Andrew Bartlett [Fri, 6 Sep 2013 03:37:30 +0000 (15:37 +1200)]
ldb: Show the type of failing operation in default error message
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
347b2c65a4b8c219cfdae3306fdc3d793980cbed)
Jeroen Dekkers [Sun, 8 Sep 2013 22:42:39 +0000 (00:42 +0200)]
ldb: Do not build libldb-cmdline when using system ldb.
Cleanup leftover include and linking of libldb-cmdline in
oLschema2ldif. Do not build libldb-cmdline anymore when using the
system ldb, oLschema2ldif was the only reason for building
libldb-cmdline.
Signed-off-by: Jeroen Dekkers <jeroen@dekkers.ch>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Sep 10 12:52:26 CEST 2013 on sn-devel-104
(cherry picked from commit
0af09f0179c024099e0776d3794f4b3d7fb3f6f6)
Volker Lendecke [Sun, 18 Aug 2013 19:54:31 +0000 (19:54 +0000)]
ldb_map: Fix CID
1034791 Dereference null return value
Add NULL checks
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
cb598ddab6935820975042a8a307c75dba9d7e31)
Volker Lendecke [Sun, 18 Aug 2013 19:51:49 +0000 (19:51 +0000)]
pyldb: Fix CID
1034792 Dereference null return value
Add a NULL check
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
cbb5c1ce39640ffd01aeed6d87a57940e344792c)
Volker Lendecke [Sun, 18 Aug 2013 19:49:24 +0000 (19:49 +0000)]
ldb: Fix CID
1034793 Dereference null return value
Add a proper NULL check
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
15bd82550dab7a4709e92d639ee563dbc4780366)
Volker Lendecke [Fri, 16 Aug 2013 12:56:04 +0000 (12:56 +0000)]
ldb: Fix a const warning
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Simo Sorce <idra@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Sun Aug 18 10:26:27 CEST 2013 on sn-devel-104
(cherry picked from commit
06273504586733ac548ddadad6c7bc757d2d5e25)
Matthieu Patou [Thu, 27 Dec 2012 05:36:50 +0000 (21:36 -0800)]
pyldb: decrement ref counters on py_results and quiet warnings
Signed-off-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
Autobuild-User(master): Matthieu Patou <mat@samba.org>
Autobuild-Date(master): Tue Aug 6 00:32:46 CEST 2013 on sn-devel-104
(cherry picked from commit
0602009b999142187d74b74be13de8c7f64c7b24)
Garming Sam [Wed, 5 Feb 2014 02:40:59 +0000 (15:40 +1300)]
provision: capture slightly less generic exceptions during the test for acls
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
(cherry picked from commit
f279a297a4a94c5cbc049c9b2cde14b02960a76f)
The last 4 patches address bug #10703 - backport provision fixes from master.
Garming Sam [Wed, 5 Feb 2014 02:31:22 +0000 (15:31 +1300)]
pysmbd: improve the return of error codes in the python smbd bindings
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
(cherry picked from commit
ad773cc01435e65fa5d8e84758b0642069e96c40)
Garming Sam [Wed, 5 Feb 2014 02:29:18 +0000 (15:29 +1300)]
provision: improve error message when connecting to samdb without the correct permissions
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
(cherry picked from commit
b27543aa729ca893270831d5c4fc74ea7ac6d407)
Garming Sam [Wed, 27 Nov 2013 02:26:14 +0000 (15:26 +1300)]
provision: Fix failures on re-provision incorrectly blamed on posix acl support.
By doing the test later, there is an actual sam.ldb file that can be connected to.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
(cherry picked from commit
a89060a0217f8740798d1dac4466222301a4d81b)
Andrew Bartlett [Tue, 13 May 2014 05:47:03 +0000 (17:47 +1200)]
passdb: Do not routinely clear the global memory returned by get_global_sam_sid()
This avoids use-after-free errors and tdb database churn.
Andrew Bartlett
Change-Id: If7ab2e24556d9dffc7ad22c0489d665dd75a0cab
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
(cherry picked from commit
cda32d4e47aa3efb040eb60f1a0332ea8dd58417)
The last 9 patches address bug #10701 - backport dsdb related crash fixes and
build fixes.
