1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-13 13:18:06 +03:00
Commit Graph

97118 Commits

Author SHA1 Message Date
Volker Lendecke
214fc09a34 lib: Split out iov_buf[len]
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2014-12-07 00:12:07 +01:00
Volker Lendecke
a8491cb95a lib: read_data->read_data_ntstatus
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2014-12-07 00:12:07 +01:00
Volker Lendecke
97b2570a5e lib: Split out sys_[read|write] & friends
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2014-12-07 00:12:07 +01:00
Volker Lendecke
a25e913cf5 ctdb: ctdb_protocol.h references struct sockaddr
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2014-12-07 00:12:07 +01:00
Volker Lendecke
a2d6511f90 Fix signed/unsigned comparisons
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2014-12-07 00:12:07 +01:00
Volker Lendecke
6a3db15810 ctdbd_conn: Accept msgs to all registered srvids
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2014-12-07 00:12:07 +01:00
Andreas Schneider
ecd0e6e985 rwrap: Bump version to 1.1.0.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sat Dec  6 01:54:12 CET 2014 on sn-devel-104
2014-12-06 01:54:12 +01:00
Jakub Hrozek
5c0ada1d57 rwrap: Don't dereference NULL when skipping broken records.
CID: 83426
CID: 83425

Signed-off-by: Jakub Hrozek <jakub.hrozek@gmail.com>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2014-12-05 23:32:07 +01:00
Jakub Hrozek
3b3fc1a218 rwrap: Support asking for A via CNAME
Adds support for querying for an A record using a name that only expands
into a CNAME.

Signed-off-by: Jakub Hrozek <jakub.hrozek@gmail.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2014-12-05 23:32:07 +01:00
Jakub Hrozek
f5c156aac2 rwrap: Recursively add additional data
Change how we construct the fake answer such that the header and
question are added first, then the answers and finally additional data.

Signed-off-by: Jakub Hrozek <jakub.hrozek@gmail.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2014-12-05 23:32:07 +01:00
Jakub Hrozek
aa78268a49 rwrap: Make the rwrap_fake_* functions only fake RRs.
The rwrap_fake_common() function did too much. Remove it and use
separate functions to add fake header and question sections. The
rwrap_fake_$RR functions will receive packet including the header and
question and only add its RR data.

This will allow recursive processing later.

Signed-off-by: Jakub Hrozek <jakub.hrozek@gmail.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2014-12-05 23:32:06 +01:00
Jakub Hrozek
27828774c3 rwrap: CNAME record can recurse into A, AAAA or CNAME
Signed-off-by: Jakub Hrozek <jakub.hrozek@gmail.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2014-12-05 23:32:06 +01:00
Jakub Hrozek
917c3f0844 rwrap: SRV record can recurse into A or AAAA.
When querying for a SRV record, we'll need to include A or AAAA records
in additional section. Therefore, keep querying the host file until we
can either recurse the A/AAAA records or reach the recursion limit

Signed-off-by: Jakub Hrozek <jakub.hrozek@gmail.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2014-12-05 23:32:06 +01:00
Jakub Hrozek
0d128c5443 rwrap: Use the rwrap_fake_rr structure instead of raw uint8_t pointers.
Currently only one instance of the rwrap_fake_rr structure is used. Recursion
will be implemented in a future patch.

Signed-off-by: Jakub Hrozek <jakub.hrozek@gmail.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2014-12-05 23:32:06 +01:00
Jakub Hrozek
154fa401dc rwrap: Add data structures and functions to represent and manipulate RRs.
Adds a structure that, using unions represents all supported RRs. Add a
bunch of utility functions that can be used to create these structures.

Currently the functions are unused.

