Michael Adam [Tue, 18 Jun 2013 09:32:19 +0000 (11:32 +0200)]
s3-autoconf: Add missing libtevent dependency to dbwrap_tool.
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Andreas Schneider [Mon, 17 Jun 2013 09:53:09 +0000 (11:53 +0200)]
s3-autoconf: Add missing libtevent dependency.
Signed-off-by: Andreas Schneider <asn@samba.org>
Karolin Seeger [Mon, 17 Jun 2013 07:34:16 +0000 (09:34 +0200)]
WHATSNEW: Add changes since 3.6.15.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
David Disseldorp [Mon, 3 Jun 2013 11:00:31 +0000 (13:00 +0200)]
Bug 8997: change libreplace GPL source to LGPL
libreplace currently includes socket.c and getifaddrs.c both of which
are GPL licensed.
Although not required, talloc and tdb build alongside this source,
leading to some ambiguity regarding their LGPL licences.
The following copyright holders have agreed to the GPL->LGPL change:
lib/replace/getifaddrs.c
Copyright (C) Andrew Tridgell 1998
Copyright (C) Jeremy Allison 2007
Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2007
lib/replace/test/getifaddrs.c
lib/replace/socket.c
* Copyright (C) Michael Adam <obnox@samba.org> 2008
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
8a6743e4edcdff1c7860d150720483f19f3b33bb)
Peng Haitao [Wed, 22 May 2013 21:03:13 +0000 (14:03 -0700)]
When message-type is drvupgrade, MSG_DEBUG should be replaced with MSG_PRINTER_DRVUPGRADE.
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Fix bug #9941 - Fix a bug of drvupgrade of smbcontrol.
Anand Avati [Mon, 29 Apr 2013 22:21:00 +0000 (15:21 -0700)]
check_parent_exists() can change errno. Ensure we preserve it across calls.
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Apr 30 11:00:11 CEST 2013 on sn-devel-104
Fix bug #9927 - errno gets overwritten in call to check_parent_exists().
Andreas Schneider [Tue, 14 May 2013 07:59:44 +0000 (09:59 +0200)]
BUG 9881: Check for system libtevent.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Jeremy Allison [Fri, 26 Apr 2013 17:47:41 +0000 (10:47 -0700)]
Fix bug #9822 - Samba crashing during Win8 sync.
When refactoring the dptr desctructor in the
fix for bug:
9778 (Samba directory code uses dirfd() without vectoring through a VFS call)
I removed the code to NULL out the struct smb_Dir *
pointer inside the fsp struct by mistake.
Re-add the NULLing out of that pointer when
closing a directory pointer associated with
an open file.
Reporter confirms it fixes the crash.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Sat Apr 27 20:44:55 CEST 2013 on sn-devel-104
(cherry picked from commit
251767cde9a146d8122d76e257ab232c05ad452a)
Jeremy Allison [Wed, 10 Apr 2013 23:30:10 +0000 (16:30 -0700)]
Remove dependency on detection of HAVE_DIRFD for use of fdopendir().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Apr 12 16:21:10 CEST 2013 on sn-devel-104
(cherry picked from commit
7a4dd845958f1411daa8031ca242987001ab2f26)
Jeremy Allison [Wed, 10 Apr 2013 23:29:03 +0000 (16:29 -0700)]
Remove the "Ugly hack" that was the second use of dirfd().
The destructor does all the resource deallocation needed.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
0fe894fb89f4867e266bb04670a58101311e0234)
Jeremy Allison [Wed, 10 Apr 2013 23:24:15 +0000 (16:24 -0700)]
In the struct smb_Dir destructor, use the fsp back pointer to release resources.
Removes one use of dirfd().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
ea14c9443178da9ae6ccbe71e573156396f6f699)
Jeremy Allison [Wed, 10 Apr 2013 23:21:39 +0000 (16:21 -0700)]
Maintain a back-pointer to the fsp in struct smb_Dir when opening with FDOPENDIR.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
e89ec641fc98ffd7f7193deb3728b0a284a093eb)
David Disseldorp [Wed, 22 May 2013 15:58:38 +0000 (17:58 +0200)]
Fix bug 9900: is_printer_published GUID retrieval
Samba currently always responds to GetPrinter(level = 7) requests with
DSPRINT_UNPUBLISH, regardless of the AD publish status tracked via the
PRINTER_ATTRIBUTE_PUBLISHED flag. This is due to erroneous "objectGUID"
unmarshalling in is_printer_published().
