summaryrefslogtreecommitdiffstats
path: root/source3
Commit message (Collapse)AuthorAgeFilesLines
...
* messaging3: Remove use of full_path_tos()Volker Lendecke2014-06-181-8/+6
| | | | | | | | This is not performance critical, and this removes source3 specific code Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* unix_msg: Lift sockaddr_un handling from unix_msg_sendVolker Lendecke2014-06-185-33/+24
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* unix_msg: Lift sockaddr_un handling from unix_msg_initVolker Lendecke2014-06-185-43/+43
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* unix_msg: Lift sockaddr_un handling from unix_dgram_sendVolker Lendecke2014-06-181-19/+17
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* unix_msg: Lift sockaddr_un handling from unix_dgram_send_queue_initVolker Lendecke2014-06-181-13/+7
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* unix_msg: Lift sockaddr_un handling from unix_dgram_initVolker Lendecke2014-06-181-16/+23
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3: smb2 - strictly obey file name restrictions w.r.t. the SMB2 protocol spec.Jeremy Allison2014-06-181-0/+16
| | | | | | | | | | | | | MS-SMB2: 3.3.5.9 - Receiving an SMB2 CREATE Request If the file name length is greater than zero and the first character is a path separator character, the server MUST fail the request with STATUS_INVALID_PARAMETER. Found and fix confirmed by Microsoft test tool. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ira Cooper <ira@samba.org>
* s3: smb2 - Check supplied impersonation level on SMB2_CREATE.Jeremy Allison2014-06-181-0/+18
| | | | | | | | | | | | | | | MS-SMB2: 2.2.13 SMB2 CREATE Request ImpersonationLevel ... MUST contain one of the following values. The server MUST validate this field, but otherwise ignore it. NB. source4/torture/smb2/durable_open.c shows that this check is only done on real opens, not on durable handle reopens. Found and fix confirmed by Microsoft test tool. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ira Cooper <ira@samba.org>
* s3: smb2 - Negprot should return INVALID_PARAMETER if flags2 signed bit is set.Jeremy Allison2014-06-181-2/+17
| | | | | | | | | | | | | MS-SMB2: 3.3.5.2.4 Verifying the Signature. If the SMB2 header of the SMB2 NEGOTIATE request has the SMB2_FLAGS_SIGNED bit set in the Flags field, the server MUST fail the request with STATUS_INVALID_PARAMETER. Found and fix confirmed by Microsoft test tool. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ira Cooper <ira@samba.org>
* s3: auth: Fix winbindd_pam_auth_pac_send() to create a new info3 and merge ↵Jeremy Allison2014-06-181-2/+22
| | | | | | | | | | | | | in resource groups from a trusted PAC. Based on a patch from Richard Sharpe <realrichardsharpe@gmail.com>. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com> Reviewed-by: Simo Sorce <idra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Jun 18 03:30:36 CEST 2014 on sn-devel-104
* s3: auth: Change auth3_generate_session_info_pac() to use a copy of the ↵Jeremy Allison2014-06-181-2/+9
| | | | | | | | | | | info3 struct from the struct PAC_LOGON_INFO. Call create_info3_from_pac_logon_info() to add in any resource SIDs from the struct PAC_LOGON_INFO to the info3. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com> Reviewed-by: Simo Sorce <idra@samba.org>
* s3: auth: Add create_info3_from_pac_logon_info() to create a new info3 and ↵Jeremy Allison2014-06-182-0/+80
| | | | | | | | | | merge resource group SIDs into it. Originally written by Richard Sharpe Richard Sharpe <realrichardsharpe@gmail.com>. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com> Reviewed-by: Simo Sorce <idra@samba.org>
* s3: auth: Change make_server_info_info3() to take a const struct ↵Jeremy Allison2014-06-183-6/+6
| | | | | | | | | | netr_SamInfo3 pointer instead of a struct PAC_LOGON_INFO. make_server_info_info3() only reads from the info3 pointer. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com> Reviewed-by: Simo Sorce <idra@samba.org>
* s3: auth: Add some const to the struct netr_SamInfo3 * arguments of ↵Jeremy Allison2014-06-183-4/+4
