selftest: Add ldapcmp to ensure upgradeprovision of a fresh DB is a no-op

Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit d7936ee20c20635d62657cb821ff6dc4eb5fe33c)

selftest: Add in a provision from 4.0.0 to run tests against

Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit f1f36ad3517cd0e6bceb4b0cc37721a15be4d588)

selftest: Do an ldapcmp run against the upgraded domain

This checks (with a set of known issues marked in the --filter attribute) that the upgraded
domain matches a fresh provision.

Andrew Bartlett

Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 72f73ebaff8d75fc39770ec785964b0d3c9738cc)

samba-tool ldapcmp: Add support for checking DNSDOMAIN and DNSFOREST by default

Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 24c4d818d14c3931cf0cbff3070685fe409e66c6)

samba-tool dbcheck: fix msDS-HasInstantiatedNCs attributes to match instanceType on our ntdsDSA

This value is only a link to the local value of intanceType on our server, so only fix it for our server.

Andrew Bartlett

Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit f508435d23445a8b3076f89cbe042e2da1ac0701)

scripting: Correct parsing of binary DN

The DN is of the form B:8:01020304:DC=samba,DC=example,DC=com.  We need
to account for the case where the 8 is actually (say) 16, and so not just
one character.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 97389c3ec24526837e91fcfcaf7439491fcdb214)

subunit: Add a sh macro for skipping a test

Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 0180a027cbc9725ae13023ddfdb8079f147864c5)

samba-tool ldapcmp: Add --skip-missing-dn to not error on DNs present in one DB but not the other

This is needed to compare some parts of the database, particularly in --two mode, which
are just never going to have exactly the same DNs.

Andrew Bartlett

Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 606f5d6cc6b018259ba0306fe3b55e21b4b70fdb)

samba-tool domain classicupgrade: Fix typo in error path for multiple account flags

Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 161fa15697fab9effbe1db9640cece847dcf63cd)

samba-tool domain classicupgrade: Print a better error when the ldap backend PW was not found

Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 669c302f2d78ab4bbd35982373ae079246c8979d)

samba-tool dbcheck: fix comment on err_wrong_sd

Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 68f13f5d7e80f2041e140a12fc2f7139561c83ce)

Move python modules from source4/scripting/python/ to python/.

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sat Mar  2 03:57:34 CET 2013 on sn-devel-104
(cherry picked from commit 87afc3aee1ea593069322a49355dd8780d99e123)

build: Change bin/default/python -> bin/python symlink to bin/default/python_modules

This avoids a collision with the new top level python directory.

Andrew Bartlett
(cherry picked from commit 80fce353e740c793619005ac102ab07fb5e7d280)

build: Rename samba_python waf node to avoid duplicate name

This makes it clearer when debuging build issues.

Andrew Bartlett
(cherry picked from commit 2d13532cb3ad3a3deaee1f158408478284bc595a)

dsdb-descriptor: Avoid segfault copying an SD without an owner or group

This is an unusual SD, but it does exist is some very old upgraded databases.

Andrew Bartlett

Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Feb 22 11:06:17 CET 2013 on sn-devel-104
(cherry picked from commit e4d85fa73d3ce1f397fdd416af6b8c903a473824)

dsdb-descriptor: Spell out security descriptor flags as constants

Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 87db2331fc855473d8b3cad1c4149807823aa3c4)

samba_upgradeprovision: Use tdb_util.tdb_copy not shutil.copy2

This is really important, because copying a file will both ignore
locks held by another process and break any locks we hold (due to
POSIX brain-damage regarding multiple fds on one file in a process).

By leaving this to tdbbackup in a child, both of these issues are avoided.

Andrew Bartlett

Reviewed-by: Matthieu Patou <mat@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Feb 19 07:48:18 CET 2013 on sn-devel-104
(cherry picked from commit 2cf83f7c645e4b216cf6f23857fd72ec0e6ca7a6)

samba_upgradeprovision: Do not update privileges.ldb any more (unchanged since 2009)

This update was only a total oblitoration of the existing database
and not a merge, and the shutil.copy would both disregard and break
locks on the database that are held at this point.

