sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-31 17:18:04 +03:00
Code
59,159 Commits 60 Branches 1,144 Tags 452 MiB
110a6f29f0
Commit Graph

31023 Commits

Author SHA1 Message Date
Kai Blin
932d4a874b s3 winbindd: Return number of groups in data.num_entries for WINBINDD_LIST_GROUPS 
This allows to test if there's something wrong with the group list in
extra_data or if there's simply no groups in the database.

Volker, please check.
 2010-01-14 15:18:34 +01:00
Kai Blin
36db924446 s3 winbindd: Get WINBINDD_CHECK_MACHACC torture test to work again. 
WINBINDD_CHECK_MACHACC used to report an NTSTATUS error and appropriate error
strings. Make this work again.
 2010-01-14 15:18:34 +01:00
Stefan Metzmacher
ac224452b9 s3:pdb_ldap: restore Samba 3.0.x behavior and use the first "uid" value. 
See bug #6157 for more details.

metze

Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 25806f43dd)
 2010-01-14 02:27:34 +01:00
Stefan Metzmacher
915b7552b7 s3:smbldap: add smbldap_talloc_first_attribute() 
metze

Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit c992127f8a)
 2010-01-14 02:26:29 +01:00
Volker Lendecke
026b23062e s3: Fix a winbind segfault in "trusted_domains" 
We have to initialize domain->backend by calling "get_cache" before doing a
query

Thanks to Christian Ambach to find this :-)
 2010-01-13 12:22:31 +01:00
SASAJIMA Toshihiro
ca84795205 Fix bug #7034 - vfs_cap causes signal 11 (SIGSEGV) 2010-01-12 21:43:23 -08:00
Jeremy Allison
ed457e07b9 Fix two uses of strncat -> strlcat. Ensure proper use of strncpy when setting socket name. 
Jeremy.
 2010-01-12 21:18:36 -08:00
Jeremy Allison
33ee8b5a4e Make file access control decisions a lot easier to debug (at level 10). 
Jeremy.
 2010-01-12 21:06:09 -08:00
Jeremy Allison
105f876eb4 Fix bug #7033 - SMBrmdir call always returns true, even on failure to delete a directory. 
Argh. Missed the second (and essential) part of the fix for the above :-(.

Jeremy
 2010-01-12 16:55:31 -08:00
Jeremy Allison
ce8dcbe91b Fix bug #7033 - SMBrmdir call always returns true, even on failure to delete a directory. 
There is a codepath missing to propagate back error returns from the rmdir
POSIX call inside close_directory when delete on close is set. This means doing
an rmdir on a Windows command line will always report success, even when the
directory was not deleted. This fix adds that codepath back into Samba.

Jeremy.
 2010-01-12 16:50:40 -08:00
Jeremy Allison
47c1d9b39f Fix bug #6876 - Delete of an object whose parent folder does not have delete rights fails even if the delete right is set on the object. 
Final fix for the vfs_acl_xattr and vfs_acl_tdb code.
Ensure we can delete a file even if the underlying POSIX
permissions don't allow it, if the Windows permissions do.

Jeremy.
 2010-01-12 16:04:44 -08:00
Jeremy Allison
2f30aea332 Remove the global char *LastDir. 
This is no longer used for anything.
 2010-01-12 14:48:23 -08:00
Volker Lendecke
2d4dda0688 s3: Lift the version of the scannedonly VFS module 2010-01-12 22:58:51 +01:00
Olivier Sessink
31e142854b s3: Add the "scannedonly" vfs virus scanner interface module 2010-01-12 22:57:18 +01:00
Michael Adam
444ecac2d2 s3:auth: add comment to nulling out stolen sampass 
Adding this comment makes me think, I could also
have changed make_server_info_sam() talloc_move
instead of talloc_steal, but that would have
changed the signature... Well the comment is a
first step. :-)

