Stefan Metzmacher [Thu, 26 Feb 2015 10:27:33 +0000 (11:27 +0100)]
Merge tag 'samba-4.1.17' into v4-1-test
samba: tag release samba-4.1.17
Michael Adam [Thu, 19 Feb 2015 15:59:00 +0000 (16:59 +0100)]
doc:man:vfs_glusterfs: improve the configuration section.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Fri Feb 20 14:29:21 CET 2015 on sn-devel-104
(cherry picked from commit
e6e6f563e6968dcb3ae558a7857f8dff49d2939f)
The last 3 patches address
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11117
vfs_glusterfs manpage corrections
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Wed Feb 25 22:15:39 CET 2015 on sn-devel-104
Michael Adam [Fri, 13 Feb 2015 00:04:11 +0000 (01:04 +0100)]
doc:man:vfs_glusterfs: improve and update description.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit
7852dd9e4c806d4e2b5428cb783b8ce6db8902d0)
Michael Adam [Fri, 13 Feb 2015 00:03:21 +0000 (01:03 +0100)]
doc:man:vfs_glusterfs: remove extra % signs.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit
b9bf3c4d785606573ee3b9cb8e727bb04b3be6fb)
Andrew Bartlett [Mon, 16 Feb 2015 02:59:11 +0000 (15:59 +1300)]
debug: Set close-on-exec for the main log file FD
This does not change the properties of dup2() of the fd as STDERR, however this is closed
before we start smbd or winbindd as child processes.
This is needed otherwise the logfile remains open in the child process, and
logfile rotation can mean this old log remains on disk indefinatly.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11100
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Feb 16 11:42:47 CET 2015 on sn-devel-104
(based on commit
1d95b0afc3547a91f8558873ce58652c271ed9eb)
Karolin Seeger [Mon, 23 Feb 2015 13:38:08 +0000 (14:38 +0100)]
VERSION: Bump version up to 4.1.18.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Sat, 21 Feb 2015 20:04:20 +0000 (21:04 +0100)]
VERSION: Disable git snapshots for the 4.1.17 release.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11077
CVE-2015-0240: talloc free on uninitialized stack pointer in netlogon server
could lead to security vulnerability.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Sat, 21 Feb 2015 20:07:08 +0000 (21:07 +0100)]
WHATSNEW: Add release notes for Samba 4.1.17.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11077
CVE-2015-0240: talloc free on uninitialized stack pointer in netlogon server
could lead to security vulnerability.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Andreas Schneider [Mon, 16 Feb 2015 09:59:23 +0000 (10:59 +0100)]
s3-netlogon: Make sure we do not deference a NULL pointer.
This is an additional patch for CVE-2015-0240.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11077#c32
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Jeremy Allison [Wed, 28 Jan 2015 22:47:31 +0000 (14:47 -0800)]
CVE-2015-0240: s3: netlogon: Ensure we don't call talloc_free on an uninitialized pointer.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11077
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Karolin Seeger [Sat, 21 Feb 2015 20:04:20 +0000 (21:04 +0100)]
VERSION: Disable git snapshots for the 4.1.17 release.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11077
CVE-2015-0240: talloc free on uninitialized stack pointer in netlogon server
could lead to security vulnerability.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Sat, 21 Feb 2015 20:07:08 +0000 (21:07 +0100)]
WHATSNEW: Add release notes for Samba 4.1.17.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11077
CVE-2015-0240: talloc free on uninitialized stack pointer in netlogon server
could lead to security vulnerability.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Andreas Schneider [Mon, 16 Feb 2015 09:59:23 +0000 (10:59 +0100)]
s3-netlogon: Make sure we do not deference a NULL pointer.
This is an additional patch for CVE-2015-0240.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11077#c32
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Jeremy Allison [Wed, 28 Jan 2015 22:47:31 +0000 (14:47 -0800)]
CVE-2015-0240: s3: netlogon: Ensure we don't call talloc_free on an uninitialized pointer.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11077
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Jeremy Allison [Tue, 10 Feb 2015 17:32:11 +0000 (09:32 -0800)]
s3: smbclient: Allinfo leaves the file handle open.
https://bugzilla.samba.org/show_bug.cgi?id=11094
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Feb 10 23:28:46 CET 2015 on sn-devel-104
(cherry picked from commit
080ec0f7d9735b27138deb5f91a397935f089f02)
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Mon Feb 16 23:20:50 CET 2015 on sn-devel-104
David Disseldorp [Tue, 3 Feb 2015 18:26:42 +0000 (19:26 +0100)]
printing/cups: pack requested-attributes with IPP_TAG_KEYWORD
The CUPS IPP_GET_JOBS requested-attributes array indicates which job
attributes the caller would like in the cupsd response.
