summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJelmer Vernooij <jelmer@samba.org>2009-03-26 15:28:18 +0100
committerJelmer Vernooij <jelmer@samba.org>2009-03-26 15:28:18 +0100
commit30a3dec549dc408940710409c80276077b4d9701 (patch)
treeb0c0106ccbb9874875100ae5e18ec301e5c9f777
parentc42fc5e103d9d210c2f370e237a952e6df361792 (diff)
parent853f9283fb8fbcd2078e3cf8e99d6c8e24d77346 (diff)
downloadsamba-30a3dec549dc408940710409c80276077b4d9701.tar.gz
samba-30a3dec549dc408940710409c80276077b4d9701.tar.bz2
samba-30a3dec549dc408940710409c80276077b4d9701.zip
Merge branch 'master' of ssh://git.samba.org/data/git/samba into displaysec
-rw-r--r--libcli/util/doserr.c1
-rw-r--r--libcli/util/werror.h1
-rw-r--r--source3/Makefile.in28
-rw-r--r--source3/include/proto.h7
-rw-r--r--source3/lib/avahi.c7
-rw-r--r--source3/lib/netapi/cm.c5
-rw-r--r--source3/lib/netapi/user.c18
-rw-r--r--source3/lib/util_file.c2
-rw-r--r--source3/locking/locking.c3
-rw-r--r--source3/registry/regfio.c26
-rw-r--r--source3/rpc_parse/parse_misc.c57
-rw-r--r--source3/rpc_parse/parse_sec.c436
-rw-r--r--source3/smbd/nttrans.c4
-rw-r--r--source3/smbd/reply.c6
-rw-r--r--source3/smbd/trans2.c2
-rw-r--r--source3/utils/net_rpc_printer.c9
-rw-r--r--source4/auth/credentials/credentials_krb5.h1
-rw-r--r--source4/auth/kerberos/clikrb5.c6
-rwxr-xr-xsource4/dsdb/samdb/ldb_modules/tests/possibleinferiors.py166
-rw-r--r--source4/heimdal_build/replace.c4
-rw-r--r--source4/heimdal_build/roken.h19
-rw-r--r--source4/kdc/kdc.c2
22 files changed, 236 insertions, 574 deletions
diff --git a/libcli/util/doserr.c b/libcli/util/doserr.c
index 5104c3ee02..1a7422e3f6 100644
--- a/libcli/util/doserr.c
+++ b/libcli/util/doserr.c
@@ -124,6 +124,7 @@ static const struct werror_code_struct dos_errs[] =
{ "WERR_DS_DRA_DB_ERROR", WERR_DS_DRA_DB_ERROR },
{ "WERR_DS_DRA_NO_REPLICA", WERR_DS_DRA_NO_REPLICA },
{ "WERR_DS_DRA_ACCESS_DENIED", WERR_DS_DRA_ACCESS_DENIED },
+ { "WERR_DS_DRA_SOURCE_DISABLED", WERR_DS_DRA_SOURCE_DISABLED },
{ "WERR_DS_DNS_LOOKUP_FAILURE", WERR_DS_DNS_LOOKUP_FAILURE },
{ "WERR_DS_WRONG_LINKED_ATTRIBUTE_SYNTAX", WERR_DS_WRONG_LINKED_ATTRIBUTE_SYNTAX },
{ "WERR_DS_NO_MSDS_INTID", WERR_DS_NO_MSDS_INTID },
diff --git a/libcli/util/werror.h b/libcli/util/werror.h
index d92232706a..a69587f361 100644
--- a/libcli/util/werror.h
+++ b/libcli/util/werror.h
@@ -248,6 +248,7 @@ typedef uint32_t WERROR;
#define WERR_DS_DRA_DB_ERROR W_ERROR(0x00002103)
#define WERR_DS_DRA_NO_REPLICA W_ERROR(0x00002104)
#define WERR_DS_DRA_ACCESS_DENIED W_ERROR(0x00002105)
+#define WERR_DS_DRA_SOURCE_DISABLED W_ERROR(0x00002108)
#define WERR_DS_DNS_LOOKUP_FAILURE W_ERROR(0x0000214c)
#define WERR_DS_WRONG_LINKED_ATTRIBUTE_SYNTAX W_ERROR(0x00002150)
#define WERR_DS_NO_MSDS_INTID W_ERROR(0x00002194)
diff --git a/source3/Makefile.in b/source3/Makefile.in
index 22911bf772..fd753128d4 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -319,7 +319,7 @@ RPC_PARSE_OBJ0 = rpc_parse/parse_prs.o rpc_parse/parse_misc.o
# this includes only the low level parse code, not stuff
# that requires knowledge of security contexts
-RPC_PARSE_OBJ1 = $(RPC_PARSE_OBJ0) rpc_parse/parse_sec.o
+RPC_PARSE_OBJ1 = $(RPC_PARSE_OBJ0)
RPC_PARSE_OBJ2 = rpc_parse/parse_rpc.o \
rpc_client/init_netlogon.o \
@@ -1442,19 +1442,19 @@ bin/smbspool@EXEEXT@: $(BINARY_PREREQS) $(CUPS_OBJ) @BUILD_POPT@ @LIBTALLOC_SHAR
@$(CC) -o $@ $(CUPS_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) \
$(KRB5LIBS) $(LDAP_LIBS) $(POPT_LIBS) $(LIBTALLOC_LIBS) $(LIBTDB_LIBS) $(ZLIB_LIBS)
-bin/mount.cifs@EXEEXT@: $(BINARY_PREREQS) $(CIFS_MOUNT_OBJ) @BUILD_POPT@
+bin/mount.cifs@EXEEXT@: $(BINARY_PREREQS) $(CIFS_MOUNT_OBJ)
@echo Linking $@
- @$(CC) -o $@ $(CIFS_MOUNT_OBJ) $(DYNEXP) $(LDFLAGS) $(POPT_LIBS)
+ @$(CC) -o $@ $(CIFS_MOUNT_OBJ) $(DYNEXP) $(LDFLAGS)
-bin/umount.cifs@EXEEXT@: $(BINARY_PREREQS) $(CIFS_UMOUNT_OBJ) @BUILD_POPT@
+bin/umount.cifs@EXEEXT@: $(BINARY_PREREQS) $(CIFS_UMOUNT_OBJ)
@echo Linking $@
- @$(CC) -o $@ $(CIFS_UMOUNT_OBJ) $(DYNEXP) $(LDFLAGS) $(POPT_LIBS)
+ @$(CC) -o $@ $(CIFS_UMOUNT_OBJ) $(DYNEXP) $(LDFLAGS)
-bin/cifs.upcall@EXEEXT@: $(BINARY_PREREQS) $(CIFS_UPCALL_OBJ) $(LIBSMBCLIENT_OBJ1) @BUILD_POPT@ @LIBTALLOC_SHARED@ @LIBTDB_SHARED@ @LIBWBCLIENT_SHARED@
