Stefan Metzmacher [Wed, 27 Aug 2014 13:13:30 +0000 (15:13 +0200)]
samba-tool/ldapcmp: update the list of non replicated attributes
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10788
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Sep 2 03:49:49 CEST 2014 on sn-devel-104
(cherry picked from commit
eee14f775e6f2075729d68fa9598dd99f9b9b05d)
Stefan Metzmacher [Thu, 4 Sep 2014 05:19:46 +0000 (07:19 +0200)]
s4-rpc: dnsserver: handle updates of tombstoned dnsNode objects
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Amitay Isaacs [Thu, 31 Jul 2014 07:24:52 +0000 (17:24 +1000)]
s4-rpc: dnsserver: Do not search for deleted DNS entries
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Thu, 31 Jul 2014 07:30:16 +0000 (09:30 +0200)]
s4:dlz_bind9: let dlz_bind9 use dns_common_lookup() before add/modify
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Aug 27 15:21:19 CEST 2014 on sn-devel-104
(cherry picked from commit
d68a2ebecd244181b1238635ee54dadd05835525)
Stefan Metzmacher [Wed, 30 Jul 2014 18:12:08 +0000 (20:12 +0200)]
s4:dlz_bind9: let dlz_bind9 use dns_common_lookup() before removing records
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
11bbfd932c113b3222bc93d59702271a3777b6f3)
Stefan Metzmacher [Wed, 30 Jul 2014 16:51:39 +0000 (18:51 +0200)]
s4:dlz_bind9: let dlz_bind9 use dns_common_replace()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749
Change-Id: I2fd2503230cbf89445594e49f39ac321769ff06e
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
fd952bf814835c4860ab10794225fbd583ee3ad5)
Stefan Metzmacher [Wed, 30 Jul 2014 15:59:08 +0000 (17:59 +0200)]
s4:dlz_bind9: let dlz_bind9 use dns_common_extract()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749
Change-Id: I7c661964a3da1a1981f022a06b9bef25bbd33479
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
dedcf30fd12821c272002e3b4cbfda4ca38650fd)
Stefan Metzmacher [Wed, 30 Jul 2014 06:40:32 +0000 (08:40 +0200)]
s4:dlz_bind9: let dlz_bind9 use dns_common_lookup() for name lookup
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749
Change-Id: I2632fa0ce120a978f6f400fa5cbf18a7fbbd64a3
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
96dcebe8c20b9aa954a96a4deabe16957576be2c)
Stefan Metzmacher [Tue, 26 Aug 2014 10:04:59 +0000 (12:04 +0200)]
torture-dns: Add test for dlz_bind9 updates
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
914a3667471ced3199f51db8bc1d4a6d3fbc4e8f)
Stefan Metzmacher [Tue, 26 Aug 2014 08:34:17 +0000 (10:34 +0200)]
torture-dns: Add test for dlz_bind9 zonedumps
Change-Id: I074b3e4cdad1a0b69c085dcaa44d6f48e68e863b
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
e23621e9dab67c8997d24b2ac7e4fd181fc5907c)
Andrew Bartlett [Mon, 25 Aug 2014 22:24:27 +0000 (10:24 +1200)]
torture-dns: Add test for dlz_bind9 lookups
Change-Id: I3b9d1b56e3aa873fb8540b98e196b713b82332ca
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
2189470c2f55afe29e9e8dad1d2659a7eb2d06f9)
Stefan Metzmacher [Tue, 26 Aug 2014 11:48:21 +0000 (13:48 +0200)]
s4:torture:dlz_bind9: fix spnego tests
The dlz_bind9 module uses the special dns-${NETBIOSNAME} account,
and this is only available under the dns/hostname.domain SPN, not
host/hostname.
Also the dlz_ssumatch() function returns isc_boolean_t instead
of isc_result_t. As ISC_R_SUCCESS and ISC_FALSE have the same value
we didn't notice this problem.
