summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--lib/replace/libreplace_cc.m44
-rw-r--r--lib/replace/replace.h12
-rw-r--r--lib/talloc/talloc.c5
-rw-r--r--libcli/auth/msrpc_parse.c25
-rw-r--r--libcli/auth/ntlm_check.c2
-rw-r--r--libcli/auth/smbencrypt.c8
-rw-r--r--libcli/drsuapi/config.mk2
-rw-r--r--libcli/ldap/ldap_message.c4
-rw-r--r--libcli/security/security_descriptor.c3
-rw-r--r--libcli/util/error.h6
-rw-r--r--nsswitch/libwbclient/wbc_pam.c5
-rw-r--r--selftest/target/Samba3.pm10
-rw-r--r--selftest/target/Samba4.pm1
-rw-r--r--source3/client/client.c10
-rw-r--r--source3/client/clitar.c2
-rw-r--r--source3/configure.in2
-rw-r--r--source3/include/proto.h7
-rw-r--r--source3/lib/eventlog/eventlog.c2
-rw-r--r--source3/lib/fault.c7
-rw-r--r--source3/lib/secdesc.c68
-rw-r--r--source3/lib/util_reg_api.c2
-rw-r--r--source3/libads/ldap.c10
-rw-r--r--source3/libads/ldap_printer.c2
-rw-r--r--source3/libnet/libnet_dssync.c2
-rw-r--r--source3/libsmb/clifile.c389
-rw-r--r--source3/libsmb/errormap.c41
-rw-r--r--source3/libsmb/libsmb_dir.c3
-rw-r--r--source3/nmbd/nmbd_packets.c4
-rw-r--r--source3/nmbd/nmbd_processlogon.c2
-rw-r--r--source3/registry/regfio.c2
-rw-r--r--source3/rpc_client/init_netlogon.c187
-rw-r--r--source3/rpc_server/srv_pipe_hnd.c187
-rw-r--r--source3/rpc_server/srv_spoolss_nt.c8
-rw-r--r--source3/rpc_server/srv_srvsvc_nt.c2
-rw-r--r--source3/rpcclient/cmd_spoolss.c2
-rwxr-xr-xsource3/script/tests/test_wbinfo_s3.sh2
-rw-r--r--source3/smbd/filename.c30
-rw-r--r--source3/smbd/posix_acls.c76
-rw-r--r--source3/torture/mangle_test.c2
-rw-r--r--source3/torture/nbio.c2
-rw-r--r--source3/torture/torture.c305
-rw-r--r--source3/utils/net_rpc_printer.c6
-rw-r--r--source4/build/make/rules.mk2
-rw-r--r--source4/dsdb/samdb/ldb_modules/anr.c4
-rw-r--r--source4/dsdb/samdb/ldb_modules/partition.c2
-rw-r--r--source4/headermap.txt2
-rw-r--r--source4/libcli/raw/rawfile.c1
-rw-r--r--source4/libcli/smb_composite/connect.c2
-rw-r--r--source4/libcli/util/errormap.c37
-rw-r--r--source4/librpc/idl-deps.pl2
-rw-r--r--source4/rpc_server/lsa/dcesrv_lsa.c2
51 files changed, 911 insertions, 594 deletions
diff --git a/lib/replace/libreplace_cc.m4 b/lib/replace/libreplace_cc.m4
index 30c63f2f05..a26dee498e 100644
--- a/lib/replace/libreplace_cc.m4
+++ b/lib/replace/libreplace_cc.m4
@@ -141,9 +141,7 @@ AC_CHECK_SIZEOF(off_t)
AC_CHECK_SIZEOF(size_t)
AC_CHECK_SIZEOF(ssize_t)
-AC_CHECK_TYPE(intptr_t, long long)
-AC_CHECK_TYPE(uintptr_t, unsigned long long)
-AC_CHECK_TYPE(ptrdiff_t, unsigned long long)
+AC_CHECK_TYPES([intptr_t, uintptr_t, ptrdiff_t])
if test x"$ac_cv_type_long_long" != x"yes";then
AC_MSG_ERROR([LIBREPLACE needs type 'long long'])
diff --git a/lib/replace/replace.h b/lib/replace/replace.h
index c5b8676acf..fe1f732acb 100644
--- a/lib/replace/replace.h
+++ b/lib/replace/replace.h
@@ -535,6 +535,18 @@ typedef int bool;
#endif
#endif
+#if !defined(HAVE_INTPTR_T)
+typedef long long intptr_t ;
+#endif
+
+#if !defined(HAVE_UINTPTR_T)
+typedef unsigned long long uintptr_t ;
+#endif
+
+#if !defined(HAVE_PTRDIFF_T)
+typedef unsigned long long ptrdiff_t ;
+#endif
+
/*
* to prevent <rpcsvc/yp_prot.h> from doing a redefine of 'bool'
*
diff --git a/lib/talloc/talloc.c b/lib/talloc/talloc.c
index 60a48ad811..33cbfd7d26 100644
--- a/lib/talloc/talloc.c
+++ b/lib/talloc/talloc.c
@@ -1008,6 +1008,11 @@ void *_talloc_realloc(const void *context, void *ptr, size_t size, const char *n
return NULL;
}
+ /* don't let anybody try to realloc a talloc_pool */
+ if (unlikely(tc->flags & TALLOC_FLAG_POOL)) {
+ return NULL;
+ }
+
/* don't shrink if we have less than 1k to gain */
if ((size < tc->size) && ((tc->size - size) < 1024)) {
tc->size = size;
diff --git a/libcli/auth/msrpc_parse.c b/libcli/auth/msrpc_parse.c
index 2f78f5f190..9125c1cd78 100644
--- a/libcli/auth/msrpc_parse.c
+++ b/libcli/auth/msrpc_parse.c
@@ -66,8 +66,10 @@ bool msrpc_gen(TALLOC_CTX *mem_ctx,
case 'U':
s = va_arg(ap, char *);
head_size += 8;
- ret = push_ucs2_talloc(pointers, (smb_ucs2_t **)&pointers[i].data,
- s, &n);
+ ret = push_ucs2_talloc(
+ pointers,
+ (smb_ucs2_t **)(void *)&pointers[i].data,
+ s, &n);
if (!ret) {
return false;
}
@@ -78,8 +80,9 @@ bool msrpc_gen(TALLOC_CTX *mem_ctx,
case 'A':
s = va_arg(ap, char *);
head_size += 8;
- ret = push_ascii_talloc(pointers, (char **)&pointers[i].data, s,
- &n);
+ ret = push_ascii_talloc(
+ pointers, (char **)(void *)&pointers[i].data,
+ s, &n);
if (!ret) {
return false;
}
@@ -91,8 +94,10 @@ bool msrpc_gen(TALLOC_CTX *mem_ctx,
j = va_arg(ap, int);
intargs[i] = j;
s = va_arg(ap, char *);
- ret = push_ucs2_talloc(pointers, (smb_ucs2_t **)&pointers[i].data,
- s, &n);
+ ret = push_ucs2_talloc(
+ pointers,
+ (smb_ucs2_t **)(void *)&pointers[i].data,
+ s, &n);
if (!ret) {
return false;
}
@@ -230,7 +235,7 @@ bool msrpc_parse(TALLOC_CTX *mem_ctx,
ps = va_arg(ap, char **);
if (len1 == 0 && len2 == 0) {
- *ps = discard_const("");
+ *ps = (char *)discard_const("");
} else {
/* make sure its in the right format - be strict */
if ((len1 != len2) || (ptr + len1 < ptr) || (ptr + len1 < len1) || (ptr + len1 > blob->length)) {
@@ -257,7 +262,7 @@ bool msrpc_parse(TALLOC_CTX *mem_ctx,
goto cleanup;
}
} else {
- (*ps) = discard_const("");
+ (*ps) = (char *)discard_const("");
}
}
break;
@@ -270,7 +275,7 @@ bool msrpc_parse(TALLOC_CTX *mem_ctx,
ps = (char **)va_arg(ap, char **);
/* make sure its in the right format - be strict */
if (len1 == 0 && len2 == 0) {
- *ps = discard_const("");
+ *ps = (char *)discard_const("");
} else {
if ((len1 != len2) || (ptr + len1 < ptr) || (ptr + len1 < len1) || (ptr + len1 > blob->length)) {
ret = false;
@@ -293,7 +298,7 @@ bool msrpc_parse(TALLOC_CTX *mem_ctx,
goto cleanup;
}
} else {
- (*ps) = discard_const("");
+ (*ps) = (char *)discard_const("");
}
}
break;
diff --git a/libcli/auth/ntlm_check.c b/libcli/auth/ntlm_check.c
index 2cfe8e1ef8..978f0fe1be 100644
--- a/libcli/auth/ntlm_check.c
+++ b/libcli/auth/ntlm_check.c
@@ -322,7 +322,7 @@ NTSTATUS ntlm_password_check(TALLOC_CTX *mem_ctx,
if (lm_response->length &&
(convert_string_talloc(mem_ctx, CH_DOS, CH_UNIX,
lm_response->data, lm_response->length,
- (void **)&unix_pw, NULL, false))) {
+ (void *)&unix_pw, NULL, false))) {
if (E_deshash(unix_pw, client_lm.hash)) {
lm_ok = true;
} else {
diff --git a/libcli/auth/smbencrypt.c b/libcli/auth/smbencrypt.c
index 7659446b75..8d07b94806 100644
--- a/libcli/auth/smbencrypt.c
+++ b/libcli/auth/smbencrypt.c
@@ -231,14 +231,14 @@ bool ntv2_owf_gen(const uint8_t owf[16],
domain_byte_len = domain_byte_len - 2;
hmac_md5_init_limK_to_64(owf, 16, &ctx);
- hmac_md5_update((const void *)user, user_byte_len, &ctx);
- hmac_md5_update((const void *)domain, domain_byte_len, &ctx);
+ hmac_md5_update((uint8_t *)user, user_byte_len, &ctx);
+ hmac_md5_update((uint8_t *)domain, domain_byte_len, &ctx);
hmac_md5_final(kr_buf, &ctx);
#ifdef DEBUG_PASSWORD
DEBUG(100, ("ntv2_owf_gen: user, domain, owfkey, kr\n"));
- dump_data(100, (const void *)user, user_byte_len);
- dump_data(100, (const void *)domain, domain_byte_len);
+ dump_data(100, (uint8_t *)user, user_byte_len);
+ dump_data(100, (uint8_t *)domain, domain_byte_len);
dump_data(100, owf, 16);
dump_data(100, kr_buf, 16);
#endif
diff --git a/libcli/drsuapi/config.mk b/libcli/drsuapi/config.mk
index cb002ca3dc..4c68702280 100644
--- a/libcli/drsuapi/config.mk
+++ b/libcli/drsuapi/config.mk
@@ -4,5 +4,3 @@ PUBLIC_DEPENDENCIES = \
LIBCLI_DRSUAPI_OBJ_FILES = $(addprefix $(libclicommonsrcdir)/drsuapi/, \
repl_decrypt.o)
-
-PUBLIC_HEADERS += ../libcli/drsuapi/drsuapi.h
diff --git a/libcli/ldap/ldap_message.c b/libcli/ldap/ldap_message.c
index 9b00d0188d..8b0f8a2ea1 100644
--- a/libcli/ldap/ldap_message.c
+++ b/libcli/ldap/ldap_message.c
@@ -1230,8 +1230,8 @@ _PUBLIC_ NTSTATUS ldap_decode(struct asn1_data *data,
msg->type = LDAP_TAG_SearchRequest;
asn1_start_tag(data, tag);
asn1_read_OctetString_talloc(msg, data, &r->basedn);
- asn1_read_enumerated(data, (int *)&(r->scope));
- asn1_read_enumerated(data, (int *)&(r->deref));
+ asn1_read_enumerated(data, (int *)(void *)&(r->scope));
+ asn1_read_enumerated(data, (int *)(void *)&(r->deref));
asn1_read_Integer(data, &sizelimit);
r->sizelimit = sizelimit;
asn1_read_Integer(data, &timelimit);
diff --git a/libcli/security/security_descriptor.c b/libcli/security/security_descriptor.c
index 8e9c7eb4a9..59d82b821e 100644
--- a/libcli/security/security_descriptor.c
+++ b/libcli/security/security_descriptor.c
@@ -20,7 +20,8 @@
*/
#include "includes.h"
-#include "libcli/security/security.h"
+#include "libcli/security/security_descriptor.h"
+#include "libcli/security/dom_sid.h"
/*
return a blank security descriptor (no owners, dacl or sacl)
diff --git a/libcli/util/error.h b/libcli/util/error.h
index 5a7cc1b0b9..03e76a2a39 100644
--- a/libcli/util/error.h
+++ b/libcli/util/error.h
@@ -22,6 +22,7 @@
#include "libcli/util/werror.h"
#include "libcli/util/doserr.h"
#include "libcli/util/ntstatus.h"
+#include "nsswitch/libwbclient/wbclient.h"
/** NT error on DOS connection! (NT_STATUS_OK) */
bool ntstatus_dos_equal(NTSTATUS status1, NTSTATUS status2);
@@ -46,4 +47,9 @@ WERROR ntstatus_to_werror(NTSTATUS error);
*********************************************************************/
NTSTATUS map_nt_error_from_unix(int unix_error);
+/*******************************************************************************
+ Map between wbcErr and NT status.