Volker Lendecke [Sun, 18 Aug 2013 19:37:56 +0000 (19:37 +0000)]
samdb: Fix CID
1034910 Dereference before null check
strncmp("tdb://", secrets_ldb, 6) dereferences secrets_ldb. Check for
NULL before that.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
35330aa2c8b255d74e94bc9dd742e621953c21f9)
Volker Lendecke [Sun, 18 Aug 2013 19:37:56 +0000 (19:37 +0000)]
samdb: Fix CID
1034910 Dereference before null check
strncmp("tdb://", sam_name, 6) dereferences sam_name. Check for
NULL before that.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
8c4e6f0cba164c91661a654e2ccc13c265a06953)
Stefan Metzmacher [Thu, 27 Feb 2014 08:29:36 +0000 (09:29 +0100)]
s4:dsdb/ldb_modules: avoid invalid pointer type warnings
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
ee06cbce30ccdb057ffc5b3da2d7fb1010a13837)
Christian Ambach [Tue, 10 Dec 2013 16:52:29 +0000 (17:52 +0100)]
s4:dsdb fix compiler warnings
about potentially uninitialized variables
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
2bd15d1b830b177ea234aa29ff696379abbcd683)
Andreas Schneider [Tue, 12 Nov 2013 13:09:56 +0000 (14:09 +0100)]
s4-dsdb: Fix a use after free segfault.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Tue Nov 12 19:22:28 CET 2013 on sn-devel-104
(cherry picked from commit
744abc882284bfde41b087bc06e13160b915f371)
Christian Ambach [Tue, 10 Dec 2013 16:52:29 +0000 (17:52 +0100)]
s4:dsdb fix compiler warnings
about potentially uninitialized variables
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
e5cb10f59122acc56a465c19885fe74a39985700)
Christian Ambach [Tue, 10 Dec 2013 16:53:15 +0000 (17:53 +0100)]
s4:dsdb fix compiler warnings
about potentially uninitialized variables
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
9c2951a9ca8228c714a1c1c834392077d050b569)
Stefan Metzmacher [Thu, 27 Feb 2014 08:29:36 +0000 (09:29 +0100)]
s4:dsdb/ldb_modules: avoid declaration after code warnings
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
de773f3785d8fedba605437fbd434a49b9d18b0e)
Andrew Bartlett [Sun, 8 Sep 2013 21:57:27 +0000 (09:57 +1200)]
s4-rpc_server/drsuapi: Print ldb error showing why we failed to perform the access check
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
f75dc8f4a54581ed207e7caa2e52211ea24e3554)
The lat 6 patches address bug #10700 - backport access check related fixes from
master.
Nadezhda Ivanova [Mon, 14 Oct 2013 23:06:38 +0000 (02:06 +0300)]
s4-dsacl: Fixed incorrect handling of privileges in sec_access_check_ds
Restore and backup privileges are not relevant to ldap
access checks, and the TakeOwnership privilege should
grant write_owner right
Signed-off-by: Nadezhda Ivanova <nivanova@symas.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
daefca2a1aaa9f4e0ca2f17ef4c9a71412c081ea)
Andrew Bartlett [Wed, 5 Feb 2014 01:53:26 +0000 (14:53 +1300)]
dsdb: Return LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS rather than OPERATIONS_ERROR on EACCES and EPERM
This makes provision errors clearer in Samba.
Andrew Bartlett
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
(cherry picked from commit
262c3de3f880bb08b1220d1e755bb31365dab49b)
Andrew Bartlett [Fri, 23 May 2014 04:41:33 +0000 (16:41 +1200)]
dsdb: Do not give an error is metadata.tdb does not yet exist
Change-Id: I88ee188c776364fd66da388ce01fc9288aa2ded0
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
822b4927288231b7a90579af9792608a0bdef706)
Andrew Bartlett [Thu, 26 Sep 2013 00:09:58 +0000 (17:09 -0700)]
dsdb: Provide a clearer error when we fail to store the sequence number in metadata.tdb
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
6da2dcd17ee46d339d7d80df3dccd456703e7fe2)
Volker Lendecke [Sun, 18 Aug 2013 19:37:56 +0000 (19:37 +0000)]
samdb: Fix CID
1034910 Dereference before null check
strncmp("tdb://", sam_name, 6) dereferences sam_name. Check for
NULL before that.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
6417d9e0355f840ca4cf3b740ad5aabfc534d834)
Matthieu Patou [Mon, 1 Jul 2013 03:44:22 +0000 (20:44 -0700)]
drs-cracksname: fix problems that prevented to pass our torture tests
Some of the problems where also reported by Microsoft testing tools
Signed-off-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Andrew Bartlett <abarlett@samba.org>
(cherry picked from commit
7fe4630bad232c09e29739beedda2e2fb63747ed)
The last 4 patches address bug #10698 - backport drs-crackname fixes from
master.
Matthieu Patou [Sun, 30 Jun 2013 09:04:20 +0000 (02:04 -0700)]
drs-crackname: Fix error code so that we have the same as windows
Signed-off-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Andrew Bartlett <abarlett@samba.org>
(cherry picked from commit
029e80da9d1ab5096cd0981110b588245f8fd50d)
Matthieu Patou [Sun, 30 Jun 2013 09:03:02 +0000 (02:03 -0700)]
drs-cracknames: When cracking NT4 names we should just look at netbios for the match
Looking at dnsRoot will yield a result for domain.tld\username when it
shouldn't work.
Signed-off-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Andrew Bartlett <abarlett@samba.org>
(cherry picked from commit
552b4f3e022dca594e1dada7979fe351eee8cf9b)
Matthieu Patou [Sat, 29 Jun 2013 23:02:32 +0000 (16:02 -0700)]
drs-crackname: Fix cracknames for the format UNKNOWN when the data is actually a GUID
The cannonical crackname expect a "/" or it returns
DRSUAPI_DS_NAME_STATUS_RESOLVE_ERROR, when doing UNKNOWN format it's not
an error to not have a "/" in the name to crack it's just a sign the
name is not a cannonical one.
Signed-off-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Andrew Bartlett <abarlett@samba.org>
(cherry picked from commit
aa17a2c01dbab2e522a8ccccaed7943963bab5b9)
Stefan Metzmacher [Wed, 12 Mar 2014 14:12:42 +0000 (15:12 +0100)]
selftest/subunithelper.py: correctly pass testsuite-uxsuccess to end_testsuite()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Mar 13 23:49:36 CET 2014 on sn-devel-104
(cherry picked from commit
3632c59e250396b3974bccf7ad74cbe5c84fdba3)
The last 4 patches address bug #10696 - backport autobuild/selftest fixes from
master.
