summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* dsdb-acl: use dsdb_get_structural_oc_from_msg() rather than ↵Andrew Bartlett2013-01-211-8/+7
| | | | | | | | | | | | | | | | class_schemaid_guid_by_lDAPDisplayName This uses dsdb_get_last_structural_objectclass(), which encodes this ordering knowledge in one place in the code, rather than using this uncommented magic expression: (char *)oc_el->values[oc_el->num_values-1].data Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* dsdb-acl: Use dsdb_get_structural_oc_from_msg() in acl_rename()Andrew Bartlett2013-01-211-12/+14
| | | | | | Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* dsdb-acl: Use dsdb_get_structural_oc_from_msg() in acl_modify()Andrew Bartlett2013-01-211-8/+10
| | | | | | Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* dsdb-acl: add acl_check_access_on_objectclass() helperStefan Metzmacher2013-01-211-0/+39
| | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* dsdb-acl: Add helper function dsdb_get_structural_oc_from_msg()Andrew Bartlett2013-01-211-0/+13
| | | | | | | | | | | This will eventually replace get_oc_guid_from_message(), returning the full dsdb_class. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* dsdb-acl: attr is not optional to acl_check_access_on_attribute()Stefan Metzmacher2013-01-211-25/+24
| | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* dsdb-acl: dsdb_attribute_by_lDAPDisplayName() is needed for all attributesStefan Metzmacher2013-01-211-16/+18
| | | | | | | | "clearTextPassword" is the only exception. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* dsdb-acl: introduce a 'el' helper variable to acl_modify()Stefan Metzmacher2013-01-211-12/+11
| | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* dsdb-acl: introduce a 'msg' helper variable to acl_modify()Stefan Metzmacher2013-01-211-20/+20
| | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* dsdb-schema: make sure we build [system]PossibleInferiors completelyStefan Metzmacher2013-01-211-0/+4
| | | | | | | | | Otherwise callers like dsdb_schema_copy_shallow() will corrupt the talloc hierarchie. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* dsdb-schema: make sure use clean caches in schema_inferiors.cStefan Metzmacher2013-01-212-28/+32
| | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* dsdb-schema: make schema_subclasses_order_recurse() staticStefan Metzmacher2013-01-211-3/+3
| | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* BUG 9474: Downgrade v4 printer driver requests to v3.Günther Deschner2013-01-211-1/+8
| | | | | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Mon Jan 21 16:11:02 CET 2013 on sn-devel-104
* BUG 9574: Fix a possible null pointer dereference in spoolss.Andreas Schneider2013-01-211-1/+2
| | | | | | | | | | | If the the client enumerates the printers and didn't specify a servername we have a null pointer dereference, so the process serving the connection crashes. Reviewed-by: David Disseldorp <ddiss@samba.org> Autobuild-User(master): David Disseldorp <ddiss@samba.org> Autobuild-Date(master): Mon Jan 21 13:30:11 CET 2013 on sn-devel-104
* Tests: remove redondent testsuites in provisionMatthieu Patou2013-01-211-6/+1
| | | | | | | | | | Removed provision are already tested somewhere else. Signed-off-by: Matthieu Patou <mat@matws.net> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Matthieu Patou <mat@samba.org> Autobuild-Date(master): Mon Jan 21 09:59:43 CET 2013 on sn-devel-104
* Tests: avoid adding python options that are functions in the envMatthieu Patou2013-01-211-1/+6
| | | | | | | This fix errors when running test --testenv --screen Signed-off-by: Matthieu Patou <mat@matws.net> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* Tests: rewrite ldap_schema to specify attributesMatthieu Patou2013-01-211-15/+24
| | | | | Signed-off-by: Matthieu Patou <mat@matws.net> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* Fix warnings with mismatched sizes in arguments to DEBUG statements.Jeremy Allison2013-01-191-8/+8