| | | | | | | | | | copy_netr_SamInfo3() and make_server_info_info3() Both functions only read from the struct netr_SamInfo3 * argument. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com> Reviewed-by: Simo Sorce <idra@samba.org>
* lib: Use BVAL macro in interpret_long_dateVolker Lendecke2014-06-181-1/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* messaging3: Use server_id_str_bufVolker Lendecke2014-06-171-2/+4
| | | | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Jun 17 09:27:07 CEST 2014 on sn-devel-104
* build: fix the test and define for msg_accrightsMichael Adam2014-06-162-6/+6
| | | | | | | | | | | It must be "msg_accrights" not "msg_acctrights" ... ^ Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jelmer Vernooij <jelmer@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Mon Jun 16 18:18:04 CEST 2014 on sn-devel-104
* s3-winbindd: Honour pdb_is_responsible_for_everything_else()Andrew Bartlett2014-06-161-8/+11
| | | | | | | | | | | This allows us to avoid running idmap_init_default_domain() which gives an error in the default AD DC config. Andrew Bartlett Change-Id: I923bd941951f6a907e6fa1ad167e5218a01040ff Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
* passdb: Allow a passdb module to do idmap for everythingAndrew Bartlett2014-06-166-2/+348
| | | | | | | | | | | | | | | | | | | | | This patch seems odd, but the pdb_samba_dsdb module has exactly this semantics. That is, the pdb_samba_dsdb is responsible for all IDMAP values, due to backing on to the idmap.ldb allocator. This option is added so we can continue to support the mappings written into that database even when switching winbindd implementations - the source4/ winbind code would only ask the idmap_ldb code, no matter what the SID. Almost all of the behaviour for this is already in winbindd, but we need this extra flag function so as to avoid (currently intentional) errors at startup due to not having a per-domain allocation configured in the smb.conf. Andrew Bartlett Change-Id: I6b0d7a1463fe28dfd36715af0285911ecc07585c Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
* vfs:gpfs: fix a debug messageMichael Adam2014-06-131-1/+1
| | | | | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Fri Jun 13 19:54:23 CEST 2014 on sn-devel-104
* vfs: update a bit-rotten commentMichael Adam2014-06-131-5/+6
| | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* vfs: remove unused function vfs_pread_data()Michael Adam2014-06-132-24/+0
| | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* vfs_streams_xattr: add options "prefix" and "store_stream_type"Ralph Boehme2014-06-131-30/+92
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add module options that can be used to configure the stream prefix the module uses (option "prefix", a string) and whether the stream type "$DATA" is appended to the xattr name on disk (option "store_stream_type", a boolean). The default "prefix" is "user.DosStream" and the default for "store_stream_type" is true, this gives unchanged default behaviour when not specifying this option. OS X SMB clients will send xattrs as named streams over the wire, by setting the options to the following values streams_xattr:prefix = user. streams_xattr:store_stream_type = no OS X xattrs will be stored on disk on the server with their unmodified names and as such provide interoperability with other protocols like AFP. In order to prevent access to our internal Samba xattrs, check the xattr name with the function samba_private_attr_name() made public by the previous commit. Signed-off-by: Ralph Boehme <rb@sernet.de> Reviewed-by: Christof Schmitt <cs@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* Convert samba_private_attr_name() to a public functionRalph Boehme2014-06-132-1/+2
| | | | | | Signed-off-by: Ralph Boehme <rb@sernet.de> Reviewed-by: Christof Schmitt <cs@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* locking: use correct conversion specifier for printing variablesRalph Boehme2014-06-133-10/+11
