Jelmer Vernooij [Fri, 16 Feb 2007 15:35:26 +0000 (15:35 +0000)]
r21388: Merge support for providing replacement system headers.
Günther Deschner [Fri, 16 Feb 2007 15:13:57 +0000 (15:13 +0000)]
r21387: Another important fix for non-AD domains:
Avoid assigning 0 as primary group id for users in NSS calls.
Jerry, please check.
Guenther
Jelmer Vernooij [Fri, 16 Feb 2007 14:50:57 +0000 (14:50 +0000)]
r21385: Regenerate IDL after pidl changes, sync winreg.idl from samba4.
Jeremy Allison [Fri, 16 Feb 2007 13:40:11 +0000 (13:40 +0000)]
r21383: More possible "security=share" fixes. If a client
is sending LMv2 make sure we test with the password
blob in the LM field as well as the NT field.
Jeremy.
Günther Deschner [Fri, 16 Feb 2007 13:30:19 +0000 (13:30 +0000)]
r21382: Important fix for winbind when using non-AD domains.
Jeremy, I'm afraid you removed the "domain->initialized" from the
set_dc_types_and_flags() call when the connect to PI_LSARPC_DS failed
(with rev. 19148).
This causes now that init_dc_connection_network is called again and
again which in turn rescans the DC each time (which of course fails each
time with NT_STATUS_BUFFER_TOO_SMALL). Just continue with the
non-PI_LSARPC_DS scan so that the domain is initialized properly.
Guenther
Volker Lendecke [Fri, 16 Feb 2007 12:13:52 +0000 (12:13 +0000)]
r21379: Attempt to fix the build on "gwen"
Simo Sorce [Thu, 15 Feb 2007 16:50:14 +0000 (16:50 +0000)]
r21369: sys_disk_free return type is SMB_BIG_UINT.
Fix dfree_retval to be SMB_BIG_UINT as well,
otherwise we may wrap up on > 2T file systems.
Simo.
Volker Lendecke [Thu, 15 Feb 2007 14:09:39 +0000 (14:09 +0000)]
r21365: Lets see which build farm machines have makecontext & friends
Günther Deschner [Thu, 15 Feb 2007 12:10:57 +0000 (12:10 +0000)]
r21358: Some more debugging for _nss_winbind_initgroups_dyn() on Linux.
Guenther
Günther Deschner [Thu, 15 Feb 2007 12:05:19 +0000 (12:05 +0000)]
r21357: Fix typo.
Guenther
Günther Deschner [Thu, 15 Feb 2007 11:44:06 +0000 (11:44 +0000)]
r21353: In the turn of tracking down nss_winbind related bugs on Linux:
print NSS_STATUS code with DEBUG_NSS when leaving a function.
Guenther
Günther Deschner [Thu, 15 Feb 2007 00:03:38 +0000 (00:03 +0000)]
r21352: Let ads_upn_suffixes() return a pointer to an array of suffixes.
Guenther
Günther Deschner [Wed, 14 Feb 2007 20:52:23 +0000 (20:52 +0000)]
r21349: Fix memleak in ads_upn_suffixes().
Guenther
Jeremy Allison [Wed, 14 Feb 2007 17:17:32 +0000 (17:17 +0000)]
r21346: FIXME ! Our parsing here is wrong I think,
but for a level3 it makes no sense for
ptr_sec_desc to be NULL. JRA. Based on
a Vista sniff from Martin Zielinski <mz@seh.de>.
Jerry - part of the Vista patchset.
Jeremy.
Günther Deschner [Wed, 14 Feb 2007 16:20:38 +0000 (16:20 +0000)]
r21345: Smaller fixes for adssearch:
* get rid of horrible ads.h parsing
* add LDAP_SERVER_SHUTDOWN_NOTIFY_OID
* display hex bitmasks
Guenther
Jim McDonough [Wed, 14 Feb 2007 14:25:56 +0000 (14:25 +0000)]
r21339: Fix the non-linux build. This is more evidence that this needs to be
moved up one layer.
Günther Deschner [Wed, 14 Feb 2007 13:51:42 +0000 (13:51 +0000)]
r21336: Fix indent (as pointed out by Volker).
