Stefan Metzmacher [Thu, 17 Jul 2014 10:49:48 +0000 (12:49 +0200)]
s3:lib/memcache: only include the required header files
We don't need the full "includes.h".
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
b560fac7f78b761ee279d8e87a749125665eb5d1)
Stefan Metzmacher [Thu, 17 Jul 2014 10:48:51 +0000 (12:48 +0200)]
s3:lib/memcache: make use of talloc for memcache_elements
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
91105d1057c29c5878f50678baeb1bd1a6f1abe3)
Stefan Metzmacher [Thu, 17 Jul 2014 10:41:20 +0000 (12:41 +0200)]
s3:lib/memcache: use uint8_t instead of uint8
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
d7cbc63dc7537fc9562da985b77f6d62dc41fd84)
Stefan Metzmacher [Fri, 10 Jan 2014 11:19:08 +0000 (12:19 +0100)]
s4:torture/rpc: add invalidAuthenticate2
This add 'rpc.netlogon.netlogon.invalidAuthenticate2' as new test
it demonstrates the STATUS_BUFFER_OVERFLOW on computer names
larger than 15 characters.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Jan 22 19:07:12 CET 2014 on sn-devel-104
(cherry picked from commit
38f8788d6bf7fac509dcf492214a66a8bb3ac3fc)
Stefan Metzmacher [Fri, 18 Jul 2014 09:06:50 +0000 (11:06 +0200)]
selftest/knownfail: add ^samba4.rpc.netlogon.*.invalidAuthenticate2 for v4-1-*
This works in master (>= 4.2), but not in 4.1.x.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Günther Deschner [Wed, 19 Dec 2012 12:53:23 +0000 (13:53 +0100)]
libcli/auth: also set secure channel type in netlogon_creds_client_init().
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
a9d5b2fdf03a25e7669258de6c83288be3335cef)
Jeremy Allison [Wed, 30 Jul 2014 16:56:54 +0000 (09:56 -0700)]
lib: tevent: make TEVENT_SIG_INCREMENT atomic.
On arm platforms incrementing a variable is not
an atomic operation, so may be interrupted by
signal processing (if a signal interrupts another
signal handler).
Use compiler built-ins to make this atomic.
__sync_fetch_and_add() works on gcc, llvm,
IBM xlC on AIX, and Intel icc (10.1 and
above).
atomic_add_32() works on Oracle Solaris.
Based on an inital patch from kamei@osstech.co.jp.
Bug #10640 - smbd is not responding - tevent_common_signal_handler() increments non-atomic variables
https://bugzilla.samba.org/show_bug.cgi?id=10640
Back-ported from master
536c799f00d7bdd6a574b6bdbc0e9c742eeef8b5
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE>
Karolin Seeger [Fri, 1 Aug 2014 11:17:17 +0000 (13:17 +0200)]
VERSION: Bump version up to 4.1.12.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Thu, 31 Jul 2014 13:00:27 +0000 (15:00 +0200)]
VERSION: Disable git snapshots for the 4.1.11 release.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10735
CVE-2014-3560: unstrcpy macro length is invalid
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Thu, 31 Jul 2014 12:48:01 +0000 (14:48 +0200)]
WHATSNEW: Add release notes for Samba 4.1.11.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10735
CVE-2014-3560: unstrcpy macro length is invalid
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Volker Lendecke [Tue, 22 Jul 2014 05:02:00 +0000 (07:02 +0200)]
fix unstrcpy
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10735
CVE-2014-3560: unstrcpy macro length is invalid
Stefan Metzmacher [Mon, 28 Jul 2014 08:07:54 +0000 (10:07 +0200)]
Merge tag 'samba-4.1.10' into v4-1-test
samba: tag release samba-4.1.10
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Karolin Seeger [Mon, 28 Jul 2014 07:13:45 +0000 (09:13 +0200)]
Merge commit 'origin/v4-1-test^' into v4-1-stable
This was needed because of a changed commit message (fixed version number)
in v4-1-stable after generating the 'samba-4.1.9' tag.
Karolin
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Karolin Seeger [Mon, 28 Jul 2014 07:00:36 +0000 (09:00 +0200)]
Merge tag 'samba-4.1.9' into v4-1-stable
samba: tag release samba-4.1.9
Karolin Seeger [Mon, 28 Jul 2014 06:44:32 +0000 (08:44 +0200)]
VERSION: Bump version number up to 4.1.11...
and re-enable git snapshots.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Mon, 28 Jul 2014 06:43:45 +0000 (08:43 +0200)]
VERSION: Disable git snapshots for the 4.1.10 release.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Mon, 28 Jul 2014 06:42:15 +0000 (08:42 +0200)]
WHATSNEW: Add release notes for Samba 4.1.10.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Stefan Metzmacher [Wed, 16 Jul 2014 14:17:56 +0000 (16:17 +0200)]
ldb-samba: fix a memory leak in ldif_canonicalise_objectCategory()
Searches for '(objectCategory=Person)' will leak a ldb_dn structure
on the ldb_context. These searches are typically used by Zarafa.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10469
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jul 17 00:51:57 CEST 2014 on sn-devel-104
(cherry picked from commit
8d33cddcb001a5a78aca036161d6223268274211)
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Sat Jul 19 05:25:12 CEST 2014 on sn-devel-104
Jeremy Allison [Thu, 26 Jun 2014 19:08:46 +0000 (12:08 -0700)]
s3: SMB2 : Fix leak of blocking lock records in the database.
