Andrew Bartlett [Tue, 21 Jan 2014 21:53:11 +0000 (10:53 +1300)]
auth: Remove unused PASSWORD_LENTH macro from pass_check.c
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Andrew Bartlett [Tue, 21 Jan 2014 21:40:11 +0000 (10:40 +1300)]
auth: Remove static variable ths_user from password_check() code
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeroen Dekkers [Fri, 20 Sep 2013 23:43:31 +0000 (01:43 +0200)]
Do not install smbclient4 and nmblookup4
Change-Id: I2d91d9c9faa2df084321d10fbdc948acbd2bb735
Signed-off-by: Jeroen Dekkers <jeroen@dekkers.ch>
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date(master): Tue Apr 15 03:25:13 CEST 2014 on sn-devel-104
Martin Schwenke [Thu, 10 Apr 2014 01:58:57 +0000 (11:58 +1000)]
ctdb-eventscripts: CTDB_NATGW_PUBLIC_* optional on slave-only nodes
Commit
4ee4925d416a86341bd76c11fa99ec9173682a1d forgot about
CTDB_NATGW_SLAVE_ONLY so it introduces an incorrect failure when this
is set, and CTDB_NATGW_PUBLIC_IFACE or CTDB_NATGW_PUBLIC_IP is unset.
Relax the sanity check to see if CTDB_NATGW_SLAVE_ONLY is set.
Update the documentation to explicitly state that
CTDB_NATGW_PUBLIC_IFACE and CTDB_NATGW_PUBLIC_IP are optional and
unused if CTDB_NATGW_SLAVE_ONLY is set. It would be possible to
insist that CTDB_NATGW_PUBLIC_IFACE and CTDB_NATGW_PUBLIC_IFACE should
be unset in that case. However, it is more reasonable to allow
consistent configuration across nodes except with some nodes
configured slave-only.
Add tests, update infrastructure and fix a thinko in the stub's
"natgwlist" implementation.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Mon Apr 14 06:06:49 CEST 2014 on sn-devel-104
Martin Schwenke [Wed, 9 Apr 2014 04:26:23 +0000 (14:26 +1000)]
ctdb-tools-ctdb: Drop disconnected nodes when filtering by capability
Commit
ba69742ccd822562ca2135d2466e09bf1216644b missed the point of
filtering disconnected nodes while limiting the nodemap to those in
the NAT gateway group. It was really to avoid trying to fetch
capabilities from disconnected nodes. This should be explicitly done
in filter_nodemap_by_capabilities(), otherwise "ctdb natgwlist" simply
fails when there is a disconnected node.
Note that the alternate solution where filter_nodemap_by_flags() is
called before filter_nodemap_by_capabilities() would not be not
correct. Filtering on flags first can produce a "healthier" set of
nodes where none of them have the NAT gateway capability.
Also extend stub for ctdb_ctrl_getcapabilities() to fail when trying
to get capabilities from a disconnected node and add a corresponding
test to confirm that "ctdb natgwlist" is no longer broken.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Amitay Isaacs [Wed, 9 Apr 2014 01:38:57 +0000 (11:38 +1000)]
ctdb-tests: Add a simple test for "ctdb detach"
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Mon, 7 Apr 2014 02:00:54 +0000 (12:00 +1000)]
ctdb-doc: Remove commands that have been deleted
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Mon, 7 Apr 2014 02:06:49 +0000 (12:06 +1000)]
ctdb-doc: Add "ctdb detach" and update "ctdb attach"
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Mon, 31 Mar 2014 04:45:23 +0000 (15:45 +1100)]
ctdb-tools/ctdb: Add ctdb detach command to detach databases
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Mon, 31 Mar 2014 04:44:53 +0000 (15:44 +1100)]
ctdb-client: Add client code to detach a database
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Mon, 31 Mar 2014 04:44:21 +0000 (15:44 +1100)]
ctdb-daemon: Add control CTDB_CONTROL_DB_DETACH
This detaches specified database from all the nodes.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Jelmer Vernooij [Sun, 30 Mar 2014 02:01:06 +0000 (04:01 +0200)]
Typo: s/preceeded/preceded/
Caught by lintian, the Debian package linter :)
Change-Id: Ia7162ea8c2b1845155345526b66d71ae64f15227
Reviewed-on: https://gerrit.samba.org/216
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date(master): Mon Apr 14 03:51:15 CEST 2014 on sn-devel-104
Jelmer Vernooij [Sun, 30 Mar 2014 02:02:39 +0000 (04:02 +0200)]
Typo: Commiting -> Committing
Signed-Off-By: Jelmer Vernooij <jelmer@samba.org>
Change-Id: I9d71706ce6d6782da72a26fa37e33fe5b527788e
Reviewed-on: https://gerrit.samba.org/217
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jelmer Vernooij [Sun, 30 Mar 2014 02:03:15 +0000 (04:03 +0200)]
Typo: speciefied -> specified.
