Stefan Metzmacher [Thu, 15 Mar 2012 12:12:04 +0000 (13:12 +0100)]
pidl/NDR/Parser: simplify logic in DeclareArrayVariables*()
metze
(cherry picked from commit
d15b71523d228f78f317f44181900dbf10b52e33)
Stefan Metzmacher [Thu, 15 Mar 2012 12:09:51 +0000 (13:09 +0100)]
pidl/NDR/Parser: declare all union helper variables in ParseUnionPull()
metze
(cherry picked from commit
94622cea2b2f4914b4ced35e952680c20cc4985b)
Karolin Seeger [Sat, 7 Apr 2012 13:20:25 +0000 (15:20 +0200)]
WHATSNEW: Prepare release notes for 3.6.4.
Karolin
(cherry picked from commit
0d45a24cffef841de5db2344910224e4df9bce3a)
Andrew Bartlett [Wed, 14 Dec 2011 23:00:36 +0000 (10:00 +1100)]
s3-winbindd Only use SamLogonEx when we can get unencrypted session keys
This ensures that we have some check on the session keys being returned
as the RC4 cipher is not checksumed.
The check comes from the fact that the credentials chain is tied to
the session key, and so if the credentials check passes then the
netlogon session key will be correct, and so the user session key
will be correctly decrypted.
Andrew Bartlett
Part of a fix for bug #8599 (WINBINDD_PAM_AUTH_CRAP returns invalid user session
key).
Richard Sharpe [Fri, 9 Mar 2012 22:54:38 +0000 (14:54 -0800)]
Fix bug #8797 - Samba does not correctly handle DENY ACEs when privileges apply. Signed-off-by: Jeremy Allison <jra@samba.org> (cherry picked from commit
9aafc490db58017133bbd7a7f49264ee0d48f0ff)
Volker Lendecke [Tue, 20 Sep 2011 20:45:52 +0000 (22:45 +0200)]
v3-6-test: Further fix for bug 8338
OS/X can not deal with a 10-vwv read on normal files.
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Wed Sep 21 00:51:08 CEST 2011 on sn-devel-104
Christian Ambach [Tue, 13 Mar 2012 17:07:11 +0000 (10:07 -0700)]
Fix bug #8807 - dcerpc_lsa_lookup_sids_noalloc() crashes when groups has more than 1000 groups
Use correct talloc heirarchy.
Signed-off-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
7936fb0ab8c3413768e83975c9d8544d653ee13c)
Karolin Seeger [Fri, 2 Mar 2012 19:29:58 +0000 (20:29 +0100)]
Revert "s3: Add sys_statvfs() wrapper support for OpenBSD/FreeBSD/DragonFly."
This reverts commit
a0d51949abde68134eb35150d797387a1fb57ab7.
https://bugzilla.samba.org/show_bug.cgi?id=8777
--- Comment #9 from Volker Lendecke <vl@samba.org> 2012-03-02 00:32:41 UTC ---
Karolin, would it be possible that you revert
a0d51949abde68134eb35150d797387a1fb57ab7 from v3-6-test? I did test this on
FreeBSD, but it makes the build fail on NetBSD. This patch needs to grow a bit
in master and is not ready for 3.6.
[...]
Volker
Jeremy Allison [Tue, 28 Feb 2012 17:47:50 +0000 (09:47 -0800)]
Fix problem reported by Tom Lee <tlee2951@gmail.com> - when calculating the share security mask, take priviliges into account for the connecting user.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Tue Feb 28 20:21:26 CET 2012 on sn-devel-104
(cherry picked from commit
6081fabe7e0f461ea7d288c40727d4fb5defce5d)
Fix bug #8784 (Open file with SEC_FLAG_SYSTEM_SECURITY mask requested is blocked
by share security mask.)
Matthieu Patou [Fri, 10 Feb 2012 19:45:21 +0000 (11:45 -0800)]
s3-winbindd: set the can_do_validation6 also for trusted domain
The flag can_do_validation6 was only set for the domain to which
winbindd is the member. Setting this flag in other domains (trusted
domain) if it's active directory domain is a good idea as it allow to do
level 6 validation also when winbindd is querying them directly.
(cherry picked from commit
05036fab0a9847219c73c0abd931a39fba0bccfd)
Address bug #8599 (WINBINDD_PAM_AUTH_CRAP returns invalid user session key).
Brad Smith [Tue, 28 Feb 2012 19:45:41 +0000 (20:45 +0100)]
s3: Add sys_statvfs() wrapper support for OpenBSD/FreeBSD/DragonFly.
Fix bug #8777.
