summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2013-07-23s3-winbindd: support the DIR pragma for raw kerberos user pam authentication.Günther Deschner1-0/+23
It is currently only available in MIT. In addition, allow to define custom filepaths for FILE, WRFILE and DIR pragmas and substitute one occurence of the %u pattern. Guenther Signed-off-by: Günther Deschner <gd@samba.org> Pair-Programmed-With: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-07-23wbinfo: allow to define a custom krb5ccname for kerberized pam auth.Günther Deschner1-2/+4
Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-07-23s4-lib/socket: Allocate a the larger sockaddr_un and not just a sockaddr_in ↵Andrew Bartlett1-2/+2
in unixdom_get_peer_addr() This caused crashes in _tsocket_address_bsd_from_sockaddr() when we read past the end of the allocation. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-07-23smbd: Fix CID 1035536 Uninitialized pointer readVolker Lendecke1-1/+1
rpc_pipe_open_interface just returns okay if the pipe in question is already open. For this, it needs to read the value. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Jul 23 02:05:19 CEST 2013 on sn-devel-104
2013-07-22smbd: Fix CID 1035537 Uninitialized pointer readVolker Lendecke1-1/+1
rpc_pipe_open_interface just returns okay if the pipe in question is already open. For this, it needs to read the value. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-07-22smbd: Fix CID 1035538 Uninitialized pointer readVolker Lendecke1-1/+1
rpc_pipe_open_interface just returns okay if the pipe in question is already open. For this, it needs to read the value. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-07-22tdb: Fix CID 1034959 Uninitialized scalar variableVolker Lendecke1-1/+1
log_ctx.log_private was used uninitialized. Not a real bug here, as tdb_log does not access it, but tdb_open_ex still moves around uninitialized data. So this would show up in valgrind as well. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-07-22tdb: Fix CID 1034960 Uninitialized scalar variableVolker Lendecke1-1/+1
log_ctx.log_private was used uninitialized. Not a real bug here, as tdb_log does not access it, but tdb_open_ex still moves around uninitialized data. So this would show up in valgrind as well. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-07-22s3-waf: Rename regedit to samba-regedit.Andreas Schneider1-1/+1
This is needed cause wine already provides a binary with the name regedit. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10040 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Kai Blin <kai@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Mon Jul 22 14:12:38 CEST 2013 on sn-devel-104
2013-07-19s3-printing: avoid KRB5CCNAME overwrite in printer publishing (Bug #7444).Günther Deschner1-0/+13
Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Fri Jul 19 17:53:08 CEST 2013 on sn-devel-104
2013-07-19Add torture tests to raw.eas to check sending Windows invalid names in the ↵Jeremy Allison2-0/+115
middle of an EA list. Add torture tests to probe the set of invalid Windows EA names. Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing ":" Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri Jul 19 11:50:25 CEST 2013 on sn-devel-104
2013-07-19Reply with correct trans2 message on a setpathinfo with a bad EA name.Jeremy Allison1-1/+10
Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing ":" Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-07-19Ensure we do pathname processing before SD and EA processing in NTTRANS_CREATE.Jeremy Allison1-38/+38
Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing ":" Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-07-19Ensure we can't create a file using NTTRANS with an invalid EA list.Jeremy Allison1-0/+20
Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing ":" Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-07-19Ensure we can't create a file using TRANS2_OPEN with an invalid EA list.Jeremy Allison1-0/+14
Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing ":" Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-07-19Add error map of STATUS_INVALID_EA_NAME -> ERRDOS, ERRbadfileJeremy Allison1-0/+1
(from Windows2012 tests). Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing ":" Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-07-19Add the ability to send an NTSTATUS result back with a trans2 reply so we ↵Jeremy Allison3-14/+32
can return a parameter block with an error code. This is needed when returning a STATUS_INVALID_NAME result (tested from Windows 2012). Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing ":" Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-07-19Ensure we can't create a file using SMB2_CREATE with an invalid EA list.Jeremy Allison1-0/+5
Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing ":" Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-07-19Ensure we never return an EA name to a Windows client it can't handle.Jeremy Allison1-0/+9
Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing ":" Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-07-19Ensure set_ea cannot set invalid Windows EA names.Jeremy Allison1-0/+9
Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing ":" Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-07-19Add ea_list_has_invalid_name() function.Jeremy Allison2-0/+36
Invalid character list probed from Windows Server 2012. Bug 9992: Windows error 0x800700FE when copying files with xattr names containing ":" Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-07-18librpc: srvsvc.idl: define level 1005 share info flagsShekhar Amlekar1-2/+15
define level 1005 share info flags. Reviewed-by: Günther Deschner <gd@samba.org> Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Thu Jul 18 16:35:51 CEST 2013 on sn-devel-104
2013-07-18nsswitch: Don't enumerate all domains with wbinfo -u|-g.Andreas Schneider2-8/+23
By default wbinfo -u|-g should only enumerate the domain winbindd is joined to. The command can be harmfull if you have e.g. 30 domains and 700k users. Then the parent will collect all information and the oom-killer will kill winbind. As we still want to support it, you can enable it the old behaviour with wbinfo --domain='*' -u. This is a measure that sysadmins don't shoot themself. https://bugzilla.samba.org/show_bug.cgi?id=10034 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Günther Deschner <gd@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Thu Jul 18 11:54:58 CEST 2013 on sn-devel-104
2013-07-18Fix memory leak in error code path.Richard Sharpe1-0/+1
Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Jul 18 03:22:37 CEST 2013 on sn-devel-104
2013-07-17Fix bug 10025 - Lack of Sanity Checking in calls to malloc()/calloc().Bill Parker8-0/+77
In reviewing various files in Samba-4.0.7, I found a number of instances where malloc()/calloc() were called without the checking the return value for a value of NULL, which would indicate failure. (NB. The changes needed to ccan, iniparser, popt and heimdal will be reported upstream, not patched inside Samba). Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Simo Source <idra@samba.org>
2013-07-16s3: Remove old mode special substitution.Alexander Werth1-13/+2
The mode special substitution now happens in a separate function. The substitution at this point is unnecessary. Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Christian Ambach <ambi@samba.org> Autobuild-User(master): Christian Ambach <ambi@samba.org> Autobuild-Date(master): Tue Jul 16 00:52:26 CEST 2013 on sn-devel-104
2013-07-08s3:idmap_autorid: Add a NULL check in idmap_autorid_preallocate_wellknownVolker Lendecke1-0/+4
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Christian Ambach <ambi@samba.org>
2013-07-08s3:idmap_autorid: Don't zero in idmap_autorid_preallocate_wellknownVolker Lendecke1-1/+1
We initialize everything later anyway Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Christian Ambach <ambi@samba.org>
2013-07-08s3:idmap_autorid: Use ARRAY_SIZE where appropriateVolker Lendecke1-1/+1
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Christian Ambach <ambi@samba.org>
2013-07-15s3-winbind: Do not delete an existing valid credential cache.Andreas Schneider1-0/+8
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9994 Thanks to David Woodhouse <dwmw2@infradead.org>. Reviewed-by: Günther Deschner <gd@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Mon Jul 15 12:48:46 CEST 2013 on sn-devel-104
2013-07-11smbd: Fix a 100% loop at shutdown timeVolker Lendecke1-2/+5
In the destructor of fsp->aio_requests[0] we put another request into fsp->aio_requests[0]. Don't overwrite that with TALLOC_FREE. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Jul 11 20:56:42 CEST 2013 on sn-devel-104
2013-07-11srvsvc: Use a symbolic constant where we have oneVolker Lendecke1-1/+6
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-07-11ccan: Fix calling memset with zero length parameterVolker Lendecke1-1/+1
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Thu Jul 11 16:55:49 CEST 2013 on sn-devel-104
2013-07-11docs: Bump version in meta data up to 4.1.Karolin Seeger86-86/+86
Signed-off-by: Karolin Seeger <kseeger@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Thu Jul 11 02:53:34 CEST 2013 on sn-devel-104
2013-07-10s4:server: avoid calling into nss_winbind from within 'samba'Stefan Metzmacher2-0/+16
The most important part is that the 'winbind_server' doesn't recurse into itself. This could happen if the krb5 libraries call getlogin(). As we may run in single process mode, we need to set _NO_WINBINDD=1 everywhere, the only exception is the forked 'smbd'. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed Jul 10 23:18:06 CEST 2013 on sn-devel-104
2013-07-10Fix typos in man-pagesMichele Baldessari8-8/+8