Until now, Samba has packed these attributes with a IPP_TAG_NAME
format tag. In recent versions of CUPS, this results in the IPP_GET_JOBS
response only including the job-id and job-printer-uri fields, even with
JobPrivateValues=none configured.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10808
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Feb 10 01:38:58 CET 2015 on sn-devel-104
(cherry picked from commit
2f4998113e539ea4ba6fb0a72ba6ac25c9d74bd6)
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Tue Feb 10 23:20:58 CET 2015 on sn-devel-104
Karolin Seeger [Tue, 10 Feb 2015 20:30:36 +0000 (21:30 +0100)]
VERSION: Re-enable git snapshots.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Thu, 15 Jan 2015 11:10:58 +0000 (12:10 +0100)]
VERSION: Bump version up to 4.1.17.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
(cherry picked from commit
c4e46cd4e32ef5bf25f3a21f74bb40dfb1dd3c0d)
Stefan Metzmacher [Thu, 29 Jan 2015 09:12:30 +0000 (10:12 +0100)]
s3:smb2_server: protect against integer wrap with "smb2 max credits = 65535"
Bug: https://bugzilla.samba.org/show_bug.cgi?id=9702
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jan 29 14:58:40 CET 2015 on sn-devel-104
(similar to commit
8aed0fc38ae28cce7fd1a443844a865265fc719c)
Autobuild-User(v4-1-test): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(v4-1-test): Tue Feb 3 00:04:10 CET 2015 on sn-devel-104
Stefan Metzmacher [Wed, 28 Jan 2015 14:22:30 +0000 (15:22 +0100)]
s3:smb2_server: always try to grant the credits the client just consumed
It turns out that the effective credits_requested is always at least 1,
even if the client sends credits_requested == 0.
This means the client is not able to reduce the amount of credits
itself.
Without this fix a client (e.g. Windows7) would reach the case
where it has been granted all credits it asked for.
When copying a large file with a lot of parallel requests,
all these requests have credits_requested == 0.
This means the amount of granted credits where reduced by each
request and only when the granted credits reached 0,
the server granted one credit to allow the client to go on.
The client might require more than one credit ([MS-SMB2] says
Windows clients require at least 4 credits) and freezes
with just 1 credit.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=9702
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(similar to commit
1944c857e59922a2ebfc88a6a824a6ed9396f2d5)
Garming Sam [Wed, 3 Dec 2014 22:53:12 +0000 (11:53 +1300)]
dsdb: Add tokenGroupsGlobalAndUniversal, tokenGroups, tokenGroupsNoGCAcceptable
This includes additional tests based directly on the docs, rather than
simply testing our internal implementation in client and server contexts,
that create a user and groups.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11022
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming-Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Dec 22 17:17:02 CET 2014 on sn-devel-104
(similar to commit
e4213512d0a967e87a74a1ae816c903fb38dd8b9)
Change-Id: Ia98bf5a62bb69e15ae6420b34e09a65c1f3e79dd
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Thu Jan 29 23:24:18 CET 2015 on sn-devel-104
Karolin Seeger [Mon, 26 Jan 2015 19:51:50 +0000 (20:51 +0100)]
Revert "dsdb: Add tokenGroupsGlobalAndUniversal, tokenGroups, tokenGroupsNoGCAcceptable"
This reverts commit
333d25739eb5a0d347ff8c57726ea184af4c1ec9.
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Mon Jan 26 23:05:21 CET 2015 on sn-devel-104
Andreas Schneider [Thu, 22 Jan 2015 09:27:59 +0000 (10:27 +0100)]
s3-pam_smbpass: Fix memory leak in pam_sm_authenticate().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11066
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
0cb9b28acb7008cd30c6de3add9876eb5607a5a6)
Andreas Schneider [Tue, 13 Jan 2015 16:04:26 +0000 (17:04 +0100)]
utils: Fix 'net time' segfault.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11058
This is part two of the bugfix. Make sure we pass the IP we found to
cli_servertime(). Hence we always pass at least one of name or IP.
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
45829800eb3f3a8aeccfe7c1114dcf9df60371d5)
Michael Adam [Fri, 16 Jan 2015 15:18:45 +0000 (16:18 +0100)]
cli_connect_nb_send: don't segfault on host == NULL.
The functions called futher down can cope with host == NULL.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11058
This is part one of the bugfix:
This ensures that it is enough to pass one of host or address to the function.
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
a0a254f74234bed6c9a0c71a5bda8254fa6f633f)
Ira Cooper [Thu, 22 Jan 2015 22:14:31 +0000 (17:14 -0500)]
vfs_glusterfs: Add comments to the pipe(2) code.
The guarantees around read(2) and write(2) and pipes are critical
to understanding this code. Hopefully these comments will help.
Signed-off-by: Ira Cooper <ira@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jan 23 20:58:51 CET 2015 on sn-devel-104
(cherry picked from commit
3b2d8bdbb1851961536241d3aaaf6ac936964517)
The last 10 patches address
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11069
Backport remaining performance patches for vfs_glusterfs to 4.2/4.1.
