Jeremy Allison [Wed, 15 Feb 2017 23:42:52 +0000 (15:42 -0800)]
s3: smbd: Don't loop infinitely on bad-symlink resolution.
In the FILE_OPEN_IF case we have O_CREAT, but not
O_EXCL. Previously we went into a loop trying first
~(O_CREAT|O_EXCL), and if that returned ENOENT
try (O_CREAT|O_EXCL). We kept looping indefinately
until we got an error, or the file was created or
opened.
The big problem here is dangling symlinks. Opening
without O_NOFOLLOW means both bad symlink
and missing path return -1, ENOENT from open(). As POSIX
is pathname based it's not possible to tell
the difference between these two cases in a
non-racy way, so change to try only two attempts before
giving up.
We don't have this problem for the O_NOFOLLOW
case as we just return NT_STATUS_OBJECT_PATH_NOT_FOUND
mapped from the ELOOP POSIX error and immediately
returned.
Unroll the loop logic to two tries instead.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12572
Pair-programmed-with: Ralph Boehme <slow@samba.org>
Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Karolin Seeger [Thu, 16 Feb 2017 09:28:40 +0000 (10:28 +0100)]
WHATSNEW: Add link to known issues.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Thu Feb 16 14:37:11 CET 2017 on sn-devel-144
Martin Schwenke [Mon, 13 Feb 2017 22:04:41 +0000 (09:04 +1100)]
ctdb-scripts: Initialise CTDB_NFS_CALLOUT in statd-callout
Some configurations may set CTDB_NFS_CALLOUT to the empty string.
They may do this if they allow a choice of NFS implementations. In
this case the default call-out for Linux kernel NFS should be used.
However, statd-callout does not call nfs_callout_init() to set the
default. Therefore, statd-callout is unable to restart the lock
manager, so the grace period is never entered.
statd-callout must call nfs_callout_init() before trying to restart
the lock manager.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12589
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Thu Feb 16 09:21:03 CET 2017 on sn-devel-144
Amitay Isaacs [Tue, 7 Feb 2017 04:18:02 +0000 (15:18 +1100)]
ctdb-tests: Add more comm tests
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12580
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Mon, 6 Feb 2017 04:54:55 +0000 (15:54 +1100)]
ctdb-common: Fix use-after-free error in comm_fd_handler()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12580
comm_write_send() creates a new tevent_req and adds it to the queue
of requests to be processed. If this tevent_req is freed, then the
queue entry is not removed causing use-after-free error.
If the tevent_req returned by comm_write_send() is freed, then that
request should be removed from the queue and any pending actions based
on that request should also be removed.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
David Disseldorp [Wed, 8 Feb 2017 16:49:43 +0000 (17:49 +0100)]
docs/vfs_ceph: document user_id parameter
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Wed Feb 15 21:00:53 CET 2017 on sn-devel-144
David Disseldorp [Wed, 8 Feb 2017 16:26:14 +0000 (17:26 +0100)]
vfs_ceph: add user_id smb.conf parameter
The "ceph: user_id" parameter can be specified in smb.conf to explicitly
set the Ceph client ID used when creating the mount handle.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
David Disseldorp [Wed, 8 Feb 2017 16:51:32 +0000 (17:51 +0100)]
vfs_ceph: replace deprecated ceph_shutdown() call
ceph_shutdown() is the equivalent to ceph_unmount() + ceph_release()
without error handling.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
David Disseldorp [Wed, 8 Feb 2017 16:11:30 +0000 (17:11 +0100)]
vfs_ceph: cleanup mount handle on failure
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
Volker Lendecke [Sun, 12 Feb 2017 19:12:10 +0000 (20:12 +0100)]
lib: Fix "is_case_sensitive" in "ms_fnmatch_protocol"' callers
In the optimization in
f969be54417 I got the boolean flag "is_case_sensitive"
wrong. The behaviour was case *insensitive*, so all the flags should have been
"false", keeping the old behaviour. While there, simplify "mask_match" in
source4 client.c
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Feb 15 11:40:32 CET 2017 on sn-devel-144
Ralph Boehme [Tue, 31 Jan 2017 15:09:55 +0000 (16:09 +0100)]
