summaryrefslogtreecommitdiff
path: root/source3
AgeCommit message (Collapse)AuthorFilesLines
2012-05-02s3-smbd: Use security_session_user_level() rather than nt_token_check_sid()Andrew Bartlett1-13/+1
This allows the unix.whoami test to pass when configured as part of the AD DC. The struct auth_session_info is slightly different in the AD DC configuration when using auth_samba4. In particular, there is a distinction between Guest and Anonymous logins. Andrew Bartlett
2012-05-02s3:torture fix flakey testcaseChristian Ambach1-6/+20
don't put database into /tmp, use lp_private_dir() to put it into the selftest prefix Autobuild-User: Christian Ambach <ambi@samba.org> Autobuild-Date: Wed May 2 00:57:05 CEST 2012 on sn-devel-104
2012-05-01s3:selftest run LOCAL-IDMAP-TDB-COMMON in make testChristian Ambach1-0/+1
Autobuild-User: Christian Ambach <ambi@samba.org> Autobuild-Date: Tue May 1 11:07:08 CEST 2012 on sn-devel-104
2012-05-01s3:torture: add idmap_tdb_common test codeChristian Ambach5-3/+1038
2012-05-01s3:winbindd/idmap_tdb: use idmap_tdb_common codeChristian Ambach1-558/+18
2012-05-01s3:winbindd/idmap_tdb2: fix logic error in set_mapping_actionChristian Ambach1-1/+1
fix an endless loop
2012-05-01s3:winbindd/idmap_tdb2: use idmap_tdb_common codeChristian Ambach1-357/+91
2012-05-01s3:winbindd/autorid use idmap_tdb_common code in autoridChristian Ambach1-86/+227
- use common logic for the allocation pool - add a idmap_tdb style 1on1 mapping for non-domain SIDs like Everyone (S-1-1-0)
2012-05-01s3:winbindd add idmap_tdb_common file to store common code of TDB idmap backendsChristian Ambach4-2/+796
2012-05-01s3:util add sid_check_is_wellknown_builtin()Christian Ambach2-0/+28
2012-05-01Fix bug #8873 - self granting privileges in security=ads.Jeremy Allison1-4/+12
Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Tue May 1 01:04:46 CEST 2012 on sn-devel-104
2012-04-30Fix the loop unrolling inside resolve_ads(). If we don't getJeremy Allison1-34/+73
an IP list don't use interpret_string_addr(), as this only returns one address, use interpret_string_addr_internal() instead. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Mon Apr 30 23:21:16 CEST 2012 on sn-devel-104
2012-04-30Protect all of the name resolution methods from returning null addrs. Ensure ↵Jeremy Allison1-9/+19
all returns go through remove_duplicate_addrs2().
2012-04-30Fix convert_ss2service() to filter out zero addresses.Jeremy Allison1-12/+33
2012-04-30Fix remove_duplicate_addrs2 to do exactly what it says. Previously it could ↵Jeremy Allison1-10/+9
leave zero addresses in the list.
2012-04-30net: Let get*sid return error from passdb initChristof Schmitt1-6/+4
When initialize_password_db returns an error this means that the SID stored in the backend cannot be read. Return this error directly instead of creating a random SID through get_global_sam_sid. Autobuild-User: Volker Lendecke <vl@samba.org> Autobuild-Date: Mon Apr 30 13:07:20 CEST 2012 on sn-devel-104
2012-04-30passdb: Do not panic in initialize_password_dbChristof Schmitt1-17/+17
A call to initialize_password_db leads to smb_panic in case the backend returns an error. All callers to initialize_password_db check the return value, so this code path should return the status instead of calling smb_panic. Move the call to smb_panic from pdb_get_methods_reload pdb_get_methods to get it out of the initialize code path. This allows printing the proper error message for 'net getlocalsid' which is much nicer than printing the panic stack trace.