Volker Lendecke [Wed, 21 Jan 2015 19:49:24 +0000 (20:49 +0100)]
vfs: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Jan 22 13:14:38 CET 2015 on sn-devel-104
(cherry picked from commit
db63e4887c81c3e458194004353d7ef92c67b393)
Michael Adam [Wed, 21 Jan 2015 21:07:53 +0000 (22:07 +0100)]
vfs:glusterfs: whitespace fix.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jan 22 03:20:17 CET 2015 on sn-devel-104
(cherry picked from commit
cde5d380e192487ae77734afcb3eb3d327aafb98)
Ira Cooper [Tue, 20 Jan 2015 04:08:17 +0000 (23:08 -0500)]
vfs_glusterfs: Replace eventfd with pipes, for AIO use
Pipes clean up the AIO implementation substantially, due to the fact
that they implement a natural ithread safe queue instead of us
creating our own queue.
Signed-off-by: Ira Cooper <ira@samba.org>
Signed-off-by: Poornima G <pgurusid@redhat.com>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Ira Cooper <ira@samba.org>
Autobuild-Date(master): Wed Jan 21 20:40:11 CET 2015 on sn-devel-104
(cherry picked from commit
4c3a3d9e6adc95d0f0e1f6030b2406613d9f9f53)
raghavendra talur [Wed, 10 Dec 2014 15:45:03 +0000 (21:15 +0530)]
vfs/glusterfs: Change xattr key to match gluster key.
Gluster changed the key used to do get_real_filename
in 3.5. This changes Samba's glusterfs vfs-module
to use the same key.
This will render SMB_VFS_GET_REALFILENAME() working
again under 3.5 and will remove support for that functionality
for Gluster 3.4 and older.
Signed-off-by: raghavendra talur <raghavendra.talur@gmail.com>
Reviewed-by: Ira Cooper <ira@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
af9ec9fea5a730023cdee6e236f9585e3a18b0e6)
Poornima G [Thu, 11 Dec 2014 02:05:10 +0000 (07:35 +0530)]
vfs_glusterfs: Implement AIO support
Signed-off-by: Poornima G <pgurusid@redhat.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Wed Dec 17 16:35:37 CET 2014 on sn-devel-104
(cherry picked from commit
051b81aac81c7ccb234da221e9f8272b70b265ce)
Poornima G [Fri, 12 Dec 2014 13:11:49 +0000 (14:11 +0100)]
vfs_glusterfs: Change sys_get_acl_file/fd to return ACLs corresponding to mode bits when there are no ACLs set.
Signed-off-by: Poornima G <pgurusid@redhat.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
26b3544251babdfcdf5ada338a4ed39ff18bc47a)
raghavendra talur [Wed, 10 Dec 2014 07:00:10 +0000 (12:30 +0530)]
vfs_glusterfs: Set connectpath as snapdir-entry-path.
snapview client in gluster would require connectpath
in order add snapdir entry to readdir result.
Signed-off-by: raghavendra talur <raghavendra.talur@gmail.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Wed Dec 10 16:38:27 CET 2014 on sn-devel-104
(cherry picked from commit
a12ae815b01b372cbf8697d32d5d45d7b2d5f93d)
raghavendra talur [Wed, 10 Dec 2014 06:56:34 +0000 (12:26 +0530)]
vfs_glusterfs: Remember the connect path too for reopening.
As Samba allows us to share subdirs, lets re-use preopened
connections to glusterfs only if they are for same volume
AND same connectpath.
Signed-off-by: raghavendra talur <raghavendra.talur@gmail.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
2fb4317352a165d0dd4af78fcf0a576fa246eab2)
Poornima G [Thu, 30 Oct 2014 11:44:51 +0000 (17:14 +0530)]
vfs_glusterfs: In vfs_gluster_sys_acl_get_file/fd, reduce the number of getxattr calls.
Signed-off-by: Poornima G <pgurusid@redhat.com>
Reviewed-by: Ira Cooper <ira@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit
a4fa9ca5a7a4c0b770079ab126f8172ff6d6851c)
David Disseldorp [Mon, 19 Jan 2015 12:39:35 +0000 (13:39 +0100)]
libsmb: provide authinfo domain for encrypted session referrals
6c9de0cd056afc0b478c02f1bdb0e06532388037 requires this extra change.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11059
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jan 21 04:29:06 CET 2015 on sn-devel-104
(cherry picked from commit
6da86012a2ca521efe0cf1bf05fcd04c3099b190)
David Disseldorp [Fri, 16 Jan 2015 15:21:23 +0000 (16:21 +0100)]
libsmb: provide authinfo domain for DFS referral auth
libsmbclient uses the smbc_init->smbc_get_auth_data_fn() provided
workgroup/domain in initial connections, but then switches to the
default smb.conf workgroup/domain when handling DFS referrals.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11059
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
6c9de0cd056afc0b478c02f1bdb0e06532388037)
[ddiss@samba.org: 4.1 rebase with cli_init_creds() call]
David Disseldorp [Fri, 16 Jan 2015 15:21:22 +0000 (16:21 +0100)]
libsmb: reuse connections derived from DFS referrals
[MS-DFSC] 3.2.1.1 and 3.2.1.2 states that DFS targets with the same site
location or relative cost are placed in random order in a DFS referral
response.
libsmbclient currently resolves DFS referrals on every API call, always
using the first entry in the referral response. With random ordering,
libsmbclient may open a new server connection, rather than reuse an
existing (cached) connection established in a previous DFS referred API
call.
