Karolin Seeger [Tue, 7 Jun 2011 18:12:24 +0000 (20:12 +0200)]
WHATSNEW: Update changes since rc1.
Karolin
Karolin Seeger [Tue, 7 Jun 2011 17:52:06 +0000 (19:52 +0200)]
Revert "Fix bug 8196 - Many (newer) header files don't have copyright / GPL header comments."
This reverts commit
6df3ff20620b3262ff232a478312c61a207ed4ff.
Michael Adam [Tue, 31 May 2011 22:30:11 +0000 (00:30 +0200)]
s3:idmap_ldap: allow creation of ldap stored mappings for explicitly configured domains.
After the preparations, this is achieved by using idmap_ldap_allocate_id_internal()
as get_new_id rw method instead of idmap_ldap_allocate_id().
(cherry picked from commit
74cd06b3dff42bda4dd0a0f3fd250a975d0258ed)
The last 3 patches address bug #8200 (Add Support for multiple writable ldap
idmap domains).
Michael Adam [Tue, 31 May 2011 22:25:23 +0000 (00:25 +0200)]
s3:idmap_ldap: rename idmap_ldap_get_new_id to idmap_ldap_allocate_id
This is in preparation of allowing allocating ldap based domain-specific configs.
(cherry picked from commit
dea3ef1ab689a3d01846147d2a83377b09335f8f)
Michael Adam [Tue, 31 May 2011 22:25:23 +0000 (00:25 +0200)]
s3:idmap_ldap: rename idmap_ldap_allocate_id to idmap_ldap_allocate_id_internal
This is in preparation of allowing allocating ldap based domain-specific configs.
(cherry picked from commit
2de65b97b98e2c8cc218b60da749ac17195d8413)
Jeremy Allison [Fri, 3 Jun 2011 21:28:33 +0000 (14:28 -0700)]
Fix bug #8203 - winbindd needs to reset the DC connection if an RPC times out.
Based on Volker's original code.
Jeremy Allison [Wed, 1 Jun 2011 19:11:53 +0000 (12:11 -0700)]
Fix bug #8175 - smbd deadlock.
Force the open operation (which is the expensive one anyway) to
acquire and release locks in a way compatible with the more common
do_lock check.
Jeremy.
Jeremy Allison [Mon, 6 Jun 2011 23:25:08 +0000 (16:25 -0700)]
Fix bug 8196 - Many (newer) header files don't have copyright / GPL header comments.
Add missing GPL headers and (C) statements.
Andrew Bartlett [Mon, 6 Jun 2011 23:47:26 +0000 (09:47 +1000)]
s3-docs Add documentation for ncalrpc dir
Karolin Seeger [Tue, 7 Jun 2011 07:15:38 +0000 (09:15 +0200)]
WHATSNEW: Add another change since rc1.
Karolin
Jeremy Allison [Fri, 3 Jun 2011 17:22:44 +0000 (10:22 -0700)]
Fix bug #8197 - winbind does not properly detect when a DC connection is dead.
Only waiting for writability doesn't get fd errors back with poll.
So always begin by selecting for readability, and if we get it then
see if bytes were available to read or it really is an error condition.
If bytes were available, remove the select on read as we know we
will retrieve the error when we've finished writing and start
reading the reply (or the write will timeout or fail).
Metze and Volker please check.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Mon Jun 6 21:53:16 CEST 2011 on sn-devel-104
(cherry picked from commit
0efcc94fb834aeb03e8edc3034aa0cdeefdc0985)
Jeremy Allison [Fri, 3 Jun 2011 19:55:19 +0000 (12:55 -0700)]
Add the same fix to the S3 event backend as the previous commit added to the tevent poll backend.
Metze please check !
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sat Jun 4 00:27:37 CEST 2011 on sn-devel-104
(cherry picked from commit
3c9b3b2befc524f21c59f46ea9be1602b4b1bfe8)
Jeremy Allison [Fri, 3 Jun 2011 19:31:11 +0000 (12:31 -0700)]
Fix the poll() backend to correctly respond to POLLHUP|POLLERR returns on a fd selected for TEVENT_FD_WRITE only.
