[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 8ad52f6 s3-make: Fix build with new smb2_session file. via d9975a1 LIBCLI_SMB2: Depend on cli_smb_common rather than libsmb. via a8c066b smb2: Move smb2cli session setup code to cli_smb_common. via 5283aa5 libcli/smb: Stop generating unused proto file. from 3c9b32b replace: Avoid DEBUG(), which is not available in libreplace. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 8ad52f63863a677bdec1a543c1ed23e9e9ddfa65 Author: Jelmer Vernooij Date: Sun Mar 25 23:18:52 2012 +0200 s3-make: Fix build with new smb2_session file. Autobuild-User: Jelmer Vernooij Autobuild-Date: Mon Mar 26 00:56:13 CEST 2012 on sn-devel-104 commit d9975a13fdd2c4b41414619780c3428ce1d3af3b Author: Jelmer Vernooij Date: Sun Mar 25 17:15:42 2012 +0200 LIBCLI_SMB2: Depend on cli_smb_common rather than libsmb. The latter pulls in a fair number of other libraries, including popt and the Samba registry library. commit a8c066b0230ebe40c0586973cc1eec1018255708 Author: Jelmer Vernooij Date: Sun Mar 25 17:14:56 2012 +0200 smb2: Move smb2cli session setup code to cli_smb_common. commit 5283aa5356382256fc5336a468be414e8e33fc3b Author: Jelmer Vernooij Date: Sun Mar 25 17:14:14 2012 +0200 libcli/smb: Stop generating unused proto file. --- Summary of changes: .../smb2cli_session.c => libcli/smb/smb2_session.c | 109 +-- libcli/smb/wscript_build |2 +- source3/Makefile.in|1 + source3/libsmb/smb2cli_session.c | 207 source4/libcli/smb2/wscript_build |2 +- 5 files changed, 6 insertions(+), 315 deletions(-) copy source3/libsmb/smb2cli_session.c => libcli/smb/smb2_session.c (71%) Changeset truncated at 500 lines: diff --git a/source3/libsmb/smb2cli_session.c b/libcli/smb/smb2_session.c similarity index 71% copy from source3/libsmb/smb2cli_session.c copy to libcli/smb/smb2_session.c index 13412d1..b69f0a2 100644 --- a/source3/libsmb/smb2cli_session.c +++ b/libcli/smb/smb2_session.c @@ -18,14 +18,10 @@ */ #include "includes.h" -#include "client.h" -#include "async_smb.h" -#include "smb2cli.h" +#include "system/network.h" +#include "../lib/util/tevent_ntstatus.h" +#include "../libcli/smb/smb_common.h" #include "../libcli/smb/smbXcli_base.h" -#include "libsmb/proto.h" -#include "lib/util/tevent_ntstatus.h" -#include "../libcli/auth/spnego.h" -#include "../auth/ntlmssp/ntlmssp.h" struct smb2cli_session_setup_state { struct smbXcli_session *session; @@ -234,103 +230,4 @@ NTSTATUS smb2cli_session_setup_recv(struct tevent_req *req, return status; } -struct smb2cli_logoff_state { - struct cli_state *cli; - uint8_t fixed[4]; -}; - -static void smb2cli_logoff_done(struct tevent_req *subreq); - -struct tevent_req *smb2cli_logoff_send(TALLOC_CTX *mem_ctx, - struct tevent_context *ev, - struct cli_state *cli) -{ - struct tevent_req *req, *subreq; - struct smb2cli_logoff_state *state; - - req = tevent_req_create(mem_ctx, &state, - struct smb2cli_logoff_state); - if (req == NULL) { - return NULL; - } - state->cli = cli; - SSVAL(state->fixed, 0, 4); - - subreq = smb2cli_req_send(state, ev, - cli->conn, SMB2_OP_LOGOFF, - 0, 0, /* flags */ - cli->timeout, - cli->smb2.pid, - 0, /* tid */ - cli->smb2.session, - state->fixed, sizeof(state->fixed), - NULL, 0); - if (tevent_req_nomem(subreq, req)) { - return tevent_req_post(req, ev); - } - tevent_req_set_callback(subreq, smb2cli_logoff_done, req); - return req; -} - -static void smb2cli_logoff_done(struct tevent_req *subreq) -{ - struct tevent_req *req = - tevent_req_callback_data(subreq, - struct tevent_req); - struct smb2cli_logoff_state *state = - tevent_req_data(req, - struct smb2cli_logoff_state); - NTSTATUS status; - struct iovec *iov; - static const struct smb2cli_req_expected_response expected[] = { - { - .status = NT_STATUS_OK, - .body_size = 0x04 - } - }; - status = smb2cli_req_recv(subreq, state, &iov, - expected, ARRAY_SIZE(expected)); - TALLOC_FREE(subreq); - TALLOC_FREE(state->cli->smb2.session); - if (tev
