| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
| |
Both offer the same functionality, sec_ace_equal() will be removed.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
|
|
|
| |
Both offer the same functionality, sec_ace_equal() will be removed.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
|
|
|
| |
Both offer the same functionality, sec_ace_equal() will be removed.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
|
|
|
| |
Both offer the same functionality, sec_ace_equal() will be removed.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
|
|
|
| |
Both offer the same functionality, sec_ace_equal() will be removed.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
|
|
|
|
| |
This change cleans up the white-space damage, and converts the single
line if-then statements to match Samba's coding conventions.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
|
|
|
| |
With sec_desc_del_sid() now gone, this can also be removed.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
|
|
|
|
| |
The function is unused, and shares mostly the same behaviour as
security_descriptor_acl_del().
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
|
|
|
|
| |
With make_sec_desc() converted to use security_acl_dup(), which offers
the same behaviour, this function is no longer needed.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
It currently leaks memory onto the provided talloc context on error, fix
this.
Use X_acl_dup() functions provided by secuity_descriptor.c, rather than
the redundant secdesc.c calls. Also, use the IDL generated functions to
calculate the security descriptor structure size.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
The current error logic doesn't distinguish between a NULL source
security descriptor and ENOMEM.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed May 28 20:18:21 CEST 2014 on sn-devel-104
|
|
|
|
|
|
|
|
|
| |
With all callers converted to use security_descriptor_copy(), this
function can be removed.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
|
|
|
|
|
|
|
| |
Use security_descriptor_copy() instead, which is also provided by
libcli.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
|
|
|
|
|
|
| |
Use security_descriptor_copy() instead, which is also provided by
libcli.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
|
|
|
|
|
|
|
|
|
| |
Use security_descriptor_copy() instead, which is also provided by
libcli.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
|
|
|
|
|
|
|
| |
Use security_descriptor_copy() instead, which is also provided by
libcli.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
|
|
|
|
|
|
|
| |
Use security_descriptor_copy() instead, which is also provided by
libcli.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
|
|
|
|
|
|
|
| |
Use security_descriptor_copy() instead, which is also provided by
libcli.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
|
|
|
|
|
|
| |
Use security_descriptor_copy() instead, which is also provided by
libcli.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
|
|
|
|
|
|
|
|
|
|
| |
The macro is only used once, and is broken in two ways:
- it relies on an externally defined mem_ctx
- _data->data.sd.sd_size is set zero twice for a NULL sd
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
|
|
|
|
|
|
|
| |
IDL generated NDR routines are now used, so the old hand rolled
functions can be removed.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
|
|
|
|
| |
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
This function adds a new allow-type ACE to an existing ACE list. With
the removal of sec_desc_add_sid(), this is no longer used internally.
The same behaviour can be achieved via the much cleaner
security_ace_create() function.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
|
|
|
|
|
|
|
|
| |
This function adds an ACE to a security descriptor DACL. The same can be
achieved via the more flexible and much cleaner security_ace_create()
and security_descriptor_dacl_add() functions.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
script_status->num_scripts is used as the count in this message:
"%d scripts were executed last %s cycle\n"
However, script_status->num_scripts includes disabled scripts, which
are never actually executed.
