ira/wip.git
11 years agolibcli/auth: initialize creds in netlogon_creds_client_init_session_key()
Stefan Metzmacher [Fri, 23 Oct 2009 15:26:58 +0000 (17:26 +0200)]
libcli/auth: initialize creds in netlogon_creds_client_init_session_key()

metze

11 years agos4:gensec/schannel: remove unused talloc_reference() in schannel_update()
Stefan Metzmacher [Fri, 23 Oct 2009 15:25:19 +0000 (17:25 +0200)]
s4:gensec/schannel: remove unused talloc_reference() in schannel_update()

We never expose creds to the caller in schannel_update().

metze

11 years agolibcli/auth: fix memory leak in schannel_creds_server_step_check_ldb()
Stefan Metzmacher [Fri, 23 Oct 2009 15:23:56 +0000 (17:23 +0200)]
libcli/auth: fix memory leak in schannel_creds_server_step_check_ldb()

metze

11 years agolibcli/auth: don't leak the ldb_msg in schannel_store_session_key_ldb()
Stefan Metzmacher [Fri, 23 Oct 2009 13:10:20 +0000 (15:10 +0200)]
libcli/auth: don't leak the ldb_msg in schannel_store_session_key_ldb()

metze

11 years agoFix bug 6802 - A created folder does not properly inherit permissions from parent.
Barry Sabsevitz [Fri, 23 Oct 2009 18:50:29 +0000 (11:50 -0700)]
Fix bug 6802 - A created folder does not properly inherit permissions from parent.

11 years agotdb: rename 'struct list_struct' into 'struct tdb_record'
Stefan Metzmacher [Fri, 23 Oct 2009 11:51:03 +0000 (13:51 +0200)]
tdb: rename 'struct list_struct' into 'struct tdb_record'

metze

11 years agoldb python bindungs - better use the "enum ldb_scope" for the search scope rather...
Matthias Dieter Wallnöfer [Fri, 23 Oct 2009 12:26:41 +0000 (14:26 +0200)]
ldb python bindungs - better use the "enum ldb_scope" for the search scope rather than "int"

11 years agos3: Fix crash in pam_winbind, another reference to freed memory.
Bo Yang [Sat, 24 Oct 2009 01:20:00 +0000 (09:20 +0800)]
s3: Fix crash in pam_winbind, another reference to freed memory.

Signed-off-by: Bo Yang <boyang@samba.org>
11 years agos4-python: we need to include Python.h first
Andrew Tridgell [Fri, 23 Oct 2009 05:23:01 +0000 (16:23 +1100)]
s4-python: we need to include Python.h first

If we don't include Python.h first then we get a pile of warnings due
to broken redefines of XOPEN_SOURCE in the Python includes.

11 years agos4:dsdb 'attrs' must be static (otherwise segv with async)
Andrew Bartlett [Fri, 23 Oct 2009 03:58:09 +0000 (14:58 +1100)]
s4:dsdb 'attrs' must be static (otherwise segv with async)

The async code makes this really easy to mess up...

Andrew Bartlett

11 years agos4:dsdb Fix samba3sam test again.
Andrew Bartlett [Fri, 23 Oct 2009 02:37:53 +0000 (13:37 +1100)]
s4:dsdb Fix samba3sam test again.

We again need to be careful not to call 'ldb_next_request' based functions in the partitions module.

Or, we need to instead go back to having that work, and ditch the
partition_request stuff...

Andrew Bartlett

11 years agos4:dsdb Add error string in 'no such object' because of 0 replies case
Andrew Bartlett [Fri, 23 Oct 2009 01:34:41 +0000 (12:34 +1100)]
s4:dsdb Add error string in 'no such object' because of 0 replies case

11 years agos4:dsdb Remove unused variables
Andrew Bartlett [Fri, 23 Oct 2009 00:36:23 +0000 (11:36 +1100)]
s4:dsdb Remove unused variables

11 years agos4:dsdb Do less allocation when searching for partitions modules
Andrew Bartlett [Thu, 22 Oct 2009 23:08:27 +0000 (10:08 +1100)]
s4:dsdb Do less allocation when searching for partitions modules

(it didn't help that the previous allocation was on the wrong long-term context)

Andrew Bartlett

11 years agos4:setup Mark 'cn' in secrets as case insensitive
Andrew Bartlett [Thu, 22 Oct 2009 07:22:26 +0000 (18:22 +1100)]
s4:setup Mark 'cn' in secrets as case insensitive

While this does not matter very much, others may later expect 'cn' to be case
insensitive.

