The last 7 patches address bug #8384 (Windows XP clients seem to crash smbd
process every once in a while).
(cherry picked from commit 8d46b29595c4da27b175b25a08b945fbeeeab3ec)
Andrew Tridgell [Mon, 8 Aug 2011 08:24:32 +0000 (18:24 +1000)]
talloc: ensure the sibling linked list remains valid during a free
This ensures that the sibling list of a pointer doesn't become invalid
during a free operation. It is an alternative fix to the fix in 6f51a1f45bf4de062cce7a562477e8140630a53d, and avoids the problem of
trying to calculate the parent pointer early
This should fix the subtle spoolss talloc bug that Simo found
Björn Baumbach [Mon, 16 May 2011 12:25:01 +0000 (14:25 +0200)]
s3-modules: Fix the build of gpfs.c on RHEL 6.0 with gpfs 3.4.0-4
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Wed May 18 11:58:14 CEST 2011 on sn-devel-104
(cherry picked from commit 192198ad70474e56d4708b65482eee976ea78a05)
Björn Jacke [Tue, 9 Aug 2011 15:02:29 +0000 (17:02 +0200)]
s3:vfs_prealloc: fix build on SLES8
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User: Björn Jacke <bj@sernet.de>
Autobuild-Date: Tue Aug 9 19:29:08 CEST 2011 on sn-devel-104
(cherry picked from commit 1e76662ae6aa77d7b6e9e8a0266fcb1a1320a7fb)
Christian Ambach [Wed, 27 Jul 2011 12:46:00 +0000 (14:46 +0200)]
s3:modules fix Bug 8330 NFSv4 ACL merging logic is broken
we should not merge ACEs with different flags (e.g. CI/OI/I/)
Otherwise ACLs get wrong entries and thus wrong semantics
Example:
ACL:BUILTIN\Users:ALLOWED/0x0/FULL
ACL:BUILTIN\Users:ALLOWED/I/READ
got merged to
ACL:BUILTIN\Users:ALLOWED/I/FULL
This is not the same and also leads to wrong displays
in the Windows ACL dialog
Autobuild-User: Christian Ambach <ambi@samba.org>
Autobuild-Date: Wed Jul 27 16:03:51 CEST 2011 on sn-devel-104
(cherry picked from commit 3c05013694c453411b78a1df884a80c8d48e7393)
Ignore fd events without EVENT_FD_READ or EVENT_FD_WRITE also in
run_events_poll(). They are ignore when building the array
for the syscall in event_add_to_poll_args(), so we need to
ignore them run_events_poll() too.
metze
Signed-off-by: Andreas Schneider <asn@samba.org>
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Tue Aug 9 10:11:54 CEST 2011 on sn-devel-104
(cherry picked from commit 020032e114c0e966acf24f24e707942219d60cf3)
s3:smb2_server: make sure we grant credits on async read/write operations (bug #8357)
Currently we skip, the "gone async" interim response on read and write,
this caused the aio code path to grant 0 credits to the client
in the read/write responses.
Björn Jacke [Thu, 4 Aug 2011 14:25:08 +0000 (16:25 +0200)]
s3/swat: use strlcat instead of strncat to fix build on old Linux distros
SLES 9's glibc for example had weird macros where the use of strncat resulted
in the use of strcat which we don't allow.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User: Björn Jacke <bj@sernet.de>
Autobuild-Date: Thu Aug 4 17:50:24 CEST 2011 on sn-devel-104
(cherry picked from commit d3b4d75364210e2d2a4a1cd806f28b0021f22909)
s3:web/swat: use strtoll() instead of atoi/atol/atoll
This is more portable, as we have a strtoll replacement
in lib/replace.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Sat Aug 6 11:55:45 CEST 2011 on sn-devel-104
(cherry picked from commit a6be0820d09b3f3eabfbb5f4356add303aa8a494)
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Tue Aug 2 22:33:15 CEST 2011 on sn-devel-104
(cherry picked from commit 5068a0d14df8cc6f1b4517c64f4356abc6606b58)
Jeremy Allison [Fri, 29 Jul 2011 18:17:03 +0000 (11:17 -0700)]
Second part of bugfix for bug #8335 - file copy aborts with smb2_validate_message_id: bad message_id
Modify the credit granting algorithm to closer to what I believe
Windows does.
Split up max_credits into 1/16ths, and then scale
the requested credits by how many 16ths have been
currently granted. Less than 1/16th == grant all
requested (100%), scale down as more have been
granted. Never ask for less than 1 if the client
asked for at least 1.
