summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2012-07-18s4-librpc: Ensure we do not call call the decrpc timeout handler during ↵Andrew Bartlett3-5/+39
gensec_update() This avoids a situation where we could destroy pointers on the stack due to a nested event loop. This is certainly not a final, generic solution, but it is a minimal change while we work to make gensec and gensec_gssapi async. Andrew Bartlett
2012-07-18s4-dbcheck: Check for and correct incorrect instanceType valuesAndrew Bartlett1-0/+45
2012-07-18dsdb: Allocate new OID to allow updates of a read-only replicaAndrew Bartlett5-5/+15
Normally this would be a very bad idea, but the specific case of fixing the instanceType is the only case where this makes sense. Andrew Bartlett
2012-07-18s4-dsdb: Allow dbcheck to correct an incorrect instanceTypeAndrew Bartlett1-3/+5
2012-07-18s4-dsdb: Ensure we never write read-only objects onto a read-write replicaAndrew Bartlett1-1/+8
We should prevent this much further up the stack, but at least add a choke at this point for now. Additionally, this avoids administrator-forced replications causing considerable damange to the directory. Andrew Bartlett
2012-07-18source4/torture: add talloc_stackframe()Rusty Russell1-0/+3
We need a stackframe to call lp_load(). Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Autobuild-User(master): Rusty Russell <rusty@rustcorp.com.au> Autobuild-Date(master): Wed Jul 18 09:31:07 CEST 2012 on sn-devel-104
2012-07-18source3/netapi: fix only caller which doesn't set up a talloc_stackframe()Rusty Russell1-0/+4
libnetapi_free() needs a stackframe too; looked like Andrew and Günther missed this in a37de9a95974c138d264d9cb0c7829bb426bb2d6. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18source3/passdb/py_passdb.c: wrap all calls in talloc_stackframe()Rusty Russell1-519/+489
dbwrap needs it. Some calls were already wrapped, but they checked the talloc_stackframe() return unnecessarily: it can never be NULL. This is the coccinelle patch I used: // Add in a stackframe to every function: be sure to free it on (every) return @rule0@ identifier func; @@ func(...) { +TALLOC_CTX *frame = talloc_stackframe(); <... +talloc_free(frame); return ...; ...> } // Get rid of tframe allocation/frees, replace usage with frame. @rule1@ identifier func; identifier oldframe; @@ func(...) { ... -TALLOC_CTX *oldframe; ... -if ((oldframe = talloc_stackframe()) == NULL) { - ... -} <... -talloc_free(oldframe); ...> } // Get rid of tframe (variant 2) @rule2@ identifier func; identifier oldframe; @@ func(...) { ... -TALLOC_CTX *oldframe; ... -oldframe = talloc_stackframe(); -if (oldframe == NULL) { - ... -} <... -talloc_free(oldframe); ...> } // Change tframe to frame @rule3@ identifier func; @@ func(...) { <... -tframe +frame ...> } Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18source3/passdb/py_passdb.c: don't steal from talloc_stackframe().Rusty Russell1-15/+2
If you want a stack-style allocation, use talloc_stackframe(). If you don't, don't use it. In particular, talloc_stackframe() here is actually inside a pool, and stealing from pools is a bad idea. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18source3/torture/pdbtest: allocate talloc_stackframe()Rusty Russell1-2/+2
Avoid talloc_tos() without a stackframe. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18talloc_stack: abort in developer me if no stackframe on talloc_tos()Rusty Russell2-4/+9
Don't tolerate leaks in developer mode. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18loadparm: make the source3/ lp_ functions take an explicit TALLOC_CTX *.Rusty Russell86-622/+661
They use talloc_tos() internally: hoist that up to the callers, some of whom don't want to us talloc_tos(). A simple patch, but hits a lot of files. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18source3/utils/net_conf.c: fix stackframe leakRusty Russell1-0/+2
net_conf_wrap_function() doesn't free its stackframe. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18source3/winbindd/winbindd_pam.c: fix stackframe leakRusty Russell1-0/+1
check_info3_in_group() doesn't always free its stackframe. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18source3/lib/smbconf/testsuite.c: fix stackframe leakRusty Russell1-0/+1
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18source3/registry/reg_backend_db.c: fix stackframe leakRusty Russell1-2/+4
regdb_store_values_internal() doesn't always free its stackframe. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18source3/winbindd/idmap_tdb_common.c: fix stackframe leakRusty Russell1-0/+1
idmap_tdb_common_sid_to_unixid() doesn't always free its stackframe. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18source3/rpc_server/svcctl/srv_svcctl_reg.c: fix stackframe leakRusty Russell1-0/+1
svcctl_init_winreg() doesn't free its stackframe. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18source3/modules/vfs_xattr_tdb.c: fix stackframe leakRusty Russell1-1/+3
xattr_tdb_getxattr() doesn't free its stackframe. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18lib/util/modules.c: fix stackframe leak.Rusty Russell1-1/+2
do_smb_load_module() doesn't free its stackframe on success. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18source3/winbindd/winbindd_util.c: fix stackframe leakRusty Russell1-2/+4
winbindd_can_contact_domain() doesn't always free its stackframe. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18nt_printing_tdb_migrate(): fix stackframe leak.Rusty Russell1-0/+1
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18source3/client/client.c: fix stackframe leak.Rusty Russell1-13/+7
do_message_op() doesn't free its stackframe in various paths. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18smbpasswd: always free frame.Rusty Russell1-4/+4
We're about to exit, so it doesn't really matter, but might as well unify the paths. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18talloc_stack: report lazy freeing (panic if DEVELOPER).Rusty Russell1-0/+11
