1
0
mirror of https://github.com/samba-team/samba.git synced 2025-07-23 20:59:10 +03:00
Commit Graph

87 Commits

Author SHA1 Message Date
994694f7f2 r6149: Fixes bugs #2498 and 2484.
1. using smbc_getxattr() et al, one may now request all access control
   entities in the ACL without getting all other NT attributes.
2. added the ability to exclude specified attributes from the result set
   provided by smbc_getxattr() et al, when requesting all attributes,
   all NT attributes, or all DOS attributes.
3. eliminated all compiler warnings, including when --enable-developer
   compiler flags are in use.  removed -Wcast-qual flag from list, as that
   is specifically to force warnings in the case of casting away qualifiers.

Note: In the process of eliminating compiler warnings, a few nasties were
      discovered.  In the file libads/sasl.c, PRIVATE kerberos interfaces
      are being used; and in libsmb/clikrb5.c, both PRIAVE and DEPRECATED
      kerberos interfaces are being used.  Someone who knows kerberos
      should look at these and determine if there is an alternate method
      of accomplishing the task.
2007-10-10 10:56:24 -05:00
5b19ede88e r6127: Eliminated all compiler warnings pertaining to mismatched "qualifiers". The
whole of samba comiles warning-free with the default compiler flags.

Temporarily defined -Wall to locate other potential problems.  Found an
unused static function (#ifdefed out rather than deleted, in case it's
needed for something in progress).

There are also a number of uses of undeclared functions, mostly krb5_*.
Files with these problems need to have appropriate header files included,
but they are not fixed in this update.

oplock_linux.c.c has undefined functions capget() and capset(), which need
to have "#undef _POSIX_SOURCE" specified before including <sys/capability.h>,
but that could potentially have other side effects, so that remains uncorrected
as well.

The flag -Wall should be added permanently to CFLAGS, and all warnings then
generated should be eliminated.
2007-10-10 10:56:24 -05:00
77734120d3 r5955: BUG 2517: use the realm from smb.conf for 'net ads info' when 'disable netbios = yes' 2007-10-10 10:56:11 -05:00
620f2e608f r4088: Get medieval on our ass about malloc.... :-). Take control of all our allocation
functions so we can funnel through some well known functions. Should help greatly with
malloc checking.
HEAD patch to follow.
Jeremy.
2007-10-10 10:53:32 -05:00
b356a8fdc5 r3492: Fixes from testing kerberos salted principal fix.
Jeremy.
2007-10-10 10:53:07 -05:00
0f3f7b035b r3273: Ensure we're consistent in the use of strchr_m for '@'.
Jeremy.
2007-10-10 10:53:03 -05:00
7f161702fa r2835: Since we always have -I. and -I$(srcdir) in CFLAGS, we can get rid of
'..' from all #include preprocessor commands.   This fixes bugzilla #1880
where OpenVMS gets confused about the '.' characters.
2007-10-10 10:52:55 -05:00
8836621694 r2832: Readd WKGUID-binding to match the correct default-locations of new
User-, Group- and Machine-Accounts in Active Directory (this got lost
during the last trunk-merge).

This way we match e.g. default containers moved by redircmp.exe and
redirusr.exe in Windows 2003 and don't blindly default to cn=Users or
cn=Computers.

Further wkguids can be examied via "net ads search wellknownobjects=*".
This should still keep a samba3-client joining a samba4 dc. Fixes
Bugzilla #1343.

Guenther
2007-10-10 10:52:54 -05:00
4886d6663d r2746: Fix typos in net's usage-output.
Guenther
2007-10-10 10:52:50 -05:00
edb4e940b4 r1750: This patch allows net ads lookup to rely on command line arguments if contacting an ADS server fails. This allows net ads lookup to work with clapd (very useful for testing).
from aliguori@us.ibm.com
2007-10-10 10:52:20 -05:00
837f56ec8b r1399: applying heimdal krb5 fixes from Guenther and fixing compile warnings in libadskerberos_keyatb.c 2007-10-10 10:52:10 -05:00
464d2e9048 r1240: Ensure we don't shadow Heimdal globals.
Jeremy.
2007-10-10 10:52:02 -05:00
ad440213aa r1222: Valgrind memory leak fixes. Still tracking down a strange one...
Can't fix the krb5 memory leaks inside that library :-(.
Jeremy.
2007-10-10 10:52:00 -05:00
286f4c809c r1221: Added the last of the system keytab patch from "Dan Perry" <dperry@pppl.gov>,
fixed valgrind detected mem corruption in libads/kerberos_keytab.c.
Jeremy.
2007-10-10 10:52:00 -05:00
cc9765ce97 Use possessive in message asking for user's password. -
d7b6298b9e fixing compile problems due to my recent ads.h changes -
e6b4b956f6 Collecting some minor patches...
This adds the ability to specify the new user password for 'net ads password'
on the command line. As this needs the admin password on the command line, the
information leak is minimally more.

