svn commit: samba r24768 - in branches/SAMBA_4_0/source/torture/raw: .
Author: sahlberg Date: 2007-08-29 06:58:25 + (Wed, 29 Aug 2007) New Revision: 24768 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24768 Log: redo the pingpong torture using sync functions to make the code simpler Modified: branches/SAMBA_4_0/source/torture/raw/pingpong.c Changeset: Sorry, the patch is too large (508 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24768
svn commit: samba r24769 - in branches: SAMBA_3_2/source/libads SAMBA_3_2_0/source/libads
Author: gd Date: 2007-08-29 10:12:43 + (Wed, 29 Aug 2007) New Revision: 24769 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24769 Log: Merge error handling for locator plugin. Guenther Modified: branches/SAMBA_3_2/source/libads/smb_krb5_locator.c branches/SAMBA_3_2_0/source/libads/smb_krb5_locator.c Changeset: Modified: branches/SAMBA_3_2/source/libads/smb_krb5_locator.c === --- branches/SAMBA_3_2/source/libads/smb_krb5_locator.c 2007-08-29 06:58:25 UTC (rev 24768) +++ branches/SAMBA_3_2/source/libads/smb_krb5_locator.c 2007-08-29 10:12:43 UTC (rev 24769) @@ -24,10 +24,14 @@ #endif #if defined(HAVE_KRB5) defined(HAVE_KRB5_LOCATE_PLUGIN_H) -BOOL winbind_env_set( void ); +BOOL winbind_env_set(void); #include krb5/locate_plugin.h +#ifndef KRB5_PLUGIN_NO_HANDLE +#define KRB5_PLUGIN_NO_HANDLE KRB5_KDC_UNREACH /* Heimdal */ +#endif + static const char *get_service_from_locate_service_type(enum locate_service_type svc) { switch (svc) { @@ -123,11 +127,7 @@ break; case locate_service_kadmin: case locate_service_krb524: -#ifdef KRB5_PLUGIN_NO_HANDLE return KRB5_PLUGIN_NO_HANDLE; -#else - return KRB5_KDC_UNREACH; /* Heimdal */ -#endif default: return EINVAL; } @@ -137,11 +137,7 @@ case AF_INET: break; case AF_INET6: /* not yet */ -#ifdef KRB5_PLUGIN_NO_HANDLE return KRB5_PLUGIN_NO_HANDLE; -#else - return KRB5_KDC_UNREACH; /* Heimdal */ -#endif default: return EINVAL; } @@ -198,11 +194,7 @@ (unsigned int)getpid(), gai_strerror(ret), ret); #endif -#ifdef KRB5_PLUGIN_NO_HANDLE return KRB5_PLUGIN_NO_HANDLE; -#else - return KRB5_KDC_UNREACH; /* Heimdal */ -#endif } ret = cbfunc(cbdata, out-ai_socktype, out-ai_addr); @@ -365,11 +357,7 @@ return ret; failed: -#ifdef KRB5_PLUGIN_NO_HANDLE return KRB5_PLUGIN_NO_HANDLE; -#else - return KRB5_KDC_UNREACH; /* Heimdal */ -#endif } #ifdef HEIMDAL_KRB5_LOCATE_PLUGIN_H Modified: branches/SAMBA_3_2_0/source/libads/smb_krb5_locator.c === --- branches/SAMBA_3_2_0/source/libads/smb_krb5_locator.c 2007-08-29 06:58:25 UTC (rev 24768) +++ branches/SAMBA_3_2_0/source/libads/smb_krb5_locator.c 2007-08-29 10:12:43 UTC (rev 24769) @@ -24,10 +24,14 @@ #endif #if defined(HAVE_KRB5) defined(HAVE_KRB5_LOCATE_PLUGIN_H) -BOOL winbind_env_set( void ); +BOOL winbind_env_set(void); #include krb5/locate_plugin.h +#ifndef KRB5_PLUGIN_NO_HANDLE +#define KRB5_PLUGIN_NO_HANDLE KRB5_KDC_UNREACH /* Heimdal */ +#endif + static const char *get_service_from_locate_service_type(enum locate_service_type svc) { switch (svc) { @@ -123,11 +127,7 @@ break; case locate_service_kadmin: case locate_service_krb524: -#ifdef KRB5_PLUGIN_NO_HANDLE return KRB5_PLUGIN_NO_HANDLE; -#else - return KRB5_KDC_UNREACH; /* Heimdal */ -#endif default: return EINVAL; } @@ -137,11 +137,7 @@ case AF_INET: break; case AF_INET6: /* not yet */ -#ifdef KRB5_PLUGIN_NO_HANDLE return KRB5_PLUGIN_NO_HANDLE; -#else - return KRB5_KDC_UNREACH; /* Heimdal */ -#endif default: return EINVAL; } @@ -198,11 +194,7 @@ (unsigned int)getpid(), gai_strerror(ret), ret); #endif -#ifdef KRB5_PLUGIN_NO_HANDLE return KRB5_PLUGIN_NO_HANDLE; -#else - return KRB5_KDC_UNREACH; /* Heimdal */ -#endif } ret = cbfunc(cbdata, out-ai_socktype, out-ai_addr); @@ -365,11 +357,7 @@ return ret; failed: -#ifdef KRB5_PLUGIN_NO_HANDLE return KRB5_PLUGIN_NO_HANDLE; -#else - return KRB5_KDC_UNREACH; /* Heimdal */ -#endif } #ifdef HEIMDAL_KRB5_LOCATE_PLUGIN_H
svn commit: samba r24770 - in branches/SAMBA_3_0/source: rpc_parse utils
Author: mimir Date: 2007-08-29 10:42:53 + (Wed, 29 Aug 2007) New Revision: 24770 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24770 Log: Use infolevel 25 to set the machine account's password (just like winxp). This correctly updates pwdLastSet field on win2k3 server. rafal Modified: branches/SAMBA_3_0/source/rpc_parse/parse_samr.c branches/SAMBA_3_0/source/utils/net_domain.c Changeset: Modified: branches/SAMBA_3_0/source/rpc_parse/parse_samr.c === --- branches/SAMBA_3_0/source/rpc_parse/parse_samr.c2007-08-29 10:12:43 UTC (rev 24769) +++ branches/SAMBA_3_0/source/rpc_parse/parse_samr.c2007-08-29 10:42:53 UTC (rev 24770) @@ -5940,6 +5940,25 @@ } } + +/* + init_samr_user_info25P + fields_present = ACCT_NT_PWD_SET | ACCT_LM_PWD_SET | ACCT_FLAGS +*/ + +void init_sam_user_info25P(SAM_USER_INFO_25 * usr, + uint32 fields_present, uint32 acb_info, + char newpass[532]) +{ + usr-fields_present = fields_present; + ZERO_STRUCT(usr-padding1); + ZERO_STRUCT(usr-padding2); + + usr-acb_info = acb_info; + memcpy(usr-pass, newpass, sizeof(usr-pass)); +} + + /*** reads or writes a structure. / Modified: branches/SAMBA_3_0/source/utils/net_domain.c === --- branches/SAMBA_3_0/source/utils/net_domain.c2007-08-29 10:12:43 UTC (rev 24769) +++ branches/SAMBA_3_0/source/utils/net_domain.c2007-08-29 10:42:53 UTC (rev 24770) @@ -209,10 +209,14 @@ uint32 num_rids, *name_types, *user_rids; uint32 flags = 0x3e8; uint32 acb_info = ACB_WSTRUST; - uchar pwbuf[516]; + uint32 fields_present; + uchar pwbuf[532]; SAM_USERINFO_CTR ctr; - SAM_USER_INFO_24 p24; - SAM_USER_INFO_16 p16; + SAM_USER_INFO_25 p25; + const int infolevel = 25; + struct MD5Context md5ctx; + uchar md5buffer[16]; + DATA_BLOB digested_session_key; uchar md4_trust_password[16]; /* Open the domain */ @@ -283,24 +287,49 @@ status = rpccli_samr_open_user(pipe_hnd, mem_ctx, domain_pol, SEC_RIGHTS_MAXIMUM_ALLOWED, user_rid, user_pol); + if (!NT_STATUS_IS_OK(status)) { + return status; + } - /* Create a random machine account password */ + /* Create a random machine account password and generate the hash */ - E_md4hash( clear_pw, md4_trust_password); + E_md4hash(clear_pw, md4_trust_password); encode_pw_buffer(pwbuf, clear_pw, STR_UNICODE); + + generate_random_buffer((uint8*)md5buffer, sizeof(md5buffer)); + digested_session_key = data_blob_talloc(mem_ctx, 0, 16); + + MD5Init(md5ctx); + MD5Update(md5ctx, md5buffer, sizeof(md5buffer)); + MD5Update(md5ctx, cli-user_session_key.data, cli-user_session_key.length); + MD5Final(digested_session_key.data, md5ctx); + + SamOEMhashBlob(pwbuf, sizeof(pwbuf), digested_session_key); + memcpy(pwbuf[516], md5buffer, sizeof(md5buffer)); - /* Set password on machine account */ + /* Fill in the additional account flags now */ + acb_info |= ACB_PWNOEXP; + if ( dom_type == ND_TYPE_AD ) { +#if !defined(ENCTYPE_ARCFOUR_HMAC) + acb_info |= ACB_USE_DES_KEY_ONLY; +#endif + ;; + } + + /* Set password and account flags on machine account */ + ZERO_STRUCT(ctr); - ZERO_STRUCT(p24); + ZERO_STRUCT(p25); - init_sam_user_info24(p24, (char *)pwbuf,24); + fields_present = ACCT_NT_PWD_SET | ACCT_LM_PWD_SET | ACCT_FLAGS; + init_sam_user_info25P(p25, fields_present, acb_info, (char *)pwbuf); - ctr.switch_value = 24; - ctr.info.id24 = p24; + ctr.switch_value = infolevel; + ctr.info.id25= p25; - status = rpccli_samr_set_userinfo(pipe_hnd, mem_ctx, user_pol, - 24, cli-user_session_key, ctr); + status = rpccli_samr_set_userinfo2(pipe_hnd, mem_ctx, user_pol, + infolevel, cli-user_session_key, ctr); if ( !NT_STATUS_IS_OK(status) ) { d_fprintf( stderr, Failed to set password for machine account (%s)\n, @@ -308,35 +337,6 @@ return status; } - - /* Why do we have to try to (re-)set the ACB to be the same as what - we passed in the samr_create_dom_user() call? When a NT - workstation is joined to a domain by an administrator the - acb_info
svn commit: samba r24771 - in branches/SAMBA_3_2/source: rpc_parse utils
Author: mimir Date: 2007-08-29 11:02:04 + (Wed, 29 Aug 2007) New Revision: 24771 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24771 Log: Use infolevel 25 to set the machine account's password (just like winxp). This correctly updates pwdLastSet field on win2k3 server. rafal Modified: branches/SAMBA_3_2/source/rpc_parse/parse_samr.c branches/SAMBA_3_2/source/utils/net_domain.c Changeset: Modified: branches/SAMBA_3_2/source/rpc_parse/parse_samr.c === --- branches/SAMBA_3_2/source/rpc_parse/parse_samr.c2007-08-29 10:42:53 UTC (rev 24770) +++ branches/SAMBA_3_2/source/rpc_parse/parse_samr.c2007-08-29 11:02:04 UTC (rev 24771) @@ -5930,6 +5930,25 @@ } } + +/* + init_samr_user_info25P + fields_present = ACCT_NT_PWD_SET | ACCT_LM_PWD_SET | ACCT_FLAGS +*/ + +void init_sam_user_info25P(SAM_USER_INFO_25 * usr, + uint32 fields_present, uint32 acb_info, + char newpass[532]) +{ + usr-fields_present = fields_present; + ZERO_STRUCT(usr-padding1); + ZERO_STRUCT(usr-padding2); + + usr-acb_info = acb_info; + memcpy(usr-pass, newpass, sizeof(usr-pass)); +} + + /*** reads or writes a structure. / Modified: branches/SAMBA_3_2/source/utils/net_domain.c === --- branches/SAMBA_3_2/source/utils/net_domain.c2007-08-29 10:42:53 UTC (rev 24770) +++ branches/SAMBA_3_2/source/utils/net_domain.c2007-08-29 11:02:04 UTC (rev 24771) @@ -208,10 +208,14 @@ uint32 num_rids, *name_types, *user_rids; uint32 flags = 0x3e8; uint32 acb_info = ACB_WSTRUST; - uchar pwbuf[516]; + uint32 fields_present; + uchar pwbuf[532]; SAM_USERINFO_CTR ctr; - SAM_USER_INFO_24 p24; - SAM_USER_INFO_16 p16; + SAM_USER_INFO_25 p25; + const int infolevel = 25; + struct MD5Context md5ctx; + uchar md5buffer[16]; + DATA_BLOB digested_session_key; uchar md4_trust_password[16]; /* Open the domain */ @@ -282,24 +286,49 @@ status = rpccli_samr_open_user(pipe_hnd, mem_ctx, domain_pol, SEC_RIGHTS_MAXIMUM_ALLOWED, user_rid, user_pol); + if (!NT_STATUS_IS_OK(status)) { + return status; + } - /* Create a random machine account password */ + /* Create a random machine account password and generate the hash */ - E_md4hash( clear_pw, md4_trust_password); + E_md4hash(clear_pw, md4_trust_password); encode_pw_buffer(pwbuf, clear_pw, STR_UNICODE); + + generate_random_buffer((uint8*)md5buffer, sizeof(md5buffer)); + digested_session_key = data_blob_talloc(mem_ctx, 0, 16); + + MD5Init(md5ctx); + MD5Update(md5ctx, md5buffer, sizeof(md5buffer)); + MD5Update(md5ctx, cli-user_session_key.data, cli-user_session_key.length); + MD5Final(digested_session_key.data, md5ctx); + + SamOEMhashBlob(pwbuf, sizeof(pwbuf), digested_session_key); + memcpy(pwbuf[516], md5buffer, sizeof(md5buffer)); - /* Set password on machine account */ + /* Fill in the additional account flags now */ + acb_info |= ACB_PWNOEXP; + if ( dom_type == ND_TYPE_AD ) { +#if !defined(ENCTYPE_ARCFOUR_HMAC) + acb_info |= ACB_USE_DES_KEY_ONLY; +#endif + ;; + } + + /* Set password and account flags on machine account */ + ZERO_STRUCT(ctr); - ZERO_STRUCT(p24); + ZERO_STRUCT(p25); - init_sam_user_info24(p24, (char *)pwbuf,24); + fields_present = ACCT_NT_PWD_SET | ACCT_LM_PWD_SET | ACCT_FLAGS; + init_sam_user_info25P(p25, fields_present, acb_info, (char *)pwbuf); - ctr.switch_value = 24; - ctr.info.id24 = p24; + ctr.switch_value = infolevel; + ctr.info.id25= p25; - status = rpccli_samr_set_userinfo(pipe_hnd, mem_ctx, user_pol, - 24, cli-user_session_key, ctr); + status = rpccli_samr_set_userinfo2(pipe_hnd, mem_ctx, user_pol, + infolevel, cli-user_session_key, ctr); if ( !NT_STATUS_IS_OK(status) ) { d_fprintf( stderr, Failed to set password for machine account (%s)\n, @@ -307,35 +336,6 @@ return status; } - - /* Why do we have to try to (re-)set the ACB to be the same as what - we passed in the samr_create_dom_user() call? When a NT - workstation is joined to a domain by an administrator the - acb_info
svn commit: samba r24772 - in branches/SAMBA_4_0/source/librpc/idl: .