Andrew Bartlett

Reviewed-by: Matthieu Patou <mat@samba.org>
(cherry picked from commit 3c51e18a0cd1cb4b54cd29e312abd7cc2c0fbc98)

scripting: Make tdb_copy a common util function in samba.tdb_util

This will allow samba_upgradeprovision to also call it.

Andrew Bartlett

Reviewed-by: Matthieu Patou <mat@samba.org>
(cherry picked from commit 396df64ef6f2c66c35989ecda3e564d5578fe9f3)

scripting: Make tdb_copy use the python subprocess module

This makes the code more robust to spaces in the file names (etc).

Andrew Bartlett

Reviewed-by: Matthieu Patou <mat@samba.org>
(cherry picked from commit 2c2759e408d9c45c2aee0c2578f45edd246afec3)

samba_upgradeprovision: Remove options to fix FS ACLs

samba-tool ntacl sysvolreset handles this better, and makes this tool
much less confusing internally.

Andrew Bartlett

Reviewed-by: Matthieu Patou <mat@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Feb 19 06:06:41 CET 2013 on sn-devel-104
(cherry picked from commit 06780ae82281fb62a08d0c3604d2e679976756c2)

wkssvc: Fix bug 9727, NULL pointer dereference

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Mon Mar 18 11:39:27 CET 2013 on sn-devel-104
(cherry picked from commit 05a7a10c88be99d864eacd6f9d37a340022f01f6)

s3:waf fix build on AIX

AIX acl code needs to be built by default on AIX,
otherwise smbd will fail to start because of missing symbols

This fixes Bug 9557 - build succeeds, but binaries don't run

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
Autobuild-User(master): Christian Ambach <ambi@samba.org>
Autobuild-Date(master): Thu Mar 21 16:31:19 CET 2013 on sn-devel-104
(cherry picked from commit 1f139ae2d162ebb045ce4eabb76a138baedfe44a)

Make sure that we only propogate the INHERITED flag when we are allowed to.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Fix bug #9747 - When creating a directory Samba allows inherited bit to slip
through.

Autobuild-User(v4-0-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-0-test): Tue Apr  2 23:07:34 CEST 2013 on sn-devel-104

build: Do not pass CPP="" to pidl, skip the env variable entirely

This will cause pidl to use $CC -E instead.

Andrew Bartlett

Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit afe9343880ee27cf9fe937c6379c469435ef20d6)

The last 2 patches address bug #9739 - [PATCH] PIDL build fixes for hosts
without CPP (Solaris 11).

build: Remove the forced use of only the first part of the compiler string

This corrects parts of 378295c3fe813c70815a14c7de608e4a859bd6cc and
301d59caf2ee6f49e108b748b0e38221dec9bb96.  This is seen if CC="ccache
gcc" and CPP isn't used for some reason.

Andrew Bartlett

Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 7dc6dfd90c5182ed85042b22d4864d3e9b007531)

scripting: No longer install samba_upgradeprovision

This tool is an important part of the toolkit a Samba Team member can
use to assist a user with the upgrade of a very old Samba 4.0 AD DC
installation.

However, like all powerful tools, it has sharp edges, and these need
to have more protection added before we recommend the tool be used.

The WHATSNEW already indicated that this tool should not be used but a
large number of users have run it, and due to lack of testing in the
past, some have run into bugs.

While this tool can be run in debug modes, by default it simply fixes
the database following a series of internal rule.  This does a good
job much of the time, but does not request permission in the way that
dbcheck does, and will create extra objects for things like the DNS
partitions.

By removing this from the installed binaries, we provide another
signal that it should not be used right now, until these matters are
fixed and some clear documentation on how to safely use the tool can
be written.

Andrew Bartlett

Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Tue Mar 12 02:51:23 CET 2013 on sn-devel-104
(cherry picked from commit 389197e7c31e8d6616e6503181c088940ddb5986)

Fix bug #9728 - DO NOT install samba_upgradeprovision in 4.0.x.

scripting/samba_upgradedns: Only look for IPv4/IPv6 addresses if we actually them

This allows the script to be used to create/remove the samba-specific dns-SERVER account
when we do not need to create the in-directory partition.