+bin/cifs.upcall@EXEEXT@: $(BINARY_PREREQS) $(CIFS_UPCALL_OBJ) $(LIBSMBCLIENT_OBJ1) @LIBTALLOC_SHARED@ @LIBTDB_SHARED@ @LIBWBCLIENT_SHARED@
@echo Linking $@
@$(CC) -o $@ $(CIFS_UPCALL_OBJ) $(DYNEXP) $(LDFLAGS) \
-lkeyutils $(LIBS) $(LIBSMBCLIENT_OBJ1) $(KRB5LIBS) \
- $(LDAP_LIBS) $(POPT_LIBS) $(LIBTALLOC_LIBS) $(WINBIND_LIBS) \
+ $(LDAP_LIBS) $(LIBTALLOC_LIBS) $(WINBIND_LIBS) \
$(LIBTDB_LIBS) $(NSCD_LIBS)
bin/testparm@EXEEXT@: $(BINARY_PREREQS) $(TESTPARM_OBJ) @BUILD_POPT@ @LIBTALLOC_SHARED@ @LIBTDB_SHARED@
@@ -1618,37 +1618,37 @@ bin/ldbedit: $(BINARY_PREREQS) $(LDBEDIT_OBJ) @BUILD_POPT@ @LIBTALLOC_SHARED@ @L
@echo Linking $@
@$(CC) -o $@ $(LDBEDIT_OBJ) $(DYNEXP) $(LDFLAGS) \
$(LIBS) $(POPT_LIBS) $(LDAP_LIBS) \
- $(LIBTALLOC_LIBS) $(LIBTDB_LIBS) $(WINBIND_LIBS)
+ $(LIBTALLOC_LIBS) $(LIBTDB_LIBS)
bin/ldbsearch: $(BINARY_PREREQS) $(LDBSEARCH_OBJ) @BUILD_POPT@ @LIBTALLOC_SHARED@ @LIBTDB_SHARED@ @LIBWBCLIENT_SHARED@
@echo Linking $@
@$(CC) -o $@ $(LDBSEARCH_OBJ) $(DYNEXP) $(LDFLAGS) \
$(LIBS) $(POPT_LIBS) $(LDAP_LIBS) \
- $(LIBTALLOC_LIBS) $(LIBTDB_LIBS) $(WINBIND_LIBS)
+ $(LIBTALLOC_LIBS) $(LIBTDB_LIBS)
bin/ldbadd: $(BINARY_PREREQS) $(LDBADD_OBJ) @BUILD_POPT@ @LIBTALLOC_SHARED@ @LIBTDB_SHARED@ @LIBWBCLIENT_SHARED@
@echo Linking $@
@$(CC) -o $@ $(LDBADD_OBJ) $(DYNEXP) $(LDFLAGS) \
$(LIBS) $(POPT_LIBS) $(LDAP_LIBS) \
- $(LIBTALLOC_LIBS) $(LIBTDB_LIBS) $(WINBIND_LIBS)
+ $(LIBTALLOC_LIBS) $(LIBTDB_LIBS)
bin/ldbmodify: $(BINARY_PREREQS) $(LDBMODIFY_OBJ) @BUILD_POPT@ @LIBTALLOC_SHARED@ @LIBTDB_SHARED@ @LIBWBCLIENT_SHARED@
@echo Linking $@
@$(CC) -o $@ $(LDBMODIFY_OBJ) $(DYNEXP) $(LDFLAGS) \
$(LIBS) $(POPT_LIBS) $(LDAP_LIBS) \
- $(LIBTALLOC_LIBS) $(LIBTDB_LIBS) $(WINBIND_LIBS)
+ $(LIBTALLOC_LIBS) $(LIBTDB_LIBS)
bin/ldbdel: $(BINARY_PREREQS) $(LDBDEL_OBJ) @BUILD_POPT@ @LIBTALLOC_SHARED@ @LIBTDB_SHARED@ @LIBWBCLIENT_SHARED@
@echo Linking $@
@$(CC) -o $@ $(LDBDEL_OBJ) $(DYNEXP) $(LDFLAGS) \
$(LIBS) $(POPT_LIBS) $(LDAP_LIBS) \
- $(LIBTALLOC_LIBS) $(LIBTDB_LIBS) $(WINBIND_LIBS)
+ $(LIBTALLOC_LIBS) $(LIBTDB_LIBS)
bin/ldbrename: $(BINARY_PREREQS) $(LDBRENAME_OBJ) @BUILD_POPT@ @LIBTALLOC_SHARED@ @LIBTDB_SHARED@ @LIBWBCLIENT_SHARED@
@echo Linking $@
@$(CC) $(FLAGS) -o $@ $(LDBRENAME_OBJ) $(DYNEXP) $(LDFLAGS) \
$(LIBS) $(POPT_LIBS) $(LDAP_LIBS) \
- $(LIBTALLOC_LIBS) $(LIBTDB_LIBS) $(WINBIND_LIBS)
+ $(LIBTALLOC_LIBS) $(LIBTDB_LIBS)
bin/versiontest: $(BINARY_PREREQS) lib/version_test.o $(VERSION_OBJ)
@echo Linking $@
@@ -2661,7 +2661,7 @@ bin/ntlm_auth@EXEEXT@: $(BINARY_PREREQS) $(NTLM_AUTH_OBJ) $(PARAM_OBJ) \
bin/pam_smbpass.@SHLIBEXT@: $(BINARY_PREREQS) $(PAM_SMBPASS_OBJ) @LIBTALLOC_SHARED@ @LIBWBCLIENT_SHARED@ @LIBTDB_SHARED@
@echo "Linking shared library $@"
@$(SHLD) $(LDSHFLAGS) -o $@ $(PAM_SMBPASS_OBJ) -lpam $(DYNEXP) \
- $(LIBS) $(LDAP_LIBS) $(KRB5LIBS) $(NSCD_LIBS) \
+ $(LIBS) $(LDAP_LIBS) $(NSCD_LIBS) \
$(LIBTALLOC_LIBS) $(LIBTDB_LIBS) $(WINBIND_LIBS)
bin/tdbbackup@EXEEXT@: $(BINARY_PREREQS) $(TDBBACKUP_OBJ) @LIBTALLOC_SHARED@ @LIBTDB_SHARED@
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 3b4b1cf3f1..77be0aba09 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -5693,10 +5693,8 @@ NTSTATUS cli_do_rpc_ndr(struct rpc_pipe_client *cli,
bool smb_io_time(const char *desc, NTTIME *nttime, prs_struct *ps, int depth);
bool smb_io_system_time(const char *desc, prs_struct *ps, int depth, SYSTEMTIME *systime);
bool make_systemtime(SYSTEMTIME *systime, struct tm *unixtime);
-bool smb_io_dom_sid(const char *desc, DOM_SID *sid, prs_struct *ps, int depth);
bool smb_io_uuid(const char *desc, struct GUID *uuid,
prs_struct *ps, int depth);
-void init_unistr(UNISTR *str, const char *buf);
void init_unistr2(UNISTR2 *str, const char *buf, enum unistr2_term_codes flags);
/* The following definitions come from rpc_parse/parse_prs.c */
@@ -5818,11 +5816,6 @@ bool smb_io_rpc_auth_schannel_chk(const char *desc, int auth_len,
RPC_AUTH_SCHANNEL_CHK * chk,
prs_struct *ps, int depth);
-/* The following definitions come from rpc_parse/parse_sec.c */
-
-bool sec_io_desc(const char *desc, SEC_DESC **ppsd, prs_struct *ps, int depth);
-bool sec_io_desc_buf(const char *desc, SEC_DESC_BUF **ppsdb, prs_struct *ps, int depth);
-
/* The following definitions come from rpc_server/srv_eventlog_lib.c */
TDB_CONTEXT *elog_init_tdb( char *tdbfilename );
diff --git a/source3/lib/avahi.c b/source3/lib/avahi.c
