ira/wip.git
13 years agoDo not pull samAccountName twice
Volker Lendecke [Tue, 9 Jun 2009 19:46:04 +0000 (21:46 +0200)]
Do not pull samAccountName twice

13 years agos3:smbd: only check the next_status for related requests
Stefan Metzmacher [Tue, 9 Jun 2009 17:48:08 +0000 (19:48 +0200)]
s3:smbd: only check the next_status for related requests

metze

13 years agos3:smbd: response with the same SMB2 flags as given by the client
Stefan Metzmacher [Tue, 9 Jun 2009 17:46:29 +0000 (19:46 +0200)]
s3:smbd: response with the same SMB2 flags as given by the client

...but also add the response flag.

metze

13 years agos3:smbd: only pass the chained file handle for related compounded SMB2 requests
Stefan Metzmacher [Tue, 9 Jun 2009 17:31:15 +0000 (19:31 +0200)]
s3:smbd: only pass the chained file handle for related compounded SMB2 requests

metze

13 years agos3:smbd: make sure we pad compounded SMB2 responses to 8 bytes
Stefan Metzmacher [Tue, 9 Jun 2009 17:21:26 +0000 (19:21 +0200)]
s3:smbd: make sure we pad compounded SMB2 responses to 8 bytes

metze

13 years agos3:smbd: skip file handle checks for SMB2 compounded requests
Stefan Metzmacher [Tue, 9 Jun 2009 16:47:26 +0000 (18:47 +0200)]
s3:smbd: skip file handle checks for SMB2 compounded requests

metze

13 years agos3:smbd: more validation of the incoming SMB2 requests
Stefan Metzmacher [Mon, 8 Jun 2009 11:30:32 +0000 (13:30 +0200)]
s3:smbd: more validation of the incoming SMB2 requests

metze

13 years agos3:smbd: for now ignore all non NBT Session Message requests for SMB2
Stefan Metzmacher [Mon, 8 Jun 2009 11:15:00 +0000 (13:15 +0200)]
s3:smbd: for now ignore all non NBT Session Message requests for SMB2

metze

13 years agos3:smbd: don't include 1 byte padding for the dynamic buffer of SMB2 responses
Stefan Metzmacher [Tue, 9 Jun 2009 15:06:40 +0000 (17:06 +0200)]
s3:smbd: don't include 1 byte padding for the dynamic buffer of SMB2 responses

It seems that Windows 2008 and Windows 7 doesn't do this anymore.

metze

13 years agoSMB2-COMPOUND: add some tests for invalid requests
Stefan Metzmacher [Tue, 9 Jun 2009 16:13:53 +0000 (18:13 +0200)]
SMB2-COMPOUND: add some tests for invalid requests

TODO: check why the INVALID1 tests fails with --signing=required.

metze

13 years agos4:smb2srv: don't allow the related flag on the first request in a compounded chain
Stefan Metzmacher [Tue, 9 Jun 2009 17:32:30 +0000 (19:32 +0200)]
s4:smb2srv: don't allow the related flag on the first request in a compounded chain

metze

13 years agos4: smbcli_transport_send hit the socket right away if possible
Sam Liddicott [Tue, 9 Jun 2009 11:51:44 +0000 (12:51 +0100)]
s4: smbcli_transport_send hit the socket right away if possible

[Metze; "make test" on git master outputs exactly the same test summary
with our without this patch (apart from the "using seed" lines)]

If the transport socket is writable, then push the queue along
rather than wait until the caller returns back to the tevent loop.

This strategy keeps the sockets piping hot, and is particularly good
for cases where reading requests from one socket causes lots of
writes on another socket, or where lots of writes are made in a batch.

It doesn't matter if the socket is not writeable yet, packet_queue_run
will return quite cheaply in such a case.

