ira/wip.git
11 years agopidl: parse idl 'pipe' typedefs, but print out a not supported message for now
Stefan Metzmacher [Wed, 5 Aug 2009 11:40:38 +0000 (13:40 +0200)]
pidl: parse idl 'pipe' typedefs, but print out a not supported message for now

metze

11 years agopidl: fix formatting in expr.yp
Stefan Metzmacher [Tue, 4 Aug 2009 13:00:13 +0000 (15:00 +0200)]
pidl: fix formatting in expr.yp

metze

11 years agopidl: fix formatting in idl.yp
Stefan Metzmacher [Tue, 4 Aug 2009 12:59:33 +0000 (14:59 +0200)]
pidl: fix formatting in idl.yp

metze

11 years agolibrpc: fix callers after epmapper.idl changes
Stefan Metzmacher [Wed, 5 Aug 2009 11:03:37 +0000 (13:03 +0200)]
librpc: fix callers after epmapper.idl changes

metze

11 years agolibrpc: rerun 'make idl' after epmapper.idl changes
Stefan Metzmacher [Wed, 5 Aug 2009 11:05:20 +0000 (13:05 +0200)]
librpc: rerun 'make idl' after epmapper.idl changes

metze

11 years agoepmapper.idl: avoid usage of 'pipe', this is a reserved word in IDL
Stefan Metzmacher [Wed, 5 Aug 2009 11:04:59 +0000 (13:04 +0200)]
epmapper.idl: avoid usage of 'pipe', this is a reserved word in IDL

We now use 'named_pipe' instead.

metze

11 years agos3:smbd: don't ignore check_descend in get_dir_entry()
Stefan Metzmacher [Thu, 6 Aug 2009 19:16:38 +0000 (21:16 +0200)]
s3:smbd: don't ignore check_descend in get_dir_entry()

metze

11 years agos3-wkssvcs: fix check for BUILTIN\Administrators membership in wkssvc_Netr{Join,Unjoi...
Günther Deschner [Thu, 6 Aug 2009 18:59:32 +0000 (20:59 +0200)]
s3-wkssvcs: fix check for BUILTIN\Administrators membership in wkssvc_Netr{Join,Unjoin}Domain2.

Guenther

11 years agos3 net: i18n support for net rpc audit
Kai Blin [Fri, 7 Aug 2009 07:34:06 +0000 (09:34 +0200)]
s3 net: i18n support for net rpc audit

11 years agos3 net: net i18n in it's own module
Kai Blin [Thu, 6 Aug 2009 18:52:58 +0000 (20:52 +0200)]
s3 net: net i18n in it's own module

11 years agoRevert "s3: Update i18n files"
Kai Blin [Thu, 6 Aug 2009 18:38:39 +0000 (20:38 +0200)]
Revert "s3: Update i18n files"

This reverts commit 57b5269038624b70e117025af9b977e0addcdc8e,
6e044a22cf232798efbd40a2b55fd9556483d403 and
c9803ee26ad1b2f92f2ce7653ce16ac84d0b3eb6.

The correct location for net .po files is in locale/net/

11 years agos3 net: i18n support for net rpc
Kai Blin [Tue, 4 Aug 2009 06:28:50 +0000 (08:28 +0200)]
s3 net: i18n support for net rpc

11 years agos3 net: i18n support for net registry
Kai Blin [Sun, 2 Aug 2009 08:26:48 +0000 (10:26 +0200)]
s3 net: i18n support for net registry

11 years agos3 net: i18n support for net rap
Kai Blin [Sun, 2 Aug 2009 08:25:26 +0000 (10:25 +0200)]
s3 net: i18n support for net rap

11 years agofixed another ambiguous talloc call
Andrew Tridgell [Fri, 7 Aug 2009 07:23:52 +0000 (17:23 +1000)]
fixed another ambiguous talloc call

During the creation of the 3 RPC pipes in winbind we try to steal the
RPC binding structure to be a child of the pipe once the pipe is
established. This fails with a talloc warning as the rpc connection
code already holds a reference to the binding.

