IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
We need this version, not the previous release, for Samba.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Jul 3 17:20:32 CEST 2012 on sn-devel-104
Andrew Bartlett pointed out that making CCAN a non-library will break
the build in a different way in future: when two separate private
libraries start using the same CCAN module, the symbol duplicate
detection will fire (since private libaries don't use any symbol
hiding). That doesn't happen yet, but it will surely happen
eventually.
So, for now at least, we build as a private library again. This
unfortunately means the top-level build creates a libccan.so, which
contains all the ccan modules whether you need them or not. Given the
size of the library, I don't think this is a win. But it's simple.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Autobuild-User(master): Rusty Russell <rusty@rustcorp.com.au>
Autobuild-Date(master): Sat Jun 30 11:19:04 CEST 2012 on sn-devel-104
Their AC_TRY_RUN doesn't include any current CPPFLAGS. Make
the set[res]uid checks independent of this. Needs a small
change to the waf build in order to code with the change.
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Jun 30 00:32:36 CEST 2012 on sn-devel-104
Don't expose a libccan.so; it would produce clashes if someone else
does the same thing. Unfortunately, if we just change it from a
SAMBA_LIBRARY to a SAMBA_SUBSYSTEM, it doesn't create a static library
as we'd like, but links all the object files in. This means we get
many duplicates (eg. everyone gets a copy of tally, even though only
ntdb wants it).
So, the solution is twofold:
1) Make the ccan modules separate.
2) Make the ccan modules SAMBA_SUBSYSTEMs not SAMBA_LIBRARYs so we don't
build shared libraries which we can't share.
3) Make the places which uses ccan explicit.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Autobuild-User(master): Rusty Russell <rusty@rustcorp.com.au>
Autobuild-Date(master): Fri Jun 29 06:22:44 CEST 2012 on sn-devel-104
Will allow thread-specific credentials to be added by modifying
the central definitions. Deliberately left the setXX[ug]id()
call in popt as this is not used in Samba.
Tru64 doesn't have any stdint.h
Autobuild-User(master): Björn Jacke <bj@sernet.de>
Autobuild-Date(master): Thu Jun 28 00:45:58 CEST 2012 on sn-devel-104
This helps clarify the role of this structure and wrapper function.
The purpose here is to provide helper functions to the lib/param
loadparm_context that point back at the s3 lp_ functions. This allows
a struct loadparm_context to be passed to any point in the code, and
always refer to the correct loadparm system. If this has not been
set, the variables loaded in the lib/param code will be returned.
As requested by Michael Adam.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Jun 27 17:11:16 CEST 2012 on sn-devel-104
Commit 3c4263e758 said it removed err.h
from tdb, unfortuntely it didn't: tap-interface.h still included it.
This finishes it properly!
Reported-by:Stefan Metzmacher <metze@samba.org>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Autobuild-User(master): Rusty Russell <rusty@rustcorp.com.au>
Autobuild-Date(master): Tue Jun 26 10:22:03 CEST 2012 on sn-devel-104
We use to handle UTCtime and generalized time the same way. The thing is
that it's not the case, they are different in the way they are set (most
of the time) with different format and also stored and return in
different format too.
It's not portable. While we could use ccan/err, it seems overkill since
we actually only use it in one test (I obviously cut & paste the #include).
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Autobuild-User(master): Rusty Russell <rusty@rustcorp.com.au>
Autobuild-Date(master): Fri Jun 22 09:22:28 CEST 2012 on sn-devel-104
(As suggested by Stefan Metzmacher, based on the change to ntdb.)
Since commit ec96ea690e, we handle the case
where a process dies during a transaction commit. Unfortunately, TDB_NOSYNC
means this no longer works, as it disables the recovery area as well as the
actual msync/fsync. We should do everything except the syncs.
This also means we can do a complete test with $TDB_NO_FSYNC set; just
to get more complete coverage, we disable it explicitly for one test
(where we override the actual sync calls anyway).
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
The flags returned were TDB-specific: this was only used for detecting
the endianness of obsolete databases (the conversion code was put in in
2003, with reference to Samba 2.3).