s3/rpc_server/mdssvc: add attribute "kMDItemContentType"
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12545
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Feb 15 06:20:52 CET 2017 on sn-devel-144
Volker Lendecke [Fri, 20 Jan 2017 15:57:11 +0000 (16:57 +0100)]
lib: Avoid an "includes.h"
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Tue, 24 Jan 2017 15:17:31 +0000 (16:17 +0100)]
winbind: Fix a signed/unsigned mixup
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Tue, 24 Jan 2017 20:17:38 +0000 (21:17 +0100)]
libsmb: Fix whitespace
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 26 Jan 2017 11:51:24 +0000 (12:51 +0100)]
lib: Fix some whitespace
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 9 Feb 2017 17:43:46 +0000 (18:43 +0100)]
smbd: Fix some whitespace
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 11 Feb 2017 09:38:21 +0000 (10:38 +0100)]
auth3: Use NT_STATUS_EQUAL
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Mon, 13 Feb 2017 09:14:24 +0000 (10:14 +0100)]
winbind: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 18 Jan 2017 11:58:19 +0000 (12:58 +0100)]
ctdb: Only build test_mutex_raw.c on Linux
This is pretty glibc on Linux specific. FreeBSD 11 also has
robust mutexes and can't build this.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 9 Feb 2017 18:13:21 +0000 (19:13 +0100)]
smbd: Fix some whitespace
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 8 Feb 2017 14:19:54 +0000 (15:19 +0100)]
smbd: Make "create_file_sids" static
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sun, 29 Jan 2017 11:05:12 +0000 (11:05 +0000)]
rpc_server: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Bob Campbell [Fri, 27 Jan 2017 02:22:27 +0000 (15:22 +1300)]
python/tests: improve samba-tool replicate --local test
It now makes sure that we only replicate incremental changes.
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Feb 15 01:21:06 CET 2017 on sn-devel-144
Bob Campbell [Fri, 27 Jan 2017 01:46:36 +0000 (14:46 +1300)]
python/tests: move samba_tool_drs test to proper place
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Bob Campbell [Thu, 26 Jan 2017 21:40:59 +0000 (10:40 +1300)]
samba-tool/drs: do partial replication when --local is given by default
The samba-tool drs replicate --local command would previously always do
a full replication. This changes it to only replicate changes it doesn't
have according to appropriate highwatermark if the appropriate repsFrom
attribute exists in the local database, or an uptodateness_vector if one
exists.
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Pair-programmed-with: Andrew Bartlett <abartlet@samba.org>
Bob Campbell [Wed, 8 Feb 2017 22:22:08 +0000 (11:22 +1300)]
pydsdb: Add python binding for dsdb_load_udv_v2
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Bob Campbell [Thu, 26 Jan 2017 21:40:19 +0000 (10:40 +1300)]
drs_utils: use a given highwatermark and uptodateness_vector in replicate()
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Pair-programmed-with: Andrew Bartlett <abartlet@samba.org>
Bob Campbell [Thu, 26 Jan 2017 21:18:21 +0000 (10:18 +1300)]
drs_utils: return number of replicated objects and links in replicate()
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Pair-programmed-with: Andrew Bartlett <abartlet@samba.org>
Ralph Boehme [Sun, 12 Feb 2017 08:05:50 +0000 (09:05 +0100)]
vfs_fruit: fix resource fork xattr name
Fix resource fork xattr name broken in
e4d1f8354f97ab9007e4c5f7d164937bdc5cd6f1.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12490
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Feb 14 21:26:01 CET 2017 on sn-devel-144
Günther Deschner [Mon, 23 Jan 2017 15:45:53 +0000 (16:45 +0100)]
s3-waf: remove duplicate ctags definition
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Tue Feb 14 17:38:34 CET 2017 on sn-devel-144
Garming Sam [Thu, 8 Dec 2016 21:50:38 +0000 (10:50 +1300)]
tests/ndrdump: Add a test for --hex-input
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Feb 14 13:39:01 CET 2017 on sn-devel-144
Cody Harrington [Sat, 27 Aug 2016 15:01:18 +0000 (03:01 +1200)]
ndrdump: Add the option --hex-input for hexdump parsing
This allows the user to input a hexdump that has been generated by the dump option.