Michael
 2010-01-12 16:19:56 +01:00
Volker Lendecke
373dcf45cf s3: Remove a pointless if-statement 2010-01-12 13:55:07 +01:00
Giovanni Bajo
d75d14f8de s3-lanman: Allow a level2 descriptor for a level1 NetShareGetInfo 
Windows seems to allow this

http://lists.samba.org/archive/samba-technical/2009-November/068116.html

has a dump of this.
 2010-01-11 22:24:22 +01:00
Volker Lendecke
0ad83813ee s3: Add a zfsacl:denymissingspecial parameter 
When setting an ACL without any of the user/group/other entries, ZFS
automatically creates them. This can at times confuse users a lot. This
parameter denies setting such an acl, users explicitly have to for example set
an ACE with everyone allowing nothing. Users need to be educated about this,
but this helps avoid a lot of confusion.
 2010-01-11 12:14:37 +01:00
Volker Lendecke
81a848be6d s3: Remove some unused variables 2010-01-10 22:43:02 +01:00
Volker Lendecke
fd1b6bdef9 s3: Fix some nonempty blank lines 2010-01-10 20:56:16 +01:00
Volker Lendecke
86a73e6eba s3: Use sid_check_is_domain instead of a direct sid_equal 2010-01-10 20:56:16 +01:00
Volker Lendecke
48251c3370 s3: Use sid_check_is_in_our_domain instead of a direct sid_peek_check_rid 2010-01-10 20:56:16 +01:00
Volker Lendecke
3ea64e0ad8 s3: Replace most calls to sid_append_rid() by sid_compose() 2010-01-10 20:56:16 +01:00
Volker Lendecke
50b7a3233f s3: Remove unused samr_make_sam_obj_sd 2010-01-10 20:56:16 +01:00
Volker Lendecke
081573091b s3: Remove the typedef for "auth_serversupplied_info" 2010-01-10 20:56:16 +01:00
Volker Lendecke
9bb4766bba s3: Remove the typedef for "auth_usersupplied_info" 2010-01-10 20:56:16 +01:00
Volker Lendecke
6f0e7b9465 s3: Trim libnss_wins.so 2010-01-10 13:37:40 +01:00
Volker Lendecke
0f9268bde9 s3: Trim down some utilities a bit 2010-01-10 13:28:08 +01:00
Volker Lendecke
fd92db55eb s3: Remove a pointless "else" branch from add_ccache_to_list() 2010-01-09 20:37:40 +01:00
Volker Lendecke
fc1757369f s3: Slightly simplify winbindd_store_creds 2010-01-09 20:37:39 +01:00
Volker Lendecke
43c841b6bd s3: Fix a segfault in winbindd_dual_ccache_ntlm_auth() 
ntlmssp_update allocates the reply_blob as a child of ntlmssp_state. This means
with ntlmss_end() it will be gone. winbindd_dual_ccache_ntlm_auth used the blob
after the ntlmssp_end().
 2010-01-09 20:37:39 +01:00
Jeremy Allison
d7713d11a6 Re-fix bug 5202 - cannot change ACLs on writable file with "dos filemode=yes" 
This bug re-occurred for 3.3.x and above.

The reason is that to change a NT ACL we now have to open the file requesting
WRITE_DAC and WRITE_OWNER access. The mapping from POSIX "w" to NT permissions
in posix_acls doesn't add these bits when "dos filemode = yes", so even though
the permission or owner change would be allowed by the POSIX ACL code, the
NTCreateX call fails with ACCESS_DENIED now we always check NT permissions
first.

Added in the mapping from "w" to WRITE_DAC and WRITE_OWNER access.

Jeremy.
 2010-01-08 10:17:46 -08:00
Günther Deschner
1bc953088f s3-time: fix build warnings after we moved to shared time functions. 
Bjoern, please check.

Guenther
 2010-01-08 12:35:25 +01:00
Tim Prouty
34f0cff066 s3 torture: Prevent smbcli segfault when running smbtorture3 against an smbd with security=share 2010-01-07 15:32:27 -08:00
Michael Adam
dc68982711 s3:auth: don't update the bad pw count if pw is among last 2 history entries 
This conforms to the behaviour of Windows 2003:
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/security/bpactlck.mspx

This is supposed to fixes Bug #4347 .