The fix is to use talloc_reparent() instead.

11 years agoensure that child tasks die when the parent dies
Andrew Tridgell [Fri, 7 Aug 2009 07:21:54 +0000 (17:21 +1000)]
ensure that child tasks die when the parent dies

Previously we relied on process groups and SIGTERM to ensure that
child tasks died in the standard process model when the parent task
died. This doesn't work when the server is run in interactive mode, as
in that case we don't call become_daemon() and don't get a separate
process group.

The fix is to have a pipe held open by the parent server process, and
inherited by child tasks. If the parent exits then the write side of
the pipe is implicitly closed, which causes an event in the child
tasks that causes them to exit

11 years agoprime the sam ldb schema in the parent samba process
Andrew Tridgell [Fri, 7 Aug 2009 07:19:39 +0000 (17:19 +1000)]
prime the sam ldb schema in the parent samba process

While testing the use of the standard process model with 'make test' I
found that testing was much slower (by several times) with the
standard model than with the single model. The primary problem was
that each SMB connection would open a new sam ldb context, and all of
those would reload the full AD schema.

The fix is to pre-open the SAM during server startup, before any child
processes are forked. This sets up the global schema context which is
inherited by all connections.

The standard model is still slower at make test than the single model,
but not by nearly as much. I am working on further reducing the gap.

11 years agouse talloc with the global schema consistently
Andrew Tridgell [Fri, 7 Aug 2009 07:16:26 +0000 (17:16 +1000)]
use talloc with the global schema consistently

Before this change, the first opener of the sam ldb context would
become the owner of the global schema, then the autofree context got a
reference to the schema. Any subsequent opens of the sam ldb also got
a reference. This meant that the talloc hierarchy was inconsistent
between the first sam ldb open and subsequent opens. With this change
the autofree context becomes the owner of the global schema, and all
ldb contexts get a reference.

11 years agofixed several places that unnecessarily take a reference to the event context
Andrew Tridgell [Fri, 7 Aug 2009 07:14:13 +0000 (17:14 +1000)]
fixed several places that unnecessarily take a reference to the event context

These references were triggering the ambiguous talloc_free errors from
the recent talloc changes when the server is run using the 'standard'
process model instead of the 'single' process model. I am aiming to
move the build farm to use the 'standard' process model soon, as part
of an effort to make our test environment better match the real
deployment of Samba4.

The references are not needed as the way that the event context is
used is as the 'top parent', so when the event context is freed then
all of the structures that were taking a reference to the event
context were actually freed as well, thus making the references
redundent.

11 years agos3: add a test to test libsmbclient
Bo Yang [Fri, 7 Aug 2009 22:14:33 +0000 (06:14 +0800)]
s3: add a test to test libsmbclient

Signed-off-by: Bo Yang <boyang@samba.org>
11 years agos3: Fix nss info substitution
Bo Yang [Fri, 7 Aug 2009 22:10:37 +0000 (06:10 +0800)]
s3: Fix nss info substitution

Signed-off-by: Bo Yang <boyang@samba.org>
11 years agomake sure we never look past the end of either string in ldb_comparison_fold()
Andrew Tridgell [Fri, 7 Aug 2009 04:34:01 +0000 (14:34 +1000)]
make sure we never look past the end of either string in ldb_comparison_fold()

This fixes a bug in the samba3sam test with the python libraries as
noticed by abartlet

11 years agos4:ldb Make error message in rnd_name more useful
Andrew Bartlett [Fri, 7 Aug 2009 04:22:54 +0000 (14:22 +1000)]
s4:ldb Make error message in rnd_name more useful

11 years agoMerge branch 'master' of ssh://git.samba.org/data/git/samba into master-devel
Andrew Bartlett [Fri, 7 Aug 2009 03:08:35 +0000 (13:08 +1000)]
Merge branch 'master' of ssh://git.samba.org/data/git/samba into master-devel