Signed-Off-By: Jelmer Vernooij <jelmer@samba.org>
Change-Id: I0357440cde2ef70945ff4a9ba87b62ab88b271a8
Reviewed-on: https://gerrit.samba.org/218
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date(master): Sun Apr 13 19:12:22 CEST 2014 on sn-devel-104
Jelmer Vernooij [Sun, 30 Mar 2014 02:05:09 +0000 (04:05 +0200)]
Typo: s/prefered/preferred/
Signed-Off-By: Jelmer Vernooij <jelmer@samba.org>
Change-Id: Ib82b71111fd208990aa876a8bf06431cfed21a6c
Reviewed-on: https://gerrit.samba.org/220
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jelmer Vernooij [Sun, 30 Mar 2014 02:04:18 +0000 (04:04 +0200)]
Typo: sucessfully -> successfully
Signed-Off-By: Jelmer Vernooij <jelmer@samba.org>
Change-Id: I23258edf9c197081c882ba85dedf833292e56e4e
Reviewed-on: https://gerrit.samba.org/219
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jelmer Vernooij [Sun, 30 Mar 2014 02:05:45 +0000 (04:05 +0200)]
Typo: Specifing -> specifying.
Signed-Off-By: Jelmer Vernooij <jelmer@samba.org>
Change-Id: I80286441b32cd0b8384610b5b6db7790b8a22d48
Reviewed-on: https://gerrit.samba.org/221
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Thu, 10 Apr 2014 23:37:42 +0000 (01:37 +0200)]
s3:smb2_server: remove unused get_min_receive_file_size() wrapper function
smb2req always comes from talloc_zero().
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Apr 11 23:55:17 CEST 2014 on sn-devel-104
Stefan Metzmacher [Fri, 15 Nov 2013 08:12:40 +0000 (09:12 +0100)]
s3:smb2_server: only allocate the required buffer in the smb2 recvfile() code path
This way the buffer will likely be allocated within the existing talloc_pool,
which avoids one malloc() per request.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Mon, 18 Nov 2013 12:46:10 +0000 (13:46 +0100)]
s3:smb2_server: prepare smbd_smb2_request_verify_sizes() for the optimized recvfile() case
For recvfile we haven't read and may not allocated the dyn buffer.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Mon, 18 Nov 2013 12:45:37 +0000 (13:45 +0100)]
s3:smb2_write: allow SMBD_SMB2_IN_DYN_LEN() to be 0 for the recvfile case.
For recvfile we haven't read and may not allocated the dyn buffer.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Thu, 10 Apr 2014 23:05:21 +0000 (01:05 +0200)]
s3:smb2_server: make sure we don't try recvfile for special NBT messages
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Thu, 10 Apr 2014 22:43:46 +0000 (00:43 +0200)]
s3:smb2_server: use the same logic to avoid recvfile() for IPC/PRINT shares
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Thu, 10 Apr 2014 22:51:32 +0000 (00:51 +0200)]
s3:smbd: use smb1srv_open_lookup() in is_valid_writeX_buffer()
It's more logical to check the fnum instead of tid here.
This will make it easier to reuse the logic for SMB2 and
allows per fsp recvfile detection.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Thu, 10 Apr 2014 22:29:48 +0000 (00:29 +0200)]
s3:smbXsrv_open: allow now==0 to skip the idle_time update.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Thu, 5 Dec 2013 10:20:49 +0000 (11:20 +0100)]
s3:lib: use stack buffers in drain_socket() and default_sys_recvfile()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Wed, 9 Apr 2014 22:27:45 +0000 (15:27 -0700)]
libs: s3 and s4: make our dns lookup code signal-safe.
Cope with -1,EINTR returns. Needed as this code can be
called from inside smbd.
