tridge/samba.git
7 years agos4-test: added test suite for common.py code master
Andrew Tridgell [Thu, 20 Oct 2011 02:25:22 +0000 (13:25 +1100)]
s4-test: added test suite for common.py code

this tests the dsdb_Dn() class

Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>

7 years agos4-dsdb: moved dsdb_Dn() into common.py
Andrew Tridgell [Thu, 20 Oct 2011 02:24:45 +0000 (13:24 +1100)]
s4-dsdb: moved dsdb_Dn() into common.py

this gives a method for dealing with binary DNs from python

Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>

7 years agosubunitrun: give more useful help
Andrew Tridgell [Thu, 20 Oct 2011 02:24:04 +0000 (13:24 +1100)]
subunitrun: give more useful help

give some examples and more useful description for subunitrun command

Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>

7 years agodsdb: improve debug message
Andrew Tridgell [Wed, 19 Oct 2011 21:02:40 +0000 (08:02 +1100)]
dsdb: improve debug message

show the reply type in "Invalid reply type" messages

7 years agos3-waf: make sure we always compile (not install) our libsmbclient testcode.
Günther Deschner [Wed, 19 Oct 2011 11:56:42 +0000 (13:56 +0200)]
s3-waf: make sure we always compile (not install) our libsmbclient testcode.

Guenther

Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Wed Oct 19 20:42:52 CEST 2011 on sn-devel-104

7 years agos3:libsmb/smb_seal: move smb_set_enclen() to smb_seal.c and make it static there
Stefan Metzmacher [Wed, 19 Oct 2011 15:37:29 +0000 (17:37 +0200)]
s3:libsmb/smb_seal: move smb_set_enclen() to smb_seal.c and make it static there

metze

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Wed Oct 19 19:06:35 CEST 2011 on sn-devel-104

7 years agos3:libsmb/smb_seal: s/uint16/uint16_t
Stefan Metzmacher [Wed, 19 Oct 2011 13:35:23 +0000 (15:35 +0200)]
s3:libsmb/smb_seal: s/uint16/uint16_t

metze

7 years agos3:include: move smb_seal.c prototypes to smb_crypt.h
Stefan Metzmacher [Wed, 19 Oct 2011 13:33:16 +0000 (15:33 +0200)]
s3:include: move smb_seal.c prototypes to smb_crypt.h

metze

7 years agos3:libsmb/smb_seal: make common_ntlm_[en|de]crypt_buffer static
Stefan Metzmacher [Wed, 19 Oct 2011 13:32:14 +0000 (15:32 +0200)]
s3:libsmb/smb_seal: make common_ntlm_[en|de]crypt_buffer static

metze

7 years agos4:libcli/raw: remove unused smb_len(), _smb_setlen() and _smb2_setlen() macros
Stefan Metzmacher [Wed, 19 Oct 2011 12:02:57 +0000 (14:02 +0200)]
s4:libcli/raw: remove unused smb_len(), _smb_setlen() and _smb2_setlen() macros

metze

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Wed Oct 19 17:15:23 CEST 2011 on sn-devel-104

7 years agos4:smb_server/smb2: make use of _smb_setlen_tcp()
Stefan Metzmacher [Wed, 19 Oct 2011 12:02:30 +0000 (14:02 +0200)]
s4:smb_server/smb2: make use of _smb_setlen_tcp()

metze

7 years agos4:smb_server/smb: make use of _smb_setlen_nbt()
Stefan Metzmacher [Wed, 19 Oct 2011 12:02:09 +0000 (14:02 +0200)]
s4:smb_server/smb: make use of _smb_setlen_nbt()

metze

7 years agos4:libcli/smb2: make use of _smb_setlen_tcp()
Stefan Metzmacher [Wed, 19 Oct 2011 12:01:29 +0000 (14:01 +0200)]
s4:libcli/smb2: make use of _smb_setlen_tcp()

metze

7 years agos4:libcli/raw: make use of _smb_setlen_nbt()
Stefan Metzmacher [Wed, 19 Oct 2011 12:01:01 +0000 (14:01 +0200)]
s4:libcli/raw: make use of _smb_setlen_nbt()

