Günther Deschner [Wed, 15 Mar 2006 12:23:09 +0000 (12:23 +0000)]
r14443: rework get_md4pw() to ease debugging. The only functional change is that
we now check wheter the sec_channel_type matches the trust account type.
Guenther
Gerald Carter [Wed, 15 Mar 2006 05:50:52 +0000 (05:50 +0000)]
r14432: Give in and grant BUILT\Administrators all privileges
James Peach [Wed, 15 Mar 2006 05:49:32 +0000 (05:49 +0000)]
r14428: Call fill_share_mode_entry with NO_OPLOCK instead of 0.
Gerald Carter [Wed, 15 Mar 2006 03:46:20 +0000 (03:46 +0000)]
r14421: This does two things
* Automatically creates the BUILTIN\Users group similar to
how BUILTIN\Administrators is done. This code does need to
be cleaned up considerably. I'll continue to work on this.
* The important fix is for getusergroups() when dealing with a
local user and nested groups. Now I can run the following
successfully:
$ su - jerry -c groups
users BUILTIN\users
Jeremy Allison [Wed, 15 Mar 2006 03:27:03 +0000 (03:27 +0000)]
r14418: Try and fix Coverity #39 and #40 by making the
implicit function contract explicit.
Jeremy.
Jeremy Allison [Wed, 15 Mar 2006 03:00:49 +0000 (03:00 +0000)]
r14416: Remove deadcode. Coverity #198.
Jeremy.
Jim McDonough [Wed, 15 Mar 2006 02:31:11 +0000 (02:31 +0000)]
r14408: More on fix for coverity #36. The previous fix would cause us to
marshall a buffer based on an unknown size. Zero out the sec_desc
buffer to prevent this. This is still not getting proper results for
a registry security descriptor (everything gets ACCESS DENIED), but
at least we aren't blowing out memory now...
Jeremy Allison [Wed, 15 Mar 2006 02:16:14 +0000 (02:16 +0000)]
r14406: Disable this call until we can sort out how this
should be done correctly. Fix coverity #37.
Jeremy.
Jeremy Allison [Wed, 15 Mar 2006 00:35:51 +0000 (00:35 +0000)]
r14405: Fix the build when nscd_flush_cache is detected
(variable definition was missing).
Jeremy.
Gerald Carter [Wed, 15 Mar 2006 00:10:38 +0000 (00:10 +0000)]
r14403: * modifies create_local_nt_token() to create a BUILTIN\Administrators
group IFF sid_to_gid(S-1-5-32-544) fails and 'winbind nested groups = yes'
* Add a SID domain to the group mapping enumeration passdb call
to fix the checks for local and builtin groups. The SID can be
NULL if you want the old semantics for internal maintenance.
I only updated the tdb group mapping code.
* remove any group mapping from the tdb that have a
gid of -1 for better consistency with pdb_ldap.c.
The fixes the problem with calling add_group_map() in
the tdb code for unmapped groups which might have had
a record present.
* Ensure that we distinguish between groups in the
BUILTIN and local machine domains via getgrnam()
Other wise BUILTIN\Administrators & SERVER\Administrators
would resolve to the same gid.
* Doesn't strip the global_sam_name() from groups in the
local machine's domain (this is required to work with
'winbind default domain' code)
Still todo.
* Fix fallback Administrators membership for root and domain Admins
if nested groups = no or winbindd is not running
* issues with "su - user -c 'groups'" command
* There are a few outstanding issues with BUILTIN\Users that
Windows apparently tends to assume. I worked around this
presently with a manual group mapping but I do not think
this is a good solution. So I'll probably add some similar
as I did for Administrators.
Jeremy Allison [Tue, 14 Mar 2006 21:01:30 +0000 (21:01 +0000)]
r14399: Fix deadcode coverity bug #3.
Jeremy.
Jeremy Allison [Tue, 14 Mar 2006 20:37:24 +0000 (20:37 +0000)]
r14397: Fix deadcode in coverity error #1.
Jeremy.
Jeremy Allison [Tue, 14 Mar 2006 20:32:27 +0000 (20:32 +0000)]
r14395: Fix coverity bug #55. Ensure no unsigned/signed comparisons.
Jeremy.
Jeremy Allison [Tue, 14 Mar 2006 20:07:36 +0000 (20:07 +0000)]
r14393: Fix a couple of AIX warnings.
Jeremy.
Günther Deschner [Tue, 14 Mar 2006 18:50:55 +0000 (18:50 +0000)]
r14392: Use KRB5_TGS_NAME.
