selftest: Enable samba.tests.dcerpc.array test

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

tests/dcerpc/array.py: test deletion of arrays

We expect an AttributeError.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Python pidl: avoid segfault with "del obj->attr"

Deleting an attribute in Python (using the "del" statement) is (at
some stages along a winding path, for C objects) converted into
setting the attribute to NULL. Not None, actual NULL. The way we
handled this NULL was to dereference it. This changes the behaviour to
raising an AttributeError, which is more or less what Python does in
similar situations with builtin objects.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

pytalloc: avoid double 0x0x in repr strings

The %p format puts one in itself.

Before: <drsblobs.repsFromTo2 talloc based object at 0x0x1b551e0>
After:  <drsblobs.repsFromTo2 talloc based object at 0x1b551e0>

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

pidl: Correct string handling to use talloc and be in common

The previous string handling assumed the python variables referenced
by PyString_AS_STRING had infinite life.  When they were re-used
the C structure started to point at unexpected things.

We now check correctly for Unicode in every case, and we always
duplicate the string with talloc_strdup()

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

join.py: Fetch the remote DC NTDS GUID early

This avoids touching the LDAP connection after the long replicate cycle, as it may
have timed out

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

selftest: Include a few more details in selftest and samba startup.

This helps us understand failure modes in selftest

Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>

repl_meta_data: Explain why time(NULL) is good enough here

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

ldb: Fix error string when renaming to an DN that already exists

We were printing the DN renamed from, not the DN being renamed to.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

source4/registry/local: avoid str_list_length() to check first element

We don't need to walk to the end of the list to find out if the first
one is NULL.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

dsdb schema_query: reduce calls to str_list_length

We were calling str_list_length(new_attrs) three times when one is
enough.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

dsdb/common/util: be careful about zero length string lists

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

dsdb/common/util: remove some unnecessary str_list_length()s

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

source4/param/pyparam.c: fix strange indentation

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

python/join.py: Avoid unchecked print in error path

In autobuild this print causes an IOError when stdout is dead,
which hides the exception you care about and prevents the actual
clean up.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

dsdb: Improve debug messages in operational module

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

dsdb: Clarify rename handling as to which record is being renamed

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

selftest: Wait 60 seconds for a RID alloc

This ensures we give it a reasonable enough chance to start up.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

selftest: Print a message when RID allocation fails

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

libcli/auth: let msrpc_parse() return talloc'ed empty strings

This make it more predictable for the callers.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11912
BUG: https://bugzilla.redhat.com/show_bug.cgi?id=1334356
BUG: https://launchpad.net/bugs/1578576

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon May  9 22:27:21 CEST 2016 on sn-devel-144

smbd: Remove an unused #define

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon May  9 17:20:22 CEST 2016 on sn-devel-144

heimdal: encode/decode kvno as signed integer

This patch changes the encoding/decoding of kvno (key version number)
in blobs and packets to signed integer, for compatibility with Windows.
Reportedly, MIT Kerberos does the same.

This patch effectively reverts commit 1124c4872dfb81bec9c4b527b8927ca35e39a599
in the heimdal tree.

According to the Kerberos spec (RFC 4120 5.2.9), the kvno field
in encrypted data object is an unsigned integer that fits in
32 bits. The Heimdal Kerberos component bundled with Samba
conforms to this. However, Windows deviates from the standard
and encodes kvno as a signed integer, and this creates
interoperability issues.

ASN.1 DER has no special encoding for unsigned integer. A 32-bit
unsigned integer is encoded as a signed integer, so while a signed
32-bit integer (covering the range of -0x80000000..0x7fffffff) is
encoded using up to 4 bytes, an unsigned integer (covering
0..0xffffffff) could require 5 bytes.

Normally, kvno for a given account starts at 1 and increments on
password changes. Kerberos defined this as unsigned because there's
no meaning for negative version numbers, so the standard writers figured
4 billion versions is better than 2 billion. It was not
expected for a kvno to really go past 0x7fffffff and the disctinction
usually does not matter. However, RODCs use kvnos which
have the most-significant bit set.