| | | | | | | | | | This can cause compile errors on 32-bit systems. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Sat Jan 19 12:14:13 CET 2013 on sn-devel-104
* Remove some unused variables.Jeremy Allison2013-01-191-3/+0
| | | | | Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* heimdal_build: Try again to sort out the strerror_r messAndrew Bartlett2013-01-195-10/+11
| | | | Reviewed-by: Stefan Metzmacher <metze@samba.org>
* printing: Free talloc_stackframe() on all exit pathsAndrew Bartlett2013-01-191-0/+2
| | | | Reviewed-by: Stefan Metzmacher <metze@samba.org>
* nsswitch: Fix two bitfield constants being the same.Ira Cooper2013-01-181-3/+1
| | | | | | | | | | | WBFLAG_PAM_AUTH_PAC and WBFLAG_BIG_NTLMV2_BLOB are the same causing errors in NTLMv2 authentication. Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Jan 18 22:13:09 CET 2013 on sn-devel-104
* Sort winbind request flags. Ira saw we have a duplicate.Jeremy Allison2013-01-181-9/+9
| | | | | | Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed by: Ira Cooper <ira@wakeful.net> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* smbtorture: Satisfy a linker dependencyVolker Lendecke2013-01-181-1/+8
| | | | Reviewed by: Jeremy Allison <jra@samba.org>
* winbind: Handle child requests in a tevent_fdVolker Lendecke2013-01-181-105/+65
| | | | | | | This enables the use of standard tevent_loop_once in the child, which now also uses epoll where available. Reviewed by: Jeremy Allison <jra@samba.org>
* winbind: Introduce "struct child_handler_state"Volker Lendecke2013-01-181-22/+30
| | | | | | | | This will make the next patch simpler. child_handler_state contains the information that the handler for the parent fde needs to pass to process_child_request Reviewed by: Jeremy Allison <jra@samba.org>
* winbind: Use standard tevent_context_initVolker Lendecke2013-01-183-7/+34
| | | | | | This makes winbind use epoll instead of poll Reviewed by: Jeremy Allison <jra@samba.org>
* BUG 9378: Add extra attributes for AD printer publishing.David Disseldorp2013-01-181-1/+85
| | | | | | | | | | Currently attempting to publish a printer in AD fails with "Object class violation", due to a number of missing attributes in the LDAP request. Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Fri Jan 18 17:27:35 CET 2013 on sn-devel-104
* printing: Remove invalid free from error path.David Disseldorp2013-01-181-1/+0
| | | | Reviewed-by: Andreas Schneider <asn@samba.org>
* Remove locking across the lifetime of the copychunk call.Jeremy Allison2013-01-181-116/+1
| | | | | | | | | | Previous commit handles this around each read/write call. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org> Autobuild-User(master): David Disseldorp <ddiss@samba.org> Autobuild-Date(master): Fri Jan 18 01:47:01 CET 2013 on sn-devel-104
* Move copychunk locking to be local to the read/write calls.Jeremy Allison2013-01-181-0/+42
| | | | | | | | | | Eliminates the need to hold locks across the entire lifetime of the call. Next commit will remove these. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
* Add additional copychunk checks.Jeremy Allison2013-01-181-0/+22
| | | | | | | For printer, ipc$ connections, and directory handles. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
* Move handle checking code to copychunk_check_handles().Jeremy Allison2013-01-181-21/+37
| | | | | | | | Planning to add extra checks to ensure we don't attempt copychunk on printer or IPC$ handles. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
* tevent: Fix a commentVolker Lendecke2013-01-181-1/+1
| | | | | | | | | | liboop.org is now in a language I don't understand. But it does definitely not contain a library. Reviewed by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Jan 18 00:05:37 CET 2013 on sn-devel-104
* printing: Create default architecture directories on init.Andreas Schneider2013-01-171-0/+59
| | | | | | | Reviewed-by: Guenther Deschner <gd@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Thu Jan 17 20:36:17 CET 2013 on sn-devel-104
* s3-spoolss: use configurable spoolss architecture in ↵Günther Deschner2013-01-171-1/+5
