summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2011-03-05s3: Fix a memory leak in check_sam_security_info3Volker Lendecke1-10/+12
Abartlet, this commit makes check_sam_security_info3 use talloc_tos() and also cleans up the temporary talloc stackframe. The old code created a temporary talloc context off "mem_ctx" but failed to clean up the tmp_ctx in all but one return paths. talloc_stackframe()/talloc_tos() is designed as a defense against exactly this error: Even if we failed to free the frame when returning from the routine, it would be cleaned up very soon, in our main event loop. Please check this patch! Thanks, Volker Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Sat Mar 5 14:08:37 CET 2011 on sn-devel-104
2011-03-05s3:test: the registry roundtrip test passes nowMichael Adam1-1/+0
Autobuild-User: Michael Adam <obnox@samba.org> Autobuild-Date: Sat Mar 5 02:19:33 CET 2011 on sn-devel-104
2011-03-05s3:test: mark vanished parameter "postscript" invalid in net registry ↵Michael Adam1-0/+1
roundtrip test
2011-03-05s3:test: in net registry roundtrip test, mark "lock dir" as invalid parameterMichael Adam1-0/+1
This is a synonym of lock directory which is already marked invalid.
2011-03-05s3:test: in net registry roundtrip test, exclude the files from exclude/logonMichael Adam1-1/+1
These files are not samba config files...
2011-03-05s3:registry: fix invalid write in iconvert_talloc()Michael Adam1-2/+5
For a non-preallocated dest-string and sourcestring of len < 2, (one or both of the) final two two zero-bytes would be written after the end of the allocated dest-string. The sourcelen did not include the source string terminator. For longer strings, this was not a problem because the dest-string would have been reallocated in the convert-loop. This is fixed now by allocating two extra bytes for the terminating 0-bytes that are needed anyways in the initial allocation. Pair-Programmed-With: Gregor Beck <gbeck@sernet.de>
2011-03-05s3:test: correctly react to each failing step in the net registry roundtrip ↵Michael Adam1-0/+29
tests
2011-03-05s3:test: improve logging in the net registry roundtrip test stepsMichael Adam1-1/+7
2011-03-04s4:operational LDB module - fix attribute names to be right up/down-casedMatthias Dieter Wallnöfer2-10/+10
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Fri Mar 4 23:56:07 CET 2011 on sn-devel-104
2011-03-04s4:ldap.py - rootdse tests should search for the rootDSE not the default DNMatthias Dieter Wallnöfer1-1/+1
Reviewed by: Tridge
2011-03-04s4:ldap.py - add a test in order to show the operational module fixedMatthias Dieter Wallnöfer1-0/+14
Reviewed by: Tridge
2011-03-04s4:operational LDB module - fix display of some constructed attributesMatthias Dieter Wallnöfer1-2/+2
"structuralObjectClass", "createTimestamp" and "modifyTimestamp" weren't displayed anymore. Reviewed by: Tridge
2011-03-04s4:operational LDB module - add "groupToken" as unsigned int (uint32_t)Matthias Dieter Wallnöfer1-1/+1
Reviewed by: Tridge
2011-03-04s4:operational LDB module - readd "structuralObjectClass" -> "objectClass" ↵Matthias Dieter Wallnöfer1-1/+1
mapping This has been removed accidentally by commit a093e10896a4768dba0cd793a04b7d5d1366fee2. Reviewed by: Tridge
2011-03-04ldb:ldb_msg.c - use LDB result constants for checking return valuesMatthias Dieter Wallnöfer1-2/+5
Reviewed by: Tridge Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Fri Mar 4 22:51:57 CET 2011 on sn-devel-104
2011-03-04s4:ldap.py - other important RDN check testcasesMatthias Dieter Wallnöfer1-0/+67
Reviewed by: Tridge
2011-03-04s4:ldap.py - remove a debug outputMatthias Dieter Wallnöfer1-1/+0
This has only been needed for developing this testcase and has been forgotten to be removed afterwards. Reviewed by: Tridge
2011-03-04ldb:rdn_name LDB module - more RDN constraint checks (from AD)Matthias Dieter Wallnöfer1-1/+40
Reviewed by: Tridge
2011-03-04s4/ldb - remove now superflous "ldb_dn_validate" checksMatthias Dieter Wallnöfer9-18/+14
If we immediately afterwards perform an LDB base operation then we don't need an explicit "ldb_dn_validate" check anymore (only OOM makes sense). Reviewed by: Tridge
