Andrew Bartlett [Tue, 31 Jan 2012 01:53:30 +0000 (12:53 +1100)]
s3-auth: Add extra error messages on authentication or authorization failure
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Tue, 31 Jan 2012 07:14:19 +0000 (18:14 +1100)]
auth: Cope with NO_USER_SESSION_KEY from security=server
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Mon, 30 Jan 2012 11:42:39 +0000 (22:42 +1100)]
auth: Move the rest of the source4 gensec_ntlmssp code to the top level
The ntlmssp_server code will be in common shortly, and aside from a
symbol name or two, moving the client code causes no harm and makes
less mess. We will also get the client code in common very soon.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Mon, 30 Jan 2012 11:11:41 +0000 (22:11 +1100)]
s3-auth Hook checking passwords and generating session_info via the auth4_context
This avoids creating a second auth_context, as it is a private pointer
in the auth4_context that has already been passed in, and makes the
gensec_ntlmssp code agnostic to the type of authentication backend
behind it. This will in turn allow the ntlmssp server code to be
further merged.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Tue, 31 Jan 2012 09:50:36 +0000 (20:50 +1100)]
s3-build: Use credentials_ntlm.c in the autoconf build as well
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Fri, 17 Feb 2012 04:42:25 +0000 (15:42 +1100)]
build: Add exceptions for callcatcher unused function detection
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Fri Feb 17 09:12:47 CET 2012 on sn-devel-104
Andrew Bartlett [Fri, 17 Feb 2012 02:43:12 +0000 (13:43 +1100)]
wintest: Update Win2003 VM
Andrew Bartlett [Fri, 17 Feb 2012 02:36:35 +0000 (13:36 +1100)]
auth/kerberos: Move gse_get_session_key() to common code and use in gensec_gssapi
Thie ensures that both code bases use the same logic to determine the use
of NEW_SPNEGO.
Andrew Bartlett
Andrew Bartlett [Fri, 17 Feb 2012 01:35:14 +0000 (12:35 +1100)]
s3-gse: Allow kerberos key type OID to be optional
Andrew Bartlett [Fri, 17 Feb 2012 01:30:55 +0000 (12:30 +1100)]
s3-gse: Fix OID to read for kerberos key type
Andrew Bartlett [Fri, 17 Feb 2012 01:04:19 +0000 (12:04 +1100)]
s3-librpc: Remove backup declaration of GSS_C_DCE_STYLE
All our supported krb5 libs provide this.
Andrew Bartlett
Andrew Bartlett [Fri, 17 Feb 2012 01:00:56 +0000 (12:00 +1100)]
s3-gse: Remove unused OID declaration
Andrew Bartlett [Fri, 17 Feb 2012 00:27:29 +0000 (11:27 +1100)]
wintest: give host longer to register the SRV record
Andrew Bartlett [Fri, 17 Feb 2012 00:27:02 +0000 (11:27 +1100)]
wintest: use net rpc to put authenticated users into TelentClients if we need to
Andrew Bartlett [Fri, 17 Feb 2012 00:26:23 +0000 (11:26 +1100)]
wintest: Allow Windows VM to have no default route
Jeremy Allison [Fri, 17 Feb 2012 00:14:14 +0000 (16:14 -0800)]
Replace smbd_server_connection_loop_once() with tevent_loop_once() directly.
We no longer need to call poll() directly inside smbd !
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Fri Feb 17 02:49:13 CET 2012 on sn-devel-104
Andrew Bartlett [Thu, 9 Feb 2012 02:16:55 +0000 (13:16 +1100)]
lib/util: Remove sys_poll as it is no longer needed
sys_poll() is only needed if the signal pipe is set up and used, but as
no signal handler ever writes to the pipe, this can all be removed.
signal based events are now handled via tevent.
Andrew Bartlett
Signed-off-by: Jeremy Allison <jra@samba.org>
Andrew Bartlett [Thu, 9 Feb 2012 02:02:14 +0000 (13:02 +1100)]
lib/util: Remove unused sys_select_signal()
Now sys_poll needs to be cleaned up not to refer to the pipe that is now not used.
