summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2013-10-05shadow_copy2: break overly long lines in shadow_copy2_snapshot_to_gmt()Michael Adam1-3/+6
According to coding guidelines. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-10-03Revert "Support UPN_DNS_INFO in the PAC"Stefan Metzmacher1-9/+7
This reverts commit a6be8a97f705247c1b1cbb0595887d8924740a71. We fail (often) to parse a krb5pac type 12 buffer due to the incomplete change which came in via a6be8a97f705247c1b1cbb0595887d8924740a71. This change came into master and has only been released in RCs so no regression to published 4.0.x releases. We should revert this for 4.1 for now until we can make it work in all cases (see work on this in https://git.samba.org/?p=gd/samba/.git;a=shortlog;h=refs/heads/master-krb5pac_type12). Without this revert the entire PAC parsing may fail which can effect serious implications (krb5 smb session setup not working). Bug: https://bugzilla.samba.org/show_bug.cgi?id=10178 Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Thu Oct 3 17:08:46 CEST 2013 on sn-devel-104
2013-10-03Remove dead code. Now we have no SWAT we don't use the invalid_services ↵Jeremy Allison1-37/+12
array or associated counter. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: David Disseldorp <ddiss@suse.de> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Oct 3 03:22:36 CEST 2013 on sn-devel-104
2013-10-02smbd:smb2: fix error code when the header says the request is signed but we ↵Michael Adam1-1/+1
don't have a sesseion I.e. when the request is a session setup. We replied with ACCESS_DENIED, but windows expects USER_SESSION_DELETED Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed Oct 2 22:07:44 CEST 2013 on sn-devel-104
2013-10-02s3:smb2_server: don't rely on the SMB2_HDR_FLAG_SIGNED if signing is requiredStefan Metzmacher1-1/+1
Windows (at least the test suites) may skip the SMB2_HDR_FLAG_SIGNED in a reauth session setup, but still provide a valid signature. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2013-10-02librpc: Fix blank line endingsVolker Lendecke1-8/+8
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed Oct 2 15:02:07 CEST 2013 on sn-devel-104
2013-10-02libndr: Fix ndr_print_bitmap_flag for value=0Volker Lendecke1-0/+4
Don't endlessly loop Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-10-02librpc: return a ndr_pull_error instead of just NDR_ERR_NDR64 when upper ↵Matthieu Patou1-1/+2
bits of 64 bit value are not 0 Signed-off-by: Matthieu Patou <mat@matws.net> Signed-off-by: Stefan Metzmacher <metze@samba.org>
2013-10-02net: allow "net idmap get ranges" to list all rangesMichael Adam1-5/+7
Omission of SID parameter lists ranges for all domains. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Wed Oct 2 12:23:33 CEST 2013 on sn-devel-104
2013-10-02idmap_autorid: allow iterate functions to operate on all domain rangesMichael Adam1-4/+2
by allowing handed in domsid to be NULL Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-10-02net: implement "net idmap delete ranges"Michael Adam1-0/+67
Inspired by a patch by Atul Kulkarni <atul.kulkarni@in.ibm.com>. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-10-02idmap_autorid: add idmap_autorid_delete_domain_ranges()Michael Adam2-0/+90
This uses the new idmap_autorid_iterate_domain_ranges() function. Based on earlier patch by Atul Kulkarni <atul.kulkarni@in.ibm.com>. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-10-02net: add "net idmap get ranges" operation for autoridMichael Adam1-0/+78
Implemented using the idmap_autorid_iterate_domain_ranges_read() function. Based on earlier patch by Atul Kulkarni <atul.kulkarni@in.ibm.com>. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-10-02idmap_autorid: add idmap_autorid_iterate_domain_ranges[_read]()Michael Adam2-0/+216
Functions to perform an action on all domain range mappings for a given domain, specified by the domain sid. Inspired by a previous patch by Atul Kulkarni <atul.kulkarni@in.ibm.com>. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-10-02net: implement "net idmap delete range"Michael Adam1-0/+95
Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-10-02idmap_autorid: add idmap_autorid_delete_range_by_num()Michael Adam2-0/+129
query and delete a mapping specified by the range number. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-10-02idmap_autorid: add idmap_autorid_delete_range_by_sid()Michael Adam2-0/+130
Delete a range mapping as specified by domain SID and range index. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-10-02idmap_autorid: add idmap_autorid_build_keystr_talloc()Michael Adam1-0/+17
talloc version of idmap_autorid_build_keystr() Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-10-02idmap_autorid: extend idmap_autorid_addrange to allow to set mappings below ↵Michael Adam1-21/+40
the HWM Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-10-02net: implement "net idmap get range"Michael Adam1-0/+86
get the range for a domain sid and range index. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-10-02idmap_autorid: improve clarity of idmap_autorid_addrange_action() by adding ↵Michael Adam1-7/+8
mem_ctx. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-10-02net: add "net idmap set range" (for autorid backend)Michael Adam1-0/+83
This lets the admin store a range for a domain/index pair. Call syntax is: net idmap set range <RANGE> <DOMSID> [<INDEX>] INDEX defaults to 0. Pair-Programmed-With: Atul Kulkarni <atul.kulkarni@in.ibm.com> Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-10-02net idmap: add utility function parse_uint32()Volker Lendecke1-0/+24
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2013-10-02net: add "net idmap get config" to read the autorid config from the databaseAtul Kulkarni1-0/+50