Also fixes a bug in not checking the return from poll()
correctly.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Kai Blin <kai@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Apr 10 22:06:08 CEST 2014 on sn-devel-104
Jeremy Allison [Wed, 9 Apr 2014 16:50:46 +0000 (09:50 -0700)]
s3: smbd: Performance optimization for RECVFILE.
Based on work proposed by Jones <jones.kstw@gmail.com>.
Removes set_blocking()/set_unblocking() fcntl
calls around RECVFILE on the non-blocking socket.
Instead uses RECVFILE in a loop, and only drops
back to set_blocking()/set_unblocking() once
RECVFILE returns -1/EAGAIN/EWOULDBLOCK.
From the samba-technical list:
------------------------------------------------
The iometer 512b sequential write shows following result,
Before applying this patch: 75333 IOps
After applying this patch: 82691 IOps
------------------------------------------------
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Wed, 9 Apr 2014 00:43:54 +0000 (12:43 +1200)]
s4-wbclient: Fix wbc_sids_to_xids to correctly indicate the length of the SID list
This uses the fact that we know the end of the string in p to avoid
needing a strlen() call. Otherwise the winbindd validation that the
extra_data is terminated may fail, if the un-initiliased memory is not
zero.
Andrew Bartlett
Change-Id: I9b28068e4fbd3754c8d14724af93638d657810dd
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Apr 9 18:26:40 CEST 2014 on sn-devel-104
Michael Adam [Wed, 19 Mar 2014 12:38:17 +0000 (13:38 +0100)]
tdb: consolidate tdb allocation code - re-use dead records at hash top.
When in tdb_store we re-use a dead record reactivated from the
target hash chain itself, we currently leave it in its place in
the chain. When we re-use a dead record from a different chain or
from the freelist instead, we insert it at the beginning of the
target chain.
This patch changes the behaviour to always newly store a
record at the beginning of the hash chain. This removes
a special case and hence simplifies the allocation code.
On the other hand side, it introduces two additioal tdb_ofs_write
calls for the in-chain-case.
Note the subtelty of the patch that by moving the case of the candidate
record's chain as new case "i=0" into the for loop, we also reverse the
order of the two steps in the for-loop body (non blocking freelist alloc
and searching for dead record in a chain) in order to keep the overall
order of execution identical.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Wed Apr 9 10:37:08 CEST 2014 on sn-devel-104
David Disseldorp [Tue, 8 Apr 2014 17:49:37 +0000 (19:49 +0200)]
torture: add local verification trailer parsing test
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Apr 9 03:44:15 CEST 2014 on sn-devel-104
Jeremy Allison [Tue, 8 Apr 2014 17:38:33 +0000 (10:38 -0700)]
s3-lib/util: fix logic inside set_namearray loops.
Additional fix for bug #10544 - s3-lib/util: set_namearray reads across end of namelist string.
Not strictly needed as the initial fix addresses
the problem, but corrects the internal logic
inside the loops.
https://bugzilla.samba.org/show_bug.cgi?id=10544
Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Björn Baumbach [Mon, 7 Apr 2014 11:46:42 +0000 (13:46 +0200)]
s3-lib/util: fix read across end of namelist string
If the namelist is not terminated with a '/', we try to read
the next character after the string termination '\0'.
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Apr 8 21:44:16 CEST 2014 on sn-devel-104
Ralph Boehme [Thu, 27 Mar 2014 15:37:18 +0000 (16:37 +0100)]
wafsamba: replace dots in library names
Certain libraries use a version number with a dot in the library name,
eg libtracker-sparql-0.16. The dot is passed to the HAVE_LIBXXX macro
but dots aren't allowed in C macros, compiler diagnostic:
warning: missing whitespace after the macro name
Signed-off-by: Ralph Boehme <rb@sernet.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andrew Bartlett [Mon, 7 Apr 2014 02:06:21 +0000 (14:06 +1200)]
s4-wbclient: Cope with winbind returning an error
Change-Id: I8eaf858f9e9e55eec20aa2c585db5459fb73b887
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Apr 8 12:53:13 CEST 2014 on sn-devel-104
Amitay Isaacs [Wed, 2 Apr 2014 06:17:47 +0000 (17:17 +1100)]
ctdb-daemon: Always update database priority cluster wide
Database priority is a global property and all the nodes should have the
priority set for the databases. Just setting priority on one node can
lead to problems in the recovery as a database can be frozen at wrong
priority and then freezing database would not succeed.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Mon Apr 7 14:06:26 CEST 2014 on sn-devel-104
Jeremy Allison [Fri, 4 Apr 2014 23:47:32 +0000 (16:47 -0700)]
s3: smbd/nmbd/winbindd - fix append on trailing slash on system paths.
