summaryrefslogtreecommitdiff
path: root/source3/include
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r14403: * modifies create_local_nt_token() to create a BUILTIN\AdministratorsGerald Carter1-2/+2
group IFF sid_to_gid(S-1-5-32-544) fails and 'winbind nested groups = yes' * Add a SID domain to the group mapping enumeration passdb call to fix the checks for local and builtin groups. The SID can be NULL if you want the old semantics for internal maintenance. I only updated the tdb group mapping code. * remove any group mapping from the tdb that have a gid of -1 for better consistency with pdb_ldap.c. The fixes the problem with calling add_group_map() in the tdb code for unmapped groups which might have had a record present. * Ensure that we distinguish between groups in the BUILTIN and local machine domains via getgrnam() Other wise BUILTIN\Administrators & SERVER\Administrators would resolve to the same gid. * Doesn't strip the global_sam_name() from groups in the local machine's domain (this is required to work with 'winbind default domain' code) Still todo. * Fix fallback Administrators membership for root and domain Admins if nested groups = no or winbindd is not running * issues with "su - user -c 'groups'" command * There are a few outstanding issues with BUILTIN\Users that Windows apparently tends to assume. I worked around this presently with a manual group mapping but I do not think this is a good solution. So I'll probably add some similar as I did for Administrators. (This used to be commit 612979476aef62e8e8eef632fa6be7d30282bb83)
2007-10-10r14368: Remove redundant set of logon flags (now in rpc_netlogon.h).Günther Deschner1-2/+0
Guenther (This used to be commit 8d4290cb8ed75cf12fa45bcf3e93cfe1a5567919)
2007-10-10r14353: Fix coverity bugs #61 and #62. Remember to divide byJeremy Allison1-1/+1
the size of the data table. Clean up the struct a little. Jeremy. (This used to be commit 338538410d484a9358b60b05a86180275344ffa4)
2007-10-10r14255: Revert r14204 which was horribly broken.James Peach1-1/+1
(This used to be commit 950ed28f9f3f57dc449bd3bd6e7be7acb1e3d26d)
2007-10-10r14207: Convert the lp_acl_compatibility() param into an enum.James Peach1-0/+2
(This used to be commit 5429c495c538e416010cf44e1d6fb771770a72ae)
2007-10-10r14204: Remove the basically unused P_GSTRING and P_UGSTRINGJames Peach1-1/+1
parameter types. (This used to be commit 23328fe6fc5e3b4ed3dc35e1475d661a8593eb1a)
2007-10-10r14074: Some cleanup; there is no point in declaring and mappingGünther Deschner1-4/+2
KRB5KRB_ERR_RESPONSE_TOO_BIG when the krb5 library does not know about this. Guenther (This used to be commit 4a1a3c4808307e09fa8ff85da9a963a4a6f0e9ae)
2007-10-10r14051: Add remaining (documented) userAccountControl bits, thanks to LukeGünther Deschner1-2/+2
Howard for pointing this out. Guenther (This used to be commit 170038f4cdfa51ea31b2255a020740d28dfbfba2)
2007-10-10r14050: Add the ACB_PWEXPIRED bit abartlet has found.Günther Deschner1-0/+1
Guenther (This used to be commit 5fa3f26b4c39d612243319fc0729078c50439d6b)
2007-10-10r14049: Found some more MSV1_0 bits and their behaviour;Günther Deschner1-2/+14
just for documentation purpose. Guenther (This used to be commit 0b00424e07f3f9c815664c619e2d7a670a838b93)
2007-10-10r13975: Re-fix Coverity #156 - I had left the hidden arg. inconsistentJeremy Allison1-1/+1
between Realloc and realloc_array. Jeremy. (This used to be commit 841c9b1847ae12656b827e3d35b8bf0c3f68b8b4)
2007-10-10r13915: Fixed a very interesting class of realloc() bugs found by Coverity.Jeremy Allison1-2/+4
