Age | Commit message (Collapse) | Author | Files | Lines |
|
Guenther
(This used to be commit 840ac23ec007df445892d851144d6458c4e06a6b)
|
|
share_mode struct. Allows us to know the unix
uid of the opener of the file/directory. Needed
for info level queries on open files.
Jeremy.
(This used to be commit d929323d6f513902381369d77bcd7b714346d713)
|
|
Volker
(This used to be commit ce1d8423ef7cd86fc64200002fde707bca621d44)
|
|
in net_rpc.c: 715 716 732 734 735 736 737 738 739 749
in net_rpc_audit.c: 754 755 756
in net_rpc_join.c: 757
in net_rpc_registry: 766 767
in net_rpc_samsync.c: 771 773
in net_sam.c: 797 798
Volker
(This used to be commit 3df0bf7d6050fd7c9ace72487d4f74d92e30a584)
|
|
Only set the DFS capability flag if the share is a DFS root. Fixes bug 3814.
(This used to be commit 6193f1170819096ea8a646e5a456f627df83872d)
|
|
class of memory leak bugs on error found by Klocwork (#123).
Many of these functions didn't free allocated memory on
error exit.
Jeremy.
(This used to be commit 8ef11a7c6de74024b7d535d959db2d462662a86f)
|
|
to void *.
Jeremy.
(This used to be commit e24361ecddef8a48a42a356775b93ce5c4027fae)
|
|
Guenther
(This used to be commit 546710d58c07acdaa175caa48cec4d3f2bc657ad)
|
|
This patch is mainly based on the work of Todd Stecher
<tstecher@isilon.com> and has been reviewed by Jeremy.
I sucessfully tested and valgrinded it with MIT 1.4.3, 1.3.5, Heimdal
0.7.2 and 0.6.1rc3.
Guenther
(This used to be commit 535d03cbe8b021e9aa6d74b62d81b867c494c957)
|
|
(This used to be commit 09586824f6568fb3305e3e59ba6bc8f5f632fb56)
|
|
we know we don't have an error. Klocwork #6.
Jeremy.
(This used to be commit 2c1a2d7b40e7ef353461f97f5c69c2079b5670ab)
|
|
Jeremy.
(This used to be commit 319f80bbf0455cfaf80eab51313a56db4ed04ac5)
|
|
Volker
(This used to be commit 7674a4f8361d3f3b649245118b82d8a074a2760e)
|
|
offset correctly when doing info level 1 directory
scans. Thanks to Guenter Kukkukk <Guenter.Kukkukk@kukkukk.com>
for reporting this problem and testing the fix.
Jeremy.
(This used to be commit 65d4dfbd6045a4e3f9eaf520c70ef29ff7ddee82)
|
|
cli_session_setup
derefences it.
Volker
(This used to be commit b013b6908d22cfd38fcc56a9cb2ca675d75996d1)
|
|
(This used to be commit d77768cb237461b06119ee19f822b120623d77dd)
|
|
(This used to be commit 71fd0d3de4a02b9a7b67914f6412f18ec0bb5e7a)
|
|
Jeremy.
(This used to be commit b108ab7b122cc607f31772614b221379403b211b)
|
|
is broken
right now. r14112 broke it, in 3.0.22 register_vuid for security=share returns
UID_FIELD_INVALID which in current 3_0 is turned into an error condition. This
makes sure that we only call register_vuid if sec!=share and meanwhile also
fixes a little memleak.
Then I also found a crash in smbclient with sec=share and hostmsdfs=yes.
There's another crash with sec=share when coming from w2k3, but I need sleep
now.
Someone (jerry,jra?) please review the sesssetup.c change.
Thanks,
Volker
(This used to be commit 8059d0ae395604503cad3d9f197928305923e3f5)
|
|
The motivating factor is to not require more privileges for
the user account than Windows does when joining a domain.
The points of interest are
* net_ads_join() uses same rpc mechanisms as net_rpc_join()
* Enable CLDAP queries for filling in the majority of the
ADS_STRUCT->config information
* Remove ldap_initialized() from sam/idmap_ad.c and
libads/ldap.c
* Remove some unnecessary fields from ADS_STRUCT
* Manually set the dNSHostName and servicePrincipalName attribute
using the machine account after the join
Thanks to Guenther and Simo for the review.
Still to do:
* Fix the userAccountControl for DES only systems
* Set the userPrincipalName in order to support things like
'kinit -k' (although we might be able to just use the sAMAccountName
instead)
* Re-add support for pre-creating the machine account in
a specific OU
(This used to be commit 4c4ea7b20f44cd200cef8c7b389d51b72eccc39b)
|
|
locating AD DC's with out own DNS SRV queries.
Testing on Linux and Solaris.
(This used to be commit cf71f88a3cdcabf99c0798ef4cf8c978397a57eb)
|
|
* Fix the build without kerberos headers
* Fix memleak in the krb5_address handling
Guenther
(This used to be commit 10e42117559d4bc6a34e41a94914bf6c65c3477f)
|
|
kerberized pam_winbind and workstation restrictions are in effect.
The krb5 AS-REQ needs to add the host netbios-name in the address-list.
We don't get the clear NT_STATUS_INVALID_WORKSTATION code back yet from
the edata of the KRB_ERROR but the login at least fails when the local
machine is not in the workstation list on the DC.
Guenther
(This used to be commit 8b2ba11508e2730aba074d7c095291fac2a62176)
|
|
Jeremy, can you check this? This was part of your -O6 on 64bit sweep.
Volker
(This used to be commit 4fa5dbcc8dd1f150664e1241b22e3f048d816001)
|
|
Jeremy.
