summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* Revert "s4:tls_tstream: allow mode of SSL keyfile to be 0400, not only 0600"Stefan Metzmacher2014-03-281-3/+2
| | | | | | | | | | | | | | | | | | | | | | | | | This reverts commit 05c1fe50556e2330e23b7efb38e653428b9bdadf. This was discussed here: https://bugzilla.samba.org/show_bug.cgi?id=10392#c11 This generated warnings like: invalid permissions on file '/memdisk/metze/W/b138235/samba/bin/ab/promoted_dc/private/tls/key.pem': has 0600 should be 0400'. I think we need a better way. Maybe file_check_permissions() should get allow_perms and deny_perms. And we would call it with allow_perms = 0400 and deny_perms = 0177. And bits in none of them are ignored. For now we revert this and wait for a better fix. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Fri Mar 28 12:37:17 CET 2014 on sn-devel-104
* s4:librpc/rpc: remember "ncalrpc_dir" on the dcerpc_pipe->bindingStefan Metzmacher2014-03-281-3/+11
| | | | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri Mar 28 10:34:51 CET 2014 on sn-devel-104
* pidl:Samba4/Python: add interface.abstract_syntax() to each interfaceStefan Metzmacher2014-03-281-0/+39
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:pyrpc: add base.transfer_syntax_ndr*()Stefan Metzmacher2014-03-281-0/+52
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:pyrpc: add py_dcerpc_syntax_init_helper()Stefan Metzmacher2014-03-282-0/+26
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:librpc: compile python bindings for dcerpc.idlStefan Metzmacher2014-03-282-0/+10
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* dcerpc.idl: hide (ndr->flags & LIBNDR_FLAG_OBJECT_PRESENT) logic behind a defineStefan Metzmacher2014-03-282-1/+9
| | | | | | | | | This way we can alter the define depending on the generated code. E.g python bindings won't have an 'ndr' struct available. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* dcerpc.idl: fix dcerpc_bind_nack definitionStefan Metzmacher2014-03-282-13/+12
| | | | | | | The version array is always present. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* dcerpc.idl: fix typo s/ist/intStefan Metzmacher2014-03-281-1/+1
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* dcerpc.idl: make use of DCERPC_NCA_S_* constants for the legacy ↵Stefan Metzmacher2014-03-281-4/+4
| | | | | | | DCERPC_FAULT_* codes Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* librpc/rpc: try to use DCERPC_NCA_S_* constants for error mappingsStefan Metzmacher2014-03-281-4/+4
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* ctdb-tests: Do not mix bool and int data typesAmitay Isaacs2014-03-281-1/+1
| | | | | | | | Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Martin Schwenke <martin@meltin.net> Autobuild-User(master): Amitay Isaacs <amitay@samba.org> Autobuild-Date(master): Fri Mar 28 07:56:18 CET 2014 on sn-devel-104
* ctdb-tests: Use ctdb_fetch_lock instead of ctdb_fetch_lock_readonlyAmitay Isaacs2014-03-281-1/+1
| | | | | | | | This will test that ctdb_fetch_lock correctly revokes readonly delegations. Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Martin Schwenke <martin@meltin.net>
* ctdb-client: ctdb_fetch_lock should check for readonly delegationsAmitay Isaacs2014-03-281-0/+15
| | | | | | | | When readonly delegations were added, ctdb_fetch_lock code should have been modified to include the check for readonly flags. Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Martin Schwenke <martin@meltin.net>
* ctdb-tests: Fix and extend read-only records testMartin Schwenke2014-03-281-93/+123
| | | | | | | | | | | | | This test currently counts the number of read-only-enabled databases and expects there to only be 1. It fails when there are existing databases with read-only already enabled. Instead, check just the test database. Clean up the test by adding some functions to check for precisely the read-only flags that should be set on a node after each operation. Signed-off-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Amitay Isaacs <amitay@gmail.com>
* ctdb-tests: Add a new NFS tickle testMartin Schwenke2014-03-282-4/+102
| | | | | | | | | This one ensures that a newly started node gets an up-to-date tickle list. Tweak some of the integration test functions to accommodate this. Signed-off-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Amitay Isaacs <amitay@gmail.com>
* ctdb-locking: Instead of comparing key, compare key hashAmitay Isaacs2014-03-281-4/+6
