Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Sep 4 17:09:17 CEST 2014 on sn-devel-104
(cherry picked from commit 6d2f56dbaf84203b351f33179cc3feaf557e0683) Signed-off-by: Andreas Schneider <asn@samba.org>
Autobuild-User(v4-0-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-0-test): Thu Sep 11 22:02:42 CEST 2014 on sn-devel-104
Jeremy Allison [Wed, 3 Sep 2014 14:54:51 +0000 (07:54 -0700)]
s3: smbd: vfs_dirsort module.
Fix an off-by-one check that would cause seekdir to
seek off the end of the cached array.
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ronnie Sahlberg <ronniesahlberg.gmail.com>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Sep 3 19:59:54 CEST 2014 on sn-devel-104
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10794
vfs_dirsort has an off-by-one error that can cause uninitialized memory read
Jeremy Allison [Fri, 25 Jul 2014 19:46:46 +0000 (12:46 -0700)]
s3: winbindd: On new client connect, prune idle or hung connections older than "winbind request timeout"
Bug 3204 winbindd: Exceeding 200 client connections, no idle connection found
https://bugzilla.samba.org/show_bug.cgi?id=3204
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ira Cooper <ira@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jul 29 23:31:14 CEST 2014 on sn-devel-104
Jeremy Allison [Tue, 29 Jul 2014 21:53:11 +0000 (14:53 -0700)]
s3: winbindd: Add new parameter "winbind request timeout" set to 60 seconds with man page.
"This parameter specifies the number of seconds the winbindd
daemon will wait before disconnecting either a client connection
with no outstanding requests (idle) or a client connection with a
request that has remained outstanding (hung) for longer than this
number of seconds."
Bug 3204 winbindd: Exceeding 200 client connections, no idle connection found
https://bugzilla.samba.org/show_bug.cgi?id=3204
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ira Cooper <ira@samba.org>
Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Aug 28 04:22:37 CEST 2014 on sn-devel-104
Volker Lendecke [Tue, 19 Aug 2014 14:32:15 +0000 (14:32 +0000)]
smbd: Properly initialize mangle_hash
[Bug 10782] mangle_hash() can fail to initialize charset (smbd crash).
https://bugzilla.samba.org/show_bug.cgi?id=10782
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Aug 26 01:30:38 CEST 2014 on sn-devel-104
Roel van Meer [Fri, 22 Aug 2014 13:11:04 +0000 (15:11 +0200)]
Don't discard result of checking grouptype
The pdb_samba_dsdb_getgrfilter() function first determines the security type
of a group and sets map->sid_name_use accordingly. A little later, this
variable is set again, undoing the previous work.
https://bugzilla.samba.org/show_bug.cgi?id=10777
Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Simo Sorce <idra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Aug 23 02:48:52 CEST 2014 on sn-devel-104
Signed-off-by: Marc Muehlfeld <mmuehlfeld@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Thu Aug 7 00:52:42 CEST 2014 on sn-devel-104
Signed-off-by: Shirish Pargaonkar <spargaonkar@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Fri Aug 1 16:11:43 CEST 2014 on sn-devel-104
The printer share inventory should be reloaded on open _and_
enumeration, as there are some clients, such as cupsaddsmb, that do not
perform an enumeration prior to access.
Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Aug 8 16:33:50 CEST 2014 on sn-devel-104
All printer inventory updates are currently done via
delete_and_reload_printers(), which handles registry.tdb updates for
added or removed printers, AD printer unpublishing on removal, as well
as share service creation and deletion.
This change splits this functionality into two functions such that
per-client smbd processes do not perform registry.tdb updates or printer
unpublishing. This is now only performed by the process that performs
the printcap cache update.
Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 2706af4d78fc9a47a4ac45b373edf276e3a9b354)
Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 2685df1177ffd39b1af34eb116bd7b24d4b12974)
David Disseldorp [Wed, 23 Jul 2014 12:42:00 +0000 (14:42 +0200)]
smbd: only reprocess printer_list.tdb if it changed
The per-client smbd printer share inventory is currently updated from
printer_list.tdb when a client enumerates printers, via EnumPrinters or
NetShareEnum.
printer_list.tdb is populated by the background print process, based on
the latest printcap values retrieved from the printing backend (e.g.
