Andrew Bartlett [Sat, 15 Jun 2013 06:00:42 +0000 (16:00 +1000)]
ldb: Ensure not to segfault on a filter such as (mail=)
As reported by Robin McCorkell <xenopathic@gmail.com> triggered by
Mozilla Thunderbird as an LDAP client.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Matthieu Patou <mat@matws.net>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sat Jun 22 09:33:14 CEST 2013 on sn-devel-104
Steve French [Fri, 21 Jun 2013 18:40:14 +0000 (13:40 -0500)]
Add missing SMB2/SMB3 share capability flag define
SMB3.02 adds SHARE_CAP_ASYMMETRIC
Signed-off-by: Steve French <smfrench@gmail.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jun 21 22:57:16 CEST 2013 on sn-devel-104
Volker Lendecke [Fri, 21 Jun 2013 16:15:57 +0000 (18:15 +0200)]
lsa4: Fix a set but unused variable warning
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 21 Jun 2013 16:12:58 +0000 (18:12 +0200)]
lsa4: Remove an unused variable
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 21 Jun 2013 16:12:41 +0000 (18:12 +0200)]
lsa4: Remove an unused variable
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 21 Jun 2013 16:12:17 +0000 (18:12 +0200)]
lsa4: Remove an unused variable
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Fri, 21 Jun 2013 16:56:22 +0000 (09:56 -0700)]
Fix glusterfs backend crash found at the Microsoft interop event.
Based on a fix originally from Raghavendra Talur <rtalur@redhat.com>.
When a new document is created in explorer, a check for file_exist is made.
vfs_gluster_get_real_filename was returning 0 even when the file did not
exist.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: "Christopher R. Hertel" <crh@ubiqx.mn.org>
Volker Lendecke [Fri, 21 Jun 2013 15:56:08 +0000 (17:56 +0200)]
Fix some blank line endings
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Jun 21 19:57:06 CEST 2013 on sn-devel-104
Volker Lendecke [Fri, 21 Jun 2013 08:25:22 +0000 (10:25 +0200)]
dns: Fix CID
1034969 Uninitialized scalar variable
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-By: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Fri Jun 21 17:32:16 CEST 2013 on sn-devel-104
Christian Ambach [Tue, 18 Jun 2013 15:06:52 +0000 (17:06 +0200)]
s3:passdb/pdb_util make pdb_create_builtin consider whether backend deals with BUILTIN
when creating a BUILTIN group, make the strategy dependent on passdb backend behavior
1. if passdb is responsible for BUILTIN (normal case), call pdb_create_builtin_alias with gid=0 argument
so it asks winbindd for a gid to be used
2. if passdb is not responsible, ask for a mapping for the group first and let pdb_create_builtin_alias
create the mapping based on the gid that was determined in the mapping request
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Christian Ambach <ambi@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Fri Jun 21 12:49:10 CEST 2013 on sn-devel-104
Christian Ambach [Tue, 18 Jun 2013 14:30:31 +0000 (16:30 +0200)]
s3:passdb add a gid argument to pdb_create_builtin_alias
make it possible to skip the allocation of a new gid from winbind
by specifying the gid to be used
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Christian Ambach [Sat, 1 Jun 2013 19:32:42 +0000 (21:32 +0200)]
s3:utils/net_sam make use of pdb_create_builtin helper function
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Christian Ambach [Sat, 1 Jun 2013 19:32:19 +0000 (21:32 +0200)]
s3:passdb expose pdb_create_builtin function
this one first tries to map the principal before
allocating a new gid
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Christian Ambach [Mon, 27 May 2013 12:48:27 +0000 (14:48 +0200)]
s3:passdb/pdb_tdb add parameter to control handling of BUILTIN
with tdbsam:map builtin, one can control if tdbsam should
be used to map entries from BUILTIN or not.
