samba.git
10 years agoFix an unitialized variable warning
Volker Lendecke [Sun, 10 May 2009 05:42:55 +0000 (07:42 +0200)]
Fix an unitialized variable warning

10 years agowb_int_trans -> wb_simple_trans in wbclient.c
Volker Lendecke [Sat, 9 May 2009 19:12:33 +0000 (21:12 +0200)]
wb_int_trans -> wb_simple_trans in wbclient.c

10 years agoAdd wb_simple_trans_send/recv
Volker Lendecke [Sat, 9 May 2009 19:01:09 +0000 (21:01 +0200)]
Add wb_simple_trans_send/recv

10 years agoPass also sername to check password script
Simo Sorce [Sat, 9 May 2009 15:26:14 +0000 (11:26 -0400)]
Pass also sername to check password script

10 years agoFix the mangle1 test
Volker Lendecke [Sat, 9 May 2009 11:46:08 +0000 (13:46 +0200)]
Fix the mangle1 test

10 years agoDo not call SMB_VFS_GET_REAL_FILENAME if the name is mangled
Volker Lendecke [Sat, 9 May 2009 09:12:52 +0000 (11:12 +0200)]
Do not call SMB_VFS_GET_REAL_FILENAME if the name is mangled

The GPFS get_real_file name does not know about mangled names. Tim, if onefs
does not either, you need this bugfix :-)

In case onefs does 8.3 names, we need to pass the mangled flag down to
SMB_VFS_GET_REAL_FILENAME to give GPFS a chance say ENOTSUPP and do the
fallback.

10 years agos3:libsmb: fix layering of cli_ntrename_internal and its callers
Stefan Metzmacher [Fri, 8 May 2009 16:40:35 +0000 (18:40 +0200)]
s3:libsmb: fix layering of cli_ntrename_internal and its callers

It's easier to have cli_ntrename_internal as a semetric async
tevent_req function. cli_ntrename() and cli_nt_hardlink() should
be callers on top of cli_ntrename_internal().

metze

10 years agos3: Fix chained sesssetupAndX/tconn messages
Tim Prouty [Wed, 25 Mar 2009 00:24:55 +0000 (00:24 +0000)]
s3: Fix chained sesssetupAndX/tconn messages

A sesssetupAndX chained with a tconn will not correctly set the TID in
the response header.  I'm seeing an XP client send this chained
sesssetup/tconn when samba has security = share.  Samba's current
behavior is to return a TID of 0 in the smb header rather than the
actual TID.  This patch also updates the UID in the header as well.

10 years agos4-smbtorture: avoid secdesc test on connect handle in RPC-SAMR-USERS for Samba3.
Günther Deschner [Fri, 8 May 2009 22:46:17 +0000 (00:46 +0200)]
s4-smbtorture: avoid secdesc test on connect handle in RPC-SAMR-USERS for Samba3.

With this, I think, we pass RPC-SAMR-USERS.

Guenther

10 years agos3-samr: Fix SetUserInfo level 16 and 21 w.r.t. ACB_AUTOLOCK acct_flag.
Günther Deschner [Fri, 8 May 2009 22:03:50 +0000 (00:03 +0200)]
s3-samr: Fix SetUserInfo level 16 and 21 w.r.t. ACB_AUTOLOCK acct_flag.

It is not allowed to *set* this flag remotely if it has been not set already.

Found by torture test.

Guenther

10 years agos3-samr: Fix SetUserInfo level 7 when there has been no name change.
Günther Deschner [Fri, 8 May 2009 22:02:00 +0000 (00:02 +0200)]
s3-samr: Fix SetUserInfo level 7 when there has been no name change.

Found by torture test.

Guenther

10 years agos3-selftest: enable running RPC-SAMR-USERS against Samba3.
Günther Deschner [Fri, 8 May 2009 20:23:51 +0000 (22:23 +0200)]
s3-selftest: enable running RPC-SAMR-USERS against Samba3.

Guenther

10 years agos4-smbtorture: skip unsupported ACB bits for Samba3 in RPC-SAMR-USER.
Günther Deschner [Fri, 8 May 2009 20:20:38 +0000 (22:20 +0200)]
s4-smbtorture: skip unsupported ACB bits for Samba3 in RPC-SAMR-USER.

