Age | Commit message (Collapse) | Author | Files | Lines |
|
svcctl_init_winreg() doesn't free its stackframe.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
|
|
xattr_tdb_getxattr() doesn't free its stackframe.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
|
|
do_smb_load_module() doesn't free its stackframe on success.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
|
|
winbindd_can_contact_domain() doesn't always free its stackframe.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
|
|
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
|
|
do_message_op() doesn't free its stackframe in various paths.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
|
|
We're about to exit, so it doesn't really matter, but might as well
unify the paths.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
|
|
talloc_stackframe() stacks, so if you forget to free one, the outer
one will free it. However, it's not a good idea to rely too heavily
on this behaviour: it can lead to delays in the release of memory or
destructors.
I had an elaborate hack to make sure every talloc_stackframe() was
freed in the exact same function it was allocated, however all bugs it
caught were simply lazy freeing, so this patch just checks for that.
This doesn't check for stackframes we don't free up on exit: that would
be nice, but uncovers some uncomfortable (but probably harmless) cases.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
|
|
Much better for debugging.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
|
|
The only reason we make one stackframe parent of the next is so we use
our parent's pool. That doesn't make sense if we're a new pool, and
wouldn't work anyway.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
|
|
We explicitly call free() on a pool which falls to zero, assuming it's
not inside another pool (we crash). Check on creation and explicitly
document this case.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
|
|
This neatens the code a bit (we should do a similar thing for all the
TALLOC_CHUNK macros).
Two subtler changes:
(1) As a result of the struct, we actually pack object_count into the
talloc header on 32-bit platforms (since the header is 40 bytes, but
needs to be 16-byte aligned).
(2) I avoid VALGRIND_MAKE_MEM_UNDEFINED on memmove when we resize the
only entry in a pool; that's done later anyway.
With -O2 on my 11.04 Ubuntu 32-bit x86 laptop, the talloc_pool speed as
measured by testsuite.c actually increases 10%.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
|
|
Signed-off-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jul 17 21:22:31 CEST 2012 on sn-devel-104
|
|
|
|
Guenther
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Jul 17 16:17:06 CEST 2012 on sn-devel-104
|
|
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
If we create a copy of the credential state we miss updates to the
credentials.
To establish a netlogon schannel connection we create client credentials
and authenticate with them using
dcerpc_netr_ServerAuthenticate2()
For this we call netlogon_creds_client_authenticator() which increases
the sequence number and steps the credentials. Lets assume the sequence
number is 1002.
After a successful authentication we get the server credentials and we
send bind a auth request with the received creds. This sets up gensec
and the gensec schannel module created a copy of the client creds and
stores it in the schannel auth state. So the creds stored in gensec have
the sequence number 1002.
After that we continue and need the client credentials to call
dcerpc_netr_LogonGetCapabilities()
to verify the connection. So we need to increase the sequence number of
the credentials to 1004 and step the credentials to the next state. The
server always does the same and everything is just fine here.
The connection is established and we want to do another netlogon call.
So we get the creds from gensec and want to do a netlogon call e.g.
dcerpc_netr_SamLogonWithFlags.
We get the needed creds from gensec. The sequence number is 1002 and
we talk to the server. The server is already ahead cause we are already
at sequence number 1004 and the server expects it to be 1006. So the
server gives us ACCESS_DENIED cause we use a copy in gensec.
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
|
|
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
metze
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
metze
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
metze
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
metze
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
metze
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
metze
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
This is also needed to support AES.
metze
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
The RODC stuff doesn't depend on the schannel algorithm.
metze
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
metze
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Jul 17 06:10:52 CEST 2012 on sn-devel-104
|
|
|
|
|
|
This reverts commit c4493c22f129b2c94f361e6f8657adc7cd2dc1c6.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=7562
Conflicts:
docs-xml/Makefile
Autobuild-User(master): Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date(master): Mon Jul 16 16:18:46 CEST 2012 on sn-devel-104
|
|
If .close() has already been called, we have to play dead - the
self->ctx is just not valid any more, as we have been shut down to
allow some other part of Samba to open the tdb.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Jul 16 13:51:52 CEST 2012 on sn-devel-104
|
|
The call to PyStringAsString() can raise an exception, and we
want to return that rather than following a NULL pointer later.
Andrew Bartlett
|
|
This is for use with the -P/--machine-pass option.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sun Jul 15 05:41:28 CEST 2012 on sn-devel-104
|
|
|
|
|
|
By the time we've gotten to init_dc_connection_network() we shouldn't
be second guessing the caller by calling winbindd_can_contact_domain().
If for some reason we do need to restrict the contact list here we
can add a condition to only contact the primary domain or domains
listed in the tdc cache, but I don't think that's neccessary.
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Jul 14 03:17:57 CEST 2012 on sn-devel-104
|
|
schedule_aio_smb2_write can return NT_STATUS_FILE_LOCK_CONFLICT.
This is a valid error code that smb2.lock.rw-shared expects and
checks for. The code before this patch maps this to NT_STATUS_FILE_CLOSED,
masking the real, correct error message.
Signed-off-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jul 13 21:53:51 CEST 2012 on sn-devel-104
|
|
Because of the evolution in the way the auth handling has been done, we do not
need this code any more. Raw NTLM Session setup & X is done via the auth4 context
which returns a full session info.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jul 13 10:04:05 CEST 2012 on sn-devel-104
|
|
Found by Thomas Hood <jdthood@gmail.com> using valgrind.
Thanks!
Andrew Bartlett
|
|
This boolean was only set if the old machine account store (with an
MD4 hash in it) was returned. We have not set that password type for
years. If this call ever worked, it would store a plaintext password,
so we could only ever be here if we had set a password using a version
of Samba so old as not to store plaintext, and then never honered the
flag anyway.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jul 13 07:52:40 CEST 2012 on sn-devel-104
|
|
This is in the trusted domain codepath, not the primary domain code path.
Andrew Bartlett
|
|
When provisioning with --use_rfc2307=yes populate the subtree:
CN=ypServ30,CN=RpcServices,CN=System,${DOMAINDN} This makes it
possible to manipulate the posix attributes via ADUC
(commit message adjusted by abartlet)
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jul 13 04:44:42 CEST 2012 on sn-devel-104
|
|
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Fri Jul 13 02:51:44 CEST 2012 on sn-devel-104
|
|
|