+*******************************************************************************/
+NTSTATUS map_nt_error_from_wbcErr(wbcErr wbc_err);
+
#endif /* _SAMBA_ERROR_H */
diff --git a/nsswitch/libwbclient/wbc_pam.c b/nsswitch/libwbclient/wbc_pam.c
index 92c6643631..61ce2a12d2 100644
--- a/nsswitch/libwbclient/wbc_pam.c
+++ b/nsswitch/libwbclient/wbc_pam.c
@@ -810,11 +810,6 @@ wbcErr wbcChangeUserPasswordEx(const struct wbcChangePasswordParams *params,
break;
}
- if (cmd == 0) {
- wbc_status = WBC_ERR_INVALID_PARAM;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
/* Send request */
wbc_status = wbcRequestResponse(cmd,
diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm
index a36721406c..288ba8c8b7 100644
--- a/selftest/target/Samba3.pm
+++ b/selftest/target/Samba3.pm
@@ -505,7 +505,15 @@ sub provision($$$$$$)
[print1]
copy = tmp
printable = yes
- printing = test
+ printing = vlp
+ print command = $bindir_abs/vlp print %p %s
+ lpq command = $bindir_abs/vlp lpq %p
+ lp rm command = $bindir_abs/vlp lprm %p %j
+ lp pause command = $bindir_abs/vlp lppause %p %j
+ lp resume command = $bindir_abs/vlp lpresume %p %j
+ queue pause command = $bindir_abs/vlp queuepause %p
+ queue resume command = $bindir_abs/vlp queueresume %p
+
[print2]
copy = print1
[print3]
diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm
index 1058ac66e0..781c9f3ae8 100644
--- a/selftest/target/Samba4.pm
+++ b/selftest/target/Samba4.pm
@@ -108,6 +108,7 @@ sub check_or_start($$$)
}
$ENV{KRB5_CONFIG} = $env_vars->{KRB5_CONFIG};
+ $ENV{WINBINDD_SOCKET_DIR} = $env_vars->{WINBINDD_SOCKET_DIR};
$ENV{NSS_WRAPPER_PASSWD} = $env_vars->{NSS_WRAPPER_PASSWD};
$ENV{NSS_WRAPPER_GROUP} = $env_vars->{NSS_WRAPPER_GROUP};
diff --git a/source3/client/client.c b/source3/client/client.c
index d74de35bc5..68d96a9dcc 100644
--- a/source3/client/client.c
+++ b/source3/client/client.c
@@ -307,7 +307,7 @@ static int do_dskattr(void)
return 1;
}
- if (!cli_dskattr(targetcli, &bsize, &total, &avail)) {
+ if (!NT_STATUS_IS_OK(cli_dskattr(targetcli, &bsize, &total, &avail))) {
d_printf("Error in dskattr: %s\n",cli_errstr(targetcli));
return 1;
}
@@ -437,7 +437,7 @@ static int do_cd(const char *new_dir)
goto out;
}
- if (!cli_chkpath(targetcli, targetpath)) {
+ if (!NT_STATUS_IS_OK(cli_chkpath(targetcli, targetpath))) {
d_printf("cd %s: %s\n", new_cd, cli_errstr(targetcli));
client_set_cur_dir(saved_dir);
goto out;
@@ -1482,7 +1482,7 @@ static int cmd_mkdir(void)
if (!ddir2) {
return 1;
}
- if (!cli_chkpath(targetcli, ddir2)) {
+ if (!NT_STATUS_IS_OK(cli_chkpath(targetcli, ddir2))) {
do_mkdir(ddir2);
}
ddir2 = talloc_asprintf_append(ddir2, "%s", CLI_DIRSEP_STR);
@@ -1956,7 +1956,7 @@ static int cmd_mput(void)
break;
}
normalize_name(rname);
- if (!cli_chkpath(cli, rname) &&
+ if (!NT_STATUS_IS_OK(cli_chkpath(cli, rname)) &&
!do_mkdir(rname)) {
DEBUG (0, ("Unable to make dir, skipping..."));
/* Skip the directory */
@@ -2675,7 +2675,7 @@ static int cmd_rmdir(void)
return 1;
}
- if (!cli_rmdir(targetcli, targetname)) {
+ if (!NT_STATUS_IS_OK(cli_rmdir(targetcli, targetname))) {
d_printf("%s removing remote directory file %s\n",
cli_errstr(targetcli),mask);
}
diff --git a/source3/client/clitar.c b/source3/client/clitar.c
index 7512583e19..fd375769e4 100644
--- a/source3/client/clitar.c
+++ b/source3/client/clitar.c
@@ -554,7 +554,7 @@ static bool ensurepath(const char *fname)
while (p) {
safe_strcat(partpath, p, strlen(fname) + 1);
- if (!cli_chkpath(cli, partpath)) {
+ if (!NT_STATUS_IS_OK(cli_chkpath(cli, partpath))) {
if (!NT_STATUS_IS_OK(cli_mkdir(cli, partpath))) {
SAFE_FREE(partpath);
SAFE_FREE(ffname);
diff --git a/source3/configure.in b/source3/configure.in
index 663c3a8361..4ed9e68d0d 100644
--- a/source3/configure.in
+++ b/source3/configure.in
@@ -284,7 +284,7 @@ if test "$ac_cv_prog_gnu_ld" = "yes"; then
else
AC_MSG_CHECKING(GNU ld release version)
changequote(,)dnl
- ac_cv_gnu_ld_vernr=`echo $ac_cv_gnu_ld_version | sed -n 's,^.*[^0-9\.]\+\([1-9][0-9]*\.[0-9][0-9]*\).*$,\1,p'`
+ ac_cv_gnu_ld_vernr=`echo $ac_cv_gnu_ld_version | sed -n 's,^[^0-9]*\([1-9][0-9]*\.[0-9][0-9]*\).*$,\1,p'`
ac_cv_gnu_ld_vernr_major=`echo $ac_cv_gnu_ld_vernr | cut -d '.' -f 1`
ac_cv_gnu_ld_vernr_minor=`echo $ac_cv_gnu_ld_vernr | cut -d '.' -f 2`
changequote([,])dnl
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 3ddbf6f3b9..518c3a7e93 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -647,7 +647,6 @@ ssize_t drain_socket(int sockfd, size_t count);
/* The following definitions come from lib/secdesc.c */
-bool sec_desc_equal(SEC_DESC *s1, SEC_DESC *s2);
uint32_t get_sec_info(const SEC_DESC *sd);
SEC_DESC_BUF *sec_desc_merge(TALLOC_CTX *ctx, SEC_DESC_BUF *new_sdb, SEC_DESC_BUF *old_sdb);
SEC_DESC *make_sec_desc(TALLOC_CTX *ctx,
@@ -2339,7 +2338,7 @@ bool cli_nt_hardlink(struct cli_state *cli, const char *fname_src, const char *f
bool cli_unlink_full(struct cli_state *cli, const char *fname, uint16 attrs);
bool cli_unlink(struct cli_state *cli, const char *fname);
NTSTATUS cli_mkdir(struct cli_state *cli, const char *dname);
-bool cli_rmdir(struct cli_state *cli, const char *dname);
+NTSTATUS cli_rmdir(struct cli_state *cli, const char *dname);
int cli_nt_delete_on_close(struct cli_state *cli, int fnum, bool flag);
int cli_nt_create_full(struct cli_state *cli, const char *fname,
uint32 CreatFlags, uint32 DesiredAccess,
@@ -2417,8 +2416,8 @@ bool cli_setattrE(struct cli_state *cli, int fd,
time_t access_time,
time_t write_time);
bool cli_setatr(struct cli_state *cli, const char *fname, uint16 attr, time_t t);
-bool cli_chkpath(struct cli_state *cli, const char *path);
-bool cli_dskattr(struct cli_state *cli, int *bsize, int *total, int *avail);
+NTSTATUS cli_chkpath(struct cli_state *cli, const char *path);
+NTSTATUS cli_dskattr(struct cli_state *cli, int *bsize, int *total, int *avail);
int cli_ctemp(struct cli_state *cli, const char *path, char **tmp_path);
NTSTATUS cli_raw_ioctl(struct cli_state *cli, int fnum, uint32 code, DATA_BLOB *blob);
bool cli_set_ea_path(struct cli_state *cli, const char *path, const char *ea_name, const char *ea_val, size_t ea_len);
diff --git a/source3/lib/eventlog/eventlog.c b/source3/lib/eventlog/eventlog.c
index 11cb28a120..42b2a06ce3 100644
--- a/source3/lib/eventlog/eventlog.c
+++ b/source3/lib/eventlog/eventlog.c
@@ -936,7 +936,7 @@ NTSTATUS evlog_tdb_entry_to_evt_entry(TALLOC_CTX *mem_ctx,
size_t len;
if (!convert_string_talloc(mem_ctx, CH_UTF16, CH_UNIX,
t->sid.data, t->sid.length,
- (void **)&sid_str, &len, false)) {
+ (void *)&sid_str, &len, false)) {
return NT_STATUS_INVALID_SID;
}
if (len > 0) {
diff --git a/source3/lib/fault.c b/source3/lib/fault.c
index efd1dddfd4..51fc53bb0d 100644
--- a/source3/lib/fault.c
+++ b/source3/lib/fault.c
@@ -194,17 +194,18 @@ static char *get_freebsd_corepath(void)
*/
static char *get_corepath(const char *logbase, const char *progname)
{
- char *tmp_corepath = NULL;
+#if (defined(FREEBSD) && defined(HAVE_SYSCTLBYNAME))
/* @todo: Add support for the linux corepath. */
-#if (defined(FREEBSD) && defined(HAVE_SYSCTLBYNAME))
+
+ char *tmp_corepath = NULL;
tmp_corepath = get_freebsd_corepath();
-#endif
/* If this has been set correctly, we're done. */
if (tmp_corepath) {
return tmp_corepath;
}
+#endif
/* Fall back to the default. */
return get_default_corepath(logbase, progname);
diff --git a/source3/lib/secdesc.c b/source3/lib/secdesc.c
index a81c4ae82a..5e35181834 100644
--- a/source3/lib/secdesc.c
+++ b/source3/lib/secdesc.c
@@ -32,74 +32,6 @@ const struct generic_mapping file_generic_mapping = {
};
/*******************************************************************
- Compares two SEC_DESC structures
-********************************************************************/
-
-bool sec_desc_equal(SEC_DESC *s1, SEC_DESC *s2)
-{
- /* Trivial case */
-
- if (!s1 && !s2) {
- goto done;
- }
-
- if (!s1 || !s2) {
- return False;
- }
-
- /* Check top level stuff */
-
- if (s1->revision != s2->revision) {
- DEBUG(10, ("sec_desc_equal(): revision differs (%d != %d)\n",
- s1->revision, s2->revision));
- return False;
- }
-
- if (s1->type!= s2->type) {
- DEBUG(10, ("sec_desc_equal(): type differs (%d != %d)\n",
- s1->type, s2->type));
- return False;
- }
-
- /* Check owner and group */
-
- if (!sid_equal(s1->owner_sid, s2->owner_sid)) {
- DEBUG(10, ("sec_desc_equal(): owner differs (%s != %s)\n",
- sid_string_dbg(s1->owner_sid),
- sid_string_dbg(s2->owner_sid)));
- return False;
- }
-
- if (!sid_equal(s1->group_sid, s2->group_sid)) {
- DEBUG(10, ("sec_desc_equal(): group differs (%s != %s)\n",
- sid_string_dbg(s1->group_sid),
- sid_string_dbg(s2->group_sid)));
- return False;
- }
-
- /* Check ACLs present in one but not the other */
-
- if ((s1->dacl && !s2->dacl) || (!s1->dacl && s2->dacl) ||
- (s1->sacl && !s2->sacl) || (!s1->sacl && s2->sacl)) {
- DEBUG(10, ("sec_desc_equal(): dacl or sacl not present\n"));
- return False;
- }
-
- /* Sigh - we have to do it the hard way by iterating over all
- the ACEs in the ACLs */
-
- if (!sec_acl_equal(s1->dacl, s2->dacl) ||
- !sec_acl_equal(s1->sacl, s2->sacl)) {
- DEBUG(10, ("sec_desc_equal(): dacl/sacl list not equal\n"));
- return False;
- }
-
- done:
- DEBUG(10, ("sec_desc_equal(): secdescs are identical\n"));
- return True;
-}
-
-/*******************************************************************
Given a security_descriptor return the sec_info.
********************************************************************/
diff --git a/source3/lib/util_reg_api.c b/source3/lib/util_reg_api.c
index 9313193f10..56ecc5472d 100644
--- a/source3/lib/util_reg_api.c
+++ b/source3/lib/util_reg_api.c
@@ -92,7 +92,7 @@ WERROR registry_pull_value(TALLOC_CTX *mem_ctx,
}
if (!convert_string_talloc(value, CH_UTF16LE, CH_UNIX, tmp,
- length+2, (void **)&value->v.sz.str,
+ length+2, (void *)&value->v.sz.str,
&value->v.sz.len, False)) {
SAFE_FREE(tmp);
err = WERR_INVALID_PARAM;
diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c
index 9ffbd57e4a..cc72d81b86 100644
--- a/source3/libads/ldap.c
+++ b/source3/libads/ldap.c
@@ -118,6 +118,16 @@ static int ldap_search_with_timeout(LDAP *ld,
if (gotalarm != 0)
return LDAP_TIMELIMIT_EXCEEDED;
+ /*
+ * A bug in OpenLDAP means ldap_search_ext_s can return
+ * LDAP_SUCCESS but with a NULL res pointer. Cope with
+ * this. See bug #6279 for details. JRA.
+ */
+
+ if (*res == NULL) {
+ return LDAP_TIMELIMIT_EXCEEDED;
+ }
+
return result;
}
diff --git a/source3/libads/ldap_printer.c b/source3/libads/ldap_printer.c
index 9be366dc29..7fec58c7eb 100644
--- a/source3/libads/ldap_printer.c
+++ b/source3/libads/ldap_printer.c
@@ -372,7 +372,7 @@ WERROR get_remote_printer_publishing_data(struct rpc_pipe_client *cli,
} else {
for (i=0; i < count; i++) {
REGISTRY_VALUE v;
- DATA_BLOB blob;
+ DATA_BLOB blob = data_blob_null;
result = push_spoolss_PrinterData(mem_ctx, &blob,
info[i].type,
diff --git a/source3/libnet/libnet_dssync.c b/source3/libnet/libnet_dssync.c
index 59feac2495..0b61b162c0 100644
--- a/source3/libnet/libnet_dssync.c
+++ b/source3/libnet/libnet_dssync.c
@@ -601,6 +601,8 @@ static NTSTATUS libnet_dssync_process(TALLOC_CTX *mem_ctx,
dn_count = 1;
}
+ status = NT_STATUS_OK;
+
for (count=0; count < dn_count; count++) {
status = libnet_dssync_build_request(mem_ctx, ctx,
dns[count],
diff --git a/source3/libsmb/clifile.c b/source3/libsmb/clifile.c
index 5be18366b9..3d1da5f412 100644
--- a/source3/libsmb/clifile.c
+++ b/source3/libsmb/clifile.c
@@ -596,44 +596,6 @@ bool cli_unlink(struct cli_state *cli, const char *fname)
return cli_unlink_full(cli, fname, aSYSTEM | aHIDDEN);
}
-#if 0
-/****************************************************************************
- Create a directory.
-****************************************************************************/
-
-bool cli_mkdir(struct cli_state *cli, const char *dname)
-{
- char *p;
-
- memset(cli->outbuf,'\0',smb_size);
- memset(cli->inbuf,'\0',smb_size);
-
- cli_set_message(cli->outbuf,0, 0, true);
-
- SCVAL(cli->outbuf,smb_com,SMBmkdir);
- SSVAL(cli->outbuf,smb_tid,cli->cnum);
- cli_setup_packet(cli);
-
- p = smb_buf(cli->outbuf);
- *p++ = 4;
- p += clistr_push(cli, p, dname,
- cli->bufsize - PTR_DIFF(p,cli->outbuf), STR_TERMINATE);
-
- cli_setup_bcc(cli, p);
-
- cli_send_smb(cli);
- if (!cli_receive_smb(cli)) {
- return False;
- }
-
- if (cli_is_error(cli)) {
- return False;
- }
-
- return True;
-}
-#endif
-
/****************************************************************************
Create a directory.
