sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-31 17:18:04 +03:00
Code
74,764 Commits 60 Branches 1,144 Tags 452 MiB
2e2631f554
Commit Graph

3425 Commits

Author SHA1 Message Date
Volker Lendecke
03333fc68c s3: Rename cli_fileinfo() to cli_fileinfo_basic() 2010-10-24 11:39:29 +02:00
Jeremy Allison
e1cfca1e2e Make getpwnam_alloc() static to lib/username.c, and ensure all username lookups go 
through Get_Pwnam_alloc(), which is the correct wrapper function. We were using
it *some* of the time anyway, so this just makes us properly consistent.

Jeremy.

Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Oct 20 16:02:12 UTC 2010 on sn-devel-104
 2010-10-20 16:02:12 +00:00
Andrew Bartlett
170b345e0c s3-auth Use security_token_debug() from common code 
This prints the security token including the privileges as strings
instead of just a bitmap.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-10-14 02:35:04 +00:00
Andrew Bartlett
deb7c02436 s3 Replace is_sid_in_token() with security_token_has_sid() from common code 
The two routines are identical, so there is no need to keep both.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-10-14 02:35:04 +00:00
Andrew Bartlett
f768b32e37 libcli/security Provide a common, top level libcli/security/security.h 
This will reduce the noise from merges of the rest of the
libcli/security code, without this commit changing what code
is actually used.

This includes (along with other security headers) dom_sid.h and
security_token.h

Andrew Bartlett

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104
 2010-10-12 05:54:10 +00:00
Günther Deschner
b7683a2c9d samr: for correctness, rename samr_RidTypeArray to samr_RidAttrArray. 
Guenther

Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Thu Oct  7 12:04:32 UTC 2010 on sn-devel-104
 2010-10-07 12:04:32 +00:00
Günther Deschner
0ff7e0c998 samba: share readline wrappers among all buildsystems. 
Guenther
 2010-10-01 22:30:22 +02:00
Günther Deschner
b38d0542e1 samba: share select wrappers. 
Guenther
 2010-10-01 22:30:22 +02:00
Günther Deschner
fa3264f89b s3-net: better handle obscure 0x80070002 error reply when trying to update an 
not yet published printer.

Guenther
 2010-10-01 08:33:46 +02:00
Günther Deschner
21576e3f8c s3-net: make sure we dont crash when publishing a single printer. 
Guenther
 2010-10-01 08:33:46 +02:00
Volker Lendecke
bad98e37e7 s3: Add "smbcontrol winbindd ip-dropped <local-ip>" 
This is supposed to improve the winbind reconnect time after an ip address
has been moved away from a box. Any kind of HA scenario will benefit from
this, because winbindd does not have to wait for the TCP timeout to kick in
when a local IP address has been dropped and DC replies are not received
anymore.
 2010-09-30 14:30:33 +02:00
Volker Lendecke
c7c4d84550 s3: Fix a typo in dump-domain-list smbcontrol usage msg 2010-09-30 13:17:45 +02:00
Jeremy Allison
f98d217514 Change to using TDB_INCOMPATIBLE_HASH (the jenkins hash) on all 
TDB_CLEAR_IF_FIRST tdb's. For tdb's like gencache where we open
without CLEAR_IF_FIRST and then with CLEAR_IF_FIRST if corrupt
this is still safe to use as if opening an existing tdb the new
hash will be ignored - it's only used on creating a new tdb not
opening an old one.

Jeremy.
 2010-09-27 17:18:54 -07:00
Jeremy Allison
03841f9e44 Fix bug #7698 - Assert causes smbd to panic on invalid NetBIOS session request. 
Found by the CodeNomicon test suites at the SNIA plugfest.

http://www.codenomicon.com/

If an invalid NetBIOS session request is received the code in name_len() in
libsmb/nmblib.c can hit an assert.

Re-write name_len() and name_extract() to use "buf/len" pairs and
always limit reads.

Jeremy.
 2010-09-26 03:01:03 -07:00
Volker Lendecke
bf6ca13346 s3: Remove talloc_autofree_context() from smbpasswd 
In both cases, pwd is freed immediately
 2010-09-26 03:29:29 +02:00
Volker Lendecke
77e96d3229 s3: Remove talloc_autofree_context() from net_sam_provision() 2010-09-26 03:29:29 +02:00
Volker Lendecke
e81db37a87 s3: Fix bug 7470 
S_IREAD and S_IWRITE are not standard.

Thanks to Joachim Schmitz <schmitz@hp.com> for reporting!
 2010-09-25 10:59:15 -07:00
Günther Deschner
ffdfcfb514 s3-dsgetdcname: always pass in messaging context. 
Volker, please check.

Guenther
 2010-09-23 10:26:25 -07:00
Günther Deschner
a11d6c77e4 s3-build: fix the build of split_tokens. 
Guenther
 2010-09-23 00:15:22 -07:00
Günther Deschner
fe4576dff0 s3-registry: fix some c++ build warnings. 
Guenther
 2010-09-22 12:57:34 -07:00
Michael Adam
cb5c86e502 s3:net: add subcommand net registry deletekey_recursive 
to delete a key including subkeys
 2010-09-22 06:30:01 +02:00
Michael Adam
7a25d13742 s3:registry: remove unneeded TALLOC_CTX argument from reg_deletekey_recursive 2010-09-22 06:30:01 +02:00
Gregor Beck
a52b7e7229 s3-net: add command rpc registry import 
Signed-off-by: Michael Adam <obnox@samba.org>
 2010-09-22 06:30:00 +02:00
Gregor Beck
96ba0cb8f2 s3-net: add command rpc registry export 
Signed-off-by: Michael Adam <obnox@samba.org>
 2010-09-22 06:30:00 +02:00
Gregor Beck
0afc83c255 s3-net: add command registry convert 
Signed-off-by: Michael Adam <obnox@samba.org>
 2010-09-22 06:30:00 +02:00
Gregor Beck
e7c2724c81 s3-net: add command registry export 
Signed-off-by: Michael Adam <obnox@samba.org>
 2010-09-22 06:30:00 +02:00
Gregor Beck
2a10fd769b s3-net: add command registry import 
Signed-off-by: Michael Adam <obnox@samba.org>
 2010-09-22 06:30:00 +02:00
Gregor Beck
44d10d0546 s3-net: let rpccli_winreg_Connect optionally return WERROR 
Signed-off-by: Michael Adam <obnox@samba.org>
 2010-09-22 06:30:00 +02:00
Michael Adam
2d67730daf s3:registry: move regio.h from include/ to registry/ 2010-09-21 09:08:33 +02:00
Michael Adam
0bd2756b97 s3:registry: move prototypes from reg_init_basic.c to their own header. 2010-09-21 08:52:06 +02:00
Michael Adam
b11cc30508 s3:registry: move the reg_api prototypes to their own header. 2010-09-21 08:52:06 +02:00
Günther Deschner
102a70e809 s3-util: use shared dom_sid_dup. 
Guenther
 2010-09-20 14:05:07 -07:00
Günther Deschner
4dbd743e46 s3-util_sid: use shared dom_sid_compare_auth and dom_sid_equal_X functions. 
Guenther
 2010-09-20 14:04:37 -07:00
Günther Deschner
62544c5d2b s3-build: only include smbldap.h where needed. 
Guenther
 2010-09-20 13:54:56 -07:00
Volker Lendecke
0858b7546e s3: Add the PAC info3 struct to the netsamlogon_cache in ntlm_auth 2010-09-16 12:02:57 -07:00
Volker Lendecke
547b268cfa s3: Correctly unwrap the krb ticket in gss-spnego 2010-09-16 12:02:56 -07:00
Volker Lendecke
70ab7eb530 s3: Fall back to raw NTLMSSP for the gss-spnego protocol 
This is to handle the mod_auth_ntlm_winbind protocol
sending "Negotiate" to IE, which sends raw NTLMSSP
instead of a SPNEGO wrapped NTLMSSP blob.
 2010-09-16 12:02:56 -07:00
Volker Lendecke
de2c143f4d s3: Split off output generation from manage_squid_ntlmssp_request 2010-09-16 12:02:56 -07:00
Volker Lendecke
ae483bbe9a s3: Wrap the ntlm_auth loop with a talloc_stackframe 2010-09-16 12:02:56 -07:00
Andrew Bartlett
6832d5e933 libcli/auth/ntlmssp Be clear about talloc parents for session keys 
The previous API was not clear as to who owned the returned session key.
This fixes a valgrind-found use-after-free in the NTLMSSP key derivation code,
and avoids making allocations - we steal and zero instead.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-09-16 21:09:17 +10:00
Volker Lendecke
6400f3ee62 s3: Fix some debug msgs in ntlm_auth 2010-09-15 10:31:00 -07:00
Volker Lendecke
9271570516 s3: Remove some unnecessary if-statements 2010-09-13 22:02:44 -07:00
Volker Lendecke
69db4b4ccf ntlm_auth: Fix a valgrind error 2010-09-13 16:41:14 -07:00
Volker Lendecke
95a0b6830f s3: Fix a typo 2010-09-13 10:27:27 -07:00
Volker Lendecke
e03f8ded01 s3: Fix a typo (authentictaion->authentication) 2010-09-13 10:15:27 -07:00
Andrew Bartlett
ad5ec58a71 s3-privs Hide the bitmap-based grant_privilege and revoke_privilege 
The new wrappers avoid anything but the core privileges code
dealing with the bitmap values directly.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-09-11 18:46:11 +10:00
Andrew Bartlett
4080ff7af5 s3-privs Make privilege_enum_sids() take an LUID, not a bitmap 
This moves one more privileges call away from direct bitmap manipuation.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-09-11 18:46:11 +10:00
Andrew Bartlett
b057867de3 s3-privs Remove a pointer from grant_privilege() 
Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-09-11 18:46:09 +10:00
Andrew Bartlett
a02ae674dd s3-privs Remove a pointer indirection from revoke_privilege() 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-09-11 18:46:08 +10:00
Andrew Bartlett
cbd72ab93b libcli/security Don't export privs[] as a global variable 
Instead, provide access functions for the LSA and net sam callers
for the information they need.

