source3/libaddns: don't depend on the order in resp->answers[]
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit eecc1d294256210ee8c2f6ab79d21b835258a6d4)
The last 2 patches address bug #9402 - lib/addns doesn't work samba4 with a
bind9 server.
source3/libaddns: remove pointless check for resp->num_additionals != 1
We never use resp->additionals, so there's no reason to check.
This fixes dns updates against BIND9 (used in a Samba4 domain).
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit b59c5db5f74f56c0536635a41ae51c389109ceb5)
lib/replace: replace all *printf function if we replace snprintf (bug #9390)
This fixes segfaults in log level = 10 on Solaris.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Björn Jacke <bj@sernet.de>
Autobuild-User(master): Björn Jacke <bj@sernet.de>
Autobuild-Date(master): Wed Nov 14 19:41:14 CET 2012 on sn-devel-104
(cherry picked from commit a15da3625850d97b3da1b02308c870f820007c52)
The last 5 patches address bug #9390 - Solaris printf doesn't allow %s, NULL.
Jelmer Vernooij [Sun, 13 May 2012 01:21:34 +0000 (03:21 +0200)]
libreplace: Fix symbol names for snprintf/asprintf/vasprintf.
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sun May 13 05:16:28 CEST 2012 on sn-devel-104
(cherry picked from commit cf67da70c9a63c4dc63f287059321d6c36d1e19e)
Jeremy Allison [Thu, 8 Nov 2012 21:45:19 +0000 (13:45 -0800)]
Another fix needed for bug #9236 - ACL masks incorrectly applied when setting ACLs.
Not caught by make test as it's an extreme edge case for strange
incoming ACLs. I only found this as I'm making raw.acls and smb2.acls
pass against 3.6.x with acl_xattr mapped onto a POSIX backend (which
isn't tested in make test).
An incoming inheritable ACE entry containing only one permission,
WRITE_DATA maps into a POSIX owner perm of "-w-", which violates
the principle that the owner of a file/directory can always read.
This commit seems to break 'make test' on my system, so reverting it for now.
(Bug report has been re-opened, see
https://bugzilla.samba.org/show_bug.cgi?id=9218
for details).
lib-addns: ensure that allocated buffer are pre set to 0 (bug #9259)
It avoid bugs when one of the buffer is supposed to contain a string
that is not null terminated (ie. label->label) and that we don't force
the last byte to 0.
(similar to commit 03c4dceaab82ca2c60c9ce0e09fddd071f98087b)
Andrew Bartlett [Thu, 1 Mar 2012 05:55:04 +0000 (16:55 +1100)]
s3-libsmb: Initialise ticket to ensure we do not invalid memory
The free is however a talloc_free(), which has additional protection against
freeing the wrong thing.
Andrew Bartlett
Signed-off-by: Jeremy Allison <jra@samba.org>
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Fri Mar 2 01:45:19 CET 2012 on sn-devel-104
(cherry picked from commit f1452a296429b79755235f4a480f0d5ea38ce178)
Karolin Seeger [Thu, 4 Oct 2012 09:43:20 +0000 (11:43 +0200)]
html docs: Remove link to Using Samba.
Thanks to Christian Perrier <bubulle@debian.org> for reporting!
Fix bug #7826 - HTML docs index file still points to Using Samba.
Karolin
Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Thu Oct 4 13:48:00 CEST 2012 on sn-devel-104
(cherry picked from commit 1bf209dd7e5a0f0001b3d1e3798093772bbd3fd3)
By the time we've gotten to init_dc_connection_network() we shouldn't
be second guessing the caller by calling winbindd_can_contact_domain().
If for some reason we do need to restrict the contact list here we
can add a condition to only contact the primary domain or domains
listed in the tdc cache, but I don't think that's neccessary.
Björn Jacke [Tue, 18 Sep 2012 11:57:30 +0000 (13:57 +0200)]
quota: add supprt for gfs2
gfs2 uses the same generic quota interface as xfs and it has the same base
block/quota block size ratio and seems to work nice with the xfs quota module.
