svn commit: samba r19731 - in branches/SAMBA_4_0: source/dsdb/samdb/ldb_modules source/lib/ldb/common source/lib/ldb/include source/lib/ldb/modules testprogs/ejs
Author: abartlet Date: 2006-11-16 09:16:17 + (Thu, 16 Nov 2006) New Revision: 19731 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19731 Log: Modify the ldb_map infrustructure to always map from requested attributes to backend (remote) attributes. We can't do a reverse mapping safely where the remote attribute may be a source for multiple local attributes. (We end up with the wrong attributes returned). In doing this, I've modified the samba3sam.js test to be more realistic, and fixed some failures in the handling of primaryGroupID. I've added a new (private) helper function ldb_msg_remove_element() to avoid a double lookup of the element name. I've also re-formatted many of the function headers, to fit into standard editor widths. Andrew Bartlett Modified: branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/samba3sam.c branches/SAMBA_4_0/source/lib/ldb/common/ldb_msg.c branches/SAMBA_4_0/source/lib/ldb/include/ldb_private.h branches/SAMBA_4_0/source/lib/ldb/modules/ldb_map.c branches/SAMBA_4_0/source/lib/ldb/modules/ldb_map_outbound.c branches/SAMBA_4_0/source/lib/ldb/modules/ldb_map_private.h branches/SAMBA_4_0/testprogs/ejs/samba3sam.js Changeset: Sorry, the patch is too large (806 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19731
svn commit: samba r19732 - in branches/SAMBA_4_0/source: dsdb/samdb/ldb_modules scripting/ejs
Author: abartlet Date: 2006-11-16 09:34:19 + (Thu, 16 Nov 2006) New Revision: 19732 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19732 Log: The 'res' from ldb_search is only valid if the call returns LDB_SUCCESS. This seems to show up (as an abort() from talloc) particularly under ldb_ildap. Andrew Bartlett Modified: branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/samldb.c branches/SAMBA_4_0/source/scripting/ejs/smbcalls_ldb.c Changeset: Modified: branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/samldb.c === --- branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/samldb.c 2006-11-16 09:16:17 UTC (rev 19731) +++ branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/samldb.c 2006-11-16 09:34:19 UTC (rev 19732) @@ -200,9 +200,12 @@ do { ret = ldb_search(module-ldb, sdn, LDB_SCOPE_BASE, (|(objectClass=domain)(objectClass=builtinDomain)), attrs, res); - talloc_steal(local_ctx, res); - if (ret == LDB_SUCCESS res-count == 1) - break; + if (ret == LDB_SUCCESS) { + talloc_steal(local_ctx, res); + if (res-count == 1) { + break; + } + } } while ((sdn = ldb_dn_get_parent(local_ctx, sdn))); if (ret != LDB_SUCCESS || res-count != 1) { Modified: branches/SAMBA_4_0/source/scripting/ejs/smbcalls_ldb.c === --- branches/SAMBA_4_0/source/scripting/ejs/smbcalls_ldb.c 2006-11-16 09:16:17 UTC (rev 19731) +++ branches/SAMBA_4_0/source/scripting/ejs/smbcalls_ldb.c 2006-11-16 09:34:19 UTC (rev 19732) @@ -111,8 +111,8 @@ mpr_Return(eid, mprCreateUndefinedVar()); } else { mpr_Return(eid, mprLdbArray(ldb, res-msgs, res-count, ldb_message)); + talloc_free(res); } - talloc_free(res); talloc_free(tmp_ctx); return 0;
svn commit: samba r19733 - in branches/SAMBA_4_0/source/lib/ldb/modules: .
Author: abartlet Date: 2006-11-16 09:55:58 + (Thu, 16 Nov 2006) New Revision: 19733 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19733 Log: More work to fix ldb_map. With the wildcard present, map_attr_find_local() always returns, which is exactly what we don't want. Instead, rely on the overwrite behaviour. Andrew Bartlett Modified: branches/SAMBA_4_0/source/lib/ldb/modules/ldb_map_outbound.c Changeset: Modified: branches/SAMBA_4_0/source/lib/ldb/modules/ldb_map_outbound.c === --- branches/SAMBA_4_0/source/lib/ldb/modules/ldb_map_outbound.c 2006-11-16 09:34:19 UTC (rev 19732) +++ branches/SAMBA_4_0/source/lib/ldb/modules/ldb_map_outbound.c 2006-11-16 09:55:58 UTC (rev 19733) @@ -348,12 +348,8 @@ /* Perhaps we have a mapping for * */ if (map map-type == MAP_KEEP) { /* We copy everything over, and hope that anything with a - more specific rule is overwritten, or caught by the test below */ + more specific rule is overwritten */ for (i = 0; i remote-num_elements; i++) { - if (map_attr_find_local(data, remote-elements[i].name)) { - /* The name this would have been copied to has a more specific mapping */ - continue; - } el = ldb_msg_el_map_remote(module, local, map, remote-elements[i].name, remote-elements[i]); if (el == NULL) { @@ -1039,7 +1035,7 @@ /* Limit result to requested attrs */ if ((req-op.search.attrs) (!ldb_attr_in_list(req-op.search.attrs, *))) { for (i = 0; i ares-message-num_elements; ) { - const struct ldb_message_element *el = ares-message-elements[i]; + struct ldb_message_element *el = ares-message-elements[i]; if (!ldb_attr_in_list(req-op.search.attrs, el-name)) { ldb_msg_remove_element(ares-message, el); } else {
svn commit: samba r19734 - in branches/SAMBA_4_0/source/libcli/util: .
