Merge branch 'v4-0-stable' into newmaster
authorJelmer Vernooij <jelmer@samba.org>
Mon, 20 Sep 2010 22:24:44 +0000 (15:24 -0700)
committerJelmer Vernooij <jelmer@samba.org>
Mon, 20 Sep 2010 22:24:44 +0000 (15:24 -0700)
170 files changed:
buildtools/wafsamba/samba_version.py
lib/tdb/pytdb.c
lib/tdb/python/tests/simple.py
lib/testtools/NEWS
lib/testtools/testtools/matchers.py
lib/testtools/testtools/testcase.py
lib/testtools/testtools/tests/test_testtools.py
lib/util/charset/charset.h
lib/util/util.c
lib/util/util.h
libcli/ldap/ldap_ndr.c
libcli/ldap/ldap_ndr.h
libcli/security/dom_sid.c
libcli/security/dom_sid.h
libcli/util/werror.h
librpc/idl/drsuapi.idl
librpc/idl/netlogon.idl
librpc/idl/wscript_build
source3/Makefile.in
source3/auth/auth_util.c
source3/auth/server_info.c
source3/auth/token_util.c
source3/build/dynconfig.py
source3/build/wscript
source3/client/client.c
source3/groupdb/mapping_tdb.c
source3/include/includes.h
source3/include/proto.h
source3/include/registry.h
source3/include/smb_macros.h
source3/include/smbldap.h
source3/lib/ctdbd_conn.c
source3/lib/fault.c
source3/lib/g_lock.c
source3/lib/netapi/examples/netlogon/nltest.c
source3/lib/netapi/group.c
source3/lib/netapi/localgroup.c
source3/lib/netapi/netlogon.c
source3/lib/netapi/user.c
source3/lib/secdesc.c
source3/lib/smbconf/smbconf_reg.c
source3/lib/util.c
source3/lib/util_nttoken.c
source3/lib/util_sid.c
source3/lib/util_sock.c
source3/libads/ldap.c
source3/libgpo/gpo_reg.c
source3/libnet/libnet_join.c
source3/libnet/libnet_samsync.c
source3/libnet/libnet_samsync_ldif.c
source3/libnet/libnet_samsync_passdb.c
source3/librpc/idl/libnetapi.idl
source3/libsmb/async_smb.c
source3/libsmb/cliconnect.c
source3/libsmb/clientgen.c
source3/libsmb/clifile.c
source3/libsmb/clifsinfo.c
source3/libsmb/clilist.c
source3/libsmb/climessage.c
source3/libsmb/clioplock.c
source3/libsmb/clirap.c
source3/libsmb/clireadwrite.c
source3/libsmb/clitrans.c
source3/libsmb/libsmb_xattr.c
source3/libsmb/namequery.c
source3/modules/vfs_afsacl.c
source3/modules/vfs_scannedonly.c
source3/nmbd/nmbd.h
source3/param/loadparm.c
source3/passdb/lookup_sid.c
source3/passdb/machine_sid.c
source3/passdb/pdb_get_set.c
source3/passdb/pdb_interface.c
source3/passdb/pdb_ldap.c
source3/passdb/pdb_smbpasswd.c
source3/passdb/util_builtin.c
source3/passdb/util_unixsids.c
source3/passdb/util_wellknown.c
source3/registry/reg_api.c
source3/registry/reg_api_regf.c [new file with mode: 0644]
source3/registry/reg_api_util.c [new file with mode: 0644]
source3/registry/reg_api_util.h [new file with mode: 0644]
source3/registry/reg_util_legacy.c
source3/rpc_client/cli_lsarpc.c
source3/rpc_client/cli_pipe.c
source3/rpc_client/rpc_transport_sock.c
source3/rpc_server/srv_eventlog_nt.c
source3/rpc_server/srv_lsa_nt.c
source3/rpc_server/srv_netlog_nt.c
source3/rpc_server/srv_samr_nt.c
source3/rpc_server/srv_spoolss_util.c
source3/rpcclient/cmd_samr.c
source3/rpcclient/cmd_winreg.c [new file with mode: 0644]
source3/rpcclient/rpcclient.c
source3/smbd/posix_acls.c
source3/smbd/process.c
source3/smbd/server.c
source3/torture/torture.c
source3/utils/net_rpc.c
source3/utils/net_rpc_samsync.c
source3/utils/net_sam.c
source3/utils/ntlm_auth.c
source3/utils/profiles.c
source3/utils/sharesec.c
source3/utils/smbcacls.c
source3/winbindd/idmap_ad.c
source3/winbindd/idmap_ldap.c
source3/winbindd/wb_getgrsid.c
source3/winbindd/winbindd_cache.c
source3/winbindd/winbindd_proto.h
source3/winbindd/winbindd_rpc.c
source3/winbindd/winbindd_util.c
source3/wscript_build
source4/dsdb/common/util.c
source4/dsdb/pydsdb.c
source4/dsdb/repl/drepl_fsmo.c
source4/dsdb/repl/replicated_objects.c
source4/dsdb/samdb/cracknames.c
source4/dsdb/samdb/ldb_modules/rootdse.c
source4/dsdb/schema/schema_info_attr.c
source4/dsdb/schema/schema_init.c
source4/dsdb/schema/schema_prefixmap.c
source4/lib/registry/pyregistry.c
source4/lib/registry/regf.c
source4/lib/registry/regf.idl
source4/libcli/finddcs_cldap.c
source4/libnet/libnet_lookup.c
source4/librpc/idl/winbind.idl
source4/librpc/rpc/pyrpc.h
source4/librpc/rpc/pyrpc_util.c
source4/librpc/wscript_build
source4/rpc_server/drsuapi/dcesrv_drsuapi.c
source4/scripting/bin/samba_dnsupdate
source4/scripting/devel/getncchanges
source4/scripting/devel/ldapcmp
source4/scripting/devel/rodcdns [new file with mode: 0755]
source4/scripting/python/samba/join.py
source4/scripting/python/samba/samdb.py
source4/torture/basic/base.c
source4/torture/basic/delaywrite.c
source4/torture/basic/delete.c
source4/torture/basic/disconnect.c
source4/torture/config.mk
source4/torture/drs/python/fsmo.py
source4/torture/drs/unit/prefixmap_tests.c
source4/torture/drs/unit/schemainfo_tests.c
source4/torture/gentest.c
source4/torture/libnetapi/config.mk
source4/torture/libnetapi/libnetapi.c
source4/torture/libnetapi/libnetapi_server.c [new file with mode: 0644]
source4/torture/libnetapi/wscript_build
source4/torture/nbench/nbio.c
source4/torture/nbt/winsreplication.c
source4/torture/ndr/ndr.c
source4/torture/ndr/ntlmssp.c [new file with mode: 0644]
source4/torture/ndr/winreg.c
source4/torture/raw/notify.c
source4/torture/rpc/handles.c
source4/torture/rpc/lsa.c
source4/torture/rpc/netlogon.c
source4/torture/rpc/svcctl.c
source4/torture/smb2/lease.c
source4/torture/smb2/notify.c
source4/torture/util_smb.c
source4/torture/wscript_build
source4/winbind/wb_irpc.c
source4/winbind/wb_server.h
source4/winbind/wb_update_rodc_dns.c [new file with mode: 0644]
source4/winbind/wscript_build
testprogs/win32/spoolss/testspoolss.c

index f2e26ec4e23d77a47c818c5e3e84c552d4747ac8..82f882f64626faf399bc0615823550fc98407e79 100644 (file)
@@ -78,6 +78,13 @@ also accepted as dictionary entries here
 
                 SAMBA_VERSION_STRING += ("-GIT-" + self.GIT_COMMIT_ABBREV)
 
+                clean = Utils.cmd_output('git diff HEAD | wc -l', silent=True)
+                if clean == "0\n":
+                    self.GIT_COMMIT_IS_CLEAN = True
+                else:
+                    self.GIT_COMMIT_IS_CLEAN = False
+                    SAMBA_VERSION_STRING += "+"
+
         self.OFFICIAL_STRING=SAMBA_VERSION_STRING
 
         if self.VENDOR_SUFFIX is not None:
@@ -117,10 +124,12 @@ also accepted as dictionary entries here
             string+="#define SAMBA_VERSION_RC_RELEASE %u\n" % self.RC_RELEASE
 
         try:
-            string+="#define SAMBA_VERSION_GIT_COMMIT_ABBREV " + self.GIT_COMMIT_ABBREV + "\n"
+            string+="#define SAMBA_VERSION_GIT_COMMIT_ABBREV \"" + self.GIT_COMMIT_ABBREV + "\"\n"
+            string+="#define SAMBA_VERSION_GIT_COMMIT_FULLREV \"" + self.GIT_COMMIT_FULLREV + "\"\n"
+            string+="#define SAMBA_VERSION_GIT_COMMIT_DATE \"" + self.GIT_COMMIT_DATE + "\"\n"
             string+="#define SAMBA_VERSION_GIT_COMMIT_TIME " + self.GIT_COMMIT_TIME + "\n"
-            string+="#define SAMBA_VERSION_GIT_COMMIT_FULLREV " + self.GIT_COMMIT_TIME + "\n"
-            string+="#define SAMBA_VERSION_GIT_COMMIT_DATE " + self.GIT_COMMIT_DATA + "\n"
+            if self.GIT_COMMIT_IS_CLEAN:
+                string+="#define SAMBA_VERSION_GIT_COMMIT_IS_CLEAN 1\n"
         except AttributeError:
             pass
 
index 7a9205b815cbaf8c580fcb3fb1d679bf600ce11e..f2638db492e86c403736571c0f9522eb9d02f8d1 100644 (file)
@@ -77,15 +77,19 @@ static PyObject *PyString_FromTDB_DATA(TDB_DATA data)
 
 static PyObject *py_tdb_open(PyTypeObject *type, PyObject *args, PyObject *kwargs)
 {
-       char *name;
+       char *name = NULL;
        int hash_size = 0, tdb_flags = TDB_DEFAULT, flags = O_RDWR, mode = 0600;
        TDB_CONTEXT *ctx;
        PyTdbObject *ret;
        const char *kwnames[] = { "name", "hash_size", "tdb_flags", "flags", "mode", NULL };
 
-       if (!PyArg_ParseTupleAndKeywords(args, kwargs, "s|iiii", (char **)kwnames, &name, &hash_size, &tdb_flags, &flags, &mode))
+       if (!PyArg_ParseTupleAndKeywords(args, kwargs, "|siiii", (char **)kwnames, &name, &hash_size, &tdb_flags, &flags, &mode))
                return NULL;
 
+       if (name == NULL) {
+               tdb_flags |= TDB_INTERNAL;
+       }
+
        ctx = tdb_open(name, hash_size, tdb_flags, flags, mode);
        if (ctx == NULL) {
                PyErr_SetFromErrno(PyExc_IOError);
@@ -112,6 +116,13 @@ static PyObject *obj_transaction_commit(PyTdbObject *self)
        Py_RETURN_NONE;
 }
 
+static PyObject *obj_transaction_prepare_commit(PyTdbObject *self)
+{
+       int ret = tdb_transaction_prepare_commit(self->ctx);
+       PyErr_TDB_ERROR_IS_ERR_RAISE(ret, self->ctx);
+       Py_RETURN_NONE;
+}
+
 static PyObject *obj_transaction_start(PyTdbObject *self)
 {
        int ret = tdb_transaction_start(self->ctx);
@@ -259,6 +270,27 @@ static PyObject *obj_store(PyTdbObject *self, PyObject *args)
        Py_RETURN_NONE;
 }
 
+static PyObject *obj_add_flags(PyTdbObject *self, PyObject *args)
+{
+       unsigned flags;
+
+       if (!PyArg_ParseTuple(args, "I", &flags))
+               return NULL;
+
+       tdb_add_flags(self->ctx, flags);
+       Py_RETURN_NONE;
+}
+
+static PyObject *obj_remove_flags(PyTdbObject *self, PyObject *args)
+{
+       unsigned flags;
+
+       if (!PyArg_ParseTuple(args, "I", &flags))
+               return NULL;
+
+       tdb_remove_flags(self->ctx, flags);
+       Py_RETURN_NONE;
+}
 
 typedef struct {
        PyObject_HEAD
@@ -311,6 +343,18 @@ static PyObject *obj_clear(PyTdbObject *self)
        Py_RETURN_NONE;
 }
 
+static PyObject *obj_enable_seqnum(PyTdbObject *self)
+{
+       tdb_enable_seqnum(self->ctx);
+       Py_RETURN_NONE;
+}
+
+static PyObject *obj_increment_seqnum_nonblock(PyTdbObject *self)
+{
+       tdb_increment_seqnum_nonblock(self->ctx);
+       Py_RETURN_NONE;
+}
+
 static PyMethodDef tdb_object_methods[] = {
        { "transaction_cancel", (PyCFunction)obj_transaction_cancel, METH_NOARGS, 
                "S.transaction_cancel() -> None\n"
@@ -318,6 +362,9 @@ static PyMethodDef tdb_object_methods[] = {
        { "transaction_commit", (PyCFunction)obj_transaction_commit, METH_NOARGS,
                "S.transaction_commit() -> None\n"
                "Commit the currently active transaction." },
+       { "transaction_prepare_commit", (PyCFunction)obj_transaction_prepare_commit, METH_NOARGS,
+               "S.transaction_prepare_commit() -> None\n"
+               "Prepare to commit the currently active transaction" },
        { "transaction_start", (PyCFunction)obj_transaction_start, METH_NOARGS,
                "S.transaction_start() -> None\n"
                "Start a new transaction." },
@@ -341,9 +388,15 @@ static PyMethodDef tdb_object_methods[] = {
                "Check whether key exists in this database." },
        { "store", (PyCFunction)obj_store, METH_VARARGS, "S.store(key, data, flag=REPLACE) -> None"
                "Store data." },
+       { "add_flags", (PyCFunction)obj_add_flags, METH_VARARGS, "S.add_flags(flags) -> None" },
+       { "remove_flags", (PyCFunction)obj_remove_flags, METH_VARARGS, "S.remove_flags(flags) -> None" },
        { "iterkeys", (PyCFunction)tdb_object_iter, METH_NOARGS, "S.iterkeys() -> iterator" },
        { "clear", (PyCFunction)obj_clear, METH_NOARGS, "S.clear() -> None\n"
                "Wipe the entire database." },
+       { "enable_seqnum", (PyCFunction)obj_enable_seqnum, METH_NOARGS,
+               "S.enable_seqnum() -> None" },
+       { "increment_seqnum_nonblock", (PyCFunction)obj_increment_seqnum_nonblock, METH_NOARGS,
+               "S.increment_seqnum_nonblock() -> None" },
        { NULL }
 };
 
@@ -365,6 +418,11 @@ static PyObject *obj_get_map_size(PyTdbObject *self, void *closure)
        return PyInt_FromLong(tdb_map_size(self->ctx));
 }
 
+static PyObject *obj_get_freelist_size(PyTdbObject *self, void *closure)
+{
+       return PyInt_FromLong(tdb_freelist_size(self->ctx));
+}
+
 static PyObject *obj_get_flags(PyTdbObject *self, void *closure)
 {
        return PyInt_FromLong(tdb_get_flags(self->ctx));
@@ -375,18 +433,30 @@ static PyObject *obj_get_filename(PyTdbObject *self, void *closure)
        return PyString_FromString(tdb_name(self->ctx));
 }
 
+static PyObject *obj_get_seqnum(PyTdbObject *self, void *closure)
+{
+       return PyInt_FromLong(tdb_get_seqnum(self->ctx));
+}
+
+
 static PyGetSetDef tdb_object_getsetters[] = {
        { (char *)"hash_size", (getter)obj_get_hash_size, NULL, NULL },
        { (char *)"map_size", (getter)obj_get_map_size, NULL, NULL },
+       { (char *)"freelist_size", (getter)obj_get_freelist_size, NULL, NULL },
        { (char *)"flags", (getter)obj_get_flags, NULL, NULL },
        { (char *)"max_dead", NULL, (setter)obj_set_max_dead, NULL },
        { (char *)"filename", (getter)obj_get_filename, NULL, (char *)"The filename of this TDB file."},
+       { (char *)"seqnum", (getter)obj_get_seqnum, NULL, NULL },
        { NULL }
 };
 
 static PyObject *tdb_object_repr(PyTdbObject *self)
 {
-       return PyString_FromFormat("Tdb('%s')", tdb_name(self->ctx));
+       if (tdb_get_flags(self->ctx) & TDB_INTERNAL) {
+               return PyString_FromString("Tdb(<internal>)");
+       } else {
+               return PyString_FromFormat("Tdb('%s')", tdb_name(self->ctx));
+       }
 }
 
 static void tdb_object_dealloc(PyTdbObject *self)
@@ -497,6 +567,12 @@ void inittdb(void)
        PyModule_AddObject(m, "NOMMAP", PyInt_FromLong(TDB_NOMMAP));
        PyModule_AddObject(m, "CONVERT", PyInt_FromLong(TDB_CONVERT));
        PyModule_AddObject(m, "BIGENDIAN", PyInt_FromLong(TDB_BIGENDIAN));
+       PyModule_AddObject(m, "NOSYNC", PyInt_FromLong(TDB_NOSYNC));
+       PyModule_AddObject(m, "SEQNUM", PyInt_FromLong(TDB_SEQNUM));
+       PyModule_AddObject(m, "VOLATILE", PyInt_FromLong(TDB_VOLATILE));
+       PyModule_AddObject(m, "ALLOW_NESTING", PyInt_FromLong(TDB_ALLOW_NESTING));
+       PyModule_AddObject(m, "DISALLOW_NESTING", PyInt_FromLong(TDB_DISALLOW_NESTING));
+
        PyModule_AddObject(m, "__docformat__", PyString_FromString("restructuredText"));
 
        Py_INCREF(&PyTdb);
index 6b1e840f3279553ea7a2626577bf2050deedecde..18180e16bda5bb01ceca4abe067614474c60d601 100644 (file)
@@ -18,6 +18,7 @@ class OpenTdbTests(TestCase):
                 tdb.DEFAULT, os.O_RDWR)
 
 class CloseTdbTests(TestCase):
+
     def test_double_close(self):
         self.tdb = tdb.Tdb(tempfile.mkstemp()[1], 0, tdb.DEFAULT,
                 os.O_CREAT|os.O_RDWR)
@@ -28,6 +29,15 @@ class CloseTdbTests(TestCase):
         self.tdb.close()
 
 
+class InternalTdbTests(TestCase):
+
+    def test_repr(self):
+        self.tdb = tdb.Tdb()
+
+        # repr used to crash on internal db
+        self.assertEquals(repr(self.tdb), "Tdb(<internal>)")
+
+
 class SimpleTdbTests(TestCase):
 
     def setUp(self):
@@ -86,6 +96,9 @@ class SimpleTdbTests(TestCase):
     def test_map_size(self):
         self.tdb.map_size
 
+    def test_freelist_size(self):
+        self.tdb.freelist_size
+
     def test_name(self):
         self.tdb.filename
 
@@ -108,11 +121,13 @@ class SimpleTdbTests(TestCase):
         self.tdb.transaction_commit()
         self.assertEquals("1", self.tdb["bloe"])
 
-    def test_iterator(self):
+    def test_transaction_prepare_commit(self):
         self.tdb["bloe"] = "2"
-        self.tdb["bla"] = "hoi"
-        i = iter(self.tdb)
-        self.assertEquals(set(["bloe", "bla"]), set([i.next(), i.next()]))
+        self.tdb.transaction_start()
+        self.tdb["bloe"] = "1"
+        self.tdb.transaction_prepare_commit()
+        self.tdb.transaction_commit()
+        self.assertEquals("1", self.tdb["bloe"])
 
     def test_iterkeys(self):
         self.tdb["bloe"] = "2"
@@ -127,11 +142,22 @@ class SimpleTdbTests(TestCase):
         self.tdb.clear()
         self.assertEquals(0, len(list(self.tdb)))
 
+    def test_seqnum(self):
+        self.tdb.enable_seqnum()
+        seq1 = self.tdb.seqnum
+        self.tdb.increment_seqnum_nonblock()
+        seq2 = self.tdb.seqnum
+        self.assertEquals(seq2-seq1, 1)
+
     def test_len(self):
         self.assertEquals(0, len(list(self.tdb)))
         self.tdb["entry"] = "value"
         self.assertEquals(1, len(list(self.tdb)))
 
+    def test_add_flags(self):
+        self.tdb.add_flags(tdb.NOMMAP)
+        self.tdb.remove_flags(tdb.NOMMAP)
+
 
 if __name__ == '__main__':
     import unittest
index dc5e6df8f10c62d2025867a1743194f768d561f7..596df0d6a6b7ce13af84753d3c61f447d32c719b 100644 (file)
@@ -4,6 +4,15 @@ testtools NEWS
 NEXT
 ~~~~
 
+Improvements
+------------
+
+* Code duplication between assertEqual and the matcher Equals has been removed.
+
+* In normal circumstances, a TestCase will no longer share details with clones
+  of itself. (Andrew Bennetts, bug #637725)
+
+
 0.9.6
 ~~~~~
 
@@ -17,32 +26,32 @@ patches and TestCase.assertEqual gives slightly nicer errors.
 Improvements
 ------------
 
- * 'TestCase.assertEqual' now formats errors a little more nicely, in the
-   style of bzrlib.
+* 'TestCase.assertEqual' now formats errors a little more nicely, in the
+  style of bzrlib.
 
- * Added `PlaceHolder` and `ErrorHolder`, TestCase-like objects that can be
-   used to add results to a `TestResult`.
+* Added `PlaceHolder` and `ErrorHolder`, TestCase-like objects that can be
+  used to add results to a `TestResult`.
 
- * 'Mismatch' now takes optional description and details parameters, so
-   custom Matchers aren't compelled to make their own subclass.
+* 'Mismatch' now takes optional description and details parameters, so
+  custom Matchers aren't compelled to make their own subclass.
 
- * jml added a built-in UTF8_TEXT ContentType to make it slightly easier to
-   add details to test results. See bug #520044.
+* jml added a built-in UTF8_TEXT ContentType to make it slightly easier to
+  add details to test results. See bug #520044.
 
- * Fix a bug in our built-in matchers where assertThat would blow up if any
-   of them failed. All built-in mismatch objects now provide get_details().
+* Fix a bug in our built-in matchers where assertThat would blow up if any
+  of them failed. All built-in mismatch objects now provide get_details().
 
- * New 'Is' matcher, which lets you assert that a thing is identical to
-   another thing.
+* New 'Is' matcher, which lets you assert that a thing is identical to
+  another thing.
 
- * New 'LessThan' matcher which lets you assert that a thing is less than
-   another thing.
+* New 'LessThan' matcher which lets you assert that a thing is less than
+  another thing.
 
- * TestCase now has a 'patch()' method to make it easier to monkey-patching
-   objects in tests. See the manual for more information. Fixes bug #310770.
+* TestCase now has a 'patch()' method to make it easier to monkey-patching
+  objects in tests. See the manual for more information. Fixes bug #310770.
 
- * MultiTestResult methods now pass back return values from the results it
-   forwards to.
+* MultiTestResult methods now pass back return values from the results it
+  forwards to.
 
