The branch, v4-1-test has been updated
via 9329307 spoolss: purge the printer name cache on name change
via 1cd5d85 s3: libsmbclient: After getting attribute server, ensure
main srv pointer is still valid.
from 05284b8 s3: Fix fsctl_validate_neg_info to pass MS compliance suite.
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-1-test
- Log -----------------------------------------------------------------
commit 93293071824169944944650a859d832af9d2303b
Author: David Disseldorp <dd...@samba.org>
Date: Wed Apr 1 01:03:13 2015 +0200
spoolss: purge the printer name cache on name change
Currently the name cache is only cleared on printer deletion. This means
that if a printer undergoes a name change, the old name remains in the
cache and can be subsequently used incorrecly if another printer takes
the same name as the old.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11210
Reported-by: Franz Pförtsch <franz.pfoert...@brose.com>
Signed-off-by: David Disseldorp <dd...@samba.org>
Reviewed-by: Jeremy Allison <j...@samba.org>
Autobuild-User(master): Jeremy Allison <j...@samba.org>
Autobuild-Date(master): Tue Apr 14 05:37:50 CEST 2015 on sn-devel-104
(cherry picked from commit a97507a9a7ba01beead6a621e1210618e93a9f9c)
Autobuild-User(v4-1-test): Karolin Seeger <ksee...@samba.org>
Autobuild-Date(v4-1-test): Tue Apr 21 02:16:00 CEST 2015 on sn-devel-104
commit 1cd5d85cad2f2f29a5f9d2b4decd538db4e0e1d6
Author: Jeremy Allison <j...@samba.org>
Date: Tue Mar 31 14:40:23 2015 -0700
s3: libsmbclient: After getting attribute server, ensure main srv pointer
is still valid.
Bug #11186: Crash seen in libsmbclient due to free of server structure
during SMBC_getxattr() call
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11186
Signed-off-by: Jeremy Allison <j...@samba.org>
Reviewed-by: David Disseldorp <dd...@samba.org>
Autobuild-User(master): David Disseldorp <dd...@samba.org>
Autobuild-Date(master): Tue Apr 14 02:58:43 CEST 2015 on sn-devel-104
(cherry picked from commit 2d4db4a65e1e8924470741378fe249f22196eceb)
-----------------------------------------------------------------------
Summary of changes:
source3/libsmb/libsmb_xattr.c | 41 +++++++++++++++++++++++++++++
source3/rpc_server/spoolss/srv_spoolss_nt.c | 6 +++++
2 files changed, 47 insertions(+)
Changeset truncated at 500 lines:
diff --git a/source3/libsmb/libsmb_xattr.c b/source3/libsmb/libsmb_xattr.c
index 8e6590a..edc62f3 100644
--- a/source3/libsmb/libsmb_xattr.c
+++ b/source3/libsmb/libsmb_xattr.c
@@ -2072,6 +2072,25 @@ SMBC_getxattr_ctx(SMBCCTX *context,
if (! srv->no_nt_session) {
ipc_srv = SMBC_attr_server(frame, context, server, port, share,
&workgroup, &user, &password);
+ /*
+ * SMBC_attr_server() can cause the original
+ * server to be removed from the cache.
+ * If so we must error out here as the srv
+ * pointer has been freed.
+ */
+ if (smbc_getFunctionGetCachedServer(context)(context,
+ server,
+ share,
+ workgroup,
+ user) != srv) {
+#if defined(ECONNRESET)
+ errno = ECONNRESET;
+#else
+ errno = ETIMEDOUT;
+#endif
+ TALLOC_FREE(frame);
+ return -1;
+ }
if (! ipc_srv) {
srv->no_nt_session = True;
}
@@ -2207,9 +2226,31 @@ SMBC_removexattr_ctx(SMBCCTX *context,
}
if (! srv->no_nt_session) {
+ int saved_errno;
ipc_srv = SMBC_attr_server(frame, context, server, port, share,
&workgroup, &user, &password);
+ saved_errno = errno;
+ /*
+ * SMBC_attr_server() can cause the original
+ * server to be removed from the cache.
+ * If so we must error out here as the srv
+ * pointer has been freed.
+ */
+ if (smbc_getFunctionGetCachedServer(context)(context,
+ server,
+ share,
+ workgroup,
+ user) != srv) {
+#if defined(ECONNRESET)
+ errno = ECONNRESET;
+#else
+ errno = ETIMEDOUT;
+#endif
+ TALLOC_FREE(frame);
+ return -1;
+ }
if (! ipc_srv) {
+ errno = saved_errno;
srv->no_nt_session = True;
}
} else {
diff --git a/source3/rpc_server/spoolss/srv_spoolss_nt.c
b/source3/rpc_server/spoolss/srv_spoolss_nt.c
index 34f0b57..42caff1 100644
--- a/source3/rpc_server/spoolss/srv_spoolss_nt.c
+++ b/source3/rpc_server/spoolss/srv_spoolss_nt.c
@@ -6472,6 +6472,9 @@ static WERROR update_dsspooler(TALLOC_CTX *mem_ctx,
snum, printer->sharename ?
printer->sharename : "");
}
+
+ /* name change, purge any cache entries for the old */
+ prune_printername_cache();
}
if (printer->printername != NULL &&
@@ -6508,6 +6511,9 @@ static WERROR update_dsspooler(TALLOC_CTX *mem_ctx,
notify_printer_printername(server_event_context(),
msg_ctx, snum, p ? p : "");
}
+
+ /* name change, purge any cache entries for the old */
+ prune_printername_cache();
}
if (printer->portname != NULL &&
--
Samba Shared Repository