Matthieu Patou [Sat, 25 Feb 2012 00:13:10 +0000 (16:13 -0800)]
s3-winbindd: Close netlogon connection if the status returned by the NetrSamLogonEx call is timeout in the pam_auth_crap path
If not the child process would hang for quite a long time up to the
moment when the connection is cleaned by the kernel (took ~ 20 minutes)
in my tests.
Fix bug #8771 (Winbind takes up to 20 minutes to change from DC 1 to DC 2 and
keeps in the meantime to respond NT_STATUS_IO_TIMEOUT).
Richard Sharpe [Wed, 22 Feb 2012 14:25:54 +0000 (06:25 -0800)]
Honor SeTakeOwnershiPrivilege when client asks for SEC_STD_WRITE_OWNER but has no permission for that, but token has SeTakeOwnershipPrivilege
Autobuild-User: Richard Sharpe <sharpe@samba.org>
Autobuild-Date: Wed Feb 22 19:19:32 CET 2012 on sn-devel-104
(cherry picked from commit
108253250048673493a636fd9fb2bf99b64ccf3c)
Fix bug #8768 (Samba does not honor SeTakeOwnershipPrivilege when file opened
with SEC_STD_WRITE_OWNER).
Volker Lendecke [Sun, 19 Feb 2012 11:49:55 +0000 (12:49 +0100)]
s3: Fix bug 8567 -- segfault in dom_sid_compare
The underlying problem was that with ldapsam:trusted we require the
a group mapping for the primary group of every user, including root.
Volker Lendecke [Thu, 16 Feb 2012 22:22:42 +0000 (14:22 -0800)]
s3: Add SERVERID_UNIQUE_ID_NOT_TO_VERIFY, bug 8760
Back-port of commit
dd5868d41eeaa304a471822d7783526d9f4c37f5
from master. Back-port done by Manoj Dahal <mdahal@novell.com>.
David Disseldorp [Wed, 15 Feb 2012 15:30:27 +0000 (16:30 +0100)]
s3-printing: fix crash in printer_list_set_printer()
The printer list database format was recently changed to accommodate for
the printcap location field.
One of the tdb_pack calls is not provided with a location string
argument, this causes a crash on some platforms.
https://bugzilla.samba.org/show_bug.cgi?id=8762
Stefan Metzmacher [Fri, 14 Oct 2011 14:11:06 +0000 (16:11 +0200)]
s3:dbwrap_ctdb: return the number of records in db_ctdb_traverse() for persistent dbs
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Fri Oct 14 20:59:37 CEST 2011 on sn-devel-104
(cherry picked from commit
15b8efeae3b0133ae60a8ce582e4ca4d4dbe6bb1)
The last 4 patches address bug #8527 (db_ctdb_traverse fails to traverse records
created within the current transaction).
Günther Deschner [Wed, 12 Oct 2011 09:48:55 +0000 (11:48 +0200)]
s3-dbwrap_ctdb: fix the build.
Michael, please check.
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Wed Oct 12 15:25:56 CEST 2011 on sn-devel-104
(cherry picked from commit
fc320551d84508371ab1c082752515d538648f49)
Gregor Beck [Thu, 22 Sep 2011 11:58:24 +0000 (13:58 +0200)]
s3:dbwrap: traverse records created within this transaction.
Signed-off-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
a6cd71da858062a66f83775cf655b79b6c8d75e7)
Michael Adam [Fri, 14 Oct 2011 14:33:00 +0000 (16:33 +0200)]
s3:dbwrap: change the dbwrap_traverse() wrapper to return the count in an additional parameter (similar to commit
8f098a635f713652c4846d71e24c0a199c25b8b7)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Christian Ambach [Fri, 27 Jan 2012 18:25:13 +0000 (10:25 -0800)]
Allow vfs_aio_pthread to build as a static module.
The last 6 patches address bug #8723 (Add pthread-based aio module to 3.6.3.).
Jeremy Allison [Thu, 26 Jan 2012 01:17:48 +0000 (17:17 -0800)]
Update man page to fix typo vfs_aio_fork -> vfs_aio_pthread, add aio read size, aio write size examples. (cherry picked from commit
12b614a9298974ba5daee7aa8d1aa47006de01e2)
Jeremy Allison [Thu, 26 Jan 2012 00:54:39 +0000 (16:54 -0800)]
Add vfs_aio_pthread code.
Jeremy Allison [Thu, 26 Jan 2012 00:27:54 +0000 (16:27 -0800)]
Ensure we always free aio_ex on all error paths by moving the TALLOC_FREE call out of smbd_aio_complete_aio_ex() and into the caller.
