Merge ~ahasenack/ubuntu/+source/samba:cosmic-samba-nochange-rebuild into ubuntu/+source/samba:ubuntu/devel

Proposed by Andreas Hasenack on 2018-07-03
Status: Merged
Approved by: Robie Basak on 2018-07-03
Approved revision: 583606c931dcabae7a6389e05dddbc73b9e742b2
Merge reported by: Andreas Hasenack
Merged at revision: 583606c931dcabae7a6389e05dddbc73b9e742b2
Proposed branch: ~ahasenack/ubuntu/+source/samba:cosmic-samba-nochange-rebuild
Merge into: ubuntu/+source/samba:ubuntu/devel
Diff against target: 820243 lines (+809181/-0)
1833 files modified
debian/changelog (+6/-0)
source4/ldap_server/ldap_backend.c (+1338/-0)
source4/ldap_server/ldap_bind.c (+759/-0)
source4/ldap_server/ldap_extended.c (+215/-0)
source4/ldap_server/ldap_server.c (+1259/-0)
source4/ldap_server/ldap_server.h (+105/-0)
source4/ldap_server/wscript_build (+13/-0)
source4/lib/cmdline/credentials.c (+54/-0)
source4/lib/cmdline/popt_common.c (+235/-0)
source4/lib/cmdline/popt_common.h (+47/-0)
source4/lib/cmdline/popt_credentials.c (+190/-0)
source4/lib/cmdline/wscript_build (+23/-0)
source4/lib/com/README (+9/-0)
source4/lib/com/classes/simple.c (+124/-0)
source4/lib/com/com.h (+53/-0)
source4/lib/com/dcom/dcom.h (+85/-0)
source4/lib/com/dcom/main.c (+704/-0)
source4/lib/com/dcom/tables.c (+94/-0)
source4/lib/com/main.c (+90/-0)
source4/lib/com/rot.c (+35/-0)
source4/lib/com/tables.c (+112/-0)
source4/lib/com/wscript_build (+28/-0)
source4/lib/events/events.h (+6/-0)
source4/lib/events/tevent_s4.c (+41/-0)
source4/lib/events/wscript_build (+9/-0)
source4/lib/http/gensec/basic.c (+204/-0)
source4/lib/http/gensec/ntlm.c (+185/-0)
source4/lib/http/http.c (+825/-0)
source4/lib/http/http.h (+120/-0)
source4/lib/http/http_auth.c (+364/-0)
source4/lib/http/http_internal.h (+62/-0)
source4/lib/http/wscript_build (+21/-0)
source4/lib/messaging/irpc.h (+86/-0)
source4/lib/messaging/messaging.c (+1190/-0)
source4/lib/messaging/messaging.h (+58/-0)
source4/lib/messaging/messaging_internal.h (+36/-0)
source4/lib/messaging/messaging_send.c (+115/-0)
source4/lib/messaging/pymessaging.c (+523/-0)
source4/lib/messaging/tests/irpc.c (+308/-0)
source4/lib/messaging/tests/messaging.c (+404/-0)
source4/lib/messaging/wscript_build (+21/-0)
source4/lib/policy/gp_filesys.c (+674/-0)
source4/lib/policy/gp_ini.c (+133/-0)
source4/lib/policy/gp_ldap.c (+1130/-0)
source4/lib/policy/gp_manage.c (+328/-0)
source4/lib/policy/policy.h (+125/-0)
source4/lib/policy/pypolicy.c (+150/-0)
source4/lib/policy/samba-policy.pc.in (+12/-0)
source4/lib/policy/wscript_build (+17/-0)
source4/lib/registry/Doxyfile (+24/-0)
source4/lib/registry/README (+42/-0)
source4/lib/registry/TODO (+5/-0)
source4/lib/registry/hive.c (+176/-0)
source4/lib/registry/interface.c (+297/-0)
source4/lib/registry/ldb.c (+991/-0)
source4/lib/registry/local.c (+408/-0)
source4/lib/registry/man/regdiff.1.xml (+100/-0)
source4/lib/registry/man/regpatch.1.xml (+89/-0)
source4/lib/registry/man/regshell.1.xml (+189/-0)
source4/lib/registry/man/regtree.1.xml (+101/-0)
source4/lib/registry/patchfile.c (+543/-0)
source4/lib/registry/patchfile_dotreg.c (+435/-0)
source4/lib/registry/patchfile_preg.c (+384/-0)
source4/lib/registry/pyregistry.c (+476/-0)
source4/lib/registry/regf.c (+2318/-0)
source4/lib/registry/regf.idl (+167/-0)
source4/lib/registry/registry.h (+532/-0)
source4/lib/registry/rpc.c (+579/-0)
source4/lib/registry/samba.c (+100/-0)
source4/lib/registry/tests/diff.c (+291/-0)
source4/lib/registry/tests/generic.c (+179/-0)
source4/lib/registry/tests/hive.c (+440/-0)
source4/lib/registry/tests/registry.c (+645/-0)
source4/lib/registry/tools/common.c (+88/-0)
source4/lib/registry/tools/regdiff.c (+151/-0)
source4/lib/registry/tools/regpatch.c (+76/-0)
source4/lib/registry/tools/regshell.c (+666/-0)
source4/lib/registry/tools/regtree.c (+171/-0)
source4/lib/registry/util.c (+302/-0)
source4/lib/registry/wine.c (+45/-0)
source4/lib/registry/wscript_build (+68/-0)
source4/lib/samba3/README (+5/-0)
source4/lib/samba3/samba3.h (+30/-0)
source4/lib/samba3/smbpasswd.c (+138/-0)
source4/lib/samba3/wscript_build (+9/-0)
source4/lib/socket/access.c (+129/-0)
source4/lib/socket/connect.c (+158/-0)
source4/lib/socket/connect_multi.c (+393/-0)
source4/lib/socket/interface.c (+524/-0)
source4/lib/socket/netif.h (+24/-0)
source4/lib/socket/socket.c (+640/-0)
source4/lib/socket/socket.h (+256/-0)
source4/lib/socket/socket_ip.c (+1036/-0)
source4/lib/socket/socket_unix.c (+442/-0)
source4/lib/socket/testsuite.c (+198/-0)
source4/lib/socket/wscript_build (+29/-0)
source4/lib/stream/packet.c (+626/-0)
source4/lib/stream/packet.h (+66/-0)
source4/lib/stream/wscript_build (+8/-0)
source4/lib/tls/tls.c (+647/-0)
source4/lib/tls/tls.h (+132/-0)
source4/lib/tls/tls_tstream.c (+1639/-0)
source4/lib/tls/tlscert.c (+179/-0)
source4/lib/tls/wscript (+87/-0)
source4/lib/wmi/tools/wmic.c (+221/-0)
source4/lib/wmi/tools/wmis.c (+222/-0)
source4/lib/wmi/wbemdata.c (+451/-0)
source4/lib/wmi/wmi.h (+48/-0)
source4/lib/wmi/wmi.i (+352/-0)
source4/lib/wmi/wmi.py (+95/-0)
source4/lib/wmi/wmi_wrap.c (+4304/-0)
source4/lib/wmi/wmicore.c (+253/-0)
source4/lib/wmi/wscript_build (+26/-0)
source4/libcli/cliconnect.c (+284/-0)
source4/libcli/clideltree.c (+146/-0)
source4/libcli/clifile.c (+675/-0)
source4/libcli/clilist.c (+354/-0)
source4/libcli/climessage.c (+104/-0)
source4/libcli/clireadwrite.c (+167/-0)
source4/libcli/clitrans2.c (+224/-0)
source4/libcli/composite/composite.c (+200/-0)
source4/libcli/composite/composite.h (+99/-0)
source4/libcli/dgram/browse.c (+114/-0)
source4/libcli/dgram/dgramsocket.c (+243/-0)
source4/libcli/dgram/libdgram.h (+155/-0)
source4/libcli/dgram/mailslot.c (+226/-0)
source4/libcli/dgram/netlogon.c (+142/-0)
source4/libcli/finddc.h (+41/-0)
source4/libcli/finddcs_cldap.c (+483/-0)
source4/libcli/finddcs_nbt.c (+311/-0)
source4/libcli/ldap/ldap_bind.c (+540/-0)
source4/libcli/ldap/ldap_client.c (+1047/-0)
source4/libcli/ldap/ldap_client.h (+149/-0)
source4/libcli/ldap/ldap_controls.c (+1282/-0)
source4/libcli/ldap/ldap_ildap.c (+133/-0)
source4/libcli/ldap/libcli_ldap.h (+31/-0)
source4/libcli/ldap/wscript_build (+11/-0)
source4/libcli/libcli.h (+357/-0)
source4/libcli/pysmb.c (+688/-0)
source4/libcli/rap/rap.c (+1689/-0)
source4/libcli/rap/rap.h (+76/-0)
source4/libcli/rap/wscript_build (+7/-0)
source4/libcli/raw/README (+5/-0)
source4/libcli/raw/clierror.c (+73/-0)
source4/libcli/raw/clioplock.c (+66/-0)
source4/libcli/raw/clisession.c (+310/-0)
source4/libcli/raw/clisocket.c (+459/-0)
source4/libcli/raw/clitransport.c (+611/-0)
source4/libcli/raw/clitree.c (+227/-0)
source4/libcli/raw/interfaces.h (+2876/-0)
source4/libcli/raw/libcliraw.h (+340/-0)
source4/libcli/raw/rawacl.c (+163/-0)
source4/libcli/raw/rawdate.c (+82/-0)
source4/libcli/raw/raweas.c (+367/-0)
source4/libcli/raw/rawfile.c (+1046/-0)
source4/libcli/raw/rawfileinfo.c (+778/-0)
source4/libcli/raw/rawfsinfo.c (+431/-0)
source4/libcli/raw/rawioctl.c (+173/-0)
source4/libcli/raw/rawlpq.c (+48/-0)
source4/libcli/raw/rawnegotiate.c (+163/-0)
source4/libcli/raw/rawnotify.c (+122/-0)
source4/libcli/raw/rawreadwrite.c (+345/-0)
source4/libcli/raw/rawrequest.c (+1050/-0)
source4/libcli/raw/rawsearch.c (+842/-0)
source4/libcli/raw/rawsetfileinfo.c (+492/-0)
source4/libcli/raw/rawshadow.c (+82/-0)
source4/libcli/raw/rawtrans.c (+437/-0)
source4/libcli/raw/request.h (+78/-0)
source4/libcli/raw/signing.h (+39/-0)
source4/libcli/raw/smb.h (+322/-0)
source4/libcli/raw/smb_signing.c (+231/-0)
source4/libcli/raw/trans2.h (+308/-0)
source4/libcli/resolve/bcast.c (+116/-0)
source4/libcli/resolve/dns_ex.c (+661/-0)
source4/libcli/resolve/host.c (+60/-0)
source4/libcli/resolve/lmhosts.c (+129/-0)
source4/libcli/resolve/nbtlist.c (+223/-0)
source4/libcli/resolve/resolve.c (+340/-0)
source4/libcli/resolve/resolve.h (+53/-0)
source4/libcli/resolve/resolve_lp.c (+52/-0)
source4/libcli/resolve/testsuite.c (+92/-0)
source4/libcli/resolve/wins.c (+83/-0)
source4/libcli/security/tests/sddl.c (+107/-0)
source4/libcli/smb2/break.c (+74/-0)
source4/libcli/smb2/cancel.c (+45/-0)
source4/libcli/smb2/close.c (+80/-0)
source4/libcli/smb2/connect.c (+354/-0)
source4/libcli/smb2/create.c (+450/-0)
source4/libcli/smb2/find.c (+180/-0)
source4/libcli/smb2/flush.c (+70/-0)
source4/libcli/smb2/getinfo.c (+220/-0)
source4/libcli/smb2/ioctl.c (+140/-0)
source4/libcli/smb2/keepalive.c (+68/-0)
source4/libcli/smb2/lease_break.c (+81/-0)
source4/libcli/smb2/lock.c (+82/-0)
source4/libcli/smb2/logoff.c (+67/-0)
source4/libcli/smb2/notify.c (+114/-0)
source4/libcli/smb2/read.c (+89/-0)
source4/libcli/smb2/request.c (+717/-0)
source4/libcli/smb2/session.c (+453/-0)
source4/libcli/smb2/setinfo.c (+122/-0)
source4/libcli/smb2/signing.c (+123/-0)
source4/libcli/smb2/smb2.h (+193/-0)
source4/libcli/smb2/smb2_calls.h (+99/-0)
source4/libcli/smb2/tcon.c (+52/-0)
source4/libcli/smb2/tdis.c (+65/-0)
source4/libcli/smb2/transport.c (+487/-0)
source4/libcli/smb2/util.c (+241/-0)
source4/libcli/smb2/write.c (+81/-0)
source4/libcli/smb2/wscript_build (+10/-0)
source4/libcli/smb_composite/appendacl.c (+313/-0)
source4/libcli/smb_composite/connect.c (+482/-0)
source4/libcli/smb_composite/fetchfile.c (+191/-0)
source4/libcli/smb_composite/fsinfo.c (+214/-0)
source4/libcli/smb_composite/loadfile.c (+293/-0)
source4/libcli/smb_composite/savefile.c (+288/-0)
source4/libcli/smb_composite/sesssetup.c (+846/-0)
source4/libcli/smb_composite/smb2.c (+447/-0)
source4/libcli/smb_composite/smb_composite.h (+260/-0)
source4/libcli/smbc/README (+1/-0)
source4/libcli/util/clilsa.c (+411/-0)
source4/libcli/util/pyerrors.h (+79/-0)
source4/libcli/wbclient/wbclient.c (+193/-0)
source4/libcli/wbclient/wbclient.h (+25/-0)
source4/libcli/wbclient/wscript_build (+10/-0)
source4/libcli/wrepl/winsrepl.c (+1172/-0)
source4/libcli/wrepl/winsrepl.h (+110/-0)
source4/libcli/wscript_build (+93/-0)
source4/libnet/composite.h (+56/-0)
source4/libnet/groupinfo.c (+384/-0)
source4/libnet/groupinfo.h (+54/-0)
source4/libnet/groupman.c (+139/-0)
source4/libnet/groupman.h (+35/-0)
source4/libnet/libnet.c (+61/-0)
source4/libnet/libnet.h (+86/-0)
source4/libnet/libnet_become_dc.c (+3281/-0)
source4/libnet/libnet_become_dc.h (+152/-0)
source4/libnet/libnet_domain.c (+1304/-0)
source4/libnet/libnet_domain.h (+70/-0)
source4/libnet/libnet_export_keytab.c (+214/-0)
source4/libnet/libnet_export_keytab.h (+32/-0)
source4/libnet/libnet_group.c (+764/-0)
source4/libnet/libnet_group.h (+74/-0)
source4/libnet/libnet_join.c (+1026/-0)
source4/libnet/libnet_join.h (+101/-0)
source4/libnet/libnet_lookup.c (+436/-0)
source4/libnet/libnet_lookup.h (+69/-0)
source4/libnet/libnet_passwd.c (+723/-0)
source4/libnet/libnet_passwd.h (+137/-0)
source4/libnet/libnet_rpc.c (+1031/-0)
source4/libnet/libnet_rpc.h (+73/-0)
source4/libnet/libnet_samdump.c (+206/-0)
source4/libnet/libnet_samsync.c (+281/-0)
source4/libnet/libnet_samsync.h (+83/-0)
source4/libnet/libnet_samsync_ldb.c (+1279/-0)
source4/libnet/libnet_share.c (+215/-0)
source4/libnet/libnet_share.h (+70/-0)
source4/libnet/libnet_site.c (+292/-0)
source4/libnet/libnet_site.h (+35/-0)
source4/libnet/libnet_time.c (+125/-0)
source4/libnet/libnet_time.h (+46/-0)
source4/libnet/libnet_unbecome_dc.c (+792/-0)
source4/libnet/libnet_unbecome_dc.h (+31/-0)
source4/libnet/libnet_user.c (+1241/-0)
source4/libnet/libnet_user.h (+156/-0)
source4/libnet/libnet_vampire.c (+810/-0)
source4/libnet/libnet_vampire.h (+58/-0)
source4/libnet/prereq_domain.c (+144/-0)
source4/libnet/py_net.c (+841/-0)
source4/libnet/py_net.h (+24/-0)
source4/libnet/py_net_dckeytab.c (+106/-0)
source4/libnet/userinfo.c (+382/-0)
source4/libnet/userinfo.h (+54/-0)
source4/libnet/userman.c (+922/-0)
source4/libnet/userman.h (+106/-0)
source4/libnet/wscript_build (+26/-0)
source4/librpc/dcerpc.pc.in (+11/-0)
source4/librpc/dcerpc_samr.pc.in (+11/-0)
source4/librpc/gen_ndr/README (+4/-0)
source4/librpc/idl/IDL_LICENSE.txt (+9/-0)
source4/librpc/idl/irpc.idl (+221/-0)
source4/librpc/idl/ntp_signd.idl (+46/-0)
source4/librpc/idl/opendb.idl (+46/-0)
source4/librpc/idl/sasl_helpers.idl (+24/-0)
source4/librpc/idl/winbind.idl (+35/-0)
source4/librpc/idl/winsif.idl (+342/-0)
source4/librpc/idl/winsrepl.idl (+179/-0)
source4/librpc/idl/winstation.idl (+13/-0)
source4/librpc/idl/wscript_build (+12/-0)
source4/librpc/ndr/py_auth.c (+71/-0)
source4/librpc/ndr/py_lsa.c (+77/-0)
source4/librpc/ndr/py_misc.c (+177/-0)
source4/librpc/ndr/py_security.c (+475/-0)
source4/librpc/ndr/py_xattr.c (+99/-0)
source4/librpc/rpc/dcerpc.c (+2621/-0)
source4/librpc/rpc/dcerpc.h (+275/-0)
source4/librpc/rpc/dcerpc.py (+18/-0)
source4/librpc/rpc/dcerpc_auth.c (+556/-0)
source4/librpc/rpc/dcerpc_connect.c (+1253/-0)
source4/librpc/rpc/dcerpc_roh.c (+800/-0)
source4/librpc/rpc/dcerpc_roh.h (+116/-0)
source4/librpc/rpc/dcerpc_roh_channel_in.c (+471/-0)
source4/librpc/rpc/dcerpc_roh_channel_out.c (+743/-0)
source4/librpc/rpc/dcerpc_schannel.c (+627/-0)
source4/librpc/rpc/dcerpc_secondary.c (+448/-0)
source4/librpc/rpc/dcerpc_smb.c (+297/-0)
source4/librpc/rpc/dcerpc_sock.c (+500/-0)
source4/librpc/rpc/dcerpc_util.c (+897/-0)
source4/librpc/rpc/pyrpc.c (+480/-0)
source4/librpc/rpc/pyrpc.h (+54/-0)
source4/librpc/rpc/pyrpc_util.c (+450/-0)
source4/librpc/rpc/pyrpc_util.h (+67/-0)
source4/librpc/scripts/build_idl.sh (+37/-0)
source4/librpc/tests/binding_string.c (+327/-0)
source4/librpc/tests/dns-decode_dns_name_packet-hex.dat (+7/-0)
source4/librpc/wscript_build (+416/-0)
source4/nbt_server/defense.c (+79/-0)
source4/nbt_server/dgram/browse.c (+85/-0)
source4/nbt_server/dgram/netlogon.c (+201/-0)
source4/nbt_server/dgram/ntlogon.c (+121/-0)
source4/nbt_server/dgram/request.c (+150/-0)
source4/nbt_server/interfaces.c (+426/-0)
source4/nbt_server/irpc.c (+210/-0)
source4/nbt_server/nbt_server.c (+104/-0)
source4/nbt_server/nbt_server.h (+94/-0)
source4/nbt_server/nodestatus.c (+126/-0)
source4/nbt_server/packet.c (+343/-0)
source4/nbt_server/query.c (+102/-0)
source4/nbt_server/register.c (+310/-0)
source4/nbt_server/wins/wins_dns_proxy.c (+99/-0)
source4/nbt_server/wins/wins_hook.c (+94/-0)
source4/nbt_server/wins/wins_ldb.c (+127/-0)
source4/nbt_server/wins/winsclient.c (+284/-0)
source4/nbt_server/wins/winsdb.c (+1014/-0)
source4/nbt_server/wins/winsdb.h (+81/-0)
source4/nbt_server/wins/winsserver.c (+1074/-0)
source4/nbt_server/wins/winsserver.h (+67/-0)
source4/nbt_server/wins/winswack.c (+387/-0)
source4/nbt_server/wscript_build (+54/-0)
source4/ntp_signd/README (+7/-0)
source4/ntp_signd/ntp-dev-4.2.5p125.diff (+579/-0)
source4/ntp_signd/ntp_signd.c (+558/-0)
source4/ntp_signd/wscript_build (+11/-0)
source4/ntvfs/README (+26/-0)
source4/ntvfs/cifs/README (+40/-0)
source4/ntvfs/cifs/vfs_cifs.c (+1259/-0)
source4/ntvfs/cifs_posix_cli/README (+12/-0)
source4/ntvfs/cifs_posix_cli/cifsposix.h (+38/-0)
source4/ntvfs/cifs_posix_cli/svfs_util.c (+195/-0)
source4/ntvfs/cifs_posix_cli/vfs_cifs_posix.c (+1112/-0)
source4/ntvfs/common/brlock.c (+136/-0)
source4/ntvfs/common/brlock.h (+55/-0)
source4/ntvfs/common/brlock_tdb.c (+773/-0)
source4/ntvfs/common/init.c (+34/-0)
source4/ntvfs/common/notify.c (+672/-0)
source4/ntvfs/common/ntvfs_common.h (+32/-0)
source4/ntvfs/common/opendb.c (+200/-0)
source4/ntvfs/common/opendb.h (+59/-0)
source4/ntvfs/common/opendb_tdb.c (+886/-0)
source4/ntvfs/common/wscript_build (+9/-0)
source4/ntvfs/ipc/README (+5/-0)
source4/ntvfs/ipc/ipc.h (+0/-0)
source4/ntvfs/ipc/ipc_rap.c (+511/-0)
source4/ntvfs/ipc/np_echo.c (+0/-0)
source4/ntvfs/ipc/rap_server.c (+91/-0)
source4/ntvfs/ipc/vfs_ipc.c (+1353/-0)
source4/ntvfs/nbench/README (+13/-0)
source4/ntvfs/nbench/vfs_nbench.c (+982/-0)
source4/ntvfs/ntvfs.h (+338/-0)
source4/ntvfs/ntvfs_base.c (+249/-0)
source4/ntvfs/ntvfs_generic.c (+1643/-0)
source4/ntvfs/ntvfs_interface.c (+713/-0)
source4/ntvfs/ntvfs_util.c (+202/-0)
source4/ntvfs/posix/posix_eadb.c (+295/-0)
source4/ntvfs/posix/posix_eadb.h (+20/-0)
source4/ntvfs/posix/pvfs_acl.c (+1083/-0)
source4/ntvfs/posix/pvfs_acl_nfs4.c (+199/-0)
source4/ntvfs/posix/pvfs_acl_xattr.c (+104/-0)
source4/ntvfs/posix/pvfs_aio.c (+166/-0)
source4/ntvfs/posix/pvfs_dirlist.c (+407/-0)
source4/ntvfs/posix/pvfs_fileinfo.c (+159/-0)
source4/ntvfs/posix/pvfs_flush.c (+80/-0)
source4/ntvfs/posix/pvfs_fsinfo.c (+223/-0)
source4/ntvfs/posix/pvfs_ioctl.c (+82/-0)
source4/ntvfs/posix/pvfs_lock.c (+411/-0)
source4/ntvfs/posix/pvfs_mkdir.c (+196/-0)
source4/ntvfs/posix/pvfs_notify.c (+300/-0)
source4/ntvfs/posix/pvfs_open.c (+2097/-0)
source4/ntvfs/posix/pvfs_oplock.c (+298/-0)
source4/ntvfs/posix/pvfs_qfileinfo.c (+465/-0)
source4/ntvfs/posix/pvfs_read.c (+113/-0)
source4/ntvfs/posix/pvfs_rename.c (+675/-0)
source4/ntvfs/posix/pvfs_resolve.c (+826/-0)
source4/ntvfs/posix/pvfs_search.c (+864/-0)
source4/ntvfs/posix/pvfs_seek.c (+65/-0)
source4/ntvfs/posix/pvfs_setfileinfo.c (+884/-0)
source4/ntvfs/posix/pvfs_shortname.c (+695/-0)
source4/ntvfs/posix/pvfs_streams.c (+556/-0)
source4/ntvfs/posix/pvfs_sys.c (+662/-0)
source4/ntvfs/posix/pvfs_unlink.c (+276/-0)
source4/ntvfs/posix/pvfs_util.c (+206/-0)
source4/ntvfs/posix/pvfs_wait.c (+203/-0)
source4/ntvfs/posix/pvfs_write.c (+155/-0)
source4/ntvfs/posix/pvfs_xattr.c (+488/-0)
source4/ntvfs/posix/python/pyposix_eadb.c (+130/-0)
source4/ntvfs/posix/python/pyxattr_native.c (+121/-0)
source4/ntvfs/posix/python/pyxattr_tdb.c (+167/-0)
source4/ntvfs/posix/vfs_posix.c (+427/-0)
source4/ntvfs/posix/vfs_posix.h (+297/-0)
source4/ntvfs/posix/wscript_build (+67/-0)
source4/ntvfs/posix/xattr_system.c (+145/-0)
source4/ntvfs/print/README (+3/-0)
source4/ntvfs/print/vfs_print.c (+132/-0)
source4/ntvfs/simple/README (+10/-0)
source4/ntvfs/simple/svfs.h (+38/-0)
source4/ntvfs/simple/svfs_util.c (+189/-0)
source4/ntvfs/simple/vfs_simple.c (+1112/-0)
source4/ntvfs/smb2/vfs_smb2.c (+904/-0)
source4/ntvfs/sysdep/README (+5/-0)
source4/ntvfs/sysdep/inotify.c (+398/-0)
source4/ntvfs/sysdep/sys_lease.c (+150/-0)
source4/ntvfs/sysdep/sys_lease.h (+66/-0)
source4/ntvfs/sysdep/sys_lease_linux.c (+215/-0)
source4/ntvfs/sysdep/sys_notify.c (+149/-0)
source4/ntvfs/sysdep/sys_notify.h (+54/-0)
source4/ntvfs/sysdep/wscript_build (+31/-0)
source4/ntvfs/sysdep/wscript_configure (+14/-0)
source4/ntvfs/unixuid/vfs_unixuid.c (+724/-0)
source4/ntvfs/unixuid/wscript_build (+9/-0)
source4/ntvfs/wscript_build (+75/-0)
source4/param/loadparm.c (+61/-0)
source4/param/provision.c (+394/-0)
source4/param/provision.h (+72/-0)
source4/param/pyparam.c (+581/-0)
source4/param/pyparam.h (+28/-0)
source4/param/pyparam_util.c (+81/-0)
source4/param/secrets.c (+142/-0)
source4/param/secrets.h (+49/-0)
source4/param/share.c (+157/-0)
source4/param/share.h (+151/-0)
source4/param/share_classic.c (+390/-0)
source4/param/share_ldb.c (+604/-0)
source4/param/tests/loadparm.c (+271/-0)
source4/param/tests/share.c (+216/-0)
source4/param/wscript_build (+65/-0)
source4/rpc_server/backupkey/dcesrv_backupkey.c (+1819/-0)
source4/rpc_server/backupkey/dcesrv_backupkey_heimdal.c (+1858/-0)
source4/rpc_server/browser/dcesrv_browser.c (+169/-0)
source4/rpc_server/common/common.h (+43/-0)
source4/rpc_server/common/forward.c (+129/-0)
source4/rpc_server/common/loadparm.c (+45/-0)
source4/rpc_server/common/reply.c (+287/-0)
source4/rpc_server/common/server_info.c (+182/-0)
source4/rpc_server/common/share_info.c (+121/-0)
source4/rpc_server/common/sid_helper.c (+134/-0)
source4/rpc_server/dcerpc_server.c (+3149/-0)
source4/rpc_server/dcerpc_server.h (+496/-0)
source4/rpc_server/dcerpc_server.pc.in (+12/-0)
source4/rpc_server/dcesrv_auth.c (+564/-0)
source4/rpc_server/dcesrv_mgmt.c (+125/-0)
source4/rpc_server/dnsserver/dcerpc_dnsserver.c (+2345/-0)
source4/rpc_server/dnsserver/dnsdata.c (+1203/-0)
source4/rpc_server/dnsserver/dnsdb.c (+1009/-0)
source4/rpc_server/dnsserver/dnsserver.h (+262/-0)
source4/rpc_server/dnsserver/dnsutils.c (+394/-0)
source4/rpc_server/drsuapi/addentry.c (+240/-0)
source4/rpc_server/drsuapi/dcesrv_drsuapi.c (+1073/-0)
source4/rpc_server/drsuapi/dcesrv_drsuapi.h (+84/-0)
source4/rpc_server/drsuapi/drsutil.c (+221/-0)
source4/rpc_server/drsuapi/getncchanges.c (+3015/-0)
source4/rpc_server/drsuapi/updaterefs.c (+387/-0)
source4/rpc_server/drsuapi/writespn.c (+253/-0)
source4/rpc_server/echo/rpc_echo.c (+211/-0)
source4/rpc_server/epmapper/rpc_epmapper.c (+285/-0)
source4/rpc_server/eventlog/dcesrv_eventlog6.c (+331/-0)
source4/rpc_server/handles.c (+124/-0)
source4/rpc_server/lsa/dcesrv_lsa.c (+4806/-0)
source4/rpc_server/lsa/lsa.h (+70/-0)
source4/rpc_server/lsa/lsa_init.c (+292/-0)
source4/rpc_server/lsa/lsa_lookup.c (+1155/-0)
source4/rpc_server/netlogon/dcerpc_netlogon.c (+3692/-0)
source4/rpc_server/remote/README (+38/-0)
source4/rpc_server/remote/dcesrv_remote.c (+431/-0)
source4/rpc_server/samr/dcesrv_samr.c (+4430/-0)
source4/rpc_server/samr/dcesrv_samr.h (+70/-0)
source4/rpc_server/samr/samr_password.c (+668/-0)
source4/rpc_server/service_rpc.c (+146/-0)
source4/rpc_server/srvsvc/dcesrv_srvsvc.c (+2286/-0)
source4/rpc_server/srvsvc/srvsvc_ntvfs.c (+134/-0)
source4/rpc_server/unixinfo/dcesrv_unixinfo.c (+191/-0)
source4/rpc_server/winreg/README (+3/-0)
source4/rpc_server/winreg/rpc_winreg.c (+737/-0)
source4/rpc_server/wkssvc/dcesrv_wkssvc.c (+403/-0)
source4/rpc_server/wscript_build (+178/-0)
source4/script/buildtree.pl (+40/-0)
source4/script/depfilter.py (+50/-0)
source4/script/extract_allparms.sh (+2/-0)
source4/script/find_unused_options.sh (+37/-0)
source4/script/minimal_includes.pl (+171/-0)
source4/script/mkproto.pl (+252/-0)
source4/script/update-proto.pl (+242/-0)
source4/scripting/bin/autoidl (+161/-0)
source4/scripting/bin/enablerecyclebin (+53/-0)
source4/scripting/bin/findprovisionusnranges (+80/-0)
source4/scripting/bin/fullschema (+183/-0)
source4/scripting/bin/gen_error_common.py (+82/-0)
source4/scripting/bin/gen_hresult.py (+228/-0)
source4/scripting/bin/gen_ntstatus.py (+148/-0)
source4/scripting/bin/gen_werror.py (+149/-0)
source4/scripting/bin/get-descriptors (+150/-0)
source4/scripting/bin/ktpass.sh (+97/-0)
source4/scripting/bin/machineaccountccache (+30/-0)
source4/scripting/bin/minschema (+566/-0)
source4/scripting/bin/mymachinepw (+59/-0)
source4/scripting/bin/nsupdate-gss (+352/-0)
source4/scripting/bin/rebuildextendeddn (+134/-0)
source4/scripting/bin/renamedc (+192/-0)
source4/scripting/bin/rpcclient (+305/-0)
source4/scripting/bin/samba-tool (+50/-0)
source4/scripting/bin/samba3dump (+180/-0)
source4/scripting/bin/samba_backup (+97/-0)
source4/scripting/bin/samba_dnsupdate (+945/-0)
source4/scripting/bin/samba_kcc (+342/-0)
source4/scripting/bin/samba_spnupdate (+252/-0)
source4/scripting/bin/samba_upgradedns (+528/-0)
source4/scripting/bin/samba_upgradeprovision (+1830/-0)
source4/scripting/bin/setup_dns.sh (+43/-0)
source4/scripting/bin/smbstatus (+89/-0)
source4/scripting/bin/subunitrun (+87/-0)
source4/scripting/bin/w32err_code.py (+362/-0)
source4/scripting/bin/wscript_build (+5/-0)
source4/scripting/devel/addlotscontacts (+96/-0)
source4/scripting/devel/chgkrbtgtpass (+63/-0)
source4/scripting/devel/chgtdcpass (+63/-0)
source4/scripting/devel/config_base (+40/-0)
source4/scripting/devel/crackname (+78/-0)
source4/scripting/devel/createtrust (+125/-0)
source4/scripting/devel/demodirsync.py (+156/-0)
source4/scripting/devel/drs/fsmo.ldif.template (+75/-0)
source4/scripting/devel/drs/named.conf.ad.template (+6/-0)
source4/scripting/devel/drs/revampire_ad.sh (+23/-0)
source4/scripting/devel/drs/unvampire_ad.sh (+14/-0)
source4/scripting/devel/drs/vampire_ad.sh (+28/-0)
source4/scripting/devel/drs/vars (+12/-0)
source4/scripting/devel/enumprivs (+58/-0)
source4/scripting/devel/getncchanges (+144/-0)
source4/scripting/devel/nmfind (+15/-0)
source4/scripting/devel/pfm_verify.py (+191/-0)
source4/scripting/devel/rebuild_zone.sh (+107/-0)
source4/scripting/devel/repl_cleartext_pwd.py (+409/-0)
source4/scripting/devel/rodcdns (+43/-0)
source4/scripting/devel/selftest-vars.sh (+49/-0)
source4/scripting/devel/speedtest.py (+231/-0)
source4/scripting/devel/tmpfs.sh (+16/-0)
source4/scripting/devel/watch_servers.sh (+14/-0)
source4/scripting/wscript_build (+19/-0)
source4/selftest/test_samba3dump.sh (+14/-0)
source4/selftest/test_w2k3.sh (+48/-0)
source4/selftest/test_w2k3_file.sh (+44/-0)
source4/selftest/test_win.sh (+42/-0)
source4/selftest/tests.py (+947/-0)
source4/selftest/tests_win.sh (+30/-0)
source4/selftest/tests_win2k3_dc.sh (+22/-0)
source4/selftest/win/README (+121/-0)
source4/selftest/win/VMHost.pm (+359/-0)
source4/selftest/win/common.exp (+521/-0)
source4/selftest/win/test_win.conf (+83/-0)
source4/selftest/win/vm_get_ip.pl (+48/-0)
source4/selftest/win/vm_load_snapshot.pl (+46/-0)
source4/selftest/win/wintest_2k3_dc.sh (+114/-0)
source4/selftest/win/wintest_base.sh (+67/-0)
source4/selftest/win/wintest_client.exp (+95/-0)
source4/selftest/win/wintest_client.sh (+26/-0)
source4/selftest/win/wintest_functions.sh (+54/-0)
source4/selftest/win/wintest_net.sh (+62/-0)
source4/selftest/win/wintest_raw.sh (+68/-0)
source4/selftest/win/wintest_remove.exp (+71/-0)
source4/selftest/win/wintest_rpc.sh (+66/-0)
source4/selftest/win/wintest_setup.exp (+104/-0)
source4/setup/DB_CONFIG (+14/-0)
source4/setup/ad-schema/MS-AD_Schema_2K8_Attributes.txt (+15638/-0)
source4/setup/ad-schema/MS-AD_Schema_2K8_Classes.txt (+3473/-0)
source4/setup/ad-schema/MS-AD_Schema_2K8_R2_Attributes.txt (+16060/-0)
source4/setup/ad-schema/MS-AD_Schema_2K8_R2_Classes.txt (+3577/-0)
source4/setup/ad-schema/licence.txt (+7/-0)
source4/setup/aggregate_schema.ldif (+5/-0)
source4/setup/cn=samba.ldif (+16/-0)
source4/setup/display-specifiers/DisplaySpecifiers-Win2k0.txt (+23573/-0)
source4/setup/display-specifiers/DisplaySpecifiers-Win2k3.txt (+29548/-0)
source4/setup/display-specifiers/DisplaySpecifiers-Win2k3R2.txt (+29549/-0)
source4/setup/display-specifiers/DisplaySpecifiers-Win2k8.txt (+32733/-0)
source4/setup/display-specifiers/DisplaySpecifiers-Win2k8R2.txt (+32758/-0)
source4/setup/dns_update_list (+56/-0)
source4/setup/fedora-ds-init.ldif (+27/-0)
source4/setup/fedorads-dna.ldif (+17/-0)
source4/setup/fedorads-index.ldif (+7/-0)
source4/setup/fedorads-linked-attributes.ldif (+7/-0)
source4/setup/fedorads-pam.ldif (+2/-0)
source4/setup/fedorads-partitions.ldif (+45/-0)
source4/setup/fedorads-refint-add.ldif (+6/-0)
source4/setup/fedorads-refint-delete.ldif (+20/-0)
source4/setup/fedorads-samba.ldif (+21/-0)
source4/setup/fedorads-sasl.ldif (+20/-0)
source4/setup/fedorads.inf (+36/-0)
source4/setup/idmap_init.ldif (+8/-0)
source4/setup/krb5.conf (+4/-0)
source4/setup/memberof.conf (+9/-0)
source4/setup/mmr_serverids.conf (+1/-0)
source4/setup/mmr_syncrepl.conf (+12/-0)
source4/setup/modules.conf (+1/-0)
source4/setup/named.conf (+39/-0)
source4/setup/named.conf.dlz (+25/-0)
source4/setup/named.conf.update (+4/-0)
source4/setup/named.txt (+49/-0)
source4/setup/olc_mmr.conf (+3/-0)
source4/setup/olc_seed.ldif (+16/-0)
source4/setup/olc_serverid.conf (+1/-0)
source4/setup/olc_syncrepl.conf (+13/-0)
source4/setup/olc_syncrepl_seed.conf (+5/-0)
source4/setup/prefixMap.txt (+41/-0)
source4/setup/provision.ldif (+853/-0)
source4/setup/provision.reg (+45/-0)
source4/setup/provision.zone (+50/-0)
source4/setup/provision_basedn.ldif (+10/-0)
source4/setup/provision_basedn_modify.ldif (+94/-0)
source4/setup/provision_basedn_options.ldif (+2/-0)
source4/setup/provision_basedn_references.ldif (+22/-0)
source4/setup/provision_computers_add.ldif (+4/-0)
source4/setup/provision_computers_modify.ldif (+13/-0)
source4/setup/provision_configuration.ldif (+1253/-0)
source4/setup/provision_configuration_basedn.ldif (+9/-0)
source4/setup/provision_configuration_modify.ldif (+6/-0)
source4/setup/provision_configuration_references.ldif (+14/-0)
source4/setup/provision_dns_accounts_add.ldif (+12/-0)
source4/setup/provision_dns_add_samba.ldif (+16/-0)
source4/setup/provision_dnszones_add.ldif (+42/-0)
source4/setup/provision_dnszones_modify.ldif (+21/-0)
source4/setup/provision_dnszones_partitions.ldif (+11/-0)
source4/setup/provision_group_policy.ldif (+57/-0)
source4/setup/provision_init.ldif (+33/-0)
source4/setup/provision_partitions.ldif (+6/-0)
source4/setup/provision_privilege.ldif (+78/-0)
source4/setup/provision_rootdse_add.ldif (+29/-0)
source4/setup/provision_rootdse_modify.ldif (+7/-0)
source4/setup/provision_schema_basedn.ldif (+9/-0)
source4/setup/provision_schema_basedn_modify.ldif (+10/-0)
source4/setup/provision_self_join.ldif (+29/-0)
source4/setup/provision_self_join_config.ldif (+33/-0)
source4/setup/provision_self_join_modify.ldif (+26/-0)
source4/setup/provision_self_join_modify_config.ldif (+14/-0)
source4/setup/provision_users.ldif (+434/-0)
source4/setup/provision_users_add.ldif (+4/-0)
source4/setup/provision_users_modify.ldif (+13/-0)
source4/setup/provision_well_known_sec_princ.ldif (+137/-0)
source4/setup/refint.conf (+3/-0)
source4/setup/schema-map-fedora-ds-1.0 (+86/-0)
source4/setup/schema-map-openldap-2.3 (+56/-0)
source4/setup/schema_samba4.ldif (+394/-0)
source4/setup/secrets.ldif (+10/-0)
source4/setup/secrets_dns.ldif (+12/-0)
