svn commit: samba r25493 - in branches: SAMBA_3_2/source/nsswitch SAMBA_3_2_0/source/nsswitch
Author: jmcd Date: 2007-10-03 20:56:29 + (Wed, 03 Oct 2007) New Revision: 25493 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=25493 Log: Fix typo in Jeremy's thread-safe winbind patch: lock->unlock (would have tried to lock a mutex at the end of a function). Cut-n-paste error. Modified: branches/SAMBA_3_2/source/nsswitch/winbind_nss_linux.c branches/SAMBA_3_2_0/source/nsswitch/winbind_nss_linux.c Changeset: Modified: branches/SAMBA_3_2/source/nsswitch/winbind_nss_linux.c === --- branches/SAMBA_3_2/source/nsswitch/winbind_nss_linux.c 2007-10-03 20:43:55 UTC (rev 25492) +++ branches/SAMBA_3_2/source/nsswitch/winbind_nss_linux.c 2007-10-03 20:56:29 UTC (rev 25493) @@ -1347,7 +1347,7 @@ failed: #if HAVE_PTHREAD - pthread_mutex_lock(&winbind_nss_mutex); + pthread_mutex_unlock(&winbind_nss_mutex); #endif return ret; Modified: branches/SAMBA_3_2_0/source/nsswitch/winbind_nss_linux.c === --- branches/SAMBA_3_2_0/source/nsswitch/winbind_nss_linux.c2007-10-03 20:43:55 UTC (rev 25492) +++ branches/SAMBA_3_2_0/source/nsswitch/winbind_nss_linux.c2007-10-03 20:56:29 UTC (rev 25493) @@ -1347,7 +1347,7 @@ failed: #if HAVE_PTHREAD - pthread_mutex_lock(&winbind_nss_mutex); + pthread_mutex_unlock(&winbind_nss_mutex); #endif return ret;
svn commit: samba r23643 - in branches/SAMBA_4_0/source: librpc/idl torture/rpc
Author: jmcd
Date: 2007-06-28 18:08:04 + (Thu, 28 Jun 2007)
New Revision: 23643
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=23643
Log:
Fix the build farm tests. We were incorrectly passing the
RPC-SAMBA3-GETUSERNAME tests before the previous password expiration
fixes, because if you create a user and only set the password
administratrively, the "last set time" should not get updated. Needed
to add some more of the fields_present flags to do this.
Modified:
branches/SAMBA_4_0/source/librpc/idl/samr.idl
branches/SAMBA_4_0/source/torture/rpc/samba3rpc.c
Changeset:
Modified: branches/SAMBA_4_0/source/librpc/idl/samr.idl
===
--- branches/SAMBA_4_0/source/librpc/idl/samr.idl 2007-06-28 18:05:35 UTC
(rev 23642)
+++ branches/SAMBA_4_0/source/librpc/idl/samr.idl 2007-06-28 18:08:04 UTC
(rev 23643)
@@ -684,23 +684,36 @@
/* this defines the bits used for fields_present in info21 */
typedef [bitmap32bit] bitmap {
- SAMR_FIELD_ACCOUNT_NAME = 0x0001,
- SAMR_FIELD_FULL_NAME = 0x0002,
- SAMR_FIELD_PRIMARY_GID= 0x0008,
- SAMR_FIELD_DESCRIPTION= 0x0010,
- SAMR_FIELD_COMMENT= 0x0020,
- SAMR_FIELD_HOME_DIRECTORY = 0x0040,
- SAMR_FIELD_HOME_DRIVE = 0x0080,
- SAMR_FIELD_LOGON_SCRIPT = 0x0100,
- SAMR_FIELD_PROFILE_PATH = 0x0200,
- SAMR_FIELD_WORKSTATIONS = 0x0400,
- SAMR_FIELD_LOGON_HOURS= 0x2000,
- SAMR_FIELD_ACCT_FLAGS = 0x0010,
- SAMR_FIELD_PARAMETERS = 0x0020,
- SAMR_FIELD_COUNTRY_CODE = 0x0040,
- SAMR_FIELD_CODE_PAGE = 0x0080,
- SAMR_FIELD_PASSWORD = 0x0100, /* either of these */
- SAMR_FIELD_PASSWORD2 = 0x0200 /* two bits seems to
work */
+ SAMR_FIELD_ACCOUNT_NAME = 0x0001,
+ SAMR_FIELD_FULL_NAME= 0x0002,
+ SAMR_FIELD_RID = 0x0004,
+ SAMR_FIELD_PRIMARY_GID = 0x0008,
+ SAMR_FIELD_DESCRIPTION = 0x0010,
+ SAMR_FIELD_COMMENT = 0x0020,
+ SAMR_FIELD_HOME_DIRECTORY = 0x0040,
+ SAMR_FIELD_HOME_DRIVE = 0x0080,
+ SAMR_FIELD_LOGON_SCRIPT = 0x0100,
+ SAMR_FIELD_PROFILE_PATH = 0x0200,
+ SAMR_FIELD_WORKSTATIONS = 0x0400,
+ SAMR_FIELD_LAST_LOGON = 0x0800,
+ SAMR_FIELD_LAST_LOGOFF = 0x1000,
+ SAMR_FIELD_LOGON_HOURS = 0x2000,
+ SAMR_FIELD_BAD_PWD_COUNT= 0x4000,
+ SAMR_FIELD_NUM_LOGONS = 0x8000,
+ SAMR_FIELD_ALLOW_PWD_CHANGE = 0x0001,
+ SAMR_FIELD_FORCE_PWD_CHANGE = 0x0002,
+ SAMR_FIELD_LAST_PWD_CHANGE = 0x0004,
+ SAMR_FIELD_ACCT_EXPIRY = 0x0008,
+ SAMR_FIELD_ACCT_FLAGS = 0x0010,
+ SAMR_FIELD_PARAMETERS = 0x0020,
+ SAMR_FIELD_COUNTRY_CODE = 0x0040,
+ SAMR_FIELD_CODE_PAGE= 0x0080,
+ SAMR_FIELD_PASSWORD = 0x0100, /* either of these */
+ SAMR_FIELD_PASSWORD2= 0x0200, /* two bits seems to
work */
+ SAMR_FIELD_PRIVATE_DATA = 0x0400,
+ SAMR_FIELD_EXPIRED_FLAG = 0x0800,
+ SAMR_FIELD_SEC_DESC = 0x1000,
+ SAMR_FIELD_OWF_PWD = 0x2000
} samr_FieldsPresent;
typedef struct {
Modified: branches/SAMBA_4_0/source/torture/rpc/samba3rpc.c
===
--- branches/SAMBA_4_0/source/torture/rpc/samba3rpc.c 2007-06-28 18:05:35 UTC
(rev 23642)
+++ branches/SAMBA_4_0/source/torture/rpc/samba3rpc.c 2007-06-28 18:08:04 UTC
(rev 23643)
@@ -536,24 +536,29 @@
union samr_UserInfo u_info;
DATA_BLOB session_key;
- encode_pw_buffer(u_info.info24.password.data, password,
+
+ ZERO_STRUCT(u_info);
+ encode_pw_buffer(u_info.info23.password.data, password,
STR_UNICODE);
- u_info.info24.pw_len = strlen_m(password)*2;
status = dcerpc_fetch_session_key(samr_pipe, &session_key);
if (!NT_STATUS_IS_OK(status)) {
d_printf("dcerpc_fetch_session_key failed\n");
goto done;
}
- arcfour_crypt_blob(u_info.info24.password.data, 516,
+
svn commit: samba r23616 - in branches: SAMBA_3_0/source/include SAMBA_3_0/source/rpc_parse SAMBA_3_0/source/rpc_server SAMBA_3_0_25/source/include SAMBA_3_0_25/source/rpc_parse SAMBA_3_0_25/source/rp
Author: jmcd Date: 2007-06-26 20:09:41 + (Tue, 26 Jun 2007) New Revision: 23616 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=23616 Log: Fix bugzilla #4719: must change password is not set from usrmgr.exe. This was only affecting the newer versions of usrmgr.exe, because they use a user_info_25 struct. The password is getting set separately inside that code, so the password last set time was getting set from the password change logic. We also were not parsing a number of fields (like logon hours) from the user_info_25. That should also be fixed. Modified: branches/SAMBA_3_0/source/include/rpc_samr.h branches/SAMBA_3_0/source/rpc_parse/parse_samr.c branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c branches/SAMBA_3_0/source/rpc_server/srv_samr_util.c branches/SAMBA_3_0_25/source/include/rpc_samr.h branches/SAMBA_3_0_25/source/rpc_parse/parse_samr.c branches/SAMBA_3_0_25/source/rpc_server/srv_samr_nt.c branches/SAMBA_3_0_25/source/rpc_server/srv_samr_util.c branches/SAMBA_3_0_26/source/include/rpc_samr.h branches/SAMBA_3_0_26/source/rpc_parse/parse_samr.c branches/SAMBA_3_0_26/source/rpc_server/srv_samr_nt.c branches/SAMBA_3_0_26/source/rpc_server/srv_samr_util.c Changeset: Sorry, the patch is too large (505 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=23616
svn commit: samba r23231 - in branches/SAMBA_4_0/source/torture/rpc: .
Author: jmcd Date: 2007-05-29 21:50:17 + (Tue, 29 May 2007) New Revision: 23231 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=23231 Log: Fix make test on build farm for 64-bit hosts. There's no reason this should be any different for 64-bit hosts, but we probably are lucking out on other fields here as well. The "fields_present" field shouldn't just be copied from usrmgr traces, because it indicates which fields should be set, and in this case, we were setting the kickoff time (NOT the expired time) to some random date. Modified: branches/SAMBA_4_0/source/torture/rpc/samba3rpc.c Changeset: Modified: branches/SAMBA_4_0/source/torture/rpc/samba3rpc.c === --- branches/SAMBA_4_0/source/torture/rpc/samba3rpc.c 2007-05-29 20:12:48 UTC (rev 23230) +++ branches/SAMBA_4_0/source/torture/rpc/samba3rpc.c 2007-05-29 21:50:17 UTC (rev 23231) @@ -582,6 +582,7 @@ qui.out.info->info21.force_password_change = 0; qui.out.info->info21.account_name.string = NULL; qui.out.info->info21.rid = 0; + qui.out.info->info21.acct_expiry = 0; qui.out.info->info21.fields_present = 0x81827fa; /* copy usrmgr.exe */ u_info.info21 = qui.out.info->info21;
svn commit: samba r23041 - in branches: SAMBA_3_0/source/lib SAMBA_3_0_25/source/lib SAMBA_3_0_26/source/lib
Author: jmcd
Date: 2007-05-21 16:01:22 + (Mon, 21 May 2007)
New Revision: 23041
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=23041
Log:
Remainder of fix for 4630: fix special case of unix_to_nt_time() for
TIME_T_MAX, and also display of it in http_timestring()
Modified:
branches/SAMBA_3_0/source/lib/time.c
branches/SAMBA_3_0_25/source/lib/time.c
branches/SAMBA_3_0_26/source/lib/time.c
Changeset:
Modified: branches/SAMBA_3_0/source/lib/time.c
===
--- branches/SAMBA_3_0/source/lib/time.c2007-05-21 15:58:27 UTC (rev
23040)
+++ branches/SAMBA_3_0/source/lib/time.c2007-05-21 16:01:22 UTC (rev
23041)
@@ -95,7 +95,13 @@
if (t == (time_t)-1) {
*nt = (NTTIME)-1LL;
return;
- }
+ }
+
+ if (t == TIME_T_MAX) {
+ *nt = 0x7fffLL;
+ return;
+ }
+
if (t == 0) {
*nt = 0;
return;
@@ -301,7 +307,9 @@
static fstring buf;
struct tm *tm = localtime(&t);
- if (!tm) {
+ if (t == TIME_T_MAX) {
+ slprintf(buf,sizeof(buf)-1,"never");
+ } else if (!tm) {
slprintf(buf,sizeof(buf)-1,"%ld seconds since the
Epoch",(long)t);
} else {
#ifndef HAVE_STRFTIME
Modified: branches/SAMBA_3_0_25/source/lib/time.c
===
--- branches/SAMBA_3_0_25/source/lib/time.c 2007-05-21 15:58:27 UTC (rev
23040)
+++ branches/SAMBA_3_0_25/source/lib/time.c 2007-05-21 16:01:22 UTC (rev
23041)
@@ -95,7 +95,13 @@
if (t == (time_t)-1) {
*nt = (NTTIME)-1LL;
return;
- }
+ }
+
+ if (t == TIME_T_MAX) {
+ *nt = 0x7fffLL;
+ return;
+ }
+
if (t == 0) {
*nt = 0;
return;
@@ -301,7 +307,9 @@
static fstring buf;
struct tm *tm = localtime(&t);
- if (!tm) {
+ if (t == TIME_T_MAX) {
+ slprintf(buf,sizeof(buf)-1,"never");
+ } else if (!tm) {
slprintf(buf,sizeof(buf)-1,"%ld seconds since the
Epoch",(long)t);
} else {
#ifndef HAVE_STRFTIME
Modified: branches/SAMBA_3_0_26/source/lib/time.c
===
--- branches/SAMBA_3_0_26/source/lib/time.c 2007-05-21 15:58:27 UTC (rev
23040)
+++ branches/SAMBA_3_0_26/source/lib/time.c 2007-05-21 16:01:22 UTC (rev
23041)
@@ -95,7 +95,13 @@
if (t == (time_t)-1) {
*nt = (NTTIME)-1LL;
return;
- }
+ }
+
+ if (t == TIME_T_MAX) {
+ *nt = 0x7fffLL;
+ return;
+ }
+
if (t == 0) {
*nt = 0;
return;
@@ -301,7 +307,9 @@
static fstring buf;
struct tm *tm = localtime(&t);
- if (!tm) {
+ if (t == TIME_T_MAX) {
+ slprintf(buf,sizeof(buf)-1,"never");
+ } else if (!tm) {
slprintf(buf,sizeof(buf)-1,"%ld seconds since the
Epoch",(long)t);
} else {
#ifndef HAVE_STRFTIME
svn commit: samba r22504 - in branches: SAMBA_3_0/source/rpc_server SAMBA_3_0_25/source/rpc_server
Author: jmcd
Date: 2007-04-24 15:56:02 + (Tue, 24 Apr 2007)
New Revision: 22504
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=22504
Log:
Fix bug Jerry found during his tutorial. Sorry :-(
Allows authorized users (e.g. BUILTIN\Administrators members) to
set attributes on an account, particularly "user cannot change
password".
add become_root() around updating attributes, after checking that
access has been granted.
Modified:
branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c
branches/SAMBA_3_0_25/source/rpc_server/srv_samr_nt.c
Changeset:
Modified: branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c
===
--- branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c 2007-04-24 13:55:04 UTC
(rev 22503)
+++ branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c 2007-04-24 15:56:02 UTC
(rev 22504)
@@ -724,7 +724,12 @@
return NT_STATUS_ACCESS_DENIED;
}
- status = pdb_update_sam_account(sampass);
+ status = access_check_samr_function(acc_granted,
SA_RIGHT_USER_SET_ATTRIBUTES, "_samr_set_sec_obj");
+ if NT_STATUS_IS_OK(status) {
+ become_root();
+ status = pdb_update_sam_account(sampass);
+ unbecome_root();
+ }
TALLOC_FREE(sampass);
Modified: branches/SAMBA_3_0_25/source/rpc_server/srv_samr_nt.c
===
--- branches/SAMBA_3_0_25/source/rpc_server/srv_samr_nt.c 2007-04-24
13:55:04 UTC (rev 22503)
+++ branches/SAMBA_3_0_25/source/rpc_server/srv_samr_nt.c 2007-04-24
15:56:02 UTC (rev 22504)
@@ -739,7 +739,12 @@
return NT_STATUS_ACCESS_DENIED;
}
- status = pdb_update_sam_account(sampass);
+ status = access_check_samr_function(acc_granted,
SA_RIGHT_USER_SET_ATTRIBUTES, "_samr_set_sec_obj");
+ if NT_STATUS_IS_OK(status) {
+ become_root();
+ status = pdb_update_sam_account(sampass);
+ unbecome_root();
+ }
TALLOC_FREE(sampass);
svn commit: samba r22148 - in branches: SAMBA_3_0/source/modules SAMBA_3_0_25/source/modules
Author: jmcd
Date: 2007-04-10 15:41:22 + (Tue, 10 Apr 2007)
New Revision: 22148
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=22148
Log:
Fix gpfs module on posix-acl test. Adds gpfsacl_sys_set_fd (calls
_file). Thanks to Gomati Mohanan.
Modified:
branches/SAMBA_3_0/source/modules/vfs_gpfs.c
branches/SAMBA_3_0_25/source/modules/vfs_gpfs.c
Changeset:
Modified: branches/SAMBA_3_0/source/modules/vfs_gpfs.c
===
--- branches/SAMBA_3_0/source/modules/vfs_gpfs.c2007-04-10 07:36:58 UTC
(rev 22147)
+++ branches/SAMBA_3_0/source/modules/vfs_gpfs.c2007-04-10 15:41:22 UTC
(rev 22148)
@@ -597,8 +597,7 @@
files_struct *fsp,
int fd, SMB_ACL_T theacl)
{
- errno = ENOTSUP;
- return -1;
+ return gpfsacl_sys_acl_set_file(handle, fsp->fsp_name,
SMB_ACL_TYPE_ACCESS, theacl);
}
int gpfsacl_sys_acl_delete_def_file(vfs_handle_struct *handle,
Modified: branches/SAMBA_3_0_25/source/modules/vfs_gpfs.c
===
--- branches/SAMBA_3_0_25/source/modules/vfs_gpfs.c 2007-04-10 07:36:58 UTC
(rev 22147)
+++ branches/SAMBA_3_0_25/source/modules/vfs_gpfs.c 2007-04-10 15:41:22 UTC
(rev 22148)
@@ -597,8 +597,7 @@
files_struct *fsp,
int fd, SMB_ACL_T theacl)
{
- errno = ENOTSUP;
- return -1;
+ return gpfsacl_sys_acl_set_file(handle, fsp->fsp_name,
SMB_ACL_TYPE_ACCESS, theacl);
}
int gpfsacl_sys_acl_delete_def_file(vfs_handle_struct *handle,
svn commit: samba r21924 - in branches/SAMBA_3_0_25: .
Author: jmcd Date: 2007-03-22 01:13:25 + (Thu, 22 Mar 2007) New Revision: 21924 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=21924 Log: NFSv3->NFSv4 for new ACL functionality Modified: branches/SAMBA_3_0_25/WHATSNEW.txt Changeset: Modified: branches/SAMBA_3_0_25/WHATSNEW.txt === --- branches/SAMBA_3_0_25/WHATSNEW.txt 2007-03-22 00:08:22 UTC (rev 21923) +++ branches/SAMBA_3_0_25/WHATSNEW.txt 2007-03-22 01:13:25 UTC (rev 21924) @@ -66,7 +66,7 @@ Samba's POSIX ACL support has been moved inside of the VFS layer which means it is now possible to support multiple ACL implementations -on the same server including NFSv3 and GPFS ACLs. +on the same server including NFSv4 and GPFS ACLs. ## @@ -284,7 +284,7 @@ Samba's POSIX ACL support has been moved inside of the VFS layer which means it is now possible to support multiple ACL implementations -on the same server including NFSv3 and GPFS ACLs. +on the same server including NFSv4 and GPFS ACLs. ##
svn commit: samba-docs r1066 - in trunk/manpages-3: .
Author: jmcd Date: 2007-03-20 13:05:44 + (Tue, 20 Mar 2007) New Revision: 1066 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba-docs&rev=1066 Log: Add nfs4:chown option, and a few formatting changes. Modified: trunk/manpages-3/vfs_gpfs.8.xml Changeset: Modified: trunk/manpages-3/vfs_gpfs.8.xml === --- trunk/manpages-3/vfs_gpfs.8.xml 2007-03-19 21:32:53 UTC (rev 1065) +++ trunk/manpages-3/vfs_gpfs.8.xml 2007-03-20 13:05:44 UTC (rev 1066) @@ -75,8 +75,10 @@ + nfs4:acedup = [dontcare|reject|ignore|merge] + This parameter configures how Samba handles duplicate ACEs encountered in GPFS ACLs. GPFS allows/creates duplicate ACE for different bits for same ID. @@ -89,8 +91,27 @@ ignore - don't include the second matching ACE merge - bitwise OR the 2 ace.flag fields and 2 ace.mask fields of the 2 duplicate ACEs into 1 ACE + + + + nfs4:chown = [yes|no] + + This parameter allows enabling or disabling the chown supported + by the underlying filesystem. This parameter should be enabled with + care as it might leave your system insecure. + Some filesystems allow chown as a) giving b) stealing. It is the latter + that is considered a risk. + + Following is the behaviour of Samba for different values : + + yes - Enable chown if as supported by the under filesystem + no (default) - Disable chown + + + +
svn commit: samba-docs r1064 - in trunk/manpages-3: .
Author: jmcd Date: 2007-03-19 18:38:51 + (Mon, 19 Mar 2007) New Revision: 1064 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba-docs&rev=1064 Log: A few updates to the gpfs manpage. Clarify some language, list setlease as feature, add "vfs objects = gpfs" to example. Modified: trunk/manpages-3/vfs_gpfs.8.xml Changeset: Modified: trunk/manpages-3/vfs_gpfs.8.xml === --- trunk/manpages-3/vfs_gpfs.8.xml 2007-03-19 18:29:04 UTC (rev 1063) +++ trunk/manpages-3/vfs_gpfs.8.xml 2007-03-19 18:38:51 UTC (rev 1064) @@ -28,14 +28,14 @@ The gpfs VFS module is the home for all gpfs extensions that Samba requires for proper integration - with GPFS. For this it utilizes the gpl-ed library interfaces provided by - GPFS team. + with GPFS. It uses the GPL library interfaces provided by GPFS. Currently the gpfs vfs module provides extensions in following areas : - NFSv4 ACL Interfaces with configurable options for gpfs + NFSv4 ACL Interfaces with configurable options for GPFS Kernel oplock support on GPFS + Lease support on GPFS @@ -60,13 +60,13 @@ nfs4:mode = [ simple | special ] - Enable/Disable substitution of special ids on GPFS. This parameter + Enable/Disable substitution of special IDs on GPFS. This parameter should not affect the windows users in anyway. It only ensures that Samba - sets the special ids - OWNER@ and GROUP@ ( mappings to simple uids ) + sets the special IDs - OWNER@ and GROUP@ ( mappings to simple uids ) that are relevant to GPFS. - The following MODE are understood by the module: + The following MODEs are understood by the module: simple(default) - do not use special IDs in GPFS ACEs special - use special IDs in GPFS ACEs. @@ -87,7 +87,7 @@ dontcare (default) - copy the ACEs as they come reject - stop operation and exit with error on ACL set op ignore - don't include the second matching ACE - merge - OR 2 ace.flag fields and 2 ace.mask fields of the 2 duplicate ACEs into 1 ACE + merge - bitwise OR the 2 ace.flag fields and 2 ace.mask fields of the 2 duplicate ACEs into 1 ACE @@ -101,6 +101,7 @@ + gpfs /test/gpfs_mount special merge
svn commit: samba-docs r1063 - in trunk/manpages-3: .
Author: jmcd Date: 2007-03-19 18:29:04 + (Mon, 19 Mar 2007) New Revision: 1063 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba-docs&rev=1063 Log: Add manpage for gpfs module. Thanks to Chetan Shringarpure <[EMAIL PROTECTED]> Added: trunk/manpages-3/vfs_gpfs.8.xml Changeset: Added: trunk/manpages-3/vfs_gpfs.8.xml === --- trunk/manpages-3/vfs_gpfs.8.xml 2007-03-18 18:21:43 UTC (rev 1062) +++ trunk/manpages-3/vfs_gpfs.8.xml 2007-03-19 18:29:04 UTC (rev 1063) @@ -0,0 +1,139 @@ + +http://www.samba.org/samba/DTD/samba-doc";> + + + + vfs_gpfs + 8 + + + + + vfs_gpfs + gpfs specific samba extensions like acls and prealloc + + + + + vfs objects = gpfs + + + + + DESCRIPTION + + This VFS module is part of the + samba + 7 suite. + + The gpfs VFS module is the home + for all gpfs extensions that Samba requires for proper integration + with GPFS. For this it utilizes the gpl-ed library interfaces provided by + GPFS team. + + + Currently the gpfs vfs module provides extensions in following areas : + + NFSv4 ACL Interfaces with configurable options for gpfs + Kernel oplock support on GPFS + + + + NOTE:This module follows the posix-acl behaviour + and hence allows permission stealing via chown. Samba might allow at a later + point in time, to restrict the chown via this module as such restrictions + are the responsibility of the underlying filesystem than of Samba. + + + This module is stackable. + + + + + + OPTIONS + + + + + + nfs4:mode = [ simple | special ] + + + Enable/Disable substitution of special ids on GPFS. This parameter + should not affect the windows users in anyway. It only ensures that Samba + sets the special ids - OWNER@ and GROUP@ ( mappings to simple uids ) + that are relevant to GPFS. + + + The following MODE are understood by the module: + + simple(default) - do not use special IDs in GPFS ACEs + special - use special IDs in GPFS ACEs. + + + + + + + nfs4:acedup = [dontcare|reject|ignore|merge] + + This parameter configures how Samba handles duplicate ACEs encountered in GPFS ACLs. + GPFS allows/creates duplicate ACE for different bits for same ID. + + + Following is the behaviour of Samba for different values : + + dontcare (default) - copy the ACEs as they come + reject - stop operation and exit with error on ACL set op + ignore - don't include the second matching ACE + merge - OR 2 ace.flag fields and 2 ace.mask fields of the 2 duplicate ACEs into 1 ACE + + + + + + + + EXAMPLES + + A GPFS mount can be exported via Samba as follows : + + + + /test/gpfs_mount + special + merge + + + + + CAVEATS + The gpfs gpl libraries are required by gpfs VFS + module during both compilation and runtime. + Also this VFS module is tested to work on SLES 9/10 and RHEL 4.4 + + + + + VERSION + This man page is correct for version 3.0.25 of the Samba suite. + + + + + AUTHOR + + The original Samba software and related utilities + were created by Andrew Tridgell. Samba is now developed + by the Samba Team as an Open Source project similar + to the way the Linux kernel is developed. + + The GPFS VFS module was created with contributions from + Volker Lendecke and the developers at IBM. + + +This manpage was created by the IBM FSCC team + + +
svn commit: samba r21637 - in branches: SAMBA_3_0/source/lib SAMBA_3_0_25/source/lib
Author: jmcd
Date: 2007-03-01 20:52:14 + (Thu, 01 Mar 2007)
New Revision: 21637
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=21637
Log:
Get "password never expires" account policy working.
0x8000LL is "infinity" to NT and should
not be converted numerically to time_t.
Modified:
branches/SAMBA_3_0/source/lib/time.c
branches/SAMBA_3_0_25/source/lib/time.c
Changeset:
Modified: branches/SAMBA_3_0/source/lib/time.c
===
--- branches/SAMBA_3_0/source/lib/time.c2007-03-01 19:22:31 UTC (rev
21636)
+++ branches/SAMBA_3_0/source/lib/time.c2007-03-01 20:52:14 UTC (rev
21637)
@@ -36,6 +36,8 @@
#define TIME_T_MAX (~ (time_t) 0 - TIME_T_MIN)
#endif
+#define NTTIME_INFINITY (NTTIME)0x8000LL
+
/**
External access to time_t_min and time_t_max.
**/
@@ -1180,6 +1182,10 @@
return (time_t)-1;
}
+ if (*nt == NTTIME_INFINITY) {
+ return (time_t)-1;
+ }
+
/* reverse the time */
/* it's a negative value, turn it to positive */
d=~*nt;
@@ -1248,7 +1254,7 @@
if (t == (time_t)-1) {
/* that's what NT uses for infinite */
- *nt = 0x8000LL;
+ *nt = NTTIME_INFINITY;
return;
}
@@ -1306,7 +1312,7 @@
if (nttime==0)
return "Now";
- if (nttime==0x8000LL)
+ if (nttime==NTTIME_INFINITY)
return "Never";
high = 65536;
@@ -1335,7 +1341,7 @@
return False;
}
- if (*nt == 0x8000LL) {
+ if (*nt == NTTIME_INFINITY) {
return False;
}
Modified: branches/SAMBA_3_0_25/source/lib/time.c
===
--- branches/SAMBA_3_0_25/source/lib/time.c 2007-03-01 19:22:31 UTC (rev
21636)
+++ branches/SAMBA_3_0_25/source/lib/time.c 2007-03-01 20:52:14 UTC (rev
21637)
@@ -36,6 +36,8 @@
#define TIME_T_MAX (~ (time_t) 0 - TIME_T_MIN)
#endif
+#define NTTIME_INFINITY (NTTIME)0x8000LL
+
/**
External access to time_t_min and time_t_max.
**/
@@ -1180,6 +1182,10 @@
return (time_t)-1;
}
+ if (*nt == NTTIME_INFINITY) {
+ return (time_t)-1;
+ }
+
/* reverse the time */
/* it's a negative value, turn it to positive */
d=~*nt;
@@ -1248,7 +1254,7 @@
if (t == (time_t)-1) {
/* that's what NT uses for infinite */
- *nt = 0x8000LL;
+ *nt = NTTIME_INFINITY;
return;
}
@@ -1306,7 +1312,7 @@
if (nttime==0)
return "Now";
- if (nttime==0x8000LL)
+ if (nttime==NTTIME_INFINITY)
return "Never";
high = 65536;
@@ -1335,7 +1341,7 @@
return False;
}
- if (*nt == 0x8000LL) {
+ if (*nt == NTTIME_INFINITY) {
return False;
}
svn commit: samba r21339 - in branches: SAMBA_3_0/source/modules SAMBA_3_0_25/source/modules
Author: jmcd Date: 2007-02-14 14:25:56 + (Wed, 14 Feb 2007) New Revision: 21339 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=21339 Log: Fix the non-linux build. This is more evidence that this needs to be moved up one layer. Modified: branches/SAMBA_3_0/source/modules/vfs_default.c branches/SAMBA_3_0_25/source/modules/vfs_default.c Changeset: Modified: branches/SAMBA_3_0/source/modules/vfs_default.c === --- branches/SAMBA_3_0/source/modules/vfs_default.c 2007-02-14 14:23:59 UTC (rev 21338) +++ branches/SAMBA_3_0/source/modules/vfs_default.c 2007-02-14 14:25:56 UTC (rev 21339) @@ -790,12 +790,14 @@ START_PROFILE(syscall_linux_setlease); +#ifdef LINUX /* first set the signal handler */ if(linux_set_lease_sighandler(fd) == -1) return -1; result = linux_setlease(fd, leasetype); +#endif END_PROFILE(syscall_linux_setlease); return result; } Modified: branches/SAMBA_3_0_25/source/modules/vfs_default.c === --- branches/SAMBA_3_0_25/source/modules/vfs_default.c 2007-02-14 14:23:59 UTC (rev 21338) +++ branches/SAMBA_3_0_25/source/modules/vfs_default.c 2007-02-14 14:25:56 UTC (rev 21339) @@ -790,12 +790,14 @@ START_PROFILE(syscall_linux_setlease); +#ifdef LINUX /* first set the signal handler */ if(linux_set_lease_sighandler(fd) == -1) return -1; result = linux_setlease(fd, leasetype); +#endif END_PROFILE(syscall_linux_setlease); return result; }
svn commit: samba r21324 - in branches: SAMBA_3_0/source/include SAMBA_3_0/source/modules SAMBA_3_0/source/profile SAMBA_3_0/source/smbd SAMBA_3_0_25/source/include SAMBA_3_0_25/source/modules SAMBA_3
Author: jmcd Date: 2007-02-14 02:37:14 + (Wed, 14 Feb 2007) New Revision: 21324 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=21324 Log: Add linux setlease to the vfs layer. Next round, as Volker points out, it should be abstracted a little higher up so other os'es can have an entry, but it will take a bit more work. Thanks to Chetan Shringarpure and Mathias Dietz. I didn't increment the vfs number again because the kernel change notify stuff hasn't been released yet anyway. Modified: branches/SAMBA_3_0/source/include/smbprofile.h branches/SAMBA_3_0/source/include/vfs.h branches/SAMBA_3_0/source/include/vfs_macros.h branches/SAMBA_3_0/source/modules/vfs_default.c branches/SAMBA_3_0/source/modules/vfs_full_audit.c branches/SAMBA_3_0/source/modules/vfs_gpfs.c branches/SAMBA_3_0/source/profile/profile.c branches/SAMBA_3_0/source/smbd/oplock_linux.c branches/SAMBA_3_0_25/source/include/smbprofile.h branches/SAMBA_3_0_25/source/include/vfs.h branches/SAMBA_3_0_25/source/include/vfs_macros.h branches/SAMBA_3_0_25/source/modules/vfs_default.c branches/SAMBA_3_0_25/source/modules/vfs_full_audit.c branches/SAMBA_3_0_25/source/modules/vfs_gpfs.c branches/SAMBA_3_0_25/source/profile/profile.c branches/SAMBA_3_0_25/source/smbd/oplock_linux.c Changeset: Sorry, the patch is too large (609 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=21324
svn commit: samba r21004 - in branches: SAMBA_3_0/source/modules SAMBA_3_0_24/source/modules
Author: jmcd
Date: 2007-01-24 15:29:58 + (Wed, 24 Jan 2007)
New Revision: 21004
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=21004
Log:
Patch from Mathias Dietz <[EMAIL PROTECTED]> to fix multi-node
sharemodes in gpfs.