(This used to be commit bea87e2df45c67cc75d91bd3ed1acc4c64a1c8ea)
|
|
smb_krb5_parse_name_norealm_conv that pull/push from unix charset
to utf8 (which krb5 uses on the wire). This should fix issues when
the unix charset is not compatible with or set to utf8.
Jeremy.
(This used to be commit 37ab42afbc9a79cf5b04ce6a1bf4060e9c961199)
|
|
where if you ask for exactly 64k bytes it returns 0.
Jeremy.
(This used to be commit dcef65acb5bc08ea4b61ef490a518b7e668ff2ee)
|
|
With this change (and setting lanman auth = no in smb.conf)
we have *identical* NTLMSSP flags to W2K3 in SPNEGO auth.
Jeremy
(This used to be commit 93ca3eee55297eb7fdd38fca38103ce129987e2a)
|
|
call.
Jeremy.
(This used to be commit 44b0d856ae867d1c407507dcf7940dd39f4f963a)
|
|
into 3.0. Also merge the new POSIX lock code - this
is not enabled unless -DDEVELOPER is defined.
This doesn't yet map onto underlying system POSIX
locks. Updates vfs to allow lock queries.
Jeremy.
(This used to be commit 08e52ead03304ff04229e1bfe544ff40e2564fc7)
|
|
Implement enhancement request 3505. Two additional features are added here.
There is now a method of saving an opaque user data handle in the smbc_
context, and there is now a way to request that the context be passed to the
authentication function. See examples/libsmbclient/testbrowse.c for an example
of using these features.
(This used to be commit 203b4911c16bd7e10198a6f0e63960f2813025ef)
|
|
Guenther
(This used to be commit d45b9abb0ec7d943e9fb374d64385d6c540fffe2)
|
|
Might need to rework prs_dcerpc_status().
Guenther
(This used to be commit 38b18f428ba941f4d9a14fa2de45cb0cd793a754)
|
|
kerberos_kinit_password_ext provides access to more options.
Guenther
(This used to be commit afc519530f94b420b305fc28f83c16db671d0d7f)
|
|
Guenther
(This used to be commit aae8f8ae7a79d06c74151186f3c2470bdec5687d)
|
|
implicit function contract explicit.
Jeremy.
(This used to be commit 6de5e9ae4628d384631db9b66e22d439a303b75c)
|
|
aliasing clearer. This isn't a bug but a code
clarification.
Jeremy.
(This used to be commit 7ada96a1cfb1e928b7dfde101ca250b20024243f)
|
|
Free grp_sid and owner_sid before returning. Also, only allow one group
or owner.
(This used to be commit 1043e0d90ccb3493417f7bf05b70bdf5513bb1a3)
|
|
(This used to be commit 97789ec8fc4ae2d31f6dd554d9979abce186eb30)
|
|
(This used to be commit 019dff53f906a6eb7961a95089bff12361e31e57)
|
|
(This used to be commit 26d471c02c6ddff15836a3c0d30f9e37f018b66d)
|
|
(This used to be commit 8a8d9057d98b24710c98fa48df9d7f330a8ebdc0)
|
|
(This used to be commit 26377b63a3a3d2d5ed23bdbb5f22b70ec7d3fcad)
|
|
their existence
(This used to be commit 6b52423033b2eccdfad1e91e9d59619664f570ac)
|
|
(This used to be commit 5007f53eb54eddff3d13df929d78385d6b158057)
|
|
(This used to be commit b824245c4e04353f0d3fd0ccf6bc5776a601daed)
|
|
(This used to be commit 6dc79e6b12e221e9af85a1edf487b5fb5aae222b)
|
|
Thanks,
Volker
(This used to be commit 86f62484dd7db43e036d9edf29e459b8bd0e5fbe)
|
|
realloc can return NULL in one of two cases - (1) the realloc failed,
(2) realloc succeeded but the new size requested was zero, in which
case this is identical to a free() call.
The error paths dealing with these two cases should be different,
but mostly weren't. Secondly the standard idiom for dealing with
realloc when you know the new size is non-zero is the following :
tmp = realloc(p, size);
if (!tmp) {
SAFE_FREE(p);
return error;
} else {
p = tmp;
}
However, there were *many* *many* places in Samba where we were
using the old (broken) idiom of :
p = realloc(p, size)
if (!p) {
return error;
}
which will leak the memory pointed to by p on realloc fail.
This commit (hopefully) fixes all these cases by moving to
a standard idiom of :
p = SMB_REALLOC(p, size)
if (!p) {
return error;
}
Where if the realloc returns null due to the realloc failing
or size == 0 we *guarentee* that the storage pointed to by p
has been freed. This allows me to remove a lot of code that
was dealing with the standard (more verbose) method that required
a tmp pointer. This is almost always what you want. When a
realloc fails you never usually want the old memory, you
want to free it and get into your error processing asap.
For the 11 remaining cases where we really do need to keep the
old pointer I have invented the new macro SMB_REALLOC_KEEP_OLD_ON_ERROR,
which can be used as follows :
tmp = SMB_REALLOC_KEEP_OLD_ON_ERROR(p, size);
if (!tmp) {
SAFE_FREE(p);
return error;
} else {
p = tmp;
}
SMB_REALLOC_KEEP_OLD_ON_ERROR guarentees never to free the
pointer p, even on size == 0 or realloc fail. All this is
done by a hidden extra argument to Realloc(), BOOL free_old_on_error
which is set appropriately by the SMB_REALLOC and SMB_REALLOC_KEEP_OLD_ON_ERROR
macros (and their array counterparts).
It remains to be seen what this will do to our Coverity bug count :-).
Jeremy.
(This used to be commit 1d710d06a214f3f1740e80e0bffd6aab44aac2b0)
|
|
think is a direct bug, but some code that needs clarification :-).
Jeremy.
(This used to be commit 61901a3f10de64a72b655d9aa884424a4fc88a44)
|