summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* s4:libcli/wrepl: convert wrepl_pull_table_send to tevent_reqStefan Metzmacher2010-03-052-48/+111
| | | | metze
* s4:libcli/wrepl: convert wrepl_pull_names_send to tevent_reqStefan Metzmacher2010-03-052-72/+156
| | | | metze
* s4:libcli/wrepl: use UTIL_TEVENTStefan Metzmacher2010-03-052-1/+2
| | | | metze
* s4:libcli/wrepl: avoid neested named structuresStefan Metzmacher2010-03-051-15/+19
| | | | metze
* s4:torture/nbt: avoid the usage of wrepl_pull_table_send()Stefan Metzmacher2010-03-051-3/+6
| | | | metze
* libcli/auth: add a const to des_crypt112_16()Stefan Metzmacher2010-03-052-2/+2
| | | | metze
* s3:winbindd: add DEBUG(10,...) for the end of each top levelStefan Metzmacher2010-03-052-6/+25
| | | | | | That will hopefully make debugging a bit easier (at least for me). metze
* s4:kcc - Change some counter variables to be unsignedMatthias Dieter Wallnöfer2010-03-052-4/+5
| | | | | The upper limits are unsigned variables therefore also the counter variables need to be like that.
* s4:samdb_privilege.c - Change two counter variables to unsignedMatthias Dieter Wallnöfer2010-03-051-2/+3
| | | | Also here in both cases the unsigned counter fits better than the signed one.
* s4:cracknames - Change two counter variables to unsignedMatthias Dieter Wallnöfer2010-03-051-2/+2
| | | | | | In both cases the unsigned counter fits better: - in the first one since we are counting LDB objects starting from 0 - in the second since we are counting an array starting from 0
* s4-pvfs_sys: build on systems without O_NOFOLLOW or O_DIRECTORYAndrew Tridgell2010-03-051-4/+22
|
* s4-pvfs_sys: talloc_free should be before errno restoreAndrew Tridgell2010-03-051-13/+13
| | | | talloc can potentially change the errno
* s4-pvfs: use pvfs_sys_fchmod()Andrew Tridgell2010-03-053-4/+4
|
* s4-pvfs: set default for perm override based on system featuresAndrew Tridgell2010-03-051-1/+9
| | | | | | If the system has O_NOFOLLOW and O_DIRECTORY then we allow for overrides by default. If not, then we disable by default, as we will be more vulnerable to symlink attacks
* s4-pvfs: use O_FOLLOW one level at a time for security overridesAndrew Tridgell2010-03-051-37/+357
| | | | | To prevent symlink attacks we need to use O_NOFOLLOW one level at a time when processing a root security override
* replace: added get_current_dir_name()Andrew Tridgell2010-03-053-0/+18
|
* s4-pvfs: use pvfs_sys_*() functions to wrap posix callsAndrew Tridgell2010-03-055-20/+20
| | | | | | | This allows for root override, which fixes many problems with mismatches between NT ACL permissions and unix permissions. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-pvfs: new pvfs_sys module Andrew Tridgell2010-03-052-0/+301
| | | | | | | | The pvfs_sys_*() calls provide wrapper functions for posix file functions which use root privileges to override EACCES failures if PVFS_FLAG_PERM_OVERRIDE is set Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-pvfs: added new pvfs flag PVFS_FLAG_PERM_OVERRIDEAndrew Tridgell2010-03-052-0/+4
| | | | | | | | This flag indicates that we should use root privileges to override unix permissions when the NT ACLs indicate that access should be granted Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-privs: add root_privileges_original_uid()Andrew Tridgell2010-03-051-0/+6
| | | | | | | This can be used to get the uid we changed away from when we gained root privileges Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s3-selftest: enable RPC-WINREG against Samba 3.Günther Deschner2010-03-051-1/+1
| | | | Guenther
* s4-smbtorture: skip NotifyChangeKeyValue test against s3 for now.Günther Deschner2010-03-051-0/+4
| | | | Guenther
* s4:torture/rpc/samr.c - add some decision possibility constants to some switchMatthias Dieter Wallnöfer2010-03-051-0/+3
| | | | | At the moment nothing is done when the enumeration variable is set to one of those constants as before. This is only to quite nasty warnings.
* s4:torture/rpc/samr.c - make some argument of function ↵Matthias Dieter Wallnöfer2010-03-051-1/+1
| | | | | | "test_SamLogon_with_creds" constant This to quiet warnings.
* s4:torture/winbind/struct_based.c - fix up (un)signedness of a function argumentMatthias Dieter Wallnöfer2010-03-051-1/+2
| | | | Otherwise always a warning is generated.
