9 years agos3:smbd:smb2: fix an assignment-instead-of-check bug conn_snum_used()
Michael Adam [Wed, 1 Feb 2012 14:25:12 +0000 (14:25 +0000)]
s3:smbd:smb2: fix an assignment-instead-of-check bug conn_snum_used()

Accidential "=" instead of "==".

Autobuild-User: Michael Adam <>
Autobuild-Date: Wed Feb  1 17:10:15 CET 2012 on sn-devel-104
(cherry picked from commit 6ba09e039e4efee33ce6b8cd9f919409656c2afb)

Fix bug #8738 (SMB2 server will not release unused shares).

9 years agoFix bug #8729 - getpass regressions on Solaris/Illumos - 3.6 and master.
Ira Cooper [Tue, 31 Jan 2012 20:15:36 +0000 (12:15 -0800)]
Fix bug #8729 - getpass regressions on Solaris/Illumos - 3.6 and 

Autobuild-User: Jeremy Allison <>
Autobuild-Date: Tue Jan 31 23:28:09 CET 2012 on sn-devel-104
(cherry picked from commit a1901b55cfa658f39a33d0ea120641f56453fe4e)

9 years agos3:auth: fill the sids array of the info3 in wbcAuthUserInfo_to_netr_SamInfo3() ...
Stefan Metzmacher [Wed, 1 Feb 2012 16:04:17 +0000 (17:04 +0100)]
s3:auth: fill the sids array of the info3 in wbcAuthUserInfo_to_netr_SamInfo3() (bug #8739)

Originally, only the rid array was filled and foreign domain sids were omitted.

Pair-Programmed-With: Michael Adam <>


Autobuild-User: Stefan Metzmacher <>
Autobuild-Date: Thu Feb  2 12:59:32 CET 2012 on sn-devel-104
(cherry picked from commit dab7b0e7171edf5b11af154175711e2b972c000b)

9 years agos3:auth: fix potential gap creation in wbcsids_to_samr_RidWithAttributeArray()
Stefan Metzmacher [Wed, 1 Feb 2012 16:02:52 +0000 (17:02 +0100)]
s3:auth: fix potential gap creation in wbcsids_to_samr_RidWithAttributeArray()

Pair-Programmed-With: Michael Adam <>

(cherry picked from commit adbab7710d1fc4ca31469982dae0ee51e6b19896)

9 years agos3:client: ignore SMBecho errors (the server may not support it) (bug #8139) Signed...
Stefan Metzmacher [Tue, 31 Jan 2012 18:02:18 +0000 (10:02 -0800)]
s3:client: ignore SMBecho errors (the server may not support it) (bug #8139) Signed-off-by: Jeremy Allison <>

9 years agos3-winbind: don't try to do clever thing if the username is not found while authentic...
Matthieu Patou [Mon, 30 Jan 2012 08:05:08 +0000 (00:05 -0800)]
s3-winbind: don't try to do clever thing if the username is not found while authenticating through winbind

This could cause that we authenticate a user with a bogus domain to
winbind's domain if the password supplied for the PAM_AUTH match.

The problem was reported by Jeff Venable (
Patch from Andrew Bartlett (

Autobuild-User: Matthieu Patou <>
Autobuild-Date: Mon Jan 30 18:58:12 CET 2012 on sn-devel-104
(cherry picked from commit 56d5cb938651b9c67a8400d1adc61a23889a6a29)

Fix bug #8734 (When using PAM_AUTH API from winbind if Kerberos auth is enabled,
samba will authenticate user with a bogus domain).

9 years agoFix for bug #8727 - smbclient fails with posix large reads.
Andrew Bartlett [Sat, 28 Jan 2012 00:03:55 +0000 (16:03 -0800)]
Fix for bug #8727 - smbclient fails with posix large reads.

s3-libsmb Do not limit read replies to NBT packet sizes

With the posix extensions, we can read 16MB at a time, so we need to check
the full size of the packet, not the size rounded down to the old NBT

Signed-off-by: Jeremy Allison <>
9 years agoWHATSNEW: Start release notes for Samba 3.6.4.
Karolin Seeger [Mon, 30 Jan 2012 19:38:38 +0000 (20:38 +0100)]
WHATSNEW: Start release notes for Samba 3.6.4.


9 years agoVERSION: Bump version up to 3.6.4.
Karolin Seeger [Mon, 30 Jan 2012 19:36:14 +0000 (20:36 +0100)]
VERSION: Bump version up to 3.6.4.


9 years agos3-smbd: Fix bug #8724.
Ira Cooper [Sun, 29 Jan 2012 19:36:05 +0000 (20:36 +0100)]
s3-smbd: Fix bug #8724.

Fix bug #8724 - Memory leak in parent smbd on connection.
This is CVE-2012-0817.

Patch have been created by Ira Cooper <> and
Jeremy Allison <>.

9 years agoWHATSNEW: Add release notes for 3.6.3.
Karolin Seeger [Sun, 29 Jan 2012 19:33:38 +0000 (20:33 +0100)]
WHATSNEW: Add release notes for 3.6.3.


9 years agoVERSION: Bump version up to 3.6.3.
Karolin Seeger [Sun, 29 Jan 2012 19:33:15 +0000 (20:33 +0100)]
VERSION: Bump version up to 3.6.3.


9 years agoWHATSNEW: Add another change.
Karolin Seeger [Wed, 25 Jan 2012 18:23:06 +0000 (19:23 +0100)]
WHATSNEW: Add another change.

Jeremy, thanks a lot for the fix!

9 years agos3-spoolss: Pass the right pointer type.
Jeremy Allison [Wed, 25 Jan 2012 18:19:14 +0000 (19:19 +0100)]
s3-spoolss: Pass the right pointer type.

Follow-up fix for an issue introduced by a fix for bug #4942.

