summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* s3-smbd: Do not check no_acl_syscall_error(errno) after sys_acl_init()Andrew Bartlett2012-08-161-11/+2
| | | | | | This is no longer a VFS call, so will no longer fail in this way. Andrew Bartlett
* selftest: Extend xattr-tdb-1 vfstest to call statAndrew Bartlett2012-08-161-0/+1
|
* s3-vfs: Continue to make vfs_xattr_tdb non-recursiveAndrew Bartlett2012-08-161-24/+50
| | | | | | We now always use _NEXT_ VFS calls, even to build the file id. Andrew Bartlett
* s3-vfs: Add new VFS module to fake setting an ACLAndrew Bartlett2012-08-162-0/+378
| | | | | | | The purpose of this module is to remove the relience on the system having ACL support to test NT ACLs. Andrew Bartlett
* librpc/idl: Fix acl array definition in smb_acl_tAndrew Bartlett2012-08-161-1/+1
|
* s3-selftest: convert xattr-tdb-1 vfstest driver into a subunit testAndrew Bartlett2012-08-163-10/+52
| | | | | | | | | | | We don't use the simple smb.conf because we need to override all the paths for this to work as non-root without a panic, so we use the s3dc environment, which already loads this module. Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Thu Aug 16 02:55:19 CEST 2012 on sn-devel-104
* s3-selftest: convert stream_depot vfstest driver into a subunit testAndrew Bartlett2012-08-163-10/+35
| | | | | | | | | | This gives us our first automated coverage of the vfstest binary. We don't use the simple smb.conf because we need to override all the paths for this to work as non-root without a panic, so we use the s3dc environment, which already loads this module. Andrew Bartlett
* fix printf warning in net connectionsAndrew Bartlett2012-08-161-2/+2
|
* s3:utils: remove standalone cclean toolGregor Beck2012-08-164-329/+1
| | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s3:doc manpage for "net connections cleanup"Gregor Beck2012-08-161-0/+39
| | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s3:net add command "connections cleanup"Gregor Beck2012-08-165-2/+286
| | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s3-vfs: Set errno in xattr emulationAndrew Bartlett2012-08-152-0/+7
| | | | | | | | | The caller may check this errno. Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Aug 15 18:05:33 CEST 2012 on sn-devel-104
* s3-vfs: Avoid loops in VFS modules: call _NEXT functions in xattr emulationAndrew Bartlett2012-08-152-8/+8
| | | | | | | | We need to call the next module in the stack otherwise we will loop if the stat call is in turn implemented in terms of extended attribute lookup. Andrew Bartlett
* s3-vfs: ensure we strictly free the talloc_stackframeAndrew Bartlett2012-08-151-1/+1
| | | | | | | We must do this when leaving the function or else in development, we will panic. Andrew Bartlett
* s4-selftest: Fix test name for samba.tests.dcerpc.bareAndrew Bartlett2012-08-151-1/+1
|
* librpc/idl: Make smb_acl_t public so we can pull/push it as a blobAndrew Bartlett2012-08-152-1/+10
|
* libcli/smb: verify decrypted SMB2 pdus correctlyStefan Metzmacher2012-08-151-2/+38
| | | | | | | | | | | | | | We need to make sure we got a encrypted response if we asked for it. If we don't get a encrypted response, we use a similar logic as with signing to propagated wellknown errors to the higher layer and set state->smb2.signing_skipped = true. metze Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed Aug 15 16:26:26 CEST 2012 on sn-devel-104
* libcli/smb: fix parsing of compounded messages within a SMB2_TRANSFORM pduStefan Metzmacher2012-08-151-5/+12
| | | | | | | | | One SMB2_TRANSFORM pdu wraps multiple SMB2 pdus. We inject the SMB2_TRANSFORM header to each response which was wrapped inside. This allows the next layer to verify if the SMB2 pdu was encrypted. metze
* libcli/smb: fix smb2cli_req_compound_submit for multiple encrypted messagesStefan Metzmacher2012-08-151-63/+104
| | | | | | There should be only one SMB2_TRANSFORM header for all compound requests. metze
* s3:smb2_server: do calculations based on SMBD_SMB2_NUM_IOV_PER_REQ in ↵Stefan Metzmacher2012-08-151-3/+3
| | | | | | smbd_smb2_request_validate() metze
* libcli/smb: all flags except SMB2_HDR_FLAG_ASYNC should be cleared in a ↵Stefan Metzmacher2012-08-151-0/+6