Michael
 2010-01-07 16:51:18 +01:00
Michael Adam
46111dc4e4 s3:auth:check_sam_security: introduce a bool var to control pad_pw_count incrementation 
This is a preparatory patch for the last part in fixing bug #4347 .

Michael
 2010-01-07 16:51:18 +01:00
Michael Adam
017ccd0bda s3:passdb: store the plain nt passwords hashes in history, not salted md5 
This is in order to be able to do challenge response with the history,
so that this can be checked when an invalid password was entered:
If the given password is wrong but in the history, then the bad password
count should not be updated...

The "lucky" bit here is that the md5 has and the nt hash (md4) both are
16 bytes long.

This is part of the fix for bug #4347 .

Michael
 2010-01-07 16:51:17 +01:00
Michael Adam
667b6f3322 s3:smbd:password_in_history: treat entry with 0 salt as 0 + plain nt hash 
This is to introduce a new format of the password history, maintaining backwards
compatibility: The old format was 16 byte hash + 16 byte md5(salt + nt hash).
The new format is 16 zero bytes and 16 bytes nt hash.

This will allow us to respect the last X entries of the nt password history
when deciding whether to increment the bad password count.

This is part of the fix for bug #4347 .

Michael
 2010-01-07 16:51:17 +01:00
Volker Lendecke
801edeccc6 s3: Remove some code that has become unnecessary 
The code I just removed was checked in with e5466fffc2 as a bug fix for
https://bugzilla.samba.org/show_bug.cgi?id=3319. With the changes to
is_visible_file made with 9e8b8f8c16 these lines have become unnecessary,
even with "hide unreadable = yes" dead msdfs symlinks show. This is because we
can not stat(2) them and default to showing them.

Why this change? I have a user who wants to use "hide unreadable" on msdfs
links. Because you can't edit acls on symlinks themselves, the user created the
targets as bogus, empty files that just exist as acl placeholders. With the
code in place that this patch removes, we never allow this to work.

Jeremy, please check! :-)

Thanks,

Volker
 2010-01-07 14:58:55 +01:00
Volker Lendecke
8289b46173 s3: Lock down some srvsvc calls according to what w2k3 seems to do 2010-01-07 12:05:33 +01:00
Michael Adam
7248873b48 s3:auth:check_sam_security: improve calling and logging of pdb_update_sam_account 
Log what went wrongl, and also call pdb_update_sam_account inside
become_root/unbecome_root: do the logging outside.

Michael
 2010-01-07 11:07:57 +01:00
Michael Adam
5ad1b7e0c5 s3:auth:check_sam_security: fix a leading tab/ws mixup 
Michael
 2010-01-07 11:07:57 +01:00
Michael Adam
970317c413 s3:auth:check_sam_security: create (and use) a common exit point 
for use after sam_password_ok() has been called.

Michael
 2010-01-07 11:07:56 +01:00
Michael Adam
de4fb80bee s3:auth:check_sam_security: null out sampass after it has been stolen. 
So that a later talloc_free would not harm. I could have used
talloc_move instead of talloc steal in make_server_info_sam(),
but this would have required a change of the signature.

Michael
 2010-01-07 11:07:56 +01:00
Michael Adam
3634859450 s3:auth:sam_password_ok: take username, acct_ctrl and nt/lm hashes, not sampass 
This is in preparation to extending check_sam_security to also check
against the password history before updating the bad password count.
This way, sam_password_ok can more easily be reused for that purpose.

Michael
 2010-01-07 11:07:56 +01:00
Michael Adam
c0f404a2e4 s3:auth: use data_blob_null instead of data_blob(NULL, 0) in sam_password_ok() 
This way it is more explicit that there is no allocated data here
that may leak.

