7 years agofile_server: Move default VFS module settings to loadparm.c
Andrew Bartlett [Wed, 22 Aug 2012 13:34:24 +0000 (23:34 +1000)]
file_server: Move default VFS module settings to loadparm.c

This means that any utility that calls into the VFS layer will get the
right modules.

Because we use the fake_acls backend we need to override this whole
list in Samba4.pm however.

Andrew Bartlett

7 years agos4-dsdb: Remove unused variables
Andrew Bartlett [Wed, 22 Aug 2012 12:13:25 +0000 (22:13 +1000)]
s4-dsdb: Remove unused variables

7 years agos4-dsdb: Do not use a possibly-old loadparm context in schema reload
Andrew Bartlett [Wed, 22 Aug 2012 12:08:36 +0000 (22:08 +1000)]
s4-dsdb: Do not use a possibly-old loadparm context in schema reload

The loadparm context on the schema DB might have gone away already.
Pre-cache the schema refresh interval at load time to avoid worrying
about this.

Andrew Bartlett

7 years agos4-upgradeprovision: Use ntvfs in reference provision
Andrew Bartlett [Thu, 23 Aug 2012 07:27:50 +0000 (17:27 +1000)]
s4-upgradeprovision: Use ntvfs in reference provision

We do not need filesystem ACLs set when creating the reference provision, so it is
easier to use the NTVFS backend as it does not cause trouble with make test.

Andrew Bartlett

7 years agoselftest: Set --use-ntvfs for rodc, vampire_dc, promoted_vampire_dc and subdom_dc
Andrew Bartlett [Thu, 23 Aug 2012 10:17:57 +0000 (20:17 +1000)]
selftest: Set --use-ntvfs for rodc, vampire_dc, promoted_vampire_dc and subdom_dc

7 years agoselftest: Specify --use-ntvfs when testing the group code
Andrew Bartlett [Thu, 23 Aug 2012 11:09:39 +0000 (21:09 +1000)]
selftest: Specify --use-ntvfs when testing the group code

We do not need to set filesystem ACLs in this case.

Andrew Bartlett

7 years agoselftest: Specify --use-ntvfs when testing the newuser code
Andrew Bartlett [Thu, 23 Aug 2012 09:35:41 +0000 (19:35 +1000)]
selftest: Specify --use-ntvfs when testing the newuser code

We do not need to set filesystem ACLs in this case.

Andrew Bartlett

7 years agoselftest: Specify --use-ntvfs when testing the LDAP backend init code
Andrew Bartlett [Thu, 23 Aug 2012 08:03:45 +0000 (18:03 +1000)]
selftest: Specify --use-ntvfs when testing the LDAP backend init code

We do not need to set filesystem ACLs in this case.

Andrew Bartlett

7 years agoselftest: Specify --use-ntvfs for the chdcpass environment
Andrew Bartlett [Thu, 23 Aug 2012 03:27:35 +0000 (13:27 +1000)]
selftest: Specify --use-ntvfs for the chdcpass environment

7 years agos3:smb2_break: encrypt OPLOCK BREAK notifications
Stefan Metzmacher [Wed, 22 Aug 2012 08:33:07 +0000 (10:33 +0200)]
s3:smb2_break: encrypt OPLOCK BREAK notifications


Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Aug 23 10:01:14 CEST 2012 on sn-devel-104

7 years agos3:smb2_server: use smbXsrv_session->nonce_*
Stefan Metzmacher [Wed, 22 Aug 2012 08:30:52 +0000 (10:30 +0200)]
s3:smb2_server: use smbXsrv_session->nonce_*


7 years agosmbXsrv.idl: add nonce_* to smbsrv_session
Stefan Metzmacher [Wed, 22 Aug 2012 08:29:21 +0000 (10:29 +0200)]
smbXsrv.idl: add nonce_* to smbsrv_session


7 years agos3:smb2_server: remove dump_data() from smbd_smb2_request_pending_timer()
Stefan Metzmacher [Wed, 22 Aug 2012 08:32:09 +0000 (10:32 +0200)]
s3:smb2_server: remove dump_data() from smbd_smb2_request_pending_timer()

This was just for debugging...


