1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-20 14:03:59 +03:00

3327 Commits

Author SHA1 Message Date
James Peach
97ee5b1afa r14600: Refactor capability interface from being IRIX-specific to using only
the POSIX interface. Note that this removes support for inherited
capabilities. This wasn't used, and probably should not be.
(This used to be commit 763f4c01488a96aec000c18bca313da37ed1df1b)
2007-10-10 11:15:39 -05:00
Günther Deschner
1d5ab8fd05 r14597: Merge DCERPC_FAULT constants from Samba 4.
Guenther
(This used to be commit 3f195f8248c88ec8bf8ceb195575ce6bb49d7fc4)
2007-10-10 11:15:38 -05:00
Gerald Carter
0ce53f8ba5 r14403: * modifies create_local_nt_token() to create a BUILTIN\Administrators
group IFF sid_to_gid(S-1-5-32-544) fails and 'winbind nested groups = yes'

* Add a SID domain to the group mapping enumeration passdb call
  to fix the checks for local and builtin groups.  The SID can be
  NULL if you want the old semantics for internal maintenance.
  I only updated the tdb group mapping code.

* remove any group mapping from the tdb that have a
  gid of -1 for better consistency with pdb_ldap.c.
  The fixes the problem with calling add_group_map() in
  the tdb code for unmapped groups which might have had
  a record present.

* Ensure that we distinguish between groups in the
  BUILTIN and local machine domains via getgrnam()
  Other wise BUILTIN\Administrators & SERVER\Administrators
  would resolve to the same gid.

* Doesn't strip the global_sam_name() from groups in the
  local machine's domain (this is required to work with
  'winbind default domain' code)

Still todo.

* Fix fallback Administrators membership for root and domain Admins
  if nested groups = no or winbindd is not running

* issues with "su - user -c 'groups'" command

* There are a few outstanding issues with BUILTIN\Users that
  Windows apparently tends to assume.  I worked around this
  presently with a manual group mapping but I do not think
  this is a good solution.  So I'll probably add some similar
  as I did for Administrators.
(This used to be commit 612979476aef62e8e8eef632fa6be7d30282bb83)
2007-10-10 11:15:28 -05:00
Günther Deschner
81e4340fd4 r14368: Remove redundant set of logon flags (now in rpc_netlogon.h).
Guenther
(This used to be commit 8d4290cb8ed75cf12fa45bcf3e93cfe1a5567919)
2007-10-10 11:15:27 -05:00
Jeremy Allison
d1684fa82e r14353: Fix coverity bugs #61 and #62. Remember to divide by
the size of the data table. Clean up the struct a little.
Jeremy.
(This used to be commit 338538410d484a9358b60b05a86180275344ffa4)
2007-10-10 11:15:26 -05:00
James Peach
d245d5c017 r14255: Revert r14204 which was horribly broken.
(This used to be commit 950ed28f9f3f57dc449bd3bd6e7be7acb1e3d26d)
2007-10-10 11:15:21 -05:00
James Peach
a62c0925e8 r14207: Convert the lp_acl_compatibility() param into an enum.
(This used to be commit 5429c495c538e416010cf44e1d6fb771770a72ae)
2007-10-10 11:15:16 -05:00
James Peach
a156d128f2 r14204: Remove the basically unused P_GSTRING and P_UGSTRING
parameter types.
(This used to be commit 23328fe6fc5e3b4ed3dc35e1475d661a8593eb1a)
2007-10-10 11:15:16 -05:00
Günther Deschner
e11a85eebd r14074: Some cleanup; there is no point in declaring and mapping
KRB5KRB_ERR_RESPONSE_TOO_BIG when the krb5 library does not know about
this.

Guenther
(This used to be commit 4a1a3c4808307e09fa8ff85da9a963a4a6f0e9ae)
2007-10-10 11:11:09 -05:00
Günther Deschner
763a2d7d8e r14051: Add remaining (documented) userAccountControl bits, thanks to Luke
Howard for pointing this out.

