Age | Commit message (Collapse) | Author | Files | Lines |
|
This adds the two functions talloc_stackframe() and talloc_tos().
* When a new talloc stackframe is allocated with talloc_stackframe(), then
* the TALLOC_CTX returned with talloc_tos() is reset to that new
* frame. Whenever that stack frame is TALLOC_FREE()'ed, then the reverse
* happens: The previous talloc_tos() is restored.
*
* This API is designed to be robust in the sense that if someone forgets to
* TALLOC_FREE() a stackframe, then the next outer one correctly cleans up and
* resets the talloc_tos().
The original motivation for this patch was to get rid of the
sid_string_static & friends buffers. Explicitly passing talloc context
everywhere clutters code too much for my taste, so an implicit
talloc_tos() is introduced here. Many of these static buffers are
replaced by a single static pointer.
The intended use would thus be that low-level functions can rather
freely push stuff to talloc_tos, the upper layers clean up by freeing
the stackframe. The more of these stackframes are used and correctly
freed the more exact the memory cleanup happens.
This patch removes the main_loop_talloc_ctx, tmp_talloc_ctx and
lp_talloc_ctx (did I forget any?)
So, never do a
tmp_ctx = talloc_init("foo");
anymore, instead, use
tmp_ctx = talloc_stackframe()
:-)
Volker
(This used to be commit 6585ea2cb7f417e14540495b9c7380fe9c8c717b)
|
|
Guenther
(This used to be commit 42abe8450b0fc3c9f8d768fadbd5e6b0a6c1bfc3)
|
|
attached patches add EA support for Solaris. If no one disagrees, can
someone check this in please?
metze
(This used to be commit 81e5afc363e1f0bdc4768c0f5c696f4152fe5b44)
|
|
Guenther
(This used to be commit f959a0f152956429d8b525a55f99cbe2963504d6)
|
|
(This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07)
|
|
Jeremy.
(This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
|
|
(This used to be commit 4c04059f7dfa0096c9f3249b55269f7335137f48)
|
|
of default
keytabnames (like "ANY:FILE:/etc/krb5.keytab,krb4:/etc/srvtab"). This also
fixes keytab support with Heimdal (which supports the WRFILE pragma as well
now).
Guenther
(This used to be commit 7ca002f4cc9ec4139c0c48952ebf05f89b5795ef)
|
|
We were incorrectly using the renew_till timestamp instead of the renewed
ticket's endtime to calculate the next refreshing date.
Guenther
(This used to be commit aa3511a5b5e6a96a02110a7ad0ab1d43e6d25766)
|
|
The global options are stored as values in the subkey "global"
of the SMBCONF registry key.
The activation is accomplished in smb.conf though a new special
semantic of the "include" parameter: "include = registry" triggers
the processing of the registry global options exactly at the
position of the include statement. Options read from the registry
take the same precedence as parameters loaded from a file via
include. Need to reload the registry globals is detected by
watching the tdb sequence number.
Registry shares are automatically activated when the registry
globals are processed.
So a "registry only" configuration can be realized by an
smb.conf that looks as follows:
================================
[global]
include = registry
================================
The global options and registry shares can be conveniently
edited with the "net conf" utility.
Caveat:
A possible pitfall consists in using "include = registry"
together with the "lock directory" directive in the registry.
This problem will be addressed in the next time.
Note on the code:
Processing of the registry options is accomplished by a function
process_registry_globals() in loadparm.c The current version is
only an interim solution: It is handcoded instead of using the
infrastructure of reg_api.c. The reason for this is that using
reg_api still has too large linker dependencies, bloating virtually
all targets by PASSDB_OBJ, SMBLDAP_OBJ, GROUPDB_OBJ and LDB stuff.
A version of process_registry_globals that uses reg_api is
included but commented out. The goal is to eventually refactor
and restructure the registry code so that one can use the reg_api
to access only the registry tdb and not link all the dynamic
backends with all their linking implications.
(This used to be commit 24b0cbcb3741dd14b04728448a85cc04a057e7d0)
|
|
I'm 100% certain I've forgotten to merge something, but the main code
should be in. It's mainly in dbwrap_ctdb.c, ctdbd_conn.c and
messages_ctdbd.c.