Don't trigger the write handler and remove the POLLOUT flag for this fd. Report errors on TEVENT_FD_READ requests only.
Metze please check !
Jeremy.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Fri Jun 3 22:53:52 CEST 2011 on sn-devel-104
(cherry picked from commit
dbcdf3e39c359241b743a9455ae695e14a30caa9)
Karolin Seeger [Sun, 5 Jun 2011 19:34:06 +0000 (21:34 +0200)]
WHATSNEW: Update changes since 3.6.0rc1.
Karolin
Michael Adam [Tue, 31 May 2011 23:19:50 +0000 (01:19 +0200)]
s3:doc: update the ldap_user_dn documentation in the idmap_ldap manpage
also extend the example with ldap_user_dn.
Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Wed Jun 1 02:53:32 CEST 2011 on sn-devel-104
Luk Claes [Tue, 31 May 2011 21:28:57 +0000 (23:28 +0200)]
idmap_ldap.8: Add example with readonly backend
Signed-off-by: Luk Claes <luk@debian.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Tue, 31 May 2011 16:09:14 +0000 (18:09 +0200)]
s3:doc: clean up the example section of the idmap_tdb manpage
Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Tue May 31 19:47:45 CEST 2011 on sn-devel-104
Luk Claes [Tue, 31 May 2011 15:21:09 +0000 (17:21 +0200)]
winbindd.8: Use new idmap syntax for smbconfoptions
Signed-off-by: Luk Claes <luk@debian.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Tue, 31 May 2011 08:29:37 +0000 (10:29 +0200)]
s3:doc: document "idmap gid" as deprecated.
Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Tue May 31 11:39:38 CEST 2011 on sn-devel-104
Michael Adam [Tue, 31 May 2011 08:29:08 +0000 (10:29 +0200)]
s3:doc: document "idmap uid" as deprecated.
Michael Adam [Tue, 31 May 2011 08:08:44 +0000 (10:08 +0200)]
s3:doc: remove the documentation of "idmap alloc backend", which has been removed
Michael Adam [Tue, 31 May 2011 08:07:59 +0000 (10:07 +0200)]
s3:doc: document "idmap backend" as deprecated.
Michael Adam [Tue, 31 May 2011 08:03:18 +0000 (10:03 +0200)]
s3:doc: update documentation of the "idmap config FOO : BAR" familiy of parameters
Luk Claes [Mon, 30 May 2011 22:26:39 +0000 (00:26 +0200)]
winbindd.8: Fix typo
Signed-off-by: Luk Claes <luk@debian.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Tue May 31 02:56:52 CEST 2011 on sn-devel-104
Luk Claes [Mon, 30 May 2011 22:26:38 +0000 (00:26 +0200)]
idmap_tdb.8: Remove reference to idmap uid and idmap gid options as fallback
Signed-off-by: Luk Claes <luk@debian.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Luk Claes [Mon, 30 May 2011 22:26:37 +0000 (00:26 +0200)]
idmap_tdb.8: Remove references to alloc backend
Signed-off-by: Luk Claes <luk@debian.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Luk Claes [Mon, 30 May 2011 22:26:36 +0000 (00:26 +0200)]
idmap_tdb.8: Use new idmap syntax in examples
Signed-off-by: Luk Claes <luk@debian.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Luk Claes [Mon, 30 May 2011 22:26:35 +0000 (00:26 +0200)]
idmap_ldap.8: Remove reference to idmap uid and idmap gid options as fallback
Signed-off-by: Luk Claes <luk@debian.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Luk Claes [Mon, 30 May 2011 22:26:34 +0000 (00:26 +0200)]
idmap_ldap.8: Backend is not only used for searching
Signed-off-by: Luk Claes <luk@debian.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Luk Claes [Mon, 30 May 2011 22:26:33 +0000 (00:26 +0200)]
idmap_ldap.8: Remove references to idmap alloc backend
Signed-off-by: Luk Claes <luk@debian.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Luk Claes [Mon, 30 May 2011 22:26:32 +0000 (00:26 +0200)]
idmap_ldap.8: Rework example to use new idmap syntax
