summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* samba-tool: Fix typo in usage.Karolin Seeger2012-10-081-1/+1
| | | | Karolin
* s4-dns: fix a warningMatthieu Patou2012-10-081-2/+1
| | | | | Autobuild-User(master): Matthieu Patou <mat@samba.org> Autobuild-Date(master): Mon Oct 8 10:45:41 CEST 2012 on sn-devel-104
* s4-dns: Ignore zones that shouldn't be returned currentlyMatthieu Patou2012-10-071-1/+7
| | | | | | | RootDNSServers should never be returned (Windows DNS server don't) ..TrustAnchors should never be returned as is, (Windows returns TrustAnchors) and for the moment we don't support DNSSEC so we'd better not return this zone.
* s4-join: factorize code, add infoMatthieu Patou2012-10-071-5/+9
|
* s4-join: add some documentationMatthieu Patou2012-10-071-1/+11
|
* s4-repl: make dreplsrv_partition_find_for_nc return BAD_NC onlyMatthieu Patou2012-10-071-2/+7
|
* drsuapi: Validate the input parameters for the drsuapi_UpdateRefs functionMatthieu Patou2012-10-071-0/+16
|
* drsuapi: check more carefully the validity of the NCMatthieu Patou2012-10-071-4/+11
| | | | | Check that both the GUID and DN are the GUID/DN of a NC if not return WERR_DS_DRA_BAD_NC
* drsuapi-idl: Fix the encoding of the source_dsa_dnsMatthieu Patou2012-10-071-1/+1
| | | | astring is not aligned and is not conformant
* drs-replica-info: level_not_supported is wrong when we do support (partialy ↵Matthieu Patou2012-10-071-9/+13
| | | | the level)
* lib-addns: ensure that allocated buffer are pre set to 0Matthieu Patou2012-10-071-12/+12
| | | | | | It avoid bugs when one of the buffer is supposed to contain a string that is not null terminated (ie. label->label) and that we don't force the last byte to 0.
* ldap-server: sscanf result was never used to mistyped varMatthieu Patou2012-10-071-2/+1
|
* ldap-server: remove warning for the ret not being usedMatthieu Patou2012-10-071-2/+1
|
* s4-drs: fix the logic to allow REPL_SECRET if the account has GET_ALL_CHANGESMatthieu Patou2012-10-071-0/+24
|
* s4-drs: EXOP_REPL_SECRETS can be called by RW DC as wellMatthieu Patou2012-10-071-7/+15
|
* drs-getncchanges: do not set the highestUsn to 0Matthieu Patou2012-10-071-1/+0
| | | | | | | | Paragraph 4.1.10.5 says that if err = 0 then msgOut.pNC := msgIn.pNC msgOut.usnvecFrom := msgIn.usnvecFrom so no need to set the highestUsn to 0
* kcc: return invalid parameter if the taskId is not 0Matthieu Patou2012-10-071-1/+3
|
* drs-crackname: if there is no sid do not return the domainMatthieu Patou2012-10-071-0/+2
|
* devel-crackname: Print if count > 0Matthieu Patou2012-10-071-2/+5
|
* Implement the LIST_INFO_FOR_SERVER input formatMatthieu Patou2012-10-072-1/+109
|
* getdcinfo: Check that the server object has a serverreference objects ↵Matthieu Patou2012-10-071-2/+4
| | | | | | | | pointing to a DC object The problem was found by the DRSR testsuite where server objects were created in the Site container without serverrefrence attribute triggering error in the testsuite.