This change sees libsmbclient check the connection cache for any of the
DFS referral response entries before creating a new connection.
This change is based on a patch by Har Gagan Sahai
<SHarGagan@novell.com>.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10123
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
7b7d4f740fe5017107d3100041cc8c7982f0eac7)
Karolin Seeger [Thu, 15 Jan 2015 11:10:58 +0000 (12:10 +0100)]
VERSION: Bump version up to 4.1.17.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Thu, 15 Jan 2015 11:10:22 +0000 (12:10 +0100)]
Merge tag 'samba-4.1.16' into v4-1-test
samba: tag release samba-4.1.16
Volker Lendecke [Sun, 18 Aug 2013 20:35:32 +0000 (20:35 +0000)]
smbd: Fix CID
1063259 Uninitialized scalar variable
Signed-off-by: Volker Lendecke <vl@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11041
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
cc983c9a6a92f3d127ec6461b15aed3fa90e6d30)
Reviewed-by: David Disseldorp <ddiss@samba.org>
Andreas Schneider [Wed, 7 Jan 2015 16:12:54 +0000 (17:12 +0100)]
s3-libads: Fix a possible segfault in kerberos_fetch_pac().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11037
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
a13e29cc4345d85ab6fe4482119386b87e4e8673)
David Disseldorp [Wed, 17 Dec 2014 15:54:42 +0000 (16:54 +0100)]
spoolss: clear PrinterInfo on GetPrinter error
If an error is returned without zeroing a pre-allocated @info pointer,
then marshalling of the response will fail.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10984
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
a11e97b79645ff0d9e7d20f5318a979194a858fe)
David Disseldorp [Wed, 17 Dec 2014 15:47:50 +0000 (16:47 +0100)]
spoolss: clear info on GetPrinterDriverDirectory error
If an error is returned without zeroing a pre-allocated @info pointer,
then marshalling of the response will fail.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10984
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
c9fccb5018f9a19bb654b9ad79aa716e37a274d6)
David Disseldorp [Wed, 17 Dec 2014 14:54:22 +0000 (15:54 +0100)]
spoolss: clear info on GetPrintProcessorDirectory error
If an error is returned without zeroing a pre-allocated @info pointer,
then marshalling of the response will fail.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10984
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
679c781112ce6b7cffca11c28e58ae5f9a0d717d)
David Disseldorp [Wed, 17 Dec 2014 14:29:52 +0000 (15:29 +0100)]
spoolss: clear FormInfo on GetForm error
In handling a spoolss GetForm request, the handler may return an
immediate error if one of the input parameters is invalid. If this is
done without zeroing the pre-allocated @info pointer, then marshalling
of the response will fail.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10984
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
b113ed6043622cdec68f3a70631b363594f3a8d0)
David Disseldorp [Wed, 17 Dec 2014 14:21:33 +0000 (15:21 +0100)]
spoolss: clear DriverInfo on GetPrinterDriver2 error
In handling a spoolss GetPrinterDriver2 request, the handler may
return an immediate error if one of the input parameters is invalid.
If this is done without zeroing the pre-allocated @info pointer, then
marshalling of the response will fail.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10984
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
fb9ecb044ee986ab3496da6cbad162a224378475)
David Disseldorp [Thu, 4 Dec 2014 19:03:39 +0000 (20:03 +0100)]
spoolss: clear JobInfo on GetJob error
In handling a spoolss GetJob request, the _spoolss_GetJob() handler may
return an immediate error if one of the input parameters is invalid. If
this is done without zeroing the pre-allocated @info pointer, then
api_spoolss_GetJob() will attempt to marshall @info, which in the case
of an @offered value of zero results in a marshalling error:
ndr_push_error(7): Bad subcontext (PUSH) content_size 64 is larger
than size_is(0)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10984
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
89869e090c56a3f83b451b437f9c3f40a231dd24)
Günther Deschner [Wed, 17 Dec 2014 12:48:53 +0000 (13:48 +0100)]
vfs: Add glusterfs manpage.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10240
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Wed Jan 7 20:57:57 CET 2015 on sn-devel-104
Volker Lendecke [Tue, 13 Jan 2015 11:51:13 +0000 (12:51 +0100)]
net: Fix sam addgroupmem
Domain local groups come across as SID_TYPE_ALIAS and are sent to us in the
PAC/Info3 struct. We should allow this in net sam addgroupmem.
