svn commit: samba r16119 - in branches/SAMBA_3_0_RELEASE: . source source/libads source/nsswitch source/profile source/smbd source/utils

jerry at samba.org jerry at samba.org
Fri Jun 9 12:25:26 GMT 2006


Author: jerry
Date: 2006-06-09 12:25:25 +0000 (Fri, 09 Jun 2006)
New Revision: 16119

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=16119

Log:
pulling changes from 3_0 up to r16117
Modified:
   branches/SAMBA_3_0_RELEASE/WHATSNEW.txt
   branches/SAMBA_3_0_RELEASE/source/aclocal.m4
   branches/SAMBA_3_0_RELEASE/source/configure.in
   branches/SAMBA_3_0_RELEASE/source/libads/ldap.c
   branches/SAMBA_3_0_RELEASE/source/libads/util.c
   branches/SAMBA_3_0_RELEASE/source/nsswitch/winbindd_group.c
   branches/SAMBA_3_0_RELEASE/source/profile/profile.c
   branches/SAMBA_3_0_RELEASE/source/smbd/trans2.c
   branches/SAMBA_3_0_RELEASE/source/utils/net_ads.c


Changeset:
Modified: branches/SAMBA_3_0_RELEASE/WHATSNEW.txt
===================================================================
--- branches/SAMBA_3_0_RELEASE/WHATSNEW.txt	2006-06-09 11:53:35 UTC (rev 16118)
+++ branches/SAMBA_3_0_RELEASE/WHATSNEW.txt	2006-06-09 12:25:25 UTC (rev 16119)
@@ -42,6 +42,7 @@
     * Fix bug in OS/2 Warp - it doesn't set the ff_last offset 
       correctly when doing info level 1 directory scans.
     * Add Samba4 replacement for timegm() to work on Solaris.
+    * Remove extra add-byte in the trans2 UNIX_BASIC infolevel.
 
 
 o   Gerald (Jerry) Carter <jerry at samba.org>
@@ -60,6 +61,10 @@
     * Adding "own-domain" switch to wbinfo which is handy from time 
       to time.
     * BUG 3823: Fix in-forest domain trust enumeration in winbindd.
+    * Fix winbindd group enumeration for groups with no members.
+    * Correct "net ads changetrustpw" to use the sAMAccountName.
+    * Fix winbindd in ADS domains by removing code using the 
+      UPN and rely upon the sAMAccountName.
 
 
 o   Aleksey Fedoseev <fedoseev at ru.ibm.com>
@@ -70,6 +75,11 @@
     * Properly rebuild time limit on systems with executable extensions.
 
 
+o   Björn Jacke <samba at j3e.de>
+    * Fall back to less-preferred clocks until we find one that we 
+      can use if clock_gmtime() is not available at run-time.
+
+
 o   Volker Lendecke <vl at samba.org>
     * Fix more potential seg-faults when something on our way to a 
       DC connection fails.
@@ -110,6 +120,7 @@
       parameters in dynconfig.c.
     * Avoid pulling in -lpthreads caused by -lrt.
     * Fix build failures on IRIX 6.4 due to DMAPI support.
+    * Isolate the slow CLOCK_REALTIME message in the profiling code.
 
 
 o   Aruna Prabakar <aruna.prabakar at hp.com>

Modified: branches/SAMBA_3_0_RELEASE/source/aclocal.m4
===================================================================
--- branches/SAMBA_3_0_RELEASE/source/aclocal.m4	2006-06-09 11:53:35 UTC (rev 16118)
+++ branches/SAMBA_3_0_RELEASE/source/aclocal.m4	2006-06-09 12:25:25 UTC (rev 16119)
@@ -839,10 +839,17 @@
 dnl Execute the corresponding user action list.
 AC_DEFUN([SMB_IS_LIBPTHREAD_LINKED],
 [
+    AC_MSG_CHECKING(if libpthread is linked)
     AC_TRY_LINK([],
 	[return pthread_create(0, 0, 0, 0);],
-	[$1],
-	[$2])
+	[
+	    AC_MSG_RESULT(yes)
+	    $1
+	],
+	[
+	    AC_MSG_RESULT(no)
+	    $2
+	])
 ])
 
