Karolin Seeger [Tue, 3 Dec 2013 11:19:11 +0000 (12:19 +0100)]
VERSION: Disable git snapshots for the 4.1.3 release.
Bug 10185 - CVE-2013-4408: DCERPC frag_len not checked
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10185
Bug 10306 - CVE-2012-6150: Fail authentication if user isn't member of *any*
require_membership_of specified groups
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10306
(BUG: https://bugzilla.samba.org/show_bug.cgi?id=10300)
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Fri, 6 Dec 2013 18:45:57 +0000 (19:45 +0100)]
WHATSNEW: Add release notes for Samba 4.1.3.
Bug 10185 - CVE-2013-4408: DCERPC frag_len not checked
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10185
Bug 10306 - CVE-2012-6150: Fail authentication if user isn't member of *any*
require_membership_of specified groups
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10306
(BUG: https://bugzilla.samba.org/show_bug.cgi?id=10300)
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Noel Power [Wed, 16 Oct 2013 15:30:55 +0000 (16:30 +0100)]
CVE-2012-6150: Fail authentication for single group name which cannot be converted to sid
furthermore if more than one name is supplied and no sid is converted
then also fail.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10300
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10306
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
[ddiss@samba.org: fixed incorrect bugzilla tag I added to master commit]
Jeremy Allison [Fri, 8 Nov 2013 06:41:22 +0000 (22:41 -0800)]
CVE-2013-4408:s3:Ensure LookupRids() replies arrays are range checked.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10185
Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Jeremy Allison [Fri, 8 Nov 2013 05:40:55 +0000 (21:40 -0800)]
CVE-2013-4408:s3:Ensure LookupNames replies arrays are range checked.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10185
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Fri, 8 Nov 2013 04:38:01 +0000 (20:38 -0800)]
CVE-2013-4408:s3:Ensure LookupSids replies arrays are range checked.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10185
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Thu, 17 Oct 2013 21:44:35 +0000 (14:44 -0700)]
CVE-2013-4408:s3:Ensure we always check call_id when validating an RPC reply.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10185
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Wed, 16 Oct 2013 14:26:58 +0000 (16:26 +0200)]
CVE-2013-4408:s3:ctdb_conn: add some length verification to ctdb_packet_more()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10185
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Wed, 16 Oct 2013 12:17:49 +0000 (14:17 +0200)]
CVE-2013-4408:libcli/util: add some size verification to tstream_read_pdu_blob_done()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10185
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Wed, 16 Oct 2013 12:17:49 +0000 (14:17 +0200)]
CVE-2013-4408:s3:util_tsock: add some overflow detection to tstream_read_packet_done()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10185
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Wed, 16 Oct 2013 12:17:49 +0000 (14:17 +0200)]
CVE-2013-4408:async_sock: add some overflow detection to read_packet_handler()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10185
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Tue, 24 Sep 2013 03:03:40 +0000 (05:03 +0200)]
CVE-2013-4408:s4:dcerpc_sock: check for invalid frag_len within sock_complete_packet()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10185
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Wed, 25 Sep 2013 21:25:12 +0000 (23:25 +0200)]
CVE-2013-4408:s4:dcerpc_smb2: check for invalid frag_len in send_read_request_continue()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10185
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Wed, 25 Sep 2013 21:25:12 +0000 (23:25 +0200)]
CVE-2013-4408:s4:dcerpc_smb: check for invalid frag_len in send_read_request_continue()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10185
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Wed, 25 Sep 2013 21:25:12 +0000 (23:25 +0200)]
CVE-2013-4408:s4:dcerpc: check for invalid frag_len in ncacn_pull()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10185
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Wed, 25 Sep 2013 21:25:12 +0000 (23:25 +0200)]
CVE-2013-4408:s3:rpc_client: verify frag_len at least contains the header size
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10185
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Wed, 25 Sep 2013 21:25:12 +0000 (23:25 +0200)]
CVE-2013-4408:s3:rpc_client: check for invalid frag_len in dcerpc_pull_ncacn_packet()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10185
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Tue, 24 Sep 2013 03:03:40 +0000 (05:03 +0200)]
CVE-2013-4408:librpc: check for invalid frag_len within dcerpc_read_ncacn_packet_next_vector()
We should do this explicit instead of relying on
tstream_readv_pdu_ask_for_next_vector() to catch the overflow.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10185
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Tue, 24 Sep 2013 03:03:40 +0000 (05:03 +0200)]
CVE-2013-4408:librpc: check for invalid frag_len within dcerpc_read_ncacn_packet_done()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10185
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Karolin Seeger [Thu, 21 Nov 2013 10:21:47 +0000 (11:21 +0100)]
VERSION: Bump version number up to 4.1.3...
