Derrell Lipman [Fri, 30 May 2008 14:38:35 +0000 (10:38 -0400)]
Working on bug #5475
- Add code to test whether smbc_stat() munges future smbc_getxattr() results.
Derrell
Derrell Lipman [Fri, 30 May 2008 14:24:55 +0000 (10:24 -0400)]
Update libsmbclient examples to match new libraries
- talloc and tdb have been moved to separate libraries. Link with those.
Derrell
Volker Lendecke [Fri, 30 May 2008 09:46:34 +0000 (11:46 +0200)]
Fix security=server, bug 5502
This has brown paper bag quality and is definitely needed for 3.2.0.
Thanks to Orion Poplawski for reporting this!
Volker
Marc VanHeyningen [Thu, 29 May 2008 17:00:46 +0000 (10:00 -0700)]
Tiny memory leak
Jeremy Allison [Thu, 29 May 2008 17:37:52 +0000 (10:37 -0700)]
Fix winbindd on a PDC by reverting :
83b04c60fac76ccd2d5aecb14f8896a07d488b1f..
6e66512d5beb256a44c6703cdb8c7fa7e0fd8537.
We still need to address https://bugzilla.redhat.com/show_bug.cgi?id=429024, but this
will come later.
Jeremy.
Jeremy Allison [Wed, 28 May 2008 16:31:42 +0000 (09:31 -0700)]
Security fix for CVE-2008-1105: Boundary failure when parsing SMB responses
can result in a buffer overrun.
Jeremy.
Günther Deschner [Wed, 28 May 2008 11:20:16 +0000 (13:20 +0200)]
Fix Bug #5285. (libcap header mismatch)
Can someone with gpfs available test this ? The only codepath using this
function is the modules/gpfs.c module. The fix resolves at least the build
issues Samba has with recent kernel / libcap versions by using the portable
cap_get_proc()/cap_set_proc() interface (instead of using capget/capset).
Guenther
Michael Adam [Tue, 27 May 2008 22:59:14 +0000 (00:59 +0200)]
lib/events: use mem_context given to event_context_init().
Michael
Michael Adam [Tue, 27 May 2008 23:08:54 +0000 (01:08 +0200)]
fix build: add missing prototype of msg_close_file()
Michael
Michael Adam [Tue, 27 May 2008 23:04:36 +0000 (01:04 +0200)]
fix the build after prototype change.
Michael
Günther Deschner [Tue, 27 May 2008 22:51:52 +0000 (00:51 +0200)]
build: Fix the build after prototype change.
Guenther
Jeremy Allison [Tue, 27 May 2008 20:56:55 +0000 (13:56 -0700)]
A few cleanups from Chere Zhou <chere.zhou@isilon.com>.
Jeremy.
Conflicts:
source/utils/net_rap.c
source/utils/net_rpc.c
Jeremy Allison [Tue, 27 May 2008 19:27:57 +0000 (12:27 -0700)]
Memory leak fixes from Chere Zhou <czhou@isilon.com>.
Jeremy.
Jeremy Allison [Tue, 27 May 2008 18:23:59 +0000 (11:23 -0700)]
Allow server manager to close open files selected by id.
Jeremy.
Gerald (Jerry) Carter [Tue, 27 May 2008 17:33:02 +0000 (12:33 -0500)]
Remove autogenerated html file form using_samba
Gerald (Jerry) Carter [Tue, 27 May 2008 17:02:27 +0000 (12:02 -0500)]
Adding initial copy of "Using Samba (3rd ed)"
Gerald (Jerry) Carter [Tue, 27 May 2008 17:00:00 +0000 (12:00 -0500)]
Add simple script to build docs
Jelmer Vernooij [Tue, 27 May 2008 16:40:14 +0000 (18:40 +0200)]
Depend on latexfigures files directly as using a rule in between causes problems.
Gerald (Jerry) Carter [Wed, 21 May 2008 17:54:43 +0000 (12:54 -0500)]
Work around iconv conversion failure from generated smb.conf.5 on Ubuntu 8.04.