Jeremy Allison [Wed, 25 Jan 2012 22:11:12 +0000 (14:11 -0800)]
Add man page for vfs_aio_pthread module. (cherry picked from commit
d8c699190d2cc0ce64395c7b2b10bb25c98a2943)
Jeremy Allison [Thu, 22 Dec 2011 04:38:32 +0000 (20:38 -0800)]
Change the signature of pthreadpool_finished_job() to return 0 on success, errno on fail and return the jobid in a separate variable.
I need this fix for my vfs_aio_pthread.c module.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Thu Dec 22 12:12:33 CET 2011 on sn-devel-104
(cherry picked from commit
711c18c2301d1bea35cac1144080a94e6b89be27)
Stefan Metzmacher [Thu, 22 Sep 2011 19:04:51 +0000 (21:04 +0200)]
s3:smb2_server: fix a logic error, we should sign non guest sessions
metze
The last 2 patches address bug #8749 (SMB2: SessionSetup responses are not
signed).
Michael Adam [Wed, 21 Sep 2011 01:56:30 +0000 (03:56 +0200)]
s3:smb2-server: session setup replies should always be signed (except for guest sessions)
not only if the session should be signed
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Wed Sep 21 11:00:09 CEST 2011 on sn-devel-104
Ira Cooper [Sat, 4 Feb 2012 00:47:18 +0000 (16:47 -0800)]
s3-popt: Fix configure.developer builds on Solaris.
alloca.h needs to be included, or the build complains the implicit
definition of alloca.
Signed-off-by: Jeremy Allison <jra@samba.org>
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sat Feb 4 03:27:42 CET 2012 on sn-devel-104
(cherry picked from commit
74ca6d1ddb1c5a4fbe9ddb29566878efe1761897)
Fix bug #8743 (configure.developer build is broken).
Christian Ambach [Wed, 24 Aug 2011 14:21:37 +0000 (16:21 +0200)]
s3:winbindd fix a return code check
talloc_traverse_dict will return with -1 in case of an error and
might return positive values that indicate the count of found
entries
Autobuild-User: Christian Ambach <ambi@samba.org>
Autobuild-Date: Wed Aug 24 18:09:11 CEST 2011 on sn-devel-104
Fix bug #8406 (winbind might not return groupnames to getgrgid nss calls).
Volker Lendecke [Tue, 31 Jan 2012 21:26:35 +0000 (22:26 +0100)]
s3: Add rmdir operation to streams_depot
The last 2 patches address bug #8733 (streams_depot leaves streams around on
rmdir).
Volker Lendecke [Tue, 31 Jan 2012 21:26:23 +0000 (22:26 +0100)]
s3: Delete streams on directories
Michael Adam [Wed, 1 Feb 2012 14:25:12 +0000 (14:25 +0000)]
s3:smbd:smb2: fix an assignment-instead-of-check bug conn_snum_used()
Accidential "=" instead of "==".
Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Wed Feb 1 17:10:15 CET 2012 on sn-devel-104
(cherry picked from commit
6ba09e039e4efee33ce6b8cd9f919409656c2afb)
Fix bug #8738 (SMB2 server will not release unused shares).
Ira Cooper [Tue, 31 Jan 2012 20:15:36 +0000 (12:15 -0800)]
Fix bug #8729 - getpass regressions on Solaris/Illumos - 3.6 and
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Tue Jan 31 23:28:09 CET 2012 on sn-devel-104
(cherry picked from commit
a1901b55cfa658f39a33d0ea120641f56453fe4e)
Stefan Metzmacher [Wed, 1 Feb 2012 16:04:17 +0000 (17:04 +0100)]
s3:auth: fill the sids array of the info3 in wbcAuthUserInfo_to_netr_SamInfo3() (bug #8739)
Originally, only the rid array was filled and foreign domain sids were omitted.
Pair-Programmed-With: Michael Adam <obnox@samba.org>
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Thu Feb 2 12:59:32 CET 2012 on sn-devel-104
(cherry picked from commit
dab7b0e7171edf5b11af154175711e2b972c000b)
Stefan Metzmacher [Wed, 1 Feb 2012 16:02:52 +0000 (17:02 +0100)]
s3:auth: fix potential gap creation in wbcsids_to_samr_RidWithAttributeArray()
Pair-Programmed-With: Michael Adam <obnox@samba.org>
metze
(cherry picked from commit
adbab7710d1fc4ca31469982dae0ee51e6b19896)
Stefan Metzmacher [Tue, 31 Jan 2012 18:02:18 +0000 (10:02 -0800)]
s3:client: ignore SMBecho errors (the server may not support it) (bug #8139) Signed-off-by: Jeremy Allison <jra@samba.org>
Matthieu Patou [Mon, 30 Jan 2012 08:05:08 +0000 (00:05 -0800)]
s3-winbind: don't try to do clever thing if the username is not found while authenticating through winbind
This could cause that we authenticate a user with a bogus domain to
winbind's domain if the password supplied for the PAM_AUTH match.
