summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--PFIF.txt7
-rw-r--r--README8
-rw-r--r--source3/auth/auth_domain.c2
-rw-r--r--source3/client/client.c5
-rw-r--r--source3/client/clitar.c7
-rw-r--r--source3/client/smbmnt.c5
-rw-r--r--source3/client/smbmount.c4
-rw-r--r--source3/include/debug.h7
-rw-r--r--source3/include/rpc_dce.h2
-rw-r--r--source3/include/rpc_samr.h27
-rw-r--r--source3/include/smb.h13
-rw-r--r--source3/include/vfs.h3
-rw-r--r--source3/include/vfs_macros.h3
-rw-r--r--source3/lib/afs_settoken.c29
-rw-r--r--source3/lib/debug.c5
-rw-r--r--source3/lib/replace/system/config.m425
-rw-r--r--source3/lib/util.c2
-rw-r--r--source3/lib/util_sock.c42
-rw-r--r--source3/libads/ads_struct.c7
-rw-r--r--source3/libnet/libnet_conf.c22
-rw-r--r--source3/libnet/libnet_join.c7
-rw-r--r--source3/libsmb/cliconnect.c17
-rw-r--r--source3/libsmb/clientgen.c8
-rw-r--r--source3/libsmb/trusts_util.c2
-rw-r--r--source3/modules/vfs_default.c14
-rw-r--r--source3/modules/vfs_recycle.c4
-rw-r--r--source3/modules/vfs_streams_depot.c13
-rw-r--r--source3/modules/vfs_streams_xattr.c27
-rw-r--r--source3/nmbd/nmbd_processlogon.c3
-rw-r--r--source3/param/loadparm.c4
-rw-r--r--source3/printing/load.c4
-rw-r--r--source3/printing/lpq_parse.c6
-rw-r--r--source3/printing/print_aix.c3
-rw-r--r--source3/rpc_client/cli_pipe.c4
-rw-r--r--source3/rpc_client/cli_samr.c4
-rw-r--r--source3/rpc_parse/parse_samr.c6
-rw-r--r--source3/rpcclient/cmd_samr.c11
-rw-r--r--source3/rpcclient/cmd_spoolss.c10
-rw-r--r--source3/rpcclient/rpcclient.c2
-rw-r--r--source3/services/services_db.c4
-rw-r--r--source3/smbd/msdfs.c5
-rw-r--r--source3/smbd/open.c3
-rw-r--r--source3/smbd/password.c12
-rw-r--r--source3/smbd/process.c30
-rw-r--r--source3/smbd/service.c10
-rw-r--r--source3/smbd/trans2.c51
-rw-r--r--source3/smbd/utmp.c2
-rw-r--r--source3/torture/torture.c5
-rw-r--r--source3/utils/net_domain.c8
-rw-r--r--source3/utils/net_rpc.c20
-rw-r--r--source3/utils/net_rpc_join.c12
-rw-r--r--source3/utils/net_rpc_samsync.c2
-rw-r--r--source3/web/cgi.c4
-rw-r--r--source3/winbindd/winbindd_cm.c14
-rw-r--r--source3/winbindd/winbindd_dual.c1
-rw-r--r--source3/winbindd/winbindd_util.c2
56 files changed, 349 insertions, 210 deletions
diff --git a/PFIF.txt b/PFIF.txt
new file mode 100644
index 0000000000..09f1458e44
--- /dev/null
+++ b/PFIF.txt
@@ -0,0 +1,7 @@
+This code was developed in participation with the Protocol Freedom
+Information Foundation.
+
+Please see
+ http://protocolfreedom.org/ and
+ http://samba.org/samba/PFIF/
+for more details.
diff --git a/README b/README
index 1d55a1040c..e6634febc0 100644
--- a/README
+++ b/README
@@ -102,16 +102,16 @@ for more details) and are always glad to receive feedback or
suggestions to the address samba@lists.samba.org. More information
on the various Samba mailing lists can be found at http://lists.samba.org/.
-You can also get the Samba sourcecode straight from the Subversion tree - see
-http://samba.org/samba/subversion.html.
+You can also get the Samba sourcecode straight from the git repository - see
+http://wiki.samba.org/index.php/Using_Git_for_Samba_Development.
You could also send hardware/software/money/jewelry or pre-paid pizza
vouchers directly to Andrew. The pizza vouchers would be especially
welcome, in fact there is a special field in the survey for people who
have paid up their pizza :-)
-If you like a particular feature then look through the Subversion change-log
-(on the web at http://websvn.samba.org/cgi-bin/viewcvs.cgi) and see
+If you like a particular feature then look through the git change-log
+(on the web at http://gitweb.samba.org/?p=samba.git;a=summary) and see
who added it, then send them an email.
Remember that free software of this kind lives or dies by the response
diff --git a/source3/auth/auth_domain.c b/source3/auth/auth_domain.c
index 1de9869f90..40a2985600 100644
--- a/source3/auth/auth_domain.c
+++ b/source3/auth/auth_domain.c
@@ -124,7 +124,7 @@ machine %s. Error was : %s.\n", dc_name, nt_errstr(result)));
if (!lp_client_schannel()) {
/* We need to set up a creds chain on an unauthenticated netlogon pipe. */
- uint32 neg_flags = NETLOGON_NEG_AUTH2_FLAGS;
+ uint32 neg_flags = NETLOGON_NEG_SELECT_AUTH2_FLAGS;
uint32 sec_chan_type = 0;
unsigned char machine_pwd[16];
const char *account_name;
diff --git a/source3/client/client.c b/source3/client/client.c
index 28b4a2b24b..c934310491 100644
--- a/source3/client/client.c
+++ b/source3/client/client.c
@@ -1463,6 +1463,7 @@ static int cmd_mkdir(void)
struct cli_state *targetcli;
char *targetname = NULL;
char *p = NULL;
+ char *saveptr;
ddir2 = talloc_strdup(ctx, "");
if (!ddir2) {
@@ -1478,7 +1479,7 @@ static int cmd_mkdir(void)
return 1;
}
trim_char(ddir,'.','\0');
- p = strtok(ddir,"/\\");
+ p = strtok_r(ddir, "/\\", &saveptr);
while (p) {
ddir2 = talloc_asprintf_append(ddir2, p);
if (!ddir2) {
@@ -1491,7 +1492,7 @@ static int cmd_mkdir(void)
if (!ddir2) {
return 1;
}
- p = strtok(NULL,"/\\");
+ p = strtok_r(NULL, "/\\", &saveptr);
}
} else {
do_mkdir(mask);
diff --git a/source3/client/clitar.c b/source3/client/clitar.c
index 135815c3cd..816e7b1710 100644
--- a/source3/client/clitar.c
+++ b/source3/client/clitar.c
@@ -513,6 +513,7 @@ static bool ensurepath(const char *fname)
char *partpath, *ffname;
const char *p=fname;
char *basehack;
+ char *saveptr;
DEBUG(5, ( "Ensurepath called with: %s\n", fname));
@@ -528,7 +529,7 @@ static bool ensurepath(const char *fname)
*partpath = 0;
- /* fname copied to ffname so can strtok */
+ /* fname copied to ffname so can strtok_r */
safe_strcpy(ffname, fname, strlen(fname));
@@ -541,7 +542,7 @@ static bool ensurepath(const char *fname)
*basehack='\0';
}
- p=strtok(ffname, "\\");
+ p=strtok_r(ffname, "\\", &saveptr);
while (p) {
safe_strcat(partpath, p, strlen(fname) + 1);
@@ -558,7 +559,7 @@ static bool ensurepath(const char *fname)
}
safe_strcat(partpath, "\\", strlen(fname) + 1);
- p = strtok(NULL,"/\\");
+ p = strtok_r(NULL, "/\\", &saveptr);
}
SAFE_FREE(partpath);
diff --git a/source3/client/smbmnt.c b/source3/client/smbmnt.c
index 7f1e1d5003..79c55b2f90 100644
--- a/source3/client/smbmnt.c
+++ b/source3/client/smbmnt.c
@@ -162,6 +162,7 @@ do_mount(char *share_name, unsigned int flags, struct smb_mount_data *data)
char *release, *major, *minor;
char *data1, *data2;
int ret;
+ char *saveptr;
if (asprintf(&opts,
"version=7,uid=%d,gid=%d,file_mode=0%o,dir_mode=0%o,%s",
@@ -172,8 +173,8 @@ do_mount(char *share_name, unsigned int flags, struct smb_mount_data *data)
uname(&uts);
release = uts.release;
- major = strtok(release, ".");
- minor = strtok(NULL, ".");
+ major = strtok_r(release, ".", &saveptr);
+ minor = strtok_r(NULL, ".", &saveptr);
if (major && minor && atoi(major) == 2 && atoi(minor) < 4) {
/* < 2.4, assume struct */
data1 = (char *) data;
diff --git a/source3/client/smbmount.c b/source3/client/smbmount.c
index 98c61a30d8..9fe2d36bd3 100644
--- a/source3/client/smbmount.c
+++ b/source3/client/smbmount.c
@@ -764,6 +764,7 @@ static void parse_mount_smb(int argc, char **argv)
char *opts;
char *opteq;
int val;
+ char *saveptr;
TALLOC_CTX *ctx = talloc_tos();
/* FIXME: This function can silently fail if the arguments are
@@ -813,7 +814,8 @@ static void parse_mount_smb(int argc, char **argv)
/*
* option parsing from nfsmount.c (util-linux-2.9u)
*/
- for (opts = strtok(optarg, ","); opts; opts = strtok(NULL, ",")) {
+ for (opts = strtok_r(optarg, ",", &saveptr); opts;
+ opts = strtok_r(NULL, ",", &saveptr)) {
DEBUG(3, ("opts: %s\n", opts));
if ((opteq = strchr_m(opts, '='))) {
val = atoi(opteq + 1);
diff --git a/source3/include/debug.h b/source3/include/debug.h
index 284671c730..d8dafcbd45 100644
