Wilco Baan Hofman [Sun, 15 Mar 2009 03:40:12 +0000 (04:40 +0100)]
Make the gpo files build for samba 4.
Only gpt.ini remaining. Not suitable for merge yet, samba 3 is currently broken due to some changed public API.
Signed-off-by: Günther Deschner <gd@samba.org>
Wilco Baan Hofman [Sun, 1 Mar 2009 18:49:42 +0000 (19:49 +0100)]
Mark the places where work needs to be done.
Signed-off-by: Günther Deschner <gd@samba.org>
Wilco Baan Hofman [Sun, 1 Mar 2009 17:44:58 +0000 (18:44 +0100)]
Add nt_token_check_sid convenience function. Map NT_USER_TOKEN to struct security_token. Fix build errors.
Signed-off-by: Günther Deschner <gd@samba.org>
Wilco Baan Hofman [Sun, 1 Mar 2009 15:53:07 +0000 (16:53 +0100)]
Add ../libgpo to samba4 srcdir list in rules.mk.
Signed-off-by: Günther Deschner <gd@samba.org>
Wilco Baan Hofman [Sun, 1 Mar 2009 15:25:57 +0000 (16:25 +0100)]
Make gpo_ldap.c compatible with samba 4. Add ads_get_ldap_server_name() function to samba 3. Move prototypes to root libgpo where appropriate.
gpo_ldap.c now compiles for both samba 3 and 4.
Signed-off-by: Günther Deschner <gd@samba.org>
Wilco Baan Hofman [Sun, 1 Mar 2009 13:06:36 +0000 (14:06 +0100)]
Add ads convenience functions to samba 4. Move gpo_ldap.c to root libgpo.
Signed-off-by: Günther Deschner <gd@samba.org>
Jelmer Vernooij [Sun, 1 Mar 2009 01:53:42 +0000 (02:53 +0100)]
Move gpo_fetch to top-level.
Signed-off-by: Günther Deschner <gd@samba.org>
Jelmer Vernooij [Sun, 1 Mar 2009 01:44:51 +0000 (02:44 +0100)]
Move gpo_sec to top-level.
Signed-off-by: Günther Deschner <gd@samba.org>
Jelmer Vernooij [Sun, 1 Mar 2009 01:13:21 +0000 (02:13 +0100)]
Move some libgpo files to root.
Signed-off-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Fri, 17 Apr 2009 11:05:04 +0000 (13:05 +0200)]
pidl:Samba4/client: fix dcerpc_ndr_request_send() callers
For samba4 you need one of this:
samba/source4# make full_idl
samba/source4# make clean
samba# git clean -x -f
metze
Stefan Metzmacher [Fri, 17 Apr 2009 09:48:31 +0000 (11:48 +0200)]
s4:librpc/rpc: pass async as argument to dcerpc_ndr_request_send()
The caller should decide if async is desired it should be harcoded per call.
metze
Stefan Metzmacher [Fri, 17 Apr 2009 11:04:18 +0000 (13:04 +0200)]
pidl:Samba4/client: use dcerpc_ndr_request() for sync requests
metze
Stefan Metzmacher [Fri, 17 Apr 2009 09:46:57 +0000 (11:46 +0200)]
s4:librpc/rpc: remove async argument from the sync dcerpc_request() function
metze
Stefan Metzmacher [Fri, 17 Apr 2009 09:40:40 +0000 (11:40 +0200)]
s4:librpc/rpc: only use smb_trans for sync rpc calls
Over named pipes we can only do one smb_trans at a time,
otherwise we're getting NT_STATUS_PIPE_BUSY.
Async rpc calls need to use smb_read/write only.
metze
Stefan Metzmacher [Fri, 17 Apr 2009 17:57:15 +0000 (19:57 +0200)]
s4:torture/rpc: use dcerpc_ndr_request() for the object_uuid test
As we want sync calls...
metze
Stefan Metzmacher [Fri, 17 Apr 2009 17:57:39 +0000 (19:57 +0200)]
s4:librpc/rpc: ask for 0x2000 bytes in the ioctl case to match all othercases
metze
Jeremy Allison [Mon, 20 Apr 2009 16:06:21 +0000 (09:06 -0700)]
Stop autogenerated files from being created.
Jeremy.
Jeremy Allison [Mon, 20 Apr 2009 15:48:07 +0000 (08:48 -0700)]
Add previously generated header files now needed in merged build.
Jeremy.