Signed-off-by: Jakub Hrozek <jakub.hrozek@gmail.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2014-12-05 23:32:06 +01:00
Andreas Schneider
253753ca5b rwrap: Correctly calculate the response size and return it.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2014-12-05 23:32:06 +01:00
Andreas Schneider
849bfe09b8 rwrap: Handle trailing dot in dns names.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2014-12-05 23:32:06 +01:00
Jakub Hrozek
dab427e94e rwrap: Compare dns names case insensitive.
Signed-off-by: Jakub Hrozek <jakub.hrozek@gmail.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2014-12-05 23:32:06 +01:00
Andreas Schneider
8bf949f343 lib: Add resolv_wrapper version 1.0.0.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2014-12-05 23:32:06 +01:00
Andreas Schneider
70bbb1dd3c selftest: Add the normal dns name as an alias for the main DC.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2014-12-05 23:32:06 +01:00
Andreas Schneider
9cde3aec48 testprogs: Set functional domain level to 2003.
The default changed to 2008r2 recently.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2014-12-05 23:32:06 +01:00
Martin Schwenke
a07af1bb56 ctdb-tests: Need to drop public IPs in kill-failover tests
These tests simulate a dead node rather than a CTDB failure, so drop
IP addresses when killing a "node" to avoid problems with duplicates.

To cope with a CTDB failure a watchdog would be needed to ensure that
the public IPs are dropped when CTDB dies.  Let's not do that now.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Fri Dec  5 23:29:39 CET 2014 on sn-devel-104
2014-12-05 23:29:39 +01:00
Martin Schwenke
7f3f3b15d5 ctdb-daemon: Gratuitous ARP equivalent for IPv6 is neighbor advertisement
Not neighbour solicitation.  See:

  https://tools.ietf.org/html/rfc4861#section-4.4

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2014-12-05 21:02:41 +01:00
Martin Schwenke
3a2c8bb906 ctdb-tests: More debug on SSH failure
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2014-12-05 21:02:41 +01:00
Martin Schwenke
49449f66fc ctdb-tests: Make tcpdump output more verbose
This helps with debugging.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2014-12-05 21:02:40 +01:00
Martin Schwenke
a7e7d95de9 ctdb-tests: Use ip neigh command instead of arp
Extend select_test_node_and_ips() to set $test_prefix in addition to
$test_ip.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2014-12-05 21:02:40 +01:00
Martin Schwenke
0f3d9752c4 ctdb-tests: Generalise the gratarp and tickle sniffing code for IPv6
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Pair-programmed-with: Amitay Isaacs <amitay@gmail.com>
2014-12-05 21:02:40 +01:00
Martin Schwenke
3135a8c625 ctdb-tests: Match IPv6 connections in netstat output
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2014-12-05 21:02:40 +01:00
Martin Schwenke
255705c030 ctdb-tests: Use ping_wrapper to do relevant ping or ping6
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2014-12-05 21:02:40 +01:00
Martin Schwenke
62acf5986f ctdb-tests: Extend regexps to handle IPv6 address matching
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2014-12-05 21:02:40 +01:00
Martin Schwenke
62164ec52f ctdb-tests: Bracket IP addresses in NFS mounts and scp command (for IPv6)
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2014-12-05 21:02:40 +01:00
Martin Schwenke
d9d07fff34 ctdb-tests: Try to handle IPv6 addresses for local daemons
If CTDB_USE_IPV6 is set then use IPv6 addresses for nodes and public
IPs.  This can be useful for some simple tests.  However, the node
address actually needs to be on lo so that ctdbd can bind to the port
on that address, so they actually need to be added as root before
running tests, like this:

  for i in $(seq 1 10) ; do ip addr add "fc00:10::${i}/64" dev lo ; done

IPv4 127.0.0.0/8 addresses are somehow magic and only one needs to be
on lo so that many can be bound to.

Also change the IPv4 node addresses to be (slightly) more exotic.

For both IPv4 and IPv6, choose addresses that are compatible with
socket wrapper.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Signed-off-by: Amitay Isaacs <amitay@gmail.com> (socket wrapper fixes)
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net> (socket wrapper fixes)
2014-12-05 21:02:40 +01:00
Martin Schwenke
2a83b74597 ctdb-tests: Extend regexp to match IPv6 addresses
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2014-12-05 21:02:40 +01:00
Martin Schwenke
2d480792e7 ctdb-tools: Bracket IP addresses in onnode (for IPv6)
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2014-12-05 21:02:40 +01:00
Amitay Isaacs
e3c59d83d0 ctdb-daemon: Fix IP address comparisons for IPv6 addresses
Before storing node IP address, convert into the correct abbreviated
string form for IPv6 addresses.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2014-12-05 21:02:40 +01:00
Martin Schwenke
d0b2375c3d ctdb-scripts: Wait until IPv6 addresses are not "tentative"
There are a few potential failure modes when adding an IPv6 address.
It takes a little while of duplicate address detection to complete, so
wait for a while.  After a timeout, also need to check to see if
duplicate address detection failed - if it did then actually drop the
IP address.