Signed-off-by: Luk Claes <luk@debian.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Luk Claes [Mon, 30 May 2011 22:26:31 +0000 (00:26 +0200)]
idmap_tdb2.8: Remove mentioning of deprecated idmap uid and idmap gid options as fallback
Signed-off-by: Luk Claes <luk@debian.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Luk Claes [Mon, 30 May 2011 22:26:30 +0000 (00:26 +0200)]
idmap_tdb2.8: Avoid confusion with idmap uid and idmap gid options
Signed-off-by: Luk Claes <luk@debian.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Luk Claes [Mon, 30 May 2011 22:26:29 +0000 (00:26 +0200)]
idmap_tdb2.8: Remove part about alloc backend
Signed-off-by: Luk Claes <luk@debian.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Luk Claes [Mon, 30 May 2011 22:26:28 +0000 (00:26 +0200)]
idmap_tdb2.8: Use new syntax in example
Signed-off-by: Luk Claes <luk@debian.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Luk Claes [Mon, 30 May 2011 22:26:27 +0000 (00:26 +0200)]
winbindd.8: Use new syntax in example
Signed-off-by: Luk Claes <luk@debian.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Luk Claes [Mon, 30 May 2011 22:26:26 +0000 (00:26 +0200)]
wbinfo.1: Avoid confusion with idmap uid option
Signed-off-by: Luk Claes <luk@debian.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Luk Claes [Mon, 30 May 2011 22:26:25 +0000 (00:26 +0200)]
idmap_autorid.8: Avoid confusion with idmap uid and idmap gid options
Signed-off-by: Luk Claes <luk@debian.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Luk Claes [Mon, 30 May 2011 22:26:24 +0000 (00:26 +0200)]
idmap_autorid.8: Use new syntax in autorid backend examples
Signed-off-by: Luk Claes <luk@debian.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Luk Claes [Mon, 30 May 2011 22:26:23 +0000 (00:26 +0200)]
idmap_rid.8: Use new syntax in rid backend example
Signed-off-by: Luk Claes <luk@debian.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Luk Claes [Mon, 30 May 2011 22:26:22 +0000 (00:26 +0200)]
idmap_nss.8: Use new syntax for nss backend
Signed-off-by: Luk Claes <luk@debian.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Luk Claes [Mon, 30 May 2011 22:26:21 +0000 (00:26 +0200)]
idmap_hash.8: Use new syntax for hash backend
Signed-off-by: Luk Claes <luk@debian.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Luk Claes [Mon, 30 May 2011 22:26:20 +0000 (00:26 +0200)]
idmap_adex.8: Use new syntax in adex backend example
Signed-off-by: Luk Claes <luk@debian.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Luk Claes [Mon, 30 May 2011 22:26:19 +0000 (00:26 +0200)]
idmap_ad.8: use new syntax in ad backend example
Signed-off-by: Luk Claes <luk@debian.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Björn Jacke [Tue, 31 May 2011 07:47:17 +0000 (09:47 +0200)]
replace: remove waring if IOV_MAX is not defined
as discussed on samba-techincal we currelty don't rely on it and we don't want
to flood this warning message during compile.
Autobuild-User: Björn Jacke <bj@sernet.de>
Autobuild-Date: Tue May 31 18:36:53 CEST 2011 on sn-devel-104
(cherry picked from commit
65f0800a34270ff0c779c9f3feb63b02d3ec800f)
Fix bug #7998 (fails to build on Hurd because of undefined IOV_MAX or
UIO_MAXIOV).
Samuel Thibault [Fri, 3 Jun 2011 18:34:16 +0000 (20:34 +0200)]
Fix bug #7998.
(fails to build on Hurd because of undefined IOV_MAX or
UIO_MAXIOV)
Volker Lendecke [Mon, 30 May 2011 10:11:53 +0000 (12:11 +0200)]
struct make "struct shadow_copy_data" its own talloc context (cherry picked from commit
d77854fbb22bc9237cea14aae1179bbfe3bd0998)
The last 3 patches address bug #8189 (Snapshot display not supported over SMB2).
