summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* WHATSNEW: Start to add changes since 3.5.8.Karolin Seeger2011-06-141-2/+66
| | | | | | | To be completed... Karolin (cherry picked from commit ac4aca977ecb5fd1a644aa29c4b70503e906f83a)
* Fix bug #8083 - "inherit owner = yes" doesn't interact correctly with ↵Jeremy Allison2011-06-141-3/+27
| | | | | | | | | | | | vfs_acl_xattr or vfs_acl_tdb module. If "inherit owner = yes", pass in the directory owner and group owner as the target for CREATOR_OWNER and CREATOR_GROUP substitutions, and also as the owner and primary group of the new security descriptor being applied to the object. Jeremy. (cherry picked from commit ea331419108ed8575e33394f989240abeede2671)
* Fix bug #6911 - Kerberos authentication from vista to samba fails when ↵Jeremy Allison2011-06-141-3/+25
| | | | | | | | | | | | | | | | | | | | security blob size is greater than 16 kB We were not correctly checking the output of asn1_start_tag(). asn1_start_tag() returns -1 and sets data->has_error if the remaining blob size is too short to contain the tag length. We were checking data->has_error and returning NT_STATUS_OK (to allow the second asn.1 parse to fail in that case). We should not be checking data->has_error in this case, but falling through to the code that already checks the length. Thanks to Jim for reproducing this for me. We don't get bitten by this as we announce a max buffer size of 16k, greater than Windows's 4k, which means that most krb5 spnego packets already fit. Jeremy. (cherry picked from commit c718b7d43bc5616f7f5e110afdf5332a62e04cb8)
* s3-libnet: fix bug #6364: Pull realm from supplied username on libnet joinJim McDonough2011-06-141-0/+7
| | | | (cherry picked from commit 67a9d4bb376d89c4411024164165ca1ed7a0b157)
* s3-printing: remove duplicate cups response processing codeDavid Disseldorp2011-06-141-147/+94
| | | | | | | | | There is currently a lot of duplicate code included for processing responses to CUPS_GET_PRINTERS and CUPS_GET_CLASSES requests. This change splits this code into a separate function. Signed-off-by: Günther Deschner <gd@samba.org> (cherry picked from commit 4f0077cd6a8ffcb9f4980d71c9fc434f7fc1051c)
* s3-printing: use printcap IDL for IPCDavid Disseldorp2011-06-142-129/+108
| | | | | | | | | | | Use printcap IDL for marshalling and unmarshalling messages between cups child and parent smbd processes. This simplifies the IPC and ensures the parent is notified of cups errors encountered by the child. https://bugzilla.samba.org/show_bug.cgi?id=7994 Signed-off-by: Günther Deschner <gd@samba.org> (cherry picked from commit 53ecbc4a8cffe24f94d3e624faf3a9ea9067cc23)
* idl: define printcap IPC message formatDavid Disseldorp2011-06-145-1/+221
| | | | | Signed-off-by: Günther Deschner <gd@samba.org> (cherry picked from commit 2bf4660f2e3cf1921d22f74c2db1a5fb3b531657)
* s3-printing: an empty cups printer list is treated as an errorDavid Disseldorp2011-06-141-6/+17
| | | | | | | | | | | | | | | | | cups_async_callback() is called to receive new printcap data from a child process which requests the information from cupsd. Newly received printcap information is stored in a temporary printcap cache (tmp_pcap_cache). Once the child process closes the printcap IPC file descriptor, the system printcap cache is replaced with the newly populated tmp_pcap_cache, however this only occurs if tmp_pcap_cache is non null (has at least one printer). If the printcap cache is empty, which is the case when cups is not exporting any printers, the printcap cache is not replaced resulting in stale data. Signed-off-by: Günther Deschner <gd@samba.org> (cherry picked from commit 683b0652e23b787c5038ff5d7466fdc2a8b3c07f)