9 years agoWHATSNEW: Add another change.
Karolin Seeger [Mon, 23 Jan 2012 20:39:58 +0000 (21:39 +0100)]
WHATSNEW: Add another change.


9 years agoSecond part of fix for 8636 - When returning an ACL without SECINFO_DACL requested...
Jeremy Allison [Mon, 23 Jan 2012 19:20:52 +0000 (11:20 -0800)]
Second part of fix for 8636 - When returning an ACL without SECINFO_DACL requested, we still set SEC_DESC_DACL_PRESENT in the type field.

Ensure we always ask for the set:


when getting an ACL inside the module.

9 years agoFix bug 8636 - When returning an ACL without SECINFO_DACL requested, we still set...
Jeremy Allison [Wed, 30 Nov 2011 00:31:18 +0000 (16:31 -0800)]
Fix bug 8636 - When returning an ACL without SECINFO_DACL requested, we still set SEC_DESC_DACL_PRESENT in the type field.

Autobuild-User: Jeremy Allison <>
Autobuild-Date: Wed Nov 30 04:59:07 CET 2011 on sn-devel-104
(cherry picked from commit da992be64f39364fbb8bca26e9421c7a36c49ac6)

9 years agoWHATSNEW: Add major changes.
Karolin Seeger [Mon, 23 Jan 2012 20:22:40 +0000 (21:22 +0100)]
WHATSNEW: Add major changes.

Please feel free to add more entries.


9 years agoWHATSNEW: Add more changes.
Karolin Seeger [Mon, 23 Jan 2012 19:52:37 +0000 (20:52 +0100)]
WHATSNEW: Add more changes.


9 years agotorture: add spoolss overlapping driver deletion tests
David Disseldorp [Tue, 17 Jan 2012 16:07:01 +0000 (17:07 +0100)]
torture: add spoolss overlapping driver deletion tests

The last 7 patches address bug #8697 (DeletePrinterDriverEx never removes
printer driver files) and bug #4942 (DeletePrinterDriverEx deletes files
in use).

9 years agotorture: confirm printer driver file removal
David Disseldorp [Tue, 17 Jan 2012 14:20:51 +0000 (15:20 +0100)]
torture: confirm printer driver file removal

9 years agotorture: add spoolss del printer driver test
David Disseldorp [Mon, 16 Jan 2012 15:30:17 +0000 (16:30 +0100)]
torture: add spoolss del printer driver test

Test handling of DeletePrinterDriverEx when the DPD_DELETE_ALL_FILES
flag is set.

9 years agos3-spoolss: fix printer_driver_files_in_use() call ordering
David Disseldorp [Tue, 17 Jan 2012 16:06:38 +0000 (17:06 +0100)]
s3-spoolss: fix printer_driver_files_in_use() call ordering

printer_driver_files_in_use() performs two tasks: it returns whether any
of the files in the to-be-deleted driver overlap with other drivers, it
also trims such files from the info structure passed in.

In processing a DeletePrinterDataEx request with DPD_DELETE_UNUSED_FILES
set, printer_driver_files_in_use() must be called to ensure files in
use by other drivers are not removed.

9 years agos3-spoolss: fix printer driver version deletion
David Disseldorp [Thu, 12 Jan 2012 15:27:37 +0000 (16:27 +0100)]
s3-spoolss: fix printer driver version deletion

Spoolss delete printer driver code currently makes invalid version
assumptions based on the architecture requested by the client.

Ugly hacks are in place to cover removal of other versions (2 and 3).
This change wraps multi version deletion in a simple for loop.

9 years agos3-spoolss: prefix print$ path on driver file deletion
David Disseldorp [Wed, 11 Jan 2012 18:50:36 +0000 (19:50 +0100)]
s3-spoolss: prefix print$ path on driver file deletion

Driver file paths stored in the registry do not include the server path
prefix. delete_driver_files() incorrectly assumes such a prefix.

9 years agospoolss: fix DPD_DELETE_ALL_FILES error return
David Disseldorp [Tue, 10 Jan 2012 17:21:42 +0000 (18:21 +0100)]
spoolss: fix DPD_DELETE_ALL_FILES error return

If DeletePrinterDriverEx is called with DPD_DELETE_ALL_FILES and files
assigned to the to-be-deleted driver overlap with other drivers then an
error is returned. Change the error code here to match Windows 2k8r2.

Signed-off-by: David Disseldorp <>
Signed-off-by: Andreas Schneider <>
9 years agoWHATSNEW: Add more changes since 3.6.1.
Karolin Seeger [Sun, 22 Jan 2012 20:22:24 +0000 (21:22 +0100)]
WHATSNEW: Add more changes since 3.6.1.


9 years agoWHATSNEW: Start release notes for 3.6.2.
Karolin Seeger [Sat, 21 Jan 2012 21:17:42 +0000 (22:17 +0100)]
WHATSNEW: Start release notes for 3.6.2.

To be continued...


9 years ago[PATCH] s3: improve the code in the AES encryption.
Matthieu Patou [Sat, 21 Jan 2012 20:34:06 +0000 (21:34 +0100)]
[PATCH] s3: improve the code in the AES encryption.

Remove looping replace them by memcpy.

Fix bug #8674 (Buffer overflow in vfs_smb_traffic_analyzer).

9 years agos3: Fix bug #8674.
Jeremy Allison [Sat, 21 Jan 2012 20:16:19 +0000 (21:16 +0100)]
s3: Fix bug #8674.

Buffer overflow issue with AES encryption in samba traffic analyzer.

9 years agoThird part of fix for bug #8673 - NT ACL issue.
Jeremy Allison [Tue, 10 Jan 2012 21:49:03 +0000 (13:49 -0800)]
Third part of fix for bug #8673 - NT ACL issue.