Volker Lendecke [Mon, 30 May 2011 10:06:31 +0000 (12:06 +0200)]
s3: Remove SHADOW_COPY_DATA typedef (cherry picked from commit
0ec9a90c29b86435f32c1d47d89df85fa51742f2)
Volker Lendecke [Mon, 30 May 2011 15:14:56 +0000 (17:14 +0200)]
s3: Support shadow copy display over SMB2
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Tue May 31 12:53:10 CEST 2011 on sn-devel-104
(cherry picked from commit
0fcafbf69b345b703dc759518afc8620a7d6f2e8)
Jeremy Allison [Tue, 31 May 2011 22:37:30 +0000 (15:37 -0700)]
Split the ACE flag mapping between nfs4 and Windows into two separate functions rather than trying to do it inline. Allows us to carefully control what flags are mapped to what in one place. Modification to bug #8191 - vfs_gpfs dosn't honor ACE_FLAG_INHERITED_ACE
Gregor Beck [Mon, 23 May 2011 12:45:57 +0000 (14:45 +0200)]
nfs4_acls: pass ACE_FLAG_INHERITED_ACE down from the client
Signed-off-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
817c64f5de65c6ba7cc535446279f769d6552618)
Fix bug #8191
Gregor Beck [Mon, 23 May 2011 12:27:11 +0000 (14:27 +0200)]
nfs4_acls: pass ACE_FLAG_INHERITED_ACE up to the client
Signed-off-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
b0471303ba50caab7da5f50e6f7d8c4b1c664238)
Fix bug #8191
Karolin Seeger [Thu, 2 Jun 2011 18:31:22 +0000 (20:31 +0200)]
s3-docs: Fix version.
s/4.0/3.6/g
Karolin
Jim McDonough [Wed, 25 May 2011 14:49:41 +0000 (10:49 -0400)]
s3-winbind: BUG 8166 - Don't lockout users when offline.
Windows does not track bad password attempts when offline. We were locking users out but not honoring the lockout duration.
Autobuild-User: Jim McDonough <jmcd@samba.org>
Autobuild-Date: Wed May 25 18:11:10 CEST 2011 on sn-devel-104
(cherry picked from commit
b58534f1fca27e3e72f4f4107538ec05734bd42a)
Volker Lendecke [Mon, 30 May 2011 14:30:54 +0000 (16:30 +0200)]
s3: Safely mark our sconn as smb2 if we have that protocol
Otherwise smbd will crash at an unclean exit. Without this conn_close_all will
do a close_cnum() on all connection_struct's. In smb2, those are talloc
children of the smbd_smb2_tcon's. sconn is talloc_free'ed after the
conn_close_all, but the smbd_smb2_tcon destructor will still reference
tcon->compat_conn, referencing then free'ed (and null'ed out) memory.
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Mon May 30 22:49:53 CEST 2011 on sn-devel-104
(cherry picked from commit
c981d4fa1269569a1c2db4bf72a67a357aacd69f)
Fix bug #8199 (potential crash in smbd handling smb2).
Gregor Beck [Thu, 26 May 2011 08:15:56 +0000 (10:15 +0200)]
s3:smbcacls: fix parsing of multiple flags
Signed-off-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
c967e8fae5babf6e337c0e2b85fc42eccfe9e4c4)
Fix bug #8192
Sumit Bose [Mon, 30 May 2011 09:14:47 +0000 (11:14 +0200)]
Improve documentation for net rpc trust
Add man pages entries and fix usage output.
Signed-off-by: Günther Deschner <gd@samba.org>
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Mon May 30 20:05:34 CEST 2011 on sn-devel-104
(cherry picked from commit
e10f27d5759b2d21c82fdb20f5641e1f6feab158)
Volker Lendecke [Sun, 29 May 2011 08:58:46 +0000 (10:58 +0200)]
s3: Use the correct guest_login field in auth_server
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Sun May 29 13:57:21 CEST 2011 on sn-devel-104
(cherry picked from commit
0969c3398e73e66c9e004740127da7c29e951050)
The last 3 patches address bug #8185 (security=server does not obey guest login
field).
