1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
Commit Graph

84413 Commits

Author SHA1 Message Date
Andrew Bartlett
a3054323d3 pymessaging: Use correct unsigned types for server ID tuple elememnts
This is needed if we start using the top bits of these values.

Andrew Bartlett

Reviewed-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-01-26 13:47:35 +01:00
Andrew Bartlett
1d1ea72574 ldb: Ensure to decrement the transaction_active whenever we delete a transaction
This is in the error path for prepare_commit, which rarely fails, but
when it does we need to ensure that when a new transaction is opened,
that it really starts a new transaction.

We bump the version to recognise critical fix for the AD DC

Without this fix, a single invalid inbound replicated link disables
all subsequent replication as we operate without a transaction (which
is refused by ldb_tdb).

Andrew Bartlett

Reviewed-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-01-26 13:42:46 +01:00
Stefan Metzmacher
1ea6fabcde ldb: fix a warning by converting from TDB_DATA to struct ldb_val
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-01-26 13:41:39 +01:00
Jeremy Allison
d79485a566 Regression test for bug #9587 - archive flag is always set on directories.
Ensure we get the correct attributes on files
and directories after a rename.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>

Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Fri Jan 25 13:42:40 CET 2013 on sn-devel-104
2013-01-25 13:42:40 +01:00
Jeremy Allison
3d46a077dd Fix bug #9587 - archive flag is always set on directories.
Creating a directory to a Samba share sets the attributes to 'D' only
(correct) - only when creating a new file should the 'A' attribute
be set.

However, doing a rename of that directory sets the 'A' attribute in error.
This should only be done on a file rename. smbclient regression test to follow.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
2013-01-25 12:01:41 +01:00
Andrew Bartlett
c5db4eb910 bug9598: s4-process_single: Use pid,fd as cluster_id in process_single just like process_prefork
This avoids two different process single servers (say LDAP and the RPC server) sharing the same
server id.

Fix-bug: https://bugzilla.samba.org/show_bug.cgi?id=9598

Reported-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Matthieu Patou <mat@matws.net>
Signed-off-by: Andrew Bartlett <abartlett@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jan 25 12:00:04 CET 2013 on sn-devel-104
2013-01-25 12:00:04 +01:00
Volker Lendecke
da35cd7bd2 Avoid a very small memleak on talloc_tos()
"fname" did leak on talloc_tos(). Not really a bad memleak, but as I
just came across it I thought I might just fix it

Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jan 25 00:54:01 CET 2013 on sn-devel-104
2013-01-25 00:54:01 +01:00
Jeremy Allison
996a10cdea Fix bug #9572 - File corruption during SMB1 read by Mac OSX 10.8.2 clients.
Accept a large read if we told the client we have UNIX extensions
and the client sent a non-zero upper 16-bit size.

Do the non-zero upper 16-bit size check first to save a function
call in what is a hot path.

Signed-off-by: Jeremy Allison <jra@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jan 24 21:01:51 CET 2013 on sn-devel-104
2013-01-24 21:01:51 +01:00
Jeremy Allison
033197958e Revert "s3:smbd: SMB ReadX with size > 0xffff should only possible for samba clients."
Part of fix for bug #9572 -  File corruption during SMB1 read by Mac OSX 10.8.2 clients

This reverts commit f8c26c16b8.

Signed-off-by: Jeremy Allison <jra@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-01-24 19:21:35 +01:00
Günther Deschner
000e6ba14a s4-torture: add some basic tests for PlayGDIScriptOnPrinterIC.
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Jan 24 19:20:52 CET 2013 on sn-devel-104
2013-01-24 19:20:52 +01:00
Günther Deschner
21aa7fe633 s3-rpcclient: add cmd_spoolss_play_gdi_script_on_printer_ic.
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-01-24 17:42:26 +01:00
Günther Deschner
0364658632 spoolss: add UNIVERSAL_FONT_ID_ctr for debugging.
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-01-24 17:42:26 +01:00
Günther Deschner
d99b1ee79c spoolss: Add UNIVERSAL_FONT_ID.
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-01-24 17:42:26 +01:00
Günther Deschner
a270e20b19 spoolss: fill in spoolss_PlayGDIScriptOnPrinterIC IDL.
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-01-24 17:42:26 +01:00
Günther Deschner
aab232cb2e s3-rpcclient: decode OsVersion{Ex} binary blobs when displaying printerdata.
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-01-24 17:42:26 +01:00
Günther Deschner
ce1a9ae8ab s3-spoolss: Make it easier to manipulate the returned OSVersion at runtime.
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-01-24 17:42:25 +01:00
Günther Deschner
11fba10208 spoolss: make spoolss deal with ndr64 StartDocPrinter by using proper container object.
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-01-24 17:42:25 +01:00
Günther Deschner
6bcd3dda28 spoolss: add more spoolss_DriverAttributes values.
The level5 driver does return only one of these flags with a different value,
will get fixed later.

