diff options
| -rw-r--r-- | MAINTAINERS | 11 | ||||
| -rw-r--r-- | WHATSNEW.txt | 635 | ||||
| -rw-r--r-- | source/VERSION | 5 | ||||
| -rw-r--r-- | source/librpc/ndr/ndr_unixinfo.c | 504 | ||||
| -rw-r--r-- | source/librpc/ndr/ndr_unixinfo.h | 41 | ||||
| -rw-r--r-- | source/librpc/ndr/unixinfo.h | 79 |
6 files changed, 578 insertions, 697 deletions
diff --git a/MAINTAINERS b/MAINTAINERS index 2b09221efc0..9f67bf945de 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -7,7 +7,7 @@ portions of the Samba 3.0 code. It also lists developers responsible for 3rd party projects that work with Samba (e.g. vfs modules). -Note that this list is for your benefit, but please do not +Note that this list is for you benefit, but please do not abuse it by constantly emailing a stream of help questions to the maintainers. Some are more open to direct communication than others and some struggle with enormous @@ -26,10 +26,11 @@ libmsrpc Chris Nichols <skel@samba.org> libsmbclient Derrell Lipman <derrell@samba.org> -pdb_*sql Wilco Baan Hofman <synnack@users.sf.net> - Florian Effenberger <floeff@users.sf.net> - - http://pdbsql.sourceforge.net/ +pdb_*sql <samba-pdbsql@samba.org> + Peter Rindfuss: pdb_mysql + Darrell McGuire: pdb_mysql + Ulrich Meis: pdb_pgsql + Filip Jirsák: pdb_pgsql printing Gerald (Jerry) Carter <jerry@samba.org> diff --git a/WHATSNEW.txt b/WHATSNEW.txt index cb8bd59f2b7..d5f5cb3a8c0 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,12 +1,538 @@ ============================== - Release Notes for Samba 3.0.23 - Jul 10, 2006 + Release Notes for Samba 3.0.24 + Feb 5, 2007 ============================== This is the latest stable release of Samba. This is the version that production Samba servers should be running for all current -bug-fixes. Please read the changes in this section for details on -new features and difference in behavior from previous releases. +bug-fixes. Please read the changes in this section and for the +original 3.0.23 release regarding new features and difference +in behavior from previous releases. + +Important issues addressed in 3.0.24 include: + + o Fixes for the following security advisories: + - CVE-2007-0452 (Potential Denial of Service bug in smbd) + - CVE-2007-0453 (Buffer overrun in NSS host lookup Winbind + NSS library on Solaris) + - CVE-2007-0454 (Format string bug in afsacl.so VFS plugin) + + +###################################################################### +Changes +####### + +Changes since 3.0.23d +--------------------- + +commits +------- + +o Jeremy Allison <jra@samba.org> + * Fix for CVE-2007-0452 & CVE-2007-0454 + + +o Olivier Gay <ouah@ouah.org> + * Fix for CVE-2007-0453 + + +o Volker Lendecke <vl@samba.org> + * Fix for CVE-2007-0452 + + + +Release Notes for older release follow: + + -------------------------------------------------- + =============================== + Release Notes for Samba 3.0.23d + Nov 14, 2006 + =============================== + +This is the latest stable release of Samba. This is the version +that production Samba servers should be running for all current +bug-fixes. Please read the changes in this section and for the +original 3.0.23 release regarding new features and difference +in behavior from previous releases. + +Important issues addressed in 3.0.23d include: + + o Stability fixes for winbindd + o Portability fixes on FreeBSD and Solaris operating systems. + +###################################################################### +Changes +####### + +Changes since 3.0.23c +--------------------- + +commits +------- + +o Jeremy Allison <jra@samba.org> + * Changes to ntlm_auth to better support Firefox's NTLM + authentication. + * Make the "max usershares" parameter an advisory limit. + * BUG 4095: Cleanup bad substitution causing the username + to be translated to domain\user twice in spnego path. + * BUG 4097: Ensure all pdb_XXX calls are wrapped in + [un]become_root() pairs. + * Ensure we always return the canonicalized name + * Add in fixes to mangling dir code. + * Do not assume that gencache can always be opened for RW access. + Fall back to RO. + * Always initialize variables in winbindd request/response + structure. + * Fix libsmbclient bug with Konqueror and NetApp filers that + need a leading / in OpenAndX calls. + * Added showacls toggle in the smbclient code. + * Add a suffix to the pidfile's program name if this is a process + with a non-default configuration file name. + * Fix protection from invalid struct tm values. + * BUG 4187: Possible crash in signing on/off code. + * BUG 4214: Fix crash bug in find_forced_group(). + * BUG 4224: Fix enforcement of the deadtime parameter. + + +o Timur Bakeyev <timur@com.bat.ru> + * BUG 3856: Set the nss soname version on FreeBSD. + * BUG 4109: Fix bug causing smbd to turn off winbindd and + fail to disable the _NO_WINBIND environment. + * BUG 3868: Prevent --with-aio-support from trimming the + $LIBS variable in configure.in. + + +o Dmitry Butskoy <dmitry@butskoy.name> + * BUG 4075: Allow smbd to use winbindd to lookup uids/gids + outside the idmap range if 'winbind trusted domains + only = yes'. + + +o Gerald (Jerry) Carter <jerry@samba.org> + * Fix primary group lookup failures. Use the Get_Pwnam_alloc() + call to ensure it finds the Unix user first. + * Only grant privs to Administrators if privileges are enabled + to avoid bogus error messages in the logs. + + +o Alex Deiter <tiamat@komi.mts.ru> + * BUG 3524: Fix for quota support on Solaris. + + +o Guenther Deschner <gd@samba.org> + * Close socket when the CLDAP request has failed. + * Memory leak fixes in the libads/ldap.c code. + * Printer publishing fixes for "net ads". + * Fix error code returns in the CLDAP client code. + * Do not anonymously query for AD schema items in winbindd. + * Protect against storing null-sids in the winbind cache. + * Fallback to non-paging LDAP searches for anonymous bound + connections. + * More workarounds when nscd. + * Fix error code typoe in the GetDcName() netlogon call + (including two new error codes). + * Fix valgrind warnings in pam_winbind + * Add two missing refresh_sequence_number calls where they are + missing just before writing to the winbind cache tdb. + * Attempt