summaryrefslogtreecommitdiffstats
path: root/source3
Commit message (Collapse)AuthorAgeFilesLines
* s3: auth: Convert samu_to_SamInfo3() to use the new utility function.Jeremy Allison2015-01-141-57/+9
| | | | | | | | | Based on code from Michael Zeis <mzeis.quantum@gmail.com> https://bugzilla.samba.org/show_bug.cgi?id=11044 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* s3: auth: Add a utility function - SamInfo3_handle_sids() that factors out ↵Jeremy Allison2015-01-141-0/+70
| | | | | | | | | | | the code to handle "Unix Users" and "Unix Groups". Based on code from Michael Zeis <mzeis.quantum@gmail.com> https://bugzilla.samba.org/show_bug.cgi?id=11044 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* net: Fix sam addgroupmemVolker Lendecke2015-01-131-3/+5
| | | | | | | | | | | | | Domain local groups come across as SID_TYPE_ALIAS and are sent to us in the PAC/Info3 struct. We should allow this in net sam addgroupmem. Volker Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Tue Jan 13 15:28:16 CET 2015 on sn-devel-104
* s3-util: Fix authentication with long hostnames.Andreas Schneider2015-01-121-1/+3
| | | | | | | | | | | | | If the hostname is longer than MAX_NETBIOSNAME_LEN we fail to correctly check the hostname. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11008 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Mon Jan 12 23:10:30 CET 2015 on sn-devel-104
* leases_db: don't leak lock_path onto talloc tosDavid Disseldorp2015-01-121-2/+9
| | | | | | | | | | Also check for allocation failures. Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Mon Jan 12 19:22:31 CET 2015 on sn-devel-104
* smbd: Fix a small leak on talloc_tos()Volker Lendecke2015-01-111-1/+1
| | | | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> Autobuild-User(master): Ralph Böhme <slow@samba.org> Autobuild-Date(master): Sun Jan 11 20:34:56 CET 2015 on sn-devel-104
* smbd: Fix an uninitialized variable readVolker Lendecke2015-01-111-2/+1
| | | | | | | | If dbwrap_fetch_locked failed, we did a TALLOC_FREE(value). Fix this with a talloc hierarchy. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* smbd: Make talloc_report of smb_filename more readableVolker Lendecke2015-01-111-0/+6
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* vfs_unityed_media: VFS module for sharing AVID projectsRalph Boehme2015-01-103-1/+1963
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Based on <https://code.google.com/p/vfs-unityed-media/>. The existing VFS module media_harmony has some problems relative to Avid media sharing: Avid looks at the modification time of the ingest directory. Since media_harmony has everyone using the same directory, users (or client systems) have to somehow create "fake" directories with special names and then media_harmony returns the mod time of those fake directories for the different clients rather than the actual mod time of the communal ingest directory. To make matters worse, users then have to have a special utility or understand how to update the modtime on these specially named directories. Otherwise, their client system will never update the indexes to show new media. To make it even worse than that, Avid creates new directories on the fly, so you can't just set this up statically at the beginning. Avid will silently create a new directory and your reindexing problems will start all over until you create new fake directories. With unityed_media: * there are no reindexes between clients * clients don't need to know which directories have been created for them, it's automatic. * clients never have to reindex other systems directories. * unityed_media let's each client have their own directories. * unityed_media works much more like Avid's own ISIS servers work. A module option controls which name is appended to client specific paths: the username, the hostname (will not work with OS X) or the client's IP. Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat Jan 10 04:15:04 CET 2015 on sn-devel-104
* lib: Simplify iov_bufVolker Lendecke2015-01-091-2/+2
| | | | | | | | | | | | | | According to https://www.securecoding.cert.org/confluence/display/seccode/INT30-C.+Ensure+that+unsigned+integer+operations+do+not+wrap we only need to check against one operand. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Jan 9 23:42:49 CET 2015 on sn-devel-104
* unix_msg: Fix 80-line formattingVolker Lendecke2015-01-091-2/+4
| | | | | | | | This is pretty fresh code, so hope this change does not fall under the "no reformatting" rule yet Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* test: Fix quotingVolker Lendecke2015-01-091-1/+1
| | | | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Fri Jan 9 17:33:31 CET 2015 on sn-devel-104
* s3-vfs: Fix developer build of vfs_ceph module.Günther Deschner2015-01-091-10/+20
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* vfs_fruit: mmap under FreeBSD needs PROT_READVolker Lendecke2015-01-081-1/+1
| | | | | | | | We memmove, which does read Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Böhme <rb@sernet.de> Reviewed-by: Jeremy Allison <jra@samba.org>
* vfs_fruit: fix base_fsp name conversionVolker Lendecke2015-01-081-1/+1
| | | | | Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* Add a script-only idmap module.Richard Sharpe2015-01-083-0/+403
| | | | | | | | | | | | | In this third version I have cleaned up some unused variable warnings that only the Samba 3 build found and added a man page based on the idmap_tdb2 man page. I have also added support for ID_TYPE_BOTH mappings and replaced calls to popen with something safer. Also, I removed some non-PC macros. Signed-off-by: Richard Sharpe <rsharpe@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Jan 8 04:30:32 CET 2015 on sn-devel-104
* allow net ads join accept new osServicePack parameterNoel Power2015-01-083-2/+26
| | | | | | | | | | | | | | | | | | | osServicePack paramater allows the default behaviour ( which is to use the samba version string as the operatingSystemServicePack attribute ) to be overridden Additionally make sure if blank string is passed that it is treated as attribute deletion. This is necessary as values for the os attributes are eventually passed to ads_modlist_add if the value is "" then the attempt to add this attribute fails in the underlying ldap 'ldap_modfiy_ext_s' function. In this case we need to pass NULL as the value to force deletion of the ldap attribute Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Jan 8 00:18:05 CET 2015 on sn-devel-104
* s3-libads: Fix a possible segfault in kerberos_fetch_pac().Andreas Schneider2015-01-071-13/+13
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=11037 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* passdb: Cache output from pdb_[ug]id_to_sidVolker Lendecke2015-01-071-0/+14
| | | | | | | | | | | | | A customer complained that after upgrading to Samba 4.0 fileserver its LDAP server was flooded with uid2sid and gid2sid request for id 0. With 4.0 we do a lot more user-space ACL checking which involves uid2sid/gid2sid. This caches the corresponding results. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Wed Jan 7 12:00:10 CET 2015 on sn-devel-104
* fixup: check for NULL pointersRalph Boehme2015-01-071-2/+2
| | | | | Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* winbind: Retry after SESSION_EXPIRED error in ping-dcChristof Schmitt2015-01-061-0/+8
| | | | | | | | | | | | | Trying to establish a netlogon connection when the service ticket expires might fail with NT_STATUS_NETWORK_SESSION_EXPIRED. The underlying client code already marks the session as invalid, so retry the netlogon connect in this case. Signed-off-by: Christof Schmit <cs@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Jan 6 02:58:57 CET 2015 on sn-devel-104
* smbd: Properly handle EINTR in vfs_aio_forkVolker Lendecke2015-01-061-3/+12
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* smbd: Use msghdr.[ch] in vfs_aio_forkVolker Lendecke2015-01-061-42/+20
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* lib: Use msghdr_prep_recv_fds in unix_msgVolker Lendecke2015-01-061-7/+4
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* lib: Add msghdr_prep_recv_fdsVolker Lendecke2015-01-062-0/+22
| | | | | | | | This will prepare a msghdr for receiving fd's. Same pattern as before: First get the buffer size, then fill in msghdr. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* lib: Use msghdr_extract_fds in unix_msgVolker Lendecke2015-01-061-56/+19
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* lib: Add msghdr_extract_fdsVolker Lendecke2015-01-062-0/+30
| | | | | | | | | This is a copy of the extract_fd_array_from_msghdr routine in unix_msg.c, with a similar use pattern: First call it without an output array to get the length and then call it a second time to actually fill in the array. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* smbd: Use msghdr_prep_fds in vfs_aio_forkVolker Lendecke2015-01-061-30/+9
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* lib: Use msghdr in unix_msgVolker Lendecke2015-01-062-121/+60
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* lib: Add msghdr.[ch]Volker Lendecke2015-01-063-0/+170
| | | | | | | | | | | | | | | | | | | | This is a little set of routines to deal with the ugly fd-passing macros. This patch is the first step assisting the creation of msghrds for sending fds. Receiving fd helpers will follow later. The basic idea behind these routines is that they fill a variable-sized buffer. They are supposed to be called twice per msghdr preparation. First with a 0-sized NULL output buffer to calculate the required bufsize, and then a second time filling in the buffer as such. This does not take care of the old msg_accrights way of passing file descriptors. CMSG/SCM_RIGHTS is standardized for quite a while now, and I believe this intreface can be made to also take care of msg_accrights if needed. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* lib: unix_dgram_msg does not need "num_fds"Volker Lendecke2015-01-061-2/+0
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* torture3: Fix a typoVolker Lendecke2015-01-061-1/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* s3:winbindd: improve logic to use CLDAP for a given domain.Stefan Metzmacher2015-01-051-1/+9
