14 years agofixed tdbbackup to give tdb error messages
Andrew Tridgell [Thu, 28 May 2009 07:35:12 +0000 (17:35 +1000)]
fixed tdbbackup to give tdb error messages

14 years agoMerge branch 'master' of ssh://
Andrew Tridgell [Thu, 28 May 2009 06:12:34 +0000 (16:12 +1000)]
Merge branch 'master' of ssh://

14 years agoa useful debugging tool
Andrew Tridgell [Thu, 28 May 2009 06:11:45 +0000 (16:11 +1000)]
a useful debugging tool

When looking at performance problems with ldb it can be useful to see
which searches causes unindexed full searches. This makes it easy to
enable that.

14 years agofixed one-level indexing
Andrew Tridgell [Thu, 28 May 2009 06:10:47 +0000 (16:10 +1000)]
fixed one-level indexing

one-level indexing was not always effective due to some broken logic
in the indexing code. This change means that if normal indexing fails,
we can still fall back on one-level indexing.

This reduces the number of full unindexed searches in s4 quite a lot

14 years agoenable one-level indexing in sam.ldb
Andrew Tridgell [Thu, 28 May 2009 06:08:49 +0000 (16:08 +1000)]
enable one-level indexing in sam.ldb

14 years agomake TDB_NOSYNC affect all the fsync/msync calls in transactions
Andrew Tridgell [Thu, 28 May 2009 06:08:28 +0000 (16:08 +1000)]
make TDB_NOSYNC affect all the fsync/msync calls in transactions

During a transaction commit tdb normally uses fsync/msync calls to
make it crash safe. This can be disabled using the TDB_NOSYNC flag,
but it wasn't disabling all the code paths that caused a fsync/msync.

14 years agoAdd a smbclient "readlink" command and add docs for it.
Jeremy Allison [Thu, 28 May 2009 05:02:20 +0000 (22:02 -0700)]
Add a smbclient "readlink" command and add docs for it.

14 years agoAdd cli_posix_readlink() and a torture test for it.
Jeremy Allison [Thu, 28 May 2009 04:51:15 +0000 (21:51 -0700)]
Add cli_posix_readlink() and a torture test for it.

14 years agoAdd aync POSIX hardlink and symlink and torture test for them.
Jeremy Allison [Thu, 28 May 2009 00:28:23 +0000 (17:28 -0700)]
Add aync POSIX hardlink and symlink and torture test for them.
Missing call cli_readlink() is next.

14 years agos3:idmap_ldap: filter out of range mappings in default idmap config
Michael Adam [Wed, 27 May 2009 17:25:44 +0000 (19:25 +0200)]
s3:idmap_ldap: filter out of range mappings in default idmap config

This fixes bug #6417


14 years agotdb: Fix some recently introduced warnings in tdbtool
Tim Prouty [Wed, 27 May 2009 19:52:37 +0000 (12:52 -0700)]
tdb: Fix some recently introduced warnings in tdbtool

14 years agos3: Allow child processes to exit gracefully if we are out of fds
Marc VanHeyningen [Tue, 5 May 2009 21:18:50 +0000 (21:18 +0000)]
s3: Allow child processes to exit gracefully if we are out of fds

When we run out of file descriptors for some reason, every new
connection forks a child that immediately panics causing smbd to
coredump.  This seems unnecessarily harsh; with this code change we
now catch that error and merely log a message about it and exit
without the core dump.

Signed-off-by: Tim Prouty <>
14 years agos3: zero an uninitialized array
Marc VanHeyningen [Tue, 5 May 2009 22:07:40 +0000 (22:07 +0000)]
s3: zero an uninitialized array

Invalid pointers were being dereferenced in lookup_sids causing
occasional seg faults.

Signed-off-by: Tim Prouty <>
14 years agos3:idmap: fix a comment typo
Michael Adam [Wed, 27 May 2009 17:26:32 +0000 (19:26 +0200)]
s3:idmap: fix a comment typo


14 years agos3:idmap_tdb2: filter out of range mappings in default idmap config
Michael Adam [Wed, 27 May 2009 17:24:03 +0000 (19:24 +0200)]
s3:idmap_tdb2: filter out of range mappings in default idmap config

This fixes bug #6416


14 years agos3:idmap_tdb: add an entry debug statment to idmap_tdb_db_init()
Michael Adam [Wed, 27 May 2009 17:14:10 +0000 (19:14 +0200)]
s3:idmap_tdb: add an entry debug statment to idmap_tdb_db_init()


14 years agos3:idmap_tdb: filter out of range mappings in default idmap config
Michael Adam [Wed, 27 May 2009 17:12:28 +0000 (19:12 +0200)]
s3:idmap_tdb: filter out of range mappings in default idmap config

This fixes bug #6415


14 years agos3/docs: Correct version number.
Karolin Seeger [Wed, 27 May 2009 16:14:17 +0000 (18:14 +0200)]
s3/docs: Correct version number.


