1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-25 23:21:54 +03:00
Commit Graph

3816 Commits

Author SHA1 Message Date
Andreas Schneider
f70c56b747 s3-net: Check return value of string_to_sid().
Found by Coverity.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2012-12-12 09:42:32 +01:00
Andreas Schneider
de1288e13e smbget: Use new samba_getpass() function.
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
2012-12-03 14:35:10 +01:00
Andreas Schneider
353e83e4ee util: Use new samba_getpass() function for passwd util.
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
2012-12-03 14:35:10 +01:00
Andreas Schneider
7f4af3d1fb ntlm_auth: Use new samba_getpass() function.
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
2012-12-03 14:35:09 +01:00
Andreas Schneider
270d721d36 net: Use samba_getpass() function in net util.
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
2012-12-03 14:35:09 +01:00
Andreas Schneider
0d5f5424b4 net: Use new samba_getpass() function for 'net rpc'.
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
2012-12-03 14:35:09 +01:00
Andreas Schneider
bed60120d4 net: Use new samba_getpass() function for 'net ads'.
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
2012-12-03 14:35:09 +01:00
Stefan Metzmacher
0e2e3ff5e8 s3:smbcacls: add --query-security-info and --set-security-info options
This allows the caller to specify the security_information flags.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2012-12-02 23:08:23 +01:00
Stefan Metzmacher
3101fcccff s3:util: fix usage of popt_burn_cmdline_password()
We should only call popt_burn_cmdline_password() after poptFreeContext(),
otherwise we remove the password to early.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2012-11-30 11:50:03 +01:00
Andreas Schneider
50d47fc081 s3fs-client: Burn commandline password of client utils.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Nov  8 21:24:21 CET 2012 on sn-devel-104
2012-11-08 21:24:21 +01:00
Christian Ambach
157de6c987 s3:utils fix a whitespace error 2012-11-05 19:02:51 +01:00
Andreas Schneider
39e58d6845 s3fs-utils: Free the popt context in smbcacls and smbquotas.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Oct 30 20:22:46 CET 2012 on sn-devel-104
2012-10-30 20:22:46 +01:00
Andreas Schneider
aca807c94c s3fs-net: Use talloc for memory allocation.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed by: Jeremy Allison <jra@samba.org>
2012-10-30 18:40:08 +01:00
Andreas Schneider
669a9236c3 BUG 9326: Fix net ads join message for the dns domain.
We don't get a realm back from the server which is useable as a realm on
Unix. On Unix they are case sensitive and on Windows they aren't. This
confuses uses and if we write realm they try to use it as it came back
in lowercase.

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Günther Deschner <gd@samba.org>

Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Mon Oct 29 18:26:19 CET 2012 on sn-devel-104
2012-10-29 18:26:19 +01:00
Andreas Schneider
281c62b330 ntlm_auth: Increase debug level if we use config domain name.
If an application like evolution-ews is using ntlm_auth it will alwys
get this message cause the is no winbind running and it is not needed.

Reviewed-by: Simo Sorce <idra@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Oct 26 20:13:45 CEST 2012 on sn-devel-104
2012-10-26 20:13:45 +02:00
Stefan Metzmacher
4a7a8ecb0b s3:utils/net: remove unused "net connections"
The connections.tdb will go away.

metze

Signed-off-by: Michael Adam <obnox@samba.org>
2012-10-19 12:15:01 +02:00
Gregor Beck
5a4ffb20ff s3:net_serverid: remove connections_forall from "net serverid wipedbs"
This tdb will go away.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
2012-10-19 12:15:01 +02:00
Gregor Beck
2f2cb2f689 s3:net_serverid: remove sessionid_traverse from "net serverid wipedbs"
This tdb will go away.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
2012-10-19 12:15:01 +02:00
Gregor Beck
77f99ece48 s3:net_status_shares: use connections_forall_read for a read only traversal
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
2012-10-19 12:14:59 +02:00
Gregor Beck
b237bbc0d1 s3:smbcontrol: don't do stack_trace by connection but by server_id.
Inparticular use serverid_traverse_read instead of connections_foralli
to enumerate processes.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
2012-10-19 12:14:59 +02:00
Günther Deschner
7751d03a1e s3-net: Fix DEBUG() location.
Guenther

Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Tue Oct  2 18:06:17 CEST 2012 on sn-devel-104
2012-10-02 18:06:17 +02:00
Günther Deschner
0eded14f19 s3-net: give more control how to update/register DNS entries.
Guenther
2012-10-02 16:22:31 +02:00
Günther Deschner
ec23d0a3ee s3-net: pass down a flags field to DoDNSUpdate().
Guenther
2012-10-02 16:22:31 +02:00
Günther Deschner
5d4247ae74 s3-net: move out some prototypes to net_dns.h.
Guenther
2012-10-02 16:22:31 +02:00
Günther Deschner
a2fec69b09 s3-net: pass down struct net_context to the dns update calls.
Guenther
2012-10-02 16:22:31 +02:00
Jeremy Allison
07b918ade8 s3: Fix bug 8966, Fix net rpc share allowedusers to work with 2008r2
The RAP NetShareEnum command was removed in 2008r2, so use the RPC
equivalent instead.

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Oct  1 07:59:34 CEST 2012 on sn-devel-104
2012-10-01 07:59:34 +02:00
Christian Ambach
f480b44430 s3:utils/net fix a compiler warning
ret might be used uninitialized in out-of-memory condition
2012-09-22 02:45:50 +02:00
Michele Baldessari
da731c1c58 Call TALLOC_FREE() before we return otherwise we will never free sam_account
Signed-off-by: Jeremy Allison <jra@samba.org>
2012-09-10 14:48:00 -07:00
Alexander Bokovoy
140bb288be s3-smbldap: use smbldap_ prefixed functions 2012-09-07 12:31:42 +02:00
Andrew Bartlett
f453117569 s3-printing: Restrict printing=cups to systems with cups development headers at build time
This means that instead of failing due to the default commandline values not being quite correct
that we clearly fail at loadparm and testparm time when parsing the printing= line.

Andrew Bartlett
2012-09-06 11:16:11 +10:00
Andrew Bartlett
08baa11ab8 fix printf warning in net connections 2012-08-16 07:48:06 +10:00
Gregor Beck
31980cf5cb s3:utils: remove standalone cclean tool
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2012-08-16 06:57:08 +10:00
Gregor Beck
1c2bae062d s3:net add command "connections cleanup"
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2012-08-16 06:56:51 +10:00
Jeremy Allison
b70f23c2b5 Correctly check for errors in strlower_m() returns. 2012-08-09 12:08:18 -07:00
Jeremy Allison
526e875cec Check error returns from strupper_m() (in all reasonable places). 2012-08-09 12:06:54 -07:00
Stefan Metzmacher
0068a9fd93 s3:utils/net_rpc*: make use of cli_get_session_key()
metze
2012-08-01 14:17:15 +02:00
Andrew Bartlett
0e1814c6f6 s3-utils: Add cast to fix error found by -Werror=format
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Jul 30 11:51:02 CEST 2012 on sn-devel-104
2012-07-30 11:51:02 +02:00
Andrew Bartlett
dc00df2add lib/param: Rename "socket address" to "nbt client socket address" to clarify role
This parameter is only used in our NBT client code and in nmbd as a
fallback when we fail to select a better interface from "interfaces"
to use directly.

Andrew Bartlett

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jul 27 12:16:25 CEST 2012 on sn-devel-104
2012-07-27 12:16:25 +02:00
Andrew Bartlett
f3562424b6 lib/param: Move all enum declarations to lib/param
This is in preperation for the parameter table being made common.

Andrew Bartlett

Pair-Programmed-With: Andrew Tridgell <tridge@samba.org>
2012-07-24 11:01:17 +02:00
Jeremy Allison
e8dbf2889f Move everything to use the common pidfile functions.
The extra code in source3/lib/pidfile.c is no longer needed.
2012-07-19 16:36:18 -07:00
Jeremy Allison
2922fdaaf0 Move source4/smbd/pidfile into lib/util in preparation for making it in common. 2012-07-19 15:41:52 -07:00
Andrew Bartlett
cf9bd1d9ed s3-param: Make lp_name_resolve_order() return a list
This allows this parameter, one of the few with differing declarations
between the loadparm systems, to be brought into common.