| | | | | | | | | | | This replaces memory comparison of the key with integer comparison. In addition, this also avoids scheduling locks with the same hash. Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Martin Schwenke <martin@meltin.net> Autobuild-User(master): Martin Schwenke <martins@samba.org> Autobuild-Date(master): Fri Mar 28 05:28:58 CET 2014 on sn-devel-104
* ctdb-locking: Check for talloc_memdup errorAmitay Isaacs2014-03-281-0/+5
| | | | | Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Martin Schwenke <martin@meltin.net>
* ctdb-locking: Avoid memory leakAmitay Isaacs2014-03-281-0/+1
| | | | | | | | If lock_request could not be allocated, free lock_ctx since there can only be a single lock_request per lock_ctx. Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Martin Schwenke <martin@meltin.net>
* smbd: Use asys_resultsVolker Lendecke2014-03-271-18/+15
| | | | | | | | | | When multiple aio requests finish simultaneously, this saves a few syscalls Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Mar 27 08:05:46 CET 2014 on sn-devel-104
* asys: Allow multiple results to be receivedVolker Lendecke2014-03-274-55/+69
| | | | | | | | | | | This makes use of C99 dynamic arrays. In this performance-sensitive code, I would like to avoid malloc/free, and I think 15 years after the standard we might be able to use this feature. Alternatively, we could use the "results" memory area and store the jobids in the upper range, playing some cast-tricks. Should work as well. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* pthreadpool: Allow multiple jobs to be receivedVolker Lendecke2014-03-278-37/+49
| | | | | | | This can avoid syscalls when multiple jobs are finished simultaneously Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* pthreadpool: Avoid a malloc/free per jobVolker Lendecke2014-03-271-54/+91
| | | | | | | | | | | pthreadpool_add_job is in our hottest code path for r/w intensive workloads, so we should avoid anything CPU-intensive. pthreadpool used to malloc each job and free it in the worker thread. This patch adds a FIFO queue for jobs that helper threads copy from, avoiding constant malloc/free. This cuts user space CPU in the local-bench-pthreadpool benchmark by roughly 10% on my system. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* pthreadpool: Add a simple benchmarkVolker Lendecke2014-03-274-0/+67
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* auth/gensec/spnego: map SPNEGO_REJECT to NT_STATUS_LOGON_FAILUREStefan Metzmacher2014-03-271-1/+1
| | | | | | | | | | This is what NTLMSSP also gives. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Thu Mar 27 02:34:36 CET 2014 on sn-devel-104
* auth/gensec: remove tevent_context argument from gensec_update()Stefan Metzmacher2014-03-2717-39/+48
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:ntlm_auth: make use of gensec_update_ev()Stefan Metzmacher2014-03-271-1/+1
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:rpc_server: make use of gensec_update_ev()Stefan Metzmacher2014-03-271-3/+3
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:smb_server: make use of gensec_update_ev()Stefan Metzmacher2014-03-272-2/+2
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:librpc: make use of gensec_update_ev()Stefan Metzmacher2014-03-271-2/+2
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:libcli: make use of gensec_update_ev()Stefan Metzmacher2014-03-273-6/+6
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:ldap_server: make use of gensec_update_ev()Stefan Metzmacher2014-03-271-2/+2
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:kdc: make use of gensec_update_ev()Stefan Metzmacher2014-03-271-1/+1
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:dns_server: make use of gensec_update_ev()Stefan Metzmacher2014-03-272-3/+3
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* auth/gensec: make use of gensec_update_ev() in spnego.cStefan Metzmacher2014-03-271-8/+8
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* auth/gensec: add a gensec_update_ev() functionStefan Metzmacher2014-03-272-14/+27
| | | | | | | | | | | | | | This is the current gensec_update() which takes an optional tevent_context structure and allows semi-async code. This is just a temporary solution on the way to kill the semi-async code completely, by using gensec_update_send/recv. By providing a gensec_update_ev(), we can remove the explicit tevent_context from gensec_update() and fix all the sane callers. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:pygensec: don't pass an explicit tevent_context to gensec_update()Stefan Metzmacher2014-03-271-9/+1
