[SCM] Samba Website Repository - branch master updated
The branch, master has been updated via a245a47 Freenode -> Libera.chat from 3548fc7 Add Samba 4.13.9. https://git.samba.org/?p=samba-web.git;a=shortlog;h=master - Log - commit a245a472aff7db78a908473a28c7f1d6e91d624c Author: Simo Sorce Date: Thu May 20 11:38:33 2021 -0400 Freenode -> Libera.chat Signed-off-by: Simo Sorce --- Summary of changes: devel/TODO.html | 4 +++- irc.html| 6 ++ 2 files changed, 5 insertions(+), 5 deletions(-) Changeset truncated at 500 lines: diff --git a/devel/TODO.html b/devel/TODO.html index 1196809..604cef5 100755 --- a/devel/TODO.html +++ b/devel/TODO.html @@ -16,7 +16,9 @@ Coding Projects -All coding work needs to be coordinated with a Samba Team member, at the very least, on the https://lists.samba.org/listinfo/samba-technical;>samba-technical mailing list or on the #samba-technical IRC channel (irc.freenode.net). Don't just start coding and expect patches to automatically be integrated in. Obviously, projects by specific team members need to be coordinated with those team members in charge. +All coding work needs to be coordinated with a Samba +Team member, at the very least, on the https://lists.samba.org/listinfo/samba-technical;>samba-technical mailing list or on the #samba-technical IRC channel (irc.libera.chat). Don't just start coding and expect patches to automatically be integrated in. Obviously, projects by specific team members need to be coordinated with those team members in charge. For those without Git write access (non-team members), patches should be incremental and in the form of context diffs (attached diff -u output or better diff --git a/irc.html b/irc.html index 3f312b0..79e612e 100644 --- a/irc.html +++ b/irc.html @@ -5,7 +5,7 @@ Samba IRC Channels Samba is discussed on two IRC channels on the http://www.freenode.net/;>FreeNode network (irc.freenode.net). +href="https://libera.chat/;>Libera.Chat network (irc.libera.chat). #samba @@ -29,8 +29,6 @@ href="http://www.freenode.net/;>FreeNode network (irc.freenode.net). Note: This channel is for discussion about development issues only, not for questions about problems with Samba! -Logs for #samba-technical are available at http://irclog.samba.org/;>http://irclog.samba.org/. - -Freenode has a couple of http://freenode.net/channel_guidelines.shtml;>general notes about behaviour in IRC channels. +Libera.chat has a couple of https://libera.chat/guidelines;>general notes about behaviour in IRC channels. -- Samba Website Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via f5e3b1e Remove dead code via 01319b6 Revert "Use "localhost" to be ipv6 only friendly" via 3e8c509 Use "localhost" to be ipv6 only friendly from f092ac5 Update help text for dbcheck https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit f5e3b1e9d31510490976b992074024c5a0c1393b Author: Simo Sorce <i...@samba.org> Date: Sun Mar 18 14:15:30 2018 -0400 Remove dead code Signed-off-by: Simo Sorce <i...@samba.org> Autobuild-User(master): Simo Sorce <i...@samba.org> Autobuild-Date(master): Mon Mar 19 20:29:28 CET 2018 on sn-devel-144 commit 01319b6e659ab29050dd3aa14d800d6f77e511d5 Author: Simo Sorce <i...@samba.org> Date: Sat Mar 17 14:50:49 2018 -0400 Revert "Use "localhost" to be ipv6 only friendly" This reverts commit 54548f6dde3cf74f0e90ef577a55fd720dca6d93. commit 3e8c50901c982aaddd86f81328a89e16f1bb5289 Author: Simo Sorce <i...@samba.org> Date: Sat Mar 17 14:07:37 2018 -0400 Use "localhost" to be ipv6 only friendly Signed-off-by: Simo Sorce <i...@samba.org> --- Summary of changes: file_server/file_server.c| 1 - file_server/file_server.h| 25 - source4/smb_server/service_smb.c | 1 - source4/winbind/winbindd.c | 1 - 4 files changed, 28 deletions(-) delete mode 100644 file_server/file_server.h Changeset truncated at 500 lines: diff --git a/file_server/file_server.c b/file_server/file_server.c index 20fa577..1b6a01b 100644 --- a/file_server/file_server.c +++ b/file_server/file_server.c @@ -26,7 +26,6 @@ #include "lib/param/param.h" #include "source4/smbd/service.h" #include "source4/smbd/process_model.h" -#include "file_server/file_server.h" #include "dynconfig.h" #include "nsswitch/winbind_client.h" diff --git a/file_server/file_server.h b/file_server/file_server.h deleted file mode 100644 index 7da9437..000 --- a/file_server/file_server.h +++ /dev/null @@ -1,25 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - run s3 file server within Samba4 - - Copyright (C) Andrew Tridgell 2011 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -/* - open the s3 smb server sockets -*/ -void s3_smbd_task_init(struct task_server *task); diff --git a/source4/smb_server/service_smb.c b/source4/smb_server/service_smb.c index ddf24a9..3f0f009 100644 --- a/source4/smb_server/service_smb.c +++ b/source4/smb_server/service_smb.c @@ -33,7 +33,6 @@ #include "param/share.h" #include "dsdb/samdb/samdb.h" #include "param/param.h" -#include "file_server/file_server.h" #include "ntvfs/ntvfs.h" #include "lib/cmdline/popt_common.h" /* diff --git a/source4/winbind/winbindd.c b/source4/winbind/winbindd.c index 6aa0418..7fb0836 100644 --- a/source4/winbind/winbindd.c +++ b/source4/winbind/winbindd.c @@ -27,7 +27,6 @@ #include "lib/param/param.h" #include "source4/smbd/service.h" #include "source4/smbd/process_model.h" -#include "file_server/file_server.h" #include "dynconfig.h" #include "nsswitch/winbind_client.h" -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 461c69b s3:smb2_server: In CCM and GCM mode we can't reuse nonces via 477ecfb libcli/smb: In CCM and GCM mode we can't reuse nonces from 3073a2e ctdbd_conn: Fix CID 1301580 Explicit null dereferenced https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 461c69bd7c52c8b980cf56be2abf9ce7accb6048 Author: Simo Sorce i...@samba.org Date: Wed May 20 14:01:44 2015 +0200 s3:smb2_server: In CCM and GCM mode we can't reuse nonces Reuse of nonces with AES-CCM and AES-GCM leads to catastrophic failure, so make sure the server drops the connection if that ever happens. Bug: https://bugzilla.samba.org/show_bug.cgi?id=11300 Pair-Programmed-With: Stefan Metzmacher me...@samba.org Signed-off-by: Simo Sorce s...@redhat.com Signed-off-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Simo Sorce i...@samba.org Autobuild-Date(master): Fri May 29 22:38:50 CEST 2015 on sn-devel-104 commit 477ecfbdaf73a8a2b7af31938c14b84242336460 Author: Stefan Metzmacher me...@samba.org Date: Thu May 28 15:20:54 2015 +0200 libcli/smb: In CCM and GCM mode we can't reuse nonces Reuse of nonces with AES-CCM and AES-GCM leads to catastrophic failure, so make sure the server drops the connection if that ever happens. Bug: https://bugzilla.samba.org/show_bug.cgi?id=11300 Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Simo Sorce i...@samba.org --- Summary of changes: libcli/smb/smb2_constants.h| 5 +++ libcli/smb/smbXcli_base.c | 71 +-- source3/librpc/idl/smbXsrv.idl | 2 ++ source3/smbd/smb2_server.c | 76 +- source3/smbd/smb2_sesssetup.c | 31 +++-- 5 files changed, 148 insertions(+), 37 deletions(-) Changeset truncated at 500 lines: diff --git a/libcli/smb/smb2_constants.h b/libcli/smb/smb2_constants.h index 2bda4e9..f6edf6b 100644 --- a/libcli/smb/smb2_constants.h +++ b/libcli/smb/smb2_constants.h @@ -138,6 +138,11 @@ /* Values for the SMB2_ENCRYPTION_CAPABILITIES Context (= 0x310) */ #define SMB2_ENCRYPTION_AES128_CCM 0x0001 /* only in dialect = 0x224 */ #define SMB2_ENCRYPTION_AES128_GCM 0x0002 /* only in dialect = 0x310 */ +#define SMB2_NONCE_HIGH_MAX(nonce_len_bytes) ((uint64_t)(\ + ((nonce_len_bytes) = 16) ? UINT64_MAX : \ + ((nonce_len_bytes) = 8) ? 0 : \ + (((uint64_t)1 (((nonce_len_bytes) - 8)*8)) - 1) \ + )) /* SMB2 session (request) flags */ #define SMB2_SESSION_FLAG_BINDING 0x01 diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c index 2f47fe6..c2ba83a 100644 --- a/libcli/smb/smbXcli_base.c +++ b/libcli/smb/smbXcli_base.c @@ -34,6 +34,9 @@ #include librpc/ndr/libndr.h #include libcli/smb/smb2_negotiate_context.h #include lib/crypto/sha512.h +#include lib/crypto/aes.h +#include lib/crypto/aes_ccm_128.h +#include lib/crypto/aes_gcm_128.h struct smbXcli_conn; struct smbXcli_req; @@ -150,6 +153,8 @@ struct smb2cli_session { bool should_encrypt; DATA_BLOB encryption_key; DATA_BLOB decryption_key; + uint64_t nonce_high_random; + uint64_t nonce_high_max; uint64_t nonce_high; uint64_t nonce_low; uint16_t channel_sequence; @@ -2863,6 +2868,8 @@ NTSTATUS smb2cli_req_compound_submit(struct tevent_req **reqs, int tf_iov = -1; const DATA_BLOB *encryption_key = NULL; uint64_t encryption_session_id = 0; + uint64_t nonce_high = UINT64_MAX; + uint64_t nonce_low = UINT64_MAX; /* * 1 for the nbt length, optional TRANSFORM @@ -2913,6 +2920,31 @@ NTSTATUS smb2cli_req_compound_submit(struct tevent_req **reqs, encryption_session_id = state-session-smb2-session_id; + state-session-smb2-nonce_low += 1; + if (state-session-smb2-nonce_low == 0) { + state-session-smb2-nonce_high += 1; + state-session-smb2-nonce_low += 1; + } + + /* +* CCM and GCM algorithms must never have their +* nonce wrap, or the security of the whole +* communication and the keys is destroyed. +* We must drop the connection once we have +* transfered too much data. +* +* NOTE: We assume nonces greater than 8 bytes. +*/ + if (state-session-smb2-nonce_high = + state-session-smb2-nonce_high_max) + { + return NT_STATUS_ENCRYPTION_FAILED; + } + + nonce_high = state-session-smb2-nonce_high_random
[SCM] Samba Website Repository - branch master updated
The branch, master has been updated via ca6206d Add Red Hat link to Team members working for RH from 244c099 Add Jose to Team page. http://gitweb.samba.org/?p=samba-web.git;a=shortlog;h=master - Log - commit ca6206d2846ff2ec002c92b48ef74fb16f7bc7fc Author: Simo Sorce i...@samba.org Date: Thu Jun 12 10:19:18 2014 -0400 Add Red Hat link to Team members working for RH --- Summary of changes: team/index.html | 14 +++--- 1 files changed, 7 insertions(+), 7 deletions(-) Changeset truncated at 500 lines: diff --git a/team/index.html b/team/index.html index 2d861ad..3cc1e2c 100755 --- a/team/index.html +++ b/team/index.html @@ -52,14 +52,14 @@ mailing list/a and start contributing to the development of Samba./p lia href=mailto:anato...@samba.org;Anatoliy Atanasov/a/li lia href=http://samba.org/~abartlet/;Andrew Bartlett/a/li lia href=mailto:k...@samba.org;Kai Blin/a/li -lia href=mailto:a...@samba.org;Alexander Bokovoy/a/li -lia href=mailto:i...@samba.org;Ira Cooper/a/li +lia href=mailto:a...@samba.org;Alexander Bokovoy/anbsp;(a href=https://www.redhat.com/;Red Hat/a)/li +lia href=mailto:i...@samba.org;Ira Cooper/anbsp;(a href=https://www.redhat.com/;Red Hat/a)/li lia href=http://samba.org/~sdanneman/;Steven Danneman/a/li -lia href=http://samba.org/~gd;Guuml;nther Deschner/a/li +lia href=http://samba.org/~gd;Guuml;nther Deschner/anbsp;(a href=https://www.redhat.com/;Red Hat/a)/li lia href=mailto:dd...@samba.org;David Disseldorp/anbsp;(a href=https://www.suse.com/;SUSE/a)/li lia href=mailto:sfre...@samba.org;Steve French/a/li lia href=mailto:pa...@samba.org;Paul Green/a/li -lia href=http://ubiqx.org/;Chris Hertel/a/li +lia href=http://ubiqx.org/;Chris Hertel/anbsp;(a href=https://www.redhat.com/;Red Hat/a)/li lia href=mailto:hhet...@samba.org;Holger Hetterich/anbsp;(a href=https://www.suse.com/;SUSE/a)/li lia href=http://people.su.se/~lha/;Love Houml;rnquist Aring;strand/a/li lia href=mailto:ami...@samba.org;Amitay Isaacs/a/li @@ -83,15 +83,15 @@ mailing list/a and start contributing to the development of Samba./p lia href=mailto:jpe...@samba.org;James Peach/a/li lia href=mailto:t...@samba.org;Tim Potter/a/li lia href=http://samba.org/~tprouty/;Tim Prouty/a/li -lia href=http://jarrpa.net;José A. Rivera/a/li +lia href=http://jarrpa.net;José A. Rivera/anbsp;(a href=https://www.redhat.com/;Red Hat/a)/li lia href=http://ozlabs.org/~rusty/;Rusty Russell/a/li lia href=mailto:c...@samba.org;Christof Schmitt/a/li -lia href=http://samba.org/~asn/;Andreas Schneider/a/li +lia href=http://samba.org/~asn/;Andreas Schneider/anbsp;(a href=https://www.redhat.com/;Red Hat/a)/li lia href=http://martin.meltin.net/;Martin Schwenke/a/li lia href=mailto:ksee...@samba.org;Karolin Seeger/anbsp;(a href=http://www.sernet.de/en/;SerNet/a)/li lia href=http://www.richardsharpe.com;Richard Sharpe/a/li lia href=mailto:d...@samba.org;Dan Shearer/a/li -lia href=mailto:i...@samba.org;Simo Sorce/a/li +lia href=mailto:i...@samba.org;Simo Sorce/anbsp;(a href=https://www.redhat.com/;Red Hat/a)/li lia href=mailto:mi...@samba.org;Rafal Szczesniak/a/li lia href=mailto:j...@samba.org;John Terpstra/a/li lia href=http://samba.org/~tridge/;Andrew Tridgell/a/li -- Samba Website Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 3f60f0e Fix selfetet environment user gid from c1507bc s4:imessaging: Remove event context from irpc and imessaging structures http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 3f60f0e36b6de1be3944f8de039df875a2278078 Author: Simo Sorce i...@samba.org Date: Tue May 13 12:57:10 2014 +0200 Fix selfetet environment user gid The real invoking user's gid should be in the /etc/group file or it may cause spurious error messages. Signed-off-by: Simo Sorce i...@samba.org Reviewed-by: Andreas Schneider a...@samba.org Autobuild-User(master): Simo Sorce i...@samba.org Autobuild-Date(master): Tue May 13 15:33:21 CEST 2014 on sn-devel-104 --- Summary of changes: selftest/target/Samba4.pm |3 +++ 1 files changed, 3 insertions(+), 0 deletions(-) mode change 100644 = 100755 selftest/target/Samba4.pm Changeset truncated at 500 lines: diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm old mode 100644 new mode 100755 index 86ee4fe..15fb5d2 --- a/selftest/target/Samba4.pm +++ b/selftest/target/Samba4.pm @@ -511,6 +511,8 @@ sub provision_raw_prepare($$) chomp $unix_name; $ctx-{unix_name} = $unix_name; $ctx-{unix_uid} = $; + my @mygid = split( , $(); + $ctx-{unix_gid} = $mygid[0]; $ctx-{unix_gids_str} = $); @{$ctx-{unix_gids}} = split( , $ctx-{unix_gids_str}); @@ -688,6 +690,7 @@ wheel:x:10: users:x:100: nobody:x:65533: nogroup:x:65534:nobody +$ctx-{unix_name}:x:$ctx-{unix_gid}: ; close(GRP); my $gid_rfc2307test = 65532; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 2b77b07 s3/libsmb: Free memdup'd local variable via 9a9e569 passdb: Patch memory leak in pdb_ldap.c from 293aac0 testprogs: Fix pkinit test with system ldb. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 2b77b072862accc3fffddc964740917102898567 Author: Jose A. Rivera jar...@redhat.com Date: Thu Feb 20 09:14:59 2014 -0600 s3/libsmb: Free memdup'd local variable secrets_fetch_machine_password() sets pwd to point to memdup()'d (and thus malloc()'d) memory. This memory should be freed before we go out of scope. Change-Id: I07e575819c309fa5b85627dce2eb969bc720ce4e Coverity-Id: 1168001 Reviewed-by: Ira Cooper i...@samba.org Signed-off-by: Jose A. Rivera jar...@redhat.com Reviewed-by: Simo Sorce i...@samba.org Autobuild-User(master): Simo Sorce i...@samba.org Autobuild-Date(master): Sat Feb 22 00:58:23 CET 2014 on sn-devel-104 commit 9a9e56943d186e5a8655b5d731a339e453da8ae8 Author: Jose A. Rivera jar...@redhat.com Date: Tue Feb 18 07:35:37 2014 -0600 passdb: Patch memory leak in pdb_ldap.c Moved the call to the talloc autofree function to as early a point as possible. init_ldap_from_sam() already calls smbldap_set_mod(), and there's a chance that the init will fail after having already allocated memory for mods. Coverity-Id: 1167997 Change-Id: Ic26bfb3c530f90aa885e447b8409deba49708d64 Reviewed-by: Ira Cooper i...@samba.org Signed-off-by: Jose A. Rivera jar...@redhat.com Reviewed-by: Simo Sorce i...@samba.org --- Summary of changes: source3/libsmb/trusts_util.c |1 + source3/passdb/pdb_ldap.c| 10 ++ 2 files changed, 7 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/libsmb/trusts_util.c b/source3/libsmb/trusts_util.c index b38aec6..bb2e977 100644 --- a/source3/libsmb/trusts_util.c +++ b/source3/libsmb/trusts_util.c @@ -118,6 +118,7 @@ NTSTATUS trust_pw_change(struct netlogon_creds_cli_context *context, TALLOC_FREE(frame); return NT_STATUS_TRUSTED_RELATIONSHIP_FAILURE; } + free(pwd); break; case SEC_CHAN_DOMAIN: if (!pdb_get_trusteddom_pw(domain, pwd, sid, pass_last_set_time)) { diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c index 6be5fb6..cea8627 100644 --- a/source3/passdb/pdb_ldap.c +++ b/source3/passdb/pdb_ldap.c @@ -5168,6 +5168,7 @@ static NTSTATUS ldapsam_create_user(struct pdb_methods *my_methods, uint32_t num_result; bool is_machine = False; bool add_posix = False; + bool init_okay = False; LDAPMod **mods = NULL; struct samu *user; char *filter; @@ -5285,7 +5286,10 @@ static NTSTATUS ldapsam_create_user(struct pdb_methods *my_methods, return NT_STATUS_UNSUCCESSFUL; } - if (!init_ldap_from_sam(ldap_state, entry, mods, user, pdb_element_is_set_or_changed)) { + init_okay = init_ldap_from_sam(ldap_state, entry, mods, user, pdb_element_is_set_or_changed); + smbldap_talloc_autofree_ldapmod(tmp_ctx, mods); + + if (!init_okay) { DEBUG(1,(ldapsam_create_user: Unable to fill user structs\n)); return NT_STATUS_UNSUCCESSFUL; } @@ -5371,9 +5375,7 @@ static NTSTATUS ldapsam_create_user(struct pdb_methods *my_methods, smbldap_set_mod(mods, LDAP_MOD_ADD, loginShell, shell); } - smbldap_talloc_autofree_ldapmod(tmp_ctx, mods); - - if (add_posix) { + if (add_posix) { rc = smbldap_add(ldap_state-smbldap_state, dn, mods); } else { rc = smbldap_modify(ldap_state-smbldap_state, dn, mods); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 4b637c3 ldb: use of NULL pointer bugfix from bdb818d s4-rpc: dnsserver: Ignore duplicate dns zones from multiple locations http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 4b637c367fdda832e95208f49e8893b0a0cac4b4 Author: Pavel Reichl pavel.rei...@redhat.com Date: Tue Dec 3 14:37:20 2013 + ldb: use of NULL pointer bugfix Autobuild-User(master): Simo Sorce i...@samba.org Autobuild-Date(master): Tue Dec 3 21:13:53 CET 2013 on sn-devel-104 --- Summary of changes: lib/ldb/common/ldb.c |4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/ldb/common/ldb.c b/lib/ldb/common/ldb.c index 3dc6d87..d2b873f 100644 --- a/lib/ldb/common/ldb.c +++ b/lib/ldb/common/ldb.c @@ -572,8 +572,8 @@ int ldb_wait(struct ldb_handle *handle, enum ldb_wait_type type) struct tevent_context *ev; int ret; - if (!handle) { - return ldb_error(handle-ldb, LDB_ERR_UNAVAILABLE, NULL); + if (handle == NULL) { + return LDB_ERR_UNAVAILABLE; } if (handle-state == LDB_ASYNC_DONE) { -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 9423d5a Fix bug #10063 - source3/lib/util.c:1493 leaking memory w/ pam_winbind.so / winbind from 3ddb77f torture: Split the fsinfo check into a separate test http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 9423d5afb71e272298f4858d82f436e19ee2b07f Author: Jeremy Allison j...@samba.org Date: Fri Aug 2 15:03:39 2013 -0700 Fix bug #10063 - source3/lib/util.c:1493 leaking memory w/ pam_winbind.so / winbind Don't use talloc_tos() in something that can be linked to in pam_winbindd.so Signed-off-by: Jeremy Allison j...@samba.org Reviewed-by: Simo Sorce i...@samba.org Autobuild-User(master): Simo Sorce i...@samba.org Autobuild-Date(master): Sat Aug 24 02:28:28 CEST 2013 on sn-devel-104 --- Summary of changes: source3/lib/util.c |6 -- 1 files changed, 4 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/lib/util.c b/source3/lib/util.c index bf6c8c5..5168092 100644 --- a/source3/lib/util.c +++ b/source3/lib/util.c @@ -1462,10 +1462,12 @@ char *myhostname(void) char *myhostname_upper(void) { - char *name; static char *ret; if (ret == NULL) { - name = get_myname(talloc_tos()); + char *name = get_myname(NULL); + if (name == NULL) { + return NULL; + } ret = strupper_talloc(NULL, name); talloc_free(name); } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via c8c84b4 vfs_glusterfs: Implement proper mashalling/unmarshalling of ACLs from 91b0ff7 smbd: Do not wait unnecessarily http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c8c84b47be6721626dc9a111b186d2b8f658409e Author: Anand Avati av...@redhat.com Date: Sun Aug 11 15:59:29 2013 -0400 vfs_glusterfs: Implement proper mashalling/unmarshalling of ACLs Use the primitives available in Samba byteorder.h for implementing proper (un)marshalling of ACL xattrs. - Incorporated Raghavendra Talur's comments on v3 Signed-off-by: Anand Avati av...@redhat.com Signed-off-by: Raghavendra Talur rta...@redhat.com Reviewed-by: Jeremy Allison j...@samba.org Reviewed-by: Christopher R. Hertel c...@samba.org Tested-by: Jose A. Rivera jar...@redhat.com Autobuild-User(master): Simo Sorce i...@samba.org Autobuild-Date(master): Fri Aug 16 20:34:51 CEST 2013 on sn-devel-104 --- Summary of changes: source3/modules/vfs_glusterfs.c | 153 --- 1 files changed, 111 insertions(+), 42 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_glusterfs.c b/source3/modules/vfs_glusterfs.c index af8d5b7..eac1b24 100644 --- a/source3/modules/vfs_glusterfs.c +++ b/source3/modules/vfs_glusterfs.c @@ -992,13 +992,36 @@ static int vfs_gluster_set_offline(struct vfs_handle_struct *handle, return -1; } -/* Posix ACL Operations */ +/* + Gluster ACL Format: + + Size = 4 (header) + N * 8 (entry) + + Offset SizeField (Little Endian) + - + 0-3 4-byte Version + + 4-5 2-byte Entry-1 tag + 6-7 2-byte Entry-1 perm + 8-114-byte Entry-1 id + + 12-13 2-byte Entry-2 tag + 14-15 2-byte Entry-2 perm + 16-19 4-byte Entry-2 id + ... + + */ + +/* header version */ #define GLUSTER_ACL_VERSION 2 + +/* perm bits */ #define GLUSTER_ACL_READ0x04 #define GLUSTER_ACL_WRITE 0x02 #define GLUSTER_ACL_EXECUTE 0x01 +/* tag values */ #define GLUSTER_ACL_UNDEFINED_TAG 0x00 #define GLUSTER_ACL_USER_OBJ 0x01 #define GLUSTER_ACL_USER 0x02 @@ -1009,58 +1032,49 @@ static int vfs_gluster_set_offline(struct vfs_handle_struct *handle, #define GLUSTER_ACL_UNDEFINED_ID (-1) -struct gluster_ace { - uint16_t tag; - uint16_t perm; - uint32_t id; -}; - -struct gluster_acl_header { - uint32_t version; - struct gluster_ace entries[]; -}; +#define GLUSTER_ACL_HEADER_SIZE4 +#define GLUSTER_ACL_ENTRY_SIZE 8 static SMB_ACL_T gluster_to_smb_acl(const char *buf, size_t xattr_size, TALLOC_CTX *mem_ctx) { int count; size_t size; - struct gluster_ace *ace; struct smb_acl_entry *smb_ace; - struct gluster_acl_header *hdr; struct smb_acl_t *result; int i; + int offset; uint16_t tag; uint16_t perm; uint32_t id; size = xattr_size; - if (size sizeof(*hdr)) { - /* ACL should be at least as big as the header */ + if (size GLUSTER_ACL_HEADER_SIZE) { + /* ACL should be at least as big as the header (4 bytes) */ errno = EINVAL; return NULL; } - size -= sizeof(*hdr); + size -= GLUSTER_ACL_HEADER_SIZE; /* size of header = 4 bytes */ - if (size % sizeof(*ace)) { + if (size % GLUSTER_ACL_ENTRY_SIZE) { /* Size of entries must strictly be a multiple of - size of an ACE + size of an ACE (8 bytes) */ errno = EINVAL; return NULL; } - count = size / sizeof(*ace); + count = size / GLUSTER_ACL_ENTRY_SIZE; - hdr = (void *)buf; - - if (ntohl(hdr-version) != GLUSTER_ACL_VERSION) { + /* Version is the first 4 bytes of the ACL */ + if (IVAL(buf, 0) != GLUSTER_ACL_VERSION) { DEBUG(0, (Unknown gluster ACL version: %d\n, - ntohl(hdr-version))); + IVAL(buf, 0))); return NULL; } + offset = GLUSTER_ACL_HEADER_SIZE; result = sys_acl_init(mem_ctx); if (!result) { @@ -1078,10 +1092,19 @@ static SMB_ACL_T gluster_to_smb_acl(const char *buf, size_t xattr_size, result-count = count; smb_ace = result-acl; - ace = hdr-entries; for (i = 0; i count; i++) { - tag = ntohs(ace-tag); + /* TAG is the first 2 bytes of an entry */ + tag = SVAL(buf, offset); + offset += 2; + + /* PERM is the next 2 bytes of an entry */ + perm = SVAL(buf, offset
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 1573638 Fix typos in man-pages from e6a58d3 s4:rpc_server: make sure we don't terminate a connection with pending requests (bug #9820) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 1573638212a9733a44939a4d38a226f38dca36f1 Author: Michele Baldessari mich...@acksyn.org Date: Tue Jul 9 23:23:33 2013 +0200 Fix typos in man-pages Fix some typos in the man-pages. Signed-off-by: Michele Baldessari mich...@acksyn.org Reviewed-by: Simo Sorce i...@samba.org Autobuild-User(master): Simo Sorce i...@samba.org Autobuild-Date(master): Wed Jul 10 16:45:07 CEST 2013 on sn-devel-104 --- Summary of changes: docs-xml/manpages/dbwrap_tool.1.xml |2 +- docs-xml/manpages/idmap_autorid.8.xml|2 +- docs-xml/manpages/net.8.xml |2 +- docs-xml/manpages/pdbedit.8.xml |2 +- docs-xml/manpages/samba.7.xml|2 +- docs-xml/manpages/smbclient.1.xml|2 +- docs-xml/manpages/smbpasswd.5.xml|2 +- docs-xml/manpages/vfs_smb_traffic_analyzer.8.xml |2 +- 8 files changed, 8 insertions(+), 8 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/manpages/dbwrap_tool.1.xml b/docs-xml/manpages/dbwrap_tool.1.xml index e2b2cee..a1a2f97 100644 --- a/docs-xml/manpages/dbwrap_tool.1.xml +++ b/docs-xml/manpages/dbwrap_tool.1.xml @@ -49,7 +49,7 @@ listitemparafetch: fetch a record/para/listitem listitemparastore: create or modify a record/para/listitem listitemparadelete: remove a record/para/listitem - listitemparaexists: test for existance of a record/para/listitem + listitemparaexists: test for existence of a record/para/listitem listitemparaerase: remove all records/para/listitem listitemparalistkeys: list all available records/para/listitem listitemparalistwatchers: list processes, which are waiting for changes in a record/para/listitem diff --git a/docs-xml/manpages/idmap_autorid.8.xml b/docs-xml/manpages/idmap_autorid.8.xml index c35f903..7446d53 100644 --- a/docs-xml/manpages/idmap_autorid.8.xml +++ b/docs-xml/manpages/idmap_autorid.8.xml @@ -109,7 +109,7 @@ titleEXAMPLES/title para This example shows you the minimal configuration that will - work for the principial domain and 19 trusted domains / range + work for the principal domain and 19 trusted domains / range extensions. /para diff --git a/docs-xml/manpages/net.8.xml b/docs-xml/manpages/net.8.xml index dd5b3ab..0df2e07 100644 --- a/docs-xml/manpages/net.8.xml +++ b/docs-xml/manpages/net.8.xml @@ -1671,7 +1671,7 @@ shares created by other users. paraStarting with version 3.2.0, a Samba server can be configured by data stored in registry. This configuration data can be edited with the new net -conf commands. There is also the possiblity to configure a remote Samba server +conf commands. There is also the possibility to configure a remote Samba server by enabling the RPC conf mode and specifying the the address of the remote server. /para diff --git a/docs-xml/manpages/pdbedit.8.xml b/docs-xml/manpages/pdbedit.8.xml index 4bb3751..c5d6b23 100644 --- a/docs-xml/manpages/pdbedit.8.xml +++ b/docs-xml/manpages/pdbedit.8.xml @@ -289,7 +289,7 @@ retype new password /programlisting /para - noteparapdbedit does not call the unix password syncronisation + noteparapdbedit does not call the unix password synchronization script if smbconfoption name=unix password sync/ has been set. It only updates the data in the Samba user database. diff --git a/docs-xml/manpages/samba.7.xml b/docs-xml/manpages/samba.7.xml index 9299660..cedb4e4 100644 --- a/docs-xml/manpages/samba.7.xml +++ b/docs-xml/manpages/samba.7.xml @@ -91,7 +91,7 @@ manvolnum8/manvolnum/citerefentry/term listitemparaThe commandsamba-tool/command is the main Samba Administration tool regarding - Acitive Directory services./para + Active Directory services./para /listitem /varlistentry diff --git a/docs-xml/manpages/smbclient.1.xml b/docs-xml/manpages/smbclient.1.xml index 328fd50..b222c56 100644 --- a/docs-xml/manpages/smbclient.1.xml +++ b/docs-xml/manpages/smbclient.1.xml @@ -564,7 +564,7 @@ sent to the server on directory listings and file opens. If the backup intent flag is true, the server will try and bypass
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via cf87f85 time: prefer CLOCK_BOOTTIME for clock_gettime_mono() via e3c2dd1 time: don't try to use the coarse clock from 2bdaf53 VERSION: change to 4.2.0pre1 http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit cf87f8587415df2119995e82ccf51bb64e44115b Author: Björn Jacke b...@sernet.de Date: Wed Jul 3 18:57:57 2013 +0200 time: prefer CLOCK_BOOTTIME for clock_gettime_mono() this clock moves on while the machine was suspended. This is what we prefer actually. Signed-off-by: Björn Jacke b...@sernet.de Reviewed-by: Simo Sorce i...@samba.org Autobuild-User(master): Simo Sorce i...@samba.org Autobuild-Date(master): Fri Jul 5 16:47:34 CEST 2013 on sn-devel-104 commit e3c2dd13d4519d89fc78fd36a9ee4552f0f241ac Author: Björn Jacke b...@sernet.de Date: Wed Jul 3 18:51:14 2013 +0200 time: don't try to use the coarse clock as we prefer to use the suspend aware CLOCK_BOOTTIME as monotonic clock source we cannot deal with the mono coarse clock any more. Actually I never saw a real performance gain with it. Signed-off-by: Björn Jacke b...@sernet.de Reviewed-by: Simo Sorce i...@samba.org --- Summary of changes: lib/util/time.c | 25 ++--- 1 files changed, 14 insertions(+), 11 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/util/time.c b/lib/util/time.c index 56b2ec5..05251dd 100644 --- a/lib/util/time.c +++ b/lib/util/time.c @@ -62,26 +62,29 @@ a wrapper to preferably get the monotonic time **/ _PUBLIC_ void clock_gettime_mono(struct timespec *tp) { - if (clock_gettime(CUSTOM_CLOCK_MONOTONIC,tp) != 0) { - clock_gettime(CLOCK_REALTIME,tp); +/* prefer a suspend aware monotonic CLOCK_BOOTTIME: */ +#ifdef CLOCK_BOOTTIME + if (clock_gettime(CLOCK_BOOTTIME,tp) == 0) { + return; + } +#endif +/* then try the monotonic clock: */ +#if CUSTOM_CLOCK_MONOTONIC != CLOCK_REALTIME + if (clock_gettime(CUSTOM_CLOCK_MONOTONIC,tp) == 0) { + return; } +#endif + clock_gettime(CLOCK_REALTIME,tp); } /** a wrapper to preferably get the monotonic time in seconds -as this is only second resolution we can use the cached -(and much faster) COARSE clock variant **/ _PUBLIC_ time_t time_mono(time_t *t) { struct timespec tp; - int rc = -1; -#ifdef CLOCK_MONOTONIC_COARSE - rc = clock_gettime(CLOCK_MONOTONIC_COARSE,tp); -#endif - if (rc != 0) { - clock_gettime_mono(tp); - } + + clock_gettime_mono(tp); if (t != NULL) { *t = tp.tv_sec; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via c0cbf59 Remove remaining references to password level in the tree via 3f73002 docs: Do not encourage unix passwords, and remove reference to password level via 26279a9 auth: Remove password level from 3fba9ba dsdb: reset schema-{classes,attributes}_to_remove_size to 0 http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c0cbf5936f0385ab93315cc366a0aa16c0ebd237 Author: Andrew Bartlett abart...@samba.org Date: Mon Jun 3 10:38:29 2013 +1000 Remove remaining references to password level in the tree Reviewed-by: Simo Sorce i...@samba.org Autobuild-User(master): Simo Sorce i...@samba.org Autobuild-Date(master): Tue Jun 11 16:25:54 CEST 2013 on sn-devel-104 commit 3f73002f2d5f8a27820e09b024f561fda1560184 Author: Andrew Bartlett abart...@samba.org Date: Mon Jun 3 10:27:41 2013 +1000 docs: Do not encourage unix passwords, and remove reference to password level Reviewed-by: Simo Sorce i...@samba.org commit 26279a969879bfbd943dfda03c511ed7e14057ba Author: Andrew Bartlett abart...@samba.org Date: Mon Jun 3 10:02:39 2013 +1000 auth: Remove password level We now only lowercase the password, we do not attempt to find another case combination that the password might be in. This option is already depricated, so it is now time to remove it. Andrew Bartlett Reviewed-by: Simo Sorce i...@samba.org --- Summary of changes: docs-xml/Samba3-Developers-Guide/unix-smb.xml | 13 ++-- docs-xml/Samba3-HOWTO/TOSHARG-Diagnosis.xml|2 +- docs-xml/Samba3-HOWTO/TOSHARG-ServerType.xml |7 +-- docs-xml/smbdotconf/security/passwordlevel.xml | 48 -- docs-xml/using_samba/appc.xml | 14 docs-xml/using_samba/ch06.xml | 14 examples/dce-dfs/smb.conf |1 - examples/scripts/shares/python/smbparm.py |1 - examples/tridge/smb.conf |1 - examples/tridge/smb.conf.fjall |1 - lib/param/loadparm.c |1 - lib/param/param_functions.c|1 - lib/param/param_table.c|9 --- packaging/LSB/smb.conf |1 - python/samba/upgrade.py|1 - source3/auth/pass_check.c | 79 source3/param/loadparm.c |1 - 17 files changed, 8 insertions(+), 187 deletions(-) delete mode 100644 docs-xml/smbdotconf/security/passwordlevel.xml Changeset truncated at 500 lines: diff --git a/docs-xml/Samba3-Developers-Guide/unix-smb.xml b/docs-xml/Samba3-Developers-Guide/unix-smb.xml index ae6bdcd..6964b7f 100644 --- a/docs-xml/Samba3-Developers-Guide/unix-smb.xml +++ b/docs-xml/Samba3-Developers-Guide/unix-smb.xml @@ -112,7 +112,7 @@ shares. titlePasswords/title para -Many SMB clients uppercase passwords before sending them. I have no +When plaintext passwords are used, very old SMB clients uppercase passwords before sending them. I have no idea why they do this. Interestingly WfWg uppercases the password only if the server is running a protocol greater than COREPLUS, so obviously it isn't just the data entry routines that are to blame. @@ -123,12 +123,11 @@ Unix passwords are case sensitive. So if users use mixed case passwords they are in trouble. /para -para -Samba can try to cope with this by either using the password level -option which causes Samba to try the offered password with up to the -specified number of case changes, or by using the password server -option which allows Samba to do its validation via another machine -(typically a WinNT server). +paraSamba will try an additional all lower cased password +authentication if it receives an all uppercase password. Samba used to +support an option called password level that would try to crack +password by trying all case permutations, but that option has been +removed. /para para diff --git a/docs-xml/Samba3-HOWTO/TOSHARG-Diagnosis.xml b/docs-xml/Samba3-HOWTO/TOSHARG-Diagnosis.xml index 5ea2db2..657cc97 100644 --- a/docs-xml/Samba3-HOWTO/TOSHARG-Diagnosis.xml +++ b/docs-xml/Samba3-HOWTO/TOSHARG-Diagnosis.xml @@ -446,7 +446,7 @@ If it says quoteerrornamebad password,/errorname/quote then the likely c listitem para You have explicitly disabled encrypted passwords with - smbconfoption name=encrypt passwordsno/smbconfoption have a mixed-case password and you haven't enabled the smbconfoption name=password level/ option at a high enough level. + smbconfoption name=encrypt passwordsno/smbconfoption have a mixed-case password. /para /listitem diff --git a/docs-xml/Samba3-HOWTO/TOSHARG-ServerType.xml
