summaryrefslogtreecommitdiff
path: root/source3
AgeCommit message (Collapse)AuthorFilesLines
2010-02-19First part of fix for bug #7159 - client rpc_transport doesn't cope with bad ↵Jeremy Allison2-0/+16
server data returns. Ensure that subreq is *always* talloc_free'd in the _done function, as it has an event timeout attached. If the read requests look longer than the cli->timeout, then the timeout fn is called with already freed data. Jeremy.
2010-02-18More fixes for bug #7146 - Samba miss-parses authenticated RPC packets.Jeremy Allison1-16/+31
Alignment space calculations are tricky :-). Jeremy.
2010-02-19s3-spoolss: add support for _spoolss_SetPrinter level 8.Günther Deschner1-1/+65
Guenther
2010-02-18More fixes for bug #7146 - Samba miss-parses authenticated RPC packets.Jeremy Allison1-14/+16
Ensure we calculate the space correctly (including the ss_padding_len) when constructing reply packets. Jeremy.
2010-02-18s3: optimize strict allocate for XFS on IRIXBjörn Jacke1-0/+25
2010-02-18Fix bug #7155 - valgrind Conditional jump or move depends on uninitialised ↵Jeremy Allison1-0/+1
value(s) error when "mangling method = hash" The charset array allocated in init_chartest() is allocated by MALLOC, but only some elements of it being set after allocation. Fix is to memset to zero after allocation. Jeremy.
2010-02-18Fix bug #7154 - mangling method = hash can crash storing a name not ↵Jeremy Allison1-3/+5
containing a '.' Fix use of uninitialized variable. This can lead to crashes if mangling = hash processes names with no '.'. Jeremy.
2010-02-18s3-spoolss: Fix _spoolss_EnumPrinters servername handling.Günther Deschner1-1/+1
Guenther
2010-02-18s3-selftest: fix return code for modprinter.pl -a.Günther Deschner1-1/+2
Background is: the SetPrinter level 2 calls "addprinter command" an fails if a share already existed (and the addprinter command returned a non-0 return code). Removing the non-0 return code is fine, as in AddPrinter{Ex}, we have checks to see if a share already exists before calling out the addprinter command. Maybe one day, we need to have a "changeprinter command"... Guenther
2010-02-18s3-selftest: finally enable RPC-SPOOLSS-PRINTER against Samba 3.Günther Deschner1-1/+2
Guenther
2010-02-18s3-selftest: include addprinter/deleteprinter command.Günther Deschner2-0/+131
Guenther
2010-02-18s3-spoolss: fix return code of spoolss_DeletePrinter.Günther Deschner1-1/+1
When the printer has been removed by the "deleteprinter command", we need to check if it is still there and then fail, not fail if we successfully removed it (found by RPC-SPOOLSS-PRINTER). Guenther
2010-02-18s3-spoolss: in spoolss_EnumPrinters r->in.server is a *unique* pointer!Günther Deschner1-3/+5
Guenther
2010-02-18s3-spoolss: more AddPrinter{Ex} checks.Günther Deschner1-0/+18
Windows will allow to add a non-shared printer that is returned by EnumPrinters. Samba has no notion of non-shared local printers yet, so just make sure to behave like we do elsewhere: a printer autoloaded by samba or added to samba is shared. Guenther
2010-02-18s3-spoolss: add some printer info validation for AddPrinter calls.Günther Deschner1-0/+22
Guenther
2010-02-18s3-modules: fix get_acl_blob in the acl_tdb VFS module.Günther Deschner1-1/+1
Shuttle-reviewed by jra :) Guenther
2010-02-18s3-rpcclient: fix uninitialized variable in wkssvc_enumerateusers.Günther Deschner1-2/+2
Guenther
2010-02-17Fix bug #7146 - Samba miss-parses authenticated RPC packets.Jeremy Allison4-138/+363
Parts of the Samba RPC client and server code misinterpret authenticated packets. DCE authenticated packets actually look like this : +--------------------------+ |header | | ... frag_len (packet len)| | ... auth_len | +--------------------------+ | | | Data payload | ... .... | | +--------------------------+ | | | auth_pad_len bytes | +--------------------------+ | | | Auth footer | | auth_pad_len value | +--------------------------+ | | | Auth payload | | (auth_len bytes long) | +--------------------------+ That's right. The pad bytes come *before* the footer specifying how many pad bytes there are. In order to read this you must seek to the end of the packet and subtract the auth_len (in the packet header) and the auth footer length (a known value). The client and server code gets this right (mostly) in 3.0.x -> 3.4.x so long as the pad alignment is on an 8 byte boundary (there are some special cases in the code for this). Tridge discovered there are some (DRS replication) cases where on 64-bit machines where the pad alignment is on a 16-byte boundary. This breaks the existing S3 hand-optimized rpc code. This patch removes all the special cases in client and server code, and allows the pad alignment for generated packets to be specified by changing a constant in include/local.h (this doesn't affect received packets, the new code always handles them correctly whatever pad alignment is used). This patch also works correctly with rpcclient using sign+seal from the 3.4.x and 3.3.x builds (testing with 3.0.x and 3.2.x to follow) so even as a server it should still work with older libsmbclient and winbindd code. Jeremy
2010-02-17Fix bug #6557 - Do not work VFS full_auditJeremy Allison1-51/+34
Re-arrange the operations order so SMB_VFS_CONNECT is done first as root (to allow modules to correctly initialize themselves). Reviewed modules to check if they needed CONNECT invoked as a user (which we previously did) and it turns out any of them that cared needed root permissions anyway. Jeremy.