* Fix our asn.1 parser to handle negative numbers.Jeremy Allison2011-06-141-0/+9
| | | | | | | | | | Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Tue May 24 22:57:16 CEST 2011 on sn-devel-104 (cherry picked from commit e719dfd4dc178f001a5f804fb1ac4e587574415f) Fix bug #8163 (asn.1 library does not correctly read negative integers). (cherry picked from commit 859d13141cd831488b60e413f7141514ae4464b5) (cherry picked from commit d210395a50b5d5043bdcfb75f670f8abab91f974)
* Fix bug #8157 - std_pcap_cache_reload() fails to parse a cups printcap file ↵Jeremy Allison2011-06-141-5/+5
| | | | | | | | correctly. The parsing code made some strange assumptions about what is a printer name, and what is a comment. (cherry picked from commit ef1a0c14ab41c87f133d310c5f976548caf15b9a)
* s3-printing: remove pcap_cache_loaded assertsDavid Disseldorp2011-06-142-4/+0
| | | | | | | | | | | | | | | | | | pcap_cache_loaded() assertions were added to the (re)load_printers() functions, to ensure the caller had called pcap_cache_reload() prior to reloading printer shares. The problem is, pcap_cache_loaded() returns false if the the pcap_cache contains no printer entries. i.e. pcap_cache_reload() has run but not detected any printers. Remove these assertions, correct call ordering is already enforced. Signed-off-by: Günther Deschner <gd@samba.org> The last 3 patches address bug #7836 (A newly added printer isn't visbile to clients). (cherry picked from commit a88126d6e8577a9e0b6196acdee70633d0e06259)
* Revert "Revert "s3-printing: update parent smbd pcap cache""David Disseldorp2011-06-143-2/+19
| | | | | | | This reverts commit b6268f507fa3276c2ef22c58bad400a3fed48cd9. Signed-off-by: Günther Deschner <gd@samba.org> (cherry picked from commit 8070240ed7e73b94aba591b6d985e7e32037bb5e)
* Revert "Revert "s3-printing: reload shares after pcap cache fill""David Disseldorp2011-06-146-26/+50
| | | | | | | This reverts commit e4579eab7fe3eab7a5209e6de74e6fd2f53099d0. Signed-off-by: Günther Deschner <gd@samba.org> (cherry picked from commit 9e427e5aced5caeedeeff29b9b962913ee4f796d)
* Revert "s3-spoolss: Added EN ISO 216, A0 and A1 to builtin forms."Karolin Seeger2011-06-141-2/+0
| | | | | | | | This reverts commit 73bec197a91a15aa9a69c9a3868ed51bdd3674ea. Please see bug #8129 (Application requests printing on Format A5, but prints as A4) fro details. (cherry picked from commit f51ee94ee9034f88566c4441eed4ff11697454ec)
* libwbclient: Fix bug 8087 -- wbcChangeUserPasswordEx in RESPONSE mode does ↵Volker Lendecke2011-06-141-8/+8
| | | | | | | | | | | not work This is 03115efae89c8c4f51dea1ce82613817bd9fcf5b from master Actually copy something in wbcChangeUserPasswordEx The length argument for memcpy was initialized to 0 and not initialized (cherry picked from commit c707b1f3b199b8c785a79db308d80eee2926b060)
* s3-net: make sure we dont crash when publishing a single printer.Günther Deschner2011-06-141-0/+5
| | | | | | | | Guenther (cherry picked from commit 21576e3f8c32878910460bf9575c200ad93d682a) Part of a fix for bug #7993 ("net rpc printer MIGRATE" command fails). (cherry picked from commit 9c75728c62cccb8da606ece2d9df08b592e7c7c0)
* s3/configure: fix GNU ld version detection with old gcc releasesBjörn Jacke2011-06-141-1/+1