CUPS) at regular intervals.
This change ensures that per-client smbd processes don't reparse
printer_list.tdb if it hasn't been updated since the last enumeration.
Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 30ce835670a6aeca6fb960ea7c4fe1b982bdd5b0)
[ddiss@samba.org: rebasead for 4.0 with swat]
Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 6d75e20ca8acf1a55838694ac77940e21e9a1e6a)
Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit e5e6e2c796f026ee6b04f99b327941d57b9bd026)
David Disseldorp [Fri, 11 Jul 2014 15:00:05 +0000 (17:00 +0200)]
printing: only reload printer shares on client enum
Currently, automatic printer share updates are handled in the following
way:
- Background printer process (BPP) forked on startup
- Parent smbd and per-client children await MSG_PRINTER_PCAP messages
- BPP periodically polls the printing backend for printcap data
- printcap data written to printer_list.tdb
- MSG_PRINTER_PCAP sent to all smbd processes following update
- smbd processes all read the latest printer_list.tdb data, and update
their share listings
This procedure is not scalable, as all smbd processes hit
printer_list.tdb in parallel, resulting in a large spike in CPU usage.
This change sees smbd processes only update their printer share lists
only when a client asks for this information, e.g. via NetShareEnum or
EnumPrinters.
printing: traverse_read the printer list for share updates
The printcap update procedure involves the background printer process
obtaining the printcap information from the printing backend, writing
this to printer_list.tdb, and then notifying all smbd processes of the
new list. The processes then all attempt to simultaneously traverse
printer_list.tdb, in order to update their local share lists.
With a large number of printers, and a large number of per-client smbd
processes, this traversal results in significant lock contention, mostly
due to the fact that the traversal is unnecessarily done with an
exclusive (write) lock on the printer_list.tdb database.
This commit changes the share update code path to perform a read-only
traversal.
Reported-by: Alex K <korobkin+samba@gmail.com> Reported-by: Franz Pförtsch <franz.pfoertsch@brose.com> Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 1e83435eac2cef03fccb4cf69ef5e0bfbd710410)
Jeremy Allison [Tue, 10 Jun 2014 22:58:15 +0000 (15:58 -0700)]
s3: smbd : SMB2 - fix SMB2_SEARCH when searching non wildcard string with a case-canonicalized share.
We need to go through filename_convert() in order for the filename
canonicalization to be done on a non-wildcard search string (as is
done in the SMB1 findfirst code path).
Fixes Bug #10650 - "case sensitive = True" option doesn't work with "max protocol = SMB2" or higher in large directories.
Björn Baumbach [Thu, 27 Mar 2014 10:17:30 +0000 (11:17 +0100)]
s3: enforce a positive allocation_file_size for non-empty files (bug #10543)
Some file systems do not allocate a block for very
small files. But for non-empty file should report a
positive size.
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Björn Baumbach <bb@sernet.de> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Apr 5 03:09:00 CEST 2014 on sn-devel-104
Arvid Requate [Thu, 17 Jan 2013 15:44:28 +0000 (16:44 +0100)]
passdb: fix NT_STATUS_NO_SUCH_GROUP
Share options like "force group" and "valid users = @group1"
triggered a NT_STATUS_NO_SUCH_GROUP. While the group was found in
the SAM backend, its objectclass was not retrived.
This fix also revealed a talloc access after free in the group
branch of pdb_samba_dsdb_getgrfilter.
[Bug 9570] Access failure for shares with "force group" or "valid users = @group"
https://bugzilla.samba.org/show_bug.cgi?id=9570
Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Ross Lagerwall [Thu, 21 Aug 2014 06:32:36 +0000 (07:32 +0100)]
s3:libsmb: Set a max charge for SMB2 connections
Set a max charge for SMB2 connections so that larger request sizes can
be used and more requests can be in flight.
Signed-off-by: Ross Lagerwall <rosslagerwall@gmail.com> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Aug 21 17:31:11 CEST 2014 on sn-devel-104
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10778
libsmbclient with SMB2 doesn't pipeline or use large blocks
Jeremy Allison [Thu, 21 Aug 2014 23:28:42 +0000 (16:28 -0700)]
s3: smbd: POSIX ACLs. Remove incorrect check for SECINFO_PROTECTED_DACL in incoming security_information flags in posix_get_nt_acl_common().