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 05235d5 tdb: Fix a typo from 10b96e3 Fix the maxfids test so that it does not fork lots of processes and so that it works for all cases of maxfids. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 05235d5b444558f6d06ef12ea7d74850800425cf Author: Volker Lendecke v...@samba.org Date: Sat Feb 16 13:26:36 2013 +0100 tdb: Fix a typo Signed-off-by: Volker Lendecke v...@samba.org Autobuild-User(master): Simo Sorce i...@samba.org Autobuild-Date(master): Sat Feb 16 17:13:32 CET 2013 on sn-devel-104 --- Summary of changes: lib/tdb/common/open.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/tdb/common/open.c b/lib/tdb/common/open.c index 08b9450..05d7cae 100644 --- a/lib/tdb/common/open.c +++ b/lib/tdb/common/open.c @@ -215,7 +215,7 @@ _PUBLIC_ struct tdb_context *tdb_open_ex(const char *name, int hash_size, int td goto fail; } - /* now make a copy of the name, as the caller memory might went away */ + /* now make a copy of the name, as the caller memory might go away */ if (!(tdb-name = (char *)strdup(name))) { /* * set the name as the given string, so that tdb_name() will -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 36ea39e talloc: Convert error cecking macros into fns from 7d7e33c Add tests for talloc_memlimit http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 36ea39edf8dd9ede756debaf9632f3ded2a51abb Author: Simo Sorce i...@samba.org Date: Fri Oct 5 10:32:32 2012 -0400 talloc: Convert error cecking macros into fns This will avoid 'surprise returns' and makes the code cleare to readers. These macros were complex enough to warrant a full function anyway not just for readability but also for debuggability. Thanks David for pointing out this issue. Autobuild-User(master): Simo Sorce i...@samba.org Autobuild-Date(master): Fri Oct 5 23:24:17 CEST 2012 on sn-devel-104 --- Summary of changes: lib/talloc/talloc.c | 111 ++- 1 files changed, 74 insertions(+), 37 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/talloc/talloc.c b/lib/talloc/talloc.c index afc44b3..3e33fc0 100644 --- a/lib/talloc/talloc.c +++ b/lib/talloc/talloc.c @@ -222,37 +222,6 @@ static struct { TC_UNDEFINE_GROW_VALGRIND_CHUNK(_tc, _new_size); \ } while (0) -#define TALLOC_MEMLIMIT_CHECK(limit, size) do { \ - struct talloc_memlimit *l; \ - for (l = limit; l != NULL; l = l-upper) { \ - if (l-max_size != 0 \ - ((l-max_size = l-cur_size) || \ -(l-max_size - l-cur_size TC_HDR_SIZE+size))) { \ - errno = ENOMEM; \ - return NULL; \ - } \ - } \ -} while(0) - -#define TALLOC_MEMLIMIT_UPDATE(limit, o_size, n_size) do { \ - struct talloc_memlimit *l; \ - ssize_t d; \ - if (o_size == 0) { \ - d = n_size + TC_HDR_SIZE; \ - } else { \ - d = n_size - o_size; \ - } \ - for (l = limit; l != NULL; l = l-upper) { \ - ssize_t new_size = l-cur_size + d; \ - if (new_size 0) { \ - talloc_abort(cur_size memlimit counter not correct!); \ - errno = EINVAL; \ - return NULL; \ - } \ - l-cur_size = new_size; \ - } \ -} while(0) - struct talloc_reference_handle { struct talloc_reference_handle *next, *prev; void *ptr; @@ -266,6 +235,10 @@ struct talloc_memlimit { size_t cur_size; }; +static bool talloc_memlimit_check(struct talloc_memlimit *limit, size_t size); +static bool talloc_memlimit_update(struct talloc_memlimit *limit, + size_t old_size, size_t new_size); + typedef int (*talloc_destructor_t)(void *); struct talloc_chunk { @@ -608,7 +581,10 @@ static inline void *__talloc(const void *context, size_t size) limit = ptc-limit; } - TALLOC_MEMLIMIT_CHECK(limit, (TC_HDR_SIZE+size)); + if (!talloc_memlimit_check(limit, (TC_HDR_SIZE+size))) { + errno = ENOMEM; + return NULL; + } tc = talloc_alloc_pool(ptc, TC_HDR_SIZE+size); } @@ -996,7 +972,11 @@ static void *_talloc_steal_internal(const void *new_ctx, const void *ptr) ctx_size = _talloc_total_limit_size(ptr, NULL, NULL); - TALLOC_MEMLIMIT_UPDATE(tc-limit-upper, ctx_size, 0); + if (!talloc_memlimit_update(tc-limit-upper, ctx_size, 0)) { + talloc_abort(cur_size memlimit counter not correct!); + errno = EINVAL; + return NULL; + } if (tc-limit-parent == tc) { tc-limit-upper = NULL; @@ -1531,7 +1511,10 @@ _PUBLIC_ void *_talloc_realloc(const void *context, void *ptr, size_t size, cons } if (tc-limit (size - tc-size 0)) { - TALLOC_MEMLIMIT_CHECK(tc-limit, (size - tc-size)); + if (!talloc_memlimit_check(tc-limit, (size - tc-size))) { + errno = ENOMEM; + return NULL; + } } /* handle realloc inside a talloc_pool */ @@ -1649,7 +1632,14 @@ _PUBLIC_ void *_talloc_realloc(const void *context, void *ptr, size_t size, cons if (new_chunk_size == old_chunk_size) { TC_UNDEFINE_GROW_CHUNK(tc, size); tc-flags = ~TALLOC_FLAG_FREE; - TALLOC_MEMLIMIT_UPDATE(tc-limit, tc-size, size); + if (!talloc_memlimit_update(tc-limit, + tc-size, size)) { + talloc_abort(cur_size memlimit counter
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 7d7e33c Add tests for talloc_memlimit via a33a78c Add memory limiting capability to talloc from 7859490 Ensure the masks don't conflict with the ACL checks. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 7d7e33c624875a9694fcebdde942147ac3bf5f74 Author: Simo Sorce i...@samba.org Date: Sat Sep 22 16:35:21 2012 -0400 Add tests for talloc_memlimit Autobuild-User(master): Simo Sorce i...@samba.org Autobuild-Date(master): Fri Oct 5 07:36:38 CEST 2012 on sn-devel-104 commit a33a78c302fde61fdb7a6e71669f19be2cf5c836 Author: Simo Sorce i...@samba.org Date: Sat Sep 22 16:15:47 2012 -0400 Add memory limiting capability to talloc By calling talloc_set_memlimit() we can now set a max memory limit for a whole talloc hierarchy. ANy attempt to allocate memory beyond the max allowed for the whole hierarchy wil cause an allocation failure. Stealing memory correctly accounts for used memory in the old and the new hierarchy but exceeding the memory limit in the new parent will not cause a failure. --- Summary of changes: ...oc-util-2.0.6.sigs = pytalloc-util-2.0.8.sigs} |0 .../ABI/{talloc-2.0.3.sigs = talloc-2.0.8.sigs} |1 + lib/talloc/talloc.c| 277 +--- lib/talloc/talloc.h| 19 ++ lib/talloc/testsuite.c | 172 lib/talloc/wscript |2 +- 6 files changed, 431 insertions(+), 40 deletions(-) copy lib/talloc/ABI/{pytalloc-util-2.0.6.sigs = pytalloc-util-2.0.8.sigs} (100%) copy lib/talloc/ABI/{talloc-2.0.3.sigs = talloc-2.0.8.sigs} (98%) Changeset truncated at 500 lines: diff --git a/lib/talloc/ABI/pytalloc-util-2.0.6.sigs b/lib/talloc/ABI/pytalloc-util-2.0.8.sigs similarity index 100% copy from lib/talloc/ABI/pytalloc-util-2.0.6.sigs copy to lib/talloc/ABI/pytalloc-util-2.0.8.sigs diff --git a/lib/talloc/ABI/talloc-2.0.3.sigs b/lib/talloc/ABI/talloc-2.0.8.sigs similarity index 98% copy from lib/talloc/ABI/talloc-2.0.3.sigs copy to lib/talloc/ABI/talloc-2.0.8.sigs index 6e236d5..15a9e95 100644 --- a/lib/talloc/ABI/talloc-2.0.3.sigs +++ b/lib/talloc/ABI/talloc-2.0.8.sigs @@ -43,6 +43,7 @@ talloc_report_full: void (const void *, FILE *) talloc_set_abort_fn: void (void (*)(const char *)) talloc_set_log_fn: void (void (*)(const char *)) talloc_set_log_stderr: void (void) +talloc_set_memlimit: int (const void *, size_t) talloc_set_name: const char *(const void *, const char *, ...) talloc_set_name_const: void (const void *, const char *) talloc_show_parents: void (const void *, FILE *) diff --git a/lib/talloc/talloc.c b/lib/talloc/talloc.c index 18ee548..afc44b3 100644 --- a/lib/talloc/talloc.c +++ b/lib/talloc/talloc.c @@ -71,6 +71,7 @@ #define TALLOC_FLAG_LOOP 0x02 #define TALLOC_FLAG_POOL 0x04 /* This is a talloc pool */ #define TALLOC_FLAG_POOLMEM 0x08 /* This is allocated in a pool */ + #define TALLOC_MAGIC_REFERENCE ((const char *)1) /* by default we abort when given a bad pointer (such as when talloc_free() is called @@ -221,12 +222,50 @@ static struct { TC_UNDEFINE_GROW_VALGRIND_CHUNK(_tc, _new_size); \ } while (0) +#define TALLOC_MEMLIMIT_CHECK(limit, size) do { \ + struct talloc_memlimit *l; \ + for (l = limit; l != NULL; l = l-upper) { \ + if (l-max_size != 0 \ + ((l-max_size = l-cur_size) || \ +(l-max_size - l-cur_size TC_HDR_SIZE+size))) { \ + errno = ENOMEM; \ + return NULL; \ + } \ + } \ +} while(0) + +#define TALLOC_MEMLIMIT_UPDATE(limit, o_size, n_size) do { \ + struct talloc_memlimit *l; \ + ssize_t d; \ + if (o_size == 0) { \ + d = n_size + TC_HDR_SIZE; \ + } else { \ + d = n_size - o_size; \ + } \ + for (l = limit; l != NULL; l = l-upper) { \ + ssize_t new_size = l-cur_size + d; \ + if (new_size 0) { \ + talloc_abort(cur_size memlimit counter not correct!); \ + errno = EINVAL; \ + return NULL; \ + } \ + l-cur_size = new_size; \ + } \ +} while(0) + struct talloc_reference_handle { struct talloc_reference_handle *next, *prev; void *ptr; const char *location; }; +struct talloc_memlimit { + struct talloc_chunk *parent; + struct talloc_memlimit *upper; + size_t max_size; + size_t cur_size; +}; + typedef int (*talloc_destructor_t)(void *); struct talloc_chunk { @@ -239,6 +278,15 @@ struct talloc_chunk { unsigned flags
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via a6be8a9 Support UPN_DNS_INFO in the PAC from 322e3d4 Fix bug #9209 - Parse of invalid SMB2 create blob can cause smbd crash. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit a6be8a97f705247c1b1cbb0595887d8924740a71 Author: Simo Sorce i...@samba.org Date: Thu Sep 27 14:12:06 2012 -0400 Support UPN_DNS_INFO in the PAC Previously marked as UNKNOWN_12 the UPN_DNS_INFO is defined in MS-PAC Autobuild-User(master): Simo Sorce i...@samba.org Autobuild-Date(master): Fri Sep 28 01:13:44 CEST 2012 on sn-devel-104 --- Summary of changes: librpc/idl/krb5pac.idl | 16 +--- 1 files changed, 9 insertions(+), 7 deletions(-) Changeset truncated at 500 lines: diff --git a/librpc/idl/krb5pac.idl b/librpc/idl/krb5pac.idl index 8a6540c..0fce16b 100644 --- a/librpc/idl/krb5pac.idl +++ b/librpc/idl/krb5pac.idl @@ -37,18 +37,20 @@ interface krb5pac [size_is(num_transited_services)] lsa_String *transited_services; } PAC_CONSTRAINED_DELEGATION; + typedef [public,bitmap32bit] bitmap { + UDI_ACCT_HAS_NO_UPN = 0x0001 /* 1= User account has no UPN */ + } upn_dns_info_flags; + typedef struct { [value(2*strlen_m(upn_name))] uint16 upn_size; uint16 upn_offset; [value(2*strlen_m(domain_name))] uint16 domain_size; uint16 domain_offset; - uint16 unknown3; /* 0x01 */ - uint16 unknown4; - uint32 unknown5; + upn_dns_info_flags flags; + uint32 padding; [charset(UTF16)] uint8 upn_name[upn_size+2]; [charset(UTF16)] uint8 domain_name[domain_size+2]; - uint32 unknown6; /* padding */ - } PAC_UNKNOWN_12; + } PAC_UPN_DNS_INFO; typedef [public] struct { PAC_LOGON_INFO *info; @@ -64,7 +66,7 @@ interface krb5pac PAC_TYPE_KDC_CHECKSUM = 7, PAC_TYPE_LOGON_NAME = 10, PAC_TYPE_CONSTRAINED_DELEGATION = 11, - PAC_TYPE_UNKNOWN_12 = 12 + PAC_TYPE_UPN_DNS_INFO = 12 } PAC_TYPE; typedef struct { @@ -78,12 +80,12 @@ interface krb5pac [case(PAC_TYPE_LOGON_NAME)] PAC_LOGON_NAME logon_name; [case(PAC_TYPE_CONSTRAINED_DELEGATION)][subcontext(0xFC01)] PAC_CONSTRAINED_DELEGATION_CTR constrained_delegation; + [case(PAC_TYPE_UPN_DNS_INFO)] PAC_UPN_DNS_INFO upn_dns_info; /* when new PAC info types are added they are supposed to be done in such a way that they are backwards compatible with existing servers. This makes it safe to just use a [default] for unknown types, which lets us ignore the data */ [default] [subcontext(0)] DATA_BLOB_REM unknown; - /* [case(PAC_TYPE_UNKNOWN_12)] PAC_UNKNOWN_12 unknown; */ } PAC_INFO; typedef [public,nopush,nopull,noprint] struct { -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via e8e5afd krb5samba: Add smb_krb5_make_pac_checksum. via 7f9e4d7 s4-auth: Use smb_krb5_make_pac_checksum. via 3ef95a0 krb5samba: Add krb5_free_checksum_contents wrapper from 470cfb3 lib/util: Map 0x7fffLL as 0x7fffLL in time conversion http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit e8e5afd4d4038043f1125c5e2afc41e9e87ebfde Author: Andreas Schneider a...@samba.org Date: Thu May 3 17:10:27 2012 +0200 krb5samba: Add smb_krb5_make_pac_checksum. Signed-off-by: Simo Sorce i...@samba.org Autobuild-User: Simo Sorce i...@samba.org Autobuild-Date: Tue May 8 08:30:52 CEST 2012 on sn-devel-104 commit 7f9e4d70b9a2db7400791fbfef284dd63e79f078 Author: Andreas Schneider a...@samba.org Date: Thu May 3 17:10:53 2012 +0200 s4-auth: Use smb_krb5_make_pac_checksum. Signed-off-by: Simo Sorce i...@samba.org commit 3ef95a0b59fa2a9ec5d01398d702bd107f290422 Author: Simo Sorce i...@samba.org Date: Fri May 4 11:02:48 2012 -0400 krb5samba: Add krb5_free_checksum_contents wrapper --- Summary of changes: lib/krb5_wrap/krb5_samba.c | 83 +++ lib/krb5_wrap/krb5_samba.h | 14 + source3/configure.in|2 + source4/auth/kerberos/kerberos_pac.c| 78 + source4/heimdal_build/wscript_configure |2 + wscript_configure_krb5 |3 +- 6 files changed, 127 insertions(+), 55 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/krb5_wrap/krb5_samba.c b/lib/krb5_wrap/krb5_samba.c index ddebdd8..16c6901 100644 --- a/lib/krb5_wrap/krb5_samba.c +++ b/lib/krb5_wrap/krb5_samba.c @@ -2175,6 +2175,89 @@ krb5_error_code smb_krb5_cc_get_lifetime(krb5_context context, } #endif /* HAVE_KRB5_CC_GET_LIFETIME */ +#if !defined(HAVE_KRB5_FREE_CHECKSUM_CONTENTS) defined(HAVE_FREE_CHECKSUM) +void smb_krb5_free_checksum_contents(krb5_context ctx, krb5_checksum *cksum) +{ + free_Checksum(cksum); +} +#endif + +krb5_error_code smb_krb5_make_pac_checksum(TALLOC_CTX *mem_ctx, + DATA_BLOB *pac_data, + krb5_context context, + const krb5_keyblock *keyblock, + uint32_t *sig_type, + DATA_BLOB *sig_blob) +{ + krb5_error_code ret; + krb5_checksum cksum; +#if defined(HAVE_KRB5_CRYPTO_INIT) defined(HAVE_KRB5_CREATE_CHECKSUM) + krb5_crypto crypto; + + + ret = krb5_crypto_init(context, + keyblock, + 0, + crypto); + if (ret) { + DEBUG(0,(krb5_crypto_init() failed: %s\n, + smb_get_krb5_error_message(context, ret, mem_ctx))); + return ret; + } + ret = krb5_create_checksum(context, + crypto, + KRB5_KU_OTHER_CKSUM, + 0, + pac_data-data, + pac_data-length, + cksum); + if (ret) { + DEBUG(2, (PAC Verification failed: %s\n, + smb_get_krb5_error_message(context, ret, mem_ctx))); + } + + krb5_crypto_destroy(context, crypto); + + if (ret) { + return ret; + } + + *sig_type = cksum.cksumtype; + *sig_blob = data_blob_talloc(mem_ctx, + cksum.checksum.data, + cksum.checksum.length); +#elif defined(HAVE_KRB5_C_MAKE_CHECKSUM) + krb5_data input; + + input.data = (char *)pac_data-data; + input.length = pac_data-length; + + ret = krb5_c_make_checksum(context, + 0, + keyblock, + KRB5_KEYUSAGE_APP_DATA_CKSUM, + input, + cksum); + if (ret) { + DEBUG(2, (PAC Verification failed: %s\n, + smb_get_krb5_error_message(context, ret, mem_ctx))); + return ret; + } + + *sig_type = cksum.checksum_type; + *sig_blob = data_blob_talloc(mem_ctx, + cksum.contents, + cksum.length); + +#else +#error krb5_create_checksum or krb5_c_make_checksum not available +#endif /* HAVE_KRB5_C_MAKE_CHECKSUM */ + smb_krb5_free_checksum_contents(context, cksum); + + return 0
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via d0e7770 waf: Fix com_err detection with MIT krb5. via 822e679 s4:auth/kerberos: don't do tracing in MIT build via 21d383d s4:torture: auth/pac.c: use Kerberos wrapper for krb5_keyblock_init via 4875a12 Avoid using Heimdal-specific tests in MIT build via 5668845 s4:ntvfs: add missing headers to vfs_ipc via 27549b4 Fix direct access to krb5_principal structure via eb9e3e8 auth-session: MIT doesn't have import/export cred yet via 5832c61c s4-auth: Use smb_krb5_cc_get_lifetime() wrapper. via 4d77466 krb5samba: Add a smb_krb5_cc_get_lifetime() function. via 6bec64b s4-auth-krb: Make srv_keytab.c build against MIT Kerberos via 38c7d8e krb5samba: Add compat function for krb5_kt_compare via 548046f Fix incompatible assignment warning via b776bc5 krb5samba: Add compat krb5_make_principal for MIT build via 205b032 Fix compiler warning via cf7d15e s4-auth-krb: Use compat code to initialize keyblock contents via 93de8e4 krb5samba: Add compat code to initialize keyblock contents via 62f3be7 s4-auth-krb: Disable code in MIT build via c2f6632 Move keytab_copy to krb5samba lib via 94b9af6 Fix keytab_copy to compile with MIT librariues too via 07953e1 keytab_copy: Fix style, whitespaces via 57dc8aa kerberos_pac: Fix code to work with MIT too via a2de8a1 s4-auth-krb: smb_rd_req_return_stuff is used only in gensec_krb5 via 3109a3d Split normal kinit from s4u2 flavored kinit via 29d284c Move kerberos_kinit_password_cc to krb5samba lib via 38a5a2c Move kerberos_kinit_keyblock_cc to krb5samba lib via aa1a0d8 krb-init: define out heimdal specific stuff in mitkrb build via 9a585a3 s4-auth-krb: avoid useless condition via afa6c31 krb5samba: Remove unnecessary include file via b7b0903 Fix krb5_samba.c build from eb6e22b s4:torture: add a check for talloc success in test_session_reauth http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit d0e7770017a1322ad78b13f0840c54514ee1d9bd Author: Andreas Schneider a...@samba.org Date: Thu May 3 11:28:50 2012 +0200 waf: Fix com_err detection with MIT krb5. Signed-off-by: Simo Sorce i...@samba.org Autobuild-User: Simo Sorce i...@samba.org Autobuild-Date: Fri May 4 18:43:05 CEST 2012 on sn-devel-104 commit 822e6794f09ff2440972453adbac38d3efd1c54e Author: Alexander Bokovoy a...@samba.org Date: Thu May 3 12:33:42 2012 +0300 s4:auth/kerberos: don't do tracing in MIT build Signed-off-by: Simo Sorce i...@samba.org commit 21d383d04f21755418c755139824cfe7234ff474 Author: Alexander Bokovoy a...@samba.org Date: Wed May 2 21:40:13 2012 +0300 s4:torture: auth/pac.c: use Kerberos wrapper for krb5_keyblock_init Signed-off-by: Simo Sorce i...@samba.org commit 4875a12ab840c413b6804050ca2ecd78db98 Author: Alexander Bokovoy a...@samba.org Date: Wed May 2 21:16:01 2012 +0300 Avoid using Heimdal-specific tests in MIT build commit 566884553ccb9c99cc3b05bc6fc84bf5efa9fae2 Author: Alexander Bokovoy a...@samba.org Date: Wed May 2 20:59:00 2012 +0300 s4:ntvfs: add missing headers to vfs_ipc vfs_ipc.c had system/kerberos.h and system/filesys.h missing Signed-off-by: Simo Sorce i...@samba.org commit 27549b4e31b47fab23af0bce6bf888e4148f88e9 Author: Simo Sorce i...@samba.org Date: Wed May 2 13:22:08 2012 -0400 Fix direct access to krb5_principal structure commit eb9e3e8a54aa7d6b805d280fd5586f9d1a2a094a Author: Simo Sorce i...@samba.org Date: Wed May 2 12:24:34 2012 -0400 auth-session: MIT doesn't have import/export cred yet For now let's just loose this functionality with the MIT build. gss_import/export_cred should be availa ble when MIT 1.11 is released and this code is used only in some proxy scenario. Not normally needed for common configurations. commit 5832c61c5f9905f91ae6a010f5c90c674cdace91 Author: Andreas Schneider a...@samba.org Date: Fri Apr 27 20:29:47 2012 +0200 s4-auth: Use smb_krb5_cc_get_lifetime() wrapper. Signed-off-by: Simo Sorce i...@samba.org commit 4d77466dafdb4def6681534e47c06aa07ccf6e17 Author: Andreas Schneider a...@samba.org Date: Fri Apr 27 16:52:26 2012 +0200 krb5samba: Add a smb_krb5_cc_get_lifetime() function. Signed-off-by: Simo Sorce i...@samba.org commit 6bec64b12a90ba81996ca6d049b56f168ef70bc0 Author: Simo Sorce i...@samba.org Date: Thu Apr 26 18:11:09 2012 -0400 s4-auth-krb: Make srv_keytab.c build against MIT Kerberos commit 38c7d8e4fdf6facd37310aa848eb5b2459d4fbe7 Author: Simo Sorce i...@samba.org Date: Thu Apr 26 18:22:43 2012 -0400 krb5samba: Add compat function for krb5_kt_compare commit 548046ff4df23f08e1f652136e7322623885d7ab Author
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 1fbc185 replace: Fix use of mktemp via 701fc99 addns: clean up headers from 05456ac s3: Remove an unused variable http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 1fbc18572543ed3056057df6ec4990278726fbf4 Author: Simo Sorce i...@samba.org Date: Wed Apr 25 18:55:46 2012 -0400 replace: Fix use of mktemp mktemp always returns the template, so checking for NULL doesn't cactch any error. Errors are reported by turning the template into an empty string. Autobuild-User: Simo Sorce i...@samba.org Autobuild-Date: Thu Apr 26 16:14:24 CEST 2012 on sn-devel-104 commit 701fc995b75e392e896edc0c4314d758f7a5bee6 Author: Simo Sorce i...@samba.org Date: Wed Apr 25 09:47:47 2012 -0400 addns: clean up headers All this stuff is already included properly in the replace headers on top. --- Summary of changes: lib/addns/dns.h | 33 - lib/replace/replace.c |4 ++-- 2 files changed, 2 insertions(+), 35 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/addns/dns.h b/lib/addns/dns.h index 88ba9d1..2e80577 100644 --- a/lib/addns/dns.h +++ b/lib/addns/dns.h @@ -38,47 +38,14 @@ #endif #endif /* NO_CONFIG_H */ -#include stdio.h -#include stdlib.h #include fcntl.h #include time.h -#include string.h -#include errno.h #include netdb.h -#include sys/types.h -#include sys/socket.h -#include netinet/in.h -#include arpa/inet.h -#include stdarg.h #ifdef HAVE_UUID_UUID_H #include uuid/uuid.h #endif -#ifdef HAVE_KRB5_H -#include krb5.h -#endif - -#ifdef HAVE_INTTYPES_H -#include inttypes.h - -#ifndef int16 -#define int16 int16_t -#endif - -#ifndef uint16 -#define uint16 uint16_t -#endif - -#ifndef int32 -#define int32 int32_t -#endif - -#ifndef uint32 -#define uint32 uint32_t -#endif -#endif - #include talloc.h /*** diff --git a/lib/replace/replace.c b/lib/replace/replace.c index c076ba1..322bf49 100644 --- a/lib/replace/replace.c +++ b/lib/replace/replace.c @@ -412,8 +412,8 @@ int rep_mkstemp(char *template) { /* have a reasonable go at emulating it. Hope that the system mktemp() isn't completely hopeless */ - char *p = mktemp(template); - if (!p) + mktemp(template); + if (template[0] == 0) return -1; return open(p, O_CREAT|O_EXCL|O_RDWR, 0600); } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via adbace2 Fix pam_winbind build against newer iniparser library via 360c11e Avoid warning about KRB5_DEPRECATE with MIT libs via 87c95e4 Cracknames: use krb wrapper functions so it works with MIT via d43c2c0 krb5_samba: Add support for krb5_princ_size when using Heimdal via 08c733d Make krb5 wrapper library common so they can be used all over via f7070c9 For now just disable this Heindal specific stuff in the MIT build via 110dad8 Make krb5 context initialization not heimdal specific via 090f907 Make sure krb5_principal_get_num_comp is identified as present for Heimdal build via 5cae929 waf: rename SAMBA4_INTERNAL_HEIMDAL to SAMBA4_USES_HEIMDAL via 4291fdc waf: move krb5 checks to a separate waf file from 5b5b696 Fix bug #8882 - Broken processing of %U with vfs_full_audit when force user is set. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit adbace20a24b6ae4fbd6d17b7153833f4ac8c88d Author: Simo Sorce i...@samba.org Date: Mon Apr 23 17:23:35 2012 -0400 Fix pam_winbind build against newer iniparser library iniparser_getstr is deprecated and has been removed in newer libraries available in Fedora. Use iniparse_getstring instead. Autobuild-User: Simo Sorce i...@samba.org Autobuild-Date: Tue Apr 24 02:56:10 CEST 2012 on sn-devel-104 commit 360c11eaaafb0b74d2cc2e733eea922553407b16 Author: Simo Sorce i...@samba.org Date: Sun Apr 22 19:05:31 2012 -0400 Avoid warning about KRB5_DEPRECATE with MIT libs commit 87c95e49efbcbdbf76e66a240e769f6cb80a40b4 Author: Simo Sorce i...@samba.org Date: Sat Apr 21 16:55:35 2012 -0400 Cracknames: use krb wrapper functions so it works with MIT Also avoid a silly game with directly modifying the principal and then calling krb5_principal_unparse_flags to get out a string. If we already assume it is a 2 components name and know what outcome we are going to get, just go ahead and talloc_asprintf the linearized string. commit d43c2c094558fcb83aa18358bc724195a9c26001 Author: Simo Sorce i...@samba.org Date: Sun Apr 22 21:38:29 2012 -0400 krb5_samba: Add support for krb5_princ_size when using Heimdal commit 08c733d75fd83fd5e32ced9712d41dd595e0f182 Author: Simo Sorce i...@samba.org Date: Sat Apr 21 17:26:18 2012 -0400 Make krb5 wrapper library common so they can be used all over commit f7070c90b94954835478a09e89a85c03f0f85500 Author: Simo Sorce i...@samba.org Date: Sat Apr 21 16:35:48 2012 -0400 For now just disable this Heindal specific stuff in the MIT build commit 110dad8c9eb95e6729e589b52ef204d369803bdb Author: Simo Sorce i...@samba.org Date: Fri Apr 20 13:14:30 2012 -0400 Make krb5 context initialization not heimdal specific Turn the logging data to an opaque pointer. Ifdef code and use MIT logging function when built against system MIT. commit 090f9072da6974b506901547c0091e3e1b8a11cc Author: Alexander Bokovoy a...@samba.org Date: Mon Apr 23 15:01:07 2012 +0300 Make sure krb5_principal_get_num_comp is identified as present for Heimdal build Common wrappers for MIT / Heimdal use krb5_principal_get_num_comp() to replace krb5_princ_size but rely on krb5_principal_get_num_comp() identified by the build. As we know it exists in Heimdal, define it for waf build. Signed-off-by: Simo Sorce i...@samba.org commit 5cae9293d118da8765b301f9872e77993f44ad86 Author: Alexander Bokovoy a...@samba.org Date: Fri Apr 20 20:22:39 2012 +0300 waf: rename SAMBA4_INTERNAL_HEIMDAL to SAMBA4_USES_HEIMDAL SAMBA4_INTERNAL_HEIMDAL is defined unconditionally regardless where Heimdal comes from, system-wide or embedded version. This define is not used anywhere. We'll use it to distinguish between Heimdal and MIT Krb5 builds. Signed-off-by: Simo Sorce i...@samba.org commit 4291fdcf3910b37d7dc7ed3849847fb162b5569b Author: Alexander Bokovoy a...@samba.org Date: Fri Apr 20 12:53:11 2012 +0300 waf: move krb5 checks to a separate waf file With PROCESS_SEPARATE_RULE in wafsamba it is now possible to simplify configuration and checks for MIT/Heimdal Kerberos implementations. 1. Move MIT krb5 checks from source3/wscript to wscript_configure_krb5 2. Make sure they are called same way (--with-mit-krb5-checks) 3. If no configure checks identified MIT krb5 in system (or were disabled), make sure Heimdal build is selected, embedded (default) or system-provided. This makes logic of configuration unchanged for Heimdal builds but adds less hacky way to use MIT krb5 builds. The latter does not work yet as we need to untangle more subsystems from HDB/Heimdal-specific details but lays out a foundation for that. Signed-off-by: Simo Sorce i...@samba.org
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via e21029a waf: Fix mispelling via 70d44a9 Fix Error messages from b31f773 s3/ldap: remove outdated netscape ds 5 schema file http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit e21029a270a6e3b8bcc5ff33b74977cb0cd6cd17 Author: Simo Sorce i...@samba.org Date: Mon Apr 9 08:33:37 2012 -0400 waf: Fix mispelling Autobuild-User: Simo Sorce i...@samba.org Autobuild-Date: Thu Apr 19 17:36:41 CEST 2012 on sn-devel-104 commit 70d44a9a177621b173c8a24c7cb503f5632a8ff7 Author: Simo Sorce i...@samba.org Date: Thu Apr 19 09:35:08 2012 -0400 Fix Error messages --- Summary of changes: buildtools/wafsamba/samba_deps.py | 12 ++-- buildtools/wafsamba/samba_python.py|6 +++--- buildtools/wafsamba/wafsamba.py|2 +- source4/auth/kerberos/srv_keytab.c |6 ++ source4/scripting/python/wscript_build |2 +- 5 files changed, 13 insertions(+), 15 deletions(-) Changeset truncated at 500 lines: diff --git a/buildtools/wafsamba/samba_deps.py b/buildtools/wafsamba/samba_deps.py index 51b7da9..f073e41 100644 --- a/buildtools/wafsamba/samba_deps.py +++ b/buildtools/wafsamba/samba_deps.py @@ -214,7 +214,7 @@ def add_init_functions(self): if m is not None: modules.append(m) -sentinal = getattr(self, 'init_function_sentinal', 'NULL') +sentinel = getattr(self, 'init_function_sentinel', 'NULL') targets= LOCAL_CACHE(bld, 'TARGET_TYPE') cflags = getattr(self, 'samba_cflags', [])[:] @@ -222,8 +222,8 @@ def add_init_functions(self): if modules == []: sname = sname.replace('-','_') sname = sname.replace('/','_') -cflags.append('-DSTATIC_%s_MODULES=%s' % (sname, sentinal)) -if sentinal == 'NULL': +cflags.append('-DSTATIC_%s_MODULES=%s' % (sname, sentinel)) +if sentinel == 'NULL': cflags.append('-DSTATIC_%s_MODULES_PROTO' % sname) self.ccflags = cflags return @@ -236,11 +236,11 @@ def add_init_functions(self): if targets[d['TARGET']] != 'DISABLED': init_fn_list.append(d['INIT_FUNCTION']) if init_fn_list == []: -cflags.append('-DSTATIC_%s_MODULES=%s' % (m, sentinal)) -if sentinal == 'NULL': +cflags.append('-DSTATIC_%s_MODULES=%s' % (m, sentinel)) +if sentinel == 'NULL': cflags.append('-DSTATIC_%s_MODULES_PROTO' % m) else: -cflags.append('-DSTATIC_%s_MODULES=%s' % (m, ','.join(init_fn_list) + ',' + sentinal)) +cflags.append('-DSTATIC_%s_MODULES=%s' % (m, ','.join(init_fn_list) + ',' + sentinel)) proto='' for f in init_fn_list: proto = proto + '_MODULE_PROTO(%s)' % f diff --git a/buildtools/wafsamba/samba_python.py b/buildtools/wafsamba/samba_python.py index 503fa75..6bc32f0 100644 --- a/buildtools/wafsamba/samba_python.py +++ b/buildtools/wafsamba/samba_python.py @@ -21,7 +21,7 @@ def SAMBA_PYTHON(bld, name, realname=None, cflags='', includes='', - init_function_sentinal=None, + init_function_sentinel=None, local_include=True, vars=None, enabled=True): @@ -29,8 +29,8 @@ def SAMBA_PYTHON(bld, name, # when we support static python modules we'll need to gather # the list from all the SAMBA_PYTHON() targets -if init_function_sentinal is not None: -cflags += '-DSTATIC_LIBPYTHON_MODULES=%s' % init_function_sentinal +if init_function_sentinel is not None: +cflags += '-DSTATIC_LIBPYTHON_MODULES=%s' % init_function_sentinel source = bld.EXPAND_VARIABLES(source, vars=vars) diff --git a/buildtools/wafsamba/wafsamba.py b/buildtools/wafsamba/wafsamba.py index fd72cf3..317bca1 100644 --- a/buildtools/wafsamba/wafsamba.py +++ b/buildtools/wafsamba/wafsamba.py @@ -477,7 +477,7 @@ def SAMBA_SUBSYSTEM(bld, modname, source, cflags='', cflags_end=None, group='main', -init_function_sentinal=None, +init_function_sentinel=None, autoproto=None, autoproto_extra_source='', depends_on='', diff --git a/source4/auth/kerberos/srv_keytab.c b/source4/auth/kerberos/srv_keytab.c index ca2d385..b7a2079 100644 --- a/source4/auth/kerberos/srv_keytab.c +++ b/source4/auth/kerberos/srv_keytab.c @@ -54,8 +54,7 @@ static krb5_error_code principals_from_list(TALLOC_CTX *parent_ctx, } if (!realm) { - *error_string = Cannot have a kerberos secret in - secrets.ldb without a realm
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 4b29cf5 Move kdc_get_policy helper in the lsa server where it belongs. via 37e98ff Use loadparm helper to find lifetime defaults via 86910e1 loadparm: Add helper function to fetch default lifetime policies via 74510b0 loadparm: Add convenience function to return long integers via e0f425a loadparm: Fix broken lp_ulong utility function via 97f5b28 Move README file in the right place. from 00d5f32 Fix bug #8877 - Syslog broken owing to mistyping of debug_settings.syslog. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 4b29cf5f66c5e75f759a5c2a79ba26629f907778 Author: Simo Sorce i...@samba.org Date: Thu Apr 19 17:54:57 2012 -0400 Move kdc_get_policy helper in the lsa server where it belongs. This was used in only 2 places, db-glue.c and the lsa server. In db-glue.c it is awkward though, as it forces to use an unconvenient lsa structure and conversions from time_t to nt_time only to have nt_times converted back to time_t for actual use. This is silly. Also the kdc-policy file was a single funciton library, that's just ridiculous. The loadparm helper is all we need to keep the values consistent, and if we ever end up doing something with group policies we will care about it when it's the time. the code would have to change quite a lot anyway. Autobuild-User: Simo Sorce i...@samba.org Autobuild-Date: Fri Apr 20 01:53:37 CEST 2012 on sn-devel-104 commit 37e98ff252edc5e76d2c74a8459247ffcb5fd101 Author: Simo Sorce i...@samba.org Date: Thu Apr 19 11:17:25 2012 -0400 Use loadparm helper to find lifetime defaults Implictly fixes buggy use of int for time_t commit 86910e15feaa490cf70f592c6e9af44f3db7e6f0 Author: Simo Sorce i...@samba.org Date: Thu Apr 19 11:16:03 2012 -0400 loadparm: Add helper function to fetch default lifetime policies This use long to fetch time_t quantities, because there are architectures were time_t is a signed long but long != int, So long is the proper way to deal with it. commit 74510b059e6852d1491a4cb6eaa9cc7c2ed61fbf Author: Simo Sorce i...@samba.org Date: Thu Apr 19 11:00:45 2012 -0400 loadparm: Add convenience function to return long integers commit e0f425ab2d49779d0abbc0756326f548ff1ee19b Author: Simo Sorce i...@samba.org Date: Thu Apr 19 10:58:39 2012 -0400 loadparm: Fix broken lp_ulong utility function commit 97f5b287fbe36e8e0026c3a76f90a7662111e9aa Author: Simo Sorce i...@samba.org Date: Thu Apr 19 10:34:54 2012 -0400 Move README file in the right place. Someone forgot to move the README when they moved the code ... --- Summary of changes: {source4 = lib}/param/README |0 lib/param/loadparm.c| 29 +++- lib/param/param.h |5 +++ lib/param/util.c| 19 ++ source4/kdc/db-glue.c | 17 +++- source4/kdc/kdc-policy.h| 25 -- source4/kdc/policy.c| 48 --- source4/kdc/samba_kdc.h |8 +- source4/kdc/wscript_build | 10 +-- source4/rpc_server/lsa/dcesrv_lsa.c | 26 ++- source4/rpc_server/wscript_build|2 +- 11 files changed, 95 insertions(+), 94 deletions(-) rename {source4 = lib}/param/README (100%) delete mode 100644 source4/kdc/kdc-policy.h delete mode 100644 source4/kdc/policy.c mode change 100644 = 100755 source4/kdc/wscript_build Changeset truncated at 500 lines: diff --git a/source4/param/README b/lib/param/README similarity index 100% rename from source4/param/README rename to lib/param/README diff --git a/lib/param/loadparm.c b/lib/param/loadparm.c index 46bae44..d68d585 100644 --- a/lib/param/loadparm.c +++ b/lib/param/loadparm.c @@ -1699,11 +1699,11 @@ static int lp_int(const char *s) /** * convenience routine to return unsigned long parameters. */ -static int lp_ulong(const char *s) +static unsigned long lp_ulong(const char *s) { if (!s) { - DEBUG(0,(lp_int(%s): is called with NULL!\n,s)); + DEBUG(0,(lp_ulong(%s): is called with NULL!\n,s)); return -1; } @@ -1713,6 +1713,20 @@ static int lp_ulong(const char *s) /** * convenience routine to return unsigned long parameters. */ +static long lp_long(const char *s) +{ + + if (!s) { + DEBUG(0,(lp_long(%s): is called with NULL!\n,s)); + return -1; + } + + return strtol(s, NULL, 0); +} + +/** + * convenience routine to return unsigned long parameters. + */ static double lp_double(const char *s) { @@ -1840,6 +1854,17 @@ unsigned long lpcfg_parm_ulong(struct
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via e49efe9 Fix typo from 0a4ab49 waf: Use Logs.info() instead of print. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit e49efe9e7e8ebd62fa79e35a1e2fff489c3bcc96 Author: Simo Sorce i...@samba.org Date: Fri Apr 6 15:22:06 2012 -0400 Fix typo Autobuild-User: Simo Sorce i...@samba.org Autobuild-Date: Tue Apr 17 22:22:26 CEST 2012 on sn-devel-104 --- Summary of changes: buildtools/wafsamba/samba_deps.py |4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/buildtools/wafsamba/samba_deps.py b/buildtools/wafsamba/samba_deps.py index ed2169b..51b7da9 100644 --- a/buildtools/wafsamba/samba_deps.py +++ b/buildtools/wafsamba/samba_deps.py @@ -298,7 +298,7 @@ def check_duplicate_sources(bld, tgt_list): return ret -def check_orpaned_targets(bld, tgt_list): +def check_orphaned_targets(bld, tgt_list): '''check if any build targets are orphaned''' target_dict = LOCAL_CACHE(bld, 'TARGET_TYPE') @@ -1145,7 +1145,7 @@ def check_project_rules(bld): debug('deps: project rules stage1 completed') -#check_orpaned_targets(bld, tgt_list) +#check_orphaned_targets(bld, tgt_list) if not check_duplicate_sources(bld, tgt_list): Logs.error(Duplicate sources present - aborting) -- Samba Shared Repository