14 years agoRevert "s3/docs: Fix build."
Karolin Seeger [Wed, 27 May 2009 14:04:11 +0000 (16:04 +0200)]
Revert "s3/docs: Fix build."

This reverts commit 84998cb85e59a92178d916f4e485c08fb826b838.

Actually, the "fix" breaks the build.
Works after 'make clean'. Sorry!

14 years agos3/docs: Fix build.
Karolin Seeger [Wed, 27 May 2009 13:52:23 +0000 (15:52 +0200)]
s3/docs: Fix build.

$(DBLATEX) was empty.

Please check!


14 years agoModified SamDB to accept options like Ldb.
Nadezhda Ivanova [Wed, 27 May 2009 10:49:51 +0000 (13:49 +0300)]
Modified SamDB to accept options like Ldb.

14 years agos3: update manpage as to the new passdb backend default
Björn Jacke [Wed, 27 May 2009 10:01:21 +0000 (12:01 +0200)]
s3: update manpage as to the new passdb backend default

14 years agos3: make passdb backend defaults to tdbsam
Björn Jacke [Mon, 25 May 2009 12:55:04 +0000 (14:55 +0200)]
s3: make passdb backend defaults to tdbsam

14 years agoFix the build of nfs4_acls.c
Volker Lendecke [Sun, 24 May 2009 20:17:58 +0000 (22:17 +0200)]
Fix the build of nfs4_acls.c

14 years agoFix a size_t/int warning
Volker Lendecke [Sun, 24 May 2009 20:16:34 +0000 (22:16 +0200)]
Fix a size_t/int warning

14 years agoFix some nonempty blank lines
Volker Lendecke [Sun, 24 May 2009 19:46:53 +0000 (21:46 +0200)]
Fix some nonempty blank lines

14 years agoGna, how long do I program in C now??? :-)
Volker Lendecke [Wed, 27 May 2009 06:09:23 +0000 (08:09 +0200)]
Gna, how long do I program in C now??? :-)

14 years agoDetect missing 'witch' before detecting missing autoconf
Andrew Bartlett [Mon, 18 May 2009 05:56:31 +0000 (15:56 +1000)]
Detect missing 'witch' before detecting missing autoconf

14 years agos3/docs Add manpage for "map untrusted to domain" parameter
Steven Danneman [Fri, 22 May 2009 23:57:52 +0000 (16:57 -0700)]
s3/docs Add manpage for "map untrusted to domain" parameter

This fixes bug 6352.

14 years agoHandle the krbtgt special case by looking for RID -514
Andrew Bartlett [Tue, 26 May 2009 03:09:57 +0000 (13:09 +1000)]
Handle the krbtgt special case by looking for RID -514

It turns out (seen in MS-SAMR for example) that the primary
way the krbtgt account is recognised as special is that RID.  This
should fix issues such as 'password expired' on the kpasswd service.

Andrew Bartlett

14 years agoAdd DOMAIN_RID_KRBTGT define to security.idl
Andrew Bartlett [Tue, 26 May 2009 04:43:49 +0000 (14:43 +1000)]
Add DOMAIN_RID_KRBTGT define to security.idl

14 years agos4:tevent: Increase trace debug level to 50.
Andrew Kroeger [Sun, 24 May 2009 06:48:49 +0000 (01:48 -0500)]
s4:tevent: Increase trace debug level to 50.

The sheer volume of messages generated by tevent when the trace level is set to
10 makes it difficult to debug issues in a level 10 log.  Increasing this to
50 allows tevent tracing to be enabled if needed, but otherwise keeps the extra
chatter out of a level 10 log.