source4/setup/secrets_init.ldif (+16/-0)
source4/setup/secrets_sasl_ldap.ldif (+7/-0)
source4/setup/secrets_simple_ldap.ldif (+6/-0)
source4/setup/share.ldif (+46/-0)
source4/setup/slapd.conf (+194/-0)
source4/setup/spn_update_list (+30/-0)
source4/setup/tests/blackbox_group.sh (+80/-0)
source4/setup/tests/blackbox_newuser.sh (+42/-0)
source4/setup/tests/blackbox_provision-backend.sh (+26/-0)
source4/setup/tests/blackbox_provision.sh (+48/-0)
source4/setup/tests/blackbox_s3upgrade.sh (+99/-0)
source4/setup/tests/blackbox_setpassword.sh (+30/-0)
source4/setup/tests/blackbox_spn.sh (+33/-0)
source4/setup/tests/blackbox_supported_features.sh (+88/-0)
source4/setup/tests/blackbox_upgradeprovision.sh (+80/-0)
source4/setup/wscript_build (+12/-0)
source4/setup/ypServ30.ldif (+507/-0)
source4/smb_server/blob.c (+810/-0)
source4/smb_server/handle.c (+142/-0)
source4/smb_server/management.c (+138/-0)
source4/smb_server/service_smb.c (+93/-0)
source4/smb_server/session.c (+162/-0)
source4/smb_server/smb/negprot.c (+565/-0)
source4/smb_server/smb/nttrans.c (+812/-0)
source4/smb_server/smb/receive.c (+679/-0)
source4/smb_server/smb/reply.c (+2379/-0)
source4/smb_server/smb/request.c (+779/-0)
source4/smb_server/smb/search.c (+283/-0)
source4/smb_server/smb/service.c (+200/-0)
source4/smb_server/smb/sesssetup.c (+646/-0)
source4/smb_server/smb/signing.c (+147/-0)
source4/smb_server/smb/srvtime.c (+82/-0)
source4/smb_server/smb/trans2.c (+1557/-0)
source4/smb_server/smb/wscript_build (+10/-0)
source4/smb_server/smb2/fileinfo.c (+377/-0)
source4/smb_server/smb2/fileio.c (+546/-0)
source4/smb_server/smb2/find.c (+167/-0)
source4/smb_server/smb2/keepalive.c (+71/-0)
source4/smb_server/smb2/negprot.c (+326/-0)
source4/smb_server/smb2/receive.c (+710/-0)
source4/smb_server/smb2/sesssetup.c (+326/-0)
source4/smb_server/smb2/smb2_server.h (+192/-0)
source4/smb_server/smb2/tcon.c (+446/-0)
source4/smb_server/smb2/wscript_build (+9/-0)
source4/smb_server/smb_server.c (+203/-0)
source4/smb_server/smb_server.h (+521/-0)
source4/smb_server/tcon.c (+194/-0)
source4/smb_server/wscript_build (+21/-0)
source4/smbd/process_model.c (+138/-0)
source4/smbd/process_model.h (+86/-0)
source4/smbd/process_single.c (+138/-0)
source4/smbd/process_standard.c (+511/-0)
source4/smbd/server.c (+648/-0)
source4/smbd/service.c (+105/-0)
source4/smbd/service.h (+30/-0)
source4/smbd/service_named_pipe.c (+260/-0)
source4/smbd/service_stream.c (+399/-0)
source4/smbd/service_stream.h (+79/-0)
source4/smbd/service_task.c (+125/-0)
source4/smbd/service_task.h (+38/-0)
source4/smbd/wscript_build (+46/-0)
source4/torture/auth/ntlmssp.c (+163/-0)
source4/torture/auth/pac.c (+741/-0)
source4/torture/auth/smbencrypt.c (+70/-0)
source4/torture/basic/aliases.c (+397/-0)
source4/torture/basic/attr.c (+433/-0)
source4/torture/basic/base.c (+2002/-0)
source4/torture/basic/charset.c (+209/-0)
source4/torture/basic/cxd_known.h (+8670/-0)
source4/torture/basic/delaywrite.c (+3095/-0)
source4/torture/basic/delete.c (+2246/-0)
source4/torture/basic/denytest.c (+2822/-0)
source4/torture/basic/dir.c (+171/-0)
source4/torture/basic/disconnect.c (+182/-0)
source4/torture/basic/locking.c (+811/-0)
source4/torture/basic/mangle_test.c (+206/-0)
source4/torture/basic/misc.c (+999/-0)
source4/torture/basic/properties.c (+118/-0)
source4/torture/basic/rename.c (+98/-0)
source4/torture/basic/scanner.c (+623/-0)
source4/torture/basic/secleak.c (+77/-0)
source4/torture/basic/unlink.c (+91/-0)
source4/torture/basic/utable.c (+202/-0)
source4/torture/dfs/common.c (+71/-0)
source4/torture/dfs/domaindfs.c (+540/-0)
source4/torture/dns/dlz_bind9.c (+1100/-0)
source4/torture/dns/internal_dns.c (+189/-0)
source4/torture/dns/wscript_build (+19/-0)
source4/torture/drs/drs_init.c (+80/-0)
source4/torture/drs/drs_util.c (+168/-0)
source4/torture/drs/python/cracknames.py (+166/-0)
source4/torture/drs/python/delete_object.py (+378/-0)
source4/torture/drs/python/drs_base.py (+469/-0)
source4/torture/drs/python/fsmo.py (+145/-0)
source4/torture/drs/python/getnc_exop.py (+1077/-0)
source4/torture/drs/python/getnc_unpriv.py (+116/-0)
source4/torture/drs/python/linked_attributes_drs.py (+178/-0)
source4/torture/drs/python/repl_move.py (+2586/-0)
source4/torture/drs/python/repl_rodc.py (+645/-0)
source4/torture/drs/python/repl_schema.py (+450/-0)
source4/torture/drs/python/replica_sync.py (+580/-0)
source4/torture/drs/python/ridalloc_exop.py (+676/-0)
source4/torture/drs/python/samba_tool_drs.py (+436/-0)
source4/torture/drs/rpc/dssync.c (+1074/-0)
source4/torture/drs/rpc/msds_intid.c (+792/-0)
source4/torture/drs/unit/prefixmap_tests.c (+900/-0)
source4/torture/drs/unit/schemainfo_tests.c (+740/-0)
source4/torture/drs/wscript_build (+12/-0)
source4/torture/gentest.c (+3311/-0)
source4/torture/krb5/kdc-canon-heimdal.c (+2255/-0)
source4/torture/krb5/kdc-heimdal.c (+728/-0)
source4/torture/krb5/kdc-mit.c (+795/-0)
source4/torture/krb5/wscript_build (+19/-0)
source4/torture/ldap/basic.c (+1005/-0)
source4/torture/ldap/cldap.c (+179/-0)
source4/torture/ldap/cldapbench.c (+233/-0)
source4/torture/ldap/common.c (+150/-0)
source4/torture/ldap/ldap_sort.c (+158/-0)
source4/torture/ldap/nested_search.c (+206/-0)
source4/torture/ldap/netlogon.c (+662/-0)
source4/torture/ldap/schema.c (+408/-0)
source4/torture/ldap/uptodatevector.c (+173/-0)
source4/torture/ldb/ldb.c (+1344/-0)
source4/torture/libnet/domain.c (+117/-0)
source4/torture/libnet/groupinfo.c (+128/-0)
source4/torture/libnet/groupman.c (+97/-0)
source4/torture/libnet/grouptest.h (+20/-0)
source4/torture/libnet/libnet.c (+70/-0)
source4/torture/libnet/libnet_BecomeDC.c (+186/-0)
source4/torture/libnet/libnet_domain.c (+440/-0)
source4/torture/libnet/libnet_group.c (+210/-0)
source4/torture/libnet/libnet_lookup.c (+191/-0)
source4/torture/libnet/libnet_rpc.c (+230/-0)
source4/torture/libnet/libnet_share.c (+243/-0)
source4/torture/libnet/libnet_user.c (+520/-0)
source4/torture/libnet/python/samr-test.py (+59/-0)
source4/torture/libnet/userinfo.c (+192/-0)
source4/torture/libnet/userman.c (+473/-0)
source4/torture/libnet/usertest.h (+42/-0)
source4/torture/libnet/utils.c (+556/-0)
source4/torture/libnetapi/libnetapi.c (+99/-0)
source4/torture/libnetapi/libnetapi_group.c (+520/-0)
source4/torture/libnetapi/libnetapi_server.c (+76/-0)
source4/torture/libnetapi/libnetapi_user.c (+485/-0)
source4/torture/libnetapi/wscript_build (+11/-0)
source4/torture/libsmbclient/libsmbclient.c (+222/-0)
source4/torture/libsmbclient/wscript_build (+14/-0)
source4/torture/local/dbspeed.c (+268/-0)
source4/torture/local/fsrvp_state.c (+492/-0)
source4/torture/local/local.c (+114/-0)
source4/torture/local/nss_tests.c (+1001/-0)
source4/torture/local/torture.c (+85/-0)
source4/torture/local/verif_trailer.c (+99/-0)
source4/torture/local/wscript_build (+39/-0)
source4/torture/locktest.c (+666/-0)
source4/torture/man/gentest.1.xml (+162/-0)
source4/torture/man/locktest.1.xml (+160/-0)
source4/torture/man/masktest.1.xml (+142/-0)
source4/torture/man/smbtorture.1.xml (+258/-0)
source4/torture/masktest.c (+392/-0)
source4/torture/nbench/nbench.c (+298/-0)
source4/torture/nbench/nbio.c (+994/-0)
source4/torture/nbt/dgram.c (+698/-0)
source4/torture/nbt/nbt.c (+69/-0)
source4/torture/nbt/query.c (+115/-0)
source4/torture/nbt/register.c (+176/-0)
source4/torture/nbt/wins.c (+545/-0)
source4/torture/nbt/winsbench.c (+300/-0)
source4/torture/nbt/winsreplication.c (+9878/-0)
source4/torture/ndr/README (+21/-0)
source4/torture/ndr/atsvc.c (+215/-0)
source4/torture/ndr/backupkey.c (+163/-0)
source4/torture/ndr/cabinet.c (+4323/-0)
source4/torture/ndr/charset.c (+91/-0)
source4/torture/ndr/clusapi.c (+383/-0)
source4/torture/ndr/dfs.c (+115/-0)
source4/torture/ndr/dfsblob.c (+85/-0)
source4/torture/ndr/drsblobs.c (+558/-0)
source4/torture/ndr/drsuapi.c (+309/-0)
source4/torture/ndr/epmap.c (+80/-0)
source4/torture/ndr/krb5pac.c (+705/-0)
source4/torture/ndr/lsa.c (+2230/-0)
source4/torture/ndr/nbt.c (+253/-0)
source4/torture/ndr/ndr.c (+610/-0)
source4/torture/ndr/ndr.h (+108/-0)
source4/torture/ndr/negoex.c (+100/-0)
source4/torture/ndr/netlogon.c (+213/-0)
source4/torture/ndr/ntlmssp.c (+296/-0)
source4/torture/ndr/ntprinting.c (+657/-0)
source4/torture/ndr/samr.c (+355/-0)
source4/torture/ndr/spoolss.c (+2064/-0)
source4/torture/ndr/string.c (+198/-0)
source4/torture/ndr/winreg.c (+620/-0)
source4/torture/ndr/winspool.c (+173/-0)
source4/torture/ndr/witness.c (+368/-0)
source4/torture/ntp/ntp_signd.c (+303/-0)
source4/torture/rap/printing.c (+711/-0)
source4/torture/rap/rap.c (+275/-0)
source4/torture/rap/rpc.c (+100/-0)
source4/torture/rap/sam.c (+361/-0)
source4/torture/raw/acls.c (+2483/-0)
source4/torture/raw/chkpath.c (+390/-0)
source4/torture/raw/close.c (+178/-0)
source4/torture/raw/composite.c (+417/-0)
source4/torture/raw/context.c (+893/-0)
source4/torture/raw/eas.c (+593/-0)
source4/torture/raw/ioctl.c (+191/-0)
source4/torture/raw/lock.c (+2519/-0)
source4/torture/raw/lockbench.c (+447/-0)
source4/torture/raw/lookuprate.c (+317/-0)
source4/torture/raw/missing.txt (+160/-0)
source4/torture/raw/mkdir.c (+171/-0)
source4/torture/raw/mux.c (+342/-0)
source4/torture/raw/notify.c (+2005/-0)
source4/torture/raw/offline.c (+514/-0)
source4/torture/raw/open.c (+2254/-0)
source4/torture/raw/openbench.c (+502/-0)
source4/torture/raw/oplock.c (+4659/-0)
source4/torture/raw/pingpong.c (+248/-0)
source4/torture/raw/qfileinfo.c (+923/-0)
source4/torture/raw/qfsinfo.c (+296/-0)
source4/torture/raw/raw.c (+85/-0)
source4/torture/raw/read.c (+1039/-0)
source4/torture/raw/rename.c (+725/-0)
source4/torture/raw/samba3hide.c (+326/-0)
source4/torture/raw/samba3misc.c (+1063/-0)
source4/torture/raw/search.c (+1515/-0)
source4/torture/raw/seek.c (+242/-0)
source4/torture/raw/session.c (+440/-0)
source4/torture/raw/setfileinfo.c (+1152/-0)
source4/torture/raw/streams.c (+2091/-0)
source4/torture/raw/tconrate.c (+208/-0)
source4/torture/raw/unlink.c (+542/-0)
source4/torture/raw/write.c (+710/-0)
source4/torture/rpc/alter_context.c (+111/-0)
source4/torture/rpc/async_bind.c (+86/-0)
source4/torture/rpc/atsvc.c (+138/-0)
source4/torture/rpc/autoidl.c (+312/-0)
source4/torture/rpc/backupkey.c (+2438/-0)
source4/torture/rpc/backupkey_heimdal.c (+2160/-0)
source4/torture/rpc/bench.c (+152/-0)
source4/torture/rpc/bind.c (+119/-0)
source4/torture/rpc/browser.c (+124/-0)
source4/torture/rpc/clusapi.c (+3998/-0)
source4/torture/rpc/countcalls.c (+131/-0)
source4/torture/rpc/dfs.c (+651/-0)
source4/torture/rpc/drsuapi.c (+875/-0)
source4/torture/rpc/drsuapi.h (+93/-0)
source4/torture/rpc/drsuapi_cracknames.c (+1084/-0)
source4/torture/rpc/drsuapi_w2k8.c (+334/-0)
source4/torture/rpc/dsgetinfo.c (+456/-0)
source4/torture/rpc/dssetup.c (+64/-0)
source4/torture/rpc/echo.c (+474/-0)
source4/torture/rpc/epmapper.c (+689/-0)
source4/torture/rpc/eventlog.c (+502/-0)
source4/torture/rpc/forest_trust.c (+897/-0)
source4/torture/rpc/frsapi.c (+276/-0)
source4/torture/rpc/fsrvp.c (+968/-0)
source4/torture/rpc/handles.c (+620/-0)
source4/torture/rpc/initshutdown.c (+116/-0)
source4/torture/rpc/iremotewinspool.c (+941/-0)
source4/torture/rpc/join.c (+86/-0)
source4/torture/rpc/lsa.c (+5295/-0)
source4/torture/rpc/lsa_lookup.c (+424/-0)
source4/torture/rpc/mgmt.c (+322/-0)
source4/torture/rpc/netlogon.c (+4870/-0)
source4/torture/rpc/netlogon.h (+37/-0)
source4/torture/rpc/ntsvcs.c (+189/-0)
source4/torture/rpc/object_uuid.c (+85/-0)
source4/torture/rpc/oxidresolve.c (+263/-0)
source4/torture/rpc/remact.c (+104/-0)
source4/torture/rpc/remote_pac.c (+978/-0)
source4/torture/rpc/rpc.c (+577/-0)
source4/torture/rpc/samba3rpc.c (+4579/-0)
source4/torture/rpc/samlogon.c (+2063/-0)
source4/torture/rpc/samr.c (+8867/-0)
source4/torture/rpc/samr_accessmask.c (+1197/-0)
source4/torture/rpc/samr_priv.c (+580/-0)
source4/torture/rpc/samsync.c (+1789/-0)
source4/torture/rpc/scanner.c (+187/-0)
source4/torture/rpc/schannel.c (+1127/-0)
source4/torture/rpc/session_key.c (+250/-0)
source4/torture/rpc/spoolss.c (+11489/-0)
source4/torture/rpc/spoolss_access.c (+904/-0)
source4/torture/rpc/spoolss_notify.c (+614/-0)
source4/torture/rpc/spoolss_win.c (+612/-0)
source4/torture/rpc/srvsvc.c (+1199/-0)
source4/torture/rpc/svcctl.c (+657/-0)
source4/torture/rpc/testjoin.c (+921/-0)
source4/torture/rpc/torture_rpc.h (+104/-0)
source4/torture/rpc/unixinfo.c (+149/-0)
source4/torture/rpc/winreg.c (+3145/-0)
source4/torture/rpc/witness.c (+911/-0)
source4/torture/rpc/wkssvc.c (+1447/-0)
source4/torture/shell.c (+326/-0)
source4/torture/smb2/acls.c (+2111/-0)
source4/torture/smb2/compound.c (+1322/-0)
source4/torture/smb2/connect.c (+257/-0)
source4/torture/smb2/create.c (+1760/-0)
source4/torture/smb2/credits.c (+268/-0)
source4/torture/smb2/delete-on-close.c (+602/-0)
source4/torture/smb2/dir.c (+1399/-0)
source4/torture/smb2/dosmode.c (+183/-0)
source4/torture/smb2/durable_open.c (+2809/-0)
source4/torture/smb2/durable_v2_open.c (+2030/-0)
source4/torture/smb2/getinfo.c (+493/-0)
source4/torture/smb2/ioctl.c (+6837/-0)
source4/torture/smb2/lease.c (+4102/-0)
source4/torture/smb2/lock.c (+3155/-0)
source4/torture/smb2/maxfid.c (+151/-0)
source4/torture/smb2/maxwrite.c (+137/-0)
source4/torture/smb2/notify.c (+2553/-0)
source4/torture/smb2/notify_disabled.c (+120/-0)
source4/torture/smb2/oplock.c (+5045/-0)
source4/torture/smb2/read.c (+319/-0)
source4/torture/smb2/rename.c (+1467/-0)
source4/torture/smb2/replay.c (+2452/-0)
source4/torture/smb2/scan.c (+265/-0)
source4/torture/smb2/session.c (+1691/-0)
source4/torture/smb2/setinfo.c (+410/-0)
source4/torture/smb2/smb2.c (+190/-0)
source4/torture/smb2/streams.c (+1857/-0)
source4/torture/smb2/util.c (+883/-0)
source4/torture/smb2/wscript_build (+40/-0)
source4/torture/smbtorture.c (+712/-0)
source4/torture/smbtorture.h (+154/-0)
source4/torture/tests/test_gentest.sh (+35/-0)
source4/torture/tests/test_locktest.sh (+28/-0)
source4/torture/tests/test_masktest.sh (+28/-0)
source4/torture/torture.c (+60/-0)
source4/torture/unix/unix.c (+40/-0)
source4/torture/unix/unix_info2.c (+465/-0)
source4/torture/unix/whoami.c (+421/-0)
source4/torture/util.h (+111/-0)
source4/torture/util_smb.c (+968/-0)
source4/torture/vfs/acl_xattr.c (+315/-0)
source4/torture/vfs/fruit.c (+4564/-0)
source4/torture/vfs/vfs.c (+119/-0)
source4/torture/winbind/struct_based.c (+1103/-0)
source4/torture/winbind/winbind.c (+318/-0)
source4/torture/winbind/wscript_build (+10/-0)
source4/torture/wscript_build (+336/-0)
source4/utils/man/ad2oLschema.1.xml (+87/-0)
source4/utils/man/oLschema2ldif.1.xml (+82/-0)
source4/utils/oLschema2ldif.c (+696/-0)
source4/utils/tests/test_demote.sh (+38/-0)
source4/utils/tests/test_nmblookup.sh (+37/-0)
source4/utils/tests/test_samba_tool.sh (+45/-0)
source4/utils/tests/test_smbclient.sh (+34/-0)
source4/utils/wscript_build (+8/-0)
source4/web_server/web_server.c (+376/-0)
source4/web_server/web_server.h (+73/-0)
source4/web_server/wscript_build (+20/-0)
source4/web_server/wsgi.c (+523/-0)
source4/winbind/idmap.c (+859/-0)
source4/winbind/idmap.h (+38/-0)
source4/winbind/wb_utils.c (+51/-0)
source4/winbind/winbindd.c (+98/-0)
source4/winbind/wscript_build (+25/-0)
source4/wrepl_server/wrepl_apply_records.c (+1503/-0)
source4/wrepl_server/wrepl_in_call.c (+589/-0)
source4/wrepl_server/wrepl_in_connection.c (+485/-0)
source4/wrepl_server/wrepl_out_helpers.c (+1144/-0)
source4/wrepl_server/wrepl_out_helpers.h (+37/-0)
source4/wrepl_server/wrepl_out_pull.c (+142/-0)
source4/wrepl_server/wrepl_out_push.c (+144/-0)
source4/wrepl_server/wrepl_periodic.c (+118/-0)
source4/wrepl_server/wrepl_scavenging.c (+570/-0)
source4/wrepl_server/wrepl_server.c (+512/-0)
source4/wrepl_server/wrepl_server.h (+321/-0)
source4/wrepl_server/wscript_build (+11/-0)
source4/wscript_build (+13/-0)
testdata/ldif-utils-test-multisite.ldif (+1007/-0)
testdata/minschema_classes.txt (+41/-0)
testdata/samba3/provision_samba3sam.ldif (+78/-0)
testdata/samba3/provision_samba3sam_templates.ldif (+118/-0)
testdata/samba3/samba3.ldif (+206/-0)
testdata/samba3/smb.conf (+24/-0)
testdata/samba3/smbpasswd (+3/-0)
testdata/samba3/wins.dat (+23/-0)
testdata/samba3/wins.dat2 (+23/-0)
testdata/unconnected-intrasite.ldif (+606/-0)
testprogs/blackbox/bogus.sh (+28/-0)
testprogs/blackbox/common-links.sh (+215/-0)
testprogs/blackbox/common_test_fns.inc (+106/-0)
testprogs/blackbox/dbcheck-links.sh (+307/-0)
testprogs/blackbox/dbcheck-oldrelease.sh (+499/-0)
testprogs/blackbox/dbcheck.sh (+55/-0)
testprogs/blackbox/demote-saveddb.sh (+67/-0)
testprogs/blackbox/dfree.sh (+8/-0)
testprogs/blackbox/dom_parse.sh (+27/-0)
testprogs/blackbox/nsstest.sh (+22/-0)
testprogs/blackbox/renamedc.sh (+96/-0)
testprogs/blackbox/runtime-links.sh (+74/-0)
testprogs/blackbox/subunit.sh (+121/-0)
testprogs/blackbox/test_chgdcpass.sh (+114/-0)
testprogs/blackbox/test_client_etypes.sh (+83/-0)
testprogs/blackbox/test_export_keytab_heimdal.sh (+103/-0)
testprogs/blackbox/test_export_keytab_mit.sh (+127/-0)
testprogs/blackbox/test_kinit_heimdal.sh (+259/-0)
testprogs/blackbox/test_kinit_mit.sh (+310/-0)
testprogs/blackbox/test_kinit_trusts_heimdal.sh (+98/-0)
testprogs/blackbox/test_kinit_trusts_mit.sh (+139/-0)
testprogs/blackbox/test_kpasswd_heimdal.sh (+217/-0)
testprogs/blackbox/test_kpasswd_mit.sh (+231/-0)
testprogs/blackbox/test_ktpass.sh (+41/-0)
testprogs/blackbox/test_ldb.sh (+231/-0)
testprogs/blackbox/test_ldb_simple.sh (+41/-0)
testprogs/blackbox/test_net_ads.sh (+91/-0)
testprogs/blackbox/test_net_ads_dns.sh (+102/-0)
testprogs/blackbox/test_net_rpc_user.sh (+56/-0)
testprogs/blackbox/test_password_settings.sh (+223/-0)
testprogs/blackbox/test_pdbtest.sh (+98/-0)
testprogs/blackbox/test_pkinit_heimdal.sh (+166/-0)
testprogs/blackbox/test_pkinit_pac_heimdal.sh (+53/-0)
testprogs/blackbox/test_samba_upgradedns.sh (+41/-0)
testprogs/blackbox/test_trust_ntlm.sh (+164/-0)
testprogs/blackbox/test_trust_utils.sh (+138/-0)
testprogs/blackbox/test_wintest.sh (+45/-0)
testprogs/blackbox/tfork.sh (+15/-0)
testprogs/blackbox/tombstones-expunge.sh (+239/-0)
testprogs/blackbox/upgradeprovision-oldrelease.sh (+227/-0)
testprogs/blackbox/wintest/wintest.conf (+7/-0)
testprogs/win32/midltests/Makefile (+16/-0)
testprogs/win32/midltests/Makefile.simple (+27/-0)
testprogs/win32/midltests/Makefile.tcp (+22/-0)
testprogs/win32/midltests/invalid/README.txt (+3/-0)
testprogs/win32/midltests/invalid/midltests_pipe_struct_union_01.idl (+279/-0)
testprogs/win32/midltests/invalid/midltests_pipe_struct_union_01.txt (+17/-0)
testprogs/win32/midltests/midltests.acf (+6/-0)
testprogs/win32/midltests/midltests.idl (+51/-0)
testprogs/win32/midltests/midltests_c_m.c (+2/-0)
testprogs/win32/midltests/midltests_marshall.c (+125/-0)
testprogs/win32/midltests/midltests_marshall.h (+19/-0)
testprogs/win32/midltests/midltests_s_m.c (+2/-0)
testprogs/win32/midltests/midltests_simple.c (+42/-0)
testprogs/win32/midltests/midltests_tcp.c (+646/-0)
testprogs/win32/midltests/todo/midltests-array-range.idl (+39/-0)
testprogs/win32/midltests/todo/midltests-pipe-02.idl (+153/-0)
testprogs/win32/midltests/todo/midltests-pipe-03-hyper.idl (+205/-0)
testprogs/win32/midltests/todo/midltests-pipe-04-struct.idl (+272/-0)
testprogs/win32/midltests/todo/midltests-pipe-first.idl (+233/-0)
testprogs/win32/midltests/todo/midltests-pipe-sync-ndr32-downgrade-02.idl (+296/-0)
testprogs/win32/midltests/todo/midltests-string-in-out-ref.idl (+33/-0)
testprogs/win32/midltests/todo/midltests-transmit-as.idl (+59/-0)
testprogs/win32/midltests/todo/midltests_pointer_default.idl (+20/-0)
testprogs/win32/midltests/utils.c (+32/-0)
testprogs/win32/midltests/valid/README.txt (+6/-0)
testprogs/win32/midltests/valid/midltests-pipe-sync-ndr32-downgrade-01.idl (+296/-0)
testprogs/win32/midltests/valid/midltests-pipe-sync-ndr32-downgrade-01.txt (+138/-0)
testprogs/win32/midltests/valid/midltests-pipe-sync-ndr32-downgrade-02.idl (+300/-0)
testprogs/win32/midltests/valid/midltests-pipe-sync-ndr32-downgrade-02.txt (+3266/-0)
testprogs/win32/midltests/valid/midltests_DRS_EXTENSIONS.idl (+64/-0)
testprogs/win32/midltests/valid/midltests_DRS_EXTENSIONS.out (+43/-0)
testprogs/win32/midltests/valid/midltests_fixed_size_in_array_01.idl (+29/-0)
testprogs/win32/midltests/valid/midltests_fixed_size_in_array_01.txt (+6/-0)
testprogs/win32/midltests/valid/midltests_strings_array_01.err.txt (+13/-0)
testprogs/win32/midltests/valid/midltests_strings_array_01.idl (+44/-0)
testprogs/win32/midltests/valid/midltests_strings_array_02.idl (+44/-0)
testprogs/win32/midltests/valid/midltests_strings_array_02.txt (+9/-0)
testprogs/win32/midltests/valid/midltests_union_align_01.idl (+42/-0)
testprogs/win32/midltests/valid/midltests_union_align_01.txt (+24/-0)
testprogs/win32/midltests/valid/midltests_union_align_02.idl (+61/-0)
testprogs/win32/midltests/valid/midltests_union_align_02.txt (+37/-0)
testprogs/win32/midltests/valid/midltests_union_align_03.idl (+64/-0)
testprogs/win32/midltests/valid/midltests_union_align_03.txt (+37/-0)
testprogs/win32/midltests/valid/midltests_union_align_04.idl (+64/-0)
testprogs/win32/midltests/valid/midltests_union_align_04.txt (+37/-0)
testprogs/win32/midltests/valid/midltests_union_align_05.idl (+61/-0)
testprogs/win32/midltests/valid/midltests_union_align_05.txt (+37/-0)
testprogs/win32/midltests/valid/midltests_union_align_06.idl (+61/-0)
testprogs/win32/midltests/valid/midltests_union_align_06.txt (+37/-0)
testprogs/win32/midltests/valid/midltests_union_align_07.idl (+61/-0)
testprogs/win32/midltests/valid/midltests_union_align_07.txt (+38/-0)
testprogs/win32/midltests/valid/midltests_union_align_08.idl (+68/-0)
testprogs/win32/midltests/valid/midltests_union_align_08.txt (+129/-0)
testprogs/win32/midltests/valid/midltests_union_align_09.idl (+69/-0)
testprogs/win32/midltests/valid/midltests_union_align_09.txt (+129/-0)
testprogs/win32/midltests/valid/midltests_union_align_10.idl (+71/-0)
testprogs/win32/midltests/valid/midltests_union_align_10.txt (+129/-0)
testprogs/win32/midltests/valid/midltests_union_align_11.idl (+70/-0)
testprogs/win32/midltests/valid/midltests_union_align_11.txt (+129/-0)
testprogs/win32/midltests/valid/midltests_union_align_12.idl (+70/-0)
testprogs/win32/midltests/valid/midltests_union_align_12.txt (+129/-0)
testprogs/win32/midltests/valid/midltests_union_align_13.idl (+71/-0)
testprogs/win32/midltests/valid/midltests_union_align_13.txt (+129/-0)
testprogs/win32/midltests/valid/midltests_union_align_14.idl (+71/-0)
testprogs/win32/midltests/valid/midltests_union_align_14.txt (+131/-0)
testprogs/win32/midltests/valid/midltests_union_align_15.idl (+72/-0)
testprogs/win32/midltests/valid/midltests_union_align_15.txt (+131/-0)
testprogs/win32/midltests/valid/midltests_union_align_16.idl (+93/-0)
testprogs/win32/midltests/valid/midltests_union_align_16.txt (+137/-0)
testprogs/win32/midltests/valid/midltests_union_align_17.idl (+94/-0)
testprogs/win32/midltests/valid/midltests_union_align_17.txt (+137/-0)
testprogs/win32/midltests/valid/midltests_union_align_18.idl (+93/-0)
testprogs/win32/midltests/valid/midltests_union_align_18.txt (+137/-0)
testprogs/win32/midltests/valid/midltests_union_align_19.idl (+90/-0)
testprogs/win32/midltests/valid/midltests_union_align_19.txt (+137/-0)
testprogs/win32/midltests/valid/midltests_union_align_20.idl (+91/-0)
testprogs/win32/midltests/valid/midltests_union_align_20.txt (+137/-0)
testprogs/win32/midltests/valid/midltests_v1_enum_01.idl (+56/-0)
testprogs/win32/midltests/valid/midltests_v1_enum_01.txt (+37/-0)
testprogs/win32/npecho/GNUmakefile (+24/-0)
testprogs/win32/npecho/NMakefile (+26/-0)
testprogs/win32/npecho/npecho_client.c (+50/-0)
testprogs/win32/npecho/npecho_client2.c (+117/-0)
testprogs/win32/npecho/npecho_server2.c (+76/-0)
testprogs/win32/prepare_dcpromo/GNUmakefile (+21/-0)
testprogs/win32/prepare_dcpromo/NMakefile (+16/-0)
testprogs/win32/prepare_dcpromo/prepare_dcpromo.c (+1074/-0)
testprogs/win32/rpcecho/Makefile (+23/-0)
testprogs/win32/rpcecho/README (+46/-0)
testprogs/win32/rpcecho/client.c (+367/-0)
testprogs/win32/rpcecho/rpcecho.acf (+26/-0)
testprogs/win32/rpcecho/rpcecho.idl (+146/-0)
testprogs/win32/rpcecho/server.c (+208/-0)
testprogs/win32/rpcecho/utils.c (+32/-0)
testprogs/win32/spoolss/GNUmakefile (+23/-0)
testprogs/win32/spoolss/NMakefile (+43/-0)
testprogs/win32/spoolss/README.win32 (+65/-0)
testprogs/win32/spoolss/error.c (+137/-0)
testprogs/win32/spoolss/error.h (+36/-0)
testprogs/win32/spoolss/printlib.c (+1386/-0)
testprogs/win32/spoolss/printlib_proto.h (+67/-0)
testprogs/win32/spoolss/string.h (+15/-0)
testprogs/win32/spoolss/testspoolss.c (+1842/-0)
testprogs/win32/spoolss/testspoolss.h (+51/-0)
testprogs/win32/spoolss/testspoolss.sln (+20/-0)
testprogs/win32/spoolss/testspoolss.vcproj (+224/-0)
testprogs/win32/spoolss/torture.c (+106/-0)
testprogs/win32/spoolss/torture.h (+92/-0)
testprogs/win32/spoolss/torture_proto.h (+32/-0)
testprogs/win32/testmailslot/GNUmakefile (+16/-0)
testprogs/win32/testmailslot/NMakefile (+13/-0)
testprogs/win32/testmailslot/testmailslot.c (+80/-0)
testprogs/win32/vs2010-metze.cmd (+24/-0)
testprogs/win32/wmi/echoprocessor.vbs (+10/-0)
tests/README (+10/-0)
tests/fcntl_lock.c (+132/-0)
tests/fcntl_lock_thread.c (+117/-0)
tests/ftruncate.c (+31/-0)
tests/getgroups.c (+66/-0)
tests/oldquotas.c (+115/-0)
tests/readlink.c (+33/-0)
tests/shared_mmap.c (+70/-0)
tests/shlib.c (+8/-0)
tests/summary.c (+28/-0)
tests/sysquotas.c (+90/-0)
tests/trivial.c (+7/-0)
testsuite/README (+15/-0)
testsuite/build_farm/backtrace (+15/-0)
testsuite/build_farm/basicsmb-domainsec-nt4.test (+28/-0)
testsuite/build_farm/basicsmb-domainsec.test (+27/-0)
testsuite/build_farm/basicsmb-hostsdeny.test (+18/-0)
testsuite/build_farm/basicsmb-hostsequiv.test (+26/-0)
testsuite/build_farm/basicsmb-invalidusers.test (+10/-0)
testsuite/build_farm/basicsmb-local-pass-change.test (+10/-0)
testsuite/build_farm/basicsmb-preexec.test (+28/-0)
testsuite/build_farm/basicsmb-remote-pass-change.test (+10/-0)
testsuite/build_farm/basicsmb-serversec.test (+9/-0)
testsuite/build_farm/basicsmb-shareguest.test (+20/-0)
testsuite/build_farm/basicsmb-sharelist.test (+22/-0)
testsuite/build_farm/basicsmb-sharesec.test (+9/-0)
testsuite/build_farm/basicsmb-usersec.test (+9/-0)
testsuite/build_farm/basicsmb.fns (+204/-0)
testsuite/build_farm/runlist (+18/-0)
testsuite/build_farm/template/basicsmb.smb.conf (+49/-0)
testsuite/build_farm/template/basicsmb.smb.conf.domain (+2/-0)
testsuite/build_farm/template/basicsmb.smb.conf.hostsdeny (+1/-0)
testsuite/build_farm/template/basicsmb.smb.conf.hostsequiv (+3/-0)
testsuite/build_farm/template/basicsmb.smb.conf.invalidusers (+1/-0)
testsuite/build_farm/template/basicsmb.smb.conf.preexec (+1/-0)
testsuite/build_farm/template/basicsmb.smb.conf.preexec_cl_fl (+2/-0)
testsuite/build_farm/template/basicsmb.smb.conf.preexec_close (+2/-0)
testsuite/build_farm/template/basicsmb.smb.conf.server (+3/-0)
testsuite/build_farm/template/basicsmb.smb.conf.share (+1/-0)
testsuite/build_farm/template/basicsmb.smb.conf.user (+1/-0)
testsuite/build_farm/template/basicsmb.smb.conf.validusers (+1/-0)
testsuite/build_farm/template/preexec (+3/-0)
testsuite/build_farm/torture-ATTR.test (+2/-0)
testsuite/build_farm/torture-BROWSE.test (+2/-0)
testsuite/build_farm/torture-DELETE.test (+2/-0)
testsuite/build_farm/torture-DENY1.test (+2/-0)
testsuite/build_farm/torture-DENY2.test (+2/-0)
testsuite/build_farm/torture-DIR.test (+2/-0)
testsuite/build_farm/torture-DIR1.test (+2/-0)
testsuite/build_farm/torture-FDPASS.test (+2/-0)
testsuite/build_farm/torture-FDSESS.test (+2/-0)
testsuite/build_farm/torture-LOCK1.test (+2/-0)
testsuite/build_farm/torture-LOCK2.test (+2/-0)
testsuite/build_farm/torture-LOCK3.test (+2/-0)
testsuite/build_farm/torture-LOCK4.test (+2/-0)
testsuite/build_farm/torture-LOCK5.test (+2/-0)
testsuite/build_farm/torture-LOCK6.test (+2/-0)
testsuite/build_farm/torture-LOCK7.test (+2/-0)
testsuite/build_farm/torture-MANGLE.test (+2/-0)
testsuite/build_farm/torture-OPEN.test (+2/-0)
testsuite/build_farm/torture-OPLOCK1.test (+2/-0)
testsuite/build_farm/torture-PROPERTIES.test (+2/-0)
testsuite/build_farm/torture-RANDOMIPC.test (+2/-0)
testsuite/build_farm/torture-RENAME.test (+2/-0)
testsuite/build_farm/torture-RW1.test (+2/-0)
testsuite/build_farm/torture-RW2.test (+2/-0)
testsuite/build_farm/torture-TCON.test (+2/-0)
testsuite/build_farm/torture-TCON1.test (+2/-0)
testsuite/build_farm/torture-TCON2.test (+2/-0)
testsuite/build_farm/torture-TCONDEV.test (+2/-0)
testsuite/build_farm/torture-TORTURE.test (+2/-0)
testsuite/build_farm/torture-TRANS2.test (+2/-0)
testsuite/build_farm/torture-UNLINK.test (+2/-0)
testsuite/build_farm/torture-XCOPY.test (+2/-0)
testsuite/build_farm/torture_setup.fns (+19/-0)
testsuite/headers/test_headers.c (+45/-0)
testsuite/headers/wscript_build (+36/-0)
testsuite/nsswitch/Makefile.longarg (+5/-0)
testsuite/nsswitch/bigfd.c (+38/-0)
testsuite/nsswitch/bigfd.exp (+28/-0)
testsuite/nsswitch/domusers.exp (+38/-0)
testsuite/nsswitch/envvar.exp (+282/-0)