Andrew Bartlett

11 years agos4:secrets Look for LDAP secret with a name that is indexed
Andrew Bartlett [Thu, 22 Oct 2009 07:21:50 +0000 (18:21 +1100)]
s4:secrets Look for LDAP secret with a name that is indexed

This avoids a very common unindexed lookup

11 years agos4:gensec Use an index on computerName in schannel.ldb
Andrew Bartlett [Thu, 22 Oct 2009 07:21:02 +0000 (18:21 +1100)]
s4:gensec Use an index on computerName in schannel.ldb

11 years agoutil:ldb Allow multiple entries to be added in one LDIF snippit
Andrew Bartlett [Thu, 22 Oct 2009 07:20:07 +0000 (18:20 +1100)]
util:ldb Allow multiple entries to be added in one LDIF snippit

11 years agos4:dsdb Split schema loading and schema data management
Andrew Bartlett [Thu, 22 Oct 2009 04:54:57 +0000 (15:54 +1100)]
s4:dsdb Split schema loading and schema data management

By splitting the module this way, we can load the schema at startup, after
the partitions module is operational, but we leave the 'mess with details of
entries in the partitions' module to operate only on the partitions module.

Loading the schema later allows us to set the @ATTRIBUTES correctly on all
the databases.

Andrew Bartlett

11 years agos4:dsdb Set partitions metadata as soon as it is set up.
Andrew Bartlett [Thu, 22 Oct 2009 04:54:12 +0000 (15:54 +1100)]
s4:dsdb Set partitions metadata as soon as it is set up.

11 years agos4-selftest: lower some of the timeouts during make test
Andrew Tridgell [Fri, 23 Oct 2009 04:38:54 +0000 (15:38 +1100)]
s4-selftest: lower some of the timeouts during make test

This speeds up some of the delay based tests by a lot. There is no
need to have long delays during testing.

11 years agos4-samdb: make sure the static credentials are never freed
Andrew Tridgell [Fri, 23 Oct 2009 03:54:07 +0000 (14:54 +1100)]
s4-samdb: make sure the static credentials are never freed

11 years agos4-ldb: move the tdb_reopen_all() calls to ldb_wrap.c
Andrew Tridgell [Fri, 23 Oct 2009 03:50:56 +0000 (14:50 +1100)]
s4-ldb: move the tdb_reopen_all() calls to ldb_wrap.c

11 years agos4-ldb: use ldb_wrap_fork_hook() to cancel child transactions
Andrew Tridgell [Fri, 23 Oct 2009 03:46:34 +0000 (14:46 +1100)]
s4-ldb: use ldb_wrap_fork_hook() to cancel child transactions

11 years agos4-ldb: added ldb_transaction_cancel_noerr()
Andrew Tridgell [Fri, 23 Oct 2009 03:46:08 +0000 (14:46 +1100)]
s4-ldb: added ldb_transaction_cancel_noerr()

This will be used to allow cancelling of transactions in a child after
a fork()

11 years agos4-server: call the ldb_wrap_fork_hook() after a fork()
Andrew Tridgell [Fri, 23 Oct 2009 03:31:07 +0000 (14:31 +1100)]
s4-server: call the ldb_wrap_fork_hook() after a fork()

This will be used to allow us to cancel any pending transactions
after a fork.

11 years agos4-server: pre-open the main ldb databases in the server
Andrew Tridgell [Fri, 23 Oct 2009 03:30:00 +0000 (14:30 +1100)]
s4-server: pre-open the main ldb databases in the server

By pre-opening these databases and leaving them open, we allow the new
ldb_wrap_connect() code to share the ldb context between users.