Andrew Bartlett
Signed-off-by: Jeremy Allison <jra@samba.org>
Andrew Bartlett [Tue, 7 Feb 2012 11:27:53 +0000 (22:27 +1100)]
s3-librpc: Remove gse_verify_server_auth_flags
gensec_update() ensures that DCE-style and sign/seal are negotiated correctly
for DCE/RPC pipes. Also, the smb sealing client/server already check for the
gensec_have_feature().
This additional check just keeps causing trouble, and is 'protecting'
an already secure negoitated exchange.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Thu Feb 16 21:19:44 CET 2012 on sn-devel-104
Stefan Metzmacher [Mon, 6 Feb 2012 13:06:10 +0000 (14:06 +0100)]
docs-xml: remove docs for "send spnego principal"
metze
Andrew Bartlett [Fri, 3 Feb 2012 00:57:30 +0000 (11:57 +1100)]
s3-param Remove off-by-default and unused "send spnego principal"
This is not honoured by the common SPNEGO code.
This matches mondern windows versions which do not send this value, as
it would be insecure for a client to rely on it. (See also the
depricated client use spnego principal directive).
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Fri, 3 Feb 2012 00:54:32 +0000 (11:54 +1100)]
s3-smbd Remove unused code now we always have SPNEGO via gensec
This was previously needed because SPNEGO was only available in the AD DC.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Mon, 6 Feb 2012 01:40:38 +0000 (12:40 +1100)]
s3-librpc: Use gensec_spnego for DCE/RPC authentication
This ensures that we use the same SPNEGO code on session setup and on
DCE/RPC binds, and simplfies the calling code as spnego is no longer
a special case in cli_pipe.c
A special case wrapper function remains to avoid changing the
application layer callers in this patch.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Tue, 14 Feb 2012 07:29:54 +0000 (18:29 +1100)]
s3-gse: Use the session key type, not the lucid context to set NEW_SPNEGO
Using gss_krb5_export_lucid_sec_context() is a problem with MIT krb5, as
it (reasonably, I suppose) invalidates the gssapi context on which it
is called. Instead, we look to the type of session key which is
negotiated, and see if it not AES (or newer).
If we negotiated AES or newer, then we set GENSEC_FEATURE_NEW_SPENGO
so that we know to generate valid mechListMic values in SPNEGO.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Mon, 6 Feb 2012 01:25:41 +0000 (12:25 +1100)]
s3-librpc: Remove unused bool gensec_hook
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Mon, 6 Feb 2012 07:14:54 +0000 (08:14 +0100)]
s3:rpc_client: fix comment
metze
Andrew Bartlett [Mon, 6 Feb 2012 02:37:12 +0000 (13:37 +1100)]
s3-librpc: make gensec result handling more generic
This prepares us for handling SPNEGO via gensec
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Thu, 16 Feb 2012 11:08:30 +0000 (12:08 +0100)]
wafsamba: exclude '.brzignore' from "make dist"
.bzrignore can cause unwanted effects, if one e.g. maintains
a packaging (like debian) of the generated distribution in bzr.
Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Thu Feb 16 13:47:52 CET 2012 on sn-devel-104
Michael Adam [Wed, 15 Feb 2012 14:34:58 +0000 (15:34 +0100)]
wafsamba: exclude '.gitignore' from "make dist"
.gitignore can cause unwanted effects, if one e.g. maintains
a packaging (like debian) of the generated distribution in git
Michael Adam [Wed, 15 Feb 2012 15:07:54 +0000 (16:07 +0100)]
wafsamba: fix blacklist handling in "make dist"
Michael Adam [Thu, 16 Feb 2012 11:06:34 +0000 (12:06 +0100)]
s4:provision: only print the adminpass if it was generated (not user-provided)
Michael Adam [Thu, 16 Feb 2012 10:21:30 +0000 (11:21 +0100)]
s4:provision: generate the adminpass provision() instead of provision_fill()
so that the adminpass can be logged at the end
(otherwise we get "None")
Michael Adam [Wed, 15 Feb 2012 23:51:54 +0000 (00:51 +0100)]
s4:provision: don't log the ldap admin password - it is internal only
Björn Baumbach [Tue, 24 Jan 2012 12:02:13 +0000 (13:02 +0100)]
s4-scripting: samba-tool: Fix domain info usage message
Signed-off-by: Michael Adam <obnox@samba.org>
Björn Baumbach [Tue, 10 Jan 2012 15:43:27 +0000 (16:43 +0100)]
s4-selftest: fix output of opened connections in torture_holdcon
Signed-off-by: Michael Adam <obnox@samba.org>
Christopher R. Hertel (crh) [Wed, 15 Feb 2012 03:51:35 +0000 (21:51 -0600)]
Rename obscure defined constants.
