ira/wip.git
11 years agos3:configure: don't throw away PRINT_LIBS
Björn Jacke [Thu, 1 Oct 2009 17:08:51 +0000 (19:08 +0200)]
s3:configure: don't throw away PRINT_LIBS

PRINT_LIBS might have been set before intentionally, so don't thow it away.

11 years agos3: update comment about (deprecated) a6 records
Björn Jacke [Wed, 23 Sep 2009 12:40:25 +0000 (14:40 +0200)]
s3: update comment about (deprecated) a6 records

11 years agoFix for CVE-2009-2813.
Jeremy Allison [Thu, 1 Oct 2009 17:23:29 +0000 (10:23 -0700)]
Fix for CVE-2009-2813.

===========================================================
== Subject:     Misconfigured /etc/passwd file may share folders unexpectedly
==
== CVE ID#:     CVE-2009-2813
==
== Versions:    All versions of Samba later than 3.0.11
==
== Summary:     If a user in /etc/passwd is misconfigured to have
==              an empty home directory then connecting to the home
==              share of this user will use the root of the filesystem
==              as the home directory.
===========================================================

11 years agos3/VERSION: Raise version number up to 3.6.0.
Karolin Seeger [Thu, 1 Oct 2009 12:50:28 +0000 (14:50 +0200)]
s3/VERSION: Raise version number up to 3.6.0.

Karolin

11 years agoFix for CVE-2009-2906.
Jeremy Allison [Thu, 1 Oct 2009 12:32:36 +0000 (14:32 +0200)]
Fix for CVE-2009-2906.

Summary:
Specially crafted SMB requests on
authenticated SMB connections can send smbd
into a 100% CPU loop, causing a DoS on the
Samba server.

11 years agomount.cifs: don't leak passwords with verbose option
Jeff Layton [Fri, 25 Sep 2009 11:07:40 +0000 (07:07 -0400)]
mount.cifs: don't leak passwords with verbose option

When running mount.cifs with the --verbose option, it'll print out the
option string that it passes to the kernel...including the mount
password if there is one. Print a placeholder string instead to help
ensure that this info can't be used for nefarious purposes.

Also, the --verbose option printed the option string before it was
completely assembled anyway. This patch should also make sure that
the complete option string is printed out.

Finally, strndup passwords passed in on the command line to ensure that
they aren't shown by --verbose as well. Passwords used this way can
never be truly kept private from other users on the machine of course,
but it's simple enough to do it this way for completeness sake.

Reported-by: Ronald Volgers <r.c.volgers@student.utwente.nl>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Acked-by: Steve French <sfrench@us.ibm.com>
11 years agomount.cifs: check access of credential files before opening
Jeff Layton [Fri, 25 Sep 2009 10:45:10 +0000 (06:45 -0400)]
mount.cifs: check access of credential files before opening

It's possible for an unprivileged user to pass a setuid mount.cifs a
credential or password file to which he does not have access. This can cause
mount.cifs to open the file on his behalf and possibly leak the info in the
first few lines of the file.

Check the access permissions of the file before opening it.

Reported-by: Ronald Volgers <r.c.volgers@student.utwente.nl>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Acked-by: Steve French <sfrench@us.ibm.com>
11 years agos4:pyldb - Wrong error type (found only after the push)
Matthias Dieter Wallnöfer [Thu, 1 Oct 2009 12:02:59 +0000 (14:02 +0200)]
s4:pyldb - Wrong error type (found only after the push)

11 years agos4:ldb_msg_diff - Fixes up possible memory leaks and the python binding of it
Matthias Dieter Wallnöfer [Thu, 1 Oct 2009 11:59:02 +0000 (13:59 +0200)]
s4:ldb_msg_diff - Fixes up possible memory leaks and the python binding of it

11 years agos3-perfcount: more cleanup.
Günther Deschner [Thu, 1 Oct 2009 08:21:17 +0000 (10:21 +0200)]
s3-perfcount: more cleanup.

