The branch, v4-0-test has been updated
via fe880b5 WHATSNEW: Remove default values.
via 3cebcfc WHATSNEW: Add more changes since rc1.
via a7c4372 s4-dns: fix a non handled memory out of memory
via 3d3acf0 s3fs-smbd: Move housekeeping to the background process.
via b74ed15 Fix service control for non-internal services.
via 6d184c0 s3-winbindd: Adjust error code loop logic in
rpc_trusted_domains().
via 9525921 s3-lsa: Flesh out the returned info in
_lsa_EnumTrustedDomainsEx().
via 3058755 s3-winbindd: Allow DNS resolution of trusted domains if DNS
name is avaliable
from a92e4e5 docs-xml: fix build of winbindd- and krb5 locator-related
manpages
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test
- Log -----------------------------------------------------------------
commit fe880b5bdb7b4663460033053f3e82a1568c9f11
Author: Karolin Seeger <ksee...@samba.org>
Date: Tue Oct 2 09:23:45 2012 +0200
WHATSNEW: Remove default values.
Karolin
Autobuild-User(v4-0-test): Karolin Seeger <ksee...@samba.org>
Autobuild-Date(v4-0-test): Tue Oct 2 11:05:25 CEST 2012 on sn-devel-104
commit 3cebcfc0ad456cfde4023deb561f0dcc758f17d8
Author: Karolin Seeger <ksee...@samba.org>
Date: Tue Oct 2 09:20:00 2012 +0200
WHATSNEW: Add more changes since rc1.
Karolin
commit a7c437285f15f8a1e46a4f6d57d6b6986720ed84
Author: Matthieu Patou <m...@matws.net>
Date: Mon Oct 1 21:43:11 2012 -0700
s4-dns: fix a non handled memory out of memory
Fix bug #9233 - internal dns server has a non handled out of memory case.
commit 3d3acf04da37d99aceb4759849a42a8ecae2333f
Author: Andreas Schneider <a...@samba.org>
Date: Thu Sep 27 19:01:15 2012 +0200
s3fs-smbd: Move housekeeping to the background process.
If you add 200 printers using lpadmin. Then you wait for the printcap
cache to expire. As soon as this expires we notify all deamons that they
should reload the printers. This mean we need to create the default
registry keys for each printer. If you do e.g. a 'smbclient -L' during
that time you will get a lot of timeouts.
This lets the housekeeping function of the printcap cache do the task of
creating the default registry keys in background queue process. When it is
done
with the task it will tell all smbd childs to reload the printers and the
200
printers appear.
(cherry picked from commit aa6a7a97803b1106d2200c889a2260f81059c450)
Signed-off-by: Andreas Schneider <a...@samba.org>
Fix bug #9231 - NT_STATUS_IO_TIMEOUT during slow import of printers into
registry.
commit b74ed1511753bd9b51c91a02e0cb4ea42e3ea37e
Author: Vladimir Marek <vladimir.ma...@oracle.com>
Date: Mon Sep 17 13:50:55 2012 -0700
Fix service control for non-internal services.
Signed-off-by: Jeremy Allison <j...@samba.org>
(cherry picked from commit a4e8869f7c93f30dd7014ff83d6d2f2b5afc2d64)
Signed-off-by: Andreas Schneider <a...@samba.org>
Fix bug #9192 - svcctl list option prohibits smbd to start.
commit 6d184c07438328ff88b7de942b0c39ce44a20d0a
Author: Günther Deschner <g...@samba.org>
Date: Fri Sep 28 18:04:07 2012 +0200
s3-winbindd: Adjust error code loop logic in rpc_trusted_domains().
Guenther
Autobuild-User(master): Günther Deschner <g...@samba.org>
Autobuild-Date(master): Sat Sep 29 00:34:04 CEST 2012 on sn-devel-104
Fix bug #9185 - Winbind cannot resolve AD DC in a different subnet.
commit 9525921d8d5a6d2e51e55171d26908fd1d6d7503
Author: Günther Deschner <g...@samba.org>
Date: Fri Sep 28 18:03:25 2012 +0200
s3-lsa: Flesh out the returned info in _lsa_EnumTrustedDomainsEx().