--- a/source3/include/debug.h
+++ b/source3/include/debug.h
@@ -176,11 +176,14 @@ extern bool *DEBUGLEVEL_CLASS_ISSET;
#define unlikely(x) (x)
#endif
-#define DEBUGLVL( level ) \
+#define CHECK_DEBUGLVL( level ) \
( ((level) <= MAX_DEBUG_LEVEL) && \
unlikely((DEBUGLEVEL_CLASS[ DBGC_CLASS ] >= (level))|| \
(!DEBUGLEVEL_CLASS_ISSET[ DBGC_CLASS ] && \
- DEBUGLEVEL_CLASS[ DBGC_ALL ] >= (level)) ) \
+ DEBUGLEVEL_CLASS[ DBGC_ALL ] >= (level)) ) )
+
+#define DEBUGLVL( level ) \
+ ( CHECK_DEBUGLVL(level) \
&& dbghdr( level, DBGC_CLASS, __FILE__, FUNCTION_MACRO, (__LINE__) ) )
diff --git a/source3/include/rpc_dce.h b/source3/include/rpc_dce.h
index f162196524..ec08eb5f8f 100644
--- a/source3/include/rpc_dce.h
+++ b/source3/include/rpc_dce.h
@@ -106,6 +106,8 @@ enum RPC_PKT_TYPE {
/* these are the flags that ADS clients use */
#define NETLOGON_NEG_AUTH2_ADS_FLAGS (0x200fbffb | NETLOGON_NEG_ARCFOUR | NETLOGON_NEG_128BIT | NETLOGON_NEG_SCHANNEL)
+#define NETLOGON_NEG_SELECT_AUTH2_FLAGS ((lp_security() == SEC_ADS) ? NETLOGON_NEG_AUTH2_ADS_FLAGS : NETLOGON_NEG_AUTH2_FLAGS)
+
enum schannel_direction {
SENDER_IS_INITIATOR,
SENDER_IS_ACCEPTOR
diff --git a/source3/include/rpc_samr.h b/source3/include/rpc_samr.h
index 9274e37682..5ddb877b90 100644
--- a/source3/include/rpc_samr.h
+++ b/source3/include/rpc_samr.h
@@ -145,6 +145,31 @@ SamrTestPrivateFunctionsUser
#define SAMR_CHGPASSWD_USER3 0x3F
#define SAMR_CONNECT5 0x40
+/* SAMR account creation flags/permissions */
+#define SAMR_USER_GETNAME 0x1
+#define SAMR_USER_GETLOCALE 0x2
+#define SAMR_USER_GETLOCCOM 0x4
+#define SAMR_USER_GETLOGONINFO 0x8
+#define SAMR_USER_GETATTR 0x10
+#define SAMR_USER_SETATTR 0x20
+#define SAMR_USER_CHPASS 0x40
+#define SAMR_USER_SETPASS 0x80
+#define SAMR_USER_GETGROUPS 0x100
+#define SAMR_USER_GETMEMBERSHIP 0x200
+#define SAMR_USER_CHMEMBERSHIP 0x400
+#define SAMR_STANDARD_DELETE 0x10000
+#define SAMR_STANDARD_READCTRL 0x20000
+#define SAMR_STANDARD_WRITEDAC 0x40000
+#define SAMR_STANDARD_WRITEOWNER 0x80000
+#define SAMR_STANDARD_SYNC 0x100000
+#define SAMR_GENERIC_ACCESSSACL 0x800000
+#define SAMR_GENERIC_MAXALLOWED 0x2000000
+#define SAMR_GENERIC_ALL 0x10000000
+#define SAMR_GENERIC_EXECUTE 0x20000000
+#define SAMR_GENERIC_WRITE 0x40000000
+#define SAMR_GENERIC_READ 0x80000000
+
+
typedef struct logon_hours_info
{
uint32 max_len; /* normally 1260 bytes */
@@ -1555,7 +1580,7 @@ typedef struct q_samr_create_user_info
UNISTR2 uni_name; /* unicode account name */
uint32 acb_info; /* account control info */
- uint32 access_mask; /* 0xe005 00b0 */
+ uint32 acct_flags; /* 0xe005 00b0 */
} SAMR_Q_CREATE_USER;
diff --git a/source3/include/smb.h b/source3/include/smb.h
index 25421115c8..f3cf1db6f8 100644
--- a/source3/include/smb.h
+++ b/source3/include/smb.h
@@ -1904,6 +1904,8 @@ struct ea_list {
#define SAMBA_POSIX_INHERITANCE_EA_NAME "user.SAMBA_PAI"
/* EA to use for DOS attributes */
#define SAMBA_XATTR_DOS_ATTRIB "user.DOSATTRIB"
+/* Prefix for DosStreams in the vfs_streams_xattr module */
+#define SAMBA_XATTR_DOSSTREAM_PREFIX "user.DosStream."
#define UUID_SIZE 16
@@ -1934,4 +1936,15 @@ enum usershare_err {
/* Different reasons for closing a file. */
enum file_close_type {NORMAL_CLOSE=0,SHUTDOWN_CLOSE,ERROR_CLOSE};
+/* Used in SMB_FS_OBJECTID_INFORMATION requests. Must be exactly 48 bytes. */
+#define SAMBA_EXTENDED_INFO_MAGIC 0x536d4261 /* "SmBa" */
+#define SAMBA_EXTENDED_INFO_VERSION_STRING_LENGTH 28
+struct smb_extended_info {
+ uint32 samba_magic; /* Always SAMBA_EXTRA_INFO_MAGIC */
+ uint32 samba_version; /* Major/Minor/Release/Revision */
+ uint32 samba_subversion; /* Prerelease/RC/Vendor patch */
+ NTTIME samba_gitcommitdate;
+ char samba_version_string[SAMBA_EXTENDED_INFO_VERSION_STRING_LENGTH];
+};
+
#endif /* _SMB_H */
diff --git a/source3/include/vfs.h b/source3/include/vfs.h
index cda28a1680..ca176aabb2 100644
--- a/source3/include/vfs.h
+++ b/source3/include/vfs.h
@@ -149,6 +149,7 @@ typedef enum _vfs_op_type {
SMB_VFS_OP_SET_QUOTA,
SMB_VFS_OP_GET_SHADOW_COPY_DATA,
SMB_VFS_OP_STATVFS,
+ SMB_VFS_OP_FS_CAPABILITIES,
/* Directory operations */
@@ -284,6 +285,7 @@ struct vfs_ops {
int (*set_quota)(struct vfs_handle_struct *handle, enum SMB_QUOTA_TYPE qtype, unid_t id, SMB_DISK_QUOTA *qt);
int (*get_shadow_copy_data)(struct vfs_handle_struct *handle, struct files_struct *fsp, SHADOW_COPY_DATA *shadow_copy_data, bool labels);
int (*statvfs)(struct vfs_handle_struct *handle, const char *path, struct vfs_statvfs_struct *statbuf);
+ uint32_t (*fs_capabilities)(struct vfs_handle_struct *handle);
/* Directory operations */
@@ -435,6 +437,7 @@ struct vfs_ops {
struct vfs_handle_struct *set_quota;
struct vfs_handle_struct *get_shadow_copy_data;
struct vfs_handle_struct *statvfs;
+ struct vfs_handle_struct *fs_capabilities;
/* Directory operations */
diff --git a/source3/include/vfs_macros.h b/source3/include/vfs_macros.h
index 1674f26326..1e64bd5ac3 100644
--- a/source3/include/vfs_macros.h
+++ b/source3/include/vfs_macros.h
@@ -34,6 +34,7 @@
#define SMB_VFS_SET_QUOTA(conn, qtype, id, qt) ((conn)->vfs.ops.set_quota((conn)->vfs.handles.set_quota, (qtype), (id), (qt)))
#define SMB_VFS_GET_SHADOW_COPY_DATA(fsp,shadow_copy_data,labels) ((fsp)->conn->vfs.ops.get_shadow_copy_data((fsp)->conn->vfs.handles.get_shadow_copy_data,(fsp),(shadow_copy_data),(labels)))
#define SMB_VFS_STATVFS(conn, path, statbuf) ((conn)->vfs.ops.statvfs((conn)->vfs.handles.statvfs, (path), (statbuf)))
+#define SMB_VFS_FS_CAPABILITIES(conn) ((conn)->vfs.ops.fs_capabilities((conn)->vfs.handles.fs_capabilities))
/* Directory operations */
#define SMB_VFS_OPENDIR(conn, fname, mask, attr) ((conn)->vfs.ops.opendir((conn)->vfs.handles.opendir, (fname), (mask), (attr)))
@@ -159,6 +160,7 @@
#define SMB_VFS_OPAQUE_SET_QUOTA(conn, qtype, id, qt) ((conn)->vfs_opaque.ops.set_quota((conn)->vfs_opaque.handles.set_quota, (qtype), (id), (qt)))
#define SMB_VFS_OPAQUE_GET_SHADOW_COPY_DATA(fsp,shadow_copy_data,labels) ((fsp)->conn->vfs_opaque.ops.get_shadow_copy_data((fsp)->conn->vfs_opaque.handles.get_shadow_copy_data,(fsp),(shadow_copy_data),(labels)))
#define SMB_VFS_OPAQUE_STATVFS(conn, path, statbuf) ((conn)->vfs_opaque.ops.statvfs((conn)->vfs_opaque.handles.statvfs, (path), (statbuf)))
+#define SMB_VFS_OPAQUE_FS_CAPABILITIES(conn) ((conn)->vfs_opaque.ops.fs_capabilities((conn)->vfs_opaque.handles.fs_capabilities))
/* Directory operations */
#define SMB_VFS_OPAQUE_OPENDIR(conn, fname, mask, attr) ((conn)->vfs_opaque.ops.opendir((conn)->vfs_opaque.handles.opendir, (fname), (mask), (attr)))
@@ -284,6 +286,7 @@
#define SMB_VFS_NEXT_SET_QUOTA(handle, qtype, id, qt) ((handle)->vfs_next.ops.set_quota((handle)->vfs_next.handles.set_quota, (qtype), (id), (qt)))
#define SMB_VFS_NEXT_GET_SHADOW_COPY_DATA(handle, fsp, shadow_copy_data ,labels) ((handle)->vfs_next.ops.get_shadow_copy_data((handle)->vfs_next.handles.get_shadow_copy_data,(fsp),(shadow_copy_data),(labels)))
#define SMB_VFS_NEXT_STATVFS(handle, path, statbuf) ((handle)->vfs_next.ops.statvfs((handle)->vfs_next.handles.statvfs, (path), (statbuf)))
+#define SMB_VFS_NEXT_FS_CAPABILITIES(handle) ((handle)->vfs_next.ops.fs_capabilities((handle)->vfs_next.handles.fs_capabilities))
/* Directory operations */
#define SMB_VFS_NEXT_OPENDIR(handle, fname, mask, attr) ((handle)->vfs_next.ops.opendir((handle)->vfs_next.handles.opendir, (fname), (mask), (attr)))
diff --git a/source3/lib/afs_settoken.c b/source3/lib/afs_settoken.c
index aeef1c3520..444f09efca 100644
--- a/source3/lib/afs_settoken.c
+++ b/source3/lib/afs_settoken.c
@@ -53,20 +53,21 @@ static bool afs_decode_token(const char *string, char **cell,
{
DATA_BLOB blob;
struct ClearToken result_ct;
+ char *saveptr;