Andrew Bartlett

Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jan 10 20:56:50 CET 2013 on sn-devel-104
(cherry picked from commit edbc26bca84ee77b5a9571ba8dc9416c0db25906)

Fix bug #9721 - samba_upgradedns patch for robustness (do not guess addresses
when just changing roles).

samba-tool classicupgrade: Do not print the admin password during upgrade

This changes the code to only set and show a new password if no admin
user is found during the upgrade.

Andrew Bartlett

Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jan 10 16:55:23 CET 2013 on sn-devel-104
(cherry picked from commit 051a1a9c6417c2cbffa7d091ae477a6c7922d363)

Fix bug #samba-tool classicupgrade patch to not print incorrect admin passwords.

s4-dbcheck: Allow forcing an override of an old @MODULES record

Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 99d872ee9261a299add4718c38234dfe9f7658fc)

Fix bug #9719 - dbcheck patch from master needed in 4.0.

selftest: Add test for rfc2307 mapping handling

Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit c9d2ca585e198b1006bbf7f1a3c988c1188b66cb)

The last 2 patches address bug #9718 - rfc2307 patches not yet in 4.0.

s4-idmap: Remove requirement that posixAccount or posixGroup be set for rfc2307

This change matches the source3/idmap/idmap_ad.c code, and allows this
feature to work with only the setting of the UID/GID in Active
Directory Users and Computers.

Andrew Bartlett

Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 5e0fcb04a48d96669ed4376bfa17f679e3582236)

build: Set LD_LIBRARY_PATH in install_with_python.sh

This ensures that the python install finishes correctly.

Andrew Bartlett

Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jan 10 14:00:13 CET 2013 on sn-devel-104
(cherry picked from commit 213e7260a83d4349132e8c159798b476cec3f814)

Fix bug #9717 - install_with_python fix not yet in 4.0.x.

Fix bug #9724 - is_encrypted_packet() function incorrectly used inside server.

The is_encrypted_packet() function should only be used on the raw received data
to determine if a packet came in encrypted. Once we're inside the SMB1
processing code in smbd/reply.c we should be looking at the
smb1request->encrypted field to determine if a packet was really encrypted or
not.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Sat Mar 16 12:44:44 CET 2013 on sn-devel-104
(cherry picked from commit 1d15fc75a33b7368049876368f4b70c188bbd55e)

Autobuild-User(v4-0-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-0-test): Thu Mar 21 11:15:16 CET 2013 on sn-devel-104

torture: Add ntprinting latin1 test.

Reviewed-by: Günther Deschner <gd@samba.org>
The last 7 patches address bug #9723 - Add a tool to migrate latin1 printing
tdb's to registry.

s3-net: Add encoding=<CP> to 'net printing dump'.

Reviewed-by: Günther Deschner <gd@samba.org>

s3-net: Add encoding=<CP> to 'net printing migrate'.

This allows you to convert printing tdb's which are in e.g. in latin1 to
convert to UTF-8 and import them into the registry.

Reviewed-by: Günther Deschner <gd@samba.org>

ndr: Pass down string_flags in ndr_pull_ntprinting_printer().

Reviewed-by: Günther Deschner <gd@samba.org>

idl: Add flags for strings in ntprinting idl.

Reviewed-by: Günther Deschner <gd@samba.org>

ndr: Add ndr_ntprinting_string_flags() function.

It defaults to utf8string.

Reviewed-by: Günther Deschner <gd@samba.org>

pidl: Add skip option to elements.

This option allows to skip struct elements in pull and push function.
This can be used to pass flags to the structure e.g. for string values.

Reviewed-by: Günther Deschner <gd@samba.org>

s4:torture: let raw.read accept larger reads than 0x10000

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
The last 16 patches address bug #9706 - Parameter is incorrect on Android.

s4:torture: raw.read fix large reads against windows

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3:selftest: Add LARGE_READX test into our make test infrastructure.