| | | | | | | | | | | | needed as old gcc releases output everything to stderr, even stdout output from ld Fixes #7825 Autobuild-User: Björn Jacke <bj@sernet.de> Autobuild-Date: Fri Nov 26 20:15:24 CET 2010 on sn-devel-104 (cherry picked from commit 70a7da0e101910e3ceb08b86d4b840b219e24d7d) (cherry picked from commit 19bbd0a4f0c39aaf6f0f3ecdcce7c52bb8264a5a)
* tdb_expand: limit the expansion with huge recordsSimo Sorce2011-06-141-5/+20
| | | | | | | | | ldb can create huge records when saving indexes. Limit the tdb expansion to avoid consuming a lot of memory for no good reason if the record being saved is huge. Fix bug #7610 (winbindd_cache.tdb grows too large when scaled). (cherry picked from commit c8ba5d41f3c2ab25cb9b9d0fa78b4f884d4b9721)
* s3-printing: make cups_pull_comment_location() work again.Günther Deschner2011-06-141-13/+2
| | | | | | | | | | | | | | we deal with lp_cups_server in cups_connect() already, inside the URI all our other cups functions we use ipp://localhost, do the same here. Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Wed May 11 11:36:07 CEST 2011 on sn-devel-104 The last 3 patches address bug #8132 (Samba does not fill printers Location field when using cups). (cherry picked from commit 392d6b2ab8dcde4176a6e872699a5a076ab92068)
* s3-printing: Fix double free of cups request.Günther Deschner2011-06-141-4/+0
| | | | | | | | | | | | | | | | | | We never free the request in our cups api usage except for here. The reason is probably htis (from the cupsDoConnect API docs): "This function sends the IPP request to the specified server, retrying and authenticating as necessary. The request is freed with ippDelete() after receiving a valid IPP response." Revert "Fix a memory leak in cups_pull_comment_location" This reverts commit fee2664dad37536b05ce8bdae3e74d45b257f632. Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Tue May 10 17:32:58 CEST 2011 on sn-devel-104 (cherry picked from commit 019f11dd5b3240d05c1abe30dec3d793d6919313) (cherry picked from commit 5d503c7e8927f2bdb252f2293e53b7e87f2d3cb5)
* s3-printing: very obvious fix for cups_pull_comment_location().Günther Deschner2011-06-141-1/+1
| | | | | | | | This has been in there since 2008... Guenther (cherry picked from commit 3ba3f68e03510e3bb5b7627c200af0395e853bc2) (cherry picked from commit 04e820ef17e5a9df90ff8b7744bf9cce5a00ae05)
* s3-libsmb Don't ever ask for machine$ principals as a target.Andrew Bartlett2011-06-141-29/+6
| | | | | | | | | | | | | | | It is never correct to ask for a machine$ principal as the target of a kerberos connection. You should always connect via the servicePrincipalName. This current code appears to have built up from a series of minimal changes, as the codebase adapted the to lack of a SPNEGO principal from Windows 2008. Andrew Bartlett The last two patches address bug #7893 (CIFS tickets vs. <host>$ tickets). (cherry picked from commit 12bb20a0f6cd85cfdaedf746e7b05416ccde31b0)
* s3-libads Default to NOT using the server-supplied principal from SPNEGOAndrew Bartlett2011-06-144-6/+19
| | | | | | | | | | | | | | | | | | | This principal is not supplied by later versions of windows, and using it opens up some oportunities for man in the middle attacks. (Becuase it isn't the name being contacted that is verified with the KDC). This adds the option 'client use spnego principal' to the smb.conf (as used in Samba4) to control this behaivour. As in Samba4, this defaults to false. Against 2008 servers, this will not change behaviour. Against earlier servers, it may cause a downgrade to NTLMSSP more often, in environments where server names are not registered with the KDC as servicePrincipalName values. Andrew Bartlett (cherry picked from commit bb7806283e71f3b8029aae0eed326b5847a36d83) (cherry picked from commit e962852687f539678b7c38ed21f1b76c328821f2)
