svn commit: samba r16119 - in branches/SAMBA_3_0_RELEASE: . source
source/libads source/nsswitch source/profile source/smbd
source/utils
jerry at samba.org
jerry at samba.org
Fri Jun 9 12:25:26 GMT 2006
Author: jerry
Date: 2006-06-09 12:25:25 +0000 (Fri, 09 Jun 2006)
New Revision: 16119
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=16119
Log:
pulling changes from 3_0 up to r16117
Modified:
branches/SAMBA_3_0_RELEASE/WHATSNEW.txt
branches/SAMBA_3_0_RELEASE/source/aclocal.m4
branches/SAMBA_3_0_RELEASE/source/configure.in
branches/SAMBA_3_0_RELEASE/source/libads/ldap.c
branches/SAMBA_3_0_RELEASE/source/libads/util.c
branches/SAMBA_3_0_RELEASE/source/nsswitch/winbindd_group.c
branches/SAMBA_3_0_RELEASE/source/profile/profile.c
branches/SAMBA_3_0_RELEASE/source/smbd/trans2.c
branches/SAMBA_3_0_RELEASE/source/utils/net_ads.c
Changeset:
Modified: branches/SAMBA_3_0_RELEASE/WHATSNEW.txt
===================================================================
--- branches/SAMBA_3_0_RELEASE/WHATSNEW.txt 2006-06-09 11:53:35 UTC (rev 16118)
+++ branches/SAMBA_3_0_RELEASE/WHATSNEW.txt 2006-06-09 12:25:25 UTC (rev 16119)
@@ -42,6 +42,7 @@
* Fix bug in OS/2 Warp - it doesn't set the ff_last offset
correctly when doing info level 1 directory scans.
* Add Samba4 replacement for timegm() to work on Solaris.
+ * Remove extra add-byte in the trans2 UNIX_BASIC infolevel.
o Gerald (Jerry) Carter <jerry at samba.org>
@@ -60,6 +61,10 @@
* Adding "own-domain" switch to wbinfo which is handy from time
to time.
* BUG 3823: Fix in-forest domain trust enumeration in winbindd.
+ * Fix winbindd group enumeration for groups with no members.
+ * Correct "net ads changetrustpw" to use the sAMAccountName.
+ * Fix winbindd in ADS domains by removing code using the
+ UPN and rely upon the sAMAccountName.
o Aleksey Fedoseev <fedoseev at ru.ibm.com>
@@ -70,6 +75,11 @@
* Properly rebuild time limit on systems with executable extensions.
+o Björn Jacke <samba at j3e.de>
+ * Fall back to less-preferred clocks until we find one that we
+ can use if clock_gmtime() is not available at run-time.
+
+
o Volker Lendecke <vl at samba.org>
* Fix more potential seg-faults when something on our way to a
DC connection fails.
@@ -110,6 +120,7 @@
parameters in dynconfig.c.
* Avoid pulling in -lpthreads caused by -lrt.
* Fix build failures on IRIX 6.4 due to DMAPI support.
+ * Isolate the slow CLOCK_REALTIME message in the profiling code.
o Aruna Prabakar <aruna.prabakar at hp.com>
Modified: branches/SAMBA_3_0_RELEASE/source/aclocal.m4
===================================================================
--- branches/SAMBA_3_0_RELEASE/source/aclocal.m4 2006-06-09 11:53:35 UTC (rev 16118)
+++ branches/SAMBA_3_0_RELEASE/source/aclocal.m4 2006-06-09 12:25:25 UTC (rev 16119)
@@ -839,10 +839,17 @@
dnl Execute the corresponding user action list.