Change-Id: I48539c3f48f5dde9eaa2fff6da0f3be2f9f66311
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
76943bf0ac259fb8855bd123fe4bc85a103ba418)
Stefan Metzmacher [Wed, 30 Jul 2014 15:57:13 +0000 (17:57 +0200)]
s4:dlz_bind9: do an early talloc_free(el_ctx) in dlz_allnodes()
We don't have to keep everything arround while walking the whole zone.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
5d397c8198bcd2cdccc3deda57377d4696e6abd1)
Stefan Metzmacher [Thu, 27 Feb 2014 08:59:51 +0000 (09:59 +0100)]
s4:dlz_bind9: avoid some compiler warnings
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
fbebe7e756e4ccd0684e94e9b1e787f98f399ccc)
Stefan Metzmacher [Thu, 31 Jul 2014 07:35:26 +0000 (09:35 +0200)]
s4:dns_server: handle tombstones in handle_one_update()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
491715399ff7e1ab788fec5e254581dc312e2cef)
Stefan Metzmacher [Thu, 31 Jul 2014 08:44:41 +0000 (10:44 +0200)]
s4:dns_server: add DNS_TYPE_TOMBSTONE support to dns_common_replace()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
bb3ca930cc57964487bd23a74f4caabd1616a8bf)
Stefan Metzmacher [Thu, 31 Jul 2014 06:54:17 +0000 (08:54 +0200)]
s4:dns_server: make sure dns_common_lookup() doesn't return tombstones
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
a0a81ab01cb1d509b04f9af25177c8e0941b43aa)
Stefan Metzmacher [Thu, 31 Jul 2014 07:32:00 +0000 (09:32 +0200)]
s4:dns_server: use .wType = DNS_TYPE_TOMBSTONE instead of ZERO_STRUCT()
The result is the same, but it is clearer.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
3ff025a02cca3ff209668edd419d0e440e9865c6)
Stefan Metzmacher [Wed, 30 Jul 2014 16:27:56 +0000 (18:27 +0200)]
s4:dns_server: split out dns_common_replace()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
0689e795e073008d2ad539c0ef5ddbdc6d9efdac)
Stefan Metzmacher [Thu, 31 Jul 2014 09:32:02 +0000 (11:32 +0200)]
s4:dns_server: remove const from dns_replace_records()
All callers are find we the record array gets modified.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
7e7df78bd7ae5575da7443b45c0e2e4167eebde2)
Stefan Metzmacher [Wed, 30 Jul 2014 06:24:10 +0000 (08:24 +0200)]
s4:dns_server: split out dns_common_extract() and dns_common_lookup()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
342a087349f8a10833338a3fa49fbd4d4d29f3e5)
Stefan Metzmacher [Wed, 30 Jul 2014 06:01:11 +0000 (08:01 +0200)]
s4:dns_server: split out a private 'dnsserver_common' library
This will contain common code for the internal dns server, the dlz_bind9 module
and the rpc dns management server.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
99d5a5ead4f33723c25e8716a79d34b53822521e)
Stefan Metzmacher [Thu, 31 Jul 2014 06:19:50 +0000 (08:19 +0200)]
s4:dns_server: map LDB_ERR_NO_SUCH_OBJECT to WERR_DNS_ERROR_NAME_DOES_NOT_EXIST
This is the correct fix for commit
8b24c43b382740106474e26dec59e1419ba77306
and Bug: https://bugzilla.samba.org/show_bug.cgi?id=9559
With this change we have a consistent behavior between internal server
and the bind dlz module. We keep a dangling LDAP object without
dnsRecord attribute arround forever. This will be fixed in the following
commits.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
d0f424a23dc915d9fce625438d2bd63519757cba)
Stefan Metzmacher [Wed, 30 Jul 2014 15:55:57 +0000 (17:55 +0200)]
s4:dns_server: handle WERR_DNS_ERROR_NAME_DOES_NOT_EXIST in werr_to_dns_err()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
deb21a9afe77591743fda522355a5a9eb08fb27b)
Kai Blin [Fri, 16 May 2014 16:33:42 +0000 (18:33 +0200)]
provision: Correctly provision the SOA record minimum TTL
This fixes bug #10466
Signed-off-by: Kai Blin <kai@samba.org>
Reviewed-by: Guenter Kukkukk <kukks@samba.org>
Autobuild-User(master): Kai Blin <kai@samba.org>
Autobuild-Date(master): Wed May 21 10:55:00 CEST 2014 on sn-devel-104
(cherry picked from commit
634f116fbb89d723a627f4501b4cd89342cecb8e)
Stefan Metzmacher [Mon, 28 Apr 2014 16:54:13 +0000 (18:54 +0200)]
s4:setup/dns_update_list: make use of the new substitution variables
This let us register the same names as Windows Servers.
We only exception are the NS records. In future we could add them
by using something like this:
samba-tool dns add ${HOSTNAME} ${DNSDOMAIN} @ NS ${HOSTNAME}
samba-tool dns add ${HOSTNAME} _msdcs.${DNSFOREST} @ NS ${HOSTNAME}
samba-tool dns add ${HOSTNAME} ${DNSFOREST} _msdcs NS ${HOSTNAME}
Bug: https://bugzilla.samba.org/show_bug.cgi?id=9831
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Aug 26 11:38:54 CEST 2014 on sn-devel-104
(cherry picked from commit
4383ec5b83d12bd19749582217f082cbaa31a128)
Stefan Metzmacher [Mon, 28 Apr 2014 15:33:50 +0000 (17:33 +0200)]
s4:samba_dnsupdate: provide more substitution variables e.g. IF_RODC
This will make the dns_update_list more flexible.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=9831
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
f1544e8d1de995aa304d63352d313ace8fea6ca5)
Stefan Metzmacher [Mon, 7 Jul 2014 22:05:03 +0000 (00:05 +0200)]
s4:samba_dnsupdate: don't try to be smart when verifying NS records
We can't rely on the DNS delegation to be correct in the parent domain.
What we really want is to check if we already have registered ourself
as a NS record in our own domain.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=9831
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
b13974048b74c60028d8387eb7fe4fc7734f0a91)
Stefan Metzmacher [Mon, 28 Apr 2014 06:29:40 +0000 (08:29 +0200)]
s4:samba_dnsupdate: cache the already registered records
This way we can delete records which are not used anymore.
E.g. if the ip address changed.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=9831
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
25ec8e8656f66fe51a0d48718cdcfd8b209f6ca0)
Stefan Metzmacher [Mon, 28 Apr 2014 06:27:26 +0000 (08:27 +0200)]
s4:samba_dnsupdate: fix dnsobj.__str__()
We should not implicitly use the global variable 'd'.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=9831
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
6e853708def98545eeb6913b8a2dd59d439323e6)
Stefan Metzmacher [Mon, 28 Apr 2014 15:26:51 +0000 (17:26 +0200)]
s4:samba_dnsupdate: don't lower case the registered names
This matches Windows...