Guenther
(This used to be commit 170038f4cdfa51ea31b2255a020740d28dfbfba2)
2007-10-10 11:11:08 -05:00
Günther Deschner
ca3df1d3f9 r14050: Add the ACB_PWEXPIRED bit abartlet has found.
Guenther
(This used to be commit 5fa3f26b4c39d612243319fc0729078c50439d6b)
2007-10-10 11:11:08 -05:00
Günther Deschner
06d6325da1 r14049: Found some more MSV1_0 bits and their behaviour;
just for documentation purpose.

Guenther
(This used to be commit 0b00424e07f3f9c815664c619e2d7a670a838b93)
2007-10-10 11:11:08 -05:00
Jeremy Allison
71272fc441 r13975: Re-fix Coverity #156 - I had left the hidden arg. inconsistent
between Realloc and realloc_array.
Jeremy.
(This used to be commit 841c9b1847ae12656b827e3d35b8bf0c3f68b8b4)
2007-10-10 11:11:02 -05:00
Jeremy Allison
894358a8f3 r13915: Fixed a very interesting class of realloc() bugs found by Coverity.
realloc can return NULL in one of two cases - (1) the realloc failed,
(2) realloc succeeded but the new size requested was zero, in which
case this is identical to a free() call.

The error paths dealing with these two cases should be different,
but mostly weren't. Secondly the standard idiom for dealing with
realloc when you know the new size is non-zero is the following :

 tmp = realloc(p, size);
 if (!tmp) {
    SAFE_FREE(p);
    return error;
 } else {
    p = tmp;
 }

However, there were *many* *many* places in Samba where we were
using the old (broken) idiom of :

 p = realloc(p, size)
 if (!p) {
    return error;
 }

which will leak the memory pointed to by p on realloc fail.

This commit (hopefully) fixes all these cases by moving to
a standard idiom of :

 p = SMB_REALLOC(p, size)
 if (!p) {
    return error;
 }

Where if the realloc returns null due to the realloc failing
or size == 0 we *guarentee* that the storage pointed to by p
has been freed. This allows me to remove a lot of code that
was dealing with the standard (more verbose) method that required
a tmp pointer. This is almost always what you want. When a
realloc fails you never usually want the old memory, you
want to free it and get into your error processing asap.

For the 11 remaining cases where we really do need to keep the
old pointer I have invented the new macro SMB_REALLOC_KEEP_OLD_ON_ERROR,
which can be used as follows :

 tmp = SMB_REALLOC_KEEP_OLD_ON_ERROR(p, size);
 if (!tmp) {
    SAFE_FREE(p);
    return error;
 } else {
    p = tmp;
 }

SMB_REALLOC_KEEP_OLD_ON_ERROR guarentees never to free the
pointer p, even on size == 0 or realloc fail. All this is
done by a hidden extra argument to Realloc(), BOOL free_old_on_error
which is set appropriately by the SMB_REALLOC and SMB_REALLOC_KEEP_OLD_ON_ERROR
macros (and their array counterparts).

It remains to be seen what this will do to our Coverity bug count :-).

Jeremy.
(This used to be commit 1d710d06a214f3f1740e80e0bffd6aab44aac2b0)
2007-10-10 11:10:59 -05:00
Gerald Carter
129fd6c5c6 r13878: move PORT_DATA_1 to use static sized UNICODE strings as per MSDN
(This used to be commit c803e1b2afdfc5bd983f046c976c01adebcfa1ad)
2007-10-10 11:10:57 -05:00
Gerald Carter
5df58c38f3 r13829: From the "It's not pretty but it works" category
* Finish prototype of the "add port command" implementation
  Format is "addportcommand portname deviceURI"

* DeviceURI is either
  - socket://hostname:port/
  - lpr://hostname/queue
  depending on what the client sent in the request
(This used to be commit 6d74de7a676b71e83a3c3714743e6380c04e4425)
2007-10-10 11:10:56 -05:00
Gerald Carter
889ff32b5e r13824: * add api table for Xcv TCPMON and LOCALMON calls starting
with the "MonitorUI" call
* Fix some parsing errors