Stefan Metzmacher [Wed, 12 Mar 2014 14:12:42 +0000 (15:12 +0100)]
selftest/subunithelper.py: correctly handle fail_immediately in end_testsuite of FilterOps
This way --fail-immediately also works if a command segfaults.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
fee156f5b9235b5f766cb773433ddb7d0ccd98a1)
Stefan Metzmacher [Wed, 12 Mar 2014 14:12:42 +0000 (15:12 +0100)]
selftest/subunithelper.py: correctly handle unexpected success in FilterOps
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
14246953b2e91578e5f51faedfdf31926a5b1950)
Stefan Metzmacher [Mon, 17 Feb 2014 08:15:30 +0000 (09:15 +0100)]
script/autobuild: use --force-rebase option
This makes sure the current user will be the committer.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
ab9f02193188af8e482052ee6b55c30aac2c8340)
Stefan Metzmacher [Thu, 3 Apr 2014 14:03:19 +0000 (16:03 +0200)]
s4:repl_meta_data: fix array assignment in replmd_process_linked_attribute()
Change-Id: I10357236108f68ab749ba0e1f07558302c573887
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
5b22222421c77c8c379c828c5da7e6c8c38cfb88)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10294
Failed to Join Domain - uncaught exception - attribute 'isRecycled'
Volker Lendecke [Wed, 2 Jul 2014 14:27:52 +0000 (14:27 +0000)]
torture3: Fix bug 10687
'RW2' smbtorture test fails when -N <numprocs> is set to 2 due to the invalid
status check in the second client.
Signed-off-by: Volker Lendecke <vl@samba.org>
Andrew Bartlett [Sun, 30 Mar 2014 21:19:58 +0000 (10:19 +1300)]
libsmb: Provide a talloc_stackframe() to external users of libsmb_setget.c
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
bc5bd4010e8fedf19047ed6f7a793cd373f9f14f)
The last 3 patches address bug #8449 (simple use case results in "no talloc
stackframe around, leaking memory" error).
Andrew Bartlett [Tue, 1 Apr 2014 04:03:34 +0000 (17:03 +1300)]
libsmbclient: Wrap more function calls in talloc_stackframe() to protect against talloc_tos() calls
BUG: https://bugzilla.samba.org/show_bug.cgi?id=8449
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Apr 2 02:36:08 CEST 2014 on sn-devel-104
(cherry picked from commit
014342746f5af1aaaf1c2f8b44098c3a944e4f0a)
Andrew Bartlett [Tue, 1 Apr 2014 04:01:26 +0000 (17:01 +1300)]
pam_smbpass: Wrap calls in talloc_stackframe() to avoid warnings about leaking memory
Any code in source3 is permitted to use talloc_tos() at any point, so we must protect all the library interfaces
against memory leaks this way.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
8f3a516acb8c95cd6d88bf80abd495ac0cafaae3)
Volker Lendecke [Tue, 8 Jul 2014 12:30:54 +0000 (14:30 +0200)]
smbd: Avoid double-free in get_print_db_byname
Signed-off-by: Volker Lendecke <vl@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10699
Jeremy Allison [Tue, 1 Jul 2014 20:30:50 +0000 (13:30 -0700)]
s3: smbd: Locking, fix off-by one calculation in brl_pending_overlap().
Consider:
lock = start=110,size=10
pend_lock = 100, size=10
Should not overlap. However,
(lock->start <= pend_lock->start + pend_lock->size)
110 100 10
is true, so it returns true (overlap).
lock->start <= pend_lock->start + pend_lock->size
should be:
lock->start < pend_lock->start + pend_lock->size
https://bugzilla.samba.org/show_bug.cgi?id=10685
Signed-off-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sun, 29 Jun 2014 08:56:03 +0000 (08:56 +0000)]
smbstatus: Fix an uninitialized variable
We only print valid share mode entries, stale ones don't count. In
traverse, let the callback decide about staleness.
https://bugzilla.samba.org/show_bug.cgi?id=10680
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
9f2e90754bcb7bf5f7159d07f0bc5fe754e71bf5)
Abhidnya Joshi [Mon, 26 Aug 2013 07:01:49 +0000 (12:31 +0530)]
s3: fix missing braces in nfs4_acls.c
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Simo Sorce <idra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Aug 28 20:25:56 CEST 2013 on sn-devel-104
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10688
(missing braces in nfs4_acls.c)
Jeremy Allison [Wed, 2 Jul 2014 03:27:11 +0000 (20:27 -0700)]
s3:winbindd - fix bad bugfix for bug #10280 - winbind panic if AD server is down.
Previous bug fix reversed the sense of the test for out of memory.
https://bugzilla.samba.org/show_bug.cgi?id=10280
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Thu, 5 Jun 2014 19:32:30 +0000 (12:32 -0700)]
s3/s4: smbd, rpc, ldap, cldap, kdc services.
Allow us to start if we bind to *either* :: or 0.0.0.0.
Allows us to cope with systems configured as only IPv4
or only IPv6.