Bug: https://bugzilla.samba.org/show_bug.cgi?id=9831
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
c5088f338a38850674399ec8fec9f8f146b5880f)
Stefan Metzmacher [Tue, 19 Aug 2014 08:33:11 +0000 (10:33 +0200)]
python/join: use lowercase for the dnshostname.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
5533d9c3db31ac86769288527ec20ad4e57f703c)
Stefan Metzmacher [Thu, 19 Jun 2014 15:21:16 +0000 (17:21 +0200)]
selftest/Samba3: also bind to ipv6
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(similar to commit
a9545f3de7aaa0346735191953f78242017bd346)
Stefan Metzmacher [Thu, 19 Jun 2014 15:21:16 +0000 (17:21 +0200)]
selftest/Samba4: also bind to ipv6
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(similar to commit
5d4b36d1fec981e850d869edd2c98a6541b37114)
Stefan Metzmacher [Thu, 19 Jun 2014 15:21:16 +0000 (17:21 +0200)]
selftest: export _IPV6 environment variables
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
0e7abb398dd826c082bbddb333b9faac361be064)
Stefan Metzmacher [Thu, 10 Jul 2014 05:25:08 +0000 (07:25 +0200)]
libcli/dns: ignore NS entries in dns_hosts_file.c at a higher log level for now
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
3fcc4a545e936c2c0cf3f9f9a19646e1512f74d2)
Stefan Metzmacher [Thu, 10 Jul 2014 05:25:08 +0000 (07:25 +0200)]
libcli/dns: add AAAA support to dns_hosts_file.c
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
7f18a3b58e7146e421653b85f509bb8503bd7402)
Stefan Metzmacher [Thu, 4 Sep 2014 07:40:34 +0000 (09:40 +0200)]
s4-rpc: dnsserver: return DNS_RANK_NS_GLUE recors when explicitly asked for
NS records should be included in the query for sub-domains. NS records
got dropped when the rank for NS records was correctly set to NS_GLUE
from ZONE in commit
2036cbd9249c84d9b46370f0e8cd6a0264c737ba.
samba-tool dns query 172.31.9.161 s4xdom.base @ ALL
=>
Name=glue, Records=0, Children=0
samba-tool dns query 172.31.9.161 s4xdom.base glue ALL
=>
Name=, Records=1, Children=0
NS: glue.dns.private. (flags=
40000082, serial=21, ttl=900)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10751
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Amitay Isaacs [Wed, 30 Jul 2014 09:57:42 +0000 (19:57 +1000)]
s4-rpc: dnsserver: Do not return NS_GLUE records with VIEW_GLUE_DATA filter
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10751
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Aug 21 11:36:55 CEST 2014 on sn-devel-104
(cherry picked from commit
c9169a5e987864473108d041513f1781740401ac)
Amitay Isaacs [Wed, 30 Jul 2014 08:53:44 +0000 (18:53 +1000)]
s4-rpc: dnsserver: Correctly set rank for glue NS records
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10751
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
2036cbd9249c84d9b46370f0e8cd6a0264c737ba)
Jeremy Allison [Fri, 25 Jul 2014 19:46:46 +0000 (12:46 -0700)]
s3: winbindd: On new client connect, prune idle or hung connections older than "winbind request timeout"
Bug 3204 winbindd: Exceeding 200 client connections, no idle connection found
https://bugzilla.samba.org/show_bug.cgi?id=3204
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jul 29 23:31:14 CEST 2014 on sn-devel-104
(cherry picked from commit
f9588675ea3cb2f1fabd07a4ea8b2138d65aee83)
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Mon Sep 1 23:46:50 CEST 2014 on sn-devel-104
Jeremy Allison [Tue, 29 Jul 2014 21:53:11 +0000 (14:53 -0700)]
s3: winbindd: Add new parameter "winbind request timeout" set to 60 seconds with man page.
"This parameter specifies the number of seconds the winbindd
daemon will wait before disconnecting either a client connection
with no outstanding requests (idle) or a client connection with a
request that has remained outstanding (hung) for longer than this
number of seconds."
Bug 3204 winbindd: Exceeding 200 client connections, no idle connection found
https://bugzilla.samba.org/show_bug.cgi?id=3204
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
David Disseldorp [Wed, 27 Aug 2014 13:42:00 +0000 (15:42 +0200)]
dosmode: fix FSCTL_SET_SPARSE request validation
Check that FSCTL_SET_SPARSE requests does not refer to directories. Also
reject such requests when issued over IPC or printer share connections.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10787
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Aug 28 04:22:37 CEST 2014 on sn-devel-104
(cherry picked from commit
0751495b1327d002b79482632b7c590cae6e3f9d)
Volker Lendecke [Tue, 19 Aug 2014 14:32:15 +0000 (14:32 +0000)]
smbd: Properly initialize mangle_hash
[Bug 10782] mangle_hash() can fail to initialize charset (smbd crash).
