1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-03 01:18:10 +03:00
Commit Graph

57589 Commits

Author SHA1 Message Date
Nadezhda Ivanova
a760f169f4 Some changes to allow processing of ldap controls on modify requests.
ldap_backend used to filter out ldap controls on modify. Also, modified
python binding for ldap_modify to allow writing tests for such controls.
2009-11-20 13:22:38 +02:00
Matthias Dieter Wallnöfer
07e971f1c1 s4:ntvfs/posix/pvfs_acl - Remove unused variable "token" 2009-11-20 12:18:45 +01:00
Stefan Metzmacher
5ca0a4bfd6 tdb: change version to 1.2.0 after adding TDB_*ALLOW_NESTING
metze
2009-11-20 09:45:43 +01:00
Stefan Metzmacher
3b9f19ed91 tdb: add TDB_DISALLOW_NESTING and make TDB_ALLOW_NESTING the default behavior
We need to keep TDB_ALLOW_NESTING as default behavior,
so that existing code continues to work.

However we may change the default together with a major version
number change in future.

metze
2009-11-20 09:45:36 +01:00
Ronnie Sahlberg
436b55db1f New attempt at TDB transaction nesting allow/disallow.
Make the default be that transaction is not allowed and any attempt to create a nested transaction will fail with TDB_ERR_NESTING.

If an application can cope with transaction nesting and the implicit
semantics of tdb_transaction_commit(), it can enable transaction nesting
by using the TDB_ALLOW_NESTING flag.
(cherry picked from ctdb commit 3e49e41c21eb8c53084aa8cc7fd3557bdd8eb7b6)

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-11-20 09:45:34 +01:00
Stefan Metzmacher
85449b7bcc tdb: always set tdb->tracefd to -1 to be safe on goto fail
metze
2009-11-20 09:45:34 +01:00
Andrew Tridgell
92eff41ca5 s4-dsdb: some more attribuutes that we should only give if asked for 2009-11-20 15:19:35 +11:00
Andrew Tridgell
18cacc506e s4-drs: we need to specifically ask for ntSecurityDescriptor
ntSecurityDescriptor is no longer included by default
2009-11-20 14:57:04 +11:00
Andrew Tridgell
51a59e8f9e s4-ldb: added a warning about ldb_msg_add_dn
ldb_msg_add_dn does not copy the dn linearized string
2009-11-20 14:41:27 +11:00
Crístian Deives
1169dd3b50 added new function "ldb_msg_add_dn"
a helper function to a DN element to an ldb_msg using ldb_msg_add_string.

Signed-off-by: Andrew Tridgell <tridge@samba.org>
2009-11-20 14:39:01 +11:00
Andrew Tridgell
f3f0c8e2ce s4-dsdb: removed attributes that should not be displayed by default
Some attributes (like ntSecurityDescriptor) are stored in our db, but
should only be displayed if asked for. This also applied to parentGUID
from old installs, which is now generated.
2009-11-20 14:19:18 +11:00
Fernando J V da Silva
086fa79d4d s4-drs: Removes stored parentGUID's creation and renaming
parentGUID is now created on demand in operational.c

Signed-off-by: Andrew Tridgell <tridge@samba.org>
2009-11-20 13:58:31 +11:00
Fernando J V da Silva
70d8db86b9 s4-drs: Synchronous Implementation of generated parentGUID
This generated parentGUID on demand, rather than getting it from the
database

Signed-off-by: Andrew Tridgell <tridge@samba.org>
2009-11-20 13:56:50 +11:00
Fernando J V da Silva
8481581dc4 s4-drs: Utility functions to deal with GUID
dsdb_find_parentguid_by_dn() returns the parentGUID for a given DN
dsdb_msg_add_guid() adds a GUID value to a given message (either
objectGUID or parentGUID).

