Stefan Metzmacher [Thu, 18 Feb 2010 14:36:08 +0000 (15:36 +0100)]
spoolss: make all security descriptors and devicemodes 4 byte aligned and add missing subcontexts.
Guenther
(cherry picked from commit
8f52957369bf8ce7591d5d9a1436ccb7e384c612)
Günther Deschner [Mon, 14 Dec 2009 16:22:39 +0000 (17:22 +0100)]
spoolss: set NDR_RELATIVE_REVERSE flag for various unions that have relative pointers.
Guenther
(cherry picked from commit
6d0a39741dacd81e33b25a91fa28cdf983d10d84)
Stefan Metzmacher [Thu, 18 Feb 2010 14:17:42 +0000 (15:17 +0100)]
ndr_spoolss_buf: use LIBNDR_FLAG_NO_NDR_SIZE in NDR_SPOOLSS_SIZE_*
metze
(cherry picked from commit
2059a165ee6f4d231aa4075d8ddea70b8df8944f)
Stefan Metzmacher [Wed, 23 Dec 2009 14:52:39 +0000 (15:52 +0100)]
spoolss: use subcontext in NDR_SPOOLSS_PUSH_ENUM_OUT macro.
metze
(cherry picked from commit
a4c3aeb79306190b09e284a6a28e3b40fbc5823b)
Stefan Metzmacher [Thu, 18 Feb 2010 14:13:20 +0000 (15:13 +0100)]
libndr: fix ndr_size_* calculation with relative reverse buffers
metze
(cherry picked from commit
8310f02414efd3b792857ed20c636c4c114e1ba2)
Stefan Metzmacher [Thu, 18 Feb 2010 12:40:44 +0000 (13:40 +0100)]
libndr: for now align reverse relative pointers to 2 bytes by default.
This is just a hack and we should let the callers use FLAG_ALIGN2
explicit in future.
metze
(cherry picked from commit
4a76d29374769ba4c075b8d5767498848d2e17d6)
Stefan Metzmacher [Wed, 17 Feb 2010 20:24:40 +0000 (21:24 +0100)]
libndr: implement LIBNDR_RELATIVE_REVERSE handling
This is based on Guenther's initial code.
metze
(cherry picked from commit
31c7780c16651b284009874cf3da04587dc36d19)
Günther Deschner [Mon, 14 Dec 2009 14:33:32 +0000 (15:33 +0100)]
libndr: store a subcontext buffer size in ndr_push_subcontext_start.
Guenther
(cherry picked from commit
05347754ee61f06466d6d9b7f390001992f793ce)
Stefan Metzmacher [Wed, 17 Feb 2010 19:27:08 +0000 (20:27 +0100)]
libndr: give an error when ndr_push_relative_ptr2_start()/_end() is used with the RELATIVE_REVERSE flag
metze
(cherry picked from commit
b5f9c44da55abb28222441a7e064a2a25891981f)
Günther Deschner [Tue, 9 Feb 2010 17:27:37 +0000 (18:27 +0100)]
libndr: add LIBNDR_FLAG_NO_RELATIVE_REVERSE so that relative reverse processing can be disabled for single structure elements.
Guenther
(cherry picked from commit
a2c34296fa6ca2ffb69cb69698a9b5f81803e8a8)
Günther Deschner [Mon, 14 Dec 2009 14:09:00 +0000 (15:09 +0100)]
libndr: add LIBNDR_FLAG_RELATIVE_REVERSE flag.
Guenther
(cherry picked from commit
ee13a51b0514ec3ac4ca9c532c2b101a08ec9784)
Günther Deschner [Wed, 16 Dec 2009 21:54:02 +0000 (22:54 +0100)]
libndr: change subcontext buffer allocation to allocate on subcontext_start.
Guenther
(cherry picked from commit
c9fa97b01774d767acfabaf1eec7a6aad1510440)
Stefan Metzmacher [Wed, 17 Feb 2010 19:00:36 +0000 (20:00 +0100)]
librpc/ndr: make ndr_push_relative_ptr2() static
metze
Stefan Metzmacher [Wed, 17 Feb 2010 19:00:04 +0000 (20:00 +0100)]
librpc/ndr_krb5pac: use ndr_push_relative_ptr2_start()/_end()
metze
(cherry picked from commit
e03591111a1b9c2f05c29a7afac4641f23f455f4)
Stefan Metzmacher [Wed, 17 Feb 2010 18:59:19 +0000 (19:59 +0100)]
librpc/ndr_drsblobs: use ndr_push_relative_ptr2_start()/_end()
metze
(cherry picked from commit
b423bd2115e006f9af5d40cf5b651e03739d53a0)
Günther Deschner [Thu, 11 Feb 2010 17:54:31 +0000 (18:54 +0100)]
spoolss: fix relative pointers in ndr_push_spoolss_DriverInfo101.