testsuite/nsswitch/finger.exp (+39/-0)
testsuite/nsswitch/getent.c (+150/-0)
testsuite/nsswitch/getent.exp (+148/-0)
testsuite/nsswitch/getent_grent.c (+100/-0)
testsuite/nsswitch/getent_pwent.c (+112/-0)
testsuite/nsswitch/getent_r.sh (+35/-0)
testsuite/nsswitch/getgrent_r.c (+84/-0)
testsuite/nsswitch/getgrent_r.exp (+41/-0)
testsuite/nsswitch/getgrgid.c (+57/-0)
testsuite/nsswitch/getgrgid.exp (+50/-0)
testsuite/nsswitch/getgrnam.c (+51/-0)
testsuite/nsswitch/getgrnam.exp (+28/-0)
testsuite/nsswitch/getpwent_r.c (+85/-0)
testsuite/nsswitch/getpwent_r.exp (+41/-0)
testsuite/nsswitch/getpwnam.c (+37/-0)
testsuite/nsswitch/getpwnam.exp (+28/-0)
testsuite/nsswitch/getpwuid.c (+43/-0)
testsuite/nsswitch/getpwuid.exp (+59/-0)
testsuite/nsswitch/groupmem_dom.exp (+33/-0)
testsuite/nsswitch/initgroups.c (+42/-0)
testsuite/nsswitch/initgroups.exp (+37/-0)
testsuite/nsswitch/login.exp (+102/-0)
testsuite/nsswitch/longarg.exp (+29/-0)
testsuite/nsswitch/longarg_getgrnam.c (+41/-0)
testsuite/nsswitch/longarg_getpwnam.c (+41/-0)
testsuite/nsswitch/longarg_utils.h (+26/-0)
testsuite/nsswitch/nss_winbind_syms.c (+63/-0)
testsuite/nsswitch/nss_winbind_syms.exp (+42/-0)
testsuite/nsswitch/pam_winbind_syms.c (+55/-0)
testsuite/nsswitch/pam_winbind_syms.exp (+44/-0)
testsuite/nsswitch/wbinfo.exp (+360/-0)
testsuite/smbd/Makefile.se_access_check (+24/-0)
testsuite/smbd/Makefile.sec_ctx (+57/-0)
testsuite/smbd/se_access_check.exp (+53/-0)
testsuite/smbd/se_access_check_allowall.c (+86/-0)
testsuite/smbd/se_access_check_allowsome.c (+103/-0)
testsuite/smbd/se_access_check_denyall.c (+85/-0)
testsuite/smbd/se_access_check_denysome.c (+105/-0)
testsuite/smbd/se_access_check_empty.c (+108/-0)
testsuite/smbd/se_access_check_nullsd.c (+73/-0)
testsuite/smbd/se_access_check_printer.c (+211/-0)
testsuite/smbd/se_access_check_utils.c (+157/-0)
testsuite/smbd/se_access_check_utils.h (+45/-0)
testsuite/smbd/sec_ctx.exp (+66/-0)
testsuite/smbd/sec_ctx1.c (+39/-0)
testsuite/smbd/sec_ctx_current_user.c (+113/-0)
testsuite/smbd/sec_ctx_flow.c (+72/-0)
testsuite/smbd/sec_ctx_groups.c (+130/-0)
testsuite/smbd/sec_ctx_nonroot.c (+41/-0)
testsuite/smbd/sec_ctx_root.c (+60/-0)
testsuite/smbd/sec_ctx_stack.c (+85/-0)
testsuite/smbd/sec_ctx_torture.c (+102/-0)
testsuite/smbd/sec_ctx_utils.c (+64/-0)
testsuite/smbd/sec_ctx_utils.h (+29/-0)
testsuite/smbd/sighup.exp (+107/-0)
testsuite/unittests/rpc_test_dummy_module.c (+20/-0)
testsuite/unittests/test_krb5_samba.c (+145/-0)
testsuite/unittests/test_lib_util_modules.c (+76/-0)
testsuite/unittests/test_sambafs_srv_pipe.c (+77/-0)
testsuite/unittests/wscript (+38/-0)
third_party/aesni-intel/aesni-intel_asm.c (+2812/-0)
third_party/aesni-intel/inst-intel.h (+306/-0)
third_party/aesni-intel/wscript (+26/-0)
third_party/cmocka/cmocka.c (+3306/-0)
third_party/cmocka/cmocka.h (+2284/-0)
third_party/cmocka/cmocka_private.h (+163/-0)
third_party/cmocka/wscript (+19/-0)
third_party/dnspython/.gitignore (+7/-0)
third_party/dnspython/ChangeLog (+1194/-0)
third_party/dnspython/LICENSE (+14/-0)
third_party/dnspython/MANIFEST.in (+3/-0)
third_party/dnspython/Makefile (+56/-0)
third_party/dnspython/README (+442/-0)
third_party/dnspython/TODO (+17/-0)
third_party/dnspython/dns/__init__.py (+54/-0)
third_party/dnspython/dns/dnssec.py (+372/-0)
third_party/dnspython/dns/e164.py (+79/-0)
third_party/dnspython/dns/edns.py (+142/-0)
third_party/dnspython/dns/entropy.py (+123/-0)
third_party/dnspython/dns/exception.py (+40/-0)
third_party/dnspython/dns/flags.py (+106/-0)
third_party/dnspython/dns/hash.py (+67/-0)
third_party/dnspython/dns/inet.py (+108/-0)
third_party/dnspython/dns/ipv4.py (+42/-0)
third_party/dnspython/dns/ipv6.py (+163/-0)
third_party/dnspython/dns/message.py (+1088/-0)
third_party/dnspython/dns/name.py (+702/-0)
third_party/dnspython/dns/namedict.py (+59/-0)
third_party/dnspython/dns/node.py (+172/-0)
third_party/dnspython/dns/opcode.py (+104/-0)
third_party/dnspython/dns/query.py (+492/-0)
third_party/dnspython/dns/rcode.py (+119/-0)
third_party/dnspython/dns/rdata.py (+478/-0)
third_party/dnspython/dns/rdataclass.py (+114/-0)
third_party/dnspython/dns/rdataset.py (+329/-0)
third_party/dnspython/dns/rdatatype.py (+232/-0)
third_party/dnspython/dns/rdtypes/ANY/AFSDB.py (+51/-0)
third_party/dnspython/dns/rdtypes/ANY/CERT.py (+131/-0)
third_party/dnspython/dns/rdtypes/ANY/CNAME.py (+24/-0)
third_party/dnspython/dns/rdtypes/ANY/DLV.py (+20/-0)
third_party/dnspython/dns/rdtypes/ANY/DNAME.py (+21/-0)
third_party/dnspython/dns/rdtypes/ANY/DNSKEY.py (+94/-0)
third_party/dnspython/dns/rdtypes/ANY/DS.py (+20/-0)
third_party/dnspython/dns/rdtypes/ANY/GPOS.py (+156/-0)
third_party/dnspython/dns/rdtypes/ANY/HINFO.py (+83/-0)
third_party/dnspython/dns/rdtypes/ANY/HIP.py (+140/-0)
third_party/dnspython/dns/rdtypes/ANY/ISDN.py (+96/-0)
third_party/dnspython/dns/rdtypes/ANY/LOC.py (+334/-0)
third_party/dnspython/dns/rdtypes/ANY/MX.py (+20/-0)
third_party/dnspython/dns/rdtypes/ANY/NS.py (+20/-0)
third_party/dnspython/dns/rdtypes/ANY/NSEC.py (+128/-0)
third_party/dnspython/dns/rdtypes/ANY/NSEC3.py (+182/-0)
third_party/dnspython/dns/rdtypes/ANY/NSEC3PARAM.py (+88/-0)
third_party/dnspython/dns/rdtypes/ANY/PTR.py (+20/-0)
third_party/dnspython/dns/rdtypes/ANY/RP.py (+86/-0)
third_party/dnspython/dns/rdtypes/ANY/RRSIG.py (+155/-0)
third_party/dnspython/dns/rdtypes/ANY/RT.py (+20/-0)
third_party/dnspython/dns/rdtypes/ANY/SOA.py (+127/-0)
third_party/dnspython/dns/rdtypes/ANY/SPF.py (+22/-0)
third_party/dnspython/dns/rdtypes/ANY/SSHFP.py (+77/-0)
third_party/dnspython/dns/rdtypes/ANY/TXT.py (+20/-0)
third_party/dnspython/dns/rdtypes/ANY/X25.py (+62/-0)
third_party/dnspython/dns/rdtypes/ANY/__init__.py (+45/-0)
third_party/dnspython/dns/rdtypes/IN/A.py (+57/-0)
third_party/dnspython/dns/rdtypes/IN/AAAA.py (+58/-0)
third_party/dnspython/dns/rdtypes/IN/APL.py (+170/-0)
third_party/dnspython/dns/rdtypes/IN/DHCID.py (+60/-0)
third_party/dnspython/dns/rdtypes/IN/IPSECKEY.py (+159/-0)
third_party/dnspython/dns/rdtypes/IN/KX.py (+20/-0)
third_party/dnspython/dns/rdtypes/IN/NAPTR.py (+132/-0)
third_party/dnspython/dns/rdtypes/IN/NSAP.py (+59/-0)
third_party/dnspython/dns/rdtypes/IN/NSAP_PTR.py (+20/-0)
third_party/dnspython/dns/rdtypes/IN/PX.py (+97/-0)
third_party/dnspython/dns/rdtypes/IN/SRV.py (+89/-0)
third_party/dnspython/dns/rdtypes/IN/WKS.py (+113/-0)
third_party/dnspython/dns/rdtypes/IN/__init__.py (+30/-0)
third_party/dnspython/dns/rdtypes/__init__.py (+23/-0)
third_party/dnspython/dns/rdtypes/dsbase.py (+92/-0)
third_party/dnspython/dns/rdtypes/mxbase.py (+105/-0)
third_party/dnspython/dns/rdtypes/nsbase.py (+82/-0)
third_party/dnspython/dns/rdtypes/txtbase.py (+87/-0)
third_party/dnspython/dns/renderer.py (+325/-0)
third_party/dnspython/dns/resolver.py (+1161/-0)
third_party/dnspython/dns/reversename.py (+75/-0)
third_party/dnspython/dns/rrset.py (+175/-0)
third_party/dnspython/dns/set.py (+263/-0)
third_party/dnspython/dns/tokenizer.py (+547/-0)
third_party/dnspython/dns/tsig.py (+223/-0)
third_party/dnspython/dns/tsigkeyring.py (+44/-0)
third_party/dnspython/dns/ttl.py (+64/-0)
third_party/dnspython/dns/update.py (+245/-0)
third_party/dnspython/dns/version.py (+34/-0)
third_party/dnspython/dns/wiredata.py (+59/-0)
third_party/dnspython/dns/zone.py (+855/-0)
third_party/dnspython/examples/ddns.py (+51/-0)
third_party/dnspython/examples/e164.py (+6/-0)
third_party/dnspython/examples/mx.py (+7/-0)
third_party/dnspython/examples/name.py (+13/-0)
third_party/dnspython/examples/reverse.py (+40/-0)
third_party/dnspython/examples/reverse_name.py (+6/-0)
third_party/dnspython/examples/xfr.py (+14/-0)
third_party/dnspython/examples/zonediff.py (+270/-0)
third_party/dnspython/setup.py (+60/-0)
third_party/dnspython/tests/Makefile (+26/-0)
third_party/dnspython/tests/bugs.py (+44/-0)
third_party/dnspython/tests/dnssec.py (+146/-0)
third_party/dnspython/tests/example (+226/-0)
third_party/dnspython/tests/example1.good (+114/-0)
third_party/dnspython/tests/example2.good (+114/-0)
third_party/dnspython/tests/flags.py (+59/-0)
third_party/dnspython/tests/message.py (+179/-0)
third_party/dnspython/tests/name.py (+697/-0)
third_party/dnspython/tests/namedict.py (+102/-0)
third_party/dnspython/tests/ntoaaton.py (+197/-0)
third_party/dnspython/tests/rdtypeandclass.py (+123/-0)
third_party/dnspython/tests/resolver.py (+127/-0)
third_party/dnspython/tests/rrset.py (+54/-0)
third_party/dnspython/tests/set.py (+208/-0)
third_party/dnspython/tests/tokenizer.py (+190/-0)
third_party/dnspython/tests/update.py (+114/-0)
third_party/dnspython/tests/zone.py (+389/-0)
third_party/dnspython/util/COPYRIGHT (+14/-0)
third_party/dnspython/util/copyrights (+116/-0)
third_party/pep8/.gitignore (+7/-0)
third_party/pep8/.travis.yml (+25/-0)
third_party/pep8/CHANGES.txt (+651/-0)
third_party/pep8/LICENSE (+24/-0)
third_party/pep8/MANIFEST.in (+9/-0)
third_party/pep8/Makefile (+13/-0)
third_party/pep8/README.rst (+91/-0)
third_party/pep8/docs/Makefile (+153/-0)
third_party/pep8/docs/advanced.rst (+77/-0)
third_party/pep8/docs/api.rst (+88/-0)
third_party/pep8/docs/conf.py (+251/-0)
third_party/pep8/docs/developer.rst (+96/-0)
third_party/pep8/docs/index.rst (+69/-0)
third_party/pep8/docs/intro.rst (+435/-0)
third_party/pep8/docs/make.bat (+190/-0)
third_party/pep8/setup.cfg (+7/-0)
third_party/pep8/setup.py (+56/-0)
third_party/pep8/testsuite/E10.py (+41/-0)
third_party/pep8/testsuite/E11.py (+36/-0)
third_party/pep8/testsuite/E12.py (+376/-0)
third_party/pep8/testsuite/E12not.py (+644/-0)
third_party/pep8/testsuite/E20.py (+55/-0)
third_party/pep8/testsuite/E21.py (+14/-0)
third_party/pep8/testsuite/E22.py (+157/-0)
third_party/pep8/testsuite/E23.py (+15/-0)
third_party/pep8/testsuite/E24.py (+13/-0)
third_party/pep8/testsuite/E25.py (+36/-0)
third_party/pep8/testsuite/E26.py (+59/-0)
third_party/pep8/testsuite/E27.py (+30/-0)
third_party/pep8/testsuite/E30.py (+90/-0)
third_party/pep8/testsuite/E30not.py (+134/-0)
third_party/pep8/testsuite/E40.py (+38/-0)
third_party/pep8/testsuite/E50.py (+118/-0)
third_party/pep8/testsuite/E70.py (+20/-0)
third_party/pep8/testsuite/E71.py (+73/-0)
third_party/pep8/testsuite/E72.py (+51/-0)
third_party/pep8/testsuite/E73.py (+18/-0)
third_party/pep8/testsuite/E90.py (+26/-0)
third_party/pep8/testsuite/W19.py (+145/-0)
third_party/pep8/testsuite/W29.py (+21/-0)
third_party/pep8/testsuite/W39.py (+18/-0)
third_party/pep8/testsuite/W60.py (+15/-0)
third_party/pep8/testsuite/__init__.py (+0/-0)
third_party/pep8/testsuite/latin-1.py (+6/-0)
third_party/pep8/testsuite/noqa.py (+15/-0)
third_party/pep8/testsuite/python3.py (+6/-0)
third_party/pep8/testsuite/support.py (+197/-0)
third_party/pep8/testsuite/test_all.py (+63/-0)
third_party/pep8/testsuite/test_api.py (+389/-0)
third_party/pep8/testsuite/test_shell.py (+189/-0)
third_party/pep8/testsuite/test_util.py (+23/-0)
third_party/pep8/testsuite/utf-8-bom.py (+6/-0)
third_party/pep8/testsuite/utf-8.py (+52/-0)
third_party/pep8/tox.ini (+15/-0)
third_party/popt/CHANGES (+46/-0)
third_party/popt/COPYING (+22/-0)
third_party/popt/README (+18/-0)
third_party/popt/dummy.in (+0/-0)
third_party/popt/findme.c (+50/-0)
third_party/popt/findme.h (+20/-0)
third_party/popt/popt.c (+1249/-0)
third_party/popt/popt.h (+545/-0)
third_party/popt/poptconfig.c (+190/-0)
third_party/popt/popthelp.c (+741/-0)
third_party/popt/poptint.h (+116/-0)
third_party/popt/poptparse.c (+227/-0)
third_party/popt/system.h (+78/-0)
third_party/popt/wscript (+19/-0)
third_party/pyiso8601/.hgignore (+8/-0)
third_party/pyiso8601/.hgtags (+6/-0)
third_party/pyiso8601/LICENSE (+20/-0)
third_party/pyiso8601/MANIFEST.in (+2/-0)
third_party/pyiso8601/README.rst (+180/-0)
third_party/pyiso8601/dev-requirements.txt (+5/-0)
third_party/pyiso8601/docs/Makefile (+177/-0)
third_party/pyiso8601/docs/conf.py (+266/-0)
third_party/pyiso8601/docs/index.rst (+80/-0)
third_party/pyiso8601/docs/make.bat (+242/-0)
third_party/pyiso8601/iso8601/__init__.py (+1/-0)
third_party/pyiso8601/iso8601/iso8601.py (+214/-0)
third_party/pyiso8601/iso8601/test_iso8601.py (+97/-0)
third_party/pyiso8601/setup.py (+25/-0)
third_party/pyiso8601/tox.ini (+8/-0)
third_party/update.sh (+36/-0)
third_party/waf/wafadmin/3rdparty/ParallelDebug.py (+297/-0)
third_party/waf/wafadmin/3rdparty/batched_cc.py (+182/-0)
third_party/waf/wafadmin/3rdparty/boost.py (+342/-0)
third_party/waf/wafadmin/3rdparty/build_file_tracker.py (+53/-0)
third_party/waf/wafadmin/3rdparty/fluid.py (+26/-0)
third_party/waf/wafadmin/3rdparty/gccdeps.py (+127/-0)
third_party/waf/wafadmin/3rdparty/go.py (+110/-0)
third_party/waf/wafadmin/3rdparty/lru_cache.py (+96/-0)
third_party/waf/wafadmin/3rdparty/paranoid.py (+34/-0)
third_party/waf/wafadmin/3rdparty/prefork.py (+275/-0)
third_party/waf/wafadmin/3rdparty/print_commands.py (+25/-0)
third_party/waf/wafadmin/3rdparty/swig.py (+189/-0)
third_party/waf/wafadmin/3rdparty/valadoc.py (+112/-0)
third_party/waf/wafadmin/Build.py (+1036/-0)
third_party/waf/wafadmin/Configure.py (+442/-0)
third_party/waf/wafadmin/Constants.py (+75/-0)
third_party/waf/wafadmin/Environment.py (+209/-0)
third_party/waf/wafadmin/Logs.py (+133/-0)
third_party/waf/wafadmin/Node.py (+701/-0)
third_party/waf/wafadmin/Options.py (+287/-0)
third_party/waf/wafadmin/Runner.py (+235/-0)
third_party/waf/wafadmin/Scripting.py (+585/-0)
third_party/waf/wafadmin/Task.py (+1199/-0)
third_party/waf/wafadmin/TaskGen.py (+614/-0)
third_party/waf/wafadmin/Tools/__init__.py (+3/-0)
third_party/waf/wafadmin/Tools/ar.py (+34/-0)
third_party/waf/wafadmin/Tools/bison.py (+37/-0)
third_party/waf/wafadmin/Tools/cc.py (+99/-0)
third_party/waf/wafadmin/Tools/ccroot.py (+639/-0)
third_party/waf/wafadmin/Tools/compiler_cc.py (+66/-0)
third_party/waf/wafadmin/Tools/compiler_cxx.py (+61/-0)
third_party/waf/wafadmin/Tools/compiler_d.py (+32/-0)
third_party/waf/wafadmin/Tools/config_c.py (+754/-0)
third_party/waf/wafadmin/Tools/cs.py (+67/-0)
third_party/waf/wafadmin/Tools/cxx.py (+103/-0)
third_party/waf/wafadmin/Tools/d.py (+534/-0)
third_party/waf/wafadmin/Tools/dbus.py (+33/-0)
third_party/waf/wafadmin/Tools/dmd.py (+63/-0)
third_party/waf/wafadmin/Tools/flex.py (+24/-0)
third_party/waf/wafadmin/Tools/gas.py (+37/-0)
third_party/waf/wafadmin/Tools/gcc.py (+138/-0)
third_party/waf/wafadmin/Tools/gdc.py (+51/-0)
third_party/waf/wafadmin/Tools/glib2.py (+163/-0)
third_party/waf/wafadmin/Tools/gnome.py (+222/-0)
third_party/waf/wafadmin/Tools/gnu_dirs.py (+110/-0)
third_party/waf/wafadmin/Tools/gob2.py (+17/-0)
third_party/waf/wafadmin/Tools/gxx.py (+136/-0)
third_party/waf/wafadmin/Tools/icc.py (+37/-0)
third_party/waf/wafadmin/Tools/icpc.py (+35/-0)
third_party/waf/wafadmin/Tools/intltool.py (+138/-0)
third_party/waf/wafadmin/Tools/javaw.py (+254/-0)
third_party/waf/wafadmin/Tools/kde4.py (+73/-0)
third_party/waf/wafadmin/Tools/libtool.py (+329/-0)
third_party/waf/wafadmin/Tools/lua.py (+24/-0)
third_party/waf/wafadmin/Tools/misc.py (+429/-0)
third_party/waf/wafadmin/Tools/msvc.py (+796/-0)
third_party/waf/wafadmin/Tools/nasm.py (+48/-0)
third_party/waf/wafadmin/Tools/ocaml.py (+297/-0)
third_party/waf/wafadmin/Tools/osx.py (+187/-0)
third_party/waf/wafadmin/Tools/perl.py (+108/-0)
third_party/waf/wafadmin/Tools/preproc.py (+837/-0)
third_party/waf/wafadmin/Tools/python.py (+432/-0)
third_party/waf/wafadmin/Tools/qt4.py (+504/-0)
third_party/waf/wafadmin/Tools/ruby.py (+119/-0)
third_party/waf/wafadmin/Tools/suncc.py (+76/-0)
third_party/waf/wafadmin/Tools/suncxx.py (+75/-0)
third_party/waf/wafadmin/Tools/tex.py (+250/-0)
third_party/waf/wafadmin/Tools/unittestw.py (+308/-0)
third_party/waf/wafadmin/Tools/vala.py (+307/-0)
third_party/waf/wafadmin/Tools/winres.py (+44/-0)
third_party/waf/wafadmin/Tools/xlc.py (+78/-0)
third_party/waf/wafadmin/Tools/xlcxx.py (+78/-0)
third_party/waf/wafadmin/Utils.py (+747/-0)
third_party/waf/wafadmin/__init__.py (+3/-0)
third_party/waf/wafadmin/ansiterm.py (+235/-0)
third_party/waf/wafadmin/pproc.py (+619/-0)
third_party/waf/wafadmin/py3kfixes.py (+129/-0)
third_party/wscript (+77/-0)
third_party/zlib/ChangeLog (+855/-0)
third_party/zlib/FAQ (+339/-0)
third_party/zlib/INDEX (+51/-0)
third_party/zlib/Makefile (+154/-0)
third_party/zlib/Makefile.in (+154/-0)
third_party/zlib/README (+125/-0)
third_party/zlib/adler32.c (+148/-0)
third_party/zlib/algorithm.txt (+209/-0)
third_party/zlib/amiga/Makefile.pup (+66/-0)
third_party/zlib/amiga/Makefile.sas (+65/-0)
third_party/zlib/as400/bndsrc (+132/-0)
third_party/zlib/as400/compile.clp (+123/-0)
third_party/zlib/as400/readme.txt (+111/-0)
third_party/zlib/as400/zlib.inc (+331/-0)
third_party/zlib/compress.c (+78/-0)
third_party/zlib/contrib/README.contrib (+71/-0)
third_party/zlib/contrib/ada/buffer_demo.adb (+106/-0)
third_party/zlib/contrib/ada/mtest.adb (+156/-0)
third_party/zlib/contrib/ada/read.adb (+156/-0)
third_party/zlib/contrib/ada/readme.txt (+65/-0)
third_party/zlib/contrib/ada/test.adb (+463/-0)
third_party/zlib/contrib/ada/zlib-streams.adb (+225/-0)
third_party/zlib/contrib/ada/zlib-streams.ads (+114/-0)
third_party/zlib/contrib/ada/zlib-thin.adb (+141/-0)
third_party/zlib/contrib/ada/zlib-thin.ads (+450/-0)
third_party/zlib/contrib/ada/zlib.adb (+701/-0)
third_party/zlib/contrib/ada/zlib.ads (+328/-0)
third_party/zlib/contrib/ada/zlib.gpr (+20/-0)
third_party/zlib/contrib/asm586/README.586 (+43/-0)
third_party/zlib/contrib/asm586/match.S (+364/-0)
third_party/zlib/contrib/asm686/README.686 (+34/-0)
third_party/zlib/contrib/asm686/match.S (+329/-0)
third_party/zlib/contrib/blast/Makefile (+8/-0)
third_party/zlib/contrib/blast/README (+4/-0)
third_party/zlib/contrib/blast/blast.c (+444/-0)
third_party/zlib/contrib/blast/blast.h (+71/-0)
third_party/zlib/contrib/blast/test.txt (+1/-0)
third_party/zlib/contrib/delphi/ZLib.pas (+557/-0)
third_party/zlib/contrib/delphi/ZLibConst.pas (+11/-0)
third_party/zlib/contrib/delphi/readme.txt (+76/-0)
third_party/zlib/contrib/delphi/zlibd32.mak (+93/-0)
third_party/zlib/contrib/dotzlib/DotZLib.build (+33/-0)
third_party/zlib/contrib/dotzlib/DotZLib.sln (+21/-0)
third_party/zlib/contrib/dotzlib/DotZLib/AssemblyInfo.cs (+58/-0)
third_party/zlib/contrib/dotzlib/DotZLib/ChecksumImpl.cs (+202/-0)
third_party/zlib/contrib/dotzlib/DotZLib/CircularBuffer.cs (+83/-0)
third_party/zlib/contrib/dotzlib/DotZLib/CodecBase.cs (+198/-0)
third_party/zlib/contrib/dotzlib/DotZLib/Deflater.cs (+106/-0)
third_party/zlib/contrib/dotzlib/DotZLib/DotZLib.cs (+288/-0)
third_party/zlib/contrib/dotzlib/DotZLib/DotZLib.csproj (+141/-0)
third_party/zlib/contrib/dotzlib/DotZLib/GZipStream.cs (+301/-0)
third_party/zlib/contrib/dotzlib/DotZLib/Inflater.cs (+105/-0)
third_party/zlib/contrib/dotzlib/DotZLib/UnitTests.cs (+274/-0)
third_party/zlib/contrib/dotzlib/LICENSE_1_0.txt (+23/-0)
third_party/zlib/contrib/dotzlib/readme.txt (+58/-0)
third_party/zlib/contrib/infback9/README (+1/-0)
third_party/zlib/contrib/infback9/infback9.c (+608/-0)
third_party/zlib/contrib/infback9/infback9.h (+37/-0)
third_party/zlib/contrib/infback9/inffix9.h (+107/-0)
third_party/zlib/contrib/infback9/inflate9.h (+47/-0)
third_party/zlib/contrib/infback9/inftree9.c (+323/-0)
third_party/zlib/contrib/infback9/inftree9.h (+55/-0)
third_party/zlib/contrib/inflate86/inffas86.c (+1157/-0)
third_party/zlib/contrib/inflate86/inffast.S (+1368/-0)
third_party/zlib/contrib/iostream/test.cpp (+24/-0)
third_party/zlib/contrib/iostream/zfstream.cpp (+329/-0)
third_party/zlib/contrib/iostream/zfstream.h (+128/-0)
third_party/zlib/contrib/iostream2/zstream.h (+307/-0)
third_party/zlib/contrib/iostream2/zstream_test.cpp (+25/-0)
third_party/zlib/contrib/iostream3/README (+35/-0)
third_party/zlib/contrib/iostream3/TODO (+17/-0)
third_party/zlib/contrib/iostream3/test.cc (+50/-0)
third_party/zlib/contrib/iostream3/zfstream.cc (+479/-0)
third_party/zlib/contrib/iostream3/zfstream.h (+466/-0)
third_party/zlib/contrib/masm686/match.asm (+413/-0)
third_party/zlib/contrib/masmx64/bld_ml64.bat (+2/-0)
third_party/zlib/contrib/masmx64/gvmat64.asm (+513/-0)
third_party/zlib/contrib/masmx64/inffas8664.c (+186/-0)
third_party/zlib/contrib/masmx64/inffasx64.asm (+392/-0)
third_party/zlib/contrib/masmx64/readme.txt (+28/-0)
third_party/zlib/contrib/masmx86/bld_ml32.bat (+2/-0)
third_party/zlib/contrib/masmx86/gvmat32.asm (+972/-0)
third_party/zlib/contrib/masmx86/gvmat32c.c (+62/-0)
third_party/zlib/contrib/masmx86/inffas32.asm (+1083/-0)
third_party/zlib/contrib/masmx86/mkasm.bat (+3/-0)
third_party/zlib/contrib/masmx86/readme.txt (+21/-0)
third_party/zlib/contrib/minizip/ChangeLogUnzip (+67/-0)
third_party/zlib/contrib/minizip/Makefile (+25/-0)
third_party/zlib/contrib/minizip/crypt.h (+132/-0)
third_party/zlib/contrib/minizip/ioapi.c (+177/-0)
third_party/zlib/contrib/minizip/ioapi.h (+75/-0)
third_party/zlib/contrib/minizip/iowin32.c (+270/-0)
third_party/zlib/contrib/minizip/iowin32.h (+21/-0)
third_party/zlib/contrib/minizip/miniunz.c (+585/-0)
third_party/zlib/contrib/minizip/minizip.c (+420/-0)
third_party/zlib/contrib/minizip/mztools.c (+281/-0)
third_party/zlib/contrib/minizip/mztools.h (+31/-0)
third_party/zlib/contrib/minizip/unzip.c (+1598/-0)
third_party/zlib/contrib/minizip/unzip.h (+354/-0)
third_party/zlib/contrib/minizip/zip.c (+1219/-0)
third_party/zlib/contrib/minizip/zip.h (+235/-0)
third_party/zlib/contrib/pascal/example.pas (+599/-0)
third_party/zlib/contrib/pascal/readme.txt (+76/-0)
third_party/zlib/contrib/pascal/zlibd32.mak (+93/-0)
third_party/zlib/contrib/pascal/zlibpas.pas (+236/-0)
third_party/zlib/contrib/puff/Makefile (+8/-0)
third_party/zlib/contrib/puff/README (+63/-0)
third_party/zlib/contrib/puff/puff.c (+837/-0)
third_party/zlib/contrib/puff/puff.h (+31/-0)
third_party/zlib/contrib/testzlib/testzlib.c (+275/-0)
third_party/zlib/contrib/testzlib/testzlib.txt (+10/-0)
third_party/zlib/contrib/untgz/Makefile (+14/-0)
third_party/zlib/contrib/untgz/Makefile.msc (+17/-0)
third_party/zlib/contrib/untgz/untgz.c (+674/-0)
third_party/zlib/contrib/vstudio/readme.txt (+73/-0)
third_party/zlib/contrib/vstudio/vc7/miniunz.vcproj (+126/-0)
third_party/zlib/contrib/vstudio/vc7/minizip.vcproj (+126/-0)
third_party/zlib/contrib/vstudio/vc7/testzlib.vcproj (+126/-0)
third_party/zlib/contrib/vstudio/vc7/zlib.rc (+32/-0)
third_party/zlib/contrib/vstudio/vc7/zlibstat.vcproj (+246/-0)
third_party/zlib/contrib/vstudio/vc7/zlibvc.def (+92/-0)
third_party/zlib/contrib/vstudio/vc7/zlibvc.sln (+78/-0)
third_party/zlib/contrib/vstudio/vc7/zlibvc.vcproj (+445/-0)
third_party/zlib/contrib/vstudio/vc8/miniunz.vcproj (+566/-0)
third_party/zlib/contrib/vstudio/vc8/minizip.vcproj (+563/-0)
third_party/zlib/contrib/vstudio/vc8/testzlib.vcproj (+948/-0)
third_party/zlib/contrib/vstudio/vc8/testzlibdll.vcproj (+567/-0)
third_party/zlib/contrib/vstudio/vc8/zlib.rc (+32/-0)
third_party/zlib/contrib/vstudio/vc8/zlibstat.vcproj (+870/-0)
third_party/zlib/contrib/vstudio/vc8/zlibvc.def (+92/-0)
third_party/zlib/contrib/vstudio/vc8/zlibvc.sln (+144/-0)
third_party/zlib/contrib/vstudio/vc8/zlibvc.vcproj (+1219/-0)
third_party/zlib/crc32.c (+423/-0)
third_party/zlib/crc32.h (+441/-0)
third_party/zlib/deflate.c (+1736/-0)
third_party/zlib/deflate.h (+331/-0)
third_party/zlib/example.c (+565/-0)
third_party/zlib/examples/README.examples (+42/-0)
third_party/zlib/examples/fitblk.c (+233/-0)
third_party/zlib/examples/gun.c (+693/-0)
third_party/zlib/examples/gzappend.c (+500/-0)
third_party/zlib/examples/gzjoin.c (+448/-0)
third_party/zlib/examples/gzlog.c (+413/-0)
third_party/zlib/examples/gzlog.h (+58/-0)
third_party/zlib/examples/zlib_how.html (+523/-0)
third_party/zlib/examples/zpipe.c (+191/-0)
third_party/zlib/examples/zran.c (+404/-0)
third_party/zlib/gzio.c (+1024/-0)
third_party/zlib/infback.c (+623/-0)
third_party/zlib/inffast.c (+318/-0)
third_party/zlib/inffast.h (+11/-0)
third_party/zlib/inffixed.h (+94/-0)
third_party/zlib/inflate.c (+1368/-0)
third_party/zlib/inflate.h (+115/-0)
third_party/zlib/inftrees.c (+329/-0)
third_party/zlib/inftrees.h (+55/-0)
third_party/zlib/make_vms.com (+461/-0)
third_party/zlib/minigzip.c (+322/-0)
third_party/zlib/msdos/Makefile.bor (+109/-0)
third_party/zlib/msdos/Makefile.dj2 (+104/-0)
third_party/zlib/msdos/Makefile.emx (+69/-0)
third_party/zlib/msdos/Makefile.msc (+106/-0)
third_party/zlib/msdos/Makefile.tc (+94/-0)
third_party/zlib/old/Makefile.riscos (+151/-0)
third_party/zlib/old/README (+3/-0)
third_party/zlib/old/descrip.mms (+48/-0)
third_party/zlib/old/os2/Makefile.os2 (+136/-0)
third_party/zlib/old/os2/zlib.def (+51/-0)
third_party/zlib/old/visual-basic.txt (+160/-0)
third_party/zlib/old/zlib.html (+971/-0)
third_party/zlib/projects/README.projects (+41/-0)
third_party/zlib/projects/visualc6/README.txt (+73/-0)
third_party/zlib/projects/visualc6/example.dsp (+278/-0)
third_party/zlib/projects/visualc6/minigzip.dsp (+278/-0)
third_party/zlib/projects/visualc6/zlib.dsp (+609/-0)
third_party/zlib/projects/visualc6/zlib.dsw (+59/-0)
third_party/zlib/qnx/package.qpg (+141/-0)
third_party/zlib/trees.c (+1219/-0)
third_party/zlib/trees.h (+128/-0)
third_party/zlib/uncompr.c (+60/-0)
third_party/zlib/win32/DLL_FAQ.txt (+397/-0)
third_party/zlib/win32/Makefile.bor (+107/-0)
third_party/zlib/win32/Makefile.emx (+69/-0)
third_party/zlib/win32/Makefile.gcc (+141/-0)
third_party/zlib/win32/Makefile.msc (+126/-0)
third_party/zlib/win32/VisualC.txt (+3/-0)
third_party/zlib/win32/zlib.def (+60/-0)
third_party/zlib/win32/zlib1.rc (+39/-0)
third_party/zlib/wscript (+17/-0)
third_party/zlib/zconf.h (+335/-0)
third_party/zlib/zconf.in.h (+332/-0)
third_party/zlib/zlib.h (+1374/-0)
third_party/zlib/zutil.c (+318/-0)
third_party/zlib/zutil.h (+269/-0)
wintest/README (+5/-0)
wintest/conf/abartlet-jesse.conf (+104/-0)
wintest/conf/abartlet.conf (+104/-0)
wintest/conf/bbaumbach.conf (+97/-0)
wintest/conf/tridge.conf (+95/-0)
wintest/conf/zahari-esxi.conf (+46/-0)
wintest/test-s3.py (+286/-0)
wintest/test-s4-howto.py (+719/-0)
wintest/wintest.py (+1000/-0)
wscript (+395/-0)
wscript_build (+161/-0)
wscript_build_embedded_heimdal (+4/-0)
wscript_build_system_heimdal (+4/-0)
wscript_build_system_mitkrb5 (+4/-0)
wscript_configure_system_mitkrb5 (+312/-0)
Reviewer Review Type Date Requested Status
Robie Basak 2018-07-03 Approve on 2018-07-03
Canonical Server Team 2018-07-03 Pending
Review via email: mp+348888@code.launchpad.net

Description of the change

Please use git to review this MP, as launchpad's diff is incorrect.

This is a no-change rebuild to link with the new libldb that is in cosmic-proposed (1.3.3), blocked because it requires a samba rebuild due to dsdb-modules:

ldb (2:1.2.3-1 to 2:1.3.3-1)
Maintainer: Debian Samba Maintainers
47 days old
autopkgtest for samba/2:4.7.6+dfsg~ubuntu-0ubuntu2: amd64: Pass, arm64: Pass, armhf: Pass, i386: Pass, ppc64el: Pass, s390x: Pass
Valid candidate

trying: ldb
skipped: ldb (0, 1, 47)
    got: 7+0: a-1:a-2:a-1:i-1:p-1:s-1
    * arm64: samba-dsdb-modules

I have an MP for samba 4.8 (https://code.launchpad.net/~ahasenack/ubuntu/+source/samba/+git/samba/+merge/348424) but that is on hold due to a regression detected in the security team's regression test suite (https://bugzilla.samba.org/show_bug.cgi?id=13486). So far upstream hasn't commented on the bug.

Since ldb is a library, and has been stuck for a while, I believe it's best to migrate it sooner rather than later, since we don't know when the 4.8 bug will get some attention.

To post a comment you must log in.
Robie Basak (racb) wrote :

Tagged and uploaded.

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/debian/changelog b/debian/changelog
2index bf75b4e..539294e 100644
3--- a/debian/changelog
4+++ b/debian/changelog
5@@ -1,3 +1,9 @@
6+samba (2:4.7.6+dfsg~ubuntu-0ubuntu3) cosmic; urgency=medium
7+
8+ * No change rebuild to link with new ldb 1.3.3
9+
10+ -- Andreas Hasenack <andreas@canonical.com> Tue, 03 Jul 2018 09:57:24 -0300
11+
12 samba (2:4.7.6+dfsg~ubuntu-0ubuntu2) bionic; urgency=medium
13
14 * debian/patches/passdb_dont_return_ok_if_pinfo_not_filled.patch:
15diff --git a/source4/ldap_server/ldap_backend.c b/source4/ldap_server/ldap_backend.c
16new file mode 100644
17index 0000000..d4e9030
18--- /dev/null
19+++ b/source4/ldap_server/ldap_backend.c
20@@ -0,0 +1,1338 @@
21+/*
22+ Unix SMB/CIFS implementation.
23+ LDAP server
24+ Copyright (C) Stefan Metzmacher 2004
25+ Copyright (C) Matthias Dieter Wallnöfer 2009
26+
27+ This program is free software; you can redistribute it and/or modify
28+ it under the terms of the GNU General Public License as published by
29+ the Free Software Foundation; either version 3 of the License, or
30+ (at your option) any later version.
31+
32+ This program is distributed in the hope that it will be useful,
33+ but WITHOUT ANY WARRANTY; without even the implied warranty of
34+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
35+ GNU General Public License for more details.
36+
37+ You should have received a copy of the GNU General Public License
38+ along with this program. If not, see <http://www.gnu.org/licenses/>.
