summaryrefslogtreecommitdiff
path: root/source3
AgeCommit message (Collapse)AuthorFilesLines
2012-12-12vfs: Make sure we don't call talloc_free on an uninitialized pointer.Andreas Schneider1-1/+1
Found by Coverity. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
2012-12-12s3-printing: Don't call talloc_free on an uninitialized pointer.Andreas Schneider1-1/+1
Found by Coverity. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
2012-12-12s3-net: Check the return value of strlower_m().Andreas Schneider1-1/+3
Found by Coverity. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
2012-12-12s3-net: Check return value of string_to_sid().Andreas Schneider1-1/+7
Found by Coverity. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
2012-12-12s3-rpcclient: Check return value of add_string_to_array().Andreas Schneider1-1/+5
Found by Coverity. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
2012-12-12s3-registry: Check return code of push_reg_sz().Andreas Schneider1-2/+11
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
2012-12-11s3:auth: Tidy up some of the API confusion in create_token_from_XXX() calls.Jeremy Allison1-6/+9
Based on Michaels example, split out the return of NT_STATUS_NO_MEMORY on talloc fail from other possible errors. Allow the NTSTATUS return to be the only valid indication of success in these calls. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Tue Dec 11 20:04:25 CET 2012 on sn-devel-104
2012-12-11s3:auth: fix dereference level in talloc checks in create_token_from_sid()Michael Adam1-2/+2
Commit c5b150b33fc54ed97dbd0736cc6f4c15977d6e70 introduced these checks. The current check "found_username == NULL" is wrong (we would segfault earlier in this case). We need to check *found_username == NULL instead as noted by Günter. Reported-by: Günter Kukkukk <linux@kukkukk.com> Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
2012-12-11s3:auth: fix function header comment for user_sid_in_group_sid()Michael Adam1-1/+1
This is embarrassing: the commit 0770a4c01bef26ec51321cd5b97aea4eab9e00a8 which intended to fix an earlier copy'n'paste error, contained another typo, fixed with this commit... Signed-off-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Tue Dec 11 00:04:45 CET 2012 on sn-devel-104
2012-12-10s3:auth: fix create_token_from_sid() to not fail in the winbindd caseMichael Adam1-2/+10
Commit 1c3c5e2156d9096f60bd53a96b88c2f1001d898a which factored the sid-based variant out of create_token_from_username() broke the case of a user handled by winbindd in that the "found_username" was set to NULL which caused the function to fail with NT_STATUS_NO_MEMORY further down. This patch fixes the function so that the case of found_username == NULL is cleanly separated from the NO_MEMORY case and the caller can provide the username in this case, if required. This fixes bug #9457. Signed-off-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Mon Dec 10 18:18:54 CET 2012 on sn-devel-104
2012-12-10s3:auth: fix header comment for user_sid_in_group_sid()Michael Adam1-2/+2
This function was created in 1c3c5e2156d9096f60bd53a96b88c2f1001d898a and the header comment contained copy'n'paste errors from the original function user_in_group_sid() that took the user name. Signed-off-by: Michael Adam <obnox@samba.org>
2012-12-09s3-auth: remove crypto from serverinfo_to_SamInfoX calls.Günther Deschner5-34/+30
All crypto is dealt with within the netlogon samlogon server now. Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-09s3-rpc_server: Remove obsolete process_creds boolean in samlogon server.Günther Deschner1-24/+3
Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-09s3-auth: session keys in validation level 6 samlogon replies are *not* ↵Günther Deschner1-8/+0
encrypted. Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-09s3-rpc_server: support AES for interactive netlogon samlogon password ↵Günther Deschner3-37/+36
decryption. Still need to fix AES support for the returned validation info. Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-09s3-rpc_server: we need to encrypt OWFs using DES in _netr_ServerGetTrustInfo().Günther Deschner1-2/+2
Sumit, please check. Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-09s3-rpc_server: pass down netlogon cred state in _netr_ServerGetTrustInfo().Günther Deschner1-9/+5
Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-09s3-rpc_client: use netlogon_creds_aes_encrypt in interactive netlogon samlogon.Günther Deschner1-1/+4
Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-09s3-rpc_server: support AES decryption in netr_ServerPasswordSet2 server.Günther Deschner1-1/+6
Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-09s3-rpc_client: support AES encryption in netr_ServerPasswordSet2 client.Günther Deschner1-2/+6
Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-09s3-rpc_client: use netlogon_creds_arcfour_crypt() in init_netr_CryptPassword.Günther Deschner3-5/+5
Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-07winbind: Make the code more readable in trustdom_list_done().Andreas Schneider1-15/+19
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jim McDonough <jmcd@samba.org> Autobuild-User(master): Jim McDonough <jmcd@samba.org> Autobuild-Date(master): Fri Dec 7 22:38:43 CET 2012 on sn-devel-104
2012-12-07s3: Fix clear_if_first for the async echo handlerVolker Lendecke1-1/+1
A worker smbd is as not long-lived as the main smbd, but as the async echo handler exits when the worker smbd does, passing "true" here is the right thing to do and fixes our clear_if_first handling when the async echo handler is active. Reviewed-by: Christian Ambach <ambi@samba.org> Autobuild-User(master): Christian Ambach <ambi@samba.org> Autobuild-Date(master): Fri Dec 7 11:29:36 CET 2012 on sn-devel-104
