summaryrefslogtreecommitdiffstats
path: root/source
Commit message (Collapse)AuthorAgeFilesLines
* Bug 6488: acl_group_override() call in posix acls references an ↵samba-3.2.13Jeremy Allison2009-06-221-12/+10
| | | | uninitialized variable. (cherry picked from commit f92195e3a1baaddda47a5d496f9488c8445b41ad)
* VERSION: Raise version number up to 3.2.13.Karolin Seeger2009-06-181-1/+1
| | | | Karolin
* Fix bug 6478Volker Lendecke2009-06-181-20/+20
| | | | This is the part of checkin cfee2025 that is relevant to this bug.
* s3/idmap: Fix out of memory error with Winbind idmap.Sébastien Prud'homme2009-06-151-2/+6
| | | | | This fixes bug #5945. (cherry picked from commit a7735416792f8156e53a04af98e7e2dff0b6707d)
* Revert the extra SAMR and LSA checks.Jeremy Allison2009-06-152-70/+0
| | | | | | These were added between 3.2.4 and 3.2.5 that have caused users problems. This fixes among others bug #6089 and #6112. (cherry picked from commit f2a29585123e6072a75eb9abdd202f99f5a01e1e)
* s3-groupdb: fix enum_aliasmem in ldb branch.Günther Deschner2009-06-151-1/+1
| | | | | | | | | | | | It is totally valid to have an alias with no members. This fixes bug #6465. Tridge, please check. Found by RPC-SAMR torture test. Guenther (cherry picked from commit d27c4346397b828e3d7d01473f174577440d950a)
* s3/passdb: Fix debug message: 'net setmaxrid' does not exist.Karolin Seeger2009-06-101-2/+2
| | | | | | | | | This is aiming bug #6351. Karolin (cherry picked from commit c94d1cd7b1dc3ff99ae5a1eb9058ed6015fb9749) (cherry picked from commit 11ed212591d612632fcb47f1eac10507b89ffdec) (cherry picked from commit 28d4cd50d1a76bc374a8420c490411a52c32fdbb)
* s3-samr: Fix Bug #6372, usermanager only displaying 1024 groups and aliases.Günther Deschner2009-06-101-0/+12
| | | | | | | | This is now also verified with the RPC-SAMR-LARGE-DC test. Guenther (cherry picked from commit fca7dce1a908570e463ddcbd663955fcafd1d843) (cherry picked from commit 6ad726f50ee10ac2a2f157906b3b3adb88bfea37)
* VERSION: Raise version number up to 3.2.12.Karolin Seeger2009-06-021-1/+1
| | | | | Karolin (cherry picked from commit a7fbd3ae42fd3849150da27c37405dbefb59f86e)
* s3: zero an uninitialized arrayMarc VanHeyningen2009-06-021-1/+4
| | | | | | | | | Invalid pointers were being dereferenced in lookup_sids causing occasional seg faults. Signed-off-by: Tim Prouty <tprouty@samba.org> (cherry picked from commit 34ca12c9396f7c8475cd1525bdbc40021b0e533f) (cherry picked from commit 9f5f8278b905b38d288618916c23f85373919b83)
* Fix a race condition in winbind leading to a panicVolker Lendecke2009-06-021-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | In winbind, we do multiple events in one select round. This needs fixing, but as long as we're still using it, for efficiency reasons we need to do that. What can happen is the following: We have outgoing data pending for a client, thus state->fd_event.flags == EVENT_FD_WRITE Now a new client comes in, we go through the list of clients to find an idle one. The detection for idle clients in remove_idle_client does not take the pending data into account. We close the socket that has pending outgoing data, the accept(2) one syscall later gives us the same socket. In new_connection(), we do a setup_async_read, setting up a read fde. The select from before however had found the socket (that we had already closed!!) to be writable. In rw_callback we only want to see a readable flag, and we panic in the SMB_ASSERT(flags == EVENT_FD_READ). Found using bin/smbtorture //127.0.0.1/tmp -U% -N 500 -o 2 local-wbclient Volker (commit 68c5c6df in master) (cherry picked from commit d12681489f18df97b11c4ce6e069d6e2d006c184)
