12 years agopvfs_open: the pvfs_odb_retry structs need to be children of the request
Stefan Metzmacher [Sat, 15 Mar 2008 11:35:04 +0000 (12:35 +0100)]
pvfs_open: the pvfs_odb_retry structs need to be children of the request

Otherwise they're not cleaned up when the request is finished.

(This used to be commit 055760f0f4aadd2079b0a4999b59ac3dbe5edf8a)

12 years agopvfs_unlink: disable async retries for wildcard deletes
Stefan Metzmacher [Sat, 15 Mar 2008 11:22:36 +0000 (12:22 +0100)]
pvfs_unlink: disable async retries for wildcard deletes

We would setup multiple retries per client request.

(This used to be commit 951764e28407a53ea4dd39d34388fab1b2259785)

12 years agomessaging: fix a valgrind warning on 64bit hosts zero out padding
Stefan Metzmacher [Sat, 15 Mar 2008 11:21:06 +0000 (12:21 +0100)]
messaging: fix a valgrind warning on 64bit hosts zero out padding

(This used to be commit f555b8e4c35f69fdc1fb34427d882580eecad284)

12 years agoRework memberof handling in slapd.conf (used for OpenLDAP backend)
Andrew Bartlett [Sat, 15 Mar 2008 08:03:04 +0000 (19:03 +1100)]
Rework memberof handling in slapd.conf (used for OpenLDAP backend)

Instead of using an include file, put the generated configurationd
directly into slapd.conf.

Andrew Bartlett
(This used to be commit 95ac786136aebfe5ededeb3fb81cbd4e296e3988)

12 years agoswig: regenerate _wrap.c files
Stefan Metzmacher [Fri, 14 Mar 2008 13:33:18 +0000 (14:33 +0100)]
swig: regenerate _wrap.c files

(This used to be commit 08b41e10699c7bb8058ab0ab61f17a1bbfcc1ce4)

12 years agoswig: make the code more portable and use NT_STATUS_V() and W_ERROR_V()
Stefan Metzmacher [Fri, 14 Mar 2008 13:32:26 +0000 (14:32 +0100)]
swig: make the code more portable and use NT_STATUS_V() and W_ERROR_V()

(This used to be commit d6fd98a307f83fd492ef73bf6ec281f9f11286f2)

12 years agolibreplace: fix samba4 build (by not setting global LIBS).
Michael Adam [Fri, 14 Mar 2008 08:39:58 +0000 (09:39 +0100)]
libreplace: fix samba4 build (by not setting global LIBS).

This corrects the earlier fix of the standalone build, by setting
LIBS to the desired value only in but not in getifaddrs.m4.

Not that this changes the standalone build in that it adds these libs
undconditionally and not only if they are needed by the getifaddrs
replacement functions.

(This used to be commit ff3af1703ddc9e5383f32156bc5be8351f795e76)

12 years agolibreplace: add -I$libreplacedir to CPPFLAGS for getifaddrs tests.
Michael Adam [Fri, 14 Mar 2008 07:52:16 +0000 (08:52 +0100)]
libreplace: add -I$libreplacedir to CPPFLAGS for getifaddrs tests.

This is needed, otherwise $libreplacedir/system/network.h does not
find $libreplacedir/getaddrinfo.h on some systems (solaris, e.g.).

(This used to be commit 297c3bece094ddb5f268b02e61e33f512ccfe6f5)

12 years agoheimdal_build: fix linkage of asn1_compile and compile_et.
Michael Adam [Fri, 14 Mar 2008 08:04:00 +0000 (09:04 +0100)]
heimdal_build: fix linkage of asn1_compile and compile_et.

Now inet_aton is available from libreplace.

(This used to be commit 3b2a3da2f73020b1d3b08a05a479de380b2aa5c4)

12 years agolibreplace: add an inet_aton() function that calls inet_pton().
Michael Adam [Fri, 14 Mar 2008 07:49:34 +0000 (08:49 +0100)]
libreplace: add an inet_aton() function that calls inet_pton().

inet_aton() is even needed inside libreplace, in the implementation
of rep_getaddrinfo().

(This used to be commit bcb2f3a880f8da8f9bedb7a8e61d7d7b533f1919)

12 years agoAllow more 'domain' objects when looking for a unqiue SID.
Andrew Bartlett [Fri, 14 Mar 2008 01:32:07 +0000 (12:32 +1100)]
Allow more 'domain' objects when looking for a unqiue SID.

Andrew Bartlett
(This used to be commit db3b5f16ec8d9b83d8a82a535a4847dce5923663)

12 years agoRework our SAMR test and SAMR server.
Andrew Bartlett [Fri, 14 Mar 2008 01:26:03 +0000 (12:26 +1100)]
Rework our SAMR test and SAMR server.

Now that we don't create users/domain groups/aliases in the builtin
domain, we hit some bugs in the server-side implementation of the
enumeration functions.

In essence, it turns out to be: don't treat 0 as a special case.

Also, fix up the PDC name to always be returned.  I'm sure nothing
actually uses it, particularly for BUILTIN...

