Kai Blin [Mon, 28 Jan 2008 10:28:38 +0000 (11:28 +0100)]
ntlm_auth: Add a blackbox test.
Günther Deschner [Wed, 30 Jan 2008 11:48:20 +0000 (12:48 +0100)]
Fix build warning.
Guenther
Volker Lendecke [Wed, 30 Jan 2008 10:11:27 +0000 (11:11 +0100)]
Re-enable async I/O for non-TSM systems
The logic was wrong: A "SMB_VFS_AIO_FORCE()==False" disabled async I/O, whereas
a "SMB_VFS_AIO_FORCE()==True" should enforce it regardless of other settings.
Alexander, please check!
Günther Deschner [Wed, 30 Jan 2008 01:08:23 +0000 (02:08 +0100)]
Add netrenumtrusteddomains() and netrenumtrusteddomainsex() cmds to rpcclient.
Guenther
Volker Lendecke [Tue, 29 Jan 2008 22:01:23 +0000 (23:01 +0100)]
Fix uninitialized variables
response.extra_data.data is not initialized on the first error path
Found by the IBM checker
Gerald W. Carter [Tue, 29 Jan 2008 21:08:37 +0000 (15:08 -0600)]
Make make_way_for_eventlogs() static
Volker Lendecke [Sun, 20 Jan 2008 15:46:46 +0000 (16:46 +0100)]
Fix a memleak
Gerald W. Carter [Tue, 29 Jan 2008 21:06:59 +0000 (15:06 -0600)]
Fix a return value from sync_eventlog_params() (patch from Volker)
Gerald W. Carter [Tue, 29 Jan 2008 20:49:38 +0000 (14:49 -0600)]
Allow NULL request and/or response pointers to be passed to wbcRequestResponse().
This is a valid parameter set for things like setpwent() and ping().
Günther Deschner [Tue, 29 Jan 2008 16:49:38 +0000 (17:49 +0100)]
Remove include/rpc_ds.h and all references to it completly.
Jerry, please have a look if you're fine with that.
Guenther
Günther Deschner [Tue, 29 Jan 2008 14:51:19 +0000 (15:51 +0100)]
Remove unused rpc_ds marshalling code that is unused now.
Guenther
Günther Deschner [Tue, 29 Jan 2008 14:23:38 +0000 (15:23 +0100)]
Finally delete rpccli_ds_enum_domain_trusts() completly.
Guenther
Günther Deschner [Tue, 29 Jan 2008 14:05:56 +0000 (15:05 +0100)]
Remove last caller of rpccli_ds_enum_domain_trusts().
I added an alias in rpcclient's netlogon command table.
Guenther
Günther Deschner [Tue, 29 Jan 2008 13:59:20 +0000 (14:59 +0100)]
Use another pidl generated call to enumerate ds trusted domains in winbindd.
Guenther
Günther Deschner [Tue, 29 Jan 2008 13:20:20 +0000 (14:20 +0100)]
Use pidl generated call to enumerate ds trusted domains in winbindd.
Guenther
Günther Deschner [Tue, 29 Jan 2008 13:47:47 +0000 (14:47 +0100)]
Fix the build. Avoid unrequired ndr_print_ads_struct dependencies.
Guenther
Günther Deschner [Tue, 29 Jan 2008 13:14:09 +0000 (14:14 +0100)]
Add ndr_print_ads_auth_flags().
Guenther
Günther Deschner [Tue, 29 Jan 2008 11:31:51 +0000 (12:31 +0100)]
Move DS_DOMAIN_FUNCTION defines to ads.h.
Guenther
Günther Deschner [Tue, 29 Jan 2008 11:20:54 +0000 (12:20 +0100)]
Add missing windows 2008 netr_DsR_DcFlags and netr_DsRGetDCName_flags flags.
Guenther
Günther Deschner [Sat, 26 Jan 2008 00:39:33 +0000 (01:39 +0100)]
Eliminate remote tree of dsgetdcname (which will happen in libnetapi then).
Guenther
Günther Deschner [Mon, 28 Jan 2008 18:22:17 +0000 (19:22 +0100)]
Dump msDS-SupportedEncryptionTypes in adssearch.