Modified:
branches/SAMBA_3_0/source/modules/gpfs.c
branches/SAMBA_3_0_24/source/modules/gpfs.c
Changeset:
Modified: branches/SAMBA_3_0/source/modules/gpfs.c
===
--- branches/SAMBA_3_0/source/modules/gpfs.c2007-01-24 14:59:01 UTC (rev
21003)
+++ branches/SAMBA_3_0/source/modules/gpfs.c2007-01-24 15:29:58 UTC (rev
21004)
@@ -57,7 +57,7 @@
DEBUG(10, ("special case am=no_access:%x\n",access_mask));
}
else {
- deny |= (share_access & (FILE_SHARE_WRITE|FILE_SHARE_DELETE)) ?
+ deny |= (share_access & FILE_SHARE_WRITE) ?
0 : GPFS_DENY_WRITE;
deny |= (share_access & (FILE_SHARE_READ)) ?
0 : GPFS_DENY_READ;
Modified: branches/SAMBA_3_0_24/source/modules/gpfs.c
===
--- branches/SAMBA_3_0_24/source/modules/gpfs.c 2007-01-24 14:59:01 UTC (rev
21003)
+++ branches/SAMBA_3_0_24/source/modules/gpfs.c 2007-01-24 15:29:58 UTC (rev
21004)
@@ -57,7 +57,7 @@
DEBUG(10, ("special case am=no_access:%x\n",access_mask));
}
else {
- deny |= (share_access & (FILE_SHARE_WRITE|FILE_SHARE_DELETE)) ?
+ deny |= (share_access & FILE_SHARE_WRITE) ?
0 : GPFS_DENY_WRITE;
deny |= (share_access & (FILE_SHARE_READ)) ?
0 : GPFS_DENY_READ;
svn commit: samba r20717 - in branches: SAMBA_3_0/source/modules SAMBA_3_0_24/source/modules
Author: jmcd
Date: 2007-01-12 21:56:25 + (Fri, 12 Jan 2007)
New Revision: 20717
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=20717
Log:
Merge sharemode patch from Mathias Dietz <[EMAIL PROTECTED]>.
The patch fixes the behaviour of GPFS sharemodes when
the access mask is no_access.
Modified:
branches/SAMBA_3_0/source/modules/gpfs.c
branches/SAMBA_3_0_24/source/modules/gpfs.c
Changeset:
Modified: branches/SAMBA_3_0/source/modules/gpfs.c
===
--- branches/SAMBA_3_0/source/modules/gpfs.c2007-01-12 17:58:38 UTC (rev
20716)
+++ branches/SAMBA_3_0/source/modules/gpfs.c2007-01-12 21:56:25 UTC (rev
20717)
@@ -52,11 +52,16 @@
DELETE_ACCESS)) ? GPFS_SHARE_WRITE : 0;
allow |= (access_mask & (FILE_READ_DATA|FILE_EXECUTE)) ?
GPFS_SHARE_READ : 0;
- deny |= (share_access & (FILE_SHARE_WRITE|FILE_SHARE_DELETE)) ?
- 0 : GPFS_DENY_WRITE;
- deny |= (share_access & (FILE_SHARE_READ)) ?
- 0 : GPFS_DENY_READ;
+ if (allow == GPFS_SHARE_NONE) {
+ DEBUG(10, ("special case am=no_access:%x\n",access_mask));
+ }
+ else {
+ deny |= (share_access & (FILE_SHARE_WRITE|FILE_SHARE_DELETE)) ?
+ 0 : GPFS_DENY_WRITE;
+ deny |= (share_access & (FILE_SHARE_READ)) ?
+ 0 : GPFS_DENY_READ;
+ }
DEBUG(10, ("am=%x, allow=%d, sa=%x, deny=%d\n",
access_mask, allow, share_access, deny));
Modified: branches/SAMBA_3_0_24/source/modules/gpfs.c
===
--- branches/SAMBA_3_0_24/source/modules/gpfs.c 2007-01-12 17:58:38 UTC (rev
20716)
+++ branches/SAMBA_3_0_24/source/modules/gpfs.c 2007-01-12 21:56:25 UTC (rev
20717)
@@ -52,11 +52,16 @@
DELETE_ACCESS)) ? GPFS_SHARE_WRITE : 0;
allow |= (access_mask & (FILE_READ_DATA|FILE_EXECUTE)) ?
GPFS_SHARE_READ : 0;
- deny |= (share_access & (FILE_SHARE_WRITE|FILE_SHARE_DELETE)) ?
- 0 : GPFS_DENY_WRITE;
- deny |= (share_access & (FILE_SHARE_READ)) ?
- 0 : GPFS_DENY_READ;
+ if (allow == GPFS_SHARE_NONE) {
+ DEBUG(10, ("special case am=no_access:%x\n",access_mask));
+ }
+ else {
+ deny |= (share_access & (FILE_SHARE_WRITE|FILE_SHARE_DELETE)) ?
+ 0 : GPFS_DENY_WRITE;
+ deny |= (share_access & (FILE_SHARE_READ)) ?
+ 0 : GPFS_DENY_READ;
+ }
DEBUG(10, ("am=%x, allow=%d, sa=%x, deny=%d\n",
access_mask, allow, share_access, deny));
svn commit: samba r20136 - in branches: SAMBA_3_0/source/nsswitch SAMBA_3_0_24/source/nsswitch
Author: jmcd
Date: 2006-12-12 22:05:48 + (Tue, 12 Dec 2006)
New Revision: 20136
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=20136
Log:
Fix #4290. Properly compute time to password expiration in message from
pam_winbind. Thanks to Andrew Benham <[EMAIL PROTECTED]>
Modified:
branches/SAMBA_3_0/source/nsswitch/pam_winbind.c
branches/SAMBA_3_0_24/source/nsswitch/pam_winbind.c
Changeset:
Modified: branches/SAMBA_3_0/source/nsswitch/pam_winbind.c
===
--- branches/SAMBA_3_0/source/nsswitch/pam_winbind.c2006-12-12 21:47:56 UTC
(rev 20135)
+++ branches/SAMBA_3_0/source/nsswitch/pam_winbind.c2006-12-12 22:05:48 UTC
(rev 20136)
@@ -536,7 +536,8 @@
(response.data.auth.policy.expire) &&
(response.data.auth.info3.pass_last_set_time +
response.data.auth.policy.expire > time(NULL) ) ) {
- int days = response.data.auth.policy.expire / SECONDS_PER_DAY;
+ int days = (response.data.auth.info3.pass_last_set_time +
response.data.auth.policy.expire -
+ time(NULL))/ SECONDS_PER_DAY;
if (days <= DAYS_TO_WARN_BEFORE_PWD_EXPIRES) {
_make_remark_format(pamh, PAM_TEXT_INFO, "Your password
will expire in %d days", days);
}
Modified: branches/SAMBA_3_0_24/source/nsswitch/pam_winbind.c
===
--- branches/SAMBA_3_0_24/source/nsswitch/pam_winbind.c 2006-12-12 21:47:56 UTC
(rev 20135)
+++ branches/SAMBA_3_0_24/source/nsswitch/pam_winbind.c 2006-12-12 22:05:48 UTC
(rev 20136)
@@ -536,7 +536,8 @@
(response.data.auth.policy.expire) &&
(response.data.auth.info3.pass_last_set_time +
response.data.auth.policy.expire > time(NULL) ) ) {
- int days = response.data.auth.policy.expire / SECONDS_PER_DAY;
+ int days = (response.data.auth.info3.pass_last_set_time +
response.data.auth.policy.expire -
+ time(NULL))/ SECONDS_PER_DAY;
if (days <= DAYS_TO_WARN_BEFORE_PWD_EXPIRES) {
_make_remark_format(pamh, PAM_TEXT_INFO, "Your password
will expire in %d days", days);
}
svn commit: samba-docs r1004 - in trunk/Samba3-HOWTO: .
Author: jmcd Date: 2006-12-12 19:21:31 + (Tue, 12 Dec 2006) New Revision: 1004 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba-docs&rev=1004 Log: Also update the HOWTO with the createcomputer information for net ads join Modified: trunk/Samba3-HOWTO/TOSHARG-DomainMember.xml Changeset: Modified: trunk/Samba3-HOWTO/TOSHARG-DomainMember.xml === --- trunk/Samba3-HOWTO/TOSHARG-DomainMember.xml 2006-12-12 16:52:26 UTC (rev 1003) +++ trunk/Samba3-HOWTO/TOSHARG-DomainMember.xml 2006-12-12 19:21:31 UTC (rev 1004) @@ -1112,7 +1112,7 @@ this to be done using the following syntax: &rootprompt; kinit [EMAIL PROTECTED] -&rootprompt; net ads join "organizational_unit" +&rootprompt; net ads join createcomputer="organizational_unit" Your ADS manager will be able to advise what should be specified for the "organizational_unit" parameter. @@ -1123,13 +1123,15 @@ container ADS For example, you may want to create the machine trust account in a container called Servers -under the organizational directory Computers\BusinessUnit\Department, like this: +under the organizational directory Computers/BusinessUnit/Department, like this: -&rootprompt; net ads join "Computers\BusinessUnit\Department\Servers" +&rootprompt; net ads join "Computers/BusinessUnit/Department/Servers" This command will place the Samba server machine trust account in the container -Computers\BusinessUnit\Department\Servers. The container should exist in the ADS directory -before executing this command. +Computers/BusinessUnit/Department/Servers. The container should exist in the ADS directory +before executing this command. Please note that forward slashes must be used, because backslashes are both +valid characters in an OU name and used as escapes for other characters. If you need a backslash in an OU +name, it may need to be quadrupled to pass through the shell escape and ldap escape.
svn commit: samba-docs r1003 - in trunk/manpages-3: .
Author: jmcd Date: 2006-12-12 16:52:26 + (Tue, 12 Dec 2006) New Revision: 1003 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba-docs&rev=1003 Log: Add ads-only options for net ads join Modified: trunk/manpages-3/net.8.xml Changeset: Modified: trunk/manpages-3/net.8.xml === --- trunk/manpages-3/net.8.xml 2006-12-01 13:53:26 UTC (rev 1002) +++ trunk/manpages-3/net.8.xml 2006-12-12 16:52:26 UTC (rev 1003) @@ -181,7 +181,7 @@ -[RPC|ADS] JOIN [TYPE] [-U username[%password]] [options] +[RPC|ADS] JOIN [TYPE] [-U username[%password]] [createupn=UPN] [createcomputer=OU] [options] Join a domain. If the account already exists on the server, and @@ -194,6 +194,19 @@ [TYPE] may be PDC, BDC or MEMBER to specify the type of server joining the domain. + + +[UPN] (ADS only) set the principalname attribute during the join. The default +format is host/[EMAIL PROTECTED] + + + +[OU] (ADS only) Precreate the computer account in a specific OU. The +OU string reads from top to bottom without RDNs, and is delimited by +a '/'. Please note that '\' is used for escape by both the shell +and ldap, so it may need to be doubled or quadrupled to pass through, +and it is not used as a delimiter. +
svn commit: samba r20119 - in branches: SAMBA_3_0/source/utils SAMBA_3_0_24/source/utils
Author: jmcd
Date: 2006-12-12 16:40:57 + (Tue, 12 Dec 2006)
New Revision: 20119
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=20119
Log:
Update help info indicating how to use separators (forward slash only)
and properly use backslashes in "net ads join computername="
Modified:
branches/SAMBA_3_0/source/utils/net_ads.c
branches/SAMBA_3_0_24/source/utils/net_ads.c
Changeset:
Modified: branches/SAMBA_3_0/source/utils/net_ads.c
===
--- branches/SAMBA_3_0/source/utils/net_ads.c 2006-12-12 15:16:26 UTC (rev
20118)
+++ branches/SAMBA_3_0/source/utils/net_ads.c 2006-12-12 16:40:57 UTC (rev
20119)
@@ -1322,6 +1322,8 @@
d_printf(" createcomputer=OU Precreate the computer account in a
specific OU.\n");
d_printf(" The OU string read from top to bottom
without RDNs and delimited by a '/'.\n");
d_printf(" E.g.
\"createcomputer=Computers/Servers/Unix\"\n");
+ d_printf(" NB: A backslash '\\' is used as escape
at multiple levels and may\n");
+ d_printf(" need to be doubled or even
quadrupled. It is not used as a separator");
return -1;
}
Modified: branches/SAMBA_3_0_24/source/utils/net_ads.c
===
--- branches/SAMBA_3_0_24/source/utils/net_ads.c2006-12-12 15:16:26 UTC
(rev 20118)
+++ branches/SAMBA_3_0_24/source/utils/net_ads.c2006-12-12 16:40:57 UTC
(rev 20119)
@@ -1322,6 +1322,8 @@
d_printf(" createcomputer=OU Precreate the computer account in a
specific OU.\n");
d_printf(" The OU string read from top to bottom
without RDNs and delimited by a '/'.\n");
d_printf(" E.g.
\"createcomputer=Computers/Servers/Unix\"\n");
+ d_printf(" NB: A backslash '\\' is used as escape
at multiple levels and may\n");
+ d_printf(" need to be doubled or even
quadrupled. It is not used as a separator");
return -1;
}
svn commit: samba r20089 - in branches: SAMBA_3_0/source SAMBA_3_0/source/modules SAMBA_3_0_24/source SAMBA_3_0_24/source/modules
Author: jmcd Date: 2006-12-08 18:56:01 + (Fri, 08 Dec 2006) New Revision: 20089 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=20089 Log: Put gpfs acl function into vfs_gpfs module. Thanks to Gomati Mohanan <[EMAIL PROTECTED]>. Also fix fields for sec_desc differences between 3.0 and 3.0.24 in nfs4_acls.c. Added: branches/SAMBA_3_0/source/modules/README-gpfs-acl.txt branches/SAMBA_3_0_24/source/modules/README-gpfs-acl.txt Modified: branches/SAMBA_3_0/source/Makefile.in branches/SAMBA_3_0/source/modules/vfs_gpfs.c branches/SAMBA_3_0_24/source/Makefile.in branches/SAMBA_3_0_24/source/modules/nfs4_acls.c branches/SAMBA_3_0_24/source/modules/vfs_gpfs.c Changeset: Sorry, the patch is too large (1457 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=20089
svn commit: samba r19749 - in branches/SAMBA_3_0_24/source: . include lib modules smbd
Author: jmcd Date: 2006-11-16 18:44:26 + (Thu, 16 Nov 2006) New Revision: 19749 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=19749 Log: Merge acl vfs changes, including nfs4 acl support, from SAMBA_3_0 Added: branches/SAMBA_3_0_24/source/modules/README.nfs4acls.txt branches/SAMBA_3_0_24/source/modules/nfs4_acls.c branches/SAMBA_3_0_24/source/modules/nfs4_acls.h branches/SAMBA_3_0_24/source/modules/vfs_aixacl.c branches/SAMBA_3_0_24/source/modules/vfs_aixacl2.c branches/SAMBA_3_0_24/source/modules/vfs_aixacl_util.c branches/SAMBA_3_0_24/source/modules/vfs_hpuxacl.c branches/SAMBA_3_0_24/source/modules/vfs_irixacl.c branches/SAMBA_3_0_24/source/modules/vfs_posixacl.c branches/SAMBA_3_0_24/source/modules/vfs_solarisacl.c branches/SAMBA_3_0_24/source/modules/vfs_tru64acl.c Modified: branches/SAMBA_3_0_24/source/Makefile.in branches/SAMBA_3_0_24/source/configure.in branches/SAMBA_3_0_24/source/include/smb_acls.h branches/SAMBA_3_0_24/source/lib/sysacls.c branches/SAMBA_3_0_24/source/modules/vfs_afsacl.c branches/SAMBA_3_0_24/source/smbd/posix_acls.c branches/SAMBA_3_0_24/source/smbd/vfs-wrap.c Changeset: Sorry, the patch is too large (7779 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=19749
svn commit: samba r19658 - in branches/SAMBA_3_0_24/source/modules: .
Author: jmcd
Date: 2006-11-10 23:30:07 + (Fri, 10 Nov 2006)
New Revision: 19658
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=19658
Log:
Forgot to add these for the gpfs code
Added:
branches/SAMBA_3_0_24/source/modules/gpfs.c
branches/SAMBA_3_0_24/source/modules/vfs_gpfs.c
Changeset:
Added: branches/SAMBA_3_0_24/source/modules/gpfs.c
===
--- branches/SAMBA_3_0_24/source/modules/gpfs.c 2006-11-10 15:56:20 UTC (rev
19657)
+++ branches/SAMBA_3_0_24/source/modules/gpfs.c 2006-11-10 23:30:07 UTC (rev
19658)
@@ -0,0 +1,231 @@
+/*
+ * Unix SMB/CIFS implementation.
+ * Provide a connection to GPFS specific features
+ * Copyright (C) Volker Lendecke 2005
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ */
+
+#include "includes.h"
+
+#ifdef HAVE_GPFS
+
+#include "gpfs_gpl.h"
+
+static void *libgpfs_handle = NULL;
+
+static int (*gpfs_set_share_fn)(int fd, unsigned int allow, unsigned int deny);
+static int (*gpfs_set_lease_fn)(int fd, unsigned int leaseType);
+static int (*gpfs_getacl_fn)(char *pathname, int flags, void *acl);
+static int (*gpfs_putacl_fn)(char *pathname, int flags, void *acl);
+
+
+BOOL set_gpfs_sharemode(files_struct *fsp, uint32 access_mask,
+ uint32 share_access)
+{
+ unsigned int allow = GPFS_SHARE_NONE;
+ unsigned int deny = GPFS_DENY_NONE;
+ int result;
+
+ if (gpfs_set_share_fn == NULL) {
+ return False;
+ }
+
+ if ((fsp == NULL) || (fsp->fh == NULL) || (fsp->fh->fd < 0)) {
+ /* No real file, don't disturb */
+ return True;
+ }
+
+ allow |= (access_mask & (FILE_WRITE_DATA|FILE_APPEND_DATA|
+DELETE_ACCESS)) ? GPFS_SHARE_WRITE : 0;
+ allow |= (access_mask & (FILE_READ_DATA|FILE_EXECUTE)) ?
+ GPFS_SHARE_READ : 0;
+ deny |= (share_access & (FILE_SHARE_WRITE|FILE_SHARE_DELETE)) ?
+ 0 : GPFS_DENY_WRITE;
+ deny |= (share_access & (FILE_SHARE_READ)) ?
+ 0 : GPFS_DENY_READ;
+
+ DEBUG(10, ("am=%x, allow=%d, sa=%x, deny=%d\n",
+ access_mask, allow, share_access, deny));
+
+ result = gpfs_set_share_fn(fsp->fh->fd, allow, deny);
+ if (result != 0) {
+ if (errno == ENOSYS) {
+ DEBUG(5, ("VFS module vfs_gpfs loaded, but no gpfs "
+ "support has been compiled into Samba.
Allowing access\n"));
+ return True;
+ } else {
+ DEBUG(10, ("gpfs_set_share failed: %s\n",
+ strerror(errno)));
+ }
+ }
+
+ return (result == 0);
+}
+
+int set_gpfs_lease(int fd, int leasetype)
+{
+ int gpfs_type = GPFS_LEASE_NONE;
+
+ if (gpfs_set_lease_fn == NULL) {
+ errno = EINVAL;
+ return -1;
+ }
+
+ if (leasetype == F_RDLCK) {
+ gpfs_type = GPFS_LEASE_READ;
+ }
+ if (leasetype == F_WRLCK) {
+ gpfs_type = GPFS_LEASE_WRITE;
+ }
+ return gpfs_set_lease_fn(fd, gpfs_type);
+}
+
+int smbd_gpfs_getacl(char *pathname, int flags, void *acl)
+{
+ if (gpfs_getacl_fn == NULL) {
+ errno = ENOSYS;
+ return -1;
+ }
+
+ return gpfs_getacl_fn(pathname, flags, acl);
+}
+
+int smbd_gpfs_putacl(char *pathname, int flags, void *acl)
+{
+ if (gpfs_putacl_fn == NULL) {
+ errno = ENOSYS;
+ return -1;
+ }
+
+ return gpfs_putacl_fn(pathname, flags, acl);
+}
+
+void init_gpfs(void)
+{
+ if (libgpfs_handle != NULL) {
+ return;
+ }
+
+ libgpfs_handle = sys_dlopen("libgpfs_gpl.so", RTLD_LAZY);
+
+ if (libgpfs_handle == NULL) {
+ DEBUG(10, ("sys_dlopen for libgpfs_gpl failed: %s\n",
+ strerror(errno)));
+ return;
+ }
+
+ DEBUG(10, ("libgpfs_gpl.so loaded\n"));
+
+ gpfs_set_share_fn = sys_dlsym(libgpfs_
svn commit: samba r19655 - in branches: SAMBA_3_0/source/include SAMBA_3_0_24/source/include
Author: jmcd Date: 2006-11-10 15:43:29 + (Fri, 10 Nov 2006) New Revision: 19655 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=19655 Log: Jeremy, please review: I updated the vfs version in 3.0.24 from 16 to 17, beacuse 16 was the latest released code, but on SAMBA_3_0, I reverted my earlier change back from 19 to 18, because we've not had any released code with 18. This is related to the kernel_flock call addition. Modified: branches/SAMBA_3_0/source/include/vfs.h branches/SAMBA_3_0_24/source/include/vfs.h Changeset: Modified: branches/SAMBA_3_0/source/include/vfs.h === --- branches/SAMBA_3_0/source/include/vfs.h 2006-11-10 15:40:48 UTC (rev 19654) +++ branches/SAMBA_3_0/source/include/vfs.h 2006-11-10 15:43:29 UTC (rev 19655) @@ -63,9 +63,9 @@ /* Changed to version 15 as we added the statvfs call. JRA */ /* Changed to version 16 as we added the getlock call. JRA */ /* Changed to version 17 as we removed redundant connection_struct parameters. --jpeach */ -/* Changed to version 18 to add fsp parameter to the open call -- jpeach */ -/* Changed to version 19 to add kernel_flock call - jmcd */ -#define SMB_VFS_INTERFACE_VERSION 19 +/* Changed to version 18 to add fsp parameter to the open call -- jpeach + Also include kernel_flock call - jmcd */ +#define SMB_VFS_INTERFACE_VERSION 18 /* to bug old modules which are trying to compile with the old functions */ Modified: branches/SAMBA_3_0_24/source/include/vfs.h === --- branches/SAMBA_3_0_24/source/include/vfs.h 2006-11-10 15:40:48 UTC (rev 19654) +++ branches/SAMBA_3_0_24/source/include/vfs.h 2006-11-10 15:43:29 UTC (rev 19655) @@ -62,7 +62,8 @@ /* Changed to version 14 as we had to change DIR to SMB_STRUCT_DIR. JRA */ /* Changed to version 15 as we added the statvfs call. JRA */ /* Changed to version 16 as we added the getlock call. JRA */ -#define SMB_VFS_INTERFACE_VERSION 16 +/* Changed to version 17 to add kernel_flock call. Note in 3.0 dev branch it's different - jmcd */ +#define SMB_VFS_INTERFACE_VERSION 17 /* to bug old modules which are trying to compile with the old functions */
svn commit: samba r19654 - in branches/SAMBA_3_0_24/source: . include lib smbd
Author: jmcd Date: 2006-11-10 15:40:48 + (Fri, 10 Nov 2006) New Revision: 19654 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=19654 Log: merge GPFS vfs support from 3.0, including adding kernel_flock vfs op. Modified: branches/SAMBA_3_0_24/source/Makefile.in branches/SAMBA_3_0_24/source/configure.in branches/SAMBA_3_0_24/source/include/smbprofile.h branches/SAMBA_3_0_24/source/include/vfs.h branches/SAMBA_3_0_24/source/include/vfs_macros.h branches/SAMBA_3_0_24/source/lib/system.c branches/SAMBA_3_0_24/source/smbd/open.c branches/SAMBA_3_0_24/source/smbd/vfs-wrap.c branches/SAMBA_3_0_24/source/smbd/vfs.c Changeset: Modified: branches/SAMBA_3_0_24/source/Makefile.in === --- branches/SAMBA_3_0_24/source/Makefile.in2006-11-10 15:28:44 UTC (rev 19653) +++ branches/SAMBA_3_0_24/source/Makefile.in2006-11-10 15:40:48 UTC (rev 19654) @@ -374,6 +374,7 @@ VFS_SHADOW_COPY_OBJ = modules/vfs_shadow_copy.o VFS_AFSACL_OBJ = modules/vfs_afsacl.o VFS_CATIA_OBJ = modules/vfs_catia.o +VFS_GPFS_OBJ = modules/vfs_gpfs.o modules/gpfs.o PLAINTEXT_AUTH_OBJ = auth/pampass.o auth/pass_check.o @@ -1373,6 +1374,10 @@ @$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_CATIA_OBJ:[EMAIL PROTECTED]@) \ @[EMAIL PROTECTED] [EMAIL PROTECTED] +bin/[EMAIL PROTECTED]@: $(VFS_GPFS_OBJ) + @echo "Building plugin $@" + @$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_GPFS_OBJ) \ + @[EMAIL PROTECTED] [EMAIL PROTECTED] bin/[EMAIL PROTECTED]@: $(WBINFO_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ Modified: branches/SAMBA_3_0_24/source/configure.in === --- branches/SAMBA_3_0_24/source/configure.in 2006-11-10 15:28:44 UTC (rev 19653) +++ branches/SAMBA_3_0_24/source/configure.in 2006-11-10 15:40:48 UTC (rev 19654) @@ -1286,6 +1286,20 @@ AC_CHECK_FUNCS(backtrace_symbols) AC_CHECK_LIB(exc, trace_back_stack) +echo -n "checking for GPFS GPL libs... " +save_LIBS="$LIBS" +LIBS="$LIBS -lgpfs_gpl" +AC_TRY_LINK([#include ], + [gpfs_set_share(0,GPFS_SHARE_READ,GPFS_DENY_NONE)], + samba_cv_HAVE_GPFS=yes, + samba_cv_HAVE_GPFS=no) +echo $samba_cv_HAVE_GPFS +if test x"$samba_cv_HAVE_GPFS" = x"yes"; then +AC_DEFINE(HAVE_GPFS,1,[Whether GPFS GPL libs are available]) +default_shared_modules="$default_shared_modules vfs_gpfs" +fi +LIBS="$save_LIBS" + # Note that all the libunwind symbols in the API are defined to internal # platform-specific version, so we must include libunwind.h before checking # any of them. @@ -5598,6 +5612,7 @@ SMB_MODULE(vfs_shadow_copy, \$(VFS_SHADOW_COPY_OBJ), "bin/shadow_copy.$SHLIBEXT", VFS) SMB_MODULE(vfs_afsacl, \$(VFS_AFSACL_OBJ), "bin/afsacl.$SHLIBEXT", VFS) SMB_MODULE(vfs_catia, \$(VFS_CATIA_OBJ), "bin/catia.$SHLIBEXT", VFS) +SMB_MODULE(vfs_gpfs, \$(VFS_GPFS_OBJ), "bin/gpfs.$SHLIBEXT", VFS) SMB_SUBSYSTEM(VFS,smbd/vfs.o) AC_DEFINE_UNQUOTED(STRING_STATIC_MODULES, "$string_static_modules", [String list of builtin modules]) Modified: branches/SAMBA_3_0_24/source/include/smbprofile.h === --- branches/SAMBA_3_0_24/source/include/smbprofile.h 2006-11-10 15:28:44 UTC (rev 19653) +++ branches/SAMBA_3_0_24/source/include/smbprofile.h 2006-11-10 15:40:48 UTC (rev 19654) @@ -101,6 +101,8 @@ unsigned syscall_ftruncate_count; unsigned syscall_ftruncate_time; unsigned syscall_fcntl_lock_count; + unsigned syscall_kernel_flock_count; + unsigned syscall_kernel_flock_time; unsigned syscall_fcntl_lock_time; unsigned syscall_fcntl_getlock_count; unsigned syscall_fcntl_getlock_time; Modified: branches/SAMBA_3_0_24/source/include/vfs.h === --- branches/SAMBA_3_0_24/source/include/vfs.h 2006-11-10 15:28:44 UTC (rev 19653) +++ branches/SAMBA_3_0_24/source/include/vfs.h 2006-11-10 15:40:48 UTC (rev 19654) @@ -142,6 +142,7 @@ SMB_VFS_OP_UTIME, SMB_VFS_OP_FTRUNCATE, SMB_VFS_OP_LOCK, + SMB_VFS_OP_KERNEL_FLOCK, SMB_VFS_OP_GETLOCK, SMB_VFS_OP_SYMLINK, SMB_VFS_OP_READLINK, @@ -264,6 +265,7 @@ int (*utime)(struct vfs_handle_struct *handle, struct connection_struct *conn, const char *path, struct utimbuf *times); int (*ftruncate)(struct vfs_handle_struct *handle, struct files_struct *fsp, int fd, SMB_OFF_T offset); BOOL (*lock)(struct vfs_handle_struct *handle, struct files_struct *fsp, int fd, int op, SMB_OFF_T offset, SMB_OFF_T count, int type); + int (*kernel_flock)(struct vfs_handle_struct *handle, struct files_st
svn commit: samba r19653 - in branches/SAMBA_3_0_24/source/libsmb: .
Author: jmcd
Date: 2006-11-10 15:28:44 + (Fri, 10 Nov 2006)
New Revision: 19653
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=19653
Log:
Fix the non-krb build, a la 3.0.23
Modified:
branches/SAMBA_3_0_24/source/libsmb/cliconnect.c
Changeset:
Modified: branches/SAMBA_3_0_24/source/libsmb/cliconnect.c
===
--- branches/SAMBA_3_0_24/source/libsmb/cliconnect.c2006-11-10 13:46:19 UTC
(rev 19652)
+++ branches/SAMBA_3_0_24/source/libsmb/cliconnect.c2006-11-10 15:28:44 UTC
(rev 19653)
@@ -715,9 +715,7 @@
char *principal;
char *OIDs[ASN1_MAX_OIDS];
int i;
-#ifdef HAVE_KRB5
BOOL got_kerberos_mechanism = False;
-#endif
DATA_BLOB blob;
DEBUG(3,("Doing spnego session setup (blob length=%lu)\n", (unsigned
long)cli->secblob.length));
svn commit: samba r19648 - in branches/SAMBA_3_0/source/include: .