Guenther
commit 3058755280fa7a8d35a13cdd459be3e1db2a373a
Author: Sumit Bose <sb...@redhat.com>
Date: Tue Sep 11 13:28:35 2012 +0200
s3-winbindd: Allow DNS resolution of trusted domains if DNS name is
avaliable
Signed-off-by: Günther Deschner <g...@samba.org>
-----------------------------------------------------------------------
Summary of changes:
WHATSNEW.txt | 70 ++++++++++++++++++----------
source3/printing/queue_process.c | 9 ++++
source3/rpc_server/lsa/srv_lsa_nt.c | 5 ++
source3/rpc_server/svcctl/srv_svcctl_reg.c | 4 --
source3/winbindd/winbindd_cm.c | 11 ++++-
source3/winbindd/winbindd_rpc.c | 68 +++++++++++++++++++--------
source3/winbindd/winbindd_util.c | 4 +-
source4/dns_server/dns_server.c | 1 +
8 files changed, 119 insertions(+), 53 deletions(-)
Changeset truncated at 500 lines:
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index c62676e..02232c4 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -102,29 +102,29 @@ Changes
smb.conf changes
----------------
- Parameter Name Description Default
- -------------- ----------- -------
+ Parameter Name Description
+ -------------- -----------
- allow dns updates New disabled
+ allow dns updates New
announce as Removed
announce version Removed
- cldap port New 0
+ cldap port New
client max protocol New
client min protocol New
- client signing Changed default default
+ client signing Changed default
dcerpc endpoint servers New
- dgram port New 0
+ dgram port New
display charset Removed
dns forwarder New
dns update command New
- homedir map Changed default auto.home
- kernel share modes New Yes
- kpasswd port New 0
- krb5 port New 0
+ homedir map Changed default
+ kernel share modes New
+ kpasswd port New
+ krb5 port New
max protocol Removed
min protocol Removed
- nbt client socket address New 0.0.0.0
- nbt port New 0
+ nbt client socket address New
+ nbt port New
nsupdate command New
ntp signd socket directory New
ntvfs handler New
@@ -132,19 +132,19 @@ smb.conf changes
pid directory New
printer admin Removed
rndc command New
- rpc big endian New No
+ rpc big endian New
samba kcc command New
send spnego principal Removed
- server max protocol New SMB3
- server min protocol New LANMAN1
- server role New auto
+ server max protocol New
+ server min protocol New
+ server role New
server services New
- server signing Changed default default
+ server signing Changed default
share backend New
share modes Removed
- smb2 max read Changed default 1048576
- smb2 max write Changed default 1048576
- smb2 max trans Changed default 1048576
+ smb2 max read Changed default
+ smb2 max write Changed default
+ smb2 max trans Changed default
socket address Removed
spn update command New
time offset Removed
@@ -152,12 +152,12 @@ smb.conf changes
tls certfile New
tls crlfile New
tls dh params file New
- tls enabled New No
+ tls enabled New
tls keyfile New
- unicode New Yes
- web port New 0
+ unicode New
+ web port New
winbindd privileged socket directory New
- winbind sealed pipes New No
+ winbind sealed pipes New
winbindd socket directory New
@@ -181,8 +181,19 @@ o Christian Ambach <a...@samba.org>
* BUG 9197: Only do 'printing_subsystem_update' when printing is enabled.
+o Andrew Bartlett <abart...@samba.org>
+ * BUG 9228: Fix build on systems without ldap development headers.
+
+
o Alexander Bokovoy <a...@samba.org>
* BUG 9157: Cleanup idmap_ldap build dependencies.
+ * BUG 9228: Make smbldaphelper subsystem an internal library.
+ * BUG 9229: Fix build of winbindd- and krb5 locator-related manpages.
+
+
+o Sumit Bose <sb...@redhat.com>
+ * BUG 9185: Allow DNS resolution of trusted domains if DNS name is
+ available.
o Ira Cooper <i...@samba.org>
@@ -190,6 +201,10 @@ o Ira Cooper <i...@samba.org>
* BUG 9173: Compound requests should continue processing.
+o Günther Deschner <g...@samba.org>
+ * BUG 9185: Winbind cannot resolve AD DC in a different subnet.
+
+
o Björn Jacke <b...@sernet.de>
* BUG 9162: Fix the build of the ACL VFS modules.
* BUG 9172: Fix reporting of gfs2 quotas.
@@ -200,6 +215,10 @@ o Volker Lendecke <v...@samba.org>
on read-only shares.
+o Vladimir Marek <vladimir.ma...@oracle.com>
+ * BUG 9192: Fix service control for non-internal services.