Bug #10653 - Samba won't start on a machine configured with only IPv4.
https://bugzilla.samba.org/show_bug.cgi?id=10653
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-By: Amitay Isaacs <amitay@gmail.com>
Reviewed-By: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Jun 7 01:01:44 CEST 2014 on sn-devel-104
(cherry picked from commit
463311422ca1caad2e228deb630e9d12e212fae1)
Björn Baumbach [Mon, 26 May 2014 14:17:50 +0000 (16:17 +0200)]
samba-tool: add --site parameter to provision command (bug #10674)
This new parameter offers the option to specify a default initial site name.
Otherwise it will be "Default-First-Site-Name".
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
(cherry picked from commit
4ca1d69d7daa8f4f92d44cd505aa0983f2ab56bf)
Björn Baumbach [Tue, 10 Jun 2014 13:35:47 +0000 (15:35 +0200)]
provision/sambadns: remove redundant site parameter
The sitename is already included in "names" parameter.
Part of fix for bug #10674
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
(cherry picked from commit
4ebd7250ef18811e58d812670e96e61836e4770b)
Conflicts:
python/samba/provision/__init__.py
python/samba/provision/sambadns.py
Volker Lendecke [Tue, 10 Jun 2014 14:21:07 +0000 (14:21 +0000)]
msg_channel: Fix a 100% CPU loop
In a ctdb setup, msg_read_got_ctdb did not set channel->pending_req to
NULL. In smbXsrv_session_close_loop in any error condition this leads to
a 100% loop. smbXsrv_session_close_loop continously retries, but because
close_channel->pending_req is != NULL, msg_read_send will always return
EBUSY, making smbXsrv_session_close_loop retry infinitely.
This patch makes sure that msg_read_got_ctdb correctly NULLs out pending_req.
msg_channel.c does not exist in master anymore, so this patch is 4.1 only.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10663
100% smbd cpu loop in ctdb setups
Volker Lendecke [Fri, 20 Jun 2014 13:39:36 +0000 (13:39 +0000)]
smbd: Fix bug 10593
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10593
PANIC: assert failed at ../source3/smbd/open.c(1582): ret
Karolin Seeger [Mon, 23 Jun 2014 09:23:22 +0000 (11:23 +0200)]
VERSION: Bump version up to 4.1.10.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Mon, 23 Jun 2014 09:22:47 +0000 (11:22 +0200)]
Merge tag 'samba-4.1.9' into v4-1-test
samba: tag release samba-4.1.9
Karolin Seeger [Sun, 22 Jun 2014 14:42:41 +0000 (16:42 +0200)]
VERSION: Disable git snapshot for the 4.1.8 release.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10633
CVE-2014-0244: nmbd denial of service
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10654
CVE-2014-3493: Segmentation fault in smbd_marshall_dir_entry()'s
SMB_FIND_FILE_UNIX handler because push_ascii() has returned(uint32_t)-1
via srvstr_push(), incrementing p by 4GB
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Sun, 22 Jun 2014 14:39:29 +0000 (16:39 +0200)]
WHATSNEW: Add release notes for Samba 4.1.9.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10633
CVE-2014-0244: nmbd denial of service
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10654
CVE-2014-3493: Segmentation fault in smbd_marshall_dir_entry()'s
SMB_FIND_FILE_UNIX handler because push_ascii() has returned(uint32_t)-1
via srvstr_push(), incrementing p by 4GB
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Jeremy Allison [Sun, 8 Jun 2014 04:51:44 +0000 (21:51 -0700)]
s3: smbd - fix processing of packets with invalid DOS charset conversions.
Bug 10654 - Segmentation fault in smbd_marshall_dir_entry()'s SMB_FIND_FILE_UNIX handler
https://bugzilla.samba.org/show_bug.cgi?id=10654
Signed-off-by: Jeremy Allison <jra@samba.org>
CVE-2014-3493
Jeremy Allison [Wed, 28 May 2014 17:40:27 +0000 (10:40 -0700)]
s3: nmbd: Fix bug 10633 - nmbd denial of service
The Linux kernel has a bug in that it can give spurious
wakeups on a non-blocking UDP socket for a non-deliverable packet.
When nmbd was changed to use non-blocking sockets it
became vulnerable to a spurious wakeup from poll/epoll.
Fix sys_recvfile() to return on EWOULDBLOCK/EAGAIN.
CVE-2014-0244
Signed-off-by: Jeremy Allison <jra@samba.org>
Karolin Seeger [Sun, 22 Jun 2014 14:25:26 +0000 (16:25 +0200)]
VERSION: Bump version number up to 4.1.9...
and re-enable git snapshots.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Andrew Bartlett [Fri, 28 Mar 2014 03:30:28 +0000 (16:30 +1300)]
winbindd: Ensure we do not look at rid_array before checking if it was returned
We no longer return early if there are no members, we just return an empty array.
Fixes bug #10627 - rid_array used before status checked - segmentation fault due to null pointer dereference
https://bugzilla.samba.org/show_bug.cgi?id=10627
Change-Id: I7b0949e0c0b9277426a8007514a8658615f6c709
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Tue Jun 10 13:08:54 CEST 2014 on sn-devel-104
Jeremy Allison [Fri, 9 May 2014 04:31:49 +0000 (21:31 -0700)]
s3: libsmbclient: Work around bugs in SLES cifsd and Apple smbx SMB1 servers.
SLES's cifsd and Apple's smbx do not correctly handle FILE_NON_DIRECTORY_FILE
which prevents recursive copies in gvfs from working correctly [1] since GVFS
tries to open the directory, expecting ENOTDIR, but it suceeds and appears as a
zero byte file.
