summaryrefslogtreecommitdiff
path: root/source3/rpc_server
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r14403: * modifies create_local_nt_token() to create a BUILTIN\AdministratorsGerald Carter2-1/+13
group IFF sid_to_gid(S-1-5-32-544) fails and 'winbind nested groups = yes' * Add a SID domain to the group mapping enumeration passdb call to fix the checks for local and builtin groups. The SID can be NULL if you want the old semantics for internal maintenance. I only updated the tdb group mapping code. * remove any group mapping from the tdb that have a gid of -1 for better consistency with pdb_ldap.c. The fixes the problem with calling add_group_map() in the tdb code for unmapped groups which might have had a record present. * Ensure that we distinguish between groups in the BUILTIN and local machine domains via getgrnam() Other wise BUILTIN\Administrators & SERVER\Administrators would resolve to the same gid. * Doesn't strip the global_sam_name() from groups in the local machine's domain (this is required to work with 'winbind default domain' code) Still todo. * Fix fallback Administrators membership for root and domain Admins if nested groups = no or winbindd is not running * issues with "su - user -c 'groups'" command * There are a few outstanding issues with BUILTIN\Users that Windows apparently tends to assume. I worked around this presently with a manual group mapping but I do not think this is a good solution. So I'll probably add some similar as I did for Administrators. (This used to be commit 612979476aef62e8e8eef632fa6be7d30282bb83)
2007-10-10r14395: Fix coverity bug #55. Ensure no unsigned/signed comparisons.Jeremy Allison1-3/+3
Jeremy. (This used to be commit cd3ad3f1a6f622b4bad5cb21b132de4cc476e03f)
2007-10-10r14387: Try and fix the coverity issues (#53, #54) with negativeJeremy Allison1-1/+1
sink by ensuring all uses of rpcstr_push are consistent with a size_t dest size arg. Jeremy. (This used to be commit f65d7afe1977d9d85046732842f9643716c15088)
2007-10-10r14353: Fix coverity bugs #61 and #62. Remember to divide byJeremy Allison1-25/+20
the size of the data table. Clean up the struct a little. Jeremy. (This used to be commit 338538410d484a9358b60b05a86180275344ffa4)
2007-10-10r14338: Fix coverity #55 by explicit cast.Jeremy Allison1-2/+5
Jeremy. (This used to be commit 1fece52da4d667fa182aa9a87aaee3917860448b)
2007-10-10r14303: Fix coverity #223. In a loop we were forgetting to freeJeremy Allison1-1/+3
resources on error exit path. Jeremy. (This used to be commit f71aa3ab8fdfd08c1bec57b6506ead7c4af7299d)
2007-10-10r14301: Fix coverity #224. In a loop we were forgetting to freeJeremy Allison1-1/+3
resources on error exit path. Jeremy. (This used to be commit f1a5e5aefeeb78512c41cc8fc075b240696a3eb7)
2007-10-10r14299: Fix coverity #225. In a loop we were forgetting to freeJeremy Allison1-3/+6
resources on error exit path. Jeremy. (This used to be commit 1c0b4ed0acdb7fccb148d714796752fefc6dd78c)
2007-10-10r14289: Fix coverity #101, resource leak on error code path.Jeremy Allison1-2/+6
Jeremy. (This used to be commit d9e1d6fed099e7651807aa839a743fc7756ee326)
2007-10-10r14286: Similar clarifiction fix for coverity #102.Jeremy Allison1-8/+10
Jeremy. (This used to be commit f458596b0edd958321c5d4061f034846348a3fe6)
2007-10-10r14284: Fix coverity bug #103. Make code clearer - probablyJeremy Allison1-5/+9
not a real issue but this code is easier to read. Jeremy. (This used to be commit 6621acc68f9a65540330d5c0d07db2488a3e8678)
2007-10-10r14268: Fix coverity error #204. Resource leak on error path.Jeremy Allison1-0/+1
Jeremy. (This used to be commit 5f74e56b865e0bdde0e574cd5f97cf29b06ad155)
2007-10-10r14266: Fix coverity #205. Resource leak on error path.Jeremy Allison1-0/+1