* s3/groupmapping: Groupdb mapping fix (bug #6386).Jeremy Allison2009-06-021-6/+20
| | | | (cherry picked from commit fad2741ec79a34f25577d0a5d3c35a6455d3ce24)
* Insure we always return NULL on error.Simo Sorce2009-06-021-0/+1
| | | | | | | | It is not technically an ldb bug, but apparently some callers try to access res before checking the ldb_search() return code. So make their attempt very evident (a NULL dereference will make it cristal clear where the bug is). (cherry picked from commit c60539f31f63bd65e5b0e3ee16365f036bef3d5b)
* Make test for open modes more robust against other bits.Jeremy Allison2009-06-021-1/+1
| | | | | | | Jeremy. (cherry picked from commit 8d178837f259757340a09a688ed194e3e4a92c36) (cherry picked from commit 6631ca4a51d4b13d2edd2dc899f7b76c233825b5) (cherry picked from commit a7f96104b957ba0eb910f8c0073818f872345e3c)
* Fix bug in processing of open modes in POSIX open.Jeremy Allison2009-06-021-0/+2
| | | | | | | | | | Was missing case of "If file exists open. If file doesn't exist error." Damn damn damn. CIFSFS client will have to have fallback cases for this error for a long time. Jeremy. (cherry picked from commit b652082648c49b525d2b2ce619b575ee75bc242e) (cherry picked from commit 12cf12f10c1c6adad568daf6c16144a99b0f822e) (cherry picked from commit 2050a239a5fee6cfd17d083619cc4a03a3a6dd6d)
* Fix bug 6382: Case insensitive access to DFS links brokenVolker Lendecke2009-06-021-0/+2
| | | | (cherry picked from commit cdc93a7edc6798078a7b21b1728a844437b6522b)
* s3-auth: use full 16byte session key in make_user_info_netlogon_interactive().Jeremy Allison2009-06-022-3/+2
| | | | | | | | | | | | | | | | | | | Patch from Jeremy. With this patch, I was able to join Windows 7 RC to a Samba3 DC, and login into a Samba 3 Domain. There are still two registry settings required: HKLM\System\CCS\Services\LanmanWorkstation\Parameters DWORD DomainCompatibilityMode = 1 DWORD DNSNameResolutionRequired = 0 Do *not* modify the other netlogon registry parameters that were passed around, they weaken security. Guenther / Jeremy. (cherry picked from commit 43bab13d00fa073acf709ac9a66cb2782694811b)
* s3-credentials: protect netlogon_creds_server_step() against NULL creds.Guenther Deschner2009-06-021-0/+4
| | | | | | | Found by SCHANNEL torture tests. Guenther (cherry picked from commit c578c66569eed3ae19b42c9787399eb70b935e0a)
* After getting confirmation from Guenther, add 3 changes we'll ultimately ↵Jeremy Allison2009-06-021-13/+23
| | | | | | need to fix bug #6099 Samba returns incurrate capabilities list. 1). Add a comment to point out that r->in.negotiate_flags is an aliased pointer to r->out.negotiate_flags. 2). Ensure we return NETLOGON_NEG_STRONG_KEYS in our flags return if the client requested it. 3). Clean up the error exits so we always return the same way. Signed off by Guenther. Jeremy. (cherry picked from commit 59ee131464636d3363bc7ee398ba6390a6333558)
