summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* s4-dsdb-tests: Remove unused method get_ldap_connection()Kamen Mazdrashki2015-02-031-13/+0
| | | | | | | Change-Id: Ie50f77dbba724dbd3c2822de5c2cfff41016fac6 Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* s4-dsdb-tests: Remove trailing ';' in deletetest.pyKamen Mazdrashki2015-02-031-2/+2
| | | | | | | Change-Id: Ic1ad6bbda55be56cbf7ae78a8ad988b8e479a40c Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* s4-dsdb: Insert tombstone_reanimate module in ldb modules chain after ↵Kamen Mazdrashki2015-02-031-0/+1
| | | | | | | | | objectclass Change-Id: Id9748f36f0aefe40b1894ecd2e5071e3b9c8a6d6 Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* s4-dsdb: Initial implementation for Tombstone reanimation moduleKamen Mazdrashki2015-02-032-1/+266
| | | | | | | | | | | | | | | | | | At the moment it works for basic scenario: - add user - delete user - restore deleted user TODO: - security checks - flags verification - cross-NC checks - asynchronous implementation (may not be needed, but anyway) Change-Id: If396a6dfc766c224acfeb7e93ca75703e08c26e6 Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* s4-dsdb-tests: Some tests for deleted objects undelete operationNadezhda Ivanova2015-02-031-5/+198
| | | | | | | | | | Based on MS-ADTS 3.1.1.5.3.7.2 Signed-off-by: Nadezhda Ivanova <nivanova@symas.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz> Change-Id: I650b315601fce574f9302435f812d1dd4b177e68
* selftest: fix check for RODC and RID Set allocationStefan Metzmacher2015-02-021-1/+1
| | | | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jelmer Vernooij <jelmer@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Mon Feb 2 01:10:18 CET 2015 on sn-devel-104
* python/samba/tests: don't lower case path names in connect_samdb()Stefan Metzmacher2015-02-011-1/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | We should not lower case file names, because we may get a path to sam.ldb. Now we only lower case ldap urls. For a long time I got failing private autobuild like this: [1623(9233)/1718 at 1h28m9s] samba4.urgent_replication.python(dc)(dc:local) Failed to connect to ldap URL 'ldap:///memdisk/metze/w/b12985/samba/bin/ab/dc/private/sam.ldb' - LDAP client internal error: NT_STATUS_NO_MEMORY Failed to connect to 'ldap:///memdisk/metze/w/b12985/samba/bin/ab/dc/private/sam.ldb' with backend 'ldap': (null) UNEXPECTED(error): samba4.urgent_replication.python(dc).__main__.UrgentReplicationTests.test_attributeSchema_object(dc:local) REASON: _StringException: _StringException: Content-Type: text/x-traceback;charset=utf8,language=python traceback 322 The problem is that /memdisk/metze/W/ is my test directory instead of /memdisk/metze/w/. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
* selftest: Fix typo namerserver -> nameserver.Jelmer Vernooij2015-01-301-2/+2
| | | | | | | | Signed-off-by: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Fri Jan 30 19:59:40 CET 2015 on sn-devel-104
* s3:smb2_server: protect against integer wrap with "smb2 max credits = 65535"Stefan Metzmacher2015-01-291-0/+3
| | | | | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=9702 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Thu Jan 29 14:58:40 CET 2015 on sn-devel-104
* s3:smb2_server: always try to grant the credits the client just consumedStefan Metzmacher2015-01-291-6/+2
| | | | | | | | | | | | | | | | | | | | | | | | | It turns out that the effective credits_requested is always at least 1, even if the client sends credits_requested == 0. This means the client is not able to reduce the amount of credits itself. Without this fix a client (e.g. Windows7) would reach the case where it has been granted all credits it asked for. When copying a large file with a lot of parallel requests, all these requests have credits_requested == 0. This means the amount of granted credits where reduced by each request and only when the granted credits reached 0, the server granted one credit to allow the client to go on. The client might require more than one credit ([MS-SMB2] says Windows clients require at least 4 credits) and freezes with just 1 credit. Bug: https://bugzilla.samba.org/show_bug.cgi?id=9702 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* loadparm: Simplify "set_variable"Volker Lendecke2015-01-291-7/+3
