[SCM] Samba Shared Repository - branch master updated
Andrew Tridgell
tridge at samba.org
Wed Nov 17 06:42:01 MST 2010
The branch, master has been updated
via 0a4b7bb s4-repl: removed the syncall_workaround code
via 6c8b0d7 s4-repl: save the result of the last replication in repsFrom/repsTo
via 73016ad s4-repl: ensure we don't starve pending replication ops
via e17ea9f s4-kcc: fixed result_last_attempt in showrepl
via 9a744c6 s4-doserr: telling our users to "see Windows help" doesn't seem right
via 1645190 s4-provision: don't test for xattrs if posix:eadb is set
via 333975d s4-provision: setup posix:eadb using lp.set()
via 9432eab developer: only do the C++ reserved name checking on Linux
via d7ea449 s4-provision: don't try to autodetect xattr is posix:eadb is set
via 1a65180 s4-heimdal: ask for non-atomic heimdal
via e7dad42 heimdal: added HEIM_BASE_NON_ATOMIC option
via 6041938 s4-test: updates to test-howto.py
via 0cf7189 s4-heimdal: implement KERB_AP_ERR_TYPE_SKEW_RECOVERY
via 5f655e9 s4-gensec: zero the gssapi_state
via 1887ce8 s4-provision: use the command line lp in provision
via 2920033 s4-provision: add log messages about IP lookup
via 60449d5 s4-dns: catch more expections in samba_dnsupdate
from d1c1aae s3: Remove a reference to "winbindd_cli_state" from append_auth_data
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 0a4b7bb9a547011c4c39b75acee1c00c90562cd1
Author: Andrew Tridgell <tridge at samba.org>
Date: Wed Nov 17 23:48:23 2010 +1100
s4-repl: removed the syncall_workaround code
this isn't needed any more
Autobuild-User: Andrew Tridgell <tridge at samba.org>
Autobuild-Date: Wed Nov 17 13:41:51 UTC 2010 on sn-devel-104
commit 6c8b0d7f2784faf68d08d42227765bdc0ce28b35
Author: Andrew Tridgell <tridge at samba.org>
Date: Wed Nov 17 23:13:32 2010 +1100
s4-repl: save the result of the last replication in repsFrom/repsTo
when a replication fails, we should add the failure to repsFrom
when a notify fails, we need to save it to repsTo
this ensures showrepl always shows the latest status
commit 73016ad40523d4d41114c7b4d6bb2a46815bb597
Author: Andrew Tridgell <tridge at samba.org>
Date: Wed Nov 17 23:12:10 2010 +1100
s4-repl: ensure we don't starve pending replication ops
when there was a continuous sequence of notify ops, we could leave the
replication ops starving. This ensures we run whichever was queued
first
commit e17ea9f3f5019cd95ace6920ba73129cda0adf55
Author: Andrew Tridgell <tridge at samba.org>
Date: Wed Nov 17 23:11:12 2010 +1100
s4-kcc: fixed result_last_attempt in showrepl
commit 9a744c634ff55c166294d63d192649ad238f9bf6
Author: Andrew Tridgell <tridge at samba.org>
Date: Wed Nov 17 23:10:48 2010 +1100
s4-doserr: telling our users to "see Windows help" doesn't seem right
commit 1645190b1c0a4708cb3110bc94c1b9ec3e0d77e4
Author: Andrew Tridgell <tridge at samba.org>
Date: Wed Nov 17 21:50:06 2010 +1100
s4-provision: don't test for xattrs if posix:eadb is set
when it is set in smb.conf or on the command line, obey the setting
and don't try to test for system xattr support
commit 333975d84f1f5016ad8d61c8107ef76e43af0c7e
Author: Andrew Tridgell <tridge at samba.org>
Date: Wed Nov 17 21:49:19 2010 +1100
s4-provision: setup posix:eadb using lp.set()
this allows it to override a setting made during the automatic testing
of xattr support
commit 9432eabb2f6ba282943e1b7ea4e90c0ed38cefe2
Author: Andrew Tridgell <tridge at samba.org>
Date: Wed Nov 17 20:36:37 2010 +1100
developer: only do the C++ reserved name checking on Linux
this prevents us breaking the solaris build, but will still mean we
prevent C++ vars in our code
commit d7ea449049e6536c4c25274dc24d9eaa90cb7abd
Author: Andrew Tridgell <tridge at samba.org>
Date: Wed Nov 17 20:15:42 2010 +1100
s4-provision: don't try to autodetect xattr is posix:eadb is set
when posix:eadb is set then we know we should be using an eadb
commit 1a6518072899593f64e115e2c8cd5f5f4c523a4c
Author: Andrew Tridgell <tridge at opensolaris.home.tridgell.net>
Date: Mon Nov 15 22:54:09 2010 -0500
s4-heimdal: ask for non-atomic heimdal
this allows us to build with compilers other than gcc
commit e7dad42bc6cdf38d194a564c6ecdeb60cd4204c6
Author: Andrew Tridgell <tridge at opensolaris.home.tridgell.net>
Date: Mon Nov 15 22:53:13 2010 -0500
heimdal: added HEIM_BASE_NON_ATOMIC option
This allows heimdal to build without gcc, by not using atomic
operations. We don't need heimdal to be atomic in Samba.
