Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 3694f2ce6205a647eb5dab2115785fb45decaf0b)
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jul 21 06:16:30 UTC 2023 on atb-devel-224
RN: post-exec password redaction for samba-tool is more reliable for
fully random passwords as it no longer uses regular expressions
containing the password value itself.
Autobuild-User(v4-18-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-18-test): Fri Aug 4 08:05:00 UTC 2023 on atb-devel-224
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
(cherry picked from commit 414b3803bb6a1b12c44b52ab1ff64a8b7f61fd03)
Andrew Bartlett [Fri, 21 Jul 2023 01:30:39 +0000 (13:30 +1200)]
samba-tool: Use samba.glue.get_burnt_cmdline rather than regex
This use avoids having two different methods to match on command-line
passwords. We already have a dependency on the setproctitle python
module, and this does not change as the (C) libbsd setproctitle()
can't be run from within a python module.
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
(cherry picked from commit a53ebc288f47329c997d52325eeeb5e91ce43b75)
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
(cherry picked from commit 3f9e455898554b726bf1689f743b2d9cb6b59537)
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
(cherry picked from commit 5afd206d1d8f0344a2f1fa7a238204d1fb164eda)
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
(cherry picked from commit fd81759e2ed44cac3bc67243a39256f953969103)
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
(cherry picked from commit 848fea1a01a4ddc1598150823d5d0784d3ef0be4)
Noel Power [Thu, 27 Jul 2023 12:26:21 +0000 (13:26 +0100)]
s3/modules: Fix DFS links when widelinks = yes
In openat(), even if we fail to open the file,
propagate stat if and only if the object is a link in
a DFS share. This allows calling code to further process
the link.
Also remove knownfail
Pair-Programmed-With: Jeremy Alison <jra@samba.org>
Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Jul 29 00:43:52 UTC 2023 on atb-devel-224
Noel Power [Thu, 27 Jul 2023 16:36:29 +0000 (17:36 +0100)]
s3/modules: Add flag indicating if connected share is a dfs share
Not used yet, will be used in the next commit to avoid testing
if the connected share is a dfs one.
Pair-Programmed-With: Jeremy Alison <jra@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15435
Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 2668dcd0968133cca4f8410bf8c41ed0483f5d87)
Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 3d2e9db8b95f9f45d486f8272e53584975f177fa)
Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit b57cdfd7efb161cf96b3a39dc7a1652db817e602)
Andrew Bartlett [Thu, 27 Jul 2023 05:18:45 +0000 (17:18 +1200)]
dsdb: Use samdb_system_container_dn() in pdb_samba_dsdb_*()
This makes more calls to add children, but avoids the cn=system string in the
codebase which makes it easier to audit that this is always being built
correctly.
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Jul 31 07:20:21 UTC 2023 on atb-devel-224
RN: A second container with name CN=System would disable the operation
of the Samba AD DC. Samba now finds the CN=System container by exact
DN and not a search.
Autobuild-User(v4-18-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-18-test): Tue Aug 1 10:57:04 UTC 2023 on atb-devel-224
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 4250d07e4dcd43bf7450b1ae603ff46fdc892d02)
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 9b4f3f3cb4ed17bb233d3b5ccd191be63f01f3f4)
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 13eed1e0e7d0bdef6b5cdb6b858f124b812adbea)
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit a900f6aa5d909d912ee3ca529baa4047c9c4da87)
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 4e18066fa243da1c505f782ba87187c3bb1078ee)
Andrew Bartlett [Thu, 27 Jul 2023 04:44:10 +0000 (16:44 +1200)]
dsdb: Use samdb_get_system_container_dn() to get Password Settings Container
By doing this we use the common samdb_get_system_container_dn() routine and we
avoid doing a linerize and parse step on the main DN, instead using the
already stored parse of the DN. This is more hygenic.