They still only enumerate the first 8 privileges that have traditionally
been exposed.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-09-11 18:46:08 +10:00
Andrew Bartlett
d1bb21b0d5 s3:auth Remove NT_USER_TOKEN 
The all UPPER case typedef is no longer the preferred Samba style
and this makes it easier to see that this is the IDL-derivied structure

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-09-11 18:46:06 +10:00
Andrew Bartlett
4bfc8d3b1a s3-auth Change struct nt_user_token -> struct security_token 
This common structure is defined in security.idl

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-09-11 18:46:05 +10:00
Andrew Bartlett
fcaa86f402 s3-privs Further changes to remove SE_PRIV 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-09-11 18:46:04 +10:00
Jeremy Allison
e850958928 Check all SMB_MALLOC returns correctly. Found by Andreas Moroder <andreas.moroder@gmx.net>. 
Jeremy
 2010-09-10 11:56:26 -07:00
Günther Deschner
f1aa9ebb08 s3-utils: remove unused variable in smbget. 
Guenther
 2010-09-09 11:11:04 +02:00
Björn Jacke
b4b453a287 s3: use time_mono throughout in smbget 2010-09-08 22:33:32 +02:00
Björn Jacke
b4ae2efa96 s3: use monotonic clock for time deltas in smbget 2010-08-31 13:10:45 +02:00
Andrew Bartlett
8c15cf54ae s3-auth Rename NT_USER_TOKEN user_sids -> sids 
This is closer to the struct security_token from security.idl
 2010-08-31 10:20:14 +10:00
Volker Lendecke
0f83aa8650 s3: Remove the dependency of g_lock on procid_self 
procid_self() references global vars, don't depend on them unnecessarily
 2010-08-28 12:28:53 +02:00
Günther Deschner
7a05ca2c9c s3-build: use dbwrap.h only where needed. 
Guenther
 2010-08-26 00:25:55 +02:00
Günther Deschner
ca765d2f50 s3-build: only include krb5 environment variables where required. 
Guenther
 2010-08-26 00:20:29 +02:00
Günther Deschner
2b41f421fd s3-idmap: only include idmap headers where needed. 
Guenther
 2010-08-26 00:20:29 +02:00
Günther Deschner
b5bdcdd65e s3-build: only include "fake_file.h" where needed. 
Guenther
 2010-08-26 00:20:28 +02:00
Günther Deschner
7ff7eb0b52 s3-build: only include nsswitch header where needed. 
Guenther
 2010-08-26 00:20:28 +02:00
Günther Deschner
e978a3d3f4 s3-lsa: separate out init_lsa headers. 
Guenther
 2010-08-25 22:50:39 +02:00
Michael Adam
502d00e463 s3:net: remove the "net idmap secret alloc" functionality. 
This is now not available any more, since allocation is moved
below the id mapping layer. The functionality could be
reintroduced on a per domain basis as an e.g
"net idmap secret <domain> alloc" command.
 2010-08-14 02:10:41 +02:00
Michael Adam
a03e2cacaf s3:net: rewrite "net idmap restore" using dbwrap 
This removes the use of libwbclient from "net idmap".

This detects the idmap backend from the current smb.conf
and stores the id mapping tables in the corresponding data bases.
Currently, only tdb and tdb2 backends are supported.
Support for the ldap backend may be implemented later.
 2010-08-14 02:10:30 +02:00
Michael Adam
80bceab9cb s3:net: change "net idmap dump" to use dbwrap instead of direct tdb access 
This way, it will also work in a samba-ctdb cluster.
 2010-08-14 02:10:30 +02:00
Michael Adam
a0920a5ee5 s3:net sam provision: compose sid before getting uid for Guest 
Michael
 2010-08-14 02:10:30 +02:00
Michael Adam
d923907ced s3:net sam provision: allocate the uid after composing the sid for Administrator 
Michael
 2010-08-14 02:10:30 +02:00
Volker Lendecke
128976e011 s3: Lift the server_messaging_context from notify_printer_byname 2010-08-08 18:09:36 +02:00
Volker Lendecke
9b3a53a7a7 s3: Lift the server_messaging_context from notify_job_status_byname 2010-08-08 18:09:35 +02:00
Volker Lendecke
49d18478fd s3: Lift the server_messaging_context from notify_printer_status_byname 2010-08-08 18:09:34 +02:00
Stefan Metzmacher
1c515fb94b s3:utils/net_rpc_service.c: we also need some ndr_pull functions 
metze
 2010-08-08 11:05:18 +02:00
Günther Deschner
16949ef75a s3-net: fix copy/paste typo in usage of "net printing". 
Guenther
 2010-08-06 17:38:15 +02:00
Günther Deschner
002ac5681f s3-net: only include netapi header when needed. 
Guenther
 2010-08-06 15:43:38 +02:00
Günther Deschner
2523aec6d1 s3-rap: include svcctl.h where needed. 
Guenther
 2010-08-06 15:43:37 +02:00
Günther Deschner
ae36783c7b s3-passdb: include samr.h where needed. 
Guenther
 2010-08-06 15:43:37 +02:00
Volker Lendecke
e6604e5d20 s3: Remove some explicit calls to procid_self() 2010-08-06 15:15:57 +02:00
Andreas Schneider
ce2a086119 s3-popt: Only include popt-common.h when needed. 2010-08-05 12:08:31 +02:00
Günther Deschner
c136b84f0d s3-secrets: only include secrets.h when needed. 
Guenther
 2010-08-05 10:12:25 +02:00
Günther Deschner
e7a6a3ec0d s3: avoid global include of ads.h. 
Guenther
 2010-08-05 00:32:02 +02:00
Volker Lendecke
867626abca s3: Convert cli_list() to return NTSTATUS 
If needed, the callback functions can count themselves
 2010-08-04 20:32:50 +02:00
Volker Lendecke
0213cfa6af s3: Fix some nonempty blank lines 2010-08-01 18:11:06 +02:00
Günther Deschner
813fbbd68c s3-build: avoid to globally include printing and spoolss headers. 
This shrinks precompiled headers by 3MB and will slightly speed up any build.

