summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* secdesc: use security_ace_equal instead of sec_ace_equalDavid Disseldorp2014-05-291-1/+1
| | | | | | | Both offer the same functionality, sec_ace_equal() will be removed. Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* torture/attr: use security_ace_equal instead of sec_ace_equalDavid Disseldorp2014-05-291-3/+3
| | | | | | | Both offer the same functionality, sec_ace_equal() will be removed. Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3/smbcacls: use security_ace_equal instead of sec_ace_equalDavid Disseldorp2014-05-291-4/+5
| | | | | | | Both offer the same functionality, sec_ace_equal() will be removed. Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3/sharesec: use security_ace_equal instead of sec_ace_equalDavid Disseldorp2014-05-291-3/+5
| | | | | | | Both offer the same functionality, sec_ace_equal() will be removed. Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3/libsmb_xattr: use security_ace_equal instead of sec_ace_equalDavid Disseldorp2014-05-291-4/+5
| | | | | | | Both offer the same functionality, sec_ace_equal() will be removed. Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli/security: cleanup security_ace_equal()David Disseldorp2014-05-291-8/+20
| | | | | | | | This change cleans up the white-space damage, and converts the single line if-then statements to match Samba's coding conventions. Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli/security: remove unused sec_ace_del_sid()David Disseldorp2014-05-292-33/+0
| | | | | | | With sec_desc_del_sid() now gone, this can also be removed. Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli/security: remove unused sec_desc_del_sid()David Disseldorp2014-05-292-37/+0
| | | | | | | | The function is unused, and shares mostly the same behaviour as security_descriptor_acl_del(). Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli/security: remove dup_sec_acl()David Disseldorp2014-05-292-13/+0
| | | | | | | | With make_sec_desc() converted to use security_acl_dup(), which offers the same behaviour, this function is no longer needed. Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli/security: clean up and fix make_sec_descDavid Disseldorp2014-05-291-48/+29
| | | | | | | | | | | | It currently leaks memory onto the provided talloc context on error, fix this. Use X_acl_dup() functions provided by secuity_descriptor.c, rather than the redundant secdesc.c calls. Also, use the IDL generated functions to calculate the security descriptor structure size. Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3/profiles: improve copy_registry_tree() errorsDavid Disseldorp2014-05-281-4/+5
| | | | | | | | | | | | The current error logic doesn't distinguish between a NULL source security descriptor and ENOMEM. Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed May 28 20:18:21 CEST 2014 on sn-devel-104
* libcli/secdesc: remove dup_sec_desc()David Disseldorp2014-05-282-21/+0
| | | | | | | | | With all callers converted to use security_descriptor_copy(), this function can be removed. Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* libcli/secdesc: replace dup_sec_desc() usageDavid Disseldorp2014-05-281-2/+5
| | | | | | | | | Use security_descriptor_copy() instead, which is also provided by libcli. Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* libgpo: replace dup_sec_desc() usageDavid Disseldorp2014-05-281-1/+7
| | | | | | | | Use security_descriptor_copy() instead, which is also provided by libcli. Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3/rpc_server/lsa: replace dup_sec_desc() usageDavid Disseldorp2014-05-281-3/+3
| | | | | | | | | Use security_descriptor_copy() instead, which is also provided by libcli. Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* s3/rpc_server/spoolss: replace dup_sec_desc() usageDavid Disseldorp2014-05-281-4/+14
| | | | | | | | | Use security_descriptor_copy() instead, which is also provided by libcli. Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* s3/posix_acls: replace dup_sec_desc() usageDavid Disseldorp2014-05-281-3/+3
| | | | | | | | | Use security_descriptor_copy() instead, which is also provided by libcli. Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* s3/net_rpc_printer: replace dup_sec_desc() usageDavid Disseldorp2014-05-281-1/+11
| | | | | | | | | Use security_descriptor_copy() instead, which is also provided by libcli. Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* s3/profiles: replace dup_sec_desc() usageDavid Disseldorp2014-05-281-2/+8
| | | | | | | | Use security_descriptor_copy() instead, which is also provided by libcli. Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3/rpc_server/spoolss: remove SETUP_SPOOLSS_NOTIFY_DATA_SECDESCDavid Disseldorp2014-05-281-9/+3