(Not needed in master as this code has changed). Ensure we set a temp
access mask before calling open(O_RDONLY|O_DIRECTORY) on the directory.

9 years agoSecond part of fix for bug #8673 - NT ACL issue.
Jeremy Allison [Tue, 10 Jan 2012 21:48:18 +0000 (13:48 -0800)]
Second part of fix for bug #8673 - NT ACL issue.

Ensure we process the entire ACE list instead of returning ACCESS_DENIED
and terminating the walk - ensure we only return the exact bits that cause
the access to be denied. Some of the S3 fileserver needs to know if we
are only denied DELETE access before overriding it by looking at the
containing directory ACL.

9 years agoFirst part of fix for bug #8673 - NT ACL issue.
Jeremy Allison [Tue, 10 Jan 2012 21:41:55 +0000 (13:41 -0800)]
First part of fix for bug #8673 - NT ACL issue.

Simplify the logic in the unlink/rmdir calls - makes it readable
(and correct). Add some debug.

9 years agoThird part of fix for bug #8663 - deleting a symlink fails if the symlink target...
Jeremy Allison [Fri, 16 Dec 2011 23:50:58 +0000 (15:50 -0800)]
Third part of fix for bug #8663 - deleting a symlink fails if the symlink target is outside of the share.

can_access_file_acl() - we can always delete a symlink.
can_delete_file_in_directory() - We don't need to do another STAT call
here, we know smb_fname->st is in a valid state.
smbd_check_open_rights() - we can always delete a symlink.

9 years agoSecond part of fix for bug #8663 - deleting a symlink fails if the symlink target...
Jeremy Allison [Fri, 16 Dec 2011 23:37:07 +0000 (15:37 -0800)]
Second part of fix for bug #8663 - deleting a symlink fails if the symlink target is outside of the share.

Ensure we use UCF_UNIX_NAME_LOOKUP flags on filename_convert()
when doing a restricted set of infolevels in trans2setfilepathinfo().

9 years agoFirst part of fix for bug #8663 - deleting a symlink fails if the symlink target...
Jeremy Allison [Fri, 16 Dec 2011 23:35:55 +0000 (15:35 -0800)]
First part of fix for bug #8663 - deleting a symlink fails if the symlink target is outside of the share.

Remove two unneeded check_name() calls. They have already been done
in order to get here.

9 years agoFix bug 8710 - connections.tdb - major leak with SMB2.
Jeremy Allison [Wed, 18 Jan 2012 20:38:14 +0000 (12:38 -0800)]
Fix bug 8710 - connections.tdb - major leak with SMB2.

Ensure the cnum used to claim the connection for SMB2 is the
id that will be used for the SMB2 tcon. Based on code from
Ira Cooper <>.

Autobuild-User: Jeremy Allison <>
Autobuild-Date: Wed Jan 18 23:14:32 CET 2012 on sn-devel-104
(cherry picked from commit 39c627b60754bd89c419b2d7e32d32c7a9af5a11)

9 years agoFix bug #8664 - Renaming a symlink fails if the symlink target is outside of the...
Jeremy Allison [Fri, 16 Dec 2011 23:53:46 +0000 (15:53 -0800)]
Fix bug #8664 - Renaming a symlink fails if the symlink target is outside of the share.

9 years agoidl: add to_null property
David Disseldorp [Fri, 13 Jan 2012 21:51:22 +0000 (13:51 -0800)]
idl: add to_null property

to_null specifies that character conversion should only occur until the
null pointer in an array based string.

Signed-off-by: Jeremy Allison <>
Autobuild-User: Jeremy Allison <>
Autobuild-Date: Sat Jan 14 00:51:54 CET 2012 on sn-devel-104

The last 5 patches address bug #8606 (Intermittent print job failures caused by
character conversion errors).

9 years agoidl: add to_null attribute to the spoolss devicename array
David Disseldorp [Wed, 23 Nov 2011 01:03:48 +0000 (02:03 +0100)]
idl: add to_null attribute to the spoolss devicename array

OpenPrinterEx requests have also been observed in the wild carrying
non-utf16 garbage after the device mode devicename field null

Signed-off-by: Jeremy Allison <>
9 years agoidl: add to_null attribute to the spoolss formname array
David Disseldorp [Sun, 13 Nov 2011 19:40:56 +0000 (20:40 +0100)]
idl: add to_null attribute to the spoolss formname array

OpenPrinterEx requests have been observed in the wild carrying a device
mode formname "A4" followed by non-utf16 garbage after the null
terminator. Such requests currently fail during unmarshalling in the
ndr_pull_charset() codepath, causing intermittent print job failures.

This change ensures that garbage after the device mode formname null
terminator is not processed in unmarshalling.

Signed-off-by: Jeremy Allison <>
9 years agondr: add ndr_pull_charset_to_null()
David Disseldorp [Sat, 14 Jan 2012 00:32:59 +0000 (16:32 -0800)]
ndr: add ndr_pull_charset_to_null()

The same as ndr_pull_charset(), however only perform character
conversion on bytes prior to and including the null terminator.

Signed-off-by: Jeremy Allison <>
9 years agoidl: add parser for the to_null property
David Disseldorp [Sun, 13 Nov 2011 19:39:58 +0000 (20:39 +0100)]
idl: add parser for the to_null property

Compile into a ndr_pull_charset_to_null call.

Signed-off-by: Jeremy Allison <>
9 years agos3-libads: fix malloc/talloc mismatch in ads_keytab_verify_ticket().
Günther Deschner [Fri, 6 Jan 2012 15:10:55 +0000 (16:10 +0100)]
s3-libads: fix malloc/talloc mismatch in ads_keytab_verify_ticket().


