| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
This is an additional patch for CVE-2015-0240.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11077#c32
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
uninitialized pointer.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11077
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
|
|
Bug: https://bugzilla.samba.org/show_bug.cgi?id=9299
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(similar to commit 575b093dac3c509b1bfaab0b4ad29b9b4214e487)
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Sun Jan 11 16:15:06 CET 2015 on sn-devel-104
|
|
Trying to establish a netlogon connection when the service ticket
expires might fail with NT_STATUS_NETWORK_SESSION_EXPIRED. The
underlying client code already marks the session as invalid, so retry
the netlogon connect in this case.
Signed-off-by: Christof Schmit <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jan 6 02:58:57 CET 2015 on sn-devel-104
(cherry picked from commit a2670f15dea27c10e3827216adf572f9c3894f85)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11034
|
|
When the underlying session expires, the LogonControl RPC call used in
ping-dc returns NT_STATUS_IO_DEVICE_ERROR. Retry once in this case,
instead of returning the error to the caller.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Dec 23 02:46:34 CET 2014 on sn-devel-104
(cherry picked from commit 2fdc55160309cec89aeb88243cb18d058c67e918)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11034
|
|
Signed-off-by: Samuel Cabrero <scabrero@zentyal.com>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
(cherry picked from commit d747372d28273542298f86530e715e8faaf907f2)
|
|
If signing is not required we should not require it for reauthentication.
Windows clients would otherwise fail to reauthenticate.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10958
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 382019656ee164fd21455ed7d7b5e9e18bd0ca72)
|
|
If we have a channel session key, we also always have a global session key.
For multi-channel it's possible that the channel session key is not in place
yet, in that case the global session key needs to be used.
In both cases (reauth or session bind) we session setup requests need to be
signed.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
(cherry picked from commit 7e006d11134cdc37ea0fc13110fe5bbfb9de3f14)
|
|
path is a talloc-child of subkeys, so subkeys should not be freed before calling
verbose_output
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Christian Ambach <ambi@samba.org>
Autobuild-Date(master): Wed Dec 3 00:43:19 CET 2014 on sn-devel-104
(cherry picked from commit 3b90bfb1089e6a4b7e05e7ed62bb642521f57917)
|
|
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 4b41489901b7f1a78ffd479128c3e0d309e53b53)
|
|
try to find the security descriptor at the data pointer, not at the beginning of the hbin
Bug: https://bugzilla.samba.org/show_bug.cgi?id=9629
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 217a0189c15761f6c7b24c9d7bfdbccf85de8e1d)
|
|
Fix up the ceph, time_audit and streams_xattr modules to follow
the -1,errno convention for errors.
Reported by Jones <jones.kstw@gmail.com> who provided the
initial patch. This patch tested and confirmed working
by him as well.
Signed-off-by: Jeremy Allison <jra@samba.org>
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Mon Dec 8 12:29:00 CET 2014 on sn-devel-104
|
|
Fix vfs_allocate_file_space(), vfs_slow_fallocate(),
vfs_fill_sparse() to follow the -1,errno convention
for errors.
Standardize on the -1,errno convention.
Reported by Jones <jones.kstw@gmail.com> who provided the
initial patch. This patch tested and confirmed working
by him as well.
https://bugzilla.samba.org/show_bug.cgi?id=10982
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@suse.de>
(cherry picked from commit cc1f91cec627cb3e4fc89b96aae1e7e4c539cd1c)
|
|
vfswrap_fallocate() is broken in that it can call posix_fallocate()
which returns an int error (and doesn't set errno) but can also
call Linux fallocate() which returns -1 and sets errno.
Standardize on the -1,errno convention.
Reported by Jones <jones.kstw@gmail.com> who provided the
initial patch. This patch tested and confirmed working
by him as well.
https://bugzilla.samba.org/show_bug.cgi?id=10982
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@suse.de>
(cherry picked from commit c9235deee0fc49c99cfaf2329b7af526d9dd12d0)
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10279
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit 8c41795c81d85114e383e694ba7421e95bacb912)
|
|
If we do not set the netbios_name we are not able to connect to a
Windows DC.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10279
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit 206f25d815024248214f076fd60c35862e9de8a1)
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10279
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit 1e148a91fd20053f823b57e19d757665fa30c53d)
|
|
client does.
Required as some servers return zero when asked for
zero credits in an initial SMB2-only negprot.
Back-port of c426f97238e4f664d1b13781101ca9c942aa7d0d
from master.
https://bugzilla.samba.org/show_bug.cgi?id=10966
Signed-off-by: Jeremy Allison <jra@samba.org>
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Thu Dec 4 21:55:16 CET 2014 on sn-devel-104
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10961
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10960
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
|
|
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Mon Nov 17 19:53:22 CET 2014 on sn-devel-104
The last 3 patches address
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10942
cleanup add_string_to_array and usage
|
|
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
|
|
This is done in the top level now.