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-01-24 17:42:20 +01:00
Karolin Seeger
875a1721ae docs: ldbsearch.1.xml: Correct meta data.
Signed-off-by: Karolin Seeger <kseeger@samba.org>

Karolin

Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jan 24 16:09:37 CET 2013 on sn-devel-104
2013-01-24 16:09:35 +01:00
Karolin Seeger
99e2a63a0c docs: ldbrename.1.xml: Correct meta data.
Signed-off-by: Karolin Seeger <kseeger@samba.org>

Karolin

Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-01-24 14:29:32 +01:00
Karolin Seeger
25cc400c64 docs: ldbmodify.1.xml: Correct meta data.
Signed-off-by: Karolin Seeger <kseeger@samba.org>

Karolin

Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-01-24 14:29:23 +01:00
Karolin Seeger
f585052d88 docs: ldbedit.1.xml: Correct meta data.
Signed-off-by: Karolin Seeger <kseeger@samba.org>

Karolin

Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-01-24 14:29:01 +01:00
Karolin Seeger
918057bd11 docs: ldbdel.1.xml: Correct meta data.
Signed-off-by: Karolin Seeger <kseeger@samba.org>

Karolin

Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-01-24 14:28:47 +01:00
Karolin Seeger
1d4346d4b7 docs: ldbadd.1.xml: Correct meta data.
Signed-off-by: Karolin Seeger <kseeger@samba.org>

Karolin

Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-01-24 14:28:25 +01:00
Karolin Seeger
7d56b94011 docs: ldb.3.xml: Correct meta data.
Signed-off-by: Karolin Seeger <kseeger@samba.org>

Karolin

Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-01-24 14:27:44 +01:00
Andrew Bartlett
df004b5014 gensec: Allow login without a PAC by default (bug #9581)
The sense of this test was inverted.  We only want to take the ACCESS_DENIED error
if gensec:require_pac=true.

Andrew Bartlett

Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-01-24 14:18:22 +01:00
Jeremy Allison
497febfe36 Fix bug #9586 - smbd[29175]: disk_free: sys_popen() failed" message logged in /var/log/message many times.
Ensure when reading lines from an interruptible
pipe source we ignore EINTR.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Jan 24 10:45:48 CET 2013 on sn-devel-104
2013-01-24 10:45:48 +01:00
Stefan Metzmacher
1915b17d09 dsdb-acl: remove unused variable
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Jan 23 20:04:09 CET 2013 on sn-devel-104
2013-01-23 20:04:09 +01:00
Volker Lendecke
f9868b7ffd smbd: Fix a NULL vs false return error
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-01-23 16:29:30 +01:00
Andreas Schneider
3d1abb9328 waf: Fix pdb_ldap which cannot be built as a module.
The module has two init functions, pdb_ldap_init() and
pdb_ldapsam_init(). As a shared module only one can be found until we
create a symlink.

Reviewed-by: Günther Deschner <gd@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Jan 23 10:51:59 CET 2013 on sn-devel-104
2013-01-23 10:51:59 +01:00
Andreas Schneider
38a52f7125 ldap: Remove obsolete convertSambaAccount script.
We removed ldapsam_compat support which used sambaAccount already some
time ago. See commit 02c239c6d3.

