7 years agos3/swat: use strlcat instead of strncat to fix build on old Linux distros v3-3-test
Björn Jacke [Thu, 4 Aug 2011 14:25:08 +0000 (16:25 +0200)]
s3/swat: use strlcat instead of strncat to fix build on old Linux distros

SLES 9's glibc for example had weird macros where the use of strncat resulted
in the use of strcat which we don't allow.

Signed-off-by: Stefan Metzmacher <>
Autobuild-User: Björn Jacke <>
Autobuild-Date: Thu Aug  4 17:50:24 CEST 2011 on sn-devel-104

Fix bug #8362 (build issue on old glibc systems).

7 years agos3:web/swat: use strtoll() instead of atoi/atol/atoll
Stefan Metzmacher [Fri, 5 Aug 2011 17:48:38 +0000 (19:48 +0200)]
s3:web/swat: use strtoll() instead of atoi/atol/atoll

This is more portable, as we have a strtoll replacement
in lib/replace.


Autobuild-User: Stefan Metzmacher <>
Autobuild-Date: Sat Aug  6 11:55:45 CEST 2011 on sn-devel-104
(cherry picked from commit a6be0820d09b3f3eabfbb5f4356add303aa8a494)

Fix bug #8347 (CVE-2011-2522 regression for HP-UX, AIX and OSF).

7 years agoWHATSNEW: Start release notes for 3.3.17.
Karolin Seeger [Tue, 26 Jul 2011 18:51:52 +0000 (20:51 +0200)]
WHATSNEW: Start release notes for 3.3.17.

(cherry picked from commit 0fb8c85001ee0657be20aae81716d9c309420652)

7 years agoVERSION: Bump version number up to 3.6.17.
Karolin Seeger [Tue, 26 Jul 2011 18:49:58 +0000 (20:49 +0200)]
VERSION: Bump version number up to 3.6.17.

(cherry picked from commit a646b2e5ad0e19f8506bff3ff8b0ce2e3bcbf061)

7 years agos3-swat: Fix typo.
Karolin Seeger [Sun, 24 Jul 2011 19:09:38 +0000 (21:09 +0200)]
s3-swat: Fix typo.

Thanks to Simo for reporting!

(cherry picked from commit f571f362deaa5bfbdb22c3a7d8409bab9b6c8d82)

7 years agos3 swat: Create random nonce in CGI mode
Kai Blin [Tue, 12 Jul 2011 06:08:24 +0000 (08:08 +0200)]
s3 swat: Create random nonce in CGI mode

In CGI mode, we don't get access to the user's password, which would
reduce the hash used so far to parameters an attacker can easily guess.
To work around this, read the nonce from secrets.tdb or generate one if
it's not there.
Also populate the C_user field so we can use that for token creation.

Signed-off-by: Kai Blin <>
The last 12 patches address bug #8290 (CSRF vulnerability in SWAT).
This addresses CVE-2011-2522 (Cross-Site Request Forgery in SWAT).
(cherry picked from commit 3973cfa50024983618a44ffdb9f756b642b85be7)

7 years agos3 swat: Add time component to XSRF token
Kai Blin [Sat, 9 Jul 2011 07:52:07 +0000 (09:52 +0200)]
s3 swat: Add time component to XSRF token

Signed-off-by: Kai Blin <>
(cherry picked from commit 11e281228f334bf3d384df5655136f0b4b4068aa)

7 years agos3 swat: Add XSRF protection to printer page
Kai Blin [Fri, 8 Jul 2011 13:06:13 +0000 (15:06 +0200)]
s3 swat: Add XSRF protection to printer page

Signed-off-by: Kai Blin <>
(cherry picked from commit 407ae61fbfc8ee1643a4db8ea9b104f031b32e0f)

7 years agos3 swat: Add XSRF protection to password page
Kai Blin [Fri, 8 Jul 2011 13:05:38 +0000 (15:05 +0200)]
s3 swat: Add XSRF protection to password page

Signed-off-by: Kai Blin <>
(cherry picked from commit 4850456845d2da5e3451716a5ad4ca0ef034e01f)

7 years agos3 swat: Add XSRF protection to shares page
Kai Blin [Fri, 8 Jul 2011 13:04:48 +0000 (15:04 +0200)]
s3 swat: Add XSRF protection to shares page

Signed-off-by: Kai Blin <>
(cherry picked from commit ef457a20422cfa8231e25b539d2cd87f299686b9)

7 years agos3 swat: Add XSRF protection to globals page
Kai Blin [Fri, 8 Jul 2011 13:04:12 +0000 (15:04 +0200)]
s3 swat: Add XSRF protection to globals page

Signed-off-by: Kai Blin <>
(cherry picked from commit 8fb3064eeaa3640af6c8b91aa5859d8bfb6d0888)

7 years agos3 swat: Add XSRF protection to wizard page
Kai Blin [Fri, 8 Jul 2011 13:03:44 +0000 (15:03 +0200)]
s3 swat: Add XSRF protection to wizard page

Signed-off-by: Kai Blin <>
(cherry picked from commit eb22fd73060534700d514ec295985549131c7569)

7 years agos3 swat: Add XSRF protection to wizard_params page
Kai Blin [Fri, 8 Jul 2011 13:03:15 +0000 (15:03 +0200)]
s3 swat: Add XSRF protection to wizard_params page

