Karolin Seeger [Thu, 6 Dec 2012 09:26:19 +0000 (10:26 +0100)]
WHATSNEW: Prepare release notes for Samba 3.6.10.
Karolin
(cherry picked from commit
29b36a1fb4e494be0851ebbea17a22839a344bf3)
Richard Sharpe [Wed, 5 Dec 2012 01:21:29 +0000 (17:21 -0800)]
Fix bug #9460 - Samba 3.6.x and Master respond incorrectly to FILE_STREAM_INFO requests.
Ensure we check the buffer size correctly.
Reviewed by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Dec 6 01:31:08 CET 2012 on sn-devel-104
(cherry picked from commit
943797c232f96a5dd411a803ad90b6980b2785b0)
(cherry picked from commit
0eba72e42174b01792a5434f4b163d6241a64b35)
Günther Deschner [Mon, 1 Oct 2012 14:19:28 +0000 (16:19 +0200)]
s3-net: Fix DEBUG() location.
Guenther
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Tue Oct 2 18:06:17 CEST 2012 on sn-devel-104
Signed-off-by: Günther Deschner <gd@samba.org>
The last 5 patches address bug #9451 - Allow to force DNS updates using net.
(cherry picked from commit
ceb2c81481ea8a37bb281a4d4df604573b371a2d)
Günther Deschner [Tue, 25 Sep 2012 09:09:45 +0000 (11:09 +0200)]
s3-net: give more control how to update/register DNS entries.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
(cherry picked from commit
ac0f0e7bc9126ee897d6eaac753c66853514326a)
Günther Deschner [Tue, 25 Sep 2012 09:08:48 +0000 (11:08 +0200)]
s3-net: pass down a flags field to DoDNSUpdate().
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
(cherry picked from commit
0d41b631faf95714eafec4836f7424edb4dda4af)
Günther Deschner [Wed, 19 Sep 2012 13:35:15 +0000 (15:35 +0200)]
s3-net: move out some prototypes to net_dns.h.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
(cherry picked from commit
a294a6d2fdbbd9fe54882a365cb54c1f49b900bc)
Günther Deschner [Wed, 19 Sep 2012 13:31:57 +0000 (15:31 +0200)]
s3-net: pass down struct net_context to the dns update calls.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
(cherry picked from commit
2443f18b0c90956ae7840ac13487b9595b4cff4b)
Jeremy Allison [Tue, 13 Nov 2012 00:30:32 +0000 (16:30 -0800)]
Final part of #9374 - Allow smb2.acls torture test to pass against smbd with a POSIX ACLs backend.
We need to do the same check for overriding ACCESS_DENIED on DELETE_ACCESS
as we do in smbd/open.c, as the ACL check is duplicated here. This has
been fixed in 4.0.0 and later code.
(cherry picked from commit
005d7c28e35f58d5f8b114fb6234e663a6c30824)
Jeremy Allison [Tue, 13 Nov 2012 00:26:25 +0000 (16:26 -0800)]
More for #9374 - Allow smb2.acls torture test to pass against smbd with a POSIX ACLs backend.
Change can_delete_directory() to can_delete_directory_fsp(), as
we only ever call this from an open directory file handle.
This allows us to use OpenDir_fsp() instead of OpenDir().
OpenDir() re-checks the ACL on the directory, which may
refuse DIR_LIST permissions. OpenDir_fsp() does not. As
this is a file-server internal check to see if the directory
actually contains any files before setting delete on close,
we can ignore the ACL here (Windows does).
(cherry picked from commit
cc17ce366a459bf1cb2207a45e5528ea0167b323)
Jeremy Allison [Tue, 13 Nov 2012 00:22:52 +0000 (16:22 -0800)]
Ensure when calculating the access mask for MAXIMUM_ALLOWED_ACCESS that we add in FILE_READ_ATTRIBUTES, even if this doesn't come from the file/directory ACL.
If we can access the path to this file, by
default we have FILE_READ_ATTRIBUTES from the
containing directory. See the section.
"Algorithm to Check Access to an Existing File"
in MS-FSA.pdf.
(cherry picked from commit
32892d6357469287bf9594b269bde5b9ffabd54e)
Jeremy Allison [Tue, 13 Nov 2012 00:21:15 +0000 (16:21 -0800)]
Add comment explaining exactly *why* we don't check FILE_READ_ATTRIBUTES when evaluating file/directory ACE's.
If we can access the path to this file, by
default we have FILE_READ_ATTRIBUTES from the
containing directory. See the section.
"Algorithm to Check Access to an Existing File"
in MS-FSA.pdf.
(cherry picked from commit
a115a4e9799e8e5497232a149d4d927308c81a5b)
Jeremy Allison [Tue, 13 Nov 2012 00:17:19 +0000 (16:17 -0800)]
First part of #9374 - Allow smb2.acls torture test to pass against smbd with a POSIX ACLs backend.
Use the requested access mask before making the fd_open request in
open_directory() rather than faking up an access mask of
FILE_READ_DATA | FILE_READ_ATTRIBUTES.
The underlying ACL may not permit FILE_READ_DATA.
(cherry picked from commit
1c7d00e8ef48c2cd57d79a00cb26bc56a2979241)
Sumit Bose [Mon, 29 Oct 2012 11:09:22 +0000 (12:09 +0100)]
Use work around for 'winbind use default domain' only if it is set
Currently in smb_getpwnam() the NetBIOS domain name and the winbind separator
character is always added to the user name returned by Get_Pwnam_alloc() if it
does not contain the winbind separator character. As comments in the code
indicates this is done as a work around if 'winbind use default domain' is set
to yes in the samba configuration.
This make sense if the option is set because otherwise the domain information is
lost from the user name. But it causes errors if other services than winbind are
used for user lookup, e.g. sssd. sssd can handle different kind of fully
qualified user names as input, e.g. user@domain.name or DOM\user, but returns a
canonical name, by default user@domain.name.
While it would be possible to get around this issue with a special configuration
either on the sssd or samba side I think the cleaner solution is to use the work
around only if 'winbind use default domain' is set to yes which is what this
patch does.
Fix bug #9367 - Use work around for 'winbind use default domain' only if it is
set.