****************************************************************************/
@@ -660,8 +622,8 @@ struct tevent_req *cli_mkdir_send(TALLOC_CTX *mem_ctx,
}
bytes = talloc_array(state, uint8_t, 1);
- if (!bytes) {
- return NULL;
+ if (tevent_req_nomem(bytes, req)) {
+ return tevent_req_post(req, ev);
}
bytes[0] = 4;
bytes = smb_bytes_push_str(bytes, cli_ucs2(cli), dname,
@@ -672,7 +634,7 @@ struct tevent_req *cli_mkdir_send(TALLOC_CTX *mem_ctx,
}
subreq = cli_smb_send(state, ev, cli, SMBmkdir, additional_flags,
- 0, NULL, talloc_get_size(bytes), bytes);
+ 0, NULL, talloc_get_size(bytes), bytes);
if (tevent_req_nomem(subreq, req)) {
return tevent_req_post(req, ev);
}
@@ -746,36 +708,108 @@ NTSTATUS cli_mkdir(struct cli_state *cli, const char *dname)
Remove a directory.
****************************************************************************/
-bool cli_rmdir(struct cli_state *cli, const char *dname)
+static void cli_rmdir_done(struct tevent_req *subreq);
+
+struct cli_rmdir_state {
+ int dummy;
+};
+
+struct tevent_req *cli_rmdir_send(TALLOC_CTX *mem_ctx,
+ struct event_context *ev,
+ struct cli_state *cli,
+ const char *dname)
{
- char *p;
+ struct tevent_req *req = NULL, *subreq = NULL;
+ struct cli_rmdir_state *state = NULL;
+ uint8_t additional_flags = 0;
+ uint8_t *bytes = NULL;
- memset(cli->outbuf,'\0',smb_size);
- memset(cli->inbuf,'\0',smb_size);
+ req = tevent_req_create(mem_ctx, &state, struct cli_rmdir_state);
+ if (req == NULL) {
+ return NULL;
+ }
- cli_set_message(cli->outbuf,0, 0, true);
+ bytes = talloc_array(state, uint8_t, 1);
+ if (tevent_req_nomem(bytes, req)) {
+ return tevent_req_post(req, ev);
+ }
+ bytes[0] = 4;
+ bytes = smb_bytes_push_str(bytes, cli_ucs2(cli), dname,
+ strlen(dname)+1, NULL);
- SCVAL(cli->outbuf,smb_com,SMBrmdir);
- SSVAL(cli->outbuf,smb_tid,cli->cnum);
- cli_setup_packet(cli);
+ if (tevent_req_nomem(bytes, req)) {
+ return tevent_req_post(req, ev);
+ }
- p = smb_buf(cli->outbuf);
- *p++ = 4;
- p += clistr_push(cli, p, dname,
- cli->bufsize - PTR_DIFF(p,cli->outbuf), STR_TERMINATE);
+ subreq = cli_smb_send(state, ev, cli, SMBrmdir, additional_flags,
+ 0, NULL, talloc_get_size(bytes), bytes);
+ if (tevent_req_nomem(subreq, req)) {
+ return tevent_req_post(req, ev);
+ }
+ tevent_req_set_callback(subreq, cli_rmdir_done, req);
+ return req;
+}
- cli_setup_bcc(cli, p);
+static void cli_rmdir_done(struct tevent_req *subreq)
+{
+ struct tevent_req *req = tevent_req_callback_data(
+ subreq, struct tevent_req);
+ NTSTATUS status;
- cli_send_smb(cli);
- if (!cli_receive_smb(cli)) {
- return false;
+ status = cli_smb_recv(subreq, 0, NULL, NULL, NULL, NULL);
+ TALLOC_FREE(subreq);
+ if (!NT_STATUS_IS_OK(status)) {
+ tevent_req_nterror(req, status);
+ return;
}
+ tevent_req_done(req);
+}
- if (cli_is_error(cli)) {
- return false;
+NTSTATUS cli_rmdir_recv(struct tevent_req *req)
+{
+ return tevent_req_simple_recv_ntstatus(req);
+}
+
+NTSTATUS cli_rmdir(struct cli_state *cli, const char *dname)
+{
+ TALLOC_CTX *frame = talloc_stackframe();
+ struct event_context *ev;
+ struct tevent_req *req;
+ NTSTATUS status = NT_STATUS_OK;
+
+ if (cli_has_async_calls(cli)) {
+ /*
+ * Can't use sync call while an async call is in flight
+ */
+ status = NT_STATUS_INVALID_PARAMETER;
+ goto fail;
}
- return true;
+ ev = event_context_init(frame);
+ if (ev == NULL) {
+ status = NT_STATUS_NO_MEMORY;
+ goto fail;
+ }
+
+ req = cli_rmdir_send(frame, ev, cli, dname);
+ if (req == NULL) {
+ status = NT_STATUS_NO_MEMORY;
+ goto fail;
+ }
+
+ if (!tevent_req_poll(req, ev)) {
+ status = map_nt_error_from_unix(errno);
+ goto fail;
+ }
+
+ status = cli_rmdir_recv(req);
+
+ fail:
+ TALLOC_FREE(frame);
+ if (!NT_STATUS_IS_OK(status)) {
+ cli_set_error(cli, status);
+ }
+ return status;
}
/****************************************************************************
@@ -2010,55 +2044,239 @@ bool cli_setatr(struct cli_state *cli, const char *fname, uint16 attr, time_t t)
Check for existance of a dir.
****************************************************************************/
-bool cli_chkpath(struct cli_state *cli, const char *path)
+static void cli_chkpath_done(struct tevent_req *subreq);
+
+struct cli_chkpath_state {
+ int dummy;
+};
+
+struct tevent_req *cli_chkpath_send(TALLOC_CTX *mem_ctx,
+ struct event_context *ev,
+ struct cli_state *cli,
+ const char *fname)
+{
+ struct tevent_req *req = NULL, *subreq = NULL;
+ struct cli_chkpath_state *state = NULL;
+ uint8_t additional_flags = 0;
+ uint8_t *bytes = NULL;
+
+ req = tevent_req_create(mem_ctx, &state, struct cli_chkpath_state);
+ if (req == NULL) {
+ return NULL;
+ }
+
+ bytes = talloc_array(state, uint8_t, 1);
+ if (tevent_req_nomem(bytes, req)) {
+ return tevent_req_post(req, ev);
+ }
+ bytes[0] = 4;
+ bytes = smb_bytes_push_str(bytes, cli_ucs2(cli), fname,
+ strlen(fname)+1, NULL);
+
+ if (tevent_req_nomem(bytes, req)) {
+ return tevent_req_post(req, ev);
+ }
+
+ subreq = cli_smb_send(state, ev, cli, SMBcheckpath, additional_flags,
+ 0, NULL, talloc_get_size(bytes), bytes);
+ if (tevent_req_nomem(subreq, req)) {
+ return tevent_req_post(req, ev);
+ }
+ tevent_req_set_callback(subreq, cli_chkpath_done, req);
+ return req;
+}
+
+static void cli_chkpath_done(struct tevent_req *subreq)
+{
+ struct tevent_req *req = tevent_req_callback_data(
+ subreq, struct tevent_req);
+ NTSTATUS status;
+
+ status = cli_smb_recv(subreq, 0, NULL, NULL, NULL, NULL);
+ TALLOC_FREE(subreq);
+ if (!NT_STATUS_IS_OK(status)) {
+ tevent_req_nterror(req, status);
+ return;
+ }
+ tevent_req_done(req);
+}
+
+NTSTATUS cli_chkpath_recv(struct tevent_req *req)
+{
+ return tevent_req_simple_recv_ntstatus(req);
+}
+
+NTSTATUS cli_chkpath(struct cli_state *cli, const char *path)
{
- char *path2 = NULL;
- char *p;
TALLOC_CTX *frame = talloc_stackframe();
+ struct event_context *ev = NULL;
+ struct tevent_req *req = NULL;
+ char *path2 = NULL;
+ NTSTATUS status = NT_STATUS_OK;
+
+ if (cli_has_async_calls(cli)) {
+ /*
+ * Can't use sync call while an async call is in flight
+ */
+ status = NT_STATUS_INVALID_PARAMETER;
+ goto fail;
+ }
path2 = talloc_strdup(frame, path);
if (!path2) {
- TALLOC_FREE(frame);
- return false;
+ status = NT_STATUS_NO_MEMORY;
+ goto fail;
}
trim_char(path2,'\0','\\');
if (!*path2) {
path2 = talloc_strdup(frame, "\\");
if (!path2) {
- TALLOC_FREE(frame);
- return false;
+ status = NT_STATUS_NO_MEMORY;
+ goto fail;
}
}
- memset(cli->outbuf,'\0',smb_size);
- cli_set_message(cli->outbuf,0,0,True);
- SCVAL(cli->outbuf,smb_com,SMBcheckpath);
- SSVAL(cli->outbuf,smb_tid,cli->cnum);
- cli_setup_packet(cli);
- p = smb_buf(cli->outbuf);
- *p++ = 4;
- p += clistr_push(cli, p, path2,
- cli->bufsize - PTR_DIFF(p,cli->outbuf), STR_TERMINATE);
-
- cli_setup_bcc(cli, p);
+ ev = event_context_init(frame);
+ if (ev == NULL) {
+ status = NT_STATUS_NO_MEMORY;
+ goto fail;
+ }
- cli_send_smb(cli);
- if (!cli_receive_smb(cli)) {
- TALLOC_FREE(frame);
- return False;
+ req = cli_chkpath_send(frame, ev, cli, path2);
+ if (req == NULL) {
+ status = NT_STATUS_NO_MEMORY;
+ goto fail;
}
- TALLOC_FREE(frame);
+ if (!tevent_req_poll(req, ev)) {
+ status = map_nt_error_from_unix(errno);
+ goto fail;
+ }
- if (cli_is_error(cli)) return False;
+ status = cli_chkpath_recv(req);
- return True;
+ fail:
+ TALLOC_FREE(frame);
+ if (!NT_STATUS_IS_OK(status)) {
+ cli_set_error(cli, status);
+ }
+ return status;
}
/****************************************************************************
Query disk space.
****************************************************************************/
+static void cli_dskattr_done(struct tevent_req *subreq);
+
+struct cli_dskattr_state {
+ int bsize;
+ int total;
+ int avail;
+};
+
+struct tevent_req *cli_dskattr_send(TALLOC_CTX *mem_ctx,
+ struct event_context *ev,
+ struct cli_state *cli)
+{
+ struct tevent_req *req = NULL, *subreq = NULL;
+ struct cli_dskattr_state *state = NULL;
+ uint8_t additional_flags = 0;
+
+ req = tevent_req_create(mem_ctx, &state, struct cli_dskattr_state);
+ if (req == NULL) {
+ return NULL;
+ }
+
+ subreq = cli_smb_send(state, ev, cli, SMBdskattr, additional_flags,
+ 0, NULL, 0, NULL);
+ if (tevent_req_nomem(subreq, req)) {
+ return tevent_req_post(req, ev);
+ }
+ tevent_req_set_callback(subreq, cli_dskattr_done, req);
+ return req;
+}
+
+static void cli_dskattr_done(struct tevent_req *subreq)
+{
+ struct tevent_req *req = tevent_req_callback_data(
+ subreq, struct tevent_req);
+ struct cli_dskattr_state *state = tevent_req_data(
+ req, struct cli_dskattr_state);
+ uint8_t wct;
+ uint16_t *vwv = NULL;
+ NTSTATUS status;
+
+ status = cli_smb_recv(subreq, 4, &wct, &vwv, NULL, NULL);
+ if (!NT_STATUS_IS_OK(status)) {
+ tevent_req_nterror(req, status);
+ return;
+ }
+ state->bsize = SVAL(vwv+1, 0)*SVAL(vwv+2,0);
+ state->total = SVAL(vwv+0, 0);
+ state->avail = SVAL(vwv+3, 0);
+ TALLOC_FREE(subreq);
+ tevent_req_done(req);
+}
+
+NTSTATUS cli_dskattr_recv(struct tevent_req *req, int *bsize, int *total, int *avail)
+{
+ struct cli_dskattr_state *state = tevent_req_data(
+ req, struct cli_dskattr_state);
+ NTSTATUS status;
+
+ if (tevent_req_is_nterror(req, &status)) {
+ return status;
+ }
+ *bsize = state->bsize;
+ *total = state->total;
+ *avail = state->avail;
+ return NT_STATUS_OK;
+}
+
+NTSTATUS cli_dskattr(struct cli_state *cli, int *bsize, int *total, int *avail)
+{
+ TALLOC_CTX *frame = talloc_stackframe();
+ struct event_context *ev = NULL;
+ struct tevent_req *req = NULL;
+ NTSTATUS status = NT_STATUS_OK;
+
+ if (cli_has_async_calls(cli)) {
+ /*
+ * Can't use sync call while an async call is in flight
+ */
+ status = NT_STATUS_INVALID_PARAMETER;
+ goto fail;
+ }
+
+ ev = event_context_init(frame);
+ if (ev == NULL) {
+ status = NT_STATUS_NO_MEMORY;
+ goto fail;
+ }
+
+ req = cli_dskattr_send(frame, ev, cli);
+ if (req == NULL) {
+ status = NT_STATUS_NO_MEMORY;
+ goto fail;
+ }
+
+ if (!tevent_req_poll(req, ev)) {
+ status = map_nt_error_from_unix(errno);
+ goto fail;
+ }
+
+ status = cli_dskattr_recv(req, bsize, total, avail);
+
+ fail:
+ TALLOC_FREE(frame);
+ if (!NT_STATUS_IS_OK(status)) {
+ cli_set_error(cli, status);
+ }
+ return status;
+}
+
+#if 0
bool cli_dskattr(struct cli_state *cli, int *bsize, int *total, int *avail)
{
memset(cli->outbuf,'\0',smb_size);
@@ -2078,6 +2296,7 @@ bool cli_dskattr(struct cli_state *cli, int *bsize, int *total, int *avail)
return True;
}
+#endif
/****************************************************************************
Create and open a temporary file.
diff --git a/source3/libsmb/errormap.c b/source3/libsmb/errormap.c
index 4ec30f7e17..0285f22be4 100644
--- a/source3/libsmb/errormap.c
+++ b/source3/libsmb/errormap.c
@@ -20,6 +20,7 @@
*/
#include "includes.h"
+#include "nsswitch/libwbclient/wbclient.h"
/* This map was extracted by the ERRMAPEXTRACT smbtorture command.
The setup was a Samba HEAD (2002-01-03) PDC and an Win2k member
@@ -1503,6 +1504,46 @@ WERROR ntstatus_to_werror(NTSTATUS error)
return W_ERROR(NT_STATUS_V(error) & 0xffff);
}
+/*******************************************************************************
+ Map between wbcErr and NT status.
