Age | Commit message (Collapse) | Author | Files | Lines |
|
(This used to be commit fb91bfa7a28f548dcc549f7e09805e4485c83538)
|
|
(This used to be commit 8cabdd635df2455d9b25604f2ea0fb85efa067e2)
|
|
(This used to be commit 067810ed4a38c567e64e683a24cdd405479b5ee1)
|
|
(This used to be commit fc0b2fcf977b9014d2478296168b22e9faa22108)
|
|
is as stable as possible in the string department and some pain now
will help later :-).
Jeremy.
(This used to be commit 86e3eddac698d90f4666b8492b4603a4efbbd67b)
|
|
Original message:
This patch attemptes to clean up winbindd's mutex locking.
The current locking scheme in winbind is a complete mess - indeed, the
next step should be to push the locking into cli_full_connection(), but
I'll leave it for now.
This patch works on the noted behaviour that 2 parts of the connection
process need protection - and independent protection. Tim Potter did
some work on this a little while back, verifying the second case.
The two cases are:
- between connect() and first session setup
- during the auth2 phase of the netlogon pipe setup.
I've removed the counter on the lock, as I fail to see what it gains us.
This patch also adds 'anonymous fallback' to our winbindd -> DC connection.
If the authenticated connection fails (wbinfo -A specifed) - say that
account isn't trusted by a trusted DC - then we try an anonymous.
Both tpot and mbp like the patch.
Andrew Bartlett
(This used to be commit b5283c00a900393b83f0edb2785c5caf402404eb)
|
|
signed/unsigned (mostly i counters)
a little bit of const.
Andrew Bartlett
(This used to be commit 50f0ca752e5058c4051f42a9337361373ba1f727)
|
|
net ads password
Heimdal compile fixes.
Andrew Bartlett
(This used to be commit 3aa4f923e99f453310bb4a8d43ce43757591909d)
|
|
- Make ReadDirName return a const char*.
- Consequential changes from that
- mark our fstring/pstring assumptions in function prototypes
Andrew Bartlett
(This used to be commit 10b53d7c6fd77f23433dd2ef12bb14b227147a48)
|
|
Andrew Bartlett
(This used to be commit 64796ed27a3842be1dde52dd4f46698e95961767)
|
|
session key and auth verifier patches.
Andrew Bartlett
(This used to be commit 3f9616a68a855acbae3f405c27ee2358fbe7ba2c)
|
|
(This used to be commit 7a2566f2e922191e691b6dafb1a09e22913cccd6)
|
|
(This used to be commit 04a5cbc8964386774acdca759b4cfaded068c8f2)
|
|
I'm not merging the current HEAD string stuff quite yet.
(This used to be commit 9b8d12e081462566043bb51e9c95605609572a54)
|
|
(This used to be commit f0daa15521e6352e25aa998f7e682f448e0fe51a)
|
|
Andrew Bartlett
(This used to be commit 980f2eb7c2efa1a2c83098aebecf0e25a05724cb)
|
|
new 'net ads dn'
doxygen fixes
net help fixes.
(This used to be commit de24fcb097ebf0d1aec92e787622cab64d10c553)
|
|
(This used to be commit 3b9db928fcaec322698d046db3a8a042b9a1d30c)
|
|
Volker
(This used to be commit 115cd4b27f84343c7f98622717edda6da4866a6b)
|
|
(This used to be commit 1fb5c92bfb96d966a31d5a4d882a411b9c0b497c)
|
|
dereferencing
(This used to be commit 7bc5fc729f67ae16e09ea67efa9e2b8e2ba41c8f)
|
|
Jeremy.
(This used to be commit 759aab9944e8dc5c38e224ace738b75ded07ee54)
|
|
(This used to be commit af6235dfb69b5349e4d0b7c8772a1799b7dc421a)
|
|
(This used to be commit 8522971ccb2e99a24b97c53cc57ca167923d346b)
|
|
(This used to be commit ce2159086f6b68c713a376785f6b48a370e33eb2)
|
|
respond to a
lock - so to make the torture tests valid I give it a grace time of 10
seconds instead of 2'
Jeremy.
(This used to be commit 41571a69e04838c00de7d4a528c59cd1e88919d0)
|
|
Jeremy.
(This used to be commit 40def80d43b14a853045a31b382226fe0381f38a)
|
|
(This used to be commit 0eee7a4b1ea437b5f1376fc9c7063b117f5027c6)
|
|
(This used to be commit c7593929681ad9aed4b9d2025d33071b9751185f)
|
|
(This used to be commit 3026a5ef152e1856ac127abe72855371611d5bf3)
|
|
etc. So check for that as well as the old names when including macros
and conditionally defining -DVALGRIND.
