Age | Commit message (Collapse) | Author | Files | Lines |
|
We need to be able to give sensible error messages when a kerberos
calls fails. This propogates the kerberos error up the stack to the
caller.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
This reverts commit 69d5cea2e59162f19460e7ce4b6382fc5fdd6ca0.
This commit causes issues with the RPC server, revert it until we find the
exact issue and possibly have a torture test to avoid it happening again.
Found playing with w2k8r2 and forest trusts.
|
|
After looking at the s4 side of the (s)channel :) I found out that it makes
more sense to simply make it use the tdb based code than redo the same changes
done to s3 to simplify the interface.
Ldb is slow, to the point it needs haks to pre-open the db to speed it up, yet
that does not solve the lookup speed, with ldb it is always going to be slower.
Looking through the history it is evident that the schannel database doesn't
really need greate expanadability. And lookups are always done with a single
Key. This seem a perfet fit for tdb while ldb looks unnecessarily complicated.
The schannel database is not really a persistent one. It can be discared during
an upgrade without causing any real issue. all it contains is temproary session
data.
|
|
|
|
|
|
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
|
|
"binary_smbd_main" function
Just to be consistent - no functional change
|
|
We need to free the lp_ctx after we free the event context, otherwise
the teardown code in the notify backend dies when it tries to use the
iconv_convenience ptr
Fixes bug 7053
|
|
This task watches for changes in the list of DCs, and creates a bind9
formatted file that grants update permission to all DCs, plus to the
administration, and machines update for their own names.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
|
|
we're still not weaned off event_context_find()
|
|
metze
|
|
metze
|
|
|
|
This will be used to allow us to cancel any pending transactions
after a fork.
|
|
By pre-opening these databases and leaving them open, we allow the new
ldb_wrap_connect() code to share the ldb context between users.
|
|
|
|
|
|
|
|
When one of our core tasks fails to initialise it can now ask for the
server as a whole to die, rather than limping along in a degraded
state.
|
|
metze
|
|
A KCC is a 'Knowledge Consistency Checker', a fancy name for a daemon
that works out who will replicate with who in a AD domain. This
implements an extremely simple KCC task that just wants to replicate
with everyone :-)
|
|
Previously we relied on process groups and SIGTERM to ensure that
child tasks died in the standard process model when the parent task
died. This doesn't work when the server is run in interactive mode, as
in that case we don't call become_daemon() and don't get a separate
process group.
The fix is to have a pipe held open by the parent server process, and
inherited by child tasks. If the parent exits then the write side of
the pipe is implicitly closed, which causes an event in the child
tasks that causes them to exit
|
|
While testing the use of the standard process model with 'make test' I
found that testing was much slower (by several times) with the
standard model than with the single model. The primary problem was
that each SMB connection would open a new sam ldb context, and all of
those would reload the full AD schema.
The fix is to pre-open the SAM during server startup, before any child
processes are forked. This sets up the global schema context which is
inherited by all connections.
The standard model is still slower at make test than the single model,
but not by nearly as much. I am working on further reducing the gap.
|
|
|
|
metze
|
|
metze
|
|
metze
|
|
|
|
metze
|
|
metze
|
|
metze
|
|
metze
|
|
|
|
metze
|
|
for sockets
metze
|
|
metze
|
|
list=""
list="$list event_context:tevent_context"
list="$list fd_event:tevent_fd"
list="$list timed_event:tevent_timer"
for s in $list; do
o=`echo $s | cut -d ':' -f1`
n=`echo $s | cut -d ':' -f2`
r=`git grep "struct $o" |cut -d ':' -f1 |sort -u`
files=`echo "$r" | grep -v source3 | grep -v nsswitch | grep -v packaging4`
for f in $files; do
cat $f | sed -e "s/struct $o/struct $n/g" > $f.tmp
mv $f.tmp $f
done
done
metze
|
|
We don't need a full copy of ctdb...
If we want to readd cluster support,
we should just use a ctdb client library.
metze
|
|
warnings.
|
|
|
|
We should only include events.h where we really need it
and prefer forward declarations of 'struct event_context'
metze
|
|
the dom_sid). No longer include it from security.idl.
|
|
For now implement just a very simple protocol
to negotiate the transport session info.
We may need to pass more info later,
e.g. client ip or name...
metze
|
|
|
|
remove some unused functions.
|
|
|
|
|
|
|