Tidy-up of code obsoleted by fixes for bug #10773 (SECINFO_PROTECTED_DACL is not ignored).
We now never pass SECINFO_PROTECTED_DACL in security_information flags to this layer.
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Aug 22 11:26:57 CEST 2014 on sn-devel-104
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Aug 22 02:52:50 CEST 2014 on sn-devel-104
s3:smbd: mask security_information input values with SMB_SUPPORTED_SECINFO_FLAGS
Sometimes Windows clients doesn't filter SECINFO_[UN]PROTECTED_[D|S]ACL flags
before sending the security_information to the server.
security_information = SECINFO_PROTECTED_DACL| SECINFO_DACL
results in a NULL dacl being returned from an GetSecurityDecriptor
request. This happens because posix_get_nt_acl_common()
has the following logic:
I'm not sure if the logic is correct or wrong in this place (I guess it's
wrong...).
But what I know is that the SMB server should filter the given
security_information flags before passing to the filesystem.
[MS-SMB2] 3.3.5.20.3 Handling SMB2_0_INFO_SECURITY
...
The server MUST ignore any flag value in the AdditionalInformation field that
is not specified in section 2.2.37.
Har Gagan Sahai [Wed, 6 Aug 2014 09:02:35 +0000 (14:32 +0530)]
Fixed a memory leak in cli_set_mntpoint().
Fixes bug #10759 - Memory leak in libsmbclient in cli_set_mntpoint function
https://bugzilla.samba.org/show_bug.cgi?id=10759
Signed-off-by: Har Gagan Sahai <SHarGagan@novell.com> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Aug 13 04:36:50 CEST 2014 on sn-devel-104
Michael Adam [Mon, 18 Aug 2014 09:42:27 +0000 (11:42 +0200)]
build: fix configure to honour --without-dmapi
Previously, --without-dmapi would still autodetect and link a useable dmapi
library. This change allows to build without dmapi support even when a dmapi
library is found.
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 2afacf940f21759c08bcc4a6e906428595966a19)
Daniel Kobras [Mon, 21 Jul 2014 08:47:53 +0000 (10:47 +0200)]
sys_poll_intr: fix timeout arithmetic
Callers of sys_poll_intr() assume timeout to be in milliseconds like
poll(2) expects, but implementation used nanosecond units. Also make
sure timeout doesn't become infinite by mistake during time arithmetic.
Signed-off-by: Daniel Kobras <d.kobras@science-computing.de> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10731
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jul 22 00:12:24 CEST 2014 on sn-devel-104
Jeremy Allison [Wed, 30 Jul 2014 16:58:47 +0000 (09:58 -0700)]
lib: tevent: make TEVENT_SIG_INCREMENT atomic.
On arm platforms incrementing a variable is not
an atomic operation, so may be interrupted by
signal processing (if a signal interrupts another
signal handler).
Use compiler built-ins to make this atomic.
__sync_fetch_and_add() works on gcc, llvm,
IBM xlC on AIX, and Intel icc (10.1 and
above).
atomic_add_32() works on Oracle Solaris.
Based on an inital patch from kamei@osstech.co.jp.
Bug #10640 - smbd is not responding - tevent_common_signal_handler() increments non-atomic variables
Jeremy Allison [Thu, 26 Jun 2014 19:08:46 +0000 (12:08 -0700)]
s3: SMB2 : Fix leak of blocking lock records in the database.
Based on a fix from Hemanth Thummala <hemanth.thummala@gmail.com>
Bug #10673 - Increasing response times for byte range unlock requests.
The previous refactoring makes it obvious we need to call
remove_pending_lock() in all places where we are returning
from the SMB2 blocking lock call.
https://bugzilla.samba.org/show_bug.cgi?id=10673
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ira Cooper <ira@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Jun 30 14:59:16 CEST 2014 on sn-devel-104
Jeremy Allison [Thu, 26 Jun 2014 19:01:56 +0000 (12:01 -0700)]
s3: smb2: Simplify logic in reprocess_blocked_smb2_lock().
SMB2 blocking locks can only have one lock per request, so
there can never be any other locks to wait for.