[SCM] Samba Website Repository - branch master updated
The branch, master has been updated via 31eb555 Add note about patches that apply to alpha18 from 6698fef Fix typo. http://gitweb.samba.org/?p=samba-web.git;a=shortlog;h=master - Log - commit 31eb5557bb01549be26bd4c20aacce0c00f0b262 Author: Simo Sorce i...@samba.org Date: Wed Apr 11 09:46:27 2012 -0400 Add note about patches that apply to alpha18 --- Summary of changes: security/CVE-2012-1182.html |3 +++ 1 files changed, 3 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/security/CVE-2012-1182.html b/security/CVE-2012-1182.html index 4aa1ca4..2e3f9c2 100644 --- a/security/CVE-2012-1182.html +++ b/security/CVE-2012-1182.html @@ -71,6 +71,9 @@ Due to the seriousness of this vulnerability, patches have been released for all Samba versions currently out of support and maintenance from 3.0.37 onwards. +Patches for the 3.6 series also apply to Samba4 alpha18 and can be used to +make a pure security release on top of it. + == Workaround -- Samba Website Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via b5b2041 Rename obscure defined constants. from 95d3096 s3-selftest: Remove .posix_s3 from s3 test names http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit b5b204184aa6d0f14e7d3bd08322a98dc4f432e6 Author: Christopher R. Hertel (crh) c...@samba.org Date: Tue Feb 14 21:51:35 2012 -0600 Rename obscure defined constants. Replaced the undescriptive SMB_PORT1 and SMB_PORT2 defined constants with the slightly more descriptive names NBT_SMB_PORT and TCP_SMB_PORT. Also replaced several hard-coded references to the well-known port numbers (139 and 445, respectively) as appropriate. Small changes to clarify some comments regarding the two transport types. Signed-off-by: Simo Sorce i...@samba.org Autobuild-User: Simo Sorce i...@samba.org Autobuild-Date: Thu Feb 16 08:29:41 CET 2012 on sn-devel-104 --- Summary of changes: source3/auth/auth_ntlmssp.c |4 ++-- source3/client/client.c |9 + source3/include/smb.h|4 ++-- source3/lib/util_sock.c |5 +++-- source3/libsmb/libsmb_server.c |2 +- source3/libsmb/smbsock_connect.c | 14 +++--- source3/nmbd/nmbd_synclists.c|2 +- source3/smbd/reply.c |4 ++-- source3/torture/torture.c|2 +- source3/utils/smbfilter.c|4 ++-- source3/winbindd/winbindd_cm.c |2 +- 11 files changed, 27 insertions(+), 25 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/auth/auth_ntlmssp.c b/source3/auth/auth_ntlmssp.c index 00a99c3..b5935e6 100644 --- a/source3/auth/auth_ntlmssp.c +++ b/source3/auth/auth_ntlmssp.c @@ -143,8 +143,8 @@ static NTSTATUS auth_ntlmssp_check_password(struct ntlmssp_state *ntlmssp_state, NTSTATUS nt_status; bool username_was_mapped; - /* the client has given us its machine name (which we otherwise would not get on port 445). - we need to possibly reload smb.conf if smb.conf includes depend on the machine name */ + /* The client has given us its machine name (which we only get over NBT transport). + We need to possibly reload smb.conf if smb.conf includes depend on the machine name. */ set_remote_machine_name(gensec_ntlmssp-ntlmssp_state-client.netbios_name, True); diff --git a/source3/client/client.c b/source3/client/client.c index 89fd1d4..9d4ef15 100644 --- a/source3/client/client.c +++ b/source3/client/client.c @@ -5168,7 +5168,7 @@ static int do_host_query(const char *query_host) } } - if (port != 139) { + if (port != NBT_SMB_PORT) { /* Workgroups simply don't make sense over anything else but port 139... */ @@ -5177,7 +5177,8 @@ static int do_host_query(const char *query_host) status = cli_cm_open(talloc_tos(), NULL, have_ip ? dest_ss_str : query_host, IPC$, auth_info, true, smb_encrypt, -max_protocol, 139, name_type, cli); +max_protocol, NBT_SMB_PORT, name_type, +cli); if (!NT_STATUS_IS_OK(status)) { cli = NULL; } @@ -5242,7 +5243,7 @@ static int do_message_op(struct user_auth_info *a_info) NTSTATUS status; status = cli_connect_nb(desthost, have_ip ? dest_ss : NULL, - port ? port : 139, name_type, + port ? port : NBT_SMB_PORT, name_type, lp_netbios_name(), SMB_SIGNING_DEFAULT, 0, cli); if (!NT_STATUS_IS_OK(status)) { d_printf(Connection to %s failed. Error %s\n, desthost, nt_errstr(status)); @@ -5354,7 +5355,7 @@ static int do_message_op(struct user_auth_info *a_info) exit(ENOMEM); } if( !port ) - port = 139; + port = NBT_SMB_PORT; message = true; break; case 'I': diff --git a/source3/include/smb.h b/source3/include/smb.h index 22653cd..7dd77ec 100644 --- a/source3/include/smb.h +++ b/source3/include/smb.h @@ -44,8 +44,8 @@ #define NMB_PORT 137 #define DGRAM_PORT 138 -#define SMB_PORT1 445 -#define SMB_PORT2 139 +#define NBT_SMB_PORT 139 /* Port for SMB over NBT transport (IETF STD#19). */ +#define TCP_SMB_PORT 445 /* Port for SMB over naked TCP transport. */ #define SMB_PORTS 445 139 #define Undefined (-1) diff --git a/source3/lib/util_sock.c b/source3/lib/util_sock.c index 9ade23c..dcc41bb 100644
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 605d7d9 pdb-interface: Do not use unid_t here from 94799db s3-auth move the s3 auth context onto gensec_ntlmssp once we start http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 605d7d965a33d6a4be632dde9b15abb42801fdaf Author: Simo Sorce i...@samba.org Date: Tue Oct 18 10:44:52 2011 -0400 pdb-interface: Do not use unid_t here This interface needs to be publicly available, unid_t here is not really useful and makes it harder to use it as unid_t is not a public union. Autobuild-User: Simo Sorce i...@samba.org Autobuild-Date: Tue Oct 18 20:57:16 CEST 2011 on sn-devel-104 --- Summary of changes: source3/include/passdb.h|4 ++-- source3/passdb/lookup_sid.c | 14 -- source3/passdb/pdb_ads.c| 13 ++--- source3/passdb/pdb_interface.c | 36 source3/passdb/pdb_ldap.c | 15 --- source3/passdb/pdb_samba4.c | 13 ++--- source3/passdb/py_passdb.c |7 --- source3/winbindd/idmap_passdb.c |9 + 8 files changed, 59 insertions(+), 52 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/include/passdb.h b/source3/include/passdb.h index cd3880c..70b21c9 100644 --- a/source3/include/passdb.h +++ b/source3/include/passdb.h @@ -563,7 +563,7 @@ struct pdb_methods bool (*gid_to_sid)(struct pdb_methods *methods, gid_t gid, struct dom_sid *sid); bool (*sid_to_id)(struct pdb_methods *methods, const struct dom_sid *sid, - union unid_t *id, enum lsa_SidType *type); + uid_t *uid, gid_t *gid, enum lsa_SidType *type); uint32_t (*capabilities)(struct pdb_methods *methods); bool (*new_rid)(struct pdb_methods *methods, uint32_t *rid); @@ -868,7 +868,7 @@ bool pdb_set_account_policy(enum pdb_policy_type type, uint32_t value); bool pdb_get_seq_num(time_t *seq_num); bool pdb_uid_to_sid(uid_t uid, struct dom_sid *sid); bool pdb_gid_to_sid(gid_t gid, struct dom_sid *sid); -bool pdb_sid_to_id(const struct dom_sid *sid, union unid_t *id, +bool pdb_sid_to_id(const struct dom_sid *sid, uid_t *uid, gid_t *gid, enum lsa_SidType *type); uint32_t pdb_capabilities(void); bool pdb_new_rid(uint32_t *rid); diff --git a/source3/passdb/lookup_sid.c b/source3/passdb/lookup_sid.c index a02c941..cfc78ad 100644 --- a/source3/passdb/lookup_sid.c +++ b/source3/passdb/lookup_sid.c @@ -1193,11 +1193,12 @@ static bool legacy_sid_to_uid(const struct dom_sid *psid, uid_t *puid) enum lsa_SidType type; if (sid_check_is_in_our_domain(psid)) { - union unid_t id; + uid_t uid; + gid_t gid; bool ret; become_root(); - ret = pdb_sid_to_id(psid, id, type); + ret = pdb_sid_to_id(psid, uid, gid, type); unbecome_root(); if (ret) { @@ -1207,7 +1208,7 @@ static bool legacy_sid_to_uid(const struct dom_sid *psid, uid_t *puid) sid_type_lookup(type))); return false; } - *puid = id.uid; + *puid = uid; goto done; } @@ -1234,7 +1235,6 @@ done: static bool legacy_sid_to_gid(const struct dom_sid *psid, gid_t *pgid) { GROUP_MAP *map; - union unid_t id; enum lsa_SidType type; map = talloc_zero(NULL, GROUP_MAP); @@ -1260,10 +1260,12 @@ static bool legacy_sid_to_gid(const struct dom_sid *psid, gid_t *pgid) } if (sid_check_is_in_our_domain(psid)) { + uid_t uid; + gid_t gid; bool ret; become_root(); - ret = pdb_sid_to_id(psid, id, type); + ret = pdb_sid_to_id(psid, uid, gid, type); unbecome_root(); if (ret) { @@ -1274,7 +1276,7 @@ static bool legacy_sid_to_gid(const struct dom_sid *psid, gid_t *pgid) sid_type_lookup(type))); return false; } - *pgid = id.gid; + *pgid = gid; goto done; } diff --git a/source3/passdb/pdb_ads.c b/source3/passdb/pdb_ads.c index 5742534..8dc9585 100644 --- a/source3/passdb/pdb_ads.c +++ b/source3/passdb/pdb_ads.c @@ -2204,7 +2204,7 @@ static bool pdb_ads_gid_to_sid(struct pdb_methods *m, gid_t gid, } static bool pdb_ads_sid_to_id(struct pdb_methods *m, const struct dom_sid *sid, - union unid_t *id, enum
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 6bed577 pac: Fix wrong memory allocation check via c9eba24 ndr.pc: needs samba-util not samba-hostconfig from b787b6e libcli/cldap: don't pass tevent_context to cldap_socket_init() http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 6bed57788c2341a92e1c4431ea764bf037431254 Author: Simo Sorce i...@samba.org Date: Mon Oct 10 17:48:02 2011 -0400 pac: Fix wrong memory allocation check Autobuild-User: Simo Sorce i...@samba.org Autobuild-Date: Tue Oct 11 01:18:22 CEST 2011 on sn-devel-104 commit c9eba24886806bca795f294183b7543e4f9376ca Author: Simo Sorce i...@samba.org Date: Mon Oct 10 15:52:38 2011 -0400 ndr.pc: needs samba-util not samba-hostconfig --- Summary of changes: librpc/ndr.pc.in |2 +- source4/kdc/pac-glue.c |2 +- 2 files changed, 2 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/librpc/ndr.pc.in b/librpc/ndr.pc.in index f7a1651..1ee50cc 100644 --- a/librpc/ndr.pc.in +++ b/librpc/ndr.pc.in @@ -5,7 +5,7 @@ includedir=@includedir@ Name: ndr Description: Network Data Representation Core Library -Requires: samba-hostconfig talloc +Requires: samba-util talloc Version: 0.0.1 Libs: @LIB_RPATH@ -L${libdir} -lndr Cflags: -I${includedir} -DHAVE_IMMEDIATE_STRUCTURES=1 -D_GNU_SOURCE=1 diff --git a/source4/kdc/pac-glue.c b/source4/kdc/pac-glue.c index e92a511..5718452 100644 --- a/source4/kdc/pac-glue.c +++ b/source4/kdc/pac-glue.c @@ -51,7 +51,7 @@ NTSTATUS samba_get_logon_info_pac_blob(TALLOC_CTX *mem_ctx, } pac_info.logon_info.info = talloc_zero(mem_ctx, struct PAC_LOGON_INFO); - if (!mem_ctx) { + if (!pac_info.logon_info.info) { return NT_STATUS_NO_MEMORY; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via d713f9e s3-passdb: Only delete 1 entry from memcache. via 99bb3ee s3-passdb: Remove always the user from getpwsid cache. via 1152aa8 s3-passdb: Keep caches coherent via 61ada70 s3-id_cache: Use better names for id cache management ops via 177db0a s3-id_cache: Move id caches mgmt out of smbd via 0f4ee5d s3-lsasd: Listen on \PIPE\lsass. via 8efdac8 s3-lsasd: Add missing ncalrpc listeners. via b501f6f s3-rpc_server: Add create_dcerpc_ncalrpc_socket(). via 8a1572f s3-rpc_server: Increase epm monitor wait time. via 51d4b3c s3-prefork: Listening fds must be in non-blocking mode via a4188aa s3-spoolss: Remove useless check via 2c45954 s3-lsasd: Remove useless check via 7bb4b99 s3-prefork: Fix code to retire children via feadd84 s3-spoolssd: Listen on parent messages via cce8c72 s3-lsasd: Listen on parent messages via 91ba8ae s3-prefork: Add parent-client messaging via 98d2bf0 s3-lsasd: Send a message to the parent when we accept a connection via 7274649 s3-spoolssd: Send a message to the parent when we accept a connection via 5c1a8dc s3-messaging: Add preforked child-parent message types via 0f71639 s3-prefork: Improve error detection when handling new connections via 75f3da7 s3-prefork: Improve heuristics via 89dde6b s3-lsasd: User new prefork helpers to simplify code. via f07f5c5 s3-spoolssd: User new prefork helpers to simplify code. via 308e4e0 s3-prefork: add a few more utility functions via df6f320 s3-prefrok: Handle only valid children via e3736f8 s3-prefork: Fix worker flags handling. via ee0c69a s3-prefork: do not use a lock_fd, just race on accept() via 0723871 rpc_server: Add forward declaration for dcerpc_transport_t. via 5de61e6 s3-waf: Fix build with lsasd. via c538b01 s3-lsasd: Use prefrok utils to manage children via 884969e s3-spoolssd: Use prefrok utils to manage children via 3451f42 s3-prefork: Add common utilities for daemons via 0647a93 s3-spoolss: Introduce helper function to manage pool. via 2a0aac0 s3-prefork: Allow better management of allowed_clients via eb8a0c7 s3-winbind: We need to use internal rpc connections in winbind. via bfd9624 s3-spoolssd: Fix spoolss logging. via 5b3eb83 s3-lsasd: Import fixes from spoolssd via d5ba5de selftest: Enable testing of the lsa service daemon. via d1bc22e s3-rpc_server: Use rpc_epmapper_mode() in ep_register() via 32a53be s3-rpc_server: Use rpc_service_mode() in np_open() via ef24917 s3-rpc_server: Use rpc_service_mode() in rpc_pipe_open_interface() via f9c7b59 selftest: Fix daemon testing to use the new syntax. via 23e7e1c s3-rpc_server: Replace RPC_SERVICE_MODE_DAEMON checks via 11cbe24 s3-rpc_server: Move config helpers in one place. via 5a4e0dd s3-rpc_server: Add helper to define/retrieve daemons configuration via 9738ee4 s3-rpc_server: Reduce code duplication via 7b715f1 s3-smbd: Start lsasd as deamon. via 7abdf6e s3-rpc_server: Correctly register lsa, samr and netlogon. via 0364bf0 s3-lsasd: Create a lsa service daemon. via dea2161 s3-spoolssd: Check if we were able to create the prefork pool. via 5169dff s3-prefork: Fix cast warning. via e4b566d s3-rpc_server: Make dcerpc_ncacn_accept() public. via 312c519 s3-rpc_server: Check explicit for external and daemon server type. via ea3fa58 s3-rpc_server: Fix include order in srv_pipe_hnd.c. from 9fa8f27 talloc: Fix talloc-compat pc files/headers. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit d713f9e9f50dfe680f66798098ee5ede3ee80e06 Author: Andreas Schneider a...@samba.org Date: Sat Aug 20 16:19:43 2011 +0200 s3-passdb: Only delete 1 entry from memcache. If we delete or update one user we shouldn't flush the complete memcache. Signed-off-by: Simo Sorce i...@samba.org Autobuild-User: Simo Sorce i...@samba.org Autobuild-Date: Sun Aug 21 16:39:10 CEST 2011 on sn-devel-104 commit 99bb3eed1dac5d2e81fd213beda414bd65076eea Author: Andreas Schneider a...@samba.org Date: Sat Aug 20 14:48:38 2011 +0200 s3-passdb: Remove always the user from getpwsid cache. We should do it always, not only in the pdb_default_delete_user() function. Signed-off-by: Simo Sorce i...@samba.org commit 1152aa8e0354ed2446397725b75e905bef3c4afb Author: Andreas Schneider a...@samba.org Date: Fri Aug 19 17:36:53 2011 +0200 s3-passdb: Keep caches coherent When deleting a user send a message to all interested parties so they can purge their caches. Otherwise some processes may
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 0825a52 Revert s3-messaging: IDMAP_ messages belongs to the Winbind range from 0db0e93 s3-passdb pdb_samba4 handles PDB_PWHISTORY already http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 0825a52a369883ec422efbebfce5eaac78bf94a5 Author: Simo Sorce i...@samba.org Date: Fri Aug 19 08:07:30 2011 -0400 Revert s3-messaging: IDMAP_ messages belongs to the Winbind range This reverts commit 102f39ae3e7df26faf81595c8e0120b2e2a45bbd. These messages are handled by smbd not winbind, and could potentially be of general interest. Autobuild-User: Simo Sorce i...@samba.org Autobuild-Date: Fri Aug 19 16:16:05 CEST 2011 on sn-devel-104 --- Summary of changes: source3/librpc/idl/messaging.idl |8 1 files changed, 4 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/librpc/idl/messaging.idl b/source3/librpc/idl/messaging.idl index 41df791..aca90c4 100644 --- a/source3/librpc/idl/messaging.idl +++ b/source3/librpc/idl/messaging.idl @@ -35,6 +35,10 @@ interface messaging MSG_REQ_DMALLOC_LOG_CHANGED = 0x000C, MSG_SHUTDOWN= 0x000D, + MSG_IDMAP_FLUSH = 0x000E, + MSG_IDMAP_DELETE= 0x000F, + MSG_IDMAP_KILL = 0x0010, + /* Changes to smb.conf are really of general interest */ MSG_SMB_CONF_UPDATED= 0x0021, @@ -90,10 +94,6 @@ interface messaging MSG_WINBIND_DUMP_DOMAIN_LIST= 0x0409, MSG_WINBIND_IP_DROPPED = 0x040A, - MSG_IDMAP_FLUSH = 0x040E, - MSG_IDMAP_DELETE= 0x040F, - MSG_IDMAP_KILL = 0x0410, - /* event messages */ MSG_DUMP_EVENT_LIST = 0x0500, -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 102f39a s3-messaging: IDMAP_ messages belongs to the Winbind range from 6c8ee02 s3: Use ZERO_STRUCT where appropriate http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 102f39ae3e7df26faf81595c8e0120b2e2a45bbd Author: Simo Sorce i...@samba.org Date: Tue Aug 16 10:46:17 2011 -0400 s3-messaging: IDMAP_ messages belongs to the Winbind range Autobuild-User: Simo Sorce i...@samba.org Autobuild-Date: Tue Aug 16 22:27:05 CEST 2011 on sn-devel-104 --- Summary of changes: source3/librpc/idl/messaging.idl |8 1 files changed, 4 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/librpc/idl/messaging.idl b/source3/librpc/idl/messaging.idl index aca90c4..41df791 100644 --- a/source3/librpc/idl/messaging.idl +++ b/source3/librpc/idl/messaging.idl @@ -35,10 +35,6 @@ interface messaging MSG_REQ_DMALLOC_LOG_CHANGED = 0x000C, MSG_SHUTDOWN= 0x000D, - MSG_IDMAP_FLUSH = 0x000E, - MSG_IDMAP_DELETE= 0x000F, - MSG_IDMAP_KILL = 0x0010, - /* Changes to smb.conf are really of general interest */ MSG_SMB_CONF_UPDATED= 0x0021, @@ -94,6 +90,10 @@ interface messaging MSG_WINBIND_DUMP_DOMAIN_LIST= 0x0409, MSG_WINBIND_IP_DROPPED = 0x040A, + MSG_IDMAP_FLUSH = 0x040E, + MSG_IDMAP_DELETE= 0x040F, + MSG_IDMAP_KILL = 0x0410, + /* event messages */ MSG_DUMP_EVENT_LIST = 0x0500, -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 2e5fc83 s3-prefork: Do not use mmap/mremap/munmap directly via 039ddef util: add function to extend anonymous shared memory via a171938 replace: Check if we have mremap() available from 88ecf1a Use public pytalloc header file. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 2e5fc8335022df44a015817d4628a48e9195e311 Author: Simo Sorce i...@samba.org Date: Sun Aug 14 18:11:18 2011 -0400 s3-prefork: Do not use mmap/mremap/munmap directly Use the wrappers in util.h as they deal with trying to do the best they can on platfroms that do not support mmap extensions. Autobuild-User: Simo Sorce i...@samba.org Autobuild-Date: Mon Aug 15 04:13:51 CEST 2011 on sn-devel-104 commit 039ddef20900322760093a04881007dbb0897b50 Author: Simo Sorce i...@samba.org Date: Sun Aug 14 18:10:53 2011 -0400 util: add function to extend anonymous shared memory commit a171938408adde0d787b9ff40a4cebeee66d747a Author: Simo Sorce i...@samba.org Date: Sun Aug 14 18:05:27 2011 -0400 replace: Check if we have mremap() available --- Summary of changes: lib/replace/libreplace.m4|7 lib/replace/test/shared_mremap.c | 48 lib/util/util.c | 64 ++ lib/util/util.h |1 + source3/lib/server_prefork.c | 20 ++- 5 files changed, 131 insertions(+), 9 deletions(-) create mode 100644 lib/replace/test/shared_mremap.c Changeset truncated at 500 lines: diff --git a/lib/replace/libreplace.m4 b/lib/replace/libreplace.m4 index 808d5d1..d644e50 100644 --- a/lib/replace/libreplace.m4 +++ b/lib/replace/libreplace.m4 @@ -98,6 +98,13 @@ if test x$libreplace_cv_HAVE_MMAP = xyes; then AC_DEFINE(HAVE_MMAP,1,[Whether mmap works]) fi +AC_CACHE_CHECK([for working mremap],libreplace_cv_HAVE_MREMAP,[ +AC_TRY_RUN([#include $libreplacedir/test/shared_mremap.c], + libreplace_cv_HAVE_MREMAP=yes,libreplace_cv_HAVE_MREMAP=no,libreplace_cv_HAVE_MREMAP=cross)]) +if test x$libreplace_cv_HAVE_MREMAP = xyes; then +AC_DEFINE(HAVE_MREMAP,1,[Whether mremap works]) +fi + AC_CHECK_HEADERS(sys/syslog.h syslog.h) AC_CHECK_HEADERS(sys/time.h time.h) diff --git a/lib/replace/test/shared_mremap.c b/lib/replace/test/shared_mremap.c new file mode 100644 index 000..05032ad --- /dev/null +++ b/lib/replace/test/shared_mremap.c @@ -0,0 +1,48 @@ +/* this tests whether we can use mremap */ + +#if defined(HAVE_UNISTD_H) +#include unistd.h +#endif +#include sys/mman.h +#include sys/types.h +#include sys/stat.h +#include fcntl.h + +#define DATA conftest.mmap + +#ifndef MAP_FILE +#define MAP_FILE 0 +#endif + +#ifndef MAP_FAILED +#define MAP_FAILED (int *)-1 +#endif + +main() +{ + int *buf; + int fd; + int err = 1; + + fd = open(DATA, O_RDWR|O_CREAT|O_TRUNC, 0666); + if (fd == -1) { + exit(1); + } + + buf = (int *)mmap(NULL, 0x1000, PROT_READ | PROT_WRITE, + MAP_FILE | MAP_SHARED, fd, 0); + if (buf == MAP_FAILED) { + goto done; + } + + buf = mremap(buf, 0x1000, 0x2000, MREMAP_MAYMOVE); + if (buf == MAP_FAILED) { + goto done; + } + + err = 0; +done: + close(fd); + unlink(DATA); + exit(err); +} diff --git a/lib/util/util.c b/lib/util/util.c index 2d1d830..b700f37 100644 --- a/lib/util/util.c +++ b/lib/util/util.c @@ -1073,6 +1073,70 @@ void *anonymous_shared_allocate(size_t orig_bufsz) return ptr; } +void *anonymous_shared_resize(void *ptr, size_t new_size, bool maymove) +{ +#ifdef HAVE_MREMAP + void *buf; + size_t pagesz = getpagesize(); + size_t pagecnt; + size_t bufsz; + struct anonymous_shared_header *hdr; + int flags = 0; + + if (ptr == NULL) { + errno = EINVAL; + return NULL; + } + + hdr = (struct anonymous_shared_header *)ptr; + hdr--; + if (hdr-u.length (new_size + sizeof(*hdr))) { + errno = EINVAL; + return NULL; + } + + bufsz = new_size + sizeof(*hdr); + + /* round up to full pages */ + pagecnt = bufsz / pagesz; + if (bufsz % pagesz) { + pagecnt += 1; + } + bufsz = pagesz * pagecnt; + + if (new_size = bufsz) { + /* integer wrap */ + errno = ENOSPC; + return NULL; + } + + if (bufsz = hdr-u.length) { + return ptr; + } + + if (maymove) { + flags = MREMAP_MAYMOVE; + } + + buf = mremap(hdr, hdr-u.length, bufsz, flags); + + if (buf == MAP_FAILED) { + errno = ENOSPC
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via c84caab s4:misc: remove last usage of legacy event_ fn names via 15efcba s4:lib: use tevent_ fns names instead of legcay event_ ones via edc3266 s4:smbd: use tevent_ fn names instead of leagcy event_ ones via b1feb9d s4:ntvfs: use tevent_ fn names instead of legacy event_ ones via 4a8fdc3 s4:librpc: use tevent_ fn names instead of legacy event_ ones via ab81505 s4:libcli: use tevent_ fn names instead of legacy event_ ones via f364dae s4:dsdb: use tevent_ fn names instaed of legacy event_ ones via 47b6457 s4:messaging: use tevent_ function names instead of legacy event_ ones via b120c5f torture: use tevent_ functions names instead of the legacy event_ ones from 813bdf4 ldb: Remove use after free in error case http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c84caabf8c5061af75d9e046813c1e2e8eff3722 Author: Simo Sorce sso...@redhat.com Date: Tue May 25 15:29:14 2010 -0400 s4:misc: remove last usage of legacy event_ fn names Autobuild-User: Simo Sorce i...@samba.org Autobuild-Date: Sun Aug 14 00:38:13 CEST 2011 on sn-devel-104 commit 15efcbaa09472b306a875178ee535a06d1b01811 Author: Simo Sorce sso...@redhat.com Date: Tue May 25 15:28:35 2010 -0400 s4:lib: use tevent_ fns names instead of legcay event_ ones commit edc32665d0f5cfd5d86f975c8ac8e8ff100956f7 Author: Simo Sorce sso...@redhat.com Date: Tue May 25 15:28:10 2010 -0400 s4:smbd: use tevent_ fn names instead of leagcy event_ ones commit b1feb9d4324dfca7190ec3816d43392b65a94671 Author: Simo Sorce sso...@redhat.com Date: Tue May 25 15:27:41 2010 -0400 s4:ntvfs: use tevent_ fn names instead of legacy event_ ones commit 4a8fdc3958b7bc42bd90d4307f6fb0556944b300 Author: Simo Sorce sso...@redhat.com Date: Tue May 25 15:27:11 2010 -0400 s4:librpc: use tevent_ fn names instead of legacy event_ ones commit ab81505e080e72c2217cb3946b04eee872397763 Author: Simo Sorce sso...@redhat.com Date: Tue May 25 15:26:42 2010 -0400 s4:libcli: use tevent_ fn names instead of legacy event_ ones commit f364daed2203170bc772c8ff9bb28f78da615669 Author: Simo Sorce sso...@redhat.com Date: Tue May 25 15:26:00 2010 -0400 s4:dsdb: use tevent_ fn names instaed of legacy event_ ones commit 47b64573c0d41d418d441ffc40325b822bfadb26 Author: Simo Sorce sso...@redhat.com Date: Tue May 25 15:25:26 2010 -0400 s4:messaging: use tevent_ function names instead of legacy event_ ones commit b120c5f28876fd9efe032a6dbecebfaaff7dfd14 Author: Simo Sorce sso...@redhat.com Date: Tue May 25 15:23:55 2010 -0400 torture: use tevent_ functions names instead of the legacy event_ ones --- Summary of changes: source3/torture/torture.c |6 +++--- source4/auth/gensec/socket.c|6 +++--- source4/dsdb/kcc/kcc_periodic.c |2 +- source4/dsdb/repl/drepl_notify.c|2 +- source4/dsdb/repl/drepl_periodic.c |2 +- source4/lib/com/main.c |2 +- source4/lib/messaging/messaging.c | 16 source4/lib/messaging/tests/irpc.c |6 +++--- source4/lib/messaging/tests/messaging.c |4 ++-- source4/lib/socket/connect.c|4 ++-- source4/lib/socket/connect_multi.c |2 +- source4/lib/stream/packet.c | 16 source4/lib/tls/tls.c | 20 ++-- source4/libcli/composite/composite.c|8 source4/libcli/dgram/dgramsocket.c | 12 ++-- source4/libcli/dgram/mailslot.c |2 +- source4/libcli/raw/clitransport.c | 14 +++--- source4/libcli/raw/rawrequest.c |2 +- source4/libcli/resolve/dns_ex.c |2 +- source4/libcli/smb2/request.c |2 +- source4/libcli/smb2/transport.c | 14 +++--- source4/librpc/rpc/dcerpc.c |8 source4/librpc/rpc/dcerpc_connect.c |2 +- source4/librpc/rpc/dcerpc_sock.c|8 source4/nbt_server/register.c |2 +- source4/nbt_server/wins/winsclient.c|4 ++-- source4/ntvfs/posix/pvfs_notify.c |2 +- source4/ntvfs/posix/pvfs_search.c |2 +- source4/ntvfs/posix/pvfs_wait.c |2 +- source4/ntvfs/posix/pvfs_write.c|4 ++-- source4/rpc_server/echo/rpc_echo.c |2 +- source4/smbd/process_onefork.c |2 +- source4/smbd/process_prefork.c |6 +++--- source4/smbd/process_standard.c |4 ++-- source4/smbd/process_thread.c |4 ++-- source4/torture/basic/base.c|2 +- source4/torture/basic/misc.c|2 +- source4/torture/nbt/dgram.c | 20
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via ce93b4f tevent: fix documentation for tevent_context_init_byname() via 158b208 tevent: Set FD_CLOEXEC on epoll handle from d52343a s3-messaging: Do not register to classes we are not going to use. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit ce93b4f4645b15e204590633a8047c2bfec13154 Author: Sumit Bose sb...@redhat.com Date: Thu Aug 11 12:39:57 2011 +0200 tevent: fix documentation for tevent_context_init_byname() Signed-off-by: Simo Sorce i...@samba.org Autobuild-User: Simo Sorce i...@samba.org Autobuild-Date: Thu Aug 11 21:56:37 CEST 2011 on sn-devel-104 commit 158b208dfd75c04698f9f9196161322b16a020a2 Author: Sumit Bose sb...@redhat.com Date: Thu Aug 11 12:30:48 2011 +0200 tevent: Set FD_CLOEXEC on epoll handle If an application using libtevent starts a new process the epoll file descriptor is leaked to the new process if the event context is not freed explicitly. By setting FD_CLOEXEC this is not needed anymore. Signed-off-by: Simo Sorce i...@samba.org --- Summary of changes: lib/tevent/tevent.h |4 ++-- lib/tevent/tevent_epoll.c| 19 +-- lib/tevent/tevent_standard.c | 17 + lib/tevent/tevent_util.c | 17 + lib/tevent/tevent_util.h |1 + 5 files changed, 54 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/tevent/tevent.h b/lib/tevent/tevent.h index 6e3ed76..c38f7c3 100644 --- a/lib/tevent/tevent.h +++ b/lib/tevent/tevent.h @@ -111,7 +111,7 @@ typedef void (*tevent_signal_handler_t)(struct tevent_context *ev, struct tevent_context *tevent_context_init(TALLOC_CTX *mem_ctx); /** - * @brief Create a event_context structure and name it. + * @brief Create a event_context structure and select a specific backend. * * This must be the first events call, and all subsequent calls pass this * event_context as the first element. Event handlers also receive this as @@ -119,7 +119,7 @@ struct tevent_context *tevent_context_init(TALLOC_CTX *mem_ctx); * * @param[in] mem_ctx The memory context to use. * - * @param[in] name The name for the tevent context. + * @param[in] name The name of the backend to use. * * @return An allocated tevent context, NULL on error. */ diff --git a/lib/tevent/tevent_epoll.c b/lib/tevent/tevent_epoll.c index 3ab8283..33e1d3f 100644 --- a/lib/tevent/tevent_epoll.c +++ b/lib/tevent/tevent_epoll.c @@ -78,11 +78,20 @@ static int epoll_ctx_destructor(struct epoll_event_context *epoll_ev) static int epoll_init_ctx(struct epoll_event_context *epoll_ev) { epoll_ev-epoll_fd = epoll_create(64); - epoll_ev-pid = getpid(); - talloc_set_destructor(epoll_ev, epoll_ctx_destructor); if (epoll_ev-epoll_fd == -1) { + tevent_debug(epoll_ev-ev, TEVENT_DEBUG_FATAL, +Failed to create epoll handle.\n); return -1; } + + if (!ev_set_close_on_exec(epoll_ev-epoll_fd)) { + tevent_debug(epoll_ev-ev, TEVENT_DEBUG_WARNING, +Failed to set close-on-exec, file descriptor may be leaked to children.\n); + } + + epoll_ev-pid = getpid(); + talloc_set_destructor(epoll_ev, epoll_ctx_destructor); + return 0; } @@ -108,6 +117,12 @@ static void epoll_check_reopen(struct epoll_event_context *epoll_ev) Failed to recreate epoll handle after fork\n); return; } + + if (!ev_set_close_on_exec(epoll_ev-epoll_fd)) { + tevent_debug(epoll_ev-ev, TEVENT_DEBUG_WARNING, +Failed to set close-on-exec, file descriptor may be leaked to children.\n); + } + epoll_ev-pid = getpid(); for (fde=epoll_ev-ev-fd_events;fde;fde=fde-next) { epoll_add_event(epoll_ev, fde); diff --git a/lib/tevent/tevent_standard.c b/lib/tevent/tevent_standard.c index 35f7ded..e2ca44f 100644 --- a/lib/tevent/tevent_standard.c +++ b/lib/tevent/tevent_standard.c @@ -100,6 +100,17 @@ static int epoll_ctx_destructor(struct std_event_context *std_ev) static void epoll_init_ctx(struct std_event_context *std_ev) { std_ev-epoll_fd = epoll_create(64); + if (std_ev-epoll_fd == -1) { + tevent_debug(std_ev-ev, TEVENT_DEBUG_FATAL, +Failed to create epoll handle.\n); + return; + } + + if (!ev_set_close_on_exec(std_ev-epoll_fd)) { + tevent_debug(std_ev-ev, TEVENT_DEBUG_WARNING, +Failed to set close-on-exec, file descriptor may be leaked to children.\n); + } + std_ev-pid = getpid
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via e84c7a2 s3-rpc_server: Use talloc for pipe_rpc_fns via 48a7166 s3-rpc_server: remove useless code via 262af47 s3-rpc_server: remove unnecessary talloc_free via 0a72744 s3-rpc_server: Remove dead code from a97fef3 s3-spoolss: Use existing handle in printer_driver_files_in_use(). http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit e84c7a2e26d206f38bcb94d4d1b6c854cdd4094c Author: Simo Sorce i...@samba.org Date: Wed Jul 27 16:40:21 2011 -0400 s3-rpc_server: Use talloc for pipe_rpc_fns Everything uses talloc in the rpc server nowadays, remove this ancient use of malloc. This also allows us to remove the free fucntion and let talloc handle it properly. Autobuild-User: Simo Sorce i...@samba.org Autobuild-Date: Thu Jul 28 17:41:08 CEST 2011 on sn-devel-104 commit 48a71664f21f50616749b467e6f082b6c20036a1 Author: Simo Sorce i...@samba.org Date: Wed Jul 27 16:30:42 2011 -0400 s3-rpc_server: remove useless code We do not reuse pies_struct so there is no reason to SERO_STRUCT() it when we are freeing it as we are done using it anyways. commit 262af4713e192ba80327c1e6607ba8f92d3cc7ea Author: Simo Sorce i...@samba.org Date: Wed Jul 27 16:27:17 2011 -0400 s3-rpc_server: remove unnecessary talloc_free The auth_ctx is a child of pipes_struct, and this function is a used only as a destructor on pipes_struct. So it is not really necessary to free this struct in the destructor as it will be freed soon enough anyway. commit 0a72744dd247298fe6aff160d77ae50dc97b8c4f Author: Simo Sorce i...@samba.org Date: Wed Jul 27 15:51:17 2011 -0400 s3-rpc_server: Remove dead code srv_str and cli_str are not used anymore. --- Summary of changes: source3/rpc_server/rpc_handles.c | 20 source3/rpc_server/rpc_ncacn_np.c |7 --- source3/rpc_server/rpc_server.c | 16 source3/rpc_server/srv_pipe.c |6 +++--- 4 files changed, 7 insertions(+), 42 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/rpc_server/rpc_handles.c b/source3/rpc_server/rpc_handles.c index f9251ee..87145ca 100644 --- a/source3/rpc_server/rpc_handles.c +++ b/source3/rpc_server/rpc_handles.c @@ -107,20 +107,6 @@ bool check_open_pipes(void) Close an rpc pipe. / -static void free_pipe_rpc_context_internal(struct pipe_rpc_fns *list) -{ - struct pipe_rpc_fns *tmp = list; - struct pipe_rpc_fns *tmp2; - - while (tmp) { - tmp2 = tmp-next; - SAFE_FREE(tmp); - tmp = tmp2; - } - - return; -} - int close_internal_rpc_pipe_hnd(struct pipes_struct *p) { if (!p) { @@ -128,17 +114,11 @@ int close_internal_rpc_pipe_hnd(struct pipes_struct *p) return False; } - TALLOC_FREE(p-auth.auth_ctx); - /* Free the handles database. */ close_policy_by_pipe(p); - free_pipe_rpc_context_internal( p-contexts ); - DLIST_REMOVE(InternalPipes, p); - ZERO_STRUCTP(p); - return 0; } diff --git a/source3/rpc_server/rpc_ncacn_np.c b/source3/rpc_server/rpc_ncacn_np.c index 2ed4a01..1080a98 100644 --- a/source3/rpc_server/rpc_ncacn_np.c +++ b/source3/rpc_server/rpc_ncacn_np.c @@ -80,10 +80,11 @@ struct pipes_struct *make_internal_rpc_pipe_p(TALLOC_CTX *mem_ctx, return NULL; } - context_fns = SMB_MALLOC_P(struct pipe_rpc_fns); + context_fns = talloc(p, struct pipe_rpc_fns); if (context_fns == NULL) { - DEBUG(0,(malloc() failed!\n)); - return False; + DEBUG(0,(talloc() failed!\n)); + TALLOC_FREE(p); + return NULL; } context_fns-next = context_fns-prev = NULL; diff --git a/source3/rpc_server/rpc_server.c b/source3/rpc_server/rpc_server.c index 269b701..2e109a5 100644 --- a/source3/rpc_server/rpc_server.c +++ b/source3/rpc_server/rpc_server.c @@ -934,8 +934,6 @@ static void dcerpc_ncacn_accept(struct tevent_context *ev_ctx, dcerpc_ncacn_disconnect_fn fn) { struct dcerpc_ncacn_conn *ncacn_conn; struct tevent_req *subreq; - const char *cli_str; - const char *srv_str = NULL; bool system_user = false; char *pipe_name; NTSTATUS status; @@ -1046,20 +1044,6 @@ static void dcerpc_ncacn_accept(struct tevent_context *ev_ctx, return; } - if (tsocket_address_is_inet(ncacn_conn-client, ip)) { - cli_str = ncacn_conn-client_name; - } else { - cli_str = ; - } - - if (ncacn_conn-server