Patch from gd@suse.de

Volker
-
94860687c5 Get rid of a const warning
Volker
-
8ef7ac22ef Fix bug 451. Stop net -P from prompting for machine account password.
Based on work by Ken Cross (kcross@nssolutions.com).
-
3913e43724 fixes for ads domain membership when only the realm is defined in
smb.conf

Fixes to ensure we work with disable netbios = yes
-
b1763ace4e Check in Andrew's fix for bug #305 (always use lp_realm() )
Also make sure thet ads_startup uses lp_realm instead of
just relying on the workgroup name.  Fixes bug in net ads join
when the workgroup defaults to "WORKGROUP" and we ignore the
realm name.
-
96b4187963 - Make 'net' use a single funciton for setting the 'use machine account' code.
- Make winbindd try to use kerberos for connections to DCs, so that it can
   access RA=2 servers, particularly for netlogon.
 - Make rpcclient follow the new flags for the NETLOGON pipe
 - Make all the code that uses schannel use the centralised functions for doing so.

Andrew Bartlett
-
879309671d Add a command line option (-S on|off|required) to enable signing on client
connections. Overrides smb.conf parameter if set.
Jeremy.
-
e6cc5ca780 Use the specified workgroup in 'net ads'. (Defaults to lp_workgroup()).
Andrew Bartlett
-
ff222716a0 Removed strupper/strlower macros that automatically map to strupper_m/strlower_m.
I really want people to think about when they're using multibyte strings.
Jeremy.
-
94fe3b2cdf Some fixes for ads printer publish:
- check error return for cli_full_connection() when trying to obtain
    printer data

  - check error return on ads_find_machine_acct()

  - Minor reformatting to separate fetching printer data from publishing it
-
814519c5de Implemented 'net ads printer search' which searches the directory for
published printers.

At the moment we don't search using any parameters but this can be
fixed by changing the LDAP search string.  Also we should contact
the global catalog at SRV _gc._tcp instead of the ldap server we
get back from ads_startup().
-
b401e78b6e Yet more shadow variable warnings. -
21d9280278 use lp_realm() to find the default realm for 'net ads password' -
0e9836c4e9 Fix bug #137: krb5_set_password is already defined in MIT 1.3 libs, so
we wouldn't build.
-
2a6d0c2481 Fix obvious compiler warnings.
Jeremy.
-
00e08efb5c Patch from Ken Cross to allow an ADS domain join with a username of the form
user@realm, where realm might not be the realm we are joining.

Andrew Bartlett
-
b5b1732b11 Like net rpc user -l, let net ads user -l allow more than 50 characters in
comments.
-
f35674e755 Fix up bugs in the new 'store sec_channel type' code - we were always joining
as a BDC.

Andrew Bartlett
-
876e00fd11 Merge from HEAD - save the type of channel used to contact the DC.
This allows us to join as a BDC, without appearing on the network as one
until we have the database replicated, and the admin changes the configuration.

This also change the SID retreval order from secrets.tdb, so we no longer
require a 'net rpc getsid' - the sid fetch during the domain join is sufficient.
Also minor fixes to 'net'.

Andrew Bartlett
-
f0982e1102 - Change ADS CHOSTPASS -> ADS CHANGETRUSTPW
- Add general CHANGETRUSTPW function that calls ADS CHANGETRUSTPW or RPC CHANGETRUSTPW
(Merged from HEAD)
-
3aa4f923e9 Merge from HEAD:
net ads password

Heimdal compile fixes.

Andrew Bartlett
-
de24fcb097 Merge from HEAD:
new 'net ads dn'

doxygen fixes

net help fixes.
-
56934f303c Missed a couple of files from the client-side kerberos merge -
9c3a1710ef Merge LDAP filter parinoia from HEAD, a few other pdb_ldap updates and some
misc libads fixes.

Andrew Bartlett
-
0fb724b321 *lots of small merges form HEAD
*sync up configure.in
*don't build torture tools in make all
*make sure to remove torture tools as part of make clean
-
25a9681ddd [merge]
* removed unused variable from rpcclient code
* added container option to net command (patch from SuSE)
* Makefile patch for examples/VFS from SuSE
-
3a7458f947 Merge from HEAD - make Samba compile with -Wwrite-strings without additional
warnings.  (Adds a lot of const).

Andrew Bartlett
-
09a218a9f6 Forward port the change to talloc_init() to make all talloc contexts
named. Ensure we can query them.
Jeremy.
-
e93bd375b9 jcmd really should run with a higher compiler warning level more often :-).
Jeremy.
-
efeaa8f4f4 Next step of printer publishing.
net ads printer publish <printername> [servername]
Will retreive the DsSpooler and DsDriver info by rpc for a remote server
then publish it.

Next comes doing it within smbd
-
f755711df8 Removed global_myworkgroup, global_myname, global_myscope. Added liberal
dashes of const. This is a rather large check-in, some things may break.
It does compile though :-).
Jeremy.
-
65e7b5273b sync'ing up for 3.0alpha20 release -
1b83b78e33 sync 3.0 branch with HEAD -
03ac082dcb updated the 3.0 branch from the head branch - ready for alpha18 -