Guenther
(cherry picked from commit
bfd6edb3e9339d602eb6514ff50c3bb6c671174e)
Günther Deschner [Mon, 14 Dec 2009 13:17:05 +0000 (14:17 +0100)]
s3: re-run make full_idl.
Guenther
(cherry picked from commit
c869328b1642043480f9600c88bcce9da37959b1)
Günther Deschner [Mon, 14 Dec 2009 13:09:22 +0000 (14:09 +0100)]
pidl: use ndr_push_relative_ptr2_start and ndr_push_relative_ptr2_end.
Guenther
(cherry picked from commit
a049d75193b284fe9efb28d303ea46ba407e5a7a)
Günther Deschner [Mon, 14 Dec 2009 13:08:34 +0000 (14:08 +0100)]
libndr: add ndr_push_relative_ptr2_start and ndr_push_relative_ptr2_end.
Guenther
Jeremy Allison [Thu, 18 Feb 2010 19:22:44 +0000 (11:22 -0800)]
Fix bug #7154 - mangling method = hash can crash storing a name not containing a '.'
Fix use of uninitialized variable. This can lead to crashes if
mangling = hash processes names with no '.'.
Jeremy.
(cherry picked from commit
df13b1303a751962d8f7d5298b39e4a7500fef15)
Jeremy Allison [Thu, 18 Feb 2010 20:21:10 +0000 (12:21 -0800)]
Fix bug #7155 - valgrind Conditional jump or move depends on uninitialised value(s) error when "mangling method = hash"
The charset array allocated in init_chartest() is allocated
by MALLOC, but only some elements of it being set after allocation. Fix is to
memset to zero after allocation.
Jeremy.
(cherry picked from commit
a4e8210ba7d6d471cb9f17754244393b9c1e5930)
Karolin Seeger [Thu, 18 Feb 2010 12:10:21 +0000 (13:10 +0100)]
s3-docs: Remove trailing whitespaces and fix a typo.
Karolin
(cherry picked from commit
494819773d61daa32d4ee2a0a15088f3b4abe6e2)
Björn Jacke [Wed, 17 Feb 2010 22:03:32 +0000 (23:03 +0100)]
s3:docs: add some advice for usage of strict allocate
(cherry picked from commit
37115f91aebec9c846e54790c6bcf433ae35888a)
Stefan Metzmacher [Wed, 17 Feb 2010 18:11:11 +0000 (19:11 +0100)]
tsocket/bsd: fix comment in tdgram_bsd_recvfrom_handler()
metze
(cherry picked from commit
c42d9c4ec410e205091784cd97cbceb5572609d8)
Jeremy Allison [Wed, 17 Feb 2010 17:24:34 +0000 (09:24 -0800)]
Fix commit
d07cd37b993d3c9beded20323174633b806196b5
Which was:
tsocket/bsd: fix bug #7115 FreeBSD includes the UDP header in FIONREAD
Metze, this has to have been wrong - you are throwing away the talloc_realloc
pointer returned. Also no error checking. Please review.
Thank goodness for gcc warnings :-).
Jeremy.
(cherry picked from commit
936828de71023d90aaec6c1dba84052246bbad11)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Wed, 17 Feb 2010 12:53:02 +0000 (13:53 +0100)]
tsocket/bsd: fix bug #7115 FreeBSD includes the UDP header in FIONREAD
metze
(cherry picked from commit
d07cd37b993d3c9beded20323174633b806196b5)
Stefan Metzmacher [Wed, 17 Feb 2010 08:33:18 +0000 (09:33 +0100)]
tsocket/bsd: set IPV6_V6ONLY on AF_INET6 sockets
Some system already have this as default. It's easier
to behave the same way on all systems and handle ipv6
and ipv4 sockets separate.
metze
(cherry picked from commit
1ffcb991a900b78c9175f6b093839fe96b1bd7d9)
Stefan Metzmacher [Wed, 17 Feb 2010 07:49:28 +0000 (08:49 +0100)]
tsocket/bsd: fix bug #7140 autodetect ipv4 and ipv6 based on the remote address if the local address is any
metze
(cherry picked from commit
8a0949dfc8d2ecf577dfc5ef38496421101b734e)
Stefan Metzmacher [Wed, 17 Feb 2010 07:45:58 +0000 (08:45 +0100)]
tsocket/bsd: fix bug #7140 use calculated sa_socklen for bind() in tstream_bsd_connect_send()
This is needed because, we can't use sizeof(sockaddr_storage) for AF_UNIX
sockets. Also some platforms require exact values for AF_INET and AF_INET6.
