Michael Adam [Thu, 12 Apr 2012 15:46:02 +0000 (17:46 +0200)]
s3:registry: untangle assignment from check in reg_deletevalue() (cherry picked from commit
585746338bda22ff8337d41c8cc50533c5facf56)
Michael Adam [Thu, 12 Apr 2012 11:38:32 +0000 (13:38 +0200)]
s3:registry: fix race in reg_setvalue that could lead to data corruption
(there was no lock around fetching the values and storing them)
The layering is wrong in that it uses regdb transactions in reg_api
(cherry picked from commit
9220377ceebf05e756fd108cbd30b503598e0fb8)
Michael Adam [Fri, 20 Apr 2012 13:19:47 +0000 (15:19 +0200)]
s3:registry: untangle assignment from check and add a debugmessage in reg_setvalue() (cherry picked from commit
a81d399456eb86ffb60bed8704cd8c7864b742db)
Michael Adam [Thu, 12 Apr 2012 06:18:04 +0000 (08:18 +0200)]
s3:registry: don't leak the old contents when updating the value cache (cherry picked from commit
0bf44361caace3a4974dafa305033fb926d0f6d6)
Michael Adam [Fri, 30 Mar 2012 13:39:58 +0000 (15:39 +0200)]
s3:registry: fix debug message in regdb_store_values_internal() (cherry picked from commit
c46403f74116708f2f8b1d531f5881bb9d7f2a84)
Michael Adam [Fri, 30 Mar 2012 13:35:14 +0000 (15:35 +0200)]
s3:registry: improve log message in regdb_unpack_values() (cherry picked from commit
ae441d97cdbe8e35cd342ba979bacc3757c06cb7)
Michael Adam [Fri, 30 Mar 2012 13:14:01 +0000 (15:14 +0200)]
s3:registry: fix a debug message typo (cherry picked from commit
9f82e1175f28bdc1c09e7bd795699b29049a77e3)
Michael Adam [Fri, 30 Mar 2012 12:39:50 +0000 (14:39 +0200)]
s3:registry: add a new function regval_ctr_value_byname()
This is like regval_ctr_key_exists() but does not return bool,
but the regval_blob instead, if found, and NULL if not found.
(cherry picked from commit
b037d5461a7a9a2e51a3dd2794fcc47dfcff4468)
Michael Adam [Fri, 30 Mar 2012 12:33:39 +0000 (14:33 +0200)]
s3:registry: rename regval_ctr_key_exists() to regval_ctr_value_exists() (cherry picked from commit
60cdf3c8b5bbda9434f0d8a05fc581ab41b42d5c)
Michael Adam [Thu, 29 Mar 2012 23:00:51 +0000 (01:00 +0200)]
s4:torture:rpc:spoolss: also initialize driverName before checking it in test_PrinterData_DsSpooler() (cherry picked from commit
46428f96a4089925355b4eeebebb8d7f27e2ec0b)
Michael Adam [Thu, 29 Mar 2012 22:10:14 +0000 (00:10 +0200)]
s3:registry:reg_api: fix reg_queryvalue to not fail when values are modified while it runs (cherry picked from commit
5d26120b5ab180212d570dd256e8989e0c80224d)
Michael Adam [Sat, 5 May 2012 00:12:25 +0000 (02:12 +0200)]
s3:registry: implement values_need_update and subkeys_need_update in the smbconf backend
It simply calls to the regdb functions.
This fixes a caching issue uncovered by recent changes.
(cherry picked from commit
bff7589818e602ace6cd0a4125d5f6a2ba97cded)
Steve Langasek [Wed, 9 May 2012 05:56:00 +0000 (07:56 +0200)]
Fix bug 8920, null dereference
Description: Avoid null dereference in initialize_password_db()
When initialize_password_db() is called with reload=True, it's assumed that
the free_private_data member of pdb_methods is non-null. This is not
necessarily the case, as the tdb backend has no private data and therefore
no free function. Check to see if we have private data that needs freed
before calling.
Author: Steve Langasek <steve.langasek@ubuntu.com>
Bug-Ubuntu: https://bugs.launchpad.net/bugs/829221
Jeremy Allison [Thu, 10 May 2012 07:53:57 +0000 (09:53 +0200)]
s3-pam_winbind: Fix the build.
Jeremy
Part of a fix for bug #8915 (Samba fails to build with iniparser-3.0.0 and
iniparser-3.1.0).
