Re: [Samba] Cannot compile RHEL rpms using samba 3.4.2 series source
Thanks for your effort, I' have a look on monday. Should we reopen this bug which has now status RESOLVED as a duplicate of bug 6742 but as we know now this is not the case ! kind regards werner Van: D.L. Meyer [dlme...@uiuc.edu] Verzonden: zaterdag 3 oktober 2009 0:51 Aan: Michael Wood; Werner Maes CC: samba@lists.samba.org; k...@sernet.de Onderwerp: Re: [Samba] Cannot compile RHEL rpms using samba 3.4.2 series source I've applied the patch for #6742 to the 3.4.2 package, and it makes no difference to the RHEL issue. (#6742 was reported for debian systems...) I have been able to determine that the problem appears to be with the carry-forward of the precompiled headers. The 'make pch' step proceeds without error, but as the process starts the main 'make all' part, it acts like the precompiled headers are not used. To verify this, I modified the 'make all' call from: make CFLAGS=$RPM_OPT_FLAGS -D_GNU_SOURCE -j2 \ all modules pam_smbpass to: make CFLAGS=$RPM_OPT_FLAGS -D_GNU_SOURCE -I. -I/usr/src/redhat/BUILD/samba-3.4.2/source3 \ -I/usr/src/redhat/BUILD/samba-3.4.2/source3/iniparser/src -Iinclude -I./include \ -I./../lib/replace -I./../lib/talloc -I./../lib/tevent -I./../lib/tdb/include -I./libaddns -I./librpc -I./.. \ -I/usr/src/redhat/BUILD/samba-3.4.2/lib/tdb/include -I./libaddns -I./librpc -I./../lib/popt \ -I/usr/src/redhat/BUILD/samba-3.4.2/source3/lib -I.. -I../source4 -j2 \ all modules pam_smbpass (Basically, including the entire list of include directories specified on the command line in the 'make pch' section.) This allows the build to proceed -- apparently properly -- until a later problem stops the process at 'ldb_modules.c': it complains about 'MODULESDIR' being undefined in function 'ldb_try_load_dso'. A little research and another addition results in something that at least completes the build: make CFLAGS=$RPM_OPT_FLAGS -D_GNU_SOURCE -I. -I/usr/src/redhat/BUILD/samba-3.4.2/source3 \ -I/usr/src/redhat/BUILD/samba-3.4.2/source3/iniparser/src -Iinclude -I./include \ -I./../lib/replace -I./../lib/talloc -I./../lib/tevent -I./../lib/tdb/include -I./libaddns -I./librpc -I./.. \ -I/usr/src/redhat/BUILD/samba-3.4.2/lib/tdb/include -I./libaddns -I./librpc -I./../lib/popt \ -I/usr/src/redhat/BUILD/samba-3.4.2/source3/lib -I.. -I../source4 -DMODULESDIR=\'/usr/lib/samba\' -j2 \ all modules pam_smbpass I haven't tested the resulting packages yet, though. Hopefully, someone more versed in the use of precompiled headers can take a look here and see what might be wrong... -D --On Friday, October 02, 2009 2:44 PM +0200 Michael Wood esiot...@gmail.com wrote: 2009/10/2 Werner Maes werner.m...@icts.kuleuven.be: [...] ps: or maybe the resolution only refers that it is a duplicate of bug 6742? Exactly. Did you try the patch attached to bug 6742? -- Michael Wood esiot...@gmail.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba as fileserver on Active Directory domain
Well, try setting it to 777 to see if you have a rights problem or a setup error.. Or use 775 for the shared location and do a chgrp MYDOMAIN+mygroup on it.. Paul On Fri, Oct 2, 2009 at 9:45 PM, Ivan Ordonez iordo...@berkeley.edu wrote: Adam Williams wrote: did you set /shared/drive to 777 permissions? It was set to 755. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Desiring to set up Windows Vista and Linux Fedora Core 4
Hi 2009/10/3 Barry L. Bond bb...@cfl.rr.com: [...] I have added hosts allow with 192.168.1 and 192.168.2. I have experimented with a few things. I have looked at http://forums.fedoraforum.org/showthread.php?t=2556 and even read This fedoraforums thread is about connecting to Windows from the Linux machine. Based on what you say below it looks like you want the opposite, i.e. connect from the Windows machine to the Linux machine in order to print. something about making the network communication in Vista be LM as well as NTLM... You might want to add a bit more context for people who did not see or do not remember the rest of this thread. From what you say above, I assume that the Windows machine is on either 192.168.1.x or 192.168.2.x networks? Don't forget to use a full stop after them like: hosts allow 192.168.1. 192.168.2. or you could write it like: hosts allow 192.168.1.0/24 192.168.2.0/24 Okay, let me ask one basic question at a time. I was thinking that I didn't have to actually mount samba (smbmount) in the past, back years ago when I used it with VMWare and Windows 98. (I was thinking that the smdb/nmdb daemons just did what was needed.) I'm not entirely sure what you mean by this, but smbmount is for letting the Linux box mount (connect to) a Windows (or Samba) share on another machine. It seems that what you want is the other way around. i.e. to connect to Samba on the Linux machine from the Windows machine. I will be fine if I just am able to submit a print job from the Windows/Vista to the Linux HP9110 printer. I will be fine if I just transfer any files, either direction, by accessing my host filesystem via Explorer in Windows. (This is how I did it, years ago, with Windows 98 in VMWare.) I am thinking that I do NOT need to add to /etc/fstab, or smbmount anything from the Linux side. Do you agree? Yes, if you want to connect to Samba from the Windows machine then you do not have to do anything with /etc/fstab or smbmount. What does your smb.conf look like? And what happens when you try to connect/print from the Windows machine? What errors to you get? -- Michael Wood esiot...@gmail.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Desiring to set up Windows Vista and Linux Fedora Core 4
Barry L. Bond wrote: Greetings! Tonight is unfortunately the first small bit of time I've had to even try to get Samba configured between my Vista and my Linux FC4. (My mother as well as my extremely limited home time dealing with important things are my main delays.) It's not going well. :-) I have added hosts allow with 192.168.1 and 192.168.2. I have experimented with a few things. I have looked at http://forums.fedoraforum.org/showthread.php?t=2556 and even read something about making the network communication in Vista be LM as well as NTLM... Okay, let me ask one basic question at a time. I was thinking that I didn't have to actually mount samba (smbmount) in the past, back years ago when I used it with VMWare and Windows 98. (I was thinking that the smdb/nmdb daemons just did what was needed.) I will be fine if I just am able to submit a print job from the Windows/Vista to the Linux HP9110 printer. I will be fine if I just transfer any files, either direction, by accessing my host filesystem via Explorer in Windows. (This is how I did it, years ago, with Windows 98 in VMWare.) I am thinking that I do NOT need to add to /etc/fstab, or smbmount anything from the Linux side. Do you agree? Barry I'd begin by upgrading to something more recent than Fedora Core 4. I believe there are some issues that Vista introduced that required some changes in Samba (I may be wrong on this, but I suspect upgrading to something more recent is still a good idea). At the very least, see if there is a backport for a more recent version of Samba to FC4. It sounds like you are using FC4 as a file print server. All you need to do on it is share the resources (folders and printers) and set up the permissions and accounts (if required). You don't mention which version of Vista you are using, and I don't know if they crippled certain versions like they did with XP to prevent them from joining domains. However, if you can join Vista to a domain, install and use SWAT to set up Samba as a domain controller and use it to log in from Vista. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] NTLM
Hey there! Can you guys tell me about what's the status of docs of NTLM/NTLMv2 provided by Microsoft? Let me explain why I need that: we had here a discussion on a local college about free x proprietary software, and the Microsoft guy (always them, right?) told us about a case where he claimed that Firefox sent one user username and password through the network without encription. On the next day I asked the Microsoft guy for some reference about the case he talked about. He sent me this URL: http://blogs.technet.com/dbordini/archive/2008/09/03/browser-navega-o-e-seguran-a-estudo-de-caso.aspx I translated it with Google and seems that make some sense: http://translate.google.com.br/translate?u=http%3A%2F%2Fblogs.technet.com%2Fdbordini%2Farchive%2F2008%2F09%2F03%2Fbrowser-navega-o-e-seguran-a-estudo-de-caso.aspxsl=pttl=enhl=pt-BRie=UTF-8 Trying to resume all the whole stuff, he's complaining that Firefox automatically decreased the safety level to NTLM (not using NTLMv2), when used with Windows Vista, without warning the user about that, sending the username and password as plain text, and for that reason Firefox is junk, not IE (oh,boy), who worked on the expected way. I'll write a post on my blog (http://eustaquiorangel.com, it's Portuguese but I'm wondering on this case would not be a good idea to make an English version also) about all this and we'll continue the discussion on the college on the next, but first I'd like to ask you about that. Seems you Samba guys made some reverse engineering over time to deal with NTLM and after some years Microsoft released some docs, but I don't know it they are with enough quality to use and if you are still making reverse engineering and perhaps living with some patent risk, as I could not find information enough about the copyright of this protocol, which is the first point I'm planning to talk about on the discussion. Thanks. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] ad 2003 nss_ldap produce: smbd/service.c:make_connection_snum(1003): Permission denied
