Age | Commit message (Collapse) | Author | Files | Lines |
|
aes256-cts-hmac-sha1-96 and aes128-cts-hmac-sha1-96
should have a higher priority than arcfour-hmac-md5,
otherwise the KDC still gives us arcfour-hmac-md5 session keys.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
with ltdb_pack_data() and ltdb_unpack_data() now moved into common, we
need to increase the minor version and fixup callers of the API
Note that this relies on struct ldb_val being the same shape as
TDB_DATA, in much the same way as we rely on ldb_val and DATA_BLOB
being the same shape.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
this code should not be tied to the ldb_tdb backend, both because it
could be used for any record oriented backend, and because it should
be exposed for use by diagnosis/repair tools such as the recently
added ldbdump tool
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
Autobuild-User(master): Björn Jacke <bj@sernet.de>
Autobuild-Date(master): Wed Oct 31 19:25:30 CET 2012 on sn-devel-104
|
|
This uses a tdb_traverse or (more usefully) the tdb_rescue API, like tdbdump.
The difference here is that it uses ldb helper functions to further
eliminate faulty records, which avoids creating duplicates in the output.
(The duplicates come from parts of records that are left in blank space
in the db, which tdb_rescue finds, but which are not actually a full
record).
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Oct 30 23:56:11 CET 2012 on sn-devel-104
|
|
|
|
It always de-references the module to find the ldb anyway.
Andrew Bartlett
|
|
Autobuild-User(master): Björn Jacke <bj@sernet.de>
Autobuild-Date(master): Tue Oct 30 15:04:30 CET 2012 on sn-devel-104
|
|
|
|
checked last
|
|
|
|
as in the autoconf build this must be "-errwarn=%all"
|
|
set_variable()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Autobuild-User(master): Ira Cooper <ira@samba.org>
Autobuild-Date(master): Mon Oct 29 21:55:35 CET 2012 on sn-devel-104
|
|
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
|
|
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
|
|
This makes rep_{f,}getxattr a more complete replacement for the linux function.
Andrew Bartlett
|
|
We can not be sure that there is already a talloc_stackframe() in place
so we must create one.
Andrew Bartlett
|
|
If the socket is not readable yet, we need to retry
if tsocket_bsd_pending() returns 0.
See also
https://lists.samba.org/archive/samba-technical/2012-October/087164.html
metze
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Oct 23 14:44:21 CEST 2012 on sn-devel-104
|
|
define_ret is for when the output of the compiled and run program
should be put into the configure define. This is not the case
here.
Andrew Bartlett
|
|
|
|
In particular, not checking for byteswap.h meant we defined duplicates:
https://bugzilla.samba.org/show_bug.cgi?id=9286
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Autobuild-User(master): Rusty Russell <rusty@rustcorp.com.au>
Autobuild-Date(master): Wed Oct 17 01:55:14 CEST 2012 on sn-devel-104
|
|
It avoid bugs when one of the buffer is supposed to contain a string
that is not null terminated (ie. label->label) and that we don't force
the last byte to 0.
|
|
Reported-by: Matthieu Patou <mat@samba.org>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Autobuild-User(master): Rusty Russell <rusty@rustcorp.com.au>
Autobuild-Date(master): Mon Oct 8 04:43:37 CEST 2012 on sn-devel-104
|
|
When winbind is restarted, there is a potential crash in tdb. Following
situation: We are in a cluster with ctdb. A winbind child hangs
in a request to the DC. Cluster monitoring decides the node has a
problem. Cluster monitoring decides to kill ctdbd. winbind child
still hangs in a RPC request. winbind parent figures that ctdb is
dead and immediately commits suicide. winbind parent is restarted by
cluster management, overwriting gencache.tdb with CLEAR_IF_FIRST. The
CLEAR_IF_FIRST logic as implemented now will not see that a child still
has the tdb open, only the parent holds the ACTIVE_LOCK due to performance
reasons. During the CLEAR_IF_FIRST logic is done, there is a very small
window where we ftruncate(tfd, 0) the file and re-write a proper header
without a lock. When during this small window the winbind child comes
back, wanting to store something into gencache.tdb, that winbind child
will crash with a SIGBUS.
