svn commit: samba r9397 - in branches/SAMBA_4_0/swat: . desktop scripting
Author: deryck Date: 2005-08-19 12:02:30 + (Fri, 19 Aug 2005) New Revision: 9397 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=9397 Log: Playing with qooxdoo a bit and saving my work, so I can get to it later today at work. Not much to see yet, and not linked to from SWAT yet. Playing with the idea of a web-based desktop, and just seeing how widgets can be used. deryck Added: branches/SAMBA_4_0/swat/desktop/ branches/SAMBA_4_0/swat/desktop/index.esp branches/SAMBA_4_0/swat/scripting/footer_desktop.esp branches/SAMBA_4_0/swat/scripting/header_desktop.esp Changeset: Added: branches/SAMBA_4_0/swat/desktop/index.esp === --- branches/SAMBA_4_0/swat/desktop/index.esp 2005-08-18 22:36:12 UTC (rev 9396) +++ branches/SAMBA_4_0/swat/desktop/index.esp 2005-08-19 12:02:30 UTC (rev 9397) @@ -0,0 +1,168 @@ +% +/*** Reg stuff ***/ +libinclude(base.js); +libinclude(winreg.js); +libinclude(server_call.js); + +/* + server side call to return a listing of elements in a winreg path +*/ +function enum_path(binding, path) { + printf(enum_path(%s, %s)\n, binding, path); + var reg = winreg_init(); + security_init(reg); + + reg.credentials = session.authinfo.credentials; + + var status = reg.connect(binding); + if (status.is_ok != true) { + printVars(status); + return undefined; + } + var list = winreg_enum_path(reg, path); + return list; +} + +/* register a call for clients to make */ +var call = servCallObj(); +call.add('enum_path', enum_path); + +/* run the function that was asked for */ +call.run(); +/** endReg stuff */ + + page_header(desktop, Virtual Desktop Design Test, desktop); +% + +script type=text/javascript src=/scripting/client/encoder.js/script +script type=text/javascript src=/scripting/client/call.js/script + +script type=text/javascript + +function folder_list(fParent, list) { + var i; + fParent.populated = true; + fParent.removeAll(); + for (i=0;ilist.length;i++) { + var fChild; + fChild = new QxTreeFolder(list[i]); + fParent.add(fChild); + fChild.binding = fParent.binding; + if (fParent.reg_path == '') { + fChild.reg_path = list[i]; + } else { + fChild.reg_path = fParent.reg_path + '' + list[i]; + } + fChild.add(new QxTreeFolder('Working ...')); + fChild.addEventListener(click, function() { + var el = this; folder_click(el); + }); + fParent.setOpen(1); + } +} + +function folder_click(node) { + if (!node.populated) { + server_call_url(@@request.REQUEST_URI, 'enum_path', + function(list) { folder_list(node, list); }, + node.binding, node.reg_path); + } +} + +/* return a registry tree for the given server */ +function registry_tree(binding) { + var tree = new QxTree(registry: + binding); + tree.binding = binding; + tree.reg_path = ; + tree.populated = false; + with(tree) + { +setBackgroundColor(255); +setBorder(QxBorder.presets.inset); +setOverflow(scroll); +setStyleProperty(padding, 2px); +setWidth(400); +setHeight(400); +setTop(20); + } + tree.addEventListener(click, function() { + var el = this; folder_click(el); + }); + return tree; +} + +/*** init the page for qooxdoo ***/ +window.application.main = function() +{ + // Don't declare local with var + doc = this.getClientWindow().getClientDocument(); +} + +function showReg() +{ +var inlineWidget = new QxInline; +var fieldSet = new QxFieldSet(Registry); +var binding = ncalrpc:; + +with(fieldSet) +{ + setWidth(40%); + setMinHeight(500); + setBottom(48); + setMinWidth(500); + setBackgroundColor(#FFF); +}; + +var gl = new QxGridLayout(auto,auto,auto,auto,auto, 100%); +gl.setEdge(0); +gl.setCellPaddingTop(3); +gl.setCellPaddingBottom(3); + + inlineWidget.add(fieldSet); + +var t = registry_tree(binding); + +function change_binding(e) { + binding = e.getNewValue(); + srv_printf(changed binding to %s\\n, binding); + gl.remove(t); + t = registry_tree(binding); + gl.add(t, { row : 2, col : 1 }); +} + +var b = new QxTextField(binding); +b.addEventListener(changeText, change_binding); + +gl.add(b, { row : 1, col : 1 }); +gl.add(t, { row : 2, col : 1 }); + +fieldSet.add(gl); +inlineWidget.add(fieldSet); +doc.add(inlineWidget, canvas); + +w1.setVisible(false); +} + +function startSwat() +{ + // Don't declare
svn commit: lorikeet r428 - in trunk/sangria/src/LatestDesign: . cgi classes/AccountManager classes/GroupManager classes/ServerObjects config docs test
