summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* passdb: Cache output from pdb_[ug]id_to_sidVolker Lendecke2015-01-071-0/+14
| | | | | | | | | | | | | A customer complained that after upgrading to Samba 4.0 fileserver its LDAP server was flooded with uid2sid and gid2sid request for id 0. With 4.0 we do a lot more user-space ACL checking which involves uid2sid/gid2sid. This caches the corresponding results. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Wed Jan 7 12:00:10 CET 2015 on sn-devel-104
* selftest: fix dns_host_file in samba3 targetGarming Sam2015-01-071-1/+1
| | | | | | | | | | | When setting up s3member twice in a row, the join ending up attempting kerberos and using an old ticket in the st folder, failing with bad credentials. Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Jan 7 03:58:10 CET 2015 on sn-devel-104
* fixup: check for NULL pointersRalph Boehme2015-01-071-2/+2
| | | | | Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s4:rpc_server/lsa: remove msDS-TrustForestTrustInfo if FOREST_TRANSITIVE is ↵Stefan Metzmacher2015-01-061-1/+24
| | | | | | | | | | cleared Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Simo Sorce <idra@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Tue Jan 6 22:50:23 CET 2015 on sn-devel-104
* s4:rpc_server/lsa: allow LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE to be changed.Stefan Metzmacher2015-01-061-5/+15
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Simo Sorce <idra@samba.org>
* winbind: Retry after SESSION_EXPIRED error in ping-dcChristof Schmitt2015-01-061-0/+8
| | | | | | | | | | | | | Trying to establish a netlogon connection when the service ticket expires might fail with NT_STATUS_NETWORK_SESSION_EXPIRED. The underlying client code already marks the session as invalid, so retry the netlogon connect in this case. Signed-off-by: Christof Schmit <cs@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Jan 6 02:58:57 CET 2015 on sn-devel-104
* smbd: Properly handle EINTR in vfs_aio_forkVolker Lendecke2015-01-061-3/+12
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* smbd: Use msghdr.[ch] in vfs_aio_forkVolker Lendecke2015-01-061-42/+20
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* lib: Use msghdr_prep_recv_fds in unix_msgVolker Lendecke2015-01-061-7/+4
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* lib: Add msghdr_prep_recv_fdsVolker Lendecke2015-01-062-0/+22
| | | | | | | | This will prepare a msghdr for receiving fd's. Same pattern as before: First get the buffer size, then fill in msghdr. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* lib: Use msghdr_extract_fds in unix_msgVolker Lendecke2015-01-061-56/+19
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* lib: Add msghdr_extract_fdsVolker Lendecke2015-01-062-0/+30
| | | | | | | | | This is a copy of the extract_fd_array_from_msghdr routine in unix_msg.c, with a similar use pattern: First call it without an output array to get the length and then call it a second time to actually fill in the array. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* smbd: Use msghdr_prep_fds in vfs_aio_forkVolker Lendecke2015-01-061-30/+9
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* lib: Use msghdr in unix_msgVolker Lendecke2015-01-062-121/+60
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* lib: Add msghdr.[ch]Volker Lendecke2015-01-063-0/+170
| | | | | | | | | | | | | | | | | | | | This is a little set of routines to deal with the ugly fd-passing macros. This patch is the first step assisting the creation of msghrds for sending fds. Receiving fd helpers will follow later. The basic idea behind these routines is that they fill a variable-sized buffer. They are supposed to be called twice per msghdr preparation. First with a 0-sized NULL output buffer to calculate the required bufsize, and then a second time filling in the buffer as such. This does not take care of the old msg_accrights way of passing file descriptors. CMSG/SCM_RIGHTS is standardized for quite a while now, and I believe this intreface can be made to also take care of msg_accrights if needed. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* lib: unix_dgram_msg does not need "num_fds"Volker Lendecke2015-01-061-2/+0
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* torture3: Fix a typoVolker Lendecke2015-01-061-1/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* s3:winbindd: improve logic to use CLDAP for a given domain.Stefan Metzmacher2015-01-051-1/+9