index ac9867a1fc..269b329e64 100644
--- a/source3/lib/avahi.c
+++ b/source3/lib/avahi.c
@@ -207,6 +207,13 @@ static void avahi_timeout_update(AvahiTimeout *t, const struct timeval *tv)
{
TALLOC_FREE(t->te);
+ if (tv == NULL) {
+ /*
+ * Disable this timer
+ */
+ return;
+ }
+
t->te = tevent_add_timer(t->ctx->ev, t, *tv, avahi_timeout_handler, t);
/*
* No failure mode defined here
diff --git a/source3/lib/netapi/cm.c b/source3/lib/netapi/cm.c
index b676ae63dd..d28b2b2126 100644
--- a/source3/lib/netapi/cm.c
+++ b/source3/lib/netapi/cm.c
@@ -57,6 +57,11 @@ static WERROR libnetapi_open_ipc_connection(struct libnetapi_ctx *ctx,
false, false,
PROTOCOL_NT1,
0, 0x20);
+ if (cli_ipc) {
+ cli_set_username(cli_ipc, ctx->username);
+ cli_set_password(cli_ipc, ctx->password);
+ cli_set_domain(cli_ipc, ctx->workgroup);
+ }
TALLOC_FREE(auth_info);
if (!cli_ipc) {
diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c
index e760a8b1de..1cbb883169 100644
--- a/source3/lib/netapi/user.c
+++ b/source3/lib/netapi/user.c
@@ -1497,6 +1497,9 @@ WERROR NetQueryDisplayInformation_r(struct libnetapi_ctx *ctx,
NTSTATUS status = NT_STATUS_OK;
WERROR werr;
+ WERROR werr_tmp;
+
+ *r->out.entries_read = 0;
ZERO_STRUCT(connect_handle);
ZERO_STRUCT(domain_handle);
@@ -1540,15 +1543,18 @@ WERROR NetQueryDisplayInformation_r(struct libnetapi_ctx *ctx,
&total_size,
&returned_size,
&info);
- if (!NT_STATUS_IS_OK(status)) {
- werr = ntstatus_to_werror(status);
+ werr = ntstatus_to_werror(status);
+ if (NT_STATUS_IS_ERR(status)) {
goto done;
}
- werr = convert_samr_dispinfo_to_NET_DISPLAY(ctx, &info,
- r->in.level,
- r->out.entries_read,
- r->out.buffer);
+ werr_tmp = convert_samr_dispinfo_to_NET_DISPLAY(ctx, &info,
+ r->in.level,
+ r->out.entries_read,
+ r->out.buffer);
+ if (!W_ERROR_IS_OK(werr_tmp)) {
+ werr = werr_tmp;
+ }
done:
/* if last query */
if (NT_STATUS_IS_OK(status) ||
diff --git a/source3/lib/util_file.c b/source3/lib/util_file.c
index c5a9b7c29a..50ff844762 100644
--- a/source3/lib/util_file.c
+++ b/source3/lib/util_file.c
@@ -39,7 +39,7 @@ static char *file_pload(const char *syscmd, size_t *size)
total = 0;
while ((n = read(fd, buf, sizeof(buf))) > 0) {
- p = (char *)SMB_REALLOC(p, total + n + 1);
+ p = talloc_realloc(NULL, p, char, total + n + 1);
if (!p) {
DEBUG(0,("file_pload: failed to expand buffer!\n"));
close(fd);
diff --git a/source3/locking/locking.c b/source3/locking/locking.c
index bafb89522a..70841225a7 100644
--- a/source3/locking/locking.c
+++ b/source3/locking/locking.c
@@ -887,7 +887,8 @@ struct share_mode_lock *fetch_share_mode_unlocked(TALLOC_CTX *mem_ctx,
}
if (!fill_share_mode_lock(lck, id, servicepath, fname, data, NULL)) {
- DEBUG(3, ("fill_share_mode_lock failed\n"));
+ DEBUG(10, ("fetch_share_mode_unlocked: no share_mode record "
+ "around (file not open)\n"));
TALLOC_FREE(lck);
return NULL;
}
diff --git a/source3/registry/regfio.c b/source3/registry/regfio.c
index d002bd72e7..e1c04c4777 100644
--- a/source3/registry/regfio.c
+++ b/source3/registry/regfio.c
@@ -712,8 +712,30 @@ static bool hbin_prs_sk_rec( const char *desc, REGF_HBIN *hbin, int depth, REGF_
if ( !prs_uint32( "size", ps, depth, &sk->size))
return False;
- if ( !sec_io_desc( "sec_desc", &sk->sec_desc, ps, depth ))
- return False;
+ {
+ NTSTATUS status;
+ TALLOC_CTX *mem_ctx = prs_get_mem_context(&hbin->ps);
+ DATA_BLOB blob;
+
+ if (MARSHALLING(&hbin->ps)) {
+ status = marshall_sec_desc(mem_ctx,
+ sk->sec_desc,
+ &blob.data, &blob.length);
+ if (!NT_STATUS_IS_OK(status))
+ return False;
+ if (!prs_copy_data_in(&hbin->ps, (const char *)blob.data, blob.length))
+ return False;
+ } else {
+ blob = data_blob_const(prs_data_p(&hbin->ps),
+ prs_data_size(&hbin->ps));
+ status = unmarshall_sec_desc(mem_ctx,
+ blob.data, blob.length,
+ &sk->sec_desc);
+ if (!NT_STATUS_IS_OK(status))
+ return False;
+ prs_set_offset(&hbin->ps, blob.length);
+ }
+ }
end_off = prs_offset( &hbin->ps );
diff --git a/source3/rpc_parse/parse_misc.c b/source3/rpc_parse/parse_misc.c
index 8b4135a1e8..1ea4ecf46f 100644
--- a/source3/rpc_parse/parse_misc.c
+++ b/source3/rpc_parse/parse_misc.c
@@ -101,44 +101,6 @@ bool make_systemtime(SYSTEMTIME *systime, struct tm *unixtime)
}
/*******************************************************************
- Reads or writes a DOM_SID structure.