The xx_path() function incorrectly uses talloc_asprintf_append()
instead of talloc_asprintf() on a path that may have been modified
by the trim_string() call previously. talloc_asprintf_append()
always sticks the new text at the *end* of the allocated buffer,
not at the end of the string.
Fix bug #10538 - Daemons crashing when lock/state/cache directory parameter has a trailing slash
https://bugzilla.samba.org/show_bug.cgi?id=10538
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Sat Apr 5 13:40:30 CEST 2014 on sn-devel-104
Björn Baumbach [Thu, 27 Mar 2014 10:17:30 +0000 (11:17 +0100)]
s3: enforce a positive allocation_file_size for non-empty files
Some file systems do not allocate a block for very
small files. But for non-empty file should report a
positive size.
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Apr 5 03:09:00 CEST 2014 on sn-devel-104
Alexander Werth [Tue, 4 Feb 2014 16:50:54 +0000 (17:50 +0100)]
vfs: Store ACL control flags in gpfs vfs module.
Use literals to allow a compile and execution on gpfs 3.4.
Signed-off-by: Alexander Werth <alexander.werth@de.ibm.com>
Reviewed-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Alexander Werth [Mon, 20 Jan 2014 14:12:42 +0000 (15:12 +0100)]
vfs: Support NFS control flags in nfs4_acls.c.
The ACL control flags stores in particular the dacl protected bit
which is responsible for the "Include inherited permissions from
this object's parent" checkbox. This stores the information in the
ACL struct passed to and from file system specific vfs modules.
Signed-off-by: Alexander Werth <alexander.werth@de.ibm.com>
Reviewed-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Lukas Slebodnik [Fri, 4 Apr 2014 11:29:39 +0000 (13:29 +0200)]
talloc: Update flags in pytalloc-util pkgconfig file
After exapnding, @LIB_RPATH@ will be -Wl,-rpatch,/usr/local/lib if rpath is
used on install. But "-Wl," will be passed to linker and should not be among
CFLAGS. Other pkgconfig files have @LIB_RPATH@ in the right place.
@see commit
735c1cd2da15167748e92ba6de48fdb5169db587
Signed-off-by: Lukas Slebodnik <lslebodn@redhat.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Apr 4 23:50:25 CEST 2014 on sn-devel-104
Lukas Slebodnik [Fri, 4 Apr 2014 11:27:35 +0000 (13:27 +0200)]
tevent: Update flags in tevent pkgconfig file
After exapnding, @LIB_RPATH@ will be -Wl,-rpatch,/usr/local/lib if rpath is
used on install. But "-Wl," will be passed to linker and should not be among
CFLAGS. Other pkgconfig files have @LIB_RPATH@ in the right place.
@see commit
735c1cd2da15167748e92ba6de48fdb5169db587
Signed-off-by: Lukas Slebodnik <lslebodn@redhat.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Günther Deschner [Wed, 2 Apr 2014 17:37:34 +0000 (19:37 +0200)]
s3-kerberos: make ipv6 support for generated krb5 config files more robust.
Older MIT Kerberos libraries will add any secondary ipv6 address as
ipv4 address, defining the (default) krb5 port 88 circumvents that.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Fri Apr 4 16:33:12 CEST 2014 on sn-devel-104
Shekhar Amlekar [Tue, 25 Mar 2014 11:36:18 +0000 (17:06 +0530)]
s3: rpc_server/srvsvc: count open files in NetConnEnum
Signed-off-by: Shekhar Amlekar <samlekar@in.ibm.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Apr 3 21:19:43 CEST 2014 on sn-devel-104
Shekhar Amlekar [Tue, 25 Mar 2014 11:19:44 +0000 (16:49 +0530)]
s3: rpc_server/srvsvc: count share connections in NetConnEnum
Signed-off-by: Shekhar Amlekar <samlekar@in.ibm.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Shekhar Amlekar [Tue, 25 Mar 2014 11:00:49 +0000 (16:30 +0530)]
s3: rpc_server/srvsvc: added routines to compute opens on share connections.
Added routines count_share_opens() and share_file_fn() to count
opens on share connections.
