s3:libsmb: fix smb signing for fragmented trans/trans2/nttrans requests
Before we send the secondary requests we need to remove the
old mid=>seqnum mapping and reset cli->mid and make the new
mid=>seqnum mapping "persistent".
The bug we had in cli_send_trans was this:
The first cli_send_smb() incremented cli->mid
and the secondary requests used the incremented mid,
but as cli->outbuf still had the correct mid,
we send the correct mid to the server. The real problem
was that the cli_send_smb() function stored the seqnum
under the wrong mid.
cli_send_nttrans() was totally broken and now follows the
same logic as cli_send_trans().
The good thing is that in practice the problem is unlikely to happen,
because max_xmit is large enough to avoid secondary requests.
Jeremy Allison [Thu, 19 Mar 2009 03:54:13 +0000 (20:54 -0700)]
Allow DFS client paths to work when POSIX pathnames have been
selected (we need to path in pathname /that/look/like/this).
Jeremy.
(cherry picked from commit 0c11c2deee7ab9d281df6df91b793b7f1c1764a4)
Jeremy Allison [Thu, 19 Mar 2009 02:58:01 +0000 (19:58 -0700)]
Fix bug #6196 - Unable to serve files with colons to Linux CIFS/VFS client
Looks like the pathname parsing for POSIX paths got
broken when the code for doing Windows streams parsing got added.
Jeremy.
(cherry picked from commit 985ba585207e840caa17c3d87d93ef1ba5f15cbb)
Jeremy Allison [Wed, 18 Mar 2009 21:31:01 +0000 (14:31 -0700)]
Fix bug 6195 - Migrating from 3.0.x to 3.3.x can fail to update passdb.tdb correctly.
This is a really nasty one to fix as in order to successfully update the
passdb.tdb we must do the equivalent of a tdbbackup to move to the new hash
values before we do the upgrade.
Jeremy.
(cherry picked from commit b5d794d5de872bcf757c8021c103b6b3d320b8db)
Andrew Tridgell [Tue, 10 Mar 2009 05:45:45 +0000 (16:45 +1100)]
fixed a bug in message handling for code the change notify code
The change notify code registered a separate message handler for each
tree connect. This registration uses the global messaging context.
The messaging code would consider a 2nd registration for the same
messaging type as being an 'update' of the handler, rather than a new
handler. It also would only call the first handler in the linked list
for a given message type when dispatching messages.
This patch changes the messaging code to allow for multiple
registrations of the same message type, and allow for multiple calls
to different messaging handler for one incoming message.
Jeremy Allison [Fri, 6 Mar 2009 05:02:22 +0000 (21:02 -0800)]
Now we're allowing a lower bound for auth_len, ensure we
also check for an upper one (integer wrap).
Jeremy.
(cherry picked from commit f58a6c9e08b2b44399e0333b1358522aec70bbee)
Jeremy Allison [Fri, 6 Mar 2009 01:16:54 +0000 (17:16 -0800)]
Fix bug #6161 - smbclient corrupts source path in tar mode
This was my fault. I broke the smbclient tar argument processing
in creating the string for chdir when removing pstrings.
Jeremy.
(cherry picked from commit 750f9d94b0a1208d45cc117df68042e1d83044bf)
Volker Lendecke [Thu, 5 Mar 2009 23:12:55 +0000 (15:12 -0800)]
Complete the fix for bug 6100
According to [MS-RPCE].pdf, section 2.2.2.11:
----
A client or a server that (during composing of a PDU) has allocated more space
for the authentication token than the security provider fills in SHOULD fill in
the rest of the allocated space with zero octets. These zero octets are still
considered to belong to the authentication token part of the PDU.<36>
----
RPC implementations are allowed to send padding bytes at the end of an auth
footer. Windows 7 makes use of this.
Steven Danneman [Fri, 27 Feb 2009 16:35:18 +0000 (08:35 -0800)]
s3: fix guest auth when winbindd is running
This fix is very subtle. If a server is configured with "security = share"
and "guest ok = yes" and winbindd is running authorization will fail during
tree connect.
This is due to our inability to map the guest sid S-1-5-21-X-501 to a uid
through sid_to_uid(). Winbindd is unaware of the hard coded mapping
between this sid and whatever uid the name in lp_guestaccount() is assigned.
So sid_to_uid() fails and we exit create_token_from_username() without
ever calling pdb_getsampwsid() which IS aware of the hard coded mapping.
This patch just reorganizes the code, moving sid_to_uid() down to the
block of code in which it is needed, avoiding this early failure.
(cherry picked from commit 671812696217fe1337562b661d5131be79797f1c)
Jeremy Allison [Wed, 25 Feb 2009 22:55:19 +0000 (14:55 -0800)]
Fix more POSIX path lstat calls. Fix bug where close can return
failure if we have a pending modtime and the containing directory
of the file has been renamed (there is no POSIX "update time by
fd" call). This can't happen on Windows as the rename will fail
if there are open files beneath it. Will add a torture test
for this.
Jeremy.
(cherry picked from commit 5fb3b5e903c08013074ba473399ddee30f6c328f)
Jeremy Allison [Wed, 25 Feb 2009 01:59:19 +0000 (17:59 -0800)]
Allow set attributes on a stream fnum to be redirected to the base filename.
Fixes the new RAW-STREAMS torture test.
Jeremy.
(cherry picked from commit 73d0c3143eedb5a9fd4d154aaf42d20ba6a19a1f)
Steve French [Tue, 24 Feb 2009 23:10:19 +0000 (17:10 -0600)]
Fix guest mounts
guest session setup, login (user id) as anonymous.