Guenther
 2010-07-31 00:50:31 +02:00
Volker Lendecke
dace013898 s3: Remove a typedef (struct file_info) 2010-07-27 21:05:35 +02:00
Volker Lendecke
2ef87d8ec0 s3: fix a typo 2010-07-26 15:05:19 +02:00
Simo Sorce
26f1218a36 s3-libsmb: Use data_blob_talloc to get krb5 ticket and session keys 2010-07-20 20:02:09 -04:00
Simo Sorce
cdcdaaa6dd s3-ntlmssp: Remove ntlmssp_end and let the talloc hierarchy handle it. 
All the members are children of ntlmssp_state anyway.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2010-07-19 14:19:47 +10:00
Volker Lendecke
b1717ac92e s3: Fix some nonempty blank lines 2010-07-18 21:22:41 +02:00
Günther Deschner
80b47fcb0a s3-libnet: better separate headers. 
Guenther
 2010-07-13 22:40:46 +02:00
Ira Cooper
90b1a1d296 s3: Add SMB2 performance counters. 
A performance counter was added for every base type of SMB2 op.
 2010-07-07 18:06:59 -07:00
Volker Lendecke
9e3fc22c60 s3: Fix bug 7338, smbget skips leading slash when using a custom outputfile 2010-07-04 11:44:20 +02:00
Volker Lendecke
285176cbc9 s3: Fix some nonempty blank lines 2010-07-04 11:44:20 +02:00
Günther Deschner
61e956036e s3-net: forgot to set type in winreg getvalue operation. 
Guenther
 2010-07-02 13:09:41 +02:00
Günther Deschner
786198e523 s3-registry: remove unused reg_util_marshalling code. 
Guenther
 2010-07-02 10:50:21 +02:00
Günther Deschner
b381fba089 s3-registry: avoid using registry_value union. 
Just pull and push data as is.

Guenther
 2010-07-02 10:50:21 +02:00
Günther Deschner
dff7be8ccb s3-libads: only include libds flags where needed. 
Guenther
 2010-07-01 23:20:40 +02:00
Günther Deschner
56538be6af s3-libads: move ads_dns out of main includes. 
Guenther
 2010-07-01 23:20:40 +02:00
Günther Deschner
2f9076ac29 s3-libads: use shared well known guids. 
Guenther
 2010-07-01 21:17:17 +02:00
Günther Deschner
62e2d4a504 s3-utils: remove rpccheck. 
Impossible to get this to compile after the conversion to pidl.

Guenther
 2010-06-29 16:14:46 +02:00
Andreas Schneider
eb7bf9d730 s3-net: Make sure we don't call free on garbage. 
Found by clang-analyzer.
 2010-06-29 11:12:12 +02:00
Andreas Schneider
1db7356fa1 s3-net: Use talloc_asprintf and return if file is in wrong format. 
Found by clang-analyzer.
 2010-06-29 11:12:12 +02:00
Andreas Schneider
0c579bc3e6 s3-net: Make sure that the data blob is initialized. 
Found by clang-analyzer.
 2010-06-28 12:56:13 +02:00
Michael Adam
36b95fee15 s3:net [rpc] registry: be as user-friendly as possible wrt to the normalization change 
The registry has been changed to use '\' as a key delimiter instead of '/'.
Originally, one could mix both characters in the specification of registry
key for net [rpc] registry. Now this can not work any more, since '/' is
generally treated as a valid character of a key name.

Now, to be as user-friendly as possible, the net [rpc] registry code has
been changed to still support '/' as a key name delimiter if no '\' character
is found in the given registry path string. In that case, all '/' characters
are converted to '\' characters before proceeding. If on the other hand,
a '\' character is found in the path string, then no conversion is assumed,
and it is hence assumed that the path is already in the correct form and
'/' characters are supposed to be part of the key names.
 2010-06-25 17:35:42 +02:00
Michael Adam
b784c20df8 s3:net rpc registry: make getsd succeed when key sd only gives access to SD not key contents 
You don't need the REG_KEY_READ permissions to access the SD of a key.
And for instance, the key HKLM\security ususally has no specific bits
set for builtin\administrators, but the READ_CONTROL_ACCESS.
I.e. builtin\administrators can get the sd but not enumerate the key.
 2010-06-21 12:38:25 +02:00
Matthew McGillis
f769671780 Fix bug with incorrect flag values for inherited ace in some cases. 2010-06-07 10:19:18 +02:00
Günther Deschner
30a9ddccff s3-spoolss: add and use spoolss_printerinfo2_to_setprinterinfo2(). 
This fixes some invalid typecasts.

Guenther
 2010-06-03 16:32:49 +02:00
Günther Deschner
a75436e3ee s3-security: use shared SECINFO_DACL define. 
Guenther
 2010-06-03 11:00:12 +02:00
Andrew Bartlett
ebae21f023 ntlmssp: Make the ntlmssp.h from source3/ a common header 
The code is not yet in common, but I hope to fix that soon.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-05-31 15:10:56 +02:00
Günther Deschner
fbb7814f91 s3: only use netlogon/nbt header when needed. 
Guenther
 2010-05-31 11:32:37 +02:00
Günther Deschner
f9f8007361 s3-build: only use ndr_security.h where needed. 
Guenther
 2010-05-31 11:32:37 +02:00
Günther Deschner
66adb84e46 s3-build: only use ndr_samr.h where needed. 
Guenther
 2010-05-28 02:49:36 +02:00
Günther Deschner
6a14dad13c s3-net: fix the build. 
Guenther
 2010-05-26 23:17:35 +02:00
Günther Deschner
f12028a3fd s3-net: fix a "dereferencing type-punned pointer will break strict-aliasing rules" warning. 
Guenther
 2010-05-25 12:43:00 +02:00
Michael Adam
0fe1ff99a1 s3:registry: move reg_objects.h to registry/ and use it only where needed 
Every place outside of registry/ where this is used, should probably
be changed to use pure reg_api.c code.
 2010-05-25 10:35:31 +02:00
Michael Adam
0e8e5d5d6e s3:net rpc registry: use regval_ctr_init() instead of direct allocation 2010-05-25 10:35:31 +02:00
Michael Adam
bf65ff5ea2 s3:profiles: use regval_ctr_init() instead of direct allocation 2010-05-25 10:35:30 +02:00
Michael Adam
112eddf107 s3:net_rpc_printer: use regval_blob/ctr accessor functions 2010-05-25 10:35:30 +02:00
Michael Adam
c4de07a259 s3:net rpc printer: fix use of a possibly uninitialized variable 2010-05-25 10:35:30 +02:00
Michael Adam
e829b42978 s3:registry: extract registry_pull/push_value prototypes into own header 
reg_util_marshalling.h and use them only where needed.
 2010-05-25 10:35:27 +02:00
Michael Adam
f3053739b7 s3:registry: move prototype registry_create_admin_token() to new header reg_util_token.h 
and use it only where necessary.
 2010-05-25 10:35:26 +02:00
Michael Adam
847a19df94 s3:registry: extract reg_eventlog prototypes to header of their own 
and use them only where needed.
 2010-05-25 10:35:26 +02:00
Michael Adam
d335f292ce s3:registry: extract the reg_backend_db prototypes into their own header. 
And use them only where needed.
 2010-05-25 10:35:25 +02:00
Michael Adam
9ccf66379a s3:registry: adapt callers of regval_ctr_addvalue to uint8 * instead of char * 2010-05-25 10:35:25 +02:00
Günther Deschner
7c979adfbf s3-net: fix net_ads_gpo() for non-ads case. 
Guenther
 2010-05-21 18:09:14 +02:00
Andrew Bartlett
cba7f8b827 s3:dom_sid Global replace of DOM_SID with struct dom_sid 
This matches the structure that new code is being written to,
and removes one more of the old-style named structures, and
the need to know that is is just an alias for struct dom_sid.

