summaryrefslogtreecommitdiffstats
path: root/source/include
Commit message (Collapse)AuthorAgeFilesLines
* Fix for CVE-2009-2906.samba-3.0.37v3-0-stableJeremy Allison2009-09-301-0/+1
| | | | | | | | Summary: Specially crafted SMB requests on authenticated SMB connections can send smbd into a 100% CPU loop, causing a DoS on the Samba server.
* prefer gssapi header files from subdirectoryBjörn Jacke2009-07-301-3/+3
| | | | | | | this fixes some compile time noise on FreeBSD 7 (cherry picked from commit 1bfdbb093f7c5e434ea3e653d389e1ccec578af6) (cherry picked from commit de96e1a82d6e92c00a0ab3020db8d7c0284aadb1) (cherry picked from commit b4fc28ddffa4f9a74ca72ee6c2d30f544de5360c)
* Happy New Year!Stefan Metzmacher2009-01-121-1/+1
| | | | | metze (cherry picked from commit 041435d841b457f493c940e0281cd496b52fb7dc)
* s3/smb.h: Remove unused LDAP_SSL_ON.Karolin Seeger2009-01-121-1/+1
| | | | | | | | | | | LDAP_SSL_ON is not defined at all. Ldaps can be used by specifying an ldaps URL using the "passdb backend" parameter. Karolin (cherry picked from commit 0c6cf1f8793edfde924289aafbd174ce4a4fae0c) (cherry picked from commit 7f36de6906811d4f0428b75c79c72b17b8ccfcef) (cherry picked from commit a3113657b4427eddcfbb10d71e9e8ade06bbd16f)
* s3: correctly detect if the current dc is the closest oneStefan Metzmacher2009-01-121-1/+0
| | | | | | | | | | ads->config.tried_closest_dc was never set. metze Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org> (cherry picked from commit dfe5b00db35e1e7c7bb3ba36729fc3f97eb48db3)
* Backport bugfix for bug #5710.Günther Deschner2009-01-121-0/+2
| | | | | | | | In order to successfully update a machine account password we need to use Netlogon ServerPasswordSet2 when NETLOGON_NEG_PASSWORD_SET2 has been negotiated. Guenther (cherry picked from commit 84fbac51ffc5f4a8a4f7b1baf5e9b1af174505f5)
* netlogon: define NET_SRVPWSET2 call.Günther Deschner2009-01-121-0/+18
| | | | | Guenther (cherry picked from commit 15fe1a3fa07493060a0155bd4f9f0f9bd1588d50)
* ENODATA is not defined in freeBSD 4.6.2Herb Lewis2008-06-181-0/+4
|
* AIX build fix from William Jojo -- thanksVolker Lendecke2008-06-121-0/+1
|
* Fix Bug #5285. (libcap header mismatch)Günther Deschner2008-05-281-1/+2
| | | | | | | | | Can someone with gpfs available test this ? The only codepath using this function is the modules/gpfs.c module. The fix resolves at least the build issues Samba has with recent kernel / libcap versions by using the portable cap_get_proc()/cap_set_proc() interface (instead of using capget/capset). Guenther
* Re-add samr getdispinfoindex parsing which got lost in the glue commit.Günther Deschner2008-05-161-1/+1
| | | | Guenther
* Fix bug #5095, "Manage Documents privilege is not functional".Jeremy Allison2008-05-061-4/+5
| | | | | Should map the created sd to printer jobs, not printer. Jeremy.
* Fix bug 5419Volker Lendecke2008-04-261-0/+2
| | | | | | This is a port of Steven Danneman's 3-2 fix that was pushed with fe9f48bfe Thanks!
