9 years agolib/util: Use only init_module_fn typedef in module loading
Andrew Bartlett [Fri, 9 Sep 2011 12:18:42 +0000 (22:18 +1000)]
lib/util: Use only init_module_fn typedef in module loading

9 years agolib/util: Remove unused module loading functions
Andrew Bartlett [Fri, 9 Sep 2011 12:10:12 +0000 (22:10 +1000)]
lib/util: Remove unused module loading functions

9 years agolib/util: consolidate module loading into common code
Andrew Bartlett [Fri, 9 Sep 2011 11:24:49 +0000 (21:24 +1000)]
lib/util: consolidate module loading into common code

This creates a samba-modules private libary that handles the details.

Andrew Bartlett

9 years agos3-module allow libreplace to provide dlopen replacement
Andrew Bartlett [Fri, 9 Sep 2011 10:29:32 +0000 (20:29 +1000)]
s3-module allow libreplace to provide dlopen replacement

Given that we have replacement dlopen() etc, use this from libreplace.

The dlerror() from libreplace gives a good error if the platform
really does not have dlopen().

Andrew Bartlett

9 years agosamba-tool: add support for fixing broken backlinks in dbcheck
Andrew Tridgell [Thu, 6 Oct 2011 03:21:41 +0000 (14:21 +1100)]
samba-tool: add support for fixing broken backlinks in dbcheck

this allows dangling backlinks to be removed

Pair-Programmed-With: Andrew Bartlett <>

Autobuild-User: Andrew Tridgell <>
Autobuild-Date: Thu Oct  6 07:08:35 CEST 2011 on sn-devel-104

9 years agos4-dsdb: allow deletion of backlinks if DSDB_CONTROL_DBCHECK given
Andrew Tridgell [Thu, 6 Oct 2011 03:21:02 +0000 (14:21 +1100)]
s4-dsdb: allow deletion of backlinks if DSDB_CONTROL_DBCHECK given

Pair-Programmed-With: Andrew Bartlett <>

9 years agos4-dsdb: added DSDB_CONTROL_DBCHECK
Andrew Tridgell [Thu, 6 Oct 2011 03:20:25 +0000 (14:20 +1100)]

this will be used for overrides by the dbcheck validator

Pair-Programmed-With: Andrew Bartlett <>

9 years agoldb: support raw OIDs in control string parsing
Andrew Tridgell [Thu, 6 Oct 2011 03:19:24 +0000 (14:19 +1100)]
ldb: support raw OIDs in control string parsing

this makes it possible to use a raw OID string on the command line or
in python scripts

Pair-Programmed-With: Andrew Bartlett <>

9 years agoldb: fixed memory leak in control string parsing
Andrew Tridgell [Thu, 6 Oct 2011 03:18:49 +0000 (14:18 +1100)]
ldb: fixed memory leak in control string parsing

if parsing fails, free ctrl

Pair-Programmed-With: Andrew Bartlett <>

9 years agos4-dsdb: allow groupType update on deleted objects
Andrew Tridgell [Thu, 6 Oct 2011 01:31:21 +0000 (12:31 +1100)]
s4-dsdb: allow groupType update on deleted objects

this allows dbcheck to fix groupType on objects that have been deleted

Pair-Programmed-With: Andrew Bartlett <>

9 years agos4-rodc: use the rodc_replica flag on the partition
Andrew Tridgell [Thu, 6 Oct 2011 00:24:28 +0000 (11:24 +1100)]
s4-rodc: use the rodc_replica flag on the partition

this sets DSDB_REPL_FLAG_PARTIAL_REPLICA when replicating a RODC
partition, which tells the replication code to map instanceType to
remove the INSTANCE_TYPE_WRITE bit

Pair-Programmed-With: Andrew Bartlett <>

9 years agos4-rodc: ensure we load replicated partitions for RODCs
Andrew Tridgell [Thu, 6 Oct 2011 00:14:13 +0000 (11:14 +1100)]
s4-rodc: ensure we load replicated partitions for RODCs

Pair-Programmed-With: Andrew Bartlett <>

9 years agos4-dsdb: Do not assume that all deleted objects have an objectCategory and sAMAccountType
Andrew Bartlett [Fri, 30 Sep 2011 21:33:38 +0000 (14:33 -0700)]
s4-dsdb: Do not assume that all deleted objects have an objectCategory and sAMAccountType

Autobuild-User: Andrew Bartlett <>
Autobuild-Date: Thu Oct  6 03:43:13 CEST 2011 on sn-devel-104