https://bugzilla.samba.org/show_bug.cgi?id=10782
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Aug 26 01:30:38 CEST 2014 on sn-devel-104
Roel van Meer [Fri, 22 Aug 2014 13:11:04 +0000 (15:11 +0200)]
Don't discard result of checking grouptype
The pdb_samba_dsdb_getgrfilter() function first determines the security type
of a group and sets map->sid_name_use accordingly. A little later, this
variable is set again, undoing the previous work.
https://bugzilla.samba.org/show_bug.cgi?id=10777
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Simo Sorce <idra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Aug 23 02:48:52 CEST 2014 on sn-devel-104
Marc Muehlfeld [Wed, 6 Aug 2014 19:36:26 +0000 (21:36 +0200)]
docs: Fix typos in smb.conf (inherit acls)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10761
Signed-off-by: Marc Muehlfeld <mmuehlfeld@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Thu Aug 7 00:52:42 CEST 2014 on sn-devel-104
(cherry picked from commit
4639f6d7bab9d8d6ee46bf5c65ff73a17a56cb17)
Shirish Pargaonkar [Sat, 26 Jul 2014 15:41:25 +0000 (10:41 -0500)]
samba: Retain case sensitivity of cifs client
When a client supports extended security but server does not,
and that client, in Flags2 field of smb header indicates that
- it supports extended security negotiation
- it does not support security signatures
- it does not require security signatures
Samba server treats a client as a Vista client.
That turns off case sensitivity and that is a problem for cifs vfs client.
So include remote cifs client along with remote samba client
to not do so otherwise.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10755
Signed-off-by: Shirish Pargaonkar <spargaonkar@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Fri Aug 1 16:11:43 CEST 2014 on sn-devel-104
(cherry picked from commit
a0583976da2ba09da0fd94f739ed4f5851e2a858)
Volker Lendecke [Tue, 5 Aug 2014 09:21:07 +0000 (09:21 +0000)]
lib: strings: Simplify strcasecmp
This makes us fallback to strcasecmp early if any INVALID_CODEPOINT
appears. Without this patch we just continue to compare if both strings
happen to have an INVALID_CODEPOINT in the same spot.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10716
smbd constantly crashes when filename contains non-ascii character
Jeremy Allison [Mon, 4 Aug 2014 20:36:42 +0000 (13:36 -0700)]
s4: tests: Added local.charset test for Bug 10716 - smbd constantly crashes when filename contains non-ascii character
https://bugzilla.samba.org/show_bug.cgi?id=10716
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Sat, 2 Aug 2014 04:38:59 +0000 (21:38 -0700)]
lib: strings: Fix the behavior of strncasecmp_m_handle() in the face of bad conversions.
When either string has a bad conversion, we fall back to
doing raw ascii byte comparisons using strcasecmp(). This
is wrong - we should fall back to strncasecmp.
The problem is we've already stepped past the character
that failed the conversion, so we're not re-testing those
characters for comparison. This can have the effect of
causing strncasecmp_m_handle() to report that two strings
are identical when they are not, if the failed conversion
takes place at the end of the string.
The correct behavior is to step back to the point of
the string(s) that failed the conversion, and continue
the test from there.
This is a litle trickier than the previous fix, as
it requires converting the incoming n variable from
remaining characters to compare to remaining bytes to
compare.
As bytes are always the smallest character size
(1 byte) then it's safe to convert the remaining
characters to check by decrementing the source string
by the last character length (in bytes) and incrementing
the remaining bytes to scan by the same value, then
calling strncasecmp() with the stepped back strings
remaining.
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Sat, 2 Aug 2014 04:29:21 +0000 (21:29 -0700)]
lib: strings: Fix the behavior of strcasecmp_m_handle() in the face of bad conversions.
When either string has a bad conversion, we fall back to
doing raw ascii byte comparisons using strcasecmp().
The problem is we've already stepped past the character
that failed the conversion, so we're not re-testing those
characters for comparison. This can have the effect of
causing strcasecmp_m_handle() to report that two strings
are identical when they are not, if the failed conversion
takes place at the end of the string.
The correct behavior is to step back to the point of
the string(s) that failed the conversion, and continue
the test from there.
Found by <lev@zadarastorage.com> when investigating bug
10716 - smbd constantly crashes when filename contains non-ascii character.
Given the normal character set of utf-8, and an on
disk filename of ISO-8859-1 of file-é on disk hex
value: 66 69 6c 65 2d e9, an incoming open given the
correct utf8 name of file-é will collide when it
should not.
Fixes:
Bug 10716 - smbd constantly crashes when filename contains non-ascii character
https://bugzilla.samba.org/show_bug.cgi?id=10716
Signed-off-by: Jeremy Allison <jra@samba.org>
David Disseldorp [Tue, 5 Aug 2014 15:33:33 +0000 (17:33 +0200)]
printing: reload printer shares on OpenPrinter
The printer share inventory should be reloaded on open _and_
enumeration, as there are some clients, such as cupsaddsmb, that do not
perform an enumeration prior to access.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10652
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Aug 8 16:33:50 CEST 2014 on sn-devel-104
(cherry picked from commit
1ad71f79eb473822d36d9629cf52c2fca4c53752)
David Disseldorp [Fri, 1 Aug 2014 14:25:59 +0000 (16:25 +0200)]
smbd: split printer reload processing
All printer inventory updates are currently done via
delete_and_reload_printers(), which handles registry.tdb updates for
added or removed printers, AD printer unpublishing on removal, as well
as share service creation and deletion.