2012-04-30s3-auth_samba4: use new_server_id_task() to allocate server id valuesAndrew Bartlett1-6/+27
This is rather than just picking a random number out of the air. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Mon Apr 30 11:29:34 CEST 2012 on sn-devel-104
2012-04-30s3-lib Add a way to allocate the task_id value in server_idAndrew Bartlett3-2/+44
This safely allocates the task_id so that when we have multiple event contexts, they can each have their own messaging context, particularly for the imessaging subsystem under source4. Andrew Bartlett
2012-04-30s4-messaging: Fill in the whole server_id in all use casesAndrew Bartlett1-3/+0
This started per https://bugzilla.samba.org/show_bug.cgi?id=8872#c4 and avoids any possible collision with a different process. We also need to ensure that across a Samba installation on a single node that id.vnn is the same. Samba4 previously used 0, while Samba3 used NONCLUSTER_VNN. When a message is sent between these 'different' nodes, the error NT_STATUS_INVALID_DEVICE_REQUEST is raised. Andrew Bartlett
2012-04-28s3: Remove a SMB_ASSERTVolker Lendecke1-1/+5
Autobuild-User: Volker Lendecke <vl@samba.org> Autobuild-Date: Sat Apr 28 23:38:45 CEST 2012 on sn-devel-104
2012-04-28s3: Fix bug 8904 -- wbinfo --lookup-sids "" crashes winbindVolker Lendecke1-5/+5
Much of the code further down and up the call chain expects the structures wb_lookupsids returns to be allocated. Do that despite we have nothing to look up.
2012-04-28Add an audit file VFS routine so we can handle auditing with SACLs.Richard Sharpe4-0/+35
Autobuild-User: Richard Sharpe <sharpe@samba.org> Autobuild-Date: Sat Apr 28 08:05:00 CEST 2012 on sn-devel-104
2012-04-27selftest: Add test to ensure that bug #8872 does not come backAndrew Bartlett1-0/+3
The raw.composite test checks that we handle mutliple concurrent connections. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Fri Apr 27 16:25:37 CEST 2012 on sn-devel-104
2012-04-27selftest: Remove silly space before unit test nameAndrew Bartlett1-1/+5
When we have no description, there is no need for a leading space here Andrew Bartlett
2012-04-27s3:winbindd: also try SMB2 when connecting to "IPC$"Stefan Metzmacher1-7/+20
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Fri Apr 27 13:10:15 CEST 2012 on sn-devel-104
2012-04-27s3:libsmb/cli_np_tstream: add support for SMB2Stefan Metzmacher1-41/+190
metze
2012-04-27s3:libsmb/cli_np_tstream: remove unused tstream_cli_np_existing()Stefan Metzmacher2-34/+0
metze
2012-04-27s3:libsmb: add smb2cli_ioctl*Stefan Metzmacher4-0/+360
metze
2012-04-26s3: oplock_timeout is a talloc child of fspVolker Lendecke1-3/+0
Jeremy, I know you like it explicit, but I stumbled across this explicit TALLOC_FREE and asked myself about a potentially wrong talloc hierarchy. Autobuild-User: Volker Lendecke <vl@samba.org> Autobuild-Date: Thu Apr 26 23:00:03 CEST 2012 on sn-devel-104
2012-04-26s3: Remove code TALLOC_FREE already doesVolker Lendecke1-5/+1
2012-04-26s3: Remove an unused variableVolker Lendecke1-1/+0
Autobuild-User: Volker Lendecke <vl@samba.org> Autobuild-Date: Thu Apr 26 12:17:14 CEST 2012 on sn-devel-104
2012-04-26selftest: push --target selection into plansmbtorturetestsuiteAndrew Bartlett1-3/+4
2012-04-25s3:registry: replace call to reg_openkey() in reg_createkey() by accesscheck.Michael Adam1-8/+10
Signed-off-by: Andreas Schneider <asn@samba.org>
2012-04-25s3:registry: remove a superfluous fill_subkey_cache() in reg_createkey()Michael Adam1-5/+0
Pair-Programmed-With: Gregor Beck <gbeck@sernet.de> Signed-off-by: Andreas Schneider <asn@samba.org>
2012-04-25s3:registry: use fill_subkey_cache to check exsistence in ↵Michael Adam1-11/+2
regkey_open_onelevel(). Pair-Programmed-With: Gregor Beck <gbeck@sernet.de> Signed-off-by: Andreas Schneider <asn@samba.org>
