summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2011-03-04ldb:rdn_name LDB module - more RDN constraint checks (from AD)Matthias Dieter Wallnöfer1-1/+40
Reviewed by: Tridge
2011-03-04s4/ldb - remove now superflous "ldb_dn_validate" checksMatthias Dieter Wallnöfer9-18/+14
If we immediately afterwards perform an LDB base operation then we don't need an explicit "ldb_dn_validate" check anymore (only OOM makes sense). Reviewed by: Tridge
2011-03-04s4:dsdb - we don't need to check if a DN != NULL if we call "ldb_dn_validate"Matthias Dieter Wallnöfer3-7/+4
"ldb_dn_validate" is NULL-safe and does the check implicitly. Reviewed by: Tridge
2011-03-04Revert "s4:objectclass LDB module - if we cannot find DN's parent then the ↵Matthias Dieter Wallnöfer1-3/+1
DN itself is invalid" This is not needed anymore with the new DN checking. This reverts commit 5896b7299331aedd065397d2078c62d85bcf68f6. Reviewed by: Tridge
2011-03-04ldb:ldb_request - handle here the DN checksMatthias Dieter Wallnöfer1-1/+22
This is a much better solution than we had before - so all important DN checks are enforced for each type of LDB database (and not limited to DSDB). Many "ldb_dn_validate" checks will now become obsolete. Reviewed by: Tridge
2011-03-04s4:objectclass LDB module - fix a commentMatthias Dieter Wallnöfer1-1/+1
Reviewed by: Tridge
2011-03-04s4:libnet/libnet_site.c - make use of LDB return constantsMatthias Dieter Wallnöfer1-6/+6
Reviewed by: Tridge
2011-03-04s4:waf-build fix disable-shared build for smbtortureChristian Ambach1-1/+1
building smbtorture4 with configure --disable-shared failed with an error that ldb.h could not be found Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org> Reviewed by: Tridge
2011-03-04s4:selftest: test using the machine account of the rodc against itselfStefan Metzmacher1-0/+1
This should test the non proxy rodc kdc path. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Fri Mar 4 22:06:10 CET 2011 on sn-devel-104
2011-03-04selftest/target/Samba4: regenerate the krb5.conf after the rodc joinStefan Metzmacher1-0/+6
The RODC should be used as KDC, which will forward requests to the RWDC if required. metze
2011-03-04selftest/target/Samba4: splitout a mk_krb5_conf() functionStefan Metzmacher1-44/+51
metze
2011-03-04s4:kdc: split the kdc_tcp_proxy() logic from the main kdc logicStefan Metzmacher3-252/+303
By having kdc_tcp_proxy_send/recv(), which just asks any writeable dc for a reponse blob, we simplify the interaction between client-local and local-writeable sockets. This allows us to make kdc_socket, kdc_process_fn_t, kdc_tcp_call and kdc_tcp_socket private to kdc.c again. metze
2011-03-04s4:kdc: split the kdc_udp_proxy() logic from the main kdc logicStefan Metzmacher3-207/+231
By having kdc_udp_proxy_send/recv(), which just asks any writeable dc for a reponse blob, we simplify the interaction between client-local and local-writeable sockets. This allows us to make kdc_udp_call and kdc_udp_socket private to kdc.c again. metze
2011-03-04s4:kdc: add a kdc_proxy_unavailable_error() helper functionStefan Metzmacher1-0/+24
metze
2011-03-04s4:kdc: fix calculation of the rodc kvnoStefan Metzmacher1-4/+12
Bit shifting is non-trivial in C:-) This int32_t a = 0x12340000; uint32_t b = (a >> 16); results in 0x00001234, but this int32_t a = 0xEDCB0000; uint32_t b = (a >> 16); results in 0xFFFFEDCB, while we expected 0x0000EDCB. metze
2011-03-04HEIMDAL:kdc: correctly propagate HDB_ERR_NOT_FOUND_HERE to via ↵Stefan Metzmacher1-0/+5
tgs_parse_request() and _kdc_tgs_rep() metze
2011-03-04lib/socket_wrapper: try to fix the build on solarisStefan Metzmacher1-0/+13
