9 years agos4-acl-test: use symbolic names for groupType
Andrew Tridgell [Fri, 5 Aug 2011 04:03:58 +0000 (14:03 +1000)]
s4-acl-test: use symbolic names for groupType

clearer than magic numbers

9 years agos4-pysamba: fixed double conversion of int32
Andrew Tridgell [Fri, 5 Aug 2011 04:02:39 +0000 (14:02 +1000)]
s4-pysamba: fixed double conversion of int32

if the number is already negative, we shouldn't convert it

9 years agos4-dsdb: make extended_dn_in a bit more efficient
Andrew Tridgell [Fri, 5 Aug 2011 03:10:22 +0000 (13:10 +1000)]
s4-dsdb: make extended_dn_in a bit more efficient

checking filter elements in the right order makes it a little faster

9 years agos4-samdb: support relative paths in SamDB() connect
Andrew Tridgell [Fri, 5 Aug 2011 03:09:35 +0000 (13:09 +1000)]
s4-samdb: support relative paths in SamDB() connect

don't add the private path unless the database doesn't exist with the
supplied path

9 years agos4-dsdb: use dn_format shortcut to find DN format
Andrew Tridgell [Fri, 5 Aug 2011 01:28:12 +0000 (11:28 +1000)]
s4-dsdb: use dn_format shortcut to find DN format

this saves some string comparisons

9 years agopysamdb: move normalise_int32() to common module
Andrew Tridgell [Fri, 5 Aug 2011 01:17:06 +0000 (11:17 +1000)]
pysamdb: move normalise_int32() to common module

this will be needed in quite a few places

9 years agos3-rpc_server: Fix sending of packets over named pipe proxy.
Andreas Schneider [Wed, 3 Aug 2011 21:44:21 +0000 (23:44 +0200)]
s3-rpc_server: Fix sending of packets over named pipe proxy.

We need for named pipes we need to send each fragment on its own to be a

Signed-off-by: Simo Sorce <>
Autobuild-User: Andreas Schneider <>
Autobuild-Date: Tue Aug  9 11:55:18 CEST 2011 on sn-devel-104

9 years agos3-smbd: Pass tevent context to smbd_server_connection_loop_once().
Andreas Schneider [Mon, 8 Aug 2011 16:39:56 +0000 (18:39 +0200)]
s3-smbd: Pass tevent context to smbd_server_connection_loop_once().

Signed-off-by: Simo Sorce <>
9 years agos3-rpc_server: Free the children of p->mem_ctx.
Andreas Schneider [Tue, 26 Jul 2011 10:07:20 +0000 (12:07 +0200)]
s3-rpc_server: Free the children of p->mem_ctx.

Free the children of p->mem_ctx after processing a complete incoming and
outgoing request.

Signed-off-by: Simo Sorce <>
9 years agos3:lib/events: Fix a bug in run_poll_events().
Stefan Metzmacher [Mon, 8 Aug 2011 16:49:06 +0000 (18:49 +0200)]
s3:lib/events: Fix a bug in run_poll_events().

Ignore fd events without EVENT_FD_READ or EVENT_FD_WRITE also in
run_events_poll(). They are ignore when building the array
for the syscall in event_add_to_poll_args(), so we need to
ignore them run_events_poll() too.


Signed-off-by: Andreas Schneider <>
Autobuild-User: Stefan Metzmacher <>
Autobuild-Date: Tue Aug  9 10:11:54 CEST 2011 on sn-devel-104

9 years agotalloc: prepare for 2.0.6 release
Andrew Tridgell [Mon, 8 Aug 2011 22:40:17 +0000 (08:40 +1000)]
talloc: prepare for 2.0.6 release

Autobuild-User: Andrew Tridgell <>
Autobuild-Date: Tue Aug  9 04:03:49 CEST 2011 on sn-devel-104

9 years agotalloc: ensure the sibling linked list remains valid during a free
Andrew Tridgell [Mon, 8 Aug 2011 08:24:32 +0000 (18:24 +1000)]
talloc: ensure the sibling linked list remains valid during a free

This ensures that the sibling list of a pointer doesn't become invalid
during a free operation. It is an alternative fix to the fix in
6f51a1f45bf4de062cce7a562477e8140630a53d, and avoids the problem of
trying to calculate the parent pointer early

This should fix the subtle spoolss talloc bug that Simo found

Autobuild-User: Andrew Tridgell <>
Autobuild-Date: Tue Aug  9 01:53:17 CEST 2011 on sn-devel-104

9 years agos3:selftest: run the net rpc registry test under "s3dc" instead "s3dc:local".
Michael Adam [Mon, 8 Aug 2011 14:31:31 +0000 (16:31 +0200)]
s3:selftest: run the net rpc registry test under "s3dc" instead "s3dc:local".

