summaryrefslogtreecommitdiff
path: root/source3
AgeCommit message (Collapse)AuthorFilesLines
2011-09-05s3:smb2cli: disconnect the connection, if we're out of message idsStefan Metzmacher1-1/+15
metze
2011-09-05s3:smb2cli: don't use state->cli->smb2.mid++ as macro argumentStefan Metzmacher1-1/+5
It gets expanded multiple times. metze
2011-09-05s3-smbd: Rename reload_printers() and add documentation.Andreas Schneider5-11/+22
Autobuild-User: Andreas Schneider <asn@cryptomilk.org> Autobuild-Date: Mon Sep 5 17:59:47 CEST 2011 on sn-devel-104
2011-09-05s3: Fix smbcontrol smbd idmap kill S-1-5-21-...Volker Lendecke1-6/+20
The calls to sid_to_gid and sid_to_uid create id mapping entries themselves, which makes it pretty difficult to reliably delete id mapping entries everywhere just using a SID. Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Mon Sep 5 16:30:41 CEST 2011 on sn-devel-104
2011-09-05s3: Reformat msg_idmap.c to match Samba codingVolker Lendecke1-13/+19
2011-09-05s3:smbd: make use of PROTOCOL_SMB2_02Stefan Metzmacher1-1/+1
metze
2011-09-05libcli/smb: move smb2_signing.c to the toplevelStefan Metzmacher4-145/+1
metze
2011-09-05s3-spoolssd: Remove stale printers only on a valid pcap update.Andreas Schneider1-2/+2
load_printers() removes stale printers and we should only remove them if we have a CUPS connection and talked to cups. Else we will remove every configured printer if cups is not available. Autobuild-User: Andreas Schneider <asn@cryptomilk.org> Autobuild-Date: Mon Sep 5 11:18:23 CEST 2011 on sn-devel-104
2011-09-03s3:smb2cli: ask for a session key in smb2cli_sesssetup_send()Stefan Metzmacher1-0/+3
This is needed if we want to support SMB2 signing later. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Sat Sep 3 16:21:35 CEST 2011 on sn-devel-104
2011-09-03s3-spoolss: Fix bug #8236 empty notify servername.Andreas Schneider1-0/+9
Signed-off-by: Andreas Schneider <asn@samba.org> Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Sat Sep 3 02:58:42 CEST 2011 on sn-devel-104
2011-09-03Part 5 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid for set ↵Jeremy Allison1-4/+21
(Invalid argument) Be smarter about setting default permissions when a ACL_GROUP_OBJ isn't given. Use the principle of least surprises for the user. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Sat Sep 3 00:16:05 CEST 2011 on sn-devel-104
2011-09-02Part 4 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid for set ↵Jeremy Allison1-8/+11
(Invalid argument) Be smarter about setting default permissions when a ACL_USER_OBJ isn't given. Use the principle of least surprises for the user.
2011-09-02Part 3 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid for set ↵Jeremy Allison1-7/+6
(Invalid argument) Don't call check_owning_objs() to convert ACL_USER->ACL_USER_OBJ and AC_GROUP->ACL_GROUP_OBJ for default (directory) ACLs, we do this separately inside ensure_canon_entry_valid().
2011-09-02Part 2 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid for set ↵Jeremy Allison1-0/+38
(Invalid argument) Only map CREATOR_OWNER/CREATOR_GROUP to ACL_USER_OBJ/ACL_GROUP_OBJ in a default(directory) ACL set.
2011-09-02Part 1 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid for set ↵Jeremy Allison1-72/+0
(Invalid argument) Remove the code I added for bug "6878 - Cannot change ACL's inherit flag". It is incorrect and causes the POSIX ACL ACL_USER_OBJ duplication.