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via b19b05c s3-rpc_server: Do not set msg_ctx twice from 2b1fc7c s3:winbindd_cm: remove unused checks for address family http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit b19b05cd0aa0e3f82c134f8d9d5d486dad60dd5a Author: Simo Sorce i...@samba.org Date: Thu Jul 21 17:10:06 2011 -0400 s3-rpc_server: Do not set msg_ctx twice msg_ctx was already passed to make_base_pipes_struct, no need to set it again. Autobuild-User: Simo Sorce i...@samba.org Autobuild-Date: Fri Jul 22 00:47:28 CEST 2011 on sn-devel-104 --- Summary of changes: source3/rpc_server/rpc_server.c |1 - 1 files changed, 0 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/rpc_server/rpc_server.c b/source3/rpc_server/rpc_server.c index 2a0f675..269b701 100644 --- a/source3/rpc_server/rpc_server.c +++ b/source3/rpc_server/rpc_server.c @@ -74,7 +74,6 @@ static int make_server_pipes_struct(TALLOC_CTX *mem_ctx, *perrno = ret; return -1; } - p-msg_ctx = msg_ctx; if (session_info-unix_token session_info-unix_info session_info-security_token) { /* Don't call create_local_token(), we already have the full details here */ -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via d566146 s3-passdb: Implement new pdb trust calls for the default backend from 97af358 s4:libcli/raw/raw*.c - add unhandled enum values http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit d5661467e17cc233fe8605e8138991b4a459e78f Author: Sumit Bose sb...@redhat.com Date: Tue May 31 15:32:29 2011 +0200 s3-passdb: Implement new pdb trust calls for the default backend Signed-off-by: Simo Sorce i...@samba.org Autobuild-User: Simo Sorce i...@samba.org Autobuild-Date: Sun Jun 12 06:45:25 CEST 2011 on sn-devel-104 --- Summary of changes: source3/Makefile.in| 15 -- source3/passdb/pdb_interface.c | 104 +++- source3/torture/pdbtest.c | 83 3 files changed, 194 insertions(+), 8 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/Makefile.in b/source3/Makefile.in index a06c8c7..3ef7541 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -1037,6 +1037,7 @@ PDBEDIT_OBJ = utils/pdbedit.o $(PASSWD_UTIL_OBJ) $(PARAM_OBJ) $(PASSDB_OBJ) \ $(LIBSAMBA_OBJ) $(LIBTSOCKET_OBJ) \ $(LIB_NONSMBD_OBJ) $(GROUPDB_OBJ) \ $(LIBCLI_LDAP_NDR_OBJ) \ + $(DRSUAPI_OBJ) $(LIBNDR_GEN_OBJ0) \ $(POPT_LIB_OBJ) $(SMBLDAP_OBJ) ../lib/util/asn1.o SMBGET_OBJ = utils/smbget.o $(POPT_LIB_OBJ) $(LIBSMBCLIENT_OBJ1) @@ -1320,6 +1321,7 @@ PAM_SMBPASS_OBJ_0 = pam_smbpass/pam_smb_auth.o pam_smbpass/pam_smb_passwd.o \ pam_smbpass/pam_smb_acct.o pam_smbpass/support.o ../lib/util/asn1.o PAM_SMBPASS_OBJ = $(PAM_SMBPASS_OBJ_0) $(PARAM_OBJ) $(LIB_NONSMBD_OBJ) $(PASSDB_OBJ) $(GROUPDB_OBJ) \ $(SMBLDAP_OBJ) $(LIBSAMBA_OBJ) \ + $(DRSUAPI_OBJ) $(LIBNDR_GEN_OBJ0) \ $(LIBTSOCKET_OBJ) $(PAM_ERRORS_OBJ) IDMAP_RW_OBJ = winbindd/idmap_rw.o @@ -1502,6 +1504,7 @@ NTLM_AUTH_OBJ = ${NTLM_AUTH_OBJ1} $(LIBSAMBA_OBJ) $(POPT_LIB_OBJ) \ $(SMBLDAP_OBJ) $(LIBNMB_OBJ) \ $(WBCOMMON_OBJ) \ $(LIBCLI_LDAP_NDR_OBJ) \ + $(DRSUAPI_OBJ) \ $(LIBNDR_GEN_OBJ0) $(LIBNDR_NETLOGON_OBJ) @BUILD_INIPARSER@ @@ -1871,11 +1874,11 @@ bin/smbpasswd@EXEEXT@: $(BINARY_PREREQS) $(SMBPASSWD_OBJ) @BUILD_POPT@ $(LIBTALL $(DYNEXP) $(LIBS) $(POPT_LIBS) $(KRB5LIBS) $(LDAP_LIBS) \ $(LIBTALLOC_LIBS) $(LIBTDB_LIBS) $(LIBWBCLIENT_LIBS) $(ZLIB_LIBS) -bin/pdbedit@EXEEXT@: $(BINARY_PREREQS) $(PDBEDIT_OBJ) @BUILD_POPT@ $(LIBTALLOC) $(LIBTDB) $(LIBWBCLIENT) +bin/pdbedit@EXEEXT@: $(BINARY_PREREQS) $(PDBEDIT_OBJ) @BUILD_POPT@ $(LIBTALLOC) $(LIBTDB) $(LIBWBCLIENT) $(ZLIB_LIBS) @echo Linking $@ @$(CC) -o $@ $(PDBEDIT_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) \ $(POPT_LIBS) $(PASSDB_LIBS) $(LDAP_LIBS) $(LIBTALLOC_LIBS) \ - $(LIBTDB_LIBS) $(LIBWBCLIENT_LIBS) + $(LIBTDB_LIBS) $(LIBWBCLIENT_LIBS) $(ZLIB_LIBS) bin/smbget@EXEEXT@: $(BINARY_PREREQS) $(SMBGET_OBJ) @BUILD_POPT@ $(LIBTALLOC) $(LIBTDB) $(LIBWBCLIENT) @echo Linking $@ @@ -3115,17 +3118,17 @@ bin/wbinfo@EXEEXT@: $(BINARY_PREREQS) $(WBINFO_OBJ) @BUILD_POPT@ $(LIBTALLOC) $( $(LIBWBCLIENT_LIBS) bin/ntlm_auth@EXEEXT@: $(BINARY_PREREQS) $(NTLM_AUTH_OBJ) $(PARAM_OBJ) \ - $(LIB_NONSMBD_OBJ) @BUILD_POPT@ $(LIBTALLOC) $(LIBTDB) $(LIBWBCLIENT) + $(LIB_NONSMBD_OBJ) @BUILD_POPT@ $(LIBTALLOC) $(LIBTDB) $(LIBWBCLIENT) $(ZLIB_LIBS) @echo Linking $@ @$(CC) -o $@ $(LDFLAGS) $(DYNEXP) $(NTLM_AUTH_OBJ) \ - $(PARAM_OBJ) $(LIB_NONSMBD_OBJ) $(LIBS) \ + $(PARAM_OBJ) $(LIB_NONSMBD_OBJ) $(LIBS) $(ZLIB_LIBS) \ $(POPT_LIBS) $(KRB5LIBS) $(LDAP_LIBS) $(NSCD_LIBS) \ $(LIBTALLOC_LIBS) $(LIBTDB_LIBS) $(LIBWBCLIENT_LIBS) @INIPARSERLIBS@ -bin/pam_smbpass.@SHLIBEXT@: $(BINARY_PREREQS) $(PAM_SMBPASS_OBJ) $(LIBCLI_LDAP_NDR_OBJ) $(LIBTALLOC) $(LIBWBCLIENT) $(LIBTDB) +bin/pam_smbpass.@SHLIBEXT@: $(BINARY_PREREQS) $(PAM_SMBPASS_OBJ) $(LIBCLI_LDAP_NDR_OBJ) $(LIBTALLOC) $(LIBWBCLIENT) $(LIBTDB) $(ZLIB_LIBS) @echo Linking shared library $@ @$(SHLD) $(LDSHFLAGS) -o $@ $(PAM_SMBPASS_OBJ) $(LIBCLI_LDAP_NDR_OBJ) -lpam $(DYNEXP) \ - $(LIBS) $(LDAP_LIBS) $(NSCD_LIBS) \ + $(LIBS) $(LDAP_LIBS) $(NSCD_LIBS) $(ZLIB_LIBS) \ $(LIBTALLOC_LIBS) $(LIBTDB_LIBS) $(LIBWBCLIENT_LIBS) bin/tdbbackup@EXEEXT@: $(BINARY_PREREQS) $(TDBBACKUP_OBJ) $(LIBTALLOC) $(LIBTDB) diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c index b3d62bc..94ed355 100644 --- a/source3/passdb/pdb_interface.c +++ b/source3/passdb/pdb_interface.c @@ -25,6 +25,8 @@ #include
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via f07f3d5 Fix 3.6 headers via ad8415c s3-gse: Use gss_get_name_attribute to fetch the pac from 3db7254 WHATSNEW: Start 3.6.0rc1 release notes. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit f07f3d5d11b57321dc0616b88afc78199a59e2d8 Author: Simo Sorce i...@samba.org Date: Fri May 13 16:36:42 2011 -0400 Fix 3.6 headers commit ad8415cb8a7bbd1f653eecce1aa2b88242bcc9e5 Author: Simo Sorce i...@samba.org Date: Mon May 9 11:33:41 2011 -0400 s3-gse: Use gss_get_name_attribute to fetch the pac This is the only way to be sure the pac signatures are correct. It requires a fairly new version of MIT Kerberos, but that should be fine, it is new functionality in 3.6 anyways. --- Summary of changes: source3/configure.in|1 + source3/include/proto.h | 28 +- source3/lib/netapi/netapi_private.h |2 + source3/librpc/crypto/gse.c | 74 +++ source3/librpc/crypto/gse.h |3 +- source3/librpc/rpc/dcerpc_ep.c |1 + source3/rpc_client/cli_winreg_int.h |1 + source3/rpc_server/dcesrv_gssapi.c | 42 +--- source3/rpc_server/rpc_ncacn_np.h |2 + source3/smbd/lanman.c |1 + 10 files changed, 61 insertions(+), 94 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/configure.in b/source3/configure.in index d8c59b6..72568d8 100644 --- a/source3/configure.in +++ b/source3/configure.in @@ -3860,6 +3860,7 @@ if test x$with_ads_support != xno; then AC_CHECK_FUNC_EXT(krb5_get_credentials_for_user, $KRB5_LIBS) AC_CHECK_FUNC_EXT(krb5_get_host_realm, $KRB5_LIBS) AC_CHECK_FUNC_EXT(krb5_free_host_realm, $KRB5_LIBS) + AC_CHECK_FUNC_EXT(gss_get_name_attribute, $KRB5_LIBS) # MIT krb5 1.8 does not expose this call (yet) AC_CHECK_DECLS(krb5_get_credentials_for_user, [], [], [#include krb5.h]) diff --git a/source3/include/proto.h b/source3/include/proto.h index 5f0e878..6c76029 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -2667,33 +2667,6 @@ const struct ndr_interface_table *get_iface_from_syntax( const char *get_pipe_name_from_syntax(TALLOC_CTX *mem_ctx, const struct ndr_syntax_id *syntax); -/* The following definitions come from rpc_server/rpc_ncacn_np.c */ -struct auth_serversupplied_info; -struct pipes_struct *make_internal_rpc_pipe_p(TALLOC_CTX *mem_ctx, - const struct ndr_syntax_id *syntax, - struct client_address *client_id, - const struct auth_serversupplied_info *session_info, - struct messaging_context *msg_ctx); -struct dcerpc_binding_handle; -NTSTATUS rpcint_binding_handle(TALLOC_CTX *mem_ctx, - const struct ndr_interface_table *ndr_table, - struct client_address *client_id, - const struct auth_serversupplied_info *session_info, - struct messaging_context *msg_ctx, - struct dcerpc_binding_handle **binding_handle); -NTSTATUS rpc_pipe_open_internal(TALLOC_CTX *mem_ctx, - const struct ndr_syntax_id *abstract_syntax, - const struct auth_serversupplied_info *serversupplied_info, - struct client_address *client_id, - struct messaging_context *msg_ctx, - struct rpc_pipe_client **presult); -NTSTATUS rpc_pipe_open_interface(TALLOC_CTX *mem_ctx, -const struct ndr_syntax_id *syntax, -const struct auth_serversupplied_info *session_info, -struct client_address *client_id, -struct messaging_context *msg_ctx, -struct rpc_pipe_client **cli_pipe); - /* The following definitions come from rpc_client/cli_pipe_schannel.c */ NTSTATUS get_schannel_session_key(struct cli_state *cli, @@ -2703,6 +2676,7 @@ NTSTATUS get_schannel_session_key(struct cli_state *cli, /* The following definitions come from rpc_server/rpc_handles.c */ +struct pipes_struct; size_t num_pipe_handles(struct pipes_struct *p); bool init_pipe_handles(struct pipes_struct *p, const struct ndr_syntax_id *syntax); bool create_policy_hnd(struct pipes_struct *p, struct policy_handle *hnd, void *data_ptr); diff --git a/source3/lib/netapi/netapi_private.h b/source3/lib/netapi/netapi_private.h index 7559c61..349287b 100644 --- a/source3/lib/netapi
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 1804d9a tdb_backup: avoid transaction on backup file, use lockall from 9bf3dc3 Fix Bug #8099 setpwent() actually does endpwent() and vice versa on FreeBSD http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 1804d9a64662d37f6c7c50bdd7b8edd80f42192b Author: Simo Sorce i...@samba.org Date: Sat Apr 9 22:21:35 2011 -0400 tdb_backup: avoid transaction on backup file, use lockall Transactions have the side effect of generating bigger files. By removing the transaction files get as much as 30% smaller. Autobuild-User: Simo Sorce i...@samba.org Autobuild-Date: Tue Apr 19 23:34:37 CEST 2011 on sn-devel-104 --- Summary of changes: lib/tdb/tools/tdbbackup.c | 21 + 1 files changed, 13 insertions(+), 8 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/tdb/tools/tdbbackup.c b/lib/tdb/tools/tdbbackup.c index 6aca8dd..11ecaa0 100644 --- a/lib/tdb/tools/tdbbackup.c +++ b/lib/tdb/tools/tdbbackup.c @@ -152,8 +152,9 @@ static int backup_tdb(const char *old_name, const char *new_name, int hash_size) return 1; } - if (tdb_transaction_start(tdb_new) != 0) { - printf(Failed to start transaction on new tdb\n); + /* lock the backup tdb so that nobody else can change it */ + if (tdb_lockall(tdb_new) != 0) { + printf(Failed to lock backup tdb\n); tdb_close(tdb); tdb_close(tdb_new); unlink(tmp_name); @@ -177,12 +178,16 @@ static int backup_tdb(const char *old_name, const char *new_name, int hash_size) /* close the old tdb */ tdb_close(tdb); - if (tdb_transaction_commit(tdb_new) != 0) { - fprintf(stderr, Failed to commit new tdb\n); - tdb_close(tdb_new); - unlink(tmp_name); - free(tmp_name); - return 1; + /* copy done, unlock the backup tdb */ + tdb_unlockall(tdb_new); + +#ifdef HAVE_FDATASYNC + if (fdatasync(tdb_fd(tdb_new)) != 0) { +#else + if (fsync(tdb_fd(tdb_new)) != 0) { +#endif + /* not fatal */ + fprintf(stderr, failed to fsync backup file\n); } /* close the new tdb and re-open read-only */ -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 72bd60b s3-epmapper: fix vars init and return errors via edc2600 librpc: Return an error if we a broken floor. via 95daebe cleanup: fix some trailing spaces via dbe957e s3-epmapper: Fix allocation of data on the wrong context via 5ebf007 s3-epmapper: Make sure we work on a description duplicate. via f534dcd librpc: Added a dcerpc_binding_dup() function. via e8912b9 s3-epmapper: Refactor the cleanup of endpoints. via fd89e29 s3-epmapper: Use strcmp instead of strequal and check IPv6. via bf1e330 s3-epmapper: Increase debug levels. from 155c4fb s3: Fix some errno assignments in SMBC_opendir_ctx http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 72bd60b2fee20dc85c1cc88d5d4e2efdfb74b701 Author: Simo Sorce i...@samba.org Date: Thu Mar 24 11:49:27 2011 -0400 s3-epmapper: fix vars init and return errors Properly initialize variables at each cycle. Convert to the right error when returning EPMAPPER ones. Autobuild-User: Simo Sorce i...@samba.org Autobuild-Date: Thu Mar 24 20:43:49 CET 2011 on sn-devel-104 commit edc26007bf50ce165b8f8dfba5e1c7f86f6918e6 Author: Andreas Schneider a...@samba.org Date: Thu Mar 24 13:45:32 2011 +0100 librpc: Return an error if we a broken floor. Pair-Programmed-With: Simo Sorce i...@samba.org commit 95daebe1c339cefe87bcb5d4e2afc79a45af3b62 Author: Simo Sorce i...@samba.org Date: Thu Mar 24 09:21:11 2011 -0400 cleanup: fix some trailing spaces commit dbe957e48fec13aec39b7c2675cd4b7cde55d9d0 Author: Simo Sorce i...@samba.org Date: Thu Mar 24 08:23:48 2011 -0400 s3-epmapper: Fix allocation of data on the wrong context p-mem_ctx is the short-lived per request context, while this data is long lived, allocate on p instead. commit 5ebf0072336ece5acf120bcdeb6612445fa059f1 Author: Andreas Schneider a...@samba.org Date: Thu Mar 24 14:39:56 2011 +0100 s3-epmapper: Make sure we work on a description duplicate. commit f534dcdca3184a342df2d702663088a4afba6571 Author: Andreas Schneider a...@samba.org Date: Thu Mar 24 14:39:37 2011 +0100 librpc: Added a dcerpc_binding_dup() function. commit e8912b9ad31154adca4d2065b2986661a956a959 Author: Andreas Schneider a...@samba.org Date: Thu Mar 24 13:07:54 2011 +0100 s3-epmapper: Refactor the cleanup of endpoints. commit fd89e29e7ee5065b6f4349e391c90c5f81e7c476 Author: Andreas Schneider a...@samba.org Date: Thu Mar 24 13:07:05 2011 +0100 s3-epmapper: Use strcmp instead of strequal and check IPv6. commit bf1e330f69951400f12ecb17c82adadd1e901a58 Author: Andreas Schneider a...@samba.org Date: Thu Mar 24 10:44:14 2011 +0100 s3-epmapper: Increase debug levels. --- Summary of changes: librpc/rpc/binding.c | 101 +-- librpc/rpc/rpc_common.h|2 + source3/rpc_server/epmapper/srv_epmapper.c | 78 - 3 files changed, 140 insertions(+), 41 deletions(-) Changeset truncated at 500 lines: diff --git a/librpc/rpc/binding.c b/librpc/rpc/binding.c index 2a0295b..422537e 100644 --- a/librpc/rpc/binding.c +++ b/librpc/rpc/binding.c @@ -646,13 +646,22 @@ _PUBLIC_ const char *derpc_transport_string_by_transport(enum dcerpc_transport_t return NULL; } -_PUBLIC_ NTSTATUS dcerpc_binding_from_tower(TALLOC_CTX *mem_ctx, - struct epm_tower *tower, - struct dcerpc_binding **b_out) +_PUBLIC_ NTSTATUS dcerpc_binding_from_tower(TALLOC_CTX *mem_ctx, + struct epm_tower *tower, + struct dcerpc_binding **b_out) { NTSTATUS status; struct dcerpc_binding *binding; + /* +* A tower needs to have at least 4 floors to carry useful +* information. Floor 3 is the transport identifier which defines +* how many floors are required at least. +*/ + if (tower-num_floors 4) { + return NT_STATUS_INVALID_PARAMETER; + } + binding = talloc_zero(mem_ctx, struct dcerpc_binding); NT_STATUS_HAVE_NO_MEMORY(binding); @@ -669,15 +678,11 @@ _PUBLIC_ NTSTATUS dcerpc_binding_from_tower(TALLOC_CTX *mem_ctx, return NT_STATUS_NOT_SUPPORTED; } - if (tower-num_floors 1) { - return NT_STATUS_OK; - } - /* Set object uuid */ status = dcerpc_floor_get_lhs_data(tower-floors[0], binding-object); if (!NT_STATUS_IS_OK(status)) { - DEBUG(1, (Error pulling object uuid and version: %s, nt_errstr(status))); + DEBUG(1, (Error pulling object uuid and version: %s, nt_errstr(status
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via 17fe342 s3-epmapper: fix vars init and return errors via 8a8f4df librpc: Return an error if we a broken floor. via e41b818 cleanup: fix some trailing spaces via 7ae0d64 s3-epmapper: Fix allocation of data on the wrong context via 409e67e s3-epmapper: Make sure we work on a description duplicate. via bdd17bb librpc: Added a dcerpc_binding_dup() function. via 5f47e57 s3-epmapper: Refactor the cleanup of endpoints. via 824f65c s3-epmapper: Use strcmp instead of strequal and check IPv6. from 2896698 s3: Fix some errno assignments in SMBC_opendir_ctx http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit 17fe34287e582f804cc139a6164563699877d440 Author: Simo Sorce i...@samba.org Date: Thu Mar 24 11:49:27 2011 -0400 s3-epmapper: fix vars init and return errors Properly initialize variables at each cycle. Convert to the right error when returning EPMAPPER ones. Autobuild-User: Simo Sorce i...@samba.org Autobuild-Date: Thu Mar 24 20:43:49 CET 2011 on sn-devel-104 commit 8a8f4dfe617d4d9625e3788c33f788e140e37f06 Author: Andreas Schneider a...@samba.org Date: Thu Mar 24 13:45:32 2011 +0100 librpc: Return an error if we a broken floor. Pair-Programmed-With: Simo Sorce i...@samba.org commit e41b8186557bef3b2205fa998be514d7c9f61f1f Author: Simo Sorce i...@samba.org Date: Thu Mar 24 09:21:11 2011 -0400 cleanup: fix some trailing spaces commit 7ae0d6404ed4a02702be139329939b2d7f0c9c5d Author: Simo Sorce i...@samba.org Date: Thu Mar 24 08:23:48 2011 -0400 s3-epmapper: Fix allocation of data on the wrong context p-mem_ctx is the short-lived per request context, while this data is long lived, allocate on p instead. commit 409e67e780ad8b90d7d7a1a11f8c920e9a86381b Author: Andreas Schneider a...@samba.org Date: Thu Mar 24 14:39:56 2011 +0100 s3-epmapper: Make sure we work on a description duplicate. commit bdd17bb4b2785988f8f546ef60b54d655712a946 Author: Andreas Schneider a...@samba.org Date: Thu Mar 24 14:39:37 2011 +0100 librpc: Added a dcerpc_binding_dup() function. commit 5f47e5763459fa2582a609074b448201854b4fa7 Author: Andreas Schneider a...@samba.org Date: Thu Mar 24 13:07:54 2011 +0100 s3-epmapper: Refactor the cleanup of endpoints. commit 824f65c5e3dede8a2f29fe3bb92f89c03f3d4070 Author: Andreas Schneider a...@samba.org Date: Thu Mar 24 13:07:05 2011 +0100 s3-epmapper: Use strcmp instead of strequal and check IPv6. --- Summary of changes: librpc/rpc/binding.c | 101 +-- librpc/rpc/rpc_common.h|2 + source3/rpc_server/epmapper/srv_epmapper.c | 62 ++--- 3 files changed, 132 insertions(+), 33 deletions(-) Changeset truncated at 500 lines: diff --git a/librpc/rpc/binding.c b/librpc/rpc/binding.c index 2a0295b..422537e 100644 --- a/librpc/rpc/binding.c +++ b/librpc/rpc/binding.c @@ -646,13 +646,22 @@ _PUBLIC_ const char *derpc_transport_string_by_transport(enum dcerpc_transport_t return NULL; } -_PUBLIC_ NTSTATUS dcerpc_binding_from_tower(TALLOC_CTX *mem_ctx, - struct epm_tower *tower, - struct dcerpc_binding **b_out) +_PUBLIC_ NTSTATUS dcerpc_binding_from_tower(TALLOC_CTX *mem_ctx, + struct epm_tower *tower, + struct dcerpc_binding **b_out) { NTSTATUS status; struct dcerpc_binding *binding; + /* +* A tower needs to have at least 4 floors to carry useful +* information. Floor 3 is the transport identifier which defines +* how many floors are required at least. +*/ + if (tower-num_floors 4) { + return NT_STATUS_INVALID_PARAMETER; + } + binding = talloc_zero(mem_ctx, struct dcerpc_binding); NT_STATUS_HAVE_NO_MEMORY(binding); @@ -669,15 +678,11 @@ _PUBLIC_ NTSTATUS dcerpc_binding_from_tower(TALLOC_CTX *mem_ctx, return NT_STATUS_NOT_SUPPORTED; } - if (tower-num_floors 1) { - return NT_STATUS_OK; - } - /* Set object uuid */ status = dcerpc_floor_get_lhs_data(tower-floors[0], binding-object); if (!NT_STATUS_IS_OK(status)) { - DEBUG(1, (Error pulling object uuid and version: %s, nt_errstr(status))); + DEBUG(1, (Error pulling object uuid and version: %s, nt_errstr(status))); return status; } @@ -702,6 +707,86 @@ _PUBLIC_ NTSTATUS dcerpc_binding_from_tower(TALLOC_CTX *mem_ctx, return NT_STATUS_OK; } +_PUBLIC_ struct dcerpc_binding *dcerpc_binding_dup(TALLOC_CTX
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 7f1fd07 s3-epmapper: Log error if we can't register the endpoint. via b38517b s3-epmapper: Setup epm in smbd to forward np requests. via 73e985f s3-epmapper: Remove unregister on shutdown. via da1a18c s3-epmd: Cleanup endpoints on service pipe disconnect. via 0d97741 s3-epmapper: Added function to delete endpoint entries. via e69d922 s3-rpc_server: Added disconnect callback function. via 044eabe s3-rpc_server: Rename req to subreq. via 73faa82 s3-rpc_server: Implement an endpoint monitor loop. via b2bdc20 s3-rpc_server: Added a memory context to the ep regsiter state. via 81a2046 s3-librpc: Leave the epm registration connection open. via d6a1469 s3-epmd: Cleanup endpoint mapper correctly. via de77524 s3-epmapper: Shutdown the embedded epmapper cleanly. via 661ac49 s3-epmapper: Added a cleanup function. via da718a5 s3-epmapper: Use DCERPC_AUTH_LEVEL_CONNECT for ep ncalrpc. via 3766f3e s3-rpc_server: Rename system_user to ncalrpc_as_system. from 177df3c s3: Fix a shadowed declaration warning http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 7f1fd07fbe99fc167eb529d482b084142c39ea8a Author: Andreas Schneider a...@samba.org Date: Mon Mar 21 16:14:19 2011 +0100 s3-epmapper: Log error if we can't register the endpoint. Autobuild-User: Simo Sorce i...@samba.org Autobuild-Date: Wed Mar 23 18:06:54 CET 2011 on sn-devel-104 commit b38517bbdc746fe53e0bd804623b2ea7b0e98cbc Author: Andreas Schneider a...@samba.org Date: Thu Mar 17 17:56:37 2011 +0100 s3-epmapper: Setup epm in smbd to forward np requests. commit 73e985fe4b1b4c3e879f4d7fe7bc2f98851aee6e Author: Andreas Schneider a...@samba.org Date: Thu Mar 17 16:59:10 2011 +0100 s3-epmapper: Remove unregister on shutdown. This is done automatically now. commit da1a18cd032760c33cf4573124c5b88507b84425 Author: Andreas Schneider a...@samba.org Date: Thu Mar 17 11:14:12 2011 +0100 s3-epmd: Cleanup endpoints on service pipe disconnect. commit 0d97741b9b825350e3e04b5dc49b4e039bd744dc Author: Andreas Schneider a...@samba.org Date: Wed Mar 16 13:42:26 2011 +0100 s3-epmapper: Added function to delete endpoint entries. commit e69d92236744bb06d60faa4f21f3cd748ec5629d Author: Andreas Schneider a...@samba.org Date: Mon Mar 14 12:29:49 2011 +0100 s3-rpc_server: Added disconnect callback function. commit 044eabe425f9ae6e2fcea5ec1481b33c35b173f7 Author: Andreas Schneider a...@samba.org Date: Thu Mar 10 13:02:31 2011 +0100 s3-rpc_server: Rename req to subreq. commit 73faa82bf9ebebdff9662e60715e9fd4f1614b9f Author: Andreas Schneider a...@samba.org Date: Thu Mar 10 10:17:51 2011 +0100 s3-rpc_server: Implement an endpoint monitor loop. commit b2bdc20f65f0d5fda5b9fdb9dc6222e2f219bbea Author: Andreas Schneider a...@samba.org Date: Wed Mar 9 10:38:00 2011 +0100 s3-rpc_server: Added a memory context to the ep regsiter state. commit 81a2046879299a051e69fd4d78b3a8e49b690f1b Author: Andreas Schneider a...@samba.org Date: Wed Mar 9 10:17:06 2011 +0100 s3-librpc: Leave the epm registration connection open. commit d6a1469f4350fa24204e11bb9aee0e33f8d21c34 Author: Andreas Schneider a...@samba.org Date: Mon Mar 14 14:50:09 2011 +0100 s3-epmd: Cleanup endpoint mapper correctly. commit de775244a97b011fa34e52987a76ff81a5d36fb0 Author: Andreas Schneider a...@samba.org Date: Mon Mar 14 17:14:19 2011 +0100 s3-epmapper: Shutdown the embedded epmapper cleanly. commit 661ac49794a0594003463e1cf3ae1bf806f24213 Author: Andreas Schneider a...@samba.org Date: Mon Mar 14 14:49:51 2011 +0100 s3-epmapper: Added a cleanup function. commit da718a5961c3404435f9bc64bebabb71b53455eb Author: Andreas Schneider a...@samba.org Date: Mon Mar 21 09:29:14 2011 +0100 s3-epmapper: Use DCERPC_AUTH_LEVEL_CONNECT for ep ncalrpc. commit 3766f3ec0e495277c79df8eb8918cb739bc14358 Author: Andreas Schneider a...@samba.org Date: Mon Mar 14 10:47:41 2011 +0100 s3-rpc_server: Rename system_user to ncalrpc_as_system. --- Summary of changes: source3/include/ntdomain.h |5 +- source3/librpc/rpc/dcerpc_ep.c | 50 ++- source3/librpc/rpc/dcerpc_ep.h | 18 +- source3/rpc_client/cli_pipe.c |2 +- source3/rpc_server/epmapper/srv_epmapper.c | 65 +++ .../rpc_server/epmapper/srv_epmapper.h | 27 +- source3/rpc_server/epmd.c | 19 +- source3/rpc_server/rpc_ep_setup.c | 549 source3/rpc_server/rpc_server.c| 30 +- source3/rpc_server/rpc_server.h|5 +- source3
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 5d55ae0 lib-util: put data_blob back in the public library from 1413af9 s3-waf: add --with-pam_smbpass configure option. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 5d55ae0a2907b5ead5fb7d131aa00788d806ed9a Author: Simo Sorce i...@samba.org Date: Thu Mar 17 09:02:57 2011 -0400 lib-util: put data_blob back in the public library data_blob is defined ina public header, so it needs to be exposed in the public library. Autobuild-User: Simo Sorce i...@samba.org Autobuild-Date: Thu Mar 17 15:39:08 CET 2011 on sn-devel-104 --- Summary of changes: lib/util/wscript_build |4 ++-- source3/wscript_build |2 +- 2 files changed, 3 insertions(+), 3 deletions(-) mode change 100644 = 100755 lib/util/wscript_build mode change 100644 = 100755 source3/wscript_build Changeset truncated at 500 lines: diff --git a/lib/util/wscript_build b/lib/util/wscript_build old mode 100644 new mode 100755 index e8883a3..7c18075 --- a/lib/util/wscript_build +++ b/lib/util/wscript_build @@ -6,7 +6,7 @@ bld.SAMBA_LIBRARY('samba-util-common', source='''talloc_stack.c smb_threads.c xfile.c util_file.c time.c rbtree.c rfc1738.c select.c genrand.c fsusage.c blocking.c become_daemon.c - data_blob.c signal.c system.c params.c util.c util_id.c util_net.c + signal.c system.c params.c util.c util_id.c util_net.c util_strlist.c idtree.c debug.c''', public_deps='talloc pthread LIBCRYPTO', # until we get all the dependencies in this library in common @@ -20,7 +20,7 @@ bld.SAMBA_LIBRARY('samba-util-common', if bld.env._SAMBA_BUILD_ == 4: bld.SAMBA_LIBRARY('samba-util', - source='''dprintf.c fault.c + source='''dprintf.c fault.c data_blob.c ms_fnmatch.c parmlist.c substitute.c util_str.c ''', deps='samba-util-common', diff --git a/source3/wscript_build b/source3/wscript_build old mode 100644 new mode 100755 index 3f7e3b6..dbfb465 --- a/source3/wscript_build +++ b/source3/wscript_build @@ -962,7 +962,7 @@ bld.SAMBA3_SUBSYSTEM('CHARSET3', deps='DYNCONFIG') bld.SAMBA3_SUBSYSTEM('samba-util3', -source='', +source='../lib/util/data_blob.c', deps='talloc CHARSET3 samba-util-common') bld.SAMBA3_SUBSYSTEM('ldb3', -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 2a608ba dcerpc: we do not need these as public headers from ab37eae s3: Fix Coverity ID 2231, REVERSE_INULL http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 2a608ba856a4f28c13f295ac554e46168f3f045c Author: Simo Sorce i...@samba.org Date: Wed Mar 16 15:32:53 2011 -0400 dcerpc: we do not need these as public headers latest openchange doesn't need these headers either fix _PRINTF_ATTRIBUTE in tdr.h, as it was failing to work after removing proto.h due to side effects. PRINTF_ATTRIBUTE is ok and is define in talloc.h which is included by tdr.h Autobuild-User: Simo Sorce i...@samba.org Autobuild-Date: Wed Mar 16 23:45:20 CET 2011 on sn-devel-104 --- Summary of changes: lib/tdr/tdr.h|2 +- source4/rpc_server/wscript_build |2 -- 2 files changed, 1 insertions(+), 3 deletions(-) mode change 100644 = 100755 source4/rpc_server/wscript_build Changeset truncated at 500 lines: diff --git a/lib/tdr/tdr.h b/lib/tdr/tdr.h index cd4785e..fa0a4d7 100644 --- a/lib/tdr/tdr.h +++ b/lib/tdr/tdr.h @@ -95,6 +95,6 @@ struct tdr_push *tdr_push_init(TALLOC_CTX *mem_ctx); struct tdr_pull *tdr_pull_init(TALLOC_CTX *mem_ctx); NTSTATUS tdr_push_to_fd(int fd, tdr_push_fn_t push_fn, const void *p); -void tdr_print_debug_helper(struct tdr_print *tdr, const char *format, ...) _PRINTF_ATTRIBUTE(2,3); +void tdr_print_debug_helper(struct tdr_print *tdr, const char *format, ...) PRINTF_ATTRIBUTE(2,3); #endif /* __TDR_H__ */ diff --git a/source4/rpc_server/wscript_build b/source4/rpc_server/wscript_build old mode 100644 new mode 100755 index a1d1fc5..f1d3c0d --- a/source4/rpc_server/wscript_build +++ b/source4/rpc_server/wscript_build @@ -9,8 +9,6 @@ bld.SAMBA_SUBSYSTEM('DCERPC_SHARE', bld.SAMBA_SUBSYSTEM('DCERPC_COMMON', source='common/forward.c common/reply.c dcesrv_auth.c', autoproto='common/proto.h', - public_headers='common/common.h common/proto.h', - header_path='dcerpc_server', deps='ldb DCERPC_SHARE samba_server_gensec' ) -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via a57c2b0 Fix public header not to include private (not installed) ones. from 72c1fe0 librpc/rpc: move DCERPC_ flags to rpc_common.h http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit a57c2b02f13569bce8e485c39924bce980a61403 Author: Simo Sorce i...@samba.org Date: Mon Mar 14 11:01:47 2011 -0400 Fix public header not to include private (not installed) ones. Autobuild-User: Simo Sorce i...@samba.org Autobuild-Date: Mon Mar 14 17:01:20 CET 2011 on sn-devel-104 --- Summary of changes: source4/auth/auth.h|1 + source4/auth/session.h |2 +- 2 files changed, 2 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/auth/auth.h b/source4/auth/auth.h index 0e0aa01..9eb3e7d 100644 --- a/source4/auth/auth.h +++ b/source4/auth/auth.h @@ -158,6 +158,7 @@ struct auth_critical_sizes { #include auth/session.h #include auth/system_session_proto.h +#include libcli/security/security.h struct ldb_message; struct ldb_context; diff --git a/source4/auth/session.h b/source4/auth/session.h index 8ab6288..97a8aba 100644 --- a/source4/auth/session.h +++ b/source4/auth/session.h @@ -21,7 +21,7 @@ #ifndef _SAMBA_AUTH_SESSION_H #define _SAMBA_AUTH_SESSION_H -#include libcli/security/security.h +#include librpc/gen_ndr/security.h #include librpc/gen_ndr/netlogon.h #include librpc/gen_ndr/auth.h -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 63af546 Fix broken build with make dist tarballs from 0516112 s3:libsmb only log a dead connection if it was not closed http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 63af5468a58436121a3b3cc658e9dd672238d8cf Author: Simo Sorce i...@samba.org Date: Wed Feb 23 15:09:48 2011 -0500 Fix broken build with make dist tarballs Autobuild-User: Simo Sorce i...@samba.org Autobuild-Date: Wed Feb 23 22:02:06 CET 2011 on sn-devel-104 --- Summary of changes: wscript |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) mode change 100644 = 100755 wscript Changeset truncated at 500 lines: diff --git a/wscript b/wscript old mode 100644 new mode 100755 index b2e6f2a..0dd8c90 --- a/wscript +++ b/wscript @@ -21,7 +21,7 @@ samba_dist.DIST_DIRS('.') #samba-4.0.0 branded tarball (until the merge is complete) and the #core elements of the autotools build system (which is known to #produce buggy binaries). -samba_dist.DIST_BLACKLIST('README Manifest Read-Manifest-Now Roadmap source3/ ' + +samba_dist.DIST_BLACKLIST('README Manifest Read-Manifest-Now Roadmap ' + 'packaging/ docs-xml/ examples/ swat/ WHATSNEW.txt MAINTAINERS ') # install in /usr/local/samba by default Options.default_prefix = '/usr/local/samba' -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via d6a41c2 Return NULL if tevent_add_fd() is passed a negative fd from b423d83 s4:ldapcmp: cope with range retrivals of multivalued attributes http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit d6a41c2723cda59b3cd6ae9a1e77b62f25067663 Author: Stephen Gallagher sgall...@redhat.com Date: Mon Feb 14 10:29:49 2011 -0500 Return NULL if tevent_add_fd() is passed a negative fd Autobuild-User: Simo Sorce i...@samba.org Autobuild-Date: Mon Feb 14 17:47:03 CET 2011 on sn-devel-104 --- Summary of changes: lib/tevent/tevent_fd.c |6 ++ 1 files changed, 6 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/tevent/tevent_fd.c b/lib/tevent/tevent_fd.c index c58e8e1..455961b 100644 --- a/lib/tevent/tevent_fd.c +++ b/lib/tevent/tevent_fd.c @@ -51,6 +51,12 @@ struct tevent_fd *tevent_common_add_fd(struct tevent_context *ev, TALLOC_CTX *me { struct tevent_fd *fde; + /* tevent will crash later on select() if we save +* a negative file descriptor. Better to fail here +* so that consumers will be able to debug it +*/ + if (fd 0) return NULL; + fde = talloc(mem_ctx?mem_ctx:ev, struct tevent_fd); if (!fde) return NULL; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 0a05a36 Increase minor version since a public header has changed from 3722f65 librpc: make NDR_KRB5PAC a shared library (libndr-krb5pac.so). http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 0a05a364f3a8bb2ec89e261e372e762ab05d5e6b Author: Simo Sorce i...@samba.org Date: Mon Feb 14 11:49:41 2011 -0500 Increase minor version since a public header has changed Samba4 now depends on a new macro defined in the public ldb_modules.h header: LDB_FLAG_INTERNAL_FORCE_SINGLE_VALUE_CHECK. Bump up the minor release of ldb accordingly. Autobuild-User: Simo Sorce i...@samba.org Autobuild-Date: Mon Feb 14 19:39:31 CET 2011 on sn-devel-104 --- Summary of changes: .../ldb/ABI/{ldb-0.9.24.sigs = ldb-1.0.1.sigs}|0 source4/lib/ldb/wscript|2 +- 2 files changed, 1 insertions(+), 1 deletions(-) copy source4/lib/ldb/ABI/{ldb-0.9.24.sigs = ldb-1.0.1.sigs} (100%) mode change 100644 = 100755 source4/lib/ldb/wscript Changeset truncated at 500 lines: diff --git a/source4/lib/ldb/ABI/ldb-0.9.24.sigs b/source4/lib/ldb/ABI/ldb-1.0.1.sigs similarity index 100% copy from source4/lib/ldb/ABI/ldb-0.9.24.sigs copy to source4/lib/ldb/ABI/ldb-1.0.1.sigs diff --git a/source4/lib/ldb/wscript b/source4/lib/ldb/wscript old mode 100644 new mode 100755 index 73125fc..69d8725 --- a/source4/lib/ldb/wscript +++ b/source4/lib/ldb/wscript @@ -1,7 +1,7 @@ #!/usr/bin/env python APPNAME = 'ldb' -VERSION = '1.0.0' +VERSION = '1.0.1' blddir = 'bin' -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 18926e5 Fix private libdir and codepages paths from 64c63a3 s3: Fix a C++ warning http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 18926e5907ac91881fe5b8cf35193c4bc010500a Author: Simo Sorce i...@samba.org Date: Mon Feb 14 19:46:42 2011 -0500 Fix private libdir and codepages paths The private libraries need to be arch specific as well. With --enable-fhs the codepages should go in /usr/share/samba and not in /usr/lib{64}/samba as they are data files not libraries. Autobuild-User: Simo Sorce i...@samba.org Autobuild-Date: Tue Feb 15 04:22:37 CET 2011 on sn-devel-104 --- Summary of changes: buildtools/wafsamba/wscript |2 +- source4/dynconfig/wscript |2 +- 2 files changed, 2 insertions(+), 2 deletions(-) mode change 100644 = 100755 buildtools/wafsamba/wscript mode change 100644 = 100755 source4/dynconfig/wscript Changeset truncated at 500 lines: diff --git a/buildtools/wafsamba/wscript b/buildtools/wafsamba/wscript old mode 100644 new mode 100755 index ad5b938..4f93bb1 --- a/buildtools/wafsamba/wscript +++ b/buildtools/wafsamba/wscript @@ -277,7 +277,7 @@ def configure(conf): conf.env.RPATH_ON_INSTALL = (conf.env.RPATH_ON_BUILD and not Options.options.disable_rpath_install) if not conf.env.PRIVATELIBDIR: -conf.env.PRIVATELIBDIR = '${PREFIX}/lib/%s' % Utils.g_module.APPNAME +conf.env.PRIVATELIBDIR = '%s/%s' % (conf.env.LIBDIR, Utils.g_module.APPNAME) conf.env.RPATH_ON_INSTALL_PRIVATE = ( not Options.options.disable_rpath_private_install) else: diff --git a/source4/dynconfig/wscript b/source4/dynconfig/wscript old mode 100644 new mode 100755 index 50ae44f..c2741fd --- a/source4/dynconfig/wscript +++ b/source4/dynconfig/wscript @@ -57,7 +57,6 @@ dyn_cflags_fhs = { 'LOGFILEBASE': '${LOCALSTATEDIR}/log/samba', 'LOCKDIR': '${LOCALSTATEDIR}/lib/samba', 'PIDDIR' : '${LOCALSTATEDIR}/run/samba', -'DATADIR': '${DATADIR}/samba', 'SETUPDIR' : '${DATADIR}/samba/setup', 'WINBINDD_SOCKET_DIR': '${LOCALSTATEDIR}/run/samba/winbindd', 'WINBINDD_PRIVILEGED_SOCKET_DIR' : '${LOCALSTATEDIR}/run/samba/winbindd_privileged', @@ -69,6 +68,7 @@ dyn_cflags_fhs = { 'INCLUDEDIR' : '${INCLUDEDIR}/samba-4.0', 'PKGCONFIGDIR' : '${LIBDIR}/pkgconfig', 'SWATDIR': '${DATADIR}/swat', +'CODEPAGEDIR': '${DATADIR}/samba', } def get_varname(v): -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 1d27f0b mit-samba: Allow nesting on the event context from 1d58fcc libcli/security: Make add_sid_to_array_unique use a uin32_t counter http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 1d27f0b26431d32d969d1ad10d47c396d1c7517f Author: Simo Sorce i...@samba.org Date: Thu Feb 3 20:51:45 2011 -0500 mit-samba: Allow nesting on the event context This context is used in ldb, and ldb modules apparently abort if nesting is not allowed. Autobuild-User: Simo Sorce i...@samba.org Autobuild-Date: Mon Feb 7 20:58:02 CET 2011 on sn-devel-104 --- Summary of changes: source4/kdc/mit_samba.c |3 +++ 1 files changed, 3 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/kdc/mit_samba.c b/source4/kdc/mit_samba.c index b959978..dcabe39 100644 --- a/source4/kdc/mit_samba.c +++ b/source4/kdc/mit_samba.c @@ -17,6 +17,8 @@ along with this program. If not, see http://www.gnu.org/licenses/. */ +#define TEVENT_DEPRECATED 1 + #include includes.h #include param/param.h #include dsdb/samdb/samdb.h @@ -68,6 +70,7 @@ static int mit_samba_context_init(struct mit_samba_context **_ctx) ret = ENOMEM; goto done; } + tevent_loop_allow_nesting(base_ctx.ev_ctx); base_ctx.lp_ctx = loadparm_init_global(false); if (!base_ctx.lp_ctx) { ret = ENOMEM; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 0b3180b ldb: error out when modules are not found from 47784a1 s4-tests: Descriptor tests should use the existing samdb domain_dn method instead of defining a new one http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 0b3180bbf5933943cf0c5b0e9d47da33cf4ff99c Author: Simo Sorce i...@samba.org Date: Thu Nov 18 08:01:15 2010 -0500 ldb: error out when modules are not found We shouldn't proceed without all required modules, it could cause damage to the ldb if operations are performed w/o the needed modules. Autobuild-User: Simo Sorce i...@samba.org Autobuild-Date: Thu Nov 18 14:02:34 UTC 2010 on sn-devel-104 --- Summary of changes: source4/lib/ldb/common/ldb_modules.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/lib/ldb/common/ldb_modules.c b/source4/lib/ldb/common/ldb_modules.c index 123d218..e330137 100644 --- a/source4/lib/ldb/common/ldb_modules.c +++ b/source4/lib/ldb/common/ldb_modules.c @@ -312,7 +312,7 @@ int ldb_module_load_list(struct ldb_context *ldb, const char **module_list, if (ops == NULL) { ldb_debug(ldb, LDB_DEBUG_FATAL, WARNING: Module [%s] not found - do you need to set LDB_MODULES_PATH?, module_list[i]); - continue; + return LDB_ERR_OPERATIONS_ERROR; } current = talloc_zero(ldb, struct ldb_module); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via feb6034 talloc: make header C++ safe from c8000c9 smbtorture: Fix typo in status message. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit feb60345816f0fd45ea9b381fbd374b21542f518 Author: Simo Sorce i...@samba.org Date: Wed Oct 20 13:09:57 2010 -0400 talloc: make header C++ safe Autobuild-User: Simo Sorce i...@samba.org Autobuild-Date: Wed Oct 20 18:15:09 UTC 2010 on sn-devel-104 --- Summary of changes: lib/talloc/talloc.h |8 1 files changed, 8 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/talloc/talloc.h b/lib/talloc/talloc.h index 8b9ade2..bc5b0fa 100644 --- a/lib/talloc/talloc.h +++ b/lib/talloc/talloc.h @@ -29,6 +29,10 @@ #include stdio.h #include stdarg.h +#ifdef __cplusplus +extern C { +#endif + /** * @defgroup talloc The talloc API * @@ -1701,4 +1705,8 @@ void talloc_set_log_stderr(void); #define TALLOC_MAX_DEPTH 1 #endif +#ifdef __cplusplus +} /* end of extern C */ +#endif + #endif -- Samba Shared Repository