Hello all, since some weeks I try to get the following configuration working Windows 2003 AD (no R2!!) with SFU 3.5 Red Hat Enterprise Linux Server release 5.4 (Tikanga) with Samba (samba-3.0.33-3.14.el5) nss_ldap (nss_ldap-253-21.el5) So I wanted to implement the following setup: http://us5.samba.org/samba/docs/man/Samba-HOWTO-Collection/idmapper.html#id2607783 The main reason using this combination is that I must maintain the UID/GID of users in the AD. The UIDs of the users must be the same on all UX systems. I have two samba servers and other UX only servers. (let me know if you find a better way doing this type of integration) I followed several manuals and howtos to get it running. It looks all working except that I can't mount shares within samba. From my point of view Samba returns me a strange error: Here is the log (user tata - UID 1 from AD): [2009/10/03 08:57:51, 5] auth/auth_util.c:debug_unix_user_token(474) UNIX token of user 1 Primary group is 10003 and contains 3 supplementary groups Group[ 0]: 603 Group[ 1]: 600 Group[ 2]: 602 [2009/10/03 08:57:51, 5] smbd/uid.c:change_to_user(273) change_to_user uid=(1,1) gid=(0,10003) [2009/10/03 08:57:51, 0] smbd/service.c:make_connection_snum(1003) '/home/tata' does not exist or permission denied when connecting to [share1] Error was Permission denied I checked the source code and it looks to me that samba does a 'stat /home/tata' running as user tata (uid 1) but is getting a 'Permission denied' from the OS. Ok I thought this is simply a permission issue no success :-( Ok what I already did what is working: * /home/tata is existing and has 777 (for test ... I tried also 755) * su - tata and stat /home/tata are ok * I can log on with the AD users on ux / ssh etc.; I have access etc. * 'getent passwd' is fine * 'wbinfo -u' and 'wbinfo -g' is fine * mounting a share tmp with /tmp (http://us5.samba.org/samba/docs/man/Samba-HOWTO-Collection/diagnosis.html) is working!! * Kerberos and winbind look ok to me ... * winbind authentication of the user seem to be fine (from the logs) * all things I see with the 'net' command seem to be ok. Here my samba conf: [global] workgroup = W2K3 password server = AD.W2K3.LOCAL realm = W2K3.LOCAL security = ads idmap uid = 600-33554431 idmap gid = 600-33554431 template shell = /bin/bash winbind use default domain = false winbind offline logon = false winbind nested groups = yes server string = Samba Server Version %v passdb backend = tdbsam load printers = yes cups options = raw [homes] ; not working share comment = Home Directories browseable = no writable = yes [printers] comment = All Printers path = /var/spool/samba browseable = no guest ok = no writable = no printable = yes [share1] ; not working share comment = Share 1 path = /home/tata read only = yes [tmp] ; working share comment = temporary files path = /tmp read only = yes /etc/nsswitch.conf passwd: files ldap shadow: files ldap group: files ldap hosts: files dns I'm unable to mount share1 or homes but I can mount tmp. If I change the path in share1 to /tmp I can mount share1 as well. I changed the permissions of /home/tata to the exact values as /tmp - no luck In the code I did not really found a reference to /tmp but I'm not a samba guru (btw. I like the code!!, easy to read :D ) Unfortunate I have to get this also running on HP-UX11iv3 any input if this is even possible? I'm also happy to get any alternative solutions that enable me to manage the uid in AD and having the accounts only in AD I would appreciate any help here. thanks, Andreas P.S: of course I can provide much more details / logs. Just tell me -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Cannot compile RHEL rpms using samba 3.4.2 series source
You may want to look at #6540 - I think it is already open on this issue. -D --On Saturday, October 03, 2009 10:54 AM +0200 Werner Maes werner.m...@icts.kuleuven.be wrote: Thanks for your effort, I' have a look on monday. Should we reopen this bug which has now status RESOLVED as a duplicate of bug 6742 but as we know now this is not the case ! -- Donald L. Meyer dlme...@illinois.edu - Technical System Manager, ACES TeleNet Service - Technical Lead, ACES Web Infrastructure Information Technology and Communication Services, College of ACES University of Illinois at Urbana-Champaign Video/H.323: 0012172445653 (GDS) Phone:+1.217.244.5653 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] samba vfs vscan-clamv on samba 3.4.x ?
Is there any working solutions for realtime virusscanning on samba 3.4.x like vscan-clamav? It looks that vscan-clamav is not working with samba 3.4.x ? -- Eero -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] NTLM
Hi 2009/10/3 Eustáquio Rangel eustaquioran...@gmail.com: Hey there! Can you guys tell me about what's the status of docs of NTLM/NTLMv2 provided by Microsoft? Let me explain why I need that: we had here a discussion on a local college about free x proprietary software, and the Microsoft guy (always them, right?) told us about a case where he claimed that Firefox sent one user username and password through the network without encription. On the next day I asked the Microsoft guy for some reference about the case he talked about. He sent me this URL: http://blogs.technet.com/dbordini/archive/2008/09/03/browser-navega-o-e-seguran-a-estudo-de-caso.aspx I translated it with Google and seems that make some sense: http://translate.google.com.br/translate?u=http%3A%2F%2Fblogs.technet.com%2Fdbordini%2Farchive%2F2008%2F09%2F03%2Fbrowser-navega-o-e-seguran-a-estudo-de-caso.aspxsl=pttl=enhl=pt-BRie=UTF-8 I am no expert in NTLM vs. NTLMv2, but NTLM does NOT mean clear-text username and password. The passwords are still hashed (not sure about the username). My understanding is that it is not as secure as NTLMv2, but is still much better than LM and much better still than clear-text. So it seems either there was a misunderstanding between you and the Microsoft guy, or he misunderstood the article or he was exaggerating. By the way, I am not sure about earlier versions of Firefox, but at least 3.0.14 has network.ntlm.send-lm-response set to false by default. i.e. it will not send the LM hash in response to an NTLM challenge. See here for details: http://kb.mozillazine.org/About:config_entries#Network. See also the following URL which seems relevant: https://developer.mozilla.org/En/Integrated_Authentication Trying to resume all the whole stuff, he's complaining that Firefox automatically decreased the safety level to NTLM (not using NTLMv2), when used with Windows Vista, without warning the user about that, sending the username and password as plain text, and for that reason Firefox is junk, not IE (oh,boy), who worked on the expected way. I'll write a post on my blog (http://eustaquiorangel.com, it's Portuguese but I'm wondering on this case would not be a good idea to make an English version also) about all this and we'll continue the discussion on the college on the next, but first I'd like to ask you about that. Seems you Samba guys made some reverse engineering over time to deal with NTLM and after some years Microsoft released some docs, but I don't know it they are with enough quality to use and if you are still making reverse engineering and perhaps living with some patent risk, as I could not find information enough about the copyright of this protocol, which is the first point I'm planning to talk about on the discussion. Please note that patent and copyright are completely different from each other. -- Michael Wood esiot...@gmail.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Designate one samba server for home directories
Hello all, I have a few samba servers running winbind that are joined to the AD 2003 domain. Is it possible to designate one samba server to host the users' home directories instead of each one of them? If we have samba1, samba2, and samba3 and designate samba1 to host the home directories and when a user accesses samba 2 either via ssh or as a share, the home directory that the user sees would actually be present on samba1. If this is possible, what changes do I need to make to smb.conf file? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Designate one samba server for home directories