This really needs some careful thinking.  If CTDB disappears on a node
but the node's IP addresses are still on interfaces then the above
failure mode could cause the takeover nodes to become banned.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2014-12-05 21:02:40 +01:00
Amitay Isaacs
d4212bd6a5 ctdb-eventscripts: Specify broadcast optionally to ip addr add
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2014-12-05 21:02:40 +01:00
Martin Schwenke
108b1be0ee ctdb-daemon: Trust vnn->interface for an IP when releasing it
ctdb_sys_find_ifname() doesn't work for IPv6 addresses so don't use
it.

Trust the eventscript to do sanity checking on the interface.  Current
warnings are replaced with equivalents generated by the eventscript.
The unlikely message:

  Public IP %s is hosted on interface %s but we have no VNN

will be replaced by:

  WARNING: Public IP %s hosted on interface %s but VNN says __none__

which is clear enough.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2014-12-05 21:02:40 +01:00
Martin Schwenke
6471541d6d ctdb-scripts: Make 10.interface IPv6-safe
Add checking to "releaseip" and "updateip" to ensure that the given IP
address is really on the given interface with the given netmask.  If
reality doesn't match the given arguments then believe reality.

Use new function iptables_wrapper() instead of calling iptables()
directly.

Use new function flush_route_cache() instead of doing IPv4-specific
/proc magic.

Remove setting of otherwise unused variable "failed".

Fix a test for which the error message has changed.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2014-12-05 21:02:40 +01:00
Martin Schwenke
c314ae0b2a ctdb-scripts: New functions ip6tables() and iptables_wrapper()
ip6tables() uses the same lock as iptables().  This is done on
suspicion.

iptables_wrapper() takes 1st argument "inet" or "inet6", and the rest
is passed to the correct iptables variant.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2014-12-05 21:02:40 +01:00
Martin Schwenke
ed029ae0a1 ctdb-scripts: Add IPv6 addresses support in ip_maskbits_iface()
It also prints a third word, the address family.  This is either
"inet" or "inet6".

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2014-12-05 21:02:40 +01:00
Martin Schwenke
b41c1bdaa1 ctdb-utils: Update Nagios code to use ctdb -X
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2014-12-05 21:02:40 +01:00
Martin Schwenke
0d61b61373 ctdb-doc: Update examples to use ctdb -X
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2014-12-05 21:02:40 +01:00
Martin Schwenke
550fb8ce87 ctdb-tool: Fix "ctdb -Y ifaces" output to have trailing delimiters
In the CTDB CLI tool source code and the documentation example.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2014-12-05 21:02:40 +01:00
Martin Schwenke
2c4de75d87 ctdb-tests: Update integration tests to use ctdb -X
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2014-12-05 21:02:40 +01:00
Martin Schwenke
55df9c86c1 ctdb-tools: Update onnode and ctdb-diagnostics to use ctdb -X
Also update onnode unit tests.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2014-12-05 21:02:40 +01:00
Martin Schwenke
4940f191d3 ctdb-scripts: Update eventscripts to use ctdb -X instead of ctdb -Y
Also update associated eventscript unit tests and ctdb stub.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2014-12-05 21:02:39 +01:00
Martin Schwenke
7428f809a7 ctdb-tools: Add -X option for machine parsable output with separator '|'
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2014-12-05 21:02:39 +01:00
Martin Schwenke
3b90e45bae ctdb-tools: Add -x option to specify delimiter for machine readable output
To support this, update printm() to replace ':' in format string with
options.machineseparator, which is a string but must contain a single
character.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2014-12-05 21:02:39 +01:00
Martin Schwenke
fbacbb9c78 ctdb-tools: Produce machine readable output with new function printm()
printm() is a printf(3) replacement and must be used to printing any
machine readable output.  It currently just calls vprintf(3).  Later
it will change the field delimiter.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2014-12-05 21:02:39 +01:00