Volker
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11051
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Tue Jan 13 15:28:16 CET 2015 on sn-devel-104
Garming Sam [Wed, 3 Dec 2014 22:53:12 +0000 (11:53 +1300)]
dsdb: Add tokenGroupsGlobalAndUniversal, tokenGroups, tokenGroupsNoGCAcceptable
This includes additional tests based directly on the docs, rather than
simply testing our internal implementation in client and server contexts,
that create a user and groups.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11022
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming-Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Dec 22 17:17:02 CET 2014 on sn-devel-104
(similar to commit
e4213512d0a967e87a74a1ae816c903fb38dd8b9)
Andreas Schneider [Mon, 12 Jan 2015 17:12:13 +0000 (18:12 +0100)]
s3-util: Fix authentication with long hostnames.
If the hostname is longer than MAX_NETBIOSNAME_LEN we fail to correctly
check the hostname.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11008
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
da2611adef32107f5a0eec97501c01232ab72efc)
Signed-off-by: Andreas Schneider <asn@samba.org>
Karolin Seeger [Mon, 12 Jan 2015 20:42:02 +0000 (21:42 +0100)]
VERSION: Disable git snapshots for the 4.1.16 release.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Mon, 12 Jan 2015 20:41:32 +0000 (21:41 +0100)]
WHATSNEW: Add release notes for Samba 4.1.16.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Andrew Bartlett [Thu, 4 Dec 2014 04:23:29 +0000 (17:23 +1300)]
CVE-2014-8143:dsdb-samldb: Check for extended access rights before we allow changes to userAccountControl
This requires an additional control to be used in the
LSA server to add domain trust account objects.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10993
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Mon, 8 Dec 2014 01:20:21 +0000 (14:20 +1300)]
CVE-2014-8143:dsdb: Allow use of dsdb_autotransaction_request outside util.c
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10993
Change-Id: If6bc90305a1e9a5a92562a01ba7e44330de91cc1
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Sun, 7 Dec 2014 23:19:19 +0000 (12:19 +1300)]
CVE-2014-8143:pydsdb: Pull in UF_USE_AES_KEYS flag
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10993
Change-Id: I36ad5ebc5d8a4811c41b59af90a3add4ae5fd857
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Tue, 11 Nov 2014 02:23:02 +0000 (15:23 +1300)]
CVE-2014-8143:auth: Force talloc type of session_info pointer to match
This helps us keep things safe in LDB where we put this in a opaque pointer.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10993
Andrew Bartlett
Change-Id: I46fe53ba655ca0810c276b72fbca524884cdf22d
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Karolin Seeger [Sun, 11 Jan 2015 19:41:04 +0000 (20:41 +0100)]
VERSION: Bump version up to 4.1.16...
and re-enable git snapshots.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
(cherry picked from commit
9f52de75088380915835e815217bdcd0afa8dc85)
Karolin Seeger [Sun, 11 Jan 2015 19:41:04 +0000 (20:41 +0100)]
VERSION: Bump version up to 4.1.16...
and re-enable git snapshots.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Sun, 11 Jan 2015 19:39:58 +0000 (20:39 +0100)]
VERSION: Disable git snapshots for the 4.1.15 release.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Sun, 11 Jan 2015 19:38:49 +0000 (20:38 +0100)]
WHATSNEW: Add release notes for Samba 4.1.15.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Stefan Metzmacher [Thu, 18 Dec 2014 09:33:34 +0000 (10:33 +0100)]
nsswitch: fix soname of linux nss_*.so.2 modules
Bug: https://bugzilla.samba.org/show_bug.cgi?id=9299
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(similar to commit
575b093dac3c509b1bfaab0b4ad29b9b4214e487)
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Sun Jan 11 16:15:06 CET 2015 on sn-devel-104
Stefan Metzmacher [Thu, 18 Dec 2014 19:13:44 +0000 (20:13 +0100)]
selftest: use shared/libnss_wrapper_winbind.so.2
This library is always available in make test.
nss-wrapper strictly requires the linux nss api.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=9299
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(similar to commit
4eb24fa545234be506eb1330ccbbfd5c2b9e0d82)
Stefan Metzmacher [Thu, 18 Dec 2014 09:21:30 +0000 (10:21 +0100)]
wafsamba: add optional keep_underscore=True to SAMBA_LIBRARY()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=9299
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(similar to commit
82e583b04b04e560c121163850d70c52d2fce78d)
Christof Schmitt [Fri, 19 Dec 2014 19:24:53 +0000 (12:24 -0700)]
winbind: Retry after SESSION_EXPIRED error in ping-dc
Trying to establish a netlogon connection when the service ticket
expires might fail with NT_STATUS_NETWORK_SESSION_EXPIRED. The
underlying client code already marks the session as invalid, so retry
the netlogon connect in this case.
