summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* s4:libcli/wrepl: use UTIL_TEVENTStefan Metzmacher2010-03-052-1/+2
| | | | metze
* s4:libcli/wrepl: avoid neested named structuresStefan Metzmacher2010-03-051-15/+19
| | | | metze
* s4:torture/nbt: avoid the usage of wrepl_pull_table_send()Stefan Metzmacher2010-03-051-3/+6
| | | | metze
* libcli/auth: add a const to des_crypt112_16()Stefan Metzmacher2010-03-052-2/+2
| | | | metze
* s3:winbindd: add DEBUG(10,...) for the end of each top levelStefan Metzmacher2010-03-052-6/+25
| | | | | | That will hopefully make debugging a bit easier (at least for me). metze
* s4:kcc - Change some counter variables to be unsignedMatthias Dieter Wallnöfer2010-03-052-4/+5
| | | | | The upper limits are unsigned variables therefore also the counter variables need to be like that.
* s4:samdb_privilege.c - Change two counter variables to unsignedMatthias Dieter Wallnöfer2010-03-051-2/+3
| | | | Also here in both cases the unsigned counter fits better than the signed one.
* s4:cracknames - Change two counter variables to unsignedMatthias Dieter Wallnöfer2010-03-051-2/+2
| | | | | | In both cases the unsigned counter fits better: - in the first one since we are counting LDB objects starting from 0 - in the second since we are counting an array starting from 0
* s4-pvfs_sys: build on systems without O_NOFOLLOW or O_DIRECTORYAndrew Tridgell2010-03-051-4/+22
|
* s4-pvfs_sys: talloc_free should be before errno restoreAndrew Tridgell2010-03-051-13/+13
| | | | talloc can potentially change the errno
* s4-pvfs: use pvfs_sys_fchmod()Andrew Tridgell2010-03-053-4/+4
|
* s4-pvfs: set default for perm override based on system featuresAndrew Tridgell2010-03-051-1/+9
| | | | | | If the system has O_NOFOLLOW and O_DIRECTORY then we allow for overrides by default. If not, then we disable by default, as we will be more vulnerable to symlink attacks
* s4-pvfs: use O_FOLLOW one level at a time for security overridesAndrew Tridgell2010-03-051-37/+357
| | | | | To prevent symlink attacks we need to use O_NOFOLLOW one level at a time when processing a root security override
* replace: added get_current_dir_name()Andrew Tridgell2010-03-053-0/+18
|
* s4-pvfs: use pvfs_sys_*() functions to wrap posix callsAndrew Tridgell2010-03-055-20/+20
| | | | | | | This allows for root override, which fixes many problems with mismatches between NT ACL permissions and unix permissions. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-pvfs: new pvfs_sys module Andrew Tridgell2010-03-052-0/+301
| | | | | | | | The pvfs_sys_*() calls provide wrapper functions for posix file functions which use root privileges to override EACCES failures if PVFS_FLAG_PERM_OVERRIDE is set Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-pvfs: added new pvfs flag PVFS_FLAG_PERM_OVERRIDEAndrew Tridgell2010-03-052-0/+4
| | | | | | | | This flag indicates that we should use root privileges to override unix permissions when the NT ACLs indicate that access should be granted Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-privs: add root_privileges_original_uid()Andrew Tridgell2010-03-051-0/+6
| | | | | | | This can be used to get the uid we changed away from when we gained root privileges Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s3-selftest: enable RPC-WINREG against Samba 3.Günther Deschner2010-03-051-1/+1
| | | | Guenther
* s4-smbtorture: skip NotifyChangeKeyValue test against s3 for now.Günther Deschner2010-03-051-0/+4
| | | | Guenther
* s4:torture/rpc/samr.c - add some decision possibility constants to some switchMatthias Dieter Wallnöfer2010-03-051-0/+3
| | | | | At the moment nothing is done when the enumeration variable is set to one of those constants as before. This is only to quite nasty warnings.
* s4:torture/rpc/samr.c - make some argument of function ↵Matthias Dieter Wallnöfer2010-03-051-1/+1
| | | | | | "test_SamLogon_with_creds" constant This to quiet warnings.
* s4:torture/winbind/struct_based.c - fix up (un)signedness of a function argumentMatthias Dieter Wallnöfer2010-03-051-1/+2
| | | | Otherwise always a warning is generated.