Author: metze Date: 2006-11-16 10:37:21 + (Thu, 16 Nov 2006) New Revision: 19734 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19734 Log: display LDAP error code nicer metze Modified: branches/SAMBA_4_0/source/libcli/util/nterr.c Changeset: Modified: branches/SAMBA_4_0/source/libcli/util/nterr.c === --- branches/SAMBA_4_0/source/libcli/util/nterr.c 2006-11-16 09:55:58 UTC (rev 19733) +++ branches/SAMBA_4_0/source/libcli/util/nterr.c 2006-11-16 10:37:21 UTC (rev 19734) @@ -22,6 +22,7 @@ #include includes.h #include pstring.h +#include libcli/ldap/ldap.h typedef struct { @@ -30,6 +31,7 @@ } nt_err_code_struct; #define DOS_CODE(class, code) { #class : #code, NT_STATUS_DOS(class, code) } +#define LDAP_CODE(code) { #code, NT_STATUS_LDAP(code) } static const nt_err_code_struct nt_errs[] = { @@ -671,6 +673,46 @@ DOS_CODE(ERRHRD, ERRsharebufexc), DOS_CODE(ERRHRD, ERRdiskfull), + LDAP_CODE(LDAP_SUCCESS), + LDAP_CODE(LDAP_OPERATIONS_ERROR), + LDAP_CODE(LDAP_PROTOCOL_ERROR), + LDAP_CODE(LDAP_TIME_LIMIT_EXCEEDED), + LDAP_CODE(LDAP_SIZE_LIMIT_EXCEEDED), + LDAP_CODE(LDAP_COMPARE_FALSE), + LDAP_CODE(LDAP_COMPARE_TRUE), + LDAP_CODE(LDAP_AUTH_METHOD_NOT_SUPPORTED), + LDAP_CODE(LDAP_STRONG_AUTH_REQUIRED), + LDAP_CODE(LDAP_REFERRAL), + LDAP_CODE(LDAP_ADMIN_LIMIT_EXCEEDED), + LDAP_CODE(LDAP_UNAVAILABLE_CRITICAL_EXTENSION), + LDAP_CODE(LDAP_CONFIDENTIALITY_REQUIRED), + LDAP_CODE(LDAP_SASL_BIND_IN_PROGRESS), + LDAP_CODE(LDAP_NO_SUCH_ATTRIBUTE), + LDAP_CODE(LDAP_UNDEFINED_ATTRIBUTE_TYPE), + LDAP_CODE(LDAP_INAPPROPRIATE_MATCHING), + LDAP_CODE(LDAP_CONSTRAINT_VIOLATION), + LDAP_CODE(LDAP_ATTRIBUTE_OR_VALUE_EXISTS), + LDAP_CODE(LDAP_INVALID_ATTRIBUTE_SYNTAX), + LDAP_CODE(LDAP_NO_SUCH_OBJECT), + LDAP_CODE(LDAP_ALIAS_PROBLEM), + LDAP_CODE(LDAP_INVALID_DN_SYNTAX), + LDAP_CODE(LDAP_ALIAS_DEREFERENCING_PROBLEM), + LDAP_CODE(LDAP_INAPPROPRIATE_AUTHENTICATION), + LDAP_CODE(LDAP_INVALID_CREDENTIALS), + LDAP_CODE(LDAP_INSUFFICIENT_ACCESS_RIGHTs), + LDAP_CODE(LDAP_BUSY), + LDAP_CODE(LDAP_UNAVAILABLE), + LDAP_CODE(LDAP_UNWILLING_TO_PERFORM), + LDAP_CODE(LDAP_LOOP_DETECT), + LDAP_CODE(LDAP_NAMING_VIOLATION), + LDAP_CODE(LDAP_OBJECT_CLASS_VIOLATION), + LDAP_CODE(LDAP_NOT_ALLOWED_ON_NON_LEAF), + LDAP_CODE(LDAP_NOT_ALLOWED_ON_RDN), + LDAP_CODE(LDAP_ENTRY_ALREADY_EXISTS), + LDAP_CODE(LDAP_OBJECT_CLASS_MODS_PROHIBITED), + LDAP_CODE(LDAP_AFFECTS_MULTIPLE_DSAS), + LDAP_CODE(LDAP_OTHER), + { NULL, NT_STATUS(0) } }; @@ -772,7 +814,6 @@ { NULL, NT_STATUS(0) } }; - /* returns an NT error message. not amazingly helpful, but better than a number. */ @@ -781,11 +822,6 @@ static char msg[40]; int idx = 0; - if (NT_STATUS_IS_LDAP(nt_code)) { - slprintf(msg, sizeof(msg), LDAP code %u, NT_STATUS_LDAP_CODE(nt_code)); - return msg; - } - while (nt_errs[idx].nt_errstr != NULL) { if (NT_STATUS_V(nt_errs[idx].nt_errcode) == NT_STATUS_V(nt_code)) { @@ -794,6 +830,11 @@ idx++; } + if (NT_STATUS_IS_LDAP(nt_code)) { + slprintf(msg, sizeof(msg), LDAP code %u, NT_STATUS_LDAP_CODE(nt_code)); + return msg; + } + slprintf(msg, sizeof(msg), NT code 0x%08x, NT_STATUS_V(nt_code)); return msg;
svn commit: samba r19735 - in branches/SAMBA_4_0/source/libcli/cldap: .
Author: metze Date: 2006-11-16 10:42:07 + (Thu, 16 Nov 2006) New Revision: 19735 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19735 Log: report the LDAP error code in the CLDAP replies to the caller metze Modified: branches/SAMBA_4_0/source/libcli/cldap/cldap.c Changeset: Modified: branches/SAMBA_4_0/source/libcli/cldap/cldap.c === --- branches/SAMBA_4_0/source/libcli/cldap/cldap.c 2006-11-16 10:37:21 UTC (rev 19734) +++ branches/SAMBA_4_0/source/libcli/cldap/cldap.c 2006-11-16 10:42:07 UTC (rev 19735) @@ -450,7 +450,7 @@ if (!ldap_decode(req-asn1, ldap_msg)) { talloc_free(req); - return NT_STATUS_INVALID_PARAMETER; + return NT_STATUS_LDAP(LDAP_PROTOCOL_ERROR); } ZERO_STRUCT(io-out); @@ -464,13 +464,13 @@ /* decode the 2nd part */ if (!ldap_decode(req-asn1, ldap_msg)) { talloc_free(req); - return NT_STATUS_INVALID_PARAMETER; + return NT_STATUS_LDAP(LDAP_PROTOCOL_ERROR); } } if (ldap_msg-type != LDAP_TAG_SearchResultDone) { talloc_free(req); - return NT_STATUS_UNEXPECTED_NETWORK_ERROR; + return NT_STATUS_LDAP(LDAP_PROTOCOL_ERROR); } io-out.result = talloc(mem_ctx, struct ldap_Result); @@ -478,6 +478,10 @@ *io-out.result = ldap_msg-r.SearchResultDone; talloc_free(req); + + if (io-out.result-resultcode != LDAP_SUCCESS) { + return NT_STATUS_LDAP(io-out.result-resultcode); + } return NT_STATUS_OK; }
svn commit: samba r19736 - in branches/SAMBA_4_0/source/cldap_server: .
Author: metze Date: 2006-11-16 10:47:15 + (Thu, 16 Nov 2006) New Revision: 19736 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19736 Log: handle rootdse call via CLDAP metze Added: branches/SAMBA_4_0/source/cldap_server/rootdse.c Modified: branches/SAMBA_4_0/source/cldap_server/cldap_server.c branches/SAMBA_4_0/source/cldap_server/config.mk branches/SAMBA_4_0/source/cldap_server/netlogon.c Changeset: Modified: branches/SAMBA_4_0/source/cldap_server/cldap_server.c === --- branches/SAMBA_4_0/source/cldap_server/cldap_server.c 2006-11-16 10:42:07 UTC (rev 19735) +++ branches/SAMBA_4_0/source/cldap_server/cldap_server.c 2006-11-16 10:47:15 UTC (rev 19736) @@ -29,6 +29,11 @@ #include cldap_server/cldap_server.h #include system/network.h #include lib/socket/netif.h +#include lib/ldb/include/ldb.h +#include lib/ldb/include/ldb_errors.h +#include dsdb/samdb/samdb.h +#include db_wrap.h +#include auth/auth.h /* handle incoming cldap requests @@ -41,21 +46,38 @@ if (ldap_msg-type != LDAP_TAG_SearchRequest) { DEBUG(0,(Invalid CLDAP request type %d from %s:%d\n, ldap_msg-type, src-addr, src-port)); + cldap_error_reply(cldap, ldap_msg-messageid, src, + LDAP_OPERATIONS_ERROR, Invalid CLDAP request); return; } search = ldap_msg-r.SearchRequest; + if (strcmp(, search-basedn) != 0) { + DEBUG(0,(Invalid CLDAP basedn '%s' from %s:%d\n, +search-basedn, src-addr, src-port)); + cldap_error_reply(cldap, ldap_msg-messageid, src, + LDAP_OPERATIONS_ERROR, Invalid CLDAP basedn); + return; + } + + if (search-scope != LDAP_SEARCH_SCOPE_BASE) { + DEBUG(0,(Invalid CLDAP scope %d from %s:%d\n, +search-scope, src-addr, src-port)); + cldap_error_reply(cldap, ldap_msg-messageid, src, + LDAP_OPERATIONS_ERROR, Invalid CLDAP scope); + return; + } + if (search-num_attributes == 1 strcasecmp(search-attributes[0], netlogon) == 0) { cldapd_netlogon_request(cldap, ldap_msg-messageid, search-tree, src); - } else { - DEBUG(0,(Unknown CLDAP search for '%s'\n, -ldb_filter_from_tree(ldap_msg, - ldap_msg-r.SearchRequest.tree))); - cldap_empty_reply(cldap, ldap_msg-messageid, src); + return; } + + cldapd_rootdse_request(cldap, ldap_msg-messageid, + search, src); } @@ -146,7 +168,11 @@ } cldapd-task = task; - cldapd-samctx = NULL; + cldapd-samctx = samdb_connect(cldapd, anonymous_session(cldapd)); + if (cldapd-samctx == NULL) { + task_server_terminate(task, cldapd failed to open samdb); + return; + } /* start listening on the configured network interfaces */ status = cldapd_startup_interfaces(cldapd); Modified: branches/SAMBA_4_0/source/cldap_server/config.mk === --- branches/SAMBA_4_0/source/cldap_server/config.mk2006-11-16 10:42:07 UTC (rev 19735) +++ branches/SAMBA_4_0/source/cldap_server/config.mk2006-11-16 10:47:15 UTC (rev 19736) @@ -8,7 +8,8 @@ PRIVATE_PROTO_HEADER = proto.h OBJ_FILES = \ cldap_server.o \ - netlogon.o + netlogon.o \ + rootdse.o PUBLIC_DEPENDENCIES = \ LIBCLI_CLDAP LIBNETIF process_model # End SUBSYSTEM CLDAPD Modified: branches/SAMBA_4_0/source/cldap_server/netlogon.c === --- branches/SAMBA_4_0/source/cldap_server/netlogon.c 2006-11-16 10:42:07 UTC (rev 19735) +++ branches/SAMBA_4_0/source/cldap_server/netlogon.c 2006-11-16 10:47:15 UTC (rev 19736) @@ -64,14 +64,6 @@ const char *pdc_ip; const struct ldb_dn *partitions_basedn; - if (cldapd-samctx == NULL) { - cldapd-samctx = samdb_connect(cldapd, anonymous_session(cldapd)); - if (cldapd-samctx == NULL) { - DEBUG(2,(Unable to open sam in cldap netlogon reply\n)); - return NT_STATUS_INTERNAL_DB_CORRUPTION; - } - } - partitions_basedn = samdb_partitions_dn(cldapd-samctx, mem_ctx); /* the domain has an optional trailing . */ Added: branches/SAMBA_4_0/source/cldap_server/rootdse.c === --- branches/SAMBA_4_0/source/cldap_server/rootdse.c2006-11-16 10:42:07 UTC
svn commit: samba r19737 - in branches/SAMBA_4_0/source/torture/ldap: .
Author: metze Date: 2006-11-16 10:48:51 + (Thu, 16 Nov 2006) New Revision: 19737 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19737 Log: - add some more CLDAP rootdse tests - don't ignore CLDAP rootdse errors anymore metze Modified: branches/SAMBA_4_0/source/torture/ldap/cldap.c Changeset: Modified: branches/SAMBA_4_0/source/torture/ldap/cldap.c === --- branches/SAMBA_4_0/source/torture/ldap/cldap.c 2006-11-16 10:47:15 UTC (rev 19736) +++ branches/SAMBA_4_0/source/torture/ldap/cldap.c 2006-11-16 10:48:51 UTC (rev 19737) @@ -210,7 +210,9 @@ NTSTATUS status; struct cldap_search search; BOOL ret = True; - const char *attrs[] = { currentTime, highestCommittedUSN, NULL }; + const char *attrs1[] = { currentTime, highestCommittedUSN, NULL }; + const char *attrs2[] = { currentTime, highestCommittedUSN, netlogon, NULL }; + const char *attrs3[] = { netlogon, NULL }; ZERO_STRUCT(search); search.in.dest_address = dest; @@ -231,23 +233,40 @@ printf(fetching currentTime and USN\n); search.in.filter = (objectclass=*); - search.in.attributes = attrs; + search.in.attributes = attrs1; status = cldap_search(cldap, mem_ctx, search); CHECK_STATUS(status, NT_STATUS_OK); if (DEBUGLVL(3)) cldap_dump_results(search); + printf(Testing currentTime, USN and netlogon\n); + search.in.filter = (objectclass=*); + search.in.attributes = attrs2; + + status = cldap_search(cldap, mem_ctx, search); + CHECK_STATUS(status, NT_STATUS_OK); + + if (DEBUGLVL(3)) cldap_dump_results(search); + + printf(Testing objectClass=* and netlogon\n); + search.in.filter = (objectclass2=*); + search.in.attributes = attrs2; + + status = cldap_search(cldap, mem_ctx, search); + CHECK_STATUS(status, NT_STATUS_OK); + + if (DEBUGLVL(3)) cldap_dump_results(search); + printf(Testing a false expression\n); search.in.filter = ((objectclass=*)(highestCommittedUSN=2)); - search.in.attributes = attrs; + search.in.attributes = attrs1; status = cldap_search(cldap, mem_ctx, search); CHECK_STATUS(status, NT_STATUS_OK); - - if (DEBUGLVL(3)) cldap_dump_results(search); - + if (DEBUGLVL(3)) cldap_dump_results(search); + done: return ret; } @@ -261,10 +280,8 @@ mem_ctx = talloc_init(torture_cldap); ret = test_cldap_netlogon(mem_ctx, host); + ret = test_cldap_generic(mem_ctx, host); - /* at the moment don't consider this failing to be a failure */ - test_cldap_generic(mem_ctx, host); - talloc_free(mem_ctx); return ret;
svn commit: samba r19738 - in branches/SAMBA_4_0/source: .
Author: metze Date: 2006-11-16 10:52:17 + (Thu, 16 Nov 2006) New Revision: 19738 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19738 Log: tp3 is already released, so we have tp4-svn now metze Modified: branches/SAMBA_4_0/source/VERSION Changeset: Modified: branches/SAMBA_4_0/source/VERSION === --- branches/SAMBA_4_0/source/VERSION 2006-11-16 10:48:51 UTC (rev 19737) +++ branches/SAMBA_4_0/source/VERSION 2006-11-16 10:52:17 UTC (rev 19738) @@ -47,7 +47,7 @@ # e.g. SAMBA_VERSION_TP_RELEASE=1 # # - 4.0.0tp1 # -SAMBA_VERSION_TP_RELEASE=3 +SAMBA_VERSION_TP_RELEASE=4 # For 'pre' releases the version will be #
svn commit: samba r19739 - in branches/SAMBA_3_0/source/lib/ldb/common: .
Author: metze Date: 2006-11-16 11:02:34 + (Thu, 16 Nov 2006) New Revision: 19739 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19739 Log: fix compiler warning metze Modified: branches/SAMBA_3_0/source/lib/ldb/common/ldb_attributes.c Changeset: Modified: branches/SAMBA_3_0/source/lib/ldb/common/ldb_attributes.c === --- branches/SAMBA_3_0/source/lib/ldb/common/ldb_attributes.c 2006-11-16 10:52:17 UTC (rev 19738) +++ branches/SAMBA_3_0/source/lib/ldb/common/ldb_attributes.c 2006-11-16 11:02:34 UTC (rev 19739) @@ -141,7 +141,7 @@ return; } if (h-flags LDB_ATTR_FLAG_ALLOCATED) { - talloc_free(h-attr); + talloc_free(discard_const_p(char, h-attr)); } i = h - ldb-schema.attrib_handlers; if (i ldb-schema.num_attrib_handlers - 1) {
svn commit: samba r19740 - in branches/SAMBA_4_0/source/lib/ldb/common: .