Andrew Bartlett

Pair-Programmed-With: Andrew Tridgell <tridge@samba.org>
2012-07-19 08:02:32 +02:00
Christian Ambach
a01a93a1f1 s3:smbstatus add --fast option
this option skips all checks if the process for the record is still there
using it gives a huge performance benefit on busy systems and clusters while
it might display stale data if a smbd crashed
2012-07-18 15:49:52 +02:00
Christian Ambach
07412b56bd s3:smbstatus don't check if process exists twice
is_valid_share_mode_entry() already calls serverid_exists which calls process_exists()
2012-07-18 15:49:52 +02:00
Christian Ambach
3643262126 s3:smbstatus rename a function to make its purpose more clear
traverse_fn1 does not really intuitively make clear that it is used to traverse connections
2012-07-18 15:49:51 +02:00
Christian Ambach
31f0d304f1 s3:smbstatus fix a compiler warning
about comparison of signed with unsigned
2012-07-18 15:49:51 +02:00
Rusty Russell
fe72740e82 loadparm: make the source3/ lp_ functions take an explicit TALLOC_CTX *.
They use talloc_tos() internally: hoist that up to the callers, some
of whom don't want to us talloc_tos().

A simple patch, but hits a lot of files.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18 15:07:23 +09:30
Rusty Russell
c809eec53f source3/utils/net_conf.c: fix stackframe leak
net_conf_wrap_function() doesn't free its stackframe.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18 05:09:31 +09:30
Rusty Russell
634a63d934 smbpasswd: always free frame.
We're about to exit, so it doesn't really matter, but might as well
unify the paths.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18 04:58:31 +09:30
Michael Adam
1ee95e4cb1 s3: rename sid_check_is_in_our_domain() to sid_check_is_in_our_sam()
This does not check whether the given sid is in our domain, but
but whether it belongs to the local sam, which is a different
thing on a domain member server.

Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Thu Jul 12 18:36:02 CEST 2012 on sn-devel-104
2012-07-12 18:36:02 +02:00
Christof Schmitt
7285ed586f auth: Common function for retrieving PAC_LOGIN_INFO from PAC
Several functions use the same logic as kerberos_pac_logon_info. Move
kerberos_pac_logon_info to common code and reuse it to remove the code
duplication.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2012-07-06 20:45:51 +10:00
Andrew Bartlett
eba8799514 auth: Remove .get_challenge (only used for security=server)
With NTLMSSP, for NTLM2 we need to be able to set the effective challenge,
so if we ever did use a module that needed this functionlity, we would
downgrade to just NTLM.

Now that security=server has been removed, we have no such module.

This will make it easier to make the auth subsystem async, as we will
not need to consider making .get_challenge async.

Andrew Bartlett
2012-07-03 08:13:01 +10:00
Gregor Beck
ec737d9604 s3:cclean avoid segfault in case of ctdb missbehaviour
Signed-off-by: Michael Adam <obnox@samba.org>

Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Fri Jun 29 17:06:05 CEST 2012 on sn-devel-104
2012-06-29 17:06:05 +02:00
Gregor Beck
fef41956b9 s3:cclean: fix memory allocation
Signed-off-by: Michael Adam <obnox@samba.org>
2012-06-29 15:21:23 +02:00
Andrew Bartlett
666dba3353 s3-param: Rename loadparm_s3_context -> loadparm_s3_helpers
This helps clarify the role of this structure and wrapper function.

The purpose here is to provide helper functions to the lib/param
loadparm_context that point back at the s3 lp_ functions.  This allows
a struct loadparm_context to be passed to any point in the code, and
always refer to the correct loadparm system.  If this has not been
set, the variables loaded in the lib/param code will be returned.

As requested by Michael Adam.

Andrew Bartlett

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Jun 27 17:11:16 CEST 2012 on sn-devel-104
2012-06-27 17:11:16 +02:00
Gregor Beck
c4be17f804 s3: add a tool "cclean" to cleanup orphaned entries from connections.tdb
Signed-off-by: Michael Adam <obnox@samba.org>
2012-06-27 08:18:18 +02:00
Michael Adam
ac4899eaa1 s3:net registry import: implement dry-run with "--test"
Pair-Programmed-With: Gregor Beck <gbeck@sernet.de>

Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Tue Jun 26 21:43:49 CEST 2012 on sn-devel-104
2012-06-26 21:43:49 +02:00
Michael Adam
3705119bb0 s3:net registry import: add an assert
Pair-Programmed-With: Gergor Beck <gbeck@sernet.de>
2012-06-26 19:57:19 +02:00
Michael Adam
8bf08505c1 s3:net registry import: reduce indentation
Pair-Programmed-With: Gregor Beck <gbeck@sernet.de>
2012-06-26 19:57:19 +02:00
Michael Adam
d5ab3282e4 s3:net registry import: fix the return code when transaction commit fails
Pair-Programmed-With: Gregor Beck <gbeck@sernet.de>
2012-06-26 19:57:19 +02:00
Michael Adam
a3ed47a09b s3:net registry import: improve regdb_open/close layering
Pair-Programmed-With: Gregor Beck <gbeck@sernet.de>
2012-06-26 19:57:19 +02:00
Michael Adam
c55a6dae65 s3:net registry import: untangle nested function calls 2012-06-26 19:57:19 +02:00
Michael Adam
20e5e8ef26 s3:net registry import: reduce indentation and untangle assignment from check
in import_with_precheck_action().
2012-06-26 19:57:19 +02:00
Michael Adam
f9ff84b0b4 s3:net registry import: move precheck-and-import code to its own function
This is the code that is executed in a registry transaction.
The purpose of the refactoring is to be able to simplify and
untangle the code structure in the sequel.
2012-06-26 19:57:19 +02:00
Gregor Beck
e28b4b10a6 s3:net registry: fix violation of coding conventions
Signed-off-by: Michael Adam <obnox@samba.org>
2012-06-26 19:57:19 +02:00
Gregor Beck
0fb847b738 s3:net registry import: add option --precheck
Signed-off-by: Michael Adam <obnox@samba.org>
2012-06-26 19:57:19 +02:00
Gregor Beck
69add7e4fd s3:net registry import: check return values + codecleanup
Signed-off-by: Michael Adam <obnox@samba.org>
2012-06-26 19:57:18 +02:00
Gregor Beck
cc052d0c77 s3:net registry: fix output of dwords with sign bit set
Signed-off-by: Michael Adam <obnox@samba.org>
2012-06-26 19:57:18 +02:00
Michael Adam
73b200064f s3:util: rename procid_equal() to serverid_equal()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-06-21 08:27:32 +02:00
Michael Adam
1eacf3a66f s3:smbstatus: use procid_equal() instead of equivalent cluster_id_equal()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-06-21 08:27:31 +02:00
Jeremy Allison
737acc7807 Fix warning: variable ‘status’ set but not used. 2012-06-19 10:27:23 -07:00
Volker Lendecke
1d9ff7d3bc dbwrap: dbwrap_trans_store_uint32->dbwrap_trans_store_uint32_bystring
Signed-off-by: Michael Adam <obnox@samba.org>

Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Fri Jun 15 14:20:04 CEST 2012 on sn-devel-104
2012-06-15 14:19:57 +02:00
Volker Lendecke
64fec465c1 dbwrap: dbwrap_trans_store_int32->dbwrap_trans_store_int32_bystring
Signed-off-by: Michael Adam <obnox@samba.org>
2012-06-15 12:14:29 +02:00
Volker Lendecke
8f94ecbb90 dbwrap: dbwrap_store_uint32->dbwrap_store_uint32_bystring
Signed-off-by: Michael Adam <obnox@samba.org>
2012-06-15 12:14:28 +02:00
Volker Lendecke
7f19a5ab52 dbwrap: dbwrap_fetch_uint32->dbwrap_fetch_uint32_bystring
Signed-off-by: Michael Adam <obnox@samba.org>
2012-06-15 12:14:28 +02:00
Volker Lendecke
749314fcf9 dbwrap: dbwrap_store_int32->dbwrap_store_int32_bystring
Signed-off-by: Michael Adam <obnox@samba.org>
2012-06-15 12:14:27 +02:00
Volker Lendecke
737c0a5473 dbwrap: dbwrap_fetch_int32->dbwrap_fetch_int32_bystring
Signed-off-by: Michael Adam <obnox@samba.org>
2012-06-15 12:14:27 +02:00
Volker Lendecke
2fd28dc4cf s3: Simplify tdb_data_is_cstr a bit
The original code contained rawmemchr for performance reasons. I
would expect the very common strlen routine to be not much worse
performance-wise than rawmemchr. On top, for me this patch simplifies
the expression a bit.

