Alexander Bokovoy [Wed, 6 Feb 2013 08:43:16 +0000 (10:43 +0200)]
source3/wscript: support 'pdb_ldap' module in configure
While PASSDB module ldapsam is called pdb_ldapsam internally,
support specifying 'pdb_ldap' during configure step.
This should make transition to pdb_ldapsam transparent to distributions.
Reviewed-by: Andreas Schneider <asn@samba.org>
Andreas Schneider [Mon, 28 Jan 2013 15:16:42 +0000 (16:16 +0100)]
Rename pdb_ldap to pdb_ldapsam
This patch moves pdb_ldap to pdb_ldapsam unconditionally
and makes possible to load ldapsam.so dynamically
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Alexander Bokovoy [Wed, 6 Feb 2013 08:17:57 +0000 (10:17 +0200)]
PIDL: fix parsing linemarkers in preprocessor output
When PIDL calls out to C preprocessor to expand IDL files
and parse the output, it filters out linemarkers and line control
information as described in http://gcc.gnu.org/onlinedocs/cpp/Preprocessor-Output.html
and http://gcc.gnu.org/onlinedocs/cpp/Line-Control.html#Line-Control
With gcc 4.8 stdc-predef.h is included automatically and linemarker for the
file has extended flags that PIDL couldn't parse ('system header that needs to
be extern "C" protected for C++')
Thanks to Jakub Jelinek <jakub@redhat.com> for explanation of the linemarker format.
Fixes https://bugzilla.redhat.com/show_bug.cgi?id=906517
Reviewed-by: Andreas Schneider <asn@samba.org>
Samba-JP oota [Wed, 6 Feb 2013 08:04:16 +0000 (09:04 +0100)]
docs: Add missing ")".
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Reviewed-by: Karolin Seeger <kseeger@samba.org>
Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Wed Feb 6 10:47:11 CET 2013 on sn-devel-104
Christian Ambach [Tue, 29 Jan 2013 16:19:17 +0000 (17:19 +0100)]
s3:auth small optimization in create_token_from_sid
save some calls to lp_idmap_default_range(), calling it
once is enough
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Tue Feb 5 19:14:25 CET 2013 on sn-devel-104
Michael Adam [Wed, 30 Jan 2013 14:50:52 +0000 (15:50 +0100)]
s3:net: reduce indentation in net idmap delete for symmetry and consistency
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
Michael Adam [Wed, 30 Jan 2013 14:46:47 +0000 (15:46 +0100)]
s3:net: introduce a talloc stackframe for net idmap delete
this simplifies the freeing at the end
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
Christian Ambach [Fri, 7 Dec 2012 12:43:57 +0000 (13:43 +0100)]
s3:net_idmap_delete do not lock two records at the same time
the lock order check will prohibit this and as we are running inside
a transaction there is no need to lock the records before deleting them
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Christian Ambach <ambi@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Tue, 29 Jan 2013 12:34:26 +0000 (13:34 +0100)]
s3:net idmap: use lp_idmap_default_backend() now that we have it.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
Michael Adam [Tue, 29 Jan 2013 12:26:11 +0000 (13:26 +0100)]
s3:param: add new lp_idmap_default_backend()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
Michael Adam [Tue, 29 Jan 2013 12:24:20 +0000 (13:24 +0100)]
s3:param: introduce new lp_idmap_backend() that takes the domain
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
Michael Adam [Mon, 28 Jan 2013 14:41:13 +0000 (15:41 +0100)]
s3:param: add a comment
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
Michael Adam [Mon, 28 Jan 2013 13:35:53 +0000 (14:35 +0100)]
s3:param: remove unused function lp_idmap_backend()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
Michael Adam [Mon, 28 Jan 2013 13:29:21 +0000 (14:29 +0100)]
s3:net idmap: remove call to lp_idmap_backend() - this is useless.
