IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
We have 3 different types of flags values in our NDR layer. We've
recently found bugs where these types of flags have been mixed up,
especially by people adding hand written ndr code for tricky
structures. We previously got away with this because (for example)
NDR_SCALARS and NDR_IN had the same value, so mixing up the two
concepts sometimes worked. Unfortunately it also led to bugs where we
didn't do what was expected, such as in our smbtorture ndr test suite,
where passing a ndr_flags value of zero led to only checking that two
empty structures were equal.
This changes the values of the NDR_IN|NDR_OUT and
NDR_SCALARS|NDR_BUFFERS values to be in different bit ranges, and adds
macros for checking the validity of passed in flags. A followup patch
modifies the ndr calls to use these macros, and pidl to generate
them. This should catch misuse of the APIs.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
the two types of ndr flags were being mixed up, so NDR_BUFFERS was
being interpreted as LIBNDR_FLAG_NOALIGN
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
This fixes WinXP joining a Samba3 domain, which was broken on hosts
with an even number of characters in the host name. The alignment
requested in the structure was ignored because of the overall
NDR_NOALIGN set on the packet.
Andrew Bartlett
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Thu Jul 28 00:30:26 CEST 2011 on sn-devel-104
Instead, we base our guest calculations on the presence or absense of the
authenticated users group in the token, ensuring that we have only
one canonical source of this important piece of authorization data
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
This makes auth3_session_info identical to auth_session_info
The logic to convert the info3 to a struct auth_user_info is
essentially moved up the stack from the named pipe proxy in
source3/rpc_server to create_local_token().
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
We need to use this, and not utf8string because we need to
transport NULL pointers correctly.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
This will allow a transformation of auth3_session_info into
auth_session_info by substitution.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
As discussed in 'CH_DISPLAY and gettext' on the samba-technical list:
http://lists.samba.org/archive/samba-technical/2011-June/078190.html
Setting this to a value other than 'unix charset' does not make sense,
as any system where the filesytem charset does not equal the terminal
charset will already have problems with programs as simple as 'ls'.
It also means that our output could not be pasted as our input in
interactive programs or onto our command line, as we never did
translate in the DISPLAY -> UNIX direction.
The d_printf() calls are retained in case we need to revisit this, and
to support display_set_stderr().
Andrew Bartlett
The two error tables need to be combined, but for now seperate the names.
(As the common parts of the tree now use the _common function,
errmap_unix.c must be included in the s3 autoconf build).
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Mon Jun 20 08:12:03 CEST 2011 on sn-devel-104
This is better than doing a strlen() on the string, as that huristic
only worked for ASCII strings.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Wed Jun 1 01:42:22 CEST 2011 on sn-devel-104
Introduce a new flag, LIBNDR_FLAG_STR_RAW8, which indicates that libndr
should not attempt to convert the corresponding byte sequence, and place
the responsibility on the caller to do so later.
This is needed in cases where the string is known to be 8-bit and either
NULL terminated or of known length, but in an unspecified character set.
For example, when pulling PT_STRING8 properties from an exchange server
via libmapi + libndr, the codepage is neither known nor in the control
of the caller, and is determined by subsequent properties requested from
the server. Therefore the client would like to fetch all properties in
one large batch, and convert the resulting strings locally.
This commit also includes some (basic) tests of each of the flags'
respective behaviors with the ndr push/pull string functions, in a new
source4 torture test suite ndr.ndr_string.
Signed-off-by: Sean Finney <seanius@seanius.net>
Reduce the amount of duplicate code in ndr_pull_string by moving the
almost duplicate conversion calls and their corresponding NDR pulls and
checks to a single location. In the place of the removed calls is logic
allowing the conversion to be generalized, and and any specific
pulls/checks that do not apply to the general case.
This is similar to what has already been done in the switch statement
for ndr_push_string.
Signed-off-by: Sean Finney <seanius@seanius.net>
This changes auth_session_info_transport to just be a wrapper, rather
than a copy that has to be kept in sync.
As auth_session_info was already wrapped in python, this required
changes to the existing pyauth wrapper and it's users.
Andrew Bartlett
Makes these interfaces much harder to misuse and easier to ensure error
checking.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Mar 30 23:59:37 CEST 2011 on sn-devel-104
Turns out one of the *really* significant differences between
convert_string() in source4 and source3, is that the one in
source3 will return 0 for byte length converted when called
with dest_len = 0 whereas the one in source4 returns (size_t)-1
and sets errno to E2BIG.
Allow the ndr_string code to cope with the (arguably correct)
way that the source4 implementation works. This code only gets
excercised in the print spooler tests, which aren't run in source4,
which is why this bug has lasted for so long.
You don't want to know how long it took me to find this :-).
Jeremy.
we shouldn't accept bad multi-byte strings, it just hides problems
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Thu Mar 24 01:47:26 CET 2011 on sn-devel-104
This has 8 byte alignment, which is what was specified in pidl for
these types.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Wed Mar 9 09:03:09 CET 2011 on sn-devel-104
This is not strictly needed, but it's good to have the logic
in common with the other Enum* calls.
This also allows us to play with the NDR_RELATIVE_REVERSE flag.
metze
These are mapped to uint64_t, which should be big enough. This is
proposed to be used for internal Samba representations, where it would
be more painful to convert all the callers to an uint64_t calling
convention.
Andrew Bartlett
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Thu Feb 24 02:42:37 CET 2011 on sn-devel-104
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Fri Feb 11 01:45:55 CET 2011 on sn-devel-104
This changes the structure being used to convey the current user state
from the netlogon-derived 'netr_SamInfo3' structure to a purpose-built
structure that matches the internals of the Samba auth subsystem and
contains the final group list, as well as the final privilege set and
session key.
These previously had to be re-created on the server side of the pipe
each time.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
This is not only a useful way to encode stuff, it also allows python
to handle the structures, and natrually allows them to be NDR encoded.
Andrew Bartlett
These will be use for "net rpc vampire passwd" in source3.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Wed Jan 12 19:51:53 CET 2011 on sn-devel-104
based on new WSPP docs from Bryan Burgin
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Wed Dec 22 04:45:46 CET 2010 on sn-devel-104
all names are NUL terminated, but may have additional padding as well
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Tue Dec 21 03:26:26 CET 2010 on sn-devel-104
This allows parsing and construction of the supplementatlCredentials
attribute in python.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Fri Dec 10 19:08:33 CET 2010 on sn-devel-104
We now no longer print tickets with a potentially infinite life, and
we report the same life over LSA as we use in the KDC. We should get
this from group policy, but for now it's parametric smb.conf options.
Andrew Bartlett
this is only set when rpath is used on install. It ensures that
applications that link against Samba libraries get the rpath right
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Wed Dec 8 12:46:00 CET 2010 on sn-devel-104