commit 6041938908962ab89527671dd5fb8ce58f530f34
Author: Andrew Tridgell <tridge at samba.org>
Date: Wed Nov 17 18:29:04 2010 +1100
s4-test: updates to test-howto.py
- handle clock skew using "net time" on windows after we open the
telnet connection
- allow checking for result lists in order
- replicate all partitions after vampiring so we don't need
to wait for periodic replication
- use a krb5 ccache in the prefix for kinit based tests
The complete test suite now passes on my system, taking just over 13
minutes to complete
commit 0cf7189d4a4bf0ae538e0aa82ec90982b7523336
Author: Andrew Tridgell <tridge at samba.org>
Date: Wed Nov 17 17:33:31 2010 +1100
s4-heimdal: implement KERB_AP_ERR_TYPE_SKEW_RECOVERY
this e_data field in a kerberos error packet tells windows to do clock
skew recovery.
See [MS-KILE] 2.2.1 KERB-ERROR-DATA
Pair-Programmed-With: Andrew Bartlett <abartlet at samba.org>
commit 5f655e99a1c17ac9d28acb4740585d2100746d69
Author: Andrew Tridgell <tridge at samba.org>
Date: Wed Nov 17 17:09:24 2010 +1100
s4-gensec: zero the gssapi_state
this fixes a use of the target_principal before initialisation
Pair-Programmed-With: Andrew Bartlett <abartlet at samba.org>
commit 1887ce87e49fa593e02807e52fd4b653ca577a66
Author: Andrew Tridgell <tridge at samba.org>
Date: Wed Nov 17 12:54:41 2010 +1100
s4-provision: use the command line lp in provision
this ensures that provision options are stored in the generated
smb.conf
commit 292003343ebf37954eb0862d17f431cc16d8ec54
Author: Andrew Tridgell <tridge at samba.org>
Date: Wed Nov 17 12:54:13 2010 +1100
s4-provision: add log messages about IP lookup
the IPv6 lookup can be very slow if a DNS server in the search list is
unavailable. It's good to let the user know what its doing.