Signed-off-by: Kai Blin <>
(cherry picked from commit 94f8482607a175c44436fae456fbda3624629982)

7 years agos3 swat: Add XSRF protection to viewconfig page
Kai Blin [Fri, 8 Jul 2011 13:02:53 +0000 (15:02 +0200)]
s3 swat: Add XSRF protection to viewconfig page

Signed-off-by: Kai Blin <>
(cherry picked from commit ba996f0ae87f6bf4f19a4918e44dbd6d44a96561)

7 years agos3 swat: Add XSRF protection to status page
Kai Blin [Fri, 8 Jul 2011 10:58:53 +0000 (12:58 +0200)]
s3 swat: Add XSRF protection to status page

Signed-off-by: Kai Blin <>
(cherry picked from commit 3f38cf42facc38c19e0448cbae3078b9606b08e4)

7 years agos3 swat: Add support for anti-XSRF token
Kai Blin [Fri, 8 Jul 2011 10:57:43 +0000 (12:57 +0200)]
s3 swat: Add support for anti-XSRF token

Signed-off-by: Kai Blin <>
(cherry picked from commit 3806fec53dcf3b6e5c3fd71917f9d67d47c65e32)

7 years agos3 swat: Allow getting the user's HTTP auth password
Kai Blin [Fri, 8 Jul 2011 10:56:21 +0000 (12:56 +0200)]
s3 swat: Allow getting the user's HTTP auth password

Signed-off-by: Kai Blin <>
(cherry picked from commit b610e0cee563465c6b970647b215f8ae4d0c6599)

7 years agos3 swat: Fix possible XSS attack (bug #8289)
Kai Blin [Thu, 7 Jul 2011 08:03:33 +0000 (10:03 +0200)]
s3 swat: Fix possible XSS attack (bug #8289)

Nobuhiro Tsuji of NTT DATA SECURITY CORPORATION reported a possible XSS attack
against SWAT, the Samba Web Administration Tool. The attack uses reflection to
insert arbitrary content into the "change password" page.

This patch fixes the reflection issue by not printing user-specified content on
the website anymore.

Signed-off-by: Kai Blin <>
(cherry picked from commit d401ccaedaec09ad6900ec24ecaf205bed3e3ac1)

7 years agoWAHTSNEW: Prepare release notes for 3.3.16.
Karolin Seeger [Sun, 24 Jul 2011 18:36:30 +0000 (20:36 +0200)]
WAHTSNEW: Prepare release notes for 3.3.16.

(cherry picked from commit 5d2d4fbf5bcf6aa1c1d994adaed22dec3ba09b9c)

7 years agoVERSION: Bump version number up to 3.3.16.
Karolin Seeger [Sun, 24 Jul 2011 18:25:08 +0000 (20:25 +0200)]
VERSION: Bump version number up to 3.3.16.

(cherry picked from commit ad64256e19bef0b4441bc660faf524150e12bdf8)

7 years agos3:nmbd_packets: return the used number of sockets in create_listen_fdset() (bug...
Stefan Metzmacher [Thu, 30 Jun 2011 07:56:06 +0000 (09:56 +0200)]
s3:nmbd_packets: return the used number of sockets in create_listen_fdset() (bug #8276)

Fix bug #7949 (DoS in Winbind and smbd with many file descriptors open)
(commit feb3fcd0fa4bda0967b881315595d7702f4d1752) changed the bahavior,
so that we skipped some sockets.

This should work for v3-3-test.


8 years agoWHATSNEW: Prepare 3.3.15 release notes.
Karolin Seeger [Sun, 27 Feb 2011 17:49:27 +0000 (18:49 +0100)]
WHATSNEW: Prepare 3.3.15 release notes.

(cherry picked from commit 074ad65a4b429c7671043e062bec4d9f53df53bf)

8 years agoFix denial of service - memory corruption.
Karolin Seeger [Sun, 27 Feb 2011 17:28:29 +0000 (18:28 +0100)]
Fix denial of service - memory corruption.


Fix bug #7949 (DoS in Winbind and smbd with many file descriptors open).

All current released versions of Samba are vulnerable to
a denial of service caused by memory corruption. Range
checks on file descriptors being used in the FD_SET macro
were not present allowing stack corruption. This can cause
the Samba code to crash or to loop attempting to select
on a bad file descriptor set.

A connection to a file share, or a local account is needed
to exploit this problem, either authenticated or unauthenticated
(guest connection).

Currently we do not believe this flaw is exploitable
beyond a crash or causing the code to loop, but on the
advice of our security reviewers we are releasing fixes
in case an exploit is discovered at a later date.
(cherry picked from commit 724e44eed299c618066dec411530aa9f156119ec)

8 years agoVERSION: Bump version number up to 3.3.15.
Karolin Seeger [Sun, 27 Feb 2011 17:27:59 +0000 (18:27 +0100)]
VERSION: Bump version number up to 3.3.15.

(cherry picked from commit 23ec2b1a988fff922864a03b6061c6bc2e584ce0)

8 years agoWHATSNEW: Update release date.
Karolin Seeger [Thu, 9 Sep 2010 14:23:49 +0000 (16:23 +0200)]
WHATSNEW: Update release date.

(cherry picked from commit cdb6f49d577fa5b24d294a50780604c89912c012)

8 years agoFix bug #7669.
Jeremy Allison [Thu, 9 Sep 2010 13:43:07 +0000 (15:43 +0200)]
Fix bug #7669.