The variable behind lp_idmap_backend() is never set.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
Michael Adam [Mon, 28 Jan 2013 13:21:44 +0000 (14:21 +0100)]
s3:param: remove unused functions lp_idmap_uid() and lp_idmap_gid()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
Michael Adam [Mon, 28 Jan 2013 15:45:30 +0000 (16:45 +0100)]
s3:auth: use new lp_idmap_default_range() instead of lp_idmap_gid() in create_token_from_sid()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
Michael Adam [Mon, 28 Jan 2013 15:35:50 +0000 (16:35 +0100)]
s3:param: add utility function lp_idmap_default_range()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
Michael Adam [Mon, 28 Jan 2013 15:31:23 +0000 (16:31 +0100)]
s3:param: add a utility function lp_idmap_range() to get the configured range for a given domain.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
Michael Adam [Mon, 28 Jan 2013 13:18:48 +0000 (14:18 +0100)]
s3:param: remove an old comment (that is not up-to date any more)
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
Volker Lendecke [Thu, 20 Dec 2012 15:36:02 +0000 (16:36 +0100)]
tdb: Remove "header" from tdb_context
header.hash_size was the only thing we ever referenced outside of
tdb_open_ex and its direct callees. So this shrinks the tdb_context by
164 bytes.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Feb 5 13:18:28 CET 2013 on sn-devel-104
Volker Lendecke [Thu, 20 Dec 2012 15:14:23 +0000 (16:14 +0100)]
tdb: Pass argument "header" to check_header_hash
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Thu, 20 Dec 2012 15:14:23 +0000 (16:14 +0100)]
tdb: Pass argument "header" to tdb_new_database
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Mon, 4 Feb 2013 10:41:39 +0000 (11:41 +0100)]
samba-tool/domain provision: add support for utf-8 passwords for --adminpass
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Mon Feb 4 18:54:32 CET 2013 on sn-devel-104
Stefan Metzmacher [Mon, 4 Feb 2013 12:35:48 +0000 (13:35 +0100)]
samba-tool/user setpassword: fix help message
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Mon, 4 Feb 2013 10:41:39 +0000 (11:41 +0100)]
s4:scripting/python: add support for utf-8 passwords from the command line
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Michael Adam [Mon, 4 Feb 2013 12:10:34 +0000 (13:10 +0100)]
s3:dbrwap_ctdb: ZERO_STRUCT(rec) just to be sure in traverse_persistent_callback_read()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Mon, 4 Feb 2013 12:09:46 +0000 (13:09 +0100)]
s3:dbwrap_ctdb: ZERO_STRUCT(rec) just to be sure in traverse_read_callback()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Fri, 1 Feb 2013 07:48:00 +0000 (02:48 -0500)]
s3:dbwrap_ctdb: add "db_context" to "db_record"
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Fri, 1 Feb 2013 08:14:16 +0000 (03:14 -0500)]
s3:dbwrap_ctdb: setup result->name in db_open_ctdb()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Fri, 1 Feb 2013 08:13:35 +0000 (03:13 -0500)]
lib/dbwrap: talloc_strdup() name in db_open_file()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Mon, 4 Feb 2013 07:45:48 +0000 (08:45 +0100)]
lib/util: improve check_password_quality() to handle utf8
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Mon, 4 Feb 2013 08:19:54 +0000 (09:19 +0100)]
dsdb/util: rework samdb_check_password() to support utf8
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Mon, 4 Feb 2013 08:47:31 +0000 (09:47 +0100)]
dsdb/password_hash: rename variable 'stat' to 'vstat'
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Mon, 4 Feb 2013 08:18:59 +0000 (09:18 +0100)]
dsdb/password_hash: make sure that io->n.cleartext_utf8.data is a null terminated string
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Fri, 1 Feb 2013 12:14:05 +0000 (13:14 +0100)]
s3: use generate_random_password() instead of generate_random_str()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
David Disseldorp [Sun, 3 Feb 2013 16:06:37 +0000 (17:06 +0100)]
Revert "selftest: skip smb2.ioctl tests on ntvfs"
This reverts commit
cf27c2fbb6e7422cb962f4c63a53515321c65a70.
The following concerns were raised with regard to the relocation of
tests from selftest/knownfail to selftest/skip.
Andrew Bartlett <abartlet@samba.org> wrote:
Unless there is some entirely undesirable side-effect, this patch throws
away valuable testing, because it removes the test of the testsuite for
failure (ie, does the test work!), and it removes the documentation of
the difference between the servers (if someone did add some this to the
ntvfs server, it would never be tested).
It also removes a test that if this unimplemented functionality is
called, that we don't crash and die.