The problem was reported by Jeff Venable (jvenable@juniper.net).
Patch from Andrew Bartlett (abartlett@samba.org).
Autobuild-User: Matthieu Patou <mat@samba.org>
Autobuild-Date: Mon Jan 30 18:58:12 CET 2012 on sn-devel-104
(cherry picked from commit
56d5cb938651b9c67a8400d1adc61a23889a6a29)
Fix bug #8734 (When using PAM_AUTH API from winbind if Kerberos auth is enabled,
samba will authenticate user with a bogus domain).
Andrew Bartlett [Sat, 28 Jan 2012 00:03:55 +0000 (16:03 -0800)]
Fix for bug #8727 - smbclient fails with posix large reads.
s3-libsmb Do not limit read replies to NBT packet sizes
With the posix extensions, we can read 16MB at a time, so we need to check
the full size of the packet, not the size rounded down to the old NBT
limit.
Signed-off-by: Jeremy Allison <jra@samba.org>
Karolin Seeger [Mon, 30 Jan 2012 19:38:38 +0000 (20:38 +0100)]
WHATSNEW: Start release notes for Samba 3.6.4.
Karolin
Karolin Seeger [Mon, 30 Jan 2012 19:36:14 +0000 (20:36 +0100)]
VERSION: Bump version up to 3.6.4.
Karolin
Ira Cooper [Sun, 29 Jan 2012 19:36:05 +0000 (20:36 +0100)]
s3-smbd: Fix bug #8724.
Fix bug #8724 - Memory leak in parent smbd on connection.
This is CVE-2012-0817.
Patch have been created by Ira Cooper <ira@wakeful.net> and
Jeremy Allison <jra@samba.org>.
Karolin Seeger [Sun, 29 Jan 2012 19:33:38 +0000 (20:33 +0100)]
WHATSNEW: Add release notes for 3.6.3.
Karolin
Karolin Seeger [Sun, 29 Jan 2012 19:33:15 +0000 (20:33 +0100)]
VERSION: Bump version up to 3.6.3.
Karolin
Karolin Seeger [Wed, 25 Jan 2012 18:23:06 +0000 (19:23 +0100)]
WHATSNEW: Add another change.
Jeremy, thanks a lot for the fix!
Jeremy Allison [Wed, 25 Jan 2012 18:19:14 +0000 (19:19 +0100)]
s3-spoolss: Pass the right pointer type.
Follow-up fix for an issue introduced by a fix for bug #4942.
Karolin Seeger [Mon, 23 Jan 2012 20:39:58 +0000 (21:39 +0100)]
WHATSNEW: Add another change.
Karolin
Jeremy Allison [Mon, 23 Jan 2012 19:20:52 +0000 (11:20 -0800)]
Second part of fix for 8636 - When returning an ACL without SECINFO_DACL requested, we still set SEC_DESC_DACL_PRESENT in the type field.
Ensure we always ask for the set:
OWNER_SECURITY_INFORMATION |
GROUP_SECURITY_INFORMATION |
DACL_SECURITY_INFORMATION |
SACL_SECURITY_INFORMATION
when getting an ACL inside the module.
Jeremy Allison [Wed, 30 Nov 2011 00:31:18 +0000 (16:31 -0800)]
Fix bug 8636 - When returning an ACL without SECINFO_DACL requested, we still set SEC_DESC_DACL_PRESENT in the type field.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Nov 30 04:59:07 CET 2011 on sn-devel-104
(cherry picked from commit
da992be64f39364fbb8bca26e9421c7a36c49ac6)
Karolin Seeger [Mon, 23 Jan 2012 20:22:40 +0000 (21:22 +0100)]
WHATSNEW: Add major changes.
Please feel free to add more entries.
Karolin
Karolin Seeger [Mon, 23 Jan 2012 19:52:37 +0000 (20:52 +0100)]
WHATSNEW: Add more changes.
Karolin
David Disseldorp [Tue, 17 Jan 2012 16:07:01 +0000 (17:07 +0100)]
torture: add spoolss overlapping driver deletion tests
The last 7 patches address bug #8697 (DeletePrinterDriverEx never removes
printer driver files) and bug #4942 (DeletePrinterDriverEx deletes files
in use).