9 years agodsdb: Do not attempt to resolve conflicts on an RODC
Andrew Bartlett [Fri, 30 Sep 2011 01:56:38 +0000 (18:56 -0700)]
dsdb: Do not attempt to resolve conflicts on an RODC

9 years agodsdb: fix double-free in replication failure case on RODC
Andrew Bartlett [Fri, 30 Sep 2011 01:53:51 +0000 (18:53 -0700)]
dsdb: fix double-free in replication failure case on RODC

9 years agos4-dsdb Allow repl server to start even when no master NCs are present
Andrew Bartlett [Fri, 30 Sep 2011 00:05:38 +0000 (17:05 -0700)]
s4-dsdb Allow repl server to start even when no master NCs are present

9 years agoAdd missing com_err dependencies
Ewoud Kohl van Wijngaarden [Wed, 5 Oct 2011 22:36:46 +0000 (00:36 +0200)]
Add missing com_err dependencies
Signed-off-by: Jelmer Vernooij <>
Autobuild-User: Jelmer Vernooij <>
Autobuild-Date: Thu Oct  6 02:10:21 CEST 2011 on sn-devel-104

9 years agos4-auth: fixed formatting of some DEBUG() lines
Andrew Tridgell [Wed, 5 Oct 2011 06:07:51 +0000 (17:07 +1100)]
s4-auth: fixed formatting of some DEBUG() lines

Autobuild-User: Andrew Tridgell <>
Autobuild-Date: Wed Oct  5 09:45:15 CEST 2011 on sn-devel-104

9 years agoFix bug #8507 - smbd doesn't correctly honor the "force create mode" bits from a...
Jeremy Allison [Tue, 4 Oct 2011 21:46:00 +0000 (14:46 -0700)]
Fix bug #8507 - smbd doesn't correctly honor the "force create mode" bits from a cifsfs create.

Don't manipulate the new_dos_attributes bits until we know it's not a POSIX open.

Autobuild-User: Jeremy Allison <>
Autobuild-Date: Wed Oct  5 01:19:17 CEST 2011 on sn-devel-104

9 years agos3-waf: remove explicit linking to SMBLDAP subsystem.
Günther Deschner [Tue, 4 Oct 2011 10:53:38 +0000 (12:53 +0200)]
s3-waf: remove explicit linking to SMBLDAP subsystem.


Autobuild-User: Günther Deschner <>
Autobuild-Date: Tue Oct  4 14:39:57 CEST 2011 on sn-devel-104

9 years agos3-smbldap: remove an obsolete prototype.
Günther Deschner [Tue, 4 Oct 2011 10:53:09 +0000 (12:53 +0200)]
s3-smbldap: remove an obsolete prototype.


9 years agos3:lib/util: make sure panic action can attach a debugger on ubuntu (>=10.10)
Stefan Metzmacher [Tue, 4 Oct 2011 08:47:46 +0000 (10:47 +0200)]
s3:lib/util: make sure panic action can attach a debugger on ubuntu (>=10.10)

By default user processes can't attach a debugger to a process.
So explicitly allow that for all child processes, before calling
the panic action script.


Autobuild-User: Stefan Metzmacher <>
Autobuild-Date: Tue Oct  4 12:51:35 CEST 2011 on sn-devel-104

9 years agolib/util: make sure panic action can attach a debugger on ubuntu (>=10.10)
Stefan Metzmacher [Tue, 4 Oct 2011 08:47:46 +0000 (10:47 +0200)]
lib/util: make sure panic action can attach a debugger on ubuntu (>=10.10)

By default user processes can't attach a debugger to a process.
So explicitly allow that for all child processes, before calling
the panic action script.


9 years agos3:param: use ROLE_DOMAIN_CONTROLLER for an AD domain controller
Stefan Metzmacher [Tue, 4 Oct 2011 07:21:23 +0000 (09:21 +0200)]
s3:param: use ROLE_DOMAIN_CONTROLLER for an AD domain controller


9 years agos4-subdomain: create trust record with forest root DC
Andrew Tridgell [Sat, 1 Oct 2011 00:58:52 +0000 (10:58 +1000)]
s4-subdomain: create trust record with forest root DC

when we create a sub-subdomain we need to use the forest naming master
to setup the partition changes for the new subdomain. We also need to
setup the trust with the forest root, as that allows us to create the
needed _msdcs DNS entries in the forest

Autobuild-User: Andrew Tridgell <>
Autobuild-Date: Tue Oct  4 07:40:59 CEST 2011 on sn-devel-104

