samba-mirror

mirror of https://github.com/samba-team/samba.git synced 2025-01-13 13:18:06 +03:00

Author	SHA1	Message	Date
Andreas Schneider	95b738badb	s3:spoolss: Add some useful debug messages on error BUG: https://bugzilla.samba.org/show_bug.cgi?id=12415 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-11-20 17:29:08 +01:00
Andreas Schneider	4d9f4bfc69	s3:spoolss: Add support for COPY_FROM_DIRECTORY in AddPrinterDriverEx BUG: https://bugzilla.samba.org/show_bug.cgi?id=12415 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-11-20 17:29:07 +01:00
Volker Lendecke	df9e7c7ae5	lib: Remove global xfile.h includes This makes it more obvious where this legacy code is used Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sun Nov 20 06:23:19 CET 2016 on sn-devel-144	2016-11-20 06:23:19 +01:00
Andreas Schneider	cd9d957adb	s3:spoolss: Improve debug messages in construct_printer_driver Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-11-20 02:28:11 +01:00
Andreas Schneider	f5154f2eb7	s3:spoolss: Return error when there is no driver assigned If you create a new printer in Samba, there is no driver assinged. Detect that early and return the right error code. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-11-20 02:28:11 +01:00
Günther Deschner	17bc1427f0	s3-spoolss: set the defaults for os_version defines globally. Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-11-20 02:28:10 +01:00
Günther Deschner	3fa58844d2	s3-spoolss: also set new os_major,minor,build values in printer info 0 Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-11-20 02:28:10 +01:00
Andreas Schneider	b9d73fb4cb	s3:spoolss: Set default OS Version to Windows Server 2003 R2 SP2 BUG: https://bugzilla.samba.org/show_bug.cgi?id=12416 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-11-20 02:28:10 +01:00
Andreas Schneider	cc081c7831	s3-epmapper: Ignore epm_Map object guid Tests revealed that you can pass random GUIDs to epm_Map and Windows will happily answer the query. Pair-Programmed-With: Guenther Deschner <gd@samba.org> Signed-off-by: Andreas Schneider <asn@samba.org> Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat Nov 12 02:49:23 CET 2016 on sn-devel-144	2016-11-12 02:49:23 +01:00
Andreas Schneider	07505429cc	s3-spoolss: Remove printer from registry if it is unpublished BUG: https://bugzilla.samba.org/show_bug.cgi?id=11665 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Tue Nov 8 18:05:10 CET 2016 on sn-devel-144	2016-11-08 18:05:09 +01:00
Stefan Metzmacher	55b07e1dec	s3:rpc_server: pass the full ndr_interface_table to rpc_pipe_open_internal() Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>	2016-10-26 11:20:18 +02:00
Stefan Metzmacher	3b82d6cc2e	s3:rpc_server: add support for DCERPC_AUTH_LEVEL_PACKET Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>	2016-10-26 11:20:16 +02:00
Stefan Metzmacher	4464896167	dcerpc.idl: split the padding from a possible fault buffer in dcerpc_fault The 4 bytes of padding are always present and part of the header. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>	2016-10-26 11:20:12 +02:00
Volker Lendecke	d7214a8216	spoolss: Fix caching of printername->sharename time_mono() gives seconds since boot, gencache expects seconds since epoch. With time_mono(), the values are always expired immediately. Bug: https://bugzilla.samba.org/show_bug.cgi?id=12374 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Thu Oct 13 13:48:52 CEST 2016 on sn-devel-144	2016-10-13 13:48:52 +02:00
Trever L. Adams	7accec7f78	Update smbrun to allow for settings environment variables. Signed-off-by: Trever L. Adams <trever.adams@gmail.com> Reviewed-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Oct 13 04:26:26 CEST 2016 on sn-devel-144	2016-10-13 04:26:26 +02:00
Günther Deschner	d60f3f0554	werror: removed WERR_UNKNOWN_LEVEL Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-09-28 00:04:35 +02:00
Günther Deschner	5b2ce01b77	werror: replace WERR_UNKNOWN_LEVEL with WERR_INVALID_LEVEL in source3/rpc_server/ Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-09-28 00:04:34 +02:00
Günther Deschner	7186ecac94	werror: replace WERR_DFS_CANT_CREATE_JUNCT with WERR_NERR_DFSCANTCREATEJUNCTIONPOINT in source3/rpc_server/dfs/srv_dfs_nt.c Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-09-28 00:04:30 +02:00
Günther Deschner	8cc1b5bcfa	werror: replace WERR_DFS_INTERNAL_ERROR with WERR_NERR_DFSINTERNALERROR in source3/rpc_server/dfs/srv_dfs_nt.c Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-09-28 00:04:30 +02:00
Günther Deschner	5a375c144a	werror: replace WERR_DFS_NO_SUCH_SERVER with WERR_NERR_DFSNOSUCHSERVER in source3/rpc_server/dfs/srv_dfs_nt.c Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-09-28 00:04:30 +02:00
Günther Deschner	43cdc9de43	werror: replace WERR_DFS_NO_SUCH_SHARE with WERR_NERR_DFSNOSUCHSHARE in source3/rpc_server/dfs/srv_dfs_nt.c Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-09-28 00:04:29 +02:00
Günther Deschner	3634e6d2ef	werror: replace WERR_DFS_NO_SUCH_VOL with WERR_NERR_DFSNOSUCHVOLUME in source3/rpc_server/dfs/srv_dfs_nt.c Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-09-28 00:04:29 +02:00