(cherry picked from commit
6c0b864654001046b8bbb585112e60a7e146cb2a)
(cherry picked from commit
de2c0f0d3d1217814fce840a5050741de3938e0f)
Günther Deschner [Thu, 29 Nov 2012 13:31:19 +0000 (14:31 +0100)]
s3-winbind: use new reconnect logic in rpc_lookup_sids() also.
Volker, please check.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
The last 10 patches address bug #9439 - ncacn_ip_tcp reconnection code for lsa
lookups still broken.
(cherry picked from commit
4ab547a8ddcb45e479079361a601e08476954110)
Günther Deschner [Thu, 29 Nov 2012 11:03:53 +0000 (12:03 +0100)]
s3-winbindd: rework reconnect logic in winbindd_lookup_names().
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
(cherry picked from commit
c64473ab88ca36462e7976bf0006bc092386894c)
Günther Deschner [Thu, 29 Nov 2012 11:03:16 +0000 (12:03 +0100)]
s3-winbindd: rework reconnect logic in winbindd_lookup_sids().
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
(cherry picked from commit
7cdebbe5122c7174bc7e74297bf1e891cb14fe78)
Günther Deschner [Wed, 28 Nov 2012 19:41:21 +0000 (20:41 +0100)]
s3-winbindd: remove lookup_sids_fn_t.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
(cherry picked from commit
1c1340846926f97bda823f4fac1fea86b4b6f0d1)
Günther Deschner [Wed, 28 Nov 2012 16:03:40 +0000 (17:03 +0100)]
s3-winbindd: remove lookup_names_fn_t.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
(cherry picked from commit
ea687479739d6d6e371e641cf0aa432e355a2fce)
Günther Deschner [Wed, 28 Nov 2012 16:00:49 +0000 (17:00 +0100)]
s3-rpc_client: make dcerpc_lsa_lookup_names_generic() public.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
(cherry picked from commit
4a86c29fa5140a5a3ad68967abef5eeffaf448c1)
Günther Deschner [Wed, 28 Nov 2012 15:57:57 +0000 (16:57 +0100)]
s3-rpc_cli: make dcerpc_lsa_lookup_sids_generic() public.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
(cherry picked from commit
bb5e0a95f62354129ef3569a23298091d58a02e3)
Günther Deschner [Wed, 28 Nov 2012 15:57:24 +0000 (16:57 +0100)]
s3-winbindd: add cm_connect_lsat().
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
(cherry picked from commit
5ccb4e5a90aa1b681380899d56971dfc7ceb1b34)
Günther Deschner [Wed, 28 Nov 2012 13:53:27 +0000 (14:53 +0100)]
s3-rpc_cli: Remove some unused wrapping code.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
(cherry picked from commit
83ac2771622d90e50ef27778a8227872571b9af3)
Volker Lendecke [Tue, 6 Sep 2011 16:33:35 +0000 (18:33 +0200)]
s3: Make winbindd_lookup_names static
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Tue Sep 6 20:03:56 CEST 2011 on sn-devel-104
(cherry picked from commit
fd65e5eb8cdd38917a574734c9079cd75e4e1be0)
(cherry picked from commit
bbaa7142d168949019d989c2d853717faad30cb0)
David Disseldorp [Tue, 27 Nov 2012 15:10:28 +0000 (16:10 +0100)]
spoolss: fix segfault when "default devmode" is disabled
Currently when "default devmode" is explicitly disabled, and a printer
is added with a null device mode, spoolssd crashes in copy_devicemode().
Both construct_printer_info2() and construct_printer_info8() code paths
currently unconditionally attempt to copy a printers device mode,
without checking whether one is present.
This change fixes this regression such that construct_printer_info*()
functions check for a null device mode before copying.
https://bugzilla.samba.org/show_bug.cgi?id=9433
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
d7fdb05464a67ced7afb8dfdf0aa6be77cb84fd6)
Andreas Schneider [Wed, 28 Nov 2012 11:53:39 +0000 (12:53 +0100)]
BUG 9436: Fix leaking sockets of SMB connections to a DC.
As this is a burst of 3 unbound sockets with each try to reach a DC
we're running out of file descriptors pretty fast. So winbind is then
mostly spinning in an accept loop failing with EMFILE.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jim McDonough <jmcd@samba.org>
Autobuild-User(master): Jim McDonough <jmcd@samba.org>
Autobuild-Date(master): Wed Nov 28 17:17:21 CET 2012 on sn-devel-104
(cherry picked from commit
1106ca59eea9fe5d95a1098c84f77c9e6108659f)
Matthieu Patou [Fri, 23 Nov 2012 00:14:42 +0000 (16:14 -0800)]
Fix MD5 detection in the autoconf build
This is synthesis of patches made for bugs
* 9037
* 9086
* 9094
* 9418
It checks if there is a library for md5 related functions (libmd or
libmd5) and if so it checks for the presence of md5.h headers.
Signed-off-by: Matthieu Patou <mat@matws.net>
(cherry picked from commit
40c6cfeb6ff39e73d824f17cb2ddc26eedb2b022)
Volker Lendecke [Thu, 22 Nov 2012 20:46:53 +0000 (21:46 +0100)]
Fix Bug 9422 - large read requests cause server to issue malformed reply
(cherry picked from commit
ecc9f5bdb8c56853a37ff6e980fed815fc5ee0a9)
Günther Deschner [Fri, 23 Nov 2012 12:19:53 +0000 (13:19 +0100)]
s3-rpc_client: lookup nametype 0x20 in rpc_pipe_open_tcp_port(). (bug #9426)
The server name type (0x20) is much more likely to be available in the name cache, as
this type gets stored by winbind itself - the primary user of the ncacn_ip_tcp
code currently.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Nov 23 16:30:57 CET 2012 on sn-devel-104
(cherry picked from commit
2032f2746d70bbebd1af26a7a046eb1cc61ac175)
(cherry picked from commit
ac0623cab847a4df9c5cd35442e9be8924d9e261)
(cherry picked from commit
0a52a89f8ed23d2f55cb4d6a0fbb94571e70a8ee)
Stefan Metzmacher [Fri, 9 Nov 2012 07:59:36 +0000 (08:59 +0100)]
lib/addns: don't depend on the order in resp->answers[]
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
eecc1d294256210ee8c2f6ab79d21b835258a6d4)
The last 2 patches address bug #9402 - lib/addns doesn't work samba4 with a
bind9 server.