This change splits "objectGUID" retrieval into a separate function, and
adds a pull_reg_sz() call to correctly unmarshall the GUID.
David Disseldorp [Thu, 23 May 2013 17:32:08 +0000 (19:32 +0200)]
printing: explicitly clear PUBLISHED attribute
Currently nt_printer_publish(DSPRINT_UNPUBLISH) flips (via xor) the
info2->attributes PRINTER_ATTRIBUTE_PUBLISHED flag, rather than
explicitly clearing it.
David Disseldorp [Wed, 24 Apr 2013 12:06:50 +0000 (14:06 +0200)]
printing: use const in is_printer_published
SATOH Fumiyasu [Tue, 26 Feb 2013 17:06:32 +0000 (02:06 +0900)]
s3-docs: Remove "experimental" label on "max protocol=SMB2" parameter
Fix bug #9688 - smb.conf(5) says: "max protocol=SMB2" is experimental.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Volker Lendecke [Tue, 7 May 2013 13:07:34 +0000 (15:07 +0200)]
Makefile: Fix bug 9868 -- Don't know how to make LIBNDR_PREG_OBJ.
Thanks to Lucs for finding the issue
Signed-off-by: Volker Lendecke <vl@samba.org>
Jeremy Allison [Wed, 8 May 2013 22:10:32 +0000 (15:10 -0700)]
Remove the compound_related_in_progress state from the smb2 global state.
And also remove the restriction that we can't read a new
request whilst we're in this state.
Signed-off-by: Jeremy Allison <jra@samba.org>
The last 4 patches address bug #9722 - Samba does not properly handle Oplock
breaks in compound requests.
Jeremy Allison [Wed, 8 May 2013 22:08:50 +0000 (15:08 -0700)]
The core of the fix to allow opens to go async inside a compound request.
This is only allowed for opens that cause an oplock break, otherwise it
is not allowed. See [MS-SMB2].pdf note <194> on Section 3.3.5.2.7.
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Wed, 8 May 2013 18:51:38 +0000 (11:51 -0700)]
Ensure we don't try and cancel anything that is in a compound-related request.
Too hard to deal with splitting off the replies.
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Wed, 8 May 2013 18:50:32 +0000 (11:50 -0700)]
Only do the 1 second delay for sharing violations for SMB1, not SMB2.
Match Windows behavior.
Signed-off-by: Jeremy Allison <jra@samba.org>
Karolin Seeger [Wed, 8 May 2013 11:08:00 +0000 (13:08 +0200)]
WHATSNEW: Start release notes for Samba 3.6.16.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Wed, 8 May 2013 11:06:31 +0000 (13:06 +0200)]
VERSION: Bump version up to 3.6.16.
Karolin
Karolin Seeger [Wed, 8 May 2013 08:15:32 +0000 (10:15 +0200)]
WHATSNEW: Prepare release notes for Samba 3.6.15.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Volker Lendecke [Tue, 7 May 2013 10:39:16 +0000 (12:39 +0200)]
winbind: Fix bug 9854 -- NULL pointer dereference
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Tue May 7 14:49:07 CEST 2013 on sn-devel-104
(cherry picked from commit
8c1283a89f746a108e8014b6fbc9a58a371950cf)
Andreas Schneider [Wed, 24 Apr 2013 13:27:21 +0000 (15:27 +0200)]
BUG 9817: Fix 'map untrusted to domain' with NTLMv2.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Apr 24 17:14:48 CEST 2013 on sn-devel-104
David Disseldorp [Thu, 25 Apr 2013 14:01:54 +0000 (16:01 +0200)]
bug 9830: fix panic in nt_printer_publish_ads
Check for ads_find_machine_acct() errors, to ensure a NULL LDAPMessage
pointer doesn't get passed to ldap_get_dn().
Signed-off-by: David Disseldorp <ddiss@samba.org>
Stefan Metzmacher [Mon, 12 Nov 2012 09:16:50 +0000 (10:16 +0100)]
s3:librpc: add support for PFC_FLAG_OBJECT_UUID when parsing packets (bug #9382)
Now the logic matches the one in dcerpc_read_ncacn_packet_done().