Andrew Bartlett

Signed-off-by: Günther Deschner <gd@samba.org>
 2010-05-21 10:39:59 +02:00
Andrew Bartlett
a92b653af9 s3:passdb Remove use of uint8 uint16 and uint32 in favour of C99 types 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-05-21 10:24:55 +02:00
Günther Deschner
33a156f0c1 s3-net: show how to use filters for group policy processing. 
Guenther
 2010-05-20 18:45:48 +02:00
Günther Deschner
96962277da s3-net: let net_ads_gpo() call no_ads when built w/o ads support. 
Guenther
 2010-05-20 18:45:40 +02:00
Günther Deschner
32809efe76 s3-net: compile net_ads_gpo_apply(). 
Guenther
 2010-05-20 18:45:29 +02:00
Günther Deschner
026fae89d6 s3-utils: remove trailing whitespace from profiles utility. 
Guenther
 2010-05-20 14:18:01 +02:00
Andreas Schneider
33c96e6d3a s3-net: Created a migration tool for printing TDBs. 
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-05-20 11:08:14 +02:00
Günther Deschner
8478770c35 s3-rpc_client: move protos to init_samr.h 
Guenther
 2010-05-18 21:42:57 +02:00
Günther Deschner
cc06133b0a s3-rpc_client: move protos to cli_spoolss.h 
Guenther
 2010-05-18 21:42:45 +02:00
Günther Deschner
230b880d14 s3-rpc_client: move protos to cli_lsarpc.h 
Guenther
 2010-05-18 21:42:41 +02:00
Günther Deschner
5ed3654112 s3-rpc_client: move protos to cli_netlogon.h 
Guenther
 2010-05-18 21:42:37 +02:00
Günther Deschner
3f2719c202 s3-rpc_client: move protos to cli_samr.h 
Guenther
 2010-05-18 21:42:32 +02:00
Günther Deschner
007b996267 s3-net: also dump security descriptors from ntprinters.tdb in "net printing dump". 
Guenther
 2010-05-18 15:34:02 +02:00
Günther Deschner
9bbf761bfe s3-net: Added a rather trivial "net printing dump" command. 
Guenther
 2010-05-18 15:06:17 +02:00
Günther Deschner
d4474ba470 s3-secdesc: use SD_REVISION from security.idl. 
Guenther
 2010-05-18 12:52:18 +02:00
Günther Deschner
7f6bb48bdf s3-secdesc: remove "typedef struct security_descriptor SEC_DESC". 
Guenther
 2010-05-18 12:30:12 +02:00
Günther Deschner
8951c8301a s3-secdesc: remove "typedef struct security_acl SEC_ACL". 
Guenther
 2010-05-18 12:30:12 +02:00
Günther Deschner
a8b01d1f3b s3-secdesc: remove "typedef struct security_ace SEC_ACE". 
Guenther
 2010-05-18 12:30:11 +02:00
Jelmer Vernooij
b8268cf7b0 s3: Remove use of iconv_convenience. 2010-05-18 11:45:31 +02:00
Günther Deschner
e9f5bdf6b5 smbconf: only include smbconf headers where needed. 
Guenther
 2010-05-18 10:36:33 +02:00
Günther Deschner
fe31b67d5e s3-registry: only include registry headers when really needed. 
Guenther
 2010-05-18 01:15:38 +02:00
Günther Deschner
1d2dd47d31 s3-crypto: only include crypto headers when crypto is done. 
Guenther
 2010-05-18 00:44:27 +02:00
Günther Deschner
3b529d50be s3-rpc_misc: clean out include/rpc_misc.h. 
Well known rids don't really belong into an rpc header, just use the ones
defined in security.idl.

Guenther
 2010-05-18 00:44:26 +02:00
Günther Deschner
3d5972c43f s3-libgpo: move group policy protos to where they belong. 
Guenther
 2010-05-17 21:07:17 +02:00
Matthew McGillis
843c6a03c7 added support for a -I flag 2010-05-17 10:21:51 +02:00
Matthew McGillis
4fee40e2c0 Consolidate all set SEC_DESC into single procedure set_secdesc 2010-05-17 10:21:50 +02:00
Andrew Bartlett
454b0b3f20 s3:kerberos Return PAC_LOGON_INFO rather than the full PAC_DATA 
All the callers just want the PAC_LOGON_INFO, so search for that in
ads_verify_ticket(), and don't bother the callers with the rest of the
PAC.

This change makes sense on it's own (removing boilerplate wrappers
that just confuse the code), but it also makes it much easier to
implement a matching ads_verify_ticket() function in Samba4 for the
s3compat proposal.

Andrew Bartlett

Signed-off-by: Günther Deschner <gd@samba.org>
 2010-05-11 22:52:37 +02:00
Günther Deschner
7887d99a60 s3-net: Fix Bug #7417. 'net rpc user password' can set the wrong password. 
Guenther
 2010-05-10 10:36:39 +02:00
Günther Deschner
d2d7174394 s3-eventlog: move all eventlog headers to lib/eventlog and only include where required. 
Guenther
 2010-05-06 13:41:51 +02:00
Günther Deschner
c6ebab846d s3: only include gen_ndr headers where needed. 
This shrinks include/includes.h.gch by the size of 7 MB and reduces build time
as follows:

ccache build w/o patch
real    4m21.529s
ccache build with patch
real    3m6.402s

pch build w/o patch
real    4m26.318s
pch build with patch
real    3m6.932s

Guenther
 2010-05-06 00:22:59 +02:00
Volker Lendecke
5a56bc948e s3: Fix bug 5972 -- remove -L testparm parameter 
Thanks to TAKAHASHI Motonobu <monyo@samba.gr.jp> to point out that this does
not work and to agree it's not worth fixing :-)
 2010-05-05 18:07:45 +02:00
Günther Deschner
6659a0fe92 s3-net: fix crash in rap_share_add(). 
Guenther
 2010-05-05 17:21:06 +02:00
Matthew McGillis
6be5bc8e80 Consolidate all get SEC_DESC into single procedure get_secdesc 2010-05-03 08:07:03 +02:00
Matthew McGillis
0a8b2b2119 always pass filename as const char 2010-05-03 08:06:56 +02:00
Jeremy Allison
ce8595f68e Fix more S3 build breakage. Matthias, please ensure S3 builds when 
changing common code.

Jeremy.
 2010-04-27 12:10:20 -07:00
Günther Deschner
6864828d9d s3: use shared registry functions. 
Guenther
 2010-04-27 16:42:15 +02:00
Günther Deschner
dbfff90185 s3: fix some build warnings. 
Guenther
 2010-04-26 22:53:00 +02:00
Günther Deschner
7259762909 s3: use generated rap header. 
Guenther
 2010-04-26 22:52:59 +02:00
Volker Lendecke
abdb96b8ff s3: Implement "net rpc user setprimarygroup" 2010-04-26 17:10:31 +02:00
Jim McDonough
61bdffbf8e Fix i18n of net conf import error message. 
Thanks gd
 2010-04-20 17:45:06 -04:00
Jim McDonough
a22f03e02c Display an error on net conf import failures. 
When something goes wrong, such as a typo in a parameter
name, we'll now display the failure instead of just returning
with -1 and no message.
 2010-04-20 16:28:47 -04:00
Günther Deschner
63b111bd32 s3: add iconv_convenience handle to pull/push sz helpers. 
Guenther
 2010-04-09 18:33:45 +02:00
Volker Lendecke
9ecc30837b s3: Slightly simplify unmap_unix_group 2010-03-28 19:05:36 +02:00
Jeremy Allison
fac8ca52ad Fix bug #7240 - Net usershare is not case sensitive. 
Updates usershare files in a backwards compatible way.
I don't intend to back port this fix to 3.5.x as it
depends on a version upgrade in the share_info.tdb share security database.

Jeremy.
 2010-03-26 17:09:58 -07:00
Kai Blin
e968db6739 s3 ntlm_auth: Don't malloc data that will be talloc_free()d 
This fixes bug #7290
Thanks to Mohan <mohann@silver-peak.com> for the bug report.
 2010-03-26 13:43:21 -07:00
Stefan Metzmacher
dee63fe4ca s3:ntlmssp: use client.netbios_name instead of workstation 
metze

Signed-off-by: Günther Deschner <gd@samba.org>
 2010-03-24 17:34:56 +01:00
Stefan Metzmacher
ca2a5693bf s3:ntlmssp: rename void *auth_context; into void *callback_private; 
metze

Signed-off-by: Günther Deschner <gd@samba.org>
 2010-03-24 17:34:55 +01:00
Stefan Metzmacher
7c0ea293f9 s3:ntlmssp: remove unused get_global_myname() and get_domain() from ntlmssp_state 
Inspired by the NTLMSSP merge work by Andrew Bartlett.

metze

Signed-off-by: Günther Deschner <gd@samba.org>
 2010-03-24 17:34:55 +01:00
Stefan Metzmacher
7d977da925 s3:ntlmssp: pass names and use_ntlmv2 to ntlmssp_client_start() and store them 
Inspired by the NTLMSSP merge work by Andrew Bartlett.

metze

Signed-off-by: Günther Deschner <gd@samba.org>
 2010-03-24 17:34:55 +01:00
Stefan Metzmacher
eb17809812 s3:ntlmssp: pass names to ntlmssp_server_start() and store them in ntlmssp_state 
Inspired by the NTLMSSP merge work by Andrew Bartlett.

metze

Signed-off-by: Günther Deschner <gd@samba.org>
 2010-03-24 17:34:54 +01:00
Karolin Seeger
a6bfc1a2d0 s3-testparm: Throw warning when 'workgroup' and 'netbios name' are identical. 
Address bug #7285 (NetBIOS Namespace Clash Handling).