There should be no changes to the non-cluster case, it does survive make
test on my laptop.
It survives some very basic tests with ctdbd enables, I did not do the
full test suite for clusters yet.
Phew...
Volker
(This used to be commit 15553d6327a3aecdd2b0b94a3656d04bf4106323)
|
|
headers on HP-UX (lber_types.h defines _LBER_TYPES_H).
metze
(This used to be commit bd1b28dd3e47c2f244baba4a239b0d6dca57f2d2)
|
|
as we can't replace this function in libreplace and we do
the some stuff for other function in the same way.
metze
(This used to be commit 5e9b84326b4c65799e6fa6550de870d9a7ebba85)
|
|
call renames for svcctl in the previous commit
(This used to be commit ebcae48ec10fefa74efcc3563cff50e3b9c2388c)
|
|
SAMBA_3_0_26
(This used to be commit 0b1bc3521fac52f3164b6cc9e053abc3ceabf5e7)
|
|
(This used to be commit 22a3ea40ac69fa3722abf28db845ab284a65ad97)
|
|
doing this because for the clustering the marshalling is needed in more
than one place, so I wanted a decent routine to marshall a message_rec
struct which was not there before.
Tridge, this seems about the same speed as it used to be before, the
librpc/ndr overhead in my tests was under the noise.
Volker
(This used to be commit eaefd00563173dfabb7716c5695ac0a2f7139bb6)
|
|
preparation of
adding GPO security filtering for libgpo).
Guenther
(This used to be commit b376a39fbf42a6a541fd311418c4a980b9fd4b9e)
|
|
different
database backends in place dynamically.
The main abstractions are db_context and db_record, it should be mainly
self-describing, see include/dbwrap.h. You open the db just as you would open
a tdb, this time with db_open(). If you want to fetch a record, just do the
db->fetch() call, if you want to do operations on it, you need to get it with
fetch_locked().
I added dbwrap_file.c (not heavily tested lately) as an example for what can
be done with that abstraction, uses a file per key. So if anybody is willing
to shape that up, we might have a chance on reiserfs again.... :-)
This abstraction works fine for brlock.tdb, locking.tdb, connections.tdb and
sessionid.tdb. It should work fine for the others as well, I just did not yet
get around to convert them.
If nobody loudly screams NO, then I will import the code that uses this soon.
Volker
(This used to be commit e9d7484ca246cfca4a1fd23be35edc2783136ebe)
|
|
Guenther
(This used to be commit 9ec76c542775ae58ff03f42ebfa1acc1a63a1bb1)
|
|
hidden by
KRB5_PRIVATE in MIT and doesn't exist on Heimdal).
Guenther
(This used to be commit 664db1cff674073c8eeaf69256a73d11e7ed9e3c)
|
|
and make the functions static.
also use libreplace headers in tdbbackup.c
metze
(This used to be commit 1ca12b1c9e7e8267fa13a40ebeb2bdcd199237de)
|
|
Jeremy.
(This used to be commit 4de297112b9d87e58d870889007001169265e084)
|
|
Jeremy.
(This used to be commit b70af25e851b2695e552b10f1befb16e336fb36f)
|
|
call as smb_krb5_locate_kdc to prevent incorrect linking
and crashes on Solaris.
Jeremy.
(This used to be commit 7d30737c8d851505e81a60443baf9a8c7e523472)
|
|
contexts....
Jeremy.
(This used to be commit ae8f3649f773b8a8dcb55921536d038d3475322e)
|
|
Jeremy.
(This used to be commit fbc569b530104679e47fe743963eb0c4384de6ae)
|
|
Jeremy.
(This used to be commit a226645353a40047b72de1b96c3a7676a2bf1034)
|
|
functions that take a gss context handle in includes.h
Jeremy.
(This used to be commit 638b03242d4a6b1df2477dad19240ed61a14a5a3)
|
|
to return a NT_STATUS_TIME_DIFFERENCE_AT_DC error to
a client when there's clock skew. Will help people
debug this. Prepare us for being able to return the
correct sessionsetupX "NT_STATUS_MORE_PROCESSING_REQUIRED"
error with associated krb5 clock skew error to allow
clients to re-sync time with us when we're eventually
able to be a KDC.
Jeremy.