Author: metze Date: 2006-11-16 11:05:37 + (Thu, 16 Nov 2006) New Revision: 19740 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19740 Log: fix compiler warning metze Modified: branches/SAMBA_4_0/source/lib/ldb/common/ldb_attributes.c Changeset: Modified: branches/SAMBA_4_0/source/lib/ldb/common/ldb_attributes.c === --- branches/SAMBA_4_0/source/lib/ldb/common/ldb_attributes.c 2006-11-16 11:02:34 UTC (rev 19739) +++ branches/SAMBA_4_0/source/lib/ldb/common/ldb_attributes.c 2006-11-16 11:05:37 UTC (rev 19740) @@ -141,7 +141,7 @@ return; } if (h-flags LDB_ATTR_FLAG_ALLOCATED) { - talloc_free(h-attr); + talloc_free(discard_const_p(char, h-attr)); } i = h - ldb-schema.attrib_handlers; if (i ldb-schema.num_attrib_handlers - 1) {
svn commit: samba r19741 - in branches/SAMBA_3_0/source/lib/ldb/common: .
Author: metze Date: 2006-11-16 11:11:09 + (Thu, 16 Nov 2006) New Revision: 19741 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19741 Log: fix compiler warnings metze Modified: branches/SAMBA_3_0/source/lib/ldb/common/attrib_handlers.c Changeset: Modified: branches/SAMBA_3_0/source/lib/ldb/common/attrib_handlers.c === --- branches/SAMBA_3_0/source/lib/ldb/common/attrib_handlers.c 2006-11-16 11:05:37 UTC (rev 19740) +++ branches/SAMBA_3_0/source/lib/ldb/common/attrib_handlers.c 2006-11-16 11:11:09 UTC (rev 19741) @@ -154,7 +154,8 @@ const struct ldb_val *v1, const struct ldb_val *v2) { const char *s1=(const char *)v1-data, *s2=(const char *)v2-data; - char *b1, *b2, *u1, *u2; + const char *u1, *u2; + char *b1, *b2; int ret; while (*s1 == ' ') s1++; while (*s2 == ' ') s2++; @@ -185,11 +186,14 @@ utf8str: /* no need to recheck from the start, just from the first utf8 char found */ - b1 = u1 = ldb_casefold(ldb, mem_ctx, s1); - b2 = u2 = ldb_casefold(ldb, mem_ctx, s2); + b1 = ldb_casefold(ldb, mem_ctx, s1); + b2 = ldb_casefold(ldb, mem_ctx, s2); - if (u1 u2) { + if (b1 b2) { /* Both strings converted correctly */ + + u1 = b1; + u2 = b2; } else { /* One of the strings was not UTF8, so we have no options but to do a binary compare */
svn commit: samba r19742 - in branches/SAMBA_4_0/source/lib/ldb/common: .
Author: metze Date: 2006-11-16 11:11:30 + (Thu, 16 Nov 2006) New Revision: 19742 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19742 Log: fix compiler warnings metze Modified: branches/SAMBA_4_0/source/lib/ldb/common/attrib_handlers.c Changeset: Modified: branches/SAMBA_4_0/source/lib/ldb/common/attrib_handlers.c === --- branches/SAMBA_4_0/source/lib/ldb/common/attrib_handlers.c 2006-11-16 11:11:09 UTC (rev 19741) +++ branches/SAMBA_4_0/source/lib/ldb/common/attrib_handlers.c 2006-11-16 11:11:30 UTC (rev 19742) @@ -154,7 +154,8 @@ const struct ldb_val *v1, const struct ldb_val *v2) { const char *s1=(const char *)v1-data, *s2=(const char *)v2-data; - char *b1, *b2, *u1, *u2; + const char *u1, *u2; + char *b1, *b2; int ret; while (*s1 == ' ') s1++; while (*s2 == ' ') s2++; @@ -185,11 +186,14 @@ utf8str: /* no need to recheck from the start, just from the first utf8 char found */ - b1 = u1 = ldb_casefold(ldb, mem_ctx, s1); - b2 = u2 = ldb_casefold(ldb, mem_ctx, s2); + b1 = ldb_casefold(ldb, mem_ctx, s1); + b2 = ldb_casefold(ldb, mem_ctx, s2); - if (u1 u2) { + if (b1 b2) { /* Both strings converted correctly */ + + u1 = b1; + u2 = b2; } else { /* One of the strings was not UTF8, so we have no options but to do a binary compare */
svn commit: samba r19743 - in branches/SAMBA_4_0/source/lib/ldb: . common modules
Author: metze Date: 2006-11-16 11:15:02 + (Thu, 16 Nov 2006) New Revision: 19743 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19743 Log: merge from samba3: remove old unused schema module metze Removed: branches/SAMBA_4_0/source/lib/ldb/modules/schema.c Modified: branches/SAMBA_4_0/source/lib/ldb/Makefile.in branches/SAMBA_4_0/source/lib/ldb/common/ldb_modules.c branches/SAMBA_4_0/source/lib/ldb/config.mk Changeset: Sorry, the patch is too large (542 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19743
svn commit: samba r19744 - in branches/SAMBA_3_0/source/lib/ldb: common include modules
Author: metze Date: 2006-11-16 11:18:05 + (Thu, 16 Nov 2006) New Revision: 19744 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19744 Log: merge from samba4 metze Modified: branches/SAMBA_3_0/source/lib/ldb/common/ldb_msg.c branches/SAMBA_3_0/source/lib/ldb/include/ldb_private.h branches/SAMBA_3_0/source/lib/ldb/modules/ldb_map.c branches/SAMBA_3_0/source/lib/ldb/modules/ldb_map_outbound.c branches/SAMBA_3_0/source/lib/ldb/modules/ldb_map_private.h Changeset: Sorry, the patch is too large (545 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19744
svn commit: samba r19745 - in branches: SAMBA_3_0/examples/misc SAMBA_3_0_24/examples/misc
Author: gd Date: 2006-11-16 11:55:16 + (Thu, 16 Nov 2006) New Revision: 19745 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19745 Log: For the fun of it, add an CLDAP client written in perl. Guenther Added: branches/SAMBA_3_0/examples/misc/cldap.pl branches/SAMBA_3_0_24/examples/misc/cldap.pl Changeset: Sorry, the patch is too large (955 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19745
svn commit: samba r19746 - in branches/SAMBA_3_0_24/source/libads: .
Author: gd Date: 2006-11-16 17:57:01 + (Thu, 16 Nov 2006) New Revision: 19746 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19746 Log: Older LDAP libs (SLES8) don't have LDAP_SCOPE_ONE. Guenther Modified: branches/SAMBA_3_0_24/source/libads/ldap.c Changeset: Modified: branches/SAMBA_3_0_24/source/libads/ldap.c === --- branches/SAMBA_3_0_24/source/libads/ldap.c 2006-11-16 11:55:16 UTC (rev 19745) +++ branches/SAMBA_3_0_24/source/libads/ldap.c 2006-11-16 17:57:01 UTC (rev 19746) @@ -2968,7 +2968,7 @@ /* we only search with scope ONE, we do not expect any further * objects to be created deeper */ - status = ads_do_search_retry(ads, hostnameDN, LDAP_SCOPE_ONE, + status = ads_do_search_retry(ads, hostnameDN, LDAP_SCOPE_ONELEVEL, (objectclass=*), attrs, res); if (!ADS_ERR_OK(status)) { @@ -3001,7 +3001,7 @@ } /* there should be no subordinate objects anymore */ - status = ads_do_search_retry(ads, hostnameDN, LDAP_SCOPE_ONE, + status = ads_do_search_retry(ads, hostnameDN, LDAP_SCOPE_ONELEVEL, (objectclass=*), attrs, res); if (!ADS_ERR_OK(status) || ( (ads_count_replies(ads, res)) 0 ) ) {
svn commit: samba r19747 - in branches/SAMBA_3_0/source: .