Guenther
Jim McDonough [Wed, 14 Feb 2007 02:37:14 +0000 (02:37 +0000)]
r21324: Add linux setlease to the vfs layer. Next round, as Volker points out,
it should be abstracted a little higher up so other os'es can have an
entry, but it will take a bit more work. Thanks to Chetan Shringarpure
and Mathias Dietz.
I didn't increment the vfs number again because the kernel change notify
stuff hasn't been released yet anyway.
Günther Deschner [Tue, 13 Feb 2007 16:04:36 +0000 (16:04 +0000)]
r21320: Display query_user info level 16 in rpcclient.
Guenther
Volker Lendecke [Tue, 13 Feb 2007 15:57:54 +0000 (15:57 +0000)]
r21319: Remove functions not needed anymore
Günther Deschner [Tue, 13 Feb 2007 15:56:09 +0000 (15:56 +0000)]
r21318: Fix Bug #4225.
Cached logon with pam_winbind should work now also for NT4 and samba3
domains.
Guenther
Stefan Metzmacher [Tue, 13 Feb 2007 12:42:28 +0000 (12:42 +0000)]
r21312: merge from SAMBA_4_0:
fix memory hierachy, and access to already freed memory
metze
Günther Deschner [Tue, 13 Feb 2007 11:04:10 +0000 (11:04 +0000)]
r21310: Fix invalid printfs in pam_winbind.
Guenther
Günther Deschner [Tue, 13 Feb 2007 10:56:04 +0000 (10:56 +0000)]
r21309: Add PRINTF_ATTRIBUTE checks for log statements.
Guenther
Günther Deschner [Tue, 13 Feb 2007 10:42:53 +0000 (10:42 +0000)]
r21308: Fix some typos and ensure to null terminate the correct strings.
Guenther
Volker Lendecke [Mon, 12 Feb 2007 23:16:02 +0000 (23:16 +0000)]
r21303: As discussed on samba-technical: Change the static array for the in-memory
mirrors of the hash chain locks to a dynamically allocated one.
Jeremy, I count on you to revert it if the build farm freaks out, it's after
midnight here :-)
Volker
Gerald Carter [Sun, 11 Feb 2007 19:47:38 +0000 (19:47 +0000)]
r21284: Fix some unitilized variable warnings pointed out by Volker.
Steve French [Sun, 11 Feb 2007 19:28:52 +0000 (19:28 +0000)]
r21283: Do not display away debug output of cifs dfs resolver by default
per Dave Howell's suggestion
Volker Lendecke [Sun, 11 Feb 2007 14:55:21 +0000 (14:55 +0000)]
r21280: Fix an uninitialized variable warning. Jeremy, please check.
Volker
Volker Lendecke [Sun, 11 Feb 2007 14:39:21 +0000 (14:39 +0000)]
r21279: Get rid of 'aio write behind', this is broken.
It should probably better be integrated with our write cache.
Volker
Volker Lendecke [Sun, 11 Feb 2007 14:07:50 +0000 (14:07 +0000)]
r21278: The main goal of this was to get rid of the NetInBuffer / set_InBuffer. But it
turns out that this patch actually speeds up the async writes considerably.
I tested writing 100.000 times 65535 bytes with the allowed 10 ops in
parallel. Without this patch it took about 32 seconds on my dual-core 1.6GHz
laptop. With this patch it dropped to about 26 seconds. I can only explain it
by better cache locality, NewInBuffer allocates more than 128k, so we jump
around in memory more.
Jeremy, please check!
Volker
Volker Lendecke [Sun, 11 Feb 2007 13:42:48 +0000 (13:42 +0000)]
r21277: Fix an off by one error in the signal handler for aio: We can actually receive
AIO_PENDING_SIZE signals, not one less.
Jeremy I'm not merging this to 3_0_25, I want you to look at it first!
Volker
Jeremy Allison [Sun, 11 Feb 2007 04:37:56 +0000 (04:37 +0000)]
r21274: As we now have POSIX opens which can unlink
with other open files we may have taken
the delete code path with more than one share mode
entry - ensure we only delete once by resetting
the delete on close flag.
Jeremy.