Michael
 2010-01-07 11:07:56 +01:00
Michael Adam
0172587d8d s3:auth:sam_password_ok: fix allocation of a data blob. 
data_blob(mem_ctx, 16) does not use mem_ctx as a talloc ctx but
copies 16 bytes from mem_ctx into the newly allocated data blob.
This can not have been intentional. A blank uint8_t array of
length 16 is allocated by passing NULL instead of mem_ctx.
And using data_blob_talloc(mem_ctx, NULL, 16) adds the allocated
blank 16 byte array to mem_ctx - so this is what must have been
intended.

Michael
 2010-01-07 11:07:56 +01:00
Michael Adam
7ac18c743b s3:auth:sam_password_ok: enhance readability (imho) by adding some pointers 
and removing bool variables and several checks.

Michael
 2010-01-07 11:07:55 +01:00
Michael Adam
b5fcb34d6c s3:check_sam_security: untangle assignment from statement 
Michael
 2010-01-07 11:07:55 +01:00
Volker Lendecke
53a1ed9b6c s3: Factor password_in_history() out of check_passwd_history() 2010-01-07 11:07:55 +01:00
Volker Lendecke
5e2fc28b63 s3: Simplify pdb_set_plaintext_passwd: pwhistory==NULL can not happen anymore 2010-01-07 11:07:54 +01:00
Volker Lendecke
2a11f3b3d7 s3: Simplify pdb_set_plaintext_passwd: pwHistLen==0 was checked above 2010-01-07 11:07:54 +01:00
Volker Lendecke
ec0998ada5 s3: Add a paranoia check to pdb_set_plaintext_passwd() 2010-01-07 11:07:54 +01:00
Volker Lendecke
a3f522202d s3: Simplify pdb_set_plaintext_passwd() by removing a redundant condition 
if (current_history_len != pwHistLen) {
     if (current_history_len < pwHistLen) {
     }
}

The second "if" is a bit pointless here
 2010-01-07 11:07:54 +01:00
Volker Lendecke
7633837026 s3: Simplify pdb_set_plaintext_passwd: memcpy deals fine with 0 bytes 2010-01-07 11:07:53 +01:00
Volker Lendecke
864ed92954 s3: Simplify pdb_set_plaintext_passwd by using talloc_zero_array 2010-01-07 11:07:53 +01:00
Volker Lendecke
e7290255f5 s3: Make use of talloc_array in pdb_set_plaintext_passwd() 2010-01-07 11:07:53 +01:00
Volker Lendecke
7ba006430f s3: Simplify pdb_set_plaintext_passwd() a bit 
Remove an indentation by the early return in

+       if (pwHistLen == 0) {
+               /* Set the history length to zero. */
+               pdb_set_pw_history(sampass, NULL, 0, PDB_CHANGED);
+               return true;
+       }
 2010-01-07 11:07:52 +01:00
Volker Lendecke
ca6c1cdd5f s3: Simplify pdb_set_plaintext_passwd() slightly 
No functional change, this just removes an indentation level by the early
"return True;" in

+       if ((pdb_get_acct_ctrl(sampass) & ACB_NORMAL) == 0) {
+               /*
+                * No password history for non-user accounts
+                */
+               return true;
+       }

Volker
 2010-01-07 11:07:52 +01:00
Volker Lendecke
3d8394986a s3: Fix a typo 2010-01-07 11:07:52 +01:00
Volker Lendecke
147a2c057c s3: Avoid a memset(, 0, ) call 2010-01-07 11:07:51 +01:00
Michael Adam
2fad148b27 s3:pdb_set_pw_history: free the old history before setting the new. 
This is not strictly necessary, since this only leaks into the
struct samu, and this is not so long-lived in the code path that
changes the password, but it definitely correct and does not harm.

Michael
 2010-01-07 11:07:51 +01:00
Michael Adam
71e3de6c9f s3:pdb_ldap:init_sam_from_ldap: untangle an assignment from the check 
to enhance readability and denbuggability.

