[Samba] Recycle VFS
Hi all, I have googled the below two questions for days now and still am missing something. So my question is: 1. How do you set the recycle bin so that users cant accidentally delete it 2. Can you map all recycle-bins to a central share called [trash]? I have tried this but it results in root only privileges to the share. -- Regards, Trent -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba+LDAP Group mapping
Hi, I'm running into weird problems after switching from tdbsam to ldapsam user backend. I have transferred all local unix and samba groups with the sambaldap-tools scripts. The 'net groupmap list' command prints all group mappings correctly, and I also can use all the groups present in LDAP for setting local file ownerships. However these groups don't appear in the windows security setting dialogues (e.g. for setting file permissions or matching local groups with domain groups). All I get is a list of users. Even the built-in groups like 'Domain Administrators', 'Replicator Operators', ... are missing. I'm running the current Debian stable samba and open ldap. Cheers Maroš LDIF from ldap (just one group as an example): dn: cn=Domain Admins, ou=Groups, dc=hui, dc=net sambaSID: S-1-5-xx-xx-xx-x-512 gidNumber: 512 memberUid: administrator displayName: Domain Admins sambaGroupType: 2 description: Netbios Domain Administrators objectClass: posixGroup objectClass: sambaGroupMapping cn: Domain Admins The relevant parts of the smb.conf: [global] workgroup = HUINET domain logons = Yes [..] obey pam restrictions = Yes null passwords = no [..] passwd program = /usr/sbin/smbldap-passwd %u passwd chat = ldap password sync = yes passdb backend = ldapsam:ldap://127.0.0.1/ ldap admin dn = cn=samba,ou=DSA,dc=hui,dc=net ldap suffix = dc=hui,dc=net ldap group suffix = ou=Groups ldap user suffix = ou=Users ldap idmap suffix = ou=Idmap ldap machine suffix = ou=Computers add machine script = /usr/sbin/smbldap-useradd -w %u add user script = /usr/sbin/smbldap-useradd -m %u ldap delete dn = no delete user script = /usr/sbin/smbldap-userdel %u delete user script = /usr/sbin/smbldap-groupdel %g add user to group script = /usr/sbin/smbldap-groupmod -m %u %g delete user from group script = /usr/sbin/smbldap-groupmod -x %u %g set primary group script = /usr/sbin/smbldap-usermod -g %g %u -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba+LDAP Group mapping
Hi, I had the same problem and solved it for me yesterday. I downloaded the samba.schema file from the original samba version 3.0.24 available from samba.org and copied it to /etc/ldap/schema/samba.schema, restartet sladp. Now I am able to find the groups within the windows security setting dialog and with the net rpc group command. Best regards, Markus Bajones Hi, I'm running into weird problems after switching from tdbsam to ldapsam user backend. I have transferred all local unix and samba groups with the sambaldap-tools scripts. The 'net groupmap list' command prints all group mappings correctly, and I also can use all the groups present in LDAP for setting local file ownerships. However these groups don't appear in the windows security setting dialogues (e.g. for setting file permissions or matching local groups with domain groups). All I get is a list of users. Even the built-in groups like 'Domain Administrators', 'Replicator Operators', ... are missing. I'm running the current Debian stable samba and open ldap. Cheers Maro¨ LDIF from ldap (just one group as an example): dn: cn=Domain Admins, ou=Groups, dc=hui, dc=net sambaSID: S-1-5-xx-xx-xx-x-512 gidNumber: 512 memberUid: administrator displayName: Domain Admins sambaGroupType: 2 description: Netbios Domain Administrators objectClass: posixGroup objectClass: sambaGroupMapping cn: Domain Admins The relevant parts of the smb.conf: [global] workgroup = HUINET domain logons = Yes [..] obey pam restrictions = Yes null passwords = no [..] passwd program = /usr/sbin/smbldap-passwd %u passwd chat = ldap password sync = yes passdb backend = ldapsam:ldap://127.0.0.1/ ldap admin dn = cn=samba,ou=DSA,dc=hui,dc=net ldap suffix = dc=hui,dc=net ldap group suffix = ou=Groups ldap user suffix = ou=Users ldap idmap suffix = ou=Idmap ldap machine suffix = ou=Computers add machine script = /usr/sbin/smbldap-useradd -w %u add user script = /usr/sbin/smbldap-useradd -m %u ldap delete dn = no delete user script = /usr/sbin/smbldap-userdel %u delete user script = /usr/sbin/smbldap-groupdel %g add user to group script = /usr/sbin/smbldap-groupmod -m %u %g delete user from group script = /usr/sbin/smbldap-groupmod -x %u %g set primary group script = /usr/sbin/smbldap-usermod -g %g %u -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] password authentication stops but can be restarted
I have several Sun Solaris systems that share directories via SAMBA. After some period (I think 30 days, which the password expiration period) the authentication stops with the following messages (all names changed to protect the guilty): li_rpc_pipe_open_schannel: failed to get schannel session key from server W3K_SERVER for domain DOMAINX. connect_to_domain_password_server: unable to open the domain client session to machine W3K_SERVER. Error was : NT_STATUS_ACCESS_DENIED. After successfully running the 'net join' command every thing works fine for another 30 days. My smb.conf and smb.users are: smb.conf [global] security = domain workgroup = DOMAINX netbios name = sun-system-y password server = W3K_SERVER domain master = no local master = no preferred master = no username map = /etc/sfw/smb.users [homes] writeable = yes valid users = +sysadmin wide links = no [app] path = /var/data_path writeable = yes valid users = app_id wide links = no smb.users id_1 = DOMAINX\win_id_1 id_2 = DOMAINX\win_id_2 app_id = DOMAINX\win_id_app Note that the Windows password server is Win3K and that I have various versions of Sun supplied SAMBA. I do have some SAMBA share that use Win2K authentication and those do not seem to have this issue. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] [SECURITY] Buffer overrun in send_mailslot()
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 == == == Subject: Boundary failure in GETDC mailslot == processing can result in a buffer overrun == == CVE ID#: CVE-2007-6015 == == Versions:Samba 3.0.0 - 3.0.27a (inclusive) == == Summary: Specifically crafted GETDC mailslot requests == can trigger a boundary error in the domain == controller GETDC mail slot support which == can be remotely exploited to execute arbitrary == code. == == === Description === Secunia Research reported a vulnerability that allows for the execution of arbitrary code in nmbd. This defect is only be exploited when the domain logons parameter has been enabled in smb.conf. == Patch Availability == A patch addressing this defect has been posted to http://www.samba.org/samba/security/ Additionally, Samba 3.0.28 has been issued as a security release to correct the defect. == Workaround == Samba administrators may avoid this security issue by disabling both the domain logons options in the server's smb.conf file. Note that this will disable all domain controller features as well. === Credits === This vulnerability was reported to Samba developers by Alin Rad Pop, Secunia Research. The time line is as follows: * Nov 22, 2007: Initial report to [EMAIL PROTECTED] * Nov 22, 2007: First response from Samba developers confirming the bug along with a proposed patch. * Dec 10, 2007: Public security advisory made available. == == Our Code, Our Bugs, Our Responsibility. == The Samba Team == -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHXUPeIR7qMdg1EfYRArBPAKDeDyXyeauJuVk0FcHYWbBci0Dw6gCgoYYF UmvJh11x9pp5Nbbg/VYpSJ0= =d7SS -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Is Samba PDC + NT4 DOM Trust using NTLMv2 possible?
