 years agoFix bug 8429 - Compound SMB2 requests on an IPC connection can corrupt the reply...
Jeremy Allison [Wed, 31 Aug 2011 00:37:19 +0000 (17:37 -0700)]
Fix bug 8429 - Compound SMB2 requests on an IPC connection can corrupt the reply stream.

Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Aug 31 21:18:11 CEST 2011 on sn-devel-104

9 years agoBased on metze's fix for Bug 8407 - SMB2 server can return requests out-of-order...
Jeremy Allison [Fri, 26 Aug 2011 21:23:26 +0000 (14:23 -0700)]
Based on metze's fix for Bug 8407 - SMB2 server can return requests out-of-order when processing a compound request. (cherry picked from commit 19db1c98c6ba3cb5e883e16e865c44900ce17444)

9 years agos3:smb2_server: keep compound_related on struct smbd_smb2_request
Stefan Metzmacher [Thu, 25 Aug 2011 21:33:41 +0000 (23:33 +0200)]
s3:smb2_server: keep compound_related on struct smbd_smb2_request

metze
(cherry picked from commit cda93f04eb4e7e975b192a5fd33275ec638140ac)

9 years agos3-waf: fix unresolved symbols in the group policy client side extensions subsystem.
Günther Deschner [Wed, 31 Aug 2011 16:19:40 +0000 (18:19 +0200)]
s3-waf: fix unresolved symbols in the group policy client side extensions subsystem.

Guenther

Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Wed Aug 31 19:48:39 CEST 2011 on sn-devel-104

9 years agos3-waf: convert libgpo into a private library.
Günther Deschner [Wed, 31 Aug 2011 16:19:13 +0000 (18:19 +0200)]
s3-waf: convert libgpo into a private library.

Guenther

9 years agos3-waf: allow undefined symbols in idmap_rid module.
Günther Deschner [Wed, 31 Aug 2011 15:56:51 +0000 (17:56 +0200)]
s3-waf: allow undefined symbols in idmap_rid module.

Guenther

9 years agos3: Fix bug 8334, do not fork the echo handler for smb2
Volker Lendecke [Wed, 31 Aug 2011 13:06:35 +0000 (15:06 +0200)]
s3: Fix bug 8334, do not fork the echo handler for smb2

If a smb1 negprot negotiated smb2 we forked the echo responder. This will
eventually lead to a panic from

[2011/08/30 10:33:29.212578,  0, pid=3846917] smbd/smb2_server.c:243(smbd_smb2_request_create)
  Invalid SMB packet: first request: 0x0009

because from the echo responder we always read using the normal smb1 protocol
handling routine. If that is a bit down the smb2 stream, we get a non-negprot
packet and panic.

BTW, the echo responder is not required for smb2 anyway, Microsoft confirmed
that it probes the server liveness using TCP keepalives and not smb2 echo
requests.

Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Wed Aug 31 17:58:48 CEST 2011 on sn-devel-104

9 years agos3-rpc_server: Disable epmapper by default.
Andreas Schneider [Wed, 31 Aug 2011 12:53:52 +0000 (14:53 +0200)]
s3-rpc_server: Disable epmapper by default.

We need more testing in the real world. We need to be sure that if a
Windows client can access port 135 it doesn't require that a service is
available via ncacn_ip_tcp. If possible please enable it using the
following smb.conf options for testing:

  rpc_daemon:epmd = fork
  rpc_server:epmapper = external

Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Wed Aug 31 16:29:20 CEST 2011 on sn-devel-104

9 years agodocs: Add documentation for the rpc_daemon parametric option.
Simo Sorce [Tue, 30 Aug 2011 21:11:48 +0000 (17:11 -0400)]
docs: Add documentation for the rpc_daemon parametric option.

9 years agodoc: Reflect the latest changes to the rpc_server option.
Andreas Schneider [Wed, 31 Aug 2011 10:13:22 +0000 (12:13 +0200)]
doc: Reflect the latest changes to the rpc_server option.

bug #8425.

9 years agos3-waf: allow unresolved symbols in some idmap and nss_info modules.
Günther Deschner [Wed, 31 Aug 2011 10:45:10 +0000 (12:45 +0200)]
s3-waf: allow unresolved symbols in some idmap and nss_info modules.

