IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Add wrapper functions that connect two trees with sharenames taken
from passed option.
Signed-off-by: Ralph Boehme <rb@sernet.de>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Add a utility function that takes an option name as parameter and then
uses the value of the option 'torture:NAME' as share name in a tree
connect.
Signed-off-by: Ralph Boehme <rb@sernet.de>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
The fix missed one instance, as autobuild has just told me...
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Mon Aug 18 17:42:00 CEST 2014 on sn-devel-104
We go to a great deal of effort to avoid administrators posting their
passwords in Samba logs, and one of the ways we do that is to remove
them from internal ldif dumps Samba produces while operating as an AD
DC.
clearTextPassword is not a real attribute, but it functions as one for
an input path.
Change-Id: Iaacf3354fc9bfff18d6774f49b17a9ba962347d5
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sat Aug 16 01:05:07 CEST 2014 on sn-devel-104
Signed-Off-By: Jelmer Vernooij <jelmer@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Aug 15 05:47:51 CEST 2014 on sn-devel-104
Found with valgrind.
Signed-off-by: Andreas Schneider <asn@samba.org>
Pair-Programmed-With: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Fri Aug 8 19:01:56 CEST 2014 on sn-devel-104
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Aug 8 08:30:50 CEST 2014 on sn-devel-104
This reuses krb5_data_copy() if available, choosed not to call it
krb5_data_copy as that is easily mixed up with krb5_copy_data (which allocs the
krb5_data pointer). Thanks Simo for proposing the better name.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This code has not seen any use or development for a while. While probably
being a good source of inspiration, it will inevitably bit-rot. To really
get to a multi-threaded process model, many of the Samba libraries have
to be made thread-safe.
Why this patch? Right now I am trying to clean up our debug system,
and process_thread.c is the only reference to the _suspicious_ functions
in debug.c. The alternative would be to factor those out of debug, but
as this code is unused for so long, the alternative approach is to just
remove it.
If someone wants to restart development on a threaded process model,
the code is still around in the git history and can be resurrected easily.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Windows allow both . and @ to be specified with modifying @ record.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10742
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Use server_id_str_buf
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jul 29 00:30:55 CEST 2014 on sn-devel-104
For me, counted arrays are easier to deal with than NULL-terminated
ones. Here we also had a "server_id_is_disconnection" convention, which
was not really obvious.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Jul 21 20:28:53 CEST 2014 on sn-devel-104
We don't do any modifying operations on the database, so locking is not
needed here
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
If this fails, we'd have to revert the tdb_append. str_list_remove is
simpler :-)
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
This demonstrates that the challenge table should be global.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10723
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Sat Jul 19 12:51:39 CEST 2014 on sn-devel-104
Some clients call netr_ServerReqChallenge() and netr_ServerAuthenticate3()
on different connections. This works against Windows DCs as they
have a global challenge table.
A VMware provisioning task for Windows VMs seemy to rely on this behavior.
As a fallback we're storing the challenge in a global memcache with a fixed
size. This should allow these strange clients to work against a
Samba AD DC.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10723
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
For now it's safer to reject setting 'userParameters' via LDAP,
as we'll not provide the same behavior as a Windows Server.
If someone requires that feature please report this in the following
bug reports!
Bug: https://bugzilla.samba.org/show_bug.cgi?id=8077
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10130
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Jul 9 11:07:51 CEST 2014 on sn-devel-104
This is not allowed to be odd length, as otherwise we can not send it over the SAMR transport correctly.
Allocating one byte less memory than required causes malloc() heap corruption
and then a crash or lockup of the SAMR server.
Andrew Bartlett
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10130
Change-Id: I5c0c531c1d660141e07f884a4789ebe11c1716f6
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
This means we continue to store the values as given on SAMR, assuming
that the SAMR buffer is little endian. The syntax for this specific
object is forced to be a binary blob, so that it is not converted on
DRSUAPI.
This commit does not fix existing databases, nor pdb_samba_dsdb (used
by classicupgrade).
Andrew Bartlett
Bug: https://bugzilla.samba.org/show_bug.cgi?id=8077
Change-Id: I10bb6aaecc381194e3c0ce6b9163f961acbdcee1
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
We should take the controls the caller provided when we search
for existing objects.