metze

7 years agos4:lib/stream: make use of smb_len_tcp()
Stefan Metzmacher [Wed, 19 Oct 2011 12:00:12 +0000 (14:00 +0200)]
s4:lib/stream: make use of smb_len_tcp()

metze

7 years agos3:include: use smb_[set]len_[nbt|tcp]() macros
Stefan Metzmacher [Wed, 19 Oct 2011 11:48:09 +0000 (13:48 +0200)]
s3:include: use smb_[set]len_[nbt|tcp]() macros

metze

7 years agolibcli/smb: add smb_[set]len_[nbt|tcp]() macros
Stefan Metzmacher [Wed, 19 Oct 2011 11:48:09 +0000 (13:48 +0200)]
libcli/smb: add smb_[set]len_[nbt|tcp]() macros

metze

7 years agos3: remove duplicate fsctl fn definitions
David Disseldorp [Tue, 18 Oct 2011 11:55:22 +0000 (13:55 +0200)]
s3: remove duplicate fsctl fn definitions

Signed-off-by: Stefan Metzmacher <metze@samba.org>
7 years agolibcli: Move smb2 fsctl fn defs into common code
David Disseldorp [Tue, 18 Oct 2011 11:54:33 +0000 (13:54 +0200)]
libcli: Move smb2 fsctl fn defs into common code

Signed-off-by: Stefan Metzmacher <metze@samba.org>
7 years agos3: Remove duplicate fsctl function definitions
David Disseldorp [Tue, 18 Oct 2011 10:23:26 +0000 (12:23 +0200)]
s3: Remove duplicate fsctl function definitions

Signed-off-by: Stefan Metzmacher <metze@samba.org>
7 years agolibcli: move ioctl function field defs to smb_constants
David Disseldorp [Tue, 18 Oct 2011 09:47:05 +0000 (11:47 +0200)]
libcli: move ioctl function field defs to smb_constants

Currently there are a lot of duplicate ioctl function field definitions
between source3 and source4.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
7 years agos4-s3-upgrade rename samba-tool domain samba3upgrade --libdir to --dbdir for clarity
Andrew Bartlett [Tue, 18 Oct 2011 22:37:47 +0000 (09:37 +1100)]
s4-s3-upgrade rename samba-tool domain samba3upgrade --libdir to --dbdir for clarity

The things pointed at are not typically in a directory called lib,
so avoid confusing our administrators.

Andrew Bartlett

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Wed Oct 19 15:43:04 CEST 2011 on sn-devel-104

7 years agos4-s3-upgrade fix format string for secrets.tdb exception
Andrew Bartlett [Tue, 18 Oct 2011 22:31:40 +0000 (09:31 +1100)]
s4-s3-upgrade fix format string for secrets.tdb exception

7 years agos4-s3-upgrade test upgrade without a wins.dat
Andrew Bartlett [Wed, 19 Oct 2011 12:07:14 +0000 (23:07 +1100)]
s4-s3-upgrade test upgrade without a wins.dat

7 years agos4-s3-upgrade Fix samba3upgrade code to cope with a missing wins.dat
Andrew Bartlett [Tue, 18 Oct 2011 22:31:16 +0000 (09:31 +1100)]
s4-s3-upgrade Fix samba3upgrade code to cope with a missing wins.dat

7 years agos4-smb_server do not set credentials on gensec twice
Andrew Bartlett [Tue, 18 Oct 2011 21:31:48 +0000 (08:31 +1100)]
s4-smb_server do not set credentials on gensec twice

The samba_server_gensec_start() has already set the credentials
on the gensec_security context.

Andrew Bartlett

7 years agobuild: added deletion of stale .so and .o files
Andrew Tridgell [Wed, 19 Oct 2011 05:34:32 +0000 (16:34 +1100)]
build: added deletion of stale .so and .o files

when we change our build rules to move a C file, we need to remove the
old ('stale') .so and .o files from the build directory, or they may
be used as part of the new build, which means that old code will be
linked in.

This expands the list of stale files that we remove on rule changes to
include .so and .o files

Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>

Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Wed Oct 19 09:02:23 CEST 2011 on sn-devel-104

7 years agosamba.getopt: Add some basic tests.
Jelmer Vernooij [Wed, 19 Oct 2011 01:35:22 +0000 (03:35 +0200)]
samba.getopt: Add some basic tests.

Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Wed Oct 19 05:04:33 CEST 2011 on sn-devel-104

7 years agosamba.getopt: Keep exception message when setting a lp option fails.
Jelmer Vernooij [Tue, 18 Oct 2011 23:30:40 +0000 (01:30 +0200)]
samba.getopt: Keep exception message when setting a lp option fails.

7 years agosamba-tool: Improve getopt.py error handling
Giampaolo Lauria [Mon, 17 Oct 2011 19:34:47 +0000 (15:34 -0400)]
samba-tool: Improve getopt.py error handling

Modified code to handle -k and --kerberos options to:
1. Throw the correct exception
2. On error, display the correct user's specified option

7 years agosamba-tool: Improve getopt.py error handling
Giampaolo Lauria [Mon, 17 Oct 2011 19:31:30 +0000 (15:31 -0400)]
samba-tool: Improve getopt.py error handling

Throw an exception when the --option value is invalid

7 years agosamba-tool: Improve getopt.py error handling
Giampaolo Lauria [Mon, 17 Oct 2011 19:28:52 +0000 (15:28 -0400)]
samba-tool: Improve getopt.py error handling

Throw an exception when --option value is not in the form "a=b"

7 years agosamba-tool: Improve getopt.py error handling
Giampaolo Lauria [Mon, 17 Oct 2011 19:22:01 +0000 (15:22 -0400)]
samba-tool: Improve getopt.py error handling

Raise exception when -d or --debuglevel value is <0

7 years agos3-docs: Add a clarification note for nss_info primary group membership calculation.
Günther Deschner [Tue, 18 Oct 2011 22:31:07 +0000 (00:31 +0200)]
s3-docs: Add a clarification note for nss_info primary group membership calculation.

Guenther

Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Wed Oct 19 03:10:40 CEST 2011 on sn-devel-104

7 years agos3-docs: Document Services for Unix 2.0 (sfu20) nss_info ldap schema support.
Günther Deschner [Tue, 18 Oct 2011 22:19:58 +0000 (00:19 +0200)]
s3-docs: Document Services for Unix 2.0 (sfu20) nss_info ldap schema support.

Guenther

7 years agos3: Avoid a winbind 100% cpu loop
Volker Lendecke [Tue, 18 Oct 2011 19:36:44 +0000 (21:36 +0200)]
s3: Avoid a winbind 100% cpu loop

When a DC goes down hard, winbind can end up in a 100% CPU loop. The next
(small) RPC request to the DC ends up as a trans2 request. If the connection
goes down, we end up trying to discard the request via the loop in
cli_state_notify_pending(). Because this is a trans2 request,
cli_smb_req_unset_pending will not kick in. Thus the pending array will always
remain at length 1.

Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Wed Oct 19 01:39:35 CEST 2011 on sn-devel-104

7 years agovfs_netatalk should be using strstr_m, not strstr to find .AppleDouble paths.
Jeremy Allison [Tue, 18 Oct 2011 18:54:53 +0000 (11:54 -0700)]
vfs_netatalk should be using strstr_m, not strstr to find .AppleDouble paths.

Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Oct 19 00:05:45 CEST 2011 on sn-devel-104

7 years agoThe last argument to atalk_build_paths() is always false, remove it.
Jeremy Allison [Tue, 18 Oct 2011 18:24:35 +0000 (11:24 -0700)]
The last argument to atalk_build_paths() is always false, remove it.

7 years agolib/util: skip single hex digit at the end of the input sting - fix potential segfault
Michael Adam [Tue, 18 Oct 2011 16:10:00 +0000 (18:10 +0200)]
lib/util: skip single hex digit at the end of the input sting - fix potential segfault

The second of two digits was read without checking for the length of the input
string. For a non-zero-terminated input string, this might have caused a
segfault.

Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Tue Oct 18 22:32:59 CEST 2011 on sn-devel-104

7 years agolib/util: fix function header comment to strhex_to_str()
Michael Adam [Tue, 18 Oct 2011 16:07:54 +0000 (18:07 +0200)]
lib/util: fix function header comment to strhex_to_str()

The description did not match the function's behaviour.