struct msg does not contain msg_control, msg_controllen and msg_flags on solaris. metze
2011-03-04s3: add two missing vfs disconnect callsDavid Disseldorp1-0/+2
The fix for bug 7976 added a vfs connect call to create_conn_struct. This change adds two further disconnect calls that were missed by the original change. Signed-off-by: Andreas Schneider <asn@samba.org> Autobuild-User: Andreas Schneider <asn@cryptomilk.org> Autobuild-Date: Fri Mar 4 16:33:53 CET 2011 on sn-devel-104
2011-03-04s3-printing: fix cups pcap reload with no printersDavid Disseldorp1-12/+27
cups_async_callback() is called to receive new printcap data from a child process which requests the information from cupsd. Newly received printcap information is stored in a temporary printcap cache (tmp_pcap_cache). Once the child process closes the printcap IPC file descriptor, the system printcap cache is replaced with the newly populated tmp_pcap_cache, however this only occurs if tmp_pcap_cache is non null (has at least one printer). If the printcap cache is empty, which is the case when cups is not exporting any printers, the printcap cache is not replaced resulting in stale data. https://bugzilla.samba.org/show_bug.cgi?id=7915 Signed-off-by: Andreas Schneider <asn@samba.org>
2011-03-04s3-printing: remove unneeded local_pcap_copy globalDavid Disseldorp1-36/+18
The cups local_pcap_copy global served as a temporary buffer during asynchronous cups printcap cache updates, as well as indicating when the printcap cache had not yet been filled and printcap cache update should block. As smbd printcap reads are now triggered by the parent smbd following printcap cache update, the variable and blocking mechanism are no longer needed. Signed-off-by: Andreas Schneider <asn@samba.org>
2011-03-04s3-printing: follow force user/group for driver IODavid Disseldorp3-57/+118
Configuring force user/group settings for the print$ share currently has unexpected results, this is explained by how the driver upload/add process takes place. Consider the following example: [print$] path = /print-drv write list = $DRIVER_UPLOAD_USER force group = ntadmin - the client connects to the [print$] share and uploads all driver files to the /print-drv/W32X86 directory. - This is permitted, as /print-drv/W32X86 is owned by group ntadmin, and the "force group = ntadmin" takes effect for the [print$] session. - Once all files are uploaded, the client connects to the [ipc$] share and issues an AddPrinterDriverEx spoolss request. - In handling this request move_driver_to_download_area() is called, which attempts to create the directory /print-drv/W32X86/3 - The create directory fails, as it is done as the user connected to the [ipc$] share which does not have permission to write to the driver directory. The [print$] "force group = ntadmin" has no effect. This is a regression from previous behaviour prior to the commit: 783ab04 Convert move_driver_to_download_area to use create_conn_struct. https://bugzilla.samba.org/show_bug.cgi?id=7921 Signed-off-by: Andreas Schneider <asn@samba.org>
2011-03-04ldb:ldb tools - remove a superflous "return" (usage internally calls "exit")Matthias Dieter Wallnöfer1-1/+0
Reviewed by: Tridge Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Fri Mar 4 09:39:22 CET 2011 on sn-devel-104
2011-03-04ldb:ldb tools - return LDB_ERR_INVALID_DN_SYNTAX on wrong DN parametersMatthias Dieter Wallnöfer5-5/+9
Not all LDB databases have further DN checks. Reviewed by: Tridge
2011-03-04ldb:ldb tools - ldbtest - convert other result values to LDB codes as wellMatthias Dieter Wallnöfer1-15/+15
I've forgotten this in my first patchset. Reviewed by: Tridge