Gerald Carter [Sat, 10 Feb 2007 20:29:09 +0000 (20:29 +0000)]
r21273: * Protect the sasl bind against a NULL principal string
in the SPNEGO negTokenInit
Volker Lendecke [Sat, 10 Feb 2007 13:15:58 +0000 (13:15 +0000)]
r21269: Reformatting
Volker Lendecke [Fri, 9 Feb 2007 23:14:23 +0000 (23:14 +0000)]
r21265: Fix some valgrind errors -- not in 3_0
Volker Lendecke [Fri, 9 Feb 2007 21:25:22 +0000 (21:25 +0000)]
r21264: LDAP_OPT_ERROR_NUMBER seems more portable than LDAP_OPT_RESULT_CODE
Volker Lendecke [Fri, 9 Feb 2007 20:58:17 +0000 (20:58 +0000)]
r21263: getpeername() returning -1 is not a reliable indication if a TCP connection is
dead. Might be my code, this rings a very distant bell...
Attempt to fix bug # 4372.
Volker
Gerald Carter [Fri, 9 Feb 2007 19:41:09 +0000 (19:41 +0000)]
r21262: Final part of BUG 4093: fix %a with Windows XP 64bit
Jeremy Allison [Fri, 9 Feb 2007 05:16:25 +0000 (05:16 +0000)]
r21259: Fix coverity bug id #340. No way to process
logon parameter as the code was written.
Jeremy.
Gerald Carter [Fri, 9 Feb 2007 02:12:12 +0000 (02:12 +0000)]
r21258: Fix for connecting printers from Vista by storing
the printer GUID as a REG_SZ as Vista seems to
whine about unknown REG_BINARY values.
Thanks to Martin Zielinski <mz@seh.de> for his excellent
analysis on this.
Jeremy Allison [Fri, 9 Feb 2007 02:03:39 +0000 (02:03 +0000)]
r21257: Better fix for bug #4188 :
Windows Vista RC1 and RC2 can't delete directory on Samba share
based on work by Joe Meadows <jmeadows@webopolis.com>.
Jeremy.
Volker Lendecke [Thu, 8 Feb 2007 21:57:41 +0000 (21:57 +0000)]
r21251: Okay, after Jeremy has kindly tested this, check it in :-)
Attached find a workaround that works for me. This is not the "correct" fix,
to me it seems our DFS referral marshalling is broken. Vista requests level 4,
we reply with level 2, and Vista seems not to like that. If we reply with
level 3 it seems more happy.
Needs more work!
Volker
Gerald Carter [Thu, 8 Feb 2007 21:48:09 +0000 (21:48 +0000)]
r21250: Partial fix for BUG 4093: Make %a expand to "Vista"
based on the flags2 values in the negprot request.
This also includes some code for testing the dialect
strings for "SMB 2.001" but this is unreliable as Vista
only sends that in the 1st negprot and caches the fact
that we don't support it. Restartnig the WOrkstation
service on the client clears the cache.
Jeremy Allison [Thu, 8 Feb 2007 20:31:18 +0000 (20:31 +0000)]
r21247: In the refactoring I dropped a RESOLVE_DFSPATH call
from setpathinfo. Return it and make sure all paths
go through a dfs resolve.
Jeremy.
Jeremy Allison [Thu, 8 Feb 2007 19:42:27 +0000 (19:42 +0000)]
r21246: Remove incorrect control on unix set info.
We can take path or handle based calls.
Jeremy.
Günther Deschner [Thu, 8 Feb 2007 17:02:39 +0000 (17:02 +0000)]
r21240: Fix longstanding Bug #4009.
For the winbind cached ADS LDAP connection handling
(ads_cached_connection()) we were (incorrectly) assuming that the
service ticket lifetime equaled the tgt lifetime. For setups where the
service ticket just lives 10 minutes, we were leaving hundreds of LDAP
connections in CLOSE_WAIT state, until we fail to service entirely with
"Too many open files".
Also sequence_number() in winbindd_ads.c needs to delete the cached LDAP
connection after the ads_do_search_retry() has failed to submit the
search request (although the bind succeeded (returning an expired
service ticket that we cannot delete from the memory cred cache - this
will get fixed later)).