2011-09-02s3:registry: fix a debug message typoMichael Adam1-1/+1
Autobuild-User: Michael Adam <obnox@samba.org> Autobuild-Date: Fri Sep 2 11:47:11 CEST 2011 on sn-devel-104
2011-09-02s3:registry: introduce a define REGDB_CODE_VERSION and use it in regdb code.Michael Adam2-9/+9
This is to not use the precise code version REGDB_VERSION_V3 explicitly in the code.
2011-09-02s3:registry: rename REGVE_Vx toREGDB_VERSION_Vx for consistencyMichael Adam2-15/+15
2011-09-02s3:registry: implement regdb_set_secdesc() with regdb_trans_do()Michael Adam1-22/+43
Autobuild-User: Michael Adam <obnox@samba.org> Autobuild-Date: Fri Sep 2 00:51:40 CEST 2011 on sn-devel-104
2011-09-01s3:registry: implement regdb_store_values() with regdb_trans_do()Michael Adam1-1/+26
This adds the runtime check for changed regdb format version to store_values
2011-09-01s3:registry: change regdb_store_values_internal() from bool to NTSTATUS ↵Michael Adam1-11/+15
return code
2011-09-01s3:registry: use the regdb_trans_do wrapper instead of using dbwrap_trans_do ↵Michael Adam1-18/+18
directly in the registry db code. This verifies the regdb format version number before the corresponding write operations.
2011-09-01s3:registry: add regdb_trans_do(): a transaction wrapper that will check the ↵Michael Adam1-0/+42
regdb version If the version has changed since initialization, the write will fail with ACCESS_DENIED.
2011-09-01s3:registry: drop log level of unknown regdb version message in regdb_init() ↵Michael Adam1-1/+1
to 0
2011-09-01s3-rpc_server: Add missing rng_fault_state in epmapper.Andreas Schneider1-0/+2
We need to raise an exception so we need to set the rng_fault_state for epm_Insert and epm_Delete if someone connects over a transport other than NCALRPC. Autobuild-User: Andreas Schneider <asn@cryptomilk.org> Autobuild-Date: Thu Sep 1 15:59:50 CEST 2011 on sn-devel-104
2011-09-01s3-rpc_server: Handle services with multiple pipe names.Andreas Schneider1-2/+10
The configuration should only use the default pipe name to configure all of them correctly.
2011-08-31Fix bug 8429 - Compound SMB2 requests on an IPC connection can corrupt the ↵Jeremy Allison1-12/+17
reply stream. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Wed Aug 31 21:18:11 CEST 2011 on sn-devel-104
2011-08-31Based on metze's fix for Bug 8407 - SMB2 server can return requests ↵Jeremy Allison2-2/+39
out-of-order when processing a compound request. (cherry picked from commit 19db1c98c6ba3cb5e883e16e865c44900ce17444)
2011-08-31s3:smb2_server: keep compound_related on struct smbd_smb2_requestStefan Metzmacher2-4/+4
metze (cherry picked from commit cda93f04eb4e7e975b192a5fd33275ec638140ac)
2011-08-31s3-waf: fix unresolved symbols in the group policy client side extensions ↵Günther Deschner1-1/+1
subsystem. Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Wed Aug 31 19:48:39 CEST 2011 on sn-devel-104
2011-08-31s3-waf: convert libgpo into a private library.Günther Deschner1-5/+6
Guenther
2011-08-31s3-waf: allow undefined symbols in idmap_rid module.Günther Deschner1-0/+1
Guenther
2011-08-31s3: Fix bug 8334, do not fork the echo handler for smb2Volker Lendecke1-1/+2