| | | | | | | | | | | I usually don't like complicated if/else and in particular the else piece. But if the alternative is a goto, then else is better I guess :-) Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz> Autobuild-User(master): Garming Sam <garming@samba.org> Autobuild-Date(master): Thu Jan 29 00:28:55 CET 2015 on sn-devel-104
* uwrap: Bump version to 1.1.0.Andreas Schneider2015-01-281-1/+1
| | | | | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Wed Jan 28 19:44:39 CET 2015 on sn-devel-104
* uwrap: Make sure we leave if the id is NULL.Andreas Schneider2015-01-281-0/+1
| | | | | | | CID #97616 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* uwrap: Support scenario where threads fork or creates threads.Robin Hack2015-01-281-221/+177
| | | | | | | | | | | | | | | | | When fork() is called here there is no need to disable uwrap as a whole. This change disables only uwrap for the thread which called fork(). uwrap catches calls of pthread_create() and pthread_exit() functions from libpthread library now. Pair-Programmed-With: Andreas Schneider <asn@samba.org> Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Robin Hack <hack.robin@gmail.com> Signed-off-by: Andreas Schneider <asn@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* uwrap: Prepare for overload of libpthread functions.Robin Hack2015-01-281-19/+140
| | | | | | | | | uwrap_bind_symbol are now renamed to uwrap_bind_symbol_libc and simlilar uwrap_bind_symbol_libpthread are introduced. Signed-off-by: Robin Hack <hack.robin@gmail.com> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* uwrap: Introduce UWRAP_LOCK_ALL and UWRAP_UNLOCK_ALL macrosRobin Hack2015-01-281-8/+14
| | | | | | | | | Introduce UWRAP_LOCK_ALL and UWRAP_UNLOCK_ALL which make locking easier. Signed-off-by: Robin Hack <hack.robin@gmail.com> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* uwrap: Rewrite uwrap_libc_fns struct to pass strict aliasing rules.Robin Hack2015-01-281-59/+116
| | | | | | | | | | Also rename struct uwrap_libc_fns fns to uwrap_libc_symbols and uwrap_load_lib_function to uwrap_bind_symbol (same for _uwrap_load_... variant. Signed-off-by: Robin Hack <hack.robin@gmail.com> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* uwrap: Fix wrong data types in syscalls switch.Robin Hack2015-01-281-12/+12
| | | | | | Signed-off-by: Robin Hack <hack.robin@gmail.com> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* uwrap: Add support for getresuid() and getresgid() glibc/syscall.Robin Hack2015-01-282-0/+111
| | | | | | Signed-off-by: Robin Hack <hack.robin@gmail.com> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* uwrap: Extend support for (set|get)groups libc functions and syscalls.Robin Hack2015-01-281-11/+82
| | | | | | Signed-off-by: Robin Hack <hack.robin@gmail.com> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* uwrap: Extend support for syscalls called from threads or main process.Robin Hack2015-01-281-0/+36
| | | | | | | | | We need to distinguish if the syscall is called from main process or from a thread. Signed-off-by: Robin Hack <hack.robin@gmail.com> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* uwrap: Small uwrap_init optimalization.Robin Hack2015-01-281-2/+2
| | | | | | | | Don't call libc_getuid/getgid function twice. Signed-off-by: Robin Hack <hack.robin@gmail.com> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* uwrap: Add support for running with address sanitizer.Andreas Schneider2015-01-282-0/+27
| | | | | | | | The address sanitzer will complain about our hack with variable function attributes. This disables the checking of it. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* uwrap: Reflect changes of uid/gid in threads to main process.Robin Hack2015-01-281-7/+50
| | | | | | | | | | | | When thread changes uid/gid this change must be reflected to main process. Syscalls changes only uid/gid of thread. Call of libc functions changes also uid/gid of main process. Signed-off-by: Robin Hack <hack.robin@gmail.com> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* uwrap: Small optimalization of uwrap_init().Robin Hack2015-01-281-1/+2