Author: lmuelle Date: 2006-11-16 18:16:57 + (Thu, 16 Nov 2006) New Revision: 19747 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19747 Log: Ensure to link with the required objects. Modified: branches/SAMBA_3_0/source/Makefile.in Changeset: Modified: branches/SAMBA_3_0/source/Makefile.in === --- branches/SAMBA_3_0/source/Makefile.in 2006-11-16 17:57:01 UTC (rev 19746) +++ branches/SAMBA_3_0/source/Makefile.in 2006-11-16 18:16:57 UTC (rev 19747) @@ -1551,7 +1551,7 @@ bin/[EMAIL PROTECTED]@: $(PAM_SMBPASS_OBJ) @echo Linking shared library $@ - @$(SHLD) $(LDSHFLAGS) -o $@ $(PAM_SMBPASS_OBJ) -lpam $(DYNEXP) $(LIBS) $(LDAP_LIBS) $(KRB5LIBS) + @$(SHLD) $(LDSHFLAGS) -o $@ $(PAM_SMBPASS_OBJ) -lpam $(DYNEXP) $(LIBS) $(LDAP_LIBS) $(KRB5LIBS) $(NSCD_LIBS) bin/[EMAIL PROTECTED]@: $(TDBBACKUP_OBJ) bin/.dummy @echo Linking $@
svn commit: samba r19748 - in branches/SAMBA_3_0/source: .
Author: lmuelle Date: 2006-11-16 18:29:36 + (Thu, 16 Nov 2006) New Revision: 19748 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19748 Log: Ensure to link against the required libraries. Modified: branches/SAMBA_3_0/source/Makefile.in Changeset: Modified: branches/SAMBA_3_0/source/Makefile.in === --- branches/SAMBA_3_0/source/Makefile.in 2006-11-16 18:16:57 UTC (rev 19747) +++ branches/SAMBA_3_0/source/Makefile.in 2006-11-16 18:29:36 UTC (rev 19748) @@ -1202,7 +1202,7 @@ bin/[EMAIL PROTECTED]@: $(LIBSMBCLIENT_OBJ) @echo Linking libsmbclient shared library $@ @$(SHLD) $(LDSHFLAGS) -o $@ $(LIBSMBCLIENT_OBJ) $(LDFLAGS) $(LIBS) \ - $(KRB5LIBS) $(LDAP_LIBS) \ + $(KRB5LIBS) $(LDAP_LIBS) $(NSCD_LIBS) \ @[EMAIL PROTECTED] [EMAIL PROTECTED](LIBSMBCLIENT_MAJOR) bin/libsmbclient.a: $(LIBSMBCLIENT_OBJ)
svn commit: samba r19749 - in branches/SAMBA_3_0_24/source: . include lib modules smbd
Author: jmcd Date: 2006-11-16 18:44:26 + (Thu, 16 Nov 2006) New Revision: 19749 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19749 Log: Merge acl vfs changes, including nfs4 acl support, from SAMBA_3_0 Added: branches/SAMBA_3_0_24/source/modules/README.nfs4acls.txt branches/SAMBA_3_0_24/source/modules/nfs4_acls.c branches/SAMBA_3_0_24/source/modules/nfs4_acls.h branches/SAMBA_3_0_24/source/modules/vfs_aixacl.c branches/SAMBA_3_0_24/source/modules/vfs_aixacl2.c branches/SAMBA_3_0_24/source/modules/vfs_aixacl_util.c branches/SAMBA_3_0_24/source/modules/vfs_hpuxacl.c branches/SAMBA_3_0_24/source/modules/vfs_irixacl.c branches/SAMBA_3_0_24/source/modules/vfs_posixacl.c branches/SAMBA_3_0_24/source/modules/vfs_solarisacl.c branches/SAMBA_3_0_24/source/modules/vfs_tru64acl.c Modified: branches/SAMBA_3_0_24/source/Makefile.in branches/SAMBA_3_0_24/source/configure.in branches/SAMBA_3_0_24/source/include/smb_acls.h branches/SAMBA_3_0_24/source/lib/sysacls.c branches/SAMBA_3_0_24/source/modules/vfs_afsacl.c branches/SAMBA_3_0_24/source/smbd/posix_acls.c branches/SAMBA_3_0_24/source/smbd/vfs-wrap.c Changeset: Sorry, the patch is too large (7779 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19749
svn commit: samba-docs r994 - in trunk/Samba3-ByExample: .
Author: jht Date: 2006-11-16 19:01:25 + (Thu, 16 Nov 2006) New Revision: 994 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=994 Log: Update from M?\195?\165rten Svantesson - [EMAIL PROTECTED] Modified: trunk/Samba3-ByExample/SBE-KerberosFastStart.xml Changeset: Modified: trunk/Samba3-ByExample/SBE-KerberosFastStart.xml === --- trunk/Samba3-ByExample/SBE-KerberosFastStart.xml2006-11-14 21:03:54 UTC (rev 993) +++ trunk/Samba3-ByExample/SBE-KerberosFastStart.xml2006-11-16 19:01:25 UTC (rev 994) @@ -923,10 +923,11 @@ Kerberos was, until recently, a technology that was restricted from being exported from the United States. For many years that hindered global adoption of more secure networking technologies both within the United States and abroad. A free and unencumbered implementation of MIT Kerberos has been produced in Europe - and is available from the University of Paderborn, Sweden. It is known as the Heimdal Kerberos project. - In recent times the U.S. government has removed sanctions affecting the global distribution of MIT Kerberos. - It is likely that there will be a significant surge forward in the development of Kerberos-enabled applications - and in the general deployment and use of Kerberos across the spectrum of the information technology industry. + and is available from the ulink url=http://www.pdc.kth.se/heimdal/;Royal Institute/ulink of + Technology (KTH), Sweden. It is known as the Heimdal Kerberos project. In recent times the U.S. government + has removed sanctions affecting the global distribution of MIT Kerberos. It is likely that there will be a + significant surge forward in the development of Kerberos-enabled applications and in the general deployment + and use of Kerberos across the spectrum of the information technology industry. /para para
svn commit: samba r19750 - in branches/SAMBA_3_0_24/source/nsswitch: .
Author: jra Date: 2006-11-16 20:10:22 + (Thu, 16 Nov 2006) New Revision: 19750 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19750 Log: Fix tdb_backup call. Jeremy. Modified: branches/SAMBA_3_0_24/source/nsswitch/winbindd_util.c Changeset: Modified: branches/SAMBA_3_0_24/source/nsswitch/winbindd_util.c === --- branches/SAMBA_3_0_24/source/nsswitch/winbindd_util.c 2006-11-16 18:44:26 UTC (rev 19749) +++ branches/SAMBA_3_0_24/source/nsswitch/winbindd_util.c 2006-11-16 20:10:22 UTC (rev 19750) @@ -1229,7 +1229,7 @@ pstrcpy(backup_name, idmap_name); pstrcat(backup_name, .bak); - if (backup_tdb(idmap_name, backup_name) != 0) { + if (backup_tdb(idmap_name, backup_name, 0) != 0) { DEBUG(0, (Could not backup idmap database\n)); return False; }
svn commit: samba r19751 - in branches/SAMBA_4_0/source/pidl/tests: .