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: David Disseldorp <ddiss@suse.de>
Andrew Bartlett [Wed, 3 Apr 2013 22:53:34 +0000 (09:53 +1100)]
s3-smbd: Split make_serverinfo_from_username guest parameters into two parts
This handles differently the case where we are the guest (from security=share) and
when we are forced to be a different user with force user. We want to maintain
only the is_guest flag if were forced to become any other user, we need the rest
of the token to change.
Andrew Bartlett
Fix bug #9746 - guest ok + force user + force group doesn't work.
Karolin Seeger [Mon, 29 Apr 2013 09:29:48 +0000 (11:29 +0200)]
WHATSNEW: Start release notes for Samba 3.6.15.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Mon, 29 Apr 2013 09:27:49 +0000 (11:27 +0200)]
VERSION: Bump version number up to 3.6.15.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Fri, 26 Apr 2013 10:02:58 +0000 (12:02 +0200)]
WHATSNEW: Add some information on migrating printers.
Thanks to Andreas for providing the text and making sure that it ends up in the
release notes!
Karolin
Karolin Seeger [Fri, 26 Apr 2013 08:48:44 +0000 (10:48 +0200)]
WHATSNEW: Add changes since 3.6.13.
Karolin
Volker Lendecke [Fri, 19 Apr 2013 14:17:13 +0000 (16:17 +0200)]
docs: Fix bug 9809 -- missing entry in specfile
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Karolin Seeger <kseeger@samba.org>
Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Mon Apr 22 11:35:52 CEST 2013 on sn-devel-104
(cherry picked from commit
5512a43a93833d3d6f1721d69c894db0e2c77ef8)
Jeremy Allison [Thu, 18 Apr 2013 18:19:20 +0000 (11:19 -0700)]
Fix bug 9811 - Old DOS SMB CTEMP request uses a non-VFS function to access the filesystem.
Fix bug in old create temp SMB request. Only use VFS functions.
Signed-off-by: Jeremy Allison <jra@samba.org>
David Disseldorp [Wed, 17 Apr 2013 17:39:12 +0000 (10:39 -0700)]
Bug 9807 - wbinfo: fix segfault in wbinfo_pam_logon
wbinfo_pam_logon() incorrectly assumes that wbcLogonUser() always
returns an allocated wbcAuthErrorInfo struct on failure.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Apr 17 21:29:29 CEST 2013 on sn-devel-104
Andreas Schneider [Thu, 4 Apr 2013 10:18:25 +0000 (12:18 +0200)]
BUG 9766: Cache name_to_sid/sid_to_name correctly.
If there is no domain_name specified we still need to set to for
caching else we will not find the entry later if we lookup the entry
with the domain_name.
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Tue Apr 9 16:32:44 CEST 2013 on sn-devel-104
Andreas Schneider [Fri, 5 Apr 2013 12:07:37 +0000 (14:07 +0200)]
BUG 9139: Fix the username map optimization.
If we successfully map a user. We call
set_last_from_to(user_in, unixname);
in the while loop reading the map file. After a successfull map we don't
stop and continue the loop to check all other mappings in the username
mapfile. But when we hit the end of the file and leave the loop we call:
set_last_from_to(user_in, user_in);
This overwrites the successful mapping, and the next time we call
map_username() we skip the username and no mapping is done.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Andreas Schneider [Wed, 3 Apr 2013 13:46:00 +0000 (15:46 +0200)]
BUG 9699: Fix adding case sensitive spn.
We should be able to define the case of the spn cause it is important
for some services like nfs. 'net ads keytab add "nfs"' should not
result in an uppercase spn.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Tue, 9 Apr 2013 19:43:28 +0000 (21:43 +0200)]
vfs_fake_perms: Fix bug 9775, segfault for "artificial" conn_structs
Jeremy Allison [Mon, 25 Mar 2013 16:54:50 +0000 (09:54 -0700)]
Optimization suggested by Volker. Don't do a stat system call on normal read path.
Only do it if we need it in the sendfile() path.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Mar 28 17:51:22 CET 2013 on sn-devel-104
Fix bug #9748 - Remove unneeded fstat system call from hot read path.