Based on a fix from Hemanth Thummala <hemanth.thummala@gmail.com>
Bug #10673 - Increasing response times for byte range unlock requests.
The previous refactoring makes it obvious we need to call
remove_pending_lock() in all places where we are returning
from the SMB2 blocking lock call.
https://bugzilla.samba.org/show_bug.cgi?id=10673
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Jun 30 14:59:16 CEST 2014 on sn-devel-104
(cherry picked from commit
cee1531e551e5ccd5ccd4a55de226ad686919486)
Jeremy Allison [Thu, 26 Jun 2014 19:01:56 +0000 (12:01 -0700)]
s3: smb2: Simplify logic in reprocess_blocked_smb2_lock().
SMB2 blocking locks can only have one lock per request, so
there can never be any other locks to wait for.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
1a02a1e6aa15c028a848585d66cecbbdda8015b3)
Jeremy Allison [Thu, 26 Jun 2014 00:10:45 +0000 (17:10 -0700)]
s3: smb2: Remove unused code from remove_pending_lock().
SMB2 blocking locks can only have one lock per request, so
there can never be any previous locks to remove.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
508c09c6a019458bb0290fbf284e73c24feddb0e)
Stefan Metzmacher [Tue, 15 Jul 2014 10:57:29 +0000 (12:57 +0200)]
selftest/knownfail: ignore samba3.smb2.oplock.exclusive5 failures in v4-1-*
This is fixed by
20669d4a75386eef4fdcea07fb99812c4e09de13 in master.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10671
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Thu Jul 17 11:07:08 CEST 2014 on sn-devel-104
Volker Lendecke [Wed, 25 Jun 2014 08:36:47 +0000 (08:36 +0000)]
smbd: Remove 2 indentation levels
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
(cherry picked from commit
1dc5c20c8f7d8aa96fa0601bf5bf6dc69fb79d9f)
Jeremy Allison [Tue, 24 Jun 2014 21:19:30 +0000 (14:19 -0700)]
s3: smbd - Prevent file truncation on an open that fails with share mode violation.
Fix from Volker, really - just tidied up a little.
The S_ISFIFO check may not be strictly neccessary,
but doesn't hurt (might make the code a bit more complex
than it needs to be).
Fixes bug #10671 - Samba file corruption as a result of failed lock check.
https://bugzilla.samba.org/show_bug.cgi?id=10671
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
(cherry picked from commit
31b3427a417217e5e869baafdf63e633efc39d12)
[ddiss@samba.org: 4.1 backport]
Stefan Metzmacher [Mon, 7 Jul 2014 21:51:31 +0000 (23:51 +0200)]
s4:dsdb/repl_meta_data: make sure objectGUID can't be deleted
Bug: https://bugzilla.samba.org/show_bug.cgi?id=9763
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
d64bc6c9af24109e89632db9133070f2ab827c46)
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Tue Jul 15 15:01:25 CEST 2014 on sn-devel-104
Stefan Metzmacher [Thu, 10 Jul 2014 12:28:56 +0000 (14:28 +0200)]
selftest: teardown the environments also on getting SIGPIPE
make test uses
selftest.pl | subuntu-filter.py ...
FAIL_IMMEDIATELY=1 lets subuntu-filter.py exit,
which generates SIGPIPE in selftest.pl.
We should handle this just like any other signal
and teardown all environments.
This should make the teardown process more reliable/verbose.
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
b2803950fc439017680069813fc49255a3f0cbbf)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10696
backport autobuild/selftest fixes from master
Stefan Metzmacher [Thu, 10 Jul 2014 03:28:36 +0000 (05:28 +0200)]
libwbclient: allow only one initial_blob/challenge_blob in wbcCredentialCache()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10692
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Tue, 8 Jul 2014 23:36:30 +0000 (16:36 -0700)]
s3: libwbclient: Don't break out of loop too soon - find all parameters.
Fix bug #10692: wbcCredentialCache fails if challenge_blob is not first
https://bugzilla.samba.org/show_bug.cgi?id=10692
Signed-off-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Tue, 8 Jul 2014 14:19:09 +0000 (16:19 +0200)]
s4:dsdb/samldb: don't allow 'userParameters' to be modified over LDAP for now
For now it's safer to reject setting 'userParameters' via LDAP,
as we'll not provide the same behavior as a Windows Server.
If someone requires that feature please report this in the following
bug reports!