Guenther

11 years agos3-perfcount: only pass down prs_struct when really required.
Günther Deschner [Thu, 1 Oct 2009 01:39:07 +0000 (03:39 +0200)]
s3-perfcount: only pass down prs_struct when really required.

Guenther

11 years agos3: add perfcount idl and generated files.
Günther Deschner [Thu, 1 Oct 2009 00:09:33 +0000 (02:09 +0200)]
s3: add perfcount idl and generated files.

Guenther

11 years agos3-registry: move rpccli_winreg_Connect to the only file it belongs.
Günther Deschner [Wed, 30 Sep 2009 23:30:45 +0000 (01:30 +0200)]
s3-registry: move rpccli_winreg_Connect to the only file it belongs.

Guenther

11 years agos3: remove unused rpcstr_pull and rpcstr_pull_talloc.
Günther Deschner [Wed, 30 Sep 2009 18:01:54 +0000 (20:01 +0200)]
s3: remove unused rpcstr_pull and rpcstr_pull_talloc.

Guenther

11 years agos3-printing: more use of pull_reg_sz().
Günther Deschner [Wed, 30 Sep 2009 18:01:35 +0000 (20:01 +0200)]
s3-printing: more use of pull_reg_sz().

Guenther

11 years agos3-registry: use pull_reg_sz() where appropriate.
Günther Deschner [Wed, 30 Sep 2009 18:00:52 +0000 (20:00 +0200)]
s3-registry: use pull_reg_sz() where appropriate.

(and move away from rpcstr_pull and rpcstr_pull_talloc).

Guenther

11 years agos4-tort-drs: Add bind_info for dcerpc_drsuapi_DsBind() call
Kamen Mazdrashki [Fri, 18 Sep 2009 16:04:22 +0000 (19:04 +0300)]
s4-tort-drs: Add bind_info for dcerpc_drsuapi_DsBind() call

After this patch DsGetNCChanges() test works fine.

bind_info returned by server is also cached for future use

Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
11 years agos4-tort-drs: DsReplicaUpdateRefs test fixed and extended
Kamen Mazdrashki [Sun, 13 Sep 2009 20:54:05 +0000 (23:54 +0300)]
s4-tort-drs: DsReplicaUpdateRefs test fixed and extended

Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
11 years agos4-tort: Added assertion macro for DRSUAPI call
Kamen Mazdrashki [Fri, 18 Sep 2009 15:11:56 +0000 (18:11 +0300)]
s4-tort: Added assertion macro for DRSUAPI call

Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
11 years agoallow for outstanding_aio_calls to be decremented
Olaf Flebbe [Wed, 30 Sep 2009 22:20:09 +0000 (15:20 -0700)]
allow for outstanding_aio_calls to be decremented

11 years agos3-printing: use regval_ctr_addvalue_multi_sz.
Günther Deschner [Wed, 30 Sep 2009 13:22:02 +0000 (15:22 +0200)]
s3-printing: use regval_ctr_addvalue_multi_sz.

Guenther

11 years agos3-registry: add regval_ctr_addvalue_multi_sz.
Günther Deschner [Wed, 30 Sep 2009 13:21:37 +0000 (15:21 +0200)]
s3-registry: add regval_ctr_addvalue_multi_sz.

Guenther

11 years agos3: re-run make idl. janitor for tridge.
Günther Deschner [Wed, 30 Sep 2009 14:18:29 +0000 (16:18 +0200)]
s3: re-run make idl. janitor for tridge.

Guenther

11 years agos3-rpc_parse: remove unused prs_string.
Günther Deschner [Tue, 29 Sep 2009 23:23:13 +0000 (01:23 +0200)]
s3-rpc_parse: remove unused prs_string.

Guenther

11 years agos4:torture: data_blob_hex_string() output is now lowercase.
Andrew Kroeger [Fri, 25 Sep 2009 20:10:40 +0000 (15:10 -0500)]
s4:torture: data_blob_hex_string() output is now lowercase.