char *s = SMB_STRDUP(string);
char *t;
- if ((t = strtok(s, "\n")) == NULL) {
- DEBUG(10, ("strtok failed\n"));
+ if ((t = strtok_r(s, "\n", &saveptr)) == NULL) {
+ DEBUG(10, ("strtok_r failed\n"));
return False;
}
*cell = SMB_STRDUP(t);
- if ((t = strtok(NULL, "\n")) == NULL) {
- DEBUG(10, ("strtok failed\n"));
+ if ((t = strtok_r(NULL, "\n", &saveptr)) == NULL) {
+ DEBUG(10, ("strtok_r failed\n"));
return False;
}
@@ -75,8 +76,8 @@ static bool afs_decode_token(const char *string, char **cell,
return False;
}
- if ((t = strtok(NULL, "\n")) == NULL) {
- DEBUG(10, ("strtok failed\n"));
+ if ((t = strtok_r(NULL, "\n", &saveptr)) == NULL) {
+ DEBUG(10, ("strtok_r failed\n"));
return False;
}
@@ -93,8 +94,8 @@ static bool afs_decode_token(const char *string, char **cell,
data_blob_free(&blob);
- if ((t = strtok(NULL, "\n")) == NULL) {
- DEBUG(10, ("strtok failed\n"));
+ if ((t = strtok_r(NULL, "\n", &saveptr)) == NULL) {
+ DEBUG(10, ("strtok_r failed\n"));
return False;
}
@@ -103,8 +104,8 @@ static bool afs_decode_token(const char *string, char **cell,
return False;
}
- if ((t = strtok(NULL, "\n")) == NULL) {
- DEBUG(10, ("strtok failed\n"));
+ if ((t = strtok_r(NULL, "\n", &saveptr)) == NULL) {
+ DEBUG(10, ("strtok_r failed\n"));
return False;
}
@@ -113,8 +114,8 @@ static bool afs_decode_token(const char *string, char **cell,
return False;
}
- if ((t = strtok(NULL, "\n")) == NULL) {
- DEBUG(10, ("strtok failed\n"));
+ if ((t = strtok_r(NULL, "\n", &saveptr)) == NULL) {
+ DEBUG(10, ("strtok_r failed\n"));
return False;
}
@@ -123,8 +124,8 @@ static bool afs_decode_token(const char *string, char **cell,
return False;
}
- if ((t = strtok(NULL, "\n")) == NULL) {
- DEBUG(10, ("strtok failed\n"));
+ if ((t = strtok_r(NULL, "\n", &saveptr)) == NULL) {
+ DEBUG(10, ("strtok_r failed\n"));
return False;
}
diff --git a/source3/lib/debug.c b/source3/lib/debug.c
index 6c1bfea04f..51bb0d7541 100644
--- a/source3/lib/debug.c
+++ b/source3/lib/debug.c
@@ -429,8 +429,9 @@ static bool debug_parse_params(char **params)
/* Fill in new debug class levels */
for (; i < debug_num_classes && params[i]; i++) {
- if ((class_name=strtok(params[i],":")) &&
- (class_level=strtok(NULL, "\0")) &&
+ char *saveptr;
+ if ((class_name = strtok_r(params[i],":", &saveptr)) &&
+ (class_level = strtok_r(NULL, "\0", &saveptr)) &&
((ndx = debug_lookup_classname(class_name)) != -1)) {
DEBUGLEVEL_CLASS[ndx] = atoi(class_level);
DEBUGLEVEL_CLASS_ISSET[ndx] = True;
diff --git a/source3/lib/replace/system/config.m4 b/source3/lib/replace/system/config.m4
index 799187af7d..1c05733126 100644
--- a/source3/lib/replace/system/config.m4
+++ b/source3/lib/replace/system/config.m4
@@ -73,6 +73,18 @@ AC_VERIFY_C_PROTOTYPE([struct passwd *getpwent_r(struct passwd *src, char *buf,
#include <unistd.h>
#include <pwd.h>
])
+AC_VERIFY_C_PROTOTYPE([struct passwd *getpwent_r(struct passwd *src, char *buf, size_t buflen)],
+ [
+ #ifndef HAVE_GETPWENT_R_DECL
+ #error missing getpwent_r prototype
+ #endif
+ return NULL;
+ ],[
+ AC_DEFINE(SOLARIS_GETPWENT_R, 1, [getpwent_r irix (similar to solaris) function prototype])
+ ],[],[
+ #include <unistd.h>
+ #include <pwd.h>
+ ])
AC_CHECK_FUNCS(getgrnam_r getgrgid_r getgrent_r)
AC_HAVE_DECL(getgrent_r, [
#include <unistd.h>
@@ -91,6 +103,19 @@ AC_VERIFY_C_PROTOTYPE([struct group *getgrent_r(struct group *src, char *buf, in
#include <grp.h>
])
+AC_VERIFY_C_PROTOTYPE([struct group *getgrent_r(struct group *src, char *buf, size_t buflen)],
+ [
+ #ifndef HAVE_GETGRENT_R_DECL
+ #error missing getgrent_r prototype
+ #endif
+ return NULL;
+ ],[
+ AC_DEFINE(SOLARIS_GETGRENT_R, 1, [getgrent_r irix (similar to solaris) function prototype])
+ ],[],[
+ #include <unistd.h>
+ #include <grp.h>
+ ])
+
# locale
AC_CHECK_HEADERS(ctype.h locale.h)
diff --git a/source3/lib/util.c b/source3/lib/util.c
index 11f3660df8..e5ac3752f5 100644
--- a/source3/lib/util.c
+++ b/source3/lib/util.c
@@ -2182,7 +2182,7 @@ void dump_data_pw(const char *msg, const uchar * data, size_t len)
const char *tab_depth(int level, int depth)
{
- if( DEBUGLVL(level) ) {
+ if( CHECK_DEBUGLVL(level) ) {
dbgtext("%*s", depth*4, "");
}
return "";
diff --git a/source3/lib/util_sock.c b/source3/lib/util_sock.c
index f524d0d826..fb8f41513b 100644
--- a/source3/lib/util_sock.c
+++ b/source3/lib/util_sock.c
@@ -1054,44 +1054,7 @@ ssize_t read_socket_with_timeout(int fd,
ssize_t read_data(int fd,char *buffer,size_t N, enum smb_read_errors *pre)
{
- ssize_t ret;
- size_t total=0;
- char addr[INET6_ADDRSTRLEN];
-
- set_smb_read_error(pre,SMB_READ_OK);
-
- while (total < N) {
- ret = sys_read(fd,buffer + total,N - total);
-
- if (ret == 0) {
- DEBUG(10,("read_data: read of %d returned 0. "
- "Error = %s\n",
- (int)(N - total), strerror(errno) ));
- set_smb_read_error(pre,SMB_READ_EOF);
- return 0;
- }
-
- if (ret == -1) {
- if (fd == get_client_fd()) {
- /* Try and give an error message saying
- * what client failed. */
- DEBUG(0,("read_data: read failure for %d "
- "bytes to client %s. Error = %s\n",
- (int)(N - total),
- get_peer_addr(fd,addr,sizeof(addr)),
- strerror(errno) ));
- } else {
- DEBUG(0,("read_data: read failure for %d. "
- "Error = %s\n",
- (int)(N - total),
- strerror(errno) ));
- }
- set_smb_read_error(pre,SMB_READ_ERROR);
- return -1;
- }
- total += ret;
- }
- return (ssize_t)total;
+ return read_socket_with_timeout(fd, buffer, N, N, 0, pre);
}
/****************************************************************************
@@ -2083,7 +2046,8 @@ const char *get_mydnsfullname(void)
if (!memcache_lookup(NULL, SINGLETON_CACHE,
data_blob_string_const("get_mydnsfullname"),
&tmp)) {
- tmp = data_blob_string_const(res->ai_canonname);
+ tmp = data_blob_talloc(talloc_tos(), res->ai_canonname,
+ strlen(res->ai_canonname) + 1);
}
freeaddrinfo(res);
diff --git a/source3/libads/ads_struct.c b/source3/libads/ads_struct.c
index 44bcdf76ea..8cc2f1215e 100644
--- a/source3/libads/ads_struct.c
+++ b/source3/libads/ads_struct.c
@@ -29,7 +29,8 @@ char *ads_build_path(const char *realm, const char *sep, const char *field, int
int numbits = 0;
char *ret;
int len;
-
+ char *saveptr;
+
r = SMB_STRDUP(realm);
if (!r || !*r) {
@@ -51,11 +52,11 @@ char *ads_build_path(const char *realm, const char *sep, const char *field, int
}
strlcpy(ret,field, len);
- p=strtok(r,sep);
+ p=strtok_r(r, sep, &saveptr);
if (p) {
strlcat(ret, p, len);
- while ((p=strtok(NULL,sep))) {
+ while ((p=strtok_r(NULL, sep, &saveptr)) != NULL) {
char *s;
if (reverse)
asprintf(&s, "%s%s,%s", field, p, ret);
diff --git a/source3/libnet/libnet_conf.c b/source3/libnet/libnet_conf.c
index d20e10b141..4d998acad8 100644
--- a/source3/libnet/libnet_conf.c
+++ b/source3/libnet/libnet_conf.c
@@ -48,6 +48,10 @@ static WERROR libnet_conf_add_string_to_array(TALLOC_CTX *mem_ctx,
}
new_array[count] = talloc_strdup(new_array, string);
+ if (new_array[count] == NULL) {
+ TALLOC_FREE(new_array);
+ return WERR_NOMEM;
+ }
*array = new_array;
@@ -134,6 +138,10 @@ static WERROR libnet_conf_reg_open_service_key(TALLOC_CTX *mem_ctx,
}
path = talloc_asprintf(mem_ctx, "%s\\%s", KEY_SMBCONF, servicename);
+ if (path == NULL) {
+ werr = WERR_NOMEM;
+ goto done;
+ }
werr = libnet_conf_reg_open_path(mem_ctx, ctx, path, desired_access,
key);
@@ -191,7 +199,7 @@ static WERROR libnet_conf_reg_create_service_key(TALLOC_CTX *mem_ctx,
/* create a new talloc ctx for creation. it will hold
* the intermediate parent key (SMBCONF) for creation
* and will be destroyed when leaving this function... */
- if (!(create_ctx = talloc_new(mem_ctx))) {
+ if (!(create_ctx = talloc_stackframe())) {
werr = WERR_NOMEM;
goto done;
}
@@ -316,8 +324,12 @@ static char *libnet_conf_format_registry_value(TALLOC_CTX *mem_ctx,
