Stefan Metzmacher [Fri, 16 Nov 2012 11:51:44 +0000 (12:51 +0100)]
s4:dsdb/tests: add SdAutoInheritTests
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Fri Nov 30 18:59:50 CET 2012 on sn-devel-104
Stefan Metzmacher [Fri, 23 Nov 2012 16:10:38 +0000 (17:10 +0100)]
s4:dsdb/repl_meta_data: call dsdb_module_schedule_sd_propagation() for replicated changes
We only do so if the replicated object is not deleted.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Fri, 16 Nov 2012 11:49:16 +0000 (12:49 +0100)]
s4:dsdb/descriptor: inherit nTSecurityDescriptor changes to children (bug #8621)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Fri, 16 Nov 2012 11:49:16 +0000 (12:49 +0100)]
s4:dsdb/descriptor: recalculate nTSecurityDescriptor after a rename (bug #8621)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Fri, 23 Nov 2012 15:46:51 +0000 (16:46 +0100)]
s4:dsdb/acl_util: add dsdb_module_schedule_sd_propagation()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Fri, 23 Nov 2012 14:55:24 +0000 (15:55 +0100)]
s4:dsdb/descriptor: implement DSDB_EXTENDED_SEC_DESC_PROPAGATION_OID
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Thu, 22 Nov 2012 16:42:32 +0000 (17:42 +0100)]
s4:dsdb: define DSDB_EXTENDED_SEC_DESC_PROPAGATION_OID
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Fri, 23 Nov 2012 09:45:02 +0000 (10:45 +0100)]
s4:dsdb/descriptor: handle DSDB_CONTROL_SEC_DESC_PROPAGATION_OID
This can only be triggered by ourself, that's why we expect
control->data == module.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Wed, 21 Nov 2012 15:12:54 +0000 (16:12 +0100)]
s4:dsdb/schema_data: allow DSDB_CONTROL_SEC_DESC_PROPAGATION_OID on modify
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Fri, 23 Nov 2012 10:18:05 +0000 (11:18 +0100)]
s4:dsdb/repl_meta_data: allow DSDB_CONTROL_SEC_DESC_PROPAGATION_OID on modify
The propagation of nTSecurityDescriptor doesn't change the
replProperyMetaData.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Sat, 24 Nov 2012 14:25:06 +0000 (15:25 +0100)]
s4:dsdb/objectclass_attrs: allow DSDB_CONTROL_SEC_DESC_PROPAGATION_OID on modify
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Thu, 22 Nov 2012 16:42:32 +0000 (17:42 +0100)]
s4:dsdb: define DSDB_CONTROL_SEC_DESC_PROPAGATION_OID
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Sat, 24 Nov 2012 09:16:45 +0000 (10:16 +0100)]
s4:dsdb/subtree_delete: delete from the leafs to the root (bug #7711)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Sat, 24 Nov 2012 09:14:59 +0000 (10:14 +0100)]
s4:dsdb/subtree_delete: do the recursive delete AS_SYSTEM/TRUSTED (bug #7711)
Now that the acl module checks for SEC_ADS_DELETE_TREE,
we can do the recursive delete AS_SYSTEM.
We need to pass the TRUSTED flags as we operate from
the TOP module.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Sat, 24 Nov 2012 09:04:39 +0000 (10:04 +0100)]
s4:dsdb/subtree_delete: do an early return and avoid some nesting
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Sat, 24 Nov 2012 22:21:10 +0000 (23:21 +0100)]
s4:dsdb/objectclass: do not pass the callers controls on helper searches
We add AS_SYSTEM and SHOW_RECYCLED to the helper search,
don't let the caller specify additional controls.