| | | | | | | | | | | As an AC Domain Controller we should try CLDAP for active directory domains. E.g. FreeIPA domains doesn't provide NBT at all... Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Mon Jan 5 19:23:40 CET 2015 on sn-devel-104
* s3:winbindd: mark our primary as active_directory if possibleStefan Metzmacher2015-01-051-0/+9
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s3:passdb: fix logic in pdb_set_pw_history()Stefan Metzmacher2015-01-051-7/+8
| | | | | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=10940 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Mon Jan 5 16:51:30 CET 2015 on sn-devel-104
* Happy New Year 2015!Stefan Metzmacher2015-01-011-1/+1
| | | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Thu Jan 1 02:47:59 CET 2015 on sn-devel-104
* lib: Fix a commentVolker Lendecke2014-12-301-3/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* lib: Use iov_advance in write_data_iovVolker Lendecke2014-12-301-16/+6
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* lib: Add iov_advanceVolker Lendecke2014-12-302-0/+35
| | | | | | | This chops off n bytes from an iovec array. Used for short writev's Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* lib: iov_buf does not need talloc.h anymoreVolker Lendecke2014-12-301-1/+0
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* lib: Use talloc_memdup in messaging_rec_dupVolker Lendecke2014-12-281-2/+1
| | | | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sun Dec 28 04:20:48 CET 2014 on sn-devel-104
* Fix a comment to indicate that TALLOC_FREE must be used to free an allocated ↵Richard Sharpe2014-12-261-1/+1
| | | | | | | | | | array of strings. Signed-off-by: Richard Sharpe <realrichardsharpe@gmail.com> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Fri Dec 26 22:54:51 CET 2014 on sn-devel-104
* winbind: Retry LogonControl RPC in ping-dc after session expirationChristof Schmitt2014-12-231-0/+10
| | | | | | | | | | | | When the underlying session expires, the LogonControl RPC call used in ping-dc returns NT_STATUS_IO_DEVICE_ERROR. Retry once in this case, instead of returning the error to the caller. Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Dec 23 02:46:34 CET 2014 on sn-devel-104
* spoolss: clear PrinterInfo on GetPrinter errorDavid Disseldorp2014-12-191-7/+12
| | | | | | | | | | If an error is returned without zeroing a pre-allocated @info pointer, then marshalling of the response will fail. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10984 Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* spoolss: clear info on GetPrinterDriverDirectory errorDavid Disseldorp2014-12-191-0/+1
| | | | | | | | | | If an error is returned without zeroing a pre-allocated @info pointer, then marshalling of the response will fail. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10984 Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* spoolss: clear info on GetPrintProcessorDirectory errorDavid Disseldorp2014-12-191-4/+9
| | | | | | | | | | If an error is returned without zeroing a pre-allocated @info pointer, then marshalling of the response will fail. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10984 Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* spoolss: clear FormInfo on GetForm errorDavid Disseldorp2014-12-191-0/+1
| | | | | | | | | | | | In handling a spoolss GetForm request, the handler may return an immediate error if one of the input parameters is invalid. If this is done without zeroing the pre-allocated @info pointer, then marshalling of the response will fail. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10984 Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* spoolss: clear DriverInfo on GetPrinterDriver2 errorDavid Disseldorp2014-12-191-5/+11
| | | | | | | | | | | | In handling a spoolss GetPrinterDriver2 request, the handler may return an immediate error if one of the input parameters is invalid. If this is done without zeroing the pre-allocated @info pointer, then marshalling of the response will fail. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10984 Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* spoolss: clear JobInfo on GetJob errorDavid Disseldorp2014-12-191-10/+18
| | | | | | | | | | | | | | | | In handling a spoolss GetJob request, the _spoolss_GetJob() handler may return an immediate error if one of the input parameters is invalid. If this is done without zeroing the pre-allocated @info pointer, then api_spoolss_GetJob() will attempt to marshall @info, which in the case of an @offered value of zero results in a marshalling error: ndr_push_error(7): Bad subcontext (PUSH) content_size 64 is larger than size_is(0) Bug: https://bugzilla.samba.org/show_bug.cgi?id=10984 Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3:pdb_samba_dsdb: use SEC_CHAN_DNS_DOMAIN in ↵Stefan Metzmacher2014-12-191-6/+33
| | | | | | | | | | | | pdb_samba_dsdb_get_trusteddom_creds() If both ends have a dns domain, we can use SEC_CHAN_DNS_DOMAIN in order to match a Windows DC. For kerberos we still need to use MY_NETBIOS_DOMAIN$@REMOTE_REALM. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
generated by cgit (git 2.34.1) at 2025-09-26 15:23:22 +0000