Based on the change in commit fb84edabbe9f358031117de2cf78613c704ac600, these
tests needs to expect lowercase output.

11 years agos4:samba.tests.samdb - remove last relicts of the templates
Matthias Dieter Wallnöfer [Sat, 26 Sep 2009 16:37:56 +0000 (18:37 +0200)]
s4:samba.tests.samdb - remove last relicts of the templates

11 years agos4:pyldb - Fixed the return value in "py_ldb_msg_diff"
Matthias Dieter Wallnöfer [Tue, 22 Sep 2009 12:10:52 +0000 (14:10 +0200)]
s4:pyldb - Fixed the return value in "py_ldb_msg_diff"

The case distinction shouldn't be needed also when "diff" is NULL.
"PyLdbMessage_FromMessage" works with "NULL" arguments.

11 years agoRevert "s4:wmic - Output enhancements"
Matthias Dieter Wallnöfer [Tue, 22 Sep 2009 14:06:23 +0000 (16:06 +0200)]
Revert "s4:wmic - Output enhancements"

This reverts commit fb914640ad656b146f732ab33063575e2e47e37c.

Jelmer requested the revert since he feels better when we reapply this change
after his merge with the updated WMI branch.

11 years agoRevert "python: create a script for reorgnizing an LDB file."
Matthias Dieter Wallnöfer [Wed, 23 Sep 2009 12:32:03 +0000 (14:32 +0200)]
Revert "python: create a script for reorgnizing an LDB file."

This reverts commit 11a7842854c0be8c427a2dbf0a8fc3761cda6298.

abartlet claims that this patch could lead to data loss (look at technical
mailing list)

11 years agos4:pwsettings - Improve error handling and introduce "choice" type
Matthias Dieter Wallnöfer [Tue, 22 Sep 2009 12:09:37 +0000 (14:09 +0200)]
s4:pwsettings - Improve error handling and introduce "choice" type

- Improve the error handling according to Jelmer's suggestions
- Print out the error messages on "stderr"
- Add also here the "choice" type for arguments

11 years agos4:provision - Lets the user choose between the supported forest/domain function...
Matthias Dieter Wallnöfer [Tue, 22 Sep 2009 14:59:29 +0000 (16:59 +0200)]
s4:provision - Lets the user choose between the supported forest/domain function levels

Adds a parameter "--function-level" which allows to specify the domain and
forest function level.

11 years agos4:provision: Show domains and forests are W2K8 DC capable.
Andrew Kroeger [Thu, 24 Sep 2009 21:58:04 +0000 (16:58 -0500)]
s4:provision: Show domains and forests are W2K8 DC capable.

When adding a W2K8 DC to a domain running earlier DC versions, the "adprep"
utility is used to perform schema updates and update other attributes as
necessary.

Adding these entries provides an indication that the adprep utility has been run
with the /forestprep, /domainprep and /rodcprep arguments.  Although these
entries indicate adprep has been run, nothing has been done to verify that the
changes that the adprep utility would have made have actually been done.

The values used for the revision atttributes are as seen on a W2K8 DC (not
W2K8 R2, which will probably have higher values).

11 years agos4:provision: Update schema version number to W2K8.
Andrew Kroeger [Mon, 21 Sep 2009 02:36:47 +0000 (21:36 -0500)]
s4:provision: Update schema version number to W2K8.

We are running the W2K8 schema version, not the W2K3 version.

11 years agos4:dsdb/common/util - remove introduced "samdb_is_capable_dc" call
Matthias Dieter Wallnöfer [Fri, 25 Sep 2009 12:16:34 +0000 (14:16 +0200)]
s4:dsdb/common/util - remove introduced "samdb_is_capable_dc" call

I came up with a better solution which is invoked when we try to join a domain
as a DC (in file "libnet_become_dc.c"). Consider a following commit for this
patch.

