Karolin Seeger [Sun, 22 Feb 2015 13:24:55 +0000 (14:24 +0100)]
VERSION: Disable git snapshots for the 3.0.25 release.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11077
CVE-2015-0240: talloc free on uninitialized stack pointer in netlogon server
could lead to security vulnerability.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Sat, 21 Feb 2015 20:29:36 +0000 (21:29 +0100)]
WHATSNEW: Add release notes for Samba 3.0.25.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11077
CVE-2015-0240: talloc free on uninitialized stack pointer in netlogon server
could lead to security vulnerability.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Andreas Schneider [Mon, 16 Feb 2015 09:56:03 +0000 (10:56 +0100)]
auth: Make sure that creds_out is initialized with NULL.
This is an additional patch for CVE-2015-0240.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11077#c32
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Andreas Schneider [Mon, 16 Feb 2015 09:59:23 +0000 (10:59 +0100)]
s3-netlogon: Make sure we do not deference a NULL pointer.
This is an additional patch for CVE-2015-0240.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11077#c32
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Jeremy Allison [Wed, 28 Jan 2015 22:47:31 +0000 (14:47 -0800)]
CVE-2015-0240: s3: netlogon: Ensure we don't call talloc_free on an uninitialized pointer.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11077
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Karolin Seeger [Sun, 22 Feb 2015 13:21:34 +0000 (14:21 +0100)]
VERSION: Re-enable git snapshots.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Thu, 15 Jan 2015 11:12:10 +0000 (12:12 +0100)]
VERSION: Bump version up to 4.0.25.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
(cherry picked from commit
f9693a1766b88ce068bb04c88f1a41ce3330e2cc)
Karolin Seeger [Mon, 12 Jan 2015 20:05:40 +0000 (21:05 +0100)]
VERSION: Disable git snapshots for the 4.0.24 release.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Mon, 12 Jan 2015 20:01:33 +0000 (21:01 +0100)]
WHATSNEW: Add release notes for Samba 4.0.24.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Andrew Bartlett [Thu, 4 Dec 2014 04:23:29 +0000 (17:23 +1300)]
CVE-2014-8143:dsdb-samldb: Check for extended access rights before we allow changes to userAccountControl
This requires an additional control to be used in the
LSA server to add domain trust account objects.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10993
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Mon, 8 Dec 2014 01:20:21 +0000 (14:20 +1300)]
CVE-2014-8143:dsdb: Allow use of dsdb_autotransaction_request outside util.c
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10993
Change-Id: If6bc90305a1e9a5a92562a01ba7e44330de91cc1
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Sun, 7 Dec 2014 23:19:19 +0000 (12:19 +1300)]
CVE-2014-8143:pydsdb: Pull in UF_USE_AES_KEYS flag
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10993
Change-Id: I36ad5ebc5d8a4811c41b59af90a3add4ae5fd857
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Tue, 11 Nov 2014 02:23:02 +0000 (15:23 +1300)]
CVE-2014-8143:auth: Force talloc type of session_info pointer to match
This helps us keep things safe in LDB where we put this in a opaque pointer.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10993
Andrew Bartlett
Change-Id: I46fe53ba655ca0810c276b72fbca524884cdf22d
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Karolin Seeger [Sun, 7 Dec 2014 20:47:37 +0000 (21:47 +0100)]
VERSION: Bump version up to 4.0.24...
...and re-enable git snapshots.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
(cherry picked from commit
b1adeee4aed02f3066f9a96f20daeb3dce43b68c)
Karolin Seeger [Sun, 7 Dec 2014 20:46:20 +0000 (21:46 +0100)]
VERSION: Disable git snapshots for the 4.0.23 release.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Sun, 7 Dec 2014 20:44:58 +0000 (21:44 +0100)]
WHATSNEW: Add release notes for Samba 4.0.23.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Michael Adam [Thu, 4 Sep 2014 10:45:48 +0000 (12:45 +0200)]
Revert "buildtools: Rename perl vendorarch configure option."
This reverts commit
04685ff4eed9535769d6a5feee7353f1796a4389.
We are reverting buildtools/wafadmin/Tools/perl.py back to upstream state.
Everything special is now in buildtools/wafsamba/samba_perl.py.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10472
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Sep 9 03:07:20 CEST 2014 on sn-devel-104
(cherry picked from commit
1f878b9986523ce9e35dd74ae3c201f4e55f66f3)
Autobuild-User(v4-0-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-0-test): Tue Nov 18 23:11:44 CET 2014 on sn-devel-104
Michael Adam [Thu, 4 Sep 2014 10:45:40 +0000 (12:45 +0200)]
Revert "buildtools: Add perl vendorlib configure option."
This reverts commit
48f0183dbeddd7bdf333a40fe0d3e1c7e7fe00f2.
We are reverting buildtools/wafadmin/Tools/perl.py back to upstream state.
Everything special is now in buildtools/wafsamba/samba_perl.py.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10472
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
0b91f7d806b9d18881edb8df981a9eeb057580e5)
Michael Adam [Thu, 4 Sep 2014 10:45:32 +0000 (12:45 +0200)]
Revert "wafsamba: If perl can't provide defaults, define them."