Tested against non-encrypted and encrypted connections.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

s3:torture: Add new LARGE_READX test to investigate large SMBreadX behavior.

Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

s4:smb_server: fix large read_andx requests

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3:smbd: Add functions calc_max_read_pdu()/calc_read_size() to work out the length we should return.

LARGE_READX test shows it's always safe to return a short read.
Windows does so. Do the calculations to return what will fit
in a read depending on what the client negotiated.

Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

s3:smbd: Remove server_will_accept_large_read() and erroneous comment.

We're going to replace this with a function that calculates
the max PDU to return on a read and supports short reads.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

s3:smbd: Fix off-by 4 error in wrap protection code in create_outbuf()

Subtract 4 from smb_size (39) here as the length
of the SMB reply following the 4 byte type+length
field can be up to 0xFFFFFF bytes.

Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

s3:smbd: add some const to req_is_in_chain()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3:smbd: remove silly (SMB_OFF_T_BITS == 64) checks

configure will abort if sizeof(off_t) is not 8.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3:smbd: keep global_client_caps and max_send from the first successful session setup

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3:libsmb: let cli_read_andx_create() accept any length

It's up to the server to decide the allowed length.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

libcli/smb: smb1cli_inbuf_parse_chain() and smb1cli_conn_dispatch_incoming() should use smb_len_tcp.

They have to cope with large READX call replies that have
a length greater than smb_len_nbt() can handle.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

libcli/smb: defer failing for missing NEGOTIATE_SECURITY_SIGNATURES_ENABLED

Windows servers take a look at the FLAGS2_SMB_SECURITY_SIGNATURES_REQUIRED
flag during a session setup and turn on signing if the client requires it.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3:libsmb: make use of SMB_CAP_LEGACY_CLIENT_MASK instead of SMB_CAP_CLIENT_MASK

This should allow smbclient to keep using large reads against older Samba versions
(<= 3.6.x) and other servers that may also require this.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

libcli/smb: add SMB_CAP_LEGACY_CLIENT_MASK define

Older Samba releases (<= 3.6.x)
expect the client to send CAP_LARGE_READX
in order to let the client use large reads.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s4:winbindd: do not drop the workgroup name in the getgrgid call

Second part of fix for bug #9711.

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Feb 27 05:44:39 CET 2013 on sn-devel-104
(cherry picked from commit bb0e4cbc3c30137245ca6b6cf9d74812ad17cee1)

s4:winbindd: do not drop the workgroup name in the getgrnam and getgrent calls.

First part of fix for bug #9711.

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit ecd0b10d2f1de986303f8aab2915c20c2f025244)

WHATSNEW: clarify how being a domain member server is supported in Samba 4.0

Signed-off-by: Michael Adam <obnox@samba.org>

VERSION: Bump version number up to 4.0.5.

Signed-off-by: Karolin Seeger <kseeger@samba.org>

Merge tag 'samba-4.0.4' into v4-0-test

samba: tag release samba-4.0.4

VERSION: Bump version number up to 4.0.4.

Bug 9709: CVE-2013-1863: Remove forced set of 'create mask' to 0777.

Signed-off-by: Karolin Seeger <kseeger@samba.org>

WHATSNEW: Prepare release notes for Samba 4.0.4

Bug 9709: CVE-2013-1863: Remove forced set of 'create mask' to 0777.

Signed-off-by: Karolin Seeger <kseeger@samba.org>

Revert "Ensure the masks don't conflict with the ACL checks."

This reverts commit 78594909b8b22bd07978922b1c85dfd6f6456963 which was
needed by 7622aa16adeb00bf161a6dd07664c37125391272.

This change masked bug #9462 which was fixed by
2013bb9b4dbed747921df2591068e2765428f57d.  The issue was that the
defaults for the substituted parameters did not match the old
parameter.  Changing the values in our test suite hid the issue, but
did not fix the issue.

(Additional change in the revert is to correct the expected ACL value
in posixacl.py due to changed implied inherited permissions).

