summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2009-08-22s4:ntp_signd Fix bug 6656 - Set protocol version to 0, as used by ntpdAndrew Bartlett3-7/+6
The change to protocol version 1 was not intentional, and broke the protocol established with the ntp.org project. Andrew Bartlett
2009-08-21Fix coverity CID: 932 - forward null.Jeremy Allison1-2/+4
Jeremy.
2009-08-21Fix for bug 6651 - smbd SIGSEGV when breaking oplocks.Jeremy Allison1-17/+54
Based on a patch submitted by Petr Vandrovec <petr@vandrovec.name>. Multiple pending signals with siginfo_t's weren't being handled correctly leading to smbd abort with kernel oplock signals. Jeremy
2009-08-21s3: fix bug #6650, authentication at member servers when winbindd is not runningMichael Adam1-1/+1
Authentication of domain users on the member server fails when winbindd is not running. This is because the is_trusted_domain() check behaves differently when winbindd is running and when it isn't: Since wb_is_trusted_domain() calls wbcDomainInfo(), and this will also give a result for our own domain, this succeeds for the member server's own domain when winbindd is running. When winbindd is not running, is_trusted_domain() checks (and possibly updates) the trustdom cache, and this does the lsa_EnumTrustDom() rpc call to the DC which does not return its own domain. In case of winbindd not running, before 3.4, the domain part was _silently_ mapped to the workgroup in auth_util.c:make_user_info_map(), which effectively did nothing in the member case. But then the parameter "map untrusted to domain" was introduced and the mapping was made to the workstation name instead of the workgroup name by default unless "map untrusted to domain = yes". (Commits d8c54fddda2dba3cbc5fc13e93431b152813892e, 5cd4b7b7c03df6e896186d985b6858a06aa40b3f, and fbca26923915a70031f561b198cfe2cc0d9c3aa6) This was ok as long as winbindd was running, but with winbindd not running, these changes actually uncovered the above logic bug in the check. So the correct check is to treat the workgroup as trusted / or known in the member case. This is most easily achieved by not comparing the domain name against get_global_sam_name() which is the host name unless for a DC but against my_sam_name() which is the workgroup for a DC and for a member, too. (These names are not very intuitive...) I admit that this is a very long commit message for a one-liner, but this has needed some tracking down, and I think the change deserves some justification. Michael
2009-08-21s4:clientSam Liddicott1-3/+7
Put was assuming that the remote name was always absolute, and not relative to the current remote directory. Signed-off-by: Sam Liddicott <sam@liddicott.com>
2009-08-21Add missing CreateFile flags to smb.hSteve French1-1/+12
2009-08-21s4:ldb Python requires that a 'compare' handler return -1, 0 or 1Andrew Bartlett1-1/+5
2009-08-21s4:ldb Use length-limited printf to avoid walking off end of stringsAndrew Bartlett1-1/+1
This should ensure the debug messages do not have random characters at their ends. Andrew Bartlett
2009-08-21s4:kerberos Use MIT compatible names for these enc typesAndrew Bartlett2-3/+3
This is a small start on (ie, the only trivial part of) the work shown in: http://k5wiki.kerberos.org/wiki/Projects/Samba4_Port#Samba.27s_use_of_Heimdal_symbols.2C_with_MIT_differences (a table of all Kerberos symbols used in Samba4, and notes on where they differ from those provided with MIT Kerberos) Andrew Bartlett
2009-08-20Fix bug 6638 - ADS Domain Member: Computer Mgr can not set share ACLsJeremy Allison1-3/+19
Add good error message for share modification denial. Jeremy.
2009-08-20s3-idmap: fix two uninitialized variable warnings in idmap_tdb2.Günther Deschner1-3/+3
Guenther
2009-08-20s3:dsgetdcname: Fix a crash in dsgetdcnameVolker Lendecke1-0/+2
When returning NT_STATUS_OK we can't leave *info == NULL, this crashes in is_closest_site called from dsgetdcname(). Signed-off-by: Günther Deschner <gd@samba.org>
2009-08-20s3:dsgetdcname: Inline dsgetdcname_cache_refreshVolker Lendecke1-26/+7
Signed-off-by: Günther Deschner <gd@samba.org>
2009-08-20s4-spoolss: add stubs for new idl opcodes in spoolss server.Günther Deschner1-0/+140
Guenther
2009-08-20s3-spoolss: add stubs for new idl opcodes in spoolss server.Günther Deschner1-0/+153
Guenther
2009-08-20s3: re-run make samba3-idl.Günther Deschner7-2/+4717
Guenther
2009-08-20spoolss: add more spoolss calls to IDLGünther Deschner1-0/+90
(spoolss_GetPrinterDriverPackagePath and spoolss_GetCorePrinterDrivers). Guenther
2009-08-19Fix bug #6647 - get_root_nt_token: getpwnam("root") failed!Jeremy Allison1-2/+2
Not all systems may have a "root" user, but all must have a passwd entry for a uid of zero. Jeremy.