Signed-off-by: Michael Adam <obnox@samba.org>

Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Thu Jun 14 16:55:58 CEST 2012 on sn-devel-104
2012-06-14 16:55:58 +02:00
Michael Adam
ba1699463b s3:smb: introduce a name TID_FIELD_INVALID for the invalid value for a cnum/tid
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
2012-06-06 19:37:14 +02:00
Stefan Metzmacher
af4c99eed0 s3:utils: use smbd/smbd.h instead of just smbd/proto.h
This fixes compiler warnings regarding incomplete types.

metze
2012-06-06 10:18:39 +02:00
Stefan Metzmacher
8693a4fff9 s3:lib: split things into a conn_tdb.h
metze

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Tue Jun  5 19:28:35 CEST 2012 on sn-devel-104
2012-06-05 19:28:35 +02:00
Stefan Metzmacher
9cae92b485 s3:utils: use cli_tree_connect() instead of cli_tcon_andx()
metze

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Wed May 30 12:54:05 CEST 2012 on sn-devel-104
2012-05-30 12:54:05 +02:00
Luk Claes
764b5e5610 s3:libsmb: get rid of cli_negprot
Signed-off-by: Luk Claes <luk@debian.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-05-28 14:49:49 +02:00
Luk Claes
1ff8c404a6 s3:libsmb: get rid of cli_state_server_time_zone
Signed-off-by: Luk Claes <luk@debian.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-05-28 14:49:48 +02:00
Luk Claes
d8c0646a5d s3:libsmb: get rid of cli_state_protocol
Signed-off-by: Luk Claes <luk@debian.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-05-28 14:49:45 +02:00
Luk Claes
4f6f4ea93c s3:libsmb: get rid of cli_state_remote_name
Signed-off-by: Luk Claes <luk@debian.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-05-28 14:49:45 +02:00
Luk Claes
987e81b0ee s3:libsmb: get rid of cli_state_*_sockaddr
Signed-off-by: Luk Claes <luk@debian.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-05-28 14:49:44 +02:00
Andrew Bartlett
e7e6276092 s3-utils: Use ads_do_search_retry in net ads search
This makes it possible to search against a slow server, as will
fallback from 1000 to (eventually) 125 users at a time.

Andrew Bartlett

Signed-off-by: Jeremy Allison <jra@samba.org>

Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sat May 26 03:53:34 CEST 2012 on sn-devel-104
2012-05-26 03:53:34 +02:00
Simo Sorce
34a65739d3 Move source3/libads/dns.c to lib/addns 2012-05-23 17:51:48 +03:00
Simo Sorce
a7e94fce3f s3-ads-dns: Break dependency on lp_parm
In preparation of making this code common to s3 and s4
2012-05-23 17:51:48 +03:00
Volker Lendecke
fc77ee5171 s3: Fix Coverity ID 242710 Untrusted pointer read
According to susv3 we have to make sure that we call isupper with
values only in the range of an unsigned char. This is best achieved
by automatic narrowing through assignment.
2012-05-15 21:37:17 +02:00
Stefan Metzmacher
b4abd3faaf s3-auth: remove "security=server" (depricated since 3.6)
"security=server" has a lot of problems in the world with
modern security (ntlmv2 and krb5). It was also not very
reliable, as it needed a stable connection to the password
server for the lifetime of the whole client connection!

Please use "security=domain" or "security=ads" is you
authentication against remote servers (domain controllers).

metze
                       --------------
                      /              \
                     /      REST      \
                    /        IN        \
                   /       PEACE        \
                  /                      \
                  |      SEC_SERVER      |
                  |    security=server   |
                  |                      |
                  |                      |
                  |       12 May         |
                  |                      |
                  |        2012          |
                 *|     *  *  *          | *
        _________)/\\_//(\/(/\)/\//\/\///|_)_______
2012-05-15 08:18:28 +02:00
Volker Lendecke
aa220c4981 s3: Fix Coverity ID 242725 Uninitialized scalar variable
Not a functional bug, but we copy all of the "key" structure inside
dcerpc_winreg_CreateKey.
2012-05-10 09:11:57 +02:00
Volker Lendecke
dead2168a2 s3: Fix Coverity ID 242726 Uninitialized scalar variable
Not a functional bug, but we copy all of the "key" structure inside
dcerpc_winreg_OpenKey.
2012-05-10 09:11:57 +02:00
Volker Lendecke
4e05717559 s3: Fix Coverity ID 242754 Dereference null return value 2012-05-10 09:11:57 +02:00
Karolin Seeger
48d57d7636 s3-net: Fix typo in comment.
Karolin
2012-05-08 16:46:33 +02:00
Christof Schmitt
be8180e030 net: Let get*sid return error from passdb init
When initialize_password_db returns an error this means that the SID
stored in the backend cannot be read. Return this error directly
instead of creating a random SID through get_global_sam_sid.