This reverts commit
0ba276ebad57d75a769e22414f94acbe8c177d97.
We are reverting buildtools/wafadmin/Tools/perl.py back to upstream state.
Everything special is now in buildtools/wafsamba/samba_perl.py.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10472
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
42990ca3c8fa5752280840ea202a537915680b7d)
Michael Adam [Thu, 4 Sep 2014 10:45:21 +0000 (12:45 +0200)]
Revert "wafsamba: Fail with error message if perl doesn't provide valid dirs."
This reverts commit
2637890ef42a238093f0f3cbdda0d621d5f9b2e2.
We are reverting buildtools/wafadmin/Tools/perl.py back to upstream state.
Everything special is now in buildtools/wafsamba/samba_perl.py.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10472
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
c5dd2f18dd09b08758fc68a4aac10cf01d775c85)
Stefan Metzmacher [Tue, 26 Aug 2014 19:33:05 +0000 (21:33 +0200)]
pidl/wscript: remove --with-perl-* options
These are not needed anymore as we have useful defaults now.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10472
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
ee2148754e2e2604ac918343fa8769a25523eb49)
Stefan Metzmacher [Wed, 12 Nov 2014 10:36:13 +0000 (11:36 +0100)]
Revert "autobuild: Set perl vendorlib direcotry."
This reverts commit
60b8f8f61db0fd85e20a009d7274d19b470fbd65.
Stefan Metzmacher [Wed, 12 Nov 2014 10:34:00 +0000 (11:34 +0100)]
Revert "script/autobuild: make use of --with-perl-{arch,lib}-install-dir"
This reverts commit
d6043d62521391cf9c1d5b0f7f11618c6c3b46fb.
Michael Adam [Mon, 25 Aug 2014 21:58:48 +0000 (23:58 +0200)]
pidl: remove superfluous "use lib ...".
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10472
Signed-off-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
fac24e11655c554cd3113dfb6fc918a0fd3c880c)
Michael Adam [Mon, 25 Aug 2014 21:57:23 +0000 (23:57 +0200)]
pidl: fix the perl module search path (use lib ...) when installing pidl.
This way, pidl can also run with modules installed under the $prefix.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10472
Signed-off-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
b537c5a340bae2accbf35a4ec5eab7074b90f0b1)
Michael Adam [Thu, 17 Jul 2014 14:54:54 +0000 (16:54 +0200)]
wafsamba: add perl_fixup parameter to INSTALL_FILES
This fixes the search path for modules when installing
a perl "binary" by replacing a line 'use lib "$RealBin/lib";'
which works for the build directory with the appropriate
"use lib" line.
This is a step in allowing to install perl modules under the
prefix directory again.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10472
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
f73a0c2af9748d57721211472cd6c50b990ee693)
Michael Adam [Wed, 27 Aug 2014 20:19:38 +0000 (22:19 +0200)]
s3:build: don't detect perl in source3/wscript again.
This is done in the top level now.
Signed-off-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
e7fc38a7df90e26a96ec5573042dccc1746e4f2c)
Michael Adam [Wed, 3 Sep 2014 23:38:14 +0000 (01:38 +0200)]
pidl/wscript: don't check for perl again.
This is done at the toplevel now.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10472
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
191fc0e541e7c9d0a1095dc287402df9947ce779)
Michael Adam [Mon, 25 Aug 2014 23:31:17 +0000 (01:31 +0200)]
build: do full SAMBA_CHECK_PERL() check in configure
...instead of only checking for the perl binary
This autodetects PERL_LIB_INSTALL_DIR and removes the
need of the --with-perl-lib-install-dir when using a --prefix!=/usr.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10472
Signed-off-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
7bf9e937ae59e10a9b40be3a60ffaad49669fb83)
Michael Adam [Mon, 25 Aug 2014 23:29:57 +0000 (01:29 +0200)]
wafsamba: add samba_perl.py with SAMBA_CHECK_PERL() higher level check.
This checks for the perl binary, sets PERL and PERL_SPECIFIED
as well es the PERL_ARCH_INSTALL_DIR and PERL_LIB_INSTALL_DIR.
We want to avoid installing the perl modules outside the prefix.
I.e. generally,the perl modules should be installed
under "$prefix/share/perl5".
This improves the fixes for bug #10472.