 0.9.5
 ~~~~~
index 6a4c82a2fe4f7cd32c4949ec8b421f4451a461ec..61b5bd74f95381bd6e7da2809ba77484067b787c 100644 (file)
@@ -25,6 +25,7 @@ __all__ = [
 
 import doctest
 import operator
+from pprint import pformat
 
 
 class Matcher(object):
@@ -178,6 +179,14 @@ class _BinaryMismatch(Mismatch):
         self.other = other
 
     def describe(self):
+        left = repr(self.expected)
+        right = repr(self.other)
+        if len(left) + len(right) > 70:
+            return "%s:\nreference = %s\nactual = %s\n" % (
+                self._mismatch_string, pformat(self.expected),
+                pformat(self.other))
+        else:
+            return "%s %s %s" % (left, self._mismatch_string,right)
         return "%r %s %r" % (self.expected, self._mismatch_string, self.other)
 
 
index 48eec71d41809d273ea4734c4b2227a864ca15e1..959c129691b040cd82b95008bccbb71b25a9cec6 100644 (file)
@@ -17,13 +17,16 @@ try:
 except ImportError:
     wraps = None
 import itertools
-from pprint import pformat
 import sys
 import types
 import unittest
 
 from testtools import content
 from testtools.compat import advance_iterator
+from testtools.matchers import (
+    Annotate,
+    Equals,
+    )
 from testtools.monkey import patch
 from testtools.runtest import RunTest
 from testtools.testresult import TestResult
@@ -81,7 +84,9 @@ class TestCase(unittest.TestCase):
         self._traceback_id_gen = itertools.count(0)
         self.__setup_called = False
         self.__teardown_called = False
-        self.__details = {}
+        # __details is lazy-initialized so that a constructed-but-not-run
+        # TestCase is safe to use with clone_test_with_new_id.
+        self.__details = None
         self.__RunTest = kwargs.get('runTest', RunTest)
         self.__exception_handlers = []
         self.exception_handlers = [
@@ -114,6 +119,8 @@ class TestCase(unittest.TestCase):
         :param content_object: The content object for this detail. See
             testtools.content for more detail.
         """
+        if self.__details is None:
+            self.__details = {}
         self.__details[name] = content_object
 
     def getDetails(self):
@@ -121,6 +128,8 @@ class TestCase(unittest.TestCase):
 
         For more details see pydoc testtools.TestResult.
         """
+        if self.__details is None:
+            self.__details = {}
         return self.__details
 
     def patch(self, obj, attribute, value):
@@ -230,18 +239,10 @@ class TestCase(unittest.TestCase):
         :param observed: The observed value.
         :param message: An optional message to include in the error.
         """
-        try:
-            return super(TestCase, self).assertEqual(expected, observed)
-        except self.failureException:
-            lines = []
-            if message:
-                lines.append(message)
-            lines.extend(
-                ["not equal:",
-                 "a = %s" % pformat(expected),
-                 "b = %s" % pformat(observed),
-                 ''])
-            self.fail('\n'.join(lines))
+        matcher = Equals(expected)
+        if message:
+            matcher = Annotate(message, matcher)
+        self.assertThat(observed, matcher)
 
     failUnlessEqual = assertEquals = assertEqual
 
index 9edc5a51764099749f6a68144fb25e64aa5a173b..5dfb3559905dda2f8fceff26c9060de347214651 100644 (file)
@@ -461,6 +461,15 @@ class TestAssertions(TestCase):
              'a = %s' % pformat(a),
              'b = %s' % pformat(b),
              ''])
+        expected_error = '\n'.join([
+            'Match failed. Matchee: "%r"' % b,
+            'Matcher: Annotate(%r, Equals(%r))' % (message, a),
+            'Difference: !=:',
+            'reference = %s' % pformat(a),
+            'actual = %s' % pformat(b),
+            ': ' + message,
+            ''
+            ])
         self.assertFails(expected_error, self.assertEqual, a, b, message)
         self.assertFails(expected_error, self.assertEquals, a, b, message)
         self.assertFails(expected_error, self.failUnlessEqual, a, b, message)
@@ -468,11 +477,12 @@ class TestAssertions(TestCase):
     def test_assertEqual_formatting_no_message(self):
         a = "cat"
         b = "dog"
-        expected_error = '\n'.join(
-            ['not equal:',
-             'a = %s' % pformat(a),
-             'b = %s' % pformat(b),
-             ''])
+        expected_error = '\n'.join([
+            'Match failed. Matchee: "dog"',
+            'Matcher: Equals(\'cat\')',
+            'Difference: \'cat\' != \'dog\'',
+            ''
+            ])
         self.assertFails(expected_error, self.assertEqual, a, b)
         self.assertFails(expected_error, self.assertEquals, a, b)
         self.assertFails(expected_error, self.failUnlessEqual, a, b)
@@ -760,6 +770,18 @@ class TestCloneTestWithNewId(TestCase):
         self.assertEqual(oldName, test.id(),
             "the original test instance should be unchanged.")
 
+    def test_cloned_testcase_does_not_share_details(self):
+        """A cloned TestCase does not share the details dict."""
+        class Test(TestCase):
+            def test_foo(self):
+                self.addDetail(
+                    'foo', content.Content('text/plain', lambda: 'foo'))
+        orig_test = Test('test_foo')
+        cloned_test = clone_test_with_new_id(orig_test, self.getUniqueString())
+        orig_test.run(unittest.TestResult())
+        self.assertEqual('foo', orig_test.getDetails()['foo'].iter_bytes())
+        self.assertEqual(None, cloned_test.getDetails().get('foo'))
+
 
 class TestDetailsProvided(TestWithDetails):
 
index 68907aa59303d4a05236311d73d05ae5e104ccf6..bd08f7efd9dc3ea5e5dbe7aa0fe1867cfee37509 100644 (file)
@@ -266,7 +266,7 @@ static size_t CHARSETNAME ## _pull(void *cd, const char **inbuf, size_t *inbytes
                         char **outbuf, size_t *outbytesleft)                                   \
 {                                                                                              \
        while (*inbytesleft >= 1 && *outbytesleft >= 2) {                                       \
-               *(uint16*)(*outbuf) = to_ucs2[((unsigned char*)(*inbuf))[0]];                   \
+               SSVAL(*outbuf, 0, to_ucs2[((unsigned char*)(*inbuf))[0]]);                      \
                (*inbytesleft)  -= 1;                                                           \
                (*outbytesleft) -= 2;                                                           \
                (*inbuf)  += 1;                                                                 \
index 076ddf47fc5e4458fd3959e1586940e14206e243..11bb31517617689328a62708bf881dcc2e613b35 100644 (file)
@@ -165,15 +165,50 @@ _PUBLIC_ bool directory_create_or_exist(const char *dname, uid_t uid,
  Sleep for a specified number of milliseconds.
 **/
 
-_PUBLIC_ void msleep(unsigned int t)
+_PUBLIC_ void smb_msleep(unsigned int t)
 {
-       struct timeval tval;  
+#if defined(HAVE_NANOSLEEP)
+       struct timespec ts;
+       int ret;
+
+       ts.tv_sec = t/1000;
+       ts.tv_nsec = 1000000*(t%1000);
+
+       do {
+               errno = 0;
+               ret = nanosleep(&ts, &ts);
+       } while (ret < 0 && errno == EINTR && (ts.tv_sec > 0 || ts.tv_nsec > 0));
+#else
+       unsigned int tdiff=0;
+       struct timeval tval,t1,t2;
+       fd_set fds;
 
-       tval.tv_sec = t/1000;
-       tval.tv_usec = 1000*(t%1000);
-       /* this should be the real select - do NOT replace
-          with sys_select() */
-       select(0,NULL,NULL,NULL,&tval);
+       GetTimeOfDay(&t1);
+       t2 = t1;
+
+       while (tdiff < t) {
+               tval.tv_sec = (t-tdiff)/1000;
+               tval.tv_usec = 1000*((t-tdiff)%1000);
+
+               /* Never wait for more than 1 sec. */
+               if (tval.tv_sec > 1) {
+                       tval.tv_sec = 1;
+                       tval.tv_usec = 0;
+               }
+
+               FD_ZERO(&fds);
+               errno = 0;
+               select(0,&fds,NULL,NULL,&tval);
+
+               GetTimeOfDay(&t2);
+               if (t2.tv_sec < t1.tv_sec) {
+                       /* Someone adjusted time... */
+                       t1 = t2;
+               }
+
+               tdiff = usec_time_diff(&t2,&t1)/1000;
+       }
+#endif
 }
 
 /**
index 994fad04d3b12b2ac7cea7e30708e46ce236657f..c613e65adf93fca9186719fb8b86398024e56f59 100644 (file)
@@ -655,7 +655,7 @@ _PUBLIC_ int set_blocking(int fd, bool set);
 /**
  Sleep for a specified number of milliseconds.
 **/
-_PUBLIC_ void msleep(unsigned int t);
+_PUBLIC_ void smb_msleep(unsigned int t);
 
 /**
  Get my own name, return in talloc'ed storage.
index 3b40fbba25dc826b569120e74532a9db51830654..6daaba360432e52cfbf2402221e79d2c1824f264 100644 (file)
@@ -65,7 +65,7 @@ char *ldap_encode_ndr_dom_sid(TALLOC_CTX *mem_ctx, const struct dom_sid *sid)
 /*
   encode a NDR GUID as a ldap filter element
 */
-char *ldap_encode_ndr_GUID(TALLOC_CTX *mem_ctx, struct GUID *guid)
+char *ldap_encode_ndr_GUID(TALLOC_CTX *mem_ctx, const struct GUID *guid)
 {
        DATA_BLOB blob;
        NTSTATUS status;
index ee1f702c7893524ed9a2172ce9e87f19e5ec76cc..df5ee478cb96d574ab7a20214ecd12c7d470be10 100644 (file)
@@ -5,7 +5,7 @@
 
 char *ldap_encode_ndr_uint32(TALLOC_CTX *mem_ctx, uint32_t value);
 char *ldap_encode_ndr_dom_sid(TALLOC_CTX *mem_ctx, const struct dom_sid *sid);
-char *ldap_encode_ndr_GUID(TALLOC_CTX *mem_ctx, struct GUID *guid);
+char *ldap_encode_ndr_GUID(TALLOC_CTX *mem_ctx, const struct GUID *guid);
 NTSTATUS ldap_decode_ndr_GUID(TALLOC_CTX *mem_ctx, struct ldb_val val, struct GUID *guid);
 
 #endif /* __LIBCLI_LDAP_LDAP_NDR_H__ */
index 93f887134e56ce30b135826c0baa5125cf22d178..f94d952b4d1cf6f430bae8877f8e0e598fcb1b25 100644 (file)
@@ -98,6 +98,24 @@ bool sid_append_rid(struct dom_sid *sid, uint32_t rid)
        return false;
 }
 
+/*
+  See if 2 SIDs are in the same domain
+  this just compares the leading sub-auths
+*/
+int dom_sid_compare_domain(const struct dom_sid *sid1,
+                          const struct dom_sid *sid2)
+{
+       int n, i;
+
+       n = MIN(sid1->num_auths, sid2->num_auths);
+
+       for (i = n-1; i >= 0; --i)
+               if (sid1->sub_auths[i] != sid2->sub_auths[i])
+                       return sid1->sub_auths[i] - sid2->sub_auths[i];
+
+       return dom_sid_compare_auth(sid1, sid2);
+}
+
 /*****************************************************************
  Convert a string to a SID. Returns True on success, False on fail.
 *****************************************************************/
index e89253554e81251faf60616cd56dea2427f3b9fd..ac8669d725688c412d79c7b34a29ec1e81a4f520 100644 (file)
@@ -26,6 +26,8 @@
 #include "librpc/gen_ndr/security.h"
 
 int dom_sid_compare(const struct dom_sid *sid1, const struct dom_sid *sid2);
+int dom_sid_compare_domain(const struct dom_sid *sid1,
+                          const struct dom_sid *sid2);
 bool dom_sid_equal(const struct dom_sid *sid1, const struct dom_sid *sid2);
 bool dom_sid_parse(const char *sidstr, struct dom_sid *ret);
 struct dom_sid *dom_sid_parse_talloc(TALLOC_CTX *mem_ctx, const char *sidstr);
index 3b717d225970b0d8d260dd48ea14306fbc3f82c8..d89cd9c087bb1a63cb3e276d1b4da10c31378ba6 100644 (file)
@@ -48,6 +48,13 @@ typedef uint32_t WERROR;
        }\
 } while (0)
 
+#define W_ERROR_HAVE_NO_MEMORY_AND_FREE(x, ctx) do { \
+       if (!(x)) {\
+               talloc_free(ctx); \
+               return WERR_NOMEM;\
+       }\
+} while (0)
+
 #define W_ERROR_IS_OK_RETURN(x) do { \
        if (W_ERROR_IS_OK(x)) {\
                return x;\
index 9010efc23c902c82d42d1a0b78dd5c4fef204bfd..89818914556cb23f90f4c057d9c9bb4644dd82c4 100644 (file)
@@ -952,17 +952,34 @@ interface drsuapi
        } drsuapi_DsNameFlags;
 
        typedef [v1_enum] enum {
-               DRSUAPI_DS_NAME_FORMAT_UNKNOWN                  = 0,
-               DRSUAPI_DS_NAME_FORMAT_FQDN_1779                = 1,
-               DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT              = 2,
-               DRSUAPI_DS_NAME_FORMAT_DISPLAY                  = 3,
-               DRSUAPI_DS_NAME_FORMAT_GUID                     = 6,
-               DRSUAPI_DS_NAME_FORMAT_CANONICAL                = 7,
-               DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL           = 8,
-               DRSUAPI_DS_NAME_FORMAT_CANONICAL_EX             = 9,
-               DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL        = 10,
-               DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY       = 11,
-               DRSUAPI_DS_NAME_FORMAT_DNS_DOMAIN               = 12
+               DRSUAPI_DS_NAME_FORMAT_UNKNOWN                  = 0x00000000,
+               DRSUAPI_DS_NAME_FORMAT_FQDN_1779                = 0x00000001,
+               DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT              = 0x00000002,
+               DRSUAPI_DS_NAME_FORMAT_DISPLAY                  = 0x00000003,
+               DRSUAPI_DS_NAME_FORMAT_GUID                     = 0x00000006,
+               DRSUAPI_DS_NAME_FORMAT_CANONICAL                = 0x00000007,
+               DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL           = 0x00000008,
+               DRSUAPI_DS_NAME_FORMAT_CANONICAL_EX             = 0x00000009,
+               DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL        = 0x0000000A,
+               DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY       = 0x0000000B,
+               DRSUAPI_DS_NAME_FORMAT_DNS_DOMAIN               = 0x0000000C,
+               DRSUAPI_DS_NAME_FORMAT_UPN_AND_ALTSECID         = 0xFFFFFFEF,
+               DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT_NAME_SANS_DOMAIN_EX = 0xFFFFFFF0,
+               DRSUAPI_DS_NAME_FORMAT_LIST_GLOBAL_CATALOG_SERVERS = 0xFFFFFFF1,
+               DRSUAPI_DS_NAME_FORMAT_UPN_FOR_LOGON            = 0xFFFFFFF2,
+               DRSUAPI_DS_NAME_FORMAT_LIST_SERVERS_WITH_DCS_IN_SITE = 0xFFFFFFF3,
+               DRSUAPI_DS_NAME_FORMAT_STRING_SID_NAME          = 0xFFFFFFF4,
+               DRSUAPI_DS_NAME_FORMAT_ALT_SECURITY_IDENTITIES_NAME = 0xFFFFFFF5,
+               DRSUAPI_DS_NAME_FORMAT_LIST_NCS                 = 0xFFFFFFF6,
+               DRSUAPI_DS_NAME_FORMAT_LIST_DOMAINS             = 0xFFFFFFF7,
+               DRSUAPI_DS_NAME_FORMAT_MAP_SCHEMA_GUID          = 0xFFFFFFF8,
+               DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT_NAME_SANS_DOMAIN = 0xFFFFFFF9,
+               DRSUAPI_DS_NAME_FORMAT_LIST_ROLES               = 0xFFFFFFFA,
+               DRSUAPI_DS_NAME_FORMAT_LIST_INFO_FOR_SERVER     = 0xFFFFFFFB,
+               DRSUAPI_DS_NAME_FORMAT_LIST_SERVERS_FOR_DOMAIN_IN_SITE = 0xFFFFFFFC,
+               DRSUAPI_DS_NAME_FORMAT_LIST_DOMAINS_IN_SITE     = 0xFFFFFFFD,
+               DRSUAPI_DS_NAME_FORMAT_LIST_SERVERS_IN_SITE     = 0xFFFFFFFE,
+               DRSUAPI_DS_NAME_FORMAT_LIST_SITES               = 0xFFFFFFFF
        } drsuapi_DsNameFormat;
 
        typedef struct {
index 62d2af55889659fd92c10e0922836bde14b80439..1685cf9a1e90a6de3cd4418879527a2c380fd12a 100644 (file)
@@ -1715,7 +1715,7 @@ interface netlogon
                uint32 status;
        } NL_DNS_NAME_INFO;
 
-       typedef struct {
+       typedef [public] struct {
                uint32 count;
                [size_is(count)] NL_DNS_NAME_INFO *names;
        } NL_DNS_NAME_INFO_ARRAY;
index e8723ce3676521027396a78da0ab9ba8df6b0f35..b8d11badf434215364ec32905aaaab7e21128fab 100644 (file)
@@ -20,6 +20,11 @@ bld.SAMBA_PIDL_LIST('PIDL',
                     output_dir='../gen_ndr')
 
 bld.SAMBA_PIDL_LIST('PIDL',
-                    'rap.idl idmap.idl dnsp.idl ntprinting.idl',
+                    'idmap.idl',
+                    options='--header --ndr-parser --client --python',
+                    output_dir='../gen_ndr')
+
+bld.SAMBA_PIDL_LIST('PIDL',
+                    'rap.idl dnsp.idl ntprinting.idl',
                     options='--header --ndr-parser',
                     output_dir='../gen_ndr')
index 64d0a6a4dfdbcb7e25f097b0b41c19db9a1f093a..ce8c865cb39030584c35f2938f5164f8bbe05a4a 100644 (file)
@@ -620,6 +620,8 @@ REG_INIT_FULL_OBJ = registry/reg_init_full.o
 REGFIO_OBJ = registry/regfio.o \
             $(REG_PARSE_PRS_OBJ)
 
+REG_API_REGF_OBJ = registry/reg_api_regf.o
+
 REGOBJS_OBJ = registry/reg_objects.o
 
 REG_BACKENDS_BASE_OBJ = registry/reg_backend_db.o
@@ -638,7 +640,6 @@ REG_BACKENDS_EXTRA_OBJ = registry/reg_backend_printing.o \
 REG_BASE_OBJ = registry/reg_api.o \
               registry/reg_dispatcher.o \
               registry/reg_cachehook.o \
-              $(REGFIO_OBJ) \
               $(REGOBJS_OBJ) \
               registry/reg_util_internal.o \
               lib/util_nttoken.o \
@@ -647,6 +648,7 @@ REG_BASE_OBJ = registry/reg_api.o \
 
 REG_SMBCONF_OBJ = $(REG_BASE_OBJ) \
                  registry/reg_util_token.o \
+                 registry/reg_api_util.o \
                  $(REG_BACKENDS_SMBCONF_OBJ) \
                  $(REG_INIT_SMBCONF_OBJ)
 
@@ -756,7 +758,8 @@ PROFILES_OBJ = utils/profiles.o \
               $(LIBSMB_ERR_OBJ) \
               $(PARAM_OBJ) \
                $(LIB_OBJ) $(LIB_DUMMY_OBJ) \
-               $(POPT_LIB_OBJ)
+               $(POPT_LIB_OBJ) \
+              $(REGFIO_OBJ)
 
 OPLOCK_OBJ = smbd/oplock.o smbd/oplock_irix.o smbd/oplock_linux.o \
             smbd/oplock_onefs.o
@@ -904,6 +907,8 @@ SMBD_OBJ_BASE = $(PARAM_WITHOUT_REG_OBJ) $(SMBD_OBJ_SRV) $(LIBSMB_OBJ) \
                $(SMBLDAP_OBJ) $(LIBNET_OBJ) \
                $(LIBSMBCONF_OBJ) \
                $(PRIVILEGES_BASIC_OBJ) \
+               $(REGFIO_OBJ) \
+               $(REG_API_REGF_OBJ) \
                $(LIBNDR_XATTR_OBJ)
 
 PRINTING_OBJ = printing/pcap.o printing/print_svid.o printing/print_aix.o \
@@ -1007,6 +1012,7 @@ RPCCLIENT_OBJ1 = rpcclient/rpcclient.o rpcclient/cmd_lsarpc.o \
                 rpcclient/cmd_shutdown.o rpcclient/cmd_test.o \
                 rpcclient/cmd_wkssvc.o rpcclient/cmd_ntsvcs.o \
                 rpcclient/cmd_drsuapi.o rpcclient/cmd_eventlog.o \
+                rpcclient/cmd_winreg.o \
                 $(DISPLAY_SEC_OBJ)
 
 RPCCLIENT_OBJ = $(RPCCLIENT_OBJ1) \
@@ -1026,6 +1032,7 @@ RPCCLIENT_OBJ = $(RPCCLIENT_OBJ1) \
             $(LIBCLI_SRVSVC_OBJ) \
             $(LIBCLI_LSA_OBJ) \
             $(LIBCLI_SAMR_OBJ) \
+            $(LIBCLI_WINREG_OBJ) \
             $(LIBCLI_NETLOGON_OBJ) \
             $(RPC_CLIENT_SCHANNEL_OBJ) \
             rpc_client/init_netlogon.o \
@@ -1162,6 +1169,7 @@ NET_OBJ = $(NET_OBJ1) \
          $(REG_SMBCONF_OBJ) \
          $(LIBNET_OBJ) $(LIBNET_DSSYNC_OBJ) $(LIBNET_SAMSYNC_OBJ) \
          $(LIBSMBCONF_OBJ) \
+         $(REGFIO_OBJ) \
          $(PRIVILEGES_BASIC_OBJ) \
          $(LIB_EVENTLOG_OBJ) localedir.o
 
@@ -1430,6 +1438,7 @@ NTLM_AUTH_OBJ1 = utils/ntlm_auth.o utils/ntlm_auth_diagnostics.o
 
 NTLM_AUTH_OBJ = ${NTLM_AUTH_OBJ1} $(LIBSAMBA_OBJ) $(POPT_LIB_OBJ) \
                ../lib/util/asn1.o ../libcli/auth/spnego_parse.o libsmb/clikrb5.o libads/kerberos.o \
+               libsmb/samlogon_cache.o \
                $(LIBADS_SERVER_OBJ) \
                $(PASSDB_OBJ) $(LIBTSOCKET_OBJ) $(GROUPDB_OBJ) \
                $(SMBLDAP_OBJ) $(LIBNMB_OBJ) \
index 5e3091c7aeaf8ea1b4eab046b1a536d76806eb51..825452026e3892e3f3aa1126760e888ab83a2b2a 100644 (file)
@@ -26,6 +26,7 @@
 #include "../libcli/auth/libcli_auth.h"
 #include "../lib/crypto/arcfour.h"
 #include "rpc_client/init_lsa.h"
+#include "../libcli/security/dom_sid.h"
 
 #undef DBGC_CLASS
 #define DBGC_CLASS DBGC_AUTH
@@ -664,7 +665,7 @@ static NTSTATUS get_guest_info3(TALLOC_CTX *mem_ctx,
        /* Domain sid */
        sid_copy(&domain_sid, get_global_sam_sid());
 
-       info3->base.domain_sid = sid_dup_talloc(mem_ctx, &domain_sid);
+       info3->base.domain_sid = dom_sid_dup(mem_ctx, &domain_sid);
        if (info3->base.domain_sid == NULL) {
                return NT_STATUS_NO_MEMORY;
        }
index e457bd4ae7e95c086cf2880919665ddb76489ffc..690838d779c4a489fecc492139f03603aa096342 100644 (file)
@@ -20,6 +20,7 @@
 #include "includes.h"
 #include "../lib/crypto/arcfour.h"
 #include "../librpc/gen_ndr/netlogon.h"
+#include "../libcli/security/dom_sid.h"
 
 #undef DBGC_CLASS
 #define DBGC_CLASS DBGC_AUTH
@@ -229,7 +230,7 @@ static NTSTATUS append_netr_SidAttr(TALLOC_CTX *mem_ctx,
        if (*sids == NULL) {
                return NT_STATUS_NO_MEMORY;
        }
-       (*sids)[t].sid = sid_dup_talloc(*sids, asid);
+       (*sids)[t].sid = dom_sid_dup(*sids, asid);
        if ((*sids)[t].sid == NULL) {
                return NT_STATUS_NO_MEMORY;
        }
@@ -332,7 +333,7 @@ NTSTATUS samu_to_SamInfo3(TALLOC_CTX *mem_ctx,
 
        /* check if this is a "Unix Users" domain user,
         * we need to handle it in a special way if that's the case */
-       if (sid_compare_domain(user_sid, &global_sid_Unix_Users) == 0) {
+       if (dom_sid_compare_domain(user_sid, &global_sid_Unix_Users) == 0) {
                /* in info3 you can only set rids for the user and the
                 * primary group, and the domain sid must be that of
                 * the sam domain.
@@ -358,7 +359,7 @@ NTSTATUS samu_to_SamInfo3(TALLOC_CTX *mem_ctx,
 
        /* check if this is a "Unix Groups" domain group,
         * if so we need special handling */
-       if (sid_compare_domain(group_sid, &global_sid_Unix_Groups) == 0) {
+       if (dom_sid_compare_domain(group_sid, &global_sid_Unix_Groups) == 0) {
                /* in info3 you can only set rids for the user and the
                 * primary group, and the domain sid must be that of
                 * the sam domain.
@@ -467,7 +468,7 @@ NTSTATUS samu_to_SamInfo3(TALLOC_CTX *mem_ctx,
                                                  pdb_get_domain(samu));
        RET_NOMEM(info3->base.domain.string);
 
-       info3->base.domain_sid = sid_dup_talloc(info3, &domain_sid);
+       info3->base.domain_sid = dom_sid_dup(info3, &domain_sid);
        RET_NOMEM(info3->base.domain_sid);
 
        info3->base.acct_flags = pdb_get_acct_ctrl(samu);
@@ -547,7 +548,7 @@ struct netr_SamInfo3 *copy_netr_SamInfo3(TALLOC_CTX *mem_ctx,
        }
 
        if (orig->base.domain_sid) {
-               info3->base.domain_sid = sid_dup_talloc(info3, orig->base.domain_sid);
+               info3->base.domain_sid = dom_sid_dup(info3, orig->base.domain_sid);
                RET_NOMEM(info3->base.domain_sid);
        }
 
@@ -557,7 +558,7 @@ struct netr_SamInfo3 *copy_netr_SamInfo3(TALLOC_CTX *mem_ctx,
                                           orig->sidcount);
                RET_NOMEM(info3->sids);
                for (i = 0; i < orig->sidcount; i++) {
-                       info3->sids[i].sid = sid_dup_talloc(info3->sids,
+                       info3->sids[i].sid = dom_sid_dup(info3->sids,
                                                            orig->sids[i].sid);
                        RET_NOMEM(info3->sids[i].sid);
                        info3->sids[i].attributes =
@@ -694,7 +695,7 @@ struct netr_SamInfo3 *wbcAuthUserInfo_to_netr_SamInfo3(TALLOC_CTX *mem_ctx,
                RET_NOMEM(info3->base.domain.string);
        }
 
-       info3->base.domain_sid = sid_dup_talloc(info3, &domain_sid);
+       info3->base.domain_sid = dom_sid_dup(info3, &domain_sid);
        RET_NOMEM(info3->base.domain_sid);
 
        memcpy(info3->base.LMSessKey.key, info->lm_session_key, 8);
index bc7d998341138b484bc6166daacb9045ce11683f..4385dc400c896074d69ebbca7525da3dbab7de10 100644 (file)
@@ -27,7 +27,7 @@
 #include "includes.h"
 #include "secrets.h"
 #include "memcache.h"
-
+#include "../libcli/security/dom_sid.h"
 #include "../librpc/gen_ndr/netlogon.h"
 
 /****************************************************************************
@@ -42,7 +42,7 @@ bool nt_token_check_sid ( const struct dom_sid *sid, const struct security_token
                return False;
 
        for ( i=0; i<token->num_sids; i++ ) {
-               if ( sid_equal( sid, &token->sids[i] ) )
+               if ( dom_sid_equal( sid, &token->sids[i] ) )
                        return True;
        }
 
index 65798a35ecea2ae32c09cb2eccd99edffefd19be..7382516e3e60ad9896a757153b1fb7958080fab0 100644 (file)
@@ -10,7 +10,8 @@ dir_options = {
     'with-lockdir'                        : [ '${PREFIX}/var/locks', 'where to put lock files' ],
     'with-codepagedir'                    : [ '${PREFIX}/lib/samba', 'where to put codepages' ],
     'with-privatedir'                     : [ '${PREFIX}/private', 'where to put smbpasswd' ],
-    'with-cachedir'                       : [ '${PREFIX}/var/locks', 'where to put temporary cache files' ]
+    'with-cachedir'                       : [ '${PREFIX}/var/locks', 'where to put temporary cache files' ],
+    'with-localedir'                      : [ '${PREFIX}/share/locale', 'Where to put po files' ]
     }
 
 # list of cflags to use for dynconfig.c
@@ -37,6 +38,7 @@ dyn_cflags = {
     'NTP_SIGND_SOCKET_DIR'           : '${NTP_SIGND_SOCKET_DIR}',
     'CODEPAGEDIR'                    : '${CODEPAGEDIR}',
     'CACHEDIR'                       : '${CACHEDIR}',
+    'LOCALEDIR'                      : '${LOCALEDIR}',
     'SMB_PASSWD_FILE'                : '${PRIVATEDIR}/smbpasswd',
     }
 
index f27e279d6b4facab3d1eca4e53eea6f6600ba0fc..2cbcbe6de1c00537d1f26b062d26ce22dec41c4d 100644 (file)
@@ -43,6 +43,9 @@ def build(bld):
                         '../dynconfig.c',
                         deps='replace talloc tdb popt',
                         cflags=cflags)
+    bld.SAMBA_SUBSYSTEM('LOCALE_DIR',
+                        '../localedir.c',
+                        cflags=cflags)
 
 def dynconfig_cflags(bld):
     '''work out the extra CFLAGS for dynconfig.c'''
index c91155991143941870c2c054093d1e078786f8ad..86d64f6afa539b9d54fe2d85e3b03a001ba39abc 100644 (file)
@@ -1119,7 +1119,7 @@ static int do_get(const char *rname, const char *lname_in, bool reget)
                int this_time;
 
                clock_gettime_mono(&tp_end);
-               this_time = TspecDiff(&tp_start,&tp_end);
+               this_time = nsec_time_diff(&tp_end,&tp_start)/1000000;
                get_total_time_ms += this_time;
                get_total_size += nread;
 
@@ -1768,7 +1768,7 @@ static int do_put(const char *rname, const char *lname, bool reput)
                int this_time;
 
                clock_gettime_mono(&tp_end);
-               this_time = TspecDiff(&tp_start,&tp_end);
+               this_time = nsec_time_diff(&tp_end,&tp_start)/1000000;
                put_total_time_ms += this_time;
                put_total_size += state.nread;
 
index 140fd28d978e9158e673f3fa5596861df9a05ef4..dab2520fc199564287e3daec309de0329a2b8afc 100644 (file)
@@ -23,6 +23,7 @@
 #include "includes.h"
 #include "groupdb/mapping.h"
 #include "dbwrap.h"
+#include "../libcli/security/dom_sid.h"
 
