sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-25 23:21:54 +03:00
Code
66,531 Commits 60 Branches 1,144 Tags 452 MiB
25a2d94974
Commit Graph

33935 Commits

Author SHA1 Message Date
Simo Sorce
25a2d94974 s3-printing: Add method to skip refresh if just happned. 
This way if multiple process try to refresh at the same time we don't do it
over and over again.

Signed-off-by: Andreas Schneider <asn@cynapses.org>
 2010-09-15 12:53:40 +02:00
Simo Sorce
7022554915 s3-printing: Use printer list tdb in pcap. 
Signed-off-by: Andreas Schneider <asn@cynapses.org>
 2010-09-15 12:53:40 +02:00
Simo Sorce
d2a027ea94 s3-printing: Added a printer list database. 
Signed-off-by: Andreas Schneider <asn@cynapses.org>
 2010-09-15 12:53:40 +02:00
Günther Deschner
c35629cbb2 s3-nltest: add dsgetdc command. 
Guenther
 2010-09-15 10:18:02 +02:00
Günther Deschner
bbdbb0cbcc s3-libnetapi: try using netr_DsRGetDCNameEx() in DsGetDcName(). 
Guenther
 2010-09-15 10:16:01 +02:00
Günther Deschner
3fe966d280 s3-libnetapi: add DS request flags to public header. 
Guenther
 2010-09-15 08:32:58 +02:00
Günther Deschner
26672e228a s3-libnetapi: add DS_X_FLAGs to public header. 
Guenther
 2010-09-15 08:32:58 +02:00
Günther Deschner
45d772e0e6 libnetapi: add DOMAIN_CONTROLLER_INFO_FLAGS. 
Guenther
 2010-09-15 08:32:58 +02:00
Günther Deschner
5901e81acf s3-nltest: convert server input argument into --server. 
Guenther
 2010-09-15 08:32:58 +02:00
Günther Deschner
a609c03956 s3-nltest: rename print_result to print_netlogon_info_result. 
Guenther
 2010-09-15 08:32:58 +02:00
Günther Deschner
2d23ddb68d s3-build: only link in prs parser where needed. 
Guenther
 2010-09-15 08:25:23 +02:00
Günther Deschner
f7051250ea s3-waf: only link in prs parser where needed. 
Guenther
 2010-09-15 08:25:16 +02:00
Pierre Carrier
eeb24afd78 Allows changing the maximum number of simultaneous clients in winbindd through an smb.conf option. 
Signed-off-by: Jeremy Allison <jra@samba.org>
 2010-09-14 16:43:39 -07:00
Jeremy Allison
0b270f014f Ensure incoming timespec values correctly wrap at nsecs. 
Jeremy.
 2010-09-14 14:53:17 -07:00
Andrew Bartlett
15abd86d54 s3-torture Add tests to show that the dom_sid parsing was faulty. 
Andrew Bartlett
 2010-09-14 14:48:49 -07:00
Andrew Bartlett
1892df6ca8 s3-util_sid Use the NDR parser to parse struct dom_sid 
The manual parser failed to constrain the maximum number of
sub-authorities to 15, allowing an overflow of the array.

Andrew Bartlett
 2010-09-14 14:48:49 -07:00
Andrew Bartlett
51ecf79654 libcli/security Merge source3/ string_to_sid() to common code 
The source3 code repsects the limit of a maximum of 15 subauths,
while the source4 code does not, creating a security issue as
we parse string-form SIDs from clients.

Andrew Bartlett
 2010-09-14 14:48:49 -07:00
Andrew Bartlett
72a8ea4d15 s3-util_sid use ARRAY_SIZE() to ensure we never overflow the dom_sid 
This ensures that this, unlike the MAXSUBAUTHS macro, can't get
out of sync with the structure.

Andrew Bartlett
 2010-09-14 14:48:49 -07:00
Andrew Bartlett
9d44688681 s3-util_sid Accept S-1-5 as a SID 2010-09-14 14:48:48 -07:00
Andrew Bartlett
ce1e273a47 s3-dom_sid Use C99 types in dom_sid handling 
Andrew Bartlett
 2010-09-14 14:48:48 -07:00
Björn Jacke
4e8d6a779c s3/profile: remove the magical clock initialization from the profile code 
there's no point in not profiling times if no monotonic clock is found -
monotonic and realtime clock are equally fast. Just use clock_gettime_mono
instead.
 2010-09-14 22:45:07 +02:00
Björn Jacke
5f6a145800 s3/profiling: don't use CLOCK_PROCESS_CPUTIME_ID 
that clock is a CPU burnometer but we need a chronometer for profiling.
 2010-09-14 22:17:47 +02:00
Günther Deschner
4c45e291a7 s3-waf: fix the build after privilege code changes. 
Guenther
 2010-09-14 08:38:30 +02:00
Volker Lendecke
9271570516 s3: Remove some unnecessary if-statements 2010-09-13 22:02:44 -07:00
Jeremy Allison
b3fccd10a6 Fix bug 7409 - Thousands of reduce_name: couldn't get realpath. 
Don't log this at level 1 - every EACCES will generate one.
Thanks to muehlfeld@medizinische-genetik.de for pointing this out.