Guenther
Gerald W. Carter [Mon, 28 Jan 2008 17:32:09 +0000 (11:32 -0600)]
Restrict the enctypes in the generated krb5.conf files to Win2003 types.
This fixes the failure observed on FC8 when joining a Windows 2008 RC1
domain. We currently do not handle user session keys correctly
when the KDC uses AES in the ticket replies.
Volker Lendecke [Sun, 27 Jan 2008 09:22:42 +0000 (10:22 +0100)]
We need to leave the corepath around
In case we need to dump core, in line 191 we dereference corepath to be able to
chdir there.
Jeremy, please check!
Volker
Tim Potter [Sun, 27 Jan 2008 06:31:56 +0000 (17:31 +1100)]
Adding missing calls to va_end().
Just a small commit to get a handle on this git thingy. This patch
fixes some missing calls to va_end() to match various calls to va_start()
and VA_COPY().
Tim.
Volker Lendecke [Sat, 26 Jan 2008 23:35:14 +0000 (00:35 +0100)]
Remove an unused external reference
Volker Lendecke [Sat, 26 Jan 2008 20:29:18 +0000 (21:29 +0100)]
Fix uninitialized variables
Thanks to Corinna Vinschen
Günther Deschner [Fri, 25 Jan 2008 20:21:33 +0000 (21:21 +0100)]
Add cmd_netlogon_dsr_getforesttrustinfo and deregisterdnsrecords to rpcclient.
Guenther
Günther Deschner [Fri, 25 Jan 2008 20:19:39 +0000 (21:19 +0100)]
Remove hand-written rpccli_netlogon_dsr_getdcnameex[2].
Guenther
Günther Deschner [Fri, 25 Jan 2008 20:17:44 +0000 (21:17 +0100)]
Use rpccli_netr_DsRGetDCNameEx and rpccli_netr_DsRGetDCNameEx2 in rpcclient.
Guenther
Günther Deschner [Fri, 25 Jan 2008 20:15:36 +0000 (21:15 +0100)]
Re-run make idl.
Couldn't we move on doing this during the build??
Guenther
Günther Deschner [Fri, 25 Jan 2008 20:12:42 +0000 (21:12 +0100)]
Fix netr_DsRGetDCNameEx and netr_DsRGetDCNameEx2 IDL.
Guenther
Günther Deschner [Fri, 25 Jan 2008 16:43:15 +0000 (17:43 +0100)]
Add IDL for netr_DsrDeregisterDNSHostRecords (just for completion).
Guenther
Volker Lendecke [Fri, 25 Jan 2008 20:20:39 +0000 (21:20 +0100)]
Fix bogus uninitialized variable warnings
Volker Lendecke [Fri, 25 Jan 2008 10:13:19 +0000 (11:13 +0100)]
Fix Coverity IDs 451, 452
Volker Lendecke [Fri, 25 Jan 2008 08:28:19 +0000 (09:28 +0100)]
Tiny simplification
Volker Lendecke [Fri, 25 Jan 2008 08:21:44 +0000 (09:21 +0100)]
Remove a pointless while loop
Volker Lendecke [Fri, 25 Jan 2008 19:52:20 +0000 (20:52 +0100)]
Attempt to fix the build on OpenBSD
Thanks to metze for pointing this out
Gerald W. Carter [Fri, 25 Jan 2008 18:21:14 +0000 (12:21 -0600)]
Always trust the domain flags in the wcache trusted domain cache.
Use the flags stored in the tdb when determining if a domain can
be contacted. The tdb should be considered authoratative anyways unless
you know the flags in the winbindd_domain are correct (such as when
first enumerating trusts).
Original suggestion and patch from Steven Danneman <steven.danneman@isilon.com>.
Manually rewritten by me for 3.2.
Gerald W. Carter [Fri, 25 Jan 2008 18:18:05 +0000 (12:18 -0600)]
Use the correct domain name when looking up the trust password.
On a DC, we always use the domain name given. On a domain member,
we use lp_workgroup(). This fixes a bug supporting trusted domains.
Günther Deschner [Fri, 25 Jan 2008 15:57:55 +0000 (16:57 +0100)]
Remove more unused LSA marshalling functions.
Guenther
Günther Deschner [Fri, 25 Jan 2008 15:40:51 +0000 (16:40 +0100)]
Remove some unused structures from rpc_lsa.h.