Author: jmcd Date: 2006-11-09 21:40:40 + (Thu, 09 Nov 2006) New Revision: 19648 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=19648 Log: whoops, forgot to increment the vfs version number with the added flock call. Modified: branches/SAMBA_3_0/source/include/vfs.h Changeset: Modified: branches/SAMBA_3_0/source/include/vfs.h === --- branches/SAMBA_3_0/source/include/vfs.h 2006-11-09 20:29:31 UTC (rev 19647) +++ branches/SAMBA_3_0/source/include/vfs.h 2006-11-09 21:40:40 UTC (rev 19648) @@ -64,7 +64,8 @@ /* Changed to version 16 as we added the getlock call. JRA */ /* Changed to version 17 as we removed redundant connection_struct parameters. --jpeach */ /* Changed to version 18 to add fsp parameter to the open call -- jpeach */ -#define SMB_VFS_INTERFACE_VERSION 18 +/* Changed to version 19 to add kernel_flock call - jmcd */ +#define SMB_VFS_INTERFACE_VERSION 19 /* to bug old modules which are trying to compile with the old functions */
svn commit: samba r19647 - in branches/SAMBA_3_0/source: . include lib modules profile smbd
Author: jmcd Date: 2006-11-09 20:29:31 + (Thu, 09 Nov 2006) New Revision: 19647 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=19647 Log: Add some GPFS support in a vfs mod. Also adds the kernel flock op to the vfs layer, since gpfs supports it. Thanks to Volker, Christian, Mathias, Chetan, and Peter. Added: branches/SAMBA_3_0/source/modules/gpfs.c branches/SAMBA_3_0/source/modules/vfs_gpfs.c Modified: branches/SAMBA_3_0/source/Makefile.in branches/SAMBA_3_0/source/configure.in branches/SAMBA_3_0/source/include/smbprofile.h branches/SAMBA_3_0/source/include/vfs.h branches/SAMBA_3_0/source/include/vfs_macros.h branches/SAMBA_3_0/source/lib/system.c branches/SAMBA_3_0/source/modules/vfs_default.c branches/SAMBA_3_0/source/profile/profile.c branches/SAMBA_3_0/source/smbd/open.c Changeset: Sorry, the patch is too large (590 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=19647
svn commit: samba r19158 - in branches: SAMBA_3_0/source/utils SAMBA_3_0_23/source/utils
Author: jmcd Date: 2006-10-06 20:09:10 + (Fri, 06 Oct 2006) New Revision: 19158 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=19158 Log: Remove root and nobody users from ldif, from Bj?\195?\182rn Jacke Modified: branches/SAMBA_3_0/source/utils/net_rpc_samsync.c branches/SAMBA_3_0_23/source/utils/net_rpc_samsync.c Changeset: Modified: branches/SAMBA_3_0/source/utils/net_rpc_samsync.c === --- branches/SAMBA_3_0/source/utils/net_rpc_samsync.c 2006-10-06 19:49:16 UTC (rev 19157) +++ branches/SAMBA_3_0/source/utils/net_rpc_samsync.c 2006-10-06 20:09:10 UTC (rev 19158) @@ -29,7 +29,7 @@ /* uid's and gid's for writing deltas to ldif */ static uint32 ldif_gid = 999; static uint32 ldif_uid = 999; -/* Kkeep track of ldap initialization */ +/* Keep track of ldap initialization */ static int init_ldap = 1; static void display_group_mem_info(uint32 rid, SAM_GROUP_MEM_INFO *g) @@ -1104,37 +1104,6 @@ fflush(add_fd); } - /* Write the root entity */ - fprintf(add_fd, "# root, %s, %s\n", user_attr, suffix); - fprintf(add_fd, "dn: uid=root,ou=%s,%s\n", user_attr, suffix); - fprintf(add_fd, "cn: root\n"); - fprintf(add_fd, "sn: root\n"); - fprintf(add_fd, "objectClass: inetOrgPerson\n"); - fprintf(add_fd, "objectClass: sambaSAMAccount\n"); - fprintf(add_fd, "objectClass: posixAccount\n"); - fprintf(add_fd, "objectClass: shadowAccount\n"); - fprintf(add_fd, "gidNumber: 0\n"); - fprintf(add_fd, "uid: root\n"); - fprintf(add_fd, "uidNumber: 0\n"); - fprintf(add_fd, "homeDirectory: /home/root\n"); - fprintf(add_fd, "sambaPwdLastSet: 0\n"); - fprintf(add_fd, "sambaLogonTime: 0\n"); - fprintf(add_fd, "sambaLogoffTime: 2147483647\n"); - fprintf(add_fd, "sambaKickoffTime: 2147483647\n"); - fprintf(add_fd, "sambaPwdCanChange: 0\n"); - fprintf(add_fd, "sambaPwdMustChange: 2147483647\n"); - fprintf(add_fd, "sambaHomePath: PDC-SRV\\root\n"); - fprintf(add_fd, "sambaHomeDrive: H:\n"); - fprintf(add_fd, "sambaProfilePath: PDC-SRV\\profiles\\root\n"); - fprintf(add_fd, "sambaprimaryGroupSID: %s-512\n", sid); - fprintf(add_fd, "sambaLMPassword: XXX\n"); - fprintf(add_fd, "sambaNTPassword: XXX\n"); - fprintf(add_fd, "sambaAcctFlags: [U\n"); - fprintf(add_fd, "sambaSID: %s-500\n", sid); - fprintf(add_fd, "loginShell: /bin/false\n"); - fprintf(add_fd, "\n"); - fflush(add_fd); - /* Write the domain entity */ fprintf(add_fd, "# %s, %s\n", lp_workgroup(), suffix); fprintf(add_fd, "dn: sambaDomainName=%s,%s\n", lp_workgroup(), @@ -1148,37 +1117,6 @@ fprintf(add_fd, "\n"); fflush(add_fd); - /* Write user nobody entity */ - fprintf(add_fd, "# nobody, %s, %s\n", user_attr, suffix); - fprintf(add_fd, "dn: uid=nobody,ou=%s,%s\n", user_attr, suffix); - fprintf(add_fd, "cn: nobody\n"); - fprintf(add_fd, "sn: nobody\n"); - fprintf(add_fd, "objectClass: inetOrgPerson\n"); - fprintf(add_fd, "objectClass: sambaSAMAccount\n"); - fprintf(add_fd, "objectClass: posixAccount\n"); - fprintf(add_fd, "objectClass: shadowAccount\n"); - fprintf(add_fd, "gidNumber: 514\n"); - fprintf(add_fd, "uid: nobody\n"); - fprintf(add_fd, "uidNumber: 999\n"); - fprintf(add_fd, "homeDirectory: /nobodyshomedir\n"); - fprintf(add_fd, "sambaPwdLastSet: 0\n"); - fprintf(add_fd, "sambaLogonTime: 0\n"); - fprintf(add_fd, "sambaLogoffTime: 2147483647\n"); - fprintf(add_fd, "sambaKickoffTime: 2147483647\n"); - fprintf(add_fd, "sambaPwdCanChange: 0\n"); - fprintf(add_fd, "sambaPwdMustChange: 2147483647\n"); - fprintf(add_fd, "sambaHomePath: PDC-SMD3\\homes\\nobody\n"); - fprintf(add_fd, "sambaHomeDrive: H:\n"); - fprintf(add_fd, "sambaProfilePath: PDC-SMB3\\profiles\\nobody\n"); - fprintf(add_fd, "sambaprimaryGroupSID: %s-514\n", sid); - fprintf(add_fd, "sambaLMPassword: NOPASSWORDX\n"); - fprintf(add_fd, "sambaNTPassword: NOPASSWORDX\n"); - fprintf(add_fd, "sambaAcctFlags: [NU\n"); - fprintf(add_fd, "sambaSID: %s-2998\n", sid); -
svn commit: samba r19058 - in branches/SAMBA_3_0/source: auth passdb rpc_server smbd
Author: jmcd
Date: 2006-10-03 17:14:18 + (Tue, 03 Oct 2006)
New Revision: 19058
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=19058
Log:
Implement "user cannot change password", and complete "user must change
password at next logon" code. The "password last set time" of zero now
means "user must change password", because that's how windows seems to
use it. The "can change" and "must change" times are now calculated
based on the "last set" time and policies.
We use the "can change" field now to indicate that a user cannot change
a password by putting MAX_TIME_T in it (so long as "last set" time isn't
zero). Based on this, we set the password-can-change bit in the
faked secdesc.
Modified:
branches/SAMBA_3_0/source/auth/auth_sam.c
branches/SAMBA_3_0/source/passdb/passdb.c
branches/SAMBA_3_0/source/passdb/pdb_get_set.c
branches/SAMBA_3_0/source/passdb/pdb_interface.c
branches/SAMBA_3_0/source/passdb/pdb_ldap.c
branches/SAMBA_3_0/source/rpc_server/srv_netlog_nt.c
branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c
branches/SAMBA_3_0/source/smbd/chgpasswd.c
Changeset:
Modified: branches/SAMBA_3_0/source/auth/auth_sam.c
===
--- branches/SAMBA_3_0/source/auth/auth_sam.c 2006-10-03 16:48:02 UTC (rev
19057)
+++ branches/SAMBA_3_0/source/auth/auth_sam.c 2006-10-03 17:14:18 UTC (rev
19058)
@@ -168,7 +168,7 @@
time_t last_set_time = pdb_get_pass_last_set_time(sampass);
/* check for immediate expiry "must change at next logon" */
- if (must_change_time == 0 && last_set_time != 0) {
+ if (last_set_time == 0) {
DEBUG(1,("sam_account_ok: Account for user '%s'
password must change!.\n", pdb_get_username(sampass)));
return NT_STATUS_PASSWORD_MUST_CHANGE;
}
Modified: branches/SAMBA_3_0/source/passdb/passdb.c
===
--- branches/SAMBA_3_0/source/passdb/passdb.c 2006-10-03 16:48:02 UTC (rev
19057)
+++ branches/SAMBA_3_0/source/passdb/passdb.c 2006-10-03 17:14:18 UTC (rev
19058)
@@ -1106,7 +1106,7 @@
logoff_time = (uint32)pdb_get_logoff_time(sampass);
kickoff_time = (uint32)pdb_get_kickoff_time(sampass);
bad_password_time = (uint32)pdb_get_bad_password_time(sampass);
- pass_can_change_time = (uint32)pdb_get_pass_can_change_time(sampass);
+ pass_can_change_time =
(uint32)pdb_get_pass_can_change_time_noncalc(sampass);
pass_must_change_time = (uint32)pdb_get_pass_must_change_time(sampass);
pass_last_set_time = (uint32)pdb_get_pass_last_set_time(sampass);
Modified: branches/SAMBA_3_0/source/passdb/pdb_get_set.c
===
--- branches/SAMBA_3_0/source/passdb/pdb_get_set.c 2006-10-03 16:48:02 UTC
(rev 19057)
+++ branches/SAMBA_3_0/source/passdb/pdb_get_set.c 2006-10-03 17:14:18 UTC
(rev 19058)
@@ -74,15 +74,34 @@
{
uint32 allow;
+ /* if the last set time is zero, it means the user cannot
+ change their password, and this time must be zero. jmcd
+ */
if (sampass->pass_last_set_time == 0)
return (time_t) 0;
+ /* if the time is max, and the field has been changed,
+ we're trying to update this real value from the sampass
+ to indicate that the user cannot change their password. jmcd
+ */
+ if (sampass->pass_can_change_time == get_time_t_max() &&
+ pdb_get_init_flags(sampass, PDB_CANCHANGETIME) == PDB_CHANGED)
+ return sampass->pass_can_change_time;
+
if (!pdb_get_account_policy(AP_MIN_PASSWORD_AGE, &allow))
allow = 0;
+ /* in normal cases, just calculate it from policy */
return sampass->pass_last_set_time + allow;
}
+/* we need this for loading from the backend, so that we don't overwrite
+ non-changed max times, otherwise the pass_can_change checking won't work */
+time_t pdb_get_pass_can_change_time_noncalc(const struct samu *sampass)
+{
+ return sampass->pass_can_change_time;
+}
+
time_t pdb_get_pass_must_change_time(const struct samu *sampass)
{
uint32 expire;
@@ -100,6 +119,14 @@
return sampass->pass_last_set_time + expire;
}
+BOOL pdb_get_pass_can_change(const struct samu *sampass)
+{
+ if (sampass->pass_can_change_time == get_time_t_max() &&
+ sampass->pass_last_set_time != 0)
+ return False;
+ return True;
+}
+
uint16 pdb_get_logon_divs(const struct samu *sampass)
{
return sampass->logon_divs;
@@ -944,43
svn commit: samba r19057 - in branches/SAMBA_3_0_23/source: passdb rpc_parse rpc_server utils
Author: jmcd
Date: 2006-10-03 16:48:02 + (Tue, 03 Oct 2006)
New Revision: 19057
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=19057
Log:
backout 18726, 18748, 18754, 18758 from 3.0.23 until further testing in
SAMBA_3_0. password times go back to previous functionality, for now.
Modified:
branches/SAMBA_3_0_23/source/passdb/pdb_get_set.c
branches/SAMBA_3_0_23/source/rpc_parse/parse_samr.c
branches/SAMBA_3_0_23/source/rpc_server/srv_samr_util.c
branches/SAMBA_3_0_23/source/utils/net_sam.c
branches/SAMBA_3_0_23/source/utils/pdbedit.c
Changeset:
Modified: branches/SAMBA_3_0_23/source/passdb/pdb_get_set.c
===
--- branches/SAMBA_3_0_23/source/passdb/pdb_get_set.c 2006-10-03 12:21:02 UTC
(rev 19056)
+++ branches/SAMBA_3_0_23/source/passdb/pdb_get_set.c 2006-10-03 16:48:02 UTC
(rev 19057)
@@ -72,32 +72,12 @@
time_t pdb_get_pass_can_change_time(const struct samu *sampass)
{
- uint32 allow;
-
- if (sampass->pass_last_set_time == 0)
- return (time_t) 0;
-
- if (!pdb_get_account_policy(AP_MIN_PASSWORD_AGE, &allow))
- allow = 0;
-
- return sampass->pass_last_set_time + allow;
+ return sampass->pass_can_change_time;
}
time_t pdb_get_pass_must_change_time(const struct samu *sampass)
{
- uint32 expire;
-
- if (sampass->pass_last_set_time == 0)
- return (time_t) 0;
-
- if (sampass->acct_ctrl & ACB_PWNOEXP)
- return get_time_t_max();
-
- if (!pdb_get_account_policy(AP_MAX_PASSWORD_AGE, &expire)
- || expire == (uint32)-1 || expire == 0)
- return get_time_t_max();
-
- return sampass->pass_last_set_time + expire;
+ return sampass->pass_must_change_time;
}
uint16 pdb_get_logon_divs(const struct samu *sampass)
Modified: branches/SAMBA_3_0_23/source/rpc_parse/parse_samr.c
===
--- branches/SAMBA_3_0_23/source/rpc_parse/parse_samr.c 2006-10-03 12:21:02 UTC
(rev 19056)
+++ branches/SAMBA_3_0_23/source/rpc_parse/parse_samr.c 2006-10-03 16:48:02 UTC
(rev 19057)
@@ -6208,7 +6208,6 @@
pass_last_set_time, pass_can_change_time,
pass_must_change_time;
- time_t must_change_time;
const char* user_name = pdb_get_username(pw);
const char* full_name = pdb_get_fullname(pw);
const char* home_dir = pdb_get_homedir(pw);
@@ -6233,16 +6232,12 @@
}
/* Create NTTIME structs */
- unix_to_nt_time (&logon_time, pdb_get_logon_time(pw));
- unix_to_nt_time (&logoff_time, pdb_get_logoff_time(pw));
+ unix_to_nt_time (&logon_time, pdb_get_logon_time(pw));
+ unix_to_nt_time (&logoff_time, pdb_get_logoff_time(pw));
unix_to_nt_time (&kickoff_time, pdb_get_kickoff_time(pw));
- unix_to_nt_time (&pass_last_set_time, pdb_get_pass_last_set_time(pw));
- unix_to_nt_time
(&pass_can_change_time,pdb_get_pass_can_change_time(pw));
- must_change_time = pdb_get_pass_must_change_time(pw);
- if (must_change_time == get_time_t_max())
- unix_to_nt_time_abs(&pass_must_change_time, must_change_time);
- else
- unix_to_nt_time(&pass_must_change_time, must_change_time);
+ unix_to_nt_time (&pass_last_set_time, pdb_get_pass_last_set_time(pw));
+ unix_to_nt_time (&pass_can_change_time,
pdb_get_pass_can_change_time(pw));
+ unix_to_nt_time
(&pass_must_change_time,pdb_get_pass_must_change_time(pw));
/* structure assignment */
usr->logon_time= logon_time;
Modified: branches/SAMBA_3_0_23/source/rpc_server/srv_samr_util.c
===
--- branches/SAMBA_3_0_23/source/rpc_server/srv_samr_util.c 2006-10-03
12:21:02 UTC (rev 19056)
+++ branches/SAMBA_3_0_23/source/rpc_server/srv_samr_util.c 2006-10-03
16:48:02 UTC (rev 19057)
@@ -99,6 +99,14 @@
pdb_set_kickoff_time(to, unix_time , PDB_CHANGED);
}
+ if (from->fields_present & ACCT_ALLOW_PWD_CHANGE) {
+ unix_time=nt_time_to_unix(&from->pass_can_change_time);
+ stored_time = pdb_get_pass_can_change_time(to);
+ DEBUG(10,("INFO_21 PASS_CAN_CH: %lu -> %lu\n",(long unsigned
int)stored_time, (long unsigned int)unix_time));
+ if (stored_time != unix_time)
+ pdb_set_pass_can_change_time(to, unix_time,
PDB_CHANGED);
+ }
+
if (from->fields_present & ACCT_LAST_PWD_CHANGE) {
unix_ti
svn commit: samba r18758 - in branches: SAMBA_3_0/source/utils SAMBA_3_0_23/source/utils
Author: jmcd
Date: 2006-09-20 23:56:07 + (Wed, 20 Sep 2006)
New Revision: 18758
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=18758
Log:
Update net sam to use calculated times and force change password properly.
Modified:
branches/SAMBA_3_0/source/utils/net_sam.c
branches/SAMBA_3_0_23/source/utils/net_sam.c
Changeset:
Modified: branches/SAMBA_3_0/source/utils/net_sam.c
===
--- branches/SAMBA_3_0/source/utils/net_sam.c 2006-09-20 23:52:58 UTC (rev
18757)
+++ branches/SAMBA_3_0/source/utils/net_sam.c 2006-09-20 23:56:07 UTC (rev
18758)
@@ -206,23 +206,20 @@
}
/*
- * Set a user's time field
+ * Set pass last change time, based on force pass change now
*/
-static int net_sam_set_time(int argc, const char **argv, const char *field,
- BOOL (*fn)(struct samu *, time_t,
- enum pdb_value_state))
+static int net_sam_set_pwdmustchangenow(int argc, const char **argv)
{
struct samu *sam_acct = NULL;
DOM_SID sid;
enum lsa_SidType type;
const char *dom, *name;
NTSTATUS status;
- time_t new_time;
- if (argc != 2) {
- d_fprintf(stderr, "usage: net sam set %s "
- "[now|-MM-DD HH:MM]\n", field);
+ if ((argc != 2) || (!strequal(argv[1], "yes") &&
+ !strequal(argv[1], "no"))) {
+ d_fprintf(stderr, "usage: net sam set pwdmustchangenow
[yes|no]\n");
return -1;
}
@@ -238,22 +235,6 @@
return -1;
}
- if (strequal(argv[1], "now")) {
- new_time = time(NULL);
- } else {
- struct tm tm;
- char *end;
- ZERO_STRUCT(tm);
- end = strptime(argv[1], "%Y-%m-%d %H:%M", &tm);
- new_time = mktime(&tm);
- if ((end == NULL) || (*end != '\0') || (new_time == -1)) {
- d_fprintf(stderr, "Could not parse time string %s\n",
- argv[1]);
- return -1;
- }
- }
-
-
if ( !(sam_acct = samu_new( NULL )) ) {
d_fprintf(stderr, "Internal error\n");
return -1;
@@ -264,9 +245,10 @@
return -1;
}
- if (!fn(sam_acct, new_time, PDB_CHANGED)) {
- d_fprintf(stderr, "Internal error\n");
- return -1;
+ if (strequal(argv[1], "yes")) {
+ pdb_set_pass_last_set_time(sam_acct, 0, PDB_CHANGED);
+ } else {
+ pdb_set_pass_last_set_time(sam_acct, time(NULL), PDB_CHANGED);
}
status = pdb_update_sam_account(sam_acct);
@@ -278,22 +260,12 @@
TALLOC_FREE(sam_acct);
- d_printf("Updated %s for %s\\%s to %s\n", field, dom, name, argv[1]);
+ d_fprintf(stderr, "Updated 'user must change password at next logon'
for %s\\%s to %s\n", dom,
+ name, argv[1]);
return 0;
}
-static int net_sam_set_pwdmustchange(int argc, const char **argv)
-{
- return net_sam_set_time(argc, argv, "pwdmustchange",
- pdb_set_pass_must_change_time);
-}
-static int net_sam_set_pwdcanchange(int argc, const char **argv)
-{
- return net_sam_set_time(argc, argv, "pwdcanchange",
- pdb_set_pass_can_change_time);
-}
-
/*
* Set a user's or a group's comment
*/
@@ -376,10 +348,8 @@
"Disable/Enable a user's lockout flag" },
{ "pwnoexp", net_sam_set_pwnoexp,
"Disable/Enable whether a user's pw does not expire" },
- { "pwdmustchange", net_sam_set_pwdmustchange,
- "Set a users password must change time" },
- { "pwdcanchange", net_sam_set_pwdcanchange,
- "Set a users password can change time" },
+ { "pwdmustchangenow", net_sam_set_pwdmustchangenow,
+ "Force users password must change at next logon" },
{NULL, NULL}
};
Modified: branches/SAMBA_3_0_23/source/utils/net_sam.c
===
--- branches/SAMBA_3_0_23/source/utils/net_sam.c2006-09-20 23:52:58 UTC
(rev 18757)
+++ branches/SAMBA_3_0_23/source/utils/net_sam.c2006-09-20 23:56:07 UTC
(rev 18758)
@@ -206,23 +206,20 @@
}
/*
- * Set a user's time field
+ * Set pass last change time, based on force pass change now
*/
-static int net_sam_set_time(int argc, const char
svn commit: samba r18754 - in branches: SAMBA_3_0/source/rpc_server SAMBA_3_0_23/source/rpc_server
Author: jmcd
Date: 2006-09-20 23:43:56 + (Wed, 20 Sep 2006)
New Revision: 18754
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=18754
Log:
Get rid of some more invalid time sets
Modified:
branches/SAMBA_3_0/source/rpc_server/srv_samr_util.c
branches/SAMBA_3_0_23/source/rpc_server/srv_samr_util.c
Changeset:
Modified: branches/SAMBA_3_0/source/rpc_server/srv_samr_util.c
===
--- branches/SAMBA_3_0/source/rpc_server/srv_samr_util.c2006-09-20
23:42:58 UTC (rev 18753)
+++ branches/SAMBA_3_0/source/rpc_server/srv_samr_util.c2006-09-20
23:43:56 UTC (rev 18754)
@@ -99,14 +99,6 @@
pdb_set_kickoff_time(to, unix_time , PDB_CHANGED);
}
- if (from->fields_present & ACCT_ALLOW_PWD_CHANGE) {
- unix_time=nt_time_to_unix(from->pass_can_change_time);
- stored_time = pdb_get_pass_can_change_time(to);
- DEBUG(10,("INFO_21 PASS_CAN_CH: %lu -> %lu\n",(long unsigned
int)stored_time, (long unsigned int)unix_time));
- if (stored_time != unix_time)
- pdb_set_pass_can_change_time(to, unix_time,
PDB_CHANGED);
- }
-
if (from->fields_present & ACCT_LAST_PWD_CHANGE) {
unix_time=nt_time_to_unix(from->pass_last_set_time);
stored_time = pdb_get_pass_last_set_time(to);
@@ -115,14 +107,6 @@
pdb_set_pass_last_set_time(to, unix_time, PDB_CHANGED);
}
- if (from->fields_present & ACCT_FORCE_PWD_CHANGE) {
- unix_time=nt_time_to_unix(from->pass_must_change_time);
- stored_time=pdb_get_pass_must_change_time(to);
- DEBUG(10,("INFO_21 PASS_MUST_CH: %lu -> %lu\n",(long unsigned
int)stored_time, (long unsigned int)unix_time));
- if (stored_time != unix_time)
- pdb_set_pass_must_change_time(to, unix_time,
PDB_CHANGED);
- }
-
if ((from->fields_present & ACCT_USERNAME) &&
(from->hdr_user_name.buffer)) {
old_string = pdb_get_username(to);
@@ -337,14 +321,6 @@
pdb_set_kickoff_time(to, unix_time , PDB_CHANGED);
}
- if (from->fields_present & ACCT_ALLOW_PWD_CHANGE) {
- unix_time=nt_time_to_unix(from->pass_can_change_time);
- stored_time = pdb_get_pass_can_change_time(to);
- DEBUG(10,("INFO_23 PASS_CAN_CH: %lu -> %lu\n",(long unsigned
int)stored_time, (long unsigned int)unix_time));
- if (stored_time != unix_time)
- pdb_set_pass_can_change_time(to, unix_time,
PDB_CHANGED);
- }
-
if (from->fields_present & ACCT_LAST_PWD_CHANGE) {
unix_time=nt_time_to_unix(from->pass_last_set_time);
stored_time = pdb_get_pass_last_set_time(to);
@@ -353,14 +329,6 @@
pdb_set_pass_last_set_time(to, unix_time, PDB_CHANGED);
}
- if (from->fields_present & ACCT_FORCE_PWD_CHANGE) {
- unix_time=nt_time_to_unix(from->pass_must_change_time);
- stored_time=pdb_get_pass_must_change_time(to);
- DEBUG(10,("INFO_23 PASS_MUST_CH: %lu -> %lu\n",(long unsigned
int)stored_time, (long unsigned int)unix_time));
- if (stored_time != unix_time)
- pdb_set_pass_must_change_time(to, unix_time,
PDB_CHANGED);
- }
-
/* Backend should check this for sanity */
if ((from->fields_present & ACCT_USERNAME) &&
(from->hdr_user_name.buffer)) {
@@ -565,14 +533,6 @@
pdb_set_kickoff_time(to, unix_time , PDB_CHANGED);
}
- if (from->fields_present & ACCT_ALLOW_PWD_CHANGE) {
- unix_time=nt_time_to_unix(from->pass_can_change_time);
- stored_time = pdb_get_pass_can_change_time(to);
- DEBUG(10,("INFO_25 PASS_CAN_CH: %lu -> %lu\n",(long unsigned
int)stored_time, (long unsigned int)unix_time));
- if (stored_time != unix_time)
- pdb_set_pass_can_change_time(to, unix_time,
PDB_CHANGED);
- }
-
if (from->fields_present & ACCT_LAST_PWD_CHANGE) {
unix_time=nt_time_to_unix(from->pass_last_set_time);
stored_time = pdb_get_pass_last_set_time(to);
@@ -581,14 +541,6 @@
pdb_set_pass_last_set_time(to, unix_time, PDB_CHANGED);
}
- if (from->fields_present & ACCT_FORCE_PWD_CHANGE) {
- unix_time=nt_time_to_unix(from->pass_must_change_time);
- stored_time=pdb_get_pass_must_change_time(to);
- DEBUG(10,("INFO_25 PAS
svn commit: samba r18748 - in branches: SAMBA_3_0/source/utils SAMBA_3_0_23/source/utils
Author: jmcd
Date: 2006-09-20 22:55:44 + (Wed, 20 Sep 2006)
New Revision: 18748
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=18748
Log:
Eliminate set of computed time values
Modified:
branches/SAMBA_3_0/source/utils/pdbedit.c
branches/SAMBA_3_0_23/source/utils/pdbedit.c
Changeset:
Modified: branches/SAMBA_3_0/source/utils/pdbedit.c
===
--- branches/SAMBA_3_0/source/utils/pdbedit.c 2006-09-20 22:49:02 UTC (rev
18747)
+++ branches/SAMBA_3_0/source/utils/pdbedit.c 2006-09-20 22:55:44 UTC (rev
18748)
@@ -407,8 +407,7 @@
const char *drive, const char *script,
const char *profile, const char *account_control,
const char *user_sid, const char *user_domain,
- const BOOL badpw, const BOOL hours,
- time_t pwd_can_change, time_t pwd_must_change)
+ const BOOL badpw, const BOOL hours)
{
BOOL updated_autolock = False, updated_badpw = False;
struct samu *sam_pwent=NULL;
@@ -435,14 +434,6 @@
pdb_set_hours(sam_pwent, hours_array, PDB_CHANGED);
}
- if (pwd_can_change != -1) {
- pdb_set_pass_can_change_time(sam_pwent, pwd_can_change,
PDB_CHANGED);
- }
-
- if (pwd_must_change != -1) {
- pdb_set_pass_must_change_time(sam_pwent, pwd_must_change,
PDB_CHANGED);
- }
-
if (!pdb_update_autolock_flag(sam_pwent, &updated_autolock)) {
DEBUG(2,("pdb_update_autolock_flag failed.\n"));
}
@@ -766,8 +757,6 @@
BOOL account_policy_value_set = False;
static BOOL badpw_reset = False;
static BOOL hours_reset = False;
- static char *pwd_can_change_time = NULL;
- static char *pwd_must_change_time = NULL;
static char *pwd_time_format = NULL;
static BOOL pw_from_stdin = False;
struct pdb_methods *bin, *bout, *bdef;
@@ -802,8 +791,6 @@
{"force-initialized-passwords", 0, POPT_ARG_NONE,
&force_initialised_password, 0, "Force initialization of corrupt password
strings in a passdb backend", NULL},
{"bad-password-count-reset", 'z', POPT_ARG_NONE, &badpw_reset,
0, "reset bad password count", NULL},
{"logon-hours-reset", 'Z', POPT_ARG_NONE, &hours_reset, 0,
"reset logon hours", NULL},
- {"pwd-can-change-time", 0, POPT_ARG_STRING,
&pwd_can_change_time, 0, "Set password can change time (unix time in seconds
since 1970 if time format not provided)", NULL },
- {"pwd-must-change-time", 0, POPT_ARG_STRING,
&pwd_must_change_time, 0, "Set password must change time (unix time in seconds
since 1970 if time format not provided)", NULL },
{"time-format", 0, POPT_ARG_STRING, &pwd_time_format, 0, "The
time format for time parameters", NULL },
{"password-from-stdin", 't', POPT_ARG_NONE, &pw_from_stdin, 0,
"get password from standard in", NULL},
POPT_COMMON_SAMBA
@@ -866,9 +853,7 @@
(backend_in ? BIT_IMPORT : 0) +
(backend_out ? BIT_EXPORT : 0) +
(badpw_reset ? BIT_BADPWRESET : 0) +
- (hours_reset ? BIT_LOGONHOURS : 0) +
- (pwd_can_change_time ? BIT_CAN_CHANGE: 0) +
- (pwd_must_change_time ? BIT_MUST_CHANGE: 0);
+ (hours_reset ? BIT_LOGONHOURS : 0);
if (setparms & BIT_BACKEND) {
if (!NT_STATUS_IS_OK(make_pdb_method_name( &bdef, backend ))) {
@@ -1040,67 +1025,9 @@
/* account modification operations */
if (!(checkparms & ~(BIT_MODIFY + BIT_USER))) {
- time_t pwd_can_change = -1;
- time_t pwd_must_change = -1;
- const char *errstr;
-
- if (pwd_can_change_time) {
- errstr = "can";
- if (pwd_time_format) {
- struct tm tm;
- char *ret;
-
- memset(&tm, 0, sizeof(struct tm));
- ret = strptime(pwd_can_change_time,
pwd_time_format, &tm);
- if (ret == NULL || *ret != '\0') {
- goto error;
- }
-
- pwd_can_change = mktime(&tm);
-
-
svn commit: samba r18726 - in branches/SAMBA_3_0_23/source: passdb rpc_parse rpc_server
Author: jmcd
Date: 2006-09-20 17:58:16 + (Wed, 20 Sep 2006)
New Revision: 18726
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=18726
Log:
Password time stuff from SAMBA_3_0. I'll keep them in sync next time.
Modified:
branches/SAMBA_3_0_23/source/passdb/pdb_get_set.c
branches/SAMBA_3_0_23/source/rpc_parse/parse_samr.c
branches/SAMBA_3_0_23/source/rpc_server/srv_samr_util.c
Changeset:
Modified: branches/SAMBA_3_0_23/source/passdb/pdb_get_set.c
===
--- branches/SAMBA_3_0_23/source/passdb/pdb_get_set.c 2006-09-20 17:56:50 UTC
(rev 18725)
+++ branches/SAMBA_3_0_23/source/passdb/pdb_get_set.c 2006-09-20 17:58:16 UTC
(rev 18726)
@@ -72,12 +72,32 @@
time_t pdb_get_pass_can_change_time(const struct samu *sampass)
{
- return sampass->pass_can_change_time;
+ uint32 allow;
+
+ if (sampass->pass_last_set_time == 0)
+ return (time_t) 0;
+
+ if (!pdb_get_account_policy(AP_MIN_PASSWORD_AGE, &allow))
+ allow = 0;
+
+ return sampass->pass_last_set_time + allow;
}
time_t pdb_get_pass_must_change_time(const struct samu *sampass)
{
- return sampass->pass_must_change_time;
+ uint32 expire;
+
+ if (sampass->pass_last_set_time == 0)
+ return (time_t) 0;
+
+ if (sampass->acct_ctrl & ACB_PWNOEXP)
+ return get_time_t_max();
+
+ if (!pdb_get_account_policy(AP_MAX_PASSWORD_AGE, &expire)
+ || expire == (uint32)-1 || expire == 0)
+ return get_time_t_max();
+
+ return sampass->pass_last_set_time + expire;
}
uint16 pdb_get_logon_divs(const struct samu *sampass)
Modified: branches/SAMBA_3_0_23/source/rpc_parse/parse_samr.c
===
--- branches/SAMBA_3_0_23/source/rpc_parse/parse_samr.c 2006-09-20 17:56:50 UTC
(rev 18725)
+++ branches/SAMBA_3_0_23/source/rpc_parse/parse_samr.c 2006-09-20 17:58:16 UTC
(rev 18726)
@@ -6208,6 +6208,7 @@
pass_last_set_time, pass_can_change_time,
pass_must_change_time;
+ time_t must_change_time;
const char* user_name = pdb_get_username(pw);
const char* full_name = pdb_get_fullname(pw);
const char* home_dir = pdb_get_homedir(pw);
@@ -6232,12 +6233,16 @@
}
/* Create NTTIME structs */
- unix_to_nt_time (&logon_time, pdb_get_logon_time(pw));
- unix_to_nt_time (&logoff_time, pdb_get_logoff_time(pw));
+ unix_to_nt_time (&logon_time, pdb_get_logon_time(pw));
+ unix_to_nt_time (&logoff_time, pdb_get_logoff_time(pw));
unix_to_nt_time (&kickoff_time, pdb_get_kickoff_time(pw));
- unix_to_nt_time (&pass_last_set_time, pdb_get_pass_last_set_time(pw));
- unix_to_nt_time (&pass_can_change_time,
pdb_get_pass_can_change_time(pw));
- unix_to_nt_time
(&pass_must_change_time,pdb_get_pass_must_change_time(pw));
+ unix_to_nt_time (&pass_last_set_time, pdb_get_pass_last_set_time(pw));
+ unix_to_nt_time
(&pass_can_change_time,pdb_get_pass_can_change_time(pw));
+ must_change_time = pdb_get_pass_must_change_time(pw);
+ if (must_change_time == get_time_t_max())
+ unix_to_nt_time_abs(&pass_must_change_time, must_change_time);
+ else
+ unix_to_nt_time(&pass_must_change_time, must_change_time);
/* structure assignment */
usr->logon_time= logon_time;
Modified: branches/SAMBA_3_0_23/source/rpc_server/srv_samr_util.c
===
--- branches/SAMBA_3_0_23/source/rpc_server/srv_samr_util.c 2006-09-20
17:56:50 UTC (rev 18725)
+++ branches/SAMBA_3_0_23/source/rpc_server/srv_samr_util.c 2006-09-20
17:58:16 UTC (rev 18726)
@@ -284,26 +284,16 @@
}
}
- DEBUG(10,("INFO_21 PASS_MUST_CHANGE_AT_NEXT_LOGON:
%02X\n",from->passmustchange));
- if (from->passmustchange==PASS_MUST_CHANGE_AT_NEXT_LOGON) {
- pdb_set_pass_must_change_time(to,0, PDB_CHANGED);
- } else {
- uint32 expire;
- time_t new_time;
- if (pdb_get_pass_must_change_time(to) == 0) {
- if (!pdb_get_account_policy(AP_MAX_PASSWORD_AGE,
&expire)
- || expire == (uint32)-1) {
- new_time = get_time_t_max();
- } else {
- time_t old_time =
pdb_get_pass_last_set_time(to);
- new_time = old_time + expire;
-
svn commit: samba r18724 - in branches/SAMBA_3_0/source/rpc_server: .