By default, they will be mapped (as in older releases)
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Christian Ambach [Mon, 27 May 2013 12:43:40 +0000 (14:43 +0200)]
s3:passdb/pdb_ldap remove an unnecessary check
as general passdb code already verifies for which
idmap domains the module is responsible, requests for
other domains should not come in here any more
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Christian Ambach <ambi@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Christian Ambach [Tue, 18 Jun 2013 08:43:38 +0000 (10:43 +0200)]
s3:passdb/pdb_ldap make the module handle well-known
overwrite the passdb defaults and let this module handle well-knowns
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Christian Ambach [Tue, 18 Jun 2013 08:47:33 +0000 (10:47 +0200)]
s3:passdb make pdb_sid_to_id honor backend responsibilities
only ask passdb backend for mapping if it is responsible
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Christian Ambach <ambi@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Christian Ambach [Tue, 18 Jun 2013 08:43:38 +0000 (10:43 +0200)]
s3:passdb/pdb_samba_dsdb make the module handle well-known
overwrite the passdb defaults and let this module handle well-knowns
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Christian Ambach [Tue, 18 Jun 2013 08:39:10 +0000 (10:39 +0200)]
s3:lib/util_sid_passdb make use of pdb_is_responsible_for_* functions
ask passdb to determine if sid/object should be handled by passdb or not
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Christian Ambach <ambi@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Christian Ambach [Mon, 27 May 2013 10:24:22 +0000 (12:24 +0200)]
s3:passdb add pdb_*_is_responsible_for* functions
allows PDB modules to specify for which special domains they
are responsible when it comes to SID->xid conversion
By default, passdb modules will be responsible for local BUILTIN,
local SAM and Unix Users/Groups
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Christian Ambach <ambi@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Christian Ambach [Mon, 17 Jun 2013 14:32:02 +0000 (16:32 +0200)]
s3:passdb add idmap control functions
make it possible for each backend to specify for which domains
it should be asked for SID->xid mappings
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Christian Ambach <ambi@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Christian Ambach [Mon, 27 May 2013 11:28:47 +0000 (13:28 +0200)]
s3:passdb/samba_dsdb fix some compiler warnings
about gids and group_sids being potentially uninitialized
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Christian Ambach [Mon, 27 May 2013 11:33:24 +0000 (13:33 +0200)]
s3:passdb/samba_dsdb fix a compiler warning
about discarding const modifier
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Christian Ambach [Fri, 21 Jun 2013 08:10:04 +0000 (10:10 +0200)]
s3:utils/net_lookup fix a format-error
clang complains about short being used for unsigned as format-error
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Andrew Bartlett [Sat, 15 Jun 2013 13:01:44 +0000 (23:01 +1000)]
s4-winbind: Add special case for BUILTIN domain
This should mean that lookups for the BUILTIN domain cause less trouble
then they have in the past, because they will no longer go via the
trusted domain handler.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Jun 20 15:30:00 CEST 2013 on sn-devel-104
Jeremy Allison [Mon, 10 Jun 2013 20:33:40 +0000 (13:33 -0700)]
Fix bug #9166 - Starting smbd or nmbd with stdin from /dev/null results in "EOF on stdin"
Only install the stdin handler if it's a pipe or fifo.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Sat, 8 Jun 2013 05:48:40 +0000 (15:48 +1000)]
build: Build with system md5.h on OpenIndiana
This changes (again...) our system md5 detection to cope with how
OpenIndiana does md5. I'm becoming increasingly convinced this isn't
worth our while (we should have just done samba_md5...), but for now
this change seems to work on FreeBSD, OpenIndiana and Linux with
libbsd.
This needs us to rename struct MD5Context -> MD5_CTX, but we provide a
config.h define to rename the type bad if MD5_CTX does not exist (it does
however exist in the md5.h from libbsd).
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jun 19 21:32:36 CEST 2013 on sn-devel-104
Jeremy Allison [Tue, 18 Jun 2013 00:02:56 +0000 (17:02 -0700)]
Re-add umask(0) code removed by commit
3a7c2777ee0de37d758fe81d67d6836a8354825e
Without the umask code the pipe permissions are affected by the
umask of the calling process. As only smbd currently sets its
umask to zero (nmbd and winbindd should do the same) this causes
the winbindd pipe to be unavailable to the nss library code unless
winbindd is run from an init process that explicitly sets umask
to zero. When testing from the command line this can be hard to
track down :-).
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jun 18 04:31:27 CEST 2013 on sn-devel-104
Jeremy Allison [Mon, 17 Jun 2013 23:16:31 +0000 (16:16 -0700)]
Fix xx_path() - return check from mkdir() is incorrect.
This is very old code, but mkdir() fails with -1, not 0.