(cherry picked from commit
abb142b4db54ecf17e3b05c374e9d51c6ddc4e04)
Stefan Metzmacher [Fri, 9 Nov 2012 07:55:40 +0000 (08:55 +0100)]
lib/addns: remove pointless check for resp->num_additionals != 1
We never use resp->additionals, so there's no reason to check.
This fixes dns updates against BIND9 (used in a Samba4 domain).
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
b59c5db5f74f56c0536635a41ae51c389109ceb5)
(cherry picked from commit
0a836951838a1aa70b1f6ade4ad09d4e6cee3c24)
Stefan Metzmacher [Tue, 13 Nov 2012 13:07:11 +0000 (14:07 +0100)]
lib/replace: replace all *printf function if we replace snprintf (bug #9390)
This fixes segfaults in log level = 10 on Solaris.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Björn Jacke <bj@sernet.de>
Autobuild-User(master): Björn Jacke <bj@sernet.de>
Autobuild-Date(master): Wed Nov 14 19:41:14 CET 2012 on sn-devel-104
(cherry picked from commit
a15da3625850d97b3da1b02308c870f820007c52)
(cherry picked from commit
364a70cc4d5aea4006ceb3dde97779242afa328c)
Jelmer Vernooij [Sun, 13 May 2012 01:21:34 +0000 (03:21 +0200)]
libreplace: Fix symbol names for snprintf/asprintf/vasprintf.
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sun May 13 05:16:28 CEST 2012 on sn-devel-104
(cherry picked from commit
cf67da70c9a63c4dc63f287059321d6c36d1e19e)
(cherry picked from commit
c0d91f8cdfd99286644b57b02d6b5517774081de)
Jeremy Allison [Thu, 8 Nov 2012 21:45:19 +0000 (13:45 -0800)]
Another fix needed for bug #9236 - ACL masks incorrectly applied when setting ACLs.
Not caught by make test as it's an extreme edge case for strange
incoming ACLs. I only found this as I'm making raw.acls and smb2.acls
pass against 3.6.x with acl_xattr mapped onto a POSIX backend (which
isn't tested in make test).
An incoming inheritable ACE entry containing only one permission,
WRITE_DATA maps into a POSIX owner perm of "-w-", which violates
the principle that the owner of a file/directory can always read.
(cherry picked from commit
e2eb914cb986e28e412863553010795bff8ac3e1)
Günther Deschner [Tue, 13 Nov 2012 15:23:52 +0000 (16:23 +0100)]
s3-kerberos: also try with AES keys, when decrypting tickets.
Guenther
The last 3 patches address bug #9272 - net ads join does not provide AES keys
in host keytab.
(cherry picked from commit
ffdd0a86ac9cb5fbee67d27958b65872873a009b)
Günther Deschner [Tue, 13 Nov 2012 14:11:08 +0000 (15:11 +0100)]
s3-libsmb: make sure we copy at most 16 bytes in cli_set_session_key().
Guenther
(cherry picked from commit
a176370f3e245221b9b9ccaa0fae8ecac8594d1c)
Günther Deschner [Thu, 15 Dec 2011 16:50:33 +0000 (17:50 +0100)]
samba: check for AES encryption type defines.
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Tue Jan 10 15:05:38 CET 2012 on sn-devel-104
(cherry picked from commit
bad52390260caa31eabe7c1b2334c56088447909)
Andreas Schneider [Fri, 9 Nov 2012 14:33:09 +0000 (15:33 +0100)]
s3:winbind: BUG 9386: Failover if netlogon pipe is not available.
Samba continues to query a broken DC while the DC did not finish to
rebuild Sysvol (after a Windows crash, for example). It causes end users
to received strange codes while trying to authenticate, even if there is
a secondary DC available.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Nov 12 18:57:18 CET 2012 on sn-devel-104
(cherry picked from commit
3b01dd5f59841b11e9906b8c23345946e0d0ea8c)
(cherry picked from commit
8ba1bdfe5ee784c6652c329760a8226e9da4a8a8)
Stefan Metzmacher [Mon, 22 Oct 2012 11:47:48 +0000 (13:47 +0200)]
lib/krb5_wrap: request enc_types in the correct order (bug #9272)
aes256-cts-hmac-sha1-96 and aes128-cts-hmac-sha1-96
should have a higher priority than arcfour-hmac-md5,
otherwise the KDC still gives us arcfour-hmac-md5 session keys.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
(similar to commit
24f3f87706329e6e280dc6be6d025e997d46c910)
The last 3 patches address bug #9272 - net ads join does not provide AES keys in
host keytab.
(cherry picked from commit
5fbedc11e685684e037d23f75f42ec234c6d08f0)
Günther Deschner [Mon, 19 Dec 2011 09:52:58 +0000 (10:52 +0100)]
s3-kerberos: add aes enctypes to generated krb5.conf.
Guenther
(cherry picked from commit
06f3b1f0b0dcf9355a8d634cdb62f1f0a8ea4dbe)
(cherry picked from commit
789d801b69934e34ac293342516fa4e1cc68b4fa)
Günther Deschner [Thu, 15 Dec 2011 17:12:41 +0000 (18:12 +0100)]
s3-krb5: use and request AES keys in kerberos operations.
Guenther
(cherry picked from commit
eae33e96fcaa456830862325b91579faf2a96213)
(cherry picked from commit
90b1e987ac0cfda112267a0e8e1d98af70df1bc8)
Volker Lendecke [Mon, 5 Nov 2012 14:53:31 +0000 (15:53 +0100)]
s3-aio_pthread: Optimize aio_pthread_handle_completion
Read as much as we can
The last 3 patches address bug #9359 - Optimization needed for SMB2 performance
sensitive workloads.
(cherry picked from commit
0e607ead8e605f0ee7f2153f98b6c171e6acc437)
Stefan Metzmacher [Fri, 2 Nov 2012 12:56:53 +0000 (13:56 +0100)]
lib/tsocket: optimize syscalls in tstream_readv_pdu_send()
Once we've got the first part of a pdu we try to optimize
readv calls for the rest of the pdu.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
7f83d75a3a666ca1bc6213433344b8017eb4932a)
Stefan Metzmacher [Fri, 2 Nov 2012 12:45:49 +0000 (13:45 +0100)]
lib/tsocket: disable the syscall optimization for recvfrom/readv by default
We only do the optimization on recvfrom/readv if the caller asked for it.