Volker Lendecke [Sun, 29 May 2011 08:58:05 +0000 (10:58 +0200)]
s3: Extract the guest_login field in sesssetup
(cherry picked from commit
01386ff3132ff5c786e83fc24328a80661de6bb7)
Volker Lendecke [Sun, 29 May 2011 08:56:39 +0000 (10:56 +0200)]
s3: Fix wct check in cli_sesssetup_blob_done
(cherry picked from commit
4ec00fd621e944ff979e9f0a20773202d8c66472)
Karolin Seeger [Mon, 30 May 2011 19:06:32 +0000 (21:06 +0200)]
WHATSNEW: Update changes since rc1.
Karolin
Jeremy Allison [Thu, 26 May 2011 23:48:42 +0000 (16:48 -0700)]
Fix bug #6911 - Kerberos authentication from vista to samba fails when security blob size is greater than 16 kB
We were not correctly checking the output of asn1_start_tag().
asn1_start_tag() returns -1 and sets data->has_error if the
remaining blob size is too short to contain the tag length.
We were checking data->has_error and returning NT_STATUS_OK
(to allow the second asn.1 parse to fail in that case). We
should not be checking data->has_error in this case, but
falling through to the code that already checks the length.
Thanks to Jim for reproducing this for me. We don't get bitten
by this as we announce a max buffer size of 16k, greater than
Windows's 4k, which means that most krb5 spnego packets already
fit.
Jeremy.
Benjamin Brunner [Fri, 27 May 2011 10:39:41 +0000 (12:39 +0200)]
s3-docs: Fix some typos.
This patch is a manpage update addressing the typos and mistakes in the vfs_smb_traffic_analyzer manpage and the smbta-util manpage, which have been brought up in these threads on samba-technical: http://lists.samba.org/archive/samba-technical/2011-May/077801.html http://lists.samba.org/archive/samba-technical/2011-May/077800.html http://lists.samba.org/archive/samba-technical/2011-May/077753.html
I have seen Volker already fixed the typos in
127d417e8ebc967572df7a75b342897a6a8fb71e , but I haven't found
"Ultimatively" in any dictionary, so this patch just removes the
word completely.
Thanks to Samba-JP oota <ribbon@samba.gr.jp> for reporting.
The last 2 patches address bug #8178 (Collection of manpage updates for SMB
Traffic Analyzer).
Volker Lendecke [Fri, 27 May 2011 06:42:30 +0000 (08:42 +0200)]
s3: Fix a typo
Thanks to Samba-JP oota <ribbon@samba.gr.jp>
(cherry picked from commit
127d417e8ebc967572df7a75b342897a6a8fb71e)
Jeremy Allison [Tue, 24 May 2011 19:47:31 +0000 (12:47 -0700)]
Fix our asn.1 parser to handle negative numbers.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Tue May 24 22:57:16 CEST 2011 on sn-devel-104
(cherry picked from commit
e719dfd4dc178f001a5f804fb1ac4e587574415f)
Fix bug #8163 (asn.1 library does not correctly read negative integers).
Holger Hetterich [Sun, 20 Feb 2011 10:32:39 +0000 (11:32 +0100)]
Actually make use of the SMBTA_SUBRELEASE define in smb_traffic_analyzer.h. This will allow to introduce new features or fixes into the protocol after the 3.6.0 release. The client software is designed to take care for the subrelease number.
Fix bug #8154 (Actually make use of SMBTA subversion numbers).
Jeremy Allison [Tue, 24 May 2011 00:14:47 +0000 (17:14 -0700)]
Fix bug #7054 - X account flag does not work when pwdlastset is 0.
Don't allow pass_last_set_time to be set to zero (which means
"user must change password on next logon") if user object doesn't
allow password change.
Don't automatically allow user object password change if
"user must change password on next logon" is set.
Jim please check.
Jeremy.