 static struct db_context *db; /* used for driver files */
 
@@ -340,7 +341,7 @@ static int collect_map(struct db_record *rec, void *private_data)
        }
 
        if ((state->domsid != NULL) &&
-           (sid_compare_domain(state->domsid, &map.sid) != 0)) {
+           (dom_sid_compare_domain(state->domsid, &map.sid) != 0)) {
                DEBUG(11,("enum_group_mapping: group %s is not in domain\n",
                          sid_string_dbg(&map.sid)));
                return 0;
@@ -455,7 +456,7 @@ static bool is_aliasmem(const struct dom_sid *alias, const struct dom_sid *membe
                return False;
 
        for (i=0; i<num; i++) {
-               if (sid_compare(alias, &sids[i]) == 0) {
+               if (dom_sid_compare(alias, &sids[i]) == 0) {
                        TALLOC_FREE(sids);
                        return True;
                }
@@ -576,7 +577,7 @@ static int collect_aliasmem(struct db_record *rec, void *priv)
                if (!string_to_sid(&alias, alias_string))
                        continue;
 
-               if (sid_compare(state->alias, &alias) != 0)
+               if (dom_sid_compare(state->alias, &alias) != 0)
                        continue;
 
                /* Ok, we found the alias we're looking for in the membership
@@ -656,7 +657,7 @@ static NTSTATUS del_aliasmem(const struct dom_sid *alias, const struct dom_sid *
        }
 
        for (i=0; i<num; i++) {
-               if (sid_compare(&sids[i], alias) == 0) {
+               if (dom_sid_compare(&sids[i], alias) == 0) {
                        found = True;
                        break;
                }
index 2e45b7964d8a2c189bfbec7936b4736c12d2c684..a17e014ca91c3d1f7b3ed3d1941982b2dffdc7c4 100644 (file)
@@ -653,18 +653,11 @@ extern void *cmdline_lp_ctx;
 #include "session.h"
 #include "module.h"
 #include "packet.h"
-#include "ctdbd_conn.h"
 #include "../lib/util/talloc_stack.h"
 #include "serverid.h"
-#include "async_smb.h"
-#include "../lib/async_req/async_sock.h"
 #include "../lib/util/smb_threads.h"
 #include "../lib/util/smb_threads_internal.h"
 
-/* forward declarations from smbldap.c */
-
-#include "smbldap.h"
-
 /*
  * Reasons for cache flush.
  */
@@ -769,10 +762,6 @@ enum flush_reason_enum {
 #define PASSWORD_LENGTH 8
 #endif
 
-#ifndef HAVE_PIPE
-#define SYNC_DNS 1
-#endif
-
 #if defined(HAVE_CRYPT16) && defined(HAVE_GETAUTHUID)
 #define ULTRIX_AUTH 1
 #endif
index 6fe8f641ba28fe93a3e9f78d6511aed8c564e813..5bb91c53ebcdd67b6060995141f0e4a4148bfcc3 100644 (file)
@@ -740,43 +740,6 @@ bool share_access_check(const struct security_token *token, const char *sharenam
                        uint32 desired_access);
 bool parse_usershare_acl(TALLOC_CTX *ctx, const char *acl_str, struct security_descriptor **ppsd);
 
-/* The following definitions come from lib/smbldap.c  */
-
-int smb_ldap_start_tls(LDAP *ldap_struct, int version);
-int smb_ldap_setup_full_conn(LDAP **ldap_struct, const char *uri);
-int smbldap_search(struct smbldap_state *ldap_state, 
-                  const char *base, int scope, const char *filter, 
-                  const char *attrs[], int attrsonly, 
-                  LDAPMessage **res);
-int smbldap_search_paged(struct smbldap_state *ldap_state, 
-                        const char *base, int scope, const char *filter, 
-                        const char **attrs, int attrsonly, int pagesize,
-                        LDAPMessage **res, void **cookie);
-int smbldap_modify(struct smbldap_state *ldap_state, const char *dn, LDAPMod *attrs[]);
-int smbldap_add(struct smbldap_state *ldap_state, const char *dn, LDAPMod *attrs[]);
-int smbldap_delete(struct smbldap_state *ldap_state, const char *dn);
-int smbldap_extended_operation(struct smbldap_state *ldap_state, 
-                              LDAP_CONST char *reqoid, struct berval *reqdata, 
-                              LDAPControl **serverctrls, LDAPControl **clientctrls, 
-                              char **retoidp, struct berval **retdatap);
-int smbldap_search_suffix (struct smbldap_state *ldap_state,
-                          const char *filter, const char **search_attr,
-                          LDAPMessage ** result);
-void smbldap_free_struct(struct smbldap_state **ldap_state) ;
-NTSTATUS smbldap_init(TALLOC_CTX *mem_ctx, struct event_context *event_ctx,
-                     const char *location,
-                     struct smbldap_state **smbldap_state);
-bool smbldap_has_control(LDAP *ld, const char *control);
-bool smbldap_has_extension(LDAP *ld, const char *extension);
-bool smbldap_has_naming_context(LDAP *ld, const char *naming_context);
-bool smbldap_set_creds(struct smbldap_state *ldap_state, bool anon, const char *dn, const char *secret);
-
-/* The following definitions come from lib/smbldap_util.c  */
-
-NTSTATUS smbldap_search_domain_info(struct smbldap_state *ldap_state,
-                                    LDAPMessage ** result, const char *domain_name,
-                                    bool try_add);
-
 /* The following definitions come from lib/smbrun.c  */
 
 int smbrun_no_sanitize(const char *cmd, int *outfd);
@@ -1153,7 +1116,6 @@ char *unix_clean_name(TALLOC_CTX *ctx, const char *s);
 char *clean_name(TALLOC_CTX *ctx, const char *s);
 ssize_t write_data_at_offset(int fd, const char *buffer, size_t N, SMB_OFF_T pos);
 int set_blocking(int fd, bool set);
-void smb_msleep(unsigned int t);
 NTSTATUS reinit_after_fork(struct messaging_context *msg_ctx,
                           struct event_context *ev_ctx,
                           struct server_id id,
@@ -1332,13 +1294,9 @@ bool sid_peek_check_rid(const struct dom_sid *exp_dom_sid, const struct dom_sid
 void sid_copy(struct dom_sid *dst, const struct dom_sid *src);
 bool sid_linearize(char *outbuf, size_t len, const struct dom_sid *sid);
 bool sid_parse(const char *inbuf, size_t len, struct dom_sid *sid);
-int sid_compare(const struct dom_sid *sid1, const struct dom_sid *sid2);
-int sid_compare_domain(const struct dom_sid *sid1, const struct dom_sid *sid2);
-bool sid_equal(const struct dom_sid *sid1, const struct dom_sid *sid2);
 bool non_mappable_sid(struct dom_sid *sid);
 char *sid_binstring(TALLOC_CTX *mem_ctx, const struct dom_sid *sid);
 char *sid_binstring_hex(const struct dom_sid *sid);
-struct dom_sid *sid_dup_talloc(TALLOC_CTX *ctx, const struct dom_sid *src);
 NTSTATUS add_sid_to_array(TALLOC_CTX *mem_ctx, const struct dom_sid *sid,
                          struct dom_sid **sids, uint32_t *num);
 NTSTATUS add_sid_to_array_unique(TALLOC_CTX *mem_ctx, const struct dom_sid *sid,
@@ -3944,17 +3902,17 @@ NTSTATUS make_pdb_method( struct pdb_methods **methods ) ;
 
 /* The following definitions come from passdb/pdb_ldap.c  */
 
+struct ldapsam_privates;
+
 const char** get_userattr_list( TALLOC_CTX *mem_ctx, int schema_ver );
-int ldapsam_search_suffix_by_name(struct ldapsam_privates *ldap_state,
-                                         const char *user,
-                                         LDAPMessage ** result,
-                                         const char **attr);
 NTSTATUS pdb_init_ldapsam_compat(struct pdb_methods **pdb_method, const char *location);
 NTSTATUS pdb_init_ldapsam(struct pdb_methods **pdb_method, const char *location);
 NTSTATUS pdb_ldap_init(void);
 
 /* The following definitions come from passdb/pdb_nds.c  */
 
+struct smbldap_state;
+
 int pdb_nds_get_password(
        struct smbldap_state *ldap_state,
        char *object_dn,
@@ -5677,5 +5635,6 @@ uint32_t ds_uf2acb(uint32_t uf);
 uint32_t ds_uf2atype(uint32_t uf);
 uint32_t ds_gtype2atype(uint32_t gtype);
 enum lsa_SidType ds_atype_map(uint32_t atype);
+uint32_t ds_uf2prim_group_rid(uint32_t uf);
 
 #endif /*  _PROTO_H_  */
index 66a364d97d8cb60d4a215684c5687250b16d22b4..600fffe679b9d950889b0f07e69f10a33205feb7 100644 (file)
@@ -169,25 +169,18 @@ WERROR reg_getkeysecurity(TALLOC_CTX *mem_ctx, struct registry_key *key,
 WERROR reg_setkeysecurity(struct registry_key *key,
                          struct security_descriptor *psecdesc);
 WERROR reg_getversion(uint32_t *version);
-WERROR reg_restorekey(struct registry_key *key, const char *fname);
-WERROR reg_savekey(struct registry_key *key, const char *fname);
 WERROR reg_deleteallvalues(struct registry_key *key);
-WERROR reg_open_path(TALLOC_CTX *mem_ctx, const char *orig_path,
-                    uint32 desired_access, const struct security_token *token,
-                    struct registry_key **pkey);
 WERROR reg_deletekey_recursive(TALLOC_CTX *ctx,
                               struct registry_key *parent,
                               const char *path);
 WERROR reg_deletesubkeys_recursive(TALLOC_CTX *ctx,
                                   struct registry_key *parent,
                                   const char *path);
-WERROR reg_create_path(TALLOC_CTX *mem_ctx, const char *orig_path,
-                      uint32 desired_access,
-                      const struct security_token *token,
-                      enum winreg_CreateAction *paction,
-                      struct registry_key **pkey);
-WERROR reg_delete_path(const struct security_token *token,
-                      const char *orig_path);
+
+/* The following definitions come from registry/reg_api_regf.c  */
+
+WERROR reg_restorekey(struct registry_key *key, const char *fname);
+WERROR reg_savekey(struct registry_key *key, const char *fname);
 
 /* The following definitions come from registry/reg_init_basic.c  */
 
index e72f2aab68c02a392be26d65fd31aa3e0adfdc9d..9f4b345b843bc3b911b126e72f3969bb63437709 100644 (file)
 #define ENCRYPTION_REQUIRED(conn) ((conn) ? ((conn)->encrypt_level == Required) : false)
 #define IS_CONN_ENCRYPTED(conn) ((conn) ? (conn)->encrypted_tid : false)
 
-/*******************************************************************
-find the difference in milliseconds between two struct timeval
-values
-********************************************************************/
-
-#define TvalDiff(tvalold,tvalnew) \
-  (((tvalnew)->tv_sec - (tvalold)->tv_sec)*1000 +  \
-        ((int)(tvalnew)->tv_usec - (int)(tvalold)->tv_usec)/1000)
-
-/*******************************************************************
-find the difference in milliseconds between two struct timespec
-values
-********************************************************************/
-
-#define TspecDiff(tvalold,tvalnew) \
-  (((tvalnew)->tv_sec - (tvalold)->tv_sec)*1000 +  \
-        ((int)(tvalnew)->tv_nsec - (int)(tvalold)->tv_nsec)/1000000)
-
 /****************************************************************************
 true if two IPv4 addresses are equal
 ****************************************************************************/
index 060fcc21eb0ff77e798ff6591ede5b60cf868ed7..ffe618d4f7ba1323375169b01266cad9790403a4 100644 (file)
@@ -233,6 +233,43 @@ char *smbldap_talloc_dn(TALLOC_CTX *mem_ctx, LDAP *ld,
                              LDAPMessage *entry);
 
 
+/* The following definitions come from lib/smbldap.c  */
+
+int smb_ldap_start_tls(LDAP *ldap_struct, int version);
+int smb_ldap_setup_full_conn(LDAP **ldap_struct, const char *uri);
+int smbldap_search(struct smbldap_state *ldap_state,
+                  const char *base, int scope, const char *filter,
+                  const char *attrs[], int attrsonly,
+                  LDAPMessage **res);
+int smbldap_search_paged(struct smbldap_state *ldap_state,
+                        const char *base, int scope, const char *filter,
+                        const char **attrs, int attrsonly, int pagesize,
+                        LDAPMessage **res, void **cookie);
+int smbldap_modify(struct smbldap_state *ldap_state, const char *dn, LDAPMod *attrs[]);
+int smbldap_add(struct smbldap_state *ldap_state, const char *dn, LDAPMod *attrs[]);
+int smbldap_delete(struct smbldap_state *ldap_state, const char *dn);
+int smbldap_extended_operation(struct smbldap_state *ldap_state,
+                              LDAP_CONST char *reqoid, struct berval *reqdata,
+                              LDAPControl **serverctrls, LDAPControl **clientctrls,
+                              char **retoidp, struct berval **retdatap);
+int smbldap_search_suffix (struct smbldap_state *ldap_state,
+                          const char *filter, const char **search_attr,
+                          LDAPMessage ** result);
+void smbldap_free_struct(struct smbldap_state **ldap_state) ;
+NTSTATUS smbldap_init(TALLOC_CTX *mem_ctx, struct event_context *event_ctx,
+                     const char *location,
+                     struct smbldap_state **smbldap_state);
+bool smbldap_has_control(LDAP *ld, const char *control);
+bool smbldap_has_extension(LDAP *ld, const char *extension);
+bool smbldap_has_naming_context(LDAP *ld, const char *naming_context);
+bool smbldap_set_creds(struct smbldap_state *ldap_state, bool anon, const char *dn, const char *secret);
+
+/* The following definitions come from lib/smbldap_util.c  */
+
+NTSTATUS smbldap_search_domain_info(struct smbldap_state *ldap_state,
+                                    LDAPMessage ** result, const char *domain_name,
+                                    bool try_add);
+
 #else
 #define LDAP void
 #define LDAPMessage void
index ff286148eb4c9d0430552571a54daec73026a0ca..e0682f3a7412a8bbbdb912541cad3f8342712ff3 100644 (file)
@@ -24,6 +24,7 @@
 
 #include "librpc/gen_ndr/messaging.h"
 #include "librpc/gen_ndr/ndr_messaging.h"
+#include "ctdbd_conn.h"
 
 /* paths to these include files come from --with-ctdb= in configure */
 #include "ctdb.h"
index 02e054b680ea17736e71f9415533e2b7c87e49e7..dd87ae110062e0c790b9028a5cd386e6d71631ce 100644 (file)
@@ -319,14 +319,6 @@ void dump_core_setup(const char *progname)
 #endif
 #endif
 
-#if defined(HAVE_PRCTL) && defined(PR_SET_DUMPABLE)
-       /* On Linux we lose the ability to dump core when we change our user
-        * ID. We know how to dump core safely, so let's make sure we have our
-        * dumpable flag set.
-        */
-       prctl(PR_SET_DUMPABLE, 1);
-#endif
-
        /* FIXME: if we have a core-plus-pid facility, configurably set
         * this up here.
         */
@@ -382,6 +374,14 @@ void dump_core_setup(const char *progname)
        umask(~(0700));
        dbgflush();
 
+#if defined(HAVE_PRCTL) && defined(PR_SET_DUMPABLE)
+       /* On Linux we lose the ability to dump core when we change our user
+        * ID. We know how to dump core safely, so let's make sure we have our
+        * dumpable flag set.
+        */
+       prctl(PR_SET_DUMPABLE, 1);
+#endif
+
        /* Ensure we don't have a signal handler for abort. */
 #ifdef SIGABRT
        CatchSignal(SIGABRT, SIG_DFL);
index 6e4c6d796c7b49eada633d325e7b8b56d5e727c3..edb77869cc0b784fb9274d2f8b0b8fdadd50ea88 100644 (file)
@@ -20,6 +20,7 @@
 #include "includes.h"
 #include "g_lock.h"
 #include "librpc/gen_ndr/messaging.h"
+#include "ctdbd_conn.h"
 
 static NTSTATUS g_lock_force_unlock(struct g_lock_ctx *ctx, const char *name,
                                    struct server_id pid);
index e3ced90a20006fcff5c17d4b8ff7bad1f7f4d2b5..0c393ea3beb97d96f17358df2a80700fd3667837 100644 (file)
@@ -58,7 +58,8 @@ enum {
        OPT_SITE,
        OPT_ACCOUNT,
        OPT_RET_DNS,
-       OPT_RET_NETBIOS
+       OPT_RET_NETBIOS,
+       OPT_DSREGDNS
 };
 
 /****************************************************************
@@ -207,6 +208,7 @@ int main(int argc, const char **argv)
        char *opt_account = NULL;
        int opt_ret_dns = 0;
        int opt_ret_netbios = 0;
+       int opt_dsregdns = 0;
        uint32_t query_level = 0;
        uint8_t *buffer = NULL;
        uint32_t flags = 0;
@@ -244,6 +246,7 @@ int main(int argc, const char **argv)
                {"account", 0, POPT_ARG_STRING, &opt_account, OPT_ACCOUNT, "ACCOUNT"},
                {"ret_dns", 0, POPT_ARG_NONE, &opt_ret_dns, OPT_RET_DNS, NULL},
                {"ret_netbios", 0, POPT_ARG_NONE, &opt_ret_netbios, OPT_RET_NETBIOS, NULL},
+               {"dsregdns", 0, POPT_ARG_NONE, &opt_dsregdns, OPT_DSREGDNS, "Force registration of all DC-specific DNS records"},
                POPT_COMMON_LIBNETAPI_EXAMPLES
                POPT_TABLEEND
        };
@@ -362,6 +365,23 @@ int main(int argc, const char **argv)
 
                        print_netlogon_info_result(query_level, buffer);
 
+                       break;
+               case OPT_DSREGDNS:
+                       query_level = 1;
+                       status = I_NetLogonControl2(opt_server,
+                                                   NETLOGON_CONTROL_FORCE_DNS_REG,
+                                                   query_level,
+                                                   NULL,
+                                                   &buffer);
+                       if (status != 0) {
+                               fprintf(stderr, "I_NetlogonControl failed: Status = %d 0x%x %s\n",
+                                       status, status,
+                                       libnetapi_get_error_string(ctx, status));
+                               goto done;
+                       }
+
+                       print_netlogon_info_result(query_level, buffer);
+
                        break;
                case OPT_DSGETDC:
                        if (opt_pdc)
index 53114b5d7d9993fe7c30d44b47524c8977ec8ede..6a926953c0d1f26c24da40258290d6696ccdd1fa 100644 (file)
@@ -25,6 +25,7 @@
 #include "lib/netapi/libnetapi.h"
 #include "../librpc/gen_ndr/cli_samr.h"
 #include "rpc_client/init_lsa.h"
+#include "../libcli/security/dom_sid.h"
 
 /****************************************************************
 ****************************************************************/
@@ -603,7 +604,7 @@ static WERROR map_group_info_to_buffer(TALLOC_CTX *mem_ctx,
                        info3.grpi3_name        = info->name.string;
                        info3.grpi3_comment     = info->description.string;
                        info3.grpi3_attributes  = info->attributes;
-                       info3.grpi3_group_sid   = (struct domsid *)sid_dup_talloc(mem_ctx, &sid);
+                       info3.grpi3_group_sid   = (struct domsid *)dom_sid_dup(mem_ctx, &sid);
 
                        *buffer = (uint8_t *)talloc_memdup(mem_ctx, &info3, sizeof(info3));
 
@@ -1086,7 +1087,7 @@ static WERROR convert_samr_disp_groups_to_GROUP_INFO_3_buffer(TALLOC_CTX *mem_ct
                        groups->entries[i].account_name.string);
                g3[i].grpi3_comment = talloc_strdup(mem_ctx,
                        groups->entries[i].description.string);
-               g3[i].grpi3_group_sid = (struct domsid *)sid_dup_talloc(mem_ctx, &sid);
+               g3[i].grpi3_group_sid = (struct domsid *)dom_sid_dup(mem_ctx, &sid);
                g3[i].grpi3_attributes = groups->entries[i].acct_flags;
                W_ERROR_HAVE_NO_MEMORY(g3[i].grpi3_name);
        }
index 69cf97422577a20bab792e7a491ffd65507214ee..c9e1b722bd324d08456b5aaa14c2aeeb902cb7b2 100644 (file)
@@ -27,6 +27,7 @@
 #include "../librpc/gen_ndr/cli_lsa.h"
 #include "rpc_client/cli_lsarpc.h"
 #include "rpc_client/init_lsa.h"
+#include "../libcli/security/dom_sid.h"
 
 static NTSTATUS libnetapi_samr_lookup_and_open_alias(TALLOC_CTX *mem_ctx,
                                                     struct rpc_pipe_client *pipe_cli,
@@ -1171,7 +1172,7 @@ static WERROR NetLocalGroupModifyMembers_r(struct libnetapi_ctx *ctx,
                for (i=0; i < r->in.total_entries; i++) {
                        bool already_member = false;
                        for (k=0; k < current_sids.num_sids; k++) {
-                               if (sid_equal(&member_sids[i],
+                               if (dom_sid_equal(&member_sids[i],
                                              current_sids.sids[k].sid)) {
                                        already_member = true;
                                        break;
@@ -1193,7 +1194,7 @@ static WERROR NetLocalGroupModifyMembers_r(struct libnetapi_ctx *ctx,
                for (k=0; k < current_sids.num_sids; k++) {
                        bool keep_member = false;
                        for (i=0; i < r->in.total_entries; i++) {
-                               if (sid_equal(&member_sids[i],
+                               if (dom_sid_equal(&member_sids[i],
                                              current_sids.sids[k].sid)) {
                                        keep_member = true;
                                        break;
index d58b7ccf67ffb034ea6ccf799de548794fab8e0e..932ab8bb1d57281466d72d68d278162a50ee618a 100644 (file)
@@ -43,6 +43,9 @@ static WERROR construct_data(enum netr_LogonControlCode function_code,
        case NETLOGON_CONTROL_SET_DBFLAG:
                data_out->debug_level = atoi((const char *)data_in);
                break;
+       case NETLOGON_CONTROL_FORCE_DNS_REG:
+               ZERO_STRUCTP(data_out);
+               break;
        default:
                return WERR_INVALID_PARAM;
        }
@@ -193,6 +196,7 @@ WERROR I_NetLogonControl2_r(struct libnetapi_ctx *ctx,
        switch (r->in.function_code) {
        case NETLOGON_CONTROL_TC_VERIFY:
        case NETLOGON_CONTROL_SET_DBFLAG:
+       case NETLOGON_CONTROL_FORCE_DNS_REG:
                status = rpccli_netr_LogonControl2Ex(pipe_cli, ctx,
                                                     r->in.server_name,
                                                     r->in.function_code,
index 67a7443cd484b81c5f76ea51136499b4273e48e1..de0fc7da6e9919586b17b75d23ab953c25a790fd 100644 (file)
@@ -27,6 +27,7 @@
 #include "rpc_client/init_samr.h"
 #include "../libds/common/flags.h"
 #include "rpc_client/init_lsa.h"
+#include "../libcli/security/dom_sid.h"
 
 /****************************************************************
 ****************************************************************/
@@ -705,12 +706,12 @@ static NTSTATUS libnetapi_samr_lookup_user(TALLOC_CTX *mem_ctx,
 
                for (i=0; i<rid_array->count; i++) {
                        sid_compose(&sid, domain_sid, rid_array->rids[i].rid);
-                       sid_array.sids[i].sid = sid_dup_talloc(mem_ctx, &sid);
+                       sid_array.sids[i].sid = dom_sid_dup(mem_ctx, &sid);
                        NT_STATUS_HAVE_NO_MEMORY(sid_array.sids[i].sid);
                }
 
                sid_compose(&sid, domain_sid, rid);
-               sid_array.sids[i].sid = sid_dup_talloc(mem_ctx, &sid);
+               sid_array.sids[i].sid = dom_sid_dup(mem_ctx, &sid);
                NT_STATUS_HAVE_NO_MEMORY(sid_array.sids[i].sid);
 
                status = rpccli_samr_GetAliasMembership(pipe_cli, mem_ctx,
@@ -923,7 +924,7 @@ static NTSTATUS info21_to_USER_INFO_4(TALLOC_CTX *mem_ctx,
        if (!sid_compose(&sid, domain_sid, i21->rid)) {
                return NT_STATUS_NO_MEMORY;
        }
-       i->usri4_user_sid       = (struct domsid *)sid_dup_talloc(mem_ctx, &sid);
+       i->usri4_user_sid       = (struct domsid *)dom_sid_dup(mem_ctx, &sid);
        i->usri4_primary_group_id = i21->primary_gid;
        i->usri4_profile        = talloc_strdup(mem_ctx, i21->profile_path.string);
        i->usri4_home_dir_drive = talloc_strdup(mem_ctx, i21->home_drive.string);
@@ -1024,7 +1025,7 @@ static NTSTATUS info21_to_USER_INFO_23(TALLOC_CTX *mem_ctx,
        if (!sid_compose(&sid, domain_sid, i21->rid)) {
                return NT_STATUS_NO_MEMORY;
        }
-       i->usri23_user_sid      = (struct domsid *)sid_dup_talloc(mem_ctx, &sid);
+       i->usri23_user_sid      = (struct domsid *)dom_sid_dup(mem_ctx, &sid);
 
        return NT_STATUS_OK;
 }
@@ -2066,7 +2067,7 @@ static NTSTATUS query_USER_MODALS_INFO_2(TALLOC_CTX *mem_ctx,
        info2->usrmod2_domain_name =
                talloc_strdup(mem_ctx, dom_info5.domain_name.string);
        info2->usrmod2_domain_id =
-               (struct domsid *)sid_dup_talloc(mem_ctx, domain_sid);
+               (struct domsid *)dom_sid_dup(mem_ctx, domain_sid);
 
        NT_STATUS_HAVE_NO_MEMORY(info2->usrmod2_domain_name);
        NT_STATUS_HAVE_NO_MEMORY(info2->usrmod2_domain_id);
@@ -3334,7 +3335,7 @@ WERROR NetUserGetLocalGroups_r(struct libnetapi_ctx *ctx,
                goto done;
        }
 
-       sid_array.sids[0].sid = sid_dup_talloc(ctx, &user_sid);
+       sid_array.sids[0].sid = dom_sid_dup(ctx, &user_sid);
        if (!sid_array.sids[0].sid) {
                werr = WERR_NOMEM;
                goto done;
@@ -3348,7 +3349,7 @@ WERROR NetUserGetLocalGroups_r(struct libnetapi_ctx *ctx,
                        goto done;
                }
 
-               sid_array.sids[i+1].sid = sid_dup_talloc(ctx, &sid);
+               sid_array.sids[i+1].sid = dom_sid_dup(ctx, &sid);
                if (!sid_array.sids[i+1].sid) {
                        werr = WERR_NOMEM;
                        goto done;
index b9ed955dee04bbbe961d39ebc68ce2be539c19fe..11256817a5b017658c405ba4ab1f0edf2d5fed72 100644 (file)
@@ -22,6 +22,7 @@
 
 #include "includes.h"
 #include "../librpc/gen_ndr/ndr_security.h"
+#include "../libcli/security/dom_sid.h"
 
 #define ALL_SECURITY_INFORMATION (SECINFO_OWNER|SECINFO_GROUP|\
                                        SECINFO_DACL|SECINFO_SACL|\
@@ -190,10 +191,10 @@ struct security_descriptor *make_sec_desc(TALLOC_CTX *ctx,
        dst->sacl      = NULL;
        dst->dacl      = NULL;
 
-       if(owner_sid && ((dst->owner_sid = sid_dup_talloc(dst,owner_sid)) == NULL))
+       if(owner_sid && ((dst->owner_sid = dom_sid_dup(dst,owner_sid)) == NULL))
                goto error_exit;
 
-       if(grp_sid && ((dst->group_sid = sid_dup_talloc(dst,grp_sid)) == NULL))
+       if(grp_sid && ((dst->group_sid = dom_sid_dup(dst,grp_sid)) == NULL))
                goto error_exit;
 
        if(sacl && ((dst->sacl = dup_sec_acl(dst, sacl)) == NULL))
@@ -607,10 +608,10 @@ NTSTATUS se_create_child_secdesc(TALLOC_CTX *ctx,
                }
 
                /* The CREATOR sids are special when inherited */
-               if (sid_equal(ptrustee, &global_sid_Creator_Owner)) {
+               if (dom_sid_equal(ptrustee, &global_sid_Creator_Owner)) {
                        creator = &global_sid_Creator_Owner;
                        ptrustee = owner_sid;
-               } else if (sid_equal(ptrustee, &global_sid_Creator_Group)) {
+               } else if (dom_sid_equal(ptrustee, &global_sid_Creator_Group)) {
                        creator = &global_sid_Creator_Group;
                        ptrustee = group_sid;
                }
index ba27b482067ad2d158e179dc61b58c22ab89ff5f..cafa3bfee479358fe6ba0939bfe320f665aa4fc7 100644 (file)
@@ -22,6 +22,7 @@
 #include "registry.h"
 #include "registry/reg_backend_db.h"
 #include "registry/reg_util_token.h"
+#include "registry/reg_api_util.h"
 #include "lib/smbconf/smbconf_init.h"
 #include "lib/smbconf/smbconf_reg.h"
 
index 3303894e0e50c7b807de90ed9dc435422ef4c88e..28336512df9ec24f4a0026eae1937086ed9c3e23 100644 (file)