11 years agos4-ldbwrap: added re-use of ldb contexts in ldb_wrap_connect()
Andrew Tridgell [Fri, 23 Oct 2009 03:27:00 +0000 (14:27 +1100)]
s4-ldbwrap: added re-use of ldb contexts in ldb_wrap_connect()

This allows us to reuse a ldb context if it is open twice, instead
of going through the expensive process of a full ldb open. We can
reuse it if all of the parameters are the same.

The change relies on callers using talloc_unlink() or free of a parent
to close a ldb context.

11 years agos4-dsdb: add a static samdb_credentials
Andrew Tridgell [Fri, 23 Oct 2009 03:23:40 +0000 (14:23 +1100)]
s4-dsdb: add a static samdb_credentials

Similarly to system_session(), this creates a static
samdb_credentials()

11 years agos4-dsdb: create a static system_session context
Andrew Tridgell [Fri, 23 Oct 2009 03:19:28 +0000 (14:19 +1100)]
s4-dsdb: create a static system_session context

This patch adds a system_session cache, preventing us from having to
recreate it on every ldb open, and allowing us to detect when the same
session is being used in ldb_wrap

11 years agoSimplify the logic.
Jeremy Allison [Thu, 22 Oct 2009 22:26:22 +0000 (15:26 -0700)]
Simplify the logic.
Jeremy.

11 years agoFix bug 6829 - smbclient does not show special characters properly.
Jeremy Allison [Thu, 22 Oct 2009 22:06:38 +0000 (15:06 -0700)]
Fix bug 6829 - smbclient does not show special characters properly.
All successful calls to cli_session_setup() *must* be followed by
calls to cli_init_creds() to stash the credentials we successfully
connected with. There were 2 codepaths where this was missing. This
caused smbclient to be unable to open the \srvsvc pipe to do an RPC
netserverenum, and cause it to fall back to a RAP netserverenum,
which uses DOS codepage conversion rather than the full UCS2 of
RPC, so the returned characters were not correct (unless the DOS
codepage was set correctly). Phew. That was fun to track down :-).
Jeremy.

11 years agos3: Remove a pointless #endif/#ifdef pair
Volker Lendecke [Thu, 22 Oct 2009 14:32:13 +0000 (16:32 +0200)]
s3: Remove a pointless #endif/#ifdef pair

11 years agos4-lsa: fixed breakage of lsa server
Andrew Tridgell [Thu, 22 Oct 2009 08:05:02 +0000 (19:05 +1100)]
s4-lsa: fixed breakage of lsa server

11 years agos4-torture: fixed double free in libnet_group test
Andrew Tridgell [Thu, 22 Oct 2009 07:45:43 +0000 (18:45 +1100)]
s4-torture: fixed double free in libnet_group test

11 years agos4:provision - Reintroduce accidentally removed parameters and checks from "guess_names"
Matthias Dieter Wallnöfer [Thu, 22 Oct 2009 07:17:27 +0000 (09:17 +0200)]
s4:provision - Reintroduce accidentally removed parameters and checks from "guess_names"

abartlet pointed out that those are essential for a safe and consistent provision.

11 years agos4-lsa: fixed the lsa server to cope with the new tests from gd
Andrew Tridgell [Thu, 22 Oct 2009 03:44:47 +0000 (14:44 +1100)]
s4-lsa: fixed the lsa server to cope with the new tests from gd

11 years agos4-ldb: added a TODO about checking the indexlist
Andrew Tridgell [Thu, 22 Oct 2009 01:45:48 +0000 (12:45 +1100)]
s4-ldb: added a TODO about checking the indexlist

11 years agos4-ldb: fixed some memory leaks in new indexing code
Andrew Tridgell [Thu, 22 Oct 2009 01:45:26 +0000 (12:45 +1100)]
s4-ldb: fixed some memory leaks in new indexing code

11 years agos4-ldb: don't try to index non-indexed attributes
Andrew Tridgell [Thu, 22 Oct 2009 01:29:35 +0000 (12:29 +1100)]
s4-ldb: don't try to index non-indexed attributes

11 years agos4-selftest: removed raw.unlink from quicktest
Andrew Tridgell [Thu, 22 Oct 2009 00:19:19 +0000 (11:19 +1100)]
s4-selftest: removed raw.unlink from quicktest