Replaced the undescriptive SMB_PORT1 and SMB_PORT2 defined constants
with the slightly more descriptive names NBT_SMB_PORT and TCP_SMB_PORT.
Also replaced several hard-coded references to the well-known port
numbers (139 and 445, respectively) as appropriate.
Small changes to clarify some comments regarding the two transport
types.
Signed-off-by: Simo Sorce <idra@samba.org>
Autobuild-User: Simo Sorce <idra@samba.org>
Autobuild-Date: Thu Feb 16 08:29:41 CET 2012 on sn-devel-104
Andrew Bartlett [Tue, 14 Feb 2012 10:42:16 +0000 (21:42 +1100)]
s3-selftest: Remove .posix_s3 from s3 test names
As far as I can tell, this simply referred to the posix_s3.sh script
that originally ran these tests.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Thu Feb 16 06:57:09 CET 2012 on sn-devel-104
Andrew Bartlett [Mon, 13 Feb 2012 22:05:21 +0000 (09:05 +1100)]
selftest: Remove 'if have_ads_support:' from tests.py
The selftest system now skips launching these if the environment is not available.
Andrew Bartlett
Andrew Bartlett [Mon, 13 Feb 2012 06:44:34 +0000 (17:44 +1100)]
s3-smbd: Avoid starting log lines with the word 'error'
Andrew Bartlett [Thu, 16 Feb 2012 04:12:49 +0000 (15:12 +1100)]
selftest: skip plugin_s4_dc if we do not have ADS
Andrew Bartlett [Thu, 16 Feb 2012 04:10:00 +0000 (15:10 +1100)]
selftest: Run nsstest against more environments
Andrew Bartlett [Mon, 13 Feb 2012 22:04:16 +0000 (09:04 +1100)]
selftest: skip targets that are not compiled in if we do not have ADS
Andrew Bartlett [Tue, 14 Feb 2012 08:22:14 +0000 (19:22 +1100)]
s3-selftest: Require SMB signing for ktest environment
This will help weed out session key errors in the krb5 code.
Andrew Bartlett
Andrew Bartlett [Tue, 14 Feb 2012 21:55:05 +0000 (08:55 +1100)]
selftest: Do not start up an already-running test environment
Otherwise we may re-provision the dc just because we started it via s3member or s4member
first.