Simo Sorce [Wed, 9 May 2012 11:55:41 +0000 (13:55 +0200)]
Fix pam_winbind build against newer iniparser library.
iniparser_getstr is deprecated and has been removed in newer libraries
available in Fedora. Use iniparse_getstring instead.
Autobuild-User: Simo Sorce <idra@samba.org>
Autobuild-Date: Tue Apr 24 02:56:10 CEST 2012 on sn-devel-104
Based on commit
adbace20a24b6ae4fbd6d17b7153833f4ac8c88d in master.
Karolin Seeger [Tue, 8 May 2012 14:33:07 +0000 (16:33 +0200)]
s3-docs: Fix bug #7930.
Add hint that setting "profile acls = yes" on normal shares can cause trouble.
Karolin
Autobuild-User: Karolin Seeger <kseeger@samba.org>
Autobuild-Date: Tue May 8 18:47:59 CEST 2012 on sn-devel-104
(cherry picked from commit
4cc04a29247a0c4b3de9884890364a5712534073)
Richard Sharpe [Tue, 8 May 2012 12:53:10 +0000 (14:53 +0200)]
s3-VFS: Fix building out-of-tree modules.
Fix bug #8822 (VFS module init function name has to be manually changed
depending on build environment).
Karolin Seeger [Tue, 8 May 2012 10:01:28 +0000 (12:01 +0200)]
s3-docs: Fix several typos.
Part of a fix for bug #7938. Based on a patch provided by John Bradshaw
<john@johnbradshaw.org>.
Karolin
Karolin Seeger [Tue, 8 May 2012 09:05:37 +0000 (11:05 +0200)]
s3-docs: overrided -> overridden
Fix typo. Part of a fix for bug #7938. Based on a patch provided by John
Bradshaw <john@johnbradshaw.org>.
Björn Jacke [Tue, 8 May 2012 12:10:51 +0000 (14:10 +0200)]
s3/ldap: remove outdated netscape ds 5 schema file
remove outdated netscape ds 5 schema file and put a README there pointing to
the FDS schema file instead. This fixes bug #8869
(commit
b31f773ae1640313dc1ba86b334e9bbb9cb31bd6 in master)
Joseph Tam [Thu, 19 Apr 2012 18:46:16 +0000 (11:46 -0700)]
Fix bug #8877 - Syslog broken owing to mistyping of debug_settings.syslog.
Setting "syslog only = yes" did not divert log messages to syslog. The test in
lib/util/debug.c:Debug1():747
if( syslog_level < state.settings.syslog )
produces wrong results since .syslog is typed "bool" rather than "int".
The attached patch fixes this by typing this field correctly as "int".
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Fri Apr 20 00:06:12 CEST 2012 on sn-devel-104
(cherry picked from commit
00d5f32025bf13285ab3f8ffae914107c9eca275)
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Tue, 17 Apr 2012 01:17:25 +0000 (18:17 -0700)]
Bugfix for #8857 - Setting traverse rights fails to enable directory traversal when acl_xattr in use.
We were incorrectly checking the parent directory ACL, instead
of the ACL of the directory we're trying to open.
Jeremy Allison [Tue, 17 Apr 2012 01:04:51 +0000 (18:04 -0700)]
Fix incorrect debug - parent_name is never set !
Jeremy Allison [Fri, 30 Mar 2012 19:23:07 +0000 (12:23 -0700)]
Fix bug #8831 - Inconsistent (with manpage) command-line switch for "help" in smbtree
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Fri Mar 30 22:59:53 CEST 2012 on sn-devel-104
(cherry picked from commit
efd94d159883cb0841d8ac83223a1e63098a8d72)
Olaf Flebbe [Thu, 12 Apr 2012 09:29:41 +0000 (11:29 +0200)]
Wrong assertion/comparison: Compare value not pointer
Fix bug #8859 (Wrong assertion: Checks pointer not value).
Jeremy Allison [Wed, 25 Apr 2012 22:17:09 +0000 (15:17 -0700)]
Fix bug #8897 - winbind_krb5_locator only returns one IP address.
Reported by Dina_Fine@Dell.com.
Don't ask the DC for an IP list when locating kdc's. Ask for the
name and use getaddrinfo to get all possible addresses instead.
Jeremy Allison [Mon, 9 Apr 2012 21:15:22 +0000 (14:15 -0700)]
Final back port of fix for bug #8837 - smbd crashes when deleting directory and veto files are enabled.