Author: jmcd
Date: 2006-09-20 17:37:20 + (Wed, 20 Sep 2006)
New Revision: 18724
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=18724
Log:
Fixup time(0) -> time(NULL)
Modified:
branches/SAMBA_3_0/source/rpc_server/srv_samr_util.c
Changeset:
Modified: branches/SAMBA_3_0/source/rpc_server/srv_samr_util.c
===
--- branches/SAMBA_3_0/source/rpc_server/srv_samr_util.c2006-09-20
17:29:34 UTC (rev 18723)
+++ branches/SAMBA_3_0/source/rpc_server/srv_samr_util.c2006-09-20
17:37:20 UTC (rev 18724)
@@ -292,7 +292,7 @@
if (from->passmustchange == PASS_MUST_CHANGE_AT_NEXT_LOGON) {
pdb_set_pass_last_set_time(to, 0, PDB_CHANGED);
} else {
- pdb_set_pass_last_set_time(to, time(0), PDB_CHANGED);
+ pdb_set_pass_last_set_time(to, time(NULL),PDB_CHANGED);
}
}
@@ -521,7 +521,7 @@
if (from->passmustchange == PASS_MUST_CHANGE_AT_NEXT_LOGON) {
pdb_set_pass_last_set_time(to, 0, PDB_CHANGED);
} else {
- pdb_set_pass_last_set_time(to, time(0), PDB_CHANGED);
+ pdb_set_pass_last_set_time(to, time(NULL),PDB_CHANGED);
}
}
svn commit: samba r18722 - in branches/SAMBA_3_0/source: passdb rpc_parse rpc_server
Author: jmcd
Date: 2006-09-20 17:25:46 + (Wed, 20 Sep 2006)
New Revision: 18722
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=18722
Log:
Fix up password change times. The can change and must change times are
calculated based on the last change time, policies, and acb flags.
Next step will be to not bother storing them. Right now I'm just trying to
get them reported correctly.
Modified:
branches/SAMBA_3_0/source/passdb/pdb_get_set.c
branches/SAMBA_3_0/source/rpc_parse/parse_samr.c
branches/SAMBA_3_0/source/rpc_server/srv_samr_util.c
Changeset:
Modified: branches/SAMBA_3_0/source/passdb/pdb_get_set.c
===
--- branches/SAMBA_3_0/source/passdb/pdb_get_set.c 2006-09-20 17:19:05 UTC
(rev 18721)
+++ branches/SAMBA_3_0/source/passdb/pdb_get_set.c 2006-09-20 17:25:46 UTC
(rev 18722)
@@ -72,12 +72,32 @@
time_t pdb_get_pass_can_change_time(const struct samu *sampass)
{
- return sampass->pass_can_change_time;
+ uint32 allow;
+
+ if (sampass->pass_last_set_time == 0)
+ return (time_t) 0;
+
+ if (!pdb_get_account_policy(AP_MIN_PASSWORD_AGE, &allow))
+ allow = 0;
+
+ return sampass->pass_last_set_time + allow;
}
time_t pdb_get_pass_must_change_time(const struct samu *sampass)
{
- return sampass->pass_must_change_time;
+ uint32 expire;
+
+ if (sampass->pass_last_set_time == 0)
+ return (time_t) 0;
+
+ if (sampass->acct_ctrl & ACB_PWNOEXP)
+ return get_time_t_max();
+
+ if (!pdb_get_account_policy(AP_MAX_PASSWORD_AGE, &expire)
+ || expire == (uint32)-1 || expire == 0)
+ return get_time_t_max();
+
+ return sampass->pass_last_set_time + expire;
}
uint16 pdb_get_logon_divs(const struct samu *sampass)
Modified: branches/SAMBA_3_0/source/rpc_parse/parse_samr.c
===
--- branches/SAMBA_3_0/source/rpc_parse/parse_samr.c2006-09-20 17:19:05 UTC
(rev 18721)
+++ branches/SAMBA_3_0/source/rpc_parse/parse_samr.c2006-09-20 17:25:46 UTC
(rev 18722)
@@ -6270,6 +6270,7 @@
pass_last_set_time, pass_can_change_time,
pass_must_change_time;
+ time_t must_change_time;
const char* user_name = pdb_get_username(pw);
const char* full_name = pdb_get_fullname(pw);
const char* home_dir = pdb_get_homedir(pw);
@@ -6294,12 +6295,16 @@
}
/* Create NTTIME structs */
- unix_to_nt_time (&logon_time, pdb_get_logon_time(pw));
- unix_to_nt_time (&logoff_time, pdb_get_logoff_time(pw));
+ unix_to_nt_time (&logon_time, pdb_get_logon_time(pw));
+ unix_to_nt_time (&logoff_time, pdb_get_logoff_time(pw));
unix_to_nt_time (&kickoff_time, pdb_get_kickoff_time(pw));
- unix_to_nt_time (&pass_last_set_time, pdb_get_pass_last_set_time(pw));
- unix_to_nt_time (&pass_can_change_time,
pdb_get_pass_can_change_time(pw));
- unix_to_nt_time
(&pass_must_change_time,pdb_get_pass_must_change_time(pw));
+ unix_to_nt_time (&pass_last_set_time, pdb_get_pass_last_set_time(pw));
+ unix_to_nt_time
(&pass_can_change_time,pdb_get_pass_can_change_time(pw));
+ must_change_time = pdb_get_pass_must_change_time(pw);
+ if (must_change_time == get_time_t_max())
+ unix_to_nt_time_abs(&pass_must_change_time, must_change_time);
+ else
+ unix_to_nt_time(&pass_must_change_time, must_change_time);
/* structure assignment */
usr->logon_time= logon_time;
Modified: branches/SAMBA_3_0/source/rpc_server/srv_samr_util.c
===
--- branches/SAMBA_3_0/source/rpc_server/srv_samr_util.c2006-09-20
17:19:05 UTC (rev 18721)
+++ branches/SAMBA_3_0/source/rpc_server/srv_samr_util.c2006-09-20
17:25:46 UTC (rev 18722)
@@ -283,26 +283,16 @@
}
}
- DEBUG(10,("INFO_21 PASS_MUST_CHANGE_AT_NEXT_LOGON:
%02X\n",from->passmustchange));
- if (from->passmustchange==PASS_MUST_CHANGE_AT_NEXT_LOGON) {
- pdb_set_pass_must_change_time(to,0, PDB_CHANGED);
- } else {
- uint32 expire;
- time_t new_time;
- if (pdb_get_pass_must_change_time(to) == 0) {
- if (!pdb_get_account_policy(AP_MAX_PASSWORD_AGE,
&expire)
- || expire == (uint32)-1) {
- new_time = get_time_t_max();
- } else {
- time_t old_time =
pdb_get_pas
svn commit: samba r18702 - in branches/SAMBA_3_0/source/rpcclient: .
Author: jmcd
Date: 2006-09-20 00:02:51 + (Wed, 20 Sep 2006)
New Revision: 18702
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=18702
Log:
re-enable non-decimal specification of rid
Modified:
branches/SAMBA_3_0/source/rpcclient/cmd_samr.c
Changeset:
Modified: branches/SAMBA_3_0/source/rpcclient/cmd_samr.c
===
--- branches/SAMBA_3_0/source/rpcclient/cmd_samr.c 2006-09-19 23:45:43 UTC
(rev 18701)
+++ branches/SAMBA_3_0/source/rpcclient/cmd_samr.c 2006-09-20 00:02:51 UTC
(rev 18702)
@@ -342,14 +342,14 @@
uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
SAM_USERINFO_CTR *user_ctr;
fstring server;
- uint32 user_rid;
+ uint32 user_rid = 0;
if ((argc < 2) || (argc > 4)) {
printf("Usage: %s rid [info level] [access mask] \n", argv[0]);
return NT_STATUS_OK;
}
- user_rid = strtoul(argv[1], NULL, 10);
+ sscanf(argv[1], "%i", &user_rid);
if (argc > 2)
sscanf(argv[2], "%i", &info_level);
svn commit: samba r18660 - in branches/SAMBA_3_0/source/nmbd: .
Author: jmcd
Date: 2006-09-19 00:39:21 + (Tue, 19 Sep 2006)
New Revision: 18660
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=18660
Log:
Fix build, one uuid->GUID was missed.
Modified:
branches/SAMBA_3_0/source/nmbd/nmbd_processlogon.c
Changeset:
Modified: branches/SAMBA_3_0/source/nmbd/nmbd_processlogon.c
===
--- branches/SAMBA_3_0/source/nmbd/nmbd_processlogon.c 2006-09-19 00:29:41 UTC
(rev 18659)
+++ branches/SAMBA_3_0/source/nmbd/nmbd_processlogon.c 2006-09-19 00:39:21 UTC
(rev 18660)
@@ -382,7 +382,7 @@
}
#ifdef HAVE_ADS
else {
- struct uuid domain_guid;
+ struct GUID domain_guid;
UUID_FLAT flat_guid;
pstring domain;
pstring hostname;
svn commit: samba r18263 - in branches/tmp/vl-messaging/source: include lib
Author: jmcd
Date: 2006-09-08 13:00:48 + (Fri, 08 Sep 2006)
New Revision: 18263
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=18263
Log:
>From Aleksey Fedoseev:
Add database traverse for lockd-based locking, allowing locks to be seen
in smbstatus.
Modified:
branches/tmp/vl-messaging/source/include/messages.h
branches/tmp/vl-messaging/source/lib/dbwrap_msg.c
branches/tmp/vl-messaging/source/lib/messages.c
Changeset:
Modified: branches/tmp/vl-messaging/source/include/messages.h
===
--- branches/tmp/vl-messaging/source/include/messages.h 2006-09-08 12:48:51 UTC
(rev 18262)
+++ branches/tmp/vl-messaging/source/include/messages.h 2006-09-08 13:00:48 UTC
(rev 18263)
@@ -88,6 +88,7 @@
#define MSG_DB_STORE5005
#define MSG_DB_DELETE 5006
#define MSG_DB_REINIT 5007
+#define MSG_DB_TRAVERSE5008
/* Flags to classify messages - used in message_send_all() */
/* Sender will filter by flag. */
Modified: branches/tmp/vl-messaging/source/lib/dbwrap_msg.c
===
--- branches/tmp/vl-messaging/source/lib/dbwrap_msg.c 2006-09-08 12:48:51 UTC
(rev 18262)
+++ branches/tmp/vl-messaging/source/lib/dbwrap_msg.c 2006-09-08 13:00:48 UTC
(rev 18263)
@@ -445,13 +445,59 @@
return 0;
}
+static void handle_traverse_return(int msg_type, struct process_id pid,
+ void *buf, size_t len);
+
static int db_msg_traverse(struct db_context *db,
int (*fn)(TDB_DATA key, TDB_DATA value,
void *private_data),
void *private_data)
{
- /* TODO... but traverse will be VERY expensive */
- return -1;
+ struct db_msg_ctx *ctx = talloc_get_type_abort(db->private_data,
+ struct db_msg_ctx);
+ TDB_DATA null_data;
+ TDB_DATA buf;
+ static BOOL traverse_msg_reg = False;
+ int count = 0;
+
+ null_data.dsize = 0;
+ null_data.dptr = NULL;
+ buf = msg_pack_data(ctx, ctx->db_index, null_data);
+
+ if(buf.dptr == NULL) {
+ return -1;
+ }
+
+ if(!traverse_msg_reg) {
+ message_register(MSG_DB_TRAVERSE, handle_traverse_return);
+ traverse_msg_reg = True;
+ }
+
+ message_send_pid(ctx->lockd, MSG_DB_TRAVERSE,
+buf.dptr, buf.dsize, False);
+
+ TALLOC_FREE(buf.dptr);
+
+ SMB_ASSERT(ctx->record == NULL);
+
+ wait_for_return(ctx);
+
+ while(ctx->record != NULL) {
+ count++;
+
+ if(fn && fn(ctx->record->key, ctx->record->value,
private_data)) {
+ /* break the traversal */
+ TALLOC_FREE(ctx->record);
+ message_deregister(MSG_DB_TRAVERSE);
+ traverse_msg_reg = False;
+ break;
+ }
+
+ TALLOC_FREE(ctx->record);
+ wait_for_return(ctx);
+ }
+
+ return count;
}
static BOOL db_msg_reinit(struct db_context *db)
@@ -584,6 +630,70 @@
ctx->record = result;
}
+static void handle_traverse_return(int msg_type, struct process_id pid,
+ void *buf, size_t len)
+{
+ struct db_record *result;
+ struct db_msg_ctx *ctx = ctx_list;
+ uint8_t idx;
+ TDB_DATA key, value;
+
+ DEBUG(10, ("msg_traverse received with len %d\n", len));
+
+ if(!msg_unpack_double_data((const char *)buf, len, NULL, &idx, &key,
&value)) {
+ DEBUG(2, ("Unpacking error\n"));
+ return ;
+ }
+
+ while(ctx) {
+ if(ctx->db_index == idx) break;
+ ctx = ctx->next;
+ }
+
+ if(ctx == NULL) {
+ DEBUG(2, ("Bad database index %d\n", idx));
+ return ;
+ }
+
+ ctx->received = True;
+ ctx->record = NULL;
+
+ if(key.dsize > 0) {
+ result = TALLOC_ZERO_P(ctx, struct db_record);
+ if (result == NULL) {
+ DEBUG(0, ("talloc failed\n"));
+ return ;
+ }
+
+ result->key.dsize = key.dsize;
+ result->key.dptr = (char *)talloc_memdup(
+ result, key.dptr, key.dsize);
+
+ TALLOC_FREE(key.dptr);
+
+ if (result->key.dptr == NULL) {
+ DEBUG(0, ("talloc failed\n"));
+ TALLOC_FREE(result);
+ TALLOC_FREE(value.dp
svn commit: samba r18180 - in branches/tmp/vl-messaging/source: include lib torture
Author: jmcd
Date: 2006-09-06 14:50:52 + (Wed, 06 Sep 2006)
New Revision: 18180
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=18180
Log:
>From Aleksey Fedoseev,
The patch consists of several modifications:
1) added preallocation of incoming stream buffer (minus 1 malloc/free
per incoming message)
2) corrected program exit (cleaning up communication buffer / closing
dispatcher's sockets)
3) added message size test
Modified:
branches/tmp/vl-messaging/source/include/messages.h
branches/tmp/vl-messaging/source/lib/messages_socket.c
branches/tmp/vl-messaging/source/lib/messages_stream.c
branches/tmp/vl-messaging/source/torture/msgtest.c
Changeset:
Modified: branches/tmp/vl-messaging/source/include/messages.h
===
--- branches/tmp/vl-messaging/source/include/messages.h 2006-09-06 14:29:57 UTC
(rev 18179)
+++ branches/tmp/vl-messaging/source/include/messages.h 2006-09-06 14:50:52 UTC
(rev 18180)
@@ -125,6 +125,7 @@
struct message_list *prev, *next;
struct message_rec *msg;
size_t processed; /* number of read/written bytes */
+ size_t allocated; /* number of allocated bytes */
};
#endif
Modified: branches/tmp/vl-messaging/source/lib/messages_socket.c
===
--- branches/tmp/vl-messaging/source/lib/messages_socket.c 2006-09-06
14:29:57 UTC (rev 18179)
+++ branches/tmp/vl-messaging/source/lib/messages_socket.c 2006-09-06
14:50:52 UTC (rev 18180)
@@ -101,9 +101,7 @@
cleanup_messages(wait_send);
if (socket_fd >= 0) {
- if (mtype == MESSAGING_TYPE_STREAM) {
- shutdown_stream_sockets();
- }
+ shutdown_stream_sockets();
close(socket_fd);
socket_fd = -1;
}
Modified: branches/tmp/vl-messaging/source/lib/messages_stream.c
===
--- branches/tmp/vl-messaging/source/lib/messages_stream.c 2006-09-06
14:29:57 UTC (rev 18179)
+++ branches/tmp/vl-messaging/source/lib/messages_stream.c 2006-09-06
14:50:52 UTC (rev 18180)
@@ -70,7 +70,7 @@
};
static struct messaging_client *clients_cache = NULL;
-static struct message_list *tcp_incoming = NULL;
+static struct message_list *disp_incoming = NULL;
static int dispatcher_pipe = -1;
/* approximate maximum number of connected clients in the list */
@@ -80,6 +80,8 @@
#define MESSAGING_DISPATCHER_SOCKET"dispatcher"
#define MESSAGING_DISPATCHER_LOCKFILE "dispatcher.pid"
+#define INITIAL_CONTAINER_SIZE 64
+
static const char *dispatch_path(void)
{
static char *name = NULL;
@@ -97,6 +99,56 @@
}
/
+ Allocate/reallocate message container
+/
+
+struct message_list *allocate_container(TALLOC_CTX *mem_ctx,
+ struct message_list *cnt,
+ size_t needsize)
+{
+ uint8_t *buffer;
+ size_t size = INITIAL_CONTAINER_SIZE;
+
+ while(size < needsize) size *= 2;
+
+ if(cnt == NULL) {
+ cnt = TALLOC_ZERO_P(mem_ctx, struct message_list);
+ if(cnt == NULL) {
+ DEBUG(0, ("talloc failed\n"));
+ return NULL;
+ }
+ buffer = TALLOC_ARRAY(cnt, uint8_t, size);
+ if(buffer == NULL) {
+ DEBUG(0, ("talloc failed\n"));
+ TALLOC_FREE(cnt);
+ return NULL;
+ }
+ } else {
+
+ SMB_ASSERT(size > cnt->allocated);
+
+ buffer = TALLOC_REALLOC_ARRAY(cnt, cnt->msg, uint8_t, size);
+ if(buffer == NULL) {
+ DEBUG(0, ("realloc failed\n"));
+ TALLOC_FREE(cnt->msg);
+ /* try to allocate with talloc */
+ buffer = TALLOC_ARRAY(cnt, uint8_t, size);
+ if(buffer == NULL) {
+ DEBUG(0, ("talloc failed\n"));
+ TALLOC_FREE(cnt);
+ return NULL;
+ }
+ }
+ }
+
+ cnt->msg = (struct message_rec*)buffer;
+ cnt->processed = (size_t)-1;
+ cnt->allocated = size;
+
+ return cnt;
+}
+
+/
Client's queue helper functions
/
@@ -145,7 +197,8 @@
for (client =
svn commit: samba r17179 - in branches/SAMBA_3_0/source: . include lib modules smbd
Author: jmcd Date: 2006-07-21 15:51:34 + (Fri, 21 Jul 2006) New Revision: 17179 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=17179 Log: Merge the vl-posixacls tmp branch into mainline. It modularizes our interface into the special posix API used on the system. Without this patch the specific API flavor is determined at compile time, something which severely limits usability on systems with more than one file system. Our first targets are AIX with its JFS and JFS2 APIs, at a later stage also GPFS. But it's certainly not limited to IBM stuff, this abstraction is also necessary for anything that copes with NFSv4 ACLs. For this we will check in handling very soon. Major contributions can be found in the copyright notices as well as the checkin log of the vl-posixacls branch. The final merge to 3_0 post-3.0.23 was done by Peter Somogyi <[EMAIL PROTECTED]> Added: branches/SAMBA_3_0/source/modules/vfs_aixacl.c branches/SAMBA_3_0/source/modules/vfs_aixacl_util.c branches/SAMBA_3_0/source/modules/vfs_hpuxacl.c branches/SAMBA_3_0/source/modules/vfs_irixacl.c branches/SAMBA_3_0/source/modules/vfs_posixacl.c branches/SAMBA_3_0/source/modules/vfs_solarisacl.c branches/SAMBA_3_0/source/modules/vfs_tru64acl.c Modified: branches/SAMBA_3_0/source/Makefile.in branches/SAMBA_3_0/source/configure.in branches/SAMBA_3_0/source/include/smb_acls.h branches/SAMBA_3_0/source/lib/sysacls.c branches/SAMBA_3_0/source/modules/vfs_default.c branches/SAMBA_3_0/source/smbd/posix_acls.c Changeset: Sorry, the patch is too large (6110 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=17179
svn commit: samba r17154 - in branches/tmp/vl-messaging/source/lib: .
Author: jmcd Date: 2006-07-20 09:37:44 + (Thu, 20 Jul 2006) New Revision: 17154 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=17154 Log: >From Aleksey Fedoseev: - add some more debug - correct the unpacking functions - one shared database can be used now by multiple processes - refactor & clean database messages processing as a result: now smbd with locking via lockd passes tests on a single node server. Modified: branches/tmp/vl-messaging/source/lib/dbwrap_msg.c Changeset: Sorry, the patch is too large (885 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=17154
svn commit: samba r17137 - in branches/tmp/vl-messaging/source: include lib locking printing smbd
Author: jmcd
Date: 2006-07-19 15:59:52 + (Wed, 19 Jul 2006)
New Revision: 17137
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=17137
Log:
reinitialize messaging code after a fork. from Alexksey Fedoseev.
Modified:
branches/tmp/vl-messaging/source/include/dbwrap.h
branches/tmp/vl-messaging/source/include/messages.h
branches/tmp/vl-messaging/source/lib/dbwrap_file.c
branches/tmp/vl-messaging/source/lib/dbwrap_msg.c
branches/tmp/vl-messaging/source/lib/dbwrap_tdb.c
branches/tmp/vl-messaging/source/locking/brlock.c
branches/tmp/vl-messaging/source/locking/locking.c
branches/tmp/vl-messaging/source/printing/printing.c
branches/tmp/vl-messaging/source/smbd/server.c
Changeset:
Modified: branches/tmp/vl-messaging/source/include/dbwrap.h
===
--- branches/tmp/vl-messaging/source/include/dbwrap.h 2006-07-19 15:05:06 UTC
(rev 17136)
+++ branches/tmp/vl-messaging/source/include/dbwrap.h 2006-07-19 15:59:52 UTC
(rev 17137)
@@ -36,6 +36,7 @@
int (*f)(TDB_DATA key, TDB_DATA data,
void *private_data),
void *private_data);
+ BOOL (*reinit)(struct db_context *db);
void *private_data;
};
Modified: branches/tmp/vl-messaging/source/include/messages.h
===
--- branches/tmp/vl-messaging/source/include/messages.h 2006-07-19 15:05:06 UTC
(rev 17136)
+++ branches/tmp/vl-messaging/source/include/messages.h 2006-07-19 15:59:52 UTC
(rev 17137)
@@ -87,6 +87,7 @@
#define MSG_DB_UNLOCK 5004
#define MSG_DB_STORE5005
#define MSG_DB_DELETE 5006
+#define MSG_DB_REINIT 5007
/* Flags to classify messages - used in message_send_all() */
/* Sender will filter by flag. */
Modified: branches/tmp/vl-messaging/source/lib/dbwrap_file.c
===
--- branches/tmp/vl-messaging/source/lib/dbwrap_file.c 2006-07-19 15:05:06 UTC
(rev 17136)
+++ branches/tmp/vl-messaging/source/lib/dbwrap_file.c 2006-07-19 15:59:52 UTC
(rev 17137)
@@ -352,6 +352,12 @@
return count;
}
+static BOOL db_file_reinit(struct db_context *db)
+{
+/* Don't need any reinitialization */
+return True;
+}
+
struct db_context *db_open_file(TALLOC_CTX *mem_ctx, const char *name,
int hash_size, int tdb_flags,
int open_flags, mode_t mode)
@@ -373,6 +379,7 @@
result->private_data = ctx;
result->fetch_locked = db_file_fetch_locked;
result->traverse = db_file_traverse;
+ result->reinit = db_file_reinit;
ctx->locked_record = NULL;
if (!(ctx->dirname = talloc_strdup(ctx, name))) {
Modified: branches/tmp/vl-messaging/source/lib/dbwrap_msg.c
===
--- branches/tmp/vl-messaging/source/lib/dbwrap_msg.c 2006-07-19 15:05:06 UTC
(rev 17136)
+++ branches/tmp/vl-messaging/source/lib/dbwrap_msg.c 2006-07-19 15:59:52 UTC
(rev 17137)
@@ -392,6 +392,26 @@
return -1;
}
+static BOOL db_msg_reinit(struct db_context *db)
+{
+ struct db_msg_ctx *ctx = talloc_get_type_abort(db->private_data,
+ struct db_msg_ctx);
+
+ TDB_DATA null_data;
+ TDB_DATA buf;
+
+ null_data.dsize = 0;
+ null_data.dptr = NULL;
+ buf = msg_pack_data(ctx, ctx->db_index, null_data);
+
+ if(buf.dptr != NULL) {
+ message_send_pid(ctx->lockd, MSG_DB_REINIT,
+buf.dptr, buf.dsize, False);
+ }
+
+ return True;
+}
+
static int db_msg_ctx_destr(void *p)
{
struct db_msg_ctx *ctx = talloc_get_type_abort(p, struct db_msg_ctx);
@@ -545,6 +565,7 @@
talloc_set_destructor(db_msg, db_msg_ctx_destr);
result->fetch_locked = db_msg_fetch_locked;
result->traverse = db_msg_traverse;
+ result->reinit = db_msg_reinit;
return result;
Modified: branches/tmp/vl-messaging/source/lib/dbwrap_tdb.c
===
--- branches/tmp/vl-messaging/source/lib/dbwrap_tdb.c 2006-07-19 15:05:06 UTC
(rev 17136)
+++ branches/tmp/vl-messaging/source/lib/dbwrap_tdb.c 2006-07-19 15:59:52 UTC
(rev 17137)
@@ -154,6 +154,12 @@
return tdb_traverse(db_ctx->tdb, db_tdb_traverse_func, &ctx);
}
+static BOOL db_tdb_reinit(struct db_context *db)
+{
+/* We don't need a reinitialization due to tdb_reopen_all */
+return True;
+}
+
static int db_tdb_ctx_destr(void *p)
{
struct db_tdb_ctx *ctx =
@@ -196,6 +202,7 @@
talloc_set_destructor(db_tdb, db_tdb_ctx_destr);
result-
svn commit: samba r17120 - in branches/tmp/vl-messaging/source/lib: .
Author: jmcd
Date: 2006-07-18 17:10:33 + (Tue, 18 Jul 2006)
New Revision: 17120
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=17120
Log:
>From Aleksey Fedoseev:
Correcting two bugs:
- check "is process the lock daemon" (procid_is_me compares pids, when
locking daemon has process_id structure with pid == -2);
- deregistering message handlers for the locking daemon implementation
Hop...hop...hop...
Modified:
branches/tmp/vl-messaging/source/lib/messages_socket.c
branches/tmp/vl-messaging/source/lib/messages_stream.c
Changeset:
Modified: branches/tmp/vl-messaging/source/lib/messages_socket.c
===
--- branches/tmp/vl-messaging/source/lib/messages_socket.c 2006-07-18
15:12:49 UTC (rev 17119)
+++ branches/tmp/vl-messaging/source/lib/messages_socket.c 2006-07-18
17:10:33 UTC (rev 17120)
@@ -108,7 +108,9 @@
socket_fd = -1;
}
- if(mtype != MESSAGING_TYPE_DISPATCHER) {
+ if(mtype == MESSAGING_TYPE_DISPATCHER) {
+ deregister_dispatcher_messages();
+ } else {
if (procid_is_me(&socket_pid)) {
char *path = NULL;
asprintf(&path, "%s/%s", lock_path("messaging"),
Modified: branches/tmp/vl-messaging/source/lib/messages_stream.c
===
--- branches/tmp/vl-messaging/source/lib/messages_stream.c 2006-07-18
15:12:49 UTC (rev 17119)
+++ branches/tmp/vl-messaging/source/lib/messages_stream.c 2006-07-18
17:10:33 UTC (rev 17120)
@@ -1006,7 +1006,8 @@
#ifdef WITH_CLUSTERWIDE_MESSAGING
lockd_pid.ip = *interpret_addr2(lp_locking_address());
- is_lockd = procid_is_me(&lockd_pid);
+ /* TODO: improve next line */
+ is_lockd = (strcmp(lp_locking_address(), lp_messaging_address()) == 0);
#else
is_lockd = True;
#endif /* WITH_CLUSTERWIDE_MESSAGING */
@@ -1067,6 +1068,18 @@
}
/
+ Deregister locking messages
+/
+
+void deregister_dispatcher_messages(void)
+{
+ if((enum locking_type)lp_locking_type() == LOCKING_TYPE_MESSAGES) {
+ message_deregister(MSG_DB_INIT);
+ message_deregister(MSG_DB_FETCHLOCK);
+ }
+}
+
+/
Fork the messaging daemon
/
svn commit: samba r16564 - in branches/tmp/vl-messaging/source/lib: .
Author: jmcd
Date: 2006-06-27 15:14:56 + (Tue, 27 Jun 2006)
New Revision: 16564
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=16564
Log:
Whoops, forgot to add these two files.
Added:
branches/tmp/vl-messaging/source/lib/dbwrap.c
branches/tmp/vl-messaging/source/lib/dbwrap_msg.c
Changeset:
Added: branches/tmp/vl-messaging/source/lib/dbwrap.c
===
--- branches/tmp/vl-messaging/source/lib/dbwrap.c 2006-06-27 14:34:31 UTC
(rev 16563)
+++ branches/tmp/vl-messaging/source/lib/dbwrap.c 2006-06-27 15:14:56 UTC
(rev 16564)
@@ -0,0 +1,43 @@
+/*
+ Unix SMB/CIFS implementation.
+ Database interface wrapper
+ Copyright (C) Jim McDonough <[EMAIL PROTECTED]> 2006
+
+ Major code contributions from Aleksey Fedoseev ([EMAIL PROTECTED])
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#include "includes.h"
+
+struct db_context *db_open(TALLOC_CTX *mem_ctx, const char *name,
+ int hash_size, int tdb_flags,
+ int open_flags, mode_t mode)
+{
+ switch((enum locking_type)lp_locking_type()) {
+ case LOCKING_TYPE_TDB:
+ return db_open_tdb(mem_ctx, name, hash_size, tdb_flags,
+ open_flags, mode);
+ case LOCKING_TYPE_FILES:
+ return db_open_file(mem_ctx, name, hash_size, tdb_flags,
+ open_flags, mode);
+ case LOCKING_TYPE_MESSAGES:
+ return db_open_msg(mem_ctx, name, hash_size, tdb_flags,
+ open_flags, mode);
+ default:
+ DEBUG(0,("Bad locking type %d\n", lp_locking_type()));
+ return NULL;
+ }
+}
Added: branches/tmp/vl-messaging/source/lib/dbwrap_msg.c
===
--- branches/tmp/vl-messaging/source/lib/dbwrap_msg.c 2006-06-27 14:34:31 UTC
(rev 16563)
+++ branches/tmp/vl-messaging/source/lib/dbwrap_msg.c 2006-06-27 15:14:56 UTC
(rev 16564)
@@ -0,0 +1,30 @@
+/*
+ Unix SMB/CIFS implementation.
+ Database interface using messages
+ Copyright (C) Jim McDonough <[EMAIL PROTECTED]> 2006
+
+ Major code contributions from Aleksey Fedoseev ([EMAIL PROTECTED])
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#include "includes.h"
+
+struct db_context *db_open_msg(TALLOC_CTX *mem_ctx, const char *name,
+ int hash_size, int tdb_flags,
+ int open_flags, mode_t mode)
+{
+ return NULL;
+}
svn commit: samba r16562 - in branches/tmp/vl-messaging/source: . include lib locking param
Author: jmcd
Date: 2006-06-27 14:24:25 + (Tue, 27 Jun 2006)
New Revision: 16562
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=16562
Log:
Aleksey's changes to put in dbwrapper to later enable messaging.
Modified:
branches/tmp/vl-messaging/source/Makefile.in
branches/tmp/vl-messaging/source/include/smb.h
branches/tmp/vl-messaging/source/lib/dbwrap_file.c
branches/tmp/vl-messaging/source/lib/dbwrap_tdb.c
branches/tmp/vl-messaging/source/locking/brlock.c
branches/tmp/vl-messaging/source/locking/locking.c
branches/tmp/vl-messaging/source/param/loadparm.c
Changeset:
Modified: branches/tmp/vl-messaging/source/Makefile.in
===
--- branches/tmp/vl-messaging/source/Makefile.in2006-06-27 11:07:55 UTC
(rev 16561)
+++ branches/tmp/vl-messaging/source/Makefile.in2006-06-27 14:24:25 UTC
(rev 16562)
@@ -182,7 +182,7 @@
tdb/lock.o tdb/open.o tdb/transaction.o tdb/traverse.o
TDB_OBJ = $(TDBBASE_OBJ) tdb/tdbutil.o tdb/tdbback.o \
- lib/dbwrap_tdb.o lib/dbwrap_file.o
+ lib/dbwrap.o lib/dbwrap_tdb.o lib/dbwrap_file.o lib/dbwrap_msg.o
SMBLDAP_OBJ = @SMBLDAP@ @SMBLDAPUTIL@
Modified: branches/tmp/vl-messaging/source/include/smb.h
===
--- branches/tmp/vl-messaging/source/include/smb.h 2006-06-27 11:07:55 UTC
(rev 16561)
+++ branches/tmp/vl-messaging/source/include/smb.h 2006-06-27 14:24:25 UTC
(rev 16562)
@@ -713,6 +713,7 @@
BOOL initial_delete_on_close;
BOOL fresh;
BOOL modified;
+ struct db_record *record;
};
/*
@@ -862,6 +863,7 @@
BOOL modified;
struct lock_key key;
void *lock_data;
+ struct db_record *record;
};
#define BRLOCK_FN_CAST() \
@@ -1512,6 +1514,9 @@
enum messaging_type {MESSAGING_TYPE_TDB, MESSAGING_TYPE_DGRAM,
MESSAGING_TYPE_STREAM,
MESSAGING_TYPE_DISPATCHER};
+/* locking types */
+enum locking_type {LOCKING_TYPE_TDB, LOCKING_TYPE_FILES,
LOCKING_TYPE_MESSAGES};
+
/*
* Global value meaing that the smb_uid field should be
* ingored (in share level security and protocol level == CORE)
Modified: branches/tmp/vl-messaging/source/lib/dbwrap_file.c
===
--- branches/tmp/vl-messaging/source/lib/dbwrap_file.c 2006-06-27 11:07:55 UTC
(rev 16561)
+++ branches/tmp/vl-messaging/source/lib/dbwrap_file.c 2006-06-27 14:24:25 UTC
(rev 16562)
@@ -123,7 +123,10 @@
return NULL;
}
+ become_root();
file->fd = open(file->path, O_RDWR|O_CREAT, 0644);
+ unbecome_root();
+
if (file->fd < 0) {
DEBUG(3, ("Could not open/create %s: %s\n",
file->path, strerror(errno)));
@@ -221,11 +224,14 @@
talloc_get_type_abort(rec->private_data,
struct db_locked_file);
+ become_root();
if (unlink(file->path) != 0) {
+ unbecome_root();
DEBUG(3, ("unlink(%s) failed: %s\n", file->path,
strerror(errno)));
return -1;
}
+ unbecome_root();
return 0;
}
Modified: branches/tmp/vl-messaging/source/lib/dbwrap_tdb.c
===
--- branches/tmp/vl-messaging/source/lib/dbwrap_tdb.c 2006-06-27 11:07:55 UTC
(rev 16561)
+++ branches/tmp/vl-messaging/source/lib/dbwrap_tdb.c 2006-06-27 14:24:25 UTC
(rev 16562)
@@ -165,7 +165,7 @@
return 0;
}
-struct db_context *db_open(TALLOC_CTX *mem_ctx, const char *name,
+struct db_context *db_open_tdb(TALLOC_CTX *mem_ctx, const char *name,
int hash_size, int tdb_flags,
int open_flags, mode_t mode)
{
Modified: branches/tmp/vl-messaging/source/locking/brlock.c
===
--- branches/tmp/vl-messaging/source/locking/brlock.c 2006-06-27 11:07:55 UTC
(rev 16561)
+++ branches/tmp/vl-messaging/source/locking/brlock.c 2006-06-27 14:24:25 UTC
(rev 16562)
@@ -57,7 +57,7 @@
/* The open brlock.tdb database. */
-static TDB_CONTEXT *tdb;
+static struct db_context *brlock_db;
/
Debug info at level 10 for lock struct.