Guenther
Jeremy Allison [Tue, 14 Mar 2006 17:21:30 +0000 (17:21 +0000)]
r14387: Try and fix the coverity issues (#53, #54) with negative
sink by ensuring all uses of rpcstr_push are consistent
with a size_t dest size arg.
Jeremy.
Simo Sorce [Tue, 14 Mar 2006 13:58:17 +0000 (13:58 +0000)]
r14377: Fix coverity #4 for 3_0 too
Günther Deschner [Tue, 14 Mar 2006 09:22:01 +0000 (09:22 +0000)]
r14368: Remove redundant set of logon flags (now in rpc_netlogon.h).
Guenther
Volker Lendecke [Tue, 14 Mar 2006 08:27:44 +0000 (08:27 +0000)]
r14367: Not that I fully understand what's going on here, but the code as it was here
was clearly buggy as Coverity showed with bug id #36.
According to samba4 idl the sec_desc_buf is [in,out,ref], so we _have_ to ship
it in the request.
Volker
Jeremy Allison [Tue, 14 Mar 2006 06:22:18 +0000 (06:22 +0000)]
r14365: As solaris nss includes includes.h, make sure we use
the correct malloc-macros.
Jeremy.
Jeremy Allison [Mon, 13 Mar 2006 23:58:58 +0000 (23:58 +0000)]
r14359: Try and fix Coverity #176 by making the pointer
aliasing clearer. This isn't a bug but a code
clarification.
Jeremy.
Jeremy Allison [Mon, 13 Mar 2006 23:56:02 +0000 (23:56 +0000)]
r14357: Try and fix Coverity #169 by making the pointer
aliasing clearer. This isn't a bug but a code
clarification.
Jeremy.
line, and those below, will be ignored--
M source/smbd/posix_acls.c
Jeremy Allison [Mon, 13 Mar 2006 23:48:13 +0000 (23:48 +0000)]
r14355: Try and fix Coverity #158 by making the pointer
aliasing clearer. This isn't a bug but a code
clarification.
Jeremy.
Jeremy Allison [Mon, 13 Mar 2006 23:07:14 +0000 (23:07 +0000)]
r14353: Fix coverity bugs #61 and #62. Remember to divide by
the size of the data table. Clean up the struct a little.
Jeremy.
Jeremy Allison [Mon, 13 Mar 2006 22:49:56 +0000 (22:49 +0000)]
r14351: Ensure we use the minimum of PATH_MAX and sizeof(pstring).
Fix Coverity #59.
Jeremy.
Jeremy Allison [Mon, 13 Mar 2006 21:11:15 +0000 (21:11 +0000)]
r14345: Fix Coverity #71. We don't currently propagate *any*
alloc error back up the stack from smbldap_set_mod()
so ensure we abort correctly.
Jeremy.
Jeremy Allison [Mon, 13 Mar 2006 19:47:18 +0000 (19:47 +0000)]
r14342: Fix coverity #68, resource leak on error path.
Jeremy.
Jeremy Allison [Mon, 13 Mar 2006 19:40:51 +0000 (19:40 +0000)]
r14340: Fix coverity #78, resource leak in error path.
Jeremy.
Jeremy Allison [Mon, 13 Mar 2006 18:59:31 +0000 (18:59 +0000)]
r14338: Fix coverity #55 by explicit cast.
Jeremy.
Jeremy Allison [Mon, 13 Mar 2006 18:56:26 +0000 (18:56 +0000)]
r14336: Try and quieten coverity #53 and #54. Make it obvious
we're using -1 as a special size_t case by casting.
Jeremy.
Jeremy Allison [Mon, 13 Mar 2006 18:42:57 +0000 (18:42 +0000)]
r14333: Fix coverity #77, ensure we can't exit after allocation.
Jeremy.
Lars Müller [Mon, 13 Mar 2006 17:45:04 +0000 (17:45 +0000)]
r14331: Add a comment on top of test_pam_modules about what we're testing.
Günther Deschner [Mon, 13 Mar 2006 17:26:52 +0000 (17:26 +0000)]
r14329: Fix the build on systems without libcom_err.
Guenther
Lars Müller [Mon, 13 Mar 2006 16:19:44 +0000 (16:19 +0000)]
r14326: First catch of make test_pam_modules.