This is needed because in most cases we preferr to flush send
buffers before receiving incoming requests.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
53aa9727b8157ca1ad6c59ef9ebbb9f519b33f1e)
Björn Baumbach [Fri, 2 Nov 2012 09:25:27 +0000 (10:25 +0100)]
docs-xml: fix use of <smbconfoption> tag (fix bug #9345)
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Karolin Seeger <ks@samba.org>
Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Fri Nov 2 12:37:42 CET 2012 on sn-devel-104
(cherry picked from commit
3ecbe8c83a003825fc58f6dcb9e02a35aad2d86e)
Autobuild-User(v4-0-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-0-test): Mon Nov 5 13:09:12 CET 2012 on sn-devel-104
(cherry picked from commit
6195cb667b1c162436bfbf5d4f499bdc776f83b4)
(cherry picked from commit
a6dea8e6556bd5e391cd709b86664fb7cc34433a)
Stefan Metzmacher [Wed, 19 Sep 2012 19:18:46 +0000 (21:18 +0200)]
s4:torture/smb2: improve the smb2.create.blob test
metze
(cherry picked from commit
e6c600aa2c751e694917322378417816c3e58eb6)
See https://bugzilla.samba.org/show_bug.cgi?id=9209 for details.
(cherry picked from commit
e95da423965cf332f6d0a849725cd0808c42c1e2)
Andreas Schneider [Tue, 23 Oct 2012 15:12:59 +0000 (17:12 +0200)]
BUG 9326: Fix net ads join message for the dns domain.
We don't get a realm back from the server which is useable as a realm on
Unix. On Unix they are case sensitive and on Windows they aren't. This
confuses uses and if we write realm they try to use it as it came back
in lowercase.
Signed-off-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
155d132434e96d69bac31dd7413ecb4d4b09b017)
David Disseldorp [Wed, 2 Nov 2011 17:39:03 +0000 (18:39 +0100)]
pam_winbind: fix segfault in pam_sm_authenticate()
Ensure the potentially null winbind context is not dereferenced on
cleanup.
https://bugzilla.samba.org/show_bug.cgi?id=8564
(cherry picked from commit
11b798cdd0056e55a4958fc049a464f680f3c149)
Karolin Seeger [Mon, 29 Oct 2012 10:28:44 +0000 (11:28 +0100)]
WHATSNEW: Start release notes for Samba 3.6.10.
Karolin
(cherry picked from commit
0b06cf38c4ffe6544a3aef046545feec43a8efd7)
Karolin Seeger [Mon, 29 Oct 2012 10:26:20 +0000 (11:26 +0100)]
VERSION: Bump version up to 3.6.10.
Karolin
(cherry picked from commit
ba9de03e9df07c28712575597d5fea7e9369bd30)
Karolin Seeger [Mon, 29 Oct 2012 09:03:56 +0000 (10:03 +0100)]
WHATSNEW: Finish release notes for Samba 3.6.9.
Karolin
(cherry picked from commit
e86f5e4e864aa0d6a72f11c94e3cfe9c19eaeb9a)
Stefan Metzmacher [Sat, 27 Oct 2012 06:11:14 +0000 (08:11 +0200)]
libcli/smb: fix unitialized padding in smb2_create_blob_push_one() (bug #9209)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Sat Oct 27 10:05:22 CEST 2012 on sn-devel-104
(cherry picked from commit
2b4672f2d30c01a4767acf660ddb061676c59908)
(cherry picked from commit
3641ba3d1e57d366fd3cad0e142fd21db30a68de)
Karolin Seeger [Mon, 22 Oct 2012 10:48:50 +0000 (12:48 +0200)]
WHATSNEW: Start to add changes since 3.6.8.
To be continued.
Karolin
(cherry picked from commit
f5f6d9eef32f696fe8aa3938df52901dcb9dc785)
Matthieu Patou [Thu, 27 Sep 2012 08:22:57 +0000 (01:22 -0700)]
lib-addns: ensure that allocated buffer are pre set to 0 (bug #9259)
It avoid bugs when one of the buffer is supposed to contain a string
that is not null terminated (ie. label->label) and that we don't force
the last byte to 0.
(similar to commit
03c4dceaab82ca2c60c9ce0e09fddd071f98087b)
(cherry picked from commit
1ecbacc354fff78c51c24cc08072881bb3f10d2b)
Jeremy Allison [Thu, 23 Aug 2012 23:02:09 +0000 (16:02 -0700)]
Remove useless bool "upper_case_domain" parameter from ntv2_owf_gen().
The code in SMBNTLMv2encrypt_hash() should not be requesting case
changes on the domain name.
(cherry picked from commit
c47183b337d996640f009d133d47f90c153acd56)
The last 3 patches address bug #9117 - smbclient can't connect to a Windows 7
server using NTLMv2 (crypto code changes domain case).
(cherry picked from commit
0745ce013878f5c45f291bea2fa479f76fc08dd5)
Jeremy Allison [Thu, 23 Aug 2012 22:59:54 +0000 (15:59 -0700)]
Remove useless bool "upper_case_domain" parameter. (cherry picked from commit
cbdf6c5c5135ce7d14ceff5d12b99428f4285e13)
(cherry picked from commit
39e5641f2a8a48817492c9d5204ffbeccf66f8ec)
Jeremy Allison [Thu, 23 Aug 2012 22:46:16 +0000 (15:46 -0700)]
Move uppercasing the domain out of smb_pwd_check_ntlmv2()
Allows us to remove a silly bool parameter.
Based on work done by "Blohm, Guntram (I/FP-37, extern)" <extern.guntram.blohm@audi.de>.
(cherry picked from commit
43870fb2c83c0fc70fb84b48dffe8f93bacf43c9)
(cherry picked from commit
fc4f4dec062e48cd59df4df2bd13c263732f2ac5)
Andrew Bartlett [Thu, 1 Mar 2012 05:55:04 +0000 (16:55 +1100)]
s3-libsmb: Initialise ticket to ensure we do not invalid memory
The free is however a talloc_free(), which has additional protection against
freeing the wrong thing.