Signed-off-by: Andrew Tridgell <tridge@samba.org>
2009-11-20 13:53:47 +11:00
Matthias Dieter Wallnöfer
a2707a3248 ldb:ldb_tdb backend/indexes - Outside API
- The outside API contains "DN" string arguments: Bad. Since in this way we
  fully rely on the outside calls regarding the right DN format. Solution: Use
  always a "struct ldb_dn" entry. Since this one is interchangeable and we can
  handle it in our preferred way.
2009-11-20 12:30:44 +11:00
Matthias Dieter Wallnöfer
afb70f9176 ldb:ldb_tdb backend/indexes - DN comparison
- DN comparison: The function doesn't seem that efficient. I "upgraded" it a bit
  to be more powerful (added a second length check and do both before the string
  comparison)
2009-11-20 12:26:37 +11:00
Andrew Tridgell
dda28a9a78 s4-dsdb: make sure mod_usn list is zeroed on each transaction 2009-11-20 12:23:55 +11:00
Andrew Tridgell
47923ea507 s4-ldb: added a double-rename test
This tests the fix for double rename/add and indexing
2009-11-20 12:23:46 +11:00
Andrew Tridgell
c99b310063 s4-ldb: when -v is specified, show progress of ldbadd/ldbmodify
This is useful for speed tests with large numbers of records.
2009-11-20 11:34:39 +11:00
Andrew Tridgell
79a43fb743 s4-ldb: make ldb tools line buffered
this prevents output being buffered when redirected to a file. Useful
for larger ldb command line operations
2009-11-20 11:34:39 +11:00
Andrew Tridgell
3b96d08b29 s4-ldb: fixed an issue in rename/modify indexing
When we rename or modify a record, we need to update the indexes at
the same time. It is important that we use the DN of the actual
message that is stored in the database to do this, not the DN that was
passed in by the user. If the two differ in case then the index
records needs to use the 'real' record DN, as index handling is
currently case sensitive.
2009-11-20 11:34:39 +11:00
Andrew Tridgell
2e46df492c s4-ldb: allow ldap.py test suite to run directly against a file
This makes it much easier to debug (as you can break in the ldb
modules by running gdb on /usr/bin/python)
2009-11-20 11:34:38 +11:00
John H Terpstra
5cd8b0e8f7 PC Oota Edits. 2009-11-19 15:41:59 -06:00
Volker Lendecke
c4c984d97d s3: Avoid races to change the machine password in winbind
The machine password handler has code to deal with every node in the cluster
trying to change the machine password at the same time. However, it is not very
nice to the DC if everyone tries this simultaneously. This adds a random 0-255
second offset to our timed event. When this fires a bit later than strictly
calculated, someone else might have stepped in and have already changed it. The
timed event handler will handle this gracefully, it won't even try to do it
again.
2009-11-19 19:04:39 +01:00
Volker Lendecke
882350b0ab s3: Protect against flooding the DC with pwchange requests
When there is a temporary problem changing passwords we flooded the DC with
pwchange requests. This gives the DC a 60-second break to recover.
2009-11-19 19:04:39 +01:00
Volker Lendecke
4d0ebc90dc s3: Re-check the timeout in machine_password_change_handler()
Someone else might have come in between and changed the password since we
created that timed request
2009-11-19 19:04:39 +01:00
Volker Lendecke
d0ef9fbce6 s3: Add some debugs to the winbind machine pwchange machinery 2009-11-19 19:04:39 +01:00
Volker Lendecke
d3d37acb99 s3: Factor timeval_string out of current_timestring() 2009-11-19 19:04:38 +01:00
Volker Lendecke
d4312e776b s3: Do not kill the whole smb session if a machine pwchange failed 2009-11-19 19:04:38 +01:00
Michael Adam
557535302c s3:pdb_ldap: fix a comment typo
Michael
2009-11-19 17:55:47 +01:00
Michael Adam
457055871a s3: shortcut uid_to_sid when "ldapsam:trusted = yes"
The normal uid_to_sid behaviour is to call sys_getpwuid()
to get the name for the given uid and then call the
getsampwnam passdb method for the resulting name.