7 years agoExtending space for fqdn in wbinfo --trusted-domains in verbose mode
Daniel Liberman [Tue, 24 Jul 2012 12:29:35 +0000 (09:29 -0300)]
Extending space for fqdn in wbinfo --trusted-domains in verbose mode

Microsoft documentation states that maximum fqdn length is 64 characters, so extending DNS Domain column to 65 characters.

Signed-off-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Aug 23 03:49:00 CEST 2012 on sn-devel-104

7 years agoRemove align_string(). No longer used.
Jeremy Allison [Tue, 21 Aug 2012 22:48:38 +0000 (15:48 -0700)]
Remove align_string(). No longer used.

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Aug 22 20:38:50 CEST 2012 on sn-devel-104

7 years agoFix bug in SMB_FIND_INFO_STANDARD parsing found by Volker.
Jeremy Allison [Tue, 21 Aug 2012 22:46:54 +0000 (15:46 -0700)]
Fix bug in SMB_FIND_INFO_STANDARD parsing found by Volker.

The function align_string() is now broken as base_ptr no longer
points at the start of the SMB data packet, but
at the start of the returned TRANS2 data area.

Replace it with a check for FLAGS2_UNICODE_STRINGS and
a call to ucs2_align().

7 years agos4-python: Complete python bindings for idmap.idl
Andrew Bartlett [Tue, 21 Aug 2012 13:21:41 +0000 (23:21 +1000)]
s4-python: Complete python bindings for idmap.idl

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Aug 22 03:08:51 CEST 2012 on sn-devel-104

7 years agos3-pysmbd: Correct the python type for smb_acl_t
Andrew Bartlett [Tue, 21 Aug 2012 12:41:13 +0000 (22:41 +1000)]
s3-pysmbd: Correct the python type for smb_acl_t

The t is weird, but the python bindings trim the traditional IDL name
prefix of each element, as it is usually rudundent.

Andrew Bartlett

7 years agos4-python: complete python bindigns for smb_acls.idl
Andrew Bartlett [Tue, 21 Aug 2012 12:40:12 +0000 (22:40 +1000)]
s4-python: complete python bindigns for smb_acls.idl

7 years agos3-vfs: Remove extra calls to SMB_VFS_HANDLE_GET_DATA
Andrew Bartlett [Tue, 21 Aug 2012 11:22:31 +0000 (21:22 +1000)]
s3-vfs: Remove extra calls to SMB_VFS_HANDLE_GET_DATA

Found by the talloc_stackframe() out of order checker!

Andrew Bartlett

7 years agoselftest: Pass --use-ntvfs to provison in renamedc test
Andrew Bartlett [Tue, 21 Aug 2012 21:25:59 +0000 (07:25 +1000)]
selftest: Pass --use-ntvfs to provison in renamedc test

Also fix test prefix to match the test

Andrew Bartlett

7 years agoselftest: Specify --use-ntvfs to provision in test scripts
Andrew Bartlett [Tue, 21 Aug 2012 10:04:16 +0000 (20:04 +1000)]
selftest: Specify --use-ntvfs to provision in test scripts

Because these run as non-root, we need to avoid doing things that will
fail during the provision.  The main test of the s3fs provision is the
plugin_s4_dc environment with a smb.conf that specifies vfs_fake_acls.

Andrew Bartlett

7 years agos4-classicupgrade: Add --use-ntvfs option
Andrew Bartlett [Tue, 21 Aug 2012 20:58:19 +0000 (06:58 +1000)]
s4-classicupgrade: Add --use-ntvfs option

This is an odd option, but is needed because I wish to add assertions about
ACL setting that will not work in make test without the vfs_fake_acls module

Andrew Bartlett

7 years agos4-provision: pass use_ntvfs from C wrappers and set to true in tests/vampire
Andrew Bartlett [Tue, 21 Aug 2012 09:58:18 +0000 (19:58 +1000)]
s4-provision: pass use_ntvfs from C wrappers and set to true in tests/vampire

None of these cases need the complexity of the s3fs backend.