| | | | | | | | | | | | Fix several occurences of using printf conversion to fload when printing offset and count variables in locking debug messages and smbstatus. Conversion to float may lead to wrong results with very large values. Signed-off-by: Ralph Boehme <rb@sernet.de> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* smbd: tevent_req_nterror already returns bool :-)Volker Lendecke2014-06-111-2/+1
| | | | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Jun 11 21:13:06 CEST 2014 on sn-devel-104
* smbd: Use full_path_tos() where appropriateVolker Lendecke2014-06-111-7/+15
| | | | | | | | | Recently I've got reports that SMB2_FIND is slower than trans2 findfirst, so this tries to use recent performance-sensitive APIs right from the start :-) Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3: smbd : SMB2 - fix SMB2_SEARCH when searching non wildcard string with a ↵Jeremy Allison2014-06-111-3/+34
| | | | | | | | | | | | | | | | case-canonicalized share. We need to go through filename_convert() in order for the filename canonicalization to be done on a non-wildcard search string (as is done in the SMB1 findfirst code path). Fixes Bug #10650 - "case sensitive = True" option doesn't work with "max protocol = SMB2" or higher in large directories. https://bugzilla.samba.org/show_bug.cgi?id=10650 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE> Reviewed-by: Ira Cooper <ira@samba.org>
* s3: smbd - SMB[2|3]. Ensure a \ or / can't be found anywhere in a search ↵Jeremy Allison2014-06-111-2/+2
| | | | | | | | path, not just at the start. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE> Reviewed-by: Ira Cooper <ira@samba.org>
* s3-winbindd: Implement SamLogon IRPC callAndrew Bartlett2014-06-114-51/+150
| | | | | | | | | | | | | | We do this by lifting parts of the winbindd_dual_pam_auth_crap() code into a new helper function winbind_dual_SamLogon(). This allows us to implement the semantics we need for IRPC, without the artifacts of the winbindd pipe protocol. Change-Id: Idb169217e6d68d387c99765d0af7ed394cb5b93a Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Kamen Mazdrashki <kamenim@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Jun 11 12:43:58 CEST 2014 on sn-devel-104
* s3-winbind: Transparently forward IRPC messages to the winbind_dual childAndrew Bartlett2014-06-111-37/+80
| | | | | | Change-Id: I8b336e2365e10ef9ea04d0957eb0829d3766b11e Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3-winbind rename winbindd_update_rodc_dns to be for more generic irpcAndrew Bartlett2014-06-114-11/+17
| | | | | | Change-Id: I385ef8bd766848becc42e58694207dc94cd07a89 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* librpc/idl: Merge wbint.idl with winbind.idl so we can forward IRPC requests ↵Andrew Bartlett2014-06-1142-241/+52
| | | | | | | | to internal winbind calls Change-Id: Iba3913d5a1c7f851b93f37e9beb6dbb20fbf7e55 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3-winbindd: Listen on IRPC and do forwarded DNS updates on an RODCAndrew Bartlett2014-06-116-0/+144
| | | | | | Change-Id: Ib87933c318f510d95f7008e122216d73803ede68 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3-winbindd: Register winbindd with irpcAndrew Bartlett2014-06-113-0/+34
| | | | | | Change-Id: Ie3c7109fef6982d95e8cad06870334565352e329 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* auth: Provide a way to use the auth stack for winbindd authenticationAndrew Bartlett2014-06-115-14/+74
| | | | | | | | | | | | | | This adds in flags that allow winbindd to request authentication without directly calling into the auth_sam module. That in turn will allow winbindd to call auth_samba4 and so permit winbindd operation in the AD DC. Andrew Bartlett Change-Id: I27d11075eb8e1a54f034ee2fdcb05360b4203567 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* winbindd: Call set_dc_type_and_flags on the internal domainAndrew Bartlett2014-06-115-113/+87