David Disseldorp [Tue, 17 Jan 2012 14:20:51 +0000 (15:20 +0100)]
torture: confirm printer driver file removal
David Disseldorp [Mon, 16 Jan 2012 15:30:17 +0000 (16:30 +0100)]
torture: add spoolss del printer driver test
Test handling of DeletePrinterDriverEx when the DPD_DELETE_ALL_FILES
flag is set.
David Disseldorp [Tue, 17 Jan 2012 16:06:38 +0000 (17:06 +0100)]
s3-spoolss: fix printer_driver_files_in_use() call ordering
printer_driver_files_in_use() performs two tasks: it returns whether any
of the files in the to-be-deleted driver overlap with other drivers, it
also trims such files from the info structure passed in.
In processing a DeletePrinterDataEx request with DPD_DELETE_UNUSED_FILES
set, printer_driver_files_in_use() must be called to ensure files in
use by other drivers are not removed.
https://bugzilla.samba.org/show_bug.cgi?id=4942
David Disseldorp [Thu, 12 Jan 2012 15:27:37 +0000 (16:27 +0100)]
s3-spoolss: fix printer driver version deletion
Spoolss delete printer driver code currently makes invalid version
assumptions based on the architecture requested by the client.
Ugly hacks are in place to cover removal of other versions (2 and 3).
This change wraps multi version deletion in a simple for loop.
David Disseldorp [Wed, 11 Jan 2012 18:50:36 +0000 (19:50 +0100)]
s3-spoolss: prefix print$ path on driver file deletion
Driver file paths stored in the registry do not include the server path
prefix. delete_driver_files() incorrectly assumes such a prefix.
https://bugzilla.samba.org/show_bug.cgi?id=8697
David Disseldorp [Tue, 10 Jan 2012 17:21:42 +0000 (18:21 +0100)]
spoolss: fix DPD_DELETE_ALL_FILES error return
If DeletePrinterDriverEx is called with DPD_DELETE_ALL_FILES and files
assigned to the to-be-deleted driver overlap with other drivers then an
error is returned. Change the error code here to match Windows 2k8r2.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Karolin Seeger [Sun, 22 Jan 2012 20:22:24 +0000 (21:22 +0100)]
WHATSNEW: Add more changes since 3.6.1.
Karolin
Karolin Seeger [Sat, 21 Jan 2012 21:17:42 +0000 (22:17 +0100)]
WHATSNEW: Start release notes for 3.6.2.
To be continued...
Karolin
Matthieu Patou [Sat, 21 Jan 2012 20:34:06 +0000 (21:34 +0100)]
[PATCH] s3: improve the code in the AES encryption.
Remove looping replace them by memcpy.
Fix bug #8674 (Buffer overflow in vfs_smb_traffic_analyzer).
.
Jeremy Allison [Sat, 21 Jan 2012 20:16:19 +0000 (21:16 +0100)]
s3: Fix bug #8674.
Buffer overflow issue with AES encryption in samba traffic analyzer.
Jeremy Allison [Tue, 10 Jan 2012 21:49:03 +0000 (13:49 -0800)]
Third part of fix for bug #8673 - NT ACL issue.
(Not needed in master as this code has changed). Ensure we set a temp
access mask before calling open(O_RDONLY|O_DIRECTORY) on the directory.
Jeremy Allison [Tue, 10 Jan 2012 21:48:18 +0000 (13:48 -0800)]
Second part of fix for bug #8673 - NT ACL issue.
Ensure we process the entire ACE list instead of returning ACCESS_DENIED
and terminating the walk - ensure we only return the exact bits that cause
the access to be denied. Some of the S3 fileserver needs to know if we
are only denied DELETE access before overriding it by looking at the
containing directory ACL.
Jeremy Allison [Tue, 10 Jan 2012 21:41:55 +0000 (13:41 -0800)]
First part of fix for bug #8673 - NT ACL issue.
Simplify the logic in the unlink/rmdir calls - makes it readable
(and correct). Add some debug.
Jeremy Allison [Fri, 16 Dec 2011 23:50:58 +0000 (15:50 -0800)]
Third part of fix for bug #8663 - deleting a symlink fails if the symlink target is outside of the share.
can_access_file_acl() - we can always delete a symlink.
can_delete_file_in_directory() - We don't need to do another STAT call
here, we know smb_fname->st is in a valid state.
smbd_check_open_rights() - we can always delete a symlink.
Jeremy Allison [Fri, 16 Dec 2011 23:37:07 +0000 (15:37 -0800)]
Second part of fix for bug #8663 - deleting a symlink fails if the symlink target is outside of the share.