Andrew Bartlett

7 years agos4:samldb LDB module - remove unused "member" attribute from search filter
Matthias Dieter Wallnöfer [Fri, 11 May 2012 09:53:46 +0000 (11:53 +0200)]
s4:samldb LDB module - remove unused "member" attribute from search filter

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
7 years agoLDB:ldb_tdb.c - deny multi-valued attributes manipulation with doublets
Matthias Dieter Wallnöfer [Thu, 10 May 2012 14:18:37 +0000 (16:18 +0200)]
LDB:ldb_tdb.c - deny multi-valued attributes manipulation with doublets

This refers to LDB add operations as well, we have only to be careful on
"@ATTRIBUTES" entries.


dn: cn=testperson,cn=users,dc=...,dc=...
objectClass: person
url: www.example.com
url: www.example.com

should not work.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
7 years agoLDB:ldbsearch - add search filter tests
Matthias Dieter Wallnöfer [Thu, 10 May 2012 08:11:51 +0000 (10:11 +0200)]
LDB:ldbsearch - add search filter tests

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
7 years agoLDB:ldbsearch - search filters do not only contain "="
Matthias Dieter Wallnöfer [Fri, 4 May 2012 09:59:22 +0000 (11:59 +0200)]
LDB:ldbsearch - search filters do not only contain "="

Also "<=", ">=", "~"... are allowed as well. Enumeration taken from
This was the cause of not identifying the search filter as described in bug

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
7 years agos4:dsdb - always fail if a search filter could not be parsed
Matthias Dieter Wallnöfer [Fri, 4 May 2012 09:42:14 +0000 (11:42 +0200)]
s4:dsdb - always fail if a search filter could not be parsed

A NULL string/expression returns the generic "(objectClass=*)" filter

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
7 years agoLDB:ldif_handlers.c - LDB_OP_GREATER/LDB_OP_LESS are thought as ">=" or "<="
Matthias Dieter Wallnöfer [Fri, 4 May 2012 09:41:03 +0000 (11:41 +0200)]
LDB:ldif_handlers.c - LDB_OP_GREATER/LDB_OP_LESS are thought as ">=" or "<="

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
7 years agos4:dsdb_sort_objectClass_attr - simplify memory context handling
Matthias Dieter Wallnöfer [Fri, 4 May 2012 06:51:41 +0000 (08:51 +0200)]
s4:dsdb_sort_objectClass_attr - simplify memory context handling

Do only require the out memory context and build the temporary one in
the body of the function. This greatly simplifies the callers.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
7 years agos4:dsdb_sort_objectClass_attr - use "data_blob_string_const" for setting values
Matthias Dieter Wallnöfer [Fri, 4 May 2012 06:46:29 +0000 (08:46 +0200)]
s4:dsdb_sort_objectClass_attr - use "data_blob_string_const" for setting values

As shown in commit c8e6d8b487 this looks easier and in any case we can
treat schema context data like global data.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
7 years agolibcli: fix value of NT_STATUS_FILE_NOT_AVAILABLE
Björn Jacke [Tue, 21 Aug 2012 16:29:51 +0000 (18:29 +0200)]
libcli: fix value of NT_STATUS_FILE_NOT_AVAILABLE

Autobuild-User(master): Björn Jacke <bj@sernet.de>
Autobuild-Date(master): Wed Aug 22 01:30:06 CEST 2012 on sn-devel-104

7 years agoFix bug #9098 - winbind does not refresh kerberos tickets.
Jeremy Allison [Tue, 21 Aug 2012 18:24:58 +0000 (11:24 -0700)]
Fix bug #9098 - winbind does not refresh kerberos tickets.

Based on work from Ian Gordon <ian.gordon@strath.ac.uk>.

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Aug 21 22:01:15 CEST 2012 on sn-devel-104

7 years agoselftest: Add tests for vfs_aio_fork
Andrew Bartlett [Tue, 21 Aug 2012 09:22:54 +0000 (19:22 +1000)]
selftest: Add tests for vfs_aio_fork

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Aug 21 13:12:33 CEST 2012 on sn-devel-104

7 years agos3-vfs: Make vfs_aio_fork erratic timing behaviour a run-time option
Andrew Bartlett [Tue, 21 Aug 2012 09:22:37 +0000 (19:22 +1000)]
s3-vfs: Make vfs_aio_fork erratic timing behaviour a run-time option

This will allow this to be tested as part of a normal selftest.

Andrew Bartlett

7 years agobuild: Create bin/ when doing 'waf dist' from a fresh checkout
Andrew Bartlett [Tue, 21 Aug 2012 05:22:25 +0000 (15:22 +1000)]
build: Create bin/ when doing 'waf dist' from a fresh checkout

As suggested by Amitay.