In Active Directory, RODCs have a private secret for the krbtgt,
because the assumption is that the RODC is less secure, and
recovering the domain krbtgt secret from the RODC would compromise
the security of the entire domain. The kvno field is being used
to identify the private krbtgt account that owns the key - the
upper 16 bits are the RODC id, and the lower 16 bits identify
the key version number for this specific RODC. It's common to
have an RODC id greater than 0x8000, and therefore to have a
kvno larger than 0x7fffffff, which would be DER-encoded using
5 bytes.

Windows encodes kvno as signed integer - basically taking the
32 bits and treating them as a signed integer rather than an
unsigned integer. This means that in Windows a kvno can
always be encoded using 4 bytes, and Windows DCs reject a kvno
encoded using more than 4 bytes without even generating an error
response (the DC assumes it's an attack).

Heimdal re-encodes the TGT when it creates a TGS request. Obviously
it cannot decode and encode the encrypted parts but it does re-encode
the plain parts, which include the kvno. That leads to a 5-byte
kvno in the TGS request, which is rejected without an error
response.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11900

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Sat May  7 21:14:21 CEST 2016 on sn-devel-144

init: set core file size to unlimited by default

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11907

Signed-off-by: Raghavendra Talur <rtalur@redhat.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jose A. Rivera <jarrpa@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Fri May  6 19:15:17 CEST 2016 on sn-devel-144

ctdb-recoverd: Fold IP allocation house-keeping into IP verification

Now all the IP takeover code for non-master node is in this function.
The function can always be renamed to something more suitable.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Fri May  6 15:10:59 CEST 2016 on sn-devel-144

ctdb-recoverd: Clean up local IP verification

Update log levels and messages, comments and wrapping of long lines.
No functional changes.

Note that interfaces_have_changed() already does adequate logging.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-recoverd: Skip known IP address checking when it is disabled

When public IP checking is disabled, verify_local_ip_allocation()
still retrieves known IP addresses and runs through a loop that does
nothing.

Instead, completely skip the retrieval and checking loop.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-recoverd: Check that IP failover is active in IP verification

This makes verify_local_ip_allocation() self-contained and simplifies
main_loop().

Due to indentation changes, this commit is most easily read when
ignoring whitespace.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-recoverd: Call election when necessary in recovery master validation

There is no need to return one of several states and then trigger an
election for one of those return states.  Have the recovery master
validation trigger the election directly and just return whether
monitoring should continue.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-recoverd: Simplify return values when updating local flags

Change this to return just 0 or -1.  It isn't monitoring anything.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-recoverd: Drop unreachable code

update_local_flags() never returns MONITOR_ELECTION_NEEDED, so drop
this entire if-statement.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-protocol: Drop unused CTDB_SRVID_TAKEOVER_RUN_RESPONSE

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-daemon: Don't use CTDB_SRVID_TAKEOVER_RUN_RESPONSE

Nobody registers a handler for this message type.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-recover: Avoid duplicate deferred attach processing

Deferred attach processing is done unconditionally at this point.  It
is then done again if recovery lock checking is done and completes
successfuly.  If the recovery lock checking fails then it should not
be done at all.

Move this processing so it is done with the early exit when the
recovery lock is not being used.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

examples/crackcheck: allow compilation with current builds

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Fri May  6 08:32:52 CEST 2016 on sn-devel-144

typo: mplementation => implementation

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

manpages: Markup led to missing space

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

WHATSNEW: Document "only user" removal

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri May  6 05:02:08 CEST 2016 on sn-devel-144

smbd: remove "only user" and "username" parameters

These have long been superseded by "valid users"

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Reset WHATSNEW.txt for 4.5.x series

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

talloc: version 2.1.7

* Fix memory leak when destructors reparent children. (bug #11901)

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu May  5 22:33:04 CEST 2016 on sn-devel-144

lib:talloc. Fix memory leak when destructors reparent children.

