From f853ab4f5071c448d0b54f40cdb0584d305805a3 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Tue, 26 Jun 2007 01:14:37 +0000 Subject: r23602: grab final changes for 3.0.25b due out tomorrow --- WHATSNEW.txt | 12 ++++++++++-- source/client/smbmount.c | 5 ++++- source/client/smbumount.c | 4 +++- source/include/includes.h | 2 +- source/libsmb/clikrb5.c | 16 ++++++++++------ source/nmbd/nmbd_winsserver.c | 1 + source/nsswitch/winbindd_cm.c | 12 +++--------- source/nsswitch/winbindd_util.c | 6 ++++++ source/registry/reg_eventlog.c | 4 ++++ source/rpc_server/srv_eventlog_nt.c | 4 ++++ source/smbd/files.c | 3 +++ source/smbd/oplock.c | 10 ++++------ 12 files changed, 53 insertions(+), 26 deletions(-) diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 30f17c156e6..17e6b9199d0 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,6 +1,6 @@ =============================== Release Notes for Samba 3.0.25b - June 20, 2007 + June 26, 2007 =============================== This is the third production release of the Samba 3.0.25 code @@ -44,16 +44,24 @@ o Jeremy Allison * Fix sync_file() to return NTSTATUS and return this on failure in the write reply path. * BUG 4678,4697: Fix token creation for clear text logins. + * BUG 4725: Don't crash when no eventlog names are defined in + smb.conf. + * Ensure we will always release any timeout handler on fsp close + or removal of oplock. o Jacob Berkman * BUG 4566: Pass password data to krb5_prompter. +o Gerald (Jerry) Carter + * BUG 4579: Fix "wbinfo -t" when running winbindd on a Samba DC. + + o Guenther Deschner * BUG 4657: Fix compilation and linking of pam_smbpass.so. * Add more netlogon GetDcName() client calls. - + * Fix event based krb5 ticket refreshing in winbindd. o SATOH Fumiyasu * BUG 4720: Fix smbclient connections to share names containing diff --git a/source/client/smbmount.c b/source/client/smbmount.c index 805245b634b..b1462dbddf1 100644 --- a/source/client/smbmount.c +++ b/source/client/smbmount.c @@ -152,7 +152,7 @@ static struct cli_state *do_connection(char *the_service) /* have to open a new connection */ if (!(c=cli_initialise()) || (cli_set_port(c, smb_port) != smb_port) || - !cli_connect(c, server_n, &ip)) { + !NT_STATUS_IS_OK(cli_connect(c, server_n, &ip))) { DEBUG(0,("%d: Connection to %s failed\n", sys_getpid(), server_n)); if (c) { cli_shutdown(c); @@ -669,6 +669,9 @@ static void usage(void) printf("Version %s\n\n",SAMBA_VERSION_STRING); + printf("Please be aware that smbfs is deprecated in favor of " + "cifs\n\n"); + printf( "Options:\n\ username= SMB username\n\ diff --git a/source/client/smbumount.c b/source/client/smbumount.c index 7ad7ed22af0..4be54b67936 100644 --- a/source/client/smbumount.c +++ b/source/client/smbumount.c @@ -32,7 +32,9 @@ static void usage(void) { - printf("usage: smbumount mountpoint\n"); + printf("usage: smbumount mountpoint\n\n"); + printf("Please be aware that smbfs is deprecated in favor of " + "cifs\n"); } static int diff --git a/source/include/includes.h b/source/include/includes.h index 14bfc2d6409..f8c2b50fd3d 100644 --- a/source/include/includes.h +++ b/source/include/includes.h @@ -1182,7 +1182,7 @@ BOOL smb_krb5_principal_compare_any_realm(krb5_context context, int cli_krb5_get_ticket(const char *principal, time_t time_offset, DATA_BLOB *ticket, DATA_BLOB *session_key_krb5, uint32 extra_ap_opts, const char *ccname, time_t *tgs_expire); PAC_LOGON_INFO *get_logon_info_from_pac(PAC_DATA *pac_data); -krb5_error_code smb_krb5_renew_ticket(const char *ccache_string, const char *client_string, const char *service_string, time_t *new_start_time); +krb5_error_code smb_krb5_renew_ticket(const char *ccache_string, const char *client_string, const char *service_string, time_t *expire_time); krb5_error_code kpasswd_err_to_krb5_err(krb5_error_code res_code); krb5_error_code smb_krb5_gen_netbios_krb5_address(smb_krb5_addresses **kerb_addr); krb5_error_code smb_krb5_free_addresses(krb5_context context, smb_krb5_addresses *addr); diff --git a/source/libsmb/clikrb5.c b/source/libsmb/clikrb5.c index 7043a26408c..6337b50ce9f 100644 --- a/source/libsmb/clikrb5.c +++ b/source/libsmb/clikrb5.c @@ -1095,7 +1095,7 @@ out: krb5_error_code smb_krb5_renew_ticket(const char *ccache_string, /* FILE:/tmp/krb5cc_0 */ const char *client_string, /* gd@BER.SUSE.DE */ const char *service_string, /* krbtgt/BER.SUSE.DE@BER.SUSE.DE */ - time_t *new_start_time) + time_t *expire_time) { krb5_error_code ret; krb5_context context = NULL; @@ -1150,8 +1150,8 @@ out: ret = krb5_cc_store_cred(context, ccache, &creds); - if (new_start_time) { - *new_start_time = (time_t) creds.times.renew_till; + if (expire_time) { + *expire_time = (time_t) creds.times.endtime; } krb5_free_cred_contents(context, &creds); @@ -1184,7 +1184,11 @@ out: } } else { /* build tgt service by default */ - client_realm = krb5_princ_realm(context, client); + client_realm = krb5_princ_realm(context, creds_in.client); + if (!client_realm) { + ret = ENOMEM; + goto done; + } ret = krb5_make_principal(context, &creds_in.server, *client_realm, KRB5_TGS_NAME, *client_realm, NULL); if (ret) { goto done; @@ -1208,8 +1212,8 @@ out: ret = krb5_cc_store_cred(context, ccache, creds); - if (new_start_time) { - *new_start_time = (time_t) creds->times.renew_till; + if (expire_time) { + *expire_time = (time_t) creds->times.endtime; } krb5_free_cred_contents(context, &creds_in); diff --git a/source/nmbd/nmbd_winsserver.c b/source/nmbd/nmbd_winsserver.c index c0d21ba42dc..9b9f7401675 100644 --- a/source/nmbd/nmbd_winsserver.c +++ b/source/nmbd/nmbd_winsserver.c @@ -2333,6 +2333,7 @@ void wins_write_database(time_t t, BOOL background) if (tdb_reopen(wins_tdb)) { DEBUG(0,("wins_write_database: tdb_reopen failed. Error was %s\n", strerror(errno))); + _exit(0); return; } } diff --git a/source/nsswitch/winbindd_cm.c b/source/nsswitch/winbindd_cm.c index 92119022290..f96478fe516 100644 --- a/source/nsswitch/winbindd_cm.c +++ b/source/nsswitch/winbindd_cm.c @@ -249,9 +249,7 @@ static void check_domain_online_handler(struct event_context *ctx, DEBUG(10,("check_domain_online_handler: called for domain %s\n", domain->name )); - if (domain->check_online_event) { - TALLOC_FREE(domain->check_online_event); - } + TALLOC_FREE(domain->check_online_event); /* Are we still in "startup" mode ? */ @@ -303,9 +301,7 @@ void set_domain_offline(struct winbindd_domain *domain) DEBUG(10,("set_domain_offline: called for domain %s\n", domain->name )); - if (domain->check_online_event) { - TALLOC_FREE(domain->check_online_event); - } + TALLOC_FREE(domain->check_online_event); if (domain->internal) { DEBUG(3,("set_domain_offline: domain %s is internal - logic error.