(People using gfs should be aware that quota reporting is lagging quite a bit
on gfs. If you copy a file on a gfs volume the quota values are being updated
with a delay of 30s here with kernel 3.5. This reporting can lead to data
corruption if a client thinks he can write but actually he suddently can't.)
(cherry picked from commit 0b57d1c07520f4995412f224945324fef29f5989)
Michael Adam [Tue, 7 Dec 2010 16:30:27 +0000 (17:30 +0100)]
docs: clarify the idmap_rid manpage (bug #7788)
The idmap_rid module should not be used as a default backend.
Also mention that the old snytax "idmap backend = rid:domain=range ..."
is not supported any more.
Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Tue Dec 7 19:07:57 CET 2010 on sn-devel-104
nsswitch: fix crash on null pam change pw response
The function _pam_winbind_change_pwd crashes due to a null value passed
to the function strcasecmp and denies to login via graphical login
manager. Check for a null value before doing a strcasecmp.
Bug-Ubuntu: https://bugs.launchpad.net/bugs/1003296
Bug: https://bugzilla.samba.org/show_bug.cgi?id=9013
(Desktop Managers (xdm, gdm, lightdm...) crashes with SIGSEGV in
_pam_winbind_change_pwd() when password is expiring)
(cherry picked from commit 47f2211f137688a7c46c4a38571a9f94e59dbf6a)
The only difference between batch and exclusive oplocks is the time of
the check: Batch is checked before the share mode check, exclusive after.
Signed-off-by: Jeremy Allison <jra@samba.org>
Fix bug #9150 - Valid open requests can cause smbd assert due to incorrect
oplock handling on delete requests.
Herb Lewis [Mon, 20 Aug 2012 23:03:28 +0000 (16:03 -0700)]
Fix bug #9104 - winbindd can mis-identify idle clients - can cause crashes and NDR parsing errors.
A connection is idle when both struct winbindd_cli_state->request AND
struct winbindd_cli_state->response are NULL. Otherwise we can flag
as idle a connection in the state of having sent the request to
the winbindd child (request != NULL) but not yet received a reply
(response == NULL).
Volker Lendecke [Tue, 7 Aug 2012 23:49:52 +0000 (16:49 -0700)]
s3: Fix a crash in reply_lockingX_error
A timed brlock with 2 locks comes in and the second one blocks,
file is closed. smbd_cancel_pending_lock_requests_by_fid sets
blr->fsp to NULL. reply_lockingX_error (called via
MSG_SMB_BLOCKING_LOCK_CANCEL) deferences blr->fsp because
blr->lock_num==1 (the second one blocked).
This patch fixes the bug by only undoing the locks if fsp!=NULL.
fsp==NULL is the close case where everything is undone anyway.
Thanks to Peter Somogyi, somogyi@hu.ibm.com for this bug report.
Jeremy Allison [Wed, 11 Jul 2012 04:13:03 +0000 (21:13 -0700)]
Fix bug #9034 - Typo in set_re_uid() call when USE_SETRESUID selected in configure.
Previous code only set the real euid, not the effective one. This is not a security issue
as this is *only* used in the quota code, and only between code that brackets
it with save_re_uid()/restore_re_uid(), Also this is not used on most platforms
(we use USE_SETREUID by preference) but it's better to have this right.
(cherry picked from commit ceed322622b46be3745b32a5f6a02e634bfe1789)
Björn Jacke [Thu, 10 Jun 2010 15:19:16 +0000 (17:19 +0200)]
s3: fix build on HP-UX
this struct member h_errno is not used in the HP-UX code paths, it was just
there because Solaris has it, too. As h_errno is a function call macro on HP-UX
when thread support is enabled we run into trouble here. Just commenting it out
should be okay as we don't use it anyway.
(cherry picked from commit ec94efb79d4516b09c7d1d93a4ff8ce0f7046f41)
Volker Lendecke [Fri, 22 Jun 2012 13:46:13 +0000 (15:46 +0200)]
s3-vfs_gpfs: Fix bug #9003, posix acl on gpfs
gpfs2smb_acl can leave errno!=0 around even if it returned a correct
result!=NULL. We can only rely on errno being set if another error
condition (in this case result==NULL) indicates an error. If
result!=NULL, errno is undefined and can be anything. This leads to
SAFE_FREE(result) further down even in the success case.