Guenther
Simo Sorce [Thu, 8 Feb 2007 14:55:21 +0000 (14:55 +0000)]
r21239: if the workgroup name is longer than 16 chars we get garbage in the string
server_len is usually 256 (fstring).
Correctly terminate saving the lenght
Günther Deschner [Thu, 8 Feb 2007 13:50:47 +0000 (13:50 +0000)]
r21238: Fix tab indent in self-written krb5.confs.
Guenther
Günther Deschner [Thu, 8 Feb 2007 12:40:29 +0000 (12:40 +0000)]
r21237: Forgot configure checks in 3_0 (3_0_25 is fine) for heimdal kinit fix.
Guenther
Herb Lewis [Thu, 8 Feb 2007 02:17:29 +0000 (02:17 +0000)]
r21231: get rid of unused defines that cause a redefined warning
Jeremy Allison [Thu, 8 Feb 2007 00:41:57 +0000 (00:41 +0000)]
r21229: Don't indirect through a potentially null pointer :-).
Jeremy.
Jeremy Allison [Thu, 8 Feb 2007 00:28:25 +0000 (00:28 +0000)]
r21228: Fix for fd leak on error path. Thanks to
dleonard@vintela.com for this fix !
Jeremy.
Jeremy Allison [Thu, 8 Feb 2007 00:14:37 +0000 (00:14 +0000)]
r21227: Quick fix for Stevef - ensure the returned data on open
is 8 byte aligned.
Jeremy.
Jeremy Allison [Wed, 7 Feb 2007 22:20:31 +0000 (22:20 +0000)]
r21226: Fix bug #4377 (rename of "foo" -> "Foo" fails).
This is actually an interesting case as it exposed bad code in our DFS redirect
module (that was where the bug was introduced).
Caused by our turning on dfsroot be default.
Jeremy.
Jeremy Allison [Wed, 7 Feb 2007 20:20:56 +0000 (20:20 +0000)]
r21225: Couple of fixes from Martin Zielinski mz@seh.de,
one typo, one to make sure that time initialization
is done before modules that depend on it (printer
initialization).
Jeremy.
Steve French [Wed, 7 Feb 2007 20:16:02 +0000 (20:16 +0000)]
r21224: Initial checkin of cifs_host_name resolver helper script
(needed by /sbin keyctl utils to finish the upcall)
Jeremy Allison [Wed, 7 Feb 2007 19:43:44 +0000 (19:43 +0000)]
r21223: Try and fix bug #4361 - Vista backup fails.
Based on work from Joe Meadows <jameadows@webopolis.com>.
One for the Vista patchset.
Jeremy.
Volker Lendecke [Wed, 7 Feb 2007 13:26:13 +0000 (13:26 +0000)]
r21219: Speed up the initial startup time of smbd on systems with loaded disk
subsystems. See the comment in the diff.
Volker
Volker Lendecke [Wed, 7 Feb 2007 12:16:23 +0000 (12:16 +0000)]
r21218: Fix typo
Volker Lendecke [Wed, 7 Feb 2007 11:26:36 +0000 (11:26 +0000)]
r21217: Just found a system that does not define in_addr_t but only struct
in_addr. Okay, it's a SuSE 7.0, but if the fix is so simple I think we should
not drop that :-)
Volker
Jeremy Allison [Wed, 7 Feb 2007 02:39:43 +0000 (02:39 +0000)]
r21210: Fix POSIX open to return an info level.
Jeremy.
Jeremy Allison [Wed, 7 Feb 2007 00:49:45 +0000 (00:49 +0000)]
r21207: Make the code match the spec :-).
Jeremy.
Steve French [Tue, 6 Feb 2007 23:25:02 +0000 (23:25 +0000)]
r21204: Add define for new QFS Info for "who am i"
Jelmer Vernooij [Tue, 6 Feb 2007 23:02:27 +0000 (23:02 +0000)]
r21203: Regenerate C files after pidl updates.
Volker Lendecke [Tue, 6 Feb 2007 22:38:31 +0000 (22:38 +0000)]
r21202: On some build hosts, the first tests fail with CONNECTION_REFUSED. On my
solaris 9 box I could solve that with an increased wait time.
Volker
Jeremy Allison [Tue, 6 Feb 2007 21:05:34 +0000 (21:05 +0000)]
r21191: Add in the POSIX open/mkdir/unlink calls.