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 3669caa97f76d3e893ac6a1ab88341057929ee6a)
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 97b682e0eb0450513dcecb74be672e18e84fe7a2)
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 25b0e1102e1a502152d2695aeddf7c65555b16fb)
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jul 26 23:42:44 UTC 2023 on atb-devel-224
Ralph Boehme [Wed, 17 May 2023 14:38:39 +0000 (16:38 +0200)]
mdssvc: fix date marshalling
Did this ever work? Possible just copied over from Netatalk and was always
broken... The Mac client expects the timevalue as seconds relative to
2001-01-01 00:00:00 UTC, packed as IEEE float.
Ralph Boehme [Thu, 20 Apr 2023 15:27:20 +0000 (17:27 +0200)]
mdssvc: reduce pagesize to 50
Lastest macOS queries additional file metadata per search result, which causes
the mashalled paged result set including metadata to exceed the 64 KB result
fragment buffer.
Lacking fragementation support in mdssvc (it's supported by the protocol), for
now just reduce the maximum number of results per search page.
Ralph Boehme [Thu, 20 Apr 2023 15:24:30 +0000 (17:24 +0200)]
mdssvc: add and use SL_PAGESIZE
SL_PAGESIZE is the number of entries we want to process per paged search result
set. This is different from MAX_SL_RESULTS which ought to be a default maximum
value for total number of results returned for a search query.
Ralph Boehme [Thu, 23 Mar 2023 15:39:11 +0000 (16:39 +0100)]
mdssvc: fix long running backend queries
If a query is still running in the backend and we have no results yet, returning
0 triggers a search termination by the client in latest macOS releases. macOS
returns 0x23 in this case.
Ralph Boehme [Wed, 19 Apr 2023 12:38:45 +0000 (14:38 +0200)]
mdssvc: set query state for continued queries to SLQ_STATE_RUNNING
SLQ_STATE_RESULTS implies that there are already results attached to the slq
which is not the case. Instead the backend will start processing from where it
left off when it hits the maximum result limit and had set the state to
SLQ_STATE_FULL.
Signed-off-by: Pavel Filipenský <pfilipensky@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Pavel Filipensky <pfilipensky@samba.org>
Autobuild-Date(master): Tue Jul 25 12:08:49 UTC 2023 on atb-devel-224
Signed-off-by: Pavel Filipenský <pfilipensky@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jul 5 20:24:35 UTC 2023 on atb-devel-224
Pavel Filipenský [Fri, 23 Jun 2023 08:08:39 +0000 (10:08 +0200)]
s3:rpc_server: Initialize consumedcnt to 0 in _dfs_GetInfo()
Signed-off-by: Pavel Filipenský <pfilipensky@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 8c10f53928653d02bbb75d6ab05510e87ee97420)
Signed-off-by: Pavel Filipenský <pfilipensky@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 2af9c65f2a17ace4e1021b5c8fd6df636c904cfe)
Noel Power [Fri, 14 Jul 2023 13:53:29 +0000 (14:53 +0100)]
python/samba: Adjust tarfile extraction filter
The 'data_filter' is far too restrictive, this filter doesn't apply any
mode bits to directories which in turn will result in unexpected
directory permissions of the amongst others msg.[ls]ock directories.
With 'data_filter' and a 'patched' python at best we experience
CI failures with samba-ad-back1 & samba-ad-back2 CI jobs due to server
startup failures, at worst user/admins will need to adjust directory
permissions post backup.
Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit e401ae44b2f952fc2686065fbfb3a563e3d4066a)
Autobuild-User(v4-18-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-18-test): Mon Jul 24 10:19:13 UTC 2023 on atb-devel-224
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Jul 10 21:32:32 UTC 2023 on atb-devel-224
s3:rpc_server:netlogon: generate FAULT_INVALID_TAG for invalid netr_LogonGetCapabilities levels
This is important as Windows clients with KB5028166 seem to
call netr_LogonGetCapabilities with query_level=2 after
a call with query_level=1.
An unpatched Windows Server returns DCERPC_NCA_S_FAULT_INVALID_TAG
for query_level values other than 1.
While Samba tries to return NT_STATUS_NOT_SUPPORTED, but
later fails to marshall the response, which results
in DCERPC_FAULT_BAD_STUB_DATA instead.
