1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00
Commit Graph

85613 Commits

Author SHA1 Message Date
Andrew Bartlett
ca98d816cc dynconfig: Remove last s3 markers now we have just one build system
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Jul 24 16:29:15 CEST 2013 on sn-devel-104
2013-07-24 16:29:15 +02:00
Stefan Metzmacher
077dfd0a89 s4-lib/socket: Allocate a the larger sockaddr_un and not just a sockaddr_in in unixdom_get_my_addr()
This caused crashes in _tsocket_address_bsd_from_sockaddr() when we
read past the end of the allocation.

(similar to commit e9ae36e968)

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10042

Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Jul 24 14:37:43 CEST 2013 on sn-devel-104
2013-07-24 14:37:43 +02:00
Andreas Schneider
a7801db32a docs-xml: Remove obsolete swat manpage and references.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10041

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Kai Blin <kai@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Jul 24 12:42:29 CEST 2013 on sn-devel-104
2013-07-24 12:42:29 +02:00
Günther Deschner
9adfe82a17 pam_winbind: update documentation for "DIR" krb5ccname pragma.
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jul 24 02:43:10 CEST 2013 on sn-devel-104
2013-07-24 02:43:09 +02:00
Günther Deschner
7ad3a367d5 s3-winbindd: support the DIR pragma for raw kerberos user pam authentication.
It is currently only available in MIT. In addition, allow to define custom
filepaths for FILE, WRFILE and DIR pragmas and substitute one occurence of the
%u pattern.

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2013-07-23 15:39:29 -07:00
Günther Deschner
73e6feff9b wbinfo: allow to define a custom krb5ccname for kerberized pam auth.
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2013-07-23 15:39:14 -07:00
Andrew Bartlett
e9ae36e968 s4-lib/socket: Allocate a the larger sockaddr_un and not just a sockaddr_in in unixdom_get_peer_addr()
This caused crashes in _tsocket_address_bsd_from_sockaddr() when we
read past the end of the allocation.

Andrew Bartlett

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2013-07-23 15:35:08 -07:00
Volker Lendecke
fe06e1b0a3 smbd: Fix CID 1035536 Uninitialized pointer read
rpc_pipe_open_interface just returns okay if the pipe in question is
already open. For this, it needs to read the value.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jul 23 02:05:19 CEST 2013 on sn-devel-104
2013-07-23 02:05:16 +02:00
Volker Lendecke
d7da8dabaa smbd: Fix CID 1035537 Uninitialized pointer read
rpc_pipe_open_interface just returns okay if the pipe in question is
already open. For this, it needs to read the value.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2013-07-22 15:07:55 -07:00
Volker Lendecke
a1e0accc5f smbd: Fix CID 1035538 Uninitialized pointer read
rpc_pipe_open_interface just returns okay if the pipe in question is
already open. For this, it needs to read the value.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2013-07-22 15:07:37 -07:00
Volker Lendecke
a6a0d238b3 tdb: Fix CID 1034959 Uninitialized scalar variable
log_ctx.log_private was used uninitialized. Not a real bug here,
as tdb_log does not access it, but tdb_open_ex still moves around
uninitialized data. So this would show up in valgrind as well.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2013-07-22 15:07:21 -07:00
Volker Lendecke
f25449b00a tdb: Fix CID 1034960 Uninitialized scalar variable
log_ctx.log_private was used uninitialized. Not a real bug here,
as tdb_log does not access it, but tdb_open_ex still moves around
uninitialized data. So this would show up in valgrind as well.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2013-07-22 15:06:32 -07:00
Andreas Schneider
b5051111d2 s3-waf: Rename regedit to samba-regedit.
This is needed cause wine already provides a binary with the name
regedit.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=10040

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Kai Blin <kai@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Jul 22 14:12:38 CEST 2013 on sn-devel-104
2013-07-22 14:12:38 +02:00
Günther Deschner
44429f948b s3-printing: avoid KRB5CCNAME overwrite in printer publishing (Bug #7444).
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Fri Jul 19 17:53:08 CEST 2013 on sn-devel-104
2013-07-19 17:53:08 +02:00
Jeremy Allison
bb21fc51e4 Add torture tests to raw.eas to check sending Windows invalid names in the middle of an EA list.
Add torture tests to probe the set of invalid
Windows EA names.

Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing ":"

Signed-off-by: Jeremy Allison <jra@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jul 19 11:50:25 CEST 2013 on sn-devel-104
2013-07-19 11:50:25 +02:00
Jeremy Allison
5d54ac414f Reply with correct trans2 message on a setpathinfo with a bad EA name.
Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing ":"

Signed-off-by: Jeremy Allison <jra@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-07-19 17:52:47 +10:00
Jeremy Allison
b50b006ace Ensure we do pathname processing before SD and EA processing in NTTRANS_CREATE.
Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing ":"

Signed-off-by: Jeremy Allison <jra@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-07-19 17:52:45 +10:00
Jeremy Allison
4a43600705 Ensure we can't create a file using NTTRANS with an invalid EA list.
Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing ":"

Signed-off-by: Jeremy Allison <jra@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-07-19 17:52:44 +10:00
Jeremy Allison
66fb5eeb96 Ensure we can't create a file using TRANS2_OPEN with an invalid EA list.
Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing ":"

Signed-off-by: Jeremy Allison <jra@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-07-19 17:52:43 +10:00
Jeremy Allison
fe542fc170 Add error map of STATUS_INVALID_EA_NAME -> ERRDOS, ERRbadfile
(from Windows2012 tests).

Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing ":"

Signed-off-by: Jeremy Allison <jra@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-07-19 17:52:41 +10:00
Jeremy Allison
50a288cb6a Add the ability to send an NTSTATUS result back with a trans2 reply so we can return a parameter block with an error code.
This is needed when returning a STATUS_INVALID_NAME result (tested
from Windows 2012).

Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing ":"

Signed-off-by: Jeremy Allison <jra@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-07-19 17:52:39 +10:00
Jeremy Allison
21c92969b8 Ensure we can't create a file using SMB2_CREATE with an invalid EA list.
Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing ":"

Signed-off-by: Jeremy Allison <jra@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-07-19 17:52:38 +10:00
Jeremy Allison
66e7b15982 Ensure we never return an EA name to a Windows client it can't handle.
Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing ":"

Signed-off-by: Jeremy Allison <jra@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-07-19 17:52:36 +10:00
Jeremy Allison
f246d69b9e Ensure set_ea cannot set invalid Windows EA names.
Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing ":"

Signed-off-by: Jeremy Allison <jra@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-07-19 17:52:34 +10:00
Jeremy Allison
1766f9e387 Add ea_list_has_invalid_name() function.
Invalid character list probed from Windows Server 2012.

Bug 9992: Windows error 0x800700FE when copying files with xattr names containing ":"

Signed-off-by: Jeremy Allison <jra@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-07-19 17:52:32 +10:00
Shekhar Amlekar
51c68c28b2 librpc: srvsvc.idl: define level 1005 share info flags
define level 1005 share info flags.

Reviewed-by: Günther Deschner <gd@samba.org>

Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Thu Jul 18 16:35:51 CEST 2013 on sn-devel-104
2013-07-18 16:35:51 +02:00
Andreas Schneider
33bce26fcf nsswitch: Don't enumerate all domains with wbinfo -u|-g.
By default wbinfo -u|-g should only enumerate the domain winbindd is
joined to. The command can be harmfull if you have e.g. 30 domains and
700k users. Then the parent will collect all information and the
oom-killer will kill winbind. As we still want to support it, you can
enable it the old behaviour with wbinfo --domain='*' -u. This is
a measure that sysadmins don't shoot themself.

https://bugzilla.samba.org/show_bug.cgi?id=10034

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Jul 18 11:54:58 CEST 2013 on sn-devel-104
2013-07-18 11:54:56 +02:00
Richard Sharpe
7420574c74 Fix memory leak in error code path.
Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jul 18 03:22:37 CEST 2013 on sn-devel-104
2013-07-18 03:22:37 +02:00
Bill Parker
9b58da9866 Fix bug 10025 - Lack of Sanity Checking in calls to malloc()/calloc().
In reviewing various files in Samba-4.0.7, I found a number
of instances where malloc()/calloc() were called without the
checking the return value for a value of NULL, which would
indicate failure.