This fix adds code to the cli_open() open code that checks if
CreateOptions was requested with FILE_NON_DIRECTORY_FILE set,
and if the attributes returned include FILE_ATTRIBUTE_DIRECTORY
we synchronously close the file handle just opened, and return
NT_STATUS_FILE_IS_A_DIRECTORY to the caller.
Depends on the previous API update to cli_ntcreate()
to add returned attributes.
Fixes bug #10587 - Opening directories on SLES's cifsd and Apple's smbx succeeds.
https://bugzilla.samba.org/show_bug.cgi?id=10587
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
b2ce2441a35ed68c39791168217d159352b5143c)
Jeremy Allison [Fri, 9 May 2014 04:23:22 +0000 (21:23 -0700)]
s3: client : correctly fill in the struct smb_create_returns from cli_ntcreate(), cli_ntcreate_recv(), cli_nttrans_create() and cli_nttrans_create_recv().
This completes the update of the create API to return
all the data returned by the server on open.
We can now use this data to detect buggy servers
without an extra round trip.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
3d8ba9b34e34c1f3e0c1c231d6b772994b45eeaf)
Jeremy Allison [Fri, 9 May 2014 03:55:57 +0000 (20:55 -0700)]
s3: client : Add extra return parameter to all client open calls.
Add a return parameter of struct smb_create_returns *cr to
cli_ntcreate()
cli_ntcreate_recv()
cli_nttrans_create()
cli_nttrans_create_recv()
Always pass in NULL for now. This fixes the create
API to always fully return the data the server has
given back to us on the open file to the caller.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
69e24b4e8bc607806453ab137efda6d6bf74fb12)
Jeremy Allison [Fri, 9 May 2014 03:08:41 +0000 (20:08 -0700)]
s3: client - rename 'struct smb2_create_returns' to 'struct smb_create_returns' so we can use this in SMB1 create returns as well.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
2900dfa5b928ef237e72ac4e15481e083d61750a)
Karolin Seeger [Tue, 3 Jun 2014 08:01:10 +0000 (10:01 +0200)]
VERSION: Bump version number up to 4.1.9...
and re-enable git snapshots.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Tue, 3 Jun 2014 07:59:43 +0000 (09:59 +0200)]
VERSION: Disable git snapshots for the 4.1.8 release.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10549
CVE-2014-0178: Malformed FSCTL_SRV_ENUMERATE_SNAPSHOTS response
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10609
CVE-2014-0239: DOS in DNS server packet handling
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Tue, 3 Jun 2014 07:57:53 +0000 (09:57 +0200)]
WHATSNEW: Add release notes for Samba 4.1.8.
CVE-2014-0239 Don't reply to replies
CVE-2014-0178: Malformed FSCTL_SRV_ENUMERATE_SNAPSHOTS response
Signed-off-by: Karolin Seeger <kseeger@samba.org>
David Disseldorp [Wed, 21 May 2014 19:55:58 +0000 (21:55 +0200)]
printing: fix purge of all print jobs
The incorrect (system) jobid is currently passed to the job deletion
function.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10612
Reported-by: Franz Pförtsch <franz.pfoertsch@brose.com>
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
efb4684a3fc0b32a71eab013000f730e6b144a67)
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Mon Jun 2 19:06:43 CEST 2014 on sn-devel-104
Jeremy Allison [Wed, 21 May 2014 18:57:16 +0000 (11:57 -0700)]
s3: smb2: Move from using SBVAL to put NTTIMEs on the wire to put_long_date_timespec.
put_long_date_timespec() correctly calls round_timespec()
on the time parameters, and is the correct function to
use when writing *any* file-based NTTIME on the wire.
Move from using NTTIME variables internally
in the server to struct timespec variables, which is
what all the other server code uses. Only map to
NTTIME as the last step of marshalling the output
data.
The previous SMB2 create code missed the round_timespec()
call before marshalling.
Bug 3124 - xcopy /d with samba shares works not as aspected
https://bugzilla.samba.org/show_bug.cgi?id=3124
which is a regression from a long-ago bug with
SMB1.
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Wed, 21 May 2014 18:31:44 +0000 (11:31 -0700)]
s3: smb2: Move from using SBVAL to put NTTIMEs on the wire to put_long_date_timespec.
put_long_date_timespec() correctly calls round_timespec()
on the time parameters, and is the correct function to
use when writing *any* file-based NTTIME on the wire.
The smb2_close() code being modified already did this by
hand, and so this doesn't change any of the functionality, only
makes the SMB2 code match all of the other server
code in Samba. Move from using NTTIME variables internally
in the server to struct timespec variables, which is
what all the other server code uses. Only map to
NTTIME as the last step of marshalling the output
data.
Not following the put_long_date_timespec()
convention in the SMB2 create code caused the
round_timespec() step to have been missed in
that code - thus bug:
Bug 3124 - xcopy /d with samba shares works not as aspected
https://bugzilla.samba.org/show_bug.cgi?id=3124
which is a regression from a long-ago bug with
SMB1.
Signed-off-by: Jeremy Allison <jra@samba.org>
Kai Blin [Tue, 13 May 2014 06:13:29 +0000 (08:13 +0200)]
bug #10609: CVE-2014-0239 Don't reply to replies
Due to insufficient input checking, the DNS server will reply to a packet that
has the "reply" bit set. Over UDP, this allows to send a packet with a spoofed
sender address and have two servers DOS each other with circular replies.