Bug: https://bugzilla.samba.org/show_bug.cgi?id=8077
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10130
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Jul 9 11:07:51 CEST 2014 on sn-devel-104
(cherry picked from commit
04e9d020c97c2dcd360b1845907f4c396d5671dc)
Andrew Bartlett [Tue, 17 Jun 2014 04:00:57 +0000 (16:00 +1200)]
dbcheck: Add check and test for various invalid userParameters values
Bug: https://bugzilla.samba.org/show_bug.cgi?id=8077
Change-Id: I6f2f4169856ce78c62e3a7e74b48520cca9cb9ae
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
9bfbff65436a088fab5d564b6c0bb122a76492bc)
Andrew Bartlett [Tue, 17 Jun 2014 04:03:22 +0000 (16:03 +1200)]
dsdb: Always store and return the userParameters as a array of LE 16-bit values
This is not allowed to be odd length, as otherwise we can not send it over the SAMR transport correctly.
Allocating one byte less memory than required causes malloc() heap corruption
and then a crash or lockup of the SAMR server.
Andrew Bartlett
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10130
Change-Id: I5c0c531c1d660141e07f884a4789ebe11c1716f6
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
d7b4d10aba90f4a1acf01d1d5ab62161862f62f7)
Andrew Bartlett [Tue, 24 Sep 2013 17:12:24 +0000 (10:12 -0700)]
dsdb: Set syntax of userParameters to binary string, not unicode string
This means we continue to store the values as given on SAMR, assuming
that the SAMR buffer is little endian. The syntax for this specific
object is forced to be a binary blob, so that it is not converted on
DRSUAPI.
This commit does not fix existing databases, nor pdb_samba_dsdb (used
by classicupgrade).
Andrew Bartlett
Bug: https://bugzilla.samba.org/show_bug.cgi?id=8077
Change-Id: I10bb6aaecc381194e3c0ce6b9163f961acbdcee1
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
1592eaa5c781af83aa64bc4e7211339e1d1eafce)
Volker Lendecke [Thu, 3 Jul 2014 10:05:55 +0000 (10:05 +0000)]
torture4: Make raw.lock.multilock fail after 20 seconds
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jul 4 00:04:10 CEST 2014 on sn-devel-104
(cherry picked from commit
0c97b7eb5359b95c0d51a3b5524e82e34243d2d1)
The last 7 patches address bug #10684 - SMB1 blocking locks can fail
notification on unlock, causing client timeout.
Volker Lendecke [Thu, 3 Jul 2014 10:05:39 +0000 (10:05 +0000)]
torture4: Adapt comment to code
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
4205463ef1815d6e86e1d1f1f57651ca30407469)
Jeremy Allison [Tue, 1 Jul 2014 19:05:07 +0000 (12:05 -0700)]
s4: smbtorture: Add multi-lock test. Regression test for bug #10684.
Bug #10684 - SMB1 blocking locks can fail notification on unlock, causing client timeout.
https://bugzilla.samba.org/show_bug.cgi?id=10684
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE>
(cherry picked from commit
64346a134dac2bd023f7473202ca38d35ffd3c89)
Jeremy Allison [Thu, 3 Jul 2014 03:51:24 +0000 (20:51 -0700)]
s3: smbd: Locking - re-add pending lock records if we fail to acquire a lock (and the lock hasn't timed out).
Keep the blocking lock record and the pending lock records consistent
if we are dealing with multiple blocking lock requests in one SMB1 LockingX
request.
Ensure we re-add the records under the record lock, to avoid race
conditions.
Bug #10684 - SMB1 blocking locks can fail notification on unlock, causing client timeout.
https://bugzilla.samba.org/show_bug.cgi?id=10684
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE>
(cherry picked from commit
954401f8b2b16b3e2ef9655e8ce94d657becce36)
Jeremy Allison [Thu, 3 Jul 2014 03:40:49 +0000 (20:40 -0700)]
s3: smbd: Locking - treat lock timeout the same as any other error.
Allows the special case in process_blocking_lock_queue()
that talks back to the client to be removed.
Bug #10684 - SMB1 blocking locks can fail notification on unlock, causing client timeout.
https://bugzilla.samba.org/show_bug.cgi?id=10684
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE>
(cherry picked from commit
cc9de6eb091159a84228b988c49261c46c301233)
Jeremy Allison [Thu, 3 Jul 2014 03:18:42 +0000 (20:18 -0700)]
s3: smbd: Locking - add and use utility function lock_timed_out().
Bug #10684 - SMB1 blocking locks can fail notification on unlock, causing client timeout.
https://bugzilla.samba.org/show_bug.cgi?id=10684
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE>
(cherry picked from commit
12be57ef3b2d1b670be7a83f29cd580938030015)
Jeremy Allison [Thu, 3 Jul 2014 00:25:22 +0000 (17:25 -0700)]
s3: smbd: Locking - convert to using utility macro used elsewhere.
Bug #10684 - SMB1 blocking locks can fail notification on unlock, causing client timeout.
https://bugzilla.samba.org/show_bug.cgi?id=10684
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE>
(cherry picked from commit
517fa80bd385c6adcfee03ea6b25599013ad88f5)
Stefan Metzmacher [Mon, 7 Jul 2014 10:00:14 +0000 (12:00 +0200)]
s4:dsdb/extended_dn_in: don't force DSDB_SEARCH_SHOW_RECYCLED
We should take the controls the caller provided when we search
for existing objects.