and re-enable git snapshots.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
(cherry picked from commit
c61910b51c4ee0107b0da0b41f162851e9f5638a)
Karolin Seeger [Thu, 21 Nov 2013 10:20:39 +0000 (11:20 +0100)]
VERSION: Disable git snapshots for the 4.1.2 release.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Thu, 21 Nov 2013 10:18:44 +0000 (11:18 +0100)]
WHATSNEW: Add release notes for Samba 4.1.2.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Andreas Schneider [Thu, 14 Nov 2013 17:36:41 +0000 (18:36 +0100)]
util: Remove 32bit macros breaking strict aliasing.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10269
These macros might have worked but they break strict aliasing in the
meantime and so the compiler is not able to optimize the relevant code.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Nov 14 23:16:45 CET 2013 on sn-devel-104
(cherry picked from commit
af69cb2a78810e608ccff115b433801a58a749e4)
Signed-off-by: Andreas Schneider <asn@samba.org>
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Fri Nov 15 13:34:28 CET 2013 on sn-devel-104
Günther Deschner [Wed, 13 Nov 2013 14:10:33 +0000 (15:10 +0100)]
s3-winbindd: Fix #10264, cache_traverse_validate_fn failure for NDR cache entries.
We need to increase the keysize limit for NDR queries. A wbint_LookupSids query
for just 20 sids already hits the older limit.
Guenther
https://bugzilla.samba.org/show_bug.cgi?id=10264
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Wed Nov 13 19:33:46 CET 2013 on sn-devel-104
(cherry picked from commit
944e9fbc20f125b52e047484dca1792d75561ed9)
Jeremy Allison [Wed, 23 Oct 2013 22:06:40 +0000 (15:06 -0700)]
Fix bug 10196 - RW Deny for a specific user is not overriding RW Allow for a group.
Fix posix_acl tests to match the change in writing ACLs
with ID_TYPE_BOTH.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
(cherry picked from commit
a1bc1c32e33508c45e614646d69a5f5d67ba22be)
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Thu Nov 14 11:36:24 CET 2013 on sn-devel-104
Jeremy Allison [Mon, 21 Oct 2013 23:59:11 +0000 (16:59 -0700)]
Fix bug 10196 - RW Deny for a specific user is not overriding RW Allow for a group.
When the ID returned is ID_TYPE_BOTH we must *always* add it as both
a user and a group, not just in the owning case. Otherwise DENY
entries are not correctly processed.
Confirmed by the reporter as fixing the problem.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10196
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
(cherry picked from commit
14813e74431816cd894fb242ff5633c2cd14ddca)
Björn Jacke [Wed, 6 Nov 2013 11:37:07 +0000 (12:37 +0100)]
xattr: fix listing EAs on *BSD for non-root users
Thanks to Stefan Rompf for reporting.
This fixes bug #10247
Signed-off-by: Bjoern Jacke <bj@sernet.de>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Nov 8 20:43:30 CET 2013 on sn-devel-104
(cherry picked from commit
374b2cfde74e0c61f4b2da724b30d0e430596092)
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Tue Nov 12 13:28:26 CET 2013 on sn-devel-104
Karolin Seeger [Mon, 11 Nov 2013 10:40:49 +0000 (11:40 +0100)]
VERSION: Bump version number up to 4.1.2...
and re-enable git snapshots.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Mon, 11 Nov 2013 10:39:35 +0000 (11:39 +0100)]
Merge tag 'samba-4.1.1' into v4-1-test
samba: tag release samba-4.1.1
Karolin Seeger [Fri, 8 Nov 2013 10:04:28 +0000 (11:04 +0100)]
VERSION: Disable git snapshots for the 4.1.1 release.