Andrew Bartlett
Signed-off-by: Jeremy Allison <jra@samba.org>
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Fri Mar 2 01:45:19 CET 2012 on sn-devel-104
(cherry picked from commit
f1452a296429b79755235f4a480f0d5ea38ce178)
Fix bug #8788 - spnego_parse_krb5_wrap() frees invalid memory.
(cherry picked from commit
e96f50c9bb145a6af2c023e8ff4c3e8888c5a4a6)
Andreas Schneider [Thu, 20 Sep 2012 08:20:31 +0000 (10:20 +0200)]
s3-printing: Increase debug level for info that the db is empty.
(cherry picked from commit
c80d70da1364349a5329d17a68033163c5025264)
Signed-off-by: Andreas Schneider <asn@samba.org>
See bug #9112 - smbd.log is flooded by 'printer_list_get_printer: Failed to
fetch record!' for details.
(cherry picked from commit
5166e0bde86619f477645cca9642be85d567ffe8)
Andreas Schneider [Wed, 10 Oct 2012 09:30:15 +0000 (11:30 +0200)]
packaging: Add support for reloading systemd services.
Signed-off-by: Andreas Schneider <asn@samba.org>
Fix bug #9280 - Add support for reloading the daemons using systemctl reload.
(cherry picked from commit
3c71fa399705f91baae764a43b436e83f14c4024)
Björn Jacke [Thu, 13 Sep 2012 22:02:22 +0000 (00:02 +0200)]
autoconf: fix --with(out)-sendfile-support option handling
this fixes bug #8344
(cherry picked from commit
a1db9aada46e2e7eefc989f888d22650320533de)
Joachim Schmitz [Mon, 17 Sep 2012 12:26:31 +0000 (05:26 -0700)]
libreplace: Bug 8107, Fix poll replacement to become a msleep replacement
Signed-off-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
7542b63188f7e73588c9abb40e36a910c87bc534)
(cherry picked from commit
6b4169a75fb3180dec1f57b0eb39312ca82cd1ac)
Björn Jacke [Sun, 16 Sep 2012 00:21:39 +0000 (02:21 +0200)]
replace: add some includes for poll.h
See bug #8107
Autobuild-User(master): Björn Jacke <bj@sernet.de>
Autobuild-Date(master): Sun Sep 16 04:05:08 CEST 2012 on sn-devel-104
(cherry picked from commit
520c9b0b0ae33e6e8fb78034cfff685f5491aab3)
(cherry picked from commit
ea96d79e21a549204a7f64307059ea877bfb9fd5)
(cherry picked from commit
757dc4d753275d42b8dbf2710290b3dbfb9f3cda)
Jeremy Allison [Wed, 3 Oct 2012 19:58:00 +0000 (12:58 -0700)]
Correct fix for bug #9222 - smbd ignores the "server signing = no" setting for SMB2.
Signing cannot be disabled for SMB2 by design, so fix the documentation
instead.
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Oct 3 23:47:23 CEST 2012 on sn-devel-104
(cherry picked from commit
fe38a93c71d0adc0be1d43b438ac3b54eaf4ba53)
(cherry picked from commit
1bc9a208337b50e5ee566060799b3b17d8ed95e3)
Andreas Schneider [Mon, 8 Oct 2012 10:32:49 +0000 (12:32 +0200)]
s3fs-printing: Fix RAW printing for normal users.
This fixes bug #8769.
Signed-off-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
aecb5a61a378bdfa97cf621f408c9921c6e042ad)
Volker Lendecke [Mon, 8 Oct 2012 19:25:49 +0000 (12:25 -0700)]
s3: Add two tests a CLEAR_IF_FIRST crash
The last 3 patches address bug #9268 - Make tdb robust against improper
CLEAR_IF_FIRST restart.
(cherry picked from commit
493f3a0e84a4bbeb8bac68dc28988c54b1619317)
Volker Lendecke [Mon, 8 Oct 2012 19:02:43 +0000 (12:02 -0700)]
tdb: Make tdb robust against improper CLEAR_IF_FIRST restart
When winbind is restarted, there is a potential crash in tdb. Following
situation: We are in a cluster with ctdb. A winbind child hangs
in a request to the DC. Cluster monitoring decides the node has a
problem. Cluster monitoring decides to kill ctdbd. winbind child
still hangs in a RPC request. winbind parent figures that ctdb is
dead and immediately commits suicide. winbind parent is restarted by
cluster management, overwriting gencache.tdb with CLEAR_IF_FIRST. The
CLEAR_IF_FIRST logic as implemented now will not see that a child still
has the tdb open, only the parent holds the ACTIVE_LOCK due to performance
reasons. During the CLEAR_IF_FIRST logic is done, there is a very small
window where we ftruncate(tfd, 0) the file and re-write a proper header
without a lock. When during this small window the winbind child comes
back, wanting to store something into gencache.tdb, that winbind child
will crash with a SIGBUS.