11 years agos4:setup Remove extra newlines that break OpenLDAP backend
Oliver Liebel [Fri, 7 Aug 2009 02:38:51 +0000 (12:38 +1000)]
s4:setup Remove extra newlines that break OpenLDAP backend

11 years agos3: Fix a bug in renames of directories
Tim Prouty [Thu, 6 Aug 2009 22:53:33 +0000 (15:53 -0700)]
s3: Fix a bug in renames of directories

Recently code was added to match windows semantics of denying the
rename of a directory if there are open files underneath it.  This
does partly match windows semantics, but it turns out the rename
should be allowed if the open file handle is for the directory being
renamed, or for a stream on the directory being renamed.  This patch
refines the check to better follow these rename semantics.

11 years agos4 torture: Extend the RAW-RENAME test to more fully test directory renames.
Tim Prouty [Thu, 6 Aug 2009 18:23:23 +0000 (11:23 -0700)]
s4 torture: Extend the RAW-RENAME test to more fully test directory renames.

The existing test was only covering files opened underneath the
directory that was being renamed.  It is not uncommon for windows
clients to actually hold a read-only handle to a directory open across
the rename, which it turns out doesn't return NT_STATUS_ACCESS_DENIED.
Additionally, holding a handle open to a stream on the directory is
also allowed.

11 years agoRemove a const warning.
Jeremy Allison [Thu, 6 Aug 2009 22:47:05 +0000 (15:47 -0700)]
Remove a const warning.
Jeremy.

11 years agoFix bug #5714 - NetBSD, ENODATA undefined, at least some releases.
Jeremy Allison [Thu, 6 Aug 2009 22:09:01 +0000 (15:09 -0700)]
Fix bug #5714 - NetBSD, ENODATA undefined, at least some releases.
Jeremy.

11 years agoPut SMB_INFO_STANDARD back into setfileinfo, but do it right
Jeremy Allison [Thu, 6 Aug 2009 19:50:16 +0000 (12:50 -0700)]
Put SMB_INFO_STANDARD back into setfileinfo, but do it right
this time :-).
Jeremy.

11 years agoAdd define guards around otherwise unused variable.
Jeremy Allison [Thu, 6 Aug 2009 18:47:08 +0000 (11:47 -0700)]
Add define guards around otherwise unused variable.
Jeremy.

11 years agos3-ldap: Fix Bug #5879. Update LDAP schema for Netscape DS 5.
Günther Deschner [Thu, 6 Aug 2009 15:17:26 +0000 (17:17 +0200)]
s3-ldap: Fix Bug #5879. Update LDAP schema for Netscape DS 5.

Patch from TAKEDA Yasuma <yasuma@osstech.co.jp>.

Guenther

11 years agoUnable to browse DFS when using kerberos
Bo Yang [Fri, 7 Aug 2009 05:42:51 +0000 (13:42 +0800)]
Unable to browse DFS when using kerberos

Signed-off-by: Bo Yang <boyang@samba.org>
11 years agos4: Simplify two lines in the "samdb.py" file (cosmetic)
Matthias Dieter Wallnöfer [Thu, 6 Aug 2009 09:38:06 +0000 (11:38 +0200)]
s4: Simplify two lines in the "samdb.py" file (cosmetic)

11 years agos4:enableaccount script: Remove a redundant line
Matthias Dieter Wallnöfer [Wed, 5 Aug 2009 21:17:21 +0000 (23:17 +0200)]
s4:enableaccount script: Remove a redundant line

11 years agos3/smbldap: Fix typo in debug message.
Karolin Seeger [Thu, 6 Aug 2009 08:06:29 +0000 (10:06 +0200)]
s3/smbldap: Fix typo in debug message.

