13 years agoschannel: add missing prototype for ndr_print_nbt_string() in schannel helper.
Günther Deschner [Tue, 8 Sep 2009 15:02:54 +0000 (17:02 +0200)]
schannel: add missing prototype for ndr_print_nbt_string() in schannel helper.

Hopefully fixes samba4 build.


13 years agos3: remove unused RPC_AUTH_SCHANNEL_NEG struct and parsing functions.
Günther Deschner [Tue, 8 Sep 2009 13:32:24 +0000 (15:32 +0200)]
s3: remove unused RPC_AUTH_SCHANNEL_NEG struct and parsing functions.


13 years agos3-rpc_server: use NL_AUTH_MESSAGE in pipe_schannel_auth_bind().
Günther Deschner [Tue, 8 Sep 2009 13:31:01 +0000 (15:31 +0200)]
s3-rpc_server: use NL_AUTH_MESSAGE in pipe_schannel_auth_bind().


13 years agos3-rpc_client: use NL_AUTH_MESSAGE in create_schannel_auth_rpc_bind_req().
Günther Deschner [Tue, 8 Sep 2009 13:30:22 +0000 (15:30 +0200)]
s3-rpc_client: use NL_AUTH_MESSAGE in create_schannel_auth_rpc_bind_req().


13 years agos3/docs: Raise version number.
Karolin Seeger [Tue, 8 Sep 2009 13:39:57 +0000 (15:39 +0200)]
s3/docs: Raise version number.


13 years agoschannel: add NL_AUTH_MESSAGE and both NL_AUTH_SIGNATURE structs.
Günther Deschner [Tue, 8 Sep 2009 12:51:42 +0000 (14:51 +0200)]
schannel: add NL_AUTH_MESSAGE and both NL_AUTH_SIGNATURE structs.

These actually belong netlogon but we for now want to keep netlogon as a security
providor separate.


13 years agos4:idl Add generated code for netlogon.idl changes
Andrew Bartlett [Tue, 8 Sep 2009 10:21:38 +0000 (20:21 +1000)]
s4:idl Add generated code for netlogon.idl changes

13 years agoReturn a correct value for Supported Encryption Type
Matthieu Patou [Tue, 8 Sep 2009 08:21:09 +0000 (12:21 +0400)]
Return a correct value for Supported Encryption Type

Vista and upper version use this value to check wether they should ask the DC
 to change the msDS-SupportedEncryptionTypes attribute or not.
 Declare the different value as a bitmap in Netlogon idl

13 years agotort: RPC-CRACKNAMES test case refactored
Kamen Mazdrashki [Fri, 28 Aug 2009 15:35:31 +0000 (18:35 +0300)]
tort: RPC-CRACKNAMES test case refactored

13 years agotort: DsCrackNames - propagate torture context to all tests.
Kamen Mazdrashki [Fri, 28 Aug 2009 15:34:40 +0000 (18:34 +0300)]
tort: DsCrackNames - propagate torture context to all tests.

13 years agotort: Helper function to get DC info for testing
Kamen Mazdrashki [Fri, 28 Aug 2009 15:19:54 +0000 (18:19 +0300)]
tort: Helper function to get DC info for testing

13 years agotort: Implement 'setup' and 'teardown' for DRSUAPI test cases.
Kamen Mazdrashki [Fri, 28 Aug 2009 12:42:48 +0000 (15:42 +0300)]
tort: Implement 'setup' and 'teardown' for DRSUAPI test cases.

13 years agos4/ldb: support NDR printing for 2 more replication types
Andrew Tridgell [Tue, 8 Sep 2009 12:15:59 +0000 (22:15 +1000)]
s4/ldb: support NDR printing for 2 more replication types

print replUpToDateVector and replPropertyMetaData using NDR format if
--show-binary is given.

13 years agos4/ldb: allow prefixMap to be shown as NDR
Andrew Tridgell [Tue, 8 Sep 2009 12:02:59 +0000 (22:02 +1000)]
s4/ldb: allow prefixMap to be shown as NDR

13 years agos4/ldb: allow printing ntSecurityDescriptor in full
Andrew Tridgell [Tue, 8 Sep 2009 11:55:56 +0000 (21:55 +1000)]
s4/ldb: allow printing ntSecurityDescriptor in full

print security descriptors in NDR format if --show-binary is
given. This is easier to read than sddl format.

