Andrew Bartlett [Mon, 2 Jan 2012 04:38:38 +0000 (15:38 +1100)]
s3-librpc Call SPENGO/GSSAPI via the auth_generic layer and gensec
This simplifies a lot of code, as we know we are always dealing
with a struct gensec_security, and allows the gensec module being
used to implement GSSAPI to be swapped for AD-server operation.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Mon, 2 Jan 2012 02:06:29 +0000 (13:06 +1100)]
s3-librpc Call GSSAPI via the auth_generic layer and gensec
This simplifies a lot of code, as we know we are always dealing with a
struct gensec_security, and allows the gensec module being used to
implement GSSAPI to be swapped when required for AD-server operation.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Fri, 13 Jan 2012 12:26:41 +0000 (13:26 +0100)]
s3: Change locking order between brlock and locking
But 8175 was fixed in a way that brlock.tdb was always locked before
locking.tdb. This patch fixes the bug in a different way. locking.tdb
is the central tdb for files and should always be locked first.
This patch solves the problem by postponing the level2 break messages,
which are async anyway.
Volker Lendecke [Sun, 8 Jan 2012 18:04:39 +0000 (19:04 +0100)]
s3: Enforce a lock order in dbwrap
This makes sure we do not deadlock from doing two dbwrap_fetch_locked in two
processes in different orders. At open time, we assign a strict order to all
databases. lock_order 1 will be locked first, lock_order 2 second. No two
records of the same lock order may be locked at the same time.
Volker Lendecke [Fri, 6 Jan 2012 16:19:54 +0000 (17:19 +0100)]
s3: Add a "lock_order" argument to db_open
This will be used to enforce a lock hierarchy between the databases. We have
seen deadlocks between locking.tdb, brlock.tdb, serverid.tdb and notify*.tdb.
These should be fixed by refusing a dbwrap_fetch_locked that does not follow a
defined lock hierarchy.
Dave Craft [Wed, 11 Jan 2012 14:11:35 +0000 (08:11 -0600)]
KCC importldif/exportldif and intersite topology
Add options for extracting an LDIF file from a database
and reimporting the LDIF into a schema-less database for
subsequent topology test/debug. Add intersite topology
generation with computation of ISTG and bridgehead servers
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Sat Jan 14 07:45:11 CET 2012 on sn-devel-104
David Disseldorp [Fri, 13 Jan 2012 21:51:22 +0000 (13:51 -0800)]
idl: add to_null property
to_null specifies that character conversion should only occur until the
null pointer in an array based string.
Signed-off-by: Jeremy Allison <jra@samba.org>
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sat Jan 14 00:51:54 CET 2012 on sn-devel-104
David Disseldorp [Sun, 13 Nov 2011 19:40:56 +0000 (20:40 +0100)]
idl: add to_null attribute to the spoolss formname array
OpenPrinterEx requests have been observed in the wild carrying a device
mode formname "A4" followed by non-utf16 garbage after the null
terminator. Such requests currently fail during unmarshalling in the
ndr_pull_charset() codepath, causing intermittent print job failures.
This change ensures that garbage after the device mode formname null
terminator is not processed in unmarshalling.
Volker Lendecke [Mon, 9 Jan 2012 13:30:53 +0000 (14:30 +0100)]
s3: Introduce get_share_mode_lock_fresh()
This slightly simplifies the code path for all callers which assume
that a share mode exists already. Only the callers in open_file_ntcreate
and open_directory will ever create new share modes.
Volker Lendecke [Mon, 9 Jan 2012 13:09:28 +0000 (14:09 +0100)]
s3: Replace fill_share_mode_lock()
This replaces fill_share_mode_lock() with the two routines
fresh_share_mode_lock() and parse_share_modes(). This lifts the
decision whether a share mode already existed on level up.
Andrew Bartlett [Thu, 15 Dec 2011 01:29:01 +0000 (12:29 +1100)]
Revert "make paranoia check less paranoid" - check that key types strictly match
This reverts commit c25af51232616061bb08eea86aae595b4f029490 because
otherwise we could attempt to check a CKSUMTYPE_HMAC_SHA1_96_AES_256 key with a
KRB5_ENCTYPE_ARCFOUR_HMAC_MD5 key.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Thu Jan 12 09:43:07 CET 2012 on sn-devel-104
Andrew Bartlett [Wed, 11 Jan 2012 07:19:14 +0000 (18:19 +1100)]
heimdal: remove checking of KDC PAC signature, delegate to wdc plugin
The checking of the KDC signature is more complex than it looks, it may be of a different
enc type to that which the ticket is encrypted with, and may even be prefixed
with the RODC number.
This is better handled in the plugin which can easily look up the DB for the
correct key to verify this with, and can also quickly determine if this is
an interdomain trust, which we cannot verify the PAC for.
Andrew Bartlett [Wed, 11 Jan 2012 07:06:55 +0000 (18:06 +1100)]
s4-kdc Do the KDC PAC checksum validation in the Samba plugin
Here we can fetch the right key, and check if the PAC is likely to be signed by a key that
we know. We cannot check the KDC signature on incoming trusts.
Jeremy Allison [Tue, 10 Jan 2012 20:58:13 +0000 (12:58 -0800)]
Second part of fix for bug #8673 - NT ACL issue.
Ensure we process the entire ACE list instead of returning ACCESS_DENIED
and terminating the walk - ensure we only return the exact bits that cause
the access to be denied. Some of the S3 fileserver needs to know if we
are only denied DELETE access before overriding it by looking at the
containing directory ACL.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Jan 11 19:24:53 CET 2012 on sn-devel-104
lib/param: avoid talloc_reference() in copy_service()
The memory reduction compared of talloc_reference() over talloc_strdup()
is typically very low. As the strings are typically short compared
to the talloc header overhead.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Wed Jan 11 16:13:50 CET 2012 on sn-devel-104
David Disseldorp [Wed, 11 Jan 2012 11:29:58 +0000 (12:29 +0100)]
s3-rpcclient: add deldriverex flags argument
The spoolss DeletePrinterDriverEx command offers three flags for
controlling how associated files and other versions of the driver are
effected: DPD_DELETE_UNUSED_FILES (1), DPD_DELETE_SPECIFIC_VERSION (2)
and DPD_DELETE_ALL_FILES (4).
This commit adds an optional numeric flags argument to the rpcclient
deldriverex command.
Signed-off-by: David Disseldorp <ddiss@samba.org> Signed-off-by: Andreas Schneider <asn@samba.org>
Autobuild-User: David Disseldorp <ddiss@samba.org>
Autobuild-Date: Wed Jan 11 14:39:35 CET 2012 on sn-devel-104
David Disseldorp [Tue, 10 Jan 2012 17:21:42 +0000 (18:21 +0100)]
spoolss: fix DPD_DELETE_ALL_FILES error return
If DeletePrinterDriverEx is called with DPD_DELETE_ALL_FILES and files
assigned to the to-be-deleted driver overlap with other drivers then an
error is returned. Change the error code here to match Windows 2k8r2.
Signed-off-by: David Disseldorp <ddiss@samba.org> Signed-off-by: Andreas Schneider <asn@samba.org>
Andrew Bartlett [Wed, 11 Jan 2012 08:00:34 +0000 (19:00 +1100)]
s4:auth: Make sure to check the optional auth_context hooks before using them
These are optional to supply - some callers only provide an auth_context for the
other plugin functions, and so we need to deal with this cleanly.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Wed Jan 11 10:49:13 CET 2012 on sn-devel-104
projects / thirdparty / samba.git / log
