summaryrefslogtreecommitdiff
path: root/source3/include
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r23724: Reduce access to the global inbuf a tiny bit. Add a struct smb_requestVolker Lendecke1-0/+7
that contains some of the fields from the SMB header, removing the need to access inbuf directly. This right now is used only in the open file code & friends, and creating that header is only done when needed. This needs more work, but it is a start. Jeremy, I'm only checking this into 3_0, please review before I merge it to _26. Volker (This used to be commit ca988f4e79e977160d82e86486972afd15d4acf5)
2007-10-10r23671: Remove unused code -- 16416 bytes of bss space...Volker Lendecke1-1/+0
(This used to be commit 25f3bfdb1f60ab17af05608481068299da94cec9)
2007-10-10r23646: Generalize our internal keytab handling to support a broader range ↵Günther Deschner1-0/+4
of default keytabnames (like "ANY:FILE:/etc/krb5.keytab,krb4:/etc/srvtab"). This also fixes keytab support with Heimdal (which supports the WRFILE pragma as well now). Guenther (This used to be commit 7ca002f4cc9ec4139c0c48952ebf05f89b5795ef)
2007-10-10r23624: Merge dos error code from samba4 (returned from dfs_Enum against ↵Günther Deschner1-0/+1
w2k3 as soon as a one DFS_VOLUME_FLAVOR_AD_BLOB dfsroot exists). Guenther (This used to be commit 837b0a14c430faa4e4cada03a1efe2823a7b2e2e)
2007-10-10r23620: Convert set_nt_acl to return NTSTATUS. Also fix the chownJeremy Allison1-2/+3
return to correctly return NT_STATUS_INVALID_OWNER if it should be disallowed. Matches better what W2K3R3 does. NFSv4 ACL module owners, please examine these changes. Jeremy. (This used to be commit fc6899a5506b272f8cd5f5837ca13300b4e69a5f)
2007-10-10r23616: Fix bugzilla #4719: must change password is not set from usrmgr.exe.Jim McDonough1-1/+14
This was only affecting the newer versions of usrmgr.exe, because they use a user_info_25 struct. The password is getting set separately inside that code, so the password last set time was getting set from the password change logic. We also were not parsing a number of fields (like logon hours) from the user_info_25. That should also be fixed. (This used to be commit afabd68b6ae874aceba708dc36808ed007ad496c)
2007-10-10r23607: Add legacy support for Services for Unix (SFU) 2.0.Günther Deschner1-4/+12
Guenther (This used to be commit 11b390309b9677805e5b68f3a1b780658ae85137)
2007-10-10r23600: First step in abstracting the winbindd cache validationMichael Adam1-0/+10
code into a generic tdb validation code. In lib/util_tdb.c for a start. Michael (This used to be commit 527edfa0cbcb233218ebabc395666d1d7228ee37)
2007-10-10r23582: Fix event based krb5 ticket refreshing in winbindd.Günther Deschner1-1/+1
We were incorrectly using the renew_till timestamp instead of the renewed ticket's endtime to calculate the next refreshing date. Guenther (This used to be commit aa3511a5b5e6a96a02110a7ad0ab1d43e6d25766)
2007-10-10r23563: Add dump-event-list command to smbcontrol.Günther Deschner1-0/+3
Guenther (This used to be commit 0d956a8e45cd4421cddb8e077e1960dafac3a4d0)
2007-10-10r23512: Fix conflict in #define for SECDESC_PREFIX. Ensure allJeremy Allison1-2/+2
reg #defines use "REG_" prefix. Michael - please check gcc warnings on compiles. Jeremy. (This used to be commit 7885b68bb5df0ebe290feca0e74b4a20ef59e718)
2007-10-10r23510: Tidy calls to smb_panic by removing trailing newlines. Print theJames Peach1-3/+4
failed expression in SMB_ASSERT. (This used to be commit 171dc060e2a576d724eed1ca65636bdafffd7713)
2007-10-10r23509: This activates the global options from the registry in loadparm.Michael Adam2-0/+32
The global options are stored as values in the subkey "global" of the SMBCONF registry key. The activation is accomplished in smb.conf though a new special semantic of the "include" parameter: "include = registry" triggers the processing of the registry global options exactly at the position of the include statement. Options read from the registry take the same precedence as parameters loaded from a file via include. Need to reload the registry globals is detected by watching the tdb sequence number. Registry shares are automatically activated when the registry globals are processed. So a "registry only" configuration can be realized by an smb.conf that looks as follows: ================================ [global] include = registry ================================ The global options and registry shares can be conveniently edited with the "net conf" utility. Caveat: A possible pitfall consists in using "include = registry" together with the "lock directory" directive in the registry. This problem will be addressed in the next time. Note on the code: Processing of the registry options is accomplished by a function process_registry_globals() in loadparm.c The current version is only an interim solution: It is handcoded instead of using the infrastructure of reg_api.c. The reason for this is that using reg_api still has too large linker dependencies, bloating virtually all targets by PASSDB_OBJ, SMBLDAP_OBJ, GROUPDB_OBJ and LDB stuff. A version of process_registry_globals that uses reg_api is included but commented out. The goal is to eventually refactor and restructure the registry code so that one can use the reg_api to access only the registry tdb and not link all the dynamic backends with all their linking implications. (This used to be commit 24b0cbcb3741dd14b04728448a85cc04a057e7d0)
2007-10-10r23485: This checkin consists mostly of refactorings in preparation of theMichael Adam1-1/+3
activation of global registry options in loadparm.c, mainly to extract functionality from net_conf.c to be made availabel elsewhere and to minimize linker dependencies. In detail: * move functions registry_push/pull_value from lib/util_reg.c to new file lib/util_reg_api.c * create a fake user token consisting of builtin administrators sid and se_disk_operators privilege by hand instead of using get_root_nt_token() to minimize linker deps for bin/net. + new function registry_create_admin_token() in new lib/util_reg_smbconf.c + move dup_nt_token from auth/token_util.c to new file lib/util_nttoken.c + adapt net_conf.c and Makefile.in accordingly. * split lib/profiles.c into two parts: new file lib/profiles_basic.c takes all the low level mask manipulation and format conversion functions (se_priv, privset, luid). the privs array is completely hidden from profiles.c by adding some access-functions. some mask-functions are not static anymore. Generally, SID- and LUID-related stuff that has more dependencies is kept in lib/profiles.c * Move initialization of regdb from net_conf.c into a function registry_init_regdb() in lib/util_reg_smbconf.c. Michael (This used to be commit efd3e2bfb756ac5c4df7984791c67e7ae20a582e)
2007-10-10r23410: Merge the core of the cluster code.Volker Lendecke5-0/+191
I'm 100% certain I've forgotten to merge something, but the main code should be in. It's mainly in dbwrap_ctdb.c, ctdbd_conn.c and messages_ctdbd.c. There should be no changes to the non-cluster case, it does survive make test on my laptop. It survives some very basic tests with ctdbd enables, I did not do the full test suite for clusters yet. Phew... Volker (This used to be commit 15553d6327a3aecdd2b0b94a3656d04bf4106323)
2007-10-10r23400: Fix lsa crash bug #4683. The "names" enum structJeremy Allison1-3/+3
in a lookup_sidX reply isn't optional - like the lookup_sidX query it needs to be defined in the struct. All this will go away with PIDL (thank goodness....). Jerry - I think this is a showstopper to be merged for 3.0.25b. I'll be watching the build farm to see if anything broke. Jeremy. (This used to be commit 9300b92f7a51eb80fdc039d8dad23ea9ce82aa8f)
2007-10-10r23380: netr_getdcname returns WERROR not NTSTATUS.Günther Deschner1-1/+1
Guenther (This used to be commit 5e75ea7f2b568d76c8ced5f43171741532cc97c2)
2007-10-10r23341: pdb interfaces should be versioned. As SAMBA_3_0 and SAMBA_3_0_26Jeremy Allison1-0/+1
are now identical, use the same version number (16) for both. Jeremy. (This used to be commit f2ac311ed408e1f17f468945b34289d4c6b915cc)
2007-10-10r23328: don't typedef ber_tag_t when it's already done by openldapStefan Metzmacher1-2/+2
headers on HP-UX (lber_types.h defines _LBER_TYPES_H). metze (This used to be commit bd1b28dd3e47c2f244baba4a239b0d6dca57f2d2)
2007-10-10r23307: move readahead stuff out of libreplace and make it samba3 specificStefan Metzmacher1-0/+3
as we can't replace this function in libreplace and we do the some stuff for other function in the same way. metze (This used to be commit 5e9b84326b4c65799e6fa6550de870d9a7ebba85)