Author: sahlberg Date: 2007-08-29 11:04:49 + (Wed, 29 Aug 2007) New Revision: 24772 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24772 Log: add a bitmap that describes 6 of the specific accessmask bits for policy handles that are create by Connect?() calls on the samr pipe. these bits come from the wireshark/ethereal sources where they have been documented for a long time. the bits : connect to server initialize server create domain were added to wireshark/ethereal in svn 8080 Jul 24 2003 the bits : open domain enum domain shutdown server were added to wireshark/ethereal in svn 6054 Aug 21 2002 Modified: branches/SAMBA_4_0/source/librpc/idl/samr.idl Changeset: Modified: branches/SAMBA_4_0/source/librpc/idl/samr.idl === --- branches/SAMBA_4_0/source/librpc/idl/samr.idl 2007-08-29 11:02:04 UTC (rev 24771) +++ branches/SAMBA_4_0/source/librpc/idl/samr.idl 2007-08-29 11:04:49 UTC (rev 24772) @@ -41,12 +41,21 @@ ACB_NO_AUTH_DATA_REQD = 0x0008 /* 1 = No authorization data required */ } samr_AcctFlags; + typedef [bitmap32bit] bitmap { + SAMR_ACCESS_CONNECT_TO_SERVER = 0x0001, + SAMR_ACCESS_SHUTDOWN_SERVER = 0x0002, + SAMR_ACCESS_INITIALIZE_SERVER = 0x0004, + SAMR_ACCESS_CREATE_DOMAIN = 0x0008, + SAMR_ACCESS_ENUM_DOMAINS= 0x0010, + SAMR_ACCESS_OPEN_DOMAIN = 0x0020 + } samr_ConnectAccessMask; + /**/ /* Function: 0x00 */ NTSTATUS samr_Connect ( /* notice the lack of [string] */ [in] uint16 *system_name, - [in] uint32 access_mask, + [in] samr_ConnectAccessMask access_mask, [out,ref] policy_handle *connect_handle ); @@ -1131,7 +1140,7 @@ /* Function0x39 */ NTSTATUS samr_Connect2( [in,string,charset(UTF16)] uint16 *system_name, - [in] uint32 access_mask, + [in] samr_ConnectAccessMask access_mask, [out,ref] policy_handle *connect_handle ); @@ -1171,7 +1180,7 @@ [in,string,charset(UTF16)] uint16 *system_name, /* this unknown value seems to be completely ignored by w2k3 */ [in] uint32 unknown, - [in] uint32 access_mask, + [in] samr_ConnectAccessMask access_mask, [out,ref] policy_handle *connect_handle ); @@ -1180,7 +1189,7 @@ NTSTATUS samr_Connect4( [in,string,charset(UTF16)] uint16 *system_name, [in] uint32 unknown, - [in] uint32 access_mask, + [in] samr_ConnectAccessMask access_mask, [out,ref] policy_handle *connect_handle ); @@ -1222,7 +1231,7 @@ [public] NTSTATUS samr_Connect5( [in,string,charset(UTF16)] uint16 *system_name, - [in] uint32 access_mask, + [in] samr_ConnectAccessMask access_mask, [in,out] uint32 level, [in,out,switch_is(level),ref] samr_ConnectInfo *info, [out,ref] policy_handle *connect_handle
svn commit: samba r24773 - in branches: SAMBA_3_2/source/lib SAMBA_3_2_0/source/lib
Author: vlendec Date: 2007-08-29 11:46:44 + (Wed, 29 Aug 2007) New Revision: 24773 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24773 Log: Fix a ctdb connection lockup The lockup could happen when packet_read_sync() gets two packets in a row, the first one being an async message, and the second one being the response to a ctdb request. Also add some debug msg to ctdb_conn.c, and cut off the locking key messages to only dump 20 hex chars at debug level 10. 10 will dump everything. Modified: branches/SAMBA_3_2/source/lib/ctdbd_conn.c branches/SAMBA_3_2/source/lib/dbwrap_ctdb.c branches/SAMBA_3_2/source/lib/dbwrap_tdb.c branches/SAMBA_3_2_0/source/lib/ctdbd_conn.c branches/SAMBA_3_2_0/source/lib/dbwrap_ctdb.c branches/SAMBA_3_2_0/source/lib/dbwrap_tdb.c Changeset: Modified: branches/SAMBA_3_2/source/lib/ctdbd_conn.c === --- branches/SAMBA_3_2/source/lib/ctdbd_conn.c 2007-08-29 11:04:49 UTC (rev 24772) +++ branches/SAMBA_3_2/source/lib/ctdbd_conn.c 2007-08-29 11:46:44 UTC (rev 24773) @@ -61,6 +61,20 @@ } /* + * + */ +static void ctdb_packet_dump(struct ctdb_req_header *hdr) +{ + if (DEBUGLEVEL 10) { + return; + } + DEBUGADD(10, (len=%d, magic=%x, vers=%d, gen=%d, op=%d, reqid=%d\n, + (int)hdr-length, (int)hdr-ctdb_magic, + (int)hdr-ctdb_version, (int)hdr-generation, + (int)hdr-operation, (int)hdr-reqid)); +} + +/* * Register a srvid with ctdbd */ static NTSTATUS register_with_ctdbd(struct ctdbd_connection *conn, @@ -249,6 +263,11 @@ blob, result, result, (ndr_pull_flags_fn_t)ndr_pull_messaging_rec); + if (DEBUGLEVEL = 10) { + DEBUG(10, (ctdb_pull_messaging_rec:\n)); + NDR_PRINT_DEBUG(messaging_rec, result); + } + if (!NT_STATUS_IS_OK(status)) { DEBUG(0, (ndr_pull_struct_blob failed: %s\n, nt_errstr(status))); @@ -288,6 +307,8 @@ cluster_fatal(ctdbd died\n); } + next_pkt: + ZERO_STRUCT(state); state.mem_ctx = mem_ctx; @@ -296,6 +317,7 @@ /* * Not enough data */ + DEBUG(10, (not enough data from ctdb socket, retrying\n)); goto again; } @@ -306,6 +328,9 @@ hdr = (struct ctdb_req_header *)state.req.data; + DEBUG(10, (Received ctdb packet\n)); + ctdb_packet_dump(hdr); + if (hdr-operation == CTDB_REQ_MESSAGE) { struct timed_event *evt; struct deferred_msg_state *msg_state; @@ -315,7 +340,7 @@ DEBUG(1, (Got a message without having a msg ctx, dropping msg %llu\n, (long long unsigned)msg-srvid)); - goto again; + goto next_pkt; } if ((conn-release_ip_handler != NULL) @@ -325,13 +350,13 @@ conn-release_ip_handler((const char *)msg-data, conn-release_ip_priv); TALLOC_FREE(hdr); - goto again; + goto next_pkt; } if (!(msg_state = TALLOC_P(NULL, struct deferred_msg_state))) { DEBUG(0, (talloc failed\n)); TALLOC_FREE(hdr); - goto again; + goto next_pkt; } if (!(msg_state-rec = ctdb_pull_messaging_rec( @@ -339,7 +364,7 @@ DEBUG(0, (ctdbd_pull_messaging_rec failed\n)); TALLOC_FREE(msg_state); TALLOC_FREE(hdr); - goto again; + goto next_pkt; } TALLOC_FREE(hdr); @@ -360,10 +385,10 @@ DEBUG(0, (event_add_timed failed\n)); TALLOC_FREE(msg_state); TALLOC_FREE(hdr); - goto again; + goto next_pkt; } - goto again; + goto next_pkt; } if (hdr-reqid != reqid) { @@ -622,6 +647,9 @@ r.srvid = dst_srvid; r.datalen= blob.length; + DEBUG(10, (ctdbd_messaging_send: Sending ctdb packet\n)); + ctdb_packet_dump(r.hdr); + status = packet_send( conn-pkt, 2, data_blob_const(r, offsetof(struct ctdb_req_message, data)), @@ -682,6 +710,9 @@ req.srvid= srvid; req.datalen = data.dsize; + DEBUG(10, (ctdbd_control: Sending ctdb packet\n)); +
svn commit: samba r24774 - in branches/SAMBA_4_0/source/librpc/idl: .