Fix big #8692 (ads_keytab_verify_ticket mixes talloc allocation with malloc

9 years agolibcli/cldap: fix a crash bug in cldap_socket_recv_dgram() (bug #8593)
Stefan Metzmacher [Thu, 10 Nov 2011 13:43:55 +0000 (14:43 +0100)]
libcli/cldap: fix a crash bug in cldap_socket_recv_dgram() (bug #8593)

After a calling any wrapper of tevent_req_notify_callback(),
e.g. tevent_req_nterror(), tevent_req_done(), tevent_req_nomem(),
a function has to return immediately otherwise it is very likely to


(similar to commit 17f1a97a614db4ed8292544988cb6a6cf56621d8)

9 years agos3:lib/ctdbd_conn: try ctdbd_init_connection() as root (bug #8684)
Stefan Metzmacher [Fri, 23 Dec 2011 13:45:45 +0000 (14:45 +0100)]
s3:lib/ctdbd_conn: try ctdbd_init_connection() as root (bug #8684)

ctdbd_traverse is only called if the main db_context is already
open. So if we could get to information via dbwrap_fetch,
we should also be able to traverse.


Autobuild-User: Stefan Metzmacher <>
Autobuild-Date: Fri Dec 23 18:19:14 CET 2011 on sn-devel-104
(cherry picked from commit 4a1895eb9921ad533910d08823c2814c470875fd)

9 years agos3-printing: fix migrate printer code (bug 8618)
Björn Baumbach [Fri, 18 Nov 2011 17:54:56 +0000 (18:54 +0100)]
s3-printing: fix migrate printer code (bug 8618)

Removed path from driver files.
We only need the basenames.

9 years agoFix bug #8686 - Packet validation checks can be done before length validation causing...
Volker Lendecke [Wed, 4 Jan 2012 19:09:54 +0000 (11:09 -0800)]
Fix bug #8686 - Packet validation checks can be done before length validation causing uninitialized memory read.

9 years agoFix bug #8687 - net memberships usage info is wrong
Jeremy Allison [Thu, 5 Jan 2012 21:54:29 +0000 (13:54 -0800)]
Fix bug #8687 - net memberships usage info is wrong

Typo in usage.

Autobuild-User: Jeremy Allison <>
Autobuild-Date: Fri Jan  6 00:30:20 CET 2012 on sn-devel-104

9 years agos3-libsmb: Don't duplicate kerberos service tickets.
Andreas Schneider [Mon, 21 Nov 2011 17:19:43 +0000 (18:19 +0100)]
s3-libsmb: Don't duplicate kerberos service tickets.

This fixes bug #8628.

Each time we do a client connection. Each time we call to function to
get the service ticket from the cache we duplicate it. So with each
connection we end up with one or three duplicated tickets.

Autobuild-User: Andreas Schneider <>
Autobuild-Date: Thu Dec 15 19:30:42 CET 2011 on sn-devel-104
(cherry picked from commit d0330c7dd64b320cd86e2341b31da6be81ba829b)

9 years agoFinal part of fix for bug #8679 - recvfile code path using splice() on Linux leaves...
Jeremy Allison [Sat, 31 Dec 2011 05:19:08 +0000 (21:19 -0800)]
Final part of fix for bug #8679 - recvfile code path using splice() on Linux leaves data in the pipe on short write.

The code to set a DOS error on short writeX return is amazingly
legacy code, and also breaks the reply as fixup_chain_error_packet()
enforces a 2-byte wct on any reply where smb_rcls != 0.

Found in testing by Andrew Bartlett. Thanks Andrew !

Autobuild-User: Jeremy Allison <>
Autobuild-Date: Sat Dec 31 08:05:35 CET 2011 on sn-devel-104
(cherry picked from commit e39df67669f61056692736db9c8dc16fbf2c3624)

9 years agoThird part of fix for bug #8679 - recvfile code path using splice() on Linux leaves...
Jeremy Allison [Sat, 31 Dec 2011 04:45:10 +0000 (20:45 -0800)]
Third part of fix for bug #8679 - recvfile code path using splice() on Linux leaves data in the pipe on short write.

Fix default_sys_recvfile() to correctly cope with
short writes. Return the amount written. Return
-1 and set errno if no data could be written.
(cherry picked from commit 5e6263960aaf1a5f9993cb7bb5646d36ff92b9cc)

9 years agoSecond part of fix for bug #8679 - recvfile code path using splice() on Linux leaves...
Jeremy Allison [Sat, 31 Dec 2011 04:23:00 +0000 (20:23 -0800)]
Second part of fix for bug #8679 - recvfile code path using splice() on Linux leaves data in the pipe on short write.

Split out the functionality of drain_socket() into a separate
function from default_sys_recvfile().
(cherry picked from commit a5715420e37b98038fe8f2c3028e4c6938400eed)

9 years agoFix bug #8679 - recvfile code path using splice() on Linux leaves data in the pipe...
Jeremy Allison [Sun, 25 Dec 2011 05:12:09 +0000 (21:12 -0800)]
Fix bug #8679 - recvfile code path using splice() on Linux leaves data in the pipe on short write

Bug found and fix suggested by Andrew Bartlett.

Autobuild-User: Jeremy Allison <>
Autobuild-Date: Sun Dec 25 07:46:38 CET 2011 on sn-devel-104
(cherry picked from commit eb617374a673bb1189dd9b6bccbf3f1d9fb91010)

9 years agos3-cli: fix bug 563, >8GB tar on BE machines
Masafumi Nakayama [Wed, 2 Nov 2011 09:35:19 +0000 (10:35 +0100)]
s3-cli: fix bug 563, >8GB tar on BE machines

Borrows on existing patches proposed by Craig Barratt and Brad Ellis.