Guenther

10 years agos3-samr: more accurateness in _samr_SetDomainInfo().
Günther Deschner [Fri, 8 May 2009 09:24:35 +0000 (11:24 +0200)]
s3-samr: more accurateness in _samr_SetDomainInfo().

Guenther

10 years agos4-smbtorture: Support timestamp handling for Samba3 in RPC-SAMR-USERS.
Günther Deschner [Fri, 8 May 2009 20:01:55 +0000 (22:01 +0200)]
s4-smbtorture: Support timestamp handling for Samba3 in RPC-SAMR-USERS.

Timestamps in passdb (currently) only have second granularity.

Guenther

10 years agoFix bug #6330 - DFS doesn't work on AIX. Jeremy.
Jeremy Allison [Fri, 8 May 2009 18:31:34 +0000 (11:31 -0700)]
Fix bug #6330 - DFS doesn't work on AIX. Jeremy.

10 years agoExpand the comment explaining why user_in_group_sid is
Jeremy Allison [Fri, 8 May 2009 17:11:38 +0000 (10:11 -0700)]
Expand the comment explaining why user_in_group_sid is
not reliable for winbindd users from foreign domains.
Jeremy.

10 years agos3:smbd: fix posix acls when setting an ACL without explicit ACE for the owner (bug...
Stefan Metzmacher [Fri, 8 May 2009 12:33:49 +0000 (14:33 +0200)]
s3:smbd: fix posix acls when setting an ACL without explicit ACE for the owner (bug#2346)

The problem of bug #2346 remains for users exported by
winbindd, because create_token_from_username() just fakes
the token when the user is not in the local sam domain. This causes
user_in_group_sid() to give totally wrong results.
In uid_entry_in_group() we need to check if we already
have the full unix token in the current_user struct.
If so we should use the current_user unix token,
instead of doing a very complex user_in_group_sid()
which doesn't give reliable results anyway.

metze

10 years agos3:smbd: fix the fix for mapped IPv4 address handling in release_ip().
Michael Adam [Fri, 8 May 2009 13:13:21 +0000 (15:13 +0200)]
s3:smbd: fix the fix for mapped IPv4 address handling in release_ip().

It was too late... Thanks Metze for noticing.

Michael

10 years agos3-selftest: run RPC-LSA-GETUSER against Samba 3.
Günther Deschner [Fri, 8 May 2009 09:26:57 +0000 (11:26 +0200)]
s3-selftest: run RPC-LSA-GETUSER against Samba 3.

Guenther

10 years agos4-smbtorture: Fix printf info-level mismatch in RPC-SAMR.
Günther Deschner [Fri, 8 May 2009 07:56:40 +0000 (09:56 +0200)]
s4-smbtorture: Fix printf info-level mismatch in RPC-SAMR.

Guenther

10 years agos3-samr: implement more info levels in _samr_QueryDomainInfo().
Günther Deschner [Fri, 8 May 2009 07:55:10 +0000 (09:55 +0200)]
s3-samr: implement more info levels in _samr_QueryDomainInfo().

Gets us closer to pass RPC-SAMR.

Guenther

10 years agos3-samr: Fix potential memory leak in _samr_ChangePasswordUser().
Günther Deschner [Thu, 7 May 2009 23:23:54 +0000 (01:23 +0200)]
s3-samr: Fix potential memory leak in _samr_ChangePasswordUser().

Guenther

10 years agos4:loadparm: fix a comment typo. and line wrapping.
Michael Adam [Thu, 7 May 2009 14:49:58 +0000 (16:49 +0200)]
s4:loadparm: fix a comment typo. and line wrapping.

Michael

10 years agos4:loadparm: fix brace indentation and add brace for clarity
Michael Adam [Thu, 7 May 2009 14:37:11 +0000 (16:37 +0200)]
s4:loadparm: fix brace indentation and add brace for clarity

Michael

10 years agos3: make release_ip() call (ctdb) cope with IPv4 mapped addresses
Michael Adam [Thu, 7 May 2009 23:11:43 +0000 (01:11 +0200)]
s3: make release_ip() call (ctdb) cope with IPv4 mapped addresses

Michael

10 years agos3-selftest: finally enable RPC-SAMR-PASSWORDS which samba3 now passes.
Günther Deschner [Thu, 7 May 2009 22:31:11 +0000 (00:31 +0200)]
s3-selftest: finally enable RPC-SAMR-PASSWORDS which samba3 now passes.