Volker Lendecke [Thu, 21 Mar 2013 21:00:06 +0000 (22:00 +0100)]
smbd: Tune "dir" a bit.
for i in $(seq 1 20000) ; do echo dir ; done | smbclient //127.0.0.1/tmp -U%
without and with this patch:
$ time bin/smbd -d0 -i
smbd version 4.1.0pre1-GIT-
1f139ae started.
Copyright Andrew Tridgell and the Samba Team 1992-2013
Beendet
real 0m28.342s
user 0m10.249s
sys 0m10.513s
$ time bin/smbd -d0 -i
smbd version 4.1.0pre1-GIT-
1f139ae started.
Copyright Andrew Tridgell and the Samba Team 1992-2013
Beendet
real 0m27.348s
user 0m9.089s
sys 0m10.853s
The "real" timestamp is irrelevant, this also contains the time between
starting smbd and the smbclient job. It's the "user" time. The result that this
patch improves the time spent in user space by 10% is consistent.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Fix bug #9736 - Change to smbd/dir.c code gives significant performance
increases on large directory listings.
Andreas Schneider [Fri, 22 Mar 2013 13:15:57 +0000 (14:15 +0100)]
BUG 9735: Fix winbind seperator in upn to username conversion.
Reviewed-by: Günther Deschner <gd@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Thu, 21 Mar 2013 20:59:20 +0000 (13:59 -0700)]
Fix bug #9733 - smbcontrol close-share is not working.
As part of forcibly disconnecting a client from a share,
smbd must atomically call reload_services() to ensure that
the entry in the ServicePtrs[] array corresponding to
that share is removed if the share was removed from
the smb.conf or registry entries.
Otherwise the ServicePtrs[] array entry for the share
remains active and the client races to auto-reconnect to
the share before a second message to reload the smb.conf
file can be sent.
This has to be done as part of the close-share message
processing, as removing the share from the smb.conf file
first, then telling the smbd to reload followed by the
forcible disconnect message doesn't work as in this
sequence of events when the reload message is received
the client is still connected to the share, so the
ServicePtrs[] entry is still left active.
The forcible-disconnect + service reload has to be done
together as an atomic operation in order for this to work.
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Wed, 27 Mar 2013 18:54:34 +0000 (11:54 -0700)]
Final fix for bug #9130 - Certain xattrs cause Windows error 0x800700FF
The spec lies when it says that NextEntryOffset is the only value
considered when finding the next EA. We were adding 4 more extra
pad bytes than needed (i.e. if the next entry already was on a 4
byte boundary, then we were adding 4 additional pad bytes).
Signed-off-by: Jeremy Allison <jra@samba.org>
The last 5 patches address bug #9130 - Certain xattrs cause Windows error
0x800700FF.
Jeremy Allison [Wed, 27 Mar 2013 00:07:55 +0000 (17:07 -0700)]
Ensure we don't return uninitialized memory in the pad bytes.
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Tue, 26 Mar 2013 23:55:03 +0000 (16:55 -0700)]
Fix bug #9130 - Certain xattrs cause Windows error 0x800700FF
Ensure we never return any zero-length EA's.
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Tue, 26 Mar 2013 23:53:45 +0000 (16:53 -0700)]
Change estimate_ea_size() to correctly estimate the EA size over SMB2.
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Tue, 26 Mar 2013 23:50:13 +0000 (16:50 -0700)]
Modify fill_ea_chained_buffer() to be able to do size calculation only, no marshalling.
Signed-off-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Mon, 18 Mar 2013 08:36:17 +0000 (09:36 +0100)]
wkssvc: Fix bug 9727, NULL pointer dereference
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Mon Mar 18 11:39:27 CET 2013 on sn-devel-104
(cherry picked from commit
05a7a10c88be99d864eacd6f9d37a340022f01f6)
David Disseldorp [Fri, 15 Mar 2013 15:54:06 +0000 (16:54 +0100)]
printing: update registry and publish in background
Currently all smbd processes unnecessarily access each printer registry
TDB entry following printcap cache reload.
This change moves responsibility for this to the background print queue
process.
This and the last four commits address bug 9650: New or delete cups
printerqueues are not recognized by the samba.
David Disseldorp [Fri, 15 Feb 2013 11:17:53 +0000 (12:17 +0100)]
spoolss: only reload printers on pcap update message
Printcap cache updates are the responsibility of the background
printing process, which after doing so broadcasts a MSG_PRINTER_PCAP
message. Spoolssd should only reload printers after receiving such a
message.