Andrew Bartlett

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Aug 21 09:03:02 CEST 2012 on sn-devel-104

7 years agos3-pysmbd: Add get/set functions for the posix ACL layer
Andrew Bartlett [Tue, 21 Aug 2012 05:11:30 +0000 (15:11 +1000)]
s3-pysmbd: Add get/set functions for the posix ACL layer

These will be used to verify that an ACL set as an NT ACL creates
the correct posix ACL.

Andrew Bartlett

7 years agos3-pysmbd: Correct comments in python VFS bindings
Andrew Bartlett [Tue, 21 Aug 2012 05:10:43 +0000 (15:10 +1000)]
s3-pysmbd: Correct comments in python VFS bindings

7 years agos3-passdb: Allow pdb_sid_to_id to work on any SID
Andrew Bartlett [Tue, 21 Aug 2012 04:56:45 +0000 (14:56 +1000)]
s3-passdb: Allow pdb_sid_to_id to work on any SID

This is needed so that pdb_samba4 can map any SID during a provision.

At runtime, winbindd will be asked first, but this shortcut direct to the
ldb file makes it possible to set the permissions on the sysvol share at
provision time.

Andrew Bartlett

7 years agos3-pysmbd: Add hook for a VFS chown()
Andrew Bartlett [Tue, 21 Aug 2012 04:23:35 +0000 (14:23 +1000)]
s3-pysmbd: Add hook for a VFS chown()

7 years agobuild: Remove special case for the build farm
Andrew Bartlett [Mon, 20 Aug 2012 22:16:24 +0000 (08:16 +1000)]
build: Remove special case for the build farm

Except in the formatting of the selftest output, this removes the special case
of the build farm, so that an autobuild, a manual make test and the build farm
are more similar.

Andrew Bartlett

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Aug 21 06:39:04 CEST 2012 on sn-devel-104

7 years agobuild: Remove accidentily added line in samba_version.py
Andrew Bartlett [Mon, 20 Aug 2012 21:57:14 +0000 (07:57 +1000)]
build: Remove accidentily added line in samba_version.py

This was incorrectly added in 0e441636afd5923a92f7eb29d66dfa52e2f0a5c3.

Andrew Bartlett

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Aug 21 03:11:16 CEST 2012 on sn-devel-104

7 years agoFix bug #9104 - winbindd can mis-identify idle clients - can cause crashes and NDR...
Herb Lewis [Mon, 20 Aug 2012 21:51:28 +0000 (14:51 -0700)]
Fix bug #9104 - winbindd can mis-identify idle clients - can cause crashes and NDR parsing errors.

A connection is idle when both struct winbindd_cli_state->request AND
struct winbindd_cli_state->response are NULL. Otherwise we can flag
as idle a connection in the state of having sent the request to
the winbindd child (request != NULL) but not yet received a reply
(response == NULL).

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Aug 21 01:31:46 CEST 2012 on sn-devel-104

7 years agos4-torture: Use torture_fail() in the unix.unix_info2 test
Andrew Bartlett [Mon, 20 Aug 2012 11:29:26 +0000 (21:29 +1000)]
s4-torture: Use torture_fail() in the unix.unix_info2 test

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Aug 20 15:36:48 CEST 2012 on sn-devel-104

7 years agoselftest: Use new fake_acls module
Andrew Bartlett [Wed, 15 Aug 2012 10:35:05 +0000 (20:35 +1000)]
selftest: Use new fake_acls module

This isolates us from the OS ACL library, and allows chown to 'work'
when we are non-root.  In turn, this ensures that we can test the SMB
-> POSIX layer even when the OS would refuse the set due to non-root
or simply not having acls enabled on this particular file system.

This should make a number of build farm tests much more reliable, and
allows a number more tests to pass.

Andrew Bartlett

7 years agos4-torture: Show that we cannot list extended attributes on streams
Andrew Bartlett [Sun, 19 Aug 2012 12:46:21 +0000 (22:46 +1000)]
s4-torture: Show that we cannot list extended attributes on streams

7 years agos4-torture: Show that we cannot have extended attributes on streams
Andrew Bartlett [Sun, 19 Aug 2012 11:55:13 +0000 (21:55 +1000)]
s4-torture: Show that we cannot have extended attributes on streams

7 years agos4-torture: Improve raw.streams test to cover EAs and to use torture_assert()
Andrew Bartlett [Sun, 19 Aug 2012 11:01:33 +0000 (21:01 +1000)]
s4-torture: Improve raw.streams test to cover EAs and to use torture_assert()

The extension of this test is to create an extended attribute, so we
can confirm that the easize field on a stream actually refers to the
parent file.