13 years agos4/ldb: added ldif handler for repsFrom/repsTo
Andrew Tridgell [Tue, 8 Sep 2009 11:45:08 +0000 (21:45 +1000)]
s4/ldb: added ldif handler for repsFrom/repsTo

In normal usage this makes no difference, but if you add --show-binary
then you can see the NDR printed out in the usual ndr_print_*() format

13 years agos4/ldb: expose the ldb flags with ldb_get_flags()
Andrew Tridgell [Tue, 8 Sep 2009 11:39:33 +0000 (21:39 +1000)]
s4/ldb: expose the ldb flags with ldb_get_flags()

13 years agos4/ldb: don't line wrap ldif when --show-binary is used
Andrew Tridgell [Tue, 8 Sep 2009 11:39:09 +0000 (21:39 +1000)]
s4/ldb: don't line wrap ldif when --show-binary is used

13 years agos4/ldb: added --show-binary command line option
Andrew Tridgell [Tue, 8 Sep 2009 10:57:31 +0000 (20:57 +1000)]
s4/ldb: added --show-binary command line option

This add --show-binary to ldbsearch. When this flag is set, binary
blobs will be shown as-is, instead of base64 encoded. This is useful
for some XML encoded attributes, and will also be used as part of some
NDR print formatting for attributes like repsTo.

13 years agos3-schannel: Fix Bug #6697. Interdomain trusts with Windows 2008 R2 DCs.
Günther Deschner [Tue, 8 Sep 2009 09:57:52 +0000 (11:57 +0200)]
s3-schannel: Fix Bug #6697. Interdomain trusts with Windows 2008 R2 DCs.

The Schannel verifier (aka NL_AUTH_SIGNATURE) structure (32 byte) sent from a
W2k8r2 DC is passed in a buffer with the size of a NL_AUTH_SHA2_SIGNATURE (56
byte). We should just ignore the remaining 12 zeroed bytes and proceed.


13 years agos4:setpassword script - Passwords set by this script are set by the administrator...
Matthias Dieter Wallnöfer [Tue, 8 Sep 2009 10:02:22 +0000 (12:02 +0200)]
s4:setpassword script - Passwords set by this script are set by the administrator not the user

13 years agos4:provision - Cosmetic: Indent the parameters better
Matthias Dieter Wallnöfer [Tue, 8 Sep 2009 09:55:40 +0000 (11:55 +0200)]
s4:provision - Cosmetic: Indent the parameters better

13 years agos4:templates - Remove the latest relics (in "dcesrv_lsa_CreateSecret")
Matthias Dieter Wallnöfer [Mon, 7 Sep 2009 12:30:11 +0000 (14:30 +0200)]
s4:templates - Remove the latest relics (in "dcesrv_lsa_CreateSecret")

13 years agos4:wmic - Output enhancements
Dmitry Karasik [Mon, 7 Sep 2009 12:08:16 +0000 (14:08 +0200)]
s4:wmic - Output enhancements

Outputs shouldn't clash with metadata characters (|,()), special characters
should be escaped, "NULL" values should be reported as "(null)" string.

For the full explaination look at bug #6076.

13 years agoAdd read() to socketwrapper. Metze please check.
Jeremy Allison [Tue, 8 Sep 2009 03:31:01 +0000 (20:31 -0700)]
Add read() to socketwrapper. Metze please check.

13 years agos4: commit generated DRS changes
Andrew Tridgell [Tue, 8 Sep 2009 01:51:27 +0000 (11:51 +1000)]
s4: commit generated DRS changes

13 years agos4: added the structure for repsTo
Andrew Tridgell [Tue, 8 Sep 2009 01:51:01 +0000 (11:51 +1000)]
s4: added the structure for repsTo

This structure is stored in NDR format in the repsTo attribute of each
partition. It is updated by the DSUpdateRefs DSRUAPI call

13 years agos4: fixed updaterefs options bitmap
Andrew Tridgell [Tue, 8 Sep 2009 01:50:14 +0000 (11:50 +1000)]
s4: fixed updaterefs options bitmap