| | | | | | | | | | The macro is only used once, and is broken in two ways: - it relies on an externally defined mem_ctx - _data->data.sd.sd_size is set zero twice for a NULL sd Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* sharesec: remove unused security descriptor print fnsDavid Disseldorp2014-05-281-85/+0
| | | | | | | | | IDL generated NDR routines are now used, so the old hand rolled functions can be removed. Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* sharesec: use NDR security descriptor print fnsDavid Disseldorp2014-05-281-4/+12
| | | | | | Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* libcli/sd: remove redundant sec_ace_add_sid()David Disseldorp2014-05-282-27/+0
| | | | | | | | | | | | This function adds a new allow-type ACE to an existing ACE list. With the removal of sec_desc_add_sid(), this is no longer used internally. The same behaviour can be achieved via the much cleaner security_ace_create() function. Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* libcli/sd: remove redundant sec_desc_add_sid()David Disseldorp2014-05-282-38/+0
| | | | | | | | | | This function adds an ACE to a security descriptor DACL. The same can be achieved via the more flexible and much cleaner security_ace_create() and security_descriptor_dacl_add() functions. Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* ctdb-tools-ctdb: scriptstatus should not count disabled scriptsMartin Schwenke2014-05-281-1/+7
| | | | | | | | | | | | | | | | | | script_status->num_scripts is used as the count in this message: "%d scripts were executed last %s cycle\n" However, script_status->num_scripts includes disabled scripts, which are never actually executed. Instead, count the number of scripts that aren't disabled and make the message print that. Signed-off-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Amitay Isaacs <amitay@gmail.com> Autobuild-User(master): Amitay Isaacs <amitay@samba.org> Autobuild-Date(master): Wed May 28 02:27:48 CEST 2014 on sn-devel-104
* Remove obsolete README.packaging4.Michael Adam2014-05-271-13/+0
| | | | | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org> Autobuild-User(master): David Disseldorp <ddiss@samba.org> Autobuild-Date(master): Tue May 27 19:55:07 CEST 2014 on sn-devel-104
* libcli: Simplify desc_ace_has_generic()Volker Lendecke2014-05-271-9/+6
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
* libcli: Simplify desc_expand_generic()Volker Lendecke2014-05-271-13/+6
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
* libcli: Avoid an explicit memset callVolker Lendecke2014-05-271-4/+4
| | | | | | | On x86 with -O3, this saves surprising 160 bytes .text Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
* libcli: Avoid a talloc/freeVolker Lendecke2014-05-271-4/+6
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
* libcli: Avoid a talloc/freeVolker Lendecke2014-05-271-4/+6
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
* s3-build: Support building with in-tree CTDBAmitay Isaacs2014-05-272-3/+7
| | | | | | | | | | | If --with-ctdb-dir option is not specified, use CTDB headers from ctdb/ subdirectory in the source tree. Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Tue May 27 16:07:13 CEST 2014 on sn-devel-104
* ctdb-build: Move internal include files in a separate directoryAmitay Isaacs2014-05-274-1/+2
| | | | | | | | This will allow to build clustered samba with built-in ctdb tree rather than needing to install CTDB first. Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Michael Adam <obnox@samba.org>
* ctdb-build: Build ctdb_version.h before compiling files that include itAmitay Isaacs2014-05-271-0/+3
| | | | | | | | This will correctly build ctdb_version.h before other targets when running make -j. Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Michael Adam <obnox@samba.org>
* libcli: Fix a memleakVolker Lendecke2014-05-271-5/+3
| | | | | | | | | | | struct security_ace has a struct dom_sid, not a pointer to it. So we don't have to talloc it first and then not free it. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Tue May 27 12:54:55 CEST 2014 on sn-devel-104
* messaging3: Remove a pointless return;Volker Lendecke2014-05-271-1/+0
| | | | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Martin Schwenke <martin@meltin.net> Autobuild-User(master): Martin Schwenke <martins@samba.org> Autobuild-Date(master): Tue May 27 04:41:43 CEST 2014 on sn-devel-104
* messaging3: Fix whitespaceVolker Lendecke2014-05-271-1/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Martin Schwenke <martin@meltin.net>
* serverid: Fix an incompatible pointer assignmentVolker Lendecke2014-05-271-1/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Martin Schwenke <martin@meltin.net>
* smbd: Fix a typoVolker Lendecke2014-05-271-1/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Martin Schwenke <martin@meltin.net>