Andrew Bartlett
(This used to be commit 353bb79f568f20c8469cb9458f7b14c24612ad23)

12 years agoCheck for Administrator as a Alias (copy&paste bug)
Andrew Bartlett [Thu, 13 Mar 2008 23:11:03 +0000 (10:11 +1100)]
Check for Administrator as a Alias (copy&paste bug)

Andrew Bartlett
(This used to be commit e7afb31df1f12a3cd39ed9b95d76edc6ff0d6a70)

12 years agoMerge branch 'v4-0-test' of ssh:// into 4-0-local
Andrew Bartlett [Thu, 13 Mar 2008 22:59:24 +0000 (09:59 +1100)]
Merge branch 'v4-0-test' of ssh:// into 4-0-local
(This used to be commit d50b76ed71ab6bc8e63926540638df5af10202ae)

12 years agobuild: compile_et also needs inet_aton()
Stefan Metzmacher [Thu, 13 Mar 2008 15:26:37 +0000 (16:26 +0100)]
build: compile_et also needs inet_aton()

(This used to be commit b6bcd66612eb3e507da94eb6f05e5d0317a8276c)

12 years agobuild: we don't rely on bash yet:-) '==' should be just '='
Stefan Metzmacher [Thu, 13 Mar 2008 14:55:56 +0000 (15:55 +0100)]
build: we don't rely on bash yet:-) '==' should be just '='

(This used to be commit 17997dd9bcd385fcf27646d832ad824cc2a0800a)

12 years agofix build of asn1_compile when there is no system inet_aton() function.
Michael Adam [Thu, 13 Mar 2008 13:30:23 +0000 (14:30 +0100)]
fix build of asn1_compile when there is no system inet_aton() function.

(This used to be commit f1c2207b3d9411eac27cb85891f62e9d05bf5118)

12 years agoconfigure: when detecting python we should disable pyconfig.h
Stefan Metzmacher [Thu, 13 Mar 2008 13:27:10 +0000 (14:27 +0100)]
configure: when detecting python we should disable pyconfig.h

This fixes the detection on HP-UX where the pyconfig.h contains
bogus defines.

(This used to be commit 9391f6f80461be2b214a881782aecf7df8a4aba3)

12 years agoRework SAMR functions to avoid gendb_search()
Andrew Bartlett [Thu, 13 Mar 2008 06:26:01 +0000 (17:26 +1100)]
Rework SAMR functions to avoid gendb_search()

The gendb_*() API does not return error codes, and mixes error returns
with the count of returned entries.

Andrew Bartlett
(This used to be commit facbc8dfa5188fdd610f400b5be6e05bc33b0820)

12 years agoDon't use 'dn', this attribute does not exist with the LDAP backend,
Andrew Bartlett [Thu, 13 Mar 2008 05:35:53 +0000 (16:35 +1100)]
Don't use 'dn', this attribute does not exist with the LDAP backend,
or in AD.

Andrew Bartlett
(This used to be commit a3e1f2830679a56366f0080115de504cdb0144f7)

12 years agoShow why a LookupName fails (help debugging)
Andrew Bartlett [Thu, 13 Mar 2008 05:35:11 +0000 (16:35 +1100)]
Show why a LookupName fails (help debugging)

Andrew Bartlett
(This used to be commit 9bfc4757887ceabb4c621d62c140515794679250)

12 years agoReport binding in libnet failure message.
Andrew Bartlett [Thu, 13 Mar 2008 03:13:31 +0000 (14:13 +1100)]
Report binding in libnet failure message.

Andrew Bartlett
(This used to be commit def46f6852075e1efe2bb7c5a7cffa5defdbb4ee)

12 years agoBail out, rather than segfault on no domain sid.
Andrew Bartlett [Thu, 13 Mar 2008 03:12:50 +0000 (14:12 +1100)]
Bail out, rather than segfault on no domain sid.

Andrew Bartlett
(This used to be commit 7e85f318b571d1a909dffad0ecd661468ed497ca)

12 years agoCorrectly normalise records against OpenLDAP.
Andrew Bartlett [Thu, 13 Mar 2008 03:12:18 +0000 (14:12 +1100)]
Correctly normalise records against OpenLDAP.

Fixing this simple typo allows more of the ldap.js test to pass.

Andrew Bartlett
(This used to be commit 7c80cd18d5cd9cbf32dac15a4734f5a3c67cd0e7)

12 years agoDon't search the whole tree for the domains's sid
Andrew Bartlett [Thu, 13 Mar 2008 03:11:06 +0000 (14:11 +1100)]
Don't search the whole tree for the domains's sid

This change removes a dependency on objectclass=domainDNS, and avoids
a subtree search when we really know exactly where this record is.

Andrew Bartlett
(This used to be commit 52947fc0c019e57438a21e54953601b6cc08eb49)

12 years agoRework to have member server 'domains' be CN=NETBIOSNAME
Andrew Bartlett [Thu, 13 Mar 2008 00:36:58 +0000 (11:36 +1100)]
Rework to have member server 'domains' be CN=NETBIOSNAME

This reworks quite a few parts of our provision system to use
CN=NETBIOSNAME as the domain for member servers.