Move more error code returns to NTSTATUS.
Client test code to follow... See if this
passes the build-farm before I add it into
3.0.25.
Jeremy.
Gerald Carter [Tue, 6 Feb 2007 21:00:51 +0000 (21:00 +0000)]
r21188: bumping passdb version number to make sure this is different than the 3.0.25 branch
Volker Lendecke [Tue, 6 Feb 2007 20:07:29 +0000 (20:07 +0000)]
r21184: Dummy checkin to let the build farm pick up r21183 of Samba4
Gerald Carter [Tue, 6 Feb 2007 17:29:18 +0000 (17:29 +0000)]
r21182: * Refactor the code to obtain the LDAP connection credentials
from both idmap_ldap_{alloc,db}_init()
* Fix the backwards compat support in idmap_ldap.c
* Fix a spelling error in the idmap_fetch_secret() function name
Volker Lendecke [Tue, 6 Feb 2007 17:28:03 +0000 (17:28 +0000)]
r21181: Add some debug, fix the NT_STATUS_IO_TIMEOUT problems in the RAW-NOTIFY test
in the build farm.
Volker
Gerald Carter [Tue, 6 Feb 2007 15:31:17 +0000 (15:31 +0000)]
r21180: fix backwards compatible idmap backends parameter parsing
Andrew Tridgell [Tue, 6 Feb 2007 05:58:35 +0000 (05:58 +0000)]
r21176: merged va_end() changes from Samba4
Jeremy Allison [Mon, 5 Feb 2007 23:33:53 +0000 (23:33 +0000)]
r21166: Ensure we return the correct "EROFS" error on a non-writable
filesystem.
Jeremy.
Volker Lendecke [Mon, 5 Feb 2007 21:18:44 +0000 (21:18 +0000)]
r21165: Lets try the build farm without inotify, we're seeing some
NT_STATUS_IO_TIMEOUT with it.
Samba4 disables inotify as well. Does anybody know why Samba4 does it? Maybe
the same justification holds for 3 as well.
Volker
Jeremy Allison [Mon, 5 Feb 2007 19:32:31 +0000 (19:32 +0000)]
r21164: Fix from Martin Zielinski <mz@seh.de> for EnumprinterdataEX
on Vista.
Jeremy.
Günther Deschner [Mon, 5 Feb 2007 18:11:41 +0000 (18:11 +0000)]
r21161: Another fix for pam_winbind: Move the entire pwd expiry handling into
the PAM_SUCCESS block.
Guenther
Günther Deschner [Mon, 5 Feb 2007 18:04:28 +0000 (18:04 +0000)]
r21160: Some more pam_winbind fixes:
* Consolidate all pam_winbind password expiry warnings in the one
_pam_send_password_expiry_message() call.
* Also convert some more NTSTATUS codes to error messages.
* Add paranoia check to only do all the post-processing after PAM_SUCCESS.
Guenther
Günther Deschner [Mon, 5 Feb 2007 17:35:25 +0000 (17:35 +0000)]
r21159: Cleanup pam_sm_chauthtok() in pam_winbind:
Set info3 strings, krb5ccname and returned username after we changed a
password and sucessfully re-authenticated afterwards. In that case we
ended up without this information.
Guenther
Günther Deschner [Mon, 5 Feb 2007 17:28:55 +0000 (17:28 +0000)]
r21158: Add _pam_setup_krb5_env() and _pam_warn_logon_type() functions for
pam_winbind.
Guenther
Stefan Metzmacher [Mon, 5 Feb 2007 17:20:15 +0000 (17:20 +0000)]
r21157: this is 3.0.26 trunk
metze
Günther Deschner [Mon, 5 Feb 2007 17:14:30 +0000 (17:14 +0000)]
r21155: Forgot one _PAM_LOG_STATE_DATA_STRING call (only in 3_0).
Guenther
Günther Deschner [Mon, 5 Feb 2007 17:12:13 +0000 (17:12 +0000)]
r21154: Add PAM_WINBIND_LOGONSERVER, also merge the various pam_set_data calls.