Because we don't have any documentation for level 2 yet,
we just try to behave like an unpatched server and
generate DCERPC_NCA_S_FAULT_INVALID_TAG instead of
DCERPC_FAULT_BAD_STUB_DATA.
Which allows patched Windows clients to keep working
against a Samba DC.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Jul 17 07:35:09 UTC 2023 on atb-devel-224
s4:rpc_server:netlogon: generate FAULT_INVALID_TAG for invalid netr_LogonGetCapabilities levels
This is important as Windows clients with KB5028166 seem to
call netr_LogonGetCapabilities with query_level=2 after
a call with query_level=1.
An unpatched Windows Server returns DCERPC_NCA_S_FAULT_INVALID_TAG
for query_level values other than 1.
While Samba tries to return NT_STATUS_NOT_SUPPORTED, but
later fails to marshall the response, which results
in DCERPC_FAULT_BAD_STUB_DATA instead.
Because we don't have any documentation for level 2 yet,
we just try to behave like an unpatched server and
generate DCERPC_NCA_S_FAULT_INVALID_TAG instead of
DCERPC_FAULT_BAD_STUB_DATA.
Which allows patched Windows clients to keep working
against a Samba DC.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit d5f1097b6220676d56ed5fc6707acf667b704518)
s4:torture/rpc: let rpc.schannel also check netr_LogonGetCapabilities with different levels
The important change it that we expect DCERPC_NCA_S_FAULT_INVALID_TAG
for unsupported query_levels, we allow it to work with servers
with or without support for query_level=2.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 404ce08e9088968311c714e756f5d58ce2cef715)
netlogon.idl: add support for netr_LogonGetCapabilities response level 2
We don't have any documentation about this yet, but tests against
a Windows Server 2022 patched with KB5028166 revealed that
the response for query_level=2 is exactly the same as
for querey_level=1.
Until we know the reason for query_level=2 we won't
use it as client nor support it in the server, but
we want ndrdump to work.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 5f87888ed53320538cf773d64868390d8641a40e)
This was broken by commit 1f3f6e20dc086a36de52bffd0bc36e15fb19e1c6 because when
calling srv_init_signing() very early after accepting the connection in
smbd_add_connection(), conn->protocol is still PROTOCOL_NONE.
Ralph Boehme [Mon, 5 Jun 2023 16:02:20 +0000 (18:02 +0200)]
CVE-2023-34968: mdssvc: return a fake share path
Instead of returning the real server-side absolute path of shares and search
results, return a fake absolute path replacing the path of the share with the
share name, iow for a share "test" with a server-side path of "/foo/bar", we
previously returned
The next commit will change the Samba Spotlight server to return absolute paths
that start with the sharename as "/SHARENAME/..." followed by the share path
relative appended.
So given a share
[spotlight]
path = /foo/bar
spotlight = yes
and a file inside this share with a full path of
/foo/bar/dir/file
previously a search that matched this file would returns the absolute
server-side pato of the file, ie
/foo/bar/dir/file
This will be change to
/spotlight/dir/file
As currently the mdscli library and hence the mdsearch tool print out these
paths returned from the server, we have to change the output to accomodate these
fake paths. The only way to do this sensibly is by makeing the paths relative to
the containing share, so just
dir/file
in the example above.
The client learns about the share root path prefix – real server-side of fake in
the future – in an initial handshake in the "share_path" out argument of the
mdssvc_open() RPC call, so the client can use this path to convert the absolute
path to relative.
There is however an additional twist: the macOS Spotlight server prefixes this
absolute path with another prefix, typically "/System/Volumes/Data", so in the
example above the full path for the same search would be
/System/Volumes/Data/foo/bar/dir/file
So macOS does return the full server-side path too, just prefixed with an
additional path. This path prefixed can be queried by the client in the
mdssvc_cmd() RPC call with an Spotlight command of "fetchPropertiesForContext:"
and the path is returned in a dictionary with key "kMDSStorePathScopes". Samba
just returns "/" for this.
