svn commit: samba r25493 - in branches: SAMBA_3_2/source/nsswitch SAMBA_3_2_0/source/nsswitch
Author: jmcd Date: 2007-10-03 20:56:29 + (Wed, 03 Oct 2007) New Revision: 25493 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=25493 Log: Fix typo in Jeremy's thread-safe winbind patch: lock-unlock (would have tried to lock a mutex at the end of a function). Cut-n-paste error. Modified: branches/SAMBA_3_2/source/nsswitch/winbind_nss_linux.c branches/SAMBA_3_2_0/source/nsswitch/winbind_nss_linux.c Changeset: Modified: branches/SAMBA_3_2/source/nsswitch/winbind_nss_linux.c === --- branches/SAMBA_3_2/source/nsswitch/winbind_nss_linux.c 2007-10-03 20:43:55 UTC (rev 25492) +++ branches/SAMBA_3_2/source/nsswitch/winbind_nss_linux.c 2007-10-03 20:56:29 UTC (rev 25493) @@ -1347,7 +1347,7 @@ failed: #if HAVE_PTHREAD - pthread_mutex_lock(winbind_nss_mutex); + pthread_mutex_unlock(winbind_nss_mutex); #endif return ret; Modified: branches/SAMBA_3_2_0/source/nsswitch/winbind_nss_linux.c === --- branches/SAMBA_3_2_0/source/nsswitch/winbind_nss_linux.c2007-10-03 20:43:55 UTC (rev 25492) +++ branches/SAMBA_3_2_0/source/nsswitch/winbind_nss_linux.c2007-10-03 20:56:29 UTC (rev 25493) @@ -1347,7 +1347,7 @@ failed: #if HAVE_PTHREAD - pthread_mutex_lock(winbind_nss_mutex); + pthread_mutex_unlock(winbind_nss_mutex); #endif return ret;
svn commit: samba r23643 - in branches/SAMBA_4_0/source: librpc/idl torture/rpc
Author: jmcd Date: 2007-06-28 18:08:04 + (Thu, 28 Jun 2007) New Revision: 23643 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23643 Log: Fix the build farm tests. We were incorrectly passing the RPC-SAMBA3-GETUSERNAME tests before the previous password expiration fixes, because if you create a user and only set the password administratrively, the last set time should not get updated. Needed to add some more of the fields_present flags to do this. Modified: branches/SAMBA_4_0/source/librpc/idl/samr.idl branches/SAMBA_4_0/source/torture/rpc/samba3rpc.c Changeset: Modified: branches/SAMBA_4_0/source/librpc/idl/samr.idl === --- branches/SAMBA_4_0/source/librpc/idl/samr.idl 2007-06-28 18:05:35 UTC (rev 23642) +++ branches/SAMBA_4_0/source/librpc/idl/samr.idl 2007-06-28 18:08:04 UTC (rev 23643) @@ -684,23 +684,36 @@ /* this defines the bits used for fields_present in info21 */ typedef [bitmap32bit] bitmap { - SAMR_FIELD_ACCOUNT_NAME = 0x0001, - SAMR_FIELD_FULL_NAME = 0x0002, - SAMR_FIELD_PRIMARY_GID= 0x0008, - SAMR_FIELD_DESCRIPTION= 0x0010, - SAMR_FIELD_COMMENT= 0x0020, - SAMR_FIELD_HOME_DIRECTORY = 0x0040, - SAMR_FIELD_HOME_DRIVE = 0x0080, - SAMR_FIELD_LOGON_SCRIPT = 0x0100, - SAMR_FIELD_PROFILE_PATH = 0x0200, - SAMR_FIELD_WORKSTATIONS = 0x0400, - SAMR_FIELD_LOGON_HOURS= 0x2000, - SAMR_FIELD_ACCT_FLAGS = 0x0010, - SAMR_FIELD_PARAMETERS = 0x0020, - SAMR_FIELD_COUNTRY_CODE = 0x0040, - SAMR_FIELD_CODE_PAGE = 0x0080, - SAMR_FIELD_PASSWORD = 0x0100, /* either of these */ - SAMR_FIELD_PASSWORD2 = 0x0200 /* two bits seems to work */ + SAMR_FIELD_ACCOUNT_NAME = 0x0001, + SAMR_FIELD_FULL_NAME= 0x0002, + SAMR_FIELD_RID = 0x0004, + SAMR_FIELD_PRIMARY_GID = 0x0008, + SAMR_FIELD_DESCRIPTION = 0x0010, + SAMR_FIELD_COMMENT = 0x0020, + SAMR_FIELD_HOME_DIRECTORY = 0x0040, + SAMR_FIELD_HOME_DRIVE = 0x0080, + SAMR_FIELD_LOGON_SCRIPT = 0x0100, + SAMR_FIELD_PROFILE_PATH = 0x0200, + SAMR_FIELD_WORKSTATIONS = 0x0400, + SAMR_FIELD_LAST_LOGON = 0x0800, + SAMR_FIELD_LAST_LOGOFF = 0x1000, + SAMR_FIELD_LOGON_HOURS = 0x2000, + SAMR_FIELD_BAD_PWD_COUNT= 0x4000, + SAMR_FIELD_NUM_LOGONS = 0x8000, + SAMR_FIELD_ALLOW_PWD_CHANGE = 0x0001, + SAMR_FIELD_FORCE_PWD_CHANGE = 0x0002, + SAMR_FIELD_LAST_PWD_CHANGE = 0x0004, + SAMR_FIELD_ACCT_EXPIRY = 0x0008, + SAMR_FIELD_ACCT_FLAGS = 0x0010, + SAMR_FIELD_PARAMETERS = 0x0020, + SAMR_FIELD_COUNTRY_CODE = 0x0040, + SAMR_FIELD_CODE_PAGE= 0x0080, + SAMR_FIELD_PASSWORD = 0x0100, /* either of these */ + SAMR_FIELD_PASSWORD2= 0x0200, /* two bits seems to work */ + SAMR_FIELD_PRIVATE_DATA = 0x0400, + SAMR_FIELD_EXPIRED_FLAG = 0x0800, + SAMR_FIELD_SEC_DESC = 0x1000, + SAMR_FIELD_OWF_PWD = 0x2000 } samr_FieldsPresent; typedef struct { Modified: branches/SAMBA_4_0/source/torture/rpc/samba3rpc.c === --- branches/SAMBA_4_0/source/torture/rpc/samba3rpc.c 2007-06-28 18:05:35 UTC (rev 23642) +++ branches/SAMBA_4_0/source/torture/rpc/samba3rpc.c 2007-06-28 18:08:04 UTC (rev 23643) @@ -536,24 +536,29 @@ union samr_UserInfo u_info; DATA_BLOB session_key; - encode_pw_buffer(u_info.info24.password.data, password, + + ZERO_STRUCT(u_info); + encode_pw_buffer(u_info.info23.password.data, password, STR_UNICODE); - u_info.info24.pw_len = strlen_m(password)*2; status = dcerpc_fetch_session_key(samr_pipe, session_key); if (!NT_STATUS_IS_OK(status)) { d_printf(dcerpc_fetch_session_key failed\n); goto done; } - arcfour_crypt_blob(u_info.info24.password.data, 516, + arcfour_crypt_blob(u_info.info23
svn commit: samba r23616 - in branches: SAMBA_3_0/source/include SAMBA_3_0/source/rpc_parse SAMBA_3_0/source/rpc_server SAMBA_3_0_25/source/include SAMBA_3_0_25/source/rpc_parse SAMBA_3_0_25/source/rp
Author: jmcd Date: 2007-06-26 20:09:41 + (Tue, 26 Jun 2007) New Revision: 23616 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23616 Log: Fix bugzilla #4719: must change password is not set from usrmgr.exe. This was only affecting the newer versions of usrmgr.exe, because they use a user_info_25 struct. The password is getting set separately inside that code, so the password last set time was getting set from the password change logic. We also were not parsing a number of fields (like logon hours) from the user_info_25. That should also be fixed. Modified: branches/SAMBA_3_0/source/include/rpc_samr.h branches/SAMBA_3_0/source/rpc_parse/parse_samr.c branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c branches/SAMBA_3_0/source/rpc_server/srv_samr_util.c branches/SAMBA_3_0_25/source/include/rpc_samr.h branches/SAMBA_3_0_25/source/rpc_parse/parse_samr.c branches/SAMBA_3_0_25/source/rpc_server/srv_samr_nt.c branches/SAMBA_3_0_25/source/rpc_server/srv_samr_util.c branches/SAMBA_3_0_26/source/include/rpc_samr.h branches/SAMBA_3_0_26/source/rpc_parse/parse_samr.c branches/SAMBA_3_0_26/source/rpc_server/srv_samr_nt.c branches/SAMBA_3_0_26/source/rpc_server/srv_samr_util.c Changeset: Sorry, the patch is too large (505 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23616
svn commit: samba r23231 - in branches/SAMBA_4_0/source/torture/rpc: .
Author: jmcd Date: 2007-05-29 21:50:17 + (Tue, 29 May 2007) New Revision: 23231 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23231 Log: Fix make test on build farm for 64-bit hosts. There's no reason this should be any different for 64-bit hosts, but we probably are lucking out on other fields here as well. The fields_present field shouldn't just be copied from usrmgr traces, because it indicates which fields should be set, and in this case, we were setting the kickoff time (NOT the expired time) to some random date. Modified: branches/SAMBA_4_0/source/torture/rpc/samba3rpc.c Changeset: Modified: branches/SAMBA_4_0/source/torture/rpc/samba3rpc.c === --- branches/SAMBA_4_0/source/torture/rpc/samba3rpc.c 2007-05-29 20:12:48 UTC (rev 23230) +++ branches/SAMBA_4_0/source/torture/rpc/samba3rpc.c 2007-05-29 21:50:17 UTC (rev 23231) @@ -582,6 +582,7 @@ qui.out.info-info21.force_password_change = 0; qui.out.info-info21.account_name.string = NULL; qui.out.info-info21.rid = 0; + qui.out.info-info21.acct_expiry = 0; qui.out.info-info21.fields_present = 0x81827fa; /* copy usrmgr.exe */ u_info.info21 = qui.out.info-info21;
svn commit: samba r23041 - in branches: SAMBA_3_0/source/lib SAMBA_3_0_25/source/lib SAMBA_3_0_26/source/lib
Author: jmcd Date: 2007-05-21 16:01:22 + (Mon, 21 May 2007) New Revision: 23041 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23041 Log: Remainder of fix for 4630: fix special case of unix_to_nt_time() for TIME_T_MAX, and also display of it in http_timestring() Modified: branches/SAMBA_3_0/source/lib/time.c branches/SAMBA_3_0_25/source/lib/time.c branches/SAMBA_3_0_26/source/lib/time.c Changeset: Modified: branches/SAMBA_3_0/source/lib/time.c === --- branches/SAMBA_3_0/source/lib/time.c2007-05-21 15:58:27 UTC (rev 23040) +++ branches/SAMBA_3_0/source/lib/time.c2007-05-21 16:01:22 UTC (rev 23041) @@ -95,7 +95,13 @@ if (t == (time_t)-1) { *nt = (NTTIME)-1LL; return; - } + } + + if (t == TIME_T_MAX) { + *nt = 0x7fffLL; + return; + } + if (t == 0) { *nt = 0; return; @@ -301,7 +307,9 @@ static fstring buf; struct tm *tm = localtime(t); - if (!tm) { + if (t == TIME_T_MAX) { + slprintf(buf,sizeof(buf)-1,never); + } else if (!tm) { slprintf(buf,sizeof(buf)-1,%ld seconds since the Epoch,(long)t); } else { #ifndef HAVE_STRFTIME Modified: branches/SAMBA_3_0_25/source/lib/time.c === --- branches/SAMBA_3_0_25/source/lib/time.c 2007-05-21 15:58:27 UTC (rev 23040) +++ branches/SAMBA_3_0_25/source/lib/time.c 2007-05-21 16:01:22 UTC (rev 23041) @@ -95,7 +95,13 @@ if (t == (time_t)-1) { *nt = (NTTIME)-1LL; return; - } + } + + if (t == TIME_T_MAX) { + *nt = 0x7fffLL; + return; + } + if (t == 0) { *nt = 0; return; @@ -301,7 +307,9 @@ static fstring buf; struct tm *tm = localtime(t); - if (!tm) { + if (t == TIME_T_MAX) { + slprintf(buf,sizeof(buf)-1,never); + } else if (!tm) { slprintf(buf,sizeof(buf)-1,%ld seconds since the Epoch,(long)t); } else { #ifndef HAVE_STRFTIME Modified: branches/SAMBA_3_0_26/source/lib/time.c === --- branches/SAMBA_3_0_26/source/lib/time.c 2007-05-21 15:58:27 UTC (rev 23040) +++ branches/SAMBA_3_0_26/source/lib/time.c 2007-05-21 16:01:22 UTC (rev 23041) @@ -95,7 +95,13 @@ if (t == (time_t)-1) { *nt = (NTTIME)-1LL; return; - } + } + + if (t == TIME_T_MAX) { + *nt = 0x7fffLL; + return; + } + if (t == 0) { *nt = 0; return; @@ -301,7 +307,9 @@ static fstring buf; struct tm *tm = localtime(t); - if (!tm) { + if (t == TIME_T_MAX) { + slprintf(buf,sizeof(buf)-1,never); + } else if (!tm) { slprintf(buf,sizeof(buf)-1,%ld seconds since the Epoch,(long)t); } else { #ifndef HAVE_STRFTIME
svn commit: samba r22504 - in branches: SAMBA_3_0/source/rpc_server SAMBA_3_0_25/source/rpc_server
Author: jmcd Date: 2007-04-24 15:56:02 + (Tue, 24 Apr 2007) New Revision: 22504 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=22504 Log: Fix bug Jerry found during his tutorial. Sorry :-( Allows authorized users (e.g. BUILTIN\Administrators members) to set attributes on an account, particularly user cannot change password. add become_root() around updating attributes, after checking that access has been granted. Modified: branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c branches/SAMBA_3_0_25/source/rpc_server/srv_samr_nt.c Changeset: Modified: branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c === --- branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c 2007-04-24 13:55:04 UTC (rev 22503) +++ branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c 2007-04-24 15:56:02 UTC (rev 22504) @@ -724,7 +724,12 @@ return NT_STATUS_ACCESS_DENIED; } - status = pdb_update_sam_account(sampass); + status = access_check_samr_function(acc_granted, SA_RIGHT_USER_SET_ATTRIBUTES, _samr_set_sec_obj); + if NT_STATUS_IS_OK(status) { + become_root(); + status = pdb_update_sam_account(sampass); + unbecome_root(); + } TALLOC_FREE(sampass); Modified: branches/SAMBA_3_0_25/source/rpc_server/srv_samr_nt.c === --- branches/SAMBA_3_0_25/source/rpc_server/srv_samr_nt.c 2007-04-24 13:55:04 UTC (rev 22503) +++ branches/SAMBA_3_0_25/source/rpc_server/srv_samr_nt.c 2007-04-24 15:56:02 UTC (rev 22504) @@ -739,7 +739,12 @@ return NT_STATUS_ACCESS_DENIED; } - status = pdb_update_sam_account(sampass); + status = access_check_samr_function(acc_granted, SA_RIGHT_USER_SET_ATTRIBUTES, _samr_set_sec_obj); + if NT_STATUS_IS_OK(status) { + become_root(); + status = pdb_update_sam_account(sampass); + unbecome_root(); + } TALLOC_FREE(sampass);
svn commit: samba r22148 - in branches: SAMBA_3_0/source/modules SAMBA_3_0_25/source/modules
Author: jmcd Date: 2007-04-10 15:41:22 + (Tue, 10 Apr 2007) New Revision: 22148 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=22148 Log: Fix gpfs module on posix-acl test. Adds gpfsacl_sys_set_fd (calls _file). Thanks to Gomati Mohanan. Modified: branches/SAMBA_3_0/source/modules/vfs_gpfs.c branches/SAMBA_3_0_25/source/modules/vfs_gpfs.c Changeset: Modified: branches/SAMBA_3_0/source/modules/vfs_gpfs.c === --- branches/SAMBA_3_0/source/modules/vfs_gpfs.c2007-04-10 07:36:58 UTC (rev 22147) +++ branches/SAMBA_3_0/source/modules/vfs_gpfs.c2007-04-10 15:41:22 UTC (rev 22148) @@ -597,8 +597,7 @@ files_struct *fsp, int fd, SMB_ACL_T theacl) { - errno = ENOTSUP; - return -1; + return gpfsacl_sys_acl_set_file(handle, fsp-fsp_name, SMB_ACL_TYPE_ACCESS, theacl); } int gpfsacl_sys_acl_delete_def_file(vfs_handle_struct *handle, Modified: branches/SAMBA_3_0_25/source/modules/vfs_gpfs.c === --- branches/SAMBA_3_0_25/source/modules/vfs_gpfs.c 2007-04-10 07:36:58 UTC (rev 22147) +++ branches/SAMBA_3_0_25/source/modules/vfs_gpfs.c 2007-04-10 15:41:22 UTC (rev 22148) @@ -597,8 +597,7 @@ files_struct *fsp, int fd, SMB_ACL_T theacl) { - errno = ENOTSUP; - return -1; + return gpfsacl_sys_acl_set_file(handle, fsp-fsp_name, SMB_ACL_TYPE_ACCESS, theacl); } int gpfsacl_sys_acl_delete_def_file(vfs_handle_struct *handle,
svn commit: samba-docs r1066 - in trunk/manpages-3: .
Author: jmcd Date: 2007-03-20 13:05:44 + (Tue, 20 Mar 2007) New Revision: 1066 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=1066 Log: Add nfs4:chown option, and a few formatting changes. Modified: trunk/manpages-3/vfs_gpfs.8.xml Changeset: Modified: trunk/manpages-3/vfs_gpfs.8.xml === --- trunk/manpages-3/vfs_gpfs.8.xml 2007-03-19 21:32:53 UTC (rev 1065) +++ trunk/manpages-3/vfs_gpfs.8.xml 2007-03-20 13:05:44 UTC (rev 1066) @@ -75,8 +75,10 @@ /varlistentry + varlistentry termnfs4:acedup = [dontcare|reject|ignore|merge]/term + listitem para This parameter configures how Samba handles duplicate ACEs encountered in GPFS ACLs. GPFS allows/creates duplicate ACE for different bits for same ID. @@ -89,8 +91,27 @@ listitemparacommandignore/command - don't include the second matching ACE/para/listitem listitemparacommandmerge/command - bitwise OR the 2 ace.flag fields and 2 ace.mask fields of the 2 duplicate ACEs into 1 ACE/para/listitem /itemizedlist + /listitem /varlistentry + + varlistentry + termnfs4:chown = [yes|no]/term + listitem + paraThis parameter allows enabling or disabling the chown supported + by the underlying filesystem. This parameter should be enabled with + care as it might leave your system insecure./para + paraSome filesystems allow chown as a) giving b) stealing. It is the latter + that is considered a risk./para + + paraFollowing is the behaviour of Samba for different values : /para + itemizedlist + listitemparacommandyes/command - Enable chown if as supported by the under filesystem/para/listitem + listitemparacommandno (default)/command - Disable chown/para/listitem + /itemizedlist + /listitem + /varlistentry + /variablelist /refsect1
svn commit: samba-docs r1063 - in trunk/manpages-3: .
Author: jmcd Date: 2007-03-19 18:29:04 + (Mon, 19 Mar 2007) New Revision: 1063 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=1063 Log: Add manpage for gpfs module. Thanks to Chetan Shringarpure [EMAIL PROTECTED] Added: trunk/manpages-3/vfs_gpfs.8.xml Changeset: Added: trunk/manpages-3/vfs_gpfs.8.xml === --- trunk/manpages-3/vfs_gpfs.8.xml 2007-03-18 18:21:43 UTC (rev 1062) +++ trunk/manpages-3/vfs_gpfs.8.xml 2007-03-19 18:29:04 UTC (rev 1063) @@ -0,0 +1,139 @@ +?xml version=1.0 encoding=iso-8859-1? +!DOCTYPE refentry PUBLIC -//Samba-Team//DTD DocBook V4.2-Based Variant V1.0//EN http://www.samba.org/samba/DTD/samba-doc; +refentry id=vfs_gpfs.8 + +refmeta + refentrytitlevfs_gpfs/refentrytitle + manvolnum8/manvolnum +/refmeta + + +refnamediv + refnamevfs_gpfs/refname + refpurposegpfs specific samba extensions like acls and prealloc/refpurpose +/refnamediv + +refsynopsisdiv + cmdsynopsis + commandvfs objects = gpfs/command + /cmdsynopsis +/refsynopsisdiv + +refsect1 + titleDESCRIPTION/title + + paraThis VFS module is part of the + citerefentryrefentrytitlesamba/refentrytitle + manvolnum7/manvolnum/citerefentry suite./para + + paraThe commandgpfs/command VFS module is the home + for all gpfs extensions that Samba requires for proper integration + with GPFS. For this it utilizes the gpl-ed library interfaces provided by + GPFS team. + /para + + paraCurrently the gpfs vfs module provides extensions in following areas : + itemizedlist + listitemparaNFSv4 ACL Interfaces with configurable options for gpfs/para/listitem + listitemparaKernel oplock support on GPFS/para/listitem + /itemizedlist + /para + + paracommandNOTE:/commandThis module follows the posix-acl behaviour + and hence allows permission stealing via chown. Samba might allow at a later + point in time, to restrict the chown via this module as such restrictions + are the responsibility of the underlying filesystem than of Samba. + /para + + paraThis module is stackable./para + +/refsect1 + + +refsect1 + titleOPTIONS/title + + variablelist + + varlistentry + + termnfs4:mode = [ simple | special ]/term + listitem + para + Enable/Disable substitution of special ids on GPFS. This parameter + should not affect the windows users in anyway. It only ensures that Samba + sets the special ids - OWNER@ and GROUP@ ( mappings to simple uids ) + that are relevant to GPFS. + /para + + paraThe following MODE are understood by the module:/para + itemizedlist + listitemparacommandsimple(default)/command - do not use special IDs in GPFS ACEs/para/listitem + listitemparacommandspecial/command - use special IDs in GPFS ACEs. /para /listitem + /itemizedlist + /listitem + + /varlistentry + + varlistentry + termnfs4:acedup = [dontcare|reject|ignore|merge]/term + para + This parameter configures how Samba handles duplicate ACEs encountered in GPFS ACLs. + GPFS allows/creates duplicate ACE for different bits for same ID. + /para + + paraFollowing is the behaviour of Samba for different values :/para + itemizedlist + listitemparacommanddontcare (default)/command - copy the ACEs as they come/para/listitem + listitemparacommandreject/command - stop operation and exit with error on ACL set op/para/listitem + listitemparacommandignore/command - don't include the second matching ACE/para/listitem + listitemparacommandmerge/command - OR 2 ace.flag fields and 2 ace.mask fields of the 2 duplicate ACEs into 1 ACE/para/listitem + /itemizedlist + /varlistentry + + /variablelist +/refsect1 + +refsect1 + titleEXAMPLES/title + + paraA GPFS mount can be exported via Samba as follows :/para + +programlisting +smbconfsection name=[samba_gpfs_share]/ + smbconfoption name=path/test/gpfs_mount/smbconfoption + smbconfoption name=nfs4: modespecial/smbconfoption + smbconfoption name=nfs4: acedupmerge/smbconfoption +/programlisting +/refsect1 + +refsect1 + titleCAVEATS/title + paraThe gpfs gpl libraries are required by commandgpfs/command VFS + module during both compilation and runtime. + Also this VFS module is tested to work on SLES 9/10 and RHEL 4.4 + /para +/refsect1 + +refsect1 + titleVERSION/title + paraThis man page is correct
svn commit: samba-docs r1064 - in trunk/manpages-3: .
Author: jmcd Date: 2007-03-19 18:38:51 + (Mon, 19 Mar 2007) New Revision: 1064 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=1064 Log: A few updates to the gpfs manpage. Clarify some language, list setlease as feature, add vfs objects = gpfs to example. Modified: trunk/manpages-3/vfs_gpfs.8.xml Changeset: Modified: trunk/manpages-3/vfs_gpfs.8.xml === --- trunk/manpages-3/vfs_gpfs.8.xml 2007-03-19 18:29:04 UTC (rev 1063) +++ trunk/manpages-3/vfs_gpfs.8.xml 2007-03-19 18:38:51 UTC (rev 1064) @@ -28,14 +28,14 @@ paraThe commandgpfs/command VFS module is the home for all gpfs extensions that Samba requires for proper integration - with GPFS. For this it utilizes the gpl-ed library interfaces provided by - GPFS team. + with GPFS. It uses the GPL library interfaces provided by GPFS. /para paraCurrently the gpfs vfs module provides extensions in following areas : itemizedlist - listitemparaNFSv4 ACL Interfaces with configurable options for gpfs/para/listitem + listitemparaNFSv4 ACL Interfaces with configurable options for GPFS/para/listitem listitemparaKernel oplock support on GPFS/para/listitem + listitemparaLease support on GPFS/para/listitem /itemizedlist /para @@ -60,13 +60,13 @@ termnfs4:mode = [ simple | special ]/term listitem para - Enable/Disable substitution of special ids on GPFS. This parameter + Enable/Disable substitution of special IDs on GPFS. This parameter should not affect the windows users in anyway. It only ensures that Samba - sets the special ids - OWNER@ and GROUP@ ( mappings to simple uids ) + sets the special IDs - OWNER@ and GROUP@ ( mappings to simple uids ) that are relevant to GPFS. /para - paraThe following MODE are understood by the module:/para + paraThe following MODEs are understood by the module:/para itemizedlist listitemparacommandsimple(default)/command - do not use special IDs in GPFS ACEs/para/listitem listitemparacommandspecial/command - use special IDs in GPFS ACEs. /para /listitem @@ -87,7 +87,7 @@ listitemparacommanddontcare (default)/command - copy the ACEs as they come/para/listitem listitemparacommandreject/command - stop operation and exit with error on ACL set op/para/listitem listitemparacommandignore/command - don't include the second matching ACE/para/listitem - listitemparacommandmerge/command - OR 2 ace.flag fields and 2 ace.mask fields of the 2 duplicate ACEs into 1 ACE/para/listitem + listitemparacommandmerge/command - bitwise OR the 2 ace.flag fields and 2 ace.mask fields of the 2 duplicate ACEs into 1 ACE/para/listitem /itemizedlist /varlistentry @@ -101,6 +101,7 @@ programlisting smbconfsection name=[samba_gpfs_share]/ + smbconfoption name=vfs objectsgpfs/smbconfoption smbconfoption name=path/test/gpfs_mount/smbconfoption smbconfoption name=nfs4: modespecial/smbconfoption smbconfoption name=nfs4: acedupmerge/smbconfoption
svn commit: samba r21637 - in branches: SAMBA_3_0/source/lib SAMBA_3_0_25/source/lib
Author: jmcd Date: 2007-03-01 20:52:14 + (Thu, 01 Mar 2007) New Revision: 21637 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=21637 Log: Get password never expires account policy working. 0x8000LL is infinity to NT and should not be converted numerically to time_t. Modified: branches/SAMBA_3_0/source/lib/time.c branches/SAMBA_3_0_25/source/lib/time.c Changeset: Modified: branches/SAMBA_3_0/source/lib/time.c === --- branches/SAMBA_3_0/source/lib/time.c2007-03-01 19:22:31 UTC (rev 21636) +++ branches/SAMBA_3_0/source/lib/time.c2007-03-01 20:52:14 UTC (rev 21637) @@ -36,6 +36,8 @@ #define TIME_T_MAX (~ (time_t) 0 - TIME_T_MIN) #endif +#define NTTIME_INFINITY (NTTIME)0x8000LL + /** External access to time_t_min and time_t_max. **/ @@ -1180,6 +1182,10 @@ return (time_t)-1; } + if (*nt == NTTIME_INFINITY) { + return (time_t)-1; + } + /* reverse the time */ /* it's a negative value, turn it to positive */ d=~*nt; @@ -1248,7 +1254,7 @@ if (t == (time_t)-1) { /* that's what NT uses for infinite */ - *nt = 0x8000LL; + *nt = NTTIME_INFINITY; return; } @@ -1306,7 +1312,7 @@ if (nttime==0) return Now; - if (nttime==0x8000LL) + if (nttime==NTTIME_INFINITY) return Never; high = 65536; @@ -1335,7 +1341,7 @@ return False; } - if (*nt == 0x8000LL) { + if (*nt == NTTIME_INFINITY) { return False; } Modified: branches/SAMBA_3_0_25/source/lib/time.c === --- branches/SAMBA_3_0_25/source/lib/time.c 2007-03-01 19:22:31 UTC (rev 21636) +++ branches/SAMBA_3_0_25/source/lib/time.c 2007-03-01 20:52:14 UTC (rev 21637) @@ -36,6 +36,8 @@ #define TIME_T_MAX (~ (time_t) 0 - TIME_T_MIN) #endif +#define NTTIME_INFINITY (NTTIME)0x8000LL + /** External access to time_t_min and time_t_max. **/ @@ -1180,6 +1182,10 @@ return (time_t)-1; } + if (*nt == NTTIME_INFINITY) { + return (time_t)-1; + } + /* reverse the time */ /* it's a negative value, turn it to positive */ d=~*nt; @@ -1248,7 +1254,7 @@ if (t == (time_t)-1) { /* that's what NT uses for infinite */ - *nt = 0x8000LL; + *nt = NTTIME_INFINITY; return; } @@ -1306,7 +1312,7 @@ if (nttime==0) return Now; - if (nttime==0x8000LL) + if (nttime==NTTIME_INFINITY) return Never; high = 65536; @@ -1335,7 +1341,7 @@ return False; } - if (*nt == 0x8000LL) { + if (*nt == NTTIME_INFINITY) { return False; }
svn commit: samba r21339 - in branches: SAMBA_3_0/source/modules SAMBA_3_0_25/source/modules
Author: jmcd Date: 2007-02-14 14:25:56 + (Wed, 14 Feb 2007) New Revision: 21339 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=21339 Log: Fix the non-linux build. This is more evidence that this needs to be moved up one layer. Modified: branches/SAMBA_3_0/source/modules/vfs_default.c branches/SAMBA_3_0_25/source/modules/vfs_default.c Changeset: Modified: branches/SAMBA_3_0/source/modules/vfs_default.c === --- branches/SAMBA_3_0/source/modules/vfs_default.c 2007-02-14 14:23:59 UTC (rev 21338) +++ branches/SAMBA_3_0/source/modules/vfs_default.c 2007-02-14 14:25:56 UTC (rev 21339) @@ -790,12 +790,14 @@ START_PROFILE(syscall_linux_setlease); +#ifdef LINUX /* first set the signal handler */ if(linux_set_lease_sighandler(fd) == -1) return -1; result = linux_setlease(fd, leasetype); +#endif END_PROFILE(syscall_linux_setlease); return result; } Modified: branches/SAMBA_3_0_25/source/modules/vfs_default.c === --- branches/SAMBA_3_0_25/source/modules/vfs_default.c 2007-02-14 14:23:59 UTC (rev 21338) +++ branches/SAMBA_3_0_25/source/modules/vfs_default.c 2007-02-14 14:25:56 UTC (rev 21339) @@ -790,12 +790,14 @@ START_PROFILE(syscall_linux_setlease); +#ifdef LINUX /* first set the signal handler */ if(linux_set_lease_sighandler(fd) == -1) return -1; result = linux_setlease(fd, leasetype); +#endif END_PROFILE(syscall_linux_setlease); return result; }
svn commit: samba r21324 - in branches: SAMBA_3_0/source/include SAMBA_3_0/source/modules SAMBA_3_0/source/profile SAMBA_3_0/source/smbd SAMBA_3_0_25/source/include SAMBA_3_0_25/source/modules SAMBA_3
Author: jmcd Date: 2007-02-14 02:37:14 + (Wed, 14 Feb 2007) New Revision: 21324 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=21324 Log: Add linux setlease to the vfs layer. Next round, as Volker points out, it should be abstracted a little higher up so other os'es can have an entry, but it will take a bit more work. Thanks to Chetan Shringarpure and Mathias Dietz. I didn't increment the vfs number again because the kernel change notify stuff hasn't been released yet anyway. Modified: branches/SAMBA_3_0/source/include/smbprofile.h branches/SAMBA_3_0/source/include/vfs.h branches/SAMBA_3_0/source/include/vfs_macros.h branches/SAMBA_3_0/source/modules/vfs_default.c branches/SAMBA_3_0/source/modules/vfs_full_audit.c branches/SAMBA_3_0/source/modules/vfs_gpfs.c branches/SAMBA_3_0/source/profile/profile.c branches/SAMBA_3_0/source/smbd/oplock_linux.c branches/SAMBA_3_0_25/source/include/smbprofile.h branches/SAMBA_3_0_25/source/include/vfs.h branches/SAMBA_3_0_25/source/include/vfs_macros.h branches/SAMBA_3_0_25/source/modules/vfs_default.c branches/SAMBA_3_0_25/source/modules/vfs_full_audit.c branches/SAMBA_3_0_25/source/modules/vfs_gpfs.c branches/SAMBA_3_0_25/source/profile/profile.c branches/SAMBA_3_0_25/source/smbd/oplock_linux.c Changeset: Sorry, the patch is too large (609 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=21324
svn commit: samba r21004 - in branches: SAMBA_3_0/source/modules SAMBA_3_0_24/source/modules
Author: jmcd Date: 2007-01-24 15:29:58 + (Wed, 24 Jan 2007) New Revision: 21004 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=21004 Log: Patch from Mathias Dietz [EMAIL PROTECTED] to fix multi-node sharemodes in gpfs. Modified: branches/SAMBA_3_0/source/modules/gpfs.c branches/SAMBA_3_0_24/source/modules/gpfs.c Changeset: Modified: branches/SAMBA_3_0/source/modules/gpfs.c === --- branches/SAMBA_3_0/source/modules/gpfs.c2007-01-24 14:59:01 UTC (rev 21003) +++ branches/SAMBA_3_0/source/modules/gpfs.c2007-01-24 15:29:58 UTC (rev 21004) @@ -57,7 +57,7 @@ DEBUG(10, (special case am=no_access:%x\n,access_mask)); } else { - deny |= (share_access (FILE_SHARE_WRITE|FILE_SHARE_DELETE)) ? + deny |= (share_access FILE_SHARE_WRITE) ? 0 : GPFS_DENY_WRITE; deny |= (share_access (FILE_SHARE_READ)) ? 0 : GPFS_DENY_READ; Modified: branches/SAMBA_3_0_24/source/modules/gpfs.c === --- branches/SAMBA_3_0_24/source/modules/gpfs.c 2007-01-24 14:59:01 UTC (rev 21003) +++ branches/SAMBA_3_0_24/source/modules/gpfs.c 2007-01-24 15:29:58 UTC (rev 21004) @@ -57,7 +57,7 @@ DEBUG(10, (special case am=no_access:%x\n,access_mask)); } else { - deny |= (share_access (FILE_SHARE_WRITE|FILE_SHARE_DELETE)) ? + deny |= (share_access FILE_SHARE_WRITE) ? 0 : GPFS_DENY_WRITE; deny |= (share_access (FILE_SHARE_READ)) ? 0 : GPFS_DENY_READ;
svn commit: samba r20717 - in branches: SAMBA_3_0/source/modules SAMBA_3_0_24/source/modules
Author: jmcd Date: 2007-01-12 21:56:25 + (Fri, 12 Jan 2007) New Revision: 20717 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=20717 Log: Merge sharemode patch from Mathias Dietz [EMAIL PROTECTED]. The patch fixes the behaviour of GPFS sharemodes when the access mask is no_access. Modified: branches/SAMBA_3_0/source/modules/gpfs.c branches/SAMBA_3_0_24/source/modules/gpfs.c Changeset: Modified: branches/SAMBA_3_0/source/modules/gpfs.c === --- branches/SAMBA_3_0/source/modules/gpfs.c2007-01-12 17:58:38 UTC (rev 20716) +++ branches/SAMBA_3_0/source/modules/gpfs.c2007-01-12 21:56:25 UTC (rev 20717) @@ -52,11 +52,16 @@ DELETE_ACCESS)) ? GPFS_SHARE_WRITE : 0; allow |= (access_mask (FILE_READ_DATA|FILE_EXECUTE)) ? GPFS_SHARE_READ : 0; - deny |= (share_access (FILE_SHARE_WRITE|FILE_SHARE_DELETE)) ? - 0 : GPFS_DENY_WRITE; - deny |= (share_access (FILE_SHARE_READ)) ? - 0 : GPFS_DENY_READ; + if (allow == GPFS_SHARE_NONE) { + DEBUG(10, (special case am=no_access:%x\n,access_mask)); + } + else { + deny |= (share_access (FILE_SHARE_WRITE|FILE_SHARE_DELETE)) ? + 0 : GPFS_DENY_WRITE; + deny |= (share_access (FILE_SHARE_READ)) ? + 0 : GPFS_DENY_READ; + } DEBUG(10, (am=%x, allow=%d, sa=%x, deny=%d\n, access_mask, allow, share_access, deny)); Modified: branches/SAMBA_3_0_24/source/modules/gpfs.c === --- branches/SAMBA_3_0_24/source/modules/gpfs.c 2007-01-12 17:58:38 UTC (rev 20716) +++ branches/SAMBA_3_0_24/source/modules/gpfs.c 2007-01-12 21:56:25 UTC (rev 20717) @@ -52,11 +52,16 @@ DELETE_ACCESS)) ? GPFS_SHARE_WRITE : 0; allow |= (access_mask (FILE_READ_DATA|FILE_EXECUTE)) ? GPFS_SHARE_READ : 0; - deny |= (share_access (FILE_SHARE_WRITE|FILE_SHARE_DELETE)) ? - 0 : GPFS_DENY_WRITE; - deny |= (share_access (FILE_SHARE_READ)) ? - 0 : GPFS_DENY_READ; + if (allow == GPFS_SHARE_NONE) { + DEBUG(10, (special case am=no_access:%x\n,access_mask)); + } + else { + deny |= (share_access (FILE_SHARE_WRITE|FILE_SHARE_DELETE)) ? + 0 : GPFS_DENY_WRITE; + deny |= (share_access (FILE_SHARE_READ)) ? + 0 : GPFS_DENY_READ; + } DEBUG(10, (am=%x, allow=%d, sa=%x, deny=%d\n, access_mask, allow, share_access, deny));
svn commit: samba r20119 - in branches: SAMBA_3_0/source/utils SAMBA_3_0_24/source/utils
Author: jmcd Date: 2006-12-12 16:40:57 + (Tue, 12 Dec 2006) New Revision: 20119 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=20119 Log: Update help info indicating how to use separators (forward slash only) and properly use backslashes in net ads join computername= Modified: branches/SAMBA_3_0/source/utils/net_ads.c branches/SAMBA_3_0_24/source/utils/net_ads.c Changeset: Modified: branches/SAMBA_3_0/source/utils/net_ads.c === --- branches/SAMBA_3_0/source/utils/net_ads.c 2006-12-12 15:16:26 UTC (rev 20118) +++ branches/SAMBA_3_0/source/utils/net_ads.c 2006-12-12 16:40:57 UTC (rev 20119) @@ -1322,6 +1322,8 @@ d_printf( createcomputer=OU Precreate the computer account in a specific OU.\n); d_printf( The OU string read from top to bottom without RDNs and delimited by a '/'.\n); d_printf( E.g. \createcomputer=Computers/Servers/Unix\\n); + d_printf( NB: A backslash '\\' is used as escape at multiple levels and may\n); + d_printf( need to be doubled or even quadrupled. It is not used as a separator); return -1; } Modified: branches/SAMBA_3_0_24/source/utils/net_ads.c === --- branches/SAMBA_3_0_24/source/utils/net_ads.c2006-12-12 15:16:26 UTC (rev 20118) +++ branches/SAMBA_3_0_24/source/utils/net_ads.c2006-12-12 16:40:57 UTC (rev 20119) @@ -1322,6 +1322,8 @@ d_printf( createcomputer=OU Precreate the computer account in a specific OU.\n); d_printf( The OU string read from top to bottom without RDNs and delimited by a '/'.\n); d_printf( E.g. \createcomputer=Computers/Servers/Unix\\n); + d_printf( NB: A backslash '\\' is used as escape at multiple levels and may\n); + d_printf( need to be doubled or even quadrupled. It is not used as a separator); return -1; }
svn commit: samba-docs r1003 - in trunk/manpages-3: .