13 years agos4: implemented server side of DSUpdateRefs call
Andrew Tridgell [Tue, 8 Sep 2009 01:49:28 +0000 (11:49 +1000)]
s4: implemented server side of DSUpdateRefs call

This call is made by DCs to tell us we should notify them of directory

13 years agos4/ldb: fixed spelling
Andrew Tridgell [Tue, 8 Sep 2009 01:47:36 +0000 (11:47 +1000)]
s4/ldb: fixed spelling

13 years agos4: 'index' is a libc function
Andrew Tridgell [Tue, 8 Sep 2009 01:47:11 +0000 (11:47 +1000)]
s4: 'index' is a libc function

13 years agos4: fixed a unsigned printf warnings
Andrew Tridgell [Tue, 8 Sep 2009 01:46:49 +0000 (11:46 +1000)]
s4: fixed a unsigned printf warnings

13 years agos4: removed an unused variable
Andrew Tridgell [Tue, 8 Sep 2009 01:46:27 +0000 (11:46 +1000)]
s4: removed an unused variable

13 years agos4: fixed some shadowed variable warnings
Andrew Tridgell [Tue, 8 Sep 2009 01:46:08 +0000 (11:46 +1000)]
s4: fixed some shadowed variable warnings

13 years agoFill the meta data vector in the responce struct.
Anatoliy Atanasov [Thu, 3 Sep 2009 15:37:31 +0000 (18:37 +0300)]
Fill the meta data vector in the responce struct.

13 years agos4:selftest Fix 'make testenv-gdb' and 'make valgrindtest' etc
Andrew Bartlett [Tue, 8 Sep 2009 00:48:40 +0000 (10:48 +1000)]
s4:selftest Fix 'make testenv-gdb' and 'make valgrindtest' etc

The problem here was that tridge's changes to ensure that test results
were always propogated didn't merge well with the addition of extra
environment variables for the 'make valgrindtest' and similar
environments.  By splitting out the macro further, we keep the build
farm reporting accurate, but allow these other test modes to work.

Andrew Bartlett

13 years agos4:tests/iconv - Fix a warning
Matthias Dieter Wallnöfer [Mon, 7 Sep 2009 10:38:44 +0000 (12:38 +0200)]
s4:tests/iconv - Fix a warning

13 years agos4:pwsettings: Correct off by factor of 10 for ticks.
Andrew Kroeger [Mon, 7 Sep 2009 03:28:56 +0000 (22:28 -0500)]
s4:pwsettings: Correct off by factor of 10 for ticks.

The tick conversion math was off by a factor of 10 due to the incorrect usage of
the "e" notation.  The expression "XeY" means "X * (10^Y)", so the correct
expression is 1e7 to get the correct adjustment for ticks.

13 years agogitignore: Ignore additional auto-generated files.
Andrew Kroeger [Mon, 7 Sep 2009 03:25:53 +0000 (22:25 -0500)]
gitignore: Ignore additional auto-generated files.

13 years agos4: Let the "setpassword" script finally use the "samdb_set_password" routine
Matthias Dieter Wallnöfer [Wed, 19 Aug 2009 10:37:11 +0000 (12:37 +0200)]
s4: Let the "setpassword" script finally use the "samdb_set_password" routine

The "setpassword" script should use the "samdb_set_password" call to change
the NT user password. Windows Server tests show that "userPassword" is not the
right place to save the NT password and does not inherit the password complexity.

13 years agos4:dsdb: correctly implement _dsdb_syntax_OID_oid_ldb_to_drsuapi()
Stefan Metzmacher [Fri, 4 Sep 2009 12:31:28 +0000 (14:31 +0200)]
s4:dsdb: correctly implement _dsdb_syntax_OID_oid_ldb_to_drsuapi()

Here we just need to map the oid string in the ldb value to
the ATTRTYP id.