Have no idea why the previous sequence of characters was causing
iconv to choke on my Ubuntu 8.04. Reword the entry some
for clarity and to advoid this failure.
(cherry picked from commit
b0b4bd2466658deacb1de3d58154bcc8d198d675)
Günther Deschner [Tue, 27 May 2008 14:45:04 +0000 (16:45 +0200)]
wbinfo: prompt for password when none has been given.
Guenther
Günther Deschner [Tue, 27 May 2008 14:42:18 +0000 (16:42 +0200)]
drsuapi: fix data_blob_free() caller (this call is quite different in s3 and 4).
Guenther
Günther Deschner [Tue, 27 May 2008 14:40:44 +0000 (16:40 +0200)]
libwbclient: fix typo.
Guenther
Günther Deschner [Tue, 27 May 2008 09:40:50 +0000 (11:40 +0200)]
dsgetdcname: use family (instead of sa_family).
Guenther
Günther Deschner [Tue, 27 May 2008 09:40:32 +0000 (11:40 +0200)]
re-run make idl.
Guenther
Günther Deschner [Tue, 27 May 2008 09:38:53 +0000 (11:38 +0200)]
idl: avoid sa_family as it its a macro on IRIX.
Guenther
Günther Deschner [Mon, 26 May 2008 12:19:28 +0000 (14:19 +0200)]
doserr: add WERR_REVISION_MISMATCH.
Guenther
Michael Adam [Tue, 27 May 2008 08:59:11 +0000 (10:59 +0200)]
loadparm: fix process_registry_shares() when there is only [global] in registry.
This fixes testparm printing "Error loading services." when there is only
the global section in registry and no other service definition.
Michael
Jeremy Allison [Tue, 27 May 2008 04:13:05 +0000 (21:13 -0700)]
Re-enable the evil "aio write behind" parameter.
Jeremy.
Michael Adam [Mon, 26 May 2008 10:42:56 +0000 (12:42 +0200)]
Remove unused function is_trusted_domain_situation().
This combined check has been replaced by is_dc_trusted_domain_situation()
which does not check for lp_allow_trusted_domains().
Michael
Michael Adam [Mon, 26 May 2008 10:38:48 +0000 (12:38 +0200)]
winbind: correctly omit check for trusted domain support in cm_prepare_connection
when checking for a trusted domain situation.
This is how it was meant to be:
Otherwise, with a dc-trusted-domain situation but trusted domains disabled,
we would attempt to do a session setup and fail (wouldn't even get a trust
password).
Michael
Michael Adam [Mon, 26 May 2008 10:31:44 +0000 (12:31 +0200)]
passdb: check for is_dc_trusted_domain_situation() in get_trust_pw_hash().
Before fetching legacy password hash, check for trusted domain situation,
but also fail if trusted domain support is not enabled.
Michael
Michael Adam [Mon, 26 May 2008 10:22:53 +0000 (12:22 +0200)]
passdb: add comment explaining logic in get_trust_pw_clear().
Michael
Michael Adam [Mon, 26 May 2008 10:11:21 +0000 (12:11 +0200)]
passdb: in get_trust_pw_clear() correctly fail if trusted domains not supported
(but trusted domain situation was found)
This completes the fix for bugs #5425 and #5451 by Steven Dannemann,
in that now no special cases are left uncovered.
Michael
Michael Adam [Mon, 26 May 2008 10:05:21 +0000 (12:05 +0200)]
Add function is_dc_trusted_domain_situation().
This is like is_trusted_domain_situation() except that it does not
check for lp_allow_trusted_domains().
Michael
Günther Deschner [Sat, 24 May 2008 23:53:21 +0000 (01:53 +0200)]
rpcclient: add drsuapi dsgetdcinfo call.
Guenther
Günther Deschner [Sat, 24 May 2008 23:52:40 +0000 (01:52 +0200)]
rpcclient: call drsuapi_DsUnbind() when finished with DsCrackNames call.
