summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* s4:torture/drs: verify the whole metadata array to be the same in the ↵Stefan Metzmacher2016-07-081-22/+0
| | | | | | | | | | repl_move tests We've removed the difference compared to Windows and store metadata stamps for some empty attributes. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* Revert "selftest/flapping: mark samba4.drs.repl_move.python as temporary ↵Stefan Metzmacher2016-07-081-1/+0
| | | | | | | | | | | flapping" We pass this tests again... This reverts commit HEAD~2. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:dsdb/password_hash: force replication meta data for empty password attributesStefan Metzmacher2016-07-081-4/+37
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=9654 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:dsdb/common: add a replication metadata stamp for an empty logonHours ↵Stefan Metzmacher2016-07-081-3/+21
| | | | | | | | | | attribute When a user object is created it gets a metadata stamp for logonHours, while the logonHours attribute has no value. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* selftest/flapping: mark samba4.drs.repl_move.python as temporary flappingStefan Metzmacher2016-07-081-0/+1
| | | | | | | | We'll change the behaviour step by step to match Windows. At the end we'll pass the test again and revert this patch. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* tests:samba3sam: make use of the dsdb_flags_ignore moduleStefan Metzmacher2016-07-081-1/+1
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=9654 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:samba_dsdb: add "dsdb_flags_ignore" moduleStefan Metzmacher2016-07-081-3/+103
| | | | | | | | | | | This module removes internal flags from ldb_message_elements. Typically the repl_meta_data module handles DSDB_FLAG_INTERNAL_FORCE_META_DATA, but there're some cases where we don't use that module. BUG: https://bugzilla.samba.org/show_bug.cgi?id=9654 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:dsdb/samdb: add DSDB_FLAG_INTERNAL_FORCE_META_DATAStefan Metzmacher2016-07-082-6/+53
| | | | | | | | | | With this it's possible to add a replPropertyMetaData entry for an empty attribute. BUG: https://bugzilla.samba.org/show_bug.cgi?id=9654 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* CVE-2016-2019: s3:selftest: add regression tests for guest logins and ↵Stefan Metzmacher2016-07-071-0/+4
| | | | | | | | | | | mandatory signing BUG: https://bugzilla.samba.org/show_bug.cgi?id=11860 Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Karolin Seeger <kseeger@samba.org> Autobuild-Date(master): Thu Jul 7 14:52:20 CEST 2016 on sn-devel-144
* CVE-2016-2019: s3:libsmb: add comment regarding smbXcli_session_is_guest() ↵Stefan Metzmacher2016-07-071-0/+3
| | | | | | | | with mandatory signing BUG: https://bugzilla.samba.org/show_bug.cgi?id=11860 Signed-off-by: Stefan Metzmacher <metze@samba.org>
* CVE-2016-2019: libcli/smb: don't allow guest sessions if we require signingStefan Metzmacher2016-07-071-2/+17
| | | | | | | | | Note real anonymous sessions (with "" as username) don't hit this as we don't even call smb2cli_session_set_session_key() in that case. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11860 Signed-off-by: Stefan Metzmacher <metze@samba.org>
* testprogs: Do not use the deprecated samba-tool user addAndreas Schneider2016-07-071-1/+1
| | | | | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Thu Jul 7 02:15:16 CEST 2016 on sn-devel-144
* s3:libsmb/clirap: remove unused cli_get_server_*() functionsStefan Metzmacher2016-07-062-146/+0
| | | | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed Jul 6 22:41:41 CEST 2016 on sn-devel-144
* libcli/auth: remove unused variable in msrpc_parse()Stefan Metzmacher2016-07-061-7/+0
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* security.idl: add SID_NT_NFS S-1-5-88* sidsStefan Metzmacher2016-07-061-0/+9
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* selftest: Do not use the deprecated samba-tool user addAndreas Schneider2016-07-061-2/+2
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* s4-dsdb: Add missing header file for write() and close()Andreas Schneider2016-07-061-0/+1
| | | | | | | This fixes compilation with gcc 4.8.5. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* s4-torture: Add AES and RC4 enctype checksAndreas Schneider2016-07-062-1/+229
| | | | | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlet <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Jul 6 19:06:19 CEST 2016 on sn-devel-144
* s4-torture: Add torture_check_krb5_error() functionAndreas Schneider2016-07-061-74/+111
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlet <abartlet@samba.org>