Author: sahlberg Date: 2007-08-29 11:54:23 + (Wed, 29 Aug 2007) New Revision: 24774 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24774 Log: add 5 specific access mask bits for policy handles created for aliases these five access mask bits : add member remove members get members lookup info set info come from wireshark/ethereal where they were added to cvs in Aug 21 2002 http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk/epan/dissectors/packet-dcerpc-samr.c?r1=5987r2=6054 Modified: branches/SAMBA_4_0/source/librpc/idl/samr.idl Changeset: Modified: branches/SAMBA_4_0/source/librpc/idl/samr.idl === --- branches/SAMBA_4_0/source/librpc/idl/samr.idl 2007-08-29 11:46:44 UTC (rev 24773) +++ branches/SAMBA_4_0/source/librpc/idl/samr.idl 2007-08-29 11:54:23 UTC (rev 24774) @@ -50,6 +50,14 @@ SAMR_ACCESS_OPEN_DOMAIN = 0x0020 } samr_ConnectAccessMask; + typedef [bitmap32bit] bitmap { + ALIAS_ACCESS_ADD_MEMBER = 0x0001, + ALIAS_ACCESS_REMOVE_MEMBER = 0x0002, + ALIAS_ACCESS_GET_MEMBERS = 0x0004, + ALIAS_ACCESS_LOOKUP_INFO = 0x0008, + ALIAS_ACCESS_SET_INFO= 0x0010 + } samr_AliasAccessMask; + /**/ /* Function: 0x00 */ NTSTATUS samr_Connect ( @@ -314,7 +322,7 @@ NTSTATUS samr_CreateDomAlias( [in,ref] policy_handle *domain_handle, [in,ref] lsa_String *alias_name, - [in] uint32 access_mask, + [in] samr_AliasAccessMask access_mask, [out,ref] policy_handle *alias_handle, [out,ref] uint32*rid ); @@ -489,7 +497,7 @@ /* Function0x1b */ NTSTATUS samr_OpenAlias ( [in,ref] policy_handle *domain_handle, - [in] uint32 access_mask, + [in] samr_AliasAccessMask access_mask, [in] uint32 rid, [out,ref] policy_handle *alias_handle );
svn commit: samba r24775 - in branches/SAMBA_4_0/source/librpc/idl: .
Author: sahlberg Date: 2007-08-29 12:22:15 + (Wed, 29 Aug 2007) New Revision: 24775 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24775 Log: add 5 specific access right bits for the accessmask that refers to Groups on the samr pipe the five bits lookup info set info add member remove member get members comes from the wireshark/ethereal sources where they were added in Aug 21 2002 http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk/epan/dissectors/packet-dcerpc-samr.c?r1=5987r2=6054 Modified: branches/SAMBA_4_0/source/librpc/idl/samr.idl Changeset: Modified: branches/SAMBA_4_0/source/librpc/idl/samr.idl === --- branches/SAMBA_4_0/source/librpc/idl/samr.idl 2007-08-29 11:54:23 UTC (rev 24774) +++ branches/SAMBA_4_0/source/librpc/idl/samr.idl 2007-08-29 12:22:15 UTC (rev 24775) @@ -51,6 +51,14 @@ } samr_ConnectAccessMask; typedef [bitmap32bit] bitmap { + GROUP_ACCESS_LOOKUP_INFO = 0x0001, + GROUP_ACCESS_SET_INFO= 0x0002, + GROUP_ACCESS_ADD_MEMBER = 0x0004, + GROUP_ACCESS_REMOVE_MEMBER = 0x0008, + GROUP_ACCESS_GET_MEMBERS = 0x0010 + } samr_GroupAccessMask; + + typedef [bitmap32bit] bitmap { ALIAS_ACCESS_ADD_MEMBER = 0x0001, ALIAS_ACCESS_REMOVE_MEMBER = 0x0002, ALIAS_ACCESS_GET_MEMBERS = 0x0004, @@ -273,7 +281,7 @@ NTSTATUS samr_CreateDomainGroup( [in,ref] policy_handle *domain_handle, [in,ref] lsa_String *name, - [in] uint32 access_mask, + [in] samr_GroupAccessMask access_mask, [out,ref] policy_handle *group_handle, [out,ref] uint32 *rid ); @@ -377,7 +385,7 @@ /* Function0x13 */ NTSTATUS samr_OpenGroup( [in,ref] policy_handle *domain_handle, - [in] uint32 access_mask, + [in] samr_GroupAccessMask access_mask, [in] uint32 rid, [out,ref] policy_handle *group_handle );
svn commit: samba r24777 - in branches/SAMBA_4_0/source/librpc/idl: .
Author: sahlberg Date: 2007-08-29 12:39:58 + (Wed, 29 Aug 2007) New Revision: 24777 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24777 Log: add 11 specific access rights to the access mask for domains on the samr pipe 10 of these bits : lookup info 1 set info 1 lookup info 2 set info 2 create user create group create alias enum account open account set info 3 come from wireshark/ethereal and were added to wireshark in Aug 21 2002 http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk/epan/dissectors/packet-dcerpc-samr.c?r1=5987r2=6054 one bit lookup alias also comes from wireshark where it was added in wireshark in Feb 21 2003 http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk/epan/dissectors/packet-dcerpc-samr.c?r1=7173r2=7178 Modified: branches/SAMBA_4_0/source/librpc/idl/samr.idl Changeset: Modified: branches/SAMBA_4_0/source/librpc/idl/samr.idl === --- branches/SAMBA_4_0/source/librpc/idl/samr.idl 2007-08-29 12:35:20 UTC (rev 24776) +++ branches/SAMBA_4_0/source/librpc/idl/samr.idl 2007-08-29 12:39:58 UTC (rev 24777) @@ -51,6 +51,20 @@ } samr_ConnectAccessMask; typedef [bitmap32bit] bitmap { + DOMAIN_ACCESS_LOOKUP_INFO_1 = 0x0001, + DOMAIN_ACCESS_SET_INFO_1 = 0x0002, + DOMAIN_ACCESS_LOOKUP_INFO_2 = 0x0004, + DOMAIN_ACCESS_SET_INFO_2 = 0x0008, + DOMAIN_ACCESS_CREATE_USER= 0x0010, + DOMAIN_ACCESS_CREATE_GROUP = 0x0020, + DOMAIN_ACCESS_CREATE_ALIAS = 0x0040, + DOMAIN_ACCESS_LOOKUP_ALIAS = 0x0080, + DOMAIN_ACCESS_ENUM_ACCOUNTS = 0x0100, + DOMAIN_ACCESS_OPEN_ACCOUNT = 0x0200, + DOMAIN_ACCESS_SET_INFO_3 = 0x0400 + } samr_DomainAccessMask; + + typedef [bitmap32bit] bitmap { GROUP_ACCESS_LOOKUP_INFO = 0x0001, GROUP_ACCESS_SET_INFO= 0x0002, GROUP_ACCESS_ADD_MEMBER = 0x0004, @@ -145,7 +159,7 @@ /* Function0x07 */ [public] NTSTATUS samr_OpenDomain( [in,ref] policy_handle *connect_handle, - [in] uint32 access_mask, + [in] samr_DomainAccessMask access_mask, [in,ref] dom_sid2 *sid, [out,ref] policy_handle *domain_handle );
svn commit: samba r24778 - in branches: SAMBA_3_2/source/nsswitch SAMBA_3_2_0/source/nsswitch
Author: gd Date: 2007-08-29 12:43:23 + (Wed, 29 Aug 2007) New Revision: 24778 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24778 Log: Make sure krb5 locator requests go to a separate locator winbind child. Guenther Modified: branches/SAMBA_3_2/source/nsswitch/winbindd.c branches/SAMBA_3_2/source/nsswitch/winbindd_dual.c branches/SAMBA_3_2/source/nsswitch/winbindd_misc.c branches/SAMBA_3_2/source/nsswitch/winbindd_util.c branches/SAMBA_3_2_0/source/nsswitch/winbindd.c branches/SAMBA_3_2_0/source/nsswitch/winbindd_dual.c branches/SAMBA_3_2_0/source/nsswitch/winbindd_misc.c branches/SAMBA_3_2_0/source/nsswitch/winbindd_util.c Changeset: Modified: branches/SAMBA_3_2/source/nsswitch/winbindd.c === --- branches/SAMBA_3_2/source/nsswitch/winbindd.c 2007-08-29 12:39:58 UTC (rev 24777) +++ branches/SAMBA_3_2/source/nsswitch/winbindd.c 2007-08-29 12:43:23 UTC (rev 24778) @@ -1184,6 +1184,7 @@ } init_idmap_child(); + init_locator_child(); smb_nscd_flush_user_cache(); smb_nscd_flush_group_cache(); Modified: branches/SAMBA_3_2/source/nsswitch/winbindd_dual.c === --- branches/SAMBA_3_2/source/nsswitch/winbindd_dual.c 2007-08-29 12:39:58 UTC (rev 24777) +++ branches/SAMBA_3_2/source/nsswitch/winbindd_dual.c 2007-08-29 12:43:23 UTC (rev 24778) @@ -579,9 +579,9 @@ } for (child = children; child != NULL; child = child-next) { - /* Don't send message to idmap child. We've already + /* Don't send message to internal childs. We've already done so above. */ - if (!child-domain || (child == idmap_child())) { + if (!child-domain || winbindd_internal_child(child)) { continue; } @@ -655,8 +655,8 @@ } for (child = children; child != NULL; child = child-next) { - /* Don't send message to idmap child. */ - if (!child-domain || (child == idmap_child())) { + /* Don't send message to internal childs. */ + if (!child-domain || winbindd_internal_child(child)) { continue; } Modified: branches/SAMBA_3_2/source/nsswitch/winbindd_misc.c === --- branches/SAMBA_3_2/source/nsswitch/winbindd_misc.c 2007-08-29 12:39:58 UTC (rev 24777) +++ branches/SAMBA_3_2/source/nsswitch/winbindd_misc.c 2007-08-29 12:43:23 UTC (rev 24778) @@ -270,6 +270,18 @@ return WINBINDD_OK; } +static struct winbindd_child static_locator_child; + +void init_locator_child(void) +{ + setup_domain_child(NULL, static_locator_child, locator); +} + +struct winbindd_child *locator_child(void) +{ + return static_locator_child; +} + void winbindd_dsgetdcname(struct winbindd_cli_state *state) { state-request.domain_name @@ -278,7 +290,7 @@ DEBUG(3, ([%5lu]: DsGetDcName for %s\n, (unsigned long)state-pid, state-request.domain_name)); - sendto_domain(state, find_our_domain()); + sendto_child(state, locator_child()); } enum winbindd_result winbindd_dual_dsgetdcname(struct winbindd_domain *domain, @@ -603,3 +615,4 @@ request_ok(state); } + Modified: branches/SAMBA_3_2/source/nsswitch/winbindd_util.c === --- branches/SAMBA_3_2/source/nsswitch/winbindd_util.c 2007-08-29 12:39:58 UTC (rev 24777) +++ branches/SAMBA_3_2/source/nsswitch/winbindd_util.c 2007-08-29 12:43:23 UTC (rev 24778) @@ -1353,3 +1353,15 @@ return True; } + +/* + / + +BOOL winbindd_internal_child(struct winbindd_child *child) +{ + if (child == idmap_child() || child == locator_child()) { + return True; + } + + return False; +} Modified: branches/SAMBA_3_2_0/source/nsswitch/winbindd.c === --- branches/SAMBA_3_2_0/source/nsswitch/winbindd.c 2007-08-29 12:39:58 UTC (rev 24777) +++ branches/SAMBA_3_2_0/source/nsswitch/winbindd.c 2007-08-29 12:43:23 UTC (rev 24778) @@ -1153,6 +1153,7 @@ } init_idmap_child(); + init_locator_child(); smb_nscd_flush_user_cache(); smb_nscd_flush_group_cache(); Modified: branches/SAMBA_3_2_0/source/nsswitch/winbindd_dual.c === --- branches/SAMBA_3_2_0/source/nsswitch/winbindd_dual.c2007-08-29 12:39:58 UTC (rev 24777) +++ branches/SAMBA_3_2_0/source/nsswitch/winbindd_dual.c2007-08-29 12:43:23 UTC (rev
svn commit: samba r24779 - in branches/SAMBA_4_0/source/librpc/idl: .
