1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
Commit Graph

21152 Commits

Author SHA1 Message Date
Andrew Tridgell
4694b4677a s4-dsdb: added dsdb_modify_permissive()
This will be used in the drsuapi server
2010-02-15 18:58:40 +11:00
Matthias Dieter Wallnöfer
05b6e3f4f4 s4:dcesrv_lsa.c - remove a superfluous empty line
One empty line is enough for code part divisions.
2010-02-14 10:48:13 +01:00
Andrew Tridgell
eb5fc899b0 s4-rpcserver: teach the rpc server to cope with bad sig_size estimates 2010-02-14 18:44:21 +11:00
Andrew Tridgell
259129e8f4 a4-dcerpc: another attempt at dcerpc auth padding
The last change broke net vampire against w2k8r2
2010-02-14 18:44:21 +11:00
Andrew Tridgell
282cc79454 s4-ldb: use TYPESAFE_QSORT() in the rest of the ldb code 2010-02-14 18:44:20 +11:00
Matthias Dieter Wallnöfer
0c39fbc94e s4:loadparm.c - prevent memory leaks
If a "logfile" was already set, free the content up before setting a new
location. This can happen on a loadparm reload.
2010-02-13 20:05:22 +01:00
Matthias Dieter Wallnöfer
195bda569e s4:loadparm.c - the logfile parameter value needs to be duplicated
Otherwise the "logfile" pointer tracks all changes of "pszParmValue" which
content is only temporal. This was the cause of bug #6212.
2010-02-13 19:41:43 +01:00
Matthias Dieter Wallnöfer
3598409951 s4:popt_common.c - fix intendation 2010-02-13 19:19:02 +01:00
Matthias Dieter Wallnöfer
415c615dbf s4:util.c - Corrected the location of the "Directory Service" object
I wonder why nobody noticed this since for sure this "tombstone" functionality
was broken till now.
2010-02-13 18:24:45 +01:00
Matthias Dieter Wallnöfer
eed65ed337 s4:server.c - use always "return" instead of "exit" in the "binary_smbd_main" function
Just to be consistent - no functional change
2010-02-13 18:24:07 +01:00
Kai Blin
b99d9f86e4 libwbclient: Separate out the async functions 2010-02-13 14:30:36 +01:00
Andrew Tridgell
f69135e0e9 s4-smbd: fix crash in notify code on client termination
We need to free the lp_ctx after we free the event context, otherwise
the teardown code in the notify backend dies when it tries to use the
iconv_convenience ptr

Fixes bug 7053
2010-02-13 23:12:29 +11:00
Andrew Tridgell
da86f08605 s4-rpc: be more careful about DCERPC auth padding
Cope with a wider range of auth padding in dcerpc bind_ack and
alter_context packets. We now use a helper function that calculates
the right auth padding.
2010-02-13 23:12:29 +11:00
Andrew Tridgell
3ae75a4248 s4: use LDB_TYPESAFE_QSORT() instead of ldb_qsort() 2010-02-13 22:36:12 +11:00
Andrew Tridgell
46dfa9dfbd s4-ldb: added LDB_TYPESAFE_QSORT()
Like TYPESAFE_QSORT() but for the ldb_qsort() function
2010-02-13 22:36:12 +11:00
Andrew Tridgell
1da87fc988 s4-wrepl: use TYPESAFE_QSORT() in wins repl code 2010-02-13 22:36:12 +11:00
Andrew Tridgell
700f464951 s4-torture: use TYPESAFE_QSORT() in smbtorture 2010-02-13 22:36:12 +11:00
Andrew Tridgell
f954f522a4 s4-rpcserver: use TYPESAFE_QSORT() in rpc servers 2010-02-13 22:36:12 +11:00
Andrew Tridgell
e5c83e1adb s4-ntvfs: use TYPESAFE_QSORT() in notify code 2010-02-13 22:36:12 +11:00
Andrew Tridgell
828b5cd451 s4-socket: use TYPESAFE_QSORT() in netif code 2010-02-13 22:36:12 +11:00
Andrew Tridgell
0f50f4440d s4-auth: use TYPESAFE_QSORT() in gensec 2010-02-13 22:36:12 +11:00
Andrew Tridgell
5549190b37 s4-dsdb: use TYPESAFE_QSORT() in dsdb code 2010-02-13 22:36:12 +11:00
Simo Sorce
30797cec7d s4:kdc Fill in created_by principal field 2010-02-12 16:39:33 -05:00
Simo Sorce
2e2b7e8259 s4:kdc Fix double free and uninitialized memory.
In samba_kdc_trust_message2entry() on error, hdb_free_entry()
may end up trying to access uninitialized memory or double
free the hdb_entry.
2010-02-12 16:39:26 -05:00
Matthias Dieter Wallnöfer
d5af819b1a s4:auth/credentials/credentials.c - Initialise the "lm_response" and "nt_response" structures
In some cases those structures are not initialised and the whole authentication
system crashes with a SIGSEGV. Bug discovered by Matthieu Patou in bug #6755.
2010-02-12 15:04:07 +01:00
Matthias Dieter Wallnöfer
de555895e5 s4:getopt.py - set the password callback only when no password has been provided
Previously the "no_pass" and "no_pass2" variables weren't handled correctly.
Since at the initialisation of the "CredentialsOptions" we don't have any
password at all. Only afterwards we could get one through "set_password".