Use ndr encoding to add the NT security token into the stored data when
delete on close is set.
Jeremy Allison [Mon, 9 Apr 2012 18:47:27 +0000 (11:47 -0700)]
Convert parse_delete_tokens_list() and unparse_share_modes() to use ndr encoding for the struct security_unix_token. We can do this as libsmb_share_modes never looks inside the delete tokens list, only implicitly gets the length.
Jeremy Allison [Fri, 6 Apr 2012 22:39:03 +0000 (15:39 -0700)]
The delete tokens are unique to each name hash representing a pathname, if we don't correctly return here we'll add duplicate tokens for a given pasname hash.
Jeremy Allison [Fri, 6 Apr 2012 21:53:48 +0000 (14:53 -0700)]
Fix the talloc heirarchy when adding the unix delete token.
Jeremy Allison [Wed, 4 Apr 2012 21:57:12 +0000 (14:57 -0700)]
Third part of fix for bug #8837 - smbd crashes when deleting directory and veto files are enabled.
Use correct check to see if veto files has been enabled. Even if not
set lp_veto_files() returns a valid string address (to a '\0' character).
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Thu Apr 5 01:36:04 CEST 2012 on sn-devel-104
(cherry picked from commit
704ea4729b499ae2716cfe6ad5d952bcb1251a3b)
Jeremy Allison [Wed, 4 Apr 2012 21:53:10 +0000 (14:53 -0700)]
First part of fix for bug 8837 - smbd crashes when deleting directory and veto files are enabled.
Add some const to the sec_ctx code.
(cherry picked from commit
f042de2f346c98a852957cdbb09a7f8ac871b69c)
Volker Lendecke [Sat, 28 Apr 2012 17:51:46 +0000 (19:51 +0200)]
s3: Fix bug 8904 -- wbinfo --lookup-sids "" crashes winbind
Much of the code further down and up the call chain expects the
structures wb_lookupsids returns to be allocated. Do that despite
we have nothing to look up.
Volker Lendecke [Thu, 12 Apr 2012 10:15:50 +0000 (12:15 +0200)]
s3: Fix a segfault with debug level 3 on Solaris
printf can not deal with NULL strings
Fix bug #8861 (smbd crashes on high debug level with anonymous logins).
Karolin Seeger [Mon, 30 Apr 2012 18:38:01 +0000 (20:38 +0200)]
WHATSNEW: Start release notes for 3.6.6.
Karolin
(cherry picked from commit
8ad95d03caced31c0a6d98b729fe98537592a33e)
Karolin Seeger [Mon, 30 Apr 2012 18:35:24 +0000 (20:35 +0200)]
Bump version number up to 3.6.6.
Karolin
(cherry picked from commit
b71b0c64fb1e603cd2881e04f47939332eb30fe4)
Jeremy Allison [Tue, 17 Apr 2012 19:30:15 +0000 (12:30 -0700)]
Fix self granting privileges in security=ads.
CVE-2012-2111
(cherry picked from commit
5bdabda9e2143b1188f52533a4fa3f838b6066c9)
Karolin Seeger [Fri, 27 Apr 2012 18:23:15 +0000 (20:23 +0200)]
WHATSNEW: Release notes for 3.6.5.
Karolin
(cherry picked from commit
49808d01df79d67bc98f9c993b38c3ed49e892b4)
SATOH Fumiyasu [Mon, 26 Mar 2012 10:13:12 +0000 (19:13 +0900)]
s3-docs: Prepend '/' to filename argument (Bug #8826)
(cherry picked from commit
6804e46811dd13cfd405f7c48a3dc2bc6501d75c)
Ralph Wuerthner [Wed, 4 Apr 2012 15:40:27 +0000 (17:40 +0200)]
s3-smbd: move print_backend_init() behind init_system_info()
On smbd startup check_published_printers() fails with the following error
messages:
[2012/04/04 16:29:50.511526, 0] printing/nt_printing_ads.c:360(check_published_printers)
check_published_printers: Could not create system session_info
[2012/04/04 16:29:50.512101, 0] printing/nt_printing.c:102(nt_printing_init)
nt_printing_init: error checking published printers: WERR_ACCESS_DENIED
check_published_printers() requires session_info to be set, but
initialization of session_info in main() is done after calling
print_backend_init(). Move print_backend_init() behind init_system_info().