This change splits this functionality into two functions such that
per-client smbd processes do not perform registry.tdb updates or printer
unpublishing. This is now only performed by the process that performs
the printcap cache update.
This change is similar to
ac6604868d1325dd4c872dc0f6ab056d10ebaecf from
the 3.6 branch.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10652
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
2706af4d78fc9a47a4ac45b373edf276e3a9b354)
David Disseldorp [Tue, 5 Aug 2014 16:45:24 +0000 (18:45 +0200)]
server: remove duplicate snum_is_shared_printer()
Only keep a single definition in server_reload.c
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10652
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
2685df1177ffd39b1af34eb116bd7b24d4b12974)
David Disseldorp [Wed, 23 Jul 2014 12:42:00 +0000 (14:42 +0200)]
smbd: only reprocess printer_list.tdb if it changed
The per-client smbd printer share inventory is currently updated from
printer_list.tdb when a client enumerates printers, via EnumPrinters or
NetShareEnum.
printer_list.tdb is populated by the background print process, based on
the latest printcap values retrieved from the printing backend (e.g.
CUPS) at regular intervals.
This change ensures that per-client smbd processes don't reparse
printer_list.tdb if it hasn't been updated since the last enumeration.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10652
Suggested-by: Volker Lendecke <vl@samba.org>
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
a2182e03a061de6c1f111ce083cb5f668fe75e4e)
David Disseldorp [Wed, 23 Jul 2014 10:12:34 +0000 (12:12 +0200)]
printing: return last change time with pcap_cache_loaded()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10652
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
30ce835670a6aeca6fb960ea7c4fe1b982bdd5b0)
David Disseldorp [Fri, 25 Jul 2014 10:18:54 +0000 (12:18 +0200)]
printing: remove pcap_cache_add()
All print list updates are now done via pcap_cache_replace(), which can
call into the print_list code directly.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10652
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
6d75e20ca8acf1a55838694ac77940e21e9a1e6a)
David Disseldorp [Tue, 22 Jul 2014 18:17:38 +0000 (20:17 +0200)]
printing: reload printer_list.tdb from in memory list
This will allow in future for a single atomic printer_list.tdb update.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10652
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
e5e6e2c796f026ee6b04f99b327941d57b9bd026)
David Disseldorp [Fri, 11 Jul 2014 15:00:05 +0000 (17:00 +0200)]
printing: only reload printer shares on client enum
Currently, automatic printer share updates are handled in the following
way:
- Background printer process (BPP) forked on startup
- Parent smbd and per-client children await MSG_PRINTER_PCAP messages
- BPP periodically polls the printing backend for printcap data
- printcap data written to printer_list.tdb
- MSG_PRINTER_PCAP sent to all smbd processes following update
- smbd processes all read the latest printer_list.tdb data, and update
their share listings
This procedure is not scalable, as all smbd processes hit
printer_list.tdb in parallel, resulting in a large spike in CPU usage.
This change sees smbd processes only update their printer share lists
only when a client asks for this information, e.g. via NetShareEnum or
EnumPrinters.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10652
Suggested-by: Volker Lendecke <vl@samba.org>
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
4f4501ac1f35ab15f25d207c0d33e7c4d1abdf38)
David Disseldorp [Wed, 9 Jul 2014 22:18:10 +0000 (00:18 +0200)]
printing: traverse_read the printer list for share updates
The printcap update procedure involves the background printer process
obtaining the printcap information from the printing backend, writing
this to printer_list.tdb, and then notifying all smbd processes of the
new list. The processes then all attempt to simultaneously traverse
printer_list.tdb, in order to update their local share lists.
With a large number of printers, and a large number of per-client smbd
processes, this traversal results in significant lock contention, mostly
due to the fact that the traversal is unnecessarily done with an
exclusive (write) lock on the printer_list.tdb database.
This commit changes the share update code path to perform a read-only
traversal.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10652
Reported-by: Alex K <korobkin+samba@gmail.com>
Reported-by: Franz Pförtsch <franz.pfoertsch@brose.com>
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
1e83435eac2cef03fccb4cf69ef5e0bfbd710410)
Jeremy Allison [Tue, 10 Jun 2014 22:58:15 +0000 (15:58 -0700)]
s3: smbd : SMB2 - fix SMB2_SEARCH when searching non wildcard string with a case-canonicalized share.
We need to go through filename_convert() in order for the filename
canonicalization to be done on a non-wildcard search string (as is
done in the SMB1 findfirst code path).
Fixes Bug #10650 - "case sensitive = True" option doesn't work with "max protocol = SMB2" or higher in large directories.
https://bugzilla.samba.org/show_bug.cgi?id=10650
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Tue, 10 Jun 2014 21:41:45 +0000 (14:41 -0700)]
s3: smbd - SMB[2|3]. Ensure a \ or / can't be found anywhere in a search path, not just at the start.
Signed-off-by: Jeremy Allison <jra@samba.org>
Björn Baumbach [Thu, 27 Mar 2014 10:17:30 +0000 (11:17 +0100)]
s3: enforce a positive allocation_file_size for non-empty files (bug #10543)
Some file systems do not allocate a block for very
small files. But for non-empty file should report a
positive size.