Guenther

Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Wed Aug 31 14:27:31 CEST 2011 on sn-devel-104

9 years agos3-waf: add missing tdb dependency to idmap_tdb2 module.
Günther Deschner [Wed, 31 Aug 2011 10:44:35 +0000 (12:44 +0200)]
s3-waf: add missing tdb dependency to idmap_tdb2 module.

Guenther

9 years agos3-waf: convert nss_info subsystem into a private library.
Günther Deschner [Wed, 31 Aug 2011 10:43:57 +0000 (12:43 +0200)]
s3-waf: convert nss_info subsystem into a private library.

Guenther

9 years agos4-smbtorture: For now, skip trusted domain auth validation tests against the sambas.
Günther Deschner [Wed, 31 Aug 2011 10:42:51 +0000 (12:42 +0200)]
s4-smbtorture: For now, skip trusted domain auth validation tests against the sambas.

Guenther

9 years agos4-smbtorture: Add trust password to CreateTrust test
Sumit Bose [Mon, 22 Aug 2011 10:34:36 +0000 (12:34 +0200)]
s4-smbtorture: Add trust password to CreateTrust test

Instead of using empty authinfo and authinfo_internal structures a trust
password is added to these structures. After creating the trust the trust
account is used to validate that the trust password is set correctly.

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agos3-lsa: Add _lsa_SetInformationTrustedDomain() and related calls
Sumit Bose [Tue, 28 Jun 2011 12:37:44 +0000 (14:37 +0200)]
s3-lsa: Add _lsa_SetInformationTrustedDomain() and related calls

The following LSA calls are added:
 - _lsa_SetInformationTrustedDomain()
 - _lsa_SetTrustedDomainInfo()
 -_lsa_SetTrustedDomainInfoByName()

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agos4-smbtorture: Add tests for lsaQueryTrustedDomainInfoByName() and lsaSetTrustedDomai...
Sumit Bose [Mon, 20 Jun 2011 12:39:01 +0000 (14:39 +0200)]
s4-smbtorture: Add tests for lsaQueryTrustedDomainInfoByName() and lsaSetTrustedDomainInfoByName()

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agos3-lsa: Update _lsa_QueryTrustedDomainInfo()
Sumit Bose [Wed, 6 Jul 2011 14:06:54 +0000 (16:06 +0200)]
s3-lsa: Update _lsa_QueryTrustedDomainInfo()

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agos3-pdb_ipa: Add supprted encryption types to struct pdb_trusted_domain
Sumit Bose [Thu, 23 Jun 2011 15:52:06 +0000 (17:52 +0200)]
s3-pdb_ipa: Add supprted encryption types to struct pdb_trusted_domain

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agos3-pdb_ipa: Add posix offset to struct pdb_trusted_domain
Sumit Bose [Thu, 23 Jun 2011 15:42:52 +0000 (17:42 +0200)]
s3-pdb_ipa: Add posix offset to struct pdb_trusted_domain

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agos3-ldap: Add Posix offset and encryption types to LDAP schema
Sumit Bose [Fri, 12 Aug 2011 15:46:23 +0000 (17:46 +0200)]
s3-ldap: Add Posix offset and encryption types to LDAP schema

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agos3-ldap: Add sambaTrustForestTrustInfo to NDS LDAP schema (again)
Sumit Bose [Fri, 19 Aug 2011 09:49:21 +0000 (11:49 +0200)]
s3-ldap: Add sambaTrustForestTrustInfo to NDS LDAP schema (again)

The related attributes and objectclass were accidentally remove by commit
d4c30a5ffbeab75506bf1ad5d8d5da48e3f4d41c

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agos3-lsa: Fix access mapping in_lsa_OpenTrustedDomain_base()
Sumit Bose [Wed, 6 Jul 2011 14:05:38 +0000 (16:05 +0200)]
s3-lsa: Fix access mapping in_lsa_OpenTrustedDomain_base()

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agos3-lsa: Fix typo and use right pdb interface
Sumit Bose [Fri, 3 Jun 2011 13:31:40 +0000 (15:31 +0200)]
s3-lsa: Fix typo and use right pdb interface

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agos3-pdb_ipa: Derive domain GUID from SID
Sumit Bose [Tue, 31 May 2011 13:31:51 +0000 (15:31 +0200)]
s3-pdb_ipa: Derive domain GUID from SID