Signed-off-by: Cody Harrington <cody@harringtonca.com>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Sat, 11 Feb 2017 06:34:09 +0000 (19:34 +1300)]
join.py: Correctly print an error in DsAddEntry when .info is None
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Bob Campbell [Sun, 12 Feb 2017 22:12:54 +0000 (11:12 +1300)]
python: Use generated WERROR definitions
Previously we either defined WERRORs locally or compared them against
strings where we needed to use them.
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Bob Campbell [Thu, 19 Jan 2017 23:24:53 +0000 (12:24 +1300)]
errors: add WERROR generation to build system
Parts of doserr.c and werror.h are now generated into werror_gen.c and
werror_gen.h, respectively. Also, py_werror.c is now generated.
Some errors were not included in the list which we now generate WERRORs
from. These errors have been manually included.
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Bob Campbell [Thu, 12 Jan 2017 21:58:09 +0000 (10:58 +1300)]
errors: add table to generate WERRORs from
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Bob Campbell [Thu, 12 Jan 2017 21:22:16 +0000 (10:22 +1300)]
errors: generate error codes for WERROR
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Bob Campbell [Thu, 19 Jan 2017 23:11:30 +0000 (12:11 +1300)]
errors: pull out code into common file
This is a precursor to generating other types of errors.
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Bob Campbell [Thu, 12 Jan 2017 23:10:15 +0000 (12:10 +1300)]
samba-tool/domain: catch NTSTATUSError rather than RuntimeError
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Bob Campbell [Thu, 12 Jan 2017 23:20:30 +0000 (12:20 +1300)]
samba-tool/domain: use generated ntstatus rather than from local file
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Bob Campbell [Thu, 12 Jan 2017 23:21:42 +0000 (12:21 +1300)]
samba-tool/domain: change incorrect NT_STATUS to WERR
Since the called functions here return a WERR rather than an NTSTATUS,
the checked for errors were incorrect.
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Bob Campbell [Thu, 12 Jan 2017 02:33:45 +0000 (15:33 +1300)]
python: Add python module with NTSTATUS constants
This has been generated by gen_ntstatus.py
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Bob Campbell [Thu, 12 Jan 2017 02:33:45 +0000 (15:33 +1300)]
errors: add gen_ntstatus.py to build system
nterr_gen.c, ntstatus_gen.h and py_ntstatus.c are now generated files.
Errors which are now generated have been removed from nterr.c and
ntstatus.h. Errors which existed previously but are not in the table we
generated from have been manually added.
Some errors are incorrectly named; e.g. STATUS_MORE_ENTRIES should be
NT_STATUS_MORE_ENTRIES. These are simply remapped to the correct names.
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Bob Campbell [Thu, 12 Jan 2017 01:58:28 +0000 (14:58 +1300)]
errors/gen_ntstatus: add error table for generation script
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Bob Campbell [Thu, 12 Jan 2017 00:20:37 +0000 (13:20 +1300)]
errors/gen_ntstatus: generate error codes in specified files
Previously, we would append new errors on to the existing ntstatus.h and
nterr.c. We can now specify which files to write to, and it will write
all errors to those files.
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Tue, 31 Jan 2017 22:55:39 +0000 (11:55 +1300)]
gen_ntstatus.py: Add prototype to generated py_ntstatus.c
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Bob Campbell [Thu, 12 Jan 2017 01:39:52 +0000 (14:39 +1300)]
errors: fix "generate python error codes for NTSTATUS"
Fixups according to feedback on the list.
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Günther Deschner [Tue, 27 Sep 2016 18:31:58 +0000 (20:31 +0200)]
errors: generate python error codes for NTSTATUS
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Mon, 12 Oct 2015 02:51:37 +0000 (15:51 +1300)]
repl_meta_data: Remove the correct forward link for dn+binary attributes
The previous code assumed that only plain DNs could be linked attributes.
