[SCM] Samba Shared Repository - branch master updated
Andrew Tridgell
tridge at samba.org
Wed Sep 29 23:56:02 MDT 2010
The branch, master has been updated
via 1a9f5b4 s4-drepl: don't call UpdateRefs on a RODC
via 287e35f s4-drepl: fixed the checking of replica_flags in the drepl server
via 4d55175 s4-kcc: fixed the replica_flags in repsFrom in the kcc
via d690622 idl-drsuapi: fixed another replica_flags that should use the bitmap
from 92586ab s4-dns: send A record updates via TKEY
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 1a9f5b45f80030c63dbd5616c6de1e99cbf539c5
Author: Andrew Tridgell <tridge at samba.org>
Date: Wed Sep 29 22:08:48 2010 -0700
s4-drepl: don't call UpdateRefs on a RODC
we use the ADD_REF bit in getncchanges instead
Pair-Programmed-With: Anatoliy Atanasov <anatoliy.atanasov at postpath.com>
commit 287e35f4cfe8be3663afcde50d9cc66e120c43b6
Author: Andrew Tridgell <tridge at samba.org>
Date: Wed Sep 29 22:04:21 2010 -0700
s4-drepl: fixed the checking of replica_flags in the drepl server
we were incorrectly avoiding a getncchanges when WRIT_REP was not set
Pair-Programmed-With: Anatoliy Atanasov <anatoliy.atanasov at postpath.com>
commit 4d551753d62728b60a439d1b996d4a1e3358c42b
Author: Andrew Tridgell <tridge at samba.org>
Date: Wed Sep 29 22:03:35 2010 -0700
s4-kcc: fixed the replica_flags in repsFrom in the kcc
if our calculated replica_flags doesn't match the ones in our repsFrom
then update it
Pair-Programmed-With: Anatoliy Atanasov <anatoliy.atanasov at postpath.com>
commit d690622f37156307f36e54bc716c0561855cef16
Author: Andrew Tridgell <tridge at samba.org>
Date: Wed Sep 29 22:02:54 2010 -0700
idl-drsuapi: fixed another replica_flags that should use the bitmap
Pair-Programmed-With: Anatoliy Atanasov <anatoliy.atanasov at postpath.com>
-----------------------------------------------------------------------
Summary of changes:
librpc/idl/drsuapi.idl | 2 +-
source4/dsdb/kcc/kcc_periodic.c | 103 +++++++++++++++++++++++----------
source4/dsdb/repl/drepl_out_helpers.c | 23 ++++----
3 files changed, 84 insertions(+), 44 deletions(-)
Changeset truncated at 500 lines:
diff --git a/librpc/idl/drsuapi.idl b/librpc/idl/drsuapi.idl
index 8981891..6d8fda8 100644
--- a/librpc/idl/drsuapi.idl
+++ b/librpc/idl/drsuapi.idl
@@ -814,7 +814,7 @@ interface drsuapi
GUID source_dra;
[charset(UTF16),string] uint16 *source_dra_address;
uint8 schedule[84];
- uint32 replica_flags;
+ drsuapi_DrsOptions replica_flags;
uint32 modify_fields;
drsuapi_DrsOptions options;
} drsuapi_DsReplicaModRequest1;
diff --git a/source4/dsdb/kcc/kcc_periodic.c b/source4/dsdb/kcc/kcc_periodic.c
index 447ef1e..b6db0a7 100644
--- a/source4/dsdb/kcc/kcc_periodic.c
+++ b/source4/dsdb/kcc/kcc_periodic.c
@@ -37,16 +37,22 @@
#include "param/param.h"
/*
+ * see if two repsFromToBlob blobs are for the same source DSA
+ */
+static bool kccsrv_same_source_dsa(struct repsFromToBlob *r1, struct repsFromToBlob *r2)
+{
+ return GUID_compare(&r1->ctr.ctr1.source_dsa_obj_guid,
+ &r2->ctr.ctr1.source_dsa_obj_guid) == 0;
+}
+
+/*
* see if a repsFromToBlob is in a list
*/
static bool reps_in_list(struct repsFromToBlob *r, struct repsFromToBlob *reps, uint32_t count)
{