It's easier to remove it than to translate the NTDB flags to TDB flags,
and it's a really weird thing to ask for anyway.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Similar to the util_tdb versions, but return the error code.
ntdb_add_int32_atomic seems a clearer name than tdb_change_int32_atomic.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Very similar to the util_tdb versions, but these return the error.
I've only implemented those functions actually used.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
There are various issues with NTDB_CLEAR_IF_FIRST which makes it
better if we don't have to use it, but much of the code does, so
we fake up support here.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
The first function is ntdb_new: this is preferred over ntdb_open, as
it makes the ntdb_context returned (and all NTDB_DATA returned from
ntdb_fetch) valid talloc pointers.
The API is very similar to tdb_wrap_open().
Note that we handle $TDB_NO_FSYNC here, since ntdb doesn't do that
hack (and it's great for speeding up testing!).
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
In particular, this tests that we can store enough records to make the
database expand while we map the given record. We use a global lock for
this, but it could happen in theory with another process.
It also tests the that we can recurse inside ntdb_parse_record().
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Since we have a readlock, any write will grab a write lock: if it happens
to be on the same bucket, we'll fail.
For that reason, enforce read-only so every write operation fails
(even for NTDB_NOLOCK or NTDB_INTERNAL dbs), and document it!
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
NTDB_INTERNAL databases need to malloc and copy to keep old versions
around if we expand, in a similar way to the manner in which keep old
mmaps around.
Of course, it only works for read-only accesses, since the two copies
are not synced.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
This means keeping the old mmap around when we expand the database.
We could revert to read/write, except for platforms with incoherent
mmap (ie. OpenBSD), where we need to use mmap for all accesses.
Thus we keep a linked list of old maps, and unmap them when the last access
finally goes away.
This is required if we want ntdb_parse_record() callbacks to be able
to expand the database.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Since we can have multiple openers, we should leave the mmap in place
for the other openers to use. Enhance the test to check the bug (it
still works, because without mmap we fall back to read/write, but
performance would be terrible!).
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Then we unset it inside the tdb test target itself. This means that
new code can't accidently forget it, and we can set it in the
'buildnice' script on sn-devel, for example.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Occasionally, the capability test inserts multiple used records and they
clash, but our primitive test layout engine doesn't handle hash clashes
and aborts.
Force a seed value which we know doesn't clash.
Reported-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Autobuild-User(master): Rusty Russell <rusty@rustcorp.com.au>
Autobuild-Date(master): Wed Jun 20 16:50:20 CEST 2012 on sn-devel-104
This is copied from tdb; we build the utilities, but as nothing else
links against it, we shouldn't be adding anything to the normal samba
binary sizes.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Autobuild-User(master): Rusty Russell <rusty@rustcorp.com.au>
Autobuild-Date(master): Tue Jun 19 07:31:06 CEST 2012 on sn-devel-104
Update the design.lyx file with the latest status and the change in hashing.
Also, refresh and add examples to the TDB_porting.txt file.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Since we've given up on expansion, let them frob the hashsize again.
We have attributes, so we should use them for optional stuff like
this.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
TDB2 started with a top-level hash of 1024 entries, divided into 128
groups of 8 buckets. When a bucket filled, the 8 bucket group
expanded into pointers into 8 new 64-entry hash tables. When these
filled, they expanded in turn, etc.
It's a nice idea to automatically expand the hash tables, but it
doesn't pay off. Remove it for NTDB.
1) It only beats TDB performance when the database is huge and the
TDB hashsize is small. We are about 20% slower on medium-size
databases (1000 to 10000 records), worse on really small ones.
2) Since we're 64 bits, our hash tables are already twice as expensive
as TDB.
3) Since our hash function is good, it means that all groups tend to
fill at the same time, meaning the hash enlarges by a factor of 128
all at once, leading to a very large database at that point.
4) Our efficiency would improve if we enlarged the top level, but
that makes our minimum db size even worse: it's already over 8k,
and jumps to 1M after about 1000 entries!
5) Making the sub group size larger gives a shallower tree, which
performs better, but makes the "hash explosion" problem worse.
6) The code is complicated, having to handle delete and reshuffling
groups of hash buckets, and expansion of buckets.
7) We have to handle the case where all the records somehow end up with
the same hash value, which requires special code to chain records for
that case.