Signed-off-by: David Disseldorp <>
Autobuild-User: David Disseldorp <>
Autobuild-Date: Tue Jan  3 18:31:28 CET 2012 on sn-devel-104
(cherry picked from commit 909056a2daacd961b40158b86bc117650a897054)

9 years agos3-winbind: Fix segfault if we can't map the last user.
Andreas Schneider [Tue, 3 Jan 2012 15:55:25 +0000 (16:55 +0100)]
s3-winbind: Fix segfault if we can't map the last user.

This fixes bug #8678.

The issue is caused by bug #8608.

Autobuild-User: Andreas Schneider <>
Autobuild-Date: Wed Jan  4 18:30:53 CET 2012 on sn-devel-104
(cherry picked from commit b9d208bdaa9da2a5ae534481865efc881b851b01)

9 years agos3-winbind: Move finding the domain to it's own function.
Andreas Schneider [Tue, 3 Jan 2012 15:54:39 +0000 (16:54 +0100)]
s3-winbind: Move finding the domain to it's own function.

This the first part to fix bug #8678.
(cherry picked from commit 5075e565684627dfbd23f715da344b4365351ccb)

9 years agoFix bug #8644 - vfs_acl_xattr and vfs_acl_tdb modules can fail to add inheritable...
Jeremy Allison [Fri, 2 Dec 2011 18:55:40 +0000 (10:55 -0800)]
Fix bug #8644 - vfs_acl_xattr and vfs_acl_tdb modules can fail to add inheritable entries on a directory with no stored ACL.

If referring to an fsp sbuf can be left as an uninitialized variable,
causing the 'is_directory' variable to be false when it should be true.

9 years agos3/doc: document the ignore system acls option of vfs_acl_xattr and vfs_acl_tdb
Björn Jacke [Sat, 10 Dec 2011 12:53:42 +0000 (13:53 +0100)]
s3/doc: document the ignore system acls option of vfs_acl_xattr and vfs_acl_tdb

Autobuild-User: Björn Jacke <>
Autobuild-Date: Sat Dec 10 15:30:46 CET 2011 on sn-devel-104
(cherry picked from commit f452add2231906742c9fd119371cd4fd81a1bdd6)

Fix bug #8652 (vfs_acl man pages miss "ignore system acls" option).

Fix bug #8652 (vfs_acl man pages miss "ignore system acls" option).

9 years agos3: Fix bug 8371
Volker Lendecke [Thu, 17 Nov 2011 21:24:24 +0000 (22:24 +0100)]
s3: Fix bug 8371

ndr_set_flag or's in the given flag (ALIGN4). At this point, ndr->flags
contains NOALIGN, which will persist. In ndr_push_DATA_BLOB NOALIGN overrides
everything else, so that the ALIGN4 is not respected.

9 years agos3-winbind: Add an update function for winbind cache.
Andreas Schneider [Mon, 5 Dec 2011 20:33:25 +0000 (12:33 -0800)]
s3-winbind: Add an update function for winbind cache.

With 57b3d32 we changed the format for the winbind cache database and
the code deleted the database for the upgrade. As this database holds
also cached credentials, removing it is not an option. We need to update
from version 1 to version 2.

Fix bug #8643 (A Samba update to 3.6 deletes the winbind cache with cached

9 years agos3: Attempt to fix the vfs_commit module
Volker Lendecke [Wed, 30 Nov 2011 17:51:27 +0000 (18:51 +0100)]
s3: Attempt to fix the vfs_commit module

This bug went in in 2007. I wonder how much this module is actually used....

Autobuild-User: Volker Lendecke <>
Autobuild-Date: Wed Nov 30 21:46:09 CET 2011 on sn-devel-104
(cherry picked from commit b638abf70a3c9b2815344454946c0931295551be)

9 years agoFix bug 8631 - POSIX ACE x permission becomes rx following mapping to and from a...
Jeremy Allison [Tue, 29 Nov 2011 19:55:39 +0000 (11:55 -0800)]
Fix bug 8631 - POSIX ACE x permission becomes rx following mapping to and from a DACL Reported by David Disseldorp. Fix based on a patch by David.

Autobuild-User: Jeremy Allison <>
Autobuild-Date: Tue Nov 29 22:32:27 CET 2011 on sn-devel-104
(cherry picked from commit 6bf97ea3bc70745f64f82251cbce443f2637c703)

9 years agoImprove so it can be used outside the Samba source tree.
Richard Sharpe [Mon, 14 Nov 2011 15:47:38 +0000 (07:47 -0800)]
Improve so it can be used outside the Samba source tree.

Autobuild-User: Richard Sharpe <>
Autobuild-Date: Thu Nov 17 07:00:38 CET 2011 on sn-devel-104
(cherry picked from commit f50aa988c201c2fe78e467f1a419bedc741e1d31)

Fix bug #8607 (The in examples/VFS does not easily allow building
modules outside the Samba source tree).

9 years agos3:libsmb: only align unicode pipe_name (bug #8586)
Stefan Metzmacher [Fri, 18 Nov 2011 07:40:18 +0000 (08:40 +0100)]
s3:libsmb: only align unicode pipe_name (bug #8586)

(cherry picked from commit 48bcb8c846532ccd5489ef705182fb81c5278b04)

9 years agos3-winbind: Don't fail on users without a uid.
Andreas Schneider [Mon, 14 Nov 2011 09:01:31 +0000 (10:01 +0100)]
s3-winbind: Don't fail on users without a uid.

This fixes bug #8608.

If you join samba with idmap_ad backend to an AD. When you try to
enumerate users with 'getent passwd' and the user doesn't have a uid
set, then getent is aborted cause of NT_STATUS_NONE_MAPPED. If we can't
map a user we should not stop but continue enumerating users.

This normally happens with the default user 'krbtgt' with idmap_ad but
could also happen with other backends.