If a destructor reparents a child, we shouldn't exit the
loop freeing children as there may be others to process.

https://bugzilla.samba.org/show_bug.cgi?id=11901

Signed-off-by: Saji VR <saji.vr@nutanix.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Richard Sharpe <rsharpe@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu May  5 08:33:53 CEST 2016 on sn-devel-144

autobuild: fix typo in autobuild success subject line

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Thu May  5 04:15:16 CEST 2016 on sn-devel-144

vfs_fruit: add an option that allows disabling POSIX rename behaviour

https://bugzilla.samba.org/show_bug.cgi?id=11721

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu May  5 00:04:50 CEST 2016 on sn-devel-144

Correctly set cli->raw_status for libsmbclient in SMB2 code

The SMB2 file handling code wasn't correctly setting raw_status, which
is used by libsmbclient to report file open errors etc.

https://bugzilla.samba.org/show_bug.cgi?id=11276

Signed-off-by: Robin McCorkell <robin@mccorkell.me.uk>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

s3:libnet:libnet_join: add netbios aliases as SPNs

Add all listed smb.conf netbios aliases as SPNs to the machine account:

  HOST/NETBIOS_ALIAS@REALM

and

  HOST/netbios_alias.dnsdomain.name@REALM

Bug: https://bugzilla.samba.org/show_bug.cgi?id=1703

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed May  4 17:58:05 CEST 2016 on sn-devel-144

s3:smbd remove todo comments

as the service is set to be case insensitive for SMB2 now,
there is no need to set FLAG_CASELESS_PATHNAMES as flag

Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed May  4 05:00:36 CEST 2016 on sn-devel-144

selftest: test for case insensitivity over SMB2/SMB3

Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3:smbd/filename remove smelly code

not sure how this chunk ended up there, but I agree with
the statement in the comment that behavior should not depend
on developer mode

make test does not seem to depend on it anymore.

This piece had some bad influence on the tests I wrote
for case insensitivite behavior of SMB2/3, so let us
remove this technical debt.

Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3:smbd/service apply some code formatting

reduce indentation in switch statement, obey 80 char line limit, use C99 bool

Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3:smbd/service disable case-sensitivity for SMB2/3 connections

in SMB2, there is no flag to let us know if the client wants to have case-sensitive behavior,
so in Auto mode, disable case-sensitivity

Bug: https://bugzilla.samba.org/show_bug.cgi?id=11438
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

lib: Avoid includes.h in base64.c

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

lib: Give base64.c its own .h

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

lib: Remove SMB_ASSERT from base64_encode_data_blob

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

lib: Make callers of base64_encode_data_blob check for success

Quite a few callers already did check for !=NULL. With the current code this is
pointless due to a SMB_ASSERT in base64_encode_data_blob() itself. Make the
callers consistently check, so that we can remove SMB_ASSERT from base64.c.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

lib: =0 and |= is equivalent to =

Just a small simplication I thought might be nice

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

lib: The base64 chars are by definition single-byte :-)

Remove a dependency on charcnv

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

smbd: use remote arch caching

We're using the client guid as gencache db key, so this can only be used
with SMB 2_10 or higher.

The idea is that whenever we get a direct SMB2 negprot, we can then try
to see if a value is cached for the client's guid.

When a user logs off the cache entry is deleted.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3/lib: add remote arch caching

This allows caching the remote arch string in gencache. A subsequent
commit will use this in SMB2 negprot.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3/lib: add get_remote_arch_from_str()

This will be used when fetching remote arch from gencache.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3/lib: rework get_remote_arch_str() to use an array

By using C99 designated array initializers we can simplify the code and
remove the dependency on initializers appearing in a particular order.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

ldb-samba: Use ndr_pull_struct_blob_all_noalloc

This avoids pointless talloc() calls in a hot code path.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Tue May  3 11:43:15 CEST 2016 on sn-devel-144

libndr: Add ndr_pull_struct_blob_all_noalloc

This allows us to remove talloc() calls from GUID_from_ndr_blob().

To do this the struct ndr_pull is placed on the stack, and filled in there.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>

Fix formatting issue on 32bit with _FILE_OFFSET_BITS == 64

Usually off_t is the same as size_t, but not on a 32 bit machine where
_FILE_OFFSET_BITS is set to 64. In that case size_t stays 32 bit, and
off_t goes to 64.

This only affects debug messages.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>

.gitignore: don;t accidentally ignore some files

The previous first line of .gitignore ("bin/") correctly ignored the
bin/ directory, but it also ignored the git controlled content in
source4/scripting/bin.  The correct line is "/bin/", as explained in
these snippets from the gitignore documentation:

    If the pattern ends with a slash, it is removed for the purpose
    of the following description, but it would only find a match with
    a directory. In other words, foo/ will match a directory foo and
    paths underneath it, but will not match a regular file or a
    symbolic link foo (this is consistent with the way how pathspec
    works in general in Git).