Karolin
 2010-03-24 15:09:23 +01:00
Günther Deschner
0d8ab38055 s3: fix buildwarning in smbta-util. 
Guenther
 2010-03-16 22:28:03 +01:00
Andreas Schneider
f98941033d Fix developer build, remove malloc 2010-03-16 13:27:00 -04:00
Jim McDonough
9447f863d2 Don't exit(0) on error 2010-03-16 09:58:34 -04:00
Holger Hetterich
5b7179d2a3 Add smbta-util to manage the encryption key. 
This program allows the administrator to enable or disable AES
encryption when using vfs_smb_traffic_analyzer. It also generates new
keys, stores them to a file, so that the file can be reused on another
client or server.
 2010-03-16 09:52:10 -04:00
Michael Adam
c27c430b21 s3:smbcacls: also honour the "--sddl" flag when setting ACLs. 
Michael
 2010-03-16 00:12:25 +01:00
Volker Lendecke
e3913084cd s3: Add "net registry increment" 
A convenience function to increment a DWORD value under a (cluster-wide) lock
 2010-03-12 16:55:28 +01:00
Volker Lendecke
79100c2421 s3: Add "g_lock_do" as a convenience wrapper function 2010-03-12 14:23:25 +01:00
Volker Lendecke
1728b5fa6f s3: Actually use mem_ctx in net_g_lock_init() 2010-03-12 12:12:42 +01:00
Volker Lendecke
67d1b01590 s3: Fix some "net registry" usage messages 2010-03-12 11:47:37 +01:00
Volker Lendecke
89c785c47a s3: Fix a long-standing problem with recycled PIDs 
When a samba server process dies hard, it has no chance to clean up its entries
in locking.tdb, brlock.tdb, connections.tdb and sessionid.tdb.

For locking.tdb and brlock.tdb Samba is robust by checking every time we read
an entry from the database if the corresponding process still exists. If it
does not exist anymore, the entry is deleted. This is not 100% failsafe though:
On systems with a limited PID space there is a non-zero chance that between the
smbd's death and the fresh access, the PID is recycled by another long-running
process. This renders all files that had been locked by the killed smbd
potentially unusable until the new process also dies.

This patch is supposed to fix the problem the following way: Every process ID
in every database is augmented by a random 64-bit number that is stored in a
serverid.tdb. Whenever we need to check if a process still exists we know its
PID and the 64-bit number. We look up the PID in serverid.tdb and compare the
64-bit number. If it's the same, the process still is a valid smbd holding the
lock. If it is different, a new smbd has taken over.

I believe this is safe against an smbd that has died hard and the PID has been
taken over by a non-samba process. This process would not have registered
itself with a fresh 64-bit number in serverid.tdb, so the old one still exists
in serverid.tdb. We protect against this case by the parent smbd taking care of
deregistering PIDs from serverid.tdb and the fact that serverid.tdb is
CLEAR_IF_FIRST.

CLEAR_IF_FIRST does not work in a cluster, so the automatic cleanup does not
work when all smbds are restarted. For this, "net serverid wipe" has to be run
before smbd starts up. As a convenience, "net serverid wipedbs" also cleans up
sessionid.tdb and connections.tdb.

While there, this also cleans up overloading connections.tdb with all the
process entries just for messaging_send_all().

Volker
 2010-03-10 16:07:10 +01:00
Volker Lendecke
5a3633faf1 s3: Fix the build of net_afs.c with --fake-kaserver=yes, bug 7216 
Thanks to Geza Gemes <geza@kzsdabas.hu> for filing this bug
 2010-03-06 13:00:53 +01:00
Volker Lendecke
fce6e1def8 s3: Make "smbcontrol xx debuglevel" print the correct cluster pid 2010-03-05 17:07:57 +01:00
Günther Deschner
a99ac4f236 s3-net: fix net after spoolss_EnumPrinterDataEx IDL change. 
Guenther
 2010-03-05 15:18:01 +01:00
Günther Deschner
37ca9288d2 s3-net: fix net after spoolss_SetPrinterData{Ex} IDL change. 
Guenther
 2010-03-05 15:17:59 +01:00
Karolin Seeger
340797f3fa Fix typo in comments. 2010-03-03 16:03:13 +01:00
Michael Adam
27ae935a8d s3:net: add a command "net registry setsd_sdd" 
This permits to set the security descriptor of a registry
key from the unix command line.

Michael
 2010-03-03 09:16:38 +01:00
Michael Adam
6f4bdbccf7 s3:net: fix some i18n messages in net_registry_getsd_internal(). 
Michael
 2010-03-03 09:16:38 +01:00
Michael Adam
d8b828d4a9 s3:net: add i18n macro _() to one message 
Michael
 2010-03-03 09:16:38 +01:00
Michael Adam
caa27bb165 s3:net: add new subcommand "net registry getsd_sddl" to print secdesc in sddl format 
Michael
 2010-03-03 09:16:37 +01:00
Michael Adam
93d438d970 s3:net: refactor getting of secdesc out of net_registry_getsd() 
New net_registry_getsd_internal does the work(),
net_registry_getsd() just prints the result.
This in preparation to add support for other output formats
than the currently used display_sec_desc().

Michael
 2010-03-03 09:16:36 +01:00
Michael Adam
9cea4d5969 s3:smbcacls: add switch "--sddl" to output acls as sddl encoded strings 2010-03-03 09:16:35 +01:00
Holger Hetterich
e3c2e1a303 s3: net_share.c: fix argc handling 
The "net share" command was no longer possible because it enters
the net_share function with argc == 0.
 2010-03-02 15:27:58 -08:00
Volker Lendecke
d6a6872506 s3: Abstract access to sessionid.tdb, similar to conn_tdb.c 2010-03-01 17:53:22 +01:00
Volker Lendecke
8bebb380e8 s3: Add connections_forall_read() 
In a cluster, this makes a large difference: For r/w traverse, we have to do a
fetch_locked on every record which for most users of connections_forall is just
overkill.
 2010-03-01 14:51:34 +01:00
Simo Sorce
61b7a24f16 s3 move the sitename cache in its own file 2010-02-23 12:46:26 -05:00
Volker Lendecke
c31cf0a1b5 s3: Consolidate some pid_to_procid() calls to procid_self() 2010-02-23 17:20:28 +01:00
Volker Lendecke
752bffc53f s3: Consolidate server_id_self into the equivalent procid_self() 2010-02-23 15:30:00 +01:00
Holger Hetterich
6ec6fa0ac4 s3: eventlogadm.c: add -s option to use alternative config file. 
Update the manpage accordingly.
 2010-02-15 08:31:44 +01:00
Andrew Tridgell
862a17e9ba s3: last part of TYPESAFE_QSORT() conversion 
convert smbcacls, sharesec and web/
 2010-02-14 18:44:21 +11:00
Volker Lendecke
b00d223f87 s3: Fix Coverity ID 629: DEADCODE 
We have already returned if (argc < 1) above
 2010-02-13 17:47:43 +01:00
Michael Adam
09f3ed1024 s3:make "net conf addshare" atomic by wrapping all writes in one transaction 
Michael
 2010-02-12 23:12:12 +01:00
Volker Lendecke
a66c40ff38 s3:dbwrap: If "-n" is given to dbwrap_torture, open db with CLEAR_IF_FIRST 2010-02-12 23:12:10 +01:00
Volker Lendecke
4c1c3f2549 s3: Implement global locks in a g_lock tdb 
This is the basis to implement global locks in ctdb without depending on a
shared file system. The initial goal is to make ctdb persistent transactions
deterministic without too many timeouts.
 2010-02-12 23:12:09 +01:00
Günther Deschner
89c089d993 s3-net: fix net ads dns usage calls. 
Bjoern, please check.

