Günther Deschner [Thu, 13 Dec 2012 11:31:54 +0000 (12:31 +0100)]
s3-net: mention optional impersonation principal for PAC retrieval.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Günther Deschner [Fri, 1 Feb 2013 16:45:02 +0000 (17:45 +0100)]
s4-torture: make sure to deal with the highest relative pointer offset correctly.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Günther Deschner [Fri, 1 Feb 2013 16:44:16 +0000 (17:44 +0100)]
ndrdump: make sure to deal with the highest relative pointer offset correctly.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Thu, 31 Jan 2013 12:39:42 +0000 (13:39 +0100)]
s3:auth: wbcAuthenticateEx gives unix times (bug #9625)
We also need to convert last_logon, last_logoff and acct_expiry
from unix time to nt time.
Otherwise a windows member server will reject clients
using CAP_DYNAMIC_REAUTH or smb2) with STATUS_NETWORK_SESSION_EXPIRED,
if the logoff and kickoff time is expired.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Feb 1 18:42:42 CET 2013 on sn-devel-104
David Disseldorp [Thu, 31 Jan 2013 16:48:25 +0000 (17:48 +0100)]
selftest: skip smb2.ioctl tests on ntvfs
Rather than filtering via knownfail.
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Jan 31 19:39:25 CET 2013 on sn-devel-104
Volker Lendecke [Thu, 31 Jan 2013 14:46:43 +0000 (15:46 +0100)]
tevent: Fix a comment typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Autobuild-User(master): Richard Sharpe <sharpe@samba.org>
Autobuild-Date(master): Thu Jan 31 17:52:39 CET 2013 on sn-devel-104
Jeremy Allison [Tue, 29 Jan 2013 00:52:11 +0000 (16:52 -0800)]
Fix the compound tests to correctly pass against Windows when run with --signing=required.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.org>
Autobuild-User(master): Richard Sharpe <sharpe@samba.org>
Autobuild-Date(master): Thu Jan 31 03:53:55 CET 2013 on sn-devel-104
Jeremy Allison [Tue, 29 Jan 2013 00:51:25 +0000 (16:51 -0800)]
Add new function smbXcli_session_copy(), to be used when creating compound SMB2 requests.
Copies the signing state needed to make client compound requests work
on signed connections.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Volker Lendecke [Wed, 30 Jan 2013 14:53:27 +0000 (15:53 +0100)]
smbd: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
Autobuild-User(master): Christian Ambach <ambi@samba.org>
Autobuild-Date(master): Wed Jan 30 18:21:19 CET 2013 on sn-devel-104
Volker Lendecke [Tue, 15 Jan 2013 12:17:00 +0000 (13:17 +0100)]
smbd: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
Michael Adam [Tue, 22 Jan 2013 17:08:25 +0000 (18:08 +0100)]
s3:winbindd: change getpwsid() to return a passwd struct for a group sid id-mapped with ID_TYPE_BOTH
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Jan 29 23:46:19 CET 2013 on sn-devel-104
Michael Adam [Tue, 22 Jan 2013 16:39:44 +0000 (17:39 +0100)]
s3:winbindd: check the correct variable for talloc success in rpc_query_user()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Thu, 6 Dec 2012 23:55:18 +0000 (00:55 +0100)]
s3:winbindd:getgrnam: also produce a group struct for a user with ID_TYPE_BOTH
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Thu, 6 Dec 2012 21:02:32 +0000 (22:02 +0100)]
s3:winbindd: create group structs for gids that are coming from a user sid id-mapped with ID_TYPE_BOTH
This "fake" group contains exctly one member, namely the user that the sid is
actually belonging to.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Thu, 6 Dec 2012 17:06:49 +0000 (18:06 +0100)]
s3:winbindd: factor add_wbint_Principal_to_dict() out of wb_group_members_done()
for later reuse
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Fri, 7 Dec 2012 15:13:19 +0000 (16:13 +0100)]
s3:winbindd: fix a cut'n'paste comment typo in wb_fill_pwent
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Fri, 7 Dec 2012 00:12:11 +0000 (01:12 +0100)]
s3:winbindd: rename winbindd_getgrnam_lookupsid_done to winbindd_getgrnam_lookupname_done