Andrew Bartlett

Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Mon Mar 11 19:46:24 CET 2013 on sn-devel-104
(cherry picked from commit 58e385a5ac37c072a4eef3baa7926b799a732e94)

The last 3 patches address bug #Bug 9709 - CVE-2013-1863; Remove forced set of
'create mask' to 0777.

CVE-2013-1863: World-writeable files may be created in additional shares on a
Samba 4.0 AD DC.

smbd:posix_acls Remove incorrectly added lp_create_mask() and lp_dir_mask() calls

When 6adc7dad96b8c7366da042f0d93b28c1ecb092eb removed the calls to
lp_security_mask/lp_force_security_mode/lp_dir_security_mask/lp_force_dir_security_mode
these calls were replaced with lp_create_mask() and lp_dir_mask()

The issue is that while lp_security_mask() and lp_dir_security_mask defaulted to
0777, the replacement calls did not.  This changes behaviour, and incorrectly
prevents a posix mode being specified by the client from being applied to
the disk in the non-ACL enabled case.

Andrew Bartlett
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
(cherry picked from commit fc496ef323c908a6b621198d9dc8076f6857385e)

param: Remove incorrectly added defaults in AD DC allowing WORLD WRITABLE files

These defaults were incorrectly added in
fc5caffbc139d63cab1ec105884863f73772586f in what turns out to be an
incorrect fix for bug #9462, which was in turn introduced by the
swapping of security mask (default 0777) for create mask (0755) in
6adc7dad96b8c7366da042f0d93b28c1ecb092eb.

While the permissions on sysvol and netlogon (the default shares) were
fixed by provision, any additional shares that did not yet have an
explit ACL set would create world-writable files by default.

Administrators will need to manually correct the file permissions on
any additional shares that were created after installation of the AD
DC.

Andrew Bartlett

Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sun Mar 10 12:00:31 CET 2013 on sn-devel-104
(cherry picked from commit 287b5f6c0f40d3e3d09bc2ce80f5fee02cbae40f)

Correct the name of the nss_winbind module for FreeBSD by creating a symlink from the FreeBSD required name to the built module.

Signed-off-by: Timur Bakeyev <timur@FreeBSD.org>
Reviewed-by: Andrew Bartlett <abartlett@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Autobuild-User(master): Richard Sharpe <sharpe@samba.org>
Autobuild-Date(master): Fri Mar  8 05:04:04 CET 2013 on sn-devel-104
(cherry picked from commit 11d128632357c9ae89d67aaf23c429fae83a1b29)

Fix bug #9704 - Fix nss_winbind name on FreeBSD.

Autobuild-User(v4-0-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-0-test): Tue Mar 12 10:43:32 CET 2013 on sn-devel-104

build: Do not force a specific perl from ${PERL} when running pod2man

pod2man should have the right #!/usr/bin/perl line already, and forcing it may
cause us to use the wrong perl.

Essentially treat this like any other system binary, rather than forcing
it to use the first perl we found.

This essentially reverts e80f576db66ad04592ac436ed74ceb9b96452060.
Current SLES11 does not seem to have the issue this was added to
address.

Andrew Bartlett

Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Thu Feb 28 02:14:25 CET 2013 on sn-devel-104
(cherry picked from commit 1da22ab994822acacf9a0378c68b15cd32535390)

Fix bug #9703 - Fix build on solaris8: Do not force a specific perl on pod2man.

selftest: also skip raw.search as it also spins

Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit b40d134bc1866dd7e5b5e7dfc5bf01f6d55b1c1f)

The last 2 patches fix bug #9663 - make test hangs.

selftest: skip base.dir2 tests as they just spin on modern ext4

Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit a8c745a28c3278e9fbee6f802dc340fe660f27ca)

vfs_catia: add my copyright

Signed-off-by: Guenter Kukkukk <kukks@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
The last 5 patches address bug #9701 - vfs_catia is not working anymore (due to
a former regression).