A search with a basedn of '<GUID=....>' should result in LDB_ERR_NO_SUCH_OBJECT
is the object has isDeleted=TRUE.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10694
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
9e6349f81edb3914d18bc50473d65c0c1f5bc113)
Stefan Metzmacher [Mon, 7 Jul 2014 20:53:19 +0000 (22:53 +0200)]
s4:dsdb/kcc: use SHOW_RECYCLED instead of SHOW_DELETED in when deleting tombstone/deleted objects
SHOW_RECYCLED implies SHOW_DELETED.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10694
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
fa177273b87d980f81f19acb2f1a9154f8c6bfd9)
Stefan Metzmacher [Thu, 3 Jul 2014 14:00:48 +0000 (16:00 +0200)]
s4:dsdb/schema_load: make error message more verbose
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
26fa0b97d0270456becb86d93723a3c8e5d58585)
Andrew Bartlett [Thu, 27 Feb 2014 02:17:35 +0000 (15:17 +1300)]
dbcheck: Ensure dbcheck can operate with --attrs set
This also includes a test to ensure we do not regress on this point.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
f596dc94e1ab839f13e2a9edbcec774635b5c211)
Andrew Bartlett [Thu, 17 Apr 2014 10:35:33 +0000 (22:35 +1200)]
kerberos: Remove un-used event context argument from smb_krb5_init_context()
The event context here was only specified in the server or admin-tool
context, which does not do network communication, so this only caused
a talloc_reference() and never any useful result.
The actual network communication code sets an event context directly
before making the network call.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Apr 28 02:24:57 CEST 2014 on sn-devel-104
(cherry picked from commit
086c06e361962e1c118d8eed2316e9df7834ae8b)
Andrew Bartlett [Thu, 17 Apr 2014 09:48:30 +0000 (21:48 +1200)]
dsdb: Specify no event context to smb_krb5_init_context() in dsdb
These routines parse principals and generate keys only, no network
communication is done.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
7a26989d4c62f38dcafc2a688b8cbaccc6499480)
Andrew Bartlett [Fri, 6 Sep 2013 03:39:50 +0000 (15:39 +1200)]
dsdb: Add DSDB_SEARCH_ONE_ONLY support to dsdb_module_search*()
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
cccc0dee04e2e3aecd82ed4cf887f9e36dd4962d)
Andrew Bartlett [Thu, 17 Apr 2014 03:39:56 +0000 (15:39 +1200)]
dsdb: Do not permit nested event loops when in a transaction, use a nested event context
It is never safe to execute arbitary code inside a transaction - we
need to get in and get out, not run other events for the rest of the
server.
This patch avoids that by creating a private event loop during
transactions, so no unexpected operations fire, and returning the
original one when we finish it.
If an event fires during an LDB transaction, an unrelated operation
can occur during the transaction, and if the transaction were to be
cancelled, there would be a silent rollback (despite the client having
been indicated success).
Additionally, other processes could be called via IRPC that need to
operate on the database but are locked out due to the ongoing
transaction.
Andrew Bartlett
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10582
Change-Id: I22322fc006e61d7291da17cdf6431416ebb7b30f
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue May 6 13:36:20 CEST 2014 on sn-devel-104
(cherry picked from commit
401f555c28aee861385b75c371b5f44cded1d391)
Andrew Bartlett [Thu, 17 Apr 2014 03:38:14 +0000 (15:38 +1200)]
dsdb: Rename private_data to rootdse_private_data in rootdse
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10582
Change-Id: I349a2be67333ada86c19cd6d2ed283cd5bbeb2aa
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
543c5bf94187473271767ad782439abbfccda00d)
Andrew Bartlett [Wed, 5 Feb 2014 03:22:11 +0000 (16:22 +1300)]
dsdb: Add more tests for DN+String and DN+Binary comparisons
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Feb 5 10:41:37 CET 2014 on sn-devel-104
(cherry picked from commit
741e5dca09053d0fc9a6e2a112113f1828a95759)
Andrew Bartlett [Thu, 3 Apr 2014 21:40:35 +0000 (10:40 +1300)]
selftest: Add tests for dbcheck detection and removal of partial objects
To avoid listing all the provision snapshots, we use a broader blacklist for waf dist
and a whitelist for dbcheck-oldrelease.sh
Andrew Bartlett
Change-Id: Iab0ff4be0b4287dc128a49302836a6f0f7b39678
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
7c2bf8d2bc5230e4bd98cc5a0f1b8f3cc56a3f77)
Andrew Bartlett [Thu, 3 Apr 2014 01:50:05 +0000 (14:50 +1300)]
dsdb: Make it harder to corrupt the database by requiring DBCHECK or RELAX for final object deletion
This kind of deletion can cause us to then replicate back a partial
object. We allow dbcheck to directly remove totally corrupt objects
(missing an objectclass) by specifying both DBCHECK and RELAX, and the
tombstone sweep after 180 days is done with the RELAX control.