Autobuild-User: Michael Adam <>
Autobuild-Date: Mon Aug  8 19:18:41 CEST 2011 on sn-devel-104

9 years agos3-net: Fixed a small typo in net conf function table
Vicentiu Ciorbaru [Thu, 28 Jul 2011 12:39:34 +0000 (15:39 +0300)]
s3-net: Fixed a small typo in net conf function table

The description of the function net conf delincludes had a wrong
usage message: "net conf setincludes" instead of "net conf delincludes".

Signed-off-by: Michael Adam <>
9 years agos4:pyglue: PyArg_ParseTuple("I") requires an 'unsigned int' argument
Stefan Metzmacher [Mon, 8 Aug 2011 12:34:11 +0000 (14:34 +0200)]
s4:pyglue: PyArg_ParseTuple("I") requires an 'unsigned int' argument

If we pass variable references we don't get implicit casting!


Autobuild-User: Stefan Metzmacher <>
Autobuild-Date: Mon Aug  8 18:01:19 CEST 2011 on sn-devel-104

9 years agos4:py_net: PyArg_ParseTuple("i") requires an 'int' argument
Stefan Metzmacher [Mon, 8 Aug 2011 12:31:40 +0000 (14:31 +0200)]
s4:py_net: PyArg_ParseTuple("i") requires an 'int' argument

If we pass variable references we don't get implicit casting!


9 years agos4:pyregistry: PyArg_ParseTuple("z#") requires an 'int' argument instead of 'size_t'
Stefan Metzmacher [Mon, 8 Aug 2011 12:30:00 +0000 (14:30 +0200)]
s4:pyregistry: PyArg_ParseTuple("z#") requires an 'int' argument instead of 'size_t'

If we pass variables by reference we don't get implicit type casting.


9 years agos4:pycredentials: PyArg_ParseTuple("i") requires an 'int' argument.
Stefan Metzmacher [Mon, 8 Aug 2011 12:21:42 +0000 (14:21 +0200)]
s4:pycredentials: PyArg_ParseTuple("i") requires an 'int' argument.

If we pass variable references we don't get implicit casting!


9 years agopidl:Samba4/Python: PyArg_ParseTuple with "s#" returns 'int' instead of 'size_t'
Stefan Metzmacher [Mon, 8 Aug 2011 12:00:31 +0000 (14:00 +0200)]
pidl:Samba4/Python: PyArg_ParseTuple with "s#" returns 'int' instead of 'size_t'

If we pass variable references we don't get implicit casting!


9 years agopyldb: fix uninitialized memory bug in PyArg_ParseTuple() argument
Stefan Metzmacher [Mon, 8 Aug 2011 11:21:18 +0000 (13:21 +0200)]
pyldb: fix uninitialized memory bug in PyArg_ParseTuple() argument

"s#", &str, &len) required 'len' as 'int' not as 'Py_ssize_t'.
With Py_ssize_t the 2nd half of a 64bit Py_ssize_t, will be
uninitialized as 'int' is only 32bit.


9 years agos3-net: Fixed typo in net conf
Vicentiu Ciorbaru [Wed, 3 Aug 2011 20:24:09 +0000 (23:24 +0300)]
s3-net: Fixed typo in net conf

There was a missing ']' in net conf addshare usage message.

Signed-off-by: Michael Adam <>
Autobuild-User: Michael Adam <>
Autobuild-Date: Mon Aug  8 16:44:08 CEST 2011 on sn-devel-104

9 years agos3:smbconf let drop leave the smbconf key in place to match a virgin registry.tdb
Gregor Beck [Tue, 2 Aug 2011 12:52:12 +0000 (14:52 +0200)]
s3:smbconf let drop leave the smbconf key in place to match a virgin registry.tdb

Signed-off-by: Michael Adam <>
9 years agos3:registry avoid updating keys which are going to be deleted in
Gregor Beck [Mon, 1 Aug 2011 13:27:46 +0000 (15:27 +0200)]
s3:registry avoid updating keys which are going to be deleted in

this changes the complexity from O(n^2) to O(n) and reduces the time of
a 'net conf drop' with 10000 shares from 6min to 1.5s

Signed-off-by: Michael Adam <>
9 years agobuild: Make credentials a public library for OpenChange to use
Andrew Bartlett [Fri, 29 Jul 2011 07:04:11 +0000 (17:04 +1000)]
build: Make credentials a public library for OpenChange to use

Autobuild-User: Andrew Bartlett <>
Autobuild-Date: Mon Aug  8 14:53:53 CEST 2011 on sn-devel-104

9 years agobuild: rename rpcommon to dcerpc-binding an make a public library
Andrew Bartlett [Fri, 29 Jul 2011 07:03:45 +0000 (17:03 +1000)]
build: rename rpcommon to dcerpc-binding an make a public library

OpenChange needs this library.