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* auth/gensec: fix gensec_update() with ev == NULL.Stefan Metzmacher2014-03-271-0/+32
| | | | | | | | | | | In future we should remove the tevent_context argument from gensec_update() completely! If we have sane backends we should also remove the tevent_loop_allow_nesting() call again! t Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* samba-tool dbcheck: handle missing objectClassFelix Botner2014-03-271-0/+31
| | | | | | | | | | | | | | In several cases we have seen objects without the objectClass attribute. Here the suggestion for a patch to find such objects in "samba-tool dbcheck" with the option to delete them. (patch improved by Andrew Bartlett to suggest DRS re-replication) Signed-off-by: Felix Botner <botner@univention.de> Change-Id: I8eb0d191a2089271a9af5884d6bfbf173a5c85c6 Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* dsdb: Improve missing objectClass handlingAndrew Bartlett2014-03-271-13/+13
| | | | | | | | | | | | | | This attempts to permit deletion of objects that have no objectClass to allow dbcheck to clean up a corrupt database. It is not complete, the replmd_replPropertyMetaDataCtr1_sort_and_verify() call will still fail, but this is as much as is safe to do without a way to replicate the original issue. Andrew Bartlett Change-Id: If0b6c7f18e8aee587e6b3b4af878a0145f5eac37 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* dsdb: Improve errors and checks for missing objectClass valuesAndrew Bartlett2014-03-271-2/+9
| | | | | | Change-Id: I8c4ac679accc90748d20c9c86986b127c939fa75 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* dsdb: Clarify how the DSDB_REPL_FLAG_PRIORITISE_INCOMING flag worksAndrew Bartlett2014-03-271-5/+13
| | | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Change-Id: Ib9f2f4ba417dbf0ee24b6e7db02d78a9bfe8850c Reviewed-by: Stefan Metzmacher <metze@samba.org>
* dsdb: Do not update notify_uSN until the transaction is genuinely committed ↵Andrew Bartlett2014-03-271-7/+7
| | | | | | | | to the DB Signed-off-by: Andrew Bartlett <abartlet@samba.org> Change-Id: I734bc75ed348de8f0a5ff92e18e08de2340b8951 Reviewed-by: Stefan Metzmacher <metze@samba.org>
* ctdb-tests: Add NAT gateway eventscript unit tests for static routesMartin Schwenke2014-03-266-0/+207
| | | | | | | Signed-off-by: Martin Schwenke <martin@meltin.net> Autobuild-User(master): Amitay Isaacs <amitay@samba.org> Autobuild-Date(master): Wed Mar 26 06:24:01 CET 2014 on sn-devel-104
* ctdb-eventscripts: CTDB_NATGW_STATIC_ROUTES can specify gatewaysMartin Schwenke2014-03-262-8/+27
| | | | | | | Extend CTDB_NATGW_STATIC_ROUTES so that each network can have an optional gateway that overrides CTDB_NATGW_DEFAULT_GATEWAY. Signed-off-by: Martin Schwenke <martin@meltin.net>
* ctdb-eventscripts: New configuration variable CTDB_NATGW_STATIC_ROUTESMartin Schwenke2014-03-263-5/+64
| | | | | | | This can be used to create more specific NATGW routes than the usual NATGW default route. Signed-off-by: Martin Schwenke <martin@meltin.net>
* ctdb-eventscripts: Clarify that CTDB_NATGW_DEFAULT_GATEWAY is optionalMartin Schwenke2014-03-263-9/+14
| | | | | | | | | This has been implied since the command to add the route has had errors redirected to /dev/null. If infrastucture (e.g. ADS, DNS) is on the same network as CTDB_NATGW_PUBLIC_IP then no route is necessary. Signed-off-by: Martin Schwenke <martin@meltin.net>
* ctdb-eventscripts: Improve check in NATGW "startup" eventMartin Schwenke2014-03-261-2/+5
| | | | | | | | | | | | Although the dots in $CTDB_NATGW_PUBLIC_IP could probably only help match an invalid public IP address, this is only executed once so do as exact a check as possible. Use CTDB_BASE instead of hardcoding /etc/ctdb. Make the error message less redundant. Signed-off-by: Martin Schwenke <martin@meltin.net>
* ctdb-eventscripts: Reformat natgw_clear()Martin Schwenke2014-03-261-9/+11
| | | | Signed-off-by: Martin Schwenke <martin@meltin.net>
* ctdb-eventscripts: Rename some NAT gateway functionsMartin Schwenke2014-03-261-10/+11
| | | | | | | | delete_all() really needed renaming for clarity. While doing this, might as well rename some of the others that don't start with "natgw_". Signed-off-by: Martin Schwenke <martin@meltin.net>
generated by cgit (git 2.34.1) at 2024-11-16 16:15:30 +0000