IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
example of the scope of change the new pstrings would entail:
basically inserting PSTR() or FSTR() everywhere you need to coerce one
to a char*.
It's also a good example of the kind of bug we might catch: on about
line 540, we were doing a pstrcpy into an fstring, which might
overflow. It's not a problem in this particular case, but it is in
general.
(This used to be commit 5a403da4a7)
Also set the default value of all the allocated strings to "" to avoid changing
the interface (becouse pdb_get...() would point to a null string, rather than a
null pointer and parts of samba rely on that).
Andrew Bartlett
(This used to be commit 5b4079f748)
These strings are allocated using talloc(), either using its own memory context
stored on the SAM_ACCOUNT or one supplied by the caller.
The pdb_init_sam() and pdb_free_sam() function have been modifed so that a call
to pdb_free_sam() will either clean up (remove hashes from memory) and destroy
the TALLOC_CTX or just clean up depending on who supplied it.
The pdb_init_sam and pdb_free_sam functions now also return an NTSTATUS, and I
have modified the 3 places that actually checked these returns.
The only nasty thing about this patch is the small measure needed to maintin
interface compatability - strings set to NULL are actually set to "".
This is becouse there are too many places in Samba that do strlen() on these
strings without checking if they are NULL pointers.
A supp patch will follow to set all strings to "" in pdb_default_sam().
Andrew Bartlett
(This used to be commit 144345b41d)
screen-full of kerberos warnings.
This is almost as good, and I can actually see the Samba warnings.
Andrew Bartlett
(This used to be commit 35a6275e18)
memory.
The winbind connection caching code isn't exactly a plesent beast, and there is
more work that needs to be done to nail this properly.
Andrew Bartlett
(This used to be commit dd40ce54b7)
This occured when the attempt to contact the PDC failed. The connection code
has already shut down the connection, and 'free'ed the cli or has never
initialised it in the first place.
Andrew Bartlett
(This used to be commit 37ce763043)
If you define this, pstring and fstring become distinguished types, so
that it's harder to accidentally overflow them by for example passing
an fstring on the lhs of pstrcpy.
The types are defined as one-element union arrays so that with
"fstring f" the name "f" will be a pointer and with a big hammer you
can cast it to (char *). So code that tries to just use it directly
will get a loud warning, but hopefully nothing worse.
To pass them to non-pstring-aware functions, use PSTR and check that
the function takes a const. They should almost never be modified
except by special calls. In those unusual cases, use PSTR_MUTABLE.
This is off by default so as not to produce too many warnings. As the
code is vetted it can become the default.
(This used to be commit ca233bc8b3)
to move this from being a static to matching its mate in lib/util_sock.c.
In any case, this should discorage anybody from using the 'wrong' version of
this function. (ie the one from TNG, which needs a bit more error checking
depending on use).
Andrew Bartlett
(This used to be commit e6a3a01f79)
This work was sponsored by Optifacio Software Services, Inc.
Andrew Bartlett
(various e-mails announcements merged into some form of commit message below:)
This patch which adds basics of universal groups support
into Samba 3. Currently, only Winbind with RPC calls supports this, ADS
support requires additional (possibly huge) work on KRB5 PAC. However,
basic infrastructure is here.
This patch adds:
1. Storing of universal groups for particular user logged into Samba
software (smbd/ two winbind-pam methods) into netlogon_unigrp.tdb as array
of uint32 supplemental group rids keyed as DOMAIN_SID/USER_RID in tdb.
2. Fetching of unversal groups for given user rid and domain sid from
netlogon_unigrp.tdb.
Since this is used in both smbd and winbindd, main code is in
source/lib/netlogon_uingrp.c. Dependencies are added to AUTH_OBJ as
UNIGRP_OBJ and WINBINDD_OBJ as UNIGRP_OBJ.
This patch has had a few versions, the final version in particular:
Many thanks to Andrew Bartlett for critics and comments, and partly
rewritten code.
New:
- updated fetching code to changed byte order macros
- moved functions to proper namespace
- optimized memory usage by reusing caller's memory context
- enhanced code to more follow Samba coding rules
Todo:
- proper universal group expiration after timeout
(This used to be commit 80c2aefbe7)
This brings passdb.c down to a much more manageable ~1100 lines and makes it a
little easier to comprehend whats going on here.
Andrew Bartlett
(This used to be commit 28d5ab269c)