Karolin

11 years agoThere is one signedness issue in tdb which prevents traverses of TDB records
Rusty Russell [Thu, 6 Aug 2009 03:13:42 +0000 (13:13 +1000)]
There is one signedness issue in tdb which prevents traverses of TDB records
over the 2G offset on systems which support 64 bit file offsets.  This fixes
that case.

On systems with 32 bit offsets, expansion and fcntl locking on these records
will fail anyway.  SAMBA already does '#define _FILE_OFFSET_BITS 64' in
config.h (on my 32-bit x86 Linux system at least) to get 64 bit file offsets.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
11 years agoRevert "deliberately break the build"
Andrew Tridgell [Thu, 6 Aug 2009 01:36:52 +0000 (11:36 +1000)]
Revert "deliberately break the build"

This reverts commit 57da47c1bd76157a6a403154551645c16ad64a75.

The build emails do work :-)

11 years agodeliberately break the build
Andrew Tridgell [Thu, 6 Aug 2009 01:24:42 +0000 (11:24 +1000)]
deliberately break the build

I want to make sure that the build breakage emails are now working
correctly

11 years agos4:heimdal: import lorikeet-heimdal-200908052208 (commit 370a73a74199a5a55188340906e1...
Andrew Bartlett [Wed, 5 Aug 2009 22:17:09 +0000 (08:17 +1000)]
s4:heimdal: import lorikeet-heimdal-200908052208 (commit 370a73a74199a5a55188340906e15fd795f67a74)

This removes some of the portability changes made to code under
heimdal/

If these are still required, then we will re-add them with code under
heimdal_build/ (so that we can simply 'drop in' future heimdal
releases).

Andrew Bartlett

11 years agoset uidwrappersrcdir
Andrew Tridgell [Wed, 5 Aug 2009 21:57:17 +0000 (07:57 +1000)]
set uidwrappersrcdir

this is needed for the combined build

11 years agodefine uwrap_enabled() on Samba3
Andrew Tridgell [Wed, 5 Aug 2009 21:38:43 +0000 (07:38 +1000)]
define uwrap_enabled() on Samba3

s3 doesn't use uwrap yet, but it uses some common coe in lib/, and so
needs a dummy version of the uwrap_enabled() macro

11 years agos4:ldb Cosmetic corrections in "rdn_name" module
Matthias Dieter Wallnöfer [Wed, 5 Aug 2009 18:28:05 +0000 (20:28 +0200)]
s4:ldb Cosmetic corrections in "rdn_name" module

11 years agochanged BCC handling for SMBwriteX to handle broken MacOSX client
Andrew Tridgell [Wed, 5 Aug 2009 10:23:12 +0000 (20:23 +1000)]
changed BCC handling for SMBwriteX to handle broken MacOSX client

see bug #6610

The MacOSX SMB client sets the BCC value in SMBwriteX calls to zero
instead of the correct size. Checking against WindowsXP, I've found
that Windows uses the maximum of the computed buffer size and the
given BCC value. I've changed Samba4 to do the same to allow MacOSX to
work.

I've limited this change to non-chained packets to ensure we don't get
the possibility of exploits based on overlapping chained requests

11 years agoon buffer overflow windows gives SMBSRV:ERRerror here
Andrew Tridgell [Wed, 5 Aug 2009 10:19:36 +0000 (20:19 +1000)]
on buffer overflow windows gives SMBSRV:ERRerror here

11 years agos4:torture The test logic for the target was wrong. This should correct it.
Matthias Dieter Wallnöfer [Wed, 5 Aug 2009 08:48:25 +0000 (10:48 +0200)]
s4:torture The test logic for the target was wrong. This should correct it.