Jeremy. (This used to be commit 23d69758bbff9687ab508e12931a5a49691d7e0d)
2007-10-10r14264: Fix coverity #207. Resource leak on error path.Jeremy Allison1-0/+1
Jeremy. (This used to be commit 0429b6e8c34a99d4b2a9a4849075ef2a5acadf9e)
2007-10-10r14250: Fix coverity bug #107. Resource leak on error path.Jeremy Allison1-1/+3
Jeremy. (This used to be commit ca96c7be778d01594a540917acd3c5c218d6459c)
2007-10-10r14233: Fix Coverity bug # 206Volker Lendecke1-1/+3
(This used to be commit 0dc3030bce7bc7a58c509c70fe503a70db80b62d)
2007-10-10r14226: Fix Coverity bug # 109Volker Lendecke1-1/+3
(This used to be commit e9a63e3b35822eefbc5e17b6f9a4aab5e8c03074)
2007-10-10r14182: Ensure we know that dom_sid cannot be null.Jeremy Allison1-1/+1
Jeremy. (This used to be commit e3a28bf4c8064f7053b7d1a25a2f087ac2095fcd)
2007-10-10r14178: Clarify code for Coverity #49. Ensure we know weJeremy Allison1-0/+2
can't have an uninitialized *returned val. Jeremy. (This used to be commit e83515afd2cb63b0dfa4f7fe00b6b7163bf35f2f)
2007-10-10r14031: Coverity bug CID #110. Free all resources correctlyJeremy Allison1-0/+2
on pipe initialization failure. Jeremy. (This used to be commit daa919a94b3d81401654004bc0f32c45451203c1)
2007-10-10r13994: Belt and braces - ensure RPC_BUFFER is valid.Jeremy Allison1-44/+75
Jeremy. (This used to be commit d993797191865878ebfd2ff9028d341017605cd6)
2007-10-10r13915: Fixed a very interesting class of realloc() bugs found by Coverity.Jeremy Allison2-36/+24
realloc can return NULL in one of two cases - (1) the realloc failed, (2) realloc succeeded but the new size requested was zero, in which case this is identical to a free() call. The error paths dealing with these two cases should be different, but mostly weren't. Secondly the standard idiom for dealing with realloc when you know the new size is non-zero is the following : tmp = realloc(p, size); if (!tmp) { SAFE_FREE(p); return error; } else { p = tmp; } However, there were *many* *many* places in Samba where we were using the old (broken) idiom of : p = realloc(p, size) if (!p) { return error; } which will leak the memory pointed to by p on realloc fail. This commit (hopefully) fixes all these cases by moving to a standard idiom of : p = SMB_REALLOC(p, size) if (!p) { return error; } Where if the realloc returns null due to the realloc failing or size == 0 we *guarentee* that the storage pointed to by p has been freed. This allows me to remove a lot of code that was dealing with the standard (more verbose) method that required a tmp pointer. This is almost always what you want. When a realloc fails you never usually want the old memory, you want to free it and get into your error processing asap. For the 11 remaining cases where we really do need to keep the old pointer I have invented the new macro SMB_REALLOC_KEEP_OLD_ON_ERROR, which can be used as follows : tmp = SMB_REALLOC_KEEP_OLD_ON_ERROR(p, size); if (!tmp) { SAFE_FREE(p); return error; } else { p = tmp; } SMB_REALLOC_KEEP_OLD_ON_ERROR guarentees never to free the pointer p, even on size == 0 or realloc fail. All this is done by a hidden extra argument to Realloc(), BOOL free_old_on_error which is set appropriately by the SMB_REALLOC and SMB_REALLOC_KEEP_OLD_ON_ERROR macros (and their array counterparts). It remains to be seen what this will do to our Coverity bug count :-). Jeremy. (This used to be commit 1d710d06a214f3f1740e80e0bffd6aab44aac2b0)
2007-10-10r13878: move PORT_DATA_1 to use static sized UNICODE strings as per MSDNGerald Carter1-1/+7
(This used to be commit c803e1b2afdfc5bd983f046c976c01adebcfa1ad)
2007-10-10r13829: From the "It's not pretty but it works" categoryGerald Carter1-11/+101