The new strategy for automatically setting the paths is this:
- if the prefix equals perl's vendorprefix, then
- PERL_LIB_INSTALL_DIR is set to perl's vendorlib dir
- PERL_ARCH_INSTALL_DIR is set to perl's vendorarch dir
- otherwise:
- PERL_LIB_INSTALL_DIR is set to ${DATADIR}/perl5
(usually ${PREFIX}/share/perl5)
- PERL_ARCH_INSTALL_DIR is set to ${LIBDIR}/perl5
(usually ${PREFIX}/lib/perl5)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10472
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
75c3e240e0703be8c86596e689e466b4dee5e85e)
Michael Adam [Mon, 25 Aug 2014 22:41:54 +0000 (00:41 +0200)]
dynconfig: implement PERL_ARCH_INSTALL_DIR
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10472
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
6ad678166c85f0eb90b76ccf842d1aa8dcb6b41a)
Michael Adam [Mon, 25 Aug 2014 21:59:46 +0000 (23:59 +0200)]
dynconfig: implement PERL_LIB_INSTALL_DIR.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10472
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
e5d54c5841c003d55960458da29635b3656884df)
Stefan Metzmacher [Wed, 27 Aug 2014 08:29:50 +0000 (10:29 +0200)]
lib/ldb/wscript: pass dep_vars=['LDB_VERSION'] to SAMBA_GENERATOR()
bld.add_manual_dependency() only works for files not for environment variables.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
bb9a939e78d54a4b09f38d1f7cec1544239fef34)
Stefan Metzmacher [Wed, 27 Aug 2014 08:15:56 +0000 (10:15 +0200)]
docs-xml/wscript_build: pass dep_vars=bld.dynconfig_varnames() to SAMBA_GENERATOR()
This avoids the use of always=True.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
de0443ac7690923fa1731560fa51a551711f37fe)
Stefan Metzmacher [Wed, 27 Aug 2014 08:13:09 +0000 (10:13 +0200)]
dynconfig/wscript: add dynconfig_varnames()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
32ddd5b6559ad22b2ca84262c396dc889d661bab)
Stefan Metzmacher [Wed, 27 Aug 2014 08:08:21 +0000 (10:08 +0200)]
wafsamba: let SAMBA_BLDOPTIONS() use dep_vars=['defines'] instead of always=True
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
a41a9ad0749755d612df81bb77384b4f479e1af2)
Stefan Metzmacher [Tue, 26 Aug 2014 21:14:23 +0000 (23:14 +0200)]
wafsamba: fix dependencies on environment variables for python_fixup
We now checksum the sourcecode of copy_and_fix_python_path()
and the env variables used by this function.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
7316653a82fea3dfe1ac8aa89003ce15836a11b9)
Stefan Metzmacher [Tue, 26 Aug 2014 21:11:39 +0000 (23:11 +0200)]
wafsamba: allow an optional dep_vars list to be passed to SAMBA_GENERATOR()
This can be used to checksum variables used in the rule function.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
04bb8ff7e6a3908b952d4d95edc2c7411611ac33)
Stefan Metzmacher [Tue, 26 Aug 2014 21:11:39 +0000 (23:11 +0200)]
wafsamba: fix dependency for SAMBA_GENERATOR() when passing vars!=None
vars can only be a dictionary as that's the only thing bld.EXPAND_VARIABLES()
accepts.
We need to checksum the whole vars dictionary into the dependencies.
We set task.env.SAMBA_GENERATOR_VARS = vars and add SAMBA_GENERATOR_VARS
to the dep_vars.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10472
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
da8c76354549a64181cffc36e1c0bb0c6c4f87d3)
Stefan Metzmacher [Tue, 26 Aug 2014 21:11:39 +0000 (23:11 +0200)]
wafsamba: fix dependency calculation for SAMBA_GENERATOR()
We need to checksum the rule as string command of the
sourcecode of the python function.
This is stored in the 'ruledeps' envariable on the waf Task.
See exec_rule() in wafadmin/TaskGen.py.
dep_vars = getattr(self, 'dep_vars', ['ruledeps'])
if dep_vars:
tsk.dep_vars = dep_vars
if isinstance(self.rule, str):
tsk.env.ruledeps = self.rule
else:
# only works if the function is in a global module such as a waf tool
tsk.env.ruledeps = Utils.h_fun(self.rule)
If there's no 'dep_vars' it defaults to ['ruledeps'].
As we pass our own 'dep_vars' we need to explicitly add
'ruledeps'.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10472
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
ee8fbbd41741e958e0ab6d7b9ab465d664abac60)
Michael Adam [Mon, 25 Aug 2014 21:39:50 +0000 (23:39 +0200)]
wafsamba: improve wording in a comment
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
210d7de34f953c308e5fa3db9506796ef2b21688)
Michael Adam [Mon, 25 Aug 2014 21:38:29 +0000 (23:38 +0200)]
wafsamba: remove unused variable from copy_and_fix_python_path
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
ca06fac2c87d4abe884d2b6e3c1022266b06e287)
Andrew Bartlett [Wed, 15 Jan 2014 05:11:41 +0000 (18:11 +1300)]
docs: Always declare rule to build parameters.all.xml and do it first
This ensures this file and the rule to generate it can always be found.
Andrew Bartlett
Change-Id: I76d9f4470e2678fc2df4e3a13642737128938f3a
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
2c86758b04515998c690f293fada2cc43116d764)
Garming Sam [Wed, 8 Jan 2014 23:01:18 +0000 (12:01 +1300)]
docs: define and include entities for the docs
This allows for dynamic default settings to be generated.