2011-03-04s4:dsdb - we don't need to check if a DN != NULL if we call "ldb_dn_validate"Matthias Dieter Wallnöfer3-7/+4
"ldb_dn_validate" is NULL-safe and does the check implicitly. Reviewed by: Tridge
2011-03-04Revert "s4:objectclass LDB module - if we cannot find DN's parent then the ↵Matthias Dieter Wallnöfer1-3/+1
DN itself is invalid" This is not needed anymore with the new DN checking. This reverts commit 5896b7299331aedd065397d2078c62d85bcf68f6. Reviewed by: Tridge
2011-03-04ldb:ldb_request - handle here the DN checksMatthias Dieter Wallnöfer1-1/+22
This is a much better solution than we had before - so all important DN checks are enforced for each type of LDB database (and not limited to DSDB). Many "ldb_dn_validate" checks will now become obsolete. Reviewed by: Tridge
2011-03-04s4:objectclass LDB module - fix a commentMatthias Dieter Wallnöfer1-1/+1
Reviewed by: Tridge
2011-03-04s4:libnet/libnet_site.c - make use of LDB return constantsMatthias Dieter Wallnöfer1-6/+6
Reviewed by: Tridge
2011-03-04s4:waf-build fix disable-shared build for smbtortureChristian Ambach1-1/+1
building smbtorture4 with configure --disable-shared failed with an error that ldb.h could not be found Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org> Reviewed by: Tridge
2011-03-04s4:selftest: test using the machine account of the rodc against itselfStefan Metzmacher1-0/+1
This should test the non proxy rodc kdc path. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Fri Mar 4 22:06:10 CET 2011 on sn-devel-104
2011-03-04selftest/target/Samba4: regenerate the krb5.conf after the rodc joinStefan Metzmacher1-0/+6
The RODC should be used as KDC, which will forward requests to the RWDC if required. metze
2011-03-04selftest/target/Samba4: splitout a mk_krb5_conf() functionStefan Metzmacher1-44/+51
metze
2011-03-04s4:kdc: split the kdc_tcp_proxy() logic from the main kdc logicStefan Metzmacher3-252/+303
By having kdc_tcp_proxy_send/recv(), which just asks any writeable dc for a reponse blob, we simplify the interaction between client-local and local-writeable sockets. This allows us to make kdc_socket, kdc_process_fn_t, kdc_tcp_call and kdc_tcp_socket private to kdc.c again. metze
2011-03-04s4:kdc: split the kdc_udp_proxy() logic from the main kdc logicStefan Metzmacher3-207/+231
By having kdc_udp_proxy_send/recv(), which just asks any writeable dc for a reponse blob, we simplify the interaction between client-local and local-writeable sockets. This allows us to make kdc_udp_call and kdc_udp_socket private to kdc.c again. metze
2011-03-04s4:kdc: add a kdc_proxy_unavailable_error() helper functionStefan Metzmacher1-0/+24
metze
2011-03-04s4:kdc: fix calculation of the rodc kvnoStefan Metzmacher1-4/+12
Bit shifting is non-trivial in C:-) This int32_t a = 0x12340000; uint32_t b = (a >> 16); results in 0x00001234, but this int32_t a = 0xEDCB0000; uint32_t b = (a >> 16); results in 0xFFFFEDCB, while we expected 0x0000EDCB. metze
2011-03-04HEIMDAL:kdc: correctly propagate HDB_ERR_NOT_FOUND_HERE to via ↵Stefan Metzmacher1-0/+5
tgs_parse_request() and _kdc_tgs_rep() metze
2011-03-04lib/socket_wrapper: try to fix the build on solarisStefan Metzmacher1-0/+13
struct msg does not contain msg_control, msg_controllen and msg_flags on solaris. metze
2011-03-04s3: add two missing vfs disconnect callsDavid Disseldorp1-0/+2
The fix for bug 7976 added a vfs connect call to create_conn_struct. This change adds two further disconnect calls that were missed by the original change. Signed-off-by: Andreas Schneider <asn@samba.org> Autobuild-User: Andreas Schneider <asn@cryptomilk.org> Autobuild-Date: Fri Mar 4 16:33:53 CET 2011 on sn-devel-104
2011-03-04s3-printing: fix cups pcap reload with no printersDavid Disseldorp1-12/+27
cups_async_callback() is called to receive new printcap data from a child process which requests the information from cupsd. Newly received printcap information is stored in a temporary printcap cache (tmp_pcap_cache). Once the child process closes the printcap IPC file descriptor, the system printcap cache is replaced with the newly populated tmp_pcap_cache, however this only occurs if tmp_pcap_cache is non null (has at least one printer). If the printcap cache is empty, which is the case when cups is not exporting any printers, the printcap cache is not replaced resulting in stale data. https://bugzilla.samba.org/show_bug.cgi?id=7915 Signed-off-by: Andreas Schneider <asn@samba.org>