commit 60449d561dd4fdbe5ea9368ea59ef4e8bfa7b420
Author: Andrew Tridgell <tridge at samba.org>
Date: Wed Nov 17 12:33:02 2010 +1100
s4-dns: catch more expections in samba_dnsupdate
-----------------------------------------------------------------------
Summary of changes:
libcli/util/doserr.c | 8 +-
nsswitch/winbind_nss_solaris.h | 26 ---
source3/include/includes.h | 2 +-
source4/auth/gensec/gensec_gssapi.c | 2 +-
source4/dsdb/kcc/kcc_drs_replica_info.c | 1 +
source4/dsdb/repl/drepl_notify.c | 39 +----
source4/dsdb/repl/drepl_out_pull.c | 103 ++++++++----
source4/dsdb/repl/drepl_periodic.c | 18 ++-
source4/dsdb/repl/drepl_service.h | 4 +-
source4/dsdb/samdb/ldb_modules/repl_meta_data.c | 5 -
source4/heimdal/base/baselocl.h | 9 +-
.../heimdal/lib/gssapi/krb5/accept_sec_context.c | 6 +-
source4/heimdal_build/config.h | 3 +
source4/include/includes.h | 2 +-
source4/scripting/bin/samba_dnsupdate | 6 +-
source4/scripting/devel/howto/test-howto.py | 178 +++++++++++++-------
source4/scripting/devel/howto/tridge.conf | 3 +
source4/scripting/python/samba/ntacls.py | 1 +
source4/scripting/python/samba/provision.py | 9 +-
source4/setup/provision | 4 +-
source4/setup/provision.smb.conf.dc | 1 -
source4/setup/provision.smb.conf.member | 1 -
source4/setup/provision.smb.conf.standalone | 1 -
23 files changed, 257 insertions(+), 175 deletions(-)
Changeset truncated at 500 lines:
diff --git a/libcli/util/doserr.c b/libcli/util/doserr.c
index 1663edb..a0c152d 100644
--- a/libcli/util/doserr.c
+++ b/libcli/util/doserr.c
@@ -3349,9 +3349,9 @@ const struct werror_str_struct dos_err_strs[] = {
{ WERR_ADDRESS_NOT_ASSOCIATED, "An address has not yet been associated with the network endpoint." },
{ WERR_CONNECTION_INVALID, "An operation was attempted on a nonexistent network connection." },
{ WERR_CONNECTION_ACTIVE, "An invalid operation was attempted on an active network connection." },
- { WERR_NETWORK_UNREACHABLE, "The network location cannot be reached. For information about network troubleshooting, see Windows Help." },
- { WERR_HOST_UNREACHABLE, "The network location cannot be reached. For information about network troubleshooting, see Windows Help." },
- { WERR_PROTOCOL_UNREACHABLE, "The network location cannot be reached. For information about network troubleshooting, see Windows Help." },
+ { WERR_NETWORK_UNREACHABLE, "The network location cannot be reached." },
+ { WERR_HOST_UNREACHABLE, "The network location cannot be reached." },
+ { WERR_PROTOCOL_UNREACHABLE, "The network location cannot be reached." },
{ WERR_PORT_UNREACHABLE, "No service is operating at the destination network endpoint on the remote system." },
{ WERR_REQUEST_ABORTED, "The request was aborted." },
{ WERR_CONNECTION_ABORTED, "The network connection was aborted by the local system." },
@@ -3374,7 +3374,7 @@ const struct werror_str_struct dos_err_strs[] = {
{ WERR_BAD_USER_PROFILE, "The specified user does not have a valid profile." },
{ WERR_NOT_SUPPORTED_ON_SBS, "This operation is not supported on a computer running Windows Server 2003 for Small Business Server." },
{ WERR_SERVER_SHUTDOWN_IN_PROGRESS, "The server machine is shutting down." },
- { WERR_HOST_DOWN, "The remote system is not available. For information about network troubleshooting, see Windows Help." },
+ { WERR_HOST_DOWN, "The remote system is not available." },
{ WERR_NON_ACCOUNT_SID, "The security identifier provided is not from an account domain." },
{ WERR_NON_DOMAIN_SID, "The security identifier provided does not have a domain component." },
{ WERR_APPHELP_BLOCK, "AppHelp dialog canceled, thus preventing the application from starting." },
diff --git a/nsswitch/winbind_nss_solaris.h b/nsswitch/winbind_nss_solaris.h
index f805542..0113305 100644
--- a/nsswitch/winbind_nss_solaris.h
+++ b/nsswitch/winbind_nss_solaris.h
@@ -22,33 +22,7 @@
#ifndef _WINBIND_NSS_SOLARIS_H
#define _WINBIND_NSS_SOLARIS_H