Andrew Bartlett

9 years agobuild: provide tevent-util as a public library
Andrew Bartlett [Fri, 29 Jul 2011 07:01:38 +0000 (17:01 +1000)]
build: provide tevent-util as a public library

This is needed so that OpenChange can get at _tevent_req_nterr(), which is referenced
by generated PIDL output.

Andrew Bartlett

9 years agos3-waf: Fix build on FreeBSD when sunacl.h is found
Andrew Bartlett [Mon, 8 Aug 2011 01:16:20 +0000 (11:16 +1000)]
s3-waf: Fix build on FreeBSD when sunacl.h is found

Autobuild-User: Andrew Bartlett <>
Autobuild-Date: Mon Aug  8 04:34:35 CEST 2011 on sn-devel-104

9 years agos3:smb2_server: make sure we grant credits on async read/write operations (bug #8357)
Stefan Metzmacher [Sat, 6 Aug 2011 08:19:21 +0000 (10:19 +0200)]
s3:smb2_server: make sure we grant credits on async read/write operations (bug #8357)

Currently we skip, the "gone async" interim response on read and write,
this caused the aio code path to grant 0 credits to the client
in the read/write responses.


Autobuild-User: Stefan Metzmacher <>
Autobuild-Date: Sun Aug  7 22:23:57 CEST 2011 on sn-devel-104

9 years agosd_utils: Fix some formatting, add module docstring.
Jelmer Vernooij [Sun, 7 Aug 2011 16:55:14 +0000 (18:55 +0200)]
sd_utils: Fix some formatting, add module docstring.

Autobuild-User: Jelmer Vernooij <>
Autobuild-Date: Sun Aug  7 21:07:04 CEST 2011 on sn-devel-104

9 years agopyldb: Generate ABI file.
Jelmer Vernooij [Sun, 7 Aug 2011 15:17:18 +0000 (17:17 +0200)]
pyldb: Generate ABI file.

9 years agopyldb: Consistently use pyldb_ prefix.
Jelmer Vernooij [Sun, 7 Aug 2011 15:08:56 +0000 (17:08 +0200)]
pyldb: Consistently use pyldb_ prefix.

9 years agos3:web/swat: use strtoll() instead of atoi/atol/atoll
Stefan Metzmacher [Fri, 5 Aug 2011 17:48:38 +0000 (19:48 +0200)]
s3:web/swat: use strtoll() instead of atoi/atol/atoll

This is more portable, as we have a strtoll replacement
in lib/replace.


Autobuild-User: Stefan Metzmacher <>
Autobuild-Date: Sat Aug  6 11:55:45 CEST 2011 on sn-devel-104

9 years agos4:netcmd/ we don't need to set autogenerated attributes
Stefan Metzmacher [Wed, 3 Aug 2011 07:15:11 +0000 (09:15 +0200)]
s4:netcmd/ we don't need to set autogenerated attributes


9 years agoidl: We don't need a context for FRSRPC_COMM_PKT_CHUNK_CO_EXTENTION_2 and avoid colis...
Matthieu Patou [Fri, 5 Aug 2011 20:55:52 +0000 (00:55 +0400)]
idl: We don't need a context for FRSRPC_COMM_PKT_CHUNK_CO_EXTENTION_2 and avoid colision on bop attribute

Autobuild-User: Matthieu Patou <>
Autobuild-Date: Sat Aug  6 00:50:47 CEST 2011 on sn-devel-104

9 years agopidl: for wireshark use only the major of the version
Matthieu Patou [Fri, 5 Aug 2011 19:14:03 +0000 (23:14 +0400)]
pidl: for wireshark use only the major of the version

9 years agopidl: For wireshark check also LIBNDR_FLAG_NOALIGN for not aligning
Matthieu Patou [Fri, 5 Aug 2011 19:13:08 +0000 (23:13 +0400)]
pidl: For wireshark check also LIBNDR_FLAG_NOALIGN for not aligning

