Michael Adam [Wed, 18 Jul 2007 08:29:00 +0000 (08:29 +0000)]
r23950: unlink before rename is superfluous.
Michael
Stefan Metzmacher [Wed, 18 Jul 2007 08:19:13 +0000 (08:19 +0000)]
r23948: add gsskrb5 sign and seal support for LDAP connections
NOTE: only for the "GSSAPI" SASL mech yet
metze
Stefan Metzmacher [Wed, 18 Jul 2007 08:15:42 +0000 (08:15 +0000)]
r23946: add support for NTLMSSP sign and seal
NOTE: windows servers are broken with sign only...
metze
Stefan Metzmacher [Wed, 18 Jul 2007 07:45:16 +0000 (07:45 +0000)]
r23945: add infrastructure to select plain, sign or seal LDAP connection
metze
Stefan Metzmacher [Wed, 18 Jul 2007 07:30:41 +0000 (07:30 +0000)]
r23943: - always provide ads_setup_sasl_wrapping() function
- read/write returning 0 means EOF and we need to return direct
metze
Jeremy Allison [Wed, 18 Jul 2007 01:27:03 +0000 (01:27 +0000)]
r23942: Fix issue found by Shlomi Yaakobovich <Shlomi@exanet.com> where
invalid names sent as a resume name were incorrectly mapped into
. and .. Ensure they really *are . and ..
Jeremy.
Jeremy Allison [Wed, 18 Jul 2007 00:18:57 +0000 (00:18 +0000)]
r23941: Don't use "False" when you mean "MARSHALL".
Jeremy.
Jeremy Allison [Tue, 17 Jul 2007 23:57:13 +0000 (23:57 +0000)]
r23940: Added missing line that was deleted accidently.
Should fix the build.
Jeremy.
Jeremy Allison [Tue, 17 Jul 2007 23:01:02 +0000 (23:01 +0000)]
r23939: Fixes for notify returns. Returned param value must fix inside
max_param or return NT_STATUS_OK.
Jeremy.
Michael Adam [Tue, 17 Jul 2007 21:55:31 +0000 (21:55 +0000)]
r23938: Add a debug message.
Günther Deschner [Tue, 17 Jul 2007 20:28:31 +0000 (20:28 +0000)]
r23937: Use ads_config_path() when we need to know the configration context.
Guenther
Jeremy Allison [Tue, 17 Jul 2007 18:48:39 +0000 (18:48 +0000)]
r23935: We were lying to the client in the case of POSIX_UNLINK
if a Windows client had the file open. We were setting
delete on close and returning "ok". The POSIX client then
believed the file was gone (and it wasn't). Fix this to
return SHARING_VIOLATION if there is an existing NTcreateX
open on the file and someone calls POSIX_UNLINK. Still one
more Cthon test to fix but getting closer now. Should
be in 3.0.25c also.
Jeremy.
Stefan Metzmacher [Tue, 17 Jul 2007 14:08:53 +0000 (14:08 +0000)]
r23933: - implement ctrl SASL wrapping hook
- pass down sign or seal hooks
- some sasl wrapping fixes
metze
Michael Adam [Tue, 17 Jul 2007 13:06:29 +0000 (13:06 +0000)]
r23932: Fill extended status with information in case the validation traverse
functions did not do so but returned an error. (This is the case when
error occurred deeper than at the level of the content checking done by
the per entry validate_fn.)
Michael
Michael Adam [Tue, 17 Jul 2007 12:51:43 +0000 (12:51 +0000)]
r23931: Use the new tdb_validate_and_backup function instead of pure tdb_validate
in winbindd cache validation.
Michael
Michael Adam [Tue, 17 Jul 2007 12:49:22 +0000 (12:49 +0000)]
r23930: Introduce tdb_validate_and_backup:
This is a wrapper around tdb_validate, that does backup handling:
* if the given tdb is valid, a backup is created (name.bak)
* if the tdb is invalid, if a valid bakup is found (validated
with the same validation function) under the name "name.bak"
the orignal tdb is moved to name.corrupt and the backup
is restored.
For the backup handling, a variant of the backup_tdb function
from lib/tdb/tools/tdbbackup.c is included in lib/util_tdb.c.
The copy function for the traverse action eliminates the need
to maintain a global success state by using a struct wrapping
the target tdb and a success flag as the private data.
Michael
Günther Deschner [Tue, 17 Jul 2007 11:52:23 +0000 (11:52 +0000)]
r23929: Deleting gpo_sd_check_trustee_in_sid_token() as nt_token_check_sid() is what we
need here.