Guenther
Günther Deschner [Fri, 25 Jan 2008 15:35:09 +0000 (16:35 +0100)]
Add cmd_netlogon_dsr_enumtrustdom() to rpcclient.
Guenther
Günther Deschner [Fri, 25 Jan 2008 15:33:36 +0000 (16:33 +0100)]
run "make idl".
Guenther
Günther Deschner [Fri, 25 Jan 2008 15:20:47 +0000 (16:20 +0100)]
Fix netr_DsrEnumerateDomainTrusts IDL.
Guenther
Günther Deschner [Fri, 25 Jan 2008 14:46:11 +0000 (15:46 +0100)]
Add LIBNETAPI_LOCAL_SERVER() macro.
Guenther
Günther Deschner [Fri, 25 Jan 2008 14:45:38 +0000 (15:45 +0100)]
No need to close registry on libnetapi_free() anymore.
Guenther
Michael Adam [Fri, 25 Jan 2008 15:40:17 +0000 (16:40 +0100)]
Fix winbindd_can_contact_domain() on a samba DC.
The check for inbound trusts is invalid when samba is a DC
and has a trust with an active directory domain.
This effectively prevented tusts with an AD domain on a
samba DC from working (unless using "winbindd rpc only"),
because an ads_connect() was never performed. Only the
rpc-based winbindd methods were working properly.
Jerry: Please check!
Michael
Günther Deschner [Fri, 25 Jan 2008 12:26:10 +0000 (13:26 +0100)]
Use generated DSSETUP client & server rpc functions and remove the hand-written ones.
Guenther
Günther Deschner [Fri, 25 Jan 2008 12:04:58 +0000 (13:04 +0100)]
Add generated dssetup code after make idl.
Guenther
Günther Deschner [Fri, 25 Jan 2008 12:03:03 +0000 (13:03 +0100)]
Adding dssetup.idl from samba4.
Guenther
Günther Deschner [Fri, 25 Jan 2008 00:26:27 +0000 (01:26 +0100)]
Remove rpccli_samr_get_dom_pwinfo() and rpccli_samr_get_usrdom_pwinfo().
Guenther
Jeremy Allison [Fri, 25 Jan 2008 02:22:43 +0000 (18:22 -0800)]
Fix the same bug with user -> user_obj.
Jeremy.
Jeremy Allison [Fri, 25 Jan 2008 02:13:22 +0000 (18:13 -0800)]
Fix a really subtle old, old bug :-). When canonicalizing the
NT ACL into a POSIX one, if the group being set is the primary group
of the file, map it into a SMB_ACL_GROUP_OBJ, not a SMB_ACL_GROUP.
Otherwise we get an extra bogus group entry in the POSIX ACL.
Jeremy.
Jeremy Allison [Fri, 25 Jan 2008 01:50:07 +0000 (17:50 -0800)]
Correctly set flags in ACE's inherited from parent. Still one bug
left to find then I'll back-port to 3.0.28.
Jeremy.
Jeremy Allison [Fri, 25 Jan 2008 01:40:35 +0000 (17:40 -0800)]
Fix missing error check that caused crash when winbindd not running.
Jeremy.
Michael Adam [Fri, 25 Jan 2008 00:40:42 +0000 (01:40 +0100)]
Fix lookup_sids to detect unix_groups and unix_users domain sids.
This fixes panics in wbcLookupRids when 1-2-22 was passed as a
domain sid.
Michael
Michael Adam [Fri, 25 Jan 2008 00:40:01 +0000 (01:40 +0100)]
Add a debug message: show the sid lookup_sid() was called for.
Michael
Michael Adam [Fri, 25 Jan 2008 00:21:56 +0000 (01:21 +0100)]
Add debug message: show which domain_child is being forked.
Michael
Michael Adam [Thu, 24 Jan 2008 22:44:05 +0000 (23:44 +0100)]
Add a debug message to lookup_rids() printing the domain SID.
This is to ease debugging. I sporadically get panics that are
apparently due to NULL domain sid passed to lookup_rids somewhere.
Michael
Michael Adam [Thu, 24 Jan 2008 21:15:33 +0000 (22:15 +0100)]
Add a debug message winbindd_can_contact_domain()
explaining the reason for failure.