David Disseldorp [Thu, 14 Feb 2013 16:02:08 +0000 (17:02 +0100)]
printing: add sighup and conf change handlers
The background printing process is now responsible for all printcap
cache updates, which should be done on SIGHUP and configuration change.
David Disseldorp [Thu, 14 Feb 2013 13:42:21 +0000 (14:42 +0100)]
printing: move pcap change notifier to bg process
The background print queue process is responsible for printcap cache
updates, and should be the only process to send notifications.
David Disseldorp [Tue, 12 Feb 2013 17:57:53 +0000 (18:57 +0100)]
smbd: fix cups printcap cache updates on startup
On startup the parent smbd process currently calls pcap_cache_reload(),
which is done immediately before the background queue process is forked.
pcap_cache_reload() is asynchronous with cups, in that it forks a
separate process to obtain the printer listing. The cache_fd_event
print_cups.c global variable is used to track when a cups printer
listing is in progress.
cache_fd_event is set when the background queue process is forked, due
to smbd's pcap_cache_reload() call immediately prior. As a result, the
background queue process assumes an existing pcap_cache_reload() call is
indefinitely outstanding, causing the printcap cache to remain stale
thereafter.
Jeremy Allison [Thu, 28 Mar 2013 16:36:41 +0000 (09:36 -0700)]
Make sure that we only propogate the INHERITED flag when we are allowed to.
Signed-off-by: Jeremy Allison <jra@samba.org>
Fix bug #9747 - When creating a directory Samba allows inherited bit to slip
through.
Andreas Schneider [Thu, 14 Mar 2013 06:29:20 +0000 (07:29 +0100)]
torture: Add ntprinting latin1 test.
Reviewed-by: Günther Deschner <gd@samba.org>
The last 7 patches address bug #9723 - Add a tool to migrate latin1 printing
tdb's to registry.
Andreas Schneider [Tue, 12 Mar 2013 17:42:02 +0000 (18:42 +0100)]
s3-net: Add encoding=<CP> to 'net printing dump'.
Reviewed-by: Günther Deschner <gd@samba.org>
Andreas Schneider [Tue, 12 Mar 2013 10:39:08 +0000 (11:39 +0100)]
s3-net: Add encoding=<CP> to 'net printing migrate'.
This allows you to convert printing tdb's which are in e.g. in latin1 to
convert to UTF-8 and import them into the registry.
Reviewed-by: Günther Deschner <gd@samba.org>
Andreas Schneider [Tue, 12 Mar 2013 14:17:54 +0000 (15:17 +0100)]
ndr: Pass down string_flags in ndr_pull_ntprinting_printer().
Reviewed-by: Günther Deschner <gd@samba.org>
Andreas Schneider [Mon, 11 Mar 2013 14:47:00 +0000 (15:47 +0100)]
idl: Add flags for strings in ntprinting idl.
Reviewed-by: Günther Deschner <gd@samba.org>
Andreas Schneider [Mon, 11 Mar 2013 14:45:15 +0000 (15:45 +0100)]
ndr: Add ndr_ntprinting_string_flags() function.
It defaults to utf8string.
Reviewed-by: Günther Deschner <gd@samba.org>
Andreas Schneider [Tue, 12 Mar 2013 10:36:38 +0000 (11:36 +0100)]
pidl: Add skip option to elements.
This option allows to skip struct elements in pull and push function.
This can be used to pass flags to the structure e.g. for string values.
Reviewed-by: Günther Deschner <gd@samba.org>
Jeremy Allison [Fri, 15 Mar 2013 22:13:24 +0000 (15:13 -0700)]
Fix bug #9724 - is_encrypted_packet() function incorrectly used inside server.
The is_encrypted_packet() function should only be used on the raw received data
to determine if a packet came in encrypted. Once we're inside the SMB1
processing code in smbd/reply.c we should be looking at the
smb1request->encrypted field to determine if a packet was really encrypted or
not.
Signed-off-by: Jeremy Allison <jra@samba.org>
Karolin Seeger [Wed, 20 Mar 2013 08:55:41 +0000 (09:55 +0100)]
WHATSNEW: Start release notes for Samba 3.6.14.
Karolin
Karolin Seeger [Wed, 20 Mar 2013 08:52:47 +0000 (09:52 +0100)]
VERSION: Bump version number up to 3.6.14.