* Remove trailing whitespace.Karolin Seeger2008-04-091-1/+1
| | | | Karolin
* Fix typos.Karolin Seeger2008-04-091-1/+1
| | | | Karolin
* Fix NETLOGON credential chain with Windows 2008 all over the place.Günther Deschner2008-04-041-4/+2
| | | | | | | | | | | In order to avoid receiving NT_STATUS_DOWNGRADE_DETECTED from a w2k8 netr_ServerAuthenticate2 reply, we need to start with the AD netlogon negotiate flags everywhere (not only when running in security=ads). Only for NT4 we need to do a downgrade to the returned negotiate flags. Tested with w2k8, w2ksp4, w2k3r2 and nt4sp6. Guenther
* Add NT_STATUS_DOWNGRADE_DETECTED (thanks to Magnus Mertens).Günther Deschner2008-03-261-0/+1
| | | | | Guenther (cherry picked from commit 970daaa0a620d8e47475909cd7b5e54869602530)
* Enable v3-0-test to successfully join a windows 2008 domain controller.Günther Deschner2008-01-311-0/+3
| | | | | | | This is hand-merged from a couple of commits from 3-2-test, cherry-picking was hardly possible without importing all the ldap sign/seal work from metze. Guenther
* Port SMB_FS_OBJECTID_INFORMATION from 3.2Volker Lendecke2008-01-261-0/+11
| | | | Patch by Corinna Vinschen -- Thanks
* Added :Jeremy Allison2008-01-231-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Author: Jeremy Allison <jra@samba.org> Date: Wed Jan 23 15:23:16 2008 -0800 Don't leak memory in error path. Jeremy. Author: Jeremy Allison <jra@samba.org> Date: Wed Jan 23 15:00:40 2008 -0800 Use strchr_m in seaching for '.' in the hostname to make sure we're mb safe. Jeremy. Author: Andreas Schneider <anschneider@suse.de> Date: Thu Jan 17 11:35:40 2008 +0100 Fix Windows 2008 (Longhorn) join. During 'net ads join' the cli->desthost is a hostname (e.g. rupert.galaxy.site). Check if we have a hostname and use only the first part, the machine name, of the string. Author: Andreas Schneider <anschneider@suse.de> Date: Thu Jan 17 10:11:11 2008 +0100 Windows 2008 (Longhorn) auth2 flag fixes. Interop fixes for AD specific flags. Original patch from Todd Stetcher.
* Version of Matt Geddes <musicalcarrion@gmail.com>Jeremy Allison2008-01-231-1/+26
| | | | | | patch for adding acct_flags to rpccli_samr_create_dom_user(). Jerry please test. Jeremy.
* Happy new year !Günther Deschner2008-01-031-1/+1
| | | | | Guenther (cherry picked from commit 9a58cd57953d6aead14789daa47a3badef19496d)
* Add combined flag LOOKUP_NAME_LOCAL.Michael Adam2007-12-171-0/+4
| | | | | | | | | Presence of LOOKUP_NAME_ISOLATED as the only flag is not the sign for doing local lookups only but the sign for allowing lookups of unqualified names. The correct sign is absence of the flag LOOKUP_NAME_REMOTE. Michael
* Add flags for correctly implementing lsa_lookup_name levels.Michael Adam2007-12-121-5/+17
| | | | | | | This is in preparation of the upcoming fix for bug #4801 (correct implementation of lsa lookup name levels.) Michael
* printing: fix default printing subsystem detectionStefan Metzmacher2007-11-231-1/+0
| | | | | | | | "system/printing.h" includes an outdated copy of the stuff in samba3's includes.h, so we should not use it. metze (cherry picked from commit 0a7338abfabaf31c2cbd81fb4ac8f1ce45735bed)
* [GLUE] Rsync SAMBA_3_0 SVN r25598 in order to create the v3-0-test branch.samba-misc-tags/initial-v3-0-testGerald (Jerry) Carter2007-10-1050-946/+2230
|
* r23771: Merge useful W_ERROR_NOT_OK_RETURN macro from samba4.Günther Deschner2007-10-101-0/+6
| | | | Guenther
* r23766: Add GTYPE_SECURITY_UNIVERSAL_GROUP define.Günther Deschner2007-10-101-0/+5
| | | | Guenther
* r23732: removed reference to non-existent structureHerb Lewis2007-10-101-2/+0
|
* r23726: Explicitly pass down the FLAGS2 field to srvstr_pull_buf. The nextVolker Lendecke2007-10-102-7/+7
| | | | | | checkin will pull this up to srvstr_get_path. At that point we can get more independent of the inbuf, the base_ptr in pull_string will only be used to satisfy UCS2 alignment constraints.
