summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2012-05-17s3:gse: implement gensec_gse_expire_time()Stefan Metzmacher1-0/+12
metze
2012-05-17s4:auth/gensec: implement gensec_gssapi_expire_time()Stefan Metzmacher1-0/+13
metze
2012-05-17auth/gensec: implement gensec_spnego_expire_time()Stefan Metzmacher1-0/+12
metze
2012-05-17auth/gensec: add gensec_expire_time()Stefan Metzmacher2-0/+12
metze
2012-05-17s4:auth/gensec_gssapi: add missing 'break' statementsStefan Metzmacher1-0/+2
metze
2012-05-17s4:auth/gensec_gssapi: remember the expire timeStefan Metzmacher2-2/+9
metze
2012-05-17s3:gse: remember the expire timeStefan Metzmacher1-2/+15
metze
2012-05-17s3:smb2_sesssetup: make use of nt_status_squash() in ↵Stefan Metzmacher1-1/+1
smbd_smb2_session_setup_recv() metze
2012-05-17Check the return from create_acl_blobRichard Sharpe1-4/+6
Autobuild-User: Richard Sharpe <sharpe@samba.org> Autobuild-Date: Thu May 17 07:17:29 CEST 2012 on sn-devel-104
2012-05-17s3-smbd: Avoid creating a UID ACL entry for SIDs that are mapped as ↵Andrew Bartlett1-0/+35
ID_TYPE_BOTH The GID ACL entry is what will be mapped in most cases, and so is sufficient. Andrew Bartlett Signed-off-by: Jeremy Allison <jra@samba.org> Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Thu May 17 05:08:44 CEST 2012 on sn-devel-104
2012-05-17s3-smbd: Consider a group with the same SID as sufficient duplicationAndrew Bartlett1-0/+7
This code is to ensure that the user does not loose rights when their file ownership is taken away. If the owner (an IDMAP_BOTH SID) appears as a group then a duplicate user is not required. Signed-off-by: Jeremy Allison <jra@samba.org>
2012-05-17s3-smbd: Handle ID_TYPE_BOTH by mapping to both a group ACL entry and file ↵Andrew Bartlett1-39/+109
ownership This will allow groups, such as domain administrators, to own files while correctly handling the rest of the ACL permissions. Andrew Bartlett Signed-off-by: Jeremy Allison <jra@samba.org>
2012-05-17We need to split things up into a new helper function ↵Andrew Bartlett1-172/+184
add_current_ace_to_acl() in order for there to be more posix ACL elements than NT ACL elements (so a group SID can own a file, but also get the group permissions that will be honoured) Andrew Bartlett Slightly modified by Jeremy to reduce diff size. Signed-off-by: Jeremy Allison <jra@samba.org>
2012-05-17This covers a case where an ID_TYPE_BOTH mapping creates group permissions, ↵Jeremy Allison1-2/+5
but must own the file. Based on an original patch by Andrew Bartlett.
2012-05-17s3-smbd: Do not merge UID ACE values with GID ACE values for posix ACLAndrew Bartlett1-5/+12
This might happen when we get a SID mapped to IDMAP_BOTH. Andrew Bartlett Signed-off-by: Jeremy Allison <jra@samba.org>
2012-05-16s3:onefs: remove all onefs related code as it not maintained anymoreStefan Metzmacher23-10395/+2
See https://lists.samba.org/archive/samba-technical/2012-May/083631.html for the discussion. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Wed May 16 11:23:05 CEST 2012 on sn-devel-104
2012-05-16Fix the overwriting of errno before use in a DEBUG statement and use the ↵Richard Sharpe2-5/+8
return value from store_acl_blob_fsp rather than ignoring it. Autobuild-User: Richard Sharpe <sharpe@samba.org> Autobuild-Date: Wed May 16 03:43:41 CEST 2012 on sn-devel-104
2012-05-16build: Add explicit mention of --abi-check-disable to ABI checkerAndrew Bartlett1-1/+1
This information has always been in the linked wiki page, but put it in the build to unblock developers using platforms with slightly different GDB output. We can also assist this by improving the string normalisiation in the ABI checker when example errors are provided. It is better to build with the waf build and the full testsuite than to avoid the waf build or not to use the developer options simply to skip the ABI checker. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Wed May 16 01:53:42 CEST 2012 on sn-devel-104
2012-05-16libwbclient: Fix an invalid free()Volker Lendecke1-1/+1
Autobuild-User: Volker Lendecke <vl@samba.org> Autobuild-Date: Wed May 16 00:00:00 CEST 2012 on sn-devel-104
2012-05-15wbinfo: Fix Coverity ID 242684 Resource leakVolker Lendecke1-0/+1
2012-05-15wbinfo: Fix Coverity ID 242685 Resource leakVolker Lendecke1-0/+1
2012-05-15s3: Fix Coverity ID 242710 Untrusted pointer readVolker Lendecke1-1/+1
According to susv3 we have to make sure that we call isupper with values only in the range of an unsigned char. This is best achieved by automatic narrowing through assignment.
2012-05-15dbwrap: Fix Coverity ID 242750 Incorrect sizeof expressionVolker Lendecke1-1/+1
Taking the size of "db" is correct, but a bit fishy. Silence Coverity.