* s4-dns: dlz_bind9: improve log message consistencyArvid Requate2014-05-261-4/+4
| | | | | | | | | | Change-Id: I0a12c048fd4e667b9aa0777f99c8f8306fc090ea Signed-off-by: Arvid Requate <requate@univention.de> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Kai Blin <kai@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Mon May 26 05:55:46 CEST 2014 on sn-devel-104
* s4-dns: dlz_bind9: Fix ipv6 updatesArvid Requate2014-05-261-1/+5
| | | | | | | | | | | | | b9_record_match needs to consider all allowed representations of IPv6 addresses (RFC 2373), otherwise DNS subtractrdataset operations fail due to differences in zero padding between bind9 frontend and ndr_pull of a dnsp_DnssrvRpcRecord structure. Change-Id: Ic0a1b16008458993dc644646d7f4ae3d3a3c5fed Signed-off-by: Arvid Requate <requate@univention.de> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Kai Blin <kai@samba.org> Reviewed-by: Guenter Kukkukk <kukks@samba.org>
* s4:librpc/rpc: allow a shortcut in dcerpc_pipe_connect_ncacn_np_smb[2]_send()Stefan Metzmacher2014-05-261-0/+10
| | | | | | | | | | | If the caller provided smbXcli * pointers of an existing connection, we can use it. This will be used later in order to allow multiple dcerpc connections over the same smb connection. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:librpc/rpc: split out continue_smb_open()Stefan Metzmacher2014-05-261-28/+11
| | | | | | | The smb and smb2 code pathes are the same. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:librpc/rpc: remove pipe_np_smb2_state and use pipe_np_smb_stateStefan Metzmacher2014-05-261-10/+4
| | | | | | | There's no need for two almost identical structures. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:librpc/rpc: remember some smbXcli_* pointers within struct ↵Stefan Metzmacher2014-05-261-33/+27
| | | | | | | | | dcerpc_pipe_connect This will simplify further improvements. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:librpc/rpc: use DCERPC_REQUEST_TIMEOUT for smb opensStefan Metzmacher2014-05-262-16/+8
| | | | | | | | There's no need to make the connect timeout dynamic. We implicitly used SMB_REQUEST_TIMEOUT which is also 60 seconds before. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:librpc/rpc: remove some unused functions and structures from dcerpc_sock.cStefan Metzmacher2014-05-261-46/+5
| | | | | | | | | Now we just dcerpc_sock.c doesn't need to maintain 'struct sock_private' in p->transport.private_data anymore, we're just using a raw tstream_context as p->transport.stream. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:librpc/rpc: avoid using dcerpc_socket_peer_addr()Stefan Metzmacher2014-05-261-9/+46
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We use information stored in the dcerpc_binding in order to open a secondary connection. The goals are: - dcerpc_secondary_connection_* should just use the dcerpc_binding information for the first connection and just call dcerpc_pipe_connect_* - Get rid of dcerpc_pipe->transport.* and just use a tstream_context. All other details should be maintained only by the higher levels. - Hide dcerpc_pipe and dcecli_connection behind dcerpc_binding_handle. - Have just one entry point to create a new connection. For source4/librpc this will be dcerpc_pipe_connect_*. For source3/rpc_client we need a similar function. - We'll have a new dcerpc_connection layer, with also just one entry point to create a new connection. - Replace dcerpc_pipe and dcecli_connection with the new dcerpc_connection layer. - Replace rpc_pipe_client with the new dcerpc_connection layer. - When the client side is unified we can change the server as it needs to act as a client in order to register the endpoint mappings. - Then the core of the server will be changed to use the new dcerpc_connection layer. As dcerpc_socket_peer_addr() uses p->transport.private_data as 'struct sock_private', we should avoid it. We can then remove dcerpc_unix_socket_path() and 'struct sock_private'. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:librpc/rpc: set "localaddress" and reset "host" for ncacn_ip_tcpStefan Metzmacher2014-05-262-5/+34
| | | | | | | | | | | | We should remember local and remote ip address in dcerpc_pipe->binding. Note: that we still have the "target_hostname" unmodified, if present. This way dcerpc_pipe->binding can be used to create a secondary connection that is a additional connection for the existing association group. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:librpc/rpc: return the local/remote ip from dcerpc_pipe_open_tcp_recv()Stefan Metzmacher2014-05-263-6/+29
| | | | | | | | | It's important that the caller can remember the ips, so that a secondary connection can use the same addresses in order to get association group binding to work. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
generated by cgit (git 2.34.1) at 2024-06-30 12:25:46 +0000