summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2013-02-05s3:param: add new lp_idmap_default_backend()Michael Adam2-0/+6
Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Christian Ambach <ambi@samba.org>
2013-02-05s3:param: introduce new lp_idmap_backend() that takes the domainMichael Adam2-0/+28
Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Christian Ambach <ambi@samba.org>
2013-02-05s3:param: add a commentMichael Adam1-0/+4
Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Christian Ambach <ambi@samba.org>
2013-02-05s3:param: remove unused function lp_idmap_backend()Michael Adam4-2/+2
Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Christian Ambach <ambi@samba.org>
2013-02-05s3:net idmap: remove call to lp_idmap_backend() - this is useless.Michael Adam1-2/+2
The variable behind lp_idmap_backend() is never set. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Christian Ambach <ambi@samba.org>
2013-02-05s3:param: remove unused functions lp_idmap_uid() and lp_idmap_gid()Michael Adam2-49/+0
Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Christian Ambach <ambi@samba.org>
2013-02-05s3:auth: use new lp_idmap_default_range() instead of lp_idmap_gid() in ↵Michael Adam1-2/+2
create_token_from_sid() Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Christian Ambach <ambi@samba.org>
2013-02-05s3:param: add utility function lp_idmap_default_range()Michael Adam2-0/+6
Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Christian Ambach <ambi@samba.org>
2013-02-05s3:param: add a utility function lp_idmap_range() to get the configured ↵Michael Adam2-0/+41
range for a given domain. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Christian Ambach <ambi@samba.org>
2013-02-05s3:param: remove an old comment (that is not up-to date any more)Michael Adam1-2/+0
Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Christian Ambach <ambi@samba.org>
2013-02-05tdb: Remove "header" from tdb_contextVolker Lendecke13-59/+64
header.hash_size was the only thing we ever referenced outside of tdb_open_ex and its direct callees. So this shrinks the tdb_context by 164 bytes. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Tue Feb 5 13:18:28 CET 2013 on sn-devel-104
2013-02-05tdb: Pass argument "header" to check_header_hashVolker Lendecke1-4/+6
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-02-05tdb: Pass argument "header" to tdb_new_databaseVolker Lendecke1-6/+8
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-02-04samba-tool/domain provision: add support for utf-8 passwords for --adminpassStefan Metzmacher1-0/+1
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Mon Feb 4 18:54:32 CET 2013 on sn-devel-104
2013-02-04samba-tool/user setpassword: fix help messageStefan Metzmacher1-3/+3
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2013-02-04s4:scripting/python: add support for utf-8 passwords from the command lineStefan Metzmacher1-1/+2
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2013-02-04s3:dbrwap_ctdb: ZERO_STRUCT(rec) just to be sure in ↵Michael Adam1-0/+1
traverse_persistent_callback_read() Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-02-04s3:dbwrap_ctdb: ZERO_STRUCT(rec) just to be sure in traverse_read_callback()Michael Adam1-0/+2
Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-02-04s3:dbwrap_ctdb: add "db_context" to "db_record"Stefan Metzmacher1-2/+5
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2013-02-04s3:dbwrap_ctdb: setup result->name in db_open_ctdb()Stefan Metzmacher1-0/+7
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2013-02-04lib/dbwrap: talloc_strdup() name in db_open_file()Stefan Metzmacher1-1/+6
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2013-02-04lib/util: improve check_password_quality() to handle utf8Stefan Metzmacher2-19/+120
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2013-02-04dsdb/util: rework samdb_check_password() to support utf8Stefan Metzmacher1-5/+16
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2013-02-04dsdb/password_hash: rename variable 'stat' to 'vstat'Stefan Metzmacher1-5/+5
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2013-02-04dsdb/password_hash: make sure that io->n.cleartext_utf8.data is a null ↵Stefan Metzmacher1-0/+23
terminated string Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2013-02-04s3: use generate_random_password() instead of generate_random_str()Stefan Metzmacher5-12/+21
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2013-02-04Revert "selftest: skip smb2.ioctl tests on ntvfs"David Disseldorp2-1/+2
This reverts commit cf27c2fbb6e7422cb962f4c63a53515321c65a70. The following concerns were raised with regard to the relocation of tests from selftest/knownfail to selftest/skip. Andrew Bartlett <abartlet@samba.org> wrote: Unless there is some entirely undesirable side-effect, this patch throws away valuable testing, because it removes the test of the testsuite for failure (ie, does the test work!), and it removes the documentation of the difference between the servers (if someone did add some this to the ntvfs server, it would never be tested). It also removes a test that if this unimplemented functionality is called, that we don't crash and die. Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): David Disseldorp <ddiss@samba.org> Autobuild-Date(master): Mon Feb 4 15:57:29 CET 2013 on sn-devel-104