Karolin
Karolin Seeger [Mon, 18 Mar 2013 08:58:45 +0000 (09:58 +0100)]
WHATSNEW: Prepare release notes for Samba 3.6.13.
Karolin
Guenter Kukkukk [Sat, 9 Mar 2013 03:45:15 +0000 (04:45 +0100)]
vfs_catia: new version of the manual page for samba-3.6.x
well, i was not aware of the change
./docs-xml/manpages-3/
./docs-xml/manpages/
in samba-4.0.x
Signed-off-by: Guenter Kukkukk <kukks@samba.org>
The last 4 patches address bug #9701 - vfs_catia is not working anymore (due to
a former regression).
Guenter Kukkukk [Thu, 28 Feb 2013 23:58:05 +0000 (00:58 +0100)]
vfs_catia: add my copyright
Signed-off-by: Guenter Kukkukk <kukks@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Guenter Kukkukk [Wed, 27 Feb 2013 04:50:52 +0000 (05:50 +0100)]
vfs_catia: fix the translation to "vfs_translate_to_windows"
THANKS to an IRC user (Raimund ?) who asked for a char mapping possibility.
I suggested vfs_catia - but it did not work!
Hopefully now it will. :-)
Signed-off-by: Guenter Kukkukk <kukks@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Guenter Kukkukk [Wed, 27 Feb 2013 04:34:05 +0000 (05:34 +0100)]
vfs_catia: add debug class for that module
Signed-off-by: Guenter Kukkukk <kukks@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Karolin Seeger [Wed, 6 Mar 2013 11:11:53 +0000 (12:11 +0100)]
selftest: Skip tests failing on ext4 fs.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Jeremy Allison [Wed, 6 Mar 2013 00:23:06 +0000 (16:23 -0800)]
Fix bug #9637 - Renaming directories as guest user in security share mode doesn't work.
Ensure guest is treated consistently when creating a auth_serversupplied_info struct.
Signed-off-by: Jeremy Allison <jra@samba.org>
Andreas Schneider [Wed, 20 Feb 2013 08:51:43 +0000 (09:51 +0100)]
winbind: Don't leak centry memory. Reviewed-by: Alexander Bokovoy <ab@samba.org>
The last two patches address bug #9684 - Fix two resource leaks in winbindd.
Andreas Schneider [Wed, 20 Feb 2013 08:41:55 +0000 (09:41 +0100)]
winbind: Don't leak memory on return. Reviewed-by: Alexander Bokovoy <ab@samba.org>
Daniel Kobras [Sat, 23 Feb 2013 00:24:26 +0000 (16:24 -0800)]
Fix bug #9039 'map untrusted to domain' treats WORKSTATION as bogus domain.
s3: never try to map global SAM name
Do not treat the global SAM name as a BOGUS domain, and exempt
local users from mapping, instead. This change reinstates the
exact mapping behaviour of Samba 3.2 if parameter 'map untrusted
to domain' is set.
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Andreas Schneider [Tue, 19 Feb 2013 08:23:53 +0000 (09:23 +0100)]
pdb: Fix array overrun by one. Reviewed-by: Alexander Bokovoy <ab@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Fix bug #9686 - Fix a possible buffer overrun in pdb_smbpasswd.
Björn Jacke [Wed, 20 Feb 2013 16:06:49 +0000 (17:06 +0100)]
build/autoconf: put ld check variable in quotes
Signed-off-by: Bjoern Jacke <bj@sernet.de>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
ac9620b942d6d51a1c35c4177c3f241351fc1ebd)
The last 2 patches address bug #7825 (need to fix GNU ld version detection with
old gcc releases).
Björn Jacke [Tue, 19 Feb 2013 14:30:34 +0000 (15:30 +0100)]
build/autoconf: fix check for GNU ld version
we need to look for the version once in the stdout and once in the stderr
output. Some version of ld output to stdout, some output to stderr. redirecting
stderr to stdout messes the output up in our case, that's why we have to do two
runs. See also bug #7825.