Andrew Bartlett [Wed, 18 May 2011 01:53:34 +0000 (11:53 +1000)]
s3-testparm Warn about incorrect use of 'password server'
The last 5 patches address bug #8151 (deprecate security parameters for 3.6).
Andrew Bartlett [Mon, 23 May 2011 00:42:57 +0000 (10:42 +1000)]
s3-param Depricate 'password server = foo:12389' syntax
This was originally intended to allow the LDAP port on a DC to be
varied, but makes little sense to change one port when in an
environment where krb5, ldap, smb and potentially DCE/RPC over TCP are
involved.
Andrew Bartlett
Andrew Bartlett [Fri, 13 May 2011 15:55:41 +0000 (17:55 +0200)]
s3-param Deprecate a number of security parameters for 3.6
This follows up on the agreement on the samba-technical list in Jan
2011 to deprecate these options, and to possibly remove these in the
4.0 release after user feedback.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Fri May 13 19:51:41 CEST 2011 on sn-devel-104
Andrew Bartlett [Mon, 23 May 2011 00:42:40 +0000 (10:42 +1000)]
docs: Clarify the 'security=server' fails for NTLMv2
Andrew Bartlett [Mon, 23 May 2011 00:20:47 +0000 (10:20 +1000)]
docs: Rewrite 'password server' documentation
I think this new version is more clear.
Andrew Bartlett
Jeremy Allison [Mon, 23 May 2011 17:57:56 +0000 (10:57 -0700)]
Fix bug #8150 - Ban 'dos charset = utf8'
Volker Lendecke [Thu, 26 May 2011 09:40:21 +0000 (11:40 +0200)]
s3: Document "async smb echo handler"
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Thu May 26 12:50:55 CEST 2011 on sn-devel-104
(cherry picked from commit
875e29ba830b269faf8ca7ff7cd7fc95c0c18f28)
Fix bug #7571 (Documentation on new "async smb echo handler" parameter is
missing).
Karolin Seeger [Mon, 23 May 2011 19:41:27 +0000 (21:41 +0200)]
WHATSNEW: Start adding changes since rc1.
Karolin
Jeremy Allison [Fri, 20 May 2011 19:27:02 +0000 (12:27 -0700)]
Fix bug #8157 - std_pcap_cache_reload() fails to parse a cups printcap file correctly.
The parsing code made some strange assumptions about what is a printer
name, and what is a comment.
Jeremy Allison [Fri, 20 May 2011 21:43:50 +0000 (14:43 -0700)]
Patch for bug #8156 - net ads join fails to use the user's kerberos ticket.
If kerberos_get_realm_from_hostname() or kerberos_get_default_realm_from_ccache() fails due to
a misconfigured krb5.conf, try the "realm =" from smb.conf as a fallcback before going back to
NTLMSSP (which we'll do anyway).
Volker Lendecke [Mon, 23 May 2011 10:21:17 +0000 (12:21 +0200)]
s3: Remove two false references to cli->inbuf (cherry picked from commit
b1a7bdb93c7fda54a29284f1691de1dc4f3bbf6b)
Fix bug #8159 (Memory corruption in fetching cli->server_domain from the
server.).
Volker Lendecke [Mon, 23 May 2011 13:36:20 +0000 (15:36 +0200)]
s3: Fix a leftover from fstring removal in cli_state
Jeremy, please check!
(cherry picked from commit
9514f96856ccf822b683b5362fd2eb4a4e9e418a)
Jeremy Allison [Thu, 19 May 2011 23:39:18 +0000 (16:39 -0700)]
Fix bug 8133 - strange behavior for the file (whose filename first character is period ) in SMB2 case.
When doing SMB2 renames, we need to match all filetypes (no attributes field in the SMB2 call).
By default a file starting with a period is returned as FILE_ATTRIBUTE_HIDDEN in Samba.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Fri May 20 19:26:04 CEST 2011 on sn-devel-104
Jeremy Allison [Thu, 19 May 2011 23:38:11 +0000 (16:38 -0700)]
Optimization. If the attributes passed to can_rename() include both FILE_ATTRIBUTE_HIDDEN and FILE_ATTRIBUTE_SYSTEM then there's no point in reading the source DOS attribute, as we're not going to deny the rename on attribute match.
