svn commit: samba r17451 - in branches/SAMBA_3_0/source: groupdb include passdb rpc_server utils

2006-08-08 Thread vlendec
Author: vlendec
Date: 2006-08-08 08:26:40 + (Tue, 08 Aug 2006)
New Revision: 17451

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17451

Log:
Change pdb_getgrsid not to take a DOM_SID but a const DOM_SID * as an
argument.

Volker
Modified:
   branches/SAMBA_3_0/source/groupdb/mapping.c
   branches/SAMBA_3_0/source/include/passdb.h
   branches/SAMBA_3_0/source/passdb/lookup_sid.c
   branches/SAMBA_3_0/source/passdb/pdb_interface.c
   branches/SAMBA_3_0/source/passdb/pdb_ldap.c
   branches/SAMBA_3_0/source/rpc_server/srv_lsa_nt.c
   branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c
   branches/SAMBA_3_0/source/utils/net_groupmap.c
   branches/SAMBA_3_0/source/utils/net_rpc_samsync.c
   branches/SAMBA_3_0/source/utils/net_sam.c


Changeset:
Modified: branches/SAMBA_3_0/source/groupdb/mapping.c
===
--- branches/SAMBA_3_0/source/groupdb/mapping.c 2006-08-07 20:43:06 UTC (rev 
17450)
+++ branches/SAMBA_3_0/source/groupdb/mapping.c 2006-08-08 08:26:40 UTC (rev 
17451)
@@ -220,7 +220,7 @@
  Return the sid and the type of the unix group.
 /
 
-static BOOL get_group_map_from_sid(DOM_SID sid, GROUP_MAP *map)
+static BOOL get_group_map_from_sid(const DOM_SID *sid, GROUP_MAP *map)
 {
TDB_DATA kbuf, dbuf;
pstring key;
@@ -234,7 +234,7 @@
 
/* the key is the SID, retrieving is direct */
 
-   sid_to_string(string_sid, sid);
+   sid_to_string(string_sid, sid);
slprintf(key, sizeof(key), %s%s, GROUP_PREFIX, string_sid);
 
kbuf.dptr = key;
@@ -254,7 +254,7 @@
return False;
}

-   sid_copy(map-sid, sid);
+   sid_copy(map-sid, sid);

return True;
 }
@@ -588,7 +588,7 @@
return NT_STATUS_ACCESS_DENIED;
}
 
-   if (!get_group_map_from_sid(*alias, map))
+   if (!get_group_map_from_sid(alias, map))
return NT_STATUS_NO_SUCH_ALIAS;
 
if ( (map.sid_name_use != SID_NAME_ALIAS) 
@@ -691,7 +691,7 @@
return NT_STATUS_ACCESS_DENIED;
}
 
-   if (!get_group_map_from_sid(*alias, map))
+   if (!get_group_map_from_sid(alias, map))
return NT_STATUS_NO_SUCH_ALIAS;
 
if ( (map.sid_name_use != SID_NAME_ALIAS) 
@@ -796,7 +796,7 @@
 
 /* get a domain group from it's SID */
 
-BOOL get_domain_group_from_sid(DOM_SID sid, GROUP_MAP *map)
+BOOL get_domain_group_from_sid(const DOM_SID *sid, GROUP_MAP *map)
 {
struct group *grp;
BOOL ret;
@@ -819,12 +819,12 @@
if ( !ret ) {
uint32 rid;

-   sid_peek_rid( sid, rid );
+   sid_peek_rid( sid, rid );

if ( rid == DOMAIN_GROUP_RID_USERS ) {
fstrcpy( map-nt_name, None );
fstrcpy( map-comment, Ordinary Users );
-   sid_copy( map-sid, sid );
+   sid_copy( map-sid, sid );
map-sid_name_use = SID_NAME_DOM_GRP;

return True;
@@ -998,7 +998,7 @@
 
 
 NTSTATUS pdb_default_getgrsid(struct pdb_methods *methods, GROUP_MAP *map,
-DOM_SID sid)
+ const DOM_SID *sid)
 {
return get_group_map_from_sid(sid, map) ?
NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
@@ -1138,7 +1138,7 @@
 {
GROUP_MAP map;
 
-   if (!pdb_getgrsid(map, *sid))
+   if (!pdb_getgrsid(map, sid))
return NT_STATUS_NO_SUCH_ALIAS;
 
if ((map.sid_name_use != SID_NAME_ALIAS) 
@@ -1161,7 +1161,7 @@
 {
GROUP_MAP map;
 
-   if (!pdb_getgrsid(map, *sid))
+   if (!pdb_getgrsid(map, sid))
return NT_STATUS_NO_SUCH_ALIAS;
 
fstrcpy(map.nt_name, info-acct_name);
@@ -1285,7 +1285,7 @@
BOOL res;
 
become_root();
-   res = get_domain_group_from_sid(*sid, map);
+   res = get_domain_group_from_sid(sid, map);
unbecome_root();
 
if (!res)
@@ -1301,7 +1301,7 @@
 {
GROUP_MAP map;
 
-   if (!get_domain_group_from_sid(*sid, map))
+   if (!get_domain_group_from_sid(sid, map))
return False;
 
fstrcpy(map.nt_name, info-acct_name);

Modified: branches/SAMBA_3_0/source/include/passdb.h
===
--- branches/SAMBA_3_0/source/include/passdb.h  2006-08-07 20:43:06 UTC (rev 
17450)
+++ branches/SAMBA_3_0/source/include/passdb.h  2006-08-08 08:26:40 UTC (rev 
17451)
@@ -244,7 +244,7 @@
  * enum SID_NAME_USE rather than uint32.
  */
 
-#define PASSDB_INTERFACE_VERSION 14
+#define PASSDB_INTERFACE_VERSION 15
 
 struct pdb_methods 
 {
@@ -277,7 +277,8 @@

NTSTATUS (*update_login_attempts)(struct pdb_methods *methods, struct 
samu *sam_acct, 

svn commit: samba r17453 - in branches: SAMBA_3_0/source/include SAMBA_3_0/source/rpc_client SAMBA_3_0/source/rpc_parse SAMBA_3_0/source/rpc_server SAMBA_3_0/source/rpcclient SAMBA_3_0/source/smbd SAM

2006-08-08 Thread gd
Author: gd
Date: 2006-08-08 11:00:16 + (Tue, 08 Aug 2006)
New Revision: 17453

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17453

Log:
Fix msdfs RPC management (this broke with the autogenerated dfs rpcs).

* Remove unknown from dfs_Enum (samba4 dfs IDL updates to follow).

* When encountering an unsupported infolevel the rpc server must reply
with a dfs_info_0 structure and WERR_OK (observed from w2k3 when talking
to nt4).