@@ -24,6 +24,7 @@
 #include "includes.h"
 #include "popt_common.h"
 #include "secrets.h"
+#include "ctdbd_conn.h"
 
 extern char *global_clobber_region_function;
 extern unsigned int global_clobber_region_line;
@@ -823,55 +824,6 @@ ssize_t write_data_at_offset(int fd, const char *buffer, size_t N, SMB_OFF_T pos
 #endif
 }
 
-/*******************************************************************
- Sleep for a specified number of milliseconds.
-********************************************************************/
-
-void smb_msleep(unsigned int t)
-{
-#if defined(HAVE_NANOSLEEP)
-       struct timespec tval;
-       int ret;
-
-       tval.tv_sec = t/1000;
-       tval.tv_nsec = 1000000*(t%1000);
-
-       do {
-               errno = 0;
-               ret = nanosleep(&tval, &tval);
-       } while (ret < 0 && errno == EINTR && (tval.tv_sec > 0 || tval.tv_nsec > 0));
-#else
-       unsigned int tdiff=0;
-       struct timeval tval,t1,t2;  
-       fd_set fds;
-
-       GetTimeOfDay(&t1);
-       t2 = t1;
-
-       while (tdiff < t) {
-               tval.tv_sec = (t-tdiff)/1000;
-               tval.tv_usec = 1000*((t-tdiff)%1000);
-
-               /* Never wait for more than 1 sec. */
-               if (tval.tv_sec > 1) {
-                       tval.tv_sec = 1; 
-                       tval.tv_usec = 0;
-               }
-
-               FD_ZERO(&fds);
-               errno = 0;
-               sys_select_intr(0,&fds,NULL,NULL,&tval);
-
-               GetTimeOfDay(&t2);
-               if (t2.tv_sec < t1.tv_sec) {
-                       /* Someone adjusted time... */
-                       t1 = t2;
-               }
-
-               tdiff = TvalDiff(&t1,&t2);
-       }
-#endif
-}
 
 NTSTATUS reinit_after_fork(struct messaging_context *msg_ctx,
                           struct event_context *ev_ctx,
index 3130ed89fbf332955b2ccfc95923f8c342de8437..680dd29ba77b10a4f52d451cc26dc1b85111e28f 100644 (file)
@@ -26,6 +26,7 @@
 /* function(s) moved from auth/auth_util.c to minimize linker deps */
 
 #include "includes.h"
+#include "../libcli/security/dom_sid.h"
 
 /****************************************************************************
  Duplicate a SID token.
@@ -120,7 +121,7 @@ bool token_sid_in_ace(const struct security_token *token, const struct security_
        size_t i;
 
        for (i = 0; i < token->num_sids; i++) {
-               if (sid_equal(&ace->trustee, &token->sids[i]))
+               if (dom_sid_equal(&ace->trustee, &token->sids[i]))
                        return true;
        }
 
index 92218ff2b27399f3b9626c511101d58a4d918d31..d75c8e2c9716a4b2ce7fc023025839e610a5ffd7 100644 (file)
@@ -244,7 +244,7 @@ bool sid_peek_check_rid(const struct dom_sid *exp_dom_sid, const struct dom_sid
                return False;
        }
 
-       if (sid_compare_domain(exp_dom_sid, sid)!=0){
+       if (dom_sid_compare_domain(exp_dom_sid, sid)!=0){
                *rid=(-1);
                return False;
        }
@@ -307,84 +307,6 @@ bool sid_parse(const char *inbuf, size_t len, struct dom_sid *sid)
        return true;
 }
 
-/*****************************************************************
- Compare the auth portion of two sids.
-*****************************************************************/  
-
-static int sid_compare_auth(const struct dom_sid *sid1, const struct dom_sid *sid2)
-{
-       int i;
-
-       if (sid1 == sid2)
-               return 0;
-       if (!sid1)
-               return -1;
-       if (!sid2)
-               return 1;
-
-       if (sid1->sid_rev_num != sid2->sid_rev_num)
-               return sid1->sid_rev_num - sid2->sid_rev_num;
-
-       for (i = 0; i < 6; i++)
-               if (sid1->id_auth[i] != sid2->id_auth[i])
-                       return sid1->id_auth[i] - sid2->id_auth[i];
-
-       return 0;
-}
-
-/*****************************************************************
- Compare two sids.
-*****************************************************************/  
-
-int sid_compare(const struct dom_sid *sid1, const struct dom_sid *sid2)
-{
-       int i;
-
-       if (sid1 == sid2)
-               return 0;
-       if (!sid1)
-               return -1;
-       if (!sid2)
-               return 1;
-
-       /* Compare most likely different rids, first: i.e start at end */
-       if (sid1->num_auths != sid2->num_auths)
-               return sid1->num_auths - sid2->num_auths;
-
-       for (i = sid1->num_auths-1; i >= 0; --i)
-               if (sid1->sub_auths[i] != sid2->sub_auths[i])
-                       return sid1->sub_auths[i] - sid2->sub_auths[i];
-
-       return sid_compare_auth(sid1, sid2);
-}
-
-/*****************************************************************
- See if 2 SIDs are in the same domain
- this just compares the leading sub-auths
-*****************************************************************/  
-
-int sid_compare_domain(const struct dom_sid *sid1, const struct dom_sid *sid2)
-{
-       int n, i;
-
-       n = MIN(sid1->num_auths, sid2->num_auths);
-
-       for (i = n-1; i >= 0; --i)
-               if (sid1->sub_auths[i] != sid2->sub_auths[i])
-                       return sid1->sub_auths[i] - sid2->sub_auths[i];
-
-       return sid_compare_auth(sid1, sid2);
-}
-
-/*****************************************************************
- Compare two sids.
-*****************************************************************/  
-
-bool sid_equal(const struct dom_sid *sid1, const struct dom_sid *sid2)
-{
-       return sid_compare(sid1, sid2) == 0;
-}
-
 /*****************************************************************
  Returns true if SID is internal (and non-mappable).
 *****************************************************************/
@@ -397,10 +319,10 @@ bool non_mappable_sid(struct dom_sid *sid)
        sid_copy(&dom, sid);
        sid_split_rid(&dom, &rid);
 
-       if (sid_equal(&dom, &global_sid_Builtin))
+       if (dom_sid_equal(&dom, &global_sid_Builtin))
                return True;
 
-       if (sid_equal(&dom, &global_sid_NT_Authority))
+       if (dom_sid_equal(&dom, &global_sid_NT_Authority))
                return True;
 
        return False;
@@ -444,25 +366,6 @@ char *sid_binstring_hex(const struct dom_sid *sid)
        return s;
 }
 
-/*******************************************************************
- Tallocs a duplicate SID. 
-********************************************************************/ 
-
-struct dom_sid *sid_dup_talloc(TALLOC_CTX *ctx, const struct dom_sid *src)
-{
-       struct dom_sid *dst;
-
-       if (src == NULL) {
-               return NULL;
-       }
-       dst = talloc_zero(ctx, struct dom_sid);
-       if (dst == NULL) {
-               return NULL;
-       }
-       sid_copy(dst, src);
-       return dst;
-}
-
 /********************************************************************
  Add SID to an array SIDs
 ********************************************************************/
@@ -494,7 +397,7 @@ NTSTATUS add_sid_to_array_unique(TALLOC_CTX *mem_ctx, const struct dom_sid *sid,
        size_t i;
 
        for (i=0; i<(*num_sids); i++) {
-               if (sid_compare(sid, &(*sids)[i]) == 0)
+               if (dom_sid_compare(sid, &(*sids)[i]) == 0)
                        return NT_STATUS_OK;
        }
 
@@ -515,7 +418,7 @@ void del_sid_from_array(const struct dom_sid *sid, struct dom_sid **sids, size_t
                /* if we find the SID, then decrement the count
                   and break out of the loop */
 
-               if ( sid_equal(sid, &sid_list[i]) ) {
+               if ( dom_sid_equal(sid, &sid_list[i]) ) {
                        *num -= 1;
                        break;
                }
@@ -555,7 +458,7 @@ bool add_rid_to_array_unique(TALLOC_CTX *mem_ctx,
 bool is_null_sid(const struct dom_sid *sid)
 {
        static const struct dom_sid null_sid = {0};
-       return sid_equal(sid, &null_sid);
+       return dom_sid_equal(sid, &null_sid);
 }
 
 bool is_sid_in_token(const struct security_token *token, const struct dom_sid *sid)
@@ -563,7 +466,7 @@ bool is_sid_in_token(const struct security_token *token, const struct dom_sid *s
         int i;
 
         for (i=0; i<token->num_sids; i++) {
-                if (sid_compare(sid, &token->sids[i]) == 0)
+                if (dom_sid_compare(sid, &token->sids[i]) == 0)
                         return true;
         }
         return false;
index 46926f629878fad23d7865dee2463920bf76edbf..2b338162934227e8d2b69f38a80a1d7c08a72750 100644 (file)
@@ -21,6 +21,7 @@
 
 #include "includes.h"
 #include "memcache.h"
+#include "../lib/async_req/async_sock.h"
 
 /****************************************************************************
  Get a port number in host byte order from a sockaddr_storage.
index 97d89dc88d4c992aa1b386db964073327450776c..3525876ecf57d9dbfc130f7c040a008d8199e9dd 100644 (file)
@@ -27,6 +27,7 @@
 #include "libads/cldap.h"
 #include "libads/dns.h"
 #include "../libds/common/flags.h"
+#include "smbldap.h"
 
 #ifdef HAVE_LDAP
 
index f599435e6cb4865d944b016df03f3c6405d7b67f..8c05b2f13212c39cc48f8088d4133917b9ffa93c 100644 (file)
@@ -22,6 +22,7 @@
 #include "libgpo/gpo_proto.h"
 #include "registry.h"
 #include "registry/reg_backend_db.h"
+#include "registry/reg_api_util.h"
 
 
 /****************************************************************
index 34fe3a72ab7a0ad67662abe8e3d990aec8bc720f..28b2f6c6540866ceab7c2806a0dd711fc2aabd82 100644 (file)
@@ -35,6 +35,7 @@
 #include "secrets.h"
 #include "rpc_client/init_lsa.h"
 #include "krb5_env.h"
+#include "../libcli/security/dom_sid.h"
 
 /****************************************************************
 ****************************************************************/
@@ -744,7 +745,7 @@ static NTSTATUS libnet_join_lookup_dc_rpc(TALLOC_CTX *mem_ctx,
                r->out.netbios_domain_name = info->dns.name.string;
                r->out.dns_domain_name = info->dns.dns_domain.string;
                r->out.forest_name = info->dns.dns_forest.string;
-               r->out.domain_sid = sid_dup_talloc(mem_ctx, info->dns.sid);
+               r->out.domain_sid = dom_sid_dup(mem_ctx, info->dns.sid);
                NT_STATUS_HAVE_NO_MEMORY(r->out.domain_sid);
        }
 
@@ -758,7 +759,7 @@ static NTSTATUS libnet_join_lookup_dc_rpc(TALLOC_CTX *mem_ctx,
                }
 
                r->out.netbios_domain_name = info->account_domain.name.string;
-               r->out.domain_sid = sid_dup_talloc(mem_ctx, info->account_domain.sid);
+               r->out.domain_sid = dom_sid_dup(mem_ctx, info->account_domain.sid);
                NT_STATUS_HAVE_NO_MEMORY(r->out.domain_sid);
        }
 
@@ -2008,7 +2009,7 @@ static WERROR libnet_DomainUnjoin(TALLOC_CTX *mem_ctx,
                                "Unable to fetch domain sid: are we joined?");
                        return WERR_SETUP_NOT_JOINED;
                }
-               r->in.domain_sid = sid_dup_talloc(mem_ctx, &sid);
+               r->in.domain_sid = dom_sid_dup(mem_ctx, &sid);
                W_ERROR_HAVE_NO_MEMORY(r->in.domain_sid);
        }
 
index 6668be28b5bd62551ca2a0fd9305d8ea6cc2c0e1..1b5b9c3b2f52dff4204391a9f7194e53e3af9abd 100644 (file)
@@ -28,6 +28,7 @@
 #include "../libcli/auth/libcli_auth.h"
 #include "../librpc/gen_ndr/ndr_netlogon.h"
 #include "../librpc/gen_ndr/cli_netlogon.h"
+#include "../libcli/security/dom_sid.h"
 
 /**
  * Fix up the delta, dealing with encryption issues so that the final
@@ -72,7 +73,7 @@ NTSTATUS libnet_samsync_init_context(TALLOC_CTX *mem_ctx,
        NT_STATUS_HAVE_NO_MEMORY(ctx);
 
        if (domain_sid) {
-               ctx->domain_sid = sid_dup_talloc(mem_ctx, domain_sid);
+               ctx->domain_sid = dom_sid_dup(mem_ctx, domain_sid);
                NT_STATUS_HAVE_NO_MEMORY(ctx->domain_sid);
 
                ctx->domain_sid_str = sid_string_talloc(mem_ctx, ctx->domain_sid);
index 96bad4da327dce92fd1d2ce64dd0cbc5335aaabe..454f0a9c41b37c7974a9b582cb4bdf4d03674b0d 100644 (file)
@@ -25,6 +25,7 @@
 
 #include "includes.h"
 #include "libnet/libnet_samsync.h"
+#include "smbldap.h"
 
 #ifdef HAVE_LDAP
 
index 224598a480e7036e98bf99080c06d780c488b863..a837ecd6dc88b74db85bd4722bd8ec11318d1668 100644 (file)
@@ -25,6 +25,7 @@
 
 #include "includes.h"
 #include "libnet/libnet_samsync.h"
+#include "../libcli/security/dom_sid.h"
 
 /* Convert a struct samu_DELTA to a struct samu. */
 #define STRING_CHANGED (old_string && !new_string) ||\
@@ -608,7 +609,7 @@ static NTSTATUS fetch_alias_info(TALLOC_CTX *mem_ctx,
        map.gid = grp->gr_gid;
        map.sid = alias_sid;
 
-       if (sid_equal(dom_sid, &global_sid_Builtin))
+       if (dom_sid_equal(dom_sid, &global_sid_Builtin))
                map.sid_name_use = SID_NAME_WKN_GRP;
        else
                map.sid_name_use = SID_NAME_ALIAS;
index f83896cf728dc96d2aea837fb7427882008cbd93..935256af16cd75e3d1d3cb18c8a6f485fa25d96e 100644 (file)
@@ -1936,7 +1936,7 @@ interface libnetapi
                [in] string server_name,
                [in] uint32 function_code,
                [in] uint32 query_level,
-               [in] uint8 *data,
+               [in,unique] uint8 *data,
                [out,ref] uint8 **buffer
        );
 }
index 8e08d6fc406556ff2c47ac4b3c3fafdd0307a429..0aaeea28270ce01b8948def37a8fc55549daf895 100644 (file)
@@ -18,6 +18,8 @@
 */
 
 #include "includes.h"
+#include "../lib/async_req/async_sock.h"
+#include "async_smb.h"
 
 /*
  * Read an smb packet asynchronously, discard keepalives
index 169bf4f03764d395b12f9ab3d78b1b097cc06365..92e5bb2021d5a267fd949bd0af7328aebe509dee 100644 (file)
@@ -26,6 +26,7 @@
 #include "../libcli/auth/ntlmssp.h"
 #include "libads/kerberos_proto.h"
 #include "krb5_env.h"
+#include "async_smb.h"
 
 static const struct {
        int prot;
@@ -1498,7 +1499,7 @@ NTSTATUS cli_session_setup(struct cli_state *cli,
 
 struct cli_ulogoff_state {
        struct cli_state *cli;
-       uint16_t vwv[2];
+       uint16_t vwv[3];
 };
 
 static void cli_ulogoff_done(struct tevent_req *subreq);
index cdf51c75c37942de02486d3426b4124eba158623..2c49a8b3f0e8771751a4aef16fc9d387d57139a6 100644 (file)
@@ -20,6 +20,7 @@
 
 #include "includes.h"
 #include "smb_signing.h"
+#include "async_smb.h"
 
 /*******************************************************************
  Setup the word count and byte count for a client smb message.
index d6b2e31de70db7d9b172357ea0d9ca3f8a2b0ca2..ce8d7a593bfd59ffa249ed825fe05d2f2c5dffc5 100644 (file)
@@ -19,6 +19,7 @@
 */
 
 #include "includes.h"
+#include "async_smb.h"
 
 /***********************************************************
  Common function for pushing stings, used by smb_bytes_push_str()
index 6cbf7104d4ecd50d9e21a751cdd9ce3de1d1dbfb..5ca76ac16a8410c09b6997695524c6e331e4cb10 100644 (file)
@@ -21,6 +21,7 @@
 #include "includes.h"
 #include "../libcli/auth/spnego.h"
 #include "../libcli/auth/ntlmssp.h"
+#include "async_smb.h"
 
 /****************************************************************************
  Get UNIX extensions version info.
index b580172317a0a82a0becacdd014cb52c9a897d40..280f876ba74f90d2d0ce670b633f14a1bd99adff 100644 (file)
@@ -18,6 +18,7 @@
 */
 
 #include "includes.h"
+#include "async_smb.h"
 
 /****************************************************************************
  Calculate a safe next_entry_offset.
index 3777c41482200982bf70aab1c4224061364c6eba..4c730c4b76e9127e1a13e504c0f45edaa40f38a9 100644 (file)
@@ -18,6 +18,7 @@
 */
 
 #include "includes.h"
+#include "async_smb.h"
 
 struct cli_message_start_state {
        uint16_t grp;
index 8904ac973fdfcb75236f85dfdd8ce61422f4b83f..09f9869420a849379e2d493065b6b00d48a9fe0d 100644 (file)
@@ -18,6 +18,7 @@
 */
 
 #include "includes.h"
+#include "async_smb.h"
 
 /****************************************************************************
 send an ack for an oplock break request
index a1b911cfbf3d5724425da30b74020b1d6849d660..3ac9f4454fb6662ab1b081d60b834be0205e9dc5 100644 (file)
@@ -23,6 +23,7 @@
 #include "../libcli/auth/libcli_auth.h"
 #include "../librpc/gen_ndr/rap.h"
 #include "../lib/crypto/arcfour.h"
+#include "async_smb.h"
 
 /****************************************************************************
  Call a remote api
index 24c9d9f681f0727785e0a493f2c3d7c4b3ad604e..370c068fe4519de8be011fda8c31ca29c84f56fe 100644 (file)
@@ -18,6 +18,7 @@
 */
 
 #include "includes.h"
+#include "async_smb.h"
 
 /****************************************************************************
   Calculate the recommended read buffer size
index dd0873d8249cf0ff92b0b5f31b1d0cf868a8cb92..4379e1480a8dda766e17f621fe5af28b85df5940 100644 (file)
@@ -18,7 +18,7 @@
 */
 
 #include "includes.h"
-
+#include "async_smb.h"
 
 /****************************************************************************
  Send a SMB trans or trans2 request.
index cc87715d8f91f9ae9cd15813d414b32973434890..bc329bf226cabab86d236edf03f19e96e80bfedd 100644 (file)
@@ -27,6 +27,7 @@
 #include "libsmb_internal.h"
 #include "../librpc/gen_ndr/ndr_lsa.h"
 #include "rpc_client/cli_lsarpc.h"
+#include "../libcli/security/dom_sid.h"
 
 
 /*
@@ -121,8 +122,8 @@ ace_compare(struct security_ace *ace1,
                return ace2->type - ace1->type;
         }
 
-       if (sid_compare(&ace1->trustee, &ace2->trustee)) {
-               return sid_compare(&ace1->trustee, &ace2->trustee);
+       if (dom_sid_compare(&ace1->trustee, &ace2->trustee)) {
+               return dom_sid_compare(&ace1->trustee, &ace2->trustee);
         }
 
        if (ace1->flags != ace2->flags) {
@@ -1608,7 +1609,7 @@ cacl_set(SMBCCTX *context,
                        bool found = False;
 
                        for (j=0;old->dacl && j<old->dacl->num_aces;j++) {
-                               if (sid_equal(&sd->dacl->aces[i].trustee,
+                               if (dom_sid_equal(&sd->dacl->aces[i].trustee,
                                              &old->dacl->aces[j].trustee)) {
                                         if (!(flags & SMBC_XATTR_FLAG_CREATE)) {
                                                 err = EEXIST;
index c949d3bcb449bad291009a09f4e2a4afbf992e27..d1fb5ab81792fa7b75988bcf291f8668d01a54b8 100644 (file)
@@ -307,7 +307,7 @@ NODE_STATUS_STRUCT *node_status_query(int fd,
        while (1) {
                struct timespec tp2;
                clock_gettime_mono(&tp2);
-               if (TspecDiff(&tp,&tp2) > retry_time) {
+               if (nsec_time_diff(&tp2,&tp)/1000000 > retry_time) {
                        if (!retries)
                                break;
                        if (!found && !send_packet(&p))
@@ -716,7 +716,7 @@ struct sockaddr_storage *name_query(int fd,
                struct timespec tp2;
 
                clock_gettime_mono(&tp2);
-               if (TspecDiff(&tp,&tp2) > retry_time) {
+               if (nsec_time_diff(&tp2,&tp)/1000000 > retry_time) {
                        if (!retries)
                                break;
                        if (!found && !send_packet(&p))
index 9dd5df87ec88ff27423e4e0b65663f227fa9d1f6..8e61351a1a4b83143ee1ce9666e54b0d6cf98f78 100644 (file)
@@ -417,7 +417,7 @@ static void split_afs_acl(struct afs_acl *acl,
 static bool same_principal(struct afs_ace *x, struct afs_ace *y)
 {
        return ( (x->positive == y->positive) &&
-                (sid_compare(&x->sid, &y->sid) == 0) );
+                (dom_sid_compare(&x->sid, &y->sid) == 0) );
 }
 
 static void merge_afs_acls(struct afs_acl *dir_acl,
@@ -699,16 +699,16 @@ static bool mappable_sid(const struct dom_sid *sid)
 {
        struct dom_sid domain_sid;
        
-       if (sid_compare(sid, &global_sid_Builtin_Administrators) == 0)
+       if (dom_sid_compare(sid, &global_sid_Builtin_Administrators) == 0)
                return True;
 
-       if (sid_compare(sid, &global_sid_World) == 0)
+       if (dom_sid_compare(sid, &global_sid_World) == 0)
                return True;
 
-       if (sid_compare(sid, &global_sid_Authenticated_Users) == 0)
+       if (dom_sid_compare(sid, &global_sid_Authenticated_Users) == 0)
                return True;
 
-       if (sid_compare(sid, &global_sid_Builtin_Backup_Operators) == 0)
+       if (dom_sid_compare(sid, &global_sid_Builtin_Backup_Operators) == 0)
                return True;
 
        string_to_sid(&domain_sid, "S-1-5-21");
@@ -757,22 +757,22 @@ static bool nt_to_afs_acl(const char *filename,
                        continue;
                }
 
-               if (sid_compare(&ace->trustee,
+               if (dom_sid_compare(&ace->trustee,
                                &global_sid_Builtin_Administrators) == 0) {
 
                        name = "system:administrators";
 
-               } else if (sid_compare(&ace->trustee,
+               } else if (dom_sid_compare(&ace->trustee,
                                       &global_sid_World) == 0) {
 
                        name = "system:anyuser";
 
-               } else if (sid_compare(&ace->trustee,
+               } else if (dom_sid_compare(&ace->trustee,
                                       &global_sid_Authenticated_Users) == 0) {
 
                        name = "system:authuser";
 
-               } else if (sid_compare(&ace->trustee,
+               } else if (dom_sid_compare(&ace->trustee,
                                       &global_sid_Builtin_Backup_Operators)
                           == 0) {
 
index b76bef41b4b4a976bcbd4fb4fd32c40047674e3f..ab5a7f4e6c1279366b83f32b99866c9e21d61c25 100644 (file)
@@ -476,13 +476,12 @@ static bool scannedonly_allow_access(vfs_handle_struct * handle,
                flush_sendbuffer(handle);
                while (retval != 0      /*&& errno == ENOENT */
                       && i < recheck_tries) {
-                       struct timespec req = { 0, recheck_time * 10000 };
                        DEBUG(SCANNEDONLY_DEBUG,
                              ("scannedonly_allow_access, wait (try=%d "
                               "(max %d), %d ms) for %s\n",
                               i, recheck_tries,
                               recheck_time, cache_smb_fname->base_name));
-                       nanosleep(&req, NULL);
+                       smb_msleep(recheck_time);
                        retval = SMB_VFS_NEXT_STAT(handle, cache_smb_fname);
                        i++;
                }
index 0e8d12edf8d3cb9c6d45a725a91bf7c904222fa2..6ccbd930fbda94d781e8bbb4f6f85df352279722 100644 (file)
@@ -1,2 +1,5 @@
+#ifndef HAVE_PIPE
+#define SYNC_DNS 1
+#endif
 
 #include "nmbd/nmbd_proto.h"
index 4ae699ac2a47f6612ef982a01a4fd24ca2d8a416..4567f3602dc42e06a97b30a67ef22caf85df1b62 100644 (file)
@@ -62,6 +62,7 @@
 
 #include "smb_signing.h"
 #include "dbwrap.h"
+#include "smbldap.h"
 
 #ifdef HAVE_SYS_SYSCTL_H
 #include <sys/sysctl.h>
index 0e2385f43fdb492a6eb1ea79dce4fd7e0f35d5ef..fa855f3467f0b05ed0758b5def8220ba6c75c418 100644 (file)
@@ -24,6 +24,7 @@
 #include "secrets.h"
 #include "memcache.h"
 #include "idmap_cache.h"
+#include "../libcli/security/dom_sid.h"
 
 /*****************************************************************
  Dissect a user-provided name into domain, name, sid and type.
@@ -655,7 +656,7 @@ static bool lookup_as_domain(const struct dom_sid *sid, TALLOC_CTX *mem_ctx,
                }
 
                for (i=0; i<num_domains; i++) {
-                       if (sid_equal(sid, &domains[i]->sid)) {
+                       if (dom_sid_equal(sid, &domains[i]->sid)) {
                                *name = talloc_strdup(mem_ctx,
                                                      domains[i]->name);
                                return true;
@@ -834,7 +835,7 @@ NTSTATUS lookup_sids(TALLOC_CTX *mem_ctx, int num_sids,
                        if (!dom_infos[j].valid) {
                                break;
                        }
-                       if (sid_equal(&sid, &dom_infos[j].sid)) {
+                       if (dom_sid_equal(&sid, &dom_infos[j].sid)) {
                                break;
                        }
                }
@@ -1581,7 +1582,7 @@ NTSTATUS get_primary_group_sid(TALLOC_CTX *mem_ctx,
                /* We need a sid within our domain */
                sid_copy(&domain_sid, group_sid);
                sid_split_rid(&domain_sid, &rid);
-               if (sid_equal(&domain_sid, get_global_sam_sid())) {
+               if (dom_sid_equal(&domain_sid, get_global_sam_sid())) {
                        /*
                         * As shortcut for the expensive lookup_sid call
                         * compare the domain sid part
index c3534f7fa71148745614e97d1bf575c0b8ba6559..6e5a970f4c7082b5a76fad0eb403cd127c30919e 100644 (file)
@@ -23,6 +23,7 @@
 #include "includes.h"
 #include "secrets.h"
 #include "dbwrap.h"
+#include "../libcli/security/dom_sid.h"
 
 /* NOTE! the global_sam_sid is the SID of our local SAM. This is only
    equal to the domain SID when we are a DC, otherwise its our
@@ -113,7 +114,7 @@ static struct dom_sid *pdb_generate_sam_sid(void)
                        return sam_sid;
                }
 
-               if (!sid_equal(&domain_sid, sam_sid)) {
+               if (!dom_sid_equal(&domain_sid, sam_sid)) {
 
                        /* Domain name sid doesn't match global sam sid. Re-store domain sid as 'local' sid. */
 
@@ -232,7 +233,7 @@ void reset_global_sam_sid(void)
 
 bool sid_check_is_domain(const struct dom_sid *sid)
 {
-       return sid_equal(sid, get_global_sam_sid());
+       return dom_sid_equal(sid, get_global_sam_sid());
 }
 
 /*****************************************************************
index 3e2510e74c89c2e1ae9404f46ab3b20239b298e4..493e9ed0dd709316634e0844722b13b00e5391f6 100644 (file)
@@ -23,6 +23,7 @@
 
 #include "includes.h"
 #include "../libcli/auth/libcli_auth.h"
+#include "../libcli/security/dom_sid.h"
 
 #undef DBGC_CLASS
 #define DBGC_CLASS DBGC_PASSDB
@@ -509,7 +510,7 @@ bool pdb_set_group_sid(struct samu *sampass, const struct dom_sid *g_sid, enum p
 
        sid_compose(&dug_sid, get_global_sam_sid(), DOMAIN_RID_USERS);
 
-       if (sid_equal(&dug_sid, g_sid)) {
+       if (dom_sid_equal(&dug_sid, g_sid)) {
                sid_copy(sampass->group_sid, &dug_sid);
        } else if (sid_to_gid( g_sid, &gid ) ) {
                sid_copy(sampass->group_sid, g_sid);
index 4f93b33a54b7bc5aea92a799e61037f9d52d6d29..9f3a1725a4829042c1b207e89640e6eb0ec5c62b 100644 (file)
@@ -25,6 +25,7 @@
 #include "../librpc/gen_ndr/samr.h"
 #include "memcache.h"
 #include "nsswitch/winbind_client.h"
+#include "../libcli/security/dom_sid.h"
 
 #undef DBGC_CLASS
 #define DBGC_CLASS DBGC_PASSDB
@@ -890,7 +891,7 @@ static bool pdb_user_in_group(TALLOC_CTX *mem_ctx, struct samu *account,
        }
 
        for (i=0; i<num_groups; i++) {
-               if (sid_equal(group_sid, &sids[i])) {
+               if (dom_sid_equal(group_sid, &sids[i])) {
                        return True;
                }
        }
index 658d774fefd03d100e8e89d6fe7e97c426db0bea..d046a527a6f6407e84f98f799ce4ccb543c705a4 100644 (file)