Author: sahlberg Date: 2007-08-29 12:51:46 + (Wed, 29 Aug 2007) New Revision: 24779 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24779 Log: add 11 specific access rights that applies to accessmasks for User objects on the samr pipe. 8 of these bits : get name etc get locale get loc com set attributes change password set password get groups comes from wireshark/ethereal where they were added Aug 21 2002 http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk/epan/dissectors/packet-dcerpc-samr.c?r1=5987r2=6054 3 bits : get attributes get group membership change group membership also come from wireshark/ethereal where they were added Jul 24 2003 http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk/epan/dissectors/packet-dcerpc-samr.c?r1=8022r2=8080 Modified: branches/SAMBA_4_0/source/librpc/idl/samr.idl Changeset: Modified: branches/SAMBA_4_0/source/librpc/idl/samr.idl === --- branches/SAMBA_4_0/source/librpc/idl/samr.idl 2007-08-29 12:43:23 UTC (rev 24778) +++ branches/SAMBA_4_0/source/librpc/idl/samr.idl 2007-08-29 12:51:46 UTC (rev 24779) @@ -51,6 +51,20 @@ } samr_ConnectAccessMask; typedef [bitmap32bit] bitmap { + USER_ACCESS_GET_NAME_ETC = 0x0001, + USER_ACCESS_GET_LOCALE = 0x0002, + USER_ACCESS_SET_LOC_COM = 0x0004, + USER_ACCESS_GET_LOGONINFO= 0x0008, + USER_ACCESS_GET_ATTRIBUTES = 0x0010, + USER_ACCESS_SET_ATTRIBUTES = 0x0020, + USER_ACCESS_CHANGE_PASSWORD = 0x0040, + USER_ACCESS_SET_PASSWORD = 0x0080, + USER_ACCESS_GET_GROUPS = 0x0100, + USER_ACCESS_GET_GROUP_MEMBERSHIP = 0x0200, + USER_ACCESS_CHANGE_GROUP_MEMBERSHIP = 0x0400 + } samr_UserAccessMask; + + typedef [bitmap32bit] bitmap { DOMAIN_ACCESS_LOOKUP_INFO_1 = 0x0001, DOMAIN_ACCESS_SET_INFO_1 = 0x0002, DOMAIN_ACCESS_LOOKUP_INFO_2 = 0x0004, @@ -316,7 +330,7 @@ NTSTATUS samr_CreateUser( [in,ref] policy_handle *domain_handle, [in,ref] lsa_String *account_name, - [in] uint32 access_mask, + [in] samr_UserAccessMask access_mask, [out,ref] policy_handle *user_handle, [out,ref] uint32 *rid ); @@ -591,7 +605,7 @@ /* Function0x22 */ [public] NTSTATUS samr_OpenUser( [in,ref] policy_handle *domain_handle, - [in] uint32 access_mask, + [in] samr_UserAccessMask access_mask, [in] uint32 rid, [out,ref] policy_handle *user_handle ); @@ -1099,7 +1113,7 @@ [in,ref] policy_handle *domain_handle, [in,ref] lsa_String *account_name, [in] samr_AcctFlags acct_flags, - [in] uint32 access_mask, + [in] samr_UserAccessMask access_mask, [out,ref] policy_handle *user_handle, [out,ref] uint32 *access_granted, [out,ref] uint32 *rid
svn commit: samba r24776 - in branches: SAMBA_3_2/source/libsmb SAMBA_3_2_0/source/libsmb
Author: gd Date: 2007-08-29 12:35:20 + (Wed, 29 Aug 2007) New Revision: 24776 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24776 Log: Remove accidentially commited flag checks. Guenther Modified: branches/SAMBA_3_2/source/libsmb/dsgetdcname.c branches/SAMBA_3_2_0/source/libsmb/dsgetdcname.c Changeset: Modified: branches/SAMBA_3_2/source/libsmb/dsgetdcname.c === --- branches/SAMBA_3_2/source/libsmb/dsgetdcname.c 2007-08-29 12:22:15 UTC (rev 24775) +++ branches/SAMBA_3_2/source/libsmb/dsgetdcname.c 2007-08-29 12:35:20 UTC (rev 24776) @@ -71,14 +71,6 @@ DEBUGADD(lvl,(DS_AVOID_SELF )); if (flags DS_ONLY_LDAP_NEEDED) DEBUGADD(lvl,(DS_ONLY_LDAP_NEEDED )); - if (flags 0x0001) - DEBUGADD(lvl,(0x0001 )); - if (flags 0x0002) - DEBUGADD(lvl,(0x0002 )); - if (flags 0x0004) - DEBUGADD(lvl,(0x0004 )); - if (flags 0x0008) - DEBUGADD(lvl,(0x0008 )); if (flags DS_IS_FLAT_NAME) DEBUGADD(lvl,(DS_IS_FLAT_NAME )); if (flags DS_IS_DNS_NAME) Modified: branches/SAMBA_3_2_0/source/libsmb/dsgetdcname.c === --- branches/SAMBA_3_2_0/source/libsmb/dsgetdcname.c2007-08-29 12:22:15 UTC (rev 24775) +++ branches/SAMBA_3_2_0/source/libsmb/dsgetdcname.c2007-08-29 12:35:20 UTC (rev 24776) @@ -71,14 +71,6 @@ DEBUGADD(lvl,(DS_AVOID_SELF )); if (flags DS_ONLY_LDAP_NEEDED) DEBUGADD(lvl,(DS_ONLY_LDAP_NEEDED )); - if (flags 0x0001) - DEBUGADD(lvl,(0x0001 )); - if (flags 0x0002) - DEBUGADD(lvl,(0x0002 )); - if (flags 0x0004) - DEBUGADD(lvl,(0x0004 )); - if (flags 0x0008) - DEBUGADD(lvl,(0x0008 )); if (flags DS_IS_FLAT_NAME) DEBUGADD(lvl,(DS_IS_FLAT_NAME )); if (flags DS_IS_DNS_NAME)
svn commit: samba r24780 - in branches/SAMBA_4_0: . source source/auth/gensec source/dsdb/samdb/ldb_modules source/include source/ldap_server source/lib/charset source/lib/stream source/lib/util sourc
Author: jelmer Date: 2007-08-29 13:07:03 + (Wed, 29 Aug 2007) New Revision: 24780 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24780 Log: More work allowing libutil to be used by external users. Added: branches/SAMBA_4_0/source/lib/util/data_blob.h branches/SAMBA_4_0/source/lib/util/time.h Modified: branches/SAMBA_4_0/ branches/SAMBA_4_0/source/auth/gensec/socket.c branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/password_hash.c branches/SAMBA_4_0/source/headermap.txt branches/SAMBA_4_0/source/include/core.h branches/SAMBA_4_0/source/ldap_server/ldap_server.c branches/SAMBA_4_0/source/lib/charset/charcnv.c branches/SAMBA_4_0/source/lib/charset/charset.h branches/SAMBA_4_0/source/lib/stream/packet.c branches/SAMBA_4_0/source/lib/util/config.mk branches/SAMBA_4_0/source/lib/util/data_blob.c branches/SAMBA_4_0/source/lib/util/util.h branches/SAMBA_4_0/source/lib/util/xfile.h branches/SAMBA_4_0/source/libcli/smb2/create.c branches/SAMBA_4_0/source/librpc/rpc/dcerpc.c branches/SAMBA_4_0/source/librpc/rpc/dcerpc_smb2.c branches/SAMBA_4_0/source/param/loadparm.c branches/SAMBA_4_0/source/rpc_server/dcesrv_auth.c branches/SAMBA_4_0/source/web_server/http.c branches/SAMBA_4_0/source/web_server/web_server.c Changeset: Sorry, the patch is too large (1665 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24780
svn commit: samba r24781 - in branches: SAMBA_3_2/source/web SAMBA_3_2_0/source/web
Author: gd Date: 2007-08-29 13:52:07 + (Wed, 29 Aug 2007) New Revision: 24781 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24781 Log: Fix build warning. Guenther Modified: branches/SAMBA_3_2/source/web/statuspage.c branches/SAMBA_3_2_0/source/web/statuspage.c Changeset: Modified: branches/SAMBA_3_2/source/web/statuspage.c === --- branches/SAMBA_3_2/source/web/statuspage.c 2007-08-29 13:07:03 UTC (rev 24780) +++ branches/SAMBA_3_2/source/web/statuspage.c 2007-08-29 13:52:07 UTC (rev 24781) @@ -56,7 +56,7 @@ } /* add new PID - Machine name mapping */ -static void addPid2Machine (struct server_id pid, char *machine) +static void addPid2Machine (struct server_id pid, const char *machine) { /* show machine name rather PID on table Open Files? */ if (PID_or_Machine) { Modified: branches/SAMBA_3_2_0/source/web/statuspage.c === --- branches/SAMBA_3_2_0/source/web/statuspage.c2007-08-29 13:07:03 UTC (rev 24780) +++ branches/SAMBA_3_2_0/source/web/statuspage.c2007-08-29 13:52:07 UTC (rev 24781) @@ -56,7 +56,7 @@ } /* add new PID - Machine name mapping */ -static void addPid2Machine (struct server_id pid, char *machine) +static void addPid2Machine (struct server_id pid, const char *machine) { /* show machine name rather PID on table Open Files? */ if (PID_or_Machine) {
svn commit: samba r24782 - in branches: SAMBA_3_2/source/libsmb SAMBA_3_2_0/source/libsmb
Author: vlendec Date: 2007-08-29 13:56:52 + (Wed, 29 Aug 2007) New Revision: 24782 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24782 Log: Fix C++ warnings Modified: branches/SAMBA_3_2/source/libsmb/dsgetdcname.c branches/SAMBA_3_2_0/source/libsmb/dsgetdcname.c Changeset: Modified: branches/SAMBA_3_2/source/libsmb/dsgetdcname.c === --- branches/SAMBA_3_2/source/libsmb/dsgetdcname.c 2007-08-29 13:52:07 UTC (rev 24781) +++ branches/SAMBA_3_2/source/libsmb/dsgetdcname.c 2007-08-29 13:56:52 UTC (rev 24782) @@ -235,7 +235,8 @@ memcpy(guid_flat.info, guid_buf, guid_len); smb_uuid_unpack(guid_flat, guid); - info-domain_guid = talloc_memdup(mem_ctx, guid, sizeof(guid)); + info-domain_guid = (struct GUID *)talloc_memdup( + mem_ctx, guid, sizeof(guid)); if (!info-domain_guid) { goto failed; } @@ -694,8 +695,8 @@ info-domain_controller_address_type = domain_controller_address_type; if (domain_guid) { - info-domain_guid = talloc_memdup(mem_ctx, domain_guid, - sizeof(*domain_guid)); + info-domain_guid = (struct GUID *)talloc_memdup( + mem_ctx, domain_guid, sizeof(*domain_guid)); NT_STATUS_HAVE_NO_MEMORY(info-domain_guid); } Modified: branches/SAMBA_3_2_0/source/libsmb/dsgetdcname.c === --- branches/SAMBA_3_2_0/source/libsmb/dsgetdcname.c2007-08-29 13:52:07 UTC (rev 24781) +++ branches/SAMBA_3_2_0/source/libsmb/dsgetdcname.c2007-08-29 13:56:52 UTC (rev 24782) @@ -235,7 +235,8 @@ memcpy(guid_flat.info, guid_buf, guid_len); smb_uuid_unpack(guid_flat, guid); - info-domain_guid = talloc_memdup(mem_ctx, guid, sizeof(guid)); + info-domain_guid = (struct GUID *)talloc_memdup( + mem_ctx, guid, sizeof(guid)); if (!info-domain_guid) { goto failed; } @@ -694,8 +695,8 @@ info-domain_controller_address_type = domain_controller_address_type; if (domain_guid) { - info-domain_guid = talloc_memdup(mem_ctx, domain_guid, - sizeof(*domain_guid)); + info-domain_guid = (struct GUID *)talloc_memdup( + mem_ctx, domain_guid, sizeof(*domain_guid)); NT_STATUS_HAVE_NO_MEMORY(info-domain_guid); }
svn commit: samba r24783 - in branches: SAMBA_3_2/source/libgpo SAMBA_3_2/source/utils SAMBA_3_2_0/source/libgpo SAMBA_3_2_0/source/utils