Ensure we use UCF_UNIX_NAME_LOOKUP flags on filename_convert()
when doing a restricted set of infolevels in trans2setfilepathinfo().
Jeremy Allison [Fri, 16 Dec 2011 23:35:55 +0000 (15:35 -0800)]
First part of fix for bug #8663 - deleting a symlink fails if the symlink target is outside of the share.
Remove two unneeded check_name() calls. They have already been done
in order to get here.
Jeremy Allison [Wed, 18 Jan 2012 20:38:14 +0000 (12:38 -0800)]
Fix bug 8710 - connections.tdb - major leak with SMB2.
Ensure the cnum used to claim the connection for SMB2 is the
id that will be used for the SMB2 tcon. Based on code from
Ira Cooper <ira@wakeful.net>.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Jan 18 23:14:32 CET 2012 on sn-devel-104
(cherry picked from commit
39c627b60754bd89c419b2d7e32d32c7a9af5a11)
Jeremy Allison [Fri, 16 Dec 2011 23:53:46 +0000 (15:53 -0800)]
Fix bug #8664 - Renaming a symlink fails if the symlink target is outside of the share.
David Disseldorp [Fri, 13 Jan 2012 21:51:22 +0000 (13:51 -0800)]
idl: add to_null property
to_null specifies that character conversion should only occur until the
null pointer in an array based string.
Signed-off-by: Jeremy Allison <jra@samba.org>
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sat Jan 14 00:51:54 CET 2012 on sn-devel-104
The last 5 patches address bug #8606 (Intermittent print job failures caused by
character conversion errors).
David Disseldorp [Wed, 23 Nov 2011 01:03:48 +0000 (02:03 +0100)]
idl: add to_null attribute to the spoolss devicename array
OpenPrinterEx requests have also been observed in the wild carrying
non-utf16 garbage after the device mode devicename field null
terminator.
Signed-off-by: Jeremy Allison <jra@samba.org>
David Disseldorp [Sun, 13 Nov 2011 19:40:56 +0000 (20:40 +0100)]
idl: add to_null attribute to the spoolss formname array
OpenPrinterEx requests have been observed in the wild carrying a device
mode formname "A4" followed by non-utf16 garbage after the null
terminator. Such requests currently fail during unmarshalling in the
ndr_pull_charset() codepath, causing intermittent print job failures.
This change ensures that garbage after the device mode formname null
terminator is not processed in unmarshalling.
https://bugzilla.samba.org/show_bug.cgi?id=8606
Signed-off-by: Jeremy Allison <jra@samba.org>
David Disseldorp [Sat, 14 Jan 2012 00:32:59 +0000 (16:32 -0800)]
ndr: add ndr_pull_charset_to_null()
The same as ndr_pull_charset(), however only perform character
conversion on bytes prior to and including the null terminator.
Signed-off-by: Jeremy Allison <jra@samba.org>
David Disseldorp [Sun, 13 Nov 2011 19:39:58 +0000 (20:39 +0100)]
idl: add parser for the to_null property
Compile into a ndr_pull_charset_to_null call.
Signed-off-by: Jeremy Allison <jra@samba.org>
Günther Deschner [Fri, 6 Jan 2012 15:10:55 +0000 (16:10 +0100)]
s3-libads: fix malloc/talloc mismatch in ads_keytab_verify_ticket().
Guenther
Fix big #8692 (ads_keytab_verify_ticket mixes talloc allocation with malloc
free).
Stefan Metzmacher [Thu, 10 Nov 2011 13:43:55 +0000 (14:43 +0100)]
libcli/cldap: fix a crash bug in cldap_socket_recv_dgram() (bug #8593)
After a calling any wrapper of tevent_req_notify_callback(),
e.g. tevent_req_nterror(), tevent_req_done(), tevent_req_nomem(),
a function has to return immediately otherwise it is very likely to
crash.
metze
(similar to commit
17f1a97a614db4ed8292544988cb6a6cf56621d8)
Stefan Metzmacher [Fri, 23 Dec 2011 13:45:45 +0000 (14:45 +0100)]
s3:lib/ctdbd_conn: try ctdbd_init_connection() as root (bug #8684)
ctdbd_traverse is only called if the main db_context is already
open. So if we could get to information via dbwrap_fetch,
we should also be able to traverse.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Fri Dec 23 18:19:14 CET 2011 on sn-devel-104
(cherry picked from commit
4a1895eb9921ad533910d08823c2814c470875fd)
Björn Baumbach [Fri, 18 Nov 2011 17:54:56 +0000 (18:54 +0100)]
s3-printing: fix migrate printer code (bug 8618)
Removed path from driver files.
We only need the basenames.