14 years agoAttempt to fix the build on HP/UX
Volker Lendecke [Tue, 26 May 2009 21:37:14 +0000 (23:37 +0200)]
Attempt to fix the build on HP/UX

14 years agoAttempt to fix the build on NetBSD
Volker Lendecke [Tue, 26 May 2009 20:39:50 +0000 (22:39 +0200)]
Attempt to fix the build on NetBSD

14 years agoRevert "s3: fix build on systems with struct stat member st_flags"
Björn Jacke [Tue, 26 May 2009 21:19:00 +0000 (23:19 +0200)]
Revert "s3: fix build on systems with struct stat member st_flags"

for a cleaner and more complete patch that Volker has in the queue :-)

14 years agos3: fix build on systems with struct stat member st_flags
Björn Jacke [Tue, 26 May 2009 20:37:17 +0000 (22:37 +0200)]
s3: fix build on systems with struct stat member st_flags

14 years agos4:ldb_modules: Correct typos.
Andrew Kroeger [Sun, 24 May 2009 22:40:57 +0000 (17:40 -0500)]
s4:ldb_modules: Correct typos.

14 years agos4:ldb:modules: Correct typos.
Andrew Kroeger [Tue, 26 May 2009 20:22:13 +0000 (15:22 -0500)]
s4:ldb:modules: Correct typos.

14 years agoFix some nonempty blank lines
Volker Lendecke [Tue, 26 May 2009 19:07:08 +0000 (21:07 +0200)]
Fix some nonempty blank lines

14 years agoIntroduce "struct stat_ex" as a replacement for SMB_STRUCT_STAT
Volker Lendecke [Thu, 14 May 2009 13:34:42 +0000 (15:34 +0200)]
Introduce "struct stat_ex" as a replacement for SMB_STRUCT_STAT

This patch introduces

struct stat_ex {
        dev_t           st_ex_dev;
        ino_t           st_ex_ino;
        mode_t          st_ex_mode;
        nlink_t         st_ex_nlink;
        uid_t           st_ex_uid;
        gid_t           st_ex_gid;
        dev_t           st_ex_rdev;
        off_t           st_ex_size;
        struct timespec st_ex_atime;
        struct timespec st_ex_mtime;
        struct timespec st_ex_ctime;
        struct timespec st_ex_btime; /* birthtime */
        blksize_t       st_ex_blksize;
        blkcnt_t        st_ex_blocks;
typedef struct stat_ex SMB_STRUCT_STAT;

It is really large because due to the friendly libc headers playing macro
tricks with fields like st_ino, so I renamed them to st_ex_xxx.

Why this change? To support birthtime, we already have quite a few #ifdef's at
places where it does not really belong. With a stat struct that we control, we
can consolidate the nanosecond timestamps and the birthtime deep in the VFS
stat calls.

At this moment it is triggered by a request to support the birthtime field for
GPFS. GPFS does not extend the system level struct stat, but instead has a
separate call that gets us the additional information beyond posix. Without
being able to do that within the VFS stat calls, that support would have to be
scattered around the main smbd code.

It will very likely break all the onefs modules, but I think the changes will
be reasonably easy to do.

14 years agos3:smbd: remove unused global 'orig_inbuf'
Stefan Metzmacher [Tue, 26 May 2009 13:30:39 +0000 (15:30 +0200)]
s3:smbd: remove unused global 'orig_inbuf'


14 years agos3:pam_smbpass: don't call openlog() or closelog() from pam_smbpass
Björn Jacke [Tue, 26 May 2009 13:40:21 +0000 (15:40 +0200)]
s3:pam_smbpass: don't call openlog() or closelog() from pam_smbpass

Patch from Steve Langasek with tiny fixes by me to make it apply to master.
Also see Debian bug #434372 and bugzilla #4831.

Calling openlog() or closelog() inside a pam module is not good as these
functions are not stackable and no program won't re-do openlog() just because a
pam module might have called closelog().

14 years agogitignore: Ignore additional auto-generated files.
Andrew Kroeger [Mon, 25 May 2009 19:46:08 +0000 (14:46 -0500)]
gitignore: Ignore additional auto-generated files.

Corrected path to tdr_proto.h and added librpc/gen_ndr/{cli,srv}_dcerpc.[ch].

14 years agos3/docs: Fix typo in man idmap_rid.
Karolin Seeger [Tue, 26 May 2009 12:16:10 +0000 (14:16 +0200)]
s3/docs: Fix typo in man idmap_rid.