Autobuild-User: Volker Lendecke <vl@samba.org>
Autobuild-Date: Mon Apr 30 13:07:20 CEST 2012 on sn-devel-104
2012-04-30 13:07:20 +02:00
Gregor Beck
36cb40ef2b s3:registry: remove usage of reg_objects from net_rpc_printer.c
Signed-off-by: Andreas Schneider <asn@samba.org>
2012-04-25 14:23:04 +02:00
Gregor Beck
4eb4f75371 s3:eventlogadm make a transaction for addsource
Signed-off-by: Andreas Schneider <asn@samba.org>
2012-04-25 14:23:03 +02:00
Gregor Beck
c6224e46aa s3:eventlogadm reimplement addsource using reg_api
Signed-off-by: Andreas Schneider <asn@samba.org>
2012-04-25 14:22:17 +02:00
Volker Lendecke
d38a171a43 s3: Attempt to fix the build without kerberos
Autobuild-User: Volker Lendecke <vl@samba.org>
Autobuild-Date: Tue Apr 24 15:04:14 CEST 2012 on sn-devel-104
2012-04-24 15:04:13 +02:00
Simo Sorce
08c733d75f Make krb5 wrapper library common so they can be used all over 2012-04-23 19:20:38 -04:00
Michael Adam
c0ba8295f2 s3:smbcontrol: remove an unused variable
Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Sat Apr 21 00:55:13 CEST 2012 on sn-devel-104
2012-04-21 00:55:09 +02:00
Michael Adam
499e7372be s3:id_cache: do not use the in-memory idmap cache (it is going to be removed)
This also removes the ID_CACHE_FLUSH message.
2012-04-20 23:17:36 +02:00
Volker Lendecke
1be6d849ab s3-g_lock: Use dbwrap_record_watch_send/recv
This simplifies the g_lock implementation. The new implementation tries to
acquire a lock. If that fails due to a lock conflict, wait for the g_lock
record to change. Upon change, just try again. The old logic had to cope with
pending records and an ugly hack into ctdb itself. As a bonus, we now get a
really clean async g_lock_lock_send/recv that can asynchronously wait for a
global lock. This would have been almost impossible to do without the
dbwrap_record_watch infrastructure.
2012-04-19 22:24:19 +02:00
Volker Lendecke
1b5b38a615 s3-dbwrap: Add "listwatchers" to dbwrap_tool 2012-04-19 22:24:19 +02:00
Volker Lendecke
3f18316358 s3: Fix Coverity ID 2727 to 2740 -- UNINIT 2012-04-19 20:52:27 +02:00
Volker Lendecke
9ce9389b29 s3: Fix a "ISO C90 forbids mixed declarations and code"
Autobuild-User: Volker Lendecke <vl@samba.org>
Autobuild-Date: Thu Apr 19 10:32:27 CEST 2012 on sn-devel-104
2012-04-19 10:32:27 +02:00
Volker Lendecke
8ed7ff483c s3: Add smbstatus -N to output the notify db
Autobuild-User: Volker Lendecke <vl@samba.org>
Autobuild-Date: Tue Apr 17 11:54:35 CEST 2012 on sn-devel-104
2012-04-17 11:54:35 +02:00
Volker Lendecke
ee4f2abbda s3: Add "notify-cleanup" to smbcontrol
This triggers a notify cleanup run which would normally only run periodically
2012-04-17 10:21:03 +02:00
Björn Baumbach
7ff42f3746 s3-utils: add do_reload_printers command to smbcontol
Add command to force smbd to reload printers by sending MSG_PRINTER_PCAP.
2012-04-06 08:19:13 +02:00
Andrew Bartlett
f6e0532024 build: Remove SMB_STRUCT_DIR define 2012-04-05 02:39:09 +02:00
Andrew Bartlett
2320b2144f build: Remove SMB_STRUCT_DIRENT define 2012-04-05 02:39:09 +02:00
Andrew Bartlett
3e8a6e5760 build: Remove sys_closedir wrapper 2012-04-05 02:39:09 +02:00
Andrew Bartlett
afdb78075c build: Remove sys_readdir wrapper 2012-04-05 02:39:09 +02:00
Andrew Bartlett
fe526bb32b build: Remove sys_opendir wrapper 2012-04-05 02:39:09 +02:00
Andrew Bartlett
d166b79852 build: Remove sys_open wrapper 2012-04-05 02:39:08 +02:00
Andrew Bartlett
1c7c432874 s3-ntlm_auth: use manage_gensec_request for squid-2.5-ntlmssp
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-04-03 17:47:32 +02:00
Andrew Bartlett
f3b005e759 s3-auth: Order GENSEC mechs by priority, krb5 before NTLMSSP
Otherwise, really simple clients (such as the current ntlm_auth gss-spnego client)
will not select krb5.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-04-03 17:47:32 +02:00
Andrew Bartlett
893387d25f s3-ntlm_auth: add ntlm_auth_generate_session_info_pac()
Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-04-03 17:47:32 +02:00
Andrew Bartlett
4ccac90793 s3-ntlm_auth Use GENSEC for gss-spnego server
This imports the gensec handling code from the source4 ntlm_auth, which
will eventually be used for all the NTLMSSP and SPNEGO clients and servers
but which is only used for gss-spnego for now.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-04-03 17:47:31 +02:00
Jeremy Allison
959516d61b More strlcat/strlcpy truncate checks. 2012-03-30 21:26:07 +02:00
Jelmer Vernooij
c9fb33697d use usleep rather than sys_usleep in various places, in anticipation of usleep moving to libreplace. 2012-03-24 22:41:05 +01:00
Andrew Bartlett
49bb7f248a s3-krb5: Remove GSS_WRAP_IOV conditional
We already confirm that we have this functionality before we set HAVE_KRB5 at
configure time.