Guenther

10 years agos4-smbtorture: avoid acct_flags check at the end of RPC-SAMR-PASSWORDS for Samba3.
Günther Deschner [Thu, 7 May 2009 22:30:11 +0000 (00:30 +0200)]
s4-smbtorture: avoid acct_flags check at the end of RPC-SAMR-PASSWORDS for Samba3.

I don't get this, why would the account suddenly get ACB_PWNOTREQ ?

Guenther

10 years agos3-selftest: need to enable lanman auth in order make RPC-SAMR-PASSWORDS pass.
Günther Deschner [Thu, 7 May 2009 22:18:28 +0000 (00:18 +0200)]
s3-selftest: need to enable lanman auth in order make RPC-SAMR-PASSWORDS pass.

Guenther

10 years agos3-samr: Do not leak information whether a user exist or not in pwd change calls.
Günther Deschner [Thu, 7 May 2009 21:56:22 +0000 (23:56 +0200)]
s3-samr: Do not leak information whether a user exist or not in pwd change calls.

Found by torture test.

Guenther

10 years agos3-samr: implement _samr_ChangePasswordUser().
Günther Deschner [Thu, 7 May 2009 22:16:43 +0000 (00:16 +0200)]
s3-samr: implement _samr_ChangePasswordUser().

This is vastly copied from samba4 samr server.

Guenther

10 years agos3-samr: implement _samr_OemChangePasswordUser2().
Günther Deschner [Thu, 7 May 2009 21:26:54 +0000 (23:26 +0200)]
s3-samr: implement _samr_OemChangePasswordUser2().

Guenther

10 years agos3-samr: disable check for ACB_DISABLED in check_oem_password().
Günther Deschner [Thu, 7 May 2009 21:54:58 +0000 (23:54 +0200)]
s3-samr: disable check for ACB_DISABLED in check_oem_password().

It is a bad idea to just tell everyone that an account is disabled without
really having checked the password first.

Found by torture test.

Guenther

10 years agos3-samr: rework check_oem_password() to take a struct samu, not to return one.
Günther Deschner [Thu, 7 May 2009 21:22:26 +0000 (23:22 +0200)]
s3-samr: rework check_oem_password() to take a struct samu, not to return one.

Guenther

10 years agos4-smbtorture: prepare for running RPC-SAMR-USERS against samba3.
Günther Deschner [Thu, 7 May 2009 19:47:47 +0000 (21:47 +0200)]
s4-smbtorture: prepare for running RPC-SAMR-USERS against samba3.

In Samba 3 there are no pdb calls to store comments, codepages and countrycodes
(yet).

Guenther

10 years agos3-samr: Let _samr_TestPrivateFunctionsUser() return not supported.
Günther Deschner [Thu, 7 May 2009 16:42:28 +0000 (18:42 +0200)]
s3-samr: Let _samr_TestPrivateFunctionsUser() return not supported.

This is to get us closer to pass RPC-SAMR-USERS.

Guenther

10 years agos3-samr: Do not return users in _samr_QueryDisplayInfo() for builtin domain.
Günther Deschner [Thu, 7 May 2009 16:40:39 +0000 (18:40 +0200)]
s3-samr: Do not return users in _samr_QueryDisplayInfo() for builtin domain.

Found by torture test.

Guenther

10 years agos3-samr: let set_user_info_16 and 20 follow the same pattern as all other levels.
Günther Deschner [Thu, 7 May 2009 19:45:51 +0000 (21:45 +0200)]
s3-samr: let set_user_info_16 and 20 follow the same pattern as all other levels.

Guenther

10 years agos3-samr: support some more info levels in samr_SetUserInfo calls.
Günther Deschner [Thu, 7 May 2009 15:06:26 +0000 (17:06 +0200)]
s3-samr: support some more info levels in samr_SetUserInfo calls.

