sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-13 13:18:06 +03:00
Code
60,103 Commits 60 Branches 1,145 Tags 452 MiB
8a76352544
Commit Graph

60103 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Stefan Metzmacher
883b10983b s4:libcli/wrepl: convert wrepl_associate_send to tevent_req 
metze
 2010-03-05 14:09:02 +01:00
Stefan Metzmacher
2e24def806 s4:libcli/wrepl: convert wrepl_pull_table_send to tevent_req 
metze
 2010-03-05 14:09:02 +01:00
Stefan Metzmacher
50f1dc9db8 s4:libcli/wrepl: convert wrepl_pull_names_send to tevent_req 
metze
 2010-03-05 14:09:02 +01:00
Stefan Metzmacher
1a8815abd3 s4:libcli/wrepl: use UTIL_TEVENT 
metze
 2010-03-05 14:09:01 +01:00
Stefan Metzmacher
0dfc778915 s4:libcli/wrepl: avoid neested named structures 
metze
 2010-03-05 14:09:01 +01:00
Stefan Metzmacher
4c51c07380 s4:torture/nbt: avoid the usage of wrepl_pull_table_send() 
metze
 2010-03-05 14:09:00 +01:00
Stefan Metzmacher
6eedba102b libcli/auth: add a const to des_crypt112_16() 
metze
 2010-03-05 14:06:18 +01:00
Stefan Metzmacher
31293c64a3 s3:winbindd: add DEBUG(10,...) for the end of each top level 
That will hopefully make debugging a bit easier (at least for me).

metze
 2010-03-05 14:03:55 +01:00
Matthias Dieter Wallnöfer
6f11818923 s4:kcc - Change some counter variables to be unsigned 
The upper limits are unsigned variables therefore also the counter variables
need to be like that.
 2010-03-05 13:38:01 +01:00
Matthias Dieter Wallnöfer
82c2448573 s4:samdb_privilege.c - Change two counter variables to unsigned 
Also here in both cases the unsigned counter fits better than the signed one.
 2010-03-05 13:38:00 +01:00
Matthias Dieter Wallnöfer
c695ce729b s4:cracknames - Change two counter variables to unsigned 
In both cases the unsigned counter fits better:
- in the first one since we are counting LDB objects starting from 0
- in the second since we are counting an array starting from 0
 2010-03-05 13:38:00 +01:00
Andrew Tridgell
e8788808da s4-pvfs_sys: build on systems without O_NOFOLLOW or O_DIRECTORY 2010-03-05 23:07:32 +11:00
Andrew Tridgell
568f0851f0 s4-pvfs_sys: talloc_free should be before errno restore 
talloc can potentially change the errno
 2010-03-05 23:07:32 +11:00
Andrew Tridgell
2c2156ea95 s4-pvfs: use pvfs_sys_fchmod() 2010-03-05 23:07:32 +11:00
Andrew Tridgell
dae9d20e14 s4-pvfs: set default for perm override based on system features 
If the system has O_NOFOLLOW and O_DIRECTORY then we allow for
overrides by default. If not, then we disable by default, as we will
be more vulnerable to symlink attacks
 2010-03-05 23:07:32 +11:00
Andrew Tridgell
f7c97c8597 s4-pvfs: use O_FOLLOW one level at a time for security overrides 
To prevent symlink attacks we need to use O_NOFOLLOW one level at a
time when processing a root security override
 2010-03-05 23:07:32 +11:00
Andrew Tridgell
f3c738f819 replace: added get_current_dir_name() 2010-03-05 23:07:32 +11:00
Andrew Tridgell
ace6d75ae6 s4-pvfs: use pvfs_sys_*() functions to wrap posix calls 
This allows for root override, which fixes many problems with
mismatches between NT ACL permissions and unix permissions.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-03-05 23:07:31 +11:00
Andrew Tridgell
034bcaf14d s4-pvfs: new pvfs_sys module 
The pvfs_sys_*() calls provide wrapper functions for posix file
functions which use root privileges to override EACCES failures if
PVFS_FLAG_PERM_OVERRIDE is set

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-03-05 23:07:31 +11:00
Andrew Tridgell
edd5a572d8 s4-pvfs: added new pvfs flag PVFS_FLAG_PERM_OVERRIDE 
This flag indicates that we should use root privileges to override 
unix permissions when the NT ACLs indicate that access should be
granted

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-03-05 23:07:31 +11:00
Andrew Tridgell
ee4ae0e7ad s4-privs: add root_privileges_original_uid() 
This can be used to get the uid we changed away from when we gained 
root privileges

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-03-05 23:07:31 +11:00
Günther Deschner
6c52a37ac1 s3-selftest: enable RPC-WINREG against Samba 3. 
Guenther
 2010-03-05 11:09:05 +01:00
Günther Deschner
b3765afd38 s4-smbtorture: skip NotifyChangeKeyValue test against s3 for now. 
Guenther
 2010-03-05 11:09:05 +01:00
Matthias Dieter Wallnöfer
12ae05939f s4:torture/rpc/samr.c - add some decision possibility constants to some switch 
At the moment nothing is done when the enumeration variable is set to one of
those constants as before. This is only to quite nasty warnings.
 2010-03-05 08:55:47 +01:00
Matthias Dieter Wallnöfer
ce82f91614 s4:torture/rpc/samr.c - make some argument of function "test_SamLogon_with_creds" constant 
This to quiet warnings.
 2010-03-05 08:55:47 +01:00
Matthias Dieter Wallnöfer
bfd31db9a9 s4:torture/winbind/struct_based.c - fix up (un)signedness of a function argument 
Otherwise always a warning is generated.
 2010-03-05 08:55:47 +01:00
Andrew Tridgell
2e1637833b s4-pvfs: log more error conditions in NTVFS backend 
This should make is easier to track down some bug reports

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-03-05 16:12:06 +11:00
Andrew Tridgell
80a37beb53 s4-pvfs: move the private ntcreatex flags to private_flags 
Re-using two of the create_options bits was bound to eventually
cause problems, and indeed, Windows7 now uses one of those bits
when opening text files.