Only print the error message is mkdir failed with anything
other than EEXIST.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
David Disseldorp [Mon, 17 Jun 2013 17:43:34 +0000 (19:43 +0200)]
docs/vfs_catia: rework man page
The vfs_catia man page refers to two configuration variants, one
applying to Samba <= 3.4.x and one referring to Samba >= 3.5.x.
This change removes all information specific to Samba <= 3.4.x, as such
versions have been discontinued.
This change also improves formatting and nomenclature: configuration
parameters, examples and caveats are split into separate sections, and
server-side/client-side terms replace the ambiguous use of Unix and
Windows.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Jun 17 23:23:57 CEST 2013 on sn-devel-104
David Disseldorp [Mon, 17 Jun 2013 17:43:33 +0000 (19:43 +0200)]
docs/vfs_catia: remove space-char mapping recommendation
The vfs_catia man page currently recommends the mapping of server-side
space-characters (0x20) to client-side plus-minus characters (0xb1).
This recommendation should not be made, as 0x20 is a valid filename
component on both system character sets.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
David Disseldorp [Mon, 17 Jun 2013 17:43:32 +0000 (19:43 +0200)]
vfs_catia: use translate direction enum instead of int
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Christof Schmitt [Wed, 12 Jun 2013 21:55:15 +0000 (14:55 -0700)]
vfs_streams_xattr: Do not attempt to write empty attribute twice
The create disposition FILE_OVERWRITE_IF is mapped to the flags
O_CREAT|O_TRUNC. In vfs_streams_xattr, this triggers two calls to
SMB_VFS_SETXATTR. The second can fail if O_EXCL is also set, resulting
in an unnecessary error.
Merge the identical code to handle O_CREAT and O_TRUNC to avoid setting
an empty attribute twice. Also add the flags parameter to the debug
message.
Signed-off-by: Christof Schmitt <christof.schmitt@us.ibm.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Volker Lendecke [Thu, 6 Jun 2013 09:37:59 +0000 (11:37 +0200)]
librpc: Shorten dcerpc_binding_handle_call a bit
... saves 200 bytes on 64 bit Linux with -O3
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Jun 14 22:27:43 CEST 2013 on sn-devel-104
Volker Lendecke [Thu, 6 Jun 2013 09:31:37 +0000 (11:31 +0200)]
librpc: Use tevent_req_poll_ntstatus
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Thu, 16 May 2013 08:26:09 +0000 (10:26 +0200)]
libsmbclient: Fix typos
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Tue, 11 Jun 2013 17:36:09 +0000 (19:36 +0200)]
tsocket: Add some const
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Tue, 11 Jun 2013 19:03:22 +0000 (21:03 +0200)]
gencache: Simplify gencache_init a bit
Use the implicit cleanup facility CLEAR_IF_FIRST provides
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Thu, 13 Jun 2013 19:55:43 +0000 (21:55 +0200)]
genrand: Slightly simplify do_reseed
The only caller set "use_fd" to "true".
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jun 14 20:29:56 CEST 2013 on sn-devel-104
Volker Lendecke [Thu, 13 Jun 2013 18:35:32 +0000 (20:35 +0200)]
tevent: Fix Coverity ID 989236 Operands don't affect result
"unsigned" could be less than uint64_t, so idx==UINT64_MAX is always false.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Thu, 13 Jun 2013 12:16:43 +0000 (14:16 +0200)]
dsdb: remove a wrong comment in dsdb_check_access_on_dn_internal()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jun 13 18:19:24 CEST 2013 on sn-devel-104
Stefan Metzmacher [Thu, 13 Jun 2013 12:13:26 +0000 (14:13 +0200)]
dsdb: don't allow a missing nTSecurityDescriptor in dsdb_get_sd_from_ldb_message()
Every object has a nTSecurityDescriptor attribute.
This also avoids potential segfaults in the callers.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Mon, 10 Jun 2013 11:31:59 +0000 (13:31 +0200)]
dsdb: use AS_SYSTEM | SHOW_RECYCLED for access check searches
We need AS_SYSTEM in order to get the nTSecurityDescriptor attribute.