@@ -267,14 +267,14 @@
void brl_init(int read_only)
{
- if (tdb) {
+ if (brlock_db) {
return;
}
- tdb = tdb_open_log(lock_path("brlock.tdb"),
- lp_open_files_db_hash_size(),
- TDB_DEFAULT|(read_only?0x0:TDB_CLEAR_IF_FIRST),
- read_only?O_RDONLY:(O_RDWR|O_CREAT), 0644 );
-
svn commit: samba r16081 - in branches/tmp/vl-messaging/source: . include lib nmbd nsswitch param printing
Author: jmcd Date: 2006-06-07 14:45:07 + (Wed, 07 Jun 2006) New Revision: 16081 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=16081 Log: Work from Aleksey Fedoseev to add separate messaging types Added: branches/tmp/vl-messaging/source/lib/messages_dgram.c branches/tmp/vl-messaging/source/lib/messages_socket.c branches/tmp/vl-messaging/source/lib/messages_stream.c branches/tmp/vl-messaging/source/lib/messages_tdb.c Modified: branches/tmp/vl-messaging/source/Makefile.in branches/tmp/vl-messaging/source/configure.in branches/tmp/vl-messaging/source/include/messages.h branches/tmp/vl-messaging/source/include/smb.h branches/tmp/vl-messaging/source/lib/messages.c branches/tmp/vl-messaging/source/lib/util.c branches/tmp/vl-messaging/source/lib/util_sock.c branches/tmp/vl-messaging/source/nmbd/nmbd.c branches/tmp/vl-messaging/source/nmbd/nmbd_packets.c branches/tmp/vl-messaging/source/nsswitch/winbindd.c branches/tmp/vl-messaging/source/nsswitch/winbindd_dual.c branches/tmp/vl-messaging/source/param/loadparm.c branches/tmp/vl-messaging/source/printing/printing.c Changeset: Sorry, the patch is too large (2529 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=16081
svn commit: samba r16047 - branches/SAMBA_3_0/source/lib trunk/source/lib
Author: jmcd
Date: 2006-06-05 16:59:10 + (Mon, 05 Jun 2006)
New Revision: 16047
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=16047
Log:
Remove unnecessary line, as this value is set in either branch of the
'if' below. Spotted by Aleksey Fedoseev.
Modified:
branches/SAMBA_3_0/source/lib/time.c
trunk/source/lib/time.c
Changeset:
Modified: branches/SAMBA_3_0/source/lib/time.c
===
--- branches/SAMBA_3_0/source/lib/time.c2006-06-05 13:00:24 UTC (rev
16046)
+++ branches/SAMBA_3_0/source/lib/time.c2006-06-05 16:59:10 UTC (rev
16047)
@@ -153,7 +153,6 @@
GetTimeOfDay(&time_now_hires);
ret_time->tv_sec = time_now_hires.tv_sec - start_time_hires.tv_sec;
- ret_time->tv_usec = time_now_hires.tv_usec - start_time_hires.tv_usec;
if (time_now_hires.tv_usec < start_time_hires.tv_usec) {
ret_time->tv_sec -= 1;
ret_time->tv_usec = 100 + (time_now_hires.tv_usec -
start_time_hires.tv_usec);
Modified: trunk/source/lib/time.c
===
--- trunk/source/lib/time.c 2006-06-05 13:00:24 UTC (rev 16046)
+++ trunk/source/lib/time.c 2006-06-05 16:59:10 UTC (rev 16047)
@@ -153,7 +153,6 @@
GetTimeOfDay(&time_now_hires);
ret_time->tv_sec = time_now_hires.tv_sec - start_time_hires.tv_sec;
- ret_time->tv_usec = time_now_hires.tv_usec - start_time_hires.tv_usec;
if (time_now_hires.tv_usec < start_time_hires.tv_usec) {
ret_time->tv_sec -= 1;
ret_time->tv_usec = 100 + (time_now_hires.tv_usec -
start_time_hires.tv_usec);
svn commit: samba r15883 - in branches/SAMBA_4_0/source/kdc: .
Author: jmcd Date: 2006-05-25 15:12:23 + (Thu, 25 May 2006) New Revision: 15883 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=15883 Log: Make sure timegm() prototype is available (on systems where we've had to replace it) Modified: branches/SAMBA_4_0/source/kdc/hdb-ldb.c Changeset: Modified: branches/SAMBA_4_0/source/kdc/hdb-ldb.c === --- branches/SAMBA_4_0/source/kdc/hdb-ldb.c 2006-05-25 13:23:24 UTC (rev 15882) +++ branches/SAMBA_4_0/source/kdc/hdb-ldb.c 2006-05-25 15:12:23 UTC (rev 15883) @@ -33,6 +33,7 @@ */ #include "includes.h" +#include "system/time.h" #include "kdc.h" #include "ads.h" #include "hdb.h"
svn commit: samba r15874 - in trunk/source/script/tests: .
Author: jmcd
Date: 2006-05-24 20:20:28 + (Wed, 24 May 2006)
New Revision: 15874
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=15874
Log:
merge make test fixes for aix/ksh
Modified:
trunk/source/script/tests/test_functions.sh
Changeset:
Modified: trunk/source/script/tests/test_functions.sh
===
--- trunk/source/script/tests/test_functions.sh 2006-05-24 20:06:06 UTC (rev
15873)
+++ trunk/source/script/tests/test_functions.sh 2006-05-24 20:20:28 UTC (rev
15874)
@@ -19,8 +19,8 @@
samba3_check_or_start() {
if [ -n "$SERVER_TEST_FIFO" ];then
- trap samba3_stop_sig_kill SIGINT SIGQUIT
- trap samba3_stop_sig_kill SIGTERM
+ trap samba3_stop_sig_kill INT QUIT
+ trap samba3_stop_sig_kill TERM
if [ -p "$SERVER_TEST_FIFO" ];then
return 0;
@@ -40,7 +40,7 @@
rm -f $NMBD_TEST_LOG
echo -n "STARTING NMBD..."
((
- if [ -z "$NMBD_MAXTIME" ]; then
+ if ! test -n "$NMBD_MAXTIME"; then
NMBD_MAXTIME=2700
fi
timelimit $NMBD_MAXTIME $NMBD_VALGRIND $SRCDIR/bin/nmbd
-F -S --no-process-group -d0 -s $SERVERCONFFILE > $NMBD_TEST_LOG 2>&1 &
@@ -69,7 +69,7 @@
rm -f $SMBD_TEST_LOG
echo -n "STARTING SMBD..."
((
- if [ -z "$SMBD_MAXTIME" ]; then
+ if ! test -n "$SMBD_MAXTIME"; then
SMBD_MAXTIME=2700
fi
timelimit $SMBD_MAXTIME $SMBD_VALGRIND $SRCDIR/bin/smbd
-F -S --no-process-group -d0 -s $SERVERCONFFILE > $SMBD_TEST_LOG 2>&1 &
svn commit: samba r15873 - in branches/SAMBA_3_0/source/script/tests: .
Author: jmcd
Date: 2006-05-24 20:06:06 + (Wed, 24 May 2006)
New Revision: 15873
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=15873
Log:
Use short signal names to placate ksh trap. bash seems to accept either
and even uses them on the manpage. this should now enable make test on
AIX.
Modified:
branches/SAMBA_3_0/source/script/tests/test_functions.sh
Changeset:
Modified: branches/SAMBA_3_0/source/script/tests/test_functions.sh
===
--- branches/SAMBA_3_0/source/script/tests/test_functions.sh2006-05-24
19:07:21 UTC (rev 15872)
+++ branches/SAMBA_3_0/source/script/tests/test_functions.sh2006-05-24
20:06:06 UTC (rev 15873)
@@ -19,8 +19,8 @@
samba3_check_or_start() {
if [ -n "$SERVER_TEST_FIFO" ];then
- trap samba3_stop_sig_kill SIGINT SIGQUIT
- trap samba3_stop_sig_kill SIGTERM
+ trap samba3_stop_sig_kill INT QUIT
+ trap samba3_stop_sig_kill TERM
if [ -p "$SERVER_TEST_FIFO" ];then
return 0;
svn commit: samba r15872 - in branches/SAMBA_3_0/source/script/tests: .
Author: jmcd Date: 2006-05-24 19:07:21 + (Wed, 24 May 2006) New Revision: 15872 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=15872 Log: Take one step toward getting this working on AIX. the [-z ] stuff doesn't work there. Modified: branches/SAMBA_3_0/source/script/tests/test_functions.sh Changeset: Modified: branches/SAMBA_3_0/source/script/tests/test_functions.sh === --- branches/SAMBA_3_0/source/script/tests/test_functions.sh2006-05-24 18:23:57 UTC (rev 15871) +++ branches/SAMBA_3_0/source/script/tests/test_functions.sh2006-05-24 19:07:21 UTC (rev 15872) @@ -40,7 +40,7 @@ rm -f $NMBD_TEST_LOG echo -n "STARTING NMBD..." (( - if [ -z "$NMBD_MAXTIME" ]; then + if ! test -n "$NMBD_MAXTIME"; then NMBD_MAXTIME=2700 fi timelimit $NMBD_MAXTIME $NMBD_VALGRIND $SRCDIR/bin/nmbd -F -S --no-process-group -d0 -s $SERVERCONFFILE > $NMBD_TEST_LOG 2>&1 & @@ -69,7 +69,7 @@ rm -f $SMBD_TEST_LOG echo -n "STARTING SMBD..." (( - if [ -z "$SMBD_MAXTIME" ]; then + if ! test -n "$SMBD_MAXTIME"; then SMBD_MAXTIME=2700 fi timelimit $SMBD_MAXTIME $SMBD_VALGRIND $SRCDIR/bin/smbd -F -S --no-process-group -d0 -s $SERVERCONFFILE > $SMBD_TEST_LOG 2>&1 &
svn commit: samba r15869 - in branches/SAMBA_4_0/source/lib/charset: .
Author: jmcd Date: 2006-05-24 17:47:40 + (Wed, 24 May 2006) New Revision: 15869 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=15869 Log: Fix loop var to search paths for iconv Modified: branches/SAMBA_4_0/source/lib/charset/config.m4 Changeset: Modified: branches/SAMBA_4_0/source/lib/charset/config.m4 === --- branches/SAMBA_4_0/source/lib/charset/config.m4 2006-05-24 17:21:37 UTC (rev 15868) +++ branches/SAMBA_4_0/source/lib/charset/config.m4 2006-05-24 17:47:40 UTC (rev 15869) @@ -69,7 +69,7 @@ break fi - SMB_CHECK_ICONV_DIR($withval, [ + SMB_CHECK_ICONV_DIR($i, [ ICONV_FOUND=yes; ICONV_CPPFLAGS="$CPPFLAGS" ICONV_LIBS="$LIBS"
svn commit: samba r15719 - in branches/SAMBA_4_0/source/lib/replace: .
Author: jmcd
Date: 2006-05-19 18:37:35 + (Fri, 19 May 2006)
New Revision: 15719
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=15719
Log:
Fix build on systems (AIX) that don't have vsyslog or strcasestr, with
--enable-developer on. syslog() and toupper() required more includes.
Someone more familiar with samba4 builds should verify this, please.
Modified:
branches/SAMBA_4_0/source/lib/replace/replace.c
Changeset:
Modified: branches/SAMBA_4_0/source/lib/replace/replace.c
===
--- branches/SAMBA_4_0/source/lib/replace/replace.c 2006-05-19 15:10:39 UTC
(rev 15718)
+++ branches/SAMBA_4_0/source/lib/replace/replace.c 2006-05-19 18:37:35 UTC
(rev 15719)
@@ -19,10 +19,12 @@
*/
#include "includes.h"
+#include "system/locale.h"
#include "system/wait.h"
#include "system/time.h"
#include "system/network.h"
#include "system/filesys.h"
+#include "system/syslog.h"
void replace_dummy(void);
void replace_dummy(void) {}
svn commit: samba r15662 - in branches/tmp/vl-posixacls/source: . modules
Author: jmcd Date: 2006-05-17 16:14:33 + (Wed, 17 May 2006) New Revision: 15662 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=15662 Log: restore aix acl functionality. Work done by Gomati Mohanan and Peter Somogyi. Added: branches/tmp/vl-posixacls/source/modules/vfs_aixacl_util.c Modified: branches/tmp/vl-posixacls/source/Makefile.in branches/tmp/vl-posixacls/source/modules/vfs_aixacl.c Changeset: Sorry, the patch is too large (795 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=15662
svn commit: samba r15630 - branches/SAMBA_3_0/source branches/SAMBA_3_0/source/utils trunk/source trunk/source/utils
Author: jmcd
Date: 2006-05-16 01:21:16 + (Tue, 16 May 2006)
New Revision: 15630
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=15630
Log:
adapt smbclient fix to smbtree to enable long share names
Modified:
branches/SAMBA_3_0/source/Makefile.in
branches/SAMBA_3_0/source/utils/smbtree.c
trunk/source/Makefile.in
trunk/source/utils/smbtree.c
Changeset:
Modified: branches/SAMBA_3_0/source/Makefile.in
===
--- branches/SAMBA_3_0/source/Makefile.in 2006-05-16 00:37:13 UTC (rev
15629)
+++ branches/SAMBA_3_0/source/Makefile.in 2006-05-16 01:21:16 UTC (rev
15630)
@@ -477,7 +477,10 @@
SMBTREE_OBJ = utils/smbtree.o $(PARAM_OBJ) \
$(PROFILE_OBJ) $(LIB_NONSMBD_OBJ) $(LIBSMB_OBJ) \
-$(KRBCLIENT_OBJ) $(POPT_LIB_OBJ) $(SECRETS_OBJ)
+$(KRBCLIENT_OBJ) $(POPT_LIB_OBJ) $(SECRETS_OBJ) \
+ rpc_client/cli_srvsvc.o rpc_parse/parse_srv.o \
+ rpc_client/cli_pipe.o rpc_parse/parse_rpc.o \
+ rpc_client/cli_netlogon.o rpc_parse/parse_net.o
TESTPARM_OBJ = utils/testparm.o \
$(PARAM_OBJ) $(LIB_NONSMBD_OBJ) $(POPT_LIB_OBJ) \
Modified: branches/SAMBA_3_0/source/utils/smbtree.c
===
--- branches/SAMBA_3_0/source/utils/smbtree.c 2006-05-16 00:37:13 UTC (rev
15629)
+++ branches/SAMBA_3_0/source/utils/smbtree.c 2006-05-16 01:21:16 UTC (rev
15630)
@@ -127,6 +127,60 @@
return True;
}
+static BOOL get_rpc_shares(struct cli_state *cli,
+ void (*fn)(const char *, uint32, const char *, void
*),
+ void *state)
+{
+ NTSTATUS status;
+ struct rpc_pipe_client *pipe_hnd;
+ TALLOC_CTX *mem_ctx;
+ ENUM_HND enum_hnd;
+ WERROR werr;
+ SRV_SHARE_INFO_CTR ctr;
+ int i;
+
+ mem_ctx = talloc_new(NULL);
+ if (mem_ctx == NULL) {
+ DEBUG(0, ("talloc_new failed\n"));
+ return False;
+ }
+
+ init_enum_hnd(&enum_hnd, 0);
+
+ pipe_hnd = cli_rpc_pipe_open_noauth(cli, PI_SRVSVC, &status);
+
+ if (pipe_hnd == NULL) {
+ DEBUG(10, ("Could not connect to srvsvc pipe: %s\n",
+ nt_errstr(status)));
+ TALLOC_FREE(mem_ctx);
+ return False;
+ }
+
+ werr = rpccli_srvsvc_net_share_enum(pipe_hnd, mem_ctx, 1, &ctr,
+ 0x, &enum_hnd);
+
+ if (!W_ERROR_IS_OK(werr)) {
+ TALLOC_FREE(mem_ctx);
+ cli_rpc_pipe_close(pipe_hnd);
+ return False;
+ }
+
+ for (i=0; iinfo_1_str.uni_netname);
+ comment = rpcstr_pull_unistr2_talloc(
+ mem_ctx, &info->info_1_str.uni_remark);
+ fn(name, info->info_1.type, comment, state);
+ }
+
+ TALLOC_FREE(mem_ctx);
+ cli_rpc_pipe_close(pipe_hnd);
+ return True;
+}
+
+
static BOOL get_shares(char *server_name, struct user_auth_info *user_info)
{
struct cli_state *cli;
@@ -134,6 +188,9 @@
if (!(cli = get_ipc_connect(server_name, NULL, user_info)))
return False;
+ if (get_rpc_shares(cli, add_name, &shares))
+ return True;
+
if (!cli_RNetShareEnum(cli, add_name, &shares))
return False;
Modified: trunk/source/Makefile.in
===
--- trunk/source/Makefile.in2006-05-16 00:37:13 UTC (rev 15629)
+++ trunk/source/Makefile.in2006-05-16 01:21:16 UTC (rev 15630)
@@ -490,7 +490,10 @@
SMBTREE_OBJ = utils/smbtree.o $(PARAM_OBJ) \
$(PROFILE_OBJ) $(LIB_NONSMBD_OBJ) $(LIBSMB_OBJ) \
-$(KRBCLIENT_OBJ) $(POPT_LIB_OBJ) $(SECRETS_OBJ)
+$(KRBCLIENT_OBJ) $(POPT_LIB_OBJ) $(SECRETS_OBJ) \
+ rpc_client/cli_srvsvc.o rpc_parse/parse_srv.o \
+ rpc_client/cli_pipe.o rpc_parse/parse_rpc.o \
+ rpc_client/cli_netlogon.o rpc_parse/parse_net.o
TESTPARM_OBJ = utils/testparm.o \
$(PARAM_OBJ) $(LIB_NONSMBD_OBJ) $(POPT_LIB_OBJ) \
Modified: trunk/source/utils/smbtree.c
===
--- trunk/source/utils/smbtree.c2006-05-16 00:37:13 UTC (rev 15629)
+++ trunk/source/utils/smbtree.c2006-05-16 01:21:16 UTC (rev 15630)
@@ -127,6 +127,60 @@
return True;
}
+static BOOL get_rpc_shares(struct cli_state *cli,
+ void (*fn)(const char *, uint32, const char *, void
*),
+ void *state)
+{
+ NTSTATUS status;
+ struct rpc_pipe_client *pipe_hnd;
+ TALLOC_CTX *mem_ctx;
+ ENUM_HND enum_hnd;
+ WERROR werr;
+ SRV_SHARE_IN
svn commit: samba r15281 - in branches/SAMBA_4_0/source/librpc/idl: .
Author: jmcd
Date: 2006-04-26 14:42:47 + (Wed, 26 Apr 2006)
New Revision: 15281
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=15281
Log:
A few updates for consistency's sake
Modified:
branches/SAMBA_4_0/source/librpc/idl/wkssvc.idl
Changeset:
Modified: branches/SAMBA_4_0/source/librpc/idl/wkssvc.idl
===
--- branches/SAMBA_4_0/source/librpc/idl/wkssvc.idl 2006-04-26 14:20:46 UTC
(rev 15280)
+++ branches/SAMBA_4_0/source/librpc/idl/wkssvc.idl 2006-04-26 14:42:47 UTC
(rev 15281)
@@ -292,7 +292,7 @@
WERROR WKSSVC_NETRGETJOINABLEOUS ();
typedef struct {
- uint8 blob[524];
+ uint8 data[524];
} wkssvc_PasswordBuffer;
typedef [bitmap32bit] bitmap {
@@ -329,7 +329,7 @@
[in] [string,charset(UTF16),ref] uint16 *domain_name,
[in] [string,charset(UTF16)] uint16 *account_name,
[in] [string,charset(UTF16)] uint16 *admin_account,
- [in] wkssvc_PasswordBuffer *type_30,
+ [in] wkssvc_PasswordBuffer *encrypted_password,
[in] wkssvc_joinflags join_flags
);
@@ -338,7 +338,7 @@
WERROR wkssvc_NetrUnjoinDomain2 (
[in] [unique] [string,charset(UTF16)] uint16 *server_name,
[in] [unique] [string,charset(UTF16)] uint16 *account,
- [in] [unique] wkssvc_PasswordBuffer *Encrypted_password,
+ [in] [unique] wkssvc_PasswordBuffer *encrypted_password,
[in] wkssvc_joinflags unjoin_flags
);
svn commit: samba r14931 - branches/SAMBA_3_0/source/libads trunk/source/libads
Author: jmcd
Date: 2006-04-06 01:46:01 + (Thu, 06 Apr 2006)
New Revision: 14931
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=14931
Log:
Fix #1374: can't join an OU with name that contains '#'
I had to eliminate "\" as an OU path separator, because it is the escape
char in LDAP. We still accept "/", but using the escape char is just
not a good choice.
Modified:
branches/SAMBA_3_0/source/libads/ldap.c
trunk/source/libads/ldap.c
Changeset:
Modified: branches/SAMBA_3_0/source/libads/ldap.c
===
--- branches/SAMBA_3_0/source/libads/ldap.c 2006-04-05 23:54:12 UTC (rev
14930)
+++ branches/SAMBA_3_0/source/libads/ldap.c 2006-04-06 01:46:01 UTC (rev
14931)
@@ -1083,7 +1083,8 @@
/**
* Build an org unit string
* if org unit is Computers or blank then assume a container, otherwise
- * assume a \ separated list of organisational units
+ * assume a / separated list of organisational units.
+ * jmcd: '\' is now used for escapes so certain chars can be in the ou (e.g. #)
* @param ads connection to ads server
* @param org_unit Organizational unit
* @return org unit string - caller must free
@@ -1104,7 +1105,10 @@
return SMB_STRDUP("cn=Computers");
}
- return ads_build_path(org_unit, "\\/", "ou=", 1);
+ /* jmcd: removed "\\" from the separation chars, because it is
+ needed as an escape for chars like '#' which are valid in an
+ OU name */
+ return ads_build_path(org_unit, "/", "ou=", 1);
}
/**
Modified: trunk/source/libads/ldap.c
===
--- trunk/source/libads/ldap.c 2006-04-05 23:54:12 UTC (rev 14930)
+++ trunk/source/libads/ldap.c 2006-04-06 01:46:01 UTC (rev 14931)
@@ -1083,7 +1083,8 @@
/**
* Build an org unit string
* if org unit is Computers or blank then assume a container, otherwise
- * assume a \ separated list of organisational units
+ * assume a / separated list of organisational units.
+ * jmcd: '\' is now used for escapes so certain chars can be in the ou (e.g. #)
* @param ads connection to ads server
* @param org_unit Organizational unit
* @return org unit string - caller must free
@@ -1104,7 +1105,10 @@
return SMB_STRDUP("cn=Computers");
}
- return ads_build_path(org_unit, "\\/", "ou=", 1);
+ /* jmcd: removed "\\" from the separation chars, because it is
+ needed as an escape for chars like '#' which are valid in an
+ OU name */
+ return ads_build_path(org_unit, "/", "ou=", 1);
}
/**
svn commit: samba r14683 - branches/SAMBA_3_0/source/utils trunk/source/utils
Author: jmcd Date: 2006-03-23 18:35:15 + (Thu, 23 Mar 2006) New Revision: 14683 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=14683 Log: Get rid of hardcoded output file. With no arg, print to stdout, otherwise append to output file specified. Modified: branches/SAMBA_3_0/source/utils/net_rpc_samsync.c trunk/source/utils/net_rpc_samsync.c Changeset: Sorry, the patch is too large (501 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=14683
svn commit: samba r14681 - branches/SAMBA_3_0/source/utils trunk/source/utils
Author: jmcd
Date: 2006-03-23 16:39:37 + (Thu, 23 Mar 2006)
New Revision: 14681
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=14681
Log:
Get rid of hardcoded /tmp/add.ldif and /tmp/mod.ldif files. Is there a
different directory the temp files should be in, or is /tmp ok?
Still have to get rid of the output file hardcoding, but that is to
come, because I need to cleanup stdout.
Modified:
branches/SAMBA_3_0/source/utils/net_rpc_samsync.c
trunk/source/utils/net_rpc_samsync.c
Changeset:
Modified: branches/SAMBA_3_0/source/utils/net_rpc_samsync.c
===
--- branches/SAMBA_3_0/source/utils/net_rpc_samsync.c 2006-03-23 15:03:52 UTC
(rev 14680)
+++ branches/SAMBA_3_0/source/utils/net_rpc_samsync.c 2006-03-23 16:39:37 UTC
(rev 14681)
@@ -1719,7 +1719,9 @@
{
char *suffix;
const char *builtin_sid = "S-1-5-32";
- char *ldif_file;
+ char *ldif_file, *add_ldif, *mod_ldif;
+ const char *add_template = "/tmp/add.ldif.XX";
+ const char *mod_template = "/tmp/mod.ldif.XX";
fstring sid, domainname;
uint32 sync_context = 0;
NTSTATUS ret = NT_STATUS_OK, result;
@@ -1728,7 +1730,6 @@
SAM_DELTA_HDR *hdr_deltas;
SAM_DELTA_CTR *deltas;
uint32 num_deltas;
- const char *add_ldif = "/tmp/add.ldif", *mod_ldif = "/tmp/mod.ldif";
FILE *add_fd = NULL, *mod_fd = NULL, *ldif_fd = NULL;
char sys_cmd[1024];
int num_alloced = 0, g_index = 0, a_index = 0, sys_cmd_result;
@@ -1751,18 +1752,20 @@
else
ldif_file = talloc_strdup(mem_ctx, "/tmp/tmp.ldif");
- if (ldif_file == NULL) {
+ add_ldif = talloc_strdup(mem_ctx, add_template);
+ mod_ldif = talloc_strdup(mem_ctx, mod_template);
+ if (!ldif_file || !add_ldif || !mod_ldif) {
ret = NT_STATUS_NO_MEMORY;
goto done;
}
/* Open the add and mod ldif files */
- if (!(add_fd = fopen(add_ldif, "a"))) {
+ if (!(add_fd = fdopen(smb_mkstemp(add_ldif),"w"))) {
DEBUG(1, ("Could not open %s\n", add_ldif));
ret = NT_STATUS_UNSUCCESSFUL;
goto done;
}
- if (!(mod_fd = fopen(mod_ldif, "a"))) {
+ if (!(mod_fd = fdopen(smb_mkstemp(mod_ldif),"w"))) {
DEBUG(1, ("Could not open %s\n", mod_ldif));
ret = NT_STATUS_UNSUCCESSFUL;
goto done;
@@ -1993,20 +1996,22 @@
goto done;
}
- /* Delete the temporary ldif files */
- if (unlink(add_ldif))
- d_fprintf(stderr, "unlink(%s) failed, error was (%s)\n",
- add_ldif, strerror(errno));
- if (unlink(mod_ldif))
- d_fprintf(stderr, "unlink(%s) failed, error was (%s)\n",
- mod_ldif, strerror(errno));
-
done:
- /* Close the ldif files */
+ /* Close and delete the ldif files */
if (add_fd)
fclose(add_fd);
+ if (strcmp(add_ldif, add_template) && (unlink(add_ldif))) {
+ DEBUG(1,("unlink(%s) failed, error was (%s)\n",
+add_ldif, strerror(errno)));
+ }
+
if (mod_fd)
fclose(mod_fd);
+ if (strcmp(mod_ldif, mod_template) && (unlink(mod_ldif))) {
+ DEBUG(1,("unlink(%s) failed, error was (%s)\n",
+mod_ldif, strerror(errno)));
+ }
+
if (ldif_fd)
fclose(ldif_fd);
Modified: trunk/source/utils/net_rpc_samsync.c
===
--- trunk/source/utils/net_rpc_samsync.c2006-03-23 15:03:52 UTC (rev
14680)
+++ trunk/source/utils/net_rpc_samsync.c2006-03-23 16:39:37 UTC (rev
14681)
@@ -1719,7 +1719,9 @@
{
char *suffix;
const char *builtin_sid = "S-1-5-32";
- char *ldif_file;
+ char *ldif_file, *add_ldif, *mod_ldif;
+ const char *add_template = "/tmp/add.ldif.XX";
+ const char *mod_template = "/tmp/mod.ldif.XX";
fstring sid, domainname;
uint32 sync_context = 0;
NTSTATUS ret = NT_STATUS_OK, result;
@@ -1728,7 +1730,6 @@
SAM_DELTA_HDR *hdr_deltas;
SAM_DELTA_CTR *deltas;
uint32 num_deltas;
- const char *add_ldif = "/tmp/add.ldif", *mod_ldif = "/tmp/mod.ldif";
FILE *add_fd = NULL, *mod_fd = NULL, *ldif_fd = NULL;
char sys_cmd[1024];
int num_alloced = 0, g_index = 0, a_index = 0, sys_cmd_result;
@@ -1751,18 +1752,20 @@
else
ldif_file = talloc_strdup(mem_ctx, "/tmp/
svn commit: samba r14408 - branches/SAMBA_3_0/source/libmsrpc trunk/source/libmsrpc
Author: jmcd Date: 2006-03-15 02:31:11 + (Wed, 15 Mar 2006) New Revision: 14408 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=14408 Log: More on fix for coverity #36. The previous fix would cause us to marshall a buffer based on an unknown size. Zero out the sec_desc buffer to prevent this. This is still not getting proper results for a registry security descriptor (everything gets ACCESS DENIED), but at least we aren't blowing out memory now... Modified: branches/SAMBA_3_0/source/libmsrpc/cac_winreg.c trunk/source/libmsrpc/cac_winreg.c Changeset: Modified: branches/SAMBA_3_0/source/libmsrpc/cac_winreg.c === --- branches/SAMBA_3_0/source/libmsrpc/cac_winreg.c 2006-03-15 02:16:19 UTC (rev 14407) +++ branches/SAMBA_3_0/source/libmsrpc/cac_winreg.c 2006-03-15 02:31:11 UTC (rev 14408) @@ -831,6 +831,8 @@ uint32 buf_size; SEC_DESC_BUF buf; + ZERO_STRUCT(buf); + if(!hnd) return CAC_FAILURE; Modified: trunk/source/libmsrpc/cac_winreg.c === --- trunk/source/libmsrpc/cac_winreg.c 2006-03-15 02:16:19 UTC (rev 14407) +++ trunk/source/libmsrpc/cac_winreg.c 2006-03-15 02:31:11 UTC (rev 14408) @@ -831,6 +831,8 @@ uint32 buf_size; SEC_DESC_BUF buf; + ZERO_STRUCT(buf); + if(!hnd) return CAC_FAILURE;
svn commit: samba r14320 - in trunk/source/passdb: .
Author: jmcd
Date: 2006-03-13 15:04:17 + (Mon, 13 Mar 2006)
New Revision: 14320
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=14320
Log:
Fix coverity #222: free storage before returning in error case. This
error doesn't occur in 3.0.
