1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-25 23:21:54 +03:00
Commit Graph

78466 Commits

Author SHA1 Message Date
Jeremy Allison
869fd8eeba Another fix for bug #8556 - ACL permissions ignored when SMBsetatr is requested.
Remove erroneous check on FILE_WRITE_ATTRIBUTES when changing POSIX
permissions - this isn't an attribute set call (unless you're storing
attributes in POSIX permissions, which is not recommended).

Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Tue Jan 24 00:44:24 CET 2012 on sn-devel-104
2012-01-24 00:44:22 +01:00
Richard Sharpe
3191040c3d Another fix for bug #8556 - ACL permissions ignored when SMBsetatr is requested.
Prevent systems with "store dos attributes = yes" from overriding
FILE_WRITE_ATTRIBUITES.
2012-01-23 12:50:25 -08:00
David Disseldorp
af6bf7714d lib: use differing NTSTATUS and WERROR struct members
This allows the compiler to catch uses of incorrectly typed arguments
for [NT_STATUS|W_ERROR]_IS_OK() and [NT_STATUS|W_ERROR]_EQUAL(). I.e.

WERROR werr;

werr = my_fn();        /* XXX returns WERROR type */

if (NT_STATUS_EQUAL(werr, NT_STATUS_OBJECT_NAME_COLLISION)) {
2012-01-23 12:18:20 -08:00
David Disseldorp
ec094bf9ac WERROR type variable being incorrectly checked with a NT_STATUS_IS_X
type macro.
2012-01-23 12:18:01 -08:00
David Disseldorp
c3a7573a84 s3-spoolss: fix incorrect error check type
NT_STATUS_IS_OK used to check WERROR type.

Autobuild-User: David Disseldorp <ddiss@samba.org>
Autobuild-Date: Sun Jan 22 05:03:36 CET 2012 on sn-devel-104
2012-01-22 05:03:36 +01:00
Michael Wood
d65f33de1d Log short_princ instead of uninitialised filter.
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Sat Jan 21 13:06:35 CET 2012 on sn-devel-104
2012-01-21 13:06:35 +01:00
Andrew Bartlett
39ee332f35 param: handle P_BYTES in more places 2012-01-21 11:32:06 +01:00
Stefan Metzmacher
c55db47f1c script/autobuild.py: cleanup on rebase failure
We can improve this to generate logs.tar.gz later...

metze

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Sat Jan 21 11:29:58 CET 2012 on sn-devel-104
2012-01-21 11:29:58 +01:00
Andrew Bartlett
e175d25c68 s3-libsmb: Always allow SMB_TRANS_ENC_GSS to be defined
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Sat Jan 21 01:28:54 CET 2012 on sn-devel-104
2012-01-21 01:28:53 +01:00
Andrew Bartlett
58916c047d s3-libsmb: Remove unused smb_tran_enc_state_gss and gssapi headers
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-20 23:55:55 +01:00
Andrew Bartlett
41ed715d42 s3-libsmb: use struct gensec_security directly
This is rather than via a now one-element union.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-20 23:55:55 +01:00
Andrew Bartlett
06f7105490 s3-libcli Change krb5 smb sealing to call via gensec and gensec_gse
This also fixes the support for smb sealing with krb5 in make test, as
this now relies on secrets.tdb rather than /etc/krb5.keytab.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-20 23:55:54 +01:00
Stefan Metzmacher
30b1e72556 s4:auth/gensec: make sure GSS_C_CONF_FLAG implies GSS_C_INTEG_FLAG
metze
2012-01-20 23:55:54 +01:00
Stefan Metzmacher
7fe189749e s3-gse: make sure GSS_C_CONF_FLAG implies GSS_C_INTEG_FLAG
metze
2012-01-20 23:55:54 +01:00
Stefan Metzmacher
6f0f10c798 s3-gse: implement fill_mem_keytab_from_[system|dedicated]_keytab
metze
2012-01-20 23:55:53 +01:00
Stefan Metzmacher
6158ea1abd s3-gse: create memory keytab in gse_krb5_get_server_keytab()
The other functions just add entries to it.