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ira Cooper <ira@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit 1a02a1e6aa15c028a848585d66cecbbdda8015b3)
Jeremy Allison [Thu, 26 Jun 2014 00:10:45 +0000 (17:10 -0700)]
s3: smb2: Remove unused code from remove_pending_lock().
SMB2 blocking locks can only have one lock per request, so
there can never be any previous locks to remove.
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ira Cooper <ira@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit 508c09c6a019458bb0290fbf284e73c24feddb0e)
selftest: teardown the environments also on getting SIGPIPE
make test uses
selftest.pl | subuntu-filter.py ...
FAIL_IMMEDIATELY=1 lets subuntu-filter.py exit,
which generates SIGPIPE in selftest.pl.
We should handle this just like any other signal
and teardown all environments.
This should make the teardown process more reliable/verbose.
Pair-Programmed-With: Michael Adam <obnox@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Michael Adam <obnox@samba.org>
(cherry picked from commit b2803950fc439017680069813fc49255a3f0cbbf)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10696
backport autobuild/selftest fixes from master
Autobuild-User(v4-0-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-0-test): Tue Jul 15 14:34:31 CEST 2014 on sn-devel-104
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jul 11 22:57:17 CEST 2014 on sn-devel-104
Jeremy Allison [Thu, 3 Jul 2014 03:51:24 +0000 (20:51 -0700)]
s3: smbd: Locking - re-add pending lock records if we fail to acquire a lock (and the lock hasn't timed out).
Keep the blocking lock record and the pending lock records consistent
if we are dealing with multiple blocking lock requests in one SMB1 LockingX
request.
Ensure we re-add the records under the record lock, to avoid race
conditions.
Bug #10684 - SMB1 blocking locks can fail notification on unlock, causing client timeout.
https://bugzilla.samba.org/show_bug.cgi?id=10684
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE>
(cherry picked from commit 954401f8b2b16b3e2ef9655e8ce94d657becce36)
selftest/subunithelper.py: correctly pass testsuite-uxsuccess to end_testsuite()
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Mar 13 23:49:36 CET 2014 on sn-devel-104
selftest/subunithelper.py: correctly handle fail_immediately in end_testsuite of FilterOps
This way --fail-immediately also works if a command segfaults.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit fee156f5b9235b5f766cb773433ddb7d0ccd98a1)
selftest/subunithelper.py: correctly handle unexpected success in FilterOps
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 14246953b2e91578e5f51faedfdf31926a5b1950)
This makes sure the current user will be the committer.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit ab9f02193188af8e482052ee6b55c30aac2c8340)
Volker Lendecke [Tue, 10 Jun 2014 14:21:07 +0000 (14:21 +0000)]
msg_channel: Fix a 100% CPU loop
In a ctdb setup, msg_read_got_ctdb did not set channel->pending_req to
NULL. In smbXsrv_session_close_loop in any error condition this leads to
a 100% loop. smbXsrv_session_close_loop continously retries, but because
close_channel->pending_req is != NULL, msg_read_send will always return
EBUSY, making smbXsrv_session_close_loop retry infinitely.
This patch makes sure that msg_read_got_ctdb correctly NULLs out pending_req.
msg_channel.c does not exist in master anymore, so this patch is 4.1 only.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10663
100% smbd cpu loop in ctdb setups
Karolin Seeger [Sun, 22 Jun 2014 15:03:05 +0000 (17:03 +0200)]
VERSION: Disable git snapshot for the 4.0.19 release.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10633
CVE-2014-0244: nmbd denial of service
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10654
CVE-2014-3493: Segmentation fault in smbd_marshall_dir_entry()'s
SMB_FIND_FILE_UNIX handler because push_ascii() has returned(uint32_t)-1
via srvstr_push(), incrementing p by 4GB
Karolin Seeger [Sun, 22 Jun 2014 15:01:56 +0000 (17:01 +0200)]
WHATSNEW: Add release notes for Samba 4.0.19.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10633
CVE-2014-0244: nmbd denial of service
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10654
CVE-2014-3493: Segmentation fault in smbd_marshall_dir_entry()'s
SMB_FIND_FILE_UNIX handler because push_ascii() has returned(uint32_t)-1
via srvstr_push(), incrementing p by 4GB
Andrew Bartlett [Fri, 28 Mar 2014 03:30:28 +0000 (16:30 +1300)]
winbindd: Ensure we do not look at rid_array before checking if it was returned
We no longer return early if there are no members, we just return an empty array.