 dnl SMB_REMOVE_LIB(lib)
@@ -943,3 +950,34 @@
     fi
 
 ])
+
+dnl SMB_CHECK_CLOCK_ID(clockid)
+dnl Test whether the specified clock_gettime clock ID is available. If it
+dnl is, we define HAVE_clockid
+AC_DEFUN([SMB_CHECK_CLOCK_ID],
+[
+    AC_MSG_CHECKING(for $1)
+    AC_TRY_LINK([
+#if TIME_WITH_SYS_TIME
+# include <sys/time.h>
+# include <time.h>
+#else
+# if HAVE_SYS_TIME_H
+#  include <sys/time.h>
+# else
+#  include <time.h>
+# endif
+#endif
+    ],
+    [
+clockid_t clk = $1;
+    ],
+    [
+	AC_MSG_RESULT(yes)
+	AC_DEFINE(HAVE_$1, 1,
+	    [Whether the clock_gettime clock ID $1 is available])
+    ],
+    [
+	AC_MSG_RESULT(no)
+    ])
+])

Modified: branches/SAMBA_3_0_RELEASE/source/configure.in
===================================================================
--- branches/SAMBA_3_0_RELEASE/source/configure.in	2006-06-09 11:53:35 UTC (rev 16118)
+++ branches/SAMBA_3_0_RELEASE/source/configure.in	2006-06-09 12:25:25 UTC (rev 16119)
@@ -2053,8 +2053,13 @@
 	    [
 		SMB_IS_LIBPTHREAD_LINKED(
 			[ SMB_REMOVELIB(rt) ],
-			[ AC_DEFINE(HAVE_CLOCK_GETTIME, 1,
-			    [Whether clock_gettime is available]) ])
+			[
+			    AC_DEFINE(HAVE_CLOCK_GETTIME, 1,
+				[Whether clock_gettime is available])
+			    SMB_CHECK_CLOCK_ID(CLOCK_MONOTONIC)
+			    SMB_CHECK_CLOCK_ID(CLOCK_PROCESS_CPUTIME_ID)
+			    SMB_CHECK_CLOCK_ID(CLOCK_REALTIME)
+			])
 	    ])
 
 fi

Modified: branches/SAMBA_3_0_RELEASE/source/libads/ldap.c
===================================================================
--- branches/SAMBA_3_0_RELEASE/source/libads/ldap.c	2006-06-09 11:53:35 UTC (rev 16118)
+++ branches/SAMBA_3_0_RELEASE/source/libads/ldap.c	2006-06-09 12:25:25 UTC (rev 16119)
@@ -287,9 +287,13 @@
 		   not servicePrincipalName; found by Guenther Deschner @ Sernet.
 
 		   Is this still correct?  The comment does not match
-		   the code.   --jerry */
+		   the code.   --jerry 
+		   
+		   Yes it is :) 
+		   - Guenther
+		   */
 
-		asprintf(&ads->auth.user_name, "host/%s", global_myname() );
+		asprintf(&ads->auth.user_name, "%s$", global_myname() );
 	}
 
 	if (!ads->auth.realm) {

Modified: branches/SAMBA_3_0_RELEASE/source/libads/util.c
===================================================================
--- branches/SAMBA_3_0_RELEASE/source/libads/util.c	2006-06-09 11:53:35 UTC (rev 16118)
+++ branches/SAMBA_3_0_RELEASE/source/libads/util.c	2006-06-09 12:25:25 UTC (rev 16119)
@@ -26,7 +26,6 @@
 {
 	char *password;
 	char *new_password;
-	char *service_principal;
 	ADS_STATUS ret;
 	uint32 sec_channel_type;
     
@@ -37,10 +36,8 @@
 
 	new_password = generate_random_str(DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH);
     
-	asprintf(&service_principal, "HOST/%s", host_principal);
+	ret = kerberos_set_password(ads->auth.kdc_server, host_principal, password, host_principal, new_password, ads->auth.time_offset);
 
-	ret = kerberos_set_password(ads->auth.kdc_server, service_principal, password, service_principal, new_password, ads->auth.time_offset);
-
 	if (!ADS_ERR_OK(ret)) {
 		goto failed;
 	}
@@ -53,14 +50,13 @@
 