We need to look over the list of attribute values and find the value
that causes this particular backlink to exist, so we can remove it.
We do not know (until we search) of the binary portion, so we must
search over all the attribute values at this layer, using the
parsed_dn_find() routine used elsewhere in this code.
Found attempting to demote an RODC in a clone of a Windows 2012R2
domain, due to the msDS-RevealedUsers attribute.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11139
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Feb 14 06:14:35 CET 2017 on sn-devel-144
Andrew Bartlett [Mon, 13 Feb 2017 23:11:19 +0000 (12:11 +1300)]
repl_meta_data: Add comment with some future improvements
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Mon, 13 Feb 2017 23:08:35 +0000 (12:08 +1300)]
repl_meta_data: Always sort the links when upgrading them
This allows us to know that the output of get_parsed_dns_trusted() is sorted, as an
upgraded attribute of FL2000 links would not otherwise be sorted in the DB
This allows us to delete linked objects that have a forward link from a
FL2000 style linked attribute once the DN+Binary patches land.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Mon, 13 Feb 2017 22:59:13 +0000 (11:59 +1300)]
repl_meta_data: Bring replmd_check_upgrade_links() into get_parsed_dns_trusted()
This eliminates a lot of duplicate code and allows us to know that we will
have a set of FL2003 style links in the parsed DNs to operate on
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Bob Campbell [Tue, 7 Feb 2017 22:55:32 +0000 (11:55 +1300)]
python/tests: Add test for generated and duplicate mAPIIDs
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Bob Campbell [Tue, 7 Feb 2017 22:40:32 +0000 (11:40 +1300)]
samldb: Allow automatic generation of mAPIIDs
This allows us to conform to MS-ADTS 3.1.1.2.3.2, where the OID
1.2.840.113556.1.2.49 can be specified as the mAPIID of a new attribute
in the schema in order to automatically assign it an unused mAPIID.
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Bob Campbell [Thu, 2 Feb 2017 21:34:14 +0000 (10:34 +1300)]
torture/drs: Add a test for dn+binary linked attributes
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11139
Bob Campbell [Thu, 2 Feb 2017 21:33:54 +0000 (10:33 +1300)]
torture/drs: run repl_schema in vampire_2000_dc environment as well
This will be necessary as linked attributes are handled differently in
Windows 2000.
We also only check msDS-IntId if we have a functional level of > Windows
2000, as this attribute is not present on lower domain function levels.
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11139
Bob Campbell [Tue, 7 Feb 2017 20:16:41 +0000 (09:16 +1300)]
selftest: add vampire_2000_dc environment
This is the equivalent of vampire_dc, but using a domain functional
level of DS_DOMAIN_FUNCTION_2000.
Using this functional level is useful for tests involving replication
and linked attributes, as they behave differently at it.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11139
Pair-programmed-with: Bob Campbell <bobcampbell@catalyst.net.nz>
Bob Campbell [Wed, 1 Feb 2017 20:46:26 +0000 (09:46 +1300)]
python/tests: add test for generated and duplicate linkIDs
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11139
Bob Campbell [Tue, 7 Feb 2017 02:42:29 +0000 (15:42 +1300)]
torture/drs: generate linkID for test rather than specifying
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11139
Bob Campbell [Tue, 31 Jan 2017 22:54:40 +0000 (11:54 +1300)]
samldb: Allow automatic generation of linkIDs and prevent duplicates
As per MS-ADTS 3.1.1.2.3.1, this allows specifying the OID
1.2.840.113556.1.2.50 as the linkID of a new linked attribute in the
schema in order to automatically assign it an unused even linkID.
Specifying the attributeID or ldapDisplayName of an existing forward
link will now also add the new linked attribute as the backlink of that
existing link.
This also prevents adding duplicate linkIDs. Previously, we could run
into issues when trying to delete backlinks with duplicate linkIDs.