Andrew Bartlett
2012-03-15 09:29:02 +11:00
Björn Jacke
7bd1dc5dd5 s3: fix build on AIX
Autobuild-User: Björn Jacke <bj@sernet.de>
Autobuild-Date: Sat Mar 10 19:07:20 CET 2012 on sn-devel-104
2012-03-10 19:07:20 +01:00
Andrew Bartlett
d7bb961859 s3-auth: Remove security=share (depricated since 3.6).
This patch removes security=share, which Samba implemented by matching
the per-share password provided by the client in the Tree Connect with
a selection of usernames supplied by the client, the smb.conf or
guessed from the environment.

The rationale for the removal is that for the bulk of security=share
users, we just we need a very simple way to run a 'trust the network'
Samba server, where users mark shares as guest ok.  This is still
supported, and the smb.conf options are documented at
https://wiki.samba.org/index.php/Public_Samba_Server

At the same time, this closes the door on one of the most arcane areas
of Samba authentication.

Naturally, full user-name/password authentication remain available in
security=user and above.

This includes documentation updates for username and only user, which
now only do a small amount of what they used to do.

Andrew Bartlett

                       --------------
                      /              \
                     /      REST      \
                    /        IN        \
                   /       PEACE        \
                  /                      \
                  |      SEC_SHARE       |
                  |    security=share    |
                  |                      |
                  |                      |
                  |       5 March        |
                  |                      |
                  |        2012          |
                 *|     *  *  *          | *
        _________)/\\_//(\/(/\)/\//\/\///|_)_______
2012-03-04 23:33:05 +01:00
Matthieu Patou
7916d64bbd s3: print a nice warning when HAVE_ADS is not enabled but you still try to do net rpc keytab vampire 2012-03-04 07:55:46 +01:00
Andrew Bartlett
74c6d2bcf4 s3-ntlm_auth fix up gss-spnego-client so as to work with gss-spnego
The SPNEGO code changed since this was last tested.

Andrew Bartlett
2012-03-01 22:04:45 +11:00
Andrew Bartlett
4dae0e7ec5 s3-ntlm_auth: Wrap kerberos token in GSSAPI
While windows will accept this ticket without the wrapping, it is
nicer to follow the standard and wrap it up in GSSAPI.

This should allow the ntlm_auth gss-spnego-client to talk to
the ntlm_auth gss-spengo server.

Reported by Christof Schmitt <christof.schmitt@us.ibm.com>

Andrew Bartlett
2012-03-01 22:04:45 +11:00
Andrew Bartlett
5b700cb0e3 s3-ntlm_auth: Add --target-service and --target-hostname options
This will allow the gss-spnego-client protocol to work with modern
SPNEGO servers that do not send the principal in the mechListMIC.