* Jeremy, with 9a5d5cc1db0ee60486f932e34cd7961b90c70a56 you alter the in ↵Guenther Deschner2009-06-021-2/+6
| | | | | | | negotiate flags (which are a pointer to the out negotiate flags assigned in the generated netlogon server code). So, while you wanted to just set the *out* negflags, you did in fact reset the *in* negflags, effectively eliminating the NETLOGON_NEG_STRONG_KEYS bit (formerly known as NETLOGON_NEG_128BIT) which then caused creds_server_init() to generate 64bit creds instead of 128bit, causing the whole chain to break. *Please* check. Guenther (cherry picked from commit 853bbc0d3920654aa7401fa5d6fcba7ff86e1a21)
* s3/ldap: also handle DirX return codesBjörn Jacke2009-06-021-0/+2
| | | | | | this is a backport of f238809d236443b8968e1b4b197a55935c7c7e85 from master (cherry picked from commit 1b040289f14bb22d3b6ab07a452236549d6c9bf6) (cherry picked from commit 7f1771f26dcc334c32df332545d33937f8602bd6)
* s3:smbd: fix posix acls when setting an ACL without explicit ACE for the ↵Stefan Metzmacher2009-06-021-3/+18
| | | | | | | | | | | | | | | | | | | owner (bug#2346) The problem of bug #2346 remains for users exported by winbindd, because create_token_from_username() just fakes the token when the user is not in the local sam domain. This causes user_in_group_sid() to give totally wrong results. In uid_entry_in_group() we need to check if we already have the full unix token in the current_user struct. If so we should use the current_user unix token, instead of doing a very complex user_in_group_sid() which doesn't give reliable results anyway. metze (cherry picked from commit b79eff843be392f3065e912edca1434081d93c44) (cherry picked from commit cb5c72c0a05a78ff1b86eb02cf5ecd3d7d69623d) (cherry picked from commit ef0d72513b5404f176186632aab67d7b87039ba2)
* Fix bug 5798: "CFLAGS info lost in configure"Volker Lendecke2009-06-021-1/+1
| | | | | | | | picked from 9097a67de Volker (cherry picked from commit 9ffb1e6f0ded2647efe567912873a1a63e2ffed1) (cherry picked from commit d3f39da433c22632007a9300d4dab4cda0dfd43e)
* Fix bug #6291 - force user stop working. A previous fix broke the invariant ↵Jeremy Allison2009-06-021-1/+37
| | | | | | | that *uid is always initialized on return from create_token_from_username(). Restore it. Jeremy. (cherry picked from commit 09b76c57098ed4d11855000ae31cd346cb9a765d) (cherry picked from commit 191e4c415e7008070110970ba51f3f82dc493a8b)
* 3.2 samr bug 6301: fix samr_ConnectVersion enum which is 32bit not 16bit.Günther Deschner2009-06-022-4/+4
| | | | | | | Port of 67ca76c288eb095ae to 3.2 Signed-off-by: Volker Lendecke <vl@samba.org> (cherry picked from commit 0b0b0499f0ba60cfff943fa2200a6534c0a3f816)
* s3-selftest: test wbinfo --allocate-uid/gid.Günther Deschner2009-06-021-0/+2
| | | | | | Guenther (cherry picked from commit c3843c40b5c426910a184dcef3b17283e6e224e9) (cherry picked from commit 679be14a080dfcbbbc9403ff0fc67b61073a357e)
* Fix profile acls in some corner casesSimo Sorce2009-06-021-3/+18
| | | | | | Always add back the real original owner of the directory in the ACE List after we steal its ACE for the Administrators group. (cherry picked from commit 8e438431a1447fd482c107fbe0aee3af49afe068)
* Avoid duplicate acesSimo Sorce2009-06-021-13/+48