Volker Lendecke [Wed, 4 Jan 2012 19:09:54 +0000 (11:09 -0800)]
Fix bug #8686 - Packet validation checks can be done before length validation causing uninitialized memory read.
Jeremy Allison [Thu, 5 Jan 2012 21:54:29 +0000 (13:54 -0800)]
Fix bug #8687 - net memberships usage info is wrong
Typo in usage.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Fri Jan 6 00:30:20 CET 2012 on sn-devel-104
Andreas Schneider [Mon, 21 Nov 2011 17:19:43 +0000 (18:19 +0100)]
s3-libsmb: Don't duplicate kerberos service tickets.
This fixes bug #8628.
Each time we do a client connection. Each time we call to function to
get the service ticket from the cache we duplicate it. So with each
connection we end up with one or three duplicated tickets.
Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Thu Dec 15 19:30:42 CET 2011 on sn-devel-104
(cherry picked from commit
d0330c7dd64b320cd86e2341b31da6be81ba829b)
Jeremy Allison [Sat, 31 Dec 2011 05:19:08 +0000 (21:19 -0800)]
Final part of fix for bug #8679 - recvfile code path using splice() on Linux leaves data in the pipe on short write.
The code to set a DOS error on short writeX return is amazingly
legacy code, and also breaks the reply as fixup_chain_error_packet()
enforces a 2-byte wct on any reply where smb_rcls != 0.
Found in testing by Andrew Bartlett. Thanks Andrew !
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sat Dec 31 08:05:35 CET 2011 on sn-devel-104
(cherry picked from commit
e39df67669f61056692736db9c8dc16fbf2c3624)
Jeremy Allison [Sat, 31 Dec 2011 04:45:10 +0000 (20:45 -0800)]
Third part of fix for bug #8679 - recvfile code path using splice() on Linux leaves data in the pipe on short write.
Fix default_sys_recvfile() to correctly cope with
short writes. Return the amount written. Return
-1 and set errno if no data could be written.
(cherry picked from commit
5e6263960aaf1a5f9993cb7bb5646d36ff92b9cc)
Jeremy Allison [Sat, 31 Dec 2011 04:23:00 +0000 (20:23 -0800)]
Second part of fix for bug #8679 - recvfile code path using splice() on Linux leaves data in the pipe on short write.
Split out the functionality of drain_socket() into a separate
function from default_sys_recvfile().
(cherry picked from commit
a5715420e37b98038fe8f2c3028e4c6938400eed)
Jeremy Allison [Sun, 25 Dec 2011 05:12:09 +0000 (21:12 -0800)]
Fix bug #8679 - recvfile code path using splice() on Linux leaves data in the pipe on short write
Bug found and fix suggested by Andrew Bartlett.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sun Dec 25 07:46:38 CET 2011 on sn-devel-104
(cherry picked from commit
eb617374a673bb1189dd9b6bccbf3f1d9fb91010)
Masafumi Nakayama [Wed, 2 Nov 2011 09:35:19 +0000 (10:35 +0100)]
s3-cli: fix bug 563, >8GB tar on BE machines
Borrows on existing patches proposed by Craig Barratt and Brad Ellis.
Signed-off-by: David Disseldorp <ddiss@suse.de>
Autobuild-User: David Disseldorp <ddiss@samba.org>
Autobuild-Date: Tue Jan 3 18:31:28 CET 2012 on sn-devel-104
(cherry picked from commit
909056a2daacd961b40158b86bc117650a897054)
Andreas Schneider [Tue, 3 Jan 2012 15:55:25 +0000 (16:55 +0100)]
s3-winbind: Fix segfault if we can't map the last user.
This fixes bug #8678.
The issue is caused by bug #8608.
Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Wed Jan 4 18:30:53 CET 2012 on sn-devel-104
(cherry picked from commit
b9d208bdaa9da2a5ae534481865efc881b851b01)
Andreas Schneider [Tue, 3 Jan 2012 15:54:39 +0000 (16:54 +0100)]
s3-winbind: Move finding the domain to it's own function.
This the first part to fix bug #8678.
(cherry picked from commit
5075e565684627dfbd23f715da344b4365351ccb)
Jeremy Allison [Fri, 2 Dec 2011 18:55:40 +0000 (10:55 -0800)]
Fix bug #8644 - vfs_acl_xattr and vfs_acl_tdb modules can fail to add inheritable entries on a directory with no stored ACL.
If referring to an fsp sbuf can be left as an uninitialized variable,
causing the 'is_directory' variable to be false when it should be true.