-/* Solaris has a broken nss_common header file containing C++ reserved names. */
-#ifndef __cplusplus
-#undef class
-#undef private
-#undef public
-#undef protected
-#undef template
-#undef this
-#undef new
-#undef delete
-#undef friend
-#endif
-
#include <nss_common.h>
-
-#ifndef __cplusplus
-#define class #error DONT_USE_CPLUSPLUS_RESERVED_NAMES
-#define private #error DONT_USE_CPLUSPLUS_RESERVED_NAMES
-#define public #error DONT_USE_CPLUSPLUS_RESERVED_NAMES
-#define protected #error DONT_USE_CPLUSPLUS_RESERVED_NAMES
-#define template #error DONT_USE_CPLUSPLUS_RESERVED_NAMES
-#define this #error DONT_USE_CPLUSPLUS_RESERVED_NAMES
-#define new #error DONT_USE_CPLUSPLUS_RESERVED_NAMES
-#define delete #error DONT_USE_CPLUSPLUS_RESERVED_NAMES
-#define friend #error DONT_USE_CPLUSPLUS_RESERVED_NAMES
-#endif
-
#include <nss_dbdefs.h>
#include <nsswitch.h>
diff --git a/source3/include/includes.h b/source3/include/includes.h
index 11066e2..87061eb 100644
--- a/source3/include/includes.h
+++ b/source3/include/includes.h
@@ -34,7 +34,7 @@
to include --with-developer since too many systems
still have comflicts with their header files (e.g. IRIX 6.4) */
-#if !defined(__cplusplus) && defined(DEVELOPER)
+#if !defined(__cplusplus) && defined(DEVELOPER) && defined(__linux__)
#define class #error DONT_USE_CPLUSPLUS_RESERVED_NAMES
#define private #error DONT_USE_CPLUSPLUS_RESERVED_NAMES
#define public #error DONT_USE_CPLUSPLUS_RESERVED_NAMES
diff --git a/source4/auth/gensec/gensec_gssapi.c b/source4/auth/gensec/gensec_gssapi.c
index a6d0ef2..f0da54d 100644
--- a/source4/auth/gensec/gensec_gssapi.c
+++ b/source4/auth/gensec/gensec_gssapi.c
@@ -149,7 +149,7 @@ static NTSTATUS gensec_gssapi_start(struct gensec_security *gensec_security)
krb5_error_code ret;
const char *realm;
- gensec_gssapi_state = talloc(gensec_security, struct gensec_gssapi_state);
+ gensec_gssapi_state = talloc_zero(gensec_security, struct gensec_gssapi_state);
if (!gensec_gssapi_state) {
return NT_STATUS_NO_MEMORY;
}
diff --git a/source4/dsdb/kcc/kcc_drs_replica_info.c b/source4/dsdb/kcc/kcc_drs_replica_info.c
index 05f9434..fab7202 100644
--- a/source4/dsdb/kcc/kcc_drs_replica_info.c
+++ b/source4/dsdb/kcc/kcc_drs_replica_info.c
@@ -494,6 +494,7 @@ static WERROR copy_repsfrom_1_to_2(TALLOC_CTX *mem_ctx,
reps->consecutive_sync_failures = reps1->consecutive_sync_failures;
reps->last_attempt = reps1->last_attempt;
reps->last_success = reps1->last_success;
+ reps->result_last_attempt = reps1->result_last_attempt;
reps->other_info = talloc_zero(mem_ctx, struct repsFromTo2OtherInfo);
W_ERROR_HAVE_NO_MEMORY(reps->other_info);
reps->other_info->dns_name1 = reps1->other_info->dns_name;
diff --git a/source4/dsdb/repl/drepl_notify.c b/source4/dsdb/repl/drepl_notify.c
index 0178e97..8f31516 100644
--- a/source4/dsdb/repl/drepl_notify.c
+++ b/source4/dsdb/repl/drepl_notify.c
@@ -120,10 +120,6 @@ static void dreplsrv_op_notify_replica_sync_trigger(struct tevent_req *req)
DRSUAPI_DRS_ASYNC_OP |
DRSUAPI_DRS_UPDATE_NOTIFICATION |
DRSUAPI_DRS_WRIT_REP;
- if (state->op->service->syncall_workaround) {
- DEBUG(3,("sending DsReplicaSync with SYNC_ALL workaround\n"));
- r->in.req->req1.options |= DRSUAPI_DRS_SYNC_ALL;
- }
if (state->op->is_urgent) {
r->in.req->req1.options |= DRSUAPI_DRS_SYNC_URGENT;
@@ -189,46 +185,29 @@ static void dreplsrv_notify_op_callback(struct tevent_req *subreq)
struct dreplsrv_notify_operation);
NTSTATUS status;
struct dreplsrv_service *s = op->service;
+ WERROR werr;
status = dreplsrv_op_notify_recv(subreq);
+ werr = ntstatus_to_werror(status);
TALLOC_FREE(subreq);
if (!NT_STATUS_IS_OK(status)) {
- WERROR werr;
- unsigned int msg_debug_level = 0;
- werr = ntstatus_to_werror(status);
- if (W_ERROR_EQUAL(werr, WERR_BADFILE)) {
- /*
- * TODO:
- *
- * we should better fix the bug regarding
- * non-linked attribute handling, instead
- * of just hiding the failures.