Signed-off-by: Bjoern Jacke <bj@sernet.de>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Björn Jacke <bj@sernet.de>
Autobuild-Date(master): Tue Feb 19 20:56:12 CET 2013 on sn-devel-104
(cherry picked from commit
ff8ba0628f6f13a5be1df94e5ac2e83008b7c69c)
David Disseldorp [Tue, 12 Feb 2013 10:58:06 +0000 (11:58 +0100)]
smbd: fix initial large PAC sess setup response
An oversize Kerberos security token may be split across multiple Session
Setup AndX requests when authenticating as a user who is a member of
many (~2000) groups.
In such a case the NativeOS, NativeLanMan & PrimaryDomain fields must be
sent with the NT_STATUS_MORE_PROCESSING_REQUIRED response. Otherwise
Windows clients may resend the same security token data in subsequent
session setup andX requests, as observed with Windows 7 and Server 2012.
This change fixes the SMB1 server only.
Fix bug #9658 - Session Setup AndX exchange fails with an oversize security
token.
Jeremy Allison [Tue, 12 Feb 2013 18:48:09 +0000 (10:48 -0800)]
Fix bug 9519 - Samba returns unexpected error on SMB posix open.
Explicitly ignore bare O_EXCL flags instead of returning INVALID_PARAMETER.
That's what the Linux kernel does.
Signed-off-by: Jeremy Allison <jra@samba.org>
Ira Cooper [Fri, 8 Feb 2013 22:47:57 +0000 (14:47 -0800)]
s3: Make SMB2_GETINFO multi-volume aware.
Not all shares are a single volume. Some actually
expose multiple volumes under a single share. In these
cases showing the amount of space free as the space free
at the base of the directory heirarchy is wrong.
Reviewed-by: Jeremy Allison <jra@samba.org>
Fix bug #9646 - dir and similar commands are returning the wrong amount of free
space.
David Disseldorp [Mon, 4 Feb 2013 18:04:39 +0000 (19:04 +0100)]
Fix bug 9633: recursive mget should continue on EPERM
Regression introduced by
14ff2e8de9bd8d0064762234555260f5eea643fe.
When downloading files recursively, smbclient halts if it encounters
a folder to which it does not have permission to traverse.
Stefan Metzmacher [Thu, 31 Jan 2013 12:39:42 +0000 (13:39 +0100)]
s3:auth: wbcAuthenticateEx gives unix times (bug #9625)
We also need to convert last_logon, last_logoff and acct_expiry
from unix time to nt time.
Otherwise a windows member server will reject clients
using CAP_DYNAMIC_REAUTH or smb2) with STATUS_NETWORK_SESSION_EXPIRED,
if the logoff and kickoff time is expired.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Karolin Seeger [Wed, 30 Jan 2013 10:42:53 +0000 (11:42 +0100)]
WHATSNEW: Start release notes for Samba 3.6.13.
Karolin
Karolin Seeger [Wed, 30 Jan 2013 10:42:18 +0000 (11:42 +0100)]
VERSION: Bump version number up to 3.6.13.
Karolin
Kai Blin [Mon, 28 Jan 2013 20:41:07 +0000 (21:41 +0100)]
swat: Use additional nonce on XSRF protection
If the user had a weak password on the root account of a machine running
SWAT, there still was a chance of being targetted by an XSRF on a
malicious web site targetting the SWAT setup.
Use a random nonce stored in secrets.tdb to close this possible attack
window. Thanks to Jann Horn for reporting this issue.
Signed-off-by: Kai Blin <kai@samba.org>
Fix bug #9577: CVE-2013-0214: Potential XSRF in SWAT.
(cherry picked from commit
91f4275873ebeda8f57684f09df67162ae80515a)
Kai Blin [Fri, 18 Jan 2013 22:11:07 +0000 (23:11 +0100)]
swat: Use X-Frame-Options header to avoid clickjacking
Jann Horn reported a potential clickjacking vulnerability in SWAT where
the SWAT page could be embedded into an attacker's page using a frame or
iframe and then used to trick the user to change Samba settings.
Avoid this by telling the browser to refuse the frame embedding via the
X-Frame-Options: DENY header.
Signed-off-by: Kai Blin <kai@samba.org>
Fix bug #9576 - CVE-2013-0213: Clickjacking issue in SWAT.
(cherry picked from commit
71225948a249f079120282740fcc39fd6faa880e)
Karolin Seeger [Tue, 29 Jan 2013 08:45:06 +0000 (09:45 +0100)]
WHATSNEW: Prepare release notes for Samba 3.6.12.