2010-02-17s3: go straight to winbindd_dual_pam_auth() in case of !NT_STATUS_OKLars Müller1-1/+1
At the formerly used process_result statement we have alone one NT_STATUS_IS_OK() which never could be hit in our case as we only go here if NT_STATUS_EQUAL is not ok.
2010-02-17s3: let the pam_winbind po files reference the correct locationLars Müller20-644/+644
2010-02-17s3: Fix bug 7139Volker Lendecke1-2/+32
To provide the user with the same SID when doing Kerberos logins, attempt to do a make_server_info_sam instead of a make_server_info_pw.
2010-02-16s3:rpc streamline memory handlingSimo Sorce1-13/+5
2010-02-16s3: Fix timeout calculation if g_lock_lock is given a timeout < 60sVolker Lendecke1-1/+6
Detected while showing this code to obnox :-)
2010-02-16s3: Slightly increase parallelism in g_lockVolker Lendecke1-1/+7
There's no need to still hold the g_lock tdb-level lock while telling the waiters to retry
2010-02-16s3: Avoid starving locks when many processes die at the same timeVolker Lendecke1-6/+4
In g_lock_unlock we have a little race between the process_exists and messaging_send call: We only send to 5 waiters now, they all might have died between us checking their existence and sending the message. This change makes g_lock_lock retry at least once every minute.
2010-02-16s3: Avoid a thundering herd in g_lock_unlockVolker Lendecke1-1/+16
Only notify the first 5 pending lock waiters. This avoids a thundering herd problem that is really nasty in a cluster. It also makes acquiring a lock a bit more FIFO, lock waiters are added to the end of the array.
2010-02-16s3: Optimize g_lock_lock for a heavily contended caseVolker Lendecke1-3/+36
Only check the existence of the lock owner in g_lock_parse, check the rest of the records only when we got the lock successfully. This reduces the load on process_exists which can involve a network roundtrip in the clustered case.
2010-02-16s3: Fix handling of processes that died in g_lockVolker Lendecke1-3/+5
g_lock_parse might have thrown away entries from the locks array because the processes were not around anymore. Don't store the orphaned entries.
2010-02-15s3: Fix a typoVolker Lendecke1-1/+1
2010-02-15spoolss: disable GetPrinterDriver level 101 (as called by XP).Günther Deschner1-2/+6
We still dont get the marshalling right, disable and XP will just fall back to level 6. Guenther
2010-02-15s3: eventlogadm.c: add -s option to use alternative config file.Holger Hetterich1-4/+15
Update the manpage accordingly.
2010-02-14s3: Fix initgroups return checkPeter Watkins1-1/+1
A return code of 1 from initgroups() is OK since apparently it means the gid has already been set. The man page doesn't mention this.
2010-02-14s3: last part of TYPESAFE_QSORT() conversionAndrew Tridgell3-6/+5
convert smbcacls, sharesec and web/
2010-02-14s3-smbd: convert lanman and notify code to TYPESAFE_QSORT()Andrew Tridgell2-12/+4
2010-02-14s3-rpc: convert wkssvc to use TYPESAFE_QSORT()Andrew Tridgell1-10/+4
2010-02-14s3-locking: convert brlock to TYPESAFE_QSORT()Andrew Tridgell1-3/+2
2010-02-14s3: convert registry and printing code to TYPESAFE_QSORT()Andrew Tridgell3-8/+6
2010-02-14s3-nmbd: note TODO item for qsortAndrew Tridgell1-0/+2
This uses another char* cast hack. Left alone for now.
2010-02-14s3-vfs: use TYPESAFE_QSORT() in s3 VFS modulesAndrew Tridgell2-8/+6
2010-02-14s3-lib: use TYPESAFE_QSORT() in remaining s3 library codeAndrew Tridgell3-3/+6
the sort_query_replies() in nmblib.c is a TODO. It uses a hack that treats a char* as a structure. I've left that one alone for now.
2010-02-14s3-libsmb: use TYPESAFE_QSORT() in namequery codeAndrew Tridgell1-14/+12
This one was a bit trickier. I'd appreciate it if someone else can look over this.
2010-02-14s3-lib: use TYPESAFE_QSORT() in s3 interfaces codeAndrew Tridgell1-1/+1
2010-02-14s3-includes: enable TYPESAFE_QSORT() in s3Andrew Tridgell1-0/+1
2010-02-13s3: Fix Coverity ID 629: DEADCODEVolker Lendecke1-3/+0
We have already returned if (argc < 1) above
2010-02-13s3: Fix bug 5198 -- parse chfn(1)-change gecos fieldVolker Lendecke1-1/+34
2010-02-13s3: Fix typo found by jhell <jhell@DataIX.net>Volker Lendecke1-2/+2
2010-02-13libwbclient: Separate out the async functionsKai Blin1-5/+11
2010-02-13s3: Remove unused comparison fn from "struct sorted_tree"Volker Lendecke3-10/+4
2010-02-13s3: Make adt_tree data definitions private to adt_tree.cVolker Lendecke2-16/+15