Author: jmcd Date: 2006-12-12 16:52:26 + (Tue, 12 Dec 2006) New Revision: 1003 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=1003 Log: Add ads-only options for net ads join Modified: trunk/manpages-3/net.8.xml Changeset: Modified: trunk/manpages-3/net.8.xml === --- trunk/manpages-3/net.8.xml 2006-12-01 13:53:26 UTC (rev 1002) +++ trunk/manpages-3/net.8.xml 2006-12-12 16:52:26 UTC (rev 1003) @@ -181,7 +181,7 @@ /refsect2 refsect2 -title[RPC|ADS] JOIN [TYPE] [-U username[%password]] [options]/title +title[RPC|ADS] JOIN [TYPE] [-U username[%password]] [createupn=UPN] [createcomputer=OU] [options]/title para Join a domain. If the account already exists on the server, and @@ -194,6 +194,19 @@ [TYPE] may be PDC, BDC or MEMBER to specify the type of server joining the domain. /para + +para +[UPN] (ADS only) set the principalname attribute during the join. The default +format is host/[EMAIL PROTECTED] +/para + +para +[OU] (ADS only) Precreate the computer account in a specific OU. The +OU string reads from top to bottom without RDNs, and is delimited by +a '/'. Please note that '\' is used for escape by both the shell +and ldap, so it may need to be doubled or quadrupled to pass through, +and it is not used as a delimiter. +/para /refsect2 refsect2
svn commit: samba-docs r1004 - in trunk/Samba3-HOWTO: .
Author: jmcd Date: 2006-12-12 19:21:31 + (Tue, 12 Dec 2006) New Revision: 1004 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=1004 Log: Also update the HOWTO with the createcomputer information for net ads join Modified: trunk/Samba3-HOWTO/TOSHARG-DomainMember.xml Changeset: Modified: trunk/Samba3-HOWTO/TOSHARG-DomainMember.xml === --- trunk/Samba3-HOWTO/TOSHARG-DomainMember.xml 2006-12-12 16:52:26 UTC (rev 1003) +++ trunk/Samba3-HOWTO/TOSHARG-DomainMember.xml 2006-12-12 19:21:31 UTC (rev 1004) @@ -1112,7 +1112,7 @@ this to be done using the following syntax: screen rootprompt; userinputkinit [EMAIL PROTECTED]/userinput -rootprompt; userinputnet ads join organizational_unit/userinput +rootprompt; userinputnet ads join createcomputer=organizational_unit/userinput /screen Your ADS manager will be able to advise what should be specified for the organizational_unit parameter. /para @@ -1123,13 +1123,15 @@ indextermprimarycontainer/primary/indexterm indextermprimaryADS/primary/indexterm For example, you may want to create the machine trust account in a container called quoteServers/quote -under the organizational directory quoteComputers\BusinessUnit\Department,/quote like this: +under the organizational directory quoteComputers/BusinessUnit/Department,/quote like this: screen -rootprompt; userinputnet ads join Computers\BusinessUnit\Department\Servers/userinput +rootprompt; userinputnet ads join Computers/BusinessUnit/Department/Servers/userinput /screen This command will place the Samba server machine trust account in the container -literalComputers\BusinessUnit\Department\Servers/literal. The container should exist in the ADS directory -before executing this command. +literalComputers/BusinessUnit/Department/Servers/literal. The container should exist in the ADS directory +before executing this command. Please note that forward slashes must be used, because backslashes are both +valid characters in an OU name and used as escapes for other characters. If you need a backslash in an OU +name, it may need to be quadrupled to pass through the shell escape and ldap escape. /para sect3
svn commit: samba r20136 - in branches: SAMBA_3_0/source/nsswitch SAMBA_3_0_24/source/nsswitch
Author: jmcd Date: 2006-12-12 22:05:48 + (Tue, 12 Dec 2006) New Revision: 20136 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=20136 Log: Fix #4290. Properly compute time to password expiration in message from pam_winbind. Thanks to Andrew Benham [EMAIL PROTECTED] Modified: branches/SAMBA_3_0/source/nsswitch/pam_winbind.c branches/SAMBA_3_0_24/source/nsswitch/pam_winbind.c Changeset: Modified: branches/SAMBA_3_0/source/nsswitch/pam_winbind.c === --- branches/SAMBA_3_0/source/nsswitch/pam_winbind.c2006-12-12 21:47:56 UTC (rev 20135) +++ branches/SAMBA_3_0/source/nsswitch/pam_winbind.c2006-12-12 22:05:48 UTC (rev 20136) @@ -536,7 +536,8 @@ (response.data.auth.policy.expire) (response.data.auth.info3.pass_last_set_time + response.data.auth.policy.expire time(NULL) ) ) { - int days = response.data.auth.policy.expire / SECONDS_PER_DAY; + int days = (response.data.auth.info3.pass_last_set_time + response.data.auth.policy.expire - + time(NULL))/ SECONDS_PER_DAY; if (days = DAYS_TO_WARN_BEFORE_PWD_EXPIRES) { _make_remark_format(pamh, PAM_TEXT_INFO, Your password will expire in %d days, days); } Modified: branches/SAMBA_3_0_24/source/nsswitch/pam_winbind.c === --- branches/SAMBA_3_0_24/source/nsswitch/pam_winbind.c 2006-12-12 21:47:56 UTC (rev 20135) +++ branches/SAMBA_3_0_24/source/nsswitch/pam_winbind.c 2006-12-12 22:05:48 UTC (rev 20136) @@ -536,7 +536,8 @@ (response.data.auth.policy.expire) (response.data.auth.info3.pass_last_set_time + response.data.auth.policy.expire time(NULL) ) ) { - int days = response.data.auth.policy.expire / SECONDS_PER_DAY; + int days = (response.data.auth.info3.pass_last_set_time + response.data.auth.policy.expire - + time(NULL))/ SECONDS_PER_DAY; if (days = DAYS_TO_WARN_BEFORE_PWD_EXPIRES) { _make_remark_format(pamh, PAM_TEXT_INFO, Your password will expire in %d days, days); }
svn commit: samba r20089 - in branches: SAMBA_3_0/source SAMBA_3_0/source/modules SAMBA_3_0_24/source SAMBA_3_0_24/source/modules
Author: jmcd Date: 2006-12-08 18:56:01 + (Fri, 08 Dec 2006) New Revision: 20089 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=20089 Log: Put gpfs acl function into vfs_gpfs module. Thanks to Gomati Mohanan [EMAIL PROTECTED]. Also fix fields for sec_desc differences between 3.0 and 3.0.24 in nfs4_acls.c. Added: branches/SAMBA_3_0/source/modules/README-gpfs-acl.txt branches/SAMBA_3_0_24/source/modules/README-gpfs-acl.txt Modified: branches/SAMBA_3_0/source/Makefile.in branches/SAMBA_3_0/source/modules/vfs_gpfs.c branches/SAMBA_3_0_24/source/Makefile.in branches/SAMBA_3_0_24/source/modules/nfs4_acls.c branches/SAMBA_3_0_24/source/modules/vfs_gpfs.c Changeset: Sorry, the patch is too large (1457 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=20089
svn commit: samba r19749 - in branches/SAMBA_3_0_24/source: . include lib modules smbd
Author: jmcd Date: 2006-11-16 18:44:26 + (Thu, 16 Nov 2006) New Revision: 19749 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19749 Log: Merge acl vfs changes, including nfs4 acl support, from SAMBA_3_0 Added: branches/SAMBA_3_0_24/source/modules/README.nfs4acls.txt branches/SAMBA_3_0_24/source/modules/nfs4_acls.c branches/SAMBA_3_0_24/source/modules/nfs4_acls.h branches/SAMBA_3_0_24/source/modules/vfs_aixacl.c branches/SAMBA_3_0_24/source/modules/vfs_aixacl2.c branches/SAMBA_3_0_24/source/modules/vfs_aixacl_util.c branches/SAMBA_3_0_24/source/modules/vfs_hpuxacl.c branches/SAMBA_3_0_24/source/modules/vfs_irixacl.c branches/SAMBA_3_0_24/source/modules/vfs_posixacl.c branches/SAMBA_3_0_24/source/modules/vfs_solarisacl.c branches/SAMBA_3_0_24/source/modules/vfs_tru64acl.c Modified: branches/SAMBA_3_0_24/source/Makefile.in branches/SAMBA_3_0_24/source/configure.in branches/SAMBA_3_0_24/source/include/smb_acls.h branches/SAMBA_3_0_24/source/lib/sysacls.c branches/SAMBA_3_0_24/source/modules/vfs_afsacl.c branches/SAMBA_3_0_24/source/smbd/posix_acls.c branches/SAMBA_3_0_24/source/smbd/vfs-wrap.c Changeset: Sorry, the patch is too large (7779 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19749
svn commit: samba r19653 - in branches/SAMBA_3_0_24/source/libsmb: .
Author: jmcd Date: 2006-11-10 15:28:44 + (Fri, 10 Nov 2006) New Revision: 19653 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19653 Log: Fix the non-krb build, a la 3.0.23 Modified: branches/SAMBA_3_0_24/source/libsmb/cliconnect.c Changeset: Modified: branches/SAMBA_3_0_24/source/libsmb/cliconnect.c === --- branches/SAMBA_3_0_24/source/libsmb/cliconnect.c2006-11-10 13:46:19 UTC (rev 19652) +++ branches/SAMBA_3_0_24/source/libsmb/cliconnect.c2006-11-10 15:28:44 UTC (rev 19653) @@ -715,9 +715,7 @@ char *principal; char *OIDs[ASN1_MAX_OIDS]; int i; -#ifdef HAVE_KRB5 BOOL got_kerberos_mechanism = False; -#endif DATA_BLOB blob; DEBUG(3,(Doing spnego session setup (blob length=%lu)\n, (unsigned long)cli-secblob.length));
svn commit: samba r19654 - in branches/SAMBA_3_0_24/source: . include lib smbd
Author: jmcd Date: 2006-11-10 15:40:48 + (Fri, 10 Nov 2006) New Revision: 19654 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19654 Log: merge GPFS vfs support from 3.0, including adding kernel_flock vfs op. Modified: branches/SAMBA_3_0_24/source/Makefile.in branches/SAMBA_3_0_24/source/configure.in branches/SAMBA_3_0_24/source/include/smbprofile.h branches/SAMBA_3_0_24/source/include/vfs.h branches/SAMBA_3_0_24/source/include/vfs_macros.h branches/SAMBA_3_0_24/source/lib/system.c branches/SAMBA_3_0_24/source/smbd/open.c branches/SAMBA_3_0_24/source/smbd/vfs-wrap.c branches/SAMBA_3_0_24/source/smbd/vfs.c Changeset: Modified: branches/SAMBA_3_0_24/source/Makefile.in === --- branches/SAMBA_3_0_24/source/Makefile.in2006-11-10 15:28:44 UTC (rev 19653) +++ branches/SAMBA_3_0_24/source/Makefile.in2006-11-10 15:40:48 UTC (rev 19654) @@ -374,6 +374,7 @@ VFS_SHADOW_COPY_OBJ = modules/vfs_shadow_copy.o VFS_AFSACL_OBJ = modules/vfs_afsacl.o VFS_CATIA_OBJ = modules/vfs_catia.o +VFS_GPFS_OBJ = modules/vfs_gpfs.o modules/gpfs.o PLAINTEXT_AUTH_OBJ = auth/pampass.o auth/pass_check.o @@ -1373,6 +1374,10 @@ @$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_CATIA_OBJ:[EMAIL PROTECTED]@) \ @[EMAIL PROTECTED] [EMAIL PROTECTED] +bin/[EMAIL PROTECTED]@: $(VFS_GPFS_OBJ) + @echo Building plugin $@ + @$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_GPFS_OBJ) \ + @[EMAIL PROTECTED] [EMAIL PROTECTED] bin/[EMAIL PROTECTED]@: $(WBINFO_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ Modified: branches/SAMBA_3_0_24/source/configure.in === --- branches/SAMBA_3_0_24/source/configure.in 2006-11-10 15:28:44 UTC (rev 19653) +++ branches/SAMBA_3_0_24/source/configure.in 2006-11-10 15:40:48 UTC (rev 19654) @@ -1286,6 +1286,20 @@ AC_CHECK_FUNCS(backtrace_symbols) AC_CHECK_LIB(exc, trace_back_stack) +echo -n checking for GPFS GPL libs... +save_LIBS=$LIBS +LIBS=$LIBS -lgpfs_gpl +AC_TRY_LINK([#include gpfs_gpl.h], + [gpfs_set_share(0,GPFS_SHARE_READ,GPFS_DENY_NONE)], + samba_cv_HAVE_GPFS=yes, + samba_cv_HAVE_GPFS=no) +echo $samba_cv_HAVE_GPFS +if test x$samba_cv_HAVE_GPFS = xyes; then +AC_DEFINE(HAVE_GPFS,1,[Whether GPFS GPL libs are available]) +default_shared_modules=$default_shared_modules vfs_gpfs +fi +LIBS=$save_LIBS + # Note that all the libunwind symbols in the API are defined to internal # platform-specific version, so we must include libunwind.h before checking # any of them. @@ -5598,6 +5612,7 @@ SMB_MODULE(vfs_shadow_copy, \$(VFS_SHADOW_COPY_OBJ), bin/shadow_copy.$SHLIBEXT, VFS) SMB_MODULE(vfs_afsacl, \$(VFS_AFSACL_OBJ), bin/afsacl.$SHLIBEXT, VFS) SMB_MODULE(vfs_catia, \$(VFS_CATIA_OBJ), bin/catia.$SHLIBEXT, VFS) +SMB_MODULE(vfs_gpfs, \$(VFS_GPFS_OBJ), bin/gpfs.$SHLIBEXT, VFS) SMB_SUBSYSTEM(VFS,smbd/vfs.o) AC_DEFINE_UNQUOTED(STRING_STATIC_MODULES, $string_static_modules, [String list of builtin modules]) Modified: branches/SAMBA_3_0_24/source/include/smbprofile.h === --- branches/SAMBA_3_0_24/source/include/smbprofile.h 2006-11-10 15:28:44 UTC (rev 19653) +++ branches/SAMBA_3_0_24/source/include/smbprofile.h 2006-11-10 15:40:48 UTC (rev 19654) @@ -101,6 +101,8 @@ unsigned syscall_ftruncate_count; unsigned syscall_ftruncate_time; unsigned syscall_fcntl_lock_count; + unsigned syscall_kernel_flock_count; + unsigned syscall_kernel_flock_time; unsigned syscall_fcntl_lock_time; unsigned syscall_fcntl_getlock_count; unsigned syscall_fcntl_getlock_time; Modified: branches/SAMBA_3_0_24/source/include/vfs.h === --- branches/SAMBA_3_0_24/source/include/vfs.h 2006-11-10 15:28:44 UTC (rev 19653) +++ branches/SAMBA_3_0_24/source/include/vfs.h 2006-11-10 15:40:48 UTC (rev 19654) @@ -142,6 +142,7 @@ SMB_VFS_OP_UTIME, SMB_VFS_OP_FTRUNCATE, SMB_VFS_OP_LOCK, + SMB_VFS_OP_KERNEL_FLOCK, SMB_VFS_OP_GETLOCK, SMB_VFS_OP_SYMLINK, SMB_VFS_OP_READLINK, @@ -264,6 +265,7 @@ int (*utime)(struct vfs_handle_struct *handle, struct connection_struct *conn, const char *path, struct utimbuf *times); int (*ftruncate)(struct vfs_handle_struct *handle, struct files_struct *fsp, int fd, SMB_OFF_T offset); BOOL (*lock)(struct vfs_handle_struct *handle, struct files_struct *fsp, int fd, int op, SMB_OFF_T offset, SMB_OFF_T count, int type); + int (*kernel_flock)(struct vfs_handle_struct *handle, struct files_struct *fsp, int fd, uint32 share_mode); BOOL (*getlock)(struct vfs_handle_struct *handle, struct files_struct *fsp, int fd, SMB_OFF_T *poffset
svn commit: samba r19655 - in branches: SAMBA_3_0/source/include SAMBA_3_0_24/source/include
Author: jmcd Date: 2006-11-10 15:43:29 + (Fri, 10 Nov 2006) New Revision: 19655 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19655 Log: Jeremy, please review: I updated the vfs version in 3.0.24 from 16 to 17, beacuse 16 was the latest released code, but on SAMBA_3_0, I reverted my earlier change back from 19 to 18, because we've not had any released code with 18. This is related to the kernel_flock call addition. Modified: branches/SAMBA_3_0/source/include/vfs.h branches/SAMBA_3_0_24/source/include/vfs.h Changeset: Modified: branches/SAMBA_3_0/source/include/vfs.h === --- branches/SAMBA_3_0/source/include/vfs.h 2006-11-10 15:40:48 UTC (rev 19654) +++ branches/SAMBA_3_0/source/include/vfs.h 2006-11-10 15:43:29 UTC (rev 19655) @@ -63,9 +63,9 @@ /* Changed to version 15 as we added the statvfs call. JRA */ /* Changed to version 16 as we added the getlock call. JRA */ /* Changed to version 17 as we removed redundant connection_struct parameters. --jpeach */ -/* Changed to version 18 to add fsp parameter to the open call -- jpeach */ -/* Changed to version 19 to add kernel_flock call - jmcd */ -#define SMB_VFS_INTERFACE_VERSION 19 +/* Changed to version 18 to add fsp parameter to the open call -- jpeach + Also include kernel_flock call - jmcd */ +#define SMB_VFS_INTERFACE_VERSION 18 /* to bug old modules which are trying to compile with the old functions */ Modified: branches/SAMBA_3_0_24/source/include/vfs.h === --- branches/SAMBA_3_0_24/source/include/vfs.h 2006-11-10 15:40:48 UTC (rev 19654) +++ branches/SAMBA_3_0_24/source/include/vfs.h 2006-11-10 15:43:29 UTC (rev 19655) @@ -62,7 +62,8 @@ /* Changed to version 14 as we had to change DIR to SMB_STRUCT_DIR. JRA */ /* Changed to version 15 as we added the statvfs call. JRA */ /* Changed to version 16 as we added the getlock call. JRA */ -#define SMB_VFS_INTERFACE_VERSION 16 +/* Changed to version 17 to add kernel_flock call. Note in 3.0 dev branch it's different - jmcd */ +#define SMB_VFS_INTERFACE_VERSION 17 /* to bug old modules which are trying to compile with the old functions */
svn commit: samba r19658 - in branches/SAMBA_3_0_24/source/modules: .
Author: jmcd Date: 2006-11-10 23:30:07 + (Fri, 10 Nov 2006) New Revision: 19658 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19658 Log: Forgot to add these for the gpfs code Added: branches/SAMBA_3_0_24/source/modules/gpfs.c branches/SAMBA_3_0_24/source/modules/vfs_gpfs.c Changeset: Added: branches/SAMBA_3_0_24/source/modules/gpfs.c === --- branches/SAMBA_3_0_24/source/modules/gpfs.c 2006-11-10 15:56:20 UTC (rev 19657) +++ branches/SAMBA_3_0_24/source/modules/gpfs.c 2006-11-10 23:30:07 UTC (rev 19658) @@ -0,0 +1,231 @@ +/* + * Unix SMB/CIFS implementation. + * Provide a connection to GPFS specific features + * Copyright (C) Volker Lendecke 2005 + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + */ + +#include includes.h + +#ifdef HAVE_GPFS + +#include gpfs_gpl.h + +static void *libgpfs_handle = NULL; + +static int (*gpfs_set_share_fn)(int fd, unsigned int allow, unsigned int deny); +static int (*gpfs_set_lease_fn)(int fd, unsigned int leaseType); +static int (*gpfs_getacl_fn)(char *pathname, int flags, void *acl); +static int (*gpfs_putacl_fn)(char *pathname, int flags, void *acl); + + +BOOL set_gpfs_sharemode(files_struct *fsp, uint32 access_mask, + uint32 share_access) +{ + unsigned int allow = GPFS_SHARE_NONE; + unsigned int deny = GPFS_DENY_NONE; + int result; + + if (gpfs_set_share_fn == NULL) { + return False; + } + + if ((fsp == NULL) || (fsp-fh == NULL) || (fsp-fh-fd 0)) { + /* No real file, don't disturb */ + return True; + } + + allow |= (access_mask (FILE_WRITE_DATA|FILE_APPEND_DATA| +DELETE_ACCESS)) ? GPFS_SHARE_WRITE : 0; + allow |= (access_mask (FILE_READ_DATA|FILE_EXECUTE)) ? + GPFS_SHARE_READ : 0; + deny |= (share_access (FILE_SHARE_WRITE|FILE_SHARE_DELETE)) ? + 0 : GPFS_DENY_WRITE; + deny |= (share_access (FILE_SHARE_READ)) ? + 0 : GPFS_DENY_READ; + + DEBUG(10, (am=%x, allow=%d, sa=%x, deny=%d\n, + access_mask, allow, share_access, deny)); + + result = gpfs_set_share_fn(fsp-fh-fd, allow, deny); + if (result != 0) { + if (errno == ENOSYS) { + DEBUG(5, (VFS module vfs_gpfs loaded, but no gpfs + support has been compiled into Samba. Allowing access\n)); + return True; + } else { + DEBUG(10, (gpfs_set_share failed: %s\n, + strerror(errno))); + } + } + + return (result == 0); +} + +int set_gpfs_lease(int fd, int leasetype) +{ + int gpfs_type = GPFS_LEASE_NONE; + + if (gpfs_set_lease_fn == NULL) { + errno = EINVAL; + return -1; + } + + if (leasetype == F_RDLCK) { + gpfs_type = GPFS_LEASE_READ; + } + if (leasetype == F_WRLCK) { + gpfs_type = GPFS_LEASE_WRITE; + } + return gpfs_set_lease_fn(fd, gpfs_type); +} + +int smbd_gpfs_getacl(char *pathname, int flags, void *acl) +{ + if (gpfs_getacl_fn == NULL) { + errno = ENOSYS; + return -1; + } + + return gpfs_getacl_fn(pathname, flags, acl); +} + +int smbd_gpfs_putacl(char *pathname, int flags, void *acl) +{ + if (gpfs_putacl_fn == NULL) { + errno = ENOSYS; + return -1; + } + + return gpfs_putacl_fn(pathname, flags, acl); +} + +void init_gpfs(void) +{ + if (libgpfs_handle != NULL) { + return; + } + + libgpfs_handle = sys_dlopen(libgpfs_gpl.so, RTLD_LAZY); + + if (libgpfs_handle == NULL) { + DEBUG(10, (sys_dlopen for libgpfs_gpl failed: %s\n, + strerror(errno))); + return; + } + + DEBUG(10, (libgpfs_gpl.so loaded\n)); + + gpfs_set_share_fn = sys_dlsym(libgpfs_handle, gpfs_set_share); + if (gpfs_set_share_fn == NULL) { + DEBUG(3, (libgpfs_gpl.so does not contain the symbol + 'gpfs_set_share'\n
svn commit: samba r19647 - in branches/SAMBA_3_0/source: . include lib modules profile smbd
Author: jmcd Date: 2006-11-09 20:29:31 + (Thu, 09 Nov 2006) New Revision: 19647 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19647 Log: Add some GPFS support in a vfs mod. Also adds the kernel flock op to the vfs layer, since gpfs supports it. Thanks to Volker, Christian, Mathias, Chetan, and Peter. Added: branches/SAMBA_3_0/source/modules/gpfs.c branches/SAMBA_3_0/source/modules/vfs_gpfs.c Modified: branches/SAMBA_3_0/source/Makefile.in branches/SAMBA_3_0/source/configure.in branches/SAMBA_3_0/source/include/smbprofile.h branches/SAMBA_3_0/source/include/vfs.h branches/SAMBA_3_0/source/include/vfs_macros.h branches/SAMBA_3_0/source/lib/system.c branches/SAMBA_3_0/source/modules/vfs_default.c branches/SAMBA_3_0/source/profile/profile.c branches/SAMBA_3_0/source/smbd/open.c Changeset: Sorry, the patch is too large (590 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19647
svn commit: samba r19648 - in branches/SAMBA_3_0/source/include: .