A search with a basedn of '<GUID=....>' should result in LDB_ERR_NO_SUCH_OBJECT
is the object has isDeleted=TRUE.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10694
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Change-Id: Iaa168d520f124e0c43c7edd649318f0b8ee25020
Signed-off-by: Samuel Cabrero <scabrero@zentyal.com>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Kamen Mazdrashki <kamenim@samba.org>
Autobuild-Date(master): Tue Jul 8 16:51:09 CEST 2014 on sn-devel-104
Needed as there was a proposal to re-architect
our multi-lock to dispense with lock order precedence,
which isn't how Windows does it (unfortunately,
as the new code would have been cleaner :-).
Tested against the Win2k12 SMB1 implementation.
This test is designed to show that
lock precedence on the server is based
on the order received, not on the ability
to grant. For example:
A blocked lock request containing 2 locks
will be satified before a subsequent blocked
lock request over one of the same regions,
even if that region is then unlocked. E.g.
(a) lock 100->109, 120->129 (granted)
(b) lock 100->109, 120-129 (blocks)
(c) lock 100->109 (blocks)
(d) unlock 100->109
lock (c) will not be granted as lock (b)
will take precedence.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Jul 8 10:16:59 CEST 2014 on sn-devel-104
Signed-off-by: Samuel Cabrero <scabrero@zentyal.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Jul 7 07:47:44 CEST 2014 on sn-devel-104
Signed-off-by: Samuel Cabrero <scabrero@zentyal.com>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
This changes the auth code in winbindd to use this as a flag, and to
therefore contact the RW DC.
Change-Id: If4164d27b57b453b398642fdf7d46d03cd0e65f2
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Nadezhda Ivanova <nivanova@samba.org>
This eliminates a knownfail.
Change-Id: I7331a4e62ef8c1f2a9999a78865023ae19beeaca
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Nadezhda Ivanova <nivanova@samba.org>
This will allow winbindd to know when we are an RODC
without needing to dig into sam.ldb.
Change-Id: Ibdfa37fe6269305ccc5db42479f4a8db5eea53f3
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Nadezhda Ivanova <nivanova@samba.org>
If we have more than one lock and there is any blocking lock, we need
to fail with NT_STATUS_INVALID_PARAMETER. At a quick glance I did not
find this tested, so add it.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Wed Jun 25 13:37:24 CEST 2014 on sn-devel-104
Adds a new test to raw.open.
Opens a file with SHARE_NONE, writes 1 byte at offset 1023,
attempts a second open with r/w access+truncate disposition,
then checks that open fails with SHARING_VIOLATION, and
the file is not truncated (is still size 1024). Correctly
detects the bug and fixed smbd for me.
https://bugzilla.samba.org/show_bug.cgi?id=10671
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
The write should never update the time, so the fraction of the write
time delay we use is not important.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jun 24 01:44:06 CEST 2014 on sn-devel-104
This removes the hardcoded TIMEDELAY_SECS that was then made variable
by the confusing "secs" variable
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
The previous test was far, far too tight, it was in seconds 1/4 of the
fraction of the normal delay we had configured Samba to use so (1/4) *
(500 000 / 2000 000) = 1/16 (sec). This margin appears to just be too
tight for our loaded test server.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
In particular, this avoids a comparison with
double diff = timeval_elapsed() being promoted to an integer.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
The new test_fsrvp_share_sd test sets a unique ACL on the base share,
and then confirms that snapshot shares carry the same ACL.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Sat Jun 21 15:10:12 CEST 2014 on sn-devel-104
Sleep at various points in the FSRVP snapshot creation state machine,
and confirm that the state timeout is reflected in subsequent server
responses.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Attempt to trip message sequence timeouts at various points in the FSRVP
shadow-copy creation state machine.
The default timeout-injection sleep durations correspond to those
documented in MS-FSRVP (+500ms). They can also be manually set using the
"fss: sequence timeout" parameter.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Check the NumberOfSnapShotsReturned and SnapShotArraySize fields in the
FSCTL_SRV_ENUMERATE_SNAPSHOTS response match expected values.