Luv Linux wrote: Hello all, I have a few samba servers running winbind that are joined to the AD 2003 domain. Is it possible to designate one samba server to host the users' home directories instead of each one of them? If we have samba1, samba2, and samba3 and designate samba1 to host the home directories and when a user accesses samba 2 either via ssh or as a share, the home directory that the user sees would actually be present on samba1. If this is possible, what changes do I need to make to smb.conf file? Have you tried specifying the server name in the directory name? From the SWAT documentation on homes: Example: //|logon home|/ = |\\remote_smb_server\%U | / -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba as fileserver on Active Directory domain
What version of samba are you using? I submitted a patch to Samba that is in 3.4.1 and slated for the next version of 3.3.x that fixes the workgroup/realm thing. It falls back to SPEGO without the patch, but it takes a little while, the patch speeds things up. Robert LeBlanc Life Sciences Undergraduate Education Computer Support Brigham Young University On Fri, Oct 2, 2009 at 11:09 AM, Jonathan Petersson jpeters...@garnser.sewrote: How did you solve the kerberos portion how things, when winbind tries to connect to my server the kerberos sessions fails as it tries to connect with the workgroup instead of the realm. Thanks /Jonathan On Fri, Oct 2, 2009 at 9:36 AM, Ivan Ordonez iordo...@berkeley.edu wrote: Jonathan Petersson wrote: Hi Ivan, I'm working on a similar thing but is having some issues with the kerberos sessions between samba and AD. Is your Samba server a member of a Win2k8R2 or a Win2k3 domain? Thanks /Jonathan On Fri, Oct 2, 2009 at 9:00 AM, Ivan Ordonez iordo...@berkeley.edu wrote: Robert LeBlanc wrote: What are the permissions on /shared/drive? We use ACLs to control access rather than smb.conf. This gives us great flexability and you can kind of manage it using a Windows machine. If you have Kerberos keytab generated, you can smbmount on Linux using the -o sec=krb5 and no passwords are needed, it also obeys ACL. The only catch is that you need to use RID or LDAP for uid/gid mapping or else your permissions won't line up. Robert LeBlanc Life Sciences Undergraduate Education Computer Support Brigham Young University On Thu, Oct 1, 2009 at 10:14 AM, Ivan Ordonez iordo...@berkeley.edu mailto:iordo...@berkeley.edu wrote: Hello, We have a Gentoo box running Samba and is a member of the Active Directory domain. This Gentoo box will be a fileserver when everything is completed and setup as it should. I want our users to login to their computer (Computers are all members of the same Active Directory domain) using Active Directory accounts/domain for authentication. I am using Winbind for Active Directory authentication/integration. I'm almost done except file permission issue. All is working smoothly (ie. wbinfo, smbclient, getent, etc.). I can access/map the shared drive on the Gentoo box from any Windows computer, login to a machine without a problem using Active Directory accounts. The Active Directory authentication with Winbind is working as it should. For some odd reason, I can't figure out how to give permissions to all users the ability to make changes/add new folders on the shared drive. I am getting access denied even when the users or group are valid users of the shared drive per smb.conf. Below is my smb.conf shared configuration: [shared] comment = shared path = /shared/drive read only = no inherit permissions = yes create mask = 755 directory mask = 755 valid users = @MYDOMAIN+mygroup browseable = yes writable = yes Any help would be greatly appreciated. -Ivan --To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba Hi, The files and folders on the shared drive are owned by local Linux account. The permissions are read, write and execute by the owner, read and write by group and all. I was hoping that smb.conf will control the shared drive access but having a hard time doing so. I would like to use ACL if that is the best way to make it work. Would you mind giving me few pointers or point me to the right direction to get started on ACL? I am no LDAP expert but I think I can get by if I have to use it. Thanks! -Ivan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba Hi Jonathan, Our Samba server is a member of Win2k8R2 domain. Thanks, -Ivan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Build status as of Sat Oct 3 06:00:02 2009
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2009-10-02 00:00:04.0 -0600 +++ /home/build/master/cache/broken_results.txt 2009-10-03 00:00:03.0 -0600 @@ -1,22 +1,22 @@ -Build status as of Fri Oct 2 06:00:02 2009 +Build status as of Sat Oct 3 06:00:02 2009 Build counts: Tree Total Broken Panic build_farm 0 0 0 ccache 1 1 0 distcc 0 0 0 -ldb 26 26 0 +ldb 25 25 0 libreplace 2 1 0 lorikeet 0 0 0 -pidl 17 16 0 +pidl 16 15 0 ppp 0 0 0 rsync2 0 0 samba-docs 0 0 0 samba-web0 0 0 samba_3_current 22 20 0 -samba_3_master 24 24 3 -samba_3_next 22 22 0 -samba_4_0_test 26 26 0 -talloc 26 26 0 +samba_3_master 23 23 5 +samba_3_next 23 22 0 +samba_4_0_test 25 25 0 +talloc 4 4 0 tdb 1 1 0
[SCM] Samba Shared Repository - branch master updated - tevent-0-9-8-945-ge66fa46
The branch, master has been updated via e66fa4645a6abcaef2497f4173baae5cbafed571 (commit) via f21fb4b3958fe630400b145b729c966fa9c053a9 (commit) from 777143ef53864d9a6e6178bd5015f3183e14077f (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit e66fa4645a6abcaef2497f4173baae5cbafed571 Author: Andrew Tridgell tri...@samba.org Date: Sat Oct 3 18:13:50 2009 +1000 idl: some lsa vars are uint3264 commit f21fb4b3958fe630400b145b729c966fa9c053a9 Author: Andrew Tridgell tri...@samba.org Date: Sat Oct 3 18:13:25 2009 +1000 pidl: added int3264 as a base type This is the type used for a variable that is 32 bits for NDR32 and 64 bits for NDR64 --- Summary of changes: librpc/idl/lsa.idl | 10 +- librpc/ndr/ndr_basic.c | 10 ++ pidl/lib/Parse/Pidl/NDR.pm |2 ++ pidl/lib/Parse/Pidl/Typelist.pm |2 ++ 4 files changed, 19 insertions(+), 5 deletions(-) Changeset truncated at 500 lines: diff --git a/librpc/idl/lsa.idl b/librpc/idl/lsa.idl index 253b6d7..58e0ea9 100644 --- a/librpc/idl/lsa.idl +++ b/librpc/idl/lsa.idl @@ -113,14 +113,14 @@ import misc.idl, security.idl; /**/ /* Function: 0x06 */ typedef struct { - uint32 len; /* ignored */ + uint3264 len; /* ignored */ uint16 impersonation_level; uint8 context_mode; uint8 effective_only; } lsa_QosInfo; typedef struct { - uint32 len; /* ignored */ + uint3264 len; /* ignored */ uint8 *root_dir; [string,charset(UTF16)] uint16 *object_name; uint32 attributes; @@ -628,8 +628,8 @@ import misc.idl, security.idl; ); typedef [flag(NDR_PAHEX)] struct { - uint32 length; - uint32 size; + uint3264 length; + uint3264 size; [size_is(size),length_is(length)] uint8 *data; } lsa_DATA_BUF; @@ -1220,7 +1220,7 @@ import misc.idl, security.idl; /* Function 0x49 */ typedef struct { - [range(0,131072)] uint32 length; + [range(0,131072)] uint3264 length; [size_is(length)] uint8 *data; } lsa_ForestTrustBinaryData; diff --git a/librpc/ndr/ndr_basic.c b/librpc/ndr/ndr_basic.c index 807db59..1a19cc9 100644 --- a/librpc/ndr/ndr_basic.c +++ b/librpc/ndr/ndr_basic.c @@ -842,6 +842,16 @@ _PUBLIC_ void ndr_print_uint32(struct ndr_print *ndr, const char *name, uint32_t ndr-print(ndr, %-25s: 0x%08x (%u), name, v, v); } +_PUBLIC_ void ndr_print_int3264(struct ndr_print *ndr, const char *name, int32_t v) +{ + ndr-print(ndr, %-25s: %d, name, v); +} + +_PUBLIC_ void ndr_print_uint3264(struct ndr_print *ndr, const char *name, uint32_t v) +{ + ndr-print(ndr, %-25s: 0x%08x (%u), name, v, v); +} + _PUBLIC_ void ndr_print_udlong(struct ndr_print *ndr, const char *name, uint64_t v) { ndr-print(ndr, %-25s: 0x%016llx (%llu), name, (unsigned long long)v, (unsigned long long)v); diff --git a/pidl/lib/Parse/Pidl/NDR.pm b/pidl/lib/Parse/Pidl/NDR.pm index 4f2578e..7c0f7bb 100644 --- a/pidl/lib/Parse/Pidl/NDR.pm +++ b/pidl/lib/Parse/Pidl/NDR.pm @@ -52,6 +52,8 @@ my $scalar_alignment = { 'uint16' = 2, 'int32' = 4, 'uint32' = 4, + 'int3264' = 5, + 'uint3264' = 5, 'hyper' = 8, 'double' = 8, 'pointer' = 8, diff --git a/pidl/lib/Parse/Pidl/Typelist.pm b/pidl/lib/Parse/Pidl/Typelist.pm index 12ffa92..55041a9 100644 --- a/pidl/lib/Parse/Pidl/Typelist.pm +++ b/pidl/lib/Parse/Pidl/Typelist.pm @@ -34,6 +34,8 @@ my %scalars = ( uint16= uint16_t, int32 = int32_t, uint32= uint32_t, + int3264 = int32_t, + uint3264 = uint32_t, hyper = uint64_t, dlong = int64_t, udlong= uint64_t, -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated - tevent-0-9-8-946-gdeb268f