2007-10-10r23300: AFAICT these are not needed. Jerry, can you please review and revertJames Peach1-1/+0
if this is not correct. (This used to be commit 7aa40efd28edcd4d6a5a3a2d790df0af1f5f3fea)
2007-10-10r23274: merge CloseEventlog() pidl conversion from 3.0.26 && fix a few init ↵Gerald Carter3-23/+1
call renames for svcctl in the previous commit (This used to be commit ebcae48ec10fefa74efcc3563cff50e3b9c2388c)
2007-10-10r23271: merge service control pidl change for CloseServiceHandle() from ↵Gerald Carter2-2/+4
SAMBA_3_0_26 (This used to be commit 0b1bc3521fac52f3164b6cc9e053abc3ceabf5e7)
2007-10-10r23251: whoops! Fix compile errorGerald Carter1-0/+3
(This used to be commit 22a3ea40ac69fa3722abf28db845ab284a65ad97)
2007-10-10r23244: Fix loop with nscd and NSS recusive calls.Gerald Carter1-6/+9
> Here's the problem I hit: > > getgrnam("foo") -> nscd -> NSS -> winbindd -> > winbindd_passdb.c:nam_to_sid() -> lookup_global_sam_name() -> > getgrnam("foo") -> nscd -> .... > > This is in the SAMBA_3_0 specifically but in theory could happen > SAMBA_3_0_25 (or 26) for an unknown group. > > The attached patch passes down enough state for the > name_to_sid() call to be able to determine the originating > winbindd cmd that came into the parent. So we can avoid > making more NSS calls if the original call came in trough NSS > so we don't deadlock ? But you should still service > lookupname() calls which are needed for example when > doing the token access checks for a "valid groups" from > smb.conf. > > I've got this in testing now. The problem has shown up with the > DsProvider on OS X and with nscd on SOlaris and Linux. (This used to be commit bcc8a3290aaa0d2620e9d391ffbbf65541f6d742)
2007-10-10r23220: Add traverse_read to dbwrapVolker Lendecke1-0/+4
(This used to be commit b38dc5ffdfe9fdc2879c57dc181815f06b4747fe)
2007-10-10r23210: Very funny, we thought to use netr_GetDcName (e.g. in winbind) but ↵Günther Deschner1-15/+15
were using netr_GetDcAnyName all the time (which is the correct thing to do). Fix the naming and opcode mixup in all branches. Guenther (This used to be commit def6464c872a5939f0028837254f2c019d2d71c8)
2007-10-10r23204: Add MSG_SMB_BRL_VALIDATE. Tridge, this is a bit different from your bzrVolker Lendecke1-0/+5
branch, please check if it fulfils your needs. Two changes: The validation is not done inside the brlock.c traverse_fn, it's done as a separate routine. Secondly, this patch does not call the checker routines in smbcontrol directly but depends on a running smbd. (This used to be commit 7e39d77c1f90d9025cab08918385d140e20ca25b)
2007-10-10r23195: Add void *private_data to brl_forallVolker Lendecke1-12/+0
(This used to be commit c91b2bdc160d76bf0b0770fe7f92cbc7124d6c3c)
2007-10-10r23183: Check in a change made by Tridge:Volker Lendecke2-16/+14
This replaces the internal explicit dev/ino file id representation by a "struct file_id". This is necessary as cluster file systems and NFS don't necessarily assign the same device number to the shared file system. With this structure in place we can now easily add different schemes to map a file to a unique 64-bit device node. Jeremy, you might note that I did not change the external interface of smb_share_modes.c. Volker (This used to be commit 9b10dbbd5de8813fc15ebbb6be9b18010ffe8139)
2007-10-10r23165: Convert brlock.tdb to dbwrapVolker Lendecke1-0/+1
(This used to be commit 84f9885cf8cc57dcf3c2738d6b245de314890a41)
2007-10-10r23163: Convert locking.tdb to dbwrapVolker Lendecke1-0/+1
(This used to be commit afe90224bf151acf6c7be8974408f79cfd459dbf)
2007-10-10r23128: Fix typo.Günther Deschner1-1/+1
Guenther (This used to be commit 52fdbbda53df79461322b9d21aba998f19181df8)
2007-10-10r23127: Fill in some more netlogon dsgetdcname flavours (netr_DsRGetDCNameEx,Günther Deschner2-2/+98
netr_DsRGetDCNameEx2) and add new ds request and reply flags, also add some more WERROR codes. Guenther (This used to be commit 37ae7f419702c563bcd0d9c27c02bde7efd34dd7)
2007-10-10r23117: Factor out local messaging.Volker Lendecke1-2/+34
This removes message_block / message_unblock. I've talked to Jeremy and Günther, giving them my reasons why I believe they have no effect. Neither could come up with a counter-argument, so they go :-) (This used to be commit a925e0991ffbaea4a533bab3a5d61e5d367d46c8)
2007-10-10r23112: Trim down the message.c API slightly: The messages_pending_for_pid ↵Volker Lendecke1-51/+63