Signed-off-by: Sam Liddicott <sam@liddicott.com>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
13 years agonet: Only use the in memory ccache when not already using a kerberos ticket in net ads
Kai Blin [Tue, 9 Jun 2009 16:05:50 +0000 (18:05 +0200)]
net: Only use the in memory ccache when not already using a kerberos ticket in net ads

13 years agos4:torture: add SMB2-COMPOUND test
Stefan Metzmacher [Mon, 8 Jun 2009 14:26:57 +0000 (16:26 +0200)]
s4:torture: add SMB2-COMPOUND test

metze

13 years agos4:smb2srv: correctly fail remaining compounded requests after a failure
Stefan Metzmacher [Tue, 9 Jun 2009 14:48:25 +0000 (16:48 +0200)]
s4:smb2srv: correctly fail remaining compounded requests after a failure

metze

13 years agos4:smb2srv: remove old TODO comment, we already check the seqnum
Stefan Metzmacher [Tue, 9 Jun 2009 14:35:25 +0000 (16:35 +0200)]
s4:smb2srv: remove old TODO comment, we already check the seqnum

metze

13 years agos4:smb2srv: fix handling of multiple compounded requests
Stefan Metzmacher [Tue, 9 Jun 2009 14:34:52 +0000 (16:34 +0200)]
s4:smb2srv: fix handling of multiple compounded requests

metze

13 years agos4:smb2srv: remove the chained file handle on close
Stefan Metzmacher [Tue, 9 Jun 2009 14:33:46 +0000 (16:33 +0200)]
s4:smb2srv: remove the chained file handle on close

metze

13 years agos4:libcli/smb2: add smb2_transport_credits_ask_num()
Stefan Metzmacher [Mon, 8 Jun 2009 15:59:26 +0000 (17:59 +0200)]
s4:libcli/smb2: add smb2_transport_credits_ask_num()

metze

13 years agos4:libcli/smb2: only add the 1 byte dynamic buffer padding for non compounded requests
Stefan Metzmacher [Tue, 9 Jun 2009 13:04:53 +0000 (15:04 +0200)]
s4:libcli/smb2: only add the 1 byte dynamic buffer padding for non compounded requests

metze

13 years agos4:libcli/smb2: add support sending compounded requests
Stefan Metzmacher [Mon, 8 Jun 2009 14:24:27 +0000 (16:24 +0200)]
s4:libcli/smb2: add support sending compounded requests

metze

13 years agos4:libcli/smb2: prepare SMB2 signing code for compounded requests
Stefan Metzmacher [Tue, 9 Jun 2009 12:52:44 +0000 (14:52 +0200)]
s4:libcli/smb2: prepare SMB2 signing code for compounded requests

metze

13 years agos3-net: fix "net ads testjoin".
Günther Deschner [Tue, 9 Jun 2009 13:41:44 +0000 (15:41 +0200)]
s3-net: fix "net ads testjoin".

This always needs to use machine account credentials.

Kai, please check.

Guenther

13 years agos4-selftest: change rpc.secrets to rpc.lsa.secrets here as well.
Günther Deschner [Tue, 9 Jun 2009 13:31:51 +0000 (15:31 +0200)]
s4-selftest: change rpc.secrets to rpc.lsa.secrets here as well.

Guenther

13 years agoNo need to free twice -- thanks gd :-)
Volker Lendecke [Tue, 9 Jun 2009 13:28:21 +0000 (15:28 +0200)]
No need to free twice -- thanks gd :-)

13 years agoImplement pdb_ads_[add|del]_groupmem
Volker Lendecke [Tue, 9 Jun 2009 13:24:06 +0000 (15:24 +0200)]
Implement pdb_ads_[add|del]_groupmem

13 years agoMake "net sam [add|del]mem" work for domain groups
Volker Lendecke [Tue, 9 Jun 2009 13:23:33 +0000 (15:23 +0200)]
Make "net sam [add|del]mem" work for domain groups

13 years agolsa: use the lsa access masks in idl.
Günther Deschner [Tue, 9 Jun 2009 13:14:30 +0000 (15:14 +0200)]
lsa: use the lsa access masks in idl.