2011-03-04s3-printing: remove unneeded local_pcap_copy globalDavid Disseldorp1-36/+18
The cups local_pcap_copy global served as a temporary buffer during asynchronous cups printcap cache updates, as well as indicating when the printcap cache had not yet been filled and printcap cache update should block. As smbd printcap reads are now triggered by the parent smbd following printcap cache update, the variable and blocking mechanism are no longer needed. Signed-off-by: Andreas Schneider <asn@samba.org>
2011-03-04s3-printing: follow force user/group for driver IODavid Disseldorp3-57/+118
Configuring force user/group settings for the print$ share currently has unexpected results, this is explained by how the driver upload/add process takes place. Consider the following example: [print$] path = /print-drv write list = $DRIVER_UPLOAD_USER force group = ntadmin - the client connects to the [print$] share and uploads all driver files to the /print-drv/W32X86 directory. - This is permitted, as /print-drv/W32X86 is owned by group ntadmin, and the "force group = ntadmin" takes effect for the [print$] session. - Once all files are uploaded, the client connects to the [ipc$] share and issues an AddPrinterDriverEx spoolss request. - In handling this request move_driver_to_download_area() is called, which attempts to create the directory /print-drv/W32X86/3 - The create directory fails, as it is done as the user connected to the [ipc$] share which does not have permission to write to the driver directory. The [print$] "force group = ntadmin" has no effect. This is a regression from previous behaviour prior to the commit: 783ab04 Convert move_driver_to_download_area to use create_conn_struct. https://bugzilla.samba.org/show_bug.cgi?id=7921 Signed-off-by: Andreas Schneider <asn@samba.org>
2011-03-04ldb:ldb tools - remove a superflous "return" (usage internally calls "exit")Matthias Dieter Wallnöfer1-1/+0
Reviewed by: Tridge Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Fri Mar 4 09:39:22 CET 2011 on sn-devel-104
2011-03-04ldb:ldb tools - return LDB_ERR_INVALID_DN_SYNTAX on wrong DN parametersMatthias Dieter Wallnöfer5-5/+9
Not all LDB databases have further DN checks. Reviewed by: Tridge
2011-03-04ldb:ldb tools - ldbtest - convert other result values to LDB codes as wellMatthias Dieter Wallnöfer1-15/+15
I've forgotten this in my first patchset. Reviewed by: Tridge
2011-03-04s4:LDAP server - remove validation checks of input DNsMatthias Dieter Wallnöfer1-23/+8
We should rather try to let the LDB modules perform these checks otherwise different backends behaviour differently. Reviewed by: Tridge
2011-03-04s4:objectclass LDB module - if we cannot find DN's parent then the DN itself ↵Matthias Dieter Wallnöfer1-1/+3
is invalid ERR_INVALID_DN_SYNTAX fits better than ERR_OPERATION_ERROR in this case. This one gets triggered if we perform "add" requests without the LDAP server. Reviewed by: Tridge
2011-03-04debug: fixed a valgrind errorAndrew Tridgell1-1/+4
Thanks to Volker for spotting this one! Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Fri Mar 4 03:09:52 CET 2011 on sn-devel-104
2011-03-04s3-waf: add wildcard commands from main wscript.Günther Deschner1-1/+11
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Fri Mar 4 02:11:11 CET 2011 on sn-devel-104
2011-03-04s3-nterr: use strcasecmp in nt_status_string_to_code().Günther Deschner1-1/+2
Guenther
2011-03-04s4-nterr: move auth_nt_status_squash to nt_status_squash and move to nterr.cGünther Deschner8-36/+38
Guenther
2011-03-04s4-nterr: some minor cosmetic edits to further match s3 nterr.Günther Deschner1-3/+10
Guenther
2011-03-04s3-nterr: within nt_errstr() compare codes using NT_STATUS_V().Günther Deschner1-1/+2
This is to avoid future very special NT_STATUS_EQUAL semantics within s4. Guenther
2011-03-04nterr: make sure both nt_err_desc structs are the same.Günther Deschner2-0/+6
Guenther