* Ignore unsolicited signal wakeup in tevent_port event loop.
Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Mar 4 08:33:06 CET 2015 on sn-devel-104
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Tue Mar 3 17:33:06 CET 2015 on sn-devel-104
Andrew Bartlett [Sun, 15 Feb 2015 22:26:37 +0000 (11:26 +1300)]
backupkey: Explain more why we use GnuTLS here
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 927ea9791e3d1a91516b1cec6918772da83a7fbb)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11097
Win8.1 Credentials Manager issue after KB2992611 on Samba domain
Autobuild-User(v4-2-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-2-test): Wed Mar 4 00:28:59 CET 2015 on sn-devel-104
Garming Sam [Fri, 13 Feb 2015 03:55:07 +0000 (16:55 +1300)]
torture-backupkey: Check the dcerpc call return code before calling ndr pull
Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 5ca9a4ebe53fd225e2491a4da4635468fef60829)
Garming Sam [Thu, 12 Feb 2015 20:54:50 +0000 (09:54 +1300)]
backupkey: replace heimdal rsa key generation with GnuTLS
We use GnuTLS because it can reliably generate 2048 bit keys every time.
Windows clients strictly require 2048, no more since it won't fit and no
less either. Heimdal would almost always generate a smaller key.
Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10980
(cherry picked from commit 43d3e90418b5e0ac5986e08f9483146f4f5d2357)
Garming Sam [Fri, 13 Feb 2015 03:49:58 +0000 (16:49 +1300)]
build: Require GnuTLS if building with Active Directory
Without GnuTLS, we don't have ldaps:// support and we are unable to
readily create RSA keys of the correct length for the BackupKey
protocol.
Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit a1f1db277a2c452b63b9fe2d67cabfe0df60223d)
Andrew Bartlett [Thu, 12 Feb 2015 23:59:45 +0000 (12:59 +1300)]
torture-backupkey: Add tests that read the secret from the server, and validate
These show that MS-BKRP 3.1.4.1.1 BACKUPKEY_BACKUP_GUID is incorrect when it
states that the key must be the leading 64 bytes, it must be the whole 256 byte
buffer.
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from commit f7b6e696ed552f02195c87a7eede5a0090f8df1f)
Andrew Bartlett [Thu, 12 Feb 2015 03:15:41 +0000 (16:15 +1300)]
backupkey: Better handling for different wrap version headers
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from commit 3254f9bc009bae3d8463035d63eb1625f23606e6)
Andrew Bartlett [Wed, 11 Feb 2015 04:46:42 +0000 (17:46 +1300)]
backupkey: Add tests for ServerWrap protocol
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from commit d8cc370d01445b5120678dde02955f13f3773bb2)
Andrew Bartlett [Wed, 11 Feb 2015 00:37:16 +0000 (13:37 +1300)]
backupkey: Change expected error codes to match Windows 2008R2 and Windows 2012R2
This is done in both smbtoture and in our server
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from commit 93510eb513598431c260cd0b85a02d0e49cc821b)
Andrew Bartlett [Tue, 10 Feb 2015 20:53:58 +0000 (09:53 +1300)]
backupkey: Implement ServerWrap Decrypt
We implement both modes in BACKUPKEY_RESTORE_GUID, as it may decrypt
both ServerWrap and ClientWrap data, and we implement
BACKUPKEY_RESTORE_GUID_WIN2K.
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from commit c3c54b9bf36ef5075fdca9042296f033db8673ce)
Andrew Bartlett [Tue, 10 Feb 2015 03:26:23 +0000 (16:26 +1300)]
backupkey: Handle more clearly the case where we find the secret, but it has no value
This happen on the RODC, a case that we try not to permit at all.
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from commit cdecd8540a8e5ef1266684fda0dd10d72466d4d8)
Andrew Bartlett [Tue, 10 Feb 2015 03:23:17 +0000 (16:23 +1300)]
backupkey: Improve variable names to make clear this is client-provided data
The values we return here are client-provided passwords or other keys, that we decrypt for them.
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from commit 51086f30dd1f0ca656b5391e1500cc65480564e3)
Andrew Bartlett [Tue, 10 Feb 2015 03:16:20 +0000 (16:16 +1300)]
backupkey: Use the name lsa_secret rather than just secret
This makes it clear that this is the data stored on the LSA secrets store
and not the client-provided data to be encrypted.