7 years agolib/util: untangle assignent from check in strhex_to_str()
Michael Adam [Tue, 18 Oct 2011 16:03:10 +0000 (18:03 +0200)]
lib/util: untangle assignent from check in strhex_to_str()

7 years agos3-util: dbwrap_tool: add fetch fuctions for hex and string
Björn Baumbach [Mon, 17 Oct 2011 14:08:38 +0000 (16:08 +0200)]
s3-util: dbwrap_tool: add fetch fuctions for hex and string

Signed-off-by: Michael Adam <obnox@samba.org>
7 years agos3-util: dbwrap_tool: add store hex function
Björn Baumbach [Mon, 17 Oct 2011 14:05:52 +0000 (16:05 +0200)]
s3-util: dbwrap_tool: add store hex function

Allows the user to store hex blobs in a tdb.

Signed-off-by: Michael Adam <obnox@samba.org>
7 years agoselftest:Samba3: fix signature for check_or_start()
Michael Adam [Tue, 18 Oct 2011 09:37:25 +0000 (11:37 +0200)]
selftest:Samba3: fix signature for check_or_start()

7 years agoselftest:Samba3: fix a message printed when starting winbindd
Michael Adam [Tue, 18 Oct 2011 09:34:22 +0000 (11:34 +0200)]
selftest:Samba3: fix a message printed when starting winbindd

7 years agopdb-interface: Do not use unid_t here
Simo Sorce [Tue, 18 Oct 2011 14:44:52 +0000 (10:44 -0400)]
pdb-interface: Do not use unid_t here

This interface needs to be publicly available, unid_t here is not really useful
and makes it harder to use it as unid_t is not a public union.

Autobuild-User: Simo Sorce <idra@samba.org>
Autobuild-Date: Tue Oct 18 20:57:16 CEST 2011 on sn-devel-104

7 years agos3-auth move the s3 auth context onto gensec_ntlmssp once we start
Andrew Bartlett [Tue, 18 Oct 2011 05:34:27 +0000 (16:34 +1100)]
s3-auth move the s3 auth context onto gensec_ntlmssp once we start

We do not need it on the auth_ntlmssp_state any longer.

Andrew Bartlett

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Oct 18 13:54:36 CEST 2011 on sn-devel-104

7 years agos3-libsmb Use a gensec module to provide the ntlmssp client in ntlmssp_wrap.c
Andrew Bartlett [Tue, 18 Oct 2011 05:16:02 +0000 (16:16 +1100)]
s3-libsmb Use a gensec module to provide the ntlmssp client in ntlmssp_wrap.c

This removes the need to have if (ans->gensec_security) everywhere.

Andrew Bartlett

7 years agos3-ntlmssp split auth_ntlmssp_client_start() into two parts
Andrew Bartlett [Mon, 17 Oct 2011 09:19:11 +0000 (20:19 +1100)]
s3-ntlmssp split auth_ntlmssp_client_start() into two parts

This will allow it to be a wrapper around a gensec module, which
requires that they options be set on a context, but before the
mechanism is started.

This also simplfies the callers, by moving the lp_*() calls
into one place.

Andrew Bartlett

7 years agos3-rpc_client remove cli_auth_ntlmssp_data_destructor
Andrew Bartlett [Mon, 17 Oct 2011 09:00:02 +0000 (20:00 +1100)]
s3-rpc_client remove cli_auth_ntlmssp_data_destructor

This can be an ordinary talloc child without causing any problem.

This seems to have been inherited from a time when ntlmssp_client_start()
returned malloc() based memory.

Andrew Bartlett

7 years agos3/doc: add man page for aio_fork vfs module
Björn Jacke [Tue, 18 Oct 2011 08:54:56 +0000 (10:54 +0200)]
s3/doc: add man page for aio_fork vfs module

thanks to Volker for the content

Autobuild-User: Björn Jacke <bj@sernet.de>
Autobuild-Date: Tue Oct 18 12:24:35 CEST 2011 on sn-devel-104

7 years agos4:auth/unix_token: match s3 behavior and add uid/gid to the groups array
Stefan Metzmacher [Mon, 17 Oct 2011 12:20:45 +0000 (14:20 +0200)]
s4:auth/unix_token: match s3 behavior and add uid/gid to the groups array

If mappings use ID_TYPE_BOTH.

metze

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Tue Oct 18 10:39:54 CEST 2011 on sn-devel-104

7 years agolib/param: Remove parameters for wins and spoolss databases
Andrew Bartlett [Tue, 18 Oct 2011 00:33:33 +0000 (11:33 +1100)]
lib/param: Remove parameters for wins and spoolss databases

This removes the smb.conf parameters per-database, replacing these
with hard-coded database names in well known (and configurable)
directories.

