diff options
Diffstat (limited to 'source3/lib')
-rw-r--r-- | source3/lib/ctdbd_conn.c | 1 | ||||
-rw-r--r-- | source3/lib/fault.c | 16 | ||||
-rw-r--r-- | source3/lib/g_lock.c | 1 | ||||
-rw-r--r-- | source3/lib/netapi/examples/netlogon/nltest.c | 22 | ||||
-rw-r--r-- | source3/lib/netapi/group.c | 5 | ||||
-rw-r--r-- | source3/lib/netapi/localgroup.c | 5 | ||||
-rw-r--r-- | source3/lib/netapi/netlogon.c | 4 | ||||
-rw-r--r-- | source3/lib/netapi/user.c | 15 | ||||
-rw-r--r-- | source3/lib/secdesc.c | 9 | ||||
-rw-r--r-- | source3/lib/smbconf/smbconf_reg.c | 1 | ||||
-rw-r--r-- | source3/lib/util.c | 50 | ||||
-rw-r--r-- | source3/lib/util_nttoken.c | 3 | ||||
-rw-r--r-- | source3/lib/util_sid.c | 111 | ||||
-rw-r--r-- | source3/lib/util_sock.c | 1 |
14 files changed, 66 insertions, 178 deletions
diff --git a/source3/lib/ctdbd_conn.c b/source3/lib/ctdbd_conn.c index ff286148eb..e0682f3a74 100644 --- a/source3/lib/ctdbd_conn.c +++ b/source3/lib/ctdbd_conn.c @@ -24,6 +24,7 @@ #include "librpc/gen_ndr/messaging.h" #include "librpc/gen_ndr/ndr_messaging.h" +#include "ctdbd_conn.h" /* paths to these include files come from --with-ctdb= in configure */ #include "ctdb.h" diff --git a/source3/lib/fault.c b/source3/lib/fault.c index 02e054b680..dd87ae1100 100644 --- a/source3/lib/fault.c +++ b/source3/lib/fault.c @@ -319,14 +319,6 @@ void dump_core_setup(const char *progname) #endif #endif -#if defined(HAVE_PRCTL) && defined(PR_SET_DUMPABLE) - /* On Linux we lose the ability to dump core when we change our user - * ID. We know how to dump core safely, so let's make sure we have our - * dumpable flag set. - */ - prctl(PR_SET_DUMPABLE, 1); -#endif - /* FIXME: if we have a core-plus-pid facility, configurably set * this up here. */ @@ -382,6 +374,14 @@ void dump_core_setup(const char *progname) umask(~(0700)); dbgflush(); +#if defined(HAVE_PRCTL) && defined(PR_SET_DUMPABLE) + /* On Linux we lose the ability to dump core when we change our user + * ID. We know how to dump core safely, so let's make sure we have our + * dumpable flag set. + */ + prctl(PR_SET_DUMPABLE, 1); +#endif + /* Ensure we don't have a signal handler for abort. */ #ifdef SIGABRT CatchSignal(SIGABRT, SIG_DFL); diff --git a/source3/lib/g_lock.c b/source3/lib/g_lock.c index 6e4c6d796c..edb77869cc 100644 --- a/source3/lib/g_lock.c +++ b/source3/lib/g_lock.c @@ -20,6 +20,7 @@ #include "includes.h" #include "g_lock.h" #include "librpc/gen_ndr/messaging.h" +#include "ctdbd_conn.h" static NTSTATUS g_lock_force_unlock(struct g_lock_ctx *ctx, const char *name, struct server_id pid); diff --git a/source3/lib/netapi/examples/netlogon/nltest.c b/source3/lib/netapi/examples/netlogon/nltest.c index e3ced90a20..0c393ea3be 100644 --- a/source3/lib/netapi/examples/netlogon/nltest.c +++ b/source3/lib/netapi/examples/netlogon/nltest.c @@ -58,7 +58,8 @@ enum { OPT_SITE, OPT_ACCOUNT, OPT_RET_DNS, - OPT_RET_NETBIOS + OPT_RET_NETBIOS, + OPT_DSREGDNS }; /**************************************************************** @@ -207,6 +208,7 @@ int main(int argc, const char **argv) char *opt_account = NULL; int opt_ret_dns = 0; int opt_ret_netbios = 0; + int opt_dsregdns = 0; uint32_t query_level = 0; uint8_t *buffer = NULL; uint32_t flags = 0; @@ -244,6 +246,7 @@ int main(int argc, const