- *
- * we should also remove the dc from our repsTo
- * if it failed to often, instead of retrying
- * every few seconds
- */
- msg_debug_level = 2;
- }
-
- DEBUG(msg_debug_level,
- ("dreplsrv_notify: Failed to send DsReplicaSync to %s for %s - %s : %s\n",
+ DEBUG(4,("dreplsrv_notify: Failed to send DsReplicaSync to %s for %s - %s : %s\n",
op->source_dsa->repsFrom1->other_info->dns_name,
ldb_dn_get_linearized(op->source_dsa->partition->dn),
nt_errstr(status), win_errstr(werr)));
- if (W_ERROR_EQUAL(werr, WERR_DS_DRA_NO_REPLICA)) {
- DEBUG(0,("Enabling SYNC_ALL workaround\n"));
- op->service->syncall_workaround = true;
- }
} else {
DEBUG(2,("dreplsrv_notify: DsReplicaSync OK for %s\n",
op->source_dsa->repsFrom1->other_info->dns_name));
op->source_dsa->notify_uSN = op->uSN;
}
+ drepl_reps_update(s, "repsTo", op->source_dsa->partition->dn,
+ &op->source_dsa->repsFrom1->source_dsa_obj_guid,
+ werr);
+
talloc_free(op);
s->ops.n_current = NULL;
- dreplsrv_notify_run_ops(s);
+ dreplsrv_run_pending_ops(s);
}
/*
@@ -343,6 +322,7 @@ static WERROR dreplsrv_schedule_notify_sync(struct dreplsrv_service *service,
op->uSN = uSN;
op->is_urgent = is_urgent;
op->replica_flags = replica_flags;
+ op->schedule_time = time(NULL);
DLIST_ADD_END(service->ops.notifies, op, struct dreplsrv_notify_operation *);
talloc_steal(service, op);
@@ -499,5 +479,4 @@ static void dreplsrv_notify_run(struct dreplsrv_service *service)
talloc_free(mem_ctx);
dreplsrv_run_pending_ops(service);
- dreplsrv_notify_run_ops(service);
}
diff --git a/source4/dsdb/repl/drepl_out_pull.c b/source4/dsdb/repl/drepl_out_pull.c
index 3e59ee9..874d44e 100644
--- a/source4/dsdb/repl/drepl_out_pull.c
+++ b/source4/dsdb/repl/drepl_out_pull.c
@@ -34,6 +34,60 @@
#include "libcli/composite/composite.h"
#include "libcli/security/security.h"
+/*
+ update repsFrom/repsTo error information
+ */
+void drepl_reps_update(struct dreplsrv_service *s, const char *reps_attr,
+ struct ldb_dn *dn,
+ struct GUID *source_dsa_obj_guid, WERROR status)
+{
+ struct repsFromToBlob *reps;
+ uint32_t count, i;
+ WERROR werr;
+ TALLOC_CTX *tmp_ctx = talloc_new(s);
+ time_t t;
+ NTTIME now;
+
+ t = time(NULL);
+ unix_to_nt_time(&now, t);
+
+ werr = dsdb_loadreps(s->samdb, tmp_ctx, dn, reps_attr, &reps, &count);
+ if (!W_ERROR_IS_OK(werr)) {
+ talloc_free(tmp_ctx);
+ return;
+ }
+
+ for (i=0; i<count; i++) {
+ if (GUID_compare(source_dsa_obj_guid,
+ &reps[i].ctr.ctr1.source_dsa_obj_guid) == 0) {
+ break;
+ }
+ }
+
+ if (i == count) {
+ /* no record to update */
+ talloc_free(tmp_ctx);
+ return;
+ }
+
+ /* only update the status fields */
+ reps[i].ctr.ctr1.last_attempt = now;
+ reps[i].ctr.ctr1.result_last_attempt = status;
+ if (W_ERROR_IS_OK(status)) {
+ reps[i].ctr.ctr1.last_success = now;
+ reps[i].ctr.ctr1.consecutive_sync_failures = 0;
+ } else {
+ reps[i].ctr.ctr1.consecutive_sync_failures++;
+ }
+
+ werr = dsdb_savereps(s->samdb, tmp_ctx, dn, reps_attr, reps, count);