Guenther
Günther Deschner [Tue, 17 Jul 2007 11:47:17 +0000 (11:47 +0000)]
r23928: Merge all "copy-info3-groups-to-sid-array" blocks to a sid_array_from_info3()
function.
Guenther
Stefan Metzmacher [Tue, 17 Jul 2007 11:14:42 +0000 (11:14 +0000)]
r23926: implement output buffer handling for the SASL write wrapper
metze
Michael Adam [Tue, 17 Jul 2007 10:30:13 +0000 (10:30 +0000)]
r23925: Use NULL instead of 0 for a void * argument.
Stefan Metzmacher [Tue, 17 Jul 2007 10:13:53 +0000 (10:13 +0000)]
r23922: implement input buffer handling for the SASL read wrapper
metze
Günther Deschner [Tue, 17 Jul 2007 09:39:39 +0000 (09:39 +0000)]
r23921: Remove GPO_SID_TOKEN struct and use nt_user_token instead, that already has
S-1-5-11 in the token.
Guenther
Günther Deschner [Tue, 17 Jul 2007 08:14:45 +0000 (08:14 +0000)]
r23920: Fix debug statement.
Guenther
Stefan Metzmacher [Tue, 17 Jul 2007 07:29:43 +0000 (07:29 +0000)]
r23918: not all ldap libraries support debugging
metze
Stefan Metzmacher [Tue, 17 Jul 2007 07:28:00 +0000 (07:28 +0000)]
r23916: use the correct io operations for debugging
metze
Stefan Metzmacher [Tue, 17 Jul 2007 06:03:03 +0000 (06:03 +0000)]
r23914: try to fix the build on Tru64
/usr/include/sys/acl.h:#define acl_type acl_common.entry_type
was the problem...
metze
Jeremy Allison [Tue, 17 Jul 2007 05:55:10 +0000 (05:55 +0000)]
r23913: Revert back to Volker's original logic to fix the
RAW-SFILEINFO-RENAME until I can figure out what
is different from the way CIFSFS drives this in
the cthon tests and the way smbtorture drives it.
Jeremy.
Jeremy Allison [Tue, 17 Jul 2007 04:47:36 +0000 (04:47 +0000)]
r23911: Revert r23910 to try and fix the build farm. I
need to look at this more closely tomorrow.
Stevef's cthon tests definately show we're not
matching Windows behaviour (as his tests pass
against Windows but not SAMBA_3_2) but this isn't
the fix.
Jeremy.
Jeremy Allison [Tue, 17 Jul 2007 02:17:23 +0000 (02:17 +0000)]
r23910: We used to deny renames on the
source open for non-delete open.
Turns out this is not the case.
VL please test but this matches
Windows behaviour. (I'll add a
torture test tomorrow).
Jeremy.
Jeremy Allison [Tue, 17 Jul 2007 02:06:38 +0000 (02:06 +0000)]
r23909: Get closer to passing the cthon tests for delete open file.
It matters how the target is open.
Jeremy.
Jeremy Allison [Tue, 17 Jul 2007 00:50:48 +0000 (00:50 +0000)]
r23908: Fix bug with interaction of optimization with
POSIX locking. We can't do lock counts with POSIX,
so stop counting if we get a POSIX lock request.
Jeremy.
Jeremy Allison [Tue, 17 Jul 2007 00:09:56 +0000 (00:09 +0000)]
r23906: Fix POSIX unlink bug found by Steve. If we
used lstat during the open (which we always
do for POSIX) then use lstat for the unlink.
Jeremy.
Volker Lendecke [Mon, 16 Jul 2007 21:17:26 +0000 (21:17 +0000)]
r23904: Remove an unused variable reference
Volker Lendecke [Mon, 16 Jul 2007 19:36:46 +0000 (19:36 +0000)]
r23903: Fix a potential reason for the segfault Steve found
Jeremy Allison [Mon, 16 Jul 2007 18:17:19 +0000 (18:17 +0000)]
r23902: Fix uninitialized read in devicetype noticed by Volker.