(cherry picked from commit 3e854564315a7bdc5d9837526a813b2b858e0563)
Michael Adam [Fri, 22 Jul 2011 08:11:52 +0000 (10:11 +0200)]
s3:loadparm: fix the reload of the configuration: also reload activated registry shares
Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Fri Jul 22 16:53:49 CEST 2011 on sn-devel-104
(cherry picked from commit efbe1602bd014eada4811f336bdccbf4692d3807)
Andrew Bartlett [Wed, 27 Jul 2011 02:04:26 +0000 (12:04 +1000)]
nbt: fix WinXP S3 domain join: alignment of nbt_netlogon_response_from_pdc
This fixes WinXP joining a Samba3 domain, which was broken on hosts
with an even number of characters in the host name. The alignment
requested in the structure was ignored because of the overall
NDR_NOALIGN set on the packet.
Michael Adam [Fri, 24 Jun 2011 08:15:02 +0000 (10:15 +0200)]
s3:idmap_tdb2: remove the undocumented option of the silly name "tdb:idmap2.tdb"
In ancient times, when ctdb had not support for persistent databases and
tdb2 was introduced as a two-layer solution and it was more important than
today to be able to change the location of the permanent database file
because it had to reside on shared storage.
But these were times when idmap_tdb2 was not even officially released.
Nowadays, with ctdb handling the persistent idmap2.tdb database, the path
is stripped anyways, so this undocumented option has become unnecessary
and is hence removed.
Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Wed Jul 27 05:37:57 CEST 2011 on sn-devel-104
(cherry picked from commit 3276060da4e7d495bd5cf5cbf7237e64d948ee77)
The last 10 patches address
bug #8328 (final cleanup of idmap_tdb2 code and docs needed for release).
(cherry picked from commit 742b8c3c14ec8708eb5bfe5e7960c1c93ec0096c)
Michael Adam [Tue, 7 Jun 2011 16:00:36 +0000 (18:00 +0200)]
s3:idmap_tdb2: deprecate the idmap:script parameter and use "idmap config * : script" instead
With this patch, "idmap config * : script" will override "idmap : script".
If "idmap : script" is present, a deprecation warning will be printed in any
case. If "idmap config * : script" is not set, then the value of "idmap :script"
will be used for backwards compatibility.
(cherry picked from commit b6c82f18f17cdded771d285930566c1d104686aa)
(cherry picked from commit 7812ce547973a0ad5a69c64e8e708e1b9f3a8687)
Jeremy Allison [Fri, 22 Jul 2011 23:42:51 +0000 (16:42 -0700)]
Fix bug 8314] - smbd crash with unknown user.
All other auth modules code with being called with
auth_method->private_data being NULL, make the auth_server
module cope with this too.
(cherry picked from commit e173f04a822944e96171866d9fbf43301cd611a4)
Kai Blin [Tue, 12 Jul 2011 06:08:24 +0000 (08:08 +0200)]
s3 swat: Create random nonce in CGI mode
In CGI mode, we don't get access to the user's password, which would
reduce the hash used so far to parameters an attacker can easily guess.
To work around this, read the nonce from secrets.tdb or generate one if
it's not there.
Also populate the C_user field so we can use that for token creation.
Kai Blin [Thu, 7 Jul 2011 08:03:33 +0000 (10:03 +0200)]
s3 swat: Fix possible XSS attack (bug #8289)
Nobuhiro Tsuji of NTT DATA SECURITY CORPORATION reported a possible XSS attack
against SWAT, the Samba Web Administration Tool. The attack uses reflection to
insert arbitrary content into the "change password" page.
This patch fixes the reflection issue by not printing user-specified content on
the website anymore.
and ensure they are called whenever we are operating on smb_ucs2_t
variables. I'd like to make the definition of smb_ucs2_t incompatible
with int and codepoint_t so they can't be mixed, but that's a patch
for another time.
(cherry picked from commit bdc078a81e49bce3b51560a75984e0306c387573)
s3:smb2_create: use smbd_calculate_access_mask() instead of smbd_check_open_rights()
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Mon Jul 11 22:45:01 CEST 2011 on sn-devel-104
(cherry picked from commit f5d320ac0fb74d4ad95a03969366096e9b074379)
The last 10 patches address bug #8102 (domuser can change ACL from his files
over the network).
(cherry picked from commit d43d147c9d69dd23296677f9ae998c9362771682)
s3:smb2_server: add some comments about change_to_user() and change_to_root_user()
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Fri Jul 8 13:45:46 CEST 2011 on sn-devel-104
(cherry picked from commit dbfb88aef30a755c29015bff4699eb17925a4988)
Jeremy Allison [Thu, 7 Jul 2011 21:59:41 +0000 (14:59 -0700)]
Fix bug #8293 - SMB2 doesn't rotate the log files often enough.
Move the num_requests field out of the smb1 struct into the generic
struct smbd_server_connection struct. Use it to count SMB2 requests
as well as SMB1 and ensure that check_log_size() is called every 50
SMB2 requests.
(cherry picked from commit b7dbbe1005627932ab959144002f9d41adb04328)
The last 21 patches address bug #8214 (printer driver upgrade fails, causing
smbd to exit on startup).
(cherry picked from commit 9a555e0271c333d1e33a9f2df435166aa8c6dfde)
projects / thirdparty / samba.git / log