-********************************************************************/
-
-bool smb_io_dom_sid(const char *desc, DOM_SID *sid, prs_struct *ps, int depth)
-{
- int i;
-
- if (sid == NULL)
- return False;
-
- prs_debug(ps, depth, desc, "smb_io_dom_sid");
- depth++;
-
- if(!prs_uint8 ("sid_rev_num", ps, depth, &sid->sid_rev_num))
- return False;
-
- if(!prs_uint8 ("num_auths ", ps, depth, (uint8 *)&sid->num_auths))
- return False;
-
- for (i = 0; i < 6; i++)
- {
- fstring tmp;
- slprintf(tmp, sizeof(tmp) - 1, "id_auth[%d] ", i);
- if(!prs_uint8 (tmp, ps, depth, &sid->id_auth[i]))
- return False;
- }
-
- /* oops! XXXX should really issue a warning here... */
- if (sid->num_auths > MAXSUBAUTHS)
- sid->num_auths = MAXSUBAUTHS;
-
- if(!prs_uint32s(False, "sub_auths ", ps, depth, sid->sub_auths, sid->num_auths))
- return False;
-
- return True;
-}
-
-/*******************************************************************
Reads or writes a struct GUID
********************************************************************/
@@ -167,25 +129,6 @@ bool smb_io_uuid(const char *desc, struct GUID *uuid,
}
/*******************************************************************
- Inits a UNISTR structure.
-********************************************************************/
-
-void init_unistr(UNISTR *str, const char *buf)
-{
- size_t len;
-
- if (buf == NULL) {
- str->buffer = NULL;
- return;
- }
-
- len = rpcstr_push_talloc(talloc_tos(), &str->buffer, buf);
- if (len == (size_t)-1) {
- str->buffer = NULL;
- }
-}
-
-/*******************************************************************
Inits a UNISTR2 structure.
********************************************************************/
diff --git a/source3/rpc_parse/parse_sec.c b/source3/rpc_parse/parse_sec.c
deleted file mode 100644
index 91d8591a05..0000000000
--- a/source3/rpc_parse/parse_sec.c
+++ /dev/null
@@ -1,436 +0,0 @@
-/*
- * Unix SMB/Netbios implementation.
- * Version 1.9.
- * RPC Pipe client / server routines
- * Copyright (C) Andrew Tridgell 1992-1998,
- * Copyright (C) Jeremy R. Allison 1995-2005.
- * Copyright (C) Luke Kenneth Casson Leighton 1996-1998,
- * Copyright (C) Paul Ashton 1997-1998.
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, see <http://www.gnu.org/licenses/>.
- */
-
-#include "includes.h"
-
-#undef DBGC_CLASS
-#define DBGC_CLASS DBGC_RPC_PARSE
-
-/*******************************************************************
- Reads or writes a SEC_ACE structure.
-********************************************************************/
-
-static bool sec_io_ace(const char *desc, SEC_ACE *psa, prs_struct *ps,
- int depth)
-{
- uint32 old_offset;
- uint32 offset_ace_size;
- uint8 type;
-
- if (psa == NULL)
- return False;
-
- prs_debug(ps, depth, desc, "sec_io_ace");
- depth++;
-
- old_offset = prs_offset(ps);
-
- if (MARSHALLING(ps)) {
- type = (uint8)psa->type;
- }
-
- if(!prs_uint8("type ", ps, depth, &type))
- return False;
-
- if (UNMARSHALLING(ps)) {
- psa->type = (enum security_ace_type)type;
- }
-
- if(!prs_uint8("flags", ps, depth, &psa->flags))
- return False;
-
- if(!prs_uint16_pre("size ", ps, depth, &psa->size, &offset_ace_size))
- return False;
-
- if(!prs_uint32("access_mask", ps, depth, &psa->access_mask))
- return False;
-
- /* check whether object access is present */
- if (!sec_ace_object(psa->type)) {
- if (!smb_io_dom_sid("trustee ", &psa->trustee , ps, depth))
- return False;
- } else {
- if (!prs_uint32("obj_flags", ps, depth, &psa->object.object.flags))
- return False;
-
- if (psa->object.object.flags & SEC_ACE_OBJECT_TYPE_PRESENT)
- if (!smb_io_uuid("obj_guid", &psa->object.object.type.type, ps,depth))
- return False;
-
- if (psa->object.object.flags & SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT)
- if (!smb_io_uuid("inh_guid", &psa->object.object.inherited_type.inherited_type, ps,depth))
- return False;
-
- if(!smb_io_dom_sid("trustee ", &psa->trustee , ps, depth))
- return False;
- }
-
- /* Theorectically an ACE can have a size greater than the
- sum of its components. When marshalling, pad with extra null bytes up to the
- correct size. */
-
- if (MARSHALLING(ps) && (psa->size > prs_offset(ps) - old_offset)) {
- uint32 extra_len = psa->size - (prs_offset(ps) - old_offset);
- uint32 i;
- uint8 c = 0;
-
- for (i = 0; i < extra_len; i++) {
- if (!prs_uint8("ace extra space", ps, depth, &c))
- return False;
- }
- }
-
- if(!prs_uint16_post("size ", ps, depth, &psa->size, offset_ace_size, old_offset))
- return False;
-
- return True;
-}
-
-/*******************************************************************
- Reads or writes a SEC_ACL structure.