11 years agos4:domainlevel - General rework
Matthias Dieter Wallnöfer [Mon, 21 Sep 2009 19:46:14 +0000 (21:46 +0200)]
s4:domainlevel - General rework

- We support domain/forest function levels >= (Windows) 2003 Native -> adapt the
  domain/forest and DC function level restrictions.
- Consider also the lowest function level of a DC. The domain and forest function
  levels can never be higher than it.
- Improve the error handling by printing out messages to "stderr"
- Introduce the "choice" type for choice arguments (saves us some error handling)

11 years agow32err: Importing auto-generated Win32 errors and descriptions
Kamen Mazdrashki [Fri, 18 Sep 2009 13:30:09 +0000 (16:30 +0300)]
w32err: Importing auto-generated Win32 errors and descriptions

Error codes and their descriptions are generated
using w32err_code.py script.
Error are downloaded from MS site:
http://msdn.microsoft.com/en-us/library/cc231199%28PROT.10%29.aspx

Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
11 years agow32err: WERR_GROUP_NOT_FOUND renamed to WERR_GROUPNOTFOUND
Kamen Mazdrashki [Thu, 17 Sep 2009 21:20:23 +0000 (00:20 +0300)]
w32err: WERR_GROUP_NOT_FOUND renamed to WERR_GROUPNOTFOUND

In Win 32 we have
NERR_GroupNotFound which maps to WERR_GROUP_NOT_FOUND currently
and we have
ERROR_GROUP_NOT_FOUND which maps to nothing, so it is to be added

Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
11 years agow32err: WERR_USER_EXISTS replace with WERR_USEREXISTS name
Kamen Mazdrashki [Thu, 17 Sep 2009 21:00:21 +0000 (00:00 +0300)]
w32err: WERR_USER_EXISTS replace with WERR_USEREXISTS name

In Win32 we have
NERR_UserExists which maps to WERR_USER_EXISTS currently
and there is
ERROR_USER_EXISTS which maps to WERR_USER_ALREADY_EXISTS

Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
11 years agow32err: WERR_DC_NOT_FOUND replaced with WERR_DCNOTFOUND
Kamen Mazdrashki [Thu, 17 Sep 2009 21:46:52 +0000 (00:46 +0300)]
w32err: WERR_DC_NOT_FOUND replaced with WERR_DCNOTFOUND

It turns out in win32 ERROR_DC_NOT_FOUND exists and it is
an error for Device Context (DC), not Domain Controller

Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
11 years agow32err: FRS_ group of errors replaced with numeric values
Kamen Mazdrashki [Thu, 17 Sep 2009 20:18:40 +0000 (23:18 +0300)]
w32err: FRS_ group of errors replaced with numeric values

Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
11 years agow32err: WERR_DOMAIN_CONTROLLER_NOT_FOUND error value fixed
Kamen Mazdrashki [Thu, 17 Sep 2009 10:52:28 +0000 (13:52 +0300)]
w32err: WERR_DOMAIN_CONTROLLER_NOT_FOUND error value fixed

Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
11 years agow32err: Script to fetch and prepare errors to be updated/added
Kamen Mazdrashki [Wed, 30 Sep 2009 09:28:10 +0000 (12:28 +0300)]
w32err: Script to fetch and prepare errors to be updated/added

Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
11 years agoidl: ntsvcs.idl depends on misc.idl, not winreg.idl
Andrew Tridgell [Wed, 30 Sep 2009 04:33:14 +0000 (14:33 +1000)]
idl: ntsvcs.idl depends on misc.idl, not winreg.idl

The winreg_Type definition comes from misc.idl

11 years agos4/torture: fix RAW-OPLOCK-STREAM1 test after commit a11bb14
Steven Danneman [Wed, 30 Sep 2009 02:03:20 +0000 (19:03 -0700)]
s4/torture: fix RAW-OPLOCK-STREAM1 test after commit a11bb14

We were pulling junk memory for our stream names after the reordering
of the struct definition.