realloc can return NULL in one of two cases - (1) the realloc failed, (2) realloc succeeded but the new size requested was zero, in which case this is identical to a free() call. The error paths dealing with these two cases should be different, but mostly weren't. Secondly the standard idiom for dealing with realloc when you know the new size is non-zero is the following : tmp = realloc(p, size); if (!tmp) { SAFE_FREE(p); return error; } else { p = tmp; } However, there were *many* *many* places in Samba where we were using the old (broken) idiom of : p = realloc(p, size) if (!p) { return error; } which will leak the memory pointed to by p on realloc fail. This commit (hopefully) fixes all these cases by moving to a standard idiom of : p = SMB_REALLOC(p, size) if (!p) { return error; } Where if the realloc returns null due to the realloc failing or size == 0 we *guarentee* that the storage pointed to by p has been freed. This allows me to remove a lot of code that was dealing with the standard (more verbose) method that required a tmp pointer. This is almost always what you want. When a realloc fails you never usually want the old memory, you want to free it and get into your error processing asap. For the 11 remaining cases where we really do need to keep the old pointer I have invented the new macro SMB_REALLOC_KEEP_OLD_ON_ERROR, which can be used as follows : tmp = SMB_REALLOC_KEEP_OLD_ON_ERROR(p, size); if (!tmp) { SAFE_FREE(p); return error; } else { p = tmp; } SMB_REALLOC_KEEP_OLD_ON_ERROR guarentees never to free the pointer p, even on size == 0 or realloc fail. All this is done by a hidden extra argument to Realloc(), BOOL free_old_on_error which is set appropriately by the SMB_REALLOC and SMB_REALLOC_KEEP_OLD_ON_ERROR macros (and their array counterparts). It remains to be seen what this will do to our Coverity bug count :-). Jeremy. (This used to be commit 1d710d06a214f3f1740e80e0bffd6aab44aac2b0)
2007-10-10r13878: move PORT_DATA_1 to use static sized UNICODE strings as per MSDNGerald Carter1-5/+11
(This used to be commit c803e1b2afdfc5bd983f046c976c01adebcfa1ad)
2007-10-10r13829: From the "It's not pretty but it works" categoryGerald Carter2-2/+40
* Finish prototype of the "add port command" implementation Format is "addportcommand portname deviceURI" * DeviceURI is either - socket://hostname:port/ - lpr://hostname/queue depending on what the client sent in the request (This used to be commit 6d74de7a676b71e83a3c3714743e6380c04e4425)
2007-10-10r13824: * add api table for Xcv TCPMON and LOCALMON calls startingGerald Carter1-2/+2
with the "MonitorUI" call * Fix some parsing errors This gets us to the Add Port Wizard dialog. (This used to be commit a444aa7f0088fb71ff89df8c280209188b33ec3d)
2007-10-10r13820: * Start fleshing out the XcvDataPort() server implementationGerald Carter2-4/+8
* Add support for the "Local Port" monitor as well through this API (This used to be commit ba9cdd88a0abf90a9c04959e554d7e4f10d17ff7)
2007-10-10r13815: "Into the blind world let us now descend,"Gerald Carter2-1/+28
Began the poet, his face as pale as death. "I will go first, and you will follow me." --- Adding XcvDataPort() to the spoolss code for remotely add ports. The design is to allow an intuitive means of creating a new CUPS print queue from the Windows 2000/XP APW without hacks like specifying the deviceURI in the location field of the printer properties dialog. Also set 'default devmode = yes' as the new default since it causes no harm and only is executed when you have a NULL devmode anyways. (This used to be commit 123e478ce5b5f63a61d00197332b847e83722468)
2007-10-10r13802: I *knew* ASU on sparc had to be good for *something* ! :-).Jeremy Allison1-2/+2
Fix incorrect size understanding of sid name type (yes it's already correct in the Samba4 IDL :-). Jeremy. (This used to be commit 305a774d2880a57d1ebdf2ecf2d7e0b519695a33)
2007-10-10r13733: Reorder so that locking and params declarations are not mingled.James Peach1-17/+18
(This used to be commit cde31d5957ff9a009e111ab3719d20e70a5053b6)
2007-10-10r13711: * Correctly handle acb_info/acct_flags as uint32 not as uint16.Günther Deschner4-10/+10