Signed-off-by: Shekhar Amlekar <samlekar@in.ibm.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Shekhar Amlekar [Thu, 3 Apr 2014 08:52:58 +0000 (14:22 +0530)]
s3: rpc_server/srvsvc: Added routines to count share connections.
Added routines count_share_conns() and share_conn_fn() to count
connections to a share.
Signed-off-by: Shekhar Amlekar <samlekar@in.ibm.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Michael Adam [Wed, 2 Apr 2014 22:06:04 +0000 (00:06 +0200)]
autorid: use the db argument in the initialize traverse action.
By a copy and paste error, the global autorid_db was used.
This was not currently a problem in behaviour, because this
autorid_db is passed as the argument.
This change fixes the callback function for consistency.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Apr 3 08:36:55 CEST 2014 on sn-devel-104
Jeremy Allison [Wed, 2 Apr 2014 23:45:25 +0000 (16:45 -0700)]
s3: messages: Implement cleanup of dead records.
When a smbd process dies, pending messages.tdb records for this process
might not get cleaned up. Implement a cleanup for dead records that is
triggered after a smbd dies uncleanly; the records for that PID are
deleted.
Based on a patchset from Christof Schmitt <cs@samba.org>.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Michael Adam [Thu, 20 Mar 2014 23:18:36 +0000 (00:18 +0100)]
autorid: make the whole initialization atomic with one transaction.
Originally, there were several writing operations:
- store the range HWM
- store the alloc uid HWM
- store the alloc gid HWM
- store the config
- create mappings for a whole list of wellknown sids
Each of these consisted of its own transaction,
the wellknown preallocation even of one transaction per sid.
This change wrapps all of these in one big transaction.
Thereby making the whole initialization atomic, and
with respect to the creation of the wellknown mappings
also more deterministic.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Apr 3 02:41:25 CEST 2014 on sn-devel-104
Michael Adam [Thu, 20 Mar 2014 08:20:04 +0000 (09:20 +0100)]
autorid: initialize: fix typo in and further improve a debug message.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Michael Adam [Thu, 20 Mar 2014 23:07:07 +0000 (00:07 +0100)]
autorid: initialize: use the split db_open and init_hwms function instead of db_init
This way, we can later put all of the storing functions inside one transaction.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Michael Adam [Thu, 20 Mar 2014 23:04:15 +0000 (00:04 +0100)]
autorid: initialize: open the autorid db as late as possible.
But make sure to link the db context to commonconfig afterwards.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Michael Adam [Thu, 20 Mar 2014 23:03:02 +0000 (00:03 +0100)]
autorid: initialize: link config to commonconfig as soon as it is allocated.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Michael Adam [Thu, 20 Mar 2014 23:02:31 +0000 (00:02 +0100)]
autorid: initialize: link commonconfig to dom as soon as it is allocated
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Michael Adam [Wed, 19 Mar 2014 22:50:20 +0000 (23:50 +0100)]
autorid: initialize: store config directly before allocating well knowns.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Michael Adam [Thu, 20 Mar 2014 22:41:03 +0000 (23:41 +0100)]
autorid: split idmap_autorid_db_open and idmap_autorid_init_hwms out of idmap_autorid_db_init
These will be used separately in the full initialization function.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Michael Adam [Thu, 20 Mar 2014 11:38:31 +0000 (12:38 +0100)]
autorid: in idmap_autorid_saveconfig, add a debug msg when loading gives error
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Michael Adam [Thu, 20 Mar 2014 14:26:33 +0000 (15:26 +0100)]
autorid: improve the precision of the DEBUG at the end of add_range
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Michael Adam [Thu, 20 Mar 2014 14:26:06 +0000 (15:26 +0100)]
autorid: add a DEBUG upon talloc fail in the add_range function.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Michael Adam [Thu, 20 Mar 2014 14:22:40 +0000 (15:22 +0100)]
autorid: when storing a new range, always check it does not exist.
Also check for existence when the range is >= the HWM,
typically the "acquire" case where we bump the HWM.
In case of external modification, we would previously
simply overwrite an an existing range mapping. Now we
check and throw INTERNAL_DB_CORRUPTION in this case.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Michael Adam [Thu, 20 Mar 2014 11:07:19 +0000 (12:07 +0100)]
autorid: fix a potential for data corruption.