Guenther
Günther Deschner [Sat, 24 May 2008 22:40:08 +0000 (00:40 +0200)]
re-run make idl.
Guenther
Günther Deschner [Sat, 24 May 2008 22:39:35 +0000 (00:39 +0200)]
idl: add drsuapi_DsGetDCInfoCtr3 used by w2k8.
Guenther
Günther Deschner [Sat, 24 May 2008 22:27:17 +0000 (00:27 +0200)]
rpcclient: simplify drsuapi dscracknames call slightly.
Guenther
Michael Adam [Mon, 26 May 2008 09:58:11 +0000 (11:58 +0200)]
loadarm: fix testparm with "config backend = registry".
Set the iServiceIndex to "-1" for starup with either config
backend (originally only for text backend). Otherwise,
process_registry_shares() will fail.
Currently, the only user of lp_load_with_registry_shares() is testparm.
Michael
Volker Lendecke [Sun, 25 May 2008 11:51:14 +0000 (13:51 +0200)]
Fix two c++ warnings
Volker Lendecke [Sun, 25 May 2008 11:44:59 +0000 (13:44 +0200)]
Fix two bogus uninitalized variable warnings
Volker Lendecke [Sun, 25 May 2008 11:44:35 +0000 (13:44 +0200)]
Fix a const warning
Jelmer, would it be possible to make the rpc client functions take const
pointers for pure [in] arguments?
Volker Lendecke [Sun, 25 May 2008 11:36:46 +0000 (13:36 +0200)]
Move ber_[read|write]_OID_String protypes to proto.h
Volker Lendecke [Sun, 11 May 2008 09:26:33 +0000 (11:26 +0200)]
Remove some references to get_current_username() and current_user_info
Volker Lendecke [Sat, 10 May 2008 23:03:45 +0000 (01:03 +0200)]
Remove the reference to current_user_info from share_access.c
This required to pass around the domain a bit
Volker Lendecke [Sat, 10 May 2008 23:02:52 +0000 (01:02 +0200)]
Remove reference to current_user_info from lanman.c
Volker Lendecke [Sun, 25 May 2008 09:43:15 +0000 (11:43 +0200)]
Remove stuff from client_proto.h
Michael Adam [Fri, 23 May 2008 23:51:07 +0000 (01:51 +0200)]
build: combine LIB_WITHOUT_PROTO_OBJ and LIB_WITH_PROTO_OBJ into LIB_OBJ
No need for this split any more.
Michael
Michael Adam [Fri, 23 May 2008 23:49:51 +0000 (01:49 +0200)]
Add generated library symbols files to .gitignore
Michael
Michael Adam [Fri, 23 May 2008 23:44:25 +0000 (01:44 +0200)]
build: remove PROTO_OBJ from Makefile.in - it is not needed any more
Michael
Michael Adam [Fri, 23 May 2008 23:32:18 +0000 (01:32 +0200)]
rpc_open_tcp: now drsuapi is complete, we can use it in the test program.
Michael
Günther Deschner [Fri, 23 May 2008 23:29:13 +0000 (01:29 +0200)]
drsuapi: always use tcp for drsuapi.
cli_rpc_pipe_open() now uses tcp transport for drsuapi and named pipe
transport for all other pipes.
This finally allows rpcclient to call dscracknames on windows
(don't forget to call "seal" in advance).
Guenther
Günther Deschner [Fri, 23 May 2008 23:28:22 +0000 (01:28 +0200)]
drsuapi: add very basic drsuapi rpcclient command set.
Guenther
Günther Deschner [Fri, 23 May 2008 23:25:30 +0000 (01:25 +0200)]
drsuapi: fix the build.
Guenther
Günther Deschner [Fri, 23 May 2008 23:24:03 +0000 (01:24 +0200)]
Revert "drsuapi: fix the build."
This reverts commit
b2421c81164da2a5ea4bb2391e4f2c410938db42.
Günther Deschner [Fri, 23 May 2008 22:58:45 +0000 (00:58 +0200)]
drsuapi: fix the build.