Currently the mdscli library doesn't issue this Spotlight RPC
request (fetchPropertiesForContext), so this is added in this commit. In the
end, all search result paths are stripped of the combined prefix
Ralph Boehme [Tue, 6 Jun 2023 13:17:26 +0000 (15:17 +0200)]
CVE-2023-34968: mdssvc: cache and reuse stat info in struct sl_inode_path_map
Prepare for the "path" being a fake path and not the real server-side
path where we won't be able to vfs_stat_fsp() this fake path. Luckily we already
got stat info for the object in mds_add_result() so we can just pass stat info
from there.
Ralph Boehme [Fri, 26 May 2023 13:06:38 +0000 (15:06 +0200)]
CVE-2023-34967: mdssvc: add type checking to dalloc_value_for_key()
Change the dalloc_value_for_key() function to require an additional final
argument which denotes the expected type of the value associated with a key. If
the types don't match, return NULL.
Ralph Boehme [Wed, 31 May 2023 14:26:14 +0000 (16:26 +0200)]
CVE-2023-34967: CI: add a test for type checking of dalloc_value_for_key()
Sends a maliciously crafted packet where the value in a key/value style
dictionary for the "scope" key is a simple string object whereas the server
expects an array. As the server doesn't perform type validation on the value, it
crashes when trying to use the "simple" object as a "complex" one.
s3:winbindd: let winbind_samlogon_retry_loop() fallback to NT_STATUS_NO_LOGON_SERVERS
When we were not able to get a valid response from any DC we should
report NT_STATUS_NO_LOGON_SERVERS with authoritative = 1.
This matches what windows does. In a chain of transitive
trusts the ACCESS_DENIED/authoritative=0 is not propagated,
instead NT_STATUS_NO_LOGON_SERVERS/authoritative=1 is
passed along the chain if there's no other DC is available.
s3:winbindd: make use of reset_cm_connection_on_error() in winbind_samlogon_retry_loop()
Note this is more than a simple invalidate_cm_connection() as it may set
domain->conn.netlogon_force_reauth = true, which is important in order
to recover from NT_STATUS_RPC_SEC_PKG_ERROR errors.
s3:winbindd: call reset_cm_connection_on_error() in wb_cache_query_user_list()
This is mostly for consistency, every remote call should call
reset_cm_connection_on_error(). Note this is more than
a simple invalidate_cm_connection() as it may set
domain->conn.netlogon_force_reauth = true.
s3:libads: re-initialize num_requests to 0 for cldap_ping_list retries
Commit 8132edf119757ee91070facffef016c93de9c2a6 introduced a retry loop
arround cldap_multi_netlogon(), but it forgot to reset num_requests to 0
for the retries.
Ralph Boehme [Wed, 5 Jul 2023 09:33:58 +0000 (11:33 +0200)]
smbd: call exit_server_cleanly() to avoid panicking
The parent smdb forwards SIGTERM to its process group in order to kill all
children like the scavenger. This happens from a function registered via
atexit() which means the signal forwarding is happening very briefly before the
main smbd process exits. When exiting the pipe between smbd and scavenger is
closed which triggers a file event in the scavenger.
However, due to kernel sheduling it is possible that the file descriptor event
is received before the signal, where we call exit_server() which call
smb_panic() at the end.
Change the exit to exit_server_cleanly() and just log this event at level 2
which we already do.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Jul 5 13:14:08 UTC 2023 on atb-devel-224
selftest:Samba3: use the correct NSS_WRAPPER_HOSTNAME
The value of NSS_WRAPPER_HOSTNAME needs to match value
we put into the NSS_WRAPPER_HOSTS file.
We had a mismatch of
idmapridmember.samba.example.com
vs.
idmapridmember.addom.samba.example.com
This causes getaddrinfo() in nss_wrapper to fallback to
the libc version, which talks to a dns server.
It's not clear if recent glibc code will reach resolve/socket wrapper.