The initialization of the HWM values in autorid.tdb was racy:
It did:
1. fetch the HWM value
2. if it did not exist, store 0 in a transaction.
This can be racy if two processes at the same time try to
run the initialization code, especially in a cluster, when
winbindd and smbd are started simultaneously on all nodes.
The race is that the HWM is not re-fetched inside the transaction.
Assume both processes see that the HWM does not exist.
Both try to start a transaction. Process 1 gets the lock
and process 2 blocks. After Process 1 has stored the
HWM, it proceeds and manages to start subsequent transactions
which also bump the HWM value (e.g. a range allocation,
which is also triggered from allocation code). When
process 2 finally manages to start the transaction, the
HWM value is aready > 0. But process 2 does not look again
and simply overwrites the HWM with 0.
So the next allocation will overwrite an existing mapping,
at least partially.
This patch changes the mechanism to:
1. fetch the hwm value
2. if it does not exist start a transaction
3. fetch the hwm value
4. if it does not exist, store 0
5. commit the transaction.
Note: this is not theoretical. Corruptions have been
seen in cluster environments.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Michael Adam [Wed, 19 Mar 2014 22:43:35 +0000 (23:43 +0100)]
autorid: print debug message when a HWM key has been created
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Michael Adam [Thu, 20 Mar 2014 10:23:05 +0000 (11:23 +0100)]
autorid: reverse logic flow in idmap_autorid_init_hwm(), decreasing indentation.
I.e. move writing case to the end.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Michael Adam [Thu, 20 Mar 2014 11:40:31 +0000 (12:40 +0100)]
autorid: store hwm as uint32_t in idmap_autorid_init_hwm()
The HWM is treated as uint32_t all the times.
This was just a leftover from old code.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Arvid Requate [Mon, 31 Mar 2014 16:45:07 +0000 (18:45 +0200)]
dfs_server: get_dcs: fix pointer list termination
Should fix a potential SEGV e.g. in case searched_site == NULL and no
objects with objectClass=site are found.
Signed-off-by: Arvid Requate <requate@univention.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Noel Power [Mon, 24 Mar 2014 20:35:50 +0000 (20:35 +0000)]
script to generate content for libcli/util/nterr.c & libcli/util/ntstatus.h
A ropey script to generate some missing NT_STATUS error codes and
and descriptions. The script generates ntstatus.c & ntstatus.h
whose contents are used to extend the existing contents of
libcli/util/nterr.c & libcli/util/ntstatus.h
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Apr 2 22:40:06 CEST 2014 on sn-devel-104
Noel Power [Mon, 24 Mar 2014 17:19:54 +0000 (17:19 +0000)]
Add error codes and message descriptions for NTSTATUS
Error codes and descriptions were autogenerated from [MS-ERREF]
see http://msdn.microsoft.com/en-us/library/
cc704588.aspx
Additionally some missing error descriptions for existing errors were
identified and generated.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Noel Power [Mon, 24 Mar 2014 19:19:42 +0000 (19:19 +0000)]
Use correct error code value for NT_STATUS_RPC_ENUM_VALUE_OUT_OF_RANGE
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Noel Power [Mon, 24 Mar 2014 15:02:45 +0000 (15:02 +0000)]
script to generate libcli/util/hresult.c & libcli/util/hresult.h
This hacky script was used to generate the contents of libcli/util/hresult.c
& libcli/util/hresult.h. It expects the table contents of
http://msdn.microsoft.com/en-us/library/
cc704587.aspx cut'n'pasted into
the text file specified as it's single required input param
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Noel Power [Mon, 24 Mar 2014 11:52:48 +0000 (11:52 +0000)]
Allow FSRVP access generic HRESULT error message descriptions
FSRVP can possibly return any HRESULT error in addition to it's own
specific errors. This change searches the HRESULT errors for a description
if the error doesn't match any of the known FSRVP ones.
Also removed some errors defined in fsrvp.idl (now that they are defined
in hresult.h)
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Noel Power [Mon, 10 Mar 2014 11:00:38 +0000 (11:00 +0000)]
Add autogenerated HRESULT error codes and descriptions from MS_ERREF
error codes & string descriptions are generated from
http://msdn.microsoft.com/en-us/library/
cc704587.aspx, additionally there
is a function to return the error description from the error code,
this function will also try to determine the error description
associated with a W_ERROR code translated as a HRESULT.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Thu, 31 Oct 2013 03:57:10 +0000 (16:57 +1300)]
torture-samr: Add testing of account lockout and password change behaviour
This is the regression test to avoid a repeat of CVE-2013-4496
This includes confirming that badPwdCount is updated on login, not just on first failure
However the badPwdCount is not updated if the account is disabled
Note: that samr_QueryUserInfo return the effective bad_password_count in level
5, 16 and 21, while it returns the raw value in level 3.