+*******************************************************************************/
+
+static const struct {
+ wbcErr wbc_err;
+ NTSTATUS nt_status;
+} wbcErr_ntstatus_map[] = {
+ { WBC_ERR_SUCCESS, NT_STATUS_OK },
+ { WBC_ERR_NOT_IMPLEMENTED, NT_STATUS_NOT_IMPLEMENTED },
+ { WBC_ERR_UNKNOWN_FAILURE, NT_STATUS_UNSUCCESSFUL },
+ { WBC_ERR_NO_MEMORY, NT_STATUS_NO_MEMORY },
+ { WBC_ERR_INVALID_SID, NT_STATUS_INVALID_SID },
+ { WBC_ERR_INVALID_PARAM, NT_STATUS_INVALID_PARAMETER },
+ { WBC_ERR_WINBIND_NOT_AVAILABLE, NT_STATUS_SERVER_DISABLED },
+ { WBC_ERR_DOMAIN_NOT_FOUND, NT_STATUS_NO_SUCH_DOMAIN },
+ { WBC_ERR_INVALID_RESPONSE, NT_STATUS_INVALID_NETWORK_RESPONSE },
+ { WBC_ERR_NSS_ERROR, NT_STATUS_INTERNAL_ERROR },
+ { WBC_ERR_AUTH_ERROR, NT_STATUS_LOGON_FAILURE },
+ { WBC_ERR_UNKNOWN_USER, NT_STATUS_NO_SUCH_USER },
+ { WBC_ERR_UNKNOWN_GROUP, NT_STATUS_NO_SUCH_GROUP },
+ { WBC_ERR_PWD_CHANGE_FAILED, NT_STATUS_PASSWORD_RESTRICTION }
+};
+
+NTSTATUS map_nt_error_from_wbcErr(wbcErr wbc_err)
+{
+ int i;
+
+ /* Look through list */
+ for (i=0;i<ARRAY_SIZE(wbcErr_ntstatus_map);i++) {
+ if (wbcErr_ntstatus_map[i].wbc_err == wbc_err) {
+ return wbcErr_ntstatus_map[i].nt_status;
+ }
+ }
+
+ /* Default return */
+ return NT_STATUS_UNSUCCESSFUL;
+}
+
+
#if defined(HAVE_GSSAPI)
/*******************************************************************************
Map between gssapi errors and NT status. I made these up :-(. JRA.
diff --git a/source3/libsmb/libsmb_dir.c b/source3/libsmb/libsmb_dir.c
index 5afc8e48b6..508810538f 100644
--- a/source3/libsmb/libsmb_dir.c
+++ b/source3/libsmb/libsmb_dir.c
@@ -1284,8 +1284,7 @@ SMBC_rmdir_ctx(SMBCCTX *context,
}
/*d_printf(">>>rmdir: resolved path as %s\n", targetpath);*/
-
- if (!cli_rmdir(targetcli, targetpath)) {
+ if (!NT_STATUS_IS_OK(cli_rmdir(targetcli, targetpath))) {
errno = SMBC_errno(context, targetcli);
diff --git a/source3/nmbd/nmbd_packets.c b/source3/nmbd/nmbd_packets.c
index f69845b346..4045184f33 100644
--- a/source3/nmbd/nmbd_packets.c
+++ b/source3/nmbd/nmbd_packets.c
@@ -1936,7 +1936,9 @@ bool send_mailslot(bool unique, const char *mailslot,char *buf, size_t len,
DEBUG(0, ("send_mailslot: Cannot write beyond end of packet\n"));
return False;
} else {
- memcpy(p2,buf,len);
+ if (len) {
+ memcpy(p2,buf,len);
+ }
p2 += len;
}
diff --git a/source3/nmbd/nmbd_processlogon.c b/source3/nmbd/nmbd_processlogon.c
index 8173337da0..43e80af394 100644
--- a/source3/nmbd/nmbd_processlogon.c
+++ b/source3/nmbd/nmbd_processlogon.c
@@ -267,7 +267,7 @@ static void nmbd_proxy_logon_done(struct tevent_req *subreq)
tevent_req_callback_data(subreq,
struct nmbd_proxy_logon_state);
NTSTATUS status;
- DATA_BLOB response;
+ DATA_BLOB response = data_blob_null;
status = cldap_netlogon_recv(subreq, NULL, state, &state->io);
if (!NT_STATUS_IS_OK(status)) {
diff --git a/source3/registry/regfio.c b/source3/registry/regfio.c
index e1c04c4777..074e8414b1 100644
--- a/source3/registry/regfio.c
+++ b/source3/registry/regfio.c
@@ -958,7 +958,7 @@ static REGF_SK_REC* find_sk_record_by_sec_desc( REGF_FILE *file, SEC_DESC *sd )
REGF_SK_REC *p;
for ( p=file->sec_desc_list; p; p=p->next ) {
- if ( sec_desc_equal( p->sec_desc, sd ) )
+ if ( security_descriptor_equal( p->sec_desc, sd ) )
return p;
}
diff --git a/source3/rpc_client/init_netlogon.c b/source3/rpc_client/init_netlogon.c
index cb49381eac..99803aa597 100644
--- a/source3/rpc_client/init_netlogon.c
+++ b/source3/rpc_client/init_netlogon.c
@@ -138,193 +138,6 @@ void init_netr_SamInfo3(struct netr_SamInfo3 *r,
}
/*******************************************************************
- gets a domain user's groups from their already-calculated NT_USER_TOKEN
- ********************************************************************/
-
-static NTSTATUS nt_token_to_group_list(TALLOC_CTX *mem_ctx,
- const DOM_SID *domain_sid,
- size_t num_sids,
- const DOM_SID *sids,
- int *numgroups,
- struct samr_RidWithAttribute **pgids)
-{
- int i;
-
- *numgroups=0;
- *pgids = NULL;
-
- for (i=0; i<num_sids; i++) {
- struct samr_RidWithAttribute gid;
- if (!sid_peek_check_rid(domain_sid, &sids[i], &gid.rid)) {
- continue;
- }
- gid.attributes = (SE_GROUP_MANDATORY|SE_GROUP_ENABLED_BY_DEFAULT|
- SE_GROUP_ENABLED);
- ADD_TO_ARRAY(mem_ctx, struct samr_RidWithAttribute,
- gid, pgids, numgroups);
- if (*pgids == NULL) {
- return NT_STATUS_NO_MEMORY;
- }
- }
- return NT_STATUS_OK;
-}
-
-/****************************************************************************
- inits a netr_SamInfo3 structure from an auth_serversupplied_info. sam3 must
- already be initialized and is used as the talloc parent for its members.
-*****************************************************************************/
-
-NTSTATUS serverinfo_to_SamInfo3(struct auth_serversupplied_info *server_info,
- uint8_t *pipe_session_key,
- size_t pipe_session_key_len,
- struct netr_SamInfo3 *sam3)
-{
- struct samu *sampw;
- struct samr_RidWithAttribute *gids = NULL;
- const DOM_SID *user_sid = NULL;
- const DOM_SID *group_sid = NULL;
- DOM_SID domain_sid;
- uint32 user_rid, group_rid;
- NTSTATUS status;
-
- int num_gids = 0;
- const char *my_name;
-
- struct netr_UserSessionKey user_session_key;
- struct netr_LMSessionKey lm_session_key;
-
- NTTIME last_logon, last_logoff, acct_expiry, last_password_change;
- NTTIME allow_password_change, force_password_change;
- struct samr_RidWithAttributeArray groups;
- int i;
- struct dom_sid2 *sid = NULL;
-
- ZERO_STRUCT(user_session_key);
- ZERO_STRUCT(lm_session_key);
-
- sampw = server_info->sam_account;
-
- user_sid = pdb_get_user_sid(sampw);
- group_sid = pdb_get_group_sid(sampw);
-
- if (pipe_session_key && pipe_session_key_len != 16) {
- DEBUG(0,("serverinfo_to_SamInfo3: invalid "
- "pipe_session_key_len[%zu] != 16\n",
- pipe_session_key_len));
- return NT_STATUS_INTERNAL_ERROR;
- }
-
- if ((user_sid == NULL) || (group_sid == NULL)) {
- DEBUG(1, ("_netr_LogonSamLogon: User without group or user SID\n"));
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- sid_copy(&domain_sid, user_sid);
- sid_split_rid(&domain_sid, &user_rid);
-
- sid = sid_dup_talloc(sam3, &domain_sid);
- if (!sid) {
- return NT_STATUS_NO_MEMORY;
- }
-
- if (!sid_peek_check_rid(&domain_sid, group_sid, &group_rid)) {
- DEBUG(1, ("_netr_LogonSamLogon: user %s\\%s has user sid "
- "%s\n but group sid %s.\n"
- "The conflicting domain portions are not "
- "supported for NETLOGON calls\n",
- pdb_get_domain(sampw),
- pdb_get_username(sampw),
- sid_string_dbg(user_sid),
- sid_string_dbg(group_sid)));
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- if(server_info->login_server) {
- my_name = server_info->login_server;
- } else {
- my_name = global_myname();
- }
-
- status = nt_token_to_group_list(sam3, &domain_sid,
- server_info->num_sids,
- server_info->sids,
- &num_gids, &gids);
-
- if (!NT_STATUS_IS_OK(status)) {
- return status;
- }
-
- if (server_info->user_session_key.length) {
- memcpy(user_session_key.key,
- server_info->user_session_key.data,
- MIN(sizeof(user_session_key.key),
- server_info->user_session_key.length));
- if (pipe_session_key) {
- arcfour_crypt(user_session_key.key, pipe_session_key, 16);
- }
- }
- if (server_info->lm_session_key.length) {
- memcpy(lm_session_key.key,
- server_info->lm_session_key.data,
- MIN(sizeof(lm_session_key.key),
- server_info->lm_session_key.length));
- if (pipe_session_key) {
- arcfour_crypt(lm_session_key.key, pipe_session_key, 8);
- }
- }
-
- groups.count = num_gids;
- groups.rids = TALLOC_ARRAY(sam3, struct samr_RidWithAttribute, groups.count);
- if (!groups.rids) {
- return NT_STATUS_NO_MEMORY;
- }
-
- for (i=0; i < groups.count; i++) {
- groups.rids[i].rid = gids[i].rid;
- groups.rids[i].attributes = gids[i].attributes;
- }
-
- unix_to_nt_time(&last_logon, pdb_get_logon_time(sampw));
- unix_to_nt_time(&last_logoff, get_time_t_max());
- unix_to_nt_time(&acct_expiry, get_time_t_max());
- unix_to_nt_time(&last_password_change, pdb_get_pass_last_set_time(sampw));
- unix_to_nt_time(&allow_password_change, pdb_get_pass_can_change_time(sampw));
- unix_to_nt_time(&force_password_change, pdb_get_pass_must_change_time(sampw));
-
- init_netr_SamInfo3(sam3,
- last_logon,
- last_logoff,
- acct_expiry,
- last_password_change,
- allow_password_change,
- force_password_change,
- talloc_strdup(sam3, pdb_get_username(sampw)),
- talloc_strdup(sam3, pdb_get_fullname(sampw)),
- talloc_strdup(sam3, pdb_get_logon_script(sampw)),
- talloc_strdup(sam3, pdb_get_profile_path(sampw)),
- talloc_strdup(sam3, pdb_get_homedir(sampw)),
- talloc_strdup(sam3, pdb_get_dir_drive(sampw)),
- 0, /* logon_count */
- 0, /* bad_password_count */
- user_rid,
- group_rid,
- groups,
- NETLOGON_EXTRA_SIDS,
- user_session_key,
- my_name,
- talloc_strdup(sam3, pdb_get_domain(sampw)),
- sid,
- lm_session_key,
- pdb_get_acct_ctrl(sampw),
- 0, /* sidcount */
- NULL); /* struct netr_SidAttr *sids */
- ZERO_STRUCT(user_session_key);
- ZERO_STRUCT(lm_session_key);
-
- return NT_STATUS_OK;
-}
-
-/*******************************************************************
inits a structure.
********************************************************************/
diff --git a/source3/rpc_server/srv_pipe_hnd.c b/source3/rpc_server/srv_pipe_hnd.c
index ffb7dde1c3..f2441619ac 100644
--- a/source3/rpc_server/srv_pipe_hnd.c
+++ b/source3/rpc_server/srv_pipe_hnd.c
@@ -1480,3 +1480,190 @@ NTSTATUS rpc_pipe_open_internal(TALLOC_CTX *mem_ctx,
*presult = result;
return NT_STATUS_OK;
}
+
+/*******************************************************************
+ gets a domain user's groups from their already-calculated NT_USER_TOKEN
+ ********************************************************************/
+
+static NTSTATUS nt_token_to_group_list(TALLOC_CTX *mem_ctx,
+ const DOM_SID *domain_sid,
+ size_t num_sids,
+ const DOM_SID *sids,
+ int *numgroups,
+ struct samr_RidWithAttribute **pgids)
+{
+ int i;
+
+ *numgroups=0;
+ *pgids = NULL;
+
+ for (i=0; i<num_sids; i++) {
+ struct samr_RidWithAttribute gid;
+ if (!sid_peek_check_rid(domain_sid, &sids[i], &gid.rid)) {
+ continue;
+ }
+ gid.attributes = (SE_GROUP_MANDATORY|SE_GROUP_ENABLED_BY_DEFAULT|
+ SE_GROUP_ENABLED);
+ ADD_TO_ARRAY(mem_ctx, struct samr_RidWithAttribute,
+ gid, pgids, numgroups);
+ if (*pgids == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ }
+ return NT_STATUS_OK;
+}
+
+/****************************************************************************
+ inits a netr_SamInfo3 structure from an auth_serversupplied_info. sam3 must
+ already be initialized and is used as the talloc parent for its members.