| | | | | | | | | | | | | | | | | | This allows the AD DC to be picked up correctly and gives the correct DNS name. To ensure no confusion, we also always init it with the full DNS name. It also means that, aside from the BUILTIN domain the initialized flag is set only in one place, which will help when we add more details to the domain structure in the future. This in turn allows kerberos authentication against winbindd on the AD DC. Andrew Bartlett Change-Id: Idc829cfe5f2e867c87107b49275b17f294821dcd Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* passdb: Do not routinely clear the global memory returned by ↵Andrew Bartlett2014-06-112-15/+41
| | | | | | | | | | | | get_global_sam_sid() This avoids use-after-free errors and tdb database churn. Andrew Bartlett Change-Id: If7ab2e24556d9dffc7ad22c0489d665dd75a0cab Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
* Use GUID_equal in a few placesVolker Lendecke2014-06-101-1/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3: libsmb: Change cli_disk_size() to use the ↵Jeremy Allison2014-06-071-0/+45
| | | | | | | | | | | | | trans2/SMB_FS_FULL_SIZE_INFORMATION call in preference to the old SMB1 call. Fallback to the old CORE protocol SMBdskattr if trans2/SMB_FS_FULL_SIZE_INFORMATION is not supported. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat Jun 7 05:41:44 CEST 2014 on sn-devel-104
* s3: libsmb: Make cli_smb2_dskattr() a 64-bit interface.Jeremy Allison2014-06-073-14/+10
| | | | | | | | Remove the fallback call from cli_dskattr() (now it's not called from external client code). Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE>
* s3: libsmb : Move users of cli_dskattr to a 64-bit interface cli_disk_free().Jeremy Allison2014-06-074-6/+35
| | | | | Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE>
* s3/s4: smbd, rpc, ldap, cldap, kdc services.Jeremy Allison2014-06-071-6/+10
| | | | | | | | | | | | | | Allow us to start if we bind to *either* :: or 0.0.0.0. Allows us to cope with systems configured as only IPv4 or only IPv6. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-By: Amitay Isaacs <amitay@gmail.com> Reviewed-By: Alexander Bokovoy <ab@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat Jun 7 01:01:44 CEST 2014 on sn-devel-104
* s3:vfs_afsacl fix compiler warningsChristian Ambach2014-06-041-2/+1
| | | | | | | | Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Christian Ambach <ambi@samba.org> Autobuild-Date(master): Wed Jun 4 22:34:51 CEST 2014 on sn-devel-104
* vfs_afsacl: remove unused includesChristian Ambach2014-06-041-2/+1
| | | | | | | | | | * auth.h might cause collisions with the Heimdal headers * we should not include afs/afs.h directly, see https://bugs.launchpad.net/ubuntu/+source/openafs/+bug/1319336 http://rt.central.org/rt/Ticket/Display.html?id=131737 Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* waf: fixup build with fake kaserver enabledChristian Ambach2014-06-042-0/+4
| | | | | Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* waf: add --with-fake-kaserver optionChristian Ambach2014-06-041-0/+13
| | | | | | | | | | This option was not added during the transition from autoconf to waf. Bring it back so that the code can be used again. Bug: https://bugzilla.samba.org/show_bug.cgi?id=9916 Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:lib/afs move afs_settoken.c to common lib dirChristian Ambach2014-06-045-271/+2
| | | | | Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:lib/afs move afs.c to common lib dirChristian Ambach2014-06-046-319/+3
| | | | | | | | | | some of the code in afs.c is needed by wbinfo that lives in the toplevel nsswitch directory, so move the afs.c file to a new top-level lib/afs directory. Use the name afs_funcs to avoid collisions with the afs.h header from OpenAFS Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3-winbind: Use strlcpy to avoid log entry.Andreas Schneider2014-06-041-1/+4
| | | | | | | | | | | | | | The full_name from Windows can be longer than 255 chars which results in a warning on log level 0 that we have a string overflow. This will avoid the warning. However we should fix this sooner or later on the protocol level to have no limit. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Wed Jun 4 16:49:11 CEST 2014 on sn-devel-104
generated by cgit (git 2.34.1) at 2025-09-26 13:00:41 +0000