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via d86e701 s4:ldap.py - re-introduce the "(dn=CN=ldaptestUSER3,CN=Users,DC=wallnoefer2,DC=local)" test via d6fde2d LDB/s4 - deny the "(dn=...)" syntax on search filters when in AD mode via 438971e LDB/s4 - do not use the "(dn=...)" syntax on filters anymore via fa1c761 s4:ldap.py - test the already mentioned structural object class sorting behaviour via 206421c s4:dsdb - enhance "get_last_structural_class()" for optimisations via 0f8ffa9 s4:objectclass LDB module - fix up the sorting in respect to structural or 88 objectclasses via 52340b8 s4:objectclass LDB module - clean up "objectclass_sort()" from 8ad52f6 s3-make: Fix build with new smb2_session file. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit d86e701b7ca42f3d21d6c5b7b6a1827bd37f0ee6 Author: Matthias Dieter Wallnöfer Date: Sat Oct 22 12:44:02 2011 +0200 s4:ldap.py - re-introduce the "(dn=CN=ldaptestUSER3,CN=Users,DC=wallnoefer2,DC=local)" test This syntax is not supported by Windows AD and should also be denied by s4/LDB. Reviewed-by: Andrew Bartlett Signed-off-by: Andrew Bartlett Autobuild-User: Andrew Bartlett Autobuild-Date: Mon Mar 26 02:30:53 CEST 2012 on sn-devel-104 commit d6fde2d4c24d7fb5e040ccb00476f689a4472eff Author: Matthias Dieter Wallnöfer Date: Wed Oct 26 09:47:35 2011 +0200 LDB/s4 - deny the "(dn=...)" syntax on search filters when in AD mode Achieve this by introducing a "disallowDNFilter" flag. Reviewed-by: Andrew Bartlett Signed-off-by: Andrew Bartlett commit 438971e214e6f55f19148ed2afc03ec1c7066f65 Author: Matthias Dieter Wallnöfer Date: Tue Oct 25 20:10:30 2011 +0200 LDB/s4 - do not use the "(dn=...)" syntax on filters anymore Make it AD-compatible using "(distinguishedName=...)". Reviewed-by: Andrew Bartlett Signed-off-by: Andrew Bartlett commit fa1c7615d0809a124109713e1b340f71d9c4594f Author: Matthias Dieter Wallnöfer Date: Sun Mar 25 23:35:23 2012 +0200 s4:ldap.py - test the already mentioned structural object class sorting behaviour Reviewed-by: Andrew Bartlett Signed-off-by: Andrew Bartlett commit 206421c8fd28ca4bb6375b97e106d3531f1a5559 Author: Matthias Dieter Wallnöfer Date: Sun Mar 25 23:25:01 2012 +0200 s4:dsdb - enhance "get_last_structural_class()" for optimisations If the objectclass entry has been sorted before we are able to determine the (last) structural or 88 object class in constant time. Reviewed-by: Andrew Bartlett Signed-off-by: Andrew Bartlett commit 0f8ffa9ce1777d0b368eb765a7f69f93e68118bd Author: Matthias Dieter Wallnöfer Date: Sun Mar 25 22:51:51 2012 +0200 s4:objectclass LDB module - fix up the sorting in respect to structural or 88 objectclasses Please have a look at MS-ADTS 3.1.1.1.4. Reviewed-by: Andrew Bartlett Signed-off-by: Andrew Bartlett commit 52340b86a2a3bcb98c8622a9d5a66f23eb1440f8 Author: Matthias Dieter Wallnöfer Date: Sun Mar 25 21:33:52 2012 +0200 s4:objectclass LDB module - clean up "objectclass_sort()" Make it easier to comprehend Reviewed-by: Andrew Bartlett Signed-off-by: Andrew Bartlett --- Summary of changes: lib/ldb/ldb_tdb/ldb_cache.c| 10 +++- lib/ldb/ldb_tdb/ldb_index.c|9 +++ lib/ldb/ldb_tdb/ldb_tdb.h |2 + source4/dsdb/samdb/ldb_modules/descriptor.c|6 +- source4/dsdb/samdb/ldb_modules/objectclass.c | 67 +++- source4/dsdb/samdb/ldb_modules/schema.c| 25 ++-- source4/dsdb/tests/python/dirsync.py | 10 ++-- source4/dsdb/tests/python/ldap.py | 30 ++--- source4/scripting/bin/rebuildextendeddn|2 +- source4/scripting/bin/renamedc |2 +- source4/scripting/bin/upgradeprovision | 23 --- source4/scripting/devel/addlotscontacts|2 +- source4/scripting/python/samba/idmap.py|2 +- .../scripting/python/samba/provision/__init__.py |2 +- source4/scripting/python/samba/samdb.py|6 +- source4/scripting/python/samba/upgradehelpers.py | 14 ++-- source4/setup/provision_init.ldif |1 + 17 files changed, 131 insertions(+), 82 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/ldb/ldb_tdb/ldb_cache.c b/lib/ldb/ldb_tdb/ldb_cache.c index 0b93021..6467af1 100644 --- a/lib/ldb/ldb_tdb/ldb_cache.c +++ b/lib/ldb/ldb_tdb/ldb_cache.c @@ -346,11 +346,17 @@ int ltdb_cache_load(struct ldb_module *module) goto failed; } - /* set flag for ch
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via cb7220d Fix the PyDoc comments in samba.smb.SMB and add a security_info argument to both get_acl and set_acl to allow the caller to specify what info is wanted. Defaults to 0 which means all info. from d86e701 s4:ldap.py - re-introduce the "(dn=CN=ldaptestUSER3,CN=Users,DC=wallnoefer2,DC=local)" test http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit cb7220d72124b89f316c181c674982dbe5f6c372 Author: Richard Sharpe Date: Sun Mar 25 17:27:11 2012 -0700 Fix the PyDoc comments in samba.smb.SMB and add a security_info argument to both get_acl and set_acl to allow the caller to specify what info is wanted. Defaults to 0 which means all info. Autobuild-User: Richard Sharpe Autobuild-Date: Mon Mar 26 04:05:25 CEST 2012 on sn-devel-104 --- Summary of changes: source4/libcli/pysmb.c | 31 +++ 1 files changed, 23 insertions(+), 8 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/libcli/pysmb.c b/source4/libcli/pysmb.c index 2f9a579..b4eba14 100644 --- a/source4/libcli/pysmb.c +++ b/source4/libcli/pysmb.c @@ -302,9 +302,10 @@ static PyObject *py_smb_getacl(pytalloc_Object *self, PyObject *args, PyObject * union smb_fileinfo fio; struct smb_private_data *spdata; const char *filename; + int sinfo = 0; int fnum; - if (!PyArg_ParseTuple(args, "s:get_acl", &filename)) { + if (!PyArg_ParseTuple(args, "s|i:get_acl", &filename, &sinfo)) { return NULL; } @@ -335,7 +336,10 @@ static PyObject *py_smb_getacl(pytalloc_Object *self, PyObject *args, PyObject * fio.query_secdesc.level = RAW_FILEINFO_SEC_DESC; fio.query_secdesc.in.file.fnum = fnum; - fio.query_secdesc.in.secinfo_flags = SECINFO_OWNER | + if (sinfo) + fio.query_secdesc.in.secinfo_flags = sinfo; + else + fio.query_secdesc.in.secinfo_flags = SECINFO_OWNER | SECINFO_GROUP | SECINFO_DACL | SECINFO_PROTECTED_DACL | @@ -344,7 +348,6 @@ static PyObject *py_smb_getacl(pytalloc_Object *self, PyObject *args, PyObject * SECINFO_PROTECTED_SACL | SECINFO_UNPROTECTED_SACL; - status = smb_raw_query_secdesc(spdata->tree, self->talloc_ctx, &fio); smbcli_close(spdata->tree, fnum); @@ -367,9 +370,10 @@ static PyObject *py_smb_setacl(pytalloc_Object *self, PyObject *args, PyObject * const char *filename; PyObject *py_sd; struct security_descriptor *sd; + uint32_t sinfo = 0; int fnum; - if (!PyArg_ParseTuple(args, "sO:set_acl", &filename, &py_sd)) { + if (!PyArg_ParseTuple(args, "sO|i:get_acl", &filename, &py_sd, &sinfo)) { return NULL; } @@ -410,7 +414,18 @@ static PyObject *py_smb_setacl(pytalloc_Object *self, PyObject *args, PyObject * fio.set_secdesc.level = RAW_SFILEINFO_SEC_DESC; fio.set_secdesc.in.file.fnum = fnum; - fio.set_secdesc.in.secinfo_flags = 0; + if (sinfo) + fio.set_secdesc.in.secinfo_flags = sinfo; + else + fio.set_secdesc.in.secinfo_flags = SECINFO_OWNER | + SECINFO_GROUP | + SECINFO_DACL | + SECINFO_PROTECTED_DACL | + SECINFO_UNPROTECTED_DACL | + SECINFO_SACL | + SECINFO_PROTECTED_SACL | + SECINFO_UNPROTECTED_SACL; + fio.set_secdesc.in.sd = sd; status = smb_raw_set_secdesc(spdata->tree, &fio); @@ -447,10 +462,10 @@ static PyMethodDef py_smb_methods[] = { "chkpath(path) -> True or False\n\n \ Return true if path exists, false otherwise." }, { "get_acl", (PyCFunction)py_smb_getacl, METH_VARARGS, - "get_acl(path) -> security_descriptor object\n\n \ + "get_acl(path[, security_info=0]) -> security_descriptor object\n\n \ Get security descriptor for file." }, { "set_acl", (PyCFunction)py_smb_setacl, METH_VARARGS, - "set_acl(path, security_descriptor) -> None\n\n \ + "set_acl(path, security_descriptor[, security_info=0]) -> None\n\n \ Set security descriptor for file." }, { NULL }, }; @@ -522,7 +537,7 @@ static PyTypeObject PySMB = { .tp_new = py_smb_new, .t
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 7290a62 s4-dsdb: use constant-time search for descriptor -> get_last_structural_class() from cb7220d Fix the PyDoc comments in samba.smb.SMB and add a security_info argument to both get_acl and set_acl to allow the caller to specify what info is wanted. Defaults to 0 which means all info. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 7290a622844def1086cff993aaba958bc976538d Author: Andrew Bartlett Date: Mon Mar 26 12:06:39 2012 +1100 s4-dsdb: use constant-time search for descriptor -> get_last_structural_class() The objectClass list is sorted at this point, as we are called below the objectclass module here, or are working from a search result. Andrew Bartlett Autobuild-User: Andrew Bartlett Autobuild-Date: Mon Mar 26 05:38:13 CEST 2012 on sn-devel-104 --- Summary of changes: source4/dsdb/samdb/ldb_modules/descriptor.c |4 ++-- source4/dsdb/samdb/ldb_modules/samba_dsdb.c |2 ++ 2 files changed, 4 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/dsdb/samdb/ldb_modules/descriptor.c b/source4/dsdb/samdb/ldb_modules/descriptor.c index 47207db..f2afe74 100644 --- a/source4/dsdb/samdb/ldb_modules/descriptor.c +++ b/source4/dsdb/samdb/ldb_modules/descriptor.c @@ -543,7 +543,7 @@ static int descriptor_add(struct ldb_module *module, struct ldb_request *req) } objectclass = get_last_structural_class(schema, objectclass_element, - false); + true); if (objectclass == NULL) { return ldb_operr(ldb); } @@ -662,7 +662,7 @@ static int descriptor_modify(struct ldb_module *module, struct ldb_request *req) } objectclass = get_last_structural_class(schema, objectclass_element, - false); + true); if (objectclass == NULL) { return ldb_operr(ldb); } diff --git a/source4/dsdb/samdb/ldb_modules/samba_dsdb.c b/source4/dsdb/samdb/ldb_modules/samba_dsdb.c index c7c4fe3..d58b584 100644 --- a/source4/dsdb/samdb/ldb_modules/samba_dsdb.c +++ b/source4/dsdb/samdb/ldb_modules/samba_dsdb.c @@ -150,6 +150,8 @@ static int samba_dsdb_init(struct ldb_module *module) - extended_dn_in must be before objectclass.c, as it resolves the DN - objectclass must be before password_hash and samldb since these LDB modules require the expanded "objectClass" list + - objectclass must be before descriptor, as descriptor assumes that +objectClass values are sorted - objectclass_attrs must be behind operational in order to see all attributes (the operational module protects and therefore suppresses per default some important ones) -- Samba Shared Repository