Guenther
Günther Deschner [Fri, 23 May 2008 21:56:21 +0000 (23:56 +0200)]
drsuapi: add all code required for our drsuapi rpc client.
Guenther
Gerald W. Carter [Fri, 23 May 2008 21:01:45 +0000 (16:01 -0500)]
Manually merge Steven Danneman's patch for SPNEGO auth to a trusted
Win2008 domain (merged from v3-0-test).
commit
8dc4e979776aae0ecaa74b51dc1eac78a7631405
Author: Steven Danneman <sdanneman@isilon.com>
Date: Wed May 7 13:34:26 2008 -0700
spnego SPN fix when contacting trusted domains
cli_session_setup_spnego() was not taking into consideration the situation
where we're connecting to a trusted domain, specifically one (like W2K8)
which doesn't return a SPN in the NegTokenInit.
This caused two problems:
1) When guessing the SPN using kerberos_get_default_realm_from_ccache() we
were always using our default realm, not the realm of the domain we're
connecting to.
2) When falling back on NTLMSSP for authentication we were passing the name
of the domain we're connecting to for use in our credentials when we should be
passing our own workgroup name.
The fix for both was to split the single "domain" parameter into
"user_domain" and "dest_realm" parameters. We use the "user_domain"
parameter to pass into the NTLM call, and we used "dest_realm" to create an SPN
if none was returned in the NegTokenInit2 packet. If no "dest_realm" is
provided we assume we're connecting to our own domain and use the credentials
cache to build the SPN.
Since we have a reasonable guess at the SPN, I removed the check that defaults
us directly to NTLM when negHint is empty.
Gerald W. Carter [Fri, 23 May 2008 20:19:58 +0000 (15:19 -0500)]
Manually port Steven Dannenman fix for using the correct machine domain when
looking up trust credentials in our tdb.
commit
fd0ae47046d37ec8297396a2733209c4d999ea91
Author: Steven Danneman <sdanneman@isilon.com>
Date: Thu May 8 13:34:49 2008 -0700
Use machine account and machine password from our domain when
contacting trusted domains.
Stefan Metzmacher [Fri, 23 May 2008 15:16:12 +0000 (17:16 +0200)]
build: make sure LIBWBCLIENT_*_TARGET is never empty
This should fix the build with non gnu make
metze
(cherry picked from commit
401a0c84fe5f60e57e95331805da6b53dd1d7c2e)
Stefan Metzmacher [Fri, 23 May 2008 12:18:42 +0000 (14:18 +0200)]
libwbclient: add wbcLibraryDetails()
metze
(cherry picked from commit
b68916328e935e61840cb03560ebeeee15bb2c6f)
Stefan Metzmacher [Fri, 23 May 2008 11:59:53 +0000 (13:59 +0200)]
libwbclient: rename MAXSUBAUTHS => WBC_MAXSUBAUTHS
metze
(cherry picked from commit
04d465c622c614bec29f24793ae897a73bcb51f4)
Stefan Metzmacher [Fri, 23 May 2008 09:52:31 +0000 (11:52 +0200)]
build: add symbol versioning when we build with gnu ld
There's --enable-symbol-versioning=no to disable it.
metze
(cherry picked from commit
cb5492978b6b157f529806afb2f5fc6202888129)
Stefan Metzmacher [Fri, 23 May 2008 10:45:37 +0000 (12:45 +0200)]
build: autogenerate exports/libwbclient.syms
metze
(cherry picked from commit
8e0fcd583a643a8f4240698efcbb177463534a82)
Stefan Metzmacher [Fri, 23 May 2008 10:04:21 +0000 (12:04 +0200)]
build: autogenerate exports/libtalloc.syms
metze
(cherry picked from commit
ce9d8ea9818d91bd91f95149f3b0a7ed4f2dae3b)
Stefan Metzmacher [Fri, 23 May 2008 09:39:23 +0000 (11:39 +0200)]
build: pass .syms extention via @SYMSEXT@ from configure
metze
(cherry picked from commit
efb23fdce72db48b4c149fb3dd4a6f4aa3eebbbe)
Volker Lendecke [Fri, 23 May 2008 13:09:21 +0000 (15:09 +0200)]
Fix a (bogus) uninitialized variable warning
Michael Adam [Fri, 23 May 2008 11:42:40 +0000 (13:42 +0200)]
build: add a "make shlibs" target to build all the shared libraries.