This is a Security Release in order to address
CVE-2013-0213 (Clickjacking issue in SWAT) and
CVE-2013-0214 (Potential XSRF in SWAT).
Karolin
(cherry picked from commit
184d5ab26a553ca7ef3f529e90e4dd8c9aded75d)
Jeremy Allison [Tue, 29 Jan 2013 00:01:27 +0000 (16:01 -0800)]
Fix bug #9585 - Samba 3.6.x not correctly signing any but the last response in a compound request/response
Add in the missing code we already have in master
and 4.0.x.
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Wed, 23 Jan 2013 22:39:09 +0000 (14:39 -0800)]
Fix bug #9586 - smbd[29175]: disk_free: sys_popen() failed" message logged in /var/log/message many times.
Ensure when reading lines from an interruptible
pipe source we ignore EINTR.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Jan 24 10:45:48 CET 2013 on sn-devel-104
(cherry picked from commit
497febfe36354c4aff3696cd32c6c7e8fee55af8)
Pavel Shilovsky [Wed, 16 Jan 2013 11:02:26 +0000 (15:02 +0400)]
Fix bug #9571 - Unlink after open causes smbd to panic.
s3:smbd: fix wrong lock order in posix unlink
Signed-off-by: Pavel Shilovsky <piastry@etersoft.ru>
Reviewed-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Fri, 25 Jan 2013 18:21:48 +0000 (10:21 -0800)]
Fix bug #9588 - ACLs are not inherited to directories for DFS shares.
We can return with NT_STATUS_OK in an error code path. This
has a really strange effect in that it prevents the ACL editor
in Windows XP from recursively changing ACE entries on sub-directories
after a change in a DFS-root share (we end up returning a path
that looks like: \\IPV4\share1\xptest/testdir with a mixture
of Windows and POSIX pathname separators).
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Thu, 24 Jan 2013 19:02:30 +0000 (11:02 -0800)]
Fix bug #9587 - archive flag is always set on directories.
Creating a directory to a Samba share sets the attributes to 'D' only
(correct) - only when creating a new file should the 'A' attribute
be set.
However, doing a rename of that directory sets the 'A' attribute in error.
This should only be done on a file rename. smbclient regression test to follow.
Signed-off-by: Jeremy Allison <jra@samba.org>
Günther Deschner [Thu, 17 Jan 2013 23:22:31 +0000 (00:22 +0100)]
BUG 9474: Downgrade v4 printer driver requests to v3.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Jan 21 16:11:02 CET 2013 on sn-devel-104
(cherry picked from commit
58fadf2f48a2a409b4ee98fdc0166c7f801a7629)
Günther Deschner [Mon, 7 Jan 2013 14:14:30 +0000 (15:14 +0100)]
spoolss: add SPOOLSS_DRIVER_VERSION_2012 (4) define to IDL.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
638ed90620e3c6a35ef56a11c612c13d6b7d6ff5)
David Disseldorp [Thu, 17 Jan 2013 12:21:25 +0000 (13:21 +0100)]
BUG 9378: Add extra attributes for AD printer publishing.
Currently attempting to publish a printer in AD fails with "Object class
violation", due to a number of missing attributes in the LDAP request.
Reviewed-by: Andreas Schneider <asn@samba.org>
David Disseldorp [Fri, 18 Jan 2013 10:48:20 +0000 (11:48 +0100)]
printing: Remove invalid free from error path.
Reviewed-by: Andreas Schneider <asn@samba.org>
Andreas Schneider [Fri, 18 Jan 2013 17:04:17 +0000 (18:04 +0100)]
BUG 9574: Fix a possible null pointer dereference in spoolss.
If the the client enumerates the printers and didn't specify a
servername we have a null pointer dereference, so the process serving
the connection crashes.
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Mon Jan 21 13:30:11 CET 2013 on sn-devel-104
(cherry picked from commit
c38fb0b106b62e42a5b75b1c78386bb8912c7d7e)
Andreas Schneider [Mon, 17 Dec 2012 14:31:21 +0000 (15:31 +0100)]
s3-rpc_server: Fix a possible null pointer dereference.
This variable can be set to NULL in an earlier function call.
Found by Coverity.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
(cherry picked from commit
72e02c73b64f1ff56b2d53ec63d68486a4f1ff90)
git.samba.org / samba.git / log