Author: gd Date: 2007-08-29 14:08:29 + (Wed, 29 Aug 2007) New Revision: 24783 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24783 Log: Remove unused off_t type. Guenther Modified: branches/SAMBA_3_2/source/libgpo/gpo_filesync.c branches/SAMBA_3_2/source/utils/net_rpc_printer.c branches/SAMBA_3_2_0/source/libgpo/gpo_filesync.c branches/SAMBA_3_2_0/source/utils/net_rpc_printer.c Changeset: Modified: branches/SAMBA_3_2/source/libgpo/gpo_filesync.c === --- branches/SAMBA_3_2/source/libgpo/gpo_filesync.c 2007-08-29 13:56:52 UTC (rev 24782) +++ branches/SAMBA_3_2/source/libgpo/gpo_filesync.c 2007-08-29 14:08:29 UTC (rev 24783) @@ -44,7 +44,6 @@ char *data = NULL; static int io_bufsize = 64512; int read_size = io_bufsize; - off_t start = 0; off_t nread = 0; if ((fnum = cli_open(cli, nt_path, O_RDONLY, DENY_NONE)) == -1) { @@ -64,7 +63,7 @@ while (1) { - int n = cli_read(cli, fnum, data, nread + start, read_size); + int n = cli_read(cli, fnum, data, nread, read_size); if (n = 0) break; Modified: branches/SAMBA_3_2/source/utils/net_rpc_printer.c === --- branches/SAMBA_3_2/source/utils/net_rpc_printer.c 2007-08-29 13:56:52 UTC (rev 24782) +++ branches/SAMBA_3_2/source/utils/net_rpc_printer.c 2007-08-29 14:08:29 UTC (rev 24783) @@ -333,7 +333,6 @@ static int io_bufsize = 64512; int read_size = io_bufsize; char *data = NULL; - off_t start = 0; off_t nread = 0; @@ -401,14 +400,14 @@ /* copying file */ int n, ret; - n = cli_read(cli_share_src, fnum_src, data, nread + start, + n = cli_read(cli_share_src, fnum_src, data, nread, read_size); if (n = 0) break; ret = cli_write(cli_share_dst, fnum_dst, 0, data, - nread + start, n); + nread, n); if (n != ret) { d_fprintf(stderr, Error writing file: %s\n, Modified: branches/SAMBA_3_2_0/source/libgpo/gpo_filesync.c === --- branches/SAMBA_3_2_0/source/libgpo/gpo_filesync.c 2007-08-29 13:56:52 UTC (rev 24782) +++ branches/SAMBA_3_2_0/source/libgpo/gpo_filesync.c 2007-08-29 14:08:29 UTC (rev 24783) @@ -44,7 +44,6 @@ char *data = NULL; static int io_bufsize = 64512; int read_size = io_bufsize; - off_t start = 0; off_t nread = 0; if ((fnum = cli_open(cli, nt_path, O_RDONLY, DENY_NONE)) == -1) { @@ -64,7 +63,7 @@ while (1) { - int n = cli_read(cli, fnum, data, nread + start, read_size); + int n = cli_read(cli, fnum, data, nread, read_size); if (n = 0) break; Modified: branches/SAMBA_3_2_0/source/utils/net_rpc_printer.c === --- branches/SAMBA_3_2_0/source/utils/net_rpc_printer.c 2007-08-29 13:56:52 UTC (rev 24782) +++ branches/SAMBA_3_2_0/source/utils/net_rpc_printer.c 2007-08-29 14:08:29 UTC (rev 24783) @@ -333,7 +333,6 @@ static int io_bufsize = 64512; int read_size = io_bufsize; char *data = NULL; - off_t start = 0; off_t nread = 0; @@ -401,14 +400,14 @@ /* copying file */ int n, ret; - n = cli_read(cli_share_src, fnum_src, data, nread + start, + n = cli_read(cli_share_src, fnum_src, data, nread, read_size); if (n = 0) break; ret = cli_write(cli_share_dst, fnum_dst, 0, data, - nread + start, n); + nread, n); if (n != ret) { d_fprintf(stderr, Error writing file: %s\n,
svn commit: samba r24784 - in branches: SAMBA_3_2/source/rpc_client SAMBA_3_2_0/source/rpc_client
Author: obnox Date: 2007-08-29 14:34:15 + (Wed, 29 Aug 2007) New Revision: 24784 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24784 Log: Initialize uninitalized data to prevent segfaults. Thanks to Volker for the hint! Michael Modified: branches/SAMBA_3_2/source/rpc_client/cli_lsarpc.c branches/SAMBA_3_2_0/source/rpc_client/cli_lsarpc.c Changeset: Modified: branches/SAMBA_3_2/source/rpc_client/cli_lsarpc.c === --- branches/SAMBA_3_2/source/rpc_client/cli_lsarpc.c 2007-08-29 14:08:29 UTC (rev 24783) +++ branches/SAMBA_3_2/source/rpc_client/cli_lsarpc.c 2007-08-29 14:34:15 UTC (rev 24784) @@ -182,6 +182,11 @@ /* Return output parameters */ if (r.mapped_count == 0) { + for (i = 0; i num_sids; i++) { + (names)[i] = NULL; + (domains)[i] = NULL; + (types)[i] = SID_NAME_UNKNOWN; + } result = NT_STATUS_NONE_MAPPED; goto done; } Modified: branches/SAMBA_3_2_0/source/rpc_client/cli_lsarpc.c === --- branches/SAMBA_3_2_0/source/rpc_client/cli_lsarpc.c 2007-08-29 14:08:29 UTC (rev 24783) +++ branches/SAMBA_3_2_0/source/rpc_client/cli_lsarpc.c 2007-08-29 14:34:15 UTC (rev 24784) @@ -182,6 +182,11 @@ /* Return output parameters */ if (r.mapped_count == 0) { + for (i = 0; i num_sids; i++) { + (names)[i] = NULL; + (domains)[i] = NULL; + (types)[i] = SID_NAME_UNKNOWN; + } result = NT_STATUS_NONE_MAPPED; goto done; }
svn commit: samba r24785 - in branches: SAMBA_3_2/source/nsswitch SAMBA_3_2_0/source/nsswitch
Author: gd Date: 2007-08-29 14:35:32 + (Wed, 29 Aug 2007) New Revision: 24785 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24785 Log: Put checks in parentheses. Guenther Modified: branches/SAMBA_3_2/source/nsswitch/winbindd_util.c branches/SAMBA_3_2_0/source/nsswitch/winbindd_util.c Changeset: Modified: branches/SAMBA_3_2/source/nsswitch/winbindd_util.c === --- branches/SAMBA_3_2/source/nsswitch/winbindd_util.c 2007-08-29 14:34:15 UTC (rev 24784) +++ branches/SAMBA_3_2/source/nsswitch/winbindd_util.c 2007-08-29 14:35:32 UTC (rev 24785) @@ -1359,7 +1359,7 @@ BOOL winbindd_internal_child(struct winbindd_child *child) { - if (child == idmap_child() || child == locator_child()) { + if ((child == idmap_child()) || (child == locator_child())) { return True; } Modified: branches/SAMBA_3_2_0/source/nsswitch/winbindd_util.c === --- branches/SAMBA_3_2_0/source/nsswitch/winbindd_util.c2007-08-29 14:34:15 UTC (rev 24784) +++ branches/SAMBA_3_2_0/source/nsswitch/winbindd_util.c2007-08-29 14:35:32 UTC (rev 24785) @@ -1407,7 +1407,7 @@ BOOL winbindd_internal_child(struct winbindd_child *child) { - if (child == idmap_child() || child == locator_child()) { + if ((child == idmap_child()) || (child == locator_child())) { return True; }
svn commit: samba r24786 - in branches: SAMBA_3_2/source/nsswitch SAMBA_3_2_0/source/nsswitch
Author: gd Date: 2007-08-29 14:50:04 + (Wed, 29 Aug 2007) New Revision: 24786 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24786 Log: Fix another build warning. Guenther Modified: branches/SAMBA_3_2/source/nsswitch/pam_winbind.c branches/SAMBA_3_2_0/source/nsswitch/pam_winbind.c Changeset: Modified: branches/SAMBA_3_2/source/nsswitch/pam_winbind.c === --- branches/SAMBA_3_2/source/nsswitch/pam_winbind.c2007-08-29 14:35:32 UTC (rev 24785) +++ branches/SAMBA_3_2/source/nsswitch/pam_winbind.c2007-08-29 14:50:04 UTC (rev 24786) @@ -14,13 +14,13 @@ #define _PAM_LOG_FUNCTION_ENTER(function, pamh, ctrl, flags) \ do { \ - _pam_log_debug(pamh, ctrl, LOG_DEBUG, [pamh: 0x%08x] ENTER: function (flags: 0x%04x), (uint32) pamh, flags); \ + _pam_log_debug(pamh, ctrl, LOG_DEBUG, [pamh: %p] ENTER: function (flags: 0x%04x), pamh, flags); \ _pam_log_state(pamh, ctrl); \ } while (0) #define _PAM_LOG_FUNCTION_LEAVE(function, pamh, ctrl, retval) \ do { \ - _pam_log_debug(pamh, ctrl, LOG_DEBUG, [pamh: 0x%08x] LEAVE: function returning %d, (uint32) pamh, retval); \ + _pam_log_debug(pamh, ctrl, LOG_DEBUG, [pamh: %p] LEAVE: function returning %d, pamh, retval); \ _pam_log_state(pamh, ctrl); \ } while (0) @@ -143,9 +143,9 @@ if (data != NULL) { const char *type = (item_type != 0) ? ITEM : DATA; if (is_string != 0) { - _pam_log_debug(pamh, ctrl, LOG_DEBUG, [pamh: 0x%08x] STATE: %s(%s) = \%s\ (0x%08x), (uint32) pamh, type, key, (const char *) data, (uint32) data); + _pam_log_debug(pamh, ctrl, LOG_DEBUG, [pamh: %p] STATE: %s(%s) = \%s\ (%p), pamh, type, key, (const char *) data, data); } else { - _pam_log_debug(pamh, ctrl, LOG_DEBUG, [pamh: 0x%08x] STATE: %s(%s) = 0x%08x, (uint32) pamh, type, key, (uint32) data); + _pam_log_debug(pamh, ctrl, LOG_DEBUG, [pamh: %p] STATE: %s(%s) = %p, pamh, type, key, data); } } } @@ -319,7 +319,7 @@ { int ctrl = _pam_parse(pamh, 0, 0, NULL, NULL); if (_pam_log_is_debug_state_enabled(ctrl)) { - _pam_log_debug(pamh, ctrl, LOG_DEBUG, [pamh: 0x%08x] CLEAN: cleaning up PAM data 0x%08x (error_status = %d), (uint32) pamh, (uint32) data, error_status); + _pam_log_debug(pamh, ctrl, LOG_DEBUG, [pamh: %p] CLEAN: cleaning up PAM data %p (error_status = %d), pamh, data, error_status); } SAFE_FREE(data); } Modified: branches/SAMBA_3_2_0/source/nsswitch/pam_winbind.c === --- branches/SAMBA_3_2_0/source/nsswitch/pam_winbind.c 2007-08-29 14:35:32 UTC (rev 24785) +++ branches/SAMBA_3_2_0/source/nsswitch/pam_winbind.c 2007-08-29 14:50:04 UTC (rev 24786) @@ -14,13 +14,13 @@ #define _PAM_LOG_FUNCTION_ENTER(function, pamh, ctrl, flags) \ do { \ - _pam_log_debug(pamh, ctrl, LOG_DEBUG, [pamh: 0x%08x] ENTER: function (flags: 0x%04x), (uint32) pamh, flags); \ + _pam_log_debug(pamh, ctrl, LOG_DEBUG, [pamh: %p] ENTER: function (flags: 0x%04x), pamh, flags); \ _pam_log_state(pamh, ctrl); \ } while (0) #define _PAM_LOG_FUNCTION_LEAVE(function, pamh, ctrl, retval) \ do { \ - _pam_log_debug(pamh, ctrl, LOG_DEBUG, [pamh: 0x%08x] LEAVE: function returning %d, (uint32) pamh, retval); \ + _pam_log_debug(pamh, ctrl, LOG_DEBUG, [pamh: %p] LEAVE: function returning %d, pamh, retval); \ _pam_log_state(pamh, ctrl); \ } while (0) @@ -143,9 +143,9 @@ if (data != NULL) { const char *type = (item_type != 0) ? ITEM : DATA; if (is_string != 0) { - _pam_log_debug(pamh, ctrl, LOG_DEBUG, [pamh: 0x%08x] STATE: %s(%s) = \%s\ (0x%08x), (uint32) pamh, type, key, (const char *) data, (uint32) data); + _pam_log_debug(pamh, ctrl, LOG_DEBUG, [pamh: %p] STATE: %s(%s) = \%s\ (%p), pamh, type, key, (const char *) data, data); } else { - _pam_log_debug(pamh, ctrl, LOG_DEBUG, [pamh: 0x%08x] STATE: %s(%s) = 0x%08x, (uint32) pamh, type, key, (uint32) data); + _pam_log_debug(pamh, ctrl, LOG_DEBUG, [pamh: %p] STATE: %s(%s) = %p, pamh, type, key, data); } } } @@ -319,7 +319,7 @@ { int ctrl = _pam_parse(pamh, 0, 0, NULL, NULL); if (_pam_log_is_debug_state_enabled(ctrl)) { - _pam_log_debug(pamh, ctrl, LOG_DEBUG, [pamh: 0x%08x] CLEAN: cleaning up PAM data 0x%08x (error_status = %d), (uint32) pamh, (uint32) data, error_status); + _pam_log_debug(pamh, ctrl,
svn commit: samba-docs r1167 - in trunk/smbdotconf/security: .