-
- First of the xx_io_xx functions that allocates its data structures
- for you as it reads them.
-********************************************************************/
-
-static bool sec_io_acl(const char *desc, SEC_ACL **ppsa, prs_struct *ps,
- int depth)
-{
- unsigned int i;
- uint32 old_offset;
- uint32 offset_acl_size;
- SEC_ACL *psa;
- uint16 revision;
-
- /*
- * Note that the size is always a multiple of 4 bytes due to the
- * nature of the data structure. Therefore the prs_align() calls
- * have been removed as they through us off when doing two-layer
- * marshalling such as in the printing code (RPC_BUFFER). --jerry
- */
-
- if (ppsa == NULL)
- return False;
-
- psa = *ppsa;
-
- if(UNMARSHALLING(ps) && psa == NULL) {
- /*
- * This is a read and we must allocate the stuct to read into.
- */
- if((psa = PRS_ALLOC_MEM(ps, SEC_ACL, 1)) == NULL)
- return False;
- *ppsa = psa;
- }
-
- prs_debug(ps, depth, desc, "sec_io_acl");
- depth++;
-
- old_offset = prs_offset(ps);
-
- if (MARSHALLING(ps)) {
- revision = (uint16)psa->revision;
- }
-
- if(!prs_uint16("revision", ps, depth, &revision))
- return False;
-
- if (UNMARSHALLING(ps)) {
- psa->revision = (enum security_acl_revision)revision;
- }
-
- if(!prs_uint16_pre("size ", ps, depth, &psa->size, &offset_acl_size))
- return False;
-
- if(!prs_uint32("num_aces ", ps, depth, &psa->num_aces))
- return False;
-
- if (UNMARSHALLING(ps)) {
- if (psa->num_aces) {
- if((psa->aces = PRS_ALLOC_MEM(ps, SEC_ACE, psa->num_aces)) == NULL)
- return False;
- } else {
- psa->aces = NULL;
- }
- }
-
- for (i = 0; i < psa->num_aces; i++) {
- fstring tmp;
- slprintf(tmp, sizeof(tmp)-1, "ace_list[%02d]: ", i);
- if(!sec_io_ace(tmp, &psa->aces[i], ps, depth))
- return False;
- }
-
- /* Theorectically an ACL can have a size greater than the
- sum of its components. When marshalling, pad with extra null bytes up to the
- correct size. */
-
- if (MARSHALLING(ps) && (psa->size > prs_offset(ps) - old_offset)) {
- uint32 extra_len = psa->size - (prs_offset(ps) - old_offset);
- uint8 c = 0;
-
- for (i = 0; i < extra_len; i++) {
- if (!prs_uint8("acl extra space", ps, depth, &c))
- return False;
- }
- }
-
- if(!prs_uint16_post("size ", ps, depth, &psa->size, offset_acl_size, old_offset))
- return False;
-
- return True;
-}
-
-/*******************************************************************
- Reads or writes a SEC_DESC structure.
- If reading and the *ppsd = NULL, allocates the structure.
-********************************************************************/
-
-bool sec_io_desc(const char *desc, SEC_DESC **ppsd, prs_struct *ps, int depth)
-{
- uint32 old_offset;
- uint32 max_offset = 0; /* after we're done, move offset to end */
- uint32 tmp_offset = 0;
- uint32 off_sacl, off_dacl, off_owner_sid, off_grp_sid;
- uint16 revision;
-
- SEC_DESC *psd;
-
- if (ppsd == NULL)
- return False;
-
- psd = *ppsd;
-
- if (psd == NULL) {
- if(UNMARSHALLING(ps)) {
- if((psd = PRS_ALLOC_MEM(ps,SEC_DESC,1)) == NULL)
- return False;
- *ppsd = psd;
- } else {
- /* Marshalling - just ignore. */
- return True;
- }
- }
-
- prs_debug(ps, depth, desc, "sec_io_desc");
- depth++;
-
- /* start of security descriptor stored for back-calc offset purposes */
- old_offset = prs_offset(ps);
-
- if (MARSHALLING(ps)) {
- revision = (uint16)psd->revision;
- }
-
- if(!prs_uint16("revision", ps, depth, &revision))
- return False;
-
- if (UNMARSHALLING(ps)) {
- psd->revision = (enum security_descriptor_revision)revision;
- }
-
- if(!prs_uint16("type ", ps, depth, &psd->type))
- return False;
-
- if (MARSHALLING(ps)) {
- uint32 offset = SEC_DESC_HEADER_SIZE;
-
- /*
- * Work out the offsets here, as we write it out.
