summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* s3: smb2: Simplify logic in reprocess_blocked_smb2_lock().Jeremy Allison2014-07-191-30/+25
| | | | | | | | | | SMB2 blocking locks can only have one lock per request, so there can never be any other locks to wait for. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ira Cooper <ira@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> (cherry picked from commit 1a02a1e6aa15c028a848585d66cecbbdda8015b3)
* s3: smb2: Remove unused code from remove_pending_lock().Jeremy Allison2014-07-191-13/+0
| | | | | | | | | | SMB2 blocking locks can only have one lock per request, so there can never be any previous locks to remove. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ira Cooper <ira@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> (cherry picked from commit 508c09c6a019458bb0290fbf284e73c24feddb0e)
* selftest/knownfail: ignore samba3.smb2.oplock.exclusive5 failures in v4-1-*Stefan Metzmacher2014-07-171-0/+1
| | | | | | | | | | | This is fixed by 20669d4a75386eef4fdcea07fb99812c4e09de13 in master. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10671 Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org> Autobuild-Date(v4-1-test): Thu Jul 17 11:07:08 CEST 2014 on sn-devel-104
* smbd: Remove 2 indentation levelsVolker Lendecke2014-07-171-11/+11
| | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org> (cherry picked from commit 1dc5c20c8f7d8aa96fa0601bf5bf6dc69fb79d9f)
* s3: smbd - Prevent file truncation on an open that fails with share mode ↵Jeremy Allison2014-07-171-2/+20
| | | | | | | | | | | | | | | | | | | violation. Fix from Volker, really - just tidied up a little. The S_ISFIFO check may not be strictly neccessary, but doesn't hurt (might make the code a bit more complex than it needs to be). Fixes bug #10671 - Samba file corruption as a result of failed lock check. https://bugzilla.samba.org/show_bug.cgi?id=10671 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org> (cherry picked from commit 31b3427a417217e5e869baafdf63e633efc39d12) [ddiss@samba.org: 4.1 backport]
* s4:dsdb/repl_meta_data: make sure objectGUID can't be deletedStefan Metzmacher2014-07-151-3/+3
| | | | | | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=9763 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit d64bc6c9af24109e89632db9133070f2ab827c46) Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org> Autobuild-Date(v4-1-test): Tue Jul 15 15:01:25 CEST 2014 on sn-devel-104
* selftest: teardown the environments also on getting SIGPIPEStefan Metzmacher2014-07-151-10/+15
| | | | | | | | | | | | | | | | | | | | | | make test uses selftest.pl | subuntu-filter.py ... FAIL_IMMEDIATELY=1 lets subuntu-filter.py exit, which generates SIGPIPE in selftest.pl. We should handle this just like any other signal and teardown all environments. This should make the teardown process more reliable/verbose. Pair-Programmed-With: Michael Adam <obnox@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Michael Adam <obnox@samba.org> (cherry picked from commit b2803950fc439017680069813fc49255a3f0cbbf) Bug: https://bugzilla.samba.org/show_bug.cgi?id=10696 backport autobuild/selftest fixes from master
* libwbclient: allow only one initial_blob/challenge_blob in wbcCredentialCache()Stefan Metzmacher2014-07-151-9/+19
| | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=10692 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3: libwbclient: Don't break out of loop too soon - find all parameters.Jeremy Allison2014-07-151-2/+0
| | | | | | | | Fix bug #10692: wbcCredentialCache fails if challenge_blob is not first https://bugzilla.samba.org/show_bug.cgi?id=10692 Signed-off-by: Jeremy Allison <jra@samba.org>
* s4:dsdb/samldb: don't allow 'userParameters' to be modified over LDAP for nowStefan Metzmacher2014-07-151-0/+18
| | | | | | | | | | | | | | | | | | | For now it's safer to reject setting 'userParameters' via LDAP, as we'll not provide the same behavior as a Windows Server. If someone requires that feature please report this in the following bug reports! Bug: https://bugzilla.samba.org/show_bug.cgi?id=8077 Bug: https://bugzilla.samba.org/show_bug.cgi?id=10130 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed Jul 9 11:07:51 CEST 2014 on sn-devel-104 (cherry picked from commit 04e9d020c97c2dcd360b1845907f4c396d5671dc)
* dbcheck: Add check and test for various invalid userParameters valuesAndrew Bartlett2014-07-152-0/+244
| | | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=8077 Change-Id: I6f2f4169856ce78c62e3a7e74b48520cca9cb9ae Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit 9bfbff65436a088fab5d564b6c0bb122a76492bc)
* dsdb: Always store and return the userParameters as a array of LE 16-bit valuesAndrew Bartlett2014-07-153-23/+84
| | | | | | | | | | | | | | | | This is not allowed to be odd length, as otherwise we can not send it over the SAMR transport correctly. Allocating one byte less memory than required causes malloc() heap corruption and then a crash or lockup of the SAMR server. Andrew Bartlett Bug: https://bugzilla.samba.org/show_bug.cgi?id=10130 Change-Id: I5c0c531c1d660141e07f884a4789ebe11c1716f6 Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit d7b4d10aba90f4a1acf01d1d5ab62161862f62f7)
* dsdb: Set syntax of userParameters to binary string, not unicode stringAndrew Bartlett2014-07-152-0/+12
| | | | | | | | | | | | | | | | | | | This means we continue to store the values as given on SAMR, assuming that the SAMR buffer is little endian. The syntax for this specific object is forced to be a binary blob, so that it is not converted on DRSUAPI. This commit does not fix existing databases, nor pdb_samba_dsdb (used by classicupgrade). Andrew Bartlett Bug: https://bugzilla.samba.org/show_bug.cgi?id=8077 Change-Id: I10bb6aaecc381194e3c0ce6b9163f961acbdcee1 Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit 1592eaa5c781af83aa64bc4e7211339e1d1eafce)
* torture4: Make raw.lock.multilock fail after 20 secondsVolker Lendecke2014-07-151-1/+1
| | | | | | | | | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Jul 4 00:04:10 CEST 2014 on sn-devel-104 (cherry picked from commit 0c97b7eb5359b95c0d51a3b5524e82e34243d2d1) The last 7 patches address bug #10684 - SMB1 blocking locks can fail notification on unlock, causing client timeout.
* torture4: Adapt comment to codeVolker Lendecke2014-07-151-1/+1
| | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> (cherry picked from commit 4205463ef1815d6e86e1d1f1f57651ca30407469)
* s4: smbtorture: Add multi-lock test. Regression test for bug #10684.Jeremy Allison2014-07-151-0/+97
| | | | | | | | | | Bug #10684 - SMB1 blocking locks can fail notification on unlock, causing client timeout. https://bugzilla.samba.org/show_bug.cgi?id=10684 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE> (cherry picked from commit 64346a134dac2bd023f7473202ca38d35ffd3c89)
* s3: smbd: Locking - re-add pending lock records if we fail to acquire a lock ↵Jeremy Allison2014-07-151-17/+80
| | | | | | | | | | | | | | | | | | | (and the lock hasn't timed out). Keep the blocking lock record and the pending lock records consistent if we are dealing with multiple blocking lock requests in one SMB1 LockingX request. Ensure we re-add the records under the record lock, to avoid race conditions. Bug #10684 - SMB1 blocking locks can fail notification on unlock, causing client timeout. https://bugzilla.samba.org/show_bug.cgi?id=10684 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE> (cherry picked from commit 954401f8b2b16b3e2ef9655e8ce94d657becce36)
* s3: smbd: Locking - treat lock timeout the same as any other error.Jeremy Allison2014-07-151-53/+38
| | | | | | | | | | | | | Allows the special case in process_blocking_lock_queue() that talks back to the client to be removed. Bug #10684 - SMB1 blocking locks can fail notification on unlock, causing client timeout. https://bugzilla.samba.org/show_bug.cgi?id=10684 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE> (cherry picked from commit cc9de6eb091159a84228b988c49261c46c301233)
* s3: smbd: Locking - add and use utility function lock_timed_out().Jeremy Allison2014-07-151-3/+21
| | | | | | | | | | Bug #10684 - SMB1 blocking locks can fail notification on unlock, causing client timeout. https://bugzilla.samba.org/show_bug.cgi?id=10684 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE> (cherry picked from commit 12be57ef3b2d1b670be7a83f29cd580938030015)
* s3: smbd: Locking - convert to using utility macro used elsewhere.Jeremy Allison2014-07-151-2/+1
| | | | | | | | | | Bug #10684 - SMB1 blocking locks can fail notification on unlock, causing client timeout. https://bugzilla.samba.org/show_bug.cgi?id=10684 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE> (cherry picked from commit 517fa80bd385c6adcfee03ea6b25599013ad88f5)
* s4:dsdb/extended_dn_in: don't force DSDB_SEARCH_SHOW_RECYCLEDStefan Metzmacher2014-07-151-17/+20