9 years agos4-dsdb: fixed re-join of subdomain
Andrew Tridgell [Sat, 1 Oct 2011 00:57:14 +0000 (10:57 +1000)]
s4-dsdb: fixed re-join of subdomain

if we repeat the join of a subdomain then we try to re-create the NC
for the subdomain during a DsAddEntry(). This allows that re-creation
to succeed if the NC already exists

9 years agos4-lsa: fixed set of trust password with old password
Andrew Tridgell [Thu, 29 Sep 2011 23:03:39 +0000 (09:03 +1000)]
s4-lsa: fixed set of trust password with old password

the calculation of add_incoming and add_outgoing was not correct when
a trust was already in place

Pair-Programmed-With: Andrew Bartlett <>

9 years agos4-dns: add all forest DCs to named.conf.update
Andrew Tridgell [Thu, 29 Sep 2011 21:43:54 +0000 (07:43 +1000)]
s4-dns: add all forest DCs to named.conf.update

this allows all DCs to update DNS entries

9 years agos4-ldap: added DSDB_CONTROL_NO_GLOBAL_CATALOG to ldap encoding list
Andrew Tridgell [Thu, 29 Sep 2011 21:08:15 +0000 (07:08 +1000)]
s4-ldap: added DSDB_CONTROL_NO_GLOBAL_CATALOG to ldap encoding list

also remove all the duplicated comments

Pair-Programmed-With: Andrew Bartlett <>

9 years agos4-kdc: fixed handling of previous vs current trust password
Andrew Tridgell [Thu, 29 Sep 2011 20:47:08 +0000 (06:47 +1000)]
s4-kdc: fixed handling of previous vs current trust password

This sorts out the correct handling for the 'kvno=255'
problem. Windows will use the previous trust password for 1 hour after
a password set, and indicates that the previous password is being used
by sending current_kvno-1. That maps to 255 if the trust password has
not actually been changed, so the initial trust password is being

Pair-Programmed-With: Andrew Bartlett <>

9 years agos4-auth: rework map_user_info() to use cracknames
Andrew Tridgell [Thu, 29 Sep 2011 07:44:28 +0000 (17:44 +1000)]
s4-auth: rework map_user_info() to use cracknames

to properly support multi-domain forests we need to determine if an
incoming username is part of a known forest domain or not. To do this
for all possible SPN forms, we need to use CrackNames.

This changes map_user_info() to use CrackNames if a SAM context is
available, and asks the CrackNames services to parse the incoming
username and domain into a NT4 form, which can then be used in the

Pair-Programmed-With: Andrew Bartlett <>

9 years agos4-sam: don't look in GC NCs for user accounts
Andrew Tridgell [Thu, 29 Sep 2011 07:43:25 +0000 (17:43 +1000)]
s4-sam: don't look in GC NCs for user accounts

We need to exclude GC partial replica naming contexts from SAM lookups

Pair-Programmed-With: Andrew Bartlett <>

9 years agos4-kdc: don't look at global catalog NCs in the kdc
Andrew Tridgell [Wed, 28 Sep 2011 19:23:38 +0000 (05:23 +1000)]
s4-kdc: don't look at global catalog NCs in the kdc

the kdc should not be looking for users in GC partial replicas, as
these users do not have all of the attributes needed for the KDC to

Pair-Programmed-With: Andrew Bartlett <>

9 years agos4-kdc: treat a kvno of 255 as unspecified
Andrew Tridgell [Wed, 28 Sep 2011 19:22:27 +0000 (05:22 +1000)]
s4-kdc: treat a kvno of 255 as unspecified

windows sometimes sends us a kvno of 255 for inter-domain trusts. We
don't yet know why it does this, but it seems that we need to treat
this as an unspecified kvno

Pair-Programmed-With: Andrew Bartlett <>

9 years agos4-kcc: if we are a GC, auto-add partial replicas
Andrew Tridgell [Wed, 28 Sep 2011 06:45:17 +0000 (16:45 +1000)]
s4-kcc: if we are a GC, auto-add partial replicas

when we are a global catalog server, the KCC needs to add partial
replicas for all domain partitions that we don't have copies of