Günther Deschner	9711b740c3	werror: replace WERR_NET_NAME_NOT_FOUND with WERR_NERR_NETNAMENOTFOUND in source3/rpc_server/srvsvc/srv_srvsvc_nt.c Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-09-28 00:04:27 +02:00
Günther Deschner	93d3468090	werror: replace WERR_SERVER_UNAVAILABLE with WERR_RPC_S_SERVER_UNAVAILABLE in source3/rpc_server/spoolss/srv_spoolss_nt.c Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-09-28 00:04:25 +02:00
Günther Deschner	59c9c35bea	werror: replace WERR_NO_SUCH_SERVICE with WERR_SERVICE_DOES_NOT_EXIST in source3/rpc_server/svcctl/srv_svcctl_nt.c Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-09-28 00:04:24 +02:00
Günther Deschner	7d54fde08f	werror: replace WERR_OBJECT_PATH_INVALID with WERR_BAD_PATHNAME in source3/rpc_server/ Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-09-28 00:04:24 +02:00
Günther Deschner	402bafcbca	werror: replace WERR_INVALID_PARAM with WERR_INVALID_PARAMETER in source3/rpc_server/ Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-09-28 00:04:22 +02:00
Günther Deschner	d5808eb3cf	werror: replace WERR_NO_SUCH_SHARE with WERR_BAD_NET_NAME in source3/rpc_server/srvsvc/srv_srvsvc_nt.c Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-09-28 00:04:22 +02:00
Günther Deschner	d2e36de9af	werror: replace WERR_GENERAL_FAILURE with WERR_GEN_FAILURE in source3/rpc_server/ Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-09-28 00:04:21 +02:00
Günther Deschner	74d3bf1488	werror: replace WERR_NOMEM with WERR_NOT_ENOUGH_MEMORY in source3/rpc_server/ Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-09-28 00:04:19 +02:00
Günther Deschner	4198327897	werror: replace WERR_BADFID with WERR_INVALID_HANDLE in source3/rpc_server/spoolss/ Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-09-28 00:04:18 +02:00
Günther Deschner	3af16e4abd	werror: replace WERR_BADFILE with WERR_FILE_NOT_FOUND in source3/rpc_client/ Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-09-28 00:04:17 +02:00
Günther Deschner	46eace2f9f	werror: replace WERR_BADFUNC with WERR_INVALID_FUNCTION in source3/rpc_server/spoolss/srv_spoolss_nt.c Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-09-28 00:04:16 +02:00
Andreas Schneider	631e063f6b	s3-lib: Do not set an empty string in split_domain_user() The function should also return if it failed or not. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Sun Sep 25 12:56:17 CEST 2016 on sn-devel-144	2016-09-25 12:56:17 +02:00
Jeremy Allison	fbfea52e1c	s3: server: s3_tevent_context_init() -> samba_tevent_context_init() We can now remove source3/lib/events.c Bug: https://bugzilla.samba.org/show_bug.cgi?id=12283 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>	2016-09-24 19:52:08 +02:00
Günther Deschner	4ca831d09c	s3-spoolss: in _spoolss_OpenPrinterEx map max_allowed for the print server TODO: do real access checks against the security descriptor. Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Guenther Deschner <gd@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>	2016-09-22 12:29:27 +02:00
Günther Deschner	52b8b592c2	s3-spoolss: allow SetPrinter level 3 for server handles as well. Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>	2016-09-22 12:29:27 +02:00
Günther Deschner	b9475e88de	s3-spoolss: use server sd stored in the backend in _spoolss_GetPrinter level 3 Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>	2016-09-22 12:29:27 +02:00
Günther Deschner	e207febf15	s3-spoolss: Fix _spoolss_GetPrinter behaviour for server handles. Without this the security tab of the print server properties will be obviously empty and only display a warning. Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>	2016-09-22 12:29:27 +02:00
Günther Deschner	1e4ea50a4c	spoolss: rename spoolss_RpcSendRecvBidiData to spoolss_SendRecvBidiData Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>	2016-09-22 12:29:27 +02:00
Günther Deschner	6476153069	spoolss: rename spoolss_RpcEnumJobNamedProperties to spoolss_EnumJobNamedProperties Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>	2016-09-22 12:29:27 +02:00
Günther Deschner	cdf958824e	spoolss: rename spoolss_RpcDeleteJobNamedProperty to spoolss_DeleteJobNamedProperty Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>	2016-09-22 12:29:27 +02:00
Günther Deschner	17d94d0531	spoolss: rename spoolss_RpcSetJobNamedProperty to spoolss_SetJobNamedProperty Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>	2016-09-22 12:29:26 +02:00
Günther Deschner	d64b316fed	spoolss: rename spoolss_RpcGetJobNamedPropertyValue to spoolss_GetJobNamedPropertyValue Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>	2016-09-22 12:29:26 +02:00
Günther Deschner	23f404b7f5	spoolss: rename spoolss_EnumPrintProcDataTypes to spoolss_EnumPrintProcessorDataTypes This change makes automatic mapping for PAR->RPRN opcodes easier. Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>	2016-09-22 12:29:26 +02:00
Günther Deschner	d6d7871bde	s3-spoolss: avoid referencing p->opnum in _spoolss_AddPrinterDriverEx When called by another protocol, this call would fail when called with an unexpected opnum... This change is in preparation for supporting MS-PAR. Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-09-11 19:57:26 +02:00