Guenther

13 years agoImplement pdb_ads_delete_dom_group
Volker Lendecke [Tue, 9 Jun 2009 12:46:55 +0000 (14:46 +0200)]
Implement pdb_ads_delete_dom_group

13 years agoImplement "net sam deletedomaingroup"
Volker Lendecke [Tue, 9 Jun 2009 12:46:43 +0000 (14:46 +0200)]
Implement "net sam deletedomaingroup"

13 years agos4-smbtorture: rename SECRETS to LSA-SECRETS.
Günther Deschner [Tue, 9 Jun 2009 10:06:19 +0000 (12:06 +0200)]
s4-smbtorture: rename SECRETS to LSA-SECRETS.

Guenther

13 years agoIt seems that IRIX doesn't have IOV_MAX
Andrew Tridgell [Tue, 9 Jun 2009 04:54:15 +0000 (14:54 +1000)]
It seems that IRIX doesn't have IOV_MAX

13 years agotry to get PICFLAG right for HP-UX with gcc
Andrew Tridgell [Tue, 9 Jun 2009 04:18:58 +0000 (14:18 +1000)]
try to get PICFLAG right for HP-UX with gcc

13 years agowork around conflict in pidfile() prototype for heimdal on NetBSD5
Andrew Tridgell [Tue, 9 Jun 2009 04:11:20 +0000 (14:11 +1000)]
work around conflict in pidfile() prototype for heimdal on NetBSD5

13 years agofixed socket wrapper to determine family from the right structure
Andrew Tridgell [Tue, 9 Jun 2009 03:33:09 +0000 (13:33 +1000)]
fixed socket wrapper to determine family from the right structure

In convert_in_un_remote() the socket family can be accessed either as
si->family or inaddr->sa_family. We were using the si->family to
determine how to cast the inaddr structure, but if si->family !=
inaddr->sa_family then we will incorrectly be casting a in6 structure
as in4 or vice-versa.

13 years agoReplace the "ipv4" specific strings in libcli/cldap/cldap.c with "ip". CLDAP can
Jeremy Allison [Mon, 8 Jun 2009 22:21:48 +0000 (15:21 -0700)]
Replace the "ipv4" specific strings in libcli/cldap/cldap.c with "ip". CLDAP can
run over IPv4/IPv6, even though some of the netlogon messages are IPv4 specific.
Fix the new ads_cldap_netlogon() to be IPv6/IPv4 agnostic. This compiles but
I don't have a good test env. for this (although as the previous code was
*completely* broken over IPv6 this will expose previously hidden bugs if it's broken :-).
Jeremy.

13 years agoImplement pdb_ads_enum_group_members
Volker Lendecke [Mon, 8 Jun 2009 21:57:54 +0000 (23:57 +0200)]
Implement pdb_ads_enum_group_members

13 years agoMake "net ads listmem" also work for domain groups
Volker Lendecke [Mon, 8 Jun 2009 21:57:11 +0000 (23:57 +0200)]
Make "net ads listmem" also work for domain groups

13 years agonsswitch: try to fix segfault in nss_winbind on NetBSD found by torture test.
Günther Deschner [Mon, 8 Jun 2009 21:31:25 +0000 (23:31 +0200)]
nsswitch: try to fix segfault in nss_winbind on NetBSD found by torture test.

Guenther

13 years agoFix some nonempty blank lines
Volker Lendecke [Mon, 8 Jun 2009 21:11:47 +0000 (23:11 +0200)]
Fix some nonempty blank lines

13 years agos3-lsa: remove old code that we cannot even compile anymore.
Günther Deschner [Mon, 8 Jun 2009 20:58:16 +0000 (22:58 +0200)]
s3-lsa: remove old code that we cannot even compile anymore.

