This commit seems to break 'make test' on my system, so reverting it for now.
(Bug report has been re-opened, see
https://bugzilla.samba.org/show_bug.cgi?id=9218
for details).
lib-addns: ensure that allocated buffer are pre set to 0 (bug #9259)
It avoid bugs when one of the buffer is supposed to contain a string
that is not null terminated (ie. label->label) and that we don't force
the last byte to 0.
(similar to commit 03c4dceaab82ca2c60c9ce0e09fddd071f98087b)
Andrew Bartlett [Thu, 1 Mar 2012 05:55:04 +0000 (16:55 +1100)]
s3-libsmb: Initialise ticket to ensure we do not invalid memory
The free is however a talloc_free(), which has additional protection against
freeing the wrong thing.
Andrew Bartlett
Signed-off-by: Jeremy Allison <jra@samba.org>
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Fri Mar 2 01:45:19 CET 2012 on sn-devel-104
(cherry picked from commit f1452a296429b79755235f4a480f0d5ea38ce178)
Karolin Seeger [Thu, 4 Oct 2012 09:43:20 +0000 (11:43 +0200)]
html docs: Remove link to Using Samba.
Thanks to Christian Perrier <bubulle@debian.org> for reporting!
Fix bug #7826 - HTML docs index file still points to Using Samba.
Karolin
Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Thu Oct 4 13:48:00 CEST 2012 on sn-devel-104
(cherry picked from commit 1bf209dd7e5a0f0001b3d1e3798093772bbd3fd3)
By the time we've gotten to init_dc_connection_network() we shouldn't
be second guessing the caller by calling winbindd_can_contact_domain().
If for some reason we do need to restrict the contact list here we
can add a condition to only contact the primary domain or domains
listed in the tdc cache, but I don't think that's neccessary.
Björn Jacke [Tue, 18 Sep 2012 11:57:30 +0000 (13:57 +0200)]
quota: add supprt for gfs2
gfs2 uses the same generic quota interface as xfs and it has the same base
block/quota block size ratio and seems to work nice with the xfs quota module.
(People using gfs should be aware that quota reporting is lagging quite a bit
on gfs. If you copy a file on a gfs volume the quota values are being updated
with a delay of 30s here with kernel 3.5. This reporting can lead to data
corruption if a client thinks he can write but actually he suddently can't.)
(cherry picked from commit 0b57d1c07520f4995412f224945324fef29f5989)
Michael Adam [Tue, 7 Dec 2010 16:30:27 +0000 (17:30 +0100)]
docs: clarify the idmap_rid manpage (bug #7788)
The idmap_rid module should not be used as a default backend.
Also mention that the old snytax "idmap backend = rid:domain=range ..."
is not supported any more.
Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Tue Dec 7 19:07:57 CET 2010 on sn-devel-104
nsswitch: fix crash on null pam change pw response
The function _pam_winbind_change_pwd crashes due to a null value passed
to the function strcasecmp and denies to login via graphical login
manager. Check for a null value before doing a strcasecmp.
Bug-Ubuntu: https://bugs.launchpad.net/bugs/1003296
Bug: https://bugzilla.samba.org/show_bug.cgi?id=9013
(Desktop Managers (xdm, gdm, lightdm...) crashes with SIGSEGV in
_pam_winbind_change_pwd() when password is expiring)
(cherry picked from commit 47f2211f137688a7c46c4a38571a9f94e59dbf6a)
The only difference between batch and exclusive oplocks is the time of
the check: Batch is checked before the share mode check, exclusive after.
Signed-off-by: Jeremy Allison <jra@samba.org>
Fix bug #9150 - Valid open requests can cause smbd assert due to incorrect
oplock handling on delete requests.
Herb Lewis [Mon, 20 Aug 2012 23:03:28 +0000 (16:03 -0700)]
Fix bug #9104 - winbindd can mis-identify idle clients - can cause crashes and NDR parsing errors.
A connection is idle when both struct winbindd_cli_state->request AND
struct winbindd_cli_state->response are NULL. Otherwise we can flag
as idle a connection in the state of having sent the request to
the winbindd child (request != NULL) but not yet received a reply
(response == NULL).