Sounds unlikely? See:
[2012/09/29 07:02:31.871607, 0] lib/util.c:1183(smb_panic)
PANIC (pid
1814517): internal error
[2012/09/29 07:02:31.877596, 0] lib/util.c:1287(log_stack_trace)
BACKTRACE: 35 stack frames:
#0 winbindd(log_stack_trace+0x1a) [0x7feb7d4ca18a]
#1 winbindd(smb_panic+0x2b) [0x7feb7d4ca25b]
#2 winbindd(+0x1a3cc4) [0x7feb7d4bacc4]
#3 /lib64/libc.so.6(+0x32900) [0x7feb7a929900]
#4 /lib64/libc.so.6(memcpy+0x35) [0x7feb7a97f355]
#5 /usr/lib64/libtdb.so.1(+0x6e76) [0x7feb7b0b0e76]
#6 /usr/lib64/libtdb.so.1(+0x3d37) [0x7feb7b0add37]
#7 /usr/lib64/libtdb.so.1(+0x863d) [0x7feb7b0b263d]
#8 /usr/lib64/libtdb.so.1(+0x8700) [0x7feb7b0b2700]
#9 /usr/lib64/libtdb.so.1(+0x2505) [0x7feb7b0ac505]
#10 /usr/lib64/libtdb.so.1(+0x25b7) [0x7feb7b0ac5b7]
#11 /usr/lib64/libtdb.so.1(tdb_fetch+0x13) [0x7feb7b0ac633]
#12 winbindd(gencache_set_data_blob+0x259) [0x7feb7d4d8449]
#13 winbindd(gencache_set+0x53) [0x7feb7d4d85b3]
#14 winbindd(gencache_del+0x5e) [0x7feb7d4d879e]
#15 winbindd(saf_delete+0x93) [0x7feb7d54b693]
#16 winbindd(+0xe507e) [0x7feb7d3fc07e]
#17 winbindd(+0xe85e5) [0x7feb7d3ff5e5]
#18 winbindd(+0xe65be) [0x7feb7d3fd5be]
#19 winbindd(+0xe7562) [0x7feb7d3fe562]
#20 winbindd(init_dc_connection+0x2e) [0x7feb7d3fe5be]
#21 winbindd(+0xe75d9) [0x7feb7d3fe5d9]
#22 winbindd(cm_connect_netlogon+0x58) [0x7feb7d3fe658]
#23 winbindd(_wbint_PingDc+0x61) [0x7feb7d410991]
#24 winbindd(+0x103175) [0x7feb7d41a175]
#25 winbindd(winbindd_dual_ndrcmd+0xb7) [0x7feb7d4107d7]
#26 winbindd(+0xf8609) [0x7feb7d40f609]
#27 winbindd(+0xf9075) [0x7feb7d410075]
#28 winbindd(tevent_common_loop_immediate+0xe8) [0x7feb7d4db198]
#29 winbindd(run_events_poll+0x3c) [0x7feb7d4d93fc]
#30 winbindd(+0x1c2b52) [0x7feb7d4d9b52]
#31 winbindd(_tevent_loop_once+0x90) [0x7feb7d4d9f60]
#32 winbindd(main+0x7b3) [0x7feb7d3e7aa3]
#33 /lib64/libc.so.6(__libc_start_main+0xfd) [0x7feb7a915cdd]
#34 winbindd(+0xce2a9) [0x7feb7d3e52a9]
This is in a winbind child, logfiles surrounding indicate the parent
was restarted.
This patch takes all chain locks around the CLEAR_IF_FIRST introduced
tdb_new_database.
(cherry picked from commit
15a3dfbc15de1e214e9aee57d7d83de60fe747bd)
Rusty Russell [Mon, 8 Oct 2012 18:56:47 +0000 (11:56 -0700)]
tdb: Make robust against shrinking tdbs
When probing for a size change (eg. just before tdb_expand, tdb_check,
tdb_rescue) we call tdb_oob(tdb, tdb->map_size, 1, 1). Unfortunately
this does nothing if the tdb has actually shrunk, which as Volker
demonstrated, can actually happen if a "longlived" parent crashes.
So move the map/update size/remap before the limit check.
(cherry picked from commit
e7e86fcb929e7b8e7d879349d5f7f9422126a3a2)
Jeremy Allison [Tue, 2 Oct 2012 17:15:54 +0000 (10:15 -0700)]
When setting a non-default ACL, don't forget to apply masks to SMB_ACL_USER and SMB_ACL_GROUP entries. (cherry picked from commit
6575d1d34fee45c7a965c7c9641cc52b566a9e7f)
The last 4 patches address bug #9236 - ACL masks incorrectly applied when
setting ACLs.
(cherry picked from commit
ac7d9768c718f6225f2182d763ec1dbc6dc48ea8)
Jeremy Allison [Tue, 2 Oct 2012 19:21:10 +0000 (12:21 -0700)]
Only apply masks on non-default ACL entries when setting the ACL.
(cherry picked from commit
f163bcd18f80b8ac1add96c93964fa02c08a4615)
Jeremy Allison [Tue, 2 Oct 2012 16:55:09 +0000 (09:55 -0700)]
Use is_default_acl variable in canonicalise_acl(). (cherry picked from commit
82e7132bdf7c9d4ddead3cd5d845bfe68b93448b)
(cherry picked from commit
e8533833c2a138a54b7583f57187ee9e68b2e3cd)
Jeremy Allison [Tue, 2 Oct 2012 16:21:17 +0000 (09:21 -0700)]
Reformat spacing to be even. (cherry picked from commit
efb446a38cca448855977666499603d12e1477b4)
(cherry picked from commit
9b40fd8893584884ec282605b8c5481b089a43f1)
Karolin Seeger [Thu, 4 Oct 2012 09:43:20 +0000 (11:43 +0200)]
html docs: Remove link to Using Samba.
Thanks to Christian Perrier <bubulle@debian.org> for reporting!
Fix bug #7826 - HTML docs index file still points to Using Samba.
Karolin
Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Thu Oct 4 13:48:00 CEST 2012 on sn-devel-104
(cherry picked from commit
1bf209dd7e5a0f0001b3d1e3798093772bbd3fd3)
(cherry picked from commit
178266e6bc6d8d0b1dfd2269626c6da5b279b555)
Björn Jacke [Thu, 6 Sep 2012 08:23:50 +0000 (10:23 +0200)]
s3:quota: don't force the block size to 512
there is no point in forcing the block size to 512 when curblocks is 1. This
will only lead to false quota reporting. See bug #3272
(cherry picked from commit
d6cc08b9eeb9de17bc0e610d6cf6dba13c5c8222)
(cherry picked from commit
7b2acf8abe50f20302e7e296dc0ccb5e0c7963de)
Jeremy Allison [Thu, 4 Oct 2012 08:56:12 +0000 (10:56 +0200)]
Fix net rpc share allowedusers to work with 2008r2
The RAP NetShareEnum command was removed in 2008r2, so use the RPC equivalent
instead.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=8966
Author: Jeremy Allison <jra@samba.org>
(cherry picked from commit
0efdbc565fe64ab87bda4c9632a701e3115d7b23)
Andreas Schneider [Thu, 27 Sep 2012 15:20:25 +0000 (17:20 +0200)]
s3-smbd: Move housekeeping to the background process.
If you add 200 printers using lpadmin. Then you wait for the printcap
cache to expire. As soon as this expires we notify all deamons that they
should reload the printers. This mean we need to create the default
registry keys for each printer. If you do e.g. a 'smbclient -L' during
that time you will get a lot of timeouts.