 	/* Determine if the KDC is salting keys for this principal in a
 	 * non-obvious way. */
-	if (!kerberos_derive_salting_principal(service_principal)) {
-		DEBUG(1,("Failed to determine correct salting principal for %s\n", service_principal));
+	if (!kerberos_derive_salting_principal(host_principal)) {
+		DEBUG(1,("Failed to determine correct salting principal for %s\n", host_principal));
 		ret = ADS_ERROR_SYSTEM(EACCES);
 		goto failed;
 	}
 
 failed:
-	SAFE_FREE(service_principal);
 	SAFE_FREE(password);
 	return ret;
 }

Modified: branches/SAMBA_3_0_RELEASE/source/nsswitch/winbindd_group.c
===================================================================
--- branches/SAMBA_3_0_RELEASE/source/nsswitch/winbindd_group.c	2006-06-09 11:53:35 UTC (rev 16118)
+++ branches/SAMBA_3_0_RELEASE/source/nsswitch/winbindd_group.c	2006-06-09 12:25:25 UTC (rev 16119)
@@ -789,7 +789,7 @@
 			/* Append to group membership list */
 			gr_mem_list = SMB_REALLOC( gr_mem_list, gr_mem_list_len + gr_mem_len);
 
-			if (!gr_mem_list) {
+			if (!gr_mem_list && (group_list[group_list_ndx].num_gr_mem != 0)) {
 				DEBUG(0, ("out of memory\n"));
 				gr_mem_list_len = 0;
 				break;

Modified: branches/SAMBA_3_0_RELEASE/source/profile/profile.c
===================================================================
--- branches/SAMBA_3_0_RELEASE/source/profile/profile.c	2006-06-09 11:53:35 UTC (rev 16118)
+++ branches/SAMBA_3_0_RELEASE/source/profile/profile.c	2006-06-09 12:25:25 UTC (rev 16119)
@@ -30,6 +30,7 @@
 static BOOL read_only;
 #if defined(HAVE_CLOCK_GETTIME)
 clockid_t __profile_clock;
+BOOL have_profiling_clock = False;
 #endif
 #endif
 
@@ -62,6 +63,19 @@
 			 (int)procid_to_pid(&src)));
 		break;
 	case 2:		/* turn on complete profiling */
+
+#if defined(HAVE_CLOCK_GETTIME)
+		if (!have_profiling_clock) {
+			do_profile_flag = True;
+			do_profile_times = False;
+			DEBUG(1,("INFO: Profiling counts turned ON from "
+				"pid %d\n", (int)procid_to_pid(&src)));
+			DEBUGADD(1,("INFO: Profiling times disabled "
+				"due to lack of a suitable clock\n"));
+			break;
+		}
+#endif
+
 		do_profile_flag = True;
 		do_profile_times = True;
 		DEBUG(1,("INFO: Full profiling turned ON from pid %d\n",
@@ -100,28 +114,74 @@
   open the profiling shared memory area
   ******************************************************************/
 #ifdef WITH_PROFILE
+
+#ifdef HAVE_CLOCK_GETTIME
+
+/* Find a clock. Just because the definition for a particular clock ID is
+ * present doesn't mean the system actually supports it.
+ */
+static void init_clock_gettime(void)
+{
+	struct timespec ts;
+
+	have_profiling_clock = False;
+
+#ifdef HAVE_CLOCK_PROCESS_CPUTIME_ID
+	/* CLOCK_PROCESS_CPUTIME_ID is sufficiently fast that the
+	 * always profiling times is plausible. Unfortunately on Linux
+	 * it is only accurate if we can guarantee we will not be scheduled
+	 * scheduled onto a different CPU between samples. Until there is
+	 * some way to set processor affinity, we can only use this on
+	 * uniprocessors.
+	 */
+	if (!this_is_smp()) {
+	    if (clock_gettime(CLOCK_PROCESS_CPUTIME_ID, &ts) == 0) {
+		    DEBUG(10, ("Using CLOCK_PROCESS_CPUTIME_ID "
+				"for profile_clock\n"));
+		    __profile_clock = CLOCK_PROCESS_CPUTIME_ID;
+		    have_profiling_clock = True;
+	    }
+	}
+#endif
+
+#ifdef HAVE_CLOCK_MONOTONIC
+	if (!have_profiling_clock &&
+	    clock_gettime(CLOCK_MONOTONIC, &ts) == 0) {
+		DEBUG(10, ("Using CLOCK_MONOTONIC for profile_clock\n"));
+		__profile_clock = CLOCK_MONOTONIC;
+		have_profiling_clock = True;
+	}
+#endif
+
+#ifdef HAVE_CLOCK_REALTIME
+	/* POSIX says that CLOCK_REALTIME should be defined everywhere
+	 * where we have clock_gettime...
+	 */
+	if (!have_profiling_clock &&
+	    clock_gettime(CLOCK_REALTIME, &ts) == 0) {
+		__profile_clock = CLOCK_REALTIME;
+		have_profiling_clock = True;
+
+		SMB_WARN(__profile_clock != CLOCK_REALTIME,
+			("forced to use a slow profiling clock"));
+	}
+
+#endif
+
+	SMB_WARN(have_profiling_clock == True,
+		("could not find a working clock for profiling"));
+	return;
+}
+#endif
+
 BOOL profile_setup(BOOL rdonly)
 {
 	struct shmid_ds shm_ds;
 