[SCM] Samba Website Repository - branch master updated
The branch, master has been updated via c06c99b Fix CVE number, it's 3069, not 2069 from 31cbb3e Update latest stable release. http://gitweb.samba.org/?p=samba-web.git;a=shortlog;h=master - Log - commit c06c99b5ec1d3c31b926166241a8ed0342152f1a Author: Simo Sorce i...@samba.org Date: Tue Sep 14 09:48:05 2010 -0400 Fix CVE number, it's 3069, not 2069 --- Summary of changes: history/security.html | 10 +- .../{CVE-2010-2069.html = CVE-2010-3069.html} |0 2 files changed, 5 insertions(+), 5 deletions(-) rename security/{CVE-2010-2069.html = CVE-2010-3069.html} (100%) Changeset truncated at 500 lines: diff --git a/history/security.html b/history/security.html index f3ef89a..f0ee28a 100755 --- a/history/security.html +++ b/history/security.html @@ -23,16 +23,16 @@ link to full release notes for each release./p tr td14 Sep 2010/td - tda href=/samba/ftp/patches/security/samba-3.3.13-CVE-2010-2069.patch + tda href=/samba/ftp/patches/security/samba-3.3.13-CVE-2010-3069.patch patch for Samba 3.3.13/a - a href=/samba/ftp/patches/security/samba-3.4.8-CVE-2010-2069.patch + a href=/samba/ftp/patches/security/samba-3.4.8-CVE-2010-3069.patch patch for Samba 3.4.8/a - a href=/samba/ftp/patches/security/samba-3.5.4-CVE-2010-2069.patch + a href=/samba/ftp/patches/security/samba-3.5.4-CVE-2010-3069.patch patch for Samba 3.5.4/a tdBuffer Overrun Vulnerability/td tdall current releases/td - tda href=http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-CVE-2010-2069;CVE-2010-2069/a/td - tda href=/samba/security/CVE-2010-2069.htmlAnnouncement/a/td + tda href=http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-369;CVE-2010-3069/a/td + tda href=/samba/security/CVE-2010-3069.htmlAnnouncement/a/td /tr tr diff --git a/security/CVE-2010-2069.html b/security/CVE-2010-3069.html similarity index 100% rename from security/CVE-2010-2069.html rename to security/CVE-2010-3069.html -- Samba Website Repository
[SCM] Samba Website Repository - branch master updated
The branch, master has been updated via ac5be36 Fix typo from c06c99b Fix CVE number, it's 3069, not 2069 http://gitweb.samba.org/?p=samba-web.git;a=shortlog;h=master - Log - commit ac5be36eaa61864039006fdae6a8069251b6fb00 Author: Simo Sorce i...@samba.org Date: Tue Sep 14 09:50:08 2010 -0400 Fix typo --- Summary of changes: history/security.html |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/history/security.html b/history/security.html index f0ee28a..b1c7882 100755 --- a/history/security.html +++ b/history/security.html @@ -31,7 +31,7 @@ link to full release notes for each release./p patch for Samba 3.5.4/a tdBuffer Overrun Vulnerability/td tdall current releases/td - tda href=http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-369;CVE-2010-3069/a/td + tda href=http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3069;CVE-2010-3069/a/td tda href=/samba/security/CVE-2010-3069.htmlAnnouncement/a/td /tr -- Samba Website Repository
[SCM] Samba Website Repository - branch master updated
The branch, master has been updated via 08e2cfa Fix one more place where 2069 was used instead of 3069 from ac5be36 Fix typo http://gitweb.samba.org/?p=samba-web.git;a=shortlog;h=master - Log - commit 08e2cfa1164329f09a0e6423a0e89c06565b4c7c Author: Simo Sorce i...@samba.org Date: Tue Sep 14 10:06:30 2010 -0400 Fix one more place where 2069 was used instead of 3069 --- Summary of changes: security/CVE-2010-3069.html |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/security/CVE-2010-3069.html b/security/CVE-2010-3069.html index 898e183..8683b91 100644 --- a/security/CVE-2010-3069.html +++ b/security/CVE-2010-3069.html @@ -8,7 +8,7 @@ body - H2CVE-2010-2069: /H2 + H2CVE-2010-3069: /H2 p pre -- Samba Website Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 20e7b4e s3-auth: The unlock of the account is now done by the get_sampwnam call. via c5cfad1 s3-passdb: Try to unlock the account if it is locked out. via 2ab0b63 s3-passdb: Added a pdb_try_account_unlock function. via 9dd7e7f s3-auth: Use SamInfo3_for_guest to create guest server_info. from 5f419ea packaging: Build with -O3 http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 20e7b4ec744dead1544a4b7625dc3fcb5d802418 Author: Andreas Schneider a...@samba.org Date: Mon Aug 23 23:02:44 2010 +0200 s3-auth: The unlock of the account is now done by the get_sampwnam call. Signed-off-by: Simo Sorce i...@samba.org commit c5cfad142c6bc5cd4819726cf2444108bc7639c3 Author: Andreas Schneider a...@samba.org Date: Mon Aug 23 10:08:53 2010 +0200 s3-passdb: Try to unlock the account if it is locked out. Signed-off-by: Simo Sorce i...@samba.org commit 2ab0b63bd89d2d833695dc33aecec7a63ccbab0c Author: Andreas Schneider a...@samba.org Date: Mon Aug 23 10:08:34 2010 +0200 s3-passdb: Added a pdb_try_account_unlock function. The function checks if the account has been autolocked. If we have a lockout_duration and a bad password time it checks if we can unlock the account. Signed-off-by: Simo Sorce i...@samba.org commit 9dd7e7fc2d6d1aa7f3c3b741ac134e087ce808fd Author: Andreas Schneider a...@samba.org Date: Wed Aug 18 17:17:42 2010 +0200 s3-auth: Use SamInfo3_for_guest to create guest server_info. Signed-off-by: Simo Sorce i...@samba.org --- Summary of changes: source3/auth/auth_util.c | 89 +-- source3/auth/check_samsec.c|7 +-- source3/passdb/pdb_interface.c | 131 +-- 3 files changed, 196 insertions(+), 31 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c index 1ff9714..23f557a 100644 --- a/source3/auth/auth_util.c +++ b/source3/auth/auth_util.c @@ -25,6 +25,7 @@ #include smbd/globals.h #include ../libcli/auth/libcli_auth.h #include ../lib/crypto/arcfour.h +#include rpc_client/init_lsa.h #undef DBGC_CLASS #define DBGC_CLASS DBGC_AUTH @@ -631,6 +632,54 @@ NTSTATUS make_server_info_pw(struct auth_serversupplied_info **server_info, return NT_STATUS_OK; } +static NTSTATUS get_guest_info3(TALLOC_CTX *mem_ctx, + struct netr_SamInfo3 *info3) +{ + const char *guest_account = lp_guestaccount(); + struct dom_sid domain_sid; + struct passwd *pwd; + const char *tmp; + NTSTATUS status; + + pwd = getpwnam_alloc(mem_ctx, guest_account); + if (pwd == NULL) { + DEBUG(0,(SamInfo3_for_guest: Unable to locate guest +account [%s]!\n, guest_account)); + return NT_STATUS_NO_SUCH_USER; + } + + /* Set acount name */ + tmp = talloc_strdup(mem_ctx, pwd-pw_name); + if (tmp == NULL) { + return NT_STATUS_NO_MEMORY; + } + init_lsa_String(info3-base.account_name, tmp); + + /* Set domain name */ + tmp = talloc_strdup(mem_ctx, get_global_sam_name()); + if (tmp == NULL) { + return NT_STATUS_NO_MEMORY; + } + init_lsa_StringLarge(info3-base.domain, tmp); + + /* Domain sid */ + sid_copy(domain_sid, get_global_sam_sid()); + + info3-base.domain_sid = sid_dup_talloc(mem_ctx, domain_sid); + if (info3-base.domain_sid == NULL) { + return NT_STATUS_NO_MEMORY; + } + + /* Guest rid */ + info3-base.rid = DOMAIN_RID_GUEST; + + /* Primary gid */ + info3-base.primary_gid = BUILTIN_RID_GUESTS; + + TALLOC_FREE(pwd); + return status; +} + /*** Make (and fill) a user_info struct for a guest login. This *must* succeed for smbd to start. If there is no mapping entry for @@ -639,43 +688,42 @@ NTSTATUS make_server_info_pw(struct auth_serversupplied_info **server_info, static NTSTATUS make_new_server_info_guest(struct auth_serversupplied_info **server_info) { + static const char zeros[16] = {0}; + const char *guest_account = lp_guestaccount(); + const char *domain = global_myname(); + struct netr_SamInfo3 info3; + TALLOC_CTX *tmp_ctx; NTSTATUS status; - struct samu *sampass = NULL; - struct dom_sid guest_sid; - bool ret; - static const char zeros[16] = {0, }; fstring tmp; - if ( !(sampass = samu_new( NULL )) ) { + tmp_ctx = talloc_stackframe(); + if (tmp_ctx == NULL) { return NT_STATUS_NO_MEMORY; } - sid_compose
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via a782a80... s3-dcerpc: Allocate structure members on the right context from a16a56f... s3: PAM_RHOST and PAM_TTY are enums on FreeBSD http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit a782a80d2f5e70d40708bd578a1f456c451d2979 Author: Simo Sorce i...@samba.org Date: Mon Aug 23 17:11:32 2010 -0400 s3-dcerpc: Allocate structure members on the right context --- Summary of changes: source3/rpc_client/cli_pipe.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c index daf30d7..c9b1ef6 100644 --- a/source3/rpc_client/cli_pipe.c +++ b/source3/rpc_client/cli_pipe.c @@ -827,7 +827,7 @@ static void rpc_api_pipe_got_pdu(struct tevent_req *subreq) return; } - status = dcerpc_pull_ncacn_packet(state, + status = dcerpc_pull_ncacn_packet(state-pkt, state-incoming_frag, state-pkt, !state-endianess); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via 64a4b02... Do not leak pkt data on the long term cli memory context from 0529160... s3: Fix netgrent configure checks for compilers not supporting -Werror-implicit-function-declaration http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit 64a4b0206bf9f7d28af39cdce8d712b0e6c2b3d2 Author: Simo Sorce i...@samba.org Date: Mon Aug 23 18:21:17 2010 -0400 Do not leak pkt data on the long term cli memory context --- Summary of changes: source3/rpc_client/cli_pipe.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c index 87575cb..d3e0c60 100644 --- a/source3/rpc_client/cli_pipe.c +++ b/source3/rpc_client/cli_pipe.c @@ -383,7 +383,7 @@ static NTSTATUS cli_pipe_validate_current_pdu(TALLOC_CTX *mem_ctx, NTSTATUS ret = NT_STATUS_OK; size_t pad_len = 0; - ret = dcerpc_pull_ncacn_packet(cli, pdu, pkt, false); + ret = dcerpc_pull_ncacn_packet(pkt, pdu, pkt, false); if (!NT_STATUS_IS_OK(ret)) { return ret; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via cbe9f87... s3-ads: Fix wrong test in if statement from 861566c... s3-waf: fix the build. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit cbe9f879afc7b212c1e105fcb54b4563d5f6dfe0 Author: Simo Sorce i...@samba.org Date: Thu Aug 19 07:35:01 2010 -0400 s3-ads: Fix wrong test in if statement --- Summary of changes: source3/include/krb5_protos.h|2 ++ source3/libads/kerberos_keytab.c |2 +- 2 files changed, 3 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/include/krb5_protos.h b/source3/include/krb5_protos.h index e229a14..7ac0f3e 100644 --- a/source3/include/krb5_protos.h +++ b/source3/include/krb5_protos.h @@ -137,6 +137,8 @@ krb5_error_code smb_krb5_get_creds(const char *server_s, krb5_creds **creds_p); char *smb_krb5_principal_get_realm(krb5_context context, krb5_principal principal); + + #endif /* HAVE_KRB5 */ int cli_krb5_get_ticket(TALLOC_CTX *mem_ctx, diff --git a/source3/libads/kerberos_keytab.c b/source3/libads/kerberos_keytab.c index 10c7087..94698c6 100644 --- a/source3/libads/kerberos_keytab.c +++ b/source3/libads/kerberos_keytab.c @@ -56,7 +56,7 @@ static krb5_error_code seek_and_delete_old_entries(krb5_context context, ZERO_STRUCT(zero_kt_entry); ret = krb5_kt_start_seq_get(context, keytab, cursor); - if (ret == KRB5_KT_END ret == ENOENT ) { + if (ret == KRB5_KT_END || ret == ENOENT ) { /* no entries */ return 0; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 71dfa62... s3-ads: cleanup ads_keytab_list() via 64d8300... s3-ads: cleanup ads_keytab_create_default() via 3a99123... s3-ads: cleanup ads_keytab_add_entry() via d6d1ed8... s3-ads: Split, simplify and cleanup keytab functions from b9353c6... s3: Fix serverid_register_msg_flags http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 71dfa62b61380396785c7856c38f45c77c966ff0 Author: Simo Sorce i...@samba.org Date: Wed Aug 18 06:46:53 2010 -0400 s3-ads: cleanup ads_keytab_list() commit 64d8300a56eb0891389a5a2afc5e4902c2d909a2 Author: Simo Sorce i...@samba.org Date: Wed Aug 18 06:09:27 2010 -0400 s3-ads: cleanup ads_keytab_create_default() commit 3a9912370dc36500d207aeb9d1ae58834526b6c3 Author: Simo Sorce i...@samba.org Date: Wed Aug 18 04:33:32 2010 -0400 s3-ads: cleanup ads_keytab_add_entry() commit d6d1ed8bdfb290ac6e1fa4264f2b84d0e4790d98 Author: Simo Sorce i...@samba.org Date: Wed Aug 18 04:16:41 2010 -0400 s3-ads: Split, simplify and cleanup keytab functions add helper function for both smb_krb5_kt_add_entry_ext() and ads_keytab_flush() --- Summary of changes: source3/libads/kerberos_keytab.c | 756 -- 1 files changed, 404 insertions(+), 352 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/libads/kerberos_keytab.c b/source3/libads/kerberos_keytab.c index 386ce83..d2215ec 100644 --- a/source3/libads/kerberos_keytab.c +++ b/source3/libads/kerberos_keytab.c @@ -35,130 +35,184 @@ /** **/ -int smb_krb5_kt_add_entry_ext(krb5_context context, - krb5_keytab keytab, - krb5_kvno kvno, - const char *princ_s, - krb5_enctype *enctypes, - krb5_data password, - bool no_salt, - bool keep_old_entries) +static krb5_error_code seek_and_delete_old_entries(krb5_context context, + krb5_keytab keytab, + krb5_kvno kvno, + const char *princ_s, + krb5_principal princ, + bool flush, + bool keep_old_entries) { - krb5_error_code ret = 0; + krb5_error_code ret; krb5_kt_cursor cursor; + krb5_kt_cursor zero_csr; krb5_keytab_entry kt_entry; - krb5_principal princ = NULL; - int i; + krb5_keytab_entry zero_kt_entry; char *ktprinc = NULL; - ZERO_STRUCT(kt_entry); ZERO_STRUCT(cursor); - - ret = smb_krb5_parse_name(context, princ_s, princ); - if (ret) { - DEBUG(1,(smb_krb5_kt_add_entry_ext: smb_krb5_parse_name(%s) failed (%s)\n, princ_s, error_message(ret))); - goto out; - } + ZERO_STRUCT(zero_csr); + ZERO_STRUCT(kt_entry); + ZERO_STRUCT(zero_kt_entry); - /* Seek and delete old keytab entries */ ret = krb5_kt_start_seq_get(context, keytab, cursor); - if (ret != KRB5_KT_END ret != ENOENT ) { - DEBUG(3,(smb_krb5_kt_add_entry_ext: Will try to delete old keytab entries\n)); - while(!krb5_kt_next_entry(context, keytab, kt_entry, cursor)) { - bool compare_name_ok = False; + if (ret == KRB5_KT_END ret == ENOENT ) { + /* no entries */ + return 0; + } + + DEBUG(3, (__location__ : Will try to delete old keytab entries\n)); + while (!krb5_kt_next_entry(context, keytab, kt_entry, cursor)) { + bool name_ok = False; - ret = smb_krb5_unparse_name(talloc_tos(), context, kt_entry.principal, ktprinc); + if (!flush (princ_s != NULL)) { + ret = smb_krb5_unparse_name(talloc_tos(), context, + kt_entry.principal, + ktprinc); if (ret) { - DEBUG(1,(smb_krb5_kt_add_entry_ext: smb_krb5_unparse_name failed (%s)\n, - error_message(ret))); + DEBUG(1, (__location__ + : smb_krb5_unparse_name failed + (%s)\n, error_message(ret))); goto out
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 1ab17f1... s3-ads: Remove unused wrapper and make function static from d7c8fb2... s3: async cli_list http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 1ab17f13a27429d34439c0ba3b77685e3a55c2c3 Author: Simo Sorce i...@samba.org Date: Wed Aug 18 09:36:54 2010 -0400 s3-ads: Remove unused wrapper and make function static --- Summary of changes: source3/include/krb5_protos.h|8 --- source3/libads/kerberos_keytab.c | 39 +++-- 2 files changed, 12 insertions(+), 35 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/include/krb5_protos.h b/source3/include/krb5_protos.h index 0b8aa71..e229a14 100644 --- a/source3/include/krb5_protos.h +++ b/source3/include/krb5_protos.h @@ -124,14 +124,6 @@ krb5_error_code smb_krb5_keytab_name(TALLOC_CTX *mem_ctx, krb5_context context, krb5_keytab keytab, const char **keytab_name); -int smb_krb5_kt_add_entry_ext(krb5_context context, - krb5_keytab keytab, - krb5_kvno kvno, - const char *princ_s, - krb5_enctype *enctypes, - krb5_data password, - bool no_salt, - bool keep_old_entries); krb5_error_code smb_krb5_get_credentials(krb5_context context, krb5_ccache ccache, krb5_principal me, diff --git a/source3/libads/kerberos_keytab.c b/source3/libads/kerberos_keytab.c index d2215ec..10c7087 100644 --- a/source3/libads/kerberos_keytab.c +++ b/source3/libads/kerberos_keytab.c @@ -180,14 +180,14 @@ out: return ret; } -int smb_krb5_kt_add_entry_ext(krb5_context context, - krb5_keytab keytab, - krb5_kvno kvno, - const char *princ_s, - krb5_enctype *enctypes, - krb5_data password, - bool no_salt, - bool keep_old_entries) +static int smb_krb5_kt_add_entry(krb5_context context, +krb5_keytab keytab, +krb5_kvno kvno, +const char *princ_s, +krb5_enctype *enctypes, +krb5_data password, +bool no_salt, +bool keep_old_entries) { krb5_error_code ret; krb5_keytab_entry kt_entry; @@ -250,23 +250,6 @@ out: return (int)ret; } -static int smb_krb5_kt_add_entry(krb5_context context, -krb5_keytab keytab, -krb5_kvno kvno, -const char *princ_s, -krb5_enctype *enctypes, -krb5_data password) -{ - return smb_krb5_kt_add_entry_ext(context, -keytab, -kvno, -princ_s, -enctypes, -password, -false, -false); -} - /** Adds a single service principal, i.e. 'host' to the system keytab ***/ @@ -415,7 +398,8 @@ int ads_keytab_add_entry(ADS_STRUCT *ads, const char *srvPrinc) /* add the fqdn principal to the keytab */ ret = smb_krb5_kt_add_entry(context, keytab, kvno, - princ_s, enctypes, password); + princ_s, enctypes, password, + false, false); if (ret) { DEBUG(1, (__location__ : Failed to add entry to keytab\n)); goto out; @@ -424,7 +408,8 @@ int ads_keytab_add_entry(ADS_STRUCT *ads, const char *srvPrinc) /* add the short principal name if we have one */ if (short_princ_s) { ret = smb_krb5_kt_add_entry(context, keytab, kvno, - short_princ_s, enctypes, password); + short_princ_s, enctypes, password, + false, false); if (ret) { DEBUG(1, (__location__
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via f40ef7e... s3-dcerpc: Use common send functions for ntlmssp too via 86914b8... s3-dcerpc: properly implement gse/spnego_get_session_key via 26a3ba6... s3-dcerpc: Check data and return appropriate error via 9b8c7d4... s3-dcerpc: Remove unused function via 7b12513... s3-dcerpc: make a few local functions as static via 9a9a38c... Change debug statements to use __location__ via 72a0098... s3-dcerpc: Pull packet in the caller, before validation via 558320c... Add my (c) from 1791d05... s3-samr: Fixed some build warnings. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit f40ef7e24cda2d25dcb04cb7e83cd1f3d62a66e4 Author: Simo Sorce i...@samba.org Date: Tue Aug 3 05:11:28 2010 -0400 s3-dcerpc: Use common send functions for ntlmssp too Remove unused function. commit 86914b8fab764667ca5021f44b61c0222dbb2e09 Author: Simo Sorce i...@samba.org Date: Mon Aug 2 12:15:43 2010 -0400 s3-dcerpc: properly implement gse/spnego_get_session_key commit 26a3ba60e661bc2eaf05a2c03f8851d252515d3e Author: Simo Sorce i...@samba.org Date: Mon Aug 2 12:05:45 2010 -0400 s3-dcerpc: Check data and return appropriate error commit 9b8c7d47f98dffe961dc513f5452dfd72b508136 Author: Simo Sorce i...@samba.org Date: Mon Aug 2 12:18:58 2010 -0400 s3-dcerpc: Remove unused function commit 7b12513d125e13a4db3f32adc05030fbb302f510 Author: Simo Sorce i...@samba.org Date: Mon Aug 2 10:28:10 2010 -0400 s3-dcerpc: make a few local functions as static commit 9a9a38c666a8285fdfac35758aa85f5d33ba6e95 Author: Simo Sorce i...@samba.org Date: Mon Aug 2 10:14:02 2010 -0400 Change debug statements to use __location__ commit 72a0098415c1d676a77a032c0f5fda90e9c1b905 Author: Simo Sorce i...@samba.org Date: Mon Aug 2 10:03:04 2010 -0400 s3-dcerpc: Pull packet in the caller, before validation commit 558320cf582a5ebc50af28061f5e33f7e4158fba Author: Simo Sorce i...@samba.org Date: Mon Aug 2 09:47:01 2010 -0400 Add my (c) --- Summary of changes: source3/include/proto.h |4 - source3/librpc/rpc/dcerpc_gssapi.c | 51 +- source3/librpc/rpc/dcerpc_gssapi.h |3 +- source3/librpc/rpc/dcerpc_helpers.c |1 + source3/librpc/rpc/dcerpc_spnego.c | 11 ++- source3/librpc/rpc/dcerpc_spnego.h |3 +- source3/rpc_client/cli_pipe.c | 184 +++--- source3/rpc_server/srv_pipe.c | 27 + 8 files changed, 147 insertions(+), 137 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/include/proto.h b/source3/include/proto.h index 70a2102..ebb3432 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -4742,10 +4742,6 @@ NTSTATUS rpc_pipe_register_commands(int version, const char *clnt, const struct ndr_syntax_id *interface, const struct api_struct *cmds, int size); bool is_known_pipename(const char *cli_filename, struct ndr_syntax_id *syntax); -bool api_pipe_bind_req(struct pipes_struct *p, struct ncacn_packet *pkt); -bool api_pipe_alter_context(struct pipes_struct *p, struct ncacn_packet *pkt); -void free_pipe_rpc_context( PIPE_RPC_FNS *list ); -bool api_pipe_request(struct pipes_struct *p, struct ncacn_packet *pkt); /* The following definitions come from rpc_server/srv_pipe_hnd.c */ diff --git a/source3/librpc/rpc/dcerpc_gssapi.c b/source3/librpc/rpc/dcerpc_gssapi.c index 2de46b5..777f5f1 100644 --- a/source3/librpc/rpc/dcerpc_gssapi.c +++ b/source3/librpc/rpc/dcerpc_gssapi.c @@ -28,6 +28,21 @@ #include gssapi/gssapi_krb5.h #include gssapi/gssapi_ext.h +#ifndef GSS_KRB5_INQ_SSPI_SESSION_KEY_OID +#define GSS_KRB5_INQ_SSPI_SESSION_KEY_OID_LENGTH 11 +#define GSS_KRB5_INQ_SSPI_SESSION_KEY_OID \x2a\x86\x48\x86\xf7\x12\x01\x02\x02\x05\x05 +#endif + +#ifndef GSS_KRB5_SESSION_KEY_ENCTYPE_OID +#define GSS_KRB5_SESSION_KEY_ENCTYPE_OID_LENGTH 10 +#define GSS_KRB5_SESSION_KEY_ENCTYPE_OID \x2a\x86\x48\x86\xf7\x12\x01\x02\x02\x04 +#endif + +gss_OID_desc gse_sesskey_inq_oid = { GSS_KRB5_INQ_SSPI_SESSION_KEY_OID_LENGTH, + (void *)GSS_KRB5_INQ_SSPI_SESSION_KEY_OID }; +gss_OID_desc gse_sesskeytype_oid = { GSS_KRB5_SESSION_KEY_ENCTYPE_OID_LENGTH, + (void *)GSS_KRB5_SESSION_KEY_ENCTYPE_OID }; + static char *gse_errstr(TALLOC_CTX *mem_ctx, OM_uint32 maj, OM_uint32 min); struct gse_context { @@ -44,8 +59,6 @@ struct gse_context { gss_name_t server_name; gss_cred_id_t cli_creds; - DATA_BLOB session_key; - bool more_processing; }; @@ -348,9 +361,39 @@ bool gse_require_more_processing(struct gse_context *gse_ctx) return gse_ctx-more_processing; } -DATA_BLOB
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 0a89722... s3-ads: Remove unused function and file from aca7b22... s3:winbindd: don't ignore 'result' in wb_dsgetdcname_done() http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 0a89722671aa7fba8d7befa530dc69bb67260919 Author: Simo Sorce i...@samba.org Date: Tue Aug 17 06:40:38 2010 -0400 s3-ads: Remove unused function and file --- Summary of changes: source3/Makefile.in|2 +- source3/libads/ads_proto.h |2 -- source3/libads/ads_utils.c | 28 3 files changed, 1 insertions(+), 31 deletions(-) delete mode 100644 source3/libads/ads_utils.c Changeset truncated at 500 lines: diff --git a/source3/Makefile.in b/source3/Makefile.in index fac4e0b..6d08f43 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -460,7 +460,7 @@ LIBADS_OBJ = libads/ldap.o \ libads/kerberos_util.o \ libads/ldap_user.o \ libads/ads_struct.o libads/kerberos_keytab.o \ - libads/disp_sec.o libads/ads_utils.o libads/ldap_utils.o \ + libads/disp_sec.o libads/ldap_utils.o \ libads/ldap_schema.o libads/util.o libads/ndr.o LIBADS_SERVER_OBJ = libads/kerberos_verify.o libads/authdata.o \ diff --git a/source3/libads/ads_proto.h b/source3/libads/ads_proto.h index aedd23f..b924034 100644 --- a/source3/libads/ads_proto.h +++ b/source3/libads/ads_proto.h @@ -9,8 +9,6 @@ ADS_STRUCT *ads_init(const char *realm, bool ads_set_sasl_wrap_flags(ADS_STRUCT *ads, int flags); void ads_destroy(ADS_STRUCT **ads); -const char *ads_get_ldap_server_name(ADS_STRUCT *ads); - /* The following definitions come from libads/disp_sec.c */ void ads_disp_sd(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, struct security_descriptor *sd); diff --git a/source3/libads/ads_utils.c b/source3/libads/ads_utils.c deleted file mode 100644 index ec3efa8..000 --- a/source3/libads/ads_utils.c +++ /dev/null @@ -1,28 +0,0 @@ -/* - Unix SMB/CIFS implementation. - ads (active directory) utility library - - Copyright (C) Stefan (metze) Metzmacher 2002 - Copyright (C) Andrew Tridgell 2001 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see http://www.gnu.org/licenses/. -*/ - -#include includes.h -#include ads.h - -const char *ads_get_ldap_server_name(ADS_STRUCT *ads) -{ - return ads-config.ldap_server_name; -} -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 71d80e6... s3-krb5 Only build ADS support if arcfour-hmac-md5 is available via fff6fa7... s3:libnet Add other required headers for libnet_samsync_keytab.c from 5390bae... tdb: add TDB_DEPS variable filled with required libraries http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 71d80e6be0687ac7c2f3caab5e7b8caf400fe37e Author: Andrew Bartlett abart...@samba.org Date: Tue Aug 10 08:25:02 2010 +1000 s3-krb5 Only build ADS support if arcfour-hmac-md5 is available Modern Kerberos implementations have either defines or enums for these key types, which makes doing #ifdef difficult. This shows up in files such as libnet_samsync_keytab.c, the bulk of which is not compiled on current Fedora 12, for example. The downside is that this makes Samba unconditionally depend on the arcfour-hmac-md5 encryption type at build time. We will no longer support libraries that only support the DES based encryption types. However, the single-DES types that are supported in common with AD are already painfully weak - so much so that they are disabled by default in modern Kerberos libraries. If not found, ADS support will not be compiled in. This means that our 'net ads join' will no longer set the ACB_USE_DES_KEY_ONLY flag, and we will always try to use arcfour-hmac-md5. A future improvement would be to remove the use of the DES encryption types totally, but this would require that any ACB_USE_DES_KEY_ONLY flag be removed from existing joins. Andrew Bartlett Signed-off-by: Simo Sorce i...@samba.org commit fff6fa72ffa7890cee516bd7e65b50bdb8daf51d Author: Andrew Bartlett abart...@samba.org Date: Tue Aug 10 12:00:29 2010 +1000 s3:libnet Add other required headers for libnet_samsync_keytab.c Due to missing defines in modern kerberos libraries, this code was not compiled and so this wasn't noticed. Andrew Bartlett Signed-off-by: Simo Sorce i...@samba.org --- Summary of changes: source3/configure.in | 20 +++- source3/include/smb_krb5.h |2 +- source3/libads/kerberos_keytab.c |9 - source3/libads/kerberos_verify.c |2 -- source3/libnet/libnet_dssync_keytab.c |4 ++-- source3/libnet/libnet_join.c |6 -- .../libnet/{libnet_join.c = libnet_join.c.orig} |0 source3/libnet/libnet_samsync_keytab.c |7 +-- ...msync_keytab.c = libnet_samsync_keytab.c.orig} |3 +++ source3/libsmb/clikrb5.c |2 -- 10 files changed, 34 insertions(+), 21 deletions(-) copy source3/libnet/{libnet_join.c = libnet_join.c.orig} (100%) copy source3/libnet/{libnet_samsync_keytab.c = libnet_samsync_keytab.c.orig} (99%) Changeset truncated at 500 lines: diff --git a/source3/configure.in b/source3/configure.in index 6b73671..b4564ee 100644 --- a/source3/configure.in +++ b/source3/configure.in @@ -4040,6 +4040,7 @@ if test x$with_ads_support != xno; then [Whether the krb5_keyblock struct has a keyvalue property]) fi + found_arcfour_hmac=no AC_CACHE_CHECK([for ENCTYPE_ARCFOUR_HMAC_MD5], samba_cv_HAVE_ENCTYPE_ARCFOUR_HMAC_MD5,[ AC_TRY_COMPILE([#include krb5.h], @@ -4057,7 +4058,19 @@ if test x$with_ads_support != xno; then if test x$samba_cv_HAVE_ENCTYPE_ARCFOUR_HMAC_MD5 = xyes -a\ x$samba_cv_HAVE_KEYTYPE_ARCFOUR_56 = xyes; then AC_DEFINE(HAVE_ENCTYPE_ARCFOUR_HMAC_MD5,1, - [Whether the ENCTYPE_ARCFOUR_HMAC_MD5 key type is available]) + [Whether the ENCTYPE_ARCFOUR_HMAC_MD5 key type definition is available]) +found_arcfour_hmac=yes + fi + AC_CACHE_CHECK([for ENCTYPE_ARCFOUR_HMAC], + samba_cv_HAVE_ENCTYPE_ARCFOUR_HMAC,[ +AC_TRY_COMPILE([#include krb5.h], + [krb5_enctype enctype; enctype = ENCTYPE_ARCFOUR_HMAC;], + samba_cv_HAVE_ENCTYPE_ARCFOUR_HMAC=yes, + samba_cv_HAVE_ENCTYPE_ARCFOUR_HMAC=no)]) + if test x$samba_cv_HAVE_ENCTYPE_ARCFOUR_HMAC = xyes; then +AC_DEFINE(HAVE_ENCTYPE_ARCFOUR_HMAC,1, + [Whether the ENCTYPE_ARCFOUR_HMAC key type definition is available]) +found_arcfour_hmac=yes fi AC_CACHE_CHECK([for AP_OPTS_USE_SUBKEY], @@ -4300,6 +4313,11 @@ if test x$with_ads_support != xno; then # NOTE: all tests should be done before this block! # # + if test x$found_arcfour_hmac != xyes; then +AC_MSG_WARN(arcfour-hmac-md5 encryption type not found in -lkrb5) +use_ads=no + fi + if test x$ac_cv_lib_ext_krb5_krb5_mk_req_extended != xyes; then AC_MSG_WARN(krb5_mk_req_extended not found
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via ca8db7f... s3-smbd: Publish nt printers. via aff002e... s3-smbd: Move rpc services init to smbd parent. via 62a2a9e... s3-smbd: Regroup some init functions. via 9ab62b7... s3-smbd: Fixed indent. via 4a5cef8... s3-loadparm: Added some comments to lp_load_ex calls. via e180390... s3-smbd: Cleanup the order of the init functions. via 120bd97... s3-smbd: Make sure the event context is initialized. from 2c99eef... s3-build: remove pointless RPC_PARSE_OBJ2. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit ca8db7fd63749989dcb3daae0c38b8b788ebdfb8 Author: Andreas Schneider a...@samba.org Date: Tue Aug 10 13:45:55 2010 +0200 s3-smbd: Publish nt printers. Reloading of the printers requires rpc services up and running! The first call in reload_services will be skipped. Signed-off-by: Simo Sorce i...@samba.org commit aff002e829b8169997f7f446959e2f1d5baf3a60 Author: Andreas Schneider a...@samba.org Date: Tue Aug 10 12:29:27 2010 +0200 s3-smbd: Move rpc services init to smbd parent. The move to the parent makes it possible to use an internal rpc pipe really early and as we migrated serveral parts of samba to rpc function this is required. This should speed up the fork of a smbd a bit cause the rpc services are already running. We still have several problems here which aren't solved. We don't have a dependency tree here. For example we have to make sure that the registry is initialized before we can use the winreg pipe. The spoolss server requires winreg, so we have to start winreg before we can start the spoolss server. I'm sure there are more dependencies. Signed-off-by: Simo Sorce i...@samba.org commit 62a2a9e27f8983717f13dbe3d92b21ed4b9bf22e Author: Andreas Schneider a...@samba.org Date: Tue Aug 10 12:28:46 2010 +0200 s3-smbd: Regroup some init functions. Signed-off-by: Simo Sorce i...@samba.org commit 9ab62b774f071be83375a4b2544a7e70e147e699 Author: Andreas Schneider a...@samba.org Date: Mon Aug 9 15:57:38 2010 +0200 s3-smbd: Fixed indent. Signed-off-by: Simo Sorce i...@samba.org commit 4a5cef82d8c2a0f35e9c06a0dc262fdb367279a1 Author: Andreas Schneider a...@samba.org Date: Mon Aug 9 14:50:12 2010 +0200 s3-loadparm: Added some comments to lp_load_ex calls. Signed-off-by: Simo Sorce i...@samba.org commit e18039062c77947dd4e6d1c841a7c587a85ab8ce Author: Andreas Schneider a...@samba.org Date: Mon Aug 9 14:49:08 2010 +0200 s3-smbd: Cleanup the order of the init functions. Signed-off-by: Simo Sorce i...@samba.org commit 120bd9775a286e173a22f7c90b61e107887122e4 Author: Andreas Schneider a...@samba.org Date: Mon Aug 9 14:47:55 2010 +0200 s3-smbd: Make sure the event context is initialized. Signed-off-by: Simo Sorce i...@samba.org --- Summary of changes: source3/param/loadparm.c | 19 source3/smbd/files.c |5 +- source3/smbd/process.c | 43 +-- source3/smbd/server.c| 95 ++ source3/smbd/server_reload.c |2 +- 5 files changed, 92 insertions(+), 72 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index 90699c0..e5c6038 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -9296,18 +9296,19 @@ bool lp_load(const char *pszFname, save_defaults, add_ipc, initialize_globals, - true, false); + true, /* allow_include_registry */ + false); /* allow_registry_shares*/ } bool lp_load_initial_only(const char *pszFname) { return lp_load_ex(pszFname, - true, - false, - false, - true, - false, - false); + true, /* global only */ + false, /* save_defaults */ + false, /* add_ipc */ + true, /* initialize_globals */ + false, /* allow_include_registry */ + false); /* allow_registry_shares*/ } bool lp_load_with_registry_shares(const char *pszFname, @@ -9321,8 +9322,8 @@ bool lp_load_with_registry_shares(const char *pszFname, save_defaults, add_ipc, initialize_globals, - true, - true); + true, /* allow_include_registry