Guenther

13 years agos4-smbtorture: when testing RPC-SAMR-LARGE-DC its fine to just close the objects.
Günther Deschner [Mon, 8 Jun 2009 20:41:23 +0000 (22:41 +0200)]
s4-smbtorture: when testing RPC-SAMR-LARGE-DC its fine to just close the objects.

Guenther

13 years agonss_wrapper: fix typo in testsuite.
Günther Deschner [Mon, 8 Jun 2009 20:33:51 +0000 (22:33 +0200)]
nss_wrapper: fix typo in testsuite.

Guenther

13 years agos4-smbtorture: add test_QueryDisplayInfo_level to RPC-SAMR-LARGE-DC.
Günther Deschner [Mon, 8 Jun 2009 08:24:48 +0000 (10:24 +0200)]
s4-smbtorture: add test_QueryDisplayInfo_level to RPC-SAMR-LARGE-DC.

Guenther

13 years agolibsamba-util: Fix soversion.
Jelmer Vernooij [Mon, 8 Jun 2009 20:43:36 +0000 (22:43 +0200)]
libsamba-util: Fix soversion.

13 years agopython: Fix samba4.dcerpc.rpcecho.RpcEchoTests.test_surrounding test.
Jelmer Vernooij [Mon, 8 Jun 2009 20:41:39 +0000 (22:41 +0200)]
python: Fix samba4.dcerpc.rpcecho.RpcEchoTests.test_surrounding test.

13 years agoMake open_udp_socket() IPv6 clean. Trying to fix bug #6437 - Unable to join IPv6...
Jeremy Allison [Mon, 8 Jun 2009 20:26:39 +0000 (13:26 -0700)]
Make open_udp_socket() IPv6 clean. Trying to fix bug #6437 - Unable to join IPv6-only ads domain.
Avaiting feedback from submitter before backport to 3.4 and earlier.
Jeremy.

13 years agos4:heimdal: fix build on FreeBSD
Björn Jacke [Mon, 8 Jun 2009 20:11:33 +0000 (22:11 +0200)]
s4:heimdal: fix build on FreeBSD

Patch from Timur I. Bakeyev sent to samba-technical:

Heimdal requires openpty() presence. FreeBSD has in in standard libc, so
autodetection works, but compilation fails, as declaration of this function is
missing.

This patch adds proper header detection and inclusion for openpty().

13 years agos3-spoolss: add server-support for queries for the "all" architecture in printdriver...
Günther Deschner [Wed, 13 May 2009 13:35:55 +0000 (15:35 +0200)]
s3-spoolss: add server-support for queries for the "all" architecture in printdriver enum calls.

Guenther

13 years agos4-smbtorture: also test for "all" architecture in enum driver tests in RPC-SPOOLSS.
Günther Deschner [Wed, 13 May 2009 13:35:25 +0000 (15:35 +0200)]
s4-smbtorture: also test for "all" architecture in enum driver tests in RPC-SPOOLSS.

Guenther

13 years agoFix two 64-bit warnings
Volker Lendecke [Mon, 8 Jun 2009 19:13:24 +0000 (21:13 +0200)]
Fix two 64-bit warnings

13 years agoImplement pdb_[add|del]aliasmem
Volker Lendecke [Mon, 8 Jun 2009 18:37:50 +0000 (20:37 +0200)]
Implement pdb_[add|del]aliasmem

13 years agoAdd tlda_add_mod_str
Volker Lendecke [Mon, 8 Jun 2009 18:36:49 +0000 (20:36 +0200)]
Add tlda_add_mod_str

13 years agoDo not use a variable format string
Volker Lendecke [Mon, 8 Jun 2009 18:15:56 +0000 (20:15 +0200)]
Do not use a variable format string

13 years agoImplement pdb_ads_enum_aliasmem
Volker Lendecke [Mon, 8 Jun 2009 18:04:49 +0000 (20:04 +0200)]
Implement pdb_ads_enum_aliasmem