In the ldapsam:trusted case we can reduce the uid_to_sid
operation to one simple search for the uidNumber attribute
and only get the sambaSID attribute from the correspoinding
LDAP object. This reduces the number of ldap roundtrips
for this operation.

Michael
2009-11-19 17:55:47 +01:00
Günther Deschner
fc9f199f26 s3-build: really fix build of winbind_krb5_locator.
Guenther
2009-11-19 13:48:44 +01:00
Günther Deschner
bf45447aaa s3-build: make sure to remove libds and client object files on make clean.
Guenther
2009-11-19 13:48:33 +01:00
Endi S. Dewata
3a8393c8aa s4:ldbcli - Added encoder/decoder for relax control. 2009-11-19 13:04:47 +11:00
Volker Lendecke
d1c34d4054 s3: Replace some create_synthetic_smb_fname() calls
In very hot codepaths like the statcache copy_smb_filename and the subsequent
recursive talloc_free is noticable in the CPU load.
2009-11-18 23:16:13 +01:00
Volker Lendecke
f6650f5d19 s3: Do not talloc in readdir
This is a hot codepath (called from the stat cache)
2009-11-18 23:16:13 +01:00
Michael Adam
aea3a8f501 s3:load_interfaces(): use function gfree_interfaces() that we have.
To reduce code duplication.

Michael
2009-11-18 22:19:18 +01:00
Nadezhda Ivanova
6178c17e09 Added control copying for message types other than ldb_search.
When ildap created a new message to forward, it only copied controls for ldb_search
requests. This caused controls for add and modify to be lost in transition
and tests for them could not be implemented.
2009-11-18 18:47:29 +02:00
Karolin Seeger
da8aba53d6 s3/docs: Add "max protocol = smb2" to man smb.conf.
Karolin
2009-11-18 13:05:24 +01:00
Kai Blin
054833a892 README.coding: Update rules about code blocks and braces. 2009-11-18 11:44:50 +01:00
Stefan Metzmacher
61f5adb256 selftest: Subunit/Filter.pm only allow expected failures without errors
metze
2009-11-18 08:24:13 +01:00
Stefan Metzmacher
fb685d3a8a s4:selftest: mark samba4.smb2.lock.*.VALID-REQUEST as known failure
metze
2009-11-18 08:24:13 +01:00
Stefan Metzmacher
c2a29967ea SMB2-LOCK: make use of torture_assert_*()
This is needed in order to mark tests as known failures.

metze
2009-11-18 08:24:13 +01:00
Stefan Metzmacher
77f335042b s4:ntvfs_generic: check for valid SMB2_LOCK flags
metze
2009-11-18 08:24:13 +01:00
Stefan Metzmacher
575967a5cf s4:selftest: fix logic for --option=torture:progress=no
metze
2009-11-18 06:50:24 +01:00
Stefan Metzmacher
63ff7a8db1 s4:torture/test_gentest.sh: make use of the PREFIX argument
We should not use hardcode pathes!

metze
2009-11-18 06:50:24 +01:00
Stefan Metzmacher
35775c24d3 selftest: ignore empty lines in knownfailures
metze
2009-11-18 06:50:24 +01:00
Stefan Metzmacher
053fa03cd7 selftest/output/plain.pm: report the testuite name on error
metze
2009-11-18 06:50:23 +01:00
Stefan Metzmacher
e3032d5fc8 s4:selftest: for now skip the BASE-DELAY-WRITE test completely
This test randomly fails depending on the timing
(the tests are too strict with the values introduced in
commit 0fca2b078c)
and local filesystem features (timestamp resolution).

metze
2009-11-18 06:50:23 +01:00
Stefan Metzmacher
e67445b7f7 s4:selftest: avoid running the slow BASE-DELAY-WRITE test on the cifs proxy share
It's enough to run it on the posix share.

metze
2009-11-18 06:50:23 +01:00