(NB. The changes needed to ccan, iniparser, popt and heimdal
will be reported upstream, not patched inside Samba).

Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Simo Source <idra@samba.org>
2013-07-17 16:12:19 -07:00
Alexander Werth
9b2aa351ce s3: Remove old mode special substitution.
The mode special substitution now happens in a separate function.
The substitution at this point is unnecessary.

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>

Autobuild-User(master): Christian Ambach <ambi@samba.org>
Autobuild-Date(master): Tue Jul 16 00:52:26 CEST 2013 on sn-devel-104
2013-07-16 00:52:26 +02:00
Volker Lendecke
4a9e5d2474 s3:idmap_autorid: Add a NULL check in idmap_autorid_preallocate_wellknown
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
2013-07-08 06:00:42 +02:00
Volker Lendecke
ca9068189e s3:idmap_autorid: Don't zero in idmap_autorid_preallocate_wellknown
We initialize everything later anyway

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
2013-07-08 06:00:34 +02:00
Volker Lendecke
a061b6fe43 s3:idmap_autorid: Use ARRAY_SIZE where appropriate
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
2013-07-08 05:59:54 +02:00
Andreas Schneider
0529b59fbe s3-winbind: Do not delete an existing valid credential cache.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9994

Thanks to David Woodhouse <dwmw2@infradead.org>.

Reviewed-by: Günther Deschner <gd@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Jul 15 12:48:46 CEST 2013 on sn-devel-104
2013-07-15 12:48:46 +02:00
Volker Lendecke
940395d38b smbd: Fix a 100% loop at shutdown time
In the destructor of fsp->aio_requests[0] we put another request into
fsp->aio_requests[0]. Don't overwrite that with TALLOC_FREE.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jul 11 20:56:42 CEST 2013 on sn-devel-104
2013-07-11 20:56:42 +02:00
Volker Lendecke
02ff6ab5e7 srvsvc: Use a symbolic constant where we have one
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2013-07-11 10:02:36 -07:00
Volker Lendecke
f387d9a352 ccan: Fix calling memset with zero length parameter
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Jul 11 16:55:49 CEST 2013 on sn-devel-104
2013-07-11 16:55:48 +02:00
Karolin Seeger
6ac6bf9c8c docs: Bump version in meta data up to 4.1.
Signed-off-by: Karolin Seeger <kseeger@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Jul 11 02:53:34 CEST 2013 on sn-devel-104
2013-07-11 02:53:34 +02:00
Stefan Metzmacher
596b51c666 s4:server: avoid calling into nss_winbind from within 'samba'
The most important part is that the 'winbind_server' doesn't
recurse into itself. This could happen if the krb5 libraries
call getlogin().

As we may run in single process mode, we need to set
_NO_WINBINDD=1 everywhere, the only exception is the forked
'smbd'.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Jul 10 23:18:06 CEST 2013 on sn-devel-104
2013-07-10 23:18:06 +02:00
Michele Baldessari
1573638212 Fix typos in man-pages
Fix some typos in the man-pages.

Signed-off-by: Michele Baldessari <michele@acksyn.org>
Reviewed-by: Simo Sorce <idra@samba.org>

Autobuild-User(master): Simo Sorce <idra@samba.org>
Autobuild-Date(master): Wed Jul 10 16:45:07 CEST 2013 on sn-devel-104
2013-07-10 16:45:07 +02:00
Stefan Metzmacher
e6a58d3704 s4:rpc_server: make sure we don't terminate a connection with pending requests (bug #9820)
Sadly we may have nested event loops, which won't work correctly with
broken connections, that's why we have to do this...