11 years agos4/torture: Allow receiving of oplock break requests in any order
Steven Danneman [Fri, 25 Sep 2009 23:44:51 +0000 (16:44 -0700)]
s4/torture: Allow receiving of oplock break requests in any order

Previously, the oplock torture tests, being single threaded, required
the server to return oplock break requests, and other SMB packets
in a specific order for us to verify "correctness".

Of course, in several cases the protocol allows the break packets,
especially breaks to levelII to come back in any order.  With tevent
we're now able to wait for oplock breaks in the middle of a torture
test.

I've added a helper to do this, and modified all oplock tests to allow
returning of oplock breaks in any order.

11 years agos4/torture: convert printf to torture_comment()
Aravind Srinivasan [Tue, 8 Sep 2009 20:12:26 +0000 (13:12 -0700)]
s4/torture: convert printf to torture_comment()

Allows "make test" and other harnesses to print cleaner output.

11 years agos3-netlogon: properly implement _netr_NetrEnumerateTrustedDomains().
Günther Deschner [Thu, 24 Sep 2009 16:53:40 +0000 (18:53 +0200)]
s3-netlogon: properly implement _netr_NetrEnumerateTrustedDomains().

Guenther

11 years agos3: remove unused unistr2_term_codes.
Günther Deschner [Tue, 29 Sep 2009 22:36:05 +0000 (00:36 +0200)]
s3: remove unused unistr2_term_codes.

Guenther

11 years agos3: remove unused regval_convert_multi_sz().
Günther Deschner [Thu, 24 Sep 2009 23:00:24 +0000 (01:00 +0200)]
s3: remove unused regval_convert_multi_sz().

Guenther

11 years agos3: remove unused regval_build_multi_sz().
Günther Deschner [Thu, 24 Sep 2009 22:37:02 +0000 (00:37 +0200)]
s3: remove unused regval_build_multi_sz().

Guenther

11 years agos3-rpc_parse: remove unused UNISTR2 struct and init function.
Günther Deschner [Wed, 23 Sep 2009 18:48:25 +0000 (20:48 +0200)]
s3-rpc_parse: remove unused UNISTR2 struct and init function.

Guenther

11 years agos3: use pull_reg_multi_sz in rpcclient and net.
Günther Deschner [Tue, 29 Sep 2009 21:22:46 +0000 (23:22 +0200)]
s3: use pull_reg_multi_sz in rpcclient and net.

Guenther

11 years agos3-util: use pull_reg_multi_sz in reg_pull_multi_sz.
Günther Deschner [Fri, 25 Sep 2009 09:35:46 +0000 (11:35 +0200)]
s3-util: use pull_reg_multi_sz in reg_pull_multi_sz.

Guenther

11 years agos3-registry: use pull_reg_multi_sz().
Günther Deschner [Thu, 24 Sep 2009 22:55:56 +0000 (00:55 +0200)]
s3-registry: use pull_reg_multi_sz().

Guenther

11 years agos3-util: add pull_reg_sz() and pull_reg_multi_sz() convenience functions.
Günther Deschner [Thu, 24 Sep 2009 22:56:17 +0000 (00:56 +0200)]
s3-util: add pull_reg_sz() and pull_reg_multi_sz() convenience functions.

Guenther

11 years agos3: use push_reg_multi_sz().
Günther Deschner [Thu, 24 Sep 2009 22:36:43 +0000 (00:36 +0200)]
s3: use push_reg_multi_sz().

Guenther

11 years agos3-registry: use regval_ctr_addvalue_sz().
Günther Deschner [Thu, 24 Sep 2009 13:01:32 +0000 (15:01 +0200)]
s3-registry: use regval_ctr_addvalue_sz().

Greatly simplifies and cleanes up the code.