2013-02-04s3:modules remove gpfs_getacl_allocChristian Ambach1-46/+0
last caller has gone Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Mon Feb 4 14:10:08 CET 2013 on sn-devel-104
2013-02-04s3:modules use vfs_gpfs_getacl in gpfsacl_get_posix_aclChristian Ambach1-3/+3
as preparation to remove gpfs_getacl_alloc() Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-02-04s3:modules use vfs_gpfs_getacl in gpfsacl_set_nt_acl_internalChristian Ambach1-5/+9
as preparation to remove gpfs_getacl_alloc() Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-02-04s3:modules use vfs_gpfs_getacl in gpfs_get_nfs4_aclChristian Ambach1-2/+5
as preparation to remove gpfs_getacl_alloc() Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-02-04s3:torture/vfstest add memreport optionChristian Ambach1-0/+8
this will run a talloc_report_full on the talloc stackframe after each command Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-02-04s3:torture/vfstest implement sys_acl_blob_get_fdChristian Ambach1-0/+45
Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-02-04s3:torture/vfstest implement sys_acl_blob_get_fileChristian Ambach1-0/+32
Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-02-04s3:vfs_gpfs use non_posix_sys_acl_blob_get_*_helperChristian Ambach1-16/+90
use the helper functions to return the blob based on the raw GPFS ACL blob (if it is a NFSv4 ACL). If not, fall back to the POSIX ACL code Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-02-04s3:vfs_gpfs add a generic vfs_gpfs_getacl functionChristian Ambach1-0/+73
in contrast to gpfs_getacl_alloc which always puts the ACL on talloc_tos(), this one allows to specify the memory context and if the caller is interested in the raw ACL blob or a structured version Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-02-04s3:modules/vfs_gpfs add GPFS_GETACL_NATIVE defineChristian Ambach1-0/+4
this is not in the official GPFS header file, but can be found in the GPL'd kernel module sources Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-02-04s3:modules/non_posix_acls: only stat if we do not have it cachedChristian Ambach1-4/+8
most probably we already have the stat() information Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-02-04s3:autoconf add non_posix_acls to NFS4ACL_OBJChristian Ambach1-1/+1
Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-02-04s3:autoconf introduce NFS4ACL_OBJChristian Ambach1-3/+5
use a definition instead of listing it separately Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-02-04s3-waf:modules add non_posix_acls dependency to vfs_gpfsChristian Ambach1-1/+1
Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-02-04vfs: Add helper function for non posix ACL modulesAndrew Bartlett3-0/+136
This handles the stat, and fills in the pre-supplied blob into a wrapper sturcture that can then be returned to vfs_acl_common for hashing. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Christian Ambach <ambi@samba.org>
2013-02-04idl: Provide a common wrapper for the data to hash for a non-POSIX ACLAndrew Bartlett1-0/+12
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Christian Ambach <ambi@samba.org>
2013-02-04selftest: add a test that demonstrates how new ACL blob code helpsChristian Ambach1-0/+17
this test shows that a change to POSIX ACL->SD mapping behavior does not invalidate the stored SD Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-02-04vfs_acl_common: Do not fetch the underlying NT ACL unless we need itAndrew Bartlett1-44/+80
This avoids asking for the posix ACL on disk twice, and avoids running a good deal of mapping code if it is not needed. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Christian Ambach <ambi@samba.org>
2013-02-04vfs: Whitespace fix only to get_nt_acl_internal indentationAndrew Bartlett1-4/+4
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Christian Ambach <ambi@samba.org>
2013-02-04vfs: Implement an improved vfs_acl_common that uses the hash of the system ACLAndrew Bartlett1-51/+250
Where supported by the system ACL backend, this avoids hashing the result of the ACL mapping, instead hashing the original ACL, linearlised. For maximum robustness, the hash of the NT and system ACL are stored, along with the time and a description of the system ACL. This variety of extra metadata may assist some future implementation in determining which hash to validate. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Christian Ambach <ambi@samba.org>
2013-02-04vfs: Add helper function hash_blob_sha256 to vfs_acl_common.cAndrew Bartlett1-7/+19
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Christian Ambach <ambi@samba.org>
2013-02-04Fix typo in warning messageVolker Lendecke1-1/+1
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-By: Ira Cooper <ira@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Mon Feb 4 11:48:25 CET 2013 on sn-devel-104
2013-02-03tevent_poll: add poll_event_loop_wait()Stefan Metzmacher1-2/+31
We can't use tevent_common_loop_wait() because new fd events will be added to the poll_ev->fresh list instead of ev->fd_events. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sun Feb 3 06:40:09 CET 2013 on sn-devel-104