Michael
Michael Adam [Thu, 24 Jan 2008 21:47:49 +0000 (22:47 +0100)]
Fix assignment to request->data.init_conn.is_primary in init_child_connection().
The present assignment
"request->data.init_conn.is_primary = domain->internal ? False : True"
simply feels wrong. This seems to be the thing right to do:
"request->data.init_conn.is_primary = domain->primary ? true : false".
The question is: Does this have any purpose at all?
data.init_conn.is_primary seems to be used nowhere
in the whole code at all.
Is it (still) needed?
Michael
Jeremy Allison [Fri, 25 Jan 2008 00:16:40 +0000 (16:16 -0800)]
Merge branch 'v3-2-test' of ssh://jra@git.samba.org/data/git/samba into v3-2-test
Jeremy Allison [Fri, 25 Jan 2008 00:13:53 +0000 (16:13 -0800)]
Make explicit in debug we're ignoring flags from the parent SD.
Jeremy
Günther Deschner [Fri, 25 Jan 2008 00:00:51 +0000 (01:00 +0100)]
Trying to avoid defining new SAMR acct creation flags when we already have them with different
names. Matt, Jeremy, please check.
Guenther
Günther Deschner [Thu, 24 Jan 2008 23:11:58 +0000 (00:11 +0100)]
Re-run make idl.
Guenther
Günther Deschner [Thu, 24 Jan 2008 22:52:16 +0000 (23:52 +0100)]
Rename samr_*AccessMask bitfields to start with SAMR_.
Guenther
Günther Deschner [Thu, 24 Jan 2008 22:39:38 +0000 (23:39 +0100)]
Add WERR_INVALID_COMPUTER_NAME.
Guenther
Günther Deschner [Thu, 24 Jan 2008 22:38:43 +0000 (23:38 +0100)]
Add cmd_netlogon_gettrustrid() to rpcclient.
Guenther
Günther Deschner [Thu, 24 Jan 2008 22:37:57 +0000 (23:37 +0100)]
make idl.
Guenther
Günther Deschner [Thu, 24 Jan 2008 22:35:02 +0000 (23:35 +0100)]
Add IDL for netr_LogonGetTrustRid.
Guenther
Jeremy Allison [Thu, 24 Jan 2008 21:27:00 +0000 (13:27 -0800)]
Add debug messages to trace this if needed.
Jeremy.
Jeremy Allison [Thu, 24 Jan 2008 21:06:11 +0000 (13:06 -0800)]
The checks for OI and CI were just wrong.... Fix them. Thanks to
Jim for testing this.
Jeremy.
Jeremy Allison [Thu, 24 Jan 2008 20:59:08 +0000 (12:59 -0800)]
First part of fix for bug #4929 - worked out by jmcd.
Cope with protected ACL set correctly.
Jeremy.
Günther Deschner [Thu, 24 Jan 2008 16:39:29 +0000 (17:39 +0100)]
Fix winbindd build w/o ADS.
Guenther
Volker Lendecke [Thu, 24 Jan 2008 15:12:42 +0000 (16:12 +0100)]
Fix Coverity ID 454
Volker Lendecke [Thu, 24 Jan 2008 14:57:00 +0000 (15:57 +0100)]
Fix Coverity ID 463
Volker Lendecke [Thu, 24 Jan 2008 14:52:45 +0000 (15:52 +0100)]
Fix Coverity ID 465
Günther Deschner [Thu, 24 Jan 2008 15:19:58 +0000 (16:19 +0100)]
Add winbind_msg_dump_domain_list to winbindd.
Guenther
Günther Deschner [Thu, 24 Jan 2008 15:10:18 +0000 (16:10 +0100)]
Add winbindd debugging ndr_print helpers.
Guenther
Günther Deschner [Thu, 24 Jan 2008 15:09:20 +0000 (16:09 +0100)]
Add dump-domain-list command for debugging winbindd's domain_list.
Guenther
Stefan Metzmacher [Thu, 24 Jan 2008 14:12:00 +0000 (15:12 +0100)]
rerun 'make idl'
metze
Stefan Metzmacher [Thu, 24 Jan 2008 14:17:06 +0000 (15:17 +0100)]
netlogon.idl: add some MSV1_0_ values from samba3 and use a bitmap32
metze
(cherry picked from commit
7222edb9cde5cdeb9d065e890775a7254b26648f)
Günther Deschner [Thu, 24 Jan 2008 12:53:36 +0000 (13:53 +0100)]
Re-run make idl and use generated ndr based on samba4 security.idl (except for DOM_SID).