39+*/
40+
41+#include "includes.h"
42+#include "ldap_server/ldap_server.h"
43+#include "../lib/util/dlinklist.h"
44+#include "auth/credentials/credentials.h"
45+#include "auth/gensec/gensec.h"
46+#include "auth/gensec/gensec_internal.h" /* TODO: remove this */
47+#include "auth/common_auth.h"
48+#include "param/param.h"
49+#include "smbd/service_stream.h"
50+#include "dsdb/samdb/samdb.h"
51+#include <ldb_errors.h>
52+#include <ldb_module.h>
53+#include "ldb_wrap.h"
54+
55+static int map_ldb_error(TALLOC_CTX *mem_ctx, int ldb_err,
56+ const char *add_err_string, const char **errstring)
57+{
58+ WERROR err;
59+
60+ /* Certain LDB modules need to return very special WERROR codes. Proof
61+ * for them here and if they exist skip the rest of the mapping. */
62+ if (add_err_string != NULL) {
63+ char *endptr;
64+ strtol(add_err_string, &endptr, 16);
65+ if (endptr != add_err_string) {
66+ *errstring = add_err_string;
67+ return ldb_err;
68+ }
69+ }
70+
71+ /* Otherwise we calculate here a generic, but appropriate WERROR. */
72+
73+ switch (ldb_err) {
74+ case LDB_SUCCESS:
75+ err = WERR_OK;
76+ break;
77+ case LDB_ERR_OPERATIONS_ERROR:
78+ err = WERR_DS_OPERATIONS_ERROR;
79+ break;
80+ case LDB_ERR_PROTOCOL_ERROR:
81+ err = WERR_DS_PROTOCOL_ERROR;
82+ break;
83+ case LDB_ERR_TIME_LIMIT_EXCEEDED:
84+ err = WERR_DS_TIMELIMIT_EXCEEDED;
85+ break;
86+ case LDB_ERR_SIZE_LIMIT_EXCEEDED:
87+ err = WERR_DS_SIZELIMIT_EXCEEDED;
88+ break;
89+ case LDB_ERR_COMPARE_FALSE:
90+ err = WERR_DS_COMPARE_FALSE;
91+ break;
92+ case LDB_ERR_COMPARE_TRUE:
93+ err = WERR_DS_COMPARE_TRUE;
94+ break;
95+ case LDB_ERR_AUTH_METHOD_NOT_SUPPORTED:
96+ err = WERR_DS_AUTH_METHOD_NOT_SUPPORTED;
97+ break;
98+ case LDB_ERR_STRONG_AUTH_REQUIRED:
99+ err = WERR_DS_STRONG_AUTH_REQUIRED;
100+ break;
101+ case LDB_ERR_REFERRAL:
102+ err = WERR_DS_REFERRAL;
103+ break;
104+ case LDB_ERR_ADMIN_LIMIT_EXCEEDED:
105+ err = WERR_DS_ADMIN_LIMIT_EXCEEDED;
106+ break;
107+ case LDB_ERR_UNSUPPORTED_CRITICAL_EXTENSION:
108+ err = WERR_DS_UNAVAILABLE_CRIT_EXTENSION;
109+ break;
110+ case LDB_ERR_CONFIDENTIALITY_REQUIRED:
111+ err = WERR_DS_CONFIDENTIALITY_REQUIRED;
112+ break;
113+ case LDB_ERR_SASL_BIND_IN_PROGRESS:
114+ err = WERR_DS_BUSY;
115+ break;
116+ case LDB_ERR_NO_SUCH_ATTRIBUTE:
117+ err = WERR_DS_NO_ATTRIBUTE_OR_VALUE;
118+ break;
119+ case LDB_ERR_UNDEFINED_ATTRIBUTE_TYPE:
120+ err = WERR_DS_ATTRIBUTE_TYPE_UNDEFINED;
121+ break;
122+ case LDB_ERR_INAPPROPRIATE_MATCHING:
123+ err = WERR_DS_INAPPROPRIATE_MATCHING;
124+ break;
125+ case LDB_ERR_CONSTRAINT_VIOLATION:
126+ err = WERR_DS_CONSTRAINT_VIOLATION;
127+ break;
128+ case LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS:
129+ err = WERR_DS_ATTRIBUTE_OR_VALUE_EXISTS;
130+ break;
131+ case LDB_ERR_INVALID_ATTRIBUTE_SYNTAX:
132+ err = WERR_DS_INVALID_ATTRIBUTE_SYNTAX;
133+ break;
134+ case LDB_ERR_NO_SUCH_OBJECT:
135+ err = WERR_DS_NO_SUCH_OBJECT;
136+ break;
137+ case LDB_ERR_ALIAS_PROBLEM:
138+ err = WERR_DS_ALIAS_PROBLEM;
139+ break;
140+ case LDB_ERR_INVALID_DN_SYNTAX:
141+ err = WERR_DS_INVALID_DN_SYNTAX;
142+ break;
143+ case LDB_ERR_ALIAS_DEREFERENCING_PROBLEM:
144+ err = WERR_DS_ALIAS_DEREF_PROBLEM;
145+ break;
146+ case LDB_ERR_INAPPROPRIATE_AUTHENTICATION:
147+ err = WERR_DS_INAPPROPRIATE_AUTH;
148+ break;
149+ case LDB_ERR_INVALID_CREDENTIALS:
150+ err = WERR_ACCESS_DENIED;
151+ break;
152+ case LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS:
153+ err = WERR_DS_INSUFF_ACCESS_RIGHTS;
154+ break;
155+ case LDB_ERR_BUSY:
156+ err = WERR_DS_BUSY;
157+ break;
158+ case LDB_ERR_UNAVAILABLE:
159+ err = WERR_DS_UNAVAILABLE;
160+ break;
161+ case LDB_ERR_UNWILLING_TO_PERFORM:
162+ err = WERR_DS_UNWILLING_TO_PERFORM;
163+ break;
164+ case LDB_ERR_LOOP_DETECT:
165+ err = WERR_DS_LOOP_DETECT;
166+ break;
167+ case LDB_ERR_NAMING_VIOLATION:
168+ err = WERR_DS_NAMING_VIOLATION;
169+ break;
170+ case LDB_ERR_OBJECT_CLASS_VIOLATION:
171+ err = WERR_DS_OBJ_CLASS_VIOLATION;
172+ break;
173+ case LDB_ERR_NOT_ALLOWED_ON_NON_LEAF:
174+ err = WERR_DS_CANT_ON_NON_LEAF;
175+ break;
176+ case LDB_ERR_NOT_ALLOWED_ON_RDN:
177+ err = WERR_DS_CANT_ON_RDN;
178+ break;
179+ case LDB_ERR_ENTRY_ALREADY_EXISTS:
180+ err = WERR_DS_OBJ_STRING_NAME_EXISTS;
181+ break;
182+ case LDB_ERR_OBJECT_CLASS_MODS_PROHIBITED:
183+ err = WERR_DS_CANT_MOD_OBJ_CLASS;
184+ break;
185+ case LDB_ERR_AFFECTS_MULTIPLE_DSAS:
186+ err = WERR_DS_AFFECTS_MULTIPLE_DSAS;
187+ break;
188+ default:
189+ err = WERR_DS_GENERIC_ERROR;
190+ break;
191+ }
192+
193+ *errstring = talloc_asprintf(mem_ctx, "%08X: %s", W_ERROR_V(err),
194+ add_err_string != NULL ? add_err_string : ldb_strerror(ldb_err));
195+
196+ /* result is 1:1 for now */
197+ return ldb_err;
198+}
199+
200+/*
201+ connect to the sam database
202+*/
203+NTSTATUS ldapsrv_backend_Init(struct ldapsrv_connection *conn)
204+{
205+ conn->ldb = samdb_connect(conn,
206+ conn->connection->event.ctx,
207+ conn->lp_ctx,
208+ conn->session_info,
209+ conn->global_catalog ? LDB_FLG_RDONLY : 0);
210+ if (conn->ldb == NULL) {
211+ return NT_STATUS_INTERNAL_DB_CORRUPTION;
212+ }
213+
214+ if (conn->server_credentials) {
215+ char **sasl_mechs = NULL;
216+ const struct gensec_security_ops * const *backends = gensec_security_all();
217+ const struct gensec_security_ops **ops
218+ = gensec_use_kerberos_mechs(conn, backends, conn->server_credentials);
219+ unsigned int i, j = 0;
220+ for (i = 0; ops && ops[i]; i++) {
221+ if (!lpcfg_parm_bool(conn->lp_ctx, NULL, "gensec", ops[i]->name, ops[i]->enabled))
222+ continue;
223+
224+ if (ops[i]->sasl_name && ops[i]->server_start) {
225+ char *sasl_name = talloc_strdup(conn, ops[i]->sasl_name);
226+
227+ if (!sasl_name) {
228+ return NT_STATUS_NO_MEMORY;
229+ }
230+ sasl_mechs = talloc_realloc(conn, sasl_mechs, char *, j + 2);
231+ if (!sasl_mechs) {
232+ return NT_STATUS_NO_MEMORY;
233+ }
234+ sasl_mechs[j] = sasl_name;
235+ talloc_steal(sasl_mechs, sasl_name);
236+ sasl_mechs[j+1] = NULL;
237+ j++;
238+ }
239+ }
240+ talloc_unlink(conn, ops);
241+
242+ /* ldb can have a different lifetime to conn, so we
243+ need to ensure that sasl_mechs lives as long as the
244+ ldb does */
245+ talloc_steal(conn->ldb, sasl_mechs);
246+
247+ ldb_set_opaque(conn->ldb, "supportedSASLMechanisms", sasl_mechs);
248+ }
249+
250+ ldb_set_opaque(conn->ldb, "remoteAddress",
251+ conn->connection->remote_address);
252+
253+ return NT_STATUS_OK;
254+}
255+
256+struct ldapsrv_reply *ldapsrv_init_reply(struct ldapsrv_call *call, uint8_t type)
257+{
258+ struct ldapsrv_reply *reply;
259+
260+ reply = talloc_zero(call, struct ldapsrv_reply);
261+ if (!reply) {
262+ return NULL;
263+ }
264+ reply->msg = talloc_zero(reply, struct ldap_message);
265+ if (reply->msg == NULL) {
266+ talloc_free(reply);
267+ return NULL;
268+ }
269+
270+ reply->msg->messageid = call->request->messageid;
271+ reply->msg->type = type;
272+ reply->msg->controls = NULL;
273+
274+ return reply;
275+}
276+
277+void ldapsrv_queue_reply(struct ldapsrv_call *call, struct ldapsrv_reply *reply)
278+{
279+ DLIST_ADD_END(call->replies, reply);
280+}
281+
282+static NTSTATUS ldapsrv_unwilling(struct ldapsrv_call *call, int error)
283+{
284+ struct ldapsrv_reply *reply;
285+ struct ldap_ExtendedResponse *r;
286+
287+ DEBUG(10,("Unwilling type[%d] id[%d]\n", call->request->type, call->request->messageid));
288+
289+ reply = ldapsrv_init_reply(call, LDAP_TAG_ExtendedResponse);
290+ if (!reply) {
291+ return NT_STATUS_NO_MEMORY;
292+ }
293+
294+ r = &reply->msg->r.ExtendedResponse;
295+ r->response.resultcode = error;
296+ r->response.dn = NULL;
297+ r->response.errormessage = NULL;
298+ r->response.referral = NULL;
299+ r->oid = NULL;
300+ r->value = NULL;
301+
302+ ldapsrv_queue_reply(call, reply);
303+ return NT_STATUS_OK;
304+}
305+
306+static int ldapsrv_add_with_controls(struct ldapsrv_call *call,
307+ const struct ldb_message *message,
308+ struct ldb_control **controls,
309+ struct ldb_result *res)
310+{
311+ struct ldb_context *ldb = call->conn->ldb;
312+ struct ldb_request *req;
313+ int ret;
314+
315+ ret = ldb_msg_sanity_check(ldb, message);
316+ if (ret != LDB_SUCCESS) {
317+ return ret;
318+ }
319+
320+ ret = ldb_build_add_req(&req, ldb, ldb,
321+ message,
322+ controls,
323+ res,
324+ ldb_modify_default_callback,
325+ NULL);
326+
327+ if (ret != LDB_SUCCESS) return ret;
328+
329+ if (call->conn->global_catalog) {
330+ return ldb_error(ldb, LDB_ERR_UNWILLING_TO_PERFORM, "modify forbidden on global catalog port");
331+ }
332+ ldb_request_add_control(req, DSDB_CONTROL_NO_GLOBAL_CATALOG, false, NULL);
333+
334+ ret = ldb_transaction_start(ldb);
335+ if (ret != LDB_SUCCESS) {
336+ return ret;
337+ }
338+
339+ if (!call->conn->is_privileged) {
340+ ldb_req_mark_untrusted(req);
341+ }
342+
343+ LDB_REQ_SET_LOCATION(req);
344+
345+ ret = ldb_request(ldb, req);
346+ if (ret == LDB_SUCCESS) {
347+ ret = ldb_wait(req->handle, LDB_WAIT_ALL);
348+ }
349+
350+ if (ret == LDB_SUCCESS) {
351+ ret = ldb_transaction_commit(ldb);
352+ }
353+ else {
354+ ldb_transaction_cancel(ldb);
355+ }
356+
357+ talloc_free(req);
358+ return ret;
359+}
360+
361+/* create and execute a modify request */
362+static int ldapsrv_mod_with_controls(struct ldapsrv_call *call,
363+ const struct ldb_message *message,
364+ struct ldb_control **controls,
365+ struct ldb_result *res)
366+{
367+ struct ldb_context *ldb = call->conn->ldb;
368+ struct ldb_request *req;
369+ int ret;
370+
371+ ret = ldb_msg_sanity_check(ldb, message);
372+ if (ret != LDB_SUCCESS) {
373+ return ret;
374+ }
375+
376+ ret = ldb_build_mod_req(&req, ldb, ldb,
377+ message,
378+ controls,
379+ res,
380+ ldb_modify_default_callback,
381+ NULL);
382+
383+ if (ret != LDB_SUCCESS) {
384+ return ret;
385+ }
386+
387+ if (call->conn->global_catalog) {
388+ return ldb_error(ldb, LDB_ERR_UNWILLING_TO_PERFORM, "modify forbidden on global catalog port");
389+ }
390+ ldb_request_add_control(req, DSDB_CONTROL_NO_GLOBAL_CATALOG, false, NULL);
391+
392+ ret = ldb_transaction_start(ldb);
393+ if (ret != LDB_SUCCESS) {
394+ return ret;
395+ }
396+
397+ if (!call->conn->is_privileged) {
398+ ldb_req_mark_untrusted(req);
399+ }
400+
401+ LDB_REQ_SET_LOCATION(req);
402+
403+ ret = ldb_request(ldb, req);
404+ if (ret == LDB_SUCCESS) {
405+ ret = ldb_wait(req->handle, LDB_WAIT_ALL);
406+ }
407+
408+ if (ret == LDB_SUCCESS) {
409+ ret = ldb_transaction_commit(ldb);
410+ }
411+ else {
412+ ldb_transaction_cancel(ldb);
413+ }
414+
415+ talloc_free(req);
416+ return ret;
417+}
418+
419+/* create and execute a delete request */
420+static int ldapsrv_del_with_controls(struct ldapsrv_call *call,
421+ struct ldb_dn *dn,
422+ struct ldb_control **controls,
423+ struct ldb_result *res)
424+{
425+ struct ldb_context *ldb = call->conn->ldb;
426+ struct ldb_request *req;
427+ int ret;
428+
429+ ret = ldb_build_del_req(&req, ldb, ldb,
430+ dn,
431+ controls,
432+ res,
433+ ldb_modify_default_callback,
434+ NULL);
435+
436+ if (ret != LDB_SUCCESS) return ret;
437+
438+ if (call->conn->global_catalog) {
439+ return ldb_error(ldb, LDB_ERR_UNWILLING_TO_PERFORM, "modify forbidden on global catalog port");
440+ }
441+ ldb_request_add_control(req, DSDB_CONTROL_NO_GLOBAL_CATALOG, false, NULL);
442+
443+ ret = ldb_transaction_start(ldb);
444+ if (ret != LDB_SUCCESS) {
445+ return ret;
446+ }
447+
448+ if (!call->conn->is_privileged) {
449+ ldb_req_mark_untrusted(req);
450+ }
451+
452+ LDB_REQ_SET_LOCATION(req);
453+
454+ ret = ldb_request(ldb, req);
455+ if (ret == LDB_SUCCESS) {
456+ ret = ldb_wait(req->handle, LDB_WAIT_ALL);
457+ }
458+
459+ if (ret == LDB_SUCCESS) {
460+ ret = ldb_transaction_commit(ldb);
461+ }
462+ else {
463+ ldb_transaction_cancel(ldb);
464+ }
465+
466+ talloc_free(req);
467+ return ret;
468+}
469+
470+static int ldapsrv_rename_with_controls(struct ldapsrv_call *call,
471+ struct ldb_dn *olddn,
472+ struct ldb_dn *newdn,
473+ struct ldb_control **controls,
474+ struct ldb_result *res)
475+{
476+ struct ldb_context *ldb = call->conn->ldb;
477+ struct ldb_request *req;
478+ int ret;
479+
480+ ret = ldb_build_rename_req(&req, ldb, ldb,
481+ olddn,
482+ newdn,
483+ controls,
484+ res,
485+ ldb_modify_default_callback,
486+ NULL);
487+
488+ if (ret != LDB_SUCCESS) return ret;
489+
490+ if (call->conn->global_catalog) {
491+ return ldb_error(ldb, LDB_ERR_UNWILLING_TO_PERFORM, "modify forbidden on global catalog port");
492+ }
493+ ldb_request_add_control(req, DSDB_CONTROL_NO_GLOBAL_CATALOG, false, NULL);
494+
495+ ret = ldb_transaction_start(ldb);
496+ if (ret != LDB_SUCCESS) {
497+ return ret;
498+ }
499+
500+ if (!call->conn->is_privileged) {
501+ ldb_req_mark_untrusted(req);
502+ }
503+
504+ LDB_REQ_SET_LOCATION(req);
505+
506+ ret = ldb_request(ldb, req);
507+ if (ret == LDB_SUCCESS) {
508+ ret = ldb_wait(req->handle, LDB_WAIT_ALL);
509+ }
510+
511+ if (ret == LDB_SUCCESS) {
512+ ret = ldb_transaction_commit(ldb);
513+ }
514+ else {
515+ ldb_transaction_cancel(ldb);
516+ }
517+
518+ talloc_free(req);
519+ return ret;
520+}
521+
522+static NTSTATUS ldapsrv_SearchRequest(struct ldapsrv_call *call)
523+{
524+ struct ldap_SearchRequest *req = &call->request->r.SearchRequest;
525+ struct ldap_SearchResEntry *ent;
526+ struct ldap_Result *done;
527+ struct ldapsrv_reply *ent_r, *done_r;
528+ TALLOC_CTX *local_ctx;
529+ struct ldb_context *samdb = talloc_get_type(call->conn->ldb, struct ldb_context);
530+ struct ldb_dn *basedn;
531+ struct ldb_result *res = NULL;
532+ struct ldb_request *lreq;
533+ struct ldb_control *search_control;
534+ struct ldb_search_options_control *search_options;
535+ struct ldb_control *extended_dn_control;
536+ struct ldb_extended_dn_control *extended_dn_decoded = NULL;
537+ struct ldb_control *notification_control = NULL;
538+ enum ldb_scope scope = LDB_SCOPE_DEFAULT;
539+ const char **attrs = NULL;
540+ const char *scope_str, *errstr = NULL;
541+ int success_limit = 1;
542+ int result = -1;
543+ int ldb_ret = -1;
544+ unsigned int i, j;
545+ int extended_type = 1;
546+
547+ DEBUG(10, ("SearchRequest"));
548+ DEBUGADD(10, (" basedn: %s", req->basedn));
549+ DEBUGADD(10, (" filter: %s\n", ldb_filter_from_tree(call, req->tree)));
550+
551+ local_ctx = talloc_new(call);
552+ NT_STATUS_HAVE_NO_MEMORY(local_ctx);
553+
554+ basedn = ldb_dn_new(local_ctx, samdb, req->basedn);
555+ NT_STATUS_HAVE_NO_MEMORY(basedn);
556+
557+ DEBUG(10, ("SearchRequest: basedn: [%s]\n", req->basedn));
558+ DEBUG(10, ("SearchRequest: filter: [%s]\n", ldb_filter_from_tree(call, req->tree)));
559+
560+ switch (req->scope) {
561+ case LDAP_SEARCH_SCOPE_BASE:
562+ scope_str = "BASE";
563+ scope = LDB_SCOPE_BASE;
564+ success_limit = 0;
565+ break;
566+ case LDAP_SEARCH_SCOPE_SINGLE:
567+ scope_str = "ONE";
568+ scope = LDB_SCOPE_ONELEVEL;
569+ success_limit = 0;
570+ break;
571+ case LDAP_SEARCH_SCOPE_SUB:
572+ scope_str = "SUB";
573+ scope = LDB_SCOPE_SUBTREE;
574+ success_limit = 0;
575+ break;
576+ default:
577+ result = LDAP_PROTOCOL_ERROR;
578+ map_ldb_error(local_ctx, LDB_ERR_PROTOCOL_ERROR, NULL,
579+ &errstr);
580+ errstr = talloc_asprintf(local_ctx,
581+ "%s. Invalid scope", errstr);
582+ goto reply;
583+ }
584+ DEBUG(10,("SearchRequest: scope: [%s]\n", scope_str));
585+
586+ if (req->num_attributes >= 1) {
587+ attrs = talloc_array(local_ctx, const char *, req->num_attributes+1);
588+ NT_STATUS_HAVE_NO_MEMORY(attrs);
589+
590+ for (i=0; i < req->num_attributes; i++) {
591+ DEBUG(10,("SearchRequest: attrs: [%s]\n",req->attributes[i]));
592+ attrs[i] = req->attributes[i];
593+ }
594+ attrs[i] = NULL;
595+ }
596+
597+ DEBUG(5,("ldb_request %s dn=%s filter=%s\n",
598+ scope_str, req->basedn, ldb_filter_from_tree(call, req->tree)));
599+
600+ res = talloc_zero(local_ctx, struct ldb_result);
601+ NT_STATUS_HAVE_NO_MEMORY(res);
602+
603+ ldb_ret = ldb_build_search_req_ex(&lreq, samdb, local_ctx,
604+ basedn, scope,
605+ req->tree, attrs,
606+ call->request->controls,
607+ res, ldb_search_default_callback,
608+ NULL);
609+
610+ if (ldb_ret != LDB_SUCCESS) {
611+ goto reply;
612+ }
613+
614+ if (call->conn->global_catalog) {
615+ search_control = ldb_request_get_control(lreq, LDB_CONTROL_SEARCH_OPTIONS_OID);
616+
617+ search_options = NULL;
618+ if (search_control) {
619+ search_options = talloc_get_type(search_control->data, struct ldb_search_options_control);
620+ search_options->search_options |= LDB_SEARCH_OPTION_PHANTOM_ROOT;
621+ } else {
622+ search_options = talloc(lreq, struct ldb_search_options_control);
623+ NT_STATUS_HAVE_NO_MEMORY(search_options);
624+ search_options->search_options = LDB_SEARCH_OPTION_PHANTOM_ROOT;
625+ ldb_request_add_control(lreq, LDB_CONTROL_SEARCH_OPTIONS_OID, false, search_options);
626+ }
627+ } else {
628+ ldb_request_add_control(lreq, DSDB_CONTROL_NO_GLOBAL_CATALOG, false, NULL);
629+ }
630+
631+ extended_dn_control = ldb_request_get_control(lreq, LDB_CONTROL_EXTENDED_DN_OID);
632+
633+ if (extended_dn_control) {
634+ if (extended_dn_control->data) {
635+ extended_dn_decoded = talloc_get_type(extended_dn_control->data, struct ldb_extended_dn_control);
636+ extended_type = extended_dn_decoded->type;
637+ } else {
638+ extended_type = 0;
639+ }
640+ }
641+
642+ notification_control = ldb_request_get_control(lreq, LDB_CONTROL_NOTIFICATION_OID);
643+ if (notification_control != NULL) {
644+ const struct ldapsrv_call *pc = NULL;
645+ size_t count = 0;
646+
647+ for (pc = call->conn->pending_calls; pc != NULL; pc = pc->next) {
648+ count += 1;
649+ }
650+
651+ if (count >= call->conn->limits.max_notifications) {
652+ DEBUG(10,("SearchRequest: error MaxNotificationPerConn\n"));
653+ result = map_ldb_error(local_ctx,
654+ LDB_ERR_ADMIN_LIMIT_EXCEEDED,
655+ "MaxNotificationPerConn reached",
656+ &errstr);
657+ goto reply;
658+ }
659+
660+ /*
661+ * For now we need to do periodic retries on our own.
662+ * As the dsdb_notification module will return after each run.
663+ */
664+ call->notification.busy = true;
665+ }
666+
667+ ldb_set_timeout(samdb, lreq, req->timelimit);
668+
669+ if (!call->conn->is_privileged) {
670+ ldb_req_mark_untrusted(lreq);
671+ }
672+
673+ LDB_REQ_SET_LOCATION(lreq);
674+
675+ ldb_ret = ldb_request(samdb, lreq);
676+
677+ if (ldb_ret != LDB_SUCCESS) {
678+ goto reply;
679+ }
680+
681+ ldb_ret = ldb_wait(lreq->handle, LDB_WAIT_ALL);
682+
683+ if (ldb_ret == LDB_SUCCESS) {
684+ for (i = 0; i < res->count; i++) {
685+ ent_r = ldapsrv_init_reply(call, LDAP_TAG_SearchResultEntry);
686+ NT_STATUS_HAVE_NO_MEMORY(ent_r);
687+
688+ /* Better to have the whole message kept here,
689+ * than to find someone further up didn't put
690+ * a value in the right spot in the talloc tree */
691+ talloc_steal(ent_r, res->msgs[i]);
692+
693+ ent = &ent_r->msg->r.SearchResultEntry;
694+ ent->dn = ldb_dn_get_extended_linearized(ent_r, res->msgs[i]->dn, extended_type);
695+ ent->num_attributes = 0;
696+ ent->attributes = NULL;
697+ if (res->msgs[i]->num_elements == 0) {
698+ goto queue_reply;
699+ }
700+ ent->num_attributes = res->msgs[i]->num_elements;
701+ ent->attributes = talloc_array(ent_r, struct ldb_message_element, ent->num_attributes);
702+ NT_STATUS_HAVE_NO_MEMORY(ent->attributes);
703+ for (j=0; j < ent->num_attributes; j++) {
704+ ent->attributes[j].name = res->msgs[i]->elements[j].name;
705+ ent->attributes[j].num_values = 0;
706+ ent->attributes[j].values = NULL;
707+ if (req->attributesonly && (res->msgs[i]->elements[j].num_values == 0)) {
708+ continue;
709+ }
710+ ent->attributes[j].num_values = res->msgs[i]->elements[j].num_values;
711+ ent->attributes[j].values = res->msgs[i]->elements[j].values;
712+ }
713+queue_reply:
714+ ldapsrv_queue_reply(call, ent_r);
715+ }
716+
717+ if (call->notification.busy) {
718+ /* Move/Add it to the end */
719+ DLIST_DEMOTE(call->conn->pending_calls, call);
720+ call->notification.generation =
721+ call->conn->service->notification.generation;
722+
723+ if (res->count != 0) {
724+ call->notification.generation += 1;
725+ ldapsrv_notification_retry_setup(call->conn->service,
726+ true);
727+ }
728+
729+ talloc_free(local_ctx);
730+ return NT_STATUS_OK;
731+ }
732+
733+ /* Send back referrals if they do exist (search operations) */
734+ if (res->refs != NULL) {
735+ char **ref;
736+ struct ldap_SearchResRef *ent_ref;
737+
738+ for (ref = res->refs; *ref != NULL; ++ref) {
739+ ent_r = ldapsrv_init_reply(call, LDAP_TAG_SearchResultReference);
740+ NT_STATUS_HAVE_NO_MEMORY(ent_r);
741+
742+ /* Better to have the whole referrals kept here,
743+ * than to find someone further up didn't put
744+ * a value in the right spot in the talloc tree
745+ */
746+ talloc_steal(ent_r, *ref);
747+
748+ ent_ref = &ent_r->msg->r.SearchResultReference;
749+ ent_ref->referral = *ref;
750+
751+ ldapsrv_queue_reply(call, ent_r);
752+ }
753+ }
754+ }
755+
756+reply:
757+ DLIST_REMOVE(call->conn->pending_calls, call);
758+ call->notification.busy = false;
759+
760+ done_r = ldapsrv_init_reply(call, LDAP_TAG_SearchResultDone);
761+ NT_STATUS_HAVE_NO_MEMORY(done_r);
762+
763+ done = &done_r->msg->r.SearchResultDone;
764+ done->dn = NULL;
765+ done->referral = NULL;
766+
767+ if (result != -1) {
768+ } else if (ldb_ret == LDB_SUCCESS) {
769+ if (res->count >= success_limit) {
770+ DEBUG(10,("SearchRequest: results: [%d]\n", res->count));
771+ result = LDAP_SUCCESS;
772+ errstr = NULL;
773+ }
774+ if (res->controls) {
775+ done_r->msg->controls = res->controls;
776+ talloc_steal(done_r, res->controls);
777+ }
778+ } else {
779+ DEBUG(10,("SearchRequest: error\n"));
780+ result = map_ldb_error(local_ctx, ldb_ret, ldb_errstring(samdb),
781+ &errstr);
782+ }
783+
784+ done->resultcode = result;
785+ done->errormessage = (errstr?talloc_strdup(done_r, errstr):NULL);
786+
787+ talloc_free(local_ctx);
788+
789+ ldapsrv_queue_reply(call, done_r);
790+ return NT_STATUS_OK;
791+}
792+
793+static NTSTATUS ldapsrv_ModifyRequest(struct ldapsrv_call *call)
794+{
795+ struct ldap_ModifyRequest *req = &call->request->r.ModifyRequest;
796+ struct ldap_Result *modify_result;
797+ struct ldapsrv_reply *modify_reply;
798+ TALLOC_CTX *local_ctx;
799+ struct ldb_context *samdb = call->conn->ldb;
800+ struct ldb_message *msg = NULL;
801+ struct ldb_dn *dn;
802+ const char *errstr = NULL;
803+ int result = LDAP_SUCCESS;
804+ int ldb_ret;
805+ unsigned int i,j;
806+ struct ldb_result *res = NULL;
807+
808+ DEBUG(10, ("ModifyRequest"));
809+ DEBUGADD(10, (" dn: %s\n", req->dn));
810+
811+ local_ctx = talloc_named(call, 0, "ModifyRequest local memory context");
812+ NT_STATUS_HAVE_NO_MEMORY(local_ctx);
813+
814+ dn = ldb_dn_new(local_ctx, samdb, req->dn);
815+ NT_STATUS_HAVE_NO_MEMORY(dn);
816+
817+ DEBUG(10, ("ModifyRequest: dn: [%s]\n", req->dn));
818+
819+ msg = talloc(local_ctx, struct ldb_message);
820+ NT_STATUS_HAVE_NO_MEMORY(msg);
821+
822+ msg->dn = dn;
823+ msg->num_elements = 0;
824+ msg->elements = NULL;
825+
826+ if (req->num_mods > 0) {
827+ msg->num_elements = req->num_mods;
828+ msg->elements = talloc_array(msg, struct ldb_message_element, req->num_mods);
829+ NT_STATUS_HAVE_NO_MEMORY(msg->elements);
830+
831+ for (i=0; i < msg->num_elements; i++) {
832+ msg->elements[i].name = discard_const_p(char, req->mods[i].attrib.name);
833+ msg->elements[i].num_values = 0;
834+ msg->elements[i].values = NULL;
835+
836+ switch (req->mods[i].type) {
837+ default:
838+ result = LDAP_PROTOCOL_ERROR;
839+ map_ldb_error(local_ctx,
840+ LDB_ERR_PROTOCOL_ERROR, NULL, &errstr);
841+ errstr = talloc_asprintf(local_ctx,
842+ "%s. Invalid LDAP_MODIFY_* type", errstr);
843+ goto reply;
844+ case LDAP_MODIFY_ADD:
845+ msg->elements[i].flags = LDB_FLAG_MOD_ADD;
846+ break;
847+ case LDAP_MODIFY_DELETE:
848+ msg->elements[i].flags = LDB_FLAG_MOD_DELETE;
849+ break;
850+ case LDAP_MODIFY_REPLACE:
851+ msg->elements[i].flags = LDB_FLAG_MOD_REPLACE;
852+ break;
853+ }
854+
855+ msg->elements[i].num_values = req->mods[i].attrib.num_values;
856+ if (msg->elements[i].num_values > 0) {
857+ msg->elements[i].values = talloc_array(msg->elements, struct ldb_val,
858+ msg->elements[i].num_values);
859+ NT_STATUS_HAVE_NO_MEMORY(msg->elements[i].values);
860+
861+ for (j=0; j < msg->elements[i].num_values; j++) {
862+ msg->elements[i].values[j].length = req->mods[i].attrib.values[j].length;
863+ msg->elements[i].values[j].data = req->mods[i].attrib.values[j].data;
864+ }
865+ }
866+ }
867+ }
868+
869+reply:
870+ modify_reply = ldapsrv_init_reply(call, LDAP_TAG_ModifyResponse);
871+ NT_STATUS_HAVE_NO_MEMORY(modify_reply);
872+
873+ if (result == LDAP_SUCCESS) {
874+ res = talloc_zero(local_ctx, struct ldb_result);
875+ NT_STATUS_HAVE_NO_MEMORY(res);
876+ ldb_ret = ldapsrv_mod_with_controls(call, msg, call->request->controls, res);
877+ result = map_ldb_error(local_ctx, ldb_ret, ldb_errstring(samdb),
878+ &errstr);
879+ }
880+
881+ modify_result = &modify_reply->msg->r.ModifyResponse;
882+ modify_result->dn = NULL;
883+ if ((res != NULL) && (res->refs != NULL)) {
884+ modify_result->resultcode = map_ldb_error(local_ctx,
885+ LDB_ERR_REFERRAL,
886+ NULL, &errstr);
887+ modify_result->errormessage = (errstr?talloc_strdup(modify_reply, errstr):NULL);
888+ modify_result->referral = talloc_strdup(call, *res->refs);
889+ } else {
890+ modify_result->resultcode = result;
891+ modify_result->errormessage = (errstr?talloc_strdup(modify_reply, errstr):NULL);
892+ modify_result->referral = NULL;
893+ }
894+ talloc_free(local_ctx);
895+
896+ ldapsrv_queue_reply(call, modify_reply);
897+ return NT_STATUS_OK;
898+
899+}
900+
901+static NTSTATUS ldapsrv_AddRequest(struct ldapsrv_call *call)
902+{
903+ struct ldap_AddRequest *req = &call->request->r.AddRequest;
904+ struct ldap_Result *add_result;
905+ struct ldapsrv_reply *add_reply;
906+ TALLOC_CTX *local_ctx;
907+ struct ldb_context *samdb = call->conn->ldb;
908+ struct ldb_message *msg = NULL;
909+ struct ldb_dn *dn;
910+ const char *errstr = NULL;
911+ int result = LDAP_SUCCESS;
912+ int ldb_ret;
913+ unsigned int i,j;
914+ struct ldb_result *res = NULL;
915+
916+ DEBUG(10, ("AddRequest"));
917+ DEBUGADD(10, (" dn: %s\n", req->dn));
918+
919+ local_ctx = talloc_named(call, 0, "AddRequest local memory context");
920+ NT_STATUS_HAVE_NO_MEMORY(local_ctx);
921+
922+ dn = ldb_dn_new(local_ctx, samdb, req->dn);
923+ NT_STATUS_HAVE_NO_MEMORY(dn);
924+
925+ DEBUG(10, ("AddRequest: dn: [%s]\n", req->dn));
926+
927+ msg = talloc(local_ctx, struct ldb_message);
928+ NT_STATUS_HAVE_NO_MEMORY(msg);
929+
930+ msg->dn = dn;
931+ msg->num_elements = 0;
932+ msg->elements = NULL;
933+
934+ if (req->num_attributes > 0) {
935+ msg->num_elements = req->num_attributes;
936+ msg->elements = talloc_array(msg, struct ldb_message_element, msg->num_elements);
937+ NT_STATUS_HAVE_NO_MEMORY(msg->elements);
938+
939+ for (i=0; i < msg->num_elements; i++) {
940+ msg->elements[i].name = discard_const_p(char, req->attributes[i].name);
941+ msg->elements[i].flags = 0;
942+ msg->elements[i].num_values = 0;
943+ msg->elements[i].values = NULL;
944+
945+ if (req->attributes[i].num_values > 0) {
946+ msg->elements[i].num_values = req->attributes[i].num_values;
947+ msg->elements[i].values = talloc_array(msg->elements, struct ldb_val,
948+ msg->elements[i].num_values);
949+ NT_STATUS_HAVE_NO_MEMORY(msg->elements[i].values);
950+
951+ for (j=0; j < msg->elements[i].num_values; j++) {
952+ msg->elements[i].values[j].length = req->attributes[i].values[j].length;
953+ msg->elements[i].values[j].data = req->attributes[i].values[j].data;
954+ }
955+ }
956+ }
957+ }
958+
959+ add_reply = ldapsrv_init_reply(call, LDAP_TAG_AddResponse);
960+ NT_STATUS_HAVE_NO_MEMORY(add_reply);
961+
962+ if (result == LDAP_SUCCESS) {
963+ res = talloc_zero(local_ctx, struct ldb_result);
964+ NT_STATUS_HAVE_NO_MEMORY(res);
965+ ldb_ret = ldapsrv_add_with_controls(call, msg, call->request->controls, res);
966+ result = map_ldb_error(local_ctx, ldb_ret, ldb_errstring(samdb),
967+ &errstr);
968+ }
969+
970+ add_result = &add_reply->msg->r.AddResponse;
971+ add_result->dn = NULL;
972+ if ((res != NULL) && (res->refs != NULL)) {
973+ add_result->resultcode = map_ldb_error(local_ctx,
974+ LDB_ERR_REFERRAL, NULL,
975+ &errstr);
976+ add_result->errormessage = (errstr?talloc_strdup(add_reply,errstr):NULL);
977+ add_result->referral = talloc_strdup(call, *res->refs);
978+ } else {
979+ add_result->resultcode = result;
980+ add_result->errormessage = (errstr?talloc_strdup(add_reply,errstr):NULL);
981+ add_result->referral = NULL;
982+ }
983+ talloc_free(local_ctx);
984+
985+ ldapsrv_queue_reply(call, add_reply);
986+ return NT_STATUS_OK;
987+
988+}
989+
990+static NTSTATUS ldapsrv_DelRequest(struct ldapsrv_call *call)
991+{
992+ struct ldap_DelRequest *req = &call->request->r.DelRequest;
993+ struct ldap_Result *del_result;
994+ struct ldapsrv_reply *del_reply;
995+ TALLOC_CTX *local_ctx;
996+ struct ldb_context *samdb = call->conn->ldb;
997+ struct ldb_dn *dn;
998+ const char *errstr = NULL;
999+ int result = LDAP_SUCCESS;
1000+ int ldb_ret;
1001+ struct ldb_result *res = NULL;
1002+
1003+ DEBUG(10, ("DelRequest"));
1004+ DEBUGADD(10, (" dn: %s\n", req->dn));
1005+
1006+ local_ctx = talloc_named(call, 0, "DelRequest local memory context");
1007+ NT_STATUS_HAVE_NO_MEMORY(local_ctx);
1008+
1009+ dn = ldb_dn_new(local_ctx, samdb, req->dn);
1010+ NT_STATUS_HAVE_NO_MEMORY(dn);
1011+
1012+ DEBUG(10, ("DelRequest: dn: [%s]\n", req->dn));
1013+
1014+ del_reply = ldapsrv_init_reply(call, LDAP_TAG_DelResponse);
1015+ NT_STATUS_HAVE_NO_MEMORY(del_reply);
1016+
1017+ if (result == LDAP_SUCCESS) {
1018+ res = talloc_zero(local_ctx, struct ldb_result);
1019+ NT_STATUS_HAVE_NO_MEMORY(res);
1020+ ldb_ret = ldapsrv_del_with_controls(call, dn, call->request->controls, res);
1021+ result = map_ldb_error(local_ctx, ldb_ret, ldb_errstring(samdb),
1022+ &errstr);
1023+ }
1024+
1025+ del_result = &del_reply->msg->r.DelResponse;
1026+ del_result->dn = NULL;
1027+ if ((res != NULL) && (res->refs != NULL)) {
1028+ del_result->resultcode = map_ldb_error(local_ctx,
1029+ LDB_ERR_REFERRAL, NULL,
1030+ &errstr);
1031+ del_result->errormessage = (errstr?talloc_strdup(del_reply,errstr):NULL);
1032+ del_result->referral = talloc_strdup(call, *res->refs);
1033+ } else {
1034+ del_result->resultcode = result;
1035+ del_result->errormessage = (errstr?talloc_strdup(del_reply,errstr):NULL);
1036+ del_result->referral = NULL;
1037+ }
1038+
1039+ talloc_free(local_ctx);
1040+
1041+ ldapsrv_queue_reply(call, del_reply);
1042+ return NT_STATUS_OK;
1043+}
1044+
1045+static NTSTATUS ldapsrv_ModifyDNRequest(struct ldapsrv_call *call)
1046+{
1047+ struct ldap_ModifyDNRequest *req = &call->request->r.ModifyDNRequest;
1048+ struct ldap_Result *modifydn;
1049+ struct ldapsrv_reply *modifydn_r;
1050+ TALLOC_CTX *local_ctx;
1051+ struct ldb_context *samdb = call->conn->ldb;
1052+ struct ldb_dn *olddn, *newdn=NULL, *newrdn;
1053+ struct ldb_dn *parentdn = NULL;
1054+ const char *errstr = NULL;
1055+ int result = LDAP_SUCCESS;
1056+ int ldb_ret;
1057+ struct ldb_result *res = NULL;
1058+
1059+ DEBUG(10, ("ModifyDNRequest"));
1060+ DEBUGADD(10, (" dn: %s", req->dn));
1061+ DEBUGADD(10, (" newrdn: %s\n", req->newrdn));
1062+
1063+ local_ctx = talloc_named(call, 0, "ModifyDNRequest local memory context");
1064+ NT_STATUS_HAVE_NO_MEMORY(local_ctx);
1065+
1066+ olddn = ldb_dn_new(local_ctx, samdb, req->dn);
1067+ NT_STATUS_HAVE_NO_MEMORY(olddn);
1068+
1069+ newrdn = ldb_dn_new(local_ctx, samdb, req->newrdn);
1070+ NT_STATUS_HAVE_NO_MEMORY(newrdn);
1071+
1072+ DEBUG(10, ("ModifyDNRequest: olddn: [%s]\n", req->dn));
1073+ DEBUG(10, ("ModifyDNRequest: newrdn: [%s]\n", req->newrdn));
1074+
1075+ if (ldb_dn_get_comp_num(newrdn) == 0) {
1076+ result = LDAP_PROTOCOL_ERROR;
1077+ map_ldb_error(local_ctx, LDB_ERR_PROTOCOL_ERROR, NULL,
1078+ &errstr);
1079+ goto reply;
1080+ }
1081+
1082+ if (ldb_dn_get_comp_num(newrdn) > 1) {
1083+ result = LDAP_NAMING_VIOLATION;
1084+ map_ldb_error(local_ctx, LDB_ERR_NAMING_VIOLATION, NULL,
1085+ &errstr);
1086+ goto reply;
1087+ }
1088+
1089+ /* we can't handle the rename if we should not remove the old dn */
1090+ if (!req->deleteolddn) {
1091+ result = LDAP_UNWILLING_TO_PERFORM;
1092+ map_ldb_error(local_ctx, LDB_ERR_UNWILLING_TO_PERFORM, NULL,
1093+ &errstr);
1094+ errstr = talloc_asprintf(local_ctx,
1095+ "%s. Old RDN must be deleted", errstr);
1096+ goto reply;
1097+ }
1098+
1099+ if (req->newsuperior) {
1100+ DEBUG(10, ("ModifyDNRequest: newsuperior: [%s]\n", req->newsuperior));
1101+ parentdn = ldb_dn_new(local_ctx, samdb, req->newsuperior);
1102+ }
1103+
1104+ if (!parentdn) {
1105+ parentdn = ldb_dn_get_parent(local_ctx, olddn);
1106+ }
1107+ if (!parentdn) {
1108+ result = LDAP_NO_SUCH_OBJECT;
1109+ map_ldb_error(local_ctx, LDB_ERR_NO_SUCH_OBJECT, NULL, &errstr);
1110+ goto reply;
1111+ }
1112+
1113+ if ( ! ldb_dn_add_child(parentdn, newrdn)) {
1114+ result = LDAP_OTHER;
1115+ map_ldb_error(local_ctx, LDB_ERR_OTHER, NULL, &errstr);
1116+ goto reply;
1117+ }
1118+ newdn = parentdn;
1119+
1120+reply:
1121+ modifydn_r = ldapsrv_init_reply(call, LDAP_TAG_ModifyDNResponse);
1122+ NT_STATUS_HAVE_NO_MEMORY(modifydn_r);
1123+
1124+ if (result == LDAP_SUCCESS) {
1125+ res = talloc_zero(local_ctx, struct ldb_result);
1126+ NT_STATUS_HAVE_NO_MEMORY(res);
1127+ ldb_ret = ldapsrv_rename_with_controls(call, olddn, newdn, call->request->controls, res);
1128+ result = map_ldb_error(local_ctx, ldb_ret, ldb_errstring(samdb),
1129+ &errstr);
1130+ }
1131+
1132+ modifydn = &modifydn_r->msg->r.ModifyDNResponse;
1133+ modifydn->dn = NULL;
1134+ if ((res != NULL) && (res->refs != NULL)) {
1135+ modifydn->resultcode = map_ldb_error(local_ctx,
1136+ LDB_ERR_REFERRAL, NULL,
1137+ &errstr);;
1138+ modifydn->errormessage = (errstr?talloc_strdup(modifydn_r,errstr):NULL);
1139+ modifydn->referral = talloc_strdup(call, *res->refs);
1140+ } else {
1141+ modifydn->resultcode = result;
1142+ modifydn->errormessage = (errstr?talloc_strdup(modifydn_r,errstr):NULL);
1143+ modifydn->referral = NULL;
1144+ }
1145+
1146+ talloc_free(local_ctx);
1147+
1148+ ldapsrv_queue_reply(call, modifydn_r);
1149+ return NT_STATUS_OK;
1150+}
1151+
1152+static NTSTATUS ldapsrv_CompareRequest(struct ldapsrv_call *call)
1153+{
1154+ struct ldap_CompareRequest *req = &call->request->r.CompareRequest;
1155+ struct ldap_Result *compare;
1156+ struct ldapsrv_reply *compare_r;
1157+ TALLOC_CTX *local_ctx;
1158+ struct ldb_context *samdb = call->conn->ldb;
1159+ struct ldb_result *res = NULL;
1160+ struct ldb_dn *dn;
1161+ const char *attrs[1];
1162+ const char *errstr = NULL;
1163+ const char *filter = NULL;
1164+ int result = LDAP_SUCCESS;
1165+ int ldb_ret;
1166+
1167+ DEBUG(10, ("CompareRequest"));
1168+ DEBUGADD(10, (" dn: %s\n", req->dn));
1169+
1170+ local_ctx = talloc_named(call, 0, "CompareRequest local_memory_context");
1171+ NT_STATUS_HAVE_NO_MEMORY(local_ctx);
1172+
1173+ dn = ldb_dn_new(local_ctx, samdb, req->dn);
1174+ NT_STATUS_HAVE_NO_MEMORY(dn);
1175+
1176+ DEBUG(10, ("CompareRequest: dn: [%s]\n", req->dn));
1177+ filter = talloc_asprintf(local_ctx, "(%s=%*s)", req->attribute,
1178+ (int)req->value.length, req->value.data);
1179+ NT_STATUS_HAVE_NO_MEMORY(filter);
1180+
1181+ DEBUGADD(10, ("CompareRequest: attribute: [%s]\n", filter));
1182+
1183+ attrs[0] = NULL;
1184+
1185+ compare_r = ldapsrv_init_reply(call, LDAP_TAG_CompareResponse);
1186+ NT_STATUS_HAVE_NO_MEMORY(compare_r);
1187+
1188+ if (result == LDAP_SUCCESS) {
1189+ ldb_ret = ldb_search(samdb, local_ctx, &res,
1190+ dn, LDB_SCOPE_BASE, attrs, "%s", filter);
1191+ if (ldb_ret != LDB_SUCCESS) {
1192+ result = map_ldb_error(local_ctx, ldb_ret,
1193+ ldb_errstring(samdb), &errstr);
1194+ DEBUG(10,("CompareRequest: error: %s\n", errstr));
1195+ } else if (res->count == 0) {
1196+ DEBUG(10,("CompareRequest: doesn't matched\n"));
1197+ result = LDAP_COMPARE_FALSE;
1198+ errstr = NULL;
1199+ } else if (res->count == 1) {
1200+ DEBUG(10,("CompareRequest: matched\n"));
1201+ result = LDAP_COMPARE_TRUE;
1202+ errstr = NULL;
1203+ } else if (res->count > 1) {
1204+ result = LDAP_OTHER;
1205+ map_ldb_error(local_ctx, LDB_ERR_OTHER, NULL, &errstr);
1206+ errstr = talloc_asprintf(local_ctx,
1207+ "%s. Too many objects match!", errstr);
1208+ DEBUG(10,("CompareRequest: %d results: %s\n", res->count, errstr));
1209+ }
1210+ }
1211+
1212+ compare = &compare_r->msg->r.CompareResponse;
1213+ compare->dn = NULL;
1214+ compare->resultcode = result;
1215+ compare->errormessage = (errstr?talloc_strdup(compare_r,errstr):NULL);
1216+ compare->referral = NULL;
1217+
1218+ talloc_free(local_ctx);
1219+
1220+ ldapsrv_queue_reply(call, compare_r);
1221+ return NT_STATUS_OK;
1222+}
1223+
1224+static NTSTATUS ldapsrv_AbandonRequest(struct ldapsrv_call *call)
1225+{
1226+ struct ldap_AbandonRequest *req = &call->request->r.AbandonRequest;
1227+ struct ldapsrv_call *c = NULL;
1228+ struct ldapsrv_call *n = NULL;
1229+
1230+ DEBUG(10, ("AbandonRequest\n"));
1231+
1232+ for (c = call->conn->pending_calls; c != NULL; c = n) {
1233+ n = c->next;
1234+
1235+ if (c->request->messageid != req->messageid) {
1236+ continue;
1237+ }
1238+
1239+ DLIST_REMOVE(call->conn->pending_calls, c);
1240+ TALLOC_FREE(c);
1241+ }
1242+
1243+ return NT_STATUS_OK;
1244+}
1245+
1246+NTSTATUS ldapsrv_do_call(struct ldapsrv_call *call)
1247+{
1248+ unsigned int i;
1249+ struct ldap_message *msg = call->request;
1250+ NTSTATUS status;
1251+
1252+ /* Check for undecoded critical extensions */
1253+ for (i=0; msg->controls && msg->controls[i]; i++) {
1254+ if (!msg->controls_decoded[i] &&
1255+ msg->controls[i]->critical) {
1256+ DEBUG(3, ("ldapsrv_do_call: Critical extension %s is not known to this server\n",
1257+ msg->controls[i]->oid));
1258+ return ldapsrv_unwilling(call, LDAP_UNAVAILABLE_CRITICAL_EXTENSION);
1259+ }
1260+ }
1261+
1262+ if (call->conn->authz_logged == false) {
1263+ bool log = true;
1264+
1265+ /*
1266+ * We do not want to log anonymous access if the query
1267+ * is just for the rootDSE, or it is a startTLS or a
1268+ * Bind.