13 years agoPass a talloc_ctx to pdb_enum_aliasmem
Volker Lendecke [Mon, 8 Jun 2009 17:43:01 +0000 (19:43 +0200)]
Pass a talloc_ctx to pdb_enum_aliasmem

13 years agoImplement pdb_ads_delete_alias
Volker Lendecke [Sun, 7 Jun 2009 21:32:36 +0000 (23:32 +0200)]
Implement pdb_ads_delete_alias

13 years agoImplement pdb_ads_create_dom_group()
Volker Lendecke [Sun, 7 Jun 2009 21:29:58 +0000 (23:29 +0200)]
Implement pdb_ads_create_dom_group()

13 years agos4-smbtorture: fix test_ReportEventLog in RPC-EVENTLOG.
Günther Deschner [Wed, 8 Apr 2009 19:29:16 +0000 (21:29 +0200)]
s4-smbtorture: fix test_ReportEventLog in RPC-EVENTLOG.

Guenther

13 years agos3-examples: fix usage for eventlog example script.
Günther Deschner [Mon, 27 Apr 2009 09:14:44 +0000 (11:14 +0200)]
s3-examples: fix usage for eventlog example script.

Guenther

13 years agos3-samr: fix enum_acb_mask type (uint32 instead of uint16).
Günther Deschner [Mon, 8 Jun 2009 15:32:10 +0000 (17:32 +0200)]
s3-samr: fix enum_acb_mask type (uint32 instead of uint16).

Guenther

13 years agos3-rpcclient: allow to set query size for samr enum calls.
Günther Deschner [Mon, 8 Jun 2009 13:48:24 +0000 (15:48 +0200)]
s3-rpcclient: allow to set query size for samr enum calls.

Guenther

13 years agos3:Makefile.in: use LIBDL as make variable instead of a shell variable
Stefan Metzmacher [Mon, 8 Jun 2009 09:51:36 +0000 (11:51 +0200)]
s3:Makefile.in: use LIBDL as make variable instead of a shell variable

metze

13 years agoFix make test_pam_modules
Timur I. Bakeyev [Sun, 7 Jun 2009 17:05:23 +0000 (17:05 +0000)]
Fix make test_pam_modules

In Samba3 there is a very handy Makefile target 'test_pam_modules'. It let
quickly veryfy, that obtained PAM module actually is loadable and doesn't
miss any dependency libs. the only problem that on FreeBSD it doesn't work
OOTB, as it unconditionally adds -ldl to the list of libraries when FreeBSD
doesn't have it and doesn't need it.

This small patch fixes the problem for FreeBSD and, I hope, still valid
for othe systems, where -ldl is required. Has to be tested there though.

With regards,
Timur Bakeyev.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
13 years agoSmall fix to SMB_LIBRARY macro
Timur I. Bakeyev [Sun, 7 Jun 2009 14:16:51 +0000 (14:16 +0000)]
Small fix to SMB_LIBRARY macro

It seems, that SMB_LIBRARY macro has small bug in the logic, when showing
if shall the SHARED version of the library be build.

If the default value is given as a parameter, it reports "yes" when library
is going to be build(?).

This small patch makes report consistent.

With regards,
Timur Bakeyev.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
13 years agoSIGRTMIN additions
Timur I. Bakeyev [Sun, 7 Jun 2009 15:46:07 +0000 (15:46 +0000)]
SIGRTMIN additions

In addition to [FreeBSD 14] there is another place, where we (re)define
SIGRTMIN - in SMB_IF_RTSIGNAL_BUG macro in /source3/m4/aclocal.m4.

Here is another small patch.

With regards,
Timur Bakeyev.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
13 years agoSet SIGRTMIN to NSIG
Timur I. Bakeyev [Sun, 7 Jun 2009 13:58:38 +0000 (13:58 +0000)]
Set SIGRTMIN to NSIG

In the includes we define SIGRTMIN to 32 if it's not defined already. This
value could be fairly low and it's better to use NSIG(number of defined
signals) as the lower mark for the available signals.