9 years agopidl: handle union when the switch variable is outside of the union for wireshark...
Matthieu Patou [Fri, 5 Aug 2011 19:11:47 +0000 (23:11 +0400)]
pidl: handle union when the switch variable is outside of the union for wireshark dissector

9 years agopidl: add subcontext handling for wireshark
Matthieu Patou [Fri, 5 Aug 2011 19:07:57 +0000 (23:07 +0400)]
pidl: add subcontext handling for wireshark

9 years agopidl: If STR_NULLTERM we concider it's a string as well
Matthieu Patou [Fri, 5 Aug 2011 19:03:29 +0000 (23:03 +0400)]
pidl: If STR_NULLTERM we concider it's a string as well

9 years agopidl: handle hyper attribute for wireshark
Matthieu Patou [Tue, 2 Aug 2011 18:42:58 +0000 (22:42 +0400)]
pidl: handle hyper attribute for wireshark

9 years agopidl: handle datablob for wireshark generator
Matthieu Patou [Tue, 2 Aug 2011 18:42:44 +0000 (22:42 +0400)]
pidl: handle datablob for wireshark generator

9 years agopidl: rpc version is a 32 bit
Matthieu Patou [Tue, 2 Aug 2011 07:56:51 +0000 (11:56 +0400)]
pidl: rpc version is a 32 bit

9 years agopidl: generate code for dissecting null terminated strings
Matthieu Patou [Tue, 2 Aug 2011 07:56:32 +0000 (11:56 +0400)]
pidl: generate code for dissecting null terminated strings

9 years agopidl: don't expect to have quote when creating import headers
Matthieu Patou [Tue, 2 Aug 2011 07:50:32 +0000 (11:50 +0400)]
pidl: don't expect to have quote when creating import headers

Currently the $_ didn't contains the quote anymore, in order to avoid
any further regression the cleanup of quote is done before so that if
$_ still have quotes we clean them in anycase.

9 years agos4-scripting: allow to specify the number max of iteration around getNcChanges
Matthieu Patou [Thu, 4 Aug 2011 15:59:49 +0000 (19:59 +0400)]
s4-scripting: allow to specify the number max of iteration around getNcChanges

9 years agos3:rpc_transport_tstream: only use tstream_cli_np_use_trans() for sync requests
Stefan Metzmacher [Thu, 28 Jul 2011 12:15:15 +0000 (14:15 +0200)]
s3:rpc_transport_tstream: only use tstream_cli_np_use_trans() for sync requests

Currently the caller doesn't cope with multiple async requests anyway,
so this is just protection for the future.


Autobuild-User: Stefan Metzmacher <>
Autobuild-Date: Fri Aug  5 22:31:12 CEST 2011 on sn-devel-104

9 years agos3: Make srv_enc_ctx static
Volker Lendecke [Fri, 5 Aug 2011 14:19:27 +0000 (16:19 +0200)]
s3: Make srv_enc_ctx static

Autobuild-User: Volker Lendecke <>
Autobuild-Date: Fri Aug  5 18:29:24 CEST 2011 on sn-devel-104

9 years agos3: Fix a debug message
Volker Lendecke [Fri, 5 Aug 2011 14:14:11 +0000 (16:14 +0200)]
s3: Fix a debug message

9 years agos3: Fix some nonempty blank lines
Volker Lendecke [Fri, 5 Aug 2011 14:01:23 +0000 (16:01 +0200)]
s3: Fix some nonempty blank lines

9 years agos3: Fix "ISO C90 forbids mixed declarations and code"
Volker Lendecke [Fri, 5 Aug 2011 13:40:22 +0000 (15:40 +0200)]
s3: Fix "ISO C90 forbids mixed declarations and code"

Autobuild-User: Volker Lendecke <>
Autobuild-Date: Fri Aug  5 16:58:37 CEST 2011 on sn-devel-104

9 years agos3: Fix some nonempty blank lines
Volker Lendecke [Fri, 5 Aug 2011 13:38:33 +0000 (15:38 +0200)]
s3: Fix some nonempty blank lines

9 years agos3-docs: document --user-sidinfo wbinfo option.
Günther Deschner [Fri, 5 Aug 2011 10:25:52 +0000 (12:25 +0200)]
s3-docs: document --user-sidinfo wbinfo option.