Autobuild-User(v4-0-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-0-test): Mon Mar 11 10:55:48 CET 2013 on sn-devel-104

vfs_catia: add a sample for filename mapping to the manual page

Signed-off-by: Guenter Kukkukk <kukks@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_catia: fix the completely outdated manual page

The complete rework around 3.5.0 was not even mentioned somewhere.
(i was not able to find any info about that major change)

Signed-off-by: Guenter Kukkukk <kukks@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_catia: fix the translation to "vfs_translate_to_windows"

THANKS to an IRC user (Raimund ?) who asked for a char mapping possibility.
I suggested vfs_catia - but it did not work!
Hopefully now it will. :-)

Signed-off-by: Guenter Kukkukk <kukks@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_catia: add debug class for that module

Signed-off-by: Guenter Kukkukk <kukks@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

tsocket_bsd: Attempt to increase the SO_SNDBUF if we get EMSGSIZE in sendto()

This matches what was done for lib/socket/socket_unix.c in
c692bb02b039ae8fef6ba968fd13b36ad7d62a72.

(and is based on that patch by Landon Fuller <landonf@bikemonkey.org>)

Andrew Bartlett

Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Mar  4 11:15:35 CET 2013 on sn-devel-104
(cherry picked from commit 70e1b6185e3fb35fdc72eeb529ffb4b50122dc40)

The last 3 patches address bug #9697 - DsReplicaGetInfo fails due to sendto()
EMSGSIZE error on UNIX domain socket.

Autobuild-User(v4-0-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-0-test): Wed Mar  6 11:57:20 CET 2013 on sn-devel-104

s4-lib/socket: Return the original EMSGSIZE when sendto() and setsockopt() both fail

This ensures that should we be unable to increase the socket size, we return an
error that the application layer above might expect and be able to make
as reasonable response to (such as switching to a stream-based transport).

This fixes up c692bb02b039ae8fef6ba968fd13b36ad7d62a72.

As suggested by metze in https://bugzilla.samba.org/show_bug.cgi?id=9697#c4

Andrew Bartlett

Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 50b42d1c5bb19e3a5050d7d23ac96e273d3974ee)

Handle EMSGSIZE on UNIX domain sockets.

On some systems (eg, FreeBSD) the default SO_SNDBUF for UNIX
domain sockets is to small, and EMSGSIZE is returned. Other
systems provide a larger default send buffer, but there is
still no guarantee that the buffer will be sized appropriately.

This patch modifies the sendto() path to attempt to resize
the SO_SNDBUF dynamically upon an EMSGSIZE failure, and then
retry the send.

This fixes local DCE/RPC errors on FreeBSD, eg:

https://lists.samba.org/archive/samba-technical/2013-January/089881.html

Signed-Off-By: Landon Fuller <landonf@bikemonkey.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sat Mar  2 23:34:03 CET 2013 on sn-devel-104
(cherry picked from commit c692bb02b039ae8fef6ba968fd13b36ad7d62a72)

s4-socket: Make sure unix socket addresses are null terminated.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
(cherry picked from commit 7dd13503c0919766ecf3c8f5f48cda72aae8ac73)

Remove incomplete check for IPv6 link-local addresses.

This has been superceded by a check for link-local
addresses in get_interfaces()

Signed-Off-By: Landon Fuller <landonf@bikemonkey.org>
Reviewed-By: Richard Sharpe <realrichardsharpe@gmail.com>
Fix bug #9696 - Remove incomplete samba_dnsupdate IPv6 link-local address
check.

s3:lib/events: add missing TEVENT_TRACE_BEFORE/AFTER_WAIT handling

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
(cherry picked from commit 2fb69f51c47c8859485011879afb11650835ecbe)

The last 77 patches address bug #9695 - Backport tevent changes to bring
library to version 0.9.18.

Fix typo to make master/lib/tevent identical to 4.0.x/lib/tevent

This was missed in the patch that was applied to fix bug 9550.

Signed-off-by: Jeremy Allison <jra@samba.org>

tevent: change version to 0.9.18

This release contains a lot of fixes:

- Adding new timer events is now faster, if there's
  a large number of timer events.