AC_DEFUN([SMB_IS_LIBPTHREAD_LINKED],
[
+ AC_MSG_CHECKING(if libpthread is linked)
AC_TRY_LINK([],
[return pthread_create(0, 0, 0, 0);],
- [$1],
- [$2])
+ [
+ AC_MSG_RESULT(yes)
+ $1
+ ],
+ [
+ AC_MSG_RESULT(no)
+ $2
+ ])
])
dnl SMB_REMOVE_LIB(lib)
@@ -943,3 +950,34 @@
fi
])
+
+dnl SMB_CHECK_CLOCK_ID(clockid)
+dnl Test whether the specified clock_gettime clock ID is available. If it
+dnl is, we define HAVE_clockid
+AC_DEFUN([SMB_CHECK_CLOCK_ID],
+[
+ AC_MSG_CHECKING(for $1)
+ AC_TRY_LINK([
+#if TIME_WITH_SYS_TIME
+# include <sys/time.h>
+# include <time.h>
+#else
+# if HAVE_SYS_TIME_H
+# include <sys/time.h>
+# else
+# include <time.h>
+# endif
+#endif
+ ],
+ [
+clockid_t clk = $1;
+ ],
+ [
+ AC_MSG_RESULT(yes)
+ AC_DEFINE(HAVE_$1, 1,
+ [Whether the clock_gettime clock ID $1 is available])
+ ],
+ [
+ AC_MSG_RESULT(no)
+ ])
+])
Modified: branches/SAMBA_3_0_RELEASE/source/configure.in
===================================================================
--- branches/SAMBA_3_0_RELEASE/source/configure.in 2006-06-09 11:53:35 UTC (rev 16118)
+++ branches/SAMBA_3_0_RELEASE/source/configure.in 2006-06-09 12:25:25 UTC (rev 16119)
@@ -2053,8 +2053,13 @@
[
SMB_IS_LIBPTHREAD_LINKED(
[ SMB_REMOVELIB(rt) ],
- [ AC_DEFINE(HAVE_CLOCK_GETTIME, 1,
- [Whether clock_gettime is available]) ])
+ [
+ AC_DEFINE(HAVE_CLOCK_GETTIME, 1,
+ [Whether clock_gettime is available])
+ SMB_CHECK_CLOCK_ID(CLOCK_MONOTONIC)
+ SMB_CHECK_CLOCK_ID(CLOCK_PROCESS_CPUTIME_ID)
+ SMB_CHECK_CLOCK_ID(CLOCK_REALTIME)
+ ])
])
fi
Modified: branches/SAMBA_3_0_RELEASE/source/libads/ldap.c
===================================================================
--- branches/SAMBA_3_0_RELEASE/source/libads/ldap.c 2006-06-09 11:53:35 UTC (rev 16118)
+++ branches/SAMBA_3_0_RELEASE/source/libads/ldap.c 2006-06-09 12:25:25 UTC (rev 16119)
@@ -287,9 +287,13 @@
not servicePrincipalName; found by Guenther Deschner @ Sernet.
Is this still correct? The comment does not match
- the code. --jerry */
+ the code. --jerry
+
+ Yes it is :)
+ - Guenther
+ */
- asprintf(&ads->auth.user_name, "host/%s", global_myname() );
+ asprintf(&ads->auth.user_name, "%s$", global_myname() );
}
if (!ads->auth.realm) {
Modified: branches/SAMBA_3_0_RELEASE/source/libads/util.c
===================================================================
--- branches/SAMBA_3_0_RELEASE/source/libads/util.c 2006-06-09 11:53:35 UTC (rev 16118)
+++ branches/SAMBA_3_0_RELEASE/source/libads/util.c 2006-06-09 12:25:25 UTC (rev 16119)
@@ -26,7 +26,6 @@
{
char *password;
char *new_password;
- char *service_principal;
ADS_STATUS ret;
uint32 sec_channel_type;
@@ -37,10 +36,8 @@
new_password = generate_random_str(DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH);
- asprintf(&service_principal, "HOST/%s", host_principal);
+ ret = kerberos_set_password(ads->auth.kdc_server, host_principal, password, host_principal, new_password, ads->auth.time_offset);
- ret = kerberos_set_password(ads->auth.kdc_server, service_principal, password, service_principal, new_password, ads->auth.time_offset);
-
if (!ADS_ERR_OK(ret)) {
goto failed;
}
@@ -53,14 +50,13 @@
/* Determine if the KDC is salting keys for this principal in a
* non-obvious way. */
- if (!kerberos_derive_salting_principal(service_principal)) {
- DEBUG(1,("Failed to determine correct salting principal for %s\n", service_principal));
