summaryrefslogtreecommitdiffstats
path: root/source3
Commit message (Collapse)AuthorAgeFilesLines
...
* s3: Fix a crash in libsmbclient used against the OpenSolaris CIFS serverVolker Lendecke2010-01-161-1/+1
| | | | | | A user has sent me a sniff where the OpenSolaris CIFS server returns "32" in totalentries, but the array in ctr only contains 15 entries. Look at the right delimiter for walking the array.
* Second part of bug 7045 - Bad (non memory copying) interfaces in ↵Jeremy Allison2010-01-151-3/+9
| | | | | | | | smbc_setXXXX calls. Protect against SMB_STRDUP of null... Jeremy.
* Fix bug 7045 - Bad (non memory copying) interfaces in smbc_setXXXX calls.Jeremy Allison2010-01-152-10/+25
| | | | | | | | | | In smbc_free_context libsmbclient just called free() on the string options so it assumes the callers have malloced them before setting them via smbc_set calls. Change to corretly malloc/free string options to the library. Jeremy
* Fix bug #7036 - net rpc getsid fails in hardened windows environments.Jeremy Allison2010-01-141-1/+7
| | | | Fix suggested by Dave.Daugherty@Centrify.com.
* Part 4 of bug #7028 - include scannedonly VFS moduleOlivier Sessink2010-01-141-13/+8
| | | | Fix some issues with handling names ending in '/'.
* s3-libsmbclient: Fix crash bug in SMBC_parse_path().Günther Deschner2010-01-141-1/+1
| | | | | | | | | Patch from Tim Waugh <twaugh@redhat.com>. This resolves https://bugzilla.redhat.com/show_bug.cgi?id=552658 LIBSMBCLIENT-OPENDIR torture test checks this as well. Guenther
* s4-smbtorture: add rather simple libsmbclient torture testsuite.Günther Deschner2010-01-141-0/+1
| | | | Guenther
* s3:auth: fix account unlock regression introduced with fix for bug #4347Michael Adam2010-01-141-7/+5
| | | | | | | | By an oversight, the patchset for #4347 made the unlocking of a locked account after the lockout duration ineffective. Thanks to Björn for finding this! Michael
* s3 selftest: Enable the WINBIND-STRUCT testsKai Blin2010-01-141-1/+1
|
* s3 test: Fix WINBINDD-STRUCT testsKai Blin2010-01-141-0/+3
| | | | | The struct-based tests are working in make selftest, make them work in plain "make test" as well.
* s3 winbindd: Return number of groups in data.num_entries for ↵Kai Blin2010-01-141-1/+3
| | | | | | | | | WINBINDD_LIST_GROUPS This allows to test if there's something wrong with the group list in extra_data or if there's simply no groups in the database. Volker, please check.
* s3 winbindd: Get WINBINDD_CHECK_MACHACC torture test to work again.Kai Blin2010-01-141-1/+4
| | | | | WINBINDD_CHECK_MACHACC used to report an NTSTATUS error and appropriate error strings. Make this work again.
* s3:pdb_ldap: restore Samba 3.0.x behavior and use the first "uid" value.Stefan Metzmacher2010-01-141-1/+1
| | | | | | | | | See bug #6157 for more details. metze Signed-off-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit 25806f43ddee7e2653e907eea2c6fcc075960fa1)
* s3:smbldap: add smbldap_talloc_first_attribute()Stefan Metzmacher2010-01-142-0/+37
| | | | | | | metze Signed-off-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit c992127f8a96c37940a6d298c7c6859c47f83d9b)
* s3: Fix a winbind segfault in "trusted_domains"Volker Lendecke2010-01-131-3/+4
| | | | | | | We have to initialize domain->backend by calling "get_cache" before doing a query Thanks to Christian Ambach to find this :-)
* Fix bug #7034 - vfs_cap causes signal 11 (SIGSEGV)SASAJIMA Toshihiro2010-01-121-1/+2
|
* Fix two uses of strncat -> strlcat. Ensure proper use of strncpy when ↵Jeremy Allison2010-01-121-3/+3
| | | | | | setting socket name. Jeremy.