If a password is specified, use it. If no password is specified, consider the
use fo an input mask on STDOUT. But if the loadparm context contains one prefer
it over the input.
2010-02-12 15:04:07 +01:00
Stefan Metzmacher
e82ac8655e s4:net_drs_bind: make some more stuff static
metze
2010-02-12 12:58:47 +01:00
Stefan Metzmacher
eee98110b3 s4:net/drs: use the full path to "utils/net/drs/net_drs*.h"
This fixes the build with automatic dependecies.

metze
2010-02-12 12:58:34 +01:00
Kai Blin
ea055e8c79 s4: Switch to S3-style id mapping data types. 2010-02-11 23:56:35 +01:00
Kai Blin
86d70ae944 s4 idmap: Make the sid_to_xid and xid_to_sid calls static.
Looking at the winbind interface, we should only be using the bulk conversion calls.
2010-02-11 23:56:35 +01:00
Matthias Dieter Wallnöfer
14c4c2c735 ldb_match - Ignore ":dn" part of extended matches for now
It's not fully clear what this ":dn" part means for us. What we know is that
older AD implementations (Windows Server 2000, 2003) need it to have extended
matches working in the expected way.

To be able to interoperate with s3's winbind and other tools I and gd decided
to transform this into a warning until we know what to do.

This should fix bug #6511.
2010-02-11 15:51:56 +01:00
Andrew Tridgell
45defdb90c s4-provision: import the R2 functional level
this makes it easier to modify the script to set us at R2 level in
provision. We should make this a parameter.
2010-02-12 01:08:12 +11:00
Andrew Tridgell
960fab4bba s4-build: avoid finding python symlinks
emacs creates symlinks to .py files while you are editing them. This
could cause build failures.
2010-02-12 01:08:12 +11:00
Andrew Tridgell
4aaa7fe43b s4-provision: fixed --function-level option to provision
we need the DS_DOMAIN_* levels imported
2010-02-12 01:08:11 +11:00
Andrew Tridgell
802f6b71dd s4-script: make enablerecyclebin use system_session
This allows it to work against our local ldb
2010-02-12 01:08:11 +11:00
Andrew Tridgell
9ba0d105cc s4-pyldb: null terminate string ldb message elements from python
We need to eventually get rid of ldb_msg_find_attr_as_string() (or add
a mem_ctx to it), but meanwhile we have too many places that break if
we don't add a nul to the end of ldb msg strings from python.
2010-02-12 01:08:11 +11:00
Andrew Tridgell
f78a534dd2 s4-net-drs: fix some coding style issues
We should use the system/*.h headers for system includes. We also try
to avoid C++ comments.

Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-02-11 21:59:40 +11:00
Kamen Mazdrashki
976201d24a s4/net_drs: 'net drs kcc' command implementation
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-02-11 21:59:39 +11:00
Kamen Mazdrashki
fedc1152b5 s4/net_drs: 'net drs bind' command implementation
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-02-11 21:59:38 +11:00
Kamen Mazdrashki
61246da63c s4/net_drs: 'net drs' utility initial creation
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-02-11 21:59:38 +11:00
Matthieu Patou
a4d0563392 provision: Use short name for assignee of ACE (BA, SA, CO, ...)
Use short name (shortcut for wellknown SID/RID) for assignee in each entry of ACL (when possible)
  of sysvol files (GPO objects and netlogon folders).
  This avoid error prone substitution of DOMAINSID in ACL and make ACL clearer by using shortname
  for assignee accordingly with SDDL synthax rules. Translation to real SID is handled internaly by the
  from_sddl function.

Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
2010-02-11 11:47:04 +01:00
Matthieu Patou
bcba41c351 python-s4: use secrets.ldb instead of sam.ldb for reading domain SID
This allow to be able to run net acl set xxx yyy on DC, but also on domain
  member.

Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
2010-02-11 11:47:04 +01:00
Matthieu Patou
d1c2923151 provision: Fix an error with eadb when using not default install dir and running as a non root user
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
2010-02-11 11:47:04 +01:00
Andrew Tridgell
2cf97c403f s4-dns: don't leave behind a tmp file
If the dns update file doesn't need updating we need to delete the tmp
file
2010-02-11 21:04:16 +11:00
Andrew Tridgell
89b6a80e72 s4-dns: added a dns update task
This task watches for changes in the list of DCs, and creates a bind9
formatted file that grants update permission to all DCs, plus to the
administration, and machines update for their own names.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-02-11 21:04:14 +11:00
Andrew Tridgell
6bfb216293 s4-provision: cope with umask in creating private/dns 2010-02-11 21:04:14 +11:00
Andrew Tridgell
c986bfb22e s4-provision: pre-create a named.conf.update file
The named.conf.update file will be filled in at runtime by Samba to 
contain the list of bind9 grant rules for granting DNS dynamic update
permissions on the domain.
2010-02-11 21:04:12 +11:00
Andrew Tridgell
5a72eca574 s4-provision: move zone file to dns subdirectory
This allows the permissions to be correctly set for bind to write to
a journal file. It also sets the right group ownership and permissions
on the files that bind needs to access.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-02-11 21:04:11 +11:00
Andrew Bartlett
5a2ff4d16f s4:provision Be more polite to long-suffering Samba testers.
Our testers put up with a lot of odd things when testing out Samba4.

Andrew Bartlett
2010-02-11 17:16:55 +11:00
Andrew Tridgell
91cb7b7c60 test:local added LOCAL-DLINKLIST testsuite
(cherry picked from commit 95a5bee2c30a67a35604b0456ab7836f6dc67702)
2010-02-10 15:55:34 -08:00