@@ -47,6 +47,7 @@
 #include "../libcli/auth/libcli_auth.h"
 #include "secrets.h"
 #include "idmap_cache.h"
+#include "../libcli/security/dom_sid.h"
 
 #undef DBGC_CLASS
 #define DBGC_CLASS DBGC_PASSDB
@@ -1106,7 +1107,7 @@ static bool init_sam_from_ldap(struct ldapsam_privates *ldap_state,
 
                gid_to_sid(&mapped_gsid, sampass->unix_pw->pw_gid);
                primary_gsid = pdb_get_group_sid(sampass);
-               if (primary_gsid && sid_equal(primary_gsid, &mapped_gsid)) {
+               if (primary_gsid && dom_sid_equal(primary_gsid, &mapped_gsid)) {
                        store_gid_sid_cache(primary_gsid,
                                            sampass->unix_pw->pw_gid);
                        idmap_cache_set_sid2gid(primary_gsid,
@@ -2682,7 +2683,7 @@ static bool ldapsam_extract_rid_from_entry(LDAP *ldap_struct,
                return False;
        }
 
-       if (sid_compare_domain(&sid, domain_sid) != 0) {
+       if (dom_sid_compare_domain(&sid, domain_sid) != 0) {
                DEBUG(10, ("SID %s is not in expected domain %s\n",
                           str, sid_string_dbg(domain_sid)));
                return False;
@@ -3055,7 +3056,7 @@ static NTSTATUS ldapsam_enum_group_memberships(struct pdb_methods *methods,
                }
        }
 
-       if (sid_compare(&global_sid_NULL, &(*pp_sids)[0]) == 0) {
+       if (dom_sid_compare(&global_sid_NULL, &(*pp_sids)[0]) == 0) {
                DEBUG(3, ("primary group of [%s] not found\n",
                          pdb_get_username(user)));
                goto done;
@@ -6668,7 +6669,7 @@ NTSTATUS pdb_init_ldapsam(struct pdb_methods **pdb_method, const char *location)
                }
                found_sid = secrets_fetch_domain_sid(ldap_state->domain_name,
                                                     &secrets_domain_sid);
-               if (!found_sid || !sid_equal(&secrets_domain_sid,
+               if (!found_sid || !dom_sid_equal(&secrets_domain_sid,
                                             &ldap_domain_sid)) {
                        DEBUG(1, ("pdb_init_ldapsam: Resetting SID for domain "
                                  "%s based on pdb_ldap results %s -> %s\n",
index dd89c8e10bafe5506ab49b9dd2a9ad44f7f818ae..93697269883ef29c189c7244ca1456850eb4a808 100644 (file)
@@ -22,6 +22,7 @@
 
 #include "includes.h"
 #include "../librpc/gen_ndr/samr.h"
+#include "../libcli/security/dom_sid.h"
 
 #undef DBGC_CLASS
 #define DBGC_CLASS DBGC_PASSDB
@@ -1372,7 +1373,7 @@ static NTSTATUS smbpasswd_getsampwsid(struct pdb_methods *my_methods, struct sam
                return nt_status;
 
        /* build_sam_account might change the SID on us, if the name was for the guest account */
-       if (NT_STATUS_IS_OK(nt_status) && !sid_equal(pdb_get_user_sid(sam_acct), sid)) {
+       if (NT_STATUS_IS_OK(nt_status) && !dom_sid_equal(pdb_get_user_sid(sam_acct), sid)) {
                DEBUG(1, ("looking for user with sid %s instead returned %s "
                          "for account %s!?!\n", sid_string_dbg(sid),
                          sid_string_dbg(pdb_get_user_sid(sam_acct)),
index 05a46371b3bfc911794ef0b0b18c4f33610b99f5..cf483bbb96e238da6c406a5ac6fc369ae0965c61 100644 (file)
@@ -18,6 +18,7 @@
 */
 
 #include "includes.h"
+#include "../libcli/security/dom_sid.h"
 
 struct rid_name_map {
        uint32 rid;
@@ -104,7 +105,7 @@ const char *builtin_domain_name(void)
 
 bool sid_check_is_builtin(const struct dom_sid *sid)
 {
-       return sid_equal(sid, &global_sid_Builtin);
+       return dom_sid_equal(sid, &global_sid_Builtin);
 }
 
 /*****************************************************************
index 0894804c5ba3a7a557bd7cf91642f30af19c7517..1bd07c7a2f487ec9f2fd02072aeb52b1ca9f205a 100644 (file)
 */
 
 #include "includes.h"
+#include "../libcli/security/dom_sid.h"
 
 bool sid_check_is_unix_users(const struct dom_sid *sid)
 {
-       return sid_equal(sid, &global_sid_Unix_Users);
+       return dom_sid_equal(sid, &global_sid_Unix_Users);
 }
 
 bool sid_check_is_in_unix_users(const struct dom_sid *sid)
@@ -79,7 +80,7 @@ bool lookup_unix_user_name(const char *name, struct dom_sid *sid)
 
 bool sid_check_is_unix_groups(const struct dom_sid *sid)
 {
-       return sid_equal(sid, &global_sid_Unix_Groups);
+       return dom_sid_equal(sid, &global_sid_Unix_Groups);
 }
 
 bool sid_check_is_in_unix_groups(const struct dom_sid *sid)
index 7f670f9225bd436e5921cf72c3ee8eec757fd8b0..4f6f3f308dd2441823ce39f6bfd0453e81b71773 100644 (file)
@@ -21,6 +21,7 @@
 */
 
 #include "includes.h"
+#include "../libcli/security/dom_sid.h"
 
 struct rid_name_map {
        uint32 rid;
@@ -75,7 +76,7 @@ bool sid_check_is_wellknown_domain(const struct dom_sid *sid, const char **name)
        int i;
 
        for (i=0; special_domains[i].sid != NULL; i++) {
-               if (sid_equal(sid, special_domains[i].sid)) {
+               if (dom_sid_equal(sid, special_domains[i].sid)) {
                        if (name != NULL) {
                                *name = special_domains[i].name;
                        }
@@ -115,7 +116,7 @@ bool lookup_wellknown_sid(TALLOC_CTX *mem_ctx, const struct dom_sid *sid,
        }
 
        for (i=0; special_domains[i].sid != NULL; i++) {
-               if (sid_equal(&dom_sid, special_domains[i].sid)) {
+               if (dom_sid_equal(&dom_sid, special_domains[i].sid)) {
                        *domain = talloc_strdup(mem_ctx,
                                                special_domains[i].name);
                        users = special_domains[i].known_users;
index 0352446e7b047f9fa98f5dcc914492ffb3e7945d..1cbe4661b1458c44718f233b2dd145fa9b6185fb 100644 (file)
  * 0x1a                winreg_GetVersion                       reg_getversion
  * 0x1b                winreg_OpenHKCC
  * 0x1c                winreg_OpenHKDD
- * 0x1d                winreg_QueryMultipleValues
+ * 0x1d                winreg_QueryMultipleValues              reg_querymultiplevalues
  * 0x1e                winreg_InitiateSystemShutdownEx
  * 0x1f                winreg_SaveKeyEx
  * 0x20                winreg_OpenHKPT
  * 0x21                winreg_OpenHKPN
- * 0x22                winreg_QueryMultipleValues2
+ * 0x22                winreg_QueryMultipleValues2             reg_querymultiplevalues
  *
  */
 
 #include "includes.h"
 #include "registry.h"
 #include "reg_cachehook.h"
-#include "regfio.h"
 #include "reg_util_internal.h"
 #include "reg_backend_db.h"
 #include "reg_dispatcher.h"
@@ -748,277 +747,6 @@ WERROR reg_getversion(uint32_t *version)
        return WERR_OK;
 }
 
-/*******************************************************************
- Note: topkeypat is the *full* path that this *key will be
- loaded into (including the name of the key)
- ********************************************************************/
-
-static WERROR reg_load_tree(REGF_FILE *regfile, const char *topkeypath,
-                           REGF_NK_REC *key)
-{
-       REGF_NK_REC *subkey;
-       struct registry_key_handle registry_key;
-       struct regval_ctr *values;
-       struct regsubkey_ctr *subkeys;
-       int i;
-       char *path = NULL;
-       WERROR result = WERR_OK;
-
-       /* initialize the struct registry_key_handle structure */
-
-       registry_key.ops = reghook_cache_find(topkeypath);
-       if (!registry_key.ops) {
-               DEBUG(0, ("reg_load_tree: Failed to assign registry_ops "
-                         "to [%s]\n", topkeypath));
-               return WERR_BADFILE;
-       }
-
-       registry_key.name = talloc_strdup(regfile->mem_ctx, topkeypath);
-       if (!registry_key.name) {
-               DEBUG(0, ("reg_load_tree: Talloc failed for reg_key.name!\n"));
-               return WERR_NOMEM;
-       }
-
-       /* now start parsing the values and subkeys */
-
-       result = regsubkey_ctr_init(regfile->mem_ctx, &subkeys);
-       W_ERROR_NOT_OK_RETURN(result);
-
-       result = regval_ctr_init(subkeys, &values);
-       W_ERROR_NOT_OK_RETURN(result);
-
-       /* copy values into the struct regval_ctr */
-
-       for (i=0; i<key->num_values; i++) {
-               regval_ctr_addvalue(values, key->values[i].valuename,
-                                   key->values[i].type,
-                                   key->values[i].data,
-                                   (key->values[i].data_size & ~VK_DATA_IN_OFFSET));
-       }
-
-       /* copy subkeys into the struct regsubkey_ctr */
-
-       key->subkey_index = 0;
-       while ((subkey = regfio_fetch_subkey( regfile, key ))) {
-               result = regsubkey_ctr_addkey(subkeys, subkey->keyname);
-               if (!W_ERROR_IS_OK(result)) {
-                       TALLOC_FREE(subkeys);
-                       return result;
-               }
-       }
-
-       /* write this key and values out */
-
-       if (!store_reg_values(&registry_key, values)
-           || !store_reg_keys(&registry_key, subkeys))
-       {
-               DEBUG(0,("reg_load_tree: Failed to load %s!\n", topkeypath));
-               result = WERR_REG_IO_FAILURE;
-       }
-
-       TALLOC_FREE(subkeys);
-
-       if (!W_ERROR_IS_OK(result)) {
-               return result;
-       }
-
-       /* now continue to load each subkey registry tree */
-
-       key->subkey_index = 0;
-       while ((subkey = regfio_fetch_subkey(regfile, key))) {
-               path = talloc_asprintf(regfile->mem_ctx,
-                                      "%s\\%s",
-                                      topkeypath,
-                                      subkey->keyname);
-               if (path == NULL) {
-                       return WERR_NOMEM;
-               }
-               result = reg_load_tree(regfile, path, subkey);
-               if (!W_ERROR_IS_OK(result)) {
-                       break;
-               }
-       }
-
-       return result;
-}
-
-/*******************************************************************
- ********************************************************************/
-
-static WERROR restore_registry_key(struct registry_key_handle *krecord,
-                                  const char *fname)
-{
-       REGF_FILE *regfile;
-       REGF_NK_REC *rootkey;
-       WERROR result;
-
-       /* open the registry file....fail if the file already exists */
-
-       regfile = regfio_open(fname, (O_RDONLY), 0);
-       if (regfile == NULL) {
-               DEBUG(0, ("restore_registry_key: failed to open \"%s\" (%s)\n",
-                         fname, strerror(errno)));
-               return ntstatus_to_werror(map_nt_error_from_unix(errno));
-       }
-
-       /* get the rootkey from the regf file and then load the tree
-          via recursive calls */
-
-       if (!(rootkey = regfio_rootkey(regfile))) {
-               regfio_close(regfile);
-               return WERR_REG_FILE_INVALID;
-       }
-
-       result = reg_load_tree(regfile, krecord->name, rootkey);
-
-       /* cleanup */
-
-       regfio_close(regfile);
-
-       return result;
-}
-
-WERROR reg_restorekey(struct registry_key *key, const char *fname)
-{
-       return restore_registry_key(key->key, fname);
-}
-
-/********************************************************************
-********************************************************************/
-
-static WERROR reg_write_tree(REGF_FILE *regfile, const char *keypath,
-                            REGF_NK_REC *parent)
-{
-       REGF_NK_REC *key;
-       struct regval_ctr *values;
-       struct regsubkey_ctr *subkeys;
-       int i, num_subkeys;
-       char *key_tmp = NULL;
-       char *keyname, *parentpath;
-       char *subkeypath = NULL;
-       char *subkeyname;
-       struct registry_key_handle registry_key;
-       WERROR result = WERR_OK;
-       struct security_descriptor *sec_desc = NULL;
-
-       if (!regfile) {
-               return WERR_GENERAL_FAILURE;
-       }
-
-       if (!keypath) {
-               return WERR_OBJECT_PATH_INVALID;
-       }
-
-       /* split up the registry key path */
-
-       key_tmp = talloc_strdup(regfile->mem_ctx, keypath);
-       if (!key_tmp) {
-               return WERR_NOMEM;
-       }
-       if (!reg_split_key(key_tmp, &parentpath, &keyname)) {
-               return WERR_OBJECT_PATH_INVALID;
-       }
-
-       if (!keyname) {
-               keyname = parentpath;
-       }
-
-       /* we need a registry_key_handle object here to enumerate subkeys and values */
-
-       ZERO_STRUCT(registry_key);
-
-       registry_key.name = talloc_strdup(regfile->mem_ctx, keypath);
-       if (registry_key.name == NULL) {
-               return WERR_NOMEM;
-       }
-
-       registry_key.ops = reghook_cache_find(registry_key.name);
-       if (registry_key.ops == NULL) {
-               return WERR_BADFILE;
-       }
-
-       /* lookup the values and subkeys */
-
-       result = regsubkey_ctr_init(regfile->mem_ctx, &subkeys);
-       W_ERROR_NOT_OK_RETURN(result);
-
-       result = regval_ctr_init(subkeys, &values); 
-       W_ERROR_NOT_OK_RETURN(result);
-
-       fetch_reg_keys(&registry_key, subkeys);
-       fetch_reg_values(&registry_key, values);
-
-       result = regkey_get_secdesc(regfile->mem_ctx, &registry_key, &sec_desc);
-       if (!W_ERROR_IS_OK(result)) {
-               goto done;
-       }
-
-       /* write out this key */
-
-       key = regfio_write_key(regfile, keyname, values, subkeys, sec_desc,
-                              parent);
-       if (key == NULL) {
-               result = WERR_CAN_NOT_COMPLETE;
-               goto done;
-       }
-
-       /* write each one of the subkeys out */
-
-       num_subkeys = regsubkey_ctr_numkeys(subkeys);
-       for (i=0; i<num_subkeys; i++) {
-               subkeyname = regsubkey_ctr_specific_key(subkeys, i);
-               subkeypath = talloc_asprintf(regfile->mem_ctx, "%s\\%s",
-                                            keypath, subkeyname);
-               if (subkeypath == NULL) {
-                       result = WERR_NOMEM;
-                       goto done;
-               }
-               result = reg_write_tree(regfile, subkeypath, key);
-               if (!W_ERROR_IS_OK(result))
-                       goto done;
-       }
-
-       DEBUG(6, ("reg_write_tree: wrote key [%s]\n", keypath));
-
-done:
-       TALLOC_FREE(subkeys);
-       TALLOC_FREE(registry_key.name);
-
-       return result;
-}
-
-static WERROR backup_registry_key(struct registry_key_handle *krecord,
-                                 const char *fname)
-{
-       REGF_FILE *regfile;
-       WERROR result;
-
-       /* open the registry file....fail if the file already exists */
-
-       regfile = regfio_open(fname, (O_RDWR|O_CREAT|O_EXCL),
-                             (S_IREAD|S_IWRITE));
-       if (regfile == NULL) {
-               DEBUG(0,("backup_registry_key: failed to open \"%s\" (%s)\n",
-                        fname, strerror(errno) ));
-               return ntstatus_to_werror(map_nt_error_from_unix(errno));
-       }
-
-       /* write the registry tree to the file  */
-
-       result = reg_write_tree(regfile, krecord->name, NULL);
-
-       /* cleanup */
-
-       regfio_close(regfile);
-
-       return result;
-}
-
-WERROR reg_savekey(struct registry_key *key, const char *fname)
-{
-       return backup_registry_key(key->key, fname);
-}
-
 /**********************************************************************
  * Higher level utility functions
  **********************************************************************/
@@ -1050,62 +778,6 @@ WERROR reg_deleteallvalues(struct registry_key *key)
        return WERR_OK;
 }
 
-/*
- * Utility function to open a complete registry path including the hive prefix.
- */
-
-WERROR reg_open_path(TALLOC_CTX *mem_ctx, const char *orig_path,
-                    uint32 desired_access, const struct security_token *token,
-                    struct registry_key **pkey)
-{
-       struct registry_key *hive, *key;
-       char *path, *p;
-       WERROR err;
-
-       if (!(path = SMB_STRDUP(orig_path))) {
-               return WERR_NOMEM;
-       }
-
-       p = strchr(path, '\\');
-
-       if ((p == NULL) || (p[1] == '\0')) {
-               /*
-                * No key behind the hive, just return the hive
-                */
-
-               err = reg_openhive(mem_ctx, path, desired_access, token,
-                                  &hive);
-               if (!W_ERROR_IS_OK(err)) {
-                       SAFE_FREE(path);
-                       return err;
-               }
-               SAFE_FREE(path);
-               *pkey = hive;
-               return WERR_OK;
-       }
-
-       *p = '\0';
-
-       err = reg_openhive(mem_ctx, path, KEY_ENUMERATE_SUB_KEYS, token,
-                          &hive);
-       if (!W_ERROR_IS_OK(err)) {
-               SAFE_FREE(path);
-               return err;
-       }
-
-       err = reg_openkey(mem_ctx, hive, p+1, desired_access, &key);
-
-       TALLOC_FREE(hive);
-       SAFE_FREE(path);
-
-       if (!W_ERROR_IS_OK(err)) {
-               return err;
-       }
-
-       *pkey = key;
-       return WERR_OK;
-}
-
 /*
  * Utility function to delete a registry key with all its subkeys.
  * Note that reg_deletekey returns ACCESS_DENIED when called on a
@@ -1212,101 +884,3 @@ WERROR reg_deletesubkeys_recursive(TALLOC_CTX *ctx,
        return reg_deletekey_recursive_trans(ctx, parent, path, false);
 }
 
-#if 0
-/* these two functions are unused. */
-
-/**
- * Utility function to create a registry key without opening the hive
- * before. Assumes the hive already exists.
- */
-
-WERROR reg_create_path(TALLOC_CTX *mem_ctx, const char *orig_path,
-                      uint32 desired_access,
-                      const struct security_token *token,
-                      enum winreg_CreateAction *paction,
-                      struct registry_key **pkey)
-{
-       struct registry_key *hive;
-       char *path, *p;
-       WERROR err;
-
-       if (!(path = SMB_STRDUP(orig_path))) {
-               return WERR_NOMEM;
-       }
-
-       p = strchr(path, '\\');
-
-       if ((p == NULL) || (p[1] == '\0')) {
-               /*
-                * No key behind the hive, just return the hive
-                */
-
-               err = reg_openhive(mem_ctx, path, desired_access, token,
-                                  &hive);
-               if (!W_ERROR_IS_OK(err)) {
-                       SAFE_FREE(path);
-                       return err;
-               }
-               SAFE_FREE(path);
-               *pkey = hive;
-               *paction = REG_OPENED_EXISTING_KEY;
-               return WERR_OK;
-       }
-
-       *p = '\0';
-
-       err = reg_openhive(mem_ctx, path,
-                          (strchr(p+1, '\\') != NULL) ?
-                          KEY_ENUMERATE_SUB_KEYS : KEY_CREATE_SUB_KEY,
-                          token, &hive);
-       if (!W_ERROR_IS_OK(err)) {
-               SAFE_FREE(path);
-               return err;
-       }
-
-       err = reg_createkey(mem_ctx, hive, p+1, desired_access, pkey, paction);
-       SAFE_FREE(path);
-       TALLOC_FREE(hive);
-       return err;
-}
-
-/*
- * Utility function to create a registry key without opening the hive
- * before. Will not delete a hive.
- */
-
-WERROR reg_delete_path(const struct security_token *token,
-                      const char *orig_path)
-{
-       struct registry_key *hive;
-       char *path, *p;
-       WERROR err;
-
-       if (!(path = SMB_STRDUP(orig_path))) {
-               return WERR_NOMEM;
-       }
-
-       p = strchr(path, '\\');
-
-       if ((p == NULL) || (p[1] == '\0')) {
-               SAFE_FREE(path);
-               return WERR_INVALID_PARAM;
-       }
-
-       *p = '\0';
-
-       err = reg_openhive(NULL, path,
-                          (strchr(p+1, '\\') != NULL) ?
-                          KEY_ENUMERATE_SUB_KEYS : KEY_CREATE_SUB_KEY,
-                          token, &hive);
-       if (!W_ERROR_IS_OK(err)) {
-               SAFE_FREE(path);
-               return err;
-       }
-
-       err = reg_deletekey(hive, p+1);
-       SAFE_FREE(path);
-       TALLOC_FREE(hive);
-       return err;
-}
-#endif /* #if 0 */
diff --git a/source3/registry/reg_api_regf.c b/source3/registry/reg_api_regf.c
new file mode 100644 (file)
index 0000000..8f249b5
--- /dev/null
@@ -0,0 +1,301 @@
+/*
+ *  Unix SMB/CIFS implementation.
+ *  Virtual Windows Registry Layer
+ *  Copyright (C) Volker Lendecke 2006
+ *  Copyright (C) Michael Adam 2007-2008
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 3 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "includes.h"
+#include "registry.h"
+#include "reg_cachehook.h"
+#include "regfio.h"
+#include "reg_util_internal.h"
+#include "reg_dispatcher.h"
+#include "reg_objects.h"
+
+#undef DBGC_CLASS
+#define DBGC_CLASS DBGC_REGISTRY
+
+/*******************************************************************
+ Note: topkeypat is the *full* path that this *key will be
+ loaded into (including the name of the key)
+ ********************************************************************/
+
+static WERROR reg_load_tree(REGF_FILE *regfile, const char *topkeypath,
+                           REGF_NK_REC *key)
+{
+       REGF_NK_REC *subkey;
+       struct registry_key_handle registry_key;
+       struct regval_ctr *values;
+       struct regsubkey_ctr *subkeys;
+       int i;
+       char *path = NULL;
+       WERROR result = WERR_OK;
+
+       /* initialize the struct registry_key_handle structure */
+
+       registry_key.ops = reghook_cache_find(topkeypath);
+       if (!registry_key.ops) {
+               DEBUG(0, ("reg_load_tree: Failed to assign registry_ops "
+                         "to [%s]\n", topkeypath));
+               return WERR_BADFILE;
+       }
+
+       registry_key.name = talloc_strdup(regfile->mem_ctx, topkeypath);
+       if (!registry_key.name) {
+               DEBUG(0, ("reg_load_tree: Talloc failed for reg_key.name!\n"));
+               return WERR_NOMEM;
+       }
+
+       /* now start parsing the values and subkeys */
+
+       result = regsubkey_ctr_init(regfile->mem_ctx, &subkeys);
+       W_ERROR_NOT_OK_RETURN(result);
+
+       result = regval_ctr_init(subkeys, &values);
+       W_ERROR_NOT_OK_RETURN(result);
+
+       /* copy values into the struct regval_ctr */
+
+       for (i=0; i<key->num_values; i++) {
+               regval_ctr_addvalue(values, key->values[i].valuename,
+                                   key->values[i].type,
+                                   key->values[i].data,
+                                   (key->values[i].data_size & ~VK_DATA_IN_OFFSET));
+       }
+
+       /* copy subkeys into the struct regsubkey_ctr */
+
+       key->subkey_index = 0;
+       while ((subkey = regfio_fetch_subkey( regfile, key ))) {
+               result = regsubkey_ctr_addkey(subkeys, subkey->keyname);
+               if (!W_ERROR_IS_OK(result)) {
+                       TALLOC_FREE(subkeys);
+                       return result;
+               }
+       }
+
+       /* write this key and values out */
+
+       if (!store_reg_values(&registry_key, values)
+           || !store_reg_keys(&registry_key, subkeys))
+       {
+               DEBUG(0,("reg_load_tree: Failed to load %s!\n", topkeypath));
+               result = WERR_REG_IO_FAILURE;
+       }
+
+       TALLOC_FREE(subkeys);
+
+       if (!W_ERROR_IS_OK(result)) {
+               return result;
+       }
+
+       /* now continue to load each subkey registry tree */
+
+       key->subkey_index = 0;
+       while ((subkey = regfio_fetch_subkey(regfile, key))) {
+               path = talloc_asprintf(regfile->mem_ctx,
+                                      "%s\\%s",
+                                      topkeypath,
+                                      subkey->keyname);
+               if (path == NULL) {
+                       return WERR_NOMEM;
+               }
+               result = reg_load_tree(regfile, path, subkey);
+               if (!W_ERROR_IS_OK(result)) {
+                       break;
+               }
+       }
+
+       return result;
+}
+
+/*******************************************************************
+ ********************************************************************/
+
+static WERROR restore_registry_key(struct registry_key_handle *krecord,
+                                  const char *fname)
+{
+       REGF_FILE *regfile;
+       REGF_NK_REC *rootkey;
+       WERROR result;
+
+       /* open the registry file....fail if the file already exists */
+
+       regfile = regfio_open(fname, (O_RDONLY), 0);
+       if (regfile == NULL) {
+               DEBUG(0, ("restore_registry_key: failed to open \"%s\" (%s)\n",
+                         fname, strerror(errno)));
+               return ntstatus_to_werror(map_nt_error_from_unix(errno));
+       }
+
+       /* get the rootkey from the regf file and then load the tree
+          via recursive calls */
+
+       if (!(rootkey = regfio_rootkey(regfile))) {
+               regfio_close(regfile);
+               return WERR_REG_FILE_INVALID;
+       }
+
+       result = reg_load_tree(regfile, krecord->name, rootkey);
+
+       /* cleanup */
+
+       regfio_close(regfile);
+
+       return result;
+}
+
+WERROR reg_restorekey(struct registry_key *key, const char *fname)
+{
+       return restore_registry_key(key->key, fname);
+}
+
+/********************************************************************
+********************************************************************/
+
+static WERROR reg_write_tree(REGF_FILE *regfile, const char *keypath,
+                            REGF_NK_REC *parent)
+{
+       REGF_NK_REC *key;
+       struct regval_ctr *values;
+       struct regsubkey_ctr *subkeys;
+       int i, num_subkeys;
+       char *key_tmp = NULL;
+       char *keyname, *parentpath;
+       char *subkeypath = NULL;
+       char *subkeyname;
+       struct registry_key_handle registry_key;
+       WERROR result = WERR_OK;
+       struct security_descriptor *sec_desc = NULL;
+
+       if (!regfile) {
+               return WERR_GENERAL_FAILURE;
+       }
+
+       if (!keypath) {
+               return WERR_OBJECT_PATH_INVALID;
+       }
+
+       /* split up the registry key path */
+
+       key_tmp = talloc_strdup(regfile->mem_ctx, keypath);
+       if (!key_tmp) {
+               return WERR_NOMEM;
+       }
+       if (!reg_split_key(key_tmp, &parentpath, &keyname)) {
+               return WERR_OBJECT_PATH_INVALID;
+       }
+
+       if (!keyname) {
+               keyname = parentpath;
+       }
+
+       /* we need a registry_key_handle object here to enumerate subkeys and values */
+
+       ZERO_STRUCT(registry_key);
+
+       registry_key.name = talloc_strdup(regfile->mem_ctx, keypath);
+       if (registry_key.name == NULL) {
+               return WERR_NOMEM;
+       }
+
+       registry_key.ops = reghook_cache_find(registry_key.name);