This patch fixes bug #10609 and adds a test to make sure we don't regress.
CVE-2014-2039 has been assigned to this issue.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10609
Signed-off-by: Kai Blin <kai@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Kai Blin <kai@samba.org>
Autobuild-Date(master): Tue May 20 04:15:44 CEST 2014 on sn-devel-104
(cherry picked from commit
392ec4d241eb19c812cd49ff73bd32b2b09d8533)
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Tue May 20 13:54:40 CEST 2014 on sn-devel-104
Björn Baumbach [Mon, 14 Apr 2014 12:37:29 +0000 (14:37 +0200)]
lib-util: rename memdup to smb_memdup and fix all callers (bug #10556)
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
fae7e5d771d1c69bded1189b23335647023fa0f7)
Conflicts:
ctdb/lib/util/util.h
Also renamed memdup() in source3/locking/brlock.c
Alexander Bokovoy [Wed, 26 Mar 2014 10:30:30 +0000 (12:30 +0200)]
ad-dc: use exit_daemon() to communicate status of startup to systemd
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10517
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
a343303cbcd5af303455843ebf202e2f30daf3a6)
Alexander Bokovoy [Wed, 26 Mar 2014 09:45:21 +0000 (11:45 +0200)]
winbindd: use exit_daemon() to pass startup status to systemd
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10517
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
91013315c9fa946bf85c85df0ccd40a803f3dc6f)
Alexander Bokovoy [Wed, 26 Mar 2014 09:34:56 +0000 (11:34 +0200)]
nmbd: use exit_daemon() to report status to systemd
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10517
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
a54e94559b5ebabbb8c5c938fdf159efceff39e6)
Alexander Bokovoy [Wed, 26 Mar 2014 08:56:12 +0000 (10:56 +0200)]
smbd: use exit_daemon() to support reporting to systemd from smbd
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10517
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Alexander Bokovoy [Tue, 25 Mar 2014 10:53:04 +0000 (12:53 +0200)]
add systemd integration
Add --with-systemd / --without-systemd options to check whether
libsystemd-daemon library is available and use it to report service
startup status to systemd for smbd/winbindd/nmbd and AD DC.
The problem it solves is correct reporting of the Samba services
at the point when they are ready to serve clients, important for
high availability software integration.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10517
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
54b5d9a7384ae27b2a26586ff909128427c05abe)
Stefan Metzmacher [Fri, 9 May 2014 09:49:10 +0000 (11:49 +0200)]
pidl/lib/wscript_build: make use of PERL_LIB_INSTALL_DIR
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10472
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Sat May 10 01:37:33 CEST 2014 on sn-devel-104
(cherry picked from commit
cf75ef9f73f2cdbf2a039bbc9468f5da6a14834e)
Stefan Metzmacher [Fri, 9 May 2014 09:48:26 +0000 (11:48 +0200)]
script/autobuild: make use of --with-perl-{arch,lib}-install-dir
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10472
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
d18ee9e4b6f4c9a24b555c111e08396012c1755a)
Stefan Metzmacher [Fri, 9 May 2014 07:42:23 +0000 (09:42 +0200)]
wafsamba: Fail with error message if perl doesn't provide valid dirs.
We try harder to get valid directories, we now fallback like this:
vendorarch => sitearch => archlib
and
vendorlib => sitelib => privlib
The new options are --with-perl-arch-install-dir and
--with-perl-lib-install-dir.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10472
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
2637890ef42a238093f0f3cbdda0d621d5f9b2e2)
Andreas Schneider [Tue, 15 Apr 2014 08:24:24 +0000 (10:24 +0200)]
wafsamba: If perl can't provide defaults, define them.
This should fix the installation on FreeBSD.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10472
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu May 8 13:55:50 CEST 2014 on sn-devel-104
(cherry picked from commit
0ba276ebad57d75a769e22414f94acbe8c177d97)
Christof Schmitt [Mon, 5 Aug 2013 18:21:59 +0000 (11:21 -0700)]
FSCTL_GET_SHADOW_COPY_DATA: Don't return 4 extra bytes at end
labels_data_count already accounts for the unicode null character at the
end of the array. There is no need in adding space for it again.
Signed-off-by: Christof Schmitt <christof.schmitt@us.ibm.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Simo Sorce <idra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Aug 6 04:03:17 CEST 2013 on sn-devel-104
(cherry picked from commit
eb50fb8f3bf670bd7d1cf8fd4368ef4a73083696)
The last 2 patches address bug #10549 - CVE-2014-0178: Malformed
FSCTL_SRV_ENUMERATE_SNAPSHOTS response.
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Mon May 19 14:52:47 CEST 2014 on sn-devel-104
Christof Schmitt [Mon, 5 Aug 2013 18:16:22 +0000 (11:16 -0700)]
FSCTL_GET_SHADOW_COPY_DATA: Initialize output array to zero
Otherwise num_volumes and the end marker can return uninitialized data
to the client.
Signed-off-by: Christof Schmitt <christof.schmitt@us.ibm.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Simo Sorce <idra@samba.org>
(cherry picked from commit
30e724cbff1ecd90e5a676831902d1e41ec1b347)
Jeremy Allison [Tue, 29 Apr 2014 23:59:55 +0000 (16:59 -0700)]
s3: smbd : Fix wildcard unlink to fail if we get an error rather than trying to continue.