This test takes 40s, and quicktest already covers delete operations in
base.delete

11 years agos4-ldb: ensure new dn_list elements are not owned by caller
Andrew Tridgell [Thu, 22 Oct 2009 00:16:30 +0000 (11:16 +1100)]
s4-ldb: ensure new dn_list elements are not owned by caller

11 years agos4-ldb: over-allocate index records to save on realloc costs
Andrew Tridgell [Thu, 22 Oct 2009 00:16:00 +0000 (11:16 +1100)]
s4-ldb: over-allocate index records to save on realloc costs

11 years agos4-ldb: fixed tdb error handling in ldb_index.c
Andrew Tridgell [Thu, 22 Oct 2009 00:15:18 +0000 (11:15 +1100)]
s4-ldb: fixed tdb error handling in ldb_index.c

11 years agos4-ldb: delete empty index records
Andrew Tridgell [Thu, 22 Oct 2009 00:14:36 +0000 (11:14 +1100)]
s4-ldb: delete empty index records

11 years agos4-ldb: do more validation of idxptr lists
Andrew Tridgell [Thu, 22 Oct 2009 00:13:28 +0000 (11:13 +1100)]
s4-ldb: do more validation of idxptr lists

11 years agos4-ldb: expose ltdb_err_map and ltdb_delete_noindex
Andrew Tridgell [Thu, 22 Oct 2009 00:06:33 +0000 (11:06 +1100)]
s4-ldb: expose ltdb_err_map and ltdb_delete_noindex

These will be used by ldb_index.c

11 years agos4-ldb: fast path for equal pointers
Andrew Tridgell [Thu, 22 Oct 2009 00:05:15 +0000 (11:05 +1100)]
s4-ldb: fast path for equal pointers

We compare identical ldb_val values surprisingly often

11 years agoselftest: make python run unbuffered
Andrew Tridgell [Thu, 22 Oct 2009 00:04:40 +0000 (11:04 +1100)]
selftest: make python run unbuffered

This makes some output in make test easier to follow

11 years agoutil: fixed place where we could look one byte past end of string
Andrew Tridgell [Thu, 22 Oct 2009 00:03:27 +0000 (11:03 +1100)]
util: fixed place where we could look one byte past end of string

We need to check the length before the value

11 years agoidl-drsblobs: mark some more reserved values as value(0)
Andrew Tridgell [Wed, 21 Oct 2009 23:36:58 +0000 (10:36 +1100)]
idl-drsblobs: mark some more reserved values as value(0)

This prevents valgrind errors when we store these blobs in a database

11 years agos4-ldb: when taking a list intersection, the result can be as long as the first list
Andrew Tridgell [Wed, 21 Oct 2009 11:33:58 +0000 (22:33 +1100)]
s4-ldb: when taking a list intersection, the result can be as long as the first list

Intuitively you would think it couldn't be longer than the minimum of
the two lists, but we are deliberately allowing for duplicates at this
level of the indexing code, which means the result can be longer

11 years agos4-ldb: ldb indexing rewrite - part1
Andrew Tridgell [Wed, 21 Oct 2009 11:21:26 +0000 (22:21 +1100)]
s4-ldb: ldb indexing rewrite - part1

This gets rid of the @IDXPTR approach to in-transaction indexing,
instead using an in-memory tdb to hold index values during a
transaction. This also cleans up a lot of the internal indexing logic,
hopefully making it easier to understand.

One of the big changes is in memory management, with a lot more use
made of talloc tricks to avoid copying dn lists, and shortcuts used to
avoid high intersection and union calculation costs.

The overall result is that a re-provision on my laptop goes from 48s
to a bit over 10s.