Fix bug #7669 (buffer overflow in sid_parse() in Samba3 and dom_sid_parse in



All current released versions of Samba are vulnerable to
a buffer overrun vulnerability. The sid_parse() function
(and related dom_sid_parse() function in the source4 code)
do not correctly check their input lengths when reading a
binary representation of a Windows SID (Security ID). This
allows a malicious client to send a sid that can overflow
the stack variable that is being used to store the SID in the
Samba smbd server.

A connection to a file share is needed to exploit this
vulnerability, either authenticated or unauthenticated
(guest connection).
(cherry picked from commit df1c76e2275068d1006e82a4a21d42b58175268b)

8 years agoWHATSNEW: Prepare 3.3.14 release notes.
Karolin Seeger [Thu, 9 Sep 2010 13:41:40 +0000 (15:41 +0200)]
WHATSNEW: Prepare 3.3.14 release notes.

(cherry picked from commit da9325d02038b5e65873593dece510fa09851772)

8 years agoVERSION: Raise version number up to 3.3.14.
Karolin Seeger [Thu, 9 Sep 2010 13:31:18 +0000 (15:31 +0200)]
VERSION: Raise version number up to 3.3.14.

(cherry picked from commit 293a8676ee72a635096ff1a1b167ecf6fa525276)

8 years agoWHATSNEW: Prepare release notes for 3.3.13.
Karolin Seeger [Fri, 11 Jun 2010 11:22:12 +0000 (13:22 +0200)]
WHATSNEW: Prepare release notes for 3.3.13.

(cherry picked from commit d07d8701d9a49609d0291b599816a0670d29a9f3)

8 years agoVERSION: Raise version number up to 3.3.13.
Karolin Seeger [Fri, 11 Jun 2010 10:58:07 +0000 (12:58 +0200)]
VERSION: Raise version number up to 3.3.13.

(cherry picked from commit 9aa30a0bbd5eaf99fec9f6b51f859bf751e155ff)

8 years agos3-smbd: Fix memory corruption vulnerability.
Jeremy Allison [Fri, 11 Jun 2010 10:57:25 +0000 (12:57 +0200)]
s3-smbd: Fix memory corruption vulnerability.

Fix bug #7494 (Buffer overrun possible in chain_reply code in 3.3.x and below.)
and address CVE-2010-2063.
(cherry picked from commit 86ab436a0da958914f99dc8b7e88b10db4692d98)

9 years agoRevert "Fix bug #7067 - Linux asynchronous IO (aio) can cause smbd to fail to respond...
Karolin Seeger [Mon, 8 Mar 2010 20:08:36 +0000 (21:08 +0100)]
Revert "Fix bug #7067 - Linux asynchronous IO (aio) can cause smbd to fail to respond to a read or write."

This reverts commit 153357b9bb4d70a168c81cb9ff2da437eae823fc.

This fixes bug #7222 (All users have full rigths on all shares) (CVE-2010-0728).
(cherry picked from commit 007f9c90e952aeea2d8f73cff3ccd0f747a9c06e)

9 years agoWHATSNEW: Prepare release notes for Samba 3.3.12.
Karolin Seeger [Mon, 8 Mar 2010 20:08:01 +0000 (21:08 +0100)]
WHATSNEW: Prepare release notes for Samba 3.3.12.

(cherry picked from commit cb608fef71f9da629a1858cd1d6c8b19e27e6655)

9 years agoVERSION: Raise version number up to 3.3.12.
Karolin Seeger [Mon, 8 Mar 2010 20:05:40 +0000 (21:05 +0100)]
VERSION: Raise version number up to 3.3.12.

(cherry picked from commit 689fd1bd11806f92e9f5acbc634e27f7b197ee23)

9 years agoWHATSNEW: Update changes since 3.3.10.
Karolin Seeger [Thu, 25 Feb 2010 09:38:52 +0000 (10:38 +0100)]
WHATSNEW: Update changes since 3.3.10.


9 years agos3:winbind: Fix bug 5626
Volker Lendecke [Sun, 30 Aug 2009 09:06:14 +0000 (11:06 +0200)]
s3:winbind: Fix bug 5626

Apparently the AIX compiler can't deal with sizeless array declarations

9 years agos3:winbindd: never mark external domains as internal!
Stefan Metzmacher [Tue, 23 Feb 2010 07:42:41 +0000 (08:42 +0100)]
s3:winbindd: never mark external domains as internal!

This way we can endup with silently using builtin_passdb_methods
for an ad domain without an inbound trust.

This fixes bug #7170.

(cherry picked from commit f924b7749280b31ece19885de1c3ad1bd71942ac)

9 years agos3-docs: Add missing para end tag.
Karolin Seeger [Tue, 9 Feb 2010 15:36:39 +0000 (16:36 +0100)]
s3-docs: Add missing para end tag.

(cherry picked from commit b78de63ef3cde53e3aabbe46654aac5a335f16a8)
(cherry picked from commit d3738dbe1cabb0ad0acf5f8c9b5e8106285ca9a1)

9 years agoFix bug #7122 - Reading a large browselist fails (server returns invalid values in...
Jeremy Allison [Tue, 9 Feb 2010 23:23:38 +0000 (15:23 -0800)]
Fix bug #7122 - Reading a large browselist fails (server returns invalid values in subsequent SMBtrans replies)

There are two problems:

1). The server is off-by-one in the end of buffer space test.
2). The server returns 0 in the totaldata (smb_vwv1) and totalparams (smb_vwv0)
fields in the second and subsequent SMBtrans replies.