I haven't found a solution yet. I think I may post a bug to the bugtrack database. -- Aaron Hans-Wilhelm Heisinger wrote: Did you come across a solution to this problem? I have the same issue. Mit freundlichen Grüßen / With kind regards Hans Aaron J. Zirbes wrote: My Question: Is it possible to get 2-way Interdomain Trust relationships working between a Samba domain and an NT4 SP6a domain, while restricting all password hashes to NTLMv2 only? Everything works except the inter-domain trust I'm able to get the NT4 domain to trust the Samba domain, but not the other way around. My System: -- I have a perfectly running Samba domain w/ ~60 client WinXP workstations, and Win 2003 member servers. All machines are set to use NTLMv2 only. My Config: -- I'm running Samba Version 3.0.27a, compiled with --with-ldap --with-winbind --with-utmp --with-acl-support LDAP backend with the new: ldapsam:trusted=yes ldapsam:editposix=yes Key NTLMv2 security settings are: ntlm auth = no lanman auth = no client plaintext auth = no client lanman auth = no client ntlmv2 auth = yes client schannel = yes server schannel = yes client signing = auto server signing = auto I added an idmap config section for the trusted domain I created the Machine account entry in LDAP for the trusted domain. I setup the domain trust using the net command, I added access to one of my shares by adding TESTDOM\azirbes to the valid users parameter as I usually do, but the trusted domain still prompts for a user name and password, and the samba log dumps the following: [2007/11/09 12:55:09, 2] smbd/sesssetup.c:setup_new_vc_session(1200) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2007/11/09 12:55:09, 5] auth/auth_util.c:make_user_info_map(161) make_user_info_map: Mapping user [TESTDOM]\[azirbes] from workstation [nt4test] [2007/11/09 12:55:09, 5] auth/auth_util.c:is_trusted_domain(2198) is_trusted_domain: Checking for domain trust with [TESTDOM] [2007/11/09 12:55:09, 5] auth/auth_util.c:make_user_info(75) attempting to make a user_info for azirbes (azirbes) [2007/11/09 12:55:09, 5] auth/auth_util.c:make_user_info(85) making strings for azirbes's user_info struct [2007/11/09 12:55:09, 5] auth/auth_util.c:make_user_info(117) making blobs for azirbes's user_info struct [2007/11/09 12:55:09, 3] auth/auth.c:check_ntlm_password(221) check_ntlm_password: Checking password for unmapped user [EMAIL PROTECTED] with the new password interface [2007/11/09 12:55:09, 3] auth/auth.c:check_ntlm_password(224) check_ntlm_password: mapped user is: [EMAIL PROTECTED] [2007/11/09 12:55:09, 6] auth/auth_sam.c:check_samstrict_security(421) check_samstrict_security: TESTDOM is not one of my local names or domain name (DC) [2007/11/09 12:55:09, 5] auth/auth.c:check_ntlm_password(273) check_ntlm_password: winbind authentication for user [azirbes] FAILED with error NT_STATUS_ACCESS_DENIED [2007/11/09 12:55:09, 2] auth/auth.c:check_ntlm_password(319) check_ntlm_password: Authentication for user [azirbes] - [azirbes] FAILED with error NT_STATUS_ACCESS_DENIED [2007/11/09 12:55:09, 5] auth/auth_util.c:free_user_info(2045) attempting to free (and zero) a user_info structure -- Aaron -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Error: session setup failed: Call returned zero bytes (EOF)
Hello, I've just upgraded to samba-3.0.26a on my BSD machine. The older version (3.0.22) was working right, but this version is giving me problems. My server is configureg with a LDAP server. When I do, for example, a smbclient -Lserver, it gives me this output: --- Domain=[GALAXIE] OS=[Unix] Server=[Samba 3.0.26a] Sharename Type Comment - --- domicileDisk Repertoire domicile des usagers groupes Disk Repertoire des groupes appsDisk Applications partagees install Disk Installations ftp Disk Repertoire ftp IPC$IPC IPC Service (DragonFlyBSD Samba Server) impgal01Printer HP LaserJet 5L session setup failed: NT_STATUS_LOGON_FAILURE NetBIOS over TCP disabled -- no workgroup available --- When I try a second time, it then gives me this: --- Receiving SMB: Server stopped responding session setup failed: Call returned zero bytes (EOF) --- I have to restart it to get the first output once. If I start winbindd, it's showing the second output only. The configuration I'm using was working as is, right before I upgraded. Is this issue known? I've trie the latest version, 3.0.27, with the same results. I moved back to 3.0.22, then everything was fine again. But sooner or later, my samba will have to be upgraded (depedency matter), so I'm wondering what I can do to solve that problem. LDAP version is 2.3.38. Note: Since 3.0.22, the option ldap_compat has disapear in the compilation options. Even if I'm using a valid LDAPv3 schema, is it possible that it could be related in some way? Thanks for any help. SR -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] scannedonly samba anti-virus vfs module
forgot to hit 'reply all', this time post to the list: Jeremy Allison wrote: Scannedonly is a samba VFS module that ensures that only files that have been scanned for viruses are visible and accessible to the end user. [..] More information can be found at http://olivier.sessink.nl/scannedonly/ Congratulations and thanks for this ! I'd like to make sure this is kept in sync as we have to make changes to the Samba VFS going forward to add more features (NT Streams etc.). What is the best way to keep you informed as we modify the VFS layer ? I was hoping that somewhere in the future the vfs module part of the code could be included in the samba source. I'm not sure what the requirements are for that. But it would make things very easy for end-users (end-administrators). Compiling the vfs module is right now a bit of a hassle for users that don't compile samba from source themselves. regards, Olivier -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Internationalization clarification needed
Hi, I am trying to setup my samba server for international character set support. Going through the below document under the internationalization, I came to know that I should set up appropriate client code page and character set http://us3.samba.org/samba/docs/using_samba/ch11.html [global] client code page = 850 character set = ISO8859-1 Running testparm utility shows that these setting aren't accpeted by samba. A little investigation showed that I should use the below settings === dos charset = 850 unix charset = ISO8859-1 === Is this just a documentation problem? Or this is different from the above? regards Aravind -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] [Problem] [Centos 5] Samba-3.0.23c-2 login authentication problem