metze
(cherry picked from commit
6637b2f4b06fcee1e8e1b1782dd96e3273f8caac)
Stefan Metzmacher [Wed, 17 Feb 2010 07:42:22 +0000 (08:42 +0100)]
tsocket/bsd: fix do_bind logic for AF_INET
We want the explicit bind() when we don't use the any address.
metze
(cherry picked from commit
135543b4c300e2fc31ee4165ce630644e1aef455)
Stefan Metzmacher [Wed, 17 Feb 2010 08:43:00 +0000 (09:43 +0100)]
socket_wrapper: also ignore AF_INET6 in swrap_setsockopt()
metze
(cherry picked from commit
0b3e950731fe72a258a631e39ca1304d54663536)
Günther Deschner [Thu, 18 Feb 2010 01:13:07 +0000 (02:13 +0100)]
s3-modules: fix get_acl_blob in the acl_tdb VFS module.
Shuttle-reviewed by jra :)
Guenther
(cherry picked from commit
6cf10cc1020dd7ef483887caebcbd76d28572432)
Fix bug #7148 (vfs_acl_tdb module uses uninitialized variable. Reading blob can
fail.)
Jeremy Allison [Wed, 17 Feb 2010 18:11:57 +0000 (10:11 -0800)]
Fix bug #6557 - Do not work VFS full_audit
Re-arrange the operations order so SMB_VFS_CONNECT is done
first as root (to allow modules to correctly initialize themselves).
Reviewed modules to check if they needed CONNECT invoked as
a user (which we previously did) and it turns out any of them
that cared needed root permissions anyway.
Jeremy.
Volker Lendecke [Tue, 16 Feb 2010 22:29:48 +0000 (23:29 +0100)]
s3: Fix bug 7139 owner of file not available with kerberos.
To provide the user with the same SID when doing Kerberos logins, attempt to do
a make_server_info_sam instead of a make_server_info_pw.
Karolin Seeger [Wed, 17 Feb 2010 13:51:03 +0000 (14:51 +0100)]
WHATSNEW: Update changes.
Karolin
Jeff Layton [Tue, 16 Feb 2010 14:16:42 +0000 (09:16 -0500)]
cifs.upcall: allocate a talloc context for smb_krb5_unparse_name
cifs.upcall calls smb_krb5_unparse_name with a NULL talloc context.
Older versions of this function though will conditionally use
SMB_REALLOC instead of TALLOC_REALLOC when a NULL context is passed
in. To make it more consistent, just spawn a talloc context that
we can pass into this function.
Resolves:
https://bugzilla.redhat.com/show_bug.cgi?id=565446
https://bugzilla.samba.org/show_bug.cgi?id=6868
Reported-by: Ludek Finstrle <luf@seznam.cz>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Günther Deschner <gd@samba.org>
(cherry picked from commit
a8cc2fa09ed43a167f62711bef363a5ac335dc78)
Fix bug #6868 (make bin/cifs.upcall fails).
Volker Lendecke [Tue, 16 Feb 2010 10:00:08 +0000 (11:00 +0100)]
s3-docs: Document 'smbclient -C'.
(cherry picked from commit
f6c39cec27eea2522c62e6f1ff85efdafde351ac)
Steven Danneman [Fri, 12 Feb 2010 23:42:50 +0000 (15:42 -0800)]
s3/smbd: change locking behavior when "lock spin time = 0".
The "lock spin time" parameter mimics the following Windows
setting which by default is 250ms in Windows and 200ms in Samba.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters\LockViolationDelay
When a client sends repeated, non-blocking, contending BRL requests
to a Windows server, after the first Windows starts treating these
requests as timed blocking locks with the above timeout.
As an efficiency, I've changed the behavior when this setting is 0,
to skip this logic and treat all requests as non-blocking locks.
This gives the smbd server behavior similar to the 3.0 release with
the do_spin_lock() implementation.
I've also changed the blocking lock parameter in the call from
push_blocking_lock_request() to true as all requests made in this
path are blocking by definition.
(cherry picked from commit
cb0ea273696fc9024e6da18eb3e319024f8643f5)
Fix bug #7138 (Backport 'lock spin time" enhancement to 3.5.1).
Jeremy Allison [Sat, 13 Feb 2010 05:29:58 +0000 (21:29 -0800)]
Fix error in docs. Should be milliseconds, not microseconds.