The wins.ldb is now always in the "state dir", rather than being in
both state and lock dir (ie, a bug).

Less smb.conf parameters means less parameters to try and sync up
between the loadparm subsystems.

Andrew Bartlett

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Oct 18 05:39:54 CEST 2011 on sn-devel-104

7 years agoldb: Output more error information when a connect fails
Andrew Bartlett [Tue, 18 Oct 2011 00:30:52 +0000 (11:30 +1100)]
ldb: Output more error information when a connect fails

7 years agos3:auth_util: add the uid with WBC_ID_TYPE_BOTH also to the group array
Stefan Metzmacher [Wed, 12 Oct 2011 18:52:09 +0000 (20:52 +0200)]
s3:auth_util: add the uid with WBC_ID_TYPE_BOTH also to the group array

This will help with having "sidHistory" support in future.

metze

7 years agos3-auth: use typedefs in auth.h
Andrew Bartlett [Mon, 17 Oct 2011 04:56:44 +0000 (15:56 +1100)]
s3-auth: use typedefs in auth.h

Signed-off-by: Stefan Metzmacher <metze@samba.org>
7 years agogensec: move event context from gensec_*_init() to gensec_update()
Andrew Bartlett [Mon, 17 Oct 2011 07:22:33 +0000 (09:22 +0200)]
gensec: move event context from gensec_*_init() to gensec_update()

This avoids keeping the event context around on a the gensec_security
context structure long term.

In the Samba3 server, the event context we either supply is a NULL
pointer as no server-side modules currently use the event context.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
7 years agos3-auth fix comment after s3 ntlmssp gensec module
Andrew Bartlett [Mon, 17 Oct 2011 03:00:39 +0000 (14:00 +1100)]
s3-auth fix comment after s3 ntlmssp gensec module

Signed-off-by: Stefan Metzmacher <metze@samba.org>
7 years agogensec: move event-using code to gensec_update() hooks out of gensec_start*()
Andrew Bartlett [Mon, 17 Oct 2011 02:46:57 +0000 (13:46 +1100)]
gensec: move event-using code to gensec_update() hooks out of gensec_start*()

This ensures that only gensec_update() will require an event context argument
when the API is refactored.

Andrew Bartlett

7 years agontlmssp: Refuse to seal if we did not negotiate to sign
Andrew Bartlett [Sat, 15 Oct 2011 03:56:11 +0000 (14:56 +1100)]
ntlmssp: Refuse to seal if we did not negotiate to sign

Signed-off-by: Stefan Metzmacher <metze@samba.org>
7 years agogensec: Refuse to seal if we did not negotiate to sign
Andrew Bartlett [Sat, 15 Oct 2011 03:56:01 +0000 (14:56 +1100)]
gensec: Refuse to seal if we did not negotiate to sign

Signed-off-by: Stefan Metzmacher <metze@samba.org>
7 years agos4-auth: match the new s3 gensec client and always negotiate SIGN with SEAL
Andrew Bartlett [Sat, 15 Oct 2011 02:19:41 +0000 (13:19 +1100)]
s4-auth: match the new s3 gensec client and always negotiate SIGN with SEAL

Signed-off-by: Stefan Metzmacher <metze@samba.org>
7 years agogensec: Assert that we have not been subject to a downgrade attack in DCE/RPC clients
Andrew Bartlett [Sat, 15 Oct 2011 02:17:33 +0000 (13:17 +1100)]
gensec: Assert that we have not been subject to a downgrade attack in DCE/RPC clients

Because of the calling convention, this is the best place to assert
that we have not been subject to a downgrade attack on the negotiated
features.  (In DCE/RPC, this isn't a negotiation, the client simply
specifies the level of protection that is required).

