summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2009-11-20Implementation of LDAP_SERVER_SD_FLAGS_OID on modify requests.Nadezhda Ivanova2-21/+240
2009-11-20Some changes to allow processing of ldap controls on modify requests.Nadezhda Ivanova6-10/+106
ldap_backend used to filter out ldap controls on modify. Also, modified python binding for ldap_modify to allow writing tests for such controls.
2009-11-20s4:ntvfs/posix/pvfs_acl - Remove unused variable "token"Matthias Dieter Wallnöfer1-1/+0
2009-11-20tdb: change version to 1.2.0 after adding TDB_*ALLOW_NESTINGStefan Metzmacher1-1/+1
metze
2009-11-20tdb: add TDB_DISALLOW_NESTING and make TDB_ALLOW_NESTING the default behaviorStefan Metzmacher5-3/+63
We need to keep TDB_ALLOW_NESTING as default behavior, so that existing code continues to work. However we may change the default together with a major version number change in future. metze
2009-11-20New attempt at TDB transaction nesting allow/disallow.Ronnie Sahlberg2-1/+14
Make the default be that transaction is not allowed and any attempt to create a nested transaction will fail with TDB_ERR_NESTING. If an application can cope with transaction nesting and the implicit semantics of tdb_transaction_commit(), it can enable transaction nesting by using the TDB_ALLOW_NESTING flag. (cherry picked from ctdb commit 3e49e41c21eb8c53084aa8cc7fd3557bdd8eb7b6) Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-11-20tdb: always set tdb->tracefd to -1 to be safe on goto failStefan Metzmacher1-4/+3
metze
2009-11-20s4-dsdb: some more attribuutes that we should only give if asked forAndrew Tridgell2-2/+14
2009-11-20s4-drs: we need to specifically ask for ntSecurityDescriptorAndrew Tridgell1-1/+1
ntSecurityDescriptor is no longer included by default
2009-11-20s4-ldb: added a warning about ldb_msg_add_dnAndrew Tridgell1-0/+2
ldb_msg_add_dn does not copy the dn linearized string
2009-11-20added new function "ldb_msg_add_dn"Crístian Deives4-9/+17
a helper function to a DN element to an ldb_msg using ldb_msg_add_string. Signed-off-by: Andrew Tridgell <tridge@samba.org>
2009-11-20s4-dsdb: removed attributes that should not be displayed by defaultAndrew Tridgell1-0/+37
Some attributes (like ntSecurityDescriptor) are stored in our db, but should only be displayed if asked for. This also applied to parentGUID from old installs, which is now generated.
2009-11-20s4-drs: Removes stored parentGUID's creation and renamingFernando J V da Silva1-80/+7
parentGUID is now created on demand in operational.c Signed-off-by: Andrew Tridgell <tridge@samba.org>
2009-11-20s4-drs: Synchronous Implementation of generated parentGUIDFernando J V da Silva1-2/+34
This generated parentGUID on demand, rather than getting it from the database Signed-off-by: Andrew Tridgell <tridge@samba.org>
2009-11-20s4-drs: Utility functions to deal with GUIDFernando J V da Silva1-0/+99
dsdb_find_parentguid_by_dn() returns the parentGUID for a given DN dsdb_msg_add_guid() adds a GUID value to a given message (either objectGUID or parentGUID). Signed-off-by: Andrew Tridgell <tridge@samba.org>
2009-11-20ldb:ldb_tdb backend/indexes - Outside APIMatthias Dieter Wallnöfer3-28/+30
- The outside API contains "DN" string arguments: Bad. Since in this way we fully rely on the outside calls regarding the right DN format. Solution: Use always a "struct ldb_dn" entry. Since this one is interchangeable and we can handle it in our preferred way.
2009-11-20ldb:ldb_tdb backend/indexes - DN comparisonMatthias Dieter Wallnöfer1-4/+5
- DN comparison: The function doesn't seem that efficient. I "upgraded" it a bit to be more powerful (added a second length check and do both before the string comparison)
2009-11-20s4-dsdb: make sure mod_usn list is zeroed on each transactionAndrew Tridgell1-7/+10
2009-11-20s4-ldb: added a double-rename testAndrew Tridgell1-0/+24
This tests the fix for double rename/add and indexing
2009-11-20s4-ldb: when -v is specified, show progress of ldbadd/ldbmodifyAndrew Tridgell2-2/+8
This is useful for speed tests with large numbers of records.
2009-11-20s4-ldb: make ldb tools line bufferedAndrew Tridgell1-0/+3
this prevents output being buffered when redirected to a file. Useful for larger ldb command line operations
2009-11-20s4-ldb: fixed an issue in rename/modify indexingAndrew Tridgell1-16/+16
When we rename or modify a record, we need to update the indexes at the same time. It is important that we use the DN of the actual message that is stored in the database to do this, not the DN that was passed in by the user. If the two differ in case then the index records needs to use the 'real' record DN, as index handling is currently case sensitive.