This gets us to the Add Port Wizard dialog.
(This used to be commit a444aa7f0088fb71ff89df8c280209188b33ec3d)
2007-10-10 11:10:56 -05:00
Gerald Carter
354c24d525 r13820: * Start fleshing out the XcvDataPort() server implementation
* Add support for the "Local Port" monitor as well through this API
(This used to be commit ba9cdd88a0abf90a9c04959e554d7e4f10d17ff7)
2007-10-10 11:10:55 -05:00
Gerald Carter
e33b728c7b r13815: "Into the blind world let us now descend,"
Began the poet, his face as pale as death.
"I will go first, and you will follow me."
---

Adding XcvDataPort() to the spoolss code for remotely
add ports.  The design is to allow an intuitive means
of creating a new CUPS print queue from the Windows 2000/XP
APW without hacks like specifying the deviceURI in the
location field of the printer properties dialog.

Also set 'default devmode = yes' as the new default
since it causes no harm and only is executed when you
have a NULL devmode anyways.
(This used to be commit 123e478ce5b5f63a61d00197332b847e83722468)
2007-10-10 11:10:55 -05:00
Jeremy Allison
a7552e677e r13802: I *knew* ASU on sparc had to be good for *something* ! :-).
Fix incorrect size understanding of sid name type (yes it's
already correct in the Samba4 IDL :-).
Jeremy.
(This used to be commit 305a774d2880a57d1ebdf2ecf2d7e0b519695a33)
2007-10-10 11:10:54 -05:00
James Peach
554155473b r13733: Reorder so that locking and params declarations are not mingled.
(This used to be commit cde31d5957ff9a009e111ab3719d20e70a5053b6)
2007-10-10 11:10:51 -05:00
Günther Deschner
e54786b535 r13711: * Correctly handle acb_info/acct_flags as uint32 not as uint16.
* Fix a couple of related parsing issues.
* in the info3 reply in a samlogon, return the ACB-flags (instead of
  returning zero)

Guenther
(This used to be commit 5b89e8bc24f0fdc8b52d5c9e849aba723df34ea7)
2007-10-10 11:10:25 -05:00
Volker Lendecke
9fffb6ab5b r13693: More Solaris/LDAP fixes from Bjoern <bjoern@j3e.de>
(This used to be commit 7c098ca0ae4c7e11c7100fb09b42ce716beffb56)
2007-10-10 11:10:24 -05:00
Volker Lendecke
5257615367 r13690: Check in Björn's LDAP Solaris fix.
(This used to be commit d6c6363517513cc66a8933a6e4f95c5ce5cf1cb4)
2007-10-10 11:10:23 -05:00
Gerald Carter
d95e13e68f r13679: Commiting the rm_primary_group.patch posted on samba-technical
* ignore the primary group SID attribute from struct samu*
* generate the primary group SID strictlky from the Unix
  primary group when dealing with passdb users
* Fix memory leak in original patch caused by failing to free a
  talloc *
* add wrapper around samu_set_unix() to prevent exposing the create
  BOOL to callers.  Wrappers are samu_set_unix() and samu-allic_rid_unix()
(This used to be commit bcf269e2ec6630b78d909010fabd3b69dd6dda84)
2007-10-10 11:10:23 -05:00
Günther Deschner
379bd6865f r13657: Let winbindd try to obtain the gecos field from the msSFU30Gecos
attribute when "winbind nss info = sfu" is set. Fixes #3539.

Guenther
(This used to be commit ffce0461de130828345c44293e564ca03227607d)
2007-10-10 11:10:21 -05:00
Günther Deschner
2a0ad559ad r13625: Now that Heimdal 0.7.2 is released, we reenable our strict checking for
c++ reserved names.