14 years agos3:smbd: move SMB1 specific stuff into a substructure of smbd_server_connection
Stefan Metzmacher [Tue, 26 May 2009 08:48:12 +0000 (10:48 +0200)]
s3:smbd: move SMB1 specific stuff into a substructure of smbd_server_connection


14 years agos3:smbd: add support for SMB2 signing
Stefan Metzmacher [Fri, 22 May 2009 20:58:39 +0000 (22:58 +0200)]
s3:smbd: add support for SMB2 signing


14 years agos3:smbd: return the correct security mode and capabilities in SMB2 Negotitate
Stefan Metzmacher [Fri, 22 May 2009 19:26:03 +0000 (21:26 +0200)]
s3:smbd: return the correct security mode and capabilities in SMB2 Negotitate


14 years agos4:libcli/smb2: remove old dialect revision constants
Stefan Metzmacher [Tue, 26 May 2009 07:37:29 +0000 (09:37 +0200)]
s4:libcli/smb2: remove old dialect revision constants


14 years agos4:smb2srv: We only support SMB 2.002.
Stefan Metzmacher [Tue, 26 May 2009 06:44:27 +0000 (08:44 +0200)]
s4:smb2srv: We only support SMB 2.002.

We need to loop over all given dialects and check
if we can find SMB2_DIALECT_REVISION_202.


14 years agos4:libcli/smb2: use new SMB2_DIVELECT_REVISION constants
Stefan Metzmacher [Tue, 26 May 2009 07:38:09 +0000 (09:38 +0200)]
s4:libcli/smb2: use new SMB2_DIVELECT_REVISION constants

Also send them in the order a windows client would
send them (the lowest first).


14 years agos4:libcli/smb2: add some more SMB2 constants
Stefan Metzmacher [Fri, 22 May 2009 20:23:42 +0000 (22:23 +0200)]
s4:libcli/smb2: add some more SMB2 constants


14 years agos3 WHATSNEW: Mention the changes to net
Kai Blin [Tue, 26 May 2009 07:26:56 +0000 (09:26 +0200)]
s3 WHATSNEW: Mention the changes to net

14 years agouse domain_dn not ncname
Andrew Tridgell [Tue, 26 May 2009 04:47:11 +0000 (14:47 +1000)]
use domain_dn not ncname

fixed up from previous patch that removed the use of crossref records

14 years agoMerge branch 'master' of ssh://
Andrew Tridgell [Tue, 26 May 2009 04:18:16 +0000 (14:18 +1000)]
Merge branch 'master' of ssh://

14 years agos4:provision: Added ComPartitionSets entry.
Andrew Kroeger [Sun, 24 May 2009 08:37:37 +0000 (03:37 -0500)]
s4:provision: Added ComPartitionSets entry.

Without this entry, opening the COM+ tab under the properties of an OU within
ADUC results in the following error:

"Unable to retrieve all user properties, 0x80072030"

14 years agos4:Added Extended-Rights and subentries.
Andrew Kroeger [Sun, 24 May 2009 19:47:46 +0000 (14:47 -0500)]
s4:Added Extended-Rights and subentries.

Without these entries, using the 'Delegate Control' option in ADUC results in
the following error message in the Delegation of Control Wizard:

"The templates could not be applied.  One or more of the templates is not
applicable.  Click Back and select different templates, and then try again."

14 years agos4:provision: Update DisplaySpecifiers (#5139).
Andrew Kroeger [Fri, 22 May 2009 05:28:36 +0000 (00:28 -0500)]
s4:provision: Update DisplaySpecifiers (#5139).

The classDisplayName attribute controls the actual text displayed to the user
for the top-level menus, so added it to the existing entries.

The attributeDisplayNames attribute contains both the text displayed to the
user and a mapping to the internal directory attribute name for the particular
field, so added these to the existing entries as well.

Added new entries as appropriate to properly complete all menus and labels
within ADUC.

14 years agoDon't use crossRef records to find our own domain
Andrew Bartlett [Tue, 26 May 2009 02:31:39 +0000 (12:31 +1000)]
Don't use crossRef records to find our own domain

A single AD server can only host a single domain, so don't stuff about
with looking up our crossRef record in the cn=Partitions container.
We instead trust that lp_realm() and lp_workgroup() works correctly.