Andrew Bartlett
Change-Id: Ic21f68e507ba9b65e035ca568430e35e2d001c7d
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
b19d80d0a97faffc165f068612f74d4ef8d7e5da)
Andrew Bartlett [Mon, 3 Mar 2014 01:26:36 +0000 (14:26 +1300)]
build: Exclude source4/selftest/provisions/release-4-1-0rc3 from the tarball
Change-Id: Id4ddaabb91363174d2fbef09e823f53b13912a51
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Mar 21 10:06:04 CET 2014 on sn-devel-104
(cherry picked from commit
efad13addca918e18e3df341cc38405a93028940)
Andrew Bartlett [Tue, 29 Apr 2014 21:38:34 +0000 (09:38 +1200)]
dbcheck: Directly call dn.get_rdn_{val,name}() for clarity and consistency
When looking for incorrect name values, this improves the previous
code by avoiding one more manual parse step, and uses less cryptic
variable names.
Andrew Bartlett
Change-Id: Iff8e571a6359a67bf173f729dc12b8787292b3cb
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
(cherry picked from commit
393348d11ed781d9f42049d5f996b0bab8b15d58)
Stefan Metzmacher [Thu, 13 Mar 2014 22:12:39 +0000 (23:12 +0100)]
dbchecker: verify and fix broken dn values
With older Samba versions (4.0.x) the following could happen:
- On account was created on DC1
- It was replicated to DC2
- The connection between the dcs is offline
- The account gets modified on DC2
- The account gets deleted on DC1
- The connection becomes online again
- DC1 replicates the modification from DC2,
this resets the dn to the original value.
'name' and 'cn' are correct (with '\nDEL${GUID}'),
but 'dn' is wrong.
- DC2 replicates the deletion from DC1.
this doesn't include a changed dn as DC1
had a bug.
'name' is correct (with '\nDEL${GUID}'),
but 'cn' and 'dn' are wrong.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10536
Change-Id: Ia70a6c12e0ff0d4c2c8100cb1d8f3c6422b65591
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
709ed040ec161e99b3c1f7076eac4a631149f64a)
Stefan Metzmacher [Thu, 13 Mar 2014 22:12:39 +0000 (23:12 +0100)]
dbchecker: make the deleted objects container detection more generic
Change-Id: I282ad887c41412e25fdf73476e405f4e88e0b239
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
821d7dc7b33598f72c4518f8975073b058df5960)
Andrew Bartlett [Wed, 14 May 2014 08:12:03 +0000 (20:12 +1200)]
dsdb: Do not refresh the schema using the wrong event context
What we now do is have the refresh function and module be on a
seperate object to the schema, only referring to the data and
not excuting on the original ldb and event loop.
That is, we never use another ldb context when calling the
refresh function, by binding the refresh handler to the
ldb and not the schema.
Andrew Bartlett
Change-Id: I5c323dda743cf5858badd01147fda6227599bc16
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
791c38282d681c60eaedb47803b9043991f5950d)
Andrew Bartlett [Fri, 23 May 2014 04:06:17 +0000 (16:06 +1200)]
dsdb: Do not store a struct ldb_dn in struct schema_data
The issue is that the DN contains a pointer to the ldb it belongs to,
and if this is not kept around long enough, we might reference memory
after it is de-allocated.
Andrew Bartlett
Change-Id: I040a6c37a3164b3309f370e32e598dd56b1a1bbb
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
8327321225251e312ccbd06bbefa5ebf98099f34)
Felix Botner [Mon, 24 Feb 2014 13:08:25 +0000 (14:08 +0100)]
samba-tool dbcheck: handle missing objectClass
In several cases we have seen objects without the objectClass attribute.
Here the suggestion for a patch to find such objects in "samba-tool dbcheck"
with the option to delete them.
(patch improved by Andrew Bartlett to suggest DRS re-replication)
Signed-off-by: Felix Botner <botner@univention.de>
Change-Id: I8eb0d191a2089271a9af5884d6bfbf173a5c85c6
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
5b1d6e722e254522165ec512537a2efa2b979e6f)
Andrew Bartlett [Tue, 25 Mar 2014 23:46:57 +0000 (12:46 +1300)]
dsdb: Improve missing objectClass handling
This attempts to permit deletion of objects that have no objectClass
to allow dbcheck to clean up a corrupt database. It is not complete,
the replmd_replPropertyMetaDataCtr1_sort_and_verify() call will still
fail, but this is as much as is safe to do without a way to replicate
the original issue.
Andrew Bartlett
Change-Id: If0b6c7f18e8aee587e6b3b4af878a0145f5eac37
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
74a83be540c8fa0dd0f91da25b1f9d7ccc4ec568)
Andrew Bartlett [Tue, 25 Mar 2014 23:48:17 +0000 (12:48 +1300)]
dsdb: Improve errors and checks for missing objectClass values
Change-Id: I8c4ac679accc90748d20c9c86986b127c939fa75
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
df2ef57584aab81c75012ec5d878322ff0691608)
Andrew Bartlett [Fri, 21 Mar 2014 03:56:19 +0000 (16:56 +1300)]
dsdb: Clarify how the DSDB_REPL_FLAG_PRIORITISE_INCOMING flag works
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Change-Id: Ib9f2f4ba417dbf0ee24b6e7db02d78a9bfe8850c
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
dac1411b9ef9863152932698ce8c4e0a8cc79b1c)
Andrew Bartlett [Fri, 21 Mar 2014 03:26:48 +0000 (16:26 +1300)]
dsdb: Do not update notify_uSN until the transaction is genuinely committed to the DB
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Change-Id: I734bc75ed348de8f0a5ff92e18e08de2340b8951
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
20a665ae09eb8d5affb88fe409a6130a74bd0aad)
Andrew Bartlett [Fri, 28 Feb 2014 04:49:12 +0000 (17:49 +1300)]
dsdb: Further assert that we always have an objectClass and an rDN
We must have these two elements in a replPropertyMetaData for it to be
valid.