Andrew Bartlett

(some formatting fixes)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
7 years agos3-smbd Give the nt error string when failing to set up encrypted transport
Andrew Bartlett [Tue, 11 Oct 2011 05:13:49 +0000 (16:13 +1100)]
s3-smbd Give the nt error string when failing to set up encrypted transport

Signed-off-by: Stefan Metzmacher <metze@samba.org>
7 years agos3-ntlmssp Implement the server-side auth_ntlmssp code as a GENSEC module
Andrew Bartlett [Tue, 26 Jul 2011 02:35:09 +0000 (12:35 +1000)]
s3-ntlmssp Implement the server-side auth_ntlmssp code as a GENSEC module

This uses the top level gensec_ntlmssp helper functions which are identical
to the parts of ntlmssp_wrap.c that are now not called.

(Includes formatting and correctness fixes from Metze)

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
7 years agogensec: an event context is no longer mandetory
Andrew Bartlett [Sat, 15 Oct 2011 06:27:30 +0000 (17:27 +1100)]
gensec: an event context is no longer mandetory

If you do not specify one however, you better know that the modules
you are using do not need one!

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
7 years agontlmssp: Put members from auth_ntlmssp_state into gensec_ntlmssp_state
Andrew Bartlett [Mon, 25 Jul 2011 07:43:50 +0000 (17:43 +1000)]
ntlmssp: Put members from auth_ntlmssp_state into gensec_ntlmssp_state

Signed-off-by: Stefan Metzmacher <metze@samba.org>
7 years agontlmssp: Prepare gensec_ntlmssp_start() for broader use
Andrew Bartlett [Tue, 26 Jul 2011 02:32:08 +0000 (12:32 +1000)]
ntlmssp: Prepare gensec_ntlmssp_start() for broader use

This moves the allocation of the ntlmssp pointer back to the callers.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
7 years agontlmssp: Move ntlmssp code to auth/ntlmssp
Andrew Bartlett [Mon, 25 Jul 2011 06:04:38 +0000 (16:04 +1000)]
ntlmssp: Move ntlmssp code to auth/ntlmssp

This brings in the code from both libcli/auth and
source4/auth/ntlmssp.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
7 years agobuild: compile gensec_start.c and credentials.c in the autoconf build
Andrew Bartlett [Sun, 9 Oct 2011 12:28:54 +0000 (23:28 +1100)]
build: compile gensec_start.c and credentials.c in the autoconf build

Signed-off-by: Stefan Metzmacher <metze@samba.org>
7 years agos4-s3-upgrade: Give a better clue when we cannot open secrets.tdb
Andrew Bartlett [Mon, 17 Oct 2011 01:22:44 +0000 (12:22 +1100)]
s4-s3-upgrade: Give a better clue when we cannot open secrets.tdb

Signed-off-by: Stefan Metzmacher <metze@samba.org>
7 years agos3-auth Add my copyright
Andrew Bartlett [Mon, 17 Oct 2011 21:42:25 +0000 (08:42 +1100)]
s3-auth Add my copyright

I have done plenty of work here, I deserve some of the blame :-)

Andrew Bartlett

7 years agocredentials: Prioritise command-line specified options above defaults from smb.conf
Andrew Bartlett [Mon, 17 Oct 2011 21:41:46 +0000 (08:41 +1100)]
credentials: Prioritise command-line specified options above defaults from smb.conf

If a user specified -W or --realm on the command line, then this is
of level SPECIFIED, not UNINITIALISED, despite it going via the
loadparm system.

This helps us to ensure that -W server -Ulocaluser is parsed the
same as -Userver\localuser.  This matters as otherwise we might
instead attempt to use kerberos to the realm from the smb.conf.

Andrew Bartlett

7 years agos4-selftest When testing for a credentials cache, do not specify a domain
Andrew Bartlett [Mon, 17 Oct 2011 23:03:21 +0000 (10:03 +1100)]
s4-selftest When testing for a credentials cache, do not specify a domain

If we specify a domain, then we indicate that we must use that domain
which overrides the credentials cache we found in the environment.

Andrew Bartlett

7 years agoRevert "s4: Mark the winsreplication test as knownfail"
Andrew Bartlett [Tue, 18 Oct 2011 01:18:36 +0000 (12:18 +1100)]
Revert "s4: Mark the winsreplication test as knownfail"

This reverts commit f7f6992a20dd29bd7643291e3b3d05bc8f6c9c76 because
75953f18469fa8746d9d8ad20bbbb3bcbd0df9dd solved the root cause, which
was a race in ldb startup.