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Apr 5 03:09:00 CEST 2014 on sn-devel-104
(cherry picked from commit
c35b31f45244a8339684c3b83a7d86eefb80e0da)
Arvid Requate [Thu, 17 Jan 2013 15:44:28 +0000 (16:44 +0100)]
passdb: fix NT_STATUS_NO_SUCH_GROUP
Share options like "force group" and "valid users = @group1"
triggered a NT_STATUS_NO_SUCH_GROUP. While the group was found in
the SAM backend, its objectclass was not retrived.
This fix also revealed a talloc access after free in the group
branch of pdb_samba_dsdb_getgrfilter.
[Bug 9570] Access failure for shares with "force group" or "valid users = @group"
https://bugzilla.samba.org/show_bug.cgi?id=9570
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ross Lagerwall [Thu, 21 Aug 2014 06:32:36 +0000 (07:32 +0100)]
s3:libsmb: Set a max charge for SMB2 connections
Set a max charge for SMB2 connections so that larger request sizes can
be used and more requests can be in flight.
Signed-off-by: Ross Lagerwall <rosslagerwall@gmail.com>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Aug 21 17:31:11 CEST 2014 on sn-devel-104
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10778
libsmbclient with SMB2 doesn't pipeline or use large blocks
Jeremy Allison [Thu, 21 Aug 2014 23:28:42 +0000 (16:28 -0700)]
s3: smbd: POSIX ACLs. Remove incorrect check for SECINFO_PROTECTED_DACL in incoming security_information flags in posix_get_nt_acl_common().
Tidy-up of code obsoleted by fixes for bug #10773 (SECINFO_PROTECTED_DACL is not ignored).
We now never pass SECINFO_PROTECTED_DACL in security_information flags to this layer.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10773
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Aug 22 11:26:57 CEST 2014 on sn-devel-104
Stefan Metzmacher [Wed, 20 Aug 2014 13:00:59 +0000 (15:00 +0200)]
libcli/security: add better detection of SECINFO_[UN]PROTECTED_[D|S]ACL in get_sec_info()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10773
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Aug 22 02:52:50 CEST 2014 on sn-devel-104
Stefan Metzmacher [Wed, 20 Aug 2014 11:58:38 +0000 (13:58 +0200)]
s3:smbd: mask security_information input values with SMB_SUPPORTED_SECINFO_FLAGS
Sometimes Windows clients doesn't filter SECINFO_[UN]PROTECTED_[D|S]ACL flags
before sending the security_information to the server.
security_information = SECINFO_PROTECTED_DACL| SECINFO_DACL
results in a NULL dacl being returned from an GetSecurityDecriptor
request. This happens because posix_get_nt_acl_common()
has the following logic:
if ((security_info & SECINFO_DACL) && !(security_info & SECINFO_PROTECTED_DACL)) {
... create DACL ...
}
I'm not sure if the logic is correct or wrong in this place (I guess it's
wrong...).
But what I know is that the SMB server should filter the given
security_information flags before passing to the filesystem.
[MS-SMB2] 3.3.5.20.3 Handling SMB2_0_INFO_SECURITY
...
The server MUST ignore any flag value in the AdditionalInformation field that
is not specified in section 2.2.37.
Section 2.2.37 lists:
OWNER_SECURITY_INFORMATION
GROUP_SECURITY_INFORMATION
DACL_SECURITY_INFORMATION
SACL_SECURITY_INFORMATION
LABEL_SECURITY_INFORMATION
ATTRIBUTE_SECURITY_INFORMATION
SCOPE_SECURITY_INFORMATION
BACKUP_SECURITY_INFORMATION
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10773
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Wed, 20 Aug 2014 11:43:13 +0000 (13:43 +0200)]
security.idl: add SMB_SUPPORTED_SECINFO_FLAGS
A SMB server should only care about specific SECINFO flags
and ignore others e.g. SECINFO_PROTECTED_DACL.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10773
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Har Gagan Sahai [Wed, 6 Aug 2014 09:02:35 +0000 (14:32 +0530)]
Fixed a memory leak in cli_set_mntpoint().
Fixes bug #10759 - Memory leak in libsmbclient in cli_set_mntpoint function
https://bugzilla.samba.org/show_bug.cgi?id=10759
Signed-off-by: Har Gagan Sahai <SHarGagan@novell.com>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Aug 13 04:36:50 CEST 2014 on sn-devel-104
Volker Lendecke [Mon, 4 Aug 2014 05:29:14 +0000 (07:29 +0200)]
lib: Remove unused nstrcpy
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10758
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Aug 4 09:58:16 CEST 2014 on sn-devel-104
Signed-off-by: Volker Lendecke <vl@samba.org>
Michael Adam [Mon, 18 Aug 2014 09:42:27 +0000 (11:42 +0200)]
build: fix configure to honour --without-dmapi
Previously, --without-dmapi would still autodetect and link a useable dmapi
library. This change allows to build without dmapi support even when a dmapi
library is found.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10369
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
2afacf940f21759c08bcc4a6e906428595966a19)
Amitay Isaacs [Mon, 28 Jul 2014 08:09:37 +0000 (18:09 +1000)]
tests: dnsserver: Add a update test with name set to '.'