Holger Hetterich [Wed, 18 May 2011 13:24:23 +0000 (15:24 +0200)]
Make protocol version 2 the default protocol, and only run on version 1 if V1 is explcitly given as a module option.
I haven't received a single line of feedback on protocol v1
for at least 1 1/2 years, whereas protocol v2 has an active
userbase and more people developing around it.
This patch includes a manpage update, describing the new
version handling, as well as documenting the recent changes
making the module transfer the IP address of the client machine
as submitted with
464c69609aa7e582f484c1d357b7c6d3eb2bcbe3.
Bug #8148 (Default to protocol version 2 for SMB Traffic Analyzer in Samba
3.6.0).
Andreas Schneider [Wed, 18 May 2011 10:10:42 +0000 (12:10 +0200)]
s3-epmapper: Fixed endpoint registration.
Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Fri May 20 12:03:18 CEST 2011 on sn-devel-104
(cherry picked from commit
7ab9e26b601e4e51736ce6eace46e6588fa1148f)
Fix bug #8155 (Registering only named pipes on EPM for a service doesn't work).
Jeremy Allison [Thu, 19 May 2011 19:32:15 +0000 (12:32 -0700)]
Fix bug 8153 found when building on an IPv6-only system by Kai Blin.
When building on IPv6-only, doing:
hints.ai_family = AF_INET;
getaddrinfo("0.0.0.0", NULL, &hints, &ppres)
fails as AF_INET is unavailable on an IPv6-only system. This
causes us to fallback to our replacement getaddrinfo code
which is IPv4-only.
As we're only trying to detect a specific AIX bug here,
broaden the tests to find that bug, and also test for
working getaddrinfo in an IPv6-only safe way.
Christian Ambach [Thu, 19 May 2011 16:13:40 +0000 (18:13 +0200)]
Fix Bug 8152 - smbd crash in release_ip()
release_ip() needs the private_data, but it was never saved away
to feed it into release_ip() later
Autobuild-User: Christian Ambach <ambi@samba.org>
Autobuild-Date: Thu May 19 21:21:14 CEST 2011 on sn-devel-104
(cherry picked from commit
642c6ba2b9c581bacfcb9a6cb4c5c95d446263ce)
Stefan Metzmacher [Tue, 17 May 2011 08:32:38 +0000 (10:32 +0200)]
s3:rpc_server: create lp_ncalrpc_dir() with 0755 before lp_ncalrpc_dir()/np with 0700
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Tue May 17 13:01:14 CEST 2011 on sn-devel-104
(cherry picked from commit
cb227d6d1492247d8aff03807cac0b7266202a38)
The last 2 patches address bug #8141 (wrong permissions on lp_ncalrpc_dir()).
Andrew Bartlett [Sun, 8 May 2011 08:29:27 +0000 (10:29 +0200)]
ncalrpc: Force ncalrpc dir to be mode 755 in all users
This allows this directory to be shared between Samba3 and Samba4 in a
Franky-style setup easily.
Andrew Bartlett
(cherry picked from commit
aae9353ecf56323b63da66aa84d8a0a4f219d94d)
Stefan Metzmacher [Tue, 17 May 2011 06:50:45 +0000 (08:50 +0200)]
talloc: splitout _talloc_free_children_internal()
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Tue May 17 10:49:13 CEST 2011 on sn-devel-104
(cherry picked from commit
df2cb2f672569e5d113fe2e77fdc1ee16c8b646d)
The last 9 patches address bug #8140 (talloc: valgrind false positives and other
backports).