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 57bd974... s3-dcerpc: Use dcerpc_guess_sizes in the server code too. via 4c64e4d... s3-dceprc: Improve dcerpc_guess_sizes() interface via 3469fbc... s3-dcerpc: rationalize packet creation in the server code via a9d3a59... s3-dcerpc: Make function to guess pdu sizes common. via 9329a9f... s3-dceprc: consolidate use of dcerpc_push_dcerpc_auth() via da6c246... s3-dcerpc: Remove unused functions via 186f936... s3-dcerpc: use common spengo wrapper code for client SPNEGO/NTLMSSP via 984438c... s3-dcerpc: add sign/seal support when using SPNEGO/KRB5 via 0b24e8e... s3-dcerpc: Add SPNEGO incapsulation for KRB5 auth via e286b9c... rpcclient: Use DCERPC_AUTH_LEVEL_CONNECT if no sign/seal is set for ntlmssp from fcdda8f... s3: Remove cli from struct finfo http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 57bd974e5865212641f6941dd875bc1bc4967ed9 Author: Simo Sorce i...@samba.org Date: Fri Jul 30 14:01:01 2010 -0400 s3-dcerpc: Use dcerpc_guess_sizes in the server code too. commit 4c64e4d4af3403559b370381d7f14a83a39adfa7 Author: Simo Sorce i...@samba.org Date: Fri Jul 30 13:12:35 2010 -0400 s3-dceprc: Improve dcerpc_guess_sizes() interface Make it possible to pass in the NDR padding size so that theoretically client and server code can decide to use a different alignment. Pass in the header length as a parameter so that this function can be used for different type of packets. Make sure padding size will not make the fragment exceed the maximum length. Calculate padding taking in account the header length. commit 3469fbc5e4098e798a03d14fece24fde2b60d9b9 Author: Simo Sorce i...@samba.org Date: Fri Jul 30 12:19:20 2010 -0400 s3-dcerpc: rationalize packet creation in the server code Move all related functions into create_next_packet, but make it transport neutral (not pass in pipse_struct) commit a9d3a596a7c4d7e5775751cbce74e2fb07ce2192 Author: Simo Sorce i...@samba.org Date: Fri Jul 30 11:27:40 2010 -0400 s3-dcerpc: Make function to guess pdu sizes common. commit 9329a9fe848761e2835ff58123d8f64d8bab35b2 Author: Simo Sorce i...@samba.org Date: Thu Jul 29 20:20:49 2010 -0400 s3-dceprc: consolidate use of dcerpc_push_dcerpc_auth() commit da6c246aacc298ec0c7536289afbd9e0d99ea130 Author: Simo Sorce i...@samba.org Date: Thu Jul 29 20:21:53 2010 -0400 s3-dcerpc: Remove unused functions commit 186f93633b4890c444115ac4eed109aa24f20b44 Author: Simo Sorce i...@samba.org Date: Thu Jul 29 19:55:44 2010 -0400 s3-dcerpc: use common spengo wrapper code for client SPNEGO/NTLMSSP commit 984438ca1522bfc2d882b2e3e7e8db187577e05a Author: Simo Sorce i...@samba.org Date: Thu Jul 29 16:34:39 2010 -0400 s3-dcerpc: add sign/seal support when using SPNEGO/KRB5 commit 0b24e8e869207dcb567b61272794daef48ee492a Author: Simo Sorce i...@samba.org Date: Wed Jul 28 17:06:51 2010 -0400 s3-dcerpc: Add SPNEGO incapsulation for KRB5 auth commit e286b9c0bd7bf553f216d7c8288bb75a6b3dde95 Author: Simo Sorce i...@samba.org Date: Thu Jul 29 20:07:19 2010 -0400 rpcclient: Use DCERPC_AUTH_LEVEL_CONNECT if no sign/seal is set for ntlmssp --- Summary of changes: source3/Makefile.in |5 +- source3/include/ntdomain.h |5 +- source3/include/proto.h |8 + source3/librpc/rpc/dcerpc.h |5 + source3/librpc/rpc/dcerpc_helpers.c | 476 +- source3/librpc/rpc/dcerpc_spnego.c | 354 +++ source3/librpc/rpc/dcerpc_spnego.h | 53 +++ source3/rpc_client/cli_pipe.c | 638 +-- source3/rpc_server/srv_pipe.c | 179 --- source3/rpcclient/rpcclient.c | 45 ++- 10 files changed, 1132 insertions(+), 636 deletions(-) create mode 100644 source3/librpc/rpc/dcerpc_spnego.c create mode 100644 source3/librpc/rpc/dcerpc_spnego.h Changeset truncated at 500 lines: diff --git a/source3/Makefile.in b/source3/Makefile.in index 91856c2..bf2646d 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -676,7 +676,9 @@ RPC_SERVER_OBJ = @RPC_STATIC@ $(RPC_PIPE_OBJ) $(NPA_TSTREAM_OBJ) RPC_PARSE_OBJ = $(RPC_PARSE_OBJ2) -RPC_CLIENT_OBJ = rpc_client/cli_pipe.o librpc/rpc/dcerpc_gssapi.o \ +RPC_CLIENT_OBJ = rpc_client/cli_pipe.o \ +librpc/rpc/dcerpc_gssapi.o \ +librpc/rpc/dcerpc_spnego.o \ librpc/rpc/rpc_common.o \ rpc_client/rpc_transport_np.o \ rpc_client/rpc_transport_sock.o \ @@ -1355,6 +1357,7 @@ RPC_OPEN_TCP_OBJ = torture/rpc_open_tcp.o \ librpc/rpc/rpc_common.o \ rpc_client/cli_pipe.o
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 28c7456... cleanups: Trailing spaces, line length, etc... from 57bd974... s3-dcerpc: Use dcerpc_guess_sizes in the server code too. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 28c74564c5bd3c972745deaa904ec8695f21ea1f Author: Simo Sorce i...@samba.org Date: Fri Jul 30 16:34:53 2010 -0400 cleanups: Trailing spaces, line length, etc... --- Summary of changes: source3/libads/kerberos_verify.c | 274 ++--- 1 files changed, 163 insertions(+), 111 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/libads/kerberos_verify.c b/source3/libads/kerberos_verify.c index 10edd07..2047f0e 100644 --- a/source3/libads/kerberos_verify.c +++ b/source3/libads/kerberos_verify.c @@ -1,24 +1,24 @@ -/* +/* Unix SMB/CIFS implementation. kerberos utility library Copyright (C) Andrew Tridgell 2001 Copyright (C) Remus Koos 2001 - Copyright (C) Luke Howard 2003 + Copyright (C) Luke Howard 2003 Copyright (C) Guenther Deschner 2003, 2005 Copyright (C) Jim McDonough (j...@us.ibm.com) 2003 Copyright (C) Andrew Bartlett abart...@samba.org 2004-2005 Copyright (C) Jeremy Allison 2007 - + This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version. - + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/. */ @@ -113,11 +113,11 @@ static bool ads_dedicated_keytab_verify_ticket(krb5_context context, return auth_ok; } -/** - Try to verify a ticket using the system keytab... the system keytab has kvno -1 entries, so - it's more like what microsoft does... see comment in utils/net_ads.c in the - ads_keytab_add_entry function for details. -***/ +/** + Try to verify a ticket using the system keytab... the system keytab has + kvno -1 entries, so it's more like what microsoft does... see comment in + utils/net_ads.c in the ads_keytab_add_entry function for details. +**/ static bool ads_keytab_verify_ticket(krb5_context context, krb5_auth_context auth_context, @@ -131,12 +131,14 @@ static bool ads_keytab_verify_ticket(krb5_context context, krb5_keytab keytab = NULL; krb5_kt_cursor kt_cursor; krb5_keytab_entry kt_entry; - char *valid_princ_formats[7] = { NULL, NULL, NULL, NULL, NULL, NULL, NULL }; + char *valid_princ_formats[7] = { NULL, NULL, NULL, +NULL, NULL, NULL, NULL }; char *entry_princ_s = NULL; fstring my_name, my_fqdn; int i; int number_matched_principals = 0; krb5_data packet; + int err; *pp_tkt = NULL; *keyblock = NULL; @@ -151,25 +153,39 @@ static bool ads_keytab_verify_ticket(krb5_context context, my_fqdn[0] = '\0'; name_to_fqdn(my_fqdn, global_myname()); - if (asprintf(valid_princ_formats[0], %...@%s, my_name, lp_realm()) == -1) { + err = asprintf(valid_princ_formats[0], + %...@%s, my_name, lp_realm()); + if (err == -1) { goto out; } - if (asprintf(valid_princ_formats[1], host/%...@%s, my_name, lp_realm()) == -1) { + err = asprintf(valid_princ_formats[1], + host/%...@%s, my_name, lp_realm()); + if (err == -1) { goto out; } - if (asprintf(valid_princ_formats[2], host/%...@%s, my_fqdn, lp_realm()) == -1) { + err = asprintf(valid_princ_formats[2], + host/%...@%s, my_fqdn, lp_realm()); + if (err == -1) { goto out; } - if (asprintf(valid_princ_formats[3], host/%s...@%s, my_name, lp_realm(), lp_realm()) == -1) { + err = asprintf(valid_princ_formats[3], + host/%s...@%s, my_name, lp_realm(), lp_realm()); + if (err == -1) { goto out; } - if (asprintf(valid_princ_formats[4], cifs/%...@%s, my_name, lp_realm()) == -1
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 7208809... rpcclient: Use DCERPC_AUTH_LEVEL_CONNECT if no sign/seal is set for krb5 auth via 183e0a0... s3-dcerpc: Refactor calculate_data_len_tosend() via c08d684... s3-dcerpc: Add auth trailer only when appropriate. via 866f85e... s3-dcerpc: consolidate unmarshalling of dcerpc_auth via 146af48... s3-dcerpc: revive cli_rpc_pipe_open_krb5() via 250e341... misc: Remove unused structure elements via b00f9a0... s3-rpcclient: Allow choosing spnego mech: (ntlm/krb5) via 2463a87... s3-dcerpc: Use dcerpc_AuthType in pipe_auth_data via 1e915d2... s3-dcerpc: Cleanup and refactor create_rpc_bind_req() via 3c3237d... s3-auth: Remove unimplemented functions via bfe53d4... s3-dcerpc: Set flags directly instead of calling unimplemented functions. via 7407c97... s3-dcerpc: Use dcerpc_check_auth in client code too via 9565e3f... s3-dcerpc: Make dcerpc_check_auth() common code via 5f2cca6... s3-dcerpc: Add the same paranoia checks we have in the client code via 49a8c29... s3-dcerpc: Split auth checking into a generic function. via 1fc71c9... s3-dcerpc do not pass pipes_struct to dcesrv_auth_request() via 2ce169c... s3-dcerpc: Make dcesrv_auth_request() return NTSTATUS codes via aa4c5a2... s3-dcerpc: Use the common dcerpc_add_auth_footer() in the server code via 3139333... s3-dcerpc: Move dcerpc_add_auth_footer() to the common helpers file via 6f5cdf9... s3-dcerpc: Introduce generic helper function to add auth trailer via 1b57249... s3-dcerpc: Pass explicit arguments so that this is not client specific via e2b0e43... s3-dcerpc: Move marshalling of dcerpc_auth_header in the callers from 6ffd7dc... s3-rpc: Use struct pipes_struct. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 72088096af8dbf57cbc85c71cd0eef4447e7560d Author: Simo Sorce i...@samba.org Date: Wed Jul 21 12:11:37 2010 -0400 rpcclient: Use DCERPC_AUTH_LEVEL_CONNECT if no sign/seal is set for krb5 auth commit 183e0a0d9f87bc619cd832decf5745be1d28f598 Author: Simo Sorce i...@samba.org Date: Thu Jul 22 16:14:16 2010 -0400 s3-dcerpc: Refactor calculate_data_len_tosend() commit c08d684f4ef679831e8fed69cd87e4d9b06cb3e0 Author: Simo Sorce i...@samba.org Date: Wed Jul 21 13:33:09 2010 -0400 s3-dcerpc: Add auth trailer only when appropriate. commit 866f85e31973de356c3843836d5cacdbdf245e32 Author: Simo Sorce i...@samba.org Date: Wed Jul 21 12:12:58 2010 -0400 s3-dcerpc: consolidate unmarshalling of dcerpc_auth commit 146af48d4887e8fa0c66bf53aa5f204366648478 Author: Simo Sorce i...@samba.org Date: Tue Jul 20 18:43:37 2010 -0400 s3-dcerpc: revive cli_rpc_pipe_open_krb5() commit 250e341e0aad67c2f70fea597f34deadea1d2ccc Author: Simo Sorce i...@samba.org Date: Tue Jul 20 18:39:46 2010 -0400 misc: Remove unused structure elements commit b00f9a0a2d3b692dd12e182a2a4a7979c626dec7 Author: Simo Sorce i...@samba.org Date: Tue Jul 20 17:26:32 2010 -0400 s3-rpcclient: Allow choosing spnego mech: (ntlm/krb5) commit 2463a871776bb4de8653d6a44469d2adb3ec9418 Author: Simo Sorce i...@samba.org Date: Tue Jul 20 13:26:36 2010 -0400 s3-dcerpc: Use dcerpc_AuthType in pipe_auth_data commit 1e915d231d4191bf3a0bb54ba99a31ad6b2afd3b Author: Simo Sorce i...@samba.org Date: Tue Jul 20 11:49:23 2010 -0400 s3-dcerpc: Cleanup and refactor create_rpc_bind_req() commit 3c3237dd0afa37ba0e545424f5008973b645cf96 Author: Simo Sorce i...@samba.org Date: Tue Jul 20 11:23:11 2010 -0400 s3-auth: Remove unimplemented functions commit bfe53d414548cd8a0226136b73cf2b766b6a61ef Author: Simo Sorce i...@samba.org Date: Tue Jul 20 11:22:50 2010 -0400 s3-dcerpc: Set flags directly instead of calling unimplemented functions. commit 7407c979a1469997c9277c501787b5f16aac Author: Simo Sorce i...@samba.org Date: Mon Jul 19 20:03:08 2010 -0400 s3-dcerpc: Use dcerpc_check_auth in client code too commit 9565e3f6a7ef2fb590558eb7b29c6c2fc657fca9 Author: Simo Sorce i...@samba.org Date: Mon Jul 19 19:49:35 2010 -0400 s3-dcerpc: Make dcerpc_check_auth() common code commit 5f2cca6b2a7b8b7bad4a47a2bd31174c45fa2611 Author: Simo Sorce i...@samba.org Date: Mon Jul 19 19:42:12 2010 -0400 s3-dcerpc: Add the same paranoia checks we have in the client code commit 49a8c2965d2982e6510609fa9772a56597494641 Author: Simo Sorce i...@samba.org Date: Mon Jul 19 19:34:34 2010 -0400 s3-dcerpc: Split auth checking into a generic function. commit 1fc71c9c6ff26f2d49f314b8425c6cd4c91683f3 Author: Simo Sorce i...@samba.org Date: Mon Jul 19 17:51:18 2010 -0400 s3-dcerpc do not pass pipes_struct to dcesrv_auth_request() commit 2ce169ce187cc7229aecdc3e5cd889c5194956aa Author: Simo Sorce i...@samba.org Date: Mon
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 7eaa15a... s3-dcerpc: Add sign/seal with gssapi via 1abcbd7... s3-dcerpc: Add next authentication step with gssapi via 135a82e... s3-decrpc: Introduce gssapi support for dcerpc krb5 auth from 7208809... rpcclient: Use DCERPC_AUTH_LEVEL_CONNECT if no sign/seal is set for krb5 auth http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 7eaa15af2c5b544946bfb2b8c522ba9677527972 Author: Simo Sorce i...@samba.org Date: Sat Jul 24 13:02:57 2010 -0400 s3-dcerpc: Add sign/seal with gssapi commit 1abcbd70aed327ae5233423ce74662241fa9d21a Author: Simo Sorce i...@samba.org Date: Sat Jul 24 10:35:25 2010 -0400 s3-dcerpc: Add next authentication step with gssapi commit 135a82e78f9537fb7b7f4b82fb7cba065737675f Author: Simo Sorce i...@samba.org Date: Fri Jul 23 14:47:36 2010 -0400 s3-decrpc: Introduce gssapi support for dcerpc krb5 auth --- Summary of changes: source3/Makefile.in |4 +- source3/configure.in|3 +- source3/include/ntdomain.h |8 +- source3/librpc/rpc/dcerpc_gssapi.c | 637 +++ source3/librpc/rpc/dcerpc_gssapi.h | 58 source3/librpc/rpc/dcerpc_helpers.c | 86 + source3/rpc_client/cli_pipe.c | 263 +++ 7 files changed, 919 insertions(+), 140 deletions(-) create mode 100644 source3/librpc/rpc/dcerpc_gssapi.c create mode 100644 source3/librpc/rpc/dcerpc_gssapi.h Changeset truncated at 500 lines: diff --git a/source3/Makefile.in b/source3/Makefile.in index 1b641a4..91856c2 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -676,7 +676,8 @@ RPC_SERVER_OBJ = @RPC_STATIC@ $(RPC_PIPE_OBJ) $(NPA_TSTREAM_OBJ) RPC_PARSE_OBJ = $(RPC_PARSE_OBJ2) -RPC_CLIENT_OBJ = rpc_client/cli_pipe.o librpc/rpc/rpc_common.o \ +RPC_CLIENT_OBJ = rpc_client/cli_pipe.o librpc/rpc/dcerpc_gssapi.o \ +librpc/rpc/rpc_common.o \ rpc_client/rpc_transport_np.o \ rpc_client/rpc_transport_sock.o \ rpc_client/rpc_transport_smbd.o @@ -1353,6 +1354,7 @@ RPC_OPEN_TCP_OBJ = torture/rpc_open_tcp.o \ $(RPC_CLIENT_OBJ1) \ librpc/rpc/rpc_common.o \ rpc_client/cli_pipe.o \ + librpc/rpc/dcerpc_gssapi.o \ ../librpc/rpc/binding.o \ $(LIBMSRPC_GEN_OBJ) diff --git a/source3/configure.in b/source3/configure.in index 905ad23..4b92cd6 100644 --- a/source3/configure.in +++ b/source3/configure.in @@ -3749,7 +3749,7 @@ if test x$with_ads_support != xno; then # now check for gssapi headers. This is also done here to allow for # different kerberos include paths - AC_CHECK_HEADERS(gssapi.h gssapi/gssapi_generic.h gssapi/gssapi.h com_err.h) + AC_CHECK_HEADERS(gssapi.h gssapi/gssapi_generic.h gssapi/gssapi.h gssapi/gssapi_ext.h com_err.h) ## # we might need the k5crypto and com_err libraries on some systems @@ -3774,6 +3774,7 @@ if test x$with_ads_support != xno; then # now see if we can find the gssapi libs in standard paths if test x$have_gssapi != xyes; then AC_CHECK_LIB_EXT(gssapi_krb5, KRB5_LIBS,gss_display_status,[],[],have_gssapi=yes) + AC_CHECK_FUNC_EXT(gss_wrap_iov, $KRB5_LIBS) fi AC_CHECK_FUNC_EXT(krb5_set_real_time, $KRB5_LIBS) diff --git a/source3/include/ntdomain.h b/source3/include/ntdomain.h index c843bc9..0651381 100644 --- a/source3/include/ntdomain.h +++ b/source3/include/ntdomain.h @@ -99,11 +99,7 @@ enum pipe_auth_type_spnego { PIPE_AUTH_TYPE_SPNEGO_KRB5 }; -/* auth state for krb5. */ -struct kerberos_auth_struct { - const char *service_principal; - DATA_BLOB session_key; -}; +struct gse_context; /* auth state for all bind types. */ @@ -115,7 +111,7 @@ struct pipe_auth_data { union { struct schannel_state *schannel_auth; struct auth_ntlmssp_state *auth_ntlmssp_state; - struct kerberos_auth_struct *kerberos_auth; /* Client only for now */ + struct gse_context *gssapi_state; /* Client only for now */ } a_u; /* Only the client code uses these 3 for now */ diff --git a/source3/librpc/rpc/dcerpc_gssapi.c b/source3/librpc/rpc/dcerpc_gssapi.c new file mode 100644 index 000..8c0ad6a --- /dev/null +++ b/source3/librpc/rpc/dcerpc_gssapi.c @@ -0,0 +1,637 @@ +/* + * GSSAPI Security Extensions + * RPC Pipe client routines + * Copyright (C) Simo Sorce 2010. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via c4b3c9e... smbd: Fix build warning from 7eaa15a... s3-dcerpc: Add sign/seal with gssapi http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c4b3c9ec0f2efa937529160999f7e44bcad3591f Author: Simo Sorce i...@samba.org Date: Wed Jul 28 12:44:37 2010 -0400 smbd: Fix build warning --- Summary of changes: source3/smbd/process.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/process.c b/source3/smbd/process.c index d91c07e..b867ba1 100644 --- a/source3/smbd/process.c +++ b/source3/smbd/process.c @@ -2857,7 +2857,7 @@ fail: return false; } -static bool spoolss_init_cb(void) +static bool spoolss_init_cb(void *ptr) { return nt_printing_tdb_migrate(); } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via d17abc6... s3-dcerpc: Avoid ifdef, it is handled within dcerpc_gssapi.c already from 44add99... s3: Fix cli_qpathinfo2 http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit d17abc69f690ccc845a0a1d6d291b6e21ce86b3d Author: Simo Sorce i...@samba.org Date: Wed Jul 28 15:35:02 2010 -0400 s3-dcerpc: Avoid ifdef, it is handled within dcerpc_gssapi.c already --- Summary of changes: source3/rpc_client/cli_pipe.c |9 ++--- 1 files changed, 2 insertions(+), 7 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c index 8588875..bbd869e 100644 --- a/source3/rpc_client/cli_pipe.c +++ b/source3/rpc_client/cli_pipe.c @@ -3344,7 +3344,6 @@ NTSTATUS cli_rpc_pipe_open_krb5(struct cli_state *cli, const char *password, struct rpc_pipe_client **presult) { -#ifdef HAVE_GSSAPI_H struct rpc_pipe_client *result; struct pipe_auth_data *auth; NTSTATUS status; @@ -3367,18 +3366,14 @@ NTSTATUS cli_rpc_pipe_open_krb5(struct cli_state *cli, status = rpc_pipe_bind(result, auth); if (!NT_STATUS_IS_OK(status)) { - DEBUG(0, (cli_rpc_pipe_open_krb5: cli_rpc_pipe_bind failed - with error %s\n, nt_errstr(status))); + DEBUG(0, (cli_rpc_pipe_bind failed with error %s\n, + nt_errstr(status))); TALLOC_FREE(result); return status; } *presult = result; return NT_STATUS_OK; -#else - DEBUG(0,(cli_rpc_pipe_open_krb5: kerberos not found at compile time.\n)); - return NT_STATUS_NOT_IMPLEMENTED; -#endif } NTSTATUS cli_get_session_key(TALLOC_CTX *mem_ctx, -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 7c9c075... Do not refernece pipe_auth_data directly in dcerpc_gssapi.c from d17abc6... s3-dcerpc: Avoid ifdef, it is handled within dcerpc_gssapi.c already http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 7c9c075987e7cdb2d5cb6311876f088f907e46f2 Author: Simo Sorce i...@samba.org Date: Wed Jul 28 15:53:56 2010 -0400 Do not refernece pipe_auth_data directly in dcerpc_gssapi.c --- Summary of changes: source3/librpc/rpc/dcerpc_gssapi.c | 48 +++--- source3/librpc/rpc/dcerpc_gssapi.h |2 +- source3/rpc_client/cli_pipe.c | 50 +++ 3 files changed, 55 insertions(+), 45 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/librpc/rpc/dcerpc_gssapi.c b/source3/librpc/rpc/dcerpc_gssapi.c index 8c0ad6a..56f2a53 100644 --- a/source3/librpc/rpc/dcerpc_gssapi.c +++ b/source3/librpc/rpc/dcerpc_gssapi.c @@ -169,9 +169,8 @@ NTSTATUS gse_init_client(TALLOC_CTX *mem_ctx, const char *username, const char *password, uint32_t add_gss_c_flags, - struct pipe_auth_data **_auth) + struct gse_context **_gse_ctx) { - struct pipe_auth_data *auth; struct gse_context *gse_ctx; OM_uint32 gss_maj, gss_min; gss_buffer_desc name_buffer = {0, NULL}; @@ -182,42 +181,15 @@ NTSTATUS gse_init_client(TALLOC_CTX *mem_ctx, return NT_STATUS_INVALID_PARAMETER; } - auth = talloc(mem_ctx, struct pipe_auth_data); - if (auth == NULL) { - return NT_STATUS_NO_MEMORY; - } - - auth-auth_type = auth_type; - if (auth_type == DCERPC_AUTH_TYPE_SPNEGO) { - auth-spnego_type = PIPE_AUTH_TYPE_SPNEGO_KRB5; - } - auth-auth_level = auth_level; - - if (!username) { - username = ; - } - - auth-user_name = talloc_strdup(auth, username); - if (!auth-user_name) { - status = NT_STATUS_NO_MEMORY; - goto err_out; - } - - /* Fixme, should we fetch/set the Realm ? */ - auth-domain = talloc_strdup(auth, ); - if (!auth-domain) { - status = NT_STATUS_NO_MEMORY; - goto err_out; - } - - status = gse_context_init(auth, auth_type, auth_level, + status = gse_context_init(mem_ctx, auth_type, auth_level, ccache_name, add_gss_c_flags, gse_ctx); if (!NT_STATUS_IS_OK(status)) { - goto err_out; + return NT_STATUS_NO_MEMORY; } - name_buffer.value = talloc_asprintf(auth, %...@%s, service, server); + name_buffer.value = talloc_asprintf(gse_ctx, + %...@%s, service, server); if (!name_buffer.value) { status = NT_STATUS_NO_MEMORY; goto err_out; @@ -229,7 +201,7 @@ NTSTATUS gse_init_client(TALLOC_CTX *mem_ctx, if (gss_maj) { DEBUG(0, (gss_import_name failed for %s, with [%s]\n, (char *)name_buffer.value, - gse_errstr(auth, gss_maj, gss_min))); + gse_errstr(gse_ctx, gss_maj, gss_min))); status = NT_STATUS_INTERNAL_ERROR; goto err_out; } @@ -250,18 +222,18 @@ NTSTATUS gse_init_client(TALLOC_CTX *mem_ctx, if (gss_maj) { DEBUG(0, (gss_acquire_creds failed for %s, with [%s]\n, (char *)name_buffer.value, - gse_errstr(auth, gss_maj, gss_min))); + gse_errstr(gse_ctx, gss_maj, gss_min))); status = NT_STATUS_INTERNAL_ERROR; goto err_out; } - auth-a_u.gssapi_state = gse_ctx; - *_auth = auth; + *_gse_ctx = gse_ctx; TALLOC_FREE(name_buffer.value); return NT_STATUS_OK; err_out: - TALLOC_FREE(auth); + TALLOC_FREE(name_buffer.value); + TALLOC_FREE(gse_ctx); return status; } diff --git a/source3/librpc/rpc/dcerpc_gssapi.h b/source3/librpc/rpc/dcerpc_gssapi.h index 6367990..3152033 100644 --- a/source3/librpc/rpc/dcerpc_gssapi.h +++ b/source3/librpc/rpc/dcerpc_gssapi.h @@ -35,7 +35,7 @@ NTSTATUS gse_init_client(TALLOC_CTX *mem_ctx, const char *username, const char *password, uint32_t add_gss_c_flags, - struct pipe_auth_data **_auth); + struct gse_context **_gse_ctx); NTSTATUS gse_get_client_auth_token(TALLOC_CTX *mem_ctx
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via e8ac4a8... s3-dcerpc: Try to fix build when gssapi_ext.h is not available from 7c9c075... Do not refernece pipe_auth_data directly in dcerpc_gssapi.c http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit e8ac4a8b82798ef0691d384f59d880dc38b56592 Author: Simo Sorce i...@samba.org Date: Wed Jul 28 17:06:14 2010 -0400 s3-dcerpc: Try to fix build when gssapi_ext.h is not available --- Summary of changes: source3/librpc/rpc/dcerpc_gssapi.c | 82 +--- 1 files changed, 39 insertions(+), 43 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/librpc/rpc/dcerpc_gssapi.c b/source3/librpc/rpc/dcerpc_gssapi.c index 56f2a53..c9496ab 100644 --- a/source3/librpc/rpc/dcerpc_gssapi.c +++ b/source3/librpc/rpc/dcerpc_gssapi.c @@ -20,12 +20,13 @@ /* We support only GSSAPI/KRB5 here */ #include includes.h +#include dcerpc_gssapi.h + +#if defined(HAVE_GSSAPI_GSSAPI_EXT_H) defined(HAVE_GSS_WRAP_IOV) + #include gssapi/gssapi.h #include gssapi/gssapi_krb5.h #include gssapi/gssapi_ext.h -#include dcerpc_gssapi.h - -#ifdef HAVE_GSSAPI_H static char *gse_errstr(TALLOC_CTX *mem_ctx, OM_uint32 maj, OM_uint32 min); @@ -352,43 +353,6 @@ DATA_BLOB gse_get_session_key(struct gse_context *gse_ctx) return gse_ctx-session_key; } -#else /* HAVE_GSSAPI_H */ - -NTSTATUS gse_init_client(TALLOC_CTX *mem_ctx, - enum dcerpc_AuthType auth_type, - enum dcerpc_AuthLevel auth_level, - const char *ccache_name, - const char *server, - const char *service, - const char *username, - const char *password, - uint32_t add_gss_c_flags, - struct pipe_auth_data **_auth) -{ - return NT_STATUS_NOT_IMPLEMENTED; -} - -NTSTATUS gse_gen_client_auth_token(TALLOC_CTX *mem_ctx, - struct gse_context *gse_ctx, - DATA_BLOB *auth_blob) -{ - return NT_STATUS_NOT_IMPLEMENTED; -} - -bool gse_require_more_processing(struct gse_context *gse_ctx) -{ - return NT_STATUS_NOT_IMPLEMENTED; -} - -DATA_BLOB gse_get_session_key(struct gse_context *gse_ctx) -{ - return data_blob_null; -} - -#endif /* HAVE_GSSAPI_H */ - -#ifdef HAVE_GSS_WRAP_IOV - size_t gse_get_signature_length(struct gse_context *gse_ctx, int seal, size_t payload_size) { @@ -574,12 +538,44 @@ done: return status; } -#else /* HAVE_GSS_WRAP_IOV */ +#else + +NTSTATUS gse_init_client(TALLOC_CTX *mem_ctx, + enum dcerpc_AuthType auth_type, + enum dcerpc_AuthLevel auth_level, + const char *ccache_name, + const char *server, + const char *service, + const char *username, + const char *password, + uint32_t add_gss_c_flags, + struct gse_context **_gse_ctx) +{ + return NT_STATUS_NOT_IMPLEMENTED; +} + +NTSTATUS gse_get_client_auth_token(TALLOC_CTX *mem_ctx, + struct gse_context *gse_ctx, + DATA_BLOB *token_in, + DATA_BLOB *token_out) +{ + return NT_STATUS_NOT_IMPLEMENTED; +} + +bool gse_require_more_processing(struct gse_context *gse_ctx) +{ + return false; +} + +DATA_BLOB gse_get_session_key(struct gse_context *gse_ctx) +{ + return data_blob_null; +} size_t gse_get_signature_length(struct gse_context *gse_ctx, int seal, size_t payload_size) { - return NT_STATUS_NOT_IMPLEMENTED; + return 0; } NTSTATUS gse_seal(TALLOC_CTX *mem_ctx, struct gse_context *gse_ctx, @@ -606,4 +602,4 @@ NTSTATUS gse_sigcheck(TALLOC_CTX *mem_ctx, struct gse_context *gse_ctx, return NT_STATUS_NOT_IMPLEMENTED; } -#endif /* HAVE_GSS_WRAP_IOV */ +#endif /* HAVE_GSSAPI_EXT_H HAVE_GSS_WRAP_IOV */ -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
spoolss_SetForm to the winreg function. via 76f72fe... s3-spoolss: Migrated spoolss_DeleteForm to the winreg function. via fad361a... s3-spoolss: Migrated spoolss_AddForm to the winreg function. via 2ae1796... s3-spoolss: Migrated spoolss_EnumForms to the winreg function. via 142431d... s3-spoolss: Migrated spoolss_DeletePrinterKey to the winreg functions. via fb5529f... s3-spoolss: Migrated spoolss_DeletePrinterDataEx to the winreg functions. via e210230... s3-spoolss: Migrated spoolss_EnumPrinterKey to the winreg functions. via df35b34... s3-spoolss: Migrated spoolss_EnumPrinterDataEx to the winreg functions. via 795618a... s3-spoolss: Migrated spoolss_GetPrinterDataEx to the winreg functions. via 3d7e99e... s3-spoolss: Migrated spoolss_SetPrinterDataEx to the winreg functions. via 71be0ec... s3-registry: Redirect KEY_CONTROL_PRINTERS to KEY_WINNT_PRINTERS. via 65eb38b... s3-registry: Init all needed registry keys for printing. via 5604a78... s3-spoolss: Migrated NT_DEVICEMODE to spoolss_DeviceMode. via 104c419... s4-torture: Disable setting REG_BINARY printer data with size 0. from 6446c75... Fix several places where talloc_asprintf returns were unchecked. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 9168713774c02ba2f71d89379cc239a900ebeafe Author: Andreas Schneider a...@samba.org Date: Tue Jul 27 12:27:54 2010 +0200 s3-spoolss: Fixed FILL_DRIVER_STRING leading to wrong results. commit 90c17828824401c7be065a7bbf706dcafef0fc31 Author: Simo Sorce i...@samba.org Date: Mon Jul 26 18:28:15 2010 -0400 s3-spoolss: Avoid segfault, check drivername is actually not NULL. commit 6cd2f2ff31768a40ca60112964b35bf040b2e6d8 Author: Simo Sorce i...@samba.org Date: Mon Jul 26 19:14:03 2010 +0200 s3-spoolss: Fixed a possible segfault in winreg_get_printer. commit bb0226f10ef86296af273ea0e9692b72d0ead4c2 Author: Andreas Schneider a...@samba.org Date: Mon Jul 26 18:12:13 2010 +0200 s3-spoolss: Correctly set the default values. commit b95d5563ddff7aec15f4138be731578785dca7ec Author: Andreas Schneider a...@samba.org Date: Tue Jun 15 13:37:44 2010 +0200 s3-printing: Added automatic migration of printing tdbs. Signed-off-by: Jim McDonough j...@samba.org commit 924cc43d1b8f8358f7c7aaef16b06437e39cd05b Author: Andreas Schneider a...@samba.org Date: Wed Jun 30 10:40:24 2010 +0200 s3-spoolss: Move the standard mappings to spoolss. Signed-off-by: Jim McDonough j...@samba.org commit c3186f22c5d501cc6afed7556579906d27763251 Author: Andreas Schneider a...@samba.org Date: Wed Jun 30 10:39:43 2010 +0200 s3-lib: Make the standard_mapping parameter const. Signed-off-by: Jim McDonough j...@samba.org commit 1be454538b2e4d242be90e43fab9eb09f0b07a57 Author: Andreas Schneider a...@samba.org Date: Wed Jun 30 10:25:08 2010 +0200 s3-spoolss: Remove the program global current_user_info. Signed-off-by: Jim McDonough j...@samba.org commit d8c81423aa52f1810cafeefa186f7dd0590cb0de Author: Andreas Schneider a...@samba.org Date: Tue Jun 29 15:05:00 2010 +0200 s3-spoolss: Remove unused MAGIC_DISPLAY_FREQUENCY Signed-off-by: Jim McDonough j...@samba.org commit 8fe6813ca0e6ccbe4fed91425f82443f5cb166a4 Author: Andreas Schneider a...@samba.org Date: Mon Jun 28 09:57:41 2010 +0200 s4-torture: Enable tests with keynames including a slash. Signed-off-by: Jim McDonough j...@samba.org commit db2a777b0ee1e75fb6d11ad1240d7214a4e1dac4 Author: Andreas Schneider a...@samba.org Date: Tue Jun 15 13:37:44 2010 +0200 s3-printing: Added automatic migration of printing tdbs. Signed-off-by: Jim McDonough j...@samba.org commit 35e03ef5c22020e047bd05e61be6c46701a07702 Author: Andreas Schneider a...@samba.org Date: Tue Jun 15 11:48:12 2010 +0200 s3-printing: Move all tdb upgrade functions to a separate file. Signed-off-by: Jim McDonough j...@samba.org commit c18913a2c216d9dd092f4efb3dfbad376fc29bb6 Author: Simo Sorce sso...@redhat.com Date: Fri May 7 05:03:32 2010 -0400 s3-smbd: Convert reply_printqueue to use spoolss. Signed-off-by: Jim McDonough j...@samba.org commit 3f68a39458dddf7cfc67ce78248f3f1bdad18ba6 Author: Andreas Schneider a...@samba.org Date: Tue Jun 1 17:09:21 2010 +0200 Revert s4-smbtorture: skip driverName and printerName DsSpooler tests for now. This reverts commit 23eb2888d94b34822e4c49b1d62f4bd3fac43fcf. Signed-off-by: Jim McDonough j...@samba.org commit 96c25cdad5e82a1aed77692796617532f663aca1 Author: Andreas Schneider a...@samba.org Date: Tue Jun 8 13:03:22 2010 +0200 s3-spoolss: Create winprint print processor key. Signed-off-by: Jim McDonough j...@samba.org commit f5a2f8fa2b66d23eb2e99443f6d6bb85b6199b63 Author: Simo
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via a3713d7... s3-dcerpc: Properly initialize output buffers on nak/fault from 26f1218... s3-libsmb: Use data_blob_talloc to get krb5 ticket and session keys http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit a3713d746949788c393ecf2b0d10d105c2220b22 Author: Simo Sorce i...@samba.org Date: Tue Jul 20 13:56:25 2010 -0400 s3-dcerpc: Properly initialize output buffers on nak/fault --- Summary of changes: source3/rpc_server/srv_pipe.c |6 -- 1 files changed, 4 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c index 0132400..b25f122 100644 --- a/source3/rpc_server/srv_pipe.c +++ b/source3/rpc_server/srv_pipe.c @@ -603,6 +603,8 @@ bool api_pipe_bind_auth3(pipes_struct *p, struct ncacn_packet *pkt) return False; } +static bool pipe_init_outgoing_data(pipes_struct *p); + /*** Marshall a bind_nak pdu. ***/ @@ -613,7 +615,7 @@ static bool setup_bind_nak(pipes_struct *p, struct ncacn_packet *pkt) union dcerpc_payload u; /* Free any memory in the current return data buffer. */ - data_blob_free(p-out_data.rdata); + pipe_init_outgoing_data(p); /* * Initialize a bind_nak header. @@ -664,7 +666,7 @@ bool setup_fault_pdu(pipes_struct *p, NTSTATUS fault_status) union dcerpc_payload u; /* Free any memory in the current return data buffer. */ - data_blob_free(p-out_data.rdata); + pipe_init_outgoing_data(p); /* * Initialize a fault header. -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 3b502d8... s3-dcerpc: Fix potential memleak from a3713d7... s3-dcerpc: Properly initialize output buffers on nak/fault http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 3b502d899d8924d285e72f8a9fe666865d6f6926 Author: Simo Sorce i...@samba.org Date: Sat Jul 17 16:01:07 2010 -0400 s3-dcerpc: Fix potential memleak Use a free function for schannel data too for now. --- Summary of changes: source3/rpc_server/srv_pipe.c |7 ++- 1 files changed, 6 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c index b25f122..508cb3f 100644 --- a/source3/rpc_server/srv_pipe.c +++ b/source3/rpc_server/srv_pipe.c @@ -89,6 +89,11 @@ static void free_pipe_ntlmssp_auth_data(struct pipe_auth_data *auth) TALLOC_FREE(auth-a_u.auth_ntlmssp_state); } +static void free_pipe_schannel_auth_data(struct pipe_auth_data *auth) +{ + TALLOC_FREE(auth-a_u.schannel_auth); +} + static DATA_BLOB generic_session_key(void) { return data_blob(SystemLibraryDTC, 16); @@ -1100,7 +1105,7 @@ static bool pipe_schannel_auth_bind(pipes_struct *p, neg.oem_netbios_domain.a, neg.oem_netbios_computer.a)); /* We're finished with this bind - no more packets. */ - p-auth.auth_data_free_func = NULL; + p-auth.auth_data_free_func = free_pipe_schannel_auth_data; p-auth.auth_type = PIPE_AUTH_TYPE_SCHANNEL; p-pipe_bound = True; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 61cfbf3... s3-rpc_server: Cleanup the way we free pipe auth data via 636de43... cleaup: Reformat cli_get_session_key() from 3b502d8... s3-dcerpc: Fix potential memleak http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 61cfbf342fb508477bd45ed8378af7ba6f147727 Author: Simo Sorce i...@samba.org Date: Sat Jul 17 16:34:33 2010 -0400 s3-rpc_server: Cleanup the way we free pipe auth data commit 636de433ac9cb658c35b8fc45933d8dcb98a991e Author: Simo Sorce i...@samba.org Date: Mon Jul 19 15:43:22 2010 -0400 cleaup: Reformat cli_get_session_key() merge cli_get_session_key --- Summary of changes: source3/rpc_client/cli_pipe.c | 43 - source3/rpc_server/srv_pipe.c | 23 - 2 files changed, 34 insertions(+), 32 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c index c3712f7..6de2e80 100644 --- a/source3/rpc_client/cli_pipe.c +++ b/source3/rpc_client/cli_pipe.c @@ -3836,6 +3836,7 @@ NTSTATUS cli_get_session_key(TALLOC_CTX *mem_ctx, struct rpc_pipe_client *cli, DATA_BLOB *session_key) { + struct pipe_auth_data *a = cli-auth; DATA_BLOB sk; if (!session_key || !cli) { @@ -3847,29 +3848,27 @@ NTSTATUS cli_get_session_key(TALLOC_CTX *mem_ctx, } switch (cli-auth-auth_type) { - case PIPE_AUTH_TYPE_SCHANNEL: - *session_key = data_blob_talloc(mem_ctx, - cli-auth-a_u.schannel_auth-creds-session_key, 16); - break; - case PIPE_AUTH_TYPE_NTLMSSP: - case PIPE_AUTH_TYPE_SPNEGO_NTLMSSP: - sk = auth_ntlmssp_get_session_key(cli-auth-a_u.auth_ntlmssp_state); - *session_key = data_blob_dup_talloc(mem_ctx, sk); - break; - case PIPE_AUTH_TYPE_KRB5: - case PIPE_AUTH_TYPE_SPNEGO_KRB5: - *session_key = data_blob_talloc(mem_ctx, - cli-auth-a_u.kerberos_auth-session_key.data, - cli-auth-a_u.kerberos_auth-session_key.length); - break; - case PIPE_AUTH_TYPE_NONE: - *session_key = data_blob_talloc(mem_ctx, - cli-auth-user_session_key.data, - cli-auth-user_session_key.length); - break; - default: - return NT_STATUS_NO_USER_SESSION_KEY; + case PIPE_AUTH_TYPE_SCHANNEL: + sk = data_blob_const(a-a_u.schannel_auth-creds-session_key, +16); + break; + case PIPE_AUTH_TYPE_NTLMSSP: + case PIPE_AUTH_TYPE_SPNEGO_NTLMSSP: + sk = auth_ntlmssp_get_session_key(a-a_u.auth_ntlmssp_state); + break; + case PIPE_AUTH_TYPE_KRB5: + case PIPE_AUTH_TYPE_SPNEGO_KRB5: + sk = data_blob_const(a-a_u.kerberos_auth-session_key.data, +a-a_u.kerberos_auth-session_key.length); + break; + case PIPE_AUTH_TYPE_NONE: + sk = data_blob_const(a-user_session_key.data, +a-user_session_key.length); + break; + default: + return NT_STATUS_NO_USER_SESSION_KEY; } + *session_key = data_blob_dup_talloc(mem_ctx, sk); return NT_STATUS_OK; } diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c index 508cb3f..056bf58 100644 --- a/source3/rpc_server/srv_pipe.c +++ b/source3/rpc_server/srv_pipe.c @@ -94,6 +94,14 @@ static void free_pipe_schannel_auth_data(struct pipe_auth_data *auth) TALLOC_FREE(auth-a_u.schannel_auth); } +static void free_pipe_auth_data(struct pipe_auth_data *auth) +{ + if (auth-auth_data_free_func) { + (*auth-auth_data_free_func)(auth); + auth-auth_data_free_func = NULL; + } +} + static DATA_BLOB generic_session_key(void) { return data_blob(SystemLibraryDTC, 16); @@ -602,8 +610,7 @@ bool api_pipe_bind_auth3(pipes_struct *p, struct ncacn_packet *pkt) err: - free_pipe_ntlmssp_auth_data(p-auth); - p-auth.a_u.auth_ntlmssp_state = NULL; + free_pipe_auth_data(p-auth); return False; } @@ -651,9 +658,7 @@ static bool setup_bind_nak(pipes_struct *p, struct ncacn_packet *pkt) p-out_data.data_sent_length = 0; p-out_data.current_pdu_sent = 0; - if (p-auth.auth_data_free_func) { - (*p-auth.auth_data_free_func