Jeremy Allison [Mon, 18 Jun 2012 23:24:12 +0000 (16:24 -0700)]
Same fix as bug 8989 - Samba 3.5.x (and probably all other versions of Samba) does not send correct responses to NT Transact Secondary when no data and no params
Jeremy Allison [Mon, 18 Jun 2012 23:23:13 +0000 (16:23 -0700)]
Fix Bug 8989 - Samba 3.5.x (and probably all other versions of Samba) does not send correct responses to NT Transact Secondary when no data and no params
Found by Richard Sharpe <realrichardsharpe@gmail.com>. The correct
command code in a reply to NT Transact Secondary (0xa1) is
NT Transact (0xa0).
(cherry picked from commit 115f5af9a89a20929f02578c08a34ae2736951dd)
Volker Lendecke [Fri, 26 Aug 2011 14:54:18 +0000 (16:54 +0200)]
s3: Fix a winbind race leading to 100% CPU
This fixes a race condition that leads to the winbindd_children list becoming
corrupted. It happens when on a busy winbind SIGCHLD is a bit late.
Imagine a winbind with multiple requests in the queue for a single child. Child
dies, and before the SIGCHLD handler is called we find the socket to be dead.
wb_child_request_done is called, receiving an error from wb_simple_trans_recv.
It closes the socket. Then immediately the wb_child_request_trigger will do
another fork_domain_child before the signal handler is called. This means that
we do another fork_domain_child, we have child->sock==-1 at this point.
fork_domain_child will do a DLIST_ADD(winbindd_children, child) a second time
where the child is already part of that list. This corrupts the list. Then the
signal handler kicks in, spinning in
Matthieu Patou [Fri, 1 Jun 2012 22:33:04 +0000 (15:33 -0700)]
s3-winbindd: call dump_core_setup after command line option has been parsed
Without this fix in some situations winbindd can't coredump.
Such cases append when samba is compiled in a custom prefix (ie.
/home/build/mat/prod/1/) in this case get_dyn_LOGFILEBASE or basename(lp_logfile)
before the configuration file and the command line is parsed will be something like /home/build/mat/prod/1/var
which might not exists on the host where you run it (where it's most
probably more "normal" directories).
Specifying --log-basename didn't help as dump_core_setup is called before the command line and
the config file is read so it didn't help getting a correct value in dump_core_setup.
We fix this issue by calling dump_core_setup() also after the command
line has been read and also after the configfile has been parsed so that
the final location for the coredump is coherent with the final logile
location.
Jeremy Allison [Thu, 10 May 2012 07:53:57 +0000 (09:53 +0200)]
s3-pam_winbind: Fix the build.
Jeremy
Part of a fix for bug #8915 (Samba fails to build with iniparser-3.0.0 and
iniparser-3.1.0).
(cherry picked from commit 00c901a5be83bfe4c70eccbe7fa2a35d3d2a368d)
Richard Sharpe [Tue, 8 May 2012 12:53:10 +0000 (14:53 +0200)]
s3-VFS: Fix building out-of-tree modules.
Fix bug #8822 (VFS module init function name has to be manually changed
depending on build environment).
(cherry picked from commit d2f4164e3db2c341ff3a1b35a68f691848c9a859)
Karolin Seeger [Tue, 8 May 2012 09:05:37 +0000 (11:05 +0200)]
s3-docs: overrided -> overridden
Fix typo. Part of a fix for bug #7938. Based on a patch provided by John
Bradshaw <john@johnbradshaw.org>.
(cherry picked from commit 6b4890246ddbd606484e7247bea86c238cc0a057)
Jeremy Allison [Wed, 25 Apr 2012 22:17:09 +0000 (15:17 -0700)]
Fix bug #8897 - winbind_krb5_locator only returns one IP address.
Reported by Dina_Fine@Dell.com.
Don't ask the DC for an IP list when locating kdc's. Ask for the
name and use getaddrinfo to get all possible addresses instead.
(cherry picked from commit 56b0ec0e91f9af0eb6c109fc1cc300ad5fee3fe6)
projects / thirdparty / samba.git / log