Fix some typos in the man-pages. Signed-off-by: Michele Baldessari <michele@acksyn.org> Reviewed-by: Simo Sorce <idra@samba.org> Autobuild-User(master): Simo Sorce <idra@samba.org> Autobuild-Date(master): Wed Jul 10 16:45:07 CEST 2013 on sn-devel-104
2013-07-10s4:rpc_server: make sure we don't terminate a connection with pending ↵Stefan Metzmacher2-3/+60
requests (bug #9820) Sadly we may have nested event loops, which won't work correctly with broken connections, that's why we have to do this... Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed Jul 10 08:47:38 CEST 2013 on sn-devel-104
2013-07-10s4-winbindd: Do not terminate a connection that is still pending (bug #9820)Andrew Bartlett3-2/+64
Instead, wait until the call attempts to reply, and let it terminate then (often this happens in the attempt to then write to the broken pipe). Andrew Bartlett Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-07-10service_stream: Log if the connection termination is deferred or not (bug #9820)Andrew Bartlett1-1/+5
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-07-10s3-smbstatus: display [u|g]id of -1 as "-1" in connection listBjörn Baumbach1-4/+20
In order to avoid displayed uid or gid of "4294967295" instead of "-1", we need to fetch the special case -1. The id can be -1 if we are reading e.g. incomplete session information. Signed-off-by: Björn Baumbach <bb@sernet.de> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Jul 10 01:18:30 CEST 2013 on sn-devel-104
2013-07-09s3-lib: hide incomplete smbXsrv_tcon_global recordsStefan Metzmacher1-0/+13
Part of fix for bug #10003 Pair-programmed-with: Björn Baumbach <bb@sernet.de> Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Björn Baumbach <bb@sernet.de> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-07-09s3-lib: fix segf while reading incomplete session info (bug #10003)Björn Baumbach2-7/+17
Pair-programmed-with: Stefan Metzmacher <metze@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Björn Baumbach <bb@sernet.de> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-07-09waf: Build with RELRO if supported by the compiler.Andreas Schneider2-0/+20
Make sure we create binaries with full RELocation Read-Only support. See https://isisblogs.poly.edu/2011/06/01/relro-relocation-read-only/ for more details. The default is to check if the compiler supports RELRO and then enable it. Specifying '--with-relro' will make it mandatory and '--without-relro' will disable it. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-07-09smbd: Fix a profile problemVolker Lendecke5-27/+34
When trying to read a profile, under certain circumstances Windows tries to read with its machine account first. The profile previously written was stored with an ACL that only allows access for the user and not the machine. Windows should get an NT_STATUS_ACCESS_DENIED when using the machine account, making it retry with the user account (which would then succeed). Samba under these circumstances erroneously gives NT_STATUS_OBJECT_PATH_NOT_FOUND, which makes Windows give up and not retry. The reasons is the "dropbox" patch in unix_convert, turning EACCESS on the last path component to OBJECT_PATH_NOT_FOUND. This patch makes the dropbox behaviour only kick in when we are creating a file. I think this is an abstraction violation. unix_convert() should not have to know about the create_disposition, but given that we have pathname resolution separated from the core open code right now this is the best we can do. Signed-off-by: Volker Lendecke <Volker.Lendecke@SerNet.DE> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-07-09lib/param: sync debug related options with source3/paramStefan Metzmacher1-1/+17
The most important change is "debug hires timestamp = Yes" and "syslog = 1". Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Björn Jacke <bj@sernet.de> Autobuild-User(master): Björn Jacke <bj@sernet.de> Autobuild-Date(master): Tue Jul 9 17:15:15 CEST 2013 on sn-devel-104
2013-07-09lib/ldb-samba: only debug LDB_DEBUG_TRACE at level 10Stefan Metzmacher1-1/+1
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Björn Jacke <bj@sernet.de>
2013-07-09lib/ldb-samba: make use of DBGC_LDBStefan Metzmacher1-0/+2
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Björn Jacke <bj@sernet.de>
2013-07-09lib/util: add 'ldb' debug classStefan Metzmacher2-1/+3
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Björn Jacke <bj@sernet.de>
2013-07-08tevent: document tevent_req_create state zeroingDavid Disseldorp1-3/+3
Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Mon Jul 8 20:43:49 CEST 2013 on sn-devel-104
2013-07-08rpc_cli: Remove some unnecessary initializationsVolker Lendecke1-3/+0
tevent_req_create already initializes "state" to 0 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org> Autobuild-User(master): David Disseldorp <ddiss@samba.org> Autobuild-Date(master): Mon Jul 8 17:04:20 CEST 2013 on sn-devel-104