Author: jmcd Date: 2006-11-09 21:40:40 + (Thu, 09 Nov 2006) New Revision: 19648 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19648 Log: whoops, forgot to increment the vfs version number with the added flock call. Modified: branches/SAMBA_3_0/source/include/vfs.h Changeset: Modified: branches/SAMBA_3_0/source/include/vfs.h === --- branches/SAMBA_3_0/source/include/vfs.h 2006-11-09 20:29:31 UTC (rev 19647) +++ branches/SAMBA_3_0/source/include/vfs.h 2006-11-09 21:40:40 UTC (rev 19648) @@ -64,7 +64,8 @@ /* Changed to version 16 as we added the getlock call. JRA */ /* Changed to version 17 as we removed redundant connection_struct parameters. --jpeach */ /* Changed to version 18 to add fsp parameter to the open call -- jpeach */ -#define SMB_VFS_INTERFACE_VERSION 18 +/* Changed to version 19 to add kernel_flock call - jmcd */ +#define SMB_VFS_INTERFACE_VERSION 19 /* to bug old modules which are trying to compile with the old functions */
svn commit: samba r19057 - in branches/SAMBA_3_0_23/source: passdb rpc_parse rpc_server utils
Author: jmcd Date: 2006-10-03 16:48:02 + (Tue, 03 Oct 2006) New Revision: 19057 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19057 Log: backout 18726, 18748, 18754, 18758 from 3.0.23 until further testing in SAMBA_3_0. password times go back to previous functionality, for now. Modified: branches/SAMBA_3_0_23/source/passdb/pdb_get_set.c branches/SAMBA_3_0_23/source/rpc_parse/parse_samr.c branches/SAMBA_3_0_23/source/rpc_server/srv_samr_util.c branches/SAMBA_3_0_23/source/utils/net_sam.c branches/SAMBA_3_0_23/source/utils/pdbedit.c Changeset: Modified: branches/SAMBA_3_0_23/source/passdb/pdb_get_set.c === --- branches/SAMBA_3_0_23/source/passdb/pdb_get_set.c 2006-10-03 12:21:02 UTC (rev 19056) +++ branches/SAMBA_3_0_23/source/passdb/pdb_get_set.c 2006-10-03 16:48:02 UTC (rev 19057) @@ -72,32 +72,12 @@ time_t pdb_get_pass_can_change_time(const struct samu *sampass) { - uint32 allow; - - if (sampass-pass_last_set_time == 0) - return (time_t) 0; - - if (!pdb_get_account_policy(AP_MIN_PASSWORD_AGE, allow)) - allow = 0; - - return sampass-pass_last_set_time + allow; + return sampass-pass_can_change_time; } time_t pdb_get_pass_must_change_time(const struct samu *sampass) { - uint32 expire; - - if (sampass-pass_last_set_time == 0) - return (time_t) 0; - - if (sampass-acct_ctrl ACB_PWNOEXP) - return get_time_t_max(); - - if (!pdb_get_account_policy(AP_MAX_PASSWORD_AGE, expire) - || expire == (uint32)-1 || expire == 0) - return get_time_t_max(); - - return sampass-pass_last_set_time + expire; + return sampass-pass_must_change_time; } uint16 pdb_get_logon_divs(const struct samu *sampass) Modified: branches/SAMBA_3_0_23/source/rpc_parse/parse_samr.c === --- branches/SAMBA_3_0_23/source/rpc_parse/parse_samr.c 2006-10-03 12:21:02 UTC (rev 19056) +++ branches/SAMBA_3_0_23/source/rpc_parse/parse_samr.c 2006-10-03 16:48:02 UTC (rev 19057) @@ -6208,7 +6208,6 @@ pass_last_set_time, pass_can_change_time, pass_must_change_time; - time_t must_change_time; const char* user_name = pdb_get_username(pw); const char* full_name = pdb_get_fullname(pw); const char* home_dir = pdb_get_homedir(pw); @@ -6233,16 +6232,12 @@ } /* Create NTTIME structs */ - unix_to_nt_time (logon_time, pdb_get_logon_time(pw)); - unix_to_nt_time (logoff_time, pdb_get_logoff_time(pw)); + unix_to_nt_time (logon_time, pdb_get_logon_time(pw)); + unix_to_nt_time (logoff_time, pdb_get_logoff_time(pw)); unix_to_nt_time (kickoff_time, pdb_get_kickoff_time(pw)); - unix_to_nt_time (pass_last_set_time, pdb_get_pass_last_set_time(pw)); - unix_to_nt_time (pass_can_change_time,pdb_get_pass_can_change_time(pw)); - must_change_time = pdb_get_pass_must_change_time(pw); - if (must_change_time == get_time_t_max()) - unix_to_nt_time_abs(pass_must_change_time, must_change_time); - else - unix_to_nt_time(pass_must_change_time, must_change_time); + unix_to_nt_time (pass_last_set_time, pdb_get_pass_last_set_time(pw)); + unix_to_nt_time (pass_can_change_time, pdb_get_pass_can_change_time(pw)); + unix_to_nt_time (pass_must_change_time,pdb_get_pass_must_change_time(pw)); /* structure assignment */ usr-logon_time= logon_time; Modified: branches/SAMBA_3_0_23/source/rpc_server/srv_samr_util.c === --- branches/SAMBA_3_0_23/source/rpc_server/srv_samr_util.c 2006-10-03 12:21:02 UTC (rev 19056) +++ branches/SAMBA_3_0_23/source/rpc_server/srv_samr_util.c 2006-10-03 16:48:02 UTC (rev 19057) @@ -99,6 +99,14 @@ pdb_set_kickoff_time(to, unix_time , PDB_CHANGED); } + if (from-fields_present ACCT_ALLOW_PWD_CHANGE) { + unix_time=nt_time_to_unix(from-pass_can_change_time); + stored_time = pdb_get_pass_can_change_time(to); + DEBUG(10,(INFO_21 PASS_CAN_CH: %lu - %lu\n,(long unsigned int)stored_time, (long unsigned int)unix_time)); + if (stored_time != unix_time) + pdb_set_pass_can_change_time(to, unix_time, PDB_CHANGED); + } + if (from-fields_present ACCT_LAST_PWD_CHANGE) { unix_time=nt_time_to_unix(from-pass_last_set_time); stored_time = pdb_get_pass_last_set_time(to); @@ -107,6 +115,14 @@ pdb_set_pass_last_set_time(to, unix_time
svn commit: samba r19058 - in branches/SAMBA_3_0/source: auth passdb rpc_server smbd
Author: jmcd Date: 2006-10-03 17:14:18 + (Tue, 03 Oct 2006) New Revision: 19058 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19058 Log: Implement user cannot change password, and complete user must change password at next logon code. The password last set time of zero now means user must change password, because that's how windows seems to use it. The can change and must change times are now calculated based on the last set time and policies. We use the can change field now to indicate that a user cannot change a password by putting MAX_TIME_T in it (so long as last set time isn't zero). Based on this, we set the password-can-change bit in the faked secdesc. Modified: branches/SAMBA_3_0/source/auth/auth_sam.c branches/SAMBA_3_0/source/passdb/passdb.c branches/SAMBA_3_0/source/passdb/pdb_get_set.c branches/SAMBA_3_0/source/passdb/pdb_interface.c branches/SAMBA_3_0/source/passdb/pdb_ldap.c branches/SAMBA_3_0/source/rpc_server/srv_netlog_nt.c branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c branches/SAMBA_3_0/source/smbd/chgpasswd.c Changeset: Modified: branches/SAMBA_3_0/source/auth/auth_sam.c === --- branches/SAMBA_3_0/source/auth/auth_sam.c 2006-10-03 16:48:02 UTC (rev 19057) +++ branches/SAMBA_3_0/source/auth/auth_sam.c 2006-10-03 17:14:18 UTC (rev 19058) @@ -168,7 +168,7 @@ time_t last_set_time = pdb_get_pass_last_set_time(sampass); /* check for immediate expiry must change at next logon */ - if (must_change_time == 0 last_set_time != 0) { + if (last_set_time == 0) { DEBUG(1,(sam_account_ok: Account for user '%s' password must change!.\n, pdb_get_username(sampass))); return NT_STATUS_PASSWORD_MUST_CHANGE; } Modified: branches/SAMBA_3_0/source/passdb/passdb.c === --- branches/SAMBA_3_0/source/passdb/passdb.c 2006-10-03 16:48:02 UTC (rev 19057) +++ branches/SAMBA_3_0/source/passdb/passdb.c 2006-10-03 17:14:18 UTC (rev 19058) @@ -1106,7 +1106,7 @@ logoff_time = (uint32)pdb_get_logoff_time(sampass); kickoff_time = (uint32)pdb_get_kickoff_time(sampass); bad_password_time = (uint32)pdb_get_bad_password_time(sampass); - pass_can_change_time = (uint32)pdb_get_pass_can_change_time(sampass); + pass_can_change_time = (uint32)pdb_get_pass_can_change_time_noncalc(sampass); pass_must_change_time = (uint32)pdb_get_pass_must_change_time(sampass); pass_last_set_time = (uint32)pdb_get_pass_last_set_time(sampass); Modified: branches/SAMBA_3_0/source/passdb/pdb_get_set.c === --- branches/SAMBA_3_0/source/passdb/pdb_get_set.c 2006-10-03 16:48:02 UTC (rev 19057) +++ branches/SAMBA_3_0/source/passdb/pdb_get_set.c 2006-10-03 17:14:18 UTC (rev 19058) @@ -74,15 +74,34 @@ { uint32 allow; + /* if the last set time is zero, it means the user cannot + change their password, and this time must be zero. jmcd + */ if (sampass-pass_last_set_time == 0) return (time_t) 0; + /* if the time is max, and the field has been changed, + we're trying to update this real value from the sampass + to indicate that the user cannot change their password. jmcd + */ + if (sampass-pass_can_change_time == get_time_t_max() + pdb_get_init_flags(sampass, PDB_CANCHANGETIME) == PDB_CHANGED) + return sampass-pass_can_change_time; + if (!pdb_get_account_policy(AP_MIN_PASSWORD_AGE, allow)) allow = 0; + /* in normal cases, just calculate it from policy */ return sampass-pass_last_set_time + allow; } +/* we need this for loading from the backend, so that we don't overwrite + non-changed max times, otherwise the pass_can_change checking won't work */ +time_t pdb_get_pass_can_change_time_noncalc(const struct samu *sampass) +{ + return sampass-pass_can_change_time; +} + time_t pdb_get_pass_must_change_time(const struct samu *sampass) { uint32 expire; @@ -100,6 +119,14 @@ return sampass-pass_last_set_time + expire; } +BOOL pdb_get_pass_can_change(const struct samu *sampass) +{ + if (sampass-pass_can_change_time == get_time_t_max() + sampass-pass_last_set_time != 0) + return False; + return True; +} + uint16 pdb_get_logon_divs(const struct samu *sampass) { return sampass-logon_divs; @@ -944,43 +971,14 @@ /* Helpful interfaces to the above */ -/* - Sets the last changed times and must change times for a normal - password change
svn commit: samba r18722 - in branches/SAMBA_3_0/source: passdb rpc_parse rpc_server
Author: jmcd Date: 2006-09-20 17:25:46 + (Wed, 20 Sep 2006) New Revision: 18722 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18722 Log: Fix up password change times. The can change and must change times are calculated based on the last change time, policies, and acb flags. Next step will be to not bother storing them. Right now I'm just trying to get them reported correctly. Modified: branches/SAMBA_3_0/source/passdb/pdb_get_set.c branches/SAMBA_3_0/source/rpc_parse/parse_samr.c branches/SAMBA_3_0/source/rpc_server/srv_samr_util.c Changeset: Modified: branches/SAMBA_3_0/source/passdb/pdb_get_set.c === --- branches/SAMBA_3_0/source/passdb/pdb_get_set.c 2006-09-20 17:19:05 UTC (rev 18721) +++ branches/SAMBA_3_0/source/passdb/pdb_get_set.c 2006-09-20 17:25:46 UTC (rev 18722) @@ -72,12 +72,32 @@ time_t pdb_get_pass_can_change_time(const struct samu *sampass) { - return sampass-pass_can_change_time; + uint32 allow; + + if (sampass-pass_last_set_time == 0) + return (time_t) 0; + + if (!pdb_get_account_policy(AP_MIN_PASSWORD_AGE, allow)) + allow = 0; + + return sampass-pass_last_set_time + allow; } time_t pdb_get_pass_must_change_time(const struct samu *sampass) { - return sampass-pass_must_change_time; + uint32 expire; + + if (sampass-pass_last_set_time == 0) + return (time_t) 0; + + if (sampass-acct_ctrl ACB_PWNOEXP) + return get_time_t_max(); + + if (!pdb_get_account_policy(AP_MAX_PASSWORD_AGE, expire) + || expire == (uint32)-1 || expire == 0) + return get_time_t_max(); + + return sampass-pass_last_set_time + expire; } uint16 pdb_get_logon_divs(const struct samu *sampass) Modified: branches/SAMBA_3_0/source/rpc_parse/parse_samr.c === --- branches/SAMBA_3_0/source/rpc_parse/parse_samr.c2006-09-20 17:19:05 UTC (rev 18721) +++ branches/SAMBA_3_0/source/rpc_parse/parse_samr.c2006-09-20 17:25:46 UTC (rev 18722) @@ -6270,6 +6270,7 @@ pass_last_set_time, pass_can_change_time, pass_must_change_time; + time_t must_change_time; const char* user_name = pdb_get_username(pw); const char* full_name = pdb_get_fullname(pw); const char* home_dir = pdb_get_homedir(pw); @@ -6294,12 +6295,16 @@ } /* Create NTTIME structs */ - unix_to_nt_time (logon_time, pdb_get_logon_time(pw)); - unix_to_nt_time (logoff_time, pdb_get_logoff_time(pw)); + unix_to_nt_time (logon_time, pdb_get_logon_time(pw)); + unix_to_nt_time (logoff_time, pdb_get_logoff_time(pw)); unix_to_nt_time (kickoff_time, pdb_get_kickoff_time(pw)); - unix_to_nt_time (pass_last_set_time, pdb_get_pass_last_set_time(pw)); - unix_to_nt_time (pass_can_change_time, pdb_get_pass_can_change_time(pw)); - unix_to_nt_time (pass_must_change_time,pdb_get_pass_must_change_time(pw)); + unix_to_nt_time (pass_last_set_time, pdb_get_pass_last_set_time(pw)); + unix_to_nt_time (pass_can_change_time,pdb_get_pass_can_change_time(pw)); + must_change_time = pdb_get_pass_must_change_time(pw); + if (must_change_time == get_time_t_max()) + unix_to_nt_time_abs(pass_must_change_time, must_change_time); + else + unix_to_nt_time(pass_must_change_time, must_change_time); /* structure assignment */ usr-logon_time= logon_time; Modified: branches/SAMBA_3_0/source/rpc_server/srv_samr_util.c === --- branches/SAMBA_3_0/source/rpc_server/srv_samr_util.c2006-09-20 17:19:05 UTC (rev 18721) +++ branches/SAMBA_3_0/source/rpc_server/srv_samr_util.c2006-09-20 17:25:46 UTC (rev 18722) @@ -283,26 +283,16 @@ } } - DEBUG(10,(INFO_21 PASS_MUST_CHANGE_AT_NEXT_LOGON: %02X\n,from-passmustchange)); - if (from-passmustchange==PASS_MUST_CHANGE_AT_NEXT_LOGON) { - pdb_set_pass_must_change_time(to,0, PDB_CHANGED); - } else { - uint32 expire; - time_t new_time; - if (pdb_get_pass_must_change_time(to) == 0) { - if (!pdb_get_account_policy(AP_MAX_PASSWORD_AGE, expire) - || expire == (uint32)-1) { - new_time = get_time_t_max(); - } else { - time_t old_time = pdb_get_pass_last_set_time(to); - new_time = old_time + expire; - if ((new_time) time(0
svn commit: samba r18724 - in branches/SAMBA_3_0/source/rpc_server: .
Author: jmcd Date: 2006-09-20 17:37:20 + (Wed, 20 Sep 2006) New Revision: 18724 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18724 Log: Fixup time(0) - time(NULL) Modified: branches/SAMBA_3_0/source/rpc_server/srv_samr_util.c Changeset: Modified: branches/SAMBA_3_0/source/rpc_server/srv_samr_util.c === --- branches/SAMBA_3_0/source/rpc_server/srv_samr_util.c2006-09-20 17:29:34 UTC (rev 18723) +++ branches/SAMBA_3_0/source/rpc_server/srv_samr_util.c2006-09-20 17:37:20 UTC (rev 18724) @@ -292,7 +292,7 @@ if (from-passmustchange == PASS_MUST_CHANGE_AT_NEXT_LOGON) { pdb_set_pass_last_set_time(to, 0, PDB_CHANGED); } else { - pdb_set_pass_last_set_time(to, time(0), PDB_CHANGED); + pdb_set_pass_last_set_time(to, time(NULL),PDB_CHANGED); } } @@ -521,7 +521,7 @@ if (from-passmustchange == PASS_MUST_CHANGE_AT_NEXT_LOGON) { pdb_set_pass_last_set_time(to, 0, PDB_CHANGED); } else { - pdb_set_pass_last_set_time(to, time(0), PDB_CHANGED); + pdb_set_pass_last_set_time(to, time(NULL),PDB_CHANGED); } }
svn commit: samba r18726 - in branches/SAMBA_3_0_23/source: passdb rpc_parse rpc_server
Author: jmcd Date: 2006-09-20 17:58:16 + (Wed, 20 Sep 2006) New Revision: 18726 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18726 Log: Password time stuff from SAMBA_3_0. I'll keep them in sync next time. Modified: branches/SAMBA_3_0_23/source/passdb/pdb_get_set.c branches/SAMBA_3_0_23/source/rpc_parse/parse_samr.c branches/SAMBA_3_0_23/source/rpc_server/srv_samr_util.c Changeset: Modified: branches/SAMBA_3_0_23/source/passdb/pdb_get_set.c === --- branches/SAMBA_3_0_23/source/passdb/pdb_get_set.c 2006-09-20 17:56:50 UTC (rev 18725) +++ branches/SAMBA_3_0_23/source/passdb/pdb_get_set.c 2006-09-20 17:58:16 UTC (rev 18726) @@ -72,12 +72,32 @@ time_t pdb_get_pass_can_change_time(const struct samu *sampass) { - return sampass-pass_can_change_time; + uint32 allow; + + if (sampass-pass_last_set_time == 0) + return (time_t) 0; + + if (!pdb_get_account_policy(AP_MIN_PASSWORD_AGE, allow)) + allow = 0; + + return sampass-pass_last_set_time + allow; } time_t pdb_get_pass_must_change_time(const struct samu *sampass) { - return sampass-pass_must_change_time; + uint32 expire; + + if (sampass-pass_last_set_time == 0) + return (time_t) 0; + + if (sampass-acct_ctrl ACB_PWNOEXP) + return get_time_t_max(); + + if (!pdb_get_account_policy(AP_MAX_PASSWORD_AGE, expire) + || expire == (uint32)-1 || expire == 0) + return get_time_t_max(); + + return sampass-pass_last_set_time + expire; } uint16 pdb_get_logon_divs(const struct samu *sampass) Modified: branches/SAMBA_3_0_23/source/rpc_parse/parse_samr.c === --- branches/SAMBA_3_0_23/source/rpc_parse/parse_samr.c 2006-09-20 17:56:50 UTC (rev 18725) +++ branches/SAMBA_3_0_23/source/rpc_parse/parse_samr.c 2006-09-20 17:58:16 UTC (rev 18726) @@ -6208,6 +6208,7 @@ pass_last_set_time, pass_can_change_time, pass_must_change_time; + time_t must_change_time; const char* user_name = pdb_get_username(pw); const char* full_name = pdb_get_fullname(pw); const char* home_dir = pdb_get_homedir(pw); @@ -6232,12 +6233,16 @@ } /* Create NTTIME structs */ - unix_to_nt_time (logon_time, pdb_get_logon_time(pw)); - unix_to_nt_time (logoff_time, pdb_get_logoff_time(pw)); + unix_to_nt_time (logon_time, pdb_get_logon_time(pw)); + unix_to_nt_time (logoff_time, pdb_get_logoff_time(pw)); unix_to_nt_time (kickoff_time, pdb_get_kickoff_time(pw)); - unix_to_nt_time (pass_last_set_time, pdb_get_pass_last_set_time(pw)); - unix_to_nt_time (pass_can_change_time, pdb_get_pass_can_change_time(pw)); - unix_to_nt_time (pass_must_change_time,pdb_get_pass_must_change_time(pw)); + unix_to_nt_time (pass_last_set_time, pdb_get_pass_last_set_time(pw)); + unix_to_nt_time (pass_can_change_time,pdb_get_pass_can_change_time(pw)); + must_change_time = pdb_get_pass_must_change_time(pw); + if (must_change_time == get_time_t_max()) + unix_to_nt_time_abs(pass_must_change_time, must_change_time); + else + unix_to_nt_time(pass_must_change_time, must_change_time); /* structure assignment */ usr-logon_time= logon_time; Modified: branches/SAMBA_3_0_23/source/rpc_server/srv_samr_util.c === --- branches/SAMBA_3_0_23/source/rpc_server/srv_samr_util.c 2006-09-20 17:56:50 UTC (rev 18725) +++ branches/SAMBA_3_0_23/source/rpc_server/srv_samr_util.c 2006-09-20 17:58:16 UTC (rev 18726) @@ -284,26 +284,16 @@ } } - DEBUG(10,(INFO_21 PASS_MUST_CHANGE_AT_NEXT_LOGON: %02X\n,from-passmustchange)); - if (from-passmustchange==PASS_MUST_CHANGE_AT_NEXT_LOGON) { - pdb_set_pass_must_change_time(to,0, PDB_CHANGED); - } else { - uint32 expire; - time_t new_time; - if (pdb_get_pass_must_change_time(to) == 0) { - if (!pdb_get_account_policy(AP_MAX_PASSWORD_AGE, expire) - || expire == (uint32)-1) { - new_time = get_time_t_max(); - } else { - time_t old_time = pdb_get_pass_last_set_time(to); - new_time = old_time + expire; - if ((new_time) time(0)) { - new_time = time(0) + expire
svn commit: samba r18748 - in branches: SAMBA_3_0/source/utils SAMBA_3_0_23/source/utils
Author: jmcd Date: 2006-09-20 22:55:44 + (Wed, 20 Sep 2006) New Revision: 18748 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18748 Log: Eliminate set of computed time values Modified: branches/SAMBA_3_0/source/utils/pdbedit.c branches/SAMBA_3_0_23/source/utils/pdbedit.c Changeset: Modified: branches/SAMBA_3_0/source/utils/pdbedit.c === --- branches/SAMBA_3_0/source/utils/pdbedit.c 2006-09-20 22:49:02 UTC (rev 18747) +++ branches/SAMBA_3_0/source/utils/pdbedit.c 2006-09-20 22:55:44 UTC (rev 18748) @@ -407,8 +407,7 @@ const char *drive, const char *script, const char *profile, const char *account_control, const char *user_sid, const char *user_domain, - const BOOL badpw, const BOOL hours, - time_t pwd_can_change, time_t pwd_must_change) + const BOOL badpw, const BOOL hours) { BOOL updated_autolock = False, updated_badpw = False; struct samu *sam_pwent=NULL; @@ -435,14 +434,6 @@ pdb_set_hours(sam_pwent, hours_array, PDB_CHANGED); } - if (pwd_can_change != -1) { - pdb_set_pass_can_change_time(sam_pwent, pwd_can_change, PDB_CHANGED); - } - - if (pwd_must_change != -1) { - pdb_set_pass_must_change_time(sam_pwent, pwd_must_change, PDB_CHANGED); - } - if (!pdb_update_autolock_flag(sam_pwent, updated_autolock)) { DEBUG(2,(pdb_update_autolock_flag failed.\n)); } @@ -766,8 +757,6 @@ BOOL account_policy_value_set = False; static BOOL badpw_reset = False; static BOOL hours_reset = False; - static char *pwd_can_change_time = NULL; - static char *pwd_must_change_time = NULL; static char *pwd_time_format = NULL; static BOOL pw_from_stdin = False; struct pdb_methods *bin, *bout, *bdef; @@ -802,8 +791,6 @@ {force-initialized-passwords, 0, POPT_ARG_NONE, force_initialised_password, 0, Force initialization of corrupt password strings in a passdb backend, NULL}, {bad-password-count-reset, 'z', POPT_ARG_NONE, badpw_reset, 0, reset bad password count, NULL}, {logon-hours-reset, 'Z', POPT_ARG_NONE, hours_reset, 0, reset logon hours, NULL}, - {pwd-can-change-time, 0, POPT_ARG_STRING, pwd_can_change_time, 0, Set password can change time (unix time in seconds since 1970 if time format not provided), NULL }, - {pwd-must-change-time, 0, POPT_ARG_STRING, pwd_must_change_time, 0, Set password must change time (unix time in seconds since 1970 if time format not provided), NULL }, {time-format, 0, POPT_ARG_STRING, pwd_time_format, 0, The time format for time parameters, NULL }, {password-from-stdin, 't', POPT_ARG_NONE, pw_from_stdin, 0, get password from standard in, NULL}, POPT_COMMON_SAMBA @@ -866,9 +853,7 @@ (backend_in ? BIT_IMPORT : 0) + (backend_out ? BIT_EXPORT : 0) + (badpw_reset ? BIT_BADPWRESET : 0) + - (hours_reset ? BIT_LOGONHOURS : 0) + - (pwd_can_change_time ? BIT_CAN_CHANGE: 0) + - (pwd_must_change_time ? BIT_MUST_CHANGE: 0); + (hours_reset ? BIT_LOGONHOURS : 0); if (setparms BIT_BACKEND) { if (!NT_STATUS_IS_OK(make_pdb_method_name( bdef, backend ))) { @@ -1040,67 +1025,9 @@ /* account modification operations */ if (!(checkparms ~(BIT_MODIFY + BIT_USER))) { - time_t pwd_can_change = -1; - time_t pwd_must_change = -1; - const char *errstr; - - if (pwd_can_change_time) { - errstr = can; - if (pwd_time_format) { - struct tm tm; - char *ret; - - memset(tm, 0, sizeof(struct tm)); - ret = strptime(pwd_can_change_time, pwd_time_format, tm); - if (ret == NULL || *ret != '\0') { - goto error; - } - - pwd_can_change = mktime(tm); - - if (pwd_can_change == -1) { - goto error; - } - } else { /* assume it is unix time */ - errno = 0; - pwd_can_change = strtol
svn commit: samba r18754 - in branches: SAMBA_3_0/source/rpc_server SAMBA_3_0_23/source/rpc_server
Author: jmcd Date: 2006-09-20 23:43:56 + (Wed, 20 Sep 2006) New Revision: 18754 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18754 Log: Get rid of some more invalid time sets Modified: branches/SAMBA_3_0/source/rpc_server/srv_samr_util.c branches/SAMBA_3_0_23/source/rpc_server/srv_samr_util.c Changeset: Modified: branches/SAMBA_3_0/source/rpc_server/srv_samr_util.c === --- branches/SAMBA_3_0/source/rpc_server/srv_samr_util.c2006-09-20 23:42:58 UTC (rev 18753) +++ branches/SAMBA_3_0/source/rpc_server/srv_samr_util.c2006-09-20 23:43:56 UTC (rev 18754) @@ -99,14 +99,6 @@ pdb_set_kickoff_time(to, unix_time , PDB_CHANGED); } - if (from-fields_present ACCT_ALLOW_PWD_CHANGE) { - unix_time=nt_time_to_unix(from-pass_can_change_time); - stored_time = pdb_get_pass_can_change_time(to); - DEBUG(10,(INFO_21 PASS_CAN_CH: %lu - %lu\n,(long unsigned int)stored_time, (long unsigned int)unix_time)); - if (stored_time != unix_time) - pdb_set_pass_can_change_time(to, unix_time, PDB_CHANGED); - } - if (from-fields_present ACCT_LAST_PWD_CHANGE) { unix_time=nt_time_to_unix(from-pass_last_set_time); stored_time = pdb_get_pass_last_set_time(to); @@ -115,14 +107,6 @@ pdb_set_pass_last_set_time(to, unix_time, PDB_CHANGED); } - if (from-fields_present ACCT_FORCE_PWD_CHANGE) { - unix_time=nt_time_to_unix(from-pass_must_change_time); - stored_time=pdb_get_pass_must_change_time(to); - DEBUG(10,(INFO_21 PASS_MUST_CH: %lu - %lu\n,(long unsigned int)stored_time, (long unsigned int)unix_time)); - if (stored_time != unix_time) - pdb_set_pass_must_change_time(to, unix_time, PDB_CHANGED); - } - if ((from-fields_present ACCT_USERNAME) (from-hdr_user_name.buffer)) { old_string = pdb_get_username(to); @@ -337,14 +321,6 @@ pdb_set_kickoff_time(to, unix_time , PDB_CHANGED); } - if (from-fields_present ACCT_ALLOW_PWD_CHANGE) { - unix_time=nt_time_to_unix(from-pass_can_change_time); - stored_time = pdb_get_pass_can_change_time(to); - DEBUG(10,(INFO_23 PASS_CAN_CH: %lu - %lu\n,(long unsigned int)stored_time, (long unsigned int)unix_time)); - if (stored_time != unix_time) - pdb_set_pass_can_change_time(to, unix_time, PDB_CHANGED); - } - if (from-fields_present ACCT_LAST_PWD_CHANGE) { unix_time=nt_time_to_unix(from-pass_last_set_time); stored_time = pdb_get_pass_last_set_time(to); @@ -353,14 +329,6 @@ pdb_set_pass_last_set_time(to, unix_time, PDB_CHANGED); } - if (from-fields_present ACCT_FORCE_PWD_CHANGE) { - unix_time=nt_time_to_unix(from-pass_must_change_time); - stored_time=pdb_get_pass_must_change_time(to); - DEBUG(10,(INFO_23 PASS_MUST_CH: %lu - %lu\n,(long unsigned int)stored_time, (long unsigned int)unix_time)); - if (stored_time != unix_time) - pdb_set_pass_must_change_time(to, unix_time, PDB_CHANGED); - } - /* Backend should check this for sanity */ if ((from-fields_present ACCT_USERNAME) (from-hdr_user_name.buffer)) { @@ -565,14 +533,6 @@ pdb_set_kickoff_time(to, unix_time , PDB_CHANGED); } - if (from-fields_present ACCT_ALLOW_PWD_CHANGE) { - unix_time=nt_time_to_unix(from-pass_can_change_time); - stored_time = pdb_get_pass_can_change_time(to); - DEBUG(10,(INFO_25 PASS_CAN_CH: %lu - %lu\n,(long unsigned int)stored_time, (long unsigned int)unix_time)); - if (stored_time != unix_time) - pdb_set_pass_can_change_time(to, unix_time, PDB_CHANGED); - } - if (from-fields_present ACCT_LAST_PWD_CHANGE) { unix_time=nt_time_to_unix(from-pass_last_set_time); stored_time = pdb_get_pass_last_set_time(to); @@ -581,14 +541,6 @@ pdb_set_pass_last_set_time(to, unix_time, PDB_CHANGED); } - if (from-fields_present ACCT_FORCE_PWD_CHANGE) { - unix_time=nt_time_to_unix(from-pass_must_change_time); - stored_time=pdb_get_pass_must_change_time(to); - DEBUG(10,(INFO_25 PASS_MUST_CH: %lu - %lu\n,(long unsigned int)stored_time, (long unsigned int)unix_time)); - if (stored_time != unix_time) - pdb_set_pass_must_change_time(to, unix_time, PDB_CHANGED); - } - if ((from
svn commit: samba r18758 - in branches: SAMBA_3_0/source/utils SAMBA_3_0_23/source/utils
Author: jmcd Date: 2006-09-20 23:56:07 + (Wed, 20 Sep 2006) New Revision: 18758 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18758 Log: Update net sam to use calculated times and force change password properly. Modified: branches/SAMBA_3_0/source/utils/net_sam.c branches/SAMBA_3_0_23/source/utils/net_sam.c Changeset: Modified: branches/SAMBA_3_0/source/utils/net_sam.c === --- branches/SAMBA_3_0/source/utils/net_sam.c 2006-09-20 23:52:58 UTC (rev 18757) +++ branches/SAMBA_3_0/source/utils/net_sam.c 2006-09-20 23:56:07 UTC (rev 18758) @@ -206,23 +206,20 @@ } /* - * Set a user's time field + * Set pass last change time, based on force pass change now */ -static int net_sam_set_time(int argc, const char **argv, const char *field, - BOOL (*fn)(struct samu *, time_t, - enum pdb_value_state)) +static int net_sam_set_pwdmustchangenow(int argc, const char **argv) { struct samu *sam_acct = NULL; DOM_SID sid; enum lsa_SidType type; const char *dom, *name; NTSTATUS status; - time_t new_time; - if (argc != 2) { - d_fprintf(stderr, usage: net sam set %s user - [now|-MM-DD HH:MM]\n, field); + if ((argc != 2) || (!strequal(argv[1], yes) + !strequal(argv[1], no))) { + d_fprintf(stderr, usage: net sam set pwdmustchangenow user [yes|no]\n); return -1; } @@ -238,22 +235,6 @@ return -1; } - if (strequal(argv[1], now)) { - new_time = time(NULL); - } else { - struct tm tm; - char *end; - ZERO_STRUCT(tm); - end = strptime(argv[1], %Y-%m-%d %H:%M, tm); - new_time = mktime(tm); - if ((end == NULL) || (*end != '\0') || (new_time == -1)) { - d_fprintf(stderr, Could not parse time string %s\n, - argv[1]); - return -1; - } - } - - if ( !(sam_acct = samu_new( NULL )) ) { d_fprintf(stderr, Internal error\n); return -1; @@ -264,9 +245,10 @@ return -1; } - if (!fn(sam_acct, new_time, PDB_CHANGED)) { - d_fprintf(stderr, Internal error\n); - return -1; + if (strequal(argv[1], yes)) { + pdb_set_pass_last_set_time(sam_acct, 0, PDB_CHANGED); + } else { + pdb_set_pass_last_set_time(sam_acct, time(NULL), PDB_CHANGED); } status = pdb_update_sam_account(sam_acct); @@ -278,22 +260,12 @@ TALLOC_FREE(sam_acct); - d_printf(Updated %s for %s\\%s to %s\n, field, dom, name, argv[1]); + d_fprintf(stderr, Updated 'user must change password at next logon' for %s\\%s to %s\n, dom, + name, argv[1]); return 0; } -static int net_sam_set_pwdmustchange(int argc, const char **argv) -{ - return net_sam_set_time(argc, argv, pwdmustchange, - pdb_set_pass_must_change_time); -} -static int net_sam_set_pwdcanchange(int argc, const char **argv) -{ - return net_sam_set_time(argc, argv, pwdcanchange, - pdb_set_pass_can_change_time); -} - /* * Set a user's or a group's comment */ @@ -376,10 +348,8 @@ Disable/Enable a user's lockout flag }, { pwnoexp, net_sam_set_pwnoexp, Disable/Enable whether a user's pw does not expire }, - { pwdmustchange, net_sam_set_pwdmustchange, - Set a users password must change time }, - { pwdcanchange, net_sam_set_pwdcanchange, - Set a users password can change time }, + { pwdmustchangenow, net_sam_set_pwdmustchangenow, + Force users password must change at next logon }, {NULL, NULL} }; Modified: branches/SAMBA_3_0_23/source/utils/net_sam.c === --- branches/SAMBA_3_0_23/source/utils/net_sam.c2006-09-20 23:52:58 UTC (rev 18757) +++ branches/SAMBA_3_0_23/source/utils/net_sam.c2006-09-20 23:56:07 UTC (rev 18758) @@ -206,23 +206,20 @@ } /* - * Set a user's time field + * Set pass last change time, based on force pass change now */ -static int net_sam_set_time(int argc, const char **argv, const char *field, - BOOL (*fn)(struct samu *, time_t, - enum pdb_value_state)) +static int net_sam_set_pwdmustchangenow(int argc, const char **argv) { struct samu *sam_acct = NULL; DOM_SID sid; enum SID_NAME_USE type; const char *dom, *name
svn commit: samba r18702 - in branches/SAMBA_3_0/source/rpcclient: .