That's what it is.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Christian Ambach [Fri, 7 Dec 2012 11:33:38 +0000 (12:33 +0100)]
s3:utils/net remove aclmapset command
this was made for the nfs4:sidmap code that has been removed, so
this subcommand can also go away
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Tue Jan 29 15:37:18 CET 2013 on sn-devel-104
Christian Ambach [Thu, 29 Nov 2012 20:40:15 +0000 (21:40 +0100)]
s3:net_idmap_dump support dumping autorid backend
- remember the type of idmapping database (tdb or autorid)
this allows to make rest of the code (e.g. dump) know which database-style it will encounter
- add a seperate dump function for autorid
- default to TDB if db-file is given on the command-line
Pair-Programmed-With: Ralph Wuerthner <ralph.wuerthner@de.ibm.com>
Signed-off-by: Christian Ambach <ambi@samba.org>
Signed-off-by: Ralph Wuerthner <ralph.wuerthner@de.ibm.com>
Reviewed-by: Michael Adam <obnox@samba.org>
Christian Ambach [Tue, 4 Dec 2012 14:11:50 +0000 (15:11 +0100)]
s3:net_idmap_dump add missing braces
see README.Coding
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Christian Ambach [Mon, 3 Dec 2012 13:15:40 +0000 (14:15 +0100)]
s3:net_idmap_dump remove obsolete support for tdb:idmap2.tdb parameter
this one got removed from idmap_tdb2 a while ago
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Christian Ambach [Thu, 29 Nov 2012 20:39:54 +0000 (21:39 +0100)]
s3:net_idmap_dump deal with idmap config * : backend config style
this is the new config style since Samba 3.6 and should be detected by net idmap dump
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Jeremy Allison [Fri, 25 Jan 2013 00:20:14 +0000 (16:20 -0800)]
Regression test for bug #9571 - Unlink after open causes smbd to panic
Replicates the protocol activity that triggers the crash.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Jan 28 15:33:17 CET 2013 on sn-devel-104
Pavel Shilovsky [Wed, 16 Jan 2013 11:02:26 +0000 (15:02 +0400)]
Fix bug #9571 - Unlink after open causes smbd to panic.
s3:smbd: fix wrong lock order in posix unlink
Signed-off-by: Pavel Shilovsky <piastry@etersoft.ru>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Jeremy Allison [Fri, 25 Jan 2013 18:21:48 +0000 (10:21 -0800)]
Fix bug #9588 - ACLs are not inherited to directories for DFS shares.
We can return with NT_STATUS_OK in an error code path. This
has a really strange effect in that it prevents the ACL editor
in Windows XP from recursively changing ACE entries on sub-directories
after a change in a DFS-root share (we end up returning a path
that looks like: \\IPV4\share1\xptest/testdir with a mixture
of Windows and POSIX pathname separators).
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Mon Jan 28 13:48:13 CET 2013 on sn-devel-104
Volker Lendecke [Sun, 27 Jan 2013 16:24:49 +0000 (17:24 +0100)]
smbcontrol: Fix undefined serverid_traverse_read warning
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Jan 28 11:51:12 CET 2013 on sn-devel-104
Volker Lendecke [Sun, 27 Jan 2013 16:24:31 +0000 (17:24 +0100)]
smbcontrol: Fix the build with libunwind
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Sun, 27 Jan 2013 10:09:39 +0000 (11:09 +0100)]
s4:service_task: add missing imessaging_cleanup() to task_server_terminate()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Sun Jan 27 15:50:30 CET 2013 on sn-devel-104
Stefan Metzmacher [Sun, 27 Jan 2013 10:01:07 +0000 (11:01 +0100)]
s4:service_task: prevent a segfault if task->msg_ctx is not initialized yet
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Sun, 27 Jan 2013 11:15:50 +0000 (12:15 +0100)]
selftest: rename 'promoted_vampire_dc' to 'promoted_dc'
Unix domain socket are limited to 104 characters on Linux.
Using something like this fails as it uses more than 104 characters:
'/memdisk/autobuild/flakey/
b232141/samba/bin/ab/promoted_vampire_dc/private/smbd.tmp/msg/msg.482379.
2147483647'
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Tue, 22 Jan 2013 12:39:15 +0000 (23:39 +1100)]
selftest: Add test of upgradeprovision using the old alpha13 tree
This ensures that upgradeprovision works as expected on a known good old database.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sun Jan 27 11:55:54 CET 2013 on sn-devel-104
Stefan Metzmacher [Fri, 25 Jan 2013 08:36:47 +0000 (09:36 +0100)]
samba_upgradeprovision: detect dns_backend for the reference provision
If we have a DomainDnsZone partition, we use BIND9_DLZ as backend
and fix errors in the ForestDnsZone and DomainDnsZone partitions.
Note: this should work fine also for SAMBA_INTERNAL.
If the current setup doesn't use dns specific partitions (e.g. alpha13 setups)
we pass dns_backend=BIND9_FLATFILE.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Fri, 25 Jan 2013 08:36:47 +0000 (09:36 +0100)]
provision: setup names.dns_backend
If we have a DomainDnsZone partition:
- we use BIND9_DLZ as backend if a dns-<netbiosname> account is available
- otherwise, we use SAMBA_INTERNAL
else:
- we use BIND9_FLATFILE if a dns or dns-<netbiosname> account is available
- otherwise, we use NONE
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Thu, 13 Dec 2012 11:56:37 +0000 (12:56 +0100)]
samba_upgradeprovision: fix the nTSecurityDescriptor on more containers (bug #9481)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Wed, 23 Jan 2013 15:27:17 +0000 (16:27 +0100)]
provision: fix nTSecurityDescriptor of containers in the DnsZones (bug #9481)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Wed, 23 Jan 2013 15:27:17 +0000 (16:27 +0100)]
provision: fix nTSecurityDescriptor attributes of CN=*,${CONFIGDN} (bug #9481)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Wed, 23 Jan 2013 15:27:17 +0000 (16:27 +0100)]
provision: fix nTSecurityDescriptor of CN={LostAndFound,System},${DOMAINDN} (bug #9481)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Wed, 23 Jan 2013 14:45:33 +0000 (15:45 +0100)]
provision: setup names.name_map['DnsAdmins']
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Wed, 23 Jan 2013 14:43:54 +0000 (15:43 +0100)]
provision: introduce names.name_map = {}
This will be used to translated names in SDDL values,
which are not wellknown, e.g. 'DnsAdmins'.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Wed, 23 Jan 2013 14:55:31 +0000 (15:55 +0100)]
provision: add get_dns_{forest,domain}_microsoft_dns_descriptor()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Wed, 23 Jan 2013 14:39:07 +0000 (15:39 +0100)]
provision: add get_config_ntds_quotas_descriptor()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Wed, 23 Jan 2013 09:51:10 +0000 (10:51 +0100)]
provision: add get_{config,domain}_delete_protected*_descriptor()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Wed, 23 Jan 2013 14:53:00 +0000 (15:53 +0100)]
schema.py: add optional name_map={} to get_schema_descriptor()
This is not used, but makes the prototype compatible with the
other get_*_descriptor() functions.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Wed, 23 Jan 2013 14:51:37 +0000 (15:51 +0100)]
provision: add optional name_map={} argument to get_*_descriptor()
This will allow subsitute non-wellkown names in the SDDL,
e.g. 'DnsAdmins'.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Wed, 23 Jan 2013 08:05:36 +0000 (09:05 +0100)]
provision: import/export get_dns_partition_descriptor()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Wed, 23 Jan 2013 07:56:00 +0000 (08:56 +0100)]
provision: setup names.dns{forest,domain}dn
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Wed, 23 Jan 2013 14:24:11 +0000 (15:24 +0100)]
samba_upgradeprovision: fix resetting of 'nTSecurityDescriptor' on schema objects
Without this schema_data_modify() will reject updates to schema objects
by default.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Wed, 23 Jan 2013 14:23:13 +0000 (15:23 +0100)]
samba_upgradeprovision: don't reset 'whenCreated' when resetting 'nTSecurityDescriptor'
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Sat, 19 Jan 2013 08:41:00 +0000 (09:41 +0100)]
dbckecker: fix nTSecurityDescriptor values from before 4.0.0rc6 (bug #9481)
They inherited effective ACE for the wrong object classes.
For SACL ACEs the problem was also present in 4.0.0.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Thu, 24 Jan 2013 21:59:26 +0000 (22:59 +0100)]
dsdb-descriptor: get_default_group() should always return the DAG sid (bug #9481)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Thu, 24 Jan 2013 12:07:32 +0000 (13:07 +0100)]
tests/sec_descriptor: the default owner behavior depends on domainControllerFunctionality (bug #9481)
Not on the domainFunctionality.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Tue, 22 Jan 2013 14:38:07 +0000 (15:38 +0100)]
libcli/security: calculate INHERIT_ONLY correcty for AUDIT and ALARM aces (bug #9481)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Fri, 25 Jan 2013 12:00:12 +0000 (23:00 +1100)]
s4-process_single: Use pid,task_id as cluster_id in process_single just like process_prefork
This avoids two different process single task servers (eg the drepl
server) sharing the same server id. The task id starts at 2^31 to
avoid collision with the fd based scheme for connections.
Fix-bug: https://bugzilla.samba.org/show_bug.cgi?id=9598
Reported-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Sat Jan 26 16:13:05 CET 2013 on sn-devel-104
Andrew Bartlett [Fri, 25 Jan 2013 22:09:23 +0000 (09:09 +1100)]
pymessaging: Pass around the server_id struct to python callbacks rather than the tuple
This is not used currently, but may avoid going to and from the python types when we do not need to.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Fri, 25 Jan 2013 21:58:46 +0000 (08:58 +1100)]
pymessaging: Use correct unsigned types for server ID tuple elememnts
This is needed if we start using the top bits of these values.
Andrew Bartlett
Reviewed-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Fri, 25 Jan 2013 22:35:21 +0000 (09:35 +1100)]
ldb: Ensure to decrement the transaction_active whenever we delete a transaction
This is in the error path for prepare_commit, which rarely fails, but
when it does we need to ensure that when a new transaction is opened,
that it really starts a new transaction.
We bump the version to recognise critical fix for the AD DC
Without this fix, a single invalid inbound replicated link disables
all subsequent replication as we operate without a transaction (which
is refused by ldb_tdb).
Andrew Bartlett
Reviewed-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Thu, 24 Jan 2013 13:21:51 +0000 (14:21 +0100)]
ldb: fix a warning by converting from TDB_DATA to struct ldb_val
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jeremy Allison [Thu, 24 Jan 2013 20:33:53 +0000 (12:33 -0800)]
Regression test for bug #9587 - archive flag is always set on directories.
Ensure we get the correct attributes on files
and directories after a rename.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Fri Jan 25 13:42:40 CET 2013 on sn-devel-104
Jeremy Allison [Thu, 24 Jan 2013 19:02:30 +0000 (11:02 -0800)]
Fix bug #9587 - archive flag is always set on directories.
Creating a directory to a Samba share sets the attributes to 'D' only
(correct) - only when creating a new file should the 'A' attribute
be set.
However, doing a rename of that directory sets the 'A' attribute in error.
This should only be done on a file rename. smbclient regression test to follow.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Andrew Bartlett [Fri, 25 Jan 2013 02:15:51 +0000 (13:15 +1100)]
bug9598: s4-process_single: Use pid,fd as cluster_id in process_single just like process_prefork
This avoids two different process single servers (say LDAP and the RPC server) sharing the same
server id.
Fix-bug: https://bugzilla.samba.org/show_bug.cgi?id=9598
Reported-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Matthieu Patou <mat@matws.net>
Signed-off-by: Andrew Bartlett <abartlett@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jan 25 12:00:04 CET 2013 on sn-devel-104
Volker Lendecke [Thu, 24 Jan 2013 15:39:05 +0000 (16:39 +0100)]
Avoid a very small memleak on talloc_tos()
"fname" did leak on talloc_tos(). Not really a bad memleak, but as I
just came across it I thought I might just fix it
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jan 25 00:54:01 CET 2013 on sn-devel-104
Jeremy Allison [Wed, 23 Jan 2013 17:57:50 +0000 (09:57 -0800)]
Fix bug #9572 - File corruption during SMB1 read by Mac OSX 10.8.2 clients.
Accept a large read if we told the client we have UNIX extensions
and the client sent a non-zero upper 16-bit size.
Do the non-zero upper 16-bit size check first to save a function
call in what is a hot path.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jan 24 21:01:51 CET 2013 on sn-devel-104
Jeremy Allison [Tue, 22 Jan 2013 20:38:28 +0000 (12:38 -0800)]
Revert "s3:smbd: SMB ReadX with size > 0xffff should only possible for samba clients."
Part of fix for bug #9572 - File corruption during SMB1 read by Mac OSX 10.8.2 clients
This reverts commit
f8c26c16b82989e002b839fc9eba6386fc036f6a.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Günther Deschner [Wed, 23 Jan 2013 09:33:21 +0000 (10:33 +0100)]
s4-torture: add some basic tests for PlayGDIScriptOnPrinterIC.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Jan 24 19:20:52 CET 2013 on sn-devel-104
Günther Deschner [Wed, 23 Jan 2013 08:31:01 +0000 (09:31 +0100)]
s3-rpcclient: add cmd_spoolss_play_gdi_script_on_printer_ic.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Thu, 24 Jan 2013 16:10:17 +0000 (17:10 +0100)]
spoolss: add UNIVERSAL_FONT_ID_ctr for debugging.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Wed, 23 Jan 2013 10:11:26 +0000 (11:11 +0100)]
spoolss: Add UNIVERSAL_FONT_ID.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Wed, 23 Jan 2013 08:01:05 +0000 (09:01 +0100)]
spoolss: fill in spoolss_PlayGDIScriptOnPrinterIC IDL.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Tue, 22 Jan 2013 14:57:22 +0000 (15:57 +0100)]
s3-rpcclient: decode OsVersion{Ex} binary blobs when displaying printerdata.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Sat, 19 Jan 2013 00:37:29 +0000 (01:37 +0100)]
s3-spoolss: Make it easier to manipulate the returned OSVersion at runtime.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Fri, 18 Jan 2013 21:22:13 +0000 (22:22 +0100)]
spoolss: make spoolss deal with ndr64 StartDocPrinter by using proper container object.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Fri, 18 Jan 2013 12:43:05 +0000 (13:43 +0100)]
spoolss: add more spoolss_DriverAttributes values.
The level5 driver does return only one of these flags with a different value,
will get fixed later.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Karolin Seeger [Thu, 24 Jan 2013 10:52:37 +0000 (11:52 +0100)]
docs: ldbsearch.1.xml: Correct meta data.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jan 24 16:09:37 CET 2013 on sn-devel-104
Karolin Seeger [Thu, 24 Jan 2013 10:52:15 +0000 (11:52 +0100)]
docs: ldbrename.1.xml: Correct meta data.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Karolin Seeger [Thu, 24 Jan 2013 10:51:49 +0000 (11:51 +0100)]
docs: ldbmodify.1.xml: Correct meta data.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Karolin Seeger [Thu, 24 Jan 2013 10:51:28 +0000 (11:51 +0100)]
docs: ldbedit.1.xml: Correct meta data.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Karolin Seeger [Thu, 24 Jan 2013 10:50:55 +0000 (11:50 +0100)]
docs: ldbdel.1.xml: Correct meta data.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Karolin Seeger [Thu, 24 Jan 2013 10:50:26 +0000 (11:50 +0100)]
docs: ldbadd.1.xml: Correct meta data.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Karolin Seeger [Thu, 24 Jan 2013 10:50:00 +0000 (11:50 +0100)]
docs: ldb.3.xml: Correct meta data.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Tue, 22 Jan 2013 03:45:14 +0000 (14:45 +1100)]
gensec: Allow login without a PAC by default (bug #9581)
The sense of this test was inverted. We only want to take the ACCESS_DENIED error
if gensec:require_pac=true.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Jeremy Allison [Wed, 23 Jan 2013 22:39:09 +0000 (14:39 -0800)]
Fix bug #9586 - smbd[29175]: disk_free: sys_popen() failed" message logged in /var/log/message many times.
Ensure when reading lines from an interruptible
pipe source we ignore EINTR.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Jan 24 10:45:48 CET 2013 on sn-devel-104
Stefan Metzmacher [Thu, 17 Jan 2013 16:19:03 +0000 (17:19 +0100)]
dsdb-acl: remove unused variable
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Jan 23 20:04:09 CET 2013 on sn-devel-104
Volker Lendecke [Tue, 22 Jan 2013 12:14:41 +0000 (13:14 +0100)]
smbd: Fix a NULL vs false return error
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andreas Schneider [Tue, 22 Jan 2013 08:55:02 +0000 (09:55 +0100)]
waf: Fix pdb_ldap which cannot be built as a module.
The module has two init functions, pdb_ldap_init() and
pdb_ldapsam_init(). As a shared module only one can be found until we
create a symlink.
Reviewed-by: Günther Deschner <gd@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Jan 23 10:51:59 CET 2013 on sn-devel-104
Andreas Schneider [Tue, 22 Jan 2013 09:04:07 +0000 (10:04 +0100)]
ldap: Remove obsolete convertSambaAccount script.
We removed ldapsam_compat support which used sambaAccount already some
time ago. See commit
02c239c6d35f47f13143c66baffbd303373b8028.
Reviewed-by: Günther Deschner <gd@samba.org>
Andrew Bartlett [Sun, 20 Jan 2013 23:45:10 +0000 (10:45 +1100)]
libcli/auth: fix void function cannot return value error
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jan 22 22:32:31 CET 2013 on sn-devel-104
Günther Deschner [Tue, 22 Jan 2013 10:54:19 +0000 (11:54 +0100)]
s3-winbind: fix the build of idmap_ldap.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Tue Jan 22 14:43:40 CET 2013 on sn-devel-104
Matthieu Patou [Thu, 3 Jan 2013 22:33:45 +0000 (14:33 -0800)]
Tests: Fix the display of test vars in screen --testenv
The form bash -c echo "important stuff blabla bla" && LD_LIBARY_PATH bash
is not working in screen when it's working in xterm and the in_screen
script already wrap all the command within a bash shell so there is no
need to re-force bash as the echo will execute in a bash shell
Signed-off-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Jan 22 13:03:52 CET 2013 on sn-devel-104
Matthieu Patou [Sun, 14 Oct 2012 08:01:08 +0000 (01:01 -0700)]
libcli-acl: add documentation
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Matthieu Patou [Sun, 14 Oct 2012 08:04:51 +0000 (01:04 -0700)]
drsuapi: Add documentation
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Matthieu Patou [Tue, 16 Oct 2012 05:15:17 +0000 (22:15 -0700)]
drepl-notify: change misleading message
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Matthieu Patou [Tue, 30 Oct 2012 05:12:33 +0000 (22:12 -0700)]
devel-script: add options for RODC and partial replica for replicate flags
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Jan 22 00:12:17 CET 2013 on sn-devel-104
Matthieu Patou [Tue, 30 Oct 2012 04:43:14 +0000 (21:43 -0700)]
devel-scripts: ask with WRIT_REP by default
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Matthieu Patou [Wed, 24 Oct 2012 05:12:08 +0000 (22:12 -0700)]
devel-getncchange: try to find the dest_dsa automatically
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Matthieu Patou [Sat, 13 Oct 2012 22:02:57 +0000 (15:02 -0700)]
security: Add documentation
Names seems to be a bit cryptic and misleading (at least for me).
So documenting them should remove at least partially this problem.
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Matthieu Patou [Sat, 13 Oct 2012 22:28:08 +0000 (15:28 -0700)]
libcli-security: Add documentation for object_tree_modify_access
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Matthieu Patou [Wed, 24 Oct 2012 05:09:20 +0000 (22:09 -0700)]
dbcheck: look in hasMasterNCs as well for determining the instance type of a NC
Forest of level 2000 don't hve the msDS-hasMasterNCs parameter
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Matthieu Patou [Sun, 30 Dec 2012 00:43:44 +0000 (16:43 -0800)]
dsdb: Fix warning about unused var
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Jan 21 17:51:16 CET 2013 on sn-devel-104
Andrew Bartlett [Tue, 1 Jan 2013 22:27:51 +0000 (09:27 +1100)]
dsdb: Explain ordering constraints on the ACL module as well.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Sat, 29 Dec 2012 04:13:54 +0000 (15:13 +1100)]
dsdb: Ensure "authenticated users" is processed for group memberships
This change moves the addition of "Authenticated Users" from the very end of the
token processing to the start. The reason is that we need to see if
"Authenticated Users" is a member of other builtin groups, just as we
would for any other SID. This picks up the "Pre-Windows 2000 Compatible Access"
group, which is in turn often used in ACLs on LDAP objects.
Without this change, the eventual token does not contain S-1-5-32-554
and users other than "Administrator" are unable to read uidNumber
(in particular).
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
git.samba.org / samba.git / log