* Finish prototype of the "add port command" implementation Format is "addportcommand portname deviceURI" * DeviceURI is either - socket://hostname:port/ - lpr://hostname/queue depending on what the client sent in the request (This used to be commit 6d74de7a676b71e83a3c3714743e6380c04e4425)
2007-10-10r13824: * add api table for Xcv TCPMON and LOCALMON calls startingGerald Carter1-8/+93
with the "MonitorUI" call * Fix some parsing errors This gets us to the Add Port Wizard dialog. (This used to be commit a444aa7f0088fb71ff89df8c280209188b33ec3d)
2007-10-10r13821: replacing some strings with macrosGerald Carter1-9/+11
(This used to be commit a34ab5c827630a5517e4c706877a172e6063f227)
2007-10-10r13820: * Start fleshing out the XcvDataPort() server implementationGerald Carter1-36/+99
* Add support for the "Local Port" monitor as well through this API (This used to be commit ba9cdd88a0abf90a9c04959e554d7e4f10d17ff7)
2007-10-10r13815: "Into the blind world let us now descend,"Gerald Carter2-136/+68
Began the poet, his face as pale as death. "I will go first, and you will follow me." --- Adding XcvDataPort() to the spoolss code for remotely add ports. The design is to allow an intuitive means of creating a new CUPS print queue from the Windows 2000/XP APW without hacks like specifying the deviceURI in the location field of the printer properties dialog. Also set 'default devmode = yes' as the new default since it causes no harm and only is executed when you have a NULL devmode anyways. (This used to be commit 123e478ce5b5f63a61d00197332b847e83722468)
2007-10-10r13778: When deleting machine accounts it's the SeMachineAccountPrivilegeJeremy Allison1-1/+9
that counts. Jeremy. (This used to be commit aa85ba4f3799ffbe5c6f84f768f03a4c68d879dc)
2007-10-10r13766: Patch from Arek Glabek <aglabek@centeris.com>:Gerald Carter1-6/+3
* Fix parsing error in eventlogadm caused by log entries with no DAT: line. (This used to be commit f0a8f438793a806e8cf73e1e695b09e540a4239e)
2007-10-10r13715: Put back the code that actually modify the account,Simo Sorce1-0/+6
removed, I presume by mistake, by Jerry in the recent patch the removes the primary group SID stuff. set_user_info_21 is called to update many other things like the description of a user for example (that's what failed on me). Jerry, please review this one. (This used to be commit 239a37d201168d095f600042b1ffcd047f18ba8a)
2007-10-10r13711: * Correctly handle acb_info/acct_flags as uint32 not as uint16.Günther Deschner2-4/+4
* Fix a couple of related parsing issues. * in the info3 reply in a samlogon, return the ACB-flags (instead of returning zero) Guenther (This used to be commit 5b89e8bc24f0fdc8b52d5c9e849aba723df34ea7)
2007-10-10r13679: Commiting the rm_primary_group.patch posted on samba-technicalGerald Carter1-10/+9
* ignore the primary group SID attribute from struct samu* * generate the primary group SID strictlky from the Unix primary group when dealing with passdb users * Fix memory leak in original patch caused by failing to free a talloc * * add wrapper around samu_set_unix() to prevent exposing the create BOOL to callers. Wrappers are samu_set_unix() and samu-allic_rid_unix() (This used to be commit bcf269e2ec6630b78d909010fabd3b69dd6dda84)
2007-10-10r13622: Allow to rename machine accounts in a Samba Domain. This still uses theGünther Deschner1-2/+36
"rename user script" to do the rename of the posix machine account (this might be changed later). Fixes #2331. Guenther (This used to be commit b2eac2e6eb6ddd1bcb4ed5172e7cd64144c18d16)
2007-10-10r13590: * replace all pdb_init_sam[_talloc]() calls with samu_new()Gerald Carter2-39/+41
* replace all pdb_{init,fill}_sam_pw() calls with samu_set_unix() (This used to be commit 6f1afa4acc93a07d0ee9940822d7715acaae634f)
2007-10-10r13576: This is the beginnings of moving the SAM_ACCOUNT data structureGerald Carter3-80/+80