Signed-off-by: Ralph Wuerthner <ralph.wuerthner@de.ibm.com>
Fix bug #8845 (check_published_printers: Could not create system session_info).
Björn Baumbach [Wed, 4 Apr 2012 14:41:35 +0000 (16:41 +0200)]
docs: remove whitespace in example samba.ldif (fix bug #8789) (cherry picked from commit
9a68a98e87e5597ba684bea3d5e6a44951e51973)
Volker Lendecke [Sat, 31 Mar 2012 11:37:20 +0000 (13:37 +0200)]
s3-aio-fork: Fix a segfault in vfs_aio_fork
aio_suspend does not signal the main process with a signal, it just waits. The
aio_fork module does not use the signal at all, it directly calls back into the
main smbd by calling smbd_aio_complete_aio_ex. This is an abstraction
violation, but the alternative would have been to use signals where they are
not needed. However, in wait_for_aio_completion this bites us: With aio_fork we
call handle_aio_completed twice on the same aio_ex struct: Once from the call
to handle_aio_completion within the aio_fork module and once from the code in
wait_for_aio_completion.
This patch fixes it in a pretty bad way by introducing flag variables and more
state. But the mid-term plan is to replace the posix aio calls from the vfs and
do pread_send/recv and pwrite_send/recv at the vfs layer, so this will
significantly change anyway.
Thanks to Kirill Malkin <kirill.malkin@starboardstorage.com> for reporting this
crash!
The last 2 patches address bug #8836 (aio_fork segfaults on "smbcontrol
close-share").
Volker Lendecke [Sat, 31 Mar 2012 11:34:42 +0000 (13:34 +0200)]
s3-aio-fork: Fix aio_suspend event hierarchy
We end up here multiple times. There's no real point putting the events into
the child struct, at the end of this routine we need to free them anyway.
Björn Baumbach [Wed, 4 Apr 2012 14:58:24 +0000 (16:58 +0200)]
docs-xml: fix default name resolve order (fix bug #7564)
Autobuild-User: Volker Lendecke <vl@samba.org>
Autobuild-Date: Fri Apr 6 09:54:37 CEST 2012 on sn-devel-104
(cherry picked from commit
189b3d9b24bf553ff7096397c389f20ba99e0dfa)
Karolin Seeger [Tue, 10 Apr 2012 18:16:29 +0000 (20:16 +0200)]
WHATSNEW: Start release notes for Samba 3.6.5.
Karolin
(cherry picked from commit
7a2f5309d8e064e5fea66c1e723b6a0d00fbe0b1)
Karolin Seeger [Tue, 10 Apr 2012 18:13:53 +0000 (20:13 +0200)]
VERSION: Bump version up to 3.6.5.
Karolin
(cherry picked from commit
bbf24474560195f3a6d41991836d568092c0340e)
Stefan Metzmacher [Thu, 15 Mar 2012 16:03:05 +0000 (17:03 +0100)]
pidl/NDR/Parser: also do range checks on the array size
metze
The last 8 patches address bug #8815 (PIDL based autogenerated code allows
overwriting beyond of allocated array; CVE-2012-1182).
(cherry picked from commit
0b9d59d256a74594e89467e5ebe4e62c25c9572e)
Stefan Metzmacher [Thu, 15 Mar 2012 12:14:48 +0000 (13:14 +0100)]
pidl/NDR/Parser: do array range validation in ParseArrayPullGetLength()
metze
(cherry picked from commit
3e0e6f56a671b40b21c37838ff292fe8902889bb)
Stefan Metzmacher [Thu, 15 Mar 2012 12:13:20 +0000 (13:13 +0100)]
pidl/NDR/Parser: use helper variables for array size and length
metze
(cherry picked from commit
e94415cf237d1e434daa5da70e6df0b4b6926bae)
Stefan Metzmacher [Thu, 15 Mar 2012 14:07:08 +0000 (15:07 +0100)]
pidl/NDR/Parser: remember if we already know the array length
metze
(cherry picked from commit
25f68811af3399c6148fa5d31d932465e27a2125)
Stefan Metzmacher [Thu, 15 Mar 2012 12:07:47 +0000 (13:07 +0100)]
pidl/NDR/Parser: use ParseArrayPullGetLength() to get the number of array elements (bug #8815 / CVE-2012-1182)
An anonymous researcher and Brian Gorenc (HP DVLabs) working
with HP's Zero Day Initiative program have found this and notified us.