+       if (registry_key.ops == NULL) {
+               return WERR_BADFILE;
+       }
+
+       /* lookup the values and subkeys */
+
+       result = regsubkey_ctr_init(regfile->mem_ctx, &subkeys);
+       W_ERROR_NOT_OK_RETURN(result);
+
+       result = regval_ctr_init(subkeys, &values);
+       W_ERROR_NOT_OK_RETURN(result);
+
+       fetch_reg_keys(&registry_key, subkeys);
+       fetch_reg_values(&registry_key, values);
+
+       result = regkey_get_secdesc(regfile->mem_ctx, &registry_key, &sec_desc);
+       if (!W_ERROR_IS_OK(result)) {
+               goto done;
+       }
+
+       /* write out this key */
+
+       key = regfio_write_key(regfile, keyname, values, subkeys, sec_desc,
+                              parent);
+       if (key == NULL) {
+               result = WERR_CAN_NOT_COMPLETE;
+               goto done;
+       }
+
+       /* write each one of the subkeys out */
+
+       num_subkeys = regsubkey_ctr_numkeys(subkeys);
+       for (i=0; i<num_subkeys; i++) {
+               subkeyname = regsubkey_ctr_specific_key(subkeys, i);
+               subkeypath = talloc_asprintf(regfile->mem_ctx, "%s\\%s",
+                                            keypath, subkeyname);
+               if (subkeypath == NULL) {
+                       result = WERR_NOMEM;
+                       goto done;
+               }
+               result = reg_write_tree(regfile, subkeypath, key);
+               if (!W_ERROR_IS_OK(result))
+                       goto done;
+       }
+
+       DEBUG(6, ("reg_write_tree: wrote key [%s]\n", keypath));
+
+done:
+       TALLOC_FREE(subkeys);
+       TALLOC_FREE(registry_key.name);
+
+       return result;
+}
+
+static WERROR backup_registry_key(struct registry_key_handle *krecord,
+                                 const char *fname)
+{
+       REGF_FILE *regfile;
+       WERROR result;
+
+       /* open the registry file....fail if the file already exists */
+
+       regfile = regfio_open(fname, (O_RDWR|O_CREAT|O_EXCL),
+                             (S_IREAD|S_IWRITE));
+       if (regfile == NULL) {
+               DEBUG(0,("backup_registry_key: failed to open \"%s\" (%s)\n",
+                        fname, strerror(errno) ));
+               return ntstatus_to_werror(map_nt_error_from_unix(errno));
+       }
+
+       /* write the registry tree to the file  */
+
+       result = reg_write_tree(regfile, krecord->name, NULL);
+
+       /* cleanup */
+
+       regfio_close(regfile);
+
+       return result;
+}
+
+WERROR reg_savekey(struct registry_key *key, const char *fname)
+{
+       return backup_registry_key(key->key, fname);
+}
diff --git a/source3/registry/reg_api_util.c b/source3/registry/reg_api_util.c
new file mode 100644 (file)
index 0000000..592b370
--- /dev/null
@@ -0,0 +1,181 @@
+/*
+ *  Unix SMB/CIFS implementation.
+ *  Virtual Windows Registry Layer
+ *  Copyright (C) Volker Lendecke 2006
+ *  Copyright (C) Michael Adam 2007-2010
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 3 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+/*
+ * Higher level utility functions on top of reg_api.c
+ */
+
+#include "includes.h"
+#include "registry.h"
+#include "reg_api_util.h"
+
+/**
+ * Utility function to open a complete registry path including the hive prefix.
+ */
+WERROR reg_open_path(TALLOC_CTX *mem_ctx, const char *orig_path,
+                    uint32 desired_access, const struct security_token *token,
+                    struct registry_key **pkey)
+{
+       struct registry_key *hive, *key;
+       char *path, *p;
+       WERROR err;
+
+       if (!(path = SMB_STRDUP(orig_path))) {
+               return WERR_NOMEM;
+       }
+
+       p = strchr(path, '\\');
+
+       if ((p == NULL) || (p[1] == '\0')) {
+               /*
+                * No key behind the hive, just return the hive
+                */
+
+               err = reg_openhive(mem_ctx, path, desired_access, token,
+                                  &hive);
+               if (!W_ERROR_IS_OK(err)) {
+                       SAFE_FREE(path);
+                       return err;
+               }
+               SAFE_FREE(path);
+               *pkey = hive;
+               return WERR_OK;
+       }
+
+       *p = '\0';
+
+       err = reg_openhive(mem_ctx, path, KEY_ENUMERATE_SUB_KEYS, token,
+                          &hive);
+       if (!W_ERROR_IS_OK(err)) {
+               SAFE_FREE(path);
+               return err;
+       }
+
+       err = reg_openkey(mem_ctx, hive, p+1, desired_access, &key);
+
+       TALLOC_FREE(hive);
+       SAFE_FREE(path);
+
+       if (!W_ERROR_IS_OK(err)) {
+               return err;
+       }
+
+       *pkey = key;
+       return WERR_OK;
+}
+
+#if 0
+/* these two functions are unused. */
+
+/**
+ * Utility function to create a registry key without opening the hive
+ * before. Assumes the hive already exists.
+ */
+
+WERROR reg_create_path(TALLOC_CTX *mem_ctx, const char *orig_path,
+                      uint32 desired_access,
+                      const struct security_token *token,
+                      enum winreg_CreateAction *paction,
+                      struct registry_key **pkey)
+{
+       struct registry_key *hive;
+       char *path, *p;
+       WERROR err;
+
+       if (!(path = SMB_STRDUP(orig_path))) {
+               return WERR_NOMEM;
+       }
+
+       p = strchr(path, '\\');
+
+       if ((p == NULL) || (p[1] == '\0')) {
+               /*
+                * No key behind the hive, just return the hive
+                */
+
+               err = reg_openhive(mem_ctx, path, desired_access, token,
+                                  &hive);
+               if (!W_ERROR_IS_OK(err)) {
+                       SAFE_FREE(path);
+                       return err;
+               }
+               SAFE_FREE(path);
+               *pkey = hive;
+               *paction = REG_OPENED_EXISTING_KEY;
+               return WERR_OK;
+       }
+
+       *p = '\0';
+
+       err = reg_openhive(mem_ctx, path,
+                          (strchr(p+1, '\\') != NULL) ?
+                          KEY_ENUMERATE_SUB_KEYS : KEY_CREATE_SUB_KEY,
+                          token, &hive);
+       if (!W_ERROR_IS_OK(err)) {
+               SAFE_FREE(path);
+               return err;
+       }
+
+       err = reg_createkey(mem_ctx, hive, p+1, desired_access, pkey, paction);
+       SAFE_FREE(path);
+       TALLOC_FREE(hive);
+       return err;
+}
+
+/*
+ * Utility function to create a registry key without opening the hive
+ * before. Will not delete a hive.
+ */
+
+WERROR reg_delete_path(const struct security_token *token,
+                      const char *orig_path)
+{
+       struct registry_key *hive;
+       char *path, *p;
+       WERROR err;
+
+       if (!(path = SMB_STRDUP(orig_path))) {
+               return WERR_NOMEM;
+       }
+
+       p = strchr(path, '\\');
+
+       if ((p == NULL) || (p[1] == '\0')) {
+               SAFE_FREE(path);
+               return WERR_INVALID_PARAM;
+       }
+
+       *p = '\0';
+
+       err = reg_openhive(NULL, path,
+                          (strchr(p+1, '\\') != NULL) ?
+                          KEY_ENUMERATE_SUB_KEYS : KEY_CREATE_SUB_KEY,
+                          token, &hive);
+       if (!W_ERROR_IS_OK(err)) {
+               SAFE_FREE(path);
+               return err;
+       }
+
+       err = reg_deletekey(hive, p+1);
+       SAFE_FREE(path);
+       TALLOC_FREE(hive);
+       return err;
+}
+#endif /* #if 0 */
diff --git a/source3/registry/reg_api_util.h b/source3/registry/reg_api_util.h
new file mode 100644 (file)
index 0000000..d2d7894
--- /dev/null
@@ -0,0 +1,46 @@
+/*
+ *  Unix SMB/CIFS implementation.
+ *  Virtual Windows Registry Layer
+ *  Copyright (C) Volker Lendecke 2006
+ *  Copyright (C) Michael Adam 2007-2010
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 3 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+/*
+ * Higher level utility functions on top of reg_api.c
+ */
+
+#ifndef _REG_API_UTIL_H
+#define _REG_API_UTIL_H
+
+/**
+ * Utility function to open a complete registry path including the hive prefix.
+ */
+WERROR reg_open_path(TALLOC_CTX *mem_ctx, const char *orig_path,
+                    uint32 desired_access, const struct security_token *token,
+                    struct registry_key **pkey);
+
+#if 0
+/* currently unused */
+WERROR reg_create_path(TALLOC_CTX *mem_ctx, const char *orig_path,
+                      uint32 desired_access,
+                      const struct security_token *token,
+                      enum winreg_CreateAction *paction,
+                      struct registry_key **pkey);
+WERROR reg_delete_path(const struct security_token *token,
+                      const char *orig_path);
+#endif
+
+#endif /* _REG_API_UTIL_H */
index 3a3f0207e2ca68939fd680e0ae33eb5c58638458..29b0889402368af8904d2319b30b505e610936e1 100644 (file)
@@ -22,6 +22,7 @@
 #include "includes.h"
 #include "registry.h"
 #include "reg_util_legacy.h"
+#include "reg_api_util.h"
 
 #undef DBGC_CLASS
 #define DBGC_CLASS DBGC_REGISTRY
index 823bdfac6a4f1ebe0ed939cdf5fe061f9b2fc304..52fd6037e02d6de09c9ba605626e667922a8ba18 100644 (file)
@@ -26,6 +26,7 @@
 #include "../librpc/gen_ndr/cli_lsa.h"
 #include "rpc_client/cli_lsarpc.h"
 #include "rpc_client/init_lsa.h"
+#include "../libcli/security/dom_sid.h"
 
 /** @defgroup lsa LSA - Local Security Architecture
  *  @ingroup rpc_client
@@ -145,7 +146,7 @@ static NTSTATUS rpccli_lsa_lookup_sids_noalloc(struct rpc_pipe_client *cli,
        }
 
        for (i = 0; i<num_sids; i++) {
-               sid_array.sids[i].sid = sid_dup_talloc(mem_ctx, &sids[i]);
+               sid_array.sids[i].sid = dom_sid_dup(mem_ctx, &sids[i]);
                if (!sid_array.sids[i].sid) {
                        return NT_STATUS_NO_MEMORY;
                }
index 1975d73e70a3b6eca32a53ef436d77be8ad586e6..d8bed84e2da2cf32655ba2bb1af48a7d19e3c03c 100644 (file)
@@ -704,6 +704,7 @@ struct rpc_api_pipe_state {
 
 static void rpc_api_pipe_trans_done(struct tevent_req *subreq);
 static void rpc_api_pipe_got_pdu(struct tevent_req *subreq);
+static void rpc_api_pipe_auth3_done(struct tevent_req *subreq);
 
 static struct tevent_req *rpc_api_pipe_send(TALLOC_CTX *mem_ctx,
                                            struct event_context *ev,
@@ -738,6 +739,16 @@ static struct tevent_req *rpc_api_pipe_send(TALLOC_CTX *mem_ctx,
 
        DEBUG(5,("rpc_api_pipe: %s\n", rpccli_pipe_txt(talloc_tos(), cli)));
 
+       if (state->expected_pkt_type == DCERPC_PKT_AUTH3) {
+               subreq = rpc_write_send(state, ev, cli->transport,
+                                       data->data, data->length);
+               if (subreq == NULL) {
+                       goto fail;
+               }
+               tevent_req_set_callback(subreq, rpc_api_pipe_auth3_done, req);
+               return req;
+       }
+
        /* get the header first, then fetch the rest once we have
         * the frag_length available */
        max_recv_frag = RPC_HEADER_LEN;
@@ -758,6 +769,23 @@ static struct tevent_req *rpc_api_pipe_send(TALLOC_CTX *mem_ctx,
        return NULL;
 }
 
+static void rpc_api_pipe_auth3_done(struct tevent_req *subreq)
+{
+       struct tevent_req *req =
+               tevent_req_callback_data(subreq,
+               struct tevent_req);
+       NTSTATUS status;
+
+       status = rpc_write_recv(subreq);
+       TALLOC_FREE(subreq);
+       if (!NT_STATUS_IS_OK(status)) {
+               tevent_req_nterror(req, status);
+               return;
+       }
+
+       tevent_req_done(req);
+}
+
 static void rpc_api_pipe_trans_done(struct tevent_req *subreq)
 {
        struct tevent_req *req = tevent_req_callback_data(
@@ -1446,53 +1474,6 @@ NTSTATUS rpc_api_pipe_req_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
        return NT_STATUS_OK;
 }
 
-#if 0
-/****************************************************************************
- Set the handle state.
-****************************************************************************/
-
-static bool rpc_pipe_set_hnd_state(struct rpc_pipe_client *cli,
-                                  const char *pipe_name, uint16 device_state)
-{
-       bool state_set = False;
-       char param[2];
-       uint16 setup[2]; /* only need 2 uint16 setup parameters */
-       char *rparam = NULL;
-       char *rdata = NULL;
-       uint32 rparam_len, rdata_len;
-
-       if (pipe_name == NULL)
-               return False;
-
-       DEBUG(5,("Set Handle state Pipe[%x]: %s - device state:%x\n",
-                cli->fnum, pipe_name, device_state));
-
-       /* create parameters: device state */
-       SSVAL(param, 0, device_state);
-
-       /* create setup parameters. */
-       setup[0] = 0x0001; 
-       setup[1] = cli->fnum; /* pipe file handle.  got this from an SMBOpenX. */
-
-       /* send the data on \PIPE\ */
-       if (cli_api_pipe(cli->cli, "\\PIPE\\",
-                   setup, 2, 0,                /* setup, length, max */
-                   param, 2, 0,                /* param, length, max */
-                   NULL, 0, 1024,              /* data, length, max */
-                   &rparam, &rparam_len,        /* return param, length */
-                   &rdata, &rdata_len))         /* return data, length */
-       {
-               DEBUG(5, ("Set Handle state: return OK\n"));
-               state_set = True;
-       }
-
-       SAFE_FREE(rparam);
-       SAFE_FREE(rdata);
-
-       return state_set;
-}
-#endif
-
 /****************************************************************************
  Check the rpc bind acknowledge response.
 ****************************************************************************/
@@ -1623,11 +1604,11 @@ struct rpc_pipe_bind_state {
        struct event_context *ev;
        struct rpc_pipe_client *cli;
        DATA_BLOB rpc_out;
+       bool auth3;
        uint32_t rpc_call_id;
 };
 
 static void rpc_pipe_bind_step_one_done(struct tevent_req *subreq);
-static void rpc_bind_auth3_write_done(struct tevent_req *subreq);
 static NTSTATUS rpc_bind_next_send(struct tevent_req *req,
                                   struct rpc_pipe_bind_state *state,
                                   DATA_BLOB *credentials);
@@ -1658,7 +1639,6 @@ struct tevent_req *rpc_pipe_bind_send(TALLOC_CTX *mem_ctx,
        state->ev = ev;
        state->cli = cli;
        state->rpc_call_id = get_rpc_call_id();
-       state->rpc_out = data_blob_null;
 
        cli->auth = talloc_move(cli, &auth);
 
@@ -1697,13 +1677,12 @@ static void rpc_pipe_bind_step_one_done(struct tevent_req *subreq)
        struct rpc_pipe_bind_state *state = tevent_req_data(
                req, struct rpc_pipe_bind_state);
        struct pipe_auth_data *pauth = state->cli->auth;
-       DATA_BLOB reply_pdu;
        struct ncacn_packet *pkt;
        struct dcerpc_auth auth;
        DATA_BLOB auth_token = data_blob_null;
        NTSTATUS status;
 
-       status = rpc_api_pipe_recv(subreq, talloc_tos(), &pkt, &reply_pdu);
+       status = rpc_api_pipe_recv(subreq, talloc_tos(), &pkt, NULL);
        TALLOC_FREE(subreq);
        if (!NT_STATUS_IS_OK(status)) {
                DEBUG(3, ("rpc_pipe_bind: %s bind request returned %s\n",
@@ -1713,6 +1692,11 @@ static void rpc_pipe_bind_step_one_done(struct tevent_req *subreq)
                return;
        }
 
+       if (state->auth3) {
+               tevent_req_done(req);
+               return;
+       }
+
        if (!check_bind_response(&pkt->u.bind_ack, &state->cli->transfer_syntax)) {
                DEBUG(2, ("rpc_pipe_bind: check_bind_response failed.\n"));
                tevent_req_nterror(req, NT_STATUS_BUFFER_TOO_SMALL);
@@ -1835,21 +1819,6 @@ err_out:
        tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
 }
 
-static void rpc_bind_auth3_write_done(struct tevent_req *subreq)
-{
-       struct tevent_req *req = tevent_req_callback_data(
-               subreq, struct tevent_req);
-       NTSTATUS status;
-
-       status = rpc_write_recv(subreq);
-       TALLOC_FREE(subreq);
-       if (!NT_STATUS_IS_OK(status)) {
-               tevent_req_nterror(req, status);
-               return;
-       }
-       tevent_req_done(req);
-}
-
 static NTSTATUS rpc_bind_next_send(struct tevent_req *req,
                                   struct rpc_pipe_bind_state *state,
                                   DATA_BLOB *auth_token)
@@ -1890,6 +1859,8 @@ static NTSTATUS rpc_bind_finish_send(struct tevent_req *req,
        struct tevent_req *subreq;
        NTSTATUS status;
 
+       state->auth3 = true;
+
        /* Now prepare the auth3 context pdu. */
        data_blob_free(&state->rpc_out);
 
@@ -1903,12 +1874,12 @@ static NTSTATUS rpc_bind_finish_send(struct tevent_req *req,
                return status;
        }
 
-       subreq = rpc_write_send(state, state->ev, state->cli->transport,
-                               state->rpc_out.data, state->rpc_out.length);
+       subreq = rpc_api_pipe_send(state, state->ev, state->cli,
+                                  &state->rpc_out, DCERPC_PKT_AUTH3);
        if (subreq == NULL) {
                return NT_STATUS_NO_MEMORY;
        }
-       tevent_req_set_callback(subreq, rpc_bind_auth3_write_done, req);
+       tevent_req_set_callback(subreq, rpc_pipe_bind_step_one_done, req);
        return NT_STATUS_OK;
 }
 
index b7bb7d70d5ab2a9f6df8cda0b34d36460a44245f..359ec478cca78661f9255997c0f4d26713efdb47 100644 (file)
@@ -18,6 +18,7 @@
  */
 
 #include "includes.h"
+#include "../lib/async_req/async_sock.h"
 
 #undef DBGC_CLASS
 #define DBGC_CLASS DBGC_RPC_CLI
index 96787a374f2f6defe46dbcf125a7da4542f9567a..de3439eb930076e6772b131f4b3fcac50834cfe5 100644 (file)
@@ -24,6 +24,7 @@
 #include "../librpc/gen_ndr/srv_eventlog.h"
 #include "lib/eventlog/eventlog.h"
 #include "registry.h"
+#include "registry/reg_api_util.h"
 
 #undef  DBGC_CLASS
 #define DBGC_CLASS DBGC_RPC_SRV
index 49bdca7b7f59d3351bb98b4080672d10b59fba56..191cdfeb66a9b8da2cc9b35cdbcac5bef3dd4bb8 100644 (file)
@@ -34,6 +34,7 @@
 #include "secrets.h"
 #include "../librpc/gen_ndr/netlogon.h"
 #include "rpc_client/init_lsa.h"
+#include "../libcli/security/dom_sid.h"
 
 #undef DBGC_CLASS
 #define DBGC_CLASS DBGC_RPC_SRV
@@ -91,7 +92,7 @@ static int init_lsa_ref_domain_list(TALLOC_CTX *mem_ctx,
 
        if (dom_name != NULL) {
                for (num = 0; num < ref->count; num++) {
-                       if (sid_equal(dom_sid, ref->domains[num].sid)) {
+                       if (dom_sid_equal(dom_sid, ref->domains[num].sid)) {
                                return num;
                        }
                }
@@ -116,7 +117,7 @@ static int init_lsa_ref_domain_list(TALLOC_CTX *mem_ctx,
        ZERO_STRUCT(ref->domains[num]);
 
        init_lsa_StringLarge(&ref->domains[num].name, dom_name);
-       ref->domains[num].sid = sid_dup_talloc(mem_ctx, dom_sid);
+       ref->domains[num].sid = dom_sid_dup(mem_ctx, dom_sid);
        if (!ref->domains[num].sid) {
                return -1;
        }
@@ -306,7 +307,7 @@ static NTSTATUS lookup_lsa_sids(TALLOC_CTX *mem_ctx,
 
                /* Initialize the lsa_TranslatedSid3 return. */
                trans_sids[i].sid_type = type;
-               trans_sids[i].sid = sid_dup_talloc(mem_ctx, &sid);
+               trans_sids[i].sid = dom_sid_dup(mem_ctx, &sid);
                trans_sids[i].sid_index = dom_idx;
        }
 
@@ -653,7 +654,7 @@ NTSTATUS _lsa_QueryInfoPolicy(struct pipes_struct *p,
                        case ROLE_DOMAIN_PDC:
                        case ROLE_DOMAIN_BDC:
                                name = get_global_sam_name();
-                               sid = sid_dup_talloc(p->mem_ctx, get_global_sam_sid());
+                               sid = dom_sid_dup(p->mem_ctx, get_global_sam_sid());
                                if (!sid) {
                                        return NT_STATUS_NO_MEMORY;
                                }
@@ -662,7 +663,7 @@ NTSTATUS _lsa_QueryInfoPolicy(struct pipes_struct *p,
                                name = lp_workgroup();
                                /* We need to return the Domain SID here. */
                                if (secrets_fetch_domain_sid(lp_workgroup(), &domain_sid)) {
-                                       sid = sid_dup_talloc(p->mem_ctx, &domain_sid);
+                                       sid = dom_sid_dup(p->mem_ctx, &domain_sid);
                                        if (!sid) {
                                                return NT_STATUS_NO_MEMORY;
                                        }
@@ -1605,7 +1606,7 @@ NTSTATUS _lsa_EnumAccounts(struct pipes_struct *p,
                }
 
                for (i = *r->in.resume_handle, j = 0; i < num_entries; i++, j++) {
-                       sids[j].sid = sid_dup_talloc(p->mem_ctx, &sid_list[i]);
+                       sids[j].sid = dom_sid_dup(p->mem_ctx, &sid_list[i]);
                        if (!sids[j].sid) {
                                talloc_free(sid_list);
                                return NT_STATUS_NO_MEMORY;
@@ -2427,7 +2428,7 @@ NTSTATUS _lsa_EnumAccountsWithUserRight(struct pipes_struct *p,
                                         r->out.sids->num_sids);
 
        for (i=0; i < r->out.sids->num_sids; i++) {
-               r->out.sids->sids[i].sid = sid_dup_talloc(r->out.sids->sids,
+               r->out.sids->sids[i].sid = dom_sid_dup(r->out.sids->sids,
                                                          &sids[i]);
                if (!r->out.sids->sids[i].sid) {
                        TALLOC_FREE(r->out.sids->sids);
index 4b692b36fce7fea5c487815fbd61d7ed3ad58e13..76da1d00d667183e603f1b31a9ee00980acae652 100644 (file)
@@ -36,6 +36,7 @@
 #include "../lib/crypto/md4.h"
 #include "rpc_client/init_lsa.h"
 #include "rpc_server/rpc_ncacn_np.h"
+#include "../libcli/security/dom_sid.h"
 
 extern userdom_struct current_user_info;
 
@@ -909,7 +910,7 @@ NTSTATUS _netr_ServerAuthenticate3(struct pipes_struct *p,
                goto out;
        }
 
-       creds->sid = sid_dup_talloc(creds, &sid);
+       creds->sid = dom_sid_dup(creds, &sid);
        if (!creds->sid) {
                status = NT_STATUS_NO_MEMORY;
                goto out;
index bc71146f389bbef32c1bcf4f4da95becd52a245f..994fc7934b79dd5e76d5be376b82940cb0e04256 100644 (file)
@@ -39,6 +39,7 @@
 #include "../lib/crypto/arcfour.h"
 #include "secrets.h"
 #include "rpc_client/init_lsa.h"
+#include "../libcli/security/dom_sid.h"
 
 #undef DBGC_CLASS
 #define DBGC_CLASS DBGC_RPC_SRV
@@ -712,7 +713,7 @@ NTSTATUS _samr_SetSecurity(struct pipes_struct *p,
 
        dacl = r->in.sdbuf->sd->dacl;
        for (i=0; i < dacl->num_aces; i++) {
-               if (sid_equal(&uinfo->sid, &dacl->aces[i].trustee)) {
+               if (dom_sid_equal(&uinfo->sid, &dacl->aces[i].trustee)) {
                        ret = pdb_set_pass_can_change(sampass,
                                (dacl->aces[i].access_mask &
                                 SAMR_USER_ACCESS_CHANGE_PASSWORD) ?
@@ -5472,7 +5473,7 @@ NTSTATUS _samr_GetMembersInAlias(struct pipes_struct *p,
        }
 
        for (i = 0; i < num_sids; i++) {
-               sids[i].sid = sid_dup_talloc(p->mem_ctx, &pdb_sids[i]);
+               sids[i].sid = dom_sid_dup(p->mem_ctx, &pdb_sids[i]);
                if (!sids[i].sid) {
                        TALLOC_FREE(pdb_sids);
                        return NT_STATUS_NO_MEMORY;
@@ -6735,7 +6736,7 @@ NTSTATUS _samr_RidToSid(struct pipes_struct *p,
                return NT_STATUS_NO_MEMORY;
        }
 
-       *r->out.sid = sid_dup_talloc(p->mem_ctx, &sid);
+       *r->out.sid = dom_sid_dup(p->mem_ctx, &sid);
        if (!*r->out.sid) {
                return NT_STATUS_NO_MEMORY;
        }
index 2ebce91c52f5d70aafdc2bef826e02d9d9835dff..cd5ffe245ff063dc27bc0142ed9284a1dd5fd8d2 100644 (file)
@@ -28,6 +28,7 @@
 #include "../librpc/gen_ndr/ndr_security.h"
 #include "secrets.h"
 #include "rpc_server/rpc_ncacn_np.h"
+#include "../libcli/security/dom_sid.h"
 
 #define TOP_LEVEL_PRINT_KEY "SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Print"
 #define TOP_LEVEL_PRINT_PRINTERS_KEY TOP_LEVEL_PRINT_KEY "\\Printers"
@@ -2387,7 +2388,7 @@ create_default:
        /* If security descriptor is owned by S-1-1-0 and winbindd is up,
           this security descriptor has been created when winbindd was
           down.  Take ownership of security descriptor. */
-       if (sid_equal(secdesc->owner_sid, &global_sid_World)) {
+       if (dom_sid_equal(secdesc->owner_sid, &global_sid_World)) {
                struct dom_sid owner_sid;
 
                /* Change sd owner to workgroup administrator */
index cba555ac3add85667546756ab459c5a2b384f2bc..17314d23e923c1360b49afcd608e738fadfb34df 100644 (file)
@@ -30,6 +30,7 @@
 #include "rpc_client/cli_samr.h"
 #include "rpc_client/init_samr.h"
 #include "rpc_client/init_lsa.h"
+#include "../libcli/security/dom_sid.h"
 
 extern struct dom_sid domain_sid;
 
@@ -668,7 +669,7 @@ static NTSTATUS cmd_samr_query_useraliases(struct rpc_pipe_client *cli,
        }
 
        for (i=0; i<num_sids; i++) {
-               sid_array.sids[i].sid = sid_dup_talloc(mem_ctx, &sids[i]);
+               sid_array.sids[i].sid = dom_sid_dup(mem_ctx, &sids[i]);
                if (!sid_array.sids[i].sid) {
                        return NT_STATUS_NO_MEMORY;
                }
diff --git a/source3/rpcclient/cmd_winreg.c b/source3/rpcclient/cmd_winreg.c
new file mode 100644 (file)
index 0000000..6fcb528
--- /dev/null
@@ -0,0 +1,321 @@
+/*
+   Unix SMB/CIFS implementation.
+   RPC pipe client
+
+   Copyright (C) Guenther Deschner 2009
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "rpcclient.h"
+#include "../librpc/gen_ndr/cli_winreg.h"
+#include "../librpc/gen_ndr/ndr_misc.h"
+
+static WERROR cmd_winreg_enumkeys(struct rpc_pipe_client *cli,
+                                 TALLOC_CTX *mem_ctx, int argc,
+                                 const char **argv)
+{
+       NTSTATUS status;
+       WERROR werr;
+       struct policy_handle handle;
+       uint32_t enum_index = 0;
+       struct winreg_StringBuf name;
+
+       if (argc < 2) {
+               printf("usage: %s [name]\n", argv[0]);
+               return WERR_OK;
+       }
+
+       status = rpccli_winreg_OpenHKLM(cli, mem_ctx,
+                                       NULL,
+                                       SEC_FLAG_MAXIMUM_ALLOWED,
+                                       &handle,
+                                       &werr);
+       if (!NT_STATUS_IS_OK(status)) {
+               return ntstatus_to_werror(status);
+       }
+       if (!W_ERROR_IS_OK(werr)) {
+               return werr;
+       }
+
+       ZERO_STRUCT(name);
+
+       name.name = argv[1];
+       name.length = strlen_m_term_null(name.name)*2;
+       name.size = name.length;
+
+       status = rpccli_winreg_EnumKey(cli, mem_ctx,
+                                      &handle,