Guenther

11 years agos3-registry: add regval_ctr_addvalue_sz.
Günther Deschner [Thu, 24 Sep 2009 09:30:45 +0000 (11:30 +0200)]
s3-registry: add regval_ctr_addvalue_sz.

Guenther

11 years agos3-registry: use push_reg_sz().
Günther Deschner [Wed, 23 Sep 2009 18:46:08 +0000 (20:46 +0200)]
s3-registry: use push_reg_sz().

Guenther

11 years agos3-util: add push_reg_sz() and push_reg_multi_sz() convenience functions.
Günther Deschner [Wed, 23 Sep 2009 18:42:20 +0000 (20:42 +0200)]
s3-util: add push_reg_sz() and push_reg_multi_sz() convenience functions.

Guenther

11 years agos3: re-run make idl_full.
Günther Deschner [Tue, 29 Sep 2009 21:33:48 +0000 (23:33 +0200)]
s3: re-run make idl_full.

Guenther

11 years agowinreg: add winreg_Data union to IDL.
Günther Deschner [Wed, 23 Sep 2009 18:41:44 +0000 (20:41 +0200)]
winreg: add winreg_Data union to IDL.

Guenther

11 years agos3: Document the "share:fake_fscaps" parameter, fix bug 6765
Volker Lendecke [Tue, 29 Sep 2009 12:34:16 +0000 (14:34 +0200)]
s3: Document the "share:fake_fscaps" parameter, fix bug 6765

11 years agos3: Remove the lua interpreter again
Volker Lendecke [Tue, 29 Sep 2009 11:11:20 +0000 (13:11 +0200)]
s3: Remove the lua interpreter again

This was meant to support async winbind. But as the hairy parts of async
winbind (getgrent) are done without it, it can go again.

11 years agopidl: added union padding for NDR64
Andrew Tridgell [Tue, 29 Sep 2009 07:47:54 +0000 (17:47 +1000)]
pidl: added union padding for NDR64

This fixes the problem with samr UserInfo16 when NDR64 is enabled

11 years agoDon't defer a talloc_move'd pointer.
Jeremy Allison [Tue, 29 Sep 2009 04:36:15 +0000 (21:36 -0700)]
Don't defer a talloc_move'd pointer.
Jeremy.

11 years agoSecond part of fix for bug #6235 - domain enumeration breaks if master browser has...
Jeremy Allison [Mon, 28 Sep 2009 18:23:30 +0000 (11:23 -0700)]
Second part of fix for bug #6235 - domain enumeration breaks if master browser has space in name.
Ensure we ask for the #20 name as we're using it as a server.
Jeremy.

11 years agos3:winbind: remove a pointless initialization
Volker Lendecke [Mon, 28 Sep 2009 17:50:24 +0000 (19:50 +0200)]
s3:winbind: remove a pointless initialization

11 years agos3:gencache: Add my copyright
Volker Lendecke [Sun, 20 Sep 2009 16:10:01 +0000 (18:10 +0200)]
s3:gencache: Add my copyright

11 years agos3:winbind: Make check_info3_in_group, sanitize its memory handling
Volker Lendecke [Sun, 27 Sep 2009 10:47:24 +0000 (12:47 +0200)]
s3:winbind: Make check_info3_in_group, sanitize its memory handling

11 years agos3:winbind: Make "check_request_flags" publically available
Volker Lendecke [Sun, 27 Sep 2009 09:51:07 +0000 (11:51 +0200)]
s3:winbind: Make "check_request_flags" publically available

11 years agos3:winbind: Sanitize the args for find_auth_domain: It only needs the flags
Volker Lendecke [Sun, 27 Sep 2009 09:49:11 +0000 (11:49 +0200)]
s3:winbind: Sanitize the args for find_auth_domain: It only needs the flags

11 years agos3:winbind: Make append_data publically available as append_auth_data
Volker Lendecke [Sun, 27 Sep 2009 09:39:38 +0000 (11:39 +0200)]
s3:winbind: Make append_data publically available as append_auth_data

11 years agos3/VERSION: Raise version up to 3.5.0.
Karolin Seeger [Mon, 28 Sep 2009 14:57:29 +0000 (16:57 +0200)]
s3/VERSION: Raise version up to 3.5.0.