Modified:
trunk/source/passdb/pdb_ldap.c
Changeset:
Modified: trunk/source/passdb/pdb_ldap.c
===
--- trunk/source/passdb/pdb_ldap.c 2006-03-13 15:03:51 UTC (rev 14319)
+++ trunk/source/passdb/pdb_ldap.c 2006-03-13 15:04:17 UTC (rev 14320)
@@ -335,12 +335,12 @@
filter = talloc_asprintf(mem_ctx, "(&(uid=%s)(%s))",
escape_user,
get_objclass_filter_static(ldap_state->schema_ver));
+ SAFE_FREE(escape_user);
+
if (filter == NULL) {
return LDAP_NO_MEMORY;
}
- SAFE_FREE(escape_user);
-
return smbldap_search_suffix(ldap_state->smbldap_state, filter, attr,
result);
}
svn commit: samba r14280 - branches/SAMBA_3_0/source/lib trunk/source/lib
Author: jmcd Date: 2006-03-13 01:49:01 + (Mon, 13 Mar 2006) New Revision: 14280 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=14280 Log: Fix Coverity #129 and 130: check before dereferencing a pointer. This was especially silly as we checked immediately _after_ dereferencing it :-/ Modified: branches/SAMBA_3_0/source/lib/secdesc.c trunk/source/lib/secdesc.c Changeset: Modified: branches/SAMBA_3_0/source/lib/secdesc.c === --- branches/SAMBA_3_0/source/lib/secdesc.c 2006-03-13 01:42:40 UTC (rev 14279) +++ branches/SAMBA_3_0/source/lib/secdesc.c 2006-03-13 01:49:01 UTC (rev 14280) @@ -336,11 +336,11 @@ SEC_ACE *ace = 0; NTSTATUS status; - *sd_size = 0; - if (!ctx || !psd || !sid || !sd_size) return NT_STATUS_INVALID_PARAMETER; + *sd_size = 0; + status = sec_ace_add_sid(ctx, &ace, psd[0]->dacl->ace, &psd[0]->dacl->num_aces, sid, mask); if (!NT_STATUS_IS_OK(status)) @@ -388,11 +388,11 @@ SEC_ACE *ace = 0; NTSTATUS status; - *sd_size = 0; - if (!ctx || !psd[0] || !sid || !sd_size) return NT_STATUS_INVALID_PARAMETER; + *sd_size = 0; + status = sec_ace_del_sid(ctx, &ace, psd[0]->dacl->ace, &psd[0]->dacl->num_aces, sid); if (!NT_STATUS_IS_OK(status)) Modified: trunk/source/lib/secdesc.c === --- trunk/source/lib/secdesc.c 2006-03-13 01:42:40 UTC (rev 14279) +++ trunk/source/lib/secdesc.c 2006-03-13 01:49:01 UTC (rev 14280) @@ -336,11 +336,11 @@ SEC_ACE *ace = 0; NTSTATUS status; - *sd_size = 0; - if (!ctx || !psd || !sid || !sd_size) return NT_STATUS_INVALID_PARAMETER; + *sd_size = 0; + status = sec_ace_add_sid(ctx, &ace, psd[0]->dacl->ace, &psd[0]->dacl->num_aces, sid, mask); if (!NT_STATUS_IS_OK(status)) @@ -388,11 +388,11 @@ SEC_ACE *ace = 0; NTSTATUS status; - *sd_size = 0; - if (!ctx || !psd[0] || !sid || !sd_size) return NT_STATUS_INVALID_PARAMETER; + *sd_size = 0; + status = sec_ace_del_sid(ctx, &ace, psd[0]->dacl->ace, &psd[0]->dacl->num_aces, sid); if (!NT_STATUS_IS_OK(status))
svn commit: samba r14279 - branches/SAMBA_3_0/source/libsmb trunk/source/libsmb
Author: jmcd
Date: 2006-03-13 01:42:40 + (Mon, 13 Mar 2006)
New Revision: 14279
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=14279
Log:
Fix coverity #86, 87, 88, 89:
Free grp_sid and owner_sid before returning. Also, only allow one group
or owner.
Modified:
branches/SAMBA_3_0/source/libsmb/libsmbclient.c
trunk/source/libsmb/libsmbclient.c
Changeset:
Modified: branches/SAMBA_3_0/source/libsmb/libsmbclient.c
===
--- branches/SAMBA_3_0/source/libsmb/libsmbclient.c 2006-03-13 01:32:30 UTC
(rev 14278)
+++ branches/SAMBA_3_0/source/libsmb/libsmbclient.c 2006-03-13 01:42:40 UTC
(rev 14279)
@@ -3922,7 +3922,7 @@
{
const char *p = str;
fstring tok;
- SEC_DESC *ret;
+ SEC_DESC *ret = NULL;
size_t sd_size;
DOM_SID *grp_sid=NULL;
DOM_SID *owner_sid=NULL;
@@ -3937,49 +3937,65 @@
}
if (StrnCaseCmp(tok,"OWNER:", 6) == 0) {
+ if (owner_sid) {
+ DEBUG(5, ("OWNER specified more than once!\n"));
+ goto done;
+ }
owner_sid = SMB_CALLOC_ARRAY(DOM_SID, 1);
if (!owner_sid ||
!convert_string_to_sid(ipc_cli, pol,
numeric,
owner_sid, tok+6)) {
DEBUG(5, ("Failed to parse owner sid\n"));
- return NULL;
+ goto done;
}
continue;
}
if (StrnCaseCmp(tok,"OWNER+:", 7) == 0) {
+ if (owner_sid) {
+ DEBUG(5, ("OWNER specified more than once!\n"));
+ goto done;
+ }
owner_sid = SMB_CALLOC_ARRAY(DOM_SID, 1);
if (!owner_sid ||
!convert_string_to_sid(ipc_cli, pol,
False,
owner_sid, tok+7)) {
DEBUG(5, ("Failed to parse owner sid\n"));
- return NULL;
+ goto done;
}
continue;
}
if (StrnCaseCmp(tok,"GROUP:", 6) == 0) {
+ if (grp_sid) {
+ DEBUG(5, ("GROUP specified more than once!\n"));
+ goto done;
+ }
grp_sid = SMB_CALLOC_ARRAY(DOM_SID, 1);
if (!grp_sid ||
!convert_string_to_sid(ipc_cli, pol,
numeric,
grp_sid, tok+6)) {
DEBUG(5, ("Failed to parse group sid\n"));
- return NULL;
+ goto done;
}
continue;
}
if (StrnCaseCmp(tok,"GROUP+:", 7) == 0) {
+ if (grp_sid) {
+ DEBUG(5, ("GROUP specified more than once!\n"));
+ goto done;
+ }
grp_sid = SMB_CALLOC_ARRAY(DOM_SID, 1);
if (!grp_sid ||
!convert_string_to_sid(ipc_cli, pol,
False,
grp_sid, tok+6)) {
DEBUG(5, ("Failed to parse group sid\n"));
- return NULL;
+ goto done;
}
continue;
}
@@ -3988,11 +4004,11 @@
SEC_ACE ace;
if (!parse_ace(ipc_cli, pol, &ace, numeric, tok+4)) {
DEBUG(5, ("Failed to parse ACL %s\n", tok));
- return NULL;
+ goto done;
}
if(!add_ace(&dacl, &ace, ctx)) {
DEBUG(5, ("Failed to add ACL %s\n", tok));
- return NULL;
+ goto done;
}
continue;
}
@@ -4001,22 +4017,23 @@
SE
svn commit: samba r14278 - branches/SAMBA_3_0/source/utils trunk/source/utils
Author: jmcd
Date: 2006-03-13 01:32:30 + (Mon, 13 Mar 2006)
New Revision: 14278
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=14278
Log:
Remainder of fix for Coverity #79,80,81: only allow GROUP or OWNER to be
specified once in an ACL, so it can be allocated a second time,
overwriting the first
Modified:
branches/SAMBA_3_0/source/utils/smbcacls.c
trunk/source/utils/smbcacls.c
Changeset:
Modified: branches/SAMBA_3_0/source/utils/smbcacls.c
===
--- branches/SAMBA_3_0/source/utils/smbcacls.c 2006-03-13 01:32:30 UTC (rev
14277)
+++ branches/SAMBA_3_0/source/utils/smbcacls.c 2006-03-13 01:32:30 UTC (rev
14278)
@@ -392,6 +392,10 @@
}
if (strncmp(tok,"OWNER:", 6) == 0) {
+ if (owner_sid) {
+ printf("Only specify owner once\n");
+ goto done;
+ }
owner_sid = SMB_CALLOC_ARRAY(DOM_SID, 1);
if (!owner_sid ||
!StringToSid(owner_sid, tok+6)) {
@@ -402,6 +406,10 @@
}
if (strncmp(tok,"GROUP:", 6) == 0) {
+ if (grp_sid) {
+ printf("Only specify group once\n");
+ goto done;
+ }
grp_sid = SMB_CALLOC_ARRAY(DOM_SID, 1);
if (!grp_sid ||
!StringToSid(grp_sid, tok+6)) {
Modified: trunk/source/utils/smbcacls.c
===
--- trunk/source/utils/smbcacls.c 2006-03-13 01:32:30 UTC (rev 14277)
+++ trunk/source/utils/smbcacls.c 2006-03-13 01:32:30 UTC (rev 14278)
@@ -392,6 +392,10 @@
}
if (strncmp(tok,"OWNER:", 6) == 0) {
+ if (owner_sid) {
+ printf("Only specify owner once\n");
+ goto done;
+ }
owner_sid = SMB_CALLOC_ARRAY(DOM_SID, 1);
if (!owner_sid ||
!StringToSid(owner_sid, tok+6)) {
@@ -402,6 +406,10 @@
}
if (strncmp(tok,"GROUP:", 6) == 0) {
+ if (grp_sid) {
+ printf("Only specify group once\n");
+ goto done;
+ }
grp_sid = SMB_CALLOC_ARRAY(DOM_SID, 1);
if (!grp_sid ||
!StringToSid(grp_sid, tok+6)) {
svn commit: samba r14272 - branches/SAMBA_3_0/source/utils trunk/source/utils
Author: jmcd
Date: 2006-03-13 00:35:33 + (Mon, 13 Mar 2006)
New Revision: 14272
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=14272
Log:
Fix Coverity # 81: free alloc'ed storage before returning
Modified:
branches/SAMBA_3_0/source/utils/smbcacls.c
trunk/source/utils/smbcacls.c
Changeset:
Modified: branches/SAMBA_3_0/source/utils/smbcacls.c
===
--- branches/SAMBA_3_0/source/utils/smbcacls.c 2006-03-13 00:30:23 UTC (rev
14271)
+++ branches/SAMBA_3_0/source/utils/smbcacls.c 2006-03-13 00:35:33 UTC (rev
14272)
@@ -378,7 +378,7 @@
{
const char *p = str;
fstring tok;
- SEC_DESC *ret;
+ SEC_DESC *ret = NULL;
size_t sd_size;
DOM_SID *grp_sid=NULL, *owner_sid=NULL;
SEC_ACL *dacl=NULL;
@@ -396,7 +396,7 @@
if (!owner_sid ||
!StringToSid(owner_sid, tok+6)) {
printf("Failed to parse owner sid\n");
- return NULL;
+ goto done;
}
continue;
}
@@ -406,7 +406,7 @@
if (!grp_sid ||
!StringToSid(grp_sid, tok+6)) {
printf("Failed to parse group sid\n");
- return NULL;
+ goto done;
}
continue;
}
@@ -414,22 +414,23 @@
if (strncmp(tok,"ACL:", 4) == 0) {
SEC_ACE ace;
if (!parse_ace(&ace, tok+4)) {
- return NULL;
+ goto done;
}
if(!add_ace(&dacl, &ace)) {
printf("Failed to add ACL %s\n", tok);
- return NULL;
+ goto done;
}
continue;
}
printf("Failed to parse token '%s' in security descriptor,\n",
tok);
- return NULL;
+ goto done;
}
ret = make_sec_desc(ctx,revision, SEC_DESC_SELF_RELATIVE, owner_sid,
grp_sid,
NULL, dacl, &sd_size);
+ done:
SAFE_FREE(grp_sid);
SAFE_FREE(owner_sid);
Modified: trunk/source/utils/smbcacls.c
===
--- trunk/source/utils/smbcacls.c 2006-03-13 00:30:23 UTC (rev 14271)
+++ trunk/source/utils/smbcacls.c 2006-03-13 00:35:33 UTC (rev 14272)
@@ -378,7 +378,7 @@
{
const char *p = str;
fstring tok;
- SEC_DESC *ret;
+ SEC_DESC *ret = NULL;
size_t sd_size;
DOM_SID *grp_sid=NULL, *owner_sid=NULL;
SEC_ACL *dacl=NULL;
@@ -396,7 +396,7 @@
if (!owner_sid ||
!StringToSid(owner_sid, tok+6)) {
printf("Failed to parse owner sid\n");
- return NULL;
+ goto done;
}
continue;
}
@@ -406,7 +406,7 @@
if (!grp_sid ||
!StringToSid(grp_sid, tok+6)) {
printf("Failed to parse group sid\n");
- return NULL;
+ goto done;
}
continue;
}
@@ -414,22 +414,23 @@
if (strncmp(tok,"ACL:", 4) == 0) {
SEC_ACE ace;
if (!parse_ace(&ace, tok+4)) {
- return NULL;
+ goto done;
}
if(!add_ace(&dacl, &ace)) {
printf("Failed to add ACL %s\n", tok);
- return NULL;
+ goto done;
}
continue;
}
printf("Failed to parse token '%s' in security descriptor,\n",
tok);
- return NULL;
+ goto done;
}
ret = make_sec_desc(ctx,revision, SEC_DESC_SELF_RELATIVE, owner_sid,
grp_sid,
NULL, dacl, &sd_size);
+ done:
SAFE_FREE(grp_sid);
SAFE_FREE(owner_sid);
svn commit: samba r14252 - branches/SAMBA_3_0/source/libads trunk/source/libads
Author: jmcd
Date: 2006-03-12 19:56:10 + (Sun, 12 Mar 2006)
New Revision: 14252
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=14252
Log:
Fix Coverity #72: free alloc'ed storage before return. Also found one
more that coverity didn't find from asprintf.
Modified:
branches/SAMBA_3_0/source/libads/ldap.c
trunk/source/libads/ldap.c
Changeset:
Modified: branches/SAMBA_3_0/source/libads/ldap.c
===
--- branches/SAMBA_3_0/source/libads/ldap.c 2006-03-12 19:16:57 UTC (rev
14251)
+++ branches/SAMBA_3_0/source/libads/ldap.c 2006-03-12 19:56:10 UTC (rev
14252)
@@ -1914,7 +1914,10 @@
* we have to bail out before prs_init */
ps_wire.is_dynamic = False;
- if (!ads) return ADS_ERROR(LDAP_SERVER_DOWN);
+ if (!ads) {
+ SAFE_FREE(escaped_hostname);
+ return ADS_ERROR(LDAP_SERVER_DOWN);
+ }
ret = ADS_ERROR(LDAP_SUCCESS);
@@ -1932,6 +1935,8 @@
ret = ads_search(ads, (void *) &res, expr, attrs);
+ SAFE_FREE(expr);
+
if (!ADS_ERR_OK(ret)) return ret;
if ( !(msg = ads_first_entry(ads, res) )) {
Modified: trunk/source/libads/ldap.c
===
--- trunk/source/libads/ldap.c 2006-03-12 19:16:57 UTC (rev 14251)
+++ trunk/source/libads/ldap.c 2006-03-12 19:56:10 UTC (rev 14252)
@@ -1914,7 +1914,10 @@
* we have to bail out before prs_init */
ps_wire.is_dynamic = False;
- if (!ads) return ADS_ERROR(LDAP_SERVER_DOWN);
+ if (!ads) {
+ SAFE_FREE(escaped_hostname);
+ return ADS_ERROR(LDAP_SERVER_DOWN);
+ }
ret = ADS_ERROR(LDAP_SUCCESS);
@@ -1932,6 +1935,8 @@
ret = ads_search(ads, (void *) &res, expr, attrs);
+ SAFE_FREE(expr);
+
if (!ADS_ERR_OK(ret)) return ret;
if ( !(msg = ads_first_entry(ads, res) )) {
svn commit: samba r14156 - branches/SAMBA_3_0/source/utils trunk/source/utils
Author: jmcd Date: 2006-03-10 14:28:51 + (Fri, 10 Mar 2006) New Revision: 14156 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=14156 Log: Fix coverity #114: free storage alloc'ed by sstring_sub() Modified: branches/SAMBA_3_0/source/utils/net_rpc_samsync.c trunk/source/utils/net_rpc_samsync.c Changeset: Modified: branches/SAMBA_3_0/source/utils/net_rpc_samsync.c === --- branches/SAMBA_3_0/source/utils/net_rpc_samsync.c 2006-03-10 14:20:09 UTC (rev 14155) +++ branches/SAMBA_3_0/source/utils/net_rpc_samsync.c 2006-03-10 14:28:51 UTC (rev 14156) @@ -1455,7 +1455,7 @@ fstring hex_nt_passwd, hex_lm_passwd; fstring description, fullname, sambaSID; uchar lm_passwd[16], nt_passwd[16]; - char *flags; + char *flags, *user_rdn; const char* nopasswd = ""; static uchar zero_buf[16]; uint32 rid = 0, group_rid = 0, gidNumber = 0; @@ -1551,10 +1551,11 @@ NEW_PW_FORMAT_SPACE_PADDED_LEN); /* Add the user to the temporary add ldif file */ - fprintf(add_fd, "# %s, %s, %s\n", username, - sstring_sub(lp_ldap_user_suffix(), '=', ','), suffix); - fprintf(add_fd, "dn: uid=%s,ou=%s,%s\n", username, - sstring_sub(lp_ldap_user_suffix(), '=', ','), suffix); + /* this isn't quite right...we can't assume there's just OU=. jmcd */ + user_rdn = sstring_sub(lp_ldap_user_suffix(), '=', ','); + fprintf(add_fd, "# %s, %s, %s\n", username, user_rdn, suffix); + fprintf(add_fd, "dn: uid=%s,ou=%s,%s\n", username, user_rdn, suffix); + SAFE_FREE(user_rdn); fprintf(add_fd, "ObjectClass: top\n"); fprintf(add_fd, "objectClass: inetOrgPerson\n"); fprintf(add_fd, "objectClass: posixAccount\n"); Modified: trunk/source/utils/net_rpc_samsync.c === --- trunk/source/utils/net_rpc_samsync.c2006-03-10 14:20:09 UTC (rev 14155) +++ trunk/source/utils/net_rpc_samsync.c2006-03-10 14:28:51 UTC (rev 14156) @@ -1455,7 +1455,7 @@ fstring hex_nt_passwd, hex_lm_passwd; fstring description, fullname, sambaSID; uchar lm_passwd[16], nt_passwd[16]; - char *flags; + char *flags, *user_rdn; const char* nopasswd = ""; static uchar zero_buf[16]; uint32 rid = 0, group_rid = 0, gidNumber = 0; @@ -1551,10 +1551,11 @@ NEW_PW_FORMAT_SPACE_PADDED_LEN); /* Add the user to the temporary add ldif file */ - fprintf(add_fd, "# %s, %s, %s\n", username, - sstring_sub(lp_ldap_user_suffix(), '=', ','), suffix); - fprintf(add_fd, "dn: uid=%s,ou=%s,%s\n", username, - sstring_sub(lp_ldap_user_suffix(), '=', ','), suffix); + /* this isn't quite right...we can't assume there's just OU=. jmcd */ + user_rdn = sstring_sub(lp_ldap_user_suffix(), '=', ','); + fprintf(add_fd, "# %s, %s, %s\n", username, user_rdn, suffix); + fprintf(add_fd, "dn: uid=%s,ou=%s,%s\n", username, user_rdn, suffix); + SAFE_FREE(user_rdn); fprintf(add_fd, "ObjectClass: top\n"); fprintf(add_fd, "objectClass: inetOrgPerson\n"); fprintf(add_fd, "objectClass: posixAccount\n");
svn commit: samba r14155 - branches/SAMBA_3_0/source/utils trunk/source/utils
Author: jmcd
Date: 2006-03-10 14:20:09 + (Fri, 10 Mar 2006)
New Revision: 14155
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=14155
Log:
Fix coverity #115: free storage alloc'ed by sstring_sub()
Modified:
branches/SAMBA_3_0/source/utils/net_rpc_samsync.c
trunk/source/utils/net_rpc_samsync.c
Changeset:
Modified: branches/SAMBA_3_0/source/utils/net_rpc_samsync.c
===
--- branches/SAMBA_3_0/source/utils/net_rpc_samsync.c 2006-03-10 14:18:10 UTC
(rev 14154)
+++ branches/SAMBA_3_0/source/utils/net_rpc_samsync.c 2006-03-10 14:20:09 UTC
(rev 14155)
@@ -1636,6 +1636,7 @@
strcmp(aliasname, "Print Operators") == 0 ||
strcmp(aliasname, "Backup Operators") == 0 ||
strcmp(aliasname, "Replicator") == 0) {
+ SAFE_FREE(group_attr);
return NT_STATUS_OK;
} else {
/* Increment the gid for the new group */
@@ -1663,6 +1664,7 @@
fprintf(add_fd, "\n");
fflush(add_fd);
+ SAFE_FREE(group_attr);
/* Return */
return NT_STATUS_OK;
}
Modified: trunk/source/utils/net_rpc_samsync.c
===
--- trunk/source/utils/net_rpc_samsync.c2006-03-10 14:18:10 UTC (rev
14154)
+++ trunk/source/utils/net_rpc_samsync.c2006-03-10 14:20:09 UTC (rev
14155)
@@ -1636,6 +1636,7 @@
strcmp(aliasname, "Print Operators") == 0 ||
strcmp(aliasname, "Backup Operators") == 0 ||
strcmp(aliasname, "Replicator") == 0) {
+ SAFE_FREE(group_attr);
return NT_STATUS_OK;
} else {
/* Increment the gid for the new group */
@@ -1663,6 +1664,7 @@
fprintf(add_fd, "\n");
fflush(add_fd);
+ SAFE_FREE(group_attr);
/* Return */
return NT_STATUS_OK;
}
svn commit: samba r14153 - branches/SAMBA_3_0/source/utils trunk/source/utils
Author: jmcd
Date: 2006-03-10 14:17:44 + (Fri, 10 Mar 2006)
New Revision: 14153
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=14153
Log:
Fix coverity #116: free storage alloc'ed by sstring_sub()
Modified:
branches/SAMBA_3_0/source/utils/net_rpc_samsync.c
trunk/source/utils/net_rpc_samsync.c
Changeset:
Modified: branches/SAMBA_3_0/source/utils/net_rpc_samsync.c
===
--- branches/SAMBA_3_0/source/utils/net_rpc_samsync.c 2006-03-10 14:14:23 UTC
(rev 14152)
+++ branches/SAMBA_3_0/source/utils/net_rpc_samsync.c 2006-03-10 14:17:44 UTC
(rev 14153)
@@ -1412,6 +1412,7 @@
strcmp(groupname, "Print Operators") == 0 ||
strcmp(groupname, "Backup Operators") == 0 ||
strcmp(groupname, "Replicators") == 0) {
+ SAFE_FREE(group_attr);
return NT_STATUS_OK;
} else {
/* Increment the gid for the new group */
@@ -1441,6 +1442,7 @@
fprintf(add_fd, "\n");
fflush(add_fd);
+ SAFE_FREE(group_attr);
/* Return */
return NT_STATUS_OK;
}
Modified: trunk/source/utils/net_rpc_samsync.c
===
--- trunk/source/utils/net_rpc_samsync.c2006-03-10 14:14:23 UTC (rev
14152)
+++ trunk/source/utils/net_rpc_samsync.c2006-03-10 14:17:44 UTC (rev
14153)
@@ -1412,6 +1412,7 @@
strcmp(groupname, "Print Operators") == 0 ||
strcmp(groupname, "Backup Operators") == 0 ||
strcmp(groupname, "Replicators") == 0) {
+ SAFE_FREE(group_attr);
return NT_STATUS_OK;
} else {
/* Increment the gid for the new group */
@@ -1441,6 +1442,7 @@
fprintf(add_fd, "\n");
fflush(add_fd);
+ SAFE_FREE(group_attr);
/* Return */
return NT_STATUS_OK;
}
svn commit: samba r14152 - branches/SAMBA_3_0/source/utils trunk/source/utils
Author: jmcd Date: 2006-03-10 14:14:23 + (Fri, 10 Mar 2006) New Revision: 14152 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=14152 Log: Fix coverity #117: free storage alloc'ed by sstring_sub Modified: branches/SAMBA_3_0/source/utils/net_rpc_samsync.c trunk/source/utils/net_rpc_samsync.c Changeset: Modified: branches/SAMBA_3_0/source/utils/net_rpc_samsync.c === --- branches/SAMBA_3_0/source/utils/net_rpc_samsync.c 2006-03-10 14:13:04 UTC (rev 14151) +++ branches/SAMBA_3_0/source/utils/net_rpc_samsync.c 2006-03-10 14:14:23 UTC (rev 14152) @@ -1384,6 +1384,7 @@ group_attr, suffix); accountmap[7].rid = 551; pstr_sprintf(accountmap[7].cn, "%s", "Replicators"); + SAFE_FREE(group_attr); return NT_STATUS_OK; } Modified: trunk/source/utils/net_rpc_samsync.c === --- trunk/source/utils/net_rpc_samsync.c2006-03-10 14:13:04 UTC (rev 14151) +++ trunk/source/utils/net_rpc_samsync.c2006-03-10 14:14:23 UTC (rev 14152) @@ -1384,6 +1384,7 @@ group_attr, suffix); accountmap[7].rid = 551; pstr_sprintf(accountmap[7].cn, "%s", "Replicators"); + SAFE_FREE(group_attr); return NT_STATUS_OK; }
svn commit: samba r14150 - branches/SAMBA_3_0/source/utils trunk/source/utils
Author: jmcd Date: 2006-03-10 14:09:34 + (Fri, 10 Mar 2006) New Revision: 14150 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=14150 Log: Fix coverity #118: not freeing alloc'ed storage returned from sstring_sub(). Modified: branches/SAMBA_3_0/source/utils/net_rpc_samsync.c trunk/source/utils/net_rpc_samsync.c Changeset: Modified: branches/SAMBA_3_0/source/utils/net_rpc_samsync.c === --- branches/SAMBA_3_0/source/utils/net_rpc_samsync.c 2006-03-10 13:38:17 UTC (rev 14149) +++ branches/SAMBA_3_0/source/utils/net_rpc_samsync.c 2006-03-10 14:09:34 UTC (rev 14150) @@ -1309,7 +1309,9 @@ fflush(add_fd); /* Deallocate memory, and return */ - if (suffix_attr != NULL) SAFE_FREE(suffix_attr); + SAFE_FREE(suffix_attr); + SAFE_FREE(user_attr); + SAFE_FREE(group_attr); return NT_STATUS_OK; } Modified: trunk/source/utils/net_rpc_samsync.c === --- trunk/source/utils/net_rpc_samsync.c2006-03-10 13:38:17 UTC (rev 14149) +++ trunk/source/utils/net_rpc_samsync.c2006-03-10 14:09:34 UTC (rev 14150) @@ -1309,7 +1309,9 @@ fflush(add_fd); /* Deallocate memory, and return */ - if (suffix_attr != NULL) SAFE_FREE(suffix_attr); + SAFE_FREE(suffix_attr); + SAFE_FREE(user_attr); + SAFE_FREE(group_attr); return NT_STATUS_OK; }
svn commit: samba r14147 - branches/SAMBA_3_0/source/utils trunk/source/utils
Author: jmcd
Date: 2006-03-10 13:33:02 + (Fri, 10 Mar 2006)
New Revision: 14147
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=14147
Log:
Fix coverity #119. alloc'ed memory returned not saved, so not freed.
Need to go back and correct the assumption that an "ldap xxx suffix"
parm must have an OU.
Modified:
branches/SAMBA_3_0/source/utils/net_rpc_samsync.c
trunk/source/utils/net_rpc_samsync.c
Changeset:
Modified: branches/SAMBA_3_0/source/utils/net_rpc_samsync.c
===
--- branches/SAMBA_3_0/source/utils/net_rpc_samsync.c 2006-03-10 13:14:01 UTC
(rev 14146)
+++ branches/SAMBA_3_0/source/utils/net_rpc_samsync.c 2006-03-10 13:33:02 UTC
(rev 14147)
@@ -1076,11 +1076,15 @@
if (machine_suffix && *machine_suffix &&
strcmp(machine_suffix, user_suffix) &&
strcmp(machine_suffix, suffix)) {
- fprintf(add_fd, "# %s\n", lp_ldap_machine_suffix());
- fprintf(add_fd, "dn: %s\n", lp_ldap_machine_suffix());
+ char *machine_ou = NULL;
+ fprintf(add_fd, "# %s\n", machine_suffix);
+ fprintf(add_fd, "dn: %s\n", machine_suffix);
fprintf(add_fd, "objectClass: organizationalUnit\n");
- fprintf(add_fd, "ou: %s\n",
- sstring_sub(lp_ldap_machine_suffix(), '=', ','));
+ /* this isn't totally correct as it assumes that
+ there _must_ be an ou. just fixing memleak now. jmcd */
+ machine_ou = sstring_sub(lp_ldap_machine_suffix(), '=', ',');
+ fprintf(add_fd, "ou: %s\n", machine_ou);
+ SAFE_FREE(machine_ou);
fprintf(add_fd, "\n");
fflush(add_fd);
}
Modified: trunk/source/utils/net_rpc_samsync.c
===
--- trunk/source/utils/net_rpc_samsync.c2006-03-10 13:14:01 UTC (rev
14146)
+++ trunk/source/utils/net_rpc_samsync.c2006-03-10 13:33:02 UTC (rev
14147)
@@ -1076,11 +1076,15 @@
if (machine_suffix && *machine_suffix &&
strcmp(machine_suffix, user_suffix) &&
strcmp(machine_suffix, suffix)) {
- fprintf(add_fd, "# %s\n", lp_ldap_machine_suffix());
- fprintf(add_fd, "dn: %s\n", lp_ldap_machine_suffix());
+ char *machine_ou = NULL;
+ fprintf(add_fd, "# %s\n", machine_suffix);
+ fprintf(add_fd, "dn: %s\n", machine_suffix);
fprintf(add_fd, "objectClass: organizationalUnit\n");
- fprintf(add_fd, "ou: %s\n",
- sstring_sub(lp_ldap_machine_suffix(), '=', ','));
+ /* this isn't totally correct as it assumes that
+ there _must_ be an ou. just fixing memleak now. jmcd */
+ machine_ou = sstring_sub(lp_ldap_machine_suffix(), '=', ',');
+ fprintf(add_fd, "ou: %s\n", machine_ou);
+ SAFE_FREE(machine_ou);
fprintf(add_fd, "\n");
fflush(add_fd);
}
svn commit: samba r14135 - branches/SAMBA_3_0/source/utils trunk/source/utils
Author: jmcd
Date: 2006-03-10 09:41:08 + (Fri, 10 Mar 2006)
New Revision: 14135
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=14135
Log:
Fix for Coverity #123: resource leak. Also rework much of the code to
make it cleaner. There's still more to do on this...