talloc_stackframe() stacks, so if you forget to free one, the outer one will free it. However, it's not a good idea to rely too heavily on this behaviour: it can lead to delays in the release of memory or destructors. I had an elaborate hack to make sure every talloc_stackframe() was freed in the exact same function it was allocated, however all bugs it caught were simply lazy freeing, so this patch just checks for that. This doesn't check for stackframes we don't free up on exit: that would be nice, but uncovers some uncomfortable (but probably harmless) cases. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18talloc_stack: always include the location when creating a talloc_stackframe().Rusty Russell2-8/+11
Much better for debugging. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18talloc_stack: handle more than one talloc_stackframe_pool()Rusty Russell1-8/+9
The only reason we make one stackframe parent of the next is so we use our parent's pool. That doesn't make sense if we're a new pool, and wouldn't work anyway. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18talloc: don't allow a talloc_pool inside a talloc_pool.Rusty Russell2-1/+9
We explicitly call free() on a pool which falls to zero, assuming it's not inside another pool (we crash). Check on creation and explicitly document this case. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18talloc: use a struct for pool headers.Rusty Russell2-106/+90
This neatens the code a bit (we should do a similar thing for all the TALLOC_CHUNK macros). Two subtler changes: (1) As a result of the struct, we actually pack object_count into the talloc header on 32-bit platforms (since the header is 40 bytes, but needs to be 16-byte aligned). (2) I avoid VALGRIND_MAKE_MEM_UNDEFINED on memmove when we resize the only entry in a pool; that's done later anyway. With -O2 on my 11.04 Ubuntu 32-bit x86 laptop, the talloc_pool speed as measured by testsuite.c actually increases 10%. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-17s3-linux-aio: Fix error handlingVolker Lendecke1-4/+2
Signed-off-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Jul 17 21:22:31 CEST 2012 on sn-devel-104
2012-07-17Add debug message when SD hash doesn't match.Jeremy Allison1-0/+5
2012-07-17s3-autoconf: Fix the build.Günther Deschner1-11/+3
Guenther Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Tue Jul 17 16:17:06 CEST 2012 on sn-devel-104
2012-07-17Enable AES in winbind.Andreas Schneider1-1/+1
Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-17s3-rpc_client: Fix updating netlogon credentials.Andreas Schneider1-8/+7
Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-17s3-rpc_client: Add capabilities check for AES encrypted connections.Andreas Schneider1-1/+158
Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-17s4-auth: Make sure we use the correct credential state.Andreas Schneider1-1/+6
If we create a copy of the credential state we miss updates to the credentials. To establish a netlogon schannel connection we create client credentials and authenticate with them using dcerpc_netr_ServerAuthenticate2() For this we call netlogon_creds_client_authenticator() which increases the sequence number and steps the credentials. Lets assume the sequence number is 1002. After a successful authentication we get the server credentials and we send bind a auth request with the received creds. This sets up gensec and the gensec schannel module created a copy of the client creds and stores it in the schannel auth state. So the creds stored in gensec have the sequence number 1002. After that we continue and need the client credentials to call dcerpc_netr_LogonGetCapabilities() to verify the connection. So we need to increase the sequence number of the credentials to 1004 and step the credentials to the next state. The server always does the same and everything is just fine here. The connection is established and we want to do another netlogon call. So we get the creds from gensec and want to do a netlogon call e.g. dcerpc_netr_SamLogonWithFlags. We get the needed creds from gensec. The sequence number is 1002 and we talk to the server. The server is already ahead cause we are already at sequence number 1004 and the server expects it to be 1006. So the server gives us ACCESS_DENIED cause we use a copy in gensec. Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-17s4-librpc: Add capabilities check for AES encrypted connections.Andreas Schneider1-1/+110
Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-17s4-torture: Improve samlogon test.Andreas Schneider1-0/+8
2012-07-17s4-torture: Add DCERPC_SCHANNEL_AES tests.Andreas Schneider1-1/+5
Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-17s3:rpc_server: add support for AES bases netlogon schannelStefan Metzmacher1-0/+4
metze Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-17s4:rpc_server/netlogon: add support for AES based netlogon schannelStefan Metzmacher1-0/+4
metze Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-17s4:librpc/rpc: add DCERPC_SCHANNEL_AES supportStefan Metzmacher2-2/+18
metze Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-17libcli/auth: add support for AES/HMAC-SHA256 to the netlogon schannel sign/sealStefan Metzmacher1-51/+137
metze Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-17libcli/auth: add support for AES/HMAC-SHA256 schannel session key supportStefan Metzmacher1-3/+63
metze Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-17s4:rpc_server/netlogon: only return STRONG_KEYS if the client asked for itStefan Metzmacher1-26/+31
metze Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-17s4:rpc_server/netlogon: implement netr_LogonGetCapabilitiesStefan Metzmacher1-2/+20
This is also needed to support AES. metze Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-17s4:librpc/rpc/dcerpc_schannel: just append NETLOGON_NEG_RODC_PASSTHROUGH as rodcStefan Metzmacher2-6/+5
The RODC stuff doesn't depend on the schannel algorithm. metze Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-17s4:librpc/rpc/dcerpc_schannel: rework downgrade logicStefan Metzmacher1-5/+38
metze Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-17VERSION: Move on to beta5!Andrew Bartlett1-2/+2
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Tue Jul 17 06:10:52 CEST 2012 on sn-devel-104
2012-07-17VERSION: Mark as the beta4 releaseAndrew Bartlett1-1/+1