Guenther
 2010-02-08 11:55:52 +01:00
Jeremy Allison
f387ed88e8 Fix bug #7069 - smbget does not return an error status after some errors 
A combination patch from Johannes Poehlmann <johannes@lst.de> and
Jeremy. Fix the return codes from smb_download_file() and smb_download_dir().

Jeremy.
 2010-01-28 10:38:24 -08:00
Volker Lendecke
dc1bcec73c s3: Add --use-ccache to net 2010-01-24 20:32:17 +01:00
Volker Lendecke
bff48738a8 s3: Fix a bug in net's use of popt 
In order to add --use-ccache to net, I added another "bool opt_ccache;" to
struct net_context. popt did not like this, it took a while to figure out why.
Popt has the lines

    /* XXX Check alignment, may fail on funky platforms. */
    if (arg == NULL || (((unsigned long)arg) & (sizeof(*arg)-1)))
        return POPT_ERROR_NULLARG;

The "bool opt_ccache;" was not aligned anymore...
 2010-01-24 20:32:17 +01:00
Volker Lendecke
3e1a1616ec s3: Use global_sid_Builtin in net_groupmap_memberships 2010-01-23 14:35:37 +01:00
Kai Blin
66de52c4f4 s3 net: Fix compile warnings 2010-01-19 14:48:34 +01:00
Kai Blin
09bc13728f s3 net/i18n: Use only one spelling for "Usage:" 2010-01-19 10:07:36 +01:00
Kai Blin
28b512f904 s3 net: Fix compile error with WITH_DNS_UPDATES 
bd3c922e2b introduced a compile-time error
when building with WITH_DNS_UPDATES.
 2010-01-19 10:07:35 +01:00
Björn Jacke
bd3c922e2b s3/net: split up some printable stings to ease i18n 
If we put strings like "Usage:" into separate _() macros and not the whole
"Usage:..." string we can cover much more messages by only one single
translation. The drawback is that the message in the sources looks less pretty.
 2010-01-18 23:45:05 +01:00
Volker Lendecke
971f6a4a5b s3: Fix the format string for smbcontrol pool-usage 
With the dot I have seen printf to not print anything
 2010-01-17 23:10:37 +01:00
Jeremy Allison
6653cc4323 Fix bug #7036 - net rpc getsid fails in hardened windows environments. 
Fix suggested by Dave.Daugherty@Centrify.com.
 2010-01-14 15:39:30 -08:00
Volker Lendecke
fd1b6bdef9 s3: Fix some nonempty blank lines 2010-01-10 20:56:16 +01:00
Volker Lendecke
3ea64e0ad8 s3: Replace most calls to sid_append_rid() by sid_compose() 2010-01-10 20:56:16 +01:00
Kai Blin
9a9d737070 s3 net: Add a few missing gettext calls. 
Many many thanks to Adi Roiban from #ubuntu-translators for helping me find
and fix my problems with the translations.
 2010-01-05 09:55:52 +01:00
Volker Lendecke
99f292479f s3: Convert cli_tdis to the async API 2010-01-03 21:14:57 +01:00
Günther Deschner
475d296065 s3-net: use generated krb5.conf in 'net ads testjoin' 
Guenther
 2009-12-23 10:57:22 +01:00
Andrew Bartlett
802e9328ed s3:ntlmssp: only include ntlmssp.h where actually needed 
Andrew Bartlett
 2009-12-22 21:07:53 +01:00
Andrew Bartlett
5b37cd23bf s3:ntlmssp: remove the typedef NTLMSSP_STATE 
Andrew Bartlett
 2009-12-22 21:07:53 +01:00
Günther Deschner
d9f93224bd s3-pdbedit: allow to call "pdbedit -N description -u user" without specifiyng "-r". 
Guenther
 2009-12-16 16:08:48 +01:00
Günther Deschner
c85ed0054e s3: fix net and rpcclient after setprinterdataex changes. 
Guenther
 2009-12-07 14:42:13 +01:00
Michael Adam
6dd60008c4 s3:add split_tokens, a cmdline tool to test next_token_talloc() 
Michael
 2009-12-01 00:55:53 +01:00
Volker Lendecke
6aef5e591f Fix bug 6546: Avoid accessing buf[-1] if NUL byte comes from fgets 2009-11-30 21:48:59 +01:00
Volker Lendecke
36e8d8ed45 s3: Move directory_exist_stat to testparm.c, it only looks at the mode 2009-11-29 11:22:04 +01:00
Volker Lendecke
5915996452 s3: "net_conf_addshare" only looks at the mode 2009-11-29 11:22:03 +01:00
Volker Lendecke
2f2a156c73 s3: "net_usershare_add" only looks at the mode, device and inode 2009-11-29 11:22:03 +01:00
Volker Lendecke
2a7778f7b2 s3: "net_usershare_add" only looks at the device and inode 2009-11-29 11:22:03 +01:00
Volker Lendecke
41b2af34b1 s3: "net_usershare_add" only looks at the mode and uid 2009-11-29 11:22:03 +01:00
Volker Lendecke
36eed01730 s3: "count_num_usershares" only looks at the mode 2009-11-29 11:22:03 +01:00
Volker Lendecke
7c65709887 s3: "info_fn" only looks at the mode and uid 2009-11-29 11:22:03 +01:00
Volker Lendecke
a95404bbae s3: "get_share_list" only looks at the mode and uid 2009-11-29 11:22:03 +01:00
Volker Lendecke
44ce5603dd s3: Pass the "fake dir create times" parameter to sys_*stat 
Step 0 to restore it as a per-share paramter
 2009-11-29 11:22:01 +01:00
Günther Deschner
04f8c229de s3-kerberos: only use krb5 headers where required. 
This seems to be the only way to deal with mixed heimdal/MIT setups during
merged build.

Guenther
 2009-11-27 16:36:00 +01:00
Günther Deschner
3d679a3b5f s3-rpc: Avoid including every pipe's client and server stubs everywhere in samba. 
Guenther
 2009-11-26 20:03:17 +01:00
Günther Deschner
4f89b3993c s3-build: try to fix QNX build ("delay" is defined in lib headers). 
Guenther
 2009-11-25 22:07:23 +01:00
Stefan Metzmacher
14d2ca26b3 s3:dbwrap_torture: use timeval_current/timeval_elapsed instead of start_timer/end_timer 
metze
 2009-11-24 11:47:31 +01:00
Michael Adam
8353d47e9b s3: add dbwrap_torture - a tool to stress test tdb transactions through dbwrap 
This can be used to also test tdb transactions on clustered installations
throught ctdb. The test is modeled after the ctdb_transaction.c test program
from the ctdb source code. It runs transactions in a tight loop on a test
database called "transactions.tdb" (by default), increasing a counter in each
iteration. In a clustered environment, a counter is maintained for each node.

Michael
 2009-11-23 23:51:40 +01:00
Volker Lendecke
579bb30188 s3: Fix bug 6338 -- net rpc trustdom list always display "none" 2009-11-22 22:42:02 +01:00
Volker Lendecke
37e4e387db s3: Convert cli_get_fs_attr_info to the async API 2009-11-21 14:01:56 +01:00
Kai Blin
43ed7a413d ntlm_auth: use data_blob_talloc() to allocate session key 
Thanks to Shibu Piriyath <shibunair80@ymail.com> for spotting the issue.
 2009-11-21 07:29:33 +01:00
Jeremy Allison
5363d6e62c Ensure all callers to the rpc_client/cli_pipe functions correctly 
initialize return variables.
Jeremy.
 2009-11-12 13:56:33 -08:00
Volker Lendecke
b02c46bef9 Revert "s3: Make run_rpc_command take strings instead of a ndr_interface_table" 
This reverts commit 53f2a1595e.
 2009-11-08 19:43:46 +01:00
Volker Lendecke
53f2a1595e s3: Make run_rpc_command take strings instead of a ndr_interface_table 2009-11-08 13:12:15 +01:00
Volker Lendecke
2aa0af9867 s3: get_pipe_name_from_iface -> get_pipe_name_from_syntax 2009-11-07 09:14:15 +01:00
Günther Deschner
60bf0eb607 s3-kerberos: modify cli_krb5_get_ticket to take a new impersonate_princ_s arg. 
Guenther
 2009-11-06 13:31:17 +01:00
Günther Deschner
6ca8a40976 s3-net: better use memory credential cache in net_ads_kerberos_pac(). 
Guenther
 2009-11-06 12:51:29 +01:00
Günther Deschner
58184b5fd4 s3-net: allow to call "net ads kerberos pac <impersonation principal> -P". 
Guenther
 2009-11-06 12:44:45 +01:00
Björn Jacke
0ba004dc7d s3:net: fix output of net rpc trustdom list 
Move some messages from stderr to stdout. When some trusting DCs were
unreachable we lacked \n's on stdout which screwed up whole the output.
 2009-10-28 14:45:49 +01:00
Günther Deschner
96bffa5bbd s3-net: acct_flags are uint32_t in net_sam_set_userflag(). 
Guenther
 2009-10-28 12:37:39 +01:00
Michael Adam
8fdef14305 s3: pdbedit: add option --kickoff-time/-K to set the user's kickoff time 
Use "never" as argument to set this to unlimited.