    A leading slash matches the beginning of the pathname. For example,
    "/*.c" matches "cat-file.c" but not "mozilla-sha1/sha1.c".

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>

autobuild: Return the last 50 log lines

This means that you don't have to deal with tars for quickly determining
the cause of a failure.

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

VLV: test using restrictive expressions

This tests what happens with the VLV if the results are subject to
an expression.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

VLV: handle empty results correctly

The VLV was wrongly returning an operations error when the list of
results was empty.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

VLV: initialise struct using names for clarity

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

tests/dns_forwarder: Add additional testing for no flag recursive

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

tests/dns_forwarder: Add an extra test for inactive forwarders

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

tests/dns_forwarder: remove statically defined IPs

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

tests/dns: Add additional testing of CNAME handling

RFC 1034, for instance, describes that all intermediate CNAMEs should be
returned. As it is, CNAME do not return all found intermediate results
in the case of straightforward failure. It should be noted that in the
case of forwarding success, ALL intermediate paths are returned,
including the failure ones.

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

tests/dns_forwarder: Add testing for DNS forwarding

The new tests show that single and multiple forwarders work as expected.
They also describe the behaviour encountered when the DNS server
encounters a CNAME from a forwarded request (which is not to pursue any
further).

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Pair-programmed-with: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

dns: modify dns forwarder param to be multi-valued

This allows a secondary DNS forwarder for a trivial failover. Requests
which fail/timeout at the primary DNS forwarder will be restarted
entirely with the next forwarder in the list.

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

selftest: Remove an early return in the fl2003dc provision

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

dnsserver: Remove C++ style comment

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

dns: remove double talloc for strings

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

docs: Fix an outdated remark, tdbsam is default

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Tue May  3 08:08:31 CEST 2016 on sn-devel-144

ctdb-protocol: Return required buffer size in push functions

If the buffer size provided is not sufficient, then return the required
buffer length.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>

ctdb-client: Drop unnecessary discard_const

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>

ctdb-protocol: Use consistent names for function arguments

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>

ctdb-protocol: Drop buffer allocation from protocol push functions

This means that the packet allocation will happen just before push
functions are called.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>

ctdb-tests: Make sure the packet length matches the allocated size

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>

ctdb-protocol: Check arguments in ctdb_allocate_pkt

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>

ctdb-protocol: Expose function to allocate a packet

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>

ctdb-protocol: Fix marshalling of ctdb_reply_control

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>

ctdb-protocol: Use length routines for protocol elements

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>

ctdb-protocol: Add length routines for protocol elements

This follows the convention used for marshalling routines for ctdb data types.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>

ctdb-protocol: Use ctdb_req_header marshalling

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>

ctdb-protocol: Fix marshalling of ctdb_req_header

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>

ctdb-protocol: Use TDB_DATA marshalling

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>

ctdb-protocol: Fix marshalling of TDB_DATA

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>

ctdb-protocol: Use ctdb_string marshalling

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>

ctdb-protocol: Fix marshalling of ctdb_string

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>

ctdb-doc: Fix example NFS Ganesha recovery directory maintenance logic

This currently fails exactly when it is needed: when there is a
dangling link pointing into an unmounted filesystem.  This happens
because [ -e <dangling-link> ] returns false.  The solution is simply
to remove that check.

Now the first condition in the "if" statement catches the backward
compatibility case where $GANRECDIR used to be a directory.  It will
also catch other problems, such as if a file has been created in this
location.  If nothing exists then it will silently succeed (due to
-f).

The second case catches a symlink pointing to the wrong place (e.g. in
an unmounted filesystem).

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

Add build option for default smbpasswd location

Signed-off-by: Ivo De Decker <ivo.dedecker@ugent.be>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue May  3 04:42:24 CEST 2016 on sn-devel-144

ctdb/ltdbtool: Fix static declarations

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Apr 30 04:28:13 CEST 2016 on sn-devel-144

smbcacls: Do not read old ACL for 'set' operation

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

gensec: Change log level of message when no PAC is found

For a Samba server that uses a non-AD KDC this message is triggered on
every new connection. Change the log level from warning/1 to a more
appropriate notice/5.

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

winbindd: Remove unused prototypes for winbindd_group.c

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>