Bug 10234 - CVE-2013-4476: key.pem world readable
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10234
Bug 10235 - CVE-2013-4475: No access check verification on stream files
(BUG: https://bugzilla.samba.org/show_bug.cgi?id=10229).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10235
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Fri, 8 Nov 2013 10:00:06 +0000 (11:00 +0100)]
WHATSNEW: Add release notes for Samba 4.1.1.
Bug 10234 - CVE-2013-4476: key.pem world readable
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10234
Bug 10235 - CVE-2013-4475: No access check verification on stream files
(bug #10229: https://bugzilla.samba.org/show_bug.cgi?id=10229).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10235
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Björn Baumbach [Tue, 29 Oct 2013 16:53:59 +0000 (17:53 +0100)]
CVE-2013-4476: s4:libtls: check for safe permissions of tls private key file (key.pem)
If the tls key is not owned by root or has not mode 0600 samba will not
start up.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10234
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Björn Baumbach <bb@sernet.de>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Björn Baumbach [Tue, 29 Oct 2013 16:52:39 +0000 (17:52 +0100)]
CVE-2013-4476: s4:libtls: Create tls private key file (key.pem) with mode 0600
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10234
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Wed, 30 Oct 2013 13:48:36 +0000 (14:48 +0100)]
CVE-2013-4476: selftest/Samba4: use umask 0077 within mk_keyblobs()
We should generate private keys with 0600.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10234
Pair-Programmed-With: Björn Baumbach <bb@sernet.de>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Björn Baumbach [Tue, 29 Oct 2013 16:49:55 +0000 (17:49 +0100)]
CVE-2013-4476: samba-tool provision: create ${private_dir}/tls with mode 0700
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10234
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Björn Baumbach [Tue, 29 Oct 2013 16:48:11 +0000 (17:48 +0100)]
CVE-2013-4476: lib-util: split out file_save_mode() from file_save()
file_save_mode() writes files with specified mode.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10234
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Björn Baumbach [Tue, 29 Oct 2013 16:43:17 +0000 (17:43 +0100)]
CVE-2013-4476: lib-util: add file_check_permissions()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10234
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Jeremy Allison [Tue, 29 Oct 2013 22:57:01 +0000 (15:57 -0700)]
Add regression test for bug #10229 - No access check verification on stream files.
Checks against a file with attribute READONLY, and
a security descriptor denying WRITE_DATA access.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: David Disseldorp <ddiss@suse.de>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Nov 4 23:10:10 CET 2013 on sn-devel-104
(cherry picked from commit
65882152cc7ccaba0e7903862b99ca93594ed080)
The last two patches address bug #10235 - CVE-2013-4475: No access
check verification on stream files.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10235
Jeremy Allison [Mon, 28 Oct 2013 23:59:20 +0000 (16:59 -0700)]
Fix bug #10229 - No access check verification on stream files.
https://bugzilla.samba.org/show_bug.cgi?id=10229
We need to check if the requested access mask
could be used to open the underlying file (if
it existed), as we're passing in zero for the
access mask to the base filename.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: David Disseldorp <ddiss@suse.de>
(cherry picked from commit
60f922bf1bd8816eacbb32c24793ad1f97a1d9f2)
Samuel Cabrero [Thu, 24 Oct 2013 15:37:06 +0000 (17:37 +0200)]
s4-dns: dlz_bind9: Create dns-HOSTNAME account disabled
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Oct 25 00:39:21 CEST 2013 on sn-devel-104
(cherry picked from commit
d3aee80928dc7ccde9441309bf946c2503f7714a)
Part of a fix for bug # 9091 - When replicating DNS for bind9_dlz we need to
create the server-DNS account remotely.
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Wed Nov 6 14:28:14 CET 2013 on sn-devel-104
Andreas Schneider [Mon, 4 Nov 2013 11:32:05 +0000 (12:32 +0100)]
vfs: Fix some build warnings in glusterfs.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
(cherry picked from commit
d35d6a2dfa92512049e762d7abc319c67118e705)
The last 2 patches address bug #10253 - Include vfs_glusterfs build fix patches
in Samba 4.1.
Andreas Schneider [Mon, 4 Nov 2013 11:32:04 +0000 (12:32 +0100)]
vfs: Fix building the glusterfs module.
Using calloc directly throws an error. This fixes building the glusterfs
module.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
(cherry picked from commit
25d62dda5c64aefeab0059d9437756f8aaec5397)
Stefan Metzmacher [Mon, 28 Oct 2013 14:43:03 +0000 (15:43 +0100)]
libcli/smb: fix smb2cli_ioctl*() against Windows 2008.