Michael
 2010-01-07 11:07:51 +01:00
Björn Jacke
f5729dbb6e s3:lib/time: remove TIME_T_MIN/MAX defines 
we already get them from lib/util/time.h
 2010-01-07 00:50:38 +01:00
Björn Jacke
b3e065e0c6 ѕ3:lib/time: replace make_dos_ and put_dos_ functions with those from lib/util/ 2010-01-07 00:50:10 +01:00
Björn Jacke
c5f24c3eac s3:lib/time: remoce null_mtime() - use null_time() 2010-01-07 00:49:57 +01:00
Björn Jacke
c1c7b6cecb s3:lib/time: remove unused nt_time_equals 
we have nt_time_equal doing the same in lib/util/
 2010-01-07 00:49:49 +01:00
Jeremy Allison
d5995eec7e Second part of the fix for bug #7020 - smbd using 2G memory. 
There was a second leak in the processing of the out_data.frag
prs_struct. It needs freeing once the current pdu has been returned
asynchronously.

Jeremy.
 2010-01-06 13:11:00 -08:00
Björn Jacke
e172b219ee ѕ3:configure: use gettimeofday check from lib/util/ 2010-01-06 18:28:16 +01:00
Björn Jacke
350db0bf25 vfs_commit: print warning when no fsync support is there 
this one was part of an old patch from jpeach.
 2010-01-06 18:28:16 +01:00
Jeremy Allison
f6bd654a6c Fix bug #7020 - smbd using 2G memory. 
When deferring an async pipe writeX and readX transfer
the outstanding request struct onto the conn struct. This
needs freeing after the packet is finally processed.