+ if (!W_ERROR_IS_OK(werr)) {
+ DEBUG(2,("drepl_reps_update: Failed to save %s for %s: %s\n",
+ reps_attr, ldb_dn_get_linearized(dn), win_errstr(werr)));
+ }
+ talloc_free(tmp_ctx);
+}
+
WERROR dreplsrv_schedule_partition_pull_source(struct dreplsrv_service *s,
struct dreplsrv_partition_source_dsa *source,
enum drsuapi_DsExtendedOperation extended_op,
@@ -52,6 +106,7 @@ WERROR dreplsrv_schedule_partition_pull_source(struct dreplsrv_service *s,
op->fsmo_info = fsmo_info;
op->callback = callback;
op->cb_data = cb_data;
+ op->schedule_time = time(NULL);
DLIST_ADD_END(s->ops.pending, op, struct dreplsrv_out_operation *);
@@ -95,48 +150,35 @@ static void dreplsrv_pending_op_callback(struct tevent_req *subreq)
struct dreplsrv_out_operation);
struct repsFromTo1 *rf = op->source_dsa->repsFrom1;
struct dreplsrv_service *s = op->service;
- time_t t;
- NTTIME now;
+ WERROR werr;
- t = time(NULL);
- unix_to_nt_time(&now, t);
-
- rf->result_last_attempt = dreplsrv_op_pull_source_recv(subreq);
+ werr = dreplsrv_op_pull_source_recv(subreq);
TALLOC_FREE(subreq);
- if (W_ERROR_IS_OK(rf->result_last_attempt)) {
- rf->consecutive_sync_failures = 0;
- rf->last_success = now;
- DEBUG(3,("dreplsrv_op_pull_source(%s)\n",
- win_errstr(rf->result_last_attempt)));
- goto done;
- }
- rf->consecutive_sync_failures++;
+ DEBUG(4,("dreplsrv_op_pull_source(%s) for %s\n", win_errstr(werr),
+ ldb_dn_get_linearized(op->source_dsa->partition->dn)));
- DEBUG(1,("dreplsrv_op_pull_source(%s/%s) for %s failures[%u]\n",
- win_errstr(rf->result_last_attempt),
- nt_errstr(werror_to_ntstatus(rf->result_last_attempt)),
- ldb_dn_get_linearized(op->source_dsa->partition->dn),
- rf->consecutive_sync_failures));
+ if (op->extended_op == DRSUAPI_EXOP_NONE) {
+ drepl_reps_update(s, "repsFrom", op->source_dsa->partition->dn,
+ &rf->source_dsa_obj_guid, werr);
+ }
-done:
if (op->callback) {
- op->callback(s, rf->result_last_attempt, op->extended_ret, op->cb_data);
+ op->callback(s, werr, op->extended_ret, op->cb_data);
}
talloc_free(op);
s->ops.current = NULL;
dreplsrv_run_pending_ops(s);
- dreplsrv_notify_run_ops(s);
}
-void dreplsrv_run_pending_ops(struct dreplsrv_service *s)
+void dreplsrv_run_pull_ops(struct dreplsrv_service *s)
{
struct dreplsrv_out_operation *op;
time_t t;
NTTIME now;
struct tevent_req *subreq;
- if (s->ops.current || s->ops.n_current) {
+ if (s->ops.current) {
/* if there's still one running, we're done */
return;
}
@@ -159,8 +201,10 @@ void dreplsrv_run_pending_ops(struct dreplsrv_service *s)
if (!subreq) {
struct repsFromTo1 *rf = op->source_dsa->repsFrom1;
- rf->result_last_attempt = WERR_NOMEM;
- rf->consecutive_sync_failures++;
+ if (op->extended_op == DRSUAPI_EXOP_NONE) {
+ drepl_reps_update(s, "repsFrom", op->source_dsa->partition->dn,
+ &rf->source_dsa_obj_guid, WERR_NOMEM);
+ }
s->ops.current = NULL;
/*
@@ -168,13 +212,8 @@ void dreplsrv_run_pending_ops(struct dreplsrv_service *s)