The subsections of [MS-SMB2] "3.2.5.14 Receiving an SMB2 IOCTL Response"
say the client should ignore the InputOffset/InputCount.
We do that only if we ask for max_input_length = 0.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10232
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Oct 31 01:16:10 CET 2013 on sn-devel-104
(cherry picked from commit
127fc670a39d15eaa3869045fca0287ba7df9efa)
Volker Lendecke [Tue, 15 Oct 2013 08:23:10 +0000 (08:23 +0000)]
nsswitch: Fix short writes in winbind_write_sock
We set the socket to nonblocking and don't handle EAGAIN right. We do
a poll anyway, so wait for writability, which should fix this.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10195
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
c6909887c26d4e827633acd50b11cf08c6aee0f7)
Signed-off-by: Andreas Schneider <asn@samba.org>
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Mon Oct 28 12:50:37 CET 2013 on sn-devel-104
Christopher R. Hertel [Thu, 29 Aug 2013 21:58:16 +0000 (16:58 -0500)]
vfs_glusterfs: Fix excessive debug output from vfs_gluster_open().
The vfs_gluster_open() function generates a debug message (at level 0)
for every failed attempt to open a pathname. This includes cases in
which attempts are made to open a directory as a file (those attempts
are retried calling vfs_gluster_opendir()). The result is that the log
file fills with messages about failed attempts to open directories, just
because they are directories.
This latest version, of the patch completely removes logging from the
vfs_gluster_open() function. The error code returned is handled in
upper layers, and the open function in the default VFS module does not
log any errors.
Signed-off-by: Christopher R. Hertel <crh@redhat.com>
Reviewed-by: susant palai <spalai@redhat.com>
Reviewed-by: raghavendra talur <rtalur@redhat.com>
Reviewed-by: Jose A. Rivera <jarrpa@redhat.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Aug 30 02:43:48 CEST 2013 on sn-devel-104
The last 3 patches address bug #10224 - Patches to fix small problems in the
vfs_glusterfs module.
Anand Avati [Sun, 11 Aug 2013 19:59:29 +0000 (15:59 -0400)]
vfs_glusterfs: Implement proper mashalling/unmarshalling of ACLs
Use the primitives available in Samba byteorder.h for implementing
proper (un)marshalling of ACL xattrs.
- Incorporated Raghavendra Talur's comments on v3
Signed-off-by: Anand Avati <avati@redhat.com>
Signed-off-by: Raghavendra Talur <rtalur@redhat.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Christopher R. Hertel <crh@samba.org>
Tested-by: Jose A. Rivera <jarrpa@redhat.com>
Autobuild-User(master): Simo Sorce <idra@samba.org>
Autobuild-Date(master): Fri Aug 16 20:34:51 CEST 2013 on sn-devel-104
Susant Kumar Palai [Tue, 6 Aug 2013 21:45:06 +0000 (14:45 -0700)]
VFS plugin was sending the actual size of the volume instead of the total number of block units because of which windows was getting the wrong volume capacity.
Signed-off-by: Susant Kumar Palai <spalai@redhat.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Christopher R. Hertel <crh@samba.org>
Andrew Bartlett [Mon, 29 Jul 2013 22:40:39 +0000 (10:40 +1200)]
dfs_server: Use dsdb_search_one to catch 0 results as well as NO_SUCH_OBJECT errors
This ensures we do not de-reference an invalid rs->msgs pointer if the
pointed-to object was not objectclass=computer
Andrew Bartlett
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10052
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Aug 2 13:11:20 CEST 2013 on sn-devel-104
(cherry picked from commit
859182da6d06be0e9d37d7ed3448efc3dc78bdb2)
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Thu Oct 17 12:25:55 CEST 2013 on sn-devel-104
Stefan Metzmacher [Tue, 24 Sep 2013 22:49:19 +0000 (00:49 +0200)]
s4:dsdb/rootdse: report 'dnsHostName' instead of 'dNSHostName'
The attribute on the RootDSE object is called 'dnsHostName'
instead of 'dNSHostName' (which is used in the schema and on
all other directory objects).