to locate a valid domain controller before prompting + for credentials in "net ads". + * Set 35 second timeout in winbindd's netlogon code when sending + a GETDC request. + * Stop "net ads {user,group} delete" from doing funny things. + * Fix container handling for "net ads user" and "net ads group" + functions. + * Fix various memleaks and seg faults in "net ads {user,group}". + + +o Udo Eberhardt <udo.eberhardt@thesycon.de> + * BUG 4100: Fix crash in the server spooler code by initializing + values for smb_io_notify_info_data_strings. + + +o Olaf Flebbe <o.flebbe@science-computing.de> + * BUG 4133: pam_winbind.c compile fix on AIX 5.1. + + +o David Hu <david.hu@hp.com> + * BUG 4212: Fix memleak in the default_ou_string handling. + + +o Mikhail Kshevetskiy <kl@laska.dorms.spbu.ru> + * BUG 4229: Compile fix for systems without kerberos. + + +o Volker Lendecke <vl@samba.org> + * NTLMSSP LanMan session key fixes. + * Various potential seg fault fixes. + * Extra logic in share access checks for bad smb.conf parameter + settings. + * Fixes to allow smbclient to connect to Vista RC1 workstations. + * Fix bad search filter in ldapsam when enumerating group + members. + + +o Jim McDonough <jmcd@us.ibm.com> + * Correctly handle the password expiration policy on Samba DCs. + + +o Nils Nordman <nils.nordman@nordman.org> + * BUG 4085: Allow smbpasswd to change expired passwords on + remote servers. + + +o Simo Sorce <idra@samba.org> + * Merge uid2sid and gid2sid async calls for SAMBA_3_0. + * Better fqdn handling when parsing the /etc/hosts file. + * Fix crash bug in pam_winbind. + +o Andrew Tridgell <tridge@samba.org> + * Fix string alignment problem in password change code. + + +o Jim Wang + * BUG 4211: Logic error when enforcing "acl group control" + behavior. + + +Release Notes for older release follow: + + -------------------------------------------------- + =============================== + Release Notes for Samba 3.0.23c + Aug 30, 2006 + =============================== + +We would like to thank the developers of the Saturn code analysis +tool from Stanford University (http://glide.stanford.edu/saturn). +This release includes several code fixes based on its reports. + +Common bugs fixed in 3.0.23c include: + + o Authentication failures in pam_winbind when the AD domain + policy is set to not expire passwords. + o Authorization failures when using smb.conf options such + as "valid users" with the smbpasswd passdb backend. + + +RID Algorithms & Passdb +======================= + +Starting with the 3.0.23c release, the officially supported passdb +backends (smbpasswd, tdbsam, and ldapsam) now operate identically +with regards to the historical RID algorithm for unmapped users +and groups (i.e. accounts not in the passdb or group mapping table). +The resulting behavior is that all unmapped users are resolved +to a SID in the S-1-22-1 domain and all unmapped groups resolve +to a SID in the S-1-22-2 domain. Previously, when using the +smbpasswd passdb, such users and groups would resolve to an +algorithmic SID in the machine's own domain (S-1-5-XX-XX-XX). +However, the smbpasswd backend still utilizes the RID algorithm +when creating new user accounts or allocating a RID for a new +group mapping entry. + +With the changes in the 3.0.23c release, it is now possible to +resolve a uid/gid, name, or SID in any direction and always obtain +a symmetric mapping. This is important so that values for smb.conf +parameters such as "valid users" resolve to the same SIDs as those +included in the local user's initial token. + +Most installations will notice no change. However, because +an unmapped account's SID will now change even when using +smbpasswd it is possible that any security descriptors on files +previously copied from a Samba host to a Windows NTFS partition +may now fail to give access. The workaround is to either manually +map all affect groups (or add impacted users to the server's +passdb) or to manually reset the file's ACL. + + +###################################################################### +Changes +####### + +Changes since 3.0.23b +--------------------- + +commits +------- +o Michael Adam <ma@sernet.de> + * Fix incorrect logic in internal_resolve_name() caused by if + statement. + + +o Jeremy Allison <jra@samba.org> + * Don't store a NULL SID in winbindd's offline cache. + * Ensure we store the offline password hash in the correct format. + * OS/2 fixes for large Extended Attributes data. + * Fix nmbd crashes caused by miscalculation in pushing + announcements. + * Handle times consistently across all client utils including + libsmbclient. + * Fix a file descriptor leak in nmbd sync DNS lookup code. + * Fix inconsistency found in checking for NULL in DLIST_REMOVE + macro. + * Pointer dereference fixes based on the Saturn analysis tool. + * Fix memory leak in the AD DC lookup code. + + +o Gerald (Jerry) Carter <jerry@samba.org> + * RHEL4 and Fedora packaging updates. + * Remove RID algorithm support for unmapped users and groups + when using an smbpasswd backend. + * Extend the NT token for local users' with the S-1-22-2 + SID for each supplementary group + * BUG 3969: Fix unsigned time comparison with expiration + policy from AD DC. + * Merge Guenther's fixes from the SuSE SLES10 tree to ensure + that winbindd talks to the correct DC when servicing PAM + authentication requests. + * Do not use the generic IP address sort routines for AD DCs + since the SRV lookup include a sorting algorithm based + on priority and weight. + * Fix our DNS SRV lookup code to deal with multi-homed hosts. + * More changes to ensure that the primary group SID for + a local user is based on the primary Unix group and not the + primaryGroupSID passdb attribute. + * Disable storing SIDs in the S-1-22-1 and S-1-22-2 domain + to the SID<->uid/gid cache. + + +o Guenther Deschner <gd@samba.org> + * Fix msdfs RPC client and server management RPCs. + * Align idmap_ad with the current idmap_methods interface. + + +o Volker Lendecke <vl@samba.org> + * Re-add support for "username level" when looking up the + matching Unix user for an smbpasswd entry. + * snprintf() fixes. + + +o Simo Sorce <idra@samba.org> + * Let