Change-Id: If8b93d233fb941bc7e3073ccf4b5ec0b0a231bd9
Pair-programmed-with: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
57ba012c10fb21f261a3ab9136be05a694278df9)
Garming Sam [Tue, 7 Jan 2014 04:09:39 +0000 (17:09 +1300)]
docs: remove the file prefix from included path names
This allows the inbuilt python xml modules to perform the include.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
1d68b5b0bb3158cabcd371ab5c24392bcb0a32bd)
Garming Sam [Tue, 7 Jan 2014 03:08:50 +0000 (16:08 +1300)]
docs: update XInclude year to conform with current standard
This allows the inbuilt python XML parser to handle these includes.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
02379369ef7968f297b8678c9743679b4775662e)
Volker Lendecke [Tue, 11 Nov 2014 10:35:50 +0000 (10:35 +0000)]
pdb_tdb: Fix a TALLOC/SAFE_FREE mixup
Signed-off-by: Volker Lendecke <vl@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10932
invalid free in pdb_tdb
David Disseldorp [Thu, 30 Oct 2014 00:37:51 +0000 (01:37 +0100)]
spoolss: remove unused fill_job_info3()
This logic has been moved into the previous EnumJobs(level=3) caller.
The info3 structure only contains two fields that are used, so it
doesn't make sense to have a separate helper for it.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
d772b98283f289917a6a8370808d4d0912899384)
David Disseldorp [Thu, 30 Oct 2014 00:37:50 +0000 (01:37 +0100)]
spoolss: fix jobid in level 3 EnumJobs response
Until now, these responses have incorrectly carried the printing backend
job identifier (sysjob), rather than the one allocated and returned by
Samba on job submission.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10905
Reported-by: Franz Pförtsch <franz.pfoertsch@brose.com>
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
5e7ab3d2f4f7950099561eb22d6a9a1536297442)
David Disseldorp [Thu, 30 Oct 2014 00:37:49 +0000 (01:37 +0100)]
spoolss: fix jobid in level 2 GetJob and EnumJobs responses
Until now, these responses have incorrectly carried the printing backend
job identifier (sysjob), rather than the one allocated and returned by
Samba on job submission.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10905
Reported-by: Franz Pförtsch <franz.pfoertsch@brose.com>
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
45abaf81c67b62bab571df208931241afa660802)
David Disseldorp [Thu, 30 Oct 2014 00:37:48 +0000 (01:37 +0100)]
spoolss: fix jobid in level 1 GetJob and EnumJobs responses
Until now, these responses have incorrectly carried the printing backend
job identifier (sysjob), rather than the one allocated and returned by
Samba on job submission.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10905
Reported-by: Franz Pförtsch <franz.pfoertsch@brose.com>
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
4d7f5d2af6ef6960dccaccf89c6e88947e2591bf)
David Disseldorp [Thu, 30 Oct 2014 00:37:47 +0000 (01:37 +0100)]
spoolss: fix GetJob jobid lookups
Clients issue GetJob requests using the jobid assigned by the spoolss
server. The corresponding printing backend (sysjob) identifier needs to
be resolved to locate the correct print queue entry.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10905
Reported-by: Franz Pförtsch <franz.pfoertsch@brose.com>
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
3a28ae56977235d3c9e3abcd1f24b220e536c50d)
David Disseldorp [Thu, 30 Oct 2014 00:37:46 +0000 (01:37 +0100)]
printing: add jobid_to_sysjob helper function
Samba needs to deal with two types of print job identifiers, those
allocated by the printing backend (sysjob ids), and those allocated
by Samba's spoolss server (jobids).
This change adds a helper function to map spoolss jobids to sysjob ids,
to go alongside the corresponding sysjob to jobid mapping function.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
77b5be1742ee7aa2733a25bfa6a3af369f5c9401)
Stefan Metzmacher [Fri, 7 Nov 2014 23:57:40 +0000 (15:57 -0800)]
s3:smbd: fix file corruption using "write cache size != 0"
A client can:
- open a handle (h1)
- write some data to h1.
- open a 2nd handle h2 (downgrades both handles to level II)
- try to read the data on h2 (this gets old data)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10921
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(v4-0-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-0-test): Sun Nov 9 22:51:19 CET 2014 on sn-devel-104
David Disseldorp [Mon, 27 Oct 2014 19:13:59 +0000 (20:13 +0100)]
spoolss: fix handling of bad EnumJobs levels
Currently Samba is inconsistent when returning WERR_UNKNOWN_LEVEL
errors for spoolss EnumJobs requests - if no print jobs are present,
then WERR_OK will be returned, regardless of whether the EnumJobs level
is supported or not.
This change fixes this behaviour, by catching invalid or unsupported
levels prior to the no-jobs response fast-path.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10898
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Oct 28 03:05:35 CET 2014 on sn-devel-104
(cherry picked from commit
d4f233a746d89e13aae78008b499c71b695ff882)
Autobuild-User(v4-0-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-0-test): Wed Oct 29 23:28:50 CET 2014 on sn-devel-104
Jeremy Allison [Tue, 28 Oct 2014 18:55:30 +0000 (11:55 -0700)]
s3-nmbd: Fix netbios name truncation.
Try and cope with truncation more intelligently.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10896
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
6adcc7bffd5e1474ecba04d2328955c0b208cabc)
Signed-off-by: Andreas Schneider <asn@samba.org>
Richard Sharpe [Mon, 22 Jul 2013 23:04:43 +0000 (16:04 -0700)]
There are tests all over the SMB1 code to check that srv_send_smb fails, but it never returns false.
Even if the write to the socket/fd fails, we never return false and
will keep reading stuff off of the input buffer until it is exhausted
and then we will exit.