Hello, I have comfigured samba-3.0.23c-2 server on CentOS-5, but when i was logging in from the client system, even if I donot provide password and hit enter key, the client is logging in as Anonymous user. Samba server should not allow for Anonymous login. (I am configuring linux (Server) to linux (Client) i am not using windows) 1) The contents of /etc/samba/smb.conf file as follows, [global] workgroup = WORKGROUP server string = Samba Server security = user encrypt passwords = yes smb passwd file = /etc/samba/smdpasswd [kiran] comment = Funda Tracking Managements Files path = /home/kiran valid users = user6 writeable = on 2) I created user user6 and changed password in to smbpassword using the following command. #cat /etc/passwd | mksmbpasswd.sh /etc/samba/smbpasswd 3) I changed /etc/samba/smbpassword file permissions as follows #chmod 600 /etc/samba/smbpasswd 4) linux client side 4a) In this step I provided User-name and Password #smbclient -L 192.168.0.254 -U user6 password:* Domain=[SERVER1.PRAKASH.COM] OS=[Unix] Server=[Samba 3.0.23c-2] Sharename Type Comment - --- kiran Disk Funda Tracking Managements Files IPC$IPC IPC Service (Samba Server) printer1Printer printer1 user6 Disk Home Directories Domain=[SERVER1.PRAKASH.COM] OS=[Unix] Server=[Samba 3.0.23c-2] Server Comment ---- WorkgroupMaster ---- WORKGROUP 4b) In this step I am not providing the password to the user6 and just hit the enter key for password. #smbclient -L smbclient -L 192.168.0.254 -U user6 Password: Anonymous login successful Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.0.23c-2] Sharename Type Comment - --- IPC$IPC IPC Service (Samba Server) kiran Disk Funda Tracking Managements Files printer1Printer printer1 Anonymous login successful Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.0.23c-2] Server Comment ---- SERVER1.PRAKASH. Samba Server WorkgroupMaster ---- WORKGROUPSERVER1.PRAKASH.COM I tried to find answer in some mailing lists but i couldn't get, plz help me. Thanks and Regards, Prakash. - Looking for last minute shopping deals? Find them fast with Yahoo! Search. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] scannedonly samba anti-virus vfs module
On Mon, Dec 10, 2007 at 06:54:46PM +0100, Olivier Sessink wrote: What is the best way to keep you informed as we modify the VFS layer ? I was hoping that somewhere in the future the vfs module part of the code could be included in the samba source. I'm not sure what the requirements are for that. But it would make things very easy for end-users (end-administrators). Compiling the vfs module is right now a bit of a hassle for users that don't compile samba from source themselves. Can you post a patch against the git repo v3-2-test branch that adds your module? Thanks, Volker pgpdJkV1wdCXC.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Fc6] was: Re: [Samba] [SECURITY] Buffer overrun in send_mailslot()
Fedora 7 and 8 packages are being released but as you may know FC6 has reached EOL just recently. As I think this is an important security problem I decided to release new packages for FC6 so that people that have not yet finished their migration to newer supported Fedora releases can buy some more time. This is a one off service I felt compelled to release to help people, I am not going to do regular releases for FC6. Packages here: http://simo.fedoraproject.org/samba Simo. On Mon, 2007-12-10 at 07:49 -0600, Gerald (Jerry) Carter wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 == == == Subject: Boundary failure in GETDC mailslot == processing can result in a buffer overrun == == CVE ID#: CVE-2007-6015 == == Versions:Samba 3.0.0 - 3.0.27a (inclusive) == == Summary: Specifically crafted GETDC mailslot requests == can trigger a boundary error in the domain == controller GETDC mail slot support which == can be remotely exploited to execute arbitrary == code. == == === Description === Secunia Research reported a vulnerability that allows for the execution of arbitrary code in nmbd. This defect is only be exploited when the domain logons parameter has been enabled in smb.conf. == Patch Availability == A patch addressing this defect has been posted to http://www.samba.org/samba/security/ Additionally, Samba 3.0.28 has been issued as a security release to correct the defect. == Workaround == Samba administrators may avoid this security issue by disabling both the domain logons options in the server's smb.conf file. Note that this will disable all domain controller features as well. === Credits === This vulnerability was reported to Samba developers by Alin Rad Pop, Secunia Research. The time line is as follows: * Nov 22, 2007: Initial report to [EMAIL PROTECTED] * Nov 22, 2007: First response from Samba developers confirming the bug along with a proposed patch. * Dec 10, 2007: Public security advisory made available. == == Our Code, Our Bugs, Our Responsibility. == The Samba Team == -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHXUPeIR7qMdg1EfYRArBPAKDeDyXyeauJuVk0FcHYWbBci0Dw6gCgoYYF UmvJh11x9pp5Nbbg/VYpSJ0= =d7SS -END PGP SIGNATURE- -- Simo Sorce Samba Team GPL Compliance Officer [EMAIL PROTECTED] Senior Software Engineer at Red Hat Inc. [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Fc6] was: Re: [Samba] [SECURITY] Buffer overrun in send_mailslot()