 	read_only = rdonly;
 
-#if defined(HAVE_CLOCK_GETTIME)
-	if (this_is_smp()) {
-		/* This is faster that gettimeofday, but not fast enough to
-		 * leave it enabled in production.
-		 */
-		__profile_clock = CLOCK_MONOTONIC;
-	} else {
-		/* CLOCK_PROCESS_CPUTIME_ID is sufficiently fast that the
-		 * always profiling times is plausible. Unfortunately it is
-		 * only accurate if we can guarantee we will not be scheduled
-		 * onto a different CPU between samples. Until there is some
-		 * way to set processor affinity, we can only use this on
-		 * uniprocessors.
-		 */
-		__profile_clock = CLOCK_PROCESS_CPUTIME_ID;
-	}
+#ifdef HAVE_CLOCK_GETTIME
+	init_clock_gettime();
 #endif
 
  again:

Modified: branches/SAMBA_3_0_RELEASE/source/smbd/trans2.c
===================================================================
--- branches/SAMBA_3_0_RELEASE/source/smbd/trans2.c	2006-06-09 11:53:35 UTC (rev 16118)
+++ branches/SAMBA_3_0_RELEASE/source/smbd/trans2.c	2006-06-09 12:25:25 UTC (rev 16119)
@@ -3431,7 +3431,7 @@
 
 			SIVAL(pdata,0,sbuf.st_nlink);             /* number of hard links */
 			SIVAL(pdata,4,0);
-			pdata += 8+1;
+			pdata += 8;
 			data_size = PTR_DIFF(pdata,(*ppdata));
 
 			{

Modified: branches/SAMBA_3_0_RELEASE/source/utils/net_ads.c
===================================================================
--- branches/SAMBA_3_0_RELEASE/source/utils/net_ads.c	2006-06-09 11:53:35 UTC (rev 16118)
+++ branches/SAMBA_3_0_RELEASE/source/utils/net_ads.c	2006-06-09 12:25:25 UTC (rev 16119)
@@ -1529,19 +1529,19 @@
 
 	fstrcpy(my_name, global_myname());
 	strlower_m(my_name);
-	asprintf(&host_principal, "%s@%s", my_name, ads->config.realm);
-	d_printf("Changing password for principal: HOST/%s\n", host_principal);
+	asprintf(&host_principal, "%s$@%s", my_name, ads->config.realm);
+	d_printf("Changing password for principal: %s\n", host_principal);
 
 	ret = ads_change_trust_account_password(ads, host_principal);
 
 	if (!ADS_ERR_OK(ret)) {
-		d_fprintf(stderr, "Password change failed :-( ...\n");
+		d_fprintf(stderr, "Password change failed: %s\n", ads_errstr(ret));
 		ads_destroy(&ads);
 		SAFE_FREE(host_principal);
 		return -1;
 	}
     
-	d_printf("Password change for principal HOST/%s succeeded.\n", host_principal);
+	d_printf("Password change for principal %s succeeded.\n", host_principal);
 
 	if (lp_use_kerberos_keytab()) {
 		d_printf("Attempting to update system keytab with new password.\n");



More information about the samba-cvs mailing list