This makes it clear that these domains are not in the DNS structure,
while complying with our own schema (found by OpenLDAP's schema

Andrew Bartlett
(This used to be commit bda6a38b055fed2394e65cdc0b308a1442116402)

12 years agoDon't segfault on invalid objectClass input.
Andrew Bartlett [Wed, 12 Mar 2008 23:27:09 +0000 (10:27 +1100)]
Don't segfault on invalid objectClass input.

If the objectClass found does not include a defaultSecurityDescriptor,
then we should not segfault in the SDDL parser.

Andrew Bartlett
(This used to be commit 5a92771fb55149fcf24f21f30e4c6a622bef44f8)

12 years agoMerge branch 'v4-0-test' of git:// into 4-0-local
Andrew Bartlett [Wed, 12 Mar 2008 23:00:57 +0000 (10:00 +1100)]
Merge branch 'v4-0-test' of git:// into 4-0-local
(This used to be commit e9567e39106efb7443ed2c5df3492208b1c1d766)

12 years agoUpdate the provision scripts and selftest for LDAP
Andrew Bartlett [Wed, 12 Mar 2008 22:55:06 +0000 (09:55 +1100)]
Update the provision scripts and selftest for LDAP

This should allow us to provision onto an OpenLDAP backend again.

Also ensure we always have a sysvol and netlogon share in the selftest

Andrew Bartlett
(This used to be commit b2d9b03ba3434e76d4d476233a198728523d17f9)

12 years agoDon't talloc_free() the UUID before we return.
Andrew Bartlett [Wed, 12 Mar 2008 22:53:32 +0000 (09:53 +1100)]
Don't talloc_free() the UUID before we return.

This error caused us to put a 0x80 byte at the end of GUID, which was
only detected by OpenLDAP's schema checking.

Andrew Bartlett
(This used to be commit fd99b7719bcb503e2695b2cbad0230fa23a094ca)

12 years agoUpgrade provision-backend to python.
Andrew Bartlett [Wed, 12 Mar 2008 21:08:05 +0000 (08:08 +1100)]
Upgrade provision-backend to python.

This required a large rework of the provision code, so as to move much
of the 'guess' logic into subprocedures, rather than just inline in
the provision code.

Andrew Bartlett
(This used to be commit a0754c2a857217ca831c2295b17255d8f38dfbc2)

12 years agopvfs_open: retry pvfs_open() after an EGAIN or EWOULDBLOCK from open()
Stefan Metzmacher [Wed, 12 Mar 2008 13:02:11 +0000 (14:02 +0100)]
pvfs_open: retry pvfs_open() after an EGAIN or EWOULDBLOCK from open()

In case a unix application as an oplock or share mode on
a file we need to retry periodicly as there's no way
to get a notification from the kernel when the oplock
is released.

(This used to be commit 4d40f3a02643b4cdacee31f0b7bc9fc77cc9869a)

12 years agopvfs_open: pass O_NONBLOCK to open() so that we'll not block with kernel oplocks
Stefan Metzmacher [Mon, 10 Mar 2008 11:48:02 +0000 (12:48 +0100)]
pvfs_open: pass O_NONBLOCK to open() so that we'll not block with kernel oplocks

(This used to be commit eeb0b8c349552517b521f1b8d7d9341e0ef630f2)

12 years agoopendb_tdb: use sys_lease to setup kernel oplocks
Stefan Metzmacher [Fri, 7 Mar 2008 11:21:11 +0000 (12:21 +0100)]
opendb_tdb: use sys_lease to setup kernel oplocks

(This used to be commit e473068bddfaa9028ab8ee49291035313b35fed3)

12 years agontvfs/sysdep: implement linux kernel oplocks based F_SETLEASE
Stefan Metzmacher [Fri, 7 Mar 2008 11:19:06 +0000 (12:19 +0100)]
ntvfs/sysdep: implement linux kernel oplocks based F_SETLEASE

(This used to be commit 3f165d3114519c317b9e7c871bb61d4fcbb8fb09)

12 years agontvfs/sysdep: add sys_lease abstraction to later support kernel oplocks
Stefan Metzmacher [Fri, 7 Mar 2008 11:19:06 +0000 (12:19 +0100)]
ntvfs/sysdep: add sys_lease abstraction to later support kernel oplocks

(This used to be commit b399f0c872f32bb791da196102a5872c20e62100)

12 years agopvfs_open: pass down &f->handle->fd to odb_open_file()
Stefan Metzmacher [Sat, 8 Mar 2008 08:20:08 +0000 (09:20 +0100)]
pvfs_open: pass down &f->handle->fd to odb_open_file()

(This used to be commit 80f5f9362100b971fa12ffee33705b745131770e)

12 years agoopendb: pass down a pointer to the fd in odb_open_file()
Stefan Metzmacher [Sat, 8 Mar 2008 08:12:09 +0000 (09:12 +0100)]
opendb: pass down a pointer to the fd in odb_open_file()

This prepares kernel oplock support.