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10193
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
295b4de7215f3326f9a403973547eb6ed4339f9b)
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Tue Oct 15 11:06:15 CEST 2013 on sn-devel-104
Stefan Metzmacher [Sun, 22 Sep 2013 21:40:12 +0000 (23:40 +0200)]
dsdb/tests/ldap: fix test_ldapServiceName against w2k8r2
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10193
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
ca173923a3937a9ed08f71bfd4ba177a6aeeaeba)
Andreas Schneider [Thu, 10 Oct 2013 08:03:32 +0000 (10:03 +0200)]
s3-winbind: Send online/offline message of the domain to the parent.
https://bugzilla.samba.org/show_bug.cgi?id=10194
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Oct 11 13:37:56 CEST 2013 on sn-devel-104
(cherry picked from commit
275f6586c4d4547978c6ff2f04670b0d8f89fd4b)
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Mon Oct 14 12:06:45 CEST 2013 on sn-devel-104
Andreas Schneider [Thu, 10 Oct 2013 08:02:27 +0000 (10:02 +0200)]
s3-winbind: Register handlers for domain online/offline messages.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10194
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
fc5941622010843d823b5c245eccc68d1d3bce19)
Andreas Schneider [Thu, 10 Oct 2013 08:01:40 +0000 (10:01 +0200)]
s3-winbind: Add functions for domain online/offline handling.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10194
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
447ec17a6bec814a2ac5cadb74dbef5789f07c52)
Andreas Schneider [Thu, 10 Oct 2013 07:15:57 +0000 (09:15 +0200)]
idl: Add a new message for winbind domain states.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10194
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
1a884636542ba0e54c6d209662a5d1613d727a85)
Volker Lendecke [Thu, 11 Jul 2013 12:57:53 +0000 (14:57 +0200)]
ccan: Fix calling memset with zero length parameter
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Jul 11 16:55:49 CEST 2013 on sn-devel-104
Signed-off-by: Andreas Schneider <asn@samba.org>
Fix bug #10190 - Fix memset used with constant zero length parameter.
Jeremy Allison [Tue, 8 Oct 2013 22:01:38 +0000 (15:01 -0700)]
Fix bug #10187 - Missing talloc_free can leak stackframe in error path.
Fix error path.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Wed Oct 9 03:50:56 CEST 2013 on sn-devel-104
Karolin Seeger [Wed, 9 Oct 2013 07:56:36 +0000 (09:56 +0200)]
VERSION: Bump version number up to 4.1.1...
and re-enable git snapshots.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Wed, 9 Oct 2013 07:54:38 +0000 (09:54 +0200)]
VERSION: Bump version number up to 4.1.0...
and disable git snapshots for the 4.1.0 release.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Wed, 9 Oct 2013 07:53:00 +0000 (09:53 +0200)]
WHATSNEW: Add release notes for Samba 4.1.0.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Andreas Schneider [Tue, 10 Sep 2013 07:43:32 +0000 (09:43 +0200)]
doc: Update documentation of pam_winbind krb5 support.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Tue Sep 10 15:35:20 CEST 2013 on sn-devel-104
The last 3 patches address bug #10132 - pam_winbindd should support the KEYRING
ccache type.
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Mon Oct 7 12:21:29 CEST 2013 on sn-devel-104
Andreas Schneider [Tue, 10 Sep 2013 07:30:04 +0000 (09:30 +0200)]
s3-winbind: Add support for the kernel krb5 keyring buffer.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Andreas Schneider [Tue, 10 Sep 2013 07:28:50 +0000 (09:28 +0200)]
s3-winbind: Don't set a default directory for DIR.
There is not default so you should always have to specify a directory in
the config file.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Thu, 3 Oct 2013 13:14:58 +0000 (15:14 +0200)]
Revert "Support UPN_DNS_INFO in the PAC"
This reverts commit
a6be8a97f705247c1b1cbb0595887d8924740a71.
We fail (often) to parse a krb5pac type 12 buffer due to the incomplete change
which came in via
a6be8a97f705247c1b1cbb0595887d8924740a71. This change came
into master and has only been released in RCs so no regression to published
4.0.x releases. We should revert this for 4.1 for now until we can make it work
in all cases (see work on this in
https://git.samba.org/?p=gd/samba/.git;a=shortlog;h=refs/heads/master-krb5pac_type12).