Guenther

Modified:
   branches/SAMBA_3_0/source/include/msdfs.h
   branches/SAMBA_3_0/source/include/rpc_dfs.h
   branches/SAMBA_3_0/source/rpc_client/cli_dfs.c
   branches/SAMBA_3_0/source/rpc_parse/parse_dfs.c
   branches/SAMBA_3_0/source/rpc_server/srv_dfs_nt.c
   branches/SAMBA_3_0/source/rpcclient/cmd_dfs.c
   branches/SAMBA_3_0/source/smbd/msdfs.c
   branches/SAMBA_3_0_23/source/include/msdfs.h
   branches/SAMBA_3_0_23/source/include/rpc_dfs.h
   branches/SAMBA_3_0_23/source/rpc_client/cli_dfs.c
   branches/SAMBA_3_0_23/source/rpc_parse/parse_dfs.c
   branches/SAMBA_3_0_23/source/rpc_server/srv_dfs_nt.c
   branches/SAMBA_3_0_23/source/rpcclient/cmd_dfs.c
   branches/SAMBA_3_0_23/source/smbd/msdfs.c


Changeset:
Modified: branches/SAMBA_3_0/source/include/msdfs.h
===
--- branches/SAMBA_3_0/source/include/msdfs.h   2006-08-08 09:56:38 UTC (rev 
17452)
+++ branches/SAMBA_3_0/source/include/msdfs.h   2006-08-08 11:00:16 UTC (rev 
17453)
@@ -53,6 +53,7 @@
 struct junction_map {
pstring service_name;
pstring volume_name;
+   pstring comment;
int referral_count;
struct referral* referral_list;
 };

Modified: branches/SAMBA_3_0/source/include/rpc_dfs.h
===
--- branches/SAMBA_3_0/source/include/rpc_dfs.h 2006-08-08 09:56:38 UTC (rev 
17452)
+++ branches/SAMBA_3_0/source/include/rpc_dfs.h 2006-08-08 11:00:16 UTC (rev 
17453)
@@ -243,8 +243,6 @@
uint32 bufsize;
uint32 ptr0_info;
NETDFS_DFS_ENUMSTRUCT info;
-   uint32 ptr0_unknown;
-   uint32 unknown;
uint32 ptr0_total;
uint32 total;
 } NETDFS_Q_DFS_ENUM;

Modified: branches/SAMBA_3_0/source/rpc_client/cli_dfs.c
===
--- branches/SAMBA_3_0/source/rpc_client/cli_dfs.c  2006-08-08 09:56:38 UTC 
(rev 17452)
+++ branches/SAMBA_3_0/source/rpc_client/cli_dfs.c  2006-08-08 11:00:16 UTC 
(rev 17453)
@@ -142,7 +142,7 @@
return werror_to_ntstatus(r.status);
 }
 
-NTSTATUS rpccli_dfs_Enum(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, 
uint32 level, uint32 bufsize, NETDFS_DFS_ENUMSTRUCT *info, uint32 *unknown, 
uint32 *total)
+NTSTATUS rpccli_dfs_Enum(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, 
uint32 level, uint32 bufsize, NETDFS_DFS_ENUMSTRUCT *info, uint32 *total)
 {
prs_struct qbuf, rbuf;
NETDFS_Q_DFS_ENUM q;
@@ -153,7 +153,7 @@

/* Marshall data and send request */

-   if (!init_netdfs_q_dfs_Enum(q, level, bufsize, info, unknown, total))
+   if (!init_netdfs_q_dfs_Enum(q, level, bufsize, info, total))
return NT_STATUS_INVALID_PARAMETER;

CLI_DO_RPC(cli, mem_ctx, PI_NETDFS, DFS_ENUM,

Modified: branches/SAMBA_3_0/source/rpc_parse/parse_dfs.c
===
--- branches/SAMBA_3_0/source/rpc_parse/parse_dfs.c 2006-08-08 09:56:38 UTC 
(rev 17452)
+++ branches/SAMBA_3_0/source/rpc_parse/parse_dfs.c 2006-08-08 11:00:16 UTC 
(rev 17453)
@@ -1862,7 +1862,7 @@
return True;
 }
 
-BOOL init_netdfs_q_dfs_Enum(NETDFS_Q_DFS_ENUM *v, uint32 level, uint32 
bufsize, NETDFS_DFS_ENUMSTRUCT *info, uint32 *unknown, uint32 *total)
+BOOL init_netdfs_q_dfs_Enum(NETDFS_Q_DFS_ENUM *v, uint32 level, uint32 
bufsize, NETDFS_DFS_ENUMSTRUCT *info, uint32 *total)
 {
DEBUG(5,(init_netdfs_q_dfs_Enum\n));

@@ -1877,13 +1877,6 @@
v-ptr0_info = 0;
}

-   if (unknown) {
-   v-ptr0_unknown = 1;
-   v-unknown = *unknown;
-   } else {
-   v-ptr0_unknown = 0;
-   }
-   
if (total) {
v-ptr0_total = 1;
v-total = *total;
@@ -1920,17 +1913,6 @@
if (!prs_align_custom(ps, 4))
return False;

-   if (!prs_uint32(ptr0_unknown, ps, depth, v-ptr0_unknown))
-   return False;
-   
-   if (v-ptr0_unknown) {
-   if (!prs_uint32(unknown, ps, depth, v-unknown))
-   return False;
-   }
-   
-   if (!prs_align_custom(ps, 4))
-   return False;
-   
if (!prs_uint32(ptr0_total, ps, depth, v-ptr0_total))
return False;


Modified: branches/SAMBA_3_0/source/rpc_server/srv_dfs_nt.c
===
--- 

svn commit: samba r17454 - in branches/SAMBA_3_0/source: include rpc_client rpc_parse rpcclient

2006-08-08 Thread gd
Author: gd
Date: 2006-08-08 11:45:57 + (Tue, 08 Aug 2006)
New Revision: 17454

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17454

Log:
Adding dfs_EnumEx for rpcclient (Samba4 IDL to follow).