Signed-off-by: Günther Deschner <gd@samba.org>
9 years agos3:modules make perfcount_test loadable again
Christian Ambach [Mon, 29 Aug 2011 15:48:53 +0000 (17:48 +0200)]
s3:modules make perfcount_test loadable again

use expected 'init_samba_module' name for initializer function

Autobuild-User: Christian Ambach <ambi@samba.org>
Autobuild-Date: Wed Aug 31 11:22:26 CEST 2011 on sn-devel-104

9 years agos3:lib S-1-5-9 is "Enterprise Domain Controllers"
Christian Ambach [Mon, 29 Aug 2011 15:46:06 +0000 (17:46 +0200)]
s3:lib S-1-5-9 is "Enterprise Domain Controllers"

and not ServerLogon

9 years agos3:lib remove duplicate entry for "Anonymous Logon"
Christian Ambach [Mon, 29 Aug 2011 15:44:53 +0000 (17:44 +0200)]
s3:lib remove duplicate entry for "Anonymous Logon"

9 years agos3:lib add S-1-5-17 to well-known SID list
Christian Ambach [Mon, 29 Aug 2011 15:42:45 +0000 (17:42 +0200)]
s3:lib add S-1-5-17 to well-known SID list

http://support.microsoft.com/kb/243330/en-us says the name is
"This organization", but Windows 2008 says IUSR

Picking the Windows 2008 variant as 'This Organization' would
be duplicate to S-1-5-15

9 years agos3:lib add some more well-known sids
Christian Ambach [Mon, 29 Aug 2011 15:40:18 +0000 (17:40 +0200)]
s3:lib add some more well-known sids

add S-1-3-2/Creator Owner Server, S-1-3-3/Creator Group Server and
S-1-3-4/Owner Rights to the well-known SID list

9 years agos3:lib add new well-known SIDs for BUILTIN
Christian Ambach [Mon, 29 Aug 2011 15:36:25 +0000 (17:36 +0200)]
s3:lib add new well-known SIDs for BUILTIN

Distributed COM Users, Cryptographic Operators, Event Log Readers
and Certificate Service DCOM Access were missing from the BUILTIN
well-known SID list

9 years agosecurity.idl add new well-known SIDs
Christian Ambach [Mon, 29 Aug 2011 15:34:57 +0000 (17:34 +0200)]
security.idl add new well-known SIDs

http://support.microsoft.com/kb/243330/en-us lists some new
well-known SIDS in the BUILTIN domain

9 years agotdb2: add full LGPL headers
Rusty Russell [Thu, 21 Jul 2011 05:14:50 +0000 (14:44 +0930)]
tdb2: add full LGPL headers

This is for SAMBA, so we follow their rules and do full license
headers.  Two files were missing them.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
(Imported from CCAN commit 58025731)

Autobuild-User: Rusty Russell <rusty@rustcorp.com.au>
Autobuild-Date: Wed Aug 31 09:52:43 CEST 2011 on sn-devel-104

9 years agoMAINTAINERS.txt: ping me about CCAN changes
Rusty Russell [Wed, 31 Aug 2011 04:28:14 +0000 (13:58 +0930)]
MAINTAINERS.txt: ping me about CCAN changes

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Autobuild-User: Rusty Russell <rusty@rustcorp.com.au>
Autobuild-Date: Wed Aug 31 07:58:34 CEST 2011 on sn-devel-104

9 years agoccan: fix likely redefinition warnings with --enable-tdb2
Rusty Russell [Wed, 31 Aug 2011 04:27:14 +0000 (13:57 +0930)]
ccan: fix likely redefinition warnings with --enable-tdb2

When we do --enable-tdb2, we start clashing with the replace.h
version:

In file included from ../lib/tdb2/tools/../private.h:25:0,
                 from ../lib/tdb2/tools/tdb2torture.c:60:
../lib/ccan/likely/likely.h:32:0: warning: "likely" redefined
../lib/replace/replace.h:762:0: note: this is the location of the previous definition
../lib/ccan/likely/likely.h:53:0: warning: "unlikely" redefined
../lib/replace/replace.h:765:0: note: this is the location of the previous definition