The branch, master has been updated via deb268f7facd05a10607c5290138b5c0ec33ff49 (commit) from e66fa4645a6abcaef2497f4173baae5cbafed571 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit deb268f7facd05a10607c5290138b5c0ec33ff49 Author: Matthias Dieter Wallnöfer mwallnoe...@yahoo.de Date: Sat Oct 3 10:36:41 2009 +0200 s4:rdn_name - fix up the rename operation A function call was wrong (ldb_request rathen than ldb_next_request). --- Summary of changes: source4/lib/ldb/modules/rdn_name.c |8 1 files changed, 4 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/lib/ldb/modules/rdn_name.c b/source4/lib/ldb/modules/rdn_name.c index ccbb1dd..d018c4f 100644 --- a/source4/lib/ldb/modules/rdn_name.c +++ b/source4/lib/ldb/modules/rdn_name.c @@ -275,12 +275,12 @@ static int rdn_rename_callback(struct ldb_request *req, struct ldb_reply *ares) } talloc_steal(mod_req, msg); - /* do the mod call */ - return ldb_request(ldb, mod_req); + /* go on with the call chain */ + return ldb_next_request(ac-module, mod_req); error: return ldb_module_done(ac-req, NULL, NULL, - LDB_ERR_OPERATIONS_ERROR); +LDB_ERR_OPERATIONS_ERROR); } static int rdn_name_rename(struct ldb_module *module, struct ldb_request *req) @@ -317,7 +317,7 @@ static int rdn_name_rename(struct ldb_module *module, struct ldb_request *req) req); if (ret != LDB_SUCCESS) { - return LDB_ERR_OPERATIONS_ERROR; + return ret; } /* rename first, modify name if rename is ok */ -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated - tevent-0-9-8-948-g2904f33
The branch, master has been updated via 2904f3378d95c194fd7286ad5f321c6726819b8b (commit) via 90828cc7022807a6036700d0edc8061c408ef8a7 (commit) from deb268f7facd05a10607c5290138b5c0ec33ff49 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 2904f3378d95c194fd7286ad5f321c6726819b8b Author: Matthias Dieter Wallnöfer mwallnoe...@yahoo.de Date: Sat Oct 3 10:57:14 2009 +0200 s4:ldap.py - add a test for the systemOnly classes commit 90828cc7022807a6036700d0edc8061c408ef8a7 Author: Matthias Dieter Wallnöfer mwallnoe...@yahoo.de Date: Sat Oct 3 10:52:53 2009 +0200 s4:dsdb Don't allow creation of systemOnly objectclasses (except as part of the provision, which specifies the 'relax' control) Andrew Bartlett --- Summary of changes: source4/dsdb/samdb/ldb_modules/objectclass.c|6 ++ source4/dsdb/samdb/ldb_modules/repl_meta_data.c |8 source4/lib/ldb/tests/python/ldap.py| 17 - 3 files changed, 26 insertions(+), 5 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/dsdb/samdb/ldb_modules/objectclass.c b/source4/dsdb/samdb/ldb_modules/objectclass.c index 6d22141..b3d5461 100644 --- a/source4/dsdb/samdb/ldb_modules/objectclass.c +++ b/source4/dsdb/samdb/ldb_modules/objectclass.c @@ -561,6 +561,12 @@ static int objectclass_do_add(struct oc_context *ac) return LDB_ERR_NAMING_VIOLATION; } + if (current-objectclass-systemOnly !ldb_request_get_control(ac-req, LDB_CONTROL_RELAX_OID)) { + ldb_asprintf_errstring(ldb, objectClass %s is systemOnly, rejecting creation of %s, + current-objectclass-lDAPDisplayName, ldb_dn_get_linearized(msg-dn)); + return LDB_ERR_UNWILLING_TO_PERFORM; + } + if (!ldb_msg_find_element(msg, objectCategory)) { value = talloc_strdup(msg, current-objectclass-defaultObjectCategory); if (value == NULL) { diff --git a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c index 489985a..74dd7e5 100644 --- a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c +++ b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c @@ -476,10 +476,10 @@ static int replmd_add(struct ldb_module *module, struct ldb_request *req) char *time_str; int ret; uint32_t i, ni=0; - int allow_add_guid=0; - int remove_current_guid=0; + bool allow_add_guid = false; + bool remove_current_guid = false; -/* check if there's a show deleted control */ +/* check if there's a show relax control (used by provision to say 'I know what I'm doing') */ control = ldb_request_get_control(req, LDB_CONTROL_RELAX_OID); if (control) { allow_add_guid = 1; @@ -526,7 +526,7 @@ static int replmd_add(struct ldb_module *module, struct ldb_request *req) } /* we remove this attribute as it can be a string and will not be treated correctly and then we will readd it latter on in the good format*/ - remove_current_guid = 1; + remove_current_guid = true; } } else { /* a new GUID */ diff --git a/source4/lib/ldb/tests/python/ldap.py b/source4/lib/ldb/tests/python/ldap.py index c4ebb7e..7fa25fb 100755 --- a/source4/lib/ldb/tests/python/ldap.py +++ b/source4/lib/ldb/tests/python/ldap.py @@ -117,6 +117,21 @@ class BasicTests(unittest.TestCase): self.delete_force(self.ldb, cn=parentguidtest,cn=users, + self.base_dn) self.delete_force(self.ldb, cn=parentguidtest,cn=testotherusers, + self.base_dn) self.delete_force(self.ldb, cn=testotherusers, + self.base_dn) +self.delete_force(self.ldb, cn=ldaptestobject, + self.base_dn) + +def test_system_only(self): +Test systemOnly objects +print Test systemOnly objects + +try: +self.ldb.add({ +dn: cn=ldaptestobject, + self.base_dn, +objectclass: configuration}) +self.fail() +except LdbError, (num, _): +self.assertEquals(num, ERR_UNWILLING_TO_PERFORM) + +self.delete_force(self.ldb, cn=ldaptestobject, + self.base_dn) def test_invalid_attribute(self): Test adding invalid attributes (not in schema) @@ -136,7 +151,7 @@ class BasicTests(unittest.TestCase): objectclass: group}) m =
[SCM] Samba Shared Repository - branch master updated - tevent-0-9-8-949-gdac0346
The branch, master has been updated via dac0346906b7494f203e1e56b8f2e18c93fc2912 (commit) from 2904f3378d95c194fd7286ad5f321c6726819b8b (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit dac0346906b7494f203e1e56b8f2e18c93fc2912 Author: Andrew Tridgell tri...@samba.org Date: Sat Oct 3 19:02:27 2009 +1000 ndr: rebuild lsa IDL after recent change --- Summary of changes: librpc/gen_ndr/ndr_lsa.c | 38 +++--- 1 files changed, 19 insertions(+), 19 deletions(-) Changeset truncated at 500 lines: diff --git a/librpc/gen_ndr/ndr_lsa.c b/librpc/gen_ndr/ndr_lsa.c index 7eb4dea..26a9f32 100644 --- a/librpc/gen_ndr/ndr_lsa.c +++ b/librpc/gen_ndr/ndr_lsa.c @@ -642,12 +642,12 @@ _PUBLIC_ void ndr_print_lsa_PrivArray(struct ndr_print *ndr, const char *name, c static enum ndr_err_code ndr_push_lsa_QosInfo(struct ndr_push *ndr, int ndr_flags, const struct lsa_QosInfo *r) { if (ndr_flags NDR_SCALARS) { - NDR_CHECK(ndr_push_align(ndr, 4)); - NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r-len)); + NDR_CHECK(ndr_push_align(ndr, 5)); + NDR_CHECK(ndr_push_uint3264(ndr, NDR_SCALARS, r-len)); NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r-impersonation_level)); NDR_CHECK(ndr_push_uint8(ndr, NDR_SCALARS, r-context_mode)); NDR_CHECK(ndr_push_uint8(ndr, NDR_SCALARS, r-effective_only)); - NDR_CHECK(ndr_push_trailer_align(ndr, 4)); + NDR_CHECK(ndr_push_trailer_align(ndr, 5)); } if (ndr_flags NDR_BUFFERS) { } @@ -657,12 +657,12 @@ static enum ndr_err_code ndr_push_lsa_QosInfo(struct ndr_push *ndr, int ndr_flag static enum ndr_err_code ndr_pull_lsa_QosInfo(struct ndr_pull *ndr, int ndr_flags, struct lsa_QosInfo *r) { if (ndr_flags NDR_SCALARS) { - NDR_CHECK(ndr_pull_align(ndr, 4)); - NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, r-len)); + NDR_CHECK(ndr_pull_align(ndr, 5)); + NDR_CHECK(ndr_pull_uint3264(ndr, NDR_SCALARS, r-len)); NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, r-impersonation_level)); NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, r-context_mode)); NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, r-effective_only)); - NDR_CHECK(ndr_pull_trailer_align(ndr, 4)); + NDR_CHECK(ndr_pull_trailer_align(ndr, 5)); } if (ndr_flags NDR_BUFFERS) { } @@ -673,7 +673,7 @@ _PUBLIC_ void ndr_print_lsa_QosInfo(struct ndr_print *ndr, const char *name, con { ndr_print_struct(ndr, name, lsa_QosInfo); ndr-depth++; - ndr_print_uint32(ndr, len, r-len); + ndr_print_uint3264(ndr, len, r-len); ndr_print_uint16(ndr, impersonation_level, r-impersonation_level); ndr_print_uint8(ndr, context_mode, r-context_mode); ndr_print_uint8(ndr, effective_only, r-effective_only); @@ -684,7 +684,7 @@ static enum ndr_err_code ndr_push_lsa_ObjectAttribute(struct ndr_push *ndr, int { if (ndr_flags NDR_SCALARS) { NDR_CHECK(ndr_push_align(ndr, 5)); - NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r-len)); + NDR_CHECK(ndr_push_uint3264(ndr, NDR_SCALARS, r-len)); NDR_CHECK(ndr_push_unique_ptr(ndr, r-root_dir)); NDR_CHECK(ndr_push_unique_ptr(ndr, r-object_name)); NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r-attributes)); @@ -724,7 +724,7 @@ static enum ndr_err_code ndr_pull_lsa_ObjectAttribute(struct ndr_pull *ndr, int TALLOC_CTX *_mem_save_sec_qos_0; if (ndr_flags NDR_SCALARS) { NDR_CHECK(ndr_pull_align(ndr, 5)); - NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, r-len)); + NDR_CHECK(ndr_pull_uint3264(ndr, NDR_SCALARS, r-len)); NDR_CHECK(ndr_pull_generic_ptr(ndr, _ptr_root_dir)); if (_ptr_root_dir) { NDR_PULL_ALLOC(ndr, r-root_dir); @@ -791,7 +791,7 @@ _PUBLIC_ void ndr_print_lsa_ObjectAttribute(struct ndr_print *ndr, const char *n { ndr_print_struct(ndr, name, lsa_ObjectAttribute); ndr-depth++; - ndr_print_uint32(ndr, len, r-len); + ndr_print_uint3264(ndr, len, r-len); ndr_print_ptr(ndr, root_dir, r-root_dir); ndr-depth++; if (r-root_dir) { @@ -2612,8 +2612,8 @@ static enum ndr_err_code ndr_push_lsa_DATA_BUF(struct ndr_push *ndr, int ndr_fla ndr_set_flags(ndr-flags, LIBNDR_PRINT_ARRAY_HEX); if (ndr_flags NDR_SCALARS) { NDR_CHECK(ndr_push_align(ndr, 5)); - NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r-length)); -
[SCM] Samba Shared Repository - branch master updated - tevent-0-9-8-953-gbe938ab