Signed-off-by: Christof Schmit <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jan 6 02:58:57 CET 2015 on sn-devel-104
(cherry picked from commit
a2670f15dea27c10e3827216adf572f9c3894f85)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11034
Christof Schmitt [Mon, 22 Dec 2014 23:19:47 +0000 (15:19 -0800)]
winbind: Retry LogonControl RPC in ping-dc after session expiration
When the underlying session expires, the LogonControl RPC call used in
ping-dc returns NT_STATUS_IO_DEVICE_ERROR. Retry once in this case,
instead of returning the error to the caller.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Dec 23 02:46:34 CET 2014 on sn-devel-104
(cherry picked from commit
2fdc55160309cec89aeb88243cb18d058c67e918)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11034
Matthieu Patou [Tue, 23 Sep 2014 20:45:32 +0000 (13:45 -0700)]
librpc/ndr_drsuapi: Allow ndrdump to dump dsinfo52 blobs
Change-Id: I6968b25c67587296b928b2193a9d48093c69c01a
Signed-off-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
1ac96a416d7d6db2476f56129166fd9e018e7306)
The last 6 patches address
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11006
'domain join' fails - 'drsuapi.DsBindInfoFallBack' has no attribute
'supported_extensions'.
Samuel Cabrero [Fri, 4 Jul 2014 10:45:59 +0000 (12:45 +0200)]
idl:drsuapi: Manage all possible lengths of drsuapi_DsBindInfo
Signed-off-by: Samuel Cabrero <scabrero@zentyal.com>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
(cherry picked from commit
d747372d28273542298f86530e715e8faaf907f2)
Matthieu Patou [Sun, 20 Oct 2013 20:37:17 +0000 (13:37 -0700)]
librpc-idl: change the drsuapi_DsBindInfoCtr so that it match what is on the wire both in NDR32 and NDR64.
Previous implementation had a problem with NDR64 with uint32 and
uint3264 being in the wrong order
Signed-off-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Oct 30 10:16:02 CET 2013 on sn-devel-104
(cherry picked from commit
8dc931bafca00c1c61a4366ffb6cfa72a98bb412)
Stefan Metzmacher [Mon, 21 Oct 2013 06:40:28 +0000 (08:40 +0200)]
librpc-idl: replace int32 by uint32 as the values are always > 0
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
1e2e421632c275f8cf7529935f72ef3639ddea14)
Matthieu Patou [Mon, 21 Oct 2013 03:16:27 +0000 (20:16 -0700)]
librpc-idl: replace int32 by the enumeration as it's the type that we use in union's switch drsuapi_DsGetDCInfoCtrLevels
Signed-off-by: Matthieu Patou <mat@matws.net>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
568bf16dfadb4bd3003ed18b19098a3d1473f2fe)
Stefan Metzmacher [Mon, 23 Sep 2013 06:05:41 +0000 (08:05 +0200)]
drsuapi.idl: change the range for attribute values to
26214400 bytes.
This matches the IDL from [MS-DRSR].
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Matthieu Patou <mat@matws.net>
(cherry picked from commit
51d8eba8417c58c2ade30d58a838441008209542)
Stefan Metzmacher [Fri, 12 Dec 2014 13:55:38 +0000 (13:55 +0000)]
libcli/smb: only force signing of smb2 session setups when binding a new session
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10958
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Dec 12 23:11:40 CET 2014 on sn-devel-104
(cherry picked from commit
daff0f5d709eca621a7f319c892ecaba7b03e5c2)
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Thu Dec 18 23:00:51 CET 2014 on sn-devel-104
Stefan Metzmacher [Fri, 12 Dec 2014 08:22:15 +0000 (09:22 +0100)]
s3:smb2_server: allow reauthentication without signing
If signing is not required we should not require it for reauthentication.
Windows clients would otherwise fail to reauthenticate.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10958
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
382019656ee164fd21455ed7d7b5e9e18bd0ca72)
Stefan Metzmacher [Thu, 12 Jun 2014 13:10:11 +0000 (15:10 +0200)]
s3:smb2_server: use the global signing key to check if signing is required
If we have a channel session key, we also always have a global session key.
For multi-channel it's possible that the channel session key is not in place
yet, in that case the global session key needs to be used.
In both cases (reauth or session bind) we session setup requests need to be
signed.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
7e006d11134cdc37ea0fc13110fe5bbfb9de3f14)
Stefan Metzmacher [Fri, 21 Nov 2014 13:11:54 +0000 (14:11 +0100)]
testprogs/test_ldb: check rootdse search with extended-dn control
Verifies BUG: https://bugzilla.samba.org/show_bug.cgi?id=10949
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Fri Dec 12 20:15:46 CET 2014 on sn-devel-104
(cherry picked from commit
7e81fe282540a5b52dcb8c5396321a67733790d2)
Stefan Metzmacher [Thu, 20 Nov 2014 13:21:06 +0000 (14:21 +0100)]
s4:dsdb/rootdse: expand extended dn values with the AS_SYSTEM control
Otherwise we can't find the GUID of the 'serverName' attribute
as ANONYMOUS.