We have similar defenition in the source3/smbd/aio.c, which can be safely
removed, as it comes from includes.h then.

With regards,
Timur Bakeyev.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
13 years agoCheck for dmalloc at the end of the configure
Timur I. Bakeyev [Sun, 7 Jun 2009 12:50:15 +0000 (12:50 +0000)]
Check for dmalloc at the end of the configure

Enabling dmalloc in Samba3 build leads to the wrong detection of the
strndup() function - there isn't one in FreeBSD prior to 7.2, but
dmalloc defines it, so, farther tests with -ldmalloc added wrongly
find it. the cheapest fix is to move dmalloc detection and inclusion
to the bottom of configure, so it can't affect detection of the system
capabilities.

Here is the patch.

With regards,
Timur Bakeyev.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
13 years agoAdd langinfo.h to the system/locale.h
Timur I. Bakeyev [Sun, 7 Jun 2009 12:39:22 +0000 (12:39 +0000)]
Add langinfo.h to the system/locale.h

This patch for Samba4. It's not really inspired by any real need, just
for the consistency. We define replace/system/locale.h as a generic
header, that includes all locale related headers and we are using
nl_langinfo at least in Samba3. So, it would be consistent to add yet
another locale-related header to the set of locale.h headers.

Here is the patch.

With regards,
Timur Bakeyev.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
13 years agoMake tunable for modulesdir
Timur I. Bakeyev [Sun, 7 Jun 2009 12:34:54 +0000 (12:34 +0000)]
Make tunable for modulesdir

This patch is for Samba4. It adds configure tunable for modulesdir -
location, where modules should be installed. In the case, when no
FHS compliance is used and libdir is redefined, modulesdir still
points to $PREFIX/modules. In some installations it may be not desired.
I'd rather set it myself :)

So, here is the patch.

With regards,
Timur Bakeyev.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
13 years agorl_event_hook detection
Timur I. Bakeyev [Sun, 7 Jun 2009 12:00:22 +0000 (12:00 +0000)]
rl_event_hook detection

This patch is relevant for Samba4 source mostly. The way, how readline
compiled under FreeBSD makes it require stdio.h to get all the necessary
declarations. Without this addition rl_event_hook is not properly detected.

With regards,
Timur Bakeyev.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
13 years agos3-test: finally enable RPC-SAMR against samba3.
Günther Deschner [Mon, 8 Jun 2009 08:52:05 +0000 (10:52 +0200)]
s3-test: finally enable RPC-SAMR against samba3.

We now pass it :-)

Guenther

13 years agos3-winbindd: workaround alias enumeration in expand_groups().
Günther Deschner [Mon, 8 Jun 2009 11:04:47 +0000 (13:04 +0200)]
s3-winbindd: workaround alias enumeration in expand_groups().

alias enumeration in NSS is not done properly done atm and needs to be fixed.

Guenther

13 years agos3-selftest: forward NSS_WRAPPER_WINBIND_SO_PATH env to tests.
Günther Deschner [Fri, 5 Jun 2009 21:21:54 +0000 (23:21 +0200)]
s3-selftest: forward NSS_WRAPPER_WINBIND_SO_PATH env to tests.

Guenther

13 years agotest: add NSS_WRAPPER_WINBIND_SO_PATH to make test.
Günther Deschner [Fri, 5 Jun 2009 14:12:46 +0000 (16:12 +0200)]
test: add NSS_WRAPPER_WINBIND_SO_PATH to make test.

Guenther

13 years agos3-samr: support _samr_SetGroupInfo level 2.
Günther Deschner [Mon, 8 Jun 2009 08:43:17 +0000 (10:43 +0200)]
s3-samr: support _samr_SetGroupInfo level 2.

Guenther

13 years agos4-smbtorture: exclude oem_information checking for s3 in RPC-SAMR.
Günther Deschner [Sun, 7 Jun 2009 00:27:50 +0000 (02:27 +0200)]
s4-smbtorture: exclude oem_information checking for s3 in RPC-SAMR.