13 years agolib/tdr: fix the build with --enable-automatic-dependencies
Stefan Metzmacher [Mon, 7 Sep 2009 12:21:11 +0000 (14:21 +0200)]
lib/tdr: fix the build with --enable-automatic-dependencies


13 years agos4:LogonGetDomainInfo - add a basic check for the hostname
Matthias Dieter Wallnöfer [Mon, 7 Sep 2009 10:00:11 +0000 (12:00 +0200)]
s4:LogonGetDomainInfo - add a basic check for the hostname

This check is specified in Windows Server after release 2003.
The parameter "hostname" should match as prefix of the dns hostname given as
parameter in the "workstation" structure.

13 years agotdb: fix c++ build warning.
Günther Deschner [Mon, 7 Sep 2009 09:56:10 +0000 (11:56 +0200)]
tdb: fix c++ build warning.


13 years agos4: Fix "Small memory leak after calling several times lp_update"
Inra [Mon, 7 Sep 2009 07:40:34 +0000 (09:40 +0200)]
s4: Fix "Small memory leak after calling several times lp_update"

Should fix bug #6660.

13 years agos4: Exceptions in ""
Michael Ströder [Mon, 7 Sep 2009 07:12:09 +0000 (09:12 +0200)]
s4: Exceptions in ""

This looks much nicer than "normal" string exceptions - and fits better in the OO
programming style.

13 years agos4:simple_ldap_map - "primaryGroupId"
Matthias Dieter Wallnöfer [Mon, 7 Sep 2009 07:00:46 +0000 (09:00 +0200)]
s4:simple_ldap_map - "primaryGroupId"

Previous patch was incomplete regarding the "primaryGroupId" attribute. Complete it.

13 years agos4:samldb - Fix typo
Matthias Dieter Wallnöfer [Sun, 6 Sep 2009 18:23:02 +0000 (20:23 +0200)]
s4:samldb - Fix typo

13 years agos4:Foreign security principals - Fix them up
Matthias Dieter Wallnöfer [Sun, 6 Sep 2009 17:57:50 +0000 (19:57 +0200)]
s4:Foreign security principals - Fix them up

I fixed them up to match with Windows Server 2003. I don't think that the
creation of them in the provision script is needed so I put them in the
"provision_users.ldif" file.

13 years agos4:subtree delete module - Cosmetic adaptions
Matthias Dieter Wallnöfer [Sun, 6 Sep 2009 15:27:51 +0000 (17:27 +0200)]
s4:subtree delete module - Cosmetic adaptions

13 years - Adds a test for the primary group behaviour
Matthias Dieter Wallnöfer [Tue, 25 Aug 2009 23:49:00 +0000 (01:49 +0200)] - Adds a test for the primary group behaviour

This passes the Windows Server behaviour. Also SAMBA 4 should match it.

Also some small enhancement.

13 years agos4:provision - Change the module order to match Windows Server
Matthias Dieter Wallnöfer [Thu, 20 Aug 2009 19:13:13 +0000 (21:13 +0200)]
s4:provision - Change the module order to match Windows Server

Tests show that Windows Server seems to do the access checks on the very last moment.

13 years agos4:sam - Implement also here the right primary group behaviour
Matthias Dieter Wallnöfer [Mon, 17 Aug 2009 21:39:41 +0000 (23:39 +0200)]
s4:sam - Implement also here the right primary group behaviour

We have not only to expand the additional groups but *also* the primary group to
gain all rights of a user account.

Also, remove an unneeded context (tmp_ctx) and "talloc_steal".

13 years agos4:samr - Fix up the SAMR server to support the primary group of a user in the right way
Matthias Dieter Wallnöfer [Mon, 17 Aug 2009 20:34:08 +0000 (22:34 +0200)]
s4:samr - Fix up the SAMR server to support the primary group of a user in the right way

When doing some tests with the NT User Manager for Domains on s4 I noticed that the
handling of the primary group for a user wasn't correct. So I fixed this.

Also some cosmetic changes (tab indent corrections).

13 years agos4:samldb - Major rework
Matthias Dieter Wallnöfer [Mon, 17 Aug 2009 19:29:47 +0000 (21:29 +0200)]
s4:samldb - Major rework

This fixes up the change of the primary group of a user when using the ADUC
- When the "primaryGroupId" attribute changes, we have to delete the
  "member"/"memberOf" attribute reference of the new primary group and add one
  for the old primary group.
- Deny deletion of primary groups according to Windows Server (so we cannot
  have invalid "primaryGroupID" attributes in our AD).
- We cannot add a primary group directly before it isn't a secondary one of a
  user account.
- We cannot add a secondary reference ("member" attribute) when the group has
  been chosen as primary one.