Autobuild-User: Andreas Schneider <>
Autobuild-Date: Tue Nov 15 16:52:04 CET 2011 on sn-devel-104

(backported from commit 10b285ccc29b106f164a6c18116e237634867717)

Signed-off-by: Andreas Schneider <>
9 years agolib/util/ Fix crash bug caused by gfree_debug()
Andrew Bartlett [Mon, 9 May 2011 15:43:45 +0000 (17:43 +0200)]
lib/util/ Fix crash bug caused by gfree_debug()

The issue is that we should reset the debug_num_classes to 0 when we
un-initialise the debug system.

Andrew Bartlett
(cherry picked from commit 5db0cd55d4db9cc71f32dc0097e2f014c22967bc)

Fix bug #8623 (Crash when trying to browse samba printers).

9 years agos3: allow to set TCP_NODELAYACK socket option on AIX (#8616)
Björn Jacke [Fri, 18 Nov 2011 12:40:17 +0000 (13:40 +0100)]
s3: allow to set TCP_NODELAYACK socket option on AIX (#8616)

this is the AIX way to disable delayed ACKs, the same like TCP_QUICKACK on

this is a backport of 383a918322c1edd1977fdbce19e52e8c8e6ffac1

9 years agos3/packaging: Fix rpm build issues on RHEL4.
Karolin Seeger [Thu, 17 Nov 2011 20:23:09 +0000 (21:23 +0100)]
s3/packaging: Fix rpm build issues on RHEL4.

Second part of a fix for bug #7705 (RHEL samba.spec broken - and fix).
Based on patches of Jason Haar and Daniël van Eeden. Thanks a lot!


Autobuild-User: Karolin Seeger <>
Autobuild-Date: Fri Nov 18 22:13:06 CET 2011 on sn-devel-104
(cherry picked from commit 1d471ee393b0a0c1f9cc4256217acabcd98a5dbf)

9 years agos3/packaging: Fix rpm build issues on RHEL.
Karolin Seeger [Thu, 17 Nov 2011 20:02:30 +0000 (21:02 +0100)]
s3/packaging: Fix rpm build issues on RHEL.

Fix bug #7705 (RHEL samba.spec broken - and fix).
Based on patches of Jason Haar and Daniël van Eeden. Thanks a lot!


Autobuild-User: Karolin Seeger <>
Autobuild-Date: Thu Nov 17 23:05:28 CET 2011 on sn-devel-104
(cherry picked from commit 32e825d60df26fa1d4cf5c8c7cb37ca0523847ca)

9 years agoFix bug #8562 - talloc: double free error.
Jeremy Allison [Thu, 3 Nov 2011 21:30:11 +0000 (14:30 -0700)]
Fix bug #8562 - talloc: double free error.

Ensure we don't access an undefined pointer.

Autobuild-User: Jeremy Allison <>
Autobuild-Date: Fri Nov  4 00:09:46 CET 2011 on sn-devel-104
(cherry picked from commit 767c54d8dd9596718579699398392ae234b40aa2)

9 years agolibcli-cldap: avoid the case local == remote == NULL (cherry picked from commit 4d2d3...
Matthieu Patou [Fri, 21 Oct 2011 14:11:41 +0000 (16:11 +0200)]
libcli-cldap: avoid the case local == remote == NULL (cherry picked from commit 4d2d33ee09941ddb211e21788c01d886730224c2)

Signed-off-by: Stefan Metzmacher <>
The last 2 patches address bug #8600 (cldap doesn't work over ipv6).

9 years agolibcli/cldap: make sure the local and remote address family matches
Stefan Metzmacher [Fri, 21 Oct 2011 07:49:30 +0000 (09:49 +0200)]
libcli/cldap: make sure the local and remote address family matches


Signed-off-by: Matthieu Patou <>
(cherry picked from commit 66530e91498cfa77a9d2e3a031f8a2e1c5ee6804)

9 years agos3:libsmb: consistently use state->size in cli_write_andx_create() (bug #5326)
Stefan Metzmacher [Fri, 11 Nov 2011 01:10:00 +0000 (02:10 +0100)]
s3:libsmb: consistently use state->size in cli_write_andx_create() (bug #5326)

Otherwise we may get unexpected results.

This is a fix that was missing in commit 95595dd93fd04999fcf56ecaab7c29b064d021f8
(s3:libsmb: fix cli_write_and_x() against OS/2 print shares (bug #5326))


Autobuild-User: Stefan Metzmacher <>
Autobuild-Date: Wed Nov  9 10:13:32 CET 2011 on sn-devel-104
(cherry picked from commit 4b31c4273c45faa639445614061f3da548eb8505)

9 years agos3:libsmb: fix cli_write_and_x() against OS/2 print shares (bug #5326)
Stefan Metzmacher [Tue, 8 Nov 2011 07:25:16 +0000 (08:25 +0100)]
s3:libsmb: fix cli_write_and_x() against OS/2 print shares (bug #5326)

Print shares doesn't support CAP_LARGE_WRITEX, while it's negotiated
by the file server part.


Autobuild-User: Stefan Metzmacher <>
Autobuild-Date: Tue Nov  8 17:01:36 CET 2011 on sn-devel-104
(cherry picked from commit 95595dd93fd04999fcf56ecaab7c29b064d021f8)

9 years agoEnsure we correctly calculate reply credits over all returned
Jeremy Allison [Tue, 15 Nov 2011 19:27:56 +0000 (11:27 -0800)]
Ensure we correctly calculate reply credits over all returned
SMB2 replies, and do as Windows does and return the total in the
last SMB2 reply. Fixes an issue found by Christian M Ambach <>
(and thanks to Christian for the initial patch this was based on).
(cherry picked from commit 65566dfa8629136eaf0dc1491502dc651d1a4858)

Fix bug #8614 (SMB2: not granting credits for all requests in a compound

9 years agos3:smb2_flush: outbody only needs 4 bytes
Stefan Metzmacher [Thu, 10 Nov 2011 11:20:20 +0000 (12:20 +0100)]
s3:smb2_flush: outbody only needs 4 bytes


Autobuild-User: Stefan Metzmacher <>
Autobuild-Date: Mon Nov 14 10:01:30 CET 2011 on sn-devel-104
(cherry picked from commit 72cabbbe50a36986dde823f0ba60abf9052c535a)

Fix bug #8579 (smb2_flush sends uninitialized memory).