9 years agos4-dsdb: simplify samdb_is_gc()
Andrew Tridgell [Wed, 28 Sep 2011 04:36:00 +0000 (14:36 +1000)]
s4-dsdb: simplify samdb_is_gc()

we already have a function for returning the NTDS options

9 years agos4-dsdb: add the DSDB_CONTROL_PARTIAL_REPLICA when needed
Andrew Tridgell [Wed, 28 Sep 2011 04:35:27 +0000 (14:35 +1000)]
s4-dsdb: add the DSDB_CONTROL_PARTIAL_REPLICA when needed

when we are adding an object via DRS, we need to add the
DSDB_CONTROL_PARTIAL_REPLICA control if we are replicating a partial
replica, so ensure the partition module creates new NCs as partial

9 years agoheimdal: handle referrals for 3 part DRSUAPI SPNs
Andrew Tridgell [Wed, 28 Sep 2011 04:18:14 +0000 (14:18 +1000)]
heimdal: handle referrals for 3 part DRSUAPI SPNs

This handles referrals for SPNs of the form
E3514235-4B06-11D1-AB04-00C04FC2DCD2/NTDSGUID/REALM, which are
used during DRS replication when we don't know the dnsHostName of the
target DC (which we don't know until the first replication from that
DC completes).

We use the 3rd part of the SPN directly as the realm name in the

Pair-Programmed-With: Andrew Bartlett <>

9 years agos4-repl: try harder to find the right SPN in replication server
Andrew Tridgell [Wed, 28 Sep 2011 03:48:52 +0000 (13:48 +1000)]
s4-repl: try harder to find the right SPN in replication server

when doing DRS between domains, using the right SPN is essential so
the KDC can generate referrals to point us at the right DC.  We prefer
the GC/hostname/DNSDOMAIN form if possible, but if we can't find the
hostname then this changes the code that generates the target
principal name to use either the msDS-HasDomainNCs or hasMasterNCs
attributes to try to find the target DC domainname so we can use the
E3514235-4B06-11D1-AB04-00C04FC2DCD2/GUID/DNSDOMAIN SPN form.

Pair-Programmed-With: Andrew Bartlett <>

9 years agos4-dsdb: added new control DSDB_MODIFY_PARTIAL_REPLICA
Andrew Tridgell [Wed, 28 Sep 2011 01:04:29 +0000 (11:04 +1000)]
s4-dsdb: added new control DSDB_MODIFY_PARTIAL_REPLICA

this control tells the partition module that the DN being created is a
partial replica, so it should modify the @PARTITION object to add the
partialReplica attribute

Pair-Programmed-With: Andrew Bartlett <>

9 years agos4-join: enable cleanup on failed join
Andrew Tridgell [Tue, 27 Sep 2011 23:32:15 +0000 (09:32 +1000)]
s4-join: enable cleanup on failed join

if a join fails, then cleanup the old records

9 years agos4-drs: added DSDB_REPL_FLAG_ADD_NCNAME to DsAddEntry call
Andrew Tridgell [Tue, 27 Sep 2011 23:31:38 +0000 (09:31 +1000)]
s4-drs: added DSDB_REPL_FLAG_ADD_NCNAME to DsAddEntry call

we want new NCs to be created

9 years agos4-dsdb: added DSDB_REPL_FLAG_ADD_NCNAME flag
Andrew Tridgell [Tue, 27 Sep 2011 23:30:44 +0000 (09:30 +1000)]
s4-dsdb: added DSDB_REPL_FLAG_ADD_NCNAME flag

9 years agos4-dsdb: fixed formatting of a debug message
Andrew Tridgell [Tue, 27 Sep 2011 23:30:26 +0000 (09:30 +1000)]
s4-dsdb: fixed formatting of a debug message

another missing newline

9 years agos4-partition: allow creation of uninstantiated partitions
Andrew Tridgell [Tue, 27 Sep 2011 23:30:02 +0000 (09:30 +1000)]
s4-partition: allow creation of uninstantiated partitions

this is needed for a subdomain join by a new NC. The NC is initially

9 years agos4-dsdb: allow uninstantiated NC heads
Andrew Tridgell [Tue, 27 Sep 2011 23:29:09 +0000 (09:29 +1000)]
s4-dsdb: allow uninstantiated NC heads

this allows INSTANCE_TYPE_WRITE to be not set if

9 years agos4-repl: support creation of new NCs via DsAddEntry
Andrew Tridgell [Tue, 27 Sep 2011 23:28:10 +0000 (09:28 +1000)]
s4-repl: support creation of new NCs via DsAddEntry

this adds a flag to dsdb_origin_objects_commit that tells it to create
a new NC based on the nCName in a crossRef object