case REG_MULTI_SZ: {
uint32 j;
for (j = 0; j < value->v.multi_sz.num_strings; j++) {
- result = talloc_asprintf(mem_ctx, "\"%s\" ",
+ result = talloc_asprintf(mem_ctx, "%s \"%s\" ",
+ result,
value->v.multi_sz.strings[j]);
+ if (result == NULL) {
+ break;
+ }
}
break;
}
@@ -357,7 +369,7 @@ static WERROR libnet_conf_reg_get_values(TALLOC_CTX *mem_ctx,
goto done;
}
- tmp_ctx = talloc_new(mem_ctx);
+ tmp_ctx = talloc_stackframe();
if (tmp_ctx == NULL) {
werr = WERR_NOMEM;
goto done;
@@ -540,7 +552,7 @@ WERROR libnet_conf_get_config(TALLOC_CTX *mem_ctx,
goto done;
}
- tmp_ctx = talloc_new(mem_ctx);
+ tmp_ctx = talloc_stackframe();
if (tmp_ctx == NULL) {
werr = WERR_NOMEM;
goto done;
@@ -615,7 +627,7 @@ WERROR libnet_conf_get_share_names(TALLOC_CTX *mem_ctx,
goto done;
}
- tmp_ctx = talloc_new(mem_ctx);
+ tmp_ctx = talloc_stackframe();
if (tmp_ctx == NULL) {
werr = WERR_NOMEM;
goto done;
diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c
index a9978ba4b8..538cca7994 100644
--- a/source3/libnet/libnet_join.c
+++ b/source3/libnet/libnet_join.c
@@ -684,10 +684,15 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx,
const_acct_name = acct_name;
if (r->in.join_flags & WKSSVC_JOIN_FLAGS_ACCOUNT_CREATE) {
+ uint32 acct_flags = SAMR_GENERIC_READ | SAMR_GENERIC_WRITE |
+ SAMR_GENERIC_EXECUTE | SAMR_STANDARD_WRITEDAC |
+ SAMR_STANDARD_DELETE | SAMR_USER_SETPASS |
+ SAMR_USER_GETATTR | SAMR_USER_SETATTR;
+
status = rpccli_samr_create_dom_user(pipe_hnd, mem_ctx,
&domain_pol,
acct_name, ACB_WSTRUST,
- 0xe005000b, &user_pol,
+ acct_flags, &user_pol,
&user_rid);
if (NT_STATUS_EQUAL(status, NT_STATUS_USER_EXISTS)) {
if (!(r->in.join_flags &
diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c
index 4560521d4a..f3926b777b 100644
--- a/source3/libsmb/cliconnect.c
+++ b/source3/libsmb/cliconnect.c
@@ -872,13 +872,27 @@ ADS_STATUS cli_session_setup_spnego(struct cli_state *cli, const char *user,
!strequal(star_smbserver_name,
cli->desthost)) {
char *realm = NULL;
+ char *machine = NULL;
+ char *host = NULL;
DEBUG(3,("cli_session_setup_spnego: got a "
"bad server principal, trying to guess ...\n"));
+ host = strchr_m(cli->desthost, '.');
+ if (host) {
+ machine = SMB_STRNDUP(cli->desthost,
+ host - cli->desthost);
+ } else {
+ machine = SMB_STRDUP(cli->desthost);
+ }
+ if (machine == NULL) {
+ return ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
+ }
+
realm = kerberos_get_default_realm_from_ccache();
if (realm && *realm) {
if (asprintf(&principal, "%s$@%s",
- cli->desthost, realm) < 0) {
+ machine, realm) < 0) {
+ SAFE_FREE(machine);
SAFE_FREE(realm);
return ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
}
@@ -886,6 +900,7 @@ ADS_STATUS cli_session_setup_spnego(struct cli_state *cli, const char *user,
"server principal=%s\n",
principal ? principal : "<null>"));
}
+ SAFE_FREE(machine);
SAFE_FREE(realm);
}
diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c
index ecef293d07..042b3bdfb0 100644
--- a/source3/libsmb/clientgen.c
+++ b/source3/libsmb/clientgen.c
@@ -180,12 +180,8 @@ bool cli_receive_smb(struct cli_state *cli)
ssize_t cli_receive_smb_data(struct cli_state *cli, char *buffer, size_t len)
{
- if (cli->timeout > 0) {
- return read_socket_with_timeout(cli->fd, buffer, len,
- len, cli->timeout, &cli->smb_rw_error);
- } else {
- return read_data(cli->fd, buffer, len, &cli->smb_rw_error);
- }
+ return read_socket_with_timeout(cli->fd, buffer, len, len,
+ cli->timeout, &cli->smb_rw_error);
}
/****************************************************************************
diff --git a/source3/libsmb/trusts_util.c b/source3/libsmb/trusts_util.c
index 732dc78c75..1ca7d56a83 100644
--- a/source3/libsmb/trusts_util.c
+++ b/source3/libsmb/trusts_util.c
@@ -40,7 +40,7 @@ static NTSTATUS just_change_the_password(struct rpc_pipe_client *cli, TALLOC_CTX
already have valid creds. If not we must set them up. */
if (cli->auth.auth_type != PIPE_AUTH_TYPE_SCHANNEL) {
- uint32 neg_flags = NETLOGON_NEG_AUTH2_FLAGS;
+ uint32 neg_flags = NETLOGON_NEG_SELECT_AUTH2_FLAGS;
result = rpccli_netlogon_setup_creds(cli,
cli->cli->desthost, /* server name */
diff --git a/source3/modules/vfs_default.c b/source3/modules/vfs_default.c
index 2e620d04cc..cf135dfd03 100644
--- a/source3/modules/vfs_default.c
+++ b/source3/modules/vfs_default.c
@@ -90,6 +90,17 @@ static int vfswrap_statvfs(struct vfs_handle_struct *handle, const char *path,
return sys_statvfs(path, statbuf);
}
+static uint32_t vfswrap_fs_capabilities(struct vfs_handle_struct *handle)
+{
+#if defined(DARWINOS)
+ struct vfs_statvfs_struct statbuf;
+ ZERO_STRUCT(statbuf);
+ sys_statvfs(handle->conn->connectpath, &statbuf);
+ return statbuf.FsCapabilities;
+#endif
+ return FILE_CASE_SENSITIVE_SEARCH | FILE_CASE_PRESERVED_NAMES;
+}
+
/* Directory operations */
static SMB_STRUCT_DIR *vfswrap_opendir(vfs_handle_struct *handle, const char *fname, const char *mask, uint32 attr)
@@ -950,7 +961,6 @@ static NTSTATUS vfswrap_streaminfo(vfs_handle_struct *handle,
struct stream_struct **pstreams)
{
SMB_STRUCT_STAT sbuf;
- NTSTATUS status;
unsigned int num_streams = 0;
struct stream_struct *streams = NULL;
int ret;
@@ -1330,6 +1340,8 @@ static vfs_op_tuple vfs_default_ops[] = {
SMB_VFS_LAYER_OPAQUE},
{SMB_VFS_OP(vfswrap_statvfs), SMB_VFS_OP_STATVFS,
SMB_VFS_LAYER_OPAQUE},
+ {SMB_VFS_OP(vfswrap_fs_capabilities), SMB_VFS_OP_FS_CAPABILITIES,
+ SMB_VFS_LAYER_OPAQUE},
/* Directory operations */
diff --git a/source3/modules/vfs_recycle.c b/source3/modules/vfs_recycle.c
index fef65efa77..da1716719a 100644
--- a/source3/modules/vfs_recycle.c
+++ b/source3/modules/vfs_recycle.c
@@ -269,6 +269,7 @@ static bool recycle_create_dir(vfs_handle_struct *handle, const char *dname)
char *token;
char *tok_str;
bool ret = False;
+ char *saveptr;
mode = recycle_directory_mode(handle);
@@ -286,7 +287,8 @@ static bool recycle_create_dir(vfs_handle_struct *handle, const char *dname)
}
/* Create directory tree if neccessary */
- for(token = strtok(tok_str, "/"); token; token = strtok(NULL, "/")) {
+ for(token = strtok_r(tok_str, "/", &saveptr); token;
+ token = strtok_r(NULL, "/", &saveptr)) {
safe_strcat(new_dir, token, len);
if (recycle_directory_exist(handle, new_dir))
DEBUG(10, ("recycle: dir %s already exists\n", new_dir));
diff --git a/source3/modules/vfs_streams_depot.c b/source3/modules/vfs_streams_depot.c
index 68e7a75947..fa85ea4a57 100644
--- a/source3/modules/vfs_streams_depot.c
+++ b/source3/modules/vfs_streams_depot.c
@@ -610,22 +610,15 @@ static NTSTATUS streams_depot_streaminfo(vfs_handle_struct *handle,
return NT_STATUS_OK;
}
-static int streams_depot_statvfs(struct vfs_handle_struct *handle,
- const char *path,
- struct vfs_statvfs_struct *statbuf)
+static uint32_t streams_depot_fs_capabilities(struct vfs_handle_struct *handle)
{
- int ret;
-
- ret = SMB_VFS_NEXT_STATVFS(handle, path, statbuf);
- statbuf->FsCapabilities |= FILE_NAMED_STREAMS;
- return ret;
-
+ return SMB_VFS_NEXT_FS_CAPABILITIES(handle) | FILE_NAMED_STREAMS;
}
/* VFS operations structure */
static vfs_op_tuple streams_depot_ops[] = {
- {SMB_VFS_OP(streams_depot_statvfs), SMB_VFS_OP_STATVFS,
+ {SMB_VFS_OP(streams_depot_fs_capabilities), SMB_VFS_OP_FS_CAPABILITIES,
SMB_VFS_LAYER_TRANSPARENT},
{SMB_VFS_OP(streams_depot_open), SMB_VFS_OP_OPEN,
SMB_VFS_LAYER_TRANSPARENT},
diff --git a/source3/modules/vfs_streams_xattr.c b/source3/modules/vfs_streams_xattr.c
index 7ce90ab30b..766e7d10ab 100644
--- a/source3/modules/vfs_streams_xattr.c
+++ b/source3/modules/vfs_streams_xattr.c
@@ -26,8 +26,6 @@
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_VFS
-#define XATTR_DOSSTREAM_PREFIX "user.DosStream."