Instead, count the number of scripts that aren't disabled and make the
message print that.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Wed May 28 02:27:48 CEST 2014 on sn-devel-104
|
|
|
|
|
|
|
|
| |
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Tue May 27 19:55:07 CEST 2014 on sn-devel-104
|
|
|
|
|
| |
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
|
|
|
|
|
| |
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
|
|
|
|
|
|
|
| |
On x86 with -O3, this saves surprising 160 bytes .text
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
|
|
|
|
|
| |
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
|
|
|
|
|
| |
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
|
|
|
|
|
|
|
|
|
|
|
| |
If --with-ctdb-dir option is not specified, use CTDB headers from ctdb/
subdirectory in the source tree.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Tue May 27 16:07:13 CEST 2014 on sn-devel-104
|
|
|
|
|
|
|
|
| |
This will allow to build clustered samba with built-in ctdb tree rather
than needing to install CTDB first.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
|
|
|
|
|
|
| |
This will correctly build ctdb_version.h before other targets when
running make -j.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
|
|
|
|
|
|
|
|
|
| |
struct security_ace has a struct dom_sid, not a pointer to it. So we don't have
to talloc it first and then not free it.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue May 27 12:54:55 CEST 2014 on sn-devel-104
|
|
|
|
|
|
|
|
| |
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Tue May 27 04:41:43 CEST 2014 on sn-devel-104
|
|
|
|
|
| |
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
|
|
|
|
|
| |
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
|
|
|
|
|
| |
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
|
|
|
|
|
|
|
|
|
|
| |
Change-Id: I0a12c048fd4e667b9aa0777f99c8f8306fc090ea
Signed-off-by: Arvid Requate <requate@univention.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Kai Blin <kai@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon May 26 05:55:46 CEST 2014 on sn-devel-104
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
b9_record_match needs to consider all allowed representations of IPv6
addresses (RFC 2373), otherwise DNS subtractrdataset operations fail
due to differences in zero padding between bind9 frontend and ndr_pull
of a dnsp_DnssrvRpcRecord structure.
Change-Id: Ic0a1b16008458993dc644646d7f4ae3d3a3c5fed
Signed-off-by: Arvid Requate <requate@univention.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Kai Blin <kai@samba.org>
Reviewed-by: Guenter Kukkukk <kukks@samba.org>
|
|
|
|
|
|
|
|
|
|
|
| |
If the caller provided smbXcli * pointers of an existing connection,
we can use it.
This will be used later in order to allow multiple dcerpc connections
over the same smb connection.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
|
|
|
| |
The smb and smb2 code pathes are the same.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
|
|
|
| |
There's no need for two almost identical structures.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
|
|
|
|
|
| |
dcerpc_pipe_connect
This will simplify further improvements.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
|
|
|
|
| |
There's no need to make the connect timeout dynamic.
We implicitly used SMB_REQUEST_TIMEOUT which is also 60 seconds before.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
|
|
|
|
|
| |
Now we just dcerpc_sock.c doesn't need to maintain 'struct sock_private'
in p->transport.private_data anymore, we're just using a raw tstream_context
as p->transport.stream.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We use information stored in the dcerpc_binding in order
to open a secondary connection.
The goals are:
- dcerpc_secondary_connection_* should just use the dcerpc_binding
information for the first connection and just call dcerpc_pipe_connect_*
- Get rid of dcerpc_pipe->transport.* and just use a tstream_context.
All other details should be maintained only by the higher levels.
- Hide dcerpc_pipe and dcecli_connection behind dcerpc_binding_handle.
- Have just one entry point to create a new connection. For source4/librpc
this will be dcerpc_pipe_connect_*. For source3/rpc_client we need
a similar function.
- We'll have a new dcerpc_connection layer, with also just one
entry point to create a new connection.
- Replace dcerpc_pipe and dcecli_connection with the new dcerpc_connection layer.
- Replace rpc_pipe_client with the new dcerpc_connection layer.
- When the client side is unified we can change the server
as it needs to act as a client in order to register the endpoint mappings.
- Then the core of the server will be changed to use the new dcerpc_connection
layer.
As dcerpc_socket_peer_addr() uses p->transport.private_data
as 'struct sock_private', we should avoid it.
We can then remove dcerpc_unix_socket_path() and 'struct sock_private'.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
We should remember local and remote ip address in dcerpc_pipe->binding.
Note: that we still have the "target_hostname" unmodified, if present.
This way dcerpc_pipe->binding can be used to create a secondary connection
that is a additional connection for the existing association group.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
|
|
|
|
|
| |
It's important that the caller can remember the ips,
so that a secondary connection can use the same addresses
in order to get association group binding to work.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|