IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
cli_request_send() is supposed to bundle all generic SMB-header handling. This
makes cli_request_new static to async_smb.c.
(This used to be commit 7e73dd4e7622db64d30d48ba106892e0895fc188)
This one fixes together with 2eaf4ed62 bug #5715 and CVE-2008-3789.
Thanks to Steve Langasek <vorlon@debian.org> for reporting!
Karolin
(cherry picked from commit b666d0a4b597218f5f5020bf36d80d84dcbf7259)
(This used to be commit 73f54df7fedc8f0db022f902100fd5eb1b629fb2)
This one fixes bug #5715 and CVE-2008-3789.
(cherry picked from commit a94f44c49f668fcf12f4566777a668043326bf97)
(This used to be commit 2eaf4ed62220246bcc1a9702166b0b4f381fdae3)
When MS introduces a new PAC type, we should just ignore it, not
generate a parse error. New PAC info structures are supposed to be
backwards compatible with old ones
(This used to be commit 2971b926c835412b02c93ad1e30f1471bc0a3612)
We need to become root for AIO read and write to allow the AIO thread
to send a completion signal to the parent process when the IO
completes
(This used to be commit c548e5c69f9d8bc85a654f4d29d64c735a5e780b)
See this test: http://samba.org/~tridge/junkcode/aio_uid.c
The problem is that setresuid() tries to be clever about threads, and
tries to change the euid of any threads that are running. If a AIO read
or write completes while this is going on then the signal from the thread
where the IO completed is lost, as it gets -1/EPERM from rt_sigqueueinfo()
The simplest fix is to try to use setreuid() instead of setresuid(),
as setreuid() doesn't try to be clever. Unfortunately this also means
we must use become_root()/unbecome_root() in the aio code.
(This used to be commit 56c5a6f024875bb79b0104beb36f6b0ec1e1e9f9)
This reverts commit 4ed73cbbbeff4b554cc8d28252b756241396b3a1.
... how did this end up here??
Volker
(This used to be commit 7dd9fd0956bd1c46105d1072c4774972933ab9ec)
Fix segv when talking to parent DC (joined to child domain).
The root cause was
(a) storing the parent domain in the cli_state struct caused
the NTLMSSP pipe bind to fail which made us fallover to
the schannel code path
(b) the dcinfo pointer in cm_get_schannel_dcinfo() was returning
NULL even though the function indicated success.
(This used to be commit 5ce4a2ae6697970ea37d0078a506615b4b7a9a9c)
When we added the ability for the kernel to send sec=mskrb5 to the
upcall, we subtly broke old cifs.upcall versions that don't understand
it. Bump the spnego message version to 2 to make this clear. Also,
change cifs.upcall to not reject requests with a version that's lower
than the current one, and to send the reply with the same version that
the request sent. The idea is to try and keep cifs.upcall backward
compatible with old kernels.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
(This used to be commit b868463015dedc684eb13d12118a98ccca71250a)
When building on linux, default to building cifs.upcall. Throw a
warning if ADS support is disabled or keyutils isn't installed.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
(This used to be commit d8018d15f013b8d7be8618b75dac5112711193b7)
cifs.upcall links to libraries that live under /usr, so installing it
in /sbin doesn't seem appropriate. Move it to EPREFIX/sbin instead
(i.e. /usr/sbin).
Signed-off-by: Jeff Layton <jlayton@redhat.com>
(This used to be commit 5c9a1b2c98cc712fc519225e62fba4e5088631a3)
When the kernel sends the upcall a sec=mskrb5 parameter, that means
the the MSKRB5 OID is preferred by the server. This patch fixes the
upcall to use that OID in place of the "normal" krb5 OID when it
gets a sec=mskrb5 parameter.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Acked-by: Steve French <smfrench@gmail.com>
(This used to be commit 6287e13b34efeaa8fd94c7c6d99468350ce6172e)