innetgr() work without binding its use to a + NIS domain to support netgroups in local files. + + +o Ben Winslow <rain@bluecherry.net> + * Allow client smb signing to be turned off correctly. + + + -------------------------------------------------- + =============================== + Release Notes for Samba 3.0.23b + Aug 7, 2006 + =============================== + +Common bugs fixed in 3.0.23b include: + + o Ambiguity with unqualified names in smb.conf parameters + such as "force user" and "valid users". + o Errors in 'net ads join' caused by bad IP address in the list + of domain controllers. + o SMB signing errors in the client and server code. + o Domain join failures when using smbpasswd on a Samba PDC. + + +Member servers, domain accounts, and smb.conf +============================================= + +Since Samba 3.0.8, it has been recommended that all domain accounts +listed in smb.conf on a member server be fully qualified with the +domain name. This is now a requirement. All unqualified names are +assumed to be local to the Unix host, either as part of the server's +local passdb or in the local system list of accounts (e.g. /etc/passwd +or /etc/group). + +The reason for this change is that smbd has transitioned from +access checks based on string comparisons to token based +authorization. All names are resolved to a SID and then verified +against the logged on user's NT user token. Local names will +resolve to a local SID, while qualified domain names will resolve +to the appropriate domain SID. + +If the member server is not running winbindd at all, domain +accounts will be implicitly mapped to local accounts and their +tokens will be modified appropriately to reflect the local +SID and group membership. + +For example, the following share will restrict access to the +domain group "Linux Admins" and the local group srvadmin. + +[restricted] + path = /data + valid users = +"DOMAIN\Linux Admins" +srvadmin + +Note that to restrict the [homes] share on a member server to the +owner of that directory, it is necessary to prefix the %S value +to "valid users". + +[global] + security = {domain,ads} + workgroup = DOM + winbind separator = + +[homes] + valid users = DOM+%S + + + +###################################################################### +Changes +####### + +Changes since 3.0.23a +--------------------- + +commits +------- +o Michael Adams <ma@sernet.de> + * Fix memory leaks on error paths in 'net ads join'. + + +o Jeremy Allison <jra@samba.org> + * BUG 3962: Fix memory leak when enumerating print jobs. + * Fix file access flags for the Linux CIFS fs client. + * Fix memory leaks in the smbclient DFS code. + * BUG 3967: Fix SMB signing client bug in trans calls. + * BUG 3985: Ensure in msdfs we check for our NetBIOS aliases. + * Added lookup_name_smbconf() to be called when looking up names + from smb.conf. Unqualified names are assumed to be local. + * BUG 4003: Fix SMB signing server error in NTcancel reply. + + +o Gerald (Jerry) Carter <jerry@samba.org> + * Fix a few "smbldap_open(): Cannot open when not root" bugs when + viewing or modifying local group membership. + * Make LsaLookupSids() reply include the full SID of unresolved + SIDs. + * BUG 3957: Prevent returning strange DC IP addresses by zeroing + memory in the SRV hostlist in case there is not an A record for + each SRV name. + * BUG 3964: normalize the case of usernames prior to getpwnam() + call in the smbpasswd backend. + * Cleanup the 'net ads help join' output and document createupn + and createcomputer options. + * Fix a regression in the ldapsam URI syntax. Allow multiple + LDAP URIs to be grouped by "". + + +o William Charles <william@charles.name> + * BUG 3959: Remove rand() from SRV RR comparison to fix crashes + in qsort(). + + +o Guenther Deschner <gd@samba.org> + * Fix memory leaks in pam_winbind. + * Save the logon script path from the info3 in the PAM session + allowing other PAM modules to pick it up from there. + + +o Volker Lendecke <vl@samba.org> + * BUG 3991: Fix problem with user tokens on standalone systems + configured to use a username map. + * Fix bug where qualified user or group names in smb.conf + were assumed to use the '\' character as the winbind separator. + + -------------------------------------------------- + =============================== + Release Notes for Samba 3.0.23a + Jul 21, 2006 + =============================== + +Common bugs fixed in 3.0.23a include: + + o Failure to strip the domain name from groups when 'winbind + use default domain = yes' + o Failure in pam_winbind to correctly parse arguments. + o Bad token creation of local users on member servers not + running winbindd. + o Failure to add users or groups to ACLs using the Windows + object picker. + o Failure in file serving code when 'kernel oplocks = yes'. + +New features in 3.0.23a include: + + o New "createupn" option to "net ads join" + o Rewritten Kerberos keytab generation when 'use kerberos + keytab = yes' + + + +###################################################################### +Changes +####### + +Changes since 3.0.23 +-------------------- + +commits +------- +o Jeremy Allison <jra@samba.org> + * Fix memory leaks in the POSIX locking for for the Linux CIFS fs + client. + * Fix memory leaks in the AD schema parsing code. + * Fixed bug in interaction with Linux kernel oplocks. + + +o Gerald (Jerry) Carter <jerry@samba.org> + * Rewrite the detection of the correct DES salting principal name + when joining an Active Directory Domain. + * Rewrite the keytab generation code based on existing SPN, + UPN, and sAMAccountName attributes in the AD machine object. + * Cleanup of dead code from idmap_ad. + * Fix Winbind 32bit/64bit portability issues. + * Fail 'net ads join' and disable the machine account if we cannot + set any SPNs for ourselves. + * Make sure to lower case all usernames before calling the create, + delete, or rename hooks. + * Preserve case for usernames in passdb + * Flush the getpwnam cache after renaming a user + * Add become/unbecome root block in _samr_delete_dom_user() when + trying to verify the account's existence. + * Changed 'net ads join' syntax for specifying an alternate + OU. New