(cherry picked from commit
c7f16abc47a2d291d3da95b4c8e654010e36bc0f)
Björn Jacke [Fri, 29 Jan 2010 11:42:25 +0000 (12:42 +0100)]
s3: by default don't use pthread pool support
(cherry picked from commit
118725c892e445fcc1dc5947cb919cf99c49373f)
The last seven patches address bug #6983 (Build with aio support fails on Debian
Sarge).
Björn Jacke [Thu, 4 Feb 2010 10:03:55 +0000 (11:03 +0100)]
s3:nsswitch: also use pthread CFLAGS for the nsswitch modules that might require it
(cherry picked from commit
55d65ba7213e5b30711b5b5939d53e3d3990d86a)
Björn Jacke [Thu, 4 Feb 2010 09:35:45 +0000 (10:35 +0100)]
s3: fix build on Tru64 after it broke with deactivating pthread pool support
(cherry picked from commit
acedd1c8320afa672ca70c6594bc90ccb7e75a6a)
Björn Jacke [Fri, 29 Jan 2010 14:23:29 +0000 (15:23 +0100)]
s3: link thread objects in libsmbclient only and adjust linker flags
(cherry picked from commit
a20b43f23f2254edb1fcd6d3916dd57e6a4778ee)
Björn Jacke [Wed, 27 Jan 2010 22:43:23 +0000 (23:43 +0100)]
s3: syntax fix
(cherry picked from commit
1f7e97a8a257b3280ca14168adf2d59ca9e1074c)
Björn Jacke [Wed, 27 Jan 2010 17:54:55 +0000 (18:54 +0100)]
s3: get pthread detection also on HP-UX right
(cherry picked from commit
6bade10a1eb21689613770f9a54e0a080663029c)
Björn Jacke [Mon, 25 Jan 2010 23:17:10 +0000 (00:17 +0100)]
s3: fix detection and flags for using pthread
I hope this fixes the build on Tru64, IRIX and maybe bug #6983
(cherry picked from commit
5439e1a03f66ff9722987f908babfd71ebd698f1)
Günther Deschner [Thu, 11 Feb 2010 11:54:57 +0000 (12:54 +0100)]
spoolss: disable GetPrinterDriver level 101 (as called by XP).
We still dont get the marshalling right, disable and XP will just fall back to
level 6.
Guenther
(cherry picked from commit
ddbda92f87aeedb1a1a976a43a1e5ada3897646e)
Fix bug #7136 (spoolss getprinterdriver2 level 101 marshalling bad).
Günther Deschner [Thu, 7 Jan 2010 11:05:18 +0000 (12:05 +0100)]
s3-docs: fix eventlogadm manpage typo.
Guenther
(cherry picked from commit
c1ca00047d26ace240fa5f34b428392b5d61e6c3)
Fix bug #7137 (eventlogadm manpage typo for dump command).
Karolin Seeger [Mon, 15 Feb 2010 09:37:09 +0000 (10:37 +0100)]
WHATSNEW: Update changes since 3.5.0rc2.
Karolin
Karolin Seeger [Mon, 15 Feb 2010 09:22:45 +0000 (10:22 +0100)]
VERSION: We need another release candidate.
Karolin
Jeremy Allison [Fri, 12 Feb 2010 00:00:51 +0000 (16:00 -0800)]
Fixes issue with preexec scripts creating a share directory, and problems is a smb.conf reload turns wide links back on after a connection is establised.
Includes git refs :
cd18695fc2e4d09ab75e9eab2f0c43dcc15adf0b
94865e4dbd3d721c9855aada8c55e02be8b3881e
5d92d969dda450cc3564dd2265d2b042d832c542
02a5078f1fe6285e4a0b6ad95a3aea1c5bb3e8cf
a6f402ad87ff0ae14d57d97278d67d0ceaaa1d82
from master.
Jeremy.
Fix bug #7104 ("wide links" and "unix extensions" are incompatible.)
Volker Lendecke [Sat, 13 Feb 2010 15:38:25 +0000 (16:38 +0100)]
s3: Fix typo found by jhell <jhell@DataIX.net>
(cherry picked from commit
271a4c60dbec0d001dc55df58de8e54274137853)
Günther Deschner [Wed, 10 Feb 2010 23:44:06 +0000 (00:44 +0100)]
s3-spoolss: implement spoolss_EnumJobs level 3.
Level 3 has been added with NT 4.0 and Windows 7 (at least 64bit version) makes
use of it in order to display queued jobs. Windows 7 will *not* fall back to
level 2 if we just return WERR_UNKNOWN_LEVEL, instead there will be no printjobs
displayed at all.