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from commit 0ff9733479f27cf40a9cc0f749de088d33591272)
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from commit 33c616406726a3e144b5b4bbc2c8d3166e0c4be5)
Andrew Bartlett [Tue, 10 Feb 2015 02:50:15 +0000 (15:50 +1300)]
backupkey: Improve function names and comments for clarity
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from commit c55f3936490a89004364a203361d201bee5fce08)
Andrew Bartlett [Tue, 10 Feb 2015 02:48:06 +0000 (15:48 +1300)]
backupkey: Move SID comparison to inside get_and_verify_access_check()
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from commit f69b180cf86ad2c43dbbd89c7e906e7ab2350ee2)
Garming Sam [Thu, 5 Feb 2015 05:17:58 +0000 (18:17 +1300)]
backupkey: Improve IDL
Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit bc0b90a300654a248a08e4796133bb6b880e9789)
Garming Sam [Wed, 4 Feb 2015 22:07:30 +0000 (11:07 +1300)]
backupkey: begin by factoring out the server wrap functions
Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit a4e6873c4356fa221a0833336413f70e7c9411ca)
Andrew Bartlett [Tue, 10 Feb 2015 22:45:45 +0000 (11:45 +1300)]
torture-backupkey: Assert dcerpc_bkrp_BackupKey_r call was successful
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from commit 286223f150dbb84022d48ef845119cd47afc30d3)
Andrew Bartlett [Tue, 10 Feb 2015 20:51:27 +0000 (09:51 +1300)]
torture-backupkey: Add consistent assertions that createRestoreGUIDStruct() suceeds
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from commit d9529dbab6f0482d408bf9c4ea9bd911da8897e5)
Arvid Requate [Tue, 23 Dec 2014 17:56:20 +0000 (18:56 +0100)]
s4:torture/rpc/backupkey: Require 2048 bit RSA key
Signed-off-by: Arvid Requate <requate@univention.de> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(fixed cleanup of memory)
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from commit 16ad6de6b8d4481b1e00630c9a23895d1371d971)
This adds some IDL structs for the ServerWrap subprotocol, allowing
parsing of the incoming RPC calls and returning WERR_NOT_SUPPORTED
instead of WERR_INVALID_PARAM.
Signed-off-by: Arvid Requate <requate@univention.de> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from commit 879b65710b266fecaca01b9dd40474b2cc35d417)
[MS-BKRP] 3.1.4.1 specifies for BACKUPKEY_RETRIEVE_BACKUP_KEY_GUID that
the server must ignore the input data. This patch fixes
ndr_pull_error(11): Pull bytes 4 (../librpc/ndr/ndr_basic.c:148)
Signed-off-by: Arvid Requate <requate@univention.de> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from commit 3bc3bec6d702ef62bf026ff64855edc8fb900088)
[MS-BKRP] 2.2.1 specifies "The Common Name field of the Subject name
field SHOULD contain the name of the DNS domain assigned to the server."
In fact Windows 7 clients don't seem to care. Also in certificates
generated by native AD the domain name (after CN=) is encoded as
UTF-16LE. Since hx509_parse_name only supports UTF-8 strings currently
we just leave the encoding as it is for now.
Signed-off-by: Arvid Requate <requate@univention.de> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from commit 007c3978a46d5f50051605752a76d12f30c5a0de)
[MS-BKRP] 2.2.1 specifies that the serialnumber of the certificate
should be set identical to the subjectUniqueID. In fact certificates
generated by native AD have this field encoded in little-endian format.
See also
https://www.mail-archive.com/cifs-protocol@cifs.org/msg01364.html
Signed-off-by: Arvid Requate <requate@univention.de> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from commit 577fa69b5287b047ee2564786e19c9941a25734c)
hx509_ca_tbs_set_notAfter_lifetime expects the lifetime value in
in seconds. The Windows 7 client didn't seem to care that the lifetime
was only 6'03''. Two other TODOs in this implementation:
* Since notBefore is not set explicietely to "now", the heimdal code
default of now-(24 hours) is applied.
* Server side validity checks and cert renewal are missing.