Andrew Bartlett [Mon, 20 Apr 2009 15:19:45 +0000 (17:19 +0200)]
Merge branch 'master' of ssh://git.samba.org/data/git/samba into libcli-auth-merge-without-netlogond
John H Terpstra [Mon, 20 Apr 2009 15:10:20 +0000 (10:10 -0500)]
Added ability to revert to old modules for make revert.
Andrew Bartlett [Mon, 20 Apr 2009 15:04:33 +0000 (17:04 +0200)]
Fix to use modified cli_rpc_pipe_open_schannel_with_key API
Andrew Bartlett [Mon, 20 Apr 2009 14:53:02 +0000 (16:53 +0200)]
Merge commit 'origin/master' into libcli-auth-merge-without-netlogond
Volker Lendecke [Mon, 20 Apr 2009 14:50:14 +0000 (16:50 +0200)]
Do not vasprint stuff where not necessary
Andrew Bartlett [Mon, 20 Apr 2009 14:50:49 +0000 (16:50 +0200)]
Remove use of talloc_reference in cli_rpc_pipe_open_schannel_with_key()
Jelmer Vernooij [Mon, 20 Apr 2009 14:22:44 +0000 (16:22 +0200)]
Move syslog check out of m4 library file into configure.in
Jelmer Vernooij [Mon, 20 Apr 2009 13:54:02 +0000 (15:54 +0200)]
Error out at runtime when seteuid/setresuid or setegid/setresgid are not
available. This means it's possible to compile libreplace when these
functions are not available and use it, as long as this particular
function is not used.
Jelmer Vernooij [Mon, 20 Apr 2009 13:47:19 +0000 (15:47 +0200)]
Only define waitpid replacement if wait4 is available. (It isn't on
Windows.)
Jelmer Vernooij [Mon, 20 Apr 2009 13:39:48 +0000 (15:39 +0200)]
Cope with the fact that only _mkdir() exists on Windows and that it
doesn't take a mode argument.
Jelmer Vernooij [Mon, 20 Apr 2009 13:21:39 +0000 (15:21 +0200)]
Move check for syslog out of libreplace to source3/ and source4/.
This should help compiling talloc on Windows.
Volker Lendecke [Fri, 17 Apr 2009 13:08:40 +0000 (15:08 +0200)]
Reproduce a bug with a custom GET_REAL_FILENAME
Stefan Metzmacher [Mon, 20 Apr 2009 13:05:34 +0000 (15:05 +0200)]
s4:selftest: ignore smb2.lease test for now
metze
Jelmer Vernooij [Mon, 20 Apr 2009 13:10:17 +0000 (15:10 +0200)]
Add a unit test for security_descriptor.as_sddl() without arguments.
Jelmer Vernooij [Mon, 20 Apr 2009 13:03:21 +0000 (15:03 +0200)]
Make domain sid argument to as_sddl() optional.
Volker Lendecke [Wed, 15 Apr 2009 11:01:09 +0000 (13:01 +0200)]
Do not use the file system GET_REAL_FILENAME for mangled names
Andrew Bartlett [Mon, 20 Apr 2009 11:55:04 +0000 (13:55 +0200)]
libcli/auth Ensure we cancel the transaction when schannel not detected
(found by jra on code review)
Andrew Bartlett
Jeremy Allison [Mon, 20 Apr 2009 11:25:26 +0000 (04:25 -0700)]
Ensure we have all the definitions needed in both threaded and non-threaded versions.
Jeremy.
Jeremy Allison [Mon, 20 Apr 2009 11:05:12 +0000 (04:05 -0700)]
Fix warning in use of talloc_set_name.
Jeremy.
Jeremy Allison [Mon, 20 Apr 2009 11:00:06 +0000 (04:00 -0700)]
Attempt to fix build farm on platforms where pthread_once_t is a struct.
Jeremy.
Jeremy Allison [Mon, 20 Apr 2009 10:04:42 +0000 (03:04 -0700)]
Fix the pthread_once initialization issue. Make talloc_stackframe use
this.
Jeremy.
Andrew Bartlett [Mon, 20 Apr 2009 09:55:49 +0000 (11:55 +0200)]
s3:ntlmssp Remove use of talloc(NULL) in NTLMSSP code
Jelmer Vernooij [Mon, 20 Apr 2009 09:11:25 +0000 (11:11 +0200)]
Fix the valid NetBIOS name tests.