Without this revert the entire PAC parsing may fail which can effect serious
implications (krb5 smb session setup not working).
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10178
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Oct 3 17:08:46 CEST 2013 on sn-devel-104
(cherry picked from commit
8b51eabf319689d45ce1f8492c4372b49eecb794)
Stefan Metzmacher [Fri, 27 Sep 2013 10:50:45 +0000 (12:50 +0200)]
Merge tag 'samba-4.1.0rc4' into v4-1-test
samba: tag release samba-4.1.0rc4
Karolin Seeger [Fri, 27 Sep 2013 10:35:31 +0000 (12:35 +0200)]
VERSION: Disable git snapshots for the 4.1.0rc4 release.
Merge commit 'origin/v4-1-test^' into v4-1-stable
Karolin Seeger [Fri, 27 Sep 2013 08:21:09 +0000 (10:21 +0200)]
VERSION: Bump version up to 4.1.0rc5...
and re-enable git snapshots.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Fri, 27 Sep 2013 08:20:16 +0000 (10:20 +0200)]
VERSION: Disable git snapshots for the 4.1.0rc4 release.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Fri, 27 Sep 2013 08:15:30 +0000 (10:15 +0200)]
WHATSNEW: Update changes since rc3.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Andrew Bartlett [Tue, 24 Sep 2013 17:18:36 +0000 (10:18 -0700)]
dsdb: Convert the full string from UTF16 to UTF8, including embedded NULLs
Bug: https://bugzilla.samba.org/show_bug.cgi?id=8077
Note that this doesn't fix the userParameters problem
completely, but it doesn't truncate the userParameters value
anymore.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Sep 26 22:05:12 CEST 2013 on sn-devel-104
(cherry picked from commit
89200c227f36a063612eb38927ac8dee18e044d5)
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Fri Sep 27 11:28:09 CEST 2013 on sn-devel-104
Andrew Bartlett [Mon, 23 Sep 2013 02:26:50 +0000 (19:26 -0700)]
dbcheck: Add back the elements that were wrongly removed from CN=Deleted Objects
This is the final part of the fix for the issue in Samba 4.1
pre-release tree where we would wrongly delete the Deleted Objects
container during a join.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Tue Sep 24 09:31:37 CEST 2013 on sn-devel-104
(cherry picked from commit
f4ff81f5797c5dd8f562aec2cfec789272e739fd)
The last 19 patches address bug #10157 - Regression causes replication failure
with Windows 2008R2 and deletes Deleted Objects.
Andrew Bartlett [Mon, 23 Sep 2013 02:26:10 +0000 (19:26 -0700)]
pydsdb: Raise a more useful exception when dsdb_wellknown_dn fails.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
d787f7af4979ed80aad07db928d1ae84eaaef35a)
Andrew Bartlett [Mon, 23 Sep 2013 00:45:01 +0000 (17:45 -0700)]
pydsdb: Give KeyError when we fail a schema lookup in python
This allows sensible exception handling.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
51101b310adedb4eeb4c4382e631594ffa679ff2)
Andrew Bartlett [Mon, 23 Sep 2013 00:07:22 +0000 (17:07 -0700)]
dbcheck: Ensure to always increase the error_count
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
bcd535e95c5e8f83f6b30264ab1f0de3c6ac2cda)
Andrew Bartlett [Sun, 22 Sep 2013 05:06:54 +0000 (22:06 -0700)]
selftst: add tests based on 4.1.0rc3 to check for zero invocationID in replPropertyMetaData
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Sep 23 01:29:10 CEST 2013 on sn-devel-104
(cherry picked from commit
a3f25f25113d83a605638fa2806014ad9972f919)
Andrew Bartlett [Sun, 22 Sep 2013 05:52:01 +0000 (22:52 -0700)]
selftest: Add release-4-1-0rc3 saved provision
This version has the regression where we would, on join, write an
all-zero invocationID in the replPropertyMetaData attribute, on
Deleted Objects in particular.