This has been run against Windows 7.

Andrew Bartlett

7 years agodoc-BUILD_SYSTEMS.txt: The grand rename is complete
Andrew Bartlett [Sat, 18 Aug 2012 22:17:45 +0000 (08:17 +1000)]
doc-BUILD_SYSTEMS.txt: The grand rename is complete

7 years agoWHATSNEW: Remove over-caution on s3fs and explain browsing better
Andrew Bartlett [Sat, 18 Aug 2012 13:58:26 +0000 (23:58 +1000)]
WHATSNEW: Remove over-caution on s3fs and explain browsing better

7 years agobuild: Do not put a .distversion file into the GIT tree
Andrew Bartlett [Sat, 18 Aug 2012 11:25:30 +0000 (21:25 +1000)]
build: Do not put a .distversion file into the GIT tree

This places the file only in the tarball, and shows how to
auto-generate other files for placement in the tarball.

Andrew Bartlett

7 years agos3-build: Enable vfs_fake_acls when in developer mode or on the build farm
Andrew Bartlett [Sat, 18 Aug 2012 14:27:01 +0000 (00:27 +1000)]
s3-build: Enable vfs_fake_acls when in developer mode or on the build farm

7 years agos3-vfs: Add lstat and lchown hooks to the vfs_fake_acls module
Andrew Bartlett [Mon, 20 Aug 2012 11:28:57 +0000 (21:28 +1000)]
s3-vfs: Add lstat and lchown hooks to the vfs_fake_acls module

7 years agos3-vfs: Correct the implementation of fake_acls_sys_acl_delete_def_file()
Andrew Bartlett [Sat, 18 Aug 2012 14:01:57 +0000 (00:01 +1000)]
s3-vfs: Correct the implementation of fake_acls_sys_acl_delete_def_file()

7 years agos3-vfs: Use the system. namespace for fake ACLs
Andrew Bartlett [Mon, 20 Aug 2012 00:10:27 +0000 (10:10 +1000)]
s3-vfs: Use the system. namespace for fake ACLs

By using the system. namespace, we make sure this is only run on top of a TDB
based ACL store (ie in make test).

Andrew Bartlett

7 years agos3-smbd: ensure we give appropriate errors for EA requests on streams
Andrew Bartlett [Sun, 19 Aug 2012 12:46:58 +0000 (22:46 +1000)]
s3-smbd: ensure we give appropriate errors for EA requests on streams

7 years agos3-smbd: Do not look for EA information on a stream
Andrew Bartlett [Sun, 19 Aug 2012 11:58:56 +0000 (21:58 +1000)]
s3-smbd: Do not look for EA information on a stream

The estimated EA size needs to be of the main file.  However, the fsp
may point to the stream, so we need to ignore it if this is the case.

This may mean we estimate wrong if there has been a rename.

Andrew Bartlett

7 years agos3-smbd: Push smb_fname into estimate_ea_size
Andrew Bartlett [Sun, 19 Aug 2012 05:24:04 +0000 (15:24 +1000)]
s3-smbd: Push smb_fname into estimate_ea_size

This ensures that we return the ea size of the stream, not the overall file.

This is important as if there is an EA on the main file, the raw.streams
test was failing.

Andrew Bartlett

7 years agos4-ntvfs: Add TODO on ea_size
Andrew Bartlett [Sun, 19 Aug 2012 23:49:30 +0000 (09:49 +1000)]
s4-ntvfs: Add TODO on ea_size

This is almost certainly un-important.

Andrew Bartlett

7 years agos4-ntvfs: Ensure we do not attempt to write EAs on streams
Andrew Bartlett [Sun, 19 Aug 2012 23:47:43 +0000 (09:47 +1000)]
s4-ntvfs: Ensure we do not attempt to write EAs on streams

7 years agos3-vfs: Allow vfs_xattr_tdb to work without a connected share
Andrew Bartlett [Mon, 20 Aug 2012 09:20:19 +0000 (19:20 +1000)]
s3-vfs: Allow vfs_xattr_tdb to work without a connected share

This is needed to that get_nt_acl_no_snum() can work.