Günther Deschner	24b5a44c7d	s3-spoolss: add missing newline in debug message of _spoolss_OpenPrinterEx. Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-09-11 19:57:25 +02:00
Günther Deschner	0d2dd7eb9b	spoolss: add IDL for spoolss_LogJobInfoForBranchOffice. Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-09-11 19:57:25 +02:00
Günther Deschner	d8b57e3828	s3-spoolss: fix _spoolss_GetPrinterDataEx by moving the keyname lengthcheck. Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Wed Sep 7 03:00:14 CEST 2016 on sn-devel-144	2016-09-07 03:00:14 +02:00
Ralph Boehme	58889e04bd	s3/rpc_server: shared rpc modules directory may not exist A shared rpc modules directory may not exist if all RPC modules are built static. Bug: https://bugzilla.samba.org/show_bug.cgi?id=12184 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-08-30 05:27:12 +02:00
Volker Lendecke	f9da0dda3f	rpc_server: Fix a typo Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>	2016-08-24 18:01:14 +02:00
Andreas Schneider	4a2d911a0b	s3-spoolss: Support for adding printer drivers with info level 8 We already supported getting driver info level 8 but not adding it. This allows adding printer drivers with level. So several fields where emtpy. Microsoft released a security update for Windows print spooler components which requires support for driver info level 8 now. This is needed to find out if a driver is PACKAGE_AWARE or not. Pair-Programmed-With: Guenther Deschner <gd@samba.org> Signed-off-by: Andreas Schneider <asn@samba.org> Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-08-23 01:06:25 +02:00
Günther Deschner	2d4107f9e1	librpc: fix IDL for spoolss_GetPrinterDriverPackagePath() Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-08-23 01:06:24 +02:00
Günther Deschner	bb8267ce49	librpc: fix spoolss_GetCorePrinterDrivers IDL. Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-08-23 01:06:24 +02:00
Volker Lendecke	eb6e32046d	fss_agent: Fix a signed/unsigned mixup Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>	2016-07-28 05:00:19 +02:00
Volker Lendecke	f396449e7a	lib: Move "message_send_all" to serverid.c Trying to trim down messages.c a bit: Sending to all processes that are registered in serverid.tdb and filtering to me is not really logic of general messaging but more of the serverid code. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>	2016-07-28 05:00:19 +02:00
Michael Adam	84992e31e1	rpc_server: add mssing '#pragma GCC diagnostic push' for completeness for later pop. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Ira Cooper <ira@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Thu Jul 14 02:02:33 CEST 2016 on sn-devel-144	2016-07-14 02:02:33 +02:00
Ralph Boehme	6efd0af5e8	s3-rpc_server/mdssd: use smbd_reinit_after_fork() Using smbd_reinit_after_fork() rather then reinit_after_fork() ensures am_parent is reset to NULL. Otherwise, when exiting for some reason, the inherited atexit handler killkids() calls kill(0,SIGTERM) terminating our whole process group including the main smbd. Bug: https://bugzilla.samba.org/show_bug.cgi?id=12016 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Mon Jul 11 02:02:33 CEST 2016 on sn-devel-144	2016-07-11 02:02:31 +02:00
Stefan Metzmacher	d491c6c496	s3:rpc_client: remove unused rpc_pipe_client->max_recv_frag Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>	2016-06-24 14:09:01 +02:00
Stefan Metzmacher	86dbdce378	s3:rpc_server/samr: simplify the logic in get_user_info_18() We only allow SetUserInformation(level=18) via NCALRPC. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Thu May 12 14:02:27 CEST 2016 on sn-devel-144	2016-05-12 14:02:27 +02:00
Volker Lendecke	93b982faad	lib: Give base64.c its own .h Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-05-04 01:28:23 +02:00
Volker Lendecke	cf5a81013d	lib: Make callers of base64_encode_data_blob check for success Quite a few callers already did check for !=NULL. With the current code this is pointless due to a SMB_ASSERT in base64_encode_data_blob() itself. Make the callers consistently check, so that we can remove SMB_ASSERT from base64.c. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-05-04 01:28:23 +02:00
Ralph Boehme	3e3e72ff9b	s3/rpc_server: mdssvc: suppress compiler warnings from glib headers Several glib headers produce cast-qual warnings, eg: /usr/include/glib-2.0/gio/gliststore.h: In function ‘G_LIST_STORE’: /usr/include/glib-2.0/gio/gliststore.h:36:382: error: cast discards ‘const’ qualifier from pointer target type [-Werror=cast-qual] /usr/include/glib-2.0/gio/gliststore.h: In function ‘G_IS_LIST_STORE’: /usr/include/glib-2.0/gio/gliststore.h:36:550: error: cast discards ‘const’ qualifier from pointer target type [-Werror=cast-qual] cc1: all warnings being treated as errors This break compiling with --picky-developer, so lets suppress the warning for glibs in order to see our own --picky-developer compiler diagnostics. Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Tue Apr 26 04:44:44 CEST 2016 on sn-devel-144	2016-04-26 04:44:44 +02:00