We may have to relax this for new partition creation, but for now we
want to find and isolate the database corruption.
The printing of the LDIF is moved above the checks to make it easier
to diagnoise the failures when further reproduced.
Based initially on a patch originally by Arvid Requate <requate@univention.de>
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Change-Id: I5f583d89e6d4c5e8e2d9667f336a0e8fd8347b25
Reviewed-on: https://gerrit.samba.org/164
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Mar 17 06:44:17 CET 2014 on sn-devel-104
(cherry picked from commit
9c9df40220234cba973e84b4985d90da1334a1d1)
Andrew Bartlett [Fri, 28 Feb 2014 09:59:06 +0000 (22:59 +1300)]
dsdb: Ensure to sort replPropertyMetaData as UNSIGNED, not SIGNED quantities
enum is an int, and therefore signed. Some attributes have the high bit set.
Andrew Bartlett
Change-Id: I39a5499b7c6bbb763e15977d802cda8c69b94618
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-on: https://gerrit.samba.org/163
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Mar 14 10:16:41 CET 2014 on sn-devel-104
(cherry picked from commit
61b978872fe86906611f64430b2608f5e7ea7ad8)
Arvid Requate [Thu, 6 Feb 2014 16:50:57 +0000 (17:50 +0100)]
s4:samdb: respect SEARCH_FLAG_PRESERVEONDELETE
According to MS-ADTS section 3.1.1.5.5.1.1 the searchFlags must be
checked.
Signed-off-by: Arvid Requate <requate@univention.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Thu Feb 6 21:42:22 CET 2014 on sn-devel-104
(cherry picked from commit
98c961eb82194cd0738dbc58e4ae9f81771b409e)
Nadezhda Ivanova [Mon, 14 Oct 2013 09:38:10 +0000 (12:38 +0300)]
s4-samldb: Do not allow deletion of objects with RID < 1000
According to [MS-SAMR] 3.1.5.7 Delete Pattern we should not allow deletion
of security objects with RID < 1000. This patch will prevent deletion of
well-known accounts and groups.
Signed-off-by: Nadezhda Ivanova <nivanova@symas.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Nadezhda Ivanova <nivanova@samba.org>
Autobuild-Date(master): Mon Oct 14 13:31:50 CEST 2013 on sn-devel-104
(cherry picked from commit
13a10d43141c29dad61868b451c0c1dca82360de)
Andrew Bartlett [Fri, 6 Sep 2013 03:46:36 +0000 (15:46 +1200)]
dsdb: Use dsdb_next_callback() rather than a no-op per-module callback
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
35e56d2b71b1dcd906baa70509ec50af39504b5a)
Nadezhda Ivanova [Tue, 29 Oct 2013 16:17:27 +0000 (18:17 +0200)]
s4-dsdb: instanceType NC_HEAD is only allowed combined with WRITE for an originating add operation
As described in MS-ATDS 3.1.1.5.2.8.
Signed-off-by: Nadezhda Ivanova <nivanova@symas.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Nadezhda Ivanova <nivanova@samba.org>
Autobuild-Date(master): Sun Nov 3 16:17:30 CET 2013 on sn-devel-104
(cherry picked from commit
8a505090215501324f83dda86d146708b687abcc)
Stefan Metzmacher [Wed, 22 Jan 2014 13:14:12 +0000 (14:14 +0100)]
s4:dsdb/repl: make use of dcerpc_binding_handle_is_connected()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
0e902b83b4029320cf050a221ad41acdcdc23373)
Stefan Metzmacher [Thu, 10 Jul 2014 19:08:06 +0000 (21:08 +0200)]
s3:smb2_read: let smb2_sendfile_send_data() behave like send_file_readX()
We now pass the header to SMB_VFS_SENDFILE(), so we have to handle that also
in the fallback code.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10706
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jul 11 22:57:17 CEST 2014 on sn-devel-104
(cherry picked from commit
7c5ea400ad1f280f5c338c31a0a893154340fdb3)
Björn Jacke [Fri, 13 Jun 2014 12:14:41 +0000 (14:14 +0200)]
net/doc: make clear that net vampire is for NT4 domains only
https://bugzilla.samba.org/show_bug.cgi?id=3263
Signed-off-by: Bjoern Jacke <bj@sernet.de>
Michael Adam [Fri, 20 Jun 2014 16:08:53 +0000 (18:08 +0200)]
ldb:build: improve detection of srcdir
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
09b991b79b28c9a88742e06021bb15997aba8988)
The last 28 patches address bug #10693 - backport ldb-1.1.17 + changes from
master.