| | | | | | | | | | | | | | We should take the controls the caller provided when we search for existing objects. A search with a basedn of '<GUID=....>' should result in LDB_ERR_NO_SUCH_OBJECT is the object has isDeleted=TRUE. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10694 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit 9e6349f81edb3914d18bc50473d65c0c1f5bc113)
* s4:dsdb/kcc: use SHOW_RECYCLED instead of SHOW_DELETED in when deleting ↵Stefan Metzmacher2014-07-151-1/+1
| | | | | | | | | | | | tombstone/deleted objects SHOW_RECYCLED implies SHOW_DELETED. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10694 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit fa177273b87d980f81f19acb2f1a9154f8c6bfd9)
* s4:dsdb/schema_load: make error message more verboseStefan Metzmacher2014-07-151-1/+2
| | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit 26fa0b97d0270456becb86d93723a3c8e5d58585)
* dbcheck: Ensure dbcheck can operate with --attrs setAndrew Bartlett2014-07-152-1/+6
| | | | | | | | This also includes a test to ensure we do not regress on this point. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit f596dc94e1ab839f13e2a9edbcec774635b5c211)
* kerberos: Remove un-used event context argument from smb_krb5_init_context()Andrew Bartlett2014-07-1512-25/+6
| | | | | | | | | | | | | | | | | | | The event context here was only specified in the server or admin-tool context, which does not do network communication, so this only caused a talloc_reference() and never any useful result. The actual network communication code sets an event context directly before making the network call. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Mon Apr 28 02:24:57 CEST 2014 on sn-devel-104 (cherry picked from commit 086c06e361962e1c118d8eed2316e9df7834ae8b)
* dsdb: Specify no event context to smb_krb5_init_context() in dsdbAndrew Bartlett2014-07-153-4/+6
| | | | | | | | | | | These routines parse principals and generate keys only, no network communication is done. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> (cherry picked from commit 7a26989d4c62f38dcafc2a688b8cbaccc6499480)
* dsdb: Add DSDB_SEARCH_ONE_ONLY support to dsdb_module_search*()Andrew Bartlett2014-07-151-0/+13
| | | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit cccc0dee04e2e3aecd82ed4cf887f9e36dd4962d)
* dsdb: Do not permit nested event loops when in a transaction, use a nested ↵Andrew Bartlett2014-07-151-13/+80
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | event context It is never safe to execute arbitary code inside a transaction - we need to get in and get out, not run other events for the rest of the server. This patch avoids that by creating a private event loop during transactions, so no unexpected operations fire, and returning the original one when we finish it. If an event fires during an LDB transaction, an unrelated operation can occur during the transaction, and if the transaction were to be cancelled, there would be a silent rollback (despite the client having been indicated success). Additionally, other processes could be called via IRPC that need to operate on the database but are locked out due to the ongoing transaction. Andrew Bartlett BUG: https://bugzilla.samba.org/show_bug.cgi?id=10582 Change-Id: I22322fc006e61d7291da17cdf6431416ebb7b30f Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Tue May 6 13:36:20 CEST 2014 on sn-devel-104 (cherry picked from commit 401f555c28aee861385b75c371b5f44cded1d391)
* dsdb: Rename private_data to rootdse_private_data in rootdseAndrew Bartlett2014-07-151-8/+8
| | | | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=10582 Change-Id: I349a2be67333ada86c19cd6d2ed283cd5bbeb2aa Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit 543c5bf94187473271767ad782439abbfccda00d)
* dsdb: Add more tests for DN+String and DN+Binary comparisonsAndrew Bartlett2014-07-151-0/+14
| | | | | | | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Feb 5 10:41:37 CET 2014 on sn-devel-104 (cherry picked from commit 741e5dca09053d0fc9a6e2a112113f1828a95759)
* selftest: Add tests for dbcheck detection and removal of partial objectsAndrew Bartlett2014-07-1534-3/+80719
| | | | | | | | | | | | To avoid listing all the provision snapshots, we use a broader blacklist for waf dist and a whitelist for dbcheck-oldrelease.sh Andrew Bartlett Change-Id: Iab0ff4be0b4287dc128a49302836a6f0f7b39678 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit 7c2bf8d2bc5230e4bd98cc5a0f1b8f3cc56a3f77)
* dsdb: Make it harder to corrupt the database by requiring DBCHECK or RELAX ↵Andrew Bartlett2014-07-152-10/+32