Sounds unlikely? See:
[2012/09/29 07:02:31.871607, 0] lib/util.c:1183(smb_panic)
PANIC (pid 1814517): internal error
[2012/09/29 07:02:31.877596, 0] lib/util.c:1287(log_stack_trace)
BACKTRACE: 35 stack frames:
#0 winbindd(log_stack_trace+0x1a) [0x7feb7d4ca18a]
#1 winbindd(smb_panic+0x2b) [0x7feb7d4ca25b]
#2 winbindd(+0x1a3cc4) [0x7feb7d4bacc4]
#3 /lib64/libc.so.6(+0x32900) [0x7feb7a929900]
#4 /lib64/libc.so.6(memcpy+0x35) [0x7feb7a97f355]
#5 /usr/lib64/libtdb.so.1(+0x6e76) [0x7feb7b0b0e76]
#6 /usr/lib64/libtdb.so.1(+0x3d37) [0x7feb7b0add37]
#7 /usr/lib64/libtdb.so.1(+0x863d) [0x7feb7b0b263d]
#8 /usr/lib64/libtdb.so.1(+0x8700) [0x7feb7b0b2700]
#9 /usr/lib64/libtdb.so.1(+0x2505) [0x7feb7b0ac505]
#10 /usr/lib64/libtdb.so.1(+0x25b7) [0x7feb7b0ac5b7]
#11 /usr/lib64/libtdb.so.1(tdb_fetch+0x13) [0x7feb7b0ac633]
#12 winbindd(gencache_set_data_blob+0x259) [0x7feb7d4d8449]
#13 winbindd(gencache_set+0x53) [0x7feb7d4d85b3]
#14 winbindd(gencache_del+0x5e) [0x7feb7d4d879e]
#15 winbindd(saf_delete+0x93) [0x7feb7d54b693]
#16 winbindd(+0xe507e) [0x7feb7d3fc07e]
#17 winbindd(+0xe85e5) [0x7feb7d3ff5e5]
#18 winbindd(+0xe65be) [0x7feb7d3fd5be]
#19 winbindd(+0xe7562) [0x7feb7d3fe562]
#20 winbindd(init_dc_connection+0x2e) [0x7feb7d3fe5be]
#21 winbindd(+0xe75d9) [0x7feb7d3fe5d9]
#22 winbindd(cm_connect_netlogon+0x58) [0x7feb7d3fe658]
#23 winbindd(_wbint_PingDc+0x61) [0x7feb7d410991]
#24 winbindd(+0x103175) [0x7feb7d41a175]
#25 winbindd(winbindd_dual_ndrcmd+0xb7) [0x7feb7d4107d7]
#26 winbindd(+0xf8609) [0x7feb7d40f609]
#27 winbindd(+0xf9075) [0x7feb7d410075]
#28 winbindd(tevent_common_loop_immediate+0xe8) [0x7feb7d4db198]
#29 winbindd(run_events_poll+0x3c) [0x7feb7d4d93fc]
#30 winbindd(+0x1c2b52) [0x7feb7d4d9b52]
#31 winbindd(_tevent_loop_once+0x90) [0x7feb7d4d9f60]
#32 winbindd(main+0x7b3) [0x7feb7d3e7aa3]
#33 /lib64/libc.so.6(__libc_start_main+0xfd) [0x7feb7a915cdd]
#34 winbindd(+0xce2a9) [0x7feb7d3e52a9]
This is in a winbind child, logfiles surrounding indicate the parent
was restarted.
This patch takes all chain locks around the CLEAR_IF_FIRST introduced
tdb_new_database.
|
|
When probing for a size change (eg. just before tdb_expand, tdb_check,
tdb_rescue) we call tdb_oob(tdb, tdb->map_size, 1, 1). Unfortunately
this does nothing if the tdb has actually shrunk, which as Volker
demonstrated, can actually happen if a "longlived" parent crashes.
So move the map/update size/remap before the limit check.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
|
|
This will avoid 'surprise returns' and makes the code cleare to readers.
These macros were complex enough to warrant a full function anyway not
just for readability but also for debuggability.
Thanks David for pointing out this issue.
Autobuild-User(master): Simo Sorce <idra@samba.org>
Autobuild-Date(master): Fri Oct 5 23:24:17 CEST 2012 on sn-devel-104
|
|
Autobuild-User(master): Simo Sorce <idra@samba.org>
Autobuild-Date(master): Fri Oct 5 07:36:38 CEST 2012 on sn-devel-104
|
|
By calling talloc_set_memlimit() we can now set a max memory limit
for a whole talloc hierarchy.
ANy attempt to allocate memory beyond the max allowed for the whole
hierarchy wil cause an allocation failure.
Stealing memory correctly accounts for used memory in the old and the new
hierarchy but exceeding the memory limit in the new parent will not cause
a failure.
|
|
security mask
force security mode
directory security mask
force directory security mode
and update the docs.
|
|
This allows for an emergency best-effort dump. It's a little better than
strings(1).
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Autobuild-User(master): Rusty Russell <rusty@rustcorp.com.au>
Autobuild-Date(master): Thu Oct 4 03:16:06 CEST 2012 on sn-devel-104
|
|
Dumping a corrupt database should not exit silently with 0 status!
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
|
|
This allows for an emergency best-effort dump. It's a little better than
strings(1).
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
|
|
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Oct 2 19:52:16 CEST 2012 on sn-devel-104
|
|
Guenther
|
|
|
|
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Sep 26 02:13:10 CEST 2012 on sn-devel-104
|
|
|
|
Signed-Off-By: Jelmer Vernooij <jelmer@samba.org>
Autobuild-User(master): Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date(master): Tue Sep 25 22:40:39 CEST 2012 on sn-devel-104
|
|
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Sep 25 18:03:46 CEST 2012 on sn-devel-104
|
|
Autobuild-User(master): Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date(master): Tue Sep 25 06:38:40 CEST 2012 on sn-devel-104
|
|
This uses the setproctitle() from libc, libsetproctitle or libbsd.
If none is available it provides a dummy implementation.
|
|
This is normally handled by the waf core, but for HP-UX we currently fail.
The autoconf code hard-codes a case for HP-UX, but I want to try testing
it using a generic system first.
Andrew Bartlett
|
|
On the Sernet-solaris8 host, this test passed in the autoconf build,
then failed in the recursive waf build. This newer test should probe
the behaviour more closely, by checking we get two distinct, secure
files.
Andrew Bartlett
|
|
In any case, the Samba Team stopped supporting SCO systems a long time ago.
Andrew Bartlett
|
|
Removing this unbuilt file allows removing BROKEN_GETGRNAM which was only
ever defined per-OS, not based on an actual test.
Andrew Bartlett
|
|
The issue is that this file is both used in an autoconf test, and
later in a smbtorture test. Because os2_delete.c does not include
replace.h, bool may not be defined.
So, instead we shift the need for bool to a different header.
(The readdir tests in repdir.m4 are not yet in the waf configure).
Andrew Bartlett
|
|
|
|
It's possible for a client to send 0 bytes in a UDP packet,
we need still need to call recvfrom() and skip the invalid
packet at a higher level. Otherwise the kernel receive queue
is blocked.
metze
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|