- */
-
- if (psd->sacl != NULL) {
- off_sacl = offset;
- offset += psd->sacl->size;
- } else {
- off_sacl = 0;
- }
-
- if (psd->dacl != NULL) {
- off_dacl = offset;
- offset += psd->dacl->size;
- } else {
- off_dacl = 0;
- }
-
- if (psd->owner_sid != NULL) {
- off_owner_sid = offset;
- offset += ndr_size_dom_sid(psd->owner_sid, NULL, 0);
- } else {
- off_owner_sid = 0;
- }
-
- if (psd->group_sid != NULL) {
- off_grp_sid = offset;
- offset += ndr_size_dom_sid(psd->group_sid, NULL, 0);
- } else {
- off_grp_sid = 0;
- }
- }
-
- if(!prs_uint32("off_owner_sid", ps, depth, &off_owner_sid))
- return False;
-
- if(!prs_uint32("off_grp_sid ", ps, depth, &off_grp_sid))
- return False;
-
- if(!prs_uint32("off_sacl ", ps, depth, &off_sacl))
- return False;
-
- if(!prs_uint32("off_dacl ", ps, depth, &off_dacl))
- return False;
-
- max_offset = MAX(max_offset, prs_offset(ps));
-
- if (off_owner_sid != 0) {
-
- tmp_offset = prs_offset(ps);
- if(!prs_set_offset(ps, old_offset + off_owner_sid))
- return False;
-
- if (UNMARSHALLING(ps)) {
- /* reading */
- if((psd->owner_sid = PRS_ALLOC_MEM(ps,DOM_SID,1)) == NULL)
- return False;
- }
-
- if(!smb_io_dom_sid("owner_sid ", psd->owner_sid , ps, depth))
- return False;
-
- max_offset = MAX(max_offset, prs_offset(ps));
-
- if (!prs_set_offset(ps,tmp_offset))
- return False;
- }
-
- if (psd->group_sid != 0) {
-
- tmp_offset = prs_offset(ps);
- if(!prs_set_offset(ps, old_offset + off_grp_sid))
- return False;
-
- if (UNMARSHALLING(ps)) {
- /* reading */
- if((psd->group_sid = PRS_ALLOC_MEM(ps,DOM_SID,1)) == NULL)
- return False;
- }
-
- if(!smb_io_dom_sid("grp_sid", psd->group_sid, ps, depth))
- return False;
-
- max_offset = MAX(max_offset, prs_offset(ps));
-
- if (!prs_set_offset(ps,tmp_offset))
- return False;
- }
-
- if ((psd->type & SEC_DESC_SACL_PRESENT) && off_sacl) {
- tmp_offset = prs_offset(ps);
- if(!prs_set_offset(ps, old_offset + off_sacl))
- return False;
- if(!sec_io_acl("sacl", &psd->sacl, ps, depth))
- return False;
- max_offset = MAX(max_offset, prs_offset(ps));
- if (!prs_set_offset(ps,tmp_offset))
- return False;
- }
-
- if ((psd->type & SEC_DESC_DACL_PRESENT) && off_dacl != 0) {
- tmp_offset = prs_offset(ps);
- if(!prs_set_offset(ps, old_offset + off_dacl))
- return False;
- if(!sec_io_acl("dacl", &psd->dacl, ps, depth))
- return False;
- max_offset = MAX(max_offset, prs_offset(ps));
- if (!prs_set_offset(ps,tmp_offset))
- return False;
- }
-
- if(!prs_set_offset(ps, max_offset))
- return False;
-
- return True;
-}
-
-/*******************************************************************
- Reads or writes a SEC_DESC_BUF structure.
-********************************************************************/
-
-bool sec_io_desc_buf(const char *desc, SEC_DESC_BUF **ppsdb, prs_struct *ps, int depth)
-{
- uint32 off_len;
- uint32 off_max_len;
- uint32 old_offset;
- uint32 size;
- uint32 len;
- SEC_DESC_BUF *psdb;
- uint32 ptr;
-
- if (ppsdb == NULL)
- return False;
-
- psdb = *ppsdb;
-
- if (UNMARSHALLING(ps) && psdb == NULL) {
- if((psdb = PRS_ALLOC_MEM(ps,SEC_DESC_BUF,1)) == NULL)
- return False;
- *ppsdb = psdb;
- }
-
- prs_debug(ps, depth, desc, "sec_io_desc_buf");
- depth++;
-
- if(!prs_align(ps))
- return False;
-
- if(!prs_uint32_pre("max_len", ps, depth, &psdb->sd_size, &off_max_len))
- return False;
-
- ptr = 1;
- if(!prs_uint32 ("ptr ", ps, depth, &ptr))
- return False;
-
- len = ndr_size_security_descriptor(psdb->sd, NULL, 0);
- if(!prs_uint32_pre("len ", ps, depth, &len, &off_len))
- return False;
-
- old_offset = prs_offset(ps);
-
- /* reading, length is non-zero; writing, descriptor is non-NULL */
- if ((UNMARSHALLING(ps) && psdb->sd_size != 0) || (MARSHALLING(ps) && psdb->sd != NULL)) {
- if(!sec_io_desc("sec ", &psdb->sd, ps, depth))
- return False;
- }
-
- if(!prs_align(ps))
- return False;
-
- size = prs_offset(ps) - old_offset;
- if(!prs_uint32_post("max_len", ps, depth, &psdb->sd_size, off_max_len, size == 0 ? psdb->sd_size : size))
- return False;
-
- if(!prs_uint32_post("len ", ps, depth, &len, off_len, size))
- return False;
-
- return True;
-}
diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c
index 628fc1bd32..7e75eea6b4 100644
--- a/source3/smbd/nttrans.c
+++ b/source3/smbd/nttrans.c
@@ -441,6 +441,8 @@ void reply_ntcreate_and_X(struct smb_request *req)
START_PROFILE(SMBntcreateX);
+ SET_STAT_INVALID(sbuf);
+
if (req->wct < 24) {
reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
return;
@@ -865,6 +867,8 @@ static void call_nt_transact_create(connection_struct *conn,
uint8_t oplock_granted;
TALLOC_CTX *ctx = talloc_tos();
+ SET_STAT_INVALID(sbuf);
+
DEBUG(5,("call_nt_transact_create\n"));
/*
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index 6f19a58178..16eb4a7fd7 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -1606,6 +1606,8 @@ void reply_open(struct smb_request *req)
START_PROFILE(SMBopen);
+ SET_STAT_INVALID(sbuf);
+
if (req->wct < 2) {
reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
END_PROFILE(SMBopen);
@@ -1741,6 +1743,8 @@ void reply_open_and_X(struct smb_request *req)
return;
}
+ SET_STAT_INVALID(sbuf);
+
open_flags = SVAL(req->vwv+2, 0);
deny_mode = SVAL(req->vwv+3, 0);
smb_attr = SVAL(req->vwv+5, 0);
@@ -1945,6 +1949,7 @@ void reply_mknew(struct smb_request *req)
START_PROFILE(SMBcreate);
ZERO_STRUCT(ft);
+ SET_STAT_INVALID(sbuf);
if (req->wct < 3) {
reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
@@ -2123,6 +2128,7 @@ void reply_ctemp(struct smb_request *req)
return;
}
+ SET_STAT_INVALID(sbuf);
SMB_VFS_STAT(conn,fname,&sbuf);
/* We should fail if file does not exist. */
diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c
index df01a39893..04b1145e58 100644
--- a/source3/smbd/trans2.c
+++ b/source3/smbd/trans2.c
@@ -895,6 +895,8 @@ static void call_trans2open(connection_struct *conn,
uint32 create_options = 0;
TALLOC_CTX *ctx = talloc_tos();
+ SET_STAT_INVALID(sbuf);
+
/*
* Ensure we have enough parameters to perform the operation.