Andrew Bartlett [Wed, 16 Apr 2014 21:33:26 +0000 (09:33 +1200)]
ldb: make the successful ldb_transaction_start() message clearer
Change-Id: I00d0705484c3b53f55c4a8ec2953e92329b7408e
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sat May 3 10:20:52 CEST 2014 on sn-devel-104
(cherry picked from commit
d7c22d56d3f8be9b8293dd481fb450e3cf2343d3)
Stefan Metzmacher [Tue, 29 Apr 2014 07:37:54 +0000 (09:37 +0200)]
ldb: change version to 1.1.17
This adds some pyldb methods for ldb.Dn.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
7f03a94ffa3752ccdb28cc50033b4e2a26e2b3f2)
Stefan Metzmacher [Tue, 29 Apr 2014 07:35:31 +0000 (09:35 +0200)]
ldb:pyldb: add some more helper functions for LdbDn
This adds [g|s]et_component[|_name|_value]() and get_rdn_[name|value]().
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
771d7b8c0df9240a9638dbf06a9f04431767bbb8)
Stefan Metzmacher [Tue, 29 Apr 2014 07:34:48 +0000 (09:34 +0200)]
ldb:pyldb: fix doc string for set_extended_component()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
094c39107c0abf4951e6f7012ac06b08cae1ea04)
Stefan Metzmacher [Tue, 29 Apr 2014 07:32:45 +0000 (09:32 +0200)]
ldb:pyldb: add some const to PyObject_FromLdbValue()
PyString_FromStringAndSize() makes a copy of the value...
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
aae9da9803dd551364bc3c096e06601bb1c9ed50)
Andreas Schneider [Tue, 4 Mar 2014 12:50:41 +0000 (13:50 +0100)]
ldb: Add a env variable to disable RTLD_DEEPBIND.
We need a way to disable this in order to allow the
ldb_*ldap modules to work with a preloaded socket wrapper.
The only known user is the bind_dlz module,
but symbol versioniong might be enough...
So in future we may remove this completely
or at least invert the default behavior.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
11e87cdbb694cf542f3b7633326005abd49e43f1)
Andrew Bartlett [Wed, 5 Feb 2014 02:19:41 +0000 (15:19 +1300)]
ldb: pass module init errors back to the caller
This makes provision errors clearer in Samba, as we can now get
permission denied errors presented from LDB modules.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
(cherry picked from commit
e76bbef8b796441985550c553db1ab48d6495709)
Andrew Bartlett [Wed, 5 Feb 2014 01:52:28 +0000 (14:52 +1300)]
ldb: Return LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS rather than OPERATIONS_ERROR on EACCES and EPERM
This makes provision errors clearer in Samba.
Andrew Bartlett
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
(cherry picked from commit
673d41503c6e391337df1b86e49108d58f1af6bd)
Volker Lendecke [Sun, 15 Dec 2013 20:23:59 +0000 (21:23 +0100)]
ldb: Fix
1138330 Dereference null return value
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
e8b0726411213acb133a25c14ab42020e4a8de68)
Christian Ambach [Tue, 10 Dec 2013 16:46:30 +0000 (17:46 +0100)]
lib/ldb fix compiler warnings
about potentially uninitialized variables
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
35b4ba0193d783d85283b07f520f0af8dc2c1260)
Christian Ambach [Tue, 10 Dec 2013 16:45:58 +0000 (17:45 +0100)]
lib/ldb fix compiler warnings
about potentially uninitialized variables
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
9784ed9fb75022fcd7eaef24108ed8c6acf7f86f)
Pavel Reichl [Tue, 3 Dec 2013 14:37:20 +0000 (14:37 +0000)]
ldb: use of NULL pointer bugfix
Autobuild-User(master): Simo Sorce <idra@samba.org>
Autobuild-Date(master): Tue Dec 3 21:13:53 CET 2013 on sn-devel-104
(cherry picked from commit
4b637c367fdda832e95208f49e8893b0a0cac4b4)
Volker Lendecke [Sat, 9 Nov 2013 20:29:24 +0000 (21:29 +0100)]
ldb: Fix CID 241329 Array compared against 0
u.generate.remote_names is an array, not a pointer
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
(cherry picked from commit
d2731ad5aae9f1fb8c1c6a65a61ef787e993b248)
Volker Lendecke [Sun, 20 Oct 2013 15:29:29 +0000 (17:29 +0200)]
ldb: Fix CID 240798 Uninitialized pointer read
Not called right now, because nobody tries multiple sort attributes. But if
someone did, build_response would have looked at the uninitialized controls.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Oct 22 03:28:20 CEST 2013 on sn-devel-104
(cherry picked from commit
4e06c61b41fdde21fafaeee3c4fb3366744de9d9)
Stefan Metzmacher [Tue, 24 Sep 2013 23:30:23 +0000 (01:30 +0200)]
ldb:rdn_name: reject 'distinguishedName' depending of the MOD flags
This is what Windows 2008 R2 returns:
LDB_MOD_ADD => LDB_ERR_UNWILLING_TO_PERFORM
LDB_MOD_REPLACE => LDB_ERR_CONSTRAINT_VIOLATION
LDB_MOD_DEL => LDB_ERR_UNWILLING_TO_PERFORM
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
d2ff474766ebb104309bf1e801c54ce0f8ea0a64)
Stefan Metzmacher [Mon, 23 Sep 2013 01:39:58 +0000 (03:39 +0200)]
dsdb/tests/ldap: fix test_distinguished_name against w2k8r2
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
da7ef12b43f355fa6ff92af98645c80c85699d78)
Nadezhda Ivanova [Wed, 18 Sep 2013 22:31:24 +0000 (15:31 -0700)]
s4-openldap: Remove use of talloc_reference in ldb_map_outbound.c
Instead of referencing the values array of the element to the new element, copy them, to
avoid use of talloc_reference and remove a warning of talloc_steal with reference.