\n", @@ -400,9 +396,7 @@ static void set_domain_online(struct winbindd_domain *domain) /* Ensure we have no online timeout checks. */ domain->check_online_timeout = 0; - if (domain->check_online_event) { - TALLOC_FREE(domain->check_online_event); - } + TALLOC_FREE(domain->check_online_event); /* Ensure we ignore any pending child messages. */ message_deregister(MSG_WINBIND_TRY_TO_GO_ONLINE); diff --git a/source/nsswitch/winbindd_util.c b/source/nsswitch/winbindd_util.c index bf575bae26a..9a0ade55416 100644 --- a/source/nsswitch/winbindd_util.c +++ b/source/nsswitch/winbindd_util.c @@ -91,6 +91,9 @@ static BOOL is_internal_domain(const DOM_SID *sid) if (sid == NULL) return False; + if ( IS_DC ) + return sid_check_is_builtin(sid); + return (sid_check_is_domain(sid) || sid_check_is_builtin(sid)); } @@ -99,6 +102,9 @@ static BOOL is_in_internal_domain(const DOM_SID *sid) if (sid == NULL) return False; + if ( IS_DC ) + return sid_check_is_in_builtin(sid); + return (sid_check_is_in_our_domain(sid) || sid_check_is_in_builtin(sid)); } diff --git a/source/registry/reg_eventlog.c b/source/registry/reg_eventlog.c index ea2b274f88a..1ad80d2b0e9 100644 --- a/source/registry/reg_eventlog.c +++ b/source/registry/reg_eventlog.c @@ -190,6 +190,10 @@ BOOL eventlog_add_source( const char *eventlog, const char *sourcename, int i; int numsources; + if (!elogs) { + return False; + } + for ( i = 0; elogs[i]; i++ ) { if ( strequal( elogs[i], eventlog ) ) break; diff --git a/source/rpc_server/srv_eventlog_nt.c b/source/rpc_server/srv_eventlog_nt.c index 06842760154..e3d6fff2ab0 100644 --- a/source/rpc_server/srv_eventlog_nt.c +++ b/source/rpc_server/srv_eventlog_nt.c @@ -123,6 +123,10 @@ static BOOL elog_validate_logname( const char *name ) int i; const char **elogs = lp_eventlog_list(); + if (!elogs) { + return False; + } + for ( i=0; elogs[i]; i++ ) { if ( strequal( name, elogs[i] ) ) return True; diff --git a/source/smbd/files.c b/source/smbd/files.c index 23fd47671b8..9f3f72a4000 100644 --- a/source/smbd/files.c +++ b/source/smbd/files.c @@ -444,6 +444,9 @@ void file_free(files_struct *fsp) TALLOC_FREE(fsp->notify); } + /* Ensure this event will never fire. */ + TALLOC_FREE(fsp->oplock_timeout); + bitmap_clear(file_bmap, fsp->fnum - FILE_HANDLE_OFFSET); files_used--; diff --git a/source/smbd/oplock.c b/source/smbd/oplock.c index 423d6b3a999..54c949254ee 100644 --- a/source/smbd/oplock.c +++ b/source/smbd/oplock.c @@ -153,6 +153,8 @@ void release_file_oplock(files_struct *fsp) fsp->sent_oplock_break = NO_BREAK_SENT; flush_write_cache(fsp, OPLOCK_RELEASE_FLUSH); + + TALLOC_FREE(fsp->oplock_timeout); } /**************************************************************************** @@ -349,12 +351,8 @@ static void oplock_timeout_handler(struct event_context *ctx, { files_struct *fsp = (files_struct *)private_data; - /* Ensure we always remove this event. */ - if (fsp->oplock_timeout != NULL) { - /* Remove the timed event handler. */ - TALLOC_FREE(fsp->oplock_timeout); - fsp->oplock_timeout = NULL; - } + /* Remove the timed event handler. */ + TALLOC_FREE(fsp->oplock_timeout); DEBUG(0, ("Oplock break failed for file %s -- replying anyway\n", fsp->fsp_name)); global_client_failed_oplock_break = True; remove_oplock(fsp); -- cgit