+                                      enum_index,
+                                      &name,
+                                      NULL,
+                                      NULL,
+                                      &werr);
+       if (!NT_STATUS_IS_OK(status)) {
+               return ntstatus_to_werror(status);
+       }
+       if (!W_ERROR_IS_OK(werr)) {
+               return werr;
+       }
+
+       return WERR_OK;
+}
+
+/****************************************************************************
+****************************************************************************/
+
+static WERROR pull_winreg_Data(TALLOC_CTX *mem_ctx,
+                              const DATA_BLOB *blob,
+                              union winreg_Data *data,
+                              enum winreg_Type type)
+{
+       enum ndr_err_code ndr_err;
+       ndr_err = ndr_pull_union_blob(blob, mem_ctx, data, type,
+                       (ndr_pull_flags_fn_t)ndr_pull_winreg_Data);
+       if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+               return WERR_GENERAL_FAILURE;
+       }
+       return WERR_OK;
+}
+
+/****************************************************************************
+****************************************************************************/
+
+static void display_winreg_data(const char *v,
+                               enum winreg_Type type,
+                               uint8_t *data,
+                               uint32_t length)
+{
+       int i;
+       union winreg_Data r;
+       DATA_BLOB blob = data_blob_const(data, length);
+       WERROR result;
+
+       result = pull_winreg_Data(talloc_tos(), &blob, &r, type);
+       if (!W_ERROR_IS_OK(result)) {
+               return;
+       }
+
+       switch (type) {
+       case REG_DWORD:
+               printf("%s: REG_DWORD: 0x%08x\n", v, r.value);
+               break;
+       case REG_SZ:
+               printf("%s: REG_SZ: %s\n", v, r.string);
+               break;
+       case REG_BINARY: {
+               char *hex = hex_encode_talloc(NULL,
+                       r.binary.data, r.binary.length);
+               size_t len;
+               printf("%s: REG_BINARY:", v);
+               len = strlen(hex);
+               for (i=0; i<len; i++) {
+                       if (hex[i] == '\0') {
+                               break;
+                       }
+                       if (i%40 == 0) {
+                               putchar('\n');
+                       }
+                       putchar(hex[i]);
+               }
+               TALLOC_FREE(hex);
+               putchar('\n');
+               break;
+       }
+       case REG_MULTI_SZ:
+               printf("%s: REG_MULTI_SZ: ", v);
+               for (i=0; r.string_array[i] != NULL; i++) {
+                       printf("%s ", r.string_array[i]);
+               }
+               printf("\n");
+               break;
+       default:
+               printf("%s: unknown type 0x%02x:\n", v, type);
+               break;
+       }
+}
+
+
+static WERROR cmd_winreg_querymultiplevalues_ex(struct rpc_pipe_client *cli,
+                                               TALLOC_CTX *mem_ctx, int argc,
+                                               const char **argv, bool multiplevalues2)
+{
+       NTSTATUS status;
+       WERROR werr;
+       struct policy_handle handle, key_handle;
+       struct winreg_String key_name;
+
+       struct QueryMultipleValue *values_in, *values_out;
+       uint32_t num_values;
+       uint8_t *buffer = NULL;
+       int i;
+
+
+       if (argc < 2) {
+               printf("usage: %s [key] [value1] [value2] ...\n", argv[0]);
+               return WERR_OK;
+       }
+
+       status = rpccli_winreg_OpenHKLM(cli, mem_ctx,
+                                       NULL,
+                                       SEC_FLAG_MAXIMUM_ALLOWED,
+                                       &handle,
+                                       &werr);
+       if (!NT_STATUS_IS_OK(status)) {
+               return ntstatus_to_werror(status);
+       }
+       if (!W_ERROR_IS_OK(werr)) {
+               return werr;
+       }
+
+       key_name.name = argv[1];
+
+       status = rpccli_winreg_OpenKey(cli, mem_ctx,
+                                      &handle,
+                                      key_name,
+                                      0, /* options */
+                                      SEC_FLAG_MAXIMUM_ALLOWED,
+                                      &key_handle,
+                                      &werr);
+       if (!NT_STATUS_IS_OK(status)) {
+               return ntstatus_to_werror(status);
+       }
+       if (!W_ERROR_IS_OK(werr)) {
+               return werr;
+       }
+
+       num_values = argc-2;
+
+       values_in = talloc_zero_array(mem_ctx, struct QueryMultipleValue, num_values);
+       if (values_in == NULL) {
+               return WERR_NOMEM;
+       }
+
+       values_out = talloc_zero_array(mem_ctx, struct QueryMultipleValue, num_values);
+       if (values_out == NULL) {
+               return WERR_NOMEM;
+       }
+
+       for (i=0; i < num_values; i++) {
+
+               values_in[i].ve_valuename = talloc_zero(values_in, struct winreg_ValNameBuf);
+               if (values_in[i].ve_valuename == NULL) {
+                       return WERR_NOMEM;
+               }
+
+               values_in[i].ve_valuename->name = talloc_strdup(values_in[i].ve_valuename, argv[i+2]);
+               values_in[i].ve_valuename->length = strlen_m_term_null(values_in[i].ve_valuename->name)*2;
+               values_in[i].ve_valuename->size = values_in[i].ve_valuename->length;
+       }
+
+       if (multiplevalues2) {
+
+               uint32_t offered = 0, needed = 0;
+
+               status = rpccli_winreg_QueryMultipleValues2(cli, mem_ctx,
+                                                          &key_handle,
+                                                          values_in,
+                                                          values_out,
+                                                          num_values,
+                                                          buffer,
+                                                          &offered,
+                                                          &needed,
+                                                          &werr);
+               if (W_ERROR_EQUAL(werr, WERR_MORE_DATA)) {
+                       offered = needed;
+
+                       buffer = talloc_zero_array(mem_ctx, uint8_t, needed);
+                       if (buffer == NULL) {
+                               return WERR_NOMEM;
+                       }
+
+                       status = rpccli_winreg_QueryMultipleValues2(cli, mem_ctx,
+                                                                   &key_handle,
+                                                                   values_in,
+                                                                   values_out,
+                                                                   num_values,
+                                                                   buffer,
+                                                                   &offered,
+                                                                   &needed,
+                                                                   &werr);
+                       if (!NT_STATUS_IS_OK(status)) {
+                               return ntstatus_to_werror(status);
+                       }
+                       if (!W_ERROR_IS_OK(werr)) {
+                               return werr;
+                       }
+               }
+
+       } else {
+
+               uint32_t buffer_size = 0xff;
+
+               buffer = talloc_zero_array(mem_ctx, uint8_t, buffer_size);
+               if (buffer == NULL) {
+                       return WERR_NOMEM;
+               }
+
+               status = rpccli_winreg_QueryMultipleValues(cli, mem_ctx,
+                                                          &key_handle,
+                                                          values_in,
+                                                          values_out,
+                                                          num_values,
+                                                          buffer,
+                                                          &buffer_size,
+                                                          &werr);
+               if (!NT_STATUS_IS_OK(status)) {
+                       return ntstatus_to_werror(status);
+               }
+               if (!W_ERROR_IS_OK(werr)) {
+                       return werr;
+               }
+       }
+
+       for (i=0; i < num_values; i++) {
+               if (buffer) {
+                       display_winreg_data(values_in[i].ve_valuename->name,
+                                           values_out[i].ve_type,
+                                           buffer + values_out[i].ve_valueptr,
+                                           values_out[i].ve_valuelen);
+               }
+       }
+
+       return WERR_OK;
+}
+
+static WERROR cmd_winreg_querymultiplevalues(struct rpc_pipe_client *cli,
+                                            TALLOC_CTX *mem_ctx, int argc,
+                                            const char **argv)
+{
+       return cmd_winreg_querymultiplevalues_ex(cli, mem_ctx, argc, argv, false);
+}
+
+static WERROR cmd_winreg_querymultiplevalues2(struct rpc_pipe_client *cli,
+                                             TALLOC_CTX *mem_ctx, int argc,
+                                             const char **argv)
+{
+       return cmd_winreg_querymultiplevalues_ex(cli, mem_ctx, argc, argv, true);
+}
+
+/* List of commands exported by this module */
+
+struct cmd_set winreg_commands[] = {
+
+       { "WINREG" },
+       { "enumkey", RPC_RTYPE_WERROR, NULL, cmd_winreg_enumkeys, &ndr_table_winreg.syntax_id, NULL, "Enumerate Keys", "" },
+       { "querymultiplevalues", RPC_RTYPE_WERROR, NULL, cmd_winreg_querymultiplevalues, &ndr_table_winreg.syntax_id, NULL, "Query multiple values", "" },
+       { "querymultiplevalues2", RPC_RTYPE_WERROR, NULL, cmd_winreg_querymultiplevalues2, &ndr_table_winreg.syntax_id, NULL, "Query multiple values", "" },
+       { NULL }
+};
index 9529212dd74fdb585d7dc68935c59af782684a03..5fa8132db8d1d41bf7c4d9df4602ffffb7103050 100644 (file)
@@ -9,12 +9,12 @@
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation; either version 3 of the License, or
    (at your option) any later version.
-   
+
    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.
-   
+
    You should have received a copy of the GNU General Public License
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
@@ -54,7 +54,7 @@ handle completion of commands for readline
 ****************************************************************************/
 static char **completion_fn(const char *text, int start, int end)
 {
-#define MAX_COMPLETIONS 100
+#define MAX_COMPLETIONS 1000
        char **matches;
        int i, count=0;
        struct cmd_list *commands = cmd_list;
@@ -87,7 +87,7 @@ static char **completion_fn(const char *text, int start, int end)
                if (!commands->cmd_set) {
                        break;
                }
-               
+
                for (i=0; commands->cmd_set[i].name; i++) {
                        if ((strncmp(text, commands->cmd_set[i].name, strlen(text)) == 0) &&
                                (( commands->cmd_set[i].returntype == RPC_RTYPE_NTSTATUS &&
@@ -106,7 +106,6 @@ static char **completion_fn(const char *text, int start, int end)
                        }
                }
                commands = commands->next;
-               
        }
 
        if (count == 2) {
@@ -121,10 +120,10 @@ static char *next_command (char **cmdstr)
 {
        char *command;
        char                    *p;
-       
+
        if (!cmdstr || !(*cmdstr))
                return NULL;
-       
+
        p = strchr_m(*cmdstr, ';');
        if (p)
                *p = '\0';
@@ -133,7 +132,7 @@ static char *next_command (char **cmdstr)
                *cmdstr = p + 1;
        else
                *cmdstr = NULL;
-       
+
        return command;
 }
 
@@ -161,7 +160,7 @@ static void fetch_machine_sid(struct cli_state *cli)
                fprintf(stderr, "could not initialise lsa pipe. Error was %s\n", nt_errstr(result) );
                goto error;
        }
-       
+
        result = rpccli_lsa_open_policy(lsapipe, mem_ctx, True, 
                                     SEC_FLAG_MAXIMUM_ALLOWED,
                                     &pol);
@@ -222,7 +221,7 @@ static NTSTATUS cmd_listcommands(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ct
        for (tmp = cmd_list; tmp; tmp = tmp->next) 
        {
                tmp_set = tmp->cmd_set;
-               
+
                if (!StrCaseCmp(argv[1], tmp_set->name))
                {
                        printf("Available commands on the %s pipe:\n\n", tmp_set->name);
@@ -236,7 +235,7 @@ static NTSTATUS cmd_listcommands(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ct
                                if (i%3 == 0)
                                        printf("\n");
                        }
-                       
+
                        /* drop out of the loop */
                        break;
                }
@@ -265,7 +264,7 @@ static NTSTATUS cmd_help(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
 
         if (argc == 2) {
                 for (tmp = cmd_list; tmp; tmp = tmp->next) {
-                        
+
                         tmp_set = tmp->cmd_set;
 
                         while(tmp_set->name) {
@@ -475,7 +474,7 @@ static NTSTATUS cmd_timeout(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
                timeout = atoi(argv[1]);
 
                for (tmp = cmd_list; tmp; tmp = tmp->next) {
-                       
+
                        struct cmd_set *tmp_set;
 
                        for (tmp_set = tmp->cmd_set; tmp_set->name; tmp_set++) {
@@ -600,6 +599,7 @@ extern struct cmd_set wkssvc_commands[];
 extern struct cmd_set ntsvcs_commands[];
 extern struct cmd_set drsuapi_commands[];
 extern struct cmd_set eventlog_commands[];
+extern struct cmd_set winreg_commands[];
 
 static struct cmd_set *rpcclient_command_list[] = {
        rpcclient_commands,
@@ -618,6 +618,7 @@ static struct cmd_set *rpcclient_command_list[] = {
        ntsvcs_commands,
        drsuapi_commands,
        eventlog_commands,
+       winreg_commands,
        NULL
 };
 
@@ -650,7 +651,7 @@ static NTSTATUS do_cmd(struct cli_state *cli,
 {
        NTSTATUS ntresult;
        WERROR wresult;
-       
+
        TALLOC_CTX *mem_ctx;
 
        /* Create mem_ctx */
index 9470447f539b6b0bd1611c650a7441faaf61217f..dc3585d81b30c6229d826e7b5c448986913f785b 100644 (file)
@@ -20,6 +20,7 @@
 */
 
 #include "includes.h"
+#include "../libcli/security/dom_sid.h"
 
 extern const struct generic_mapping file_generic_mapping;
 
@@ -944,10 +945,10 @@ static void merge_aces( canon_ace **pp_list_head, bool dir_acl)
                         * ensure the POSIX ACL types are the same. */
 
                        if (!dir_acl) {
-                               can_merge = (sid_equal(&curr_ace->trustee, &curr_ace_outer->trustee) &&
+                               can_merge = (dom_sid_equal(&curr_ace->trustee, &curr_ace_outer->trustee) &&
                                                (curr_ace->attr == curr_ace_outer->attr));
                        } else {
-                               can_merge = (sid_equal(&curr_ace->trustee, &curr_ace_outer->trustee) &&
+                               can_merge = (dom_sid_equal(&curr_ace->trustee, &curr_ace_outer->trustee) &&
                                                (curr_ace->type == curr_ace_outer->type) &&
                                                (curr_ace->attr == curr_ace_outer->attr));
                        }
@@ -996,7 +997,7 @@ static void merge_aces( canon_ace **pp_list_head, bool dir_acl)
                         * we've put on the ACL, we know the deny must be the first one.
                         */
 
-                       if (sid_equal(&curr_ace->trustee, &curr_ace_outer->trustee) &&
+                       if (dom_sid_equal(&curr_ace->trustee, &curr_ace_outer->trustee) &&
                                (curr_ace_outer->attr == DENY_ACE) && (curr_ace->attr == ALLOW_ACE)) {
 
                                if( DEBUGLVL( 10 )) {
@@ -1297,7 +1298,7 @@ static bool uid_entry_in_group(connection_struct *conn, canon_ace *uid_ace, cano
 
        /* "Everyone" always matches every uid. */
 
-       if (sid_equal(&group_ace->trustee, &global_sid_World))
+       if (dom_sid_equal(&group_ace->trustee, &global_sid_World))
                return True;
 
        /*
@@ -1513,12 +1514,12 @@ static void check_owning_objs(canon_ace *ace, struct dom_sid *pfile_owner_sid, s
 
        for (i=0, current_ace = ace; i < entries; i++, current_ace = current_ace->next) {
                if (!got_user_obj && current_ace->owner_type == UID_ACE &&
-                               sid_equal(&current_ace->trustee, pfile_owner_sid)) {
+                               dom_sid_equal(&current_ace->trustee, pfile_owner_sid)) {
                        current_ace->type = SMB_ACL_USER_OBJ;
                        got_user_obj = True;
                }
                if (!got_group_obj && current_ace->owner_type == GID_ACE &&
-                               sid_equal(&current_ace->trustee, pfile_grp_sid)) {
+                               dom_sid_equal(&current_ace->trustee, pfile_grp_sid)) {
                        current_ace->type = SMB_ACL_GROUP_OBJ;
                        got_group_obj = True;
                }
@@ -1549,7 +1550,7 @@ static bool dup_owning_ace(canon_ace *dir_ace, canon_ace *ace)
        */
 
        if (ace->type == SMB_ACL_USER_OBJ &&
-                       !(sid_equal(&ace->trustee, &global_sid_Creator_Owner))) {
+                       !(dom_sid_equal(&ace->trustee, &global_sid_Creator_Owner))) {
                canon_ace *dup_ace = dup_canon_ace(ace);
 
                if (dup_ace == NULL) {
@@ -1560,7 +1561,7 @@ static bool dup_owning_ace(canon_ace *dir_ace, canon_ace *ace)
        }
 
        if (ace->type == SMB_ACL_GROUP_OBJ &&
-                       !(sid_equal(&ace->trustee, &global_sid_Creator_Group))) {
+                       !(dom_sid_equal(&ace->trustee, &global_sid_Creator_Group))) {
                canon_ace *dup_ace = dup_canon_ace(ace);
 
                if (dup_ace == NULL) {
@@ -1646,7 +1647,7 @@ static bool create_canon_ace_lists(files_struct *fsp,
                        if (psa1->access_mask != psa2->access_mask)
                                continue;
 
-                       if (!sid_equal(&psa1->trustee, &psa2->trustee))
+                       if (!dom_sid_equal(&psa1->trustee, &psa2->trustee))
                                continue;
 
                        /*
@@ -1692,11 +1693,11 @@ static bool create_canon_ace_lists(files_struct *fsp,
                 * Note what kind of a POSIX ACL this should map to.
                 */
 
-               if( sid_equal(&current_ace->trustee, &global_sid_World)) {
+               if( dom_sid_equal(&current_ace->trustee, &global_sid_World)) {
                        current_ace->owner_type = WORLD_ACE;
                        current_ace->unix_ug.world = -1;
                        current_ace->type = SMB_ACL_OTHER;
-               } else if (sid_equal(&current_ace->trustee, &global_sid_Creator_Owner)) {
+               } else if (dom_sid_equal(&current_ace->trustee, &global_sid_Creator_Owner)) {
                        current_ace->owner_type = UID_ACE;
                        current_ace->unix_ug.uid = pst->st_ex_uid;
                        current_ace->type = SMB_ACL_USER_OBJ;
@@ -1709,7 +1710,7 @@ static bool create_canon_ace_lists(files_struct *fsp,
 
                        psa->flags |= SEC_ACE_FLAG_INHERIT_ONLY;
 
-               } else if (sid_equal(&current_ace->trustee, &global_sid_Creator_Group)) {
+               } else if (dom_sid_equal(&current_ace->trustee, &global_sid_Creator_Group)) {
                        current_ace->owner_type = GID_ACE;
                        current_ace->unix_ug.gid = pst->st_ex_gid;
                        current_ace->type = SMB_ACL_GROUP_OBJ;
@@ -2085,7 +2086,7 @@ static void process_deny_list(connection_struct *conn, canon_ace **pp_ace_list )
                        continue;
                }
 
-               if (!sid_equal(&curr_ace->trustee, &global_sid_World))
+               if (!dom_sid_equal(&curr_ace->trustee, &global_sid_World))
                        continue;
 
                /* JRATEST - assert. */
@@ -3080,7 +3081,7 @@ static size_t merge_default_aces( struct security_ace *nt_ace_list, size_t num_a
                        if ((nt_ace_list[i].type == nt_ace_list[j].type) &&
                                (nt_ace_list[i].size == nt_ace_list[j].size) &&
                                (nt_ace_list[i].access_mask == nt_ace_list[j].access_mask) &&
-                               sid_equal(&nt_ace_list[i].trustee, &nt_ace_list[j].trustee) &&
+                               dom_sid_equal(&nt_ace_list[i].trustee, &nt_ace_list[j].trustee) &&
                                (i_inh == j_inh) &&
                                (i_flags_ni == 0) &&
                                (j_flags_ni == (SEC_ACE_FLAG_OBJECT_INHERIT|
@@ -3144,7 +3145,7 @@ static void add_or_replace_ace(struct security_ace *nt_ace_list, size_t *num_ace
 
        /* first search for a duplicate */
        for (i = 0; i < *num_aces; i++) {
-               if (sid_equal(&nt_ace_list[i].trustee, sid) &&
+               if (dom_sid_equal(&nt_ace_list[i].trustee, sid) &&
                    (nt_ace_list[i].flags == flags)) break;
        }
 
@@ -3367,7 +3368,7 @@ static NTSTATUS posix_get_nt_acl_common(struct connection_struct *conn,
 
                        if (lp_profile_acls(SNUM(conn))) {
                                for (i = 0; i < num_aces; i++) {
-                                       if (sid_equal(&nt_ace_list[i].trustee, &owner_sid)) {
+                                       if (dom_sid_equal(&nt_ace_list[i].trustee, &owner_sid)) {
                                                add_or_replace_ace(nt_ace_list, &num_aces,
                                                                   &orig_owner_sid,
                                                                   nt_ace_list[i].type,
@@ -3756,7 +3757,7 @@ NTSTATUS append_parent_acl(files_struct *fsp,
                         * same SID. This is order N^2. Ouch :-(. JRA. */
                        unsigned int k;
                        for (k = 0; k < psd->dacl->num_aces; k++) {
-                               if (sid_equal(&psd->dacl->aces[k].trustee,
+                               if (dom_sid_equal(&psd->dacl->aces[k].trustee,
                                                &se->trustee)) {
                                        break;
                                }
index 40009c8a3c738dc48d61f5b09e5307d5a7bf0035..b890687425248c6e33aca425e8f143e4318f871b 100644 (file)
@@ -22,6 +22,8 @@
 #include "smbd/globals.h"
 #include "librpc/gen_ndr/netlogon.h"
 #include "librpc/gen_ndr/messaging.h"
+#include "../lib/async_req/async_sock.h"
+#include "ctdbd_conn.h"
 
 extern bool global_machine_password_needs_changing;
 
index 247cbb84d565feba88e10d2b32d264c4f28ed296..e2edaf3a3c0d89d8eb29b878f113e53be6a17b1c 100644 (file)
@@ -29,6 +29,7 @@
 #include "libcli/auth/schannel.h"
 #include "secrets.h"
 #include "memcache.h"
+#include "ctdbd_conn.h"
 
 #include "../librpc/gen_ndr/srv_dfs.h"
 #include "../librpc/gen_ndr/srv_dssetup.h"
index 06ed264debc63e4d21e7a17b768ffc6e17447130..588ed1467518ebdd999b3aae130722867e289e16 100644 (file)
@@ -29,6 +29,7 @@
 #include "nsswitch/winbind_client.h"
 #include "dbwrap.h"
 #include "talloc_dict.h"
+#include "async_smb.h"
 
 extern char *optarg;
 extern int optind;
@@ -6851,7 +6852,7 @@ static bool run_local_string_to_sid(int dummy) {
                printf("could not parse S-1-5-32-545\n");
                return false;
        }
-       if (!sid_equal(&sid, &global_sid_Builtin_Users)) {
+       if (!dom_sid_equal(&sid, &global_sid_Builtin_Users)) {
                printf("mis-parsed S-1-5-32-545 as %s\n",
                       sid_string_tos(&sid));
                return false;
index 671f7e81e9cd83adf76d1bb9f205ddeaa7ffd473..96b3626391bef8afd7b62f981c039e7875ff85cc 100644 (file)
@@ -36,6 +36,7 @@
 #include "secrets.h"
 #include "lib/netapi/netapi.h"
 #include "rpc_client/init_lsa.h"
+#include "../libcli/security/dom_sid.h"
 
 static int net_mode_share;
 static bool sync_files(struct copy_clistate *cp_clistate, const char *mask);
@@ -4171,7 +4172,7 @@ static bool is_alias_member(struct dom_sid *sid, struct full_alias *alias)
        int i;
 
        for (i=0; i<alias->num_members; i++) {
-               if (sid_compare(sid, &alias->members[i]) == 0)
+               if (dom_sid_compare(sid, &alias->members[i]) == 0)
                        return true;
        }
 
index 8b5a90838ed883309b7585f951c476fffa280521..59c52bc27002016cb3ef4b2f7164b19d958222f2 100644 (file)
@@ -29,6 +29,7 @@
 #include "../librpc/gen_ndr/ndr_drsuapi.h"
 #include "libnet/libnet_samsync.h"
 #include "libnet/libnet_dssync.h"
+#include "../libcli/security/dom_sid.h"
 
 static void parse_samsync_partial_replication_objects(TALLOC_CTX *mem_ctx,
                                                      int argc,
@@ -187,7 +188,7 @@ NTSTATUS rpc_vampire_internals(struct net_context *c,
        NTSTATUS result;
        struct samsync_context *ctx = NULL;
 
-       if (!sid_equal(domain_sid, get_global_sam_sid())) {
+       if (!dom_sid_equal(domain_sid, get_global_sam_sid())) {
                d_printf(_("Cannot import users from %s at this time, "
                           "as the current domain:\n\t%s: %s\nconflicts "
                           "with the remote domain\n\t%s: %s\n"
@@ -235,7 +236,7 @@ NTSTATUS rpc_vampire_internals(struct net_context *c,
        }
 
        /* fetch builtin */
-       ctx->domain_sid = sid_dup_talloc(mem_ctx, &global_sid_Builtin);
+       ctx->domain_sid = dom_sid_dup(mem_ctx, &global_sid_Builtin);
        ctx->domain_sid_str = sid_string_talloc(mem_ctx, ctx->domain_sid);
        result = libnet_samsync(SAM_DATABASE_BUILTIN, ctx);
 
@@ -318,7 +319,7 @@ NTSTATUS rpc_vampire_ldif_internals(struct net_context *c,
        }
 
        /* fetch builtin */
-       ctx->domain_sid = sid_dup_talloc(mem_ctx, &global_sid_Builtin);
+       ctx->domain_sid = dom_sid_dup(mem_ctx, &global_sid_Builtin);
        ctx->domain_sid_str = sid_string_talloc(mem_ctx, ctx->domain_sid);