syntax is createcomputer=<ou path top to bottom>. + * Add createupn=[UPN] option to 'net ads join' for setting the + userPrincipalName attribute. + * Bug 3920: Restore winbind use default domain behavior for domain + groups. This break local users and 'winbind nested groups' on + domain members. + + +o Guenther Deschner <gd@samba.org> + * Don't clear the cache when starting winbindd in off line mode. + * Fix errno reporting in pam_winbind debug messages. + * BUG 3937: Fix segv in libnss_wins.so. + + +o Volker Lendecke <vl@samba.org> + * Fix memory leaks in the in error paths out of the CLDAP + request code. + * AIX portability fixes for DNS client code. + * BUG 3811, 3948: Fix alignment bug in on lsaquery. + * BUG 3949: Fixed authorization issue on domain member + servers not running winbindd. + + +o Andrew Tridgell <tridge@samba.org> + * Fixed a bug which caused resolve_ads() to spin forever if + one of the DCs isn't resolvable in DNS. + + +o Simo Sorce <idra@samba.org> + * Debian packaging fixes. + + +o Dietrich Streifert <dietrich.streifert@visionet.de> + * BUG 3916: Fix error parsing pam_winbind config arguments. + + +Release Notes for older release follow: + + -------------------------------------------------- + + ============================== + Release Notes for Samba 3.0.23 + Jul 10, 2006 + ============================== There has been a substantial amount of cleanup work done during this development cycle. We would like to thank both Coverity @@ -155,68 +681,12 @@ smb.conf changes wins partners Removed -Changes since 3.0.23rc3 ------------------------ +Changes since 3.0.22 +-------------------- commits ------- o Jeremy Allison <jra@samba.org> - * BUG 3858: Ensure that all files are removed by a wildcard - delete when 'hide unreadable = yes'. - * Fix various issues raised by the Klocwork code analyzer. - * Fix nmbd WINS serving bug causing duplicate IPs in the *<1b> - query reply ("enhanced browsing = yes"). - * Fix SMB signing failures in client tools. - * BUG 3909: Avoid EA lookups on MS-DFS links. - - -o Nicholas Brealey <nick@brealey.org> - * Compile fix for pam_winbind. - - -o Gerald (Jerry) Carter <jerry@samba.org> - * Use system provided killproc() in RedHat init scripts for - more robust shutdown. - * Fix a crash in the printer publishing code when adding a - new printer via the APW. - * Fix broken compile of unsupported smbwrapper utility. - * BUG 3905: Fix smbd startup failure caused by a failure to - create an NT token for the guest account. - * BUG 3908: Fix RPC bind authentication failure which broke - user password changes. - * Ensure that "net ads join" reports failure correctly if - it cannot set the machine account password. - - -o Guenther Deschner <gd@samba.org> - * Fix different extended_dn handling in adssearch.pl - (Thanks to Frederic Brin at Novell). - * Fix a memleak in winbindd's credentials cache. - * Protect against crashes in CLDAP request processing. - * Remove incomplete DfsEnum() info level to avoid an smbd crash. - - -o Volker Lendecke <vl@samba.org> - * Fix a memleak in the server registry code for enumeration - shares. - * Fix an invalid munlock() call in winbindd's credentials cache. - * Fix compile warnings when passing NULL to snprintf(). - * BUG 3915: Fall back to a pure unix user with S-1-22 SIDs in the - token in case anything weird is going on with the 'force user'. - * CVE-2006-3403: Fix minor memory exhaustion DoS in smbd. - - -o Jason Mader <jason@ncac.gwu.edu> - * Compiler warning fixes. - - -o Simo Sorce <idra@samba.org> - * Set the correct sid type when looking up a gid. - - -Changes since 3.0.22 --------------------- -o Jeremy Allison <jra@samba.org> * Fixes for various Klocwork defect reports. * Cleanup pdb_get_XXX() methods and ensure that a failure to allocate memory for a samu user structure is reported @@ -313,6 +783,13 @@ o Jeremy Allison <jra@samba.org> read fails (inspired by Justin Best). * BUG 3668: Workaround Windows bug with LARGE_READX where if you ask for exactly 64k bytes it returns 0. + * BUG 3858: Ensure that all files are removed by a wildcard + delete when 'hide unreadable = yes'. + * Fix various issues raised by the Klocwork code analyzer. + * Fix nmbd WINS serving bug causing duplicate IPs in the *<1b> + query reply ("enhanced browsing = yes"). + * Fix SMB signing failures in client tools. + * BUG 3909: Avoid EA lookups on MS-DFS links. o Andrew Bartlett <abartlet@samba.org> @@ -334,6 +811,10 @@ o Max N. Boyarov <m.boyarov@sam-solutions.net> * Fix crash bug in perfmon daemon example code. +o Nicholas Brealey <nick@brealey.org> + * Compile fix for pam_winbind. + + o Gerald (Jerry) Carter <jerry@samba.org> * Fix 'make install' problem when building outside source/. * Fix 'net ads join' when the workgroup is set incorrectly in @@ -415,6 +896,17 @@ o Gerald (Jerry) Carter <jerry@samba.org> * Add defensive checks about create local accounts (i.e. calling 'add user script') on domain member servers when winbindd is running but having problems. + * Use system provided killproc() in RedHat init scripts for + more robust shutdown. + * Fix a crash in the printer publishing code when adding a + new printer via the APW. + * Fix broken compile of unsupported smbwrapper utility. + * BUG 3905: Fix smbd startup failure caused by a failure to + create an NT token for the guest account. + * BUG 3908: Fix RPC bind authentication failure which broke + user password changes. + * Ensure that "net ads join" reports failure correctly if + it cannot set the machine account password. o Mathias Dietz <MDIETZ@de.ibm.com> @@ -486,14 +978,14 @@ o Guenther Deschner <gd@samba.org> * Add help text for new 'net rpc audit' utility. * Add net ads search SID. * samrQueryDomainInfo level 5 should return the domain name, not our - netbios name when we are a DC. + NetBIOS name when we are a DC. * Add some more client rpc for the querydominfo calls (from samba4 idl). * Process all the supported info levels in the samr_query_domain_info2 call. * Wrap the samr_query_domain_info2() call around samr_query_domain_info(). * Fix segv in smbctool. - * Honour the time_offset also when verifying Kerberos tickets. + * Honor the time_offset also when verifying