metze
(cherry picked from commit
8e99484dec90690ec1e00c17580150278963e063)
Stefan Metzmacher [Thu, 15 Mar 2012 12:05:39 +0000 (13:05 +0100)]
pidl/NDR/Parser: split off ParseArrayPullGetSize() and ParseArrayPullGetLength()
metze
(cherry picked from commit
dc9c68c8992db8225c93043757c4d33b8814c428)
Stefan Metzmacher [Thu, 15 Mar 2012 12:12:04 +0000 (13:12 +0100)]
pidl/NDR/Parser: simplify logic in DeclareArrayVariables*()
metze
(cherry picked from commit
d15b71523d228f78f317f44181900dbf10b52e33)
Stefan Metzmacher [Thu, 15 Mar 2012 12:09:51 +0000 (13:09 +0100)]
pidl/NDR/Parser: declare all union helper variables in ParseUnionPull()
metze
(cherry picked from commit
94622cea2b2f4914b4ced35e952680c20cc4985b)
Karolin Seeger [Sat, 7 Apr 2012 13:20:25 +0000 (15:20 +0200)]
WHATSNEW: Prepare release notes for 3.6.4.
Karolin
(cherry picked from commit
0d45a24cffef841de5db2344910224e4df9bce3a)
Andrew Bartlett [Wed, 14 Dec 2011 23:00:36 +0000 (10:00 +1100)]
s3-winbindd Only use SamLogonEx when we can get unencrypted session keys
This ensures that we have some check on the session keys being returned
as the RC4 cipher is not checksumed.
The check comes from the fact that the credentials chain is tied to
the session key, and so if the credentials check passes then the
netlogon session key will be correct, and so the user session key
will be correctly decrypted.
Andrew Bartlett
Part of a fix for bug #8599 (WINBINDD_PAM_AUTH_CRAP returns invalid user session
key).
Richard Sharpe [Fri, 9 Mar 2012 22:54:38 +0000 (14:54 -0800)]
Fix bug #8797 - Samba does not correctly handle DENY ACEs when privileges apply. Signed-off-by: Jeremy Allison <jra@samba.org> (cherry picked from commit
9aafc490db58017133bbd7a7f49264ee0d48f0ff)
Volker Lendecke [Tue, 20 Sep 2011 20:45:52 +0000 (22:45 +0200)]
v3-6-test: Further fix for bug 8338
OS/X can not deal with a 10-vwv read on normal files.
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Wed Sep 21 00:51:08 CEST 2011 on sn-devel-104
Christian Ambach [Tue, 13 Mar 2012 17:07:11 +0000 (10:07 -0700)]
Fix bug #8807 - dcerpc_lsa_lookup_sids_noalloc() crashes when groups has more than 1000 groups
Use correct talloc heirarchy.
Signed-off-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
7936fb0ab8c3413768e83975c9d8544d653ee13c)
Karolin Seeger [Fri, 2 Mar 2012 19:29:58 +0000 (20:29 +0100)]
Revert "s3: Add sys_statvfs() wrapper support for OpenBSD/FreeBSD/DragonFly."
This reverts commit
a0d51949abde68134eb35150d797387a1fb57ab7.
https://bugzilla.samba.org/show_bug.cgi?id=8777
--- Comment #9 from Volker Lendecke <vl@samba.org> 2012-03-02 00:32:41 UTC ---
Karolin, would it be possible that you revert
a0d51949abde68134eb35150d797387a1fb57ab7 from v3-6-test? I did test this on
FreeBSD, but it makes the build fail on NetBSD. This patch needs to grow a bit
in master and is not ready for 3.6.
[...]
Volker
Jeremy Allison [Tue, 28 Feb 2012 17:47:50 +0000 (09:47 -0800)]
Fix problem reported by Tom Lee <tlee2951@gmail.com> - when calculating the share security mask, take priviliges into account for the connecting user.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Tue Feb 28 20:21:26 CET 2012 on sn-devel-104
(cherry picked from commit
6081fabe7e0f461ea7d288c40727d4fb5defce5d)
Fix bug #8784 (Open file with SEC_FLAG_SYSTEM_SECURITY mask requested is blocked
by share security mask.)
Matthieu Patou [Fri, 10 Feb 2012 19:45:21 +0000 (11:45 -0800)]
s3-winbindd: set the can_do_validation6 also for trusted domain
The flag can_do_validation6 was only set for the domain to which
winbindd is the member. Setting this flag in other domains (trusted
domain) if it's active directory domain is a good idea as it allow to do
level 6 validation also when winbindd is querying them directly.