Andrew Bartlett

14 years agoAdd support for sendmsg() in socket_wrapper
Andrew Bartlett [Tue, 26 May 2009 01:43:37 +0000 (11:43 +1000)]
Add support for sendmsg() in socket_wrapper

This is required because the deferred connect code skips the connect()
until sending the packet, but unless we catch this call, the connect()
never happens.

Andrew Bartlett

14 years agoMerge branch 'master' of ssh://
Andrew Tridgell [Mon, 25 May 2009 23:26:47 +0000 (09:26 +1000)]
Merge branch 'master' of ssh://

14 years agoadded some more speed tests to tdbtool
Andrew Tridgell [Mon, 25 May 2009 23:24:37 +0000 (09:24 +1000)]
added some more speed tests to tdbtool

This adds 3 simple speed tests to tdbtool, for transaction store,
store and fetch.

On my laptop this shows transactions costing about 10ms

14 years agos3:dbwrap_tool: add listkeys operation
Michael Adam [Mon, 25 May 2009 22:47:15 +0000 (00:47 +0200)]
s3:dbwrap_tool: add listkeys operation


14 years agos3:dbwrap_tool: remove superfluous command mapping
Michael Adam [Mon, 25 May 2009 22:26:39 +0000 (00:26 +0200)]
s3:dbwrap_tool: remove superfluous command mapping


14 years agos3:dbwrap_tool: add "erase" opearation
Michael Adam [Mon, 25 May 2009 21:27:28 +0000 (23:27 +0200)]
s3:dbwrap_tool: add "erase" opearation


14 years agonet: Use samba default command line arguments.
Kai Blin [Thu, 14 May 2009 09:39:01 +0000 (11:39 +0200)]
net: Use samba default command line arguments.


The meaning of the -N flag changed.
To get the old meaning for net groupmap set, use the long option --ntname
The long option for using kerberos changed from --kerberos to --use-kerberos

net rpc commands will now prompt for a password if none is given.

As a benefit, net will now accept an authentication file like other samba
command line tools. So no need to specify the password on the command line in
scripts anymore.

This should fix bug #6357

Signed-off-by: Kai Blin <>
14 years agos3 ctags: ignore all proto.h files for tag generation
Kai Blin [Wed, 20 May 2009 10:07:07 +0000 (12:07 +0200)]
s3 ctags: ignore all proto.h files for tag generation

14 years agos3:winbind_util: remove trailing spaces
Michael Adam [Mon, 25 May 2009 09:55:51 +0000 (11:55 +0200)]
s3:winbind_util: remove trailing spaces


14 years agos3:dbwrap_ctdb: fix some function header comments
Michael Adam [Mon, 25 May 2009 19:59:40 +0000 (21:59 +0200)]
s3:dbwrap_ctdb: fix some function header comments


14 years agosource3/utils/log2pcaphex.c(main): fixed file descriptors leak.
Slava Semushin [Fri, 22 May 2009 18:10:05 +0000 (01:10 +0700)]
source3/utils/log2pcaphex.c(main): fixed file descriptors leak.

One of leaks found by cppcheck:
[./source3/utils/log2pcaphex.c:367]: (error) Resource leak: out

14 years agosource{3,4}/torture/smbiconv.c(main): fixed file descriptor leak.
Slava Semushin [Sat, 23 May 2009 13:51:53 +0000 (20:51 +0700)]
source{3,4}/torture/smbiconv.c(main): fixed file descriptor leak.

File descriptor leaks only when we use file instead of stdout.

Found by cppcheck:
[./source3/torture/smbiconv.c:219]: (error) Resource leak: out
[./source4/torture/smbiconv.c:211]: (error) Resource leak: out

14 years agonsswitch/winbind_nss_aix.c(fill_grent): fixed memory leak.
Slava Semushin [Sat, 23 May 2009 14:02:40 +0000 (21:02 +0700)]
nsswitch/winbind_nss_aix.c(fill_grent): fixed memory leak.

Found by cppcheck:
[./nsswitch/winbind_nss_aix.c:241]: (error) Memory leak: result

14 years agos3-selftest: fix typo.
Günther Deschner [Mon, 25 May 2009 13:55:26 +0000 (15:55 +0200)]
s3-selftest: fix typo.