Guenther
(cherry picked from commit
25001bbd1b0b32073073dab7cf5b78a2b902163f)
Fix bug #7130 (enumjobs level 3 is required by win7).
Karolin Seeger [Thu, 11 Feb 2010 12:25:12 +0000 (13:25 +0100)]
WHATSNEW: Mention new "nmbd bind explicit broadcast" parameter.
Karolin
Jeremy Allison [Wed, 10 Feb 2010 20:32:05 +0000 (12:32 -0800)]
More of the fix for bug #7118 - nmbd problems with socket address.
Add a simple "processed packet queue" cache to stop nmbd responding to
packets received on the broadcast and non-broadcast socket (which
it has opened when "nmbd bind explicit broadcast = yes").
This is a very simple packet queue - it only keeps the packets
processed during a single call to listen_for_packets() (i.e. one
select call). This means that if the delivery notification for a
packet received on both broadcast and non-broadcast addresses
is done in two different select calls, the packet will still be
processed twice. This is a very rare occurrance and we can just
live with it when it does as the protocol is stateless. If this
is ever flagged as a repeatable problem then we can add a longer
lived cache, using timeout processing to clear etc. etc. But without
storing all packets processed we can never be *sure* we've eliminated
the race condition so I'm going to go with this simple solution until
someone proves a more complex one is needed :-).
Jeremy.
Jeremy Allison [Mon, 8 Feb 2010 22:35:02 +0000 (14:35 -0800)]
Make "nmbd bind explicit broadcast" on by default.
Fix a comment typo.
Jeremy.
Stefan Metzmacher [Mon, 8 Feb 2010 11:59:13 +0000 (12:59 +0100)]
s3:docs-xml: document "nmbd bind explicit broadcast"
metze
(cherry picked from commit
9887751f6fa6f7e4fd5c79c637e0576405000c01)
The last 3 fixes address bug #7118 (nmbd problems with socket address).
Stefan Metzmacher [Mon, 8 Feb 2010 11:51:29 +0000 (12:51 +0100)]
s3:nmbd: change "nmbd:bind explicit broadcast" into "nmbd bind explicit broadcast"
metze
(cherry picked from commit
0140bc389d56511c3255720856bdb64803ba8930)
Stefan Metzmacher [Thu, 28 Jan 2010 10:04:05 +0000 (11:04 +0100)]
s3:nmbd: also listen explicit on the subnet broadcast addresses
And send replies always via the unicast address of the subnet.
This behavior is off by default (as before)
and can be enabled with "nmbd:bind explicit broadcast = yes".
metze
(cherry picked from commit
30a1bc365071befd07e68e24ca4fa3843159ab13)
Björn Jacke [Wed, 10 Feb 2010 12:48:11 +0000 (13:48 +0100)]
s3: change ldap filter to what really was intended (cherry picked from commit
9b75650f1a963e36a6dd697b5ad2725a8c7c9250)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Part of a fix for bug #7116.
Karolin Seeger [Wed, 10 Feb 2010 10:05:13 +0000 (11:05 +0100)]
WHATSNEW: Update changes since 3.5.0rc2.
Karolin
Jeremy Allison [Tue, 9 Feb 2010 20:17:08 +0000 (12:17 -0800)]
Fix off-by-one error in working out the limit of the NetServerEnum comment.
Jeremy.
Part of a fix for bug #7122 (Reading a large browselist fails (server returns
invalid values in subsequent SMBtrans replies).
Jeremy Allison [Tue, 9 Feb 2010 23:14:38 +0000 (15:14 -0800)]
Fix bug #7122 - Reading a large browselist fails (server returns invalid values in subsequent SMBtrans replies)
There are two problems:
1). The server is off-by-one in the end of buffer space test.
2). The server returns 0 in the totaldata (smb_vwv1) and totalparams (smb_vwv0)
fields in the second and subsequent SMBtrans replies.
This patch fixes both.
Jeremy.
Simo Sorce [Sat, 6 Feb 2010 15:48:39 +0000 (10:48 -0500)]
tdb: raise version to 1.2.1
after recent fixes we need to raise the version to 1.2.1 so that
we can require also the right patched version.
Original commit was
70534adee10fc6f5bba2d9304668dc6508e5de5a in master.
source4/min_versions.m4 was copied from the master branch.
Stefan Metzmacher [Tue, 9 Feb 2010 17:58:36 +0000 (18:58 +0100)]
s3:smbd: use StrCaseCmp() instead of strcasecmp
metze
(cherry picked from commit
bc8242a08e1bb9489cc8171b1ec02bd2518b1857)
Part of a fix for bug #7119 (support for large browselist).