Autobuild-User: Günther Deschner <>
Autobuild-Date: Fri Aug  5 14:06:09 CEST 2011 on sn-devel-104

9 years agos3: make linking of pthreadpooltest work on more platforms
Björn Jacke [Thu, 4 Aug 2011 21:47:47 +0000 (23:47 +0200)]
s3: make linking of pthreadpooltest work on more platforms

Autobuild-User: Björn Jacke <>
Autobuild-Date: Fri Aug  5 12:48:55 CEST 2011 on sn-devel-104

9 years agos3/ldap: delay the ldap search alarm termination a bit
Björn Jacke [Thu, 4 Aug 2011 14:42:37 +0000 (16:42 +0200)]
s3/ldap: delay the ldap search alarm termination a bit

do the alarm termination of the the ldap search a bit delayed so the LDAP
server has a chance to tell us that the time limit was reached and the
search was abandoned. If the search is terminated this way we also get
the correct LDAP return code in the logs. If alarm() stops the search the ldap
search routine will report that the LDAP server is down which would trigger us
to rebind to the server needlessly which we also want to avoid.

9 years agos3-nmbd: fix talloc/malloc mismatch in create_listen_pollfds().
Günther Deschner [Thu, 4 Aug 2011 15:32:22 +0000 (17:32 +0200)]
s3-nmbd: fix talloc/malloc mismatch in create_listen_pollfds().


Autobuild-User: Günther Deschner <>
Autobuild-Date: Thu Aug  4 19:06:39 CEST 2011 on sn-devel-104

9 years agos3/swat: use strlcat instead of strncat to fix build on old Linux distros
Björn Jacke [Thu, 4 Aug 2011 14:25:08 +0000 (16:25 +0200)]
s3/swat: use strlcat instead of strncat to fix build on old Linux distros

SLES 9's glibc for example had weird macros where the use of strncat resulted
in the use of strcat which we don't allow.

Signed-off-by: Stefan Metzmacher <>
Autobuild-User: Björn Jacke <>
Autobuild-Date: Thu Aug  4 17:50:24 CEST 2011 on sn-devel-104

9 years agos4-librpc: Fix double free.
Andreas Schneider [Wed, 3 Aug 2011 21:44:45 +0000 (23:44 +0200)]
s4-librpc: Fix double free.

Autobuild-User: Andreas Schneider <>
Autobuild-Date: Thu Aug  4 12:31:18 CEST 2011 on sn-devel-104

9 years agos4-ldb: two DNs only match if they have the same deletion status
Andrew Tridgell [Thu, 4 Aug 2011 04:59:47 +0000 (14:59 +1000)]
s4-ldb: two DNs only match if they have the same deletion status

Autobuild-User: Andrew Tridgell <>
Autobuild-Date: Thu Aug  4 09:34:08 CEST 2011 on sn-devel-104

9 years agotalloc: check block count aftter references test
Andrew Tridgell [Thu, 4 Aug 2011 02:07:19 +0000 (12:07 +1000)]
talloc: check block count aftter references test

Pair-Programmed-With: Amitay Isaacs <>

9 years agos4-samdb: save the url in the samdb class
Andrew Tridgell [Wed, 3 Aug 2011 01:31:45 +0000 (11:31 +1000)]
s4-samdb: save the url in the samdb class

this is useful for debugging, so we know which database we are dealing

Pair-Programmed-With: Amitay Isaacs <>

9 years agos4-dsdb: extend the extended_dn_in module to handle DN links
Andrew Tridgell [Tue, 2 Aug 2011 07:19:16 +0000 (17:19 +1000)]
s4-dsdb: extend the extended_dn_in module to handle DN links

this replaces DN components in incoming filter expressions with the
full extended DN of the target, which allows search expressions based
on <GUID=> and <SID=> DNs, as well as fixing the problem with one-way
links in search expressions

Pair-Programmed-With: Andrew Bartlett <>

9 years agoldb: rule_id in ldb_parse_tree should be const
Andrew Tridgell [Tue, 2 Aug 2011 07:17:13 +0000 (17:17 +1000)]
ldb: rule_id in ldb_parse_tree should be const

this allows assignment to a constant string without allocation

Pair-Programmed-With: Andrew Bartlett <>

9 years agoldb: added a new always-fail ldap extended match OID
Andrew Tridgell [Tue, 2 Aug 2011 07:16:44 +0000 (17:16 +1000)]
ldb: added a new always-fail ldap extended match OID

this is used when rewriting filter rules to replace a filter rule with
one that is guaranteed not to match