+
+
o Stefan Metzmacher <me...@samba.org>
* BUG 9173: Make the SMB2 compound request create/delete_on_close/
close work as Windows.
@@ -213,12 +232,15 @@ o Stefan Metzmacher <me...@samba.org>
o Matthieu Patou <m...@matws.net>
* BUG 9199: Fix usage of "panic action".
+ * BUG 9233: Fix a non handled memory out of memory.
o Andreas Schneider <a...@samba.org>
* BUG 8632: Fix builtin forms order to match Windows again.
* BUG 9159: Fix generating idmap manpages.
* BUG 9218: Don't segfault if user specified ports out for range.
+ * BUG 9231: Fix NT_STATUS_IO_TIMEOUT during slow import of printers into
+ registry.
KNOWN ISSUES
diff --git a/source3/printing/queue_process.c b/source3/printing/queue_process.c
index cf3becd..3d142dd 100644
--- a/source3/printing/queue_process.c
+++ b/source3/printing/queue_process.c
@@ -41,6 +41,15 @@ extern pid_t start_spoolssd(struct event_context *ev_ctx,
static void reload_pcap_change_notify(struct tevent_context *ev,
struct messaging_context *msg_ctx)
{
+ /*
+ * Reload the printers first in the background process so that
+ * newly added printers get default values created in the registry.
+ *
+ * This will block the process for some time (~1 sec per printer), but
+ * it doesn't block smbd's servering clients.
+ */
+ delete_and_reload_printers(ev, msg_ctx);
+
message_send_all(msg_ctx, MSG_PRINTER_PCAP, NULL, 0, NULL);
}
diff --git a/source3/rpc_server/lsa/srv_lsa_nt.c
b/source3/rpc_server/lsa/srv_lsa_nt.c
index fc403df..f4dc4af 100644
--- a/source3/rpc_server/lsa/srv_lsa_nt.c
+++ b/source3/rpc_server/lsa/srv_lsa_nt.c
@@ -3940,9 +3940,14 @@ NTSTATUS _lsa_EnumTrustedDomainsEx(struct pipes_struct
*p,
}
for (i=0; i<count; i++) {
+ init_lsa_StringLarge(&entries[i].domain_name,
+ domains[i]->domain_name);
init_lsa_StringLarge(&entries[i].netbios_name,
domains[i]->netbios_name);
entries[i].sid = &domains[i]->security_identifier;
+ entries[i].trust_direction = domains[i]->trust_direction;
+ entries[i].trust_type = domains[i]->trust_type;
+ entries[i].trust_attributes = domains[i]->trust_attributes;
}
if (*r->in.resume_handle >= count) {
diff --git a/source3/rpc_server/svcctl/srv_svcctl_reg.c
b/source3/rpc_server/svcctl/srv_svcctl_reg.c
index c3ce43f..930c327 100644
--- a/source3/rpc_server/svcctl/srv_svcctl_reg.c
+++ b/source3/rpc_server/svcctl/srv_svcctl_reg.c
@@ -392,10 +392,6 @@ static bool svcctl_add_service(TALLOC_CTX *mem_ctx,
}
}
- if (ipath == NULL || dname == NULL || description == NULL) {
- goto done;
- }
-
/* Default to an external service if we haven't found a match */
if (builtin_svcs[i].servicename == NULL) {
struct rcinit_file_information *init_info = NULL;
diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c
index c08530e..0639be1 100644
--- a/source3/winbindd/winbindd_cm.c
+++ b/source3/winbindd/winbindd_cm.c
@@ -1286,10 +1286,17 @@ static bool get_dcs(TALLOC_CTX *mem_ctx, struct
winbindd_domain *domain,
iplist_size = 0;
}
- /* Try standard netbios queries if no ADS */
+ /* Try standard netbios queries if no ADS and fall back to DNS queries
+ * if alt_name is available */
if (*num_dcs == 0) {
get_sorted_dc_list(domain->name, NULL, &ip_list, &iplist_size,
- False);
+ false);
+ if (iplist_size == 0) {
+ if (domain->alt_name != NULL) {
+ get_sorted_dc_list(domain->alt_name, NULL,
&ip_list,
+ &iplist_size, true);
+ }
+ }
for ( i=0; i<iplist_size; i++ ) {
char addr[INET6_ADDRSTRLEN];
diff --git a/source3/winbindd/winbindd_rpc.c b/source3/winbindd/winbindd_rpc.c
index 8a11cb2..a3faf42 100644
--- a/source3/winbindd/winbindd_rpc.c
+++ b/source3/winbindd/winbindd_rpc.c
@@ -972,29 +972,44 @@ NTSTATUS rpc_trusted_domains(TALLOC_CTX *mem_ctx,
do {
struct lsa_DomainList dom_list;
+ struct lsa_DomainListEx dom_list_ex;
+ bool has_ex = false;
uint32_t i;
/*
* We don't run into deadlocks here, cause winbind_off() is
* called in the main function.