Michael
Stefan Metzmacher [Thu, 22 May 2008 15:15:32 +0000 (17:15 +0200)]
build: autogenerate exports/libnetapi.syms
metze
(cherry picked from commit
dc09e04d524dcc92a29da0864666fd4258a81b76)
Jeremy Allison [Thu, 22 May 2008 23:23:07 +0000 (16:23 -0700)]
Remove MAX_SESS_ENTRIES and MAX_CONN_ENTRIES limits
as they are no longer needed now we have IDL marshalling.
Change the calculation of the 32-bit fileid we return
to a Windows client. We can't just use the generation
count as it starts at zero for every smbd - and this
command must enumerate all files open across all smbds.
We'd really like combination of process-id + dev + inode +
generation count to be unique, but as we can't fit that
into 32 bits just use 16 bits of pid + generation count.
Jeremy.
Jeremy Allison [Thu, 22 May 2008 23:20:25 +0000 (16:20 -0700)]
Revert "Arggh. Got the path/user the wrong way around. IDL is correct :-)."
This reverts commit
1078b5c53ae9d6f9532eecebf9cf4a1712200b7e.
This message doesn't match the actual change.
Jeremy Allison [Thu, 22 May 2008 23:19:26 +0000 (16:19 -0700)]
Arggh. Got the path/user the wrong way around. IDL is correct :-).
Jeremy.
Jeremy Allison [Thu, 22 May 2008 21:36:09 +0000 (14:36 -0700)]
Arggh. Got the path/user the wrong way around. IDL is correct :-).
Jeremy.
Jeremy Allison [Thu, 22 May 2008 21:28:13 +0000 (14:28 -0700)]
Fix 2 bugs with displaying open file state. Firstly
the IDL is documented incorrectly in the MS-DOCS.
Username and path need to be reversed (yes I will
raise this with MS). Secondly, we need to check
access_mask for the permissions, not share_access
(share_access are the deny modes).
Jeremy.
Jeremy Allison [Thu, 22 May 2008 21:19:14 +0000 (14:19 -0700)]
Get rid of "shadowed local var" warnings with gcc.
Jeremy.
Steven Danneman [Thu, 22 May 2008 03:16:33 +0000 (20:16 -0700)]
Make WINBINDD_LIST_GROUPS handler asynchronous.
Previously WINBINDD_LIST_GROUPS requests (ex: wbinfo -g) were handled by the
winbindd parent process in a sequential fashion. This patch, delegates the work
to the winbindd children so that the request is handled much faster in large
domain topologies, and doesn't block the parent from receiving new requests.
The core group enumeration and conversion that was handled in
winbindd_list_groups() has been moved into winbindd_dual_list_groups() to be
done by the child.
The parent winbindd_list_groups() simply calls each of the children
asynchronously.
listgroups_recv() aggregates the final group list that will be returned to the
client and tracks how many of the children have returned their lists.
The domain name of the child is passed back through the callbacks to be used in
debugging messages.
There are also several fixes to typos in various comments.
Stefan Metzmacher [Thu, 22 May 2008 14:14:51 +0000 (16:14 +0200)]
library-versions: use the same version for talloc and tdb as for the standalone builds
metze
Stefan Metzmacher [Thu, 22 May 2008 13:00:19 +0000 (15:00 +0200)]
libreplace: we need to use AC_TRY_LINK() to make sure HAVE_IPV6 is correctly detected
metze
(cherry picked from commit
84b5652d3e5766521436e4c7d59615b08b2bb198)
Stefan Metzmacher [Wed, 21 May 2008 20:32:21 +0000 (22:32 +0200)]
configure: samba_cv_unixsocket was renamed into libreplace_cv_HAVE_UNIXSOCKET
metze
Stefan Metzmacher [Wed, 21 May 2008 20:31:08 +0000 (22:31 +0200)]
configure: remove HAVE_IPV6 test as LIBREPLACE_NETWORK_CHECKS already have this
metze
Stefan Metzmacher [Wed, 21 May 2008 19:27:45 +0000 (21:27 +0200)]
libreplace: add test for HAVE_IPV6
Samba can later just check libreplace_cv_HAVE_IPV6 = yes.
