sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
Code
82,395 Commits 60 Branches 1,144 Tags 452 MiB
d4aa8978cc
Commit Graph

82395 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Stefan Metzmacher
d4aa8978cc s4:winbind: convert wb_update_rodc_dns_send/recv to tevent_req 
metze
 2012-08-25 01:39:41 +02:00
Stefan Metzmacher
0ccdaa940a s4:winbind: convert wb_sam_logon_send/recv to tevent_req 
metze
 2012-08-25 01:39:41 +02:00
Stefan Metzmacher
d3756d8738 s4:winbind: convert wb_sid2domain to tevent_req internally 
The public wrapper still uses composite_context, because I don't
have time to fix all the callers...

metze
 2012-08-25 01:39:41 +02:00
Stefan Metzmacher
89a5a71654 s4:librpc/rpc: don't do async requests if gensec doesn't support async replies (bug #9097) 
metze
 2012-08-25 01:39:41 +02:00
Stefan Metzmacher
0bd0ad967d s4:librpc/rpc: also call dcerpc_schedule_io_trigger() after bind and alter_context responses 
metze
 2012-08-25 01:39:41 +02:00
Stefan Metzmacher
e44b5bdb2c s4:librpc/rpc: use dcerpc_req_dequeue() in dcerpc_request_recv_data() 
metze
 2012-08-25 01:39:41 +02:00
Stefan Metzmacher
81bc57d395 s4:librpc/rpc: use talloc_zero for 'struct rpc_request' 
metze
 2012-08-25 01:39:41 +02:00
Stefan Metzmacher
28350aeaa1 libcli/smb: split out a smb_transport private library 
metze
 2012-08-25 01:39:41 +02:00
Stefan Metzmacher
5eec19bc83 libcli/smb: wscript_build => wscript 
We'll need some configure checks in future.

metze
 2012-08-25 01:39:41 +02:00
Jeremy Allison
aca444cbfc Remove useless bool "upper_case_domain" parameter from ntv2_owf_gen(). 
The code in SMBNTLMv2encrypt_hash() should not be requesting case
changes on the domain name.

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Aug 24 21:39:42 CEST 2012 on sn-devel-104
 2012-08-24 21:39:41 +02:00
Jeremy Allison
cbdf6c5c51 Remove useless bool "upper_case_domain" parameter. 2012-08-24 10:57:11 -07:00
Jeremy Allison
43870fb2c8 Move uppercasing the domain out of smb_pwd_check_ntlmv2() 
Allows us to remove a silly bool parameter.

Based on work done by "Blohm, Guntram (I/FP-37, extern)" <extern.guntram.blohm@audi.de>.
 2012-08-24 10:57:01 -07:00
Stefan Metzmacher
ced27e1c5d s3:lib: make sure we don't try to send messages to server_id's marked as disconnected 
metze

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Aug 24 15:54:48 CEST 2012 on sn-devel-104
 2012-08-24 15:54:48 +02:00
Stefan Metzmacher
1f7eac907a s3:lib: remove unused processes_exist() 
metze
 2012-08-24 13:43:34 +02:00
Stefan Metzmacher
9529301503 s3:lib: readd the CTDB_CONTROL_CHECK_SRVIDS optimization to serverids_exist() 
metze
 2012-08-24 13:43:33 +02:00
Stefan Metzmacher
18c6757dbb s3:lib: only loop over the server_ids we need to verify in serverids_exist() 
metze
 2012-08-24 13:43:33 +02:00
Stefan Metzmacher
6c3c25b5c1 s3:lib: use server_id_is_disconnected() in serverids_exist() 
metze
 2012-08-24 13:43:33 +02:00
Stefan Metzmacher
dc7d0f6883 s3:lib: inline processes_exist() into serverids_exist() 
metze
 2012-08-24 13:43:32 +02:00
Stefan Metzmacher
84b5a5cbcd s3:lib: SERVERID_UNIQUE_ID_NOT_TO_VERIFY only means not to verify the 'unique_id' part 
It doesn't mean the the server_id is always valid.