2009-08-19Fix Red Hat bugzilla bug : https://bugzilla.redhat.com/show_bug.cgi?id=516165Jeremy Allison1-1/+1
nautilus fails to copy files from an SMB share. This is a show-stopper for 3.4.1 (I'll open a Samba.org bug). Although gnome-vfs is doing *incredibly* stupid things by asking for a read size of 65535 - this translates on the wire to a 65534 byte read followed by a 1 byte read. Please send this back to the gnome developers that they will ge horrid on the wire performance for this. Jeremy.
2009-08-19s3:smbd: implement SMB2 Find (Query Directory)Stefan Metzmacher1-1/+197
metze
2009-08-19s3:smbd: store a dirptr on the files_struct for SMB2 Query DirectoryStefan Metzmacher2-0/+6
metze
2009-08-19s3:smbd: add a generic smbd_dirptr_lanman2_entry() functionStefan Metzmacher2-46/+214
This can we used by SMB2, the key difference between SMB1 and SMB2 is that with SMB2 entries are aligned to 8 bytes and there's no padding at the end of the last entry. metze
2009-08-19s3:smbd: implement all SMB2 Create contexts except "ExtA"Stefan Metzmacher1-8/+217
metze
2009-08-19s3:smbd: make smbd_check_open_rights() function non-static for use in SMB2Stefan Metzmacher2-8/+13
metze
2009-08-19s3 merged build: Don't build wbinfo twice.Kai Blin1-0/+3
Many, many thanks to Metze for telling me which chicken to sacrifice.
2009-08-19tevent: fix a commentMichael Adam1-1/+1
Michael
2009-08-19Make refusal of SEC_DESC_DACL_PROTECTED configurableVolker Lendecke1-1/+3
This adds a parameter "gpfs:refuse_dacl_protected" that defaults to false. GPFS has no place to store the SEC_DESC_DACL_PROTECTED ACL bit. With this parameter we give customers an option to either ignore this bit or refuse setting an ACL with it.
2009-08-19s3:smbd: parse context blobs in SMB2 CreateStefan Metzmacher1-48/+150
metze
2009-08-19added basic support for rename in DRS replicationAndrew Tridgell1-5/+9
Added simple DRS rename support in replication. This should be done async, and I'm not sure if we should also do any repl data updates to indicate the rename. I'm still learning how this stuff works, but at least this allows a rename on a DC to propogate correctly
2009-08-19we need the Deleted Objects container for replicationAndrew Tridgell1-0/+6
When objects are deleted they get renamed to this container. The container needs to exist when we provision
2009-08-18wbinfo: Fix up s3 blackbox test. wbinfo no longer needs a config file.Kai Blin1-1/+1
2009-08-18s4 winbind: Quiet down the WINBINDD_DOMAIN_INFO handler stub warningKai Blin1-1/+1
2009-08-18wbinfo: Reduce test noise in the wbinfo blackbox testKai Blin1-3/+7
With the switch to libwbclient the previously stubbed out --trusted-domains and --all-domains calls now fail. Set them to knownfail. The previously knownfail -D test is now stubbed out, test it now. This does not fix the issues with wbinfo -a and wbinfo -K not working on the build farm. I have no idea whatsoever what is causing this, as those are broken on my local machine even without my changes.
2009-08-18s4 winbind: Silence compile warning by adding new commands to the listKai Blin1-0/+3
2009-08-18s4 winbind: Implement a stubbed out version of WINBINDD_DOMAIN_INFOKai Blin2-1/+19
2009-08-18wbinfo: Use one codebase for Samba3 and Samba4.Kai Blin4-1336/+9
There can be only one....wbinfo that is.
2009-08-18s3 wbinfo: Only call afs_settoken_str if compiled with WITH_FAKE_KASERVERKai Blin1-0/+8
2009-08-18s3 wbinfo: use wbcSidTypeString instead of sid_type_lookupKai Blin1-2/+2
2009-08-18libwbclient: Add wbcSidTypeString function.Kai Blin2-1/+28
2009-08-18s3 wbinfo: Remove unused functions, use C99-typesKai Blin1-6/+1
2009-08-18s3 wbinfo: Explicitly include popt header, remove unused common options.Kai Blin1-1/+5
2009-08-18s3 wbinfo: Use talloc_strdup instead of SMB_STRDUPKai Blin1-21/+23
2009-08-18s3 wbinfo: Don't use global_myname()Kai Blin1-2/+17
2009-08-18s3 wbinfo: Avoid ADD_TO_ARRAY macro.Kai Blin1-1/+6
2009-08-18s3 wbinfo: Use uint32_t instead of uint32Kai Blin1-8/+8
2009-08-18s3 wbinfo: remove --get-auth-user and --set-auth-user functionalityKai Blin1-89/+6
Point to the corresponding commands in "net" instead.
2009-08-18s3 net: Add getauthuser/setauthuser commands.Kai Blin1-0/+124
These replace the functionality of wbinfo --get-auth-user/--set-auth-user
2009-08-18s3 wbinfo: Get rid of lp_ functionsKai Blin1-100/+158
This commit also fixes a lot of line lengths to make the file more readable.
2009-08-18s4 ctags: Stop *_proto.h files from cluttering up the tagsKai Blin1-1/+1
2009-08-17s4: int32 handling: previous fix was not fully correctMatthias Dieter Wallnöfer1-1/+1