Apologies, the correct URL is: http://simo.fedorapeople.org/samba/ Simo. On Mon, 2007-12-10 at 14:00 -0500, simo wrote: Fedora 7 and 8 packages are being released but as you may know FC6 has reached EOL just recently. As I think this is an important security problem I decided to release new packages for FC6 so that people that have not yet finished their migration to newer supported Fedora releases can buy some more time. This is a one off service I felt compelled to release to help people, I am not going to do regular releases for FC6. Packages here: http://simo.fedoraproject.org/samba Simo. On Mon, 2007-12-10 at 07:49 -0600, Gerald (Jerry) Carter wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 == == == Subject: Boundary failure in GETDC mailslot == processing can result in a buffer overrun == == CVE ID#: CVE-2007-6015 == == Versions:Samba 3.0.0 - 3.0.27a (inclusive) == == Summary: Specifically crafted GETDC mailslot requests == can trigger a boundary error in the domain == controller GETDC mail slot support which == can be remotely exploited to execute arbitrary == code. == == === Description === Secunia Research reported a vulnerability that allows for the execution of arbitrary code in nmbd. This defect is only be exploited when the domain logons parameter has been enabled in smb.conf. == Patch Availability == A patch addressing this defect has been posted to http://www.samba.org/samba/security/ Additionally, Samba 3.0.28 has been issued as a security release to correct the defect. == Workaround == Samba administrators may avoid this security issue by disabling both the domain logons options in the server's smb.conf file. Note that this will disable all domain controller features as well. === Credits === This vulnerability was reported to Samba developers by Alin Rad Pop, Secunia Research. The time line is as follows: * Nov 22, 2007: Initial report to [EMAIL PROTECTED] * Nov 22, 2007: First response from Samba developers confirming the bug along with a proposed patch. * Dec 10, 2007: Public security advisory made available. == == Our Code, Our Bugs, Our Responsibility. == The Samba Team == -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHXUPeIR7qMdg1EfYRArBPAKDeDyXyeauJuVk0FcHYWbBci0Dw6gCgoYYF UmvJh11x9pp5Nbbg/VYpSJ0= =d7SS -END PGP SIGNATURE- -- Simo Sorce Samba Team GPL Compliance Officer [EMAIL PROTECTED] Senior Software Engineer at Red Hat Inc. [EMAIL PROTECTED] -- Simo Sorce Samba Team GPL Compliance Officer [EMAIL PROTECTED] Senior Software Engineer at Red Hat Inc. [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] ldapsam_getsampwsid: Unable to locate SID
Hi, I am running a couple of Samba / LDAP servers. While they all do work fine, I get a message like this on all of them when I run pdbedit -L -v: Unix username:administrator NT username: administrator Account Flags:[UX ] User SID: S-1-5-21-XX-XX-XX-21000 init_group_from_ldap: Entry found for group: 512 lookup_global_sam_rid: looking up RID 512. ldapsam_getsampwsid: Unable to locate SID [S-1-5-21-XX-XX-XX-512] count=0 init_group_from_ldap: Entry found for group: 512 lookup_rids: Domain Admins:2 Primary Group SID:S-1-5-21-XX-XX-XX-512 Full Name:Administrator I thought the unable to locate SID message would vanish after indexing slapd's database, but it does not. I copied the following settings for the index from the Samba Howto: # Indices to maintain ## required by OpenLDAP index objectclass eq index cn pres,sub,eq index sn pres,sub,eq ## required to support pdb_getsampwnam index uid pres,sub,eq ## required to support pdb_getsambapwrid() index displayName pres,sub,eq ## uncomment these if you are storing posixAccount and ## posixGroup entries in the directory as well index uidNumber eq index gidNumber eq index memberUid eq index sambaSID eq index sambaPrimaryGroupSID eq index sambaDomainName eq index default sub This is a new install, which is not in use yet. It is running Samba 3.0.28. The following group mappings are setup on the server: Domain Admins (S-1-5-21-XX-XX-XX-512) - Domain Admins Domain Users (S-1-5-21-XX-XX-XX-513) - Domain Users Domain Guests (S-1-5-21-XX-XX-XX-514) - Domain Guests Domain Computers (S-1-5-21-XX-XX-XX-515) - Domain Computers Administrators (S-1-5-32-544) - Administrators Account Operators (S-1-5-32-548) - Account Operators Print Operators (S-1-5-32-550) - Print Operators Backup Operators (S-1-5-32-551) - Backup Operators Replicators (S-1-5-32-552) - Replicators Thanks in advance. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Can not add a new NT Workstation to a new (vampired) samba domain
I am replacing an old NT4.0 Server with a debian 4.0R1 etch Linux server (samba 3.0.24). This was with a completely fresh install of debian. My smb.conf is pretty simple: [global] workgroup = BUTLER netbios name = STAR3 passdb backend = tdbsam domain master = No domain logons = Yes os level = 33 add user script = /usr/sbin/useradd -m '%u' delete user script = /usr/sbin/userdel -r '%u' add group script = /usr/sbin/groupadd '%g' delete group script = /usr/sbin/groupdel '%g' add user to group script = /usr/sbin/usermod -G '%g' '%u' add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null '%u' # wins server = [IP of wins server] [files] comment = SAMBA File Server path = /home/files read only = No In addition I have the following smbusers file: star3:/etc/samba# cat smbusers root = Administrator testparm tells me this setup will give me a BDC. I first added the samba server (star3) to the old NT4 PDC using the server manager tool and then did a: net rpc join -S nova -UAdministrator%password This worked and I was able to access the machine from the PDC. I then did a vampire: net rpc vampire -S nova -W BUTLER -UAdministrator%password and this worked for most of the user accounts and machine accounts (there were some that had errors, but these were mostly for old users or machines that were long since gone), these errors look like: Creating account: chris [2007/12/08 21:03:36, 0] passdb/pdb_tdb.c:tdb_update_samacct_only(1258) Unable to modify passwd TDB! Error: Record does not exist occured while storing the main record (USER_chris) Creating account: ECLIPSE$ [2007/12/08 21:03:36, 0] passdb/pdb_tdb.c:tdb_update_samacct_only(1258) Unable to modify passwd TDB! Error: Record does not exist occured while storing the main record (USER_eclipse$) Creating account: GALAXY$ [2007/12/08 21:03:36, 0] passdb/pdb_tdb.c:tdb_update_samacct_only(1258) Unable to modify passwd TDB! Error: Record does not exist occured while storing the main record (USER_galaxy$) In the case of GALAXY$, this is a current machine and it did seem to function afterwards, though maybe its using stored credentials still? After the vampiring I shut down the NT4 PDC (nova) and did various login and file sharing tests and the main accounts (including Administrator) all seemed to work. The samba box was still functioning in BDC role. I then decided to try adding a new Windows XP Pro workstation to the domain (it had previously been a member, but I had removed it from the old domain to experiment with moving user profiles between domains). When I told it to join the domain it returned an error telling me that it could not find the domain. So I thought maybe a BDC cannot join new machines to the domain. (The NT4 PDC was switched off at this time). So then I stopped samba and set: domain master = yes wins support = yes and restarted samba. Then when I tried to add the machine I got a Windows error dialog saying: The following error occurred while attempting to join the domain Butler: The user name could not be found. I was using the Administrator user name, and I was able to log into the BUTLER domain on another Windows box as the Administrator and access the file share on the samba box and create new files in the folder owned by Administrator. I googled this for a bit last night and found quite a few references to this error, but nothing really conclusive. Any suggestions? Thanks Stephen. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] scannedonly samba anti-virus vfs module
Volker Lendecke wrote: On Mon, Dec 10, 2007 at 06:54:46PM +0100, Olivier Sessink wrote: What is the best way to keep you informed as we modify the VFS layer ? I was hoping that somewhere in the future the vfs module part of the code could be included in the samba source. I'm not sure what the requirements are for that. But it would make things very easy for end-users (end-administrators). Compiling the vfs module is right now a bit of a hassle for users that don't compile samba from source themselves. Can you post a patch against the git repo v3-2-test branch that adds your module? I'll have to dive into GIT then first (I've never left good old cvs up til now), but I'll see what I can do. is it a good idea if somebody would first give a review of the code before merging it? Changing code after the merge is probably more difficult (sending a patch to a maintainer, the maintainer merging the code, etc.). regards, Olivier -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Can not add a new NT Workstation to a new (vampired) samba domain
On Mon, 2007-12-10 at 07:17 -0700, Stephen Vermeulen wrote: I was using the Administrator user name, and I was able to log into the BUTLER domain on another Windows box as the Administrator and access the file share on the samba box and create new files in the folder owned by Administrator. I googled this for a bit last night and found quite a few references to this error, but nothing really conclusive. Any suggestions? Raise your log level and make sure your machine add script is indeed working properly (also make sure you do not have nscd running, or make it so that add * script scrripts you have properly tell nscd to refresh their status as nscd do negative caching too). Simo. -- Simo Sorce Samba Team GPL Compliance Officer [EMAIL PROTECTED] Senior Software Engineer at Red Hat Inc. [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] scannedonly samba anti-virus vfs module
On Mon, Dec 10, 2007 at 08:53:47PM +0100, Olivier Sessink wrote: I'll have to dive into GIT then first (I've never left good old cvs up til now), but I'll see what I can do. If you're uncomfortable with git, you might look at rsync samba.org::ftp/pub/unpacked/samba_3_2_test But git is really worth it :-) is it a good idea if somebody would first give a review of the code before merging it? Changing code after the merge is probably more difficult (sending a patch to a maintainer, the maintainer merging the code, etc.). Sure. A plain patch is also fine. But it will be up to you to make it work with 3.2 anyway at some point :-) Volker pgpXEmTF0ZOnr.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba Winbind results caching
I am currently using Samba Winbind 3.0.20b-3.21 on x86_64 SLES 9 to authenticate an external application (CVSNT http://www.cvsnt.org/wiki : http://www.cvsnt.org/wiki) using the ntlm_auth --helper-protocol=squid-2.5-ntlmssp executable. The Linux machine is joined to a specific domain controller using security=domain and net rpc join -Uuser -Sserver. We are, however, experiencing problems when we approach more than 1-2 connections per second. Tt will lock-out a user from the domain controller. I attended a talk at LinuxWorld this August talking where the presenter (Thanks Jerry!) talked about results caching in Winbind which I think was added somewhere in 3.0.23-3.0.26. I've converted my configuration to security=ADS, but does this even matter if I'm using ntlm_auth? However, I am not exactly sure how to enable results caching http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/winbind.html #id412710 : http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/winbind.html# id412710 in smb.conf, if I even have to. Will results caching work with ntlm_auth? Do I need to use any of the following or anything else in my smb.conf? idmap backend = tdb ? winbind cache time = 300 ? Why is this five minutes? I thought results caching knew when it needed to re-authenticate against the domain controller. ..smb.conf... workgroup = MYDOMAIN #security = DOMAIN #DOMAIN ADS REALM = MYDOMAIN.NET security = ads encrypt passwords = Yes update encrypted = Yes password server = * preferred master = False local master = No domain master = False wins server = my wins servers winbind separator = + idmap uid = 1-25000 idmap gid = 1-25000 #idmap cache time = 7200 #idmap negative cache time = 120 #winbind cache time = 7200 idmap backend = tdb winbind enum users = yes winbind enum groups = yes winbind use default domain = true ..smb.conf... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Recycle VFS
2. Can you map all recycle-bins to a central share called [trash]? I have tried this but it results in root only privileges to the share. I have placed a symbolic link called .recycle in the root folder of all my shares, all pointing to the same location on my server: /recycle All deleted files end-up in that /recycle directory, with the _original_ permissions. (so I see nothing root only in my setup) If you would export this directory again with samba, I guess users would be able to undelete their own files themselves. Anyway, the difference is maybe that I do NOT use smb.conf for permissions, but instead apply permissions on the filesystem. My main samba shares are exported without restrictions. Hope that helps? Mourik Jan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Windows Vista file copying over openvpn