11 years agos4-ldb: ldb_oom() for modules
Andrew Tridgell [Wed, 21 Oct 2009 11:18:32 +0000 (22:18 +1100)]
s4-ldb: ldb_oom() for modules

11 years agos4:torture Silence const warning by use of data_blob_const()
Andrew Bartlett [Wed, 21 Oct 2009 23:17:35 +0000 (10:17 +1100)]
s4:torture Silence const warning by use of data_blob_const()

This was inspired by one of mdw's const patches

Andrew Bartlett

11 years agos4:dsdb/samdb/cracknames - Remove unused header and add more "const"
Matthias Dieter Wallnöfer [Sat, 17 Oct 2009 20:20:43 +0000 (22:20 +0200)]
s4:dsdb/samdb/cracknames - Remove unused header and add more "const"

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
11 years agos4:ldb_sort - Add some more "const"
Matthias Dieter Wallnöfer [Sat, 17 Oct 2009 20:30:22 +0000 (22:30 +0200)]
s4:ldb_sort - Add some more "const"

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
11 years agos4:libcli/security/access_check - Add "const" in front of "type"
Matthias Dieter Wallnöfer [Sat, 17 Oct 2009 20:30:43 +0000 (22:30 +0200)]
s4:libcli/security/access_check - Add "const" in front of "type"

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
11 years agos4:smbtorture - Add "const" before "value"
Matthias Dieter Wallnöfer [Sat, 17 Oct 2009 20:39:15 +0000 (22:39 +0200)]
s4:smbtorture - Add "const" before "value"

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
11 years agos4:dsdb Use the 'correct' case for the namingContext values in rootDSE
Andrew Bartlett [Wed, 21 Oct 2009 22:45:14 +0000 (09:45 +1100)]
s4:dsdb Use the 'correct' case for the namingContext values in rootDSE

This makes the namingContext attributes in the rootDSE a little more pretty, by
using the exact same values as used in the database DNs.

Andrew Bartlett

11 years agos4:dsdb Add default modules list to samba3sam
Andrew Bartlett [Wed, 21 Oct 2009 22:22:18 +0000 (09:22 +1100)]
s4:dsdb Add default modules list to samba3sam

This is needed because the work to allow existing databases to be loaded now
moves the 'you have an old @PARTITION' record to the presense or absence of
this attribute.

Andrew Bartlett

11 years agos4:provision - rework the "guess_names" and "make_smbconf" method
Matthias Dieter Wallnöfer [Wed, 21 Oct 2009 17:38:52 +0000 (19:38 +0200)]
s4:provision - rework the "guess_names" and "make_smbconf" method

- Cleans it up from unnecessary "lower()/upper()" and parameters which can be
  derived through "lp" calls.
- Substitute the "HOSTNAME" caption in the "smb.conf" templates with
  "NETBIOS_NAME" which fits better.
- Now the "realm" and "domain" parameter of the provision are totally case
  insensitive and the script itself up/downcases them appropriately depending
  on the use (e.g. "realm" upcase for KERBEROS, lowcase for DNS domainname).

11 years agos3:Makefile: add some explicit dependencies to libc
Björn Jacke [Wed, 21 Oct 2009 20:45:18 +0000 (22:45 +0200)]
s3:Makefile: add some explicit dependencies to libc

Add libc as explicit dependency where we use "-z defs" linker flags. This is
to silence the Sun linker. Otherwise it whines:

malloc  ... (symbol belongs to implicit dependency /lib/libc.so.1)

11 years agos4:provision - important fix for DNS domainname: lower realm
Matthias Dieter Wallnöfer [Wed, 21 Oct 2009 16:46:44 +0000 (18:46 +0200)]
s4:provision - important fix for DNS domainname: lower realm

11 years ago.gitignore: add "partition_proto.h"
Matthias Dieter Wallnöfer [Wed, 21 Oct 2009 15:56:17 +0000 (17:56 +0200)]
.gitignore: add "partition_proto.h"

11 years agoheimdal - hdb/ext.c - fix a "shadows variable" warning
Matthias Dieter Wallnöfer [Wed, 21 Oct 2009 15:35:51 +0000 (17:35 +0200)]
heimdal - hdb/ext.c - fix a "shadows variable" warning

Renamed the variable "str" in the nested block to "str2" to prevent the collision
with "str" in the main function block.