| | | | | | | | | | | As an AC Domain Controller we should try CLDAP for active directory domains. E.g. FreeIPA domains doesn't provide NBT at all... Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Mon Jan 5 19:23:40 CET 2015 on sn-devel-104
* s3:winbindd: mark our primary as active_directory if possibleStefan Metzmacher2015-01-051-0/+9
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* libcli/netlogon: We need to handle a bug in FreeIPA (at least <= 4.1.2).Stefan Metzmacher2015-01-051-3/+12
| | | | | | | | | | They include the ip address information without setting NETLOGON_NT_VERSION_5EX_WITH_IP, while using ndr_push_NETLOGON_SAM_LOGON_RESPONSE_EX instead of ndr_push_NETLOGON_SAM_LOGON_RESPONSE_EX_with_flags. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s3:passdb: fix logic in pdb_set_pw_history()Stefan Metzmacher2015-01-051-7/+8
| | | | | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=10940 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Mon Jan 5 16:51:30 CET 2015 on sn-devel-104
* Happy New Year 2015!Stefan Metzmacher2015-01-012-2/+2
| | | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Thu Jan 1 02:47:59 CET 2015 on sn-devel-104
* torture: NULL out after talloc_freeGarming Sam2014-12-301-0/+1
| | | | | | | | | | This appeared as a segmentation fault in rpc.spoolss.printer. Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Dec 30 02:49:01 CET 2014 on sn-devel-104
* lib: Fix a commentVolker Lendecke2014-12-301-3/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* lib: Use iov_advance in write_data_iovVolker Lendecke2014-12-301-16/+6
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* lib: Use iov_advance in writev_handlerVolker Lendecke2014-12-302-26/+10
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* lib: Add iov_advanceVolker Lendecke2014-12-302-0/+35
| | | | | | | This chops off n bytes from an iovec array. Used for short writev's Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* lib: iov_buf does not need talloc.h anymoreVolker Lendecke2014-12-301-1/+0
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* lib: Use talloc_memdup in messaging_rec_dupVolker Lendecke2014-12-281-2/+1
| | | | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sun Dec 28 04:20:48 CET 2014 on sn-devel-104
* lib: Simplify check_log_sizeVolker Lendecke2014-12-281-5/+3
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* lib: Use talloc_zero_array instead of memsetVolker Lendecke2014-12-271-3/+1
| | | | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Martin Schwenke <martin@meltin.net> Autobuild-User(master): Martin Schwenke <martins@samba.org> Autobuild-Date(master): Sat Dec 27 01:27:08 CET 2014 on sn-devel-104
* Fix a comment to indicate that TALLOC_FREE must be used to free an allocated ↵Richard Sharpe2014-12-261-1/+1
| | | | | | | | | | array of strings. Signed-off-by: Richard Sharpe <realrichardsharpe@gmail.com> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Fri Dec 26 22:54:51 CET 2014 on sn-devel-104
* winbind: Retry LogonControl RPC in ping-dc after session expirationChristof Schmitt2014-12-231-0/+10
| | | | | | | | | | | | When the underlying session expires, the LogonControl RPC call used in ping-dc returns NT_STATUS_IO_DEVICE_ERROR. Retry once in this case, instead of returning the error to the caller. Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Dec 23 02:46:34 CET 2014 on sn-devel-104
* dsdb: Add tokenGroupsGlobalAndUniversal, tokenGroups, tokenGroupsNoGCAcceptableGarming Sam2014-12-222-15/+399
| | | | | | | | | | | | | | | | This includes additional tests based directly on the docs, rather than simply testing our internal implementation in client and server contexts, that create a user and groups. Bug: https://bugzilla.samba.org/show_bug.cgi?id=11022 Pair-programmed-with: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Garming-Sam <garming@catalyst.net.nz> Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Mon Dec 22 17:17:02 CET 2014 on sn-devel-104
* dns.py: Always remove the test zone in tearDown()Andrew Bartlett2014-12-221-0/+8
| | | | | | | | | | Change-Id: Ic6d6c51579f8859b4e396179123974382c253bf7 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Pair-programmed-with: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Garming Sam <garming@samba.org> Autobuild-Date(master): Mon Dec 22 08:21:22 CET 2014 on sn-devel-104
* dsdb: Ignore errors from search in dns_notify moduleAndrew Bartlett2014-12-221-14/+12