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11139
Andreas Schneider [Wed, 1 Feb 2017 14:53:44 +0000 (15:53 +0100)]
waf: Do not install the unit test binary for krb5samba
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12552
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Feb 13 14:17:39 CET 2017 on sn-devel-144
Garming Sam [Wed, 8 Feb 2017 02:24:14 +0000 (15:24 +1300)]
dbcheck-links: Test that dbcheck against one-way links does not error
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12577
Pair-programmed-with: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Feb 13 07:33:08 CET 2017 on sn-devel-144
Andrew Bartlett [Thu, 2 Feb 2017 03:27:35 +0000 (16:27 +1300)]
dbcheck: Do not regard old one-way-links as errors
Samba does not maintain one way links when the target is deleted or renamed
so do not fail dbcheck because of such links, but allow them to be updated.
This matters because administrators and make test expect that normal Samba
operation do NOT cause the database to become corrupt, and any error from
dbcheck tends to trigger alarms (or test failures).
If an object pointed at by a one way link is renamed or deleted in normal
operations (such as intersiteTopologyGenerator pointing at a demoted DC),
or make test, then this could trigger.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12577
Andrew Bartlett [Wed, 1 Feb 2017 01:13:28 +0000 (14:13 +1300)]
lib/util: Remove ntstatus.h and string_wrappers.h include from samba_util.h
These are not low-level headers that we need everywhere.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Pair-programmed-with: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sat Feb 11 11:40:45 CET 2017 on sn-devel-144
Andrew Bartlett [Wed, 1 Feb 2017 00:58:46 +0000 (13:58 +1300)]
debug: Do not depend on the whole of samba_util.h
By depending only on util_strlist.h and blocking.h we avoid pulling in the
generated NTSTATUS list for this low-level subsystem
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Pair-programmed-with: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Bob Campbell [Wed, 18 Jan 2017 02:55:49 +0000 (15:55 +1300)]
torture/ntlm_auth: do not assume a line is less than 2047 bytes
These tests would fail when ran in our cloud. This was due to lines that
were more than 2047 bytes in length, causing us to fail readLine with a
ReadChildError. This fix lets it read lines of any length, but in 2047
byte segments.
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Mon, 30 Jan 2017 02:34:09 +0000 (15:34 +1300)]
samba-tool: Correct handling of default value for use_ntvfs and use_xattrs
Because these options are optional based on build-time rules, we need to encode the
default value from the additonal Option() blocks in the run() declaration.
Then we can correctly check only for the expected options, and not inconsistently for
None (causing classicupgrade to fail).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12543
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Ralph Boehme [Fri, 3 Feb 2017 13:57:45 +0000 (14:57 +0100)]
s3/util: mvxattr, a tool to rename extended attributes
Usage: mvxattr -s STRING -d STRING PATH [PATH ...]
-s, --from=STRING xattr source name
-d, --to=STRING xattr destination name
-l, --follow-symlinks follow symlinks, the default is to ignore them
-p, --print print files where the xattr got renamed
-v, --verbose print files as they are checked
-f, --force force overwriting of destination xattr
Help options:
-?, --help Show this help message
--usage Display brief usage message
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12490
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Feb 10 22:24:59 CET 2017 on sn-devel-144
Ralph Boehme [Fri, 3 Feb 2017 17:08:12 +0000 (18:08 +0100)]
lib/replace: validate xattr namespace prefix on FreeBSD
We should validate the xattr name string ensuring it either begins with
"sytem." or "user.". If it doesn't, we should fail the request with
EINVAL.
The FreeBSD xattr API uses namespaces but doesn't put the namespace name
as a string prefix at the beginning of the xattr name. It gets passed as
an additional int arg instead.
On the other hand, our libreplace xattr API expects the caller to put a
namespace prefix into the xattr name.