* ntdb: remove unused local variable.Rusty Russell2012-10-081-2/+0
| | | | | | | | Reported-by: Matthieu Patou <mat@samba.org> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Autobuild-User(master): Rusty Russell <rusty@rustcorp.com.au> Autobuild-Date(master): Mon Oct 8 04:43:37 CEST 2012 on sn-devel-104
* s3: Add two tests a CLEAR_IF_FIRST crashVolker Lendecke2012-10-061-0/+56
| | | | | Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Sat Oct 6 17:16:39 CEST 2012 on sn-devel-104
* tdb: Make tdb robust against improper CLEAR_IF_FIRST restartVolker Lendecke2012-10-061-4/+28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When winbind is restarted, there is a potential crash in tdb. Following situation: We are in a cluster with ctdb. A winbind child hangs in a request to the DC. Cluster monitoring decides the node has a problem. Cluster monitoring decides to kill ctdbd. winbind child still hangs in a RPC request. winbind parent figures that ctdb is dead and immediately commits suicide. winbind parent is restarted by cluster management, overwriting gencache.tdb with CLEAR_IF_FIRST. The CLEAR_IF_FIRST logic as implemented now will not see that a child still has the tdb open, only the parent holds the ACTIVE_LOCK due to performance reasons. During the CLEAR_IF_FIRST logic is done, there is a very small window where we ftruncate(tfd, 0) the file and re-write a proper header without a lock. When during this small window the winbind child comes back, wanting to store something into gencache.tdb, that winbind child will crash with a SIGBUS. Sounds unlikely? See: [2012/09/29 07:02:31.871607, 0] lib/util.c:1183(smb_panic) PANIC (pid 1814517): internal error [2012/09/29 07:02:31.877596, 0] lib/util.c:1287(log_stack_trace) BACKTRACE: 35 stack frames: #0 winbindd(log_stack_trace+0x1a) [0x7feb7d4ca18a] #1 winbindd(smb_panic+0x2b) [0x7feb7d4ca25b] #2 winbindd(+0x1a3cc4) [0x7feb7d4bacc4] #3 /lib64/libc.so.6(+0x32900) [0x7feb7a929900] #4 /lib64/libc.so.6(memcpy+0x35) [0x7feb7a97f355] #5 /usr/lib64/libtdb.so.1(+0x6e76) [0x7feb7b0b0e76] #6 /usr/lib64/libtdb.so.1(+0x3d37) [0x7feb7b0add37] #7 /usr/lib64/libtdb.so.1(+0x863d) [0x7feb7b0b263d] #8 /usr/lib64/libtdb.so.1(+0x8700) [0x7feb7b0b2700] #9 /usr/lib64/libtdb.so.1(+0x2505) [0x7feb7b0ac505] #10 /usr/lib64/libtdb.so.1(+0x25b7) [0x7feb7b0ac5b7] #11 /usr/lib64/libtdb.so.1(tdb_fetch+0x13) [0x7feb7b0ac633] #12 winbindd(gencache_set_data_blob+0x259) [0x7feb7d4d8449] #13 winbindd(gencache_set+0x53) [0x7feb7d4d85b3] #14 winbindd(gencache_del+0x5e) [0x7feb7d4d879e] #15 winbindd(saf_delete+0x93) [0x7feb7d54b693] #16 winbindd(+0xe507e) [0x7feb7d3fc07e] #17 winbindd(+0xe85e5) [0x7feb7d3ff5e5] #18 winbindd(+0xe65be) [0x7feb7d3fd5be] #19 winbindd(+0xe7562) [0x7feb7d3fe562] #20 winbindd(init_dc_connection+0x2e) [0x7feb7d3fe5be] #21 winbindd(+0xe75d9) [0x7feb7d3fe5d9] #22 winbindd(cm_connect_netlogon+0x58) [0x7feb7d3fe658] #23 winbindd(_wbint_PingDc+0x61) [0x7feb7d410991] #24 winbindd(+0x103175) [0x7feb7d41a175] #25 winbindd(winbindd_dual_ndrcmd+0xb7) [0x7feb7d4107d7] #26 winbindd(+0xf8609) [0x7feb7d40f609] #27 winbindd(+0xf9075) [0x7feb7d410075] #28 winbindd(tevent_common_loop_immediate+0xe8) [0x7feb7d4db198] #29 winbindd(run_events_poll+0x3c) [0x7feb7d4d93fc] #30 winbindd(+0x1c2b52) [0x7feb7d4d9b52] #31 winbindd(_tevent_loop_once+0x90) [0x7feb7d4d9f60] #32 winbindd(main+0x7b3) [0x7feb7d3e7aa3] #33 /lib64/libc.so.6(__libc_start_main+0xfd) [0x7feb7a915cdd] #34 winbindd(+0xce2a9) [0x7feb7d3e52a9] This is in a winbind child, logfiles surrounding indicate the parent was restarted. This patch takes all chain locks around the CLEAR_IF_FIRST introduced tdb_new_database.