Karolin

11 years agochanged debuglevel for two messages in the GPFS module from 0 to 10 they spammed...
Christian Ambach [Sun, 27 Sep 2009 21:34:04 +0000 (23:34 +0200)]
changed debuglevel for two messages in the GPFS module from 0 to 10 they spammed the logs on a test machine and they are just debug messages, so let's move them to the level of the other debug messages in the file

Signed-off-by: Christian Ambach <christian.ambach@de.ibm.com>
11 years agopidl: Avoid using talloc_free as function pointer, since it may be a
Jelmer Vernooij [Mon, 28 Sep 2009 13:03:17 +0000 (15:03 +0200)]
pidl: Avoid using talloc_free as function pointer, since it may be a
macro.

11 years agoMove samba-specific variable to s4 Makefile.
Jelmer Vernooij [Mon, 28 Sep 2009 10:25:13 +0000 (12:25 +0200)]
Move samba-specific variable to s4 Makefile.

11 years agomake: Use $(base_srcdirs) in 'make clean' rather than keeping a separate
Jelmer Vernooij [Mon, 28 Sep 2009 10:21:06 +0000 (12:21 +0200)]
make: Use $(base_srcdirs) in 'make clean' rather than keeping a separate
list.

11 years agos4-kcc: fixed corruption of repsFrom records by kcc
Andrew Tridgell [Mon, 28 Sep 2009 05:16:06 +0000 (15:16 +1000)]
s4-kcc: fixed corruption of repsFrom records by kcc

We were re-using a stack variable outside of the stack scope

11 years agos4-kcc: remove stale repsFrom entries in kcc run
Andrew Tridgell [Mon, 28 Sep 2009 03:10:13 +0000 (13:10 +1000)]
s4-kcc: remove stale repsFrom entries in kcc run

11 years agos4-dsdb: don't return the partition root objects
Andrew Tridgell [Mon, 28 Sep 2009 02:28:59 +0000 (12:28 +1000)]
s4-dsdb: don't return the partition root objects

When searching across partitions, we want to avoid sending duplicate
records caused by the record appearing both as a mount point and as a
partition root in a nested partition. This patch works by intercepting
objects from searches and checking if they match a partition root. If
they do, and the partition is not the one in the partition control
request, then discard the object.

11 years agos4-make: add libds to etags/ctags source list
Andrew Tridgell [Mon, 28 Sep 2009 01:06:35 +0000 (11:06 +1000)]
s4-make: add libds to etags/ctags source list

11 years agos4-libnet: fixed debug formatting
Andrew Tridgell [Sat, 26 Sep 2009 03:47:06 +0000 (20:47 -0700)]
s4-libnet: fixed debug formatting

11 years agos4-dsdb: removed extraneous debug messages
Andrew Tridgell [Sat, 26 Sep 2009 03:46:53 +0000 (20:46 -0700)]
s4-dsdb: removed extraneous debug messages

11 years agos4-dsdb: update replPropertyMetaData on linked attribute source attributes
Andrew Tridgell [Sat, 26 Sep 2009 03:38:20 +0000 (20:38 -0700)]
s4-dsdb: update replPropertyMetaData on linked attribute source attributes

11 years agos4-dsdb: fixed searching for GUID based DNs between partitions
Andrew Tridgell [Sat, 26 Sep 2009 03:37:45 +0000 (20:37 -0700)]
s4-dsdb: fixed searching for GUID based DNs between partitions

11 years agos4-drs: removed debug code that replicated a maximum of 10 objects at a time
Andrew Tridgell [Fri, 25 Sep 2009 22:54:00 +0000 (15:54 -0700)]
s4-drs: removed debug code that replicated a maximum of 10 objects at a time