metze
(cherry picked from commit
e835e7eebcc064ce0813814796828f15ad112fbd)
Michael Adam [Thu, 22 May 2008 09:16:57 +0000 (11:16 +0200)]
rpc_client: make rpc_pipe_open_tcp_port and rpc_pipe_get_tcp_port static.
Slim the interface...
Michael
Michael Adam [Thu, 22 May 2008 09:08:47 +0000 (11:08 +0200)]
torture: add a test program rpc_open_tcp() to test the rpc_pipe_open_tcp() func.
This is still very raw and has yet to be integrated into the test suite.
Michael
Michael Adam [Tue, 20 May 2008 16:08:41 +0000 (18:08 +0200)]
rpc_client: use endpoint mapper to get the port for rpc_pipe_open_tcp().
Michael
Kai Blin [Thu, 22 May 2008 07:40:25 +0000 (09:40 +0200)]
client: Fix the proto header to fix the build.
Volker Lendecke [Thu, 24 Apr 2008 20:45:28 +0000 (22:45 +0200)]
Compile endpoint mapper pidl output
Volker Lendecke [Tue, 20 May 2008 16:25:42 +0000 (18:25 +0200)]
rpc_client: add a destructor to close the socket for pipes over tcp.
used in rpc_pipe_open_tcp() and rpc_pipe_open_ncalrpc().
Volker Lendecke [Mon, 12 May 2008 21:37:07 +0000 (23:37 +0200)]
Add client support for NCACN_UNIX_STREAM
Volker Lendecke [Mon, 12 May 2008 21:35:27 +0000 (23:35 +0200)]
rpccli_schannel_bind_data only needs the schannel key
Volker Lendecke [Mon, 12 May 2008 15:07:37 +0000 (17:07 +0200)]
Rename rpc_pipe_client.tcp.sock to rpc_pipe_client.sock.fd
Volker Lendecke [Mon, 12 May 2008 15:05:42 +0000 (17:05 +0200)]
Fix a comment
Michael Adam [Mon, 19 May 2008 09:31:18 +0000 (11:31 +0200)]
packaging: disable cups in the RHEL-CTDB build.
Michael
(cherry picked from commit
de76543b45a97e41939b50ba7efdc6e4e66ea737)
Michael Adam [Fri, 16 May 2008 21:36:26 +0000 (23:36 +0200)]
packaging: we are at release ctdb.27 in RHEL-CTDB.
Michael
(cherry picked from commit
6e66a0017f9429fb8b3d1757969074be260215e1)
Jeremy Allison [Wed, 21 May 2008 19:39:08 +0000 (12:39 -0700)]
Fix bug #5479, print spool shares require max_xmit to
be adhered to.
Jeremy.
Jelmer Vernooij [Wed, 21 May 2008 16:04:47 +0000 (18:04 +0200)]
Merge branch 'v3-3-test' of ssh://git.samba.org/data/git/samba into docbook
Conflicts:
source/Makefile.in
Jelmer Vernooij [Wed, 21 May 2008 15:55:20 +0000 (17:55 +0200)]
Use double colon targets.
Jelmer Vernooij [Sun, 18 May 2008 16:39:48 +0000 (18:39 +0200)]
Add double-colon where it makes sense.
Jelmer Vernooij [Fri, 16 May 2008 13:46:36 +0000 (15:46 +0200)]
Add test target in Makefile.
Jelmer Vernooij [Fri, 16 May 2008 13:31:54 +0000 (15:31 +0200)]
Make the make output a bit less chatty.