Volker Lendecke [Tue, 7 Aug 2012 23:49:52 +0000 (16:49 -0700)]
s3: Fix a crash in reply_lockingX_error
A timed brlock with 2 locks comes in and the second one blocks,
file is closed. smbd_cancel_pending_lock_requests_by_fid sets
blr->fsp to NULL. reply_lockingX_error (called via
MSG_SMB_BLOCKING_LOCK_CANCEL) deferences blr->fsp because
blr->lock_num==1 (the second one blocked).
This patch fixes the bug by only undoing the locks if fsp!=NULL.
fsp==NULL is the close case where everything is undone anyway.
Thanks to Peter Somogyi, somogyi@hu.ibm.com for this bug report.
Jeremy Allison [Wed, 11 Jul 2012 04:13:03 +0000 (21:13 -0700)]
Fix bug #9034 - Typo in set_re_uid() call when USE_SETRESUID selected in configure.
Previous code only set the real euid, not the effective one. This is not a security issue
as this is *only* used in the quota code, and only between code that brackets
it with save_re_uid()/restore_re_uid(), Also this is not used on most platforms
(we use USE_SETREUID by preference) but it's better to have this right.
(cherry picked from commit ceed322622b46be3745b32a5f6a02e634bfe1789)
Björn Jacke [Thu, 10 Jun 2010 15:19:16 +0000 (17:19 +0200)]
s3: fix build on HP-UX
this struct member h_errno is not used in the HP-UX code paths, it was just
there because Solaris has it, too. As h_errno is a function call macro on HP-UX
when thread support is enabled we run into trouble here. Just commenting it out
should be okay as we don't use it anyway.
(cherry picked from commit ec94efb79d4516b09c7d1d93a4ff8ce0f7046f41)
Volker Lendecke [Fri, 22 Jun 2012 13:46:13 +0000 (15:46 +0200)]
s3-vfs_gpfs: Fix bug #9003, posix acl on gpfs
gpfs2smb_acl can leave errno!=0 around even if it returned a correct
result!=NULL. We can only rely on errno being set if another error
condition (in this case result==NULL) indicates an error. If
result!=NULL, errno is undefined and can be anything. This leads to
SAFE_FREE(result) further down even in the success case.
Jeremy Allison [Mon, 18 Jun 2012 23:24:12 +0000 (16:24 -0700)]
Same fix as bug 8989 - Samba 3.5.x (and probably all other versions of Samba) does not send correct responses to NT Transact Secondary when no data and no params
Jeremy Allison [Mon, 18 Jun 2012 23:23:13 +0000 (16:23 -0700)]
Fix Bug 8989 - Samba 3.5.x (and probably all other versions of Samba) does not send correct responses to NT Transact Secondary when no data and no params
Found by Richard Sharpe <realrichardsharpe@gmail.com>. The correct
command code in a reply to NT Transact Secondary (0xa1) is
NT Transact (0xa0).
(cherry picked from commit 115f5af9a89a20929f02578c08a34ae2736951dd)
Volker Lendecke [Fri, 26 Aug 2011 14:54:18 +0000 (16:54 +0200)]
s3: Fix a winbind race leading to 100% CPU
This fixes a race condition that leads to the winbindd_children list becoming
corrupted. It happens when on a busy winbind SIGCHLD is a bit late.
Imagine a winbind with multiple requests in the queue for a single child. Child
dies, and before the SIGCHLD handler is called we find the socket to be dead.
wb_child_request_done is called, receiving an error from wb_simple_trans_recv.
It closes the socket. Then immediately the wb_child_request_trigger will do
another fork_domain_child before the signal handler is called. This means that
we do another fork_domain_child, we have child->sock==-1 at this point.
fork_domain_child will do a DLIST_ADD(winbindd_children, child) a second time
where the child is already part of that list. This corrupts the list. Then the
signal handler kicks in, spinning in
Matthieu Patou [Fri, 1 Jun 2012 22:33:04 +0000 (15:33 -0700)]
s3-winbindd: call dump_core_setup after command line option has been parsed
Without this fix in some situations winbindd can't coredump.