9 years agos4-repl: fixed formatting of some debug messages
Andrew Tridgell [Tue, 27 Sep 2011 23:26:51 +0000 (09:26 +1000)]
s4-repl: fixed formatting of some debug messages

9 years agodrsuapi: added ncName attid in enum
Andrew Tridgell [Tue, 27 Sep 2011 23:26:30 +0000 (09:26 +1000)]
drsuapi: added ncName attid in enum

9 years agodns: added example python script for dnsserver protocol
Andrew Tridgell [Sun, 25 Sep 2011 23:50:41 +0000 (09:50 +1000)]
dns: added example python script for dnsserver protocol

9 years agodns: build python bindings for dnsserver RPC protocol
Andrew Tridgell [Sun, 25 Sep 2011 23:50:11 +0000 (09:50 +1000)]
dns: build python bindings for dnsserver RPC protocol

9 years agodns: filled in dnsserver.idl
Andrew Tridgell [Sun, 25 Sep 2011 23:49:42 +0000 (09:49 +1000)]
dns: filled in dnsserver.idl

this fills in the functions and structures for the dnsserver RPC
protocol. This protocol is used during a subdomain join to add the NS
glue record to the parent domain

9 years agosamba-tool: cope with GC compares in ldapcmp
Andrew Tridgell [Fri, 23 Sep 2011 07:39:24 +0000 (17:39 +1000)]
samba-tool: cope with GC compares in ldapcmp

the two base DNs do not need to match when doing GC replica compares

9 years agosamba-tool: added --full-sync and --sync-all options to samba-tool drs replicate
Andrew Tridgell [Fri, 23 Sep 2011 07:38:08 +0000 (17:38 +1000)]
samba-tool: added --full-sync and --sync-all options to samba-tool drs replicate

9 years agos4-dbchecker: fixed handling of DSDB DNs in dbcheck
Andrew Tridgell [Fri, 23 Sep 2011 07:37:23 +0000 (17:37 +1000)]
s4-dbchecker: fixed handling of DSDB DNs in dbcheck

we need to use the original value, as ldb.Dn() can't parse a DSDB
binary DN

9 years agos4-dsdb: update callers to dsdb_convert_object_ex()
Andrew Tridgell [Fri, 23 Sep 2011 07:35:48 +0000 (17:35 +1000)]
s4-dsdb: update callers to dsdb_convert_object_ex()

9 years agos4-repl: update instanceType in partial_replica replication
Andrew Tridgell [Fri, 23 Sep 2011 07:34:32 +0000 (17:34 +1000)]
s4-repl: update instanceType in partial_replica replication

when we receive objects to a partial replica, we need to change the
incoming instanceType to not include the INSTANCE_TYPE_WRITE
flag. Partial replicas unset this flag.

9 years agos4-repl: add FULL_SYNC and PARTIAL_REPLICA flags
Andrew Tridgell [Fri, 23 Sep 2011 07:33:07 +0000 (17:33 +1000)]
s4-repl: add FULL_SYNC and PARTIAL_REPLICA flags

this sets the appropriate flags for replication with FULL_SYNC and
partial replica replications

9 years agos4-dsdb: implement DSDB_REPL_FLAG_PRIORITISE_INCOMING
Andrew Tridgell [Fri, 23 Sep 2011 07:30:40 +0000 (17:30 +1000)]

With this set, we accept changes even if they have the same tuple as
the local copy. This can be used by a FULL_SYNC replication to recover
a replica that is corrupt

9 years agos4-dsdb: disallow changes based on instanceType
Andrew Tridgell [Fri, 23 Sep 2011 07:28:25 +0000 (17:28 +1000)]
s4-dsdb: disallow changes based on instanceType

if instanceType does not include INSTANCE_TYPE_WRITE, then disallow
changes to any replicated attributes. This ensures partial replicates
are not alterered

9 years agos4-dsdb: added DSDB_REPL_FLAG* to replication
Andrew Tridgell [Fri, 23 Sep 2011 07:27:40 +0000 (17:27 +1000)]
s4-dsdb: added DSDB_REPL_FLAG* to replication

this allows the replication server to control replication via a set of
flags. Initial flags will allow control for partial replications and
full_sync support

9 years agos4-ldap-server: disallow all modifies on global catalog port
Andrew Tridgell [Fri, 23 Sep 2011 06:15:24 +0000 (16:15 +1000)]
s4-ldap-server: disallow all modifies on global catalog port

9 years agos4-ldb: enable display of partialAttributeSet with --show-binary
Andrew Tridgell [Fri, 23 Sep 2011 03:28:06 +0000 (13:28 +1000)]
s4-ldb: enable display of partialAttributeSet with --show-binary

9 years agotesttools: Import new upstream snapshot.
Jelmer Vernooij [Mon, 3 Oct 2011 10:20:19 +0000 (12:20 +0200)]
testtools: Import new upstream snapshot.