* tdb: Make robust against shrinking tdbsRusty Russell2012-10-061-12/+20
| | | | | | | | | | | When probing for a size change (eg. just before tdb_expand, tdb_check, tdb_rescue) we call tdb_oob(tdb, tdb->map_size, 1, 1). Unfortunately this does nothing if the tdb has actually shrunk, which as Volker demonstrated, can actually happen if a "longlived" parent crashes. So move the map/update size/remap before the limit check. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
* We should never just assign an st_mode to an ace->perms field, theoreticallyJeremy Allison2012-10-061-2/+2
| | | | | | | | | | | they are different so should go through a mapping function. Ensure this is so. Practically this does not matter, as for user permissions the mapping function is an identity, and the extra bits we may add are ignored anyway, but this makes the intent clear. Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat Oct 6 03:04:14 CEST 2012 on sn-devel-104
* Modify ensure_canon_entry_valid() into ensure_canon_entry_valid_on_set() - ↵Jeremy Allison2012-10-051-154/+141
| | | | makes the logic clearer.
* Simplify ensure_canon_entry_valid by splitting out the _get codepath.Jeremy Allison2012-10-051-3/+86
|
* talloc: Convert error cecking macros into fnsSimo Sorce2012-10-051-37/+74
| | | | | | | | | | | This will avoid 'surprise returns' and makes the code cleare to readers. These macros were complex enough to warrant a full function anyway not just for readability but also for debuggability. Thanks David for pointing out this issue. Autobuild-User(master): Simo Sorce <idra@samba.org> Autobuild-Date(master): Fri Oct 5 23:24:17 CEST 2012 on sn-devel-104
* Add tests for talloc_memlimitSimo Sorce2012-10-051-0/+172
| | | | | Autobuild-User(master): Simo Sorce <idra@samba.org> Autobuild-Date(master): Fri Oct 5 07:36:38 CEST 2012 on sn-devel-104
* Add memory limiting capability to tallocSimo Sorce2012-10-055-40/+327
| | | | | | | | | | | By calling talloc_set_memlimit() we can now set a max memory limit for a whole talloc hierarchy. ANy attempt to allocate memory beyond the max allowed for the whole hierarchy wil cause an allocation failure. Stealing memory correctly accounts for used memory in the old and the new hierarchy but exceeding the memory limit in the new parent will not cause a failure.
* Ensure the masks don't conflict with the ACL checks.Jeremy Allison2012-10-052-2/+4
| | | | | Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Oct 5 00:36:40 CEST 2012 on sn-devel-104
* Update WHATSNEW.txt with removed parameters.Jeremy Allison2012-10-041-0/+4
|
* Remove the parameters:Jeremy Allison2012-10-0413-185/+33
| | | | | | | | | security mask force security mode directory security mask force directory security mode and update the docs.
* Remove all uses of ↵Jeremy Allison2012-10-042-20/+10
| | | | | | lp_security_mask/lp_force_security_mode/lp_dir_security_mask/lp_force_dir_security_mode and replace with the normal masks. Now these parameters can be removed.