Jeremy.
 2010-09-13 16:54:21 -07:00
Volker Lendecke
69db4b4ccf ntlm_auth: Fix a valgrind error 2010-09-13 16:41:14 -07:00
Volker Lendecke
95a0b6830f s3: Fix a typo 2010-09-13 10:27:27 -07:00
Volker Lendecke
e03f8ded01 s3: Fix a typo (authentictaion->authentication) 2010-09-13 10:15:27 -07:00
Volker Lendecke
adfa071c5a s3: Remove a nesting level in winbindd_dual_pam_chauthtok 2010-09-12 18:30:38 +02:00
Andrew Bartlett
07cf3ba5c4 s3-auth Fix typo in comment 2010-09-11 22:32:43 +10:00
Andrew Bartlett
3b4db34011 s3-krb5 Fix Kerberos on FreeBSD with Samba4 DCs 
The idea of this patch is: Don't support a mix of different kerberos
features.

Either we should prepare a GSSAPI (8003) checksum and mark the request as
such, or we should use the old behaviour (a normal kerberos checksum of 0 data).

Sending the GSSAPI checksum data, but without marking it as GSSAPI broke
Samba4, and seems well outside the expected behaviour, even if Windows accepts it.

Andrew Bartlett
 2010-09-11 18:46:13 +10:00
Andrew Bartlett
eb6a0cc326 libcli/security Move 'private' privileges functions to another header 
These functions work on the bitmap, and are only exposed because
the source3/ privileges storage uses the bitmap in account_policy.tdb

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-09-11 18:46:13 +10:00
Andrew Bartlett
b733d9dee0 s3-samr Explian better the use of two privileges in this call 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-09-11 18:46:13 +10:00
Andrew Bartlett
6d2b1ef71d libcli/security Remove 'always true' return from se_priv_put_all_privileges 
Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-09-11 18:46:13 +10:00
Andrew Bartlett
aefe60da8c s3-util_sid Tidy up global struct security_token 
This no longer needs to be global, and should be const.  We now also
init it with the C99 style initialisers.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-09-11 18:46:12 +10:00
Andrew Bartlett
e3edd7ca3a s3-privs Add const 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-09-11 18:46:12 +10:00
Andrew Bartlett
4bf09967a4 s3-privs Remove extra pointer on privilege mask 
Now that this is a scalar, this isn't required.

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-09-11 18:46:12 +10:00
Andrew Tridgell
86fdb4c152 s3-privileges: add handling of both old and new formats in database 
We update privileges on a per-record basis instead of all at once, as
this maintains maximum compatibility is someone uses old tools with a
new version of Samba. The also auto-detects the byte order of the old
entries in the database, and copes with either native or reversed byte
order.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-09-11 18:46:12 +10:00
Andrew Bartlett
96e59faa62 s3-privs Remove unused function 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-09-11 18:46:11 +10:00
Andrew Bartlett
9883993b66 s3-privs Overhaul PRIVILEGE_SET handling, avoid dealing with the bitmap 
This avoids us dealing with the privilege bitmap in the LSA server, and
overhauls much of the rest of the handling to be currnet with the modern
world of talloc.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-09-11 18:46:11 +10:00
Andrew Bartlett
ad5ec58a71 s3-privs Hide the bitmap-based grant_privilege and revoke_privilege 
The new wrappers avoid anything but the core privileges code
dealing with the bitmap values directly.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-09-11 18:46:11 +10:00
Andrew Bartlett
4080ff7af5 s3-privs Make privilege_enum_sids() take an LUID, not a bitmap 
This moves one more privileges call away from direct bitmap manipuation.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-09-11 18:46:11 +10:00
Andrew Bartlett
6d78e11e17 libcli/security make sec_privilege_id() return SEC_PRIV_INVALID on failure. 
Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-09-11 18:46:10 +10:00
Andrew Bartlett
62e5900cd1 s3-privs Rework access_check_object() to take two privileges 
This allows the privileges bitmap to be used only when setting
privileges, and uses an the LUID constant for all 'does this user
have this privilege' operations.

The advantage is that we now only need one API to determine if a
token has a privilege, and much less code needs to know what type
is used for the underlying bitmap.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-09-11 18:46:10 +10:00
Andrew Bartlett
e0cbc68c0a s3-privs Rework privilege enumeration to also use new DB format 
Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-09-11 18:46:10 +10:00
Andrew Bartlett
2bb7b827d6 libcli/security Remove luid_to_se_priv() and luid_to_privilege_name() 
These functions duplicate other functions in the merged code.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-09-11 18:46:10 +10:00
Andrew Bartlett
ed6b4ddd71 s3-privs Directly manipulate the privileges bitmap. 
There is no longer any reason to go via the se_ functions to
manipulate this bitmap.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-09-11 18:46:10 +10:00
Andrew Bartlett
3bb77516b8 s3-privs Convert from user_has_privileges() -> security_token_has_privilege() 
This new call is available in the merged privileges code, and
takes an enum as the parameter, rather than a bitmask.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-09-11 18:46:09 +10:00
Andrew Bartlett
b057867de3 s3-privs Remove a pointer from grant_privilege() 
Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-09-11 18:46:09 +10:00
Andrew Bartlett
0e2142a927 s3-privs Remove pointer indirection from se_priv_to_privilege_set() 
Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-09-11 18:46:09 +10:00