Andrew Bartlett
Andrew Bartlett [Wed, 15 Feb 2012 05:08:05 +0000 (16:08 +1100)]
selftest: Make plugin_s4_dc set the cached environment correctly
Andrew Bartlett [Thu, 16 Feb 2012 02:51:10 +0000 (13:51 +1100)]
wintest: update WinXP-1 snapshot
Andrew Bartlett [Thu, 16 Feb 2012 00:34:49 +0000 (11:34 +1100)]
wintest: Change Windows 7 VM
Andrew Bartlett [Wed, 15 Feb 2012 03:44:24 +0000 (14:44 +1100)]
wintest: Give the Windows VM a little more time to start back up
Andrew Bartlett [Tue, 14 Feb 2012 23:08:07 +0000 (10:08 +1100)]
wintest: Samba is now all version 4.0
Andrew Bartlett [Tue, 14 Feb 2012 22:29:27 +0000 (09:29 +1100)]
wintest: Cope with nc not timing out even when -w 1 is specified
Andrew Bartlett [Tue, 14 Feb 2012 11:43:50 +0000 (22:43 +1100)]
wintest: s3 moved smb.conf to /etc
Andrew Bartlett [Tue, 14 Feb 2012 10:42:44 +0000 (21:42 +1100)]
wintest: Update VM used for W2K8R2A
Andrew Bartlett [Thu, 16 Feb 2012 03:01:44 +0000 (14:01 +1100)]
wintest: Allow access denied when turning off the firewall
Andrew Bartlett [Thu, 16 Feb 2012 02:51:55 +0000 (13:51 +1100)]
wintest: Retry joining the domain a few times
Andrew Bartlett [Thu, 16 Feb 2012 02:51:32 +0000 (13:51 +1100)]
wintest: connect to correct hostname in test_net_use
Andrew Bartlett [Tue, 14 Feb 2012 22:56:43 +0000 (09:56 +1100)]
s3-nmbd: Initialise newly non-static variables
Found by testing with wintest. When the variables were made non-static in
c21f6a1c6869a5086634bb830d6c3689dea539a3 the implicit initialisation to 0
was lost.
Andrew Bartlett
Volker Lendecke [Wed, 15 Feb 2012 10:22:45 +0000 (11:22 +0100)]
s3: Add SERVERID_UNIQUE_ID_NOT_TO_VERIFY, bug 8760
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Feb 15 21:10:22 CET 2012 on sn-devel-104
David Disseldorp [Wed, 15 Feb 2012 15:30:27 +0000 (16:30 +0100)]
s3-printing: fix crash in printer_list_set_printer()
The printer list database format was recently changed to accommodate for
the printcap location field.
One of the tdb_pack calls is not provided with a location string
argument, this causes a crash on some platforms.
https://bugzilla.samba.org/show_bug.cgi?id=8762
Signed-off-by: Günther Deschner <gd@samba.org>
Signed-off-by: Jim McDonough <jmcd@samba.org>
Signed-off-by: Lars Müller <lars@samba.org>
Autobuild-User: David Disseldorp <ddiss@samba.org>
Autobuild-Date: Wed Feb 15 19:34:38 CET 2012 on sn-devel-104
Volker Lendecke [Wed, 15 Feb 2012 15:17:34 +0000 (16:17 +0100)]
tevent_signal: Fix a valgrind error
This fixes an uninitialized read introduced by my fix for the tevent_signal
destructors. From looking at the code you might believe that this kicks in only
when talloc failed. But with -O3 I do see it in normal operations.
Sorry for that.
Autobuild-User: Volker Lendecke <vl@samba.org>
Autobuild-Date: Wed Feb 15 17:58:37 CET 2012 on sn-devel-104
Volker Lendecke [Tue, 14 Feb 2012 16:37:09 +0000 (17:37 +0100)]
s3: files_struct->mode is only written, remove it
Autobuild-User: Volker Lendecke <vl@samba.org>
Autobuild-Date: Tue Feb 14 19:14:29 CET 2012 on sn-devel-104
Rusty Russell [Tue, 14 Feb 2012 04:15:29 +0000 (14:45 +1030)]
tdb: build and run unit tests in tdb/test/
Now we can build the test binaries: the CCAN style is to compile
everything called "compile_ok*.c", compile and run everything called
"run*.c", compile, link with the module, and run everything called
"api*.c", and link any other C files (presumably test helpers) into
all the tests.
Unfortunately, actually passing that between the various parts of
wscript is painful, so I open-coded the names.
Also, the tests expect to be run in a (temporary) directory they can
pollute, with the test directory found in test/ (to find the canned
TDB files, for example).
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Autobuild-User: Rusty Russell <rusty@rustcorp.com.au>
Autobuild-Date: Tue Feb 14 06:53:46 CET 2012 on sn-devel-104
Rusty Russell [Tue, 14 Feb 2012 04:15:21 +0000 (14:45 +1030)]
tdb/test: fix up tests for use in SAMBA tdb code.