The branch, master has been updated via be938ab44b6095818501b23ca8422c731e14015a (commit) via 4bc9a39eed3e47cd87ea8cd24f9ac4f9e2712f43 (commit) via 0e028fcb7d141d68de2baadeb2c0fae262f2bedc (commit) via f86beaaad96ac2dd7cf6a3a9d57f42c57c2440c2 (commit) from dac0346906b7494f203e1e56b8f2e18c93fc2912 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit be938ab44b6095818501b23ca8422c731e14015a Author: Matthias Dieter Wallnöfer mwallnoe...@yahoo.de Date: Sat Oct 3 11:37:30 2009 +0200 s4:ldap.py - add tests for valid parent and RDN commit 4bc9a39eed3e47cd87ea8cd24f9ac4f9e2712f43 Author: Andrew Bartlett abart...@samba.org Date: Thu Sep 24 15:14:49 2009 -0700 s4:dsdb Use possibleInferiors to restrict creation of child objects This also uses systemPossibleInferiors when the 'relax' control is specified, which is done by the provision. Andrew Bartlett commit 0e028fcb7d141d68de2baadeb2c0fae262f2bedc Author: Andrew Bartlett abart...@samba.org Date: Thu Sep 24 15:12:49 2009 -0700 s4:dsdb add systemPossibleInferiors to schema code This allows us to figure out what the system can add, which will not be in possibleInferiors due to the systemOnly flag. Andrew Bartlett commit f86beaaad96ac2dd7cf6a3a9d57f42c57c2440c2 Author: Andrew Bartlett abart...@samba.org Date: Wed Sep 23 21:16:42 2009 -0700 s4:dsdb Add objectClass and RDN constraints to objectClass module These additional constraints are applied, found by the Microsoft testsuite. - When the parent is not present, we now return 'NO_SUCH_OBJECT'. - Restrict the choice of RDN to the correct one per the schema - Honour the allowedChildClasses attribute from the parent's objectClass. Andrew Bartlett --- Summary of changes: source4/dsdb/samdb/ldb_modules/objectclass.c | 54 ++ source4/dsdb/schema/schema.h |1 + source4/dsdb/schema/schema_inferiors.c | 20 + source4/lib/ldb/tests/python/ldap.py | 39 ++ 4 files changed, 106 insertions(+), 8 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/dsdb/samdb/ldb_modules/objectclass.c b/source4/dsdb/samdb/ldb_modules/objectclass.c index b3d5461..51a1ac8 100644 --- a/source4/dsdb/samdb/ldb_modules/objectclass.c +++ b/source4/dsdb/samdb/ldb_modules/objectclass.c @@ -2,7 +2,7 @@ ldb database library Copyright (C) Simo Sorce 2006-2008 - Copyright (C) Andrew Bartlett abart...@samba.org 2005-2007 + Copyright (C) Andrew Bartlett abart...@samba.org 2005-2009 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -42,6 +42,7 @@ #include libcli/security/security.h #include auth/auth.h #include param/param.h +#include ../libds/common/flags.h struct oc_context { @@ -381,7 +382,7 @@ static int objectclass_add(struct ldb_module *module, struct ldb_request *req) struct oc_context *ac; struct ldb_dn *parent_dn; int ret; - static const char * const parent_attrs[] = { objectGUID, NULL }; + static const char * const parent_attrs[] = { objectGUID, objectClass, NULL }; ldb = ldb_module_get_ctx(module); @@ -465,7 +466,7 @@ static int objectclass_do_add(struct oc_context *ac) ldb_asprintf_errstring(ldb, objectclass: Cannot add %s, parent does not exist!, ldb_dn_get_linearized(msg-dn)); talloc_free(mem_ctx); - return LDB_ERR_UNWILLING_TO_PERFORM; + return LDB_ERR_NO_SUCH_OBJECT; } } else { const struct ldb_val *parent_guid; @@ -491,9 +492,6 @@ static int objectclass_do_add(struct oc_context *ac) return LDB_ERR_UNWILLING_TO_PERFORM; } - /* TODO: Check this is a valid child to this parent, -* by reading the allowedChildClasses and -* allowedChildClasssesEffective attributes */ ret = ldb_msg_add_steal_value(msg, parentGUID, discard_const(parent_guid)); if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(ldb, objectclass: Cannot add %s, failed to add parentGUID, @@ -555,12 +553,52 @@ static int objectclass_do_add(struct oc_context *ac) struct ldb_message_element *el; int32_t systemFlags = 0; const char *rdn_name = ldb_dn_get_rdn_name(msg-dn); - if (ldb_attr_cmp(rdn_name, current-objectclass-rDNAttID) != 0) { -
[SCM] Samba Shared Repository - branch master updated - tevent-0-9-8-954-g02b289f
The branch, master has been updated via 02b289f65bf567acb233ad01e3512a9e29b6c757 (commit) from be938ab44b6095818501b23ca8422c731e14015a (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 02b289f65bf567acb233ad01e3512a9e29b6c757 Author: Matthias Dieter Wallnöfer mwallnoe...@yahoo.de Date: Tue Sep 29 11:43:17 2009 +0200 heimdal - fix various warnings - Shadowed variables - const related warnings - Parameter names which shadow function declarations - Non-void functions which have no return value (patch also ported upstream) --- Summary of changes: source4/heimdal/kuser/kinit.c |6 +++--- source4/heimdal/lib/hx509/ca.c |2 +- source4/heimdal/lib/hx509/cert.c|1 - source4/heimdal/lib/hx509/file.c|8 source4/heimdal/lib/hx509/ks_file.c | 10 +- source4/heimdal/lib/hx509/name.c| 20 ++-- source4/heimdal/lib/hx509/sel.c |1 + 7 files changed, 24 insertions(+), 24 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/heimdal/kuser/kinit.c b/source4/heimdal/kuser/kinit.c index 4208fa8..dd122b5 100644 --- a/source4/heimdal/kuser/kinit.c +++ b/source4/heimdal/kuser/kinit.c @@ -488,14 +488,14 @@ get_new_tickets(krb5_context context, addrs_flag ? FALSE : TRUE); if (renew_life == NULL renewable_flag) - renewstr = 1 month; + asprintf(renewstr, 1 month); if (renew_life) - renewstr = renew_life; + asprintf(renewstr, %s, renew_life); if (renewstr) { renew = parse_time (renewstr, s); if (renew 0) errx (1, unparsable time: %s, renewstr); - + free(renewstr); krb5_get_init_creds_opt_set_renew_life (opt, renew); } diff --git a/source4/heimdal/lib/hx509/ca.c b/source4/heimdal/lib/hx509/ca.c index 624d742..95f206f 100644 --- a/source4/heimdal/lib/hx509/ca.c +++ b/source4/heimdal/lib/hx509/ca.c @@ -692,7 +692,7 @@ add_utf8_san(hx509_context context, const heim_oid *oid, const char *string) { -const PKIXXmppAddr ustring = (const PKIXXmppAddr)string; +const PKIXXmppAddr ustring = string; heim_octet_string os; size_t size; int ret; diff --git a/source4/heimdal/lib/hx509/cert.c b/source4/heimdal/lib/hx509/cert.c index cd9ae01..7eda0eb 100644 --- a/source4/heimdal/lib/hx509/cert.c +++ b/source4/heimdal/lib/hx509/cert.c @@ -3383,7 +3383,6 @@ _hx509_cert_to_env(hx509_context context, hx509_cert cert, hx509_env *env) Certificate *c = _hx509_get_cert(cert); heim_octet_string os, sig; hx509_env envhash = NULL; - char *buf; os.data = c-tbsCertificate.subjectPublicKeyInfo.subjectPublicKey.data; os.length = diff --git a/source4/heimdal/lib/hx509/file.c b/source4/heimdal/lib/hx509/file.c index ba7a23f..674d270 100644 --- a/source4/heimdal/lib/hx509/file.c +++ b/source4/heimdal/lib/hx509/file.c @@ -121,14 +121,14 @@ hx509_pem_write(hx509_context context, const char *type, int hx509_pem_add_header(hx509_pem_header **headers, -const char *header, const char *value) +const char *hdr, const char *value) { hx509_pem_header *h; h = calloc(1, sizeof(*h)); if (h == NULL) return ENOMEM; -h-header = strdup(header); +h-header = strdup(hdr); if (h-header == NULL) { free(h); return ENOMEM; @@ -164,10 +164,10 @@ hx509_pem_free_header(hx509_pem_header *headers) */ const char * -hx509_pem_find_header(const hx509_pem_header *h, const char *header) +hx509_pem_find_header(const hx509_pem_header *h, const char *hdr) { while(h) { - if (strcmp(header, h-header) == 0) + if (strcmp(hdr, h-header) == 0) return h-value; h = h-next; } diff --git a/source4/heimdal/lib/hx509/ks_file.c b/source4/heimdal/lib/hx509/ks_file.c index 553191a..3955820 100644 --- a/source4/heimdal/lib/hx509/ks_file.c +++ b/source4/heimdal/lib/hx509/ks_file.c @@ -413,24 +413,24 @@ file_init_common(hx509_context context, goto out; for (p = f-fn; p != NULL; p = pnext) { - FILE *f; + FILE *f2; pnext = strchr(p, ','); if (pnext) *pnext++ = '\0'; - if ((f = fopen(p, r)) == NULL) { + if ((f2 = fopen(p, r)) == NULL) { ret = ENOENT; hx509_set_error_string(context, 0, ret, Failed to open PEM file \%s\: %s, p, strerror(errno)); goto out; } - rk_cloexec_file(f); + rk_cloexec_file(f2); - ret = hx509_pem_read(context, f, pem_func, pem_ctx); - fclose(f); + ret =
[SCM] Samba Shared Repository - branch master updated - tevent-0-9-8-955-g8172080
The branch, master has been updated via 817208090d6b6a50ca621403e2aed41045f88f9c (commit) from 02b289f65bf567acb233ad01e3512a9e29b6c757 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 817208090d6b6a50ca621403e2aed41045f88f9c Author: Matthias Dieter Wallnöfer mwallnoe...@yahoo.de Date: Thu Oct 1 11:37:01 2009 +0200 s4:ldb.h - add constant for LDAP EXOP password change Also enhance some other comments. --- Summary of changes: source4/lib/ldb/include/ldb.h | 25 + 1 files changed, 21 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/lib/ldb/include/ldb.h b/source4/lib/ldb/include/ldb.h index a91cb14..69d052b 100644 --- a/source4/lib/ldb/include/ldb.h +++ b/source4/lib/ldb/include/ldb.h @@ -605,20 +605,37 @@ typedef int (*ldb_qsort_cmp_fn_t) (void *v1, void *v2, void *opaque); #define LDB_CONTROL_SERVER_LAZY_COMMIT 1.2.840.113556.1.4.619 /** + OID for LDAP Extended Operation FAST_BIND + + This Extended operations is used to perform a fast bind. +*/ +#define LDB_EXTENDED_FAST_BIND_OID 1.2.840.113556.1.4.1781 + +/** OID for LDAP Extended Operation START_TLS. - This Extended operation is used to start a new TLS - channel on top of a clear text channel. + This Extended operation is used to start a new TLS channel on top of a clear + text channel. */ #define LDB_EXTENDED_START_TLS_OID 1.3.6.1.4.1.1466.20037 /** + OID for LDAP Extended Operation DYNAMIC_REFRESH. + + This Extended operation is used to create and maintain objects which exist + only a specific time, e.g. when a certain client or a certain person is + logged in. Data refreshes have to be periodically sent in a specific + interval. Otherwise the entry is going to be removed. */ #define LDB_EXTENDED_DYNAMIC_OID 1.3.6.1.4.1.1466.101.119.1 -/** +/* + OID for LDAP Extended Operation PASSWORD_CHANGE. + + This Extended operation is used to allow user password changes by the user + itself. */ -#define LDB_EXTENDED_FAST_BIND_OID 1.2.840.113556.1.4.1781 +#define LDB_EXTENDED_PASSWORD_CHANGE_OID 1.3.6.1.4.1.4203.1.11.1 struct ldb_sd_flags_control { -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated - tevent-0-9-8-956-g70e1d81