| | | | | | cancel request. metze
* s3-sysacls: Remove sys_acl_free_qualifier() as it is a no-opAndrew Bartlett2012-08-154-10/+0
| | | | | Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Aug 15 05:23:18 CEST 2012 on sn-devel-104
* s3-sysacls: Remove sys_acl_free_acl() and replace with TALLOC_FREE()Andrew Bartlett2012-08-155-48/+41
|
* s3-smbd: Remove sys_acl_*() VFS wrapper functionsAndrew Bartlett2012-08-159-1271/+1
| | | | | | | | | | | | | | | | | | | | | | | We no longer do struct smb_acl_t manipuations via the VFS layer, which is now reduced to handling the get/set functions. The only backend that implemented these functions (aside from audit) was the vfs_default module calling the sys_acl code. The various ACL implementation modules either worked on the fully initilaised smb_acl_t object or on NT ACLs. This not only makes the operation of the posix ACL code more efficient (as allocation and free is not put via the VFS), it makes it easier to test and removes the fantasy that a module could safely redefine this structure or the behaviour here. The smb_acls.idl now defines the structure, and it is now allocated with talloc. These operations were originally added to the VFS in commit 3bb219161a270f12c27c3bc7e1220829c6e9f284. Andrew Bartlett
* s3-smbd: Remove unused conn argument from convert_permset_to_mode_t()Andrew Bartlett2012-08-151-3/+3
|
* s3-smbd: Call sys_acl_set_permset() directly rather than via the VFSAndrew Bartlett2012-08-151-7/+7
| | | | | | | This will allow us to remove the struct smb_acl_t manipuations from the VFS layer, which will be reduced to handling the get/set functions. Andrew Bartlett
* s3-smbd: Call sys_acl_set_qualifier() directly rather than via the VFSAndrew Bartlett2012-08-151-3/+3
| | | | | | | This will allow us to remove the struct smb_acl_t manipuations from the VFS layer, which will be reduced to handling the get/set functions. Andrew Bartlett
* s3-smbd: Call sys_acl_set_tag_type() directly rather than via the VFSAndrew Bartlett2012-08-151-6/+6
| | | | | | | This will allow us to remove the struct smb_acl_t manipuations from the VFS layer, which will be reduced to handling the get/set functions. Andrew Bartlett
* s3-smbd: Call sys_acl_create_entry() directly rather than via the VFSAndrew Bartlett2012-08-151-6/+6
| | | | | | | This will allow us to remove the struct smb_acl_t manipuations from the VFS layer, which will be reduced to handling the get/set functions. Andrew Bartlett
* s3-smbd: Call sys_acl_add_perm() directly rather than via the VFSAndrew Bartlett2012-08-151-6/+6
| | | | | | | This will allow us to remove the struct smb_acl_t manipuations from the VFS layer, which will be reduced to handling the get/set functions. Andrew Bartlett
* s3-smbd: Call sys_acl_clear_perms() directly rather than via the VFSAndrew Bartlett2012-08-151-2/+2
| | | | | | | This will allow us to remove the struct smb_acl_t manipuations from the VFS layer, which will be reduced to handling the get/set functions. Andrew Bartlett
* s3-smbd: Call sys_acl_init() directly rather than via the VFSAndrew Bartlett2012-08-151-3/+3
| | | | | | | This will allow us to remove the struct smb_acl_t manipuations from the VFS layer, which will be reduced to handling the get/set functions. Andrew Bartlett
* s3-smbd: Call sys_acl_free_acl() directly rather than via the VFSAndrew Bartlett2012-08-152-24/+24
| | | | | | | This will allow us to remove the struct smb_acl_t manipuations from the VFS layer, which will be reduced to handling the get/set functions. Andrew Bartlett
* s3-smbd: Call sys_acl_free_qualifier() directly rather than via the VFSAndrew Bartlett2012-08-151-2/+2
| | | | | | | This will allow us to remove the struct smb_acl_t manipuations from the VFS layer, which will be reduced to handling the get/set functions. Andrew Bartlett
* s3-smbd: Call sys_acl_get_entry() directly rather than via the VFSAndrew Bartlett2012-08-152-8/+8
| | | | | | | This will allow us to remove the struct smb_acl_t manipuations from the VFS layer, which will be reduced to handling the get/set functions. Andrew Bartlett
* s3-smbd: Call sys_acl_free_qualifier() directly rather than via the VFSAndrew Bartlett2012-08-151-2/+2