1) Make sure we include "tdb_private.h" first, to get the right headers
(esp. the correct setting of _FILE_OFFSET_BITS before unistd.h).
2) Fix 3G file test since expand logic has changed.
3) Fix nested transaction test, since default is to allow nesting.
4) Capture fdatasync, which was slowing down transaction expand.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Rusty Russell [Tue, 14 Feb 2012 04:15:19 +0000 (14:45 +1030)]
tdb: wean CCAN-style unit tests off of tap.
We could use subunit, but that's overkill. Just print messages when
we fail, and use exit status.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Rusty Russell [Mon, 13 Feb 2012 17:35:43 +0000 (04:05 +1030)]
tdb: import unit tests from CCAN into tdb/test/
I pulled tdb into CCAN as an experiment a while ago; it doesn't belong
there, but it has accumulated some important unit tests.
These are copied from CCAN version
init-1486-gc438ec1 with #include "../"
changed to #include "../common/".
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Rusty Russell [Mon, 13 Feb 2012 17:34:43 +0000 (04:04 +1030)]
tdb: make tdb_private.h idempotent.
The most convenient way to write unit tests in C is to directly
#include the C files (CCAN uses this, for example). That works quite
well, but it means that tdb_private.h now needs to be protected
against multiple inclusions.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Christian Ambach [Mon, 13 Feb 2012 15:47:41 +0000 (16:47 +0100)]
s4:torture: add another SMB2 rename test
this mimics Word 2010 saving a file
Autobuild-User: Christian Ambach <ambi@samba.org>
Autobuild-Date: Mon Feb 13 18:33:43 CET 2012 on sn-devel-104
Volker Lendecke [Mon, 13 Feb 2012 12:27:22 +0000 (13:27 +0100)]
libndr: Add ndr_map_error2errno
Autobuild-User: Volker Lendecke <vl@samba.org>
Autobuild-Date: Mon Feb 13 15:06:29 CET 2012 on sn-devel-104
Sumit Bose [Sat, 11 Feb 2012 16:52:07 +0000 (17:52 +0100)]
s3-auth: On successful user mapping set mapped_to_guest to false.
Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Mon Feb 13 13:09:10 CET 2012 on sn-devel-104
Andrew Bartlett [Mon, 13 Feb 2012 01:36:21 +0000 (12:36 +1100)]
s3-selftest: Do not assume $USERNAME is the same as $DC_USERNAME
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Mon Feb 13 06:13:38 CET 2012 on sn-devel-104
Andrew Bartlett [Mon, 13 Feb 2012 01:14:57 +0000 (12:14 +1100)]
selftest: Allow setup_env() to signal that an environment name is unknown
This will allow us to skip samba4 environments that may be mentioned in
the source3/selftest/tests.py file.
Andrew Bartlett
Andrew Bartlett [Mon, 13 Feb 2012 00:26:24 +0000 (11:26 +1100)]
s3-build: expliticly require gssapi for HAVE_KRB5 and remove HAVE_GSSAPI
The requirement for gss functions already make this happen, but
this is clearer. No code depends on HAVE_GSSAPI any more.
Andrew Bartlett
Andrew Bartlett [Mon, 13 Feb 2012 00:23:15 +0000 (11:23 +1100)]
s3-libads: Move to using only the HAVE_KRB5 define
HAVE_KRB5 already implies that GSSAPI is present as well.
Andrew Bartlett
Andrew Bartlett [Mon, 13 Feb 2012 00:21:11 +0000 (11:21 +1100)]
s3-lib/addns: Move to system/kerberos.h and HAVE_KRB5
Amitay Isaacs [Mon, 13 Feb 2012 00:07:06 +0000 (11:07 +1100)]
s4-dsdb: Check if metadata.tdb exists, before trying to open it
This fixes the error output from tdb2 when metadata module tries
to create metadata.tdb first time. This error is reported since
metadata module tries to check if tdb exists by trying to open
tdb file.