On the other hand, it would be nice if we didn't degrade as badly as
TDB does when the hash chains get long.
This patch removes the hash-growing code, but instead of chaining like
TDB does when a bucket fills, we point the bucket to an array of
record pointers. Since each on-disk NTDB pointer contains some hash
bits from the record (we steal the upper 8 bits of the offset), 99.5%
of the time we don't need to load the record to determine if it
matches. This makes an array of offsets much more cache-friendly than
a linked list.
Here are the times (in ns) for tdb_store of N records, tdb_store of N
records the second time, and a fetch of all N records. I've also
included the final database size and the smbtorture local.[n]tdb_speed
results.
Benchmark details:
1) Compiled with -O2.
2) assert() was disabled in TDB2 and NTDB.
3) The "optimize fetch" patch was applied to NTDB.
10 runs, using tmpfs (otherwise massive swapping as db hits ~30M,
despite plenty of RAM).
Insert Re-ins Fetch Size dbspeed
(nsec) (nsec) (nsec) (Kb) (ops/sec)
TDB (10000 hashsize):
100 records: 3882 3320 1609 53 203204
1000 records: 3651 3281 1571 115 218021
10000 records: 3404 3326 1595 880 202874
100000 records: 4317 3825 2097 8262 126811
1000000 records: 11568 11578 9320 77005 25046
TDB2 (1024 hashsize, expandable):
100 records: 3867 3329 1699 17 187100
1000 records: 4040 3249 1639 154 186255
10000 records: 4143 3300 1695 1226 185110
100000 records: 4481 3425 1800 17848 163483
1000000 records: 4055 3534 1878 106386 160774
NTDB (8192 hashsize)
100 records: 4259 3376 1692 82 190852
1000 records: 3640 3275 1566 130 195106
10000 records: 4337 3438 1614 773 188362
100000 records: 4750 5165 1746 9001 169197
1000000 records: 4897 5180 2341 83838 121901
Analysis:
1) TDB wins on small databases, beating TDB2 by ~15%, NTDB by ~10%.
2) TDB starts to lose when hash chains get 10 long (fetch 10% slower
than TDB2/NTDB).
3) TDB does horribly when hash chains get 100 long (fetch 4x slower
than NTDB, 5x slower than TDB2, insert about 2-3x slower).
4) TDB2 databases are 40% larger than TDB1. NTDB is about 15% larger
than TDB1
This is designed to allow us to make ntdb_context (and NTDB_DATA returned
from ntdb_fetch) a talloc pointer. But it can also be used for any other
alternate allocator.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
NTDB_NOSYNC now just prevents the fsync/msync calls, which speeds
testing while still providing full coverage. It also provides safety
against processes dying during transaction commit (though obviously,
not against the machine dying).
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
TDB allows this for internal databases, but it's a bad idea, since the
name is useful for logging.
They're a hassle to deal with, and we'd just end up putting "unnamed"
in there, so let the user deal with it. If they don't, they get an
informative core dump.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
The performance numbers for transaction pagesize are indeterminate:
larger pagesizes means a smaller transaction array, and a better
chance of having a contiguous record (more efficient for
ntdb_parse_record and some internal operations inside a transaction).
On the other hand, large pagesize means more I/O even if we change a
few bytes.
But it also controls the multiple by which we will enlarge the file,
and hence the minimum db size. It's 4k for tdb1, but 16k seems
reasonable in these modern times.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Now our database is always a multiple of NTDB_PGSIZE, we can remove the
special handling for the last block.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
As copied from tdb1, there is logic in the transaction code to handle
a non-PGSIZE multiple db, but in fact this only happens for a
completely unused database: as soon as we add anything to it, it is
expanded to a NTDB_PGSIZE multiple.
If we create the database with a free record which pads it out to
NTDB_PGSIZE, we can remove this last-page-is-different logic.
Of course, the fake ntdbs we create in our tests now also need to be
multiples of NTDB_PGSIZE, so we change some numbers there too.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
ntdb uses tdb's transaction code, and it has an undocumented but implicit
assumption: that the transaction recovery area is always aligned to the
transaction pagesize. This means that no block will overlap the recovery
area.
This is maintained by rounding the size of the database up, so do the same
for ntdb.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
We were missing the last few bytes. Found by 100 runs of ntdbtorture
-t -k.
