Age | Commit message (Collapse) | Author | Files | Lines |
|
We need to raise an exception so we need to set the rng_fault_state for
epm_Insert and epm_Delete if someone connects over a transport other
than NCALRPC.
Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Thu Sep 1 15:59:50 CEST 2011 on sn-devel-104
|
|
The configuration should only use the default pipe name to configure all
of them correctly.
|
|
reply stream.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Aug 31 21:18:11 CEST 2011 on sn-devel-104
|
|
out-of-order when processing a compound request. (cherry picked from commit 19db1c98c6ba3cb5e883e16e865c44900ce17444)
|
|
metze
(cherry picked from commit cda93f04eb4e7e975b192a5fd33275ec638140ac)
|
|
subsystem.
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Wed Aug 31 19:48:39 CEST 2011 on sn-devel-104
|
|
Guenther
|
|
Guenther
|
|
If a smb1 negprot negotiated smb2 we forked the echo responder. This will
eventually lead to a panic from
[2011/08/30 10:33:29.212578, 0, pid=3846917] smbd/smb2_server.c:243(smbd_smb2_request_create)
Invalid SMB packet: first request: 0x0009
because from the echo responder we always read using the normal smb1 protocol
handling routine. If that is a bit down the smb2 stream, we get a non-negprot
packet and panic.
BTW, the echo responder is not required for smb2 anyway, Microsoft confirmed
that it probes the server liveness using TCP keepalives and not smb2 echo
requests.
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Wed Aug 31 17:58:48 CEST 2011 on sn-devel-104
|
|
We need more testing in the real world. We need to be sure that if a
Windows client can access port 135 it doesn't require that a service is
available via ncacn_ip_tcp. If possible please enable it using the
following smb.conf options for testing:
rpc_daemon:epmd = fork
rpc_server:epmapper = external
Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Wed Aug 31 16:29:20 CEST 2011 on sn-devel-104
|
|
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Wed Aug 31 14:27:31 CEST 2011 on sn-devel-104
|
|
Guenther
|
|
Guenther
|
|
The following LSA calls are added:
- _lsa_SetInformationTrustedDomain()
- _lsa_SetTrustedDomainInfo()
-_lsa_SetTrustedDomainInfoByName()
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
use expected 'init_samba_module' name for initializer function
Autobuild-User: Christian Ambach <ambi@samba.org>
Autobuild-Date: Wed Aug 31 11:22:26 CEST 2011 on sn-devel-104
|
|
and not ServerLogon
|
|
|
|
http://support.microsoft.com/kb/243330/en-us says the name is
"This organization", but Windows 2008 says IUSR
Picking the Windows 2008 variant as 'This Organization' would
be duplicate to S-1-5-15
|
|
add S-1-3-2/Creator Owner Server, S-1-3-3/Creator Group Server and
S-1-3-4/Owner Rights to the well-known SID list
|
|
Distributed COM Users, Cryptographic Operators, Event Log Readers
and Certificate Service DCOM Access were missing from the BUILTIN
well-known SID list
|
|
tdb2 doesn't expost tdb_jenkins_hash; go straight to the source in
ccan/hash.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
|
|
metze
|
|
It's only needed in the client library.
metze
|
|
According to [MS-SMB2] 3.3.5.9.7
(http://msdn.microsoft.com/en-us/library/cc246784%28v=PROT.13%29.aspx),
smbd must reply with NT_STATUS_OBJECT_NAME_NOT_FOUND as it does not
support durable file-handles yet.
I have seen w2k8r2 running xcopy /C ending up in an endless loop
trying to get back the original file handle from smbd sending the same
requests over and over.
Metze, Jeremy, please check!
Signed-off-by: Jeremy Allison <jra@samba.org>
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Tue Aug 30 22:20:36 CEST 2011 on sn-devel-104
|
|
We always have a valid session info and if it is a anonymous connection
we have a session info of the guest user. This means we should always
call become_authenticated_pipe_user() else and anonymous user could do
things as root.
Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Tue Aug 30 20:50:54 CEST 2011 on sn-devel-104
|
|
Rusty, please suggest a proper fix for this.
Thanks,
Volker Lendecke
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Tue Aug 30 19:16:14 CEST 2011 on sn-devel-104
|
|
Samba share with SMB2.
|
|
Missing assignment means this loop will never terminate. Need to be applied
to 3.5.x and 3.6.1.
|
|
|
|
(copy and paste from eventlog?)
Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Mon Aug 29 15:30:33 CEST 2011 on sn-devel-104
|
|
The create_pipe_sock() function should only create the socket as the
name states and not start to listen on it too. We should start to listen
on in the individual places as we need different backlog values.
Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Mon Aug 29 13:21:43 CEST 2011 on sn-devel-104
|
|
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Sun Aug 28 20:29:01 CEST 2011 on sn-devel-104
|
|
metze
|
|
metze
|
|
metze
|
|
metze
|
|
This fixes a race condition that leads to the winbindd_children list becoming
corrupted. It happens when on a busy winbind SIGCHLD is a bit late.
Imagine a winbind with multiple requests in the queue for a single child. Child
dies, and before the SIGCHLD handler is called we find the socket to be dead.
wb_child_request_done is called, receiving an error from wb_simple_trans_recv.
It closes the socket. Then immediately the wb_child_request_trigger will do
another fork_domain_child before the signal handler is called. This means that
we do another fork_domain_child, we have child->sock==-1 at this point.
fork_domain_child will do a DLIST_ADD(winbindd_children, child) a second time
where the child is already part of that list. This corrupts the list. Then the
signal handler kicks in, spinning in
for (child = winbindd_children; child != NULL; child = child->next) {
forever. Not good. This patch makes sure that both conditions (sock==-1 and not
part of the list) for a winbindd_child struct match up.
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Fri Aug 26 18:51:24 CEST 2011 on sn-devel-104
|
|
|
|
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
Counterpart for last checkin. A lot less likely, but not impossible in a child.
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Fri Aug 26 13:14:27 CEST 2011 on sn-devel-104
|
|
I've seen
[2011/08/26 01:44:10.872057, 1] winbindd/winbindd_dual.c:1336(fork_domain_child)
fork_domain_child: Could not read child status: nread=-1, error=Interrupted system call
on a customer box. Not good.
|
|
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|