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Mon Feb 4 15:57:29 CET 2013 on sn-devel-104
Christian Ambach [Tue, 8 Jan 2013 16:10:27 +0000 (17:10 +0100)]
s3:modules remove gpfs_getacl_alloc
last caller has gone
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Feb 4 14:10:08 CET 2013 on sn-devel-104
Christian Ambach [Tue, 8 Jan 2013 16:10:10 +0000 (17:10 +0100)]
s3:modules use vfs_gpfs_getacl in gpfsacl_get_posix_acl
as preparation to remove gpfs_getacl_alloc()
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Christian Ambach [Tue, 8 Jan 2013 16:07:09 +0000 (17:07 +0100)]
s3:modules use vfs_gpfs_getacl in gpfsacl_set_nt_acl_internal
as preparation to remove gpfs_getacl_alloc()
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Christian Ambach [Tue, 8 Jan 2013 15:54:16 +0000 (16:54 +0100)]
s3:modules use vfs_gpfs_getacl in gpfs_get_nfs4_acl
as preparation to remove gpfs_getacl_alloc()
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Christian Ambach [Fri, 16 Nov 2012 21:58:06 +0000 (22:58 +0100)]
s3:torture/vfstest add memreport option
this will run a talloc_report_full on the talloc stackframe after each command
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Christian Ambach [Thu, 15 Nov 2012 14:25:52 +0000 (15:25 +0100)]
s3:torture/vfstest implement sys_acl_blob_get_fd
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Christian Ambach [Thu, 15 Nov 2012 14:19:07 +0000 (15:19 +0100)]
s3:torture/vfstest implement sys_acl_blob_get_file
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Christian Ambach [Tue, 30 Oct 2012 12:44:40 +0000 (13:44 +0100)]
s3:vfs_gpfs use non_posix_sys_acl_blob_get_*_helper
use the helper functions to return the blob based on the
raw GPFS ACL blob (if it is a NFSv4 ACL). If not, fall back
to the POSIX ACL code
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Christian Ambach [Mon, 5 Nov 2012 18:26:57 +0000 (19:26 +0100)]
s3:vfs_gpfs add a generic vfs_gpfs_getacl function
in contrast to gpfs_getacl_alloc which always puts the
ACL on talloc_tos(), this one allows to specify the memory
context and if the caller is interested in the raw ACL blob
or a structured version
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Christian Ambach [Tue, 8 Jan 2013 14:15:02 +0000 (15:15 +0100)]
s3:modules/vfs_gpfs add GPFS_GETACL_NATIVE define
this is not in the official GPFS header file, but can be found
in the GPL'd kernel module sources
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Christian Ambach [Tue, 30 Oct 2012 12:43:59 +0000 (13:43 +0100)]
s3:modules/non_posix_acls: only stat if we do not have it cached
most probably we already have the stat() information
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Christian Ambach [Tue, 30 Oct 2012 09:47:22 +0000 (10:47 +0100)]
s3:autoconf add non_posix_acls to NFS4ACL_OBJ
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Christian Ambach [Tue, 30 Oct 2012 09:45:23 +0000 (10:45 +0100)]
s3:autoconf introduce NFS4ACL_OBJ
use a definition instead of listing it separately
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Christian Ambach [Tue, 8 Jan 2013 16:56:50 +0000 (17:56 +0100)]
s3-waf:modules add non_posix_acls dependency to vfs_gpfs
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Wed, 24 Oct 2012 11:39:59 +0000 (22:39 +1100)]
vfs: Add helper function for non posix ACL modules
This handles the stat, and fills in the pre-supplied blob into a
wrapper sturcture that can then be returned to vfs_acl_common for
hashing.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
Andrew Bartlett [Wed, 24 Oct 2012 06:06:33 +0000 (17:06 +1100)]
idl: Provide a common wrapper for the data to hash for a non-POSIX ACL
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
Christian Ambach [Wed, 30 Jan 2013 10:00:48 +0000 (11:00 +0100)]
selftest: add a test that demonstrates how new ACL blob code helps
this test shows that a change to POSIX ACL->SD mapping behavior does not invalidate the stored SD
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Wed, 24 Oct 2012 06:03:41 +0000 (17:03 +1100)]
vfs_acl_common: Do not fetch the underlying NT ACL unless we need it
This avoids asking for the posix ACL on disk twice, and avoids running
a good deal of mapping code if it is not needed.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
Andrew Bartlett [Mon, 21 Jan 2013 01:45:14 +0000 (12:45 +1100)]
vfs: Whitespace fix only to get_nt_acl_internal indentation
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
Andrew Bartlett [Wed, 10 Oct 2012 05:36:47 +0000 (16:36 +1100)]
vfs: Implement an improved vfs_acl_common that uses the hash of the system ACL
Where supported by the system ACL backend, this avoids hashing the
result of the ACL mapping, instead hashing the original ACL,
linearlised.