Guenther

Modified:
   branches/SAMBA_3_0/source/include/rpc_dfs.h
   branches/SAMBA_3_0/source/rpc_client/cli_dfs.c
   branches/SAMBA_3_0/source/rpc_parse/parse_dfs.c
   branches/SAMBA_3_0/source/rpcclient/cmd_dfs.c


Changeset:
Modified: branches/SAMBA_3_0/source/include/rpc_dfs.h
===
--- branches/SAMBA_3_0/source/include/rpc_dfs.h 2006-08-08 11:00:16 UTC (rev 
17453)
+++ branches/SAMBA_3_0/source/include/rpc_dfs.h 2006-08-08 11:45:57 UTC (rev 
17454)
@@ -376,10 +376,21 @@
 } NETDFS_R_DFS_REMOVE2;
 
 typedef struct netdfs_q_dfs_EnumEx {
-   uint32 dummy;
+   uint32 ptr0_dfs_name;
+   UNISTR2 dfs_name;
+   uint32 level;
+   uint32 bufsize;
+   uint32 ptr0_info;
+   NETDFS_DFS_ENUMSTRUCT info;
+   uint32 ptr0_total;
+   uint32 total;
 } NETDFS_Q_DFS_ENUMEX;
 
 typedef struct netdfs_r_dfs_EnumEx {
+   uint32 ptr0_info;
+   NETDFS_DFS_ENUMSTRUCT info;
+   uint32 ptr0_total;
+   uint32 total;
WERROR status;
 } NETDFS_R_DFS_ENUMEX;
 

Modified: branches/SAMBA_3_0/source/rpc_client/cli_dfs.c
===
--- branches/SAMBA_3_0/source/rpc_client/cli_dfs.c  2006-08-08 11:00:16 UTC 
(rev 17453)
+++ branches/SAMBA_3_0/source/rpc_client/cli_dfs.c  2006-08-08 11:45:57 UTC 
(rev 17454)
@@ -576,7 +576,7 @@
return werror_to_ntstatus(r.status);
 }
 
-NTSTATUS rpccli_dfs_EnumEx(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx)
+NTSTATUS rpccli_dfs_EnumEx(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, 
uint32 level, uint32 bufsize, NETDFS_DFS_ENUMSTRUCT *info, uint32 *total, const 
char *dfs_name)
 {
prs_struct qbuf, rbuf;
NETDFS_Q_DFS_ENUMEX q;
@@ -587,7 +587,7 @@

/* Marshall data and send request */

-   if (!init_netdfs_q_dfs_EnumEx(q))
+   if (!init_netdfs_q_dfs_EnumEx(q, level, bufsize, info, total, 
dfs_name))
return NT_STATUS_INVALID_PARAMETER;

CLI_DO_RPC(cli, mem_ctx, PI_NETDFS, DFS_ENUMEX,

Modified: branches/SAMBA_3_0/source/rpc_parse/parse_dfs.c
===
--- branches/SAMBA_3_0/source/rpc_parse/parse_dfs.c 2006-08-08 11:00:16 UTC 
(rev 17453)
+++ branches/SAMBA_3_0/source/rpc_parse/parse_dfs.c 2006-08-08 11:45:57 UTC 
(rev 17454)
@@ -2569,10 +2569,33 @@
return True;
 }
 
-BOOL init_netdfs_q_dfs_EnumEx(NETDFS_Q_DFS_ENUMEX *v)
+BOOL init_netdfs_q_dfs_EnumEx(NETDFS_Q_DFS_ENUMEX *v, uint32 level, uint32 
bufsize, NETDFS_DFS_ENUMSTRUCT *info, uint32 *total, const char *dfs_name)
 {
DEBUG(5,(init_netdfs_q_dfs_EnumEx\n));
+
+   if (!dfs_name)
+   return False;

+   init_unistr2(v-dfs_name, dfs_name, UNI_FLAGS_NONE|UNI_STR_TERMINATE);
+
+   v-level = level;
+   
+   v-bufsize = bufsize;
+   
+   if (info) {
+   v-ptr0_info = 1;
+   v-info = *info;
+   } else {
+   v-ptr0_info = 0;
+   }
+   
+   if (total) {
+   v-ptr0_total = 1;
+   v-total = *total;
+   } else {
+   v-ptr0_total = 0;
+   }
+   
return True;
 }
 
@@ -2583,6 +2606,42 @@

prs_debug(ps, depth, desc, netdfs_io_q_dfs_EnumEx);
depth++;
+   if (!prs_align_custom(ps, 4))
+   return False;
+   
+   if (!smb_io_unistr2(dfs_name, v-dfs_name, 1, ps, depth))
+   return False;
+   
+   if (!prs_align_custom(ps, 4))
+   return False;
+   
+   if (!prs_uint32(level, ps, depth, v-level))
+   return False;
+   
+   if (!prs_uint32(bufsize, ps, depth, v-bufsize))
+   return False;
+   
+   if (!prs_uint32(ptr0_info, ps, depth, v-ptr0_info))
+   return False;
+   
+   if (v-ptr0_info) {
+   if (!netdfs_io_dfs_EnumStruct_p(info, v-info, ps, depth))
+   return False;
+   if (!netdfs_io_dfs_EnumStruct_d(info, v-info, ps, depth))
+   return False;
+   }
+   
+   if (!prs_align_custom(ps, 4))
+   return False;
+   
+   if (!prs_uint32(ptr0_total, ps, depth, v-ptr0_total))
+   return False;
+   
+   if (v-ptr0_total) {
+   if (!prs_uint32(total, ps, depth, v-total))
+   return False;
+   }
+   
return True;
 }
 
@@ -2602,10 +2661,39 @@

prs_debug(ps, depth, desc, netdfs_io_r_dfs_EnumEx);
depth++;
+   if (!prs_uint32(ptr0_info, ps, depth, v-ptr0_info))
+   return False;
+   
+   if 

svn commit: samba r17455 - in tags: .

2006-08-08 Thread jerry
Author: jerry
Date: 2006-08-08 12:42:43 + (Tue, 08 Aug 2006)
New Revision: 17455

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17455

Log:
tagging 3.0.23b
Added:
   tags/release-3-0-23b/


Changeset:
Copied: tags/release-3-0-23b (from rev 17454, branches/SAMBA_3_0_RELEASE)



svn commit: samba-docs r981 - in tags: .

2006-08-08 Thread jerry
Author: jerry
Date: 2006-08-08 12:42:43 + (Tue, 08 Aug 2006)
New Revision: 981

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=981

Log:
tagging 3.0.23b
Added:
   tags/release-3-0-23b/


Changeset:
Copied: tags/release-3-0-23b (from rev 980, trunk)



svn commit: samba r17456 - in branches/SAMBA_3_0_RELEASE: .