This also removes the LDB templates which are basically overhead now.

This should also fix bug #6599.

13 years agos4:provision - Add a new delete function only for users and computers
Matthias Dieter Wallnöfer [Sun, 6 Sep 2009 19:08:08 +0000 (21:08 +0200)]
s4:provision - Add a new delete function only for users and computers

We need this new function to delete users and computers before other objects
on reprovisioning. Otherwise primary groups could be deleted before user/computer
accounts (which isn't allowed anymore by the reworked "samldb" module).

13 years agos4:provision - Change the "provision_users.ldif" file to support the "samldb" changes
Matthias Dieter Wallnöfer [Wed, 26 Aug 2009 01:51:45 +0000 (03:51 +0200)]
s4:provision - Change the "provision_users.ldif" file to support the "samldb" changes

The "provision_users.ldif" file needs some rework to pass against the changed
and improved "samldb" module (see next commit).

13 years agoFix bug 6673 - smbpasswd does not work with "unix password sync = yes".
Jeremy Allison [Mon, 7 Sep 2009 04:38:50 +0000 (21:38 -0700)]
Fix bug 6673 - smbpasswd does not work with "unix password sync = yes".
Revert change from 3.3 -> 3.4 with read_socket_with_timeout changed
from sys_read() to sys_recv(). read_socket_with_timeout() is called
with non-fd's (with a pty in chgpasswd.c and with a disk file in
lib/dbwrap_file.c via read_data()). recv works for the disk file,
but not the pty. Change the name of read_socket_with_timeout() to
read_fd_with_timeout() to make this clear (and add comments).

13 years fixed the update of the GUID CNAME
Andrew Tridgell [Mon, 7 Sep 2009 04:08:03 +0000 (14:08 +1000)] fixed the update of the GUID CNAME

13 years agos4:nsupdate-gss allow forcing of the realm
Andrew Tridgell [Mon, 7 Sep 2009 04:07:39 +0000 (14:07 +1000)]
s4:nsupdate-gss allow forcing of the realm

this is needed for the _msdcs zone

13 years agos4:setup: Remove display_specifiers.ldif.
Andrew Kroeger [Wed, 2 Sep 2009 08:31:41 +0000 (03:31 -0500)]
s4:setup: Remove display_specifiers.ldif.

This file is no longer needed as the DisplaySpecifiers are now generated from
files provided by Microsoft.

13 years agos4:setup: Updated comment to reflect new DisplaySpecifiers location.
Andrew Kroeger [Wed, 2 Sep 2009 08:30:58 +0000 (03:30 -0500)]
s4:setup: Updated comment to reflect new DisplaySpecifiers location.

13 years agos4:setup: Use ms_display_specifiers script for provision.
Andrew Kroeger [Wed, 2 Sep 2009 08:25:22 +0000 (03:25 -0500)]
s4:setup: Use ms_display_specifiers script for provision.

Changed the provisioning to use the new script to parse the Microsoft-provided
DisplaySpecifiers LDIF file.

13 years agos4:setup: Added script to parse Microsoft DisplaySpecifiers document.
Andrew Kroeger [Wed, 2 Sep 2009 08:20:50 +0000 (03:20 -0500)]
s4:setup: Added script to parse Microsoft DisplaySpecifiers document.

Created this script based on the existing script.

- Removed some unnecessary transformations that are only necessary for schema
- Added capability to parse and properly output base64-encoded values.
- Removed unnecessary attributes based on what attributes were present (and also
  what were explicitly removed) from display_specifiers.ldif.

13 years agos4:setup: Change license headers to LDIF comments.
Andrew Kroeger [Mon, 7 Sep 2009 01:16:22 +0000 (11:16 +1000)]
s4:setup: Change license headers to LDIF comments.

The original license headers provided by Microsoft cannot be parsed as valid

Changed the license headers to be valid LDIF comments, and added a new header
section detailing the exact changes that were made to the original document.