This also fixes a problem when the caller also specified AS_SYSTEM.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Sat, 24 Nov 2012 09:06:13 +0000 (10:06 +0100)]
s4:dsdb/acl: require SEC_ADS_DELETE_TREE if the TREE_DELETE control is given (bug #7711)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Sat, 24 Nov 2012 08:20:37 +0000 (09:20 +0100)]
s4:dsdb/dirsync: remove unused 'deletedattr' variable
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Sat, 24 Nov 2012 08:19:52 +0000 (09:19 +0100)]
s4:provision: add pekList and msDS-ExecuteScriptPassword to @KLUDGEACL
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Sat, 24 Nov 2012 08:17:27 +0000 (09:17 +0100)]
s4:dsdb/common: add pekList and msDS-ExecuteScriptPassword to DSDB_SECRET_ATTRIBUTES_EX
See [MS-ADTS] 3.1.1.4.4 Extended Access Checks.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Sat, 24 Nov 2012 08:15:24 +0000 (09:15 +0100)]
s4:dsdb/acl: also add DSDB_SECRET_ATTRIBUTES into the password attributes
The @KLUDGEACL record might not be uptodate.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Fri, 23 Nov 2012 09:58:49 +0000 (10:58 +0100)]
s4:dsdb/descriptor: the old nTSecurityDescriptor is always expected there on modify
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Fri, 23 Nov 2012 08:55:17 +0000 (09:55 +0100)]
s4:dsdb/descriptor: make explicit that we don't support MOD_DELETE on nTSecurityDescriptor
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Fri, 23 Nov 2012 08:31:05 +0000 (09:31 +0100)]
s4:dsdb/descriptor: remove some nesting from descriptor_modify
If the nTSecurityDescriptor attribute is not specified,
we have nothing to do.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Fri, 23 Nov 2012 08:20:50 +0000 (09:20 +0100)]
s4:dsdb/descriptor: remove some unnecessary nesting
sd == NULL is checked before.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Fri, 23 Nov 2012 08:19:11 +0000 (09:19 +0100)]
s4:dsdb/descriptor: add some error checks to descriptor_{add,modify}
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Fri, 23 Nov 2012 08:15:25 +0000 (09:15 +0100)]
s4:dsdb/descriptor: remove support for unused LDB_CONTROL_RECALCULATE_SD_OID
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Fri, 23 Nov 2012 06:18:35 +0000 (07:18 +0100)]
s4:dsdb/descriptor: move special dn check to the start of descriptor_{add,modify,rename}
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Thu, 22 Nov 2012 15:22:30 +0000 (16:22 +0100)]
s4:samba_upgradeprovision: use the sd_flags:1:15 control with an empty sd
The sd_flags:1:15 control together with an empty security_descriptor
has the same effect as the recalculate_sd:0 control (which is samba only).
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Thu, 22 Nov 2012 13:09:34 +0000 (14:09 +0100)]
s4:provision: add get_empty_descriptor()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Thu, 22 Nov 2012 14:53:14 +0000 (15:53 +0100)]
s4:dsdb/descriptor: if the caller specifies no DACL/SACL the objects gets a default one
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Thu, 22 Nov 2012 13:07:04 +0000 (14:07 +0100)]
s4:dsdb/descriptor: give SYSTEM the correct default owner (group) sid
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Sun, 18 Nov 2012 17:57:03 +0000 (18:57 +0100)]
s4:dsdb/acl_read: enable acl checking on search by default (bug #8620)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Wed, 21 Nov 2012 13:04:09 +0000 (14:04 +0100)]
s4:dsdb/acl_read: specify the correct access_mask for nTSecurityDescriptor
We need to base the access mask on the given SD Flags.
Originally, we always checked for SEC_FLAG_SYSTEM_SECURITY,
which could lead to INSUFFICIENT_RIGHTS when we should
have been allowed to read.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Wed, 21 Nov 2012 08:31:25 +0000 (09:31 +0100)]
s4:dsdb/acl_read: do search for instanceType AS_SYSTEM and with SHOW_RECYCLED
Note that SHOW_RECYCLED implies SHOW_DELETED.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Wed, 21 Nov 2012 13:10:43 +0000 (14:10 +0100)]
s4:dsdb/acl: calculate the correct access_mask when modifying nTSecurityDescriptor
The access_mask depends on the SD Flags.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Wed, 21 Nov 2012 11:12:41 +0000 (12:12 +0100)]
s4:dsdb/acl: don't protect confidential attributes when "acl:search = yes" is set
In that case the acl_read module does the protection.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Wed, 21 Nov 2012 11:15:00 +0000 (12:15 +0100)]
s4:dsdb/acl: remove unused "acl:perform" option
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Wed, 21 Nov 2012 06:14:31 +0000 (07:14 +0100)]
s4:dsdb/acl: do helper searches AS_SYSTEM and with SHOW_RECYCLED
The searches are done in order to do access checks
and the results are not directly exposed to the client.
Note that SHOW_RECYCLED implies SHOW_DELETED.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Wed, 21 Nov 2012 13:13:17 +0000 (14:13 +0100)]
s4:dsdb/descriptor: make it clear that the SD Flags are ignored on add
See [MS-ADTS] 6.1.3.2 SD Flags Control:
...
When performing an LDAP add operation, the client can supply an SD flags control
with the operation; however, it will be ignored by the server.
...