* Revert "Add functions to programatically set the security mask and directory ↵Jeremy Allison2012-10-042-16/+0
| | | | | | | | security mask parameters." This reverts commit 8f0ecbbbeebff0174579a78827d384067cd4cbb7. Not now needed as part of the move to remove security mask parameters.
* Revert "When creating a new file/directory, we need to obey the create ↵Jeremy Allison2012-10-041-15/+0
| | | | | | | | | mask/directory mask parameters." This reverts commit c251a6b0442abc13bc8be4ff8de324c1d7706a78. Remove this as we're planning to remove the security mask, directory security mask parameters and only use create mask/directory mask.
* html docs: Remove link to Using Samba.Karolin Seeger2012-10-041-4/+0
| | | | | | | | | | | Thanks to Christian Perrier <bubulle@debian.org> for reporting! Fix bug #7826 - HTML docs index file still points to Using Samba. Karolin Autobuild-User(master): Karolin Seeger <kseeger@samba.org> Autobuild-Date(master): Thu Oct 4 13:48:00 CEST 2012 on sn-devel-104
* docs: Remove duplicate synonym min protocol.Karolin Seeger2012-10-041-1/+0
| | | | Karolin
* s3fs-smbd: Make sure the registry is set up before we init printing.Andreas Schneider2012-10-041-4/+4
| | | | | Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Thu Oct 4 12:06:29 CEST 2012 on sn-devel-104
* waf: Build pam_smbpass module only if enabled.Andreas Schneider2012-10-042-1/+5
|
* tdb: add -e option to tdbdump (and docment it).Rusty Russell2012-10-042-3/+53
| | | | | | | | | | This allows for an emergency best-effort dump. It's a little better than strings(1). Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Autobuild-User(master): Rusty Russell <rusty@rustcorp.com.au> Autobuild-Date(master): Thu Oct 4 03:16:06 CEST 2012 on sn-devel-104
* tdb: tdbdump should log errors, and fail in that case.Rusty Russell2012-10-041-2/+38
| | | | | | | Dumping a corrupt database should not exit silently with 0 status! Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
* tdb: add tdb_rescue()Rusty Russell2012-10-047-4/+622
| | | | | | | | This allows for an emergency best-effort dump. It's a little better than strings(1). Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
* Correct fix for bug #9222 - smbd ignores the "server signing = no" setting ↵Jeremy Allison2012-10-031-6/+11
| | | | | | | | | | for SMB2. Signing cannot be disabled for SMB2 by design, so fix the documentation instead. Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Oct 3 23:47:23 CEST 2012 on sn-devel-104
* Revert "Fix bug #9222 - smbd ignores the "server signing = no" setting for ↵Jeremy Allison2012-10-032-12/+4
| | | | | | | | | | | | | | | | | | SMB2." This reverts commit dfd3c31a3f9eea96854b2d22574856368e86b245. As Metze pointed out: From MS-SMB2 section 2.2.4: SMB2_NEGOTIATE_SIGNING_ENABLED When set, indicates that security signatures are enabled on the server. The server MUST set this bit, and the client MUST return STATUS_INVALID_NETWORK_RESPONSE if the flag is missing. I'll submit a documentation bug to fix #9222 that way.
* Fix bug #9214 - Bad user supplied SMB2 credit value can cause smbd to call ↵Jeremy Allison2012-10-031-1/+6
| | | | | | smb_panic. Terminate the connection cleanly instead.
* s3-docs: add delete_lost option to vfs_streams_depot.8Björn Baumbach2012-10-031-0/+19
| | | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed Oct 3 18:10:14 CEST 2012 on sn-devel-104
* s3-docs: Fix opening and ending tag mismatch in Samba3-HOWTO (Bug #9235)Björn Baumbach2012-10-031-2/+1
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s4: samba_backup: Fix typos.Björn Baumbach2012-10-031-2/+2
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
generated by cgit (git 2.34.1) at 2025-09-25 23:10:53 +0000