* Fix a couple of related parsing issues. * in the info3 reply in a samlogon, return the ACB-flags (instead of returning zero) Guenther (This used to be commit 5b89e8bc24f0fdc8b52d5c9e849aba723df34ea7)
2007-10-10r13693: More Solaris/LDAP fixes from Bjoern <bjoern@j3e.de>Volker Lendecke1-0/+6
(This used to be commit 7c098ca0ae4c7e11c7100fb09b42ce716beffb56)
2007-10-10r13690: Check in Björn's LDAP Solaris fix.Volker Lendecke1-0/+4
(This used to be commit d6c6363517513cc66a8933a6e4f95c5ce5cf1cb4)
2007-10-10r13679: Commiting the rm_primary_group.patch posted on samba-technicalGerald Carter1-2/+3
* ignore the primary group SID attribute from struct samu* * generate the primary group SID strictlky from the Unix primary group when dealing with passdb users * Fix memory leak in original patch caused by failing to free a talloc * * add wrapper around samu_set_unix() to prevent exposing the create BOOL to callers. Wrappers are samu_set_unix() and samu-allic_rid_unix() (This used to be commit bcf269e2ec6630b78d909010fabd3b69dd6dda84)
2007-10-10r13657: Let winbindd try to obtain the gecos field from the msSFU30GecosGünther Deschner1-0/+2
attribute when "winbind nss info = sfu" is set. Fixes #3539. Guenther (This used to be commit ffce0461de130828345c44293e564ca03227607d)
2007-10-10r13625: Now that Heimdal 0.7.2 is released, we reenable our strict checking forGünther Deschner1-2/+1
c++ reserved names. Guenther (This used to be commit e0b50d008728cfc66f6b1eefdadf8a708f4d9500)
2007-10-10r13601: * Remove unused code from pdb_ldap.cGerald Carter1-1/+3
* Add a 'struct passwd *' to the struct samu for later reference (I know this may be controversial but its easily reverted which is is why I'm checking this is as a seaparate patch before I get too deep). * Remove unix_homedir from struct samu {} and update the pdb wrapper functions associated with it. (This used to be commit 92c251fdf0f1f566cfeca3c75ba2284b644aef5d)
2007-10-10r13598: Defining KRB5KRB_ERR_RESPONSE_TOO_BIG if not defined which is the caseLars Müller1-0/+4
for older krb5 implementations. Patch slightly modified from the version provided by Björn Jacke <bjoern at j3e dot de> at the samba-technical list after discussion on the list and by IRC. Thanks Björn! (This used to be commit 49e6431c06c70088907c31e2da1ec83a09377015)
2007-10-10r13588: Second attempt to fix Bug #3330 - treat the string as aJeremy Allison1-1/+1
uint8 array and copy as such. Gunther please check (sorry I reverted your earlier fix). Jeremy. (This used to be commit 7a17b39c80703909f102487690d2117d874b0e15)
2007-10-10r13585: Sorry Gunther, had to revert this. It's got a bufferJeremy Allison1-1/+1
overrun. Spoke to Jerry about the correct fix. Will add this after. Jeremy. (This used to be commit 33e13aabd3825c59d15dc897536e2ccf8c8f6d5e)
2007-10-10r13581: Correctly parse a non-null terminated, little-endian UCS2 string in theGünther Deschner1-1/+1
PAC_LOGON_NAME structure. This was broken on big-endian machines (Solaris SPARC and ppc). Fixes Bug #3330. Jerry, this should be in 3.0.21c. Guenther (This used to be commit 9732490811f8f02ee547ddc6e2694e1122a3a518)
2007-10-10r13576: This is the beginnings of moving the SAM_ACCOUNT data structureGerald Carter2-69/+61
to make full use of the new talloc() interface. Discussed with Volker and Jeremy. * remove the internal mem_ctx and simply use the talloc() structure as the context. * replace the internal free_fn() with a talloc_destructor() function * remove the unnecessary private nested structure * rename SAM_ACCOUNT to 'struct samu' to indicate the current an upcoming changes. Groups will most likely be replaced with a 'struct samg' in the future. Note that there are now passbd API changes. And for the most part, the wrapper functions remain the same. While this code has been tested on tdb and ldap based Samba PDC's as well as Samba member servers, there are probably still some bugs. The code also needs more testing under valgrind to ensure it's not leaking memory. But it's a start...... (This used to be commit 19b7593972480540283c5bf02c02e5ecd8d2c3f0)