Guenther
Günther Deschner [Mon, 5 Feb 2007 15:25:31 +0000 (15:25 +0000)]
r21152: Correctly omit pam conversations when PAM_SILENT has been set by the
calling application.
Guenther
Gerald Carter [Mon, 5 Feb 2007 15:16:30 +0000 (15:16 +0000)]
r21151: applying patches for CVE-2007-045[34]
Volker Lendecke [Mon, 5 Feb 2007 15:07:44 +0000 (15:07 +0000)]
r21150: Activate RAW-NOTIFY
Günther Deschner [Mon, 5 Feb 2007 15:04:09 +0000 (15:04 +0000)]
r21149: Only say we are a groupmember for the optimized (rid 513) membership
lookup when we actually are. Although the Linux nss winbind backend
protects against num_mem != 0 && buf == NULL.
Guenther
Günther Deschner [Mon, 5 Feb 2007 14:57:31 +0000 (14:57 +0000)]
r21146: Fix debug typos.
Guenther
Günther Deschner [Mon, 5 Feb 2007 14:46:36 +0000 (14:46 +0000)]
r21145: Convert some int to BOOL in pam_winbind (only in 3_0).
Guenther
Günther Deschner [Mon, 5 Feb 2007 14:43:06 +0000 (14:43 +0000)]
r21144: Create more accurate warning message when the pam_winbind chauthtok has
received NT_STATUS_PASSWORD_RESTRICTION.
Guenther
Günther Deschner [Mon, 5 Feb 2007 14:34:12 +0000 (14:34 +0000)]
r21143: Fix wrong check for pam error codes for getpwnam and lookup winbind
requests in pam_winbind (Bug #4094).
Inspired by fix from Lars Heete.
Guenther
Derrell Lipman [Sat, 3 Feb 2007 17:20:53 +0000 (17:20 +0000)]
r21133: - Apply patch from ages ago, which should allow following \\server\share\path
DFS referrals. This doesn't appear to break anything in the non-DFS case,
but I don't have an environment to test DFS referrals. Need confirmation
from OP that this solves the problem.
Derrell Lipman [Sat, 3 Feb 2007 17:13:58 +0000 (17:13 +0000)]
r21132: - Fixes bug 4366. Documentation for smbc_utimes() was incorrect.
- Should fix bug 4115 (but needs confirmation from OP). If the kerberos use
flag is set in the context, then also pass it to smbc_attr_server for use by
cli_full_connection()
- Should fix bug 4309 (but needs confirmation from OP). We no longer send a
keepalive packet unconditionally. Instead, we assume (yes, possibly
incorrectly, but it's the best guess we can make) that if the connection is
on port 139, it's netbios and otherwise, it isn't. If netbios is in use, we
send a keepalive packet. Otherwise, we check that the connection is alive
using getpeername().
Volker Lendecke [Sat, 3 Feb 2007 16:53:52 +0000 (16:53 +0000)]
r21131: Some notify fixes
Gerald Carter [Sat, 3 Feb 2007 13:31:47 +0000 (13:31 +0000)]
r21130: Don't mix SAFE_FREE() and TALLOC_FREE().
Jeremy Allison [Sat, 3 Feb 2007 00:50:47 +0000 (00:50 +0000)]
r21129: Fix from Martin Zielinski <mz@seh.de> - ensure
the hand marshalled container size is a multiple
of 4 bytes for RPC alignment.
Jeremy.
Jeremy Allison [Fri, 2 Feb 2007 22:02:42 +0000 (22:02 +0000)]
r21128: Fix Vista connecting to Samba in share level security.
Vista sends the NTLMv2 blob by default in the tconX
packet. Make sure we save off the workgroup the user
was logged into on the client in the sessionsetupX
and re-use it for the NTLMv2 calc.
Jeremy.
Volker Lendecke [Fri, 2 Feb 2007 17:48:21 +0000 (17:48 +0000)]
r21127: Add a mitigating comment ;-))
Volker Lendecke [Fri, 2 Feb 2007 14:55:21 +0000 (14:55 +0000)]
r21123: Make notify_fsp() static to notify.c.
Volker
Günther Deschner [Fri, 2 Feb 2007 13:03:06 +0000 (13:03 +0000)]
r21122: Simplify code in pam_winbind a bit.
Guenther