* s4-pvfs: log more error conditions in NTVFS backendAndrew Tridgell2010-03-053-0/+31
| | | | | | This should make is easier to track down some bug reports Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-pvfs: move the private ntcreatex flags to private_flagsAndrew Tridgell2010-03-057-20/+21
| | | | | | | | Re-using two of the create_options bits was bound to eventually cause problems, and indeed, Windows7 now uses one of those bits when opening text files. Fixes bug 7189
* s4-rpc: don't use s->credentials after it is freedAndrew Tridgell2010-03-051-2/+1
|
* s4-torture: fixed commas separating C statementsAndrew Tridgell2010-03-051-4/+3
|
* s3: Fix unnecessary traversing winbindd_cache.tdb in SIGHUP handler.Bo Yang2010-03-061-0/+6
| | | | Signed-off-by: Bo Yang <boyang@samba.org>
* s4-python: only install external python libs that are missingAndrew Tridgell2010-03-052-1/+19
|
* s4-python: import a copy of the python dns libraryAndrew Tridgell2010-03-05114-0/+16829
| | | | | | | | This library is not installed on enough systems for us to rely on it being available. We use the system copy if possible, and fallback to this local copy Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-dns: use samba.external to pull in the dns.resolver libraryAndrew Tridgell2010-03-051-3/+5
|
* s4-python: allow us to have samba copies of python libraries we depend onAndrew Tridgell2010-03-052-0/+54
| | | | | | | | For python libraries like dns.resolver it is useful to be able to install a copy of the library with Samba. This set of functions allows us to do that while using the locally installed version if it is available Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-dns-ex: use autoclose on the dns child pipeAndrew Tridgell2010-03-051-2/+1
| | | | | | | I'm hoping this will fix an occasional segfault I've noticed where epoll still calls events on a closed fde Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-messaging: use auto-close on the socketAndrew Tridgell2010-03-051-0/+1
|
* srv_pipe.c doesn't reference current_user anymore. Remove it.Jeremy Allison2010-03-041-2/+0
| | | | Jeremy.
* s4:auth/sam.c - change base context for the "tmp_ctx" context in ↵Matthias Dieter Wallnöfer2010-03-041-1/+1
| | | | | | | "authsam_expand_nested_groups" Better use the "res_sids_ctx" as base context for the "tmp_ctx" and not the long-living "sam_ctx"/"ldb" context to prevent memory leaks.
* s4:ldap.py - give the "primaryGroupToken" test a better nameMatthias Dieter Wallnöfer2010-03-041-3/+3
| | | | It tests also some other constructed attributes in a basic way.
* s4:ldap.py - add test for "tokenGroups"Matthias Dieter Wallnöfer2010-03-041-0/+44
|
* s4:operational LDB - don't accidentally "ate" search helper attributes if we ↵Matthias Dieter Wallnöfer2010-03-041-6/+14
| | | | | | | need them for more constructed attributes With this patch we delete the helper attributes at the end where all constructed attributes have already been computed.
* s4:operational LDB module - make the counters unsignedMatthias Dieter Wallnöfer2010-03-041-2/+2
| | | | No need to have signed counters here.
* s4:operational LDB - implement the "tokenGroups" constructed attributeMatthias Dieter Wallnöfer2010-03-042-1/+96
| | | | | | | | | | It contains the transitive SID closure (expand member/memberOf attributes) of a certain SAM object. The "tokenGroups" attribute never contains the SID of the object itself. References: http://msdn.microsoft.com/en-us/library/ms680275(VS.85).aspx, http://support.microsoft.com/kb/301916, MS-ADTS 3.1.1.4.5.19.
* s4:sam.c - make "authsam_expand_nested_groups" publicMatthias Dieter Wallnöfer2010-03-042-1/+7
| | | | This is needed by the "tokenGroups" work in the operational LDB module.
* s4:sam.c - cosmetic indentation fixMatthias Dieter Wallnöfer2010-03-041-2/+1
|
* s4:sam.c - change variable types to unsigned in "sids_contains_sid"Matthias Dieter Wallnöfer2010-03-041-3/+4
| | | | Should also be unsigned - no need for a signed "i" and "num_sids" here.
* s4:operational LDB module - use right memory context int ↵Matthias Dieter Wallnöfer2010-03-041-2/+2
| | | | | | "construct_primary_group_token" Use the "msg" as temporary context and not "ldb" which lives much longer.
* Revert "s3:configure: add --enable-as-needed"Karolin Seeger2010-03-041-8/+2
| | | | | | This reverts commit 22d316926b9589608d332143c1fa134229b75b3c. Please see bug #7209 for details.
* Refactored ACL python testsNadezhda Ivanova2010-03-041-441/+256
| | | | | Made each type into a separate class to be easily run individually, removed code duplication
* s3:configure: add --enable-as-neededStefan Metzmacher2010-03-041-2/+8
| | | | | | | On some broken systems like RHEL5, we need to be able to disable --as-needed. metze
generated by cgit (git 2.34.1) at 2025-09-28 06:18:34 +0000