| | | | | | | When adding arbitrary aces to an nt_ace_list we need to make sure we are not actually adding a duplicate. add_or_replace_ace() takes care of doing the right thing. (cherry picked from commit 958207e321f330426536bf7e936b30fa2efffddc)
* Add comment explaining the previous fix.Jeremy Allison2009-06-021-0/+6
| | | | | Jeremy. (cherry picked from commit 9da82269dc6d9da3c0393a85e0217bf22cd2fe5c)
* Fix bug #6279 - winbindd crash. Cope with LDAP libraries returning ↵Jeremy Allison2009-06-021-0/+4
| | | | | | | LDAP_SUCCESS but not returning a result. Jeremy (cherry picked from commit e7687dd9ca244a53fdf2312a78cdb028dd8971d5)
* s3:net: add --request-timeout optionStefan Metzmacher2009-06-023-1/+7
| | | | | | | | metze (cherry picked from commit 257809558bfab3e45703cf8be76357596392a3ea) (cherry picked from commit e20b8706401d1a4eee0fe494825deef6ab23ab23) (cherry picked from commit d80e02de5714aaa650bef91767ce0775bd2392f5) (cherry picked from commit 340c23e150061a20af72e9b9a1762d288660861c)
* s3:net_rpc: don't shutdown a cli_state passed from the callerStefan Metzmacher2009-06-021-9/+8
| | | | | | | | | | | This fixes a crash bug if we timeout in net rpc trustdom list. metze (cherry picked from commit c0dfe0cf80ee50f395912b7d6aec0d87febd34c0) (cherry picked from commit d87563604ca7b1c18c5a84d76726c2a99dc454f8) (cherry picked from commit cba4214b963983730bedc792e391b5435889597a) (cherry picked from commit 34bf50b0302ff112af52088b93b40b1bcaf002e8)
* s3:registry: Prevent creation of keys containing the '/' character.Michael Adam2009-06-021-0/+10
| | | | | | | | | | | | | | | Even though "net conf setparm abc/def comment xyz" does not create a broken registry we do not want such keys to be created. Since we get problems accessing these with "net registry" since the registry code treats the '/' sign as a separator as a lower level. This makes e.g. "net conf setparm abc/def comment xyz" fail with WERR_INVALID_PARAM, which is much more desirable than a broken registry.tdb. Michael (cherry picked from commit de6f09988d84752e5333cba1fa69c5a685e903b7)
* VERSION: Raise version number upt to 3.2.11.Karolin Seeger2009-04-171-1/+1
| | | | | Karolin (cherry picked from commit aaf5c25489b916d4892ce757bb5c0f32f9910c59)
* When doing a cli_ulogoff don't invalidate the cnum, invalidate the vuid.Jeremy Allison2009-04-171-1/+1
| | | | | Jeremy. (cherry picked from commit 72f55ca71c2d9b4c24866b7e1418fa4c17948db6)
* Don't look up local user for remote changes, even when root.Jim McDonough2009-04-171-6/+10
| | | | (cherry picked from commit 1c47bcb5b24ab360d5e632bbf3dcbc7d1d9f6fc4)
* s3-lsa: Fix Bug #6263. Unexpected LookupSids reply crashes XP pre-SP3.Günther Deschner2009-04-171-1/+9
| | | | | | | | LookupSids needs to bounce back string sids in case of NT_STATUS_NONE_MAPPED. Guenther (cherry picked from commit 597be402e40ff880b595ae49a8600b932365cbcb) (cherry picked from commit f049fb5643f93cc4806ada5db8e591bbe4cb9204)
* Fix bug #6089 - Winbind samr_OpenDomain not possible with Samba 3.2.6+Jeremy Allison2009-04-173-13/+6
| | | | | | | | What a difference a name makes... :-). Just because something is missnamed SA_RIGHT_SAM_OPEN_DOMAIN, when it should actually be SA_RIGHT_SAM_LOOKUP_DOMAIN, don't automatically use it for a security check in _samr_OpenDomain(). Jeremy. (cherry picked from commit 3591c95beaed3abfa10b1579e377b0103647a177)