Stefan Metzmacher	65d9ab0540	CVE-2015-5370: s3:rpc_server: verify auth_context_id in api_pipe_{bind_auth3,alter_context} BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>	2016-04-12 19:25:32 +02:00
Stefan Metzmacher	1c0f927a4e	CVE-2015-5370: s3:rpc_server: make use of pipe_auth_data->auth_context_id This is better than using hardcoded values. We need to use the value the client used in the BIND request. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>	2016-04-12 19:25:32 +02:00
Stefan Metzmacher	dc91d35257	CVE-2015-5370: s3:rpc_server: don't allow an existing context to be changed in check_bind_req() An alter context can't change the syntax of an existing context, a new context_id will be used for that. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>	2016-04-12 19:25:32 +02:00
Stefan Metzmacher	3fdc4de983	CVE-2015-5370: s3:rpc_server: check the transfer syntax in check_bind_req() first BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>	2016-04-12 19:25:32 +02:00
Stefan Metzmacher	28661caa9f	CVE-2015-5370: s3:rpc_server: use DCERPC_NCA_S_PROTO_ERROR FAULTs for protocol errors BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>	2016-04-12 19:25:32 +02:00
Stefan Metzmacher	6c9a2d3894	CVE-2015-5370: s3:rpc_server: let a failing BIND mark the connection as broken BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>	2016-04-12 19:25:32 +02:00
Stefan Metzmacher	cd1c7d227f	CVE-2015-5370: s3:rpc_server: disconnect the connection after a fatal FAULT pdu BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>	2016-04-12 19:25:32 +02:00
Stefan Metzmacher	a18a811ce4	CVE-2015-5370: s3:rpc_server: make use of dcerpc_verify_ncacn_packet_header() to verify incoming pdus BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>	2016-04-12 19:25:32 +02:00
Stefan Metzmacher	ab29002ddc	CVE-2015-5370: s3:rpc_server: verify presentation context arrays BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>	2016-04-12 19:25:31 +02:00
Stefan Metzmacher	e4fa243aa3	CVE-2015-5370: s3:rpc_server: use 'alter' instead of 'bind' for variables in api_pipe_alter_context() BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>	2016-04-12 19:25:31 +02:00
Jeremy Allison	f74c4c8335	CVE-2015-5370: s3:rpc_server: ensure that the message ordering doesn't violate the spec The first pdu is always a BIND. REQUEST pdus are only allowed once the authentication is finished. A simple anonymous authentication is finished after the BIND. Real authentication may need additional ALTER or AUTH3 exchanges. Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344 Signed-off-by: Jeremy Allison <jra@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>	2016-04-12 19:25:31 +02:00
Stefan Metzmacher	302d927ac2	CVE-2015-5370: s3:rpc_server: make sure auth_level isn't changed by alter_context or auth3 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>	2016-04-12 19:25:31 +02:00
Stefan Metzmacher	46436d01da	CVE-2015-5370: s3:rpc_server: let a failing auth3 mark the authentication as invalid BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>	2016-04-12 19:25:31 +02:00
Stefan Metzmacher	f8aa62d697	CVE-2015-5370: s3:rpc_server: don't allow auth3 if the authentication was already finished BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>	2016-04-12 19:25:31 +02:00
Stefan Metzmacher	b4e38e29e8	CVE-2015-5370: s3:rpc_server: don't ignore failures of dcerpc_push_ncacn_packet() BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>	2016-04-12 19:25:31 +02:00
Stefan Metzmacher	84027af3ab	CVE-2015-5370: s3:rpc_server: just call pipe_auth_generic_bind() in api_pipe_bind_req() pipe_auth_generic_bind() does all the required checks already and an explicit DCERPC_AUTH_TYPE_NONE is not supported. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>	2016-04-12 19:25:31 +02:00
Stefan Metzmacher	ca96d57816	CVE-2015-5370: s3:rpc_server: let a failing sec_verification_trailer mark the connection as broken BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344 Signed-off-by: Stefan Metzmacher <metze@samba.org>	2016-04-12 19:25:31 +02:00
Stefan Metzmacher	3f02e04221	CVE-2015-5370: s3:rpc_server: make use of dcerpc_pull_auth_trailer() in api_pipe_{bind_req,alter_context,bind_auth3}() BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>	2016-04-12 19:25:31 +02:00
Stefan Metzmacher	642fe0aa16	CVE-2015-5370: s3:librpc/rpc: remove auth trailer and possible padding within dcerpc_check_auth() This simplifies the callers a lot. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>	2016-04-12 19:25:31 +02:00
Stefan Metzmacher	14e5f9a25e	CVE-2016-2118: s3:rpc_server/samr: allow _samr_ValidatePassword only with PRIVACY... This requires transport encryption. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11616 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>	2016-04-12 19:25:28 +02:00
Stefan Metzmacher	339e306672	CVE-2016-2118: s3:rpc_server/{epmapper,echo}: allow DCERPC_AUTH_LEVEL_CONNECT by default BUG: https://bugzilla.samba.org/show_bug.cgi?id=11616 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>	2016-04-12 19:25:28 +02:00