Kerberos tickets. * Prevent unnecessary longstanding LDAP connection to eDirectory. * Fix segv in smbspool. * BUG 1914: Allow to store 24 password history entries in ldapsam. @@ -540,6 +1032,11 @@ o Guenther Deschner <gd@samba.org> http://ndevilla.free.fr/iniparser/ for use by pam_winbind (rather than linking in loadparm.c). Settings are now stored in /etc/security/pam_winbind.conf. + * Fix different extended_dn handling in adssearch.pl + (Thanks to Frederic Brin at Novell). + * Fix a memleak in winbindd's credentials cache. + * Protect against crashes in CLDAP request processing. + * Remove incomplete DfsEnum() info level to avoid an smbd crash. o Aleksey Fedoseev <fedoseev@ru.ibm.com> @@ -638,6 +1135,13 @@ o Volker Lendecke <vl@samba.org> dependent routines are called. * Enhance consistency checks on local configuration when joining a domain. + * Fix a memleak in the server registry code for enumeration + shares. + * Fix an invalid munlock() call in winbindd's credentials cache. + * Fix compile warnings when passing NULL to snprintf(). + * BUG 3915: Fall back to a pure unix user with S-1-22 SIDs in the + token in case anything weird is going on with the 'force user'. + * CVE-2006-3403: Fix minor memory exhaustion DoS in smbd. o Derrell Lipman <derrell@samba.org> @@ -767,6 +1271,7 @@ o Simo Sorce <idra@samba.org> dn' before setting a password in secrets.tdb (based on work by William Jojo). * New revision of the snprintf replace code. + * Set the correct sid type when looking up a gid. o Todd Stecher <tstecher@isilon.com> @@ -783,8 +1288,6 @@ o Shlomi Yaakobovich <Shlomi@exanet.com> * Fix for machine password time_t overflow. -Release Notes for older release follow: - -------------------------------------------------- ============================== Release Notes for Samba 3.0.22 diff --git a/source/VERSION b/source/VERSION index d73b770dff1..fc1f872b07a 100644 --- a/source/VERSION +++ b/source/VERSION @@ -28,7 +28,8 @@ SAMBA_VERSION_MINOR=0 SAMBA_VERSION_RELEASE=25 ######################################################## -# Bug fix releases use a letter for the patch revision # +# If a official release has a serious bug # +# a security release will have 'a' sufffix # # # # so SAMBA's version will be # # <MAJOR>.<MINOR>.<RELEASE><REVISION> # @@ -68,7 +69,7 @@ SAMBA_VERSION_RC_RELEASE= # e.g. SAMBA_VERSION_IS_SVN_SNAPSHOT=yes # # -> "3.0.0-SVN-build-199" # ######################################################## -SAMBA_VERSION_IS_SVN_SNAPSHOT=yes +SAMBA_VERSION_IS_SVN_SNAPSHOT= ######################################################## # This can be set by vendors if they want... # diff --git a/source/librpc/ndr/ndr_unixinfo.c b/source/librpc/ndr/ndr_unixinfo.c deleted file mode 100644 index 61b4f4696a7..00000000000 --- a/source/librpc/ndr/ndr_unixinfo.c +++ /dev/null @@ -1,504 +0,0 @@ -/* parser auto-generated by pidl */ - -#include "includes.h" -#include "libndr/ndr_unixinfo.h" -static NTSTATUS ndr_push_unixinfo_GetPWUidInfo(struct ndr_push *ndr, int ndr_flags, const struct unixinfo_GetPWUidInfo *r) -{ - if (ndr_flags & NDR_SCALARS) { - NDR_CHECK(ndr_push_align(ndr, 4)); - NDR_CHECK(ndr_push_NTSTATUS(ndr, NDR_SCALARS, r->status)); - NDR_CHECK(ndr_push_unique_ptr(ndr, r->homedir)); - NDR_CHECK(ndr_push_unique_ptr(ndr, r->shell)); - } - if (ndr_flags & NDR_BUFFERS) { - if (r->homedir) { - NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, ndr_charset_length(r->homedir, CH_UTF8))); - NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, 0)); - NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, ndr_charset_length(r->homedir, CH_UTF8))); - NDR_CHECK(ndr_push_charset(ndr, NDR_SCALARS, r->homedir, ndr_charset_length(r->homedir, CH_UTF8), sizeof(uint8_t), CH_UTF8)); - } - if (r->shell) { - NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, ndr_charset_length(r->shell, CH_UTF8))); - NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, 0)); - NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, ndr_charset_length(r->shell, CH_UTF8))); - NDR_CHECK(ndr_push_charset(ndr, NDR_SCALARS, r->shell, ndr_charset_length(r->shell, CH_UTF8), sizeof(uint8_t), CH_UTF8)); - } - } - return NT_STATUS_OK; -} - -static NTSTATUS ndr_pull_unixinfo_GetPWUidInfo(struct ndr_pull *ndr, int ndr_flags, struct unixinfo_GetPWUidInfo *r) -{ - uint32_t _ptr_homedir; - TALLOC_CTX *_mem_save_homedir_0; - uint32_t _ptr_shell; - TALLOC_CTX *_mem_save_shell_0; - if (ndr_flags & NDR_SCALARS) { - NDR_CHECK(ndr_pull_align(ndr, 4)); - NDR_CHECK(ndr_pull_NTSTATUS(ndr, NDR_SCALARS, &r->status)); - NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_homedir)); - if (_ptr_homedir) { - NDR_PULL_ALLOC_SIZE(ndr, r->homedir, 1); - } else { - r->homedir = NULL; - } - NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_shell)); - if (_ptr_shell) { - NDR_PULL_ALLOC_SIZE(ndr, r->shell, 1); - } else { - r->shell = NULL; - } - } - if (ndr_flags & NDR_BUFFERS) { - if (r->homedir) { - _mem_save_homedir_0 = NDR_PULL_GET_MEM_CTX(ndr); - NDR_PULL_SET_MEM_CTX(ndr, r->homedir, 0); - NDR_CHECK(ndr_pull_array_size(ndr, &r->homedir)); - NDR_CHECK(ndr_pull_array_length(ndr, &r->homedir)); - if (ndr_get_array_length(ndr, &r->homedir) > ndr_get_array_size(ndr, &r->homedir)) { - return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->homedir), ndr_get_array_length(ndr, &r->homedir)); - } - NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->homedir), sizeof(uint8_t))); - NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->homedir, ndr_get_array_length(ndr, &r->homedir), sizeof(uint8_t), CH_UTF8)); - NDR_PULL_SET_MEM_CTX(ndr, _mem_save_homedir_0, 0); - } - if (r->shell) { - _mem_save_shell_0 = NDR_PULL_GET_MEM_CTX(ndr); - NDR_PULL_SET_MEM_CTX(ndr, r->shell, 0); - NDR_CHECK(ndr_pull_array_size(ndr, &r->shell)); - NDR_CHECK(ndr_pull_array_length(ndr, &r->shell)); - if (ndr_get_array_length(ndr, &r->shell) > ndr_get_array_size(ndr, &r->shell)) { - return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->shell), ndr_get_array_length(ndr, &r->shell)); - } - NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->shell), sizeof(uint8_t))); - NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->shell, ndr_get_array_length(ndr, &r->shell), sizeof(uint8_t), CH_UTF8)); - NDR_PULL_SET_MEM_CTX(ndr, _mem_save_shell_0, 