Signed-off-by: Arvid Requate <requate@univention.de> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from commit 89803009b957b980818aa971a0f5dd14f75cbbe1)
RSA_generate_key_ex doesn't always generate a modulus of requested
bit length. Tests with Windows 7 clients showed that they decline
x509 certificates (MS-BKRP 2.2.1) in cases where the modulus length
is smaller than the specified 2048 bits. For the user this resulted
in DPAPI failing to retrieve stored credentials after the user password
has been changed at least two times. On the server side log.samba showed
that the client also called the as yet unlimplemented ServerWrap sub-
protocol function BACKUPKEY_BACKUP_KEY_GUID after it had called the
ClientWarp function BACKUPKEY_RETRIEVE_BACKUP_KEY_GUID. After
enabling DPAPI auditing on the Windows Clients the Event Viewer showed
Event-ID 4692 failing with a FailureReason value of 0x7a in these cases.
Signed-off-by: Arvid Requate <requate@univention.de> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10980
(cherry picked from commit 9b2ff26c893e5748d12d7a37a93eef7b1f4b1a1b)
Marc Muehlfeld [Sat, 28 Feb 2015 10:38:12 +0000 (11:38 +0100)]
Add link to the Samba User Survey 2015 to WHATSNEW.txt
Promote the Samba User Survey in the 4.2 release notes
to receive more results.
Signed-off-by: Marc Muehlfeld <mmuehlfeld@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(v4-2-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-2-test): Mon Mar 2 23:48:58 CET 2015 on sn-devel-104
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Mar 2 14:33:33 CET 2015 on sn-devel-104
Volker Lendecke [Wed, 11 Feb 2015 16:16:50 +0000 (17:16 +0100)]
snprintf: Try to support %j
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Feb 12 23:34:33 CET 2015 on sn-devel-104
Michael Adam [Thu, 26 Feb 2015 23:27:29 +0000 (00:27 +0100)]
tevent: version 0.9.23
* Add Solaris ports as tevent backend.
* Improvements to the tevent_data tutorial.
* Remove use of the 'staticforward' macro.
Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Fri Feb 27 03:48:57 CET 2015 on sn-devel-104
Jeremy Allison [Mon, 22 Jul 2013 21:23:33 +0000 (14:23 -0700)]
Add Solaris ports as a tevent backend.
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Sun Feb 15 23:25:07 CET 2015 on sn-devel-104
Richard Sharpe [Sat, 24 Jan 2015 05:56:19 +0000 (21:56 -0800)]
Update the tevent_data.dox tutrial stuff to fix some errors, including white space problems.
Signed-off-by: Richard Sharpe <rsharpe@samba.org> Reviewed-by: Ralph Boehme <rb@sernet.de>
Autobuild-User(master): Richard Sharpe <sharpe@samba.org>
Autobuild-Date(master): Sat Jan 24 09:33:03 CET 2015 on sn-devel-104
Amitay Isaacs [Mon, 23 Feb 2015 01:38:11 +0000 (12:38 +1100)]
ctdb-io: Do not use sys_write to write to client sockets
When sending messages to clients, ctdb checks for EAGAIN error code and
schedules next write in the subsequent event loop. Using sys_write in
these places causes ctdb to loop hard till a client is able to read from
the socket. With real time scheduling, ctdb daemon spins consuming 100%
of CPU trying to write to the client sockets. This can be quite harmful
when running under VMs or machines with single CPU.
The existing code backs off in case of EAGAIN failures and waits for an
event loop to process the write again. This should give ctdb clients
a chance to get scheduled and to process the ctdb socket.
Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Tue Feb 24 12:29:30 CET 2015 on sn-devel-104
Ira Cooper [Thu, 15 Jan 2015 16:41:50 +0000 (11:41 -0500)]
smbd: Stop using vfs_Chdir after SMB_VFS_DISCONNECT.
This sequencing is causing problems for vfs_ceph, and likely
other vfs modules.
Signed-off-by: Ira Cooper <ira@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jan 16 00:13:17 CET 2015 on sn-devel-104
Michael Adam [Thu, 19 Feb 2015 15:59:00 +0000 (16:59 +0100)]
doc:man:vfs_glusterfs: improve the configuration section.
Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Fri Feb 20 14:29:21 CET 2015 on sn-devel-104
Michael Adam [Fri, 13 Feb 2015 00:04:11 +0000 (01:04 +0100)]
doc:man:vfs_glusterfs: improve and update description.
Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit 7852dd9e4c806d4e2b5428cb783b8ce6db8902d0)
Michael Adam [Fri, 13 Feb 2015 00:03:21 +0000 (01:03 +0100)]
doc:man:vfs_glusterfs: remove extra % signs.
Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit b9bf3c4d785606573ee3b9cb8e727bb04b3be6fb)
Andrew Bartlett [Mon, 16 Feb 2015 02:59:11 +0000 (15:59 +1300)]
debug: Set close-on-exec for the main log file FD
This does not change the properties of dup2() of the fd as STDERR, however this is closed
before we start smbd or winbindd as child processes.
This is needed otherwise the logfile remains open in the child process, and
logfile rotation can mean this old log remains on disk indefinatly.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11100
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Feb 16 11:42:47 CET 2015 on sn-devel-104
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Pair-Programmed-With: Andreas Schneider <asn@samba.org> Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(v4-2-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-2-test): Mon Feb 23 23:07:35 CET 2015 on sn-devel-104
Jeremy Allison [Fri, 20 Feb 2015 02:50:45 +0000 (18:50 -0800)]
s3: smbd: SMB2 close. If a file has delete on close, store the return info before deleting.
If we delete the file on close, the stat after the close
will fail so we fail to return the attributes requested.
Bug 11104 - SMB2/SMB3 close response does not include attributes when requested.
https://bugzilla.samba.org/show_bug.cgi?id=11104
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Steve French <sfrench@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Feb 20 20:54:18 CET 2015 on sn-devel-104
Jeremy Allison [Fri, 20 Feb 2015 02:49:03 +0000 (18:49 -0800)]
s3: smbd: SMB2 close. Call utility function setup_close_full_information()
Replaces existing inline code.
Bug 11104 - SMB2/SMB3 close response does not include attributes when requested.
https://bugzilla.samba.org/show_bug.cgi?id=11104
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Steve French <sfrench@samba.org>
(cherry picked from commit 4a8c6988e349a4f714f3052ebf3f96f801d3c11f)
Jeremy Allison [Fri, 20 Feb 2015 02:46:55 +0000 (18:46 -0800)]
s3: smbd: SMB2 close. Add utility function setup_close_full_information()
Not yet used.
Bug 11104 - SMB2/SMB3 close response does not include attributes when requested.
https://bugzilla.samba.org/show_bug.cgi?id=11104
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Steve French <sfrench@samba.org>
(cherry picked from commit 2ccfdf760e4adcf25d59c629c9d6d6b31a10a9f1)
Jeremy Allison [Wed, 18 Feb 2015 19:51:53 +0000 (11:51 -0800)]
s4: smbtorture: leases - show stat opens grant leases and can be broken.
https://bugzilla.samba.org/show_bug.cgi?id=11102
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Böhme <slow@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Feb 19 23:10:43 CET 2015 on sn-devel-104
Marc Muehlfeld [Sat, 31 Jan 2015 18:44:26 +0000 (19:44 +0100)]
samba-tool: Create NIS enabled users and unixHomeDirectory attribute
Allow to create NIS enabled user accounts via 'samba-tool user add'.
To create NIS enabled accounts, the parameters
--uid-number=, --login-shell=, --unix-home=, --gid-number=
are mandatory. Because we didn't had a parameter to set unixHomeDirectory
yet, this patch also adds this feature.
'unixUserPassword: ABCD!efgh12345$67890' is added by default, when you
enable NIS on an account in ADUC. The same we do in samba-tool.
Signed-off-by: Marc Muehlfeld <mmuehlfeld@samba.org> Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
Autobuild-User(master): Marc Muehlfeld <mmuehlfeld@samba.org>
Autobuild-Date(master): Tue Feb 3 17:18:32 CET 2015 on sn-devel-104
printing/cups: pack requested-attributes with IPP_TAG_KEYWORD
The CUPS IPP_GET_JOBS requested-attributes array indicates which job
attributes the caller would like in the cupsd response.
Until now, Samba has packed these attributes with a IPP_TAG_NAME
format tag. In recent versions of CUPS, this results in the IPP_GET_JOBS
response only including the job-id and job-printer-uri fields, even with
JobPrivateValues=none configured.
Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Feb 10 01:38:58 CET 2015 on sn-devel-104
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jan 29 14:58:40 CET 2015 on sn-devel-104
s3:smb2_server: always try to grant the credits the client just consumed
It turns out that the effective credits_requested is always at least 1,
even if the client sends credits_requested == 0.