This moves the housekeeping of the printcap cache to the background
queue process and lets the background process reload the printers first.
So the background process creates the default registry keys. When it is
done with the task it will tell all smbd childs to reload the printers
and the 200 printers appear.
Signed-off-by: Andreas Schneider <asn@samba.org>
Fix bug #9231 - NT_STATUS_IO_TIMEOUT during slow import of printers into
registry.
(cherry picked from commit
a0f687794d4ea7bbbe759279ed01e377a662a9c1)
Vladimir Marek [Mon, 17 Sep 2012 20:50:55 +0000 (13:50 -0700)]
Fix service control for non-internal services.
Signed-off-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
a4e8869f7c93f30dd7014ff83d6d2f2b5afc2d64)
Signed-off-by: Andreas Schneider <asn@samba.org>
Fix bug #9192 - svcctl list option prohibits smbd to start.
(cherry picked from commit
6ae1bf115ec1f927baee24cf4d611090d3b1bf91)
Stefan Metzmacher [Wed, 26 Sep 2012 01:24:22 +0000 (03:24 +0200)]
s3:selftest: run the posix_s3.smb2.oplock tests
metze
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Sep 26 07:57:12 CEST 2012 on sn-devel-104
(silimar to commit
98d117a5424d62804b7cb3d8a9ad35e703fc158a)
(cherry picked from commit
21a6a9ec045963000e31c5efe91135e021cd534c)
Stefan Metzmacher [Wed, 26 Sep 2012 01:08:33 +0000 (03:08 +0200)]
s4:torture/smb2: remove samba specific stuff from smb2.oplock
metze
(cherry picked from commit
7a14f09f9cc14cfb6234175add1841faf751d51a)
(cherry picked from commit
4e9bbc2a4381d6e7a610a7ee3c5dfb1fc89701ac)
Stefan Metzmacher [Wed, 26 Sep 2012 01:04:20 +0000 (03:04 +0200)]
s3:smb2_create: don't take 'state->te' as indication for "was_deferred" (bug #9196)
We always set state->te = NULL of TALLOC_FREE(state->te),
before calling smbd_smb2_request_dispatch(), so
open_was_deferred_smb2() always returned false, while dispatching
it again.
But it's remove_deferred_open_message_smb2_internal() which
should reset this state.
In developer mode validate_my_share_entries() did call smb_panic()
before.
metze
(cherry picked from commit
4604219ceba96955b3c4bf6ab31aa70c11442d61)
(cherry picked from commit
5eae9829f206fa5ac169420d897c875fea5f2fc6)
Stefan Metzmacher [Sat, 29 Sep 2012 08:04:54 +0000 (10:04 +0200)]
s3:selftest: mark the driver_info_winreg tests knownfail.
They only get executed when driver files are around.
metze
(similar to commit
ef8e228a5b4952b51d9db6b28017142759f40d10)
(cherry picked from commit
60a4b69933509273c4923c5593f6eb3b5afa0c3b)
Jeremy Allison [Wed, 26 Sep 2012 23:58:58 +0000 (16:58 -0700)]
Fix bug #9209 - Parse of invalid SMB2 create blob can cause smbd crash.
Ensure we correctly protect against blobs with data_offset==0
and data_length != 0.
Jeremy.
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Sep 27 22:07:02 CEST 2012 on sn-devel-104
(cherry picked from commit
322e3d42f65dadabeccf8813fcb0e9b7d353ffb2)
(cherry picked from commit
dd8e9801d6bcb8c6dca42312ffcb24149eb2645a)
Stefan Metzmacher [Wed, 19 Sep 2012 06:11:23 +0000 (08:11 +0200)]
libcli/smb: fix padding in smb2_create_blob*
metze
(cherry picked from commit
aa5caf1fe92b159eae00c7b11499e9ec697cf9ae)
(cherry picked from commit
f4ed6437a8e60043edf968103a2c503b12e5191f)
Andreas Schneider [Tue, 25 Sep 2012 12:28:22 +0000 (14:28 +0200)]
s3-smbd: Don't segfault if user specified ports out for range.
(cherry picked from commit
50d324b7e070de4672eff3fb6231923e6dca807a)
Signed-off-by: Andreas Schneider <asn@samba.org>
Fix bug #9218 - Samba panics if a user specifies an invalid port number.
(cherry picked from commit
f3f960bed8e155f7a3f93fc7f2cc4d483785e975)
Jeremy Allison [Tue, 25 Sep 2012 23:35:09 +0000 (16:35 -0700)]
Fix bug #9213 - Bad ASN.1 NegTokenInit packet can cause invalid free.
Not the correct fix for the specific issue, but a general fix to
make sure this can never happen again.
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Sep 26 04:07:57 CEST 2012 on sn-devel-104
(cherry picked from commit
83f60672e1b3069e6b1b90b376460da895e37df3)
(cherry picked from commit
d0b872ea7ca112d047b9ee2d10d1a75a2ee4aed3)
Michael Adam [Thu, 20 Sep 2012 18:46:53 +0000 (20:46 +0200)]
selftest: we fail samba3.smb2.compound.interim2
We currently return NT_STATUS_CANCELLED where we should
return NT_STATUS_INTERNAL_ERROR.
(similar to commit
841934647b06d6400148932cc8ce02a20c209610)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
The last 15 patches address bug #9173 - SMB2 compound request
create/delete_on_close/close doesn't work as windows.