*/
diff --git a/source3/utils/net_rpc_printer.c b/source3/utils/net_rpc_printer.c
index 1d0e9a38be..9721628f02 100644
--- a/source3/utils/net_rpc_printer.c
+++ b/source3/utils/net_rpc_printer.c
@@ -2260,14 +2260,13 @@ NTSTATUS rpc_printer_migrate_settings_internals(struct net_context *c,
info_dst.info2.secdesc = NULL;
#if 0
- if (asprintf(&devicename, "\\\\%s\\%s", longname,
- printername) < 0) {
+ info_dst.info2.devmode.devicename =
+ talloc_asprintf(mem_ctx, "\\\\%s\\%s",
+ longname, printername);
+ if (!info_dst.info2.devmode.devicename) {
nt_status = NT_STATUS_NO_MEMORY;
goto done;
}
-
- init_unistr(&ctr_dst.printers_2->devmode->devicename,
- devicename);
#endif
if (!net_spoolss_setprinter(pipe_hnd_dst, mem_ctx, &hnd_dst,
level, &info_dst))
diff --git a/source4/auth/credentials/credentials_krb5.h b/source4/auth/credentials/credentials_krb5.h
index 0d0e9f330f..5e56752eb4 100644
--- a/source4/auth/credentials/credentials_krb5.h
+++ b/source4/auth/credentials/credentials_krb5.h
@@ -24,6 +24,7 @@
#define __CREDENTIALS_KRB5_H__
#include <gssapi/gssapi.h>
+#include <gssapi/gssapi_krb5.h>
#include <krb5.h>
struct gssapi_creds_container {
diff --git a/source4/auth/kerberos/clikrb5.c b/source4/auth/kerberos/clikrb5.c
index cf87d13cf2..68e7eb90cc 100644
--- a/source4/auth/kerberos/clikrb5.c
+++ b/source4/auth/kerberos/clikrb5.c
@@ -74,13 +74,9 @@
void kerberos_free_data_contents(krb5_context context, krb5_data *pdata)
{
-#if defined(HAVE_KRB5_FREE_DATA_CONTENTS)
if (pdata->data) {
- krb5_free_data_contents(context, pdata);
+ krb5_data_free(pdata);
}
-#else
- SAFE_FREE(pdata->data);
-#endif
}
krb5_error_code smb_krb5_kt_free_entry(krb5_context context, krb5_keytab_entry *kt_entry)
diff --git a/source4/dsdb/samdb/ldb_modules/tests/possibleinferiors.py b/source4/dsdb/samdb/ldb_modules/tests/possibleinferiors.py
index 0e74456dac..ec426c099b 100755
--- a/source4/dsdb/samdb/ldb_modules/tests/possibleinferiors.py
+++ b/source4/dsdb/samdb/ldb_modules/tests/possibleinferiors.py
@@ -71,7 +71,7 @@ schema_base = rootDse["schemaNamingContext"][0]
def possible_inferiors_search(db, oc):
"""return the possible inferiors via a search for the possibleInferiors attribute"""
res = db.search(base=schema_base,
- expression=("ldapdisplayname=%s" % oc),
+ expression=("ldapDisplayName=%s" % oc),
attrs=["possibleInferiors"])
poss=[]
@@ -86,47 +86,137 @@ def possible_inferiors_search(db, oc):
# see [MS-ADTS] section 3.1.1.4.5.21
-# for this algorithm
+# and section 3.1.1.4.2 for this algorithm
# !systemOnly=TRUE
# !objectClassCategory=2
# !objectClassCategory=3
-def POSSINFERIORS(db, oc):
- """returns a list of possible inferiors to a class. Returned list has the ldapdisplayname, systemOnly and objectClassCategory for each element"""
- expanded = [oc]
- res = db.search(base=schema_base,
- expression=("subclassof=%s" % str(oc["ldapdisplayname"][0])),
- attrs=["ldapdisplayname", "systemOnly", "objectClassCategory"])
+def SUPCLASSES(classinfo, oc):
+ list = []
+ if oc == "top":
+ return list
+ if classinfo[oc].get("SUPCLASSES") is not None:
+ return classinfo[oc]["SUPCLASSES"]
+ res = classinfo[oc]["subClassOf"];
for r in res:
- expanded.extend(POSSINFERIORS(db,r))
- return expanded
+ list.append(r)
+ list.extend(SUPCLASSES(classinfo,r))
+ classinfo[oc]["SUPCLASSES"] = list
+ return list
-def possible_inferiors_constructed(db, oc):
- """return the possbible inferiors via a recursive search and match"""
- res = db.search(base=schema_base,
- expression=("(&(objectclass=classSchema)(|(posssuperiors=%s)(systemposssuperiors=%s)))" % (oc,oc)),
- attrs=["ldapdisplayname", "systemOnly", "objectClassCategory"])
+def AUXCLASSES(classinfo, oclist):
+ list = []
+ if oclist == []:
+ return list
+ for oc in oclist:
+ if classinfo[oc].get("AUXCLASSES") is not None:
+ list.extend(classinfo[oc]["AUXCLASSES"])
+ else:
+ list2 = []
+ list2.extend(classinfo[oc]["systemAuxiliaryClass"])
+ list2.extend(AUXCLASSES(classinfo, classinfo[oc]["systemAuxiliaryClass"]))
+ list2.extend(classinfo[oc]["auxiliaryClass"])
+ list2.extend(AUXCLASSES(classinfo, classinfo[oc]["auxiliaryClass"]))
+ list2.extend(AUXCLASSES(classinfo, SUPCLASSES(classinfo, oc)))
+ classinfo[oc]["AUXCLASSES"] = list2
+ list.extend(list2)
+ return list
- poss = []
+def SUBCLASSES(classinfo, oclist):
+ list = []
+ for oc in oclist:
+ list.extend(classinfo[oc]["SUBCLASSES"])
+ return list
+
+def POSSSUPERIORS(classinfo, oclist):
+ list = []
+ for oc in oclist:
+ if classinfo[oc].get("POSSSUPERIORS") is not None:
+ list.extend(classinfo[oc]["POSSSUPERIORS"])
+ else:
+ list2 = []
+ list2.extend(classinfo[oc]["systemPossSuperiors"])
+ list2.extend(classinfo[oc]["possSuperiors"])
+ list2.extend(POSSSUPERIORS(classinfo, SUPCLASSES(classinfo, oc)))
+ # the WSPP docs suggest we should do this:
+ # list2.extend(POSSSUPERIORS(classinfo, AUXCLASSES(classinfo, [oc])))
+ # but testing against w2k3 and w2k8 shows that we need to do this instead