Fixes bug 7189
 2010-03-05 16:12:05 +11:00
Andrew Tridgell
f01f124969 s4-rpc: don't use s->credentials after it is freed 2010-03-05 16:12:05 +11:00
Andrew Tridgell
2e1e446ba3 s4-torture: fixed commas separating C statements 2010-03-05 16:12:05 +11:00
Bo Yang
aaafadb7d5 s3: Fix unnecessary traversing winbindd_cache.tdb in SIGHUP handler. 
Signed-off-by: Bo Yang <boyang@samba.org>
 2010-03-06 20:58:23 +08:00
Andrew Tridgell
25a0750b81 s4-python: only install external python libs that are missing 2010-03-05 11:54:37 +11:00
Andrew Tridgell
7d86257d54 s4-python: import a copy of the python dns library 
This library is not installed on enough systems for us to rely
on it being available. We use the system copy if possible, and
fallback to this local copy

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-03-05 11:54:36 +11:00
Andrew Tridgell
f3ca7a4696 s4-dns: use samba.external to pull in the dns.resolver library 2010-03-05 11:54:36 +11:00
Andrew Tridgell
8c7cf499ab s4-python: allow us to have samba copies of python libraries we depend on 
For python libraries like dns.resolver it is useful to be able to install 
a copy of the library with Samba. This set of functions allows us to do that
while using the locally installed version if it is available

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-03-05 11:54:36 +11:00
Andrew Tridgell
2d30f4fb4f s4-dns-ex: use autoclose on the dns child pipe 
I'm hoping this will fix an occasional segfault I've noticed where
epoll still calls events on a closed fde

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-03-05 11:54:36 +11:00
Andrew Tridgell
5573d04941 s4-messaging: use auto-close on the socket 2010-03-05 11:54:36 +11:00
Jeremy Allison
cb06eee86a srv_pipe.c doesn't reference current_user anymore. Remove it. 
Jeremy.
 2010-03-04 14:59:29 -08:00
Matthias Dieter Wallnöfer
13b1bf5d47 s4:auth/sam.c - change base context for the "tmp_ctx" context in "authsam_expand_nested_groups" 
Better use the "res_sids_ctx" as base context for the "tmp_ctx" and not the
long-living "sam_ctx"/"ldb" context to prevent memory leaks.
 2010-03-04 22:18:10 +01:00
Matthias Dieter Wallnöfer
3d94b28441 s4:ldap.py - give the "primaryGroupToken" test a better name 
It tests also some other constructed attributes in a basic way.
 2010-03-04 18:16:24 +01:00
Matthias Dieter Wallnöfer
4546b6b7df s4:ldap.py - add test for "tokenGroups" 2010-03-04 18:16:24 +01:00
Matthias Dieter Wallnöfer
8297302e98 s4:operational LDB - don't accidentally "ate" search helper attributes if we need them for more constructed attributes 
With this patch we delete the helper attributes at the end where all constructed
attributes have already been computed.
 2010-03-04 18:16:24 +01:00
Matthias Dieter Wallnöfer
ffa03820f1 s4:operational LDB module - make the counters unsigned 
No need to have signed counters here.
 2010-03-04 18:16:23 +01:00
Matthias Dieter Wallnöfer
bf94d68df8 s4:operational LDB - implement the "tokenGroups" constructed attribute 
It contains the transitive SID closure (expand member/memberOf attributes) of a
certain SAM object. The "tokenGroups" attribute never contains the SID of the
object itself.

References: http://msdn.microsoft.com/en-us/library/ms680275(VS.85).aspx,
http://support.microsoft.com/kb/301916,
MS-ADTS 3.1.1.4.5.19.
 2010-03-04 18:16:23 +01:00
Matthias Dieter Wallnöfer
1f371cdbe5 s4:sam.c - make "authsam_expand_nested_groups" public 
This is needed by the "tokenGroups" work in the operational LDB module.
 2010-03-04 18:16:22 +01:00
Matthias Dieter Wallnöfer
7587665d92 s4:sam.c - cosmetic indentation fix 2010-03-04 18:16:22 +01:00
Matthias Dieter Wallnöfer
0049c9ed1c s4:sam.c - change variable types to unsigned in "sids_contains_sid" 
Should also be unsigned - no need for a signed "i" and "num_sids" here.
 2010-03-04 18:16:22 +01:00
Matthias Dieter Wallnöfer
e34ee26169 s4:operational LDB module - use right memory context int "construct_primary_group_token" 
Use the "msg" as temporary context and not "ldb" which lives much longer.
 2010-03-04 18:16:21 +01:00
Karolin Seeger
bc2ff7abc9 Revert "s3:configure: add --enable-as-needed" 
This reverts commit 22d316926b.

Please see bug #7209 for details.
 2010-03-04 16:19:33 +01:00
Nadezhda Ivanova
8cb416a0b5 Refactored ACL python tests 
Made each type into a separate class to be easily run individually,
removed code duplication
 2010-03-04 15:22:30 +02:00