This means the client is not able to reduce the amount of credits
itself.
Without this fix a client (e.g. Windows7) would reach the case
where it has been granted all credits it asked for.
When copying a large file with a lot of parallel requests,
all these requests have credits_requested == 0.
This means the amount of granted credits where reduced by each
request and only when the granted credits reached 0,
the server granted one credit to allow the client to go on.
The client might require more than one credit ([MS-SMB2] says
Windows clients require at least 4 credits) and freezes
with just 1 credit.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 1944c857e59922a2ebfc88a6a824a6ed9396f2d5)
wafsamba: create unique names when building shared modules
After commit 76fdcf5c15bd904c3686f0c2dd93d27486c61ca4, we could endup
with bin/default/source3/auth/libauth-samba4.so being created two times.
Once by SAMBA3_LIBRARY('auth',...) and once again by SAMBA3_MODULE('auth_samba4', ...).
As a result bin/default/source3/auth/libauth-samba4.so gets randomly
overwritten.
SAMBA3_MODULE('auth_samba4', ...) results in
bin/default/source3/auth/libauth_module_samba4.so now.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Jan 19 04:43:53 CET 2015 on sn-devel-104
Thomas Nagy [Mon, 16 Sep 2013 22:00:40 +0000 (00:00 +0200)]
wafadmin: backported the openbsd fixes from waf 1.7
This is a backport from waf 1.5...
Reviewed-by: Michael Adam <obnox@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jan 9 02:02:07 CET 2015 on sn-devel-104
Michael Adam [Mon, 22 Dec 2014 10:30:21 +0000 (11:30 +0100)]
wafsamba: remove commented out code.
This code has only ever been there as commented out...
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 9f2979a1a42f4714bdc49d09e4b5094333409834)
Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit ffff95d421e3ca7fa31ec668a2e8fc7fdaee05df)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
(cherry picked from commit d7bd51a79d0784d3db809c0c5e82193f79799dc3)
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org> Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit a6bda1f2bc85779feb9680bc74821da5ccd401c5)
Michael Adam [Thu, 18 Dec 2014 20:36:07 +0000 (21:36 +0100)]
wafsamba: filter out standard library paths from RPATH and LIBPATH
We should avoid passing them explicitly to the compiler/linker.
We ask the compiler with the '-print-search-dirs' argument
or fallback to [ '/usr/lib', '/usr/lib64' ].
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 707dc16987c982b75c83cd5b06d4373c23e777e0)
Michael Adam [Thu, 18 Dec 2014 17:09:15 +0000 (18:09 +0100)]
wafsamba: fix ordering problems with lib-provided and internal RPATHs
When a library or system (like cups) provides an RPATH,
e.g. with -Wl,-R or -Wl,-rpath, this was added by waf
to the LINKFLAGS, wich was later prepended to our RPATH.
But if the path by chance contains an older version of
one of our internal libraries like talloc, this would lead
to linking the too old talloc into our binaries.
This has been observed on, e.g., FreeBSD, but it is a general
problem.
This patch fixes the problem by specially parsing the RPATH
linker options from the pkg-config(, cups-config, ....) output
and putting the paths into the RPATH_<lib> container, which
is then later correctly appended to our internal RPATH.
This is a better fix than commit 64f5e24100a764ec198cab9a8d2c43fa86e7027c
as it touches wafsamba only. 64f5e24100a764ec198cab9a8d2c43fa86e7027c
is already in waf 1.5 upstream, but has some possible bugs,
e.g. it doesn't handle -Wl,-R, (with ',' at the end)
or some combinations where the path is given via an additional
-Wl,/path argument.
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit dc808a466ef835535a3d4bb87f19316eeff1c567)
wafsamba: make it possible to specify ADDITIONAL_{CFLAGS,LDFLAGS} as env var to ./configure
CFLAGS and LDFLAGS are also used during the configure checks and might impact
their results.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit d744c7c080d81121b84a592a95761e03c2a1090c)
Based on a patch from Tom Schulz <schulz@adi.com>.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 46fdd6221e9c64b459e0d05e6d02d89deb8dafb5)
wafsamba: let CURRENT_CFLAGS() use bld.env.VISIBILITY_CFLAGS
This is better than a hardcoded value in multiple places.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 52eb8854ff8535577c9282f8e4133875fbb0ed33)
wafsamba: move -fvisibility=hidden checks from lib/replace to wafsamba
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 4683fc0f1dc5af3bcf81edaebfbd6c8d3b38df9e)
wafsamba: move '-fstack-protector' checks from lib/replace to wafsamba
This moves the check to the end of the configure run,
which means we no longer use this on configure checks,
but only for the real build.