Testing pam_smbpass pam_winbind
dlopen() of "./bin/pam_smbpass.so" succeeded.
dlopen() of "./bin/pam_winbind.so" failed: ././bin/pam_winbind.so:
undefined symbol: secrets_fetch_domain_sid
make: *** [test_pam_modules] Error 1
Lars Müller [Mon, 13 Mar 2006 16:10:26 +0000 (16:10 +0000)]
r14325: Add pam_modules rule which builds the configure(d) pam modules. This is
called as part of the all rule (again only if pam modules are requested
by configure).
Add pam_winbind rule.
Ensure proto_exists before we build the pam modules.
Add test_pam_modules rule to test if the built pam modules have any
unresolved symbols. For test_pam_modules we use script/tests/dlopen.sh
which was written by Nalin Dahyabhai <nalin@redhat.com>. Thanks Nalin!
RedHat and SuSE use this script to test nss and pam modules since
several years.
Günther Deschner [Mon, 13 Mar 2006 15:13:35 +0000 (15:13 +0000)]
r14321: When we have libnscd and winbindd comes (back) online, try to flush the
nscd caches so that NSS-calls can deliver accurate information.
Guenther
Lars Müller [Mon, 13 Mar 2006 14:22:43 +0000 (14:22 +0000)]
r14317: Use source/bin as dir to link pam_winbind instead of source/nsswitch/
The intention is to have the resulting binaries at one place. This is
also usefull for upcoming changes to provide a test_pammodules rule.
With these changes I even got aware of
testsuite/nsswitch/pam_winbind_syms.exp But this only covers
pam_winbind.
Jeremy Allison [Mon, 13 Mar 2006 06:52:03 +0000 (06:52 +0000)]
r14303: Fix coverity #223. In a loop we were forgetting to free
resources on error exit path.
Jeremy.
Jeremy Allison [Mon, 13 Mar 2006 06:50:33 +0000 (06:50 +0000)]
r14301: Fix coverity #224. In a loop we were forgetting to free
resources on error exit path.
Jeremy.
Jeremy Allison [Mon, 13 Mar 2006 06:48:41 +0000 (06:48 +0000)]
r14299: Fix coverity #225. In a loop we were forgetting to free
resources on error exit path.
Jeremy.
Volker Lendecke [Mon, 13 Mar 2006 06:44:10 +0000 (06:44 +0000)]
r14298: The other half of Coverity # 217
Jeremy Allison [Mon, 13 Mar 2006 04:27:53 +0000 (04:27 +0000)]
r14292: Janitor for tridge (samba3 talloc is almost identical
to Samba4 talloc).
Jeremy
- make the snprintf call in talloc portable to older solaris boxes
- fixed an error found sing the beam analyser
Jeremy Allison [Mon, 13 Mar 2006 04:05:47 +0000 (04:05 +0000)]
r14289: Fix coverity #101, resource leak on error code path.
Jeremy.
Jeremy Allison [Mon, 13 Mar 2006 03:59:53 +0000 (03:59 +0000)]
r14286: Similar clarifiction fix for coverity #102.
Jeremy.
Jeremy Allison [Mon, 13 Mar 2006 03:56:24 +0000 (03:56 +0000)]
r14284: Fix coverity bug #103. Make code clearer - probably
not a real issue but this code is easier to read.
Jeremy.
Jeremy Allison [Mon, 13 Mar 2006 03:50:26 +0000 (03:50 +0000)]
r14282: Change centry_string to only use talloc. Should
quieten coverity bug #194 (which I think is a
false positive).
Jeremy.
Jim McDonough [Mon, 13 Mar 2006 01:49:01 +0000 (01:49 +0000)]
r14280: Fix Coverity #129 and 130: check before dereferencing a pointer. This
was especially silly as we checked immediately _after_ dereferencing it
:-/
Jim McDonough [Mon, 13 Mar 2006 01:42:40 +0000 (01:42 +0000)]
r14279: Fix coverity #86, 87, 88, 89:
Free grp_sid and owner_sid before returning. Also, only allow one group
or owner.
Jim McDonough [Mon, 13 Mar 2006 01:32:30 +0000 (01:32 +0000)]
r14278: Remainder of fix for Coverity #79,80,81: only allow GROUP or OWNER to be
specified once in an ACL, so it can be allocated a second time,
overwriting the first
Jeremy Allison [Mon, 13 Mar 2006 01:08:27 +0000 (01:08 +0000)]
r14275: Shut-up coverity false positive (bug #199) by making an assertion
explicit.
Jeremy.
Jeremy Allison [Mon, 13 Mar 2006 00:37:57 +0000 (00:37 +0000)]
r14273: Fix coverity bug #202. Memory leak on error path.