| | | | | | | | | | | | | | | | for final object deletion This kind of deletion can cause us to then replicate back a partial object. We allow dbcheck to directly remove totally corrupt objects (missing an objectclass) by specifying both DBCHECK and RELAX, and the tombstone sweep after 180 days is done with the RELAX control. Andrew Bartlett Change-Id: Ic21f68e507ba9b65e035ca568430e35e2d001c7d Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit b19d80d0a97faffc165f068612f74d4ef8d7e5da)
* build: Exclude source4/selftest/provisions/release-4-1-0rc3 from the tarballAndrew Bartlett2014-07-151-1/+1
| | | | | | | | | | | Change-Id: Id4ddaabb91363174d2fbef09e823f53b13912a51 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Fri Mar 21 10:06:04 CET 2014 on sn-devel-104 (cherry picked from commit efad13addca918e18e3df341cc38405a93028940)
* dbcheck: Directly call dn.get_rdn_{val,name}() for clarity and consistencyAndrew Bartlett2014-07-151-18/+13
| | | | | | | | | | | | | When looking for incorrect name values, this improves the previous code by avoiding one more manual parse step, and uses less cryptic variable names. Andrew Bartlett Change-Id: Iff8e571a6359a67bf173f729dc12b8787292b3cb Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jelmer Vernooij <jelmer@samba.org> (cherry picked from commit 393348d11ed781d9f42049d5f996b0bab8b15d58)
* dbchecker: verify and fix broken dn valuesStefan Metzmacher2014-07-151-0/+94
| | | | | | | | | | | | | | | | | | | | | | | | | | With older Samba versions (4.0.x) the following could happen: - On account was created on DC1 - It was replicated to DC2 - The connection between the dcs is offline - The account gets modified on DC2 - The account gets deleted on DC1 - The connection becomes online again - DC1 replicates the modification from DC2, this resets the dn to the original value. 'name' and 'cn' are correct (with '\nDEL${GUID}'), but 'dn' is wrong. - DC2 replicates the deletion from DC1. this doesn't include a changed dn as DC1 had a bug. 'name' is correct (with '\nDEL${GUID}'), but 'cn' and 'dn' are wrong. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10536 Change-Id: Ia70a6c12e0ff0d4c2c8100cb1d8f3c6422b65591 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit 709ed040ec161e99b3c1f7076eac4a631149f64a)
* dbchecker: make the deleted objects container detection more genericStefan Metzmacher2014-07-151-2/+8
| | | | | | | Change-Id: I282ad887c41412e25fdf73476e405f4e88e0b239 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit 821d7dc7b33598f72c4518f8975073b058df5960)
* dsdb: Do not refresh the schema using the wrong event contextAndrew Bartlett2014-07-155-112/+191
| | | | | | | | | | | | | | | | | What we now do is have the refresh function and module be on a seperate object to the schema, only referring to the data and not excuting on the original ldb and event loop. That is, we never use another ldb context when calling the refresh function, by binding the refresh handler to the ldb and not the schema. Andrew Bartlett Change-Id: I5c323dda743cf5858badd01147fda6227599bc16 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> (cherry picked from commit 791c38282d681c60eaedb47803b9043991f5950d)
* dsdb: Do not store a struct ldb_dn in struct schema_dataAndrew Bartlett2014-07-159-48/+41
| | | | | | | | | | | | | The issue is that the DN contains a pointer to the ldb it belongs to, and if this is not kept around long enough, we might reference memory after it is de-allocated. Andrew Bartlett Change-Id: I040a6c37a3164b3309f370e32e598dd56b1a1bbb Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> (cherry picked from commit 8327321225251e312ccbd06bbefa5ebf98099f34)
* samba-tool dbcheck: handle missing objectClassFelix Botner2014-07-151-0/+31
| | | | | | | | | | | | | | | In several cases we have seen objects without the objectClass attribute. Here the suggestion for a patch to find such objects in "samba-tool dbcheck" with the option to delete them. (patch improved by Andrew Bartlett to suggest DRS re-replication) Signed-off-by: Felix Botner <botner@univention.de> Change-Id: I8eb0d191a2089271a9af5884d6bfbf173a5c85c6 Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit 5b1d6e722e254522165ec512537a2efa2b979e6f)
* dsdb: Improve missing objectClass handlingAndrew Bartlett2014-07-151-13/+13
| | | | | | | | | | | | | | | This attempts to permit deletion of objects that have no objectClass to allow dbcheck to clean up a corrupt database. It is not complete, the replmd_replPropertyMetaDataCtr1_sort_and_verify() call will still fail, but this is as much as is safe to do without a way to replicate the original issue. Andrew Bartlett Change-Id: If0b6c7f18e8aee587e6b3b4af878a0145f5eac37 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit 74a83be540c8fa0dd0f91da25b1f9d7ccc4ec568)