(cherry picked from commit
834c817d6ea8384bd2e3d3bb6555c950ba98c80d)
Michael Adam [Wed, 19 Sep 2012 22:43:54 +0000 (00:43 +0200)]
s4:torture:smb2:compound: remove two unused macros (cherry picked from commit
6f6b1c6ac15f225978e8c2d67c1a817d9e098317)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
f9773cfc85c92cace85163092b2f40783cd482a5)
Michael Adam [Wed, 19 Sep 2012 22:41:48 +0000 (00:41 +0200)]
s4:torture:smb2: don't skip the compound.interim2 test for non win7/win2k8 (cherry picked from commit
8df0b023c51ed198d3054760447e1b273eada991)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
51ae7533af420e232c431a80d9a378f89e4363c6)
Michael Adam [Wed, 19 Sep 2012 22:41:04 +0000 (00:41 +0200)]
s4:torture:smb2: don't skip the compound.interim1 test for non win7/win2k8 (cherry picked from commit
917e714831178b2a3d07c7f9d09711231a7ccf31)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
52b06922b5d63207b03a1ae07896a9657b091cd4)
Stefan Metzmacher [Thu, 20 Sep 2012 14:23:26 +0000 (16:23 +0200)]
s3:smb2_notify: don't call tevent_req_done() from smbd_smb2_notify_cancel()
smbd_notify_cancel_by_smbreq() will already trigger this via
smbd_smb2_notify_reply() and smbd_smb2_notify_reply_trigger().
metze
(cherry picked from commit
1f0dfd42f16c388abc7054a7b615d2e81031472b)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
3326b16454c9b4299a7213c42c3a63a29e3b20dc)
Stefan Metzmacher [Thu, 20 Sep 2012 14:04:01 +0000 (16:04 +0200)]
s3:smb2_server: avoid segfault in smbd_smb2_request_pending_queue()
Because we should not call smbd_smb2_request_error() on an
request that is still running.
If the subreq implementes a cancel function, this should
take care of triggering smbd_smb2_request_error.
metze
Signed-off-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
9249871f40aab021d62d3154f8ca286b52f5ef76)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
d7910716920a324e0bba962241dd9b362d38d2b2)
Stefan Metzmacher [Fri, 21 Sep 2012 20:20:20 +0000 (22:20 +0200)]
s4:torture:smb2: extend the compound.invalid1 test
Test that when turning the related flag back off for the
last compound request, the return code changes from
invalid parameter to file closed.
Pair-Programmed-With: Michael Adam <obnox@samba.org>
(cherry picked from commit
25437df8a65e56616499dda18c696f58be08f67a)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
54463ccc90379213ecab18bbfcfd0646929d21ad)
Michael Adam [Fri, 21 Sep 2012 19:43:36 +0000 (21:43 +0200)]
s3:smbd:smb2: simplify smbd_smb2_request_validate() and smbd_smb2_request_dispatch()
removes unnneccary checks/assignments for compound_related and next_status
and duplicate setting of error status.
And remove (now) unused next_status from struct smbd_smb2_request.
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
(similar to commit
1ae6f9c62629f8513bbe93a56775b3c64ff06832)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
52aa2612b73b43589f01d87a4852df28e44d0cfb)
Michael Adam [Sat, 22 Sep 2012 02:06:27 +0000 (04:06 +0200)]
s3:smbd:smb2: add check for session_status for compound requests (cherry picked from commit
27d38b5c27bd96d5124c175d946718bf0836b8f4)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
efb16fc0ff7908c61c1c85e7959270702ab28c80)
Stefan Metzmacher [Wed, 19 Sep 2012 22:52:19 +0000 (00:52 +0200)]
s3:smb2_server: do the req->next_status check before the signing checks
Windows 2012 returns NT_STATUS_INVALID_PARAMETER to
the smb2.compound.invalid1 test if that uses signing
(instead of NT_STATUS_ACCESS_DENIED).
metze
(similar to commit
4384485f82aac109bf4c4c31075e313e54b4c076)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
ebabb40d1d423fab720735ac9225a09a8fc5feca)
Stefan Metzmacher [Thu, 20 Sep 2012 03:10:28 +0000 (05:10 +0200)]
s3:smb2_server: reset req->last_session_id and req->last_tid after using it
If we can find a valid session or tcon we'll set it after the lookup,
but it need to make sure to reset it if we don't find the session.
This fixes a problem where a compound unrelated request between
related requests doesn't reset the session.
If we have 3 requests in a compound chain, request 3 should never
use the id's cached from request 1. It should only every inherit
handles from request 2.
metze
(similar to commit
2552b6632372b35cbd7b788c4e00091dfe520a41)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
68ef8cf99a7421daa1d57895189cfc2dc508adfd)
Michael Adam [Wed, 19 Sep 2012 22:36:29 +0000 (00:36 +0200)]
s4:torture:smb2: fix the compound.invalid3 test to work against windows (cherry picked from commit
bd8d50b451ea7f94efa7777fbe5dc0c2c19f6bf9)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
9e662f376f7ecffb7b0d113db674192b2d64a77a)
Michael Adam [Wed, 19 Sep 2012 22:35:52 +0000 (00:35 +0200)]
s4:torture:smb2: fix compound.related3 test to work against windows (cherry picked from commit
8e525a29a7c6512f61e4647ecb2e0771e2019a49)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
96aa3cdc6846994c0799672b509d60796198b9fa)
Ira Cooper [Wed, 19 Sep 2012 18:39:07 +0000 (18:39 +0000)]
s3: Compound requests should continue processing.
This patch addresses #9173.
Signed-off-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
75951946193c874b6db30c1b9c8722264c3ce656)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
750b600d35f87103f47619fb5961afabeb4d32f2)
Stefan Metzmacher [Thu, 27 Oct 2011 19:41:11 +0000 (21:41 +0200)]
s4:torture/smb2: fix compound.invalid2 against windows
Tested against w2k8r2 with signing and win8pre0 without signing.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Mon Oct 31 21:40:25 CET 2011 on sn-devel-104
(cherry picked from commit
c90870f9b728dfb827ebc2fe8ad67a7ca3a50c43)
(cherry picked from commit
41a797a4c0d082d4e2a1d34645c4974de41df199)
Jeremy Allison [Fri, 13 Jul 2012 23:25:23 +0000 (16:25 -0700)]
Fix bug #9016 - Connection to outbound trusted domain goes offline.
By the time we've gotten to init_dc_connection_network() we shouldn't
be second guessing the caller by calling winbindd_can_contact_domain().
If for some reason we do need to restrict the contact list here we
can add a condition to only contact the primary domain or domains
listed in the tdc cache, but I don't think that's neccessary.
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Jul 14 03:17:57 CEST 2012 on sn-devel-104
(cherry picked from commit
726ecf6a915ff534af4076e9d0cdebf8b5435d61)
(cherry picked from commit
d4faae3dbdfdd600bbf9bddb2589b8a6dc8434b6)