Stefan Metzmacher	41bccb5ae5	CVE-2016-2118: s3:rpc_server/{samr,lsa,netlogon}: reject DCERPC_AUTH_LEVEL_CONNECT by default This prevents man in the middle downgrade attacks. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11616 Pair-Programmed-With: Günther Deschner <gd@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org>	2016-04-12 19:25:28 +02:00
Stefan Metzmacher	7fab11e2eb	CVE-2016-2118: s3:rpc_server: make use of "allow dcerpc auth level connect" With this option turned off we only allow DCERPC_AUTH_LEVEL_{NONE,INTEGRITY,PRIVACY}, this means the reject any request with AUTH_LEVEL_CONNECT with ACCESS_DENIED. We sadly need to keep this enabled by default for now. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11616 Pair-Programmed-With: Günther Deschner <gd@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org>	2016-04-12 19:25:27 +02:00
Stefan Metzmacher	93e3f25d42	CVE-2016-2111: s3:rpc_server/netlogon: check NTLMv2_RESPONSE values for SEC_CHAN_WKSTA This prevents spoofing like Microsoft's CVE-2015-0005. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11749 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>	2016-04-12 19:25:24 +02:00
Stefan Metzmacher	9ed11972d2	CVE-2016-2111: s3:rpc_server/netlogon: require DCERPC_AUTH_LEVEL_PRIVACY for validation level 6 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11749 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>	2016-04-12 19:25:23 +02:00
Günther Deschner	d4a64baf91	CVE-2016-2111: s3:rpc_server/netlogon: always go through netr_creds_server_step_check() The ensures we apply the "server schannel = yes" restrictions. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11749 Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Guenther Deschner <gd@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>	2016-04-12 19:25:23 +02:00
Jeremy Allison	dc5dad4813	s3: Filenames: Add uint32_t flags parameter to synthetic_smb_fname(). Get it from parent/deriving smb_filename if present. Use 0 (as usually this a Windows-style lookup) if not. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org>	2016-03-24 22:57:16 +01:00
Douglas Bagnall	7b92b84415	mdssvc/sparql_parser.c: use HAVE___ATTRIBUTE__ instead of __GNUC__ Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org>	2016-03-24 15:13:15 +01:00
Stefan Metzmacher	0906d61bb2	s3:rpc_server/samr: correctly handle session_extract_session_key() failures Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>	2016-03-22 15:50:15 +01:00
Ralph Boehme	3563d79a8c	s3:mdssvc: older glib2 versions require g_type_init() Older glib2 versions will crash if g_type_init is not called: (process:6712): GLib-GObject-CRITICAL **: ... ./gobject/gtype.c:2722: You forgot to call g_type_init() Bug: https://bugzilla.samba.org/show_bug.cgi?id=11801 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Mar 18 03:52:55 CET 2016 on sn-devel-144	2016-03-18 03:52:55 +01:00
Aurelien Aptel	85e414aefc	s3/rpc_server/srvsvc/srv_srvsvc_nt.c: change snum to signed int snum is used to store the result of the find_service() call which returns a signed int, with -1 being an error. with an uint32_t the error check (< 0) is always false. Signed-off-by: Aurelien Aptel <aaptel@suse.com> Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-03-04 21:24:14 +01:00
Alberto Maria Fiaschi	5036a0922b	access based share enum: handle permission set in configuration files change function is_enumeration_allowed to check permissions set by fields: valid users, invalid users, only user. BUG: https://bugzilla.samba.org/show_bug.cgi?id=8093 Signed-off-by: Alberto Maria Fiaschi <alberto.fiaschi@estar.toscana.it> Reviewed-by: Uri Simchoni <uri@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>	2016-03-02 20:39:24 +01:00
Volker Lendecke	8338fe6ac8	lib: Remove sys_waitpid We have waitpid in libreplace Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>	2016-02-23 22:03:16 +01:00
Ralph Boehme	6018a7756f	s3:rpc_server: make it possible to build mdssvc as a shared module Allow building mdssvc RPC service as shared module: --with-shared-modules=rpc_mdssvc_module The default is to build it static. Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Ralph Böhme <slow@samba.org> Autobuild-Date(master): Sun Feb 21 22:28:41 CET 2016 on sn-devel-144	2016-02-21 22:28:41 +01:00
Ralph Boehme	593abe5f6b	s3:rpc_server: allow building RPC services as shared modules This is the general RPC subsystem change, existing modules must be tweaked to support being loaded as a module. The next commit shows how to do this for the Spotlight RPC service. The general syntax is: --with-shared-modules=rpc_NAME_module Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>	2016-02-21 19:21:17 +01:00
Michael Adam	476672b647	dlist: remove unneeded type argument from DLIST_ADD_END() Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-02-06 21:48:17 +01:00
Jeremy Allison	52bae7927c	s3: smbd: Remove lp_posix_pathnames() checks on paths sent in via old Win9X RPC calls. No unix client makes these. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE>	2015-12-23 18:23:17 +01:00
Jeremy Allison	4ce5de5fd9	s3: smbd: In srv_srvsvc_nt.c, add in UCF_POSIX_PATHNAMES to the ucf_flags if lp_posix_pathnames() requested. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Boehme <rb@sernet.de>	2015-12-23 03:31:10 +01:00