2006-08-08 Thread jerry
Author: jerry
Date: 2006-08-08 12:43:39 + (Tue, 08 Aug 2006)
New Revision: 17456

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17456

Log:
fix typo in release notes
Modified:
   branches/SAMBA_3_0_RELEASE/WHATSNEW.txt


Changeset:
Modified: branches/SAMBA_3_0_RELEASE/WHATSNEW.txt
===
--- branches/SAMBA_3_0_RELEASE/WHATSNEW.txt 2006-08-08 12:42:43 UTC (rev 
17455)
+++ branches/SAMBA_3_0_RELEASE/WHATSNEW.txt 2006-08-08 12:43:39 UTC (rev 
17456)
@@ -31,7 +31,7 @@
 
 The reason for this change is that smbd has transitioned from
 access checks based on string comparisons to token based
-authorization.  All names are resolved to a SID and they verified
+authorization.  All names are resolved to a SID and then verified
 against the logged on user's NT user token.  Local names will
 resolve to a local SID, while qualified domain names will resolve
 to the appropriate domain SID.  



svn commit: samba-web r1025 - in trunk: . history patches

2006-08-08 Thread jerry
Author: jerry
Date: 2006-08-08 12:47:59 + (Tue, 08 Aug 2006)
New Revision: 1025

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-webrev=1025

Log:
3.0.23b release
Added:
   trunk/history/samba-3.0.23b.html
   trunk/patches/series-3.0.23b
Modified:
   trunk/header_columns.html
   trunk/index.html


Changeset:
Sorry, the patch is too large (7113 lines) to include; please use WebSVN to see 
it!
WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-webrev=1025


svn commit: samba r17457 - in branches/SAMBA_3_0/source: . include lib script/tests torture

2006-08-08 Thread vlendec
Author: vlendec
Date: 2006-08-08 13:54:43 + (Tue, 08 Aug 2006)
New Revision: 17457

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17457

Log:
Add a test to do some operations on group mapping.

Volker
Added:
   branches/SAMBA_3_0/source/torture/local-groupmap.c
   branches/SAMBA_3_0/source/torture/local-multikey.c
Modified:
   branches/SAMBA_3_0/source/Makefile.in
   branches/SAMBA_3_0/source/include/smb.h
   branches/SAMBA_3_0/source/lib/tdb_multikey.c
   branches/SAMBA_3_0/source/script/tests/test_smbtorture_s3.sh
   branches/SAMBA_3_0/source/torture/torture.c


Changeset:
Sorry, the patch is too large (913 lines) to include; please use WebSVN to see 
it!
WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17457


svn commit: samba r17458 - in branches/SAMBA_3_0_23/source/sam: .

2006-08-08 Thread gd
Author: gd
Date: 2006-08-08 15:32:15 + (Tue, 08 Aug 2006)
New Revision: 17458

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17458

Log:
Fix idmap_ad.
(align with changed idmap_methods interface)

Guenther

Modified:
   branches/SAMBA_3_0_23/source/sam/idmap_ad.c


Changeset:
Modified: branches/SAMBA_3_0_23/source/sam/idmap_ad.c
===
--- branches/SAMBA_3_0_23/source/sam/idmap_ad.c 2006-08-08 13:54:43 UTC (rev 
17457)
+++ branches/SAMBA_3_0_23/source/sam/idmap_ad.c 2006-08-08 15:32:15 UTC (rev 
17458)
@@ -139,12 +139,12 @@
 }
 
 /* no op */
-static NTSTATUS ad_idmap_init(const char *uri)
+static NTSTATUS ad_idmap_init(char *uri)
 {
return NT_STATUS_OK;
 }
 
-static NTSTATUS ad_idmap_get_sid_from_id(DOM_SID *sid, unid_t unid, int 
id_type, int flags)
+static NTSTATUS ad_idmap_get_sid_from_id(DOM_SID *sid, unid_t unid, int 
id_type)
 {
ADS_STATUS rc;
NTSTATUS status = NT_STATUS_NONE_MAPPED;



svn commit: samba r17459 - in branches/SAMBA_3_0/source/nsswitch: .

2006-08-08 Thread idra
Author: idra
Date: 2006-08-08 15:33:09 + (Tue, 08 Aug 2006)
New Revision: 17459

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17459

Log:

As by Jerry's word commit this without his review.

This patch add some missing async functions to
solve UID/GID - SID requests not just out of the cache,
but down the remote idmap if necessary.

This patch solves the problem of servers not showing users/groups names
for allocated UID/GIDs when joined to a group of servers that share a
prepopulated idmap backend.

Also correctly resolve UID/GIDs to SIDs when looking ACLs from the
windows security tab on teh same situation.

Simo.


Modified:
   branches/SAMBA_3_0/source/nsswitch/winbindd_async.c
   branches/SAMBA_3_0/source/nsswitch/winbindd_dual.c
   branches/SAMBA_3_0/source/nsswitch/winbindd_group.c
   branches/SAMBA_3_0/source/nsswitch/winbindd_nss.h
   branches/SAMBA_3_0/source/nsswitch/winbindd_sid.c
   branches/SAMBA_3_0/source/nsswitch/winbindd_user.c