* Make file access control decisions a lot easier to debug (at level 10).Jeremy Allison2010-01-121-0/+11
| | | | Jeremy.
* Fix bug #7033 - SMBrmdir call always returns true, even on failure to delete ↵Jeremy Allison2010-01-121-2/+6
| | | | | | | | a directory. Argh. Missed the second (and essential) part of the fix for the above :-(. Jeremy
* Fix bug #7033 - SMBrmdir call always returns true, even on failure to delete ↵Jeremy Allison2010-01-121-2/+6
| | | | | | | | | | | a directory. There is a codepath missing to propagate back error returns from the rmdir POSIX call inside close_directory when delete on close is set. This means doing an rmdir on a Windows command line will always report success, even when the directory was not deleted. This fix adds that codepath back into Samba. Jeremy.
* Fix bug #6876 - Delete of an object whose parent folder does not have delete ↵Jeremy Allison2010-01-127-4/+142
| | | | | | | | | | rights fails even if the delete right is set on the object. Final fix for the vfs_acl_xattr and vfs_acl_tdb code. Ensure we can delete a file even if the underlying POSIX permissions don't allow it, if the Windows permissions do. Jeremy.
* Remove the global char *LastDir.Jeremy Allison2010-01-123-22/+1
| | | | This is no longer used for anything.
* s3: Lift the version of the scannedonly VFS moduleVolker Lendecke2010-01-121-1/+1
|
* s3: Add the "scannedonly" vfs virus scanner interface moduleOlivier Sessink2010-01-123-0/+1002
|
* s3:auth: add comment to nulling out stolen sampassMichael Adam2010-01-121-0/+4
| | | | | | | | | | Adding this comment makes me think, I could also have changed make_server_info_sam() talloc_move instead of talloc_steal, but that would have changed the signature... Well the comment is a first step. :-) Michael
* s3: Remove a pointless if-statementVolker Lendecke2010-01-121-3/+2
|
* s3-lanman: Allow a level2 descriptor for a level1 NetShareGetInfoGiovanni Bajo2010-01-111-1/+3
| | | | | | | | Windows seems to allow this http://lists.samba.org/archive/samba-technical/2009-November/068116.html has a dump of this.
* s3: Add a zfsacl:denymissingspecial parameterVolker Lendecke2010-01-111-0/+10
| | | | | | | | When setting an ACL without any of the user/group/other entries, ZFS automatically creates them. This can at times confuse users a lot. This parameter denies setting such an acl, users explicitly have to for example set an ACE with everyone allowing nothing. Users need to be educated about this, but this helps avoid a lot of confusion.
* s3: Remove some unused variablesVolker Lendecke2010-01-101-7/+0
|
* s3: Fix some nonempty blank linesVolker Lendecke2010-01-103-42/+42
|
* s3: Use sid_check_is_domain instead of a direct sid_equalVolker Lendecke2010-01-101-3/+6
|
* s3: Use sid_check_is_in_our_domain instead of a direct sid_peek_check_ridVolker Lendecke2010-01-101-4/+2
|
* s3: Replace most calls to sid_append_rid() by sid_compose()Volker Lendecke2010-01-1023-93/+64
|
* s3: Remove unused samr_make_sam_obj_sdVolker Lendecke2010-01-102-41/+0
|
* s3: Remove the typedef for "auth_serversupplied_info"Volker Lendecke2010-01-1017-51/+55
|
* s3: Remove the typedef for "auth_usersupplied_info"Volker Lendecke2010-01-1016-44/+44
|
* s3: Trim libnss_wins.soVolker Lendecke2010-01-101-2/+1
|
* s3: Trim down some utilities a bitVolker Lendecke2010-01-101-11/+11
|
* s3: Remove a pointless "else" branch from add_ccache_to_list()Volker Lendecke2010-01-091-4/+3
|
* s3: Slightly simplify winbindd_store_credsVolker Lendecke2010-01-091-4/+2
|
* s3: Fix a segfault in winbindd_dual_ccache_ntlm_auth()Volker Lendecke2010-01-091-1/+1
| | | | | | ntlmssp_update allocates the reply_blob as a child of ntlmssp_state. This means with ntlmss_end() it will be gone. winbindd_dual_ccache_ntlm_auth used the blob after the ntlmssp_end().