Signed-off-by: Andrew Bartlett <>
13 years agos4:setup Add DisplaySpecifiers from Microsoft.
Andrew Bartlett [Mon, 7 Sep 2009 00:48:09 +0000 (10:48 +1000)]
s4:setup Add DisplaySpecifiers from Microsoft.

Like the schema, these are provided under the licence at the head of
the file, which is not the GPL, but allows us to distribute them with

Andrew Bartlett

13 years agos4: bring nsupdate-gss into the s4 tree
Andrew Tridgell [Mon, 7 Sep 2009 00:55:32 +0000 (10:55 +1000)]
s4: bring nsupdate-gss into the s4 tree

This is a perl script that does TSIG-GSS DNS updates against a AD
DC. The bind 9.5 nsupdate still doesn't seem to work with TSIG-GSS,
and we need a way to do DNS updates when we vampire a domain, so I
revived this ancient perl script and added a wrapper script that can
update DNS entries using our machine account credentials

13 years agos4: fixed the secrets.ldb construction in libnet
Andrew Tridgell [Mon, 7 Sep 2009 00:33:47 +0000 (10:33 +1000)]
s4: fixed the secrets.ldb construction in libnet

on a vampire join we were not putting the right attributes and
objectclass on the secrets.ldb record

13 years agos4: the secrets.ldb module needs the loadparm opaque setup
Andrew Tridgell [Mon, 7 Sep 2009 00:33:02 +0000 (10:33 +1000)]
s4: the secrets.ldb module needs the loadparm opaque setup

13 years agos3:winbind: Convert WINBINDD_SET_HWM to the new API
Volker Lendecke [Sun, 6 Sep 2009 13:18:58 +0000 (15:18 +0200)]
s3:winbind: Convert WINBINDD_SET_HWM to the new API

13 years agos3:winbind: Convert WINBINDD_REMOVE_MAPPING to the new API
Volker Lendecke [Sun, 6 Sep 2009 12:59:41 +0000 (14:59 +0200)]
s3:winbind: Convert WINBINDD_REMOVE_MAPPING to the new API

13 years agos3:winbind: Convert WINBINDD_SET_MAPPING to the new API
Volker Lendecke [Sun, 6 Sep 2009 12:47:06 +0000 (14:47 +0200)]
s3:winbind: Convert WINBINDD_SET_MAPPING to the new API

13 years agos3:winbind: Convert WINBINDD_CHECK_MACHACC to the new API
Volker Lendecke [Sun, 6 Sep 2009 07:32:34 +0000 (09:32 +0200)]
s3:winbind: Convert WINBINDD_CHECK_MACHACC to the new API

13 years agos3:smbd: Add the ntstatus to the smb_panic in share_mode_lock_destructor
Volker Lendecke [Sat, 5 Sep 2009 17:20:16 +0000 (19:20 +0200)]
s3:smbd: Add the ntstatus to the smb_panic in share_mode_lock_destructor

This might help finding why bug 6518 happens

13 years agos4:simple_ldap_map - Enhance it for supporting "primaryGroupID" in the right way
Matthias Dieter Wallnöfer [Tue, 25 Aug 2009 22:12:44 +0000 (00:12 +0200)]
s4:simple_ldap_map - Enhance it for supporting "primaryGroupID" in the right way

13 years agos4:torture - Fix uninitialized variable
Matthias Dieter Wallnöfer [Sun, 6 Sep 2009 10:10:16 +0000 (12:10 +0200)]
s4:torture - Fix uninitialized variable

13 years agos4:"linked attributes" modules - correct the comments
Matthias Dieter Wallnöfer [Wed, 26 Aug 2009 05:20:27 +0000 (07:20 +0200)]
s4:"linked attributes" modules - correct the comments

13 years agos4: Fix typo
Matthias Dieter Wallnöfer [Wed, 26 Aug 2009 03:17:40 +0000 (05:17 +0200)]
s4: Fix typo

13 years agos4:pwsettings - Introduce the LDB modify flags in the right way
Matthias Dieter Wallnöfer [Tue, 25 Aug 2009 23:33:21 +0000 (01:33 +0200)]
s4:pwsettings - Introduce the LDB modify flags in the right way

We can't emulate them through the LDB changetype flags since they haven't the
same constants! The previous behaviour led to huge problems.