Author: amit Date: 2005-08-19 13:03:46 + (Fri, 19 Aug 2005) New Revision: 428 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=lorikeetrev=428 Log: new test files added and CGI scripts updated to make them run under apache web server Added: trunk/sangria/src/LatestDesign/cgi/.htaccess trunk/sangria/src/LatestDesign/cgi/.htpasswd trunk/sangria/src/LatestDesign/classes/AccountManager/New_AccountManagerClass.py trunk/sangria/src/LatestDesign/config/ trunk/sangria/src/LatestDesign/config/config.py trunk/sangria/src/LatestDesign/test/fileshare_test.py trunk/sangria/src/LatestDesign/test/printshare_test.py trunk/sangria/src/LatestDesign/test/server_test.py trunk/sangria/src/LatestDesign/test/setserver_params.py Removed: trunk/sangria/src/LatestDesign/test/test.py Modified: trunk/sangria/src/LatestDesign/cgi/cgi_lib.py trunk/sangria/src/LatestDesign/cgi/fileshare_result.cgi trunk/sangria/src/LatestDesign/cgi/smb.conf trunk/sangria/src/LatestDesign/classes/GroupManager/GroupManagerClass.py trunk/sangria/src/LatestDesign/classes/ServerObjects/ServerClass.py trunk/sangria/src/LatestDesign/docs/HOW-TO.TXT Changeset: Sorry, the patch is too large (976 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=lorikeetrev=428
svn commit: lorikeet r429 - in trunk/ntacl-lsm: .
Author: metze Date: 2005-08-19 13:36:29 + (Fri, 19 Aug 2005) New Revision: 429 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=lorikeetrev=429 Log: a bunch of updates, to come closer to real access checking metze Added: trunk/ntacl-lsm/access_check.h Modified: trunk/ntacl-lsm/main.c Changeset: Sorry, the patch is too large (696 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=lorikeetrev=429
svn commit: samba-docs r797 - in trunk/smbdotconf/security: .
Author: jra Date: 2005-08-19 16:40:15 + (Fri, 19 Aug 2005) New Revision: 797 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=797 Log: Added acl group control docs. Jeremy. Added: trunk/smbdotconf/security/aclgroupcontrol.xml Changeset: Added: trunk/smbdotconf/security/aclgroupcontrol.xml === --- trunk/smbdotconf/security/aclgroupcontrol.xml 2005-08-18 00:36:55 UTC (rev 796) +++ trunk/smbdotconf/security/aclgroupcontrol.xml 2005-08-19 16:40:15 UTC (rev 797) @@ -0,0 +1,47 @@ +samba:parameter name=acl group control + context=S +type=boolean + xmlns:samba=http://www.samba.org/samba/DTD/samba-doc; +description + para + In a POSIX filesystem, only the owner of a file or directory and the superuser can modify the permissions + and ACLs on a file. If this parameter is set, then Samba overrides this restriction, and also allows the + emphasisprimary group owner/emphasis of a file or directory to modify the permissions and ACLs + on that file. + /para + para + On a Windows server, groups may be the owner of a file or directory - thus allowing anyone in + that group to modify the permissions on it. This allows the delegation of security controls + on a point in the filesystem to the group owner of a directory and anything below it also owned + by that group. This means there are multiple people with permissions to modify ACLs on a file + or directory, easing managability. + /para + para + This parameter allows Samba to also permit delegation of the control over a point in the exported + directory hierarchy in much the same was as Windows. This allows all members of a UNIX group to + control the permissions on a file or directory they have group ownership on. + /para + + para + This parameter is best used with the smbconfoption name=inherit owner/ option and also + on on a share containing directories with the UNIX emphasissetgid bit/emphasis bit set + on them, which causes new files and directories created within it to inherit the group + ownership from the containing directory. + /para + + para + This is a new parameter introduced in Samba 3.0.20. + /para + + para + This can be particularly useful to allow groups to manage their own security on a part + of the filesystem they have group ownership of, removing the bottleneck of having only + the user owner or superuser able to reset permissions. + /para +/description + +relatedinherit owner/related +relatedinherit permissions/related + +value type=defaultno/value +/samba:parameter
svn commit: samba r9398 - in branches/SAMBA_3_0_RELEASE/source: .