Signed-off-by: Richard Sharpe <rsharpe@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Richard Sharpe <sharpe@samba.org>
Autobuild-Date(master): Sat Aug 3 17:41:22 CEST 2013 on sn-devel-104
(cherry picked from commit
852c9ac34dbef66d0b2619554c611157c2fab771)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10880
S3: source3/smbd/process.c::srv_send_smb() returns true on the error path.
Jeremy Allison [Mon, 14 Jul 2014 23:13:24 +0000 (16:13 -0700)]
s3: daemons - ensure nmbd and winbindd are consistent in command line processing by adding POPT_COMMON_DYNCONFIG.
Bug #10711 - nmbd fails to accept --piddir option.
https://bugzilla.samba.org/show_bug.cgi?id=10711
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Tue, 23 Sep 2014 20:32:37 +0000 (13:32 -0700)]
s3: nmbd: Ensure the main nmbd process doesn't create zombies.
Use the same mechanism as setup for smbd and winbindd.
Fixes bug #10830 - nmbd can leave unreaped zombies.
https://bugzilla.samba.org/show_bug.cgi?id=10830
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(v4-0-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-0-test): Mon Oct 13 23:31:07 CEST 2014 on sn-devel-104
Jeremy Allison [Mon, 25 Aug 2014 19:27:54 +0000 (12:27 -0700)]
pthreadpool: Slightly serialize jobs
Using the new msg_source program with 1.500 instances against a single
msg_sink I found the msg_source process to spawn two worker threads for
synchronously sending the data towards the receiving socket. This should
not happen: Per destination node we only create one queue. We strictly
only add pthreadpool jobs one after the other, so a single helper thread
should be perfectly sufficient.
It turned out that under heavy overload the main sending thread was
scheduled before the thread that just had finished its send() job. So
the helper thread was not able to increment the pool->num_idle variable
indicating that we don't have to create a new thread when the new job
is added.
This patch moves the signalling write under the mutex. This means that
indicating readiness via the pipe and the pool->num_idle variable happen both
under the same mutex lock and thus are atomic. No superfluous threads anymore.
Back port of commit
1c4284c7395f23cefa61a407db74cf5067aee2aa
that went into master.
https://bugzilla.samba.org/show_bug.cgi?id=10779
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Tue, 23 Sep 2014 21:51:18 +0000 (14:51 -0700)]
s3: lib: Signal handling - ensure smbrun and change password code save and restore existing SIGCHLD handlers.
Bug #10831 - SIGCLD Signal handler not correctly reinstalled on old library code use - smbrun etc.
https://bugzilla.samba.org/show_bug.cgi?id=10831
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Jeremy Allison [Thu, 9 Oct 2014 20:41:05 +0000 (13:41 -0700)]
lib: util: Signal handling - change CatchChild() and CatchChildLeaveStatus() to return the previous handler.
Bug #10831 - SIGCLD Signal handler not correctly reinstalled on old library code use - smbrun etc.
https://bugzilla.samba.org/show_bug.cgi?id=10831
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Jeremy Allison [Wed, 1 Oct 2014 21:20:10 +0000 (14:20 -0700)]
s3: smb2cli: query info return length check was reversed.
Make it identical to the check in libcli/smb/smb2cli_ioctl.c
https://bugzilla.samba.org/show_bug.cgi?id=10848
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: "Stefan (metze) Metzmacher" <metze@samba.org>
Reviewed-by: David Disseldorp <ddiss@suse.de>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Oct 2 04:42:26 CEST 2014 on sn-devel-104
(cherry picked from commit
6c05cd3e895831be7d9a68a51de2048d04c188a0)
Autobuild-User(v4-0-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-0-test): Thu Oct 9 23:25:47 CEST 2014 on sn-devel-104
Andreas Schneider [Wed, 24 Sep 2014 08:51:33 +0000 (10:51 +0200)]
s3-libads: Add all machine account principals to the keytab.
This adds all SPNs defined in the DC for the computer account to the
keytab using 'net ads keytab create -P'.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9985
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit
5d58b92f8fcbc509f4fe2bd3617bcaeada1806b6)
Volker Lendecke [Wed, 8 Oct 2014 13:39:28 +0000 (15:39 +0200)]
registry: Don't leave dangling transactions
When a createkey fails due to access denied, we need to do a
transaction_cancel. Otherwise the lock on the db will stay around.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10860
Christof Schmitt [Thu, 11 Sep 2014 23:39:21 +0000 (16:39 -0700)]
s3-winbindd: Do not use domain SID from LookupSids for Sids2UnixIDs call
Create a new lsa_RefDomainList and populate it with the domain SID from
the original query. That avoids the problem that for migrated objects,
LookupSids returns the SID of the new domain, and combining that with
the RID from the input results in an invalid SID.