13 years agos4:ldb_errors - add spaces
Matthias Dieter Wallnöfer [Tue, 25 Aug 2009 23:01:07 +0000 (01:01 +0200)]
s4:ldb_errors - add spaces

13 years agos4:dsdb/common/util.c - Copy parameters to prevent segfaults
Matthias Dieter Wallnöfer [Wed, 19 Aug 2009 09:58:42 +0000 (11:58 +0200)]
s4:dsdb/common/util.c - Copy parameters to prevent segfaults

The parameters "lmNewHash" and/or "ntNewHash" could be NULL and when we perform
write operations on them (look below in the code) we could get SIGSEGVs!

13 years agos4:dsdb/common/util - Indentation fixes
Matthias Dieter Wallnöfer [Wed, 19 Aug 2009 06:59:58 +0000 (08:59 +0200)]
s4:dsdb/common/util - Indentation fixes

13 years agoTell newbie devs about ./configure.developer
Rusty Russell [Sun, 6 Sep 2009 10:01:05 +0000 (12:01 +0200)]
Tell newbie devs about ./configure.developer

Enhances the outputs in for both s3 and s4.

Signed-off-by: Rusty Russell <>
13 years agoCheck we read off the compelte event from inotify
Simo Sorce [Sat, 5 Sep 2009 14:18:12 +0000 (10:18 -0400)]
Check we read off the compelte event from inotify

The kernel may return a short read, so we must use read_data() to make sure we
read off the full buffer. If somethign bad happens we also need to kill the
inotify watch because the filedescriptor will return out of sync structures if
we read only part of the data.

13 years agoSave and report the correct errno value.
Simo Sorce [Sat, 5 Sep 2009 14:17:48 +0000 (10:17 -0400)]
Save and report the correct errno value.

13 years agos3:winbind: Use fstr_sprintf, it is simpler than talloc_asprintf->fstrcpy
Volker Lendecke [Sat, 5 Sep 2009 15:14:45 +0000 (17:14 +0200)]
s3:winbind: Use fstr_sprintf, it is simpler than talloc_asprintf->fstrcpy

13 years agos3:winbind: Remove pointless <cond> ? true : false;
Volker Lendecke [Sat, 5 Sep 2009 15:05:30 +0000 (17:05 +0200)]
s3:winbind: Remove pointless <cond> ? true : false;

13 years agos3:winbind: Make the pam_auth subfunctions static
Volker Lendecke [Sat, 5 Sep 2009 15:00:21 +0000 (17:00 +0200)]
s3:winbind: Make the pam_auth subfunctions static

13 years agos3:libsmb: Convert (state->received) to (state->received != 0)
Volker Lendecke [Thu, 3 Sep 2009 06:02:21 +0000 (08:02 +0200)]
s3:libsmb: Convert (state->received) to (state->received != 0)

This confused me for a second, this should not happen a second time :-)

13 years agoutil:tests: Correct time tests for negative UTC offsets.
Andrew Kroeger [Fri, 4 Sep 2009 21:45:01 +0000 (16:45 -0500)]
util:tests: Correct time tests for negative UTC offsets.


Please find attached a patch to fix the timestring and http_timestring
tests on hosts that have a negative UTC offset (west of the Prime Meridian).

Andrew Kroeger

>From 8a8ca35edccf64aa98f2f3ae1469c4c27db8215e Mon Sep 17 00:00:00 2001
From: Andrew Kroeger <>
Date: Fri, 4 Sep 2009 01:31:50 -0500
Subject: [PATCH] util:tests: Correct time tests for negative UTC offsets.

The timestring and http_timestring tests were failing on hosts with negative
offsets from UTC.  Due to the timezone offset, the returned values were back in
the year 1969 (before the epoch) and did not match the test patterns.

The correction computes the offset from UTC, and if it is negative that offset
is added onto the value given to the timestring() and http_timestring() calls so
that the returned values fall on 01-Jan-1970 and match the test pattern.