Modified:
branches/SAMBA_3_0/source/utils/net_rpc_samsync.c
trunk/source/utils/net_rpc_samsync.c
Changeset:
Modified: branches/SAMBA_3_0/source/utils/net_rpc_samsync.c
===
--- branches/SAMBA_3_0/source/utils/net_rpc_samsync.c 2006-03-10 09:07:03 UTC
(rev 14134)
+++ branches/SAMBA_3_0/source/utils/net_rpc_samsync.c 2006-03-10 09:41:08 UTC
(rev 14135)
@@ -1710,14 +1710,14 @@
char *ldif_file;
fstring sid, domainname;
uint32 sync_context = 0;
- NTSTATUS result;
+ NTSTATUS ret = NT_STATUS_OK, result;
int k;
TALLOC_CTX *mem_ctx;
SAM_DELTA_HDR *hdr_deltas;
SAM_DELTA_CTR *deltas;
uint32 num_deltas;
const char *add_ldif = "/tmp/add.ldif", *mod_ldif = "/tmp/mod.ldif";
- FILE *add_fd, *mod_fd, *ldif_fd;
+ FILE *add_fd = NULL, *mod_fd = NULL, *ldif_fd = NULL;
char sys_cmd[1024];
int num_alloced = 0, g_index = 0, a_index = 0, sys_cmd_result;
@@ -1739,22 +1739,29 @@
else
ldif_file = talloc_strdup(mem_ctx, "/tmp/tmp.ldif");
- if (ldif_file == NULL)
- return NT_STATUS_NO_MEMORY;
+ if (ldif_file == NULL) {
+ ret = NT_STATUS_NO_MEMORY;
+ goto done;
+ }
/* Open the add and mod ldif files */
- add_fd = fopen(add_ldif, "a");
- mod_fd = fopen(mod_ldif, "a");
- if (add_fd == NULL || mod_fd == NULL) {
+ if (!(add_fd = fopen(add_ldif, "a"))) {
DEBUG(1, ("Could not open %s\n", add_ldif));
- return NT_STATUS_UNSUCCESSFUL;
+ ret = NT_STATUS_UNSUCCESSFUL;
+ goto done;
+ }
+ if (!(mod_fd = fopen(mod_ldif, "a"))) {
+ DEBUG(1, ("Could not open %s\n", mod_ldif));
+ ret = NT_STATUS_UNSUCCESSFUL;
+ goto done;
}
/* Open the user's ldif file */
ldif_fd = fopen(ldif_file, "a");
if (ldif_fd == NULL) {
DEBUG(1, ("Could not open %s\n", ldif_file));
- return NT_STATUS_UNSUCCESSFUL;
+ ret = NT_STATUS_UNSUCCESSFUL;
+ goto done;
}
/* Get the sid */
@@ -1779,7 +1786,8 @@
accountmap = SMB_MALLOC_ARRAY(ACCOUNTMAP, 8);
if (groupmap == NULL || accountmap == NULL) {
DEBUG(1,("GROUPMAP malloc failed\n"));
- return NT_STATUS_NO_MEMORY;
+ ret = NT_STATUS_NO_MEMORY;
+ goto done;
}
/* Initialize the arrays */
@@ -1821,7 +1829,8 @@
&deltas);
if (!NT_STATUS_IS_OK(result) &&
!NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)) {
- return NT_STATUS_OK;
+ ret = NT_STATUS_OK;
+ goto done; /* is this correct? jmcd */
}
/* Re-allocate memory for groupmap and accountmap arrays */
@@ -1831,9 +1840,8 @@
num_deltas+num_alloced);
if (groupmap == NULL || accountmap == NULL) {
DEBUG(1,("GROUPMAP malloc failed\n"));
- SAFE_FREE(groupmap);
- SAFE_FREE(accountmap);
- return NT_STATUS_NO_MEMORY;
+ ret = NT_STATUS_NO_MEMORY;
+ goto done;
}
/* Initialize the new records */
@@ -1925,7 +1933,9 @@
/* Close the ldif files */
fclose(add_fd);
+ add_fd = NULL;
fclose(mod_fd);
+ mod_fd = NULL;
/* Write ldif data to the user's file */
if (db_type == SAM_DATABASE_DOMAIN) {
@@ -1946,7 +1956,8 @@
if (sys_cmd_result) {
d_fprintf(stderr, "%s failed. Error was (%s)\n",
sys_cmd, strerror(errno));
- return NT_STATUS_UNSUCCESSFUL;
+ ret = NT_STATUS_UNSUCCESSFUL;
+ goto done;
}
if (db_type == SAM_DATABASE_DOMAIN) {
fprintf(ldif_fd,
@@ -1966,20 +1977,26 @@
if (sys_cmd_result) {
d_fprintf(stderr, "%s failed. Error was (%s)\n",
sys_cmd, strerror(errno));
- return NT_STATUS_UNSUCCESSFUL;
+
svn commit: samba r14085 - branches/SAMBA_3_0/source/utils trunk/source/utils
Author: jmcd Date: 2006-03-09 18:03:54 + (Thu, 09 Mar 2006) New Revision: 14085 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=14085 Log: Fix coverity bg #152, uninit'ed var. Modified: branches/SAMBA_3_0/source/utils/net_rpc_join.c trunk/source/utils/net_rpc_join.c Changeset: Modified: branches/SAMBA_3_0/source/utils/net_rpc_join.c === --- branches/SAMBA_3_0/source/utils/net_rpc_join.c 2006-03-09 18:01:48 UTC (rev 14084) +++ branches/SAMBA_3_0/source/utils/net_rpc_join.c 2006-03-09 18:03:54 UTC (rev 14085) @@ -137,7 +137,7 @@ NTSTATUS result; int retval = 1; - char *domain; + char *domain = NULL; uint32 num_rids, *name_types, *user_rids; uint32 flags = 0x3e8; char *acct_name; Modified: trunk/source/utils/net_rpc_join.c === --- trunk/source/utils/net_rpc_join.c 2006-03-09 18:01:48 UTC (rev 14084) +++ trunk/source/utils/net_rpc_join.c 2006-03-09 18:03:54 UTC (rev 14085) @@ -137,7 +137,7 @@ NTSTATUS result; int retval = 1; - char *domain; + char *domain = NULL; uint32 num_rids, *name_types, *user_rids; uint32 flags = 0x3e8; char *acct_name;
svn commit: samba r14053 - branches/SAMBA_3_0/source/utils trunk/source/utils
Author: jmcd
Date: 2006-03-08 21:29:49 + (Wed, 08 Mar 2006)
New Revision: 14053
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=14053
Log:
Implement Simo's suggestion: don't use /dev/null for a 'bad' path for
users/workstations
Modified:
branches/SAMBA_3_0/source/utils/net_rpc_samsync.c
trunk/source/utils/net_rpc_samsync.c
Changeset:
Modified: branches/SAMBA_3_0/source/utils/net_rpc_samsync.c
===
--- branches/SAMBA_3_0/source/utils/net_rpc_samsync.c 2006-03-08 21:20:43 UTC
(rev 14052)
+++ branches/SAMBA_3_0/source/utils/net_rpc_samsync.c 2006-03-08 21:29:49 UTC
(rev 14053)
@@ -1158,7 +1158,7 @@
fprintf(add_fd, "gidNumber: 514\n");
fprintf(add_fd, "uid: nobody\n");
fprintf(add_fd, "uidNumber: 999\n");
- fprintf(add_fd, "homeDirectory: /dev/null\n");
+ fprintf(add_fd, "homeDirectory: /nobodyshomedir\n");
fprintf(add_fd, "sambaPwdLastSet: 0\n");
fprintf(add_fd, "sambaLogonTime: 0\n");
fprintf(add_fd, "sambaLogoffTime: 2147483647\n");
@@ -1472,7 +1472,7 @@
if (!*homedir) {
pstr_sprintf(homedir, "/home/%s", username);
} else {
- pstr_sprintf(homedir, "/dev/null");
+ pstr_sprintf(homedir, "/nobodyshomedir");
}
}
Modified: trunk/source/utils/net_rpc_samsync.c
===
--- trunk/source/utils/net_rpc_samsync.c2006-03-08 21:20:43 UTC (rev
14052)
+++ trunk/source/utils/net_rpc_samsync.c2006-03-08 21:29:49 UTC (rev
14053)
@@ -1158,7 +1158,7 @@
fprintf(add_fd, "gidNumber: 514\n");
fprintf(add_fd, "uid: nobody\n");
fprintf(add_fd, "uidNumber: 999\n");
- fprintf(add_fd, "homeDirectory: /dev/null\n");
+ fprintf(add_fd, "homeDirectory: /nobodyshomedir\n");
fprintf(add_fd, "sambaPwdLastSet: 0\n");
fprintf(add_fd, "sambaLogonTime: 0\n");
fprintf(add_fd, "sambaLogoffTime: 2147483647\n");
@@ -1472,7 +1472,7 @@
if (!*homedir) {
pstr_sprintf(homedir, "/home/%s", username);
} else {
- pstr_sprintf(homedir, "/dev/null");
+ pstr_sprintf(homedir, "/nobodyshomedir");
}
}
svn commit: samba r13968 - branches/SAMBA_3_0/source/utils trunk/source/utils
Author: jmcd
Date: 2006-03-07 17:49:26 + (Tue, 07 Mar 2006)
New Revision: 13968
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=13968
Log:
fix typo, caught by Guenther
Modified:
branches/SAMBA_3_0/source/utils/net_rpc_samsync.c
trunk/source/utils/net_rpc_samsync.c
Changeset:
Modified: branches/SAMBA_3_0/source/utils/net_rpc_samsync.c
===
--- branches/SAMBA_3_0/source/utils/net_rpc_samsync.c 2006-03-07 17:15:18 UTC
(rev 13967)
+++ branches/SAMBA_3_0/source/utils/net_rpc_samsync.c 2006-03-07 17:49:26 UTC
(rev 13968)
@@ -1464,7 +1464,7 @@
if (!*homedir) {
pstr_sprintf(homedir, "/home/%s", username);
} else {
- pstr_sprintf(homedir, "dev/null");
+ pstr_sprintf(homedir, "/dev/null");
}
}
Modified: trunk/source/utils/net_rpc_samsync.c
===
--- trunk/source/utils/net_rpc_samsync.c2006-03-07 17:15:18 UTC (rev
13967)
+++ trunk/source/utils/net_rpc_samsync.c2006-03-07 17:49:26 UTC (rev
13968)
@@ -1464,7 +1464,7 @@
if (!*homedir) {
pstr_sprintf(homedir, "/home/%s", username);
} else {
- pstr_sprintf(homedir, "dev/null");
+ pstr_sprintf(homedir, "/dev/null");
}
}
svn commit: samba r13957 - branches/SAMBA_3_0/source/utils trunk/source/utils
Author: jmcd
Date: 2006-03-07 16:29:25 + (Tue, 07 Mar 2006)
New Revision: 13957
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=13957
Log:
Based on patch from Richard Renard <[EMAIL PROTECTED]>:
Fix machine accounts (should not have valid shells) and users with no
home directory (were getting previous user's directory).
Modified:
branches/SAMBA_3_0/source/utils/net_rpc_samsync.c
trunk/source/utils/net_rpc_samsync.c
Changeset:
Modified: branches/SAMBA_3_0/source/utils/net_rpc_samsync.c
===
--- branches/SAMBA_3_0/source/utils/net_rpc_samsync.c 2006-03-07 16:28:39 UTC
(rev 13956)
+++ branches/SAMBA_3_0/source/utils/net_rpc_samsync.c 2006-03-07 16:29:25 UTC
(rev 13957)
@@ -494,7 +494,7 @@
static NTSTATUS fetch_account_info(uint32 rid, SAM_ACCOUNT_INFO *delta)
{
- NTSTATUS nt_ret;
+ NTSTATUS nt_ret = NT_STATUS_UNSUCCESSFUL;
fstring account;
pstring add_script;
struct samu *sam_account=NULL;
@@ -1434,12 +1434,11 @@
ACCOUNTMAP *accountmap, FILE *add_fd,
fstring sid, char *suffix, int alloced)
{
- fstring username, homedir, logonscript, homedrive, homepath;
+ fstring username, logonscript, homedrive, homepath = "", homedir = "";
fstring hex_nt_passwd, hex_lm_passwd;
fstring description, fullname, sambaSID;
uchar lm_passwd[16], nt_passwd[16];
char *flags;
- const char *blank = "", *shell = "/bin/bash";
const char* nopasswd = "";
static uchar zero_buf[16];
uint32 rid = 0, group_rid = 0, gidNumber = 0;
@@ -1459,12 +1458,14 @@
pstr_sprintf(accountmap->cn, "%s", username);
/* Get the home directory */
- unistr2_to_ascii(homedir, &(delta->account_info.uni_home_dir),
-sizeof(homedir)-1);
- if (strcmp(homedir, blank) == 0) {
- pstr_sprintf(homedir, "/home/%s", username);
- } else {
- strncpy(homepath, homedir, sizeof(homepath));
+ if (delta->account_info.acb_info & ACB_NORMAL) {
+ unistr2_to_ascii(homedir, &(delta->account_info.uni_home_dir),
+sizeof(homedir)-1);
+ if (!*homedir) {
+ pstr_sprintf(homedir, "/home/%s", username);
+ } else {
+ pstr_sprintf(homedir, "dev/null");
+ }
}
/* Get the logon script */
@@ -1478,7 +1479,7 @@
/* Get the description */
unistr2_to_ascii(description, &(delta->account_info.uni_acct_desc),
sizeof(description)-1);
- if (strcmp(description, blank) == 0) {
+ if (!*description) {
pstr_sprintf(description, "System User");
}
@@ -1548,18 +1549,20 @@
fprintf(add_fd, "uidNumber: %d\n", ldif_uid);
fprintf(add_fd, "gidNumber: %d\n", gidNumber);
fprintf(add_fd, "homeDirectory: %s\n", homedir);
- if (strcmp(homepath, blank) != 0)
+ if (*homepath)
fprintf(add_fd, "SambaHomePath: %s\n", homepath);
-if (strcmp(homedrive, blank) != 0)
+if (*homedrive)
fprintf(add_fd, "SambaHomeDrive: %s\n", homedrive);
-if (strcmp(logonscript, blank) != 0)
+if (*logonscript)
fprintf(add_fd, "SambaLogonScript: %s\n", logonscript);
- fprintf(add_fd, "loginShell: %s\n", shell);
+ fprintf(add_fd, "loginShell: %s\n",
+ ((delta->account_info.acb_info & ACB_NORMAL) ?
+"/bin/bash" : "/bin/false"));
fprintf(add_fd, "gecos: System User\n");
fprintf(add_fd, "description: %s\n", description);
fprintf(add_fd, "sambaSID: %s-%d\n", sid, rid);
fprintf(add_fd, "sambaPrimaryGroupSID: %s\n", sambaSID);
- if(strcmp(fullname, blank) != 0)
+ if(*fullname)
fprintf(add_fd, "displayName: %s\n", fullname);
if (strcmp(nopasswd, hex_lm_passwd) != 0)
fprintf(add_fd, "sambaLMPassword: %s\n", hex_lm_passwd);
Modified: trunk/source/utils/net_rpc_samsync.c
===
--- trunk/source/utils/net_rpc_samsync.c2006-03-07 16:28:39 UTC (rev
13956)
+++ trunk/source/utils/net_rpc_samsync.c2006-03-07 16:29:25 UTC (rev
13957)
@@ -494,7 +494,7 @@
static NTSTATUS fetch_account_info(uint32 rid, SAM_ACCOUNT_INFO *delta)
{
- NTSTATUS nt_ret;
+ NTSTATUS nt_ret = NT_STATUS_UNSUCCESSFUL;
svn commit: samba r13949 - in trunk/source/lib: .
Author: jmcd Date: 2006-03-07 15:35:52 + (Tue, 07 Mar 2006) New Revision: 13949 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=13949 Log: Fix build. Remove rpcclient include. Modified: trunk/source/lib/display_sec.c Changeset: Modified: trunk/source/lib/display_sec.c === --- trunk/source/lib/display_sec.c 2006-03-07 15:32:18 UTC (rev 13948) +++ trunk/source/lib/display_sec.c 2006-03-07 15:35:52 UTC (rev 13949) @@ -20,7 +20,6 @@ */ #include "includes.h" -#include "rpcclient.h" / convert a security permissions into a string
svn commit: samba r13948 - in branches/SAMBA_3_0/source/lib: .
Author: jmcd Date: 2006-03-07 15:32:18 + (Tue, 07 Mar 2006) New Revision: 13948 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=13948 Log: Fix the build. Remove rpcclient.h include. Modified: branches/SAMBA_3_0/source/lib/display_sec.c Changeset: Modified: branches/SAMBA_3_0/source/lib/display_sec.c === --- branches/SAMBA_3_0/source/lib/display_sec.c 2006-03-07 15:27:35 UTC (rev 13947) +++ branches/SAMBA_3_0/source/lib/display_sec.c 2006-03-07 15:32:18 UTC (rev 13948) @@ -20,7 +20,6 @@ */ #include "includes.h" -#include "rpcclient.h" / convert a security permissions into a string
svn commit: samba r13188 - in trunk/examples/LDAP: .
Author: jmcd
Date: 2006-01-27 15:31:02 + (Fri, 27 Jan 2006)
New Revision: 13188
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=13188
Log:
Merge from 3.0 - samba schema updates for ITDS from [EMAIL PROTECTED]
Modified:
trunk/examples/LDAP/samba.schema.at.IBM-DS
trunk/examples/LDAP/samba.schema.oc.IBM-DS
Changeset:
Modified: trunk/examples/LDAP/samba.schema.at.IBM-DS
===
--- trunk/examples/LDAP/samba.schema.at.IBM-DS 2006-01-27 15:14:55 UTC (rev
13187)
+++ trunk/examples/LDAP/samba.schema.at.IBM-DS 2006-01-27 15:31:02 UTC (rev
13188)
@@ -76,3 +76,24 @@
attributetypes=( 1.3.6.1.4.1.7165.2.1.56 NAME 'sambaAccountPolicyName' DESC
'Account Policy Name' EQUALITY caseIgnoreMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.15{255} SINGLE-VALUE )
attributetypes=( 1.3.6.1.4.1.7165.2.1.57 NAME 'sambaAccountPolicyValue' DESC
'Account Policy Value' EQUALITY integerMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
+
+attributetypes=( 1.3.6.1.4.1.7165.2.1.58 NAME 'sambaMinPwdLength' DESC
'Minimal password length (default: 5)' EQUALITY integerMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
+
+attributetypes=( 1.3.6.1.4.1.7165.2.1.59 NAME 'sambaPwdHistoryLength' DESC
'Length of Password History Entries (default: 0 => off)' EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
+
+attributetypes=( 1.3.6.1.4.1.7165.2.1.60 NAME 'sambaLogonToChgPwd' DESC 'Force
Users to logon for password change (default: 0 => off, 2 => on)' EQUALITY
integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
+
+attributetypes=( 1.3.6.1.4.1.7165.2.1.61 NAME 'sambaMaxPwdAge' DESC 'Maximum
password age, in seconds (default: -1 => never expire passwords)' EQUALITY
integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
+
+attributetypes=( 1.3.6.1.4.1.7165.2.1.62 NAME 'sambaMinPwdAge' DESC 'Minimum
password age, in seconds (default: 0 => allow immediate password change)'
EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
+
+attributetypes=( 1.3.6.1.4.1.7165.2.1.63 NAME 'sambaLockoutDuration' DESC
'Lockout duration in minutes (default: 30, -1 => forever)' EQUALITY
integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
+
+attributetypes=( 1.3.6.1.4.1.7165.2.1.64 NAME 'sambaLockoutObservationWindow'
DESC 'Reset time after lockout in minutes (default: 30)' EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
+
+attributetypes=( 1.3.6.1.4.1.7165.2.1.65 NAME 'sambaLockoutThreshold' DESC
'Lockout users after bad logon attempts (default: 0 => off)' EQUALITY
integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
+
+attributetypes=( 1.3.6.1.4.1.7165.2.1.66 NAME 'sambaForceLogoff' DESC
'Disconnect Users outside logon hours (default: -1 => off, 0 => on)' EQUALITY
integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
+
+attributetypes=( 1.3.6.1.4.1.7165.2.1.67 NAME 'sambaRefuseMachinePwdChange'
DESC 'Allow Machine Password changes (default: 0 => off)' EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
+
Modified: trunk/examples/LDAP/samba.schema.oc.IBM-DS
===
--- trunk/examples/LDAP/samba.schema.oc.IBM-DS 2006-01-27 15:14:55 UTC (rev
13187)
+++ trunk/examples/LDAP/samba.schema.oc.IBM-DS 2006-01-27 15:31:02 UTC (rev
13188)
@@ -4,7 +4,7 @@
objectclasses=( 1.3.6.1.4.1.7165.2.2.4 NAME 'sambaGroupMapping' SUP top
AUXILIARY DESC 'Samba Group Mapping' MUST ( gidNumber $ sambaSID $
sambaGroupType ) MAY ( displayName $ description $ sambaSIDList ))
-objectclasses=( 1.3.6.1.4.1.7165.2.2.5 NAME 'sambaDomain' SUP top STRUCTURAL
DESC 'Samba Domain Information' MUST ( sambaDomainName $ sambaSID ) MAY (
sambaNextRid $ sambaNextGroupRid $ sambaNextUserRid $ sambaAlgorithmicRidBase )
)
+objectclasses=( 1.3.6.1.4.1.7165.2.2.5 NAME 'sambaDomain' SUP top STRUCTURAL
DESC 'Samba Domain Information' MUST ( sambaDomainName $ sambaSID ) MAY (
sambaNextRid $ sambaNextGroupRid $ sambaNextUserRid $ sambaAlgorithmicRidBase $
sambaMinPwdLength $ sambaPwdHistoryLength $ sambaLogonToChgPwd $ sambaMaxPwdAge
$ sambaMinPwdAge $ sambaLockoutDuration $ sambaLockoutObservationWindow $
sambaLockoutThreshold $ sambaForceLogoff $ sambaRefuseMachinePwdChange ) )
objectclasses=( 1.3.6.1.4.1.7165.1.2.2.7 NAME 'sambaUnixIdPool' SUP top
AUXILIARY DESC 'Pool for allocating UNIX uids/gids' MUST ( uidNumber $
gidNumber ) )
svn commit: samba r13187 - in branches/SAMBA_3_0/examples/LDAP: .
Author: jmcd
Date: 2006-01-27 15:14:55 + (Fri, 27 Jan 2006)
New Revision: 13187
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=13187
Log:
IBM Tivoli Directory Server schema updates from John Janosik
<[EMAIL PROTECTED]>
Modified:
branches/SAMBA_3_0/examples/LDAP/samba.schema.at.IBM-DS
branches/SAMBA_3_0/examples/LDAP/samba.schema.oc.IBM-DS
Changeset:
Modified: branches/SAMBA_3_0/examples/LDAP/samba.schema.at.IBM-DS
===
--- branches/SAMBA_3_0/examples/LDAP/samba.schema.at.IBM-DS 2006-01-27
13:29:47 UTC (rev 13186)
+++ branches/SAMBA_3_0/examples/LDAP/samba.schema.at.IBM-DS 2006-01-27
15:14:55 UTC (rev 13187)
@@ -76,3 +76,24 @@
attributetypes=( 1.3.6.1.4.1.7165.2.1.56 NAME 'sambaAccountPolicyName' DESC
'Account Policy Name' EQUALITY caseIgnoreMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.15{255} SINGLE-VALUE )
attributetypes=( 1.3.6.1.4.1.7165.2.1.57 NAME 'sambaAccountPolicyValue' DESC
'Account Policy Value' EQUALITY integerMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
+
+attributetypes=( 1.3.6.1.4.1.7165.2.1.58 NAME 'sambaMinPwdLength' DESC
'Minimal password length (default: 5)' EQUALITY integerMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
+
+attributetypes=( 1.3.6.1.4.1.7165.2.1.59 NAME 'sambaPwdHistoryLength' DESC
'Length of Password History Entries (default: 0 => off)' EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
+
+attributetypes=( 1.3.6.1.4.1.7165.2.1.60 NAME 'sambaLogonToChgPwd' DESC 'Force
Users to logon for password change (default: 0 => off, 2 => on)' EQUALITY
integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
+
+attributetypes=( 1.3.6.1.4.1.7165.2.1.61 NAME 'sambaMaxPwdAge' DESC 'Maximum
password age, in seconds (default: -1 => never expire passwords)' EQUALITY
integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
+
+attributetypes=( 1.3.6.1.4.1.7165.2.1.62 NAME 'sambaMinPwdAge' DESC 'Minimum
password age, in seconds (default: 0 => allow immediate password change)'
EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
+
+attributetypes=( 1.3.6.1.4.1.7165.2.1.63 NAME 'sambaLockoutDuration' DESC
'Lockout duration in minutes (default: 30, -1 => forever)' EQUALITY
integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
+
+attributetypes=( 1.3.6.1.4.1.7165.2.1.64 NAME 'sambaLockoutObservationWindow'
DESC 'Reset time after lockout in minutes (default: 30)' EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
+
+attributetypes=( 1.3.6.1.4.1.7165.2.1.65 NAME 'sambaLockoutThreshold' DESC
'Lockout users after bad logon attempts (default: 0 => off)' EQUALITY
integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
+
+attributetypes=( 1.3.6.1.4.1.7165.2.1.66 NAME 'sambaForceLogoff' DESC
'Disconnect Users outside logon hours (default: -1 => off, 0 => on)' EQUALITY
integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
+
+attributetypes=( 1.3.6.1.4.1.7165.2.1.67 NAME 'sambaRefuseMachinePwdChange'
DESC 'Allow Machine Password changes (default: 0 => off)' EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
+
Modified: branches/SAMBA_3_0/examples/LDAP/samba.schema.oc.IBM-DS
===
--- branches/SAMBA_3_0/examples/LDAP/samba.schema.oc.IBM-DS 2006-01-27
13:29:47 UTC (rev 13186)
+++ branches/SAMBA_3_0/examples/LDAP/samba.schema.oc.IBM-DS 2006-01-27
15:14:55 UTC (rev 13187)
@@ -4,7 +4,7 @@
objectclasses=( 1.3.6.1.4.1.7165.2.2.4 NAME 'sambaGroupMapping' SUP top
AUXILIARY DESC 'Samba Group Mapping' MUST ( gidNumber $ sambaSID $
sambaGroupType ) MAY ( displayName $ description $ sambaSIDList ))
-objectclasses=( 1.3.6.1.4.1.7165.2.2.5 NAME 'sambaDomain' SUP top STRUCTURAL
DESC 'Samba Domain Information' MUST ( sambaDomainName $ sambaSID ) MAY (
sambaNextRid $ sambaNextGroupRid $ sambaNextUserRid $ sambaAlgorithmicRidBase )
)
+objectclasses=( 1.3.6.1.4.1.7165.2.2.5 NAME 'sambaDomain' SUP top STRUCTURAL
DESC 'Samba Domain Information' MUST ( sambaDomainName $ sambaSID ) MAY (
sambaNextRid $ sambaNextGroupRid $ sambaNextUserRid $ sambaAlgorithmicRidBase $
sambaMinPwdLength $ sambaPwdHistoryLength $ sambaLogonToChgPwd $ sambaMaxPwdAge
$ sambaMinPwdAge $ sambaLockoutDuration $ sambaLockoutObservationWindow $
sambaLockoutThreshold $ sambaForceLogoff $ sambaRefuseMachinePwdChange ) )
objectclasses=( 1.3.6.1.4.1.7165.1.2.2.7 NAME 'sambaUnixIdPool' SUP top
AUXILIARY DESC 'Pool for allocating UNIX uids/gids' MUST ( uidNumber $
gidNumber ) )
svn commit: samba r11886 - branches/SAMBA_3_0/source/auth trunk/source/auth
Author: jmcd
Date: 2005-11-23 22:08:57 + (Wed, 23 Nov 2005)
New Revision: 11886
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=11886
Log:
Fix 3187: logon hours restrictions were off corresponding to our offset from
GMT. Use gmtime() instead of localtime() in the calc, but still use
localtime() in displaying it.
Modified:
branches/SAMBA_3_0/source/auth/auth_sam.c
trunk/source/auth/auth_sam.c
Changeset:
Modified: branches/SAMBA_3_0/source/auth/auth_sam.c
===
--- branches/SAMBA_3_0/source/auth/auth_sam.c 2005-11-23 18:49:30 UTC (rev
11885)
+++ branches/SAMBA_3_0/source/auth/auth_sam.c 2005-11-23 22:08:57 UTC (rev
11886)
@@ -88,7 +88,7 @@
}
lasttime = (time_t)smb_last_time.tv_sec;
- utctime = localtime(&lasttime);
+ utctime = gmtime(&lasttime);
/* find the corresponding byte and bit */
bitpos = (utctime->tm_wday * 24 + utctime->tm_hour) % 168;
@@ -96,7 +96,8 @@
if (! (hours[bitpos/8] & bitmask)) {
DEBUG(1,("logon_hours_ok: Account for user %s not allowed to
logon at this time (%s).\n",
- pdb_get_username(sampass), asctime(utctime) ));
+ pdb_get_username(sampass),
+ asctime(localtime(&lasttime)) ));
return False;
}
Modified: trunk/source/auth/auth_sam.c
===
--- trunk/source/auth/auth_sam.c2005-11-23 18:49:30 UTC (rev 11885)
+++ trunk/source/auth/auth_sam.c2005-11-23 22:08:57 UTC (rev 11886)
@@ -88,7 +88,7 @@
}
lasttime = (time_t)smb_last_time.tv_sec;
- utctime = localtime(&lasttime);
+ utctime = gmtime(&lasttime);
/* find the corresponding byte and bit */
bitpos = (utctime->tm_wday * 24 + utctime->tm_hour) % 168;
@@ -96,7 +96,8 @@
if (! (hours[bitpos/8] & bitmask)) {
DEBUG(1,("logon_hours_ok: Account for user %s not allowed to
logon at this time (%s).\n",
- pdb_get_username(sampass), asctime(utctime) ));
+ pdb_get_username(sampass),
+ asctime(localtime(&lasttime)) ));
return False;
}
svn commit: samba r11236 - branches/SAMBA_3_0/source/passdb branches/SAMBA_3_0/source/rpc_server trunk/source/passdb trunk/source/rpc_server
Author: jmcd Date: 2005-10-20 20:40:47 + (Thu, 20 Oct 2005) New Revision: 11236 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=11236 Log: Implement user rename for smbpasswd and ldap backends. Some cleanup on tdb as well to make naming consistent. Modified: branches/SAMBA_3_0/source/passdb/pdb_ldap.c branches/SAMBA_3_0/source/passdb/pdb_smbpasswd.c branches/SAMBA_3_0/source/passdb/pdb_tdb.c branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c trunk/source/passdb/pdb_ldap.c trunk/source/passdb/pdb_smbpasswd.c trunk/source/passdb/pdb_tdb.c trunk/source/rpc_server/srv_samr_nt.c Changeset: Sorry, the patch is too large (449 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=11236
svn commit: samba r11230 - branches/SAMBA_3_0/source/lib trunk/source/lib
Author: jmcd Date: 2005-10-20 16:07:36 + (Thu, 20 Oct 2005) New Revision: 11230 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=11230 Log: Remove the '//' i was using to test something...oops Modified: branches/SAMBA_3_0/source/lib/util_sid.c trunk/source/lib/util_sid.c Changeset: Modified: branches/SAMBA_3_0/source/lib/util_sid.c === --- branches/SAMBA_3_0/source/lib/util_sid.c2005-10-20 16:05:12 UTC (rev 11229) +++ branches/SAMBA_3_0/source/lib/util_sid.c2005-10-20 16:07:36 UTC (rev 11230) @@ -267,7 +267,7 @@ return False; } -// ZERO_STRUCTP(sidout); + ZERO_STRUCTP(sidout); /* Get the revision number. */ p = sidstr + 2; Modified: trunk/source/lib/util_sid.c === --- trunk/source/lib/util_sid.c 2005-10-20 16:05:12 UTC (rev 11229) +++ trunk/source/lib/util_sid.c 2005-10-20 16:07:36 UTC (rev 11230) @@ -267,7 +267,7 @@ return False; } -// ZERO_STRUCTP(sidout); + ZERO_STRUCTP(sidout); /* Get the revision number. */ p = sidstr + 2;
svn commit: samba r11229 - branches/SAMBA_3_0/source/lib trunk/source/lib
Author: jmcd
Date: 2005-10-20 16:05:12 + (Thu, 20 Oct 2005)
New Revision: 11229
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=11229
Log:
an even bigger speedup spotted by Volker. string_to_sid() is now taking 1/5th
the time it used to. Replace strcasecmp with invididual char checks for
"S-" sid prefix.
Modified:
branches/SAMBA_3_0/source/lib/util_sid.c
trunk/source/lib/util_sid.c
Changeset:
Modified: branches/SAMBA_3_0/source/lib/util_sid.c
===
--- branches/SAMBA_3_0/source/lib/util_sid.c2005-10-20 15:09:41 UTC (rev
11228)
+++ branches/SAMBA_3_0/source/lib/util_sid.c2005-10-20 16:05:12 UTC (rev
11229)
@@ -262,12 +262,12 @@
/* BIG NOTE: this function only does SIDS where the identauth is not >=
2^32 */
uint32 conv;
- if (StrnCaseCmp( sidstr, "S-", 2)) {
+ if ((sidstr[0] != 'S' && sidstr[0] != 's') || sidstr[1] != '-') {
DEBUG(0,("string_to_sid: Sid %s does not start with 'S-'.\n",
sidstr));
return False;
}
- ZERO_STRUCTP(sidout);
+// ZERO_STRUCTP(sidout);
/* Get the revision number. */
p = sidstr + 2;
Modified: trunk/source/lib/util_sid.c
===
--- trunk/source/lib/util_sid.c 2005-10-20 15:09:41 UTC (rev 11228)
+++ trunk/source/lib/util_sid.c 2005-10-20 16:05:12 UTC (rev 11229)
@@ -262,12 +262,12 @@
/* BIG NOTE: this function only does SIDS where the identauth is not >=
2^32 */
uint32 conv;
- if (StrnCaseCmp( sidstr, "S-", 2)) {
+ if ((sidstr[0] != 'S' && sidstr[0] != 's') || sidstr[1] != '-') {
DEBUG(0,("string_to_sid: Sid %s does not start with 'S-'.\n",
sidstr));
return False;
}
- ZERO_STRUCTP(sidout);
+// ZERO_STRUCTP(sidout);
/* Get the revision number. */
p = sidstr + 2;
svn commit: samba r11228 - branches/SAMBA_3_0/source/lib trunk/source/lib
Author: jmcd
Date: 2005-10-20 15:09:41 + (Thu, 20 Oct 2005)
New Revision: 11228
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=11228
Log:
Speed up string_to_sid by removing next_token calls, thus eliminating
the need for allocating memory to duplicate the string.
Modified:
branches/SAMBA_3_0/source/lib/util_sid.c
trunk/source/lib/util_sid.c
Changeset:
Modified: branches/SAMBA_3_0/source/lib/util_sid.c
===
--- branches/SAMBA_3_0/source/lib/util_sid.c2005-10-20 14:29:24 UTC (rev
11227)
+++ branches/SAMBA_3_0/source/lib/util_sid.c2005-10-20 15:09:41 UTC (rev
11228)
@@ -6,6 +6,7 @@
Copyright (C) Jeremy Allison1999
Copyright (C) Stefan (metze) Metzmacher 2002
Copyright (C) Simo Sorce2002
+ Copyright (C) Jim McDonough <[EMAIL PROTECTED]> 2005
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -256,63 +257,55 @@
BOOL string_to_sid(DOM_SID *sidout, const char *sidstr)
{
- pstring tok;
- char *q;
const char *p;
+ char *q;
/* BIG NOTE: this function only does SIDS where the identauth is not >=
2^32 */
- uint32 ia;
+ uint32 conv;
if (StrnCaseCmp( sidstr, "S-", 2)) {
DEBUG(0,("string_to_sid: Sid %s does not start with 'S-'.\n",
sidstr));
return False;
}
- memset((char *)sidout, '\0', sizeof(DOM_SID));
+ ZERO_STRUCTP(sidout);
- p = q = SMB_STRDUP(sidstr + 2);
- if (p == NULL) {
- DEBUG(0, ("string_to_sid: out of memory!\n"));
- return False;
- }
-
- if (!next_token(&p, tok, "-", sizeof(tok))) {
+ /* Get the revision number. */
+ p = sidstr + 2;
+ conv = (uint32) strtoul(p, &q, 10);
+ if (!q || (*q != '-')) {
DEBUG(0,("string_to_sid: Sid %s is not in a valid format.\n",
sidstr));
- SAFE_FREE(q);
return False;
}
+ sidout->sid_rev_num = (uint8) conv;
+ q++;
- /* Get the revision number. */
- sidout->sid_rev_num = (uint8)strtoul(tok, NULL, 10);
-
- if (!next_token(&p, tok, "-", sizeof(tok))) {
+ /* get identauth */
+ conv = (uint32) strtoul(q, &q, 10);
+ if (!q || (*q != '-')) {
DEBUG(0,("string_to_sid: Sid %s is not in a valid format.\n",
sidstr));
- SAFE_FREE(q);
return False;
}
-
/* identauth in decimal should be < 2^32 */
- ia = (uint32)strtoul(tok, NULL, 10);
-
- /* NOTE - the ia value is in big-endian format. */
+ /* NOTE - the conv value is in big-endian format. */
sidout->id_auth[0] = 0;
sidout->id_auth[1] = 0;
- sidout->id_auth[2] = (ia & 0xff00) >> 24;
- sidout->id_auth[3] = (ia & 0x00ff) >> 16;
- sidout->id_auth[4] = (ia & 0xff00) >> 8;
- sidout->id_auth[5] = (ia & 0x00ff);
+ sidout->id_auth[2] = (conv & 0xff00) >> 24;
+ sidout->id_auth[3] = (conv & 0x00ff) >> 16;
+ sidout->id_auth[4] = (conv & 0xff00) >> 8;
+ sidout->id_auth[5] = (conv & 0x00ff);
+ q++;
sidout->num_auths = 0;
- while(next_token(&p, tok, "-", sizeof(tok)) &&
- sidout->num_auths < MAXSUBAUTHS) {
- /*
-* NOTE - the subauths are in native machine-endian format. They
-* are converted to little-endian when linearized onto the wire.