(This used to be commit c426340fc79a6b446033433b8de599130adffe28)
|
|
calling convention in the latest MIT changes. Apparantly Heimdal
is also changing to this calling convention.
(This used to be commit c29c69d2df377fabb88a78e6f5237de106d5c2c5)
|
|
For the winbind cached ADS LDAP connection handling
(ads_cached_connection()) we were (incorrectly) assuming that the
service ticket lifetime equaled the tgt lifetime. For setups where the
service ticket just lives 10 minutes, we were leaving hundreds of LDAP
connections in CLOSE_WAIT state, until we fail to service entirely with
"Too many open files".
Also sequence_number() in winbindd_ads.c needs to delete the cached LDAP
connection after the ads_do_search_retry() has failed to submit the
search request (although the bind succeeded (returning an expired
service ticket that we cannot delete from the memory cred cache - this
will get fixed later)).
Guenther
(This used to be commit 7e1a84b7226fb8dcd5d34c64a3478a6d886a9a91)
|
|
Guenther
(This used to be commit ea38e1f8362d75e7ac058a7c4aa06f1ca92ec108)
|
|
and the
resulting marshalling/unmarshalling routines in gen_ndr/
Volker
(This used to be commit a2ea54c23456925a8ed317edb1adf82d074041fc)
|
|
problems in the nss_info interface when HAVE_LDAP is undefined.
* Revert previous ifdef HAVE_ADS brakets
* Remove an unused init function wrapper.
(This used to be commit 2ba353848b6d8d36520e7fd82576653a39c602cd)
|
|
(This used to be commit 91fdbd4cf5f8fe44adcbe8dc8ef38579a8306c39)
|
|
(This used to be commit 7011a1b5abc7d56da5beba904e3328014f315f0d)
|
|
This allows a provider to supply the homedirectory, etc...
attributes for a user without requiring support in core
winbindd code. The idmap_ad.c module has been modified
to provide the idmap 'ad' library as well as the rfc2307 and sfu
"winbind nss info" support.
The SID/id mapping is working in idmap_ad but the nss_info
still has a few quirks that I'm in the process of resolving.
(This used to be commit aaec0115e2c96935499052d9a637a20c6445986e)
|
|
(This used to be commit d10dd47fb8908a4372aa6932e40b23189784522c)
|
|
this is done by libreplace...
this hopefully fixes the build on HPUX 11.00
metze
(This used to be commit eed50e104794d855b204cfea52626f47b6fa3f52)
|
|
(This used to be commit c142b629c8f08597519a754a8fb78b7708279f75)
|
|
(This used to be commit e37132f219bb9ef52c7fc9b396bd272dd5abca70)
|
|
string the clis_state struct. So call saf_store() after we
have the short domain name in the lsa_query_inof_policy code.
* Remove unused server string in saf_delete()
(This used to be commit 3eddae2f2080f8dafec883cb9ffa2e578c242607)
|
|
see discussion on samba-technical
(This used to be commit 1ad563286f00be0d72930b81b10cb74f13c5fbff)
|
|
x, so we can't get at them even if we wanted to.
Kerberos experts, please take a look to make sure I've done the
right thing!
(This used to be commit 9b8e179fcc1fb877e8601bfd242ee1fd615b554c)
|
|
this fixes the quota detection configure and maybe more
configure tests
metze
(This used to be commit a3a082c42ccb21cb16d2e53991808ef3224efc6c)
|
|
metze
(This used to be commit 5d16aa61c6c5e284f6ff742dbf686493e4539c79)
|
|
use to reg_objects.h
* Remove unused rpc headers
(This used to be commit 4f79d8c83db5af80078114e9fb39171380d040b1)
|
|
(I just removed the only reference to poll() in my last commit)
they were added in this commit, without make usage of them.
http://cvs.samba.org/cgi-bin/cvsweb/samba/source/configure.in.diff?r1=1.21&r2=1.22&f=h
http://cvs.samba.org/cgi-bin/cvsweb/samba/source/include/includes.h.diff?r1=1.105&r2=1.106&f=h
metze
(This used to be commit b852cf46c213b2e059a66cbe0d058ed063c37957)
|
|
Guenther
(This used to be commit 9da91022f9fa0e6610a235ddd2130c8b01d6f1c5)
|