This is a regression test for bso#10549.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
An invalid impersonation level is only allowed for durable handle reopen.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jun 18 09:42:43 CEST 2014 on sn-devel-104
This only changes instances directly before a return false, ret =
false or goto fail statement.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Thu Jun 12 10:39:38 CEST 2014 on sn-devel-104
This only changes instances directly before a return false, ret =
false or goto fail statement.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
This will make it easier in the future to NDR_PRINT a lease and
a lease key
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jun 12 03:34:41 CEST 2014 on sn-devel-104
Change-Id: Iba3913d5a1c7f851b93f37e9beb6dbb20fbf7e55
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This adds in flags that allow winbindd to request authentication
without directly calling into the auth_sam module.
That in turn will allow winbindd to call auth_samba4 and so permit
winbindd operation in the AD DC.
Andrew Bartlett
Change-Id: I27d11075eb8e1a54f034ee2fdcb05360b4203567
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
What we now do is have the refresh function and module be on a
seperate object to the schema, only referring to the data and
not excuting on the original ldb and event loop.
That is, we never use another ldb context when calling the
refresh function, by binding the refresh handler to the
ldb and not the schema.
Andrew Bartlett
Change-Id: I5c323dda743cf5858badd01147fda6227599bc16
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
The issue is that the DN contains a pointer to the ldb it belongs to,
and if this is not kept around long enough, we might reference memory
after it is de-allocated.
Andrew Bartlett
Change-Id: I040a6c37a3164b3309f370e32e598dd56b1a1bbb
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Allow us to start if we bind to *either* :: or 0.0.0.0.
Allows us to cope with systems configured as only IPv4
or only IPv6.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-By: Amitay Isaacs <amitay@gmail.com>
Reviewed-By: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Jun 7 01:01:44 CEST 2014 on sn-devel-104
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
Autobuild-User(master): Kamen Mazdrashki <kamenim@samba.org>
Autobuild-Date(master): Thu Jun 5 22:28:16 CEST 2014 on sn-devel-104
Change-Id: I659bbb317e69aee6632db8bce3c4bdb5f9ad3d8d
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Fix provided by Andy Igoshin <ai@vsu.ru>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10324
Andrew Bartlett
Change-Id: Ie94d207fed91e9dfd85ee3c3339c376b25ac5fa4
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Change-Id: I88ee188c776364fd66da388ce01fc9288aa2ded0
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This is better than skipping on every environment in the test
Andrew Bartlett
Change-Id: Ib4b114059d8f8bb05a9bdc2eca0f71310fc5a3bc
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
We now run wbinfo_simple additionally against plugin_s4_dc and dc
This also extends many of the tests to run against more environments,
hence the additional knownfail entries.
For winbind.wbclient, the fl2003dc environment has been selected not
to run with password history so as to allow the winindd.wbinfo test to
complete (once switched to running winbindd).
Andrew Bartlett
Change-Id: I475fd9937e515796b5e47c042a8bfa85f76441ca
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Change-Id: I41ed850b6424eac3fb8b6603d5b87c66bb77dd51
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Change-Id: I5580de814d5fe000d352f3c78743837d26f9422d
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This avoids a pile of shell-script escape pain, and fixes some tests.
Andrew Bartlett
Change-Id: Ie1d0e32ab484a5b0ddbc4073831fe6de27e38e92
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Samuel Cabrero <scabrero@zentyal.com>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Kamen Mazdrashki <kamenim@samba.org>
Autobuild-Date(master): Fri May 30 15:29:29 CEST 2014 on sn-devel-104
Both offer the same functionality, sec_ace_equal() will be removed.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Change-Id: I0a12c048fd4e667b9aa0777f99c8f8306fc090ea
Signed-off-by: Arvid Requate <requate@univention.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Kai Blin <kai@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon May 26 05:55:46 CEST 2014 on sn-devel-104
b9_record_match needs to consider all allowed representations of IPv6
addresses (RFC 2373), otherwise DNS subtractrdataset operations fail
due to differences in zero padding between bind9 frontend and ndr_pull
of a dnsp_DnssrvRpcRecord structure.
Change-Id: Ic0a1b16008458993dc644646d7f4ae3d3a3c5fed
Signed-off-by: Arvid Requate <requate@univention.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Kai Blin <kai@samba.org>
Reviewed-by: Guenter Kukkukk <kukks@samba.org>
If the caller provided smbXcli * pointers of an existing connection,
we can use it.