| | | | | | | | This ensures the error messages are unchanged Pair-programmed-with: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* dsdb: Use a fixed set of attributes in search in dns_notify moduleAndrew Bartlett2014-12-221-2/+4
| | | | | | Pair-programmed-with: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* dsdb: Use ldb_attr_cmp() for comparing objectclass namesAndrew Bartlett2014-12-221-3/+3
| | | | | | | | This is the same as strcasecmp, but it is best to remain consistent. Pair-programmed-with: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* dns.py: Test dns server reload zones from DSDB when are created or deletedSamuel Cabrero2014-12-221-0/+78
| | | | | | | Signed-off-by: Samuel Cabrero <samuelcabrero@kernevil.me> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* s4-dns: Reload DNS zones from dsdb when zones are modified through RPC or DRSSamuel Cabrero2014-12-225-39/+565
| | | | | | | | | | | | | Setup a RPC management call on the internal DNS server triggered a new LDB module which sniffs dnsZone object add, delete and modify operations. This way the notification is triggered when zones are modified either from RPC or replicated by inbound DRS. Signed-off-by: Samuel Cabrero <samuelcabrero@kernevil.me> (shadowed variable error corrected by abartlet) Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* selftest: Run samba.tests.dns in :local environment so it can access credentialsAndrew Bartlett2014-12-221-1/+1
| | | | | | | | This allows it to access the machine account, and use that to modify the DNS zones Pair-programmed-with: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* lib/ldb-samba: Add comment dicouraging use of schemaUpgradeInProgressAndrew Bartlett2014-12-221-0/+10
| | | | | | | | | Signed-off-by: Garming Sam <garming@catalyst.net.nz> Pair-programmed-with: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Garming Sam <garming@samba.org> Autobuild-Date(master): Mon Dec 22 02:42:42 CET 2014 on sn-devel-104
* dsdb: Only parse SAMBA_LDAP_MATCH_RULE_TRANSITIVE_EVAL as a DNAndrew Bartlett2014-12-221-1/+3
| | | | | | | | This avoids trying to parse some other rule, like bitwise and, that may be applied to this attribute Signed-off-by: Garming Sam <garming@catalyst.net.nz> Pair-programmed-with: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s4:dsdb: Fix not freed temp memory contextSamuel Cabrero2014-12-221-0/+1
| | | | | | Signed-off-by: Samuel Cabrero <samuelcabrero@kernevil.me> Reviewed-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* ldb-samba-tests: Add tests for transitive matching ruleSamuel Cabrero2014-12-222-0/+474
| | | | | | | Signed-off-by: Samuel Cabrero <samuelcabrero@kernevil.me> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* ldb-samba: Implement transitive extended matchingSamuel Cabrero2014-12-224-1/+373
| | | | | | | | | | | | | | | | | | Documented in [MS-ADTS] section 3.1.1.3.4.4.3 LDAP_MATCHING_RULE_TRANSITIVE_EVAL This allows a search filter such as: member:1.2.840.113556.1.4.1941:=cn=user,cn=users,dc=samba,dc=example,dc=com This searches not only the member attribute, but also any member attributes that point at an object with this member in them. All the various DN syntax types are supported, not just plain DNs. Signed-off-by: Samuel Cabrero <samuelcabrero@kernevil.me> (abartlet: Fixed compile error: return makes integer from pointer without a cast) Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* dsdb: Define syntax access point oid string as a macroSamuel Cabrero2014-12-222-1/+2
| | | | | | Signed-off-by: Samuel Cabrero <samuelcabrero@kernevil.me> Reviewed-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* ldb: bump to version 1.1.19Andrew Bartlett2014-12-223-1/+266
| | | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Pair-programmed-by: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Garming Sam <garming@catalyst.net.nz>
* ldb: Allow to register extended match rulesSamuel Cabrero2014-12-224-36/+165
| | | | | | | | | | | | This allows to extend LDB by registering extended match rules from outside the library itself. This is necessary when the implementation requires knowledge about syntaxes implemented in samba extensions, like the LDAP_MATCHING_RULE_TRANSITIVE_EVAL match. Signed-off-by: Samuel Cabrero <samuelcabrero@kernevil.me> Singed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* dsdb: Improve code clarity for ldb_extended_dn_in_openldap modeAndrew Bartlett2014-12-221-3/+7
| | | | | | Pair-programmed-with: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Andrew Bartlett <abartlet@samba.org>
generated by cgit (git 2.34.1) at 2025-09-25 21:01:14 +0000