(This used to be commit 9db9b6d85d80a8aaa8bd432afaef9bb634d7364d)

12 years agontvfs/cifs: fix the fnum on RAW_RENAME_NTTRANS
Stefan Metzmacher [Wed, 12 Mar 2008 16:34:16 +0000 (17:34 +0100)]
ntvfs/cifs: fix the fnum on RAW_RENAME_NTTRANS

(This used to be commit b43f1a53dd185cc51a3fb8a18e311abb77c2a7c9)

12 years agopvfs_rename: implement RAW_RENAME_NTTRANS as noop as w2k3
Stefan Metzmacher [Wed, 12 Mar 2008 14:12:26 +0000 (15:12 +0100)]
pvfs_rename: implement RAW_RENAME_NTTRANS as noop as w2k3

(This used to be commit 40563583f7ef3d8d1a3426c6c12eaecd18af215c)

12 years agoRAW-RENAME: w2k3 just ignores a NTTRANS-RENAME!
Stefan Metzmacher [Wed, 12 Mar 2008 14:10:57 +0000 (15:10 +0100)]
RAW-RENAME: w2k3 just ignores a NTTRANS-RENAME!

(This used to be commit cd1b8efc5d8dc1eec03fe1bf1eb58dbded9584eb)

12 years agoRAW-STREAMS: do a exit on the session after each sub tests
Stefan Metzmacher [Wed, 12 Mar 2008 13:21:50 +0000 (14:21 +0100)]
RAW-STREAMS: do a exit on the session after each sub tests

(This used to be commit 3f7fef8b8c567379649611637d69c89d77d11d6c)

12 years agoRAW-STREAMS: do what the comments say
Stefan Metzmacher [Wed, 12 Mar 2008 13:21:21 +0000 (14:21 +0100)]
RAW-STREAMS: do what the comments say

(This used to be commit eb68a8ed4fa214ad2e858a7fbdf9b5376cda6e04)

12 years agoAdded test_nttransrename() to test Metze's new code.
Jeremy Allison [Tue, 11 Mar 2008 22:27:08 +0000 (15:27 -0700)]
Added test_nttransrename() to test Metze's new code.
(This used to be commit 4556fafede8691c6a12670695ff108e9e59aff98)

12 years agoRAW-SEARCH: skip RESUME_KEY tests against samba3
Stefan Metzmacher [Tue, 11 Mar 2008 20:58:29 +0000 (21:58 +0100)]
RAW-SEARCH: skip RESUME_KEY tests against samba3

(This used to be commit ca5b37747107bd2941f7415fe609c8293a6b5f7c)

12 years agoSamba3.2 now passes a lot more tests - remove the S3 specific
Jeremy Allison [Tue, 11 Mar 2008 20:39:04 +0000 (13:39 -0700)]
Samba3.2 now passes a lot more tests - remove the S3 specific
(This used to be commit a70719d579a7eefbfd973267b95a87aaa6b649b0)

12 years agoSamba3 now passes the test_raw_oplock_exclusive3 test.
Jeremy Allison [Tue, 11 Mar 2008 19:37:20 +0000 (12:37 -0700)]
Samba3 now passes the test_raw_oplock_exclusive3 test.
(This used to be commit b2007956aa4534f22ad7fd85b0aee0be769548ae)

Stefan Metzmacher [Tue, 11 Mar 2008 18:29:18 +0000 (19:29 +0100)]

(This used to be commit 6dc280731d071681b635a2f091be2b153a902080)

12 years agosmb_server: pass down RAW_RENAME_NTTRANS to the ntvfs layer
Stefan Metzmacher [Tue, 11 Mar 2008 18:28:34 +0000 (19:28 +0100)]
smb_server: pass down RAW_RENAME_NTTRANS to the ntvfs layer

(This used to be commit 80711c03e0e8fba6f80261facd939ef00e06c7fd)

12 years agoevents_signal: pass down the correct siginfo_t struct to the event handler
Stefan Metzmacher [Mon, 10 Mar 2008 11:46:17 +0000 (12:46 +0100)]
events_signal: pass down the correct siginfo_t struct to the event handler

(This used to be commit 4b071236867ca5c2c0451ad3acc8a9debb0549e4)

12 years agolibcli/raw: add RAW_RENAME_NTTRANS support
Stefan Metzmacher [Tue, 11 Mar 2008 18:11:57 +0000 (19:11 +0100)]
libcli/raw: add RAW_RENAME_NTTRANS support


Signed-off-by: Stefan Metzmacher <>
(This used to be commit bfe773a620640fa46efe008f38144f5452350825)

12 years agoTest trans2 renames with oplocks. It looks like trans2 renames
Jeremy Allison [Tue, 11 Mar 2008 17:21:09 +0000 (10:21 -0700)]
Test trans2 renames with oplocks. It looks like trans2 renames
ignore share modes and oplock breaks :-(.
(This used to be commit a8a5339cf2ca218668f888eced5ffe7ce059553c)

12 years agoFix provision script to work without smb.conf location specified.
Andrew Bartlett [Tue, 11 Mar 2008 03:41:10 +0000 (14:41 +1100)]
Fix provision script to work without smb.conf location specified.