uint32_t i;
for (i=0; i<count; i++) {
- if (strcmp(r->ctr.ctr1.other_info->dns_name,
- reps[i].ctr.ctr1.other_info->dns_name) == 0 &&
- GUID_compare(&r->ctr.ctr1.source_dsa_obj_guid,
- &reps[i].ctr.ctr1.source_dsa_obj_guid) == 0) {
+ if (kccsrv_same_source_dsa(r, &reps[i])) {
return true;
}
}
@@ -153,6 +159,21 @@ static void kccsrv_notify_drepl_server_done(struct tevent_req *subreq)
TALLOC_FREE(state);
}
+static uint32_t kccsrv_replica_flags(struct kccsrv_service *s)
+{
+ if (s->am_rodc) {
+ return DRSUAPI_DRS_INIT_SYNC |
+ DRSUAPI_DRS_PER_SYNC |
+ DRSUAPI_DRS_ADD_REF |
+ DRSUAPI_DRS_SPECIAL_SECRET_PROCESSING |
+ DRSUAPI_DRS_NONGC_RO_REP;
+ }
+ return DRSUAPI_DRS_INIT_SYNC |
+ DRSUAPI_DRS_PER_SYNC |
+ DRSUAPI_DRS_ADD_REF |
+ DRSUAPI_DRS_WRIT_REP;
+}
+
/*
* add any missing repsFrom structures to our partitions
*/
@@ -162,49 +183,75 @@ static NTSTATUS kccsrv_add_repsFrom(struct kccsrv_service *s, TALLOC_CTX *mem_ct
{
struct kccsrv_partition *p;
bool notify_dreplsrv = false;
+ uint32_t replica_flags = kccsrv_replica_flags(s);
/* update the repsFrom on all partitions */
for (p=s->partitions; p; p=p->next) {
- struct repsFromToBlob *old_reps;
- uint32_t old_count;
+ struct repsFromToBlob *our_reps;
+ uint32_t our_count;
WERROR werr;
- uint32_t i;
+ uint32_t i, j;
bool modified = false;
- werr = dsdb_loadreps(s->samdb, mem_ctx, p->dn, "repsFrom", &old_reps, &old_count);
+ werr = dsdb_loadreps(s->samdb, mem_ctx, p->dn, "repsFrom", &our_reps, &our_count);
if (!W_ERROR_IS_OK(werr)) {
DEBUG(0,(__location__ ": Failed to load repsFrom from %s - %s\n",
ldb_dn_get_linearized(p->dn), ldb_errstring(s->samdb)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
- /* add any new ones */
+ /* see if the entry already exists */
for (i=0; i<count; i++) {
- if (!reps_in_list(&reps[i], old_reps, old_count) &&
- check_MasterNC(p, &reps[i], res)) {
- old_reps = talloc_realloc(mem_ctx, old_reps, struct repsFromToBlob, old_count+1);
- NT_STATUS_HAVE_NO_MEMORY(old_reps);
- old_reps[old_count] = reps[i];
- old_count++;
+ for (j=0; j<our_count; j++) {
+ if (kccsrv_same_source_dsa(&reps[i], &our_reps[j])) {
+ /* we already have this one -
+ check the replica_flags are right */
+ if (replica_flags != our_reps[j].ctr.ctr1.replica_flags) {
+ /* we need to update the old one with
+ * the new flags
+ */
+ our_reps[j].ctr.ctr1.replica_flags = replica_flags;
+ modified = true;
+ }
+ break;
+ }
+ }
+ if (j == our_count) {
+ /* we don't have the new one - add it
+ * if it is a master
+ */
+ if (!check_MasterNC(p, &reps[i], res)) {
+ /* its not a master, we don't
+ want to pull from it */
+ continue;
+ }
+ /* we need to add it to our repsFrom */
+ our_reps = talloc_realloc(mem_ctx, our_reps, struct repsFromToBlob, our_count+1);
+ NT_STATUS_HAVE_NO_MEMORY(our_reps);
+ our_reps[our_count] = reps[i];
+ our_reps[our_count].ctr.ctr1.replica_flags = replica_flags;
+ our_count++;
modified = true;
- DEBUG(4,(__location__ ": Added repsFrom for %s\n", reps[i].ctr.ctr1.other_info->dns_name));
+ DEBUG(4,(__location__ ": Added repsFrom for %s\n",
+ reps[i].ctr.ctr1.other_info->dns_name));
}
}
/* remove any stale ones */
- for (i=0; i<old_count; i++) {
- if (!reps_in_list(&old_reps[i], reps, count) ||