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Wed, 21 Nov 2012 12:05:31 +0000 (13:05 +0100)]
s4:dsdb/descriptor: make use of dsdb_request_sd_flags()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Wed, 21 Nov 2012 14:24:46 +0000 (15:24 +0100)]
s4:dsdb/descriptor: always use descriptor_search_callback if we return nTSecurityDescriptor
If the nTSecurityDescriptor is explicitly specified
without the SD Flags control we should go through descriptor_search_callback().
This is not strictly needed at the moment, but makes the code clearer
and might avoid surprises in the future.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Wed, 21 Nov 2012 09:15:58 +0000 (10:15 +0100)]
s4:dsdb/descriptor: do searches for nTSecurityDescriptor AS_SYSTEM and with SHOW_RECYCLED
Note that SHOW_RECYCLED implies SHOW_DELETED.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Wed, 21 Nov 2012 11:33:35 +0000 (12:33 +0100)]
s4:dsdb/acl_util: add dsdb_request_sd_flags() helper function
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Wed, 21 Nov 2012 06:14:31 +0000 (07:14 +0100)]
s4:dsdb/acl_util: do helper searches AS_SYSTEM
The search is done in order to do access checks.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Wed, 21 Nov 2012 08:33:53 +0000 (09:33 +0100)]
s4:dsdb/extended_dn_store: do helper searches AS_SYSTEM
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Mon, 19 Nov 2012 05:59:33 +0000 (06:59 +0100)]
s4:dsdb/extended_dn_in: do helper searches AS_SYSTEM and with SHOW_RECYCLED
Note that SHOW_RECYCLED implies SHOW_DELETED.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Mon, 19 Nov 2012 05:59:33 +0000 (06:59 +0100)]
s4:dsdb/objectclass: do helper searches AS_SYSTEM and with SHOW_RECYCLED
Note that SHOW_RECYCLED implies SHOW_DELETED.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Mon, 12 Nov 2012 13:19:34 +0000 (14:19 +0100)]
s4:dsdb/rootdse: do helper searches AS_SYSTEM
As anonymous users can read all rootdse attributes,
we should do helper searches with DSDB_FLAG_AS_SYSTEM
in order to avoid unnecessary access checks.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Mon, 26 Nov 2012 12:38:07 +0000 (13:38 +0100)]
s4:dsdb/rootdse: remove unused variable
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Michael Adam [Tue, 27 Nov 2012 15:43:25 +0000 (16:43 +0100)]
s4:tests/samba_tool/gpo.py: fix accidential line break
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Tue, 20 Nov 2012 14:02:05 +0000 (15:02 +0100)]
s4:tests/samba_tool/gpo.py: add test_show_as_admin()
This calls samba-tool gpo show as admin (which should be able to
see the full nTSecurityDescriptor.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Tue, 20 Nov 2012 13:58:13 +0000 (14:58 +0100)]
s4:netcmd/gpo.py: let get_gpo_info explicitly ask for the full ntSecurityDescriptor
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Tue, 20 Nov 2012 13:56:56 +0000 (14:56 +0100)]
s4:netcmd/gpo.py: only ask for OWNER/GROUP/DACL when validating the nTSecurityDescriptor
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Sat, 17 Nov 2012 06:13:40 +0000 (07:13 +0100)]
s4:netcmd/gpo.py: the nTSecurityDescriptor may not be visible for the current user
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Tue, 20 Nov 2012 13:51:46 +0000 (14:51 +0100)]
s4:netcmd/gpo.py: s/ntSecurityDescriptor/nTSecurityDescriptor
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Thu, 22 Nov 2012 07:59:40 +0000 (08:59 +0100)]
s4:dsdb/dirsync: explicitly ask for sdctr->secinfo_flags = 0xF
A value of 0 is mapped to 0xF.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Wed, 21 Nov 2012 08:51:45 +0000 (09:51 +0100)]
s4:dsdb/dirsync: use the correct nc_root to fetch replUpToDateVector
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Tue, 27 Nov 2012 13:49:11 +0000 (14:49 +0100)]
s4:dsdb/dirsync: check result of replUpToDateVector fetch on nc_root
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Wed, 21 Nov 2012 15:12:22 +0000 (16:12 +0100)]
s4:dsdb/schema_data: fix debug message in schema_data_modify()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Michael Adam [Wed, 28 Nov 2012 20:55:47 +0000 (21:55 +0100)]
ldb: fix a typo in the comment for ldb_req_is_untrusted()
Signed-off-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Nov 30 15:44:46 CET 2012 on sn-devel-104
Michael Adam [Fri, 30 Nov 2012 11:31:55 +0000 (12:31 +0100)]
libnet: Fix a typo in dbsync error message.