Andrew Bartlett
(This used to be commit b4da374a998caac18c288a0a6e3fcd2c50cbffa7)

12 years agoExtend testsuite to cover specifying a domain SID.
Andrew Bartlett [Tue, 11 Mar 2008 03:21:53 +0000 (14:21 +1100)]
Extend testsuite to cover specifying a domain SID.

Andrew Bartlett
(This used to be commit edb7af0685983543c321e3d8b90f6ae07af2e4e3)

12 years agoMake error handling in ldb more consistant.
Andrew Bartlett [Tue, 11 Mar 2008 03:20:42 +0000 (14:20 +1100)]
Make error handling in ldb more consistant.

This change ensures we give an immidiate error if the DN won't parse.

Also clean up strcmp use to be more standard.

Andrew Bartlett
(This used to be commit 1b15f374a89b99f3c43d9c2ce06dde9c67383e66)

12 years agoopendb_tdb: keep struct opendb_file arround for the lifetime of struct odb_lock
Stefan Metzmacher [Sat, 8 Mar 2008 07:55:12 +0000 (08:55 +0100)]
opendb_tdb: keep struct opendb_file arround for the lifetime of struct odb_lock

That means we only have to parse the record once
and as the tdb record is locked the in memory copy
is always the same as the one in the tdb.

(This used to be commit 0641a43cd6fd081cac0275f5bde2ad70fa6a71bb)

12 years agoopendb_tdb: correctly initialize modified to false
Stefan Metzmacher [Sat, 8 Mar 2008 07:58:41 +0000 (08:58 +0100)]
opendb_tdb: correctly initialize modified to false

Otherwise this variable would never change its value...

(This used to be commit 5b13a564b8459c3134a43e1d4b4a791e33108b1b)

12 years agowe now define PACKAGE_BUGREPORT in config.h
Stefan Metzmacher [Sat, 8 Mar 2008 08:20:55 +0000 (09:20 +0100)]
we now define PACKAGE_BUGREPORT in config.h

(This used to be commit 4afd4058e30e0754a56100e691486139f149e3a3)

12 years agopvfs_open: fix the odb_open_file() callers
Stefan Metzmacher [Fri, 7 Mar 2008 17:28:48 +0000 (18:28 +0100)]
pvfs_open: fix the odb_open_file() callers

(This used to be commit 5fdca988c687f58fe2fddd3c8eff5f461207065b)

12 years agoopendb: force odb_can_open() before odb_open_file()
Stefan Metzmacher [Fri, 7 Mar 2008 17:23:34 +0000 (18:23 +0100)]
opendb: force odb_can_open() before odb_open_file()

Now there's only odb_can_open() which handles the
share_access rules.

And odb_open_file() only adds the new opendb_entry into the
database and calculates the granted oplock level.

(This used to be commit db0853ae4fead34ef382bbfcfe2f46453ab8b73b)

12 years agopvfs_open: always call odb_can_open() before odb_open_file()
Stefan Metzmacher [Fri, 7 Mar 2008 16:50:17 +0000 (17:50 +0100)]
pvfs_open: always call odb_can_open() before odb_open_file()

odb_open_file() will later change to not redo the logic of

(This used to be commit b09a1461ac595be1b6530221b7df5211084884cc)

12 years agoopendb_tdb: pass down struct messaging_context directly to odb_oplock_break_send()
Stefan Metzmacher [Fri, 7 Mar 2008 09:33:57 +0000 (10:33 +0100)]
opendb_tdb: pass down struct messaging_context directly to odb_oplock_break_send()

(This used to be commit c993b07f7d5caf290ccb9ca81961aa35a3ed1f02)

12 years agovfs_cifs: disable level2 oplocks if the frontend client doesn't support them
Stefan Metzmacher [Fri, 7 Mar 2008 18:12:14 +0000 (19:12 +0100)]
vfs_cifs: disable level2 oplocks if the frontend client doesn't support them

(This used to be commit a63910e8e5c075aff45b8eb0d246d2823f09bb9c)

12 years agoRerun SWIG.
Jelmer Vernooij [Fri, 7 Mar 2008 17:20:12 +0000 (18:20 +0100)]
Rerun SWIG.
(This used to be commit e384aac5c8156c7f056c70b1caab0778f8fc52b6)

12 years agotorture: fix escape sequence in test_chkpath().
Michael Adam [Fri, 7 Mar 2008 14:00:37 +0000 (15:00 +0100)]
torture: fix escape sequence in test_chkpath().

(This used to be commit d92597d29caf76e1c8d0858f066d7a30143392e9)

12 years agoconfigure: Add major version 4 to AC_INIT call.
Michael Adam [Fri, 7 Mar 2008 13:59:19 +0000 (14:59 +0100)]
configure: Add major version 4 to AC_INIT call.