Author: jmcd Date: 2006-09-20 00:02:51 + (Wed, 20 Sep 2006) New Revision: 18702 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18702 Log: re-enable non-decimal specification of rid Modified: branches/SAMBA_3_0/source/rpcclient/cmd_samr.c Changeset: Modified: branches/SAMBA_3_0/source/rpcclient/cmd_samr.c === --- branches/SAMBA_3_0/source/rpcclient/cmd_samr.c 2006-09-19 23:45:43 UTC (rev 18701) +++ branches/SAMBA_3_0/source/rpcclient/cmd_samr.c 2006-09-20 00:02:51 UTC (rev 18702) @@ -342,14 +342,14 @@ uint32 access_mask = MAXIMUM_ALLOWED_ACCESS; SAM_USERINFO_CTR *user_ctr; fstring server; - uint32 user_rid; + uint32 user_rid = 0; if ((argc 2) || (argc 4)) { printf(Usage: %s rid [info level] [access mask] \n, argv[0]); return NT_STATUS_OK; } - user_rid = strtoul(argv[1], NULL, 10); + sscanf(argv[1], %i, user_rid); if (argc 2) sscanf(argv[2], %i, info_level);
svn commit: samba r18660 - in branches/SAMBA_3_0/source/nmbd: .
Author: jmcd Date: 2006-09-19 00:39:21 + (Tue, 19 Sep 2006) New Revision: 18660 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18660 Log: Fix build, one uuid-GUID was missed. Modified: branches/SAMBA_3_0/source/nmbd/nmbd_processlogon.c Changeset: Modified: branches/SAMBA_3_0/source/nmbd/nmbd_processlogon.c === --- branches/SAMBA_3_0/source/nmbd/nmbd_processlogon.c 2006-09-19 00:29:41 UTC (rev 18659) +++ branches/SAMBA_3_0/source/nmbd/nmbd_processlogon.c 2006-09-19 00:39:21 UTC (rev 18660) @@ -382,7 +382,7 @@ } #ifdef HAVE_ADS else { - struct uuid domain_guid; + struct GUID domain_guid; UUID_FLAT flat_guid; pstring domain; pstring hostname;
svn commit: samba r18263 - in branches/tmp/vl-messaging/source: include lib
Author: jmcd Date: 2006-09-08 13:00:48 + (Fri, 08 Sep 2006) New Revision: 18263 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18263 Log: From Aleksey Fedoseev: Add database traverse for lockd-based locking, allowing locks to be seen in smbstatus. Modified: branches/tmp/vl-messaging/source/include/messages.h branches/tmp/vl-messaging/source/lib/dbwrap_msg.c branches/tmp/vl-messaging/source/lib/messages.c Changeset: Modified: branches/tmp/vl-messaging/source/include/messages.h === --- branches/tmp/vl-messaging/source/include/messages.h 2006-09-08 12:48:51 UTC (rev 18262) +++ branches/tmp/vl-messaging/source/include/messages.h 2006-09-08 13:00:48 UTC (rev 18263) @@ -88,6 +88,7 @@ #define MSG_DB_STORE5005 #define MSG_DB_DELETE 5006 #define MSG_DB_REINIT 5007 +#define MSG_DB_TRAVERSE5008 /* Flags to classify messages - used in message_send_all() */ /* Sender will filter by flag. */ Modified: branches/tmp/vl-messaging/source/lib/dbwrap_msg.c === --- branches/tmp/vl-messaging/source/lib/dbwrap_msg.c 2006-09-08 12:48:51 UTC (rev 18262) +++ branches/tmp/vl-messaging/source/lib/dbwrap_msg.c 2006-09-08 13:00:48 UTC (rev 18263) @@ -445,13 +445,59 @@ return 0; } +static void handle_traverse_return(int msg_type, struct process_id pid, + void *buf, size_t len); + static int db_msg_traverse(struct db_context *db, int (*fn)(TDB_DATA key, TDB_DATA value, void *private_data), void *private_data) { - /* TODO... but traverse will be VERY expensive */ - return -1; + struct db_msg_ctx *ctx = talloc_get_type_abort(db-private_data, + struct db_msg_ctx); + TDB_DATA null_data; + TDB_DATA buf; + static BOOL traverse_msg_reg = False; + int count = 0; + + null_data.dsize = 0; + null_data.dptr = NULL; + buf = msg_pack_data(ctx, ctx-db_index, null_data); + + if(buf.dptr == NULL) { + return -1; + } + + if(!traverse_msg_reg) { + message_register(MSG_DB_TRAVERSE, handle_traverse_return); + traverse_msg_reg = True; + } + + message_send_pid(ctx-lockd, MSG_DB_TRAVERSE, +buf.dptr, buf.dsize, False); + + TALLOC_FREE(buf.dptr); + + SMB_ASSERT(ctx-record == NULL); + + wait_for_return(ctx); + + while(ctx-record != NULL) { + count++; + + if(fn fn(ctx-record-key, ctx-record-value, private_data)) { + /* break the traversal */ + TALLOC_FREE(ctx-record); + message_deregister(MSG_DB_TRAVERSE); + traverse_msg_reg = False; + break; + } + + TALLOC_FREE(ctx-record); + wait_for_return(ctx); + } + + return count; } static BOOL db_msg_reinit(struct db_context *db) @@ -584,6 +630,70 @@ ctx-record = result; } +static void handle_traverse_return(int msg_type, struct process_id pid, + void *buf, size_t len) +{ + struct db_record *result; + struct db_msg_ctx *ctx = ctx_list; + uint8_t idx; + TDB_DATA key, value; + + DEBUG(10, (msg_traverse received with len %d\n, len)); + + if(!msg_unpack_double_data((const char *)buf, len, NULL, idx, key, value)) { + DEBUG(2, (Unpacking error\n)); + return ; + } + + while(ctx) { + if(ctx-db_index == idx) break; + ctx = ctx-next; + } + + if(ctx == NULL) { + DEBUG(2, (Bad database index %d\n, idx)); + return ; + } + + ctx-received = True; + ctx-record = NULL; + + if(key.dsize 0) { + result = TALLOC_ZERO_P(ctx, struct db_record); + if (result == NULL) { + DEBUG(0, (talloc failed\n)); + return ; + } + + result-key.dsize = key.dsize; + result-key.dptr = (char *)talloc_memdup( + result, key.dptr, key.dsize); + + TALLOC_FREE(key.dptr); + + if (result-key.dptr == NULL) { + DEBUG(0, (talloc failed\n)); + TALLOC_FREE(result); + TALLOC_FREE(value.dptr); + return ; + } + + if(value.dsize 0) { + result-value.dsize = value.dsize
svn commit: samba r18180 - in branches/tmp/vl-messaging/source: include lib torture
Author: jmcd Date: 2006-09-06 14:50:52 + (Wed, 06 Sep 2006) New Revision: 18180 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18180 Log: From Aleksey Fedoseev, The patch consists of several modifications: 1) added preallocation of incoming stream buffer (minus 1 malloc/free per incoming message) 2) corrected program exit (cleaning up communication buffer / closing dispatcher's sockets) 3) added message size test Modified: branches/tmp/vl-messaging/source/include/messages.h branches/tmp/vl-messaging/source/lib/messages_socket.c branches/tmp/vl-messaging/source/lib/messages_stream.c branches/tmp/vl-messaging/source/torture/msgtest.c Changeset: Modified: branches/tmp/vl-messaging/source/include/messages.h === --- branches/tmp/vl-messaging/source/include/messages.h 2006-09-06 14:29:57 UTC (rev 18179) +++ branches/tmp/vl-messaging/source/include/messages.h 2006-09-06 14:50:52 UTC (rev 18180) @@ -125,6 +125,7 @@ struct message_list *prev, *next; struct message_rec *msg; size_t processed; /* number of read/written bytes */ + size_t allocated; /* number of allocated bytes */ }; #endif Modified: branches/tmp/vl-messaging/source/lib/messages_socket.c === --- branches/tmp/vl-messaging/source/lib/messages_socket.c 2006-09-06 14:29:57 UTC (rev 18179) +++ branches/tmp/vl-messaging/source/lib/messages_socket.c 2006-09-06 14:50:52 UTC (rev 18180) @@ -101,9 +101,7 @@ cleanup_messages(wait_send); if (socket_fd = 0) { - if (mtype == MESSAGING_TYPE_STREAM) { - shutdown_stream_sockets(); - } + shutdown_stream_sockets(); close(socket_fd); socket_fd = -1; } Modified: branches/tmp/vl-messaging/source/lib/messages_stream.c === --- branches/tmp/vl-messaging/source/lib/messages_stream.c 2006-09-06 14:29:57 UTC (rev 18179) +++ branches/tmp/vl-messaging/source/lib/messages_stream.c 2006-09-06 14:50:52 UTC (rev 18180) @@ -70,7 +70,7 @@ }; static struct messaging_client *clients_cache = NULL; -static struct message_list *tcp_incoming = NULL; +static struct message_list *disp_incoming = NULL; static int dispatcher_pipe = -1; /* approximate maximum number of connected clients in the list */ @@ -80,6 +80,8 @@ #define MESSAGING_DISPATCHER_SOCKETdispatcher #define MESSAGING_DISPATCHER_LOCKFILE dispatcher.pid +#define INITIAL_CONTAINER_SIZE 64 + static const char *dispatch_path(void) { static char *name = NULL; @@ -97,6 +99,56 @@ } / + Allocate/reallocate message container +/ + +struct message_list *allocate_container(TALLOC_CTX *mem_ctx, + struct message_list *cnt, + size_t needsize) +{ + uint8_t *buffer; + size_t size = INITIAL_CONTAINER_SIZE; + + while(size needsize) size *= 2; + + if(cnt == NULL) { + cnt = TALLOC_ZERO_P(mem_ctx, struct message_list); + if(cnt == NULL) { + DEBUG(0, (talloc failed\n)); + return NULL; + } + buffer = TALLOC_ARRAY(cnt, uint8_t, size); + if(buffer == NULL) { + DEBUG(0, (talloc failed\n)); + TALLOC_FREE(cnt); + return NULL; + } + } else { + + SMB_ASSERT(size cnt-allocated); + + buffer = TALLOC_REALLOC_ARRAY(cnt, cnt-msg, uint8_t, size); + if(buffer == NULL) { + DEBUG(0, (realloc failed\n)); + TALLOC_FREE(cnt-msg); + /* try to allocate with talloc */ + buffer = TALLOC_ARRAY(cnt, uint8_t, size); + if(buffer == NULL) { + DEBUG(0, (talloc failed\n)); + TALLOC_FREE(cnt); + return NULL; + } + } + } + + cnt-msg = (struct message_rec*)buffer; + cnt-processed = (size_t)-1; + cnt-allocated = size; + + return cnt; +} + +/ Client's queue helper functions / @@ -145,7 +197,8 @@ for (client = clients_cache; client != NULL; client = client-next) { clients_count++; - if(client-outgoing == NULL
svn commit: samba r17179 - in branches/SAMBA_3_0/source: . include lib modules smbd
Author: jmcd Date: 2006-07-21 15:51:34 + (Fri, 21 Jul 2006) New Revision: 17179 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17179 Log: Merge the vl-posixacls tmp branch into mainline. It modularizes our interface into the special posix API used on the system. Without this patch the specific API flavor is determined at compile time, something which severely limits usability on systems with more than one file system. Our first targets are AIX with its JFS and JFS2 APIs, at a later stage also GPFS. But it's certainly not limited to IBM stuff, this abstraction is also necessary for anything that copes with NFSv4 ACLs. For this we will check in handling very soon. Major contributions can be found in the copyright notices as well as the checkin log of the vl-posixacls branch. The final merge to 3_0 post-3.0.23 was done by Peter Somogyi [EMAIL PROTECTED] Added: branches/SAMBA_3_0/source/modules/vfs_aixacl.c branches/SAMBA_3_0/source/modules/vfs_aixacl_util.c branches/SAMBA_3_0/source/modules/vfs_hpuxacl.c branches/SAMBA_3_0/source/modules/vfs_irixacl.c branches/SAMBA_3_0/source/modules/vfs_posixacl.c branches/SAMBA_3_0/source/modules/vfs_solarisacl.c branches/SAMBA_3_0/source/modules/vfs_tru64acl.c Modified: branches/SAMBA_3_0/source/Makefile.in branches/SAMBA_3_0/source/configure.in branches/SAMBA_3_0/source/include/smb_acls.h branches/SAMBA_3_0/source/lib/sysacls.c branches/SAMBA_3_0/source/modules/vfs_default.c branches/SAMBA_3_0/source/smbd/posix_acls.c Changeset: Sorry, the patch is too large (6110 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17179
svn commit: samba r17154 - in branches/tmp/vl-messaging/source/lib: .
Author: jmcd Date: 2006-07-20 09:37:44 + (Thu, 20 Jul 2006) New Revision: 17154 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17154 Log: From Aleksey Fedoseev: - add some more debug - correct the unpacking functions - one shared database can be used now by multiple processes - refactor clean database messages processing as a result: now smbd with locking via lockd passes tests on a single node server. Modified: branches/tmp/vl-messaging/source/lib/dbwrap_msg.c Changeset: Sorry, the patch is too large (885 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17154
svn commit: samba r16562 - in branches/tmp/vl-messaging/source: . include lib locking param
Author: jmcd Date: 2006-06-27 14:24:25 + (Tue, 27 Jun 2006) New Revision: 16562 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=16562 Log: Aleksey's changes to put in dbwrapper to later enable messaging. Modified: branches/tmp/vl-messaging/source/Makefile.in branches/tmp/vl-messaging/source/include/smb.h branches/tmp/vl-messaging/source/lib/dbwrap_file.c branches/tmp/vl-messaging/source/lib/dbwrap_tdb.c branches/tmp/vl-messaging/source/locking/brlock.c branches/tmp/vl-messaging/source/locking/locking.c branches/tmp/vl-messaging/source/param/loadparm.c Changeset: Modified: branches/tmp/vl-messaging/source/Makefile.in === --- branches/tmp/vl-messaging/source/Makefile.in2006-06-27 11:07:55 UTC (rev 16561) +++ branches/tmp/vl-messaging/source/Makefile.in2006-06-27 14:24:25 UTC (rev 16562) @@ -182,7 +182,7 @@ tdb/lock.o tdb/open.o tdb/transaction.o tdb/traverse.o TDB_OBJ = $(TDBBASE_OBJ) tdb/tdbutil.o tdb/tdbback.o \ - lib/dbwrap_tdb.o lib/dbwrap_file.o + lib/dbwrap.o lib/dbwrap_tdb.o lib/dbwrap_file.o lib/dbwrap_msg.o SMBLDAP_OBJ = @SMBLDAP@ @SMBLDAPUTIL@ Modified: branches/tmp/vl-messaging/source/include/smb.h === --- branches/tmp/vl-messaging/source/include/smb.h 2006-06-27 11:07:55 UTC (rev 16561) +++ branches/tmp/vl-messaging/source/include/smb.h 2006-06-27 14:24:25 UTC (rev 16562) @@ -713,6 +713,7 @@ BOOL initial_delete_on_close; BOOL fresh; BOOL modified; + struct db_record *record; }; /* @@ -862,6 +863,7 @@ BOOL modified; struct lock_key key; void *lock_data; + struct db_record *record; }; #define BRLOCK_FN_CAST() \ @@ -1512,6 +1514,9 @@ enum messaging_type {MESSAGING_TYPE_TDB, MESSAGING_TYPE_DGRAM, MESSAGING_TYPE_STREAM, MESSAGING_TYPE_DISPATCHER}; +/* locking types */ +enum locking_type {LOCKING_TYPE_TDB, LOCKING_TYPE_FILES, LOCKING_TYPE_MESSAGES}; + /* * Global value meaing that the smb_uid field should be * ingored (in share level security and protocol level == CORE) Modified: branches/tmp/vl-messaging/source/lib/dbwrap_file.c === --- branches/tmp/vl-messaging/source/lib/dbwrap_file.c 2006-06-27 11:07:55 UTC (rev 16561) +++ branches/tmp/vl-messaging/source/lib/dbwrap_file.c 2006-06-27 14:24:25 UTC (rev 16562) @@ -123,7 +123,10 @@ return NULL; } + become_root(); file-fd = open(file-path, O_RDWR|O_CREAT, 0644); + unbecome_root(); + if (file-fd 0) { DEBUG(3, (Could not open/create %s: %s\n, file-path, strerror(errno))); @@ -221,11 +224,14 @@ talloc_get_type_abort(rec-private_data, struct db_locked_file); + become_root(); if (unlink(file-path) != 0) { + unbecome_root(); DEBUG(3, (unlink(%s) failed: %s\n, file-path, strerror(errno))); return -1; } + unbecome_root(); return 0; } Modified: branches/tmp/vl-messaging/source/lib/dbwrap_tdb.c === --- branches/tmp/vl-messaging/source/lib/dbwrap_tdb.c 2006-06-27 11:07:55 UTC (rev 16561) +++ branches/tmp/vl-messaging/source/lib/dbwrap_tdb.c 2006-06-27 14:24:25 UTC (rev 16562) @@ -165,7 +165,7 @@ return 0; } -struct db_context *db_open(TALLOC_CTX *mem_ctx, const char *name, +struct db_context *db_open_tdb(TALLOC_CTX *mem_ctx, const char *name, int hash_size, int tdb_flags, int open_flags, mode_t mode) { Modified: branches/tmp/vl-messaging/source/locking/brlock.c === --- branches/tmp/vl-messaging/source/locking/brlock.c 2006-06-27 11:07:55 UTC (rev 16561) +++ branches/tmp/vl-messaging/source/locking/brlock.c 2006-06-27 14:24:25 UTC (rev 16562) @@ -57,7 +57,7 @@ /* The open brlock.tdb database. */ -static TDB_CONTEXT *tdb; +static struct db_context *brlock_db; / Debug info at level 10 for lock struct. @@ -267,14 +267,14 @@ void brl_init(int read_only) { - if (tdb) { + if (brlock_db) { return; } - tdb = tdb_open_log(lock_path(brlock.tdb), - lp_open_files_db_hash_size(), - TDB_DEFAULT|(read_only?0x0:TDB_CLEAR_IF_FIRST), - read_only?O_RDONLY:(O_RDWR|O_CREAT), 0644 ); - if (!tdb) { + brlock_db = db_open(NULL, lock_path(brlock.tdb
svn commit: samba r16564 - in branches/tmp/vl-messaging/source/lib: .
Author: jmcd Date: 2006-06-27 15:14:56 + (Tue, 27 Jun 2006) New Revision: 16564 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=16564 Log: Whoops, forgot to add these two files. Added: branches/tmp/vl-messaging/source/lib/dbwrap.c branches/tmp/vl-messaging/source/lib/dbwrap_msg.c Changeset: Added: branches/tmp/vl-messaging/source/lib/dbwrap.c === --- branches/tmp/vl-messaging/source/lib/dbwrap.c 2006-06-27 14:34:31 UTC (rev 16563) +++ branches/tmp/vl-messaging/source/lib/dbwrap.c 2006-06-27 15:14:56 UTC (rev 16564) @@ -0,0 +1,43 @@ +/* + Unix SMB/CIFS implementation. + Database interface wrapper + Copyright (C) Jim McDonough [EMAIL PROTECTED] 2006 + + Major code contributions from Aleksey Fedoseev ([EMAIL PROTECTED]) + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include includes.h + +struct db_context *db_open(TALLOC_CTX *mem_ctx, const char *name, + int hash_size, int tdb_flags, + int open_flags, mode_t mode) +{ + switch((enum locking_type)lp_locking_type()) { + case LOCKING_TYPE_TDB: + return db_open_tdb(mem_ctx, name, hash_size, tdb_flags, + open_flags, mode); + case LOCKING_TYPE_FILES: + return db_open_file(mem_ctx, name, hash_size, tdb_flags, + open_flags, mode); + case LOCKING_TYPE_MESSAGES: + return db_open_msg(mem_ctx, name, hash_size, tdb_flags, + open_flags, mode); + default: + DEBUG(0,(Bad locking type %d\n, lp_locking_type())); + return NULL; + } +} Added: branches/tmp/vl-messaging/source/lib/dbwrap_msg.c === --- branches/tmp/vl-messaging/source/lib/dbwrap_msg.c 2006-06-27 14:34:31 UTC (rev 16563) +++ branches/tmp/vl-messaging/source/lib/dbwrap_msg.c 2006-06-27 15:14:56 UTC (rev 16564) @@ -0,0 +1,30 @@ +/* + Unix SMB/CIFS implementation. + Database interface using messages + Copyright (C) Jim McDonough [EMAIL PROTECTED] 2006 + + Major code contributions from Aleksey Fedoseev ([EMAIL PROTECTED]) + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include includes.h + +struct db_context *db_open_msg(TALLOC_CTX *mem_ctx, const char *name, + int hash_size, int tdb_flags, + int open_flags, mode_t mode) +{ + return NULL; +}
svn commit: samba r16081 - in branches/tmp/vl-messaging/source: . include lib nmbd nsswitch param printing
Author: jmcd Date: 2006-06-07 14:45:07 + (Wed, 07 Jun 2006) New Revision: 16081 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=16081 Log: Work from Aleksey Fedoseev to add separate messaging types Added: branches/tmp/vl-messaging/source/lib/messages_dgram.c branches/tmp/vl-messaging/source/lib/messages_socket.c branches/tmp/vl-messaging/source/lib/messages_stream.c branches/tmp/vl-messaging/source/lib/messages_tdb.c Modified: branches/tmp/vl-messaging/source/Makefile.in branches/tmp/vl-messaging/source/configure.in branches/tmp/vl-messaging/source/include/messages.h branches/tmp/vl-messaging/source/include/smb.h branches/tmp/vl-messaging/source/lib/messages.c branches/tmp/vl-messaging/source/lib/util.c branches/tmp/vl-messaging/source/lib/util_sock.c branches/tmp/vl-messaging/source/nmbd/nmbd.c branches/tmp/vl-messaging/source/nmbd/nmbd_packets.c branches/tmp/vl-messaging/source/nsswitch/winbindd.c branches/tmp/vl-messaging/source/nsswitch/winbindd_dual.c branches/tmp/vl-messaging/source/param/loadparm.c branches/tmp/vl-messaging/source/printing/printing.c Changeset: Sorry, the patch is too large (2529 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=16081
svn commit: samba r16047 - branches/SAMBA_3_0/source/lib trunk/source/lib
Author: jmcd Date: 2006-06-05 16:59:10 + (Mon, 05 Jun 2006) New Revision: 16047 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=16047 Log: Remove unnecessary line, as this value is set in either branch of the 'if' below. Spotted by Aleksey Fedoseev. Modified: branches/SAMBA_3_0/source/lib/time.c trunk/source/lib/time.c Changeset: Modified: branches/SAMBA_3_0/source/lib/time.c === --- branches/SAMBA_3_0/source/lib/time.c2006-06-05 13:00:24 UTC (rev 16046) +++ branches/SAMBA_3_0/source/lib/time.c2006-06-05 16:59:10 UTC (rev 16047) @@ -153,7 +153,6 @@ GetTimeOfDay(time_now_hires); ret_time-tv_sec = time_now_hires.tv_sec - start_time_hires.tv_sec; - ret_time-tv_usec = time_now_hires.tv_usec - start_time_hires.tv_usec; if (time_now_hires.tv_usec start_time_hires.tv_usec) { ret_time-tv_sec -= 1; ret_time-tv_usec = 100 + (time_now_hires.tv_usec - start_time_hires.tv_usec); Modified: trunk/source/lib/time.c === --- trunk/source/lib/time.c 2006-06-05 13:00:24 UTC (rev 16046) +++ trunk/source/lib/time.c 2006-06-05 16:59:10 UTC (rev 16047) @@ -153,7 +153,6 @@ GetTimeOfDay(time_now_hires); ret_time-tv_sec = time_now_hires.tv_sec - start_time_hires.tv_sec; - ret_time-tv_usec = time_now_hires.tv_usec - start_time_hires.tv_usec; if (time_now_hires.tv_usec start_time_hires.tv_usec) { ret_time-tv_sec -= 1; ret_time-tv_usec = 100 + (time_now_hires.tv_usec - start_time_hires.tv_usec);
svn commit: samba r15869 - in branches/SAMBA_4_0/source/lib/charset: .
Author: jmcd Date: 2006-05-24 17:47:40 + (Wed, 24 May 2006) New Revision: 15869 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=15869 Log: Fix loop var to search paths for iconv Modified: branches/SAMBA_4_0/source/lib/charset/config.m4 Changeset: Modified: branches/SAMBA_4_0/source/lib/charset/config.m4 === --- branches/SAMBA_4_0/source/lib/charset/config.m4 2006-05-24 17:21:37 UTC (rev 15868) +++ branches/SAMBA_4_0/source/lib/charset/config.m4 2006-05-24 17:47:40 UTC (rev 15869) @@ -69,7 +69,7 @@ break fi - SMB_CHECK_ICONV_DIR($withval, [ + SMB_CHECK_ICONV_DIR($i, [ ICONV_FOUND=yes; ICONV_CPPFLAGS=$CPPFLAGS ICONV_LIBS=$LIBS
svn commit: samba r15872 - in branches/SAMBA_3_0/source/script/tests: .
Author: jmcd Date: 2006-05-24 19:07:21 + (Wed, 24 May 2006) New Revision: 15872 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=15872 Log: Take one step toward getting this working on AIX. the [-z ] stuff doesn't work there. Modified: branches/SAMBA_3_0/source/script/tests/test_functions.sh Changeset: Modified: branches/SAMBA_3_0/source/script/tests/test_functions.sh === --- branches/SAMBA_3_0/source/script/tests/test_functions.sh2006-05-24 18:23:57 UTC (rev 15871) +++ branches/SAMBA_3_0/source/script/tests/test_functions.sh2006-05-24 19:07:21 UTC (rev 15872) @@ -40,7 +40,7 @@ rm -f $NMBD_TEST_LOG echo -n STARTING NMBD... (( - if [ -z $NMBD_MAXTIME ]; then + if ! test -n $NMBD_MAXTIME; then NMBD_MAXTIME=2700 fi timelimit $NMBD_MAXTIME $NMBD_VALGRIND $SRCDIR/bin/nmbd -F -S --no-process-group -d0 -s $SERVERCONFFILE $NMBD_TEST_LOG 21 @@ -69,7 +69,7 @@ rm -f $SMBD_TEST_LOG echo -n STARTING SMBD... (( - if [ -z $SMBD_MAXTIME ]; then + if ! test -n $SMBD_MAXTIME; then SMBD_MAXTIME=2700 fi timelimit $SMBD_MAXTIME $SMBD_VALGRIND $SRCDIR/bin/smbd -F -S --no-process-group -d0 -s $SERVERCONFFILE $SMBD_TEST_LOG 21
svn commit: samba r15873 - in branches/SAMBA_3_0/source/script/tests: .
Author: jmcd Date: 2006-05-24 20:06:06 + (Wed, 24 May 2006) New Revision: 15873 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=15873 Log: Use short signal names to placate ksh trap. bash seems to accept either and even uses them on the manpage. this should now enable make test on AIX. Modified: branches/SAMBA_3_0/source/script/tests/test_functions.sh Changeset: Modified: branches/SAMBA_3_0/source/script/tests/test_functions.sh === --- branches/SAMBA_3_0/source/script/tests/test_functions.sh2006-05-24 19:07:21 UTC (rev 15872) +++ branches/SAMBA_3_0/source/script/tests/test_functions.sh2006-05-24 20:06:06 UTC (rev 15873) @@ -19,8 +19,8 @@ samba3_check_or_start() { if [ -n $SERVER_TEST_FIFO ];then - trap samba3_stop_sig_kill SIGINT SIGQUIT - trap samba3_stop_sig_kill SIGTERM + trap samba3_stop_sig_kill INT QUIT + trap samba3_stop_sig_kill TERM if [ -p $SERVER_TEST_FIFO ];then return 0;
svn commit: samba r15874 - in trunk/source/script/tests: .
Author: jmcd Date: 2006-05-24 20:20:28 + (Wed, 24 May 2006) New Revision: 15874 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=15874 Log: merge make test fixes for aix/ksh Modified: trunk/source/script/tests/test_functions.sh Changeset: Modified: trunk/source/script/tests/test_functions.sh === --- trunk/source/script/tests/test_functions.sh 2006-05-24 20:06:06 UTC (rev 15873) +++ trunk/source/script/tests/test_functions.sh 2006-05-24 20:20:28 UTC (rev 15874) @@ -19,8 +19,8 @@ samba3_check_or_start() { if [ -n $SERVER_TEST_FIFO ];then - trap samba3_stop_sig_kill SIGINT SIGQUIT - trap samba3_stop_sig_kill SIGTERM + trap samba3_stop_sig_kill INT QUIT + trap samba3_stop_sig_kill TERM if [ -p $SERVER_TEST_FIFO ];then return 0; @@ -40,7 +40,7 @@ rm -f $NMBD_TEST_LOG echo -n STARTING NMBD... (( - if [ -z $NMBD_MAXTIME ]; then + if ! test -n $NMBD_MAXTIME; then NMBD_MAXTIME=2700 fi timelimit $NMBD_MAXTIME $NMBD_VALGRIND $SRCDIR/bin/nmbd -F -S --no-process-group -d0 -s $SERVERCONFFILE $NMBD_TEST_LOG 21 @@ -69,7 +69,7 @@ rm -f $SMBD_TEST_LOG echo -n STARTING SMBD... (( - if [ -z $SMBD_MAXTIME ]; then + if ! test -n $SMBD_MAXTIME; then SMBD_MAXTIME=2700 fi timelimit $SMBD_MAXTIME $SMBD_VALGRIND $SRCDIR/bin/smbd -F -S --no-process-group -d0 -s $SERVERCONFFILE $SMBD_TEST_LOG 21
svn commit: samba r15719 - in branches/SAMBA_4_0/source/lib/replace: .