| | | | | | | | Don't call getenv("UID_WRAPPER") on start of uwrap_init(). Signed-off-by: Robin Hack <hack.robin@gmail.com> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* uwrap: Optimalization of uid_wrapper_enabled() function.Robin Hack2015-01-282-4/+42
| | | | | | | | | | | | | | | Check only bool variable inside uwrap structure instead of calling whole uid_init(). In the best case only one mutex lock is need when check. NOTES: * This patch uses __atomic_load gcc builtin function. * uid_init() were moved outside uid_wrapper_enabled() function. Signed-off-by: Robin Hack <hack.robin@gmail.com> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* uid_wrapper: Fix race condition - uwrap_init.Robin Hack2015-01-281-5/+2
| | | | | | | | | Patch moves uwrap_id_mutex before if (uwrap.initialised) statement which can be passed by concurrent threads. Signed-off-by: Robin Hack <hack.robin@gmail.com> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* uwrap: Fix race condition - glibc lookups.Robin Hack2015-01-281-3/+14
| | | | | | | | | Patch adds libc_symbol_binding_mutex which guards global table of libc functions and their lookup. Signed-off-by: Robin Hack <hack.robin@gmail.com> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* uwrap: Add library constructor and move pthread_atfork inside.Robin Hack2015-01-282-9/+39
| | | | | | | | | Library constructor is used for pthread_atfork call. Moved here because pthread_atfork is cumulative and should be called only once. Signed-off-by: Robin Hack <hack.robin@gmail.com> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* uwrap: Use UWRAP_LOCK/UNLOCK macros instead of pthread_mutex_lock/unlock calls.Robin Hack2015-01-281-31/+40
| | | | | | | | | New macros UWRAP_LOCK/UNLOCK has been created and all calls to pthread_mutex_lock/unlock has been replaced by these macros. Signed-off-by: Robin Hack <hack.robin@gmail.com> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* uwrap: Fix the handle loop for older gcc versions.Andreas Schneider2015-01-281-1/+4
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* waf: Add address sanitizer configure option.Andreas Schneider2015-01-282-0/+8
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* ctdb-scripts: Call iptables/ip6tables directly from iptables_wrapperMartin Schwenke2015-01-282-12/+8
| | | | | | | | | | | | | | | | | | | | | | Drops the iptables() and ip6tables() functions and, hence, the hardcoding of paths /sbin/iptables and /sbin/ip6tables. The latter avoids problems on openSUSE where (for example) /usr/sbin/iptables is used instead. This means that locking around ip*tables commands is only done when iptables_wrapper is called directly. This is fine because the only conflict is when "releaseip" or "takeip"/"updateip" events are run in parallel. The other uses in 11.natgw and 70.iscsi are in events where there will be no collisions. Making 11.natgw support IPv6 is unnecessary. Just put a static IPv6 address on each interface - they're plentiful. Signed-off-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Amitay Isaacs <amitay@gmail.com> Autobuild-User(master): Amitay Isaacs <amitay@samba.org> Autobuild-Date(master): Wed Jan 28 08:29:55 CET 2015 on sn-devel-104
* ctdb-scripts: Error message, comment and whitespace cleanupsMartin Schwenke2015-01-281-8/+10
| | | | | Signed-off-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Amitay Isaacs <amitay@gmail.com>
* ctdb-scripts: iSCSI eventscript should fail when PNN can't be determinedMartin Schwenke2015-01-281-4/+1
| | | | | Signed-off-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Amitay Isaacs <amitay@gmail.com>
* ctdb-scripts: Make 70.iscsi IPv6-awareMartin Schwenke2015-01-281-5/+29
| | | | | | | | | | | | Block iSCSI port for families of all address the node is configured to host. Could just unconditional add blocking using ip6tables instead. However, this would produce errors when no IPv6 public addresses are configured and ip6tables is not installed. Signed-off-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Amitay Isaacs <amitay@gmail.com>