Pair-Programmed-With: Andrew Bartlett <>

9 years agoldb: changed DN matching rules to obey GUID/SID/string ordering
Andrew Tridgell [Tue, 2 Aug 2011 07:15:28 +0000 (17:15 +1000)]
ldb: changed DN matching rules to obey GUID/SID/string ordering

when matching two DNs, the GUID takes priority, then the SID, then the
string component

Pair-Programmed-With: Andrew Bartlett <>
Pair-Programmed-With: Amitay Isaacs <>

9 years agos4-dsdb: handle search expressions containing extended DNs
Andrew Tridgell [Mon, 1 Aug 2011 07:48:53 +0000 (17:48 +1000)]
s4-dsdb: handle search expressions containing extended DNs

this allows for searches like member=<SID=S-1-2-3>

Pair-Programmed-With: Andrew Bartlett <>
Pair-Programmed-With: Amitay Isaacs <>

9 years agos4-dsdb: added dn_format attribute of a dsdb_attribute
Andrew Tridgell [Mon, 1 Aug 2011 07:47:34 +0000 (17:47 +1000)]
s4-dsdb: added dn_format attribute of a dsdb_attribute

this is faster than string comparisons during searches at runtime

Pair-Programmed-With: Andrew Bartlett <>
Pair-Programmed-With: Amitay Isaacs <>

9 years agos4-dsdb: fixed outgoing one way link DNs
Andrew Tridgell [Mon, 1 Aug 2011 03:55:58 +0000 (13:55 +1000)]
s4-dsdb: fixed outgoing one way link DNs

when we return a DN which is a one way link, fix the string DN
component by searching for the GUID and replacing the DN components

Pair-Programmed-With: Amitay Isaacs <>
Pair-Programmed-With: Andrew Bartlett <>

9 years agos4-dsdb: setup a one_way_link attribute on schema attributes
Andrew Tridgell [Mon, 1 Aug 2011 03:54:58 +0000 (13:54 +1000)]
s4-dsdb: setup a one_way_link attribute on schema attributes

this allows us to quickly determine if a DN is a one way link

Pair-Programmed-With: Andrew Bartlett <>
Pair-Programmed-With: Amitay Isaacs <>

9 years agos4-dsdb: fixed a warning on dsdb_delete()
Andrew Tridgell [Mon, 1 Aug 2011 02:40:24 +0000 (12:40 +1000)]
s4-dsdb: fixed a warning on dsdb_delete()

struct ldb_dn is never const

Pair-Programmed-With: Andrew Bartlett <>
Pair-Programmed-With: Amitay Isaacs <>

9 years agos4-dsdb: make requests for STORAGE_FORMAT control non-critical
Andrew Tridgell [Mon, 1 Aug 2011 02:25:11 +0000 (12:25 +1000)]
s4-dsdb: make requests for STORAGE_FORMAT control non-critical

this allows us to use dsdb_module_dn_by_guid() from levels below the
extended_dn_out module

Pair-Programmed-With: Andrew Bartlett <>
Pair-Programmed-With: Amitay Isaacs <>

9 years agoldb: added signatures for 1.1.2
Andrew Tridgell [Wed, 3 Aug 2011 06:44:28 +0000 (16:44 +1000)]
ldb: added signatures for 1.1.2

9 years agoldb: raise minor version ldb-1.1.2
Andrew Tridgell [Mon, 1 Aug 2011 02:24:38 +0000 (12:24 +1000)]
ldb: raise minor version

needed for new module function ldb_dn_replace_components()

Pair-Programmed-With: Andrew Bartlett <>
Pair-Programmed-With: Amitay Isaacs <>

9 years agoldb: added ldb_parse_tree_walk()
Andrew Tridgell [Mon, 1 Aug 2011 07:46:39 +0000 (17:46 +1000)]
ldb: added ldb_parse_tree_walk()

this walks a ldb parse tree, calling a callback on each node

Pair-Programmed-With: Andrew Bartlett <>
Pair-Programmed-With: Amitay Isaacs <>

9 years agoldb: added ldb_dn_replace_components()
Andrew Tridgell [Mon, 1 Aug 2011 02:24:13 +0000 (12:24 +1000)]
ldb: added ldb_dn_replace_components()

this allows you to replace the string part of a DN with the string
part from another DN. This is useful when you want to fix a DN that
has the right GUID but the wrong string part, because the target
object has moved.

Pair-Programmed-With: Andrew Bartlett <>
Pair-Programmed-With: Amitay Isaacs <>

9 years agos3-ntlmssp void function cannot return value
Andrew Bartlett [Wed, 3 Aug 2011 22:38:21 +0000 (08:38 +1000)]
s3-ntlmssp void function cannot return value

Removing the return is reasonable here because while no callers
currently specify more than one flag at a time, the
ntlmssp_want_feature code allows it.