So it's not unlikely that idmapridmember.samba.example.com will
be passed via the internet, which causes delays up to 20 seconds.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Apr 12 20:29:05 UTC 2023 on atb-devel-224
Douglas Bagnall [Thu, 8 Dec 2022 21:36:30 +0000 (10:36 +1300)]
pidl: avoid py compile issues with --pidl-developer
We get these warnings-as-errors:
librpc/gen_ndr/py_netlogon.c:61903:53: error: stray ‘\’ in program
61903 | PyErr_Format(PyExc_TypeError, "Expected type %s",\ //<PIDL> Parse::Pidl::Samba4::Python::ConvertObjectFromPythonData lib/Parse/Pidl/Samba4/Python.pm:2005
but the '\' is unnecessary and unconventional anyway, since we're in a
function argument list.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Feb 3 03:27:54 UTC 2023 on atb-devel-224
Jones Syue [Tue, 27 Jun 2023 09:19:59 +0000 (17:19 +0800)]
s3:utils: smbget fix a memory leak
Using smbget to download files recursively (-R).
If smbget found that a file is already existed in the destination,
smbget would said 'File exists', return early, and 'newname' allocated
memory is never freed, this is found by valgrind.
Signed-off-by: Jones Syue <jonessyue@qnap.com> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Jun 28 07:02:34 UTC 2023 on atb-devel-224
Christof Schmitt [Wed, 31 May 2023 18:13:51 +0000 (11:13 -0700)]
vfs_gpfs: Register smbd process with GPFS
Issue API call to tell the file system that this is a Samba process.
This fixed the GPFS handling of Samba since the rename of smbd processes
in commit 5955dc1e4fd.
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit d34ff44d91ba4ffad45dfa3e4ee37470498b3f2d)
Autobuild-User(v4-18-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-18-test): Fri Jun 23 13:01:17 UTC 2023 on atb-devel-224
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
(cherry picked from commit 1f74f9f366d7f107a89220a4a5951bc4daf18025)
Autobuild-User(v4-18-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-18-test): Mon Jun 19 10:29:13 UTC 2023 on atb-devel-224
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
(cherry picked from commit 431f7698e48387413aac586c7a939a1682464681)
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
(cherry picked from commit 8c90c66a9a409d807dad56822540509c9813425b)
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
(cherry picked from commit ebaa00816259cbae5c45ebf0ba5fb260b09e4695)
Noel Power [Fri, 2 Jun 2023 13:27:55 +0000 (14:27 +0100)]
s3/utils: avoid erronous NO MEMORY detection
since 5cc3c1b5f6b0289f91c01b20989558badc28fd61 if we don't have
a realm specified either on cmdline or in conf file we try to
copy (talloc_strdup) a NULL variable which triggers a NO_MEMORY
error when we check the result of the copy
Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Sun Jun 4 12:42:16 UTC 2023 on atb-devel-224
Signed-off-by: Bjoern Jacke <bjacke@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Jun 6 09:33:47 UTC 2023 on atb-devel-224
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jun 8 16:55:14 UTC 2023 on atb-devel-224
Jones Syue [Fri, 2 Jun 2023 06:40:09 +0000 (14:40 +0800)]
smbd: remove comments about deprecated 'write cache size'
The option 'write cache size' was removed since samba-4.12 version:
https://wiki.samba.org/index.php/Samba_4.12_Features_added/changed
https://git.samba.org/?p=samba.git;a=commit;h=3fea05e0
https://git.samba.org/?p=samba.git;a=commit;h=728fabea
It is supposed to remove comments about deprecated 'write cache size',
in order to avoid confusion when reading source code and documents.
Signed-off-by: Jones Syue <jonessyue@qnap.com> Reviewed-by: Ralph Boehme <slow@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Jun 2 09:48:17 UTC 2023 on atb-devel-224
Volker Lendecke [Thu, 1 Jun 2023 13:57:26 +0000 (15:57 +0200)]
libsmb: Fix directory listing against old servers
cli_list_trans_recv() can be called multiple times. When it's done, it
return NT_STATUS_OK and set *finfo to NULL. cli_list_old_recv() did
not do the NULL part, so smbclient would endlessly loop.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jun 1 21:54:42 UTC 2023 on atb-devel-224
projects / thirdparty / samba.git / log