Such cases append when samba is compiled in a custom prefix (ie.
/home/build/mat/prod/1/) in this case get_dyn_LOGFILEBASE or basename(lp_logfile)
before the configuration file and the command line is parsed will be something like /home/build/mat/prod/1/var
which might not exists on the host where you run it (where it's most
probably more "normal" directories).
Specifying --log-basename didn't help as dump_core_setup is called before the command line and
the config file is read so it didn't help getting a correct value in dump_core_setup.
We fix this issue by calling dump_core_setup() also after the command
line has been read and also after the configfile has been parsed so that
the final location for the coredump is coherent with the final logile
location.
Jeremy Allison [Thu, 10 May 2012 07:53:57 +0000 (09:53 +0200)]
s3-pam_winbind: Fix the build.
Jeremy
Part of a fix for bug #8915 (Samba fails to build with iniparser-3.0.0 and
iniparser-3.1.0).
(cherry picked from commit 00c901a5be83bfe4c70eccbe7fa2a35d3d2a368d)
Richard Sharpe [Tue, 8 May 2012 12:53:10 +0000 (14:53 +0200)]
s3-VFS: Fix building out-of-tree modules.
Fix bug #8822 (VFS module init function name has to be manually changed
depending on build environment).
(cherry picked from commit d2f4164e3db2c341ff3a1b35a68f691848c9a859)
Karolin Seeger [Tue, 8 May 2012 09:05:37 +0000 (11:05 +0200)]
s3-docs: overrided -> overridden
Fix typo. Part of a fix for bug #7938. Based on a patch provided by John
Bradshaw <john@johnbradshaw.org>.
(cherry picked from commit 6b4890246ddbd606484e7247bea86c238cc0a057)
Jeremy Allison [Wed, 25 Apr 2012 22:17:09 +0000 (15:17 -0700)]
Fix bug #8897 - winbind_krb5_locator only returns one IP address.
Reported by Dina_Fine@Dell.com.
Don't ask the DC for an IP list when locating kdc's. Ask for the
name and use getaddrinfo to get all possible addresses instead.
(cherry picked from commit 56b0ec0e91f9af0eb6c109fc1cc300ad5fee3fe6)
The last 10 patches address bug #8815 (PIDL based autogenerated code allows
overwriting beyond of allocated array; CVE-2012-1182).
(cherry picked from commit 566295fa13ff4a848fea517d41bc08aee87966ac)
Jeremy Allison [Fri, 22 Jul 2011 23:40:54 +0000 (16:40 -0700)]
Fix bug 8314] - smbd crash with unknown user.
All other auth modules code with being called with
auth_method->private_data being NULL, make the auth_server
module cope with this too.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sat Jul 23 02:55:01 CEST 2011 on sn-devel-104
(cherry picked from commit 1832c9591099be941ef3afe7b0381c4af61f4728)
Andrew Bartlett [Wed, 14 Dec 2011 22:57:56 +0000 (09:57 +1100)]
s3-winbindd Only use SamLogonEx when we can get unencrypted session keys
This ensures that we have some check on the session keys being returned
as the RC4 cipher is not checksumed.
The check comes from the fact that the credentials chain is tied to
the netlgon session key, and so if the credentials check passes then
the netlogon session key will be correct, and so the user session key
will be correctly decrypted.
Andrew Bartlett
Signed-off-by: Matthieu Patou <mat@matws.net>
s3: If we can't do validation 6 or sam_logon_ex use sam_logon only
Matthieu Patou [Fri, 24 Feb 2012 22:06:02 +0000 (14:06 -0800)]
s3-winbindd: Close netlogon connection if the status returned by the NetrSamLogonEx call is timeout in the pam_auth_crap path
If not the child process would hang for quite a long time up to the
moment when the connection is cleaned by the kernel (took ~ 20 minutes)
in my tests.
Fix bug #8771 (Winbind takes up to 20 minutes to change from DC 1 to DC 2 and
in the meantime to respond NT_STATUS_IO_TIMEOUT).
projects / thirdparty / samba.git / log