Michael
 2009-10-27 15:39:09 +01:00
Günther Deschner
8b247f3538 s3-net: fix build warning (missing default in switch). 
Guenther
 2009-10-16 02:04:03 +02:00
Björn Jacke
e33c23dc5c s3:net: simplify padding to single printf call 2009-10-14 00:22:08 +02:00
Björn Jacke
6deb1fcc88 s3:net simplify padding to single printf call 2009-10-14 00:19:35 +02:00
Volker Lendecke
8a27fdea89 s3:net: Fix a segfault in "net rpc trustdom list" for overlong domain names 
That was a complicated way to say "%-20.s"... But that code was from 2002 ...
 2009-10-13 23:09:05 +02:00
Günther Deschner
ebe0e64ba9 s3: use enum netr_SchannelType all over the place. 
Guenther
 2009-10-13 10:21:46 +02:00
Günther Deschner
4a1b50afd5 s3-netlogon: pass down account name to remote password set functions. 
Guenther
 2009-10-13 00:07:45 +02:00
Björn Jacke
faad888e1a ѕ3: fix domain trust documentation confusion 
fix some trusted/trusting mixups, make documentation more precise
and man page more verbose.
 2009-10-12 22:42:27 +02:00
Günther Deschner
55b12d032c s3-net: print error when "net rpc changetrustpw" has failed. 
Guenther
 2009-10-05 13:01:53 +02:00
Günther Deschner
c6a7ecf28b s3-registry: move rpccli_winreg_Connect to the only file it belongs. 
Guenther
 2009-10-01 11:40:31 +02:00
Günther Deschner
ad836c4d48 s3-registry: use pull_reg_sz() where appropriate. 
(and move away from rpcstr_pull and rpcstr_pull_talloc).

Guenther
 2009-10-01 11:40:30 +02:00
Günther Deschner
b0a66496f5 s3: use pull_reg_multi_sz in rpcclient and net. 
Guenther
 2009-09-30 00:31:42 +02:00
Günther Deschner
2c11b73391 s3-registry: use push_reg_sz(). 
Guenther
 2009-09-30 00:29:49 +02:00
Volker Lendecke
0cf317f36f s3: Remove the lua interpreter again 
This was meant to support async winbind. But as the hairy parts of async
winbind (getgrent) are done without it, it can go again.
 2009-09-29 13:51:43 +02:00
Volker Lendecke
30a4695b27 s3:smbstatus: Fix bug 6703, allow smbstatus as non-root 
We only require a ctdb connection when clustering is enabled. This limits the
restriction for only-root smbstatus to the clustering case.
 2009-09-18 18:32:25 +02:00
Volker Lendecke
89e80bfe4f s3:smbstatus: Fix some nonempty blank lines 2009-09-18 18:32:23 +02:00
Kouhei Sutou
f8dae40fc8 spnego: Support ASN.1 BIT STRING and use it in SPNEGO. 
Signed-off-by: Günther Deschner <gd@samba.org>
 2009-09-17 20:10:54 +02:00
Günther Deschner
503d035814 spnego: share spnego_parse. 
Guenther
 2009-09-17 01:12:20 +02:00
Günther Deschner
537ac20a92 s3-eventlogadm: Fix Coverity #938: UNINIT. 
Guenther
 2009-09-16 10:29:43 +02:00
Günther Deschner
d3af0346c8 s3-dcerpc: use dcerpc_AuthLevel and remove duplicate set of flags. 
Guenther
 2009-09-15 17:49:34 +02:00
Günther Deschner
bea8e5fa60 s3-rpc_client: add dcerpc_transport_t to cli_rpc_pipe_open_schannel(). 
Guenther
 2009-09-11 09:59:04 +02:00
Günther Deschner
032e01e7c1 s3-rpc_client: add dcerpc_transport_t to cli_rpc_pipe_open_spnego_ntlmssp and cli_rpc_pipe_open_ntlmssp. 
Guenther
 2009-09-11 09:59:04 +02:00
Günther Deschner
d9bdf2a02f s3-ntlm_auth: fix two segfaults in diagnostics mode. 
Guenther
 2009-09-04 00:04:40 +02:00
Günther Deschner
5268783e5c s3-net: allow to exit "net rpc sh" with "q" as well. 
Guenther
 2009-09-02 23:19:20 +02:00
Olaf Flebbe
5359e397ff make smbcontrol smbd ping work proper checking for arguments handle short pid_t correctly 2009-08-24 16:17:43 +02:00
Kai Blin
49d1eec8ea s3 net: Add getauthuser/setauthuser commands. 
These replace the functionality of wbinfo --get-auth-user/--set-auth-user
 2009-08-18 19:53:38 +02:00
Jeremy Allison
88fd98b7c4 Fix EVERY SINGLE build on the buildfarm that doesn't have 
bindtextdomain or textdomain. C'mon, this is what configure.in
is *FOR*.
Jeremy.
 2009-08-12 17:44:48 -07:00
Michael Adam
a038f1e05b s3:smbcacls: forbid change of debug level from config file 
Michael
 2009-08-12 00:34:33 +02:00
Kai Blin
4f0d93531f s3 net: i18n support for net utility functions 2009-08-11 09:34:25 +02:00
Kai Blin
84a93491b8 s3 net: i18n support for net usershare 2009-08-11 09:34:24 +02:00
Kai Blin
2388b9039d s3 net: i18n support for net user 2009-08-11 09:34:24 +02:00
Kai Blin
a8c8432247 s3 net: i18n support for net time 2009-08-11 09:34:24 +02:00
Kai Blin
5810f7f094 s3 net: i18n support for net status 2009-08-11 09:34:24 +02:00
Kai Blin
7e4bd16c70 s3 net: i18n support for net share 2009-08-11 09:34:24 +02:00
Kai Blin
a0eb906f7e s3 net: i18n support for net sam 2009-08-11 09:34:24 +02:00
Kai Blin
3eeb988248 s3 net: i18n support for net rpc shell 2009-08-11 09:34:24 +02:00
Kai Blin
d8af037aab s3 net: i18n support for net rpc service 2009-08-11 09:34:23 +02:00
Kai Blin
77b96cc0bf s3 net: i18n support for net rpc samsync 2009-08-11 09:34:23 +02:00
Kai Blin
303e49b2f1 s3 net: i18n support for net rpc rights 2009-08-10 19:41:03 +02:00
Kai Blin
e2433b86d2 s3 net: i18n support net rpc registry 2009-08-10 19:40:54 +02:00
Kai Blin
0ef723a682 s3 net: i18n support for net rpc printer 2009-08-10 19:40:43 +02:00
Kai Blin
ef04e4538c s3 net: i18n support for net rpc join 2009-08-10 19:40:32 +02:00
Kai Blin
88af0ec6e4 s3 net: i18n support for net rpc audit 2009-08-07 09:54:52 +02:00
Kai Blin
8dcf3b7062 s3 net: i18n support for net rpc 2009-08-07 09:54:52 +02:00
Kai Blin
7ced58b932 s3 net: i18n support for net registry 2009-08-07 09:54:51 +02:00
Kai Blin
9be14ed78d s3 net: i18n support for net rap 2009-08-07 09:54:51 +02:00
Kai Blin
2f7108bcae s3 net: i18n support for net lua 2009-07-30 12:17:46 +02:00
Kai Blin
a9a52f3b62 s3 net: i18n support for net lookup 2009-07-30 12:10:56 +02:00
Kai Blin
3af57c66b3 s3 net: i18n for net join 2009-07-30 12:07:31 +02:00
Kai Blin
346c5cca44 s3 net: i18n support for net idmap 2009-07-30 12:04:53 +02:00
Kai Blin
a7f6c839ba s3 net: i18n support for net help 2009-07-30 11:32:08 +02:00
Kai Blin
cb55ec6dcb s3 net: Remove uid==0 check from net groupmap 2009-07-30 11:25:37 +02:00
Kai Blin
8e43ea647b s3 net: i18n support for net group and net groupmap 2009-07-30 11:16:32 +02:00
Kai Blin
137a4015f0 s3 net: i18n support for net file 2009-07-30 09:35:42 +02:00
Kai Blin
3a7b04361e s3 net: i18n for net eventlog 2009-07-30 09:14:45 +02:00
Kai Blin
bdb23c73d9 s3 net: i18n support for net dom 2009-07-30 09:10:03 +02:00
Kai Blin
51f9d1ecd5 s3 net: i18n support for net conf 2009-07-30 09:00:31 +02:00
Kai Blin
358a55e50d s3 net: i18n support for net cache 2009-07-29 23:59:39 +02:00
Kai Blin
320a9aff70 s3 net: i18n for net ads gpo 2009-07-29 23:46:09 +02:00
Kai Blin
ceab454bcf s3 net: i18n support for net ads 2009-07-29 23:46:09 +02:00
Kai Blin
d2eb7f8853 s3 net: Initial top level support. 2009-07-29 23:46:09 +02:00
Volker Lendecke
d8543da9da Fix unqualified "net join" 
Kai, please check!