Guenther

10 years agos3-samr: support some more info levels in samr_QueryUser calls.
Günther Deschner [Thu, 7 May 2009 15:05:49 +0000 (17:05 +0200)]
s3-samr: support some more info levels in samr_QueryUser calls.

Guenther

10 years agos3/ldap: also handle DirX return codes
Björn Jacke [Thu, 7 May 2009 15:50:34 +0000 (17:50 +0200)]
s3/ldap: also handle DirX return codes

10 years agos3:configure: "test" only takes one "="
Björn Jacke [Sat, 4 Apr 2009 09:21:01 +0000 (11:21 +0200)]
s3:configure: "test" only takes one "="

10 years agoFix some type-punned warnings
Volker Lendecke [Thu, 7 May 2009 21:07:55 +0000 (23:07 +0200)]
Fix some type-punned warnings

10 years agoRemove a misleading comment
Volker Lendecke [Wed, 6 May 2009 13:12:27 +0000 (15:12 +0200)]
Remove a misleading comment

10 years agoFix some nonempty blank lines
Volker Lendecke [Thu, 7 May 2009 21:25:49 +0000 (23:25 +0200)]
Fix some nonempty blank lines

10 years agoConvert lib/wb_reqtrans.c to unix calling conventions
Volker Lendecke [Wed, 6 May 2009 13:10:00 +0000 (15:10 +0200)]
Convert lib/wb_reqtrans.c to unix calling conventions

10 years agoAdapt wb_reqtrans to "recent" coding conventions
Volker Lendecke [Wed, 6 May 2009 12:52:17 +0000 (14:52 +0200)]
Adapt wb_reqtrans to "recent" coding conventions

10 years agos3-auth: use full 16byte session key in make_user_info_netlogon_interactive().
Günther Deschner [Thu, 7 May 2009 11:36:52 +0000 (13:36 +0200)]
s3-auth: use full 16byte session key in make_user_info_netlogon_interactive().

Patch from Jeremy.

With this patch, I was able to join Windows 7 RC to a Samba3 DC, and login into a
Samba 3 Domain.

There are still two registry settings required:

        HKLM\System\CCS\Services\LanmanWorkstation\Parameters
            DWORD  DomainCompatibilityMode = 1
    DWORD  DNSNameResolutionRequired = 0

Do *not* modify the other netlogon registry parameters that were passed around,
they weaken security.

Guenther
(cherry picked from commit b5097d54cb74ca0ea328f9e029562f65f4a01134)

10 years agoAsync API needs all parameters to be kept around until sent,
Jeremy Allison [Thu, 7 May 2009 17:01:28 +0000 (10:01 -0700)]
Async API needs all parameters to be kept around until sent,
ensure they're attached to the state structure. Thanks to Metze
for pointing this out.
Jeremy.

10 years agoFix a typo
Volker Lendecke [Thu, 7 May 2009 14:24:54 +0000 (16:24 +0200)]
Fix a typo

10 years agoAdd simple test chaining up sesssetup and tcon
Volker Lendecke [Thu, 7 May 2009 14:24:46 +0000 (16:24 +0200)]
Add simple test chaining up sesssetup and tcon

10 years agoMake cli_tcon_andx chainable
Volker Lendecke [Thu, 7 May 2009 14:24:04 +0000 (16:24 +0200)]
Make cli_tcon_andx chainable

10 years agoMake cli_session_setup_guest chainable
Volker Lendecke [Thu, 7 May 2009 14:23:27 +0000 (16:23 +0200)]
Make cli_session_setup_guest chainable

10 years agos3-samr: Fix _samr_Connect5(). In error case it still needs to return empty info1.
Günther Deschner [Thu, 7 May 2009 12:19:43 +0000 (14:19 +0200)]
s3-samr: Fix _samr_Connect5(). In error case it still needs to return empty info1.

Guenther

10 years agoFix missing backtick.
Praveen Arimbrathodiyil [Thu, 7 May 2009 12:16:19 +0000 (14:16 +0200)]
Fix missing backtick.