Jeremy.
 2010-01-05 14:34:00 -08:00
Bo Yang
d06fb8e027 s3: List trusted domains from wcache when domain is offline. 
Signed-off-by: Bo Yang <boyang@samba.org>
 2010-01-06 19:19:52 +08:00
Bo Yang
133638c8ae s3: Make winbindd_cache.c aware of domain offline to avoid unnecessary backend query. 
Signed-off-by: Bo Yang <boyang@samba.org>
 2010-01-06 19:19:43 +08:00
Bo Yang
36493bf2f6 s3: Fix infinite loop in NCACN_IP_TCP asa there is no timeout. Assume lsa_pipe_tcp is ok but network is down, then send request is ok, but select() on writeable fds loops forever since there is no response. 
Signed-off-by: Bo Yang <boyang@samba.org>
 2010-01-06 19:19:35 +08:00
Kai Blin
da41f23bda s3 net: Fix up a share type translation and translate some more strings 2010-01-05 09:55:52 +01:00
Kai Blin
9a9d737070 s3 net: Add a few missing gettext calls. 
Many many thanks to Adi Roiban from #ubuntu-translators for helping me find
and fix my problems with the translations.
 2010-01-05 09:55:52 +01:00
Stefan Metzmacher
2ed51fbc4c s3: Happy New Year 2010 
metze
 2010-01-04 08:42:03 +01:00
Volker Lendecke
283a73ca9f s3: Trim down smbcontrol a bit 2010-01-03 21:14:58 +01:00
Volker Lendecke
ac5b090a41 s3: Fix a shadowed variable warning 2010-01-03 21:14:58 +01:00
Volker Lendecke
675d5fe981 s3: Fix an uninitialized variable warning 2010-01-03 21:14:58 +01:00
Volker Lendecke
37ac16a88f s3: Convert cli_ulogoff to the async API 2010-01-03 21:14:57 +01:00
Volker Lendecke
99f292479f s3: Convert cli_tdis to the async API 2010-01-03 21:14:57 +01:00
Volker Lendecke
41a5149981 s3: Slightly simplify winbindd_dual_ccache_ntlm_auth 
data_blob_const can't fail
 2010-01-03 11:38:22 +01:00
Volker Lendecke
e2f361d05e s3: Fix some nonempty blank lines 2010-01-03 11:38:22 +01:00
Volker Lendecke
6edfbbd79b s3: Remove some unused code 2010-01-03 11:38:22 +01:00
Volker Lendecke
2d75aa04da s3: Convert cli_sesssetup_ntlmssp to the async API 2010-01-03 11:38:22 +01:00
Volker Lendecke
3f25fb5677 s3: NT_STATUS_MORE_PROCESSING_REQUIRED is a valid sesssetup return value 2010-01-03 11:38:22 +01:00
Volker Lendecke
a321dd91a4 s3: Convert cli_session_setup_kerberos to the async API 
This is still cheated, acquiring the ticket is not async yet, but the SMB
part is
 2010-01-03 11:38:22 +01:00
Volker Lendecke
063900ae63 s3: Fix a typo 2010-01-02 12:09:05 +01:00
Volker Lendecke
a66341b993 s3: simplify find_root_domain, find_our_domain() never fails 2010-01-02 12:09:05 +01:00
Volker Lendecke
133f023d58 s3: Use global_sid_Builtin in find_builtin_domain 2010-01-02 12:09:05 +01:00
Volker Lendecke
92345f49e3 s3: Avoid adding a domain twice 
If we found a match with sid==NULL, we ended up adding the domain twice
 2010-01-02 12:09:05 +01:00
Volker Lendecke
22a4a000ce s3: Make free_domain_list() static 2010-01-02 12:09:05 +01:00
Volker Lendecke
583d192e47 s3: Adapt sid_dup_talloc to README.Coding 2010-01-02 12:09:05 +01:00
Volker Lendecke
d05e17f875 s3: Introduce domain_is_forest_root() helper function 
Hopefully this makes the flag tests a bit more understandable
 2010-01-02 12:09:05 +01:00
Jim McDonough
3a271a89b5 Prevent NULL dereference if group has no members 2009-12-30 15:06:07 -05:00
André Hentschel
b0dd364cdd net: Add some German translation 
Signed-off-by: Kai Blin <kai@samba.org>
 2009-12-30 02:21:48 +01:00
Stefan Metzmacher
c9b6ad2500 s3:ntlmssp: change get_challange() to return NTSTATUS 
metze
 2009-12-29 17:06:22 +01:00
Stefan Metzmacher
4afb211f4f s3:ntlmssp: remove unused p24 variable from ntlmssp_sign_init() 
metze
 2009-12-29 08:46:19 +01:00
Stefan Metzmacher
9d5f41ca01 s3:ntlmssp: move some indentation in ntlmssp_sign.c 
metze
 2009-12-29 08:46:18 +01:00
Stefan Metzmacher
05f7a86a99 s3:ntlmssp: remove unused ntlmssp_stored_response() 
metze
 2009-12-29 08:46:12 +01:00
Stefan Metzmacher
7cff7d937e s3:ntlmssp: remove unused ref_count from ntlmssp_state 
metze
 2009-12-29 08:19:01 +01:00
Stefan Metzmacher
e78558a45b s3:ntlmssp: fix whitespace in ntlmssp.h 
metze
 2009-12-29 08:19:00 +01:00
Stefan Metzmacher
5541a91dff s3:ntlmssp: fix spelling 
metze
 2009-12-29 08:19:00 +01:00
Stefan Metzmacher
5ff127b641 s3:ntlmssp: rename NTLM_MESSAGE_TYPE into ntlmssp_message_type 
metze
 2009-12-29 08:19:00 +01:00
Volker Lendecke
e5fbff0963 s3: Check for lp_winbind_trusted_domains_only in wb_gettoken() 
This avoids one walk of the domain list
 2009-12-28 23:35:07 +01:00
Volker Lendecke
c0289d63c3 s3: Move a lp_winbind_trusted_domains_only() check to wb_getgrsid() 
winbindd_getgrgid was not protected by this.
 2009-12-28 23:20:02 +01:00
Volker Lendecke
b8fcba9cb8 s3: Pass netr_DomainTrustList instead of names and sids through (*trusted_domains) 2009-12-28 15:54:13 +01:00
Volker Lendecke
0aa8946ce0 s3: Simplify winbindd_ads.c:trusted_domains() 
No real code change, this just removes an indentation by turning