1269+ *
1270+ * A rootDSE search could also be done over
1271+ * CLDAP anonymously for example, so these don't
1272+ * really count.
1273+ * Essentially we want to know about
1274+ * access beyond that normally done prior to a
1275+ * bind.
1276+ */
1277+
1278+ switch(call->request->type) {
1279+ case LDAP_TAG_BindRequest:
1280+ case LDAP_TAG_UnbindRequest:
1281+ case LDAP_TAG_AbandonRequest:
1282+ log = false;
1283+ break;
1284+ case LDAP_TAG_ExtendedResponse: {
1285+ struct ldap_ExtendedRequest *req = &call->request->r.ExtendedRequest;
1286+ if (strcmp(req->oid, LDB_EXTENDED_START_TLS_OID) == 0) {
1287+ log = false;
1288+ }
1289+ break;
1290+ }
1291+ case LDAP_TAG_SearchRequest: {
1292+ struct ldap_SearchRequest *req = &call->request->r.SearchRequest;
1293+ if (req->scope == LDAP_SEARCH_SCOPE_BASE) {
1294+ if (req->basedn[0] == '\0') {
1295+ log = false;
1296+ }
1297+ }
1298+ break;
1299+ }
1300+ default:
1301+ break;
1302+ }
1303+
1304+ if (log) {
1305+ const char *transport_protection = AUTHZ_TRANSPORT_PROTECTION_NONE;
1306+ if (call->conn->sockets.active == call->conn->sockets.tls) {
1307+ transport_protection = AUTHZ_TRANSPORT_PROTECTION_TLS;
1308+ }
1309+
1310+ log_successful_authz_event(call->conn->connection->msg_ctx,
1311+ call->conn->connection->lp_ctx,
1312+ call->conn->connection->remote_address,
1313+ call->conn->connection->local_address,
1314+ "LDAP",
1315+ "no bind",
1316+ transport_protection,
1317+ call->conn->session_info);
1318+
1319+ call->conn->authz_logged = true;
1320+ }
1321+ }
1322+
1323+ switch(call->request->type) {
1324+ case LDAP_TAG_BindRequest:
1325+ return ldapsrv_BindRequest(call);
1326+ case LDAP_TAG_UnbindRequest:
1327+ return ldapsrv_UnbindRequest(call);
1328+ case LDAP_TAG_SearchRequest:
1329+ return ldapsrv_SearchRequest(call);
1330+ case LDAP_TAG_ModifyRequest:
1331+ status = ldapsrv_ModifyRequest(call);
1332+ break;
1333+ case LDAP_TAG_AddRequest:
1334+ status = ldapsrv_AddRequest(call);
1335+ break;
1336+ case LDAP_TAG_DelRequest:
1337+ status = ldapsrv_DelRequest(call);
1338+ break;
1339+ case LDAP_TAG_ModifyDNRequest:
1340+ status = ldapsrv_ModifyDNRequest(call);
1341+ break;
1342+ case LDAP_TAG_CompareRequest:
1343+ return ldapsrv_CompareRequest(call);
1344+ case LDAP_TAG_AbandonRequest:
1345+ return ldapsrv_AbandonRequest(call);
1346+ case LDAP_TAG_ExtendedRequest:
1347+ status = ldapsrv_ExtendedRequest(call);
1348+ break;
1349+ default:
1350+ return ldapsrv_unwilling(call, LDAP_PROTOCOL_ERROR);
1351+ }
1352+
1353+ if (NT_STATUS_IS_OK(status)) {
1354+ ldapsrv_notification_retry_setup(call->conn->service, true);
1355+ }
1356+
1357+ return status;
1358+}
1359diff --git a/source4/ldap_server/ldap_bind.c b/source4/ldap_server/ldap_bind.c
1360new file mode 100644
1361index 0000000..21cbb7b
1362--- /dev/null
1363+++ b/source4/ldap_server/ldap_bind.c
1364@@ -0,0 +1,759 @@
1365+/*
1366+ Unix SMB/CIFS implementation.
1367+ LDAP server
1368+ Copyright (C) Stefan Metzmacher 2004
1369+
1370+ This program is free software; you can redistribute it and/or modify
1371+ it under the terms of the GNU General Public License as published by
1372+ the Free Software Foundation; either version 3 of the License, or
1373+ (at your option) any later version.
1374+
1375+ This program is distributed in the hope that it will be useful,
1376+ but WITHOUT ANY WARRANTY; without even the implied warranty of
1377+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
1378+ GNU General Public License for more details.
1379+
1380+ You should have received a copy of the GNU General Public License
1381+ along with this program. If not, see <http://www.gnu.org/licenses/>.
1382+*/
1383+
1384+#include "includes.h"
1385+#include "ldap_server/ldap_server.h"
1386+#include "auth/auth.h"
1387+#include "smbd/service.h"
1388+#include <ldb.h>
1389+#include <ldb_errors.h>
1390+#include "../lib/util/dlinklist.h"
1391+#include "dsdb/samdb/samdb.h"
1392+#include "auth/gensec/gensec.h"
1393+#include "auth/gensec/gensec_tstream.h"
1394+#include "param/param.h"
1395+#include "../lib/util/tevent_ntstatus.h"
1396+
1397+static char *ldapsrv_bind_error_msg(TALLOC_CTX *mem_ctx,
1398+ HRESULT hresult,
1399+ uint32_t DSID,
1400+ NTSTATUS status)
1401+{
1402+ WERROR werr;
1403+ char *msg = NULL;
1404+
1405+ status = nt_status_squash(status);
1406+ werr = ntstatus_to_werror(status);
1407+
1408+ /*
1409+ * There are 4 lower case hex digits following 'v' at the end,
1410+ * but different Windows Versions return different values:
1411+ *
1412+ * Windows 2008R2 uses 'v1db1'
1413+ * Windows 2012R2 uses 'v2580'
1414+ *
1415+ * We just match Windows 2008R2 as that's what was referenced
1416+ * in https://bugzilla.samba.org/show_bug.cgi?id=9048
1417+ */
1418+ msg = talloc_asprintf(mem_ctx, "%08X: LdapErr: DSID-%08X, comment: "
1419+ "AcceptSecurityContext error, data %x, v1db1",
1420+ (unsigned)HRES_ERROR_V(hresult),
1421+ (unsigned)DSID,
1422+ (unsigned)W_ERROR_V(werr));
1423+
1424+ return msg;
1425+}
1426+
1427+struct ldapsrv_bind_wait_context {
1428+ struct ldapsrv_reply *reply;
1429+ struct tevent_req *req;
1430+ NTSTATUS status;
1431+ bool done;
1432+};
1433+
1434+struct ldapsrv_bind_wait_state {
1435+ uint8_t dummy;
1436+};
1437+
1438+static struct tevent_req *ldapsrv_bind_wait_send(TALLOC_CTX *mem_ctx,
1439+ struct tevent_context *ev,
1440+ void *private_data)
1441+{
1442+ struct ldapsrv_bind_wait_context *bind_wait =
1443+ talloc_get_type_abort(private_data,
1444+ struct ldapsrv_bind_wait_context);
1445+ struct tevent_req *req;
1446+ struct ldapsrv_bind_wait_state *state;
1447+
1448+ req = tevent_req_create(mem_ctx, &state,
1449+ struct ldapsrv_bind_wait_state);
1450+ if (req == NULL) {
1451+ return NULL;
1452+ }
1453+ bind_wait->req = req;
1454+
1455+ tevent_req_defer_callback(req, ev);
1456+
1457+ if (!bind_wait->done) {
1458+ return req;
1459+ }
1460+
1461+ if (tevent_req_nterror(req, bind_wait->status)) {
1462+ return tevent_req_post(req, ev);
1463+ }
1464+
1465+ tevent_req_done(req);
1466+ return tevent_req_post(req, ev);
1467+}
1468+
1469+static NTSTATUS ldapsrv_bind_wait_recv(struct tevent_req *req)
1470+{
1471+ return tevent_req_simple_recv_ntstatus(req);
1472+}
1473+
1474+static NTSTATUS ldapsrv_bind_wait_setup(struct ldapsrv_call *call,
1475+ struct ldapsrv_reply *reply)
1476+{
1477+ struct ldapsrv_bind_wait_context *bind_wait = NULL;
1478+
1479+ if (call->wait_private != NULL) {
1480+ return NT_STATUS_INTERNAL_ERROR;
1481+ }
1482+
1483+ bind_wait = talloc_zero(call, struct ldapsrv_bind_wait_context);
1484+ if (bind_wait == NULL) {
1485+ return NT_STATUS_NO_MEMORY;
1486+ }
1487+ bind_wait->reply = reply;
1488+
1489+ call->wait_private = bind_wait;
1490+ call->wait_send = ldapsrv_bind_wait_send;
1491+ call->wait_recv = ldapsrv_bind_wait_recv;
1492+ return NT_STATUS_OK;
1493+}
1494+
1495+static void ldapsrv_bind_wait_finished(struct ldapsrv_call *call,
1496+ NTSTATUS status)
1497+{
1498+ struct ldapsrv_bind_wait_context *bind_wait =
1499+ talloc_get_type_abort(call->wait_private,
1500+ struct ldapsrv_bind_wait_context);
1501+
1502+ bind_wait->done = true;
1503+ bind_wait->status = status;
1504+
1505+ if (bind_wait->req == NULL) {
1506+ return;
1507+ }
1508+
1509+ if (tevent_req_nterror(bind_wait->req, status)) {
1510+ return;
1511+ }
1512+
1513+ tevent_req_done(bind_wait->req);
1514+}
1515+
1516+static void ldapsrv_BindSimple_done(struct tevent_req *subreq);
1517+
1518+static NTSTATUS ldapsrv_BindSimple(struct ldapsrv_call *call)
1519+{
1520+ struct ldap_BindRequest *req = &call->request->r.BindRequest;
1521+ struct ldapsrv_reply *reply = NULL;
1522+ struct ldap_BindResponse *resp = NULL;
1523+ int result;
1524+ const char *errstr = NULL;
1525+ NTSTATUS status;
1526+ bool using_tls = call->conn->sockets.active == call->conn->sockets.tls;
1527+ struct tevent_req *subreq = NULL;
1528+
1529+ DEBUG(10, ("BindSimple dn: %s\n",req->dn));
1530+
1531+ reply = ldapsrv_init_reply(call, LDAP_TAG_BindResponse);
1532+ if (!reply) {
1533+ return NT_STATUS_NO_MEMORY;
1534+ }
1535+
1536+ if (req->dn != NULL &&
1537+ strlen(req->dn) != 0 &&
1538+ call->conn->require_strong_auth > LDAP_SERVER_REQUIRE_STRONG_AUTH_NO &&
1539+ !using_tls)
1540+ {
1541+ status = NT_STATUS_NETWORK_ACCESS_DENIED;
1542+ result = LDAP_STRONG_AUTH_REQUIRED;
1543+ errstr = talloc_asprintf(reply,
1544+ "BindSimple: Transport encryption required.");
1545+ goto do_reply;
1546+ }
1547+
1548+ subreq = authenticate_ldap_simple_bind_send(call,
1549+ call->conn->connection->event.ctx,
1550+ call->conn->connection->msg_ctx,
1551+ call->conn->lp_ctx,
1552+ call->conn->connection->remote_address,
1553+ call->conn->connection->local_address,
1554+ using_tls,
1555+ req->dn,
1556+ req->creds.password);
1557+ if (subreq == NULL) {
1558+ return NT_STATUS_NO_MEMORY;
1559+ }
1560+ tevent_req_set_callback(subreq, ldapsrv_BindSimple_done, call);
1561+
1562+ status = ldapsrv_bind_wait_setup(call, reply);
1563+ if (!NT_STATUS_IS_OK(status)) {
1564+ TALLOC_FREE(subreq);
1565+ return status;
1566+ }
1567+
1568+ /*
1569+ * The rest will be async.
1570+ */
1571+ return NT_STATUS_OK;
1572+
1573+do_reply:
1574+ resp = &reply->msg->r.BindResponse;
1575+ resp->response.resultcode = result;
1576+ resp->response.errormessage = errstr;
1577+ resp->response.dn = NULL;
1578+ resp->response.referral = NULL;
1579+ resp->SASL.secblob = NULL;
1580+
1581+ ldapsrv_queue_reply(call, reply);
1582+ return NT_STATUS_OK;
1583+}
1584+
1585+static void ldapsrv_BindSimple_done(struct tevent_req *subreq)
1586+{
1587+ struct ldapsrv_call *call =
1588+ tevent_req_callback_data(subreq,
1589+ struct ldapsrv_call);
1590+ struct ldapsrv_bind_wait_context *bind_wait =
1591+ talloc_get_type_abort(call->wait_private,
1592+ struct ldapsrv_bind_wait_context);
1593+ struct ldapsrv_reply *reply = bind_wait->reply;
1594+ struct auth_session_info *session_info = NULL;
1595+ NTSTATUS status;
1596+ struct ldap_BindResponse *resp = NULL;
1597+ int result;
1598+ const char *errstr = NULL;
1599+
1600+ status = authenticate_ldap_simple_bind_recv(subreq,
1601+ call,
1602+ &session_info);
1603+ if (NT_STATUS_IS_OK(status)) {
1604+ result = LDAP_SUCCESS;
1605+ errstr = NULL;
1606+
1607+ talloc_unlink(call->conn, call->conn->session_info);
1608+ call->conn->session_info = talloc_steal(call->conn, session_info);
1609+
1610+ call->conn->authz_logged = true;
1611+
1612+ /* don't leak the old LDB */
1613+ talloc_unlink(call->conn, call->conn->ldb);
1614+
1615+ status = ldapsrv_backend_Init(call->conn);
1616+
1617+ if (!NT_STATUS_IS_OK(status)) {
1618+ result = LDAP_OPERATIONS_ERROR;
1619+ errstr = talloc_asprintf(reply, "Simple Bind: Failed to advise ldb new credentials: %s", nt_errstr(status));
1620+ }
1621+ } else {
1622+ status = nt_status_squash(status);
1623+
1624+ result = LDAP_INVALID_CREDENTIALS;
1625+ errstr = ldapsrv_bind_error_msg(reply, HRES_SEC_E_INVALID_TOKEN,
1626+ 0x0C0903A9, status);
1627+ }
1628+
1629+ resp = &reply->msg->r.BindResponse;
1630+ resp->response.resultcode = result;
1631+ resp->response.errormessage = errstr;
1632+ resp->response.dn = NULL;
1633+ resp->response.referral = NULL;
1634+ resp->SASL.secblob = NULL;
1635+
1636+ ldapsrv_queue_reply(call, reply);
1637+ ldapsrv_bind_wait_finished(call, NT_STATUS_OK);
1638+}
1639+
1640+struct ldapsrv_sasl_postprocess_context {
1641+ struct ldapsrv_connection *conn;
1642+ struct tstream_context *sasl;
1643+};
1644+
1645+struct ldapsrv_sasl_postprocess_state {
1646+ uint8_t dummy;
1647+};
1648+
1649+static struct tevent_req *ldapsrv_sasl_postprocess_send(TALLOC_CTX *mem_ctx,
1650+ struct tevent_context *ev,
1651+ void *private_data)
1652+{
1653+ struct ldapsrv_sasl_postprocess_context *context =
1654+ talloc_get_type_abort(private_data,
1655+ struct ldapsrv_sasl_postprocess_context);
1656+ struct tevent_req *req;
1657+ struct ldapsrv_sasl_postprocess_state *state;
1658+
1659+ req = tevent_req_create(mem_ctx, &state,
1660+ struct ldapsrv_sasl_postprocess_state);
1661+ if (req == NULL) {
1662+ return NULL;
1663+ }
1664+
1665+ TALLOC_FREE(context->conn->sockets.sasl);
1666+ context->conn->sockets.sasl = talloc_move(context->conn, &context->sasl);
1667+ context->conn->sockets.active = context->conn->sockets.sasl;
1668+
1669+ tevent_req_done(req);
1670+ return tevent_req_post(req, ev);
1671+}
1672+
1673+static NTSTATUS ldapsrv_sasl_postprocess_recv(struct tevent_req *req)
1674+{
1675+ return tevent_req_simple_recv_ntstatus(req);
1676+}
1677+
1678+static NTSTATUS ldapsrv_setup_gensec(struct ldapsrv_connection *conn,
1679+ const char *sasl_mech,
1680+ struct gensec_security **_gensec_security)
1681+{
1682+ NTSTATUS status;
1683+
1684+ struct gensec_security *gensec_security;
1685+
1686+ status = samba_server_gensec_start(conn,
1687+ conn->connection->event.ctx,
1688+ conn->connection->msg_ctx,
1689+ conn->lp_ctx,
1690+ conn->server_credentials,
1691+ "ldap",
1692+ &gensec_security);
1693+ if (!NT_STATUS_IS_OK(status)) {
1694+ return status;
1695+ }
1696+
1697+ status = gensec_set_target_service_description(gensec_security,
1698+ "LDAP");
1699+ if (!NT_STATUS_IS_OK(status)) {
1700+ return status;
1701+ }
1702+
1703+ status = gensec_set_remote_address(gensec_security,
1704+ conn->connection->remote_address);
1705+ if (!NT_STATUS_IS_OK(status)) {
1706+ return status;
1707+ }
1708+
1709+ status = gensec_set_local_address(gensec_security,
1710+ conn->connection->local_address);
1711+ if (!NT_STATUS_IS_OK(status)) {
1712+ return status;
1713+ }
1714+
1715+ gensec_want_feature(gensec_security, GENSEC_FEATURE_ASYNC_REPLIES);
1716+ gensec_want_feature(gensec_security, GENSEC_FEATURE_LDAP_STYLE);
1717+
1718+ if (conn->sockets.active == conn->sockets.tls) {
1719+ gensec_want_feature(gensec_security, GENSEC_FEATURE_LDAPS_TRANSPORT);
1720+ }
1721+
1722+ status = gensec_start_mech_by_sasl_name(gensec_security, sasl_mech);
1723+
1724+ if (!NT_STATUS_IS_OK(status)) {
1725+ return status;
1726+ }
1727+
1728+ *_gensec_security = gensec_security;
1729+ return status;
1730+}
1731+
1732+static void ldapsrv_BindSASL_done(struct tevent_req *subreq);
1733+
1734+static NTSTATUS ldapsrv_BindSASL(struct ldapsrv_call *call)
1735+{
1736+ struct ldap_BindRequest *req = &call->request->r.BindRequest;
1737+ struct ldapsrv_reply *reply;
1738+ struct ldap_BindResponse *resp;
1739+ struct ldapsrv_connection *conn;
1740+ int result = 0;
1741+ const char *errstr=NULL;
1742+ NTSTATUS status = NT_STATUS_OK;
1743+ DATA_BLOB input = data_blob_null;
1744+ struct tevent_req *subreq = NULL;
1745+
1746+ DEBUG(10, ("BindSASL dn: %s\n",req->dn));
1747+
1748+ reply = ldapsrv_init_reply(call, LDAP_TAG_BindResponse);
1749+ if (!reply) {
1750+ return NT_STATUS_NO_MEMORY;
1751+ }
1752+ resp = &reply->msg->r.BindResponse;
1753+ /* Windows 2000 mmc doesn't like secblob == NULL and reports a decoding error */
1754+ resp->SASL.secblob = talloc_zero(reply, DATA_BLOB);
1755+ if (resp->SASL.secblob == NULL) {
1756+ return NT_STATUS_NO_MEMORY;
1757+ }
1758+
1759+ conn = call->conn;
1760+
1761+ /*
1762+ * TODO: a SASL bind with a different mechanism
1763+ * should cancel an inprogress SASL bind.
1764+ * (see RFC 4513)
1765+ */
1766+
1767+ if (!conn->gensec) {
1768+ status = ldapsrv_setup_gensec(conn, req->creds.SASL.mechanism,
1769+ &conn->gensec);
1770+ if (!NT_STATUS_IS_OK(status)) {
1771+ DEBUG(1, ("Failed to start GENSEC server for [%s] code: %s\n",
1772+ ldb_binary_encode_string(call, req->creds.SASL.mechanism),
1773+ nt_errstr(status)));
1774+ result = LDAP_OPERATIONS_ERROR;
1775+ errstr = talloc_asprintf(reply, "SASL: Failed to start authentication system: %s",
1776+ nt_errstr(status));
1777+ goto do_reply;
1778+ }
1779+ }
1780+
1781+ if (req->creds.SASL.secblob) {
1782+ input = *req->creds.SASL.secblob;
1783+ }
1784+
1785+ subreq = gensec_update_send(call, conn->connection->event.ctx,
1786+ conn->gensec, input);
1787+ if (subreq == NULL) {
1788+ return NT_STATUS_NO_MEMORY;
1789+ }
1790+ tevent_req_set_callback(subreq, ldapsrv_BindSASL_done, call);
1791+
1792+ status = ldapsrv_bind_wait_setup(call, reply);
1793+ if (!NT_STATUS_IS_OK(status)) {
1794+ TALLOC_FREE(subreq);
1795+ return status;
1796+ }
1797+
1798+ /*
1799+ * The rest will be async.
1800+ */
1801+ return NT_STATUS_OK;
1802+
1803+do_reply:
1804+ if (result != LDAP_SASL_BIND_IN_PROGRESS) {
1805+ /*
1806+ * We should destroy the gensec context
1807+ * when we hit a fatal error.
1808+ *
1809+ * Note: conn->gensec is already cleared
1810+ * for the LDAP_SUCCESS case.
1811+ */
1812+ talloc_unlink(conn, conn->gensec);
1813+ conn->gensec = NULL;
1814+ }
1815+
1816+ resp->response.resultcode = result;
1817+ resp->response.dn = NULL;
1818+ resp->response.errormessage = errstr;
1819+ resp->response.referral = NULL;
1820+
1821+ ldapsrv_queue_reply(call, reply);
1822+ return NT_STATUS_OK;
1823+}
1824+
1825+static void ldapsrv_BindSASL_done(struct tevent_req *subreq)
1826+{
1827+ struct ldapsrv_call *call =
1828+ tevent_req_callback_data(subreq,
1829+ struct ldapsrv_call);
1830+ struct ldapsrv_bind_wait_context *bind_wait =
1831+ talloc_get_type_abort(call->wait_private,
1832+ struct ldapsrv_bind_wait_context);
1833+ struct ldap_BindRequest *req = &call->request->r.BindRequest;
1834+ struct ldapsrv_reply *reply = bind_wait->reply;
1835+ struct ldap_BindResponse *resp = &reply->msg->r.BindResponse;
1836+ struct ldapsrv_connection *conn = call->conn;
1837+ struct auth_session_info *session_info = NULL;
1838+ struct ldapsrv_sasl_postprocess_context *context = NULL;
1839+ NTSTATUS status;
1840+ int result;
1841+ const char *errstr = NULL;
1842+ DATA_BLOB output = data_blob_null;
1843+
1844+ status = gensec_update_recv(subreq, call, &output);
1845+ TALLOC_FREE(subreq);
1846+
1847+ if (NT_STATUS_EQUAL(NT_STATUS_MORE_PROCESSING_REQUIRED, status)) {
1848+ *resp->SASL.secblob = output;
1849+ result = LDAP_SASL_BIND_IN_PROGRESS;
1850+ errstr = NULL;
1851+ goto do_reply;
1852+ }
1853+
1854+ if (!NT_STATUS_IS_OK(status)) {
1855+ status = nt_status_squash(status);
1856+ result = LDAP_INVALID_CREDENTIALS;
1857+ errstr = ldapsrv_bind_error_msg(reply, HRES_SEC_E_LOGON_DENIED,
1858+ 0x0C0904DC, status);
1859+ goto do_reply;
1860+ }
1861+
1862+ if (gensec_have_feature(conn->gensec, GENSEC_FEATURE_SIGN) ||
1863+ gensec_have_feature(conn->gensec, GENSEC_FEATURE_SEAL)) {
1864+
1865+ context = talloc_zero(call, struct ldapsrv_sasl_postprocess_context);
1866+ if (context == NULL) {
1867+ ldapsrv_bind_wait_finished(call, NT_STATUS_NO_MEMORY);
1868+ return;
1869+ }
1870+ }
1871+
1872+ if (context && conn->sockets.tls) {
1873+ TALLOC_FREE(context);
1874+ status = NT_STATUS_NOT_SUPPORTED;
1875+ result = LDAP_UNWILLING_TO_PERFORM;
1876+ errstr = talloc_asprintf(reply,
1877+ "SASL:[%s]: Sign or Seal are not allowed if TLS is used",
1878+ req->creds.SASL.mechanism);
1879+ goto do_reply;
1880+ }
1881+
1882+ if (context && conn->sockets.sasl) {
1883+ TALLOC_FREE(context);
1884+ status = NT_STATUS_NOT_SUPPORTED;
1885+ result = LDAP_UNWILLING_TO_PERFORM;
1886+ errstr = talloc_asprintf(reply,
1887+ "SASL:[%s]: Sign or Seal are not allowed if SASL encryption has already been set up",
1888+ req->creds.SASL.mechanism);
1889+ goto do_reply;
1890+ }
1891+
1892+ if (context == NULL) {
1893+ switch (call->conn->require_strong_auth) {
1894+ case LDAP_SERVER_REQUIRE_STRONG_AUTH_NO:
1895+ break;
1896+ case LDAP_SERVER_REQUIRE_STRONG_AUTH_ALLOW_SASL_OVER_TLS:
1897+ if (call->conn->sockets.active == call->conn->sockets.tls) {
1898+ break;
1899+ }
1900+ status = NT_STATUS_NETWORK_ACCESS_DENIED;
1901+ result = LDAP_STRONG_AUTH_REQUIRED;
1902+ errstr = talloc_asprintf(reply,
1903+ "SASL:[%s]: not allowed if TLS is used.",
1904+ req->creds.SASL.mechanism);
1905+ goto do_reply;
1906+
1907+ case LDAP_SERVER_REQUIRE_STRONG_AUTH_YES:
1908+ status = NT_STATUS_NETWORK_ACCESS_DENIED;
1909+ result = LDAP_STRONG_AUTH_REQUIRED;
1910+ errstr = talloc_asprintf(reply,
1911+ "SASL:[%s]: Sign or Seal are required.",
1912+ req->creds.SASL.mechanism);
1913+ goto do_reply;
1914+ }
1915+ }
1916+
1917+ if (context != NULL) {
1918+ context->conn = conn;
1919+ status = gensec_create_tstream(context,
1920+ context->conn->gensec,
1921+ context->conn->sockets.raw,
1922+ &context->sasl);
1923+ if (!NT_STATUS_IS_OK(status)) {
1924+ result = LDAP_OPERATIONS_ERROR;
1925+ errstr = talloc_asprintf(reply,
1926+ "SASL:[%s]: Failed to setup SASL socket: %s",
1927+ req->creds.SASL.mechanism, nt_errstr(status));
1928+ goto do_reply;
1929+ }
1930+ }
1931+
1932+ status = gensec_session_info(conn->gensec, call, &session_info);
1933+ if (!NT_STATUS_IS_OK(status)) {
1934+ result = LDAP_OPERATIONS_ERROR;
1935+ errstr = talloc_asprintf(reply,
1936+ "SASL:[%s]: Failed to get session info: %s",
1937+ req->creds.SASL.mechanism, nt_errstr(status));
1938+ goto do_reply;
1939+ }
1940+
1941+ talloc_unlink(conn, conn->session_info);
1942+ conn->session_info = talloc_steal(conn, session_info);
1943+
1944+ /* don't leak the old LDB */
1945+ talloc_unlink(conn, conn->ldb);
1946+
1947+ call->conn->authz_logged = true;
1948+
1949+ status = ldapsrv_backend_Init(conn);
1950+
1951+ if (!NT_STATUS_IS_OK(status)) {
1952+ result = LDAP_OPERATIONS_ERROR;
1953+ errstr = talloc_asprintf(reply,
1954+ "SASL:[%s]: Failed to advise samdb of new credentials: %s",
1955+ req->creds.SASL.mechanism,
1956+ nt_errstr(status));
1957+ goto do_reply;
1958+ }
1959+
1960+ if (context != NULL) {
1961+ const void *ptr = NULL;
1962+
1963+ ptr = talloc_reparent(conn, context->sasl, conn->gensec);
1964+ if (ptr == NULL) {
1965+ ldapsrv_bind_wait_finished(call, NT_STATUS_NO_MEMORY);
1966+ return;
1967+ }
1968+
1969+ call->postprocess_send = ldapsrv_sasl_postprocess_send;
1970+ call->postprocess_recv = ldapsrv_sasl_postprocess_recv;
1971+ call->postprocess_private = context;
1972+ } else {
1973+ talloc_unlink(conn, conn->gensec);
1974+ }
1975+ conn->gensec = NULL;
1976+
1977+ *resp->SASL.secblob = output;
1978+ result = LDAP_SUCCESS;
1979+ errstr = NULL;
1980+
1981+do_reply:
1982+ if (result != LDAP_SASL_BIND_IN_PROGRESS) {
1983+ /*
1984+ * We should destroy the gensec context
1985+ * when we hit a fatal error.
1986+ *
1987+ * Note: conn->gensec is already cleared
1988+ * for the LDAP_SUCCESS case.
1989+ */
1990+ talloc_unlink(conn, conn->gensec);
1991+ conn->gensec = NULL;
1992+ }
1993+
1994+ resp->response.resultcode = result;
1995+ resp->response.dn = NULL;
1996+ resp->response.errormessage = errstr;
1997+ resp->response.referral = NULL;
1998+
1999+ ldapsrv_queue_reply(call, reply);
2000+ ldapsrv_bind_wait_finished(call, NT_STATUS_OK);
2001+}
2002+
2003+NTSTATUS ldapsrv_BindRequest(struct ldapsrv_call *call)
2004+{
2005+ struct ldap_BindRequest *req = &call->request->r.BindRequest;
2006+ struct ldapsrv_reply *reply;
2007+ struct ldap_BindResponse *resp;
2008+
2009+ if (call->conn->pending_calls != NULL) {
2010+ reply = ldapsrv_init_reply(call, LDAP_TAG_BindResponse);
2011+ if (!reply) {
2012+ return NT_STATUS_NO_MEMORY;
2013+ }
2014+
2015+ resp = &reply->msg->r.BindResponse;
2016+ resp->response.resultcode = LDAP_BUSY;
2017+ resp->response.dn = NULL;
2018+ resp->response.errormessage = talloc_asprintf(reply, "Pending requests on this LDAP session");
2019+ resp->response.referral = NULL;
2020+ resp->SASL.secblob = NULL;
2021+
2022+ ldapsrv_queue_reply(call, reply);
2023+ return NT_STATUS_OK;
2024+ }
2025+
2026+ /*
2027+ * TODO: a simple bind should cancel an
2028+ * inprogress SASL bind.