| | | | | | | This will allow us to remove the struct smb_acl_t manipuations from the VFS layer, which will be reduced to handling the get/set functions. Andrew Bartlett
* s3-smbd: Call sys_acl_get_qualifier() directly rather than via the VFSAndrew Bartlett2012-08-152-4/+4
| | | | | | | This will allow us to remove the struct smb_acl_t manipuations from the VFS layer, which will be reduced to handling the get/set functions. Andrew Bartlett
* s3-smbd: Call sys_acl_get_tagtype() directly rather than via the VFSAndrew Bartlett2012-08-152-5/+5
| | | | | | | This will allow us to remove the struct smb_acl_t manipuations from the VFS layer, which will be reduced to handling the get/set functions. Andrew Bartlett
* s3-smbd: Call sys_acl_get_permset() directly rather than via the VFSAndrew Bartlett2012-08-152-8/+8
| | | | | | | This will allow us to remove the struct smb_acl_t manipuations from the VFS layer, which will be reduced to handling the get/set functions. Andrew Bartlett
* s3-smbd: Call sys_acl_get_perm() directly rather than via the VFSAndrew Bartlett2012-08-152-9/+9
| | | | | | | This will allow us to remove the struct smb_acl_t manipuations from the VFS layer, which will be reduced to handling the get/set functions. Andrew Bartlett
* s3-smbd: Move smb_acl_t declaration to smb_acl.idlAndrew Bartlett2012-08-155-35/+73
| | | | | | | | This will allow us to marshall this into and from an NDR blob on disk, which will allow us to fake up ACL support during make test, and to test the NT ACL emulation using python bindings via the VFS. Andrew Bartlett
* pidl: Add mode_t as an alias so we can marshall posix ACL structuresAndrew Bartlett2012-08-151-0/+1
|
* s3-smbd: Change allocation of smb_acl_t to talloc()Andrew Bartlett2012-08-159-64/+49
| | | | | | | | | The acl element is changed to be a talloc child, and is no longer one element longer than requested by virtue of the acl[1] base pointer. This also avoids one of the few remaining cases of over-allocation of a structure. Andrew Bartlett
* libwbclient: Add test for wbcPingDc2Christof Schmitt2012-08-151-0/+14
| | | | | | | The internal domain used in 'make test' does not report a DC name, so just add tests similar to the old wbcPingDc call. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* wbinfo: Improve output of wbinfo --ping-dcChristof Schmitt2012-08-151-3/+5
| | | | | | | | | | | Use wbcPingDc2 to get the DC name and print it. Cleanup error messages: Remove "Could not ping our DC", there is always a more specific message. Avoid printing "failed to call wbcPingDc" in case the ping has been attempted and it returns an error, the error is already printed. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* libwbclient: Add wbcPingDc2Christof Schmitt2012-08-154-2/+115
| | | | | | | Add wbcPingDc2 that optionally returns the DC that was attempted to ping. wbcPing is implemented as a wrapper around wbcPingDc2. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s3-winbind: Return the DC name from DC_PINGChristof Schmitt2012-08-153-1/+14
| | | | | | | The DC that was attempted to ping is useful for troubleshooting. Return the DC name in the response to the wbclient. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s3-winbind: Pass ping-dc result to clientChristof Schmitt2012-08-151-1/+9
| | | | | | | The client checks for an error code in response.data.auth.nt_status, make sure the result is stored there. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* selftest: Add knownfail for samba3.winbind.wbclient.wbcPingDc2Andrew Bartlett2012-08-151-0/+1
| | | | | | The soon-to-be-added command also fails against the s4 winbind. Andrew Bartlett
* s4:dsdb/repl: fix the usage of 'GC/' prefixed principal namesStefan Metzmacher2012-08-141-21/+6
| | | | | | | | | | | | | | | | The "serverReference" attribute is available on the "server" object not on the "nTDSA" object. This allows connections to RODCs, as they don't have a E3514235-4B06-11D1-AB04-00C04FC2DCD2/${NTDSGUID}/${DNSDOMAIN} principal. Pair-Programmed-With: Björn Baumbach <bb@sernet.de> metze Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Tue Aug 14 18:57:41 CEST 2012 on sn-devel-104
generated by cgit (git 2.34.1) at 2025-09-26 23:19:05 +0000