- !check_MasterNC(p, &old_reps[i], res)) {
- memmove(&old_reps[i], &old_reps[i+1], (old_count-(i+1))*sizeof(old_reps[0]));
- old_count--;
+ for (i=0; i<our_count; i++) {
+ if (!reps_in_list(&our_reps[i], reps, count) ||
+ !check_MasterNC(p, &our_reps[i], res)) {
+ DEBUG(4,(__location__ ": Removed repsFrom for %s\n",
+ our_reps[i].ctr.ctr1.other_info->dns_name));
+ memmove(&our_reps[i], &our_reps[i+1], (our_count-(i+1))*sizeof(our_reps[0]));
+ our_count--;
i--;
modified = true;
- DEBUG(4,(__location__ ": Removed repsFrom for %s\n", reps[i].ctr.ctr1.other_info->dns_name));
}
}
-
+
if (modified) {
- werr = dsdb_savereps(s->samdb, mem_ctx, p->dn, "repsFrom", old_reps, old_count);
+ werr = dsdb_savereps(s->samdb, mem_ctx, p->dn, "repsFrom", our_reps, our_count);
if (!W_ERROR_IS_OK(werr)) {
DEBUG(0,(__location__ ": Failed to save repsFrom to %s - %s\n",
ldb_dn_get_linearized(p->dn), ldb_errstring(s->samdb)));
@@ -276,13 +323,7 @@ NTSTATUS kccsrv_simple_update(struct kccsrv_service *s, TALLOC_CTX *mem_ctx)
lpcfg_dnsdomain(s->task->lp_ctx));
r1->source_dsa_obj_guid = ntds_guid;
r1->source_dsa_invocation_id = invocation_id;
- r1->replica_flags =
- DRSUAPI_DRS_INIT_SYNC |
- DRSUAPI_DRS_PER_SYNC |
- DRSUAPI_DRS_ADD_REF;
- if (!s->am_rodc) {
- r1->replica_flags |= DRSUAPI_DRS_WRIT_REP;
- }
+ r1->replica_flags = kccsrv_replica_flags(s);
memset(r1->schedule, 0x11, sizeof(r1->schedule));
dsa_conn->servers = talloc_realloc(dsa_conn, dsa_conn->servers,
diff --git a/source4/dsdb/repl/drepl_out_helpers.c b/source4/dsdb/repl/drepl_out_helpers.c
index d2704ff..2a32e5c 100644
--- a/source4/dsdb/repl/drepl_out_helpers.c
+++ b/source4/dsdb/repl/drepl_out_helpers.c
@@ -337,11 +337,6 @@ static void dreplsrv_op_pull_source_get_changes_trigger(struct tevent_req *req)
NTSTATUS status;
uint32_t replica_flags;
- if ((rf1->replica_flags & DRSUAPI_DRS_WRIT_REP) == 0 &&
- state->op->extended_op == DRSUAPI_EXOP_NONE) {
- return;
- }
-
r = talloc(state, struct drsuapi_DsGetNCChanges);
if (tevent_req_nomem(r, req)) {
return;
@@ -389,8 +384,6 @@ static void dreplsrv_op_pull_source_get_changes_trigger(struct tevent_req *req)
DEBUG(0,(__location__ ": Failed to construct partial attribute set : %s\n", nt_errstr(status)));
return;
}
-
- replica_flags &= ~DRSUAPI_DRS_WRIT_REP;
}
r->in.bind_handle = &drsuapi->bind_handle;
@@ -630,16 +623,22 @@ static void dreplsrv_op_pull_source_apply_changes_trigger(struct tevent_req *req
return;
}
+ if (state->op->extended_op != DRSUAPI_EXOP_NONE ||
+ state->op->service->am_rodc) {
+ /*
+ we don't do the UpdateRefs for extended ops or if we
+ are a RODC
+ */
+ tevent_req_done(req);
+ return;
+ }
+
/* now we need to update the repsTo record for this partition
on the server. These records are initially established when
we join the domain, but they quickly expire. We do it here
so we can use the already established DRSUAPI pipe
*/
- if (state->op->extended_op == DRSUAPI_EXOP_NONE) {
- dreplsrv_update_refs_trigger(req);
- } else {
- tevent_req_done(req);
- }
+ dreplsrv_update_refs_trigger(req);
}
static void dreplsrv_update_refs_done(struct tevent_req *subreq);
--
Samba Shared Repository
More information about the samba-cvs
mailing list