Author: jerry Date: 2005-08-19 17:14:39 + (Fri, 19 Aug 2005) New Revision: 9398 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=9398 Log: cutting 3.0.20 Modified: branches/SAMBA_3_0_RELEASE/source/VERSION Changeset: Modified: branches/SAMBA_3_0_RELEASE/source/VERSION === --- branches/SAMBA_3_0_RELEASE/source/VERSION 2005-08-19 12:02:30 UTC (rev 9397) +++ branches/SAMBA_3_0_RELEASE/source/VERSION 2005-08-19 17:14:39 UTC (rev 9398) @@ -63,7 +63,7 @@ # e.g. SAMBA_VERSION_IS_SVN_SNAPSHOT=yes # # - 3.0.0-SVN-build-199 # -SAMBA_VERSION_IS_SVN_SNAPSHOT=yes +SAMBA_VERSION_IS_SVN_SNAPSHOT= # This can be set by vendors if they want... #
svn commit: samba r9399 - in trunk/source/lib: .
Author: jht Date: 2005-08-19 17:22:48 + (Fri, 19 Aug 2005) New Revision: 9399 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=9399 Log: Syncing HOWTO reference from SAMBA_3_0 branch. Modified: trunk/source/lib/fault.c Changeset: Modified: trunk/source/lib/fault.c === --- trunk/source/lib/fault.c2005-08-19 17:14:39 UTC (rev 9398) +++ trunk/source/lib/fault.c2005-08-19 17:22:48 UTC (rev 9399) @@ -35,7 +35,8 @@ DEBUG(0,(===\n)); DEBUG(0,(INTERNAL ERROR: Signal %d in pid %d (%s),sig,(int)sys_getpid(),SAMBA_VERSION_STRING)); - DEBUG(0,(\nPlease read the appendix Bugs of the Samba HOWTO collection\n)); + DEBUG(0,(\nPlease read the Trouble-Shooting section of the Samba3-HOWTO\n)); + DEBUG(0,(\nFrom: http://www.samba.org/samba/docs/Samba3-HOWTO.pdf\n;)); DEBUG(0,(===\n)); smb_panic(internal error);
svn commit: samba r9400 - in branches/SAMBA_3_0_RELEASE: .
Author: jerry Date: 2005-08-19 17:48:29 + (Fri, 19 Aug 2005) New Revision: 9400 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=9400 Log: updating release notes Modified: branches/SAMBA_3_0_RELEASE/WHATSNEW.txt Changeset: Sorry, the patch is too large (1275 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=9400
svn commit: samba r9401 - in branches/SAMBA_3_0/source/client: .
Author: sfrench Date: 2005-08-19 18:06:05 + (Fri, 19 Aug 2005) New Revision: 9401 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=9401 Log: Allow disabling mandatory byte range lock mount flag, and fix corresponding entry in mtab. Modified: branches/SAMBA_3_0/source/client/mount.cifs.c Changeset: Modified: branches/SAMBA_3_0/source/client/mount.cifs.c === --- branches/SAMBA_3_0/source/client/mount.cifs.c 2005-08-19 17:48:29 UTC (rev 9400) +++ branches/SAMBA_3_0/source/client/mount.cifs.c 2005-08-19 18:06:05 UTC (rev 9401) @@ -506,6 +506,8 @@ *filesys_flags = ~MS_NOSUID; } else if (strncmp(data, nodev, 5) == 0) { *filesys_flags |= MS_NODEV; + } else if (strncmp(data, nobrl, 5) == 0) { + *filesys_flags = ~MS_MANDLOCK; } else if (strncmp(data, dev, 3) == 0) { *filesys_flags = ~MS_NODEV; } else if (strncmp(data, noexec, 6) == 0) { @@ -1138,8 +1140,6 @@ strcat(mountent.mnt_opts,rw); if(flags MS_MANDLOCK) strcat(mountent.mnt_opts,,mand); - else - strcat(mountent.mnt_opts,,nomand); if(flags MS_NOEXEC) strcat(mountent.mnt_opts,,noexec); if(flags MS_NOSUID)
svn commit: samba r9402 - in branches/SAMBA_3_0_RELEASE: .
Author: jerry Date: 2005-08-19 18:37:08 + (Fri, 19 Aug 2005) New Revision: 9402 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=9402 Log: fixing one typo (thanks to Jason Mader) Modified: branches/SAMBA_3_0_RELEASE/WHATSNEW.txt Changeset: Modified: branches/SAMBA_3_0_RELEASE/WHATSNEW.txt === --- branches/SAMBA_3_0_RELEASE/WHATSNEW.txt 2005-08-19 18:06:05 UTC (rev 9401) +++ branches/SAMBA_3_0_RELEASE/WHATSNEW.txt 2005-08-19 18:37:08 UTC (rev 9402) @@ -77,7 +77,7 @@ certain platforms. To enable this new feature, Samba must be compiled to include the --with-aio-support configure option. In addition, the aio read size and aio write size to non-zero -values. See the smb,conf(5) man page for more details on these +values. See the smb.conf(5) man page for more details on these settings.
svn commit: samba r9403 - in tags: .