11 years agos4-drsuapi: state variable for getncchanges
Andrew Tridgell [Fri, 25 Sep 2009 22:18:02 +0000 (15:18 -0700)]
s4-drsuapi: state variable for getncchanges

11 years agos4-dsruapi: plugfest updates
Andrew Tridgell [Fri, 25 Sep 2009 22:17:44 +0000 (15:17 -0700)]
s4-dsruapi: plugfest updates

- always fetch parentGUID from databases, don't rely on parentGUID in
  attributes

- re-fetch nc root mesages to avoid the problem of dual messages for
  roots

- support returning messages a chunk at a time, using max_object_count
  from request

11 years agos4-drsutil: allow NULL filter
Andrew Tridgell [Fri, 25 Sep 2009 22:15:23 +0000 (15:15 -0700)]
s4-drsutil: allow NULL filter

11 years agos4-ldap: fixed spelling
Andrew Tridgell [Fri, 25 Sep 2009 22:14:59 +0000 (15:14 -0700)]
s4-ldap: fixed spelling

11 years agos4-samdb: when UF_SERVER_TRUST_ACCOUNT is set mark object as critical
Andrew Tridgell [Fri, 25 Sep 2009 22:14:43 +0000 (15:14 -0700)]
s4-samdb: when UF_SERVER_TRUST_ACCOUNT is set mark object as critical

We may also need to remove the isCriticalSystemObject when the machine
is demoted

11 years agos4-repl: free the la list on prepare commit failure
Andrew Tridgell [Fri, 25 Sep 2009 22:13:09 +0000 (15:13 -0700)]
s4-repl: free the la list on prepare commit failure

11 years agos4-samdb: free the linked_attributes list on prepare commit failure
Andrew Tridgell [Fri, 25 Sep 2009 22:12:52 +0000 (15:12 -0700)]
s4-samdb: free the linked_attributes list on prepare commit failure

11 years agos4-repl: use GUID to resolve target in linked attributes
Andrew Tridgell [Fri, 25 Sep 2009 03:15:11 +0000 (20:15 -0700)]
s4-repl: use GUID to resolve target in linked attributes

When we vampire from w2k8-r2, the DC sends us a linked attribute for
our machine account which has a target DN with a GUID of the OU=Domain
Controllers objects, but has a DN of CN=Computers. We need to use the
GUID to resolve the real DN.

11 years agos4-dsdb: ask for an extended DN in dsdb_find_dn_by_guid()
Andrew Tridgell [Fri, 25 Sep 2009 03:13:22 +0000 (20:13 -0700)]
s4-dsdb: ask for an extended DN in dsdb_find_dn_by_guid()

11 years agos4-dsdb: make dsdb_search_dn_with_deleted public for repl_meta_data module
Andrew Tridgell [Fri, 25 Sep 2009 00:20:34 +0000 (17:20 -0700)]
s4-dsdb: make dsdb_search_dn_with_deleted public for repl_meta_data module

11 years agos4-acl: fixed SD creation
Andrew Tridgell [Thu, 24 Sep 2009 23:53:06 +0000 (16:53 -0700)]
s4-acl: fixed SD creation

Thanks for Nadya and Metze for this. The SDs were being created with
invalid fields (noticed by w2k8-r2 client when joining our domain)

11 years agolibds: fixed spelling error
Andrew Tridgell [Thu, 24 Sep 2009 23:51:15 +0000 (16:51 -0700)]
libds: fixed spelling error

11 years agos4-drs: fixed sorting of replPropertyMetaData
Andrew Tridgell [Thu, 24 Sep 2009 23:50:59 +0000 (16:50 -0700)]
s4-drs: fixed sorting of replPropertyMetaData

This also ensures we add the SHOW_DELETED control on searches for old
replPropertyMetaData attributes