This patch fixes both.

(similar to commit b07a14dc37d2899f662e1cf87064f99c0bd10b25)
Signed-off-by: Stefan Metzmacher <>
9 years agoFix off-by-one error in working out the limit of the NetServerEnum comment.
Jeremy Allison [Tue, 9 Feb 2010 20:17:08 +0000 (12:17 -0800)]
Fix off-by-one error in working out the limit of the NetServerEnum comment.

(cherry picked from commit 9ad6f432f3f5844b4b419e7cbaf3c3e70b052d29)

Signed-off-by: Stefan Metzmacher <>
9 years agos3:smbd: Fix really ugly bool vs. int bug!!!
Stefan Metzmacher [Wed, 10 Feb 2010 18:49:48 +0000 (19:49 +0100)]
s3:smbd: Fix really ugly bool vs. int bug!!!

A comparison function for qsort needs to return an 'int'!
Otherwise you'll get random results depending on the compiler
and the architecture...

(cherry picked from commit 1686a5e7e7eb1b411b003cbbde5c0d28741c6d02)

9 years agos3:libsmb: fix NetServerEnum3 rap calls.
Stefan Metzmacher [Mon, 8 Feb 2010 17:38:03 +0000 (18:38 +0100)]
s3:libsmb: fix NetServerEnum3 rap calls.

(cherry picked from commit 9b5198dd443a00fdad4faa1f9cdabedd81012d93)

9 years agoFix bug #7154 - mangling method = hash can crash storing a name not containing a '.'
Jeremy Allison [Thu, 18 Feb 2010 19:22:44 +0000 (11:22 -0800)]
Fix bug #7154 - mangling method = hash can crash storing a name not containing a '.'

Fix use of uninitialized variable. This can lead to crashes if
mangling = hash processes names with no '.'.

(cherry picked from commit df13b1303a751962d8f7d5298b39e4a7500fef15)

9 years agoFix bug #7155 - valgrind Conditional jump or move depends on uninitialised value...
Jeremy Allison [Thu, 18 Feb 2010 20:21:10 +0000 (12:21 -0800)]
Fix bug #7155 - valgrind Conditional jump or move depends on uninitialised value(s) error when "mangling method = hash"

The charset array allocated in init_chartest() is allocated
by MALLOC, but only some elements of it being set after allocation. Fix is to
memset to zero after allocation.

(cherry picked from commit a4e8210ba7d6d471cb9f17754244393b9c1e5930)

9 years agoFix bug #6557 - Do not work VFS full_audit
Jeremy Allison [Wed, 17 Feb 2010 18:46:21 +0000 (10:46 -0800)]
Fix bug #6557 - Do not work VFS full_audit

Re-arrange the operations order so SMB_VFS_CONNECT is done
first as root (to allow modules to correctly initialize themselves).

Reviewed modules to check if they needed CONNECT invoked as
a user (which we previously did) and it turns out any of them
that cared needed root permissions anyway.


9 years agoFixes issue with preexec scripts creating a share directory, and problems if a smb...
Jeremy Allison [Fri, 12 Feb 2010 00:09:59 +0000 (16:09 -0800)]
Fixes issue with preexec scripts creating a share directory, and problems if a smb.conf reload turns wide links back on after a connection is establised.

Includes git refs :

from master.


Fix bug #7104 ("wide links" and "unix extensions" are incompatible.)

9 years agoFix bug 7104 - "wide links" and "unix extensions" are incompatible.
Jeremy Allison [Sat, 6 Feb 2010 00:22:27 +0000 (16:22 -0800)]
Fix bug 7104 - "wide links" and "unix extensions" are incompatible.

Change parameter "wide links" to default to "no".
Ensure "wide links = no" if "unix extensions = yes" on a share.
Fix man pages to refect this.

Remove "within share" checks for a UNIX symlink set - even if
widelinks = no. The server will not follow that link anyway.

Correct DEBUG message in check_reduced_name() to add missing "\n"
so it's really clear when a path is being denied as it's outside
the enclosing share path.


9 years agos3: Fix an uninitialized variable reference
Volker Lendecke [Sun, 29 Nov 2009 21:57:19 +0000 (22:57 +0100)]
s3: Fix an uninitialized variable reference

Fix bug #5885 (swat prints a bogus ip-address in smb.conf).

9 years agos3: Fix malformed require_membership_of_sid.
Bo Yang [Sun, 7 Feb 2010 07:04:51 +0000 (15:04 +0800)]
s3: Fix malformed require_membership_of_sid.

Signed-off-by: Bo Yang <>
Fix bug #7106.

9 years agos3:libsmb: don't reuse the callers stype variable in cli_NetServerEnum()
Stefan Metzmacher [Thu, 4 Feb 2010 13:03:20 +0000 (14:03 +0100)]
s3:libsmb: don't reuse the callers stype variable in cli_NetServerEnum()

When we need to do more than one network operation to get the
browse list we need to use the same 'stype' value each time.

(cherry picked from commit c2e4746fa9d68e7601e8e90cc0144d2e65a695b6)

Signed-off-by: Stefan Metzmacher <>
Fix bug #7098 (smbclient -L gives wrong results with a large browse list).