Author: jerry Date: 2005-08-19 18:41:25 + (Fri, 19 Aug 2005) New Revision: 9403 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=9403 Log: tagging 3.0.20 Added: tags/release-3-0-20/ Changeset: Copied: tags/release-3-0-20 (from rev 9402, branches/SAMBA_3_0_RELEASE)
svn commit: samba-docs r798 - in tags: .
Author: jerry Date: 2005-08-19 18:41:26 + (Fri, 19 Aug 2005) New Revision: 798 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=798 Log: tagging 3.0.20 Added: tags/release-3-0-20/ Changeset: Copied: tags/release-3-0-20 (from rev 797, trunk)
svn commit: samba r9404 - in branches/SOC/SAMBA_4_0: . source/auth source/auth/gensec source/cldap_server source/dsdb/samdb source/dsdb/samdb/ldb_modules source/include source/kdc source/ldap_server s
Author: brad Date: 2005-08-19 20:47:36 + (Fri, 19 Aug 2005) New Revision: 9404 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=9404 Log: [EMAIL PROTECTED]: j0j0 | 2005-08-19 13:45:34 -0600 [EMAIL PROTECTED]: j0j0 | 2005-08-19 10:51:13 -0600 [EMAIL PROTECTED] (orig r9377): tridge | 2005-08-17 23:09:26 -0600 made winreg a user tool (I find it quite useful). I expect it to get the ability to add/remove keys and values in the future. add it to the standard tests, ensuring that we know if winreg breaks. This is particularly important as winreg uses such unusual IDL constructs [EMAIL PROTECTED] (orig r9378): tridge | 2005-08-18 00:14:10 -0600 initialise the last_mod attribute in the ldb backend. Better to return 0 than an uninitialised value, but we should put proper last_modified time support into the ldb winreg backend in the future [EMAIL PROTECTED] (orig r9379): tridge | 2005-08-18 00:19:32 -0600 the valgrind test box is now just going past the max 30 minute smbd runtime for testing. Increased to 45 minutes. [EMAIL PROTECTED] (orig r9381): tpot | 2005-08-18 01:00:37 -0600 Line wrapping. [EMAIL PROTECTED] (orig r9382): tpot | 2005-08-18 01:06:19 -0600 Add a dummy registry for HKEY_USERS to get rid of the annoying dialog presented by regedt32. I think this hive is dynamically generated from SAM information. [EMAIL PROTECTED] (orig r9383): tridge | 2005-08-18 03:33:03 -0600 remove unused file [EMAIL PROTECTED] (orig r9384): tridge | 2005-08-18 04:12:55 -0600 added a debug to show the dcerpc fault code for any calls we fault [EMAIL PROTECTED] (orig r9385): idra | 2005-08-18 04:23:53 -0600 Remove unused functions [EMAIL PROTECTED] (orig r9386): tridge | 2005-08-18 04:58:05 -0600 OpenKey with a bad name must return WERR_BADFILE (w2k3 regedit relies on this) [EMAIL PROTECTED] (orig r9387): tridge | 2005-08-18 05:15:15 -0600 regedit uses New Key #nn for newly created keys, which conflicts with the stricter DN rules in ldb. Escape the DN components to cope. Simo, sorry for making a change in ldb_dn.c while you have changes pending. Please feel free to revert these and switch reg_backend_ldb.c to use the new dn construction code. [EMAIL PROTECTED] (orig r9388): tridge | 2005-08-18 05:16:32 -0600 we should fault bad handles given to winreg_GetVersion() [EMAIL PROTECTED] (orig r9389): tridge | 2005-08-18 06:19:16 -0600 handle errors reading from files in web server bug found by coverity [EMAIL PROTECTED] (orig r9390): tridge | 2005-08-18 06:21:42 -0600 fixed mixing of code and data [EMAIL PROTECTED] (orig r9391): idra | 2005-08-18 09:02:01 -0600 Convert all the code to use struct ldb_dn to ohandle ldap like distinguished names Provide more functions to handle DNs in this form [EMAIL PROTECTED] (orig r9392): idra | 2005-08-18 10:18:48 -0600 Fix ldb_dn_compose to make build farm happy Add ldb_dn_string_compose so that you can build a dn starting from a struct ldb_dn base and a set of parameters to be composed in a format string with the same syntax of printf [EMAIL PROTECTED] (orig r9393): idra | 2005-08-18 10:27:09 -0600 Fix ldb standalone build [EMAIL PROTECTED] (orig r9394): idra | 2005-08-18 10:41:27 -0600 avoid to use BOOL in ldb [EMAIL PROTECTED] (orig r9396): abartlet | 2005-08-18 16:36:12 -0600 ntlm_auth updates, including again support for the NTLMSSP client mode, and specification of the workstation. Andrew Bartlett [EMAIL PROTECTED] (orig r9397): deryck | 2005-08-19 06:02:30 -0600 Playing with qooxdoo a bit and saving my work, so I can get to it later today at work. Not much to see yet, and not linked to from SWAT yet. Playing with the idea of a web-based desktop, and just seeing how widgets can be used. deryck Added: branches/SOC/SAMBA_4_0/source/scripting/bin/winreg branches/SOC/SAMBA_4_0/swat/desktop/ branches/SOC/SAMBA_4_0/swat/desktop/index.esp branches/SOC/SAMBA_4_0/swat/scripting/footer_desktop.esp branches/SOC/SAMBA_4_0/swat/scripting/header_desktop.esp Removed: branches/SOC/SAMBA_4_0/testprogs/ejs/winreg.js Modified: branches/SOC/SAMBA_4_0/ branches/SOC/SAMBA_4_0/source/auth/auth_sam.c branches/SOC/SAMBA_4_0/source/auth/gensec/schannel_state.c branches/SOC/SAMBA_4_0/source/cldap_server/netlogon.c branches/SOC/SAMBA_4_0/source/dsdb/samdb/ldb_modules/objectguid.c branches/SOC/SAMBA_4_0/source/dsdb/samdb/ldb_modules/samldb.c branches/SOC/SAMBA_4_0/source/dsdb/samdb/samdb.c branches/SOC/SAMBA_4_0/source/include/structs.h branches/SOC/SAMBA_4_0/source/kdc/hdb-ldb.c branches/SOC/SAMBA_4_0/source/ldap_server/config.mk
Build status as of Sat Aug 20 00:00:02 2005
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2005-08-19 00:00:10.0 + +++ /home/build/master/cache/broken_results.txt 2005-08-20 00:00:16.0 + @@ -1,17 +1,17 @@ -Build status as of Fri Aug 19 00:00:01 2005 +Build status as of Sat Aug 20 00:00:02 2005 Build counts: Tree Total Broken Panic ccache 9 3 0 distcc 10 4 0 -lorikeet-heimdal 35 23 0 -ppp 21 2 0 +lorikeet-heimdal 34 21 0 +ppp 19 2 0 rsync36 2 0 samba0 0 0 samba-docs 0 0 0 -samba4 41 14 0 -samba_3_037 3 0 -smb-build29 5 0 -talloc 14 5 0 -tdb 9 5 0 +samba4 41 13 0 +samba_3_037 4 0 +smb-build27 5 0 +talloc 15 6 0 +tdb 9 6 0
svn commit: samba r9406 - in branches/SAMBA_4_0/source/torture/basic: .
Author: abartlet Date: 2005-08-20 00:10:03 + (Sat, 20 Aug 2005) New Revision: 9406 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=9406 Log: Add const. Andrew Bartlett Modified: branches/SAMBA_4_0/source/torture/basic/denytest.c Changeset: Modified: branches/SAMBA_4_0/source/torture/basic/denytest.c === --- branches/SAMBA_4_0/source/torture/basic/denytest.c 2005-08-19 20:50:10 UTC (rev 9405) +++ branches/SAMBA_4_0/source/torture/basic/denytest.c 2005-08-20 00:10:03 UTC (rev 9406) @@ -32,7 +32,7 @@ static const char *denystr(int denymode) { - struct { + const struct { int v; const char *name; } deny_modes[] = { @@ -52,7 +52,7 @@ static const char *openstr(int mode) { - struct { + const struct { int v; const char *name; } open_modes[] = { @@ -69,7 +69,7 @@ static const char *resultstr(enum deny_result res) { - struct { + const struct { enum deny_result res; const char *name; } results[] = {
svn commit: samba r9407 - in branches/SOC/SAMBA_4_0: . source/libnet source/torture/rpc
Author: brad Date: 2005-08-20 01:22:42 + (Sat, 20 Aug 2005) New Revision: 9407 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=9407 Log: [EMAIL PROTECTED]: j0j0 | 2005-08-19 19:28:22 -0600 libnet/libnet_join.c Some more fixes so ldb uses ldb_dn's. torture/rpc/dssync.c Some debugging printf()'s. ldb_dn fixes. torture/rpc/testjoin.c Change torture_join_domain() to use libnet_JoinDomain() rather than libnet_Join(). Some more debugging statements. I'm not sure why, but GUID_all_zero(user_handle.uuid) is returning true in torture_leave_domain() when called it from torture_destroy_context() in torture/rpc/dssync.c. That's what i'm working out now. Modified: branches/SOC/SAMBA_4_0/ branches/SOC/SAMBA_4_0/source/libnet/libnet_join.c branches/SOC/SAMBA_4_0/source/torture/rpc/dssync.c branches/SOC/SAMBA_4_0/source/torture/rpc/testjoin.c Changeset: Property changes on: branches/SOC/SAMBA_4_0 ___ Name: svk:merge - 0c0555d6-39d7-0310-84fc-f1cc0bd64818:/branches/SAMBA_4_0:9397 d349723c-e9fc-0310-b8a8-fdedf1c27407:/local/SAMBA_4_0:5500 d349723c-e9fc-0310-b8a8-fdedf1c27407:/local/samba-SAMBA_4_0:5497 + 0c0555d6-39d7-0310-84fc-f1cc0bd64818:/branches/SAMBA_4_0:9397 d349723c-e9fc-0310-b8a8-fdedf1c27407:/local/SAMBA_4_0:5502 d349723c-e9fc-0310-b8a8-fdedf1c27407:/local/samba-SAMBA_4_0:5497 