The transaction test code didn't catch this, because usually those
last few bytes are irrelevant to the actual contents of the database.
We fix the test.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Our external test helper is a bit primitive when it comes to doing STORE or
FETCH commands: let us specify the data we expect, instead of assuming it's
the same as the key.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
This is a fairly common pattern in Samba, and if we log an error on
every open it spams the logs. On the other hand, other errors are
potentially more serious, so we still use NTDB_LOG_ERROR on them.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
We document that the child of a fork() can do a brunlock() if the parent
does a brlock: we should not log an error when they do this.
Also, test the case where we fork() and return inside a parse function
(which is allowed).
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
In tdb, we grab the open lock immediately after we open the file. In
ntdb, we usually did some work first. tdbtorture managed to get in
before the creator grabbed the lock:
testing with 3 processes, 5000 loops, seed=1338246020
ntdb:torture.ntdb:IO Error:ntdb_open: torture.ntdb is not a ntdb file
29023:torture.ntdb:db open failed
At cost of a little duplicated code, we can reduce the race.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
It was a hack to make compatibility easier. Since we're not doing that,
it can go away: all callers must use the return value now.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
This renames everything from tdb2 to ntdb: importantly, we no longer
use the tdb_ namespace, so you can link against both ntdb and tdb if
you want to.
This also enables building of standalone ntdb by the autobuild script.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Judging by code it's tdb1, where you needed to free old key's dptr
manually.
Signed-off-by: Kirill Smelkov <kirr@mns.spb.ru>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Fixes finding of ATTR_ROOT on GNU/kFreeBSD.
Autobuild-User(master): Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date(master): Sat Jun 16 18:54:27 CEST 2012 on sn-devel-104
This commit changes the default file server to be s3fs. Existing
installs wishing to keep the ntvfs file server need to set this in
their smb.conf:
server services = +smb -s3fs
dcerpc endpoint services = +winreg +srvsvc
Andrew Bartlett
Signed-off-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Fri Jun 15 14:20:04 CEST 2012 on sn-devel-104
We need to keep these files away from where waf might see them.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jun 15 11:10:14 CEST 2012 on sn-devel-104
This simplifies our supported configurations down to those that we test and expect
to work. security=domain and domain logons = yes has never made much sense, and
security=ads and domain logons = yes was only ever used in early experiments for
our AD support using smbd.
The correct way to be an AD DC is to set "server role = active directory domain controller"
Andrew Bartlett
This will allow us to detect from the smb.conf if this is a Samba4 AD
DC which will allow smarter handling of (for example) accidentially
starting smbd rather than samba.
To cope with upgrades from existing Samba4 installs, 'domain
controller' is a synonym of 'active directory domain controller' and
new parameters 'classic primary domain controller' and 'classic backup
domain controller' are added.
Andrew Bartlett
The IRIX compiler doesn't support '...' in a macro.
metze
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jun 14 11:26:15 CEST 2012 on sn-devel-104
Signed-off-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Tue Jun 12 15:37:16 CEST 2012 on sn-devel-104
In Samba4, the max log size parameter is not yet connected, so maxlog is 0
This means that we would, on receipt of a -HUP, have all child
processes attempt a rename.
Now we have the -HUP mean we reopen the logs unconditionally, and then
we see if the log is too large (samba3 mode) or simply proceed assuming
that someone else has renamed the logs for us.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Jun 11 13:34:43 CEST 2012 on sn-devel-104
This has to be the first header!
metze
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Jun 11 01:21:01 CEST 2012 on sn-devel-104
Solaris has no err.h, so use CCAN replacement.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Autobuild-User(master): Rusty Russell <rusty@rustcorp.com.au>
Autobuild-Date(master): Sat Jun 9 12:07:15 CEST 2012 on sn-devel-104
This adds tevent_*_trace_*() and tevent_context_init_ops()
metze
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Jun 8 20:47:41 CEST 2012 on sn-devel-104
Set/get a single callback function to be invoked at various trace
points. Define "before wait" and "after wait" trace points - more
trace points can be added later if required.
CTDB wants this to log long waits and events.