Andrew Bartlett
2012-03-01 22:04:45 +11:00
Jeremy Allison
0e6213b1ae Remove unused function. 2012-02-24 09:25:30 -08:00
Andrew Bartlett
9de7fb8706 s3-ntlm_auth: Convert ntlm_auth to use gensec_ntlmssp server-side
This uses the common gensec_ntlmssp server code for ntlm_auth, removing
the last non-gensec use of the NTLMSSP server.

Andrew Bartlett
2012-02-24 11:23:18 +11:00
Andrew Bartlett
1c7725ae8a s3-utils: Remove unused connect_to_ipc_krb5()
Found by callcatcher.

Andrew Bartlett
2012-02-23 16:14:19 +11:00
Andrew Bartlett
f91c616176 s3-ntlm_auth: allow ntlm_auth --diagnostics to pass again
This still requires that the server permit LM passwords, but our s3dc test
environment has this enabled.

Andrew Bartlett
2012-02-20 10:50:48 +11:00
Christopher R. Hertel (crh)
b5b204184a Rename obscure defined constants.
Replaced the undescriptive SMB_PORT1 and SMB_PORT2 defined constants
with the slightly more descriptive names NBT_SMB_PORT and TCP_SMB_PORT.
Also replaced several hard-coded references to the well-known port
numbers (139 and 445, respectively) as appropriate.

Small changes to clarify some comments regarding the two transport
types.

Signed-off-by: Simo Sorce <idra@samba.org>

Autobuild-User: Simo Sorce <idra@samba.org>
Autobuild-Date: Thu Feb 16 08:29:41 CET 2012 on sn-devel-104
2012-02-16 08:29:41 +01:00
Andreas Schneider
419e92b149 s3-net: Don't use an internal krb5 for kdc lookup.
This replaces the use of the internal krb5_locate_kdc() function with
our own get_kdc_list() function.

Signed-off-by: Günther Deschner <gd@samba.org>
2012-02-09 12:42:30 +01:00
Jeremy Allison
571ee0b1ff Only ask for specific permissions required when setting an ACL.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Fri Feb  3 03:07:33 CET 2012 on sn-devel-104
2012-02-03 03:07:32 +01:00
Michael Adam
8972c92342 s3:net ads join: remove a useless empty comment block
Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Tue Jan 31 18:37:45 CET 2012 on sn-devel-104
2012-01-31 18:37:45 +01:00
Michael Adam
976672bf80 s3:net ads join: add a comment for the call to _net_ads_join_dns_update() 2012-01-31 17:00:30 +01:00
Michael Adam
be312e76d2 s3:net ads join: reduce indentation in _net_ads_join_dns_updates() 2012-01-31 17:00:30 +01:00
Michael Adam
7e5c5bdcc4 s3:net ads join: move dns update code out to new function _net_ads_join_dns_updates() 2012-01-31 17:00:30 +01:00
Michael Adam
1768d3621a s3:net ads join: improve comment for dns update block 2012-01-31 17:00:30 +01:00
Michael Adam
8f9b43281d s3:net ads join: improve status evaluation for call to net_update_dns()
untangle assignment from check and log error code in message if failed.
2012-01-31 17:00:30 +01:00
Michael Adam
9cd7b8f04d s3:net ads join: interpret return code of ads_kinit_password() in dns update block
If failed, print according error message and skip the attempt to do dns update.
2012-01-31 17:00:30 +01:00
Michael Adam
4831b6e6bb s3:net ads join: check for malloc success and react accordingly in dns update block 2012-01-31 17:00:30 +01:00
Michael Adam
ca913c98a6 s3:net ads join: check for success of fetching machine password in dns update block
log and cleanup accordingly if failed
2012-01-31 17:00:30 +01:00
Michael Adam
04fa9a389c s3:net ads join: untangle assignment from check, fix return code and improve error logging
only the dns update failed, not the join.
Also do proper memory cleanup
2012-01-31 17:00:30 +01:00
Michael Adam
63d9b5d75a s3:net ads join: reduce indentation and improve logging in the dns update code block
by doing an early goto done upon error condition
2012-01-31 17:00:30 +01:00
Michael Adam
1d83f2118e s3:net ads join: untangle assignment from check. 2012-01-31 17:00:30 +01:00
Michael Adam
dc4cf82fb5 s3:net registry: fix a copy and paste error in a help text 2012-01-31 17:00:30 +01:00