Stefan Metzmacher [Fri, 8 Apr 2011 10:30:46 +0000 (12:30 +0200)]
talloc: fixed a use after free error in talloc_free_children()
This is similar to commit
6f51a1f45bf4de062cce7a562477e8140630a53d.
metze
(cherry picked from commit
38633c9f0b7f86673f08903999583ad5b62c3548)
Stefan Metzmacher [Fri, 8 Apr 2011 10:27:05 +0000 (12:27 +0200)]
talloc: use _talloc_free_internal() in talloc_free_children()
metze
(cherry picked from commit
f3b855d2ff9576715afe50d75678829c6bc0842d)
Stefan Metzmacher [Mon, 16 May 2011 17:25:47 +0000 (19:25 +0200)]
talloc: test talloc_steal out of a talloc_pool
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Tue May 17 09:43:01 CEST 2011 on sn-devel-104
(cherry picked from commit
37b2130ed9612a7334888ecd2fee26b0b45ac271)
Stefan Metzmacher [Tue, 17 May 2011 06:20:13 +0000 (08:20 +0200)]
talloc: add memset() calls to test_pool()
This way we the pool based valgrind code.
metze
(cherry picked from commit
16cc52cf70a9918843f9761baf483338c80bf1d0)
Stefan Metzmacher [Tue, 17 May 2011 06:19:04 +0000 (08:19 +0200)]
talloc: setup the new 'tc' before TC_UNDEFINE_GROW_CHUNK() _talloc_realloc()
metze
(cherry picked from commit
c281f2fc1a359d0d3b91b94438f11bb7c88170b5)
Stefan Metzmacher [Mon, 16 May 2011 18:15:59 +0000 (20:15 +0200)]
talloc: make really sure only optimize realloc if there's only one pool chunk
*talloc_pool_objectcount(pool_tc) == 2 doesn't mean the one of the objects
is the pool itself! So we better check for == 1 and calculate the chunk count.
metze
(cherry picked from commit
7102105c8954627dc30a851327cf2642ac0783d5)
Stefan Metzmacher [Mon, 16 May 2011 18:23:13 +0000 (20:23 +0200)]
talloc: make use of _talloc_free_poolmem() in _talloc_realloc()
This should follow the same logic...
metze
(cherry picked from commit
14b662ee4f278764b9dfd620851e908d29f29fc4)
Stefan Metzmacher [Mon, 16 May 2011 17:06:07 +0000 (19:06 +0200)]
talloc: split the handling of FLAG_POOL/FLAG_POOLMEM in _talloc_free_internal
The optimization of the object_count == 1 case should only happen
for when we're not destroying the pool itself. And it should only
happen if the pool itself is still valid.
If the pool isn't valid (it has TALLOC_FLAG_FREE),
object_count == 1 does not mean that the pool is the last object,
which can happen if you use talloc_steal/move() on memory
from the pool and then free the pool itself.
Thanks to Volker for noticing this!
metze
(cherry picked from commit
2d514be1ed3b8245157a0a51186ec7f9db828202)
Sumit Bose [Tue, 17 May 2011 06:58:50 +0000 (08:58 +0200)]
Fix typos in LDAP schema files
Reported by: John Danks <john.danks@gmail.com>
Signed-off-by: Günther Deschner <gd@samba.org>
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Tue May 17 11:56:08 CEST 2011 on sn-devel-104
Fix bug #8142 (typo in several LDAP schema files).
Jeremy Allison [Tue, 17 May 2011 23:18:51 +0000 (16:18 -0700)]
Fix bug #8144 - touch /mnt/newfile fails to set timestamp with CIFS client.
The extra checks added for Windows correctness in our metadata changing paths
to ensure the file handle has been opened with the correct access mask to
allow FILE_WRITE_ATTRIBUTES etc. caused problems with the POSIX open code.
The old POSIX open code maped O_RDONLY into FILE_READ, O_WRONLY into FILE_WRITE,
and O_RDWR into FILE_READ|FILE_WRITE. This patch extends the mapping to add
FILE_WRITE_ATTRIBUTES, FILE_READ_ATTRIBUTES and FILE_WRITE_EA, FILE_READ_EA to
allow POSIX opens to set these values.
Karolin Seeger [Tue, 17 May 2011 19:13:15 +0000 (21:13 +0200)]
WHATSNEW: Start release notes.
Karolin
Karolin Seeger [Tue, 17 May 2011 19:10:39 +0000 (21:10 +0200)]
VERSION: Bump version up to 3.6.0rc2.
Karolin