-
struct stream_io {
char *base;
char *xattr_name;
@@ -140,7 +138,7 @@ static int streams_xattr_stat(vfs_handle_struct *handle, const char *fname,
}
xattr_name = talloc_asprintf(talloc_tos(), "%s%s",
- XATTR_DOSSTREAM_PREFIX, sname);
+ SAMBA_XATTR_DOSSTREAM_PREFIX, sname);
if (xattr_name == NULL) {
errno = ENOMEM;
goto fail;
@@ -187,7 +185,7 @@ static int streams_xattr_lstat(vfs_handle_struct *handle, const char *fname,
}
xattr_name = talloc_asprintf(talloc_tos(), "%s%s",
- XATTR_DOSSTREAM_PREFIX, sname);
+ SAMBA_XATTR_DOSSTREAM_PREFIX, sname);
if (xattr_name == NULL) {
errno = ENOMEM;
goto fail;
@@ -239,7 +237,7 @@ static int streams_xattr_open(vfs_handle_struct *handle, const char *fname,
}
xattr_name = talloc_asprintf(talloc_tos(), "%s%s",
- XATTR_DOSSTREAM_PREFIX, sname);
+ SAMBA_XATTR_DOSSTREAM_PREFIX, sname);
if (xattr_name == NULL) {
errno = ENOMEM;
goto fail;
@@ -373,7 +371,7 @@ static int streams_xattr_unlink(vfs_handle_struct *handle, const char *fname)
}
xattr_name = talloc_asprintf(talloc_tos(), "%s%s",
- XATTR_DOSSTREAM_PREFIX, sname);
+ SAMBA_XATTR_DOSSTREAM_PREFIX, sname);
if (xattr_name == NULL) {
errno = ENOMEM;
goto fail;
@@ -403,7 +401,7 @@ static NTSTATUS walk_xattr_streams(connection_struct *conn, files_struct *fsp,
NTSTATUS status;
char **names;
size_t i, num_names;
- size_t prefix_len = strlen(XATTR_DOSSTREAM_PREFIX);
+ size_t prefix_len = strlen(SAMBA_XATTR_DOSSTREAM_PREFIX);
status = get_ea_names_from_file(talloc_tos(), conn, fsp, fname,
&names, &num_names);
@@ -414,7 +412,7 @@ static NTSTATUS walk_xattr_streams(connection_struct *conn, files_struct *fsp,
for (i=0; i<num_names; i++) {
struct ea_struct ea;
- if (strncmp(names[i], XATTR_DOSSTREAM_PREFIX,
+ if (strncmp(names[i], SAMBA_XATTR_DOSSTREAM_PREFIX,
prefix_len) != 0) {
continue;
}
@@ -560,16 +558,9 @@ static NTSTATUS streams_xattr_streaminfo(vfs_handle_struct *handle,
return NT_STATUS_OK;
}
-static int streams_xattr_statvfs(struct vfs_handle_struct *handle,
- const char *path,
- struct vfs_statvfs_struct *statbuf)
+static uint32_t streams_xattr_fs_capabilities(struct vfs_handle_struct *handle)
{
- int ret;
-
- ret = SMB_VFS_NEXT_STATVFS(handle, path, statbuf);
- statbuf->FsCapabilities |= FILE_NAMED_STREAMS;
- return ret;
-
+ return SMB_VFS_NEXT_FS_CAPABILITIES(handle) | FILE_NAMED_STREAMS;
}
static ssize_t streams_xattr_pwrite(vfs_handle_struct *handle,
@@ -663,7 +654,7 @@ static ssize_t streams_xattr_pread(vfs_handle_struct *handle,
/* VFS operations structure */
static vfs_op_tuple streams_xattr_ops[] = {
- {SMB_VFS_OP(streams_xattr_statvfs), SMB_VFS_OP_STATVFS,
+ {SMB_VFS_OP(streams_xattr_fs_capabilities), SMB_VFS_OP_FS_CAPABILITIES,
SMB_VFS_LAYER_TRANSPARENT},
{SMB_VFS_OP(streams_xattr_open), SMB_VFS_OP_OPEN,
SMB_VFS_LAYER_TRANSPARENT},
diff --git a/source3/nmbd/nmbd_processlogon.c b/source3/nmbd/nmbd_processlogon.c
index 0ff0afd12d..10833e8089 100644
--- a/source3/nmbd/nmbd_processlogon.c
+++ b/source3/nmbd/nmbd_processlogon.c
@@ -399,6 +399,7 @@ reporting %s domain %s 0x%x ntversion=%x lm_nt token=%x lm_20 token=%x\n",
char *component, *dc, *q1;
char *q_orig = q;
int str_offset;
+ char *saveptr;
domain = get_mydnsdomname(talloc_tos());
if (!domain) {
@@ -444,7 +445,7 @@ reporting %s domain %s 0x%x ntversion=%x lm_nt token=%x lm_20 token=%x\n",
str_offset = q - q_orig;
dc = domain;
q1 = q;
- while ((component = strtok(dc, "."))) {
+ while ((component = strtok_r(dc, ".", &saveptr)) != NULL) {
dc = NULL;
if (sizeof(outbuf) - PTR_DIFF(q, outbuf) < 1) {
return;
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index 0796a78dd3..c1d26af989 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -4709,6 +4709,7 @@ static void lp_add_auto_services(char *str)
char *s;
char *p;
int homes;
+ char *saveptr;
if (!str)
return;
@@ -4719,7 +4720,8 @@ static void lp_add_auto_services(char *str)
homes = lp_servicenumber(HOMES_NAME);
- for (p = strtok(s, LIST_SEP); p; p = strtok(NULL, LIST_SEP)) {
+ for (p = strtok_r(s, LIST_SEP, &saveptr); p;
+ p = strtok_r(NULL, LIST_SEP, &saveptr)) {
char *home;
if (lp_servicenumber(p) >= 0)
diff --git a/source3/printing/load.c b/source3/printing/load.c
index f8aba3996d..23144d5a95 100644
--- a/source3/printing/load.c
+++ b/source3/printing/load.c
@@ -28,6 +28,7 @@ static void add_auto_printers(void)
const char *p;
int pnum = lp_servicenumber(PRINTERS_NAME);
char *str;
+ char *saveptr;
if (pnum < 0)
return;
@@ -35,7 +36,8 @@ static void add_auto_printers(void)
if ((str = SMB_STRDUP(lp_auto_services())) == NULL)
return;
- for (p = strtok(str, LIST_SEP); p; p = strtok(NULL, LIST_SEP)) {
+ for (p = strtok_r(str, LIST_SEP, &saveptr); p;
+ p = strtok_r(NULL, LIST_SEP, &saveptr)) {
if (lp_servicenumber(p) >= 0)
continue;
diff --git a/source3/printing/lpq_parse.c b/source3/printing/lpq_parse.c
index 6dcddb6f1b..afa3b4850a 100644
--- a/source3/printing/lpq_parse.c
+++ b/source3/printing/lpq_parse.c
@@ -127,6 +127,7 @@ static bool parse_lpq_bsd(char *line,print_queue_struct *buf,bool first)
int count = 0;
TALLOC_CTX *ctx = talloc_tos();
char *line2 = NULL;
+ char *saveptr;
line2 = talloc_strdup(ctx, line);
if (!line2) {
@@ -144,10 +145,11 @@ static bool parse_lpq_bsd(char *line,print_queue_struct *buf,bool first)
#endif /* OSF1 */
/* FIXME: Use next_token_talloc rather than strtok! */
- tok[0] = strtok(line2," \t");
+ tok[0] = strtok_r(line2," \t", &saveptr);
count++;
- while ((count < MAXTOK) && ((tok[count] = strtok(NULL," \t")) != NULL)) {
+ while ((count < MAXTOK)
+ && ((tok[count] = strtok_r(NULL, " \t", &saveptr)) != NULL)) {
count++;
}
diff --git a/source3/printing/print_aix.c b/source3/printing/print_aix.c
index fd85ca0833..57590cc39e 100644
--- a/source3/printing/print_aix.c
+++ b/source3/printing/print_aix.c
@@ -59,8 +59,9 @@ bool aix_cache_reload(void)
continue;
if ((p = strchr_m(line, ':'))) {
+ char *saveptr;
*p = '\0';
- p = strtok(line, ":");
+ p = strtok_r(line, ":", &saveptr);
if (strcmp(p, "bsh") != 0) {
name = talloc_strdup(ctx, p);
if (!name) {
diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c
index f4cb424527..81b2ea5d68 100644
--- a/source3/rpc_client/cli_pipe.c
+++ b/source3/rpc_client/cli_pipe.c
@@ -2596,7 +2596,7 @@ struct rpc_pipe_client *cli_rpc_pipe_open_ntlmssp_auth_schannel(struct cli_state
const char *password,
NTSTATUS *perr)
{
- uint32 neg_flags = NETLOGON_NEG_AUTH2_FLAGS|NETLOGON_NEG_SCHANNEL;
+ uint32 neg_flags = NETLOGON_NEG_SELECT_AUTH2_FLAGS|NETLOGON_NEG_SCHANNEL;
struct rpc_pipe_client *netlogon_pipe = NULL;
struct rpc_pipe_client *result = NULL;
@@ -2630,7 +2630,7 @@ struct rpc_pipe_client *cli_rpc_pipe_open_schannel(struct cli_state *cli,
const char *domain,
NTSTATUS *perr)
{
- uint32 neg_flags = NETLOGON_NEG_AUTH2_FLAGS|NETLOGON_NEG_SCHANNEL;
+ uint32 neg_flags = NETLOGON_NEG_SELECT_AUTH2_FLAGS|NETLOGON_NEG_SCHANNEL;
struct rpc_pipe_client *netlogon_pipe = NULL;
struct rpc_pipe_client *result = NULL;
diff --git a/source3/rpc_client/cli_samr.c b/source3/rpc_client/cli_samr.c
index bf8313816c..7cf8726052 100644
--- a/source3/rpc_client/cli_samr.c
+++ b/source3/rpc_client/cli_samr.c
@@ -1643,7 +1643,7 @@ NTSTATUS rpccli_samr_lookup_names(struct rpc_pipe_client *cli, TALLOC_CTX *mem_c
NTSTATUS rpccli_samr_create_dom_user(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
POLICY_HND *domain_pol, const char *acct_name,
- uint32 acb_info, uint32 access_mask,
+ uint32 acb_info, uint32 acct_flags,
POLICY_HND *user_pol, uint32 *rid)
{
prs_struct qbuf, rbuf;
@@ -1658,7 +1658,7 @@ NTSTATUS rpccli_samr_create_dom_user(struct rpc_pipe_client *cli, TALLOC_CTX *me
/* Marshall data and send request */
- init_samr_q_create_user(&q, domain_pol, acct_name, acb_info, access_mask);
+ init_samr_q_create_user(&q, domain_pol, acct_name, acb_info, acct_flags);
CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CREATE_USER,
q, r,
diff --git a/source3/rpc_parse/parse_samr.c b/source3/rpc_parse/parse_samr.c
index 614a80dd6f..23add3dffd 100644
--- a/source3/rpc_parse/parse_samr.c
+++ b/source3/rpc_parse/parse_samr.c
@@ -5172,7 +5172,7 @@ reads or writes a structure.