(Sadly the s3 code does not do this correctly, so a knownfail is added)
Change-Id: I4fd8ac5c3b1357e7a98386756dac2a43eb778ecf
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Apr 2 19:30:59 CEST 2014 on sn-devel-104
Andrew Bartlett [Mon, 4 Nov 2013 22:43:41 +0000 (11:43 +1300)]
selftest: Run rpc.samr.passwords.badpwdcount against s3dc
Change-Id: I9529def954521bf8ab05212759a2ef6bbe9913f8
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Sun, 16 Mar 2014 08:14:51 +0000 (21:14 +1300)]
torture-samr: Add test for lockout with and without a password history
Change-Id: I6f4b3e92feabe4ff09839329b0db3d33cc6c73b4
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Mon, 9 Dec 2013 01:25:06 +0000 (14:25 +1300)]
torture-samr: Improve rpc.samr.passwords.badpwdcount test
Change-Id: I89ac30d715e89f14aca049e0e5c5043a39ab93c7
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Sun, 24 Nov 2013 21:03:05 +0000 (10:03 +1300)]
selftest: Add test for password lockout
Change-Id: Ia690b83f82b5ad7b02b203ffdecd2e05066b6711
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Tue, 25 Mar 2014 22:32:05 +0000 (11:32 +1300)]
dsdb: Allow SAMR server to return the computed, not actual badPwdCount
This matters after the lockout observation period has expired.
Note: that QueryUserInfo level 3 returns the raw badPwdCount value.
Andrew Bartlett
Change-Id: I7b304a50984072bc6cb1daf3315b4427443632a9
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Tue, 25 Mar 2014 06:12:04 +0000 (07:12 +0100)]
s4:rpc_server/samr: passdown unmodified acct_flags to the ldb layer.
The samldb module will handle the verification and magic.
Change-Id: If38e0ed229b98eac4db9b39988de4a25f9a352f2
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Tue, 25 Mar 2014 06:10:02 +0000 (07:10 +0100)]
s4:dsdb/samldb: rework samldb_user_account_control_change()
- Removing ACB_AUTOLOCK/UF_LOCKOUT from the effective userAccountControl flags
(combined with msDS-User-Account-Control-Computed) results in
lockoutTime=0 (implying badPadCount=0).
- We also do more validation of the account type flags now.
Change-Id: If7f224cf60920037a0ae19a10d116ac265771a4c
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Tue, 1 Apr 2014 11:21:35 +0000 (13:21 +0200)]
libds: add UF_PARTIAL_SECRETS_ACCOUNT to UF_ACCOUNT_TYPE_MASK
Change-Id: Ie26520c37c393ab4d2e3c5782e3dca46d4d1f83c
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Tue, 1 Apr 2014 08:54:27 +0000 (10:54 +0200)]
s4:dsdb/samldb: remove fantasy code from samldb_user_account_control_change()
Setting UF_PASSWORD_EXPIRED doesn't reset "pwdLastSet" to "0"!
Change-Id: I9e004195ad864b8b3fe036986b1087398d1f6fc5
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Mon, 17 Mar 2014 00:33:18 +0000 (13:33 +1300)]
s4-samr: Escape the username in the LDAP filter
Change-Id: I99945f0b86ea2862c88c00ad39c809ef1101ca9b
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Sun, 10 Nov 2013 21:38:03 +0000 (10:38 +1300)]
s4-auth: Support password history correctly, including allowing NTLM logins using the old password
This is only done during a 1 hour allowed period, by default.
We only update bad password count when not one of the last 3 passwords
Andrew Bartlett
Change-Id: I76fd8010ce273a21efb55f9601d17b9978a0acf0
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Mon, 9 Dec 2013 01:23:49 +0000 (14:23 +1300)]
lib/param: Add new parameter "old password allowed period"
Change-Id: I46228b492ba71ba4f3fee380a1ccadb328e3ade1
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Mon, 2 Dec 2013 02:44:37 +0000 (15:44 +1300)]
dsdb: check type with talloc_get_type_abort in samdb_set_password
Change-Id: Ie5b534c70dd87ecf58d6a830e38750ecf16eb855
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Wed, 6 Nov 2013 04:11:18 +0000 (17:11 +1300)]
dsdb: Implement password lockout on LDAP password changes
To do this, and have the badPwdCount update stick, we must abort,
open, close and reopen transactions such that the badPwdCount update
is in it's own transaction.