* schema: Reorder dsdb_set_schema() to unlink the old schema lastAndrew Bartlett2016-07-061-12/+13
| | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* dsdb: Remove 120 second delay and USN from schema refresh checkAndrew Bartlett2016-07-066-158/+76
| | | | | | | | | | | | | | | | | We now refresh it once the schema changes, so that replication can proceed right away. We use the sequence number in the metadata.tdb. The previous commit added a cache for this value, protected by tdb_seqnum(). metadata.tdb is now opened at startup to provide this support. Note that while still supported, schemaUpdateNow is essentially rudundent: instead, to ensure we increment the sequence number correctly, we unify that check into repl_meta_data at the transaction close. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* dsdb: Remove use of schema USN in samldb_add_handle_msDS_IntIdAndrew Bartlett2016-07-063-64/+21
| | | | | | | | This is not a frequent enough operation to warrent a cache, and the USN will be removed from the schema code shortly Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* schema: Make the fetch of the schema version fastAndrew Bartlett2016-07-062-3/+20
| | | | | | | | Use the tdb_seqnum() to avoid needing locks to check if the schema has not changed Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andreas Schneider <asn@samba.org>
* ldb: Avoid use-after-free when one error message is printed into anotherAndrew Bartlett2016-07-061-2/+4
| | | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andreas Schneider <asn@samba.org>
* provision: Ignore duplicate attid and governsID checkBob Campbell2016-07-066-10/+43
| | | | | | | | | | During the provision this causes a huge performance hit as these two attributes are unindexed. Signed-off-by: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
* provision_fill: move GPO into transactionBob Campbell2016-07-061-5/+7
| | | | | | | Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz> Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
* provision_fill: move most db accesses into transactionsBob Campbell2016-07-062-230/+232
| | | | | | | Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz> Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
* ctdb-scripts: Quote some variable expansionsMartin Schwenke2016-07-0617-70/+77
| | | | | | | | | | | | | This avoids relevant shellcheck warnings. This is most of the shellcheck low hanging fruit in the non-test code. Many of the other warnings produced by shellcheck are either false positives, are non-trivial to fix or a fix may result in worse code. Signed-off-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Amitay Isaacs <amitay@gmail.com> Autobuild-User(master): Amitay Isaacs <amitay@samba.org> Autobuild-Date(master): Wed Jul 6 08:15:49 CEST 2016 on sn-devel-144
* ctdb-scripts: Fix incorrect variable referenceMartin Schwenke2016-07-061-1/+1
| | | | | Signed-off-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Amitay Isaacs <amitay@gmail.com>
* ctdb-scripts: Use globs instead of ls to list filesMartin Schwenke2016-07-061-8/+7
| | | | | | | shellcheck reports that using ls is fragile. Signed-off-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Amitay Isaacs <amitay@gmail.com>
* ctdb-scripts: Fix incorrect variable referenceMartin Schwenke2016-07-061-1/+1
| | | | | Signed-off-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Amitay Isaacs <amitay@gmail.com>
* ctdb-scripts: Fix incorrect variable referenceMartin Schwenke2016-07-061-1/+1
| | | | | Signed-off-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Amitay Isaacs <amitay@gmail.com>
* ctdb-scripts: Update script boilerplate to avoid shellcheck warningsMartin Schwenke2016-07-0623-47/+55
| | | | | | | | | | | | | * Assign the output of dirname to temporary variable to avoid word splitting when directory name contains whitespace * Drop export of CTDB_BASE to avoid masking broken return value - functions file does the export anyway * Quote path when including functions file Signed-off-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Amitay Isaacs <amitay@gmail.com>
* ctdb-scripts: Export CTDB_BASE in functions fileMartin Schwenke2016-07-061-0/+1
| | | | | | | | This avoids having to export it in every file that includes the functions file. Signed-off-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Amitay Isaacs <amitay@gmail.com>
* ctdb-scripts: Drop optional argument to nfs_check_services()Martin Schwenke2016-07-061-2/+2
| | | | | | | | | Added so that nfs_check_services() could be run against an arbirary directory. However, with the function moved to the event script, this isn't useful. CTDB_NFS_CHECKS_DIR can be used for testing instead. Signed-off-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Amitay Isaacs <amitay@gmail.com>