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via b20e5eb... dcerpc: Clarify what the arguments of dcerpc_pull_auth_trailer() actually represent. from 2a8399f... s3: check for explicit external lib bug in ld's as-needed code http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit b20e5eb3aab2d0c3b028e769dd126387699a8f7d Author: Simo Sorce i...@samba.org Date: Mon Jul 19 18:57:12 2010 -0400 dcerpc: Clarify what the arguments of dcerpc_pull_auth_trailer() actually represent. --- Summary of changes: librpc/rpc/dcerpc_util.c | 49 +++-- source3/include/proto.h |4 +- 2 files changed, 36 insertions(+), 17 deletions(-) Changeset truncated at 500 lines: diff --git a/librpc/rpc/dcerpc_util.c b/librpc/rpc/dcerpc_util.c index c79cfd5..492d8ac 100644 --- a/librpc/rpc/dcerpc_util.c +++ b/librpc/rpc/dcerpc_util.c @@ -57,22 +57,39 @@ uint8_t dcerpc_get_endian_flag(DATA_BLOB *blob) return blob-data[DCERPC_DREP_OFFSET]; } -/* - pull an dcerpc_auth structure, taking account of any auth padding in - the blob at the end of the structure - */ + +/** +* @brief Pull a dcerpc_auth structure, taking account of any auth +* padding in the blob. For request/response packets we pass +* the whole data blob, so auth_data_only must be set to false +* as the blob contains data+pad+auth and no just pad+auth. +* +* @param pkt - The ncacn_packet strcuture +* @param mem_ctx - The mem_ctx used to allocate dcerpc_auth elements +* @param pkt_trailer - The packet trailer data, usually the trailing +*auth_info blob, but in the request/response case +*this is the stub_and_verifier blob. +* @param auth - A preallocated dcerpc_auth *empty* structure +* @param auth_length - The length of the auth trail, sum of auth header +*lenght and pkt-auth_length +* @param auth_data_only- Whether the pkt_trailer includes only the auth_blob +*(+ padding) or also other data. +* +* @return - A NTSTATUS error code. +*/ NTSTATUS dcerpc_pull_auth_trailer(struct ncacn_packet *pkt, TALLOC_CTX *mem_ctx, - DATA_BLOB *pkt_auth_blob, + DATA_BLOB *pkt_trailer, struct dcerpc_auth *auth, uint32_t *auth_length, - bool check_pad) + bool auth_data_only) { struct ndr_pull *ndr; enum ndr_err_code ndr_err; - uint32_t pad; + uint32_t data_and_pad; - pad = pkt_auth_blob-length - (DCERPC_AUTH_TRAILER_LENGTH + pkt-auth_length); + data_and_pad = pkt_trailer-length + - (DCERPC_AUTH_TRAILER_LENGTH + pkt-auth_length); /* paranoia check for pad size. This would be caught anyway by the ndr_pull_advance() a few lines down, but it scared @@ -80,13 +97,13 @@ NTSTATUS dcerpc_pull_auth_trailer(struct ncacn_packet *pkt, it now, just to prevent someone posting a bogus YouTube video in the future. */ - if (pad pkt_auth_blob-length) { + if (data_and_pad pkt_trailer-length) { return NT_STATUS_INFO_LENGTH_MISMATCH; } - *auth_length = pkt_auth_blob-length - pad; + *auth_length = pkt_trailer-length - data_and_pad; - ndr = ndr_pull_init_blob(pkt_auth_blob, mem_ctx); + ndr = ndr_pull_init_blob(pkt_trailer, mem_ctx); if (!ndr) { return NT_STATUS_NO_MEMORY; } @@ -95,7 +112,7 @@ NTSTATUS dcerpc_pull_auth_trailer(struct ncacn_packet *pkt, ndr-flags |= LIBNDR_FLAG_BIGENDIAN; } - ndr_err = ndr_pull_advance(ndr, pad); + ndr_err = ndr_pull_advance(ndr, data_and_pad); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { talloc_free(ndr); return ndr_map_error2ntstatus(ndr_err); @@ -107,9 +124,11 @@ NTSTATUS dcerpc_pull_auth_trailer(struct ncacn_packet *pkt, return ndr_map_error2ntstatus(ndr_err); } - if (check_pad pad != auth-auth_pad_length) { - DEBUG(1,(__location__ : WARNING: pad length mismatch. Calculated %u got %u\n, -(unsigned)pad, (unsigned)auth-auth_pad_length)); + if (auth_data_only data_and_pad != auth-auth_pad_length) { + DEBUG(1, (__location__ : WARNING: pad length mismatch. + Calculated %u got %u\n, + (unsigned)data_and_pad, + (unsigned)auth-auth_pad_length)); } DEBUG(6,(__location__ : auth_pad_length
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 26f1218... s3-libsmb: Use data_blob_talloc to get krb5 ticket and session keys via 8137f2d... misc: cleanup get_krb5_smb_session_key() via e8460b4... misc: cleanup cli_krb5_get_ticket() from 5002b3a... Add approriate TALLOC_CTX's thoughout the spnego code. No more implicit NULL contexts. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 26f1218a3678e648c73db3b34732703396ad48b2 Author: Simo Sorce i...@samba.org Date: Tue Jul 20 20:00:12 2010 -0400 s3-libsmb: Use data_blob_talloc to get krb5 ticket and session keys commit 8137f2d7e7e69db66a5191c1a80e0bda52506528 Author: Simo Sorce i...@samba.org Date: Tue Jul 20 19:45:00 2010 -0400 misc: cleanup get_krb5_smb_session_key() commit e8460b4ebc82659d2cf1ea1588c708fa7069be5c Author: Simo Sorce i...@samba.org Date: Tue Jul 20 19:41:19 2010 -0400 misc: cleanup cli_krb5_get_ticket() --- Summary of changes: source3/include/krb5_protos.h| 10 +++- source3/libads/authdata.c|3 +- source3/libads/kerberos_verify.c |3 +- source3/libsmb/clikrb5.c | 79 ++ source3/libsmb/clispnego.c | 11 +++-- source3/rpc_client/cli_pipe.c|6 ++- source3/utils/ntlm_auth.c| 10 +++-- 7 files changed, 73 insertions(+), 49 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/include/krb5_protos.h b/source3/include/krb5_protos.h index b65fb17..97e6871 100644 --- a/source3/include/krb5_protos.h +++ b/source3/include/krb5_protos.h @@ -46,7 +46,10 @@ krb5_error_code smb_krb5_locate_kdc(krb5_context ctx, const krb5_data *realm, st krb5_error_code krb5_locate_kdc(krb5_context ctx, const krb5_data *realm, struct sockaddr **addr_pp, int *naddrs, int get_masters); #endif krb5_error_code get_kerberos_allowed_etypes(krb5_context context, krb5_enctype **enctypes); -bool get_krb5_smb_session_key(krb5_context context, krb5_auth_context auth_context, DATA_BLOB *session_key, bool remote); +bool get_krb5_smb_session_key(TALLOC_CTX *mem_ctx, + krb5_context context, + krb5_auth_context auth_context, + DATA_BLOB *session_key, bool remote); krb5_error_code smb_krb5_kt_free_entry(krb5_context context, krb5_keytab_entry *kt_entry); krb5_principal kerberos_fetch_salt_princ_for_host_princ(krb5_context context, krb5_principal host_princ, int enctype); void kerberos_set_creds_enctype(krb5_creds *pcreds, int enctype); @@ -141,9 +144,10 @@ char *smb_krb5_principal_get_realm(krb5_context context, krb5_principal principal); #endif /* HAVE_KRB5 */ -int cli_krb5_get_ticket(const char *principal, time_t time_offset, +int cli_krb5_get_ticket(TALLOC_CTX *mem_ctx, + const char *principal, time_t time_offset, DATA_BLOB *ticket, DATA_BLOB *session_key_krb5, - uint32 extra_ap_opts, const char *ccname, + uint32_t extra_ap_opts, const char *ccname, time_t *tgs_expire, const char *impersonate_princ_s); diff --git a/source3/libads/authdata.c b/source3/libads/authdata.c index 305b607..00062f4 100644 --- a/source3/libads/authdata.c +++ b/source3/libads/authdata.c @@ -406,7 +406,8 @@ NTSTATUS kerberos_return_pac(TALLOC_CTX *mem_ctx, return NT_STATUS_INVALID_LOGON_TYPE; } - ret = cli_krb5_get_ticket(local_service, + ret = cli_krb5_get_ticket(mem_ctx, + local_service, time_offset, tkt, sesskey1, diff --git a/source3/libads/kerberos_verify.c b/source3/libads/kerberos_verify.c index c072593..10edd07 100644 --- a/source3/libads/kerberos_verify.c +++ b/source3/libads/kerberos_verify.c @@ -615,7 +615,8 @@ NTSTATUS ads_verify_ticket(TALLOC_CTX *mem_ctx, ZERO_STRUCT(packet); } - get_krb5_smb_session_key(context, auth_context, session_key, True); + get_krb5_smb_session_key(mem_ctx, context, +auth_context, session_key, true); dump_data_pw(SMB session key (from ticket)\n, session_key-data, session_key-length); #if 0 diff --git a/source3/libsmb/clikrb5.c b/source3/libsmb/clikrb5.c index 2e3fdf3..68b45d8 100644 --- a/source3/libsmb/clikrb5.c +++ b/source3/libsmb/clikrb5.c @@ -826,11 +826,12 @@ cleanup_princ: } /* - get a kerberos5 ticket for the given service + get a kerberos5 ticket for the given service */ -int cli_krb5_get_ticket(const char *principal, time_t time_offset, - DATA_BLOB *ticket, DATA_BLOB *session_key_krb5
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 944494d... s3-auth: Remove unused variable. via f9f3358... Merge branch 'master' of ssh://git.samba.org/data/git/samba via 7e4de49... Merge branch 'master' of ssh://git.samba.org/data/git/samba via 378e4d5... Merge branch 'master' of ssh://git.samba.org/data/git/samba via 2f24953... Merge branch 'master' of ssh://git.samba.org/data/git/samba via 0ab8e8b... s3-dcerpc: Break memory hierarchy for shared structure from 630a2eb... waf: make the error msg when gen_ndr directory is missing clearer http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 944494d350fa0e42aa8a87849fa7168731f3b0a6 Author: Simo Sorce i...@samba.org Date: Mon Jul 19 13:53:34 2010 -0400 s3-auth: Remove unused variable. It was a spurious remnant after a rebase. commit f9f3358348229b14d368316e327cfd2a4cb48c7c Merge: 7e4de49bfceed18c81abf93703a61d0a22617a24 630a2eb68af0d523a1bb4451bbaa75d2ba47d252 Author: Simo Sorce i...@samba.org Date: Mon Jul 19 13:48:31 2010 -0400 Merge branch 'master' of ssh://git.samba.org/data/git/samba commit 7e4de49bfceed18c81abf93703a61d0a22617a24 Merge: 378e4d5b8d30733f0f28cc2bceb28d9b9b594707 27aece72004a84a6e0b2e00987d8a362e307d1d8 Author: Simo Sorce i...@samba.org Date: Sun Jul 18 20:04:42 2010 -0400 Merge branch 'master' of ssh://git.samba.org/data/git/samba commit 378e4d5b8d30733f0f28cc2bceb28d9b9b594707 Merge: 2f249538ac8f2a54d9c8f8dbf0107db2f33bfe16 6b266b85cf34145ac1f03d8f787b81121e4ec92b Author: Simo Sorce i...@samba.org Date: Fri Jul 16 09:57:03 2010 -0400 Merge branch 'master' of ssh://git.samba.org/data/git/samba commit 2f249538ac8f2a54d9c8f8dbf0107db2f33bfe16 Merge: 0ab8e8be62bcbb1f6441f745736fcee7cbd559eb 5f8678f34be57ccbbf9d9c93ee34b1d8f09c75c4 Author: Simo Sorce i...@samba.org Date: Thu Jul 15 20:50:06 2010 -0400 Merge branch 'master' of ssh://git.samba.org/data/git/samba commit 0ab8e8be62bcbb1f6441f745736fcee7cbd559eb Author: Simo Sorce i...@samba.org Date: Wed Jul 14 08:57:47 2010 -0400 s3-dcerpc: Break memory hierarchy for shared structure Handles are shared among multiple pipes_struct. We cannot allocate them on any specific pipes_struct or it will vanish for all others as soon as that pipes_struct is freed, leaving back dangling pointers. --- Summary of changes: source3/auth/auth_ntlmssp.c |2 -- 1 files changed, 0 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/auth/auth_ntlmssp.c b/source3/auth/auth_ntlmssp.c index bebb86e..a71c02b 100644 --- a/source3/auth/auth_ntlmssp.c +++ b/source3/auth/auth_ntlmssp.c @@ -265,7 +265,6 @@ NTSTATUS auth_ntlmssp_start(struct auth_ntlmssp_state **auth_ntlmssp_state) const char *dns_name; char *dns_domain; struct auth_ntlmssp_state *ans; - struct ntlmssp_state *ntlmssp_state; struct auth_context *auth_context; if ((enum server_types)lp_server_role() == ROLE_STANDALONE) { @@ -286,7 +285,6 @@ NTSTATUS auth_ntlmssp_start(struct auth_ntlmssp_state **auth_ntlmssp_state) ans = talloc_zero(NULL, struct auth_ntlmssp_state); if (!ans) { DEBUG(0,(auth_ntlmssp_start: talloc failed!\n)); - TALLOC_FREE(ntlmssp_state); return NT_STATUS_NO_MEMORY; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 628b57c... s3-dcerpc: Move common cli/srv functions into a common file from 3925411... s3: Really fix the 64-bit warnings http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 628b57ca37641634a34d9b172c7cd5c35a882d4e Author: Simo Sorce i...@samba.org Date: Sat Jul 17 15:00:24 2010 -0400 s3-dcerpc: Move common cli/srv functions into a common file --- Summary of changes: source3/Makefile.in |7 +- source3/librpc/rpc/rpc_common.c | 238 +++ source3/rpc_client/cli_pipe.c | 214 --- 3 files changed, 243 insertions(+), 216 deletions(-) create mode 100644 source3/librpc/rpc/rpc_common.c Changeset truncated at 500 lines: diff --git a/source3/Makefile.in b/source3/Makefile.in index 64fcfe4..26879c4 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -675,8 +675,10 @@ RPC_SERVER_OBJ = @RPC_STATIC@ $(RPC_PIPE_OBJ) $(NPA_TSTREAM_OBJ) RPC_PARSE_OBJ = $(RPC_PARSE_OBJ2) -RPC_CLIENT_OBJ = rpc_client/cli_pipe.o rpc_client/rpc_transport_np.o \ - rpc_client/rpc_transport_sock.o rpc_client/rpc_transport_smbd.o +RPC_CLIENT_OBJ = rpc_client/cli_pipe.o librpc/rpc/rpc_common.o \ +rpc_client/rpc_transport_np.o \ +rpc_client/rpc_transport_sock.o \ +rpc_client/rpc_transport_smbd.o LOCKING_OBJ = locking/locking.o locking/brlock.o locking/posix.o @@ -1343,6 +1345,7 @@ RPC_OPEN_TCP_OBJ = torture/rpc_open_tcp.o \ $(KRBCLIENT_OBJ) \ $(RPC_PARSE_OBJ2) \ $(RPC_CLIENT_OBJ1) \ + librpc/rpc/rpc_common.o \ rpc_client/cli_pipe.o \ ../librpc/rpc/binding.o \ $(LIBMSRPC_GEN_OBJ) diff --git a/source3/librpc/rpc/rpc_common.c b/source3/librpc/rpc/rpc_common.c new file mode 100644 index 000..78b88f7 --- /dev/null +++ b/source3/librpc/rpc/rpc_common.c @@ -0,0 +1,238 @@ +/* + * Unix SMB/CIFS implementation. + * RPC Pipe client / server routines + * Largely rewritten by Jeremy Allison2005. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see http://www.gnu.org/licenses/. + */ + +#include includes.h +#include ../librpc/gen_ndr/ndr_schannel.h +#include ../librpc/gen_ndr/ndr_lsa.h +#include ../librpc/gen_ndr/ndr_dssetup.h +#include ../librpc/gen_ndr/ndr_samr.h +#include ../librpc/gen_ndr/ndr_netlogon.h +#include ../librpc/gen_ndr/ndr_srvsvc.h +#include ../librpc/gen_ndr/ndr_wkssvc.h +#include ../librpc/gen_ndr/ndr_winreg.h +#include ../librpc/gen_ndr/ndr_spoolss.h +#include ../librpc/gen_ndr/ndr_dfs.h +#include ../librpc/gen_ndr/ndr_echo.h +#include ../librpc/gen_ndr/ndr_initshutdown.h +#include ../librpc/gen_ndr/ndr_svcctl.h +#include ../librpc/gen_ndr/ndr_eventlog.h +#include ../librpc/gen_ndr/ndr_ntsvcs.h +#include ../librpc/gen_ndr/ndr_epmapper.h +#include ../librpc/gen_ndr/ndr_drsuapi.h + +static const char *get_pipe_name_from_iface( + TALLOC_CTX *mem_ctx, const struct ndr_interface_table *interface) +{ + int i; + const struct ndr_interface_string_array *ep = interface-endpoints; + char *p; + + for (i=0; iep-count; i++) { + if (strncmp(ep-names[i], ncacn_np:[\\pipe\\, 16) == 0) { + break; + } + } + if (i == ep-count) { + return NULL; + } + + /* +* extract the pipe name without \\pipe from for example +* ncacn_np:[\\pipe\\epmapper] +*/ + p = strchr(ep-names[i]+15, ']'); + if (p == NULL) { + return PIPE; + } + return talloc_strndup(mem_ctx, ep-names[i]+15, p - ep-names[i] - 15); +} + +static const struct ndr_interface_table **interfaces; + +bool smb_register_ndr_interface(const struct ndr_interface_table *interface) +{ + int num_interfaces = talloc_array_length(interfaces); + const struct ndr_interface_table **tmp; + int i; + + for (i=0; inum_interfaces; i++) { + if (ndr_syntax_id_equal(interfaces[i]-syntax_id, + interface-syntax_id)) { + return true
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 52f6bfe... s3-dcerpc: Move mere processing functions from srv_pipe_hnd.c to srv_pipe.c from 3c3cfb9... Fix a typo http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 52f6bfea4b88f36f5744283d8fa64b13f2146696 Author: Simo Sorce i...@samba.org Date: Sat Jul 17 15:22:26 2010 -0400 s3-dcerpc: Move mere processing functions from srv_pipe_hnd.c to srv_pipe.c --- Summary of changes: .../version_test.c = rpc_server/rpc_server.h} | 18 +- source3/rpc_server/srv_pipe.c | 465 source3/rpc_server/srv_pipe_hnd.c | 464 +--- 3 files changed, 475 insertions(+), 472 deletions(-) copy source3/{lib/version_test.c = rpc_server/rpc_server.h} (67%) Changeset truncated at 500 lines: diff --git a/source3/lib/version_test.c b/source3/rpc_server/rpc_server.h similarity index 67% copy from source3/lib/version_test.c copy to source3/rpc_server/rpc_server.h index 880cfeb..f212773 100644 --- a/source3/lib/version_test.c +++ b/source3/rpc_server/rpc_server.h @@ -1,7 +1,7 @@ /* - * Unix SMB/CIFS implementation. - * version_test - test program for samba_version_strion() - * Copyright (C) Michael Adam 2009 + * RPC Pipe server helper headers + * Almost completely rewritten by (C) Jeremy Allison 2005 - 2010 + * Copyright (C) Simo Sorce i...@samba.org - 2010 * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -17,10 +17,10 @@ * along with this program; if not, see http://www.gnu.org/licenses/. */ -#include includes.h +#ifndef _RPC_SERVER_H_ +#define _RPC_SERVER_H_ -int main(void) -{ - printf(%s\n, samba_version_string()); - return 0; -} +void set_incoming_fault(pipes_struct *p); +void process_complete_pdu(pipes_struct *p); + +#endif /* _PRC_SERVER_H_ */ diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c index 4b12042..a7a5f4d 100644 --- a/source3/rpc_server/srv_pipe.c +++ b/source3/rpc_server/srv_pipe.c @@ -33,6 +33,7 @@ #include ../libcli/auth/schannel.h #include ../libcli/auth/spnego.h #include ../libcli/auth/ntlmssp.h +#include rpc_server.h #undef DBGC_CLASS #define DBGC_CLASS DBGC_RPC_SRV @@ -1838,3 +1839,467 @@ static bool api_rpcTNP(pipes_struct *p, struct ncacn_packet *pkt, return True; } + +/ + Initialise an outgoing packet. +/ + +static bool pipe_init_outgoing_data(pipes_struct *p) +{ + output_data *o_data = p-out_data; + + /* Reset the offset counters. */ + o_data-data_sent_length = 0; + o_data-current_pdu_sent = 0; + + data_blob_free(o_data-frag); + + /* Free any memory in the current return data buffer. */ + data_blob_free(o_data-rdata); + + return True; +} + +/ + Sets the fault state on incoming packets. +/ + +void set_incoming_fault(pipes_struct *p) +{ + data_blob_free(p-in_data.data); + p-in_data.pdu_needed_len = 0; + p-in_data.pdu.length = 0; + p-fault_state = True; + DEBUG(10, (set_incoming_fault: Setting fault state on pipe %s\n, + get_pipe_name_from_syntax(talloc_tos(), p-syntax))); +} + +static bool dcesrv_auth_request(pipes_struct *p, struct ncacn_packet *pkt) +{ + NTSTATUS status; + size_t hdr_size = DCERPC_REQUEST_LENGTH; + struct dcerpc_auth auth; + uint32_t auth_length; + DATA_BLOB data; + DATA_BLOB full_pkt; + + DEBUG(10, (Checking request auth.\n)); + + if (pkt-pfc_flags DCERPC_PFC_FLAG_OBJECT_UUID) { + hdr_size += 16; + } + + switch (p-auth.auth_level) { + case DCERPC_AUTH_LEVEL_PRIVACY: + DEBUG(10, (Requested Privacy.\n)); + break; + + case DCERPC_AUTH_LEVEL_INTEGRITY: + DEBUG(10, (Requested Integrity.\n)); + break; + + case DCERPC_AUTH_LEVEL_CONNECT: + if (pkt-auth_length != 0) { + break; + } + return true; + case DCERPC_AUTH_LEVEL_NONE: + if (pkt-auth_length != 0) { + return false; + } + return true; + + default: + return false; + } + + status = dcerpc_pull_auth_trailer(pkt, pkt, + pkt-u.request.stub_and_verifier, + auth, auth_length, false
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 3c0e10d... s3-dcerpc: Fix build and remove unneeded headers from 52f6bfe... s3-dcerpc: Move mere processing functions from srv_pipe_hnd.c to srv_pipe.c http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 3c0e10d70c7f3b5f50269166d3c7f44e13157d5a Author: Simo Sorce i...@samba.org Date: Sat Jul 17 15:43:28 2010 -0400 s3-dcerpc: Fix build and remove unneeded headers Sorry, botched a rebase. --- Summary of changes: source3/rpc_server/srv_pipe_hnd.c |3 --- 1 files changed, 0 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/rpc_server/srv_pipe_hnd.c b/source3/rpc_server/srv_pipe_hnd.c index 5032020..7c4895f 100644 --- a/source3/rpc_server/srv_pipe_hnd.c +++ b/source3/rpc_server/srv_pipe_hnd.c @@ -23,9 +23,6 @@ #include ../librpc/gen_ndr/srv_spoolss.h #include librpc/gen_ndr/ndr_named_pipe_auth.h #include ../libcli/named_pipe_auth/npa_tstream.h -#include ../libcli/auth/schannel.h -#include ../libcli/auth/spnego.h -#include ../libcli/auth/ntlmssp.h #include rpc_server.h #undef DBGC_CLASS -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 65116ad... s3-dcerpc: Fix ability to receive Big Endian PDUs from ec25a00... smbtorture shell: Allow any config option to be set. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 65116adcebe23d3ae42a641515f6001268ed0ef0 Author: Simo Sorce i...@samba.org Date: Fri Jul 16 15:15:48 2010 -0400 s3-dcerpc: Fix ability to receive Big Endian PDUs --- Summary of changes: librpc/rpc/dcerpc_util.c|5 source3/include/proto.h |1 + source3/librpc/rpc/dcerpc.h |6 +++- source3/librpc/rpc/dcerpc_helpers.c | 36 +- source3/rpc_client/cli_pipe.c | 12 +- source3/rpc_server/srv_pipe.c |6 ++-- source3/rpc_server/srv_pipe_hnd.c | 24 -- 7 files changed, 62 insertions(+), 28 deletions(-) Changeset truncated at 500 lines: diff --git a/librpc/rpc/dcerpc_util.c b/librpc/rpc/dcerpc_util.c index a4bc096..c79cfd5 100644 --- a/librpc/rpc/dcerpc_util.c +++ b/librpc/rpc/dcerpc_util.c @@ -52,6 +52,11 @@ void dcerpc_set_auth_length(DATA_BLOB *blob, uint16_t v) } } +uint8_t dcerpc_get_endian_flag(DATA_BLOB *blob) +{ + return blob-data[DCERPC_DREP_OFFSET]; +} + /* pull an dcerpc_auth structure, taking account of any auth padding in the blob at the end of the structure diff --git a/source3/include/proto.h b/source3/include/proto.h index 6f8eebb..9471f63 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -2937,6 +2937,7 @@ NTSTATUS dcerpc_fault_to_nt_status(uint32_t fault_code); void dcerpc_set_frag_length(DATA_BLOB *blob, uint16_t v); uint16_t dcerpc_get_frag_length(const DATA_BLOB *blob); void dcerpc_set_auth_length(DATA_BLOB *blob, uint16_t v); +uint8_t dcerpc_get_endian_flag(DATA_BLOB *blob); NTSTATUS dcerpc_pull_auth_trailer(struct ncacn_packet *pkt, TALLOC_CTX *mem_ctx, DATA_BLOB *pkt_auth_blob, diff --git a/source3/librpc/rpc/dcerpc.h b/source3/librpc/rpc/dcerpc.h index d18920c..bb7bd34 100644 --- a/source3/librpc/rpc/dcerpc.h +++ b/source3/librpc/rpc/dcerpc.h @@ -123,7 +123,8 @@ NTSTATUS dcerpc_push_ncacn_packet(TALLOC_CTX *mem_ctx, DATA_BLOB *blob); NTSTATUS dcerpc_pull_ncacn_packet(TALLOC_CTX *mem_ctx, const DATA_BLOB *blob, - struct ncacn_packet *r); + struct ncacn_packet *r, + bool bigendian); NTSTATUS dcerpc_push_schannel_bind(TALLOC_CTX *mem_ctx, struct NL_AUTH_MESSAGE *r, DATA_BLOB *blob); @@ -136,6 +137,7 @@ NTSTATUS dcerpc_push_dcerpc_auth(TALLOC_CTX *mem_ctx, DATA_BLOB *blob); NTSTATUS dcerpc_pull_dcerpc_auth(TALLOC_CTX *mem_ctx, const DATA_BLOB *blob, -struct dcerpc_auth *r); +struct dcerpc_auth *r, +bool bigendian); #endif /* __DCERPC_H__ */ diff --git a/source3/librpc/rpc/dcerpc_helpers.c b/source3/librpc/rpc/dcerpc_helpers.c index ce48a69..5c92a79 100644 --- a/source3/librpc/rpc/dcerpc_helpers.c +++ b/source3/librpc/rpc/dcerpc_helpers.c @@ -92,15 +92,27 @@ NTSTATUS dcerpc_push_ncacn_packet(TALLOC_CTX *mem_ctx, */ NTSTATUS dcerpc_pull_ncacn_packet(TALLOC_CTX *mem_ctx, const DATA_BLOB *blob, - struct ncacn_packet *r) + struct ncacn_packet *r, + bool bigendian) { enum ndr_err_code ndr_err; + struct ndr_pull *ndr; + + ndr = ndr_pull_init_blob(blob, mem_ctx); + if (!ndr) { + return NT_STATUS_NO_MEMORY; + } + if (bigendian) { + ndr-flags |= LIBNDR_FLAG_BIGENDIAN; + } + + ndr_err = ndr_pull_ncacn_packet(ndr, NDR_SCALARS|NDR_BUFFERS, r); - ndr_err = ndr_pull_struct_blob(blob, mem_ctx, r, - (ndr_pull_flags_fn_t)ndr_pull_ncacn_packet); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { + talloc_free(ndr); return ndr_map_error2ntstatus(ndr_err); } + talloc_free(ndr); if (DEBUGLEVEL = 10) { NDR_PRINT_DEBUG(ncacn_packet, r); @@ -194,15 +206,27 @@ NTSTATUS dcerpc_push_dcerpc_auth(TALLOC_CTX *mem_ctx, */ NTSTATUS dcerpc_pull_dcerpc_auth(TALLOC_CTX *mem_ctx, const DATA_BLOB *blob, -struct dcerpc_auth *r) +struct dcerpc_auth *r, +bool bigendian
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 1b51ddd... s3-dcerpc: Fix miscalculation of buffer start address from 77a3858... tsocket: Fix some unreachable code http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 1b51ddd37085e6dcc2fbe5056e902270d1efb076 Author: Simo Sorce i...@samba.org Date: Mon Jul 12 15:09:42 2010 -0400 s3-dcerpc: Fix miscalculation of buffer start address This was breaking schannel --- Summary of changes: source3/rpc_client/cli_pipe.c |4 +++- 1 files changed, 3 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c index b9b04b6..aea6b36 100644 --- a/source3/rpc_client/cli_pipe.c +++ b/source3/rpc_client/cli_pipe.c @@ -1004,7 +1004,9 @@ static NTSTATUS cli_pipe_verify_schannel(struct rpc_pipe_client *cli, return NT_STATUS_BUFFER_TOO_SMALL; } - blob = data_blob_const(prs_data_p(current_pdu) + prs_offset(current_pdu), auth_len); + blob = data_blob_const(prs_data_p(current_pdu) + + prs_offset(current_pdu) + + RPC_HDR_AUTH_LEN, auth_len); if (DEBUGLEVEL = 10) { dump_NL_AUTH_SIGNATURE(talloc_tos(), blob); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 7571c15... s3:dcerpc Remove unused structure and functions via 7236f8c... s3:dcerpc Use prs_parse_dcerpc_bind via 0d9b636... s3:dcerpc Add prs_parse_dcerpc_bind via ae52651... s3:rpc user idl define dcerpc_ctx_list instead of custom RPC_CONTEXT via d57ecf9... s3-dcerpc: use dcerpc_pull_ncacn_packet() for rpc_pipe_bind_step_one_done(). via 5351a89... s3-dcerpc: use dcerpc_push_ncacn_packet() in push_next_frag(). via e8e2fa5... s3-dcerpc: use dcerpc_pull_ncacn_packet() in cli_pipe_validate_current_pdu(). via dbeaa5e... s3-dcerpc: use dcerpc_pull_dcerpc_auth() in cli_pipe_verify_ntlmssp(). via 49c5293... s3-dcerpc: add dcerpc_pull_dcerpc_auth(). via fe9ce4b... s3-dcerpc: use struct ncacn_packet_header instead of struct rpc_hdr_info. via 77e3fff... s3-dcerpc: add dcerpc_pull_ncacn_packet_header(). via 389a677... dcerpc: add ncacn_packet_header to IDL. via eeb034e... s3-dcerpc: use dcerpc_push_dcerpc_auth() for all authenticated binds. via 4b56e6e... s3-dcerpc: add dcerpc_push_schannel_bind(). via 0f02dda... s3-dcerpc: add dcerpc_push_dcerpc_auth(). via 257f514... s3-dcerpc: remove unused init_rpc_hdr_rb and init_rpc_context. via 5aabd9a... s3-dcerpc: use dcerpc_push_ncacn_packet() for create_bind_or_alt_ctx_internal(). via dc6e0ce... s3-dcerpc: remove unused smb_io_rpc_hdr_fault. via d6de820... s3-dcerpc: use dcerpc_pull_ncacn_packet() for pulling a RPC fault pdu. via cb9eddb... s3-dcerpc: add dcerpc_pull_ncacn_packet(). via 0cbe0f3... s3-dcerpc: use dcerpc_push_ncacn_packet() for setup_fault_pdu(). via 8fdc02a... s3-dcerpc: use dcerpc_push_ncacn_packet() for setup_bind_nak(). via 3d9a12d... s3-dcerpc: add dcerpc_push_ncacn_packet(). from f0b9184... s3:winbindd_samr Do not use static contexts http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 7571c15af93f638a78d69378ce7c793b0e90dc4e Author: Simo Sorce i...@samba.org Date: Thu Jul 8 01:48:05 2010 -0400 s3:dcerpc Remove unused structure and functions commit 7236f8cda93ccfbbbac74b9392bfb5dc93268bcb Author: Simo Sorce i...@samba.org Date: Thu Jul 8 01:14:16 2010 -0400 s3:dcerpc Use prs_parse_dcerpc_bind commit 0d9b63663f888bafbc7451845a79dabf9ceadc0f Author: Simo Sorce i...@samba.org Date: Thu Jul 8 01:13:57 2010 -0400 s3:dcerpc Add prs_parse_dcerpc_bind commit ae526514a936b46112845480646402fdd385d7a2 Author: Simo Sorce i...@samba.org Date: Wed Jul 7 17:14:27 2010 -0400 s3:rpc user idl define dcerpc_ctx_list instead of custom RPC_CONTEXT commit d57ecf920cfb0c1a03734f120e888d34bd618f2d Author: Günther Deschner g...@samba.org Date: Thu Apr 2 01:05:55 2009 +0200 s3-dcerpc: use dcerpc_pull_ncacn_packet() for rpc_pipe_bind_step_one_done(). Guenther Signed-off-by: Simo Sorce i...@samba.org commit 5351a8919dcf705061242813186dfd29e03e72a0 Author: Günther Deschner g...@samba.org Date: Thu Apr 2 00:35:19 2009 +0200 s3-dcerpc: use dcerpc_push_ncacn_packet() in push_next_frag(). Guenther Signed-off-by: Simo Sorce i...@samba.org commit e8e2fa586b81ddfe45e6751fafcce85842423eed Author: Günther Deschner g...@samba.org Date: Thu Apr 2 00:34:42 2009 +0200 s3-dcerpc: use dcerpc_pull_ncacn_packet() in cli_pipe_validate_current_pdu(). Guenther Signed-off-by: Simo Sorce i...@samba.org commit dbeaa5efc7ccbf52fd54e18c0cf7683a8fbc2cd4 Author: Günther Deschner g...@samba.org Date: Thu Apr 2 00:33:52 2009 +0200 s3-dcerpc: use dcerpc_pull_dcerpc_auth() in cli_pipe_verify_ntlmssp(). Guenther Signed-off-by: Simo Sorce i...@samba.org commit 49c529349285a79f13b0e1f261f815c4beb62646 Author: Günther Deschner g...@samba.org Date: Wed Apr 1 23:39:20 2009 +0200 s3-dcerpc: add dcerpc_pull_dcerpc_auth(). Guenther Signed-off-by: Simo Sorce i...@samba.org commit fe9ce4b60c60273d67b9616f7dcef2020136ddac Author: Günther Deschner g...@samba.org Date: Wed Apr 1 23:18:25 2009 +0200 s3-dcerpc: use struct ncacn_packet_header instead of struct rpc_hdr_info. Guenther Signed-off-by: Simo Sorce i...@samba.org commit 77e3fffd09e5548ded472bed25109ddda2d45b30 Author: Günther Deschner g...@samba.org Date: Wed Apr 1 23:07:03 2009 +0200 s3-dcerpc: add dcerpc_pull_ncacn_packet_header(). Guenther Signed-off-by: Simo Sorce i...@samba.org commit 389a6774264b273fa210dcd30669d58a5c0db615 Author: Günther Deschner g...@samba.org Date: Wed Apr 1 23:04:23 2009 +0200 dcerpc: add ncacn_packet_header to IDL. Guenther Signed-off-by: Simo Sorce i...@samba.org commit eeb034e72a0e3ed167ffe3c08162311a7c5d2fdf Author: Günther Deschner g...@samba.org Date: Tue Mar 24
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 966641b... s3-dcerpc: Use dcerpc_pull_dcerpc_auth in api_pipe_bind_auth3() via 2076009... s3-dcerpc: Use dcerpc_auth in api_pipe_bind_req() via 1796767... s3-dcerpc: make dcerpc_pull_dcerpc_auth() public via a054832... s3-dcerpc: make dceprc_push_dcerpc_auth public via aca60c2... s3-dcerpc: use dcerpc_pull_dcerpc_auth() in rpc_finish_spnego_ntlmssp_bind_send() via 5591135... s3-dcerpc: use dcerpc_push_dcerpc_auth in add_schannel_auth_footer() via 1febe9d... s3-dcerpc: use dcerpc_push_dcerpc_auth() in add_ntlmssp_auth_footer() via c609e84... s3-dcerpc: use dcerpc_pull_dcerpc_auth() in cli_pipe_verify_schannel() via 91cb2ae... s3-dcerpc: use dcerpc_push_ncacn_packet() in create_rpc_bind_auth3() from 7e134f1... Change one more use of struct rpc_hdr_info - struct ncacn_packet_header http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 966641b9fed90a34beae32fff091edb983ca6359 Author: Simo Sorce i...@samba.org Date: Thu Jul 8 18:38:25 2010 -0400 s3-dcerpc: Use dcerpc_pull_dcerpc_auth in api_pipe_bind_auth3() commit 207600991c2e42309672ab7d3c9731c5c77696d1 Author: Simo Sorce i...@samba.org Date: Thu Jul 8 16:02:08 2010 -0400 s3-dcerpc: Use dcerpc_auth in api_pipe_bind_req() commit 1796767a36fcd880139eb40176c7bcb34fd4ec90 Author: Simo Sorce i...@samba.org Date: Thu Jul 8 15:18:08 2010 -0400 s3-dcerpc: make dcerpc_pull_dcerpc_auth() public commit a054832f4fda4a158c1d0bf6fa2646bd5835aa2e Author: Simo Sorce i...@samba.org Date: Thu Jul 8 11:36:03 2010 -0400 s3-dcerpc: make dceprc_push_dcerpc_auth public commit aca60c29e7f890524ebd3a896a3e4f591b5830f6 Author: Simo Sorce i...@samba.org Date: Thu Jul 8 15:16:32 2010 -0400 s3-dcerpc: use dcerpc_pull_dcerpc_auth() in rpc_finish_spnego_ntlmssp_bind_send() commit 559113596478a5ac8f5227bc25a3720db56314fe Author: Simo Sorce i...@samba.org Date: Thu Jul 8 15:04:40 2010 -0400 s3-dcerpc: use dcerpc_push_dcerpc_auth in add_schannel_auth_footer() commit 1febe9de6b6137d575ac1b1263e7d1f7a29cea1f Author: Simo Sorce i...@samba.org Date: Thu Jul 8 14:55:20 2010 -0400 s3-dcerpc: use dcerpc_push_dcerpc_auth() in add_ntlmssp_auth_footer() commit c609e84170486f183ad0a7a13c87c3b7c7bc490d Author: Simo Sorce i...@samba.org Date: Thu Jul 8 14:00:54 2010 -0400 s3-dcerpc: use dcerpc_pull_dcerpc_auth() in cli_pipe_verify_schannel() commit 91cb2aed54cb7fe1f5e5c6359b0ef505f689b172 Author: Simo Sorce i...@samba.org Date: Thu Jul 8 13:30:50 2010 -0400 s3-dcerpc: use dcerpc_push_ncacn_packet() in create_rpc_bind_auth3() --- Summary of changes: source3/include/proto.h | 10 ++ source3/rpc_client/cli_pipe.c | 266 - source3/rpc_server/srv_pipe.c | 199 +++ 3 files changed, 238 insertions(+), 237 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/include/proto.h b/source3/include/proto.h index 8ce2bf1..860e19d 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -4847,6 +4847,16 @@ NTSTATUS dcerpc_pull_ncacn_packet(TALLOC_CTX *mem_ctx, NTSTATUS dcerpc_pull_ncacn_packet_header(TALLOC_CTX *mem_ctx, const DATA_BLOB *blob, struct ncacn_packet_header *r); +NTSTATUS dcerpc_push_dcerpc_auth(TALLOC_CTX *mem_ctx, +enum dcerpc_AuthType auth_type, +enum dcerpc_AuthLevel auth_level, +uint8_t auth_pad_length, +uint32_t auth_context_id, +const DATA_BLOB *credentials, +DATA_BLOB *blob); +NTSTATUS dcerpc_pull_dcerpc_auth(TALLOC_CTX *mem_ctx, +const DATA_BLOB *blob, +struct dcerpc_auth *r); struct tevent_req *rpc_pipe_bind_send(TALLOC_CTX *mem_ctx, struct event_context *ev, struct rpc_pipe_client *cli, diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c index 9c6982b..b9b04b6 100644 --- a/source3/rpc_client/cli_pipe.c +++ b/source3/rpc_client/cli_pipe.c @@ -404,9 +404,9 @@ static NTSTATUS dcerpc_push_schannel_bind(TALLOC_CTX *mem_ctx, /*** / -static NTSTATUS dcerpc_pull_dcerpc_auth(TALLOC_CTX *mem_ctx, - const DATA_BLOB *blob, - struct dcerpc_auth *r) +NTSTATUS dcerpc_pull_dcerpc_auth(TALLOC_CTX *mem_ctx
