| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
group IFF sid_to_gid(S-1-5-32-544) fails and 'winbind nested groups = yes'
* Add a SID domain to the group mapping enumeration passdb call
to fix the checks for local and builtin groups. The SID can be
NULL if you want the old semantics for internal maintenance.
I only updated the tdb group mapping code.
* remove any group mapping from the tdb that have a
gid of -1 for better consistency with pdb_ldap.c.
The fixes the problem with calling add_group_map() in
the tdb code for unmapped groups which might have had
a record present.
* Ensure that we distinguish between groups in the
BUILTIN and local machine domains via getgrnam()
Other wise BUILTIN\Administrators & SERVER\Administrators
would resolve to the same gid.
* Doesn't strip the global_sam_name() from groups in the
local machine's domain (this is required to work with
'winbind default domain' code)
Still todo.
* Fix fallback Administrators membership for root and domain Admins
if nested groups = no or winbindd is not running
* issues with "su - user -c 'groups'" command
* There are a few outstanding issues with BUILTIN\Users that
Windows apparently tends to assume. I worked around this
presently with a manual group mapping but I do not think
this is a good solution. So I'll probably add some similar
as I did for Administrators.
(This used to be commit 612979476aef62e8e8eef632fa6be7d30282bb83)
|
|
Guenther
(This used to be commit 8d4290cb8ed75cf12fa45bcf3e93cfe1a5567919)
|
|
the size of the data table. Clean up the struct a little.
Jeremy.
(This used to be commit 338538410d484a9358b60b05a86180275344ffa4)
|
|
(This used to be commit 950ed28f9f3f57dc449bd3bd6e7be7acb1e3d26d)
|
|
(This used to be commit 5429c495c538e416010cf44e1d6fb771770a72ae)
|
|
parameter types.
(This used to be commit 23328fe6fc5e3b4ed3dc35e1475d661a8593eb1a)
|
|
KRB5KRB_ERR_RESPONSE_TOO_BIG when the krb5 library does not know about
this.
Guenther
(This used to be commit 4a1a3c4808307e09fa8ff85da9a963a4a6f0e9ae)
|
|
Howard for pointing this out.
Guenther
(This used to be commit 170038f4cdfa51ea31b2255a020740d28dfbfba2)
|
|
Guenther
(This used to be commit 5fa3f26b4c39d612243319fc0729078c50439d6b)
|
|
just for documentation purpose.
Guenther
(This used to be commit 0b00424e07f3f9c815664c619e2d7a670a838b93)
|
|
between Realloc and realloc_array.
Jeremy.
(This used to be commit 841c9b1847ae12656b827e3d35b8bf0c3f68b8b4)
|
|
realloc can return NULL in one of two cases - (1) the realloc failed,
(2) realloc succeeded but the new size requested was zero, in which
case this is identical to a free() call.
The error paths dealing with these two cases should be different,
but mostly weren't. Secondly the standard idiom for dealing with
realloc when you know the new size is non-zero is the following :
tmp = realloc(p, size);
if (!tmp) {
SAFE_FREE(p);
return error;
} else {
p = tmp;
}
However, there were *many* *many* places in Samba where we were
using the old (broken) idiom of :
p = realloc(p, size)
if (!p) {
return error;
}
which will leak the memory pointed to by p on realloc fail.
This commit (hopefully) fixes all these cases by moving to
a standard idiom of :
p = SMB_REALLOC(p, size)
if (!p) {
return error;
}
Where if the realloc returns null due to the realloc failing
or size == 0 we *guarentee* that the storage pointed to by p
has been freed. This allows me to remove a lot of code that
was dealing with the standard (more verbose) method that required
a tmp pointer. This is almost always what you want. When a
realloc fails you never usually want the old memory, you
want to free it and get into your error processing asap.
For the 11 remaining cases where we really do need to keep the
old pointer I have invented the new macro SMB_REALLOC_KEEP_OLD_ON_ERROR,
which can be used as follows :
tmp = SMB_REALLOC_KEEP_OLD_ON_ERROR(p, size);
if (!tmp) {
SAFE_FREE(p);
return error;
} else {
p = tmp;
}
SMB_REALLOC_KEEP_OLD_ON_ERROR guarentees never to free the
pointer p, even on size == 0 or realloc fail. All this is
done by a hidden extra argument to Realloc(), BOOL free_old_on_error
which is set appropriately by the SMB_REALLOC and SMB_REALLOC_KEEP_OLD_ON_ERROR
macros (and their array counterparts).