2029+ * (see RFC 4513)
2030+ */
2031+ switch (req->mechanism) {
2032+ case LDAP_AUTH_MECH_SIMPLE:
2033+ return ldapsrv_BindSimple(call);
2034+ case LDAP_AUTH_MECH_SASL:
2035+ return ldapsrv_BindSASL(call);
2036+ }
2037+
2038+ reply = ldapsrv_init_reply(call, LDAP_TAG_BindResponse);
2039+ if (!reply) {
2040+ return NT_STATUS_NO_MEMORY;
2041+ }
2042+
2043+ resp = &reply->msg->r.BindResponse;
2044+ resp->response.resultcode = LDAP_AUTH_METHOD_NOT_SUPPORTED;
2045+ resp->response.dn = NULL;
2046+ resp->response.errormessage = talloc_asprintf(reply, "Bad AuthenticationChoice [%d]", req->mechanism);
2047+ resp->response.referral = NULL;
2048+ resp->SASL.secblob = NULL;
2049+
2050+ ldapsrv_queue_reply(call, reply);
2051+ return NT_STATUS_OK;
2052+}
2053+
2054+struct ldapsrv_unbind_wait_context {
2055+ uint8_t dummy;
2056+};
2057+
2058+struct ldapsrv_unbind_wait_state {
2059+ uint8_t dummy;
2060+};
2061+
2062+static struct tevent_req *ldapsrv_unbind_wait_send(TALLOC_CTX *mem_ctx,
2063+ struct tevent_context *ev,
2064+ void *private_data)
2065+{
2066+ struct ldapsrv_unbind_wait_context *unbind_wait =
2067+ talloc_get_type_abort(private_data,
2068+ struct ldapsrv_unbind_wait_context);
2069+ struct tevent_req *req;
2070+ struct ldapsrv_unbind_wait_state *state;
2071+
2072+ req = tevent_req_create(mem_ctx, &state,
2073+ struct ldapsrv_unbind_wait_state);
2074+ if (req == NULL) {
2075+ return NULL;
2076+ }
2077+
2078+ (void)unbind_wait;
2079+
2080+ tevent_req_nterror(req, NT_STATUS_LOCAL_DISCONNECT);
2081+ return tevent_req_post(req, ev);
2082+}
2083+
2084+static NTSTATUS ldapsrv_unbind_wait_recv(struct tevent_req *req)
2085+{
2086+ return tevent_req_simple_recv_ntstatus(req);
2087+}
2088+
2089+static NTSTATUS ldapsrv_unbind_wait_setup(struct ldapsrv_call *call)
2090+{
2091+ struct ldapsrv_unbind_wait_context *unbind_wait = NULL;
2092+
2093+ if (call->wait_private != NULL) {
2094+ return NT_STATUS_INTERNAL_ERROR;
2095+ }
2096+
2097+ unbind_wait = talloc_zero(call, struct ldapsrv_unbind_wait_context);
2098+ if (unbind_wait == NULL) {
2099+ return NT_STATUS_NO_MEMORY;
2100+ }
2101+
2102+ call->wait_private = unbind_wait;
2103+ call->wait_send = ldapsrv_unbind_wait_send;
2104+ call->wait_recv = ldapsrv_unbind_wait_recv;
2105+ return NT_STATUS_OK;
2106+}
2107+
2108+NTSTATUS ldapsrv_UnbindRequest(struct ldapsrv_call *call)
2109+{
2110+ struct ldapsrv_call *c = NULL;
2111+ struct ldapsrv_call *n = NULL;
2112+
2113+ DEBUG(10, ("UnbindRequest\n"));
2114+
2115+ for (c = call->conn->pending_calls; c != NULL; c = n) {
2116+ n = c->next;
2117+
2118+ DLIST_REMOVE(call->conn->pending_calls, c);
2119+ TALLOC_FREE(c);
2120+ }
2121+
2122+ return ldapsrv_unbind_wait_setup(call);
2123+}
2124diff --git a/source4/ldap_server/ldap_extended.c b/source4/ldap_server/ldap_extended.c
2125new file mode 100644
2126index 0000000..2d4a534
2127--- /dev/null
2128+++ b/source4/ldap_server/ldap_extended.c
2129@@ -0,0 +1,215 @@
2130+/*
2131+ Unix SMB/CIFS implementation.
2132+ LDAP server
2133+ Copyright (C) Stefan Metzmacher 2004
2134+
2135+ This program is free software; you can redistribute it and/or modify
2136+ it under the terms of the GNU General Public License as published by
2137+ the Free Software Foundation; either version 3 of the License, or
2138+ (at your option) any later version.
2139+
2140+ This program is distributed in the hope that it will be useful,
2141+ but WITHOUT ANY WARRANTY; without even the implied warranty of
2142+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
2143+ GNU General Public License for more details.
2144+
2145+ You should have received a copy of the GNU General Public License
2146+ along with this program. If not, see <http://www.gnu.org/licenses/>.
2147+*/
2148+
2149+#include "includes.h"
2150+#include "ldap_server/ldap_server.h"
2151+#include "../lib/util/dlinklist.h"
2152+#include "lib/tls/tls.h"
2153+#include "smbd/service_stream.h"
2154+#include "../lib/util/tevent_ntstatus.h"
2155+
2156+struct ldapsrv_starttls_postprocess_context {
2157+ struct ldapsrv_connection *conn;
2158+};
2159+
2160+struct ldapsrv_starttls_postprocess_state {
2161+ struct ldapsrv_connection *conn;
2162+};
2163+
2164+static void ldapsrv_starttls_postprocess_done(struct tevent_req *subreq);
2165+
2166+static struct tevent_req *ldapsrv_starttls_postprocess_send(TALLOC_CTX *mem_ctx,
2167+ struct tevent_context *ev,
2168+ void *private_data)
2169+{
2170+ struct ldapsrv_starttls_postprocess_context *context =
2171+ talloc_get_type_abort(private_data,
2172+ struct ldapsrv_starttls_postprocess_context);
2173+ struct ldapsrv_connection *conn = context->conn;
2174+ struct tevent_req *req;
2175+ struct ldapsrv_starttls_postprocess_state *state;
2176+ struct tevent_req *subreq;
2177+
2178+ req = tevent_req_create(mem_ctx, &state,
2179+ struct ldapsrv_starttls_postprocess_state);
2180+ if (req == NULL) {
2181+ return NULL;
2182+ }
2183+
2184+ state->conn = conn;
2185+
2186+ subreq = tstream_tls_accept_send(conn,
2187+ conn->connection->event.ctx,
2188+ conn->sockets.raw,
2189+ conn->service->tls_params);
2190+ if (tevent_req_nomem(subreq, req)) {
2191+ return tevent_req_post(req, ev);
2192+ }
2193+ tevent_req_set_callback(subreq, ldapsrv_starttls_postprocess_done, req);
2194+
2195+ return req;
2196+}
2197+
2198+static void ldapsrv_starttls_postprocess_done(struct tevent_req *subreq)
2199+{
2200+ struct tevent_req *req =
2201+ tevent_req_callback_data(subreq,
2202+ struct tevent_req);
2203+ struct ldapsrv_starttls_postprocess_state *state =
2204+ tevent_req_data(req,
2205+ struct ldapsrv_starttls_postprocess_state);
2206+ struct ldapsrv_connection *conn = state->conn;
2207+ int ret;
2208+ int sys_errno;
2209+
2210+ ret = tstream_tls_accept_recv(subreq, &sys_errno,
2211+ conn, &conn->sockets.tls);
2212+ TALLOC_FREE(subreq);
2213+ if (ret == -1) {
2214+ NTSTATUS status = map_nt_error_from_unix_common(sys_errno);
2215+
2216+ DEBUG(1,("ldapsrv_starttls_postprocess_done: accept_tls_loop: "
2217+ "tstream_tls_accept_recv() - %d:%s => %s",
2218+ sys_errno, strerror(sys_errno), nt_errstr(status)));
2219+
2220+ tevent_req_nterror(req, status);
2221+ return;
2222+ }
2223+
2224+ conn->sockets.active = conn->sockets.tls;
2225+
2226+ tevent_req_done(req);
2227+}
2228+
2229+static NTSTATUS ldapsrv_starttls_postprocess_recv(struct tevent_req *req)
2230+{
2231+ return tevent_req_simple_recv_ntstatus(req);
2232+}
2233+
2234+static NTSTATUS ldapsrv_StartTLS(struct ldapsrv_call *call,
2235+ struct ldapsrv_reply *reply,
2236+ const char **errstr)
2237+{
2238+ struct ldapsrv_starttls_postprocess_context *context;
2239+
2240+ (*errstr) = NULL;
2241+
2242+ /*
2243+ * TODO: give LDAP_OPERATIONS_ERROR also when
2244+ * there's a SASL bind in progress
2245+ * (see rfc4513 section 3.1.1)
2246+ */
2247+ if (call->conn->sockets.tls) {
2248+ (*errstr) = talloc_asprintf(reply, "START-TLS: TLS is already enabled on this LDAP session");
2249+ return NT_STATUS_LDAP(LDAP_OPERATIONS_ERROR);
2250+ }
2251+
2252+ if (call->conn->sockets.sasl) {
2253+ (*errstr) = talloc_asprintf(reply, "START-TLS: SASL is already enabled on this LDAP session");
2254+ return NT_STATUS_LDAP(LDAP_OPERATIONS_ERROR);
2255+ }
2256+
2257+ if (call->conn->pending_calls != NULL) {
2258+ (*errstr) = talloc_asprintf(reply, "START-TLS: pending requests on this LDAP session");
2259+ return NT_STATUS_LDAP(LDAP_BUSY);
2260+ }
2261+
2262+ context = talloc(call, struct ldapsrv_starttls_postprocess_context);
2263+ NT_STATUS_HAVE_NO_MEMORY(context);
2264+
2265+ context->conn = call->conn;
2266+
2267+ call->postprocess_send = ldapsrv_starttls_postprocess_send;
2268+ call->postprocess_recv = ldapsrv_starttls_postprocess_recv;
2269+ call->postprocess_private = context;
2270+
2271+ reply->msg->r.ExtendedResponse.response.resultcode = LDAP_SUCCESS;
2272+ reply->msg->r.ExtendedResponse.response.errormessage = NULL;
2273+
2274+ ldapsrv_queue_reply(call, reply);
2275+ return NT_STATUS_OK;
2276+}
2277+
2278+struct ldapsrv_extended_operation {
2279+ const char *oid;
2280+ NTSTATUS (*fn)(struct ldapsrv_call *call, struct ldapsrv_reply *reply, const char **errorstr);
2281+};
2282+
2283+static struct ldapsrv_extended_operation extended_ops[] = {
2284+ {
2285+ .oid = LDB_EXTENDED_START_TLS_OID,
2286+ .fn = ldapsrv_StartTLS,
2287+ },{
2288+ .oid = NULL,
2289+ .fn = NULL,
2290+ }
2291+};
2292+
2293+NTSTATUS ldapsrv_ExtendedRequest(struct ldapsrv_call *call)
2294+{
2295+ struct ldap_ExtendedRequest *req = &call->request->r.ExtendedRequest;
2296+ struct ldapsrv_reply *reply;
2297+ int result = LDAP_PROTOCOL_ERROR;
2298+ const char *error_str = NULL;
2299+ NTSTATUS status = NT_STATUS_OK;
2300+ unsigned int i;
2301+
2302+ DEBUG(10, ("Extended\n"));
2303+
2304+ reply = ldapsrv_init_reply(call, LDAP_TAG_ExtendedResponse);
2305+ NT_STATUS_HAVE_NO_MEMORY(reply);
2306+
2307+ ZERO_STRUCT(reply->msg->r);
2308+ reply->msg->r.ExtendedResponse.oid = talloc_steal(reply, req->oid);
2309+ reply->msg->r.ExtendedResponse.response.resultcode = LDAP_PROTOCOL_ERROR;
2310+ reply->msg->r.ExtendedResponse.response.errormessage = NULL;
2311+
2312+ for (i=0; extended_ops[i].oid; i++) {
2313+ if (strcmp(extended_ops[i].oid,req->oid) != 0) continue;
2314+
2315+ /*
2316+ * if the backend function returns an error we
2317+ * need to send the reply otherwise the reply is already
2318+ * send and we need to return directly
2319+ */
2320+ status = extended_ops[i].fn(call, reply, &error_str);
2321+ if (NT_STATUS_IS_OK(status)) {
2322+ return status;
2323+ }
2324+
2325+ if (NT_STATUS_IS_LDAP(status)) {
2326+ result = NT_STATUS_LDAP_CODE(status);
2327+ } else {
2328+ result = LDAP_OPERATIONS_ERROR;
2329+ error_str = talloc_asprintf(reply, "Extended Operation(%s) failed: %s",
2330+ req->oid, nt_errstr(status));
2331+ }
2332+ }
2333+ /* if we haven't found the oid, then status is still NT_STATUS_OK */
2334+ if (NT_STATUS_IS_OK(status)) {
2335+ error_str = talloc_asprintf(reply, "Extended Operation(%s) not supported",
2336+ req->oid);
2337+ }
2338+
2339+ reply->msg->r.ExtendedResponse.response.resultcode = result;
2340+ reply->msg->r.ExtendedResponse.response.errormessage = error_str;
2341+
2342+ ldapsrv_queue_reply(call, reply);
2343+ return NT_STATUS_OK;
2344+}
2345diff --git a/source4/ldap_server/ldap_server.c b/source4/ldap_server/ldap_server.c
2346new file mode 100644
2347index 0000000..d9f24e0
2348--- /dev/null
2349+++ b/source4/ldap_server/ldap_server.c
2350@@ -0,0 +1,1259 @@
2351+/*
2352+ Unix SMB/CIFS implementation.
2353+
2354+ LDAP server
2355+
2356+ Copyright (C) Andrew Tridgell 2005
2357+ Copyright (C) Volker Lendecke 2004
2358+ Copyright (C) Stefan Metzmacher 2004
2359+
2360+ This program is free software; you can redistribute it and/or modify
2361+ it under the terms of the GNU General Public License as published by
2362+ the Free Software Foundation; either version 3 of the License, or
2363+ (at your option) any later version.
2364+
2365+ This program is distributed in the hope that it will be useful,
2366+ but WITHOUT ANY WARRANTY; without even the implied warranty of
2367+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
2368+ GNU General Public License for more details.
2369+
2370+ You should have received a copy of the GNU General Public License
2371+ along with this program. If not, see <http://www.gnu.org/licenses/>.
2372+*/
2373+
2374+#include "includes.h"
2375+#include "system/network.h"
2376+#include "lib/events/events.h"
2377+#include "auth/auth.h"
2378+#include "auth/credentials/credentials.h"
2379+#include "librpc/gen_ndr/ndr_samr.h"
2380+#include "../lib/util/dlinklist.h"
2381+#include "../lib/util/asn1.h"
2382+#include "ldap_server/ldap_server.h"
2383+#include "smbd/service_task.h"
2384+#include "smbd/service_stream.h"
2385+#include "smbd/service.h"
2386+#include "smbd/process_model.h"
2387+#include "lib/tls/tls.h"
2388+#include "lib/messaging/irpc.h"
2389+#include <ldb.h>
2390+#include <ldb_errors.h>
2391+#include "libcli/ldap/ldap_proto.h"
2392+#include "system/network.h"
2393+#include "lib/socket/netif.h"
2394+#include "dsdb/samdb/samdb.h"
2395+#include "param/param.h"
2396+#include "../lib/tsocket/tsocket.h"
2397+#include "../lib/util/tevent_ntstatus.h"
2398+#include "../libcli/util/tstream.h"
2399+#include "libds/common/roles.h"
2400+
2401+static void ldapsrv_terminate_connection_done(struct tevent_req *subreq);
2402+
2403+/*
2404+ close the socket and shutdown a server_context
2405+*/
2406+static void ldapsrv_terminate_connection(struct ldapsrv_connection *conn,
2407+ const char *reason)
2408+{
2409+ struct tevent_req *subreq;
2410+
2411+ if (conn->limits.reason) {
2412+ return;
2413+ }
2414+
2415+ DLIST_REMOVE(conn->service->connections, conn);
2416+
2417+ conn->limits.endtime = timeval_current_ofs(0, 500);
2418+
2419+ tevent_queue_stop(conn->sockets.send_queue);
2420+ TALLOC_FREE(conn->sockets.read_req);
2421+ if (conn->active_call) {
2422+ tevent_req_cancel(conn->active_call);
2423+ conn->active_call = NULL;
2424+ }
2425+
2426+ conn->limits.reason = talloc_strdup(conn, reason);
2427+ if (conn->limits.reason == NULL) {
2428+ TALLOC_FREE(conn->sockets.tls);
2429+ TALLOC_FREE(conn->sockets.sasl);
2430+ TALLOC_FREE(conn->sockets.raw);
2431+ stream_terminate_connection(conn->connection, reason);
2432+ return;
2433+ }
2434+
2435+ subreq = tstream_disconnect_send(conn,
2436+ conn->connection->event.ctx,
2437+ conn->sockets.active);
2438+ if (subreq == NULL) {
2439+ TALLOC_FREE(conn->sockets.tls);
2440+ TALLOC_FREE(conn->sockets.sasl);
2441+ TALLOC_FREE(conn->sockets.raw);
2442+ stream_terminate_connection(conn->connection, reason);
2443+ return;
2444+ }
2445+ tevent_req_set_endtime(subreq,
2446+ conn->connection->event.ctx,
2447+ conn->limits.endtime);
2448+ tevent_req_set_callback(subreq, ldapsrv_terminate_connection_done, conn);
2449+}
2450+
2451+static void ldapsrv_terminate_connection_done(struct tevent_req *subreq)
2452+{
2453+ struct ldapsrv_connection *conn =
2454+ tevent_req_callback_data(subreq,
2455+ struct ldapsrv_connection);
2456+ int sys_errno;
2457+
2458+ tstream_disconnect_recv(subreq, &sys_errno);
2459+ TALLOC_FREE(subreq);
2460+
2461+ if (conn->sockets.active == conn->sockets.raw) {
2462+ TALLOC_FREE(conn->sockets.tls);
2463+ TALLOC_FREE(conn->sockets.sasl);
2464+ TALLOC_FREE(conn->sockets.raw);
2465+ stream_terminate_connection(conn->connection,
2466+ conn->limits.reason);
2467+ return;
2468+ }
2469+
2470+ TALLOC_FREE(conn->sockets.tls);
2471+ TALLOC_FREE(conn->sockets.sasl);
2472+ conn->sockets.active = conn->sockets.raw;
2473+
2474+ subreq = tstream_disconnect_send(conn,
2475+ conn->connection->event.ctx,
2476+ conn->sockets.active);
2477+ if (subreq == NULL) {
2478+ TALLOC_FREE(conn->sockets.raw);
2479+ stream_terminate_connection(conn->connection,
2480+ conn->limits.reason);
2481+ return;
2482+ }
2483+ tevent_req_set_endtime(subreq,
2484+ conn->connection->event.ctx,
2485+ conn->limits.endtime);
2486+ tevent_req_set_callback(subreq, ldapsrv_terminate_connection_done, conn);
2487+}
2488+
2489+/*
2490+ called when a LDAP socket becomes readable
2491+*/
2492+void ldapsrv_recv(struct stream_connection *c, uint16_t flags)
2493+{
2494+ smb_panic(__location__);
2495+}
2496+
2497+/*
2498+ called when a LDAP socket becomes writable
2499+*/
2500+static void ldapsrv_send(struct stream_connection *c, uint16_t flags)
2501+{
2502+ smb_panic(__location__);
2503+}
2504+
2505+static int ldapsrv_load_limits(struct ldapsrv_connection *conn)
2506+{
2507+ TALLOC_CTX *tmp_ctx;
2508+ const char *attrs[] = { "configurationNamingContext", NULL };
2509+ const char *attrs2[] = { "lDAPAdminLimits", NULL };
2510+ struct ldb_message_element *el;
2511+ struct ldb_result *res = NULL;
2512+ struct ldb_dn *basedn;
2513+ struct ldb_dn *conf_dn;
2514+ struct ldb_dn *policy_dn;
2515+ unsigned int i;
2516+ int ret;
2517+
2518+ /* set defaults limits in case of failure */
2519+ conn->limits.initial_timeout = 120;
2520+ conn->limits.conn_idle_time = 900;
2521+ conn->limits.max_page_size = 1000;
2522+ conn->limits.max_notifications = 5;
2523+ conn->limits.search_timeout = 120;
2524+
2525+
2526+ tmp_ctx = talloc_new(conn);
2527+ if (tmp_ctx == NULL) {
2528+ return -1;
2529+ }
2530+
2531+ basedn = ldb_dn_new(tmp_ctx, conn->ldb, NULL);
2532+ if (basedn == NULL) {
2533+ goto failed;
2534+ }
2535+
2536+ ret = ldb_search(conn->ldb, tmp_ctx, &res, basedn, LDB_SCOPE_BASE, attrs, NULL);
2537+ if (ret != LDB_SUCCESS) {
2538+ goto failed;
2539+ }
2540+
2541+ if (res->count != 1) {
2542+ goto failed;
2543+ }
2544+
2545+ conf_dn = ldb_msg_find_attr_as_dn(conn->ldb, tmp_ctx, res->msgs[0], "configurationNamingContext");
2546+ if (conf_dn == NULL) {
2547+ goto failed;
2548+ }
2549+
2550+ policy_dn = ldb_dn_copy(tmp_ctx, conf_dn);
2551+ ldb_dn_add_child_fmt(policy_dn, "CN=Default Query Policy,CN=Query-Policies,CN=Directory Service,CN=Windows NT,CN=Services");
2552+ if (policy_dn == NULL) {
2553+ goto failed;
2554+ }
2555+
2556+ ret = ldb_search(conn->ldb, tmp_ctx, &res, policy_dn, LDB_SCOPE_BASE, attrs2, NULL);
2557+ if (ret != LDB_SUCCESS) {
2558+ goto failed;
2559+ }
2560+
2561+ if (res->count != 1) {
2562+ goto failed;
2563+ }
2564+
2565+ el = ldb_msg_find_element(res->msgs[0], "lDAPAdminLimits");
2566+ if (el == NULL) {
2567+ goto failed;
2568+ }
2569+
2570+ for (i = 0; i < el->num_values; i++) {
2571+ char policy_name[256];
2572+ int policy_value, s;
2573+
2574+ s = sscanf((const char *)el->values[i].data, "%255[^=]=%d", policy_name, &policy_value);
2575+ if (s != 2 || policy_value == 0)
2576+ continue;
2577+ if (strcasecmp("InitRecvTimeout", policy_name) == 0) {
2578+ conn->limits.initial_timeout = policy_value;
2579+ continue;
2580+ }
2581+ if (strcasecmp("MaxConnIdleTime", policy_name) == 0) {
2582+ conn->limits.conn_idle_time = policy_value;
2583+ continue;
2584+ }
2585+ if (strcasecmp("MaxPageSize", policy_name) == 0) {
2586+ conn->limits.max_page_size = policy_value;
2587+ continue;
2588+ }
2589+ if (strcasecmp("MaxNotificationPerConn", policy_name) == 0) {
2590+ conn->limits.max_notifications = policy_value;
2591+ continue;
2592+ }
2593+ if (strcasecmp("MaxQueryDuration", policy_name) == 0) {
2594+ conn->limits.search_timeout = policy_value;
2595+ continue;
2596+ }
2597+ }
2598+
2599+ return 0;
2600+
2601+failed:
2602+ DEBUG(0, ("Failed to load ldap server query policies\n"));
2603+ talloc_free(tmp_ctx);
2604+ return -1;
2605+}
2606+
2607+static int ldapsrv_call_destructor(struct ldapsrv_call *call)
2608+{
2609+ if (call->conn == NULL) {
2610+ return 0;
2611+ }
2612+
2613+ DLIST_REMOVE(call->conn->pending_calls, call);
2614+
2615+ call->conn = NULL;
2616+ return 0;
2617+}
2618+
2619+static struct tevent_req *ldapsrv_process_call_send(TALLOC_CTX *mem_ctx,
2620+ struct tevent_context *ev,
2621+ struct tevent_queue *call_queue,
2622+ struct ldapsrv_call *call);
2623+static NTSTATUS ldapsrv_process_call_recv(struct tevent_req *req);
2624+
2625+static bool ldapsrv_call_read_next(struct ldapsrv_connection *conn);
2626+static void ldapsrv_accept_tls_done(struct tevent_req *subreq);
2627+
2628+/*
2629+ initialise a server_context from a open socket and register a event handler
2630+ for reading from that socket
2631+*/
2632+static void ldapsrv_accept(struct stream_connection *c,
2633+ struct auth_session_info *session_info,
2634+ bool is_privileged)
2635+{
2636+ struct ldapsrv_service *ldapsrv_service =
2637+ talloc_get_type(c->private_data, struct ldapsrv_service);
2638+ struct ldapsrv_connection *conn;
2639+ struct cli_credentials *server_credentials;
2640+ struct socket_address *socket_address;
2641+ NTSTATUS status;
2642+ int port;
2643+ int ret;
2644+ struct tevent_req *subreq;
2645+ struct timeval endtime;
2646+
2647+ conn = talloc_zero(c, struct ldapsrv_connection);
2648+ if (!conn) {
2649+ stream_terminate_connection(c, "ldapsrv_accept: out of memory");
2650+ return;
2651+ }
2652+ conn->is_privileged = is_privileged;
2653+
2654+ conn->sockets.send_queue = tevent_queue_create(conn, "ldapsev send queue");
2655+ if (conn->sockets.send_queue == NULL) {
2656+ stream_terminate_connection(c,
2657+ "ldapsrv_accept: tevent_queue_create failed");
2658+ return;
2659+ }
2660+
2661+ TALLOC_FREE(c->event.fde);
2662+
2663+ ret = tstream_bsd_existing_socket(conn,
2664+ socket_get_fd(c->socket),
2665+ &conn->sockets.raw);
2666+ if (ret == -1) {
2667+ stream_terminate_connection(c,
2668+ "ldapsrv_accept: out of memory");
2669+ return;
2670+ }
2671+ socket_set_flags(c->socket, SOCKET_FLAG_NOCLOSE);
2672+
2673+ conn->connection = c;
2674+ conn->service = ldapsrv_service;
2675+ conn->lp_ctx = ldapsrv_service->task->lp_ctx;
2676+
2677+ c->private_data = conn;
2678+
2679+ socket_address = socket_get_my_addr(c->socket, conn);
2680+ if (!socket_address) {
2681+ ldapsrv_terminate_connection(conn, "ldapsrv_accept: failed to obtain local socket address!");
2682+ return;
2683+ }
2684+ port = socket_address->port;
2685+ talloc_free(socket_address);
2686+ if (port == 3268 || port == 3269) /* Global catalog */ {
2687+ conn->global_catalog = true;
2688+ }
2689+
2690+ server_credentials = cli_credentials_init(conn);
2691+ if (!server_credentials) {
2692+ stream_terminate_connection(c, "Failed to init server credentials\n");
2693+ return;
2694+ }
2695+
2696+ cli_credentials_set_conf(server_credentials, conn->lp_ctx);
2697+ status = cli_credentials_set_machine_account(server_credentials, conn->lp_ctx);
2698+ if (!NT_STATUS_IS_OK(status)) {
2699+ stream_terminate_connection(c, talloc_asprintf(conn, "Failed to obtain server credentials, perhaps a standalone server?: %s\n", nt_errstr(status)));
2700+ return;
2701+ }
2702+ conn->server_credentials = server_credentials;
2703+
2704+ conn->session_info = session_info;
2705+
2706+ conn->sockets.active = conn->sockets.raw;
2707+
2708+ if (conn->is_privileged) {
2709+ conn->require_strong_auth = LDAP_SERVER_REQUIRE_STRONG_AUTH_NO;
2710+ } else {
2711+ conn->require_strong_auth = lpcfg_ldap_server_require_strong_auth(conn->lp_ctx);
2712+ }
2713+
2714+ if (!NT_STATUS_IS_OK(ldapsrv_backend_Init(conn))) {
2715+ ldapsrv_terminate_connection(conn, "backend Init failed");
2716+ return;
2717+ }
2718+
2719+ /* load limits from the conf partition */
2720+ ldapsrv_load_limits(conn); /* should we fail on error ? */
2721+
2722+ /* register the server */
2723+ irpc_add_name(c->msg_ctx, "ldap_server");
2724+
2725+ DLIST_ADD_END(ldapsrv_service->connections, conn);
2726+
2727+ if (port != 636 && port != 3269) {
2728+ ldapsrv_call_read_next(conn);
2729+ return;
2730+ }
2731+
2732+ endtime = timeval_current_ofs(conn->limits.conn_idle_time, 0);
2733+
2734+ subreq = tstream_tls_accept_send(conn,
2735+ conn->connection->event.ctx,
2736+ conn->sockets.raw,
2737+ conn->service->tls_params);
2738+ if (subreq == NULL) {
2739+ ldapsrv_terminate_connection(conn, "ldapsrv_accept: "
2740+ "no memory for tstream_tls_accept_send");
2741+ return;
2742+ }
2743+ tevent_req_set_endtime(subreq,
2744+ conn->connection->event.ctx,
2745+ endtime);
2746+ tevent_req_set_callback(subreq, ldapsrv_accept_tls_done, conn);
2747+}
2748+
2749+static void ldapsrv_accept_tls_done(struct tevent_req *subreq)
2750+{
2751+ struct ldapsrv_connection *conn =
2752+ tevent_req_callback_data(subreq,
2753+ struct ldapsrv_connection);
2754+ int ret;
2755+ int sys_errno;
2756+
2757+ ret = tstream_tls_accept_recv(subreq, &sys_errno,
2758+ conn, &conn->sockets.tls);
2759+ TALLOC_FREE(subreq);
2760+ if (ret == -1) {
2761+ const char *reason;
2762+
2763+ reason = talloc_asprintf(conn, "ldapsrv_accept_tls_loop: "
2764+ "tstream_tls_accept_recv() - %d:%s",
2765+ sys_errno, strerror(sys_errno));
2766+ if (!reason) {
2767+ reason = "ldapsrv_accept_tls_loop: "
2768+ "tstream_tls_accept_recv() - failed";
2769+ }
2770+
2771+ ldapsrv_terminate_connection(conn, reason);
2772+ return;
2773+ }
2774+
2775+ conn->sockets.active = conn->sockets.tls;
2776+ ldapsrv_call_read_next(conn);
2777+}
2778+
2779+static void ldapsrv_call_read_done(struct tevent_req *subreq);
2780+
2781+static bool ldapsrv_call_read_next(struct ldapsrv_connection *conn)
2782+{
2783+ struct tevent_req *subreq;
2784+
2785+ if (conn->pending_calls != NULL) {
2786+ conn->limits.endtime = timeval_zero();
2787+
2788+ ldapsrv_notification_retry_setup(conn->service, false);
2789+ } else if (timeval_is_zero(&conn->limits.endtime)) {
2790+ conn->limits.endtime =
2791+ timeval_current_ofs(conn->limits.initial_timeout, 0);
2792+ } else {
2793+ conn->limits.endtime =
2794+ timeval_current_ofs(conn->limits.conn_idle_time, 0);
2795+ }
2796+
2797+ if (conn->sockets.read_req != NULL) {
2798+ return true;
2799+ }
2800+
2801+ /*
2802+ * The minimum size of a LDAP pdu is 7 bytes
2803+ *
2804+ * dumpasn1 -hh ldap-unbind-min.dat
2805+ *
2806+ * <30 05 02 01 09 42 00>
2807+ * 0 5: SEQUENCE {
2808+ * <02 01 09>
2809+ * 2 1: INTEGER 9
2810+ * <42 00>
2811+ * 5 0: [APPLICATION 2]
2812+ * : Error: Object has zero length.
2813+ * : }
2814+ *
2815+ * dumpasn1 -hh ldap-unbind-windows.dat
2816+ *
2817+ * <30 84 00 00 00 05 02 01 09 42 00>
2818+ * 0 5: SEQUENCE {
2819+ * <02 01 09>
2820+ * 6 1: INTEGER 9
2821+ * <42 00>
2822+ * 9 0: [APPLICATION 2]
2823+ * : Error: Object has zero length.
2824+ * : }
2825+ *
2826+ * This means using an initial read size
2827+ * of 7 is ok.