is now replaced by MSG_FLAG_LOWPRIORITY or'ed into the msg_type. To enable this, changed the msg_type definitions to hexadecimal. This way we could theoretically add the MSG_FLAG_NODUPLICATES again, but I would rather not do this, because that one is racy and can't be guaranteed at all. (This used to be commit 3f5eb8a9600839a9f9c44c553f0bda6df22b30b0)
2007-10-10r23105: Add lchown to the vfs layer. We need this in the POSIX code.Jeremy Allison3-1/+12
Jeremy. (This used to be commit 932523cbb508db869b726768e86bfa8e248f768b)
2007-10-10r23100: Implement the delete on close semantics I've just tested forJeremy Allison1-1/+2
in Samba4 smbtorture. Fix rename on an open file handle. Needed for 3.0.25a. Jeremy. (This used to be commit a301467d5f645dada27093ddfd74890b88bb4ce8)
2007-10-10r23055: Rewrite messages.c to use auto-generated marshalling in the tdb. I'mVolker Lendecke3-4/+36
doing this because for the clustering the marshalling is needed in more than one place, so I wanted a decent routine to marshall a message_rec struct which was not there before. Tridge, this seems about the same speed as it used to be before, the librpc/ndr overhead in my tests was under the noise. Volker (This used to be commit eaefd00563173dfabb7716c5695ac0a2f7139bb6)
2007-10-10r22920: Add in the UNIX capability for 24-bit readX, as discussedJeremy Allison3-2/+10
with the Apple guys and Linux kernel guys. Still looking at how to do writeX as there's no recvfile(). Jeremy. (This used to be commit a53268fb2082de586e2df250d8ddfcff53379102)
2007-10-10r22852: merge fixes for CVE-2007-2446 and CVE-2007-2447 to all branchesGerald Carter1-2/+0
(This used to be commit f65214be68c1a59d9598bfb9f3b19e71cc3fa07b)
2007-10-10r22844: Introduce const DATA_BLOB data_blob_null = { NULL, 0, NULL }; andVolker Lendecke1-0/+2
replace all data_blob(NULL, 0) calls. (This used to be commit 3d3d61687ef00181f4f04e001d42181d93ac931e)
2007-10-10r22841: Add comment to endif statement.Lars Müller1-1/+1
(This used to be commit 1351207626ee0f99aef93326ef96bf69651bf472)
2007-10-10r22839: Fix endif comment.Lars Müller1-1/+1
(This used to be commit e522fb9bb72580a162c46db4e7ee8c7933705cee)
2007-10-10r22800: Add GPO_SID_TOKEN and an LDAP function to get tokensids from the ↵Günther Deschner2-2/+14
tokenGroup attribute. Guenther (This used to be commit e4e8f840605dfdf92ca60cc8fc6a4c85336565fb)
2007-10-10r22798: Add the "apply group policy" access bit (as seen in type 0x05 ↵Günther Deschner1-0/+1
ALLOWED OBJECT ACEs). Guenther (This used to be commit e138cbc876e50ae25cb15c5109a42bc8b800c1ba)
2007-10-10r22797: We are only interested in the DACL of the security descriptor, so ↵Günther Deschner2-0/+11
search with the SD_FLAGS control. Guenther (This used to be commit 648df57e53ddabe74052e816b8eba95180736208)
2007-10-10r22796: Add security descriptor to GROUP_POLICY_OBJECT structure (in ↵Günther Deschner2-1/+2
preparation of adding GPO security filtering for libgpo). Guenther (This used to be commit b376a39fbf42a6a541fd311418c4a980b9fd4b9e)
2007-10-10r22786: Some cleanup by Karolin Seeger: Remove unused pdb_find_alias, and changeVolker Lendecke1-3/+0
return values of some alias-releated pdb functions from BOOL to NTSTATUS Thanks :-) (This used to be commit 590d2164b3a33250410338771e160f6ebd1aa89d)
2007-10-10r22775: For the cluster code I've developed a wrapper around tdb to put ↵Volker Lendecke2-0/+52
different database backends in place dynamically. The main abstractions are db_context and db_record, it should be mainly self-describing, see include/dbwrap.h. You open the db just as you would open a tdb, this time with db_open(). If you want to fetch a record, just do the db->fetch() call, if you want to do operations on it, you need to get it with fetch_locked(). I added dbwrap_file.c (not heavily tested lately) as an example for what can be done with that abstraction, uses a file per key. So if anybody is willing to shape that up, we might have a chance on reiserfs again.... :-) This abstraction works fine for brlock.tdb, locking.tdb, connections.tdb and sessionid.tdb. It should work fine for the others as well, I just did not yet get around to convert them. If nobody loudly screams NO, then I will import the code that uses this soon. Volker (This used to be commit e9d7484ca246cfca4a1fd23be35edc2783136ebe)