Signed-off-by: Michael Adam <obnox@samba.org>
Andreas Schneider [Fri, 30 Nov 2012 10:01:47 +0000 (11:01 +0100)]
libnet: Fix copy and paste error in dbsync error message.
Andreas Schneider [Fri, 30 Nov 2012 09:59:06 +0000 (10:59 +0100)]
torture: Fix copy and paste error in debug message.
Found by Coverity.
Andreas Schneider [Fri, 30 Nov 2012 09:57:39 +0000 (10:57 +0100)]
torture: Fix copy and paste error.
Found by Coverity.
Andreas Schneider [Fri, 30 Nov 2012 09:53:55 +0000 (10:53 +0100)]
s3-reg: Fix copy and paste error in debug message.
Found by coverity.
Stefan Metzmacher [Fri, 30 Nov 2012 11:07:39 +0000 (12:07 +0100)]
s3:popt_common: Fix password processing.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Nov 30 14:01:08 CET 2012 on sn-devel-104
Stefan Metzmacher [Fri, 30 Nov 2012 08:31:34 +0000 (09:31 +0100)]
s3:util: fix usage of popt_burn_cmdline_password()
We should only call popt_burn_cmdline_password() after poptFreeContext(),
otherwise we remove the password to early.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Thu, 29 Nov 2012 13:31:19 +0000 (14:31 +0100)]
s3-winbind: use new reconnect logic in rpc_lookup_sids() also.
Volker, please check.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Thu, 29 Nov 2012 11:03:53 +0000 (12:03 +0100)]
s3-winbindd: rework reconnect logic in winbindd_lookup_names().
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Thu, 29 Nov 2012 11:03:16 +0000 (12:03 +0100)]
s3-winbindd: rework reconnect logic in winbindd_lookup_sids().
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Wed, 28 Nov 2012 19:41:21 +0000 (20:41 +0100)]
s3-winbindd: remove lookup_sids_fn_t.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Wed, 28 Nov 2012 16:03:40 +0000 (17:03 +0100)]
s3-winbindd: remove lookup_names_fn_t.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Wed, 28 Nov 2012 16:00:49 +0000 (17:00 +0100)]
s3-rpc_client: make dcerpc_lsa_lookup_names_generic() public.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Wed, 28 Nov 2012 15:57:57 +0000 (16:57 +0100)]
s3-rpc_cli: make dcerpc_lsa_lookup_sids_generic() public.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Wed, 28 Nov 2012 15:57:24 +0000 (16:57 +0100)]
s3-winbindd: add cm_connect_lsat().
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Wed, 28 Nov 2012 13:53:27 +0000 (14:53 +0100)]
s3-rpc_cli: Remove some unused wrapping code.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Volker Lendecke [Tue, 27 Nov 2012 22:58:09 +0000 (14:58 -0800)]
Fix Bug 9422 - large read requests cause server to issue malformed reply
Reviewed by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Nov 30 03:27:07 CET 2012 on sn-devel-104
Volker Lendecke [Thu, 29 Nov 2012 15:45:15 +0000 (16:45 +0100)]
dbwrap: Do not rely on dbwrap_record_get_value to return a talloc object
db_tdb_fetch_locked returns the value as part of a larger talloc object
that also contains the key. This means we can not realloc, but have to
freshly alloc.
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Thu Nov 29 20:21:51 CET 2012 on sn-devel-104
Volker Lendecke [Thu, 29 Nov 2012 14:04:33 +0000 (15:04 +0100)]
dbwrap: Remove an unnecessary if-statement
TALLOC_FREE can live with a NULL pointer
Reviewed-by: Michael Adam <obnox@samba.org>
Volker Lendecke [Thu, 29 Nov 2012 14:03:20 +0000 (15:03 +0100)]
dbwrap: No need to NULL out a talloc_zero'ed structure element
Reviewed-by: Michael Adam <obnox@samba.org>
Volker Lendecke [Thu, 29 Nov 2012 14:02:43 +0000 (15:02 +0100)]
dbwrap: Use talloc_zero in db_open_rbt
Reviewed-by: Michael Adam <obnox@samba.org>
Volker Lendecke [Thu, 29 Nov 2012 14:02:15 +0000 (15:02 +0100)]
dbwrap: Use talloc_zero in db_open_cache
Reviewed-by: Michael Adam <obnox@samba.org>
Volker Lendecke [Mon, 12 Nov 2012 12:42:23 +0000 (13:42 +0100)]
s3: Remove db_ctdb_fetch
Note that this also makes the request for read only copies
much more explicity visible in the code.