9 years agoFix bug #7072 - Accounts can't be unlocked from ldap.
Jeremy Allison [Thu, 28 Jan 2010 01:16:04 +0000 (17:16 -0800)]
Fix bug #7072 - Accounts can't be unlocked from ldap.

Fix suggested by Andy Hanton <>. The LOGIN_CACHE
struct contains two time_t entries, but was being written to and
read from via tdb_pack/tdb_unpack functions using explicit 32-bit int specifiers.
This would break on machines with a 64-bit time_t. Use correct int
sizes for tdb_pack/tdb_unpack.

We have to fix this properly before 2037 :-).

Contains fixes from master 627fb85092f728065b6d772c41aeb75018154e86
and 69fd8461b8792f4fee1b61db03953044565492c6.


9 years agoFix bug #7067 - Linux asynchronous IO (aio) can cause smbd to fail to respond to...
Jeremy Allison [Thu, 28 Jan 2010 22:55:32 +0000 (14:55 -0800)]
Fix bug #7067 - Linux asynchronous IO (aio) can cause smbd to fail to respond to a read or write.

Only works on Linux kernels 2.6.26 and above. Grants CAP_KILL capability
to allow Linux threads under different euids to send signals to each other.

Same as mater commit 899bd0005f56dcc1e95c3988d41ab3f628bb15db.


9 years agos3: Fix bug 7052: "DFS broken on AIX (maybe others)"
William Jojo [Thu, 21 Jan 2010 13:21:03 +0000 (14:21 +0100)]
s3: Fix bug 7052: "DFS broken on AIX (maybe others)"
(cherry picked from commit c531d00ab4444db19ff6ba4c60ebdcc8319949c6)
(cherry picked from commit f21796955e7aa2e84a1c810612f2fdee2bde611c)
(cherry picked from commit 28b3cf328312a26cd72bbc54f3283bc46b51bc32)

9 years agos3-docs: Fix typos.
Karolin Seeger [Wed, 20 Jan 2010 12:34:50 +0000 (13:34 +0100)]
s3-docs: Fix typos.

Thanks to the Debian samba package maintainers
<> for providing the patch!

Fix bug #7017 (Typos and spelling errors in manpages).

(cherry picked from commit e1e6b19acff6d8ba3b70c3ab474a85de8b6f6a6c)
(cherry picked from commit eaa10cfec3c389c79ac3c43f7ec1596015a9b8e1)
(cherry picked from commit 436e13608e489b4bd5c00597efca9c9ca66b8be1)

9 years agoWHATSNEW: Update release notes.
Karolin Seeger [Wed, 20 Jan 2010 12:43:15 +0000 (13:43 +0100)]
WHATSNEW: Update release notes.


9 years agoVERSION: Raise version up to 3.3.11.
Karolin Seeger [Wed, 20 Jan 2010 12:42:12 +0000 (13:42 +0100)]
VERSION: Raise version up to 3.3.11.


9 years agos3: Fix a crash in libsmbclient used against the OpenSolaris CIFS server
Volker Lendecke [Sat, 16 Jan 2010 12:31:44 +0000 (13:31 +0100)]
s3: Fix a crash in libsmbclient used against the OpenSolaris CIFS server

A user has sent me a sniff where the OpenSolaris CIFS server returns "32" in
totalentries, but the array in ctr only contains 15 entries. Look at the right
delimiter for walking the array.

Fix bug #7046 (libsmbclient crash against OpenSolaris CIFS server).

9 years agoFix bug 7045 - Bad (non memory copying) interfaces in smbc_setXXXX calls.
Jeremy Allison [Sat, 16 Jan 2010 01:52:54 +0000 (17:52 -0800)]
Fix bug 7045 - Bad (non memory copying) interfaces in smbc_setXXXX calls.

In smbc_free_context libsmbclient just called free() on the string options
so it assumes the callers have malloced them before setting them via smbc_set

Change to correctly malloc/free string options to the library.
Protect against SMB_STRDUP of null.

Contains 2d41b1ab78639abe4ae030ff482573f464564dd7 and
f85b6ee90b88c7f7b2a92c8a5f3e2ebe59c1087b from master.


9 years agos3-libsmbclient: Fix crash bug in SMBC_parse_path().
Günther Deschner [Thu, 14 Jan 2010 19:34:04 +0000 (11:34 -0800)]
s3-libsmbclient: Fix crash bug in SMBC_parse_path().

Patch from Tim Waugh <>.
This resolves

LIBSMBCLIENT-OPENDIR torture test checks this as well.


Fix bug #7043 (SIGSEGV in "SMBC_parse_path").

9 years agoFix bug #7036 - net rpc getsid fails in hardened windows environments.
Jeremy Allison [Thu, 14 Jan 2010 23:50:02 +0000 (15:50 -0800)]
Fix bug #7036 - net rpc getsid fails in hardened windows environments.

Fix suggested by

9 years agoWHATSNEW: Update release notes.
Karolin Seeger [Thu, 14 Jan 2010 10:10:27 +0000 (11:10 +0100)]
WHATSNEW: Update release notes.


9 years agos3:configure: only check for gpfs_gpl.h
Stefan Metzmacher [Wed, 28 Oct 2009 10:21:27 +0000 (11:21 +0100)]
s3:configure: only check for gpfs_gpl.h

The header is everything we need in order to build vfs_gpfs.