A better fix would be querying the RID of the user in the new domain,
but the approach here at least avoids id mappings entries for invalid
SIDs.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Sep 29 13:15:18 CEST 2014 on sn-devel-104
(cherry picked from commit
9c9216410faf707edc4ba05f2b715d45f7f51ca4)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10838
Invalid id mappings for users/groups migrated from another domain
Christof Schmitt [Thu, 11 Sep 2014 23:11:06 +0000 (16:11 -0700)]
s3: Move init_lsa_ref_domain_list to lib
This will be used in the next patch in winbind.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
16594e7fc0a46249a48d0d0635de0c1050ecd340)
Günther Deschner [Fri, 26 Sep 2014 01:35:43 +0000 (03:35 +0200)]
s3-libnet: Make sure we do not overwrite precreated SPNs.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9984
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Fri Sep 26 08:22:45 CEST 2014 on sn-devel-104
(cherry picked from commit
0aacbe78bb40d76b65087c2a197c92b0101e625e)
Andreas Schneider [Fri, 26 Sep 2014 01:09:08 +0000 (03:09 +0200)]
s3-libnet: Add libnet_join_get_machine_spns().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9984
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit
7e0b8fcce5572c88d50993a1dbd90f65638ba90f)
Andreas Schneider [Wed, 24 Sep 2014 07:23:58 +0000 (09:23 +0200)]
s3-libads: Add function to search for an element in an array.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9984
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit
e1ee4c8bc7018db7787dd9a0be6d3aa40a477ee2)
Andreas Schneider [Wed, 24 Sep 2014 07:22:03 +0000 (09:22 +0200)]
s3-libads: Add a function to retrieve the SPNs of a computer account.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9984
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit
4eaa4ccbdf279f1ff6d8218b36d92aeea0114cd8)
Andreas Schneider [Tue, 23 Sep 2014 12:09:41 +0000 (14:09 +0200)]
s3-libads: Improve service principle guessing.
If the name passed to the net command with the -S options is the long
hostname of the domaincontroller and not the 15 char NetBIOS name we
should construct a FQDN with the realm to get a Kerberos ticket.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10829
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit
83c62bd3f5945bbe295cbfbd153736d4c709b3a6)
Autobuild-User(v4-0-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-0-test): Tue Sep 30 22:44:58 CEST 2014 on sn-devel-104
Andreas Schneider [Fri, 19 Sep 2014 11:33:10 +0000 (13:33 +0200)]
nsswitch: Skip groups we were not able to map.
If we have configured the idmap_ad backend it is possible that the user
is in a group without a gid set. This will result in (uid_t)-1 as the
gid. We return this invalid gid to NSS which is wrong.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10824
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Fri Sep 19 17:57:14 CEST 2014 on sn-devel-104
(cherry picked from commit
7f59711f076e98ece099f6b38ff6da8c80fa6d5e)
Signed-off-by: Andreas Schneider <asn@samba.org>
Autobuild-User(v4-0-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-0-test): Mon Sep 29 22:07:06 CEST 2014 on sn-devel-104
Björn Jacke [Tue, 9 Sep 2014 20:35:08 +0000 (22:35 +0200)]
docs: mention incompatibility between kernel oplocks and streams_xattr
See BUG https://bugzilla.samba.org/show_bug.cgi?id=7537 for details.
Signed-off-by: Bjoern Jacke <bj@sernet.de>
Autobuild-User(master): Björn Jacke <bj@sernet.de>
Autobuild-Date(master): Fri Sep 12 18:29:37 CEST 2014 on sn-devel-104
(cherry picked from commit
27b2ddcddea5c32a84016b5c6843eb37d2798adf)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10814
Autobuild-User(v4-0-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-0-test): Thu Sep 18 11:15:53 CEST 2014 on sn-devel-104
Karolin Seeger [Mon, 15 Sep 2014 09:48:22 +0000 (11:48 +0200)]
WHATSNEW: Fix typo.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Sat, 13 Sep 2014 13:48:43 +0000 (15:48 +0200)]
VERSION: Bump version number up to 4.0.23...
and re-enable git snapshots.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Sat, 13 Sep 2014 13:48:07 +0000 (15:48 +0200)]
VERSION: Disable git snapshots for the 4.0.22 release.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Sat, 13 Sep 2014 13:47:13 +0000 (15:47 +0200)]
WHATSNEW: Add release notes for Samba 4.0.22.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Andreas Schneider [Thu, 4 Sep 2014 10:55:53 +0000 (12:55 +0200)]
selftest: Fix selftest where pid is used uninitialized.
On my system this gets evaluated to 0 so in the end we detect samba to
be running cause $childpid is set to 0.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10793
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Sep 4 17:09:17 CEST 2014 on sn-devel-104
(cherry picked from commit
6d2f56dbaf84203b351f33179cc3feaf557e0683)
Signed-off-by: Andreas Schneider <asn@samba.org>
Autobuild-User(v4-0-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-0-test): Thu Sep 11 22:02:42 CEST 2014 on sn-devel-104
Jeremy Allison [Wed, 3 Sep 2014 14:54:51 +0000 (07:54 -0700)]
s3: smbd: vfs_dirsort module.