10 years agos3-rpcclient: rework enumdrivers call a bit to allow queries like win7 does.
Günther Deschner [Thu, 7 May 2009 11:35:00 +0000 (13:35 +0200)]
s3-rpcclient: rework enumdrivers call a bit to allow queries like win7 does.

Guenther

10 years agos3-credentials: protect netlogon_creds_server_step() against NULL creds.
Günther Deschner [Thu, 7 May 2009 11:32:41 +0000 (13:32 +0200)]
s3-credentials: protect netlogon_creds_server_step() against NULL creds.

Found by SCHANNEL torture tests.

Guenther

10 years agos3-selftest: run RPC-SCHANNEL, RPC-SCHANNEL2 and RPC-BENCH-SCHANNEL1 against Samba3.
Günther Deschner [Thu, 7 May 2009 11:06:03 +0000 (13:06 +0200)]
s3-selftest: run RPC-SCHANNEL, RPC-SCHANNEL2 and RPC-BENCH-SCHANNEL1 against Samba3.

Guenther

10 years agos4-smbtorture: Avoid failing RPC-SCHANNEL when testing lsa_GetUserName behaviour...
Günther Deschner [Thu, 7 May 2009 11:05:13 +0000 (13:05 +0200)]
s4-smbtorture: Avoid failing RPC-SCHANNEL when testing lsa_GetUserName behaviour against Samba 3.

Guenther

10 years agoFix bug 6336: "net groupmap set" segfaults
Volker Lendecke [Thu, 7 May 2009 08:09:32 +0000 (10:09 +0200)]
Fix bug 6336: "net groupmap set" segfaults

10 years agotevent: fix typo async_req_done() => tevent_req_done()
Stefan Metzmacher [Fri, 1 May 2009 15:45:39 +0000 (17:45 +0200)]
tevent: fix typo async_req_done() => tevent_req_done()

metze

10 years agoMake cli_setatr async.
Jeremy Allison [Wed, 6 May 2009 23:13:42 +0000 (16:13 -0700)]
Make cli_setatr async.
Jeremy.

10 years agoAfter getting confirmation from Guenther, add 3 changes we'll
Jeremy Allison [Wed, 6 May 2009 23:10:20 +0000 (16:10 -0700)]
After getting confirmation from Guenther, add 3 changes we'll
ultimately need to fix bug #6099 Samba returns incurrate capabilities list.
1). Add a comment to point out that r->in.negotiate_flags is an aliased pointer to
r->out.negotiate_flags.
2). Ensure we return NETLOGON_NEG_STRONG_KEYS in our flags
return if the client requested it.
3). Clean up the error exits so we always return the same
way.
Signed off by Guenther.
Jeremy.

10 years agoMake cli_setattrE async.
Jeremy Allison [Wed, 6 May 2009 22:07:05 +0000 (15:07 -0700)]
Make cli_setattrE async.
Jeremy.

10 years agos3-netlogon: Fix NETLOGON credential chain. Fixes Bug #6099 (Windows 7 joining Samba3...
Günther Deschner [Wed, 6 May 2009 17:29:01 +0000 (19:29 +0200)]
s3-netlogon: Fix NETLOGON credential chain. Fixes Bug #6099 (Windows 7 joining Samba3) and probably many, many more.

Jeremy, with 9a5d5cc1db0ee60486f932e34cd7961b90c70a56 you alter the in negotiate
flags (which are a pointer to the out negotiate flags assigned in the generated
netlogon server code). So, while you wanted to just set the *out* negflags, you
did in fact reset the *in* negflags, effectively eliminating the
NETLOGON_NEG_STRONG_KEYS bit (formerly known as NETLOGON_NEG_128BIT) which then
caused creds_server_init() to generate 64bit creds instead of 128bit, causing
the whole chain to break. *Please* check.

Guenther

10 years agoAvoid --nonet when building manpages; xsltproc will already prefer local
Jelmer Vernooij [Wed, 6 May 2009 15:48:01 +0000 (17:48 +0200)]
Avoid --nonet when building manpages; xsltproc will already prefer local
stylesheets if they are installed.

10 years agos3/docs: Remove unnecessary .sp.
Karolin Seeger [Wed, 6 May 2009 14:06:59 +0000 (16:06 +0200)]
s3/docs: Remove unnecessary .sp.