Jeremy Allison	5d03e7550b	s3: smbd: In srv_srvsvc_nt.c Use ucf_flags variable instead of passing as parameter. This will allow us to move lp_posix_pathnames() out of unix_convert() later. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Boehme <rb@sernet.de>	2015-12-23 03:31:10 +01:00
Mathieu Parent	c315fce17e	Fix various spelling errors Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri Nov 6 13:43:45 CET 2015 on sn-devel-104	2015-11-06 13:43:45 +01:00
Volker Lendecke	bcc1521662	fssd: Remove reference to procid_self() Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>	2015-10-19 12:09:10 +02:00
Volker Lendecke	258ce91f31	lib: Move sys_rw* to lib/util genrand.c will require it soon Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2015-10-13 01:23:07 +02:00
Ralph Boehme	cd0c2a5eca	s3:smbstatus: add stream name to share_entry_forall() Add stream name argument to share_entry_forall machinery so smbstatus can print the stream name of a file. Bug: https://bugzilla.samba.org/show_bug.cgi?id=11550 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2015-10-12 22:13:19 +02:00
Christof Schmitt	96c48b3c06	s3: Move call to prctl_set_comment to reinit_after_fork This save a few lines of code. Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>	2015-09-24 08:00:16 +02:00
Garming Sam	88b27ebcc9	spoolss: handle SetPrinter for info level 4 BUG: https://bugzilla.samba.org/show_bug.cgi?id=10770 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Sep 1 03:33:13 CEST 2015 on sn-devel-104	2015-09-01 03:33:13 +02:00
Uri Simchoni	42468bcb40	fssd: include config.h before any glibc headers config.h may have some flags which affect glibc behavior, e.g. _FILE_OFFSET_BITS=64. To make sure these flags have the desired effect, config.h must be included before any glibc header files. This commit does not fix a specific known bug. It changes the code to comply with coding conventions. Signed-off-by: Uri Simchoni <urisimchoni@gmail.com> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: "Stefan Metzmacher" <metze@samba.org>	2015-07-17 01:38:16 +02:00
Volker Lendecke	fdea2febee	rpc_server: Fix CID 1311342 Null pointer dereferences (REVERSE_INULL) elem was dereferenced already a few lines above Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> Autobuild-User(master): Ralph Böhme <slow@samba.org> Autobuild-Date(master): Fri Jul 10 01:01:36 CEST 2015 on sn-devel-104	2015-07-10 01:01:36 +02:00
Volker Lendecke	fc372110c2	rpc_server: Fix CID 1311341 Integer handling issues (OVERFLOW_BEFORE_WIDEN) Quoting the full message: Potentially overflowing expression "total_octets * 8U" with type "unsigned int" (32 bits, unsigned) is evaluated using 32-bit arithmetic, and then used in a context that expects an expression of type "uint64_t" (64 bits, unsigned). Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>	2015-07-09 21:59:20 +02:00
Volker Lendecke	3387969a1f	rpc_server: Fix CID 1311340 Null pointer dereferences (NULL_RETURNS) In practice this might not be relevant, but better be safe. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>	2015-07-09 21:59:20 +02:00
Volker Lendecke	a7c215548a	rpc_server: Fix CID 1311339 Error handling issues (CHECKED_RETURN) Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>	2015-07-09 21:59:20 +02:00
Volker Lendecke	ea55b1350b	dalloc: Fix CID 1097369 API usage errors (VARARGS) Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>	2015-07-09 21:59:20 +02:00
Volker Lendecke	784b6a79b8	dalloc: Fix a typo Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>	2015-07-09 21:59:20 +02:00
Ralph Boehme	480cc511ff	s3-mdssvc: add mdssd RPC service daemon for mdssvc Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>	2015-07-07 17:34:28 +02:00
Ralph Boehme	4b0ee5d209	s3-mdssvc: lexer and parser for Spotlight queries Add a lexer and parser for translating Spotlight query strings to SPARQL. Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>	2015-07-07 17:34:28 +02:00
Ralph Boehme	c2c5621380	s3-mdssvc: main Spotlight code Implement all Spotlight RPC commands with the Tracker SPARQL async query API. Tracker uses glib for implemeting async tasks, we thus have to use a glib mainloop for processing sheduled tasks in threads. Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>	2015-07-07 17:34:28 +02:00
Ralph Boehme	0de03ce4a4	s3-mdssvc: Spotlight attribute mappings Add mappings for metadata attribute between Spotlight and NEPOMUK for use with Tracker. Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>	2015-07-07 17:34:28 +02:00
Ralph Boehme	5d4eceae15	s3-mdssvc: (un)marshalling Spotlight RPC blob Add code for marshalling and unmarshalling Spotlight RPC blobs from/into a dalloc object store. Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>	2015-07-07 17:34:28 +02:00
Ralph Boehme	222e863d4e	s3-mdssvc: dalloc: dynamic object store based on talloc dalloc is a hack with a bizarre API, but it does its job: it's a simple object store that allows for storing simple and complex data types. We'll use it for storing Spotlight query data. Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>	2015-07-07 17:34:28 +02:00
