Age | Commit message (Collapse) | Author | Files | Lines |
|
This matches Windows 2008 behavior. Name releases are just ignored.
metze
|
|
|
|
This allows us to reuse a ldb context if it is open twice, instead
of going through the expensive process of a full ldb open. We can
reuse it if all of the parameters are the same.
The change relies on callers using talloc_unlink() or free of a parent
to close a ldb context.
|
|
This patch adds a system_session cache, preventing us from having to
recreate it on every ldb open, and allowing us to detect when the same
session is being used in ldb_wrap
|
|
|
|
Empty attributes are no longer allowed by ldb. This also fixes the
error checking in winsdb_message()
This fixes the samba4.nbt.winsreplication test
|
|
We were creating the name resolution context as a child of lp_ctx,
which meant when we gave up on a connection the timer on name
resolution kept running, and when it timed out the callback crashed as
the socket was already removed.
|
|
When one of our core tasks fails to initialise it can now ask for the
server as a whole to die, rather than limping along in a degraded
state.
|
|
These references were triggering the ambiguous talloc_free errors from
the recent talloc changes when the server is run using the 'standard'
process model instead of the 'single' process model. I am aiming to
move the build farm to use the 'standard' process model soon, as part
of an effort to make our test environment better match the real
deployment of Samba4.
The references are not needed as the way that the event context is
used is as the 'top parent', so when the event context is freed then
all of the structures that were taking a reference to the event
context were actually freed as well, thus making the references
redundent.
|
|
|
|
|
|
|
|
A single AD server can only host a single domain, so don't stuff about
with looking up our crossRef record in the cn=Partitions container.
We instead trust that lp_realm() and lp_workgroup() works correctly.
Andrew Bartlett
|
|
|
|
metze
|
|
metze
|
|
metze
|
|
The only 2 modules escaping the rule so far are rootdse and partitions
|
|
Separate again the public from the private headers.
Add a new header specific for modules.
Also add service function for modules as now ldb_context and ldb_module are
opaque structures for them.
|
|
metze
(from samba4wins tree ba45b14b48f62eb1668509738f83fa17a4ce95fd)
|
|
metze
(from samba4wins tree e54b2d3ddbf338fe5d9802724e76f320fd4423e5)
|
|
metze
(from samba4wins tree 0f2995f77ab092d71e539c2473c94956f9c253fb)
|
|
Add an option to propagate name releases directly.
This make the results for #1C name queries more consistent
among all servers.
It's off by default to match windows.
metze
(from samba4wins tree 166e9fdffb9f4e26513c3b4ec1f6f168ecbe18f8)
|
|
We also take the ownership if the record isn't owned.
This matches windows...
metze
(from samba4wins tree d7b19339c0444cbe0989fcfa91a22323215d2f6b)
|
|
This fixes a bug where #1C addresses are registered with different
WINS-Servers and a merged #1C record.
metze
(from samba4wins tree 72e055394a0fd1f543be9c196b4179356a1033f6)
|
|
metze
(from samba4wins tree 8035601da7c7e8b65fe1d82c2654c412fa169338)
|
|
We may send requests packets (WACK challenges or similar things)
via a different udp socket than the socket we receive the
matching response. We need to setup an unexpected handler
on the nbt sockets and redirect responses to the correct
nbt_socket. (By redirect I mean we use the correct
nbt_socket structure, we're *not* resending the packet
with sendto() via the kernel...)
metze
(from samba4wins tree 7ce8e705e5a9aabb787d17fbec7a078d9d6780dc)
|
|
metze
(from samba4wins tree 8eb30add7c95672a85b4084b4a3dbfa78db820c4)
|
|
This fixes the following bug:
While we reply with a WACK response to a client.
Instead of waiting for the final reply some
windows client just resends the request using
the same name_trn_id in the nbt_name_packet.
We handled this as a new request and send a
WACK response (and the challenges) again.
Then the first request gets its final success
response, but the when we try to send the success
for the "second" request we notice that
the record was changed in between and we return
an error.
Windows 2003 (and I assume all other versions as well)
detect the packet is just a resent of a currently pending
request and ignores it.
So we now keep a list of all pending WINS name register
requests which result in a WACK response. On each incoming
name register request we search through the list to find
duplicate requests and ignore them. In theory we should
do that for all requests, but name register requests
are the only requests we response async and only
if we have to go via the WACK code path.
metze
(from samba4wins tree 382e7d384b70d03e9f81c7bb353afaed288d80f0)
|
|
list=""
list="$list event_context:tevent_context"
list="$list fd_event:tevent_fd"
list="$list timed_event:tevent_timer"
for s in $list; do
o=`echo $s | cut -d ':' -f1`
n=`echo $s | cut -d ':' -f2`
r=`git grep "struct $o" |cut -d ':' -f1 |sort -u`
files=`echo "$r" | grep -v source3 | grep -v nsswitch | grep -v packaging4`
for f in $files; do
cat $f | sed -e "s/struct $o/struct $n/g" > $f.tmp
mv $f.tmp $f
done
done
metze
|
|
|
|
|
|
remove some unused functions.
|
|
|
|
|
|
|
|
This reverts commit 05ea5e23cf4e70de0bd658b1c5c0ead133967091.
Conflicts:
source4/smbd/server.c
|
|
The previous ldb_search() interface made it way too easy to leak results,
and being able to use a printf-like expression turns to be really useful.
|
|
Guenther
|
|
Guenther
|
|
This reverts commit 0e9008be35a5b334bd65e6417193d4b8f27bdc36.
|
|
|
|
metze
(This used to be commit 861b79c91fb39b6b7f40d57000770f0f839e6c59)
|
|
Don't reopen the samdb for every netlogon packet, and use the
system_session(), as we must access data not available to anonymous.
Perhaps we should consider a 'authenticated but not system' token, if
we want more control on this.
Andrew Bartlett
(This used to be commit d10c9b71ea7f2670c4ea5ec569bcb7f49ec41362)
|
|
metze
(This used to be commit 5ff4ffd162339583c7f6ebee0c8a2efc30d8b65f)
|
|
This now handles checking if the user exists, including validating the
ACB mask on the user.
This would be a nasty security hole, if Kerberos did not already
expose this information anonymously...
Andrew Bartlett
(This used to be commit 441b286c00f9a7743cdefeb243545bdbd2c94c5e)
|
|
(This used to be commit 7594f79db6a0e8a46e2863829e5e050b03dfaec1)
|
|
I can't tell the difference between the NTLOGON and NETLOGON behaviour
on these pipes, and this 'exception' turned out to be alignment
dependent, not pipe dependent.
Andrew Bartlett
(This used to be commit bf1b99aff2a8feaee5f57c7530bc81d447e5d765)
|
|
We would return NT_STATUS_NO_LOGON_SERVERS in all cases, which was
less than helpful.
Andrew Bartlett
(This used to be commit 5dfa316b3636718ffc6fd26cf7a397a797bd2ac1)
|
|
Andrew Bartlett
(This used to be commit 8753ced2f4ee25cd5eff011f66f8e37f9807bdaf)
|