Signed-off-by: Michael Adam <obnox@samba.org>
(cherry picked from commit e7fc38a7df90e26a96ec5573042dccc1746e4f2c)
|
|
Signed-off-by: Volker Lendecke <vl@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10932
invalid free in pdb_tdb
|
|
Signed-off-by: Matt Rogers <mrogers@redhat.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 0de6799996955fbf8e19ace8c4b7b61f5a262cb5)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10933
net ads join -k can segfault with existing keytab entries
|
|
This logic has been moved into the previous EnumJobs(level=3) caller.
The info3 structure only contains two fields that are used, so it
doesn't make sense to have a separate helper for it.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit d772b98283f289917a6a8370808d4d0912899384)
|
|
Until now, these responses have incorrectly carried the printing backend
job identifier (sysjob), rather than the one allocated and returned by
Samba on job submission.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10905
Reported-by: Franz Pförtsch <franz.pfoertsch@brose.com>
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 5e7ab3d2f4f7950099561eb22d6a9a1536297442)
|
|
Until now, these responses have incorrectly carried the printing backend
job identifier (sysjob), rather than the one allocated and returned by
Samba on job submission.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10905
Reported-by: Franz Pförtsch <franz.pfoertsch@brose.com>
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 45abaf81c67b62bab571df208931241afa660802)
|
|
Until now, these responses have incorrectly carried the printing backend
job identifier (sysjob), rather than the one allocated and returned by
Samba on job submission.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10905
Reported-by: Franz Pförtsch <franz.pfoertsch@brose.com>
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 4d7f5d2af6ef6960dccaccf89c6e88947e2591bf)
|
|
Clients issue GetJob requests using the jobid assigned by the spoolss
server. The corresponding printing backend (sysjob) identifier needs to
be resolved to locate the correct print queue entry.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10905
Reported-by: Franz Pförtsch <franz.pfoertsch@brose.com>
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 3a28ae56977235d3c9e3abcd1f24b220e536c50d)
|
|
Samba needs to deal with two types of print job identifiers, those
allocated by the printing backend (sysjob ids), and those allocated
by Samba's spoolss server (jobids).
This change adds a helper function to map spoolss jobids to sysjob ids,
to go alongside the corresponding sysjob to jobid mapping function.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 77b5be1742ee7aa2733a25bfa6a3af369f5c9401)
|
|
A client can:
- open a handle (h1)
- write some data to h1.
- open a 2nd handle h2 (downgrades both handles to level II)
- try to read the data on h2 (this gets old data)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10921
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Sun Nov 9 22:57:54 CET 2014 on sn-devel-104
|
|
This screws up if the name is greater than MAX_NETBIOSNAME_LEN-1 in the
unix charset, but less than or equal to MAX_NETBIOSNAME_LEN-1 in the DOS
charset, but this is so old we have to live with that.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10920
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 7467f6e72cba214eeca75c34e9d9fba354c7ef31)
Signed-off-by: Andreas Schneider <asn@samba.org>
|
|
STATUS_NO_MORE_FILES when handed a non-wildcard path.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Steve French <smfrench@gmail.com>
Tested-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Steve French <sfrench@samba.org>
Autobuild-Date(master): Thu Oct 23 20:44:31 CEST 2014 on sn-devel-104
(cherry picked from commit 95bf43bc6a0b6a4a47b8a556eee3b78446ea4123)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10904
smbclient loops doing a directory listing against Mac OS X 10 server with a
non-wildcard path.
|
|
Currently Samba is inconsistent when returning WERR_UNKNOWN_LEVEL
errors for spoolss EnumJobs requests - if no print jobs are present,
then WERR_OK will be returned, regardless of whether the EnumJobs level
is supported or not.
This change fixes this behaviour, by catching invalid or unsupported
levels prior to the no-jobs response fast-path.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10898
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Oct 28 03:05:35 CET 2014 on sn-devel-104
(cherry picked from commit d4f233a746d89e13aae78008b499c71b695ff882)
|
|
Try and cope with truncation more intelligently.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10896
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 6adcc7bffd5e1474ecba04d2328955c0b208cabc)
Signed-off-by: Andreas Schneider <asn@samba.org>
|
|
it never returns false.
Even if the write to the socket/fd fails, we never return false and
will keep reading stuff off of the input buffer until it is exhausted
and then we will exit.