On Dec 7, 2007 11:20 AM, stoffell [EMAIL PROTECTED] wrote: My current conclusion: it is a problem with vista - samba over slower links (with openvpn tunnel) but not really an openvpn problem (it works when copying to windows, so openvpn is ok, right?). Okay, some more troubleshooting.. here's the current stuff I tried.. # 2007.12.10 15.15 * Apply KB935427 after fetching from TheHotfixShare.net * Reboot, test → Result: negative, same error # 2007.12.10 14.50 netsh interface tcp set global autotuninglevel=disabled * Reboot, test, negative. # 2007.12.08 10h00 * Turned of in vista: Remote Differential Compression * Control Panel ⇒ Programs and features ⇒ Remote Differential Compression * Result: negative, same error Any more suggestions? I kinda had my hope set on KB935427, the description looked very much like the problem I'm having.. cheers, stoffell -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Windows Vista file copying over openvpn
Quoting stoffell [EMAIL PROTECTED]: Ask Microsoft for the patch, it's probably that. We suffered issues with file copying and the hotfix fixed it. On Dec 7, 2007 11:20 AM, stoffell [EMAIL PROTECTED] wrote: My current conclusion: it is a problem with vista - samba over slower links (with openvpn tunnel) but not really an openvpn problem (it works when copying to windows, so openvpn is ok, right?). Okay, some more troubleshooting.. here's the current stuff I tried.. # 2007.12.10 15.15 * Apply KB935427 after fetching from TheHotfixShare.net * Reboot, test → Result: negative, same error # 2007.12.10 14.50 netsh interface tcp set global autotuninglevel=disabled * Reboot, test, negative. # 2007.12.08 10h00 * Turned of in vista: Remote Differential Compression * Control Panel ⇒ Programs and features ⇒ Remote Differential Compression * Result: negative, same error Any more suggestions? I kinda had my hope set on KB935427, the description looked very much like the problem I'm having.. cheers, stoffell -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- Pau Garcia i Quiles http://www.elpauer.org (Due to my workload, I may need 10 days to answer) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] auto run
Is it possible to have say a file auto run on accessing a samba share. I am thinking along the lines of cd's we copy to our server getting the setup menu to pop up would be great cheers -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Windows Vista file copying over openvpn
On Dec 10, 2007 10:02 PM, Pau Garcia i Quiles [EMAIL PROTECTED] wrote: Quoting stoffell [EMAIL PROTECTED]: Ask Microsoft for the patch, it's probably that. We suffered issues with file copying and the hotfix fixed it. I already tried hotfixes KB935427 and KB932045, as well as being up to date on all windows update patches. Also reproduced the same thing on 2 different vista's. It really is an issue with copying files from vista to a samba share over a slower link (in this case, openvpn tunnel on broadband connection). The same locations also have XP's, and they can copy just fine.. cheers -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Can not add a new NT Workstation to a new (vampired) samba domain
Stephen Vermeulen wrote: I am replacing an old NT4.0 Server with a debian 4.0R1 etch Linux server (samba 3.0.24). This was with a completely fresh install of debian. I first added the samba server (star3) to the old NT4 PDC using the server manager tool and then did a: net rpc join -S nova -UAdministrator%password This worked and I was able to access the machine from the PDC. I then did a vampire: net rpc vampire -S nova -W BUTLER -UAdministrator%password and this worked for most of the user accounts and machine accounts (there were some that had errors, but these were mostly for old users or machines that were long since gone), these errors look like: I checked the SIDs of the original NT4 PDC and the samba BDC (after net vampire had run) and they were different. Could this be causing problems? According to this microsoft article: http://www.microsoft.com/technet/sysinternals/Utilities/NewSid.mspx ... a BDC's relationship to a Domain is identified by it having the same computer SID as the other Domain Controllers (DCs). Stephen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Can not add a new NT Workstation to a new (vampired) samba domain
Stephen Vermeulen wrote: I am replacing an old NT4.0 Server with a debian 4.0R1 etch Linux server (samba 3.0.24). This was with a completely fresh install of debian. ... I then decided to try adding a new Windows XP Pro workstation to the domain (it had previously been a member, but I had removed it from the old domain to experiment with moving user profiles between domains). When I told it to join the domain it returned an error telling me that it could not find the domain. So I thought maybe a BDC cannot join new machines to the domain. (The NT4 PDC was switched off at this time). So then I stopped samba and set: domain master = yes wins support = yes and restarted samba. Then when I tried to add the machine I got a Windows error dialog saying: The following error occurred while attempting to join the domain Butler: The user name could not be found. I was using the Administrator user name, and I was able to log into the BUTLER domain on another Windows box as the Administrator and access the file share on the samba box and create new files in the folder owned by Administrator. Since the BDC SID was not the same as the PDC's SID I used the net command to fetch the SID from the PDC and write it to the BDC. Now a net getlocalsid reports the same SID. Shouldn't net vampire have made the BDC have the same SID as the PDC? After doing this the error changed to Access is denied I then redid the net vampire, but this did not change things. I have increased the log level to 2 and the following log file section is what happens when I try to add the new machine. Also, here is the current version of the smb.conf file: star4:/etc/samba# cat smb.conf [global] workgroup = BUTLER netbios name = STAR4 passdb backend = tdbsam domain master = Yes domain logons = Yes wins support = yes os level = 40 log level = 2 add user script = /usr/sbin/useradd -m '%u' delete user script = /usr/sbin/userdel -r '%u' add group script = /usr/sbin/groupadd '%g' delete group script = /usr/sbin/groupdel '%g' add user to group script = /usr/sbin/usermod -G '%g' '%u' add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null '%u' # wins server = [IP of wins server] [files] comment = SAMBA File Server path = /home/files read only = No star4:/etc/samba# And the log.smbd file: [2007/12/10 14:45:44, 2] smbd/reply.c:reply_special(496) netbios connect: name1=STAR4 name2=TULLY [2007/12/10 14:45:44, 2] smbd/reply.c:reply_special(503) netbios connect: local=star4 remote=tully, name type = 0 [2007/12/10 14:45:44, 0] lib/util_sock.c:write_data(562) write_data: write failure in writing to client 192.168.128.103. Error Connection reset by peer [2007/12/10 14:45:44, 0] lib/util_sock.c:send_smb(769) Error writing 4 bytes to client. -1. (Connection reset by peer) [2007/12/10 14:45:44, 2] smbd/sesssetup.c:setup_new_vc_session(799) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2007/12/10 14:45:44, 2] smbd/sesssetup.c:setup_new_vc_session(799) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2007/12/10 14:45:44, 2] auth/auth.c:check_ntlm_password(309) check_ntlm_password: authentication for user [administrator] - [administrator] - [Administrator] succeeded [2007/12/10 14:45:44, 2] smbd/reply.c:reply_tcon_and_X(711) Serving IPC$ as a Dfs root [2007/12/10 14:45:45, 2] smbd/reply.c:reply_special(496) netbios connect: name1=STAR4 name2=TULLY [2007/12/10 14:45:45, 2] smbd/reply.c:reply_special(503) netbios connect: local=star4 remote=tully, name type = 0 [2007/12/10 14:45:45, 0] lib/util_sock.c:write_data(562) write_data: write failure in writing to client 192.168.128.103. Error Connection reset by peer [2007/12/10 14:45:45, 0] lib/util_sock.c:send_smb(769) Error writing 4 bytes to client. -1. (Connection reset by peer) [2007/12/10 14:45:45, 2] smbd/sesssetup.c:setup_new_vc_session(799) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2007/12/10 14:45:45, 2] smbd/sesssetup.c:setup_new_vc_session(799) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2007/12/10 14:45:45, 2] auth/auth.c:check_ntlm_password(309) check_ntlm_password: authentication for user [administrator] - [administrator] - [Administrator] succeeded [2007/12/10 14:45:45, 2] smbd/reply.c:reply_tcon_and_X(711) Serving IPC$ as a Dfs root [2007/12/10 14:45:45, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2797) Returning domain sid for domain BUTLER - S-1-5-21-1965320917-1955335400-7473742 [2007/12/10 14:45:45, 0] passdb/pdb_tdb.c:tdbsam_open(818) tdbsam_open: Failed to open/create TDB passwd [/var/lib/samba/passdb.tdb] [2007/12/10 14:45:45, 0] passdb/pdb_tdb.c:tdb_update_sam(1335) tdbsam_getsampwnam: failed to open
Re: [Samba] [Problem] [Centos 5] Samba-3.0.23c-2 login authentication problem
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Prakash Hallalli wrote: Hello, I have comfigured samba-3.0.23c-2 server on CentOS-5, but when i was logging in from the client system, even if I donot provide password and hit enter key, the client is logging in as Anonymous user. Samba server should not allow for Anonymous login. (I am configuring linux (Server) to linux (Client) i am not using windows) 1) The contents of /etc/samba/smb.conf file as follows, [global] workgroup = WORKGROUP server string = Samba Server security = user encrypt passwords = yes smb passwd file = /etc/samba/smdpasswd [kiran] comment = Funda Tracking Managements Files path = /home/kiran valid users = user6 writeable = on 2) I created user user6 and changed password in to smbpassword using the following command. #cat /etc/passwd | mksmbpasswd.sh /etc/samba/smbpasswd 3) I changed /etc/samba/smbpassword file permissions as follows #chmod 600 /etc/samba/smbpasswd 4) linux client side 4a) In this step I provided User-name and Password #smbclient -L 192.168.0.254 -U user6 password:* Domain=[SERVER1.PRAKASH.COM] OS=[Unix] Server=[Samba 3.0.23c-2] Sharename Type Comment - --- kiran Disk Funda Tracking Managements Files IPC$IPC IPC Service (Samba Server) printer1Printer printer1 user6 Disk Home Directories Domain=[SERVER1.PRAKASH.COM] OS=[Unix] Server=[Samba 3.0.23c-2] Server Comment ---- WorkgroupMaster ---- WORKGROUP 4b) In this step I am not providing the password to the user6 and just hit the enter key for password. #smbclient -L smbclient -L 192.168.0.254 -U user6 Password: Anonymous login successful Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.0.23c-2] Sharename Type Comment - --- IPC$IPC IPC Service (Samba Server) kiran Disk Funda Tracking Managements Files printer1Printer printer1 Anonymous login successful Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.0.23c-2] Server Comment ---- SERVER1.PRAKASH. Samba Server WorkgroupMaster ---- WORKGROUPSERVER1.PRAKASH.COM I tried to find answer in some mailing lists but i couldn't get, plz help me. Thanks and Regards, Prakash. Check out the map to guest configuration item. I suspect you have it set to bad password, meaning a wrong password will cause a user to become guest instead. - -- _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | |Ryan Novosielski - Systems Programmer II |$| |__| | | |__/ | \| _| |[EMAIL PROTECTED] - 973/972.0922 (2-0922) \__/ Univ. of Med. and Dent.|IST/AST - NJMS Medical Science Bldg - C630 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHXjnqmb+gadEcsb4RAqduAKCfFsCScomq2UBlIM26ITwEqkpgXwCfRJCg bItuDjgKzsT8+xdrqXY6U8Y= =4C5P -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] problems using auth_ntlm_winbind_module