Unfortunately the conversion and stripping of the namespace string prefix
from the xattr name gives the following unexpected result on FreeBSD:
rep_setxattr("foo.bar", ...) => xattr with name "bar"
The code checks if the name begins with "system.", if it doesn't find
it, it defaults to the user namespace and then does a strchr(name, '.')
which skips *any* leading string before the first dot.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12490
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Fri, 3 Feb 2017 15:43:26 +0000 (16:43 +0100)]
vfs_fruit: cleanup metadata and resource xattr name defines
Just some cleanup, no change in behaviour. This also removes the hokey
tag. :)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12490
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Fri, 3 Feb 2017 15:33:00 +0000 (16:33 +0100)]
vfs_fruit: correct Netatalk metadata xattr on FreeBSD
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12490
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andrew Bartlett [Thu, 9 Feb 2017 01:03:33 +0000 (14:03 +1300)]
messaging_dgm: avoid GCC snprintf warnings in messaging_dgm_out_create
We are trying to put something that (in theory) could be 109 bytes
long, into the sockaddr_un.sun_path field which has a fixed size of
108 bytes. The "in theory" part is that one of the components is a
pid, which although stored as 32 bits is in practice 16 bits, so the
maximum size is not actually hit.
This is all very annoying, because the length is checked anyway and
all this achieves is silencing a warning.
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Feb 10 09:05:31 CET 2017 on sn-devel-144
Douglas Bagnall [Thu, 9 Feb 2017 00:02:52 +0000 (13:02 +1300)]
shadow_copy_get_shadow_copy_data: fix GCC snprintf warning
GCC 7 warns about snprintf truncating a dirent d_name (potentially 255 bytes) to 25 bytes,
even though we have checked that it is 25 long in shadow_copy_match_name().
Using strlcpy instead of snprintf lets us check it again, JUST TO BE SURE.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Wed, 14 Dec 2016 20:34:28 +0000 (09:34 +1300)]
python provision: fix indenting of doc string
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Wed, 21 Dec 2016 00:24:46 +0000 (13:24 +1300)]
ntlmssp: fix compilation with -O2 -fno-inline
Without inlining the function, GCC doesn't know that
gensec_ntlmssp->ntlmssp_state->role always has a valid value.
With inlining, this is obviously redundant but GCC clearly knows
enough to detect this and elide the default case.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Fri, 28 Oct 2016 02:05:28 +0000 (15:05 +1300)]
getncchanges script: use library code, not copied functions.
These functions were duplicates. To be exact, the diff -ub between what
getncchanges had, and what drs_uitls now has is this:
|@@ -1,4 +1,5 @@
|-def do_DsBind(drs):
|+def drs_DsBind(drs):
| '''make a DsBind call, returning the binding handle'''
| bind_info = drsuapi.DsBindInfoCtr()
| bind_info.length = 28
|@@ -32,7 +33,8 @@
| bind_info.info.supported_extensions |= drsuapi.DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V7
| bind_info.info.supported_extensions |= drsuapi.DRSUAPI_SUPPORTED_EXTENSION_VERIFY_OBJECT
| (info, handle) = drs.DsBind(misc.GUID(drsuapi.DRSUAPI_DS_BIND_GUID), bind_info)
|- return handle
|+
|+ return (handle, info.info.supported_extensions)
|
|
| def drs_get_rodc_partial_attribute_set(samdb):
|@@ -43,7 +45,7 @@
| attids = []
|
| # the exact list of attids we send is quite critical. Note that
|- # we do ask for the secret attributes, but set set SPECIAL_SECRET_PROCESSING
|+ # we do ask for the secret attributes, but set SPECIAL_SECRET_PROCESSING
| # to zero them out
| schema_dn = samdb.get_schema_basedn()
| res = samdb.search(base=schema_dn, scope=ldb.SCOPE_SUBTREE,
|@@ -71,3 +73,4 @@
| partial_attribute_set.attids = attids
| partial_attribute_set.num_attids = len(attids)
| return partial_attribute_set
while the drs_utils code has changed in moving
drs_get_rodc_partial_attribute_set() out of the class.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Tue, 1 Nov 2016 00:26:11 +0000 (13:26 +1300)]
lib/replace tests: prevent GCC fretting over snprintf sizes
These tests deliberately use snprintf for truncating strings, which is
fine for tests. This has the effect of leaving the warning in place
but preventing it from becoming a fatal error.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Thu, 9 Feb 2017 23:30:59 +0000 (12:30 +1300)]
fix blackbox_supported_features: mkdir -p its directory
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Wed, 25 Jan 2017 22:39:13 +0000 (11:39 +1300)]
docs/smbconf: update log level list in man page
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Fri, 27 Jan 2017 02:10:29 +0000 (15:10 +1300)]
selftest: show multiple arguments for --help
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Thu, 2 Feb 2017 04:26:43 +0000 (17:26 +1300)]
waf --test-list takes a filename argument
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Karolin Seeger [Thu, 9 Feb 2017 10:27:45 +0000 (11:27 +0100)]
docs: Add missing spaces in man smb.conf.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Feb 9 23:58:02 CET 2017 on sn-devel-144
Andreas Schneider [Thu, 9 Feb 2017 14:05:01 +0000 (15:05 +0100)]
s3-vfs: Only walk the directory once in open_and_sort_dir()
On a slow filesystem or network filesystem this can make a huge
difference.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12571
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Matthieu Patou [Fri, 3 Feb 2017 23:13:49 +0000 (15:13 -0800)]
Move pthreadpool to top of the tree.