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via f0b9184... s3:winbindd_samr Do not use static contexts from 90b1a1d... s3: Add SMB2 performance counters. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit f0b918473db75ff389a7d2e3bf4a069b8b30d141 Author: Simo Sorce i...@samba.org Date: Wed Jul 7 23:43:47 2010 -0400 s3:winbindd_samr Do not use static contexts It is a very bad idea to use a static context within the open function. Use the memory hierarchy to keep track of a client connection. --- Summary of changes: source3/winbindd/winbindd_samr.c |8 1 files changed, 4 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/winbindd/winbindd_samr.c b/source3/winbindd/winbindd_samr.c index f8004d9..a2865a0 100644 --- a/source3/winbindd/winbindd_samr.c +++ b/source3/winbindd/winbindd_samr.c @@ -40,7 +40,7 @@ static NTSTATUS open_internal_samr_pipe(TALLOC_CTX *mem_ctx, struct rpc_pipe_client **samr_pipe) { - static struct rpc_pipe_client *cli = NULL; + struct rpc_pipe_client *cli = NULL; struct auth_serversupplied_info *server_info = NULL; NTSTATUS status; @@ -58,7 +58,7 @@ static NTSTATUS open_internal_samr_pipe(TALLOC_CTX *mem_ctx, } /* create a samr connection */ - status = rpc_pipe_open_internal(talloc_autofree_context(), + status = rpc_pipe_open_internal(mem_ctx, ndr_table_samr.syntax_id, rpc_samr_dispatch, server_info, @@ -112,7 +112,7 @@ NTSTATUS open_internal_samr_conn(TALLOC_CTX *mem_ctx, static NTSTATUS open_internal_lsa_pipe(TALLOC_CTX *mem_ctx, struct rpc_pipe_client **lsa_pipe) { - static struct rpc_pipe_client *cli = NULL; + struct rpc_pipe_client *cli = NULL; struct auth_serversupplied_info *server_info = NULL; NTSTATUS status; @@ -130,7 +130,7 @@ static NTSTATUS open_internal_lsa_pipe(TALLOC_CTX *mem_ctx, } /* create a samr connection */ - status = rpc_pipe_open_internal(talloc_autofree_context(), + status = rpc_pipe_open_internal(mem_ctx, ndr_table_lsarpc.syntax_id, rpc_lsarpc_dispatch, server_info, -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 3721161... s3:auth Fix switch statement referencing a uninitialized variable from d1538ad... s3-nss_info: only include nss_info.h where needed. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 3721161d90c835604f38d2f178fbcd8c5f708077 Author: Simo Sorce i...@samba.org Date: Thu Jul 1 17:47:46 2010 -0400 s3:auth Fix switch statement referencing a uninitialized variable Looking at the original commit (9a747d500fad699038ecf75615c680a9fd9e4cc7) this seem the right solution. Andrew please check. --- Summary of changes: source3/rpc_server/srv_pipe.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c index 65251ec..3bc997e 100644 --- a/source3/rpc_server/srv_pipe.c +++ b/source3/rpc_server/srv_pipe.c @@ -1139,7 +1139,7 @@ static bool pipe_spnego_auth_bind_negotiate(pipes_struct *p, prs_struct *rpc_in_ goto err; } - switch (auth_info.auth_level) { + switch (pauth_info-auth_level) { case DCERPC_AUTH_LEVEL_INTEGRITY: auth_ntlmssp_want_sign(a); break; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 2e8c563... Second part of fix converting prs_XX struct and functions to talloc. Remove unneeded prs_mem_free calls. via f4e7d9d... Convert the prs_XXX struct and functions to use talloc instead of malloc. Passes valgrind and make tests for client and server. Second version of this patch after splitting up at Simo's request. Patch to follow will delete extraneous prs_mem_free() calls. from 3fa3804... unittest: Change the name of the base ldb test so that it can be easily called separatly http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 2e8c5639618fa4c6efb461ad4e6b51c84da8bd10 Author: Jeremy Allison j...@samba.org Date: Thu Jun 17 15:51:19 2010 -0700 Second part of fix converting prs_XX struct and functions to talloc. Remove unneeded prs_mem_free calls. Jeremy. Signed-off-by: Simo Sorce i...@samba.org commit f4e7d9d38ebf209be6c040f4ef98dd8111735187 Author: Jeremy Allison j...@samba.org Date: Thu Jun 17 15:35:07 2010 -0700 Convert the prs_XXX struct and functions to use talloc instead of malloc. Passes valgrind and make tests for client and server. Second version of this patch after splitting up at Simo's request. Patch to follow will delete extraneous prs_mem_free() calls. Jeremy. Signed-off-by: Simo Sorce i...@samba.org --- Summary of changes: source3/include/ntdomain.h |4 +- source3/rpc_client/cli_pipe.c | 71 source3/rpc_client/ndr.c |2 - source3/rpc_parse/parse_prs.c | 52 ++-- source3/rpc_server/rpc_ncacn_np_internal.c |4 -- source3/rpc_server/srv_pipe_hnd.c | 57 +++--- 6 files changed, 78 insertions(+), 112 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/include/ntdomain.h b/source3/include/ntdomain.h index 213cb9f..25bef47 100644 --- a/source3/include/ntdomain.h +++ b/source3/include/ntdomain.h @@ -42,7 +42,9 @@ typedef struct _prs_struct { uint32 data_offset; /* Current working offset into data. */ uint32 buffer_size; /* Current allocated size of the buffer. */ uint32 grow_size; /* size requested via prs_grow() calls */ - char *data_p; /* The buffer itself. */ + /* The buffer itself. If is_dynamic is true this +* MUST BE TALLOC'ed off mem_ctx. */ + char *data_p; TALLOC_CTX *mem_ctx; /* When unmarshalling, use this */ } prs_struct; diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c index e248133..69f8fb5 100644 --- a/source3/rpc_client/cli_pipe.c +++ b/source3/rpc_client/cli_pipe.c @@ -1373,13 +1373,6 @@ struct rpc_api_pipe_state { uint32_t incoming_pdu_offset; }; -static int rpc_api_pipe_state_destructor(struct rpc_api_pipe_state *state) -{ - prs_mem_free(state-incoming_frag); - prs_mem_free(state-incoming_pdu); - return 0; -} - static void rpc_api_pipe_trans_done(struct tevent_req *subreq); static void rpc_api_pipe_got_pdu(struct tevent_req *subreq); @@ -1409,8 +1402,6 @@ static struct tevent_req *rpc_api_pipe_send(TALLOC_CTX *mem_ctx, /* Make incoming_pdu dynamic with no memory. */ prs_give_memory(state-incoming_pdu, NULL, 0, true); - talloc_set_destructor(state, rpc_api_pipe_state_destructor); - /* * Ensure we're not sending too much. */ @@ -1453,7 +1444,6 @@ static void rpc_api_pipe_trans_done(struct tevent_req *subreq) NTSTATUS status; uint8_t *rdata = NULL; uint32_t rdata_len = 0; - char *rdata_copy; status = cli_api_pipe_recv(subreq, state, rdata, rdata_len); TALLOC_FREE(subreq); @@ -1471,16 +1461,11 @@ static void rpc_api_pipe_trans_done(struct tevent_req *subreq) } /* -* Give the memory received from cli_trans as dynamic to the current -* pdu. Duplicating it sucks, but prs_struct doesn't know about talloc -* :-( +* This is equivalent to a talloc_steal - gives rdata to +* the prs_struct state-incoming_frag. */ - rdata_copy = (char *)memdup(rdata, rdata_len); - TALLOC_FREE(rdata); - if (tevent_req_nomem(rdata_copy, req)) { - return; - } - prs_give_memory(state-incoming_frag, rdata_copy, rdata_len, true); + prs_give_memory(state-incoming_frag, (char *)rdata, rdata_len, true); + rdata = NULL; /* Ensure we have enough data for a pdu. */ subreq = get_complete_frag_send(state, state-ev, state-cli, @@ -1597,9 +1582,10 @@ static NTSTATUS rpc_api_pipe_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx, reply_pdu-mem_ctx = mem_ctx; /* -* Prevent state-incoming_pdu from
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 4fc36ca... s3:auth fix samu-info3 conversion from d5cf648... s3: Fix starving the echo responder http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 4fc36ca802230fbed8bb2b3b959bc2a6afd1ed3d Author: Simo Sorce i...@samba.org Date: Fri Jun 11 08:25:27 2010 -0400 s3:auth fix samu-info3 conversion Some pdb_get_ functions where missing because of previous mis-patching --- Summary of changes: source3/auth/server_info.c |3 +++ 1 files changed, 3 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/auth/server_info.c b/source3/auth/server_info.c index 6b43fc6..1ef2724 100644 --- a/source3/auth/server_info.c +++ b/source3/auth/server_info.c @@ -413,14 +413,17 @@ NTSTATUS samu_to_SamInfo3(TALLOC_CTX *mem_ctx, info3-base.logon_script.string = talloc_strdup(info3, tmp); RET_NOMEM(info3-base.logon_script.string); } + tmp = pdb_get_profile_path(samu); if (tmp) { info3-base.profile_path.string = talloc_strdup(info3, tmp); RET_NOMEM(info3-base.profile_path.string); } + tmp = pdb_get_homedir(samu); if (tmp) { info3-base.home_directory.string = talloc_strdup(info3, tmp); RET_NOMEM(info3-base.home_directory.string); } + tmp = pdb_get_dir_drive(samu); if (tmp) { info3-base.home_drive.string = talloc_strdup(info3, tmp); RET_NOMEM(info3-base.home_drive.string); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via a9b06f5... configure.in prevent generation of file shlib.so from 4fc36ca... s3:auth fix samu-info3 conversion http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit a9b06f58f254e659ccf253af0d8fb7f062e03188 Author: Olaf Flebbe o.fle...@science-computing.de Date: Fri Jun 11 13:52:23 2010 +0200 configure.in prevent generation of file shlib.so --- Summary of changes: source3/configure.in |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/configure.in b/source3/configure.in index 71d416c..3f04136 100644 --- a/source3/configure.in +++ b/source3/configure.in @@ -1869,7 +1869,7 @@ AC_CACHE_CHECK([whether building shared libraries actually works], then TESTCMD=`eval echo \$SHLD $LDSHFLAGS $PICFLAG\` TESTCMD=$TESTCMD -o \shlib.$SHLIBEXT\ shlib.o - if AC_TRY_COMMAND([$TESTCMD 1AS_MESSAGE_LOG_FD 21]) + if AC_TRY_COMMAND([eval $TESTCMD 1AS_MESSAGE_LOG_FD 21]) then ac_cv_shlib_works=yes fi -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 7aa8af1... check if LD_AS_NEEDED breaks linking with libreadline fixes #7209 from c65eb48... s4/test-libnet: Re-align code a bit - more readable this way IMO http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 7aa8af144efc6d57f33b90ac856096aa7089468d Author: Olaf Flebbe o.fle...@science-computing.de Date: Tue May 25 13:22:56 2010 +0200 check if LD_AS_NEEDED breaks linking with libreadline fixes #7209 Signed-off-by: Simo Sorce i...@samba.org --- Summary of changes: source3/configure.in | 20 1 files changed, 20 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/configure.in b/source3/configure.in index 3f04136..c3b594d 100644 --- a/source3/configure.in +++ b/source3/configure.in @@ -1800,6 +1800,7 @@ fi AC_MSG_RESULT($BLDSHARED) +saved_before_as_needed_ldflags=$LDFLAGS for flags in -Wl,--as-needed -Wl,-z,ignore -z ignore ; do saved_ldflags=$LDFLAGS AC_MSG_CHECKING([if $flags works]) @@ -1813,6 +1814,25 @@ for flags in -Wl,--as-needed -Wl,-z,ignore -z ignore ; do test x$ld_as_needed_flag_found = xyes break done +# check if we have to disable LD_AS_NEEDED_FLAG: +# On some systems for a veriety of reasons linking with +# -Wl,--as-needed -lreadline -lncurses fails +# we have to retest, if these combination is detected before. +# Bugzilla #7209 + +if test x$ac_cv_lib_readline_rl_callback_handler_install = xyes ; then + if test x$ld_as_needed_flag_found = xyes ; then + AC_MSG_CHECKING([if $LD_AS_NEEDED_FLAG works with readline]) + # try if check no fails + save_LIBS=$LIBS + LIBS=$LIBS $TERMLIBS + AC_TRY_LINK([], [rl_callback_handler_install();], [AC_MSG_RESULT([yes])],[ AC_MSG_RESULT([no]); LDFLAGS=$saved_before_as_needed_ldflags]) + LIBS=$save_LIBS +fi +fi + + + # for historical reasons almost all linkers don't complain about unresolved # symbols in shared libs. Except for the internal samba modules we want to get # errors when we produce a shared lib with unresolved symbols. On some -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 405a0c5... s3:cleaunp reformatting for readability via 446deb0... s3:cleanup remove trailing spaces from ec94efb... s3: fix build on HP-UX http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 405a0c558c023a752e88e52b7e40048d3b7090c5 Author: Simo Sorce sso...@redhat.com Date: Thu Jun 10 14:56:03 2010 -0400 s3:cleaunp reformatting for readability commit 446deb0082193d1203a1454b93458ab23757a112 Author: Simo Sorce sso...@redhat.com Date: Thu Jun 10 14:36:19 2010 -0400 s3:cleanup remove trailing spaces --- Summary of changes: source3/rpc_server/srv_pipe_hnd.c | 267 - 1 files changed, 171 insertions(+), 96 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/rpc_server/srv_pipe_hnd.c b/source3/rpc_server/srv_pipe_hnd.c index e0fa861..975f5b8 100644 --- a/source3/rpc_server/srv_pipe_hnd.c +++ b/source3/rpc_server/srv_pipe_hnd.c @@ -1,20 +1,20 @@ -/* +/* * Unix SMB/CIFS implementation. * RPC Pipe client / server routines * Copyright (C) Andrew Tridgell 1992-1998, * Largely re-written : 2005 * Copyright (C) Jeremy Allison 1998 - 2005 - * + * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 3 of the License, or * (at your option) any later version. - * + * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. - * + * * You should have received a copy of the GNU General Public License * along with this program; if not, see http://www.gnu.org/licenses/. */ @@ -47,7 +47,7 @@ static bool pipe_init_outgoing_data(pipes_struct *p) /* * Initialize the outgoing RPC data buffer. * we will use this as the raw data area for replying to rpc requests. -*/ +*/ if(!prs_init(o_data-rdata, 128, p-mem_ctx, MARSHALL)) { DEBUG(0,(pipe_init_outgoing_data: malloc fail.\n)); return False; @@ -76,11 +76,15 @@ static void set_incoming_fault(pipes_struct *p) static ssize_t fill_rpc_header(pipes_struct *p, char *data, size_t data_to_copy) { - size_t len_needed_to_complete_hdr = MIN(data_to_copy, RPC_HEADER_LEN - p-in_data.pdu_received_len); + size_t len_needed_to_complete_hdr = + MIN(data_to_copy, RPC_HEADER_LEN - p-in_data.pdu_received_len); - DEBUG(10,(fill_rpc_header: data_to_copy = %u, len_needed_to_complete_hdr = %u, receive_len = %u\n, - (unsigned int)data_to_copy, (unsigned int)len_needed_to_complete_hdr, - (unsigned int)p-in_data.pdu_received_len )); + DEBUG(10, (fill_rpc_header: data_to_copy = %u, + len_needed_to_complete_hdr = %u, + receive_len = %u\n, + (unsigned int)data_to_copy, + (unsigned int)len_needed_to_complete_hdr, + (unsigned int)p-in_data.pdu_received_len )); if (p-in_data.current_in_pdu == NULL) { p-in_data.current_in_pdu = talloc_array(p, uint8_t, @@ -91,7 +95,8 @@ static ssize_t fill_rpc_header(pipes_struct *p, char *data, size_t data_to_copy) return -1; } - memcpy((char *)p-in_data.current_in_pdu[p-in_data.pdu_received_len], data, len_needed_to_complete_hdr); + memcpy((char *)p-in_data.current_in_pdu[p-in_data.pdu_received_len], + data, len_needed_to_complete_hdr); p-in_data.pdu_received_len += len_needed_to_complete_hdr; return (ssize_t)len_needed_to_complete_hdr; @@ -110,7 +115,8 @@ static ssize_t unmarshall_rpc_header(pipes_struct *p) prs_struct rpc_in; if(p-in_data.pdu_received_len != RPC_HEADER_LEN) { - DEBUG(0,(unmarshall_rpc_header: assert on rpc header length failed.\n)); + DEBUG(0, (unmarshall_rpc_header: + assert on rpc header length failed.\n)); set_incoming_fault(p); return -1; } @@ -128,7 +134,8 @@ static ssize_t unmarshall_rpc_header(pipes_struct *p) */ if(!smb_io_rpc_hdr(, p-hdr, rpc_in, 0)) { - DEBUG(0,(unmarshall_rpc_header: failed to unmarshall RPC_HDR.\n)); + DEBUG(0, (unmarshall_rpc_header: + failed to unmarshall RPC_HDR.\n)); set_incoming_fault(p); prs_mem_free(rpc_in); return -1; @@ -139,14 +146,16 @@ static ssize_t
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 0962763... s3:misc make use of server_[event/messaging]_context directly via cbda036... s3:winbindd use common server context functions via 5e576a5... s3:lib make server contexts generic from aeb25ad... Fix the build in the non WITH_AIO case (sorry). http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 09627638224759c985f0636c5616b0357c91e450 Author: Andreas Schneider a...@samba.org Date: Thu Jun 10 11:48:39 2010 -0400 s3:misc make use of server_[event/messaging]_context directly Untangle these functions from smbd specific dependencies so they can be freely used in multiple servers. commit cbda0369a831ed279cec7ff231ad7399af74db39 Author: Simo Sorce i...@samba.org Date: Thu Jun 10 11:55:27 2010 -0400 s3:winbindd use common server context functions commit 5e576a53abbf2822c0a8fcc87f76140a755599e4 Author: Simo Sorce i...@samba.org Date: Thu Jun 10 11:54:00 2010 -0400 s3:lib make server contexts generic Pair-programmed-with: Andreas Schneider a...@samba.org --- Summary of changes: source3/Makefile.in |2 +- source3/auth/auth_server.c|2 +- source3/include/proto.h |6 +++ source3/lib/server_contexts.c | 69 + source3/printing/notify.c |6 ++-- source3/printing/print_cups.c |8 ++-- source3/printing/printing.c | 13 --- source3/rpc_server/srv_samr_nt.c |2 +- source3/smbd/globals.c| 17 + source3/smbd/server.c | 13 +-- source3/smbd/server_exit.c|4 +- source3/winbindd/winbindd.c | 14 --- source3/winbindd/winbindd.h |3 ++ source3/winbindd/winbindd_event.c | 37 source3/winbindd/winbindd_proto.h |3 -- 15 files changed, 99 insertions(+), 100 deletions(-) create mode 100644 source3/lib/server_contexts.c delete mode 100644 source3/winbindd/winbindd_event.c Changeset truncated at 500 lines: diff --git a/source3/Makefile.in b/source3/Makefile.in index 8e2c003..82e677d 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -406,6 +406,7 @@ LIB_OBJ = $(LIBSAMBAUTIL_OBJ) $(UTIL_OBJ) $(CRYPTO_OBJ) \ lib/conn_tdb.o lib/adt_tree.o lib/gencache.o \ lib/sessionid_tdb.o \ lib/module.o lib/events.o @LIBTEVENT_OBJ0@ \ + lib/server_contexts.o \ lib/ldap_escape.o @CHARSET_STATIC@ \ lib/secdesc.o lib/util_seaccess.o ../libcli/security/secace.o \ ../libcli/security/sddl.o \ @@ -1170,7 +1171,6 @@ IDMAP_ADEX_OBJ = \ WINBINDD_OBJ1 = \ winbindd/winbindd.o \ - winbindd/winbindd_event.o \ winbindd/winbindd_group.o \ winbindd/winbindd_util.o \ winbindd/winbindd_cache.o \ diff --git a/source3/auth/auth_server.c b/source3/auth/auth_server.c index c4d02e2..8f0f98b 100644 --- a/source3/auth/auth_server.c +++ b/source3/auth/auth_server.c @@ -206,7 +206,7 @@ static struct server_security_state *make_server_security_state(struct cli_state interval.tv_sec = lp_keepalive(); interval.tv_usec = 0; - if (event_add_idle(smbd_event_context(), result, interval, + if (event_add_idle(server_event_context(), result, interval, server_security_keepalive, send_server_keepalive, result) == NULL) { diff --git a/source3/include/proto.h b/source3/include/proto.h index e6aec3a..9ae6407 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -6247,6 +6247,12 @@ void set_root_sec_ctx(void); bool pop_sec_ctx(void); void init_sec_ctx(void); +/* The following definitions come from lib/server_contexts.c */ +struct tevent_context *server_event_context(void); +void server_event_context_free(void); +struct messaging_context *server_messaging_context(void); +void server_messaging_context_free(void); + /* The following definitions come from smbd/server.c */ int smbd_server_fd(void); diff --git a/source3/lib/server_contexts.c b/source3/lib/server_contexts.c new file mode 100644 index 000..5e48b79 --- /dev/null +++ b/source3/lib/server_contexts.c @@ -0,0 +1,69 @@ +/* + Unix SMB/CIFS implementation. + Common server globals + + Copyright (C) Simo Sorce i...@samba.org 2010 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 5da783f... s3:smbd add utility function to check if there are open pipes via f9fc4df... s3:rpc make num_pipe_handles get an actual pipe as argument via 22e9015... s3:rpc handles are used by all pipes, use better name via f7e2e83... s3:rpc fix potential out of bound memory access from 711a30a... s3: fix build on platforms without st_blocks and st_blksize stat struct members http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 5da783f4a79ee0a927f2483ae20b691074bb3007 Author: Simo Sorce sso...@redhat.com Date: Mon Jun 7 14:08:05 2010 -0400 s3:smbd add utility function to check if there are open pipes commit f9fc4df0c0a6401d185b057c17d6b30ef549b3d0 Author: Simo Sorce sso...@redhat.com Date: Mon Jun 7 16:02:14 2010 -0400 s3:rpc make num_pipe_handles get an actual pipe as argument Let the function abstract out how handles are counted commit 22e9015e975096acf075240cc7d33f12c7c77395 Author: Simo Sorce sso...@redhat.com Date: Sun Jun 6 16:33:28 2010 -0400 s3:rpc handles are used by all pipes, use better name commit f7e2e8370bfa91ad8dbd9de4f69bf1cfe0947573 Author: Simo Sorce sso...@redhat.com Date: Mon Jun 7 15:07:38 2010 -0400 s3:rpc fix potential out of bound memory access memcpy copies memory unconditionally, we are passing in some cases here. Use strncpy which will stop reading from src if the null byte is found and will fill with nulls the destination. --- Summary of changes: source3/Makefile.in|2 +- source3/include/proto.h|5 +++-- .../rpc_server/{srv_lsa_hnd.c = rpc_handles.c}|6 +++--- source3/rpc_server/rpc_ncacn_np_internal.c | 14 +- source3/rpc_server/srv_spoolss_nt.c|2 +- source3/smbd/conn.c| 11 +++ 6 files changed, 24 insertions(+), 16 deletions(-) rename source3/rpc_server/{srv_lsa_hnd.c = rpc_handles.c} (99%) Changeset truncated at 500 lines: diff --git a/source3/Makefile.in b/source3/Makefile.in index d9e4ec5..8e2c003 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -654,7 +654,7 @@ RPC_EVENTLOG_OBJ = rpc_server/srv_eventlog_nt.o \ NPA_TSTREAM_OBJ = ../libcli/named_pipe_auth/npa_tstream.o RPC_NCACN_NP_INTERNAL = rpc_server/srv_pipe_register.o rpc_server/rpc_ncacn_np_internal.o \ - rpc_server/srv_lsa_hnd.o + rpc_server/rpc_handles.o RPC_PIPE_OBJ = rpc_server/srv_pipe.o rpc_server/srv_pipe_hnd.o \ $(RPC_NCACN_NP_INTERNAL) diff --git a/source3/include/proto.h b/source3/include/proto.h index 9582884..2f68f0e 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -5152,9 +5152,9 @@ bool smb_io_rpc_hdr_auth(const char *desc, RPC_HDR_AUTH *rai, prs_struct *ps, in /* The following definitions come from rpc_server/srv_eventlog_nt.c */ -/* The following definitions come from rpc_server/srv_lsa_hnd.c */ +/* The following definitions come from rpc_server/rpc_handles.c */ -size_t num_pipe_handles(struct handle_list *list); +size_t num_pipe_handles(pipes_struct *p); bool init_pipe_handle_list(pipes_struct *p, const struct ndr_syntax_id *syntax); bool create_policy_hnd(pipes_struct *p, struct policy_handle *hnd, void *data_ptr); @@ -5208,6 +5208,7 @@ bool api_pipe_request(pipes_struct *p); pipes_struct *get_first_internal_pipe(void); pipes_struct *get_next_internal_pipe(pipes_struct *p); +bool check_open_pipes(void); bool fsp_is_np(struct files_struct *fsp); struct tsocket_address; diff --git a/source3/rpc_server/srv_lsa_hnd.c b/source3/rpc_server/rpc_handles.c similarity index 99% rename from source3/rpc_server/srv_lsa_hnd.c rename to source3/rpc_server/rpc_handles.c index 7cc1b43..fa4100f 100644 --- a/source3/rpc_server/srv_lsa_hnd.c +++ b/source3/rpc_server/rpc_handles.c @@ -62,12 +62,12 @@ static bool is_samr_lsa_pipe(const struct ndr_syntax_id *syntax) || ndr_syntax_id_equal(syntax, ndr_table_lsarpc.syntax_id)); } -size_t num_pipe_handles(struct handle_list *list) +size_t num_pipe_handles(pipes_struct *p) { - if (list == NULL) { + if (p-pipe_handles == NULL) { return 0; } - return list-count; + return p-pipe_handles-count; } / diff --git a/source3/rpc_server/rpc_ncacn_np_internal.c b/source3/rpc_server/rpc_ncacn_np_internal.c index 6002489..18251c6 100644 --- a/source3/rpc_server/rpc_ncacn_np_internal.c +++ b/source3/rpc_server/rpc_ncacn_np_internal.c @@ -68,6 +68,18 @@ static void free_pipe_rpc_context_internal( PIPE_RPC_FNS *list ) return; } +bool
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 15f64af... s3-rpc: Create a file with all functions for a internal named pipe. via 3344adc... s3-rpc: Seperate rpc_srv_register for plain connection. via 9097bdd... s3-auth: Moved smbd user functions to a generic place. via fad86dd... s3-smbd: Remove unneeded dependency of map_username to globals.c. from 09daf63... s3-selftest: do not call main RPC-SPOOLSS testsuite. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 15f64af8e3d5aa889a9c9fb852a3357237ba9972 Author: Andreas Schneider a...@samba.org Date: Thu Jun 3 22:04:08 2010 +0200 s3-rpc: Create a file with all functions for a internal named pipe. This makes it possible to use the samr rpc server in winbind without linking in smbd. Reviewed-by: Simo Sorce i...@samba.org commit 3344adc3404df47f02f6eb3096cb623ae94850b8 Author: Andreas Schneider a...@samba.org Date: Thu Jun 3 22:01:46 2010 +0200 s3-rpc: Seperate rpc_srv_register for plain connection. This will make it possible to create plain rpc named pipe connnections. Reviewed-by: Simo Sorce i...@samba.org commit 9097b03f81579699e0d0ce725a7453a3a158 Author: Andreas Schneider a...@samba.org Date: Wed Jun 2 19:39:18 2010 +0200 s3-auth: Moved smbd user functions to a generic place. Reviewed-by: Simo Sorce i...@samba.org commit fad86ddf5531c8f5862b697e99c24a7bd526d73e Author: Andreas Schneider a...@samba.org Date: Mon May 31 18:33:38 2010 +0200 s3-smbd: Remove unneeded dependency of map_username to globals.c. Reviewed-by: Simo Sorce i...@samba.org --- Summary of changes: source3/Makefile.in| 10 +- source3/auth/user_util.c | 406 source3/include/proto.h|4 + source3/rpc_server/rpc_ncacn_np_internal.c | 242 + source3/rpc_server/srv_pipe.c | 157 +++- source3/rpc_server/srv_pipe_hnd.c | 203 -- source3/rpc_server/srv_pipe_internal.h | 42 +++ source3/rpc_server/srv_pipe_register.c | 200 ++ source3/smbd/globals.c |3 - source3/smbd/globals.h |3 - source3/smbd/map_username.c| 271 --- source3/smbd/password.c| 133 - source3/wscript_build |9 +- 13 files changed, 939 insertions(+), 744 deletions(-) create mode 100644 source3/auth/user_util.c create mode 100644 source3/rpc_server/rpc_ncacn_np_internal.c create mode 100644 source3/rpc_server/srv_pipe_internal.h create mode 100644 source3/rpc_server/srv_pipe_register.c delete mode 100644 source3/smbd/map_username.c Changeset truncated at 500 lines: diff --git a/source3/Makefile.in b/source3/Makefile.in index 82407e5..d9e4ec5 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -653,8 +653,11 @@ RPC_EVENTLOG_OBJ = rpc_server/srv_eventlog_nt.o \ NPA_TSTREAM_OBJ = ../libcli/named_pipe_auth/npa_tstream.o -RPC_PIPE_OBJ = rpc_server/srv_pipe_hnd.o \ - rpc_server/srv_pipe.o rpc_server/srv_lsa_hnd.o +RPC_NCACN_NP_INTERNAL = rpc_server/srv_pipe_register.o rpc_server/rpc_ncacn_np_internal.o \ + rpc_server/srv_lsa_hnd.o + +RPC_PIPE_OBJ = rpc_server/srv_pipe.o rpc_server/srv_pipe_hnd.o \ + $(RPC_NCACN_NP_INTERNAL) RPC_ECHO_OBJ = rpc_server/srv_echo_nt.o librpc/gen_ndr/srv_echo.o @@ -772,6 +775,7 @@ AUTH_OBJ = auth/auth.o @AUTH_STATIC@ auth/auth_util.o auth/token_util.o \ auth/server_info.o \ auth/server_info_sam.o \ auth/user_info.o \ + auth/user_util.o \ auth/auth_compat.o auth/auth_ntlmssp.o \ $(PLAINTEXT_AUTH_OBJ) $(SLCACHE_OBJ) $(DCUTIL_OBJ) @@ -783,7 +787,7 @@ BUILDOPT_OBJ = smbd/build_options.o SMBD_OBJ_SRV = smbd/server_reload.o \ smbd/files.o smbd/connection.o \ - smbd/utmp.o smbd/session.o smbd/map_username.o \ + smbd/utmp.o smbd/session.o \ smbd/dfree.o smbd/dir.o smbd/password.o smbd/conn.o \ smbd/share_access.o smbd/fileio.o \ smbd/ipc.o smbd/lanman.o smbd/negprot.o \ diff --git a/source3/auth/user_util.c b/source3/auth/user_util.c new file mode 100644 index 000..3d7123c --- /dev/null +++ b/source3/auth/user_util.c @@ -0,0 +1,406 @@ +/* + Unix SMB/CIFS implementation. + Username handling + Copyright (C) Andrew Tridgell 1992-1998 + Copyright (C) Jeremy Allison 1997-2001. + Copyright (C) Volker Lendecke 2006 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 38dfc48... ldb: Remove unexisting and mistyped function from header from 7f75ee0... ldb: Install ldb_handlers.h header. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 38dfc480334926f07b7d1869225370693140e349 Author: Simo Sorce i...@samba.org Date: Mon May 31 13:54:00 2010 -0400 ldb: Remove unexisting and mistyped function from header --- Summary of changes: source4/lib/ldb/include/ldb_handlers.h |2 -- 1 files changed, 0 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/lib/ldb/include/ldb_handlers.h b/source4/lib/ldb/include/ldb_handlers.h index 21fbcc3..6e71f1f 100644 --- a/source4/lib/ldb/include/ldb_handlers.h +++ b/source4/lib/ldb/include/ldb_handlers.h @@ -35,8 +35,6 @@ int ldb_handler_copy( struct ldb_context *ldb, void *mem_ctx, const struct ldb_val *in, struct ldb_val *out); int ldb_comparison_binary( struct ldb_context *ldb, void *mem_ctx, const struct ldb_val *v1, const struct ldb_val *v2); -int db_handler_fold( struct ldb_context *ldb, void *mem_ctx, - const struct ldb_val *in, struct ldb_val *out); int ldb_comparison_fold( struct ldb_context *ldb, void *mem_ctx, const struct ldb_val *v1, const struct ldb_val *v2); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via cf72740... Revert ldb: Remove Samba-specific symbols. from a22d7db... wafsamba: Only try to build manpages if XSLTPROC was actually found. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit cf727404f4ccad04b7a8fe28d0c1e8eaed69522b Author: Simo Sorce i...@samba.org Date: Mon May 31 14:50:07 2010 -0400 Revert ldb: Remove Samba-specific symbols. This reverts commit fe8302b235197e359a20ba0489eb72b54793963e. Jelmer, please do not re-re-revert this until we can properly handle *both* s4 and standalone ldb builds. --- Summary of changes: source4/lib/ldb/ABI/ldb-samba4-0.9.11.sigs |5 + 1 files changed, 5 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/lib/ldb/ABI/ldb-samba4-0.9.11.sigs b/source4/lib/ldb/ABI/ldb-samba4-0.9.11.sigs index 2206e79..4639220 100644 --- a/source4/lib/ldb/ABI/ldb-samba4-0.9.11.sigs +++ b/source4/lib/ldb/ABI/ldb-samba4-0.9.11.sigs @@ -166,6 +166,7 @@ ldb_parse_tree_copy_shallow: struct ldb_parse_tree *(TALLOC_CTX *, const struct ldb_qsort: void (void * const, size_t, size_t, void *, ldb_qsort_cmp_fn_t) ldb_register_backend: int (const char *, ldb_connect_fn) ldb_register_module: int (const struct ldb_module_ops *) +ldb_register_samba_handlers: int (struct ldb_context *) ldb_rename: int (struct ldb_context *, struct ldb_dn *, struct ldb_dn *) ldb_reply_add_control: int (struct ldb_reply *, const char *, bool, void *) ldb_reply_get_control: struct ldb_control *(struct ldb_reply *, const char *) @@ -176,6 +177,8 @@ ldb_request_get_control: struct ldb_control *(struct ldb_request *, const char * ldb_request_get_status: int (struct ldb_request *) ldb_request_set_state: void (struct ldb_request *, int) ldb_reset_err_string: void (struct ldb_context *) +ldb_samba_syntax_by_lDAPDisplayName: const struct ldb_schema_syntax *(struct ldb_context *, const char *) +ldb_samba_syntax_by_name: const struct ldb_schema_syntax *(struct ldb_context *, const char *) ldb_schema_attribute_add: int (struct ldb_context *, const char *, unsigned int, const char *) ldb_schema_attribute_add_with_syntax: int (struct ldb_context *, const char *, unsigned int, const struct ldb_schema_syntax *) ldb_schema_attribute_by_name: const struct ldb_schema_attribute *(struct ldb_context *, const char *) @@ -217,3 +220,5 @@ ldb_val_map_remote: struct ldb_val (struct ldb_module *, void *, const struct ld ldb_val_to_time: int (const struct ldb_val *, time_t *) ldb_valid_attr_name: int (const char *) ldb_wait: int (struct ldb_handle *, enum ldb_wait_type) +ldb_wrap_connect: struct ldb_context *(TALLOC_CTX *, struct tevent_context *, struct loadparm_context *, const char *, struct auth_session_info *, struct cli_credentials *, unsigned int) +ldb_wrap_fork_hook: void (void) -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via b455c5e... s3:auth Fix segfault when the user cannot be found by getpwnam() from a8d308f... s3-selftest: fix chmod commands in provisioning. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit b455c5e155f7e7ba4cc07cd4415a304163213e0f Author: Andrew Bartlett abart...@samba.org Date: Sat May 29 04:14:27 2010 +1000 s3:auth Fix segfault when the user cannot be found by getpwnam() Add comment to notify when getpwnam() fails. Reviewed-by: Simo Sorce i...@samba.org --- Summary of changes: source3/auth/auth_util.c | 13 ++--- 1 files changed, 10 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c index bccec80..1f9bc7b 100644 --- a/source3/auth/auth_util.c +++ b/source3/auth/auth_util.c @@ -964,7 +964,6 @@ static NTSTATUS check_account(TALLOC_CTX *mem_ctx, const char *domain, bool *username_was_mapped) { struct smbd_server_connection *sconn = smbd_server_conn; - NTSTATUS nt_status; fstring dom_user, lower_username; fstring real_username; struct passwd *passwd; @@ -979,8 +978,12 @@ static NTSTATUS check_account(TALLOC_CTX *mem_ctx, const char *domain, *username_was_mapped = map_username(sconn, dom_user); - if ( !(passwd = smb_getpwnam( NULL, dom_user, real_username, True )) ) + passwd = smb_getpwnam( NULL, dom_user, real_username, True ); + if (!passwd) { + DEBUG(3, (Failed to find authenticated user %s via + getpwnam(), denying access.\n, dom_user)); return NT_STATUS_NO_SUCH_USER; + } *uid = passwd-pw_uid; *gid = passwd-pw_gid; @@ -995,7 +998,7 @@ static NTSTATUS check_account(TALLOC_CTX *mem_ctx, const char *domain, TALLOC_FREE(passwd); - return nt_status; + return NT_STATUS_OK; } / @@ -1154,6 +1157,10 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx, found_username, uid, gid, username_was_mapped); + if (!NT_STATUS_IS_OK(nt_status)) { + return nt_status; + } + result = make_server_info(NULL); if (result == NULL) { DEBUG(4, (make_server_info failed!\n)); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via d85d85b... s3:passdb Fix memory leak from b455c5e... s3:auth Fix segfault when the user cannot be found by getpwnam() http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit d85d85b851f498330badc3eb47a7f10a6981376b Author: Simo Sorce sso...@redhat.com Date: Sat May 29 09:48:20 2010 -0400 s3:passdb Fix memory leak We were allocating this passwd structure on sampass, but never freeing it nor assigning it to unix_pw where it could be reused. --- Summary of changes: source3/passdb/pdb_get_set.c |1 + 1 files changed, 1 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/passdb/pdb_get_set.c b/source3/passdb/pdb_get_set.c index 96f6b40..57d9513 100644 --- a/source3/passdb/pdb_get_set.c +++ b/source3/passdb/pdb_get_set.c @@ -206,6 +206,7 @@ const struct dom_sid *pdb_get_group_sid(struct samu *sampass) pwd = sampass-unix_pw; } else { pwd = Get_Pwnam_alloc( sampass, pdb_get_username(sampass) ); + sampass-unix_pw = pwd; } if ( !pwd ) { -- Samba Shared Repository