2828+ */
2829+ subreq = tstream_read_pdu_blob_send(conn,
2830+ conn->connection->event.ctx,
2831+ conn->sockets.active,
2832+ 7, /* initial_read_size */
2833+ ldap_full_packet,
2834+ conn);
2835+ if (subreq == NULL) {
2836+ ldapsrv_terminate_connection(conn, "ldapsrv_call_read_next: "
2837+ "no memory for tstream_read_pdu_blob_send");
2838+ return false;
2839+ }
2840+ if (!timeval_is_zero(&conn->limits.endtime)) {
2841+ tevent_req_set_endtime(subreq,
2842+ conn->connection->event.ctx,
2843+ conn->limits.endtime);
2844+ }
2845+ tevent_req_set_callback(subreq, ldapsrv_call_read_done, conn);
2846+ conn->sockets.read_req = subreq;
2847+ return true;
2848+}
2849+
2850+static void ldapsrv_call_process_done(struct tevent_req *subreq);
2851+
2852+static void ldapsrv_call_read_done(struct tevent_req *subreq)
2853+{
2854+ struct ldapsrv_connection *conn =
2855+ tevent_req_callback_data(subreq,
2856+ struct ldapsrv_connection);
2857+ NTSTATUS status;
2858+ struct ldapsrv_call *call;
2859+ struct asn1_data *asn1;
2860+ DATA_BLOB blob;
2861+
2862+ conn->sockets.read_req = NULL;
2863+
2864+ call = talloc_zero(conn, struct ldapsrv_call);
2865+ if (!call) {
2866+ ldapsrv_terminate_connection(conn, "no memory");
2867+ return;
2868+ }
2869+ talloc_set_destructor(call, ldapsrv_call_destructor);
2870+
2871+ call->conn = conn;
2872+
2873+ status = tstream_read_pdu_blob_recv(subreq,
2874+ call,
2875+ &blob);
2876+ TALLOC_FREE(subreq);
2877+ if (!NT_STATUS_IS_OK(status)) {
2878+ const char *reason;
2879+
2880+ reason = talloc_asprintf(call, "ldapsrv_call_loop: "
2881+ "tstream_read_pdu_blob_recv() - %s",
2882+ nt_errstr(status));
2883+ if (!reason) {
2884+ reason = nt_errstr(status);
2885+ }
2886+
2887+ ldapsrv_terminate_connection(conn, reason);
2888+ return;
2889+ }
2890+
2891+ asn1 = asn1_init(call);
2892+ if (asn1 == NULL) {
2893+ ldapsrv_terminate_connection(conn, "no memory");
2894+ return;
2895+ }
2896+
2897+ call->request = talloc(call, struct ldap_message);
2898+ if (call->request == NULL) {
2899+ ldapsrv_terminate_connection(conn, "no memory");
2900+ return;
2901+ }
2902+
2903+ if (!asn1_load(asn1, blob)) {
2904+ ldapsrv_terminate_connection(conn, "asn1_load failed");
2905+ return;
2906+ }
2907+
2908+ status = ldap_decode(asn1, samba_ldap_control_handlers(),
2909+ call->request);
2910+ if (!NT_STATUS_IS_OK(status)) {
2911+ ldapsrv_terminate_connection(conn, nt_errstr(status));
2912+ return;
2913+ }
2914+
2915+ data_blob_free(&blob);
2916+
2917+
2918+ /* queue the call in the global queue */
2919+ subreq = ldapsrv_process_call_send(call,
2920+ conn->connection->event.ctx,
2921+ conn->service->call_queue,
2922+ call);
2923+ if (subreq == NULL) {
2924+ ldapsrv_terminate_connection(conn, "ldapsrv_process_call_send failed");
2925+ return;
2926+ }
2927+ tevent_req_set_callback(subreq, ldapsrv_call_process_done, call);
2928+ conn->active_call = subreq;
2929+}
2930+
2931+static void ldapsrv_call_wait_done(struct tevent_req *subreq);
2932+static void ldapsrv_call_writev_start(struct ldapsrv_call *call);
2933+static void ldapsrv_call_writev_done(struct tevent_req *subreq);
2934+
2935+static void ldapsrv_call_process_done(struct tevent_req *subreq)
2936+{
2937+ struct ldapsrv_call *call =
2938+ tevent_req_callback_data(subreq,
2939+ struct ldapsrv_call);
2940+ struct ldapsrv_connection *conn = call->conn;
2941+ NTSTATUS status;
2942+
2943+ conn->active_call = NULL;
2944+
2945+ status = ldapsrv_process_call_recv(subreq);
2946+ TALLOC_FREE(subreq);
2947+ if (!NT_STATUS_IS_OK(status)) {
2948+ ldapsrv_terminate_connection(conn, nt_errstr(status));
2949+ return;
2950+ }
2951+
2952+ if (call->wait_send != NULL) {
2953+ subreq = call->wait_send(call,
2954+ conn->connection->event.ctx,
2955+ call->wait_private);
2956+ if (subreq == NULL) {
2957+ ldapsrv_terminate_connection(conn,
2958+ "ldapsrv_call_process_done: "
2959+ "call->wait_send - no memory");
2960+ return;
2961+ }
2962+ tevent_req_set_callback(subreq,
2963+ ldapsrv_call_wait_done,
2964+ call);
2965+ conn->active_call = subreq;
2966+ return;
2967+ }
2968+
2969+ ldapsrv_call_writev_start(call);
2970+}
2971+
2972+static void ldapsrv_call_wait_done(struct tevent_req *subreq)
2973+{
2974+ struct ldapsrv_call *call =
2975+ tevent_req_callback_data(subreq,
2976+ struct ldapsrv_call);
2977+ struct ldapsrv_connection *conn = call->conn;
2978+ NTSTATUS status;
2979+
2980+ conn->active_call = NULL;
2981+
2982+ status = call->wait_recv(subreq);
2983+ TALLOC_FREE(subreq);
2984+ if (!NT_STATUS_IS_OK(status)) {
2985+ const char *reason;
2986+
2987+ reason = talloc_asprintf(call, "ldapsrv_call_wait_done: "
2988+ "call->wait_recv() - %s",
2989+ nt_errstr(status));
2990+ if (reason == NULL) {
2991+ reason = nt_errstr(status);
2992+ }
2993+
2994+ ldapsrv_terminate_connection(conn, reason);
2995+ return;
2996+ }
2997+
2998+ ldapsrv_call_writev_start(call);
2999+}
3000+
3001+static void ldapsrv_call_writev_start(struct ldapsrv_call *call)
3002+{
3003+ struct ldapsrv_connection *conn = call->conn;
3004+ DATA_BLOB blob = data_blob_null;
3005+ struct tevent_req *subreq = NULL;
3006+
3007+ /* build all the replies into a single blob */
3008+ while (call->replies) {
3009+ DATA_BLOB b;
3010+ bool ret;
3011+
3012+ if (!ldap_encode(call->replies->msg, samba_ldap_control_handlers(), &b, call)) {
3013+ DEBUG(0,("Failed to encode ldap reply of type %d\n",
3014+ call->replies->msg->type));
3015+ ldapsrv_terminate_connection(conn, "ldap_encode failed");
3016+ return;
3017+ }
3018+
3019+ ret = data_blob_append(call, &blob, b.data, b.length);
3020+ data_blob_free(&b);
3021+
3022+ talloc_set_name_const(blob.data, "Outgoing, encoded LDAP packet");
3023+
3024+ if (!ret) {
3025+ ldapsrv_terminate_connection(conn, "data_blob_append failed");
3026+ return;
3027+ }
3028+
3029+ DLIST_REMOVE(call->replies, call->replies);
3030+ }
3031+
3032+ if (blob.length == 0) {
3033+ if (!call->notification.busy) {
3034+ TALLOC_FREE(call);
3035+ }
3036+
3037+ ldapsrv_call_read_next(conn);
3038+ return;
3039+ }
3040+
3041+ call->out_iov.iov_base = blob.data;
3042+ call->out_iov.iov_len = blob.length;
3043+
3044+ subreq = tstream_writev_queue_send(call,
3045+ conn->connection->event.ctx,
3046+ conn->sockets.active,
3047+ conn->sockets.send_queue,
3048+ &call->out_iov, 1);
3049+ if (subreq == NULL) {
3050+ ldapsrv_terminate_connection(conn, "stream_writev_queue_send failed");
3051+ return;
3052+ }
3053+ tevent_req_set_callback(subreq, ldapsrv_call_writev_done, call);
3054+}
3055+
3056+static void ldapsrv_call_postprocess_done(struct tevent_req *subreq);
3057+
3058+static void ldapsrv_call_writev_done(struct tevent_req *subreq)
3059+{
3060+ struct ldapsrv_call *call =
3061+ tevent_req_callback_data(subreq,
3062+ struct ldapsrv_call);
3063+ struct ldapsrv_connection *conn = call->conn;
3064+ int sys_errno;
3065+ int rc;
3066+
3067+ rc = tstream_writev_queue_recv(subreq, &sys_errno);
3068+ TALLOC_FREE(subreq);
3069+ if (rc == -1) {
3070+ const char *reason;
3071+
3072+ reason = talloc_asprintf(call, "ldapsrv_call_writev_done: "
3073+ "tstream_writev_queue_recv() - %d:%s",
3074+ sys_errno, strerror(sys_errno));
3075+ if (reason == NULL) {
3076+ reason = "ldapsrv_call_writev_done: "
3077+ "tstream_writev_queue_recv() failed";
3078+ }
3079+
3080+ ldapsrv_terminate_connection(conn, reason);
3081+ return;
3082+ }
3083+
3084+ if (call->postprocess_send) {
3085+ subreq = call->postprocess_send(call,
3086+ conn->connection->event.ctx,
3087+ call->postprocess_private);
3088+ if (subreq == NULL) {
3089+ ldapsrv_terminate_connection(conn, "ldapsrv_call_writev_done: "
3090+ "call->postprocess_send - no memory");
3091+ return;
3092+ }
3093+ tevent_req_set_callback(subreq,
3094+ ldapsrv_call_postprocess_done,
3095+ call);
3096+ return;
3097+ }
3098+
3099+ if (!call->notification.busy) {
3100+ TALLOC_FREE(call);
3101+ }
3102+
3103+ ldapsrv_call_read_next(conn);
3104+}
3105+
3106+static void ldapsrv_call_postprocess_done(struct tevent_req *subreq)
3107+{
3108+ struct ldapsrv_call *call =
3109+ tevent_req_callback_data(subreq,
3110+ struct ldapsrv_call);
3111+ struct ldapsrv_connection *conn = call->conn;
3112+ NTSTATUS status;
3113+
3114+ status = call->postprocess_recv(subreq);
3115+ TALLOC_FREE(subreq);
3116+ if (!NT_STATUS_IS_OK(status)) {
3117+ const char *reason;
3118+
3119+ reason = talloc_asprintf(call, "ldapsrv_call_postprocess_done: "
3120+ "call->postprocess_recv() - %s",
3121+ nt_errstr(status));
3122+ if (reason == NULL) {
3123+ reason = nt_errstr(status);
3124+ }
3125+
3126+ ldapsrv_terminate_connection(conn, reason);
3127+ return;
3128+ }
3129+
3130+ TALLOC_FREE(call);
3131+
3132+ ldapsrv_call_read_next(conn);
3133+}
3134+
3135+static void ldapsrv_notification_retry_done(struct tevent_req *subreq);
3136+
3137+void ldapsrv_notification_retry_setup(struct ldapsrv_service *service, bool force)
3138+{
3139+ struct ldapsrv_connection *conn = NULL;
3140+ struct timeval retry;
3141+ size_t num_pending = 0;
3142+ size_t num_active = 0;
3143+
3144+ if (force) {
3145+ TALLOC_FREE(service->notification.retry);
3146+ service->notification.generation += 1;
3147+ }
3148+
3149+ if (service->notification.retry != NULL) {
3150+ return;
3151+ }
3152+
3153+ for (conn = service->connections; conn != NULL; conn = conn->next) {
3154+ if (conn->pending_calls == NULL) {
3155+ continue;
3156+ }
3157+
3158+ num_pending += 1;
3159+
3160+ if (conn->pending_calls->notification.generation !=
3161+ service->notification.generation)
3162+ {
3163+ num_active += 1;
3164+ }
3165+ }
3166+
3167+ if (num_pending == 0) {
3168+ return;
3169+ }
3170+
3171+ if (num_active != 0) {
3172+ retry = timeval_current_ofs(0, 100);
3173+ } else {
3174+ retry = timeval_current_ofs(5, 0);
3175+ }
3176+
3177+ service->notification.retry = tevent_wakeup_send(service,
3178+ service->task->event_ctx,
3179+ retry);
3180+ if (service->notification.retry == NULL) {
3181+ /* retry later */
3182+ return;
3183+ }
3184+
3185+ tevent_req_set_callback(service->notification.retry,
3186+ ldapsrv_notification_retry_done,
3187+ service);
3188+}
3189+
3190+static void ldapsrv_notification_retry_done(struct tevent_req *subreq)
3191+{
3192+ struct ldapsrv_service *service =
3193+ tevent_req_callback_data(subreq,
3194+ struct ldapsrv_service);
3195+ struct ldapsrv_connection *conn = NULL;
3196+ struct ldapsrv_connection *conn_next = NULL;
3197+ bool ok;
3198+
3199+ service->notification.retry = NULL;
3200+
3201+ ok = tevent_wakeup_recv(subreq);
3202+ TALLOC_FREE(subreq);
3203+ if (!ok) {
3204+ /* ignore */
3205+ }
3206+
3207+ for (conn = service->connections; conn != NULL; conn = conn_next) {
3208+ struct ldapsrv_call *call = conn->pending_calls;
3209+
3210+ conn_next = conn->next;
3211+
3212+ if (conn->pending_calls == NULL) {
3213+ continue;
3214+ }
3215+
3216+ if (conn->active_call != NULL) {
3217+ continue;
3218+ }
3219+
3220+ DLIST_DEMOTE(conn->pending_calls, call);
3221+ call->notification.generation =
3222+ service->notification.generation;
3223+
3224+ /* queue the call in the global queue */
3225+ subreq = ldapsrv_process_call_send(call,
3226+ conn->connection->event.ctx,
3227+ conn->service->call_queue,
3228+ call);
3229+ if (subreq == NULL) {
3230+ ldapsrv_terminate_connection(conn,
3231+ "ldapsrv_process_call_send failed");
3232+ continue;
3233+ }
3234+ tevent_req_set_callback(subreq, ldapsrv_call_process_done, call);
3235+ conn->active_call = subreq;
3236+ }
3237+
3238+ ldapsrv_notification_retry_setup(service, false);
3239+}
3240+
3241+struct ldapsrv_process_call_state {
3242+ struct ldapsrv_call *call;
3243+};
3244+
3245+static void ldapsrv_process_call_trigger(struct tevent_req *req,
3246+ void *private_data);
3247+
3248+static struct tevent_req *ldapsrv_process_call_send(TALLOC_CTX *mem_ctx,
3249+ struct tevent_context *ev,
3250+ struct tevent_queue *call_queue,
3251+ struct ldapsrv_call *call)
3252+{
3253+ struct tevent_req *req;
3254+ struct ldapsrv_process_call_state *state;
3255+ bool ok;
3256+
3257+ req = tevent_req_create(mem_ctx, &state,
3258+ struct ldapsrv_process_call_state);
3259+ if (req == NULL) {
3260+ return req;
3261+ }
3262+
3263+ state->call = call;
3264+
3265+ ok = tevent_queue_add(call_queue, ev, req,
3266+ ldapsrv_process_call_trigger, NULL);
3267+ if (!ok) {
3268+ tevent_req_oom(req);
3269+ return tevent_req_post(req, ev);
3270+ }
3271+
3272+ return req;
3273+}
3274+
3275+static void ldapsrv_process_call_trigger(struct tevent_req *req,
3276+ void *private_data)
3277+{
3278+ struct ldapsrv_process_call_state *state =
3279+ tevent_req_data(req,
3280+ struct ldapsrv_process_call_state);
3281+ NTSTATUS status;
3282+
3283+ /* make the call */
3284+ status = ldapsrv_do_call(state->call);
3285+ if (!NT_STATUS_IS_OK(status)) {
3286+ tevent_req_nterror(req, status);
3287+ return;
3288+ }
3289+
3290+ tevent_req_done(req);
3291+}
3292+
3293+static NTSTATUS ldapsrv_process_call_recv(struct tevent_req *req)
3294+{
3295+ NTSTATUS status;
3296+
3297+ if (tevent_req_is_nterror(req, &status)) {
3298+ tevent_req_received(req);
3299+ return status;
3300+ }
3301+
3302+ tevent_req_received(req);
3303+ return NT_STATUS_OK;
3304+}
3305+
3306+static void ldapsrv_accept_nonpriv(struct stream_connection *c)
3307+{
3308+ struct ldapsrv_service *ldapsrv_service = talloc_get_type_abort(
3309+ c->private_data, struct ldapsrv_service);
3310+ struct auth_session_info *session_info;
3311+ NTSTATUS status;
3312+
3313+ status = auth_anonymous_session_info(
3314+ c, ldapsrv_service->task->lp_ctx, &session_info);
3315+ if (!NT_STATUS_IS_OK(status)) {
3316+ stream_terminate_connection(c, "failed to setup anonymous "
3317+ "session info");
3318+ return;
3319+ }
3320+ ldapsrv_accept(c, session_info, false);
3321+}
3322+
3323+static const struct stream_server_ops ldap_stream_nonpriv_ops = {
3324+ .name = "ldap",
3325+ .accept_connection = ldapsrv_accept_nonpriv,
3326+ .recv_handler = ldapsrv_recv,
3327+ .send_handler = ldapsrv_send,
3328+};
3329+
3330+/* The feature removed behind an #ifdef until we can do it properly
3331+ * with an EXTERNAL bind. */
3332+
3333+#define WITH_LDAPI_PRIV_SOCKET
3334+
3335+#ifdef WITH_LDAPI_PRIV_SOCKET
3336+static void ldapsrv_accept_priv(struct stream_connection *c)
3337+{
3338+ struct ldapsrv_service *ldapsrv_service = talloc_get_type_abort(
3339+ c->private_data, struct ldapsrv_service);
3340+ struct auth_session_info *session_info;
3341+
3342+ session_info = system_session(ldapsrv_service->task->lp_ctx);
3343+ if (!session_info) {
3344+ stream_terminate_connection(c, "failed to setup system "
3345+ "session info");
3346+ return;
3347+ }
3348+ ldapsrv_accept(c, session_info, true);
3349+}
3350+
3351+static const struct stream_server_ops ldap_stream_priv_ops = {
3352+ .name = "ldap",
3353+ .accept_connection = ldapsrv_accept_priv,
3354+ .recv_handler = ldapsrv_recv,
3355+ .send_handler = ldapsrv_send,
3356+};
3357+
3358+#endif
3359+
3360+
3361+/*
3362+ add a socket address to the list of events, one event per port
3363+*/
3364+static NTSTATUS add_socket(struct task_server *task,
3365+ struct loadparm_context *lp_ctx,
3366+ const struct model_ops *model_ops,
3367+ const char *address, struct ldapsrv_service *ldap_service)
3368+{
3369+ uint16_t port = 389;
3370+ NTSTATUS status;
3371+ struct ldb_context *ldb;
3372+
3373+ status = stream_setup_socket(task, task->event_ctx, lp_ctx,
3374+ model_ops, &ldap_stream_nonpriv_ops,
3375+ "ip", address, &port,
3376+ lpcfg_socket_options(lp_ctx),
3377+ ldap_service);
3378+ if (!NT_STATUS_IS_OK(status)) {
3379+ DEBUG(0,("ldapsrv failed to bind to %s:%u - %s\n",
3380+ address, port, nt_errstr(status)));
3381+ return status;
3382+ }
3383+
3384+ if (tstream_tls_params_enabled(ldap_service->tls_params)) {
3385+ /* add ldaps server */
3386+ port = 636;
3387+ status = stream_setup_socket(task, task->event_ctx, lp_ctx,
3388+ model_ops,
3389+ &ldap_stream_nonpriv_ops,
3390+ "ip", address, &port,
3391+ lpcfg_socket_options(lp_ctx),
3392+ ldap_service);
3393+ if (!NT_STATUS_IS_OK(status)) {
3394+ DEBUG(0,("ldapsrv failed to bind to %s:%u - %s\n",
3395+ address, port, nt_errstr(status)));
3396+ return status;
3397+ }
3398+ }
3399+
3400+ /* Load LDAP database, but only to read our settings */
3401+ ldb = samdb_connect(ldap_service, ldap_service->task->event_ctx,
3402+ lp_ctx, system_session(lp_ctx), 0);
3403+ if (!ldb) {
3404+ return NT_STATUS_INTERNAL_DB_CORRUPTION;
3405+ }
3406+
3407+ if (samdb_is_gc(ldb)) {
3408+ port = 3268;
3409+ status = stream_setup_socket(task, task->event_ctx, lp_ctx,
3410+ model_ops,
3411+ &ldap_stream_nonpriv_ops,
3412+ "ip", address, &port,
3413+ lpcfg_socket_options(lp_ctx),
3414+ ldap_service);
3415+ if (!NT_STATUS_IS_OK(status)) {
3416+ DEBUG(0,("ldapsrv failed to bind to %s:%u - %s\n",
3417+ address, port, nt_errstr(status)));
3418+ return status;
3419+ }
3420+ if (tstream_tls_params_enabled(ldap_service->tls_params)) {
3421+ /* add ldaps server for the global catalog */
3422+ port = 3269;
3423+ status = stream_setup_socket(task, task->event_ctx, lp_ctx,
3424+ model_ops,
3425+ &ldap_stream_nonpriv_ops,
3426+ "ip", address, &port,
3427+ lpcfg_socket_options(lp_ctx),
3428+ ldap_service);
3429+ if (!NT_STATUS_IS_OK(status)) {
3430+ DEBUG(0,("ldapsrv failed to bind to %s:%u - %s\n",
3431+ address, port, nt_errstr(status)));
3432+ return status;
3433+ }
3434+ }
3435+ }
3436+
3437+ /* And once we are bound, free the temporary ldb, it will
3438+ * connect again on each incoming LDAP connection */
3439+ talloc_unlink(ldap_service, ldb);
3440+
3441+ return NT_STATUS_OK;
3442+}
3443+
3444+/*
3445+ open the ldap server sockets
3446+*/
3447+static void ldapsrv_task_init(struct task_server *task)
3448+{
3449+ char *ldapi_path;
3450+#ifdef WITH_LDAPI_PRIV_SOCKET
3451+ char *priv_dir;
3452+#endif
3453+ const char *dns_host_name;
3454+ struct ldapsrv_service *ldap_service;
3455+ NTSTATUS status;
3456+ const struct model_ops *model_ops;
3457+
3458+ switch (lpcfg_server_role(task->lp_ctx)) {
3459+ case ROLE_STANDALONE:
3460+ task_server_terminate(task, "ldap_server: no LDAP server required in standalone configuration",
3461+ false);
3462+ return;
3463+ case ROLE_DOMAIN_MEMBER:
3464+ task_server_terminate(task, "ldap_server: no LDAP server required in member server configuration",
3465+ false);
3466+ return;
3467+ case ROLE_ACTIVE_DIRECTORY_DC:
3468+ /* Yes, we want an LDAP server */
3469+ break;
3470+ }
3471+
3472+ task_server_set_title(task, "task[ldapsrv]");
3473+
3474+ /*
3475+ * Here we used to run the ldap server as a single process,
3476+ * but we don't want transaction locks for one task in a write
3477+ * blocking all other reads, so we go multi-process.
3478+ */
3479+ model_ops = task->model_ops;
3480+
3481+ ldap_service = talloc_zero(task, struct ldapsrv_service);
3482+ if (ldap_service == NULL) goto failed;
3483+
3484+ ldap_service->task = task;
3485+
3486+ dns_host_name = talloc_asprintf(ldap_service, "%s.%s",
3487+ lpcfg_netbios_name(task->lp_ctx),
3488+ lpcfg_dnsdomain(task->lp_ctx));
3489+ if (dns_host_name == NULL) goto failed;
3490+
3491+ status = tstream_tls_params_server(ldap_service,
3492+ dns_host_name,
3493+ lpcfg_tls_enabled(task->lp_ctx),
3494+ lpcfg_tls_keyfile(ldap_service, task->lp_ctx),
3495+ lpcfg_tls_certfile(ldap_service, task->lp_ctx),
3496+ lpcfg_tls_cafile(ldap_service, task->lp_ctx),
3497+ lpcfg_tls_crlfile(ldap_service, task->lp_ctx),
3498+ lpcfg_tls_dhpfile(ldap_service, task->lp_ctx),
3499+ lpcfg_tls_priority(task->lp_ctx),
3500+ &ldap_service->tls_params);
3501+ if (!NT_STATUS_IS_OK(status)) {
3502+ DEBUG(0,("ldapsrv failed tstream_tls_params_server - %s\n",
3503+ nt_errstr(status)));
3504+ goto failed;
3505+ }
3506+
3507+ ldap_service->call_queue = tevent_queue_create(ldap_service, "ldapsrv_call_queue");
3508+ if (ldap_service->call_queue == NULL) goto failed;
3509+
3510+ if (lpcfg_interfaces(task->lp_ctx) && lpcfg_bind_interfaces_only(task->lp_ctx)) {
3511+ struct interface *ifaces;
3512+ int num_interfaces;
3513+ int i;
3514+
3515+ load_interface_list(task, task->lp_ctx, &ifaces);
3516+ num_interfaces = iface_list_count(ifaces);
3517+
3518+ /* We have been given an interfaces line, and been
3519+ told to only bind to those interfaces. Create a
3520+ socket per interface and bind to only these.
3521+ */
3522+ for(i = 0; i < num_interfaces; i++) {
3523+ const char *address = iface_list_n_ip(ifaces, i);
3524+ status = add_socket(task, task->lp_ctx, model_ops, address, ldap_service);
3525+ if (!NT_STATUS_IS_OK(status)) goto failed;
3526+ }
3527+ } else {
3528+ char **wcard;
3529+ int i;
3530+ int num_binds = 0;
3531+ wcard = iface_list_wildcard(task);
3532+ if (wcard == NULL) {
3533+ DEBUG(0,("No wildcard addresses available\n"));
3534+ goto failed;
3535+ }
3536+ for (i=0; wcard[i]; i++) {
3537+ status = add_socket(task, task->lp_ctx, model_ops, wcard[i], ldap_service);
3538+ if (NT_STATUS_IS_OK(status)) {
3539+ num_binds++;
3540+ }
3541+ }
3542+ talloc_free(wcard);
3543+ if (num_binds == 0) {
3544+ goto failed;
3545+ }
3546+ }
3547+
3548+ ldapi_path = lpcfg_private_path(ldap_service, task->lp_ctx, "ldapi");
3549+ if (!ldapi_path) {
3550+ goto failed;
3551+ }
3552+
3553+ status = stream_setup_socket(task, task->event_ctx, task->lp_ctx,
3554+ model_ops, &ldap_stream_nonpriv_ops,
3555+ "unix", ldapi_path, NULL,
3556+ lpcfg_socket_options(task->lp_ctx),
3557+ ldap_service);
3558+ talloc_free(ldapi_path);
3559+ if (!NT_STATUS_IS_OK(status)) {
3560+ DEBUG(0,("ldapsrv failed to bind to %s - %s\n",
3561+ ldapi_path, nt_errstr(status)));
3562+ }
3563+
3564+#ifdef WITH_LDAPI_PRIV_SOCKET
3565+ priv_dir = lpcfg_private_path(ldap_service, task->lp_ctx, "ldap_priv");
3566+ if (priv_dir == NULL) {
3567+ goto failed;
3568+ }
3569+ /*
3570+ * Make sure the directory for the privileged ldapi socket exists, and
3571+ * is of the correct permissions
3572+ */
3573+ if (!directory_create_or_exist(priv_dir, 0750)) {
3574+ task_server_terminate(task, "Cannot create ldap "
3575+ "privileged ldapi directory", true);
3576+ return;
3577+ }
3578+ ldapi_path = talloc_asprintf(ldap_service, "%s/ldapi", priv_dir);
3579+ talloc_free(priv_dir);
3580+ if (ldapi_path == NULL) {
3581+ goto failed;
3582+ }
3583+
3584+ status = stream_setup_socket(task, task->event_ctx, task->lp_ctx,
3585+ model_ops, &ldap_stream_priv_ops,
3586+ "unix", ldapi_path, NULL,
3587+ lpcfg_socket_options(task->lp_ctx),
3588+ ldap_service);
3589+ talloc_free(ldapi_path);
3590+ if (!NT_STATUS_IS_OK(status)) {
3591+ DEBUG(0,("ldapsrv failed to bind to %s - %s\n",
3592+ ldapi_path, nt_errstr(status)));
3593+ }
3594+
3595+#endif
3596+
3597+ /* register the server */
3598+ irpc_add_name(task->msg_ctx, "ldap_server");
3599+ return;
3600+
3601+failed:
3602+ task_server_terminate(task, "Failed to startup ldap server task", true);
3603+}
3604+
3605+
3606+NTSTATUS server_service_ldap_init(TALLOC_CTX *ctx)
3607+{
3608+ return register_server_service(ctx, "ldap", ldapsrv_task_init);
3609+}
3610diff --git a/source4/ldap_server/ldap_server.h b/source4/ldap_server/ldap_server.h
3611new file mode 100644
3612index 0000000..d3e31fb
3613--- /dev/null
3614+++ b/source4/ldap_server/ldap_server.h
3615@@ -0,0 +1,105 @@
3616+/*
3617+ Unix SMB/CIFS implementation.
3618+ LDAP server
3619+ Copyright (C) Volker Lendecke 2004
3620+ Copyright (C) Stefan Metzmacher 2004
3621+
3622+ This program is free software; you can redistribute it and/or modify
3623+ it under the terms of the GNU General Public License as published by
3624+ the Free Software Foundation; either version 3 of the License, or
3625+ (at your option) any later version.
3626+
3627+ This program is distributed in the hope that it will be useful,
3628+ but WITHOUT ANY WARRANTY; without even the implied warranty of
3629+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
3630+ GNU General Public License for more details.
3631+
3632+ You should have received a copy of the GNU General Public License
3633+ along with this program. If not, see <http://www.gnu.org/licenses/>.
3634+*/
3635+
3636+#include "libcli/ldap/libcli_ldap.h"
3637+#include "lib/socket/socket.h"
3638+#include "lib/stream/packet.h"
3639+#include "system/network.h"
3640+#include "lib/param/loadparm.h"
3641+
3642+struct ldapsrv_connection {
3643+ struct ldapsrv_connection *next, *prev;
3644+ struct loadparm_context *lp_ctx;
3645+ struct stream_connection *connection;
3646+ struct gensec_security *gensec;
3647+ struct auth_session_info *session_info;
3648+ struct ldapsrv_service *service;
3649+ struct cli_credentials *server_credentials;
3650+ struct ldb_context *ldb;
3651+
3652+ struct {
3653+ struct tevent_queue *send_queue;
3654+ struct tevent_req *read_req;
3655+ struct tstream_context *raw;
3656+ struct tstream_context *tls;
3657+ struct tstream_context *sasl;
3658+ struct tstream_context *active;
3659+ } sockets;
3660+
3661+ bool global_catalog;
3662+ bool is_privileged;
3663+ enum ldap_server_require_strong_auth require_strong_auth;
3664+ bool authz_logged;
3665+
3666+ struct {
3667+ int initial_timeout;
3668+ int conn_idle_time;
3669+ int max_page_size;
3670+ int max_notifications;
3671+ int search_timeout;
3672+ struct timeval endtime;
3673+ const char *reason;
3674+ } limits;
3675+
3676+ struct tevent_req *active_call;
3677+
3678+ struct ldapsrv_call *pending_calls;
3679+};
3680+
3681+struct ldapsrv_call {
3682+ struct ldapsrv_call *prev, *next;
3683+ struct ldapsrv_connection *conn;
3684+ struct ldap_message *request;
3685+ struct ldapsrv_reply {
3686+ struct ldapsrv_reply *prev, *next;
3687+ struct ldap_message *msg;
3688+ } *replies;
3689+ struct iovec out_iov;
3690+
3691+ struct tevent_req *(*wait_send)(TALLOC_CTX *mem_ctx,
3692+ struct tevent_context *ev,
3693+ void *private_data);
3694+ NTSTATUS (*wait_recv)(struct tevent_req *req);
3695+ void *wait_private;
3696+
3697+ struct tevent_req *(*postprocess_send)(TALLOC_CTX *mem_ctx,
3698+ struct tevent_context *ev,
3699+ void *private_data);
3700+ NTSTATUS (*postprocess_recv)(struct tevent_req *req);
3701+ void *postprocess_private;
3702+
3703+ struct {
3704+ bool busy;
3705+ uint64_t generation;
3706+ } notification;
3707+};
3708+
3709+struct ldapsrv_service {
3710+ struct tstream_tls_params *tls_params;
3711+ struct task_server *task;
3712+ struct tevent_queue *call_queue;
3713+ struct ldapsrv_connection *connections;
3714+ struct {
3715+ uint64_t generation;
3716+ struct tevent_req *retry;
3717+ } notification;
3718+};
3719+
3720+#include "ldap_server/proto.h"
3721diff --git a/source4/ldap_server/wscript_build b/source4/ldap_server/wscript_build
3722new file mode 100644
3723index 0000000..881cc89
3724--- /dev/null
3725+++ b/source4/ldap_server/wscript_build
3726@@ -0,0 +1,13 @@
3727+#!/usr/bin/env python
3728+
3729+
3730+bld.SAMBA_MODULE('service_ldap',
3731+ source='ldap_server.c ldap_backend.c ldap_bind.c ldap_extended.c',
3732+ autoproto='proto.h',
3733+ subsystem='service',
3734+ init_function='server_service_ldap_init',
3735+ deps='samba-credentials cli-ldap samdb process_model gensec samba-hostconfig samba_server_gensec common_auth',
3736+ internal_module=False,
3737+ enabled=bld.AD_DC_BUILD_IS_ENABLED()
3738+ )
3739+
3740diff --git a/source4/lib/cmdline/credentials.c b/source4/lib/cmdline/credentials.c
3741new file mode 100644
3742index 0000000..fb517f3
3743--- /dev/null
3744+++ b/source4/lib/cmdline/credentials.c
3745@@ -0,0 +1,54 @@
3746+/*
3747+ Unix SMB/CIFS implementation.
3748+
3749+ Copyright (C) Jelmer Vernooij 2005
3750+
3751+ This program is free software; you can redistribute it and/or modify
3752+ it under the terms of the GNU General Public License as published by
3753+ the Free Software Foundation; either version 3 of the License, or
3754+ (at your option) any later version.
3755+
3756+ This program is distributed in the hope that it will be useful,
3757+ but WITHOUT ANY WARRANTY; without even the implied warranty of
3758+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
3759+ GNU General Public License for more details.
3760+
3761+ You should have received a copy of the GNU General Public License
3762+ along with this program. If not, see <http://www.gnu.org/licenses/>.
3763+*/
3764+
3765+#include "includes.h"
3766+#include "system/filesys.h"
3767+#include "auth/credentials/credentials.h"
3768+#include "lib/cmdline/credentials.h"
3769+
3770+static const char *cmdline_get_userpassword(struct cli_credentials *credentials)
3771+{
3772+ TALLOC_CTX *mem_ctx = talloc_new(NULL);
3773+ const char *prompt_name = cli_credentials_get_unparsed_name(credentials, mem_ctx);
3774+ const char *prompt;
3775+ static char pwd[256]; /* FIXME: Return a dup pwd and free it. */
3776+ int rc;
3777+
3778+ prompt = talloc_asprintf(mem_ctx, "Password for [%s]:",
3779+ prompt_name);
3780+
3781+ memset(pwd, '\0', sizeof(pwd));
3782+ rc = samba_getpass(prompt, pwd, sizeof(pwd), false, false);
3783+ talloc_free(mem_ctx);
3784+ if (rc < 0) {
3785+ return NULL;
3786+ }
3787+
3788+ return pwd;
3789+}
3790+
3791+bool cli_credentials_set_cmdline_callbacks(struct cli_credentials *cred)
3792+{
3793+ if (isatty(fileno(stdout))) {
3794+ cli_credentials_set_password_callback(cred, cmdline_get_userpassword);
3795+ return true;
3796+ }
3797+
3798+ return false;
3799+}
3800diff --git a/source4/lib/cmdline/popt_common.c b/source4/lib/cmdline/popt_common.c
3801new file mode 100644
3802index 0000000..5fce312
3803--- /dev/null
3804+++ b/source4/lib/cmdline/popt_common.c
3805@@ -0,0 +1,235 @@
3806+/*
3807+ Unix SMB/CIFS implementation.
3808+ Common popt routines
3809+
3810+ Copyright (C) Tim Potter 2001,2002
3811+ Copyright (C) Jelmer Vernooij 2002,2003,2005
3812+
3813+ This program is free software; you can redistribute it and/or modify
3814+ it under the terms of the GNU General Public License as published by
3815+ the Free Software Foundation; either version 3 of the License, or
3816+ (at your option) any later version.
3817+
3818+ This program is distributed in the hope that it will be useful,
3819+ but WITHOUT ANY WARRANTY; without even the implied warranty of
3820+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
3821+ GNU General Public License for more details.
3822+
3823+ You should have received a copy of the GNU General Public License
3824+ along with this program. If not, see <http://www.gnu.org/licenses/>.
3825+*/
3826+
3827+#include "includes.h"
3828+#include "version.h"
3829+#include "lib/cmdline/popt_common.h"
3830+#include "param/param.h"
3831+
3832+/* Handle command line options:
3833+ * -d,--debuglevel
3834+ * -s,--configfile
3835+ * -O,--socket-options
3836+ * -V,--version
3837+ * -l,--log-base
3838+ * -n,--netbios-name
3839+ * -W,--workgroup
3840+ * --realm
3841+ * -i,--scope
3842+ */
3843+
3844+enum {OPT_OPTION=1,OPT_LEAK_REPORT,OPT_LEAK_REPORT_FULL,OPT_DEBUG_STDERR};
3845+
3846+static struct cli_credentials *cmdline_credentials = NULL;
3847+
3848+void popt_set_cmdline_credentials(struct cli_credentials *creds)
3849+{
3850+ cmdline_credentials = creds;
3851+}
3852+
3853+struct cli_credentials *popt_get_cmdline_credentials(void)
3854+{
3855+ return cmdline_credentials;
3856+}
3857+
3858+void popt_free_cmdline_credentials(void)
3859+{
3860+ TALLOC_FREE(cmdline_credentials);
3861+}
3862+
3863+struct loadparm_context *cmdline_lp_ctx = NULL;
3864+
3865+static void popt_version_callback(poptContext con,
3866+ enum poptCallbackReason reason,
3867+ const struct poptOption *opt,
3868+ const char *arg, const void *data)
3869+{
3870+ switch(opt->val) {
3871+ case 'V':
3872+ printf("Version %s\n", SAMBA_VERSION_STRING );
3873+ exit(0);
3874+ }
3875+}
3876+
3877+static void popt_s4_talloc_log_fn(const char *message)
3878+{
3879+ DEBUG(0,("%s", message));
3880+}
3881+
3882+static void popt_samba_callback(poptContext con,
3883+ enum poptCallbackReason reason,
3884+ const struct poptOption *opt,
3885+ const char *arg, const void *data)
3886+{
3887+ const char *pname;
3888+
3889+ if (reason == POPT_CALLBACK_REASON_POST) {
3890+ if (lpcfg_configfile(cmdline_lp_ctx) == NULL) {
3891+ lpcfg_load_default(cmdline_lp_ctx);
3892+ }
3893+ /* Hook any 'every Samba program must do this, after
3894+ * the smb.conf is setup' functions here */
3895+ return;
3896+ }
3897+
3898+ /* Find out basename of current program */
3899+ pname = strrchr_m(poptGetInvocationName(con),'/');
3900+
3901+ if (!pname)
3902+ pname = poptGetInvocationName(con);
3903+ else
3904+ pname++;
3905+
3906+ if (reason == POPT_CALLBACK_REASON_PRE) {
3907+ /* Hook for 'almost the first thing to do in a samba program' here */
3908+ /* setup for panics */
3909+ fault_setup();
3910+
3911+ /* and logging */
3912+ setup_logging(pname, DEBUG_DEFAULT_STDOUT);
3913+ talloc_set_log_fn(popt_s4_talloc_log_fn);
3914+ talloc_set_abort_fn(smb_panic);
3915+
3916+ cmdline_lp_ctx = loadparm_init_global(false);
3917+ return;
3918+ }
3919+
3920+ switch(opt->val) {
3921+
3922+ case OPT_LEAK_REPORT:
3923+ talloc_enable_leak_report();
3924+ break;
3925+
3926+ case OPT_LEAK_REPORT_FULL:
3927+ talloc_enable_leak_report_full();
3928+ break;
3929+
3930+ case OPT_OPTION:
3931+ if (!lpcfg_set_option(cmdline_lp_ctx, arg)) {
3932+ fprintf(stderr, "Error setting option '%s'\n", arg);
3933+ exit(1);
3934+ }
3935+ break;
3936+
3937+ case 'd':
3938+ lpcfg_set_cmdline(cmdline_lp_ctx, "log level", arg);
3939+ break;
3940+
3941+ case OPT_DEBUG_STDERR:
3942+ setup_logging(pname, DEBUG_STDERR);
3943+ break;
3944+
3945+ case 's':
3946+ if (arg) {
3947+ lpcfg_load(cmdline_lp_ctx, arg);
3948+ }
3949+ break;
3950+
3951+ case 'l':
3952+ if (arg) {
3953+ char *new_logfile = talloc_asprintf(NULL, "%s/log.%s", arg, pname);
3954+ lpcfg_set_cmdline(cmdline_lp_ctx, "log file", new_logfile);
3955+ talloc_free(new_logfile);
3956+ }
3957+ break;
3958+
3959+
3960+ }
3961+
3962+}
3963+
3964+
3965+static void popt_common_callback(poptContext con,
3966+ enum poptCallbackReason reason,
3967+ const struct poptOption *opt,
3968+ const char *arg, const void *data)
3969+{
3970+ struct loadparm_context *lp_ctx = cmdline_lp_ctx;
3971+
3972+ switch(opt->val) {
3973+ case 'O':
3974+ if (arg) {
3975+ lpcfg_set_cmdline(lp_ctx, "socket options", arg);
3976+ }
3977+ break;
3978+
3979+ case 'W':
3980+ lpcfg_set_cmdline(lp_ctx, "workgroup", arg);
3981+ break;
3982+
3983+ case 'r':
3984+ lpcfg_set_cmdline(lp_ctx, "realm", arg);
3985+ break;
3986+
3987+ case 'n':
3988+ lpcfg_set_cmdline(lp_ctx, "netbios name", arg);
3989+ break;
3990+
3991+ case 'i':
3992+ lpcfg_set_cmdline(lp_ctx, "netbios scope", arg);
3993+ break;
3994+
3995+ case 'm':
3996+ lpcfg_set_cmdline(lp_ctx, "client max protocol", arg);
3997+ break;
3998+
3999+ case 'R':
4000+ lpcfg_set_cmdline(lp_ctx, "name resolve order", arg);
4001+ break;
4002+
4003+ case 'S':
4004+ lpcfg_set_cmdline(lp_ctx, "client signing", arg);
4005+ break;
4006+
4007+ }
4008+}
4009+
4010+struct poptOption popt_common_connection4[] = {
4011+ { NULL, 0, POPT_ARG_CALLBACK, (void *)popt_common_callback },
4012+ { "name-resolve", 'R', POPT_ARG_STRING, NULL, 'R', "Use these name resolution services only", "NAME-RESOLVE-ORDER" },
4013+ { "socket-options", 'O', POPT_ARG_STRING, NULL, 'O', "socket options to use", "SOCKETOPTIONS" },
4014+ { "netbiosname", 'n', POPT_ARG_STRING, NULL, 'n', "Primary netbios name", "NETBIOSNAME" },
4015+ { "signing", 'S', POPT_ARG_STRING, NULL, 'S', "Set the client signing state", "on|off|required" },
4016+ { "workgroup", 'W', POPT_ARG_STRING, NULL, 'W', "Set the workgroup name", "WORKGROUP" },
4017+ { "realm", 0, POPT_ARG_STRING, NULL, 'r', "Set the realm name", "REALM" },
4018+ { "scope", 'i', POPT_ARG_STRING, NULL, 'i', "Use this Netbios scope", "SCOPE" },
4019+ { "maxprotocol", 'm', POPT_ARG_STRING, NULL, 'm', "Set max protocol level", "MAXPROTOCOL" },
4020+ { NULL }
4021+};
4022+
4023+struct poptOption popt_common_samba4[] = {
4024+ { NULL, 0, POPT_ARG_CALLBACK|POPT_CBFLAG_PRE|POPT_CBFLAG_POST, (void *)popt_samba_callback },
4025+ { "debuglevel", 'd', POPT_ARG_STRING, NULL, 'd', "Set debug level", "DEBUGLEVEL" },
4026+ { "debug-stderr", 0, POPT_ARG_NONE, NULL, OPT_DEBUG_STDERR, "Send debug output to STDERR", NULL },
4027+ { "configfile", 's', POPT_ARG_STRING, NULL, 's', "Use alternative configuration file", "CONFIGFILE" },
4028+ { "option", 0, POPT_ARG_STRING, NULL, OPT_OPTION, "Set smb.conf option from command line", "name=value" },
4029+ { "log-basename", 'l', POPT_ARG_STRING, NULL, 'l', "Basename for log/debug files", "LOGFILEBASE" },
4030+ { "leak-report", 0, POPT_ARG_NONE, NULL, OPT_LEAK_REPORT, "enable talloc leak reporting on exit", NULL },
4031+ { "leak-report-full",0, POPT_ARG_NONE, NULL, OPT_LEAK_REPORT_FULL, "enable full talloc leak reporting on exit", NULL },
4032+ { NULL }
4033+};
4034+
4035+struct poptOption popt_common_version4[] = {
4036+ { NULL, 0, POPT_ARG_CALLBACK, (void *)popt_version_callback },
4037+ { "version", 'V', POPT_ARG_NONE, NULL, 'V', "Print version" },
4038+ { NULL }
4039+};
4040+
4041diff --git a/source4/lib/cmdline/popt_common.h b/source4/lib/cmdline/popt_common.h
4042new file mode 100644
4043index 0000000..4271aa4
4044--- /dev/null
4045+++ b/source4/lib/cmdline/popt_common.h
4046@@ -0,0 +1,47 @@
4047+/*
4048+ Unix SMB/CIFS implementation.
4049+ Common popt arguments
4050+ Copyright (C) Jelmer Vernooij 2003
4051+
4052+ This program is free software; you can redistribute it and/or modify
4053+ it under the terms of the GNU General Public License as published by
4054+ the Free Software Foundation; either version 3 of the License, or
4055+ (at your option) any later version.
4056+
4057+ This program is distributed in the hope that it will be useful,
4058+ but WITHOUT ANY WARRANTY; without even the implied warranty of
4059+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
4060+ GNU General Public License for more details.
4061+
4062+ You should have received a copy of the GNU General Public License
4063+ along with this program. If not, see <http://www.gnu.org/licenses/>.
4064+*/
4065+
4066+#ifndef _POPT_COMMON_H
4067+#define _POPT_COMMON_H
4068+
4069+#include <popt.h>
4070+
4071+/* Common popt structures */
4072+extern struct poptOption popt_common_samba4[];
4073+extern struct poptOption popt_common_connection4[];
4074+extern struct poptOption popt_common_version4[];
4075+extern struct poptOption popt_common_credentials4[];
4076+
4077+#ifndef POPT_TABLEEND
4078+#define POPT_TABLEEND { NULL, '\0', 0, 0, 0, NULL, NULL }
4079+#endif
4080+
4081+#define POPT_COMMON_SAMBA { NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_samba4, 0, "Common Samba options:", NULL },
4082+#define POPT_COMMON_CONNECTION { NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_connection4, 0, "Connection options:", NULL },
4083+#define POPT_COMMON_VERSION { NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_version4, 0, "Version options:", NULL },
4084+#define POPT_COMMON_CREDENTIALS { NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_credentials4, 0, "Authentication options:", NULL },
4085+
4086+struct cli_credentials;
4087+
4088+void popt_set_cmdline_credentials(struct cli_credentials *creds);
4089+struct cli_credentials *popt_get_cmdline_credentials(void);
4090+void popt_free_cmdline_credentials(void);
4091+extern struct loadparm_context *cmdline_lp_ctx;
4092+
4093+#endif /* _POPT_COMMON_H */
4094diff --git a/source4/lib/cmdline/popt_credentials.c b/source4/lib/cmdline/popt_credentials.c
4095new file mode 100644
4096index 0000000..c06b8c7
4097--- /dev/null
4098+++ b/source4/lib/cmdline/popt_credentials.c
4099@@ -0,0 +1,190 @@
4100+/*
4101+ Unix SMB/CIFS implementation.
4102+ Credentials popt routines
4103+
4104+ Copyright (C) Jelmer Vernooij 2002,2003,2005
4105+
4106+ This program is free software; you can redistribute it and/or modify
4107+ it under the terms of the GNU General Public License as published by
4108+ the Free Software Foundation; either version 3 of the License, or
4109+ (at your option) any later version.
4110+
4111+ This program is distributed in the hope that it will be useful,
4112+ but WITHOUT ANY WARRANTY; without even the implied warranty of
4113+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
4114+ GNU General Public License for more details.
4115+
4116+ You should have received a copy of the GNU General Public License
4117+ along with this program. If not, see <http://www.gnu.org/licenses/>.
4118+*/
4119+
4120+#include "includes.h"
4121+#include "lib/cmdline/popt_common.h"
4122+#include "lib/cmdline/credentials.h"
4123+#include "auth/credentials/credentials.h"
4124+#include "auth/gensec/gensec.h"
4125+#include "param/param.h"
4126+
4127+/* Handle command line options:
4128+ * -U,--user
4129+ * -A,--authentication-file
4130+ * -k,--use-kerberos
4131+ * -N,--no-pass
4132+ * -S,--signing
4133+ * -P,--machine-pass
4134+ * --simple-bind-dn
4135+ * --password
4136+ * --krb5-ccache
4137+ */
4138+
4139+static bool dont_ask;
4140+static bool machine_account_pending;
4141+
4142+enum opt { OPT_SIMPLE_BIND_DN, OPT_PASSWORD, OPT_KERBEROS, OPT_SIGN, OPT_ENCRYPT, OPT_KRB5_CCACHE };
4143+
4144+static void popt_common_credentials_callback(poptContext con,
4145+ enum poptCallbackReason reason,
4146+ const struct poptOption *opt,
4147+ const char *arg, const void *data)
4148+{
4149+ if (reason == POPT_CALLBACK_REASON_PRE) {
4150+ popt_set_cmdline_credentials(cli_credentials_init(NULL));
4151+ return;
4152+ }
4153+
4154+ if (reason == POPT_CALLBACK_REASON_POST) {
4155+ cli_credentials_guess(popt_get_cmdline_credentials(),
4156+ cmdline_lp_ctx);
4157+
4158+ if (!dont_ask) {
4159+ cli_credentials_set_cmdline_callbacks(
4160+ popt_get_cmdline_credentials());
4161+ }
4162+
4163+ if (machine_account_pending) {
4164+ cli_credentials_set_machine_account(
4165+ popt_get_cmdline_credentials(), cmdline_lp_ctx);
4166+ }
4167+
4168+ return;
4169+
4170+ }
4171+
4172+ switch(opt->val) {
4173+ case 'U':
4174+ {
4175+ char *lp;
4176+
4177+ cli_credentials_parse_string(
4178+ popt_get_cmdline_credentials(), arg, CRED_SPECIFIED);
4179+ /* This breaks the abstraction, including the const above */
4180+ if ((lp=strchr_m(arg,'%'))) {
4181+ lp[0]='\0';
4182+ lp++;
4183+ /* Try to prevent this showing up in ps */
4184+ memset(lp,0,strlen(lp));
4185+ }
4186+ }
4187+ break;
4188+
4189+ case OPT_PASSWORD:
4190+ cli_credentials_set_password(popt_get_cmdline_credentials(),
4191+ arg, CRED_SPECIFIED);
4192+ /* Try to prevent this showing up in ps */
4193+ memset(discard_const(arg),0,strlen(arg));
4194+ break;
4195+
4196+ case 'A':
4197+ cli_credentials_parse_file(popt_get_cmdline_credentials(),
4198+ arg, CRED_SPECIFIED);
4199+ break;
4200+
4201+ case 'P':
4202+ /* Later, after this is all over, get the machine account details from the secrets.ldb */
4203+ machine_account_pending = true;
4204+ break;
4205+
4206+ case OPT_KERBEROS:
4207+ {
4208+ bool use_kerberos = true;
4209+ /* Force us to only use kerberos */
4210+ if (arg) {
4211+ if (!set_boolean(arg, &use_kerberos)) {
4212+ fprintf(stderr, "Error parsing -k %s. Should be "
4213+ "-k [yes|no]\n", arg);
4214+ exit(1);
4215+ break;
4216+ }
4217+ }
4218+
4219+ cli_credentials_set_kerberos_state(
4220+ popt_get_cmdline_credentials(),
4221+ use_kerberos
4222+ ? CRED_MUST_USE_KERBEROS
4223+ : CRED_DONT_USE_KERBEROS);
4224+ break;
4225+ }
4226+
4227+ case OPT_SIMPLE_BIND_DN:
4228+ {
4229+ cli_credentials_set_bind_dn(popt_get_cmdline_credentials(),
4230+ arg);
4231+ break;
4232+ }
4233+ case OPT_KRB5_CCACHE:
4234+ {
4235+ const char *error_string;
4236+ if (cli_credentials_set_ccache(
4237+ popt_get_cmdline_credentials(), cmdline_lp_ctx,
4238+ arg, CRED_SPECIFIED,
4239+ &error_string) != 0) {
4240+ fprintf(stderr, "Error reading krb5 credentials cache: '%s' %s", arg, error_string);
4241+ exit(1);
4242+ }
4243+ break;
4244+ }
4245+ case OPT_SIGN:
4246+ {
4247+ uint32_t gensec_features;
4248+
4249+ gensec_features = cli_credentials_get_gensec_features(
4250+ popt_get_cmdline_credentials());
4251+
4252+ gensec_features |= GENSEC_FEATURE_SIGN;
4253+ cli_credentials_set_gensec_features(
4254+ popt_get_cmdline_credentials(),
4255+ gensec_features);
4256+ break;
4257+ }
4258+ case OPT_ENCRYPT:
4259+ {
4260+ uint32_t gensec_features;
4261+
4262+ gensec_features = cli_credentials_get_gensec_features(
4263+ popt_get_cmdline_credentials());
4264+
4265+ gensec_features |= GENSEC_FEATURE_SEAL;
4266+ cli_credentials_set_gensec_features(
4267+ popt_get_cmdline_credentials(),
4268+ gensec_features);
4269+ break;
4270+ }
4271+ }
4272+}
4273+
4274+
4275+
4276+struct poptOption popt_common_credentials4[] = {
4277+ { NULL, 0, POPT_ARG_CALLBACK|POPT_CBFLAG_PRE|POPT_CBFLAG_POST, (void *)popt_common_credentials_callback },
4278+ { "user", 'U', POPT_ARG_STRING, NULL, 'U', "Set the network username", "[DOMAIN/]USERNAME[%PASSWORD]" },
4279+ { "no-pass", 'N', POPT_ARG_NONE, &dont_ask, 'N', "Don't ask for a password" },
4280+ { "password", 0, POPT_ARG_STRING, NULL, OPT_PASSWORD, "Password" },
4281+ { "authentication-file", 'A', POPT_ARG_STRING, NULL, 'A', "Get the credentials from a file", "FILE" },
4282+ { "machine-pass", 'P', POPT_ARG_NONE, NULL, 'P', "Use stored machine account password" },
4283+ { "simple-bind-dn", 0, POPT_ARG_STRING, NULL, OPT_SIMPLE_BIND_DN, "DN to use for a simple bind" },
4284+ { "kerberos", 'k', POPT_ARG_STRING, NULL, OPT_KERBEROS, "Use Kerberos, -k [yes|no]" },
4285+ { "krb5-ccache", 0, POPT_ARG_STRING, NULL, OPT_KRB5_CCACHE, "Credentials cache location for Kerberos" },
4286+ { "sign", 'S', POPT_ARG_NONE, NULL, OPT_SIGN, "Sign connection to prevent modification in transit" },
4287+ { "encrypt", 'e', POPT_ARG_NONE, NULL, OPT_ENCRYPT, "Encrypt connection for privacy" },
4288+ { NULL }
4289+};
4290diff --git a/source4/lib/cmdline/wscript_build b/source4/lib/cmdline/wscript_build
4291new file mode 100644
4292index 0000000..f8df22a
4293--- /dev/null
4294+++ b/source4/lib/cmdline/wscript_build
4295@@ -0,0 +1,23 @@
4296+#!/usr/bin/env python
4297+
4298+bld.SAMBA_LIBRARY('cmdline-credentials',
4299+ source='credentials.c',
4300+ autoproto='credentials.h',
4301+ public_deps='samba-credentials popt',
4302+ deps='samba-util',
4303+ private_library=True)
4304+
4305+bld.SAMBA_SUBSYSTEM('POPT_SAMBA',
4306+ source='popt_common.c',
4307+ public_deps='popt',
4308+ header_path='samba',
4309+ deps='talloc samba-hostconfig'
4310+ )
4311+
4312+bld.SAMBA_SUBSYSTEM('POPT_CREDENTIALS',
4313+ source='popt_credentials.c',
4314+ autoproto='popt_credentials.h',
4315+ public_deps='samba-credentials CREDENTIALS_SECRETS cmdline-credentials popt',
4316+ deps='samba-util'
4317+ )
4318+
4319diff --git a/source4/lib/com/README b/source4/lib/com/README
4320new file mode 100644
4321index 0000000..361024e
4322--- /dev/null
4323+++ b/source4/lib/com/README
4324@@ -0,0 +1,9 @@
4325+This directory contains Samba's very simple COM implementation.
4326+It is by no means finished yet.
4327+
4328+The main aim of this implementation is for use by our DCOM implementation,
4329+which lives in the dcom subdirectory. The local version is used mostly for
4330+testing.
4331+
4332+More information on this effort can be found in the DCOM whitepaper in
4333+the lorikeet repository.
4334diff --git a/source4/lib/com/classes/simple.c b/source4/lib/com/classes/simple.c
4335new file mode 100644
4336index 0000000..7d05733
4337--- /dev/null
4338+++ b/source4/lib/com/classes/simple.c
4339@@ -0,0 +1,124 @@
4340+/*
4341+ Unix SMB/CIFS implementation.
4342+ Simple class
4343+ Copyright (C) 2004-2005 Jelmer Vernooij <jelmer@samba.org>
4344+
4345+ This program is free software; you can redistribute it and/or modify
4346+ it under the terms of the GNU General Public License as published by
4347+ the Free Software Foundation; either version 2 of the License, or
4348+ (at your option) any later version.
4349+
4350+ This program is distributed in the hope that it will be useful,
4351+ but WITHOUT ANY WARRANTY; without even the implied warranty of
4352+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
4353+ GNU General Public License for more details.
4354+
4355+ You should have received a copy of the GNU General Public License
4356+ along with this program; if not, write to the Free Software
4357+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
4358+*/
4359+
4360+#include "includes.h"
4361+#include "lib/com/com.h"
4362+#include "librpc/gen_ndr/com_dcom.h"
4363+
4364+NTSTATUS com_simple_init(TALLOC_CTX *);
4365+
4366+static struct IClassFactory_vtable simple_classobject_vtable;
4367+static struct IStream_vtable simple_IStream_vtable;
4368+
4369+static WERROR simple_IUnknown_QueryInterface (struct IUnknown *d, TALLOC_CTX *mem_ctx, struct GUID *iid, struct IUnknown **iun)
4370+{
4371+ *iun = d;
4372+ return WERR_OK;
4373+}
4374+
4375+static uint32_t simple_IUnknown_AddRef (struct IUnknown *d, TALLOC_CTX *mem_ctx)
4376+{
4377+ return 1;
4378+}
4379+
4380+static uint32_t simple_IUnknown_Release (struct IUnknown *d, TALLOC_CTX *mem_ctx)
4381+{
4382+ return 1;
4383+}
4384+
4385+static WERROR simple_IStream_Read (struct IStream *d, TALLOC_CTX *mem_ctx, uint8_t *pv, uint32_t num_requested, uint32_t *num_readx, uint32_t num_read)
4386+{
4387+ printf("%d bytes are being read\n", num_read);
4388+ return WERR_OK;
4389+}
4390+
4391+static WERROR simple_IStream_Write (struct IStream *d, TALLOC_CTX *mem_ctx, uint8_t *data, uint32_t num_requested, uint32_t num_written)
4392+{
4393+ printf("%d bytes are being written\n", num_requested);
4394+ return WERR_OK;
4395+}
4396+
4397+static WERROR simpleclass_IUnknown_QueryInterface (struct IUnknown *d, TALLOC_CTX *mem_ctx, struct GUID *iid, struct IUnknown **iun)
4398+{
4399+ /* FIXME: Return WERR_IFACE_NOT_SUPPORTED if IID != IID_IUNKNOWN and IID != IID_CLASSFACTORY */
4400+ *iun = d;
4401+ return WERR_OK;
4402+}
4403+
4404+static WERROR simpleclass_IClassFactory_CreateInstance (struct IClassFactory *d, TALLOC_CTX *mem_ctx, struct IUnknown *iunk, struct GUID *iid, struct IUnknown **ppv)
4405+{
4406+ struct IStream *ret;
4407+ /* FIXME: Check whether IID == ISTREAM_IID */
4408+ ret = talloc(mem_ctx, struct IStream);
4409+ ret->ctx = NULL;
4410+ ret->vtable = &simple_IStream_vtable;
4411+ ret->object_data = NULL;
4412+
4413+ *ppv = (struct IUnknown *)ret;
4414+
4415+ return WERR_OK;
4416+}
4417+
4418+static uint32_t simpleclass_IUnknown_AddRef (struct IUnknown *d, TALLOC_CTX *mem_ctx)
4419+{
4420+ return 1;
4421+}
4422+
4423+static uint32_t simpleclass_IUnknown_Release (struct IUnknown *d, TALLOC_CTX *mem_ctx)
4424+{
4425+ return 1;
4426+}
4427+
4428+/* Everything below this line should be autogenerated later on */
4429+static struct IClassFactory_vtable simple_classobject_vtable = {
4430+ { 0, 0, 0, { 0, 0 }, { 0, 0, 0, 0, 0, 0 } },
4431+ simpleclass_IUnknown_QueryInterface,
4432+ simpleclass_IUnknown_AddRef,
4433+ simpleclass_IUnknown_Release,
4434+ simpleclass_IClassFactory_CreateInstance,
4435+ NULL,
4436+ NULL,
4437+ NULL
4438+};
4439+
4440+static struct IStream_vtable simple_IStream_vtable = {
4441+ { 0, 0, 0, { 0, 0 }, { 0, 0, 0, 0, 0, 0 } },
4442+ simple_IUnknown_QueryInterface,
4443+ simple_IUnknown_AddRef,
4444+ simple_IUnknown_Release,
4445+ simple_IStream_Read,
4446+ simple_IStream_Write
4447+};
4448+
4449+NTSTATUS com_simple_init(TALLOC_CTX *ctx)
4450+{
4451+ struct GUID clsid;
4452+ struct IUnknown *class_object = talloc(ctx, struct IUnknown);
4453+
4454+ class_object->ctx = NULL;
4455+ class_object->object_data = NULL;
4456+ class_object->vtable = (struct IUnknown_vtable *)&simple_classobject_vtable;
4457+
4458+ GUID_from_string(CLSID_SIMPLE, &clsid);
4459+ GUID_from_string(COM_ICLASSFACTORY_UUID, &simple_classobject_vtable.iid);
4460+ GUID_from_string(COM_ISTREAM_UUID, &simple_IStream_vtable.iid);
4461+
4462+ return com_register_running_class(ctx, &clsid, PROGID_SIMPLE, class_object);
4463+}
4464diff --git a/source4/lib/com/com.h b/source4/lib/com/com.h
4465new file mode 100644
4466index 0000000..56cd210
4467--- /dev/null
4468+++ b/source4/lib/com/com.h
4469@@ -0,0 +1,53 @@
4470+/*
4471+ Unix SMB/CIFS implementation.
4472+ Utility functions for Samba
4473+ Copyright (C) Jelmer Vernooij 2008
4474+
4475+ This program is free software; you can redistribute it and/or modify
4476+ it under the terms of the GNU General Public License as published by
4477+ the Free Software Foundation; either version 3 of the License, or
4478+ (at your option) any later version.
4479+
4480+ This program is distributed in the hope that it will be useful,
4481+ but WITHOUT ANY WARRANTY; without even the implied warranty of
4482+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
4483+ GNU General Public License for more details.
4484+
4485+ You should have received a copy of the GNU General Public License
4486+ along with this program. If not, see <http://www.gnu.org/licenses/>.
4487+*/
4488+
4489+#ifndef __SAMBA_COM_H__
4490+#define __SAMBA_COM_H__
4491+
4492+#include <talloc.h>
4493+#include "librpc/gen_ndr/misc.h"
4494+
4495+struct com_context;
4496+struct tevent_context;
4497+
4498+struct com_context
4499+{
4500+ struct dcom_client_context *dcom;
4501+ struct tevent_context *event_ctx;
4502+ struct com_extension {
4503+ uint32_t id;
4504+ void *data;
4505+ struct com_extension *prev, *next;
4506+ } *extensions;
4507+ struct loadparm_context *lp_ctx;
4508+};
4509+
4510+struct IUnknown *com_class_by_clsid(struct com_context *ctx, const struct GUID *clsid);
4511+NTSTATUS com_register_running_class(TALLOC_CTX *ctx, struct GUID *clsid, const char *progid, struct IUnknown *p);
4512+
4513+struct dcom_interface_p *dcom_get_local_iface_p(struct GUID *ipid);
4514+
4515+WERROR com_init_ctx(struct com_context **ctx, struct tevent_context *event_ctx);
4516+WERROR com_create_object(struct com_context *ctx, struct GUID *clsid, int num_ifaces, struct GUID *iid, struct IUnknown **ip, WERROR *results);
4517+WERROR com_get_class_object(struct com_context *ctx, struct GUID *clsid, struct GUID *iid, struct IUnknown **ip);
4518+NTSTATUS com_init(void);
4519+
4520+typedef struct IUnknown *(*get_class_object_function) (const struct GUID *clsid);
4521+
4522+#endif /* __SAMBA_COM_H__ */
4523diff --git a/source4/lib/com/dcom/dcom.h b/source4/lib/com/dcom/dcom.h
4524new file mode 100644
4525index 0000000..cb549b1
4526--- /dev/null
4527+++ b/source4/lib/com/dcom/dcom.h
4528@@ -0,0 +1,85 @@
4529+/*
4530+ Unix SMB/CIFS implementation.
4531+ COM standard objects
4532+ Copyright (C) Jelmer Vernooij 2004-2005.
4533+
4534+ This program is free software; you can redistribute it and/or modify
4535+ it under the terms of the GNU General Public License as published by
4536+ the Free Software Foundation; either version 2 of the License, or
4537+ (at your option) any later version.
4538+
4539+ This program is distributed in the hope that it will be useful,
4540+ but WITHOUT ANY WARRANTY; without even the implied warranty of
4541+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
4542+ GNU General Public License for more details.
4543+
4544+ You should have received a copy of the GNU General Public License
4545+ along with this program; if not, write to the Free Software
4546+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
4547+*/
4548+
4549+#ifndef _DCOM_H /* _DCOM_H */
4550+#define _DCOM_H
4551+
4552+struct cli_credentials;
4553+struct dcerpc_pipe;
4554+
4555+#include "lib/com/com.h"
4556+#include "librpc/gen_ndr/orpc.h"
4557+
4558+struct dcom_client_context {
4559+ struct dcom_server_credentials {
4560+ const char *server;
4561+ struct cli_credentials *credentials;
4562+ struct dcom_server_credentials *prev, *next;
4563+ } *credentials;
4564+ struct dcom_object_exporter {
4565+ uint64_t oxid;
4566+ char *host;
4567+ struct IRemUnknown *rem_unknown;
4568+ struct DUALSTRINGARRAY *bindings;
4569+ struct dcerpc_pipe *pipe;
4570+ struct dcom_object_exporter *prev, *next;
4571+ } *object_exporters;
4572+};
4573+
4574+typedef enum ndr_err_code (*marshal_fn)(TALLOC_CTX *mem_ctx, struct IUnknown *pv, struct OBJREF *o);
4575+typedef enum ndr_err_code (*unmarshal_fn)(TALLOC_CTX *mem_ctx, struct OBJREF *o, struct IUnknown **pv);
4576+
4577+
4578+struct dcom_client_context *dcom_client_init(struct com_context *ctx, struct cli_credentials *credentials);
4579+struct dcom_object_exporter *object_exporter_by_oxid(struct com_context *ctx, uint64_t oxid);
4580+struct dcom_object_exporter *object_exporter_by_ip(struct com_context *ctx, struct IUnknown *ip);
4581+WERROR dcom_create_object(struct com_context *ctx, struct GUID *clsid, const char *server, int num_ifaces, struct GUID *iid, struct IUnknown ***ip, HRESULT *results);
4582+WERROR dcom_get_class_object(struct com_context *ctx, struct GUID *clsid, const char *server, struct GUID *iid, struct IUnknown **ip);
4583+NTSTATUS dcom_get_pipe(struct IUnknown *iface, struct dcerpc_pipe **pp);
4584+NTSTATUS dcom_OBJREF_from_IUnknown(struct OBJREF *o, struct IUnknown *p);
4585+NTSTATUS dcom_IUnknown_from_OBJREF(TALLOC_CTX *mem_ctx, struct com_context *ctx, struct IUnknown **_p, struct OBJREF *o);
4586+uint64_t dcom_get_current_oxid(void);
4587+void dcom_add_server_credentials(struct com_context *ctx, const char *server, struct cli_credentials *credentials);
4588+WERROR dcom_query_interface(struct IUnknown *d, uint32_t cRefs, uint16_t cIids, struct GUID *iids, struct IUnknown **ip, WERROR *results);
4589+
4590+#include "librpc/gen_ndr/com_dcom.h"
4591+
4592+NTSTATUS dcom_register_proxy(struct IUnknown_vtable *proxy_vtable);
4593+struct IUnknown_vtable *dcom_proxy_vtable_by_iid(struct GUID *iid);
4594+NTSTATUS dcom_register_marshal(struct GUID *clsid, marshal_fn marshal, unmarshal_fn unmarshal);
4595+
4596+#include "libcli/composite/composite.h"
4597+void dcom_release_continue(struct composite_context *cr);
4598+#define IUnknown_ipid(d) ((d)->obj.u_objref.u_standard.std.ipid)
4599+struct composite_context *dcom_release_send(struct IUnknown *d, TALLOC_CTX *mem_ctx);
4600+marshal_fn dcom_marshal_by_clsid(struct GUID *clsid);
4601+unmarshal_fn dcom_unmarshal_by_clsid(struct GUID *clsid);
4602+
4603+struct dcom_proxy_async_call_state {
4604+ struct IUnknown *d;
4605+ const struct ndr_interface_table *table;
4606+ uint32_t opnum;
4607+ void (*continuation)(struct rpc_request *);
4608+ TALLOC_CTX *mem_ctx;
4609+ void *r;
4610+};
4611+
4612+
4613+#endif /* _DCOM_H */
4614diff --git a/source4/lib/com/dcom/main.c b/source4/lib/com/dcom/main.c
4615new file mode 100644
4616index 0000000..088d7fe
4617--- /dev/null
4618+++ b/source4/lib/com/dcom/main.c
4619@@ -0,0 +1,704 @@
4620+/*
4621+ Unix SMB/CIFS implementation.
4622+ Main DCOM functionality
4623+ Copyright (C) 2004 Jelmer Vernooij <jelmer@samba.org>
4624+ Copyright (C) 2006 Andrzej Hajda <andrzej.hajda@wp.pl>
4625+
4626+ This program is free software; you can redistribute it and/or modify
4627+ it under the terms of the GNU General Public License as published by
4628+ the Free Software Foundation; either version 2 of the License, or
4629+ (at your option) any later version.
4630+
4631+ This program is distributed in the hope that it will be useful,
4632+ but WITHOUT ANY WARRANTY; without even the implied warranty of
4633+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
4634+ GNU General Public License for more details.
4635+
4636+ You should have received a copy of the GNU General Public License
4637+ along with this program; if not, write to the Free Software
4638+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
4639+*/
4640+
4641+#include "includes.h"
4642+#include "system/filesys.h"
4643+#include "librpc/gen_ndr/epmapper.h"
4644+#include "librpc/gen_ndr/ndr_remact_c.h"
4645+#include "librpc/gen_ndr/com_dcom.h"
4646+#include "librpc/gen_ndr/dcom.h"
4647+#include "librpc/rpc/dcerpc.h"
4648+#include "lib/com/dcom/dcom.h"
4649+#include "librpc/ndr/ndr_table.h"
4650+#include "../lib/util/dlinklist.h"
4651+#include "auth/credentials/credentials.h"
4652+#include "libcli/composite/composite.h"
4653+
4654+#define DCOM_NEGOTIATED_PROTOCOLS { EPM_PROTOCOL_TCP, EPM_PROTOCOL_SMB, EPM_PROTOCOL_NCALRPC }
4655+
4656+static NTSTATUS dcerpc_binding_from_STRINGBINDING(TALLOC_CTX *mem_ctx, struct dcerpc_binding **b_out, struct STRINGBINDING *bd)
4657+{
4658+ char *tstr;
4659+ char *bstr;
4660+ enum dcerpc_transport_t transport;
4661+ struct dcerpc_binding *b;
4662+
4663+ transport = dcerpc_transport_by_endpoint_protocol(bd->wTowerId);
4664+ if (transport == NCA_UNKNOWN) {
4665+ DEBUG(1, ("Can't find transport match endpoint protocol %d\n", bd->wTowerId));
4666+ return NT_STATUS_NOT_SUPPORTED;
4667+ }
4668+
4669+ tstr = derpc_transport_string_by_transport(transport);
4670+ bstr = talloc_asprintf(mem_ctx, "%s:%s", tstr, bd->NetworkAddr);
4671+ if (bstr == NULL) {
4672+ return NT_STATUS_NO_MEMORY;
4673+ }
4674+
4675+ status = dcerpc_parse_binding(mem_ctx, bstr, &b);
4676+ TALLOC_FREE(bstr);
4677+ if (!NT_STATUS_IS_OK(status)) {
4678+ return status;
4679+ }
4680+
4681+ *b_out = b;
4682+ return NT_STATUS_OK;
4683+}
4684+
4685+struct cli_credentials *dcom_get_server_credentials(struct com_context *ctx, const char *server)
4686+{
4687+ struct dcom_server_credentials *c;
4688+ struct cli_credentials *d;
4689+
4690+ d = NULL;
4691+ for (c = ctx->dcom->credentials; c; c = c->next) {
4692+ if (c->server == NULL) {
4693+ d = c->credentials;
4694+ continue;
4695+ }
4696+ if (server && !strcmp(c->server, server)) return c->credentials;
4697+ }
4698+ return d;
4699+}
4700+
4701+/**
4702+ * Register credentials for a specific server.
4703+ *
4704+ * @param ctx COM context
4705+ * @param server Name of server, can be NULL
4706+ * @param credentials Credentials object
4707+ */
4708+void dcom_add_server_credentials(struct com_context *ctx, const char *server,
4709+ struct cli_credentials *credentials)
4710+{
4711+ struct dcom_server_credentials *c;
4712+
4713+ /* FIXME: Don't use talloc_find_parent_bytype */
4714+ for (c = ctx->dcom->credentials; c; c = c->next) {
4715+ if ((server == NULL && c->server == NULL) ||
4716+ (server != NULL && c->server != NULL &&
4717+ !strcmp(c->server, server))) {
4718+ if (c->credentials && c->credentials != credentials) {
4719+ talloc_unlink(c, c->credentials);
4720+ c->credentials = credentials;
4721+ if (talloc_find_parent_bytype(c->credentials, struct dcom_server_credentials))
4722+ (void)talloc_reference(c, c->credentials);
4723+ else
4724+ talloc_steal(c, c->credentials);
4725+ }
4726+
4727+ return;
4728+ }
4729+ }
4730+
4731+ c = talloc(ctx->event_ctx, struct dcom_server_credentials);
4732+ c->server = talloc_strdup(c, server);
4733+ c->credentials = credentials;
4734+ if (talloc_find_parent_bytype(c->credentials, struct dcom_server_credentials))
4735+ (void)talloc_reference(c, c->credentials);
4736+ else
4737+ talloc_steal(c, c->credentials);
4738+
4739+ DLIST_ADD(ctx->dcom->credentials, c);
4740+}
4741+
4742+void dcom_update_credentials_for_aliases(struct com_context *ctx,
4743+ const char *server,
4744+ struct DUALSTRINGARRAY *pds)
4745+{
4746+ struct cli_credentials *cc;
4747+ struct dcerpc_binding *b;
4748+ uint32_t i;
4749+ NTSTATUS status;
4750+
4751+ cc = dcom_get_server_credentials(ctx, server);
4752+ for (i = 0; pds->stringbindings[i]; ++i) {
4753+ if (pds->stringbindings[i]->wTowerId != EPM_PROTOCOL_TCP)
4754+ continue;
4755+ status = dcerpc_binding_from_STRINGBINDING(ctx, &b, pds->stringbindings[i]);
4756+ if (!NT_STATUS_IS_OK(status))
4757+ continue;
4758+ dcom_add_server_credentials(ctx, b->host, cc);
4759+ talloc_free(b);
4760+ }
4761+}
4762+
4763+struct dcom_client_context *dcom_client_init(struct com_context *ctx, struct cli_credentials *credentials)
4764+{
4765+ ctx->dcom = talloc_zero(ctx, struct dcom_client_context);
4766+ if (!credentials) {
4767+ credentials = cli_credentials_init(ctx);
4768+ cli_credentials_set_conf(credentials, ctx->lp_ctx);
4769+ cli_credentials_parse_string(credentials, "%", CRED_SPECIFIED);
4770+ }
4771+ dcom_add_server_credentials(ctx, NULL, credentials);
4772+ return ctx->dcom;
4773+}
4774+
4775+static NTSTATUS dcom_connect_host(struct com_context *ctx,
4776+ struct dcerpc_pipe **p, const char *server)
4777+{
4778+ struct dcerpc_binding *bd;
4779+ const char * available_transports[] = { "ncacn_ip_tcp", "ncacn_np" };
4780+ int i;
4781+ NTSTATUS status;
4782+ TALLOC_CTX *loc_ctx;
4783+
4784+ if (server == NULL) {
4785+ return dcerpc_pipe_connect(ctx->event_ctx, p, "ncalrpc",
4786+ &ndr_table_IRemoteActivation,
4787+ dcom_get_server_credentials(ctx, NULL), ctx->event_ctx, ctx->lp_ctx);
4788+ }
4789+ loc_ctx = talloc_new(ctx);
4790+
4791+ /* Allow server name to contain a binding string */
4792+ if (strchr(server, ':') &&
4793+ NT_STATUS_IS_OK(dcerpc_parse_binding(loc_ctx, server, &bd))) {
4794+ if (DEBUGLVL(11))
4795+ bd->flags |= DCERPC_DEBUG_PRINT_BOTH;
4796+ status = dcerpc_pipe_connect_b(ctx->event_ctx, p, bd,
4797+ &ndr_table_IRemoteActivation,
4798+ dcom_get_server_credentials(ctx, bd->host), ctx->event_ctx, ctx->lp_ctx);
4799+ goto end;
4800+ }
4801+
4802+ for (i = 0; i < ARRAY_SIZE(available_transports); i++)
4803+ {
4804+ char *binding = talloc_asprintf(loc_ctx, "%s:%s", available_transports[i], server);
4805+ if (!binding) {
4806+ status = NT_STATUS_NO_MEMORY;
4807+ goto end;
4808+ }
4809+ status = dcerpc_pipe_connect(ctx->event_ctx, p, binding,
4810+ &ndr_table_IRemoteActivation,
4811+ dcom_get_server_credentials(ctx, server),
4812+ ctx->event_ctx, ctx->lp_ctx);
4813+
4814+ if (NT_STATUS_IS_OK(status)) {
4815+ if (DEBUGLVL(11))
4816+ (*p)->conn->flags |= DCERPC_DEBUG_PRINT_BOTH;
4817+ goto end;
4818+ } else {
4819+ DEBUG(1,(__location__": dcom_connect_host : %s\n", get_friendly_nt_error_msg(status)));
4820+ }
4821+ }
4822+
4823+end:
4824+ talloc_free(loc_ctx);
4825+ return status;
4826+}
4827+
4828+struct dcom_object_exporter *object_exporter_by_oxid(struct com_context *ctx,
4829+ uint64_t oxid)
4830+{
4831+ struct dcom_object_exporter *ox;
4832+ for (ox = ctx->dcom->object_exporters; ox; ox = ox->next) {
4833+ if (ox->oxid == oxid) {
4834+ return ox;
4835+ }
4836+ }
4837+
4838+ return NULL;
4839+}
4840+
4841+struct dcom_object_exporter *object_exporter_update_oxid(struct com_context *ctx, uint64_t oxid, struct DUALSTRINGARRAY *bindings)
4842+{
4843+ struct dcom_object_exporter *ox;
4844+ ox = object_exporter_by_oxid(ctx, oxid);
4845+ if (!ox) {
4846+ ox = talloc_zero(ctx, struct dcom_object_exporter);
4847+ DLIST_ADD(ctx->dcom->object_exporters, ox);
4848+ ox->oxid = oxid;
4849+ } else {
4850+ talloc_free(ox->bindings);
4851+ }
4852+ ox->bindings = bindings;
4853+ talloc_steal(ox, bindings);
4854+ return ox;
4855+}
4856+
4857+struct dcom_object_exporter *object_exporter_by_ip(struct com_context *ctx, struct IUnknown *ip)
4858+{
4859+ return object_exporter_by_oxid(ctx, ip->obj.u_objref.u_standard.std.oxid);
4860+}
4861+
4862+WERROR dcom_create_object(struct com_context *ctx, struct GUID *clsid, const char *server, int num_ifaces, struct GUID *iid, struct IUnknown ***ip, HRESULT *results)
4863+{
4864+ uint16_t protseq[] = DCOM_NEGOTIATED_PROTOCOLS;
4865+ struct dcerpc_pipe *p;
4866+ struct dcom_object_exporter *m;
4867+ NTSTATUS status;
4868+ struct RemoteActivation r;
4869+ struct DUALSTRINGARRAY *pds;
4870+ int i;
4871+ HRESULT hr;
4872+ uint64_t oxid;
4873+ struct GUID ipidRemUnknown;
4874+ struct IUnknown *ru_template;
4875+ struct ORPCTHAT that;
4876+ uint32_t AuthnHint;
4877+ struct COMVERSION ServerVersion;
4878+ struct MInterfacePointer **ifaces;
4879+ TALLOC_CTX *loc_ctx;
4880+
4881+ status = dcom_connect_host(ctx, &p, server);
4882+ if (NT_STATUS_IS_ERR(status)) {
4883+ DEBUG(1, ("Unable to connect to %s - %s\n", server, get_friendly_nt_error_msg(status)));
4884+ return ntstatus_to_werror(status);
4885+ }
4886+ loc_ctx = talloc_new(ctx);
4887+
4888+ ifaces = talloc_array(loc_ctx, struct MInterfacePointer *, num_ifaces);
4889+
4890+ ZERO_STRUCT(r.in);
4891+ r.in.this.version.MajorVersion = COM_MAJOR_VERSION;
4892+ r.in.this.version.MinorVersion = COM_MINOR_VERSION;
4893+ r.in.this.cid = GUID_random();
4894+ r.in.Clsid = *clsid;
4895+ r.in.ClientImpLevel = RPC_C_IMP_LEVEL_IDENTIFY;
4896+ r.in.num_protseqs = ARRAY_SIZE(protseq);
4897+ r.in.protseq = protseq;
4898+ r.in.Interfaces = num_ifaces;
4899+ r.in.pIIDs = iid;
4900+ r.out.that = &that;
4901+ r.out.pOxid = &oxid;
4902+ r.out.pdsaOxidBindings = &pds;
4903+ r.out.ipidRemUnknown = &ipidRemUnknown;
4904+ r.out.AuthnHint = &AuthnHint;
4905+ r.out.ServerVersion = &ServerVersion;
4906+ r.out.hr = &hr;
4907+ r.out.ifaces = ifaces;
4908+ r.out.results = results;
4909+
4910+ status = dcerpc_RemoteActivation(p, loc_ctx, &r);
4911+ talloc_free(p);
4912+
4913+ if(NT_STATUS_IS_ERR(status)) {
4914+ DEBUG(1, ("Error while running RemoteActivation %s\n", nt_errstr(status)));
4915+ hr = ntstatus_to_werror(status);
4916+ goto end;
4917+ }
4918+
4919+ if(!W_ERROR_IS_OK(r.out.result)) {
4920+ hr = r.out.result;
4921+ goto end;
4922+ }
4923+
4924+ if(!HRES_IS_OK(hr)) {
4925+ goto end;
4926+ }
4927+
4928+ m = object_exporter_update_oxid(ctx, oxid, pds);
4929+
4930+ ru_template = NULL;
4931+ *ip = talloc_array(ctx, struct IUnknown *, num_ifaces);
4932+ for (i = 0; i < num_ifaces; i++) {
4933+ (*ip)[i] = NULL;
4934+ if (W_ERROR_IS_OK(results[i])) {
4935+ status = dcom_IUnknown_from_OBJREF(ctx, &(*ip)[i], &r.out.ifaces[i]->obj);
4936+ if (!NT_STATUS_IS_OK(status)) {
4937+ results[i] = ntstatus_to_werror(status);
4938+ } else if (!ru_template)
4939+ ru_template = (*ip)[i];
4940+ }
4941+ }
4942+
4943+ /* TODO:avg check when exactly oxid should be updated,its lifetime etc */
4944+ if (m->rem_unknown && memcmp(&m->rem_unknown->obj.u_objref.u_standard.std.ipid, &ipidRemUnknown, sizeof(ipidRemUnknown))) {
4945+ talloc_free(m->rem_unknown);
4946+ m->rem_unknown = NULL;
4947+ }
4948+ if (!m->rem_unknown) {
4949+ if (!ru_template) {
4950+ DEBUG(1,("dcom_create_object: Cannot Create IRemUnknown - template interface not available\n"));
4951+ hr = WERR_GEN_FAILURE;
4952+ }
4953+ m->rem_unknown = talloc_zero(m, struct IRemUnknown);
4954+ memcpy(m->rem_unknown, ru_template, sizeof(struct IUnknown));
4955+ GUID_from_string(COM_IREMUNKNOWN_UUID, &m->rem_unknown->obj.iid);
4956+ m->rem_unknown->obj.u_objref.u_standard.std.ipid = ipidRemUnknown;
4957+ m->rem_unknown->vtable = (struct IRemUnknown_vtable *)dcom_proxy_vtable_by_iid(&m->rem_unknown->obj.iid);
4958+ /* TODO:avg copy stringbindigs?? */
4959+ }
4960+
4961+ dcom_update_credentials_for_aliases(ctx, server, pds);
4962+ {
4963+ char *c;
4964+ c = strchr(server, '[');
4965+ if (m->host) talloc_free(m->host);
4966+ m->host = c ? talloc_strndup(m, server, c - server) : talloc_strdup(m, server);
4967+ }
4968+ hr = WERR_OK;
4969+end:
4970+ talloc_free(loc_ctx);
4971+ return hr;
4972+}
4973+
4974+int find_similar_binding(struct STRINGBINDING **sb, const char *host)
4975+{
4976+ int i, l;
4977+ l = strlen(host);
4978+ for (i = 0; sb[i]; ++i) {
4979+ if ((sb[i]->wTowerId == EPM_PROTOCOL_TCP) && !strncasecmp(host, sb[i]->NetworkAddr, l) && (sb[i]->NetworkAddr[l] == '['))
4980+ break;
4981+ }
4982+ return i;
4983+}
4984+
4985+WERROR dcom_query_interface(struct IUnknown *d, uint32_t cRefs, uint16_t cIids, struct GUID *iids, struct IUnknown **ip, WERROR *results)
4986+{
4987+ struct dcom_object_exporter *ox;
4988+ struct REMQIRESULT *rqir;
4989+ WERROR result;
4990+ NTSTATUS status;
4991+ int i;
4992+ TALLOC_CTX *loc_ctx;
4993+ struct IUnknown ru;
4994+
4995+ loc_ctx = talloc_new(d);
4996+ ox = object_exporter_by_ip(d->ctx, d);
4997+
4998+ result = IRemUnknown_RemQueryInterface(ox->rem_unknown, loc_ctx, &IUnknown_ipid(d), cRefs, cIids, iids, &rqir);
4999+ if (!W_ERROR_IS_OK(result)) {
5000+ DEBUG(1, ("dcom_query_interface failed: %08X\n", W_ERROR_V(result)));
The diff has been truncated for viewing.

Subscribers

People subscribed via source and target branches