metze
2012-01-20 23:55:53 +01:00
Stefan Metzmacher
f86ab29470 s3-gse: fix SECRETS_AND_KEYTAB fallback in gse_krb5_get_server_keytab()
metze
2012-01-20 23:55:53 +01:00
Stefan Metzmacher
4e444f0061 s3:kerberos_verify: ads_dedicated_keytab_verify_ticket() only needs read access
metze
2012-01-20 23:55:52 +01:00
Stefan Metzmacher
a7275e57fd s3:smbd/proto.h: remove unused do_map_to_guest() prototype
metze
2012-01-20 23:55:52 +01:00
Andrew Bartlett
88daf798fe build: Add -lz to wbinfo to fix build on some hosts
This is required after the rework of the object lists for gensec_gse

Andrew Bartlett

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Fri Jan 20 23:33:14 CET 2012 on sn-devel-104
2012-01-20 23:33:14 +01:00
Volker Lendecke
5c88cfcc52 s3: Fix the build on FreeBSD8
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Fri Jan 20 21:58:04 CET 2012 on sn-devel-104
2012-01-20 21:58:04 +01:00
Stefan Metzmacher
c41d3c187e s3:configure.in: move gss_wrap_iov check to the other function checks
This also makes sure we search for it if it's in -lgssapi
instead of -lgssapi_krb5 or -lgss.

metze

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Fri Jan 20 20:23:13 CET 2012 on sn-devel-104
2012-01-20 20:23:13 +01:00
Stefan Metzmacher
fbb292ec14 s3:configure.in: require gssapi for ads support
This matches the waf checks.

metze
2012-01-20 18:44:10 +01:00
Stefan Metzmacher
004906e73c s3:configure.in: move krb5_set_real_time check to other function checks
metze
2012-01-20 18:44:10 +01:00
Stefan Metzmacher
74abe369df s3:build: for now do not require gsskrb5_extract_authz_data_from_sec_context
We do not use it yet.

metze
2012-01-20 18:44:10 +01:00
Stefan Metzmacher
018af56bf2 s3:configure.in: fix the shell logic in krb5 checks
metze
2012-01-20 18:44:10 +01:00
David Disseldorp
3bfcf343cf torture: add spoolss overlapping driver deletion tests
Signed-off-by: Andreas Schneider <asn@samba.org>

Autobuild-User: David Disseldorp <ddiss@samba.org>
Autobuild-Date: Fri Jan 20 18:20:14 CET 2012 on sn-devel-104
2012-01-20 18:20:14 +01:00
David Disseldorp
7123b592fe s3-spoolss: fix printer_driver_files_in_use() call ordering
printer_driver_files_in_use() performs two tasks: it returns whether any
of the files in the to-be-deleted driver overlap with other drivers, it
also trims such files from the info structure passed in.

In processing a DeletePrinterDataEx request with DPD_DELETE_UNUSED_FILES
set, printer_driver_files_in_use() must be called to ensure files in
use by other drivers are not removed.

https://bugzilla.samba.org/show_bug.cgi?id=4942

Signed-off-by: Andreas Schneider <asn@samba.org>
2012-01-20 17:44:06 +01:00
David Disseldorp
b37f66c7b7 torture: confirm printer driver file removal
Signed-off-by: Andreas Schneider <asn@samba.org>
2012-01-20 17:44:01 +01:00
David Disseldorp
cc8cd7b038 torture: add spoolss del printer driver test
Test handling of DeletePrinterDriverEx when the DPD_DELETE_ALL_FILES
flag is set.

Signed-off-by: Andreas Schneider <asn@samba.org>
2012-01-20 17:43:54 +01:00
David Disseldorp
b5f780c418 s3-spoolss: fix printer driver version deletion
Spoolss delete printer driver code currently makes invalid version
assumptions based on the architecture requested by the client.

Ugly hacks are in place to cover removal of other versions (2 and 3).
This change wraps multi version deletion in a simple for loop.