Modified: branches/SOC/SAMBA_4_0/source/libnet/libnet_join.c === --- branches/SOC/SAMBA_4_0/source/libnet/libnet_join.c 2005-08-20 00:10:03 UTC (rev 9406) +++ branches/SOC/SAMBA_4_0/source/libnet/libnet_join.c 2005-08-20 01:22:42 UTC (rev 9407) @@ -81,7 +81,6 @@ struct dom_sid *domain_sid; const char *domain_name; const char *realm = NULL; /* Also flag for remote being AD */ - const struct ldb_dn *account_dn; tmp_ctx = talloc_named(mem_ctx, 0, libnet_Join temp context); @@ -457,7 +456,7 @@ struct ldb_context *remote_ldb; - const char *account_dn; + const struct ldb_dn *account_dn; char *remote_ldb_url; struct ldb_message **msgs, *msg; Modified: branches/SOC/SAMBA_4_0/source/torture/rpc/dssync.c === --- branches/SOC/SAMBA_4_0/source/torture/rpc/dssync.c 2005-08-20 00:10:03 UTC (rev 9406) +++ branches/SOC/SAMBA_4_0/source/torture/rpc/dssync.c 2005-08-20 01:22:42 UTC (rev 9407) @@ -115,6 +115,19 @@ /*create machine account*/ ctx-new_dc.join = torture_join_domain(mem_ctx, TEST_MACHINE_NAME, lp_workgroup(), ACB_SVRTRUST, new_dc_pass); + /* debugging printf()'s*/ + if (torture_join_samr_pipe(ctx-new_dc.join) != NULL) { +printf(test_create_context(): tj-p isn't null\n); + } else { + printf(test_create_context(): tj-p is null.\n); + } + + if (torture_join_samr_user_policy(ctx-new_dc.join) != NULL) { + printf(test_create_context(): tj-user_handle isn't null\n); + } else { + printf(test_create_context(): tj-user_handle is null.\n); + } + /* ctx-libnet_ctx = libnet_context_init(NULL); if (ctx-libnet_ctx == NULL) { @@ -172,6 +185,7 @@ ldb_errstring(ctx-ldb_ctx)); return; } + /* ldif = talloc_asprintf(ctx, dn: %s\n @@ -219,10 +233,12 @@ This will need to be replaced with a libnet leave domain call. It will remove the computer dn: CN=smbtorturedssync,OU=Domain Controllers,DC=smb,DC=test entry, and maybe the server dn also. + */ + printf(test_destroy_context(): Removing machine account %s$.\n,TEST_MACHINE_NAME); if (ctx-new_dc.join) { torture_leave_domain(ctx-new_dc.join); } - */ + talloc_free(ctx); } Modified: branches/SOC/SAMBA_4_0/source/torture/rpc/testjoin.c === --- branches/SOC/SAMBA_4_0/source/torture/rpc/testjoin.c2005-08-20 00:10:03 UTC (rev 9406) +++ branches/SOC/SAMBA_4_0/source/torture/rpc/testjoin.c2005-08-20 01:22:42 UTC (rev 9407) @@ -286,7 +286,7 @@ */ struct libnet_context *libnet_ctx; - struct libnet_Join libnet_r; + struct libnet_JoinDomain libnet_r; struct test_join *tj; NTSTATUS status; @@ -298,22 +298,45 @@ libnet_r.in.domain_name = domain; libnet_r.in.level = LIBNET_JOIN_SPECIFIED; libnet_r.in.netbios_name = machine_name; - - if (acct_flags == ACB_SVRTRUST) { - libnet_r.in.secure_channel_type = SEC_CHAN_BDC; - } else if (acct_flags == ACB_WSTRUST) { -
svn commit: samba r9408 - in trunk/source: include lib libsmb registry rpc_client rpc_parse rpc_server
Author: jra Date: 2005-08-20 01:38:31 + (Sat, 20 Aug 2005) New Revision: 9408 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=9408 Log: The *classic* friday night check-in :-). Ok - this code (especially the RPC client code) will probably not work. But enough of the server RPC code is fixed that we need to have it in the tree so others can start banging on it. Brings back the NTLMv2 code from Samba4 gensec and allows Samba3 rpc pipes to negotiate NTLMv2 sign and seal - using auth type 10. Next I need to fix up the secondary alter context code to make auth type 9 (SPNEGO NTLMSSP) work. Finally I need to fix up the client RPC code to correctly do sign and seal. But it's getting there. It works with Samba4 smbtorture using the RPC-ECHO test until I get a segfault (in Samba4 smbtorture). I'm going to look into that next. Thanks to Andrew Bartlett for his wonderfully clear gensec code and some extremely useful help and advice in doing this. Jeremy. Modified: trunk/source/include/ntdomain.h trunk/source/include/ntlmssp.h trunk/source/include/rpc_client.h trunk/source/include/rpc_dce.h trunk/source/lib/data_blob.c trunk/source/libsmb/ntlmssp.c trunk/source/libsmb/ntlmssp_sign.c trunk/source/libsmb/samlogon_cache.c trunk/source/libsmb/smbencrypt.c trunk/source/registry/reg_printing.c trunk/source/rpc_client/cli_dfs.c