Jeremy
Stefan Metzmacher [Mon, 16 Jul 2007 16:22:05 +0000 (16:22 +0000)]
r23900: LDAP_OPT_SOCKBUF doesn't exists on all platforms
metze
Stefan Metzmacher [Mon, 16 Jul 2007 16:08:24 +0000 (16:08 +0000)]
r23898: rename HAVE_ADS_SASL_WRAPPING -> HAVE_LDAP_SASL_WRAPPING
metze
Stefan Metzmacher [Mon, 16 Jul 2007 15:31:01 +0000 (15:31 +0000)]
r23896: hopefully fix the build on most systems
metze
Stefan Metzmacher [Mon, 16 Jul 2007 14:35:33 +0000 (14:35 +0000)]
r23893: add dummy callbacks for LDAP SASL wrapping,
they're not used yet...
metze
Stefan Metzmacher [Mon, 16 Jul 2007 14:19:59 +0000 (14:19 +0000)]
r23891: fix compiler warning
metze
Stefan Metzmacher [Mon, 16 Jul 2007 11:08:00 +0000 (11:08 +0000)]
r23888: move elements belonging to the current ldap connection to a
substructure.
metze
Stefan Metzmacher [Mon, 16 Jul 2007 09:48:15 +0000 (09:48 +0000)]
r23886: add ads_disconnect() function
metze
Volker Lendecke [Mon, 16 Jul 2007 08:23:20 +0000 (08:23 +0000)]
r23885: Fix make test on opi.
Volker Lendecke [Mon, 16 Jul 2007 07:46:29 +0000 (07:46 +0000)]
r23884: Fix Coverity ID 379
Volker Lendecke [Mon, 16 Jul 2007 07:44:23 +0000 (07:44 +0000)]
r23883: Fix Coverity ID 380
Volker Lendecke [Mon, 16 Jul 2007 07:40:30 +0000 (07:40 +0000)]
r23882: Fix Coverity id 389 -- finally (I hope)
Volker Lendecke [Sun, 15 Jul 2007 09:42:43 +0000 (09:42 +0000)]
r23879: Fix two memleaks, found by the IBM checker
Volker Lendecke [Sun, 15 Jul 2007 09:40:00 +0000 (09:40 +0000)]
r23878: Fix an error return, found by the IBM checker
Volker Lendecke [Sun, 15 Jul 2007 09:37:36 +0000 (09:37 +0000)]
r23877: Fix two segfaults in (very unlikely) error paths, found by the IBM
checker.
Günther Deschner [Fri, 13 Jul 2007 23:38:19 +0000 (23:38 +0000)]
r23874: Some more minor edits for net ads gpo.
Guenther
Günther Deschner [Fri, 13 Jul 2007 23:36:12 +0000 (23:36 +0000)]
r23873: Make use of ads_find_samaccount().
Guenther
Günther Deschner [Fri, 13 Jul 2007 23:34:42 +0000 (23:34 +0000)]
r23872: Dump all GPFLAGS in dump_gpo().
Guenther
Günther Deschner [Fri, 13 Jul 2007 23:32:43 +0000 (23:32 +0000)]
r23871: The snapin handler needs to have the full struct GROUP_POLICY_OBJECT.
Guenther
Günther Deschner [Fri, 13 Jul 2007 23:28:12 +0000 (23:28 +0000)]
r23870: Use GPO_LINK_TYPE in GROUP_POLICY_OBJECT struct.
Guenther
Günther Deschner [Fri, 13 Jul 2007 23:26:55 +0000 (23:26 +0000)]
r23869: Protect against partial security descriptors.
Guenther
Volker Lendecke [Fri, 13 Jul 2007 13:29:12 +0000 (13:29 +0000)]
r23866: Fix a 1-byte buffer overrun
Volker Lendecke [Fri, 13 Jul 2007 11:36:55 +0000 (11:36 +0000)]
r23865: Fix a type-punned error
Stefan Metzmacher [Fri, 13 Jul 2007 10:40:53 +0000 (10:40 +0000)]
r23863: handle NT_STATUS_RETRY and always print out the NTSTATUS string
before calling ctdb_fatal()
metze
Günther Deschner [Fri, 13 Jul 2007 09:53:55 +0000 (09:53 +0000)]
r23861: Fix return code in ads_find_samaccount().
Guenther
Jeremy Allison [Fri, 13 Jul 2007 01:22:09 +0000 (01:22 +0000)]
r23858: Added srvstr_pull_buf_talloc() and srvstr_pull_talloc()
calls and converted reply_tcon and reply_tconX to use
them - to show the boilerplate usage (valgrind tested).
In conjunction with Volker's srvstr_get_path_talloc()
work this should allow us to start eliminating all
pstrings/fstrings out of the main path processing
code.
I'll watch the build farm tonight...
Jeremy.
Jeremy Allison [Thu, 12 Jul 2007 18:49:44 +0000 (18:49 +0000)]
r23856: Add Jiri.Sasek@Sun.COM;s fix from Axel Apitz for ZFS ACLs.
Jeremy.