This can break smbd if we end up leaving a SHARING_VIOLATION
retry record on the queue.
Signed-off-by: Jeremy Allison <jra@samba.org>
Fix bug #10577 - SMB1 wildcard unlink fail can leave a retry record on the open
retry queue.
Jeremy Allison [Thu, 1 May 2014 18:11:20 +0000 (11:11 -0700)]
s3: smbd: Remove open_file_fchmod().
No longer used (hurrah!).
Bug 10564 - Lock order violation and file lost
https://bugzilla.samba.org/show_bug.cgi?id=10564
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri May 2 23:47:38 CEST 2014 on sn-devel-104
Jeremy Allison [Thu, 1 May 2014 18:07:44 +0000 (11:07 -0700)]
s3: smbd: change file_set_dosmode() to use get_file_handle_for_metadata() instead of open_file_fchmod().
get_file_handle_for_metadata() is a new function that
finds an existing open handle (fsp->fh->fd != -1) for
a given dev/ino if there is one available, and uses
INTERNAL_OPEN_ONLY with WRITE_DATA access if not.
Allows open_file_fchmod() to be removed next.
Bug 10564 - Lock order violation and file lost
https://bugzilla.samba.org/show_bug.cgi?id=10564
Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
Jeremy Allison [Thu, 1 May 2014 18:01:03 +0000 (11:01 -0700)]
s3: smbd : Ensure file_new doesn't call into smbXsrv_open_create() for INTERNAL_OPEN_ONLY.
This causes deadlocks which cause smbd to crash if the locking
database has already been locked for a compound operation we
need to be atomic (as in the file rename case).
Ensure INTERNAL_OPEN_ONLY opens are synonymous with req==NULL.
INTERNAL_OPEN_ONLY opens leave a NO_OPLOCK record in
the share mode database, so they can be detected by other
processes for share mode violation purposes (because
they're doing an operation on the file that may include
reads or writes they need to have real state inside the
locking database) but have an fnum of FNUM_FIELD_INVALID
and a local share_file_id of zero, as they will never be
seen on the wire.
Ensure validate_my_share_entries() ignores
INTERNAL_OPEN_ONLY records (share_file_id == 0).
Bug 10564 - Lock order violation and file lost
https://bugzilla.samba.org/show_bug.cgi?id=10564
Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
Jeremy Allison [Thu, 1 May 2014 17:58:51 +0000 (10:58 -0700)]
s3 : smbd : Protect all possible code paths from fsp->op == NULL.
In changes to come this will be possible for an INTERNAL_OPEN_ONLY.
The protection was already in place for some code paths, this
makes the coverage compete.
Bug 10564 - Lock order violation and file lost
https://bugzilla.samba.org/show_bug.cgi?id=10564
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
David Disseldorp [Mon, 5 May 2014 11:42:36 +0000 (13:42 +0200)]
byteorder: do not assume PowerPC is big-endian
byteorder.h currently uses reverse-indexing ASM instructions for little
endian multi-byte storage/retrieval on PowerPC. With Power8 this is an
incorrect assumption, as it can be big or little endian.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10590
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
(cherry picked from commit
5bf6ed5ebd0dc5ecdc5bcfb1d4720e9251849adc)
Jose A. Rivera [Mon, 5 May 2014 11:46:58 +0000 (06:46 -0500)]
Fix an empty if statement.
Primarily following the precedent set by other uses of composite_is_ok(), but
also making sure nothing tries to use c after this point if it is in fact not
ok.
Signed-off-by: Jose A. Rivera <jarrpa@redhat.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Fix bug #10348 - Empty body in if-statement in continue_domain_open_lookup.
Jose A. Rivera [Mon, 5 May 2014 12:29:57 +0000 (07:29 -0500)]
Minor typo fix in source3/wscript.
Signed-off-by: Jose A. Rivera <jarrpa@redhat.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon May 5 22:41:19 CEST 2014 on sn-devel-104
Fix bug #10151 - Extra ':' in msg for Waf Cross Compile Build System with
Cross-answers command.
Noel Power [Thu, 27 Feb 2014 20:07:11 +0000 (12:07 -0800)]
s3: smbd - smb1 - fix read of deleted memory in reply_writeclose().
While running smbtorture test raw.write under valgrind an "Invalid read"
was reported in methid reply_writeclose, it seems after closing a file
sometime later we try to access it again.
Signed-off-by: Noel Power <noel.power@suse.com>
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Mar 3 20:42:40 CET 2014 on sn-devel-104
(cherry picked from commit
04e434661fa6b5f13776f925b0a7cbadb6b6d006)
Fix bug #10554 - request backport for 'smb1 - fix read of deleted memory in
reply_writeclose()'.
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Tue May 6 13:28:35 CEST 2014 on sn-devel-104
Abhidnya Joshi [Fri, 25 Oct 2013 05:06:01 +0000 (07:06 +0200)]
idmap_autorid: fix failure in reverse lookup if ID is from domain range index #0
Domain range index #0 is not included in the database record.
So in this special case we only have the SID, not SID#IDX...
Signed-off-by: Abhidnya Joshi <achirmul@in.ibm.com>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
ebc9ff616fefbf10b31e4e097f28fa17a1abc2f8)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10547
Andrew Bartlett [Mon, 24 Mar 2014 04:15:19 +0000 (17:15 +1300)]
dsdb: Do checks for invalid renames in samldb, before repl_meta_data
This ensures that conflict objects can be created in CN=System, and
that we do not stop replication just because some other DC allowed a
rename we do not like.