Changeset:
Modified: branches/SAMBA_3_0/source/nsswitch/winbindd_async.c
===
--- branches/SAMBA_3_0/source/nsswitch/winbindd_async.c 2006-08-08 15:32:15 UTC 
(rev 17458)
+++ branches/SAMBA_3_0/source/nsswitch/winbindd_async.c 2006-08-08 15:33:09 UTC 
(rev 17459)
@@ -1524,3 +1524,113 @@
do_async_domain(mem_ctx, domain, request, query_user_recv,
(void *)cont, private_data);
 }
+
+/* The following uid2sid/gid2sid functions has been contributed by
+ * Keith Reynolds [EMAIL PROTECTED] */
+
+static void winbindd_uid2sid_recv(TALLOC_CTX *mem_ctx, BOOL success,
+ struct winbindd_response *response,
+ void *c, void *private_data)
+{
+   void (*cont)(void *priv, BOOL succ, const char *sid) = c;
+
+   if (!success) {
+   DEBUG(5, (Could not trigger uid2sid\n));
+   cont(private_data, False, NULL);
+   return;
+   }
+
+   if (response-result != WINBINDD_OK) {
+   DEBUG(5, (uid2sid returned an error\n));
+   cont(private_data, False, NULL);
+   return;
+   }
+
+   cont(private_data, True, response-data.sid.sid);
+}
+
+void winbindd_uid2sid_async(TALLOC_CTX *mem_ctx, uid_t uid,
+   void (*cont)(void *private_data, BOOL success, 
const char *sid),
+   void *private_data)
+{
+   struct winbindd_request request;
+
+   ZERO_STRUCT(request);
+   request.cmd = WINBINDD_DUAL_UID2SID;
+   request.data.uid = uid;
+   do_async(mem_ctx, idmap_child(), request, winbindd_uid2sid_recv, cont, 
private_data);
+}
+
+enum winbindd_result winbindd_dual_uid2sid(struct winbindd_domain *domain,
+  struct winbindd_cli_state *state)
+{
+   DOM_SID sid;
+   NTSTATUS result;
+
+   DEBUG(3,([%5lu]: uid to sid %lu\n,
+(unsigned long)state-pid,
+(unsigned long) state-request.data.uid));
+
+   /* Find sid for this uid and return it, possibly ask the slow remote 
idmap */
+   result = idmap_uid_to_sid(sid, state-request.data.uid, 
IDMAP_FLAG_NONE);
+
+   if (NT_STATUS_IS_OK(result)) {
+   sid_to_string(state-response.data.sid.sid, sid);
+   state-response.data.sid.type = SID_NAME_USER;
+   return WINBINDD_OK;
+   }
+
+   return WINBINDD_ERROR;
+}
+
+static void winbindd_gid2sid_recv(TALLOC_CTX *mem_ctx, BOOL success,
+ struct winbindd_response *response,
+ void *c, void *private_data)
+{
+   void (*cont)(void *priv, BOOL succ, const char *sid) = c;
+
+   if (!success) {
+   DEBUG(5, (Could not trigger gid2sid\n));
+   cont(private_data, False, NULL);
+   return;
+   }
+
+   cont(private_data, True, response-data.sid.sid);
+}
+
+void winbindd_gid2sid_async(TALLOC_CTX *mem_ctx, gid_t gid,
+   void (*cont)(void *private_data, BOOL success, 
const char *sid),
+   void *private_data)
+{
+   struct winbindd_request request;
+
+   ZERO_STRUCT(request);
+   request.cmd = WINBINDD_DUAL_GID2SID;
+   request.data.gid = gid;
+   do_async(mem_ctx, idmap_child(), request, winbindd_gid2sid_recv, cont, 
private_data);
+}
+
+enum winbindd_result winbindd_dual_gid2sid(struct winbindd_domain *domain,
+  struct winbindd_cli_state *state)
+{
+   DOM_SID sid;
+   NTSTATUS result;
+
+   DEBUG(3,([%5lu]: gid %lu to sid\n,
+   (unsigned long)state-pid,
+   (unsigned long) state-request.data.gid));
+
+   /* Find sid for this gid and return it, possibly ask the slow remote 
idmap */
+   result = idmap_gid_to_sid(sid, state-request.data.gid, 
IDMAP_FLAG_NONE);
+
+   if 

svn commit: samba r17460 - in branches/SAMBA_3_0/source/tdb: .

2006-08-08 Thread vlendec
Author: vlendec
Date: 2006-08-08 16:08:22 + (Tue, 08 Aug 2006)
New Revision: 17460

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17460

Log:
First step at fixing the build breakage with the groupmapping test. On Linux,
F_RDLCK is defined to 0, for example NetBSD has it at 1.

Still does not work fully though. Still investigating.

This might also be interesting to Samba4.

Volker
Modified:
   branches/SAMBA_3_0/source/tdb/traverse.c


Changeset:
Modified: branches/SAMBA_3_0/source/tdb/traverse.c
===
--- branches/SAMBA_3_0/source/tdb/traverse.c2006-08-08 15:33:09 UTC (rev 
17459)
+++ branches/SAMBA_3_0/source/tdb/traverse.c2006-08-08 16:08:22 UTC (rev 
17460)
@@ -261,6 +261,7 @@
if (tdb_unlock_record(tdb, tdb-travlocks.off) != 0)
return tdb_null;
tdb-travlocks.off = tdb-travlocks.hash = 0;
+   tdb-travlocks.lock_rw = F_RDLCK;
 
if (tdb_next_lock(tdb, tdb-travlocks, rec) = 0)
return tdb_null;



svn commit: samba r17461 - in branches/SAMBA_3_0/source/nsswitch: .

2006-08-08 Thread jra
Author: jra
Date: 2006-08-08 17:34:51 + (Tue, 08 Aug 2006)
New Revision: 17461

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17461

Log:
Ensure we never save a NULL SID mapping. || should be .
Found by Whitfield school.
Jeremy.

Modified:
   branches/SAMBA_3_0/source/nsswitch/winbindd_cache.c


Changeset:
Modified: branches/SAMBA_3_0/source/nsswitch/winbindd_cache.c
===
--- branches/SAMBA_3_0/source/nsswitch/winbindd_cache.c 2006-08-08 16:08:22 UTC 
(rev 17460)
+++ branches/SAMBA_3_0/source/nsswitch/winbindd_cache.c 2006-08-08 17:34:51 UTC 
(rev 17461)
@@ -1241,7 +1241,7 @@
status = domain-backend-name_to_sid(domain, mem_ctx, domain_name, 
name, sid, type);
 
/* and save it */
-   if (domain-online || !is_null_sid(sid)) {
+   if (domain-online  !is_null_sid(sid)) {
wcache_save_name_to_sid(domain, status, domain_name, name, sid, 
*type);
}
 



svn commit: samba r17462 - in branches/SAMBA_3_0/source/nsswitch: .

2006-08-08 Thread idra
Author: idra
Date: 2006-08-08 18:38:33 + (Tue, 08 Aug 2006)
New Revision: 17462

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17462

Log:

Fix a cutpaste bug that caused us to return a null SID on some error conditions


Modified:
   branches/SAMBA_3_0/source/nsswitch/winbindd_async.c


Changeset:
Modified: branches/SAMBA_3_0/source/nsswitch/winbindd_async.c
===
--- branches/SAMBA_3_0/source/nsswitch/winbindd_async.c 2006-08-08 17:34:51 UTC 
(rev 17461)
+++ branches/SAMBA_3_0/source/nsswitch/winbindd_async.c 2006-08-08 18:38:33 UTC 
(rev 17462)
@@ -1595,6 +1595,12 @@
return;
}
 
+   if (response-result != WINBINDD_OK) {
+   DEBUG(5, (gid2sid returned an error\n));
+   cont(private_data, False, NULL);
+   return;
+   }
+
cont(private_data, True, response-data.sid.sid);
 }
 



svn commit: samba-docs r982 - in trunk/smbdotconf/security: .