Author: jerry Date: 2007-08-29 15:41:57 + (Wed, 29 Aug 2007) New Revision: 1167 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=1167 Log: Add comment about the %o variable not generally being available Modified: trunk/smbdotconf/security/passwdchat.xml Changeset: Modified: trunk/smbdotconf/security/passwdchat.xml === --- trunk/smbdotconf/security/passwdchat.xml2007-08-23 20:43:59 UTC (rev 1166) +++ trunk/smbdotconf/security/passwdchat.xml2007-08-29 15:41:57 UTC (rev 1167) @@ -1,6 +1,6 @@ samba:parameter name=passwd chat context=G -type=string +type=string advanced=1 developer=1 xmlns:samba=http://www.samba.org/samba/DTD/samba-doc; description @@ -27,14 +27,18 @@ be executed on the NIS master. /para +paraThe string can contain the macro parameter +moreinfo=none%n/parameter which is substituted +for the new password. The old passsword (parameter +moreinfo=none%o/parameter) is only available when +smbconfoption name=encrypt passwords/ has been disabled. +The chat sequence can also contain the standard macros +\n, \r, \t and \s to give line-feed, carriage-return, tab +and space. The chat sequence string can also contain +a '*' which matches any sequence of characters. Double quotes can +be used to collect strings with spaces in them into a single +string./para -paraThe string can contain the macro parameter moreinfo=none%n/parameter which is substituted -for the new password. The chat sequence can also contain the standard -macros \n, \r, \t and \s to -give line-feed, carriage-return, tab and space. The chat sequence string can also contain -a '*' which matches any sequence of characters. Double quotes can be used to collect strings with spaces -in them into a single string./para - paraIf the send string in any part of the chat sequence is a full stop quot;.quot;, then no string is sent. Similarly, if the expect string is a full stop then no string is expected./para @@ -52,5 +56,5 @@ relatedpam password change/related value type=default*new*password* %n\n*new*password* %n\n *changed*/value -value type=examplequot;*Enter OLD password*quot; %o\n quot;*Enter NEW password*quot; %n\n quot;*Reenter NEW password*quot; %n\n quot;*Password changed*quot;/value +value type=examplequot;*Enter NEW password*quot; %n\n quot;*Reenter NEW password*quot; %n\n quot;*Password changed*quot;/value /samba:parameter
svn commit: samba r24787 - in branches/SAMBA_3_2_0/source: rpc_parse utils
Author: jra Date: 2007-08-29 17:14:54 + (Wed, 29 Aug 2007) New Revision: 24787 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24787 Log: Janitor for Mimir. Mimir, you checked into SAMBA_3_2 and SAMBA_3_0 - this second branch is defunct. You should be checking into SAMBA_3_2_0 instead - this is what we will be shipping as 3.2.0. Jeremy. Use infolevel 25 to set the machine account's password (just like winxp). This correctly updates pwdLastSet field on win2k3 server. Modified: branches/SAMBA_3_2_0/source/rpc_parse/parse_samr.c branches/SAMBA_3_2_0/source/utils/net_domain.c Changeset: Modified: branches/SAMBA_3_2_0/source/rpc_parse/parse_samr.c === --- branches/SAMBA_3_2_0/source/rpc_parse/parse_samr.c 2007-08-29 14:50:04 UTC (rev 24786) +++ branches/SAMBA_3_2_0/source/rpc_parse/parse_samr.c 2007-08-29 17:14:54 UTC (rev 24787) @@ -5860,6 +5860,25 @@ } } + +/* + init_samr_user_info25P + fields_present = ACCT_NT_PWD_SET | ACCT_LM_PWD_SET | ACCT_FLAGS +*/ + +void init_sam_user_info25P(SAM_USER_INFO_25 * usr, + uint32 fields_present, uint32 acb_info, + char newpass[532]) +{ + usr-fields_present = fields_present; + ZERO_STRUCT(usr-padding1); + ZERO_STRUCT(usr-padding2); + + usr-acb_info = acb_info; + memcpy(usr-pass, newpass, sizeof(usr-pass)); +} + + /*** reads or writes a structure. / Modified: branches/SAMBA_3_2_0/source/utils/net_domain.c === --- branches/SAMBA_3_2_0/source/utils/net_domain.c 2007-08-29 14:50:04 UTC (rev 24786) +++ branches/SAMBA_3_2_0/source/utils/net_domain.c 2007-08-29 17:14:54 UTC (rev 24787) @@ -208,10 +208,14 @@ uint32 num_rids, *name_types, *user_rids; uint32 flags = 0x3e8; uint32 acb_info = ACB_WSTRUST; - uchar pwbuf[516]; + uint32 fields_present; + uchar pwbuf[532]; SAM_USERINFO_CTR ctr; - SAM_USER_INFO_24 p24; - SAM_USER_INFO_16 p16; + SAM_USER_INFO_25 p25; + const int infolevel = 25; + struct MD5Context md5ctx; + uchar md5buffer[16]; + DATA_BLOB digested_session_key; uchar md4_trust_password[16]; /* Open the domain */ @@ -282,24 +286,49 @@ status = rpccli_samr_open_user(pipe_hnd, mem_ctx, domain_pol, SEC_RIGHTS_MAXIMUM_ALLOWED, user_rid, user_pol); + if (!NT_STATUS_IS_OK(status)) { + return status; + } - /* Create a random machine account password */ + /* Create a random machine account password and generate the hash */ - E_md4hash( clear_pw, md4_trust_password); + E_md4hash(clear_pw, md4_trust_password); encode_pw_buffer(pwbuf, clear_pw, STR_UNICODE); + + generate_random_buffer((uint8*)md5buffer, sizeof(md5buffer)); + digested_session_key = data_blob_talloc(mem_ctx, 0, 16); + + MD5Init(md5ctx); + MD5Update(md5ctx, md5buffer, sizeof(md5buffer)); + MD5Update(md5ctx, cli-user_session_key.data, cli-user_session_key.length); + MD5Final(digested_session_key.data, md5ctx); + + SamOEMhashBlob(pwbuf, sizeof(pwbuf), digested_session_key); + memcpy(pwbuf[516], md5buffer, sizeof(md5buffer)); - /* Set password on machine account */ + /* Fill in the additional account flags now */ + acb_info |= ACB_PWNOEXP; + if ( dom_type == ND_TYPE_AD ) { +#if !defined(ENCTYPE_ARCFOUR_HMAC) + acb_info |= ACB_USE_DES_KEY_ONLY; +#endif + ;; + } + + /* Set password and account flags on machine account */ + ZERO_STRUCT(ctr); - ZERO_STRUCT(p24); + ZERO_STRUCT(p25); - init_sam_user_info24(p24, (char *)pwbuf,24); + fields_present = ACCT_NT_PWD_SET | ACCT_LM_PWD_SET | ACCT_FLAGS; + init_sam_user_info25P(p25, fields_present, acb_info, (char *)pwbuf); - ctr.switch_value = 24; - ctr.info.id24 = p24; + ctr.switch_value = infolevel; + ctr.info.id25= p25; - status = rpccli_samr_set_userinfo(pipe_hnd, mem_ctx, user_pol, - 24, cli-user_session_key, ctr); + status = rpccli_samr_set_userinfo2(pipe_hnd, mem_ctx, user_pol, + infolevel, cli-user_session_key, ctr); if ( !NT_STATUS_IS_OK(status) ) { d_fprintf( stderr, Failed to set password for machine account (%s)\n, @@ -307,35 +336,6 @@ return status; } - - /* Why do we have to try
svn commit: samba r24788 - in branches: SAMBA_3_2/source SAMBA_3_2_0/source
Author: jerry Date: 2007-08-29 19:03:20 + (Wed, 29 Aug 2007) New Revision: 24788 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24788 Log: Cleanup some linking msgs and remove references to libmsrpc in SAMBA_3_2_0 Modified: branches/SAMBA_3_2/source/Makefile.in branches/SAMBA_3_2_0/source/Makefile.in Changeset: Modified: branches/SAMBA_3_2/source/Makefile.in === --- branches/SAMBA_3_2/source/Makefile.in 2007-08-29 17:14:54 UTC (rev 24787) +++ branches/SAMBA_3_2/source/Makefile.in 2007-08-29 19:03:20 UTC (rev 24788) @@ -187,7 +187,7 @@ bin/[EMAIL PROTECTED]@ bin/[EMAIL PROTECTED]@ \ bin/[EMAIL PROTECTED]@ bin/[EMAIL PROTECTED]@ bin/[EMAIL PROTECTED]@ -SHLIBS = @LIBSMBCLIENT@ @LIBSMBSHAREMODES@ @LIBMSRPC@ @LIBADDNS@ +SHLIBS = @LIBSMBCLIENT@ @LIBSMBSHAREMODES@ @LIBADDNS@ PAM_MODULES = @PAM_MODULES@ @@ -1006,9 +1006,6 @@ modules: SHOWFLAGS $(MODULES) -cac: SHOWFLAGS $(LIBMSRPC) - - # ## Perl IDL Compiler IDL_FILES = unixinfo.idl lsa.idl dfs.idl echo.idl winreg.idl initshutdown.idl \ @@ -1352,47 +1349,47 @@ @$(CC) $(FLAGS) -o $@ $(LDBDEL_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) @POPTLIBS@ $(KRB5LIBS) $(UUID_LIBS) $(LDAP_LIBS) $(PASSDB_LIBS) $(TERMLDFLAGS) $(TERMLIBS) $(NSCD_LIBS) bin/[EMAIL PROTECTED]@: $(BINARY_PREREQS) $(LIBADDNS_OBJ) - @echo Linking libaddns shared library $@ + @echo Linking shared library $@ @$(SHLD_DSO) $(LIBADDNS_OBJ) $(LIBS) \ $(KRB5LIBS) $(UUID_LIBS)\ @[EMAIL PROTECTED] [EMAIL PROTECTED](SONAME_VER) bin/libaddns.a: $(BINARY_PREREQS) $(LIBADDNS_OBJ) - @echo Linking libaddns non-shared library $@ + @echo Linking non-shared library $@ @-$(AR) -rc $@ $(LIBADDNS_OBJ) bin/[EMAIL PROTECTED]@: $(BINARY_PREREQS) $(LIBSMBCLIENT_OBJ) - @echo Linking libsmbclient shared library $@ + @echo Linking shared library $@ @$(SHLD_DSO) $(LIBSMBCLIENT_OBJ) $(LIBS) \ $(KRB5LIBS) $(LDAP_LIBS) $(NSCD_LIBS) \ @[EMAIL PROTECTED] [EMAIL PROTECTED](SONAME_VER) bin/libsmbclient.a: $(BINARY_PREREQS) $(LIBSMBCLIENT_OBJ) - @echo Linking libsmbclient non-shared library $@ + @echo Linking non-shared library $@ @-$(AR) -rc $@ $(LIBSMBCLIENT_OBJ) bin/[EMAIL PROTECTED]@: $(BINARY_PREREQS) $(LIBSMBSHAREMODES_OBJ) - @echo Linking libsmbsharemodes shared library $@ + @echo Linking shared library $@ @$(SHLD_DSO) $(LIBSMBSHAREMODES_OBJ) $(LIBS) \ $(KRB5LIBS) $(LDAP_LIBS) \ @[EMAIL PROTECTED] [EMAIL PROTECTED](SONAME_VER) bin/libsmbsharemodes.a: $(BINARY_PREREQS) $(LIBSMBSHAREMODES_OBJ) - @echo Linking libsmbsharemodes non-shared library $@ + @echo Linking non-shared library $@ @-$(AR) -rc $@ $(LIBSMBSHAREMODES_OBJ) bin/[EMAIL PROTECTED]@: $(BINARY_PREREQS) $(CAC_OBJ) - @echo Linking libmsrpc shared library $@ + @echo Linking shared library $@ @$(SHLD_DSO) $(CAC_OBJ) $(LDFLAGS) $(LIBS) \ @[EMAIL PROTECTED] [EMAIL PROTECTED](SONAME_VER) bin/libmsrpc.a: $(BINARY_PREREQS) $(CAC_OBJ) - @echo Linking libmsrpc non-shared library $@ + @echo Linking non-shared