0); - } - } - return NT_STATUS_OK; -} - -void ndr_print_unixinfo_GetPWUidInfo(struct ndr_print *ndr, const char *name, const struct unixinfo_GetPWUidInfo *r) -{ - ndr_print_struct(ndr, name, "unixinfo_GetPWUidInfo"); - ndr->depth++; - ndr_print_NTSTATUS(ndr, "status", r->status); - ndr_print_ptr(ndr, "homedir", r->homedir); - ndr->depth++; - if (r->homedir) { - ndr_print_string(ndr, "homedir", r->homedir); - } - ndr->depth--; - ndr_print_ptr(ndr, "shell", r->shell); - ndr->depth++; - if (r->shell) { - ndr_print_string(ndr, "shell", r->shell); - } - ndr->depth--; - ndr->depth--; -} - -NTSTATUS ndr_push_unixinfo_SidToUid(struct ndr_push *ndr, int flags, const struct unixinfo_SidToUid *r) -{ - if (flags & NDR_IN) { - NDR_CHECK(ndr_push_dom_sid(ndr, NDR_SCALARS|NDR_BUFFERS, &r->in.sid)); - } - if (flags & NDR_OUT) { - if (r->out.uid == NULL) return NT_STATUS_INVALID_PARAMETER_MIX; - NDR_CHECK(ndr_push_hyper(ndr, NDR_SCALARS, *r->out.uid)); - NDR_CHECK(ndr_push_NTSTATUS(ndr, NDR_SCALARS, r->out.result)); - } - return NT_STATUS_OK; -} - -NTSTATUS ndr_pull_unixinfo_SidToUid(struct ndr_pull *ndr, int flags, struct unixinfo_SidToUid *r) -{ - TALLOC_CTX *_mem_save_uid_0; - if (flags & NDR_IN) { - ZERO_STRUCT(r->out); - - NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS|NDR_BUFFERS, &r->in.sid)); - NDR_PULL_ALLOC(ndr, r->out.uid); - ZERO_STRUCTP(r->out.uid); - } - if (flags & NDR_OUT) { - if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { - NDR_PULL_ALLOC(ndr, r->out.uid); - } - _mem_save_uid_0 = NDR_PULL_GET_MEM_CTX(ndr); - NDR_PULL_SET_MEM_CTX(ndr, r->out.uid, LIBNDR_FLAG_REF_ALLOC); - NDR_CHECK(ndr_pull_hyper(ndr, NDR_SCALARS, r->out.uid)); - NDR_PULL_SET_MEM_CTX(ndr, _mem_save_uid_0, LIBNDR_FLAG_REF_ALLOC); - NDR_CHECK(ndr_pull_NTSTATUS(ndr, NDR_SCALARS, &r->out.result)); - } - return NT_STATUS_OK; -} - -void ndr_print_unixinfo_SidToUid(struct ndr_print *ndr, const char *name, int flags, const struct unixinfo_SidToUid *r) -{ - ndr_print_struct(ndr, name, "unixinfo_SidToUid"); - ndr->depth++; - if (flags & NDR_SET_VALUES) { - ndr->flags |= LIBNDR_PRINT_SET_VALUES; - } - if (flags & NDR_IN) { - ndr_print_struct(ndr, "in", "unixinfo_SidToUid"); - ndr->depth++; - ndr_print_dom_sid(ndr, "sid", &r->in.sid); - ndr->depth--; - } - if (flags & NDR_OUT) { - ndr_print_struct(ndr, "out", "unixinfo_SidToUid"); - ndr->depth++; - ndr_print_ptr(ndr, "uid", r->out.uid); - ndr->depth++; - ndr_print_hyper(ndr, "uid", *r->out.uid); - ndr->depth--; - ndr_print_NTSTATUS(ndr, "result", r->out.result); - ndr->depth--; - } - ndr->depth--; -} - -NTSTATUS ndr_push_unixinfo_UidToSid(struct ndr_push *ndr, int flags, const struct unixinfo_UidToSid *r) -{ - if (flags & NDR_IN) { - NDR_CHECK(ndr_push_hyper(ndr, NDR_SCALARS, r->in.uid)); - } - if (flags & NDR_OUT) { - if (r->out.sid == NULL) return NT_STATUS_INVALID_PARAMETER_MIX; - NDR_CHECK(ndr_push_dom_sid(ndr, NDR_SCALARS|NDR_BUFFERS, r->out.sid)); - NDR_CHECK(ndr_push_NTSTATUS(ndr, NDR_SCALARS, r->out.result)); - } - return NT_STATUS_OK; -} - -NTSTATUS ndr_pull_unixinfo_UidToSid(struct ndr_pull *ndr, int flags, struct unixinfo_UidToSid *r) -{ - TALLOC_CTX *_mem_save_sid_0; - if (flags & NDR_IN) { - ZERO_STRUCT(r->out); - - NDR_CHECK(ndr_pull_hyper(ndr, NDR_SCALARS, &r->in.uid)); - NDR_PULL_ALLOC(ndr, r->out.sid); - ZERO_STRUCTP(r->out.sid); - } - if (flags & NDR_OUT) { - if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { - NDR_PULL_ALLOC(ndr, r->out.sid); - } - _mem_save_sid_0 = NDR_PULL_GET_MEM_CTX(ndr); - NDR_PULL_SET_MEM_CTX(ndr, r->out.sid, LIBNDR_FLAG_REF_ALLOC); - NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS|NDR_BUFFERS, r->out.sid)); - NDR_PULL_SET_MEM_CTX(ndr, _mem_save_sid_0, LIBNDR_FLAG_REF_ALLOC); - NDR_CHECK(ndr_pull_NTSTATUS(ndr, NDR_SCALARS, &r->out.result)); - } - return NT_STATUS_OK; -} - -void ndr_print_unixinfo_UidToSid(struct ndr_print *ndr, const char *name, int flags, const struct unixinfo_UidToSid *r) -{ - ndr_print_struct(ndr, name, "unixinfo_UidToSid"); - ndr->depth++; - if (flags & NDR_SET_VALUES) { - ndr->flags |= LIBNDR_PRINT_SET_VALUES; - } - if (flags & NDR_IN) { - ndr_print_struct(ndr, "in", "unixinfo_UidToSid"); - ndr->depth++; - ndr_print_hyper(ndr, "uid", r->in.uid); - ndr->depth--; - } - if (flags & NDR_OUT) { - ndr_print_struct(ndr, "out", "unixinfo_UidToSid"); - ndr->depth++; - ndr_print_ptr(ndr, "sid", r->out.sid); - ndr->depth++; - ndr_print_dom_sid(ndr, "sid", r->out.sid); - ndr->depth--; - ndr_print_NTSTATUS(ndr, "result", r->out.result); - ndr->depth--; - } - ndr->depth--; -} - -NTSTATUS ndr_push_unixinfo_SidToGid(struct ndr_push *ndr, int flags, const struct unixinfo_SidToGid *r) -{ - if (flags & NDR_IN) { - NDR_CHECK(ndr_push_dom_sid(ndr, NDR_SCALARS|NDR_BUFFERS, &r->in.sid)); - } - if (flags & NDR_OUT) { - if (r->out.gid == NULL) return NT_STATUS_INVALID_PARAMETER_MIX; - NDR_CHECK(ndr_push_hyper(ndr, NDR_SCALARS, *r->out.gid)); - NDR_CHECK(ndr_push_NTSTATUS(ndr, NDR_SCALARS, r->out.result)); - } - return NT_STATUS_OK; -} - -NTSTATUS ndr_pull_unixinfo_SidToGid(struct ndr_pull *ndr, int flags, struct unixinfo_SidToGid *r) -{ - TALLOC_CTX *_mem_save_gid_0; - if (flags & NDR_IN) { - ZERO_STRUCT(r->out); - - NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS|NDR_BUFFERS, &r->in.sid)); - NDR_PULL_ALLOC(ndr, r->out.gid); - ZERO_STRUCTP(r->out.gid); - } - if (flags & NDR_OUT) { - if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { - NDR_PULL_ALLOC(ndr, r->out.gid); - } - _mem_save_gid_0 = NDR_PULL_GET_MEM_CTX(ndr); - NDR_PULL_SET_MEM_CTX(ndr, r->out.gid, LIBNDR_FLAG_REF_ALLOC); - NDR_CHECK(ndr_pull_hyper(ndr, NDR_SCALARS, r->out.gid)); - NDR_PULL_SET_MEM_CTX(ndr, _mem_save_gid_0, LIBNDR_FLAG_REF_ALLOC); - NDR_CHECK(ndr_pull_NTSTATUS(ndr, NDR_SCALARS, &r->out.result)); - } - return NT_STATUS_OK; -} - -void ndr_print_unixinfo_SidToGid(struct ndr_print *ndr, const char *name, int flags, const struct unixinfo_SidToGid *r) -{ - ndr_print_struct(ndr, name, "unixinfo_SidToGid"); - ndr->depth++; - if (flags & NDR_SET_VALUES) { - ndr->flags |= LIBNDR_PRINT_SET_VALUES; - } - if (flags & NDR_IN) { - ndr_print_struct(ndr, "in", "unixinfo_SidToGid"); - ndr->depth++; - ndr_print_dom_sid(ndr, "sid", &r->in.sid); - ndr->depth--; - } - if (flags & NDR_OUT) { - ndr_print_struct(ndr, "out", "unixinfo_SidToGid"); - ndr->depth++; - ndr_print_ptr(ndr, "gid", r->out.gid); - ndr->depth++; - ndr_print_hyper(ndr, "gid", *r->out.gid); - ndr->depth--; - ndr_print_NTSTATUS(ndr, "result", r->out.result); - ndr->depth--; - } - ndr->depth--; -} - -NTSTATUS ndr_push_unixinfo_GidToSid(struct ndr_push *ndr, int flags, const struct unixinfo_GidToSid *r) -{ - if (flags & NDR_IN) { - NDR_CHECK(ndr_push_hyper(ndr, NDR_SCALARS, r->in.gid)); - } - if (flags & NDR_OUT) { - if (r->out.sid == NULL) return NT_STATUS_INVALID_PARAMETER_MIX; - NDR_CHECK(ndr_push_dom_sid(ndr, NDR_SCALARS|NDR_BUFFERS, r->out.sid)); - NDR_CHECK(ndr_push_NTSTATUS(ndr, NDR_SCALARS, r->out.result)); - } - return NT_STATUS_OK; -} - -NTSTATUS ndr_pull_unixinfo_GidToSid(struct ndr_pull *ndr, int flags, struct unixinfo_GidToSid *r) -{ - TALLOC_CTX *_mem_save_sid_0; - if (flags & NDR_IN) { - ZERO_STRUCT(r->out); - - NDR_CHECK(ndr_pull_hyper(ndr, NDR_SCALARS, &r->in.gid)); - NDR_PULL_ALLOC(ndr, r->out.sid); - ZERO_STRUCTP(r->out.sid); - } - if (flags & NDR_OUT) { - if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { - NDR_PULL_ALLOC(ndr, r->out.sid); - } - _mem_save_sid_0 = NDR_PULL_GET_MEM_CTX(ndr); - NDR_PULL_SET_MEM_CTX(ndr, r->out.sid, LIBNDR_FLAG_REF_ALLOC); - NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS|NDR_BUFFERS, r->out.sid)); - NDR_PULL_SET_MEM_CTX(ndr, _mem_save_sid_0, LIBNDR_FLAG_REF_ALLOC); - NDR_CHECK(ndr_pull_NTSTATUS(ndr, NDR_SCALARS, &r->out.result)); - } - return NT_STATUS_OK; -} - -void ndr_print_unixinfo_GidToSid(struct ndr_print *ndr, const char *name, int flags, const struct unixinfo_GidToSid *r) -{ - ndr_print_struct(ndr, name, "unixinfo_GidToSid"); - ndr->depth++; - if (flags & NDR_SET_VALUES) { - ndr->flags |= LIBNDR_PRINT_SET_VALUES; - } - if (flags & NDR_IN) { - ndr_print_struct(ndr, "in", "unixinfo_GidToSid"); - ndr->depth++; - ndr_print_hyper(ndr, "gid", r->in.gid); - ndr->depth--; - } - if (flags & NDR_OUT) { - ndr_print_struct(ndr, "out", "unixinfo_GidToSid"); - ndr->depth++; - ndr_print_ptr(ndr, "sid", r->out.sid); - ndr->depth++; - ndr_print_dom_sid(ndr, "sid", r->out.sid); - ndr->depth--; - ndr_print_NTSTATUS(ndr, "result", r->out.result); - ndr->depth--; - } - ndr->depth--; -} - -NTSTATUS ndr_push_unixinfo_GetPWUid(struct ndr_push *ndr, int flags, const struct unixinfo_GetPWUid *r) -{ - uint32_t cntr_uids_0; - uint32_t cntr_infos_1; - if (flags & NDR_IN) { - if (r->in.count == NULL) return NT_STATUS_INVALID_PARAMETER_MIX; - NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, *r->in.count)); - NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, *r->in.count)); - for (cntr_uids_0 = 0; cntr_uids_0 < *r->in.count; cntr_uids_0++) { - NDR_CHECK(ndr_push_hyper(ndr, NDR_SCALARS, r->in.uids[cntr_uids_0])); - } - } - if (flags & NDR_OUT) { - if (r->out.count == NULL) return NT_STATUS_INVALID_PARAMETER_MIX; - NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, *r->out.count)); - if (r->out.infos == NULL) return NT_STATUS_INVALID_PARAMETER_MIX; - NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, *r->out.count)); - for (cntr_infos_1 = 0; cntr_infos_1 < *r->out.count; cntr_infos_1++) { - NDR_CHECK(ndr_push_unixinfo_GetPWUidInfo(ndr, NDR_SCALARS, &r->out.infos[cntr_infos_1])); - } - for (cntr_infos_1 = 0; cntr_infos_1 < *r->out.count; cntr_infos_1++) { - NDR_CHECK(ndr_push_unixinfo_GetPWUidInfo(ndr, NDR_BUFFERS, &r->out.infos[cntr_infos_1])); - } - NDR_CHECK(ndr_push_NTSTATUS(ndr, NDR_SCALARS, r->out.result)); - } - return NT_STATUS_OK; -} - -NTSTATUS ndr_pull_unixinfo_GetPWUid(struct ndr_pull *ndr, int flags, struct unixinfo_GetPWUid *r) -{ - uint32_t cntr_uids_0; - uint32_t cntr_infos_1; - TALLOC_CTX *_mem_save_count_0; - TALLOC_CTX *_mem_save_uids_0; - TALLOC_CTX *_mem_save_infos_1; - if (flags & NDR_IN) { - ZERO_STRUCT(r->out); - - if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { - NDR_PULL_ALLOC(ndr, r->in.count); - } - _mem_save_count_0 = NDR_PULL_GET_MEM_CTX(ndr); - NDR_PULL_SET_MEM_CTX(ndr, r->in.count, LIBNDR_FLAG_REF_ALLOC); - NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, r->in.count)); - if (*r->in.count < 0 || *r->in.count > 1023) { - return ndr_pull_error(ndr, NDR_ERR_RANGE, "value out of range"); - } - NDR_PULL_SET_MEM_CTX(ndr, _mem_save_count_0, LIBNDR_FLAG_REF_ALLOC); - NDR_CHECK(ndr_pull_array_size(ndr, &r->in.uids)); - NDR_PULL_ALLOC_N(ndr, r->in.uids, ndr_get_array_size(ndr, &r->in.uids)); - _mem_save_uids_0 = NDR_PULL_GET_MEM_CTX(ndr); - NDR_PULL_SET_MEM_CTX(ndr, r->in.uids, 0); - for (cntr_uids_0 = 0; cntr_uids_0 < *r->in.count; cntr_uids_0++) { - NDR_CHECK(ndr_pull_hyper(ndr, NDR_SCALARS, &r->in.uids[cntr_uids_0])); - } - NDR_PULL_SET_MEM_CTX(ndr, _mem_save_uids_0, 0); - NDR_PULL_ALLOC(ndr, r->out.count); - *r->out.count = *r->in.count; - if (r->in.count == NULL) return NT_STATUS_INVALID_PARAMETER_MIX; - NDR_PULL_ALLOC_N(ndr, r->out.infos, *r->in.count); - memset(r->out.infos, 0, *r->in.count * sizeof(*r->out.infos)); - if (r->in.uids) { - if (r->in.count == NULL) return NT_STATUS_INVALID_PARAMETER_MIX; - NDR_CHECK(ndr_check_array_size(ndr, (void*)&r->in.uids, *r->in.count)); - } - } - if (flags & NDR_OUT) { - if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { - NDR_PULL_ALLOC(ndr, r->out.count); - } - _mem_save_count_0 = NDR_PULL_GET_MEM_CTX(ndr); - NDR_PULL_SET_MEM_CTX(ndr, r->out.count, LIBNDR_FLAG_REF_ALLOC); - NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, r->out.count)); - if (*r->out.count < 0 || *r->out.count > 1023) { - return ndr_pull_error(ndr, NDR_ERR_RANGE, "value out of range"); - } - NDR_PULL_SET_MEM_CTX(ndr, _mem_save_count_0, LIBNDR_FLAG_REF_ALLOC); - NDR_CHECK(ndr_pull_array_size(ndr, &r->out.infos)); - if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { - NDR_PULL_ALLOC_N(ndr, r->out.infos, ndr_get_array_size(ndr, &r->out.infos)); - } - _mem_save_infos_1 = NDR_PULL_GET_MEM_CTX(ndr); - NDR_PULL_SET_MEM_CTX(ndr, r->out.infos, 0); - for (cntr_infos_1 = 0; cntr_infos_1 < *r->out.count; cntr_infos_1++) { - NDR_CHECK(ndr_pull_unixinfo_GetPWUidInfo(ndr, NDR_SCALARS, &r->out.infos[cntr_infos_1])); - } - for (cntr_infos_1 = 0; cntr_infos_1 < *r->out.count; cntr_infos_1++) { - NDR_CHECK(ndr_pull_unixinfo_GetPWUidInfo(ndr, NDR_BUFFERS, &r->out.infos[cntr_infos_1])); - } - NDR_PULL_SET_MEM_CTX(ndr, _mem_save_infos_1, 0); - NDR_CHECK(ndr_pull_NTSTATUS(ndr, NDR_SCALARS, &r->out.result)); - if (r->out.infos) { - if (r->out.count == NULL) return NT_STATUS_INVALID_PARAMETER_MIX; - NDR_CHECK(ndr_check_array_size(ndr, (void*)&r->out.infos, *r->out.count)); - } - } - return NT_STATUS_OK; -} - -void ndr_print_unixinfo_GetPWUid(struct ndr_print *ndr, const char *name, int flags, const struct unixinfo_GetPWUid *r) -{ - uint32_t cntr_uids_0; - uint32_t cntr_infos_1; - ndr_print_struct(ndr, name, "unixinfo_GetPWUid"); - ndr->depth++; - if (flags & NDR_SET_VALUES) { - ndr->flags |= LIBNDR_PRINT_SET_VALUES; - } - if (flags & NDR_IN) { - ndr_print_struct(ndr, "in", "unixinfo_GetPWUid"); - ndr->depth++; - ndr_print_ptr(ndr, "count", r->in.count); - ndr->depth++; - ndr_print_uint32(ndr, "count", *r->in.count); - ndr->depth--; - ndr->print(ndr, "%s: ARRAY(%d)", "uids", *r->in.count); - ndr->depth++; - for (cntr_uids_0=0;cntr_uids_0<*r->in.count;cntr_uids_0++) { - char *idx_0=NULL; - asprintf(&idx_0, "[%d]", cntr_uids_0); - if (idx_0) { - ndr_print_hyper(ndr, "uids", r->in.uids[cntr_uids_0]); - free(idx_0); - } - } - ndr->depth--; - ndr->depth--; - } - if (flags & NDR_OUT) { - ndr_print_struct(ndr, "out", "unixinfo_GetPWUid"); - ndr->depth++; - ndr_print_ptr(ndr, "count", r->out.count); - ndr->depth++; - ndr_print_uint32(ndr, "count", *r->out.count); - ndr->depth--; - ndr_print_ptr(ndr, "infos", r->out.infos); - ndr->depth++; - ndr->print(ndr, "%s: ARRAY(%d)", "infos", *r->out.count); - ndr->depth++; - for (cntr_infos_1=0;cntr_infos_1<*r->out.count;cntr_infos_1++) { - char *idx_1=NULL; - asprintf(&idx_1, "[%d]", cntr_infos_1); - if (idx_1) { - ndr_print_unixinfo_GetPWUidInfo(ndr, "infos", &r->out.infos[cntr_infos_1]); - free(idx_1); - } - } - ndr->depth--; - ndr->depth--; - ndr_print_NTSTATUS(ndr, "result", r->out.result); - ndr->depth--; - } - ndr->depth--; -} - - diff --git a/source/librpc/ndr/ndr_unixinfo.h b/source/librpc/ndr/ndr_unixinfo.h deleted file mode 100644 index 1741cfc35f0..00000000000 --- a/source/librpc/ndr/ndr_unixinfo.h +++ /dev/null @@ -1,41 +0,0 @@ -/* header auto-generated by pidl */ - -#include "libndr/unixinfo.h" - -#ifndef _HEADER_NDR_unixinfo -#define _HEADER_NDR_unixinfo - -#define DCERPC_UNIXINFO_UUID "9c54e310-a955-4885-bd31-78787147dfa6" -#define DCERPC_UNIXINFO_VERSION 0.0 -#define DCERPC_UNIXINFO_NAME "unixinfo" -#define DCERPC_UNIXINFO_HELPSTRING "Unixinfo specific stuff" -extern const struct dcerpc_interface_table dcerpc_table_unixinfo; -NTSTATUS dcerpc_server_unixinfo_init(void); -#define DCERPC_UNIXINFO_SIDTOUID (0x00) - -#define DCERPC_UNIXINFO_UIDTOSID (0x01) - -#define DCERPC_UNIXINFO_SIDTOGID (0x02) - -#define DCERPC_UNIXINFO_GIDTOSID (0x03) - -#define DCERPC_UNIXINFO_GETPWUID (0x04) - -#define DCERPC_UNIXINFO_CALL_COUNT (5) -void ndr_print_unixinfo_GetPWUidInfo(struct ndr_print *ndr, const char *name, const struct unixinfo_GetPWUidInfo *r); -NTSTATUS ndr_push_unixinfo_SidToUid(struct ndr_push *ndr, int flags, const struct unixinfo_SidToUid *r); -NTSTATUS ndr_pull_unixinfo_SidToUid(struct ndr_pull *ndr, int flags, struct unixinfo_SidToUid *r); -void ndr_print_unixinfo_SidToUid(struct ndr_print *ndr, const char *name, int flags, const struct unixinfo_SidToUid *r); -NTSTATUS ndr_push_unixinfo_UidToSid(struct ndr_push *ndr, int flags, const struct unixinfo_UidToSid *r); -NTSTATUS ndr_pull_unixinfo_UidToSid(struct ndr_pull *ndr, int flags, struct unixinfo_UidToSid *r); -void ndr_print_unixinfo_UidToSid(struct ndr_print *ndr, const char *name, int flags, const struct unixinfo_UidToSid *r); -NTSTATUS ndr_push_unixinfo_SidToGid(struct ndr_push *ndr, int flags, const struct unixinfo_SidToGid *r); -NTSTATUS ndr_pull_unixinfo_SidToGid(struct ndr_pull *ndr, int flags, struct unixinfo_SidToGid *r); -void ndr_print_unixinfo_SidToGid(struct ndr_print *ndr, const char *name, int flags, const struct unixinfo_SidToGid *r); -NTSTATUS ndr_push_unixinfo_GidToSid(struct ndr_push *ndr, int flags, const struct unixinfo_GidToSid *r); -NTSTATUS ndr_pull_unixinfo_GidToSid(struct ndr_pull *ndr, int flags, struct unixinfo_GidToSid *r); -void ndr_print_unixinfo_GidToSid(struct ndr_print *ndr, const char *name, int flags, const struct unixinfo_GidToSid *r); -NTSTATUS ndr_push_unixinfo_GetPWUid(struct ndr_push *ndr, int flags, const struct unixinfo_GetPWUid *r); -NTSTATUS ndr_pull_unixinfo_GetPWUid(struct ndr_pull *ndr, int flags, struct unixinfo_GetPWUid *r); -void ndr_print_unixinfo_GetPWUid(struct ndr_print *ndr, const char *name, int flags, const struct unixinfo_GetPWUid *r); -#endif /* _HEADER_NDR_unixinfo */ diff --git a/source/librpc/ndr/unixinfo.h b/source/librpc/ndr/unixinfo.h deleted file mode 100644 index 5d0434ca72d..00000000000 --- a/source/librpc/ndr/unixinfo.h +++ /dev/null @@ -1,79 +0,0 @@ -/* header auto-generated by pidl */ - -#ifndef _HEADER_unixinfo -#define _HEADER_unixinfo - -struct unixinfo_GetPWUidInfo { - NTSTATUS status; - const char *homedir;/* [unique,charset(UTF8)] */ - const char *shell;/* [unique,charset(UTF8)] */ -}; - - -struct unixinfo_SidToUid { - struct { - struct dom_sid sid; - } in; - - struct { - uint64_t *uid;/* [ref] */ - NTSTATUS result; - } out; - -}; - - -struct unixinfo_UidToSid { - struct { - uint64_t uid; - } in; - - struct { - struct dom_sid *sid;/* [ref] */ - NTSTATUS result; - } out; - -}; - - -struct unixinfo_SidToGid { - struct { - struct dom_sid sid; - } in; - - struct { - uint64_t *gid;/* [ref] */ - NTSTATUS result; - } out; - -}; - - -struct unixinfo_GidToSid { - struct { - uint64_t gid; - } in; - - struct { - struct dom_sid *sid;/* [ref] */ - NTSTATUS result; - } out; - -}; - - -struct unixinfo_GetPWUid { - struct { - uint32_t *count;/* [ref,range(0 1023)] */ - uint64_t *uids;/* [size_is(*count)] */ - } in; - - struct { - uint32_t *count;/* [ref,range(0 1023)] */ - struct unixinfo_GetPWUidInfo *infos;/* [ref,size_is(*count)] */ - NTSTATUS result; - } out; - -}; - -#endif /* _HEADER_unixinfo */ |