Also the result of this search not controlled by the client
nor is the result exposed to the client.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Mon, 27 May 2013 10:10:57 +0000 (12:10 +0200)]
s4:smb_server: call irpc_add_name() at startup (bug #9905)
We should call irpc_add_name() when we start the smb_server task.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Mon, 27 May 2013 10:10:57 +0000 (12:10 +0200)]
s4:rpc_server: call irpc_add_name() at startup (bug #9905)
We should call irpc_add_name() when we start the rpc_server task.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Mon, 27 May 2013 10:10:57 +0000 (12:10 +0200)]
s4:ldap_server: call irpc_add_name() at startup (bug #9905)
We should call irpc_add_name() when we start the ldap_server task.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Fri, 31 May 2013 05:36:34 +0000 (15:36 +1000)]
dsdb repl_meta_data: Use dsdb_request_add_controls()
This makes the code easier to read.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jun 13 11:15:01 CEST 2013 on sn-devel-104
Christof Schmitt [Wed, 12 Jun 2013 21:49:53 +0000 (14:49 -0700)]
Initialize the file descriptor in the files_struct before trying to close it. Otherwise, if one of the SETXATTR calls had failed, the close() call will return EBADF.
Signed-off-by: Christof Schmitt <christof.schmitt@us.ibm.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Richard Sharpe <rsharpe@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jun 13 01:43:18 CEST 2013 on sn-devel-104
Andreas Schneider [Wed, 12 Jun 2013 11:55:13 +0000 (13:55 +0200)]
tevent: Link the tutorial on the mainpage.
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Jun 12 19:54:30 CEST 2013 on sn-devel-104
David Koňař [Wed, 12 Jun 2013 11:54:36 +0000 (13:54 +0200)]
tevent: Add tevent tutorial files.
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Andreas Schneider [Wed, 12 Jun 2013 08:07:22 +0000 (10:07 +0200)]
s3-libads: Print the debug string of a failed call with LDAP_OTHER.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Jun 12 13:46:57 CEST 2013 on sn-devel-104
Andreas Schneider [Wed, 12 Jun 2013 08:08:44 +0000 (10:08 +0200)]
krb5wrap: Move mask to the right position.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Fri, 31 May 2013 04:14:54 +0000 (14:14 +1000)]
dsdb-tests ldap.py: Add test for usn behaviour on certain changes
This probes when the usn is updated, and when it is not.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Jun 12 11:54:01 CEST 2013 on sn-devel-104
Andrew Bartlett [Fri, 31 May 2013 01:15:51 +0000 (11:15 +1000)]
dsdb-tests ldap.py: Fix quoting of print statements
While python didn't mind (oddly) it really confused my editor.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Fri, 31 May 2013 04:16:02 +0000 (14:16 +1000)]
dsdb: Fix behaviour for when to update the USN when there is no change
This handles deletions and replacements with no value, or with an
exactly specified value, as well as modifies.
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Mon, 10 Jun 2013 02:22:40 +0000 (12:22 +1000)]
dsdb: Allow dsdb_find_dn_by_guid to show deleted DNs
This helps us in the KCC as we need to return the deleted DN for the GUID
in DsReplicaGetInfo calls (tested for deleted servers against Windows 2008R2).
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Mon, 10 Jun 2013 01:43:18 +0000 (11:43 +1000)]
python samba-tool drs: Correctly print KCC references to deleted servers
Tested against Windows 2008R2, presumably before the KCC ran.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Partha Sarathi [Fri, 7 Jun 2013 23:30:07 +0000 (16:30 -0700)]
Fix bug #9932 - Currently the maximum number of aces in an SD is limited to 1000, but Microsoft supports around 1800.
Issue description: I was trying to add maximum number of aces on Microsoft
share, where I was able to add nearly 1800 aces on a file/folder SD. But Samba
does not support adding 1800 aces to SD instead it limited to 1000.
Expected behavior: Ideally SAMBA should also support as like Windows to compare
with Windows standard. Set to 2000 until we add EA limits in the server.