Guenther

13 years agos3-charcnv: always talloc_free in convert_string_talloc() error path.
Günther Deschner [Mon, 8 Jun 2009 08:40:57 +0000 (10:40 +0200)]
s3-charcnv: always talloc_free in convert_string_talloc() error path.

Guenther

13 years agos3-charcnv: remove remaining malloc references in convert_string_talloc().
Günther Deschner [Sun, 7 Jun 2009 14:04:07 +0000 (16:04 +0200)]
s3-charcnv: remove remaining malloc references in convert_string_talloc().

Guenther

13 years agonss_wrapper: add my copyright.
Günther Deschner [Sun, 7 Jun 2009 13:59:20 +0000 (15:59 +0200)]
nss_wrapper: add my copyright.

Guenther

13 years agoFurther fix for 6449
Volker Lendecke [Mon, 8 Jun 2009 08:05:11 +0000 (10:05 +0200)]
Further fix for 6449

Thanks to TAKAHASHI Motonobu <monyo@samba.gr.jp> for reporting!

13 years agoFix a valgrind error in "net rap user add"
Volker Lendecke [Mon, 8 Jun 2009 07:46:52 +0000 (09:46 +0200)]
Fix a valgrind error in "net rap user add"

13 years agoFix bug 6449
Volker Lendecke [Mon, 8 Jun 2009 07:45:21 +0000 (09:45 +0200)]
Fix bug 6449

Thanks to TAKAHASHI Motonobu <monyo@samba.gr.jp> for reporting!

13 years agoreplace: add fallback define for IOV_MAX
Stefan Metzmacher [Mon, 8 Jun 2009 07:01:45 +0000 (09:01 +0200)]
replace: add fallback define for IOV_MAX

This hopefully fixes the build on IRIX.

metze

13 years agotalloc: try to fix the source4 build on AIX
Stefan Metzmacher [Mon, 8 Jun 2009 06:20:11 +0000 (08:20 +0200)]
talloc: try to fix the source4 build on AIX

metze

13 years agoasync_sock: try fix the source4 build on FreeBSD, Solaris, SLES8
Stefan Metzmacher [Mon, 8 Jun 2009 06:15:57 +0000 (08:15 +0200)]
async_sock: try fix the source4 build on FreeBSD, Solaris, SLES8

metze

13 years agoUpdate WHATSNEW for an alpha8 release this week.
Andrew Bartlett [Mon, 8 Jun 2009 02:54:15 +0000 (12:54 +1000)]
Update WHATSNEW for an alpha8 release this week.

Please update this file with things you have worked on, if you want
them to be mentioned in the release.

Andrew Bartlett

13 years agoAdd "net sam createdomaingroup"
Volker Lendecke [Sun, 7 Jun 2009 21:11:12 +0000 (23:11 +0200)]
Add "net sam createdomaingroup"

13 years agoMore pdb_ads stuff
Volker Lendecke [Sun, 7 Jun 2009 17:09:41 +0000 (19:09 +0200)]
More pdb_ads stuff

13 years agoAdd tldap_pull_uint32
Volker Lendecke [Sun, 7 Jun 2009 17:08:52 +0000 (19:08 +0200)]
Add tldap_pull_uint32

13 years agomount.cifs: update the mount.cifs manpage
Jeff Layton [Sun, 7 Jun 2009 12:38:25 +0000 (08:38 -0400)]
mount.cifs: update the mount.cifs manpage

Add a new section entitled FILE AND DIRECTORY OWNERSHIP AND PERMISSIONS
that attempts to cover information about this topic. Change the uid=
and gid= options to refer to that section. Add new varlistentries for
forceuid, forcegid and dynperm.

Also update the information about how the program behaves when installed
as a setuid binary.