void init_samr_q_create_user(SAMR_Q_CREATE_USER * q_u,
POLICY_HND *pol,
const char *name,
- uint32 acb_info, uint32 access_mask)
+ uint32 acb_info, uint32 acct_flags)
{
DEBUG(5, ("samr_init_samr_q_create_user\n"));
@@ -5182,7 +5182,7 @@ void init_samr_q_create_user(SAMR_Q_CREATE_USER * q_u,
init_uni_hdr(&q_u->hdr_name, &q_u->uni_name);
q_u->acb_info = acb_info;
- q_u->access_mask = access_mask;
+ q_u->acct_flags = acct_flags;
}
/*******************************************************************
@@ -5213,7 +5213,7 @@ bool samr_io_q_create_user(const char *desc, SAMR_Q_CREATE_USER * q_u,
return False;
if(!prs_uint32("acb_info ", ps, depth, &q_u->acb_info))
return False;
- if(!prs_uint32("access_mask", ps, depth, &q_u->access_mask))
+ if(!prs_uint32("acct_flags", ps, depth, &q_u->acct_flags))
return False;
return True;
diff --git a/source3/rpcclient/cmd_samr.c b/source3/rpcclient/cmd_samr.c
index 171027fa49..5b42c6bc0e 100644
--- a/source3/rpcclient/cmd_samr.c
+++ b/source3/rpcclient/cmd_samr.c
@@ -1450,7 +1450,7 @@ static NTSTATUS cmd_samr_create_dom_user(struct rpc_pipe_client *cli,
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
const char *acct_name;
uint32 acb_info;
- uint32 user_rid;
+ uint32 acct_flags, user_rid;
uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
if ((argc < 2) || (argc > 3)) {
@@ -1459,7 +1459,7 @@ static NTSTATUS cmd_samr_create_dom_user(struct rpc_pipe_client *cli,
}
acct_name = argv[1];
-
+
if (argc > 2)
sscanf(argv[2], "%x", &access_mask);
@@ -1483,10 +1483,13 @@ static NTSTATUS cmd_samr_create_dom_user(struct rpc_pipe_client *cli,
/* Create domain user */
acb_info = ACB_NORMAL;
- access_mask = 0xe005000b;
+ acct_flags = SAMR_GENERIC_READ | SAMR_GENERIC_WRITE |
+ SAMR_GENERIC_EXECUTE | SAMR_STANDARD_WRITEDAC |
+ SAMR_STANDARD_DELETE | SAMR_USER_SETPASS |
+ SAMR_USER_GETATTR | SAMR_USER_SETATTR;
result = rpccli_samr_create_dom_user(cli, mem_ctx, &domain_pol,
- acct_name, acb_info, access_mask,
+ acct_name, acb_info, acct_flags,
&user_pol, &user_rid);
if (!NT_STATUS_IS_OK(result))
diff --git a/source3/rpcclient/cmd_spoolss.c b/source3/rpcclient/cmd_spoolss.c
index a7969bddd1..d98cb99276 100644
--- a/source3/rpcclient/cmd_spoolss.c
+++ b/source3/rpcclient/cmd_spoolss.c
@@ -1222,9 +1222,10 @@ void set_drv_info_3_env (DRIVER_INFO_3 *info, const char *arch)
static char* get_driver_3_param (char* str, const char* delim, UNISTR* dest)
{
char *ptr;
+ char *saveptr;
/* get the next token */
- ptr = strtok(str, delim);
+ ptr = strtok_r(str, delim, &saveptr);
/* a string of 'NULL' is used to represent an empty
parameter because two consecutive delimiters
@@ -1251,7 +1252,8 @@ static bool init_drv_info_3_members ( TALLOC_CTX *mem_ctx, DRIVER_INFO_3 *info,
{
char *str, *str2;
uint32 len, i;
-
+ char *saveptr;
+
/* fill in the UNISTR fields */
str = get_driver_3_param (args, ":", &info->name);
str = get_driver_3_param (NULL, ":", &info->driverpath);
@@ -1266,13 +1268,13 @@ static bool init_drv_info_3_members ( TALLOC_CTX *mem_ctx, DRIVER_INFO_3 *info,
str = str2;
/* begin to strip out each filename */
- str = strtok(str, ",");
+ str = strtok_r(str, ",", &saveptr);
len = 0;
while (str != NULL)
{
/* keep a cumlative count of the str lengths */
len += strlen(str)+1;
- str = strtok(NULL, ",");
+ str = strtok_r(NULL, ",", &saveptr);
}
/* allocate the space; add one extra slot for a terminating NULL.
diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c
index 081e0fb15e..7b499918b0 100644
--- a/source3/rpcclient/rpcclient.c
+++ b/source3/rpcclient/rpcclient.c
@@ -605,7 +605,7 @@ static NTSTATUS do_cmd(struct cli_state *cli,
}
if (cmd_entry->pipe_idx == PI_NETLOGON) {
- uint32 neg_flags = NETLOGON_NEG_AUTH2_FLAGS;
+ uint32 neg_flags = NETLOGON_NEG_SELECT_AUTH2_FLAGS;
uint32 sec_channel_type;
uchar trust_password[16];
diff --git a/source3/services/services_db.c b/source3/services/services_db.c
index b1daae4df8..d4e144d5ff 100644
--- a/source3/services/services_db.c
+++ b/source3/services/services_db.c
@@ -526,7 +526,7 @@ SEC_DESC *svcctl_get_secdesc( TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN *
SAFE_FREE(path);
if ( !(values = TALLOC_ZERO_P( key, REGVAL_CTR )) ) {
- DEBUG(0,("add_new_svc_name: talloc() failed!\n"));
+ DEBUG(0,("svcctl_get_secdesc: talloc() failed!\n"));
TALLOC_FREE( key );
return NULL;
}
@@ -582,7 +582,7 @@ bool svcctl_set_secdesc( TALLOC_CTX *ctx, const char *name, SEC_DESC *sec_desc,
SAFE_FREE(path);
if ( !(values = TALLOC_ZERO_P( key, REGVAL_CTR )) ) {
- DEBUG(0,("add_new_svc_name: talloc() failed!\n"));
+ DEBUG(0,("svcctl_set_secdesc: talloc() failed!\n"));
TALLOC_FREE( key );
return False;
}
diff --git a/source3/smbd/msdfs.c b/source3/smbd/msdfs.c
index 4ae735633b..8ffa0f7751 100644
--- a/source3/smbd/msdfs.c
+++ b/source3/smbd/msdfs.c
@@ -288,12 +288,13 @@ static bool parse_msdfs_symlink(TALLOC_CTX *ctx,
char **alt_path = NULL;
int count = 0, i;
struct referral *reflist;
+ char *saveptr;
temp = talloc_strdup(ctx, target);
if (!temp) {
return False;
}
- prot = strtok(temp,":");
+ prot = strtok_r(temp, ":", &saveptr);
if (!prot) {
DEBUG(0,("parse_msdfs_symlink: invalid path !\n"));
return False;
@@ -306,7 +307,7 @@ static bool parse_msdfs_symlink(TALLOC_CTX *ctx,
/* parse out the alternate paths */
while((count<MAX_REFERRAL_COUNT) &&
- ((alt_path[count] = strtok(NULL,",")) != NULL)) {
+ ((alt_path[count] = strtok_r(NULL, ",", &saveptr)) != NULL)) {
count++;
}
diff --git a/source3/smbd/open.c b/source3/smbd/open.c
index 9fca38e3ed..aa4bc48f3d 100644
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -3034,8 +3034,7 @@ NTSTATUS create_file(connection_struct *conn,
goto fail;
}
- SET_STAT_INVALID(sbuf);
-
+ ZERO_STRUCT(sbuf);
goto done;
}
}
diff --git a/source3/smbd/password.c b/source3/smbd/password.c
index 6b517c3d86..85e1ccf0a7 100644
--- a/source3/smbd/password.c
+++ b/source3/smbd/password.c