I don't like to #ifndef-protect them in general, since you don't want
different parts of the code to silently have different definitions,
but it's the simplest fix for now.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
9 years agotdb2: fix build with --enable-tdb2
Rusty Russell [Wed, 31 Aug 2011 04:26:40 +0000 (13:56 +0930)]
tdb2: fix build with --enable-tdb2

tdb2 doesn't expost tdb_jenkins_hash; go straight to the source in
ccan/hash.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
9 years agosmb2_constants: add SMB2_HDR_CREDIT_CHARGE
Stefan Metzmacher [Tue, 30 Aug 2011 09:48:16 +0000 (11:48 +0200)]
smb2_constants: add SMB2_HDR_CREDIT_CHARGE

SMB2_HDR_EPOCH was never used and SMB 2.10 uses it as
SMB2_HDR_CREDIT_CHARGE.

We keep SMB2_HDR_EPOCH as alias for now, until all callers
are fixed.

metze

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Tue Aug 30 23:49:56 CEST 2011 on sn-devel-104

9 years agos3:include: add CAP_LWIO and CAP_DYNAMIC_REAUTH defines
Stefan Metzmacher [Mon, 29 Aug 2011 18:39:55 +0000 (20:39 +0200)]
s3:include: add CAP_LWIO and CAP_DYNAMIC_REAUTH defines

metze

9 years agos3-build: move libsmb/clisigning.c to LIBSMB_SRC
Stefan Metzmacher [Tue, 30 Aug 2011 14:58:09 +0000 (16:58 +0200)]
s3-build: move libsmb/clisigning.c to LIBSMB_SRC

It's only needed in the client library.

metze

9 years agos3:smb2 fix Bug 8428 - wrong reply to DHnC (durable handle reconnect)
Christian Ambach [Tue, 30 Aug 2011 15:39:56 +0000 (17:39 +0200)]
s3:smb2 fix Bug 8428 - wrong reply to DHnC (durable handle reconnect)

According to [MS-SMB2] 3.3.5.9.7
(http://msdn.microsoft.com/en-us/library/cc246784%28v=PROT.13%29.aspx),
smbd must reply with NT_STATUS_OBJECT_NAME_NOT_FOUND as it does not
support durable file-handles yet.

I have seen w2k8r2 running xcopy /C ending up in an endless loop
trying to get back the original file handle from smbd sending the same
requests over and over.

Metze, Jeremy, please check!

Signed-off-by: Jeremy Allison <jra@samba.org>
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Tue Aug 30 22:20:36 CEST 2011 on sn-devel-104

9 years agos3-rpc_server: Make sure we switch always the connecting user.
Andreas Schneider [Tue, 30 Aug 2011 14:37:40 +0000 (16:37 +0200)]
s3-rpc_server: Make sure we switch always the connecting user.

We always have a valid session info and if it is a anonymous connection
we have a session info of the guest user. This means we should always
call become_authenticated_pipe_user() else and anonymous user could do
things as root.

Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Tue Aug 30 20:50:54 CEST 2011 on sn-devel-104

9 years agos3: Silence some warnings
Volker Lendecke [Tue, 30 Aug 2011 15:02:54 +0000 (17:02 +0200)]
s3: Silence some warnings

Rusty, please suggest a proper fix for this.

Thanks,

Volker Lendecke

Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Tue Aug 30 19:16:14 CEST 2011 on sn-devel-104

9 years agosmbtorture4: Fix a typo
Volker Lendecke [Tue, 30 Aug 2011 06:20:57 +0000 (08:20 +0200)]
smbtorture4: Fix a typo

Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Tue Aug 30 09:51:10 CEST 2011 on sn-devel-104

9 years agoFixed regression test case for Bug 8412 - Microsoft Office 2007 (Microsoft Word)...
Jeremy Allison [Mon, 29 Aug 2011 23:49:29 +0000 (16:49 -0700)]
Fixed regression test case for Bug 8412 - Microsoft Office 2007 (Microsoft Word) fails to save as on a Samba share with SMB2

Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Tue Aug 30 03:26:49 CEST 2011 on sn-devel-104

9 years agoFix bug 8412 - Microsoft Office 2007 (Microsoft Word) fails to save as on a Samba...
Jeremy Allison [Mon, 29 Aug 2011 23:47:16 +0000 (16:47 -0700)]
Fix bug 8412 - Microsoft Office 2007 (Microsoft Word) fails to save as on a Samba share with SMB2.