Signed-off-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Jeremy Allison <jra@samba.org>
Matthieu Patou [Wed, 8 Feb 2017 20:01:50 +0000 (12:01 -0800)]
wafsamba: Remove 2010 comments that seems not accurate anymore
In my tests default value is correctly used and if we provide explicitly
a --with it will comply with the store_true and if we provide --without
then it will comply with the store_false
Change-Id: I820a7f2f08c51ec23b694bce7009c3891d4ab8ef
Reviewed-by: Jeremy Allison <jra@samba.org>
Matthieu Patou [Wed, 8 Feb 2017 06:58:40 +0000 (22:58 -0800)]
wafsamba: Move command line option function labelled as 'samba3' to the common set of functions
It allows to be used for things that are not 'samba3' only (or more
accurately things not in common and not related to the AD DC
implementation)
Signed-off-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andrew Bartlett [Tue, 10 Jan 2017 20:24:06 +0000 (09:24 +1300)]
Switch on the sortedLinks Flag on new databases
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Thu Feb 9 07:07:43 CET 2017 on sn-devel-144
Andrew Bartlett [Thu, 2 Feb 2017 22:25:37 +0000 (11:25 +1300)]
replmd: check for the sortedLinks feature flag
If it is there, we assume linked attributes are stored in a sorted
order.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Andrew Bartlett [Thu, 2 Feb 2017 22:47:41 +0000 (11:47 +1300)]
dsdb: Honour @SAMBA_FEATURES_SUPPORTED flag in @IDXATTR
This allows us to detect modification by a Samba version prior to
the introduction of the compatibleFeatures logic as this flag will
be stripped by the schema load code of older Samba versions.
Therefore if it is not present, then remove all
compatibleFeatures.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Pair-programmed-with: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Fri, 3 Feb 2017 03:13:43 +0000 (16:13 +1300)]
schema: Set flag into @INDEXLIST to indicate we support feature flags
Because @INDEXLIST is rewritten by all Samba versions, we can detect
that we have opened the database with an older version that does not
support the feature flags by the absense of this in @INDEXLIST
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Andrew Bartlett [Thu, 12 Jan 2017 03:51:45 +0000 (16:51 +1300)]
samba_dsdb: Use and maintain compatibleFeatures and requiredFeatures in @SAMBA_DSDB
This will allow us to introduce new database features that are
backward compatible from the point of view of older versions of Samba,
but which will be damaged by modifying the database with such a
version.
For example, if linked attributes are stored in sorted order in 4.7,
and this change, without any values in current_supportedFeatures is
itself included in 4.6, then our sortedLinks are backward compatible
to that release.
That is with 4.6 (including this patch) which doesn't care about
ordering -- but a downgraded 4.7 database used by 4.6 will be broken
when later used with 4.7. If we add a 'sortedLinks' feature flag in
compatibleFeatures, we can detect that.
This will allow us to determine if the database still contains
unsorted links, as that information allows us to make the code
handling links much more efficient.