For maximum robustness, the hash of the NT and system ACL are stored,
along with the time and a description of the system ACL. This variety
of extra metadata may assist some future implementation in determining
which hash to validate.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
Andrew Bartlett [Mon, 21 Jan 2013 01:43:00 +0000 (12:43 +1100)]
vfs: Add helper function hash_blob_sha256 to vfs_acl_common.c
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
Volker Lendecke [Sun, 3 Feb 2013 11:30:10 +0000 (12:30 +0100)]
Fix typo in warning message
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-By: Ira Cooper <ira@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Feb 4 11:48:25 CET 2013 on sn-devel-104
Stefan Metzmacher [Fri, 1 Feb 2013 14:50:08 +0000 (15:50 +0100)]
tevent_poll: add poll_event_loop_wait()
We can't use tevent_common_loop_wait() because new fd events
will be added to the poll_ev->fresh list instead of
ev->fd_events.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sun Feb 3 06:40:09 CET 2013 on sn-devel-104
Stefan Metzmacher [Fri, 1 Feb 2013 14:27:10 +0000 (15:27 +0100)]
tevent_poll: fix the usage of tevent_re_initialise()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Fri, 1 Feb 2013 14:56:34 +0000 (15:56 +0100)]
tevent_poll: call tevent_common_fd_destructor() from poll_fresh_fde_destructor()
We need to trigger the fde->close_fn().
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 31 Jan 2013 15:34:41 +0000 (16:34 +0100)]
tevent_poll: Avoid a crash in poll_event_set_fd_flags
The event context might have been freed before the fde
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 31 Jan 2013 15:34:41 +0000 (16:34 +0100)]
tevent_poll: Avoid a crash in poll_fresh_fde_destructor
The event context might have been freed before the fde
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 31 Jan 2013 15:31:45 +0000 (16:31 +0100)]
tevent_poll: NULL out fde->event_ctx for "fresh" poll fdes
This is done in tevent_common_context_destructor for the non-fresh
fdes already
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 31 Jan 2013 15:28:08 +0000 (16:28 +0100)]
tevent_poll: Use the poll_event_context_destructor always
This is in preparation for the next patch to NULL out the event_ctx
pointers in the poll_ev->fresh list
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 31 Jan 2013 15:25:23 +0000 (16:25 +0100)]
tevent_poll: Re-order routines
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 31 Jan 2013 13:33:15 +0000 (14:33 +0100)]
tevent_poll: Fix a crash in the poll backend
If tevent_add_fd is immediately followed by tevent_fd_set_flags, the poll
backend crashes. This was introduced when the poll backend was prepared
for the multi-threaded python extension.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Günther Deschner [Fri, 1 Feb 2013 16:41:00 +0000 (17:41 +0100)]
krb5pac: make sure to correctly store the highest relative pointer offset.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Fri Feb 1 21:19:28 CET 2013 on sn-devel-104
Günther Deschner [Thu, 13 Dec 2012 11:31:54 +0000 (12:31 +0100)]
s3-net: mention optional impersonation principal for PAC retrieval.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Günther Deschner [Fri, 1 Feb 2013 16:45:02 +0000 (17:45 +0100)]
s4-torture: make sure to deal with the highest relative pointer offset correctly.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Günther Deschner [Fri, 1 Feb 2013 16:44:16 +0000 (17:44 +0100)]
ndrdump: make sure to deal with the highest relative pointer offset correctly.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Thu, 31 Jan 2013 12:39:42 +0000 (13:39 +0100)]
s3:auth: wbcAuthenticateEx gives unix times (bug #9625)
We also need to convert last_logon, last_logoff and acct_expiry
from unix time to nt time.