Author: jmcd Date: 2006-05-19 18:37:35 + (Fri, 19 May 2006) New Revision: 15719 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=15719 Log: Fix build on systems (AIX) that don't have vsyslog or strcasestr, with --enable-developer on. syslog() and toupper() required more includes. Someone more familiar with samba4 builds should verify this, please. Modified: branches/SAMBA_4_0/source/lib/replace/replace.c Changeset: Modified: branches/SAMBA_4_0/source/lib/replace/replace.c === --- branches/SAMBA_4_0/source/lib/replace/replace.c 2006-05-19 15:10:39 UTC (rev 15718) +++ branches/SAMBA_4_0/source/lib/replace/replace.c 2006-05-19 18:37:35 UTC (rev 15719) @@ -19,10 +19,12 @@ */ #include includes.h +#include system/locale.h #include system/wait.h #include system/time.h #include system/network.h #include system/filesys.h +#include system/syslog.h void replace_dummy(void); void replace_dummy(void) {}
svn commit: samba r15662 - in branches/tmp/vl-posixacls/source: . modules
Author: jmcd Date: 2006-05-17 16:14:33 + (Wed, 17 May 2006) New Revision: 15662 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=15662 Log: restore aix acl functionality. Work done by Gomati Mohanan and Peter Somogyi. Added: branches/tmp/vl-posixacls/source/modules/vfs_aixacl_util.c Modified: branches/tmp/vl-posixacls/source/Makefile.in branches/tmp/vl-posixacls/source/modules/vfs_aixacl.c Changeset: Sorry, the patch is too large (795 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=15662
svn commit: samba r15630 - branches/SAMBA_3_0/source branches/SAMBA_3_0/source/utils trunk/source trunk/source/utils
Author: jmcd Date: 2006-05-16 01:21:16 + (Tue, 16 May 2006) New Revision: 15630 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=15630 Log: adapt smbclient fix to smbtree to enable long share names Modified: branches/SAMBA_3_0/source/Makefile.in branches/SAMBA_3_0/source/utils/smbtree.c trunk/source/Makefile.in trunk/source/utils/smbtree.c Changeset: Modified: branches/SAMBA_3_0/source/Makefile.in === --- branches/SAMBA_3_0/source/Makefile.in 2006-05-16 00:37:13 UTC (rev 15629) +++ branches/SAMBA_3_0/source/Makefile.in 2006-05-16 01:21:16 UTC (rev 15630) @@ -477,7 +477,10 @@ SMBTREE_OBJ = utils/smbtree.o $(PARAM_OBJ) \ $(PROFILE_OBJ) $(LIB_NONSMBD_OBJ) $(LIBSMB_OBJ) \ -$(KRBCLIENT_OBJ) $(POPT_LIB_OBJ) $(SECRETS_OBJ) +$(KRBCLIENT_OBJ) $(POPT_LIB_OBJ) $(SECRETS_OBJ) \ + rpc_client/cli_srvsvc.o rpc_parse/parse_srv.o \ + rpc_client/cli_pipe.o rpc_parse/parse_rpc.o \ + rpc_client/cli_netlogon.o rpc_parse/parse_net.o TESTPARM_OBJ = utils/testparm.o \ $(PARAM_OBJ) $(LIB_NONSMBD_OBJ) $(POPT_LIB_OBJ) \ Modified: branches/SAMBA_3_0/source/utils/smbtree.c === --- branches/SAMBA_3_0/source/utils/smbtree.c 2006-05-16 00:37:13 UTC (rev 15629) +++ branches/SAMBA_3_0/source/utils/smbtree.c 2006-05-16 01:21:16 UTC (rev 15630) @@ -127,6 +127,60 @@ return True; } +static BOOL get_rpc_shares(struct cli_state *cli, + void (*fn)(const char *, uint32, const char *, void *), + void *state) +{ + NTSTATUS status; + struct rpc_pipe_client *pipe_hnd; + TALLOC_CTX *mem_ctx; + ENUM_HND enum_hnd; + WERROR werr; + SRV_SHARE_INFO_CTR ctr; + int i; + + mem_ctx = talloc_new(NULL); + if (mem_ctx == NULL) { + DEBUG(0, (talloc_new failed\n)); + return False; + } + + init_enum_hnd(enum_hnd, 0); + + pipe_hnd = cli_rpc_pipe_open_noauth(cli, PI_SRVSVC, status); + + if (pipe_hnd == NULL) { + DEBUG(10, (Could not connect to srvsvc pipe: %s\n, + nt_errstr(status))); + TALLOC_FREE(mem_ctx); + return False; + } + + werr = rpccli_srvsvc_net_share_enum(pipe_hnd, mem_ctx, 1, ctr, + 0x, enum_hnd); + + if (!W_ERROR_IS_OK(werr)) { + TALLOC_FREE(mem_ctx); + cli_rpc_pipe_close(pipe_hnd); + return False; + } + + for (i=0; ictr.num_entries; i++) { + SRV_SHARE_INFO_1 *info = ctr.share.info1[i]; + char *name, *comment; + name = rpcstr_pull_unistr2_talloc( + mem_ctx, info-info_1_str.uni_netname); + comment = rpcstr_pull_unistr2_talloc( + mem_ctx, info-info_1_str.uni_remark); + fn(name, info-info_1.type, comment, state); + } + + TALLOC_FREE(mem_ctx); + cli_rpc_pipe_close(pipe_hnd); + return True; +} + + static BOOL get_shares(char *server_name, struct user_auth_info *user_info) { struct cli_state *cli; @@ -134,6 +188,9 @@ if (!(cli = get_ipc_connect(server_name, NULL, user_info))) return False; + if (get_rpc_shares(cli, add_name, shares)) + return True; + if (!cli_RNetShareEnum(cli, add_name, shares)) return False; Modified: trunk/source/Makefile.in === --- trunk/source/Makefile.in2006-05-16 00:37:13 UTC (rev 15629) +++ trunk/source/Makefile.in2006-05-16 01:21:16 UTC (rev 15630) @@ -490,7 +490,10 @@ SMBTREE_OBJ = utils/smbtree.o $(PARAM_OBJ) \ $(PROFILE_OBJ) $(LIB_NONSMBD_OBJ) $(LIBSMB_OBJ) \ -$(KRBCLIENT_OBJ) $(POPT_LIB_OBJ) $(SECRETS_OBJ) +$(KRBCLIENT_OBJ) $(POPT_LIB_OBJ) $(SECRETS_OBJ) \ + rpc_client/cli_srvsvc.o rpc_parse/parse_srv.o \ + rpc_client/cli_pipe.o rpc_parse/parse_rpc.o \ + rpc_client/cli_netlogon.o rpc_parse/parse_net.o TESTPARM_OBJ = utils/testparm.o \ $(PARAM_OBJ) $(LIB_NONSMBD_OBJ) $(POPT_LIB_OBJ) \ Modified: trunk/source/utils/smbtree.c === --- trunk/source/utils/smbtree.c2006-05-16 00:37:13 UTC (rev 15629) +++ trunk/source/utils/smbtree.c2006-05-16 01:21:16 UTC (rev 15630) @@ -127,6 +127,60 @@ return True; } +static BOOL get_rpc_shares(struct cli_state *cli, + void (*fn)(const char *, uint32, const char *, void *), + void *state) +{ + NTSTATUS status
svn commit: samba r15281 - in branches/SAMBA_4_0/source/librpc/idl: .
Author: jmcd Date: 2006-04-26 14:42:47 + (Wed, 26 Apr 2006) New Revision: 15281 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=15281 Log: A few updates for consistency's sake Modified: branches/SAMBA_4_0/source/librpc/idl/wkssvc.idl Changeset: Modified: branches/SAMBA_4_0/source/librpc/idl/wkssvc.idl === --- branches/SAMBA_4_0/source/librpc/idl/wkssvc.idl 2006-04-26 14:20:46 UTC (rev 15280) +++ branches/SAMBA_4_0/source/librpc/idl/wkssvc.idl 2006-04-26 14:42:47 UTC (rev 15281) @@ -292,7 +292,7 @@ WERROR WKSSVC_NETRGETJOINABLEOUS (); typedef struct { - uint8 blob[524]; + uint8 data[524]; } wkssvc_PasswordBuffer; typedef [bitmap32bit] bitmap { @@ -329,7 +329,7 @@ [in] [string,charset(UTF16),ref] uint16 *domain_name, [in] [string,charset(UTF16)] uint16 *account_name, [in] [string,charset(UTF16)] uint16 *admin_account, - [in] wkssvc_PasswordBuffer *type_30, + [in] wkssvc_PasswordBuffer *encrypted_password, [in] wkssvc_joinflags join_flags ); @@ -338,7 +338,7 @@ WERROR wkssvc_NetrUnjoinDomain2 ( [in] [unique] [string,charset(UTF16)] uint16 *server_name, [in] [unique] [string,charset(UTF16)] uint16 *account, - [in] [unique] wkssvc_PasswordBuffer *Encrypted_password, + [in] [unique] wkssvc_PasswordBuffer *encrypted_password, [in] wkssvc_joinflags unjoin_flags );
svn commit: samba r14931 - branches/SAMBA_3_0/source/libads trunk/source/libads
Author: jmcd Date: 2006-04-06 01:46:01 + (Thu, 06 Apr 2006) New Revision: 14931 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=14931 Log: Fix #1374: can't join an OU with name that contains '#' I had to eliminate \ as an OU path separator, because it is the escape char in LDAP. We still accept /, but using the escape char is just not a good choice. Modified: branches/SAMBA_3_0/source/libads/ldap.c trunk/source/libads/ldap.c Changeset: Modified: branches/SAMBA_3_0/source/libads/ldap.c === --- branches/SAMBA_3_0/source/libads/ldap.c 2006-04-05 23:54:12 UTC (rev 14930) +++ branches/SAMBA_3_0/source/libads/ldap.c 2006-04-06 01:46:01 UTC (rev 14931) @@ -1083,7 +1083,8 @@ /** * Build an org unit string * if org unit is Computers or blank then assume a container, otherwise - * assume a \ separated list of organisational units + * assume a / separated list of organisational units. + * jmcd: '\' is now used for escapes so certain chars can be in the ou (e.g. #) * @param ads connection to ads server * @param org_unit Organizational unit * @return org unit string - caller must free @@ -1104,7 +1105,10 @@ return SMB_STRDUP(cn=Computers); } - return ads_build_path(org_unit, \\/, ou=, 1); + /* jmcd: removed \\ from the separation chars, because it is + needed as an escape for chars like '#' which are valid in an + OU name */ + return ads_build_path(org_unit, /, ou=, 1); } /** Modified: trunk/source/libads/ldap.c === --- trunk/source/libads/ldap.c 2006-04-05 23:54:12 UTC (rev 14930) +++ trunk/source/libads/ldap.c 2006-04-06 01:46:01 UTC (rev 14931) @@ -1083,7 +1083,8 @@ /** * Build an org unit string * if org unit is Computers or blank then assume a container, otherwise - * assume a \ separated list of organisational units + * assume a / separated list of organisational units. + * jmcd: '\' is now used for escapes so certain chars can be in the ou (e.g. #) * @param ads connection to ads server * @param org_unit Organizational unit * @return org unit string - caller must free @@ -1104,7 +1105,10 @@ return SMB_STRDUP(cn=Computers); } - return ads_build_path(org_unit, \\/, ou=, 1); + /* jmcd: removed \\ from the separation chars, because it is + needed as an escape for chars like '#' which are valid in an + OU name */ + return ads_build_path(org_unit, /, ou=, 1); } /**
svn commit: samba r14681 - branches/SAMBA_3_0/source/utils trunk/source/utils
Author: jmcd Date: 2006-03-23 16:39:37 + (Thu, 23 Mar 2006) New Revision: 14681 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=14681 Log: Get rid of hardcoded /tmp/add.ldif and /tmp/mod.ldif files. Is there a different directory the temp files should be in, or is /tmp ok? Still have to get rid of the output file hardcoding, but that is to come, because I need to cleanup stdout. Modified: branches/SAMBA_3_0/source/utils/net_rpc_samsync.c trunk/source/utils/net_rpc_samsync.c Changeset: Modified: branches/SAMBA_3_0/source/utils/net_rpc_samsync.c === --- branches/SAMBA_3_0/source/utils/net_rpc_samsync.c 2006-03-23 15:03:52 UTC (rev 14680) +++ branches/SAMBA_3_0/source/utils/net_rpc_samsync.c 2006-03-23 16:39:37 UTC (rev 14681) @@ -1719,7 +1719,9 @@ { char *suffix; const char *builtin_sid = S-1-5-32; - char *ldif_file; + char *ldif_file, *add_ldif, *mod_ldif; + const char *add_template = /tmp/add.ldif.XX; + const char *mod_template = /tmp/mod.ldif.XX; fstring sid, domainname; uint32 sync_context = 0; NTSTATUS ret = NT_STATUS_OK, result; @@ -1728,7 +1730,6 @@ SAM_DELTA_HDR *hdr_deltas; SAM_DELTA_CTR *deltas; uint32 num_deltas; - const char *add_ldif = /tmp/add.ldif, *mod_ldif = /tmp/mod.ldif; FILE *add_fd = NULL, *mod_fd = NULL, *ldif_fd = NULL; char sys_cmd[1024]; int num_alloced = 0, g_index = 0, a_index = 0, sys_cmd_result; @@ -1751,18 +1752,20 @@ else ldif_file = talloc_strdup(mem_ctx, /tmp/tmp.ldif); - if (ldif_file == NULL) { + add_ldif = talloc_strdup(mem_ctx, add_template); + mod_ldif = talloc_strdup(mem_ctx, mod_template); + if (!ldif_file || !add_ldif || !mod_ldif) { ret = NT_STATUS_NO_MEMORY; goto done; } /* Open the add and mod ldif files */ - if (!(add_fd = fopen(add_ldif, a))) { + if (!(add_fd = fdopen(smb_mkstemp(add_ldif),w))) { DEBUG(1, (Could not open %s\n, add_ldif)); ret = NT_STATUS_UNSUCCESSFUL; goto done; } - if (!(mod_fd = fopen(mod_ldif, a))) { + if (!(mod_fd = fdopen(smb_mkstemp(mod_ldif),w))) { DEBUG(1, (Could not open %s\n, mod_ldif)); ret = NT_STATUS_UNSUCCESSFUL; goto done; @@ -1993,20 +1996,22 @@ goto done; } - /* Delete the temporary ldif files */ - if (unlink(add_ldif)) - d_fprintf(stderr, unlink(%s) failed, error was (%s)\n, - add_ldif, strerror(errno)); - if (unlink(mod_ldif)) - d_fprintf(stderr, unlink(%s) failed, error was (%s)\n, - mod_ldif, strerror(errno)); - done: - /* Close the ldif files */ + /* Close and delete the ldif files */ if (add_fd) fclose(add_fd); + if (strcmp(add_ldif, add_template) (unlink(add_ldif))) { + DEBUG(1,(unlink(%s) failed, error was (%s)\n, +add_ldif, strerror(errno))); + } + if (mod_fd) fclose(mod_fd); + if (strcmp(mod_ldif, mod_template) (unlink(mod_ldif))) { + DEBUG(1,(unlink(%s) failed, error was (%s)\n, +mod_ldif, strerror(errno))); + } + if (ldif_fd) fclose(ldif_fd); Modified: trunk/source/utils/net_rpc_samsync.c === --- trunk/source/utils/net_rpc_samsync.c2006-03-23 15:03:52 UTC (rev 14680) +++ trunk/source/utils/net_rpc_samsync.c2006-03-23 16:39:37 UTC (rev 14681) @@ -1719,7 +1719,9 @@ { char *suffix; const char *builtin_sid = S-1-5-32; - char *ldif_file; + char *ldif_file, *add_ldif, *mod_ldif; + const char *add_template = /tmp/add.ldif.XX; + const char *mod_template = /tmp/mod.ldif.XX; fstring sid, domainname; uint32 sync_context = 0; NTSTATUS ret = NT_STATUS_OK, result; @@ -1728,7 +1730,6 @@ SAM_DELTA_HDR *hdr_deltas; SAM_DELTA_CTR *deltas; uint32 num_deltas; - const char *add_ldif = /tmp/add.ldif, *mod_ldif = /tmp/mod.ldif; FILE *add_fd = NULL, *mod_fd = NULL, *ldif_fd = NULL; char sys_cmd[1024]; int num_alloced = 0, g_index = 0, a_index = 0, sys_cmd_result; @@ -1751,18 +1752,20 @@ else ldif_file = talloc_strdup(mem_ctx, /tmp/tmp.ldif); - if (ldif_file == NULL) { + add_ldif = talloc_strdup(mem_ctx, add_template); + mod_ldif = talloc_strdup(mem_ctx, mod_template); + if (!ldif_file || !add_ldif || !mod_ldif) { ret = NT_STATUS_NO_MEMORY; goto done
svn commit: samba r14683 - branches/SAMBA_3_0/source/utils trunk/source/utils
Author: jmcd Date: 2006-03-23 18:35:15 + (Thu, 23 Mar 2006) New Revision: 14683 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=14683 Log: Get rid of hardcoded output file. With no arg, print to stdout, otherwise append to output file specified. Modified: branches/SAMBA_3_0/source/utils/net_rpc_samsync.c trunk/source/utils/net_rpc_samsync.c Changeset: Sorry, the patch is too large (501 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=14683
svn commit: samba r14408 - branches/SAMBA_3_0/source/libmsrpc trunk/source/libmsrpc
Author: jmcd Date: 2006-03-15 02:31:11 + (Wed, 15 Mar 2006) New Revision: 14408 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=14408 Log: More on fix for coverity #36. The previous fix would cause us to marshall a buffer based on an unknown size. Zero out the sec_desc buffer to prevent this. This is still not getting proper results for a registry security descriptor (everything gets ACCESS DENIED), but at least we aren't blowing out memory now... Modified: branches/SAMBA_3_0/source/libmsrpc/cac_winreg.c trunk/source/libmsrpc/cac_winreg.c Changeset: Modified: branches/SAMBA_3_0/source/libmsrpc/cac_winreg.c === --- branches/SAMBA_3_0/source/libmsrpc/cac_winreg.c 2006-03-15 02:16:19 UTC (rev 14407) +++ branches/SAMBA_3_0/source/libmsrpc/cac_winreg.c 2006-03-15 02:31:11 UTC (rev 14408) @@ -831,6 +831,8 @@ uint32 buf_size; SEC_DESC_BUF buf; + ZERO_STRUCT(buf); + if(!hnd) return CAC_FAILURE; Modified: trunk/source/libmsrpc/cac_winreg.c === --- trunk/source/libmsrpc/cac_winreg.c 2006-03-15 02:16:19 UTC (rev 14407) +++ trunk/source/libmsrpc/cac_winreg.c 2006-03-15 02:31:11 UTC (rev 14408) @@ -831,6 +831,8 @@ uint32 buf_size; SEC_DESC_BUF buf; + ZERO_STRUCT(buf); + if(!hnd) return CAC_FAILURE;
svn commit: samba r14320 - in trunk/source/passdb: .
Author: jmcd Date: 2006-03-13 15:04:17 + (Mon, 13 Mar 2006) New Revision: 14320 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=14320 Log: Fix coverity #222: free storage before returning in error case. This error doesn't occur in 3.0. Modified: trunk/source/passdb/pdb_ldap.c Changeset: Modified: trunk/source/passdb/pdb_ldap.c === --- trunk/source/passdb/pdb_ldap.c 2006-03-13 15:03:51 UTC (rev 14319) +++ trunk/source/passdb/pdb_ldap.c 2006-03-13 15:04:17 UTC (rev 14320) @@ -335,12 +335,12 @@ filter = talloc_asprintf(mem_ctx, ((uid=%s)(%s)), escape_user, get_objclass_filter_static(ldap_state-schema_ver)); + SAFE_FREE(escape_user); + if (filter == NULL) { return LDAP_NO_MEMORY; } - SAFE_FREE(escape_user); - return smbldap_search_suffix(ldap_state-smbldap_state, filter, attr, result); }
svn commit: samba r14252 - branches/SAMBA_3_0/source/libads trunk/source/libads
Author: jmcd Date: 2006-03-12 19:56:10 + (Sun, 12 Mar 2006) New Revision: 14252 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=14252 Log: Fix Coverity #72: free alloc'ed storage before return. Also found one more that coverity didn't find from asprintf. Modified: branches/SAMBA_3_0/source/libads/ldap.c trunk/source/libads/ldap.c Changeset: Modified: branches/SAMBA_3_0/source/libads/ldap.c === --- branches/SAMBA_3_0/source/libads/ldap.c 2006-03-12 19:16:57 UTC (rev 14251) +++ branches/SAMBA_3_0/source/libads/ldap.c 2006-03-12 19:56:10 UTC (rev 14252) @@ -1914,7 +1914,10 @@ * we have to bail out before prs_init */ ps_wire.is_dynamic = False; - if (!ads) return ADS_ERROR(LDAP_SERVER_DOWN); + if (!ads) { + SAFE_FREE(escaped_hostname); + return ADS_ERROR(LDAP_SERVER_DOWN); + } ret = ADS_ERROR(LDAP_SUCCESS); @@ -1932,6 +1935,8 @@ ret = ads_search(ads, (void *) res, expr, attrs); + SAFE_FREE(expr); + if (!ADS_ERR_OK(ret)) return ret; if ( !(msg = ads_first_entry(ads, res) )) { Modified: trunk/source/libads/ldap.c === --- trunk/source/libads/ldap.c 2006-03-12 19:16:57 UTC (rev 14251) +++ trunk/source/libads/ldap.c 2006-03-12 19:56:10 UTC (rev 14252) @@ -1914,7 +1914,10 @@ * we have to bail out before prs_init */ ps_wire.is_dynamic = False; - if (!ads) return ADS_ERROR(LDAP_SERVER_DOWN); + if (!ads) { + SAFE_FREE(escaped_hostname); + return ADS_ERROR(LDAP_SERVER_DOWN); + } ret = ADS_ERROR(LDAP_SUCCESS); @@ -1932,6 +1935,8 @@ ret = ads_search(ads, (void *) res, expr, attrs); + SAFE_FREE(expr); + if (!ADS_ERR_OK(ret)) return ret; if ( !(msg = ads_first_entry(ads, res) )) {
svn commit: samba r14272 - branches/SAMBA_3_0/source/utils trunk/source/utils
Author: jmcd Date: 2006-03-13 00:35:33 + (Mon, 13 Mar 2006) New Revision: 14272 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=14272 Log: Fix Coverity # 81: free alloc'ed storage before returning Modified: branches/SAMBA_3_0/source/utils/smbcacls.c trunk/source/utils/smbcacls.c Changeset: Modified: branches/SAMBA_3_0/source/utils/smbcacls.c === --- branches/SAMBA_3_0/source/utils/smbcacls.c 2006-03-13 00:30:23 UTC (rev 14271) +++ branches/SAMBA_3_0/source/utils/smbcacls.c 2006-03-13 00:35:33 UTC (rev 14272) @@ -378,7 +378,7 @@ { const char *p = str; fstring tok; - SEC_DESC *ret; + SEC_DESC *ret = NULL; size_t sd_size; DOM_SID *grp_sid=NULL, *owner_sid=NULL; SEC_ACL *dacl=NULL; @@ -396,7 +396,7 @@ if (!owner_sid || !StringToSid(owner_sid, tok+6)) { printf(Failed to parse owner sid\n); - return NULL; + goto done; } continue; } @@ -406,7 +406,7 @@ if (!grp_sid || !StringToSid(grp_sid, tok+6)) { printf(Failed to parse group sid\n); - return NULL; + goto done; } continue; } @@ -414,22 +414,23 @@ if (strncmp(tok,ACL:, 4) == 0) { SEC_ACE ace; if (!parse_ace(ace, tok+4)) { - return NULL; + goto done; } if(!add_ace(dacl, ace)) { printf(Failed to add ACL %s\n, tok); - return NULL; + goto done; } continue; } printf(Failed to parse token '%s' in security descriptor,\n, tok); - return NULL; + goto done; } ret = make_sec_desc(ctx,revision, SEC_DESC_SELF_RELATIVE, owner_sid, grp_sid, NULL, dacl, sd_size); + done: SAFE_FREE(grp_sid); SAFE_FREE(owner_sid); Modified: trunk/source/utils/smbcacls.c === --- trunk/source/utils/smbcacls.c 2006-03-13 00:30:23 UTC (rev 14271) +++ trunk/source/utils/smbcacls.c 2006-03-13 00:35:33 UTC (rev 14272) @@ -378,7 +378,7 @@ { const char *p = str; fstring tok; - SEC_DESC *ret; + SEC_DESC *ret = NULL; size_t sd_size; DOM_SID *grp_sid=NULL, *owner_sid=NULL; SEC_ACL *dacl=NULL; @@ -396,7 +396,7 @@ if (!owner_sid || !StringToSid(owner_sid, tok+6)) { printf(Failed to parse owner sid\n); - return NULL; + goto done; } continue; } @@ -406,7 +406,7 @@ if (!grp_sid || !StringToSid(grp_sid, tok+6)) { printf(Failed to parse group sid\n); - return NULL; + goto done; } continue; } @@ -414,22 +414,23 @@ if (strncmp(tok,ACL:, 4) == 0) { SEC_ACE ace; if (!parse_ace(ace, tok+4)) { - return NULL; + goto done; } if(!add_ace(dacl, ace)) { printf(Failed to add ACL %s\n, tok); - return NULL; + goto done; } continue; } printf(Failed to parse token '%s' in security descriptor,\n, tok); - return NULL; + goto done; } ret = make_sec_desc(ctx,revision, SEC_DESC_SELF_RELATIVE, owner_sid, grp_sid, NULL, dacl, sd_size); + done: SAFE_FREE(grp_sid); SAFE_FREE(owner_sid);
svn commit: samba r14278 - branches/SAMBA_3_0/source/utils trunk/source/utils
Author: jmcd Date: 2006-03-13 01:32:30 + (Mon, 13 Mar 2006) New Revision: 14278 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=14278 Log: Remainder of fix for Coverity #79,80,81: only allow GROUP or OWNER to be specified once in an ACL, so it can be allocated a second time, overwriting the first Modified: branches/SAMBA_3_0/source/utils/smbcacls.c trunk/source/utils/smbcacls.c Changeset: Modified: branches/SAMBA_3_0/source/utils/smbcacls.c === --- branches/SAMBA_3_0/source/utils/smbcacls.c 2006-03-13 01:32:30 UTC (rev 14277) +++ branches/SAMBA_3_0/source/utils/smbcacls.c 2006-03-13 01:32:30 UTC (rev 14278) @@ -392,6 +392,10 @@ } if (strncmp(tok,OWNER:, 6) == 0) { + if (owner_sid) { + printf(Only specify owner once\n); + goto done; + } owner_sid = SMB_CALLOC_ARRAY(DOM_SID, 1); if (!owner_sid || !StringToSid(owner_sid, tok+6)) { @@ -402,6 +406,10 @@ } if (strncmp(tok,GROUP:, 6) == 0) { + if (grp_sid) { + printf(Only specify group once\n); + goto done; + } grp_sid = SMB_CALLOC_ARRAY(DOM_SID, 1); if (!grp_sid || !StringToSid(grp_sid, tok+6)) { Modified: trunk/source/utils/smbcacls.c === --- trunk/source/utils/smbcacls.c 2006-03-13 01:32:30 UTC (rev 14277) +++ trunk/source/utils/smbcacls.c 2006-03-13 01:32:30 UTC (rev 14278) @@ -392,6 +392,10 @@ } if (strncmp(tok,OWNER:, 6) == 0) { + if (owner_sid) { + printf(Only specify owner once\n); + goto done; + } owner_sid = SMB_CALLOC_ARRAY(DOM_SID, 1); if (!owner_sid || !StringToSid(owner_sid, tok+6)) { @@ -402,6 +406,10 @@ } if (strncmp(tok,GROUP:, 6) == 0) { + if (grp_sid) { + printf(Only specify group once\n); + goto done; + } grp_sid = SMB_CALLOC_ARRAY(DOM_SID, 1); if (!grp_sid || !StringToSid(grp_sid, tok+6)) {
svn commit: samba r14279 - branches/SAMBA_3_0/source/libsmb trunk/source/libsmb
Author: jmcd Date: 2006-03-13 01:42:40 + (Mon, 13 Mar 2006) New Revision: 14279 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=14279 Log: Fix coverity #86, 87, 88, 89: Free grp_sid and owner_sid before returning. Also, only allow one group or owner. Modified: branches/SAMBA_3_0/source/libsmb/libsmbclient.c trunk/source/libsmb/libsmbclient.c Changeset: Modified: branches/SAMBA_3_0/source/libsmb/libsmbclient.c === --- branches/SAMBA_3_0/source/libsmb/libsmbclient.c 2006-03-13 01:32:30 UTC (rev 14278) +++ branches/SAMBA_3_0/source/libsmb/libsmbclient.c 2006-03-13 01:42:40 UTC (rev 14279) @@ -3922,7 +3922,7 @@ { const char *p = str; fstring tok; - SEC_DESC *ret; + SEC_DESC *ret = NULL; size_t sd_size; DOM_SID *grp_sid=NULL; DOM_SID *owner_sid=NULL; @@ -3937,49 +3937,65 @@ } if (StrnCaseCmp(tok,OWNER:, 6) == 0) { + if (owner_sid) { + DEBUG(5, (OWNER specified more than once!\n)); + goto done; + } owner_sid = SMB_CALLOC_ARRAY(DOM_SID, 1); if (!owner_sid || !convert_string_to_sid(ipc_cli, pol, numeric, owner_sid, tok+6)) { DEBUG(5, (Failed to parse owner sid\n)); - return NULL; + goto done; } continue; } if (StrnCaseCmp(tok,OWNER+:, 7) == 0) { + if (owner_sid) { + DEBUG(5, (OWNER specified more than once!\n)); + goto done; + } owner_sid = SMB_CALLOC_ARRAY(DOM_SID, 1); if (!owner_sid || !convert_string_to_sid(ipc_cli, pol, False, owner_sid, tok+7)) { DEBUG(5, (Failed to parse owner sid\n)); - return NULL; + goto done; } continue; } if (StrnCaseCmp(tok,GROUP:, 6) == 0) { + if (grp_sid) { + DEBUG(5, (GROUP specified more than once!\n)); + goto done; + } grp_sid = SMB_CALLOC_ARRAY(DOM_SID, 1); if (!grp_sid || !convert_string_to_sid(ipc_cli, pol, numeric, grp_sid, tok+6)) { DEBUG(5, (Failed to parse group sid\n)); - return NULL; + goto done; } continue; } if (StrnCaseCmp(tok,GROUP+:, 7) == 0) { + if (grp_sid) { + DEBUG(5, (GROUP specified more than once!\n)); + goto done; + } grp_sid = SMB_CALLOC_ARRAY(DOM_SID, 1); if (!grp_sid || !convert_string_to_sid(ipc_cli, pol, False, grp_sid, tok+6)) { DEBUG(5, (Failed to parse group sid\n)); - return NULL; + goto done; } continue; } @@ -3988,11 +4004,11 @@ SEC_ACE ace; if (!parse_ace(ipc_cli, pol, ace, numeric, tok+4)) { DEBUG(5, (Failed to parse ACL %s\n, tok)); - return NULL; + goto done; } if(!add_ace(dacl, ace, ctx)) { DEBUG(5, (Failed to add ACL %s\n, tok)); - return NULL; + goto done; } continue; } @@ -4001,22 +4017,23 @@ SEC_ACE ace; if (!parse_ace(ipc_cli, pol, ace, False, tok+5)) { DEBUG(5, (Failed to parse ACL %s\n, tok)); - return NULL
svn commit: samba r14280 - branches/SAMBA_3_0/source/lib trunk/source/lib