trunk/source/rpc_client/cli_ds.c trunk/source/rpc_client/cli_echo.c trunk/source/rpc_client/cli_lsarpc.c trunk/source/rpc_client/cli_netlogon.c trunk/source/rpc_client/cli_pipe.c trunk/source/rpc_client/cli_samr.c trunk/source/rpc_client/cli_shutdown.c trunk/source/rpc_client/cli_spoolss_notify.c trunk/source/rpc_client/cli_srvsvc.c trunk/source/rpc_client/cli_unixinfo.c trunk/source/rpc_client/cli_wkssvc.c trunk/source/rpc_parse/parse_prs.c trunk/source/rpc_parse/parse_rpc.c trunk/source/rpc_server/srv_pipe.c trunk/source/rpc_server/srv_pipe_hnd.c trunk/source/rpc_server/srv_samr_nt.c trunk/source/rpc_server/srv_spoolss_nt.c Changeset: Sorry, the patch is too large (4347 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=9408
svn commit: samba-web r772 - in trunk: . history
Author: jerry Date: 2005-08-20 03:37:25 + (Sat, 20 Aug 2005) New Revision: 772 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-webrev=772 Log: announcing 3.0.20 Added: trunk/history/samba-3.0.20.html Modified: trunk/header_columns.html trunk/index.html Changeset: Sorry, the patch is too large (5139 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-webrev=772
svn commit: samba r9409 - in branches/SAMBA_4_0/source/web_server: .
Author: tridge Date: 2005-08-20 04:38:35 + (Sat, 20 Aug 2005) New Revision: 9409 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=9409 Log: fix a problem that volker noticed with web page timeouts causing smbd to crash. This is one of the downsides of the fact that the ejs engine is not event driven, resulting in the rendering of each web page being 'semi-async'. We need to protect the web context from the timeout processing until we have unwound the stack back to the point that the 'web' variable representing the page rendering logic won't be used any more. Modified: branches/SAMBA_4_0/source/web_server/http.c branches/SAMBA_4_0/source/web_server/web_server.c Changeset: Modified: branches/SAMBA_4_0/source/web_server/http.c === --- branches/SAMBA_4_0/source/web_server/http.c 2005-08-20 01:38:31 UTC (rev 9408) +++ branches/SAMBA_4_0/source/web_server/http.c 2005-08-20 04:38:35 UTC (rev 9409) @@ -501,6 +501,7 @@ return; } #endif + res = espProcessRequest(esp-req, url, buf, emsg); if (res != 0 emsg) { http_writeBlock(web, pre, 5); @@ -866,6 +867,12 @@ } } + if (web-conn == NULL) { + /* the connection has been terminated above us, probably + via a timeout */ + goto internal_error; + } + if (!web-output.output_pending) { http_output_headers(web); EVENT_FD_WRITEABLE(web-conn-event.fde); @@ -909,7 +916,9 @@ internal_error: mprSetCtx(esp); talloc_free(esp); - http_error(web, 500, Internal server error); + if (web-conn != NULL) { + http_error(web, 500, Internal server error); + } mprSetCtx(save_mpr_ctx); ejs_restore_state(ejs_save); } Modified: branches/SAMBA_4_0/source/web_server/web_server.c === --- branches/SAMBA_4_0/source/web_server/web_server.c 2005-08-20 01:38:31 UTC (rev 9408) +++ branches/SAMBA_4_0/source/web_server/web_server.c 2005-08-20 04:38:35 UTC (rev 9409) @@ -52,7 +52,11 @@ struct timeval t, void *private) { struct websrv_context *web = talloc_get_type(private, struct websrv_context); - stream_terminate_connection(web-conn, websrv_timeout: timed out); + struct stream_connection *conn = web-conn; + web-conn = NULL; + /* TODO: send a message to any running esp context on this connection + to stop running */ + stream_terminate_connection(conn, websrv_timeout: timed out); } /* @@ -108,7 +112,17 @@ web-input.partial.data[web-input.content_length] = 0; } EVENT_FD_NOT_READABLE(web-conn-event.fde); + + /* the reference/unlink code here is quite subtle. It +is needed because the rendering of the web-pages, and +in particular the esp/ejs backend, is semi-async. So +we could well end up in the connection timeout code +while inside http_process_input(), but we must not +destroy the stack variables being used by that +rendering process when we handle the timeout. */ + talloc_reference(web-task, web); http_process_input(web); + talloc_unlink(web-task, web); } return;
svn commit: samba r9410 - in branches/SAMBA_4_0/source/rpc_server/winreg: .