Andrew Bartlett

7 years agos4:torture:basic: add more delete test - variants of deltest16 and deltest17
Michael Adam [Wed, 8 Aug 2012 21:43:05 +0000 (23:43 +0200)]
s4:torture:basic: add more delete test - variants of deltest16 and deltest17

There seems to be a difference if the initial delete_on_close flag
was set on a handle that created the file or if the handle if was
for a file that already existed.

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Aug 17 21:44:24 CEST 2012 on sn-devel-104

7 years agos3: add a debug message for failed execv in sys_popen()
Michael Adam [Wed, 1 Aug 2012 13:42:49 +0000 (15:42 +0200)]
s3: add a debug message for failed execv in sys_popen()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
7 years agolib/util: add server_id_set_disconnected() and server_id_is_disconnected()
Michael Adam [Mon, 6 Aug 2012 14:35:46 +0000 (16:35 +0200)]
lib/util: add server_id_set_disconnected() and server_id_is_disconnected()

Utility functions for handling the special placeholder server-id value
for disconnected clients (to be used for durable handles).

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

7 years agolib/util: let server_id_str() skip the task_id if 0 in the cluster case too
Stefan Metzmacher [Fri, 17 Aug 2012 10:50:09 +0000 (12:50 +0200)]
lib/util: let server_id_str() skip the task_id if 0 in the cluster case too

server_id_from_string() already handles that case.


7 years agos3:lib: implement interpret_pid() as wrapper of server_id_from_string()
Stefan Metzmacher [Fri, 17 Aug 2012 10:49:26 +0000 (12:49 +0200)]
s3:lib: implement interpret_pid() as wrapper of server_id_from_string()


7 years agolib/util: add server_id_from_string()
Stefan Metzmacher [Fri, 17 Aug 2012 10:47:57 +0000 (12:47 +0200)]
lib/util: add server_id_from_string()


7 years agos3:lib: implement serverid_equal() as macro of server_id_equal()
Stefan Metzmacher [Fri, 17 Aug 2012 10:45:33 +0000 (12:45 +0200)]
s3:lib: implement serverid_equal() as macro of server_id_equal()


7 years agolib/util: add server_id_equal()
Stefan Metzmacher [Fri, 17 Aug 2012 10:41:02 +0000 (12:41 +0200)]
lib/util: add server_id_equal()


7 years agos3:vfs_tsmsm only send notifications when file was offline before
Christian Ambach [Fri, 17 Aug 2012 15:40:24 +0000 (17:40 +0200)]
s3:vfs_tsmsm only send notifications when file was offline before

Autobuild-User(master): Christian Ambach <ambi@samba.org>
Autobuild-Date(master): Fri Aug 17 20:05:30 CEST 2012 on sn-devel-104

7 years agos3: Adapt the tsmsm module to the new aio routines
Volker Lendecke [Fri, 10 Aug 2012 09:33:54 +0000 (11:33 +0200)]
s3: Adapt the tsmsm module to the new aio routines

Signed-off-by: Christian Ambach <ambi@samba.org>
7 years agos3-vfs: Fix calls of lp_parm_talloc_string
Volker Lendecke [Wed, 8 Aug 2012 09:23:12 +0000 (11:23 +0200)]
s3-vfs: Fix calls of lp_parm_talloc_string

Signed-off-by: Christian Ambach <ambi@samba.org>
7 years agos3: Remove the gpfs_hsm_notify module
Volker Lendecke [Wed, 8 Aug 2012 08:38:36 +0000 (10:38 +0200)]
s3: Remove the gpfs_hsm_notify module

The functionality has been merged into vfs_gpfs

Signed-off-by: Christian Ambach <ambi@samba.org>
7 years agos3: Merge vfs_gpfs_hsm_notify into vfs_gpfs.c
Volker Lendecke [Tue, 7 Aug 2012 22:32:35 +0000 (00:32 +0200)]
s3: Merge vfs_gpfs_hsm_notify into vfs_gpfs.c

It was separated out because formerly our async I/O was not properly
stackable. aio_fork could for example catch aio and not get aio_return
get through to vfs_gpfs

Signed-off-by: Christian Ambach <ambi@samba.org>
7 years agos4-dsdb: Use tmp_ctx in kccsrv_check_deleted to avoid leaking memory onto part->dn
Andrew Bartlett [Fri, 17 Aug 2012 13:04:56 +0000 (23:04 +1000)]
s4-dsdb: Use tmp_ctx in kccsrv_check_deleted to avoid leaking memory onto part->dn

The confusing use of do_dn as a memory context while legitimate
created a bug when it was copied and modified to search on a DN from
long-term state.