Pair-programmed-with: Amitay Isaacs <amitay@gmail.com>
Signed-off-by: Martin Schwenke <martin@meltin.net>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
This makes it consistent with the other backends.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Autobuild-User(master): Rusty Russell <rusty@rustcorp.com.au>
Autobuild-Date(master): Fri Jun 8 09:14:26 CEST 2012 on sn-devel-104
From: Andrew Bartlett <abartlet@samba.org>
This code is incredibly useful, but is only needed in test code and may not be
perfectly portable. It has compiled on all systems bar Solaris so far, but
rather than make it a requirement to build Samba, just keep it for development.
Andrew Bartlett
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Autobuild-User(master): Rusty Russell <rusty@rustcorp.com.au>
Autobuild-Date(master): Thu Jun 7 18:53:12 CEST 2012 on sn-devel-104
They weren't being built when we were at top-level, because the globs
were wrong. Just open-code the test names, which always works.
Reported-by: Andrew Bartlett
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
something like this on World IPv6 Day II ... ;-)
Autobuild-User(master): Björn Jacke <bj@sernet.de>
Autobuild-Date(master): Thu Jun 7 03:09:49 CEST 2012 on sn-devel-104
Autoconf 2.68 NEWS says:
** The macros AC_PREPROC_IFELSE, AC_COMPILE_IFELSE, AC_LINK_IFELSE, and
AC_RUN_IFELSE now warn if the first argument failed to use
AC_LANG_SOURCE or AC_LANG_PROGRAM to generate the conftest file
contents. A new macro AC_LANG_DEFINES_PROVIDED exists if you have
a compelling reason why you cannot use AC_LANG_SOURCE but must
avoid the warning.
Signed-off-by: Martin Schwenke <martin@meltin.net>
As GIT didn't realise this was a copy out of lib/system.c, this should
make it easier to track the copyright holders on this file. Herb's
name wasn't on the original file, but was the only other author I
could find in the git logs.
I've added my copyright here too.
Andrew Bartlett
Found by callcatcher
This has been unsused since
commit 61f0b24763
Author: Günther Deschner <gd@samba.org>
Date: Thu Nov 12 15:42:03 2009 +0100
s3-kerberos: remove smb_krb5_get_tkt_from_creds().
Now that cli_krb5_get_ticket() already handles S4U2SELF impersonation, remove
smb_krb5_get_tkt_from_creds() which is not required anymore.
Guenther
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Sun Jun 3 13:04:06 CEST 2012 on sn-devel-104
This avoids redefining the system xattr functions, which should fix MacOS.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Sun Jun 3 09:46:44 CEST 2012 on sn-devel-104
We need undo the rep_ macro to call the real OS function.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Sun Jun 3 06:21:21 CEST 2012 on sn-devel-104
The autoconf Samba build will return to over-linking with -lattr on
systems with both the XFS compat API and native xattrs.
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Sun Jun 3 03:56:05 CEST 2012 on sn-devel-104
This should fix the build on IRIX.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Sun Jun 3 02:05:35 CEST 2012 on sn-devel-104
By the kind consent of the copyright holders. (There wasn't any code from tridge
in the code brought in from source3/lib/system.c).
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Sat Jun 2 04:00:42 CEST 2012 on sn-devel-104
Signed-off-by: Andreas Schneider <asn@samba.org>
Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Fri Jun 1 11:23:21 CEST 2012 on sn-devel-104
This is also where the related krb5_princ_component is declared.
Also fix the configure check to use the correct name
This helps the autoconf build on Heimdal.
Andrew Bartlett
This will allow us to create just one list of the FN_ macros, included
into both parameter systems.
This will in turn allow the actual parameter definitions
to be merged in a similar way.
Andrew Bartlett
These now use waf dist, and the script/librelease.sh script as a wrapper.
The mksyms.sh call in the source3/Makefile uses the copy in source3/script
Andrew Bartlett
These now use waf dist, and the script/librelease.sh script as a wrapper.
The mksyms.sh call in the source3/Makefile uses the copy in source3/script
Andrew Bartlett
These now use waf dist, and the script/librelease.sh script as a wrapper.
The mksyms.sh call in the source3/Makefile uses the copy in source3/script
Andrew Bartlett
We simply do not need this library any more.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Sun May 27 11:08:22 CEST 2012 on sn-devel-104
After discussion with Kai move dns_hosts_file to a separate subsystem
and merge it into libaddns private library for s3/s4 client use.