(This used to be commit 3a9514def21c448d344648d4a28f658fbcfc07eb)

12 years agoTreat maxPwdAge == 0 as passwords never expire.
Andrew Kroeger [Fri, 7 Mar 2008 11:56:04 +0000 (05:56 -0600)]
Treat maxPwdAge == 0 as passwords never expire.
(This used to be commit d28f2cb678b334086f601505c88e56b9c1ee559d)

12 years agoEnhance mappings of NTSTATUS to KRB5KDC errors.
Andrew Kroeger [Thu, 6 Mar 2008 12:08:32 +0000 (06:08 -0600)]
Enhance mappings of NTSTATUS to KRB5KDC errors.

The enhanced mappings allow the Windows client to determine whether a user's
password needs to be changed (and allows them to change it), or if they cannot
logon at all.

Changes still need to be made to allow additional data to be returned.  Windows
uses that additional data to display more detailed dialogs to the user.  The
additional information is returned in an e-data struct of type PA-PW-SALT that
contains the more-detailed NTSTATUS error code.
(This used to be commit 6a98e5a7aa0cdbb61358901df50162b5b914ee5c)

12 years agoUpdate account expiration to use new samdb_result_account_expires() function.
Andrew Kroeger [Thu, 6 Mar 2008 12:07:28 +0000 (06:07 -0600)]
Update account expiration to use new samdb_result_account_expires() function.
(This used to be commit 2b6b4e5a1611744eea5dd9ec17c416916d7edab4)

12 years agoAdd samdb_result_account_expires() function.
Andrew Kroeger [Thu, 6 Mar 2008 12:02:46 +0000 (06:02 -0600)]
Add samdb_result_account_expires() function.

Windows uses 2 different values to indicate an account doesn't expire: 0 and
9223372036854775807 (0x7FFFFFFFFFFFFFFFULL).

This function looks up the value of the accountExpires attribute and if the
value is either value indicating the account doesn't expire,

This simplifies the tests for account expiration.  There is no need to check
elsewhere in the code for both values, therefore a simple greater-than
expression can be used.
(This used to be commit 7ce5575a3a40cca4a45ec179a153f7e909065a87)

12 years agoaccountExpires: Windows default is 9223372036854775807, not -1.
Andrew Kroeger [Thu, 6 Mar 2008 11:56:49 +0000 (05:56 -0600)]
accountExpires: Windows default is 9223372036854775807, not -1.
(This used to be commit be47cc7fdfa3cae0508e564f38b793aa27b6eb92)

12 years agoUse 32 bit storage for nttrans counts
Amin Azez [Fri, 7 Mar 2008 10:55:49 +0000 (10:55 +0000)]
Use 32 bit storage for nttrans counts

Erroneous 16bit storage for nttrans counts meant that nttrans behaved
"strangely" for sizes of over 64K

As 32 bit is used in the SMB message and specified in
section 3.13.2
this fix changes storage to match.

Signed-off-by: Amin Azez <>
(This used to be commit d66b6c3823f003875e3b7cdf63617a894cceadf9)

12 years agoTry to fix up part of the upgrade test.
Andrew Bartlett [Fri, 7 Mar 2008 08:20:39 +0000 (19:20 +1100)]
Try to fix up part of the upgrade test.

There are still problems with the upgrade test, but these are not
related to the provision system.

Andrew Bartlett
(This used to be commit d331bc400fb138bc43be88d0ca8ab3bcd590d2cd)

12 years agoRework provision scripts for more testing
Andrew Bartlett [Thu, 6 Mar 2008 23:57:52 +0000 (10:57 +1100)]
Rework provision scripts for more testing

This fixes up some issues with testdir (was not honoured) and
increases test coverage.

We now check all the major provision modes.  In doing so, to make it
possible to call from the multiple layers of 'sh', I have allowed 'dc'
to alias 'domain controller' and 'member' to alias 'member server'.
Fighting shell quoting in the test system was just too hard...

Also fix

Andrew Bartlett
(This used to be commit 0923de12282b0e063dd73bc3e056dd5c3663c190)

12 years agoFixup the NET-API-USERMOD test.
Andrew Bartlett [Thu, 6 Mar 2008 22:05:24 +0000 (09:05 +1100)]
Fixup the NET-API-USERMOD test.

This test needed to be updated to handle the fact that you cannot
clear the ACB_PW_EXPIRED bit, and to always use the torture comment
functions (not printf directly).

Andrew Bartlett
(This used to be commit 2211476bbb3d8e5bca9659e886e559a36f40aff4)

12 years agoMerge branch 'v4-0-test' of git:// into 4-0-local
Andrew Bartlett [Thu, 6 Mar 2008 20:38:44 +0000 (07:38 +1100)]
Merge branch 'v4-0-test' of git:// into 4-0-local
(This used to be commit a6997c333cdd68dfba8a069df448836ff487787f)

12 years agoStart to rework provision for LDAP backends
Andrew Bartlett [Thu, 6 Mar 2008 20:33:14 +0000 (07:33 +1100)]
Start to rework provision for LDAP backends

This is the start of the rework of the provision script to handle an
LDAP backend correctly.  For example, we must not set the 'tdb
modules' against an LDAP backend such as OpenLDAP that handles subtree

Andrew Bartlett
(This used to be commit e462a107d3bafcc546ca4d53dcc8eb32e4280745)

12 years agoIgnore Kerberos PAC type 12.
Günther Deschner [Thu, 6 Mar 2008 15:41:24 +0000 (16:41 +0100)]
Ignore Kerberos PAC type 12.