char **argv) {"account", 0, POPT_ARG_STRING, &opt_account, OPT_ACCOUNT, "ACCOUNT"}, {"ret_dns", 0, POPT_ARG_NONE, &opt_ret_dns, OPT_RET_DNS, NULL}, {"ret_netbios", 0, POPT_ARG_NONE, &opt_ret_netbios, OPT_RET_NETBIOS, NULL}, + {"dsregdns", 0, POPT_ARG_NONE, &opt_dsregdns, OPT_DSREGDNS, "Force registration of all DC-specific DNS records"}, POPT_COMMON_LIBNETAPI_EXAMPLES POPT_TABLEEND }; @@ -363,6 +366,23 @@ int main(int argc, const char **argv) print_netlogon_info_result(query_level, buffer); break; + case OPT_DSREGDNS: + query_level = 1; + status = I_NetLogonControl2(opt_server, + NETLOGON_CONTROL_FORCE_DNS_REG, + query_level, + NULL, + &buffer); + if (status != 0) { + fprintf(stderr, "I_NetlogonControl failed: Status = %d 0x%x %s\n", + status, status, + libnetapi_get_error_string(ctx, status)); + goto done; + } + + print_netlogon_info_result(query_level, buffer); + + break; case OPT_DSGETDC: if (opt_pdc) flags |= DS_PDC_REQUIRED; diff --git a/source3/lib/netapi/group.c b/source3/lib/netapi/group.c index 53114b5d7d..6a926953c0 100644 --- a/source3/lib/netapi/group.c +++ b/source3/lib/netapi/group.c @@ -25,6 +25,7 @@ #include "lib/netapi/libnetapi.h" #include "../librpc/gen_ndr/cli_samr.h" #include "rpc_client/init_lsa.h" +#include "../libcli/security/dom_sid.h" /**************************************************************** ****************************************************************/ @@ -603,7 +604,7 @@ static WERROR map_group_info_to_buffer(TALLOC_CTX *mem_ctx, info3.grpi3_name = info->name.string; info3.grpi3_comment = info->description.string; info3.grpi3_attributes = info->attributes; - info3.grpi3_group_sid = (struct domsid *)sid_dup_talloc(mem_ctx, &sid); + info3.grpi3_group_sid = (struct domsid *)dom_sid_dup(mem_ctx, &sid); *buffer = (uint8_t *)talloc_memdup(mem_ctx, &info3, sizeof(info3)); @@ -1086,7 +1087,7 @@ static WERROR convert_samr_disp_groups_to_GROUP_INFO_3_buffer(TALLOC_CTX *mem_ct groups->entries[i].account_name.string); g3[i].grpi3_comment = talloc_strdup(mem_ctx, groups->entries[i].description.string); - g3[i].grpi3_group_sid = (struct domsid *)sid_dup_talloc(mem_ctx, &sid); + g3[i].grpi3_group_sid = (struct domsid *)dom_sid_dup(mem_ctx, &sid); g3[i].grpi3_attributes = groups->entries[i].acct_flags; W_ERROR_HAVE_NO_MEMORY(g3[i].grpi3_name); } diff --git a/source3/lib/netapi/localgroup.c b/source3/lib/netapi/localgroup.c index 69cf974225..c9e1b722bd 100644 --- a/source3/lib/netapi/localgroup.c +++ b/source3/lib/netapi/localgroup.c @@ -27,6 +27,7 @@ #include "../librpc/gen_ndr/cli_lsa.h" #include "rpc_client/cli_lsarpc.h" #include "rpc_client/init_lsa.h" +#include "../libcli/security/dom_sid.h" static NTSTATUS libnetapi_samr_lookup_and_open_alias(TALLOC_CTX *mem_ctx, struct rpc_pipe_client *pipe_cli, @@ -1171,7 +1172,7 @@ static WERROR NetLocalGroupModifyMembers_r(struct libnetapi_ctx *ctx, for (i=0; i < r->in.total_entries; i++) { bool already_member = false; for (k=0; k < current_sids.num_sids; k++) { - if (sid_equal(&member_sids[i], + if (dom_sid_equal(&member_sids[i], current_sids.sids[k].sid)) { already_member = true; break; @@ -1193,7 +1194,7 @@ static WERROR NetLocalGroupModifyMembers_r(struct libnetapi_ctx *ctx, for (k=0; k < current_sids.num_sids; k++) { bool keep_member = false; for (i=0; i < r->in.total_entries; i++) { - if (sid_equal(&member_sids[i], + if (dom_sid_equal(&member_sids[i], current_sids.sids[k].sid)) { keep_member = true; break; diff --git a/source3/lib/netapi/netlogon.c b/source3/lib/netapi/netlogon.c index d58b7ccf67..932ab8bb1d 100644 --- a/source3/lib/netapi/netlogon.c +++ b/source3/lib/netapi/netlogon.c @@ -43,6 +43,9 @@ static WERROR construct_data(enum netr_LogonControlCode function_code, case NETLOGON_CONTROL_SET_DBFLAG: data_out->debug_level = atoi((const char *)data_in); break; + case NETLOGON_CONTROL_FORCE_DNS_REG: + ZERO_STRUCTP(data_out); + break; default: return WERR_INVALID_PARAM; } @@ -193,6 +196,7 @@ WERROR I_NetLogonControl2_r(struct libnetapi_ctx *ctx, switch (r->in.function_code) { case NETLOGON_CONTROL_TC_VERIFY: case NETLOGON_CONTROL_SET_DBFLAG: + case NETLOGON_CONTROL_FORCE_DNS_REG: status = rpccli_netr_LogonControl2Ex(pipe_cli, ctx, r->in.server_name, r->in.function_code, diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 67a7443cd4..de0fc7da6e 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -27,6 +27,7 @@ #include "rpc_client/init_samr.h" #include "../libds/common/flags.h" #include "rpc_client/init_lsa.h" +#include "../libcli/security/dom_sid.h" /**************************************************************** ****************************************************************/ @@ -705,12 +706,12 @@ static NTSTATUS libnetapi_samr_lookup_user(TALLOC_CTX *mem_ctx, for (i=0; i<rid_array->count; i++) { sid_compose(&sid, domain_sid, rid_array->rids[i].rid); - sid_array.sids[i].sid = sid_dup_talloc(mem_ctx, &sid); + sid_array.sids[i].sid = dom_sid_dup(mem_ctx, &sid); NT_STATUS_HAVE_NO_MEMORY(sid_array.sids[i].sid); } sid_compose(&sid, domain_sid, rid); - sid_array.sids[i].sid = sid_dup_talloc(mem_ctx, &sid); + sid_array.sids[i].sid = dom_sid_dup(mem_ctx, &sid); NT_STATUS_HAVE_NO_MEMORY(sid_array.sids[i].sid); status = rpccli_samr_GetAliasMembership(pipe_cli, mem_ctx, @@ -923,7 +924,7 @@ static NTSTATUS info21_to_USER_INFO_4(TALLOC_CTX *mem_ctx, if (!sid_compose(&sid, domain_sid, i21->rid)) { return NT_STATUS_NO_MEMORY; } - i->usri4_user_sid = (struct domsid *)sid_dup_talloc(mem_ctx, &sid); + i->usri4_user_sid = (struct domsid *)dom_sid_dup(mem_ctx, &sid); i->usri4_primary_group_id = i21->primary_gid; i->usri4_profile = talloc_strdup(mem_ctx, i21->profile_path.string); i->usri4_home_dir_drive = talloc_strdup(mem_ctx, i21->home_drive.string); @@ -1024,7 +1025,7 @@ static NTSTATUS info21_to_USER_INFO_23(TALLOC_CTX *mem_ctx, if (!sid_compose(&sid, domain_sid, i21->rid)) { return NT_STATUS_NO_MEMORY; } - i->usri23_user_sid = (struct domsid *)sid_dup_talloc(mem_ctx, &sid); + i->usri23_user_sid = (struct domsid *)dom_sid_dup(mem_ctx, &sid); return NT_STATUS_OK; } @@ -2066,7 +2067,7 @@ static NTSTATUS query_USER_MODALS_INFO_2(TALLOC_CTX *mem_ctx, info2->usrmod2_domain_name = talloc_strdup(mem_ctx, dom_info5.domain_name.string); info2->usrmod2_domain_id = - (struct domsid *)sid_dup_talloc(mem_ctx, domain_sid); + (struct domsid *)dom_sid_dup(mem_ctx, domain_sid); NT_STATUS_HAVE_NO_MEMORY(info2->usrmod2_domain_name); NT_STATUS_HAVE_NO_MEMORY(info2->usrmod2_domain_id); @@ -3334,7 +3335,7 @@ WERROR NetUserGetLocalGroups_r(struct libnetapi_ctx *ctx, goto