Age | Commit message (Collapse) | Author | Files | Lines |
|
Attention:
The meaning of the -N flag changed.
To get the old meaning for net groupmap set, use the long option --ntname
The long option for using kerberos changed from --kerberos to --use-kerberos
net rpc commands will now prompt for a password if none is given.
As a benefit, net will now accept an authentication file like other samba
command line tools. So no need to specify the password on the command line in
scripts anymore.
This should fix bug #6357
Signed-off-by: Kai Blin <kai@samba.org>
|
|
|
|
Michael
|
|
Michael
|
|
One of leaks found by cppcheck:
[./source3/utils/log2pcaphex.c:367]: (error) Resource leak: out
|
|
File descriptor leaks only when we use file instead of stdout.
Found by cppcheck:
[./source3/torture/smbiconv.c:219]: (error) Resource leak: out
[./source4/torture/smbiconv.c:211]: (error) Resource leak: out
|
|
Guenther
|
|
With the current infrastructure, we should not return error on
duplicate mappings but just warn instead (because an error would
trigger the attempt to create yet another mapping).
Michael
|
|
With the current infrastructure, we should not return error on
duplicate mappings but just warn instead (because an error would
trigger the attempt to create yet another mapping).
Michael
|
|
This is now also verified with the RPC-SAMR-LARGE-DC test.
Guenther
|
|
This will fail for alias creation as nss_wrapper does not yet wrap around
libnss_winbind.
Guenther
|
|
Guenther
|
|
Guenther
|
|
|
|
Thanks,
Volker
|
|
In winbind, we do multiple events in one select round. This needs fixing, but
as long as we're still using it, for efficiency reasons we need to do that.
What can happen is the following: We have outgoing data pending for a client,
thus
state->fd_event.flags == EVENT_FD_WRITE
Now a new client comes in, we go through the list of clients to find an idle
one. The detection for idle clients in remove_idle_client does not take the
pending data into account. We close the socket that has pending outgoing data,
the accept(2) one syscall later gives us the same socket.
In new_connection(), we do a setup_async_read, setting up a read fde. The
select from before however had found the socket (that we had already closed!!)
to be writable. In rw_callback we only want to see a readable flag, and we
panic in the SMB_ASSERT(flags == EVENT_FD_READ).
Found using
bin/smbtorture //127.0.0.1/tmp -U% -N 500 -o 2 local-wbclient
Volker
|
|
|
|
This is better done with a tevent_req_set_endtime the caller should issue.
|
|
|
|
The _trigger fn must know about wbc_context, while we were waiting in the
queue the fd might have changed
|
|
|
|
|
|
A socket where the other side has closed only becomes readable. To catch
errors early when sitting in a pure writev, we need to also test for
readability.
|
|
directory name.
Jeremy.
|
|
(ERRDOS, EISDIR).
Jeremy.
|
|
metze
|
|
For now this only checks if the share is present or not.
metze
|
|
We only grand ids up to 0x0000000000FFFFFF,
because that's what our idtree implementation can handle.
But also 16777215 sessions on one tcp connection should be enough:-)
metze
|
|
This fixes a crash bug hit when multiple mappings were found by
the ldap search. This crash was caused by an ldap asssertion
in ldap_next_entry because was set to NULL in each iteration.
The corresponding fix was applied to the idmap_ldap_sids_to_unixids()
by Jerry in 2007 (b066668b74768d9ed547f16bf7b6ba6aea5df20a).
This fixes the crash part of bug #6387.
There is a logic part, too:
The problem currently only occurs when multiple mappings are found
for one given unixid. Now winbindd does not crash any more but
it does not correctly handle this situation. It just returns the
last mapping from the ldap search results.
This needs fixing.
Michael
|
|
metze
|
|
pointing this out.
Jeremy.
|
|
was a bug in ldb in 3.2 which could return a freed pointer on
ret != LDAP_SUCCESS. The main thing we must ensure is that we
never talloc_steal until we know LDAP_SUCCESS was returned.
Jeremy.
|
|
an ldb_search.
Jeremy.
|
|
Don't indirect a potentially null pointer.
Jeremy.
|
|
|
|
|
|
This should also fix the build on some hosts.
metze
|
|
Guenther
|
|
client might have already closed the socket
Signed-off-by: Bo Yang <boyang@samba.org>
|
|
trusted domains
Signed-off-by: Bo Yang <boyang@samba.org>
|
|
domain when krb5 auth is enabled
Signed-off-by: Bo Yang <boyang@samba.org>
|
|
Jeremy.
|
|
This is the first of a series of patches that change path based
operations to operate on a struct smb_filename instead of a char *.
This same concept already exists in source4.
My goals for this series of patches are to eventually:
1) Solve the stream vs. posix filename that contains a colon ambiguity
that currently exists.
2) Make unix_convert the only function that parses the stream name.
3) Clean up the unix_convert API.
4) Change all path based vfs operation to take a struct smb_filename.
5) Make is_ntfs_stream_name() a constant operation that can simply
check the state of struct smb_filename rather than re-parse the
filename.
6) Eliminate the need for split_ntfs_stream_name() to exist.
My strategy is to start from the inside at unix_convert() and work my
way out through the vfs layer, call by call. This first patch does
just that, by changing unix_convert and all of its callers to operate
on struct smb_filename. Since this is such a large change, I plan on
pushing the patches in phases, where each phase keeps full
compatibility and passes make test.
The API of unix_convert has been simplified from:
NTSTATUS unix_convert(TALLOC_CTX *ctx,
connection_struct *conn,
const char *orig_path,
bool allow_wcard_last_component,
char **pp_conv_path,
char **pp_saved_last_component,
SMB_STRUCT_STAT *pst)
to:
NTSTATUS unix_convert(TALLOC_CTX *ctx,
connection_struct *conn,
const char *orig_path,
struct smb_filename *smb_fname,
uint32_t ucf_flags)
Currently the smb_filename struct looks like:
struct smb_filename {
char *base_name;
char *stream_name;
char *original_lcomp;
SMB_STRUCT_STAT st;
};
One key point here is the decision to break up the base_name and
stream_name. I have introduced a helper function called
get_full_smb_filename() that takes an smb_filename struct and
allocates the full_name. I changed the callers of unix_convert() to
subsequently call get_full_smb_filename() for the time being, but I
plan to eventually eliminate get_full_smb_filename().
|
|
metze
|
|
metze
|
|
metze
|
|
metze
|
|
Some times we have to return a non-error response
with status != NT_STATUS_OK.
metze
|
|
MESSAGE_ID and SESSION_ID are both 64bit.
metze
|
|
the MS-LSA docs.
Jeremy.
|