* to do its job just like in any other failure situation
*/
if (op->callback) {
- op->callback(s, rf->result_last_attempt, op->extended_ret, op->cb_data);
+ op->callback(s, WERR_NOMEM, op->extended_ret, op->cb_data);
}
-
- DEBUG(1,("dreplsrv_op_pull_source(%s/%s) failures[%u]\n",
- win_errstr(rf->result_last_attempt),
- nt_errstr(werror_to_ntstatus(rf->result_last_attempt)),
- rf->consecutive_sync_failures));
return;
}
tevent_req_set_callback(subreq, dreplsrv_pending_op_callback, op);
diff --git a/source4/dsdb/repl/drepl_periodic.c b/source4/dsdb/repl/drepl_periodic.c
index 60f3581..fe0fb6d 100644
--- a/source4/dsdb/repl/drepl_periodic.c
+++ b/source4/dsdb/repl/drepl_periodic.c
@@ -116,5 +116,21 @@ static void dreplsrv_periodic_run(struct dreplsrv_service *service)
dreplsrv_ridalloc_check_rid_pool(service);
dreplsrv_run_pending_ops(service);
- dreplsrv_notify_run_ops(service);
+}
+
+/*
+ run the next pending op, either a notify or a pull
+ */
+void dreplsrv_run_pending_ops(struct dreplsrv_service *s)
+{
+ if (!s->ops.notifies && !s->ops.pending) {
+ return;
+ }
+ if (!s->ops.notifies ||
+ (s->ops.pending &&
+ s->ops.notifies->schedule_time > s->ops.pending->schedule_time)) {
+ dreplsrv_run_pull_ops(s);
+ } else {
+ dreplsrv_notify_run_ops(s);
+ }
}
diff --git a/source4/dsdb/repl/drepl_service.h b/source4/dsdb/repl/drepl_service.h
index 9ad62fd..48b084f 100644
--- a/source4/dsdb/repl/drepl_service.h
+++ b/source4/dsdb/repl/drepl_service.h
@@ -119,6 +119,7 @@ typedef void (*dreplsrv_extended_callback_t)(struct dreplsrv_service *,
struct dreplsrv_out_operation {
struct dreplsrv_out_operation *prev, *next;
+ time_t schedule_time;
struct dreplsrv_service *service;
@@ -133,6 +134,7 @@ struct dreplsrv_out_operation {
struct dreplsrv_notify_operation {
struct dreplsrv_notify_operation *prev, *next;
+ time_t schedule_time;
struct dreplsrv_service *service;
uint64_t uSN;
@@ -228,8 +230,6 @@ struct dreplsrv_service {
bool rid_alloc_in_progress;
- bool syncall_workaround;
-
bool am_rodc;
};
diff --git a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
index 957ca3c..3db1fe9 100644
--- a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
+++ b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
@@ -3547,11 +3547,6 @@ static int replmd_replicated_uptodate_modify(struct replmd_replicated_request *a
ZERO_STRUCT(nrf);
nrf.version = 1;
nrf.ctr.ctr1 = *ar->objs->source_dsa;
- /* and fix some values... */
- nrf.ctr.ctr1.consecutive_sync_failures = 0;
- nrf.ctr.ctr1.last_success = now;
- nrf.ctr.ctr1.last_attempt = now;
- nrf.ctr.ctr1.result_last_attempt = WERR_OK;
nrf.ctr.ctr1.highwatermark.highest_usn = nrf.ctr.ctr1.highwatermark.tmp_highest_usn;
/*
diff --git a/source4/heimdal/base/baselocl.h b/source4/heimdal/base/baselocl.h
index 3932378..06806d2 100644
--- a/source4/heimdal/base/baselocl.h
+++ b/source4/heimdal/base/baselocl.h
@@ -50,7 +50,14 @@
#include <dispatch/dispatch.h>