+*****************************************************************************/
+
+NTSTATUS serverinfo_to_SamInfo3(struct auth_serversupplied_info *server_info,
+ uint8_t *pipe_session_key,
+ size_t pipe_session_key_len,
+ struct netr_SamInfo3 *sam3)
+{
+ struct samu *sampw;
+ struct samr_RidWithAttribute *gids = NULL;
+ const DOM_SID *user_sid = NULL;
+ const DOM_SID *group_sid = NULL;
+ DOM_SID domain_sid;
+ uint32 user_rid, group_rid;
+ NTSTATUS status;
+
+ int num_gids = 0;
+ const char *my_name;
+
+ struct netr_UserSessionKey user_session_key;
+ struct netr_LMSessionKey lm_session_key;
+
+ NTTIME last_logon, last_logoff, acct_expiry, last_password_change;
+ NTTIME allow_password_change, force_password_change;
+ struct samr_RidWithAttributeArray groups;
+ int i;
+ struct dom_sid2 *sid = NULL;
+
+ ZERO_STRUCT(user_session_key);
+ ZERO_STRUCT(lm_session_key);
+
+ sampw = server_info->sam_account;
+
+ user_sid = pdb_get_user_sid(sampw);
+ group_sid = pdb_get_group_sid(sampw);
+
+ if (pipe_session_key && pipe_session_key_len != 16) {
+ DEBUG(0,("serverinfo_to_SamInfo3: invalid "
+ "pipe_session_key_len[%zu] != 16\n",
+ pipe_session_key_len));
+ return NT_STATUS_INTERNAL_ERROR;
+ }
+
+ if ((user_sid == NULL) || (group_sid == NULL)) {
+ DEBUG(1, ("_netr_LogonSamLogon: User without group or user SID\n"));
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
+ sid_copy(&domain_sid, user_sid);
+ sid_split_rid(&domain_sid, &user_rid);
+
+ sid = sid_dup_talloc(sam3, &domain_sid);
+ if (!sid) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ if (!sid_peek_check_rid(&domain_sid, group_sid, &group_rid)) {
+ DEBUG(1, ("_netr_LogonSamLogon: user %s\\%s has user sid "
+ "%s\n but group sid %s.\n"
+ "The conflicting domain portions are not "
+ "supported for NETLOGON calls\n",
+ pdb_get_domain(sampw),
+ pdb_get_username(sampw),
+ sid_string_dbg(user_sid),
+ sid_string_dbg(group_sid)));
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
+ if(server_info->login_server) {
+ my_name = server_info->login_server;
+ } else {
+ my_name = global_myname();
+ }
+
+ status = nt_token_to_group_list(sam3, &domain_sid,
+ server_info->num_sids,
+ server_info->sids,
+ &num_gids, &gids);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+
+ if (server_info->user_session_key.length) {
+ memcpy(user_session_key.key,
+ server_info->user_session_key.data,
+ MIN(sizeof(user_session_key.key),
+ server_info->user_session_key.length));
+ if (pipe_session_key) {
+ arcfour_crypt(user_session_key.key, pipe_session_key, 16);
+ }
+ }
+ if (server_info->lm_session_key.length) {
+ memcpy(lm_session_key.key,
+ server_info->lm_session_key.data,
+ MIN(sizeof(lm_session_key.key),
+ server_info->lm_session_key.length));
+ if (pipe_session_key) {
+ arcfour_crypt(lm_session_key.key, pipe_session_key, 8);
+ }
+ }
+
+ groups.count = num_gids;
+ groups.rids = TALLOC_ARRAY(sam3, struct samr_RidWithAttribute, groups.count);
+ if (!groups.rids) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ for (i=0; i < groups.count; i++) {
+ groups.rids[i].rid = gids[i].rid;
+ groups.rids[i].attributes = gids[i].attributes;
+ }
+
+ unix_to_nt_time(&last_logon, pdb_get_logon_time(sampw));
+ unix_to_nt_time(&last_logoff, get_time_t_max());
+ unix_to_nt_time(&acct_expiry, get_time_t_max());
+ unix_to_nt_time(&last_password_change, pdb_get_pass_last_set_time(sampw));
+ unix_to_nt_time(&allow_password_change, pdb_get_pass_can_change_time(sampw));
+ unix_to_nt_time(&force_password_change, pdb_get_pass_must_change_time(sampw));
+
+ init_netr_SamInfo3(sam3,
+ last_logon,
+ last_logoff,
+ acct_expiry,
+ last_password_change,
+ allow_password_change,
+ force_password_change,
+ talloc_strdup(sam3, pdb_get_username(sampw)),
+ talloc_strdup(sam3, pdb_get_fullname(sampw)),
+ talloc_strdup(sam3, pdb_get_logon_script(sampw)),
+ talloc_strdup(sam3, pdb_get_profile_path(sampw)),
+ talloc_strdup(sam3, pdb_get_homedir(sampw)),
+ talloc_strdup(sam3, pdb_get_dir_drive(sampw)),
+ 0, /* logon_count */
+ 0, /* bad_password_count */
+ user_rid,
+ group_rid,
+ groups,
+ NETLOGON_EXTRA_SIDS,
+ user_session_key,
+ my_name,
+ talloc_strdup(sam3, pdb_get_domain(sampw)),
+ sid,
+ lm_session_key,
+ pdb_get_acct_ctrl(sampw),
+ 0, /* sidcount */
+ NULL); /* struct netr_SidAttr *sids */
+ ZERO_STRUCT(user_session_key);
+ ZERO_STRUCT(lm_session_key);
+
+ return NT_STATUS_OK;
+}
diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c
index 629e41c003..9ad509efbb 100644
--- a/source3/rpc_server/srv_spoolss_nt.c
+++ b/source3/rpc_server/srv_spoolss_nt.c
@@ -5864,7 +5864,7 @@ static WERROR update_printer_sec(struct policy_handle *handle,
goto done;
}
- if (sec_desc_equal(new_secdesc_ctr->sd, old_secdesc_ctr->sd)) {
+ if (security_descriptor_equal(new_secdesc_ctr->sd, old_secdesc_ctr->sd)) {
result = WERR_OK;
goto done;
}
@@ -8264,7 +8264,7 @@ WERROR _spoolss_AddForm(pipes_struct *p,
{
struct spoolss_AddFormInfo1 *form = r->in.info.info1;
nt_forms_struct tmpForm;
- int snum;
+ int snum = -1;
WERROR status = WERR_OK;
NT_PRINTER_INFO_LEVEL *printer = NULL;
SE_PRIV se_printop = SE_PRINT_OPERATOR;
@@ -8352,7 +8352,7 @@ WERROR _spoolss_DeleteForm(pipes_struct *p,
int count=0;
nt_forms_struct *list=NULL;
Printer_entry *Printer = find_printer_index_by_hnd(p, r->in.handle);
- int snum;
+ int snum = -1;
WERROR status = WERR_OK;
NT_PRINTER_INFO_LEVEL *printer = NULL;
SE_PRIV se_printop = SE_PRINT_OPERATOR;
@@ -8429,7 +8429,7 @@ WERROR _spoolss_SetForm(pipes_struct *p,
{
struct spoolss_AddFormInfo1 *form = r->in.info.info1;
nt_forms_struct tmpForm;
- int snum;
+ int snum = -1;
WERROR status = WERR_OK;
NT_PRINTER_INFO_LEVEL *printer = NULL;
SE_PRIV se_printop = SE_PRINT_OPERATOR;
diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c
index 056236f22d..4f0e48bd9d 100644
--- a/source3/rpc_server/srv_srvsvc_nt.c
+++ b/source3/rpc_server/srv_srvsvc_nt.c
@@ -1675,7 +1675,7 @@ WERROR _srvsvc_NetShareSetInfo(pipes_struct *p,
old_sd = get_share_security(p->mem_ctx, lp_servicename(snum), &sd_size);
- if (old_sd && !sec_desc_equal(old_sd, psd)) {
+ if (old_sd && !security_descriptor_equal(old_sd, psd)) {
if (!set_share_security(share_name, psd))
DEBUG(0,("_srvsvc_NetShareSetInfo: Failed to change security info in share %s.\n",
share_name ));
diff --git a/source3/rpcclient/cmd_spoolss.c b/source3/rpcclient/cmd_spoolss.c
index 4bcaa291e1..b7ea9640d2 100644
--- a/source3/rpcclient/cmd_spoolss.c
+++ b/source3/rpcclient/cmd_spoolss.c
@@ -2896,7 +2896,7 @@ static bool compare_printer_secdesc( struct rpc_pipe_client *cli1, struct policy
goto done;
}
- if (!sec_desc_equal( sd1, sd2 ) ) {
+ if (!security_descriptor_equal( sd1, sd2 ) ) {
printf("Security Descriptors *not* equal!\n");
result = false;
goto done;
diff --git a/source3/script/tests/test_wbinfo_s3.sh b/source3/script/tests/test_wbinfo_s3.sh
index fa6e20fc72..d47953e0f3 100755
--- a/source3/script/tests/test_wbinfo_s3.sh
+++ b/source3/script/tests/test_wbinfo_s3.sh
@@ -36,6 +36,8 @@ tests="$tests:--domain-groups"
tests="$tests:--name-to-sid=$username"
#Didn't pass yet# tests="$tests:--user-info=$username"
tests="$tests:--user-groups=$username"
+tests="$tests:--allocate-uid"
+tests="$tests:--allocate-gid"
failed=0
diff --git a/source3/smbd/filename.c b/source3/smbd/filename.c
index e35f23ef37..80722a7cd0 100644
--- a/source3/smbd/filename.c
+++ b/source3/smbd/filename.c
@@ -33,9 +33,6 @@ static NTSTATUS build_stream_path(TALLOC_CTX *mem_ctx,
const char *streamname,
SMB_STRUCT_STAT *pst,
char **path);
-static int get_real_filename_mangled(connection_struct *conn, const char *path,
- const char *name, TALLOC_CTX *mem_ctx,
- char **found_name);
/****************************************************************************
Mangle the 2nd name and check if it is then equal to the first name.
@@ -450,7 +447,7 @@ NTSTATUS unix_convert(TALLOC_CTX *ctx,
*/
if (name_has_wildcard ||
- (get_real_filename_mangled(
+ (SMB_VFS_GET_REAL_FILENAME(
conn, dirpath, start,
talloc_tos(), &found_name) == -1)) {
char *unmangled;
@@ -792,12 +789,15 @@ static bool fname_equal(const char *name1, const char *name2,
If the name looks like a mangled name then try via the mangling functions
****************************************************************************/
-static int get_real_filename_mangled(connection_struct *conn, const char *path,
- const char *name, TALLOC_CTX *mem_ctx,
- char **found_name)
+int get_real_filename(connection_struct *conn, const char *path,
+ const char *name, TALLOC_CTX *mem_ctx,
+ char **found_name)
{
+ struct smb_Dir *cur_dir;
+ const char *dname;
bool mangled;
char *unmangled_name = NULL;
+ long curpos;
mangled = mangle_is_mangled(name, conn->params);
@@ -838,24 +838,8 @@ static int get_real_filename_mangled(connection_struct *conn, const char *path,
/* Name is now unmangled. */
name = unmangled_name;
}
- return get_real_filename(conn, path, name, mem_ctx,
- found_name);
}
- return SMB_VFS_GET_REAL_FILENAME(conn, path, name, mem_ctx,
- found_name);
-}
-
-int get_real_filename(connection_struct *conn, const char *path,
- const char *name, TALLOC_CTX *mem_ctx,
- char **found_name)
-{
- struct smb_Dir *cur_dir;
- const char *dname;
- bool mangled;
- char *unmangled_name = NULL;
- long curpos;
-
/* open the directory */
if (!(cur_dir = OpenDir(talloc_tos(), conn, path, NULL, 0))) {
DEBUG(3,("scan dir didn't open dir [%s]\n",path));
diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index 2f84a831c6..bc96838a09 100644
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -3,6 +3,7 @@
SMB NT Security Descriptor / Unix permission conversion.
Copyright (C) Jeremy Allison 1994-2009.
Copyright (C) Andreas Gruenbacher 2002.
+ Copyright (C) Simo Sorce <idra@samba.org> 2009.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -2972,6 +2973,42 @@ static size_t merge_default_aces( SEC_ACE *nt_ace_list, size_t num_aces)
return num_aces;
}
+/*
+ * Add or Replace ACE entry.
+ * In some cases we need to add a specific ACE for compatibility reasons.
+ * When doing that we must make sure we are not actually creating a duplicate
+ * entry. So we need to search whether an ACE entry already exist and eventually
+ * replacce the access mask, or add a completely new entry if none was found.
+ *
+ * This function assumes the array has enough space to add a new entry without
+ * any reallocation of memory.
+ */
+
+static void add_or_replace_ace(SEC_ACE *nt_ace_list, size_t *num_aces,
+ const DOM_SID *sid, enum security_ace_type type,
+ uint32_t mask, uint8_t flags)
+{
+ int i;
+
+ /* first search for a duplicate */
+ for (i = 0; i < *num_aces; i++) {
+ if (sid_equal(&nt_ace_list[i].trustee, sid) &&
+ (nt_ace_list[i].flags == flags)) break;
+ }
+
+ if (i < *num_aces) { /* found */
+ nt_ace_list[i].type = type;
+ nt_ace_list[i].access_mask = mask;
+ DEBUG(10, ("Replacing ACE %d with SID %s and flags %02x\n",
+ i, sid_string_dbg(sid), flags));
+ return;
+ }
+
+ /* not found, append it */
+ init_sec_ace(&nt_ace_list[(*num_aces)++], sid, type, mask, flags);
+}
+
+
/****************************************************************************
Reply to query a security descriptor from an fsp. If it succeeds it allocates
the space for the return elements and returns the size needed to return the
@@ -2999,19 +3036,22 @@ static NTSTATUS posix_get_nt_acl_common(struct connection_struct *conn,
canon_ace *dir_ace = NULL;
SEC_ACE *nt_ace_list = NULL;
size_t num_profile_acls = 0;
+ DOM_SID orig_owner_sid;
SEC_DESC *psd = NULL;
+ int i;
/*
* Get the owner, group and world SIDs.
*/
+ create_file_sids(sbuf, &owner_sid, &group_sid);
+
if (lp_profile_acls(SNUM(conn))) {
/* For WXP SP1 the owner must be administrators. */
+ sid_copy(&orig_owner_sid, &owner_sid);
sid_copy(&owner_sid, &global_sid_Builtin_Administrators);
sid_copy(&group_sid, &global_sid_Builtin_Users);
- num_profile_acls = 2;
- } else {
- create_file_sids(sbuf, &owner_sid, &group_sid);
+ num_profile_acls = 3;
}
if ((security_info & DACL_SECURITY_INFORMATION) && !(security_info & PROTECTED_DACL_SECURITY_INFORMATION)) {
@@ -3132,10 +3172,10 @@ static NTSTATUS posix_get_nt_acl_common(struct connection_struct *conn,
/* The User must have access to a profile share - even
* if we can't map the SID. */
if (lp_profile_acls(SNUM(conn))) {
- init_sec_ace(&nt_ace_list[num_aces++],
- &global_sid_Builtin_Users,
- SEC_ACE_TYPE_ACCESS_ALLOWED,
- FILE_GENERIC_ALL, 0);
+ add_or_replace_ace(nt_ace_list, &num_aces,
+ &global_sid_Builtin_Users,
+ SEC_ACE_TYPE_ACCESS_ALLOWED,
+ FILE_GENERIC_ALL, 0);
}
for (ace = dir_ace; ace != NULL; ace = ace->next) {
@@ -3156,9 +3196,13 @@ static NTSTATUS posix_get_nt_acl_common(struct connection_struct *conn,
/* The User must have access to a profile share - even
* if we can't map the SID. */
if (lp_profile_acls(SNUM(conn))) {
- init_sec_ace(&nt_ace_list[num_aces++], &global_sid_Builtin_Users, SEC_ACE_TYPE_ACCESS_ALLOWED, FILE_GENERIC_ALL,
- SEC_ACE_FLAG_OBJECT_INHERIT|SEC_ACE_FLAG_CONTAINER_INHERIT|
- SEC_ACE_FLAG_INHERIT_ONLY|0);
+ add_or_replace_ace(nt_ace_list, &num_aces,
+ &global_sid_Builtin_Users,
+ SEC_ACE_TYPE_ACCESS_ALLOWED,
+ FILE_GENERIC_ALL,
+ SEC_ACE_FLAG_OBJECT_INHERIT |
+ SEC_ACE_FLAG_CONTAINER_INHERIT |
+ SEC_ACE_FLAG_INHERIT_ONLY);
}
/*
@@ -3169,6 +3213,18 @@ static NTSTATUS posix_get_nt_acl_common(struct connection_struct *conn,
num_aces = merge_default_aces(nt_ace_list, num_aces);
+ if (lp_profile_acls(SNUM(conn))) {
+ for (i = 0; i < num_aces; i++) {
+ if (sid_equal(&nt_ace_list[i].trustee, &owner_sid)) {
+ add_or_replace_ace(nt_ace_list, &num_aces,
+ &orig_owner_sid,
+ nt_ace_list[i].type,
+ nt_ace_list[i].access_mask,
+ nt_ace_list[i].flags);
+ break;
+ }
+ }
+ }
}
if (num_aces) {
diff --git a/source3/torture/mangle_test.c b/source3/torture/mangle_test.c
index 525a1eb3c3..81bdbce04d 100644
--- a/source3/torture/mangle_test.c
+++ b/source3/torture/mangle_test.c
@@ -202,7 +202,7 @@ bool torture_mangle(int dummy)
}
cli_unlink(cli, "\\mangle_test\\*");
- if (!cli_rmdir(cli, "\\mangle_test")) {
+ if (!NT_STATUS_IS_OK(cli_rmdir(cli, "\\mangle_test"))) {
printf("ERROR: Failed to remove directory\n");
return False;
}
diff --git a/source3/torture/nbio.c b/source3/torture/nbio.c
index a010c80985..998adac4e0 100644
--- a/source3/torture/nbio.c
+++ b/source3/torture/nbio.c
@@ -220,7 +220,7 @@ void nb_close(int handle)
void nb_rmdir(const char *fname)
{
- if (!cli_rmdir(c, fname)) {
+ if (!NT_STATUS_IS_OK(cli_rmdir(c, fname))) {
printf("ERROR: rmdir %s failed (%s)\n",
fname, cli_errstr(c));
exit(1);
diff --git a/source3/torture/torture.c b/source3/torture/torture.c
index 0328cfe545..49150c3521 100644
--- a/source3/torture/torture.c
+++ b/source3/torture/torture.c
@@ -2,17 +2,17 @@
Unix SMB/CIFS implementation.