11 years agoS4: ldb_map modules uses defines that are reserved
Torgeir Lerkerød [Tue, 20 Oct 2009 16:33:25 +0000 (18:33 +0200)]
S4: ldb_map modules uses defines that are reserved

On OpenSolaris MAP_RENAME and friends are defined in <sys/mman.h> e.g. mmap and friends. So on these systems MAP_* have a meaning. Cleaned up LDB name space by adding LDB_ in front of MAP_* e.g. MAP_RENAME => LDB_MAP_RENAME

Signed-off-by: Torgeir Lerkerød <torgeir.lerkerod@gmail.com>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
11 years agoS4: Building on a system with libintl
Torgeir Lerkerød [Tue, 20 Oct 2009 16:25:53 +0000 (18:25 +0200)]
S4: Building on a system with libintl

Heimdal's internal buildsystem uses a different define for checking for libintl than what samba uses. LIBINTL vs HAVE_LIBINTL_H. Since changing heimdals defineswould brake dropin merges of heimdal. This is a simple workaround in line with others in heimdal_build catalog.

Signed-off-by: Torgeir Lerkerød <torgeir.lerkerod@gmail.com>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
11 years agolib/tdb: make tdbtool use tdb_check() for "check" command
Rusty Russell [Wed, 21 Oct 2009 13:41:34 +0000 (00:11 +1030)]
lib/tdb: make tdbtool use tdb_check() for "check" command

Also, set logging function so we get more informative messages.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
11 years agolib/tdb: add tdb_check()
Rusty Russell [Wed, 21 Oct 2009 13:40:34 +0000 (00:10 +1030)]
lib/tdb: add tdb_check()

ctdb wants a quick way to detect corrupt tdbs; particularly, tdbs with
loops in their hash chains.  tdb_check() provides this.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
11 years agolib/tdb: add -t (always use transactions) option to tdbtorture
Rusty Russell [Wed, 21 Oct 2009 13:40:54 +0000 (00:10 +1030)]
lib/tdb: add -t (always use transactions) option to tdbtorture

This means you can kill it at any time and expect no corruption.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
11 years agolib/tdb: wean off TDB_ERRCODE.
Rusty Russell [Wed, 21 Oct 2009 13:39:43 +0000 (00:09 +1030)]
lib/tdb: wean off TDB_ERRCODE.

It was a regrettable hack which I used to reduce line count in tdb; in fact it caused confusion as can be seen in this patch.
In particular, ecode now needs to be set before TDB_LOG anyway, and having it exposed in
the header is useless (the struct tdb_context isn't defined, so it's doubly useless).
Also, we should never set errno, as io.c was doing.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
11 years agolib/tdb: TDB_TRACE support (for developers)
Rusty Russell [Tue, 20 Oct 2009 01:49:41 +0000 (12:19 +1030)]
lib/tdb: TDB_TRACE support (for developers)

When TDB_TRACE is defined (in tdb_private.h), verbose tracing of tdb operations is enabled.
This can be replayed using "replay_trace" from http://ccan.ozlabs.org/info/tdb.

The majority of this patch comes from moving internal functions to _<funcname> to
avoid double-tracing.  There should be no additional overhead for the normal (!TDB_TRACE)
case.

Note that the verbose traces compress really well with rzip.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
11 years agos4-ldb: allow for non-null terminated ldb_val in ldb_dn_from_ldb_val
Andrew Tridgell [Wed, 21 Oct 2009 11:18:16 +0000 (22:18 +1100)]
s4-ldb: allow for non-null terminated ldb_val in ldb_dn_from_ldb_val

The strlen() could go past the end of a non-null terminated value

11 years agos4:dsdb Add note explaining about the partition format upgrade
Andrew Bartlett [Wed, 21 Oct 2009 11:28:29 +0000 (22:28 +1100)]
s4:dsdb Add note explaining about the partition format upgrade

11 years agos4:dsdb Allow loading of old-style partition records
Andrew Bartlett [Wed, 21 Oct 2009 11:27:22 +0000 (22:27 +1100)]
s4:dsdb Allow loading of old-style partition records

This should make upgrades easier

11 years agos4:dsdb Make the 'relative path' code in partitions handle tdb://
Andrew Bartlett [Wed, 21 Oct 2009 07:25:00 +0000 (18:25 +1100)]
s4:dsdb Make the 'relative path' code in partitions handle tdb://

The previous code would fail if the caller used tdb:// in the URL for the
top-level database.