* r23724: Reduce access to the global inbuf a tiny bit. Add a struct smb_requestVolker Lendecke2007-10-101-0/+7
| | | | | | | | | | | | that contains some of the fields from the SMB header, removing the need to access inbuf directly. This right now is used only in the open file code & friends, and creating that header is only done when needed. This needs more work, but it is a start. Jeremy, I'm only checking this into 3_0, please review before I merge it to _26. Volker
* r23671: Remove unused code -- 16416 bytes of bss space...Volker Lendecke2007-10-101-1/+0
|
* r23646: Generalize our internal keytab handling to support a broader range ↵Günther Deschner2007-10-101-0/+4
| | | | | | | | | | of default keytabnames (like "ANY:FILE:/etc/krb5.keytab,krb4:/etc/srvtab"). This also fixes keytab support with Heimdal (which supports the WRFILE pragma as well now). Guenther
* r23624: Merge dos error code from samba4 (returned from dfs_Enum against ↵Günther Deschner2007-10-101-0/+1
| | | | | | | | w2k3 as soon as a one DFS_VOLUME_FLAVOR_AD_BLOB dfsroot exists). Guenther
* r23620: Convert set_nt_acl to return NTSTATUS. Also fix the chownJeremy Allison2007-10-101-2/+3
| | | | | | | | | return to correctly return NT_STATUS_INVALID_OWNER if it should be disallowed. Matches better what W2K3R3 does. NFSv4 ACL module owners, please examine these changes. Jeremy.
* r23616: Fix bugzilla #4719: must change password is not set from usrmgr.exe.Jim McDonough2007-10-101-1/+14
| | | | | | | | | | This was only affecting the newer versions of usrmgr.exe, because they use a user_info_25 struct. The password is getting set separately inside that code, so the password last set time was getting set from the password change logic. We also were not parsing a number of fields (like logon hours) from the user_info_25. That should also be fixed.
* r23607: Add legacy support for Services for Unix (SFU) 2.0.Günther Deschner2007-10-101-4/+12
| | | | Guenther
* r23600: First step in abstracting the winbindd cache validationMichael Adam2007-10-101-0/+10
| | | | | | | code into a generic tdb validation code. In lib/util_tdb.c for a start. Michael
* r23582: Fix event based krb5 ticket refreshing in winbindd.Günther Deschner2007-10-101-1/+1
| | | | | | | We were incorrectly using the renew_till timestamp instead of the renewed ticket's endtime to calculate the next refreshing date. Guenther
* r23563: Add dump-event-list command to smbcontrol.Günther Deschner2007-10-101-0/+3
| | | | Guenther
* r23512: Fix conflict in #define for SECDESC_PREFIX. Ensure allJeremy Allison2007-10-101-2/+2
| | | | | | reg #defines use "REG_" prefix. Michael - please check gcc warnings on compiles. Jeremy.
* r23510: Tidy calls to smb_panic by removing trailing newlines. Print theJames Peach2007-10-101-3/+4
| | | | failed expression in SMB_ASSERT.