9 years agoFix bug #8561 - Password change settings not fully observed.
Jeremy Allison [Tue, 15 Nov 2011 23:42:50 +0000 (15:42 -0800)]
Fix bug #8561 - Password change settings not fully observed.

Based on commit 3ede4ffe969f806ba2363b62c09673c32a4ec296 in master
(with a change to set the header prototype in the correct file).

9 years agos3:smb2_server: grant credits in async interim responses (bug #8357)
Stefan Metzmacher [Tue, 8 Nov 2011 16:50:43 +0000 (17:50 +0100)]
s3:smb2_server: grant credits in async interim responses (bug #8357)

The first fix for bug #8357 intruduced a regression, so that we no
longer grant credits for real async interim responses with


Autobuild-User: Stefan Metzmacher <>
Autobuild-Date: Wed Nov  9 11:56:29 CET 2011 on sn-devel-104
(cherry picked from commit ffbd1ed2797616226a7987efd4b4dd4275c8c9d0)

9 years agos3:smbd: don't limit the number of open dptrs for smb2 (bug #8592)
Stefan Metzmacher [Wed, 9 Nov 2011 15:04:09 +0000 (16:04 +0100)]
s3:smbd: don't limit the number of open dptrs for smb2 (bug #8592)

This fixes a crash bug that is triggered, when a client has more than
256 directory handles with searches.


Autobuild-User: Stefan Metzmacher <>
Autobuild-Date: Thu Nov 10 14:08:14 CET 2011 on sn-devel-104
(cherry picked from commit 22ddbb50534aa73240a171732d4ac1fa884fa412)

9 years agos3:smbd: fully construct the dptr before allocating a dnum in the bitmap
Stefan Metzmacher [Wed, 9 Nov 2011 14:59:22 +0000 (15:59 +0100)]
s3:smbd: fully construct the dptr before allocating a dnum in the bitmap

(cherry picked from commit 39bb5a62977261d0926f56b792aacaa5e772ff6f)

9 years agos3:smbd: avoid string_set() in dir.c
Stefan Metzmacher [Thu, 10 Nov 2011 09:39:34 +0000 (10:39 +0100)]
s3:smbd: avoid string_set() in dir.c

And do some more error checks.

(cherry picked from commit 7644547a5523b77bd49d9a5d979d5e4939153401)

9 years agosamr: filterModuleName is a lsa_String in userPwdChangeFailureInformation.
Günther Deschner [Tue, 8 Nov 2011 15:00:10 +0000 (16:00 +0100)]
samr: filterModuleName is a lsa_String in userPwdChangeFailureInformation.

The entire marshalling of samr_ChangePasswordUser3 broke with c2685cdedb430ae75a94e86f34484292b4269363.

Matthias, the bad effect of this change was that actually all failed password
change attempts will always return NT_STATUS_OK because the last 4 bytes (the
resulting status code) were not marshalled anymore.


Autobuild-User: Günther Deschner <>
Autobuild-Date: Wed Nov  9 00:41:13 CET 2011 on sn-devel-104
(cherry picked from commit 8a18edf1c2d553105cfcadec4d892e4e5a0fdba1)

The last 2 patches address bug #8591 (samr_ChangePasswordUser3 IDL incorrect).

9 years agos4-smbtorture: demonstrate how broken our samr_ChangePasswordUser3 marshalling is...
Günther Deschner [Tue, 8 Nov 2011 14:58:34 +0000 (15:58 +0100)]
s4-smbtorture: demonstrate how broken our samr_ChangePasswordUser3 marshalling is...

(cherry picked from commit bfe084bd8bbdfa0a0fa31521584f3bc142785fb8)

9 years agos3:idmap_autorid: document allocation pool
Christian Ambach [Thu, 20 Oct 2011 16:53:02 +0000 (18:53 +0200)]
s3:idmap_autorid: document allocation pool

document the need that excessive use of local users/group might
require increasing the rangesize

Autobuild-User: Christian Ambach <>
Autobuild-Date: Fri Oct 21 18:04:50 CEST 2011 on sn-devel-104

The last 4 patches address bug #8444 (idmap_autorid does not have allocation

9 years agos3:idmap_autorid: add an allocation range to autorid
Christian Ambach [Thu, 20 Oct 2011 16:44:48 +0000 (18:44 +0200)]
s3:idmap_autorid: add an allocation range to autorid

this is needed to allocate gids for BUILTIN\Users and
BUILTIN\Administrators and for local users/group that
admins might want to create

autorid will now allocate one range for this purpose
and can so give out as many uids and gids as the
configured rangesize allows

9 years agos3:idmap_autorid: move HWM initialization into a function
Christian Ambach [Thu, 20 Oct 2011 16:39:30 +0000 (18:39 +0200)]
s3:idmap_autorid: move HWM initialization into a function

we will need some more HWM soon, so move out initialization and
optimize the logic using the new interface of dbwrap_fetch_uint32

9 years agos3:idmap_autorid: use strings as parameter for range allocator
Christian Ambach [Thu, 20 Oct 2011 16:22:19 +0000 (18:22 +0200)]
s3:idmap_autorid: use strings as parameter for range allocator

this prepares for allocation of non-domain ranges that cannot be
expressed by a SID (e.g. an allocation pool)

9 years agosystemd: Fix dependencies.
Andreas Schneider [Wed, 2 Nov 2011 15:53:27 +0000 (16:53 +0100)]
systemd: Fix dependencies.