It remains to be seen what this will do to our Coverity bug count :-).
Jeremy.
(This used to be commit 1d710d06a214f3f1740e80e0bffd6aab44aac2b0)
|
|
(This used to be commit c803e1b2afdfc5bd983f046c976c01adebcfa1ad)
|
|
* Finish prototype of the "add port command" implementation
Format is "addportcommand portname deviceURI"
* DeviceURI is either
- socket://hostname:port/
- lpr://hostname/queue
depending on what the client sent in the request
(This used to be commit 6d74de7a676b71e83a3c3714743e6380c04e4425)
|
|
with the "MonitorUI" call
* Fix some parsing errors
This gets us to the Add Port Wizard dialog.
(This used to be commit a444aa7f0088fb71ff89df8c280209188b33ec3d)
|
|
* Add support for the "Local Port" monitor as well through this API
(This used to be commit ba9cdd88a0abf90a9c04959e554d7e4f10d17ff7)
|
|
Began the poet, his face as pale as death.
"I will go first, and you will follow me."
---
Adding XcvDataPort() to the spoolss code for remotely
add ports. The design is to allow an intuitive means
of creating a new CUPS print queue from the Windows 2000/XP
APW without hacks like specifying the deviceURI in the
location field of the printer properties dialog.
Also set 'default devmode = yes' as the new default
since it causes no harm and only is executed when you
have a NULL devmode anyways.
(This used to be commit 123e478ce5b5f63a61d00197332b847e83722468)
|
|
Fix incorrect size understanding of sid name type (yes it's
already correct in the Samba4 IDL :-).
Jeremy.
(This used to be commit 305a774d2880a57d1ebdf2ecf2d7e0b519695a33)
|
|
(This used to be commit cde31d5957ff9a009e111ab3719d20e70a5053b6)
|
|
* Fix a couple of related parsing issues.
* in the info3 reply in a samlogon, return the ACB-flags (instead of
returning zero)
Guenther
(This used to be commit 5b89e8bc24f0fdc8b52d5c9e849aba723df34ea7)
|
|
(This used to be commit 7c098ca0ae4c7e11c7100fb09b42ce716beffb56)
|
|
(This used to be commit d6c6363517513cc66a8933a6e4f95c5ce5cf1cb4)
|
|
* ignore the primary group SID attribute from struct samu*
* generate the primary group SID strictlky from the Unix
primary group when dealing with passdb users
* Fix memory leak in original patch caused by failing to free a
talloc *
* add wrapper around samu_set_unix() to prevent exposing the create
BOOL to callers. Wrappers are samu_set_unix() and samu-allic_rid_unix()
(This used to be commit bcf269e2ec6630b78d909010fabd3b69dd6dda84)
|
|
attribute when "winbind nss info = sfu" is set. Fixes #3539.
Guenther
(This used to be commit ffce0461de130828345c44293e564ca03227607d)
|
|
c++ reserved names.
Guenther
(This used to be commit e0b50d008728cfc66f6b1eefdadf8a708f4d9500)
|
|
* Add a 'struct passwd *' to the struct samu for later reference
(I know this may be controversial but its easily reverted which is
is why I'm checking this is as a seaparate patch before I get
too deep).
* Remove unix_homedir from struct samu {} and update the pdb wrapper
functions associated with it.
(This used to be commit 92c251fdf0f1f566cfeca3c75ba2284b644aef5d)
|
|
for older krb5 implementations.
Patch slightly modified from the version provided by Björn Jacke <bjoern
at j3e dot de> at the samba-technical list after discussion on the list
and by IRC. Thanks Björn!
(This used to be commit 49e6431c06c70088907c31e2da1ec83a09377015)
|
|
uint8 array and copy as such. Gunther please check (sorry
I reverted your earlier fix).
Jeremy.
(This used to be commit 7a17b39c80703909f102487690d2117d874b0e15)
|
|
overrun. Spoke to Jerry about the correct fix. Will add
this after.