Karolin

10 years agos3-docs: Fix Bug #6331. Document "net dom join/net dom unjoin".
Günther Deschner [Wed, 6 May 2009 13:43:23 +0000 (15:43 +0200)]
s3-docs: Fix Bug #6331. Document "net dom join/net dom unjoin".

Guenther

10 years agos3-docs: Fix "net eventlog dump" syntax in manpage.
Günther Deschner [Wed, 6 May 2009 13:43:00 +0000 (15:43 +0200)]
s3-docs: Fix "net eventlog dump" syntax in manpage.

Guenther

10 years agoFix Coverity ID 897: REVERSE_INULL
Volker Lendecke [Wed, 6 May 2009 10:00:49 +0000 (12:00 +0200)]
Fix Coverity ID 897: REVERSE_INULL

10 years agos3-rpcclient: print more infolevels in printer and driver info levels.
Günther Deschner [Mon, 4 May 2009 15:25:41 +0000 (17:25 +0200)]
s3-rpcclient: print more infolevels in printer and driver info levels.

Guenther

10 years agos3-printing: fix debug statement in virtual registry layer
Günther Deschner [Wed, 6 May 2009 08:20:52 +0000 (10:20 +0200)]
s3-printing: fix debug statement in virtual registry layer
(key_driver_fetch_keys).

Guenther

10 years agos3-printing: simplify print_queue helper functions and return WERROR.
Günther Deschner [Tue, 5 May 2009 23:10:33 +0000 (01:10 +0200)]
s3-printing: simplify print_queue helper functions and return WERROR.

Guenther

10 years agoMake cli_getatr() async.
Jeremy Allison [Wed, 6 May 2009 03:59:22 +0000 (20:59 -0700)]
Make cli_getatr() async.
Jeremy.

10 years agos3 Reorder loadparm to keep aliases together
Steven Danneman [Wed, 6 May 2009 00:42:56 +0000 (17:42 -0700)]
s3 Reorder loadparm to keep aliases together

This keeps the "browseable" and "browsable" aliases together.

10 years agos3:loadparm: handle registry config source in file_list - fixes bug #6320
Michael Adam [Wed, 6 May 2009 00:08:33 +0000 (02:08 +0200)]
s3:loadparm: handle registry config source in file_list - fixes bug #6320

Michael

10 years agos3 onefs: Turn up the debug level for non-error cases
tprouty [Tue, 5 May 2009 01:17:04 +0000 (01:17 +0000)]
s3 onefs: Turn up the debug level for non-error cases

10 years agos3: Fix trans2 path to use case-insensitive stat optimization
tprouty [Sat, 2 May 2009 00:28:38 +0000 (00:28 +0000)]
s3: Fix trans2 path to use case-insensitive stat optimization

Often times before creating a file, a client will first query to see
if it already exists.  Since some systems have a case-insensitive stat
that is called from unix_convert, we can definitively return
STATUS_NO_SUCH_FILE to the client without scanning the whole
directory.

This code path is taken from trans2querypathinfo, but trans2findfirst
still does a full directory scan even though the get_real_filename
(the case-insensitive stat vfs call) can prevent this.

This patch adds the get_real_filename call to the trans2find* path,
and also changes the vfs_default behavior for
SMB_VFS_GET_REAL_FILENAME.  Previously, in the absence of a
get_real_filename implementation, we would fallback to the full
directory scan.  The default behavior now returns -1 and sets errno to
EOPNOTSUPP.  This allows SMB_VFS_GET_REALFILENAME to be called from
trans2* and unix_convert.

10 years agoMake cli_getattrE async.
Jeremy Allison [Tue, 5 May 2009 23:28:44 +0000 (16:28 -0700)]
Make cli_getattrE async.
Jeremy.

10 years agoUpdate tdb and talloc web pages
Simo Sorce [Tue, 5 May 2009 23:04:17 +0000 (19:04 -0400)]
Update tdb and talloc web pages

10 years agos3:onefs.so Change system function names
Steven Danneman [Tue, 5 May 2009 21:42:19 +0000 (14:42 -0700)]
s3:onefs.so Change system function names

Addendum to c49730e1.  Use newer cookie conversion names.