Author: jelmer Date: 2006-11-16 22:11:32 + (Thu, 16 Nov 2006) New Revision: 19751 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19751 Log: Add some tests for parsing the include, import and importlib statements. Modified: branches/SAMBA_4_0/source/pidl/tests/parse_idl.pl Changeset: Modified: branches/SAMBA_4_0/source/pidl/tests/parse_idl.pl === --- branches/SAMBA_4_0/source/pidl/tests/parse_idl.pl 2006-11-16 20:10:22 UTC (rev 19750) +++ branches/SAMBA_4_0/source/pidl/tests/parse_idl.pl 2006-11-16 22:11:32 UTC (rev 19751) @@ -4,7 +4,7 @@ # Published under the GNU General Public License use strict; -use Test::More tests = 51; +use Test::More tests = 59; use FindBin qw($RealBin); use lib $RealBin/../lib; use Parse::Pidl::IDL; @@ -80,3 +80,11 @@ testok emptystructdecl, interface test { struct x; };; testok emptyenumdecl, interface test { enum x; };; testok emptytdstructdecl, interface test { typedef struct x y; };; +testok import, import \foo.idl\;; +testok include, include \foo.h\;; +testfail import-noquotes, import foo.idl;; +testfail include-noquotes, include foo.idl;; +testok importlib, importlib \foo.idl\;; +testfail import-nosemicolon, import \foo.idl\; +testok import-multiple, import \foo.idl\, \bar.idl\;; +testok include-multiple, include \foo.idl\, \bar.idl\;;
svn commit: samba r19752 - in branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl: . Samba4 Samba4/NDR Wireshark
Author: jelmer Date: 2006-11-16 22:13:44 + (Thu, 16 Nov 2006) New Revision: 19752 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19752 Log: Remove support for the `depends' attribute (use import) instead. Modified: branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/NDR.pm branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba4/EJS.pm branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba4/Header.pm branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Wireshark/NDR.pm Changeset: Modified: branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/NDR.pm === --- branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/NDR.pm2006-11-16 22:11:32 UTC (rev 19751) +++ branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/NDR.pm2006-11-16 22:13:44 UTC (rev 19752) @@ -766,7 +766,6 @@ endpoint = [INTERFACE], pointer_default = [INTERFACE], pointer_default_top = [INTERFACE], - depends = [INTERFACE], helper= [INTERFACE], authservice = [INTERFACE], @@ -1045,10 +1044,6 @@ my($interface) = shift; my($data) = $interface-{DATA}; - if (has_property($interface, depends)) { - nonfatal $interface, depends() is pidl-specific and deprecated. Use `import' instead; - } - if (has_property($interface, helper)) { nonfatal $interface, helper() is pidl-specific and deprecated. Use `include' instead; } Modified: branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba4/EJS.pm === --- branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba4/EJS.pm 2006-11-16 22:11:32 UTC (rev 19751) +++ branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba4/EJS.pm 2006-11-16 22:13:44 UTC (rev 19752) @@ -753,10 +753,6 @@ pidl_hdr #ifndef _HEADER_EJS_$interface-{NAME}\n; pidl_hdr #define _HEADER_EJS_$interface-{NAME}\n\n; - if (has_property($interface, depends)) { - EjsImport(split / /, $interface-{PROPERTIES}-{depends}); - } - pidl_hdr \n; foreach my $d (@{$interface-{TYPES}}) { Modified: branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba4/Header.pm === --- branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba4/Header.pm 2006-11-16 22:11:32 UTC (rev 19751) +++ branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba4/Header.pm 2006-11-16 22:13:44 UTC (rev 19752) @@ -334,10 +334,6 @@ pidl #ifndef _HEADER_$interface-{NAME}\n; pidl #define _HEADER_$interface-{NAME}\n\n; - if (defined $interface-{PROPERTIES}-{depends}) { - HeaderImport(split / /, $interface-{PROPERTIES}-{depends}); - } - foreach my $d (@{$interface-{DATA}}) { next if ($d-{TYPE} ne CONST); HeaderConst($d); Modified: branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm === --- branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm 2006-11-16 22:11:32 UTC (rev 19751) +++ branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm 2006-11-16 22:13:44 UTC (rev 19752) @@ -2258,10 +2258,6 @@ pidl choose_header(librpc/gen_ndr/ndr_orpc.h, ndr/orpc.h); } - if (defined $interface-{PROPERTIES}-{depends}) { - HeaderImport(split / /, $interface-{PROPERTIES}-{depends}); - } - if (defined $interface-{PROPERTIES}-{helper}) { HeaderInclude(split / /, $interface-{PROPERTIES}-{helper}); } Modified: branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Wireshark/NDR.pm === --- branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Wireshark/NDR.pm 2006-11-16 22:11:32 UTC (rev 19751) +++ branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Wireshark/NDR.pm 2006-11-16 22:13:44 UTC (rev 19752) @@ -747,9 +747,6 @@ pidl_hdr #define $define; pidl_hdr ; - ProcessImport(split / /, $x-{PROPERTIES}-{depends}) if -(defined $x-{PROPERTIES}-{depends}); - pidl_def static gint proto_dcerpc_$x-{NAME} = -1;; register_ett(ett_dcerpc_$x-{NAME}); register_hf_field(hf_$x-{NAME}_opnum, Operation, $x-{NAME}.opnum, FT_UINT16, BASE_DEC, NULL, 0, );
svn commit: samba r19753 - in branches/SAMBA_4_0/source/libnet: .
Author: mimir Date: 2006-11-16 23:40:35 + (Thu, 16 Nov 2006) New Revision: 19753 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19753 Log: verify result of received request before sending the next one. I don't know why I forgot this... rafal Modified: branches/SAMBA_4_0/source/libnet/libnet_user.c Changeset: Modified: branches/SAMBA_4_0/source/libnet/libnet_user.c === --- branches/SAMBA_4_0/source/libnet/libnet_user.c 2006-11-16 22:13:44 UTC (rev 19752) +++ branches/SAMBA_4_0/source/libnet/libnet_user.c 2006-11-16 23:40:35 UTC (rev 19753) @@ -986,6 +986,7 @@ /* receive lsa domain handle */ c-status = libnet_DomainOpen_recv(ctx, s-ctx, c, s-domain_open); + if (!composite_is_ok(c)) return; /* prepare arguments */ s-user_list.in.handle = s-ctx-lsa.handle;
svn commit: samba r19754 - in branches/SAMBA_3_0/source: include libsmb nsswitch utils