Andrew Bartlett

7 years agoRevert "s4:selftest: skip flakey samba4.nbt.winsreplication for now"
Andrew Bartlett [Tue, 18 Oct 2011 01:17:37 +0000 (12:17 +1100)]
Revert "s4:selftest: skip flakey samba4.nbt.winsreplication for now"

This reverts commit 16fd935fc659555c203354b6c96fc23a55be5a3b because
75953f18469fa8746d9d8ad20bbbb3bcbd0df9dd solved the root cause, which
was a race in ldb startup.

Andrew Bartlett

7 years agoldb: fixed a race in ldb initialisation
Andrew Tridgell [Tue, 18 Oct 2011 00:21:34 +0000 (11:21 +1100)]
ldb: fixed a race in ldb initialisation

This fixes a race when two processes initialise the same ldb database
at the same time. One of them could fail due to the other creating the
@BASEINFO record first.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Tue Oct 18 03:54:42 CEST 2011 on sn-devel-104

7 years agolibsmbclient: initial ABI signatures
Andrew Tridgell [Wed, 12 Oct 2011 23:03:55 +0000 (10:03 +1100)]
libsmbclient: initial ABI signatures

7 years agolibsmbclient: add ABI checking and pc file
Andrew Tridgell [Wed, 12 Oct 2011 23:02:17 +0000 (10:02 +1100)]
libsmbclient: add ABI checking and pc file

this gives us ABI checking for libsmbclient so that the waf build will
prevent ABI breakage, and a public version number. The addition of the
pc file makes this library available via pkgconfig, including querying
of the version number

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

7 years agoFix uninitialized memory problem in group_sids_to_info3 (fixes bug #8455).
Wilco Baan Hofman [Mon, 17 Oct 2011 19:24:41 +0000 (21:24 +0200)]
Fix uninitialized memory problem in group_sids_to_info3 (fixes bug #8455).

Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Mon Oct 17 23:32:58 CEST 2011 on sn-devel-104

7 years agoFirst part of fix for bug #8419 - Make VFS op "streaminfo" stackable.
Frank Lahm [Mon, 17 Oct 2011 18:10:29 +0000 (11:10 -0700)]
First part of fix for bug #8419 - Make VFS op "streaminfo" stackable.

Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Mon Oct 17 21:39:32 CEST 2011 on sn-devel-104

7 years agos3-waf: make sure we always build example pdb modules with --enable-developer.
Günther Deschner [Mon, 17 Oct 2011 14:08:50 +0000 (16:08 +0200)]
s3-waf: make sure we always build example pdb modules with --enable-developer.

Guenther

Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Mon Oct 17 17:39:36 CEST 2011 on sn-devel-104

7 years agos3-passdb: fix the build of example pdb test module.
Günther Deschner [Mon, 17 Oct 2011 14:08:04 +0000 (16:08 +0200)]
s3-passdb: fix the build of example pdb test module.

Guenther

7 years agos3-auth: remove dead prototype.
Günther Deschner [Mon, 17 Oct 2011 13:56:08 +0000 (15:56 +0200)]
s3-auth: remove dead prototype.

Guenther

7 years agos3-waf: make sure we always build example auth modules with --enable-developer.
Günther Deschner [Mon, 17 Oct 2011 13:54:17 +0000 (15:54 +0200)]
s3-waf: make sure we always build example auth modules with --enable-developer.

Guenther

7 years agos3-auth: fix the build of skel auth example module.
Günther Deschner [Mon, 17 Oct 2011 13:53:19 +0000 (15:53 +0200)]
s3-auth: fix the build of skel auth example module.

Guenther

7 years agos4:dlz_bind9: add no memory checks
Stefan Metzmacher [Mon, 17 Oct 2011 10:10:10 +0000 (12:10 +0200)]
s4:dlz_bind9: add no memory checks

metze

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Mon Oct 17 14:07:25 CEST 2011 on sn-devel-104

7 years agos4:dlz_bind9: Copy dn before changing in b9_has_soa
Stefan Gohmann [Thu, 13 Oct 2011 13:23:58 +0000 (15:23 +0200)]
s4:dlz_bind9: Copy dn before changing in b9_has_soa

Signed-off-by: Stefan Metzmacher <metze@samba.org>
7 years agos4:dlz_bind9: add missing earch bases for windows 2000 domains
Stefan Gohmann [Fri, 16 Sep 2011 13:36:08 +0000 (15:36 +0200)]
s4:dlz_bind9: add missing earch bases for windows 2000 domains

By default the samba4 dlz_bind9 backend searches under
CN=MicrosoftDNS,DC=DomainDnsZones and CN=MicrosoftDNS,DC=ForestDnsZones.