Signed-off-by: Michael Adam <>
(cherry picked from commit ee13e9c0becc2b4a4d3b233613d5e3e9bfb54938)

Fix bug #6856.
(cherry picked from commit b71f0e5f6f715d7c061d3a845f1e983e2472c1b0)

9 years agoWHATSNEW: Prepare release notes for Samba 3.3.10.
Karolin Seeger [Wed, 13 Jan 2010 14:31:10 +0000 (15:31 +0100)]
WHATSNEW: Prepare release notes for Samba 3.3.10.


9 years agos3:pdb_ldap: restore Samba 3.0.x behavior and use the first "uid" value.
Stefan Metzmacher [Tue, 5 Jan 2010 12:30:42 +0000 (13:30 +0100)]
s3:pdb_ldap: restore Samba 3.0.x behavior and use the first "uid" value.

See bug #6157 for more details.


Signed-off-by: Stefan Metzmacher <>
9 years agos3:smbldap: add smbldap_talloc_first_attribute()
Stefan Metzmacher [Tue, 5 Jan 2010 12:30:19 +0000 (13:30 +0100)]
s3:smbldap: add smbldap_talloc_first_attribute()


Signed-off-by: Stefan Metzmacher <>
9 years agosmbd: Fix opening the quota magic file
Stefan Metzmacher [Mon, 21 Dec 2009 15:26:34 +0000 (16:26 +0100)]
smbd: Fix opening the quota magic file

This fixes bug #6642 and bug #6919.


9 years agos3:smbd: Fix bug 6696
Timothy Miller [Mon, 7 Sep 2009 10:01:58 +0000 (12:01 +0200)]
s3:smbd: Fix bug 6696

smbd crashes when using mdns (not avahi) support

9 years agoSecond part of fix for bug 6696 - smbd 3.3.7 crashes (signal 11) in dns_register_smbd...
Jeremy Allison [Wed, 9 Sep 2009 00:22:39 +0000 (17:22 -0700)]
Second part of fix for bug 6696 - smbd 3.3.7 crashes (signal 11) in dns_register_smbd_reply. Restore the code from 3.2 that actually initializes the struct dns_reg_state handle. Jeremy.

9 years agoRe-fix bug 5202 - cannot change ACLs on writable file with "dos filemode=yes"
Jeremy Allison [Fri, 8 Jan 2010 18:24:34 +0000 (10:24 -0800)]
Re-fix bug 5202 - cannot change ACLs on writable file with "dos filemode=yes"

This bug re-occurred for 3.3.x and above.

The reason is that to change a NT ACL we now have to open the file requesting
WRITE_DAC and WRITE_OWNER access. The mapping from POSIX "w" to NT permissions
in posix_acls doesn't add these bits when "dos filemode = yes", so even though
the permission or owner change would be allowed by the POSIX ACL code, the
NTCreateX call fails with ACCESS_DENIED now we always check NT permissions

Added in the mapping from "w" to WRITE_DAC and WRITE_OWNER access.


9 years agoPrevent NULL dereference if group has no members
Jim McDonough [Thu, 31 Dec 2009 02:19:46 +0000 (18:19 -0800)]
Prevent NULL dereference if group has no members

Fix bug #7014 (domain mode winbind crashes retriveing empty group members).

9 years agoFix bug 7005 - mangle method = hash truncates files with dot '. ' character
Jeremy Allison [Tue, 22 Dec 2009 05:16:15 +0000 (21:16 -0800)]
Fix bug 7005 - mangle method = hash truncates files with dot '. ' character

Don't change the contents of a const string via a pointer
alias (or if you do, change it back.....).


9 years agoFix bug #6939 - mangling method = hash breaks long filenames.
Jeremy Allison [Fri, 18 Dec 2009 00:36:53 +0000 (16:36 -0800)]
Fix bug #6939 - mangling method = hash breaks long filenames.

We were returning the wrong sense of the bool. must_mangle()
has to return !NT_STATUS_IS_OK, not NT_STATUS_IS_OK.


9 years agoSecond part of fix for 6875 - trans2 FIND_FIRST2 response --> FIND_FIRST2 Data -...
Jeremy Allison [Wed, 16 Dec 2009 02:38:06 +0000 (18:38 -0800)]
Second part of fix for 6875 - trans2 FIND_FIRST2 response --> FIND_FIRST2 Data -> Fille Attributes are returned as 0x220 for LANMAN2.1 dial

Ensure dos_mode can return FILE_ATTRIBUTE_NORMAL, then filter the returned attributes by protocol level.
This makes us consistant in returning DOS attrs across all replies. Tested on OS/2 by Günter Kukkukk.

9 years agos3 aclocal.m4: Fix iconv checks, clean up m4 code
Kai Blin [Fri, 4 Dec 2009 08:47:25 +0000 (09:47 +0100)]
s3 aclocal.m4: Fix iconv checks, clean up m4 code

The check for iconv requiring giconv.h and libgiconv as well as
the check for iconv requiring biconv.h and libbiconv were using the wrong
variable to check for previous successful test results. This caused the checks
to always fall back to libbiconv on systems where that library was available.

In the course of fixing this, I had to clean up the indentation in that piece of
code, and I also rewrote/added some comments.