* Re-fix bug 5202 - cannot change ACLs on writable file with "dos filemode=yes"Jeremy Allison2010-01-081-0/+3
| | | | | | | | | | | | | | | This bug re-occurred for 3.3.x and above. The reason is that to change a NT ACL we now have to open the file requesting WRITE_DAC and WRITE_OWNER access. The mapping from POSIX "w" to NT permissions in posix_acls doesn't add these bits when "dos filemode = yes", so even though the permission or owner change would be allowed by the POSIX ACL code, the NTCreateX call fails with ACCESS_DENIED now we always check NT permissions first. Added in the mapping from "w" to WRITE_DAC and WRITE_OWNER access. Jeremy.
* s3-time: fix build warnings after we moved to shared time functions.Günther Deschner2010-01-081-6/+6
| | | | | | Bjoern, please check. Guenther
* s3 torture: Prevent smbcli segfault when running smbtorture3 against an smbd ↵Tim Prouty2010-01-071-0/+5
| | | | with security=share
* s3:auth: don't update the bad pw count if pw is among last 2 history entriesMichael Adam2010-01-071-1/+73
| | | | | | | | | This conforms to the behaviour of Windows 2003: http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/security/bpactlck.mspx This is supposed to fixes Bug #4347 . Michael
* s3:auth:check_sam_security: introduce a bool var to control pad_pw_count ↵Michael Adam2010-01-071-1/+7
| | | | | | | | incrementation This is a preparatory patch for the last part in fixing bug #4347 . Michael
* s3:passdb: store the plain nt passwords hashes in history, not salted md5Michael Adam2010-01-071-5/+10
| | | | | | | | | | | | | | This is in order to be able to do challenge response with the history, so that this can be checked when an invalid password was entered: If the given password is wrong but in the history, then the bad password count should not be updated... The "lucky" bit here is that the md5 has and the nt hash (md4) both are 16 bytes long. This is part of the fix for bug #4347 . Michael
* s3:smbd:password_in_history: treat entry with 0 salt as 0 + plain nt hashMichael Adam2010-01-071-6/+24
| | | | | | | | | | | | | This is to introduce a new format of the password history, maintaining backwards compatibility: The old format was 16 byte hash + 16 byte md5(salt + nt hash). The new format is 16 zero bytes and 16 bytes nt hash. This will allow us to respect the last X entries of the nt password history when deciding whether to increment the bad password count. This is part of the fix for bug #4347 . Michael
* s3: Remove some code that has become unnecessaryVolker Lendecke2010-01-071-8/+0
| | | | | | | | | | | | | | | | | | | The code I just removed was checked in with e5466fffc286a99f as a bug fix for https://bugzilla.samba.org/show_bug.cgi?id=3319. With the changes to is_visible_file made with 9e8b8f8c16612 these lines have become unnecessary, even with "hide unreadable = yes" dead msdfs symlinks show. This is because we can not stat(2) them and default to showing them. Why this change? I have a user who wants to use "hide unreadable" on msdfs links. Because you can't edit acls on symlinks themselves, the user created the targets as bogus, empty files that just exist as acl placeholders. With the code in place that this patch removes, we never allow this to work. Jeremy, please check! :-) Thanks, Volker
* s3: Lock down some srvsvc calls according to what w2k3 seems to doVolker Lendecke2010-01-071-0/+21
|
generated by cgit (git 2.34.1) at 2025-09-27 13:37:57 +0000