13 years agoselftest: Account for 0-based months in date parsing and printing.
Andrew Kroeger [Fri, 4 Sep 2009 21:42:28 +0000 (16:42 -0500)]
selftest: Account for 0-based months in date parsing and printing.


Please find attached 2 patches to correct date/time parsing and output
in the Subunit processing.  The first patch corrects the logic to
account for months being 0-based.  The second corrects the time
formatting, as it is dealing with local, not "Z"ulu (UTC) time.

Andrew Kroeger

>From 3cf81eea1309084a973359c7f6a2375d5d20a3f0 Mon Sep 17 00:00:00 2001
From: Andrew Kroeger <>
Date: Fri, 4 Sep 2009 01:24:00 -0500
Subject: [PATCH] selftest: Account for 0-based months in date parsing and printing.

13 years agoAdd release script for tevent tevent-0.9.8
Simo Sorce [Fri, 4 Sep 2009 22:20:29 +0000 (18:20 -0400)]
Add release script for tevent

13 years agos4:configure: require tevent >= 0.9.8
Stefan Metzmacher [Fri, 4 Sep 2009 10:57:13 +0000 (12:57 +0200)]
s4:configure: require tevent >= 0.9.8


13 years agotevent: change version to 0.9.8 after some critical bugs have been fixed
Stefan Metzmacher [Fri, 4 Sep 2009 10:56:39 +0000 (12:56 +0200)]
tevent: change version to 0.9.8 after some critical bugs have been fixed


13 years agocifs.upcall: do a brute-force search for KRB5 credcache
Jeff Layton [Fri, 4 Sep 2009 10:29:44 +0000 (06:29 -0400)]
cifs.upcall: do a brute-force search for KRB5 credcache

A few weeks ago, I added some code to cifs.upcall to take the pid sent
by the kernel and use that to get the value of the $KRB5CCNAME
environment var for the process. That works fine on the initial mount,
but could be problematic on reconnect.

There's no guarantee on a reconnect that the process that initiates the
upcall will have $KRB5CCNAME pointed at the correct credcache. Because
of this, the current scheme isn't going to be reliable enough and we
need to use something different.

This patch replaces that scheme with one very similar to the one used by
rpc.gssd in nfs-utils. It searches the credcache dir (currently
hardcoded to /tmp) for a valid credcache for the given uid. If it finds
one then it uses that as the credentials cache. If it finds more than
one, it uses the one with the latest TGT expiration.

Signed-off-by: Jeff Layton <>
13 years agos4:python fixed subunit tests of dcerpc
Andrew Tridgell [Fri, 4 Sep 2009 08:07:04 +0000 (18:07 +1000)]
s4:python  fixed subunit tests of dcerpc

The version of the unitest python module in Ubuntu Jaunty doesn't seem
to support this many level of subdirectories. Moving the tests up one
level solves the problem.

13 years agoldb: make ldb module programming less error prone
Andrew Tridgell [Fri, 4 Sep 2009 07:22:20 +0000 (17:22 +1000)]
ldb: make ldb module programming less error prone

When a top level method in a module returns an error, it is supposed
to call ldb_module_done(). We ran across a case where this wasn't
done, and then found that in fact that are hundreds of similar cases
in our modules. It took Andrew and I a full day to work out that this
was the cause of a subtle segv in another part of the code.

To try to prevent this happening again, this patch changes
ldb_next_request() to catch the error by checking if a module
returning an error has called ldb_module_done(). If it hasn't then the
call is made on behalf of the module.

13 years agos3:winbind: Fix Coverity ID 933: FORWARD_NULL
Volker Lendecke [Fri, 4 Sep 2009 05:59:51 +0000 (07:59 +0200)]
s3:winbind: Fix Coverity ID 933: FORWARD_NULL

13 years agos3:smbd: Fix Coverity ID 937, REVERSE_INULL
Volker Lendecke [Fri, 4 Sep 2009 05:57:19 +0000 (07:57 +0200)]
s3:smbd: Fix Coverity ID 937, REVERSE_INULL

13 years agos3:winbind: Fix Coverity ID 940: Resource Leak
Volker Lendecke [Fri, 4 Sep 2009 05:52:28 +0000 (07:52 +0200)]
s3:winbind: Fix Coverity ID 940: Resource Leak