Many thanks to Tsurutani Naoki <> for the initial
patch and diagnosis.
(cherry picked from commit f5aff324cb9d965bbc75634596c3c40ffc588183)

Fix bug #4832 (iconv library is not used).

9 years agos3: Fix a segfault in "net" version 3.3
Volker Lendecke [Mon, 7 Dec 2009 21:35:35 +0000 (22:35 +0100)]
s3: Fix a segfault in "net" version 3.3

When neither LOGNAME nor -U is set, "net" and probably other client utils
segfault. Reported by "vinnix" on irc.


Fix bug #6973 (segfault in client tools).

9 years agos3-kerberos: fix the build on Mac OS X 10.6.2.
Günther Deschner [Fri, 27 Nov 2009 19:08:44 +0000 (20:08 +0100)]
s3-kerberos: fix the build on Mac OS X 10.6.2.

(cherry picked from commit 51328a7056918bc75a7c1c442f47cf0271075542)

9 years agos3-kerberos: add a missing reference to authdata headers.
Günther Deschner [Fri, 27 Nov 2009 17:51:56 +0000 (18:51 +0100)]
s3-kerberos: add a missing reference to authdata headers.

(cherry picked from commit da79cbb0800dd647be864e8bbb5fe1132708174b)

9 years agos3-kerberos: do not include authdata headers before including krb5 headers.
Günther Deschner [Fri, 27 Nov 2009 17:30:18 +0000 (18:30 +0100)]
s3-kerberos: do not include authdata headers before including krb5 headers.


9 years agos3-kerberos: only use krb5 headers where required.
Günther Deschner [Fri, 27 Nov 2009 14:52:57 +0000 (15:52 +0100)]
s3-kerberos: only use krb5 headers where required.

This seems to be the only way to deal with mixed heimdal/MIT setups during
merged build.


9 years agos3-kerberos: Fix Bug #6929: build with recent heimdal.
Günther Deschner [Fri, 27 Nov 2009 00:06:36 +0000 (01:06 +0100)]
s3-kerberos: Fix Bug #6929: build with recent heimdal.

Heimdal changed the KRB5_DEPRECATED define (which now may not take an identifier
for activation) in new releases (like 1.3.1).

(cherry picked from commit 1a8f8382740e352a83133b8c49aaedd4716210cd)

9 years agos3-kerberos: next step to resolve Bug #6929: build with recent heimdal.
Günther Deschner [Thu, 26 Nov 2009 09:15:45 +0000 (10:15 +0100)]
s3-kerberos: next step to resolve Bug #6929: build with recent heimdal.

Based on patch from Allan <>.

Also should fix the FreeBSD build on the buildfarm.

(cherry picked from commit 5b3a32be97a37c119e837bdee8f049684565458c)

9 years agos3-kerberos: add check for prerequisite krb5/krb5.h header while checking for krb5...
Günther Deschner [Wed, 25 Nov 2009 20:33:48 +0000 (21:33 +0100)]
s3-kerberos: add check for prerequisite krb5/krb5.h header while checking for krb5/locate_plugin.h.

(Needed for new Heimdal versions).

(cherry picked from commit c438b2b3923db66672ec82e795eef543de5fcb8a)

9 years agonsswitch: fix compile of winbind_krb5_locator with recent Heimdal versions.
Günther Deschner [Wed, 25 Nov 2009 14:21:54 +0000 (15:21 +0100)]
nsswitch: fix compile of winbind_krb5_locator with recent Heimdal versions.

(cherry picked from commit 51864219cc12ceb66c281355f3e1191d5e32842d)

9 years agocifs.upcall: 2nd part of fix for Bug #6868: support building with Heimdal we well...
Günther Deschner [Wed, 25 Nov 2009 14:06:19 +0000 (15:06 +0100)]
cifs.upcall: 2nd part of fix for Bug #6868: support building with Heimdal we well as with MIT.

(cherry picked from commit 660ee2e74523194e5f6b2b6428d76628beb74717)

9 years agos3-build: really fix build of winbind_krb5_locator.
Günther Deschner [Thu, 19 Nov 2009 12:44:33 +0000 (13:44 +0100)]
s3-build: really fix build of winbind_krb5_locator.

(cherry picked from commit fc9f199f2619635f73e8ee7f3b5359521d63f325)

9 years agonsswitch: fix the build of the winbind krb5 locator plugin.
Günther Deschner [Wed, 21 Oct 2009 00:44:44 +0000 (02:44 +0200)]
nsswitch: fix the build of the winbind krb5 locator plugin.

(cherry picked from commit b9d9353b548d9b2ab684aa171f511174e6414762)

9 years agocifs.upcall: Fix Bug #6868: support building with Heimdal we well as with MIT.
Günther Deschner [Wed, 11 Nov 2009 23:52:38 +0000 (00:52 +0100)]
cifs.upcall: Fix Bug #6868: support building with Heimdal we well as with MIT.

(cherry picked from commit b29eed492f1c056adb0b53510be10e738276ca11)

9 years agos3-kerberos: add smb_krb5_principal_get_realm().
Günther Deschner [Wed, 11 Nov 2009 23:51:46 +0000 (00:51 +0100)]
s3-kerberos: add smb_krb5_principal_get_realm().


9 years agos3-kerberos: fix some build warnings when building against heimdal.
Günther Deschner [Fri, 6 Nov 2009 09:25:53 +0000 (10:25 +0100)]
s3-kerberos: fix some build warnings when building against heimdal.