9 years agoFix bug Bug 8422 - Infinite loop in ACL module code.
Jeremy Allison [Mon, 29 Aug 2011 23:46:15 +0000 (16:46 -0700)]
Fix bug Bug 8422 - Infinite loop in ACL module code.

Missing assignment means this loop will never terminate. Need to be applied
to 3.5.x and 3.6.1.

9 years agos4: Mark the winsreplication test as knownfail
Volker Lendecke [Mon, 29 Aug 2011 17:33:18 +0000 (19:33 +0200)]
s4: Mark the winsreplication test as knownfail

This continues to break my autobuild even if I just check something into
source3.

Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Mon Aug 29 21:04:06 CEST 2011 on sn-devel-104

9 years agos3: Fix getent group if trusted domains are not reachable
Volker Lendecke [Thu, 25 Aug 2011 18:13:09 +0000 (20:13 +0200)]
s3: Fix getent group if trusted domains are not reachable

9 years agos3:rpc_server: fix two debug messages in svcctl_add_service()
Michael Adam [Mon, 29 Aug 2011 10:52:40 +0000 (12:52 +0200)]
s3:rpc_server: fix two debug messages in svcctl_add_service()

(copy and paste from eventlog?)

Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Mon Aug 29 15:30:33 CEST 2011 on sn-devel-104

9 years agos3-lib: If we create a pipe socket, don't start to listen.
Andreas Schneider [Mon, 29 Aug 2011 07:49:22 +0000 (09:49 +0200)]
s3-lib: If we create a pipe socket, don't start to listen.

The create_pipe_sock() function should only create the socket as the
name states and not start to listen on it too. We should start to listen
on in the individual places as we need different backlog values.

Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Mon Aug 29 13:21:43 CEST 2011 on sn-devel-104

9 years agos3:libsmb: make cli_session_request_send/recv() static
Stefan Metzmacher [Sun, 28 Aug 2011 14:55:57 +0000 (16:55 +0200)]
s3:libsmb: make cli_session_request_send/recv() static

metze

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Sun Aug 28 20:29:01 CEST 2011 on sn-devel-104

9 years agos3:libsmb: move cli_session_request*() to smbsock_connect.c
Stefan Metzmacher [Sun, 28 Aug 2011 14:53:56 +0000 (16:53 +0200)]
s3:libsmb: move cli_session_request*() to smbsock_connect.c

metze

9 years agos3:libsmb: move cli_smb_oplock_break_waiter*() to clioplock.c
Stefan Metzmacher [Sun, 28 Aug 2011 15:16:11 +0000 (17:16 +0200)]
s3:libsmb: move cli_smb_oplock_break_waiter*() to clioplock.c

metze

9 years agos3:libsmb: use cli_smb_req_set_mid() in cli_smb_oplock_break_waiter_send()
Stefan Metzmacher [Sun, 28 Aug 2011 14:28:21 +0000 (16:28 +0200)]
s3:libsmb: use cli_smb_req_set_mid() in cli_smb_oplock_break_waiter_send()

metze

9 years agos3:libsmb: let cli_smb_req_mid() return the mid set by cli_smb_req_set_mid()
Stefan Metzmacher [Sun, 28 Aug 2011 14:30:58 +0000 (16:30 +0200)]
s3:libsmb: let cli_smb_req_mid() return the mid set by cli_smb_req_set_mid()

metze

9 years agodnspython: Update to latest upstream snapshot.
Jelmer Vernooij [Sat, 27 Aug 2011 14:07:52 +0000 (16:07 +0200)]
dnspython: Update to latest upstream snapshot.

Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sat Aug 27 17:40:39 CEST 2011 on sn-devel-104

9 years agosubunit: Update to latest upstream snapshot.
Jelmer Vernooij [Sat, 27 Aug 2011 14:07:38 +0000 (16:07 +0200)]
subunit: Update to latest upstream snapshot.

9 years agotesttools: Update to latest upstream snapshot.
Jelmer Vernooij [Sat, 27 Aug 2011 14:07:25 +0000 (16:07 +0200)]
testtools: Update to latest upstream snapshot.