Author: jmcd Date: 2006-03-13 01:49:01 + (Mon, 13 Mar 2006) New Revision: 14280 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=14280 Log: Fix Coverity #129 and 130: check before dereferencing a pointer. This was especially silly as we checked immediately _after_ dereferencing it :-/ Modified: branches/SAMBA_3_0/source/lib/secdesc.c trunk/source/lib/secdesc.c Changeset: Modified: branches/SAMBA_3_0/source/lib/secdesc.c === --- branches/SAMBA_3_0/source/lib/secdesc.c 2006-03-13 01:42:40 UTC (rev 14279) +++ branches/SAMBA_3_0/source/lib/secdesc.c 2006-03-13 01:49:01 UTC (rev 14280) @@ -336,11 +336,11 @@ SEC_ACE *ace = 0; NTSTATUS status; - *sd_size = 0; - if (!ctx || !psd || !sid || !sd_size) return NT_STATUS_INVALID_PARAMETER; + *sd_size = 0; + status = sec_ace_add_sid(ctx, ace, psd[0]-dacl-ace, psd[0]-dacl-num_aces, sid, mask); if (!NT_STATUS_IS_OK(status)) @@ -388,11 +388,11 @@ SEC_ACE *ace = 0; NTSTATUS status; - *sd_size = 0; - if (!ctx || !psd[0] || !sid || !sd_size) return NT_STATUS_INVALID_PARAMETER; + *sd_size = 0; + status = sec_ace_del_sid(ctx, ace, psd[0]-dacl-ace, psd[0]-dacl-num_aces, sid); if (!NT_STATUS_IS_OK(status)) Modified: trunk/source/lib/secdesc.c === --- trunk/source/lib/secdesc.c 2006-03-13 01:42:40 UTC (rev 14279) +++ trunk/source/lib/secdesc.c 2006-03-13 01:49:01 UTC (rev 14280) @@ -336,11 +336,11 @@ SEC_ACE *ace = 0; NTSTATUS status; - *sd_size = 0; - if (!ctx || !psd || !sid || !sd_size) return NT_STATUS_INVALID_PARAMETER; + *sd_size = 0; + status = sec_ace_add_sid(ctx, ace, psd[0]-dacl-ace, psd[0]-dacl-num_aces, sid, mask); if (!NT_STATUS_IS_OK(status)) @@ -388,11 +388,11 @@ SEC_ACE *ace = 0; NTSTATUS status; - *sd_size = 0; - if (!ctx || !psd[0] || !sid || !sd_size) return NT_STATUS_INVALID_PARAMETER; + *sd_size = 0; + status = sec_ace_del_sid(ctx, ace, psd[0]-dacl-ace, psd[0]-dacl-num_aces, sid); if (!NT_STATUS_IS_OK(status))
svn commit: samba r14135 - branches/SAMBA_3_0/source/utils trunk/source/utils
Author: jmcd Date: 2006-03-10 09:41:08 + (Fri, 10 Mar 2006) New Revision: 14135 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=14135 Log: Fix for Coverity #123: resource leak. Also rework much of the code to make it cleaner. There's still more to do on this... Modified: branches/SAMBA_3_0/source/utils/net_rpc_samsync.c trunk/source/utils/net_rpc_samsync.c Changeset: Modified: branches/SAMBA_3_0/source/utils/net_rpc_samsync.c === --- branches/SAMBA_3_0/source/utils/net_rpc_samsync.c 2006-03-10 09:07:03 UTC (rev 14134) +++ branches/SAMBA_3_0/source/utils/net_rpc_samsync.c 2006-03-10 09:41:08 UTC (rev 14135) @@ -1710,14 +1710,14 @@ char *ldif_file; fstring sid, domainname; uint32 sync_context = 0; - NTSTATUS result; + NTSTATUS ret = NT_STATUS_OK, result; int k; TALLOC_CTX *mem_ctx; SAM_DELTA_HDR *hdr_deltas; SAM_DELTA_CTR *deltas; uint32 num_deltas; const char *add_ldif = /tmp/add.ldif, *mod_ldif = /tmp/mod.ldif; - FILE *add_fd, *mod_fd, *ldif_fd; + FILE *add_fd = NULL, *mod_fd = NULL, *ldif_fd = NULL; char sys_cmd[1024]; int num_alloced = 0, g_index = 0, a_index = 0, sys_cmd_result; @@ -1739,22 +1739,29 @@ else ldif_file = talloc_strdup(mem_ctx, /tmp/tmp.ldif); - if (ldif_file == NULL) - return NT_STATUS_NO_MEMORY; + if (ldif_file == NULL) { + ret = NT_STATUS_NO_MEMORY; + goto done; + } /* Open the add and mod ldif files */ - add_fd = fopen(add_ldif, a); - mod_fd = fopen(mod_ldif, a); - if (add_fd == NULL || mod_fd == NULL) { + if (!(add_fd = fopen(add_ldif, a))) { DEBUG(1, (Could not open %s\n, add_ldif)); - return NT_STATUS_UNSUCCESSFUL; + ret = NT_STATUS_UNSUCCESSFUL; + goto done; + } + if (!(mod_fd = fopen(mod_ldif, a))) { + DEBUG(1, (Could not open %s\n, mod_ldif)); + ret = NT_STATUS_UNSUCCESSFUL; + goto done; } /* Open the user's ldif file */ ldif_fd = fopen(ldif_file, a); if (ldif_fd == NULL) { DEBUG(1, (Could not open %s\n, ldif_file)); - return NT_STATUS_UNSUCCESSFUL; + ret = NT_STATUS_UNSUCCESSFUL; + goto done; } /* Get the sid */ @@ -1779,7 +1786,8 @@ accountmap = SMB_MALLOC_ARRAY(ACCOUNTMAP, 8); if (groupmap == NULL || accountmap == NULL) { DEBUG(1,(GROUPMAP malloc failed\n)); - return NT_STATUS_NO_MEMORY; + ret = NT_STATUS_NO_MEMORY; + goto done; } /* Initialize the arrays */ @@ -1821,7 +1829,8 @@ deltas); if (!NT_STATUS_IS_OK(result) !NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)) { - return NT_STATUS_OK; + ret = NT_STATUS_OK; + goto done; /* is this correct? jmcd */ } /* Re-allocate memory for groupmap and accountmap arrays */ @@ -1831,9 +1840,8 @@ num_deltas+num_alloced); if (groupmap == NULL || accountmap == NULL) { DEBUG(1,(GROUPMAP malloc failed\n)); - SAFE_FREE(groupmap); - SAFE_FREE(accountmap); - return NT_STATUS_NO_MEMORY; + ret = NT_STATUS_NO_MEMORY; + goto done; } /* Initialize the new records */ @@ -1925,7 +1933,9 @@ /* Close the ldif files */ fclose(add_fd); + add_fd = NULL; fclose(mod_fd); + mod_fd = NULL; /* Write ldif data to the user's file */ if (db_type == SAM_DATABASE_DOMAIN) { @@ -1946,7 +1956,8 @@ if (sys_cmd_result) { d_fprintf(stderr, %s failed. Error was (%s)\n, sys_cmd, strerror(errno)); - return NT_STATUS_UNSUCCESSFUL; + ret = NT_STATUS_UNSUCCESSFUL; + goto done; } if (db_type == SAM_DATABASE_DOMAIN) { fprintf(ldif_fd, @@ -1966,20 +1977,26 @@ if (sys_cmd_result) { d_fprintf(stderr, %s failed. Error was (%s)\n, sys_cmd, strerror(errno)); - return NT_STATUS_UNSUCCESSFUL; + ret = NT_STATUS_UNSUCCESSFUL; + goto done; } /* Delete the temporary ldif files */ - pstr_sprintf(sys_cmd, rm -f %s %s, add_ldif, mod_ldif); - sys_cmd_result = system(sys_cmd
svn commit: samba r14147 - branches/SAMBA_3_0/source/utils trunk/source/utils
Author: jmcd Date: 2006-03-10 13:33:02 + (Fri, 10 Mar 2006) New Revision: 14147 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=14147 Log: Fix coverity #119. alloc'ed memory returned not saved, so not freed. Need to go back and correct the assumption that an ldap xxx suffix parm must have an OU. Modified: branches/SAMBA_3_0/source/utils/net_rpc_samsync.c trunk/source/utils/net_rpc_samsync.c Changeset: Modified: branches/SAMBA_3_0/source/utils/net_rpc_samsync.c === --- branches/SAMBA_3_0/source/utils/net_rpc_samsync.c 2006-03-10 13:14:01 UTC (rev 14146) +++ branches/SAMBA_3_0/source/utils/net_rpc_samsync.c 2006-03-10 13:33:02 UTC (rev 14147) @@ -1076,11 +1076,15 @@ if (machine_suffix *machine_suffix strcmp(machine_suffix, user_suffix) strcmp(machine_suffix, suffix)) { - fprintf(add_fd, # %s\n, lp_ldap_machine_suffix()); - fprintf(add_fd, dn: %s\n, lp_ldap_machine_suffix()); + char *machine_ou = NULL; + fprintf(add_fd, # %s\n, machine_suffix); + fprintf(add_fd, dn: %s\n, machine_suffix); fprintf(add_fd, objectClass: organizationalUnit\n); - fprintf(add_fd, ou: %s\n, - sstring_sub(lp_ldap_machine_suffix(), '=', ',')); + /* this isn't totally correct as it assumes that + there _must_ be an ou. just fixing memleak now. jmcd */ + machine_ou = sstring_sub(lp_ldap_machine_suffix(), '=', ','); + fprintf(add_fd, ou: %s\n, machine_ou); + SAFE_FREE(machine_ou); fprintf(add_fd, \n); fflush(add_fd); } Modified: trunk/source/utils/net_rpc_samsync.c === --- trunk/source/utils/net_rpc_samsync.c2006-03-10 13:14:01 UTC (rev 14146) +++ trunk/source/utils/net_rpc_samsync.c2006-03-10 13:33:02 UTC (rev 14147) @@ -1076,11 +1076,15 @@ if (machine_suffix *machine_suffix strcmp(machine_suffix, user_suffix) strcmp(machine_suffix, suffix)) { - fprintf(add_fd, # %s\n, lp_ldap_machine_suffix()); - fprintf(add_fd, dn: %s\n, lp_ldap_machine_suffix()); + char *machine_ou = NULL; + fprintf(add_fd, # %s\n, machine_suffix); + fprintf(add_fd, dn: %s\n, machine_suffix); fprintf(add_fd, objectClass: organizationalUnit\n); - fprintf(add_fd, ou: %s\n, - sstring_sub(lp_ldap_machine_suffix(), '=', ',')); + /* this isn't totally correct as it assumes that + there _must_ be an ou. just fixing memleak now. jmcd */ + machine_ou = sstring_sub(lp_ldap_machine_suffix(), '=', ','); + fprintf(add_fd, ou: %s\n, machine_ou); + SAFE_FREE(machine_ou); fprintf(add_fd, \n); fflush(add_fd); }
svn commit: samba r14150 - branches/SAMBA_3_0/source/utils trunk/source/utils
Author: jmcd Date: 2006-03-10 14:09:34 + (Fri, 10 Mar 2006) New Revision: 14150 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=14150 Log: Fix coverity #118: not freeing alloc'ed storage returned from sstring_sub(). Modified: branches/SAMBA_3_0/source/utils/net_rpc_samsync.c trunk/source/utils/net_rpc_samsync.c Changeset: Modified: branches/SAMBA_3_0/source/utils/net_rpc_samsync.c === --- branches/SAMBA_3_0/source/utils/net_rpc_samsync.c 2006-03-10 13:38:17 UTC (rev 14149) +++ branches/SAMBA_3_0/source/utils/net_rpc_samsync.c 2006-03-10 14:09:34 UTC (rev 14150) @@ -1309,7 +1309,9 @@ fflush(add_fd); /* Deallocate memory, and return */ - if (suffix_attr != NULL) SAFE_FREE(suffix_attr); + SAFE_FREE(suffix_attr); + SAFE_FREE(user_attr); + SAFE_FREE(group_attr); return NT_STATUS_OK; } Modified: trunk/source/utils/net_rpc_samsync.c === --- trunk/source/utils/net_rpc_samsync.c2006-03-10 13:38:17 UTC (rev 14149) +++ trunk/source/utils/net_rpc_samsync.c2006-03-10 14:09:34 UTC (rev 14150) @@ -1309,7 +1309,9 @@ fflush(add_fd); /* Deallocate memory, and return */ - if (suffix_attr != NULL) SAFE_FREE(suffix_attr); + SAFE_FREE(suffix_attr); + SAFE_FREE(user_attr); + SAFE_FREE(group_attr); return NT_STATUS_OK; }
svn commit: samba r14152 - branches/SAMBA_3_0/source/utils trunk/source/utils
Author: jmcd Date: 2006-03-10 14:14:23 + (Fri, 10 Mar 2006) New Revision: 14152 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=14152 Log: Fix coverity #117: free storage alloc'ed by sstring_sub Modified: branches/SAMBA_3_0/source/utils/net_rpc_samsync.c trunk/source/utils/net_rpc_samsync.c Changeset: Modified: branches/SAMBA_3_0/source/utils/net_rpc_samsync.c === --- branches/SAMBA_3_0/source/utils/net_rpc_samsync.c 2006-03-10 14:13:04 UTC (rev 14151) +++ branches/SAMBA_3_0/source/utils/net_rpc_samsync.c 2006-03-10 14:14:23 UTC (rev 14152) @@ -1384,6 +1384,7 @@ group_attr, suffix); accountmap[7].rid = 551; pstr_sprintf(accountmap[7].cn, %s, Replicators); + SAFE_FREE(group_attr); return NT_STATUS_OK; } Modified: trunk/source/utils/net_rpc_samsync.c === --- trunk/source/utils/net_rpc_samsync.c2006-03-10 14:13:04 UTC (rev 14151) +++ trunk/source/utils/net_rpc_samsync.c2006-03-10 14:14:23 UTC (rev 14152) @@ -1384,6 +1384,7 @@ group_attr, suffix); accountmap[7].rid = 551; pstr_sprintf(accountmap[7].cn, %s, Replicators); + SAFE_FREE(group_attr); return NT_STATUS_OK; }
svn commit: samba r14153 - branches/SAMBA_3_0/source/utils trunk/source/utils
Author: jmcd Date: 2006-03-10 14:17:44 + (Fri, 10 Mar 2006) New Revision: 14153 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=14153 Log: Fix coverity #116: free storage alloc'ed by sstring_sub() Modified: branches/SAMBA_3_0/source/utils/net_rpc_samsync.c trunk/source/utils/net_rpc_samsync.c Changeset: Modified: branches/SAMBA_3_0/source/utils/net_rpc_samsync.c === --- branches/SAMBA_3_0/source/utils/net_rpc_samsync.c 2006-03-10 14:14:23 UTC (rev 14152) +++ branches/SAMBA_3_0/source/utils/net_rpc_samsync.c 2006-03-10 14:17:44 UTC (rev 14153) @@ -1412,6 +1412,7 @@ strcmp(groupname, Print Operators) == 0 || strcmp(groupname, Backup Operators) == 0 || strcmp(groupname, Replicators) == 0) { + SAFE_FREE(group_attr); return NT_STATUS_OK; } else { /* Increment the gid for the new group */ @@ -1441,6 +1442,7 @@ fprintf(add_fd, \n); fflush(add_fd); + SAFE_FREE(group_attr); /* Return */ return NT_STATUS_OK; } Modified: trunk/source/utils/net_rpc_samsync.c === --- trunk/source/utils/net_rpc_samsync.c2006-03-10 14:14:23 UTC (rev 14152) +++ trunk/source/utils/net_rpc_samsync.c2006-03-10 14:17:44 UTC (rev 14153) @@ -1412,6 +1412,7 @@ strcmp(groupname, Print Operators) == 0 || strcmp(groupname, Backup Operators) == 0 || strcmp(groupname, Replicators) == 0) { + SAFE_FREE(group_attr); return NT_STATUS_OK; } else { /* Increment the gid for the new group */ @@ -1441,6 +1442,7 @@ fprintf(add_fd, \n); fflush(add_fd); + SAFE_FREE(group_attr); /* Return */ return NT_STATUS_OK; }
svn commit: samba r14155 - branches/SAMBA_3_0/source/utils trunk/source/utils
Author: jmcd Date: 2006-03-10 14:20:09 + (Fri, 10 Mar 2006) New Revision: 14155 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=14155 Log: Fix coverity #115: free storage alloc'ed by sstring_sub() Modified: branches/SAMBA_3_0/source/utils/net_rpc_samsync.c trunk/source/utils/net_rpc_samsync.c Changeset: Modified: branches/SAMBA_3_0/source/utils/net_rpc_samsync.c === --- branches/SAMBA_3_0/source/utils/net_rpc_samsync.c 2006-03-10 14:18:10 UTC (rev 14154) +++ branches/SAMBA_3_0/source/utils/net_rpc_samsync.c 2006-03-10 14:20:09 UTC (rev 14155) @@ -1636,6 +1636,7 @@ strcmp(aliasname, Print Operators) == 0 || strcmp(aliasname, Backup Operators) == 0 || strcmp(aliasname, Replicator) == 0) { + SAFE_FREE(group_attr); return NT_STATUS_OK; } else { /* Increment the gid for the new group */ @@ -1663,6 +1664,7 @@ fprintf(add_fd, \n); fflush(add_fd); + SAFE_FREE(group_attr); /* Return */ return NT_STATUS_OK; } Modified: trunk/source/utils/net_rpc_samsync.c === --- trunk/source/utils/net_rpc_samsync.c2006-03-10 14:18:10 UTC (rev 14154) +++ trunk/source/utils/net_rpc_samsync.c2006-03-10 14:20:09 UTC (rev 14155) @@ -1636,6 +1636,7 @@ strcmp(aliasname, Print Operators) == 0 || strcmp(aliasname, Backup Operators) == 0 || strcmp(aliasname, Replicator) == 0) { + SAFE_FREE(group_attr); return NT_STATUS_OK; } else { /* Increment the gid for the new group */ @@ -1663,6 +1664,7 @@ fprintf(add_fd, \n); fflush(add_fd); + SAFE_FREE(group_attr); /* Return */ return NT_STATUS_OK; }
svn commit: samba r14156 - branches/SAMBA_3_0/source/utils trunk/source/utils
Author: jmcd Date: 2006-03-10 14:28:51 + (Fri, 10 Mar 2006) New Revision: 14156 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=14156 Log: Fix coverity #114: free storage alloc'ed by sstring_sub() Modified: branches/SAMBA_3_0/source/utils/net_rpc_samsync.c trunk/source/utils/net_rpc_samsync.c Changeset: Modified: branches/SAMBA_3_0/source/utils/net_rpc_samsync.c === --- branches/SAMBA_3_0/source/utils/net_rpc_samsync.c 2006-03-10 14:20:09 UTC (rev 14155) +++ branches/SAMBA_3_0/source/utils/net_rpc_samsync.c 2006-03-10 14:28:51 UTC (rev 14156) @@ -1455,7 +1455,7 @@ fstring hex_nt_passwd, hex_lm_passwd; fstring description, fullname, sambaSID; uchar lm_passwd[16], nt_passwd[16]; - char *flags; + char *flags, *user_rdn; const char* nopasswd = ; static uchar zero_buf[16]; uint32 rid = 0, group_rid = 0, gidNumber = 0; @@ -1551,10 +1551,11 @@ NEW_PW_FORMAT_SPACE_PADDED_LEN); /* Add the user to the temporary add ldif file */ - fprintf(add_fd, # %s, %s, %s\n, username, - sstring_sub(lp_ldap_user_suffix(), '=', ','), suffix); - fprintf(add_fd, dn: uid=%s,ou=%s,%s\n, username, - sstring_sub(lp_ldap_user_suffix(), '=', ','), suffix); + /* this isn't quite right...we can't assume there's just OU=. jmcd */ + user_rdn = sstring_sub(lp_ldap_user_suffix(), '=', ','); + fprintf(add_fd, # %s, %s, %s\n, username, user_rdn, suffix); + fprintf(add_fd, dn: uid=%s,ou=%s,%s\n, username, user_rdn, suffix); + SAFE_FREE(user_rdn); fprintf(add_fd, ObjectClass: top\n); fprintf(add_fd, objectClass: inetOrgPerson\n); fprintf(add_fd, objectClass: posixAccount\n); Modified: trunk/source/utils/net_rpc_samsync.c === --- trunk/source/utils/net_rpc_samsync.c2006-03-10 14:20:09 UTC (rev 14155) +++ trunk/source/utils/net_rpc_samsync.c2006-03-10 14:28:51 UTC (rev 14156) @@ -1455,7 +1455,7 @@ fstring hex_nt_passwd, hex_lm_passwd; fstring description, fullname, sambaSID; uchar lm_passwd[16], nt_passwd[16]; - char *flags; + char *flags, *user_rdn; const char* nopasswd = ; static uchar zero_buf[16]; uint32 rid = 0, group_rid = 0, gidNumber = 0; @@ -1551,10 +1551,11 @@ NEW_PW_FORMAT_SPACE_PADDED_LEN); /* Add the user to the temporary add ldif file */ - fprintf(add_fd, # %s, %s, %s\n, username, - sstring_sub(lp_ldap_user_suffix(), '=', ','), suffix); - fprintf(add_fd, dn: uid=%s,ou=%s,%s\n, username, - sstring_sub(lp_ldap_user_suffix(), '=', ','), suffix); + /* this isn't quite right...we can't assume there's just OU=. jmcd */ + user_rdn = sstring_sub(lp_ldap_user_suffix(), '=', ','); + fprintf(add_fd, # %s, %s, %s\n, username, user_rdn, suffix); + fprintf(add_fd, dn: uid=%s,ou=%s,%s\n, username, user_rdn, suffix); + SAFE_FREE(user_rdn); fprintf(add_fd, ObjectClass: top\n); fprintf(add_fd, objectClass: inetOrgPerson\n); fprintf(add_fd, objectClass: posixAccount\n);
svn commit: samba r14085 - branches/SAMBA_3_0/source/utils trunk/source/utils
Author: jmcd Date: 2006-03-09 18:03:54 + (Thu, 09 Mar 2006) New Revision: 14085 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=14085 Log: Fix coverity bg #152, uninit'ed var. Modified: branches/SAMBA_3_0/source/utils/net_rpc_join.c trunk/source/utils/net_rpc_join.c Changeset: Modified: branches/SAMBA_3_0/source/utils/net_rpc_join.c === --- branches/SAMBA_3_0/source/utils/net_rpc_join.c 2006-03-09 18:01:48 UTC (rev 14084) +++ branches/SAMBA_3_0/source/utils/net_rpc_join.c 2006-03-09 18:03:54 UTC (rev 14085) @@ -137,7 +137,7 @@ NTSTATUS result; int retval = 1; - char *domain; + char *domain = NULL; uint32 num_rids, *name_types, *user_rids; uint32 flags = 0x3e8; char *acct_name; Modified: trunk/source/utils/net_rpc_join.c === --- trunk/source/utils/net_rpc_join.c 2006-03-09 18:01:48 UTC (rev 14084) +++ trunk/source/utils/net_rpc_join.c 2006-03-09 18:03:54 UTC (rev 14085) @@ -137,7 +137,7 @@ NTSTATUS result; int retval = 1; - char *domain; + char *domain = NULL; uint32 num_rids, *name_types, *user_rids; uint32 flags = 0x3e8; char *acct_name;
svn commit: samba r14053 - branches/SAMBA_3_0/source/utils trunk/source/utils
Author: jmcd Date: 2006-03-08 21:29:49 + (Wed, 08 Mar 2006) New Revision: 14053 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=14053 Log: Implement Simo's suggestion: don't use /dev/null for a 'bad' path for users/workstations Modified: branches/SAMBA_3_0/source/utils/net_rpc_samsync.c trunk/source/utils/net_rpc_samsync.c Changeset: Modified: branches/SAMBA_3_0/source/utils/net_rpc_samsync.c === --- branches/SAMBA_3_0/source/utils/net_rpc_samsync.c 2006-03-08 21:20:43 UTC (rev 14052) +++ branches/SAMBA_3_0/source/utils/net_rpc_samsync.c 2006-03-08 21:29:49 UTC (rev 14053) @@ -1158,7 +1158,7 @@ fprintf(add_fd, gidNumber: 514\n); fprintf(add_fd, uid: nobody\n); fprintf(add_fd, uidNumber: 999\n); - fprintf(add_fd, homeDirectory: /dev/null\n); + fprintf(add_fd, homeDirectory: /nobodyshomedir\n); fprintf(add_fd, sambaPwdLastSet: 0\n); fprintf(add_fd, sambaLogonTime: 0\n); fprintf(add_fd, sambaLogoffTime: 2147483647\n); @@ -1472,7 +1472,7 @@ if (!*homedir) { pstr_sprintf(homedir, /home/%s, username); } else { - pstr_sprintf(homedir, /dev/null); + pstr_sprintf(homedir, /nobodyshomedir); } } Modified: trunk/source/utils/net_rpc_samsync.c === --- trunk/source/utils/net_rpc_samsync.c2006-03-08 21:20:43 UTC (rev 14052) +++ trunk/source/utils/net_rpc_samsync.c2006-03-08 21:29:49 UTC (rev 14053) @@ -1158,7 +1158,7 @@ fprintf(add_fd, gidNumber: 514\n); fprintf(add_fd, uid: nobody\n); fprintf(add_fd, uidNumber: 999\n); - fprintf(add_fd, homeDirectory: /dev/null\n); + fprintf(add_fd, homeDirectory: /nobodyshomedir\n); fprintf(add_fd, sambaPwdLastSet: 0\n); fprintf(add_fd, sambaLogonTime: 0\n); fprintf(add_fd, sambaLogoffTime: 2147483647\n); @@ -1472,7 +1472,7 @@ if (!*homedir) { pstr_sprintf(homedir, /home/%s, username); } else { - pstr_sprintf(homedir, /dev/null); + pstr_sprintf(homedir, /nobodyshomedir); } }
svn commit: samba r13948 - in branches/SAMBA_3_0/source/lib: .
Author: jmcd Date: 2006-03-07 15:32:18 + (Tue, 07 Mar 2006) New Revision: 13948 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=13948 Log: Fix the build. Remove rpcclient.h include. Modified: branches/SAMBA_3_0/source/lib/display_sec.c Changeset: Modified: branches/SAMBA_3_0/source/lib/display_sec.c === --- branches/SAMBA_3_0/source/lib/display_sec.c 2006-03-07 15:27:35 UTC (rev 13947) +++ branches/SAMBA_3_0/source/lib/display_sec.c 2006-03-07 15:32:18 UTC (rev 13948) @@ -20,7 +20,6 @@ */ #include includes.h -#include rpcclient.h / convert a security permissions into a string
svn commit: samba r13949 - in trunk/source/lib: .
Author: jmcd Date: 2006-03-07 15:35:52 + (Tue, 07 Mar 2006) New Revision: 13949 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=13949 Log: Fix build. Remove rpcclient include. Modified: trunk/source/lib/display_sec.c Changeset: Modified: trunk/source/lib/display_sec.c === --- trunk/source/lib/display_sec.c 2006-03-07 15:32:18 UTC (rev 13948) +++ trunk/source/lib/display_sec.c 2006-03-07 15:35:52 UTC (rev 13949) @@ -20,7 +20,6 @@ */ #include includes.h -#include rpcclient.h / convert a security permissions into a string
svn commit: samba r13957 - branches/SAMBA_3_0/source/utils trunk/source/utils
Author: jmcd Date: 2006-03-07 16:29:25 + (Tue, 07 Mar 2006) New Revision: 13957 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=13957 Log: Based on patch from Richard Renard [EMAIL PROTECTED]: Fix machine accounts (should not have valid shells) and users with no home directory (were getting previous user's directory). Modified: branches/SAMBA_3_0/source/utils/net_rpc_samsync.c trunk/source/utils/net_rpc_samsync.c Changeset: Modified: branches/SAMBA_3_0/source/utils/net_rpc_samsync.c === --- branches/SAMBA_3_0/source/utils/net_rpc_samsync.c 2006-03-07 16:28:39 UTC (rev 13956) +++ branches/SAMBA_3_0/source/utils/net_rpc_samsync.c 2006-03-07 16:29:25 UTC (rev 13957) @@ -494,7 +494,7 @@ static NTSTATUS fetch_account_info(uint32 rid, SAM_ACCOUNT_INFO *delta) { - NTSTATUS nt_ret; + NTSTATUS nt_ret = NT_STATUS_UNSUCCESSFUL; fstring account; pstring add_script; struct samu *sam_account=NULL; @@ -1434,12 +1434,11 @@ ACCOUNTMAP *accountmap, FILE *add_fd, fstring sid, char *suffix, int alloced) { - fstring username, homedir, logonscript, homedrive, homepath; + fstring username, logonscript, homedrive, homepath = , homedir = ; fstring hex_nt_passwd, hex_lm_passwd; fstring description, fullname, sambaSID; uchar lm_passwd[16], nt_passwd[16]; char *flags; - const char *blank = , *shell = /bin/bash; const char* nopasswd = ; static uchar zero_buf[16]; uint32 rid = 0, group_rid = 0, gidNumber = 0; @@ -1459,12 +1458,14 @@ pstr_sprintf(accountmap-cn, %s, username); /* Get the home directory */ - unistr2_to_ascii(homedir, (delta-account_info.uni_home_dir), -sizeof(homedir)-1); - if (strcmp(homedir, blank) == 0) { - pstr_sprintf(homedir, /home/%s, username); - } else { - strncpy(homepath, homedir, sizeof(homepath)); + if (delta-account_info.acb_info ACB_NORMAL) { + unistr2_to_ascii(homedir, (delta-account_info.uni_home_dir), +sizeof(homedir)-1); + if (!*homedir) { + pstr_sprintf(homedir, /home/%s, username); + } else { + pstr_sprintf(homedir, dev/null); + } } /* Get the logon script */ @@ -1478,7 +1479,7 @@ /* Get the description */ unistr2_to_ascii(description, (delta-account_info.uni_acct_desc), sizeof(description)-1); - if (strcmp(description, blank) == 0) { + if (!*description) { pstr_sprintf(description, System User); } @@ -1548,18 +1549,20 @@ fprintf(add_fd, uidNumber: %d\n, ldif_uid); fprintf(add_fd, gidNumber: %d\n, gidNumber); fprintf(add_fd, homeDirectory: %s\n, homedir); - if (strcmp(homepath, blank) != 0) + if (*homepath) fprintf(add_fd, SambaHomePath: %s\n, homepath); -if (strcmp(homedrive, blank) != 0) +if (*homedrive) fprintf(add_fd, SambaHomeDrive: %s\n, homedrive); -if (strcmp(logonscript, blank) != 0) +if (*logonscript) fprintf(add_fd, SambaLogonScript: %s\n, logonscript); - fprintf(add_fd, loginShell: %s\n, shell); + fprintf(add_fd, loginShell: %s\n, + ((delta-account_info.acb_info ACB_NORMAL) ? +/bin/bash : /bin/false)); fprintf(add_fd, gecos: System User\n); fprintf(add_fd, description: %s\n, description); fprintf(add_fd, sambaSID: %s-%d\n, sid, rid); fprintf(add_fd, sambaPrimaryGroupSID: %s\n, sambaSID); - if(strcmp(fullname, blank) != 0) + if(*fullname) fprintf(add_fd, displayName: %s\n, fullname); if (strcmp(nopasswd, hex_lm_passwd) != 0) fprintf(add_fd, sambaLMPassword: %s\n, hex_lm_passwd); Modified: trunk/source/utils/net_rpc_samsync.c === --- trunk/source/utils/net_rpc_samsync.c2006-03-07 16:28:39 UTC (rev 13956) +++ trunk/source/utils/net_rpc_samsync.c2006-03-07 16:29:25 UTC (rev 13957) @@ -494,7 +494,7 @@ static NTSTATUS fetch_account_info(uint32 rid, SAM_ACCOUNT_INFO *delta) { - NTSTATUS nt_ret; + NTSTATUS nt_ret = NT_STATUS_UNSUCCESSFUL; fstring account; pstring add_script; struct samu *sam_account=NULL; @@ -1434,12 +1434,11 @@ ACCOUNTMAP *accountmap, FILE *add_fd, fstring sid, char *suffix, int alloced) { - fstring username, homedir, logonscript, homedrive, homepath; + fstring username, logonscript, homedrive, homepath = , homedir
svn commit: samba r13968 - branches/SAMBA_3_0/source/utils trunk/source/utils
Author: jmcd Date: 2006-03-07 17:49:26 + (Tue, 07 Mar 2006) New Revision: 13968 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=13968 Log: fix typo, caught by Guenther Modified: branches/SAMBA_3_0/source/utils/net_rpc_samsync.c trunk/source/utils/net_rpc_samsync.c Changeset: Modified: branches/SAMBA_3_0/source/utils/net_rpc_samsync.c === --- branches/SAMBA_3_0/source/utils/net_rpc_samsync.c 2006-03-07 17:15:18 UTC (rev 13967) +++ branches/SAMBA_3_0/source/utils/net_rpc_samsync.c 2006-03-07 17:49:26 UTC (rev 13968) @@ -1464,7 +1464,7 @@ if (!*homedir) { pstr_sprintf(homedir, /home/%s, username); } else { - pstr_sprintf(homedir, dev/null); + pstr_sprintf(homedir, /dev/null); } } Modified: trunk/source/utils/net_rpc_samsync.c === --- trunk/source/utils/net_rpc_samsync.c2006-03-07 17:15:18 UTC (rev 13967) +++ trunk/source/utils/net_rpc_samsync.c2006-03-07 17:49:26 UTC (rev 13968) @@ -1464,7 +1464,7 @@ if (!*homedir) { pstr_sprintf(homedir, /home/%s, username); } else { - pstr_sprintf(homedir, dev/null); + pstr_sprintf(homedir, /dev/null); } }
svn commit: samba r13187 - in branches/SAMBA_3_0/examples/LDAP: .