Until we worked out the PAC_TYPE_UNKNOWN_12 format (or received documentation)
ignore it so that the PAC parsing can proceed.

(cherry picked from commit 3630ec26c99fdea46c47117d026f9bffb2c4590a)
(This used to be commit 0c1ccbc183c1d2967da2d9a17033f3b116ff7387)

12 years agoSlowly making progress on PAC_UNKNOWN_12.
Günther Deschner [Thu, 6 Mar 2008 13:15:07 +0000 (14:15 +0100)]
Slowly making progress on PAC_UNKNOWN_12.

unknown1 and unknown2 are offset headers for the strings.

(cherry picked from commit 7af70e75b9abf92921f33ec4207ad486ee2493d6)
(This used to be commit ad19da7f83761948f379921560da34bb6a01e625)

12 years agoAdd new Windows 2008 Kerberos PAC Type 12 (apparently again undocumented).
Günther Deschner [Tue, 4 Mar 2008 11:26:05 +0000 (12:26 +0100)]
Add new Windows 2008 Kerberos PAC Type 12 (apparently again undocumented).

We need at least to parse this in order to correctly support kerberized session
setup from w2k8 as well as local pam_winbind logons using kerberos.

(cherry picked from commit 4ba62d49d740c43cf17ceef1534cf1c8a7e4a130)
(This used to be commit ef0971206cda598e6bfad2ff06a3d2e9e8131682)

12 years agoRAW-OPLOCK: rename _ack_to_levelII() -> ack_to_given()
Stefan Metzmacher [Thu, 6 Mar 2008 15:27:13 +0000 (16:27 +0100)]
RAW-OPLOCK: rename _ack_to_levelII() -> ack_to_given()

Also improve the output.

(This used to be commit d0b641a9ee36939468beb427bf6b15892342a33d)

12 years agoRAW-OPLOCK: add BATCH24 test another case with a connection with no CAP_LEVEL_II_OPLOCKS
Stefan Metzmacher [Thu, 6 Mar 2008 14:56:03 +0000 (15:56 +0100)]
RAW-OPLOCK: add BATCH24 test another case with a connection with no CAP_LEVEL_II_OPLOCKS

(This used to be commit 4fb2c9fb1f4e3ee23281ca83f8b91d252cbf53c7)

12 years agoRAW-OPLOCK: add BATCH23 and test with a connection with no CAP_LEVEL_II_OPLOCKS
Stefan Metzmacher [Thu, 6 Mar 2008 14:54:07 +0000 (15:54 +0100)]
RAW-OPLOCK: add BATCH23 and test with a connection with no CAP_LEVEL_II_OPLOCKS

(This used to be commit 2192d6d2bda2afd2ba1ed0cb68bdfe590b9d50af)

12 years agoRAW-OPLOCK: remove unused vars
Stefan Metzmacher [Thu, 6 Mar 2008 14:49:31 +0000 (15:49 +0100)]
RAW-OPLOCK: remove unused vars

(This used to be commit 0905f3ebd1cb1ac9cefc4272208add9e5a8d7f59)

12 years agopvfs_open: pass down allow_level_II_oplock to odb_open_file()
Stefan Metzmacher [Thu, 6 Mar 2008 14:48:31 +0000 (15:48 +0100)]
pvfs_open: pass down allow_level_II_oplock to odb_open_file()

(This used to be commit 7c9b269b0742d435055e21f7e6cc945c21c7e332)

12 years agoopendb: add allow_level_II_oplock parameter to odb_open_file()
Stefan Metzmacher [Thu, 6 Mar 2008 14:47:27 +0000 (15:47 +0100)]
opendb: add allow_level_II_oplock parameter to odb_open_file()

Not all clients support a fallback to level II oplocks.

(This used to be commit 146f1fe0b67ca0805f0e71358abc57da0c0579a9)

12 years agopvfs_open: fix crash/leak in case pvfs_setup_oplock() fails
Stefan Metzmacher [Thu, 6 Mar 2008 14:34:37 +0000 (15:34 +0100)]
pvfs_open: fix crash/leak in case pvfs_setup_oplock() fails

(This used to be commit 5563238782e825f64a22b5f9e0a7deb687f50b19)

12 years agontvfs: pass down the client capabilities into the ntvfs layer
Stefan Metzmacher [Thu, 6 Mar 2008 14:14:08 +0000 (15:14 +0100)]
ntvfs: pass down the client capabilities into the ntvfs layer

Note that we don't use any protocol specific values here.

others should be defined, when we find out that the ntvfs
layer needs to know about it.