The branch, master has been updated via 70e1d816b3dea24e260673d258f859678eb732e1 (commit) from 817208090d6b6a50ca621403e2aed41045f88f9c (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 70e1d816b3dea24e260673d258f859678eb732e1 Author: Volker Lendecke v...@samba.org Date: Sat Oct 3 14:21:13 2009 +0200 s3: Make default_[static|shared]_modules a bit more readable --- Summary of changes: source3/configure.in | 54 - 1 files changed, 52 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/configure.in b/source3/configure.in index 9775ce4..0224737 100644 --- a/source3/configure.in +++ b/source3/configure.in @@ -380,10 +380,60 @@ AC_SUBST(DYNEXP) dnl Add modules that have to be built by default here dnl These have to be built static: -default_static_modules=pdb_smbpasswd pdb_tdbsam pdb_wbc_sam rpc_lsarpc rpc_samr rpc_winreg rpc_initshutdown rpc_dssetup rpc_wkssvc rpc_svcctl rpc_ntsvcs rpc_netlogon rpc_netdfs rpc_srvsvc rpc_spoolss rpc_eventlog auth_sam auth_unix auth_winbind auth_wbc auth_server auth_domain auth_builtin auth_netlogond vfs_default nss_info_template +default_static_modules= +default_static_modules=$default_static_modules pdb_smbpasswd +default_static_modules=$default_static_modules pdb_tdbsam +default_static_modules=$default_static_modules pdb_wbc_sam +default_static_modules=$default_static_modules rpc_lsarpc +default_static_modules=$default_static_modules rpc_samr +default_static_modules=$default_static_modules rpc_winreg +default_static_modules=$default_static_modules rpc_initshutdown +default_static_modules=$default_static_modules rpc_dssetup +default_static_modules=$default_static_modules rpc_wkssvc +default_static_modules=$default_static_modules rpc_svcctl +default_static_modules=$default_static_modules rpc_ntsvcs +default_static_modules=$default_static_modules rpc_netlogon +default_static_modules=$default_static_modules rpc_netdfs +default_static_modules=$default_static_modules rpc_srvsvc +default_static_modules=$default_static_modules rpc_spoolss +default_static_modules=$default_static_modules rpc_eventlog +default_static_modules=$default_static_modules auth_sam +default_static_modules=$default_static_modules auth_unix +default_static_modules=$default_static_modules auth_winbind +default_static_modules=$default_static_modules auth_wbc +default_static_modules=$default_static_modules auth_server +default_static_modules=$default_static_modules auth_domain +default_static_modules=$default_static_modules auth_builtin +default_static_modules=$default_static_modules auth_netlogond +default_static_modules=$default_static_modules vfs_default +default_static_modules=$default_static_modules nss_info_template dnl These are preferably build shared, and static if dlopen() is not available -default_shared_modules=vfs_recycle vfs_audit vfs_extd_audit vfs_full_audit vfs_netatalk vfs_fake_perms vfs_default_quota vfs_readonly vfs_cap vfs_expand_msdfs vfs_shadow_copy vfs_shadow_copy2 charset_CP850 charset_CP437 auth_script vfs_readahead vfs_xattr_tdb vfs_streams_xattr vfs_streams_depot vfs_acl_xattr vfs_acl_tdb vfs_smb_traffic_analyzer vfs_preopen vfs_catia +default_shared_modules= +default_shared_modules=$default_shared_modules vfs_recycle +default_shared_modules=$default_shared_modules vfs_audit +default_shared_modules=$default_shared_modules vfs_extd_audit +default_shared_modules=$default_shared_modules vfs_full_audit +default_shared_modules=$default_shared_modules vfs_netatalk +default_shared_modules=$default_shared_modules vfs_fake_perms +default_shared_modules=$default_shared_modules vfs_default_quota +default_shared_modules=$default_shared_modules vfs_readonly +default_shared_modules=$default_shared_modules vfs_cap +default_shared_modules=$default_shared_modules vfs_expand_msdfs +default_shared_modules=$default_shared_modules vfs_shadow_copy +default_shared_modules=$default_shared_modules vfs_shadow_copy2 +default_shared_modules=$default_shared_modules charset_CP850 +default_shared_modules=$default_shared_modules charset_CP437 +default_shared_modules=$default_shared_modules auth_script +default_shared_modules=$default_shared_modules vfs_readahead +default_shared_modules=$default_shared_modules vfs_xattr_tdb +default_shared_modules=$default_shared_modules vfs_streams_xattr +default_shared_modules=$default_shared_modules vfs_streams_depot +default_shared_modules=$default_shared_modules vfs_acl_xattr +default_shared_modules=$default_shared_modules vfs_acl_tdb +default_shared_modules=$default_shared_modules vfs_smb_traffic_analyzer +default_shared_modules=$default_shared_modules vfs_preopen +default_shared_modules=$default_shared_modules vfs_catia if test x$developer = xyes; then
[SCM] Samba Shared Repository - branch master updated - tevent-0-9-8-960-g957cc4b
The branch, master has been updated via 957cc4b8b6aa3107a4dc565aa0f1052e9a942d2e (commit) via 339325792023c0f486c11c5967faeea50ca20945 (commit) via 24422fae24744f9c9113342692db285ba1409799 (commit) via cb143eafef1dae1e055454fa3a5e90183e6c4f5d (commit) from 70e1d816b3dea24e260673d258f859678eb732e1 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 957cc4b8b6aa3107a4dc565aa0f1052e9a942d2e Author: Matthias Dieter Wallnöfer mwallnoe...@yahoo.de Date: Sat Oct 3 15:37:25 2009 +0200 s4:ldb_tdb - fix memory leaks commit 339325792023c0f486c11c5967faeea50ca20945 Author: Matthias Dieter Wallnöfer mwallnoe...@yahoo.de Date: Sat Oct 3 15:36:44 2009 +0200 heimdal kerberos - fix memory leak (free the plugin list always - not only in error cases) commit 24422fae24744f9c9113342692db285ba1409799 Author: Matthias Dieter Wallnöfer mwallnoe...@yahoo.de Date: Sat Oct 3 15:08:19 2009 +0200 s4:objectclass - Free unused memory from responses commit cb143eafef1dae1e055454fa3a5e90183e6c4f5d Author: Matthias Dieter Wallnöfer mwallnoe...@yahoo.de Date: Sat Oct 3 15:08:00 2009 +0200 s4:schema_inferiors - Fix wrong check --- Summary of changes: source4/dsdb/samdb/ldb_modules/objectclass.c |3 +++ source4/dsdb/schema/schema_inferiors.c |2 +- source4/heimdal/kdc/windc.c |2 +- source4/lib/ldb/ldb_tdb/ldb_tdb.c| 19 --- 4 files changed, 17 insertions(+), 9 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/dsdb/samdb/ldb_modules/objectclass.c b/source4/dsdb/samdb/ldb_modules/objectclass.c index 51a1ac8..b6f1a1a 100644 --- a/source4/dsdb/samdb/ldb_modules/objectclass.c +++ b/source4/dsdb/samdb/ldb_modules/objectclass.c @@ -881,6 +881,8 @@ static int oc_modify_callback(struct ldb_request *req, struct ldb_reply *ares) LDB_ERR_OPERATIONS_ERROR); } + talloc_free(ares); + ret = ldb_build_search_req(search_req, ldb, ac, ac-req-op.mod.message-dn, LDB_SCOPE_BASE, (objectClass=*), @@ -1089,6 +1091,7 @@ static int objectclass_rename_callback(struct ldb_request *req, struct ldb_reply ares-response, ares-error); } + talloc_free(ares); /* the ac-search_res should contain the new parents objectGUID */ parent_guid = ldb_msg_find_ldb_val(ac-search_res-message, objectGUID); diff --git a/source4/dsdb/schema/schema_inferiors.c b/source4/dsdb/schema/schema_inferiors.c index 264e471..3be97b6 100644 --- a/source4/dsdb/schema/schema_inferiors.c +++ b/source4/dsdb/schema/schema_inferiors.c @@ -207,7 +207,7 @@ static void schema_fill_system_possible_inferiors(struct dsdb_schema *schema, st if (c2-objectClassCategory != 2 c2-objectClassCategory != 3 str_list_check(superiors, schema_class-lDAPDisplayName)) { - if (schema_class-possibleInferiors == NULL) { + if (schema_class-systemPossibleInferiors == NULL) { schema_class-systemPossibleInferiors = str_list_make_empty(schema_class); } schema_class-systemPossibleInferiors = str_list_add_const(schema_class-systemPossibleInferiors, diff --git a/source4/heimdal/kdc/windc.c b/source4/heimdal/kdc/windc.c index 9d7fa52..ab844e3 100644 --- a/source4/heimdal/kdc/windc.c +++ b/source4/heimdal/kdc/windc.c @@ -61,8 +61,8 @@ krb5_kdc_windc_init(krb5_context context) (*windcft-init)(context, windcctx); break; } +_krb5_plugin_free(list); if (e == NULL) { - _krb5_plugin_free(list); krb5_set_error_message(context, ENOENT, Did not find any WINDC plugin); windcft = NULL; return ENOENT; diff --git a/source4/lib/ldb/ldb_tdb/ldb_tdb.c b/source4/lib/ldb/ldb_tdb/ldb_tdb.c index 7427b98..0820895 100644 --- a/source4/lib/ldb/ldb_tdb/ldb_tdb.c +++ b/source4/lib/ldb/ldb_tdb/ldb_tdb.c @@ -601,11 +601,13 @@ int ltdb_modify_internal(struct ldb_module *module, msg2 = talloc(tdb_key.dptr, struct ldb_message); if (msg2 == NULL) { + free(tdb_data.dptr); talloc_free(tdb_key.dptr); return LDB_ERR_OTHER; } ret = ltdb_unpack_data(module, tdb_data, msg2); + free(tdb_data.dptr); if (ret == -1) { ret = LDB_ERR_OTHER; goto failed; @@ -625,7 +627,8 @@ int ltdb_modify_internal(struct ldb_module *module, if (ldb_attr_cmp(el-name, distinguishedName) == 0) { ldb_asprintf_errstring(ldb, it is not permitted to perform a modify