This results in
root@ub1204-161:~# ldbsearch -U% -H ldap://172.31.9.161 -b '' -s base --extended-dn serverName
search error - LDAP error 1 LDAP_OPERATIONS_ERROR - <
00002020: operations error at ../source4/dsdb/samdb/ldb_modules/rootdse.c:567> <>
While it works as system:
root@ub1204-161:~# ldbsearch -U% -H /var/lib/samba/private/sam.ldb -b '' -s base --extended-dn serverName
# record 1
dn:
serverName: <GUID=
348c35e1-04e3-4988-a32c-
32478d584551>;CN=UB1204-161,CN=Serve
rs,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=s4xdom,DC=base
# returned 1 records
# 1 entries
# 0 referrals
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10949
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit
a6ecef4532e4529a819219cd814e2979c2df0797)
Christian Ambach [Tue, 4 Nov 2014 22:51:23 +0000 (23:51 +0100)]
s3:utils/profiles fix a use after free
path is a talloc-child of subkeys, so subkeys should not be freed before calling
verbose_output
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Christian Ambach <ambi@samba.org>
Autobuild-Date(master): Wed Dec 3 00:43:19 CET 2014 on sn-devel-104
(cherry picked from commit
3b90bfb1089e6a4b7e05e7ed62bb642521f57917)
Christian Ambach [Tue, 4 Nov 2014 22:50:07 +0000 (23:50 +0100)]
s3:registry/regfio fix some valgrind warnings
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
4b41489901b7f1a78ffd479128c3e0d309e53b53)
Christian Ambach [Tue, 4 Nov 2014 22:47:26 +0000 (23:47 +0100)]
s3:registry/regfio read SD from the correct location
try to find the security descriptor at the data pointer, not at the beginning of the hbin
Bug: https://bugzilla.samba.org/show_bug.cgi?id=9629
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
217a0189c15761f6c7b24c9d7bfdbccf85de8e1d)
Jeremy Allison [Mon, 8 Dec 2014 02:59:26 +0000 (18:59 -0800)]
s3: modules: Fix *allocate* calls to follow POSIX error return convention.
Fix up the ceph, time_audit and streams_xattr modules to follow
the -1,errno convention for errors.
Reported by Jones <jones.kstw@gmail.com> who provided the
initial patch. This patch tested and confirmed working
by him as well.
Signed-off-by: Jeremy Allison <jra@samba.org>
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Mon Dec 8 12:29:00 CET 2014 on sn-devel-104
Jeremy Allison [Fri, 5 Dec 2014 23:34:12 +0000 (15:34 -0800)]
s3: smbd: Fix *allocate* calls to follow POSIX error return convention.
Fix vfs_allocate_file_space(), vfs_slow_fallocate(),
vfs_fill_sparse() to follow the -1,errno convention
for errors.
Standardize on the -1,errno convention.
Reported by Jones <jones.kstw@gmail.com> who provided the
initial patch. This patch tested and confirmed working
by him as well.
https://bugzilla.samba.org/show_bug.cgi?id=10982
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@suse.de>
(cherry picked from commit
cc1f91cec627cb3e4fc89b96aae1e7e4c539cd1c)
Jeremy Allison [Fri, 5 Dec 2014 23:31:19 +0000 (15:31 -0800)]
s3: smbd: Fix *allocate* calls to follow POSIX error return convention.
vfswrap_fallocate() is broken in that it can call posix_fallocate()
which returns an int error (and doesn't set errno) but can also
call Linux fallocate() which returns -1 and sets errno.
Standardize on the -1,errno convention.
Reported by Jones <jones.kstw@gmail.com> who provided the
initial patch. This patch tested and confirmed working
by him as well.
https://bugzilla.samba.org/show_bug.cgi?id=10982
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@suse.de>
(cherry picked from commit
c9235deee0fc49c99cfaf2329b7af526d9dd12d0)
Andreas Schneider [Fri, 14 Nov 2014 09:05:13 +0000 (10:05 +0100)]
s3-libsmb: Duplicate the memory before we free it.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10279
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit
8c41795c81d85114e383e694ba7421e95bacb912)
Andreas Schneider [Fri, 14 Nov 2014 09:03:07 +0000 (10:03 +0100)]
s3-libsmb: Set the netbios_name in use_ccache case too.
If we do not set the netbios_name we are not able to connect to a
Windows DC.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10279
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit
206f25d815024248214f076fd60c35862e9de8a1)
Andreas Schneider [Fri, 14 Nov 2014 08:31:51 +0000 (09:31 +0100)]
s3-lib: Do not require a password with --use-ccache.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10279
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit
1e148a91fd20053f823b57e19d757665fa30c53d)
Günther Deschner [Wed, 3 Dec 2014 15:55:39 +0000 (16:55 +0100)]
pam_winbind: fix warn_pwd_expire implementation.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9056
warn_pwd_expire parameter is not working as documented in pam_winbind manual
page. This patch adds missing bit and allows disabling warning message fully,
i.e. setting warn time to zero days.