if ( NT_STATUS_IS_OK(result) && trusts.count) {

into

if (!NT_STATUS_IS_OK(result)) {
        return result;
}
if (trusts.count == 0) {
        return NT_STATUS_OK;
}
 2009-12-28 15:28:43 +01:00
Volker Lendecke
2c49678ce5 s3: Remove some unused code 
Watch the #if 0 -- we never stored this in the cache anymore
 2009-12-28 14:59:46 +01:00
Volker Lendecke
d53cfb7675 s3: Simplify winbindd_list_trusted_domains() slightly 2009-12-28 14:59:45 +01:00
Volker Lendecke
2daa084da4 s3: Simplify "setup_domain_child" slightly 2009-12-28 14:59:45 +01:00
Volker Lendecke
ff0f8bd9e6 s3:winbind Make the normal client exit message a bit more understandable 2009-12-26 18:00:47 +01:00
Volker Lendecke
0a6a13dd07 s3: Fix a typo found by Matthias Dieter Wallnöfer <mdw@samba.org> -- thanks :-) 2009-12-26 15:21:09 +01:00
Volker Lendecke
7e66145560 s3: Fix a bogus uninitialized variable warning 2009-12-26 12:26:07 +01:00
Volker Lendecke
634d084517 s3: Replace IS_DOMAIN_OFFLINE by a function 2009-12-26 12:26:07 +01:00
Volker Lendecke
50e5f9dc51 s3: Fix some nonempty blank lines 2009-12-26 12:26:06 +01:00
Volker Lendecke
03617df24d s3: winbindd_cli_state->getgrent_state is no longer used 2009-12-26 12:26:06 +01:00
Volker Lendecke
b911a7b2d4 s3: getgrent_state has been replaced by grent_state 2009-12-26 12:26:06 +01:00
Volker Lendecke
96207912cb s3: Remove unused delete_negative_conn_cache() 2009-12-24 15:24:35 +01:00
Volker Lendecke
ffab1a2318 s3: Remove unused flush_negative_conn_cache() 2009-12-24 15:24:35 +01:00
Volker Lendecke
53bf5f0064 s3: Remove some unnecessary variables from libsmb/conn_cache.c 2009-12-24 15:24:35 +01:00
Volker Lendecke
a3f43e3d86 s3: Fix a comment in conn_cache.c 2009-12-24 15:24:35 +01:00
Volker Lendecke
04210986f1 s3: Fix a 64-bit error 2009-12-24 15:24:35 +01:00
Volker Lendecke
daecb747e4 s3: Remove some pointless SMB_ASSERTs 2009-12-24 15:24:34 +01:00
Volker Lendecke
56f9d18fba s3: Remove some pointless casts 2009-12-24 15:24:34 +01:00
Jeremy Allison
6dcbb84d48 Attempt to fix one of the last two bugs with the full Windows ACL support. 
When returning an underlying ACL on a directory, normally on a
POSIX system it has no inheritable entries, which breaks the
Windows ACL when a user does a get/set of a Windows ACL on a
POSIX directory with no existing stored Windows ACL from
the Windows ACL editor. What happens is any new entry added
by the user gets set inheritable, but none of the others
entries are (as returned by default). So any new files then
only inherit the single new ACE entry (the one marked inheritable
by the ACL editor).

Fix this by faking up a default 3 element inheritable ACL that
represents what a user creating a POSIX file or directory will
get by default from the smbd code.

Jeremy.
 2009-12-23 17:19:22 -08:00
Jeremy Allison
3d85b1ebe5 The posix acl version of set_nt_acl() could set the stat_ex 
struct in the fsp->fsp_name pointer incorrectly for a directory.

Fix this. Make map_canon_ace_perms() public.