SMB torture tester
Copyright (C) Andrew Tridgell 1997-1998
-
+
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
-
+
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
@@ -94,7 +94,7 @@ void *shm_setup(int size)
See Stevens "advanced programming in unix env" for details
*/
shmctl(shmid, IPC_RMID, 0);
-
+
return ret;
}
@@ -226,7 +226,7 @@ terminate_path_at_separator(char * path)
*p = '\0';
return p + 1;
}
-
+
/* No separator. */
return NULL;
}
@@ -516,7 +516,7 @@ static bool run_torture(int dummy)
cli_sockopt(cli, sockops);
ret = rw_torture(cli);
-
+
if (!torture_close_connection(cli)) {
ret = False;
}
@@ -749,7 +749,7 @@ static bool run_readwritemulti(int dummy)
if (!torture_close_connection(cli)) {
test = False;
}
-
+
return test;
}
@@ -761,17 +761,17 @@ static bool run_readwritelarge(int dummy)
SMB_OFF_T fsize;
char buf[126*1024];
bool correct = True;
-
+
if (!torture_open_connection(&cli1, 0)) {
return False;
}
cli_sockopt(cli1, sockops);
memset(buf,'\0',sizeof(buf));
-
+
cli1->max_xmit = 128*1024;
-
+
printf("starting readwritelarge\n");
-
+
cli_unlink(cli1, lockfname);
fnum1 = cli_open(cli1, lockfname, O_RDWR | O_CREAT | O_EXCL, DENY_NONE);
@@ -779,7 +779,7 @@ static bool run_readwritelarge(int dummy)
printf("open read/write of %s failed (%s)\n", lockfname, cli_errstr(cli1));
return False;
}
-
+
cli_write(cli1, fnum1, 0, buf, 0, sizeof(buf));
if (!cli_qfileinfo(cli1, fnum1, NULL, &fsize, NULL, NULL, NULL, NULL, NULL)) {
@@ -811,11 +811,11 @@ static bool run_readwritelarge(int dummy)
printf("open read/write of %s failed (%s)\n", lockfname, cli_errstr(cli1));
return False;
}
-
+
cli1->max_xmit = 4*1024;
-
+
cli_smbwrite(cli1, fnum1, buf, 0, sizeof(buf));
-
+
if (!cli_qfileinfo(cli1, fnum1, NULL, &fsize, NULL, NULL, NULL, NULL, NULL)) {
printf("qfileinfo failed (%s)\n", cli_errstr(cli1));
correct = False;
@@ -848,7 +848,7 @@ static bool run_readwritelarge(int dummy)
printf("close failed (%s)\n", cli_errstr(cli1));
correct = False;
}
-
+
if (!torture_close_connection(cli1)) {
correct = False;
}
@@ -953,7 +953,7 @@ static bool run_netbench(int client)
if (!torture_close_connection(cli)) {
correct = False;
}
-
+
return correct;
}
@@ -1324,7 +1324,7 @@ static bool run_tcon_devtype_test(int dummy)
if (!tcon_devtest(cli1, "IPC$", "IPC", "IPC", NT_STATUS_OK))
ret = False;
-
+
if (!tcon_devtest(cli1, "IPC$", "FOOBA", NULL, NT_STATUS_BAD_DEVICE_TYPE))
ret = False;
@@ -1339,7 +1339,7 @@ static bool run_tcon_devtype_test(int dummy)
if (!tcon_devtest(cli1, share, "IPC", NULL, NT_STATUS_BAD_DEVICE_TYPE))
ret = False;
-
+
if (!tcon_devtest(cli1, share, "FOOBA", NULL, NT_STATUS_BAD_DEVICE_TYPE))
ret = False;
@@ -1607,7 +1607,7 @@ static bool run_locktest3(int dummy)
if (!torture_close_connection(cli1)) {
correct = False;
}
-
+
if (!torture_close_connection(cli2)) {
correct = False;
}
@@ -1659,7 +1659,7 @@ static bool run_locktest4(int dummy)
cli_lock(cli1, fnum1, 2, 4, 0, WRITE_LOCK);
EXPECTED(ret, False);
printf("the same process %s set overlapping write locks\n", ret?"can":"cannot");
-
+
ret = cli_lock(cli1, fnum1, 10, 4, 0, READ_LOCK) &&
cli_lock(cli1, fnum1, 12, 4, 0, READ_LOCK);
EXPECTED(ret, True);
@@ -1669,17 +1669,17 @@ static bool run_locktest4(int dummy)
cli_lock(cli2, fnum2, 22, 4, 0, WRITE_LOCK);
EXPECTED(ret, False);
printf("a different connection %s set overlapping write locks\n", ret?"can":"cannot");
-
+
ret = cli_lock(cli1, fnum1, 30, 4, 0, READ_LOCK) &&
cli_lock(cli2, fnum2, 32, 4, 0, READ_LOCK);
EXPECTED(ret, True);
printf("a different connection %s set overlapping read locks\n", ret?"can":"cannot");
-
+
ret = (cli_setpid(cli1, 1), cli_lock(cli1, fnum1, 40, 4, 0, WRITE_LOCK)) &&
(cli_setpid(cli1, 2), cli_lock(cli1, fnum1, 42, 4, 0, WRITE_LOCK));
EXPECTED(ret, False);
printf("a different pid %s set overlapping write locks\n", ret?"can":"cannot");
-
+
ret = (cli_setpid(cli1, 1), cli_lock(cli1, fnum1, 50, 4, 0, READ_LOCK)) &&
(cli_setpid(cli1, 2), cli_lock(cli1, fnum1, 52, 4, 0, READ_LOCK));
EXPECTED(ret, True);
@@ -1912,7 +1912,7 @@ static bool run_locktest5(int dummy)
}
printf("finished locktest5\n");
-
+
return correct;
}
@@ -2274,7 +2274,7 @@ static bool run_unlinktest(int dummy)
}
printf("unlink test finished\n");
-
+
return correct;
}
@@ -2394,7 +2394,7 @@ static bool run_randomipc(int dummy)
param_len = (sys_random() % 64);
rand_buf(param, param_len);
-
+
SSVAL(param,0,api);
cli_api(cli,
@@ -2713,7 +2713,7 @@ static bool run_w2ktest(int dummy)
}
printf("w2k test finished\n");
-
+
return correct;
}
@@ -2975,24 +2975,24 @@ static bool run_deletetest(int dummy)
int fnum1 = -1;
int fnum2 = -1;
bool correct = True;
-
+
printf("starting delete test\n");
-
+
if (!torture_open_connection(&cli1, 0)) {
return False;
}
-
+
cli_sockopt(cli1, sockops);
/* Test 1 - this should delete the file on close. */
-
+
cli_setatr(cli1, fname, 0, 0);
cli_unlink(cli1, fname);
-
+
fnum1 = cli_nt_create_full(cli1, fname, 0, GENERIC_ALL_ACCESS|DELETE_ACCESS, FILE_ATTRIBUTE_NORMAL,
0, FILE_OVERWRITE_IF,
FILE_DELETE_ON_CLOSE, 0);
-
+
if (fnum1 == -1) {
printf("[1] open of %s failed (%s)\n", fname, cli_errstr(cli1));
correct = False;
@@ -3022,36 +3022,36 @@ static bool run_deletetest(int dummy)
correct = False;
goto fail;
}
-
+
printf("first delete on close test succeeded.\n");
-
+
/* Test 2 - this should delete the file on close. */
-
+
cli_setatr(cli1, fname, 0, 0);
cli_unlink(cli1, fname);
-
+
fnum1 = cli_nt_create_full(cli1, fname, 0, GENERIC_ALL_ACCESS,
FILE_ATTRIBUTE_NORMAL, FILE_SHARE_NONE,
FILE_OVERWRITE_IF, 0, 0);
-
+
if (fnum1 == -1) {
printf("[2] open of %s failed (%s)\n", fname, cli_errstr(cli1));
correct = False;
goto fail;
}
-
+
if (!cli_nt_delete_on_close(cli1, fnum1, True)) {
printf("[2] setting delete_on_close failed (%s)\n", cli_errstr(cli1));
correct = False;
goto fail;
}
-
+
if (!cli_close(cli1, fnum1)) {
printf("[2] close failed (%s)\n", cli_errstr(cli1));
correct = False;
goto fail;
}
-
+
fnum1 = cli_open(cli1, fname, O_RDONLY, DENY_NONE);
if (fnum1 != -1) {
printf("[2] open of %s succeeded should have been deleted on close !\n", fname);
@@ -3063,7 +3063,7 @@ static bool run_deletetest(int dummy)
cli_unlink(cli1, fname);
} else
printf("second delete on close test succeeded.\n");
-
+
/* Test 3 - ... */
cli_setatr(cli1, fname, 0, 0);
cli_unlink(cli1, fname);
@@ -3105,19 +3105,19 @@ static bool run_deletetest(int dummy)
correct = False;
goto fail;
}
-
+
if (!cli_close(cli1, fnum1)) {
printf("[3] close 1 failed (%s)\n", cli_errstr(cli1));
correct = False;
goto fail;
}
-
+
if (!cli_close(cli1, fnum2)) {
printf("[3] close 2 failed (%s)\n", cli_errstr(cli1));
correct = False;
goto fail;
}
-
+
/* This should fail - file should no longer be there. */
fnum1 = cli_open(cli1, fname, O_RDONLY, DENY_NONE);
@@ -3138,7 +3138,7 @@ static bool run_deletetest(int dummy)
fnum1 = cli_nt_create_full(cli1, fname, 0, FILE_READ_DATA|FILE_WRITE_DATA|DELETE_ACCESS,
FILE_ATTRIBUTE_NORMAL, FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_OVERWRITE_IF, 0, 0);
-
+
if (fnum1 == -1) {
printf("[4] open of %s failed (%s)\n", fname, cli_errstr(cli1));
correct = False;
@@ -3153,19 +3153,19 @@ static bool run_deletetest(int dummy)
correct = False;
goto fail;
}
-
+
if (!cli_close(cli1, fnum2)) {
printf("[4] close - 1 failed (%s)\n", cli_errstr(cli1));
correct = False;
goto fail;
}
-
+
if (!cli_nt_delete_on_close(cli1, fnum1, True)) {
printf("[4] setting delete_on_close failed (%s)\n", cli_errstr(cli1));
correct = False;
goto fail;
}
-
+
/* This should fail - no more opens once delete on close set. */
fnum2 = cli_nt_create_full(cli1, fname, 0, GENERIC_READ_ACCESS,
FILE_ATTRIBUTE_NORMAL, FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE,
@@ -3176,17 +3176,17 @@ static bool run_deletetest(int dummy)
goto fail;
} else
printf("fourth delete on close test succeeded.\n");
-
+
if (!cli_close(cli1, fnum1)) {
printf("[4] close - 2 failed (%s)\n", cli_errstr(cli1));
correct = False;
goto fail;
}
-
+
/* Test 5 ... */
cli_setatr(cli1, fname, 0, 0);
cli_unlink(cli1, fname);
-
+
fnum1 = cli_open(cli1, fname, O_RDWR|O_CREAT, DENY_NONE);
if (fnum1 == -1) {
printf("[5] open of %s failed (%s)\n", fname, cli_errstr(cli1));
@@ -3207,25 +3207,25 @@ static bool run_deletetest(int dummy)
correct = False;
goto fail;
}
-
+
printf("fifth delete on close test succeeded.\n");
-
+
/* Test 6 ... */
cli_setatr(cli1, fname, 0, 0);
cli_unlink(cli1, fname);
-
+
fnum1 = cli_nt_create_full(cli1, fname, 0, FILE_READ_DATA|FILE_WRITE_DATA,
FILE_ATTRIBUTE_NORMAL, FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE,
FILE_OVERWRITE_IF, 0, 0);
-
+
if (fnum1 == -1) {
printf("[6] open of %s failed (%s)\n", fname, cli_errstr(cli1));
correct = False;
goto fail;
}
-
+
/* This should fail - only allowed on NT opens with DELETE access. */
-
+
if (cli_nt_delete_on_close(cli1, fnum1, True)) {
printf("[6] setting delete_on_close on file with no delete access succeeded - should fail !\n");
correct = False;
@@ -3239,14 +3239,14 @@ static bool run_deletetest(int dummy)
}
printf("sixth delete on close test succeeded.\n");
-
+
/* Test 7 ... */
cli_setatr(cli1, fname, 0, 0);
cli_unlink(cli1, fname);
-
+
fnum1 = cli_nt_create_full(cli1, fname, 0, FILE_READ_DATA|FILE_WRITE_DATA|DELETE_ACCESS,
FILE_ATTRIBUTE_NORMAL, 0, FILE_OVERWRITE_IF, 0, 0);
-
+
if (fnum1 == -1) {
printf("[7] open of %s failed (%s)\n", fname, cli_errstr(cli1));
correct = False;
@@ -3258,7 +3258,7 @@ static bool run_deletetest(int dummy)
correct = False;
goto fail;
}
-
+
if (!cli_nt_delete_on_close(cli1, fnum1, False)) {
printf("[7] unsetting delete_on_close on file failed !\n");
correct = False;
@@ -3270,9 +3270,9 @@ static bool run_deletetest(int dummy)
correct = False;
goto fail;
}
-
+
/* This next open should succeed - we reset the flag. */
-
+
fnum1 = cli_open(cli1, fname, O_RDONLY, DENY_NONE);
if (fnum1 == -1) {
printf("[5] open of %s failed (%s)\n", fname, cli_errstr(cli1));
@@ -3287,11 +3287,11 @@ static bool run_deletetest(int dummy)
}
printf("seventh delete on close test succeeded.\n");
-
+
/* Test 7 ... */
cli_setatr(cli1, fname, 0, 0);
cli_unlink(cli1, fname);
-
+
if (!torture_open_connection(&cli2, 1)) {
printf("[8] failed to open second connection.\n");
correct = False;
@@ -3299,11 +3299,11 @@ static bool run_deletetest(int dummy)
}
cli_sockopt(cli1, sockops);
-
+
fnum1 = cli_nt_create_full(cli1, fname, 0, FILE_READ_DATA|FILE_WRITE_DATA|DELETE_ACCESS,
FILE_ATTRIBUTE_NORMAL, FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE,
FILE_OVERWRITE_IF, 0, 0);
-
+
if (fnum1 == -1) {