* s4-pvfs: log more error conditions in NTVFS backendAndrew Tridgell2010-03-053-0/+31
| | | | | | This should make is easier to track down some bug reports Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-pvfs: move the private ntcreatex flags to private_flagsAndrew Tridgell2010-03-057-20/+21
| | | | | | | | Re-using two of the create_options bits was bound to eventually cause problems, and indeed, Windows7 now uses one of those bits when opening text files. Fixes bug 7189
* s4-rpc: don't use s->credentials after it is freedAndrew Tridgell2010-03-051-2/+1
|
* s4-torture: fixed commas separating C statementsAndrew Tridgell2010-03-051-4/+3
|
* s3: Fix unnecessary traversing winbindd_cache.tdb in SIGHUP handler.Bo Yang2010-03-061-0/+6
| | | | Signed-off-by: Bo Yang <boyang@samba.org>
* s4-python: only install external python libs that are missingAndrew Tridgell2010-03-052-1/+19
|
* s4-python: import a copy of the python dns libraryAndrew Tridgell2010-03-05114-0/+16829
| | | | | | | | This library is not installed on enough systems for us to rely on it being available. We use the system copy if possible, and fallback to this local copy Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-dns: use samba.external to pull in the dns.resolver libraryAndrew Tridgell2010-03-051-3/+5
|
* s4-python: allow us to have samba copies of python libraries we depend onAndrew Tridgell2010-03-052-0/+54
| | | | | | | | For python libraries like dns.resolver it is useful to be able to install a copy of the library with Samba. This set of functions allows us to do that while using the locally installed version if it is available Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-dns-ex: use autoclose on the dns child pipeAndrew Tridgell2010-03-051-2/+1
| | | | | | | I'm hoping this will fix an occasional segfault I've noticed where epoll still calls events on a closed fde Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-messaging: use auto-close on the socketAndrew Tridgell2010-03-051-0/+1
|
* srv_pipe.c doesn't reference current_user anymore. Remove it.Jeremy Allison2010-03-041-2/+0
| | | | Jeremy.
* s4:auth/sam.c - change base context for the "tmp_ctx" context in ↵Matthias Dieter Wallnöfer2010-03-041-1/+1
| | | | | | | "authsam_expand_nested_groups" Better use the "res_sids_ctx" as base context for the "tmp_ctx" and not the long-living "sam_ctx"/"ldb" context to prevent memory leaks.
* s4:ldap.py - give the "primaryGroupToken" test a better nameMatthias Dieter Wallnöfer2010-03-041-3/+3
| | | | It tests also some other constructed attributes in a basic way.
* s4:ldap.py - add test for "tokenGroups"Matthias Dieter Wallnöfer2010-03-041-0/+44
|
* s4:operational LDB - don't accidentally "ate" search helper attributes if we ↵Matthias Dieter Wallnöfer2010-03-041-6/+14
| | | | | | | need them for more constructed attributes With this patch we delete the helper attributes at the end where all constructed attributes have already been computed.
* s4:operational LDB module - make the counters unsignedMatthias Dieter Wallnöfer2010-03-041-2/+2
| | | | No need to have signed counters here.
* s4:operational LDB - implement the "tokenGroups" constructed attributeMatthias Dieter Wallnöfer2010-03-042-1/+96
| | | | | | | | | | It contains the transitive SID closure (expand member/memberOf attributes) of a certain SAM object. The "tokenGroups" attribute never contains the SID of the object itself. References: http://msdn.microsoft.com/en-us/library/ms680275(VS.85).aspx, http://support.microsoft.com/kb/301916, MS-ADTS 3.1.1.4.5.19.
* s4:sam.c - make "authsam_expand_nested_groups" publicMatthias Dieter Wallnöfer2010-03-042-1/+7
| | | | This is needed by the "tokenGroups" work in the operational LDB module.
* s4:sam.c - cosmetic indentation fixMatthias Dieter Wallnöfer2010-03-041-2/+1
|
* s4:sam.c - change variable types to unsigned in "sids_contains_sid"Matthias Dieter Wallnöfer2010-03-041-3/+4
| | | | Should also be unsigned - no need for a signed "i" and "num_sids" here.
* s4:operational LDB module - use right memory context int ↵Matthias Dieter Wallnöfer2010-03-041-2/+2
| | | | | | "construct_primary_group_token" Use the "msg" as temporary context and not "ldb" which lives much longer.
* Revert "s3:configure: add --enable-as-needed"Karolin Seeger2010-03-041-8/+2
| | | | | | This reverts commit 22d316926b9589608d332143c1fa134229b75b3c. Please see bug #7209 for details.
* Refactored ACL python testsNadezhda Ivanova2010-03-041-441/+256
| | | | | Made each type into a separate class to be easily run individually, removed code duplication
* s3:configure: add --enable-as-neededStefan Metzmacher2010-03-041-2/+8
| | | | | | | On some broken systems like RHEL5, we need to be able to disable --as-needed. metze
* s4:provision - use the new "interface_ips" python call to detect the right ↵Matthias Dieter Wallnöfer2010-03-041-8/+8
| | | | | | | | | | | host IPv4 address Inform the user when there are more possibilities (so he can check for the right address and otherwise he is able to do an immediate reprovision) and no possibility at all (then we fall back to the loopback address "127.0.0.1" - this is thought for testing purposes). I think this should be enough for closing bug #5484.
* s4:ldif_handlers - Use "unsigned int" for counting purposesMatthias Dieter Wallnöfer2010-03-041-4/+4
| | | | | | I changed "uint32_t" to "unsigned int" since the LDB specification prescrives "unsigned (int)" for counter variables (number of attributes, number of values...).
generated by cgit (git 2.34.1) at 2025-09-27 13:00:58 +0000