2006-08-08 Thread sfrench
Author: sfrench
Date: 2006-08-08 19:04:38 + (Tue, 08 Aug 2006)
New Revision: 982

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=982

Log:
Fix multiple typos/spelling mistakes

Modified:
   trunk/smbdotconf/security/security.xml


Changeset:
Modified: trunk/smbdotconf/security/security.xml
===
--- trunk/smbdotconf/security/security.xml  2006-08-08 12:42:43 UTC (rev 
981)
+++ trunk/smbdotconf/security/security.xml  2006-08-08 19:04:38 UTC (rev 
982)
@@ -201,13 +201,13 @@
 /para
 
noteparaThis mode of operation has
-significant pitfalls, due to the fact that is activly initiates a
-man-in-the-middle attack on the remote SMB server.  In particular,
+significant pitfalls since it is more vulnerable to
+man-in-the-middle attacks and server impersonation.  In particular,
 this mode of operation can cause significant resource consuption on
 the PDC, as it must maintain an active connection for the duration
 of the user's session.  Furthermore, if this connection is lost,
-there is no way to reestablish it, and futher authenticaions to the
-Samba server may fail.  (From a single client, till it disconnects).
+there is no way to reestablish it, and futher authentications to the
+Samba server may fail (from a single client, till it disconnects).
/para/note
 
noteparaFrom the client's point of 



svn commit: samba r17464 - in branches/SAMBA_3_0/source/nsswitch: .

2006-08-08 Thread jra
Author: jra
Date: 2006-08-08 20:35:17 + (Tue, 08 Aug 2006)
New Revision: 17464

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17464

Log:
Ensure we use a hash16 data type, not a string,
for storing offline hashes.
Jeremy.

Modified:
   branches/SAMBA_3_0/source/nsswitch/winbindd_cache.c


Changeset:
Modified: branches/SAMBA_3_0/source/nsswitch/winbindd_cache.c
===
--- branches/SAMBA_3_0/source/nsswitch/winbindd_cache.c 2006-08-08 19:29:34 UTC 
(rev 17463)
+++ branches/SAMBA_3_0/source/nsswitch/winbindd_cache.c 2006-08-08 20:35:17 UTC 
(rev 17464)
@@ -269,9 +269,40 @@
return ret;
 }
 
-/* pull a string from a cache entry, using the supplied
+/* pull a hash16 from a cache entry, using the supplied
talloc context 
 */
+static char *centry_hash16(struct cache_entry *centry, TALLOC_CTX *mem_ctx)
+{
+   uint32 len;
+   char *ret;
+
+   len = centry_uint8(centry);
+
+   if (len != 16) {
+   DEBUG(0,(centry corruption? hash len (%u) != 16\n, 
+   len ));
+   smb_panic(centry_hash16);
+   }
+
+   if (centry-len - centry-ofs  16) {
+   DEBUG(0,(centry corruption? needed 16 bytes, have %d\n, 
+centry-len - centry-ofs));
+   smb_panic(centry_hash16);
+   }
+
+   ret = TALLOC_ARRAY(mem_ctx, char, 16);
+   if (!ret) {
+   smb_panic(centry_hash out of memory\n);
+   }
+   memcpy(ret,centry-data + centry-ofs, 16);
+   centry-ofs += 16;
+   return ret;
+}
+
+/* pull a sid from a cache entry, using the supplied
+   talloc context 
+*/
 static BOOL centry_sid(struct cache_entry *centry, TALLOC_CTX *mem_ctx, 
DOM_SID *sid)
 {
char *sid_string;
@@ -630,6 +661,17 @@
centry-ofs += len;
 }
 
+/* 
+   push a 16 byte hash into a centry - treat as 16 byte string.
+ */
+static void centry_put_hash16(struct cache_entry *centry, const uint8 val[16])
+{
+   centry_put_uint8(centry, 16);
+   centry_expand(centry, 16);
+   memcpy(centry-data + centry-ofs, val, 16);
+   centry-ofs += 16;
+}
+
 static void centry_put_sid(struct cache_entry *centry, const DOM_SID *sid) 
 {
fstring sid_string;
@@ -865,7 +907,7 @@
}
 
t = centry_time(centry);
-   *cached_nt_pass = (const uint8 *)centry_string(centry, mem_ctx);
+   *cached_nt_pass = (const uint8 *)centry_hash16(centry, mem_ctx);
 
 #if DEBUG_PASSWORD
dump_data(100, (const char *)cached_nt_pass, NT_HASH_LEN);
@@ -906,7 +948,7 @@
 #endif
 
centry_put_time(centry, time(NULL));
-   centry_put_string(centry, (const char *)nt_pass);
+   centry_put_hash16(centry, nt_pass);
centry_end(centry, CRED/%s, sid_to_string(sid_string, sid));
 
DEBUG(10,(wcache_save_creds: %s\n, sid_string));



svn commit: samba r17465 - in branches/SAMBA_3_0/source: groupdb passdb utils

2006-08-08 Thread vlendec
Author: vlendec
Date: 2006-08-08 20:50:35 + (Tue, 08 Aug 2006)
New Revision: 17465

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17465

Log:
Get rid of add_initial_entry. In the two places it was called in it seemed a
bit pointless to me.

Volker
Modified:
   branches/SAMBA_3_0/source/groupdb/mapping.c
   branches/SAMBA_3_0/source/passdb/pdb_interface.c
   branches/SAMBA_3_0/source/utils/net_groupmap.c


Changeset:
Modified: branches/SAMBA_3_0/source/groupdb/mapping.c
===
--- branches/SAMBA_3_0/source/groupdb/mapping.c 2006-08-08 20:35:17 UTC (rev 
17464)
+++ branches/SAMBA_3_0/source/groupdb/mapping.c 2006-08-08 20:50:35 UTC (rev 
17465)
@@ -134,31 +134,6 @@
 }
 
 /
-initialise first time the mapping list
-/
-NTSTATUS add_initial_entry(gid_t gid, const char *sid, enum SID_NAME_USE 
sid_name_use, const char *nt_name, const char *comment)
-{
-   GROUP_MAP map;
-
-   if(!init_group_mapping()) {
-   DEBUG(0,(failed to initialize group mapping\n));
-   return NT_STATUS_UNSUCCESSFUL;
-   }
-   
-   map.gid=gid;
-   if (!string_to_sid(map.sid, sid)) {
-   DEBUG(0, (string_to_sid failed: %s, sid));
-   return NT_STATUS_UNSUCCESSFUL;
-   }
-   
-   map.sid_name_use=sid_name_use;
-   fstrcpy(map.nt_name, nt_name);
-   fstrcpy(map.comment, comment);
-
-   return pdb_add_group_mapping_entry(map);
-}
-
-/
  Map a unix group to a newly created mapping
 /
 NTSTATUS map_unix_group(const struct group *grp, GROUP_MAP *pmap)