- sigprocmask does not work on FreeBSD to stop further signals in a signal
  handler.

- TEVENT_NUM_SIGNALS is calculated by configure in order
  to support realtime signals on freebsd.

- ./configure --disable-python was fixed for the standalone build.

- Several crash bugs in the poll backend are fixed.

- The poll backend removes deleted events from the
  cached pollfd array now.

- The poll doesn't pass pollfd.events == 0 to poll()
  and maintains a list of disabled events,
  instead of consuming 100% cpu and/or triggering
  the callers handler.

- The poll backend detects POLLNVAL and reports EBADF
  instead of consuming 100% cpu.

- The select backend supports separate handlers
  for TEVENT_FD_READ and TEVENT_FD_WRITE.

- The poll and select backends are now doing fair
  queuing of fd events.

- The epoll has better error checking
  and supports separate handlers
  for TEVENT_FD_READ and TEVENT_FD_WRITE.

- The standard backend was rewritten to be a tiny
  wrapper on top of epoll with a fallback to poll,
  which means that it doesn't use select directly anymore.

- TEVENT_TRACE_BEFORE_LOOP_ONCE and TEVENT_TRACE_AFTER_LOOP_ONCE
  are added in order to allow the application to hook in
  before and after the loop_once() backend function is called.
  The TEVENT_HAS_LOOP_ONCE_TRACE_POINTS define can be used to
  detect the new feature.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

tevent: optimize adding new zero timer events

Such events were used before we had immediate events.
It's likely that there're a lot of this events
and we need to add new ones in fifo order.

The tricky part is that tevent_common_add_timer()
should not use the optimization as it's used
by broken Samba versions, which don't use
tevent_common_loop_timer_delay() in source3/lib/events.c.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

tevent: optimize adding new timer events

As new timestamps typically get higher:-)
it's better to traverse the existing list from
the tail.

This is not completely optimal, but it should be better
than before.

A second optimization could be done for zero timestamps,
we would just remember the last_zero_timer,
but that would change the internal ABI.
Normally thatshould not be a poblem, but the Samba's
source3/lib/events.c abuses tevent_internal.h
from the current source tree, even if an external tevent.h
is used. The other problem is that it makes use of
tevent_common_add_timer() without using
tevent_common_loop_timer_delay().

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

tevent: add a debug message in tevent_common_loop_timer_delay()

We should debug a message before and after running the handler.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

tevent: add test_event_fd2()

This test fills the socket kernel buffers
and verifies that we don't report TEVENT_FD_WRITE
if the buffer is full.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

tevent: add test_event_fd1()

This test verifies that TEVENT_FD_* flags are handled correctly.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

tevent: use better names for the subtests

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

tevent: Regression test to ensure that a tevent backend can cope with separate read/write events on a single fd.

This tests the multiplex fd changes to the epoll backend to
ensure they work correctly.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

tevent: use DEBUG_ERROR for the fallback message in epoll_panic()

A Samba autobuild passed without a fallback, so this is
really an error.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

tevent: If epoll_ctl(..EPOLL_CTL_ADD,..) failes with EEXIST, merge the two fde's into one epoll event.

Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

tevent: preferr the write handler if there're two possible handlers registered with epoll

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

tevent: In epoll_event_loop() ensure we trigger the right handler for a multiplexed fde event.

Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

tevent: Add utility function epoll_handle_hup_or_err()

We'll use this to handle the EPOLL_ADDITIONAL_FD_FLAG_GOT_ERROR
and EPOLL_ADDITIONAL_FD_FLAG_REPORT_ERROR flags with multiplexed
events in the event loop.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

tevent: handle EPOLL_ADDITIONAL_FD_FLAG_HAS_MPX in epoll_update_event()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

tevent: handle multiplexed fde's in epoll_event_fd_destructor()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

tevent: Fix epoll_mod_event() to cope with modifying a multiplexed fde event.

Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

tevent: Fix up epoll_del_event to cope with deleting a multiplexed fde event.

Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>