Autobuild-User: Andreas Schneider <>
Autobuild-Date: Fri Nov  4 12:36:04 CET 2011 on sn-devel-104
(cherry picked from commit 4f3e86f62398218c454b979aaad75c7d7d3d8546)

The last 3 patches address bug #8575 (Add systemd files to 3.6).

9 years agopkg: add comments to the systemd sysconfig file
David Disseldorp [Thu, 3 Nov 2011 11:54:00 +0000 (12:54 +0100)]
pkg: add comments to the systemd sysconfig file

Autobuild-User: David Disseldorp <>
Autobuild-Date: Thu Nov  3 15:11:27 CET 2011 on sn-devel-104
(cherry picked from commit 0f61eb5e299abfa0ffe5e0dd92a40e582021a5b2)

9 years agoAdd systemd service files.
Andreas Schneider [Thu, 27 Oct 2011 15:11:19 +0000 (17:11 +0200)]
Add systemd service files.

Autobuild-User: Andreas Schneider <>
Autobuild-Date: Fri Oct 28 11:34:27 CEST 2011 on sn-devel-104
(cherry picked from commit 7d7ba3ba40895090d9bd791f210f89c5d5d2582e)

9 years agos3:libsmb: the workgroup in the non-extended-security negprot is not aligned (#8573)
Stefan Metzmacher [Fri, 4 Nov 2011 11:52:44 +0000 (12:52 +0100)]
s3:libsmb: the workgroup in the non-extended-security negprot is not aligned (#8573)

I've tested the fix against NT4 sp6a, W2K sp4, W2K8R2 and Win8pre0.

(similar to commit aea76a3aaa7ea52f563e7bc8a8ed60d9651f9e34)

9 years agos3-wafbuild: Fix inotify detection (bug 8580)
Björn Baumbach [Mon, 7 Nov 2011 13:24:40 +0000 (14:24 +0100)]
s3-wafbuild: Fix inotify detection (bug 8580)

Enable inotify if sys or kernel inotify is available.

Signed-off-by: Stefan Metzmacher <>
Autobuild-User: Stefan Metzmacher <>
Autobuild-Date: Mon Nov  7 16:28:38 CET 2011 on sn-devel-104
(cherry picked from commit b9e6c48678624ba5335d00906c558ea9e0086699)

9 years agos3-build: Fix inotify detection (bug 8580)
Björn Baumbach [Mon, 7 Nov 2011 11:42:28 +0000 (12:42 +0100)]
s3-build: Fix inotify detection (bug 8580)

Enable inotify if sys or kernel inotify is available.

Signed-off-by: Stefan Metzmacher <>
(cherry picked from commit 846809853acd53a733fa6057436c6e51843d8fab)

9 years agos3:smb2_server: FLAG_CHAINED means we always use the last session_id and tid
Stefan Metzmacher [Tue, 1 Nov 2011 17:55:17 +0000 (10:55 -0700)]
s3:smb2_server: FLAG_CHAINED means we always use the last session_id and tid

Based on master commit 91648aeb6409787c7766943225f5c7a9c695aa0b.


The last 4 patches address bug #8560 (SMB2 doesn't handle compound request
headers in the same way as Windows).

9 years agosmb2_constants: add SMB2_HDR_CREDIT_CHARGE
Stefan Metzmacher [Tue, 30 Aug 2011 09:48:16 +0000 (11:48 +0200)]
smb2_constants: add SMB2_HDR_CREDIT_CHARGE

SMB2_HDR_EPOCH was never used and SMB 2.10 uses it as

We keep SMB2_HDR_EPOCH as alias for now, until all callers
are fixed.


Autobuild-User: Stefan Metzmacher <>
Autobuild-Date: Tue Aug 30 23:49:56 CEST 2011 on sn-devel-104
(cherry picked from commit 480a031c5b9a2ffe1e03e3fcb197e526e6d69e72)

9 years agos3:smb2_server: don't reset the tid and session id in the out hdr of compound requests
Stefan Metzmacher [Mon, 31 Oct 2011 22:15:09 +0000 (15:15 -0700)]
s3:smb2_server: don't reset the tid and session id in the out hdr of compound requests

Windows also leaves tid (0xFFFFFFFF) and session id (0xFFFFFFFFFFFFFFFF)
as the client requested them.

Based on commit 8d07d7148bf47ea14e62d39ed8a8cc4f1366810e from master.


9 years agos3:smb2_server: echo the SMB2_HDR_CREDIT_CHARGE and SMB2_HDR_SIGNATURE fields
Stefan Metzmacher [Thu, 27 Oct 2011 14:42:44 +0000 (16:42 +0200)]
s3:smb2_server: echo the SMB2_HDR_CREDIT_CHARGE and SMB2_HDR_SIGNATURE fields

Windows just echos back the given values by default.

(cherry picked from commit c7d3b6b2c38711943910aebff72b0188b0c346db)

9 years agos3:smbd increase a debug level
Christian Ambach [Fri, 4 Nov 2011 16:34:48 +0000 (17:34 +0100)]
s3:smbd increase a debug level

logging disconnected clients with level 1 swamps the logs

(This fixes Bug #8585 Disconnecting clients swamp the logs)

9 years agoProperly fix bug #8384 - Windows XP clients seem to crash smbd process every once...
Henry Wong [Fri, 4 Nov 2011 18:20:10 +0000 (11:20 -0700)]
Properly fix bug #8384 - Windows XP clients seem to crash smbd process every once in a while.

Ensure we correctly null out the referenced pointer when we decrease the ref. count.

Autobuild-User: Jeremy Allison <>
Autobuild-Date: Fri Nov  4 21:12:13 CET 2011 on sn-devel-104
(cherry picked from commit 51c86c8e67c3b026f49136f5b6743c279cc206d2)