        status = libnet_samsync(SAM_DATABASE_BUILTIN, ctx);
 
index a5be7146311bc73b92cba40d8609b881b8f76847..ff2a8db9fdc890374baba6038bd0267dca5c0ebb 100644 (file)
@@ -21,6 +21,7 @@
 #include "includes.h"
 #include "utils/net.h"
 #include "../librpc/gen_ndr/samr.h"
+#include "smbldap.h"
 
 /*
  * Set a user's data
index 38ed9f7c9bbf5084e3032a62ecfe73f8350aa4fa..f8145b4a6da461c5888422c0ccfe204bfda65d55 100644 (file)
@@ -34,6 +34,7 @@
 #include "../lib/crypto/arcfour.h"
 #include "libads/kerberos_proto.h"
 #include "nsswitch/winbind_client.h"
+#include "librpc/gen_ndr/krb5pac.h"
 
 #ifndef PAM_WINBIND_CONFIG_FILE
 #define PAM_WINBIND_CONFIG_FILE "/etc/security/pam_winbind.conf"
@@ -812,15 +813,17 @@ static NTSTATUS do_ccache_ntlm_auth(DATA_BLOB initial_msg, DATA_BLOB challenge_m
        return NT_STATUS_MORE_PROCESSING_REQUIRED;
 }
 
-static void manage_squid_ntlmssp_request(struct ntlm_auth_state *state,
-                                               char *buf, int length)
+static void manage_squid_ntlmssp_request_int(struct ntlm_auth_state *state,
+                                            char *buf, int length,
+                                            TALLOC_CTX *mem_ctx,
+                                            char **response)
 {
        DATA_BLOB request, reply;
        NTSTATUS nt_status;
 
        if (strlen(buf) < 2) {
                DEBUG(1, ("NTLMSSP query [%s] invalid\n", buf));
-               x_fprintf(x_stdout, "BH NTLMSSP query invalid\n");
+               *response = talloc_strdup(mem_ctx, "BH NTLMSSP query invalid");
                return;
        }
 
@@ -830,7 +833,7 @@ static void manage_squid_ntlmssp_request(struct ntlm_auth_state *state,
                        TALLOC_FREE(state->want_feature_list);
                        state->want_feature_list = talloc_strdup(state->mem_ctx,
                                        buf+3);
-                       x_fprintf(x_stdout, "OK\n");
+                       *response = talloc_strdup(mem_ctx, "OK");
                        return;
                }
                request = base64_decode_data_blob(buf + 3);
@@ -847,12 +850,12 @@ static void manage_squid_ntlmssp_request(struct ntlm_auth_state *state,
 
                if (opt_password == NULL) {
                        DEBUG(1, ("Out of memory\n"));
-                       x_fprintf(x_stdout, "BH Out of memory\n");
+                       *response = talloc_strdup(mem_ctx, "BH Out of memory");
                        data_blob_free(&request);
                        return;
                }
 
-               x_fprintf(x_stdout, "OK\n");
+               *response = talloc_strdup(mem_ctx, "OK");
                data_blob_free(&request);
                return;
        }
@@ -866,10 +869,11 @@ static void manage_squid_ntlmssp_request(struct ntlm_auth_state *state,
                DEBUG(10, ("Requested negotiated NTLMSSP flags\n"));
 
                if (state->svr_state == SERVER_FINISHED) {
-                       x_fprintf(x_stdout, "GF 0x%08x\n", state->neg_flags);
+                       *response = talloc_asprintf(mem_ctx, "GF 0x%08x",
+                                                state->neg_flags);
                }
                else {
-                       x_fprintf(x_stdout, "BH\n");
+                       *response = talloc_strdup(mem_ctx, "BH\n");
                }
                data_blob_free(&request);
                return;
@@ -878,17 +882,18 @@ static void manage_squid_ntlmssp_request(struct ntlm_auth_state *state,
                if(state->have_session_key) {
                        char *key64 = base64_encode_data_blob(state->mem_ctx,
                                        state->session_key);
-                       x_fprintf(x_stdout, "GK %s\n", key64?key64:"<NULL>");
+                       *response = talloc_asprintf(mem_ctx, "GK %s",
+                                                key64 ? key64 : "<NULL>");
                        TALLOC_FREE(key64);
                } else {
-                       x_fprintf(x_stdout, "BH\n");
+                       *response = talloc_strdup(mem_ctx, "BH");
                }
 
                data_blob_free(&request);
                return;
        } else {
                DEBUG(1, ("NTLMSSP query [%s] invalid\n", buf));
-               x_fprintf(x_stdout, "BH NTLMSSP query invalid\n");
+               *response = talloc_strdup(mem_ctx, "BH NTLMSSP query invalid");
                return;
        }
 
@@ -896,7 +901,8 @@ static void manage_squid_ntlmssp_request(struct ntlm_auth_state *state,
                nt_status = ntlm_auth_start_ntlmssp_server(
                                &state->ntlmssp_state);
                if (!NT_STATUS_IS_OK(nt_status)) {
-                       x_fprintf(x_stdout, "BH %s\n", nt_errstr(nt_status));
+                       *response = talloc_asprintf(
+                               mem_ctx, "BH %s", nt_errstr(nt_status));
                        return;
                }
                ntlmssp_want_feature_list(state->ntlmssp_state,
@@ -911,22 +917,25 @@ static void manage_squid_ntlmssp_request(struct ntlm_auth_state *state,
        if (NT_STATUS_EQUAL(nt_status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
                char *reply_base64 = base64_encode_data_blob(state->mem_ctx,
                                reply);
-               x_fprintf(x_stdout, "TT %s\n", reply_base64);
+               *response = talloc_asprintf(mem_ctx, "TT %s", reply_base64);
                TALLOC_FREE(reply_base64);
                data_blob_free(&reply);
                state->svr_state = SERVER_CHALLENGE;
                DEBUG(10, ("NTLMSSP challenge\n"));
        } else if (NT_STATUS_EQUAL(nt_status, NT_STATUS_ACCESS_DENIED)) {
-               x_fprintf(x_stdout, "BH %s\n", nt_errstr(nt_status));
+               *response = talloc_asprintf(mem_ctx, "BH %s",
+                                        nt_errstr(nt_status));
                DEBUG(0, ("NTLMSSP BH: %s\n", nt_errstr(nt_status)));
 
                TALLOC_FREE(state->ntlmssp_state);
        } else if (!NT_STATUS_IS_OK(nt_status)) {
-               x_fprintf(x_stdout, "NA %s\n", nt_errstr(nt_status));
+               *response = talloc_asprintf(mem_ctx, "NA %s",
+                                        nt_errstr(nt_status));
                DEBUG(10, ("NTLMSSP %s\n", nt_errstr(nt_status)));
        } else {
-               x_fprintf(x_stdout, "AF %s\n",
-                               (char *)state->ntlmssp_state->callback_private);
+               *response = talloc_asprintf(
+                       mem_ctx, "AF %s",
+                       (char *)state->ntlmssp_state->callback_private);
                DEBUG(10, ("NTLMSSP OK!\n"));
 
                if(state->have_session_key)
@@ -942,6 +951,22 @@ static void manage_squid_ntlmssp_request(struct ntlm_auth_state *state,
        data_blob_free(&request);
 }
 
+static void manage_squid_ntlmssp_request(struct ntlm_auth_state *state,
+                                        char *buf, int length)
+{
+       char *response;
+
+       manage_squid_ntlmssp_request_int(state, buf, length,
+                                        talloc_tos(), &response);
+
+       if (response == NULL) {
+               x_fprintf(x_stdout, "BH Out of memory\n");
+               return;
+       }
+       x_fprintf(x_stdout, "%s\n", response);
+       TALLOC_FREE(response);
+}
+
 static void manage_client_ntlmssp_request(struct ntlm_auth_state *state,
                                                char *buf, int length)
 {
@@ -1199,6 +1224,45 @@ static void offer_gss_spnego_mechs(void) {
        return;
 }
 
+bool spnego_parse_krb5_wrap(TALLOC_CTX *ctx, DATA_BLOB blob, DATA_BLOB *ticket, uint8 tok_id[2])
+{
+       bool ret;
+       ASN1_DATA *data;
+       int data_remaining;
+
+       data = asn1_init(talloc_tos());
+       if (data == NULL) {
+               return false;
+       }
+
+       asn1_load(data, blob);
+       asn1_start_tag(data, ASN1_APPLICATION(0));
+       asn1_check_OID(data, OID_KERBEROS5);
+
+       data_remaining = asn1_tag_remaining(data);
+
+       if (data_remaining < 3) {
+               data->has_error = True;
+       } else {
+               asn1_read(data, tok_id, 2);
+               data_remaining -= 2;
+               *ticket = data_blob_talloc(ctx, NULL, data_remaining);
+               asn1_read(data, ticket->data, ticket->length);
+       }
+
+       asn1_end_tag(data);
+
+       ret = !data->has_error;
+
+       if (data->has_error) {
+               data_blob_free(ticket);
+       }
+
+       asn1_free(data);
+
+       return ret;
+}
+
 static void manage_gss_spnego_request(struct ntlm_auth_state *state,
                                        char *buf, int length)
 {
@@ -1250,6 +1314,31 @@ static void manage_gss_spnego_request(struct ntlm_auth_state *state,
        }
 
        token = base64_decode_data_blob(buf + 3);
+
+       if ((token.length >= 7)
+           && (strncmp((char *)token.data, "NTLMSSP", 7) == 0)) {
+               char *reply;
+
+               DEBUG(10, ("Could not parse GSS-SPNEGO, trying raw "
+                          "ntlmssp\n"));
+
+               manage_squid_ntlmssp_request_int(state, buf, length,
+                                                talloc_tos(), &reply);
+               if (reply == NULL) {
+                       x_fprintf(x_stdout, "BH Out of memory\n");
+                       return;
+               }
+
+               if (strncmp(reply, "AF ", 3) == 0) {
+                       x_fprintf(x_stdout, "AF * %s\n", reply+3);
+               } else {
+                       x_fprintf(x_stdout, "%s *\n", reply);
+               }
+
+               TALLOC_FREE(reply);
+               return;
+       }
+
        len = spnego_read_data(ctx, token, &request);
        data_blob_free(&token);
 
@@ -1318,6 +1407,8 @@ static void manage_gss_spnego_request(struct ntlm_auth_state *state,
                        DATA_BLOB ap_rep;
                        DATA_BLOB session_key;
                        struct PAC_LOGON_INFO *logon_info = NULL;
+                       DATA_BLOB ticket;
+                       uint8_t tok_id[2];
 
                        if ( request.negTokenInit.mechToken.data == NULL ) {
                                DEBUG(1, ("Client did not provide Kerberos data\n"));
@@ -1326,13 +1417,23 @@ static void manage_gss_spnego_request(struct ntlm_auth_state *state,
                                return;
                        }
 
+                       dump_data(10, request.negTokenInit.mechToken.data,
+                                 request.negTokenInit.mechToken.length);
+
+                       if (!spnego_parse_krb5_wrap(ctx, request.negTokenInit.mechToken,
+                                                   &ticket, tok_id)) {
+                               DEBUG(1, ("spnego_parse_krb5_wrap failed\n"));
+                               x_fprintf(x_stdout, "BH spnego_parse_krb5_wrap failed\n");
+                               return;
+                       }
+
                        response.type = SPNEGO_NEG_TOKEN_TARG;
                        response.negTokenTarg.supportedMech = talloc_strdup(ctx, OID_KERBEROS5_OLD);
                        response.negTokenTarg.mechListMIC = data_blob_talloc(ctx, NULL, 0);
                        response.negTokenTarg.responseToken = data_blob_talloc(ctx, NULL, 0);
 
                        status = ads_verify_ticket(mem_ctx, lp_realm(), 0,
-                                                  &request.negTokenInit.mechToken,
+                                                  &ticket,
                                                   &principal, &logon_info, &ap_rep,
                                                   &session_key, True);
 
@@ -1356,6 +1457,9 @@ static void manage_gss_spnego_request(struct ntlm_auth_state *state,
                                domain = SMB_STRDUP(domain);
                                user = SMB_STRDUP(principal);
 
+                               netsamlogon_cache_store(
+                                       user, &logon_info->info3);
+
                                data_blob_free(&ap_rep);
                        }
 
@@ -2319,7 +2423,9 @@ static void squid_stream(enum stdio_helper_mode stdio_mode, stdio_helper_functio
        state->helper_mode = stdio_mode;
 
        while(1) {
+               TALLOC_CTX *frame = talloc_stackframe();
                manage_squid_request(state, fn);
+               TALLOC_FREE(frame);
        }
 }
 
index f6f500a2aaef74912e0803a80997aae05f6ec344..faec8e2c3b8e6eeddd275e7a7f10aa9e9dc60308 100644 (file)
@@ -23,6 +23,7 @@
 #include "popt_common.h"
 #include "registry/reg_objects.h"
 #include "regfio.h"
+#include "../libcli/security/dom_sid.h"
 
 /* GLOBAL VARIABLES */
 
@@ -64,7 +65,7 @@ static bool swap_sid_in_acl( struct security_descriptor *sd, struct dom_sid *s1,
        bool update = False;
 
        verbose_output("  Owner SID: %s\n", sid_string_tos(sd->owner_sid));
-       if ( sid_equal( sd->owner_sid, s1 ) ) {
+       if ( dom_sid_equal( sd->owner_sid, s1 ) ) {
                sid_copy( sd->owner_sid, s2 );
                update = True;
                verbose_output("  New Owner SID: %s\n",
@@ -73,7 +74,7 @@ static bool swap_sid_in_acl( struct security_descriptor *sd, struct dom_sid *s1,
        }
 
        verbose_output("  Group SID: %s\n", sid_string_tos(sd->group_sid));
-       if ( sid_equal( sd->group_sid, s1 ) ) {
+       if ( dom_sid_equal( sd->group_sid, s1 ) ) {
                sid_copy( sd->group_sid, s2 );
                update = True;
                verbose_output("  New Group SID: %s\n",
@@ -85,7 +86,7 @@ static bool swap_sid_in_acl( struct security_descriptor *sd, struct dom_sid *s1,
        for ( i=0; i<theacl->num_aces; i++ ) {
                verbose_output("    Trustee SID: %s\n",
                        sid_string_tos(&theacl->aces[i].trustee));
-               if ( sid_equal( &theacl->aces[i].trustee, s1 ) ) {
+               if ( dom_sid_equal( &theacl->aces[i].trustee, s1 ) ) {
                        sid_copy( &theacl->aces[i].trustee, s2 );
                        update = True;
                        verbose_output("    New Trustee SID: %s\n",
@@ -99,7 +100,7 @@ static bool swap_sid_in_acl( struct security_descriptor *sd, struct dom_sid *s1,
        for ( i=0; i<theacl->num_aces; i++ ) {
                verbose_output("    Trustee SID: %s\n",
                        sid_string_tos(&theacl->aces[i].trustee));
-               if ( sid_equal( &theacl->aces[i].trustee, s1 ) ) {
+               if ( dom_sid_equal( &theacl->aces[i].trustee, s1 ) ) {
                        sid_copy( &theacl->aces[i].trustee, s2 );
                        update = True;
                        verbose_output("    New Trustee SID: %s\n",
index 79078b234ab86f2f3e56e81676795eda340b4692..decd0639134ed271fb62515de640064972ff282f 100644 (file)
@@ -24,6 +24,7 @@
 
 #include "includes.h"
 #include "popt_common.h"
+#include "../libcli/security/dom_sid.h"
 
 static TALLOC_CTX *ctx;
 
@@ -370,8 +371,8 @@ static int ace_compare(struct security_ace *ace1, struct security_ace *ace2)
        if (ace1->type != ace2->type)
                return ace2->type - ace1->type;
 
-       if (sid_compare(&ace1->trustee, &ace2->trustee))
-               return sid_compare(&ace1->trustee, &ace2->trustee);
+       if (dom_sid_compare(&ace1->trustee, &ace2->trustee))
+               return dom_sid_compare(&ace1->trustee, &ace2->trustee);
 
        if (ace1->flags != ace2->flags)
                return ace1->flags - ace2->flags;
@@ -459,7 +460,7 @@ static int change_share_sec(TALLOC_CTX *mem_ctx, const char *sharename, char *th
                bool found = False;
 
                for (j=0;old->dacl && j<old->dacl->num_aces;j++) {
-                   if (sid_equal(&sd->dacl->aces[i].trustee,
+                   if (dom_sid_equal(&sd->dacl->aces[i].trustee,
                        &old->dacl->aces[j].trustee)) {
                        old->dacl->aces[j] = sd->dacl->aces[i];
                        found = True;
index 65fec1041b54e9661cc9210b126eaefef3caa305..fa039f639f3f208716f68525c73ff12545f3e143 100644 (file)
@@ -25,6 +25,7 @@
 #include "popt_common.h"
 #include "../librpc/gen_ndr/ndr_lsa.h"
 #include "rpc_client/cli_lsarpc.h"
+#include "../libcli/security/dom_sid.h"
 
 extern bool AllowDebugChange;
 
@@ -835,8 +836,8 @@ static int ace_compare(struct security_ace *ace1, struct security_ace *ace2)
        if (ace1->type != ace2->type)
                return ace2->type - ace1->type;
 
-       if (sid_compare(&ace1->trustee, &ace2->trustee))
-               return sid_compare(&ace1->trustee, &ace2->trustee);
+       if (dom_sid_compare(&ace1->trustee, &ace2->trustee))
+               return dom_sid_compare(&ace1->trustee, &ace2->trustee);
 
        if (ace1->flags != ace2->flags)
                return ace1->flags - ace2->flags;
@@ -929,7 +930,7 @@ static int cacl_set(struct cli_state *cli, const char *filename,
                        bool found = False;
 
                        for (j=0;old->dacl && j<old->dacl->num_aces;j++) {
-                               if (sid_equal(&sd->dacl->aces[i].trustee,
+                               if (dom_sid_equal(&sd->dacl->aces[i].trustee,
                                              &old->dacl->aces[j].trustee)) {
                                        old->dacl->aces[j] = sd->dacl->aces[i];
                                        found = True;
index 3d47baadc9fa4c178ec8f0726b0aa604a754257c..f2e47a70420c2c6ea0c95aa524a6c62acb65fcad 100644 (file)
@@ -33,6 +33,7 @@
 #include "nss_info.h"
 #include "secrets.h"
 #include "idmap.h"
+#include "../libcli/security/dom_sid.h"
 
 #undef DBGC_CLASS
 #define DBGC_CLASS DBGC_IDMAP
@@ -266,7 +267,7 @@ static struct id_map *find_map_by_sid(struct id_map **maps, struct dom_sid *sid)
        int i;
 
        for (i = 0; maps[i] && i<IDMAP_AD_MAX_IDS; i++) {
-               if (sid_equal(maps[i]->sid, sid)) {
+               if (dom_sid_equal(maps[i]->sid, sid)) {
                        return maps[i];
                }
        }
index 39df489be7b15563d948b4da3a79a808b5a64951..dcdc14f277611e9d468066279374316e1a4e6ae6 100644 (file)
@@ -28,6 +28,7 @@
 #include "secrets.h"
 #include "idmap.h"
 #include "idmap_rw.h"
+#include "../libcli/security/dom_sid.h"
 
 #undef DBGC_CLASS
 #define DBGC_CLASS DBGC_IDMAP
@@ -1030,7 +1031,7 @@ static struct id_map *find_map_by_sid(struct id_map **maps, struct dom_sid *sid)
                if (maps[i] == NULL) { /* end of the run */
                        return NULL;
                }
-               if (sid_equal(maps[i]->sid, sid)) {
+               if (dom_sid_equal(maps[i]->sid, sid)) {
                        return maps[i];
                }
        }
index bb93be2174138deea5df22beaeec65ffe4b6e951..8accc639afb9d040f5f3ee0c70d740d87211cd4a 100644 (file)
@@ -20,6 +20,7 @@
 #include "includes.h"
 #include "winbindd.h"
 #include "librpc/gen_ndr/cli_wbint.h"
+#include "../libcli/security/dom_sid.h"
 
 struct wb_getgrsid_state {
        struct tevent_context *ev;
@@ -55,7 +56,7 @@ struct tevent_req *wb_getgrsid_send(TALLOC_CTX *mem_ctx,
        if (lp_winbind_trusted_domains_only()) {
                struct winbindd_domain *our_domain = find_our_domain();
 
-               if (sid_compare_domain(group_sid, &our_domain->sid) == 0) {
+               if (dom_sid_compare_domain(group_sid, &our_domain->sid) == 0) {
                        DEBUG(7, ("winbindd_getgrsid: My domain -- rejecting "
                                  "getgrsid() for %s\n", sid_string_tos(group_sid)));
                        tevent_req_nterror(req, NT_STATUS_NO_SUCH_GROUP);
index 9c48c71aa284bc96bd17f5982977b279aba2131b..c2ce0a27135a92950e2989a4b6ff59e25175b005 100644 (file)
@@ -30,6 +30,7 @@
 #include "../librpc/gen_ndr/ndr_wbint.h"
 #include "ads.h"
 #include "nss_info.h"
+#include "../libcli/security/dom_sid.h"
 
 #undef DBGC_CLASS
 #define DBGC_CLASS DBGC_WINBIND
@@ -105,35 +106,6 @@ void (*smb_panic_fn)(const char *const why) = smb_panic;
 
 static struct winbind_cache *wcache;
 
-void winbindd_check_cache_size(time_t t)
-{
-       static time_t last_check_time;
-       struct stat st;
-
-       if (last_check_time == (time_t)0)
-               last_check_time = t;
-
-       if (t - last_check_time < 60 && t - last_check_time > 0)
-               return;
-
-       if (wcache == NULL || wcache->tdb == NULL) {
-               DEBUG(0, ("Unable to check size of tdb cache - cache not open !\n"));
-               return;
-       }
-
-       if (fstat(tdb_fd(wcache->tdb), &st) == -1) {
-               DEBUG(0, ("Unable to check size of tdb cache %s!\n", strerror(errno) ));
-               return;
-       }
-
-       if (st.st_size > WINBINDD_MAX_CACHE_SIZE) {
-               DEBUG(10,("flushing cache due to size (%lu) > (%lu)\n",
-                       (unsigned long)st.st_size,
-                       (unsigned long)WINBINDD_MAX_CACHE_SIZE));
-               wcache_flush_cache();
-       }
-}
-
 /* get the winbind_cache structure */
 static struct winbind_cache *get_cache(struct winbindd_domain *domain)
 {
@@ -147,7 +119,7 @@ static struct winbind_cache *get_cache(struct winbindd_domain *domain)
        }
 
        if (strequal(domain->name, get_global_sam_name()) &&
-           sid_equal(&domain->sid, get_global_sam_sid())) {
+           dom_sid_equal(&domain->sid, get_global_sam_sid())) {
                domain->backend = &sam_passdb_methods;
                domain->initialized = True;
        }
@@ -673,7 +645,7 @@ static struct cache_entry *wcache_fetch_raw(char *kstr)
 static bool is_my_own_sam_domain(struct winbindd_domain *domain)
 {
        if (strequal(domain->name, get_global_sam_name()) &&
-            sid_equal(&domain->sid, get_global_sam_sid())) {
+            dom_sid_equal(&domain->sid, get_global_sam_sid())) {
                return true;
        }
 
@@ -683,7 +655,7 @@ static bool is_my_own_sam_domain(struct winbindd_domain *domain)
 static bool is_builtin_domain(struct winbindd_domain *domain)
 {
        if (strequal(domain->name, "BUILTIN") &&
-           sid_equal(&domain->sid, &global_sid_Builtin)) {
+           dom_sid_equal(&domain->sid, &global_sid_Builtin)) {
                return true;
        }
 
index ae6401379adaf6bbb07960576652331cb58082bd..f43c08f4171d430ca9f3d3d8412c73360747cf5c 100644 (file)
@@ -81,7 +81,6 @@ bool parse_sidlist(TALLOC_CTX *mem_ctx, const char *sidstr,
 
 /* The following definitions come from winbindd/winbindd_cache.c  */
 
-void winbindd_check_cache_size(time_t t);
 struct cache_entry *centry_start(struct winbindd_domain *domain, NTSTATUS status);
 NTSTATUS wcache_cached_creds_exist(struct winbindd_domain *domain, const struct dom_sid *sid);
 NTSTATUS wcache_get_creds(struct winbindd_domain *domain, 
index 80f7bb69bf05ccd9d7dc996c672dd5bc700e9338..3ceaa67b7e1e1c7e8d7873de7f39dd2d27a56dae 100644 (file)
@@ -33,6 +33,7 @@
 #include "librpc/gen_ndr/srv_lsa.h"
 #include "rpc_client/cli_samr.h"
 #include "rpc_client/cli_lsarpc.h"
+#include "../libcli/security/dom_sid.h"
 
 /* Query display info for a domain */
 NTSTATUS rpc_query_user_list(TALLOC_CTX *mem_ctx,
@@ -612,7 +613,7 @@ NTSTATUS rpc_lookup_useraliases(TALLOC_CTX *mem_ctx,
                }
 
                for (i = 0; i < num_query_sids; i++) {
-                       sid_array.sids[i].sid = sid_dup_talloc(mem_ctx, &sids[total_sids++]);
+                       sid_array.sids[i].sid = dom_sid_dup(mem_ctx, &sids[total_sids++]);
                        if (sid_array.sids[i].sid == NULL) {
                                return NT_STATUS_NO_MEMORY;
                        }
@@ -739,7 +740,7 @@ NTSTATUS rpc_lookup_groupmem(TALLOC_CTX *mem_ctx,
                struct lsa_SidPtr sid_ptr;
                struct samr_Ids rids_query;
 
-               sid_ptr.sid = sid_dup_talloc(mem_ctx, group_sid);
+               sid_ptr.sid = dom_sid_dup(mem_ctx, group_sid);
                if (sid_ptr.sid == NULL) {
                        return NT_STATUS_NO_MEMORY;
                }
index 671c86827370d33c23e0daa8f0835bed6e81891b..14be0e26fa2ccec9e2e4e3fbada1d74029ad8c8a 100644 (file)
@@ -23,6 +23,7 @@
 #include "includes.h"
 #include "winbindd.h"
 #include "secrets.h"
+#include "../libcli/security/dom_sid.h"
 
 #undef DBGC_CLASS
 #define DBGC_CLASS DBGC_WINBIND
@@ -135,7 +136,7 @@ static struct winbindd_domain *add_trusted_domain(const char *domain_name, const
                                continue;
                        }
 
-                       if (sid_equal(sid, &domain->sid)) {
+                       if (dom_sid_equal(sid, &domain->sid)) {
                                break;
                        }
                }
@@ -146,7 +147,7 @@ static struct winbindd_domain *add_trusted_domain(const char *domain_name, const
                 * We found a match. Possibly update the SID
                 */
                if ((sid != NULL)
-                   && sid_equal(&domain->sid, &global_sid_NULL)) {
+                   && dom_sid_equal(&domain->sid, &global_sid_NULL)) {
                        sid_copy( &domain->sid, sid );
                }
                return domain;
@@ -740,7 +741,7 @@ struct winbindd_domain *find_domain_from_sid_noinit(const struct dom_sid *sid)
        /* Search through list */
 
        for (domain = domain_list(); domain != NULL; domain = domain->next) {
-               if (sid_compare_domain(sid, &domain->sid) == 0)
+               if (dom_sid_compare_domain(sid, &domain->sid) == 0)
                        return domain;
        }
 
index e0e0e5fb504769672098c11b71ef187ba8b64479..e5ad33bab40765979caf9d1711c21d5b94859702 100644 (file)
@@ -66,78 +66,81 @@ LIBNDR_SCHANNEL_SRC = '''../librpc/gen_ndr/ndr_schannel.c
 LIBNDR_SPOOLSS_SRC = '''../librpc/gen_ndr/ndr_spoolss.c
                   ../librpc/ndr/ndr_spoolss_buf.c'''
 
+LIBNDR_PREG_SRC = '''librpc/gen_ndr/ndr_preg.c
+                     librpc/ndr/ndr_preg.c'''
+
 LIBNDR_XATTR_SRC = '''../librpc/gen_ndr/ndr_xattr.c
                   ../librpc/ndr/ndr_xattr.c'''
 
 LIBCLI_SPOOLSS_SRC = '''
-                     librpc/gen_ndr/cli_spoolss.c
-                     librpc/gen_ndr/ndr_spoolss_c.c
+                     ../librpc/gen_ndr/cli_spoolss.c
+                     ../librpc/gen_ndr/ndr_spoolss_c.c
                      rpc_client/cli_spoolss.c
                      rpc_client/init_spoolss.c'''
 
 LIBCLI_EVENTLOG_SRC = '''
-                      librpc/gen_ndr/cli_eventlog.c
-                      librpc/gen_ndr/ndr_eventlog_c.c'''
+                      ../librpc/gen_ndr/cli_eventlog.c
+                      ../librpc/gen_ndr/ndr_eventlog_c.c'''
 
 LIBCLI_WINREG_SRC = '''
-                    librpc/gen_ndr/cli_winreg.c
-                    librpc/gen_ndr/ndr_winreg_c.c'''
+                    ../librpc/gen_ndr/cli_winreg.c
+        &nb