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Jun 12 02:52:36 CEST 2013 on sn-devel-104
Volker Lendecke [Tue, 11 Jun 2013 19:07:26 +0000 (21:07 +0200)]
smbd: Remove an unused variable
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jun 12 01:00:44 CEST 2013 on sn-devel-104
Volker Lendecke [Tue, 11 Jun 2013 18:53:05 +0000 (20:53 +0200)]
librpc: Fix some "ignored asprint result" warnings
While there, it removes some alloc/free calls
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Tue, 11 Jun 2013 18:37:11 +0000 (20:37 +0200)]
smbd: Fix a const warning
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Tue, 11 Jun 2013 18:35:55 +0000 (20:35 +0200)]
smbd: Fix a const warning
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Tue, 11 Jun 2013 18:34:00 +0000 (20:34 +0200)]
smbd: Remove unused code
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Tue, 11 Jun 2013 17:41:30 +0000 (19:41 +0200)]
lib: Remove an unused variable
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jun 11 21:52:09 CEST 2013 on sn-devel-104
Volker Lendecke [Tue, 11 Jun 2013 17:27:17 +0000 (19:27 +0200)]
winreg3: Fix a const warning
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
David Disseldorp [Tue, 11 Jun 2013 12:20:53 +0000 (14:20 +0200)]
libsmb: add ABI/smbclient-0.2.1.sigs
Required following ABI vnum bump for smbc_get/setPort changes.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Tue, 16 Apr 2013 21:53:09 +0000 (14:53 -0700)]
Add smbc_getPort(), smbc_setPort(). Bump the .so minor number.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Jeremy Allison [Tue, 16 Apr 2013 21:13:57 +0000 (14:13 -0700)]
Plumb the 'port' parameter into the connect code.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Jeremy Allison [Tue, 16 Apr 2013 21:11:08 +0000 (14:11 -0700)]
Add the port argument to SMBC_server().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Jeremy Allison [Tue, 16 Apr 2013 19:22:11 +0000 (12:22 -0700)]
Add port argument to SMBC_attr_server(). Does nothing as yet.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Jeremy Allison [Tue, 16 Apr 2013 19:09:41 +0000 (12:09 -0700)]
Add the ability to parse out the port to SMBC_parse_path().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Andrew Bartlett [Mon, 3 Jun 2013 00:38:29 +0000 (10:38 +1000)]
Remove remaining references to "password level" in the tree
Reviewed-by: Simo Sorce <idra@samba.org>
Autobuild-User(master): Simo Sorce <idra@samba.org>
Autobuild-Date(master): Tue Jun 11 16:25:54 CEST 2013 on sn-devel-104
Andrew Bartlett [Mon, 3 Jun 2013 00:27:41 +0000 (10:27 +1000)]
docs: Do not encourage unix passwords, and remove reference to password level
Reviewed-by: Simo Sorce <idra@samba.org>
Andrew Bartlett [Mon, 3 Jun 2013 00:02:39 +0000 (10:02 +1000)]
auth: Remove "password level"
We now only lowercase the password, we do not attempt to find another case
combination that the password might be in.
This option is already depricated, so it is now time to remove it.
Andrew Bartlett
Reviewed-by: Simo Sorce <idra@samba.org>
Stefan Metzmacher [Mon, 10 Jun 2013 08:46:41 +0000 (10:46 +0200)]
dsdb: reset schema->{classes,attributes}_to_remove_size to 0
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Jun 11 11:40:39 CEST 2013 on sn-devel-104
Stefan Metzmacher [Mon, 10 Jun 2013 08:45:25 +0000 (10:45 +0200)]
dsdb: use the correct talloc parent in dsdb_repl_merge_working_schema()
schema->{classes,attributes} are the DLIST pointer not an array.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Wed, 5 Jun 2013 10:44:17 +0000 (20:44 +1000)]
Revert "s4-dsdb: Remove strcasecmp() fallback in replmd_ldb_message_element_attid_sort"
This reverts commit
d799b25dd3ed0f72ee03949225ba241c5538d7d6.
Sometimes the schema just isn't right. A segfault is not the correct
answer in those cases.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Björn Baumbach [Wed, 5 Jun 2013 13:01:14 +0000 (15:01 +0200)]
s4-dfs_server: check for netbios aliases in ad_get_referrals
Without this patch ad_get_referrals checks for netbios, dns names
and ip, but not for netbios aliases set by netbios aliases option,
whether the requested name is our dns name.
Pair-programmed-with: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Björn Baumbach <bb@sernet.de>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Tue Jun 11 01:12:08 CEST 2013 on sn-devel-104
Jeremy Allison [Fri, 24 May 2013 17:33:38 +0000 (10:33 -0700)]
Optimization on POSIX platforms that have fstatat.