(This used to be commit cc42cd5f6753ca582677fa6f403f0419eec5ab10)

12 years agolibcli/raw: make it possible to not send CAP_LEVEL_II_OPLOCKS
Stefan Metzmacher [Thu, 6 Mar 2008 14:11:16 +0000 (15:11 +0100)]
libcli/raw: make it possible to not send CAP_LEVEL_II_OPLOCKS

But the keep the default to always send it
when the server supports it too.

(This used to be commit 33caaef2e46557525a8ffb79d6dd0db46a079529)

12 years agoFix typo
Andrew Bartlett [Thu, 6 Mar 2008 11:04:46 +0000 (22:04 +1100)]
Fix typo
(This used to be commit e66be2f519584717abd7fc1f069bf7afe0d7ff60)

12 years agoEnsure we get this option from the command line, not the internal
Andrew Bartlett [Thu, 6 Mar 2008 11:03:10 +0000 (22:03 +1100)]
Ensure we get this option from the command line, not the internal
smb.conf we generate.

Andrew Bartlett
(This used to be commit 25887c87285b1b92ce5d7cc096da483c25a2fe6c)

12 years agoMerge branch 'v4-0-test' of git:// into 4-0-abartlet
Andrew Bartlett [Thu, 6 Mar 2008 11:02:25 +0000 (22:02 +1100)]
Merge branch 'v4-0-test' of git:// into 4-0-abartlet
(This used to be commit 2232255ce384433ff9626f2fd3d399f758b0add5)

12 years agoMake Samba4 pass the NET-API-BECOMEDC test against Win2k3 (again).
Andrew Bartlett [Thu, 6 Mar 2008 10:55:26 +0000 (21:55 +1100)]
Make Samba4 pass the NET-API-BECOMEDC test against Win2k3 (again).

To make Samba4, using the python provision system, pass this test
required some major rework.  Untested code is broken code, and some of
the refactoring for a seperate provision test (which also now passes)
broke things.

Similarly, the iconv work has compiled, but these codepaths have never
been run (NULL pointer de-reference).

In working to use a local, rather than global, loadparm context, and
to support using a target directory, a few things needed to be
reworked, particularly around path handling.

Andrew Bartlett
(This used to be commit 1169e8d7bee20477b0efbfea3534ac63c83fb3d6)

12 years agoldb_wrap: Debug at derived samba_level, not the level of the ldb debug enum.
Andrew Kroeger [Thu, 6 Mar 2008 06:03:18 +0000 (00:03 -0600)]
ldb_wrap: Debug at derived samba_level, not the level of the ldb debug enum.
(This used to be commit eb9a7c3b3a7f113ff58e2ebea9886f997da4e085)

12 years agoselftest: use the same oplocktimeout for smbtorture as for smbd
Stefan Metzmacher [Tue, 4 Mar 2008 13:24:27 +0000 (14:24 +0100)]
selftest: use the same oplocktimeout for smbtorture as for smbd

(This used to be commit 18e27aef7be9b21f65f72ab4c656778ce0c23953)

12 years agoRAW-OPLOCK: add BATCH22 and test the behavior of oplock break timeouts
Stefan Metzmacher [Tue, 4 Mar 2008 13:08:32 +0000 (14:08 +0100)]
RAW-OPLOCK: add BATCH22 and test the behavior of oplock break timeouts

(This used to be commit c459885898c9912df1ae5afff4fef2ff809dc15e)

12 years agoRAW-OPLOCK: add BATCH21: a self write with an oplock doesn't break it
Stefan Metzmacher [Tue, 4 Mar 2008 11:15:32 +0000 (12:15 +0100)]
RAW-OPLOCK: add BATCH21: a self write with an oplock doesn't break it

(This used to be commit a5476ee41c140123db160b2e36c8c7084619a738)

12 years agopvfs_oplock: auto release oplocks after a timeout
Stefan Metzmacher [Tue, 4 Mar 2008 13:16:17 +0000 (14:16 +0100)]
pvfs_oplock: auto release oplocks after a timeout

Remember that we sent an oplock break to
a client and don't resend. If the filesystem
layer tries to send a new break and the client
has not released after a former oplock break
after the timeout interval, we need to auto release
the oplock.

(This used to be commit bfb0888578677856b2b6b72471f542d0d5d7b838)

12 years agopvfs_oplock: only a break level2 oplocks...
Stefan Metzmacher [Tue, 4 Mar 2008 13:11:53 +0000 (14:11 +0100)]
pvfs_oplock: only a break level2 oplocks...

It seems that I've tested this in the wrong way before.

(This used to be commit 21772fa33d772a9df6ff04a0ed1b0d8f4f533295)

12 years agopvfs_oplock: move pvfs_oplock_release() parts into a helper function
Stefan Metzmacher [Tue, 4 Mar 2008 13:10:13 +0000 (14:10 +0100)]
pvfs_oplock: move pvfs_oplock_release() parts into a helper function

(This used to be commit 2b8934e4ab2dd9673928a6c9a291aedac1ebaa95)