*/
- status = dcerpc_lsa_EnumTrustDom(b,
- mem_ctx,
- lsa_policy,
- &enum_ctx,
- &dom_list,
- (uint32_t) -1,
- &result);
- if (!NT_STATUS_IS_OK(status)) {
- return status;
- }
- if (!NT_STATUS_IS_OK(result)) {
- if (!NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)) {
- return result;
+ status = dcerpc_lsa_EnumTrustedDomainsEx(b,
+ mem_ctx,
+ lsa_policy,
+ &enum_ctx,
+ &dom_list_ex,
+ (uint32_t) -1,
+ &result);
+ if (NT_STATUS_IS_OK(status) && !NT_STATUS_IS_ERR(result) &&
+ dom_list_ex.count > 0) {
+ count += dom_list_ex.count;
+ has_ex = true;
+ } else {
+ status = dcerpc_lsa_EnumTrustDom(b,
+ mem_ctx,
+ lsa_policy,
+ &enum_ctx,
+ &dom_list,
+ (uint32_t) -1,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ if (!NT_STATUS_EQUAL(result,
STATUS_MORE_ENTRIES)) {
+ return result;
+ }
}
- }
- count += dom_list.count;
+ count += dom_list.count;
+ }
array = talloc_realloc(mem_ctx,
array,
@@ -1004,21 +1019,32 @@ NTSTATUS rpc_trusted_domains(TALLOC_CTX *mem_ctx,
return NT_STATUS_NO_MEMORY;
}
- for (i = 0; i < dom_list.count; i++) {
+ for (i = 0; i < count; i++) {
struct netr_DomainTrust *trust = &array[i];
struct dom_sid *sid;
ZERO_STRUCTP(trust);
- trust->netbios_name = talloc_move(array,
-
&dom_list.domains[i].name.string);
- trust->dns_name = NULL;
-
sid = talloc(array, struct dom_sid);
if (sid == NULL) {
return NT_STATUS_NO_MEMORY;
}
- sid_copy(sid, dom_list.domains[i].sid);
+
+ if (has_ex) {
+ trust->netbios_name = talloc_move(array,
+
&dom_list_ex.domains[i].netbios_name.string);
+ trust->dns_name = talloc_move(array,
+
&dom_list_ex.domains[i].domain_name.string);
+
+ sid_copy(sid, dom_list_ex.domains[i].sid);
+ } else {
+ trust->netbios_name = talloc_move(array,
+
&dom_list.domains[i].name.string);
+ trust->dns_name = NULL;
+
+ sid_copy(sid, dom_list.domains[i].sid);
+ }
+
trust->sid = sid;
}
} while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES));
diff --git a/source3/winbindd/winbindd_util.c b/source3/winbindd/winbindd_util.c
index c36ae0b..25ef750 100644
--- a/source3/winbindd/winbindd_util.c
+++ b/source3/winbindd/winbindd_util.c
@@ -108,9 +108,9 @@ static struct winbindd_domain *add_trusted_domain(const
char *domain_name, const
}
}
- /* ignore alt_name if we are not in an AD domain */
+ /* use alt_name if available to allow DNS lookups */
- if ( (lp_security() == SEC_ADS) && alt_name && *alt_name) {
+ if (alt_name && *alt_name) {
alternative_name = alt_name;
}
diff --git a/source4/dns_server/dns_server.c b/source4/dns_server/dns_server.c
index c88ea83..21bd3b3 100644
--- a/source4/dns_server/dns_server.c
+++ b/source4/dns_server/dns_server.c
@@ -810,6 +810,7 @@ static void dns_task_init(struct task_server *task)
z = talloc_zero(dns, struct dns_server_zone);
if (z == NULL) {
+ task_server_terminate(task, "dns failed to allocate
memory", true);
}
z->name = ldb_msg_find_attr_as_string(res->msgs[i], "name",
NULL);
--
Samba Shared Repository