Autobuild-User: Amitay Isaacs <amitay@samba.org>
Autobuild-Date: Mon Feb 13 03:02:09 CET 2012 on sn-devel-104
Andrew Bartlett [Mon, 30 Jan 2012 10:49:33 +0000 (21:49 +1100)]
auth: Pass in the SMB username (for %U) into generate_session_info
This matches what Samba3 does.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Mon Feb 13 01:25:59 CET 2012 on sn-devel-104
Matthias Dieter Wallnöfer [Mon, 30 Jan 2012 16:20:28 +0000 (17:20 +0100)]
s4:join python code - "msDS-KeyVersionNumber" does not exist on Win2k
No problem since "secretsdb_self_join()" then chooses 1 as a default
value.
Fix case sensitivity for "msDS-KeyVersionNumber".
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Matthias Dieter Wallnöfer [Sat, 11 Feb 2012 11:48:20 +0000 (12:48 +0100)]
LDB:pyldb.c - use always the case insensitive comparison for attribute names
We can make no assumptions about our users
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Jelmer Vernooij [Sun, 12 Feb 2012 17:42:17 +0000 (18:42 +0100)]
wafsamba: Add tests for dict_concat.
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sun Feb 12 20:17:54 CET 2012 on sn-devel-104
Jelmer Vernooij [Sun, 12 Feb 2012 16:48:01 +0000 (17:48 +0100)]
wafsamba: Add tests for unique_list, subst_vars_error.
Jelmer Vernooij [Sun, 12 Feb 2012 16:35:20 +0000 (17:35 +0100)]
waf: Add initial unit test for samba_utils.
Jelmer Vernooij [Sun, 12 Feb 2012 13:38:37 +0000 (14:38 +0100)]
gitignore: Ignore waf cache files.
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sun Feb 12 16:14:49 CET 2012 on sn-devel-104
Amitay Isaacs [Thu, 9 Feb 2012 23:58:30 +0000 (10:58 +1100)]
mkversion: Add quotes around various version strings
This fixes compilation errors when VENDOR strings are specified.
Autobuild-User: Amitay Isaacs <amitay@samba.org>
Autobuild-Date: Sat Feb 11 09:07:54 CET 2012 on sn-devel-104
Matthieu Patou [Tue, 7 Feb 2012 18:46:43 +0000 (10:46 -0800)]
s3-waf: add dependency on talloc or it won't build if talloc.h is not in the default include path
The problem occurs only if talloc, tdb and ldb are used as system
libraries and talloc is not installed in a default.
Autobuild-User: Matthieu Patou <mat@samba.org>
Autobuild-Date: Fri Feb 10 23:27:29 CET 2012 on sn-devel-104
Matthieu Patou [Fri, 10 Feb 2012 19:45:21 +0000 (11:45 -0800)]
s3-winbindd: set the can_do_validation6 also for trusted domain
The flag can_do_validation6 was only set for the domain to which
winbindd is the member. Setting this flag in other domains (trusted
domain) if it's active directory domain is a good idea as it allow to do
level 6 validation also when winbindd is querying them directly.
Stefan Metzmacher [Fri, 10 Feb 2012 18:49:05 +0000 (19:49 +0100)]
s3:smbd/oplock_linux: don't overwrite private_data
We set ctx->private_data = sconn a few lines above
and expect 'sconn' in the signal event handler.
Thanks to Christian Ambach <ambi@samba.org> for the
bug report.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Fri Feb 10 21:48:18 CET 2012 on sn-devel-104
Christian Ambach [Fri, 10 Feb 2012 17:15:56 +0000 (18:15 +0100)]
s3:vfs_gpfs:quieten an expectable warning message
Autobuild-User: Christian Ambach <ambi@samba.org>
Autobuild-Date: Fri Feb 10 20:14:12 CET 2012 on sn-devel-104
Christian Ambach [Fri, 10 Feb 2012 17:11:30 +0000 (18:11 +0100)]
s3:vfs_gpfs: fix a compiler warning
Christof Schmitt [Tue, 29 Nov 2011 20:23:29 +0000 (13:23 -0700)]
s3:vfs_gpfs:Fix query of creation time from GPFS
Setting the creation time through SetFileTime on a GPFS file system and
querying it with GetFileTime shows a mismatch.