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Jul 29 19:33:19 CEST 2014 on sn-devel-104
(cherry picked from commit
6d104182d9667e4f996439d24cfa052f34098ce4)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10742
samba-tool dns add 172.31.9.161 s4xdom.base . NS mydns.org. => NO_MEMORY
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Thu Aug 7 18:54:28 CEST 2014 on sn-devel-104
Amitay Isaacs [Mon, 28 Jul 2014 03:07:58 +0000 (13:07 +1000)]
s4-rpc: dnsserver: Allow . to be specified for @ record
Windows allow both . and @ to be specified with modifying @ record.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10742
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
4b4e30b780345c74f9983ba77f04c616b3d034b7)
Jeremy Allison [Tue, 29 Jul 2014 21:12:31 +0000 (14:12 -0700)]
s3: net time - fix usage and core dump.
Bug 10728 - 'net time system' segfaults
https://bugzilla.samba.org/show_bug.cgi?id=10728
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Tue, 29 Jul 2014 19:29:37 +0000 (12:29 -0700)]
s3: xml-docs. Ensure users of 'net time' know the remote server must be specified with -S.
Bug 10728 - 'net time system' segfaults
https://bugzilla.samba.org/show_bug.cgi?id=10728
Signed-off-by: Jeremy Allison <jra@samba.org>
Michael Adam [Thu, 17 Jul 2014 15:27:17 +0000 (17:27 +0200)]
s3: remove stat_ex.vfs_private completely
It is not used any more.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Thu Jul 24 14:23:11 CEST 2014 on sn-devel-104
(cherry picked from commit
cd95937369b1729e2417d78f3c903bce5d32da93)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10741
Michael Adam [Thu, 17 Jul 2014 15:06:32 +0000 (17:06 +0200)]
s3:vfs:gpfs: remove a block and reduce indentation in gpfs_is_offline()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
(cherry picked from commit
eb0577dca04a2fde4691094a006954d417d1cf22)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10741
Michael Adam [Thu, 17 Jul 2014 21:35:58 +0000 (23:35 +0200)]
s3:vfs:gpfs: remove all writing uses of stat_ex.vfs_private from vfs_gpfs.
Now that the vfs_private cache is never read in vfs_gpfs, there is
no need any more to write it.
With this change, vfs_gpfs does not use vfs_private any more.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
(cherry picked from commit
d87d13f4c2a77c03bbffcd0fe4fc9464d9024cae)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10741
Michael Adam [Thu, 17 Jul 2014 15:22:09 +0000 (17:22 +0200)]
s3:vfs:gpfs: Remove all reading uses of stat_ex.vfs_private from vfs_gfs.
This was used as a cache for offline-info in the stat buffer.
But as the implementation of gpfs_is_offline() showed, this cache
does not always carry valid information when the stat itself is valid
(since at least one call goes to fstatat() directly, circumventing
the vfs).
So the correct thing is to always call SMB_VFS_IS_OFFLINE()
when checking whether a file is offline. For the pread and pwrite
calls, we need to call IS_OFFLINE before the actual read
and check afterwards if the file was offline before (as a basis
whether to send notifications).
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
(cherry picked from commit
16a040f8ef7f2f594505ef07e6f9b77df8f1d725)
Conflicts:
source3/modules/vfs_gpfs.c
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10741
Michael Adam [Thu, 3 Jul 2014 08:10:11 +0000 (10:10 +0200)]
s3:vfs:gpfs: fix flapping offline: always get winAttrs from gpfs for is_offline
There is a problem of flapping offline due to uninitialized
stat buffers. Due to a optimization in vfswrap_readdir which
directly calling fastatat (i.e. not through vfs), marking the
stat buffer valid, there is nothing this module can do about
it and hence can not currently not rely on the vaildity of
the stat buffer.
By always calling out to GPFS even when the stat buffer is
flagged valid, we can always return correct offline information,
thereby sacrificing the readdir optimization.
Pair-Programmed-With: Volker Lendecke <vl@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
(cherry picked from commit
31e67507144aae8d5a8ec49587ac89d2d94636f0)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10741
Michael Adam [Thu, 3 Jul 2014 08:07:37 +0000 (10:07 +0200)]
s3:vfs:gpfs: store the winAttrs in the struct_ex when we got them in vfs_gpfs_fstat()
This may (e.g.) have lead to some occurrences of flapping offline bits.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
(cherry picked from commit
573ca6ef6b8376800d8fc988d67909e103b74656)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10741
Michael Adam [Sun, 20 Jul 2014 09:49:37 +0000 (11:49 +0200)]
s3:idmap: don't log missing range config if range checking not requested
idmap_init_domain() is called with check_range == false from
idmap_passdb_domain(). In this case, we usually don't have an
idmap range at all, and we don't want to level 1 debug
messages complaining about the fact are irritating at least.
This patch removes the debug in the case of check_range == false.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10737
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
3c6ec8908a697ac95536b35d242ccd64e524a0a5)
Daniel Kobras [Mon, 21 Jul 2014 08:47:53 +0000 (10:47 +0200)]
sys_poll_intr: fix timeout arithmetic
Callers of sys_poll_intr() assume timeout to be in milliseconds like
poll(2) expects, but implementation used nanosecond units. Also make
sure timeout doesn't become infinite by mistake during time arithmetic.