Autobuild-User: Jelmer Vernooij <>
Autobuild-Date: Mon Oct  3 13:54:06 CEST 2011 on sn-devel-104

9 years agodns: Move the dns_srv_record to the correct place in the idl file
Kai Blin [Fri, 30 Sep 2011 02:34:08 +0000 (19:34 -0700)]
dns: Move the dns_srv_record to the correct place in the idl file

Autobuild-User: Kai Blin <>
Autobuild-Date: Sun Oct  2 13:35:49 CEST 2011 on sn-devel-104

9 years agodns: Add support for TXT record to idl file
Kai Blin [Fri, 30 Sep 2011 02:32:57 +0000 (19:32 -0700)]
dns: Add support for TXT record to idl file

9 years agowscript: Also generate ctags for python files
Kai Blin [Wed, 28 Sep 2011 19:07:27 +0000 (12:07 -0700)]
wscript: Also generate ctags for python files

9 years agos4 provision: Set server role default when called from command line to 'dc'
Kai Blin [Fri, 30 Sep 2011 23:23:39 +0000 (16:23 -0700)]
s4 provision: Set server role default when called from command line to 'dc'

9 years agos3:registry: fix the test for a REG_SZ blob possibly being a zero terminated ucs2...
Michael Adam [Thu, 29 Sep 2011 16:06:56 +0000 (18:06 +0200)]
s3:registry: fix the test for a REG_SZ blob possibly being a zero terminated ucs2 string

1. catch data blobs with odd number of bytes (not an ucs2 string at all)
2. test the right ucs2 character to be 0
   (prevent out-of bounds access/potential segfault)

Autobuild-User: Michael Adam <>
Autobuild-Date: Sun Oct  2 01:26:05 CEST 2011 on sn-devel-104

9 years agos3:registry: reg_format: handle unterminated REG_SZ blobs
Gregor Beck [Tue, 6 Sep 2011 07:24:10 +0000 (09:24 +0200)]
s3:registry: reg_format: handle unterminated REG_SZ blobs

Signed-off-by: Michael Adam <>
9 years agoAdd the new test_nttrans_fsctl.c to waf
Richard Sharpe [Sat, 1 Oct 2011 16:03:13 +0000 (09:03 -0700)]
Add the new test_nttrans_fsctl.c to waf

Autobuild-User: Richard Sharpe <>
Autobuild-Date: Sat Oct  1 19:36:53 CEST 2011 on sn-devel-104

9 years agoMove FSCTL handling into the VFS. Initial code changes. Passes smbtorture NTTRANS...
Richard Sharpe [Fri, 16 Sep 2011 18:52:22 +0000 (11:52 -0700)]
Move FSCTL handling into the VFS. Initial code changes. Passes smbtorture NTTRANS-FSCTL. Test added to selftests.

9 years agoAdd a torture test to test existing FSCTL responses
Richard Sharpe [Thu, 15 Sep 2011 23:13:54 +0000 (16:13 -0700)]
Add a torture test to test existing FSCTL responses

9 years agoFix bug #8493 - DFS breaks zip file extracting unless "follow symlinks = no" set
Jeremy Allison [Fri, 30 Sep 2011 20:35:59 +0000 (13:35 -0700)]
Fix bug #8493 - DFS breaks zip file extracting unless "follow symlinks = no" set

If a client sends a mangled name as part of a DFS path, use the
post-mangled name for the pathname walk, not the mangled name.

Autobuild-User: Jeremy Allison <>
Autobuild-Date: Sat Oct  1 00:45:59 CEST 2011 on sn-devel-104

9 years agos3-docs: Fix typos.
Karolin Seeger [Mon, 6 Jun 2011 17:58:22 +0000 (19:58 +0200)]
s3-docs: Fix typos.

Thanks to Samba-JP oota <> for reporting!