* r23509: This activates the global options from the registry in loadparm.Michael Adam2007-10-102-0/+32
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The global options are stored as values in the subkey "global" of the SMBCONF registry key. The activation is accomplished in smb.conf though a new special semantic of the "include" parameter: "include = registry" triggers the processing of the registry global options exactly at the position of the include statement. Options read from the registry take the same precedence as parameters loaded from a file via include. Need to reload the registry globals is detected by watching the tdb sequence number. Registry shares are automatically activated when the registry globals are processed. So a "registry only" configuration can be realized by an smb.conf that looks as follows: ================================ [global] include = registry ================================ The global options and registry shares can be conveniently edited with the "net conf" utility. Caveat: A possible pitfall consists in using "include = registry" together with the "lock directory" directive in the registry. This problem will be addressed in the next time. Note on the code: Processing of the registry options is accomplished by a function process_registry_globals() in loadparm.c The current version is only an interim solution: It is handcoded instead of using the infrastructure of reg_api.c. The reason for this is that using reg_api still has too large linker dependencies, bloating virtually all targets by PASSDB_OBJ, SMBLDAP_OBJ, GROUPDB_OBJ and LDB stuff. A version of process_registry_globals that uses reg_api is included but commented out. The goal is to eventually refactor and restructure the registry code so that one can use the reg_api to access only the registry tdb and not link all the dynamic backends with all their linking implications.
* r23485: This checkin consists mostly of refactorings in preparation of theMichael Adam2007-10-101-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | activation of global registry options in loadparm.c, mainly to extract functionality from net_conf.c to be made availabel elsewhere and to minimize linker dependencies. In detail: * move functions registry_push/pull_value from lib/util_reg.c to new file lib/util_reg_api.c * create a fake user token consisting of builtin administrators sid and se_disk_operators privilege by hand instead of using get_root_nt_token() to minimize linker deps for bin/net. + new function registry_create_admin_token() in new lib/util_reg_smbconf.c + move dup_nt_token from auth/token_util.c to new file lib/util_nttoken.c + adapt net_conf.c and Makefile.in accordingly. * split lib/profiles.c into two parts: new file lib/profiles_basic.c takes all the low level mask manipulation and format conversion functions (se_priv, privset, luid). the privs array is completely hidden from profiles.c by adding some access-functions. some mask-functions are not static anymore. Generally, SID- and LUID-related stuff that has more dependencies is kept in lib/profiles.c * Move initialization of regdb from net_conf.c into a function registry_init_regdb() in lib/util_reg_smbconf.c. Michael
* r23410: Merge the core of the cluster code.Volker Lendecke2007-10-105-0/+191
| | | | | | | | | | | | | | | | I'm 100% certain I've forgotten to merge something, but the main code should be in. It's mainly in dbwrap_ctdb.c, ctdbd_conn.c and messages_ctdbd.c. There should be no changes to the non-cluster case, it does survive make test on my laptop. It survives some very basic tests with ctdbd enables, I did not do the full test suite for clusters yet. Phew... Volker
* r23400: Fix lsa crash bug #4683. The "names" enum structJeremy Allison2007-10-101-3/+3
| | | | | | | | | | | in a lookup_sidX reply isn't optional - like the lookup_sidX query it needs to be defined in the struct. All this will go away with PIDL (thank goodness....). Jerry - I think this is a showstopper to be merged for 3.0.25b. I'll be watching the build farm to see if anything broke. Jeremy.
* r23380: netr_getdcname returns WERROR not NTSTATUS.Günther Deschner2007-10-101-1/+1
| | | | Guenther
* r23341: pdb interfaces should be versioned. As SAMBA_3_0 and SAMBA_3_0_26Jeremy Allison2007-10-101-0/+1
| | | | | are now identical, use the same version number (16) for both. Jeremy.
* r23328: don't typedef ber_tag_t when it's already done by openldapStefan Metzmacher2007-10-101-2/+2
| | | | | | headers on HP-UX (lber_types.h defines _LBER_TYPES_H). metze
* r23307: move readahead stuff out of libreplace and make it samba3 specificStefan Metzmacher2007-10-101-0/+3
| | | | | | | as we can't replace this function in libreplace and we do the some stuff for other function in the same way. metze
generated by cgit (git 2.34.1) at 2025-08-28 21:52:47 +0000