(This used to be commit 054ed6d86d0ca61623d61db7bc31999c19269176)
|
|
Jeremy.
(This used to be commit 33b11d5eb53bdeb9d279d221fd5c01579253e1c7)
|
|
Jeremy.
(This used to be commit 98ed7e0cbbc693b486bb91855cb3331e51daef6c)
|
|
(This used to be commit 533fe94db95fbb819b35251d9832c925584b7eca)
|
|
Jeremy.
(This used to be commit 8e956bc1d63425b0e1ca9410bf82a0a5d3e36ac7)
|
|
from .NET RC2)
(This used to be commit e074cab810f9299d0b27881cddf8a74f10fe233e)
|
|
Jeremy.
(This used to be commit 65c2a361a4a3461ccbed9b5c968f95281295faab)
|
|
Jeremy.
(This used to be commit 289e2e25b91da20ac02b90e5a9d6de3619ad308d)
|
|
the open call to be the same as that of the existing tdb. The
specified hash_size is only used if the tdb needs to be (re)created.
With this patch in place, tdbtool can open the printing tdbs, which
are created with a hash_size of 5000. Before it would fail with EIO.
(This used to be commit 7090d9f6939b3c6334fba40b0741f8f899aba31a)
|
|
> when doing "enumdomusers", rpcclient prints each one preceded by the
> word "group" instead of "user"
(This used to be commit 0e9a2f41df932585bbff2a1a53d3dadc9a3dac62)
|
|
(This used to be commit 560deeb4ece9dd4a65e10b0aae20f8ab1fe0d24c)
|
|
Volker
(This used to be commit 54c99ee1fbaf4541fb3fa10a9b764da1367af6d3)
|
|
(This used to be commit 944752024ba6ab762b12c29ee867e37401dac12b)
|
|
string as a configure parameter.
(This used to be commit 10b2de7ebd204a940bd15bff9cca611e4ba8dcd3)
|
|
Jeremy.
(This used to be commit 11077368ec30313c2e7ee1d23f9f348910aa36bf)
|
|
Jeremy.
(This used to be commit 723e9ee31cc1f5eb4b7aefefd58f7f13d0abda05)
|
|
Jeremy.
(This used to be commit 183ce97d3719080b1b01932b96206b8ee4c5f5b0)
|
|
Jeremy.
(This used to be commit 7f8d3a49b2cebab4b94db3cda54b3923442378c8)
|
|
-------------------------------------------------------------------------
I think there are basically two problem:
1. Windows clients do not always send ACEs for SMB_ACL_USER_OBJ, SMB_ACL_GROUP_OBJ,
and SMB_ACL_OTHER.
The function ensure_canon_entry_valid() is prepared for that, but tries
to "guess" values from group or other permissions, respectively, otherwise
falling back to minimum r-- for the owner. Even if the owner had full
permissions before setting ACL. This is the problem with W2k clients.
2. Function set_nt_acl() always chowns *before* attempting to set POSIX ACLs.
This is ok in a take-ownership situation, but must fail if the file is
to be given away. This is the problem with XP clients, trying to transfer
ownership of the original file to the temp file.
The problem with NT4 clients (no ACEs are transferred to the temp file, thus
are lost after moving the temp file to the original name) is a client problem.
It simply doesn't attempt to.
I have played around with that using posic_acls.c from 3.0 merged into 2.2.
As a result I can now present two patches, one for each branch. They
basically modify:
1. Interpret missing SMB_ACL_USER_OBJ, SMB_ACL_GROUP_OBJ, or SMB_ACL_OTHER
as "preserve current value" instead of attempting to build one ourself.
The original code is still in, but only as fallback in case current values
can't be retrieved.
2. Rearrange set_nt_acl() such that chown is only done before setting
ACLs if there is either no change of owning user, or change of owning
user is towards the current user. Otherwise chown is done after setting
ACLs.
It now seems to produce reasonable results. (Well, as far as it can. If
NT4 doesn't even try to transfer ACEs, only deliberate use of named default
ACEs and/or "force group" or the crystal ball can help :)
-------------------------------------------------------------------------
Jeremy.
(This used to be commit 1d3b8c528bebfa1971d1affe454a03453335786e)
|
|
Jeremy.
(This used to be commit 05a8a61af83a6d85ddbb70749c8cd0abe9eb8180)
|