(cherry picked from commit
05036fab0a9847219c73c0abd931a39fba0bccfd)
Address bug #8599 (WINBINDD_PAM_AUTH_CRAP returns invalid user session key).
Brad Smith [Tue, 28 Feb 2012 19:45:41 +0000 (20:45 +0100)]
s3: Add sys_statvfs() wrapper support for OpenBSD/FreeBSD/DragonFly.
Fix bug #8777.
Matthieu Patou [Sat, 25 Feb 2012 00:13:10 +0000 (16:13 -0800)]
s3-winbindd: Close netlogon connection if the status returned by the NetrSamLogonEx call is timeout in the pam_auth_crap path
If not the child process would hang for quite a long time up to the
moment when the connection is cleaned by the kernel (took ~ 20 minutes)
in my tests.
Fix bug #8771 (Winbind takes up to 20 minutes to change from DC 1 to DC 2 and
keeps in the meantime to respond NT_STATUS_IO_TIMEOUT).
Richard Sharpe [Wed, 22 Feb 2012 14:25:54 +0000 (06:25 -0800)]
Honor SeTakeOwnershiPrivilege when client asks for SEC_STD_WRITE_OWNER but has no permission for that, but token has SeTakeOwnershipPrivilege
Autobuild-User: Richard Sharpe <sharpe@samba.org>
Autobuild-Date: Wed Feb 22 19:19:32 CET 2012 on sn-devel-104
(cherry picked from commit
108253250048673493a636fd9fb2bf99b64ccf3c)
Fix bug #8768 (Samba does not honor SeTakeOwnershipPrivilege when file opened
with SEC_STD_WRITE_OWNER).
Volker Lendecke [Sun, 19 Feb 2012 11:49:55 +0000 (12:49 +0100)]
s3: Fix bug 8567 -- segfault in dom_sid_compare
The underlying problem was that with ldapsam:trusted we require the
a group mapping for the primary group of every user, including root.
Volker Lendecke [Thu, 16 Feb 2012 22:22:42 +0000 (14:22 -0800)]
s3: Add SERVERID_UNIQUE_ID_NOT_TO_VERIFY, bug 8760
Back-port of commit
dd5868d41eeaa304a471822d7783526d9f4c37f5
from master. Back-port done by Manoj Dahal <mdahal@novell.com>.
David Disseldorp [Wed, 15 Feb 2012 15:30:27 +0000 (16:30 +0100)]
s3-printing: fix crash in printer_list_set_printer()
The printer list database format was recently changed to accommodate for
the printcap location field.
One of the tdb_pack calls is not provided with a location string
argument, this causes a crash on some platforms.
https://bugzilla.samba.org/show_bug.cgi?id=8762
Stefan Metzmacher [Fri, 14 Oct 2011 14:11:06 +0000 (16:11 +0200)]
s3:dbwrap_ctdb: return the number of records in db_ctdb_traverse() for persistent dbs
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Fri Oct 14 20:59:37 CEST 2011 on sn-devel-104
(cherry picked from commit
15b8efeae3b0133ae60a8ce582e4ca4d4dbe6bb1)
The last 4 patches address bug #8527 (db_ctdb_traverse fails to traverse records
created within the current transaction).
Günther Deschner [Wed, 12 Oct 2011 09:48:55 +0000 (11:48 +0200)]
s3-dbwrap_ctdb: fix the build.
Michael, please check.
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Wed Oct 12 15:25:56 CEST 2011 on sn-devel-104
(cherry picked from commit
fc320551d84508371ab1c082752515d538648f49)
Gregor Beck [Thu, 22 Sep 2011 11:58:24 +0000 (13:58 +0200)]
s3:dbwrap: traverse records created within this transaction.
Signed-off-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
a6cd71da858062a66f83775cf655b79b6c8d75e7)
Michael Adam [Fri, 14 Oct 2011 14:33:00 +0000 (16:33 +0200)]
s3:dbwrap: change the dbwrap_traverse() wrapper to return the count in an additional parameter (similar to commit
8f098a635f713652c4846d71e24c0a199c25b8b7)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Christian Ambach [Fri, 27 Jan 2012 18:25:13 +0000 (10:25 -0800)]
Allow vfs_aio_pthread to build as a static module.
The last 6 patches address bug #8723 (Add pthread-based aio module to 3.6.3.).