printf("[8] open 1 of %s failed (%s)\n", fname, cli_errstr(cli1));
correct = False;
@@ -3313,7 +3313,7 @@ static bool run_deletetest(int dummy)
fnum2 = cli_nt_create_full(cli2, fname, 0, FILE_READ_DATA|FILE_WRITE_DATA|DELETE_ACCESS,
FILE_ATTRIBUTE_NORMAL, FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE,
FILE_OPEN, 0, 0);
-
+
if (fnum2 == -1) {
printf("[8] open 2 of %s failed (%s)\n", fname, cli_errstr(cli2));
correct = False;
@@ -3325,7 +3325,7 @@ static bool run_deletetest(int dummy)
correct = False;
goto fail;
}
-
+
if (!cli_close(cli1, fnum1)) {
printf("[8] close - 1 failed (%s)\n", cli_errstr(cli1));
correct = False;
@@ -3350,7 +3350,7 @@ static bool run_deletetest(int dummy)
/* This should fail - we need to set DELETE_ACCESS. */
fnum1 = cli_nt_create_full(cli1, fname, 0,FILE_READ_DATA|FILE_WRITE_DATA,
FILE_ATTRIBUTE_NORMAL, FILE_SHARE_NONE, FILE_OVERWRITE_IF, FILE_DELETE_ON_CLOSE, 0);
-
+
if (fnum1 != -1) {
printf("[9] open of %s succeeded should have failed!\n", fname);
correct = False;
@@ -3408,7 +3408,7 @@ static bool run_deletetest(int dummy)
fnum1 = cli_nt_create_full(cli1, fname, 0, FILE_READ_ATTRIBUTES|DELETE_ACCESS,
0, FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE,
FILE_OVERWRITE_IF, 0, 0);
-
+
if (fnum1 != -1) {
printf("[11] open of %s succeeded should have been denied with ACCESS_DENIED!\n", fname);
cli_close(cli1, fnum1);
@@ -3424,14 +3424,14 @@ static bool run_deletetest(int dummy)
printf("eleventh delete on close test succeeded.\n");
}
}
-
+
printf("finished delete test\n");
fail:
/* FIXME: This will crash if we aborted before cli2 got
* intialized, because these functions don't handle
* uninitialized connections. */
-
+
if (fnum1 != -1) cli_close(cli1, fnum1);
if (fnum2 != -1) cli_close(cli1, fnum2);
cli_setatr(cli1, fname, 0, 0);
@@ -3452,17 +3452,17 @@ static bool run_deletetest(int dummy)
*/
static bool run_properties(int dummy)
{
- static struct cli_state *cli;
+ struct cli_state *cli;
bool correct = True;
-
+
printf("starting properties test\n");
-
+
ZERO_STRUCT(cli);
if (!torture_open_connection(&cli, 0)) {
return False;
}
-
+
cli_sockopt(cli, sockops);
d_printf("Capabilities 0x%08x\n", cli->capabilities);
@@ -3506,11 +3506,11 @@ static bool run_xcopy(int dummy)
int fnum1, fnum2;
printf("starting xcopy test\n");
-
+
if (!torture_open_connection(&cli1, 0)) {
return False;
}
-
+
fnum1 = cli_nt_create_full(cli1, fname, 0,
FIRST_DESIRED_ACCESS, FILE_ATTRIBUTE_ARCHIVE,
FILE_SHARE_NONE, FILE_OVERWRITE_IF,
@@ -3529,11 +3529,11 @@ static bool run_xcopy(int dummy)
printf("second open failed - %s\n", cli_errstr(cli1));
return False;
}
-
+
if (!torture_close_connection(cli1)) {
correct = False;
}
-
+
return correct;
}
@@ -3549,11 +3549,11 @@ static bool run_rename(int dummy)
int fnum1;
printf("starting rename test\n");
-
+
if (!torture_open_connection(&cli1, 0)) {
return False;
}
-
+
cli_unlink(cli1, fname);
cli_unlink(cli1, fname1);
fnum1 = cli_nt_create_full(cli1, fname, 0, GENERIC_READ_ACCESS, FILE_ATTRIBUTE_NORMAL,
@@ -3629,7 +3629,7 @@ static bool run_rename(int dummy)
printf("[8] setting delete_on_close on file failed !\n");
return False;
}
-
+
if (!cli_close(cli1, fnum2)) {
printf("close - 4 failed (%s)\n", cli_errstr(cli1));
return False;
@@ -3721,11 +3721,11 @@ static bool run_rename(int dummy)
cli_unlink(cli1, fname);
cli_unlink(cli1, fname1);
-
+
if (!torture_close_connection(cli1)) {
correct = False;
}
-
+
return correct;
}
@@ -3774,16 +3774,16 @@ static bool run_opentest(int dummy)
char *tmp_path;
printf("starting open test\n");
-
+
if (!torture_open_connection(&cli1, 0)) {
return False;
}
-
+
cli_setatr(cli1, fname, 0, 0);
cli_unlink(cli1, fname);
-
+
cli_sockopt(cli1, sockops);
-
+
fnum1 = cli_open(cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE);
if (fnum1 == -1) {
printf("open of %s failed (%s)\n", fname, cli_errstr(cli1));
@@ -3794,67 +3794,67 @@ static bool run_opentest(int dummy)
printf("close2 failed (%s)\n", cli_errstr(cli1));
return False;
}
-
+
if (!cli_setatr(cli1, fname, aRONLY, 0)) {
printf("cli_setatr failed (%s)\n", cli_errstr(cli1));
return False;
}
-
+
fnum1 = cli_open(cli1, fname, O_RDONLY, DENY_WRITE);
if (fnum1 == -1) {
printf("open of %s failed (%s)\n", fname, cli_errstr(cli1));
return False;
}
-
+
/* This will fail - but the error should be ERRnoaccess, not ERRbadshare. */
fnum2 = cli_open(cli1, fname, O_RDWR, DENY_ALL);
-
+
if (check_error(__LINE__, cli1, ERRDOS, ERRnoaccess,
NT_STATUS_ACCESS_DENIED)) {
printf("correct error code ERRDOS/ERRnoaccess returned\n");
}
-
+
printf("finished open test 1\n");
-
+
cli_close(cli1, fnum1);
-
+
/* Now try not readonly and ensure ERRbadshare is returned. */
-
+
cli_setatr(cli1, fname, 0, 0);
-
+
fnum1 = cli_open(cli1, fname, O_RDONLY, DENY_WRITE);
if (fnum1 == -1) {
printf("open of %s failed (%s)\n", fname, cli_errstr(cli1));
return False;
}
-
+
/* This will fail - but the error should be ERRshare. */
fnum2 = cli_open(cli1, fname, O_RDWR, DENY_ALL);
-
+
if (check_error(__LINE__, cli1, ERRDOS, ERRbadshare,
NT_STATUS_SHARING_VIOLATION)) {
printf("correct error code ERRDOS/ERRbadshare returned\n");
}
-
+
if (!cli_close(cli1, fnum1)) {
printf("close2 failed (%s)\n", cli_errstr(cli1));
return False;
}
-
+
cli_unlink(cli1, fname);
-
+
printf("finished open test 2\n");
-
+
/* Test truncate open disposition on file opened for read. */
-
+
fnum1 = cli_open(cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE);
if (fnum1 == -1) {
printf("(3) open (1) of %s failed (%s)\n", fname, cli_errstr(cli1));
return False;
}
-
+
/* write 20 bytes. */
-
+
memset(buf, '\0', 20);
if (cli_write(cli1, fnum1, 0, buf, 0, 20) != 20) {
@@ -3866,26 +3866,26 @@ static bool run_opentest(int dummy)
printf("(3) close1 failed (%s)\n", cli_errstr(cli1));
return False;
}
-
+
/* Ensure size == 20. */
if (!cli_getatr(cli1, fname, NULL, &fsize, NULL)) {
printf("(3) getatr failed (%s)\n", cli_errstr(cli1));
return False;
}
-
+
if (fsize != 20) {
printf("(3) file size != 20\n");
return False;
}
/* Now test if we can truncate a file opened for readonly. */
-
+
fnum1 = cli_open(cli1, fname, O_RDONLY|O_TRUNC, DENY_NONE);
if (fnum1 == -1) {
printf("(3) open (2) of %s failed (%s)\n", fname, cli_errstr(cli1));
return False;
}
-
+
if (!cli_close(cli1, fnum1)) {
printf("close2 failed (%s)\n", cli_errstr(cli1));
return False;
@@ -3902,7 +3902,7 @@ static bool run_opentest(int dummy)
return False;
}
printf("finished open test 3\n");
-
+
cli_unlink(cli1, fname);
@@ -3919,20 +3919,20 @@ static bool run_opentest(int dummy)
if (!cli_unlink(cli1, tmp_path)) {
printf("unlink of temp failed (%s)\n", cli_errstr(cli1));
}
-
+
/* Test the non-io opens... */
if (!torture_open_connection(&cli2, 1)) {
return False;
}
-
+
cli_setatr(cli2, fname, 0, 0);
cli_unlink(cli2, fname);
-
+
cli_sockopt(cli2, sockops);
printf("TEST #1 testing 2 non-io opens (no delete)\n");
-
+
fnum1 = cli_nt_create_full(cli1, fname, 0, FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL,
FILE_SHARE_NONE, FILE_OVERWRITE_IF, 0, 0);
@@ -3963,7 +3963,7 @@ static bool run_opentest(int dummy)
cli_unlink(cli1, fname);
printf("TEST #2 testing 2 non-io opens (first with delete)\n");
-
+
fnum1 = cli_nt_create_full(cli1, fname, 0, DELETE_ACCESS|FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL,
FILE_SHARE_NONE, FILE_OVERWRITE_IF, 0, 0);
@@ -3994,7 +3994,7 @@ static bool run_opentest(int dummy)
cli_unlink(cli1, fname);
printf("TEST #3 testing 2 non-io opens (second with delete)\n");
-
+
fnum1 = cli_nt_create_full(cli1, fname, 0, FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL,
FILE_SHARE_NONE, FILE_OVERWRITE_IF, 0, 0);
@@ -4025,7 +4025,7 @@ static bool run_opentest(int dummy)
cli_unlink(cli1, fname);
printf("TEST #4 testing 2 non-io opens (both with delete)\n");
-
+
fnum1 = cli_nt_create_full(cli1, fname, 0, DELETE_ACCESS|FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL,
FILE_SHARE_NONE, FILE_OVERWRITE_IF, 0, 0);
@@ -4054,7 +4054,7 @@ static bool run_opentest(int dummy)
cli_unlink(cli1, fname);
printf("TEST #5 testing 2 non-io opens (both with delete - both with file share delete)\n");
-
+
fnum1 = cli_nt_create_full(cli1, fname, 0, DELETE_ACCESS|FILE_READ_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL,
FILE_SHARE_DELETE, FILE_OVERWRITE_IF, 0, 0);
@@ -4084,7 +4084,7 @@ static bool run_opentest(int dummy)
printf("non-io open test #5 passed.\n");
printf("TEST #6 testing 1 non-io open, one io open\n");
-
+
cli_unlink(cli1, fname);
fnum1 = cli_nt_create_full(cli1, fname, 0, FILE_READ_DATA, FILE_ATTRIBUTE_NORMAL,
@@ -4152,7 +4152,7 @@ static bool run_opentest(int dummy)
if (!torture_close_connection(cli2)) {
correct = False;
}
-
+
return correct;
}
@@ -4335,11 +4335,11 @@ static bool run_openattrtest(int dummy)
unsigned int i, j, k, l;
printf("starting open attr test\n");
-
+
if (!torture_open_connection(&cli1, 0)) {
return False;
}
-
+
cli_sockopt(cli1, sockops);
for (k = 0, i = 0; i < sizeof(open_attrs_table)/sizeof(uint32); i++) {
@@ -4432,7 +4432,7 @@ static bool run_openattrtest(int dummy)
static void list_fn(const char *mnt, file_info *finfo, const char *name, void *state)
{
-
+
}
/*
@@ -4500,7 +4500,7 @@ static void del_fn(const char *mnt, file_info *finfo, const char *mask, void *st
return;
if (finfo->mode & aDIR) {
- if (!cli_rmdir(pcli, fname))
+ if (!NT_STATUS_IS_OK(cli_rmdir(pcli, fname)))
printf("del_fn: failed to rmdir %s\n,", fname );
} else {
if (!cli_unlink(pcli, fname))
@@ -4601,17 +4601,17 @@ bool torture_chkpath_test(int dummy)
}
cli_close(cli, fnum);
- if (!cli_chkpath(cli, "\\chkpath.dir")) {
+ if (!NT_STATUS_IS_OK(cli_chkpath(cli, "\\chkpath.dir"))) {
printf("chkpath1 failed: %s\n", cli_errstr(cli));
ret = False;
}
- if (!cli_chkpath(cli, "\\chkpath.dir\\dir2")) {
+ if (!NT_STATUS_IS_OK(cli_chkpath(cli, "\\chkpath.dir\\dir2"))) {
printf("chkpath2 failed: %s\n", cli_errstr(cli));
ret = False;
}
- if (!cli_chkpath(cli, "\\chkpath.dir\\foo.txt")) {
+ if (!NT_STATUS_IS_OK(cli_chkpath(cli, "\\chkpath.dir\\foo.txt"))) {
ret = check_error(__LINE__, cli, ERRDOS, ERRbadpath,
NT_STATUS_NOT_A_DIRECTORY);
} else {
@@ -4619,7 +4619,7 @@ bool torture_chkpath_test(int dummy)
ret = False;
}
- if (!cli_chkpath(cli, "\\chkpath.dir\\bar.txt")) {
+ if (!NT_STATUS_IS_OK(cli_chkpath(cli, "\\chkpath.dir\\bar.txt"))) {
ret = check_error(__LINE__, cli, ERRDOS, ERRbadfile,
NT_STATUS_OBJECT_NAME_NOT_FOUND);
} else {
@@ -4627,7 +4627,7 @@ bool torture_chkpath_test(int dummy)
ret = False;
}
- if (!cli_chkpath(cli, "\\chkpath.dir\\dirxx\\bar.txt")) {