Author: tridge Date: 2005-08-20 04:40:08 + (Sat, 20 Aug 2005) New Revision: 9410 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=9410 Log: - a winreg_CloseKey() should return a zero key on success (zeroing the callers key). This is the normal pattern with rpc handles. - fixed reference to undefined error variable in winreg_DeleteKey() Modified: branches/SAMBA_4_0/source/rpc_server/winreg/rpc_winreg.c Changeset: Modified: branches/SAMBA_4_0/source/rpc_server/winreg/rpc_winreg.c === --- branches/SAMBA_4_0/source/rpc_server/winreg/rpc_winreg.c2005-08-20 04:38:35 UTC (rev 9409) +++ branches/SAMBA_4_0/source/rpc_server/winreg/rpc_winreg.c2005-08-20 04:40:08 UTC (rev 9410) @@ -85,6 +85,8 @@ talloc_free(h); + ZERO_STRUCTP(r-out.handle); + return WERR_OK; } @@ -123,15 +125,10 @@ struct winreg_DeleteKey *r) { struct dcesrv_handle *h; - WERROR result; DCESRV_PULL_HANDLE_FAULT(h, r-in.handle, HTYPE_REGKEY); - - if (W_ERROR_IS_OK(result)) { - return reg_key_del((struct registry_key *)h-data, r-in.key.name); - } - - return result; + + return reg_key_del((struct registry_key *)h-data, r-in.key.name); }
svn commit: samba r9411 - in branches/SAMBA_4_0/source/auth: gensec ntlmssp
Author: abartlet Date: 2005-08-20 04:42:19 + (Sat, 20 Aug 2005) New Revision: 9411 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=9411 Log: Ensure we don't send a challenge without first getting a negotiate in NTLMSSP, unless we are in datagram mode (not fully implemented yet). Andrew Bartlett Modified: branches/SAMBA_4_0/source/auth/gensec/gensec.h branches/SAMBA_4_0/source/auth/ntlmssp/ntlmssp.c Changeset: Modified: branches/SAMBA_4_0/source/auth/gensec/gensec.h === --- branches/SAMBA_4_0/source/auth/gensec/gensec.h 2005-08-20 04:40:08 UTC (rev 9410) +++ branches/SAMBA_4_0/source/auth/gensec/gensec.h 2005-08-20 04:42:19 UTC (rev 9411) @@ -40,6 +40,7 @@ #define GENSEC_FEATURE_SEAL0x0004 #define GENSEC_FEATURE_DCE_STYLE 0x0008 #define GENSEC_FEATURE_ASYNC_REPLIES 0x0010 +#define GENSEC_FEATURE_DATAGRAM_MODE 0x0020 /* GENSEC mode */ enum gensec_role Modified: branches/SAMBA_4_0/source/auth/ntlmssp/ntlmssp.c === --- branches/SAMBA_4_0/source/auth/ntlmssp/ntlmssp.c2005-08-20 04:40:08 UTC (rev 9410) +++ branches/SAMBA_4_0/source/auth/ntlmssp/ntlmssp.c2005-08-20 04:42:19 UTC (rev 9411) @@ -138,8 +138,14 @@ ntlmssp_command = NTLMSSP_INITIAL; break; case NTLMSSP_SERVER: - /* 'datagram' mode - no neg packet */ - ntlmssp_command = NTLMSSP_NEGOTIATE; + if (gensec_security-want_features GENSEC_FEATURE_DATAGRAM_MODE) { + /* 'datagram' mode - no neg packet */ + ntlmssp_command = NTLMSSP_NEGOTIATE; + } else { + /* This is normal in SPNEGO mech negotiation fallback */ + DEBUG(2, (Failed to parse NTLMSSP packet: zero length\n)); + return NT_STATUS_INVALID_PARAMETER; + } break; } } else {