2012-05-15libcli/smb: move smb2cli_ioctl.c from source3 to the toplevelBjörn Baumbach6-43/+40
Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Tue May 15 20:17:01 CEST 2012 on sn-devel-104
2012-05-15libcli/smb: move smb2cli_query_directory.c from source3 to the toplevelBjörn Baumbach6-39/+38
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-05-15libcli/smb: move smb2cli_query_info.c from source3 to the toplevelBjörn Baumbach6-40/+37
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-05-15libcli/smb: move smb2cli_set_info.c from source3 to the toplevelBjörn Baumbach6-32/+29
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-05-15libcli/smb: move smb2cli_flush.c from source3 to the toplevelBjörn Baumbach6-23/+21
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-05-15libcli/smb: move smb2cli_write.c from source3 to the toplevelBjörn Baumbach6-33/+31
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-05-15libcli/smb: move smb2cli_read.c from source3 to the toplevelBjörn Baumbach6-35/+33
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-05-15libcli/smb: move smb2cli_close.c from source3 to the toplevelStefan Metzmacher6-25/+23
metze
2012-05-15libcli/smb: move smb2cli_create.c from source3 to the toplevelStefan Metzmacher6-43/+41
metze
2012-05-15s3:libsmb: avoid interpret_long_date() in smb2cli_createStefan Metzmacher1-8/+8
metze
2012-05-15s3:cli_np_tstream: include smbXcli_base.h, because we'll use functions from ↵Stefan Metzmacher1-0/+1
there metze
2012-05-15s3: Remove some unused codeVolker Lendecke1-14/+0
Autobuild-User: Volker Lendecke <vl@samba.org> Autobuild-Date: Tue May 15 18:24:10 CEST 2012 on sn-devel-104
2012-05-15s3: Fix a likely cut&paste errorVolker Lendecke1-1/+1
2012-05-15lib/ccan: add a missing dependency to 'execinfo' for 'backtrace()'Stefan Metzmacher1-0/+4
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Tue May 15 16:12:54 CEST 2012 on sn-devel-104
2012-05-15s3-auth: Rename to init_system_session_info().Andreas Schneider4-4/+4
Autobuild-User: Andreas Schneider <asn@cryptomilk.org> Autobuild-Date: Tue May 15 13:56:00 CEST 2012 on sn-devel-104
2012-05-15s3-auth: Don't lookup the system user in pdb.Andreas Schneider1-4/+95
This fixes bug #8944, ldapsam:trusted and ipasam. It is an additional fix for bug #8567 (0528cb5f3a15b72dcb34ece21a3ffb3e7b8d6eb9).
2012-05-15Use ENC_ values for proto_tree_add_item() calls.Guy Harris1-2/+2
It appears that the integral value containing the bits in a bitmap should be dissected according to the data representation, as the individual fields are fetched by dissect_ndr_XXX, which is passed the data representation and extracts the value appropriately for the data representation, so the patch replaces TRUE (which meant "always little-endian" when the last argument to proto_tree_add_item() was a byte-order Boolean) with DREP_ENC_INTEGER(drep) (which means "ENC_BIG_ENDIAN or ENC_LITTLE_ENDIAN, depending on the data representation"). For structures, I'm just using ENC_NA. Bug: https://bugzilla.samba.org/show_bug.cgi?id=8942 Signed-off-by: Jelmer Vernooij <jelmer@samba.org> Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Tue May 15 12:07:06 CEST 2012 on sn-devel-104
2012-05-15s4:ntvfs/smb2: remove misleading comment regarding security=serverStefan Metzmacher1-1/+0
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Tue May 15 10:12:53 CEST 2012 on sn-devel-104
2012-05-15s4:ntvfs/cifs: remove misleading comment regarding security=serverStefan Metzmacher1-1/+0
metze
2012-05-15s4:auth: remove unused auth_server.cStefan Metzmacher2-245/+0
metze
2012-05-15s3:auth: remove unused auth_server.cStefan Metzmacher6-508/+1
metze
2012-05-15docs-xml: remove documentation of "SECURITY = SERVER"Stefan Metzmacher1-32/+0
metze
2012-05-15s3-auth: remove "security=server" (depricated since 3.6)Stefan Metzmacher6-25/+20
"security=server" has a lot of problems in the world with modern security (ntlmv2 and krb5). It was also not very reliable, as it needed a stable connection to the password server for the lifetime of the whole client connection! Please use "security=domain" or "security=ads" is you authentication against remote servers (domain controllers). metze -------------- / \ / REST \ / IN \ / PEACE \ / \ | SEC_SERVER | | security=server | | | | | | 12 May | | | | 2012 | *| * * * | * _________)/\\_//(\/(/\)/\//\/\///|_)_______
2012-05-15s4:param/tests: remove "security=server" testStefan Metzmacher1-10/+0
metze
2012-05-15selftest: Remove tests for security=serverAndrew Bartlett3-45/+1
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-05-15samba-upgradedns: Use the correct magic incantation of sys.path.insert()Amitay Isaacs1-1/+1
This replaces "bin/python" with the correct path for python libraries. The pattern requires double quotes (") instead of single quotes ('). Autobuild-User: Amitay Isaacs <amitay@samba.org> Autobuild-Date: Tue May 15 05:19:46 CEST 2012 on sn-devel-104
2012-05-14s3: talloc_zero is not needed for structs we ndr_pull intoVolker Lendecke1-1/+1
Autobuild-User: Volker Lendecke <vl@samba.org> Autobuild-Date: Mon May 14 18:59:07 CEST 2012 on sn-devel-104