@@ -759,6 +759,7 @@ bool authorise_login(int snum, fstring user, DATA_BLOB password,
if (!ok) {
char *auser;
char *user_list = NULL;
+ char *saveptr;
if ( session_userlist )
user_list = SMB_STRDUP(session_userlist);
@@ -768,8 +769,9 @@ bool authorise_login(int snum, fstring user, DATA_BLOB password,
if (!user_list)
return(False);
- for (auser=strtok(user_list,LIST_SEP); !ok && auser;
- auser = strtok(NULL,LIST_SEP)) {
+ for (auser = strtok_r(user_list, LIST_SEP, &saveptr);
+ !ok && auser;
+ auser = strtok_r(NULL, LIST_SEP, &saveptr)) {
fstring user2;
fstrcpy(user2,auser);
if (!user_ok(user2,snum))
@@ -792,6 +794,7 @@ bool authorise_login(int snum, fstring user, DATA_BLOB password,
TALLOC_CTX *ctx = talloc_tos();
char *auser;
char *user_list = talloc_strdup(ctx, lp_username(snum));
+ char *saveptr;
if (!user_list) {
goto check_guest;
@@ -806,8 +809,9 @@ bool authorise_login(int snum, fstring user, DATA_BLOB password,
goto check_guest;
}
- for (auser=strtok(user_list,LIST_SEP); auser && !ok;
- auser = strtok(NULL,LIST_SEP)) {
+ for (auser = strtok_r(user_list, LIST_SEP, &saveptr);
+ auser && !ok;
+ auser = strtok_r(NULL, LIST_SEP, &saveptr)) {
if (*auser == '@') {
auser = validate_group(auser+1,password,snum);
if (auser) {
diff --git a/source3/smbd/process.c b/source3/smbd/process.c
index a5bdb96650..d961f98cc0 100644
--- a/source3/smbd/process.c
+++ b/source3/smbd/process.c
@@ -23,7 +23,6 @@
extern struct auth_context *negprot_global_auth_context;
extern int smb_echo_count;
-const int total_buffer_size = (BUFFER_SIZE + LARGE_WRITEX_HDR_SIZE + SAFETY_MARGIN);
static enum smb_read_errors smb_read_error = SMB_READ_OK;
/*
@@ -156,16 +155,8 @@ static ssize_t read_packet_remainder(int fd,
return len;
}
- if (timeout > 0) {
- ret = read_socket_with_timeout(fd,
- buffer,
- len,
- len,
- timeout,
- get_srv_read_error());
- } else {
- ret = read_data(fd, buffer, len, get_srv_read_error());
- }
+ ret = read_socket_with_timeout(fd, buffer, len, len, timeout,
+ get_srv_read_error());
if (ret != len) {
cond_set_smb_read_error(get_srv_read_error(),
@@ -207,19 +198,10 @@ static ssize_t receive_smb_raw_talloc_partial_read(TALLOC_CTX *mem_ctx,
memcpy(writeX_header, lenbuf, sizeof(lenbuf));
- if (timeout > 0) {
- ret = read_socket_with_timeout(fd,
- writeX_header + 4,
- STANDARD_WRITE_AND_X_HEADER_SIZE,
- STANDARD_WRITE_AND_X_HEADER_SIZE,
- timeout,
- get_srv_read_error());
- } else {
- ret = read_data(fd,
- writeX_header+4,
- STANDARD_WRITE_AND_X_HEADER_SIZE,
- get_srv_read_error());
- }
+ ret = read_socket_with_timeout(fd, writeX_header + 4,
+ STANDARD_WRITE_AND_X_HEADER_SIZE,
+ STANDARD_WRITE_AND_X_HEADER_SIZE,
+ timeout, get_srv_read_error());
if (ret != STANDARD_WRITE_AND_X_HEADER_SIZE) {
cond_set_smb_read_error(get_srv_read_error(),
diff --git a/source3/smbd/service.c b/source3/smbd/service.c
index ed8061e2f7..a8aa25405a 100644
--- a/source3/smbd/service.c
+++ b/source3/smbd/service.c
@@ -1171,16 +1171,8 @@ static connection_struct *make_connection_snum(int snum, user_struct *vuser,
* assumes that all the filesystem mounted withing a share path have
* the same characteristics, which is likely but not guaranteed.
*/
- {
- vfs_statvfs_struct svfs;
-
- conn->fs_capabilities =
- FILE_CASE_SENSITIVE_SEARCH | FILE_CASE_PRESERVED_NAMES;
- if (SMB_VFS_STATVFS(conn, conn->connectpath, &svfs) == 0) {
- conn->fs_capabilities = svfs.FsCapabilities;
- }
- }
+ conn->fs_capabilities = SMB_VFS_FS_CAPABILITIES(conn);
/*
* Print out the 'connected as' stuff here as we need
diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c
index 9c48cdfbba..fb845220cd 100644
--- a/source3/smbd/trans2.c
+++ b/source3/smbd/trans2.c
@@ -105,9 +105,13 @@ static bool samba_private_attr_name(const char *unix_ea_name)
for (i = 0; prohibited_ea_names[i]; i++) {
if (strequal( prohibited_ea_names[i], unix_ea_name))
- return True;
+ return true;
}
- return False;
+ if (StrnCaseCmp(unix_ea_name, SAMBA_XATTR_DOSSTREAM_PREFIX,
+ strlen(SAMBA_XATTR_DOSSTREAM_PREFIX)) == 0) {
+ return true;
+ }
+ return false;
}
/****************************************************************************
@@ -210,7 +214,7 @@ NTSTATUS get_ea_names_from_file(TALLOC_CTX *mem_ctx, connection_struct *conn,
ea_namelist_size);
}
- if ((sizeret == -1) && (errno = ERANGE)) {
+ if ((sizeret == -1) && (errno == ERANGE)) {
ea_namelist_size *= 2;
}
else {
@@ -2455,6 +2459,40 @@ unsigned char *create_volume_objectid(connection_struct *conn, unsigned char obj
return objid;
}
+static void samba_extended_info_version(struct smb_extended_info *extended_info)
+{
+ SMB_ASSERT(extended_info != NULL);
+
+ extended_info->samba_magic = SAMBA_EXTENDED_INFO_MAGIC;
+ extended_info->samba_version = ((SAMBA_VERSION_MAJOR & 0xff) << 24)
+ | ((SAMBA_VERSION_MINOR & 0xff) << 16)
+ | ((SAMBA_VERSION_RELEASE & 0xff) << 8);
+#ifdef SAMBA_VERSION_REVISION
+ extended_info->samba_version |= (tolower(*SAMBA_VERSION_REVISION) - 'a' + 1) & 0xff;
+#endif
+#ifdef SAMBA_VERSION_RC_RELEASE
+ extended_info->samba_subversion |= (SAMBA_VERSION_RC_RELEASE & 0xff) << 24;
+#else
+#ifdef SAMBA_VERSION_PRE_RELEASE
+ extended_info->samba_subversion |= (SAMBA_VERSION_PRE_RELEASE & 0xff) << 16;
+#endif
+#endif
+#ifdef SAMBA_VERSION_VENDOR_PATCH
+ extended_info->samba_subversion |= (SAMBA_VERSION_VENDOR_PATCH & 0xffff);
+#endif
+ /* FIXME: samba_gitcommitdate should contain the git commit date. */
+#ifdef SAMBA_VERSION_GIT_COMMIT_TIME
+ unix_to_nt_time(&extended_info->samba_gitcommitdate, SAMBA_VERSION_GIT_COMMIT_TIME);
+#endif
+
+ memset(extended_info->samba_version_string, 0,
+ sizeof(extended_info->samba_version_string));
+
+ snprintf (extended_info->samba_version_string,
+ sizeof(extended_info->samba_version_string),
+ "%s", samba_version_string());
+}
+
/****************************************************************************
Reply to a TRANS2_QFSINFO (query filesystem info).