to make full use of the new talloc() interface. Discussed with Volker and Jeremy. * remove the internal mem_ctx and simply use the talloc() structure as the context. * replace the internal free_fn() with a talloc_destructor() function * remove the unnecessary private nested structure * rename SAM_ACCOUNT to 'struct samu' to indicate the current an upcoming changes. Groups will most likely be replaced with a 'struct samg' in the future. Note that there are now passbd API changes. And for the most part, the wrapper functions remain the same. While this code has been tested on tdb and ldap based Samba PDC's as well as Samba member servers, there are probably still some bugs. The code also needs more testing under valgrind to ensure it's not leaking memory. But it's a start...... (This used to be commit 19b7593972480540283c5bf02c02e5ecd8d2c3f0)
2007-10-10r13571: Replace all calls to talloc_free() with thye TALLOC_FREE()Gerald Carter3-7/+7
macro which sets the freed pointer to NULL. (This used to be commit b65be8874a2efe5a4b167448960a4fcf6bd995e2)
2007-10-10r13557: (Hopefully) get the creds store/restore key right fromJeremy Allison2-19/+42
the correct part of the netlogon and schannel packets. Jeremy. (This used to be commit 4877f336b257e6f59833a6e0679959a2ec879974)
2007-10-10r13556: Ensure that any potential creds operation are protectedJeremy Allison1-14/+31
by schannel if "server schannel = true" was set. Jeremy. (This used to be commit fd84d9703ed01feb010df4ebb7e9ceb0d063780b)
2007-10-10r13553: Fix all our warnings at -O6 on an x86_64 box.Jeremy Allison2-12/+12
Jeremy. (This used to be commit ea82958349a57ef4b7ce9638eec5f1388b0fba2a)
2007-10-10r13552: Make sure we're using the same name to load the storedJeremy Allison1-1/+1
creds under all circumstances. This may be wrong, but at least we're now consistent. Jeremy. (This used to be commit 09f0b3e1a366ba3eef4ab9a8e302daabd4f36936)
2007-10-10r13548: Always use the get_remote_macinhe_name() as the keyJeremy Allison1-49/+47
for the creds store. This should fix the problems Jerry reported (but I have still to run tests :-). Jeremy. (This used to be commit 43f095a38d66caa774d80fe32e1b96ec25dd1f07)
2007-10-10r13547: add earlier checks to deny deleting a printer driver. The previousGerald Carter1-0/+24
code relied upon file permissions alone. Now we check that the user is a printer administrator and that the share has not been marked read only for that user. (This used to be commit 117d9fd9e16a7afbc6772506a4f8c33ff99d33f7)
2007-10-10r13544: -O1 janitor work :-)Volker Lendecke1-6/+5
(This used to be commit a95d7d722273863efa820674672393fe6e5a33b7)
2007-10-10r13539: Add 128 bit creds processing client and server. Thanks to Andrew ↵Jeremy Allison1-2/+4
Bartlett's Samba4 code. Jeremy. (This used to be commit a2fb436fc5dd536cfe860be93f55f9cb58139a0e)
2007-10-10r13521: Implement LOOKUPNAME3 and 4.Jeremy Allison1-28/+257
Jeremy. (This used to be commit 6ec0e9124a1a7b19c9853b8e26075cbbb8751f10)
2007-10-10r13519: Fix the credentials chaining across netlogon pipe disconnects.Jeremy Allison2-58/+134
I mean it this time :-). Jeremy. (This used to be commit 80f4868944d349015d2b64c2414b06466a8194aa)
2007-10-10r13511: Fix bug in the samr dispinfo enumeration code.Gerald Carter1-0/+11
Make sure to associate the DOMAIN dispinfo cache with a User/Group SAMR handle (not the SID of the user or group). Ensure that enumeration after deleting a user works. (This used to be commit 7967f89caa17ea93cb7e9d8695f1904ccb9a2864)
2007-10-10r13494: Merge the stuff I've done in head the last days.Volker Lendecke1-424/+103
Volker (This used to be commit bb40e544de68f01a6e774753f508e69373b39899)
2007-10-10r13458: Add parsing functions - but stub internals for lookupnames3 and 4.Jeremy Allison2-1/+82
Jeremy. (This used to be commit f1a362580ae37730dc8393a79f832aed5d0ea4be)