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Wed Dec 3 21:36:49 CET 2014 on sn-devel-104
Jeremy Allison [Wed, 26 Nov 2014 21:33:57 +0000 (13:33 -0800)]
libcli: SMB2: Pure SMB2-only negprot fix to make us behave as a Windows client does.
Required as some servers return zero when asked for
zero credits in an initial SMB2-only negprot.
Back-port of
c426f97238e4f664d1b13781101ca9c942aa7d0d
from master.
https://bugzilla.samba.org/show_bug.cgi?id=10966
Signed-off-by: Jeremy Allison <jra@samba.org>
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Thu Dec 4 21:55:16 CET 2014 on sn-devel-104
Andreas Schneider [Mon, 24 Nov 2014 16:46:27 +0000 (17:46 +0100)]
s3-smbstatus: Fix exit code of profile output.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10961
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andreas Schneider [Mon, 24 Nov 2014 15:26:13 +0000 (16:26 +0100)]
s3-smbclient: Return success if we listed the shares.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10960
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Guenter Kukkukk [Fri, 21 Nov 2014 15:57:45 +0000 (16:57 +0100)]
s4-rpc: dnsserver: Fix enumeration of IPv4 and IPv6 addresses
In the initial implementation only IPv4 addresses were supported.
Add IPv6 (and mixed IPv4/IPv6) support and all further needed conversion
routines to support w2k, dotnet, longhorn clients.
Signed-off-by: Guenter Kukkukk <linux@kukkukk.com>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Wed Nov 26 03:44:07 CET 2014 on sn-devel-104
(cherry picked from commit
3ac4355f3e7f79bc0045c43bc818697dc6b08850)
The last 3 patches address
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10952
samba-tool dns serverinfo <server> is broken for IPv6 - also in mixed IPv4/IPv6
environments.
Guenter Kukkukk [Fri, 21 Nov 2014 02:55:25 +0000 (03:55 +0100)]
samba-tool: Fix the IP output of "samba-tool dns serverinfo <some_server>"
Avoid hardcoded IP-strings, use standard python IP functions to format
IPv4 and IPv6 addresses correctly.
I have removed the display of the port number.
MS-DNSP 2.2.3.2.2.1 DNS_ADDR: (from May 15, 2014)
Port Number (2bytes): Senders MUST set this to zero, and receivers MUST ignore
it.
Signed-off-by: Guenter Kukkukk <linux@kukkukk.com>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
d5af53c5372866a33a0195cabbd64232ac53bad4)
Guenter Kukkukk [Fri, 21 Nov 2014 02:40:17 +0000 (03:40 +0100)]
samba-tool: Fix enum values in dns.py
DNS_ZONE_UPDATE_SECURE was used twice, DNS_ZONE_UPDATE_UNSECURE was missing.
Signed-off-by: Guenter Kukkukk <linux@kukkukk.com>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
4bda589c8e68cd66ca3b0ea9496cb1b11febcae6)
Karolin Seeger [Thu, 27 Nov 2014 11:34:04 +0000 (12:34 +0100)]
VERSION: Bump version up to 4.1.15...
and re-enable git snapshots.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Thu, 27 Nov 2014 11:33:07 +0000 (12:33 +0100)]
VERSION: Disable git snapshots for the 4.1.14 release.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Thu, 27 Nov 2014 11:30:41 +0000 (12:30 +0100)]
WHATSNEW: Add release notes for Samba 4.1.14.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Amitay Isaacs [Mon, 3 Nov 2014 00:57:50 +0000 (11:57 +1100)]
s4-dns: dlz-bind: Add trailing '.' to all fqdn strings
BIND 9.10.x is strict when sending records via putrr and putnamedrr.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10620
Thanks to Guenter Kukkukk for identifying the problem and resolution.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Guenter Kukkukk <kukks@samba.org>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Fri Nov 21 06:14:55 CET 2014 on sn-devel-104
(cherry picked from commit
b7f6b09a13daaa702aef5a0ab9f458521e4902b1)
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Mon Nov 24 23:27:37 CET 2014 on sn-devel-104
Amitay Isaacs [Mon, 20 Oct 2014 05:32:42 +0000 (16:32 +1100)]
s4-dns: Add support for BIND 9.10
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Matthieu Patou <mat@matws.net>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Sat Oct 25 05:42:19 CEST 2014 on sn-devel-104
(cherry picked from commit
faa3423d1a26eb6103389b234add0f1e8d0dfc08)
Conflicts:
python/samba/provision/sambadns.py
source4/dns_server/dlz_bind9.c
source4/setup/named.conf.dlz
Amitay Isaacs [Mon, 20 Oct 2014 04:31:30 +0000 (15:31 +1100)]
s4-dns: Update dlz_minimal.h based on BIND release 9.10
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Matthieu Patou <mat@matws.net>
(cherry picked from commit
aeb6ad8a9c2713c6c71a2ac4cd355dd1bda6cc51)