Andrew Bartlett

11 years agos4:ldb_map Fix use-after-free of memory in ldb_map
Andrew Bartlett [Wed, 21 Oct 2009 07:23:18 +0000 (18:23 +1100)]
s4:ldb_map Fix use-after-free of memory in ldb_map

We need to keep the old 'ares' from the remote server around so we can forward
it back to the caller.  We can't send the same controls (from the last search
entry) twice (and it makes no sense anyway).

Andrew Bartlett

11 years agos4:dsdb talloc_steal the backend module to under the partition
Andrew Bartlett [Wed, 21 Oct 2009 05:09:10 +0000 (16:09 +1100)]
s4:dsdb talloc_steal the backend module to under the partition

11 years agos4:ldb Put ltdb_private under the 'module'
Andrew Bartlett [Wed, 21 Oct 2009 05:08:24 +0000 (16:08 +1100)]
s4:ldb Put ltdb_private under the 'module'

This helps track the memory better, as we can then place it under the partition
hirarchy.

Andrew Bartlett

11 years agos4:rpc_server Ensure we talloc_free handles when we delete objects
Andrew Bartlett [Wed, 21 Oct 2009 05:07:22 +0000 (16:07 +1100)]
s4:rpc_server Ensure we talloc_free handles when we delete objects

If we don't talloc_free the handle, we leak the memory onto the long-term
context.

Andrew Bartlett

11 years agos4:dsdb Remove potentially confusing 'partition' control from result
Andrew Bartlett [Wed, 21 Oct 2009 04:21:21 +0000 (15:21 +1100)]
s4:dsdb Remove potentially confusing 'partition' control from result

This ensures that the partition control, needed here for repl_meta_data's
internal work, is not pushed up to other callers.

Andrew Bartlett

11 years agos4:ldb Add new function to create a cut down list of controls
Andrew Bartlett [Wed, 21 Oct 2009 04:20:26 +0000 (15:20 +1100)]
s4:ldb Add new function to create a cut down list of controls

This I hope will be useful for removing controls from the ldb_reply

Andrew Bartlett

11 years agos4:samr Don't leak the whole user onto the long-term handle
Andrew Bartlett [Wed, 21 Oct 2009 04:18:59 +0000 (15:18 +1100)]
s4:samr Don't leak the whole user onto the long-term handle

The user entry is only required for this function, so use
mem_ctx to hold it.

Andrew Bartlett

11 years agolibrpc Make talloc tree in binding tower match the floors
Andrew Bartlett [Wed, 21 Oct 2009 04:17:31 +0000 (15:17 +1100)]
librpc Make talloc tree in binding tower match the floors

This is mostly cosmetics, but helped me see that these are legitimate stuctures
when viewed in the talloc tree.

Also don't put the 'ndr' structure on the long-term tree.

Andrew Bartlett

11 years agos4:epmapper Create a proper talloc tree of endpoint floors
Andrew Bartlett [Wed, 21 Oct 2009 04:15:48 +0000 (15:15 +1100)]
s4:epmapper Create a proper talloc tree of endpoint floors

Andrew Bartlett

11 years agos4:dsdb Allow creation of new partitions
Andrew Bartlett [Mon, 19 Oct 2009 22:12:26 +0000 (09:12 +1100)]
s4:dsdb Allow creation of new partitions

This is a collection of fixes to allow the creation of new partitions,
as well as adding debugging that may be useful in chasing down future
failures.

Andrew Bartlett

11 years agos4:provision Use schema to casefold partitions on 'upgrade'.
Andrew Bartlett [Mon, 19 Oct 2009 22:11:04 +0000 (09:11 +1100)]
s4:provision Use schema to casefold partitions on 'upgrade'.

This helps us upgrade from sam.ldb files before the dynamic partitions
work, and ensures we use the right casefolding functions.

Andrew Bartlett

11 years agos4:dsdb Remove default instanceType from repl_meta_data
Andrew Bartlett [Mon, 19 Oct 2009 01:03:50 +0000 (12:03 +1100)]
s4:dsdb Remove default instanceType from repl_meta_data

This is no longer required, as the instancetype module is now above
repl_meta_data.