Author: jmcd Date: 2006-01-27 15:14:55 + (Fri, 27 Jan 2006) New Revision: 13187 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=13187 Log: IBM Tivoli Directory Server schema updates from John Janosik [EMAIL PROTECTED] Modified: branches/SAMBA_3_0/examples/LDAP/samba.schema.at.IBM-DS branches/SAMBA_3_0/examples/LDAP/samba.schema.oc.IBM-DS Changeset: Modified: branches/SAMBA_3_0/examples/LDAP/samba.schema.at.IBM-DS === --- branches/SAMBA_3_0/examples/LDAP/samba.schema.at.IBM-DS 2006-01-27 13:29:47 UTC (rev 13186) +++ branches/SAMBA_3_0/examples/LDAP/samba.schema.at.IBM-DS 2006-01-27 15:14:55 UTC (rev 13187) @@ -76,3 +76,24 @@ attributetypes=( 1.3.6.1.4.1.7165.2.1.56 NAME 'sambaAccountPolicyName' DESC 'Account Policy Name' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{255} SINGLE-VALUE ) attributetypes=( 1.3.6.1.4.1.7165.2.1.57 NAME 'sambaAccountPolicyValue' DESC 'Account Policy Value' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetypes=( 1.3.6.1.4.1.7165.2.1.58 NAME 'sambaMinPwdLength' DESC 'Minimal password length (default: 5)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetypes=( 1.3.6.1.4.1.7165.2.1.59 NAME 'sambaPwdHistoryLength' DESC 'Length of Password History Entries (default: 0 = off)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetypes=( 1.3.6.1.4.1.7165.2.1.60 NAME 'sambaLogonToChgPwd' DESC 'Force Users to logon for password change (default: 0 = off, 2 = on)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetypes=( 1.3.6.1.4.1.7165.2.1.61 NAME 'sambaMaxPwdAge' DESC 'Maximum password age, in seconds (default: -1 = never expire passwords)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetypes=( 1.3.6.1.4.1.7165.2.1.62 NAME 'sambaMinPwdAge' DESC 'Minimum password age, in seconds (default: 0 = allow immediate password change)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetypes=( 1.3.6.1.4.1.7165.2.1.63 NAME 'sambaLockoutDuration' DESC 'Lockout duration in minutes (default: 30, -1 = forever)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetypes=( 1.3.6.1.4.1.7165.2.1.64 NAME 'sambaLockoutObservationWindow' DESC 'Reset time after lockout in minutes (default: 30)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetypes=( 1.3.6.1.4.1.7165.2.1.65 NAME 'sambaLockoutThreshold' DESC 'Lockout users after bad logon attempts (default: 0 = off)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetypes=( 1.3.6.1.4.1.7165.2.1.66 NAME 'sambaForceLogoff' DESC 'Disconnect Users outside logon hours (default: -1 = off, 0 = on)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetypes=( 1.3.6.1.4.1.7165.2.1.67 NAME 'sambaRefuseMachinePwdChange' DESC 'Allow Machine Password changes (default: 0 = off)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + Modified: branches/SAMBA_3_0/examples/LDAP/samba.schema.oc.IBM-DS === --- branches/SAMBA_3_0/examples/LDAP/samba.schema.oc.IBM-DS 2006-01-27 13:29:47 UTC (rev 13186) +++ branches/SAMBA_3_0/examples/LDAP/samba.schema.oc.IBM-DS 2006-01-27 15:14:55 UTC (rev 13187) @@ -4,7 +4,7 @@ objectclasses=( 1.3.6.1.4.1.7165.2.2.4 NAME 'sambaGroupMapping' SUP top AUXILIARY DESC 'Samba Group Mapping' MUST ( gidNumber $ sambaSID $ sambaGroupType ) MAY ( displayName $ description $ sambaSIDList )) -objectclasses=( 1.3.6.1.4.1.7165.2.2.5 NAME 'sambaDomain' SUP top STRUCTURAL DESC 'Samba Domain Information' MUST ( sambaDomainName $ sambaSID ) MAY ( sambaNextRid $ sambaNextGroupRid $ sambaNextUserRid $ sambaAlgorithmicRidBase ) ) +objectclasses=( 1.3.6.1.4.1.7165.2.2.5 NAME 'sambaDomain' SUP top STRUCTURAL DESC 'Samba Domain Information' MUST ( sambaDomainName $ sambaSID ) MAY ( sambaNextRid $ sambaNextGroupRid $ sambaNextUserRid $ sambaAlgorithmicRidBase $ sambaMinPwdLength $ sambaPwdHistoryLength $ sambaLogonToChgPwd $ sambaMaxPwdAge $ sambaMinPwdAge $ sambaLockoutDuration $ sambaLockoutObservationWindow $ sambaLockoutThreshold $ sambaForceLogoff $ sambaRefuseMachinePwdChange ) ) objectclasses=( 1.3.6.1.4.1.7165.1.2.2.7 NAME 'sambaUnixIdPool' SUP top AUXILIARY DESC 'Pool for allocating UNIX uids/gids' MUST ( uidNumber $ gidNumber ) )
svn commit: samba r13188 - in trunk/examples/LDAP: .
Author: jmcd Date: 2006-01-27 15:31:02 + (Fri, 27 Jan 2006) New Revision: 13188 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=13188 Log: Merge from 3.0 - samba schema updates for ITDS from [EMAIL PROTECTED] Modified: trunk/examples/LDAP/samba.schema.at.IBM-DS trunk/examples/LDAP/samba.schema.oc.IBM-DS Changeset: Modified: trunk/examples/LDAP/samba.schema.at.IBM-DS === --- trunk/examples/LDAP/samba.schema.at.IBM-DS 2006-01-27 15:14:55 UTC (rev 13187) +++ trunk/examples/LDAP/samba.schema.at.IBM-DS 2006-01-27 15:31:02 UTC (rev 13188) @@ -76,3 +76,24 @@ attributetypes=( 1.3.6.1.4.1.7165.2.1.56 NAME 'sambaAccountPolicyName' DESC 'Account Policy Name' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{255} SINGLE-VALUE ) attributetypes=( 1.3.6.1.4.1.7165.2.1.57 NAME 'sambaAccountPolicyValue' DESC 'Account Policy Value' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetypes=( 1.3.6.1.4.1.7165.2.1.58 NAME 'sambaMinPwdLength' DESC 'Minimal password length (default: 5)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetypes=( 1.3.6.1.4.1.7165.2.1.59 NAME 'sambaPwdHistoryLength' DESC 'Length of Password History Entries (default: 0 = off)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetypes=( 1.3.6.1.4.1.7165.2.1.60 NAME 'sambaLogonToChgPwd' DESC 'Force Users to logon for password change (default: 0 = off, 2 = on)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetypes=( 1.3.6.1.4.1.7165.2.1.61 NAME 'sambaMaxPwdAge' DESC 'Maximum password age, in seconds (default: -1 = never expire passwords)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetypes=( 1.3.6.1.4.1.7165.2.1.62 NAME 'sambaMinPwdAge' DESC 'Minimum password age, in seconds (default: 0 = allow immediate password change)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetypes=( 1.3.6.1.4.1.7165.2.1.63 NAME 'sambaLockoutDuration' DESC 'Lockout duration in minutes (default: 30, -1 = forever)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetypes=( 1.3.6.1.4.1.7165.2.1.64 NAME 'sambaLockoutObservationWindow' DESC 'Reset time after lockout in minutes (default: 30)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetypes=( 1.3.6.1.4.1.7165.2.1.65 NAME 'sambaLockoutThreshold' DESC 'Lockout users after bad logon attempts (default: 0 = off)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetypes=( 1.3.6.1.4.1.7165.2.1.66 NAME 'sambaForceLogoff' DESC 'Disconnect Users outside logon hours (default: -1 = off, 0 = on)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetypes=( 1.3.6.1.4.1.7165.2.1.67 NAME 'sambaRefuseMachinePwdChange' DESC 'Allow Machine Password changes (default: 0 = off)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + Modified: trunk/examples/LDAP/samba.schema.oc.IBM-DS === --- trunk/examples/LDAP/samba.schema.oc.IBM-DS 2006-01-27 15:14:55 UTC (rev 13187) +++ trunk/examples/LDAP/samba.schema.oc.IBM-DS 2006-01-27 15:31:02 UTC (rev 13188) @@ -4,7 +4,7 @@ objectclasses=( 1.3.6.1.4.1.7165.2.2.4 NAME 'sambaGroupMapping' SUP top AUXILIARY DESC 'Samba Group Mapping' MUST ( gidNumber $ sambaSID $ sambaGroupType ) MAY ( displayName $ description $ sambaSIDList )) -objectclasses=( 1.3.6.1.4.1.7165.2.2.5 NAME 'sambaDomain' SUP top STRUCTURAL DESC 'Samba Domain Information' MUST ( sambaDomainName $ sambaSID ) MAY ( sambaNextRid $ sambaNextGroupRid $ sambaNextUserRid $ sambaAlgorithmicRidBase ) ) +objectclasses=( 1.3.6.1.4.1.7165.2.2.5 NAME 'sambaDomain' SUP top STRUCTURAL DESC 'Samba Domain Information' MUST ( sambaDomainName $ sambaSID ) MAY ( sambaNextRid $ sambaNextGroupRid $ sambaNextUserRid $ sambaAlgorithmicRidBase $ sambaMinPwdLength $ sambaPwdHistoryLength $ sambaLogonToChgPwd $ sambaMaxPwdAge $ sambaMinPwdAge $ sambaLockoutDuration $ sambaLockoutObservationWindow $ sambaLockoutThreshold $ sambaForceLogoff $ sambaRefuseMachinePwdChange ) ) objectclasses=( 1.3.6.1.4.1.7165.1.2.2.7 NAME 'sambaUnixIdPool' SUP top AUXILIARY DESC 'Pool for allocating UNIX uids/gids' MUST ( uidNumber $ gidNumber ) )
svn commit: samba r11886 - branches/SAMBA_3_0/source/auth trunk/source/auth
Author: jmcd Date: 2005-11-23 22:08:57 + (Wed, 23 Nov 2005) New Revision: 11886 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=11886 Log: Fix 3187: logon hours restrictions were off corresponding to our offset from GMT. Use gmtime() instead of localtime() in the calc, but still use localtime() in displaying it. Modified: branches/SAMBA_3_0/source/auth/auth_sam.c trunk/source/auth/auth_sam.c Changeset: Modified: branches/SAMBA_3_0/source/auth/auth_sam.c === --- branches/SAMBA_3_0/source/auth/auth_sam.c 2005-11-23 18:49:30 UTC (rev 11885) +++ branches/SAMBA_3_0/source/auth/auth_sam.c 2005-11-23 22:08:57 UTC (rev 11886) @@ -88,7 +88,7 @@ } lasttime = (time_t)smb_last_time.tv_sec; - utctime = localtime(lasttime); + utctime = gmtime(lasttime); /* find the corresponding byte and bit */ bitpos = (utctime-tm_wday * 24 + utctime-tm_hour) % 168; @@ -96,7 +96,8 @@ if (! (hours[bitpos/8] bitmask)) { DEBUG(1,(logon_hours_ok: Account for user %s not allowed to logon at this time (%s).\n, - pdb_get_username(sampass), asctime(utctime) )); + pdb_get_username(sampass), + asctime(localtime(lasttime)) )); return False; } Modified: trunk/source/auth/auth_sam.c === --- trunk/source/auth/auth_sam.c2005-11-23 18:49:30 UTC (rev 11885) +++ trunk/source/auth/auth_sam.c2005-11-23 22:08:57 UTC (rev 11886) @@ -88,7 +88,7 @@ } lasttime = (time_t)smb_last_time.tv_sec; - utctime = localtime(lasttime); + utctime = gmtime(lasttime); /* find the corresponding byte and bit */ bitpos = (utctime-tm_wday * 24 + utctime-tm_hour) % 168; @@ -96,7 +96,8 @@ if (! (hours[bitpos/8] bitmask)) { DEBUG(1,(logon_hours_ok: Account for user %s not allowed to logon at this time (%s).\n, - pdb_get_username(sampass), asctime(utctime) )); + pdb_get_username(sampass), + asctime(localtime(lasttime)) )); return False; }
svn commit: samba r11230 - branches/SAMBA_3_0/source/lib trunk/source/lib
Author: jmcd Date: 2005-10-20 16:07:36 + (Thu, 20 Oct 2005) New Revision: 11230 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=11230 Log: Remove the '//' i was using to test something...oops Modified: branches/SAMBA_3_0/source/lib/util_sid.c trunk/source/lib/util_sid.c Changeset: Modified: branches/SAMBA_3_0/source/lib/util_sid.c === --- branches/SAMBA_3_0/source/lib/util_sid.c2005-10-20 16:05:12 UTC (rev 11229) +++ branches/SAMBA_3_0/source/lib/util_sid.c2005-10-20 16:07:36 UTC (rev 11230) @@ -267,7 +267,7 @@ return False; } -// ZERO_STRUCTP(sidout); + ZERO_STRUCTP(sidout); /* Get the revision number. */ p = sidstr + 2; Modified: trunk/source/lib/util_sid.c === --- trunk/source/lib/util_sid.c 2005-10-20 16:05:12 UTC (rev 11229) +++ trunk/source/lib/util_sid.c 2005-10-20 16:07:36 UTC (rev 11230) @@ -267,7 +267,7 @@ return False; } -// ZERO_STRUCTP(sidout); + ZERO_STRUCTP(sidout); /* Get the revision number. */ p = sidstr + 2;
svn commit: samba r11236 - branches/SAMBA_3_0/source/passdb branches/SAMBA_3_0/source/rpc_server trunk/source/passdb trunk/source/rpc_server
Author: jmcd Date: 2005-10-20 20:40:47 + (Thu, 20 Oct 2005) New Revision: 11236 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=11236 Log: Implement user rename for smbpasswd and ldap backends. Some cleanup on tdb as well to make naming consistent. Modified: branches/SAMBA_3_0/source/passdb/pdb_ldap.c branches/SAMBA_3_0/source/passdb/pdb_smbpasswd.c branches/SAMBA_3_0/source/passdb/pdb_tdb.c branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c trunk/source/passdb/pdb_ldap.c trunk/source/passdb/pdb_smbpasswd.c trunk/source/passdb/pdb_tdb.c trunk/source/rpc_server/srv_samr_nt.c Changeset: Sorry, the patch is too large (449 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=11236
svn commit: samba r10909 - in branches/SAMBA_3_0/source: include libsmb utils
Author: jmcd Date: 2005-10-11 18:42:25 + (Tue, 11 Oct 2005) New Revision: 10909 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10909 Log: Give better shutdown messages Modified: branches/SAMBA_3_0/source/include/doserr.h branches/SAMBA_3_0/source/libsmb/doserr.c branches/SAMBA_3_0/source/utils/net_rpc.c Changeset: Modified: branches/SAMBA_3_0/source/include/doserr.h === --- branches/SAMBA_3_0/source/include/doserr.h 2005-10-11 17:36:29 UTC (rev 10908) +++ branches/SAMBA_3_0/source/include/doserr.h 2005-10-11 18:42:25 UTC (rev 10909) @@ -196,6 +196,7 @@ #define WERR_REG_FILE_INVALID W_ERROR(1017) #define WERR_NO_SUCH_SERVICE W_ERROR(1060) #define WERR_INVALID_SERVICE_CONTROL W_ERROR(1052) +#define WERR_MACHINE_LOCKED W_ERROR(1271) #define WERR_INVALID_SECURITY_DESCRIPTOR W_ERROR(1338) #define WERR_SERVER_UNAVAILABLE W_ERROR(1722) #define WERR_INVALID_FORM_NAME W_ERROR(1902) Modified: branches/SAMBA_3_0/source/libsmb/doserr.c === --- branches/SAMBA_3_0/source/libsmb/doserr.c 2005-10-11 17:36:29 UTC (rev 10908) +++ branches/SAMBA_3_0/source/libsmb/doserr.c 2005-10-11 18:42:25 UTC (rev 10909) @@ -66,6 +66,7 @@ { WERR_DFS_NO_SUCH_SERVER, WERR_DFS_NO_SUCH_SERVER }, { WERR_DFS_INTERNAL_ERROR, WERR_DFS_INTERNAL_ERROR }, { WERR_DFS_CANT_CREATE_JUNCT, WERR_DFS_CANT_CREATE_JUNCT }, + { WERR_MACHINE_LOCKED, WERR_MACHINE_LOCKED }, { WERR_INVALID_SECURITY_DESCRIPTOR, WERR_INVALID_SECURITY_DESCRIPTOR }, { WERR_INVALID_OWNER, WERR_INVALID_OWNER }, { WERR_SERVER_UNAVAILABLE, WERR_SERVER_UNAVAILABLE }, Modified: branches/SAMBA_3_0/source/utils/net_rpc.c === --- branches/SAMBA_3_0/source/utils/net_rpc.c 2005-10-11 17:36:29 UTC (rev 10908) +++ branches/SAMBA_3_0/source/utils/net_rpc.c 2005-10-11 18:42:25 UTC (rev 10909) @@ -4610,9 +4610,9 @@ if (NT_STATUS_IS_OK(result)) { d_printf(\nShutdown of remote machine succeeded\n); DEBUG(5,(Shutdown of remote machine succeeded\n)); - } else - DEBUG(0,(Shutdown of remote machine failed!\n)); - + } else { + DEBUG(1,(Shutdown of remote machine failed!\n)); + } return result; } @@ -4640,7 +4640,7 @@ int argc, const char **argv) { - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; + WERROR result; const char *msg = This machine will be shutdown shortly; uint32 timeout = 20; #if 0 @@ -4676,16 +4676,19 @@ } /* create an entry */ - result = werror_to_ntstatus(rpccli_reg_shutdown(pipe_hnd, mem_ctx, msg, timeout, opt_reboot, opt_force)); + result = rpccli_reg_shutdown(pipe_hnd, mem_ctx, msg, timeout, opt_reboot, opt_force); - if (NT_STATUS_IS_OK(result)) { + if (W_ERROR_IS_OK(result)) { d_printf(\nShutdown of remote machine succeeded\n); - DEBUG(5,(Shutdown of remote machine succeeded\n)); + } else { + d_printf(\nShutdown of remote machine failed\n); + if (W_ERROR_EQUAL(result,WERR_MACHINE_LOCKED)) + d_printf(\nMachine locked, use -f switch to force\n); + else + d_printf(\nresult was: %s\n, dos_errstr(result)); } - else - DEBUG(0,(Shutdown of remote machine failed!\n)); - return result; + return werror_to_ntstatus(result); } /** @@ -4703,13 +4706,14 @@ int rc = run_rpc_command(NULL, PI_SHUTDOWN, 0, rpc_init_shutdown_internals, argc, argv); - if (rc == 0) - return rc; - DEBUG(1, (initshutdown pipe didn't work, trying winreg pipe\n)); + if (rc) { + DEBUG(1, (initshutdown pipe failed, trying winreg pipe\n)); + rc = run_rpc_command(NULL, PI_WINREG, 0, +rpc_reg_shutdown_internals, argc, argv); + } - return run_rpc_command(NULL, PI_WINREG, 0, rpc_reg_shutdown_internals, - argc, argv); + return rc; } /***
svn commit: samba r10910 - in trunk/source: include libsmb utils
Author: jmcd Date: 2005-10-11 18:53:13 + (Tue, 11 Oct 2005) New Revision: 10910 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10910 Log: Give better shutdown messages Modified: trunk/source/include/doserr.h trunk/source/libsmb/doserr.c trunk/source/utils/net_rpc.c Changeset: Modified: trunk/source/include/doserr.h === --- trunk/source/include/doserr.h 2005-10-11 18:42:25 UTC (rev 10909) +++ trunk/source/include/doserr.h 2005-10-11 18:53:13 UTC (rev 10910) @@ -196,6 +196,7 @@ #define WERR_REG_FILE_INVALID W_ERROR(1017) #define WERR_NO_SUCH_SERVICE W_ERROR(1060) #define WERR_INVALID_SERVICE_CONTROL W_ERROR(1052) +#define WERR_MACHINE_LOCKED W_ERROR(1271) #define WERR_INVALID_SECURITY_DESCRIPTOR W_ERROR(1338) #define WERR_EVENTLOG_FILE_CORRUPT W_ERROR(1500) #define WERR_SERVER_UNAVAILABLE W_ERROR(1722) Modified: trunk/source/libsmb/doserr.c === --- trunk/source/libsmb/doserr.c2005-10-11 18:42:25 UTC (rev 10909) +++ trunk/source/libsmb/doserr.c2005-10-11 18:53:13 UTC (rev 10910) @@ -66,6 +66,7 @@ { WERR_DFS_NO_SUCH_SERVER, WERR_DFS_NO_SUCH_SERVER }, { WERR_DFS_INTERNAL_ERROR, WERR_DFS_INTERNAL_ERROR }, { WERR_DFS_CANT_CREATE_JUNCT, WERR_DFS_CANT_CREATE_JUNCT }, + { WERR_MACHINE_LOCKED, WERR_MACHINE_LOCKED }, { WERR_INVALID_SECURITY_DESCRIPTOR, WERR_INVALID_SECURITY_DESCRIPTOR }, { WERR_INVALID_OWNER, WERR_INVALID_OWNER }, { WERR_SERVER_UNAVAILABLE, WERR_SERVER_UNAVAILABLE }, Modified: trunk/source/utils/net_rpc.c === --- trunk/source/utils/net_rpc.c2005-10-11 18:42:25 UTC (rev 10909) +++ trunk/source/utils/net_rpc.c2005-10-11 18:53:13 UTC (rev 10910) @@ -4610,9 +4610,9 @@ if (NT_STATUS_IS_OK(result)) { d_printf(\nShutdown of remote machine succeeded\n); DEBUG(5,(Shutdown of remote machine succeeded\n)); - } else - DEBUG(0,(Shutdown of remote machine failed!\n)); - + } else { + DEBUG(1,(Shutdown of remote machine failed!\n)); + } return result; } @@ -4640,7 +4640,7 @@ int argc, const char **argv) { - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; + WERROR result; const char *msg = This machine will be shutdown shortly; uint32 timeout = 20; #if 0 @@ -4676,16 +4676,19 @@ } /* create an entry */ - result = werror_to_ntstatus(rpccli_reg_shutdown(pipe_hnd, mem_ctx, msg, timeout, opt_reboot, opt_force)); + result = rpccli_reg_shutdown(pipe_hnd, mem_ctx, msg, timeout, opt_reboot, opt_force); - if (NT_STATUS_IS_OK(result)) { + if (W_ERROR_IS_OK(result)) { d_printf(\nShutdown of remote machine succeeded\n); - DEBUG(5,(Shutdown of remote machine succeeded\n)); + } else { + d_printf(\nShutdown of remote machine failed\n); + if (W_ERROR_EQUAL(result,WERR_MACHINE_LOCKED)) + d_printf(\nMachine locked, use -f switch to force\n); + else + d_printf(\nresult was: %s\n, dos_errstr(result)); } - else - DEBUG(0,(Shutdown of remote machine failed!\n)); - return result; + return werror_to_ntstatus(result); } /** @@ -4703,13 +4706,14 @@ int rc = run_rpc_command(NULL, PI_SHUTDOWN, 0, rpc_init_shutdown_internals, argc, argv); - if (rc == 0) - return rc; - DEBUG(1, (initshutdown pipe didn't work, trying winreg pipe\n)); + if (rc) { + DEBUG(1, (initshutdown pipe failed, trying winreg pipe\n)); + rc = run_rpc_command(NULL, PI_WINREG, 0, +rpc_reg_shutdown_internals, argc, argv); + } - return run_rpc_command(NULL, PI_WINREG, 0, rpc_reg_shutdown_internals, - argc, argv); + return rc; } /***
svn commit: samba r10911 - branches/SAMBA_3_0/source/include branches/SAMBA_3_0/source/param branches/SAMBA_3_0/source/passdb branches/SAMBA_3_0/source/rpc_server trunk/source/include trunk/source/par
Author: jmcd Date: 2005-10-11 20:14:04 + (Tue, 11 Oct 2005) New Revision: 10911 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10911 Log: part of #2861: add rename support for usrmgr.exe when using tdbsam This gets it working before replacing tdb with the samba4 version. Modified: branches/SAMBA_3_0/source/include/passdb.h branches/SAMBA_3_0/source/param/loadparm.c branches/SAMBA_3_0/source/passdb/pdb_interface.c branches/SAMBA_3_0/source/passdb/pdb_tdb.c branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c trunk/source/include/passdb.h trunk/source/param/loadparm.c trunk/source/passdb/pdb_interface.c trunk/source/passdb/pdb_tdb.c trunk/source/rpc_server/srv_samr_nt.c Changeset: Sorry, the patch is too large (1081 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10911
svn commit: samba r10247 - in branches/SAMBA_3_0/source/utils: .
Author: jmcd Date: 2005-09-15 20:39:57 + (Thu, 15 Sep 2005) New Revision: 10247 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10247 Log: Fix help text for net rpc shutdown. Modified: branches/SAMBA_3_0/source/utils/net_rpc.c Changeset: Modified: branches/SAMBA_3_0/source/utils/net_rpc.c === --- branches/SAMBA_3_0/source/utils/net_rpc.c 2005-09-15 20:03:35 UTC (rev 10246) +++ branches/SAMBA_3_0/source/utils/net_rpc.c 2005-09-15 20:39:57 UTC (rev 10247) @@ -4469,7 +4469,10 @@ if (opt_comment) { msg = opt_comment; + } else { + msg = ; } + if (opt_timeout) { timeout = opt_timeout; } @@ -5965,7 +5968,7 @@ d_printf(\t-r or --reboot\trequest remote server reboot on shutdown\n); d_printf(\t-f or --force\trequest the remote server force its shutdown\n); d_printf(\t-t or --timeout=timeout\tnumber of seconds before shutdown\n); - d_printf(\t-c or --comment=message\ttext message to display on impending shutdown\n); + d_printf(\t-C or --comment=message\ttext message to display on impending shutdown\n); return -1; }
svn commit: samba r10248 - in trunk/source/utils: .
Author: jmcd Date: 2005-09-15 20:41:25 + (Thu, 15 Sep 2005) New Revision: 10248 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10248 Log: Fix help text for net rpc shutdown Modified: trunk/source/utils/net_rpc.c Changeset: Modified: trunk/source/utils/net_rpc.c === --- trunk/source/utils/net_rpc.c2005-09-15 20:39:57 UTC (rev 10247) +++ trunk/source/utils/net_rpc.c2005-09-15 20:41:25 UTC (rev 10248) @@ -6121,7 +6121,7 @@ d_printf(\t-r or --reboot\trequest remote server reboot on shutdown\n); d_printf(\t-f or --force\trequest the remote server force its shutdown\n); d_printf(\t-t or --timeout=timeout\tnumber of seconds before shutdown\n); - d_printf(\t-c or --comment=message\ttext message to display on impending shutdown\n); + d_printf(\t-C or --comment=message\ttext message to display on impending shutdown\n); return -1; }
svn commit: samba-web r794 - in trunk/patches: .
Author: jmcd Date: 2005-08-29 21:20:56 + (Mon, 29 Aug 2005) New Revision: 794 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-webrev=794 Log: Fix typos. Modified: trunk/patches/index.html Changeset: Modified: trunk/patches/index.html === --- trunk/patches/index.html2005-08-29 21:06:08 UTC (rev 793) +++ trunk/patches/index.html2005-08-29 21:20:56 UTC (rev 794) @@ -49,9 +49,9 @@ /tr tr tda href=/samba/patches/groupname_enumeration_v3.patchgroup_enum_v3 (ldap)/a/td -tdFixes a regression in which groups in the mapping table where displayed by the -Unix group name and no the display name (e.g. ntadmin rather that 'Domain Admins'). -Only neede for installations using the ldapsam passdb backend./td +tdFixes a regression in which groups in the mapping table were displayed by the +Unix group name and not the display name (e.g. ntadmin rather that 'Domain Admins'). +Only needed for installations using the ldapsam passdb backend./td /tr tr tda href=/samba/patches/bug3010_v1.patchAIX 5 amp; Win98 endless directory loop/a/td
svn commit: samba r9261 - in branches/SAMBA_3_0/source/rpc_server: .
Author: jmcd Date: 2005-08-12 15:28:19 + (Fri, 12 Aug 2005) New Revision: 9261 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=9261 Log: Fix #2976: windows member servers wouldn't alloc connections from users defined locally because if we didn't find them as a DC we were marking the response as authoritative. Now if it's not a domain we know, we mark the response non-authoritative. Fix from [EMAIL PROTECTED] Modified: branches/SAMBA_3_0/source/rpc_server/srv_netlog_nt.c Changeset: Modified: branches/SAMBA_3_0/source/rpc_server/srv_netlog_nt.c === --- branches/SAMBA_3_0/source/rpc_server/srv_netlog_nt.c2005-08-12 09:51:40 UTC (rev 9260) +++ branches/SAMBA_3_0/source/rpc_server/srv_netlog_nt.c2005-08-12 15:28:19 UTC (rev 9261) @@ -716,6 +716,15 @@ /* Check account and password */ if (!NT_STATUS_IS_OK(status)) { + /* If we don't know what this domain is, we need to + indicate that we are not authoritative. This + allows the client to decide if it needs to try + a local user. Fix by [EMAIL PROTECTED], #2976 */ +if ( NT_STATUS_EQUAL(status, NT_STATUS_NO_SUCH_USER) + !strequal(nt_domain, get_global_sam_name()) + !is_trusted_domain(nt_domain) ) + r_u-auth_resp = 0; /* We are not authoritative */ + free_server_info(server_info); return status; }
svn commit: samba r9262 - in trunk/source/rpc_server: .