Autobuild-User: Karolin Seeger <>
Autobuild-Date: Fri Sep 30 23:12:35 CEST 2011 on sn-devel-104

9 years agos3-docs: some corrections for wbinfo
Christian Ambach [Fri, 30 Sep 2011 15:07:05 +0000 (17:07 +0200)]
s3-docs: some corrections for wbinfo

Parameters for --group-info and --gid-info were not listed
properly in the SYNOPSIS and the OPTIONS section

Autobuild-User: Christian Ambach <>
Autobuild-Date: Fri Sep 30 18:44:34 CEST 2011 on sn-devel-104

9 years agos3:wscript_build - add dependency on "tdb-wrap3" for libnet dssync
Matthias Dieter Wallnöfer [Thu, 29 Sep 2011 10:47:17 +0000 (12:47 +0200)]
s3:wscript_build - add dependency on "tdb-wrap3" for libnet dssync

Autobuild-User: Matthias Dieter Wallnöfer <>
Autobuild-Date: Fri Sep 30 16:40:12 CEST 2011 on sn-devel-104

9 years agobuild: Add dep on tdb-wrap3 to get tdb headers
Andrew Bartlett [Wed, 28 Sep 2011 17:33:36 +0000 (10:33 -0700)]
build: Add dep on tdb-wrap3 to get tdb headers

Signed-off-by: Matthias Dieter Wallnöfer <>
9 years agos3: Re-add (), fix a gcc hint
Volker Lendecke [Fri, 30 Sep 2011 08:11:31 +0000 (10:11 +0200)]
s3: Re-add (), fix a gcc hint

Autobuild-User: Volker Lendecke <>
Autobuild-Date: Fri Sep 30 15:06:47 CEST 2011 on sn-devel-104

9 years agos3: Remove an unused variable
Volker Lendecke [Fri, 30 Sep 2011 08:10:14 +0000 (10:10 +0200)]
s3: Remove an unused variable

9 years agos3: Fix an uninitialized variable warning
Volker Lendecke [Fri, 30 Sep 2011 08:09:19 +0000 (10:09 +0200)]
s3: Fix an uninitialized variable warning

9 years agos3: Fix a C++ warning
Volker Lendecke [Fri, 30 Sep 2011 08:07:35 +0000 (10:07 +0200)]
s3: Fix a C++ warning

9 years agos3: Fix a C++ warning
Volker Lendecke [Fri, 30 Sep 2011 08:07:30 +0000 (10:07 +0200)]
s3: Fix a C++ warning

9 years agoSecond part of bug #8494 - Remove "experimental" label on VFS ACL modules.
Jeremy Allison [Fri, 30 Sep 2011 00:16:58 +0000 (17:16 -0700)]
Second part of bug #8494 - Remove "experimental" label on VFS ACL modules.

Fix the docs.

Autobuild-User: Jeremy Allison <>
Autobuild-Date: Fri Sep 30 03:50:43 CEST 2011 on sn-devel-104

9 years agoBug 7551: Return error of cli_push when 'put - /some/file' is used
Bram [Thu, 29 Sep 2011 09:28:03 +0000 (11:28 +0200)]
Bug 7551: Return error of cli_push when 'put - /some/file' is used

Autobuild-User: Jeremy Allison <>
Autobuild-Date: Thu Sep 29 23:47:02 CEST 2011 on sn-devel-104

9 years agos3:smb2cli: fix the num_expected == 0 logic in smb2cli_req_recv()
Stefan Metzmacher [Fri, 23 Sep 2011 20:47:33 +0000 (22:47 +0200)]
s3:smb2cli: fix the num_expected == 0 logic in smb2cli_req_recv()


Autobuild-User: Stefan Metzmacher <>
Autobuild-Date: Thu Sep 29 22:15:06 CEST 2011 on sn-devel-104

9 years agos4:smb_server/smb2: make sure we sign the final session setup
Stefan Metzmacher [Thu, 29 Sep 2011 08:09:41 +0000 (10:09 +0200)]
s4:smb_server/smb2: make sure we sign the final session setup


Autobuild-User: Stefan Metzmacher <>
Autobuild-Date: Thu Sep 29 18:59:54 CEST 2011 on sn-devel-104

9 years agos4: add SMB2_FSCTL opcodes
David Disseldorp [Mon, 26 Sep 2011 11:38:16 +0000 (13:38 +0200)]
s4: add SMB2_FSCTL opcodes

Also, skip samba4.smb2.ioctl for now. Snapshots are not supported by

Autobuild-User: David Disseldorp <>
Autobuild-Date: Thu Sep 29 14:47:05 CEST 2011 on sn-devel-104

9 years agos3-smb2_server: fix ioctl InputOffset checking
David Disseldorp [Wed, 28 Sep 2011 12:45:42 +0000 (14:45 +0200)]
s3-smb2_server: fix ioctl InputOffset checking

Currently the InputOffset is always check to point to the input data
buffer, regardless of whether input data is present.