* auth/credentials_krb5: fix memory leak in ↵Günther Deschner2015-01-261-0/+2
| | | | | | | | | | | | cli_credentials_failed_kerberos_login(). Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Mon Jan 26 19:56:57 CET 2015 on sn-devel-104
* s4-torture: the new krb5 kdc tests are heimdal, not dc specific.Günther Deschner2015-01-261-1/+1
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* idl: fix IDL for netr_WorkstationInformation().Günther Deschner2015-01-261-1/+1
| | | | | | | | | This structure is used by the netr_LogonGetDomainInfo call as the input. Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s4:rpc_server: add support for DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEMStefan Metzmacher2015-01-262-0/+39
| | | | | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Günther Deschner <gd@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Mon Jan 26 14:23:50 CET 2015 on sn-devel-104
* s4:rpc_server: pass the remote address to gensec_set_remote_address()Stefan Metzmacher2015-01-261-1/+15
| | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* s4:rpc_server/lsa: add dcesrv_lsa_OpenTrustedDomain_common()Stefan Metzmacher2015-01-261-75/+101
| | | | | | | | | | | | | dcesrv_lsa_OpenTrustedDomain() and dcesrv_lsa_OpenTrustedDomainByName() need to use the same logic and make sure trusted_domain_user_dn is valid. Otherwise dcesrv_lsa_OpenTrustedDomainByName() followed by dcesrv_lsa_DeleteObject() will leave the trust domain account in the database. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* s4:rpc_server/netlogon: fix bugs in dcesrv_netr_DsRGetDCNameEx2()Stefan Metzmacher2015-01-261-8/+14
| | | | | | | | We should return the our ip address the client is connected too. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* Fix a couple of DEBUG statements that were copied from elsewhere. Removed ↵Richard Sharpe2015-01-251-4/+2
| | | | | | | | | | the misleading function name since the DEBUG message will print out the function name anyway. Signed-of-by: Richard Sharpe <rsharpe@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Sun Jan 25 12:58:08 CET 2015 on sn-devel-104
* s4:dsdb/tests: add test_timevalues1() to verify timestamp valuesStefan Metzmacher2015-01-241-0/+40
| | | | | | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=9810 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Günther Deschner <gd@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Sat Jan 24 20:17:20 CET 2015 on sn-devel-104
* ldb: version 1.1.20Stefan Metzmacher2015-01-243-1/+266
| | | | | | | | - Bug 9810 - validate_ldb of String(Generalized-Time) does not accept millisecond format ".000Z" Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* lib/ldb: fix logic in ldb_val_to_time()Stefan Metzmacher2015-01-241-6/+32
| | | | | | | | | | | | 040408072012Z should represent 20040408072012.0Z as well as 20040408072012.000Z or 20040408072012.RandomIgnoredCharaters...Z Bug: https://bugzilla.samba.org/show_bug.cgi?id=9810 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* Update the tevent_data.dox tutrial stuff to fix some errors, including whiteRichard Sharpe2015-01-241-13/+17
| | | | | | | | | | space problems. Signed-off-by: Richard Sharpe <rsharpe@samba.org> Reviewed-by: Ralph Boehme <rb@sernet.de> Autobuild-User(master): Richard Sharpe <sharpe@samba.org> Autobuild-Date(master): Sat Jan 24 09:33:03 CET 2015 on sn-devel-104
* vfs_glusterfs: Add comments to the pipe(2) code.Ira Cooper2015-01-231-0/+17
| | | | | | | | | | | The guarantees around read(2) and write(2) and pipes are critical to understanding this code. Hopefully these comments will help. Signed-off-by: Ira Cooper <ira@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Jan 23 20:58:51 CET 2015 on sn-devel-104
* selftest: Run krb5.kdc test against users with a UPNAndrew Bartlett2015-01-232-2/+24
| | | | | | | | | | | This tests both a UPN in our own realm, and a UPN with a non-realm suffix. Pair-programmed-with: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri Jan 23 08:10:07 CET 2015 on sn-devel-104
generated by cgit (git 2.34.1) at 2025-09-15 18:10:07 +0000