+ if (!kerberos_derive_salting_principal(host_principal)) {
+ DEBUG(1,("Failed to determine correct salting principal for %s\n", host_principal));
ret = ADS_ERROR_SYSTEM(EACCES);
goto failed;
}
failed:
- SAFE_FREE(service_principal);
SAFE_FREE(password);
return ret;
}
Modified: branches/SAMBA_3_0_RELEASE/source/nsswitch/winbindd_group.c
===================================================================
--- branches/SAMBA_3_0_RELEASE/source/nsswitch/winbindd_group.c 2006-06-09 11:53:35 UTC (rev 16118)
+++ branches/SAMBA_3_0_RELEASE/source/nsswitch/winbindd_group.c 2006-06-09 12:25:25 UTC (rev 16119)
@@ -789,7 +789,7 @@
/* Append to group membership list */
gr_mem_list = SMB_REALLOC( gr_mem_list, gr_mem_list_len + gr_mem_len);
- if (!gr_mem_list) {
+ if (!gr_mem_list && (group_list[group_list_ndx].num_gr_mem != 0)) {
DEBUG(0, ("out of memory\n"));
gr_mem_list_len = 0;
break;
Modified: branches/SAMBA_3_0_RELEASE/source/profile/profile.c
===================================================================
--- branches/SAMBA_3_0_RELEASE/source/profile/profile.c 2006-06-09 11:53:35 UTC (rev 16118)
+++ branches/SAMBA_3_0_RELEASE/source/profile/profile.c 2006-06-09 12:25:25 UTC (rev 16119)
@@ -30,6 +30,7 @@
static BOOL read_only;
#if defined(HAVE_CLOCK_GETTIME)
clockid_t __profile_clock;
+BOOL have_profiling_clock = False;
#endif
#endif
@@ -62,6 +63,19 @@
(int)procid_to_pid(&src)));
break;
case 2: /* turn on complete profiling */
+
+#if defined(HAVE_CLOCK_GETTIME)
+ if (!have_profiling_clock) {
+ do_profile_flag = True;
+ do_profile_times = False;
+ DEBUG(1,("INFO: Profiling counts turned ON from "
+ "pid %d\n", (int)procid_to_pid(&src)));
+ DEBUGADD(1,("INFO: Profiling times disabled "
+ "due to lack of a suitable clock\n"));
+ break;
+ }
+#endif
+
do_profile_flag = True;
do_profile_times = True;
DEBUG(1,("INFO: Full profiling turned ON from pid %d\n",
@@ -100,28 +114,74 @@
open the profiling shared memory area
******************************************************************/
#ifdef WITH_PROFILE
+
+#ifdef HAVE_CLOCK_GETTIME
+
+/* Find a clock. Just because the definition for a particular clock ID is
+ * present doesn't mean the system actually supports it.
+ */
+static void init_clock_gettime(void)
+{
+ struct timespec ts;
+
+ have_profiling_clock = False;
+
+#ifdef HAVE_CLOCK_PROCESS_CPUTIME_ID
+ /* CLOCK_PROCESS_CPUTIME_ID is sufficiently fast that the
+ * always profiling times is plausible. Unfortunately on Linux
+ * it is only accurate if we can guarantee we will not be scheduled
+ * scheduled onto a different CPU between samples. Until there is
+ * some way to set processor affinity, we can only use this on
+ * uniprocessors.
+ */
+ if (!this_is_smp()) {
+ if (clock_gettime(CLOCK_PROCESS_CPUTIME_ID, &ts) == 0) {
+ DEBUG(10, ("Using CLOCK_PROCESS_CPUTIME_ID "
+ "for profile_clock\n"));
+ __profile_clock = CLOCK_PROCESS_CPUTIME_ID;
+ have_profiling_clock = True;
+ }
+ }
+#endif
+
+#ifdef HAVE_CLOCK_MONOTONIC
+ if (!have_profiling_clock &&
+ clock_gettime(CLOCK_MONOTONIC, &ts) == 0) {
+ DEBUG(10, ("Using CLOCK_MONOTONIC for profile_clock\n"));
+ __profile_clock = CLOCK_MONOTONIC;
+ have_profiling_clock = True;
+ }
+#endif
+
+#ifdef HAVE_CLOCK_REALTIME
+ /* POSIX says that CLOCK_REALTIME should be defined everywhere
+ * where we have clock_gettime...