-*/
- sid_append_rid(sidout, (uint32)strtoul(tok, NULL, 10));
+ for(conv = (uint32) strtoul(q, &q, 10);
+ q && (*q =='-' || *q =='\0') && (sidout->num_auths < MAXSUBAUTHS);
+ conv = (uint32) strtoul(q, &q, 10)) {
+ sid_append_rid(sidout, conv);
+ if (*q == '\0')
+ break;
+ q++;
}
-
- SAFE_FREE(q);
+
return True;
}
Modified: trunk/source/lib/util_sid.c
===
--- trunk/source/lib/util_sid.c 2005-10-20 14:29:24 UTC (rev 11227)
+++ trunk/source/lib/util_sid.c 2005-10-20 15:09:41 UTC (rev 11228)
@@ -6,6 +6,7 @@
Copyright (C) Jeremy Allison1999
Copyright (C) Stefan (metze) Metzmacher 2002
Copyright (C) Simo Sorce2002
+ Copyright (C) Jim McDonough <[EMAIL PROTECTED]> 2005
svn commit: samba r10911 - branches/SAMBA_3_0/source/include branches/SAMBA_3_0/source/param branches/SAMBA_3_0/source/passdb branches/SAMBA_3_0/source/rpc_server trunk/source/include trunk/source/par
Author: jmcd Date: 2005-10-11 20:14:04 + (Tue, 11 Oct 2005) New Revision: 10911 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=10911 Log: part of #2861: add rename support for usrmgr.exe when using tdbsam This gets it working before replacing tdb with the samba4 version. Modified: branches/SAMBA_3_0/source/include/passdb.h branches/SAMBA_3_0/source/param/loadparm.c branches/SAMBA_3_0/source/passdb/pdb_interface.c branches/SAMBA_3_0/source/passdb/pdb_tdb.c branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c trunk/source/include/passdb.h trunk/source/param/loadparm.c trunk/source/passdb/pdb_interface.c trunk/source/passdb/pdb_tdb.c trunk/source/rpc_server/srv_samr_nt.c Changeset: Sorry, the patch is too large (1081 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=10911
svn commit: samba r10910 - in trunk/source: include libsmb utils
Author: jmcd
Date: 2005-10-11 18:53:13 + (Tue, 11 Oct 2005)
New Revision: 10910
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=10910
Log:
Give better shutdown messages
Modified:
trunk/source/include/doserr.h
trunk/source/libsmb/doserr.c
trunk/source/utils/net_rpc.c
Changeset:
Modified: trunk/source/include/doserr.h
===
--- trunk/source/include/doserr.h 2005-10-11 18:42:25 UTC (rev 10909)
+++ trunk/source/include/doserr.h 2005-10-11 18:53:13 UTC (rev 10910)
@@ -196,6 +196,7 @@
#define WERR_REG_FILE_INVALID W_ERROR(1017)
#define WERR_NO_SUCH_SERVICE W_ERROR(1060)
#define WERR_INVALID_SERVICE_CONTROL W_ERROR(1052)
+#define WERR_MACHINE_LOCKED W_ERROR(1271)
#define WERR_INVALID_SECURITY_DESCRIPTOR W_ERROR(1338)
#define WERR_EVENTLOG_FILE_CORRUPT W_ERROR(1500)
#define WERR_SERVER_UNAVAILABLE W_ERROR(1722)
Modified: trunk/source/libsmb/doserr.c
===
--- trunk/source/libsmb/doserr.c2005-10-11 18:42:25 UTC (rev 10909)
+++ trunk/source/libsmb/doserr.c2005-10-11 18:53:13 UTC (rev 10910)
@@ -66,6 +66,7 @@
{ "WERR_DFS_NO_SUCH_SERVER", WERR_DFS_NO_SUCH_SERVER },
{ "WERR_DFS_INTERNAL_ERROR", WERR_DFS_INTERNAL_ERROR },
{ "WERR_DFS_CANT_CREATE_JUNCT", WERR_DFS_CANT_CREATE_JUNCT },
+ { "WERR_MACHINE_LOCKED", WERR_MACHINE_LOCKED },
{ "WERR_INVALID_SECURITY_DESCRIPTOR", WERR_INVALID_SECURITY_DESCRIPTOR
},
{ "WERR_INVALID_OWNER", WERR_INVALID_OWNER },
{ "WERR_SERVER_UNAVAILABLE", WERR_SERVER_UNAVAILABLE },
Modified: trunk/source/utils/net_rpc.c
===
--- trunk/source/utils/net_rpc.c2005-10-11 18:42:25 UTC (rev 10909)
+++ trunk/source/utils/net_rpc.c2005-10-11 18:53:13 UTC (rev 10910)
@@ -4610,9 +4610,9 @@
if (NT_STATUS_IS_OK(result)) {
d_printf("\nShutdown of remote machine succeeded\n");
DEBUG(5,("Shutdown of remote machine succeeded\n"));
- } else
- DEBUG(0,("Shutdown of remote machine failed!\n"));
-
+ } else {
+ DEBUG(1,("Shutdown of remote machine failed!\n"));
+ }
return result;
}
@@ -4640,7 +4640,7 @@
int argc,
const char **argv)
{
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+ WERROR result;
const char *msg = "This machine will be shutdown shortly";
uint32 timeout = 20;
#if 0
@@ -4676,16 +4676,19 @@
}
/* create an entry */
- result = werror_to_ntstatus(rpccli_reg_shutdown(pipe_hnd, mem_ctx, msg,
timeout, opt_reboot, opt_force));
+ result = rpccli_reg_shutdown(pipe_hnd, mem_ctx, msg, timeout,
opt_reboot, opt_force);
- if (NT_STATUS_IS_OK(result)) {
+ if (W_ERROR_IS_OK(result)) {
d_printf("\nShutdown of remote machine succeeded\n");
- DEBUG(5,("Shutdown of remote machine succeeded\n"));
+ } else {
+ d_printf("\nShutdown of remote machine failed\n");
+ if (W_ERROR_EQUAL(result,WERR_MACHINE_LOCKED))
+ d_printf("\nMachine locked, use -f switch to force\n");
+ else
+ d_printf("\nresult was: %s\n", dos_errstr(result));
}
- else
- DEBUG(0,("Shutdown of remote machine failed!\n"));
- return result;
+ return werror_to_ntstatus(result);
}
/**
@@ -4703,13 +4706,14 @@
int rc = run_rpc_command(NULL, PI_SHUTDOWN, 0,
rpc_init_shutdown_internals,
argc, argv);
- if (rc == 0)
- return rc;
- DEBUG(1, ("initshutdown pipe didn't work, trying winreg pipe\n"));
+ if (rc) {
+ DEBUG(1, ("initshutdown pipe failed, trying winreg pipe\n"));
+ rc = run_rpc_command(NULL, PI_WINREG, 0,
+rpc_reg_shutdown_internals, argc, argv);
+ }
- return run_rpc_command(NULL, PI_WINREG, 0, rpc_reg_shutdown_internals,
- argc, argv);
+ return rc;
}
/***
svn commit: samba r10909 - in branches/SAMBA_3_0/source: include libsmb utils
Author: jmcd
Date: 2005-10-11 18:42:25 + (Tue, 11 Oct 2005)
New Revision: 10909
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=10909
Log:
Give better shutdown messages
Modified:
branches/SAMBA_3_0/source/include/doserr.h
branches/SAMBA_3_0/source/libsmb/doserr.c
branches/SAMBA_3_0/source/utils/net_rpc.c
Changeset:
Modified: branches/SAMBA_3_0/source/include/doserr.h
===
--- branches/SAMBA_3_0/source/include/doserr.h 2005-10-11 17:36:29 UTC (rev
10908)
+++ branches/SAMBA_3_0/source/include/doserr.h 2005-10-11 18:42:25 UTC (rev
10909)
@@ -196,6 +196,7 @@
#define WERR_REG_FILE_INVALID W_ERROR(1017)
#define WERR_NO_SUCH_SERVICE W_ERROR(1060)
#define WERR_INVALID_SERVICE_CONTROL W_ERROR(1052)
+#define WERR_MACHINE_LOCKED W_ERROR(1271)
#define WERR_INVALID_SECURITY_DESCRIPTOR W_ERROR(1338)
#define WERR_SERVER_UNAVAILABLE W_ERROR(1722)
#define WERR_INVALID_FORM_NAME W_ERROR(1902)
Modified: branches/SAMBA_3_0/source/libsmb/doserr.c
===
--- branches/SAMBA_3_0/source/libsmb/doserr.c 2005-10-11 17:36:29 UTC (rev
10908)
+++ branches/SAMBA_3_0/source/libsmb/doserr.c 2005-10-11 18:42:25 UTC (rev
10909)
@@ -66,6 +66,7 @@
{ "WERR_DFS_NO_SUCH_SERVER", WERR_DFS_NO_SUCH_SERVER },
{ "WERR_DFS_INTERNAL_ERROR", WERR_DFS_INTERNAL_ERROR },
{ "WERR_DFS_CANT_CREATE_JUNCT", WERR_DFS_CANT_CREATE_JUNCT },
+ { "WERR_MACHINE_LOCKED", WERR_MACHINE_LOCKED },
{ "WERR_INVALID_SECURITY_DESCRIPTOR", WERR_INVALID_SECURITY_DESCRIPTOR
},
{ "WERR_INVALID_OWNER", WERR_INVALID_OWNER },
{ "WERR_SERVER_UNAVAILABLE", WERR_SERVER_UNAVAILABLE },
Modified: branches/SAMBA_3_0/source/utils/net_rpc.c
===
--- branches/SAMBA_3_0/source/utils/net_rpc.c 2005-10-11 17:36:29 UTC (rev
10908)
+++ branches/SAMBA_3_0/source/utils/net_rpc.c 2005-10-11 18:42:25 UTC (rev
10909)
@@ -4610,9 +4610,9 @@
if (NT_STATUS_IS_OK(result)) {
d_printf("\nShutdown of remote machine succeeded\n");
DEBUG(5,("Shutdown of remote machine succeeded\n"));
- } else
- DEBUG(0,("Shutdown of remote machine failed!\n"));
-
+ } else {
+ DEBUG(1,("Shutdown of remote machine failed!\n"));
+ }
return result;
}
@@ -4640,7 +4640,7 @@
int argc,
const char **argv)
{
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+ WERROR result;
const char *msg = "This machine will be shutdown shortly";
uint32 timeout = 20;
#if 0
@@ -4676,16 +4676,19 @@
}
/* create an entry */
- result = werror_to_ntstatus(rpccli_reg_shutdown(pipe_hnd, mem_ctx, msg,
timeout, opt_reboot, opt_force));
+ result = rpccli_reg_shutdown(pipe_hnd, mem_ctx, msg, timeout,
opt_reboot, opt_force);
- if (NT_STATUS_IS_OK(result)) {
+ if (W_ERROR_IS_OK(result)) {
d_printf("\nShutdown of remote machine succeeded\n");
- DEBUG(5,("Shutdown of remote machine succeeded\n"));
+ } else {
+ d_printf("\nShutdown of remote machine failed\n");
+ if (W_ERROR_EQUAL(result,WERR_MACHINE_LOCKED))
+ d_printf("\nMachine locked, use -f switch to force\n");
+ else
+ d_printf("\nresult was: %s\n", dos_errstr(result));
}
- else
- DEBUG(0,("Shutdown of remote machine failed!\n"));
- return result;
+ return werror_to_ntstatus(result);
}
/**
@@ -4703,13 +4706,14 @@
int rc = run_rpc_command(NULL, PI_SHUTDOWN, 0,
rpc_init_shutdown_internals,
argc, argv);
- if (rc == 0)
- return rc;
- DEBUG(1, ("initshutdown pipe didn't work, trying winreg pipe\n"));
+ if (rc) {
+ DEBUG(1, ("initshutdown pipe failed, trying winreg pipe\n"));
+ rc = run_rpc_command(NULL, PI_WINREG, 0,
+rpc_reg_shutdown_internals, argc, argv);
+ }
- return run_rpc_command(NULL, PI_WINREG, 0, rpc_reg_shutdown_internals,
- argc, argv);
+ return rc;
}
/***
svn commit: samba r10248 - in trunk/source/utils: .
Author: jmcd
Date: 2005-09-15 20:41:25 + (Thu, 15 Sep 2005)
New Revision: 10248
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=10248
Log:
Fix help text for net rpc shutdown
Modified:
trunk/source/utils/net_rpc.c
Changeset:
Modified: trunk/source/utils/net_rpc.c
===
--- trunk/source/utils/net_rpc.c2005-09-15 20:39:57 UTC (rev 10247)
+++ trunk/source/utils/net_rpc.c2005-09-15 20:41:25 UTC (rev 10248)
@@ -6121,7 +6121,7 @@
d_printf("\t-r or --reboot\trequest remote server reboot on
shutdown\n");
d_printf("\t-f or --force\trequest the remote server force its
shutdown\n");
d_printf("\t-t or --timeout=\tnumber of seconds before
shutdown\n");
- d_printf("\t-c or --comment=\ttext message to display on
impending shutdown\n");
+ d_printf("\t-C or --comment=\ttext message to display on
impending shutdown\n");
return -1;
}
svn commit: samba r10247 - in branches/SAMBA_3_0/source/utils: .
Author: jmcd
Date: 2005-09-15 20:39:57 + (Thu, 15 Sep 2005)
New Revision: 10247
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=10247
Log:
Fix help text for net rpc shutdown.
Modified:
branches/SAMBA_3_0/source/utils/net_rpc.c
Changeset:
Modified: branches/SAMBA_3_0/source/utils/net_rpc.c
===
--- branches/SAMBA_3_0/source/utils/net_rpc.c 2005-09-15 20:03:35 UTC (rev
10246)
+++ branches/SAMBA_3_0/source/utils/net_rpc.c 2005-09-15 20:39:57 UTC (rev
10247)
@@ -4469,7 +4469,10 @@
if (opt_comment) {
msg = opt_comment;
+ } else {
+ msg = "";
}
+
if (opt_timeout) {
timeout = opt_timeout;
}
@@ -5965,7 +5968,7 @@
d_printf("\t-r or --reboot\trequest remote server reboot on
shutdown\n");
d_printf("\t-f or --force\trequest the remote server force its
shutdown\n");
d_printf("\t-t or --timeout=\tnumber of seconds before
shutdown\n");
- d_printf("\t-c or --comment=\ttext message to display on
impending shutdown\n");
+ d_printf("\t-C or --comment=\ttext message to display on
impending shutdown\n");
return -1;
}
svn commit: samba-web r794 - in trunk/patches: .
Author: jmcd Date: 2005-08-29 21:20:56 + (Mon, 29 Aug 2005) New Revision: 794 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba-web&rev=794 Log: Fix typos. Modified: trunk/patches/index.html Changeset: Modified: trunk/patches/index.html === --- trunk/patches/index.html2005-08-29 21:06:08 UTC (rev 793) +++ trunk/patches/index.html2005-08-29 21:20:56 UTC (rev 794) @@ -49,9 +49,9 @@ group_enum_v3 (ldap) -Fixes a regression in which groups in the mapping table where displayed by the -Unix group name and no the display name (e.g. ntadmin rather that 'Domain Admins'). -Only neede for installations using the ldapsam passdb backend. +Fixes a regression in which groups in the mapping table were displayed by the +Unix group name and not the display name (e.g. ntadmin rather that 'Domain Admins'). +Only needed for installations using the ldapsam passdb backend. AIX 5 & Win98 endless directory loop
svn commit: samba r9262 - in trunk/source/rpc_server: .
Author: jmcd
Date: 2005-08-12 15:28:21 + (Fri, 12 Aug 2005)
New Revision: 9262
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=9262
Log:
Fix #2976: windows member servers wouldn't alloc connections from users
defined locally because if we didn't find them as a DC we were marking
the response as authoritative. Now if it's not a domain we know, we
mark the response non-authoritative.
Fix from [EMAIL PROTECTED]
Modified:
trunk/source/rpc_server/srv_netlog_nt.c
Changeset:
Modified: trunk/source/rpc_server/srv_netlog_nt.c
===
--- trunk/source/rpc_server/srv_netlog_nt.c 2005-08-12 15:28:19 UTC (rev
9261)
+++ trunk/source/rpc_server/srv_netlog_nt.c 2005-08-12 15:28:21 UTC (rev
9262)
@@ -716,6 +716,15 @@
/* Check account and password */
if (!NT_STATUS_IS_OK(status)) {
+ /* If we don't know what this domain is, we need to
+ indicate that we are not authoritative. This
+ allows the client to decide if it needs to try
+ a local user. Fix by [EMAIL PROTECTED], #2976 */
+if ( NT_STATUS_EQUAL(status, NT_STATUS_NO_SUCH_USER)
+&& !strequal(nt_domain, get_global_sam_name())
+&& !is_trusted_domain(nt_domain) )
+ r_u->auth_resp = 0; /* We are not authoritative */
+
free_server_info(&server_info);
return status;
}
svn commit: samba r9261 - in branches/SAMBA_3_0/source/rpc_server: .
Author: jmcd
Date: 2005-08-12 15:28:19 + (Fri, 12 Aug 2005)
New Revision: 9261
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=9261
Log:
Fix #2976: windows member servers wouldn't alloc connections from users
defined locally because if we didn't find them as a DC we were marking
the response as authoritative. Now if it's not a domain we know, we
mark the response non-authoritative.
Fix from [EMAIL PROTECTED]
Modified:
branches/SAMBA_3_0/source/rpc_server/srv_netlog_nt.c
Changeset:
Modified: branches/SAMBA_3_0/source/rpc_server/srv_netlog_nt.c
===
--- branches/SAMBA_3_0/source/rpc_server/srv_netlog_nt.c2005-08-12
09:51:40 UTC (rev 9260)
+++ branches/SAMBA_3_0/source/rpc_server/srv_netlog_nt.c2005-08-12
15:28:19 UTC (rev 9261)
@@ -716,6 +716,15 @@
/* Check account and password */
if (!NT_STATUS_IS_OK(status)) {
+ /* If we don't know what this domain is, we need to
+ indicate that we are not authoritative. This
+ allows the client to decide if it needs to try
+ a local user. Fix by [EMAIL PROTECTED], #2976 */
+if ( NT_STATUS_EQUAL(status, NT_STATUS_NO_SUCH_USER)
+&& !strequal(nt_domain, get_global_sam_name())
+&& !is_trusted_domain(nt_domain) )
+ r_u->auth_resp = 0; /* We are not authoritative */
+
free_server_info(&server_info);
return status;
}
svn commit: samba r9243 - in trunk/source/rpc_server: .
Author: jmcd
Date: 2005-08-11 19:46:19 + (Thu, 11 Aug 2005)
New Revision: 9243
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=9243
Log:
Fix my fix for #2953. I'd moved too much code until after we verify the user,
causing netlogon to return an invalid response for failed interactive logons.
Modified:
trunk/source/rpc_server/srv_netlog_nt.c
Changeset:
Modified: trunk/source/rpc_server/srv_netlog_nt.c
===
--- trunk/source/rpc_server/srv_netlog_nt.c 2005-08-11 19:45:53 UTC (rev
9242)
+++ trunk/source/rpc_server/srv_netlog_nt.c 2005-08-11 19:46:19 UTC (rev
9243)
@@ -606,6 +606,9 @@
if (!(p->dc.authenticated && deal_with_creds(p->dc.sess_key,
&p->dc.clnt_cred, &q_u->sam_id.client.cred, &srv_cred)))
return NT_STATUS_INVALID_HANDLE;
+ r_u->buffer_creds = 1; /* yes, we have valid server credentials */
+ memcpy(&r_u->srv_creds, &srv_cred, sizeof(r_u->srv_creds));
+
/* find the username */
switch (q_u->sam_id.logon_level) {
@@ -723,9 +726,6 @@
reseed_client_creds(&p->dc.clnt_cred, &q_u->sam_id.client.cred);
memcpy(&p->dc.srv_cred, &p->dc.clnt_cred, sizeof(p->dc.clnt_cred));
- r_u->buffer_creds = 1; /* yes, we have valid server credentials */
- memcpy(&r_u->srv_creds, &srv_cred, sizeof(r_u->srv_creds));
-
if (server_info->guest) {
/* We don't like guest domain logons... */
DEBUG(5,("_net_sam_logon: Attempted domain logon as GUEST
denied.\n"));
svn commit: samba r9242 - in branches/SAMBA_3_0/source/rpc_server: .
Author: jmcd
Date: 2005-08-11 19:45:53 + (Thu, 11 Aug 2005)
New Revision: 9242
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=9242
Log:
Fix my fix for #2953. I'd moved too much code until after we verify the user,
causing netlogon to return an invalid response for failed interactive logons.
Modified:
branches/SAMBA_3_0/source/rpc_server/srv_netlog_nt.c
Changeset:
Modified: branches/SAMBA_3_0/source/rpc_server/srv_netlog_nt.c
===
--- branches/SAMBA_3_0/source/rpc_server/srv_netlog_nt.c2005-08-11
18:23:01 UTC (rev 9241)
+++ branches/SAMBA_3_0/source/rpc_server/srv_netlog_nt.c2005-08-11
19:45:53 UTC (rev 9242)
@@ -606,6 +606,9 @@
if (!(p->dc.authenticated && deal_with_creds(p->dc.sess_key,
&p->dc.clnt_cred, &q_u->sam_id.client.cred, &srv_cred)))
return NT_STATUS_INVALID_HANDLE;
+ r_u->buffer_creds = 1; /* yes, we have valid server credentials */
+ memcpy(&r_u->srv_creds, &srv_cred, sizeof(r_u->srv_creds));
+
/* find the username */
switch (q_u->sam_id.logon_level) {
@@ -723,9 +726,6 @@
reseed_client_creds(&p->dc.clnt_cred, &q_u->sam_id.client.cred);
memcpy(&p->dc.srv_cred, &p->dc.clnt_cred, sizeof(p->dc.clnt_cred));
- r_u->buffer_creds = 1; /* yes, we have valid server credentials */
- memcpy(&r_u->srv_creds, &srv_cred, sizeof(r_u->srv_creds));
-
if (server_info->guest) {
/* We don't like guest domain logons... */
DEBUG(5,("_net_sam_logon: Attempted domain logon as GUEST
denied.\n"));
svn commit: samba r9113 - in trunk/source: libsmb rpc_server
Author: jmcd
Date: 2005-08-05 12:33:03 + (Fri, 05 Aug 2005)
New Revision: 9113
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=9113
Log:
Fix #2953 - credentials chain on DC gets out of sync with client when
NT_STATUS_NO_USER returned. We were moving to the next step in the
chain when the client wasn't. Only update when the user logs on.
Modified:
trunk/source/libsmb/credentials.c
trunk/source/rpc_server/srv_netlog_nt.c
Changeset:
Modified: trunk/source/libsmb/credentials.c
===
--- trunk/source/libsmb/credentials.c 2005-08-05 12:33:00 UTC (rev 9112)
+++ trunk/source/libsmb/credentials.c 2005-08-05 12:33:03 UTC (rev 9113)
@@ -208,8 +208,36 @@
DEBUG(5,("deal_with_creds: clnt_cred=%s\n",
credstr(sto_clnt_cred->challenge.data)));
- /* store new seed in client credentials */
- SIVAL(sto_clnt_cred->challenge.data, 0, new_cred);
+ /* Bug #2953 - don't store new seed in client credentials
+ here, because we need to make sure we're moving forward first
+*/
return True;
}
+
+/*
+ stores new seed in client credentials
+ jmcd - Bug #2953 - moved this functionality out of deal_with_creds, because
we're
+ not supposed to move to the next step in the chain if a nonexistent user
tries to logon
+*/
+void reseed_client_creds(DOM_CRED *sto_clnt_cred, DOM_CRED *rcv_clnt_cred)
+{
+ UTIME new_clnt_time;
+ uint32 new_cred;
+
+ /* increment client time by one second */
+ new_clnt_time.time = rcv_clnt_cred->timestamp.time + 1;
+
+ /* first 4 bytes of the new seed is old client 4 bytes + clnt time + 1
*/
+ new_cred = IVAL(sto_clnt_cred->challenge.data, 0);
+ new_cred += new_clnt_time.time;
+
+ DEBUG(5,("reseed_client_creds: new_cred[0]=%x\n", new_cred));
+ DEBUG(5,("reseed_client_creds: new_clnt_time=%x\n",
+new_clnt_time.time));
+ DEBUG(5,("reseed_client_creds: clnt_cred=%s\n",
+credstr(sto_clnt_cred->challenge.data)));
+
+ /* store new seed in client credentials */
+ SIVAL(sto_clnt_cred->challenge.data, 0, new_cred);
+}
Modified: trunk/source/rpc_server/srv_netlog_nt.c
===
--- trunk/source/rpc_server/srv_netlog_nt.c 2005-08-05 12:33:00 UTC (rev
9112)
+++ trunk/source/rpc_server/srv_netlog_nt.c 2005-08-05 12:33:03 UTC (rev
9113)
@@ -449,6 +449,7 @@
if (!(p->dc.authenticated && deal_with_creds(p->dc.sess_key,
&p->dc.clnt_cred, &q_u->clnt_id.cred, &srv_cred)))
return NT_STATUS_INVALID_HANDLE;
+ reseed_client_creds(&p->dc.clnt_cred, &q_u->clnt_id.cred);
memcpy(&p->dc.srv_cred, &p->dc.clnt_cred, sizeof(p->dc.clnt_cred));
DEBUG(5,("_net_srv_pwset: %d\n", __LINE__));
@@ -545,6 +546,8 @@
&q_u->sam_id.client.cred,
&srv_cred)))
return NT_STATUS_INVALID_HANDLE;
+ /* what happens if we get a logoff for an unknown user? */
+ reseed_client_creds(&p->dc.clnt_cred, &q_u->sam_id.client.cred);
memcpy(&p->dc.srv_cred, &p->dc.clnt_cred, sizeof(p->dc.clnt_cred));
/* maybe we want to say 'no', reject the client's credentials */
@@ -603,11 +606,6 @@
if (!(p->dc.authenticated && deal_with_creds(p->dc.sess_key,
&p->dc.clnt_cred, &q_u->sam_id.client.cred, &srv_cred)))
return NT_STATUS_INVALID_HANDLE;
- memcpy(&p->dc.srv_cred, &p->dc.clnt_cred, sizeof(p->dc.clnt_cred));
-
- r_u->buffer_creds = 1; /* yes, we have valid server credentials */
- memcpy(&r_u->srv_creds, &srv_cred, sizeof(r_u->srv_creds));
-
/* find the username */
switch (q_u->sam_id.logon_level) {
@@ -719,6 +717,15 @@
return status;
}
+ /* moved from right after deal_with_creds above, since we weren't
+ supposed to update unless logon was successful */
+
+ reseed_client_creds(&p->dc.clnt_cred, &q_u->sam_id.client.cred);
+ memcpy(&p->dc.srv_cred, &p->dc.clnt_cred, sizeof(p->dc.clnt_cred));
+
+ r_u->buffer_creds = 1; /* yes, we have valid server credentials */
+ memcpy(&r_u->srv_creds, &srv_cred, sizeof(r_u->srv_creds));
+
if (server_info->guest) {
/* We don't like guest domain logons... */
DEBUG(5,("_net_sam_logon: Attempted domain logon as GUEST
denied.\n"));
svn commit: samba r9112 - in branches/SAMBA_3_0/source: libsmb rpc_server
Author: jmcd
Date: 2005-08-05 12:33:00 + (Fri, 05 Aug 2005)
New Revision: 9112
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=9112
Log:
Fix #2953 - credentials chain on DC gets out of sync with client when
NT_STATUS_NO_USER returned. We were moving to the next step in the
chain when the client wasn't. Only update when the user logs on.
Modified:
branches/SAMBA_3_0/source/libsmb/credentials.c
branches/SAMBA_3_0/source/rpc_server/srv_netlog_nt.c
Changeset:
Modified: branches/SAMBA_3_0/source/libsmb/credentials.c
===
--- branches/SAMBA_3_0/source/libsmb/credentials.c 2005-08-05 11:56:02 UTC
(rev 9111)
+++ branches/SAMBA_3_0/source/libsmb/credentials.c 2005-08-05 12:33:00 UTC
(rev 9112)
@@ -208,8 +208,36 @@
DEBUG(5,("deal_with_creds: clnt_cred=%s\n",
credstr(sto_clnt_cred->challenge.data)));
- /* store new seed in client credentials */
- SIVAL(sto_clnt_cred->challenge.data, 0, new_cred);
+ /* Bug #2953 - don't store new seed in client credentials
+ here, because we need to make sure we're moving forward first
+*/
return True;
}
+
+/*
+ stores new seed in client credentials
+ jmcd - Bug #2953 - moved this functionality out of deal_with_creds, because
we're
+ not supposed to move to the next step in the chain if a nonexistent user
tries to logon
+*/
+void reseed_client_creds(DOM_CRED *sto_clnt_cred, DOM_CRED *rcv_clnt_cred)
+{
+ UTIME new_clnt_time;
+ uint32 new_cred;
+
+ /* increment client time by one second */
+ new_clnt_time.time = rcv_clnt_cred->timestamp.time + 1;
+
+ /* first 4 bytes of the new seed is old client 4 bytes + clnt time + 1
*/
+ new_cred = IVAL(sto_clnt_cred->challenge.data, 0);
+ new_cred += new_clnt_time.time;
+
+ DEBUG(5,("reseed_client_creds: new_cred[0]=%x\n", new_cred));
+ DEBUG(5,("reseed_client_creds: new_clnt_time=%x\n",
+new_clnt_time.time));
+ DEBUG(5,("reseed_client_creds: clnt_cred=%s\n",
+credstr(sto_clnt_cred->challenge.data)));
+
+ /* store new seed in client credentials */
+ SIVAL(sto_clnt_cred->challenge.data, 0, new_cred);
+}
Modified: branches/SAMBA_3_0/source/rpc_server/srv_netlog_nt.c
===
--- branches/SAMBA_3_0/source/rpc_server/srv_netlog_nt.c2005-08-05
11:56:02 UTC (rev 9111)
+++ branches/SAMBA_3_0/source/rpc_server/srv_netlog_nt.c2005-08-05
12:33:00 UTC (rev 9112)
@@ -449,6 +449,7 @@
if (!(p->dc.authenticated && deal_with_creds(p->dc.sess_key,
&p->dc.clnt_cred, &q_u->clnt_id.cred, &srv_cred)))
return NT_STATUS_INVALID_HANDLE;
+ reseed_client_creds(&p->dc.clnt_cred, &q_u->clnt_id.cred);
memcpy(&p->dc.srv_cred, &p->dc.clnt_cred, sizeof(p->dc.clnt_cred));
DEBUG(5,("_net_srv_pwset: %d\n", __LINE__));
@@ -545,6 +546,8 @@
&q_u->sam_id.client.cred,
&srv_cred)))
return NT_STATUS_INVALID_HANDLE;
+ /* what happens if we get a logoff for an unknown user? */
+ reseed_client_creds(&p->dc.clnt_cred, &q_u->sam_id.client.cred);
memcpy(&p->dc.srv_cred, &p->dc.clnt_cred, sizeof(p->dc.clnt_cred));
/* maybe we want to say 'no', reject the client's credentials */
@@ -603,11 +606,6 @@
if (!(p->dc.authenticated && deal_with_creds(p->dc.sess_key,
&p->dc.clnt_cred, &q_u->sam_id.client.cred, &srv_cred)))
return NT_STATUS_INVALID_HANDLE;
- memcpy(&p->dc.srv_cred, &p->dc.clnt_cred, sizeof(p->dc.clnt_cred));
-
- r_u->buffer_creds = 1; /* yes, we have valid server credentials */
- memcpy(&r_u->srv_creds, &srv_cred, sizeof(r_u->srv_creds));
-
/* find the username */
switch (q_u->sam_id.logon_level) {
@@ -719,6 +717,15 @@
return status;
}
+ /* moved from right after deal_with_creds above, since we weren't
+ supposed to update unless logon was successful */
+
+ reseed_client_creds(&p->dc.clnt_cred, &q_u->sam_id.client.cred);
+ memcpy(&p->dc.srv_cred, &p->dc.clnt_cred, sizeof(p->dc.clnt_cred));
+
+ r_u->buffer_creds = 1; /* yes, we have valid server credentials */
+ memcpy(&r_u->srv_creds, &srv_cred, sizeof(r_u->srv_creds));
+
if (server_info->guest) {
/* We don't like guest domain logons... */
DEBUG(5,("_net_sam_logon: Attempted domain logon as GUEST
denied.\n"));