By always using a temporary memory context it is clear what paramter
is the memory context.

This was found based on a log provided by Ricky Nance
<ricky.nance@weaubleau.k12.mo.us>.  Thanks Ricky!

Andrew Bartlett

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Aug 17 18:24:10 CEST 2012 on sn-devel-104

7 years agos4-kcc: Avoid use-after-free of dn and add tmp_ctx
Andrew Bartlett [Fri, 17 Aug 2012 12:47:44 +0000 (22:47 +1000)]
s4-kcc: Avoid use-after-free of dn and add tmp_ctx

By using a tmp_ctx we are clearer about allocating temporary memory.

Andrew Bartlett

7 years agos3:selftest: add some tests against a share the requires encryption
Stefan Metzmacher [Fri, 17 Aug 2012 06:50:21 +0000 (08:50 +0200)]
s3:selftest: add some tests against a share the requires encryption


Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Aug 17 16:34:26 CEST 2012 on sn-devel-104

7 years agos3:smb2_negprot: annouce/negotiate SMB3 encryption support
Stefan Metzmacher [Wed, 8 Aug 2012 05:07:53 +0000 (07:07 +0200)]
s3:smb2_negprot: annouce/negotiate SMB3 encryption support


7 years agos3:smb2_server: add SMB3 encryption support
Stefan Metzmacher [Wed, 8 Aug 2012 05:07:03 +0000 (07:07 +0200)]
s3:smb2_server: add SMB3 encryption support


7 years agos3:smbd: don't disconnect the client when a share has "smb encrypt = required"
Stefan Metzmacher [Fri, 17 Aug 2012 07:42:27 +0000 (09:42 +0200)]
s3:smbd: don't disconnect the client when a share has "smb encrypt = required"

It's not the client fault, if he doesn't know that encryption is required.
We should just return ACCESS_DENIED and let the client work on other
shares and open files on the current SMB connection.


7 years agos3:smbd: lp_smb_encrypt() returns SMB_SIGNING_* values
Stefan Metzmacher [Fri, 17 Aug 2012 07:40:52 +0000 (09:40 +0200)]
s3:smbd: lp_smb_encrypt() returns SMB_SIGNING_* values


7 years agos3:smbd: make use of ENCRYPTION_REQUIRED()
Stefan Metzmacher [Fri, 17 Aug 2012 07:41:42 +0000 (09:41 +0200)]
s3:smbd: make use of ENCRYPTION_REQUIRED()


7 years agolibcli/smb: make sure the SMB2_TRANSFORM pdu is complete
Stefan Metzmacher [Fri, 17 Aug 2012 06:31:52 +0000 (08:31 +0200)]
libcli/smb: make sure the SMB2_TRANSFORM pdu is complete


7 years agos4:libcli/smb2: reset trsnport->compound.related when a compound chain is finished
Stefan Metzmacher [Fri, 17 Aug 2012 06:25:08 +0000 (08:25 +0200)]
s4:libcli/smb2: reset trsnport->compound.related when a compound chain is finished


7 years agobuild: Ensure -Werror=format works with -Wformat=2 on NULL format strings
Andrew Bartlett [Fri, 17 Aug 2012 10:43:07 +0000 (20:43 +1000)]
build: Ensure -Werror=format works with -Wformat=2 on NULL format strings

This should fix the build on some gcc versions, (noticed on FreeBSD by Volker).

We want the protection of -Werror=format without the errors extending
to the format string itself being NULL, because that is valid for

Andrew Bartlett

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Aug 17 14:50:16 CEST 2012 on sn-devel-104

7 years agos4-dsdb: Ensure we always free tmp_ctx in schema refresh check
Andrew Bartlett [Fri, 17 Aug 2012 02:42:15 +0000 (12:42 +1000)]
s4-dsdb: Ensure we always free tmp_ctx in schema refresh check

This was found based on a log provided by Ricky Nance
<ricky.nance@weaubleau.k12.mo.us>.  Thanks Ricky!