Jeremy.
Jim McDonough [Mon, 13 Mar 2006 00:35:33 +0000 (00:35 +0000)]
r14272: Fix Coverity # 81: free alloc'ed storage before returning
Jeremy Allison [Mon, 13 Mar 2006 00:30:18 +0000 (00:30 +0000)]
r14270: Fix coverity #203. Ensure we free on error exit.
Jeremy.
Jeremy Allison [Mon, 13 Mar 2006 00:26:38 +0000 (00:26 +0000)]
r14268: Fix coverity error #204. Resource leak on error path.
Jeremy.
Jeremy Allison [Mon, 13 Mar 2006 00:25:04 +0000 (00:25 +0000)]
r14266: Fix coverity #205. Resource leak on error path.
Jeremy.
Jeremy Allison [Mon, 13 Mar 2006 00:23:17 +0000 (00:23 +0000)]
r14264: Fix coverity #207. Resource leak on error path.
Jeremy.
Jeremy Allison [Mon, 13 Mar 2006 00:08:39 +0000 (00:08 +0000)]
r14261: Fix coverity #38. No null deref.
Jeremy.
Jeremy Allison [Mon, 13 Mar 2006 00:05:47 +0000 (00:05 +0000)]
r14259: Fix coverity #42. Ensure contact_domain can't be null derefed
in error code path.
Jeremy.
James Peach [Sun, 12 Mar 2006 22:27:01 +0000 (22:27 +0000)]
r14255: Revert r14204 which was horribly broken.
Jim McDonough [Sun, 12 Mar 2006 19:56:10 +0000 (19:56 +0000)]
r14252: Fix Coverity #72: free alloc'ed storage before return. Also found one
more that coverity didn't find from asprintf.
Jeremy Allison [Sun, 12 Mar 2006 19:16:45 +0000 (19:16 +0000)]
r14250: Fix coverity bug #107. Resource leak on error path.
Jeremy.
Volker Lendecke [Sun, 12 Mar 2006 18:01:36 +0000 (18:01 +0000)]
r14249: We've dereferenced the_acl before, no point in checking.
Fix Coverity bug # 128.
Volker
Volker Lendecke [Sun, 12 Mar 2006 17:57:05 +0000 (17:57 +0000)]
r14248: Fix Coverity bug # 84
Volker Lendecke [Sun, 12 Mar 2006 17:53:57 +0000 (17:53 +0000)]
r14247: Fix Coverity bug # 136
Volker Lendecke [Sun, 12 Mar 2006 17:48:51 +0000 (17:48 +0000)]
r14246: Fix Coverity bug # 85
Volker Lendecke [Sun, 12 Mar 2006 17:44:00 +0000 (17:44 +0000)]
r14245: We've dereferenced argv before, no point in checking.
Fix Coverity bug # 144.
Volker
Volker Lendecke [Sun, 12 Mar 2006 17:29:42 +0000 (17:29 +0000)]
r14244: Okay, had not seen that this happened twice.
Fix Coverity bug # 142.
Volker
Volker Lendecke [Sun, 12 Mar 2006 17:26:56 +0000 (17:26 +0000)]
r14243: Fix Coverity bug # 143
Volker Lendecke [Sun, 12 Mar 2006 17:24:10 +0000 (17:24 +0000)]
r14242: Fix Coverity bug # 82
Volker Lendecke [Sun, 12 Mar 2006 17:18:26 +0000 (17:18 +0000)]
r14241: Fix Coverity bug # 146
Volker Lendecke [Sun, 12 Mar 2006 11:00:06 +0000 (11:00 +0000)]
r14236: Fix Coverity bug # 90
Volker Lendecke [Sun, 12 Mar 2006 10:57:42 +0000 (10:57 +0000)]
r14235: Fix Coverity bug # 91
Volker Lendecke [Sun, 12 Mar 2006 10:52:56 +0000 (10:52 +0000)]
r14234: Fix Coverity bug # 93
Volker Lendecke [Sun, 12 Mar 2006 10:47:02 +0000 (10:47 +0000)]
r14233: Fix Coverity bug # 206
Volker Lendecke [Sun, 12 Mar 2006 10:44:19 +0000 (10:44 +0000)]
r14232: Fix Coverity Bug # 218
Jeremy Allison [Sun, 12 Mar 2006 04:18:43 +0000 (04:18 +0000)]
r14229: Something Coverity hasn't caught (yet) but I've gotten
sensitive to null derefs. get_timed_events_timeout()
can potentially return NULL. Cope with this.