Jeremy Allison [Thu, 26 Jan 2012 01:17:48 +0000 (17:17 -0800)]
Update man page to fix typo vfs_aio_fork -> vfs_aio_pthread, add aio read size, aio write size examples. (cherry picked from commit
12b614a9298974ba5daee7aa8d1aa47006de01e2)
Jeremy Allison [Thu, 26 Jan 2012 00:54:39 +0000 (16:54 -0800)]
Add vfs_aio_pthread code.
Jeremy Allison [Thu, 26 Jan 2012 00:27:54 +0000 (16:27 -0800)]
Ensure we always free aio_ex on all error paths by moving the TALLOC_FREE call out of smbd_aio_complete_aio_ex() and into the caller.
Jeremy Allison [Wed, 25 Jan 2012 22:11:12 +0000 (14:11 -0800)]
Add man page for vfs_aio_pthread module. (cherry picked from commit
d8c699190d2cc0ce64395c7b2b10bb25c98a2943)
Jeremy Allison [Thu, 22 Dec 2011 04:38:32 +0000 (20:38 -0800)]
Change the signature of pthreadpool_finished_job() to return 0 on success, errno on fail and return the jobid in a separate variable.
I need this fix for my vfs_aio_pthread.c module.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Thu Dec 22 12:12:33 CET 2011 on sn-devel-104
(cherry picked from commit
711c18c2301d1bea35cac1144080a94e6b89be27)
Stefan Metzmacher [Thu, 22 Sep 2011 19:04:51 +0000 (21:04 +0200)]
s3:smb2_server: fix a logic error, we should sign non guest sessions
metze
The last 2 patches address bug #8749 (SMB2: SessionSetup responses are not
signed).
Michael Adam [Wed, 21 Sep 2011 01:56:30 +0000 (03:56 +0200)]
s3:smb2-server: session setup replies should always be signed (except for guest sessions)
not only if the session should be signed
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Wed Sep 21 11:00:09 CEST 2011 on sn-devel-104
Ira Cooper [Sat, 4 Feb 2012 00:47:18 +0000 (16:47 -0800)]
s3-popt: Fix configure.developer builds on Solaris.
alloca.h needs to be included, or the build complains the implicit
definition of alloca.
Signed-off-by: Jeremy Allison <jra@samba.org>
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sat Feb 4 03:27:42 CET 2012 on sn-devel-104
(cherry picked from commit
74ca6d1ddb1c5a4fbe9ddb29566878efe1761897)
Fix bug #8743 (configure.developer build is broken).
Christian Ambach [Wed, 24 Aug 2011 14:21:37 +0000 (16:21 +0200)]
s3:winbindd fix a return code check
talloc_traverse_dict will return with -1 in case of an error and
might return positive values that indicate the count of found
entries
Autobuild-User: Christian Ambach <ambi@samba.org>
Autobuild-Date: Wed Aug 24 18:09:11 CEST 2011 on sn-devel-104
Fix bug #8406 (winbind might not return groupnames to getgrgid nss calls).
Volker Lendecke [Tue, 31 Jan 2012 21:26:35 +0000 (22:26 +0100)]
s3: Add rmdir operation to streams_depot
The last 2 patches address bug #8733 (streams_depot leaves streams around on
rmdir).
Volker Lendecke [Tue, 31 Jan 2012 21:26:23 +0000 (22:26 +0100)]
s3: Delete streams on directories
Michael Adam [Wed, 1 Feb 2012 14:25:12 +0000 (14:25 +0000)]
s3:smbd:smb2: fix an assignment-instead-of-check bug conn_snum_used()
Accidential "=" instead of "==".
Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Wed Feb 1 17:10:15 CET 2012 on sn-devel-104
(cherry picked from commit
6ba09e039e4efee33ce6b8cd9f919409656c2afb)
Fix bug #8738 (SMB2 server will not release unused shares).
Ira Cooper [Tue, 31 Jan 2012 20:15:36 +0000 (12:15 -0800)]
Fix bug #8729 - getpass regressions on Solaris/Illumos - 3.6 and
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Tue Jan 31 23:28:09 CET 2012 on sn-devel-104
(cherry picked from commit
a1901b55cfa658f39a33d0ea120641f56453fe4e)
Stefan Metzmacher [Wed, 1 Feb 2012 16:04:17 +0000 (17:04 +0100)]
s3:auth: fill the sids array of the info3 in wbcAuthUserInfo_to_netr_SamInfo3() (bug #8739)
Originally, only the rid array was filled and foreign domain sids were omitted.