In that log, over 2.5 days this particular allocation was repeated:

1715099     talloc_new: ../source4/dsdb/samdb/ldb_modules/schema_load.c:120 contains      0 bytes in   1 blocks

Andrew Bartlett

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Aug 17 06:21:18 CEST 2012 on sn-devel-104

7 years agoFix bug #9085 - NMB registration for a duplicate workstation fails with registration...
S Hargagan [Thu, 16 Aug 2012 23:27:10 +0000 (16:27 -0700)]
Fix bug #9085 - NMB registration for a duplicate workstation fails with registration refuse

Signed-off-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Aug 17 04:15:21 CEST 2012 on sn-devel-104

7 years agos3-torture: Allow vfstest to set ACLs on a directory
Andrew Bartlett [Thu, 16 Aug 2012 06:50:47 +0000 (16:50 +1000)]
s3-torture: Allow vfstest to set ACLs on a directory

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Aug 17 02:35:49 CEST 2012 on sn-devel-104

7 years agos4: Fix returns in py_check_dcerpc_type
Volker Lendecke [Thu, 16 Aug 2012 09:38:26 +0000 (11:38 +0200)]
s4: Fix returns in py_check_dcerpc_type

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
7 years agos3:smb2_server: try to sign an error response if we have a signing key
Stefan Metzmacher [Thu, 16 Aug 2012 13:14:51 +0000 (15:14 +0200)]
s3:smb2_server: try to sign an error response if we have a signing key


Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Aug 17 00:54:01 CEST 2012 on sn-devel-104

7 years agos3:smb2_server: verify the signature before the session_status
Stefan Metzmacher [Thu, 16 Aug 2012 13:08:40 +0000 (15:08 +0200)]
s3:smb2_server: verify the signature before the session_status


7 years agos3:smb2_server: add some const to print_req_vectors()
Stefan Metzmacher [Thu, 16 Aug 2012 10:00:57 +0000 (12:00 +0200)]
s3:smb2_server: add some const to print_req_vectors()


7 years agos4:cldap_server: only return DS_SERVER_*TIMESERV if "ntp_signd" is used
Stefan Metzmacher [Thu, 16 Aug 2012 11:32:14 +0000 (13:32 +0200)]
s4:cldap_server: only return DS_SERVER_*TIMESERV if "ntp_signd" is used


7 years agos4:cldap_server: set DS_SERVER_SELECT_SECRET_DOMAIN_6 if we're a RODC
Stefan Metzmacher [Thu, 16 Aug 2012 11:31:33 +0000 (13:31 +0200)]
s4:cldap_server: set DS_SERVER_SELECT_SECRET_DOMAIN_6 if we're a RODC


7 years agos3-libsmb: Add a simple test for python bindings
Volker Lendecke [Wed, 15 Aug 2012 12:08:45 +0000 (14:08 +0200)]
s3-libsmb: Add a simple test for python bindings

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Aug 16 22:49:06 CEST 2012 on sn-devel-104

7 years agos3-libsmb: Add a python wrapper
Volker Lendecke [Thu, 2 Aug 2012 21:21:27 +0000 (23:21 +0200)]
s3-libsmb: Add a python wrapper

Please note that this is not finished and only for internal use.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
7 years agotevent: change version to 0.9.17 after adding the "poll_mt" backend tevent-0.9.17
Stefan Metzmacher [Thu, 16 Aug 2012 19:06:45 +0000 (21:06 +0200)]
tevent: change version to 0.9.17 after adding the "poll_mt" backend


7 years agotevent: Add threaded poll_mt testcase
Volker Lendecke [Mon, 30 Jul 2012 07:09:46 +0000 (09:09 +0200)]
tevent: Add threaded poll_mt testcase

Signed-off-by: Stefan Metzmacher <metze@samba.org>
7 years agolib/tevent: Add a thread-safe tevent backend
Volker Lendecke [Mon, 13 Aug 2012 14:06:01 +0000 (16:06 +0200)]
lib/tevent: Add a thread-safe tevent backend

Signed-off-by: Stefan Metzmacher <metze@samba.org>