2009-11-20s4-ldb: allow ldap.py test suite to run directly against a fileAndrew Tridgell1-1/+5
This makes it much easier to debug (as you can break in the ldb modules by running gdb on /usr/bin/python)
2009-11-19PC Oota Edits.John H Terpstra1-4/+3
2009-11-19s3: Avoid races to change the machine password in winbindVolker Lendecke1-0/+18
The machine password handler has code to deal with every node in the cluster trying to change the machine password at the same time. However, it is not very nice to the DC if everyone tries this simultaneously. This adds a random 0-255 second offset to our timed event. When this fires a bit later than strictly calculated, someone else might have stepped in and have already changed it. The timed event handler will handle this gracefully, it won't even try to do it again.
2009-11-19s3: Protect against flooding the DC with pwchange requestsVolker Lendecke1-14/+24
When there is a temporary problem changing passwords we flooded the DC with pwchange requests. This gives the DC a 60-second break to recover.
2009-11-19s3: Re-check the timeout in machine_password_change_handler()Volker Lendecke1-0/+6
Someone else might have come in between and changed the password since we created that timed request
2009-11-19s3: Add some debugs to the winbind machine pwchange machineryVolker Lendecke1-0/+16
2009-11-19s3: Factor timeval_string out of current_timestring()Volker Lendecke2-12/+14
2009-11-19s3: Do not kill the whole smb session if a machine pwchange failedVolker Lendecke1-1/+1
2009-11-19s3:pdb_ldap: fix a comment typoMichael Adam1-1/+1
Michael
2009-11-19s3: shortcut uid_to_sid when "ldapsam:trusted = yes"Michael Adam1-0/+75
The normal uid_to_sid behaviour is to call sys_getpwuid() to get the name for the given uid and then call the getsampwnam passdb method for the resulting name. In the ldapsam:trusted case we can reduce the uid_to_sid operation to one simple search for the uidNumber attribute and only get the sambaSID attribute from the correspoinding LDAP object. This reduces the number of ldap roundtrips for this operation. Michael
2009-11-19s3-build: really fix build of winbind_krb5_locator.Günther Deschner1-1/+1
Guenther
2009-11-19s3-build: make sure to remove libds and client object files on make clean.Günther Deschner1-1/+3
Guenther
2009-11-19s4:ldbcli - Added encoder/decoder for relax control.Endi S. Dewata1-2/+20
2009-11-18s3: Replace some create_synthetic_smb_fname() callsVolker Lendecke7-115/+63
In very hot codepaths like the statcache copy_smb_filename and the subsequent recursive talloc_free is noticable in the CPU load.
2009-11-18s3: Do not talloc in readdirVolker Lendecke12-141/+198
This is a hot codepath (called from the stat cache)
2009-11-18s3:load_interfaces(): use function gfree_interfaces() that we have.Michael Adam1-9/+1
To reduce code duplication. Michael
2009-11-18Added control copying for message types other than ldb_search.Nadezhda Ivanova1-1/+4
When ildap created a new message to forward, it only copied controls for ldb_search requests. This caused controls for add and modify to be lost in transition and tests for them could not be implemented.
2009-11-18s3/docs: Add "max protocol = smb2" to man smb.conf.Karolin Seeger1-0/+5
Karolin
2009-11-18README.coding: Update rules about code blocks and braces.Kai Blin1-15/+31
2009-11-18selftest: Subunit/Filter.pm only allow expected failures without errorsStefan Metzmacher1-2/+24
metze
2009-11-18s4:selftest: mark samba4.smb2.lock.*.VALID-REQUEST as known failureStefan Metzmacher1-0/+1
metze
2009-11-18SMB2-LOCK: make use of torture_assert_*()Stefan Metzmacher1-12/+6
This is needed in order to mark tests as known failures. metze
2009-11-18s4:ntvfs_generic: check for valid SMB2_LOCK flagsStefan Metzmacher1-0/+8
metze
2009-11-18s4:selftest: fix logic for --option=torture:progress=noStefan Metzmacher1-1/+1
metze
2009-11-18s4:torture/test_gentest.sh: make use of the PREFIX argumentStefan Metzmacher1-5/+6
We should not use hardcode pathes! metze
2009-11-18selftest: ignore empty lines in knownfailuresStefan Metzmacher1-0/+1
metze
2009-11-18selftest/output/plain.pm: report the testuite name on errorStefan Metzmacher1-1/+5
metze
2009-11-18s4:selftest: for now skip the BASE-DELAY-WRITE test completelyStefan Metzmacher1-0/+1
This test randomly fails depending on the timing (the tests are too strict with the values introduced in commit 0fca2b078ceb314e429e24e3318b50451ccf423b) and local filesystem features (timestamp resolution). metze