Modified: branches/SAMBA_3_0/source/passdb/pdb_interface.c
===
--- branches/SAMBA_3_0/source/passdb/pdb_interface.c2006-08-08 20:35:17 UTC 
(rev 17464)
+++ branches/SAMBA_3_0/source/passdb/pdb_interface.c2006-08-08 20:50:35 UTC 
(rev 17465)
@@ -584,7 +584,7 @@
 const char *name,
 uint32 *rid)
 {
-   DOM_SID group_sid;
+   GROUP_MAP map;
struct group *grp;
 
grp = getgrnam(name);
@@ -611,10 +611,12 @@
}
}
 
-   sid_compose(group_sid, get_global_sam_sid(), *rid);
-   
-   return add_initial_entry(grp-gr_gid, sid_string_static(group_sid),
-SID_NAME_DOM_GRP, name, NULL);
+   map.gid = grp-gr_gid;
+   map.sid_name_use = SID_NAME_DOM_GRP;
+   sid_compose(map.sid, get_global_sam_sid(), *rid);
+   fstrcpy(map.nt_name, name);
+   map.comment[0] = '\0';
+   return pdb_add_group_mapping_entry(map);
 }
 
 NTSTATUS pdb_create_dom_group(TALLOC_CTX *mem_ctx, const char *name,

Modified: branches/SAMBA_3_0/source/utils/net_groupmap.c
===
--- branches/SAMBA_3_0/source/utils/net_groupmap.c  2006-08-08 20:35:17 UTC 
(rev 17464)
+++ branches/SAMBA_3_0/source/utils/net_groupmap.c  2006-08-08 20:50:35 UTC 
(rev 17465)
@@ -182,16 +182,12 @@
 
 static int net_groupmap_add(int argc, const char **argv)
 {
-   DOM_SID sid;
-   fstring ntgroup = ;
fstring unixgrp = ;
fstring string_sid = ;
fstring type = ;
-   fstring ntcomment = ;
-   enum SID_NAME_USE sid_type = SID_NAME_DOM_GRP;
uint32 rid = 0; 
-   gid_t gid;
int i;
+   GROUP_MAP map;

/* get the options */
for ( i=0; iargc; i++ ) {
@@ -210,8 +206,8 @@
}   
}
else if ( !StrnCaseCmp(argv[i], ntgroup, strlen(ntgroup)) ) 
{
-   fstrcpy( ntgroup, get_string_param( argv[i] ) );
-   if ( !ntgroup[0] ) {
+   fstrcpy( map.nt_name, get_string_param( argv[i] ) );
+   if ( !map.nt_name[0] ) {
d_fprintf(stderr, must supply a name\n);
return -1;
}   
@@ -221,11 +217,16 @@
if ( !string_sid[0] ) {
d_fprintf(stderr, must supply a SID\n);
return -1;
-   }   
+   }
+   if (!string_to_sid(map.sid, string_sid)) {
+   d_fprintf(stderr, %s is not a valid SID\n,
+ string_sid);
+   return -1;
+   }
}
else if ( 

Build status as of Wed Aug 9 00:00:01 2006

2006-08-08 Thread build
URL: http://build.samba.org/

--- /home/build/master/cache/broken_results.txt.old 2006-08-08 
00:00:03.0 +
+++ /home/build/master/cache/broken_results.txt 2006-08-09 00:00:08.0 
+
@@ -1,18 +1,18 @@
-Build status as of Tue Aug  8 00:00:02 2006
+Build status as of Wed Aug  9 00:00:01 2006
 
 Build counts:
 Tree Total  Broken Panic 
 SOC  0  0  0 
 ccache   24 4  0 
-distcc   24 2  0 
+distcc   25 2  0 
 lorikeet-heimdal 0  0  0 
-ppp  15 0  0 
+ppp  14 0  0 
 rsync24 0  0 
 samba0  0  0 
 samba-docs   0  0  0 
-samba4   36 22 2 
-samba_3_035 6  0 
+samba4   36 24 2 
+samba_3_034 10 0 
 smb-build22 22 0 
-talloc   27 10 0 
-tdb  18 8  0 
+talloc   27 11 0 
+tdb  18 6  0 
 


svn commit: samba-web r1026 - in trunk: . devel history

2006-08-08 Thread deryck
Author: deryck
Date: 2006-08-09 00:14:52 + (Wed, 09 Aug 2006)
New Revision: 1026

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-webrev=1026

Log:
Move old release announcement to history.
Update latest release links through out.


Modified:
   trunk/devel/index.html
   trunk/history/index.html
   trunk/index.html


Changeset:
Modified: trunk/devel/index.html
===
--- trunk/devel/index.html  2006-08-08 12:47:59 UTC (rev 1025)
+++ trunk/devel/index.html  2006-08-09 00:14:52 UTC (rev 1026)
@@ -14,8 +14,8 @@
 
 pAs of 4 April 2004, the Samba Team converted from CVS to Subversion for 
maintaining the Samba source code.  All current development is done in a 
Subversion repository.  All older code is in the original CVS tree; this would 
include 2.2.x versions of Samba, which are no longer in active development./p
 
-pThe latest production release is emSamba 3.0.23a/em (a
-href=/samba/history/samba-3.0.23a.htmlrelease notes/a and a
+pThe latest production release is emSamba 3.0.23b/em (a
+href=/samba/history/samba-3.0.23b.htmlrelease notes/a and a
 href=/samba/download/download/a)./p 
 
 pOngoing future research is being done for Samba 4.0

Modified: trunk/history/index.html
===
--- trunk/history/index.html2006-08-08 12:47:59 UTC (rev 1025)
+++ trunk/history/index.html2006-08-09 00:14:52 UTC (rev 1026)
@@ -6,8 +6,8 @@
 
 div class=latest 
   ul
-  liLatest Release mdash; a href=/samba/#latestSamba 3.0.23a/a/li
-  liCurrent Stable Release mdash; a href=/samba/#latestSamba 
3.0.23a/a/li 
+  liLatest Release mdash; a href=/samba/#latestSamba 3.0.23b/a/li
+  liCurrent Stable Release mdash; a href=/samba/#latestSamba 
3.0.23b/a/li 
   !-- Second link will point to #stable on this page when current release is 
a development release --
   /ul
 /div
@@ -16,7 +16,26 @@
 
 
 h2Previous Release Announcments/h2
+h4a21 Jul 2006/a/h4
+p class=headlineSamba 3.0.23a Available for Download/p
 
+pThe Samba Team is pleased to announce the general availability of Samba 
3.0.23a.
+This is the latest stable release of Samba. This is the version 
+that production Samba servers should be running for all current 
+bug-fixes.  Please read the changes in the 
+a href=http://www.samba.org/samba/history/samba-3.0.23a.html;Release 
Notes/a
+for details on new features and difference in behavior 
+from previous releases./p
+
+pThe a href=/samba/ftp/samba-3.0.23a.tar.gzSamba 3.0.23a
+source code/a can be downloaded now.  The a
+href=/samba/ftp/samba-3.0.23a.tar.ascGnuPG
+signature for the emun/emcompressed tarball/a is also 
+available.  Precompiled packages are available in the 
+a href=/samba/ftp/Binary_Packages/Binary_Packages
+download area/a./p
+
+
 h4a10 Jul 2006/a/h4
 p class=headlineSamba 3.0.23 Available for Download/p
 