This will be used later in order to allow multiple dcerpc connections
over the same smb connection.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
There's no need for two almost identical structures.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
There's no need to make the connect timeout dynamic.
We implicitly used SMB_REQUEST_TIMEOUT which is also 60 seconds before.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Now we just dcerpc_sock.c doesn't need to maintain 'struct sock_private'
in p->transport.private_data anymore, we're just using a raw tstream_context
as p->transport.stream.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
We use information stored in the dcerpc_binding in order
to open a secondary connection.
The goals are:
- dcerpc_secondary_connection_* should just use the dcerpc_binding
information for the first connection and just call dcerpc_pipe_connect_*
- Get rid of dcerpc_pipe->transport.* and just use a tstream_context.
All other details should be maintained only by the higher levels.
- Hide dcerpc_pipe and dcecli_connection behind dcerpc_binding_handle.
- Have just one entry point to create a new connection. For source4/librpc
this will be dcerpc_pipe_connect_*. For source3/rpc_client we need
a similar function.
- We'll have a new dcerpc_connection layer, with also just one
entry point to create a new connection.
- Replace dcerpc_pipe and dcecli_connection with the new dcerpc_connection layer.
- Replace rpc_pipe_client with the new dcerpc_connection layer.
- When the client side is unified we can change the server
as it needs to act as a client in order to register the endpoint mappings.
- Then the core of the server will be changed to use the new dcerpc_connection
layer.
As dcerpc_socket_peer_addr() uses p->transport.private_data
as 'struct sock_private', we should avoid it.
We can then remove dcerpc_unix_socket_path() and 'struct sock_private'.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
We should remember local and remote ip address in dcerpc_pipe->binding.
Note: that we still have the "target_hostname" unmodified, if present.
This way dcerpc_pipe->binding can be used to create a secondary connection
that is a additional connection for the existing association group.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
It's important that the caller can remember the ips,
so that a secondary connection can use the same addresses
in order to get association group binding to work.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
The caller should be able to remember the local address that was used
for the connection.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
We use information stored in the dcerpc_binding in order
to open a secondary connection.
The goals are:
- dcerpc_secondary_connection_* should just use the dcerpc_binding
information for the first connection and just call dcerpc_pipe_connect_*
- Get rid of dcerpc_pipe->transport.* and just use a tstream_context.
All other details should be maintained only by the higher levels.
- Hide dcerpc_pipe and dcecli_connection behind dcerpc_binding_handle.
- Have just one entry point to create a new connection. For source4/librpc
this will be dcerpc_pipe_connect_*. For source3/rpc_client we need
a similar function.
- We'll have a new dcerpc_connection layer, with also just one
entry point to create a new connection.
- Replace dcerpc_pipe and dcecli_connection with the new dcerpc_connection layer.
- Replace rpc_pipe_client with the new dcerpc_connection layer.
- When the client side is unified we can change the server
as it needs to act as a client in order to register the endpoint mappings.
- Then the core of the server will be changed to use the new dcerpc_connection
layer.
As dcerpc_unix_socket_path() uses p->transport.private_data
as 'struct sock_private', we should avoid it.
We can then remove dcerpc_unix_socket_path() and 'struct sock_private'.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This adds a check to ensure that the create time returned in the SMB2
create response matches the value found in the find response.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri May 23 22:42:24 CEST 2014 on sn-devel-104
This change adds a regression test for print job purging via
SetPrinter(SPOOLSS_PRINTER_CONTROL_PURGE).
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu May 22 01:55:39 CEST 2014 on sn-devel-104
Due to insufficient input checking, the DNS server will reply to a packet that
has the "reply" bit set. Over UDP, this allows to send a packet with a spoofed
sender address and have two servers DOS each other with circular replies.
This patch fixes bug #10609 and adds a test to make sure we don't regress.
CVE-2014-2039 has been assigned to this issue.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10609
Signed-off-by: Kai Blin <kai@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Kai Blin <kai@samba.org>
Autobuild-Date(master): Tue May 20 04:15:44 CEST 2014 on sn-devel-104
This ensures these authentication modules continue to operate correctly, and that the results are consistent.