Andrew Bartlett

11 years agos4:dsdb Remove workaround for two partition head records
Andrew Bartlett [Fri, 16 Oct 2009 05:25:49 +0000 (16:25 +1100)]
s4:dsdb Remove workaround for two partition head records

The problem here has been avoided in repl_meta_data, and so this is no
longer required.

Andrew Bartlett

11 years agos4:dsdb Use 'partition modified' information to update @REPLCHANGED
Andrew Bartlett [Fri, 16 Oct 2009 05:20:15 +0000 (16:20 +1100)]
s4:dsdb Use 'partition modified' information to update @REPLCHANGED

This major rework of repl_meta_data changes it from using a static
list of partitions to a dynamic list created from the controls placed
on returned ldb results.

To process these in one place, the similar but distinct callbacks are
combined into a single replmd_op_callback(), which handles both the
'normal operation' and 'inbound replication' case.

This allows new partitions to be created, and replication events for
these new partitions to be scheduled immediately.

Also in this commit: We no longer specify the target partition for new
or modified objects - instead we allow the partitions module to use
the DN as normal.  THis avoids the issue where we would create two
partition head records.

Andrew Bartlett

11 years agos4:repl Pass schema as argument to replmd_update_rpmd()
Andrew Bartlett [Fri, 16 Oct 2009 04:11:28 +0000 (15:11 +1100)]
s4:repl Pass schema as argument to replmd_update_rpmd()

11 years agos4:dsdb In partitions module, tell the caller what partition was used.
Andrew Bartlett [Wed, 14 Oct 2009 23:49:25 +0000 (10:49 +1100)]
s4:dsdb In partitions module, tell the caller what partition was used.

This means we don't return any control for modifications to the
control records in sam.ldb, but do if they modified one of the actual
data LDB files.

Andrew Bartlett

11 years agos4:ldb Add function to add controls to an LDB reply
Andrew Bartlett [Wed, 14 Oct 2009 23:45:44 +0000 (10:45 +1100)]
s4:ldb Add function to add controls to an LDB reply

11 years agos4:dsdb Load new partitions in a running LDB if metadata changes
Andrew Bartlett [Wed, 14 Oct 2009 04:16:34 +0000 (15:16 +1100)]
s4:dsdb Load new partitions in a running LDB if metadata changes

This allows one instance of LDB to add a partition, and another to use
it without first closing the database.

Andrew Bartlett

11 years agos4:dsdb Only reload partition metadata on search and transaction start
Andrew Bartlett [Wed, 14 Oct 2009 03:13:52 +0000 (14:13 +1100)]
s4:dsdb Only reload partition metadata on search and transaction start

I see no reason to reload it when in a transaction - it can't change
on us anyway (we possibly need to watch for our own changes to
@PARTITION however)

Andrew Bartlett

11 years agos4:dsdb Reload partition metadata if the main db updates
Andrew Bartlett [Wed, 14 Oct 2009 01:57:03 +0000 (12:57 +1100)]
s4:dsdb Reload partition metadata if the main db updates

This uses the fact that the primary DB does not change often.  Before
each operation, we see if the sequence number has changed.

Andrew Bartlett

11 years agos4:provision Test ability to set GUIDs from provision command line
Andrew Bartlett [Tue, 6 Oct 2009 03:11:44 +0000 (14:11 +1100)]
s4:provision Test ability to set GUIDs from provision command line

11 years agos4:provison Allow the NTDS guid on the command line (for testing)
Andrew Bartlett [Tue, 13 Oct 2009 11:11:34 +0000 (22:11 +1100)]
s4:provison Allow the NTDS guid on the command line (for testing)

This allows a blackbox test to confirm this can be set.

Andrew Bartlett

11 years agos4:dsdb Split 'set per-partition metadata' into it's own function
Andrew Bartlett [Wed, 14 Oct 2009 00:09:18 +0000 (11:09 +1100)]
s4:dsdb Split 'set per-partition metadata' into it's own function

This helps us ensure we always set the metadata, even when we are
'adding' a partition that is already in our list.  (We *really* don't
want these getting out of sync, and the extra writes are harmless)

Andrew Bartlett