Fix an off-by-one check that would cause seekdir to
seek off the end of the cached array.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ronnie Sahlberg <ronniesahlberg.gmail.com>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Sep 3 19:59:54 CEST 2014 on sn-devel-104
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10794
vfs_dirsort has an off-by-one error that can cause uninitialized memory read
Jeremy Allison [Fri, 25 Jul 2014 19:46:46 +0000 (12:46 -0700)]
s3: winbindd: On new client connect, prune idle or hung connections older than "winbind request timeout"
Bug 3204 winbindd: Exceeding 200 client connections, no idle connection found
https://bugzilla.samba.org/show_bug.cgi?id=3204
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jul 29 23:31:14 CEST 2014 on sn-devel-104
(cherry picked from commit
f9588675ea3cb2f1fabd07a4ea8b2138d65aee83)
Autobuild-User(v4-0-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-0-test): Tue Sep 2 22:45:38 CEST 2014 on sn-devel-104
Jeremy Allison [Tue, 29 Jul 2014 21:53:11 +0000 (14:53 -0700)]
s3: winbindd: Add new parameter "winbind request timeout" set to 60 seconds with man page.
"This parameter specifies the number of seconds the winbindd
daemon will wait before disconnecting either a client connection
with no outstanding requests (idle) or a client connection with a
request that has remained outstanding (hung) for longer than this
number of seconds."
Bug 3204 winbindd: Exceeding 200 client connections, no idle connection found
https://bugzilla.samba.org/show_bug.cgi?id=3204
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
David Disseldorp [Wed, 27 Aug 2014 13:42:00 +0000 (15:42 +0200)]
dosmode: fix FSCTL_SET_SPARSE request validation
Check that FSCTL_SET_SPARSE requests does not refer to directories. Also
reject such requests when issued over IPC or printer share connections.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10787
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Aug 28 04:22:37 CEST 2014 on sn-devel-104
(cherry picked from commit
0751495b1327d002b79482632b7c590cae6e3f9d)
Volker Lendecke [Tue, 19 Aug 2014 14:32:15 +0000 (14:32 +0000)]
smbd: Properly initialize mangle_hash
[Bug 10782] mangle_hash() can fail to initialize charset (smbd crash).
https://bugzilla.samba.org/show_bug.cgi?id=10782
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Aug 26 01:30:38 CEST 2014 on sn-devel-104
Roel van Meer [Fri, 22 Aug 2014 13:11:04 +0000 (15:11 +0200)]
Don't discard result of checking grouptype
The pdb_samba_dsdb_getgrfilter() function first determines the security type
of a group and sets map->sid_name_use accordingly. A little later, this
variable is set again, undoing the previous work.
https://bugzilla.samba.org/show_bug.cgi?id=10777
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Simo Sorce <idra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Aug 23 02:48:52 CEST 2014 on sn-devel-104
Marc Muehlfeld [Wed, 6 Aug 2014 19:36:26 +0000 (21:36 +0200)]
docs: Fix typos in smb.conf (inherit acls)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10761
Signed-off-by: Marc Muehlfeld <mmuehlfeld@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Thu Aug 7 00:52:42 CEST 2014 on sn-devel-104
(cherry picked from commit
4639f6d7bab9d8d6ee46bf5c65ff73a17a56cb17)
Shirish Pargaonkar [Sat, 26 Jul 2014 15:41:25 +0000 (10:41 -0500)]
samba: Retain case sensitivity of cifs client
When a client supports extended security but server does not,
and that client, in Flags2 field of smb header indicates that
- it supports extended security negotiation
- it does not support security signatures
- it does not require security signatures
Samba server treats a client as a Vista client.
That turns off case sensitivity and that is a problem for cifs vfs client.
So include remote cifs client along with remote samba client
to not do so otherwise.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10755
Signed-off-by: Shirish Pargaonkar <spargaonkar@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Fri Aug 1 16:11:43 CEST 2014 on sn-devel-104
(cherry picked from commit
a0583976da2ba09da0fd94f739ed4f5851e2a858)
David Disseldorp [Tue, 5 Aug 2014 15:33:33 +0000 (17:33 +0200)]
printing: reload printer shares on OpenPrinter
The printer share inventory should be reloaded on open _and_
enumeration, as there are some clients, such as cupsaddsmb, that do not
perform an enumeration prior to access.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10652
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Aug 8 16:33:50 CEST 2014 on sn-devel-104
(cherry picked from commit
1ad71f79eb473822d36d9629cf52c2fca4c53752)
David Disseldorp [Fri, 1 Aug 2014 14:25:59 +0000 (16:25 +0200)]
smbd: split printer reload processing
All printer inventory updates are currently done via
delete_and_reload_printers(), which handles registry.tdb updates for
added or removed printers, AD printer unpublishing on removal, as well
as share service creation and deletion.
This change splits this functionality into two functions such that
per-client smbd processes do not perform registry.tdb updates or printer
unpublishing. This is now only performed by the process that performs
the printcap cache update.
This change is similar to
ac6604868d1325dd4c872dc0f6ab056d10ebaecf from
the 3.6 branch.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10652
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
2706af4d78fc9a47a4ac45b373edf276e3a9b354)
David Disseldorp [Tue, 5 Aug 2014 16:45:24 +0000 (18:45 +0200)]
server: remove duplicate snum_is_shared_printer()
Only keep a single definition in server_reload.c
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10652
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
2685df1177ffd39b1af34eb116bd7b24d4b12974)
David Disseldorp [Wed, 23 Jul 2014 12:42:00 +0000 (14:42 +0200)]
smbd: only reprocess printer_list.tdb if it changed
The per-client smbd printer share inventory is currently updated from
printer_list.tdb when a client enumerates printers, via EnumPrinters or
NetShareEnum.
printer_list.tdb is populated by the background print process, based on
the latest printcap values retrieved from the printing backend (e.g.