2007-10-10r13566: Fix EA support for AIX.Günther Deschner1-0/+4
Patch from Bjoern Jacke <bjacke-at-sernet-dot-de>. Guenther (This used to be commit 69fb189a6b9947069afebb15d6ee6f2f20d15171)
2007-10-10r13553: Fix all our warnings at -O6 on an x86_64 box.Jeremy Allison3-10/+8
Jeremy. (This used to be commit ea82958349a57ef4b7ce9638eec5f1388b0fba2a)
2007-10-10r13522: Add SAMR_GET_USRDOM_PWINFO client-side.Günther Deschner1-2/+2
Guenther (This used to be commit 290a581b7567eab82b18fbadae9aa2ab29e95069)
2007-10-10r13509: remove unnecessary sql flagsGerald Carter1-2/+0
(This used to be commit c3702e804a74276ee53eb73f2d9b1fa9d3874b48)
2007-10-10r13494: Merge the stuff I've done in head the last days.Volker Lendecke1-0/+26
Volker (This used to be commit bb40e544de68f01a6e774753f508e69373b39899)
2007-10-10r13482: Push the FAM notification file descriptor into the selectJames Peach1-0/+1
set to avoid unnecessary polling. (This used to be commit 1dce945ccbba25092cf54890301c8f78f8aede33)
2007-10-10r13460: by popular demand....Gerald Carter2-162/+7
* remove pdb_context data structure * set default group for DOMAIN_RID_GUEST user as RID 513 (just like Windows) * Allow RID 513 to resolve to always resolve to a name * Remove auto mapping of guest account primary group given the previous 2 changes (This used to be commit 7a2da5f0cc05c1920c664c9a690a23bdf854e285)
2007-10-10r13458: Add parsing functions - but stub internals for lookupnames3 and 4.Jeremy Allison1-2/+77
Jeremy. (This used to be commit f1a362580ae37730dc8393a79f832aed5d0ea4be)
2007-10-10r13456: Add lsa_lookup_names2.Jeremy Allison1-1/+1
Jeremy. (This used to be commit b57406c89feaf550f6c2d29ef0ed73a935908add)
2007-10-10r13455: Prepare to add lookupnames2.Jeremy Allison2-3/+44
Jeremy. (This used to be commit 2274709587bd1f27bea2eacf633182f20cd07b1e)
2007-10-10r13449: Ensure we don't crash if no dc struct on pipe.Jeremy Allison1-0/+3
Jeremy. (This used to be commit a9e1d0f3b4fd7a0732a5023d0b4dcc2c4b1b03f8)
2007-10-10r13447: Added LSA_LOOKUPSIDS2 and LSA_LOOKUPSIDS3.Jeremy Allison1-19/+89
Jeremy. (This used to be commit a164cfab420a2439dad8fd85f8b4d652087fa6b9)
2007-10-10r13444: Add REJECT_REASON_OTHER for samr_chgpasswd_user3Günther Deschner1-0/+1
Guenther (This used to be commit 58baf718be90d750f51cf51a25714fcdcd5679b7)
2007-10-10r13442: Implement samr_chgpasswd_user3 server-side.Günther Deschner1-7/+9
Guenther (This used to be commit f60eddc0a4dfe623e5f115533a62c03810fd5f38)
2007-10-10r13439: Fix NET_SAM_LOGON_EX.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 9437ffc84f4d924ab67f3e16ef507d2aeeeb5f34)
2007-10-10r13433: Get ready to implement NET_SAM_LOGON_EX.Jeremy Allison1-0/+26
Jeremy. (This used to be commit 666b03b4a92800ed704b7f7e4b39f4e01ca47aee)
2007-10-10r13407: Change the credentials code to be more like the Samba4 structure,Jeremy Allison2-3/+10
makes fixes much easier to port. Fix the size of dc->sess_key to be 16 bytes, not 8 bytes - only store 8 bytes in the inter-smbd store in secrets.tdb though. Should fix some uses of the dc->sess_key where we where assuming we could read 16 bytes. Jeremy. (This used to be commit 5b3c2e63c73fee8949108abe19ac7a448a033a7f)
2007-10-10r13399: Get closer to passing RPC-SCHANNEL test.Jeremy Allison1-0/+51
Jeremy. (This used to be commit 8ae70122b79fbe682c227ec2c4e5a72bf58d76de)
2007-10-10r13396: Add in userinfo26, re-enable userinfo25 - took the knowledgeJeremy Allison1-0/+8
from Samba4 on how to decode the 532 byte password buffers. Getting closer to passing samba4 RPC-SCHANNEL test. Jeremy. (This used to be commit 205db6968a26c43dec64c14d8053d8e66807086f)