2012-12-06build: Install .po files for SWAT intl supportAndrew Bartlett1-0/+3
2012-12-06Clean up client timeout definitions [rev. 2]Scott Lovenberg4-8/+5
The definitions for default client timeout values have been moved to client.h. When initializing a client struct we use this value instead of the old hardcoded value. The timeout value remains 20 seconds. Signed-off-by: Scott Lovenberg <scott.lovenberg@gmail.com> Reviewed by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Dec 6 03:25:58 CET 2012 on sn-devel-104
2012-12-05s3:smbd: fix a cut and paste error in a debug messageMichael Adam1-2/+2
Signed-off-by: Michael Adam <obnox@samba.org> Reviewed by: Jeremy Allison <jra@samba.org>
2012-12-05s3:smbd: don't apply create/directory mask and modes in apply_default_perms()Michael Adam1-77/+11
The mask/mode parameters should only apply to a situation with only pure posix permissions. Once we are dealing with ACLs and inheritance, we need to do it correctly. This fixes bug #9462: Users can not be given write permissions any more by default Signed-off-by: Michael Adam <obnox@samba.org> Reviewed by: Jeremy Allison <jra@samba.org>
2012-12-06Fix bug #9460 - Samba 3.6.x and Master respond incorrectly to ↵Richard Sharpe1-1/+22
FILE_STREAM_INFO requests. Ensure we check the buffer size correctly. Reviewed by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Dec 6 01:31:08 CET 2012 on sn-devel-104
2012-12-04Remove unused append_parent_acl().Jeremy Allison2-204/+0
Get rid of a large chunk of unused code. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org> Autobuild-User(master): David Disseldorp <ddiss@samba.org> Autobuild-Date(master): Tue Dec 4 11:59:30 CET 2012 on sn-devel-104
2012-12-04s3:smbd:vfs_acl: fix a PANIC when setting an ACL fails with ACCESS_DENIEDMichael Adam1-0/+1
Omission to free the talloc frame causes a panic (at least in developer mode) in the next main event loop due to "Frame not freed in order." (Freed frame ../source3/smbd/process.c:3617, expected ../source3/modules/vfs_acl_common.c:534.) Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Tue Dec 4 09:03:25 CET 2012 on sn-devel-104
2012-12-03s3:passdb: fix building pdb_ldap as shared moduleMichael Adam2-2/+3
Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Mon Dec 3 19:12:29 CET 2012 on sn-devel-104
2012-12-03smbget: Use new samba_getpass() function.Andreas Schneider1-3/+2
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
2012-12-03util: Use new samba_getpass() function for passwd util.Andreas Schneider1-1/+8
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
2012-12-03ntlm_auth: Use new samba_getpass() function.Andreas Schneider1-1/+7
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
2012-12-03net: Use samba_getpass() function in net util.Andreas Schneider1-3/+7
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
2012-12-03net: Use new samba_getpass() function for 'net rpc'.Andreas Schneider1-1/+8
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
2012-12-03net: Use new samba_getpass() function for 'net ads'.Andreas Schneider1-1/+9
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
2012-12-03torture: Use new samba_getpass() in masktest.Andreas Schneider1-2/+5
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
2012-12-03torture: Use new samba_getpass() in smbtorture3.Andreas Schneider1-3/+6
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
2012-12-03torture: Use new samba_getpass() in locktest2.Andreas Schneider1-3/+6
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
2012-12-03util: Use new samba_getpass() function.Andreas Schneider1-4/+5
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
2012-12-03smbclient: Use new samba_getpass() function.Andreas Schneider1-3/+6
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
2012-12-03util: Add a UNIX platform independent samba_getpass().Andreas Schneider1-1/+1
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
2012-12-03s3:selftest: extend sids2xids test script to cope with "ID_TYPE_BOTH mappingsMichael Adam1-1/+1
Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Mon Dec 3 10:47:17 CET 2012 on sn-devel-104
2012-12-03s3:passdb: don't look into group mappings in legacy_sid_to_unixid()Michael Adam1-28/+1
The backends (tdbsam and ldapsam) do this. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-03s3:passdb:pdb_ldap: treat "Unix User" and "Unix Group" in sid_to_id()Michael Adam1-0/+5
Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-03s3:passdb:pdb_ldap: pre-validate sid with sid_check_object_is_for_passdb()Michael Adam1-3/+3
instead of sid_check_sid_is_in_our_sam). This allows for builtin sids, wellknown sids and "Unix User" and "Unix Group" domains. This broadens up the check moved here in commit 02e25b2a43ae02205a3412f862a1482d24b70aa4. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-03s3:passdb: add sid_check_object_is_for_passdb()Michael Adam3-0/+35
Variant of sid_check_is_for_passdb() that only checks for objects in the various domains, not for the domain sids themselves. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-03s3:passdb: factor pdb_sid_to_id_unix_users_and_groups() out of ↵Michael Adam2-16/+35
pdb_default_sid_to_id() The special treatment of the "Unix User" and "Unix Group" pseudo domains can be reused. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-03s3:passdb: don't bail out in pdb_default_sid_to_id() if sid is not in our samMichael Adam1-5/+0
This code treats the own sam, builtin, wellknown, and sids from the "Unix User" and "Unix Group" pseudo-domains. This reverts part of commit 02e25b2a43ae02205a3412f862a1482d24b70aa4. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>