metze
 2012-08-24 13:43:32 +02:00
Stefan Metzmacher
95f3662bbd lib/util: don't SMB_ASSERT() in process_exists_by_pid() 
Just return false...

metze
 2012-08-24 13:43:32 +02:00
Stefan Metzmacher
0b5e354080 s3:lib: implement process_exists() as wrapper of serverid_exists() 
The changes the behavior of process_exists() it checks the pid.unique_id
now, if it's not SERVERID_UNIQUE_ID_NOT_TO_VERIFY.

metze
 2012-08-24 13:43:31 +02:00
Stefan Metzmacher
774c28416b s3:g_lock: use serverid_exists() with SERVERID_UNIQUE_ID_NOT_TO_VERIFY 
metze
 2012-08-24 13:43:31 +02:00
Stefan Metzmacher
99b134adbe s3:lib: implement serverid_exists() as wrapper of serverids_exist() 
metze
 2012-08-24 13:43:31 +02:00
Stefan Metzmacher
6145329fcd s3:lib: remove CTDB_CONTROL_CHECK_SRVIDS optimization in serverids_exist() for now 
This will be readded...

metze
 2012-08-24 13:43:30 +02:00
Stefan Metzmacher
f83521a4ca lib/param: fix usage of 'write list = +Group' 
metze

Autobuild-User(master): Björn Jacke <bj@sernet.de>
Autobuild-Date(master): Fri Aug 24 11:28:17 CEST 2012 on sn-devel-104
 2012-08-24 11:28:17 +02:00
Björn Jacke
cbecd1595c s3: fix compile warning on openindiana 
Autobuild-User(master): Björn Jacke <bj@sernet.de>
Autobuild-Date(master): Thu Aug 23 18:22:13 CEST 2012 on sn-devel-104
 2012-08-23 18:22:13 +02:00
Björn Jacke
b4252f8fa6 crypto/aes_ccm_128: fix compile warning on openindiana 2012-08-23 16:43:48 +02:00
Björn Jacke
cbcfd85f41 s3/registry: fix compile warning on openindiana 2012-08-23 16:43:48 +02:00
Andrew Bartlett
e14bf399cf s4-selftest: Always set vfs objects in selftest smb.conf 
This sets it for all enviornments, as it is harmless if ntvfs is used
and critical if the provision script runs in s3fs mode.

Andrew Bartlett

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Aug 23 16:42:41 CEST 2012 on sn-devel-104
 2012-08-23 16:42:41 +02:00
Andrew Bartlett
123ee7f9b5 s4-selftest: Add test for samba-tool ntacl sysvolcheck 2012-08-23 15:02:26 +02:00
Andrew Bartlett
ebcdc4a36b s4-samba-tool: Add samba-tool ntacl sysvolcheck command 
This command verifies that the current on-disk ACLs match the directory and
the defaults from provision.

Unlike sysvolreset, this does not change any of the permissions.

Andrew Bartlett
 2012-08-23 15:02:26 +02:00
Andrew Bartlett
0aed29105e s3-smbd: Add security_info_wanted argument to get_nt_acl_no_snum 
I need to get at the owner, group, DACL and SACL when testing correct
ACL storage.

Andrew Bartlett
 2012-08-23 15:02:26 +02:00
Andrew Bartlett
e058dfb3b0 s3-pysmbd: Fix return type of smbd.get_nt_acl 
The security_ prefix is stripped off in the python bindings.

Andrew Bartlett
 2012-08-23 15:02:26 +02:00
Andrew Bartlett
e8e24a251b s3-smbd: Add talloc_stackframe() to get_nt_acl_no_snum() 
This is required because the functions it calls use talloc_tos().

Andrew Bartlett
 2012-08-23 15:02:26 +02:00
Andrew Bartlett
7cf50b9f30 s4-selftest: Add testing of samba-tool ntacl sysvolreset 2012-08-23 15:02:26 +02:00
Andrew Bartlett
8c71dc3505 param: Add startup checks for valid server role/binary combinations 
This should eliminate confusion from our users about what they can
expect to successfully run.