Andrew Bartlett
Change-Id: I7f63cd93e55c6f73ceeafb14f1dc265291791803
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri May 16 12:50:44 CEST 2014 on sn-devel-104
This will allow new tests to be written to validate winbindd authentication results
Andrew Bartlett
Change-Id: I008eba1de349b17ee4eb9f11be08338557dffecc
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
The only part of this code with a stored event context is now the
binding_handle created by irpc_binding_handle() when in the client
dcerpc_binding_handle_set_sync_ev() is called,
otherwise a new nested event context is created for sync calls.
Note that the FD event associated with the socket still implies
the long term event context passed to imessaging_[client]_init().
Andrew Bartlett
Change-Id: I9aeae94b26e3736370f449daa96808e6cdc2d55d
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue May 13 02:33:24 CEST 2014 on sn-devel-104
The callers do this explicitly now if required.
Change-Id: I0e6f562aac4e3c0a75149c5850eb9f96269a3caf
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
This indicates that we're using nested event loops...
Andrew Bartlett
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Change-Id: I17d530a1f338cfdbd2e4e755b6f01a44a3e7ba7a
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
This indicates that we may use nested event loops...
Andrew Bartlett
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Change-Id: Id014dcc68699c86cb99015a91a6979e30795f727
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
This indicates that we're using nested event loops...
Andrew Bartlett
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Change-Id: I7e147850566301a5ef2354b8615a044d121968b5
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
This indicates that we're using nested event loops...
Andrew Bartlett
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Change-Id: I4dcc7bf3c624612980e53b6119a60989fc2ea3b6
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
This indicates that we're using nested event loops...
Andrew Bartlett
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Change-Id: I08f21876d42197f76fe3ae10b4f464626d70bf5a
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett
Change-Id: Ia193f97f62a1cb928aa814679578f90bde212013
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett
Change-Id: I4b8e5c16bd03a038da6527cfb4c91fc874626b18
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
It is never safe to execute arbitary code inside a transaction - we
need to get in and get out, not run other events for the rest of the
server.
This patch avoids that by creating a private event loop during
transactions, so no unexpected operations fire, and returning the
original one when we finish it.
If an event fires during an LDB transaction, an unrelated operation
can occur during the transaction, and if the transaction were to be
cancelled, there would be a silent rollback (despite the client having
been indicated success).
Additionally, other processes could be called via IRPC that need to
operate on the database but are locked out due to the ongoing
transaction.
Andrew Bartlett
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10582
Change-Id: I22322fc006e61d7291da17cdf6431416ebb7b30f
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue May 6 13:36:20 CEST 2014 on sn-devel-104
Primarily following the precedent set by other uses of composite_is_ok(), but
also making sure nothing tries to use c after this point if it is in fact not
ok.
Signed-off-by: Jose A. Rivera <jarrpa@redhat.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
To avoid listing all the provision snapshots, we use a broader blacklist for waf dist
and a whitelist for dbcheck-oldrelease.sh
Andrew Bartlett
Change-Id: Iab0ff4be0b4287dc128a49302836a6f0f7b39678
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
This kind of deletion can cause us to then replicate back a partial
object. We allow dbcheck to directly remove totally corrupt objects
(missing an objectclass) by specifying both DBCHECK and RELAX, and the
tombstone sweep after 180 days is done with the RELAX control.
Andrew Bartlett
Change-Id: Ic21f68e507ba9b65e035ca568430e35e2d001c7d
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Change-Id: I10357236108f68ab749ba0e1f07558302c573887
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Change-Id: I6b90a9b62ba5821e0feedb23cd20642078ba0ca6
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Apr 29 05:28:39 CEST 2014 on sn-devel-104
The event context here was only specified in the server or admin-tool
context, which does not do network communication, so this only caused
a talloc_reference() and never any useful result.
The actual network communication code sets an event context directly
before making the network call.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Apr 28 02:24:57 CEST 2014 on sn-devel-104
These routines parse principals and generate keys only, no network
communication is done.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10517
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Apr 23 04:44:46 CEST 2014 on sn-devel-104
Add --with-systemd / --without-systemd options to check whether
libsystemd-daemon library is available and use it to report service
startup status to systemd for smbd/winbindd/nmbd and AD DC.
The problem it solves is correct reporting of the Samba services
at the point when they are ready to serve clients, important for
high availability software integration.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10517
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