| | | | | | | | | | | | compose_spoolss_server_path(). Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org> Autobuild-User(master): David Disseldorp <ddiss@samba.org> Autobuild-Date(master): Thu Jan 17 18:53:47 CET 2013 on sn-devel-104
* spoolss: make spoolss deal with ndr64 SetForm by using proper container object.Günther Deschner2013-01-175-21/+32
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
* spoolss: make spoolss deal with ndr64 AddForm by using proper container object.Günther Deschner2013-01-176-31/+46
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
* s4-torture: add ndr64 spoolss_SetPrinter ndr test.Günther Deschner2013-01-172-1/+74
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
* spoolss: make spoolss deal with ndr64 ULONG_PTR of devmode_ptr and secdesc_ptr.Günther Deschner2013-01-176-23/+21
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
* dsdb-operational: Avoid doing the ldb_attr_cmp if bypass flag is not setMatthieu Patou2013-01-171-1/+1
| | | | | | | | | | Most of the time this flag is not set and so we can avoid the strcasecmp in ldb_attr_cmp() Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Thu Jan 17 17:10:32 CET 2013 on sn-devel-104
* torture: Fix fsmo test to use correct -H samba-tool syntaxAndrew Bartlett2013-01-171-2/+2
| | | | | | However, the test still does not pass. Reviewed-by: Stefan Metzmacher <metze@samba.org>
* dsdb: Do not hold the transaction over the IRPC call to perform a role transferAndrew Bartlett2013-01-172-2/+26
| | | | | | | | This avoids one samba process locking out another from the DB. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org>
* selftest: also skip raw.search as it also spinsAndrew Bartlett2013-01-171-0/+1
| | | | Reviewed-by: Stefan Metzmacher <metze@samba.org>
* drs-fsmo: Improve handling of FSMO role takeover.Andrew Bartlett2013-01-173-5/+14
| | | | | | | | This needs to be more async, and give less scary errors. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org>
* dsdb-acl: calculate sDRightsEffective based on "nTSecurityDescriptor"Stefan Metzmacher2013-01-171-3/+11
| | | | | | | | | | | acl_check_access_on_attribute should never be called with attr=NULL because we don't check access on an attribute in that case Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Matthieu Patou <mat@matws.net> Autobuild-User(master): Matthieu Patou <mat@samba.org> Autobuild-Date(master): Thu Jan 17 11:21:10 CET 2013 on sn-devel-104
* dsdb-acl: add helper variable 'ldb' in acl_sDRightsEffectiveStefan Metzmacher2013-01-171-1/+2
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Matthieu Patou <mat@matws.net>
* libcli/security: don't look at the inherited type in get_ace_object_type()Stefan Metzmacher2013-01-171-2/+0
| | | | | | | | The inherited_type is only used to decide if aces should be inherited effectively or not (INHERIT_ONLY) for the specified object. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Matthieu Patou <mat@matws.net>
* dsdb-acl: fix the order of special and system checksStefan Metzmacher2013-01-171-22/+61
| | | | | | | | | First we check for a special dn, then for system access. All allocations happen after this checks in order to avoid allocations we won't use. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Matthieu Patou <mat@matws.net>
* dsdb-acl: Do not apply ACL on special DNs to hide attributes that the user ↵Matthieu Patou2013-01-171-0/+4
| | | | | | | | | | | | | | | | shouldn't see This fix frequent reindexing when using python script with a user that is not system. The reindexing is caused by ACL module hidding (removing) attributes in the search request for all attributes in dn=@ATTRIBUTES and because dsdb_schema_set_indices_and_attributes checks that the list of attributes that it just calculated from the schema is the same as the list written in @ATTRIBUTES, if not the list is replaced and a reindexing is triggered. Signed-off-by: Matthieu Patou <mat@matws.net> Reviewed-by: Stefan Metzmacher <metze@samba.org>
generated by cgit (git 2.34.1) at 2025-09-27 03:39:16 +0000