14 years agos3:winbind:idmap_ldap: warn about duplicate SID->XID mappings (bug #6387)
Michael Adam [Mon, 25 May 2009 09:54:43 +0000 (11:54 +0200)]
s3:winbind:idmap_ldap: warn about duplicate SID->XID mappings (bug #6387)

With the current infrastructure, we should not return error on
duplicate mappings but just warn instead (because an error would
trigger the attempt to create yet another mapping).


14 years agos3:winbind:idmap_ldap: warn about duplicate XID->SID mappings (bug #6387)
Michael Adam [Mon, 25 May 2009 09:29:14 +0000 (11:29 +0200)]
s3:winbind:idmap_ldap: warn about duplicate XID->SID mappings (bug #6387)

With the current infrastructure, we should not return error on
duplicate mappings but just warn instead (because an error would
trigger the attempt to create yet another mapping).


14 years agos3-samr: Fix Bug #6372, usermanager only displaying 1024 groups and aliases.
Günther Deschner [Mon, 25 May 2009 12:05:18 +0000 (14:05 +0200)]
s3-samr: Fix Bug #6372, usermanager only displaying 1024 groups and aliases.

This is now also verified with the RPC-SAMR-LARGE-DC test.


14 years agos3-selftest: enable RPC-SAMR-LARGE-DC against Samba3.
Günther Deschner [Mon, 25 May 2009 12:03:16 +0000 (14:03 +0200)]
s3-selftest: enable RPC-SAMR-LARGE-DC against Samba3.

This will fail for alias creation as nss_wrapper does not yet wrap around


14 years agos4-smbtorture: add RPC-SAMR-LARGE-DC test.
Günther Deschner [Mon, 25 May 2009 11:08:58 +0000 (13:08 +0200)]
s4-smbtorture: add RPC-SAMR-LARGE-DC test.

This rather simple test creates 4500 objects on a domain controller and checks
the enum calls for the correct number of results.


14 years agos4-smbtorture: rename test_EnumDomain{Users,Groups,Aliases} in RPC-SAMR.
Günther Deschner [Fri, 22 May 2009 17:04:25 +0000 (19:04 +0200)]
s4-smbtorture: rename test_EnumDomain{Users,Groups,Aliases} in RPC-SAMR.


14 years agos4-smbtorture: re-work test_Create{User,Group,Alias} a little.
Günther Deschner [Thu, 21 May 2009 16:12:29 +0000 (18:12 +0200)]
s4-smbtorture: re-work test_Create{User,Group,Alias} a little.


14 years agos3-pamsmbpass: copy _pam_get_item and _pam_get_data from pam_winbind.
Günther Deschner [Fri, 22 May 2009 15:56:37 +0000 (17:56 +0200)]
s3-pamsmbpass: copy _pam_get_item and _pam_get_data from pam_winbind.


14 years agos3-rpcclient: use get_domain_handle() fn in enum domain users & groups.
Günther Deschner [Fri, 22 May 2009 14:48:01 +0000 (16:48 +0200)]
s3-rpcclient: use get_domain_handle() fn in enum domain users & groups.


14 years agoAttempt to fix a debian build problem
Volker Lendecke [Mon, 25 May 2009 10:36:30 +0000 (12:36 +0200)]
Attempt to fix a debian build problem

14 years agos3/docs: Fix typos.
Karolin Seeger [Mon, 25 May 2009 08:50:23 +0000 (10:50 +0200)]
s3/docs: Fix typos.

Thanks to Oota Toshiya <t-oota at> for reporting!


14 years agofixed interpretation of ACB_PWNOTREQ
Andrew Tridgell [Mon, 25 May 2009 05:23:54 +0000 (15:23 +1000)]
fixed interpretation of ACB_PWNOTREQ

This bit actually means that we should ignore the minimum password
length field for this user. It doesn't mean that the password should
be seen as empty

14 years agofixed the client side password change code
Andrew Tridgell [Mon, 25 May 2009 03:40:52 +0000 (13:40 +1000)]
fixed the client side password change code

The client side code was not falling back to older routines correctly
as it didn't check for the operation range error appropriately. It
also used the old rpc semantics.

14 years agocope with lanman auth being disabled in old password change code
Andrew Tridgell [Mon, 25 May 2009 03:39:56 +0000 (13:39 +1000)]
cope with lanman auth being disabled in old password change code

When lanman auth is disabled and a user calls a password change
method that requires it we should give NT_STATUS_NOT_SUPPORTED

14 years agoTALLOC_FREE happily lives with a NULL ptr. Tim, please check!
Volker Lendecke [Sun, 24 May 2009 20:13:07 +0000 (22:13 +0200)]
TALLOC_FREE happily lives with a NULL ptr. Tim, please check!