11 years agos4:heimdal_build: define HEIMDAL_LOCALEDIR
Stefan Metzmacher [Tue, 4 Aug 2009 11:43:29 +0000 (13:43 +0200)]
s4:heimdal_build: define HEIMDAL_LOCALEDIR

metze

11 years agos4:ldap_server: make sure we shutdown the tls socket before stream_terminate_connecti...
Stefan Metzmacher [Wed, 5 Aug 2009 08:05:56 +0000 (10:05 +0200)]
s4:ldap_server: make sure we shutdown the tls socket before stream_terminate_connection() removes the fd event

This fixes a crash bug where tls_destructor() relies on the fd event still being there.

metze

11 years agos4:torture Remove some unwanted code in the LDAP test - hope this fixes up the test...
Matthias Dieter Wallnöfer [Wed, 5 Aug 2009 07:48:45 +0000 (09:48 +0200)]
s4:torture Remove some unwanted code in the LDAP test - hope this fixes up the test failures

11 years agofixed a problem with group policy writes causing policy corruption
Andrew Tridgell [Wed, 5 Aug 2009 07:51:21 +0000 (17:51 +1000)]
fixed a problem with group policy writes causing policy corruption

This bug was caused by two things:

  1) in the unix ACL mapping, we were not taking into account group
  write permssions for the SEC_STD_DELETE flag

  2) when a file is created using OVERWRITE mode, a fchmod() would
  fail if the user is not the file owner. We resolve that by only
  doing the fchmod() if the mapped file attribute does not match the
  desired file attribute

11 years agos3:winbind: Convert WINBINDD_GETGROUPS to the new API
Volker Lendecke [Tue, 4 Aug 2009 20:26:07 +0000 (16:26 -0400)]
s3:winbind: Convert WINBINDD_GETGROUPS to the new API

11 years agos3:winbind: Add async wb_gettoken
Volker Lendecke [Tue, 4 Aug 2009 20:22:42 +0000 (16:22 -0400)]
s3:winbind: Add async wb_gettoken

11 years agos3:winbind: Convert WINBINDD_GETUSERDOMGROUPS to the new API
Volker Lendecke [Tue, 4 Aug 2009 20:20:18 +0000 (16:20 -0400)]
s3:winbind: Convert WINBINDD_GETUSERDOMGROUPS to the new API

11 years agos3:winbind: Add async wb_lookupusergroups
Volker Lendecke [Tue, 4 Aug 2009 20:07:01 +0000 (16:07 -0400)]
s3:winbind: Add async wb_lookupusergroups

11 years agos3:winbind: Make wcache_lookup_usergroups externally visible
Volker Lendecke [Sun, 2 Aug 2009 16:01:54 +0000 (18:01 +0200)]
s3:winbind: Make wcache_lookup_usergroups externally visible

11 years agos3:winbind: Convert WINBINDD_GETSIDALIASES to the new API
Volker Lendecke [Tue, 4 Aug 2009 19:58:45 +0000 (15:58 -0400)]
s3:winbind: Convert WINBINDD_GETSIDALIASES to the new API

11 years agos3:winbind: Add async wb_lookupuseraliases
Volker Lendecke [Tue, 4 Aug 2009 19:54:05 +0000 (15:54 -0400)]
s3:winbind: Add async wb_lookupuseraliases

11 years agos3:winbind: Make parse_sidlist take a const char *
Volker Lendecke [Sun, 2 Aug 2009 15:17:27 +0000 (17:17 +0200)]
s3:winbind: Make parse_sidlist take a const char *

11 years agos3:winbind: Make wcache_lookup_useraliases available publically
Volker Lendecke [Sun, 2 Aug 2009 14:52:19 +0000 (16:52 +0200)]
s3:winbind: Make wcache_lookup_useraliases available publically

11 years agos3:winbind: Convert WINBINDD_GETPWUID to the new API
Volker Lendecke [Tue, 4 Aug 2009 19:41:40 +0000 (15:41 -0400)]
s3:winbind: Convert WINBINDD_GETPWUID to the new API

11 years agos3:winbind: Convert WINBINDD_GETPWNAM to the new API
Volker Lendecke [Tue, 4 Aug 2009 19:37:54 +0000 (15:37 -0400)]
s3:winbind: Convert WINBINDD_GETPWNAM to the new API