2012-04-25s3:registry: let fill_subkey_cache return WERR_BADFILE when the subkey list ↵Michael Adam1-1/+1
could not be loaded WERR_NO_MORE_ITEMS seems inappropriate. Pair-Programmed-With: Gregor Beck <gbeck@sernet.de> Signed-off-by: Andreas Schneider <asn@samba.org>
2012-04-25s3:registry: convert reg_openkey() to use talloc instead of SMB_STRDUP etcMichael Adam1-15/+12
Signed-off-by: Andreas Schneider <asn@samba.org>
2012-04-25s3:registry untangle an assignment from the check in regkey_open_onelevel()Michael Adam1-1/+2
Signed-off-by: Andreas Schneider <asn@samba.org>
2012-04-25s3:registry: untangle assignment from check in regkey_open_onelevel()Michael Adam1-1/+2
Signed-off-by: Andreas Schneider <asn@samba.org>
2012-04-25s3:registry: fix seqnum race in regdb_fetch_keys_internalMichael Adam1-3/+22
This prevents race between fetching seqnum and key content. Because there is currently no way to atomically fetch the record along with the seqnum, I use a loop. This is far from optimal and should should ideally be done differently. But for now it fixes the race. Signed-off-by: Andreas Schneider <asn@samba.org>
2012-04-25s3:registry: fix seqnum race in fetch_values_internalMichael Adam1-3/+21
This prevents race between fetching seqnum and key content. Because there is currently no way to atomically fetch the record along with the seqnum, I use a loop. This is far from optimal and should should ideally be done differently. But for now it fixes the race. Signed-off-by: Andreas Schneider <asn@samba.org>
2012-04-25s3:registry: update the seqnum in the subkey cache at the end of ↵Michael Adam1-1/+5
regval_store_keys The purpose is to prevent next reads from going to disk. Note that this will currently only be effective with local tdbs, not with ctdb: For tdb, store and delete bump the seqnum while transaction commit does not. For ctdb, transaction commit bumps the seqnum, while store and delete don't... This needs fixing (in ctdb). Signed-off-by: Andreas Schneider <asn@samba.org>
2012-04-25s3:registry:db: update the value container seqnum after storing/deleting to ↵Michael Adam1-1/+22
prevent next read from going to disk if possible Note that this will currently only be effective in the local TDB implementation. For CTDB, this wont work since seqnum currently works differently there (needs fixing): For tdb, store and delete operations bump the db seqnum, while transaction commits don't. For ctdb, the seqnum is bumped by the transaction commit but not by store and delete operations. Signed-off-by: Andreas Schneider <asn@samba.org>
2012-04-25s3:registry: wrap reg_deletekey() into a transactionMichael Adam1-2/+25
This is wrong layering but fixes a race condition. Signed-off-by: Andreas Schneider <asn@samba.org>
2012-04-25s3:registry: wrap reg_createkey() in a transactionMichael Adam1-6/+30
This is wrong layering (calling into regdb_transaction* in the reg_api code) but fixes a potential race. It makes the multi-step create procedure atomic. This should completely be done in the backend. Signed-off-by: Andreas Schneider <asn@samba.org>
2012-04-25s3:registry: untangle assignments from checks in reg_createkey()Michael Adam1-2/+6
Signed-off-by: Andreas Schneider <asn@samba.org>
2012-04-25s3:registry: wrap reg_deletevalue() in a transactionMichael Adam1-4/+30
This is at the wrong layer, but if fixes a race potentially causing data corruption by concurrent access. Signed-off-by: Andreas Schneider <asn@samba.org>
2012-04-25s3:registry: untangle assignment from check in reg_deletevalue()Michael Adam1-1/+2
Signed-off-by: Andreas Schneider <asn@samba.org>
2012-04-25s3:registry: fix race in reg_setvalue that could lead to data corruptionMichael Adam1-6/+33
(there was no lock around fetching the values and storing them) The layering is wrong in that it uses regdb transactions in reg_api Signed-off-by: Andreas Schneider <asn@samba.org>