Andrew Bartlett [Mon, 20 Apr 2009 08:54:57 +0000 (10:54 +0200)]
libcli/auth: Don't pass back lm_sess_key as the same pointer as user_sess_key
This ensures that a talloc_free() of both pointers won't double-free
(sharing pointers like this is evil anyway).
Andrew Bartlett
Volker Lendecke [Sun, 19 Apr 2009 20:58:09 +0000 (22:58 +0200)]
Convert the domain handles to type-safe policy handles
Günther Deschner [Fri, 17 Apr 2009 22:58:12 +0000 (00:58 +0200)]
s3-printing: use ARRAY_SIZE() macro in forms functions.
Guenther
Günther Deschner [Sun, 19 Apr 2009 22:57:53 +0000 (00:57 +0200)]
s3-printing: use sec_initial_uid() instead "0" in print_access_check().
Another babystep in order to make us pass RPC-SPOOLSS.
Guenther
Günther Deschner [Mon, 13 Apr 2009 21:56:59 +0000 (23:56 +0200)]
s4-smbtorture: test all levels in test_GetJob().
Guenther
Volker Lendecke [Sun, 19 Apr 2009 20:01:16 +0000 (22:01 +0200)]
Make force_flush_samr_cache use a dom_sid to find what to flush
Andrew Bartlett [Sun, 19 Apr 2009 19:50:46 +0000 (21:50 +0200)]
Remove unused headers
Andrew Bartlett [Sun, 19 Apr 2009 19:50:13 +0000 (21:50 +0200)]
s3:auth Fix segfault: Always initialise returned session keys
Andrew Bartlett [Sun, 19 Apr 2009 19:19:48 +0000 (05:19 +1000)]
s3:ntlmssp Fix segfault: msrpc_gen now uses talloc()
Volker Lendecke [Sat, 18 Apr 2009 20:23:02 +0000 (22:23 +0200)]
Remove flag "builtin_domain" from disp_info
Volker Lendecke [Sat, 18 Apr 2009 14:58:24 +0000 (16:58 +0200)]
Remove flag "builtin_domain" from samr_info
Volker Lendecke [Sat, 18 Apr 2009 14:54:13 +0000 (16:54 +0200)]
Make get_samr_info_by_sid use recent coding conventions
Volker Lendecke [Sat, 18 Apr 2009 14:46:53 +0000 (16:46 +0200)]
Add "uint32_t access_granted" to policy handles
All policy handles have a mask of allowed operations attached that were
calculated at creation time, so they should carry this mask. This is the basis
for consolidating all our policy handle access checks.
If you want to do your own more complicated access checks further down, just
pass "0" to policy_handle_find.
Volker Lendecke [Sat, 18 Apr 2009 14:10:57 +0000 (16:10 +0200)]
Make "struct policy" private to srv_lsa_hnd.c
Volker Lendecke [Sat, 18 Apr 2009 11:38:22 +0000 (13:38 +0200)]
Convert the samr connect_handles to type-safe calls
Volker Lendecke [Sat, 18 Apr 2009 11:31:20 +0000 (13:31 +0200)]
Add type-safe policy_handle_create/find
Volker Lendecke [Sat, 18 Apr 2009 11:30:38 +0000 (13:30 +0200)]
Add some const
Günther Deschner [Fri, 17 Apr 2009 21:18:24 +0000 (23:18 +0200)]
s3-spoolss: remove some direct checks for 0 uid in AddForm,SetForm,DelForm.
Also add some become_root()/unbecome_root() pairs which were missing IMHO.
Guenther
Stefan Metzmacher [Fri, 3 Apr 2009 10:21:17 +0000 (12:21 +0200)]
s3:docs: document the --request-timeout option of net
metze
Stefan Metzmacher [Thu, 26 Mar 2009 19:32:55 +0000 (20:32 +0100)]
s3:net: add --request-timeout option
metze
Stefan Metzmacher [Thu, 26 Mar 2009 19:29:24 +0000 (20:29 +0100)]
s3:net_rpc: don't shutdown a cli_state passed from the caller
This fixes a crash bug if we timeout in net rpc trustdom list.
metze
Günther Deschner [Mon, 13 Apr 2009 22:01:21 +0000 (00:01 +0200)]
s3-selftest: enable RPC-SPOOLSS.
Guenther
Günther Deschner [Fri, 17 Apr 2009 15:21:19 +0000 (17:21 +0200)]
s4-smbtorture: Skip Job pause and resume on paused printers for Samba 3 for now.