Signed-off-by: Andreas Schneider <asn@samba.org>
2012-01-20 17:43:50 +01:00
David Disseldorp
b2c9317cd1 s3-spoolss: prefix print$ path on driver file deletion
Driver file paths stored in the registry do not include the server path
prefix. delete_driver_files() incorrectly assumes such a prefix.

https://bugzilla.samba.org/show_bug.cgi?id=8697

Signed-off-by: Andreas Schneider <asn@samba.org>
2012-01-20 17:43:34 +01:00
Volker Lendecke
957ec28139 s3: Fix a typo
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Thu Jan 19 13:43:07 CET 2012 on sn-devel-104
2012-01-19 13:43:07 +01:00
Jeremy Allison
95c514a010 Now make_connection_snum() is a static function that takes a
connection_struct as a parameter, fix the interface to allow
it to return an NTSTATUS.

Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Thu Jan 19 07:25:49 CET 2012 on sn-devel-104
2012-01-19 07:25:49 +01:00
Stefan Metzmacher
6712997839 dynconfig/wscript: correctly cleanup PRIVATELIBDIR and MODULESDIR defaults
metze

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Thu Jan 19 00:47:50 CET 2012 on sn-devel-104
2012-01-19 00:47:49 +01:00
Jeremy Allison
39c627b607 Fix bug 8710 - connections.tdb - major leak with SMB2.
Ensure the cnum used to claim the connection for SMB2 is the
id that will be used for the SMB2 tcon. Based on code from
Ira Cooper <ira@wakeful.net>.

Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Jan 18 23:14:32 CET 2012 on sn-devel-104
2012-01-18 23:14:32 +01:00
Volker Lendecke
6d14128242 s3-aio-pthread: num threads should be int
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Wed Jan 18 21:04:20 CET 2012 on sn-devel-104
2012-01-18 21:04:20 +01:00
Andrew Bartlett
6411faf379 auth/gensec: align common elements between gse_context and gensec_gssapi_state
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Wed Jan 18 19:29:40 CET 2012 on sn-devel-104
2012-01-18 19:29:40 +01:00
Andrew Bartlett
e249bdd32e s3-gse: align common elements between gse_context and gensec_gssapi_state
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-18 16:23:25 +01:00
Andrew Bartlett
67279780dd s3-gensec: Add hook to allow gensec to know if kerberos is permitted
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-18 16:23:25 +01:00
Andrew Bartlett
45ec777e0e s3-gse: Make gensec_gse cope with non-DCE GSSAPI
The validation of the mutual authentication reply produces no further
data to send to the server.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-18 16:23:25 +01:00
Stefan Metzmacher
545c1ad1b9 s3-gse: the server should not check for GSS_C_MUTUAL_FLAG
It up to the client to ask for GSS_C_MUTUAL_FLAG,
except for the dcerpc case, where the server is stricter.

metze
2012-01-18 16:23:25 +01:00
Stefan Metzmacher
c5864deadc s3-gse: verify that we got GSS_C_DCE_STYLE when expected
GSS_C_DCE_STYLE implies GSS_C_MUTUAL_FLAG, so also check for it.

metze
2012-01-18 16:23:24 +01:00
Andrew Bartlett
ed88012dd2 s3-gse Remove authenticated flag from gse
The only user for this flag is called only directly after it was set.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-18 16:23:24 +01:00
Andrew Bartlett
c759097956 s3-gse remove special more_processing hook from gse
The NT_STATUS_MORE_PROCESSING_REQUIRED status code is what gensec
is expecting in any case.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-18 16:23:24 +01:00
Andrew Bartlett
5b90bcf83b s3-gse Rename gss_c_flags and ret_flags in gse
This make it clearer what type of flags these are and matches
gensec_gssapi

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-18 16:23:24 +01:00
Andrew Bartlett
cf39b63a7b s3-gse Rename gss_ctx to match gensec_gssapi_context
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-18 16:23:24 +01:00
Andrew Bartlett
e8c8d293d8 s3-gse Rename delegated_creds to match gensec_gssapi_context
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-18 16:23:24 +01:00
Andrew Bartlett
40715e1251 s3-librpc: pass struct ndr_interface_table down to cli_pipe_open_generic/spnego()
This allows the target service (as determined from the IDL) to be
passed to GSSAPI (rather than the current, incorrect, "cifs").

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-18 16:23:24 +01:00
Andrew Bartlett
9729bdf89f s3-utils/net: pass struct ndr_interface_table down
This will allow the target service (as determined from the IDL) to be
passed to GSSAPI (rather than the current, incorrect, "cifs").

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-18 16:23:24 +01:00