This is achived by doing the work in the samldb module, which is above
repl_meta_data in the stack.
Andrew Bartlett
Change-Id: I8c1a7d3e0fbd5a470cf1326cc055044ca885f7d9
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Guenter Kukkukk <kukks@samba.org>
Tested-by: Guenter Kukkukk <kukks@samba.org>
(cherry picked from commit
d3cd9f1575af18a6765a6b6a31811c9976f9c11e)
Fix bug #10569 - Rename checks prevent conflict resolution and create DRS
lockups.
Michael Adam [Wed, 16 Oct 2013 13:17:18 +0000 (15:17 +0200)]
build: fix ordering problems with lib-provided and internal RPATHs
When a library or system (like cups) provides an RPATH,
e.g. with -Wl,-R or -Wl,-rpath, this was added by waf
to the LINKFLAGS, wich was later prepended to our RPATH.
But if the path by chance contains an older version of
one of our internal libraries like talloc, this would lead
to linking the too old talloc into our binaries.
This has been observed on, e.g., FreeBSD, but it is a general
problem.
This patch fixes the problem by specially parsing the RPATH
linker options from the pkg-config(, cups-config, ....) output
and putting the paths into the RPATH_<lib> container, which
is then later correctly appended to our internal RPATH.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
64f5e24100a764ec198cab9a8d2c43fa86e7027c)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10548
Benjamin Franzke [Thu, 31 Oct 2013 20:23:57 +0000 (21:23 +0100)]
s4:torture/netlogon: Test netlogon with additional attrs
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
se enter the commit message for your changes. Lines starting
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Nov 12 00:57:19 CET 2013 on sn-devel-104
(cherry picked from commit
0dd512eead6dc999511e9e21f5304a224653db85)
The last 10 patches address bug #10524 - samba returns 0 results to the LDAP
query with filter
(&(&(DnsDomain=NETAPP.TEST)(Host=STORE-SIM))(NtVer=0x00000006)).
Benjamin Franzke [Mon, 28 Oct 2013 13:21:20 +0000 (14:21 +0100)]
s4:torture/ldap: Add test for netlogon over tcp
This patch moves the udp netlogon tests from cldap.c
to netlogon.c and passes a generic netlogon-send
function as parameter.
Therefore a tcp replacement for cldap_netlogon is also added.
The two variants tcp and udp are added as 2 new torture tests:
ldap.netlogon-udp & ldap.netlogon-tcp
Both tests succeed.
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
(cherry picked from commit
767bd6a4d49efce1c554bb0bc8130d74331b0bd8)
Benjamin Franzke [Mon, 28 Oct 2013 13:19:57 +0000 (14:19 +0100)]
libcli/cldap: Add utility to create netlogon filter
This utility is splitted of from cldap_netlogon_send.
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
(cherry picked from commit
e306250a250d20a43cbe4c72ece34ebd475fa39c)
Benjamin Franzke [Tue, 5 Nov 2013 19:39:56 +0000 (20:39 +0100)]
s4:dsdb: Move cldap netlogon functions into samdb/ldb_modules
As netlogon is handled by the samdb now,
the corresponding functions should live there as well.
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
(cherry picked from commit
68ebb09193e73cff4389ccb9e3b190b12ee0a84a)
Benjamin Franzke [Fri, 1 Nov 2013 09:52:02 +0000 (10:52 +0100)]
s4:cldap_server: Do not handle netlogon ourself anymore
Netlogon is now handled by the ldb rootdse module.
The netlogon files will be moved to dsdb in the next commit.
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
(cherry picked from commit
7106dcf2b8525ec653f24e417d846f9d00172b6d)
Benjamin Franzke [Sun, 27 Oct 2013 05:55:48 +0000 (06:55 +0100)]
s4:dsdb/rootdse: Support netlogon request
This patch adds support for a netlogon ldap style request
over the tcp socket. This is available since win2k3+ [1].
The automatic client join & configuration daemon "realmd" makes
use of this ability.
Realmd can now be used to join a computer to a samba 4 domain.
(See also:
https://lists.samba.org/archive/samba-technical/2013-October/095606.html)
Tested with:
ldapsearch -h samba-srv -x -b '' -s base "(&(NtVer=\06\00\00\00)(AAC=\00\00\00\00))" NetLogon
And compared the result in wireshark with cldap request issued by
examples/misc/cldap.pl.
[1]: http://wiki.wireshark.org/MS-CLDAP?action=recall&rev=8
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
(cherry picked from commit
0620c79d76b69811fd6c00d912db05477d894724)
Benjamin Franzke [Fri, 1 Nov 2013 05:55:41 +0000 (06:55 +0100)]
s4:dsdb/rootdse: Pass rootdse context to rootdse_add_dynamic
This replaced the *module parameter, and uses ac->module in the function
instead, same for *req and *attrs.
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
(cherry picked from commit
7a5a62547bc10053fb1e4850e0acacb6a837f36f)
Benjamin Franzke [Fri, 6 Sep 2013 14:20:43 +0000 (16:20 +0200)]
provision: Fix string replacement ordering
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
(cherry picked from commit
ca8acb681a1ccaddf85376ff30c9b13b1a4c943d)