* dsdb: Improve errors and checks for missing objectClass valuesAndrew Bartlett2014-07-151-2/+9
| | | | | | | Change-Id: I8c4ac679accc90748d20c9c86986b127c939fa75 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit df2ef57584aab81c75012ec5d878322ff0691608)
* dsdb: Clarify how the DSDB_REPL_FLAG_PRIORITISE_INCOMING flag worksAndrew Bartlett2014-07-151-5/+13
| | | | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Change-Id: Ib9f2f4ba417dbf0ee24b6e7db02d78a9bfe8850c Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit dac1411b9ef9863152932698ce8c4e0a8cc79b1c)
* dsdb: Do not update notify_uSN until the transaction is genuinely committed ↵Andrew Bartlett2014-07-151-7/+7
| | | | | | | | | to the DB Signed-off-by: Andrew Bartlett <abartlet@samba.org> Change-Id: I734bc75ed348de8f0a5ff92e18e08de2340b8951 Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit 20a665ae09eb8d5affb88fe409a6130a74bd0aad)
* dsdb: Further assert that we always have an objectClass and an rDNAndrew Bartlett2014-07-151-32/+118
| | | | | | | | | | | | | | | | | | | | | | | | | We must have these two elements in a replPropertyMetaData for it to be valid. We may have to relax this for new partition creation, but for now we want to find and isolate the database corruption. The printing of the LDIF is moved above the checks to make it easier to diagnoise the failures when further reproduced. Based initially on a patch originally by Arvid Requate <requate@univention.de> Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Change-Id: I5f583d89e6d4c5e8e2d9667f336a0e8fd8347b25 Reviewed-on: https://gerrit.samba.org/164 Reviewed-by: Kamen Mazdrashki <kamenim@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Mon Mar 17 06:44:17 CET 2014 on sn-devel-104 (cherry picked from commit 9c9df40220234cba973e84b4985d90da1334a1d1)
* dsdb: Ensure to sort replPropertyMetaData as UNSIGNED, not SIGNED quantitiesAndrew Bartlett2014-07-151-4/+18
| | | | | | | | | | | | | | | | enum is an int, and therefore signed. Some attributes have the high bit set. Andrew Bartlett Change-Id: I39a5499b7c6bbb763e15977d802cda8c69b94618 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-on: https://gerrit.samba.org/163 Reviewed-by: Kamen Mazdrashki <kamenim@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri Mar 14 10:16:41 CET 2014 on sn-devel-104 (cherry picked from commit 61b978872fe86906611f64430b2608f5e7ea7ad8)
* s4:samdb: respect SEARCH_FLAG_PRESERVEONDELETEArvid Requate2014-07-151-2/+7
| | | | | | | | | | | | | | According to MS-ADTS section 3.1.1.5.5.1.1 the searchFlags must be checked. Signed-off-by: Arvid Requate <requate@univention.de> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org> Autobuild-User(master): David Disseldorp <ddiss@samba.org> Autobuild-Date(master): Thu Feb 6 21:42:22 CET 2014 on sn-devel-104 (cherry picked from commit 98c961eb82194cd0738dbc58e4ae9f81771b409e)
* s4-samldb: Do not allow deletion of objects with RID < 1000Nadezhda Ivanova2014-07-155-11/+48
| | | | | | | | | | | | | | According to [MS-SAMR] 3.1.5.7 Delete Pattern we should not allow deletion of security objects with RID < 1000. This patch will prevent deletion of well-known accounts and groups. Signed-off-by: Nadezhda Ivanova <nivanova@symas.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Nadezhda Ivanova <nivanova@samba.org> Autobuild-Date(master): Mon Oct 14 13:31:50 CEST 2013 on sn-devel-104 (cherry picked from commit 13a10d43141c29dad61868b451c0c1dca82360de)
* dsdb: Use dsdb_next_callback() rather than a no-op per-module callbackAndrew Bartlett2014-07-151-38/+16
| | | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit 35e56d2b71b1dcd906baa70509ec50af39504b5a)
* s4-dsdb: instanceType NC_HEAD is only allowed combined with WRITE for an ↵Nadezhda Ivanova2014-07-152-5/+15
| | | | | | | | | | | | | | originating add operation As described in MS-ATDS 3.1.1.5.2.8. Signed-off-by: Nadezhda Ivanova <nivanova@symas.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Nadezhda Ivanova <nivanova@samba.org> Autobuild-Date(master): Sun Nov 3 16:17:30 CET 2013 on sn-devel-104 (cherry picked from commit 8a505090215501324f83dda86d146708b687abcc)
* s4:dsdb/repl: make use of dcerpc_binding_handle_is_connected()Stefan Metzmacher2014-07-151-7/+10
| | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit 0e902b83b4029320cf050a221ad41acdcdc23373)
View Lorry Controller Status