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Jul 10 08:47:38 CEST 2013 on sn-devel-104
2013-07-10 08:47:38 +02:00
Andrew Bartlett
2505d48e4f s4-winbindd: Do not terminate a connection that is still pending (bug #9820)
Instead, wait until the call attempts to reply, and let it terminate then

(often this happens in the attempt to then write to the broken pipe).

Andrew Bartlett

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-07-10 06:57:06 +02:00
Andrew Bartlett
df929d6feb service_stream: Log if the connection termination is deferred or not (bug #9820)
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-07-10 06:57:06 +02:00
Björn Baumbach
577cef82c7 s3-smbstatus: display [u|g]id of -1 as "-1" in connection list
In order to avoid displayed uid or gid of "4294967295" instead of "-1", we
need to fetch the special case -1.
The id can be -1 if we are reading e.g. incomplete session information.

Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jul 10 01:18:30 CEST 2013 on sn-devel-104
2013-07-10 01:18:30 +02:00
Stefan Metzmacher
c52e61f7ba s3-lib: hide incomplete smbXsrv_tcon_global records
Part of fix for bug #10003

Pair-programmed-with: Björn Baumbach <bb@sernet.de>

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Jeremy Allison <jra@samba.org>
2013-07-09 14:20:08 -07:00
Björn Baumbach
53aa069b97 s3-lib: fix segf while reading incomplete session info (bug #10003)
Pair-programmed-with: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Jeremy Allison <jra@samba.org>
2013-07-09 14:19:51 -07:00
Andreas Schneider
191e6b9441 waf: Build with RELRO if supported by the compiler.
Make sure we create binaries with full RELocation Read-Only support. See
https://isisblogs.poly.edu/2011/06/01/relro-relocation-read-only/
for more details.

The default is to check if the compiler supports RELRO and then enable
it. Specifying '--with-relro' will make it mandatory and
'--without-relro' will disable it.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2013-07-09 13:00:37 -07:00
Volker Lendecke
aef8aad638 smbd: Fix a profile problem
When trying to read a profile, under certain circumstances Windows tries
to read with its machine account first. The profile previously written
was stored with an ACL that only allows access for the user and not
the machine. Windows should get an NT_STATUS_ACCESS_DENIED when using
the machine account, making it retry with the user account (which would
then succeed).

Samba under these circumstances erroneously gives
NT_STATUS_OBJECT_PATH_NOT_FOUND, which makes Windows give up and not
retry. The reasons is the "dropbox" patch in unix_convert, turning EACCESS
on the last path component to OBJECT_PATH_NOT_FOUND. This patch makes
the dropbox behaviour only kick in when we are creating a file. I think
this is an abstraction violation. unix_convert() should not have to know
about the create_disposition, but given that we have pathname resolution
separated from the core open code right now this is the best we can do.

Signed-off-by: Volker Lendecke <Volker.Lendecke@SerNet.DE>
Reviewed-by: Jeremy Allison <jra@samba.org>
2013-07-09 12:22:00 -07:00
Stefan Metzmacher
cd36a3e902 lib/param: sync debug related options with source3/param
The most important change is "debug hires timestamp = Yes"
and "syslog = 1".

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Björn Jacke <bj@sernet.de>

Autobuild-User(master): Björn Jacke <bj@sernet.de>
Autobuild-Date(master): Tue Jul  9 17:15:15 CEST 2013 on sn-devel-104
2013-07-09 17:15:15 +02:00
Stefan Metzmacher
5f93822ede lib/ldb-samba: only debug LDB_DEBUG_TRACE at level 10
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Björn Jacke <bj@sernet.de>
2013-07-09 15:19:23 +02:00