Jeremy.
(This used to be commit 33e13aabd3825c59d15dc897536e2ccf8c8f6d5e)
|
|
PAC_LOGON_NAME structure. This was broken on big-endian machines
(Solaris SPARC and ppc). Fixes Bug #3330.
Jerry, this should be in 3.0.21c.
Guenther
(This used to be commit 9732490811f8f02ee547ddc6e2694e1122a3a518)
|
|
to make full use of the new talloc() interface. Discussed with Volker
and Jeremy.
* remove the internal mem_ctx and simply use the talloc()
structure as the context.
* replace the internal free_fn() with a talloc_destructor() function
* remove the unnecessary private nested structure
* rename SAM_ACCOUNT to 'struct samu' to indicate the current an
upcoming changes. Groups will most likely be replaced with a
'struct samg' in the future.
Note that there are now passbd API changes. And for the most
part, the wrapper functions remain the same.
While this code has been tested on tdb and ldap based Samba PDC's
as well as Samba member servers, there are probably still
some bugs. The code also needs more testing under valgrind to
ensure it's not leaking memory.
But it's a start......
(This used to be commit 19b7593972480540283c5bf02c02e5ecd8d2c3f0)
|
|
Patch from Bjoern Jacke <bjacke-at-sernet-dot-de>.
Guenther
(This used to be commit 69fb189a6b9947069afebb15d6ee6f2f20d15171)
|
|
Jeremy.
(This used to be commit ea82958349a57ef4b7ce9638eec5f1388b0fba2a)
|
|
Guenther
(This used to be commit 290a581b7567eab82b18fbadae9aa2ab29e95069)
|
|
(This used to be commit c3702e804a74276ee53eb73f2d9b1fa9d3874b48)
|
|
Volker
(This used to be commit bb40e544de68f01a6e774753f508e69373b39899)
|
|
set to avoid unnecessary polling.
(This used to be commit 1dce945ccbba25092cf54890301c8f78f8aede33)
|
|
* remove pdb_context data structure
* set default group for DOMAIN_RID_GUEST user as RID 513 (just
like Windows)
* Allow RID 513 to resolve to always resolve to a name
* Remove auto mapping of guest account primary group given the
previous 2 changes
(This used to be commit 7a2da5f0cc05c1920c664c9a690a23bdf854e285)
|
|
Jeremy.
(This used to be commit f1a362580ae37730dc8393a79f832aed5d0ea4be)
|
|
Jeremy.
(This used to be commit b57406c89feaf550f6c2d29ef0ed73a935908add)
|
|
Jeremy.
(This used to be commit 2274709587bd1f27bea2eacf633182f20cd07b1e)
|
|
Jeremy.
(This used to be commit a9e1d0f3b4fd7a0732a5023d0b4dcc2c4b1b03f8)
|
|
Jeremy.
(This used to be commit a164cfab420a2439dad8fd85f8b4d652087fa6b9)
|
|
Guenther
(This used to be commit 58baf718be90d750f51cf51a25714fcdcd5679b7)
|
|
Guenther
(This used to be commit f60eddc0a4dfe623e5f115533a62c03810fd5f38)
|
|
Jeremy.
(This used to be commit 9437ffc84f4d924ab67f3e16ef507d2aeeeb5f34)
|
|
Jeremy.
(This used to be commit 666b03b4a92800ed704b7f7e4b39f4e01ca47aee)
|
|
makes fixes much easier to port. Fix the size of dc->sess_key to
be 16 bytes, not 8 bytes - only store 8 bytes in the inter-smbd
store in secrets.tdb though. Should fix some uses of the dc->sess_key
where we where assuming we could read 16 bytes.
Jeremy.
(This used to be commit 5b3c2e63c73fee8949108abe19ac7a448a033a7f)
|
|
Jeremy.
(This used to be commit 8ae70122b79fbe682c227ec2c4e5a72bf58d76de)
|
|
from Samba4 on how to decode the 532 byte password buffers.
Getting closer to passing samba4 RPC-SCHANNEL test.
Jeremy.
(This used to be commit 205db6968a26c43dec64c14d8053d8e66807086f)
|