This behavior is similar than our developer cflags.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 208be32c6a9b275c507fb5e3334b832a3cb9578a)
wafsamba: move WERROR_CFLAGS checks from lib/replace to wafsamba
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 0f4ce418ae1410a294aa6e629beea68c6a16aff8)
wafsamba: move compiler / cflags related stuff from lib/replace to wafsamba
We should have this just in one central place.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 7a3dc668528f398458851aca5d27ff789414343a)
wafsamba: let TO_LIST(mylist) return a copy of mylist
In most cases we have TO_LIST(mystring) which returns an independent
list.
newlist = TO_LIST(mylist) returned just a reference to mylist.
Which means newlist.append("end") would also modify mylist.
TO_LIST() should always return an independent list.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit ab4b988ba2ba85ec2bfb01d7711d6870b3e0f710)
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 89cc31f5cf9181f04f3ca1a5f7000ee15a74e86e)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 76fdcf5c15bd904c3686f0c2dd93d27486c61ca4)
wafsamba: add -Werror=return-type for developer builds
This avoids errors like this:
../source3/utils/status.c: In function ‘print_share_mode’:
../source3/utils/status.c:126:3: error: ‘return’ with no value, in function
returning non-void [-Werror=return-type]
return;
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 6ff9388172909ce249fd6254703eee707d821731)
Thomas Nagy [Fri, 26 Sep 2014 21:46:01 +0000 (23:46 +0200)]
Reduce the no-op build times by 30%
Change-Id: Ie68436c1e7c75c1786e9ed6b6a54d2b55abbbcea Reviewed-by: Matthieu Patou <mat@matws.net> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Fri Oct 3 13:25:18 CEST 2014 on sn-devel-104
Jeremy Allison [Fri, 3 Oct 2014 16:24:04 +0000 (09:24 -0700)]
s3: lib, s3: modules: Fix compilation on Solaris.
Based on work from YOUZHONG YANG <youzhong@gmail.com>.
Code needs fixing when HAVE_STRUCT_MSGHDR_MSG_CONTROL is
not defined. Also Solaris doesn't have msg_flags field
(which we set to zero anyway, so if we initialize
the entire struct to zero, we never need to refer to it).
https://bugzilla.samba.org/show_bug.cgi?id=10849
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Oct 6 12:33:36 CEST 2014 on sn-devel-104
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Sat Jan 24 20:17:20 CET 2015 on sn-devel-104
Petr Viktorin [Wed, 3 Dec 2014 12:59:58 +0000 (13:59 +0100)]
Remove use of the "staticforward" macro
This macro was used for compatibility with broken compilers.
Since Python 2.3, it is always defined as `static`, and only exists
"for source compatibility with old C extensions".
Signed-off-by: Petr Viktorin <pviktori@redhat.com> Reviewed-by: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 02980268e8641a1558c6f475d4669ce4d663504d)
Andrew Bartlett [Fri, 19 Dec 2014 02:25:03 +0000 (15:25 +1300)]
ldb: bump to version 1.1.19
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Pair-programmed-by: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from commit 02f6ab85a0dcec59c12384a8738eecf7d322071f)
Samuel Cabrero [Wed, 5 Nov 2014 10:02:25 +0000 (11:02 +0100)]
ldb: Allow to register extended match rules
This allows to extend LDB by registering extended match rules from outside
the library itself. This is necessary when the implementation requires
knowledge about syntaxes implemented in samba extensions, like the
LDAP_MATCHING_RULE_TRANSITIVE_EVAL match.
Signed-off-by: Samuel Cabrero <samuelcabrero@kernevil.me> Singed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from commit faa4be0535fd41bf282b1afc749a05412f4ee96c)
This is part two of the bugfix. Make sure we pass the IP we found to
cli_servertime(). Hence we always pass at least one of name or IP.
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org> Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 45829800eb3f3a8aeccfe7c1114dcf9df60371d5)
projects / thirdparty / samba.git / log