Reviewed-by: Günther Deschner <gd@samba.org>
2013-01-23 09:10:23 +01:00
Andrew Bartlett
988350ccef libcli/auth: fix void function cannot return value error
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jan 22 22:32:31 CET 2013 on sn-devel-104
2013-01-22 22:32:31 +01:00
Günther Deschner
d56b4560b5 s3-winbind: fix the build of idmap_ldap.
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Tue Jan 22 14:43:40 CET 2013 on sn-devel-104
2013-01-22 14:43:40 +01:00
Matthieu Patou
9aca52877a Tests: Fix the display of test vars in screen --testenv
The form bash -c echo "important stuff blabla bla" && LD_LIBARY_PATH bash
is not working in screen when it's working in xterm and the in_screen
script already wrap all the command within a bash shell so there is no
need to re-force bash as the echo will execute in a bash shell

Signed-off-by: Matthieu Patou <mat@matws.net>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Jan 22 13:03:52 CET 2013 on sn-devel-104
2013-01-22 13:03:52 +01:00
Matthieu Patou
b1e231384a libcli-acl: add documentation
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-01-22 21:14:05 +11:00
Matthieu Patou
65396adaad drsuapi: Add documentation
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-01-22 21:14:02 +11:00
Matthieu Patou
d7bbd182b3 drepl-notify: change misleading message
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-01-22 21:13:57 +11:00
Matthieu Patou
0a4a4ba3f6 devel-script: add options for RODC and partial replica for replicate flags
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Jan 22 00:12:17 CET 2013 on sn-devel-104
2013-01-22 00:12:17 +01:00
Matthieu Patou
fa591a6d3c devel-scripts: ask with WRIT_REP by default
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-01-21 22:31:20 +01:00
Matthieu Patou
0755b835cc devel-getncchange: try to find the dest_dsa automatically
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-01-21 22:31:20 +01:00
Matthieu Patou
7822952a11 security: Add documentation
Names seems to be a bit cryptic and misleading (at least for me).
So documenting them should remove at least partially this problem.

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-01-21 22:31:20 +01:00
Matthieu Patou
c0638dae6c libcli-security: Add documentation for object_tree_modify_access
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-01-21 22:31:20 +01:00
Matthieu Patou
3b79774197 dbcheck: look in hasMasterNCs as well for determining the instance type of a NC
Forest of level 2000 don't hve the msDS-hasMasterNCs parameter

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-01-21 22:31:19 +01:00
Matthieu Patou
abc0030f78 dsdb: Fix warning about unused var
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Jan 21 17:51:16 CET 2013 on sn-devel-104
2013-01-21 17:51:16 +01:00
Andrew Bartlett
c52408f461 dsdb: Explain ordering constraints on the ACL module as well.
Andrew Bartlett

Reviewed-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-01-21 16:12:46 +01:00
Andrew Bartlett
8f078cdf24 dsdb: Ensure "authenticated users" is processed for group memberships
This change moves the addition of "Authenticated Users" from the very end of the
token processing to the start.  The reason is that we need to see if
"Authenticated Users" is a member of other builtin groups, just as we
would for any other SID.  This picks up the "Pre-Windows 2000 Compatible Access"
group, which is in turn often used in ACLs on LDAP objects.

Without this change, the eventual token does not contain S-1-5-32-554
and users other than "Administrator" are unable to read uidNumber
(in particular).

Andrew Bartlett

Reviewed-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-01-21 16:12:45 +01:00
Andrew Bartlett
d36c03056f libcli/security: remove useless if (root->num_of_children > 0) statements
The for loop does this implicitly when comparing for (i = 0; i < root->num_of_children; i++)

Andrew Bartlett

Reviewed-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-01-21 16:12:45 +01:00
Stefan Metzmacher
853ecd418a libcli/security: add init_mask to existing children in insert_in_object_tree
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-01-21 16:12:45 +01:00
Andrew Bartlett
5b4e3de2bb libcli/security: handle node initialisation in one spot in insert_in_object_tree()
This removes special-case for initalising the children array in
insert_in_object_tree().  talloc_realloc() handles the intial allocate
case perfectly well, so there is no need to have this duplicated.

This also restores having just one place were the rest of the elements
are intialised, to ensure uniform behaviour.

To do this, we have to rework insert_in_object_tree to have only one
output variable, both because having both root and new_node as output
variables was too confusing, and because otherwise the two pointers
were being allowed to point at the same memory.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-01-21 16:12:45 +01:00
Stefan Metzmacher
a359aef083 libcli/security: avoid usage of dom_sid_parse_talloc() in sec_access_check_ds()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-01-21 16:12:45 +01:00