Andrew Bartlett
 2012-08-23 15:02:26 +02:00
Andrew Bartlett
332efe1539 s3-pysmbd: Fix error message 2012-08-23 15:02:26 +02:00
Andrew Bartlett
7e7ed72bbe s4-provision: Fix internal documentation 2012-08-23 15:02:26 +02:00
Andrew Bartlett
51e3547426 s3-pysmbd: Allow a mode to be specified for the simple ACL 
The additional group for the ACL is now optional.

Andrew Bartlett
 2012-08-23 15:02:26 +02:00
Andrew Bartlett
8f909199c4 s4-samba-tool: Add 'samba-tool ntacl sysvolreset' tool 
This will reset the NT ACL on the sysvol share to the default from
provision, with GPO objects matching the LDAP ACL (as required).

Andrew Bartlett
 2012-08-23 15:02:26 +02:00
Andrew Bartlett
56fd072fdd selftest: Add a test of the NT ACL -> posix ACL mapping layer to selftest 2012-08-23 15:02:26 +02:00
Andrew Bartlett
4fe344ef05 selftest: Cope with the multiple possible representations of -1 in posixacl.py 2012-08-23 15:02:26 +02:00
Andrew Bartlett
bd00c92865 selftest: Extend posixacl test to check the actual ACL 
Needing to be able to write this test is the primary reason I have
been reworking the VFS and posix ACL layer over the past few weeks.
By exposing the POSIX ACL as a IDL object we can eaisly manipulate it
in python, and then verify that the ACL was handled correctly.

This ensures the when we write an ACL in provision, that it will
indeed allow that access at the FS layer.

We need to extend this beyond just the critical two ACLs set during
provision, to also include some special (hard) cases involving the
merging of ACE entries, as this is the most delicate part of the ACL
transfomation.

A similar test should also be written to read the posix ACL and the
mapped NT ACL on a file that has never had an NT ACL set.

Andrew Bartlett
 2012-08-23 15:02:26 +02:00
Andrew Bartlett
318b8cb4fa selftest: Add a test of the NT ACL -> posix ACL mapping layer 
This is the start of what will be a series of tests confirming exactly how
some NT ACLs are mapped to posix ACLs.

Andrew Bartlett
 2012-08-23 15:02:26 +02:00
Andrew Bartlett
b1825c6421 s4-scripting: Redefine getntacl() as accessing via the smbd VFS or directly 
This allows us to write tests that compare the smbd vfs with what is
in the DB or xattr.

Andrew Bartlett
 2012-08-23 15:02:26 +02:00
Andrew Bartlett
a778662da8 s4-provision: set POSIX ACLs to for use with the smbd file server (s3fs) 
This handles the fact that smbd will rarely override the POSIX ACL enforced by
the kernel.  This has caused issues with the creation of group policies by
other members of the Domain Admins group.

Andrew Bartlett
 2012-08-23 15:02:26 +02:00
Andrew Bartlett
8518dd6406 file_server: Move default VFS module settings to loadparm.c 
This means that any utility that calls into the VFS layer will get the
right modules.

Because we use the fake_acls backend we need to override this whole
list in Samba4.pm however.

Andrew Bartlett
 2012-08-23 15:02:26 +02:00
Andrew Bartlett
be9a8cf4ca s4-dsdb: Remove unused variables 2012-08-23 15:02:26 +02:00
Andrew Bartlett
d1eac79690 s4-dsdb: Do not use a possibly-old loadparm context in schema reload 
The loadparm context on the schema DB might have gone away already.
Pre-cache the schema refresh interval at load time to avoid worrying
about this.

Andrew Bartlett
 2012-08-23 15:02:25 +02:00
Andrew Bartlett
a58ac39a5a s4-upgradeprovision: Use ntvfs in reference provision 
We do not need filesystem ACLs set when creating the reference provision, so it is
easier to use the NTVFS backend as it does not cause trouble with make test.

Andrew Bartlett
 2012-08-23 15:02:25 +02:00