#endif
-#ifdef __GNUC__
+#if HEIM_BASE_NON_ATOMIC
+/* non-atomic varients */
+#define heim_base_atomic_inc(x) ++(*(x))
+#define heim_base_atomic_dec(x) --(*(x))
+#define heim_base_atomic_type unsigned int
+#define heim_base_atomic_max UINT_MAX
+
+#elif defined(__GNUC__)
#define heim_base_atomic_inc(x) __sync_add_and_fetch((x), 1)
#define heim_base_atomic_dec(x) __sync_sub_and_fetch((x), 1)
#define heim_base_atomic_type unsigned int
diff --git a/source4/heimdal/lib/gssapi/krb5/accept_sec_context.c b/source4/heimdal/lib/gssapi/krb5/accept_sec_context.c
index 8ec3a65..0e8fbe8 100644
--- a/source4/heimdal/lib/gssapi/krb5/accept_sec_context.c
+++ b/source4/heimdal/lib/gssapi/krb5/accept_sec_context.c
@@ -263,6 +263,10 @@ send_error_token(OM_uint32 *minor_status,
krb5_principal ap_req_server = NULL;
krb5_error_code ret;
krb5_data outbuf;
+ /* this e_data value encodes KERB_AP_ERR_TYPE_SKEW_RECOVERY which
+ tells windows to try again with the corrected timestamp. See
+ [MS-KILE] 2.2.1 KERB-ERROR-DATA */
+ krb5_data e_data = { 7, rk_UNCONST("\x30\x05\xa1\x03\x02\x01\x02") };
/* build server from request if the acceptor had not selected one */
if (server == NULL) {
@@ -285,7 +289,7 @@ send_error_token(OM_uint32 *minor_status,
server = ap_req_server;
}
- ret = krb5_mk_error(context, kret, NULL, NULL, NULL,
+ ret = krb5_mk_error(context, kret, NULL, &e_data, NULL,
server, NULL, NULL, &outbuf);
if (ap_req_server)
krb5_free_principal(context, ap_req_server);
diff --git a/source4/heimdal_build/config.h b/source4/heimdal_build/config.h
index 71ef3e9..0fdb292 100644
--- a/source4/heimdal_build/config.h
+++ b/source4/heimdal_build/config.h
@@ -43,4 +43,7 @@
#define LIBINTL
#endif
+/* heimdal now wants some atomic ops - ask for the non-atomic ones for Samba */
+#define HEIM_BASE_NON_ATOMIC 1
+
#endif
diff --git a/source4/include/includes.h b/source4/include/includes.h
index 796e313..d0a9702 100644
--- a/source4/include/includes.h
+++ b/source4/include/includes.h
@@ -38,7 +38,7 @@
to include --with-developer since too many systems
still have comflicts with their header files (e.g. IRIX 6.4) */
-#if !defined(__cplusplus) && defined(DEVELOPER)
+#if !defined(__cplusplus) && defined(DEVELOPER) && defined(__linux__)
#define class #error DONT_USE_CPLUSPLUS_RESERVED_NAMES
#define private #error DONT_USE_CPLUSPLUS_RESERVED_NAMES
#define public #error DONT_USE_CPLUSPLUS_RESERVED_NAMES
diff --git a/source4/scripting/bin/samba_dnsupdate b/source4/scripting/bin/samba_dnsupdate
index 9911c6a..1b5bc3e 100755
--- a/source4/scripting/bin/samba_dnsupdate
+++ b/source4/scripting/bin/samba_dnsupdate
@@ -259,11 +259,13 @@ def call_nsupdate(d):
try:
cmd = "%s %s" % (nsupdate_cmd, tmpfile)
subprocess.check_call(cmd, shell=True)
- except subprocess.CalledProcessError:
+ except Exception, estr:
global error_count
if opts.fail_immediately:
--
Samba Shared Repository
More information about the samba-cvs
mailing list