Guenther
Günther Deschner [Mon, 13 Apr 2009 22:01:03 +0000 (00:01 +0200)]
s3-spoolss: add support for _spoolss_EnumPrinterDrivers() level 6.
Guenther
Günther Deschner [Mon, 13 Apr 2009 22:00:37 +0000 (00:00 +0200)]
s3-spoolss: add support for _spoolss_EnumPrinterDrivers() level 5.
Guenther
Günther Deschner [Mon, 13 Apr 2009 21:58:59 +0000 (23:58 +0200)]
s3-spoolss: add support for _spoolss_EnumPrinterDrivers() level 4.
Guenther
Günther Deschner [Fri, 17 Apr 2009 15:19:38 +0000 (17:19 +0200)]
s4-smbtorture: rework test_EnumPrinterDrivers() a little to succeed with s3.
Yes, I feel dirty for this but promise to come back and fix appropriately.
Guenther
Günther Deschner [Fri, 17 Apr 2009 15:14:20 +0000 (17:14 +0200)]
s4-smbtorture: Fix RPC-SPOOLSS-WIN for printers with a lot of jobs in the queue.
Guenther
Michael Adam [Fri, 17 Apr 2009 13:53:38 +0000 (15:53 +0200)]
s3: make installmo and uninstallmo scripts executable
Michael
Michael Adam [Fri, 17 Apr 2009 13:29:10 +0000 (15:29 +0200)]
s3: Fix uninstallmo
Michael
Günther Deschner [Fri, 17 Apr 2009 13:13:33 +0000 (15:13 +0200)]
s3-selftest: samba 3 also passes RPC-JOIN so enable it.
Guenther
Michael Adam [Fri, 17 Apr 2009 09:40:17 +0000 (11:40 +0200)]
s3:registry: Prevent creation of keys containing the '/' character.
This creates a broken registry that can only be fixed with
tdbtool, since the '/' sign is used as a key separator after
normalization at a lower level.
This makes e.g. "net conf setparm abc/def comment xyz" fail with
WERR_INVALID_PARAM, which is much more desirable than a broken
registry.tdb.
Michael
Günther Deschner [Fri, 17 Apr 2009 09:21:20 +0000 (11:21 +0200)]
s3-samr: set the builtin_domain bool flag in get_samr_dispinfo_by_sid().
Volker, please check.
Found by torture test RPC-SAMR-PASSWORDS-PWDLASTSET (which we pass with
this fix).
Guenther
Günther Deschner [Fri, 17 Apr 2009 09:14:14 +0000 (11:14 +0200)]
s3-selftest: enable RPC-SAMR-PASSWORDS-PWDLASTSET whilte testing Samba3.
Guenther
Günther Deschner [Fri, 17 Apr 2009 09:04:44 +0000 (11:04 +0200)]
s4-smbtorture: disable CreateUser2 tests when running RPC-SAMR-PASSWORDS-PWDLAST
against Samba3.
Samba 3 does not (yet) get all the ACB_flag settings right upon creation.
Guenther
Jim McDonough [Fri, 17 Apr 2009 07:28:01 +0000 (09:28 +0200)]
Merge branch 'master' of /home/jmcd/samba/git.samba.org/samba-master into mymaster
Günther Deschner [Thu, 16 Apr 2009 23:30:54 +0000 (01:30 +0200)]
s3-docs: fix typo in smb.conf.5.
Guenther
Günther Deschner [Thu, 16 Apr 2009 23:30:16 +0000 (01:30 +0200)]
s3-selftest: enable RPC-LSA-LOOKUPSIDS against samba 3.
Guenther
Günther Deschner [Thu, 16 Apr 2009 23:28:41 +0000 (01:28 +0200)]
s4-smbtorture: add LSA-LOOKUPSIDS to verify bug #6263.
Guenther
Günther Deschner [Thu, 16 Apr 2009 23:26:40 +0000 (01:26 +0200)]
s4-smbtorture: Fix crash in RPC-LSA-LOOKUP
Guenther
Günther Deschner [Thu, 16 Apr 2009 11:03:35 +0000 (13:03 +0200)]
s3-docs: document warn_pwd_expire pam_winbind option in manpage.
Andreas, please check.
Guenther
Jeremy Allison [Thu, 16 Apr 2009 23:21:31 +0000 (16:21 -0700)]
Add torture tester to ensure we don't regress the ulogoff bug.