10 years agoFix bug 6302: Give the VFS a chance to read from 0-byte files
Volker Lendecke [Sat, 2 May 2009 09:31:37 +0000 (11:31 +0200)]
Fix bug 6302: Give the VFS a chance to read from 0-byte files

10 years agos3-ldap: fix more callers of smbldap_dn_talloc() that were passing a NULL context.
Günther Deschner [Tue, 5 May 2009 19:12:33 +0000 (21:12 +0200)]
s3-ldap: fix more callers of smbldap_dn_talloc() that were passing a NULL context.

Guenther

10 years agos3-ldapsam: Fix Bug #6313: ldapsam_update_sam_account() crashes while doing talloc_fr...
Günther Deschner [Tue, 5 May 2009 16:50:48 +0000 (18:50 +0200)]
s3-ldapsam: Fix Bug #6313: ldapsam_update_sam_account() crashes while doing talloc_free on malloced memory.

Guenther

10 years agoerror-codes: add some more group specific windows error codes.
Günther Deschner [Tue, 5 May 2009 17:38:58 +0000 (19:38 +0200)]
error-codes: add some more group specific windows error codes.

Guenther

10 years agos3:loadparm: use the returnvalue of service_ok() in process_smbconf_service().
Michael Adam [Tue, 5 May 2009 15:46:20 +0000 (17:46 +0200)]
s3:loadparm: use the returnvalue of service_ok() in process_smbconf_service().

Michael

10 years agoAdd release scripts for talloc and tdb
Simo Sorce [Tue, 5 May 2009 13:50:19 +0000 (09:50 -0400)]
Add release scripts for talloc and tdb

10 years agos3-pam_winbind: Fix Bug 6253: Use correct value for password expiry calculation.
Günther Deschner [Tue, 5 May 2009 10:54:21 +0000 (12:54 +0200)]
s3-pam_winbind: Fix Bug 6253: Use correct value for password expiry calculation.

Patch from Blindauer Emmanuel <samba@mooby.net>.

Guenther

10 years agoTurn on POSIX test (small test) on buildfarm.
Jeremy Allison [Mon, 4 May 2009 22:55:23 +0000 (15:55 -0700)]
Turn on POSIX test (small test) on buildfarm.
Jeremy.

10 years agoFix the async calls for the posix_unlink and posix_rmdir.
Jeremy Allison [Mon, 4 May 2009 22:50:35 +0000 (15:50 -0700)]
Fix the async calls for the posix_unlink and posix_rmdir.
Jeremy.

10 years agos3:onefs.so fix issue with missing entries when enumerating directories
Steven Danneman [Mon, 4 May 2009 22:02:17 +0000 (15:02 -0700)]
s3:onefs.so fix issue with missing entries when enumerating directories

This bug prompted several, fairly large changes to the of OneFS's
readdirplus() within Samba.

One fundamental problem is that we kept our cache cursor pointed at the
next entry to be returned from onefs_readdir(), while the resume cookie
needed to refill the cache such that our cursor would be on this entry,
was located in the previous cache entry.  This meant that to correctly handle
seekdir() cases which could be found within the existing cache, and cases
where a cache reload was needed, required that the cache always hold
at least two entries: the entry we wished to return, and the previous entry
which held the resume cookie.  Since the readdirplus() syscall gives us no
guarantee that it will always return these two direntries, there was a
fundamental problem with this design.

To fix this problem, I have rearchitected the onefs_readdir() path to keep
its pointer on the entry which contains the resume_cookie, not the entry
which will be returned next.  Essentially, I changed onefs_readdir() from a
"return an entry then increment the cursor" model to "increment the cursor
then return an entry".  By doing this, we only require that a single entry
be within the cache: the entry containing the resume cookie.

Second, there have been numerous off-by-one bugs in my implementation of
onefs_seekdir() which did a mapping between the 64-bit resume cookie
returned by readdirplus() and its own monotonically increasing "location"
offset.  Furthermore, this design caused a somewhat frequent waste of
cycles, as in some cases we'd need to re-enumerate the entire directory to
recover the current "location" from an old resume cookie.  As this code was
somewhat difficult to understand, prone to bugs, and innefficient in some
cases I decided it was better to wholesale replace it now, rather than later.