This patch is for samba bugzilla bug 4640.
Signed-off-by: Shirish Pargaonkar <shirishp@us.ibm.com> Acked-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@samba.org>
(cherry picked from commit 5e6b019d70fef2ad082fc414053c131294bdeb49)
Jeremy Allison [Fri, 20 Feb 2009 16:25:29 +0000 (08:25 -0800)]
Fix bug #6133 - Cannot delete non-ACL files on Solaris/ZFS/NFSv4 ACL filesystem.
As the NFSv4 ACL mapping code doesn't map write directory into the DELETE_CHILD
permission bit (which we require before allowing a delete) no one can delete
files without an explicit DELETE_CHILD bit set on the directory. Add this mapping.
Jeremy.
(cherry picked from commit 44e0e830c4c413054bdb30a62629993c4391c492)
Jeremy Allison [Thu, 19 Feb 2009 19:55:56 +0000 (11:55 -0800)]
Backport the semantics of when to delete alternate data streams on a file truncate.
Needed to fully support stream semantics.
Jeremy.
(cherry picked from commit cdcb9bbf47396a7213edafeabb009920bb4e16b7)
Volker Lendecke [Thu, 19 Feb 2009 13:16:44 +0000 (14:16 +0100)]
Fix a buffer handling bug when adding lots of registry keys
This is *ancient*... From 2002, and nobody noticed until someone added lots of
shares using net conf... :-)
(cherry picked from commit 36ae846d15027df5e3a02ffabb08183dad9f6517)
Jeremy Allison [Tue, 17 Feb 2009 23:55:23 +0000 (15:55 -0800)]
Don't miss an absolute pathname as a kerberos keytab path. From Glenn Machin <gmachin@sandia.gov>.
Jeremy.
(cherry picked from commit 9974c09608d61244133eea8615c37184b0cac57b)
Jeremy Allison [Mon, 16 Feb 2009 02:18:21 +0000 (18:18 -0800)]
Attempt to fix bug #6099. According to Microsoft
Windows 7 looks at the negotiate_flags
returned in this structure *even if the
call fails with access denied ! So in order
to allow Win7 to connect to a Samba NT style
PDC we set the flags before we know if it's
an error or not.
Jeremy.
(cherry picked from commit eb82149dc7f6bbcca85e8ef97f3e23952b438770)
Holger Hetterich [Sat, 14 Feb 2009 01:30:22 +0000 (17:30 -0800)]
Enable total anonymization in vfs_smb_traffic_analyzer, by mapping
any user names to the one given by anonymize_prefix, without
generating a hash number. This setting is optional and is compatible
with the module configuration format of Samba 3.3.
(cherry picked from commit 4b17cca0557a086c5722c221a6e282bad4a2b40a)
Jeremy Allison [Sat, 14 Feb 2009 00:06:29 +0000 (16:06 -0800)]
Parameterize in local.h the MAX_RPC_DATA_SIZE, and ensure
that "offered" read from the rpc packet in spoolss is under
that size. Tidyup from analysis from Veracode.
Jeremy.
(cherry picked from commit 3ac4c42e1e5be2f25ef4602efa2ac360d8b603ce)
Volker Lendecke [Fri, 13 Feb 2009 17:53:56 +0000 (09:53 -0800)]
Fix Coverity ID 744
This was marked as a resource leak. This change makes the code a bit clearer
that we always free error_string.
(cherry picked from commit b03d45e6783e2706bd5d9c98a88ac07933e3adeb)
Yasuma Takeda [Wed, 11 Feb 2009 22:23:29 +0000 (14:23 -0800)]
Fix bug #6098 - When the DNS server is invalid, the ads_find_dc() does not work correctly with "security = domain"
1. If DNS server is invalid, the get_sorted_dc_list() is called with
realm(FQDN) and it fails.
2. On the next step, the get_sorted_dc_list() is called with realm(FQDN) again.
I think "again" is wrong place.
On the 2nd step, get_sorted_dc_list() should be called with realm(WORKGROUP).
(cherry picked from commit 2f3eafae83d036c5b35e5d7d11be6e29aaab7533)
Michael Adam [Tue, 10 Feb 2009 17:54:16 +0000 (18:54 +0100)]
packaging: add script fill-templates
This is a standalone-wrapper for update-pkginfo, which is
usually called from create-tarball. It basically repeats
some functionality of create-tarball.
Jeff Layton [Fri, 6 Feb 2009 13:32:40 +0000 (08:32 -0500)]
mount.cifs: initialize rc to 0 in main
The value of rc in main() isn't initialized in the declaration. This
wasn't a problem before, but Shirish's fakemount patch can make it so
that we return the uninitialized variable if the -n flag is used.
Have nmbd check all available interfaces for WINS before failing
When nmbd is acting as WINS, it picks the first interface's IP as WINS
server's IP. If the first interface's IP is zero, we will just quit
(even though we might have other interfaces with valid IPs).
This patch makes nmbd look at all interfaces and pick the first interface
with a valid IP as the WINS server's IP.
(cherry picked from commit de24718cbc55fa4b16a0370d335005f789e924f7)
Ted Percival [Tue, 3 Feb 2009 22:10:20 +0000 (14:10 -0800)]
Probably fixes a crash during name resolution when log level >= 10
and libc segfaults if printf is passed NULL for a "%s" arg
(eg. Solaris).
(cherry picked from commit 268be70cecd5025b0512372cff572095be763af1)
projects / thirdparty / samba.git / log