Tests show significant speedup in directory listings
by using fstatat instead of a full pathname walk.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Jun 10 20:14:12 CEST 2013 on sn-devel-104
Jeremy Allison [Sat, 8 Jun 2013 00:53:45 +0000 (17:53 -0700)]
Check for fstatat.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Matthias Dieter Wallnöfer [Sat, 8 Jun 2013 21:45:43 +0000 (23:45 +0200)]
s4:samldb LDB module - MS-SAMR 3.1.1.8.10 "userAccountControl"
"UF_LOCKOUT" and "UF_PASSWORD_EXPIRED" are never stored but rather are
used for special semantics.
"UF_LOCKOUT" performs an account lockout and "UF_PASSWORD_EXPIRED"
forces password expiration.
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Jun 10 07:32:35 CEST 2013 on sn-devel-104
Matthias Dieter Wallnöfer [Sun, 9 Jun 2013 08:46:06 +0000 (10:46 +0200)]
s4:samr RPC server - dcesrv_samr_SetUserInfo() - password expiration
Also on level 26 this has to be handled the same as on levels 21, 23, 25.
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Sat, 8 Jun 2013 08:10:36 +0000 (18:10 +1000)]
.gitignore: Tidy up after removal of the autoconf build
Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Jun 10 04:42:46 CEST 2013 on sn-devel-104
Ralph Wuerthner [Thu, 12 Jul 2012 09:18:46 +0000 (11:18 +0200)]
tdb: Fix typos.
Reviewed-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Jun 7 15:18:47 CEST 2013 on sn-devel-104
Ralph Wuerthner [Thu, 12 Jul 2012 09:08:04 +0000 (11:08 +0200)]
Add "repack" command to tdbtool documentation.
The original commit 'Add "repack" command to tdbtool.' only added
the documentation to docs-xml/manpages-3/tdbtool.8.xml and forgot
about lib/tdb/manpages/tdbtool.8.xml .
Reviewed-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Volker Lendecke [Tue, 4 Jun 2013 10:29:32 +0000 (12:29 +0200)]
Revert "dbwrap: dbwrap_fetch_locked_timeout()."
This reverts commit
f6eb187fdab6b8088bb065e418fe604c4eba7751.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Rusty Russell <rusty@rustcorp.com.au>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Jun 6 14:26:26 CEST 2013 on sn-devel-104
Volker Lendecke [Tue, 4 Jun 2013 09:39:06 +0000 (11:39 +0200)]
docs: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Karolin Seeger <kseeger@samba.org>
Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Thu Jun 6 11:47:22 CEST 2013 on sn-devel-104
Christof Schmitt [Thu, 6 Jun 2013 00:08:03 +0000 (17:08 -0700)]
smbd: Change logging when SET_OFFLINE is not supported
A client can send a request to set the OFFLINE attribute. In the default
code this is not supported and triggers a log message each time. Change
this to only log with level 0 when an actual errors occurs, and log
ENOTSUP with level 10.
Signed-off-by: Christof Schmitt <christof.schmitt@us.ibm.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Jun 6 04:30:26 CEST 2013 on sn-devel-104
Matthias Dieter Wallnöfer [Wed, 29 May 2013 20:17:35 +0000 (22:17 +0200)]
s4:samldb LDB module - permit "userAccountControl" modifications without acct. type
Obviously this defaults to UF_NORMAL_ACCOUNT. Some background can be found in
MS-SAMR section 3.1.1.8.10.
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Jun 5 03:26:25 CEST 2013 on sn-devel-104
Matthias Dieter Wallnöfer [Sat, 21 Apr 2012 15:20:24 +0000 (17:20 +0200)]
s4:samldb LDB module - "userAccountControl" = 0 means UF_NORMAL_ACCOUNT on add
Windows Server 2008 has changed semantics in comparison to Server 2003.
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Adam [Wed, 22 May 2013 18:16:50 +0000 (20:16 +0200)]
s3:smbd: explain parameters in call to SMB_VFS_DURABLE_RECONNECT()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jun 4 21:58:16 CEST 2013 on sn-devel-104
Michael Adam [Wed, 22 May 2013 17:53:12 +0000 (19:53 +0200)]
s3:smbd: remove code duplication in smb2_create_send()
Move the calls to smb2srv_open_recreate() from the parsing of
the create blobs (DHNC and DH2C) to a central place in the
open execution phase.