Jeremy Allison [Thu, 12 Jul 2007 18:11:41 +0000 (18:11 +0000)]
r23855: Setting the allocation size updates the modified time
as a write does. Fix bug #4779.
Jeremy.
Michael Adam [Thu, 12 Jul 2007 13:41:34 +0000 (13:41 +0000)]
r23853: Fix a very misleading error message in tdbbackup.
Michael
Michael Adam [Thu, 12 Jul 2007 09:36:52 +0000 (09:36 +0000)]
r23850: Fix whitespacing in DEBUG output.
Jeremy Allison [Thu, 12 Jul 2007 00:42:09 +0000 (00:42 +0000)]
r23847: As Dr. Volker says, "A pstring a day....".
Jeremy.
Jeremy Allison [Wed, 11 Jul 2007 23:54:01 +0000 (23:54 +0000)]
r23846: Belt-and-braces on the msdfs bug. Ensure ELOOP maps
correctly.
Jeremy.
Jeremy Allison [Wed, 11 Jul 2007 23:40:14 +0000 (23:40 +0000)]
r23845: Second part of the fix for #4777. Looks like on AIX opendir
returns an errno of ELOOP for a symlink of msdfs:server\path\to\link.
Cope with this by mapping to a known error NT_STATUS_OBJECT_PATH_NOT_FOUND
that we know dfs_path_lookup should ignore.
Jeremy.
Jeremy Allison [Wed, 11 Jul 2007 22:39:11 +0000 (22:39 +0000)]
r23844: Add patch series from Volker (after review and consultation).
0001-Save-a-strdup-in-stat_cache_add.patch
0002-Use-ISDOT-and-ISDOTDOT.patch
0003-Move-fname_equal-around.patch
0004-unix_convert-pstring-dirpath-char.patch
0005-Ignore-.o-files.patch
0006-Get-rid-of-pstrings-inside-unix_convert.patch
0007-revert-pstring-unix_convert.patch
0008-Make-name-an-allocated-pstring-inside-unix_convert.patch
0009-Pass-explicit-pstring-to-mangle_check_cache.patch
0010-Don-t-overwrite-orig_path-unnecessarily.patch
0011-Defer-allocating-name.patch
0012-Make-sure-dirpath-is-always-correctly-allocated.patch
0013-Remove-one-pstring-dependency-in-unix_convert.patch
0014-Remove-more-name-pstring-dependencies.patch
0015-Hide-the-nasty-API-of-mangle_check_cache-in-mangle_c.patch
0016-name-does-not-need-to-be-pstring-size-anymore.patch
0017-Make-use-of-ISDOT-and-ISDOTDOT.patch
0018-Remove-pstring-from-stat_cache_lookup.patch
0019-Add-my-copyright.patch
To remove pstrings from statcache and unix_convert.
Jeremy.
Jeremy Allison [Wed, 11 Jul 2007 21:01:06 +0000 (21:01 +0000)]
r23843: Fix bug #4777, reported by Bill Marshall <bmarsh@us.ibm.com>.
Doing a DFS traverse through a deep link could fail (not using
explorer).
Jeremy.
Günther Deschner [Wed, 11 Jul 2007 15:46:01 +0000 (15:46 +0000)]
r23842: Attempt to fix the build with LDAP.
Guenther
Günther Deschner [Wed, 11 Jul 2007 15:23:51 +0000 (15:23 +0000)]
r23841: Show all acl types when displaying a security descriptor.
Guenther
Günther Deschner [Wed, 11 Jul 2007 14:35:48 +0000 (14:35 +0000)]
r23840: Fix the build.
Guenther
Günther Deschner [Wed, 11 Jul 2007 13:41:04 +0000 (13:41 +0000)]
r23839: Try to get the attribute name from schema GUIDs or the display name from
extended rights GUID from ad while dumping the security descriptors's aces.
This would perform much better with a guid cache, but for the rare cases where
it is used
net ads search cn=mymachine ntSecurityDescriptor -U user%pass
it should be ok for now.
Guenther
Günther Deschner [Wed, 11 Jul 2007 13:32:57 +0000 (13:32 +0000)]
r23838: Allow to store schema and config path in ADS_STRUCT config.
Guenther
Günther Deschner [Wed, 11 Jul 2007 13:30:38 +0000 (13:30 +0000)]
r23837: Pass ADS_STRUCT and TALLOC_CTX down to ads_disp_sd.
Guenther
Günther Deschner [Wed, 11 Jul 2007 13:26:04 +0000 (13:26 +0000)]
r23836: Add ads_config_path() and ads_get_extended_right_name_by_guid().