CUPS) at regular intervals.
This change ensures that per-client smbd processes don't reparse
printer_list.tdb if it hasn't been updated since the last enumeration.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10652
Suggested-by: Volker Lendecke <vl@samba.org>
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
a2182e03a061de6c1f111ce083cb5f668fe75e4e)
David Disseldorp [Wed, 23 Jul 2014 10:12:34 +0000 (12:12 +0200)]
printing: return last change time with pcap_cache_loaded()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10652
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
30ce835670a6aeca6fb960ea7c4fe1b982bdd5b0)
[ddiss@samba.org: rebasead for 4.0 with swat]
David Disseldorp [Fri, 25 Jul 2014 10:18:54 +0000 (12:18 +0200)]
printing: remove pcap_cache_add()
All print list updates are now done via pcap_cache_replace(), which can
call into the print_list code directly.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10652
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
6d75e20ca8acf1a55838694ac77940e21e9a1e6a)
David Disseldorp [Tue, 22 Jul 2014 18:17:38 +0000 (20:17 +0200)]
printing: reload printer_list.tdb from in memory list
This will allow in future for a single atomic printer_list.tdb update.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10652
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
e5e6e2c796f026ee6b04f99b327941d57b9bd026)
David Disseldorp [Fri, 11 Jul 2014 15:00:05 +0000 (17:00 +0200)]
printing: only reload printer shares on client enum
Currently, automatic printer share updates are handled in the following
way:
- Background printer process (BPP) forked on startup
- Parent smbd and per-client children await MSG_PRINTER_PCAP messages
- BPP periodically polls the printing backend for printcap data
- printcap data written to printer_list.tdb
- MSG_PRINTER_PCAP sent to all smbd processes following update
- smbd processes all read the latest printer_list.tdb data, and update
their share listings
This procedure is not scalable, as all smbd processes hit
printer_list.tdb in parallel, resulting in a large spike in CPU usage.
This change sees smbd processes only update their printer share lists
only when a client asks for this information, e.g. via NetShareEnum or
EnumPrinters.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10652
Suggested-by: Volker Lendecke <vl@samba.org>
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
4f4501ac1f35ab15f25d207c0d33e7c4d1abdf38)
David Disseldorp [Wed, 9 Jul 2014 22:18:10 +0000 (00:18 +0200)]
printing: traverse_read the printer list for share updates
The printcap update procedure involves the background printer process
obtaining the printcap information from the printing backend, writing
this to printer_list.tdb, and then notifying all smbd processes of the
new list. The processes then all attempt to simultaneously traverse
printer_list.tdb, in order to update their local share lists.
With a large number of printers, and a large number of per-client smbd
processes, this traversal results in significant lock contention, mostly
due to the fact that the traversal is unnecessarily done with an
exclusive (write) lock on the printer_list.tdb database.
This commit changes the share update code path to perform a read-only
traversal.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10652
Reported-by: Alex K <korobkin+samba@gmail.com>
Reported-by: Franz Pförtsch <franz.pfoertsch@brose.com>
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
1e83435eac2cef03fccb4cf69ef5e0bfbd710410)
Jeremy Allison [Tue, 10 Jun 2014 22:58:15 +0000 (15:58 -0700)]
s3: smbd : SMB2 - fix SMB2_SEARCH when searching non wildcard string with a case-canonicalized share.
We need to go through filename_convert() in order for the filename
canonicalization to be done on a non-wildcard search string (as is
done in the SMB1 findfirst code path).
Fixes Bug #10650 - "case sensitive = True" option doesn't work with "max protocol = SMB2" or higher in large directories.
https://bugzilla.samba.org/show_bug.cgi?id=10650
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Tue, 10 Jun 2014 21:41:45 +0000 (14:41 -0700)]
s3: smbd - SMB[2|3]. Ensure a \ or / can't be found anywhere in a search path, not just at the start.
Signed-off-by: Jeremy Allison <jra@samba.org>
Björn Baumbach [Thu, 27 Mar 2014 10:17:30 +0000 (11:17 +0100)]
s3: enforce a positive allocation_file_size for non-empty files (bug #10543)
Some file systems do not allocate a block for very
small files. But for non-empty file should report a
positive size.
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Apr 5 03:09:00 CEST 2014 on sn-devel-104
(cherry picked from commit
c35b31f45244a8339684c3b83a7d86eefb80e0da)
Arvid Requate [Thu, 17 Jan 2013 15:44:28 +0000 (16:44 +0100)]
passdb: fix NT_STATUS_NO_SUCH_GROUP
Share options like "force group" and "valid users = @group1"
triggered a NT_STATUS_NO_SUCH_GROUP. While the group was found in
the SAM backend, its objectclass was not retrived.
This fix also revealed a talloc access after free in the group
branch of pdb_samba_dsdb_getgrfilter.
[Bug 9570] Access failure for shares with "force group" or "valid users = @group"
https://bugzilla.samba.org/show_bug.cgi?id=9570
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>