library $@ @-$(AR) -rc $@ $(CAC_OBJ) # This is probably wrong for anything other than the GNU linker. bin/[EMAIL PROTECTED]@: $(BINARY_PREREQS) $(LIBBIGBALLOFMUD_OBJ) - @echo Linking bigballofmud shared library $@ + @echo Linking shared library $@ @$(SHLD) $(LDSHFLAGS) -o $@ $(LIBBIGBALLOFMUD_OBJ) $(LIBS) \ $(PASSDB_LIBS) $(IDMAP_LIBS) $(KRB5LIBS) $(LDAP_LIBS) \ @[EMAIL PROTECTED] [EMAIL PROTECTED](LIBBIGBALLOFMUD_MAJOR) @@ -1405,7 +1402,6 @@ libsmbclient: $(LIBSMBCLIENT) libsmbsharemodes: $(LIBSMBSHAREMODES) -libmsrpc: $(LIBMSRPC) libaddns: $(LIBADDNS) # Linker command to link a RPC, VFS, AUTH, CHARSET or PASSDB module. @@ -1744,7 +1740,7 @@ @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(DYNEXP) script/tests/timelimit.o -install: installservers installbin @INSTALL_CIFSMOUNT@ installman installscripts installdat installmodules @SWAT_INSTALL_TARGETS@ @INSTALL_LIBSMBCLIENT@ @INSTALL_LIBMSRPC@ @INSTALL_PAM_MODULES@ @INSTALL_LIBSMBSHAREMODES@ +install: installservers installbin @INSTALL_CIFSMOUNT@ installman installscripts installdat installmodules @SWAT_INSTALL_TARGETS@ @INSTALL_LIBSMBCLIENT@ @INSTALL_PAM_MODULES@ @INSTALL_LIBSMBSHAREMODES@ install-everything: install installmodules @@ -1808,13 +1804,6 @@ @$(SHELL) $(srcdir)/script/installdirs.sh $(INSTALLPERMS_BIN) $(DESTDIR) ${prefix}/include -$(INSTALLCMD) -m $(INSTALLPERMS_DATA) $(srcdir)/include/libsmbclient.h $(DESTDIR)${prefix}/include -installlibmsrpc: installdirs libmsrpc - @$(SHELL)
svn commit: samba r24789 - in branches/SAMBA_3_2/source/utils: .
Author: mimir Date: 2007-08-29 19:55:13 + (Wed, 29 Aug 2007) New Revision: 24789 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24789 Log: Add implementation of machine-authenticated connection to netlogon pipe used when connecting to win2k and newer domain controllers. The server may be configured to deny anonymous netlogon connections which would stop domain join verification step. Still, winnt domains require such smb sessions not to be authenticated using machine credentials. Creds employed in smb session cannot have a username in upn form, so provide the separate function to use machine account. rafal Modified: branches/SAMBA_3_2/source/utils/net.c branches/SAMBA_3_2/source/utils/net_ads.c branches/SAMBA_3_2/source/utils/net_rpc_join.c Changeset: Modified: branches/SAMBA_3_2/source/utils/net.c === --- branches/SAMBA_3_2/source/utils/net.c 2007-08-29 19:03:20 UTC (rev 24788) +++ branches/SAMBA_3_2/source/utils/net.c 2007-08-29 19:55:13 UTC (rev 24789) @@ -341,10 +341,10 @@ } / - Use the local machine's password for this session. + Use the local machine account (upn) and password for this session. / -int net_use_machine_password(void) +int net_use_upn_machine_account(void) { char *user_name = NULL; @@ -353,7 +353,6 @@ exit(1); } - user_name = NULL; opt_password = secrets_fetch_machine_password(opt_target_workgroup, NULL, NULL); if (asprintf(user_name, [EMAIL PROTECTED], global_myname(), lp_realm()) == -1) { return -1; @@ -362,6 +361,27 @@ return 0; } +/ + Use the machine account name and password for this session. +/ + +int net_use_machine_account(void) +{ + char *user_name = NULL; + + if (!secrets_init()) { + d_fprintf(stderr, ERROR: Unable to open secrets database\n); + exit(1); + } + + opt_password = secrets_fetch_machine_password(opt_target_workgroup, NULL, NULL); + if (asprintf(user_name, %s$, global_myname()) == -1) { + return -1; + } + opt_user_name = user_name; + return 0; +} + BOOL net_find_server(const char *domain, unsigned flags, struct in_addr *server_ip, char **server_name) { const char *d = domain ? domain : opt_target_workgroup; @@ -1044,7 +1064,7 @@ /* it is very useful to be able to make ads queries as the machine account for testing purposes and for domain leave */ - net_use_machine_password(); + net_use_upn_machine_account(); } if (!opt_password) { Modified: branches/SAMBA_3_2/source/utils/net_ads.c === --- branches/SAMBA_3_2/source/utils/net_ads.c 2007-08-29 19:03:20 UTC (rev 24788) +++ branches/SAMBA_3_2/source/utils/net_ads.c 2007-08-29 19:55:13 UTC (rev 24789) @@ -882,7 +882,7 @@ return NT_STATUS_ACCESS_DENIED; } - net_use_machine_password(); + net_use_upn_machine_account(); status = ads_startup(True, ads); if (!ADS_ERR_OK(status)) { @@ -2187,7 +2187,7 @@ return -1; } - net_use_machine_password(); + net_use_upn_machine_account(); use_in_memory_ccache(); Modified: branches/SAMBA_3_2/source/utils/net_rpc_join.c === --- branches/SAMBA_3_2/source/utils/net_rpc_join.c 2007-08-29 19:03:20 UTC (rev 24788) +++ branches/SAMBA_3_2/source/utils/net_rpc_join.c 2007-08-29 19:55:13 UTC (rev 24789) @@ -42,14 +42,29 @@ **/ int net_rpc_join_ok(const char *domain, const char *server, struct in_addr *ip ) { + enum security_types sec; + unsigned int conn_flags = NET_FLAGS_PDC; uint32 neg_flags = NETLOGON_NEG_AUTH2_FLAGS|NETLOGON_NEG_SCHANNEL; struct cli_state *cli = NULL; struct rpc_pipe_client *pipe_hnd = NULL; struct rpc_pipe_client *netlogon_pipe = NULL; NTSTATUS ntret = NT_STATUS_UNSUCCESSFUL; + sec = (enum security_types)lp_security(); + + if (sec == SEC_ADS) { + /* Connect to IPC$ using machine account's credentials. We don't use anonymous + connection here, as it may be denied by server's local policy. */ + net_use_machine_account(); + + } else { + /* some servers (e.g. WinNT) don't accept machine-authenticated + smb connections */ + conn_flags |=
svn commit: samba r24790 - in branches/SAMBA_3_0_25/source/smbd: .
Author: jra Date: 2007-08-29 20:36:42 + (Wed, 29 Aug 2007) New Revision: 24790 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24790 Log: Fix logic error in timeout of blocking lock processing found by Volker. If a lock timeout expires, we must check we can get the lock before responding with failure. I'll port this to 3.2.x next. Volker is writing a torture test. Jeremy. Modified: branches/SAMBA_3_0_25/source/smbd/blocking.c Changeset: Modified: branches/SAMBA_3_0_25/source/smbd/blocking.c === --- branches/SAMBA_3_0_25/source/smbd/blocking.c2007-08-29 19:55:13 UTC (rev 24789) +++ branches/SAMBA_3_0_25/source/smbd/blocking.c2007-08-29 20:36:42 UTC (rev 24790) @@ -685,18 +685,14 @@ DEBUG(5,(process_blocking_lock_queue: examining pending lock fnum = %d for file %s\n, fsp-fnum, fsp-fsp_name )); - if (!timeval_is_zero(blr-expire_time) timeval_compare(blr-expire_time, tv_curr) = 0) { + if(!change_to_user(conn,vuid)) { struct byte_range_lock *br_lck = brl_get_locks(NULL, fsp); /* -* Lock expired - throw away all previously -* obtained locks and return lock error. +* Remove the entry and return an error to the client. */ if (br_lck) { - DEBUG(5,(process_blocking_lock_queue: pending lock fnum = %d for file %s timed out.\n, - fsp-fnum, fsp-fsp_name )); - brl_lock_cancel(br_lck, blr-lock_pid, procid_self(), @@ -706,13 +702,15 @@ TALLOC_FREE(br_lck); } - blocking_lock_reply_error(blr,NT_STATUS_FILE_LOCK_CONFLICT); + DEBUG(0,(process_blocking_lock_queue: Unable to become user vuid=%d.\n, + vuid )); + blocking_lock_reply_error(blr,NT_STATUS_ACCESS_DENIED); DLIST_REMOVE(blocking_lock_queue, blr); free_blocking_lock_record(blr); continue; } - if(!change_to_user(conn,vuid)) { + if(!set_current_service(conn,SVAL(blr-inbuf,smb_flg),True)) { struct byte_range_lock *br_lck = brl_get_locks(NULL, fsp); /* @@ -729,21 +727,23 @@ TALLOC_FREE(br_lck); } - DEBUG(0,(process_blocking_lock_queue: Unable to become user vuid=%d.\n, - vuid )); + DEBUG(0,(process_blocking_lock_queue: Unable to become service Error was %s.\n, strerror(errno) )); blocking_lock_reply_error(blr,NT_STATUS_ACCESS_DENIED); DLIST_REMOVE(blocking_lock_queue, blr); free_blocking_lock_record(blr); + change_to_root_user(); continue; } - if(!set_current_service(conn,SVAL(blr-inbuf,smb_flg),True)) { + /* +* Go through the remaining locks and try and obtain them. +* The call returns True if all locks were obtained successfully +* and False if we still need to wait. +*/ + + if(blocking_lock_record_process(blr)) { struct byte_range_lock *br_lck = brl_get_locks(NULL, fsp); - /* -* Remove the entry and return an error to the client. -*/ - if (br_lck) { brl_lock_cancel(br_lck, blr-lock_pid, @@ -754,24 +754,31 @@ TALLOC_FREE(br_lck); } - DEBUG(0,(process_blocking_lock_queue: Unable to become service Error was %s.\n, strerror(errno) )); - blocking_lock_reply_error(blr,NT_STATUS_ACCESS_DENIED); DLIST_REMOVE(blocking_lock_queue, blr); free_blocking_lock_record(blr); change_to_root_user(); continue; } + change_to_root_user(); + /* -* Go through the remaining locks and try and obtain them. -* The call returns True if all locks were obtained successfully -* and False if we still need to wait. +* We couldn't get the locks for this record on the list. +
svn commit: samba r24791 - in branches: SAMBA_3_2/source/smbd SAMBA_3_2_0/source/smbd