Pair-Programmed-With: Michael Adam <obnox@samba.org>
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Thu Feb 2 12:59:32 CET 2012 on sn-devel-104
(cherry picked from commit
dab7b0e7171edf5b11af154175711e2b972c000b)
Stefan Metzmacher [Wed, 1 Feb 2012 16:02:52 +0000 (17:02 +0100)]
s3:auth: fix potential gap creation in wbcsids_to_samr_RidWithAttributeArray()
Pair-Programmed-With: Michael Adam <obnox@samba.org>
metze
(cherry picked from commit
adbab7710d1fc4ca31469982dae0ee51e6b19896)
Stefan Metzmacher [Tue, 31 Jan 2012 18:02:18 +0000 (10:02 -0800)]
s3:client: ignore SMBecho errors (the server may not support it) (bug #8139) Signed-off-by: Jeremy Allison <jra@samba.org>
Matthieu Patou [Mon, 30 Jan 2012 08:05:08 +0000 (00:05 -0800)]
s3-winbind: don't try to do clever thing if the username is not found while authenticating through winbind
This could cause that we authenticate a user with a bogus domain to
winbind's domain if the password supplied for the PAM_AUTH match.
The problem was reported by Jeff Venable (jvenable@juniper.net).
Patch from Andrew Bartlett (abartlett@samba.org).
Autobuild-User: Matthieu Patou <mat@samba.org>
Autobuild-Date: Mon Jan 30 18:58:12 CET 2012 on sn-devel-104
(cherry picked from commit
56d5cb938651b9c67a8400d1adc61a23889a6a29)
Fix bug #8734 (When using PAM_AUTH API from winbind if Kerberos auth is enabled,
samba will authenticate user with a bogus domain).
Andrew Bartlett [Sat, 28 Jan 2012 00:03:55 +0000 (16:03 -0800)]
Fix for bug #8727 - smbclient fails with posix large reads.
s3-libsmb Do not limit read replies to NBT packet sizes
With the posix extensions, we can read 16MB at a time, so we need to check
the full size of the packet, not the size rounded down to the old NBT
limit.
Signed-off-by: Jeremy Allison <jra@samba.org>
Karolin Seeger [Mon, 30 Jan 2012 19:38:38 +0000 (20:38 +0100)]
WHATSNEW: Start release notes for Samba 3.6.4.
Karolin
Karolin Seeger [Mon, 30 Jan 2012 19:36:14 +0000 (20:36 +0100)]
VERSION: Bump version up to 3.6.4.
Karolin
Ira Cooper [Sun, 29 Jan 2012 19:36:05 +0000 (20:36 +0100)]
s3-smbd: Fix bug #8724.
Fix bug #8724 - Memory leak in parent smbd on connection.
This is CVE-2012-0817.
Patch have been created by Ira Cooper <ira@wakeful.net> and
Jeremy Allison <jra@samba.org>.
Karolin Seeger [Sun, 29 Jan 2012 19:33:38 +0000 (20:33 +0100)]
WHATSNEW: Add release notes for 3.6.3.
Karolin
Karolin Seeger [Sun, 29 Jan 2012 19:33:15 +0000 (20:33 +0100)]
VERSION: Bump version up to 3.6.3.
Karolin
Karolin Seeger [Wed, 25 Jan 2012 18:23:06 +0000 (19:23 +0100)]
WHATSNEW: Add another change.
Jeremy, thanks a lot for the fix!
Jeremy Allison [Wed, 25 Jan 2012 18:19:14 +0000 (19:19 +0100)]
s3-spoolss: Pass the right pointer type.
Follow-up fix for an issue introduced by a fix for bug #4942.
Karolin Seeger [Mon, 23 Jan 2012 20:39:58 +0000 (21:39 +0100)]
WHATSNEW: Add another change.
Karolin
Jeremy Allison [Mon, 23 Jan 2012 19:20:52 +0000 (11:20 -0800)]
Second part of fix for 8636 - When returning an ACL without SECINFO_DACL requested, we still set SEC_DESC_DACL_PRESENT in the type field.
Ensure we always ask for the set:
OWNER_SECURITY_INFORMATION |
GROUP_SECURITY_INFORMATION |
DACL_SECURITY_INFORMATION |
SACL_SECURITY_INFORMATION
when getting an ACL inside the module.