The branch, master has been updated via 64eba0a BUG 9633: Recursive mget should continue on EPERM. via 62e6ea4 s3-rpc_server: Fix password encoding in _netr_ServerGetTrustInfo(). via 823a25f s3-rpc_server: Dont wipe out ref pointers in _netr_ServerGetTrustInfo(). from ff496ef autoconf: rename pdb_ldap module to pdb_ldapsam
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 64eba0a8421bf4648f79085dd23b3e55d5a322df Author: David Disseldorp <dd...@samba.org> Date: Mon Feb 4 19:04:39 2013 +0100 BUG 9633: Recursive mget should continue on EPERM. Regression introduced by 14ff2e8de9bd8d0064762234555260f5eea643fe. When downloading files recursively, smbclient halts if it encounters a folder to which it does not have permission to traverse. Reviewed-by: Andreas Schneider <a...@samba.org> Autobuild-User(master): Andreas Schneider <a...@cryptomilk.org> Autobuild-Date(master): Thu Feb 7 15:50:36 CET 2013 on sn-devel-104 commit 62e6ea408a20197420eadb133df6ba233c7874b4 Author: Sumit Bose <sb...@redhat.com> Date: Mon Feb 4 13:15:18 2013 +0100 s3-rpc_server: Fix password encoding in _netr_ServerGetTrustInfo(). Reviewed-by: Günther Deschner <g...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 823a25f6a47c311ab33874be8a889ffbaf8db527 Author: Günther Deschner <g...@samba.org> Date: Tue Dec 11 09:29:37 2012 +0100 s3-rpc_server: Dont wipe out ref pointers in _netr_ServerGetTrustInfo(). Guenther Signed-off-by: Günther Deschner <g...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> ----------------------------------------------------------------------- Summary of changes: source3/client/client.c | 13 +++++++- source3/rpc_server/netlogon/srv_netlog_nt.c | 39 ++++++++------------------ 2 files changed, 23 insertions(+), 29 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/client/client.c b/source3/client/client.c index 6aed9d3..8038021 100644 --- a/source3/client/client.c +++ b/source3/client/client.c @@ -1321,8 +1321,17 @@ static NTSTATUS do_mget(struct cli_state *cli_state, struct file_info *finfo, return NT_STATUS_NO_MEMORY; } - status = do_list(mget_mask, FILE_ATTRIBUTE_SYSTEM | FILE_ATTRIBUTE_HIDDEN | FILE_ATTRIBUTE_DIRECTORY,do_mget,false, true); - if (!NT_STATUS_IS_OK(status)) { + status = do_list(mget_mask, + (FILE_ATTRIBUTE_SYSTEM + | FILE_ATTRIBUTE_HIDDEN + | FILE_ATTRIBUTE_DIRECTORY), + do_mget, false, true); + if (!NT_STATUS_IS_OK(status) + && !NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) { + /* + * Ignore access denied errors to ensure all permitted files are + * pulled down. + */ return status; } diff --git a/source3/rpc_server/netlogon/srv_netlog_nt.c b/source3/rpc_server/netlogon/srv_netlog_nt.c index cfd91c2..a355dd1 100644 --- a/source3/rpc_server/netlogon/srv_netlog_nt.c +++ b/source3/rpc_server/netlogon/srv_netlog_nt.c @@ -2429,29 +2429,27 @@ static NTSTATUS get_password_from_trustAuth(TALLOC_CTX *mem_ctx, return NT_STATUS_UNSUCCESSFUL; } - if (trustAuth.count != 0 && trustAuth.current.count != 0 && trustAuth.current.array[0].AuthType == TRUST_AUTH_TYPE_CLEAR) { - mdfour(previous_pw_enc->hash, + mdfour(current_pw_enc->hash, trustAuth.current.array[0].AuthInfo.clear.password, trustAuth.current.array[0].AuthInfo.clear.size); + netlogon_creds_des_encrypt(creds, current_pw_enc); } else { return NT_STATUS_UNSUCCESSFUL; } - netlogon_creds_des_encrypt(creds, current_pw_enc); if (trustAuth.previous.count != 0 && trustAuth.previous.array[0].AuthType == TRUST_AUTH_TYPE_CLEAR) { mdfour(previous_pw_enc->hash, trustAuth.previous.array[0].AuthInfo.clear.password, trustAuth.previous.array[0].AuthInfo.clear.size); + netlogon_creds_des_encrypt(creds, previous_pw_enc); } else { - mdfour(previous_pw_enc->hash, NULL, 0); + ZERO_STRUCTP(previous_pw_enc); } - netlogon_creds_des_encrypt(creds, previous_pw_enc); - return NT_STATUS_OK; } @@ -2469,9 +2467,6 @@ NTSTATUS _netr_ServerGetTrustInfo(struct pipes_struct *p, bool trusted; struct netr_TrustInfo *trust_info; struct pdb_trusted_domain *td; - DATA_BLOB trustAuth_blob; - struct samr_Password *new_owf_enc; - struct samr_Password *old_owf_enc; struct loadparm_context *lp_ctx; lp_ctx = loadparm_init_s3(p->mem_ctx, loadparm_s3_helpers()); @@ -2545,34 +2540,24 @@ NTSTATUS _netr_ServerGetTrustInfo(struct pipes_struct *p, *r->out.trust_info = trust_info; } - new_owf_enc = talloc_zero(p->mem_ctx, struct samr_Password); - old_owf_enc = talloc_zero(p->mem_ctx, struct samr_Password); - if (new_owf_enc == NULL || old_owf_enc == NULL) { - return NT_STATUS_NO_MEMORY; - } - -/* TODO: which trustAuth shall we use if we have in/out trust or do they have to - * be equal ? */ - if (td->trust_direction & NETR_TRUST_FLAG_INBOUND) { - trustAuth_blob = td->trust_auth_incoming; - } else if (td->trust_direction & NETR_TRUST_FLAG_OUTBOUND) { - trustAuth_blob = td->trust_auth_outgoing; + if (td->trust_auth_incoming.data == NULL) { + return NT_STATUS_INVALID_PARAMETER; } - status = get_password_from_trustAuth(p->mem_ctx, &trustAuth_blob, + status = get_password_from_trustAuth(p->mem_ctx, + &td->trust_auth_incoming, creds, - new_owf_enc, old_owf_enc); + r->out.new_owf_password, + r->out.old_owf_password); if (!NT_STATUS_IS_OK(status)) { return status; } - r->out.new_owf_password = new_owf_enc; - r->out.old_owf_password = old_owf_enc; } else { /* TODO: look for machine password */ - r->out.new_owf_password = NULL; - r->out.old_owf_password = NULL; + ZERO_STRUCTP(r->out.new_owf_password); + ZERO_STRUCTP(r->out.old_owf_password); return NT_STATUS_NOT_IMPLEMENTED; } -- Samba Shared Repository