done; } - sid_array.sids[0].sid = sid_dup_talloc(ctx, &user_sid); + sid_array.sids[0].sid = dom_sid_dup(ctx, &user_sid); if (!sid_array.sids[0].sid) { werr = WERR_NOMEM; goto done; @@ -3348,7 +3349,7 @@ WERROR NetUserGetLocalGroups_r(struct libnetapi_ctx *ctx, goto done; } - sid_array.sids[i+1].sid = sid_dup_talloc(ctx, &sid); + sid_array.sids[i+1].sid = dom_sid_dup(ctx, &sid); if (!sid_array.sids[i+1].sid) { werr = WERR_NOMEM; goto done; diff --git a/source3/lib/secdesc.c b/source3/lib/secdesc.c index b9ed955dee..11256817a5 100644 --- a/source3/lib/secdesc.c +++ b/source3/lib/secdesc.c @@ -22,6 +22,7 @@ #include "includes.h" #include "../librpc/gen_ndr/ndr_security.h" +#include "../libcli/security/dom_sid.h" #define ALL_SECURITY_INFORMATION (SECINFO_OWNER|SECINFO_GROUP|\ SECINFO_DACL|SECINFO_SACL|\ @@ -190,10 +191,10 @@ struct security_descriptor *make_sec_desc(TALLOC_CTX *ctx, dst->sacl = NULL; dst->dacl = NULL; - if(owner_sid && ((dst->owner_sid = sid_dup_talloc(dst,owner_sid)) == NULL)) + if(owner_sid && ((dst->owner_sid = dom_sid_dup(dst,owner_sid)) == NULL)) goto error_exit; - if(grp_sid && ((dst->group_sid = sid_dup_talloc(dst,grp_sid)) == NULL)) + if(grp_sid && ((dst->group_sid = dom_sid_dup(dst,grp_sid)) == NULL)) goto error_exit; if(sacl && ((dst->sacl = dup_sec_acl(dst, sacl)) == NULL)) @@ -607,10 +608,10 @@ NTSTATUS se_create_child_secdesc(TALLOC_CTX *ctx, } /* The CREATOR sids are special when inherited */ - if (sid_equal(ptrustee, &global_sid_Creator_Owner)) { + if (dom_sid_equal(ptrustee, &global_sid_Creator_Owner)) { creator = &global_sid_Creator_Owner; ptrustee = owner_sid; - } else if (sid_equal(ptrustee, &global_sid_Creator_Group)) { + } else if (dom_sid_equal(ptrustee, &global_sid_Creator_Group)) { creator = &global_sid_Creator_Group; ptrustee = group_sid; } diff --git a/source3/lib/smbconf/smbconf_reg.c b/source3/lib/smbconf/smbconf_reg.c index ba27b48206..cafa3bfee4 100644 --- a/source3/lib/smbconf/smbconf_reg.c +++ b/source3/lib/smbconf/smbconf_reg.c @@ -22,6 +22,7 @@ #include "registry.h" #include "registry/reg_backend_db.h" #include "registry/reg_util_token.h" +#include "registry/reg_api_util.h" #include "lib/smbconf/smbconf_init.h" #include "lib/smbconf/smbconf_reg.h" diff --git a/source3/lib/util.c b/source3/lib/util.c index 3303894e0e..28336512df 100644 --- a/source3/lib/util.c +++ b/source3/lib/util.c @@ -24,6 +24,7 @@ #include "includes.h" #include "popt_common.h" #include "secrets.h" +#include "ctdbd_conn.h" extern char *global_clobber_region_function; extern unsigned int global_clobber_region_line; @@ -823,55 +824,6 @@ ssize_t write_data_at_offset(int fd, const char *buffer, size_t N, SMB_OFF_T pos #endif } -/******************************************************************* - Sleep for a specified number of milliseconds. -********************************************************************/ - -void smb_msleep(unsigned int t) -{ -#if defined(HAVE_NANOSLEEP) - struct timespec tval; - int ret; - - tval.tv_sec = t/1000; - tval.tv_nsec = 1000000*(t%1000); - - do { - errno = 0; - ret = nanosleep(&tval, &tval); - } while (ret < 0 && errno == EINTR && (tval.tv_sec > 0 || tval.tv_nsec > 0)); -#else - unsigned int tdiff=0; - struct timeval tval,t1,t2; - fd_set fds; - - GetTimeOfDay(&t1); - t2 = t1; - - while (tdiff < t) { - tval.tv_sec = (t-tdiff)/1000; - tval.tv_usec = 1000*((t-tdiff)%1000); - - /* Never wait for more than 1 sec. */ - if (tval.tv_sec > 1) { - tval.tv_sec = 1; - tval.tv_usec = 0; - } - - FD_ZERO(&fds); - errno = 0; - sys_select_intr(0,&fds,NULL,NULL,&tval); - - GetTimeOfDay(&t2); - if (t2.tv_sec < t1.tv_sec) { - /* Someone adjusted time... */ - t1 = t2; - } - - tdiff = TvalDiff(&t1,&t2); - } -#endif -} NTSTATUS reinit_after_fork(struct messaging_context *msg_ctx, struct event_context *ev_ctx, diff --git a/source3/lib/util_nttoken.c b/source3/lib/util_nttoken.c index 3130ed89fb..680dd29ba7 100644 --- a/source3/lib/util_nttoken.c +++ b/source3/lib/util_nttoken.c @@ -26,6 +26,7 @@ /* function(s) moved from auth/auth_util.c to minimize linker deps */ #include "includes.h" +#include "../libcli/security/dom_sid.h" /**************************************************************************** Duplicate a SID token. @@ -120,7 +121,7 @@ bool token_sid_in_ace(const struct security_token *token, const struct security_ size_t i; for (i = 0; i < token->num_sids; i++) { - if (sid_equal(&ace->trustee, &token->sids[i])) + if (dom_sid_equal(&ace->trustee, &token->sids[i])) return true; } diff --git a/source3/lib/util_sid.c b/source3/lib/util_sid.c index 92218ff2b2..d75c8e2c97 100644 --- a/source3/lib/util_sid.c +++ b/source3/lib/util_sid.c @@ -244,7 +244,7 @@ bool sid_peek_check_rid(const struct dom_sid *exp_dom_sid, const struct dom_sid return False; } - if (sid_compare_domain(exp_dom_sid, sid)!=0){ + if (dom_sid_compare_domain(exp_dom_sid, sid)!=0){ *rid=(-1); return False; } @@ -308,84 +308,6 @@ bool sid_parse(const char *inbuf, size_t len, struct dom_sid *sid) } /***************************************************************** - Compare the auth portion of two sids. -*****************************************************************/ - -static int sid_compare_auth(const struct dom_sid *sid1, const struct dom_sid *sid2) -{ - int i; - - if (sid1 == sid2) - return 0; - if (!sid1) - return -1; - if (!sid2) - return 1; - - if (sid1->sid_rev_num != sid2->sid_rev_num) - return sid1->sid_rev_num - sid2->sid_rev_num; - - for (i = 0; i < 6; i++) - if (sid1->id_auth[i] != sid2->id_auth[i]) - return sid1->id_auth[i] - sid2->id_auth[i]; - - return 0; -} - -/***************************************************************** - Compare two sids. -*****************************************************************/ - -int sid_compare(const struct dom_sid *sid1, const struct dom_sid *sid2) -{ - int i; - - if (sid1 == sid2) - return 0; - if (!sid1) - return -1; - if (!sid2) - return 1; - - /* Compare most likely different rids, first: i.e start at end */ - if (sid1->num_auths != sid2->num_auths) - return sid1->num_auths - sid2->num_auths; - - for (i = sid1->num_auths-1; i >= 0; --i) - if (sid1->sub_auths[i] != sid2->sub_auths[i]) - return sid1->sub_auths[i] - sid2->sub_auths[i]; - - return sid_compare_auth(sid1, sid2); -} - -/***************************************************************** - See if 2 SIDs are in the same domain - this just compares the leading sub-auths -*****************************************************************/ - -int sid_compare_domain(const struct dom_sid *sid1, const struct dom_sid *sid2) -{ - int n, i; - - n = MIN(sid1->num_auths, sid2->num_auths); - - for (i = n-1; i >= 0; --i) - if (sid1->sub_auths[i] != sid2->sub_auths[i]) - return sid1->sub_auths[i] - sid2->sub_auths[i]; - - return sid_compare_auth(sid1, sid2); -} - -/***************************************************************** - Compare two sids. -*****************************************************************/ - -bool sid_equal(const struct dom_sid *sid1, const struct dom_sid *sid2) -{ - return sid_compare(sid1, sid2) == 0; -} - -/***************************************************************** Returns true if SID is internal (and non-mappable). *****************************************************************/ @@ -397,10 +319,10 @@ bool non_mappable_sid(struct dom_sid *sid) sid_copy(&dom, sid); sid_split_rid(&dom, &rid); - if (sid_equal(&dom, &global_sid_Builtin)) + if (dom_sid_equal(&dom, &global_sid_Builtin)) return True; - if (sid_equal(&dom, &global_sid_NT_Authority)) + if (dom_sid_equal(&dom, &global_sid_NT_Authority)) return True; return False; @@ -444,25 +366,6 @@ char *sid_binstring_hex(const struct dom_sid *sid) return s; } -/******************************************************************* - Tallocs a duplicate SID. -********************************************************************/ - -struct dom_sid *sid_dup_talloc(TALLOC_CTX *ctx, const struct dom_sid *src) -{ - struct dom_sid *dst; - - if (src == NULL) { - return NULL; - } - dst = talloc_zero(ctx, struct dom_sid); - if (dst == NULL) { - return NULL; - } - sid_copy(dst, src); - return dst; -} - /******************************************************************** Add SID to an array SIDs ********************************************************************/ @@ -494,7 +397,7 @@ NTSTATUS add_sid_to_array_unique(TALLOC_CTX *mem_ctx, const struct dom_sid *sid, size_t i; for (i=0; i<(*num_sids); i++) { - if (sid_compare(sid, &(*sids)[i]) == 0) + if (dom_sid_compare(sid, &(*sids)[i]) == 0) return NT_STATUS_OK; } @@ -515,7 +418,7 @@ void del_sid_from_array(const struct dom_sid *sid, struct dom_sid **sids, size_t /* if we find the SID, then decrement the count and break out of the loop */ - if ( sid_equal(sid, &sid_list[i]) ) { + if ( dom_sid_equal(sid, &sid_list[i]) ) { *num -= 1; break; } @@ -555,7 +458,7 @@ bool add_rid_to_array_unique(TALLOC_CTX *mem_ctx, bool is_null_sid(const struct dom_sid *sid) { static const struct dom_sid null_sid = {0}; - return sid_equal(sid, &null_sid); + return dom_sid_equal(sid, &null_sid); } bool is_sid_in_token(const struct security_token *token, const struct dom_sid *sid) @@ -563,7 +466,7 @@ bool is_sid_in_token(const struct security_token *token, const struct dom_sid *s int i; for (i=0; i<token->num_sids; i++) { - if (sid_compare(sid, &token->sids[i]) == 0) + if (dom_sid_compare(sid, &token->sids[i]) == 0) return true; } return false; diff --git a/source3/lib/util_sock.c b/source3/lib/util_sock.c index 46926f6298..2b33816293 100644 --- a/source3/lib/util_sock.c +++ b/source3/lib/util_sock.c @@ -21,6 +21,7 @@ #include "includes.h" #include "memcache.h" +#include "../lib/async_req/async_sock.h" /**************************************************************************** Get a port number in host byte order from a sockaddr_storage. |