Signed-off-by: Stefan Metzmacher <>
9 years agos3-smb2_server: SMB2_OP_IOCTL doesn't require at least 1 dyn byte
David Disseldorp [Sun, 25 Sep 2011 21:39:07 +0000 (23:39 +0200)]
s3-smb2_server: SMB2_OP_IOCTL doesn't require at least 1 dyn byte

Signed-off-by: Stefan Metzmacher <>
9 years agos4-torture: add smb2 ioctl test suite
David Disseldorp [Thu, 22 Sep 2011 20:23:08 +0000 (22:23 +0200)]
s4-torture: add smb2 ioctl test suite

Currently only covers FSCTL_GET_SHADOW_COPY_DATA.

Signed-off-by: Stefan Metzmacher <>
9 years agos4-torture: remove unchecked read from smb2 create
David Disseldorp [Wed, 21 Sep 2011 19:50:29 +0000 (21:50 +0200)]
s4-torture: remove unchecked read from smb2 create

Add a corresponding test case to

Signed-off-by: Stefan Metzmacher <>
9 years agosocket_wrapper: correctly handle dup()/dup2() ref counting
Stefan Metzmacher [Wed, 28 Sep 2011 21:09:49 +0000 (23:09 +0200)]
socket_wrapper: correctly handle dup()/dup2() ref counting


Autobuild-User: Stefan Metzmacher <>
Autobuild-Date: Thu Sep 29 13:13:56 CEST 2011 on sn-devel-104

9 years agosocket_wrapper: pass down the fd explictly from the swrap_*() to the real_*() calls
Stefan Metzmacher [Wed, 28 Sep 2011 21:04:51 +0000 (23:04 +0200)]
socket_wrapper: pass down the fd explictly from the swrap_*() to the real_*() calls


9 years agos3:smb2_server: SMB2_OP_CANCEL requests don't have to be signed
Stefan Metzmacher [Wed, 28 Sep 2011 06:28:08 +0000 (08:28 +0200)]
s3:smb2_server: SMB2_OP_CANCEL requests don't have to be signed


Autobuild-User: Stefan Metzmacher <>
Autobuild-Date: Thu Sep 29 02:58:41 CEST 2011 on sn-devel-104

9 years agotest commit to see it push works for me.
Herb Lewis [Wed, 28 Sep 2011 21:14:54 +0000 (14:14 -0700)]
test commit to see it push works for me.

Autobuild-User: Herb Lewis <>
Autobuild-Date: Thu Sep 29 00:51:16 CEST 2011 on sn-devel-104

9 years agos4:torture/smb2/lock: remove samba4 specific checks for NETWORK_NAME_DELETED/USER_SES...
Stefan Metzmacher [Wed, 28 Sep 2011 06:47:56 +0000 (08:47 +0200)]
s4:torture/smb2/lock: remove samba4 specific checks for NETWORK_NAME_DELETED/USER_SESSION_DELETED

Most Windows versions have a strange order to
verify the session id, tree id and file id.
(They should be checked in that order, but windows
seems to check the file id before the others).


Autobuild-User: Stefan Metzmacher <>
Autobuild-Date: Wed Sep 28 21:12:07 CEST 2011 on sn-devel-104

9 years agos4:libcli/smb2: ignore SMB2_OP_CANCEL responses
Stefan Metzmacher [Wed, 28 Sep 2011 06:23:24 +0000 (08:23 +0200)]
s4:libcli/smb2: ignore SMB2_OP_CANCEL responses

If there're a problem with signing or the session doesn't exists
any more the server responses with a failure, instead of not
sending a response.

For now we ignore the reponse, as there's not much we could do with it
and it's not likely that we generate bad requests, which trigger
that behavior, except for testing.


9 years agos4:libcli/smb2: correctly sign SMB2_OP_CANCEL request if they belong to a session
Stefan Metzmacher [Wed, 28 Sep 2011 05:50:42 +0000 (07:50 +0200)]
s4:libcli/smb2: correctly sign SMB2_OP_CANCEL request if they belong to a session


9 years agos4:libcli/smb2: don't try to check the signing if we got NT_STATUS_USER_SESSION_DELETED
Stefan Metzmacher [Wed, 28 Sep 2011 04:43:51 +0000 (06:43 +0200)]
s4:libcli/smb2: don't try to check the signing if we got NT_STATUS_USER_SESSION_DELETED