+ list2.extend(SUBCLASSES(classinfo, list2))
+ classinfo[oc]["POSSSUPERIORS"] = list2
+ list.extend(list2)
+ return list
+
+def pull_classinfo(db):
+ """At startup we build a classinfo[] dictionary that holds all the information needed to construct the possible inferiors"""
+ classinfo = {}
+ res = db.search(base=schema_base,
+ expression="objectclass=classSchema",
+ attrs=["ldapDisplayName", "systemOnly", "objectClassCategory",
+ "possSuperiors", "systemPossSuperiors",
+ "auxiliaryClass", "systemAuxiliaryClass", "subClassOf"])
for r in res:
- poss.extend(POSSINFERIORS(db,r))
-
- poss2 = []
- for p in poss:
- if (not (p["systemOnly"][0] == "TRUE" or
- int(p["objectClassCategory"][0]) == 2 or
- int(p["objectClassCategory"][0]) == 3)):
- poss2.append(p["ldapdisplayname"][0])
-
- poss2 = uniq_list(poss2)
- poss2.sort()
- return poss2
-
-def test_class(db, oc):
+ name = str(r["ldapDisplayName"][0])
+ classinfo[name] = {}
+ if str(r["systemOnly"]) == "TRUE":
+ classinfo[name]["systemOnly"] = True
+ else:
+ classinfo[name]["systemOnly"] = False
+ if r.get("objectClassCategory"):
+ classinfo[name]["objectClassCategory"] = int(r["objectClassCategory"][0])
+ else:
+ classinfo[name]["objectClassCategory"] = 0
+ for a in [ "possSuperiors", "systemPossSuperiors",
+ "auxiliaryClass", "systemAuxiliaryClass",
+ "subClassOf" ]:
+ classinfo[name][a] = []
+ if r.get(a):
+ for i in r[a]:
+ classinfo[name][a].append(str(i))
+
+ # build a list of subclasses for each class
+ def subclasses_recurse(subclasses, oc):
+ list = subclasses[oc]
+ for c in list:
+ list.extend(subclasses_recurse(subclasses, c))
+ return list
+
+ subclasses = {}
+ for oc in classinfo:
+ subclasses[oc] = []
+ for oc in classinfo:
+ for c in classinfo[oc]["subClassOf"]:
+ if not c == oc:
+ subclasses[c].append(oc)
+ for oc in classinfo:
+ classinfo[oc]["SUBCLASSES"] = uniq_list(subclasses_recurse(subclasses, oc))
+
+ return classinfo
+
+def is_in_list(list, c):
+ for a in list:
+ if c == a:
+ return True
+ return False
+
+def possible_inferiors_constructed(db, classinfo, c):
+ list = []
+ for oc in classinfo:
+ superiors = POSSSUPERIORS(classinfo, [oc])
+ if (is_in_list(superiors, c) and
+ classinfo[oc]["systemOnly"] == False and
+ classinfo[oc]["objectClassCategory"] != 2 and
+ classinfo[oc]["objectClassCategory"] != 3):
+ list.append(oc)
+ list = uniq_list(list)
+ list.sort()
+ return list
+
+def test_class(db, classinfo, oc):
"""test to see if one objectclass returns the correct possibleInferiors"""
+ print "testing objectClass %s" % oc
poss1 = possible_inferiors_search(db, oc)
- poss2 = possible_inferiors_constructed(db, oc)
+ poss2 = possible_inferiors_constructed(db, classinfo, oc)
if poss1 != poss2:
print "Returned incorrect list for objectclass %s" % oc
print poss1
@@ -137,19 +227,17 @@ def test_class(db, oc):
def get_object_classes(db):
"""return a list of all object classes"""
- res = db.search(base=schema_base,
- expression="objectClass=classSchema",
- attrs=["ldapdisplayname"])
list=[]
- for item in res:
- list.append(item["ldapdisplayname"][0])
+ for item in classinfo:
+ list.append(item)
return list
+classinfo = pull_classinfo(db)
+
if objectclass is None:
for oc in get_object_classes(db):
- print "testing objectClass %s" % oc
- test_class(db,oc)
+ test_class(db,classinfo,oc)
else:
- test_class(db,objectclass)
+ test_class(db,classinfo,objectclass)
print "Lists match OK"
diff --git a/source4/heimdal_build/replace.c b/source4/heimdal_build/replace.c
index 41309fea6e..ba43dd9495 100644
--- a/source4/heimdal_build/replace.c
+++ b/source4/heimdal_build/replace.c
@@ -84,3 +84,7 @@
return -1;
}
#endif
+
+const char *heimdal_version = "samba-internal-heimdal";
+const char *heimdal_long_version = "samba-interal-heimdal";
+
diff --git a/source4/heimdal_build/roken.h b/source4/heimdal_build/roken.h
index 3edeb2fb2e..e3edd53872 100644
--- a/source4/heimdal_build/roken.h
+++ b/source4/heimdal_build/roken.h
@@ -41,6 +41,22 @@
#define HAVE_STRNDUP
#endif
+#ifndef HAVE_STRLCPY
+#define HAVE_STRLCPY
+#endif
+
+#ifndef HAVE_STRLCAT
+#define HAVE_STRLCAT
+#endif
+
+#ifndef HAVE_STRCASECMP
+#define HAVE_STRCASECMP
+#endif
+
+#ifndef HAVE_MKSTEMP
+#define HAVE_MKSTEMP
+#endif
+
#ifndef HAVE_SETENV
#define HAVE_SETENV
#endif
@@ -84,4 +100,7 @@
#undef SOCKET_WRAPPER_REPLACE
#include "heimdal/lib/roken/roken.h.in"
+extern const char *heimdal_version;
+extern const char *heimdal_long_version;
+
#endif
diff --git a/source4/kdc/kdc.c b/source4/kdc/kdc.c
index 1cfe9852f0..3d11441062 100644
--- a/source4/kdc/kdc.c
+++ b/source4/kdc/kdc.c
@@ -345,7 +345,7 @@ static bool kdc_process(struct kdc_server *kdc,
}
if (k5_reply.length) {
*reply = data_blob_talloc(mem_ctx, k5_reply.data, k5_reply.length);
- krb5_free_data_contents(kdc->smb_krb5_context->krb5_context, &k5_reply);
+ krb5_data_free(&k5_reply);
} else {
*reply = data_blob(NULL, 0);
}