Autobuild-User: Andrew Bartlett <>
Autobuild-Date: Thu Aug  4 02:19:46 CEST 2011 on sn-devel-104

9 years agos3: Fix some nonempty blank lines
Volker Lendecke [Wed, 3 Aug 2011 18:12:20 +0000 (20:12 +0200)]
s3: Fix some nonempty blank lines

Autobuild-User: Volker Lendecke <>
Autobuild-Date: Wed Aug  3 22:00:19 CEST 2011 on sn-devel-104

9 years agos3-printing: fix some build warnings in queue_process.c
Günther Deschner [Wed, 3 Aug 2011 10:59:17 +0000 (12:59 +0200)]
s3-printing: fix some build warnings in queue_process.c


Autobuild-User: Günther Deschner <>
Autobuild-Date: Wed Aug  3 17:48:33 CEST 2011 on sn-devel-104

9 years agontlmssp: Add ntlmssp_blob_matches_magic()
Andrew Bartlett [Tue, 2 Aug 2011 23:33:29 +0000 (09:33 +1000)]
ntlmssp: Add ntlmssp_blob_matches_magic()

This avoids having the same check in 3 different parts of the code

Andrew Bartlett

Autobuild-User: Andrew Bartlett <>
Autobuild-Date: Wed Aug  3 12:45:04 CEST 2011 on sn-devel-104

9 years agos3-ntlmssp Remove rudundent comment
Andrew Bartlett [Tue, 2 Aug 2011 23:26:55 +0000 (09:26 +1000)]
s3-ntlmssp Remove rudundent comment

This is explained where SESSION_KEY maps to SIGN at the NTLMSSP layer

Andrew Bartlett

9 years agos3-ntlmssp Remove a level of nesting in if/else statement
Andrew Bartlett [Tue, 2 Aug 2011 13:17:02 +0000 (23:17 +1000)]
s3-ntlmssp Remove a level of nesting in if/else statement

9 years agoselftest: test plugin_s4_dc against all ncacn_np tests
Andrew Bartlett [Tue, 2 Aug 2011 03:17:24 +0000 (13:17 +1000)]
selftest: test plugin_s4_dc against all ncacn_np tests

Changes to the s3 epmapper behaviour seem to have fixed the rest of these

Andrew Bartlett

9 years agos3-ntlmssp clarify session key behaviour after create_local_token() changes
Andrew Bartlett [Tue, 2 Aug 2011 01:29:43 +0000 (11:29 +1000)]
s3-ntlmssp clarify session key behaviour after create_local_token() changes

9 years agos3-ntlmssp Remove auth_ntlmssp_state_destructor, use the talloc tree instead
Andrew Bartlett [Tue, 2 Aug 2011 01:28:51 +0000 (11:28 +1000)]
s3-ntlmssp Remove auth_ntlmssp_state_destructor, use the talloc tree instead

9 years agoldb-samba: Explain the current behaviour of ldif_canonicalise_objectCategory
Andrew Bartlett [Mon, 1 Aug 2011 23:35:23 +0000 (09:35 +1000)]
ldb-samba: Explain the current behaviour of ldif_canonicalise_objectCategory

9 years agos3-auth directly return the result of make_server_info_guest()
Andrew Bartlett [Mon, 1 Aug 2011 23:06:22 +0000 (09:06 +1000)]
s3-auth directly return the result of make_server_info_guest()

9 years agos3-auth rename auth_ntlmssp_steal_session_info()
Andrew Bartlett [Mon, 1 Aug 2011 22:53:10 +0000 (08:53 +1000)]
s3-auth rename auth_ntlmssp_steal_session_info()

There is no longer any theft of memory as the underlying routines now
produce a new auth_session_info for this caller, allocating it
on the supplied memory context.

Andrew Bartlett

9 years agoselftest: print %U in smbclient -L output to allow testing
Andrew Bartlett [Fri, 29 Jul 2011 02:12:36 +0000 (12:12 +1000)]
selftest: print %U in smbclient -L output to allow testing

9 years agos3-smbd Be consistent with %U subs on guest logins
Andrew Bartlett [Wed, 27 Jul 2011 06:06:31 +0000 (16:06 +1000)]
s3-smbd Be consistent with %U subs on guest logins

The NTLMSSP code always specified "" as the username, and this makes
guest logins via the old-style session setup do the same.