Guenther
(This used to be commit e0b50d008728cfc66f6b1eefdadf8a708f4d9500)
2007-10-10 11:10:20 -05:00
Gerald Carter
6622ba566e r13601: * Remove unused code from pdb_ldap.c
* Add a 'struct passwd *' to the struct samu for later reference
  (I know this may be controversial but its easily reverted which is
  is why I'm checking this is as a seaparate patch before I get
  too deep).
* Remove unix_homedir from struct samu {} and update the pdb wrapper
  functions associated with it.
(This used to be commit 92c251fdf0f1f566cfeca3c75ba2284b644aef5d)
2007-10-10 11:10:18 -05:00
Lars Müller
8176d4c9fe r13598: Defining KRB5KRB_ERR_RESPONSE_TOO_BIG if not defined which is the case
for older krb5 implementations.

Patch slightly modified from the version provided by Björn Jacke <bjoern
at j3e dot de> at the samba-technical list after discussion on the list
and by IRC.  Thanks Björn!
(This used to be commit 49e6431c06c70088907c31e2da1ec83a09377015)
2007-10-10 11:10:18 -05:00
Jeremy Allison
a57f37420b r13588: Second attempt to fix Bug #3330 - treat the string as a
uint8 array and copy as such. Gunther please check (sorry
I reverted your earlier fix).
Jeremy.
(This used to be commit 7a17b39c80703909f102487690d2117d874b0e15)
2007-10-10 11:10:16 -05:00
Jeremy Allison
115996503c r13585: Sorry Gunther, had to revert this. It's got a buffer
overrun. Spoke to Jerry about the correct fix. Will add
this after.
Jeremy.
(This used to be commit 33e13aabd3825c59d15dc897536e2ccf8c8f6d5e)
2007-10-10 11:10:16 -05:00
Günther Deschner
4ea92f3098 r13581: Correctly parse a non-null terminated, little-endian UCS2 string in the
PAC_LOGON_NAME structure. This was broken on big-endian machines
(Solaris SPARC and ppc). Fixes Bug #3330.

Jerry, this should be in 3.0.21c.

Guenther
(This used to be commit 9732490811f8f02ee547ddc6e2694e1122a3a518)
2007-10-10 11:10:16 -05:00
Gerald Carter
2203bed32c r13576: This is the beginnings of moving the SAM_ACCOUNT data structure
to make full use of the new talloc() interface.  Discussed with Volker
and Jeremy.

* remove the internal mem_ctx and simply use the talloc()
  structure as the context.
* replace the internal free_fn() with a talloc_destructor() function
* remove the unnecessary private nested structure
* rename SAM_ACCOUNT to 'struct samu' to indicate the current an
  upcoming changes.  Groups will most likely be replaced with a
  'struct samg' in the future.

Note that there are now passbd API changes.  And for the most
part, the wrapper functions remain the same.

While this code has been tested on tdb and ldap based Samba PDC's
as well as Samba member servers, there are probably still
some bugs.  The code also needs more testing under valgrind to
ensure it's not leaking memory.

But it's a start......
(This used to be commit 19b7593972480540283c5bf02c02e5ecd8d2c3f0)
2007-10-10 11:10:15 -05:00
Günther Deschner
2cf38b62c5 r13566: Fix EA support for AIX.
Patch from Bjoern Jacke <bjacke-at-sernet-dot-de>.