Björn Jacke [Sat, 10 Dec 2011 12:53:42 +0000 (13:53 +0100)]
s3/doc: document the ignore system acls option of vfs_acl_xattr and vfs_acl_tdb
Autobuild-User: Björn Jacke <bj@sernet.de>
Autobuild-Date: Sat Dec 10 15:30:46 CET 2011 on sn-devel-104
(cherry picked from commit
f452add2231906742c9fd119371cd4fd81a1bdd6)
Fix bug #8652 (vfs_acl man pages miss "ignore system acls" option).
Fix bug #8652 (vfs_acl man pages miss "ignore system acls" option).
Volker Lendecke [Thu, 17 Nov 2011 21:24:24 +0000 (22:24 +0100)]
s3: Fix bug 8371
ndr_set_flag or's in the given flag (ALIGN4). At this point, ndr->flags
contains NOALIGN, which will persist. In ndr_push_DATA_BLOB NOALIGN overrides
everything else, so that the ALIGN4 is not respected.
Andreas Schneider [Mon, 5 Dec 2011 20:33:25 +0000 (12:33 -0800)]
s3-winbind: Add an update function for winbind cache.
With
57b3d32 we changed the format for the winbind cache database and
the code deleted the database for the upgrade. As this database holds
also cached credentials, removing it is not an option. We need to update
from version 1 to version 2.
Fix bug #8643 (A Samba update to 3.6 deletes the winbind cache with cached
credentials).
Volker Lendecke [Wed, 30 Nov 2011 17:51:27 +0000 (18:51 +0100)]
s3: Attempt to fix the vfs_commit module
This bug went in in 2007. I wonder how much this module is actually used....
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Wed Nov 30 21:46:09 CET 2011 on sn-devel-104
(cherry picked from commit
b638abf70a3c9b2815344454946c0931295551be)
Jeremy Allison [Tue, 29 Nov 2011 19:55:39 +0000 (11:55 -0800)]
Fix bug 8631 - POSIX ACE x permission becomes rx following mapping to and from a DACL Reported by David Disseldorp. Fix based on a patch by David.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Tue Nov 29 22:32:27 CET 2011 on sn-devel-104
(cherry picked from commit
6bf97ea3bc70745f64f82251cbce443f2637c703)
Richard Sharpe [Mon, 14 Nov 2011 15:47:38 +0000 (07:47 -0800)]
Improve configure.in so it can be used outside the Samba source tree.
Autobuild-User: Richard Sharpe <sharpe@samba.org>
Autobuild-Date: Thu Nov 17 07:00:38 CET 2011 on sn-devel-104
(cherry picked from commit
f50aa988c201c2fe78e467f1a419bedc741e1d31)
Fix bug #8607 (The configure.in in examples/VFS does not easily allow building
modules outside the Samba source tree).
Stefan Metzmacher [Fri, 18 Nov 2011 07:40:18 +0000 (08:40 +0100)]
s3:libsmb: only align unicode pipe_name (bug #8586)
metze
(cherry picked from commit
48bcb8c846532ccd5489ef705182fb81c5278b04)
Andreas Schneider [Mon, 14 Nov 2011 09:01:31 +0000 (10:01 +0100)]
s3-winbind: Don't fail on users without a uid.
This fixes bug #8608.
If you join samba with idmap_ad backend to an AD. When you try to
enumerate users with 'getent passwd' and the user doesn't have a uid
set, then getent is aborted cause of NT_STATUS_NONE_MAPPED. If we can't
map a user we should not stop but continue enumerating users.
This normally happens with the default user 'krbtgt' with idmap_ad but
could also happen with other backends.
Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Tue Nov 15 16:52:04 CET 2011 on sn-devel-104
(backported from commit
10b285ccc29b106f164a6c18116e237634867717)
Signed-off-by: Andreas Schneider <asn@samba.org>
Andrew Bartlett [Mon, 9 May 2011 15:43:45 +0000 (17:43 +0200)]
lib/util/ Fix crash bug caused by gfree_debug()
The issue is that we should reset the debug_num_classes to 0 when we
un-initialise the debug system.
Andrew Bartlett
(cherry picked from commit
5db0cd55d4db9cc71f32dc0097e2f014c22967bc)
Fix bug #8623 (Crash when trying to browse samba printers).
Björn Jacke [Fri, 18 Nov 2011 12:40:17 +0000 (13:40 +0100)]
s3: allow to set TCP_NODELAYACK socket option on AIX (#8616)
this is the AIX way to disable delayed ACKs, the same like TCP_QUICKACK on
Linux
this is a backport of
383a918322c1edd1977fdbce19e52e8c8e6ffac1
git.samba.org / metze / samba / wip.git / log