It is possible to algorithmically map the 64-bit resume cookies from
readdirplus() into 32-bit offset values which SMB requires.  The onefs.so
module now calls into a system library to do this conversion.  This greatly
simplifies both the seekdir() and telldir() paths and is more efficient.

10 years agolibcli: Fix shadowed name in header also
Tim Prouty [Mon, 4 May 2009 21:38:59 +0000 (14:38 -0700)]
libcli: Fix shadowed name in header also

10 years agos3 torture: Only close if open was successful
Tim Prouty [Mon, 4 May 2009 20:26:02 +0000 (13:26 -0700)]
s3 torture: Only close if open was successful

10 years agoEnsure we use UID-REGRESSION-TEST. It's a very short test.
Jeremy Allison [Mon, 4 May 2009 18:22:13 +0000 (11:22 -0700)]
Ensure we use UID-REGRESSION-TEST. It's a very short test.
Jeremy.

10 years agoTorture test for bug #6315 - smbd crashes doing vfs_full_audit on IPC$ close event.
Jeremy Allison [Mon, 4 May 2009 17:40:57 +0000 (10:40 -0700)]
Torture test for bug #6315 - smbd crashes doing vfs_full_audit on IPC$ close event.
Shows that doing a tdis with invalid uid succeeds.
Jeremy.

10 years agos3 torture: Fix comparison is always true warning
Tim Prouty [Mon, 4 May 2009 15:51:55 +0000 (08:51 -0700)]
s3 torture: Fix comparison is always true warning

10 years agolibcli: Fix shadowed variable warning
Tim Prouty [Mon, 4 May 2009 15:50:35 +0000 (08:50 -0700)]
libcli: Fix shadowed variable warning

10 years agoFix bug #6315 smbd crashes doing vfs_full_audit on IPC$ close event.
Jeremy Allison [Mon, 4 May 2009 15:31:40 +0000 (08:31 -0700)]
Fix bug #6315 smbd crashes doing vfs_full_audit on IPC$ close event.
The underlying problem
is that once SMBulogoff is called, all server_info contexts associated with the
vuid should become invalid, even if that's the context being currently used by
the connection struct (tid). When the SMBtdis comes in it doesn't need a valid
vuid value, but the code called inside vfs_full_audit always assumes that there
is one (and hence a valid conn->server_info pointer) available.

This is actually a bug inside the vfs_full_audit and other code inside Samba,
which should only indirect conn->server_info on calls which require AS_USER to
be set in our process table. I could fix all these issues, but there's no
guarentee that someone might not add more code that fails this assumption, as
it's a hard assumption to break (it's usually true).

So what I've done is to ensure that on SMBulogoff the previously used
conn->server_info struct is kept around to be used for print debugging purposes
(it won't be used to change to an invalid user context, as such calls need
AS_USER set). This isn't strictly correct, as there's no association with the
(now invalid) context being freed and the call that causes conn->server_info to
be indirected, but it's good enough for most cases.

The hard part was to ensure that once a valid context is used again (via new
sessionsetupX calls, or new calls on a still valid vuid on this tid) that we
don't leak memory by simply replacing the stored conn->server_info pointer. We
would never actually leak the memory (as all conn->server_info pointers are
talloc children of conn), but with the previous patch a malicious client could
cause many server_info structs to be talloced by the right combination of SMB
calls. This new patch introduces free_conn_server_info_if_unused(), which
protects against the above.
Jeremy.

10 years agos3/packaging: Add keyutils-devel to build requires.
Karolin Seeger [Mon, 4 May 2009 13:54:34 +0000 (15:54 +0200)]
s3/packaging: Add keyutils-devel to build requires.

This should fiy bug #5853. Thanks to D.L. Meyer <dlmeyer [at] uiuc.edu>
for reporting.

Karolin

10 years agos3/docs: Fix typo.
Karolin Seeger [Mon, 4 May 2009 13:17:30 +0000 (15:17 +0200)]
s3/docs: Fix typo.

Karolin