Stefan Metzmacher [Tue, 9 Feb 2010 17:54:41 +0000 (18:54 +0100)]
s3:smbd: Fix really ugly bool vs. int bug!!!
A comparison function for qsort needs to return an 'int'!
Otherwise you'll get random results depending on the compiler
and the architecture...
metze
(cherry picked from commit
1686a5e7e7eb1b411b003cbbde5c0d28741c6d02)
Part of a fix for bug #7119 (support for large browselist).
Stefan Metzmacher [Tue, 9 Feb 2010 11:57:01 +0000 (12:57 +0100)]
s3:passdb: only use gid_to_sid() result if the result is a group of our local sam
Otherwise retry with pdb_gid_to_sid().
metze
(cherry picked from commit
4dc2be2264926fe415e4e40e212f94793c9831d1)
Last seven patches address bug #7116 (pdb_ldap performance fixes).
Stefan Metzmacher [Fri, 5 Feb 2010 15:20:21 +0000 (16:20 +0100)]
s3:pdb_ldap: don't search for the users primary group, if we already know it
metze
(cherry picked from commit
6753fb1cf6a834b12b2a9dce3b1a9555390c17be)
Stefan Metzmacher [Wed, 3 Feb 2010 10:32:41 +0000 (11:32 +0100)]
s3:pdb_ldap: optimize ldapsam_alias_memberships() and cache ldap searches.
ldapsam_alias_memberships() does the same LDAP search twice, triggered
via add_aliases() from create_local_nt_token().
This happens when no domain aliases are used.
metze
(cherry picked from commit
49ace81e19de231825216cbf07c7422687131bb6)
Stefan Metzmacher [Thu, 4 Feb 2010 16:19:57 +0000 (17:19 +0100)]
s3:pdb_ldap: try to build the full unix_pw structure with ldapsam:trusted support
And also store the gid_to_sid mappings in the idmap_cache.
metze
(cherry picked from commit
25038fa85ff69962ca0975f31802218a897aa1ec)
Stefan Metzmacher [Thu, 4 Feb 2010 16:16:59 +0000 (17:16 +0100)]
s3:passdb: speed up pdb_get_group_sid()
Use the cached version gid_to_sid() instead
of pdb_gid_to_sid().
And also avoid the expensive lookup_sid() call
for wellkown domain groups.
metze
(cherry picked from commit
e10d0869567436902c8b8cfb50f8c64148d554cb)
Volker Lendecke [Sun, 31 Jan 2010 14:18:51 +0000 (15:18 +0100)]
s3: Make pdb_copy_sam_account also copy the group sid
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
b99046fed1bf4a908ed856afb17c3c934c6d305d)
Stefan Metzmacher [Sat, 30 Jan 2010 21:28:19 +0000 (22:28 +0100)]
s3: shortcut gid_to_sid when "ldapsam:trusted = yes"
The normal gid_to_sid behaviour is to call sys_getgrgid()
to get the name for the given gid and then call the
getsamgrnam passdb method for the resulting name.
In the ldapsam:trusted case we can reduce the gid_to_sid
operation to one simple search for the gidNumber attribute
and only get the sambaSID attribute from the correspoinding
LDAP object. This reduces the number of ldap roundtrips
for this operation.
metze
(cherry picked from commit
779821df8ecfe3ed2392582b500d26332f0b80fc)
Jeremy Allison [Tue, 9 Feb 2010 22:56:12 +0000 (14:56 -0800)]
Missed one check on the memcpy for bug #7063.
Jeremy.
Jeremy Allison [Tue, 9 Feb 2010 22:48:15 +0000 (14:48 -0800)]
Second part of fix for bug 7063 - Samba 3.4.5 on ubuntu 8.04 64 bit - Core dumps.
Ensure we have no naked memcpy calls. This isn't a crash bug (it's
already checked in the data_blob_talloc_zero() above, but I want to
get into the pattern of having all memcpy's covered by safety checks.
Jeremy.
Karolin Seeger [Tue, 9 Feb 2010 15:36:39 +0000 (16:36 +0100)]
s3-docs: Add missing para end tag.
Karolin
Karolin Seeger [Tue, 9 Feb 2010 14:28:33 +0000 (15:28 +0100)]
WHATSNEW: Add changes since 3.5.0rc2.
Karolin
Karolin Seeger [Tue, 9 Feb 2010 10:36:37 +0000 (11:36 +0100)]
WHATSNEW: Update changes.