Signed-off-by: Jeff Layton <jlayton@redhat.com>
13 years agoMake "net sam list" work for groups, aliases and builtins
Volker Lendecke [Sun, 7 Jun 2009 10:30:26 +0000 (12:30 +0200)]
Make "net sam list" work for groups, aliases and builtins

13 years agoReturn full info in pdb_ads_search_users()
Volker Lendecke [Sun, 7 Jun 2009 10:04:56 +0000 (12:04 +0200)]
Return full info in pdb_ads_search_users()

13 years agoFix syntax of sending a delete request
Volker Lendecke [Sun, 7 Jun 2009 09:45:01 +0000 (11:45 +0200)]
Fix syntax of sending a delete request

13 years agoreq_del and req_abandon are ASN1_APPLICATION_SIMPLE
Volker Lendecke [Sun, 7 Jun 2009 09:44:37 +0000 (11:44 +0200)]
req_del and req_abandon are ASN1_APPLICATION_SIMPLE

Ok, ASN1_APPLICATION everywhere was too easy :-)

13 years agoFix after making tldap independent of ldap.h
Volker Lendecke [Sun, 7 Jun 2009 09:26:25 +0000 (11:26 +0200)]
Fix after making tldap independent of ldap.h

13 years agos3-groupdb: fix enum_aliasmem in ldb branch.
Günther Deschner [Sun, 7 Jun 2009 09:23:09 +0000 (11:23 +0200)]
s3-groupdb: fix enum_aliasmem in ldb branch.

It is totally valid to have an alias with no members.

Tridge, please check.

Found by RPC-SAMR torture test.

Guenther

13 years agos3-samr: fix return code of _samr_LookupRids when run with pdb_ldap.
Günther Deschner [Sun, 7 Jun 2009 00:02:26 +0000 (02:02 +0200)]
s3-samr: fix return code of _samr_LookupRids when run with pdb_ldap.

when _samr_LookupRids is called with no rids, it needs to return
NT_STATUS_NONE_MAPPED (not NT_STATUS_NO_MEMORY).

Found by RPC-SAMR torture test.

Guenther

13 years agos3-samr: SetGroupInfo level 1 should not return NT_STATUS_INVALID_INFO_CLASS.
Günther Deschner [Sun, 7 Jun 2009 00:01:13 +0000 (02:01 +0200)]
s3-samr: SetGroupInfo level 1 should not return NT_STATUS_INVALID_INFO_CLASS.

Found by RPC-SAMR torture test.

Guenther

13 years agomount.cifs: properly check for mount being in fstab when running setuid root (try#3)
Jeff Layton [Sat, 6 Jun 2009 23:46:24 +0000 (19:46 -0400)]
mount.cifs: properly check for mount being in fstab when running setuid root (try#3)

This is the third attempt to clean up the checks when a setuid
mount.cifs is run by an unprivileged user. The main difference in this
patch from the last one is that it fixes a bug where the mount might
have failed if unnecessarily if CIFS_LEGACY_SETUID_CHECK was set.

When mount.cifs is installed setuid root and run as an unprivileged
user, it does some checks to limit how the mount is used. It checks that
the mountpoint is owned by the user doing the mount.

These checks however do not match those that /bin/mount does when it is
called by an unprivileged user. When /bin/mount is called by an
unprivileged user to do a mount, it checks that the mount in question is
in /etc/fstab, that it has the "user" option set, etc.

This means that it's currently not possible to set up user mounts the
standard way (by the admin, in /etc/fstab) and simultaneously protect
from an unprivileged user calling mount.cifs directly to mount a share
on any directory that that user owns.

Fix this by making the checks in mount.cifs match those of /bin/mount
itself. This is a necessary step to make mount.cifs safe to be installed
as a setuid binary, but not sufficient. For that, we'd need to give
mount.cifs a proper security audit.

Since some users may be depending on the legacy behavior, this patch
also adds the ability to build mount.cifs with the older behavior.

Signed-off-by: Jeff Layton <jlayton@redhat.com>