14 years agoFix a race condition in winbind leading to a panic
Volker Lendecke [Sun, 24 May 2009 16:57:13 +0000 (18:57 +0200)]
Fix a race condition in winbind leading to a panic

In winbind, we do multiple events in one select round. This needs fixing, but
as long as we're still using it, for efficiency reasons we need to do that.

What can happen is the following: We have outgoing data pending for a client,

state->fd_event.flags == EVENT_FD_WRITE

Now a new client comes in, we go through the list of clients to find an idle
one. The detection for idle clients in remove_idle_client does not take the
pending data into account. We close the socket that has pending outgoing data,
the accept(2) one syscall later gives us the same socket.

In new_connection(), we do a setup_async_read, setting up a read fde. The
select from before however had found the socket (that we had already closed!!)
to be writable. In rw_callback we only want to see a readable flag, and we
panic in the SMB_ASSERT(flags == EVENT_FD_READ).

Found using

bin/smbtorture // -U% -N 500 -o 2 local-wbclient


14 years agouse epoll for local-wbclient test
Volker Lendecke [Wed, 20 May 2009 12:18:23 +0000 (14:18 +0200)]
use epoll for local-wbclient test

14 years agoDon't limit the number of retries in wb_trans.
Volker Lendecke [Sun, 24 May 2009 11:22:26 +0000 (13:22 +0200)]
Don't limit the number of retries in wb_trans.

This is better done with a tevent_req_set_endtime the caller should issue.

14 years agoDon't set a timeout deep inside wb_connect
Volker Lendecke [Sun, 24 May 2009 11:18:34 +0000 (13:18 +0200)]
Don't set a timeout deep inside wb_connect

14 years agoChange async_connect to use connect instead of getsockopt to get the error
Volker Lendecke [Sun, 24 May 2009 11:14:12 +0000 (13:14 +0200)]
Change async_connect to use connect instead of getsockopt to get the error

On my Linux box, this is definitely the more reliable strategy with unix domain
sockets, and according to my tests it also works correctly with TCP sockets.

14 years agoDo queueing in wbclient.c
Volker Lendecke [Fri, 22 May 2009 20:30:09 +0000 (22:30 +0200)]
Do queueing in wbclient.c

The _trigger fn must know about wbc_context, while we were waiting in the
queue the fd might have changed

14 years agoFix closed_fd(): select returning 0 means no fd listening
Volker Lendecke [Fri, 22 May 2009 17:29:46 +0000 (19:29 +0200)]
Fix closed_fd(): select returning 0 means no fd listening

14 years agoFix wb_simple_trans queueing
Volker Lendecke [Sun, 10 May 2009 08:49:39 +0000 (10:49 +0200)]
Fix wb_simple_trans queueing

14 years agoAdd "err_on_readability" to writev_send
Volker Lendecke [Sat, 23 May 2009 14:10:54 +0000 (16:10 +0200)]
Add "err_on_readability" to writev_send

A socket where the other side has closed only becomes readable. To catch
errors early when sitting in a pure writev, we need to also test for

14 years agoAllow NULL queue to writev_send
Volker Lendecke [Sun, 10 May 2009 08:49:18 +0000 (10:49 +0200)]
Allow NULL queue to writev_send

14 years agoEnsure we return NT_STATUS_FILE_IS_A_DIRECTORY on a posix open on a
Jeremy Allison [Fri, 22 May 2009 22:55:27 +0000 (15:55 -0700)]
Ensure we return NT_STATUS_FILE_IS_A_DIRECTORY on a posix open on a
directory name.

14 years agoTest that POSIX open of a directory returns NT_STATUS_FILE_IS_A_DIRECTORY (ERRDOS...
Jeremy Allison [Fri, 22 May 2009 22:21:55 +0000 (15:21 -0700)]
Test that POSIX open of a directory returns NT_STATUS_FILE_IS_A_DIRECTORY (ERRDOS, EISDIR).

14 years agos3:smbd: implement SMB2 Tree Disconnect
Stefan Metzmacher [Fri, 22 May 2009 10:42:24 +0000 (12:42 +0200)]
s3:smbd: implement SMB2 Tree Disconnect