Guenther
(This used to be commit 69fb189a6b9947069afebb15d6ee6f2f20d15171)
2007-10-10 11:10:14 -05:00
Jeremy Allison
9132acff08 r13553: Fix all our warnings at -O6 on an x86_64 box.
Jeremy.
(This used to be commit ea82958349a57ef4b7ce9638eec5f1388b0fba2a)
2007-10-10 11:10:13 -05:00
Günther Deschner
6a6f2463f6 r13522: Add SAMR_GET_USRDOM_PWINFO client-side.
Guenther
(This used to be commit 290a581b7567eab82b18fbadae9aa2ab29e95069)
2007-10-10 11:10:09 -05:00
Gerald Carter
04af2ab06e r13509: remove unnecessary sql flags
(This used to be commit c3702e804a74276ee53eb73f2d9b1fa9d3874b48)
2007-10-10 11:10:08 -05:00
Volker Lendecke
301d51e13a r13494: Merge the stuff I've done in head the last days.
Volker
(This used to be commit bb40e544de68f01a6e774753f508e69373b39899)
2007-10-10 11:10:06 -05:00
James Peach
8fbdd112b2 r13482: Push the FAM notification file descriptor into the select
set to avoid unnecessary polling.
(This used to be commit 1dce945ccbba25092cf54890301c8f78f8aede33)
2007-10-10 11:10:05 -05:00
Gerald Carter
75ef18fa75 r13460: by popular demand....
* remove pdb_context data structure
* set default group for DOMAIN_RID_GUEST user as RID 513 (just
  like Windows)
* Allow RID 513 to resolve to always resolve to a name
* Remove auto mapping of guest account primary group given the
  previous 2 changes
(This used to be commit 7a2da5f0cc05c1920c664c9a690a23bdf854e285)
2007-10-10 11:10:04 -05:00
Jeremy Allison
85160e654e r13458: Add parsing functions - but stub internals for lookupnames3 and 4.
Jeremy.
(This used to be commit f1a362580ae37730dc8393a79f832aed5d0ea4be)
2007-10-10 11:10:04 -05:00
Jeremy Allison
785c78b795 r13456: Add lsa_lookup_names2.
Jeremy.
(This used to be commit b57406c89feaf550f6c2d29ef0ed73a935908add)
2007-10-10 11:10:04 -05:00
Jeremy Allison
e22d38bdde r13455: Prepare to add lookupnames2.
Jeremy.
(This used to be commit 2274709587bd1f27bea2eacf633182f20cd07b1e)
2007-10-10 11:10:04 -05:00
Jeremy Allison
acc4a837aa r13449: Ensure we don't crash if no dc struct on pipe.
Jeremy.
(This used to be commit a9e1d0f3b4fd7a0732a5023d0b4dcc2c4b1b03f8)
2007-10-10 11:10:04 -05:00
Jeremy Allison
06cf1e18e5 r13447: Added LSA_LOOKUPSIDS2 and LSA_LOOKUPSIDS3.
Jeremy.
(This used to be commit a164cfab420a2439dad8fd85f8b4d652087fa6b9)
2007-10-10 11:10:03 -05:00
Günther Deschner
72b30eba64 r13444: Add REJECT_REASON_OTHER for samr_chgpasswd_user3
Guenther
(This used to be commit 58baf718be90d750f51cf51a25714fcdcd5679b7)
2007-10-10 11:10:03 -05:00
Günther Deschner
e83c7d0141 r13442: Implement samr_chgpasswd_user3 server-side.
Guenther
(This used to be commit f60eddc0a4dfe623e5f115533a62c03810fd5f38)
2007-10-10 11:10:03 -05:00
Jeremy Allison
e493d32912 r13439: Fix NET_SAM_LOGON_EX.
Jeremy.
(This used to be commit 9437ffc84f4d924ab67f3e16ef507d2aeeeb5f34)
2007-10-10 11:10:02 -05:00
Jeremy Allison
74bc039f1e r13433: Get ready to implement NET_SAM_LOGON_EX.
Jeremy.
(This used to be commit 666b03b4a92800ed704b7f7e4b39f4e01ca47aee)
2007-10-10 11:10:01 -05:00
Jeremy Allison
ad8b47a2ba r13407: Change the credentials code to be more like the Samba4 structure,
makes fixes much easier to port. Fix the size of dc->sess_key to
be 16 bytes, not 8 bytes - only store 8 bytes in the inter-smbd
store in secrets.tdb though. Should fix some uses of the dc->sess_key
where we where assuming we could read 16 bytes.
Jeremy.
(This used to be commit 5b3c2e63c73fee8949108abe19ac7a448a033a7f)
2007-10-10 11:09:59 -05:00