Author: jmcd Date: 2005-08-12 15:28:21 + (Fri, 12 Aug 2005) New Revision: 9262 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=9262 Log: Fix #2976: windows member servers wouldn't alloc connections from users defined locally because if we didn't find them as a DC we were marking the response as authoritative. Now if it's not a domain we know, we mark the response non-authoritative. Fix from [EMAIL PROTECTED] Modified: trunk/source/rpc_server/srv_netlog_nt.c Changeset: Modified: trunk/source/rpc_server/srv_netlog_nt.c === --- trunk/source/rpc_server/srv_netlog_nt.c 2005-08-12 15:28:19 UTC (rev 9261) +++ trunk/source/rpc_server/srv_netlog_nt.c 2005-08-12 15:28:21 UTC (rev 9262) @@ -716,6 +716,15 @@ /* Check account and password */ if (!NT_STATUS_IS_OK(status)) { + /* If we don't know what this domain is, we need to + indicate that we are not authoritative. This + allows the client to decide if it needs to try + a local user. Fix by [EMAIL PROTECTED], #2976 */ +if ( NT_STATUS_EQUAL(status, NT_STATUS_NO_SUCH_USER) + !strequal(nt_domain, get_global_sam_name()) + !is_trusted_domain(nt_domain) ) + r_u-auth_resp = 0; /* We are not authoritative */ + free_server_info(server_info); return status; }
svn commit: samba r9112 - in branches/SAMBA_3_0/source: libsmb rpc_server
Author: jmcd Date: 2005-08-05 12:33:00 + (Fri, 05 Aug 2005) New Revision: 9112 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=9112 Log: Fix #2953 - credentials chain on DC gets out of sync with client when NT_STATUS_NO_USER returned. We were moving to the next step in the chain when the client wasn't. Only update when the user logs on. Modified: branches/SAMBA_3_0/source/libsmb/credentials.c branches/SAMBA_3_0/source/rpc_server/srv_netlog_nt.c Changeset: Modified: branches/SAMBA_3_0/source/libsmb/credentials.c === --- branches/SAMBA_3_0/source/libsmb/credentials.c 2005-08-05 11:56:02 UTC (rev 9111) +++ branches/SAMBA_3_0/source/libsmb/credentials.c 2005-08-05 12:33:00 UTC (rev 9112) @@ -208,8 +208,36 @@ DEBUG(5,(deal_with_creds: clnt_cred=%s\n, credstr(sto_clnt_cred-challenge.data))); - /* store new seed in client credentials */ - SIVAL(sto_clnt_cred-challenge.data, 0, new_cred); + /* Bug #2953 - don't store new seed in client credentials + here, because we need to make sure we're moving forward first +*/ return True; } + +/* + stores new seed in client credentials + jmcd - Bug #2953 - moved this functionality out of deal_with_creds, because we're + not supposed to move to the next step in the chain if a nonexistent user tries to logon +*/ +void reseed_client_creds(DOM_CRED *sto_clnt_cred, DOM_CRED *rcv_clnt_cred) +{ + UTIME new_clnt_time; + uint32 new_cred; + + /* increment client time by one second */ + new_clnt_time.time = rcv_clnt_cred-timestamp.time + 1; + + /* first 4 bytes of the new seed is old client 4 bytes + clnt time + 1 */ + new_cred = IVAL(sto_clnt_cred-challenge.data, 0); + new_cred += new_clnt_time.time; + + DEBUG(5,(reseed_client_creds: new_cred[0]=%x\n, new_cred)); + DEBUG(5,(reseed_client_creds: new_clnt_time=%x\n, +new_clnt_time.time)); + DEBUG(5,(reseed_client_creds: clnt_cred=%s\n, +credstr(sto_clnt_cred-challenge.data))); + + /* store new seed in client credentials */ + SIVAL(sto_clnt_cred-challenge.data, 0, new_cred); +} Modified: branches/SAMBA_3_0/source/rpc_server/srv_netlog_nt.c === --- branches/SAMBA_3_0/source/rpc_server/srv_netlog_nt.c2005-08-05 11:56:02 UTC (rev 9111) +++ branches/SAMBA_3_0/source/rpc_server/srv_netlog_nt.c2005-08-05 12:33:00 UTC (rev 9112) @@ -449,6 +449,7 @@ if (!(p-dc.authenticated deal_with_creds(p-dc.sess_key, p-dc.clnt_cred, q_u-clnt_id.cred, srv_cred))) return NT_STATUS_INVALID_HANDLE; + reseed_client_creds(p-dc.clnt_cred, q_u-clnt_id.cred); memcpy(p-dc.srv_cred, p-dc.clnt_cred, sizeof(p-dc.clnt_cred)); DEBUG(5,(_net_srv_pwset: %d\n, __LINE__)); @@ -545,6 +546,8 @@ q_u-sam_id.client.cred, srv_cred))) return NT_STATUS_INVALID_HANDLE; + /* what happens if we get a logoff for an unknown user? */ + reseed_client_creds(p-dc.clnt_cred, q_u-sam_id.client.cred); memcpy(p-dc.srv_cred, p-dc.clnt_cred, sizeof(p-dc.clnt_cred)); /* maybe we want to say 'no', reject the client's credentials */ @@ -603,11 +606,6 @@ if (!(p-dc.authenticated deal_with_creds(p-dc.sess_key, p-dc.clnt_cred, q_u-sam_id.client.cred, srv_cred))) return NT_STATUS_INVALID_HANDLE; - memcpy(p-dc.srv_cred, p-dc.clnt_cred, sizeof(p-dc.clnt_cred)); - - r_u-buffer_creds = 1; /* yes, we have valid server credentials */ - memcpy(r_u-srv_creds, srv_cred, sizeof(r_u-srv_creds)); - /* find the username */ switch (q_u-sam_id.logon_level) { @@ -719,6 +717,15 @@ return status; } + /* moved from right after deal_with_creds above, since we weren't + supposed to update unless logon was successful */ + + reseed_client_creds(p-dc.clnt_cred, q_u-sam_id.client.cred); + memcpy(p-dc.srv_cred, p-dc.clnt_cred, sizeof(p-dc.clnt_cred)); + + r_u-buffer_creds = 1; /* yes, we have valid server credentials */ + memcpy(r_u-srv_creds, srv_cred, sizeof(r_u-srv_creds)); + if (server_info-guest) { /* We don't like guest domain logons... */ DEBUG(5,(_net_sam_logon: Attempted domain logon as GUEST denied.\n));
svn commit: samba r9113 - in trunk/source: libsmb rpc_server
Author: jmcd Date: 2005-08-05 12:33:03 + (Fri, 05 Aug 2005) New Revision: 9113 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=9113 Log: Fix #2953 - credentials chain on DC gets out of sync with client when NT_STATUS_NO_USER returned. We were moving to the next step in the chain when the client wasn't. Only update when the user logs on. Modified: trunk/source/libsmb/credentials.c trunk/source/rpc_server/srv_netlog_nt.c Changeset: Modified: trunk/source/libsmb/credentials.c === --- trunk/source/libsmb/credentials.c 2005-08-05 12:33:00 UTC (rev 9112) +++ trunk/source/libsmb/credentials.c 2005-08-05 12:33:03 UTC (rev 9113) @@ -208,8 +208,36 @@ DEBUG(5,(deal_with_creds: clnt_cred=%s\n, credstr(sto_clnt_cred-challenge.data))); - /* store new seed in client credentials */ - SIVAL(sto_clnt_cred-challenge.data, 0, new_cred); + /* Bug #2953 - don't store new seed in client credentials + here, because we need to make sure we're moving forward first +*/ return True; } + +/* + stores new seed in client credentials + jmcd - Bug #2953 - moved this functionality out of deal_with_creds, because we're + not supposed to move to the next step in the chain if a nonexistent user tries to logon +*/ +void reseed_client_creds(DOM_CRED *sto_clnt_cred, DOM_CRED *rcv_clnt_cred) +{ + UTIME new_clnt_time; + uint32 new_cred; + + /* increment client time by one second */ + new_clnt_time.time = rcv_clnt_cred-timestamp.time + 1; + + /* first 4 bytes of the new seed is old client 4 bytes + clnt time + 1 */ + new_cred = IVAL(sto_clnt_cred-challenge.data, 0); + new_cred += new_clnt_time.time; + + DEBUG(5,(reseed_client_creds: new_cred[0]=%x\n, new_cred)); + DEBUG(5,(reseed_client_creds: new_clnt_time=%x\n, +new_clnt_time.time)); + DEBUG(5,(reseed_client_creds: clnt_cred=%s\n, +credstr(sto_clnt_cred-challenge.data))); + + /* store new seed in client credentials */ + SIVAL(sto_clnt_cred-challenge.data, 0, new_cred); +} Modified: trunk/source/rpc_server/srv_netlog_nt.c === --- trunk/source/rpc_server/srv_netlog_nt.c 2005-08-05 12:33:00 UTC (rev 9112) +++ trunk/source/rpc_server/srv_netlog_nt.c 2005-08-05 12:33:03 UTC (rev 9113) @@ -449,6 +449,7 @@ if (!(p-dc.authenticated deal_with_creds(p-dc.sess_key, p-dc.clnt_cred, q_u-clnt_id.cred, srv_cred))) return NT_STATUS_INVALID_HANDLE; + reseed_client_creds(p-dc.clnt_cred, q_u-clnt_id.cred); memcpy(p-dc.srv_cred, p-dc.clnt_cred, sizeof(p-dc.clnt_cred)); DEBUG(5,(_net_srv_pwset: %d\n, __LINE__)); @@ -545,6 +546,8 @@ q_u-sam_id.client.cred, srv_cred))) return NT_STATUS_INVALID_HANDLE; + /* what happens if we get a logoff for an unknown user? */ + reseed_client_creds(p-dc.clnt_cred, q_u-sam_id.client.cred); memcpy(p-dc.srv_cred, p-dc.clnt_cred, sizeof(p-dc.clnt_cred)); /* maybe we want to say 'no', reject the client's credentials */ @@ -603,11 +606,6 @@ if (!(p-dc.authenticated deal_with_creds(p-dc.sess_key, p-dc.clnt_cred, q_u-sam_id.client.cred, srv_cred))) return NT_STATUS_INVALID_HANDLE; - memcpy(p-dc.srv_cred, p-dc.clnt_cred, sizeof(p-dc.clnt_cred)); - - r_u-buffer_creds = 1; /* yes, we have valid server credentials */ - memcpy(r_u-srv_creds, srv_cred, sizeof(r_u-srv_creds)); - /* find the username */ switch (q_u-sam_id.logon_level) { @@ -719,6 +717,15 @@ return status; } + /* moved from right after deal_with_creds above, since we weren't + supposed to update unless logon was successful */ + + reseed_client_creds(p-dc.clnt_cred, q_u-sam_id.client.cred); + memcpy(p-dc.srv_cred, p-dc.clnt_cred, sizeof(p-dc.clnt_cred)); + + r_u-buffer_creds = 1; /* yes, we have valid server credentials */ + memcpy(r_u-srv_creds, srv_cred, sizeof(r_u-srv_creds)); + if (server_info-guest) { /* We don't like guest domain logons... */ DEBUG(5,(_net_sam_logon: Attempted domain logon as GUEST denied.\n));
svn commit: samba r9091 - in branches/SAMBA_3_0/source/include: .
Author: jmcd Date: 2005-08-05 01:23:33 + (Fri, 05 Aug 2005) New Revision: 9091 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=9091 Log: Fix #2954, aix 5.1 compile. Stupid aix aio.h header defines aio_error and aio_return as macros... Modified: branches/SAMBA_3_0/source/include/vfs.h branches/SAMBA_3_0/source/include/vfs_macros.h Changeset: Modified: branches/SAMBA_3_0/source/include/vfs.h === --- branches/SAMBA_3_0/source/include/vfs.h 2005-08-05 01:23:06 UTC (rev 9090) +++ branches/SAMBA_3_0/source/include/vfs.h 2005-08-05 01:23:33 UTC (rev 9091) @@ -316,9 +316,9 @@ /* aio operations */ int (*aio_read)(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb); int (*aio_write)(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb); - ssize_t (*aio_return)(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb); + ssize_t (*aio_return_fn)(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb); int (*aio_cancel)(struct vfs_handle_struct *handle, struct files_struct *fsp, int fd, SMB_STRUCT_AIOCB *aiocb); - int (*aio_error)(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb); + int (*aio_error_fn)(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb); int (*aio_fsync)(struct vfs_handle_struct *handle, struct files_struct *fsp, int op, SMB_STRUCT_AIOCB *aiocb); int (*aio_suspend)(struct vfs_handle_struct *handle, struct files_struct *fsp, const SMB_STRUCT_AIOCB * const aiocb[], int n, const struct timespec *timeout); Modified: branches/SAMBA_3_0/source/include/vfs_macros.h === --- branches/SAMBA_3_0/source/include/vfs_macros.h 2005-08-05 01:23:06 UTC (rev 9090) +++ branches/SAMBA_3_0/source/include/vfs_macros.h 2005-08-05 01:23:33 UTC (rev 9091) @@ -125,9 +125,9 @@ /* AIO operations. */ #define SMB_VFS_AIO_READ(fsp,aiocb) ((fsp)-conn-vfs.ops.aio_read((fsp)-conn-vfs.handles.aio_read,(fsp),(aiocb))) #define SMB_VFS_AIO_WRITE(fsp,aiocb) ((fsp)-conn-vfs.ops.aio_write((fsp)-conn-vfs.handles.aio_write,(fsp),(aiocb))) -#define SMB_VFS_AIO_RETURN(fsp,aiocb) ((fsp)-conn-vfs.ops.aio_return((fsp)-conn-vfs.handles.aio_return,(fsp),(aiocb))) +#define SMB_VFS_AIO_RETURN(fsp,aiocb) ((fsp)-conn-vfs.ops.aio_return_fn((fsp)-conn-vfs.handles.aio_return,(fsp),(aiocb))) #define SMB_VFS_AIO_CANCEL(fsp,fd,aiocb) ((fsp)-conn-vfs.ops.aio_cancel((fsp)-conn-vfs.handles.aio_cancel,(fsp),(fd),(aiocb))) -#define SMB_VFS_AIO_ERROR(fsp,aiocb) ((fsp)-conn-vfs.ops.aio_error((fsp)-conn-vfs.handles.aio_error,(fsp),(aiocb))) +#define SMB_VFS_AIO_ERROR(fsp,aiocb) ((fsp)-conn-vfs.ops.aio_error_fn((fsp)-conn-vfs.handles.aio_error,(fsp),(aiocb))) #define SMB_VFS_AIO_FSYNC(fsp,op,aiocb) ((fsp)-conn-vfs.ops.aio_fsync((fsp)-conn-vfs.handles.aio_fsync,(fsp),(op),(aiocb))) #define SMB_VFS_AIO_SUSPEND(fsp,aiocb,n,ts) ((fsp)-conn-vfs.ops.aio_suspend((fsp)-conn-vfs.handles.aio_suspend,(fsp),(aiocb),(n),(ts))) @@ -235,9 +235,9 @@ /* AIO operations. */ #define SMB_VFS_OPAQUE_AIO_READ(fsp,aiocb) ((fsp)-conn-vfs_opaque.ops.aio_read((fsp)-conn-vfs_opaque.handles.aio_read,(fsp),(aiocb))) #define SMB_VFS_OPAQUE_AIO_WRITE(fsp,aiocb) ((fsp)-conn-vfs_opaque.ops.aio_write((fsp)-conn-vfs_opaque.handles.aio_write,(fsp),(aiocb))) -#define SMB_VFS_OPAQUE_AIO_RETURN(fsp,aiocb) ((fsp)-conn-vfs_opaque.ops.aio_return((fsp)-conn-vfs_opaque.handles.aio_return,(fsp),(aiocb))) +#define SMB_VFS_OPAQUE_AIO_RETURN(fsp,aiocb) ((fsp)-conn-vfs_opaque.ops.aio_return_fn((fsp)-conn-vfs_opaque.handles.aio_return,(fsp),(aiocb))) #define SMB_VFS_OPAQUE_AIO_CANCEL(fsp,fd,aiocb) ((fsp)-conn-vfs_opaque.ops.aio_cancel((fsp)-conn-vfs_opaque.handles.cancel,(fsp),(fd),(aiocb))) -#define SMB_VFS_OPAQUE_AIO_ERROR(fsp,aiocb) ((fsp)-conn-vfs_opaque.ops.aio_error((fsp)-conn-vfs_opaque.handles.aio_error,(fsp),(aiocb))) +#define SMB_VFS_OPAQUE_AIO_ERROR(fsp,aiocb) ((fsp)-conn-vfs_opaque.ops.aio_error_fn((fsp)-conn-vfs_opaque.handles.aio_error,(fsp),(aiocb))) #define SMB_VFS_OPAQUE_AIO_FSYNC(fsp,op,aiocb) ((fsp)-conn-vfs_opaque.ops.aio_fsync((fsp)-conn-vfs_opaque.handles.aio_fsync,(fsp),(op),(aiocb))) #define SMB_VFS_OPAQUE_AIO_SUSPEND(fsp,aiocb,n,ts) ((fsp)-conn-vfs_opaque.ops.aio_suspend((fsp)-conn-vfs_opaque.handles.aio_suspend,(fsp),(aiocb),(n),(ts))) @@ -346,9 +346,9 @@ /* AIO operations. */ #define SMB_VFS_NEXT_AIO_READ(handle,fsp,aiocb) ((handle)-vfs_next.ops.aio_read((handle)-vfs_next.handles.aio_read,(fsp),(aiocb))) #define SMB_VFS_NEXT_AIO_WRITE(handle,fsp,aiocb) ((handle)-vfs_next.ops.aio_write((handle
svn commit: samba r9093 - in trunk/source/include: .
Author: jmcd Date: 2005-08-05 01:23:35 + (Fri, 05 Aug 2005) New Revision: 9093 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=9093 Log: Fix #2954, aix 5.1 compile. Stupid aix aio.h header defines aio_error and aio_return as macros... Modified: trunk/source/include/vfs.h trunk/source/include/vfs_macros.h Changeset: Modified: trunk/source/include/vfs.h === --- trunk/source/include/vfs.h 2005-08-05 01:23:35 UTC (rev 9092) +++ trunk/source/include/vfs.h 2005-08-05 01:23:35 UTC (rev 9093) @@ -316,9 +316,9 @@ /* aio operations */ int (*aio_read)(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb); int (*aio_write)(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb); - ssize_t (*aio_return)(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb); + ssize_t (*aio_return_fn)(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb); int (*aio_cancel)(struct vfs_handle_struct *handle, struct files_struct *fsp, int fd, SMB_STRUCT_AIOCB *aiocb); - int (*aio_error)(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb); + int (*aio_error_fn)(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb); int (*aio_fsync)(struct vfs_handle_struct *handle, struct files_struct *fsp, int op, SMB_STRUCT_AIOCB *aiocb); int (*aio_suspend)(struct vfs_handle_struct *handle, struct files_struct *fsp, const SMB_STRUCT_AIOCB * const aiocb[], int n, const struct timespec *timeout); Modified: trunk/source/include/vfs_macros.h === --- trunk/source/include/vfs_macros.h 2005-08-05 01:23:35 UTC (rev 9092) +++ trunk/source/include/vfs_macros.h 2005-08-05 01:23:35 UTC (rev 9093) @@ -125,9 +125,9 @@ /* AIO operations. */ #define SMB_VFS_AIO_READ(fsp,aiocb) ((fsp)-conn-vfs.ops.aio_read((fsp)-conn-vfs.handles.aio_read,(fsp),(aiocb))) #define SMB_VFS_AIO_WRITE(fsp,aiocb) ((fsp)-conn-vfs.ops.aio_write((fsp)-conn-vfs.handles.aio_write,(fsp),(aiocb))) -#define SMB_VFS_AIO_RETURN(fsp,aiocb) ((fsp)-conn-vfs.ops.aio_return((fsp)-conn-vfs.handles.aio_return,(fsp),(aiocb))) +#define SMB_VFS_AIO_RETURN(fsp,aiocb) ((fsp)-conn-vfs.ops.aio_return_fn((fsp)-conn-vfs.handles.aio_return,(fsp),(aiocb))) #define SMB_VFS_AIO_CANCEL(fsp,fd,aiocb) ((fsp)-conn-vfs.ops.aio_cancel((fsp)-conn-vfs.handles.aio_cancel,(fsp),(fd),(aiocb))) -#define SMB_VFS_AIO_ERROR(fsp,aiocb) ((fsp)-conn-vfs.ops.aio_error((fsp)-conn-vfs.handles.aio_error,(fsp),(aiocb))) +#define SMB_VFS_AIO_ERROR(fsp,aiocb) ((fsp)-conn-vfs.ops.aio_error_fn((fsp)-conn-vfs.handles.aio_error,(fsp),(aiocb))) #define SMB_VFS_AIO_FSYNC(fsp,op,aiocb) ((fsp)-conn-vfs.ops.aio_fsync((fsp)-conn-vfs.handles.aio_fsync,(fsp),(op),(aiocb))) #define SMB_VFS_AIO_SUSPEND(fsp,aiocb,n,ts) ((fsp)-conn-vfs.ops.aio_suspend((fsp)-conn-vfs.handles.aio_suspend,(fsp),(aiocb),(n),(ts))) @@ -235,9 +235,9 @@ /* AIO operations. */ #define SMB_VFS_OPAQUE_AIO_READ(fsp,aiocb) ((fsp)-conn-vfs_opaque.ops.aio_read((fsp)-conn-vfs_opaque.handles.aio_read,(fsp),(aiocb))) #define SMB_VFS_OPAQUE_AIO_WRITE(fsp,aiocb) ((fsp)-conn-vfs_opaque.ops.aio_write((fsp)-conn-vfs_opaque.handles.aio_write,(fsp),(aiocb))) -#define SMB_VFS_OPAQUE_AIO_RETURN(fsp,aiocb) ((fsp)-conn-vfs_opaque.ops.aio_return((fsp)-conn-vfs_opaque.handles.aio_return,(fsp),(aiocb))) +#define SMB_VFS_OPAQUE_AIO_RETURN(fsp,aiocb) ((fsp)-conn-vfs_opaque.ops.aio_return_fn((fsp)-conn-vfs_opaque.handles.aio_return,(fsp),(aiocb))) #define SMB_VFS_OPAQUE_AIO_CANCEL(fsp,fd,aiocb) ((fsp)-conn-vfs_opaque.ops.aio_cancel((fsp)-conn-vfs_opaque.handles.cancel,(fsp),(fd),(aiocb))) -#define SMB_VFS_OPAQUE_AIO_ERROR(fsp,aiocb) ((fsp)-conn-vfs_opaque.ops.aio_error((fsp)-conn-vfs_opaque.handles.aio_error,(fsp),(aiocb))) +#define SMB_VFS_OPAQUE_AIO_ERROR(fsp,aiocb) ((fsp)-conn-vfs_opaque.ops.aio_error_fn((fsp)-conn-vfs_opaque.handles.aio_error,(fsp),(aiocb))) #define SMB_VFS_OPAQUE_AIO_FSYNC(fsp,op,aiocb) ((fsp)-conn-vfs_opaque.ops.aio_fsync((fsp)-conn-vfs_opaque.handles.aio_fsync,(fsp),(op),(aiocb))) #define SMB_VFS_OPAQUE_AIO_SUSPEND(fsp,aiocb,n,ts) ((fsp)-conn-vfs_opaque.ops.aio_suspend((fsp)-conn-vfs_opaque.handles.aio_suspend,(fsp),(aiocb),(n),(ts))) @@ -346,9 +346,9 @@ /* AIO operations. */ #define SMB_VFS_NEXT_AIO_READ(handle,fsp,aiocb) ((handle)-vfs_next.ops.aio_read((handle)-vfs_next.handles.aio_read,(fsp),(aiocb))) #define SMB_VFS_NEXT_AIO_WRITE(handle,fsp,aiocb) ((handle)-vfs_next.ops.aio_write((handle)-vfs_next.handles.aio_write,(fsp),(aiocb))) -#define SMB_VFS_NEXT_AIO_RETURN(handle,fsp,aiocb) ((handle)-vfs_next.ops.aio_return((handle
svn commit: samba r8432 - in branches/SAMBA_3_0/source: auth include rpc_server
Author: jmcd Date: 2005-07-13 20:04:26 + (Wed, 13 Jul 2005) New Revision: 8432 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=8432 Log: Fix #2077 - login to trusted domain doesn't allow home drive map and login scripts to be executed. We were filling in our name as the server which processed the login, even when it was done by a trusted DC. Thanks to John Janosik [EMAIL PROTECTED] for the fix. Modified: branches/SAMBA_3_0/source/auth/auth_util.c branches/SAMBA_3_0/source/include/auth.h branches/SAMBA_3_0/source/rpc_server/srv_netlog_nt.c Changeset: Modified: branches/SAMBA_3_0/source/auth/auth_util.c === --- branches/SAMBA_3_0/source/auth/auth_util.c 2005-07-13 16:47:42 UTC (rev 8431) +++ branches/SAMBA_3_0/source/auth/auth_util.c 2005-07-13 20:04:26 UTC (rev 8432) @@ -1327,6 +1327,9 @@ return nt_status; } + (*server_info)-login_server = unistr2_tdup(mem_ctx, + (info3-uni_logon_srv)); + (*server_info)-ptok = token; SAFE_FREE(lgroupSIDs); Modified: branches/SAMBA_3_0/source/include/auth.h === --- branches/SAMBA_3_0/source/include/auth.h2005-07-13 16:47:42 UTC (rev 8431) +++ branches/SAMBA_3_0/source/include/auth.h2005-07-13 20:04:26 UTC (rev 8432) @@ -69,6 +69,8 @@ DATA_BLOB user_session_key; DATA_BLOB lm_session_key; + +char *login_server; /* which server authorized the login? */ uint32 sam_fill_level; /* How far is this structure filled? */ Modified: branches/SAMBA_3_0/source/rpc_server/srv_netlog_nt.c === --- branches/SAMBA_3_0/source/rpc_server/srv_netlog_nt.c2005-07-13 16:47:42 UTC (rev 8431) +++ branches/SAMBA_3_0/source/rpc_server/srv_netlog_nt.c2005-07-13 20:04:26 UTC (rev 8432) @@ -764,8 +764,13 @@ return NT_STATUS_UNSUCCESSFUL; } - pstrcpy(my_name, global_myname()); - + + if(server_info-login_server) { + pstrcpy(my_name, server_info-login_server); + } else { + pstrcpy(my_name, global_myname()); + } + if (!NT_STATUS_IS_OK(status = nt_token_to_group_list(p-mem_ctx, domain_sid,
svn commit: samba r8433 - in trunk/source: auth include rpc_server
Author: jmcd Date: 2005-07-13 20:10:26 + (Wed, 13 Jul 2005) New Revision: 8433 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=8433 Log: Merge from 3.0: Fix #2077, passing our server name as the login server when logging in on trusted domain account. We now pass the correct (trusted DC) server name in this case. Modified: trunk/source/auth/auth_util.c trunk/source/include/auth.h trunk/source/rpc_server/srv_netlog_nt.c Changeset: Modified: trunk/source/auth/auth_util.c === --- trunk/source/auth/auth_util.c 2005-07-13 20:04:26 UTC (rev 8432) +++ trunk/source/auth/auth_util.c 2005-07-13 20:10:26 UTC (rev 8433) @@ -1327,6 +1327,9 @@ return nt_status; } + (*server_info)-login_server = unistr2_tdup(mem_ctx, + (info3-uni_logon_srv)); + (*server_info)-ptok = token; SAFE_FREE(lgroupSIDs); Modified: trunk/source/include/auth.h === --- trunk/source/include/auth.h 2005-07-13 20:04:26 UTC (rev 8432) +++ trunk/source/include/auth.h 2005-07-13 20:10:26 UTC (rev 8433) @@ -69,6 +69,8 @@ DATA_BLOB user_session_key; DATA_BLOB lm_session_key; + +char *login_server; /* which server authorized the login? */ uint32 sam_fill_level; /* How far is this structure filled? */ Modified: trunk/source/rpc_server/srv_netlog_nt.c === --- trunk/source/rpc_server/srv_netlog_nt.c 2005-07-13 20:04:26 UTC (rev 8432) +++ trunk/source/rpc_server/srv_netlog_nt.c 2005-07-13 20:10:26 UTC (rev 8433) @@ -764,8 +764,13 @@ return NT_STATUS_UNSUCCESSFUL; } - pstrcpy(my_name, global_myname()); - + + if(server_info-login_server) { + pstrcpy(my_name, server_info-login_server); + } else { + pstrcpy(my_name, global_myname()); + } + if (!NT_STATUS_IS_OK(status = nt_token_to_group_list(p-mem_ctx, domain_sid,
svn commit: samba r8189 - in branches/SAMBA_3_0/source: lib utils
Author: jmcd Date: 2005-07-06 21:02:43 + (Wed, 06 Jul 2005) New Revision: 8189 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=8189 Log: commit vampire ldif patch, mostly from Don Watson ([EMAIL PROTECTED]). Yes, that's my copyright...that's just how we have to do things at big blue. Adds subcommand to vampire to allow data to be put into an ldif file instead of actually writing to the passdb. See net rpc help vampire for usage info. This should be added to docs as well. Modified: branches/SAMBA_3_0/source/lib/util_str.c branches/SAMBA_3_0/source/utils/net.h branches/SAMBA_3_0/source/utils/net_rpc.c branches/SAMBA_3_0/source/utils/net_rpc_samsync.c Changeset: Sorry, the patch is too large (1119 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=8189
svn commit: samba r8190 - in trunk/source: lib utils
Author: jmcd Date: 2005-07-06 21:02:46 + (Wed, 06 Jul 2005) New Revision: 8190 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=8190 Log: Commit vampire ldif patch, mostly from Don Watson ([EMAIL PROTECTED]). Yes, that's my copyright...that's just how we have to do things at big blue. Adds subcommand to vampire to allow data to be put into an ldif file instead of actually writing to the passdb. See net rpc help vampire for usage info. This should be added to docs as well. Modified: trunk/source/lib/util_str.c trunk/source/utils/net.h trunk/source/utils/net_rpc.c trunk/source/utils/net_rpc_samsync.c Changeset: Sorry, the patch is too large (1119 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=8190
svn commit: samba r7148 - in branches/SAMBA_3_0/source/nsswitch: .
Author: jmcd Date: 2005-05-31 18:36:38 + (Tue, 31 May 2005) New Revision: 7148 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=7148 Log: Fix #2736: winbind race condition with detecting idle clients winbind idle connection closing logic is getting invoked under high loads for clients which may already have commands in the pipe. This race condition causes clients to fail with NSS_STATUS_UNAVAIL sometimes. We now retry several times hoping (still not guaranteed, though) it will work. Modified: branches/SAMBA_3_0/source/nsswitch/wb_common.c Changeset: Modified: branches/SAMBA_3_0/source/nsswitch/wb_common.c === --- branches/SAMBA_3_0/source/nsswitch/wb_common.c 2005-05-31 18:13:25 UTC (rev 7147) +++ branches/SAMBA_3_0/source/nsswitch/wb_common.c 2005-05-31 18:36:38 UTC (rev 7148) @@ -588,12 +588,18 @@ struct winbindd_request *request, struct winbindd_response *response) { - NSS_STATUS status; + NSS_STATUS status = NSS_STATUS_UNAVAIL; + int count = 0; - status = winbindd_send_request(req_type, request); - if (status != NSS_STATUS_SUCCESS) - return(status); - return winbindd_get_response(response); + while ((status == NSS_STATUS_UNAVAIL) (count 10)) { + status = winbindd_send_request(req_type, request); + if (status != NSS_STATUS_SUCCESS) + return(status); + status = winbindd_get_response(response); + count += 1; + } + + return status; } /* @@ -606,7 +612,7 @@ BOOL winbind_off( void ) { -static char *s = CONST_DISCARD(char *, WINBINDD_DONT_ENV =1); + static char *s = CONST_DISCARD(char *, WINBINDD_DONT_ENV =1); return putenv(s) != -1; }
svn commit: samba r7149 - in trunk/source/nsswitch: .
Author: jmcd Date: 2005-05-31 18:36:59 + (Tue, 31 May 2005) New Revision: 7149 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=7149 Log: Fix #2736: winbind race condition with detecting idle clients winbind idle connection closing logic is getting invoked under high loads for clients which may already have commands in the pipe. This race condition causes clients to fail with NSS_STATUS_UNAVAIL sometimes. We now retry several times hoping (still not guaranteed, though) it will work. Modified: trunk/source/nsswitch/wb_common.c Changeset: Modified: trunk/source/nsswitch/wb_common.c === --- trunk/source/nsswitch/wb_common.c 2005-05-31 18:36:38 UTC (rev 7148) +++ trunk/source/nsswitch/wb_common.c 2005-05-31 18:36:59 UTC (rev 7149) @@ -588,12 +588,18 @@ struct winbindd_request *request, struct winbindd_response *response) { - NSS_STATUS status; + NSS_STATUS status = NSS_STATUS_UNAVAIL; + int count = 0; - status = winbindd_send_request(req_type, request); - if (status != NSS_STATUS_SUCCESS) - return(status); - return winbindd_get_response(response); + while ((status == NSS_STATUS_UNAVAIL) (count 10)) { + status = winbindd_send_request(req_type, request); + if (status != NSS_STATUS_SUCCESS) + return(status); + status = winbindd_get_response(response); + count += 1; + } + + return status; } /*
svn commit: samba r6224 - in trunk/source: include passdb rpc_server
Author: jmcd Date: 2005-04-06 13:47:21 + (Wed, 06 Apr 2005) New Revision: 6224 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6224 Log: merge patch I'd checked in on 3.0: Volker's work on ldapsam trusted lookuprids Modified: trunk/source/include/passdb.h trunk/source/passdb/pdb_interface.c trunk/source/passdb/pdb_ldap.c trunk/source/rpc_server/srv_samr_nt.c Changeset: Sorry, the patch is too large (567 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6224