11 years agos3:winbind: Convert WINBINDD_GETPWSID to the new API
Volker Lendecke [Tue, 4 Aug 2009 19:35:24 +0000 (15:35 -0400)]
s3:winbind: Convert WINBINDD_GETPWSID to the new API

11 years agos3:winbind: Add async wb_getpwsid
Volker Lendecke [Tue, 4 Aug 2009 19:32:11 +0000 (15:32 -0400)]
s3:winbind: Add async wb_getpwsid

11 years agos3:winbind: Make fillup_pw_field publically available
Volker Lendecke [Tue, 4 Aug 2009 19:31:49 +0000 (15:31 -0400)]
s3:winbind: Make fillup_pw_field publically available

11 years agos3:winbind: Add async wb_queryuser
Volker Lendecke [Tue, 4 Aug 2009 19:23:13 +0000 (15:23 -0400)]
s3:winbind: Add async wb_queryuser

11 years agos3:winbind: Make wcache_query_user externally visible
Volker Lendecke [Sat, 1 Aug 2009 14:20:13 +0000 (10:20 -0400)]
s3:winbind: Make wcache_query_user externally visible

11 years agos3:winbind: Convert WINBINDD_GID_TO_SID the new API
Volker Lendecke [Tue, 4 Aug 2009 18:22:17 +0000 (14:22 -0400)]
s3:winbind: Convert WINBINDD_GID_TO_SID the new API

11 years agos3:winbind: Add async wb_gid2sid
Volker Lendecke [Tue, 4 Aug 2009 18:19:03 +0000 (14:19 -0400)]
s3:winbind: Add async wb_gid2sid

11 years agos3:winbind: Convert WINBINDD_UID_TO_SID the new API
Volker Lendecke [Tue, 4 Aug 2009 18:07:44 +0000 (14:07 -0400)]
s3:winbind: Convert WINBINDD_UID_TO_SID the new API

11 years agos3:winbind: Add async wb_uid2sid
Volker Lendecke [Tue, 4 Aug 2009 17:52:39 +0000 (13:52 -0400)]
s3:winbind: Add async wb_uid2sid

11 years agos3:winbind: Convert WINBINDD_SID_TO_GID the new API
Volker Lendecke [Tue, 4 Aug 2009 17:42:22 +0000 (13:42 -0400)]
s3:winbind: Convert WINBINDD_SID_TO_GID the new API

11 years agos3:winbind: Add async wb_sid2gid
Volker Lendecke [Tue, 4 Aug 2009 17:38:52 +0000 (13:38 -0400)]
s3:winbind: Add async wb_sid2gid

11 years agos3:winbind: Convert WINBINDD_SID_TO_UID to the new API
Volker Lendecke [Tue, 4 Aug 2009 17:33:56 +0000 (13:33 -0400)]
s3:winbind: Convert WINBINDD_SID_TO_UID to the new API

11 years agos3:winbind: Add async wb_sid2uid
Volker Lendecke [Tue, 4 Aug 2009 17:28:59 +0000 (13:28 -0400)]
s3:winbind: Add async wb_sid2uid

11 years agos3:winbind: Convert WINBINDD_LOOKUPNAME to the new API
Volker Lendecke [Tue, 4 Aug 2009 11:29:03 +0000 (07:29 -0400)]
s3:winbind: Convert WINBINDD_LOOKUPNAME to the new API

11 years agos3:winbind: Add async wb_lookupname
Volker Lendecke [Tue, 4 Aug 2009 11:22:34 +0000 (07:22 -0400)]
s3:winbind: Add async wb_lookupname

11 years agos3:winbind: Make wcache_name_to_sid visible externally
Volker Lendecke [Fri, 31 Jul 2009 22:10:46 +0000 (00:10 +0200)]
s3:winbind: Make wcache_name_to_sid visible externally