9 years agokerberos: fix some heimdal build warnings.
Günther Deschner [Thu, 9 Oct 2008 09:05:42 +0000 (11:05 +0200)]
kerberos: fix some heimdal build warnings.


9 years agos3: Fix shadow copy display on Windows 7
Volker Lendecke [Thu, 8 Oct 2009 12:02:39 +0000 (14:02 +0200)]
s3: Fix shadow copy display on Windows 7

Windows 7 is a bit more picky on our NT_STATUS_BUFFER_TOO_SMALL. Announce the
right buffer size, the same amount we later check for.

Fix bug #6850 (Shadow Copy Support for VISTA / Windows 7).

9 years agos3:docs: Fix typo in man mount.cifs.
Karolin Seeger [Mon, 30 Nov 2009 13:53:23 +0000 (14:53 +0100)]
s3:docs: Fix typo in man mount.cifs.

Fix bug #6844 (wrong credential file format in mount.cifs manpage).
Thanks to the Debian Samba package maintainers for reporting!

(cherry picked from commit 3b7f8a759f57f32a8c1bc2db85236e88f616ffd9)
(cherry picked from commit 54e2e0ae51e2e126696570104ed64d0458beb4ce)
(cherry picked from commit dbe41dce7491df93a26bb0f4bd2a33b53fe90188)

9 years agos3:docs: Document "aio write behind".
Karolin Seeger [Mon, 30 Nov 2009 12:34:34 +0000 (13:34 +0100)]
s3:docs: Document "aio write behind".

Part of a fix for bug #6890 (Some smb.conf parameters are undocumented).

(cherry picked from commit fde7c2ab19bc7442d8ee9d85ab2fe54e0cfb4782)
(cherry picked from commit 267ebc03b43dd8c11f5aebf341620b0d94d95135)
(cherry picked from commit 93bbbd3cc776e4aa69239cb086067ec953fc8c8e)

9 years agos3:docs: Document "ldap page size".
Karolin Seeger [Mon, 30 Nov 2009 11:29:27 +0000 (12:29 +0100)]
s3:docs: Document "ldap page size".

Part of a fix for bug #6890 (Some smb.conf parameters are undocumented).

(cherry picked from commit 9478ec35b5349f50a61bbe2aa88af88577918e91)
(cherry picked from commit 940121d666b9e0645584c93db178b763ac5c8c04)
(cherry picked from commit a1d8a6127448fbdc25d1d87a2541a2ea8e430e17)

9 years agos3:docs: Document "enable core files".
Karolin Seeger [Mon, 30 Nov 2009 10:40:06 +0000 (11:40 +0100)]
s3:docs: Document "enable core files".

Part of a fix for bug #6890 (Some smb.conf parameters are undocumented).

(cherry picked from commit b03ad70848e6ea889f382c0cb9f21057370f1ab6)
(cherry picked from commit 15f7b70b0e6b6bd2604255cff1c351bb0425e9f3)
(cherry picked from commit 5832bc1c5896b391131952a06013154cbdafe3f9)

9 years agos3: Fix bug 6338 -- net rpc trustdom list always display "none"
Volker Lendecke [Sun, 22 Nov 2009 21:38:45 +0000 (22:38 +0100)]
s3: Fix bug 6338 -- net rpc trustdom list always display "none"

9 years agodocs: Fix Bug 6922: Add Registry patchfile for Win7 domain join.
Günther Deschner [Tue, 24 Nov 2009 10:36:14 +0000 (11:36 +0100)]
docs: Fix Bug 6922: Add Registry patchfile for Win7 domain join.

Patchfile from SATOH Fumiyasu <>.


(cherry picked from commit 95d0f0aab01fdd751841d57cebe6150cd6fdf80c)

9 years agoclikrb5: Prefer krb5_free_keytab_entry_contents to krb5_kt_free_entry.
Jelmer Vernooij [Thu, 4 Jun 2009 21:43:31 +0000 (23:43 +0200)]
clikrb5: Prefer krb5_free_keytab_entry_contents to krb5_kt_free_entry.

Both functions exist in MIT Kerberos >= 1.7, but only
krb5_free_keytab_entry_contents has a prototype.

Part of a fix for bug #6918 (Build breaks with krb5-client-1.7-6.1.i586).

9 years agos3:idmap_ldap: trim the " chars from the location string in idmap_ldap_db_init
Michael Adam [Fri, 20 Nov 2009 11:44:43 +0000 (12:44 +0100)]
s3:idmap_ldap: trim the " chars from the location string in idmap_ldap_db_init

Fix bug #6910 (idmap_ldap stumbles over idmap backend = ldap:"ldap://ldap1

When idmap backend is specified as
idmap backend = ldap:"ldap://server1 ldap://server2"
then currently "ldap://server1 ldap://server2" was passed to
ldap_initialize including the quotes, leading to an ldap error.


9 years agos3: fixed krb5 build problem on ubuntu karmic
Andrew Tridgell [Thu, 15 Oct 2009 23:40:50 +0000 (10:40 +1100)]
s3: fixed krb5 build problem on ubuntu karmic

Karmic has MIT krb5 1.7-beta3, which has the symbol
krb5_auth_con_set_req_cksumtype but no prototype for it.

See also
(cherry picked from commit a6e4cb500b4162cae1d906a1762507370b4ee89e)

Part of a fix for bug #6918.