Author: jra Date: 2007-08-29 20:49:09 + (Wed, 29 Aug 2007) New Revision: 24791 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24791 Log: Fix logic error in timeout of blocking lock processing found by Ronnie. If a lock timeout expires, we must check we can get the lock before responding with failure. Volker is writing a torture test. Jeremy. Modified: branches/SAMBA_3_2/source/smbd/blocking.c branches/SAMBA_3_2_0/source/smbd/blocking.c Changeset: Modified: branches/SAMBA_3_2/source/smbd/blocking.c === --- branches/SAMBA_3_2/source/smbd/blocking.c 2007-08-29 20:36:42 UTC (rev 24790) +++ branches/SAMBA_3_2/source/smbd/blocking.c 2007-08-29 20:49:09 UTC (rev 24791) @@ -702,18 +702,14 @@ DEBUG(5,(process_blocking_lock_queue: examining pending lock fnum = %d for file %s\n, fsp-fnum, fsp-fsp_name )); - if (!timeval_is_zero(blr-expire_time) timeval_compare(blr-expire_time, tv_curr) = 0) { + if(!change_to_user(conn,vuid)) { struct byte_range_lock *br_lck = brl_get_locks(NULL, fsp); /* -* Lock expired - throw away all previously -* obtained locks and return lock error. +* Remove the entry and return an error to the client. */ if (br_lck) { - DEBUG(5,(process_blocking_lock_queue: pending lock fnum = %d for file %s timed out.\n, - fsp-fnum, fsp-fsp_name )); - brl_lock_cancel(br_lck, blr-lock_pid, procid_self(), @@ -723,14 +719,16 @@ TALLOC_FREE(br_lck); } - blocking_lock_reply_error(blr,NT_STATUS_FILE_LOCK_CONFLICT); + DEBUG(0,(process_blocking_lock_queue: Unable to become user vuid=%d.\n, + vuid )); + blocking_lock_reply_error(blr,NT_STATUS_ACCESS_DENIED); DLIST_REMOVE(blocking_lock_queue, blr); free_blocking_lock_record(blr); recalc_timeout = True; continue; } - if(!change_to_user(conn,vuid)) { + if(!set_current_service(conn,SVAL(blr-inbuf,smb_flg),True)) { struct byte_range_lock *br_lck = brl_get_locks(NULL, fsp); /* @@ -747,22 +745,24 @@ TALLOC_FREE(br_lck); } - DEBUG(0,(process_blocking_lock_queue: Unable to become user vuid=%d.\n, - vuid )); + DEBUG(0,(process_blocking_lock_queue: Unable to become service Error was %s.\n, strerror(errno) )); blocking_lock_reply_error(blr,NT_STATUS_ACCESS_DENIED); DLIST_REMOVE(blocking_lock_queue, blr); free_blocking_lock_record(blr); recalc_timeout = True; + change_to_root_user(); continue; } - if(!set_current_service(conn,SVAL(blr-inbuf,smb_flg),True)) { + /* +* Go through the remaining locks and try and obtain them. +* The call returns True if all locks were obtained successfully +* and False if we still need to wait. +*/ + + if(blocking_lock_record_process(blr)) { struct byte_range_lock *br_lck = brl_get_locks(NULL, fsp); - /* -* Remove the entry and return an error to the client. -*/ - if (br_lck) { brl_lock_cancel(br_lck, blr-lock_pid, @@ -773,8 +773,6 @@ TALLOC_FREE(br_lck); } - DEBUG(0,(process_blocking_lock_queue: Unable to become service Error was %s.\n, strerror(errno) )); - blocking_lock_reply_error(blr,NT_STATUS_ACCESS_DENIED); DLIST_REMOVE(blocking_lock_queue, blr); free_blocking_lock_record(blr); recalc_timeout = True; @@ -782,16 +780,25 @@ continue; } + change_to_root_user(); + /* -* Go through the remaining locks and try and obtain them. -* The call returns True if all locks were obtained successfully -* and False if
svn commit: samba r24792 - in branches/SAMBA_3_2_0/source/utils: .
Author: mimir Date: 2007-08-29 20:53:09 + (Wed, 29 Aug 2007) New Revision: 24792 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24792 Log: Merge from 3_2: Add machine-authenticated connections to netlogon pipe of win2k and newer (which may have anonymous connections restricted) and leave anonymous for winnt domain. rafal Modified: branches/SAMBA_3_2_0/source/utils/net.c branches/SAMBA_3_2_0/source/utils/net_ads.c branches/SAMBA_3_2_0/source/utils/net_rpc_join.c Changeset: Modified: branches/SAMBA_3_2_0/source/utils/net.c === --- branches/SAMBA_3_2_0/source/utils/net.c 2007-08-29 20:49:09 UTC (rev 24791) +++ branches/SAMBA_3_2_0/source/utils/net.c 2007-08-29 20:53:09 UTC (rev 24792) @@ -341,10 +341,10 @@ } / - Use the local machine's password for this session. + Use the local machine account (upn) and password for this session. / -int net_use_machine_password(void) +int net_use_upn_machine_account(void) { char *user_name = NULL; @@ -353,7 +353,6 @@ exit(1); } - user_name = NULL; opt_password = secrets_fetch_machine_password(opt_target_workgroup, NULL, NULL); if (asprintf(user_name, [EMAIL PROTECTED], global_myname(), lp_realm()) == -1) { return -1; @@ -362,6 +361,27 @@ return 0; } +/ + Use the machine account name and password for this session. +/ + +int net_use_machine_account(void) +{ + char *user_name = NULL; + + if (!secrets_init()) { + d_fprintf(stderr, ERROR: Unable to open secrets database\n); + exit(1); + } + + opt_password = secrets_fetch_machine_password(opt_target_workgroup, NULL, NULL); + if (asprintf(user_name, %s$, global_myname()) == -1) { + return -1; + } + opt_user_name = user_name; + return 0; +} + BOOL net_find_server(const char *domain, unsigned flags, struct in_addr *server_ip, char **server_name) { const char *d = domain ? domain : opt_target_workgroup; @@ -1044,7 +1064,7 @@ /* it is very useful to be able to make ads queries as the machine account for testing purposes and for domain leave */ - net_use_machine_password(); + net_use_upn_machine_account(); } if (!opt_password) { Modified: branches/SAMBA_3_2_0/source/utils/net_ads.c === --- branches/SAMBA_3_2_0/source/utils/net_ads.c 2007-08-29 20:49:09 UTC (rev 24791) +++ branches/SAMBA_3_2_0/source/utils/net_ads.c 2007-08-29 20:53:09 UTC (rev 24792) @@ -882,7 +882,7 @@ return NT_STATUS_ACCESS_DENIED; } - net_use_machine_password(); + net_use_upn_machine_account(); status = ads_startup(True, ads); if (!ADS_ERR_OK(status)) { @@ -2187,7 +2187,7 @@ return -1; } - net_use_machine_password(); + net_use_upn_machine_account(); use_in_memory_ccache(); Modified: branches/SAMBA_3_2_0/source/utils/net_rpc_join.c === --- branches/SAMBA_3_2_0/source/utils/net_rpc_join.c2007-08-29 20:49:09 UTC (rev 24791) +++ branches/SAMBA_3_2_0/source/utils/net_rpc_join.c2007-08-29 20:53:09 UTC (rev 24792) @@ -42,14 +42,29 @@ **/ int net_rpc_join_ok(const char *domain, const char *server, struct in_addr *ip ) { + enum security_types sec; + unsigned int conn_flags = NET_FLAGS_PDC; uint32 neg_flags = NETLOGON_NEG_AUTH2_FLAGS|NETLOGON_NEG_SCHANNEL; struct cli_state *cli = NULL; struct rpc_pipe_client *pipe_hnd = NULL; struct rpc_pipe_client *netlogon_pipe = NULL; NTSTATUS ntret = NT_STATUS_UNSUCCESSFUL; + sec = (enum security_types)lp_security(); + + if (sec == SEC_ADS) { + /* Connect to IPC$ using machine account's credentials. We don't use anonymous + connection here, as it may be denied by server's local policy. */ + net_use_machine_account(); + + } else { + /* some servers (e.g. WinNT) don't accept machine-authenticated + smb connections */ + conn_flags |= NET_FLAGS_ANONYMOUS; + } + /* Connect to remote machine */ - if (!(cli = net_make_ipc_connection_ex(domain, server, ip, (NET_FLAGS_ANONYMOUS|NET_FLAGS_PDC { + if (!(cli = net_make_ipc_connection_ex(domain, server, ip, conn_flags))) { return -1;
Re: svn commit: samba r24733 - in branches: SAMBA_3_2/source/lib SAMBA_3_2/source/torture SAMBA_3_2_0/source/lib SAMBA_3_2_0/source/torture
On Tue, Aug 28, 2007 at 12:40:03PM +, [EMAIL PROTECTED] wrote: Author: gd Date: 2007-08-28 12:40:01 + (Tue, 28 Aug 2007) New Revision: 24733 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24733 Log: Add support for storing DATA_BLOBs in gencache.tdb (including torturetest). Mimir, please have a look. DATA_BLOBs will now just show up as DATA_BLOB values with net cache list. Looks fine to me. One aesthetic note - couldn't this: + again: + len = 0; + + len += tdb_pack(buf+len, buflen-len, fB, + valstr, + blob-length, blob-data); + + if (len == -1) { + goto out; + } + + if (buflen len) { + SAFE_FREE(buf); + buf = SMB_MALLOC_ARRAY(unsigned char, len); + if (!buf) { + goto out; + } + buflen = len; + goto again; + } be implemented as a loop ? cheers, -- Rafal Szczesniak Samba Team member http://www.samba.org signature.asc Description: Digital signature
Build status as of Thu Aug 30 00:00:02 2007
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2007-08-29 00:01:18.0 + +++ /home/build/master/cache/broken_results.txt 2007-08-30 00:01:04.0 + @@ -1,24 +1,24 @@ -Build status as of Wed Aug 29 00:00:01 2007 +Build status as of Thu Aug 30 00:00:02 2007 Build counts: Tree Total Broken Panic SOC 0 0 0 build_farm 0 0 0 -ccache 30 9 0 +ccache 28 9 0 ctdb 0 0 0 distcc 2 0 0 -ldb 29 4 0 -libreplace 28 8 0 -lorikeet-heimdal 25 12 0 -pidl 16 3 0 -ppp 11 9 0 +ldb 26 4 0 +libreplace 26 8 0 +lorikeet-heimdal 23 11 0 +pidl 15 4 0 +ppp 9 7 0 python 0 0 0 -rsync30 11 0 +rsync28 11 0 samba-docs 0 0 0 samba-gtk2 2 0 -samba4 27 23 0 -samba_3_230 20 3 -smb-build27 27 0 -talloc 30 1 0 -tdb 28 4 0 +samba4 25 25 0 +samba_3_228 18 0 +smb-build25 25 0 +talloc 28 1 0 +tdb 27 3 0
svn commit: samba r24794 - in branches/SAMBA_4_0: . source
Author: jelmer Date: 2007-08-30 02:02:04 + (Thu, 30 Aug 2007) New Revision: 24794 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24794 Log: util_proto.h is no longer generated. Modified: branches/SAMBA_4_0/ branches/SAMBA_4_0/source/static_deps.mk Changeset: Property changes on: branches/SAMBA_4_0 ___ Name: bzr:revision-info ...skipped... Name: bzr:file-ids ...skipped... Name: bzr:revision-id:v3-trunk0 ...skipped... Modified: branches/SAMBA_4_0/source/static_deps.mk === --- branches/SAMBA_4_0/source/static_deps.mk2007-08-30 00:25:47 UTC (rev 24793) +++ branches/SAMBA_4_0/source/static_deps.mk2007-08-30 02:02:04 UTC (rev 24794) @@ -10,7 +10,6 @@ include/includes.h: \ include/config.h \ - lib/util/util_proto.h \ lib/charset/charset.h \ param/proto.h \ libcli/util/proto.h \