summaryrefslogtreecommitdiffstats
path: root/source3
Commit message (Collapse)AuthorAgeFilesLines
* s3-winbindd: Implement SamLogon IRPC callAndrew Bartlett2014-06-114-51/+150
| | | | | | | | | | | | | | We do this by lifting parts of the winbindd_dual_pam_auth_crap() code into a new helper function winbind_dual_SamLogon(). This allows us to implement the semantics we need for IRPC, without the artifacts of the winbindd pipe protocol. Change-Id: Idb169217e6d68d387c99765d0af7ed394cb5b93a Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Kamen Mazdrashki <kamenim@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Jun 11 12:43:58 CEST 2014 on sn-devel-104
* s3-winbind: Transparently forward IRPC messages to the winbind_dual childAndrew Bartlett2014-06-111-37/+80
| | | | | | Change-Id: I8b336e2365e10ef9ea04d0957eb0829d3766b11e Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3-winbind rename winbindd_update_rodc_dns to be for more generic irpcAndrew Bartlett2014-06-114-11/+17
| | | | | | Change-Id: I385ef8bd766848becc42e58694207dc94cd07a89 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* librpc/idl: Merge wbint.idl with winbind.idl so we can forward IRPC requests ↵Andrew Bartlett2014-06-1142-241/+52
| | | | | | | | to internal winbind calls Change-Id: Iba3913d5a1c7f851b93f37e9beb6dbb20fbf7e55 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3-winbindd: Listen on IRPC and do forwarded DNS updates on an RODCAndrew Bartlett2014-06-116-0/+144
| | | | | | Change-Id: Ib87933c318f510d95f7008e122216d73803ede68 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3-winbindd: Register winbindd with irpcAndrew Bartlett2014-06-113-0/+34
| | | | | | Change-Id: Ie3c7109fef6982d95e8cad06870334565352e329 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* auth: Provide a way to use the auth stack for winbindd authenticationAndrew Bartlett2014-06-115-14/+74
| | | | | | | | | | | | | | This adds in flags that allow winbindd to request authentication without directly calling into the auth_sam module. That in turn will allow winbindd to call auth_samba4 and so permit winbindd operation in the AD DC. Andrew Bartlett Change-Id: I27d11075eb8e1a54f034ee2fdcb05360b4203567 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* winbindd: Call set_dc_type_and_flags on the internal domainAndrew Bartlett2014-06-115-113/+87
| | | | | | | | | | | | | | | | | | This allows the AD DC to be picked up correctly and gives the correct DNS name. To ensure no confusion, we also always init it with the full DNS name. It also means that, aside from the BUILTIN domain the initialized flag is set only in one place, which will help when we add more details to the domain structure in the future. This in turn allows kerberos authentication against winbindd on the AD DC. Andrew Bartlett Change-Id: Idc829cfe5f2e867c87107b49275b17f294821dcd Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* passdb: Do not routinely clear the global memory returned by ↵Andrew Bartlett2014-06-112-15/+41
| | | | | | | | | | | | get_global_sam_sid() This avoids use-after-free errors and tdb database churn. Andrew Bartlett Change-Id: If7ab2e24556d9dffc7ad22c0489d665dd75a0cab Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
* Use GUID_equal in a few placesVolker Lendecke2014-06-101-1/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3: libsmb: Change cli_disk_size() to use the ↵Jeremy Allison2014-06-071-0/+45
| | | | | | | | | | | | | trans2/SMB_FS_FULL_SIZE_INFORMATION call in preference to the old SMB1 call. Fallback to the old CORE protocol SMBdskattr if trans2/SMB_FS_FULL_SIZE_INFORMATION is not supported. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat Jun 7 05:41:44 CEST 2014 on sn-devel-104
* s3: libsmb: Make cli_smb2_dskattr() a 64-bit interface.Jeremy Allison2014-06-073-14/+10
| | | | | | | | Remove the fallback call from cli_dskattr() (now it's not called from external client code). Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE>
* s3: libsmb : Move users of cli_dskattr to a 64-bit interface cli_disk_free().Jeremy Allison2014-06-074-6/+35
| | | | | Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE>
* s3/s4: smbd, rpc, ldap, cldap, kdc services.Jeremy Allison2014-06-071-6/+10
| | | | | | | | | | | | | | Allow us to start if we bind to *either* :: or 0.0.0.0. Allows us to cope with systems configured as only IPv4 or only IPv6. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-By: Amitay Isaacs <amitay@gmail.com> Reviewed-By: Alexander Bokovoy <ab@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat Jun 7 01:01:44 CEST 2014 on sn-devel-104
* s3:vfs_afsacl fix compiler warningsChristian Ambach2014-06-041-2/+1
| | | | | | | | Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Christian Ambach <ambi@samba.org> Autobuild-Date(master): Wed Jun 4 22:34:51 CEST 2014 on sn-devel-104
* vfs_afsacl: remove unused includesChristian Ambach2014-06-041-2/+1
| | | | | | | | | | * auth.h might cause collisions with the Heimdal headers * we should not include afs/afs.h directly, see https://bugs.launchpad.net/ubuntu/+source/openafs/+bug/1319336 http://rt.central.org/rt/Ticket/Display.html?id=131737 Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* waf: fixup build with fake kaserver enabledChristian Ambach2014-06-042-0/+4
| | | | | Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* waf: add --with-fake-kaserver optionChristian Ambach2014-06-041-0/+13
| | | | | | | | | | This option was not added during the transition from autoconf to waf. Bring it back so that the code can be used again. Bug: https://bugzilla.samba.org/show_bug.cgi?id=9916 Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:lib/afs move afs_settoken.c to common lib dirChristian Ambach2014-06-045-271/+2
| | | | | Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:lib/afs move afs.c to common lib dirChristian Ambach2014-06-046-319/+3
| | | | | | | | | | some of the code in afs.c is needed by wbinfo that lives in the toplevel nsswitch directory, so move the afs.c file to a new top-level lib/afs directory. Use the name afs_funcs to avoid collisions with the afs.h header from OpenAFS Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3-winbind: Use strlcpy to avoid log entry.Andreas Schneider2014-06-041-1/+4
| | | | | | | | | | | | | | The full_name from Windows can be longer than 255 chars which results in a warning on log level 0 that we have a string overflow. This will avoid the warning. However we should fix this sooner or later on the protocol level to have no limit. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Wed Jun 4 16:49:11 CEST 2014 on sn-devel-104
* s3-rpc_server: Use C99 types in rpc_pipes.hAndrew Bartlett2014-06-041-4/+4
| | | | | | | | | Change-Id: Ic282f02f421870ff8a8623005979f8a034902d88 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Jun 4 05:48:29 CEST 2014 on sn-devel-104
* s3-param: Add lp_dnsdomain() for use by winbinddAndrew Bartlett2014-06-042-0/+2
| | | | | | Change-Id: I987aa533ebe11c93b9e836fafc7b19c81bf600a5 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* winbindd: Use rpc_pipe_open_interface() so that winbindd uses the correct ↵Andrew Bartlett2014-06-042-12/+33
| | | | | | | | | | | | | rpc servers This means that in the AD DC, we use the AD DC servers, while in the classic DC or file server we continue to use the built-in SAMR and LSA servers. Andrew Bartlett Change-Id: I63b1443f5665016f7fcbed35907ec29d4424ab18 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3-rpc_server: Give log messages on failureAndrew Bartlett2014-06-041-0/+2
| | | | | | Change-Id: I240d58fdf71bbab42d1ffb63bb52b9650fd4bd85 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* winbindd: Remove pointless if statementAndrew Bartlett2014-06-041-14/+10
| | | | | | Change-Id: I7d2646078f6e7ba596b92da7d37c285d10ad38c0 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* winbindd: explain that this check protects the AD DC machine account ↵Andrew Bartlett2014-06-041-0/+4
| | | | | | | | password (for now at least) Change-Id: I2e2eb2e7fc4a12f27025f42e4cc41560311ce6c8 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* selftest: move all winbind test rules to one placeAndrew Bartlett2014-06-041-41/+1
| | | | | | | | | | | | | | | | | We now run wbinfo_simple additionally against plugin_s4_dc and dc This also extends many of the tests to run against more environments, hence the additional knownfail entries. For winbind.wbclient, the fl2003dc environment has been selected not to run with password history so as to allow the winindd.wbinfo test to complete (once switched to running winbindd). Andrew Bartlett Change-Id: I475fd9937e515796b5e47c042a8bfa85f76441ca Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* selftest: Set winbind separator = /Andrew Bartlett2014-06-042-8/+8
| | | | | | | | | | This avoids a pile of shell-script escape pain, and fixes some tests. Andrew Bartlett Change-Id: Ie1d0e32ab484a5b0ddbc4073831fe6de27e38e92 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* messaging3: Fix a talloc_tos memleakVolker Lendecke2014-06-031-0/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3:messaging: protect use of msg_control with HAVE_STRUCT_MSGHDR_MSG_CONTROLMichael Adam2014-06-031-0/+4
| | | | | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Tue Jun 3 01:14:17 CEST 2014 on sn-devel-104
* build: rename HAVE_MSGHDR_MSG_ACCTRIGHTS to HAVE_STRUCT_MSGHDR_MSG_ACCTRIGHTSMichael Adam2014-06-022-3/+3
| | | | | | | for consistency. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* build: rename HAVE_MSGHDR_MSG_CONTROL to HAVE_STRUCT_MSGHDR_MSG_CONTROLMichael Adam2014-06-022-6/+6
| | | | | | | So that we are consistent with the socket_wrapper define. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* vfs:aio_fork: simplify checking of MSG_CONTROL and MSG_ACCTRIGHTSMichael Adam2014-06-021-9/+8
| | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3:smb2_server: call smbd_smb2_flush_send_queue() directlyStefan Metzmacher2014-05-311-6/+5
| | | | | | | | | | | | This avoids recursion into smbd_smb2_io_handler(), which avoids confusion when analysing out put of performance analysing tools, e.g. callgrind. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat May 31 04:25:36 CEST 2014 on sn-devel-104
* s3:smb2_server: fix invalid TALLOC_FREE(iov) in smbd_smb2_inbuf_parse_compound()Stefan Metzmacher2014-05-311-7/+7
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* messaging3: Enforce just one messaging contextVolker Lendecke2014-05-311-0/+22
| | | | | | | | | | | | The current messaging implementation is based on a tdb indexed by server_id. If we have more than one messaging context in a process, messages might not arrive at the right context and be dropped, depending on which signal handler is triggered first. This is the same patch as bd55fdb lifted to messaging.c Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* messaging3: Make messaging_context privateVolker Lendecke2014-05-312-21/+15
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* messaging3: Add and use messaging_tevent_context()Volker Lendecke2014-05-314-4/+14
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* messaging3: Introduce messaging_local_backend()Volker Lendecke2014-05-313-3/+14
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* messaging3: The backend send_fn doesn't need a messaging_contextVolker Lendecke2014-05-314-9/+9
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* Fix several talloc stack frames not freedSamuel Cabrero2014-05-301-0/+8
| | | | | | | | | Signed-off-by: Samuel Cabrero <scabrero@zentyal.com> Reviewed-by: Kamen Mazdrashki <kamenim@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Kamen Mazdrashki <kamenim@samba.org> Autobuild-Date(master): Fri May 30 15:29:29 CEST 2014 on sn-devel-104
* s3:messaging: change unix_dgram_recv_handler() to use recvmsg, not recvMichael Adam2014-05-301-1/+15
| | | | | | | | | | This is in preparation of adding fd-passing to messaging. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri May 30 02:28:15 CEST 2014 on sn-devel-104
* s3:messaging: change messaging_backend to use iovec instead of data blob in ↵Michael Adam2014-05-304-44/+59
| | | | | | | | | | | | | | | send_fn This also changes the layering messaging_send_iov -> messaging_send_buf -> messaging_send to messaging_send_buf -> messaging_send -> messaging_send_iov Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3/smbcacls: use security_ace_equal instead of sec_ace_equalDavid Disseldorp2014-05-291-4/+5
| | | | | | | Both offer the same functionality, sec_ace_equal() will be removed. Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3/sharesec: use security_ace_equal instead of sec_ace_equalDavid Disseldorp2014-05-291-3/+5
| | | | | | | Both offer the same functionality, sec_ace_equal() will be removed. Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3/libsmb_xattr: use security_ace_equal instead of sec_ace_equalDavid Disseldorp2014-05-291-4/+5
| | | | | | | Both offer the same functionality, sec_ace_equal() will be removed. Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3/profiles: improve copy_registry_tree() errorsDavid Disseldorp2014-05-281-4/+5
| | | | | | | | | | | | The current error logic doesn't distinguish between a NULL source security descriptor and ENOMEM. Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed May 28 20:18:21 CEST 2014 on sn-devel-104
* s3/rpc_server/lsa: replace dup_sec_desc() usageDavid Disseldorp2014-05-281-3/+3
| | | | | | | | | Use security_descriptor_copy() instead, which is also provided by libcli. Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* s3/rpc_server/spoolss: replace dup_sec_desc() usageDavid Disseldorp2014-05-281-4/+14
| | | | | | | | | Use security_descriptor_copy() instead, which is also provided by libcli. Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
generated by cgit (git 2.34.1) at 2024-05-25 02:10:57 +0000