Also remove dependency in libcli/nbt, the code from libcli/dns subsystems
is not used there at all.
Autobuild-User: Alexander Bokovoy <ab@samba.org>
Autobuild-Date: Fri May 25 22:22:44 CEST 2012 on sn-devel-104
After consolidating DNS resolver code to lib/addns, there is one piece
that still needs to be moved into a common DNS resolver library: DNS_HOSTS_FILE
subsystem. Unfortunately, direct move would require lib/addns to depend on
libcli/util/{ntstatus.h,werror.h} (provided by errors subsystem).
In addition, moving libcli/dns/* code to lib/addns/ would make conflicting
the dns_tkey_record struct. The conflict comes from source4/dns_server/ and is due
to use of IDL to define the struct. lib/addns/ library also provides its own definition
so we either need to keep them in sync (rewrite code in lib/addns/ a bit) or
depend on generated IDL headers.
Thus, making a private library and subsystem clidns is an intermediate step
that allows to buy some time fore refactoring.
System MIT krb5 build also enabled by specifying --without-ad-dc
When --with-system-mitkrb5 (or --withou-ad-dc) option is passed to top level
configure in WAF build we are trying to detect and use system-wide MIT krb5
libraries. As result, Samba 4 DC functionality will be disabled due to the fact
that it is currently impossible to implement embedded KDC server with MIT krb5.
Thus, --with-system-mitkrb5/--without-ad-dc build will only produce
* Samba 4 client libraries and their Python bindings
* Samba 3 server (smbd, nmbd, winbindd from source3/)
* Samba 3 client libraries
In addition, Samba 4 DC server-specific tests will not be compiled into smbtorture.
This in particular affects spoolss_win, spoolss_notify, and remote_pac rpc tests.
After migrating to use libaddns, reply_to_addrs() needed to change the
way answers are iterated through. Originally libroken implementation
gave all answers as separate records with last one being explicitly NULL.
libaddns unmarshalling code gives all non-NULL answers and should be
iterated with explicit reply->num_answers in use.
In case krb5_cc_get_lifetime is not available, iterate over
existing tickets in the keytab, find the one marked as TKT_FLAG_INITIAL,
and use its lifetime. This is how it is implemented in Heimdal and
how it was suggested to be done by MIT Kerberos developers.
We need to ifdef out some minor things here because there is no available API
to set these options in MIT.
The realm and canonicalize options should be not interesting in the client
case. Same for the send_to_kdc hacks.
Also the OLD DES3 enctype is not at all interesting. I am not aware that
Windows will ever use DES3 and no modern implementation relies on that enctype
anymore as it has been fully deprecated long ago, so we can simply ignore it.
"security=server" has a lot of problems in the world with
modern security (ntlmv2 and krb5). It was also not very
reliable, as it needed a stable connection to the password
server for the lifetime of the whole client connection!
Please use "security=domain" or "security=ads" is you
authentication against remote servers (domain controllers).
metze
--------------
/ \
/ REST \
/ IN \
/ PEACE \
/ \
| SEC_SERVER |
| security=server |
| |
| |
| 12 May |
| |
| 2012 |
*| * * * | *
_________)/\\_//(\/(/\)/\//\/\///|_)_______
This has been around since a long time: In non-developer builds,
we don't panic in SMB_ASSERT but happly continue with the error
condition, which is ridiculous and dangerous...
TIME_T_MAX is not actually INT64_MAX at the moment, so check both
values and set to the magic end-of-time value.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue May 8 06:41:43 CEST 2012 on sn-devel-104
This makes it simpler to slowly integrate MIT support and also amkes it
somewhat clearer what operation is really requested.
The 24u2 part is really only used by the cifs proxy code so we can temporarily
disable it in the MIT build w/o major consequences.
mktemp always returns the template, so checking for NULL doesn't cactch any
error. Errors are reported by turning the template into an empty string.
Autobuild-User: Simo Sorce <idra@samba.org>
Autobuild-Date: Thu Apr 26 16:14:24 CEST 2012 on sn-devel-104
With waf build include directories are defined by dependencies specified to subsystems.