Andrew Bartlett

9 years agoselftest: Add kerberos tests to plugin_s4_dc tests
Andrew Bartlett [Tue, 26 Jul 2011 06:17:30 +0000 (16:17 +1000)]
selftest: Add kerberos tests to plugin_s4_dc tests

Signed-off-by: Andrew Tridgell <>
9 years agos3-auth use auth_generic_start to get full GENSEC in Samba3 session setup
Andrew Bartlett [Tue, 26 Jul 2011 05:11:47 +0000 (15:11 +1000)]
s3-auth use auth_generic_start to get full GENSEC in Samba3 session setup

This tests if the auth_generic_start() hook is available on the auth
context during the negprot, and if so it uses auth_generic_start() to
hook to GENSEC to handle the full SPNEGO blob.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <>
9 years agos3-auth Add function to start any GENSEC mech by OID
Andrew Bartlett [Tue, 26 Jul 2011 04:40:33 +0000 (14:40 +1000)]
s3-auth Add function to start any GENSEC mech by OID

Signed-off-by: Andrew Tridgell <>
9 years agos3-smbd clarify behaviour by not passing an OID that will not be used
Andrew Bartlett [Tue, 26 Jul 2011 04:12:23 +0000 (14:12 +1000)]
s3-smbd clarify behaviour by not passing an OID that will not be used

Signed-off-by: Andrew Tridgell <>
9 years agos3-smbd Ensure we do not read past the end of a possible NTLMSSP blob
Andrew Bartlett [Tue, 26 Jul 2011 04:11:56 +0000 (14:11 +1000)]
s3-smbd Ensure we do not read past the end of a possible NTLMSSP blob

Signed-off-by: Andrew Tridgell <>
9 years agos3-auth clarify the role of these session keys
Andrew Bartlett [Tue, 26 Jul 2011 03:46:25 +0000 (13:46 +1000)]
s3-auth clarify the role of these session keys

This comment can be clarified now the auth subsystem does not use the same
structure as the rest of the code.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <>
9 years agos3-auth remove sanitized_username from auth_serversupplied_info
Andrew Bartlett [Tue, 26 Jul 2011 03:43:33 +0000 (13:43 +1000)]
s3-auth remove sanitized_username from auth_serversupplied_info

This structure element was only written to, not read.

It is filled into the companion structure, auth_session_info()
by create_local_token().

Andrew Bartlett

Signed-off-by: Andrew Tridgell <>
9 years agos3-auth set session_info->sanitized_username in create_local_token()
Andrew Bartlett [Tue, 26 Jul 2011 03:37:36 +0000 (13:37 +1000)]
s3-auth set session_info->sanitized_username in create_local_token()

Rather than passing this value around the callers, and eventually
setting it in register_existing_vuid(), we simply pass it to
create_local_token().  This also removes the need for

Andrew Bartlett

Signed-off-by: Andrew Tridgell <>
9 years agos3-ntlmssp Split auth_ntlmssp_start into two functions
Andrew Bartlett [Tue, 26 Jul 2011 00:19:54 +0000 (10:19 +1000)]
s3-ntlmssp Split auth_ntlmssp_start into two functions

This helps map on to the GENSEC semantics better, and ensures that the
full set of desired features are set before the mechanism starts.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <>
9 years agos3-ntlmssp Split calls to gensec plugin into prepare and start
Andrew Bartlett [Tue, 26 Jul 2011 00:01:39 +0000 (10:01 +1000)]
s3-ntlmssp Split calls to gensec plugin into prepare and start

GENSEC has the concept of starting the GENSEC subsystem before starting the
actual mechansim.  Between these two stages is when most context methods
are called, to specify credentials and features.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <>
9 years agogensec: Don't keep a second copy of the auth4_context in gensec_ntlmssp_state
Andrew Bartlett [Mon, 25 Jul 2011 07:20:45 +0000 (17:20 +1000)]
gensec: Don't keep a second copy of the auth4_context in gensec_ntlmssp_state

The auth4_context is already in the gensec_security structure, which is
available by de-reference here anyway.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <>
9 years agos3-ntlmssp Remove auth_ntlmssp_and_flags()
Andrew Bartlett [Wed, 27 Jul 2011 03:52:27 +0000 (13:52 +1000)]
s3-ntlmssp Remove auth_ntlmssp_and_flags()

There is no need to mask out these flags as they simply are not set

The correct abstraction is to ask for NTLMSSP features.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <>