Volker Lendecke [Sat, 27 Jun 2009 09:31:53 +0000 (11:31 +0200)]
Fix some nonempty blank lines
Volker Lendecke [Tue, 16 Jun 2009 09:51:11 +0000 (11:51 +0200)]
s3/lanman: Workaround for KB932762.
This addresses bug #6498.
Volker Lendecke [Fri, 26 Jun 2009 19:52:34 +0000 (21:52 +0200)]
The solaris linker seems to require an extra mention of dependent libs
Jim McDonough [Fri, 26 Jun 2009 19:24:57 +0000 (15:24 -0400)]
Don't use ads realm name for non-ads case. #6481
Also check that the connection to ads worked.
Volker Lendecke [Fri, 26 Jun 2009 15:38:58 +0000 (17:38 +0200)]
Fix some dead code warnings from SUN Studio
Volker Lendecke [Fri, 26 Jun 2009 14:45:25 +0000 (16:45 +0200)]
Fix a typo in a comment
Sam Liddicott [Fri, 26 Jun 2009 11:31:19 +0000 (12:31 +0100)]
Upgrade ntvfs_map_*info to ntvfs_map_async_setup/ntvfs_map_async_finish
ntvfs_map_fsinfo, ntvfs_map_qpathinfo, ntvfs_map_qfileinfo used an
old synchronous mapping technique, acceptable on the grounds that
they were only used by the simple vfs which was synchronous.
Other vfs may/do use these functions, and by upgrading them to use the
ntvfs_map_async_setup/ntvfs_map_async_finish framework, they can now be
used asynchronously.
Signed-off-by: Sam Liddicott <sam@liddicott.com>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Fri, 26 Jun 2009 12:09:10 +0000 (14:09 +0200)]
s3:passdb: fix bug #6509: use gid (not uid) cache in fetch_gid_from_cache().
With the previous code, the cache can never have been hit at all.
Michael
Günther Deschner [Thu, 25 Jun 2009 15:43:28 +0000 (17:43 +0200)]
s3-vlp: drastically shrink size and dependencies of the virtual line printer.
This gets vlp from 13M down to 214K on my box.
Guenther
Tim Prouty [Fri, 26 Jun 2009 01:40:17 +0000 (18:40 -0700)]
s3: pass a valid stat into file_ntimes()
file_ntimes() calls can_write_to_file() which expects a valid stat struct
Tim Prouty [Fri, 26 Jun 2009 01:19:09 +0000 (18:19 -0700)]
s3 file_access: Convert some more functions over to use smb_filneame
Tim Prouty [Fri, 26 Jun 2009 00:24:19 +0000 (17:24 -0700)]
s3: simplify some redundant logic in is_ntfs_default_stream_smb_fname()
Tim Prouty [Thu, 25 Jun 2009 21:44:23 +0000 (14:44 -0700)]
s3: Remove get_full_smb_filename() from open_directory()
This is possible because open_directory() returns an error if
the fname is a stream, so the base_name can be used.
Tim Prouty [Thu, 25 Jun 2009 18:20:36 +0000 (11:20 -0700)]
s3 onefs: Plumb smb_filename through onefs createfile path
Tim Prouty [Thu, 25 Jun 2009 21:16:46 +0000 (14:16 -0700)]
s3: Change set_ea() and its callers to use smb_filename
Jeremy Allison [Thu, 25 Jun 2009 19:57:15 +0000 (12:57 -0700)]
Fix bug #6506 - SMBD server doesn't set EAs when a file is overwritten in NT_TRANSACT_CREATE.
Reported and verified by Long Li <longli@microsoft.com>
Jeremy.
Kai Blin [Thu, 25 Jun 2009 19:36:49 +0000 (21:36 +0200)]
s4 auth_winbind: Internally, info3 has utf8 buffers, not utf16 buffers.
Thanks to gd for the catch.
Kai Blin [Thu, 25 Jun 2009 17:38:51 +0000 (19:38 +0200)]
s4 auth_winbind: Don't allocate the rids for the info3 structure within the loop
Kai Blin [Thu, 25 Jun 2009 17:16:02 +0000 (19:16 +0200)]
s4: Add libwbclient backend to auth_winbind
Günther Deschner [Thu, 25 Jun 2009 14:38:39 +0000 (16:38 +0200)]
s3-netlogon: remove remaining netlogon init functions.
Guenther
Volker Lendecke [Thu, 25 Jun 2009 12:46:17 +0000 (14:46 +0200)]
Add a \n to a debug message in smbacl4_nfs42win
Jeff Layton [Thu, 25 Jun 2009 11:27:25 +0000 (07:27 -0400)]
mount.cifs: add support for sending IPv6 scope ID to kernel
When getaddrinfo returns an IPv6 address with a non-zero scope_id, send
that to the kernel appended to the address with a '%' delimiter. This
allows people to mount servers via their link-local IPv6 addresses
(given a kernel that understands this address format, of course).
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Günther Deschner [Thu, 25 Jun 2009 10:12:05 +0000 (12:12 +0200)]
s3-netlogon: remove init_netr_SamInfo functions.
Guenther
Günther Deschner [Thu, 25 Jun 2009 10:00:20 +0000 (12:00 +0200)]
s3-netlogon: fix validation level 2 support in netr_SamLogon and friends.
Guenther
Günther Deschner [Tue, 23 Jun 2009 22:24:55 +0000 (00:24 +0200)]
s3-examples: make get_next_oid exectuable.
Guenther
Günther Deschner [Thu, 25 Jun 2009 00:06:21 +0000 (02:06 +0200)]
s3-samr: refactor _samr_SetDomainInfo().
Guenther
Günther Deschner [Wed, 24 Jun 2009 23:52:06 +0000 (01:52 +0200)]
s3-samr: refactor _samr_QueryDomainInfo().
Guenther
Tim Prouty [Mon, 22 Jun 2009 22:26:56 +0000 (15:26 -0700)]
s3: Plumb smb_filename through SMB_VFS_STAT and SMB_VFS_LSTAT
This patch introduces two new temporary helper functions
vfs_stat_smb_fname and vfs_lstat_smb_fname. They basically allowed me
to call the new smb_filename version of stat, while avoiding plumbing
it through callers that are still too inconvenient. As the conversion
moves along, I will be able to remove callers of this, with the goal
being to remove all callers.
There was also a bug in create_synthetic_smb_fname_split (also a
temporary utility function) that caused it to incorrectly handle
filenames with ':'s in them when in posix mode. This is now fixed.
Tim Prouty [Thu, 18 Jun 2009 18:38:42 +0000 (11:38 -0700)]
s3: Convert is_visible_file to use talloc_asprintf instead of malloc
Stefan Metzmacher [Tue, 9 Jun 2009 20:34:14 +0000 (22:34 +0200)]
s3:smbd: send SMB2 interim responses for async calls
metze
Stefan Metzmacher [Tue, 9 Jun 2009 20:33:32 +0000 (22:33 +0200)]
s3:smbd: add support for async interim SMB2 responses and prepare SMB2 cancel
metze
Stefan Metzmacher [Tue, 9 Jun 2009 19:29:40 +0000 (21:29 +0200)]
s3:smbd: keep a list of outstanding SMB2 requests
metze
Stefan Metzmacher [Tue, 9 Jun 2009 18:44:13 +0000 (20:44 +0200)]
s3:smbd: add smbd_smb2_send_oplock_break()
metze
Stefan Metzmacher [Tue, 9 Jun 2009 18:02:48 +0000 (20:02 +0200)]
s3:smbd: the SMB2-COMPOUND test shows that the related vs. unrelated flags isn't checked first
metze
Volker Lendecke [Wed, 24 Jun 2009 10:41:16 +0000 (12:41 +0200)]
Reenable the LDAPI socket for the merged build
It seems that the samba4 part of the merged build does not pick up the
DEVELOPER flag from the s3 configure.
Jelmer, can you fix that properly?
Thanks,
Volker
Volker Lendecke [Wed, 24 Jun 2009 10:39:21 +0000 (12:39 +0200)]
Only set the password if there is one
Günther Deschner [Tue, 23 Jun 2009 22:27:33 +0000 (00:27 +0200)]
s4-smbtorture: more paranoid checks while testing group membership in RPC-SAMR.
Guenther
Günther Deschner [Tue, 23 Jun 2009 18:27:05 +0000 (20:27 +0200)]
s3-printing: eliminate another non sec_initial_uid using security check.
Guenther
Günther Deschner [Tue, 23 Jun 2009 18:26:27 +0000 (20:26 +0200)]
s3-spoolss: restructure _spoolss_EndDocPrinter().
Guenther
Günther Deschner [Tue, 23 Jun 2009 09:16:23 +0000 (11:16 +0200)]
s3-lsa: Fix error path in _lsa_EnumAccountRights.
This needs to return NT_STATUS_OBJECT_NAME_NOT_FOUND
again as described in MS-LSAD 3.1.4.5.10 and tested with the
RPC-SAMR-USER-PRIVILEGES test.
Guenther
Günther Deschner [Wed, 8 Apr 2009 17:18:13 +0000 (19:18 +0200)]
s3-eventlog: implement _eventlog_ReportEventW().
Guenther
Günther Deschner [Tue, 23 Jun 2009 08:58:04 +0000 (10:58 +0200)]
s3: re-run make idl.
Guenther
Günther Deschner [Tue, 23 Jun 2009 08:55:05 +0000 (10:55 +0200)]
samr: add samr_UserInfoLevel and samr_DomainInfoClass enums based on MS-SAMR.
Guenther
Aravind Srinivasan [Tue, 16 Jun 2009 22:11:32 +0000 (15:11 -0700)]
s3: forward MSG_DEBUG from smbd parent to all children
Before 3.3, an smbcontrol debug message sent to the target "smbd" would
actually be sent to all running processes including nmbd and winbindd.
This behavior was changed in 3.3 so that the "smbd" target would only
send a message to the process found in smbd.pid, while the "all" target
would send a message to all processes.
The ability to set the debug level of all processes within a single
daemon, without specifying each pid is quite useful. This was implemented
in winbindd in
065760ed. This patch does the same thing for smbd.
Upon receiving a MSG_DEBUG the parent smbd will rebroadcast it to all of
its children.
The printing process has been added to the list of smbd child processes,
and we now always track the number of smbd children regardless of the
"max smbd processes" setting.
Günther Deschner [Mon, 22 Jun 2009 20:35:58 +0000 (22:35 +0200)]
s3-libnet: fix libnet_unjoin_remove_machine_acct() when called without ads struct.
Guenther
Volker Lendecke [Sat, 20 Jun 2009 16:43:58 +0000 (18:43 +0200)]
Add tldap paged searches, together with two helper routines
Volker Lendecke [Sat, 20 Jun 2009 16:42:18 +0000 (18:42 +0200)]
Reorganize retrieving errors and server-sent controls
This attaches the data to the tldap_message instead of the tevent_req.
It adds tldap_ctx_lastmsg() to retrieve the last message for the users of
the sync wrappers.
Volker Lendecke [Fri, 19 Jun 2009 16:20:20 +0000 (18:20 +0200)]
Move asn1_load_nocopy() to lib/util/asn1.c
Volker Lendecke [Fri, 19 Jun 2009 15:39:13 +0000 (17:39 +0200)]
Move asn1_blob() to lib/util/asn1.c
Volker Lendecke [Fri, 19 Jun 2009 12:01:10 +0000 (14:01 +0200)]
Add tldap_supports_control
Volker Lendecke [Fri, 19 Jun 2009 12:00:31 +0000 (14:00 +0200)]
Add tldap_entry_has_attrvalue
Volker Lendecke [Sat, 6 Jun 2009 21:21:01 +0000 (23:21 +0200)]
tldap control support
Volker Lendecke [Sat, 6 Jun 2009 19:06:33 +0000 (21:06 +0200)]
Prepare control support
We will have arrays of controls passed to tldap.c. Follow a mantra from the
classic book "Thinking Forth" by Leo Brodie: Favor counts over terminators :-)
This makes the parameter lists to tldap pretty long, but everyone will have
wrapper routines anyway, see for example tldap_search_fmt. And the OpenLDAP
manpages call the non-_ext routines deprecated, probably for a reason.
Volker Lendecke [Sat, 20 Jun 2009 09:46:42 +0000 (11:46 +0200)]
Fix setting passwords in pdb_ads
The samba4 password_hash module does not allow changing the password fields via
the "delete oldval" -> "add newval" set of modify operations, it requires a
single "replace with newval" operation.
Andrew, Samba3 by default uses that delete/add pair to detect if between
fetching the old value and storing the new one the old value has changed. This
is lost by using the "replace" operation.
Would it make sense to add this to the password_hash module?
Volker
Volker Lendecke [Sat, 20 Jun 2009 09:06:14 +0000 (11:06 +0200)]
Fix empty lines
Volker Lendecke [Sat, 20 Jun 2009 08:54:51 +0000 (10:54 +0200)]
talloc_tos() aborts if it can not get a stackframe
Jeremy Allison [Sat, 20 Jun 2009 00:26:53 +0000 (17:26 -0700)]
Fix coverity #729. Resource leak in error path.
Jeremy.
Jeremy Allison [Sat, 20 Jun 2009 00:20:00 +0000 (17:20 -0700)]
Fix coverity #740. Resource leak in error paths. We should
always return queue here as the caller will free.
Jeremy.
Jeremy Allison [Fri, 19 Jun 2009 23:44:15 +0000 (16:44 -0700)]
Fix coverity #900. Resource leak.
Jeremy.
Jeremy Allison [Fri, 19 Jun 2009 22:29:35 +0000 (15:29 -0700)]
Fix coverity #920. Possible NULL deref.
Jeremy.
Jeremy Allison [Fri, 19 Jun 2009 21:55:00 +0000 (14:55 -0700)]
Fix coverity #676. Forward NULL.
Jeremy.
Michael Adam [Fri, 19 Jun 2009 19:04:06 +0000 (21:04 +0200)]
s3: fix make test with external libtalloc or libtdb.
This skips the talloctort and tdbtorture tests when the
corresponding binaries are not present.
There might be more clever ways of detecting wether samba
has been linked with internal or external libraries, but
as a first approximation, this seems valid.
Michael
Michael Adam [Fri, 19 Jun 2009 18:31:33 +0000 (20:31 +0200)]
s3:build: build talloctort only when using the internal liballoc
Fixes the build with the external libtalloc.
And is the reasonable thing to do anyways.
Michael
Michael Adam [Fri, 19 Jun 2009 17:45:58 +0000 (19:45 +0200)]
s3:build: build the tdb tools only when using the internal libtdb
This fixes the build when internal libtdb is used.
Michael
Michael Adam [Fri, 19 Jun 2009 17:27:02 +0000 (19:27 +0200)]
s3:build: remove LIBTDB_OBJ from TDBTORTURE_OBJ collection
tdbtorture is linked with LIBTDB_LIBS, which is whatever
configure has determined to be (-ltdb or LIBTDB_OBJ ...).
Michael
Michael Adam [Fri, 19 Jun 2009 17:02:04 +0000 (19:02 +0200)]
s3:build: check for availability of external libtdb and use it if available
Link internal libtalloc statiaclly if extenal libtalloc is not found
or does not have appropriate version.
Michael
Michael Adam [Wed, 17 Jun 2009 16:20:30 +0000 (18:20 +0200)]
s3:build: link libtalloc statically if using internal libtalloc
Michael
Jim McDonough [Fri, 19 Jun 2009 17:46:07 +0000 (13:46 -0400)]
Don't require "Modify property" perms to unjoin bug #6481)
"net ads leave" stopped working when "modify properties"
permissions were not granted (meaning you had to be allowed
to disable the account that you were about to delete).
Libnetapi should not delete machine accounts, as this does not
happen on win32. The WKSSVC_JOIN_FLAGS_ACCOUNT_DELETE flag
really means "disable" (both in practice and docs).
However, to keep the functionality in "net ads leave", we
will still try to do the delete. If this fails, we try
to do the disable.
Additionally, it is possible in windows to not disable or
delete the account, but just tell the local machine that it
is no longer in the account. libnet can now do this as well.
Volker Lendecke [Fri, 19 Jun 2009 15:36:38 +0000 (17:36 +0200)]
Add a missing talloc_move() in tldap_search_recv
Volker Lendecke [Fri, 19 Jun 2009 14:00:23 +0000 (16:00 +0200)]
Fix Coverity IDs 922 and 933
In copy_internals(), if the !CAN_WRITE(conn) kicks in, we end up
dereferencing a NULL smb_filename.
This adds a simple protection around it.
Tim, please check!
Volker
Karolin Seeger [Fri, 19 Jun 2009 13:23:22 +0000 (15:23 +0200)]
s3/docs: Fix typo.
This fixes bug #6412.
Thanks to Carsten Dumke <carsten [at] cdumke.de> for reporting!
Karolin
Volker Lendecke [Fri, 19 Jun 2009 11:06:02 +0000 (13:06 +0200)]
Add tiny tldap test
Volker Lendecke [Sat, 13 Jun 2009 09:59:39 +0000 (11:59 +0200)]
Add tldap_fetch_rootdse
Volker Lendecke [Fri, 19 Jun 2009 10:41:16 +0000 (12:41 +0200)]
Make tevent_req_is_ldap_error public
Volker Lendecke [Fri, 19 Jun 2009 09:45:01 +0000 (11:45 +0200)]
Add tldap_context_[gs]etattr
This adds the ability to attach extended information to a tldap_context. This
will become useful once we start to do automatic reconnects for example, a
callback function might want attach a pointer to credentials so that it can
rebind.
The initial user of this will be a cached rootdse, so that things like the
ability to do paged searches can be cached.
Björn Jacke [Fri, 19 Jun 2009 09:51:22 +0000 (11:51 +0200)]
s3:dmapi: prefer dmapi libs from gpfs over system libs
Patch from William Jojo sent to samba-technical:
This is based on some pain felt when building 32-bit and 64-bit Clustered Samba
on AIX with GPFS support.
Part of the problem lies in AIX only providing 32-bit shared object in
libxdsm.a(shr.o). So without libdmapi.a from gpfs.base, you get no DMAPI
support under 64-bit.
Günther Deschner [Fri, 19 Jun 2009 00:52:53 +0000 (02:52 +0200)]
s4-smbtorture: fix test_GetInfoLevel crash bug in RPC-DFS.
Guenther
Andrew Bartlett [Fri, 19 Jun 2009 05:38:33 +0000 (15:38 +1000)]
Merge branch 'master' of ssh://git.samba.org/data/git/samba into master-devel
Andrew Bartlett [Fri, 19 Jun 2009 05:29:42 +0000 (15:29 +1000)]
Allow developers access the the privilaged ldapi socket for the moment
This allows us some time to get the EXTERNAL bind working
Andrew Bartlett [Fri, 19 Jun 2009 04:43:51 +0000 (14:43 +1000)]
On our way to alpha9!
Andrew Bartlett [Fri, 19 Jun 2009 04:36:48 +0000 (14:36 +1000)]
Mark as release version
Andrew Bartlett [Fri, 19 Jun 2009 03:25:28 +0000 (13:25 +1000)]
Partially revert restriction of socket_wrapper to 1500 byte writes
This keeps the restriction for stream sockets (where the caller will
retry), without creating problems on datagram sockets (CLDAP is not
defined, as far as I know, across multiple UDP packets).
The commit adding this restriction was
47b106c0ae8b91c9cccfc21bf8e4e416b1abfd5d
Andrew Bartlett
Andrew Bartlett [Thu, 18 Jun 2009 04:55:31 +0000 (14:55 +1000)]
s4:ldapsrv Place the 'privilaged' ldapi socket under an #ifdef
This makes it clear to our users that this particular implementation
isn't final (all parties are agreed that an EXTERNAL bind is the right
way to do this, but it has not been implemented yet).
Andrew Bartlett
Andrew Tridgell [Fri, 19 Jun 2009 03:57:30 +0000 (13:57 +1000)]
added some basic documentation for the idmap script option
Andrew Tridgell [Fri, 19 Jun 2009 03:57:13 +0000 (13:57 +1000)]
added a sample script for the "idmap script" option
Andrew Bartlett [Fri, 19 Jun 2009 03:25:28 +0000 (13:25 +1000)]
Partially revert restriction of socket_wrapper to 1500 byte writes
This keeps the restriction for stream sockets (where the caller will
retry), without creating problems on datagram sockets (CLDAP is not
defined, as far as I know, across multiple UDP packets).
The commit adding this restriction was
47b106c0ae8b91c9cccfc21bf8e4e416b1abfd5d
Andrew Bartlett
Andrew Bartlett [Fri, 19 Jun 2009 01:29:31 +0000 (11:29 +1000)]
s4:ldb Add test for integer normalisation behaviour
This uses groupType as the example, but this actually applies to all
integer types in AD.
Andrew Bartlett
Matthias Dieter Wallnöfer [Thu, 18 Jun 2009 09:18:05 +0000 (11:18 +0200)]
A fix in the ACL code used by both SAMBA 3 and 4
This fixes an uninitialised structure. It has been found through valgrind
in the RAW-ACLs test suite (Bug #6397).
Matthias Dieter Wallnöfer [Thu, 18 Jun 2009 09:16:16 +0000 (11:16 +0200)]
Fixed some uninitialised variables
I tried hard to not change the program logic. Should fix bug #6439.
Matthias Dieter Wallnöfer [Thu, 18 Jun 2009 09:05:45 +0000 (11:05 +0200)]
Correct handling of 32-bit integer attributes in SAMBA 4
- LDB handles now all 32-bit integer attributes correctly (also with overflows)
according to the schema
- LDAP backends handle the attributes "groupType", "userAccountControl" and
"sAMAccountType" correctly. This handling doesn't yet use the schema but
the conversion file "simple_ldap.map.c" which contains them hardcoded.
Did also a refactoring of the conversion function there.
- Bug #6136 should be gone
Günther Deschner [Thu, 18 Jun 2009 23:57:16 +0000 (01:57 +0200)]
s3-pam_winbind: Fix Bug 6253: Use correct value for password expiry calculation.
Based on patch from Blindauer Emmanuel <samba@mooby.net>.
Guenther
Volker Lendecke [Thu, 18 Jun 2009 09:45:57 +0000 (11:45 +0200)]
Fix bug 4699: Remove pidfile on clean shutdown
Jeremy Allison [Thu, 18 Jun 2009 22:40:14 +0000 (15:40 -0700)]
acl_group_override() doesn't need to call stat. Pass this
down from above (as const).
Jeremy.
Jeremy Allison [Thu, 18 Jun 2009 22:07:14 +0000 (15:07 -0700)]
Add some const to the stat struct in the dosmode calls.
Fix a couple more unix_convert uses to filename_convert.
Fix bug in acl_group_override() where an uninitialized
struct could be used. Move unix_convert with wildcard
use in SMBsearch reply to boilerplate code.
Jeremy.
Jeremy Allison [Thu, 18 Jun 2009 20:13:38 +0000 (13:13 -0700)]
Replace the boilerplate calls to :
resolve_dfspath() -> unix_convert() -> get_full_smb_filename() -> check_name()
with a new function filename_convert().
This restores the check_name() calls that had gone missing
since the default create_file was changed. All "standard"
pathname processing now goes through filename_convert().
I'll take a look at the non-standard pathname processing
next. As a benefit, fixed a missing resolve_dfspath()
in the trans2 mkdir call.
Jeremy.
Günther Deschner [Thu, 18 Jun 2009 14:17:26 +0000 (16:17 +0200)]
libwbclient: fix returned LogonInfo in wbc_LogonUser().
That function could return emtpy blobs for username and ccache for e.g. cached
logins.
Guenther
Günther Deschner [Thu, 18 Jun 2009 14:33:46 +0000 (16:33 +0200)]
wbinfo: use wbcLogonUser for wbinfo -K.
Guenther
Simo Sorce [Thu, 18 Jun 2009 11:56:51 +0000 (07:56 -0400)]
Revert "For tevent to install tevent_util.h"
This reverts commit
b112cc5503350b248949bdbcce8072f5523ce877.
tevent_util.h is a private header. Must not be installed.
Karolin Seeger [Thu, 18 Jun 2009 07:32:10 +0000 (09:32 +0200)]
s3/docs: Add documentation for 'net sam rights'.
This is part of a fix for bug #6328.
Karolin
Andrew Bartlett [Thu, 18 Jun 2009 05:00:28 +0000 (15:00 +1000)]
s3:netlogon Cope with recent rename in netlogon.idl