* Fix bug 8111 - CIFS VFS: unexpected error on SMB posix openJeremy Allison2011-06-141-12/+49
| | | | | | | | | | We are conflating the O_CREAT|O_EXCL with the O_TRUNC processing, they need to be separate. We need to chose using (O_CREAT|O_EXCL) first, then modify if O_TRUNC is set. This needs two separate switch statements. Jeremy (cherry picked from commit 37823155157d735356e1f223b425252c956d8c04)
* Fix is_myname_or_ipaddr() to be robust against strange DNS setups.Jeremy Allison2011-06-141-31/+57
| | | | | | | | | | | | | | | | | If IPv6 DNS names are turned on, but Samba isn't configured to listen on an IPv6 interface, then is_myname_or_ipaddr() can return false on a valid DNS name that it should detect is our own. If the IPv6 addr is returned by preference, then looking at the first addr only causes is_myname_or_ipaddr() to fail. We need to look at all the addresses returned by the DNS lookup and check all of them against our interface list. This is an order N^2 lookup, but there shouldn't be enough addresses to make this a practical problem. Jeremy. Fix bug #8038 - Connecting to a printer can return INVALID_PARAMETER when IPv6 DNS names are turned on. (cherry picked from commit 80078cb6ef2e6976cb5ab25a86157bca22c836a2)
* s3: Fix bug 8099 - setpwent() actually does endpwent() on FreeBSDSergey Korsak2011-06-141-4/+4
| | | | (cherry picked from commit 2167ac2cd42c9ed5aaae0086dbd27e29d1d77686)
* Fix bug 8072 - PANIC: create_file_acl_common frees handle two times.Jeremy Allison2011-06-141-57/+54
| | | | | | | | | | Caused by premature optimisation storing the parent ACL on the module handle instead of (correctly) on the file fsp. Previous code wasn't reentrant safe. This is less optimal but doesn't crash in the specific case :-). Jeremy. (cherry picked from commit 23e6f41ec923e2d3b4684ee646c8cd29506d787a)
* Fix bug 8088 - rpccli_samr_chng_pswd_auth_crap segfaults if any input blobs ↵Jeremy Allison2011-06-141-4/+17
| | | | | | are null. (cherry picked from commit fae43d2640459fe8cb3d485eacd1624de59b9622)
* Fix bug 6966 - "allow trusted domains = no" not respected in winbind.Dmitry Butskoy2011-06-141-6/+6
| | | | (cherry picked from commit 66de22f7b242ae9e3358d33e580547c2618bd918)
* s3: Fix bug 8066, wrong output in smbgetVolker Lendecke2011-06-141-3/+5
| | | | (cherry picked from commit 4a467155fe9ad66a2d7e7e490d7e3957b4dcb67a)
* Fix bug #7987 - ACL can get lost when files are being renamed.Jeremy Allison2011-06-143-1/+49
| | | | | | | There is no reason for smbd with Windows ACLs to use chmod or fchmod unless it's a file opened with UNIX extensions or with posix pathnames. (cherry picked from commit bea18a55252a06fd1da005a4f57d4d4dd89acaaf)
* s3-cli_pipe: fix timeout in rpc_pipe_open_tcp_port().Günther Deschner2011-06-141-1/+1
| | | | | | | | | | | | | | | | Make sure we use a timeout of 60 seconds, not 60 milliseconds... This prevented us from successfully using the ncacn_ip_tcp client in a lot of places, I guess. Guenther Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Wed Apr 13 18:59:19 CEST 2011 on sn-devel-104 (cherry picked from commit 4b3fe5247a6e16b1ad9f05269e9aa00e3120e36a) Fix bug #8085 - incorrect timeout handling in ncacn_ip_tcp client code. (cherry picked from commit d7d39c723e1855a3d18813e8a79fcca9770b0142)