Author: jerry Date: 2006-11-16 23:48:46 + (Thu, 16 Nov 2006) New Revision: 19754 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19754 Log: * When using a krb5 session setup, we don't fill in the server_name string the clis_state struct. So call saf_store() after we have the short domain name in the lsa_query_inof_policy code. * Remove unused server string in saf_delete() Modified: branches/SAMBA_3_0/source/include/includes.h branches/SAMBA_3_0/source/libsmb/namequery.c branches/SAMBA_3_0/source/nsswitch/winbindd_cm.c branches/SAMBA_3_0/source/utils/net_ads.c branches/SAMBA_3_0/source/utils/net_domain.c Changeset: Modified: branches/SAMBA_3_0/source/include/includes.h === --- branches/SAMBA_3_0/source/include/includes.h2006-11-16 23:40:35 UTC (rev 19753) +++ branches/SAMBA_3_0/source/include/includes.h2006-11-16 23:48:46 UTC (rev 19754) @@ -178,6 +178,9 @@ #ifndef LDAP_OPT_SUCCESS #define LDAP_OPT_SUCCESS 0 #endif +#ifndef LDAP_SCOPE_ONELEVEL +#define LDAP_SCOPE_ONELEVEL 1 +#endif /* Solaris 8 and maybe other LDAP implementations spell this ..._INPROGRESS: */ #if defined(LDAP_SASL_BIND_INPROGRESS) !defined(LDAP_SASL_BIND_IN_PROGRESS) #define LDAP_SASL_BIND_IN_PROGRESS LDAP_SASL_BIND_INPROGRESS Modified: branches/SAMBA_3_0/source/libsmb/namequery.c === --- branches/SAMBA_3_0/source/libsmb/namequery.c2006-11-16 23:40:35 UTC (rev 19753) +++ branches/SAMBA_3_0/source/libsmb/namequery.c2006-11-16 23:48:46 UTC (rev 19754) @@ -15,8 +15,7 @@ You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ #include includes.h @@ -24,7 +23,6 @@ /* nmbd.c sets this to True. */ BOOL global_in_nmbd = False; - / * SERVER AFFINITY ROUTINES * / @@ -82,13 +80,13 @@ return ret; } -BOOL saf_delete( const char *domain, const char *servername ) +BOOL saf_delete( const char *domain ) { char *key; BOOL ret = False; - if ( !domain || !servername ) { - DEBUG(2,(saf_delete: Refusing to store empty domain or servername!\n)); + if ( !domain ) { + DEBUG(2,(saf_delete: Refusing to delete empty domain\n)); return False; } @@ -99,10 +97,11 @@ ret = gencache_del(key); if (ret) { - DEBUG(10,(saf_delete: domain = [%s], server = [%s]\n, - domain, servername)); + DEBUG(10,(saf_delete: domain = [%s]\n, domain )); } + SAFE_FREE( key ); + return ret; } Modified: branches/SAMBA_3_0/source/nsswitch/winbindd_cm.c === --- branches/SAMBA_3_0/source/nsswitch/winbindd_cm.c2006-11-16 23:40:35 UTC (rev 19753) +++ branches/SAMBA_3_0/source/nsswitch/winbindd_cm.c2006-11-16 23:48:46 UTC (rev 19754) @@ -258,10 +258,10 @@ add_failed_connection_entry(domain-name, server, result); /* If this was the saf name for the last thing we talked to, remove it. */ - saf_delete(domain-name, server); + saf_delete(domain-name); if (*domain-alt_name) { add_failed_connection_entry(domain-alt_name, server, result); - saf_delete(domain-alt_name, server); + saf_delete(domain-alt_name); } } Modified: branches/SAMBA_3_0/source/utils/net_ads.c === --- branches/SAMBA_3_0/source/utils/net_ads.c 2006-11-16 23:40:35 UTC (rev 19753) +++ branches/SAMBA_3_0/source/utils/net_ads.c 2006-11-16 23:48:46 UTC (rev 19754) @@ -819,6 +819,7 @@ struct cli_state *cli = NULL; TALLOC_CTX *ctx; DOM_SID *dom_sid = NULL; + char *short_domain_name = NULL; if (!secrets_init()) { DEBUG(1,(Failed to initialise secrets database\n)); @@ -845,15 +846,15 @@ goto done; } - saf_store( cli-server_domain, cli-desthost ); - - if ( !NT_STATUS_IS_OK(netdom_get_domain_sid( ctx, cli, dom_sid )) ) { + if ( !NT_STATUS_IS_OK(netdom_get_domain_sid( ctx, cli, short_domain_name, dom_sid )) ) { goto done; } + saf_delete( short_domain_name ); + status = netdom_leave_domain(ctx, cli, dom_sid); - /* Ty and delete it via LDAP - the old way we used to. */ + /* Try and delete it via LDAP - the old way we used to. */ adsret = ads_leave_realm(ads, global_myname()); if
svn commit: samba r19755 - in branches/SAMBA_3_0_24/source/include: .
Author: jerry Date: 2006-11-16 23:56:52 + (Thu, 16 Nov 2006) New Revision: 19755 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19755 Log: always make LDAP_SCOPE_ONELEVEL available Modified: branches/SAMBA_3_0_24/source/include/includes.h Changeset: Modified: branches/SAMBA_3_0_24/source/include/includes.h === --- branches/SAMBA_3_0_24/source/include/includes.h 2006-11-16 23:48:46 UTC (rev 19754) +++ branches/SAMBA_3_0_24/source/include/includes.h 2006-11-16 23:56:52 UTC (rev 19755) @@ -461,6 +461,9 @@ #ifndef LDAP_OPT_SUCCESS #define LDAP_OPT_SUCCESS 0 #endif +#ifndef LDAP_SCOPE_ONELEVEL +#define LDAP_SCOPE_ONELEVEL 1 +#endif /* Solaris 8 and maybe other LDAP implementations spell this ..._INPROGRESS: */ #if defined(LDAP_SASL_BIND_INPROGRESS) !defined(LDAP_SASL_BIND_IN_PROGRESS) #define LDAP_SASL_BIND_IN_PROGRESS LDAP_SASL_BIND_INPROGRESS
svn commit: samba r19756 - in branches/SAMBA_3_0_24/source: libsmb nsswitch utils
Author: jerry Date: 2006-11-16 23:58:30 + (Thu, 16 Nov 2006) New Revision: 19756 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19756 Log: Port server affinity fix from SAMBA_3_0: * When using a krb5 session setup, we don't fill in the server_name string the clis_state struct. So call saf_store() after we have the short domain name in the lsa_query_inof_policy code. * Remove unused server string in saf_delete() Modified: branches/SAMBA_3_0_24/source/libsmb/namequery.c branches/SAMBA_3_0_24/source/nsswitch/winbindd_cm.c branches/SAMBA_3_0_24/source/utils/net_ads.c branches/SAMBA_3_0_24/source/utils/net_domain.c Changeset: Modified: branches/SAMBA_3_0_24/source/libsmb/namequery.c === --- branches/SAMBA_3_0_24/source/libsmb/namequery.c 2006-11-16 23:56:52 UTC (rev 19755) +++ branches/SAMBA_3_0_24/source/libsmb/namequery.c 2006-11-16 23:58:30 UTC (rev 19756) @@ -15,8 +15,7 @@ You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ #include includes.h @@ -24,7 +23,6 @@ /* nmbd.c sets this to True. */ BOOL global_in_nmbd = False; - / * SERVER AFFINITY ROUTINES * / @@ -77,13 +75,13 @@ return ret; } -BOOL saf_delete( const char *domain, const char *servername ) +BOOL saf_delete( const char *domain ) { char *key; BOOL ret = False; - if ( !domain || !servername ) { - DEBUG(2,(saf_delete: Refusing to store empty domain or servername!