@@ -271,35 +290,4 @@
 Packages for other platforms will be available shortly./p
 
 
-h4a30 Dec 2005/a/h4
-p class=headlineSamba 3.0.21a Available for Download/p
-
-pThis is the latest stable release of Samba. This is the version
-that production Samba servers should be running for all current
-bug-fixes.  This release is to address a bug in the oplock code 
-which may cause clients to stall when multiple users are accessing 
-a share concurrently (a href=https://bugzilla.samba.org/bug/3349;BUG 
3349/a).
-Please read the a 
-href=/samba/history/samba-3.0.21a.htmlchanges in this release/a./p
-
-pThe a href=/samba/ftp/samba-3.0.21a.tar.gzSamba 3.0.21a
-source code/a can be downloaded now.  The a
-href=/samba/ftp/samba-3.0.21a.tar.ascGnuPG
-signature for the emun/emcompressed tarball/a is also available.
-If you prefer to download just the diff from 3.0.21 to 3.0.21a, the 
-a href=/samba/ftp/patch-3.0.21-3.0.21a.diffs.gzpatch file/a 
-(a href=/samba/ftp/patch-3.0.21-3.0.21a.diffs.ascgpg signature/a) is 
also available.  
-The single patch for Samba 3.0.21 is available from 
-a href=http://www.samba.org/samba/patches/;the patches page/a.
-Precompiled packages for Fedora Core 4, RedHat 9, AIX, and Solaris are 
available in the
-a href=/samba/ftp/Binary_Packages/Binary_Packages download area/a.  
-Packages for other platforms will be available shortly./p
-
-pSamba 3.0.21a is also available via BitTorrent
-(a 
href=http://torrent.samba.org/samba/ftp/samba-3.0.21a.tar.gz.torrent;samba-3.0.21a.tar.gz.torrent/a).
-Note that when downloading via BitTorrent, you are encouraged
-to verify the resulting uncompressed tarball's
-a href=/samba/ftp/samba-3.0.21a.tar.ascGPG signature/a./p
-
-
 !--#include virtual=footer_history.html --

Modified: trunk/index.html
===
--- trunk/index.html2006-08-08 12:47:59 UTC (rev 1025)
+++ trunk/index.html2006-08-09 00:14:52 UTC (rev 1026)
@@ -15,7 +15,7 @@
 
 h2Current Release/h2
 
-h4a name=latest7 Aug 2006/a/h4
+h4a name=latest8 Aug 2006/a/h4
 

svn commit: samba r17466 - in branches/SAMBA_3_0_23/source/nsswitch: .

2006-08-08 Thread jra
Author: jra
Date: 2006-08-09 02:21:04 + (Wed, 09 Aug 2006)
New Revision: 17466

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=17466

Log:
Merge over winbindd critical fixes :

Ensure we never save a NULL SID mapping. || should be .
Found by Whitfield school.

Ensure we use a hash16 data type, not a string,
for storing offline hashes.

Jeremy.

Modified:
   branches/SAMBA_3_0_23/source/nsswitch/winbindd_cache.c


Changeset:
Modified: branches/SAMBA_3_0_23/source/nsswitch/winbindd_cache.c
===
--- branches/SAMBA_3_0_23/source/nsswitch/winbindd_cache.c  2006-08-08 
20:50:35 UTC (rev 17465)
+++ branches/SAMBA_3_0_23/source/nsswitch/winbindd_cache.c  2006-08-09 
02:21:04 UTC (rev 17466)
@@ -269,9 +269,40 @@
return ret;
 }
 
-/* pull a string from a cache entry, using the supplied
+/* pull a hash16 from a cache entry, using the supplied
talloc context 
 */
+static char *centry_hash16(struct cache_entry *centry, TALLOC_CTX *mem_ctx)
+{
+   uint32 len;
+   char *ret;
+
+   len = centry_uint8(centry);
+
+   if (len != 16) {
+   DEBUG(0,(centry corruption? hash len (%u) != 16\n, 
+   len ));
+   smb_panic(centry_hash16);
+   }
+
+   if (centry-len - centry-ofs  16) {
+   DEBUG(0,(centry corruption? needed 16 bytes, have %d\n, 
+centry-len - centry-ofs));
+   smb_panic(centry_hash16);
+   }
+
+   ret = TALLOC_ARRAY(mem_ctx, char, 16);
+   if (!ret) {
+   smb_panic(centry_hash out of memory\n);
+   }
+   memcpy(ret,centry-data + centry-ofs, 16);
+   centry-ofs += 16;
+   return ret;
+}
+
+/* pull a sid from a cache entry, using the supplied
+   talloc context 
+*/
 static BOOL centry_sid(struct cache_entry *centry, TALLOC_CTX *mem_ctx, 
DOM_SID *sid)
 {
char *sid_string;
@@ -629,6 +660,17 @@
centry-ofs += len;
 }
 
+/* 
+   push a 16 byte hash into a centry - treat as 16 byte string.
+ */
+static void centry_put_hash16(struct cache_entry *centry, const uint8 val[16])
+{
+   centry_put_uint8(centry, 16);
+   centry_expand(centry, 16);
+   memcpy(centry-data + centry-ofs, val, 16);
+   centry-ofs += 16;
+}
+
 static void centry_put_sid(struct cache_entry *centry, const DOM_SID *sid) 
 {
fstring sid_string;
@@ -864,7 +906,7 @@
}
 
t = centry_time(centry);
-   *cached_nt_pass = (const uint8 *)centry_string(centry, mem_ctx);
+   *cached_nt_pass = (const uint8 *)centry_hash16(centry, mem_ctx);
 
 #if DEBUG_PASSWORD
dump_data(100, (const char *)cached_nt_pass, NT_HASH_LEN);
@@ -905,7 +947,7 @@
 #endif
 
centry_put_time(centry, time(NULL));
-   centry_put_string(centry, (const char *)nt_pass);
+   centry_put_hash16(centry, nt_pass);
centry_end(centry, CRED/%s, sid_to_string(sid_string, sid));
 
DEBUG(10,(wcache_save_creds: %s\n, sid_string));
@@ -1240,7 +1282,7 @@
status = domain-backend-name_to_sid(domain, mem_ctx, domain_name, 
name, sid, type);
 
/* and save it */
-   if (domain-online || !is_null_sid(sid)) {
+   if (domain-online  !is_null_sid(sid)) {
wcache_save_name_to_sid(domain, status, domain_name, name, sid, 
*type);
}