Karolin
Jeremy Allison [Mon, 8 Feb 2010 19:04:38 +0000 (11:04 -0800)]
Fix bug #6876 for acl_tdb module.
As pointed out by bj@sernet.de, the rmdir module initializer was
duplicated. Fix this properly.
Jeremy.
Stefan Metzmacher [Mon, 8 Feb 2010 17:38:03 +0000 (18:38 +0100)]
s3:libsmb: fix NetServerEnum3 rap calls.
metze
(cherry picked from commit
9b5198dd443a00fdad4faa1f9cdabedd81012d93)
Fix bug #7119 (support for large browselist).
Stefan Metzmacher [Fri, 5 Feb 2010 17:08:46 +0000 (18:08 +0100)]
s3:smbd: implement api_RNetServerEnum3
This is needed to support large browse lists.
metze
(cherry picked from commit
30eec0656c926d3d85a438dc28f17649b53318f8)
Andrew Tridgell [Thu, 10 Dec 2009 03:35:24 +0000 (14:35 +1100)]
util: added binsearch.h for binary array searches
This was moved from the schema_query code. It will now be used in more
than one place, so best to make it a library macro. I think there are
quite a few places that could benefit from this.
(cherry picked from commit
71943e8858943718affb6a3c0ded2127f07057f0)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
448b8f35d7a7cff73d35304673302178f593c9d0)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
6b24639c08b764eb0205c63674e80b303b2be2ac)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Mon, 8 Feb 2010 17:45:18 +0000 (18:45 +0100)]
s3:smbd: add/improve some DEBUG messages in api_RNetServerEnum2()
metze
(cherry picked from commit
495ac4616654c9e62e14031b7439aff21e42ec91)
Stefan Metzmacher [Fri, 5 Feb 2010 15:55:15 +0000 (16:55 +0100)]
s3:smbd: rename api_RNetServerEnum => api_RNetServerEnum2
metze
(cherry picked from commit
dc58672c6588a1715698721153b35ed2d594bc67)
Jeremy Allison [Sat, 6 Feb 2010 00:28:49 +0000 (16:28 -0800)]
Fix bug 7104 - "wide links" and "unix extensions" are incompatible.
Change parameter "wide links" to default to "no".
Ensure "wide links = no" if "unix extensions = yes" on a share.
Fix man pages to refect this.
Remove "within share" checks for a UNIX symlink set - even if
widelinks = no. The server will not follow that link anyway.
Correct DEBUG message in check_reduced_name() to add missing "\n"
so it's really clear when a path is being denied as it's outside
the enclosing share path.
Jeremy.
Björn Jacke [Tue, 9 Feb 2010 08:07:54 +0000 (09:07 +0100)]
s3: fix some wrong newlines in de translation strings
(cherry picked from commit
fb0c03209773059caad8d0aad5899828e5f5e64e)
Jeremy Allison [Wed, 3 Feb 2010 00:32:51 +0000 (16:32 -0800)]
Fix bug 7063 - Samba 3.4.5 on ubuntu 8.04 64 bit - Core dumps.
Reported and found by Martin Hochreiter <linuxbox@wavenet.at>.
Ensure we copy the right amount of registry data into the outgoing
buffer.
Jeremy.
(cherry picked from commit
110a6f29f0d130753419d5fc5c7b238ab30822ec)
Bo Yang [Sun, 7 Feb 2010 06:45:42 +0000 (14:45 +0800)]
s3: Fix malformed require_membership_of_sid.
Signed-off-by: Bo Yang <boyang@samba.org>
(cherry picked from commit
913a9f4e420c7a4177e6a7874e8ec2703f447918)
Fix bug #7106.
Björn Jacke [Sun, 7 Feb 2010 19:10:57 +0000 (20:10 +0100)]
s3: fix build issue on Tru64
Thanks, Volker for the hint - acl_type is a macro on Tru64. Renamed it
to acltype. This fixes #7103.
(cherry picked from commit
328a6264a7b64dce9378bf9c9c2ab3aeb7d755c7)
Lars Müller [Fri, 5 Feb 2010 16:38:04 +0000 (17:38 +0100)]
s3: normalize "Changing password for" msg IDs and STRs
An additional space at the end of the "Changing password for" msgid lead
to untranslated pam_winnind messages.
(cherry picked from commit
f9f1db18834648da73b7b1f6d9472523941e8277)
Fix bug #7102 (normalize "Changing password for" msg IDs and STRs).
Jeremy Allison [Sun, 31 Jan 2010 03:24:28 +0000 (19:24 -0800)]
Fix bug #7079 - cliconnect gets realm wrong with trusted domains.