* gensec: Change log level for message when obtaining PAC from ↵Christof Schmitt2016-07-061-6/+4
| | | | | | | | | | | | | | | | | gss_get_name_attribute failed This is the second part for the issue from commit 8bb4fccd. A KDC that does not return a PAC first triggers this message, then the "resorting to local user lookup" one. Change the log level for the "obtaining PAC via GSSAPI gss_get_name_attribute" message as well to avoid spamming the logs during normal usage. While changing this message, also remove the discard_const since it is no longer required. Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Jul 6 04:27:03 CEST 2016 on sn-devel-144
* auth: fix a memory leak in gssapi_get_session_key()Uri Simchoni2016-07-061-6/+1
| | | | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12006 Signed-off-by: Uri Simchoni <uri@samba.org> Signed-off-by: Richard Sharpe <rsharpe@samba.org> Signed-off-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Richard Sharpe <sharpe@samba.org> Autobuild-Date(master): Wed Jul 6 00:40:15 CEST 2016 on sn-devel-144
* s3-libads: fix a memory leak in ads_sasl_spnego_bind()Uri Simchoni2016-07-051-1/+4
| | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12006 Signed-off-by: Uri Simchoni <uri@samba.org> Signed-off-by: Richard Sharpe <rsharpe@samba.org> Signed-off-by: Andreas Schneider <asn@samba.org>
* ctdb-build: Exit if requested feature cannot be builtAmitay Isaacs2016-07-051-0/+2
| | | | | | | | Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Martin Schwenke <martin@meltin.net> Autobuild-User(master): Martin Schwenke <martins@samba.org> Autobuild-Date(master): Tue Jul 5 14:38:30 CEST 2016 on sn-devel-144
* ctdb-daemon: Log ctdb socket in the main daemonAmitay Isaacs2016-07-051-0/+2
| | | | | Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Martin Schwenke <martin@meltin.net>
* ctdb-pmda: CTDB client code does not require ctdb->methodsAmitay Isaacs2016-07-051-4/+0
| | | | | Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Martin Schwenke <martin@meltin.net>
* ctdb-daemon: Check if method is initialized before callingAmitay Isaacs2016-07-052-2/+2
| | | | | Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Martin Schwenke <martin@meltin.net>
* ctdb-ib: Include system/wait.h for signalAmitay Isaacs2016-07-051-0/+1
| | | | | Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Martin Schwenke <martin@meltin.net>
* ctdb-client: Expose ctdb_ltdb_fetch in client APIAmitay Isaacs2016-07-052-3/+7
| | | | | Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Martin Schwenke <martin@meltin.net>
* ctdb-client: Add debug messages to client db apiAmitay Isaacs2016-07-051-12/+106
| | | | | Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Martin Schwenke <martin@meltin.net>
* ctdb-client: Fix implementation of transaction cancelAmitay Isaacs2016-07-051-1/+27
| | | | | | | | Wrap async transaction cancel to unlock g_lock lock and free transaction handle. Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Martin Schwenke <martin@meltin.net>
* ctdb-client: Add async version of transaction cancelAmitay Isaacs2016-07-052-0/+81
| | | | | | | Transaction cancel should get rid of g_lock lock. Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Martin Schwenke <martin@meltin.net>
* ctdb-client: Fix implementation of transaction commitAmitay Isaacs2016-07-052-57/+75
| | | | | | | | | | | | | There is no need to explicitly check that recovery is not active before sending TRANS33_COMMIT control. Just try TRANS3_COMMIT control and if recovery occurs before the control is completed, the control will fail and it can be retried. Make sure g_lock lock is released after the transaction is complete. Also, add timeout to the client api. Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Martin Schwenke <martin@meltin.net>
* ctdb-client: Fix implementation of transaction startAmitay Isaacs2016-07-051-53/+2
| | | | | | | | | | | | | | | | | Since g_lock checks if the process exists in case of conflicting lock, there is no need to register srvid. Transaction start returns a transaction handle and transaction commit/cancel will free that handle. Since we cannot call async code in a talloc destructor, this avoids the use of talloc destructor for cancelling the transaction. If user frees the transaction handle instead of calling transaction cancel, it will leave stale g_lock lock. This stale g_lock lock will get cleaned up on next transaction attempt. Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Martin Schwenke <martin@meltin.net>
* ctdb-client: During transaction commit fetch seqnum locallyAmitay Isaacs2016-07-051-74/+51
| | | | | | | This avoids extra controls to the server. Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Martin Schwenke <martin@meltin.net>
View Lorry Controller Status