\n)); + if ( !domain ) { + DEBUG(2,(saf_delete: Refusing to delete empty domain\n)); return False; } @@ -94,10 +92,11 @@ ret = gencache_del(key); if (ret) { - DEBUG(10,(saf_delete: domain = [%s], server = [%s]\n, - domain, servername)); + DEBUG(10,(saf_delete: domain = [%s]\n, domain )); } + SAFE_FREE( key ); + return ret; } Modified: branches/SAMBA_3_0_24/source/nsswitch/winbindd_cm.c === --- branches/SAMBA_3_0_24/source/nsswitch/winbindd_cm.c 2006-11-16 23:56:52 UTC (rev 19755) +++ branches/SAMBA_3_0_24/source/nsswitch/winbindd_cm.c 2006-11-16 23:58:30 UTC (rev 19756) @@ -258,10 +258,10 @@ add_failed_connection_entry(domain-name, server, result); /* If this was the saf name for the last thing we talked to, remove it. */ - saf_delete(domain-name, server); + saf_delete(domain-name); if (*domain-alt_name) { add_failed_connection_entry(domain-alt_name, server, result); - saf_delete(domain-alt_name, server); + saf_delete(domain-alt_name); } } Modified: branches/SAMBA_3_0_24/source/utils/net_ads.c === --- branches/SAMBA_3_0_24/source/utils/net_ads.c2006-11-16 23:56:52 UTC (rev 19755) +++ branches/SAMBA_3_0_24/source/utils/net_ads.c2006-11-16 23:58:30 UTC (rev 19756) @@ -803,6 +803,7 @@ struct cli_state *cli = NULL; TALLOC_CTX *ctx; DOM_SID *dom_sid = NULL; + char *short_domain_name = NULL; if (!secrets_init()) { DEBUG(1,(Failed to initialise secrets database\n)); @@ -829,12 +830,14 @@ goto done; } - saf_store( cli-server_domain, cli-desthost ); - - if ( !NT_STATUS_IS_OK(netdom_get_domain_sid( ctx, cli, dom_sid )) ) { + if ( !NT_STATUS_IS_OK(netdom_get_domain_sid( ctx, cli, + short_domain_name, dom_sid )) ) + { goto done; } + saf_delete( short_domain_name ); + status = netdom_leave_domain(ctx, cli, dom_sid); /* Ty and delete it via LDAP - the old way we used to. */ @@ -940,7 +943,7 @@ / static int net_join_domain( TALLOC_CTX *ctx, const char *servername, - struct in_addr *ip, DOM_SID **dom_sid, const char *password ) + struct in_addr *ip, char **domain, DOM_SID **dom_sid, const char *password ) { int ret = -1; struct cli_state *cli = NULL; @@ -948,11 +951,11 @@ if ( !NT_STATUS_IS_OK(connect_to_ipc_krb5(cli, ip, servername)) ) goto done; - saf_store( cli-server_domain, cli-desthost ); - - if ( !NT_STATUS_IS_OK(netdom_get_domain_sid( ctx, cli, dom_sid )) ) + if ( !NT_STATUS_IS_OK(netdom_get_domain_sid( ctx, cli, domain, dom_sid )) ) goto
Build status as of Fri Nov 17 00:00:02 2006
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2006-11-16 00:00:26.0 + +++ /home/build/master/cache/broken_results.txt 2006-11-17 00:01:00.0 + @@ -1,20 +1,20 @@ -Build status as of Thu Nov 16 00:00:01 2006 +Build status as of Fri Nov 17 00:00:02 2006 Build counts: Tree Total Broken Panic SOC 0 0 0 build_farm 0 0 0 -ccache 42 8 0 +ccache 41 8 0 distcc 3 0 0 ldb 40 1 0 libreplace 38 2 0 lorikeet-heimdal 34 18 0 ppp 17 0 0 -rsync41 5 0 +rsync42 5 0 samba0 0 0 samba-docs 0 0 0 samba4 41 17 0 -samba_3_042 14 0 +samba_3_042 12 0 smb-build38 2 0 talloc 42 3 0 tdb 41 2 0
svn commit: samba r19757 - in branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules: .
Author: abartlet Date: 2006-11-17 01:21:13 + (Fri, 17 Nov 2006) New Revision: 19757 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19757 Log: Don't do the strrchr twice. Pointed out by Martin Kuhl. Andrew Bartlett Modified: branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/samba3sam.c Changeset: Modified: branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/samba3sam.c === --- branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/samba3sam.c 2006-11-16 23:58:30 UTC (rev 19756) +++ branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/samba3sam.c 2006-11-17 01:21:13 UTC (rev 19757) @@ -70,7 +70,7 @@ el-name = talloc_strdup(ctx, primaryGroupID); el-num_values = 1; el-values = talloc_array(ctx, struct ldb_val, 1); - el-values[0].data = (uint8_t *)talloc_strdup(el-values, strrchr(sid, '-')+1); + el-values[0].data = (uint8_t *)talloc_strdup(el-values, p+1); el-values[0].length = strlen((char *)el-values[0].data); return el;
svn commit: samba r19759 - in branches/SAMBA_4_0/source/libnet: .
Author: abartlet Date: 2006-11-17 05:17:32 + (Fri, 17 Nov 2006) New Revision: 19759 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19759 Log: Allow a join to occour against ncacn_ip_tcp again (useful for torture tests). The issue is that Win2k3 SP1 will not answer many LSA requests on that port (I think this is as a security measure). In this case, we need to skip ahead in the composite functions. We were also checking the wrong variable to determine sucess/failure of the LsaOpenPolicy2. Andrew Bartlett Modified: branches/SAMBA_4_0/source/libnet/libnet_rpc.c Changeset: Modified: branches/SAMBA_4_0/source/libnet/libnet_rpc.c === --- branches/SAMBA_4_0/source/libnet/libnet_rpc.c 2006-11-17 01:25:23 UTC (rev 19758) +++ branches/SAMBA_4_0/source/libnet/libnet_rpc.c 2006-11-17 05:17:32 UTC (rev 19759) @@ -412,6 +412,7 @@ static void continue_lsa_query_info2(struct rpc_request *req); static void continue_epm_map_binding(struct composite_context *ctx); static void continue_secondary_conn(struct composite_context *ctx); +static void continue_epm_map_binding_send(struct composite_context *c); /** @@ -530,9 +531,17 @@ return; } - if (!NT_STATUS_IS_OK(s-lsa_query_info2.out.result)) { - composite_error(c, s-lsa_query_info2.out.result); + if (NT_STATUS_EQUAL(s-lsa_open_policy.out.result, NT_STATUS_RPC_PROTSEQ_NOT_SUPPORTED)) { + s-r.out.realm = NULL; + s-r.out.guid = NULL; + s-r.out.domain_name = NULL; + s-r.out.domain_sid = NULL; + /* Skip to the creating the actual connection, no info available on this transport */ + continue_epm_map_binding_send(c); return; + } else if (!NT_STATUS_IS_OK(s-lsa_open_policy.out.result)) { + composite_error(c, s-lsa_open_policy.out.result); + return; } /* query lsa info for dns domain name and guid */ @@ -610,12 +619,11 @@ /* - Step 5 of RpcConnectDCInfo: Get domain name and sid and request endpoint - map binding + Step 5 of RpcConnectDCInfo: Get domain name and sid */ static void continue_lsa_query_info(struct rpc_request *req) { - struct composite_context *c, *epm_map_req; + struct composite_context *c; struct rpc_connect_dci_state *s; c = talloc_get_type(req-async.private, struct composite_context); @@ -634,7 +642,21 @@ s-r.out.domain_sid = s-lsa_query_info.out.info-domain.sid; s-r.out.domain_name = s-lsa_query_info.out.info-domain.name.string; + continue_epm_map_binding_send(c); +} +/* + Step 5 (continued) of RpcConnectDCInfo: request endpoint + map binding. + + We may short-cut to this step if we dont' support LSA OpenPolicy on this transport +*/ +static void continue_epm_map_binding_send(struct composite_context *c) +{ + struct rpc_connect_dci_state *s; + struct composite_context *epm_map_req; + s = talloc_get_type(c-private_data, struct rpc_connect_dci_state); + /* prepare to get endpoint mapping for the requested interface */ s-final_binding = talloc(s, struct dcerpc_binding); if (composite_nomem(s-final_binding, c)) return; @@ -650,7 +672,6 @@ composite_continue(c, epm_map_req, continue_epm_map_binding, c); } - /* Step 6 of RpcConnectDCInfo: Receive endpoint mapping and create secondary rpc connection derived from already used pipe but connected to the requested @@ -682,7 +703,7 @@ /* - Step 7 of RpcConnectDCInfo: Get actual lsa pipe to be returned + Step 7 of RpcConnectDCInfo: Get actual pipe to be returned and complete this composite call */ static void continue_secondary_conn(struct composite_context *ctx)