Otherwise a windows member server will reject clients
using CAP_DYNAMIC_REAUTH or smb2) with STATUS_NETWORK_SESSION_EXPIRED,
if the logoff and kickoff time is expired.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Feb 1 18:42:42 CET 2013 on sn-devel-104
David Disseldorp [Thu, 31 Jan 2013 16:48:25 +0000 (17:48 +0100)]
selftest: skip smb2.ioctl tests on ntvfs
Rather than filtering via knownfail.
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Jan 31 19:39:25 CET 2013 on sn-devel-104
Volker Lendecke [Thu, 31 Jan 2013 14:46:43 +0000 (15:46 +0100)]
tevent: Fix a comment typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Autobuild-User(master): Richard Sharpe <sharpe@samba.org>
Autobuild-Date(master): Thu Jan 31 17:52:39 CET 2013 on sn-devel-104
Jeremy Allison [Tue, 29 Jan 2013 00:52:11 +0000 (16:52 -0800)]
Fix the compound tests to correctly pass against Windows when run with --signing=required.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.org>
Autobuild-User(master): Richard Sharpe <sharpe@samba.org>
Autobuild-Date(master): Thu Jan 31 03:53:55 CET 2013 on sn-devel-104
Jeremy Allison [Tue, 29 Jan 2013 00:51:25 +0000 (16:51 -0800)]
Add new function smbXcli_session_copy(), to be used when creating compound SMB2 requests.
Copies the signing state needed to make client compound requests work
on signed connections.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Volker Lendecke [Wed, 30 Jan 2013 14:53:27 +0000 (15:53 +0100)]
smbd: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
Autobuild-User(master): Christian Ambach <ambi@samba.org>
Autobuild-Date(master): Wed Jan 30 18:21:19 CET 2013 on sn-devel-104
Volker Lendecke [Tue, 15 Jan 2013 12:17:00 +0000 (13:17 +0100)]
smbd: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
Michael Adam [Tue, 22 Jan 2013 17:08:25 +0000 (18:08 +0100)]
s3:winbindd: change getpwsid() to return a passwd struct for a group sid id-mapped with ID_TYPE_BOTH
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Jan 29 23:46:19 CET 2013 on sn-devel-104
Michael Adam [Tue, 22 Jan 2013 16:39:44 +0000 (17:39 +0100)]
s3:winbindd: check the correct variable for talloc success in rpc_query_user()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Thu, 6 Dec 2012 23:55:18 +0000 (00:55 +0100)]
s3:winbindd:getgrnam: also produce a group struct for a user with ID_TYPE_BOTH
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Thu, 6 Dec 2012 21:02:32 +0000 (22:02 +0100)]
s3:winbindd: create group structs for gids that are coming from a user sid id-mapped with ID_TYPE_BOTH
This "fake" group contains exctly one member, namely the user that the sid is
actually belonging to.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Thu, 6 Dec 2012 17:06:49 +0000 (18:06 +0100)]
s3:winbindd: factor add_wbint_Principal_to_dict() out of wb_group_members_done()
for later reuse
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Fri, 7 Dec 2012 15:13:19 +0000 (16:13 +0100)]
s3:winbindd: fix a cut'n'paste comment typo in wb_fill_pwent
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Fri, 7 Dec 2012 00:12:11 +0000 (01:12 +0100)]
s3:winbindd: rename winbindd_getgrnam_lookupsid_done to winbindd_getgrnam_lookupname_done
That's what it is.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Christian Ambach [Fri, 7 Dec 2012 11:33:38 +0000 (12:33 +0100)]
s3:utils/net remove aclmapset command
this was made for the nfs4:sidmap code that has been removed, so
this subcommand can also go away
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Tue Jan 29 15:37:18 CET 2013 on sn-devel-104
Christian Ambach [Thu, 29 Nov 2012 20:40:15 +0000 (21:40 +0100)]
s3:net_idmap_dump support dumping autorid backend
- remember the type of idmapping database (tdb or autorid)
this allows to make rest of the code (e.g. dump) know which database-style it will encounter
- add a seperate dump function for autorid
- default to TDB if db-file is given on the command-line
Pair-Programmed-With: Ralph Wuerthner <ralph.wuerthner@de.ibm.com>