Fixes bug #10627 - rid_array used before status checked - segmentation fault due to null pointer dereference
https://bugzilla.samba.org/show_bug.cgi?id=10627
Change-Id: I7b0949e0c0b9277426a8007514a8658615f6c709 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(v4-0-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-0-test): Wed Jun 11 11:40:38 CEST 2014 on sn-devel-104
Reported-by: Franz Pförtsch <franz.pfoertsch@brose.com> Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit efb4684a3fc0b32a71eab013000f730e6b144a67)
Autobuild-User(v4-0-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-0-test): Tue Jun 3 10:53:33 CEST 2014 on sn-devel-104
Jeremy Allison [Wed, 21 May 2014 18:57:16 +0000 (11:57 -0700)]
s3: smb2: Move from using SBVAL to put NTTIMEs on the wire to put_long_date_timespec.
put_long_date_timespec() correctly calls round_timespec()
on the time parameters, and is the correct function to
use when writing *any* file-based NTTIME on the wire.
Move from using NTTIME variables internally
in the server to struct timespec variables, which is
what all the other server code uses. Only map to
NTTIME as the last step of marshalling the output
data.
The previous SMB2 create code missed the round_timespec()
call before marshalling.
Bug 3124 - xcopy /d with samba shares works not as aspected
https://bugzilla.samba.org/show_bug.cgi?id=3124
which is a regression from a long-ago bug with
SMB1.
Jeremy Allison [Wed, 21 May 2014 18:31:44 +0000 (11:31 -0700)]
s3: smb2: Move from using SBVAL to put NTTIMEs on the wire to put_long_date_timespec.
put_long_date_timespec() correctly calls round_timespec()
on the time parameters, and is the correct function to
use when writing *any* file-based NTTIME on the wire.
The smb2_close() code being modified already did this by
hand, and so this doesn't change any of the functionality, only
makes the SMB2 code match all of the other server
code in Samba. Move from using NTTIME variables internally
in the server to struct timespec variables, which is
what all the other server code uses. Only map to
NTTIME as the last step of marshalling the output
data.
Not following the put_long_date_timespec()
convention in the SMB2 create code caused the
round_timespec() step to have been missed in
that code - thus bug:
Bug 3124 - xcopy /d with samba shares works not as aspected
https://bugzilla.samba.org/show_bug.cgi?id=3124
which is a regression from a long-ago bug with
SMB1.
Kai Blin [Tue, 13 May 2014 06:13:29 +0000 (08:13 +0200)]
bug #10609: CVE-2014-0239 Don't reply to replies
Due to insufficient input checking, the DNS server will reply to a packet that
has the "reply" bit set. Over UDP, this allows to send a packet with a spoofed
sender address and have two servers DOS each other with circular replies.
This patch fixes bug #10609 and adds a test to make sure we don't regress.
CVE-2014-2039 has been assigned to this issue.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10609
Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Kai Blin <kai@samba.org>
Autobuild-Date(master): Tue May 20 04:15:44 CEST 2014 on sn-devel-104
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Sat May 10 01:37:33 CEST 2014 on sn-devel-104
(cherry picked from commit cf75ef9f73f2cdbf2a039bbc9468f5da6a14834e)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit d18ee9e4b6f4c9a24b555c111e08396012c1755a)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 2637890ef42a238093f0f3cbdda0d621d5f9b2e2)
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu May 8 13:55:50 CEST 2014 on sn-devel-104
(cherry picked from commit 0ba276ebad57d75a769e22414f94acbe8c177d97)
FSCTL_GET_SHADOW_COPY_DATA: Don't return 4 extra bytes at end
labels_data_count already accounts for the unicode null character at the
end of the array. There is no need in adding space for it again.
Signed-off-by: Christof Schmitt <christof.schmitt@us.ibm.com> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Simo Sorce <idra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Aug 6 04:03:17 CEST 2013 on sn-devel-104
projects / thirdparty / samba.git / log