* s3-loadparm: Fix resume command typo for "printing = vlp".Guenther Deschner2009-04-171-1/+1
| | | | (cherry picked from commit 8203f5f3890afec3ec631f822b0f2e5ddd262b9a)
* Fix a memleak in an unlikely error path in change_notify_create()Volker Lendecke2009-04-171-0/+1
| | | | (cherry picked from commit 7284b7bb226990abce91d40782bf4e592e2f7b4d)
* Fix bug #6254 - PUT/GET produces an error in IPv6 to a smb-server(3.3)Jeremy Allison2009-04-171-18/+23
| | | | | | | | | | | has parameter "msdfs root = yes" This was broken by the refactoring around create_file(). MSDFS pathname processing must be done FIRST. MSDFS pathnames containing IPv6 addresses can be confused with NTFS stream names (they contain ":" characters. Jeremy. (cherry picked from commit eb29aa406f14397e3c55e559e2c02da6eb6c4cbd)
* s3/popt.h: Fix typo.Karolin Seeger2009-04-171-1/+1
| | | | | | | | This used to be commit 8da2fa36 in master. Karolin (cherry picked from commit 3df28fce45ce552df2c0815597fc1808ea08b363) (cherry picked from commit 89542c9dc4fede1547886b480791322f0497f277)
* s3/loadparm: Fiy typos.Karolin Seeger2009-04-171-2/+2
| | | | | | | | This used to be commit 44588095 in master. Karolin (cherry picked from commit 7648c51afaf844e576935dadc0d66a94e2cad28b) (cherry picked from commit a3081c94e64d226328885191212bd1ba46add09e)
* s3/gpo_ldap: Fix typo.Karolin Seeger2009-04-171-1/+1
| | | | | | | | This used to be commit a103222e in master. Karolin (cherry picked from commit a33677c8a80925965a4023785fc3a221d2ed9585) (cherry picked from commit 7038846d514b9ea25d991bc72b807921ab1ee158)
* s3/smbconf_reg: Fix typo.Karolin Seeger2009-04-171-1/+1
| | | | | | | | This used to be commit 6343cab3 in master. Karolin (cherry picked from commit 56e877662dd6da64b348803c24e85f60ee6b3d85) (cherry picked from commit 36cb36581208f754b14e2a955fbd886e6c82cfaa)
* Fix smbd crash for close_on_completionVolker Lendecke2009-04-171-0/+4
| | | | | | | handle_trans() can talloc_free "conn" if the client requests close_on_completion. "state" is a talloc_child of conn, so it will be gone when we later free state->data et al. (cherry picked from commit 51ecc77eeabe5fc89e4d1b1fb8a15c71614d4049)
* Allow pdbedit to change a user rid/sid. Based on a fix from AlexanderJeremy Allison2009-04-171-3/+57
| | | | | | Zagrebin <alexz@visp.ru>. Jeremy. (cherry picked from commit 5b43fff78081541f642b07a70b03c6d5902e42dd)
* VERSION: Raise version number up to 3.2.10.Karolin Seeger2009-04-011-1/+1
| | | | | Karolin (cherry picked from commit 887420a30dbb178f29ee9313f2c19dd1b3c3c5e9)
* Tidy up some convert_string_internal error cases, found by Andrew Bartlett.Jeremy Allison2009-04-011-6/+19
| | | | | Jeremy. (cherry picked from commit 3797ddb3acc713cc200114e9e27dfb3901e5cdf1)
* s3: fix the fix for bug #6195 - dont let smbd child processes panicMichael Adam2009-04-011-2/+16
| | | | | | | | | | | | This patch makes sure the original and temporary TDBs are closed _before_ the rename. Originally, the open TDB was renamed, and so the name passdb.tdb.tmp stayed around in the db context. Hence upon client connect, the smbd children died because reinit_after_fork() calling tdb_reopen_all() would try to reopen passdb.tdb.tmp which existed no longer... Michael (cherry picked from commit 1ab40fbca806f1136dd1d65edd688beb5ec592c7)
generated by cgit (git 2.34.1) at 2024-06-13 15:52:28 +0000