Without proper dependency <gssapi/gssapi.h> cannot be found for embedded Heimdal builds
when there are no system-wide gssapi/gssapi.h available.
Split out GSSAPI header includes in a separate replacement header and use that explicitly
where needed.
Autobuild-User: Alexander Bokovoy <ab@samba.org>
Autobuild-Date: Wed Apr 25 00:18:33 CEST 2012 on sn-devel-104
This use long to fetch time_t quantities, because there are architectures were
time_t is a signed long but long != int, So long is the proper way to deal with
it.
Setting "syslog only = yes" did not divert log messages to syslog. The test in
lib/util/debug.c:Debug1():747
if( syslog_level < state.settings.syslog )
produces wrong results since .syslog is typed "bool" rather than "int".
The attached patch fixes this by typing this field correctly as "int".
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Fri Apr 20 00:06:12 CEST 2012 on sn-devel-104
This removes the difference between many of the key elements of the global
parameters table, and makes it easier to merge the two tables.
Andrew Bartlett
This removes the difference between many of the key elements of the global
parameters table, and makes it easier to merge the two tables.
Andrew Bartlett
The issue is that there are two different sources of the malloc
prototype, and they both need to be included otherwise the failtest
overrides chokes on the headers.
Andrew Bartlett
This ensures that when operating ldbadd and ldbmodify against local
ldb files, either an ldif file succeeds or fails as a whole.
Also tests to verify that this is working correctly, and an ABI bump
due to the extra (private, but exported to ldb* tools) symbol and
behaviour change.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Apr 10 11:14:43 CEST 2012 on sn-devel-104
We need to wrap the ldb tests in the subunit blackbox helpers.
We also needed to change to the right directory, or else the :< file://
syntax check does not work, as samba4.png is not found.
Andrew Bartlett
This reverts commit 40a4aea891.
Autocommit is important, as otherwise an ldb module could error out
during an operation, and leave an corrupt database.
Andrew Bartlett
These errors are very important when trying to work out why a module
does not load, and this rework allows them to be shown when loading
vfs modules.
Andrew Bartlett
The truncate of the strlcpy() here was a *desired* side effect.
strlcpy()/strlcat() should never be used like that. Be more
explicit about the truncation and don't use strlcpy here.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sat Mar 31 07:59:16 CEST 2012 on sn-devel-104
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User: Rusty Russell <rusty@rustcorp.com.au>
Autobuild-Date: Thu Mar 29 13:12:46 CEST 2012 on sn-devel-104
This patch adds two lock functions used by CTDB to perform asynchronous
locking. These functions do not actually perform any fcntl operations,
but only increment internal counters.
- tdb_transaction_write_lock_mark()
- tdb_transaction_write_lock_unmark()
It also exposes two internal functions
- tdb_lock_nonblock()
- tdb_unlock()
These functions are NOT exposed in include/tdb.h to prevent any further
uses of these functions. If you ever need to use these functions, consider
using tdb2.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
cast_const() et. al. are supposed to be a constant expression, so you can do things like:
static char *p = cast_const(char *, (const char *)"hello");
Unfortunately, a cast to intptr_t and arithmetic makes suncc reject it as
a constant expression. We need the cast, because (1) the expression could be
a void *, so we can't just add to it, and (2) gcc complains with -Wcast-qual
without it.
So instead of adding BUILD_BUG_OR_ZERO, we use a ? :, which keeps everyone happy.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
(Imported from CCAN commit 74859ab18b10aaf990848e49d7789ff5c6cf96c6)
Autobuild-User: Rusty Russell <rusty@rustcorp.com.au>
Autobuild-Date: Thu Mar 29 08:18:57 CEST 2012 on sn-devel-104
It still gave a warning on gcc, because casting a char to a char* gives a warning. Not so on sun CC.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
(Imported from CCAN commit 6569a707d169a629e25e10710c760c8dc84525c7)
We were handing an int-returning function where we should hand an enum TDB_ERROR
returning function. Worse, it was returning 0/-1 instead of 0/TDB_ERR_*.
Fortunately, it's only compared against success, but the Solaris compiler
warns about it, and it's not correct anyway.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Achieve this by introducing a "disallowDNFilter" flag.
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