If a smb1 negprot negotiated smb2 we forked the echo responder. This will eventually lead to a panic from [2011/08/30 10:33:29.212578, 0, pid=3846917] smbd/smb2_server.c:243(smbd_smb2_request_create) Invalid SMB packet: first request: 0x0009 because from the echo responder we always read using the normal smb1 protocol handling routine. If that is a bit down the smb2 stream, we get a non-negprot packet and panic. BTW, the echo responder is not required for smb2 anyway, Microsoft confirmed that it probes the server liveness using TCP keepalives and not smb2 echo requests. Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Wed Aug 31 17:58:48 CEST 2011 on sn-devel-104
2011-08-31s3-rpc_server: Disable epmapper by default.Andreas Schneider1-2/+2
We need more testing in the real world. We need to be sure that if a Windows client can access port 135 it doesn't require that a service is available via ncacn_ip_tcp. If possible please enable it using the following smb.conf options for testing: rpc_daemon:epmd = fork rpc_server:epmapper = external Autobuild-User: Andreas Schneider <asn@cryptomilk.org> Autobuild-Date: Wed Aug 31 16:29:20 CEST 2011 on sn-devel-104
2011-08-31s3-waf: allow unresolved symbols in some idmap and nss_info modules.Günther Deschner1-0/+7
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Wed Aug 31 14:27:31 CEST 2011 on sn-devel-104
2011-08-31s3-waf: add missing tdb dependency to idmap_tdb2 module.Günther Deschner1-1/+1
Guenther
2011-08-31s3-waf: convert nss_info subsystem into a private library.Günther Deschner1-4/+5
Guenther
2011-08-31s3-lsa: Add _lsa_SetInformationTrustedDomain() and related callsSumit Bose1-21/+312
The following LSA calls are added: - _lsa_SetInformationTrustedDomain() - _lsa_SetTrustedDomainInfo() -_lsa_SetTrustedDomainInfoByName() Signed-off-by: Günther Deschner <gd@samba.org>
2011-08-31s3-lsa: Update _lsa_QueryTrustedDomainInfo()Sumit Bose1-8/+63
Signed-off-by: Günther Deschner <gd@samba.org>
2011-08-31s3-pdb_ipa: Add supprted encryption types to struct pdb_trusted_domainSumit Bose2-0/+24
Signed-off-by: Günther Deschner <gd@samba.org>
2011-08-31s3-pdb_ipa: Add posix offset to struct pdb_trusted_domainSumit Bose2-0/+23
Signed-off-by: Günther Deschner <gd@samba.org>
2011-08-31s3-lsa: Fix access mapping in_lsa_OpenTrustedDomain_base()Sumit Bose1-1/+1
Signed-off-by: Günther Deschner <gd@samba.org>
2011-08-31s3-lsa: Fix typo and use right pdb interfaceSumit Bose1-1/+1
Signed-off-by: Günther Deschner <gd@samba.org>
2011-08-31s3-pdb_ipa: Derive domain GUID from SIDSumit Bose1-2/+23
Signed-off-by: Günther Deschner <gd@samba.org>
2011-08-31s3:modules make perfcount_test loadable againChristian Ambach1-1/+1
use expected 'init_samba_module' name for initializer function Autobuild-User: Christian Ambach <ambi@samba.org> Autobuild-Date: Wed Aug 31 11:22:26 CEST 2011 on sn-devel-104
2011-08-31s3:lib S-1-5-9 is "Enterprise Domain Controllers"Christian Ambach1-1/+1
and not ServerLogon
2011-08-31s3:lib remove duplicate entry for "Anonymous Logon"Christian Ambach1-1/+0
2011-08-31s3:lib add S-1-5-17 to well-known SID listChristian Ambach1-0/+1
http://support.microsoft.com/kb/243330/en-us says the name is "This organization", but Windows 2008 says IUSR Picking the Windows 2008 variant as 'This Organization' would be duplicate to S-1-5-15
2011-08-31s3:lib add some more well-known sidsChristian Ambach1-0/+3
add S-1-3-2/Creator Owner Server, S-1-3-3/Creator Group Server and S-1-3-4/Owner Rights to the well-known SID list
2011-08-31s3:lib add new well-known SIDs for BUILTINChristian Ambach1-0/+8
Distributed COM Users, Cryptographic Operators, Event Log Readers and Certificate Service DCOM Access were missing from the BUILTIN well-known SID list