Jeremy.
Jeremy Allison [Thu, 16 Apr 2009 23:19:10 +0000 (16:19 -0700)]
Fix bug found by Tim Prouty, logging off and then re-using a vuid can cause smbd to
access a freed structure.
Jeremy.
Jeremy Allison [Thu, 16 Apr 2009 22:15:10 +0000 (15:15 -0700)]
When doing a cli_ulogoff don't invalidate the cnum, invalidate the vuid.
Jeremy.
Jeremy Allison [Thu, 16 Apr 2009 19:09:16 +0000 (12:09 -0700)]
Fix IDL licensing file that got missed when IDL files were moved.
Jeremy.
Jim McDonough [Thu, 16 Apr 2009 15:14:29 +0000 (17:14 +0200)]
Don't look up local user for remote changes, even when root.
Volker Lendecke [Tue, 14 Apr 2009 18:39:14 +0000 (20:39 +0200)]
Add notify_onelevel.tdb
This optimizes non-recursive notifys. For non-recursive notifies we can use a
per-directory file-id indexed notify record. This matters for the Windows
Explorer and IIS cases which do not use recursive notifies. In these cases, we
do not have to shuffle around the whole notify record on every change.
For the cluster case, this improves correctness of the notifies, ctdb only
distributes the tdb seqnum once a second, so we can lose notifies.
Volker Lendecke [Tue, 14 Apr 2009 12:56:35 +0000 (14:56 +0200)]
Rename notify_context->db to db_recursive
Martin Schwenke [Thu, 16 Apr 2009 00:25:29 +0000 (10:25 +1000)]
In net_conf_import, start a transaction when importing a single share.
Commit
d69c3db9d44ad5d9fd1f5d7a9499f3bd79ecfb47 caused the transaction
start to be conditional but the commit is still unconditional, so an
error occurs when importing a single share.
An alternate fix would be to return the transaction start to be
unconditional but then it would occur before other error checking.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Signed-off-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Thu, 16 Apr 2009 05:51:01 +0000 (07:51 +0200)]
tsocket: fix the build without ipv6 support
metze
Andrew Bartlett [Thu, 16 Apr 2009 04:08:00 +0000 (14:08 +1000)]
Fix crash bug in NTLMSSP caused by msrpc_parse() moving to talloc
Andrew Bartlett [Thu, 16 Apr 2009 02:06:35 +0000 (12:06 +1000)]
Use an absolute path to ensure that we can always regenerate tables.c
I had trouble building Samba3 in a merged build, perhaps because I was
also building Samba4 in that tree.
Andrew Bartlett
Andrew Bartlett [Thu, 16 Apr 2009 00:17:57 +0000 (10:17 +1000)]
Fix building the now common msrpc_parse code
Andrew Bartlett [Thu, 16 Apr 2009 00:17:34 +0000 (10:17 +1000)]
Fix building the common libcli/samsync code
Andrew Bartlett [Thu, 16 Apr 2009 00:17:17 +0000 (10:17 +1000)]
Fix Samba4 build errors with common libcli/samsync
Günther Deschner [Wed, 15 Apr 2009 23:42:35 +0000 (01:42 +0200)]
s3-lsa: Fix Bug #6263. Unexpected LookupSids reply crashes XP pre-SP3.
LookupSids needs to bounce back string sids in case of NT_STATUS_NONE_MAPPED.
Guenther
(cherry picked from commit
1c9266c8caa59e287b993393b6050732a0b33547)
Jeremy Allison [Wed, 15 Apr 2009 22:40:00 +0000 (15:40 -0700)]
Fix bug #6089 - Winbind samr_OpenDomain not possible with Samba 3.2.6+
What a difference a name makes... :-). Just because something is missnamed
SAMR_ACCESS_OPEN_DOMAIN, when it should actually be SAMR_ACCESS_LOOKUP_DOMAIN,
don't automatically use it for a security check in _samr_OpenDomain().
Jeremy.
Günther Deschner [Wed, 15 Apr 2009 20:47:15 +0000 (22:47 +0200)]
s4-smbtorture: Fix crash bugs in RPC-SAMR_ACCESSMASK.
Also disable security descriptor based tests while testing samba3.
Guenther
Günther Deschner [Wed, 15 Apr 2009 15:07:48 +0000 (17:07 +0200)]
s3-examples: make sure to match correct key name in adssearch.
Guenther