11 years agos3:winbind: Remove old version of WINBINDD_PING
Volker Lendecke [Tue, 4 Aug 2009 10:58:28 +0000 (06:58 -0400)]
s3:winbind: Remove old version of WINBINDD_PING

11 years agos3:winbind: Convert WINBINDD_LOOKUPSID to the new API
Volker Lendecke [Tue, 4 Aug 2009 10:57:13 +0000 (06:57 -0400)]
s3:winbind: Convert WINBINDD_LOOKUPSID to the new API

11 years agos3:winbind: Add async wb_lookupsid
Volker Lendecke [Mon, 3 Aug 2009 21:44:46 +0000 (23:44 +0200)]
s3:winbind: Add async wb_lookupsid

11 years agos3:winbind: Make wcache_sid_to_name externally visible
Volker Lendecke [Sat, 1 Aug 2009 10:16:11 +0000 (12:16 +0200)]
s3:winbind: Make wcache_sid_to_name externally visible

11 years agos3:winbind: Add NDR-based parent-child communication to winbind
Volker Lendecke [Tue, 28 Jul 2009 19:06:11 +0000 (15:06 -0400)]
s3:winbind: Add NDR-based parent-child communication to winbind

11 years agohandle large directories in smb2_deltree()
Andrew Tridgell [Wed, 5 Aug 2009 05:05:13 +0000 (15:05 +1000)]
handle large directories in smb2_deltree()

11 years agofixed a uid_wrapper bug that caused a segv in the RAW-ACLS test
Andrew Tridgell [Wed, 5 Aug 2009 03:31:06 +0000 (13:31 +1000)]
fixed a uid_wrapper bug that caused a segv in the RAW-ACLS test

11 years agos4:heimdal: import lorikeet-heimdal-200908050050 (commit 8714779fa7376fd9f7761587639e...
Andrew Bartlett [Wed, 5 Aug 2009 01:25:50 +0000 (11:25 +1000)]
s4:heimdal: import lorikeet-heimdal-200908050050 (commit 8714779fa7376fd9f7761587639e68b48afc8c9c)

This also adds a new hdb-glue.c file, to cope with Heimdal's
uncondtional enabling of SQLITE.

(Very reasonable, but not required for Samba4's use).

Andrew Bartlett

11 years agos4 now supports the large readx extension
Andrew Tridgell [Wed, 5 Aug 2009 02:07:21 +0000 (12:07 +1000)]
s4 now supports the large readx extension

11 years agofixed the sense of the pvfs_acl uwrap check
Andrew Tridgell [Wed, 5 Aug 2009 02:07:08 +0000 (12:07 +1000)]
fixed the sense of the pvfs_acl uwrap check

11 years agopyldb: Fix reference counting on ldb_message_elements, add extra type
Jelmer Vernooij [Wed, 5 Aug 2009 01:34:08 +0000 (03:34 +0200)]
pyldb: Fix reference counting on ldb_message_elements, add extra type
check.

11 years agoskip the readbraw tests if the server does not support it
Andrew Tridgell [Wed, 5 Aug 2009 01:32:01 +0000 (11:32 +1000)]
skip the readbraw tests if the server does not support it

This allows the RAW-READ test to pass against w2k8

11 years agomake the UID_WRAPPER skip checks at runtime
Andrew Tridgell [Wed, 5 Aug 2009 01:21:06 +0000 (11:21 +1000)]
make the UID_WRAPPER skip checks at runtime

This fixes two issues pointed out by Andrew. It adds a runtime
uwrap_enabled() call that wraps the skips needed for uid emulation. It
also makes the skip in the directory_create_or_exist() function only
change the uid checking code, not the permissions code

11 years agoadded a uid_wrapper library
Andrew Tridgell [Wed, 5 Aug 2009 00:50:03 +0000 (10:50 +1000)]
added a uid_wrapper library

This library intercepts seteuid and related calls, and simulates them
in a manner similar to the nss_wrapper and socket_wrapper
libraries. This allows us to enable the vfs_unixuid NTVFS module in
the build farm, which means we are more likely to catch errors in the
token manipulation.