Ralph Boehme	63dd793cde	s3-mdssvc: add Spotlight RPC stubs 'mdssvc' aka 'Metadata Search Service' is an RPC service used by Apple for passing marshalled Spotlight search queries and results between client to server. Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>	2015-07-07 17:34:28 +02:00
Stefan Metzmacher	a6a6795826	s3:rpc_server: remove pad handling from api_pipe_alter_context() This is not needed and windows doesn't use it. The padding is for the payload in request and response. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11061 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2015-06-23 14:38:53 +02:00
Stefan Metzmacher	b2e042ad96	s3:librpc/rpc: fix padding calculation in dcerpc_guess_sizes() The padding needs to be relative to the payload start not to the pdu start. We also need align the padding to DCERPC_AUTH_PAD_ALIGNMENT (16 bytes). BUG: https://bugzilla.samba.org/show_bug.cgi?id=11061 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2015-06-23 14:38:53 +02:00
Günther Deschner	4234cbb694	s3-rpc_server: Fix inteface typo. Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Reviewed-by: Ira Cooper <ira@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Jun 4 03:51:29 CEST 2015 on sn-devel-104	2015-06-04 03:51:29 +02:00
Richard Sharpe	0dde2106bb	Covert all uint32/16/8 to _t in source3/rpc_server. This can be committed regardless of the state of the PIDL changes. Signed-off-by: Richard Sharpe <rsharpe@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2015-05-15 19:31:24 +02:00
Richard Sharpe	a685404dce	Convert all uses of uint32/16/8 to _t in source3/rpc_server. Signed-off-by: Richard Sharpe <rsharpe@gmail.com> Reviewed-by: Jeremy Allison <jra@samba.org>	2015-05-12 01:32:12 +02:00
Volker Lendecke	e241b739fb	Fix a few printf format errors Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2015-05-07 20:20:19 +02:00
Günther Deschner	316ace66d0	s3-rpc_server: fix rpc_create_tcpip_sockets() processing of interfaces. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11245 We were supplying an empty value for the "host" binding string option, causing dcerpc_binding_vector_add_port() call to fail. Guenther Signed-off-by: Günther Deschner <gd@samba.org> Pair-Programmed-With: Alexander Bokovoy <ab@samba.org> Signed-off-by: Günther Deschner <gd@samba.org> Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Thu Apr 30 15:14:27 CEST 2015 on sn-devel-104	2015-04-30 15:14:27 +02:00
Ralph Boehme	9e7cf87a30	s3:smbd: use smbd_reinit_after_fork Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2015-04-22 23:00:20 +02:00
Michael Adam	e197ddcfa6	s3:lsasd: use lp_load() wrapper lp_load_global() Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Ira Cooper <ira@samba.org>	2015-04-22 13:57:29 +02:00
Anoop C S	76ba7f93b4	rpc_server/srvsvc: Fix CID 241162 Logically dead code Signed-off-by: Anoop C S <achiraya@redhat.com> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Christof Schmitt <cs@samba.org>	2015-04-17 22:56:11 +02:00
David Disseldorp	a65e22c6bd	spoolss: cache_key handle allocation failures early On cache_key allocation failure, set_printer_hnd_name() currently stumbles through the rest of the function, and includes extra logic to handle a NULL key later on. Handling the allocation failure early makes sense, and also allows for the NULL key checks to be removed. Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Wed Apr 15 18:55:50 CEST 2015 on sn-devel-104	2015-04-15 18:55:50 +02:00
David Disseldorp	a97507a9a7	spoolss: purge the printer name cache on name change Currently the name cache is only cleared on printer deletion. This means that if a printer undergoes a name change, the old name remains in the cache and can be subsequently used incorrecly if another printer takes the same name as the old. Bug: https://bugzilla.samba.org/show_bug.cgi?id=11210 Reported-by: Franz Pförtsch <franz.pfoertsch@brose.com> Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Apr 14 05:37:50 CEST 2015 on sn-devel-104	2015-04-14 05:37:50 +02:00
Volker Lendecke	e66e06b602	fss: Fix CID 1293354 Wrong operator used Not used right now, but prevent future confusion. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org> Autobuild-User(master): David Disseldorp <ddiss@samba.org> Autobuild-Date(master): Wed Apr 8 19:36:36 CEST 2015 on sn-devel-104	2015-04-08 19:36:36 +02:00
Noel Power	7a38f148ac	fsrvp: prune shadow copies if associated path doesn't exist This patch implements some simple FSRVP server housekeeping. On startup the server scans the cached entries, any entries where the underlying system paths associated with shadow copies no longer exist are removed from the cache and from the registry. This behaviour is disabled by default, but can be enabled via the new "fss: prune stale" smb.conf parameter. Signed-off-by: Noel Power <noel.power@suse.com> Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2015-03-31 18:40:25 +02:00