To ensure the tests can confirm the correct behaviour here, we must
output the Windows error code in the error message.
Andrew Bartlett
Change-Id: I5b1515b26b308301cf90ce8a3c848a3cedee85a2
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Thu, 28 Nov 2013 03:18:31 +0000 (16:18 +1300)]
dsdb: Move dsdb_update_bad_pwd_count to dsdb/common/util.c
This allows the password_hash code to call the same update routine.
Andrew Bartlett
Change-Id: I3d954469defa3f5d26ffc5ae0583ec7e1957ea11
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Thu, 28 Nov 2013 02:42:07 +0000 (15:42 +1300)]
auth: Split out badPwdCount update into a helper function
This will allow password_hash to call this using dsdb_module_*() functions.
Andrew Bartlett
Change-Id: Ib6705300f3f12f4e5e9c73bfd041e6f72bb3ac4a
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Tue, 26 Nov 2013 02:32:18 +0000 (15:32 +1300)]
kdc: call authsam_zero_bad_pwd_count on successful AS-REQ
Change-Id: I91bb663dcf1b1033cf756a860404c677e4ac4ade
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Tue, 29 Oct 2013 21:50:19 +0000 (10:50 +1300)]
kdc: Include values from msDS-User-Account-Control-Computed when checking user flags
Change-Id: I27280d7dd139c6c65dddac611dbdcd7e518ee536
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Mon, 28 Oct 2013 23:31:46 +0000 (12:31 +1300)]
kdc: Set flags.locked_out on a locked-out user.
This only changes the log output, the same error is still returned
Change-Id: Id3c13e9373140c276783e5bd288f29de2bf4a45d
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Tue, 18 Feb 2014 00:53:38 +0000 (13:53 +1300)]
heimdal: Only indicate successful authentication after successful authz
This is needed to match Windows behaviour for NTLM logins.
Andrew Bartlett
Change-Id: I142de19b480cd6499d6f7f025f655e220558d54c
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Mon, 25 Nov 2013 01:13:02 +0000 (14:13 +1300)]
heimdal: Match windows and return KRB5KDC_ERR_CLIENT_REVOKED when the account is locked out
Change-Id: I3c306d1516aa569549f5f024fe1fff2d4f2abefc
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Thu, 28 Nov 2013 00:28:29 +0000 (13:28 +1300)]
heimdal: Do not attempt password authentication for locked out accounts
Change-Id: I49695cc4ae0dd0b02034e5411b277882ec5f5f44
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Sun, 10 Nov 2013 22:35:12 +0000 (11:35 +1300)]
s4-auth: Add authsam_zero_bad_pwd_count to zero out badPwdCount and lockoutTime on successful login
Change-Id: I2530f08a91f9b6484203dbdaba988f2df1a04ea1
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Tue, 25 Mar 2014 06:23:04 +0000 (07:23 +0100)]
s4:dsdb/samldb: add let lockoutTime=0 reset badPwdCount=0
See [MS-SAMR] 3.1.1.8.3 lockoutTime.
Change-Id: Ic384a8e2b88c8e9eb1859df99ee09451ebd49fec
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Tue, 26 Nov 2013 04:04:46 +0000 (17:04 +1300)]
dsdb: collapse wrong password and no-password-hash errors into one handler
This avoids giving away too much information to an attacker.
Andrew Bartlett
Change-Id: Id0c0ec508304990e64e5d728396d0d0c1cd7f966
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Sun, 10 Nov 2013 21:37:38 +0000 (10:37 +1300)]
dsdb: Add samdb_result_passwords_from_history helper function
Change-Id: I949c6c64551f68c4381b41b30120874ead82949e
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Sun, 10 Nov 2013 21:32:58 +0000 (10:32 +1300)]
s4-auth: Rework memory handling to use a tmp_ctx
Change-Id: Iceb4a04dbd04f581d2bbade86213c8ecfa35d306
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
git.samba.org / nivanova / samba-autobuild / .git / log