To demonstrate this regression, this is based on the promoted_dc
environment from make test, with the domain altered to match the
pattern used in these trees.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
038a9a7c5ec964e5b42e1329eab0573e50a9d3b0)
Andrew Bartlett [Sun, 22 Sep 2013 06:36:46 +0000 (23:36 -0700)]
selftest: Only run referenceprovision and ldapcmp for the 4.0.0 test
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
9c11ad25b211242cbe526f280688640658c4a365)
Andrew Bartlett [Sun, 22 Sep 2013 01:52:21 +0000 (18:52 -0700)]
selftest: Add script to assist in writing out a tree undump.sh can restore
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
9b8e174fe8cac61cfcfa1c76e8cab2450e4a0af5)
Andrew Bartlett [Sun, 22 Sep 2013 01:03:43 +0000 (18:03 -0700)]
dbcheck: Look for and fix the all-zero invocationID in replPropertyMetaData
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
9e1dde15f9d3a374747d163e37016b54f008bd9f)
Andrew Bartlett [Sat, 21 Sep 2013 21:33:21 +0000 (14:33 -0700)]
dsdb: Refuse to replicate an all-zero invocationID GUID in replPropertyMetaData
This matches Windows 2008R2.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
25d4bafca7245e3f8291e5f0f304b1b4f8ce5600)
Andrew Bartlett [Sat, 21 Sep 2013 21:32:27 +0000 (14:32 -0700)]
smb.conf: Fill out the ntvfs handler smb.conf page from source4/NEWS
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
274b899095645550e263564ae4e03b4f0d6bdbea)
Andrew Bartlett [Sat, 21 Sep 2013 21:31:31 +0000 (14:31 -0700)]
Remove NEWS file containing confusing information
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
334d83e4e7821b3f2ac54ef11f67aefaa564b00b)
Andrew Bartlett [Sat, 21 Sep 2013 21:10:02 +0000 (14:10 -0700)]
Remove confusing TODO file
This makes no sense in the merged tree, and only confuses users.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
8d9986a6e9cb8c633c57c84c4d6aefd21e181c40)
Andrew Bartlett [Sat, 21 Sep 2013 20:55:00 +0000 (13:55 -0700)]
dsdb: Use WERR_DS_ATT_NOT_DEF_IN_SCHEMA for failed schema lookups
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
53c06d03a880319cf67a99250958cce16147f181)
Andrew Bartlett [Tue, 17 Sep 2013 22:31:04 +0000 (15:31 -0700)]
dsdb-repl_meta_data: Make handling of Deleted Objects DN clearer in delete
This code no longer needs to handle not renaming Deleted Objects
during a re-delete, because it is no longer called in that case.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
aa07b5caf9ac13fc517c4c9d21f16ebff5415544)
Andrew Bartlett [Tue, 17 Sep 2013 22:28:32 +0000 (15:28 -0700)]
dsdb-repl_meta_data: Do not re-delete the Deleted Objects DN during replication
We need to ensure we do not re-delete the Deleted Objects DN during replication.
It itself not entirely a deleted object, but has isDeleted set.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
c42db8975f8f84ce576c97ad95ca59ba5170d596)
Andrew Bartlett [Tue, 17 Sep 2013 22:20:48 +0000 (15:20 -0700)]
dsdb: Refuse to return an all-zero invocationID
This could cause an all-zero GUID to be entered into the
replPropertyMetaData, which will then fail to be replicated to other
DCs.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
4022d8632cc092f4f43fae69cc3cfb58d0d000dd)
Andrew Bartlett [Tue, 17 Sep 2013 22:31:51 +0000 (15:31 -0700)]
dsdb-repl_meta_data: Check for a NULL invocationID and do not proceed
This can happen if we do not find the invocationID, with later patches.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
40f99625ee4447aa36c0fa5631ffa13b7003569f)
Andrew Bartlett [Wed, 18 Sep 2013 21:27:26 +0000 (14:27 -0700)]
python/drs: Ensure to pass in the local invocationID during the domain join
This ensures (and asserts) that we never write an all-zero GUID as an invocationID
to the database in replPropertyMetaData.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
a623359fb8a54083b81436d14b7ba022c11efb18)
Karolin Seeger [Thu, 26 Sep 2013 09:53:28 +0000 (11:53 +0200)]
WHATSNEW: Add changes since 4.1.0rc3.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Thu Sep 26 13:39:19 CEST 2013 on sn-devel-104
Volker Lendecke [Sun, 1 Sep 2013 16:54:59 +0000 (18:54 +0200)]
torture3: Trigger a nasty cleanup bug in smbd
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Tue Sep 3 19:13:14 CEST 2013 on sn-devel-104
(cherry picked from commit
ade8477f98fcffcc6e3c5ea31618b49d0c1bba95)
The last 5 patches address bug #10138 - smbd doesn't always clean up share modes
after hard crash.
