1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
Commit Graph

57439 Commits

Author SHA1 Message Date
Günther Deschner
ccdd1462cc s3-netlogon: make sure we protect some function codes in _netr_LogonControl2Ex().
Guenther
2009-11-04 00:55:49 +01:00
Günther Deschner
bb2e1ff631 s3-netlogon: let s3 pass against RPC-NETLOGON-S3 again.
Guenther
2009-11-04 00:55:45 +01:00
Günther Deschner
40f3f456bc s3-netlogon: implement _netr_NETLOGON_INFO_4 in netr_LogonControl2Ex() and friends as well.
Guenther
2009-11-04 00:55:18 +01:00
Günther Deschner
b3a2147497 s3-netlogon: implement remote trust account changing in netr_LogonControl2Ex() and friends.
Guenther
2009-11-04 00:55:09 +01:00
Günther Deschner
8be9ec604e security: re-run make samba3-idl after IDL change.
Guenther
2009-11-03 23:47:57 +01:00
Günther Deschner
97496bb3ca s3-lsa: fill in some more info levels in _lsa_QueryInfoPolicy().
Add dummys (just like s4 does) and fill in some more appropriate error codes.

Guenther
2009-11-03 22:19:26 +01:00
Günther Deschner
a8de4f091e s4-smbtorture: skip three info levels while testing s3 with RPC-LSA.
These are only supported by s3 when running pdb_ads atm.

Guenther
2009-11-03 22:18:09 +01:00
Günther Deschner
58d401bb21 s4-smbtorture: skip QueryInfoPolicy2 while running RPC-LSA against s3.
This is only supported by s3 when running pdb_ads atm.

Guenther
2009-11-03 22:17:05 +01:00
Günther Deschner
bff9819521 s4-smbtorture: skip QueryDomainInformationPolicy test against s3 in RPC-LSA.
Guenther
2009-11-03 22:13:28 +01:00
Günther Deschner
074ad24653 s4-smbtorture: simplify some torture_comments in RPC-LSA.
Guenther
2009-11-03 22:10:31 +01:00
Günther Deschner
463b1eb2b5 s3-passdb: cleanup some callers of pdb_get_trusteddom_pw().
Guenther
2009-11-03 22:10:31 +01:00
Jeremy Allison
31ce8eeb44 Fix debug statements to use correct function name.
Jeremy.
2009-11-03 11:22:19 -08:00
Jeremy Allison
7ae10fb892 requires_resume_key is a bool not int.
Jeremy.
2009-11-03 11:21:02 -08:00
Jeremy Allison
6a61befe37 Fix more of the RAW-SEARCH test. Older info levels are
not 4 byte aligned (levels 1 - 3).
Jeremy.
2009-11-03 11:19:24 -08:00
Stefan Metzmacher
97a32035be tsocket: rewrite tsocket_guide.txt to reflect the current APIs
metze
2009-11-03 18:26:30 +01:00
Stefan Metzmacher
eb39f66940 tsocket_bsd: return -1 and set errno to ENAMETOOLONG if the unix path is too long
metze
2009-11-03 18:24:44 +01:00
Stefan Metzmacher
9b5d1e9e35 tsocket: remove prototype of non-existing tsocket_address_inet_set_broadcast()
metze
2009-11-03 18:14:23 +01:00
Nadezhda Ivanova
25d9cc8383 Fixed some missing flags and bugs in the security creation.
Also, added some logging. It needs improvement, possibly ability to
turn in on and off via configuration file.
2009-11-03 13:33:30 +02:00
Nadezhda Ivanova
0abfc90ac9 Fixed a bug in object specific access checks. 2009-11-03 12:43:51 +02:00
Volker Lendecke
b067a5e4e8 s3: Remove debug_ctx()
smbd just crashed on me: In a debug message I called a routine preparing a
string that itself used debug_ctx. The outer routine also used it after the
inner routine had returned. It was still referencing the talloc context
that the outer debug_ctx() had given us, which the inner DEBUG had already
freed.
2009-11-03 11:30:00 +01:00
Nadezhda Ivanova
558e2deda6 Added some dn to the info in the log messages. 2009-11-03 11:27:01 +02:00
Nadezhda Ivanova
8324dbcb11 Removed the default DACL from token, as we will not be using it. 2009-11-03 10:45:01 +02:00
Jeremy Allison
f9c9dee013 Convert from numbers to correct SMB_FIND_XX constant names.
Jeremy.
2009-11-02 16:17:36 -08:00
Michael Adam
cc5b22a016 s3:registry: add an extra check for dsize==0 to regdb_fetch_keys_internal()
Don't only rely on dptr == NULL.
I stumbled over this one when rewriting some of the dbwrap_ctdb code.

Michael
2009-11-03 01:02:39 +01:00
Michael Adam
f6f2151a39 s3:registry: add safety check for return value of tdb_unpack to regdb_fetch_keys_internal()
Prevents segfaults in some situations.

(For a non existent or empty record, we sometimes rely on the fetch operation
 to return dsize==0 and sometimes we rely on dptr==NULL.)

Michael
2009-11-03 01:02:38 +01:00
Michael Adam
25bdf27eaa s3:dbwrap_ctdb: add debug message to transaction_fetch_start()
for the case that another local process has started a transaction
bewteen releasing the transaction_lock record and starting the
transaction.