9 years agoRAW_SFILEINFO_RENAME_INFORMATION_SMB2 sends 4 bytes of uninitialized data out on...
Jeremy Allison [Sat, 27 Aug 2011 04:14:04 +0000 (21:14 -0700)]
RAW_SFILEINFO_RENAME_INFORMATION_SMB2 sends 4 bytes of uninitialized data out on the network.

Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sat Aug 27 07:48:30 CEST 2011 on sn-devel-104

9 years agos3: Fix a winbind race leading to 100% CPU
Volker Lendecke [Fri, 26 Aug 2011 14:54:18 +0000 (16:54 +0200)]
s3: Fix a winbind race leading to 100% CPU

This fixes a race condition that leads to the winbindd_children list becoming
corrupted. It happens when on a busy winbind SIGCHLD is a bit late.

Imagine a winbind with multiple requests in the queue for a single child. Child
dies, and before the SIGCHLD handler is called we find the socket to be dead.
wb_child_request_done is called, receiving an error from wb_simple_trans_recv.
It closes the socket. Then immediately the wb_child_request_trigger will do
another fork_domain_child before the signal handler is called. This means that
we do another fork_domain_child, we have child->sock==-1 at this point.
fork_domain_child will do a DLIST_ADD(winbindd_children, child) a second time
where the child is already part of that list. This corrupts the list. Then the
signal handler kicks in, spinning in

for (child = winbindd_children; child != NULL; child = child->next) {

forever. Not good. This patch makes sure that both conditions (sock==-1 and not
part of the list) for a winbindd_child struct match up.

Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Fri Aug 26 18:51:24 CEST 2011 on sn-devel-104

9 years agos3: Fix two int/enum mixups
Volker Lendecke [Fri, 26 Aug 2011 14:35:29 +0000 (16:35 +0200)]
s3: Fix two int/enum mixups

9 years agos4-drsuapi Allow DsAddEntry of normal objects
Andrew Bartlett [Fri, 26 Aug 2011 06:06:31 +0000 (16:06 +1000)]
s4-drsuapi Allow DsAddEntry of normal objects

We previously only allowed objects of class ntDSDSA

Andrew Bartlett

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Fri Aug 26 15:34:21 CEST 2011 on sn-devel-104

9 years agos4-messaging ensure we do not segfault on a NULL msg context in cleanup
Andrew Bartlett [Fri, 26 Aug 2011 06:05:46 +0000 (16:05 +1000)]
s4-messaging ensure we do not segfault on a NULL msg context in cleanup

9 years agoselftest: Allow a krb5.conf to be generated that covers multiple realms
Andrew Bartlett [Fri, 26 Aug 2011 06:02:01 +0000 (16:02 +1000)]
selftest: Allow a krb5.conf to be generated that covers multiple realms

9 years agobuild: Add dcerpc-binding to dcerpc.pc
Andrew Bartlett [Thu, 25 Aug 2011 10:46:13 +0000 (20:46 +1000)]
build: Add dcerpc-binding to dcerpc.pc

This will help projects like OpenChange that depend on
this code, now that it has been split between two libraries.

Andrew Bartlett

9 years agos4-dsdb Return ACL errors as ldb_errstring()
Andrew Bartlett [Thu, 25 Aug 2011 09:20:28 +0000 (19:20 +1000)]
s4-dsdb Return ACL errors as ldb_errstring()

This string is reported to the caller, which makes debugging much easier.

Andrew Bartlett

9 years agos4-provision Use samba.dns_name_to_dn
Andrew Bartlett [Wed, 24 Aug 2011 05:32:57 +0000 (15:32 +1000)]
s4-provision Use samba.dns_name_to_dn

9 years agos3-passdb: Allocate talloc stackframe before calling pdb_get_group_sid()
Amitay Isaacs [Fri, 26 Aug 2011 06:25:27 +0000 (16:25 +1000)]
s3-passdb: Allocate talloc stackframe before calling pdb_get_group_sid()

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
9 years agos3-param: Allocate talloc stackframe before calling s3 param routines
Amitay Isaacs [Fri, 26 Aug 2011 02:59:01 +0000 (12:59 +1000)]
s3-param: Allocate talloc stackframe before calling s3 param routines

Signed-off-by: Andrew Bartlett <abartlet@samba.org>