+ */
+ if (!have_profiling_clock &&
+ clock_gettime(CLOCK_REALTIME, &ts) == 0) {
+ __profile_clock = CLOCK_REALTIME;
+ have_profiling_clock = True;
+
+ SMB_WARN(__profile_clock != CLOCK_REALTIME,
+ ("forced to use a slow profiling clock"));
+ }
+
+#endif
+
+ SMB_WARN(have_profiling_clock == True,
+ ("could not find a working clock for profiling"));
+ return;
+}
+#endif
+
BOOL profile_setup(BOOL rdonly)
{
struct shmid_ds shm_ds;
read_only = rdonly;
-#if defined(HAVE_CLOCK_GETTIME)
- if (this_is_smp()) {
- /* This is faster that gettimeofday, but not fast enough to
- * leave it enabled in production.
- */
- __profile_clock = CLOCK_MONOTONIC;
- } else {
- /* CLOCK_PROCESS_CPUTIME_ID is sufficiently fast that the
- * always profiling times is plausible. Unfortunately it is
- * only accurate if we can guarantee we will not be scheduled
- * onto a different CPU between samples. Until there is some
- * way to set processor affinity, we can only use this on
- * uniprocessors.
- */
- __profile_clock = CLOCK_PROCESS_CPUTIME_ID;
- }
+#ifdef HAVE_CLOCK_GETTIME
+ init_clock_gettime();
#endif
again:
Modified: branches/SAMBA_3_0_RELEASE/source/smbd/trans2.c
===================================================================
--- branches/SAMBA_3_0_RELEASE/source/smbd/trans2.c 2006-06-09 11:53:35 UTC (rev 16118)
+++ branches/SAMBA_3_0_RELEASE/source/smbd/trans2.c 2006-06-09 12:25:25 UTC (rev 16119)
@@ -3431,7 +3431,7 @@
SIVAL(pdata,0,sbuf.st_nlink); /* number of hard links */
SIVAL(pdata,4,0);
- pdata += 8+1;
+ pdata += 8;
data_size = PTR_DIFF(pdata,(*ppdata));
{
Modified: branches/SAMBA_3_0_RELEASE/source/utils/net_ads.c
===================================================================
--- branches/SAMBA_3_0_RELEASE/source/utils/net_ads.c 2006-06-09 11:53:35 UTC (rev 16118)
+++ branches/SAMBA_3_0_RELEASE/source/utils/net_ads.c 2006-06-09 12:25:25 UTC (rev 16119)
@@ -1529,19 +1529,19 @@
fstrcpy(my_name, global_myname());
strlower_m(my_name);
- asprintf(&host_principal, "%s@%s", my_name, ads->config.realm);
- d_printf("Changing password for principal: HOST/%s\n", host_principal);
+ asprintf(&host_principal, "%s$@%s", my_name, ads->config.realm);
+ d_printf("Changing password for principal: %s\n", host_principal);
ret = ads_change_trust_account_password(ads, host_principal);
if (!ADS_ERR_OK(ret)) {
- d_fprintf(stderr, "Password change failed :-( ...\n");
+ d_fprintf(stderr, "Password change failed: %s\n", ads_errstr(ret));
ads_destroy(&ads);
SAFE_FREE(host_principal);
return -1;
}
- d_printf("Password change for principal HOST/%s succeeded.\n", host_principal);
+ d_printf("Password change for principal %s succeeded.\n", host_principal);
if (lp_use_kerberos_keytab()) {
d_printf("Attempting to update system keytab with new password.\n");
More information about the samba-cvs
mailing list