David Disseldorp	b6e034069f	fsrvp: add remote snapshot RPC server The Samba fss_agent RPC server is an implementation of the File Server Remote VSS (Volume Shadow Copy Service) Protocol, or FSRVP for short. FSRVP is new with Windows Server 2012, and allows authenticated clients to remotely request the creation, exposure and deletion of share snapshots. The fss_agent RPC server processes requests on the FssAgentRpc named pipe, and dispatches relevant snapshot creation and deletion requests through to the VFS. The registry smb.conf back-end is used to expose snapshot shares, with configuration parameters and share ACLs cloned from the base share. There are three FSRVP client implementations that I'm aware of: - Samba rpcclient includes fss_X commands. - Windows Server 2012 includes diskshadow.exe. - System Center 2012. FSRVP operations are only processed for users with: - Built-in Administrators group membership, or - Built-in Backup Operators group membership, or - Backup Operator privileges, or - Security token matches the initial process UID MS-FSRVP specifies that server state should be stored persistently during operation and retrieved on startup. Use the existing fss_srv.tdb FSRVP state storage back-end to satisfy this requirement. Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2015-03-31 18:40:25 +02:00
David Disseldorp	9c8ae4454c	fsrvp: add server state storage back-end MS-FSRVP specifies: the server MUST persist all state information into an implementation- specific configuration store. This change adds a fss_srv TDB database to preserve FSRVP server state, with the following keys used to track shadow copy state and hierarchy: - sc_set/<shadow copy set GUID> A shadow copy set tracks a collection of zero or more shadow copies, as initiated by a StartShadowCopySet FSRVP client request. - sc_set/<shadow copy set GUID>/sc/<shadow copy GUID> A shadow copy defines information about a snapshot base volume, the snapshot path, and a collection of share maps. It is initiated by an AddToShadowCopySet client request. - sc_set/<shadow copy set GUID>/sc/<shadow copy GUID>/smap/<smap GUID> A share map tracks new shares that are created to expose shadow copies. All structures are marshalled into on-disk format using the previously added fsrvp_state IDL library. Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2015-03-31 18:40:24 +02:00
Stefan Metzmacher	df13bf7b05	s3:rpc_server/lsa: we need to normalize the trustAuth* blobs before storing them The number of current and previous elements need to match and we have to fill TRUST_AUTH_TYPE_NONE if needed. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>	2015-03-30 13:41:25 +02:00
Stefan Metzmacher	038659dcbb	s3:rpc_server/netlogon: improve the netr_LogonControl*() error returns Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>	2015-03-27 01:26:15 +01:00
Stefan Metzmacher	ea2ff2c7ff	s3:rpc_server/wscript_build: remove allow_warnings=True from RPC_SPOOLSS Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2015-03-20 20:43:11 +01:00
Stefan Metzmacher	821f2c77b8	s3:rpc_server/spoolss: make use of SPOOLSS_JOB_CONTROL_NOOP Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2015-03-20 20:43:11 +01:00
Stefan Metzmacher	f0a6935b1e	s3:rpc_server/lsa: only return collision_info if filled in lsaRSetForestTrustInformation() If there're no collisions we should not fill the collision_info pointer. Otherwise Windows fails to create a forest trust. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Thu Mar 12 19:49:33 CET 2015 on sn-devel-104	2015-03-12 19:49:33 +01:00
Stefan Metzmacher	080db5f60a	lsa.idl: improve idl for lsa_ForestTrustRecord The meaning of lsa_ForestTrustRecordFlags is based lsa_ForestTrustRecordType, but the type is not always available so it's not possible to use an union. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>	2015-03-12 17:13:44 +01:00
Günther Deschner	a0700dd275	netlogon.idl: netr_ServerPasswordGet returns NTSTATUS not WERROR. Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>	2015-03-12 17:13:43 +01:00
Volker Lendecke	15a702accf	rpc_server: Fix CID 1273433 Unused value Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Mar 4 23:29:01 CET 2015 on sn-devel-104	2015-03-04 23:29:01 +01:00
Volker Lendecke	40a317f092	rpc_server: Fix CID 1035535 Uninitialized scalar variable I believe this can't happen, but better be safe than sorry Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org> Autobuild-User(master): David Disseldorp <ddiss@samba.org> Autobuild-Date(master): Wed Mar 4 17:14:53 CET 2015 on sn-devel-104	2015-03-04 17:14:53 +01:00
Volker Lendecke	8f7bdc8194	rpc_server: Fix CID 1035534 Uninitialized scalar variable I believe this can't happen, but better be safe than sorry Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>	2015-03-04 14:46:08 +01:00
Andreas Schneider	bb41484509	s3-netlogon: Make sure we do not deference a NULL pointer. This is an additional patch for CVE-2015-0240. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11077#c32 Pair-Programmed-With: Michael Adam <obnox@samba.org> Pair-Programmed-With: Andreas Schneider <asn@samba.org> Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>	2015-02-23 17:33:07 +01:00
Jeremy Allison	28f10a89e6	CVE-2015-0240: s3: netlogon: Ensure we don't call talloc_free on an uninitialized pointer. Bug: https://bugzilla.samba.org/show_bug.cgi?id=11077 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>	2015-02-23 17:33:07 +01:00

1 2 3 4 5 ...

4592 Commits