Reviewed-by: Michael Adam <obnox@samba.org>
Volker Lendecke [Mon, 12 Nov 2012 12:36:48 +0000 (13:36 +0100)]
s3: Directly parse local existing records in db_ctdb_parse_record
Reviewed-by: Michael Adam <obnox@samba.org>
Volker Lendecke [Mon, 12 Nov 2012 12:27:07 +0000 (13:27 +0100)]
s3: Factor out db_ctdb_can_use_local_hdr from db_ctdb_can_use_local_copy
Reviewed-by: Michael Adam <obnox@samba.org>
Volker Lendecke [Mon, 12 Nov 2012 12:06:38 +0000 (13:06 +0100)]
s3: Remove unused code for fetching persistent ctdb records
The only entry point here is parse_record, and this catches the persistent
case with a direct parse now
Reviewed-by: Michael Adam <obnox@samba.org>
Volker Lendecke [Mon, 12 Nov 2012 12:03:56 +0000 (13:03 +0100)]
s3: Avoid db_ctdb_fetch for persistent databases
Reviewed-by: Michael Adam <obnox@samba.org>
Volker Lendecke [Mon, 12 Nov 2012 11:13:39 +0000 (12:13 +0100)]
s3: Factor out parse_newest_in_marshall_buffer from pull_newest_from_marshall_buffer
Reviewed-by: Michael Adam <obnox@samba.org>
Volker Lendecke [Sat, 10 Nov 2012 14:03:35 +0000 (15:03 +0100)]
s3: reduce db_ctdb_marshall_loop_next to specialized db_ctdb_marshall_buf_parse
now that the db_ctdb_marshall_loop_next_key has been factored out.
Reviewed-by: Michael Adam <obnox@samba.org>
Volker Lendecke [Sat, 10 Nov 2012 13:46:10 +0000 (14:46 +0100)]
s3: Factor out db_ctdb_marshall_loop_next_key from db_ctdb_marshall_loop_next
Reviewed-by: Michael Adam <obnox@samba.org>
Volker Lendecke [Sat, 10 Nov 2012 13:42:21 +0000 (14:42 +0100)]
s3: Slightly simplify db_ctdb_marshall_loop_next
Both callers give a key argument
Reviewed-by: Michael Adam <obnox@samba.org>
Volker Lendecke [Thu, 8 Nov 2012 11:00:11 +0000 (12:00 +0100)]
s3: Use db_ctdb_ltdb_parse in db_ctdb_fetch_db_seqnum_from_db
Reviewed-by: Michael Adam <obnox@samba.org>
Volker Lendecke [Thu, 8 Nov 2012 10:52:43 +0000 (11:52 +0100)]
s3: Use db_ctdb_ltdb_parse in db_ctdb_ltdb_fetch
Reviewed-by: Michael Adam <obnox@samba.org>
Volker Lendecke [Thu, 8 Nov 2012 10:37:30 +0000 (11:37 +0100)]
s3: Add db_ctdb_ltdb_parse
Reviewed-by: Michael Adam <obnox@samba.org>
Volker Lendecke [Wed, 7 Nov 2012 15:39:16 +0000 (16:39 +0100)]
s3: Slightly simplify db_ctdb_transaction_commit
Avoid an unnecessary "else".
Reviewed-by: Michael Adam <obnox@samba.org>
Volker Lendecke [Wed, 7 Nov 2012 15:25:31 +0000 (16:25 +0100)]
s3: Remove header==NULL code from db_ctdb_marshall_record
The only call chain (via db_ctdb_marshall_add) has header != NULL
Reviewed-by: Michael Adam <obnox@samba.org>
Volker Lendecke [Wed, 7 Nov 2012 20:24:27 +0000 (21:24 +0100)]
s3: test dbwrap_ctdb
Reviewed-by: Michael Adam <obnox@samba.org>
Volker Lendecke [Thu, 8 Nov 2012 13:15:25 +0000 (14:15 +0100)]
dbwrap: Use dbwrap_parse_record in dbwrap_fetch_uint32_bystring
Reviewed-by: Michael Adam <obnox@samba.org>
Karolin Seeger [Thu, 29 Nov 2012 09:15:49 +0000 (10:15 +0100)]
docs: man oLschema2ldif: Add missing meta data.
This avoids warnings during the waf build and removes "FIXME" entries from the
manpage.
Karolin
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Nov 29 15:27:45 CET 2012 on sn-devel-104
git.samba.org / kai / samba-autobuild / .git / log