+ if (!NT_STATUS_IS_OK(cli_chkpath(cli, "\\chkpath.dir\\dirxx\\bar.txt"))) {
ret = check_error(__LINE__, cli, ERRDOS, ERRbadpath,
NT_STATUS_OBJECT_PATH_NOT_FOUND);
} else {
@@ -4657,12 +4657,12 @@ static bool run_eatest(int dummy)
TALLOC_CTX *mem_ctx = talloc_init("eatest");
printf("starting eatest\n");
-
+
if (!torture_open_connection(&cli, 0)) {
talloc_destroy(mem_ctx);
return False;
}
-
+
cli_unlink(cli, fname);
fnum = cli_nt_create_full(cli, fname, 0,
FIRST_DESIRED_ACCESS, FILE_ATTRIBUTE_ARCHIVE,
@@ -4686,7 +4686,7 @@ static bool run_eatest(int dummy)
return False;
}
}
-
+
cli_close(cli, fnum);
for (i = 0; i < 10; i++) {
fstring ea_name, ea_val;
@@ -4699,7 +4699,7 @@ static bool run_eatest(int dummy)
return False;
}
}
-
+
if (!cli_get_ea_list_path(cli, fname, mem_ctx, &num_eas, &ea_list)) {
printf("ea_get list failed - %s\n", cli_errstr(cli));
correct = False;
@@ -4762,7 +4762,7 @@ static bool run_eatest(int dummy)
if (!torture_close_connection(cli)) {
correct = False;
}
-
+
return correct;
}
@@ -4848,7 +4848,7 @@ static bool run_dirtest1(int dummy)
}
static bool run_error_map_extract(int dummy) {
-
+
static struct cli_state *c_dos;
static struct cli_state *c_nt;
NTSTATUS status;
@@ -4917,9 +4917,9 @@ static bool run_error_map_extract(int dummy) {
workgroup))) {
printf("/** Session setup succeeded. This shouldn't happen...*/\n");
}
-
+
flgs2 = SVAL(c_nt->inbuf,smb_flg2);
-
+
/* Case #1: 32-bit NT errors */
if (flgs2 & FLAGS2_32_BIT_ERROR_CODES) {
nt_status = NT_STATUS(IVAL(c_nt->inbuf,smb_rcls));
@@ -4936,7 +4936,7 @@ static bool run_error_map_extract(int dummy) {
printf("/** Session setup succeeded. This shouldn't happen...*/\n");
}
flgs2 = SVAL(c_dos->inbuf,smb_flg2), errnum;
-
+
/* Case #1: 32-bit NT errors */
if (flgs2 & FLAGS2_32_BIT_ERROR_CODES) {
printf("/** NT error on DOS connection! (%s) */\n",
@@ -4951,7 +4951,7 @@ static bool run_error_map_extract(int dummy) {
get_nt_error_c_code(NT_STATUS(error)),
get_nt_error_c_code(nt_status));
}
-
+
printf("\t{%s,\t%s,\t%s},\n",
smb_dos_err_class(errclass),
smb_dos_err_name(errclass, errnum),
@@ -5112,7 +5112,7 @@ static bool run_mangle1(int dummy)
int fnum;
fstring alt_name;
NTSTATUS status;
- time_t change, access, write;
+ time_t change_time, access_time, write_time;
SMB_OFF_T size;
uint16_t mode;
@@ -5148,8 +5148,8 @@ static bool run_mangle1(int dummy)
}
cli_close(cli, fnum);
- if (!cli_qpathinfo(cli, alt_name, &change, &access, &write, &size,
- &mode)) {
+ if (!cli_qpathinfo(cli, alt_name, &change_time, &access_time,
+ &write_time, &size, &mode)) {
d_printf("cli_qpathinfo(%s) failed: %s\n", alt_name,
cli_errstr(cli));
return false;
@@ -5356,7 +5356,7 @@ static bool run_local_gencache(int dummy)
__location__);
return False;
}
-
+
if (gencache_get("foo", &val, &tm)) {
d_printf("%s: gencache_get() on deleted entry "
"succeeded\n", __location__);
@@ -5828,7 +5828,7 @@ static double create_procs(bool (*fn)(int), bool *result)
}
printf("\n");
-
+
for (i=0;i<nprocs;i++) {
if (!child_status_out[i]) {
*result = False;
@@ -5927,7 +5927,7 @@ static bool run_test(const char *name)
}
found = True;
}
-
+
for (i=0;torture_ops[i].name;i++) {
fstr_sprintf(randomfname, "\\XX%x",
(unsigned)random());
@@ -5941,7 +5941,6 @@ static bool run_test(const char *name)
ret = False;
printf("TEST %s FAILED!\n", name);
}
-
} else {
start_timer();
if (!torture_ops[i].fn(0)) {
@@ -5996,7 +5995,7 @@ static void usage(void)
printf("\n");
printf("default test is ALL\n");
-
+
exit(1);
}
@@ -6036,7 +6035,7 @@ static void usage(void)
for(p = argv[1]; *p; p++)
if(*p == '\\')
*p = '/';
-
+
if (strncmp(argv[1], "//", 2)) {
usage();
}
diff --git a/source3/utils/net_rpc_printer.c b/source3/utils/net_rpc_printer.c
index 477ddf7f26..ea613e7886 100644
--- a/source3/utils/net_rpc_printer.c
+++ b/source3/utils/net_rpc_printer.c
@@ -400,7 +400,7 @@ NTSTATUS net_copy_file(struct net_context *c,
}
- if (!is_file && !cli_chkpath(cli_share_dst, dst_name)) {
+ if (!is_file && !NT_STATUS_IS_OK(cli_chkpath(cli_share_dst, dst_name))) {
/* creating dir */
DEBUGADD(3,("creating dir %s on the destination server\n",
@@ -412,7 +412,7 @@ NTSTATUS net_copy_file(struct net_context *c,
nt_status = NT_STATUS_NO_SUCH_FILE;
}
- if (!cli_chkpath(cli_share_dst, dst_name)) {
+ if (!NT_STATUS_IS_OK(cli_chkpath(cli_share_dst, dst_name))) {
d_fprintf(stderr, "cannot check for directory %s: %s\n",
dst_name, cli_errstr(cli_share_dst));
goto out;
@@ -561,7 +561,7 @@ static NTSTATUS check_arch_dir(struct cli_state *cli_share, const char *short_ar
nt_status = NT_STATUS_NO_SUCH_FILE;
}
- if (!cli_chkpath(cli_share, dir)) {
+ if (!NT_STATUS_IS_OK(cli_chkpath(cli_share, dir))) {
d_fprintf(stderr, "cannot check %s: %s\n",
dir, cli_errstr(cli_share));
goto out;
diff --git a/source4/build/make/rules.mk b/source4/build/make/rules.mk
index e38496ff34..96b2a1ff8b 100644
--- a/source4/build/make/rules.mk
+++ b/source4/build/make/rules.mk
@@ -182,7 +182,7 @@ showflags::
@echo ' MDLD_FLAGS = $(MDLD_FLAGS)'
@echo ' SHLIBEXT = $(SHLIBEXT)'
-base_srcdirs = $(srcdir) ../librpc/ ../lib/ ../libcli ../libgpo
+base_srcdirs = $(srcdir) ../librpc/ ../lib/ ../libcli ../libgpo ../nsswitch
etags:
etags $(ETAGS_OPTIONS) `find $(base_srcdirs) -name "*.[ch]"`
diff --git a/source4/dsdb/samdb/ldb_modules/anr.c b/source4/dsdb/samdb/ldb_modules/anr.c
index a04f5ebfa6..deeccac072 100644
--- a/source4/dsdb/samdb/ldb_modules/anr.c
+++ b/source4/dsdb/samdb/ldb_modules/anr.c
@@ -89,6 +89,7 @@ static struct ldb_parse_tree *make_match_tree(struct ldb_module *module,
match_tree->u.substring.chunks = talloc_array(match_tree, struct ldb_val *, 2);
if (match_tree->u.substring.chunks == NULL){
+ talloc_free(match_tree);
ldb_oom(ldb);
return NULL;
}
@@ -99,6 +100,9 @@ static struct ldb_parse_tree *make_match_tree(struct ldb_module *module,
match_tree->u.equality.attr = attr;
match_tree->u.equality.value = *match;
break;
+ default:
+ talloc_free(match_tree);
+ return NULL;
}
return match_tree;
}
diff --git a/source4/dsdb/samdb/ldb_modules/partition.c b/source4/dsdb/samdb/ldb_modules/partition.c
index 3231f7ab0f..663ff074af 100644
--- a/source4/dsdb/samdb/ldb_modules/partition.c
+++ b/source4/dsdb/samdb/ldb_modules/partition.c
@@ -151,7 +151,7 @@ static struct dsdb_control_current_partition *find_partition(struct partition_pr
}
return NULL;
-};
+}
/**
* fire the caller's callback for every entry, but only send 'done' once.
diff --git a/source4/headermap.txt b/source4/headermap.txt
index 1c86f9e934..fb6be56936 100644
--- a/source4/headermap.txt
+++ b/source4/headermap.txt
@@ -30,7 +30,7 @@ auth/credentials/credentials.h: credentials.h
auth/credentials/credentials_krb5.h: credentials/krb5.h
rpc_server/dcerpc_server.h: dcerpc_server.h
rpc_server/common/common.h: dcerpc_server/common.h
-libcli/auth/credentials.h: domain_credentials.h
+../libcli/auth/credentials.h: domain_credentials.h
../lib/util/charset/charset.h: charset.h
libcli/ldap/ldap.h: ldap-util.h
../lib/torture/torture.h: torture.h
diff --git a/source4/libcli/raw/rawfile.c b/source4/libcli/raw/rawfile.c
index 63de051b33..6fac7b8605 100644
--- a/source4/libcli/raw/rawfile.c
+++ b/source4/libcli/raw/rawfile.c
@@ -796,6 +796,7 @@ _PUBLIC_ struct smbcli_request *smb_raw_close_send(struct smbcli_tree *tree, uni
break;
case RAW_CLOSE_SMB2:
+ case RAW_CLOSE_GENERIC:
return NULL;
}
diff --git a/source4/libcli/smb_composite/connect.c b/source4/libcli/smb_composite/connect.c
index 3db777ddc8..a5d05b7af1 100644
--- a/source4/libcli/smb_composite/connect.c
+++ b/source4/libcli/smb_composite/connect.c
@@ -418,6 +418,8 @@ static void state_handler(struct composite_context *c)
case CONNECT_TCON:
c->status = connect_tcon(c, state->io);
break;
+ case CONNECT_DONE:
+ break;
}
if (state->stage == CONNECT_DONE) {
diff --git a/source4/libcli/util/errormap.c b/source4/libcli/util/errormap.c
index 930e45b214..22bf6121c9 100644
--- a/source4/libcli/util/errormap.c
+++ b/source4/libcli/util/errormap.c
@@ -21,6 +21,7 @@
#include "includes.h"
#include "librpc/ndr/libndr.h"
+#include "nsswitch/libwbclient/wbclient.h"
/* This map was extracted by the ERRMAPEXTRACT smbtorture command.
The setup was a Samba HEAD (2002-01-03) PDC and an Win2k member
@@ -1406,3 +1407,39 @@ NTSTATUS ndr_map_error2ntstatus(enum ndr_err_code ndr_err)
/* we should map all error codes to different status codes */
return NT_STATUS_INVALID_PARAMETER;
}
+
+static const struct {
+ wbcErr wbc_err;
+ NTSTATUS nt_status;
+} wbcErr_ntstatus_map[] = {
+ { WBC_ERR_SUCCESS, NT_STATUS_OK },
+ { WBC_ERR_NOT_IMPLEMENTED, NT_STATUS_NOT_IMPLEMENTED },
+ { WBC_ERR_UNKNOWN_FAILURE, NT_STATUS_UNSUCCESSFUL },
+ { WBC_ERR_NO_MEMORY, NT_STATUS_NO_MEMORY },
+ { WBC_ERR_INVALID_SID, NT_STATUS_INVALID_SID },
+ { WBC_ERR_INVALID_PARAM, NT_STATUS_INVALID_PARAMETER },
+ { WBC_ERR_WINBIND_NOT_AVAILABLE, NT_STATUS_SERVER_DISABLED },
+ { WBC_ERR_DOMAIN_NOT_FOUND, NT_STATUS_NO_SUCH_DOMAIN },
+ { WBC_ERR_INVALID_RESPONSE, NT_STATUS_INVALID_NETWORK_RESPONSE },
+ { WBC_ERR_NSS_ERROR, NT_STATUS_INTERNAL_ERROR },
+ { WBC_ERR_AUTH_ERROR, NT_STATUS_LOGON_FAILURE },
+ { WBC_ERR_UNKNOWN_USER, NT_STATUS_NO_SUCH_USER },
+ { WBC_ERR_UNKNOWN_GROUP, NT_STATUS_NO_SUCH_GROUP },
+ { WBC_ERR_PWD_CHANGE_FAILED, NT_STATUS_PASSWORD_RESTRICTION }
+};
+
+NTSTATUS map_nt_error_from_wbcErr(wbcErr wbc_err)
+{
+ int i;
+
+ /* Look through list */
+ for (i=0;i<ARRAY_SIZE(wbcErr_ntstatus_map);i++) {
+ if (wbcErr_ntstatus_map[i].wbc_err == wbc_err) {
+ return wbcErr_ntstatus_map[i].nt_status;
+ }
+ }
+
+ /* Default return */
+ return NT_STATUS_UNSUCCESSFUL;
+}
+
diff --git a/source4/librpc/idl-deps.pl b/source4/librpc/idl-deps.pl
index b3f0451eeb..4d97139fc5 100644
--- a/source4/librpc/idl-deps.pl
+++ b/source4/librpc/idl-deps.pl
@@ -1,7 +1,6 @@
#!/usr/bin/perl
use strict;
use File::Basename;
-use Cwd 'abs_path';
sub add($$)
{
@@ -20,7 +19,6 @@ foreach(@ARGV) {
my $gen_ndr = dirname($f);
$gen_ndr =~ s/\/idl$/\/gen_ndr/;
- $gen_ndr = abs_path($gen_ndr);
print "# $f\n";
add("IDL_FILES", $f);
diff --git a/source4/rpc_server/lsa/dcesrv_lsa.c b/source4/rpc_server/lsa/dcesrv_lsa.c
index 1f1f6afa6d..cbadf654fb 100644
--- a/source4/rpc_server/lsa/dcesrv_lsa.c
+++ b/source4/rpc_server/lsa/dcesrv_lsa.c
@@ -933,7 +933,7 @@ static NTSTATUS dcesrv_lsa_CreateTrustedDomain_base(struct dcesrv_call_state *dc
if (r->in.info->trust_direction & LSA_TRUST_DIRECTION_INBOUND) {
msg_user = ldb_msg_new(mem_ctx);
- if (msg == NULL) {
+ if (msg_user == NULL) {
ldb_transaction_cancel(trusted_domain_state->policy->sam_ldb);
return NT_STATUS_NO_MEMORY;
}