****************************************************************************/
@@ -2793,7 +2831,14 @@ cBytesSector=%u, cUnitTotal=%u, cUnitAvail=%d\n", (unsigned int)bsize, (unsigned
case SMB_FS_OBJECTID_INFORMATION:
{
unsigned char objid[16];
+ struct smb_extended_info extended_info;
memcpy(pdata,create_volume_objectid(conn, objid),16);
+ samba_extended_info_version (&extended_info);
+ SIVAL(pdata,16,extended_info.samba_magic);
+ SIVAL(pdata,20,extended_info.samba_version);
+ SIVAL(pdata,24,extended_info.samba_subversion);
+ SBIG_UINT(pdata,28,extended_info.samba_gitcommitdate);
+ memcpy(pdata+36,extended_info.samba_version_string,28);
data_len = 64;
break;
}
diff --git a/source3/smbd/utmp.c b/source3/smbd/utmp.c
index e82bbea3b3..5931b2b1d0 100644
--- a/source3/smbd/utmp.c
+++ b/source3/smbd/utmp.c
@@ -223,7 +223,7 @@ static char *uw_pathname(TALLOC_CTX *ctx,
}
/* For u-files and non-explicit w-dir, look for "utmp dir" */
- if (!dirname == 0 || strlen(dirname) == 0) {
+ if ((dirname == NULL) || (strlen(dirname) == 0)) {
dirname = talloc_strdup(ctx, lp_utmpdir());
if (!dirname) {
return NULL;
diff --git a/source3/torture/torture.c b/source3/torture/torture.c
index 070474cf6f..8d67e512fe 100644
--- a/source3/torture/torture.c
+++ b/source3/torture/torture.c
@@ -890,6 +890,7 @@ static bool run_netbench(int client)
}
while (fgets(line, sizeof(line)-1, f)) {
+ char *saveptr;
line_count++;
line[strlen(line)-1] = 0;
@@ -899,9 +900,9 @@ static bool run_netbench(int client)
all_string_sub(line,"client1", cname, sizeof(line));
/* parse the command parameters */
- params[0] = strtok(line," ");
+ params[0] = strtok_r(line, " ", &saveptr);
i = 0;
- while (params[i]) params[++i] = strtok(NULL," ");
+ while (params[i]) params[++i] = strtok_r(NULL, " ", &saveptr);
params[i] = "";
diff --git a/source3/utils/net_domain.c b/source3/utils/net_domain.c
index da5e61caf0..a98f090e62 100644
--- a/source3/utils/net_domain.c
+++ b/source3/utils/net_domain.c
@@ -208,6 +208,7 @@ NTSTATUS netdom_join_domain( TALLOC_CTX *mem_ctx, struct cli_state *cli,
uint32 num_rids, *name_types, *user_rids;
uint32 flags = 0x3e8;
uint32 acb_info = ACB_WSTRUST;
+ uint32 acct_flags;
uint32 fields_present;
uchar pwbuf[532];
SAM_USERINFO_CTR ctr;
@@ -245,8 +246,13 @@ NTSTATUS netdom_join_domain( TALLOC_CTX *mem_ctx, struct cli_state *cli,
/* Don't try to set any acb_info flags other than ACB_WSTRUST */
+ acct_flags = SAMR_GENERIC_READ | SAMR_GENERIC_WRITE |
+ SAMR_GENERIC_EXECUTE | SAMR_STANDARD_WRITEDAC |
+ SAMR_STANDARD_DELETE | SAMR_USER_SETPASS | SAMR_USER_GETATTR |
+ SAMR_USER_SETATTR;
+ DEBUG(10, ("Creating account with flags: %d\n",acct_flags));
status = rpccli_samr_create_dom_user(pipe_hnd, mem_ctx, &domain_pol,
- acct_name, acb_info, 0xe005000b, &user_pol, &user_rid);
+ acct_name, acb_info, acct_flags, &user_pol, &user_rid);
if ( !NT_STATUS_IS_OK(status)
&& !NT_STATUS_EQUAL(status, NT_STATUS_USER_EXISTS))
diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c
index 677924649c..b08a93627d 100644
--- a/source3/utils/net_rpc.c
+++ b/source3/utils/net_rpc.c
@@ -588,7 +588,7 @@ static NTSTATUS rpc_user_add_internals(const DOM_SID *domain_sid,
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
const char *acct_name;
uint32 acb_info;
- uint32 access_mask, user_rid;
+ uint32 acct_flags, user_rid;
if (argc < 1) {
d_printf("User must be specified\n");
@@ -618,10 +618,13 @@ static NTSTATUS rpc_user_add_internals(const DOM_SID *domain_sid,
/* Create domain user */
acb_info = ACB_NORMAL;
- access_mask = 0xe005000b;
+ acct_flags = SAMR_GENERIC_READ | SAMR_GENERIC_WRITE |
+ SAMR_GENERIC_EXECUTE | SAMR_STANDARD_WRITEDAC |
+ SAMR_STANDARD_DELETE | SAMR_USER_SETPASS | SAMR_USER_GETATTR |
+ SAMR_USER_SETATTR;
result = rpccli_samr_create_dom_user(pipe_hnd, mem_ctx, &domain_pol,
- acct_name, acb_info, access_mask,
+ acct_name, acb_info, acct_flags,
&user_pol, &user_rid);
if (!NT_STATUS_IS_OK(result)) {
goto done;
@@ -5341,7 +5344,8 @@ static NTSTATUS rpc_trustdom_add_internals(const DOM_SID *domain_sid,
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
char *acct_name;
uint32 acb_info;
- uint32 unknown, user_rid;
+ uint32 acct_flags=0;
+ uint32 user_rid;
if (argc != 2) {
d_printf("Usage: net rpc trustdom add <domain_name> <pw>\n");
@@ -5375,11 +5379,13 @@ static NTSTATUS rpc_trustdom_add_internals(const DOM_SID *domain_sid,
/* Create trusting domain's account */
acb_info = ACB_NORMAL;
- unknown = 0xe00500b0; /* No idea what this is - a permission mask?
- mimir: yes, most probably it is */
+ acct_flags = SAMR_GENERIC_READ | SAMR_GENERIC_WRITE |
+ SAMR_GENERIC_EXECUTE | SAMR_STANDARD_WRITEDAC |
+ SAMR_STANDARD_DELETE | SAMR_USER_SETPASS | SAMR_USER_GETATTR |
+ SAMR_USER_SETATTR;
result = rpccli_samr_create_dom_user(pipe_hnd, mem_ctx, &domain_pol,
- acct_name, acb_info, unknown,
+ acct_name, acb_info, acct_flags,
&user_pol, &user_rid);
if (!NT_STATUS_IS_OK(result)) {
goto done;
diff --git a/source3/utils/net_rpc_join.c b/source3/utils/net_rpc_join.c
index 6e37f3c84c..5c3fb2b2ff 100644
--- a/source3/utils/net_rpc_join.c
+++ b/source3/utils/net_rpc_join.c
@@ -45,7 +45,7 @@ NTSTATUS net_rpc_join_ok(const char *domain, const char *server,
{
enum security_types sec;
unsigned int conn_flags = NET_FLAGS_PDC;
- uint32 neg_flags = NETLOGON_NEG_AUTH2_FLAGS|NETLOGON_NEG_SCHANNEL;
+ uint32 neg_flags = NETLOGON_NEG_SELECT_AUTH2_FLAGS|NETLOGON_NEG_SCHANNEL;
struct cli_state *cli = NULL;
struct rpc_pipe_client *pipe_hnd = NULL;
struct rpc_pipe_client *netlogon_pipe = NULL;
@@ -132,7 +132,7 @@ int net_rpc_join_newstyle(int argc, const char **argv)
struct cli_state *cli;
TALLOC_CTX *mem_ctx;
uint32 acb_info = ACB_WSTRUST;
- uint32 neg_flags = NETLOGON_NEG_AUTH2_FLAGS|(lp_client_schannel() ? NETLOGON_NEG_SCHANNEL : 0);
+ uint32 neg_flags = NETLOGON_NEG_SELECT_AUTH2_FLAGS|(lp_client_schannel() ? NETLOGON_NEG_SCHANNEL : 0);
uint32 sec_channel_type;
struct rpc_pipe_client *pipe_hnd = NULL;
@@ -160,6 +160,7 @@ int net_rpc_join_newstyle(int argc, const char **argv)
uint32 flags = 0x3e8;
char *acct_name;
const char *const_acct_name;
+ uint32 acct_flags=0;
/* check what type of join */
if (argc >= 0) {
@@ -249,9 +250,14 @@ int net_rpc_join_newstyle(int argc, const char **argv)
strlower_m(acct_name);
const_acct_name = acct_name;
+ acct_flags = SAMR_GENERIC_READ | SAMR_GENERIC_WRITE |
+ SAMR_GENERIC_EXECUTE | SAMR_STANDARD_WRITEDAC |
+ SAMR_STANDARD_DELETE | SAMR_USER_SETPASS | SAMR_USER_GETATTR |
+ SAMR_USER_SETATTR;
+ DEBUG(10, ("Creating account with flags: %d\n",acct_flags));
result = rpccli_samr_create_dom_user(pipe_hnd, mem_ctx, &domain_pol,
acct_name, acb_info,
- 0xe005000b, &user_pol,
+ acct_flags, &user_pol,
&user_rid);
if (!NT_STATUS_IS_OK(result) &&
diff --git a/source3/utils/net_rpc_samsync.c b/source3/utils/net_rpc_samsync.c
index d0fcfe3aeb..e1f0cd3751 100644
--- a/source3/utils/net_rpc_samsync.c
+++ b/source3/utils/net_rpc_samsync.c
@@ -237,7 +237,7 @@ NTSTATUS rpc_samdump_internals(const DOM_SID *domain_sid,
NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
uchar trust_password[16];
- uint32 neg_flags = NETLOGON_NEG_AUTH2_FLAGS;
+ uint32 neg_flags = NETLOGON_NEG_SELECT_AUTH2_FLAGS;
uint32 sec_channel_type = 0;
if (!secrets_fetch_trust_account_password(domain_name,
diff --git a/source3/web/cgi.c b/source3/web/cgi.c
index 07a6fbcf54..c6233b0869 100644
--- a/source3/web/cgi.c
+++ b/source3/web/cgi.c
@@ -164,7 +164,9 @@ void cgi_load_variables(void)
open("/dev/null", O_RDWR);
if ((s=query_string) || (s=getenv("QUERY_STRING"))) {
- for (tok=strtok(s,"&;");tok;tok=strtok(NULL,"&;")) {
+ char *saveptr;
+ for (tok=strtok_r(s, "&;", &saveptr); tok;
+ tok=strtok_r(NULL, "&;", &saveptr)) {
p = strchr_m(tok,'=');
if (!p) continue;
diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c
index ef159f0670..dbc664da8c 100644
--- a/source3/winbindd/winbindd_cm.c
+++ b/source3/winbindd/winbindd_cm.c
@@ -694,11 +694,15 @@ static NTSTATUS get_trust_creds(const struct winbindd_domain *domain,
/* this is at least correct when domain is our domain,
* which is the only case, when this is currently used: */
- if ((machine_krb5_principal != NULL) &&
- (asprintf(machine_krb5_principal, "%s$@%s", account_name,
- domain->alt_name) == -1))
+ if (machine_krb5_principal != NULL)
{
- return NT_STATUS_NO_MEMORY;
+ if (asprintf(machine_krb5_principal, "%s$@%s",
+ account_name, domain->alt_name) == -1)
+ {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ strupper_m(*machine_krb5_principal);
}
return NT_STATUS_OK;
@@ -2298,7 +2302,7 @@ NTSTATUS cm_connect_netlogon(struct winbindd_domain *domain,
struct winbindd_cm_conn *conn;
NTSTATUS result;
- uint32 neg_flags = NETLOGON_NEG_AUTH2_FLAGS;
+ uint32 neg_flags = NETLOGON_NEG_SELECT_AUTH2_FLAGS;
uint8 mach_pwd[16];
uint32 sec_chan_type;
const char *account_name;
diff --git a/source3/winbindd/winbindd_dual.c b/source3/winbindd/winbindd_dual.c
index 778886d8e2..e21524689b 100644
--- a/source3/winbindd/winbindd_dual.c
+++ b/source3/winbindd/winbindd_dual.c
@@ -480,7 +480,6 @@ void winbind_child_died(pid_t pid)
child->event.fd = 0;
child->event.flags = 0;
child->pid = 0;
- SAFE_FREE(child->logfilename);
schedule_async_request(child);
}
diff --git a/source3/winbindd/winbindd_util.c b/source3/winbindd/winbindd_util.c
index dc48fdef8b..0381053331 100644
--- a/source3/winbindd/winbindd_util.c
+++ b/source3/winbindd/winbindd_util.c
@@ -41,7 +41,7 @@ extern struct winbindd_methods passdb_methods;
individual winbindd_domain structures cannot be made. Keep a copy of
the domain name instead. */
-static struct winbindd_domain *_domain_list;
+static struct winbindd_domain *_domain_list = NULL;
/**
When was the last scan of trusted domains done?