[SCM] Samba Shared Repository - branch master updated - tevent-0-9-8-961-gdc56d42
The branch, master has been updated via dc56d42aa364e463135ebf8e6e87c337147d396c (commit) from 957cc4b8b6aa3107a4dc565aa0f1052e9a942d2e (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit dc56d42aa364e463135ebf8e6e87c337147d396c Author: Volker Lendecke v...@samba.org Date: Sat Oct 3 16:36:11 2009 +0200 s3:winbind: Fix a debug message --- Summary of changes: source3/winbindd/nss_info.c |4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/winbindd/nss_info.c b/source3/winbindd/nss_info.c index 382aa86..c2518dc 100644 --- a/source3/winbindd/nss_info.c +++ b/source3/winbindd/nss_info.c @@ -259,8 +259,8 @@ static struct nss_domain_entry *find_nss_domain( const char *domain ) status = nss_init( lp_winbind_nss_info() ); if ( !NT_STATUS_IS_OK(status) ) { - DEBUG(4,(nss_get_info: Failed to init nss_info API (%s)!\n, -nt_errstr(status))); + DEBUG(4,(find_nss_domain: Failed to init nss_info API +(%s)!\n, nt_errstr(status))); return NULL; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated - tevent-0-9-8-962-g2bd3994
The branch, master has been updated via 2bd3994ac3e53312fb0902d3d5dd61629b3e7510 (commit) from dc56d42aa364e463135ebf8e6e87c337147d396c (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 2bd3994ac3e53312fb0902d3d5dd61629b3e7510 Author: Volker Lendecke v...@samba.org Date: Sat Oct 3 16:43:01 2009 +0200 s3:winbind: use talloc_tos() instead of NULL in fillup_pw_field --- Summary of changes: source3/winbindd/winbindd_user.c |4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/winbindd/winbindd_user.c b/source3/winbindd/winbindd_user.c index b23b7df..7af2d6d 100644 --- a/source3/winbindd/winbindd_user.c +++ b/source3/winbindd/winbindd_user.c @@ -47,11 +47,11 @@ bool fillup_pw_field(const char *lp_template, Otherwise use the template value passed in. */ if ( in !strequal(in,) lp_security() == SEC_ADS ) { - templ = talloc_sub_specified(NULL, in, + templ = talloc_sub_specified(talloc_tos(), in, username, domname, uid, gid); } else { - templ = talloc_sub_specified(NULL, lp_template, + templ = talloc_sub_specified(talloc_tos(), lp_template, username, domname, uid, gid); } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated - tevent-0-9-8-963-g6a4efcc
The branch, master has been updated via 6a4efccb38109423e22714ce071d8357073bf5ce (commit) from 2bd3994ac3e53312fb0902d3d5dd61629b3e7510 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 6a4efccb38109423e22714ce071d8357073bf5ce Author: Matthias Dieter Wallnöfer mwallnoe...@yahoo.de Date: Sat Oct 3 16:50:34 2009 +0200 s4:ldap.py - commented out the UTF8 tests (and fixed some deletion DNs) --- Summary of changes: source4/lib/ldb/tests/python/ldap.py | 22 -- 1 files changed, 12 insertions(+), 10 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/lib/ldb/tests/python/ldap.py b/source4/lib/ldb/tests/python/ldap.py index 59bb5d2..4ec8f87 100755 --- a/source4/lib/ldb/tests/python/ldap.py +++ b/source4/lib/ldb/tests/python/ldap.py @@ -111,8 +111,8 @@ class BasicTests(unittest.TestCase): self.delete_force(self.ldb, cn=ldaptestcomputer,cn=computers, + self.base_dn) self.delete_force(self.ldb, cn=ldaptest2computer,cn=computers, + self.base_dn) self.delete_force(self.ldb, cn=ldaptestcomputer3,cn=computers, + self.base_dn) -self.delete_force(self.ldb, cn=ldaptestutf8user èùéìòà ,cn=users, + self.base_dn) -self.delete_force(self.ldb, cn=ldaptestutf8user2 èùéìòà ,cn=users, + self.base_dn) +self.delete_force(self.ldb, cn=ldaptestutf8user èùéìòà ,cn=users, + self.base_dn) +self.delete_force(self.ldb, cn=ldaptestutf8user2 èùéìòà ,cn=users, + self.base_dn) self.delete_force(self.ldb, cn=ldaptestcontainer, + self.base_dn) self.delete_force(self.ldb, cn=ldaptestcontainer2, + self.base_dn) self.delete_force(self.ldb, cn=parentguidtest,cn=users, + self.base_dn) @@ -1005,9 +1005,9 @@ member: cn=ldaptestuser2,cn=users, + self.base_dn + print Testing delete of renamed cn=ldaptestcontainer2, + self.base_dn ldb.delete(cn=ldaptestcontainer2, + self.base_dn) -ldb.add({dn: cn=ldaptestutf8user èùéìòà ,cn=users, + self.base_dn, objectClass: user}) +ldb.add({dn: cn=ldaptestutf8user èùéìòà ,cn=users, + self.base_dn, objectClass: user}) -ldb.add({dn: cn=ldaptestutf8user2 èùéìòà ,cn=users, + self.base_dn, objectClass: user}) +ldb.add({dn: cn=ldaptestutf8user2 èùéìòà ,cn=users, + self.base_dn, objectClass: user}) print Testing ldb.search for ((cn=ldaptestuser)(objectClass=user)) res = ldb.search(expression=((cn=ldaptestuser)(objectClass=user))) @@ -1254,7 +1254,9 @@ member: CN=ldaptestutf8user èùéìòà ,CN=Users, + self.base_dn + self.assertTrue(member not in res[0]) print Testing ldb.search for ((cn=ldaptestutf8user ÃÃÃÃÃÃ)(objectClass=user)) -res = ldb.search(expression=((cn=ldaptestutf8user ÃÃÃÃÃÃ)(objectClass=user))) +# TODO UTF8 users don't seem to work fully anymore +#res = ldb.search(expression=((cn=ldaptestutf8user ÃÃÃÃÃÃ)(objectClass=user))) +res = ldb.search(expression=((cn=ldaptestutf8user èùéìòà )(objectclass=user))) self.assertEquals(len(res), 1, Could not find ((cn=ldaptestutf8user ÃÃÃÃÃÃ)(objectClass=user))) self.assertEquals(str(res[0].dn), (CN=ldaptestutf8user èùéìòà ,CN=Users, + self.base_dn)) @@ -1275,9 +1277,9 @@ member: CN=ldaptestutf8user èùéìòà ,CN=Users, + self.base_dn + ldb.delete((CN=ldaptestgroup2,CN=Users, + self.base_dn)) print Testing ldb.search for ((cn=ldaptestutf8user2 ÃÃÃÃÃÃ)(objectClass=user)) -res = ldb.search(expression=((cn=ldaptestutf8user ÃÃÃÃÃÃ)(objectClass=user))) - -#FIXME: self.assert len(res) == 1, Could not find (expect space collapse, win2k3 fails) ((cn=ldaptestutf8user2 ÃÃÃÃÃÃ)(objectClass=user)) +# TODO UTF8 users don't seem to work fully anymore +#res = ldb.search(expression=((cn=ldaptestutf8user ÃÃÃÃÃÃ)(objectClass=user))) +#self.assertEquals(len(res), 1, Could not find ((cn=ldaptestutf8user ÃÃÃÃÃÃ)(objectClass=user))) print Testing that we can't get at the configuration DN from the main search base res = ldb.search(self.base_dn, expression=objectClass=crossRef, scope=SCOPE_SUBTREE, attrs=[cn]) @@ -1360,8 +1362,8 @@ member: CN=ldaptestutf8user èùéìòà ,CN=Users, + self.base_dn + self.delete_force(self.ldb, cn=ldaptestcomputer,cn=computers, + self.base_dn) self.delete_force(self.ldb, cn=ldaptest2computer,cn=computers, + self.base_dn) self.delete_force(self.ldb, cn=ldaptestcomputer3,cn=computers, + self.base_dn) -self.delete_force(self.ldb, cn=ldaptestutf8user èùéìòà ,cn=users, + self.base_dn) -self.delete_force(self.ldb, cn=ldaptestutf8user2 èùéìòà ,cn=users,
Re: [SCM] Samba Shared Repository - branch master updated - tevent-0-9-8-963-g6a4efcc
Hi Matthias, On Sat, 2009-10-03 at 09:55 -0500, Matthias Dieter Wallnöfer wrote: @@ -1254,7 +1254,9 @@ member: CN=ldaptestutf8user èùéìòà,CN=Users, + self.base_dn + self.assertTrue(member not in res[0]) print Testing ldb.search for ((cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user)) -res = ldb.search(expression=((cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))) +# TODO UTF8 users don't seem to work fully anymore +#res = ldb.search(expression=((cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))) +res = ldb.search(expression=((cn=ldaptestutf8user èùéìòà)(objectclass=user))) self.assertEquals(len(res), 1, Could not find ((cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))) self.assertEquals(str(res[0].dn), (CN=ldaptestutf8user èùéìòà,CN=Users, + self.base_dn)) @@ -1275,9 +1277,9 @@ member: CN=ldaptestutf8user èùéìòà,CN=Users, + self.base_dn + ldb.delete((CN=ldaptestgroup2,CN=Users, + self.base_dn)) print Testing ldb.search for ((cn=ldaptestutf8user2 ÈÙÉÌÒÀ)(objectClass=user)) -res = ldb.search(expression=((cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))) - -#FIXME: self.assert len(res) == 1, Could not find (expect space collapse, win2k3 fails) ((cn=ldaptestutf8user2 ÈÙÉÌÒÀ)(objectClass=user)) +# TODO UTF8 users don't seem to work fully anymore +#res = ldb.search(expression=((cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))) +#self.assertEquals(len(res), 1, Could not find ((cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))) print Testing that we can't get at the configuration DN from the main search base res = ldb.search(self.base_dn, expression=objectClass=crossRef, scope=SCOPE_SUBTREE, attrs=[cn]) @@ -1360,8 +1362,8 @@ member: CN=ldaptestutf8user èùéìòà,CN=Users, + self.base_dn + self.delete_force(self.ldb, cn=ldaptestcomputer,cn=computers, + self.base_dn) self.delete_force(self.ldb, cn=ldaptest2computer,cn=computers, + self.base_dn) self.delete_force(self.ldb, cn=ldaptestcomputer3,cn=computers, + self.base_dn) -self.delete_force(self.ldb, cn=ldaptestutf8user èùéìòà ,cn=users, + self.base_dn) -self.delete_force(self.ldb, cn=ldaptestutf8user2 èùéìòà ,cn=users, + self.base_dn) +self.delete_force(self.ldb, cn=ldaptestutf8user èùéìòà,cn=users, + self.base_dn) +self.delete_force(self.ldb, cn=ldaptestutf8user2 èùéìòà,cn=users, + self.base_dn) self.delete_force(self.ldb, cn=ldaptestcontainer, + self.base_dn) self.delete_force(self.ldb, cn=ldaptestcontainer2, + self.base_dn) These tests still run fine, but unfortunately we seem to depend on a particular locale being set (in the environment?). We might want to force a particular locale during these tests . Cheers, Jelmer signature.asc Description: This is a digitally signed message part