The vfs_gpfs module first retrieves the information from the operating
system and the flag st_ex_calculated_birthtime is set to false. When
vfs_gpfs retrieves the birthtime from GPFS the flag
st_ex_calculated_birthtime has to be set to true. Otherwise the birth
time will get overwritten by a call to update_stat_ex_mtime, reporting
the wrong time to a client system.
Signed-off-by: Christian Ambach <ambi@samba.org>
Stefan Metzmacher [Thu, 22 Dec 2011 14:54:41 +0000 (15:54 +0100)]
s3:vfs_gpfs: make "gpfs:getrealfilename" a per share option
metze
Signed-off-by: Christian Ambach <ambi@samba.org>
Stefan Metzmacher [Thu, 22 Dec 2011 14:54:41 +0000 (15:54 +0100)]
s3:vfs_gpfs: make "gpfs:ftruncate" a per share option
metze
Signed-off-by: Christian Ambach <ambi@samba.org>
Stefan Metzmacher [Thu, 22 Dec 2011 13:36:55 +0000 (14:36 +0100)]
s3:vfs_gpfs: make "gpfs:winattr" a per share option
metze
Signed-off-by: Christian Ambach <ambi@samba.org>
Stefan Metzmacher [Thu, 22 Dec 2011 13:20:32 +0000 (14:20 +0100)]
s3:vfs_gpfs: be less verbose in get/set_xattr functions
metze
Signed-off-by: Christian Ambach <ambi@samba.org>
Volker Lendecke [Fri, 10 Feb 2012 11:49:28 +0000 (12:49 +0100)]
s3-smb2: Use the correct indicator if a request was deferred
Autobuild-User: Volker Lendecke <vl@samba.org>
Autobuild-Date: Fri Feb 10 16:44:23 CET 2012 on sn-devel-104
Volker Lendecke [Fri, 10 Feb 2012 11:48:30 +0000 (12:48 +0100)]
s3-smb2: Make sure we have a subreq set
Christian Ambach [Wed, 8 Feb 2012 15:05:34 +0000 (16:05 +0100)]
selftest: add smb2.rename to testsuite
Autobuild-User: Christian Ambach <ambi@samba.org>
Autobuild-Date: Fri Feb 10 15:02:51 CET 2012 on sn-devel-104
Christian Ambach [Tue, 7 Feb 2012 17:02:56 +0000 (18:02 +0100)]
s4:torture: add some SMB2 renaming tests
Andrew Bartlett [Fri, 10 Feb 2012 09:54:18 +0000 (20:54 +1100)]
gensec: explain gensec_use_kerberos_mechs() logic
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Fri Feb 10 12:36:23 CET 2012 on sn-devel-104
Andrew Bartlett [Thu, 9 Feb 2012 21:13:40 +0000 (08:13 +1100)]
gensec: set flag to continue in outer for loop in gensec_use_kerberos_mechs
This should be the correct fix for the valgrind erorr Volker found in
744ed53a62037a659133ccd4de2065491208ae7d. This fix avoids putting
SPNEGO into the list twice when we are in the CRED_DONT_USE_KERBEROS
case.
Andrew Bartlett
Andrew Bartlett [Thu, 9 Feb 2012 21:07:21 +0000 (08:07 +1100)]
Revert "gensec: Fix a memory corruption in gensec_use_kerberos_mechs"
This reverts commit
744ed53a62037a659133ccd4de2065491208ae7d.
The real bug here is that the second half of the outer loop should not
have been run once we found spnego.
Andrew Bartlett
Stefan Metzmacher [Fri, 10 Feb 2012 07:26:40 +0000 (08:26 +0100)]
selftest: mark posix_s3.rpc.spoolss.printer as flakey test
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Fri Feb 10 10:04:15 CET 2012 on sn-devel-104