Guenther
Günther Deschner [Wed, 11 Jul 2007 13:23:56 +0000 (13:23 +0000)]
r23835: Pass down a struct GUID to ads_get_attrname_by_guid() directly.
Guenther
Günther Deschner [Wed, 11 Jul 2007 13:21:32 +0000 (13:21 +0000)]
r23834: Allow to pass an ADS_STRUCT pointer down to the dump function callback in
libads.
Guenther
Günther Deschner [Wed, 11 Jul 2007 13:17:42 +0000 (13:17 +0000)]
r23833: Document ads_find_samaccount().
Guenther
Alexander Bokovoy [Wed, 11 Jul 2007 12:04:55 +0000 (12:04 +0000)]
r23831: Fix vfs_readahead: transparent modules should always pass through
Günther Deschner [Wed, 11 Jul 2007 10:26:02 +0000 (10:26 +0000)]
r23829: Add ads_get_attrname_by_guid().
Guenther
Michael Adam [Wed, 11 Jul 2007 10:08:17 +0000 (10:08 +0000)]
r23828: Add entry and exit debug statments to tdb_validate
at a lower debug level.
Michael
Günther Deschner [Wed, 11 Jul 2007 09:49:10 +0000 (09:49 +0000)]
r23827: Fix schema dump.
Guenther
Günther Deschner [Wed, 11 Jul 2007 09:39:08 +0000 (09:39 +0000)]
r23826: Fix gpo security filtering by matching the security descriptor ace's for the
extended apply group policy right.
Guenther
Günther Deschner [Wed, 11 Jul 2007 08:43:08 +0000 (08:43 +0000)]
r23825: Add ".." command as an alias to "cd ..".
Guenther
Günther Deschner [Wed, 11 Jul 2007 08:31:03 +0000 (08:31 +0000)]
r23824: Add ls alias for lazy typers like me.
Guenther
Volker Lendecke [Wed, 11 Jul 2007 06:18:32 +0000 (06:18 +0000)]
r23823: Memory leak fix from Atsushi Nakabayashi <nakabayashi@miraclelinux.com>
Thanks!
Volker
Michael Adam [Tue, 10 Jul 2007 23:00:04 +0000 (23:00 +0000)]
r23822: Clean some debugging output (as well in content and
amount as in source code formatting...)
Michael
Günther Deschner [Tue, 10 Jul 2007 21:04:57 +0000 (21:04 +0000)]
r23820: Display security_ace_object in LDAP security descriptors for debugging.
Guenther
Michael Adam [Tue, 10 Jul 2007 16:41:26 +0000 (16:41 +0000)]
r23819: It is currently unnecessary to pass the extended validation status
from the validating child process down to the parent though the
pipe. All the parent evaluates is the overall success, so the exit
status should do.
Michael
Günther Deschner [Tue, 10 Jul 2007 15:14:32 +0000 (15:14 +0000)]
r23818: support LDAP_SERVER_SEARCH_OPTIONS_OID in adssearch.
Guenther
Günther Deschner [Tue, 10 Jul 2007 15:13:13 +0000 (15:13 +0000)]
r23817: Dump some more guids in adssearch.pl.
Guenther
Michael Adam [Tue, 10 Jul 2007 12:34:12 +0000 (12:34 +0000)]
r23814: Fix a couple of comments and debug messages.
Volker Lendecke [Tue, 10 Jul 2007 12:22:44 +0000 (12:22 +0000)]
r23813: Remove unused global variable
Volker Lendecke [Tue, 10 Jul 2007 08:56:13 +0000 (08:56 +0000)]
r23808: Make us a bit more C++ friendly. Thanks to Constantine Vetoshev
<gepardcv@yahoo.com> for checking.
Andrew Tridgell [Tue, 10 Jul 2007 07:19:47 +0000 (07:19 +0000)]
r23804: here too
Andrew Tridgell [Tue, 10 Jul 2007 05:42:52 +0000 (05:42 +0000)]
r23802: fixed URL in XML
Andrew Tridgell [Tue, 10 Jul 2007 05:23:25 +0000 (05:23 +0000)]
r23801: The FSF has moved around a lot. This fixes their Mass Ave address.
Andrew Tridgell [Tue, 10 Jul 2007 04:04:46 +0000 (04:04 +0000)]
r23800: LGPL is now called GNU Lesser General Public License
not GNU Library General Public License
Andrew Tridgell [Tue, 10 Jul 2007 03:52:17 +0000 (03:52 +0000)]
r23799: updated old Franklin Street FSF addresses to new URL