Guenther
Günther Deschner [Thu, 24 Jan 2008 12:45:38 +0000 (13:45 +0100)]
Merge over security.idl from samba4.
Guenther
Günther Deschner [Thu, 24 Jan 2008 10:44:29 +0000 (11:44 +0100)]
Fix samr_EnumDomainUsers in samba3, must not be a ref pointer here.
Guenther
Stefan Metzmacher [Thu, 24 Jan 2008 09:24:41 +0000 (10:24 +0100)]
netlogon.idl: make use of bitmap samr_GroupAttrs
metze
(from v4-0-test
6d68161e676d381600c77c3f862bd7e013968724)
Stefan Metzmacher [Thu, 24 Jan 2008 09:22:45 +0000 (10:22 +0100)]
netlogon.idl: remove unused netr_GroupsMembership structure
We have samr_RidWithAttribute and use that in all cases.
metze
(cherry picked from commit
3c5bae2249d01213ff4bd7df2b4e3ac04da4a52d)
Volker Lendecke [Wed, 23 Jan 2008 16:37:59 +0000 (17:37 +0100)]
More read_data -> read_socket_with_timeout
Derrell Lipman [Thu, 24 Jan 2008 01:50:24 +0000 (20:50 -0500)]
Merge branch 'setxattr-dos-mode' into v3-2-test
Derrell Lipman [Thu, 24 Jan 2008 01:44:54 +0000 (20:44 -0500)]
Allow clearing all settable DOS mode bits. A mode value of zero is ignored by
Windows. If the requested mode is zero, we instead send the appropriate one
of 0x80 (NORMAL) or 0x10 (DIRECTORY).
Thanks Jeremy!
Derrell
Jeremy Allison [Wed, 23 Jan 2008 23:23:16 +0000 (15:23 -0800)]
Don't leak memory in error path.
Jeremy.
Jeremy Allison [Wed, 23 Jan 2008 23:00:40 +0000 (15:00 -0800)]
Use strchr_m in seaching for '.' in the hostname to make sure we're mb safe.
Jeremy.
Andreas Schneider [Thu, 17 Jan 2008 10:35:40 +0000 (11:35 +0100)]
Fix Windows 2008 (Longhorn) join.
During 'net ads join' the cli->desthost is a hostname (e.g.
rupert.galaxy.site). Check if we have a hostname and use only the
first part, the machine name, of the string.
Andreas Schneider [Thu, 17 Jan 2008 09:11:11 +0000 (10:11 +0100)]
Windows 2008 (Longhorn) auth2 flag fixes.
Interop fixes for AD specific flags. Original patch from Todd Stetcher.
Jeremy Allison [Wed, 23 Jan 2008 21:54:02 +0000 (13:54 -0800)]
Forward ported version of Matt Geddes <musicalcarrion@gmail.com>
patch for adding acct_flags to rpccli_samr_create_dom_user().
Jerry please test.
Jeremy.
Volker Lendecke [Wed, 23 Jan 2008 15:42:31 +0000 (16:42 +0100)]
read_socket_with_timeout has timeout=0 handling
Volker Lendecke [Wed, 23 Jan 2008 10:04:10 +0000 (11:04 +0100)]
strtok -> strtok_r
Michael Adam [Wed, 23 Jan 2008 13:33:22 +0000 (14:33 +0100)]
Fix panic: Don't free the logfilename in winbind_child_died().
The child struct is immediately reused, and this results
in a panic when child->logfilename == NULL.
Michael
Michael Adam [Wed, 23 Jan 2008 12:52:42 +0000 (13:52 +0100)]
Initialize _domain_list to NULL.
Just to be sure the "if (!_domain_list)" in domain_list() test always works.
Michael
Günther Deschner [Wed, 23 Jan 2008 11:03:51 +0000 (12:03 +0100)]
Fix get_trust_creds() to return always an upper-cased krb5 principal (this
fixes winbind krb5 session at least with heimdal).
Guenther