* s3-docs: document all wbinfo options.Günther Deschner2011-06-141-2/+98
| | | | | | | | | | Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Wed Feb 23 23:45:40 CET 2011 on sn-devel-104 Fix bug #7983 - not all wbinfo parameters are documented in manpage. (cherry picked from commit 7942bf50ce22597833bbfba99776f4b052edff1c)
* s3-modules: Fix debug message (bug #8074)Björn Baumbach2011-06-141-1/+1
| | | | | | | | | | | | Print child descriptor instead of parent. Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Mon Apr 11 11:48:42 CEST 2011 on sn-devel-104 (cherry picked from commit e6cf92c574fba14132757f141d8b1242fa71be88) (cherry picked from commit 42ad7630259829f1c40d9d0fcf5376fa007568a3) (cherry picked from commit 75ab0c486927f674937b3379104eb2e4c8f026e4)
* Fix bug #6762 - ctdb on gpfs error with MS Office.Martin Vogt2011-06-143-2/+30
| | | | (cherry picked from commit 84745fe2ef953b1b5edfef473c88c71cc71d4d1e)
* s3/vfs_gpfs: s/syncops/gpfsBjörn Jacke2011-06-141-1/+1
| | | | | | | | | | as pointed out by Metze in bug #8031 cherry-picked from dca465fa53f4d16cdce1353685b11010aa8ff0c7 The last two patches address bug #8031 - merge patc to make sharemodes/leases parameter a per share setting. (cherry picked from commit fbf1a26be29f3d78d09e5f4285c973db9e16327f)
* s3:vfs:gpfs convert sharemodes/leases parameterChristian Ambach2011-06-142-20/+64
| | | | | | | | convert gpfs:sharemodes and gpfs:leases parameters from a global setting to a per share setting cherry-picked from 22018b8b887c2677d30bbb4589f800197edf0e98 (cherry picked from commit 4413d05bd742f879a6af71206265791ff76070bb)
* s3: Fix bug 8042: File creation on OS/XVolker Lendecke2011-06-141-0/+3
| | | | | | | | | | | | | With a case insensitive file system the stat cache lookup leaked the parent directorys stat information from unix_convert into the smb_filename. This led open_file_ntcreate to believe it just created a directory. In the case where we do the search we already invalidate the stat struct. Thanks to TAKAHASHI Motonobu for insisting! :-) Volker (cherry picked from commit c9015e381905bb254ee61b64d99052b96b4d4913)
* Fix bug #7080 - Quota only shown when logged as root.Jeremy Allison2011-06-143-5/+6
| | | | | Ensure we also check conn->admin_user when rejecting non-root access. (cherry picked from commit 6d360c9e5db64fbd96d353013b7836d771935b6d)
* Fix for servers that don't put a path separator at the end of the service.Larry Reid2011-06-141-4/+13
| | | | | Fix bug 8055 - Can't See Parts of DFS CIFS Share. (cherry picked from commit 0d929df7d194574d283ea5b9f4f8a45d6d214a54)
* s3: Fix Coverity ID 1137: CONSTANT_EXPRESSION_RESULTVolker Lendecke2011-06-141-2/+2
| | | | | | | | | Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Fri Apr 1 09:35:19 CEST 2011 on sn-devel-104 This patch and the last one address bug #8054 - winbindd cache stores/retrieves wrong sizes for 16-bit ints. (cherry picked from commit 5fc7b78c64c43fd345b96dcbc1d30f2cabfaef81)
* s3: Fix Coverity ID 1136: CONSTANT_EXPRESSION_RESULTVolker Lendecke2011-06-141-1/+1
| | | | (cherry picked from commit ec4d201d5b9b86dfead5d999e4f186316797f77f)
* s3: Fix Bug 8047 -- Fix mdns registration if "interfaces=" is usedMarc A. Dahlhaus2011-06-141-0/+7
| | | | (cherry picked from commit baecb5a35e9f50140cf78e2dbdfe9f2791653875)
* alpha_strcpy() is a utility function which reportedly: Strips out all but ↵David Disseldorp2011-06-141-3/+9