Jeremy.
 2009-12-23 17:17:48 -08:00
Volker Lendecke
5aa0d97464 s3: wbinfo --ping-dc is not cacheable 2009-12-23 13:11:55 +01:00
Volker Lendecke
6dc924fcf3 s3: Remove some unused code 2009-12-23 12:02:19 +01:00
Volker Lendecke
40d4c31999 s3: Remove unused sendto_child() 2009-12-23 11:42:31 +01:00
Günther Deschner
475d296065 s3-net: use generated krb5.conf in 'net ads testjoin' 
Guenther
 2009-12-23 10:57:22 +01:00
Andrew Bartlett
802e9328ed s3:ntlmssp: only include ntlmssp.h where actually needed 
Andrew Bartlett
 2009-12-22 21:07:53 +01:00
Andrew Bartlett
5b37cd23bf s3:ntlmssp: remove the typedef NTLMSSP_STATE 
Andrew Bartlett
 2009-12-22 21:07:53 +01:00
Andrew Bartlett
dee35f793c s3:ntlmssp: move to C99 integer types in ntlmssp.h 
Andrew Bartlett
 2009-12-22 21:07:52 +01:00
Andrew Bartlett
9b36fa0441 s3:ntlmssp: rename enum NTLMSSP_ROLE into enum ntlmssp_role 
Andrew Bartlett
 2009-12-22 21:07:52 +01:00
Andrew Bartlett
ba2cfceb96 libcli/auth Make gd's NDR NTLMSSP parsers helpers common 
(but not built in Samba4 for now)
 2009-12-22 21:07:51 +01:00
Volker Lendecke
47bee67c05 s3: Restore correct timeouts for SMB requests 2009-12-22 16:07:58 +01:00
Volker Lendecke
528c150d55 s3: Remove a pointless else branch 2009-12-22 14:08:08 +01:00
Volker Lendecke
b6f446ca35 s3: Move smb_splice_chain to smbd/process.c, its only user 2009-12-22 13:54:43 +01:00
Jeremy Allison
100168dfec Fix bug reported in mangle_hash code (no bugid yet). 
Don't change the contents of a const string via a pointer
alias (or if you do, change it back.....).

Jeremy.
 2009-12-21 17:46:32 -08:00
Volker Lendecke
9b6b01aab6 s3:winbind: Add a lower-cost alternative to wbinfo -t: wbinfo --ping-dc 
This just does a NULL RPC call through an existing NETLOGON connection. If
someone knows an operation that "just works" and does not return NOT_SUPPORTED,
please tell me :-)
 2009-12-21 23:23:52 +01:00
Volker Lendecke
2308ec70a5 s3:winbindd: Fix a brown paper bag bug in wbinfo -t ... 2009-12-21 22:36:15 +01:00
Jeremy Allison
74deee3cc9 Rename reply_doserror() -> reply_force_doserror(). 
Rewrite all calls to reply_nterror(NT_STATUS_DOS()) to
reply_force_doserror() and update the comment in smbd/error.c

Jeremy.
 2009-12-21 11:16:38 -08:00
Jeremy Allison
642101ac23 Remove all calls to reply_doserror - turn them into 
correct reply_nterror calls. Next rename reply_doserror ->
reply_force_doserror and plumb in when NT_STATUS_DOS is
used.
Jeremy.
 2009-12-21 11:05:25 -08:00
Jeremy Allison
714c60e627 Rename 282 -> ERReasnotsupported. 
Jeremy.
 2009-12-21 11:05:11 -08:00
Volker Lendecke
e7468fb129 s3: Shrink winbindd_proto.h a bit 2009-12-21 16:27:20 +01:00
Volker Lendecke
e1bf189e00 s3: Fix some nonempty blank lines 2009-12-21 16:27:19 +01:00
Volker Lendecke
d534a5be49 s3: Remove unused get_sam_group_entries 2009-12-21 16:27:19 +01:00
Volker Lendecke
0a130daf74 s3: Remove unused winbindd_dual_getsidaliases 2009-12-21 16:27:19 +01:00