Passing NULL as dest_realm for cli_session_setup_spnego() was
always using our own realm (as for a NetBIOS name). Change this
to look for the mapped realm using krb5_get_host_realm() if
the destination machine name is a DNS name (contains a '.').
Could get fancier with DNS name detection (length, etc.) but
this will do for now.
Jeremy.
Stefan Metzmacher [Thu, 4 Feb 2010 13:03:20 +0000 (14:03 +0100)]
s3:libsmb: don't reuse the callers stype variable in cli_NetServerEnum()
When we need to do more than one network operation to get the
browse list we need to use the same 'stype' value each time.
metze
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
c2e4746fa9d68e7601e8e90cc0144d2e65a695b6)
Fix bug #7098 (smbclient -L gives wrong results with a large browse list).
Lars Müller [Wed, 20 Jan 2010 11:41:43 +0000 (12:41 +0100)]
Add cross option to samba_cv_linux_getgrouplist_ok
"cross" as an option got removed accidentl with commit
e5a95132 while
moving in direction of 3.2.
Patch proposed by Richard Sharpe <realrichardsharpe@gmail.com>.
(cherry picked from commit
30ea9932f5ea8a73c84dbab3ae3e997c2ae34e79)
Fix bug #7047.
Steven Danneman [Sat, 30 Jan 2010 21:29:23 +0000 (13:29 -0800)]
s3/smbd: Fix string buffer overflow causing heap corruption
The destname malloc size was not taking into account the 1 extra byte
needed if a string without a leading '/' was passed in and that slash
was added.
This would cause the '\0' byte to be written past the end of the
malloced destname string and corrupt whatever heap memory was there.
This problem would be hit if a share name was given in smb.conf without
a leading '/' and if it was the exact size of the allocated STRDUP memory
which in some implementations of malloc is a power of 2.
(cherry picked from commit
f42971c520360e69c4cdd64bebb02a5f5ba49b94)
Fix bug #7096.
Volker Lendecke [Fri, 29 Jan 2010 17:21:09 +0000 (18:21 +0100)]
tdb: fix an early release of the global lock that can cause data corruption
There was a bug in tdb where the
tdb_brlock(tdb, GLOBAL_LOCK, F_UNLCK, F_SETLKW, 0, 1);
(ending the transaction-"mutex") was done before the
/* remove the recovery marker */
This means that when a transaction is committed there is a window where another
opener of the file sees the transaction marker while the transaction committer
is still fully functional and working on it. This led to transaction being
rolled back by that second opener of the file while transaction_commit() gave
no error to the caller.
This patch moves the F_UNLCK to after the recovery marker was removed, closing
this window.
(cherry picked from commit
531059696e17d1ee538310d81af309c107d08e3e)
Fix bug #7085.
Jeremy Allison [Tue, 2 Feb 2010 02:50:43 +0000 (18:50 -0800)]
Fix bug #7084 - Create time on directories not stored properly in an EA in new create time code.
Remove erroneous optimisation that caused no EA to be set
if calculated btime matched st_ex btime, and calculated DOS
attribute matched existing file attribute.
Jeremy.
(cherry picked from commit
f3ee1516e631274531439e0ab7c384d02aff789c)
Volker Lendecke [Wed, 3 Feb 2010 06:37:29 +0000 (07:37 +0100)]
s3: Simplify the code a bit: Catch (len==0) early
Part of a fix for bug #7081.
Jeremy Allison [Wed, 3 Feb 2010 00:43:41 +0000 (16:43 -0800)]
Fix bug 7081 - vfs_expand_msdfs doesn't work correctly (with fix identified)
Fix inspired by idea from Eric Horst <erich@cac.washington.edu>.
Jeremy.
(cherry picked from commit
de24209f0a745ada4220a1751c4ed88ae6eea575)
olivier [Fri, 29 Jan 2010 11:04:35 +0000 (12:04 +0100)]
s3/vfs_scannedonly: AIX doesn't have MSG_DONTWAIT
(cherry picked from commit
e95e3270d1f3fece7292359d276ce45913a699ac)
Fix bug #7076 (vfs_scannedonly does not compile on AIX which does not have
MSG_DONTWAIT).
Jeremy Allison [Thu, 28 Jan 2010 18:38:24 +0000 (10:38 -0800)]
Fix bug #7069 - smbget does not return an error status after some errors
A combination patch from Johannes Poehlmann <johannes@lst.de> and
Jeremy. Fix the return codes from smb_download_file() and smb_download_dir().
Jeremy.
(cherry picked from commit
f387ed88e8b5b32eb121724d99d73d8ce55e745e)