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Thu Sep 26 11:33:29 CEST 2013 on sn-devel-104
Volker Lendecke [Fri, 30 Aug 2013 12:49:43 +0000 (12:49 +0000)]
smbd: Fix flawed share_mode_stale_pid API
The comment for this routine said:
> Modifies d->num_share_modes, watch out in routines iterating over
> that array.
Well, it turns out that *every* caller of this API got it wrong. So I
think it's better to change the routine.
This leaves the array untouched while iterating but filters out the
deleted ones while saving them back to disk.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
7d91ffc6fdc3b371564e14f09822a96264ea372a)
Volker Lendecke [Fri, 30 Aug 2013 12:27:36 +0000 (12:27 +0000)]
smbd: Rename parameter "i" to "idx"
We'll need "i" in a later checkin ... :-)
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
5006db98aaf1efe119f1da8be091587a9bc2b952)
Volker Lendecke [Sun, 1 Sep 2013 09:07:19 +0000 (11:07 +0200)]
smbd: Don't store in-memory only flags in locking.tdb
Hey, pidl knows the [skip] attribute ... :-)
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
696bc569b17f024f840774e3d59761229836a310)
Volker Lendecke [Thu, 22 Aug 2013 08:49:07 +0000 (08:49 +0000)]
smbd: Simplify find_oplock_types
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
94b320527eee0c7ba1d3818816e7d59cb863bf3f)
Andrew Bartlett [Thu, 9 May 2013 03:16:55 +0000 (15:16 +1200)]
python-samba-tool fsmo: Do not give an error on a successful role transfer
Bug: https://bugzilla.samba.org/show_bug.cgi?id=9461
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Sep 23 12:00:24 CEST 2013 on sn-devel-104
(cherry picked from commit
8d8872ae0a19786452c3be044757b16814b82be8)
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Wed Sep 25 10:47:35 CEST 2013 on sn-devel-104
Daniel Liberman [Thu, 19 Sep 2013 23:28:33 +0000 (20:28 -0300)]
Fix bug 10162 - POSIX ACL mapping failing when setting DENY ACE's from Windows.
Fix for ACL problem - not accepting DENY. Code was checking for pointer and not for content.
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Sat Sep 21 05:24:07 CEST 2013 on sn-devel-104
(cherry picked from commit
e24fcf0f3e1b5b19d97a13786b09f069393b06d8)
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Mon Sep 23 11:19:50 CEST 2013 on sn-devel-104
Günther Deschner [Tue, 17 Sep 2013 10:47:58 +0000 (12:47 +0200)]
docs: point out side-effects of global "valid users" setting.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Fix bug #10147 - Better document potential implications of a globally used
"valid users".
Karolin Seeger [Fri, 20 Sep 2013 07:45:04 +0000 (09:45 +0200)]
VERSION: Set version to 4.1.0rc4.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Fri Sep 20 13:26:22 CEST 2013 on sn-devel-104
Matthieu Patou [Thu, 19 Sep 2013 18:18:32 +0000 (11:18 -0700)]
libcli: continue to read from the socket even if the size is 0
This is an issue found by Codenomicon, with a malicious packet with 0
bytes UDP payload we will continiously be looping trying to react from
the socket event and continiously do nothing as we will bail out
thinking that we had a memory allocation error.
Original fix comes from Volker Lendecke <vl@samba.org>
Signed-off-by: Matthieu Patou <mat@matws.net>
Fix bug #10158 - netbios related samba process consume 100% CPU.
Jeremy Allison [Wed, 18 Sep 2013 01:10:16 +0000 (18:10 -0700)]
s3: libsmb - 10150 - Not all OEM servers support the ALTNAME info level.
Sigh. Some OEM servers return NT_STATUS_NOT_IMPLEMENTED not
NT_STATUS_NOT_SUPPORTED.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
75f353b857d50291672adefc6eefd210c9e8a0f7)
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Thu Sep 19 12:06:58 CEST 2013 on sn-devel-104
git.samba.org / samba.git / log