Michael
2009-11-03 01:02:38 +01:00
Michael Adam
9fef6a6666 s3:dbwrap_ctdb: split combined check in two and add descriptive debug
in db_ctdb_transaction_fetch_start() for error conditions when re-fetching
the transaction_lock record inside the transaction

Michael
2009-11-03 01:02:38 +01:00
Michael Adam
f37439efd2 s3:dbwrap_ctdb: fix race condition with concurrent transactions on the same node.
In ctdb_transaction_commit(), when the trans2_commit control fails, there
is a race condition in the 1 second sleep between the local transaction_cancel
and the call to ctdb_replay_transaction(): The database is not locked, and
neither is the transaction_lock record. So another client can start and possibly
complete a new transaction in this gap, but only on the same node: The locking
of the transaction_lock record on a different node which involves migration of
the record to the other node has been disabled by introduction of the
transaction_active flag on the db which closes precisely this gap from the start
of the commit until the call to TRANS2_FINISH or TRANS2_ERROR.
But this mechanism does not cover the case where a process on the same node
tries to start a transaction: There is no obstacle to locking the transaction_lock
record because the record does not need to be migrated.

This commit closes this race condition in ctdb_transaction_fetch_start()
by using the new ctdb_ctrl_transaction_active() call to ask the local
ctdb daemon whether it has a transaction running on the database.
If so, the check is repeated until the running transaction is done.

This does introduce an additional call to the local ctdbd when starting
transactions, but it does close the (hopefully) last race condition.

Michael
2009-11-03 01:02:37 +01:00
Michael Adam
08d2a3f4bf s3:configure: add a check for the new CTDB_CONTROL_TRANS2_ACTIVE
Michael
2009-11-03 01:02:37 +01:00
Michael Adam
9be4d3dd4f s3:dbwrap_ctdb: add new db_ctdb_transaction_active() that calls CTDB_CONTROL_TRANS2_COMMIT
Michael
2009-11-03 01:02:37 +01:00
Michael Adam
9bd6b9d9f6 s3:dbwrap_ctdb: fix a race in starting concurrent transactions on a single node
There are two races in concurrent transactions on a single node.
One in starting a transaction and one with replay during commit.

This commit closes the first race by storing the client pid in the
transaction-lock record and comparing the stored pid against its own
pid after releasing the lock and refetching the record inside the
transaction.

Michael
2009-11-03 01:02:36 +01:00
Michael Adam
8d61b8abbc s3:dbwrap_ctdb: use db_ctdb_ltdb_fetch() inside db_ctdb_transaction_fetch_start
Michael
2009-11-03 01:02:36 +01:00
Michael Adam
0ec476fca1 s3:dbwrap_ctdb: use db_ctdb_ltdb_fetch() inside db_ctdb_transaction_fetch()
Michael
2009-11-03 01:02:36 +01:00
Michael Adam
4973ff66ac s3:dbwrap_ctdb: add a function db_ctdb_ltdb_fetch()
This fetches a record from the db and splits out the ctdb header.

Michael
2009-11-03 01:02:35 +01:00
Michael Adam
6a898348fa s3:dbrwap_ctdb: add a function db_ctdb_ltdb_store()
and use it in db_ctdb_store() and db_ctdb_transaction_store().

Michael
2009-11-03 01:02:35 +01:00
Michael Adam
d5aa758482 s3:dbwrap_ctdb: reformat a comment slightly to enhance clearness.
Michael
2009-11-03 01:02:35 +01:00
Jeremy Allison
494d8271d4 Fix bug 6867 - trans2findnext returns reply_nterror(req, ntstatus) In a directory with a lot of files.
Jeremy.
2009-11-02 12:15:25 -08:00
Volker Lendecke
d9bdd17522 s3: Fix a 100% CPU loop when ctdbd dies during a traverse 2009-11-02 17:02:20 +01:00
Günther Deschner
f35a1b95aa s3-gencache: restore gencache_get behavior with NULL args (with torture test).
Without this, we panic in wins_srv_is_dead() and fail to start nmbd with
wins support.

Volker, please check.

Guenther
2009-11-02 13:04:26 +01:00
Volker Lendecke
ad6ee94950 s3: Make "debug hires timestamp" default to true
It does not cost much and can help a lot when debugging
2009-11-02 10:08:39 +01:00
Andrew Bartlett
a3553658bf s4:dsdb Fix up after the MAP_ constants became LDB_MAP_ 2009-11-02 16:36:56 +11:00
Andrew Bartlett
371afc47dc s4:provision Remove LDB backend files in provision
Rather than try and remove the records in the LDB files, make the
provision remove the whole file.  This also removes the need to try
and carry forward the old ldb filenames.

Andrew Bartlett
2009-11-02 16:36:56 +11:00
Andrew Bartlett
6439bdeb3a s4:provision Split ProvisionBackend out of the main provision script
This splits the code, while keeping the original behaviour.  The
provision.py file had become just too long.

Andrew Bartlett
2009-11-02 16:36:56 +11:00
Andrew Bartlett
aa37db5a12 s4:provision Inline 'ldap_backend_shutdown' for clarity 2009-11-02 16:36:55 +11:00
Andrew Bartlett
e94bfe5efb s4:provision Fix samdb test with new provision code 2009-11-02 16:36:55 +11:00
Andrew Bartlett
4be253fe2f s4:provision Move 'Schema' into it's own file 2009-11-02 16:36:55 +11:00
Andrew Bartlett
76d289bb0e s4:provision Make 'linked_attributes' and 'dnsyntax_attributes' a property of the Schema 2009-11-02 16:36:55 +11:00
Andrew Bartlett
350e963545 s4:provision Rework provision to always have a ProvisionBackend
Rather than treat the LDAP backend as a special case, treat all
backends the same, with different callbacks.

Andrew Bartlett
2009-11-02 16:36:54 +11:00
Endi S. Dewata
e035433bab s4 - SID allocation using FDS DNA plugin 2009-11-02 16:36:54 +11:00
Endi S. Dewata
40a06c0101 s4:dsdb - Removed redundant domain SID filter. 2009-11-02 16:36:54 +11:00