Signed-off-by: Daniel Kobras <d.kobras@science-computing.de>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10731
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jul 22 00:12:24 CEST 2014 on sn-devel-104
Stefan Metzmacher [Thu, 17 Jul 2014 14:05:12 +0000 (16:05 +0200)]
s4:torture/rpc: add rpc.netlogon.ServerReqChallengeGlobal
This demonstrates that the challenge table should be global.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10723
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Sat Jul 19 12:51:39 CEST 2014 on sn-devel-104
(cherry picked from commit
d90f3323ee001080645dcd25da8b8ce1367b1377)
Stefan Metzmacher [Thu, 17 Jul 2014 12:20:58 +0000 (14:20 +0200)]
s4:rpc_server/netlogon: keep a global challenge table
Some clients call netr_ServerReqChallenge() and netr_ServerAuthenticate3()
on different connections. This works against Windows DCs as they
have a global challenge table.
A VMware provisioning task for Windows VMs seemy to rely on this behavior.
As a fallback we're storing the challenge in a global memcache with a fixed
size. This should allow these strange clients to work against a
Samba AD DC.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10723
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(similar to commit
321ebc99b5a00f82265aee741a48aa84b214d6e8)
Stefan Metzmacher [Thu, 17 Jul 2014 10:58:34 +0000 (12:58 +0200)]
lib/util: move memcache.[ch] to the toplevel 'samba-util' library
This is generic enough that it could be used in all code.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Jul 18 15:43:33 CEST 2014 on sn-devel-104
(cherry picked from commit
45807028d478c082fef6f3a3d5a142d96d63fb50)
Stefan Metzmacher [Thu, 17 Jul 2014 10:49:48 +0000 (12:49 +0200)]
s3:lib/memcache: only include the required header files
We don't need the full "includes.h".
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
b560fac7f78b761ee279d8e87a749125665eb5d1)
Stefan Metzmacher [Thu, 17 Jul 2014 10:48:51 +0000 (12:48 +0200)]
s3:lib/memcache: make use of talloc for memcache_elements
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
91105d1057c29c5878f50678baeb1bd1a6f1abe3)
Stefan Metzmacher [Thu, 17 Jul 2014 10:41:20 +0000 (12:41 +0200)]
s3:lib/memcache: use uint8_t instead of uint8
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
d7cbc63dc7537fc9562da985b77f6d62dc41fd84)
Stefan Metzmacher [Fri, 10 Jan 2014 11:19:08 +0000 (12:19 +0100)]
s4:torture/rpc: add invalidAuthenticate2
This add 'rpc.netlogon.netlogon.invalidAuthenticate2' as new test
it demonstrates the STATUS_BUFFER_OVERFLOW on computer names
larger than 15 characters.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Jan 22 19:07:12 CET 2014 on sn-devel-104
(cherry picked from commit
38f8788d6bf7fac509dcf492214a66a8bb3ac3fc)
Stefan Metzmacher [Fri, 18 Jul 2014 09:06:50 +0000 (11:06 +0200)]
selftest/knownfail: add ^samba4.rpc.netlogon.*.invalidAuthenticate2 for v4-1-*
This works in master (>= 4.2), but not in 4.1.x.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Günther Deschner [Wed, 19 Dec 2012 12:53:23 +0000 (13:53 +0100)]
libcli/auth: also set secure channel type in netlogon_creds_client_init().
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
a9d5b2fdf03a25e7669258de6c83288be3335cef)
Jeremy Allison [Wed, 30 Jul 2014 16:56:54 +0000 (09:56 -0700)]
lib: tevent: make TEVENT_SIG_INCREMENT atomic.
On arm platforms incrementing a variable is not
an atomic operation, so may be interrupted by
signal processing (if a signal interrupts another
signal handler).
Use compiler built-ins to make this atomic.
__sync_fetch_and_add() works on gcc, llvm,
IBM xlC on AIX, and Intel icc (10.1 and
above).
atomic_add_32() works on Oracle Solaris.
Based on an inital patch from kamei@osstech.co.jp.
Bug #10640 - smbd is not responding - tevent_common_signal_handler() increments non-atomic variables
https://bugzilla.samba.org/show_bug.cgi?id=10640
Back-ported from master
536c799f00d7bdd6a574b6bdbc0e9c742eeef8b5
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE>
Karolin Seeger [Fri, 1 Aug 2014 11:17:17 +0000 (13:17 +0200)]
VERSION: Bump version up to 4.1.12.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Thu, 31 Jul 2014 13:00:27 +0000 (15:00 +0200)]
VERSION: Disable git snapshots for the 4.1.11 release.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10735
CVE-2014-3560: unstrcpy macro length is invalid
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Thu, 31 Jul 2014 12:48:01 +0000 (14:48 +0200)]
WHATSNEW: Add release notes for Samba 4.1.11.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10735
CVE-2014-3560: unstrcpy macro length is invalid
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Volker Lendecke [Tue, 22 Jul 2014 05:02:00 +0000 (07:02 +0200)]
fix unstrcpy
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10735
CVE-2014-3560: unstrcpy macro length is invalid
Stefan Metzmacher [Mon, 28 Jul 2014 08:07:54 +0000 (10:07 +0200)]
Merge tag 'samba-4.1.10' into v4-1-test
samba: tag release samba-4.1.10
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Karolin Seeger [Mon, 28 Jul 2014 07:13:45 +0000 (09:13 +0200)]
Merge commit 'origin/v4-1-test^' into v4-1-stable
This was needed because of a changed commit message (fixed version number)
in v4-1-stable after generating the 'samba-4.1.9' tag.
Karolin
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>