[SCM] Samba Shared Repository - branch master updated - tevent-0-9-8-965-gd5bd2ec
The branch, master has been updated via d5bd2ec25188988149e52bac1e301a0648cb01f7 (commit) via c83b80435bc88983dac75af084be853bdbd4093e (commit) from 6a4efccb38109423e22714ce071d8357073bf5ce (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit d5bd2ec25188988149e52bac1e301a0648cb01f7 Author: Volker Lendecke v...@samba.org Date: Sat Oct 3 17:10:53 2009 +0200 s3:winbind: use wb_fill_pwent in wb_getpwsid commit c83b80435bc88983dac75af084be853bdbd4093e Author: Volker Lendecke v...@samba.org Date: Sat Oct 3 17:11:43 2009 +0200 s3:winbind: No point in using strequal to detect a 0-length string --- Summary of changes: source3/winbindd/wb_getpwsid.c | 89 - source3/winbindd/winbindd_user.c |4 +- 2 files changed, 12 insertions(+), 81 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/winbindd/wb_getpwsid.c b/source3/winbindd/wb_getpwsid.c index 1295d5b..4ccc51a 100644 --- a/source3/winbindd/wb_getpwsid.c +++ b/source3/winbindd/wb_getpwsid.c @@ -31,8 +31,7 @@ struct wb_getpwsid_state { static void wb_getpwsid_queryuser_done(struct tevent_req *subreq); static void wb_getpwsid_lookupsid_done(struct tevent_req *subreq); -static void wb_getpwsid_sid2uid_done(struct tevent_req *subreq); -static void wb_getpwsid_sid2gid_done(struct tevent_req *subreq); +static void wb_getpwsid_done(struct tevent_req *subreq); struct tevent_req *wb_getpwsid_send(TALLOC_CTX *mem_ctx, struct tevent_context *ev, @@ -83,14 +82,14 @@ static void wb_getpwsid_queryuser_done(struct tevent_req *subreq) (state-userinfo-acct_name[0] != '\0')) { /* * QueryUser got us a name, let's got directly to the -* sid2uid step +* fill_pwent step */ - subreq = wb_sid2uid_send(state, state-ev, -state-userinfo-user_sid); + subreq = wb_fill_pwent_send(state, state-ev, state-userinfo, + state-pw); if (tevent_req_nomem(subreq, req)) { return; } - tevent_req_set_callback(subreq, wb_getpwsid_sid2uid_done, req); + tevent_req_set_callback(subreq, wb_getpwsid_done, req); return; } @@ -122,93 +121,25 @@ static void wb_getpwsid_lookupsid_done(struct tevent_req *subreq) tevent_req_nterror(req, status); return; } - subreq = wb_sid2uid_send(state, state-ev, state-userinfo-user_sid); + subreq = wb_fill_pwent_send(state, state-ev, state-userinfo, + state-pw); if (tevent_req_nomem(subreq, req)) { return; } - tevent_req_set_callback(subreq, wb_getpwsid_sid2uid_done, req); + tevent_req_set_callback(subreq, wb_getpwsid_done, req); } -static void wb_getpwsid_sid2uid_done(struct tevent_req *subreq) +static void wb_getpwsid_done(struct tevent_req *subreq) { struct tevent_req *req = tevent_req_callback_data( subreq, struct tevent_req); - struct wb_getpwsid_state *state = tevent_req_data( - req, struct wb_getpwsid_state); - NTSTATUS status; - - status = wb_sid2uid_recv(subreq, state-pw-pw_uid); - TALLOC_FREE(subreq); - if (!NT_STATUS_IS_OK(status)) { - tevent_req_nterror(req, status); - return; - } - subreq = wb_sid2gid_send(state, state-ev, -state-userinfo-group_sid); - if (tevent_req_nomem(subreq, req)) { - return; - } - tevent_req_set_callback(subreq, wb_getpwsid_sid2gid_done, req); -} - -static void wb_getpwsid_sid2gid_done(struct tevent_req *subreq) -{ - struct tevent_req *req = tevent_req_callback_data( - subreq, struct tevent_req); - struct wb_getpwsid_state *state = tevent_req_data( - req, struct wb_getpwsid_state); NTSTATUS status; - char *username; - char *mapped_name; - status = wb_sid2gid_recv(subreq, state-pw-pw_gid); - TALLOC_FREE(subreq); + status = wb_fill_pwent_recv(subreq); if (!NT_STATUS_IS_OK(status)) { tevent_req_nterror(req, status); return; } - - username = talloc_strdup_lower(state, state-userinfo-acct_name); - if (tevent_req_nomem(username, req)) { - return; - } - - status = normalize_name_map(state, state-user_domain, username, - mapped_name); - - if (NT_STATUS_IS_OK(status) - || NT_STATUS_EQUAL(status, NT_STATUS_FILE_RENAMED)) { -
[SCM] Samba Shared Repository - branch master updated - tevent-0-9-8-973-g984d001
The branch, master has been updated via 984d001cae4afb18043367bc7f59bb41495682fe (commit) via 71229dde1e9b4b0bd3e690c6c9e5e5913c90ffe8 (commit) via a45716400dd9a219b3fde9ef74004c205a7a8fe4 (commit) via da597f2df00d59d4f844dfbdf9056bc0f4c2c893 (commit) via 63dedac08f378b222bd41b00133cdf97a714d710 (commit) via 19794ea54147f40c3ca2de2593ad6c488e63f8b1 (commit) via be348842f5a19751dc84aca4d741c9afb5af1bd6 (commit) via eae87ffb3fa6c2731ad342be0de2810ab957b174 (commit) from d5bd2ec25188988149e52bac1e301a0648cb01f7 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 984d001cae4afb18043367bc7f59bb41495682fe Author: Björn Jacke b...@sernet.de Date: Sun Oct 4 01:40:34 2009 +0200 s3:Makefile: another attempt to fix the wbclient dependency in the dependencies we always used a variable that was not jet defined. commit 71229dde1e9b4b0bd3e690c6c9e5e5913c90ffe8 Author: Björn Jacke b...@sernet.de Date: Sun Oct 4 01:33:12 2009 +0200 s3:Makefile: another attempt to fix the netapi dependency in the dependencies we always used a variable that was not jet defined. commit a45716400dd9a219b3fde9ef74004c205a7a8fe4 Author: Björn Jacke b...@sernet.de Date: Sun Oct 4 01:30:43 2009 +0200 s3:Makefile: another attempt to fix the tdb dependency in the dependencies we always used a variable that was not jet defined. commit da597f2df00d59d4f844dfbdf9056bc0f4c2c893 Author: Björn Jacke b...@sernet.de Date: Sun Oct 4 01:20:38 2009 +0200 s3:Makefile: another attempt to fix the talloc dependency in the dependencies we always used a variable that was not jet defined. commit 63dedac08f378b222bd41b00133cdf97a714d710 Author: Björn Jacke b...@sernet.de Date: Sat Oct 3 23:04:12 2009 +0200 Revert s3:Makefile: fix talloc dependencies with static build (2nd try) This reverts commit b60d87c20712bd3d83166bd13fe1d2bab0315609. commit 19794ea54147f40c3ca2de2593ad6c488e63f8b1 Author: Björn Jacke b...@sernet.de Date: Sat Oct 3 23:00:37 2009 +0200 Revert s3:Makefile: fix libtdb dependencies with static build This reverts commit da15726630b0f796aef52a20d96898e269058456. commit be348842f5a19751dc84aca4d741c9afb5af1bd6 Author: Björn Jacke b...@sernet.de Date: Sat Oct 3 22:53:52 2009 +0200 Revert s3:Makefile: fix libwbclient dependencies with static build This reverts commit d7795f2afa3779399fe9e7b4f050d19a412f8bcd. commit eae87ffb3fa6c2731ad342be0de2810ab957b174 Author: Björn Jacke b...@sernet.de Date: Sat Oct 3 22:53:15 2009 +0200 Revert s3:Makefile: fix libnetapi dependencies with static build This reverts commit 110897a057af01f3c01a1783e06080b54631ba2d. --- Summary of changes: source3/Makefile.in | 140 +- 1 files changed, 70 insertions(+), 70 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/Makefile.in b/source3/Makefile.in index 5d98f64..64ed868 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -69,6 +69,7 @@ krb5li...@krb5_libs@ ldap_li...@ldap_libs@ nscd_li...@nscd_libs@ uuid_li...@uuid_libs@ +libwbclie...@libwbclient_static@ @LIBWBCLIENT_SHARED@ libwbclient_li...@libwbclient_libs@ winbind_nss_extra_li...@winbind_nss_extra_libs@ winbind_nss_pthre...@winbind_nss_pthread@ @@ -76,8 +77,11 @@ pam_winbind_extra_li...@pam_winbind_extra_libs@ dnssd_li...@dnssd_libs@ avahi_li...@avahi_libs@ popt_li...@poptlibs@ +libtall...@libtalloc_static@ @LIBTALLOC_SHARED@ libtalloc_li...@libtalloc_libs@ +libt...@libtdb_static@ @LIBTDB_SHARED@ libtdb_li...@libtdb_libs@ +libneta...@libnetapi_static@ @LIBNETAPI_SHARED@ libnetapi_li...@libnetapi_libs@ libsmbclient_li...@libsmbclient_libs@ libsmbsharemodes_li...@libsmbsharemodes_libs@ @@ -1530,7 +1534,7 @@ bin/.dummy: dir=bin $(MAKEDIR); fi @: $@ || : $@ # what a fancy emoticon! -bin/s...@exeext@: $(BINARY_PREREQS) $(SMBD_OBJ) libtalloc libtdb libwbclient @BUILD_POPT@ +bin/s...@exeext@: $(BINARY_PREREQS) $(SMBD_OBJ) $(LIBTALLOC) $(LIBTDB) $(LIBWBCLIENT) @BUILD_POPT@ @echo Linking $@ @$(CC) -o $@ $(SMBD_OBJ) $(LDFLAGS) $(LDAP_LIBS) @SMBD_FAM_LIBS@ \ $(KRB5LIBS) $(DYNEXP) $(PRINT_LIBS) $(AUTH_LIBS) \ @@ -1538,33 +1542,33 @@ bin/s...@exeext@: $(BINARY_PREREQS) $(SMBD_OBJ) libtalloc libtdb libwbclient @BU $(POPT_LIBS) @SMBD_LIBS@ $(LIBTALLOC_LIBS) $(LIBTDB_LIBS) \ $(LIBWBCLIENT_LIBS) $(ZLIB_LIBS) -bin/n...@exeext@: $(BINARY_PREREQS) $(NMBD_OBJ) @BUILD_POPT@ libtalloc libtdb +bin/n...@exeext@: $(BINARY_PREREQS) $(NMBD_OBJ) @BUILD_POPT@ $(LIBTALLOC) $(LIBTDB) @echo Linking $@ @$(CC) -o $@ $(NMBD_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) \