Thanks,

Volker
 2009-07-29 04:32:21 -04:00
Jeremy Allison
5d05d22999 Added prefer_ipv4 bool parameter to resolve_name(). 
W2K3 DC's can have IPv6 addresses but won't serve
krb5/ldap or cldap on those addresses. Make sure when
we're asking for DC's we prefer IPv4.
If you have an IPv6-only network this prioritizing code
will be a no-op. And if you have a mixed network then you
need to prioritize IPv4 due to W2K3 DC's.
Jeremy.
 2009-07-28 11:51:58 -07:00
Kai Blin
67d9130c13 s3: net ads user info should print primary group as well (bug #2658) 
Thanks to Pavel V. Rochnyack <rpv@muma.tusur.ru> for reporting this and
offering an initial patch.
 2009-07-27 20:03:46 +02:00
Volker Lendecke
9ca44867b0 Remove a pointless static fstring 2009-07-25 12:59:21 -04:00
Volker Lendecke
033185e2a1 Make the smbd VFS typesafe 2009-07-24 11:42:05 -04:00
Kai Blin
8f5ef10633 Revert "net: Use samba default command line arguments." 
This reverts commit fb262f79fa
and related commits c36031778e
72fd5fa6bb and
38cd0e086f

This change caused more trouble than it solved. We need to do this differently.
Reverting so we don't accidently release this.
 2009-07-22 13:39:34 +02:00
Bo Yang
20f40d1c50 s3: Fix crsh in net usershare list 
Signed-off-by: Bo Yang <boyang@samba.org>
 2009-07-18 08:18:29 +08:00
Volker Lendecke
8a17cd810f Make gencache more stable 
This provides a compromise between stability and performance: gencache is a
persistent database these days that for performance reasons can not use tdb
transactions for all writes. This patch splits up gencache into gencache.tdb
and gencache_notrans.tdb. gencache_notrans is used with CLEAR_IF_FIRST, writes
to it don't use transactions. By default every 5 minutes and when a program
exits, all entries from _notrans.tdb are transferred to gencache.tdb in one
transaction.
 2009-07-15 10:55:20 +02:00
Volker Lendecke
3edcd55bf1 Remove gencache_init/shutdown 
gencache_get/set/del/iterate call gencache_init() internally anyway. And we've
been very lazy calling gencache_shutdown, so this seems not really required.
 2009-07-15 10:55:20 +02:00
Bo Yang
73e96935c3 s3: fix build of pdbedit and net_sam. Guenther, please check. Signed-off-by: Bo Yang <boyang@samba.org> 2009-07-15 17:05:46 +08:00
Bo Yang
2821f5abf5 s3: Fix double free in net usershare. 
Signed-off-by: Bo Yang <boyang@samba.org>
 2009-07-15 17:05:46 +08:00
Stefan Metzmacher
8646b9521d s3:net: Fix Bug #6222. Default to DRSUAPI replication for net rpc vampire keytab 
metze

Signed-off-by: Günther Deschner <gd@samba.org>
 2009-07-13 16:52:12 +02:00
Volker Lendecke
c624a704be Make escape_ldap_string take a talloc context 2009-07-09 22:25:29 +02:00
Tim Prouty
3a7d372e2e s3: Change the share_mode_lock struct to store a base_name and stream_name 2009-07-08 21:36:04 -07:00
Volker Lendecke
711544d494 Turn the pdb_rid_algorithm into a capabilities call that returns flags 2009-06-28 22:13:50 +02:00
Jeremy Allison
d9eb1d9764 Fix coverity #900. Resource leak. 
Jeremy.
 2009-06-19 16:44:15 -07:00
Jeremy Allison
f262f80a1c Fix coverity #920. Possible NULL deref. 
Jeremy.
 2009-06-19 15:29:35 -07:00
Jim McDonough
7930f15f5d Don't require "Modify property" perms to unjoin bug #6481) 
"net ads leave" stopped working when "modify properties"
permissions were not granted (meaning you had to be allowed
to disable the account that you were about to delete).

Libnetapi should not delete machine accounts, as this does not
happen on win32.  The WKSSVC_JOIN_FLAGS_ACCOUNT_DELETE flag
really means "disable" (both in practice and docs).

However, to keep the functionality in "net ads leave", we
will still try to do the delete.  If this fails, we try
to do the disable.

Additionally, it is possible in windows to not disable or
delete the account, but just tell the local machine that it
is no longer in the account.  libnet can now do this as well.
 2009-06-19 13:46:07 -04:00
David Markey
86450bd59c s3-net: Fix Bug #6328: support "net sam rights grant/revoke" with multiple rights. 
David

Signed-off-by: Günther Deschner <gd@samba.org>
 2009-06-17 18:42:34 +02:00
Günther Deschner
5a8483ea74 s3-net: Fix Bug #6328: allow multiple rights in "net sam rights grant". 
Guenther
 2009-06-17 12:40:28 +02:00
Kai Blin
38cd0e086f net: Only use the in memory ccache when not already using a kerberos ticket in net ads 2009-06-09 18:09:18 +02:00
Günther Deschner
72fd5fa6bb s3-net: fix "net ads testjoin". 
This always needs to use machine account credentials.

Kai, please check.

Guenther
 2009-06-09 15:41:44 +02:00
Volker Lendecke
6545e9e2ac Make "net sam [add|del]mem" work for domain groups 2009-06-09 15:25:15 +02:00
Volker Lendecke
7e14700016 Implement "net sam deletedomaingroup" 2009-06-09 14:49:33 +02:00
Volker Lendecke
890fbf2e30 Make "net ads listmem" also work for domain groups 2009-06-08 23:59:12 +02:00
Volker Lendecke
a51e6ce43c Pass a talloc_ctx to pdb_enum_aliasmem 2009-06-08 21:14:10 +02:00
Volker Lendecke
b5ac1068d1 Further fix for 6449 
Thanks to TAKAHASHI Motonobu <monyo@samba.gr.jp> for reporting!
 2009-06-08 10:08:33 +02:00
Volker Lendecke
054ef88b03 Fix a valgrind error in "net rap user add" 2009-06-08 09:53:20 +02:00
Volker Lendecke
bb4cffbd97 Fix bug 6449 
Thanks to TAKAHASHI Motonobu <monyo@samba.gr.jp> for reporting!
 2009-06-08 09:53:20 +02:00
Volker Lendecke
4de4c0318d Add "net sam createdomaingroup" 2009-06-07 23:14:40 +02:00
Volker Lendecke
53f007193f Fix a couple of warnings in log2pcaphex.c 2009-06-05 10:12:11 +02:00