The simulation is not complete, but it is enough for Samba4 for
now. The major areas of incompleteness are:

 - no emulation of setreuid, setresuid or saved uids. These would be
   needed for use in Samba3

 - no emulation of ruid changing. That would also be needed for Samba3

 - no attempt to emulate file ownership changing, so code that (for
   example) tests whether st.st_uid matches geteuid() needs special
   handling

11 years agos4:ldb initialise e->values[i].length before use in python bindings
Andrew Bartlett [Wed, 5 Aug 2009 00:35:45 +0000 (10:35 +1000)]
s4:ldb initialise e->values[i].length before use in python bindings

11 years agos4:dsdb Don't cast an ldb_val into a const char * for schema lookups
Andrew Bartlett [Tue, 4 Aug 2009 22:53:11 +0000 (08:53 +1000)]
s4:dsdb Don't cast an ldb_val into a const char * for schema lookups

This removes a number of cases where we did a cast into a const char *
of an ldb_val.  While convention is to alway have an extra \0 at
data[length] in the ldb_val, this is not required, and does not occour
at least on build farm host 'svart'.

Andrew Bartlett

11 years agoidmap_adex: Fix usage of talloc_stackframe().
Gerald Carter [Mon, 3 Aug 2009 21:18:10 +0000 (16:18 -0500)]
idmap_adex: Fix usage of talloc_stackframe().

Pass an explicit TALLOC_CTX* to build_id_filter() and build_alias_filter()
rather than relying upon the talloc_stackframe() behavior that
allows a caller access to stackframe ctx for called functions.

11 years agos4: make install: prevent overwriting failure
Rusty Russell [Tue, 4 Aug 2009 17:02:42 +0000 (19:02 +0200)]
s4: make install: prevent overwriting failure

We don't have to remove the eventual write privileges to enable the execute ones.

11 years agos3-spoolss: Fix Bug #6568: _spoolss_GetPrintProcessorDirectory() implementation.
Günther Deschner [Tue, 4 Aug 2009 10:21:49 +0000 (12:21 +0200)]
s3-spoolss: Fix Bug #6568: _spoolss_GetPrintProcessorDirectory() implementation.

We should always return a local path so that users are not forced to setup a
[prnproc$] share on the server. This restores pre-3.4.0 spoolss behaviour.

Guenther

11 years agos4: Change my nested groups patch to don't include user's SID itself in the "groupSID...
Matthias Dieter Wallnöfer [Tue, 4 Aug 2009 15:09:29 +0000 (17:09 +0200)]
s4: Change my nested groups patch to don't include user's SID itself in the "groupSID"s structure

11 years agos4:torture Make RPC-NETLOGON pass against ncaclrpc servers
Andrew Bartlett [Tue, 4 Aug 2009 08:24:37 +0000 (18:24 +1000)]
s4:torture Make RPC-NETLOGON pass against ncaclrpc servers

The original patch didn't cope with a NULL target server name - we now key off that to decide it isn't worth checking against LDAP for this host.

I still can't get this to pass against Windows 2008, but mdw was
testing against Windows 2008R2.  at least 'make test' is happy, and
the rest should not be too hard...

Andrew Bartlett

11 years agoAdd const
Andrew Bartlett [Tue, 4 Aug 2009 06:11:55 +0000 (16:11 +1000)]
Add const

11 years agos4:ldif_handlers Allow a binary nTsecurityDescriptor when parsing LDIF
Andrew Bartlett [Tue, 4 Aug 2009 06:07:18 +0000 (16:07 +1000)]
s4:ldif_handlers Allow a binary nTsecurityDescriptor when parsing LDIF

Also allow a SDDL security descriptor, using the domain SID attached
to the session (it will search for it during the LDIF parse if need
be).

Andrew Bartlett