We won't add the actual flag until all the code is in place.
Andrew wrote the actual code and Douglas wrote the tests, and they
cross-reviewed.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Piar-programmed-with: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
selftest: check for database features flags
Douglas Bagnall [Wed, 1 Feb 2017 04:34:51 +0000 (17:34 +1300)]
repl_md: get links in sorted order in replmd_add_fix_la
This is where forward links get added when they get added with an
object.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Pair-programmed-with: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Thu, 2 Feb 2017 03:37:58 +0000 (16:37 +1300)]
replmd: treat a zero GUID as not present in get_parsed_dns
This roughly follows the pattern in the 2009 commit
0d5d7f58473c989bff4 by the Andrews Tridgell and Bartlett, which dealt
with zero GUIDs in replmd_add_fix_la(). That function is about to use
get_parsed_dns() [see next commit], and the other users of
get_parsed_dns don't really want to see zero guids, so it is simpler
to test here.
This makes hitting the GUID_all_zero branch of parsed_dn_find() even
more unlikely.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Pair-programmed-with: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Fri, 27 Jan 2017 04:46:22 +0000 (17:46 +1300)]
replmd: keep links sorted in replmd_process_linked_attribute
This is where linked attributes get added during a replication.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Fri, 6 Jan 2017 03:38:03 +0000 (16:38 +1300)]
replmd linked_attributes: maintain sorted links in replace
We use a merge-like algorithm, which gives us a slight algorithmic
improvement (O(m + n) vs O(m log(n) + n log(m))) and keeps the results
sorted.
Here's an example. There are existing links to {A C D* F*} where D*
and F* represent deleted links, and we want to replace them with {B C
E F}.
existing: A C D* E F*
| | |
replacements: B C E F
result: A* B C D* E F
This is what happens to each link:
A gets deleted to A*.
B gets added.
C is retained, with possible extended DN changes.
D* stays in the list as a deleted link
E is retained like C
F is undeleted.
Backlinks are created in the case of B and F
The backlink for A is deleted
The backlinks are not changed for C and E or D* (D* has none)
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Pair-programmed-with: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Wed, 11 Jan 2017 04:49:24 +0000 (17:49 +1300)]
replmd linked attributes: use really_parse_trusted_dn everywhere
This function fills out the DN and GUID fields of an unparsed
parsed_dn struct, which was happening in a few other places already.
In some places the GUID was not being filled out, which would probably
cause problems if the sorted_links switch was turned on.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Thu, 5 Jan 2017 22:00:57 +0000 (11:00 +1300)]
replmd: simplify and optimise replmd_modify_la_delete
With the old binary search, we didn't get a pointer to the found
value, just a yes or no answer as to its existence. That meant we
ended up searching in both directions to find the links to be deleted.
As a consequence we needed to parse out the GUID of every existing
link, even if it wasn't being deleted.
Here we do it in one pass.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Thu, 5 Jan 2017 20:49:38 +0000 (09:49 +1300)]
replmd: rearrange nothing-to-delete logic
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Wed, 4 Jan 2017 01:09:00 +0000 (14:09 +1300)]
repl_meta_data: linked attributes use DRS sort order
Links come over the wire as if sorted by memcmp() on the binary blobs,
not as sorted by GUID_compare(). Until a few patches ago, a newly
joined DC would have its linked attributes in the memcmp order. This
restores that behaviour.
This comparison could be made more efficient by storing the GUID in
the original state, but it does not seem to be a bottleneck.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Pair-programmed-with: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Douglas Bagnall [Thu, 29 Dec 2016 00:20:41 +0000 (13:20 +1300)]
replmd: rework replmd_modify_la_add to merge efficiently
Because both the list of added links and the list of existing links
are sorted, it is possible to interlace the two and obtain a merged
sorted list.
We avoid a great amount of talloc_realloc()ing by observing that the
merged list can't be longer than the sum of the two lists.
In the (common) case where there are many existing links but few being
added, we avoid parsing most of the existing link DNs and GUIDs if the
sorted_links feature flag is set.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>