Signed-off-by: Christian Ambach <ambi@samba.org>
Signed-off-by: Ralph Wuerthner <ralph.wuerthner@de.ibm.com>
Reviewed-by: Michael Adam <obnox@samba.org>
Christian Ambach [Tue, 4 Dec 2012 14:11:50 +0000 (15:11 +0100)]
s3:net_idmap_dump add missing braces
see README.Coding
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Christian Ambach [Mon, 3 Dec 2012 13:15:40 +0000 (14:15 +0100)]
s3:net_idmap_dump remove obsolete support for tdb:idmap2.tdb parameter
this one got removed from idmap_tdb2 a while ago
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Christian Ambach [Thu, 29 Nov 2012 20:39:54 +0000 (21:39 +0100)]
s3:net_idmap_dump deal with idmap config * : backend config style
this is the new config style since Samba 3.6 and should be detected by net idmap dump
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Jeremy Allison [Fri, 25 Jan 2013 00:20:14 +0000 (16:20 -0800)]
Regression test for bug #9571 - Unlink after open causes smbd to panic
Replicates the protocol activity that triggers the crash.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Jan 28 15:33:17 CET 2013 on sn-devel-104
Pavel Shilovsky [Wed, 16 Jan 2013 11:02:26 +0000 (15:02 +0400)]
Fix bug #9571 - Unlink after open causes smbd to panic.
s3:smbd: fix wrong lock order in posix unlink
Signed-off-by: Pavel Shilovsky <piastry@etersoft.ru>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Jeremy Allison [Fri, 25 Jan 2013 18:21:48 +0000 (10:21 -0800)]
Fix bug #9588 - ACLs are not inherited to directories for DFS shares.
We can return with NT_STATUS_OK in an error code path. This
has a really strange effect in that it prevents the ACL editor
in Windows XP from recursively changing ACE entries on sub-directories
after a change in a DFS-root share (we end up returning a path
that looks like: \\IPV4\share1\xptest/testdir with a mixture
of Windows and POSIX pathname separators).
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Mon Jan 28 13:48:13 CET 2013 on sn-devel-104
Volker Lendecke [Sun, 27 Jan 2013 16:24:49 +0000 (17:24 +0100)]
smbcontrol: Fix undefined serverid_traverse_read warning
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Jan 28 11:51:12 CET 2013 on sn-devel-104
Volker Lendecke [Sun, 27 Jan 2013 16:24:31 +0000 (17:24 +0100)]
smbcontrol: Fix the build with libunwind
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Sun, 27 Jan 2013 10:09:39 +0000 (11:09 +0100)]
s4:service_task: add missing imessaging_cleanup() to task_server_terminate()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Sun Jan 27 15:50:30 CET 2013 on sn-devel-104
Stefan Metzmacher [Sun, 27 Jan 2013 10:01:07 +0000 (11:01 +0100)]
s4:service_task: prevent a segfault if task->msg_ctx is not initialized yet
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Sun, 27 Jan 2013 11:15:50 +0000 (12:15 +0100)]
selftest: rename 'promoted_vampire_dc' to 'promoted_dc'
Unix domain socket are limited to 104 characters on Linux.
Using something like this fails as it uses more than 104 characters:
'/memdisk/autobuild/flakey/
b232141/samba/bin/ab/promoted_vampire_dc/private/smbd.tmp/msg/msg.482379.
2147483647'
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Tue, 22 Jan 2013 12:39:15 +0000 (23:39 +1100)]
selftest: Add test of upgradeprovision using the old alpha13 tree
This ensures that upgradeprovision works as expected on a known good old database.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sun Jan 27 11:55:54 CET 2013 on sn-devel-104
Stefan Metzmacher [Fri, 25 Jan 2013 08:36:47 +0000 (09:36 +0100)]
samba_upgradeprovision: detect dns_backend for the reference provision
If we have a DomainDnsZone partition, we use BIND9_DLZ as backend
and fix errors in the ForestDnsZone and DomainDnsZone partitions.
Note: this should work fine also for SAMBA_INTERNAL.
If the current setup doesn't use dns specific partitions (e.g. alpha13 setups)
we pass dns_backend=BIND9_FLATFILE.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>