The issue is only relevant when openldap backend is used.
Signed-off-by: Nadezhda Ivanova <nivanova@symas.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
75705776929d87f1a694582261c07d1724574370)
Howard Chu [Wed, 18 Sep 2013 23:50:34 +0000 (16:50 -0700)]
Add LDB_MAP_RENDROP option
Like LDB_MAP_RENAME, but drop the attribute if it occurs in an Add request.
Used for distinguishedName attribute, is read-only and generated but for
some bizarre reason AD allows it in an Add request.
Signed-off-by: Howard Chu <hyc@symas.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
(cherry picked from commit
93f3aba5e083976a791b982b2064b619800ce110)
Howard Chu [Wed, 18 Sep 2013 05:14:20 +0000 (22:14 -0700)]
Fix SEGV from improperly formed SUBSTRING/PRESENCE filter
Signed-off-by: Howard Chu <hyc@symas.com>
Reviewed-by: Simo Sorce <idra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Thu Sep 19 01:42:43 CEST 2013 on sn-devel-104
(cherry picked from commit
d9bf88dc749cdbc34f70345b156b0117ecf2932b)
Howard Chu [Tue, 17 Sep 2013 02:02:26 +0000 (19:02 -0700)]
Cleanup map return codes
-1 was never a valid LDB return code, just use OPERATIONS_ERROR
Signed-off-by: Howard Chu <hyc@symas.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Nadezhda Ivanova <nivanova@samba.org>
Autobuild-Date(master): Tue Sep 17 07:51:45 CEST 2013 on sn-devel-104
(cherry picked from commit
6ed5b1c159867466e54a54a10adcc6c49a0a7837)
Andrew Bartlett [Fri, 6 Sep 2013 03:37:30 +0000 (15:37 +1200)]
ldb: Show the type of failing operation in default error message
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
347b2c65a4b8c219cfdae3306fdc3d793980cbed)
Jeroen Dekkers [Sun, 8 Sep 2013 22:42:39 +0000 (00:42 +0200)]
ldb: Do not build libldb-cmdline when using system ldb.
Cleanup leftover include and linking of libldb-cmdline in
oLschema2ldif. Do not build libldb-cmdline anymore when using the
system ldb, oLschema2ldif was the only reason for building
libldb-cmdline.
Signed-off-by: Jeroen Dekkers <jeroen@dekkers.ch>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Sep 10 12:52:26 CEST 2013 on sn-devel-104
(cherry picked from commit
0af09f0179c024099e0776d3794f4b3d7fb3f6f6)
Volker Lendecke [Sun, 18 Aug 2013 19:54:31 +0000 (19:54 +0000)]
ldb_map: Fix CID
1034791 Dereference null return value
Add NULL checks
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
cb598ddab6935820975042a8a307c75dba9d7e31)
Volker Lendecke [Sun, 18 Aug 2013 19:51:49 +0000 (19:51 +0000)]
pyldb: Fix CID
1034792 Dereference null return value
Add a NULL check
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
cbb5c1ce39640ffd01aeed6d87a57940e344792c)
Volker Lendecke [Sun, 18 Aug 2013 19:49:24 +0000 (19:49 +0000)]
ldb: Fix CID
1034793 Dereference null return value
Add a proper NULL check
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
15bd82550dab7a4709e92d639ee563dbc4780366)
Volker Lendecke [Fri, 16 Aug 2013 12:56:04 +0000 (12:56 +0000)]
ldb: Fix a const warning
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Simo Sorce <idra@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Sun Aug 18 10:26:27 CEST 2013 on sn-devel-104
(cherry picked from commit
06273504586733ac548ddadad6c7bc757d2d5e25)
Matthieu Patou [Thu, 27 Dec 2012 05:36:50 +0000 (21:36 -0800)]
pyldb: decrement ref counters on py_results and quiet warnings
Signed-off-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
Autobuild-User(master): Matthieu Patou <mat@samba.org>
Autobuild-Date(master): Tue Aug 6 00:32:46 CEST 2013 on sn-devel-104
(cherry picked from commit
0602009b999142187d74b74be13de8c7f64c7b24)
Garming Sam [Wed, 5 Feb 2014 02:40:59 +0000 (15:40 +1300)]
provision: capture slightly less generic exceptions during the test for acls
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
(cherry picked from commit
f279a297a4a94c5cbc049c9b2cde14b02960a76f)
The last 4 patches address bug #10703 - backport provision fixes from master.
git.samba.org / vlendec / samba-autobuild / .git / log