In my samba4 test setup all DNS zones are under CN=MicrosoftDNS,CN=System.
After adding the attached patch it works fine for me.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
7 years agos3: Before adding KDC's to the krb5.conf, cldap ping them
Volker Lendecke [Wed, 12 Oct 2011 17:41:45 +0000 (19:41 +0200)]
s3: Before adding KDC's to the krb5.conf, cldap ping them

Some Kerberos libraries don't do proper failover. This fixes the situation
where a KDC exists in DNS but is not reachable for some reason.

Ported to master by Stefan Metzmacher <metze@samba.org>

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Mon Oct 17 11:25:37 CEST 2011 on sn-devel-104

7 years agoAdd cldap_multi_netlogon_send/recv
Volker Lendecke [Thu, 29 Sep 2011 11:30:30 +0000 (13:30 +0200)]
Add cldap_multi_netlogon_send/recv

Make ads_cldap_netlogon use it. It does not need the fancy multi stuff, but
excercising that code more often is better. And because we have to ask over the
network, the additional load should be neglectable.

Ported to master by Stefan Metzmacher <metze@samba.org>

7 years agos4 provision: DNS backend should be set by caller
Kai Blin [Sat, 15 Oct 2011 11:54:45 +0000 (13:54 +0200)]
s4 provision: DNS backend should be set by caller

Autobuild-User: Kai Blin <kai@samba.org>
Autobuild-Date: Mon Oct 17 09:51:12 CEST 2011 on sn-devel-104

7 years agos4 provision/dns: Clean up os level handling
Kai Blin [Sat, 15 Oct 2011 11:52:57 +0000 (13:52 +0200)]
s4 provision/dns: Clean up os level handling

7 years agos4 provision/dns: Clean up backend handling
Kai Blin [Sat, 15 Oct 2011 11:48:28 +0000 (13:48 +0200)]
s4 provision/dns: Clean up backend handling

7 years agos4 provision: Default to win2k3 domain function level
Kai Blin [Sat, 15 Oct 2011 10:36:50 +0000 (12:36 +0200)]
s4 provision: Default to win2k3 domain function level

7 years agos4 provision: Reword opinionated dns backend help text, add NONE backend
Kai Blin [Sat, 15 Oct 2011 10:27:55 +0000 (12:27 +0200)]
s4 provision: Reword opinionated dns backend help text, add NONE backend

7 years agos4 provision: Rename bind9 flatfile backend to BIND9_FLATFILE
Kai Blin [Sat, 15 Oct 2011 10:17:14 +0000 (12:17 +0200)]
s4 provision: Rename bind9 flatfile backend to BIND9_FLATFILE

7 years agoprovision: fix the doc
Matthieu Patou [Tue, 4 Oct 2011 19:06:31 +0000 (21:06 +0200)]
provision: fix the doc

Autobuild-User: Matthieu Patou <mat@samba.org>
Autobuild-Date: Sun Oct 16 01:31:21 CEST 2011 on sn-devel-104

7 years agos4-interfaces: allow pure ipv6 to work
Matthieu Patou [Sat, 15 Oct 2011 09:13:40 +0000 (11:13 +0200)]
s4-interfaces: allow pure ipv6 to work

This is the complementary part of patch
abe5afc580dcaaab70f136904d98fa83bfae7b6e for samba4.

7 years agos4: check that the xattr are supported in the folder where we want to provision
Matthieu Patou [Fri, 14 Oct 2011 09:22:20 +0000 (11:22 +0200)]
s4: check that the xattr are supported in the folder where we want to provision

By default we were checking this on the default folder for
tempfile.NamedTemporaryFile (usualy /tmp) but this folder can be mounted
on tmpfs (which didn't support xattr currently). Now we should check on
the filesystem where the provision will be done.