2011-03-04s4:LDAP server - remove validation checks of input DNsMatthias Dieter Wallnöfer1-23/+8
We should rather try to let the LDB modules perform these checks otherwise different backends behaviour differently. Reviewed by: Tridge
2011-03-04s4:objectclass LDB module - if we cannot find DN's parent then the DN itself ↵Matthias Dieter Wallnöfer1-1/+3
is invalid ERR_INVALID_DN_SYNTAX fits better than ERR_OPERATION_ERROR in this case. This one gets triggered if we perform "add" requests without the LDAP server. Reviewed by: Tridge
2011-03-04debug: fixed a valgrind errorAndrew Tridgell1-1/+4
Thanks to Volker for spotting this one! Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Fri Mar 4 03:09:52 CET 2011 on sn-devel-104
2011-03-04s3-waf: add wildcard commands from main wscript.Günther Deschner1-1/+11
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Fri Mar 4 02:11:11 CET 2011 on sn-devel-104
2011-03-04s3-nterr: use strcasecmp in nt_status_string_to_code().Günther Deschner1-1/+2
Guenther
2011-03-04s4-nterr: move auth_nt_status_squash to nt_status_squash and move to nterr.cGünther Deschner8-36/+38
Guenther
2011-03-04s4-nterr: some minor cosmetic edits to further match s3 nterr.Günther Deschner1-3/+10
Guenther
2011-03-04s3-nterr: within nt_errstr() compare codes using NT_STATUS_V().Günther Deschner1-1/+2
This is to avoid future very special NT_STATUS_EQUAL semantics within s4. Guenther
2011-03-04nterr: make sure both nt_err_desc structs are the same.Günther Deschner2-0/+6
Guenther
2011-03-04nterr: make sure both nt_errs structs are the same.Günther Deschner2-4/+17
Guenther
2011-03-04s4-nterr: add _N macro handling as in s3-nterr.Günther Deschner1-91/+95
Guenther
2011-03-04s3-nterr: make nt_err_desc static const.Günther Deschner1-1/+1
Guenther
2011-03-04nterr: remove space indents (use tabs instead), following coding standards.Günther Deschner2-27/+27
Guenther
2011-03-04nterr: remove trailing whitespace.Günther Deschner2-24/+24
Guenther
2011-03-04s3-waf: add check for SEEKDIR_RETURNS_VOID.Günther Deschner1-0/+5
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Fri Mar 4 01:13:54 CET 2011 on sn-devel-104
2011-03-04s3-waf: add check for HAVE_FUNCTION_ATTRIBUTE_DESTRUCTOR.Günther Deschner1-0/+6
Guenther
2011-03-04libreplace: move "struct timespec" checks into libreplace (where timespec is ↵Günther Deschner6-33/+31
already used). Bjoern, Metze, please check. Guenther
2011-03-03socket_wrapper: use swrap_sendmsg_before()/after() in swrap_writev()Stefan Metzmacher1-49/+17
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Thu Mar 3 23:43:39 CET 2011 on sn-devel-104
2011-03-03socket_wrapper: use swrap_sendmsg_before()/after() in swrap_sendmsg()Stefan Metzmacher1-47/+66
This also adds the same logic for broadcast as in swrap_sendto() for SOCK_DGRAM. metze
2011-03-03socket_wrapper: use swrap_sendmsg_before()/after() in swrap_send()Stefan Metzmacher1-37/+18
metze
2011-03-03socket_wrapper: use swrap_sendmsg_before()/after() in swrap_sendto()Stefan Metzmacher1-86/+35
metze
2011-03-03socket_wrapper: add swrap_sendmsg_before/after helper functionsStefan Metzmacher1-0/+191
Currently have almost the same logic in swrap_send(), swrap_sendto(), swrap_writev() and swrap_sendmsg(), this helper functions let combine all the logic in 2 places. metze
2011-03-03socket_wrapper: replace recvmsg() correctlyStefan Metzmacher1-0/+6
metze
2011-03-03socket_wrapper: readv() should only work on connected socketsStefan Metzmacher1-0/+5
metze
2011-03-03socket_wrapper: move swrap_ioctl() above the send*/recv* functionsStefan Metzmacher1-26/+26
metze
2011-03-03socket_wrapper: fix compiler warningsStefan Metzmacher1-28/+37
metze