| | | | | | | | | | | 'a-Z0-9' and the character in other_safe_chars and replaces with '_'. This statement does not currently hold true in all cases (e.g. src = "ТАНЦЕВАТЬ"). Part of a fix for bug 8040 - smbclient segfaults when a Cyrillic netbios name or workgroup is configured. (cherry picked from commit 3e0f539596fbb867b672eeaff037e81c33428309)
* Fix bug 8040 - smbclient segfaults when a Cyrillic netbios name or workgroup ↵Jeremy Allison2011-06-141-2/+22
| | | | | | | | | | | | | | | | | | | | | | | | | is configured. As discovered by David Disseldorp <ddiss@suse.de>, convert_string_talloc() doesn't always return consistent results for a zero length string. The API states an incoming string must *always* contain the terminating null, but unfotunately too much code expects passing in a zero source length to return a null terminated string, so at least ensure we return a correct null string in the required character set and return the correct length. Also ensure we cannot return a zero length for a converted string (we ensure that the returned buffer is always allocated and zero terminated anyway) as calling code depends on the fact that returning true from this function will *always* return a non-zero length (as it must include the terminating null). Note this is a different fix from what went into master (this is identical to the fix I'm planning for 3.5.x) as convert_string_talloc() has diverged between the two. Jeremy. (cherry picked from commit bb3ed43584e6d2c4d64b5f7b9e70a7db7f3e859d)
* Fix bug #7996 - sgid bit lost on folder rename.Jeremy Allison2011-06-143-1/+24
| | | | | | Refuse to set dos attributes into unix mode bits on such a folder. (cherry picked from commit 90e7f310ec52119359784899945f47d0a9c4e3ae)
* s3: use getgrset() when it is availableChristian Ambach2011-06-142-2/+58
| | | | | | | | | | | | | | | When getgrouplist() is not defined, use getgrset() if it is defined instead of using the initgroups() + getgroups() combo Major contributions from Yannick Bergeron <yaberger@ca.ibm.com> Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Sat Mar 19 10:09:38 CET 2011 on sn-devel-104 (cherry picked from commit ed46dfc4f16e230645fae5f3b3b21c462694c30a) Fix bug #8012 (Use getgrset() instead of initgroups() + getgroups() when getgrouplist() is not defined). (cherry picked from commit 64be11d41292fd2e9f6c13855fa6041b9290ce0c)
* s3: add explicit configure option whether or not to enable dmapi supportBjörn Jacke2011-06-141-1/+22
| | | | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> (similar to commit ce7727c1cc2fe4caa9b2d6e33530c3483dd5f980) Fix bug #8033 - Backport dmapi configure checks. (cherry picked from commit a8552d4ea6ea3b3b59b0d1c39e8fdaf2f9e11a74)
* s3:util_seaccess: make sure that we don't grant SEC_STD_DELETE to the owner ↵Stefan Metzmacher2011-06-141-13/+11
| | | | | | | | | | | | | | by default In the file server SEC_STD_DELETE is granted on the file/directory or by FILE_DELETE_CHILD on the parent directory. metze (similar to commit c7d10179108a3ae8af15c838042294f3fdced03c) The last 2 patches address bug #8034 (SEC_STD_DELETE is always granted to the owner of a file). (cherry picked from commit 14a31111961278db99564d4d694f10ed66ff91bd)
* s3:smbd: access checks should not depend on share mode flagsStefan Metzmacher2011-06-141-1/+0
| | | | | | | metze (cherry picked from commit f0ec69b53544b7ff702f94d58b3d64c33eaabc7a) (cherry picked from commit dca75c8e3ac23256d93269bdc13d1e67571bc9f2) (cherry picked from commit 295271ca3d4346e130363ba227ff66b08368d957)
generated by cgit (git 2.34.1) at 2025-09-04 10:01:27 +0000