This is also where it should be called: in the durable reconnect
part, right before the call to SMB_VFS_DURABLE_RECONNECT()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Michael Adam [Wed, 22 May 2013 18:26:49 +0000 (20:26 +0200)]
s3:smbd: remove old comment about scavenger timer from vfs_default_durable_reconnect()
scavenger functionality belongs to the smb layer (and is meanwhile
implemented there).
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Tue, 4 Jun 2013 08:48:20 +0000 (10:48 +0200)]
tdb: change version to tdb-1.2.12
* internal code cleanups
* crash fix for pytdb
* fix for 4GB overflow detection
See http://permalink.gmane.org/gmane.network.samba.internals/42906 for
an example of what happens.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Jun 4 16:07:55 CEST 2013 on sn-devel-104
Peng Haitao [Mon, 27 May 2013 09:59:54 +0000 (17:59 +0800)]
smbcquotas.c: fix a bug of -t
'r' should be replaced with 't'.
Signed-off-by: Peng Haitao <penght@cn.fujitsu.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Tue Jun 4 13:06:52 CEST 2013 on sn-devel-104
Stefan Metzmacher [Fri, 31 May 2013 14:04:26 +0000 (16:04 +0200)]
s4:winbind: don't leak libnet_context into the main event context
This needs to be a talloc child of struct wbsrv_domain
otherwise the cleanup of a broken connection doesn't work.
The following command can trigger the leak on a domain controller.
root@dc:~/samba# ls -l /var/lib/samba/sysvol/samba.private/
total 16
drwxrwx---+ 5 root
3000000 4096 May 14 14:46 Policies
drwxrwx---+ 2 root
3000000 4096 May 14 11:45 scripts
gid
3000000 belongs to Builtin\Administrators.
The code triggers a ncacn_np: connection to the local smbd
and complains that domain BUILTIN is not available:
[2013/05/29 17:28:03, 2] ../source4/winbind/wb_init_domain.c:376(init_domain_recv_queryinfo)
Expected domain name BUILTIN, DC dc.samba.private said SAMBA
In that case the connection was not closed, which is fixed by this commit.
Using ncalrpc: for all local SIDs and serving the BUILTIN domain is
a project for another day...
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Jun 4 11:05:09 CEST 2013 on sn-devel-104
Christian Ambach [Mon, 3 Jun 2013 14:18:03 +0000 (16:18 +0200)]
s3:lib/ctdb_packet use sys_send in packet_fd_write
use the signal safe variant here to prevent spurious errors when running
with CTDB and a signal comes in
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Christian Ambach <ambi@samba.org>
Autobuild-Date(master): Mon Jun 3 20:01:22 CEST 2013 on sn-devel-104
David Disseldorp [Mon, 3 Jun 2013 11:00:31 +0000 (13:00 +0200)]
Bug 8997: change libreplace GPL source to LGPL
libreplace currently includes socket.c and getifaddrs.c both of which
are GPL licensed.
Although not required, talloc and tdb build alongside this source,
leading to some ambiguity regarding their LGPL licences.
The following copyright holders have agreed to the GPL->LGPL change:
lib/replace/getifaddrs.c
Copyright (C) Andrew Tridgell 1998
Copyright (C) Jeremy Allison 2007
Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2007
lib/replace/test/getifaddrs.c
lib/replace/socket.c
* Copyright (C) Michael Adam <obnox@samba.org> 2008
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Jun 3 18:06:18 CEST 2013 on sn-devel-104
David Disseldorp [Wed, 29 May 2013 08:43:35 +0000 (10:43 +0200)]
torture: support printer publish pending responses
Windows (tested against 2k8r2) returns WERR_IO_PENDING and
DSPRINT_PENDING when a publish or unpublish is requested via
setprinter(level=7). Modify the AD printer publishing test to support
these responses.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Jun 3 16:06:15 CEST 2013 on sn-devel-104
David Disseldorp [Wed, 29 May 2013 08:43:34 +0000 (10:43 +0200)]
torture: add AD printer publishing test
This test publishes and unpublishes a printer using setprinter(level=7).
Printer info2.attributes and info7.action flags are check at each point
to ensure MS-RPRN conformance.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>