Signed-off-by: Richard Sharpe <rsharpe@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Richard Sharpe <sharpe@samba.org>
Autobuild-Date(master): Sat Aug 3 17:41:22 CEST 2013 on sn-devel-104
(cherry picked from commit 852c9ac34dbef66d0b2619554c611157c2fab771)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10880
S3: source3/smbd/process.c::srv_send_smb() returns true on the error path.
|
|
processing by adding POPT_COMMON_DYNCONFIG.
Bug #10711 - nmbd fails to accept --piddir option.
https://bugzilla.samba.org/show_bug.cgi?id=10711
Signed-off-by: Jeremy Allison <jra@samba.org>
|
|
Change-Id: I74347199e54be0d1dc031985534da1e56fd3e280
Signed-off-by: Jose A. Rivera <jarrpa@redhat.com>
Reviewed-by: Christopher R. Hertel <crh@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
The last 3 patches address bug #10889 (Backport remaining vfs_glusterfs patches
in master/4.2 to 4.1).
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Sun Oct 26 23:51:26 CET 2014 on sn-devel-104
|
|
Change-Id: If1b54e62b4fc2240aa17e5d1eae8f279f2fdfc42
Signed-off-by: Christopher R. Hertel <crh@samba.org>
Reviewed-by: Jose A. Rivera <jarrpa@redhat.com>
Reviewed-by: Ira Cooper <ira@samba.org>
|
|
Change-Id: I98b512da2e0e56f061247a7c48ce576287b43827
Signed-off-by: Christopher R. Hertel <crh@samba.org>
Reviewed-by: Jose A. Rivera <jarrpa@redhat.com>
Reviewed-by: Ira Cooper <ira@samba.org>
|
|
Use the same mechanism as setup for smbd and winbindd.
Fixes bug #10830 - nmbd can leave unreaped zombies.
https://bugzilla.samba.org/show_bug.cgi?id=10830
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Sun Oct 19 23:19:38 CEST 2014 on sn-devel-104
|
|
Using the new msg_source program with 1.500 instances against a single
msg_sink I found the msg_source process to spawn two worker threads for
synchronously sending the data towards the receiving socket. This should
not happen: Per destination node we only create one queue. We strictly
only add pthreadpool jobs one after the other, so a single helper thread
should be perfectly sufficient.
It turned out that under heavy overload the main sending thread was
scheduled before the thread that just had finished its send() job. So
the helper thread was not able to increment the pool->num_idle variable
indicating that we don't have to create a new thread when the new job
is added.
This patch moves the signalling write under the mutex. This means that
indicating readiness via the pipe and the pool->num_idle variable happen both
under the same mutex lock and thus are atomic. No superfluous threads anymore.
Back port of commit 1c4284c7395f23cefa61a407db74cf5067aee2aa
that went into master.
https://bugzilla.samba.org/show_bug.cgi?id=10779
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
|
|
restore existing SIGCHLD handlers.
Bug #10831 - SIGCLD Signal handler not correctly reinstalled on old library code use - smbrun etc.
https://bugzilla.samba.org/show_bug.cgi?id=10831
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
|
|
This adds all SPNs defined in the DC for the computer account to the
keytab using 'net ads keytab create -P'.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9985
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit 5d58b92f8fcbc509f4fe2bd3617bcaeada1806b6)
|
|
When a createkey fails due to access denied, we need to do a
transaction_cancel. Otherwise the lock on the db will stay around.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10860
|
|
Create a new lsa_RefDomainList and populate it with the domain SID from
the original query. That avoids the problem that for migrated objects,
LookupSids returns the SID of the new domain, and combining that with
the RID from the input results in an invalid SID.
A better fix would be querying the RID of the user in the new domain,
but the approach here at least avoids id mappings entries for invalid
SIDs.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Sep 29 13:15:18 CEST 2014 on sn-devel-104
(cherry picked from commit 9c9216410faf707edc4ba05f2b715d45f7f51ca4)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10838
Invalid id mappings for users/groups migrated from another domain
|
|
This will be used in the next patch in winbind.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit 16594e7fc0a46249a48d0d0635de0c1050ecd340)
|
|
When the connection to the DC has a problem, the code behind
ads_do_search_retry closes the current connection and opens a new one.
The new connection has a new struct LDAP to represent the connection. In
this case, the LDAP pointer in the idmap_rfc2307_context becomes
invalid.
Fix this problem by updating the local pointer after calling
ads_do_search_retry.
Signed-off-by: Christof Schmitt <cs@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10837
winbind crash in idmap_rfc2307 module
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9984
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Fri Sep 26 08:22:45 CEST 2014 on sn-devel-104
(cherry picked from commit 0aacbe78bb40d76b65087c2a197c92b0101e625e)
|