Pair-Programmed-With: Michael Adam <obnox@samba.org> Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com> Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-10-02net: add "net idmap get" commandMichael Adam1-0/+17
This has no subcommands yet and is added in preparation of adding some. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-10-02net: add "net idmap set config" command to store the autorid global configAtul Kulkarni1-0/+47
Pair-Programmed-With: Michael Adam <obnox@samba.org> Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com> Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-10-02idmap_autorid: add idmap_autorid_saveconfigstr()Michael Adam2-0/+25
Store a configuration as provided by a config string after parsing and validating the string. Based on similar patch by Atul Kulkarni <atul.kulkarni@in.ibm.com>. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-10-02net: add new function net_idmap_opendb_autorid()Atul Kulkarni2-1/+53
This checks the backend is autorid, and opens the db if so. If readonly == true, the DB is simply opened for reading. If readonly == false, the DB is created if necessary and initialized with HWMs. Pair-Programmed-With: Michael Adam <obnox@samba.org> Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com> Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-10-02net: rename "idmap_dump_ctx" to "net_idmap_ctx".Michael Adam1-6/+6
This started specific, but is now generic. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-10-02net: move the "net idmap delete" functionality to subcommand "net idmap ↵Michael Adam1-5/+24
delete mapping" This is in preparation of adding more types of entries to delete... Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-10-02net: add the "net idmap set secret" subcommand as alias for "net idmap secret"Michael Adam1-1/+9
Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-10-02net: move the "net idmap set" functionality to subcommand "net idmap set ↵Michael Adam1-3/+21
mapping" This is in preparation of adding more "net idmap set" subcommands for the autorid backend. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-10-02net: rename "net idmap setmap" to "net idmap set"Michael Adam1-2/+3
Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-10-02net: improve help text for "net idmap restore"Michael Adam1-1/+1
Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-10-02net: improve help text for "net idmap dump"Michael Adam1-1/+1
With idmap autorid "dump ID mappings" is not precise enough any more. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-10-02idmap_autorid: add a comment explaining idmap_autorid_saveconfig()Michael Adam1-0/+7
Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-10-02idmap_autorid: add a comment explaining idmap_autorid_loadconfig()Michael Adam1-0/+3
Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-10-02idmap_autorid: add a comment explaining idmap_autorid_db_init()Michael Adam1-0/+6
Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-10-02idmap_autorid: add a comment explaining idmap_autorid_init_hwm()Michael Adam1-0/+4
Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-10-02idmap_autorid: add a comment explaining idmap_autorid_get_domainrange()Michael Adam1-0/+7
Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-10-02idmap_autorid: Don't use db as a temporary talloc context.Michael Adam1-1/+1
Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-10-02idmap_autorid: improve two debug messages by printing NT error codesMichael Adam1-3/+3
Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-10-02idmap_autorid: fix a debug message in idmap_autorid_addrange()Michael Adam1-2/+2
Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-10-02idmap_autorid: for clarity, add a wrapper idmap_autorid_acquire_range() to ↵Michael Adam1-1/+7
idmap_autorid_addrange() This one calls into the HWM bumping acquire code path. Pair-Programmed-With: Atul Kulkarni <atul.kulkarni@in.ibm.com> Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-10-02idmap_autorid: add new function idmap_autorid_setrange()Michael Adam2-0/+26
This allows to directly set a range for a domsid#index pair. It fails if a stored range is found which is different from the requested one. Pair-Programmed-With: Atul Kulkarni <atul.kulkarni@in.ibm.com> Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-10-02idmap_autorid: factor out domain range adding code into a separate functionMichael Adam1-23/+117
This also adds a new mode to the new idmap_autorid_addrange() function that allows to set a provided range if the range is available, instead of the original only mode of automatically allocating a new range by incrementing the HWM counter. Pair-Programmed-With: Atul Kulkarni <atul.kulkarni@in.ibm.com> Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-10-02idmap_autorid: add idmap_autorid_getrange()Michael Adam2-0/+41
Wrapper to idmap_autorid_getrange_int(). Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-10-02idmap_autorid: improve a debug message in idmap_autorid_getrange_int()Michael Adam1-1/+2
Add output of status code. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-10-02idmap_autorid: factor out domain range fetching part from ↵Atul Kulkarni1-20/+38
idmap_autorid_get_domainrange() Fatored out read-only function idmap_autorid_getrange() will be used elsewhere. Pair-Programmed-With: Michael Adam <obnox@samba.org> Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com> Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-10-02idmap_autorid: Use fstr_sprintf in idmap_autorid_build_keystr()Volker Lendecke1-2/+2
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>