Jeremy.
Volker Lendecke [Sun, 12 Mar 2006 00:08:12 +0000 (00:08 +0000)]
r14228: Fix Coverity bug # 217
Volker Lendecke [Sun, 12 Mar 2006 00:03:00 +0000 (00:03 +0000)]
r14226: Fix Coverity bug # 109
Volker Lendecke [Sat, 11 Mar 2006 23:58:18 +0000 (23:58 +0000)]
r14225: Fix Coverity Bug # 67
Volker Lendecke [Sat, 11 Mar 2006 23:52:09 +0000 (23:52 +0000)]
r14224: Fix Coverity bug # 6
Jeremy Allison [Sat, 11 Mar 2006 23:14:42 +0000 (23:14 +0000)]
r14221: Fix coverity #76. My previous change wasn't quite enough :-).
Jeremy.
Jeremy Allison [Sat, 11 Mar 2006 23:11:24 +0000 (23:11 +0000)]
r14219: Fix coverity #135. Don't deref a ptr if it can be NULL.
Jeremy.
Volker Lendecke [Sat, 11 Mar 2006 23:10:31 +0000 (23:10 +0000)]
r14218: Fix Coverity Bug # 2
Volker Lendecke [Sat, 11 Mar 2006 23:07:22 +0000 (23:07 +0000)]
r14217: Fix Coverity Bug # 7
Volker Lendecke [Sat, 11 Mar 2006 23:02:46 +0000 (23:02 +0000)]
r14216: Fix Coverity bug # 8
Volker Lendecke [Sat, 11 Mar 2006 22:21:27 +0000 (22:21 +0000)]
r14214: Fix Coverity Bug # 57
Jeremy Allison [Sat, 11 Mar 2006 20:23:50 +0000 (20:23 +0000)]
r14212: Definately fixes a coverity issue but I've lost track
of the coverity id.... Oh well - definately needs a fix.
Jeremy.
James Peach [Sat, 11 Mar 2006 10:59:03 +0000 (10:59 +0000)]
r14207: Convert the lp_acl_compatibility() param into an enum.
James Peach [Sat, 11 Mar 2006 10:23:02 +0000 (10:23 +0000)]
r14204: Remove the basically unused P_GSTRING and P_UGSTRING
parameter types.
Jeremy Allison [Sat, 11 Mar 2006 02:48:20 +0000 (02:48 +0000)]
r14196: Move to using talloc, not malloc for all policy handles.
Jeremy
Jeremy Allison [Sat, 11 Mar 2006 02:43:25 +0000 (02:43 +0000)]
r14194: Coverity bug #35. Fix uninitialized pipe_hnd.
Jeremy.
Jeremy Allison [Sat, 11 Mar 2006 02:29:23 +0000 (02:29 +0000)]
r14192: Don't forget to correctly initialize pipe_hnd.
Coverity fix #34.
Jeremy.
Jeremy Allison [Sat, 11 Mar 2006 02:20:58 +0000 (02:20 +0000)]
r14190: Coverity bug #33. Missing initialization of pipe_hnd.
Jeremy.
Jeremy Allison [Sat, 11 Mar 2006 02:17:00 +0000 (02:17 +0000)]
r14188: Coverity fix #32. Don't deref null.
Jeremy.
Jeremy Allison [Sat, 11 Mar 2006 02:14:49 +0000 (02:14 +0000)]
r14186: Coverity fix #31. Don't deref null.
Jeremy.
Jeremy Allison [Sat, 11 Mar 2006 02:12:25 +0000 (02:12 +0000)]
r14184: Coverity fix #56. Ensure we can't deref null.
Jeremy.
Jeremy Allison [Sat, 11 Mar 2006 02:09:18 +0000 (02:09 +0000)]
r14182: Ensure we know that dom_sid cannot be null.
Jeremy.
Jeremy Allison [Fri, 10 Mar 2006 23:52:37 +0000 (23:52 +0000)]
r14178: Clarify code for Coverity #49. Ensure we know we
can't have an uninitialized *returned val.
Jeremy.
Jeremy Allison [Fri, 10 Mar 2006 23:22:38 +0000 (23:22 +0000)]
r14176: Fix coverity bug #30. Ensure no possible null deref.
Jeremy.
Jeremy Allison [Fri, 10 Mar 2006 18:32:18 +0000 (18:32 +0000)]
r14170: Paranioa fix for sesssetup.
Fix Coverity bug #26. Guard against NULL ref.
Jeremy.