Hi there, I am trying to setup up an intranet where I would like to use auth_ntlm_winbind_module to create a an environment where windows user are automatically logged into the intranet. winbind seems to work fine. at least when I issue wbinfo -i USER I get a correct answer my problem is, that when I try to access the intranet I get a The page cannot be displayed error from apache. however, when I remove the ntlm authentication accessing the intranet works fine. any pointer where to start to look for a solution would be greatly appreciated. robert this is the virtual host part of apache config NameVirtualHost *:80 VirtualHost *:80 #DocumentRoot /srv/www ServerAdmin [EMAIL PROTECTED] ServerName intranettest.zehndergroup.com CustomLog /var/log/httpd/intranet-access.log combined ErrorLog /var/log/httpd/intranet-error.log LogLevel debug RewriteLog /var/log/httpd/rewrite_log RewriteLogLevel 2 Location / AuthName NTLM Authentication thingy NTLMAuth on NTLMAuthHelper /usr/bin/ntlm_auth \ --helper-protocol=squid-2.5-ntlmssp -d10 -l/root NTLMBasicAuthoritative on AuthType NTLM require valid-user /Location LogLevel debug RewriteEngine On # Add to virtual host block for testintranet.zehndergroup.com:80 RewriteRule /(.*)/$ http://127.0.0.1:8080/VirtualHostBase/http/intranettest.zehndergroup.com:80/zehnderi/zehnderi/VirtualHostRoot/$1 [L,P] RewriteRule ^/(.*) http://127.0.0.1:8080/VirtualHostBase/http/intranettest.zehndergroup.com:80/zehnderi/zehnderi/VirtualHostRoot/$1 [L,P] /VirtualHost - this is what I get from apaches error log: [2007/12/11 07:10:46, 10] utils/ntlm_auth.c:manage_squid_request(2081) Got 'YR TlRMTVNTUAABB4IAogAFAJMID2==' from squid (length: 59). [2007/12/11 07:10:46, 10] utils/ntlm_auth.c:manage_squid_ntlmssp_request(763) got NTLMSSP packet: [2007/12/11 07:10:46, 10] lib/util.c:dump_data(2283) [000] 4E 54 4C 4D 53 53 50 00 01 00 00 00 07 82 00 A2 NTLMSSP. [010] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [020] 05 00 93 08 00 00 00 0F [2007/12/11 07:10:46, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(63) Got NTLMSSP neg_flags=0xa2008207 NTLMSSP_NEGOTIATE_UNICODE NTLMSSP_NEGOTIATE_OEM NTLMSSP_REQUEST_TARGET NTLMSSP_NEGOTIATE_NTLM NTLMSSP_NEGOTIATE_ALWAYS_SIGN NTLMSSP_NEGOTIATE_128 NTLMSSP_NEGOTIATE_56 [2007/12/11 07:10:46, 10] utils/ntlm_auth.c:manage_squid_ntlmssp_request(773) NTLMSSP challenge - -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
svn commit: samba r26366 - in branches/SAMBA_4_0: . source/scripting/python/samba source/setup
Author: jelmer Date: 2007-12-10 09:29:00 + (Mon, 10 Dec 2007) New Revision: 26366 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=26366 Log: Import provision scripts in Python. Added: branches/SAMBA_4_0/source/scripting/python/samba/provision.py branches/SAMBA_4_0/source/scripting/python/samba/upgrade.py branches/SAMBA_4_0/source/setup/provision.py Modified: branches/SAMBA_4_0/ Changeset: Sorry, the patch is too large (1616 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=26366
svn commit: samba r26367 - in branches/4.0-python: . source source/auth source/auth/credentials source/auth/credentials/tests source/auth/gensec source/auth/kerberos source/auth/ntlmssp source/build/s
Author: jelmer Date: 2007-12-10 09:35:38 + (Mon, 10 Dec 2007) New Revision: 26367 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=26367 Log: merge upstream. Added: branches/4.0-python/source/auth/auth.py branches/4.0-python/source/auth/auth_wrap.c branches/4.0-python/source/auth/credentials/credentials.py branches/4.0-python/source/auth/credentials/credentials_wrap.c branches/4.0-python/source/dsdb/samdb/ldb_modules/ranged_results.c branches/4.0-python/source/lib/events/events.py branches/4.0-python/source/lib/events/events_wrap.c branches/4.0-python/source/lib/ldb/ldb.py branches/4.0-python/source/lib/ldb/ldb_tdb/ldb_tdb_wrap.c branches/4.0-python/source/lib/ldb/ldb_wrap.c branches/4.0-python/source/lib/ldb_wrap.c branches/4.0-python/source/lib/registry/registry.py branches/4.0-python/source/lib/registry/registry_wrap.c branches/4.0-python/source/lib/socket/connect_name.c branches/4.0-python/source/lib/tdb/tdb.py branches/4.0-python/source/lib/tdb/tdb_wrap.c branches/4.0-python/source/lib/tdb_wrap.c branches/4.0-python/source/libcli/security/security.py branches/4.0-python/source/libcli/security/security_wrap.c branches/4.0-python/source/libcli/swig/libcli_nbt.py branches/4.0-python/source/libcli/swig/libcli_nbt_wrap.c branches/4.0-python/source/libcli/swig/libcli_smb.py branches/4.0-python/source/libcli/swig/libcli_smb_wrap.c branches/4.0-python/source/librpc/rpc/dcerpc.py branches/4.0-python/source/librpc/rpc/dcerpc_wrap.c branches/4.0-python/source/param/tests/loadparm.c branches/4.0-python/source/scripting/ejs/ branches/4.0-python/source/scripting/ejs/ejsnet/ branches/4.0-python/source/scripting/libjs/ branches/4.0-python/source/scripting/python/ac_pkg_swig.m4 branches/4.0-python/source/scripting/python/misc.py branches/4.0-python/source/scripting/python/misc_wrap.c Removed: branches/4.0-python/source/auth/gensec/socket.h branches/4.0-python/source/lib/util/util_ldb.h Modified: branches/4.0-python/ branches/4.0-python/.bzrignore branches/4.0-python/prog_guide.txt branches/4.0-python/source/auth/auth.c branches/4.0-python/source/auth/auth.h branches/4.0-python/source/auth/auth.i branches/4.0-python/source/auth/auth_anonymous.c branches/4.0-python/source/auth/auth_sam.c branches/4.0-python/source/auth/auth_server.c branches/4.0-python/source/auth/auth_simple.c branches/4.0-python/source/auth/auth_unix.c branches/4.0-python/source/auth/auth_util.c branches/4.0-python/source/auth/config.mk branches/4.0-python/source/auth/credentials/config.mk branches/4.0-python/source/auth/credentials/credentials.c branches/4.0-python/source/auth/credentials/credentials.i branches/4.0-python/source/auth/credentials/credentials_files.c branches/4.0-python/source/auth/credentials/credentials_krb5.c branches/4.0-python/source/auth/credentials/tests/bindings.py branches/4.0-python/source/auth/gensec/config.mk branches/4.0-python/source/auth/gensec/gensec.c branches/4.0-python/source/auth/gensec/gensec.h branches/4.0-python/source/auth/gensec/gensec_gssapi.c branches/4.0-python/source/auth/gensec/gensec_krb5.c branches/4.0-python/source/auth/gensec/schannel.c branches/4.0-python/source/auth/gensec/schannel_state.c branches/4.0-python/source/auth/gensec/spnego.c branches/4.0-python/source/auth/kerberos/kerberos.h branches/4.0-python/source/auth/kerberos/kerberos_pac.c branches/4.0-python/source/auth/kerberos/krb5_init_context.c branches/4.0-python/source/auth/kerberos/krb5_init_context.h branches/4.0-python/source/auth/ntlm_check.c branches/4.0-python/source/auth/ntlmssp/ntlmssp.c branches/4.0-python/source/auth/ntlmssp/ntlmssp.h branches/4.0-python/source/auth/ntlmssp/ntlmssp_client.c branches/4.0-python/source/auth/ntlmssp/ntlmssp_parse.c branches/4.0-python/source/auth/ntlmssp/ntlmssp_server.c branches/4.0-python/source/auth/sam.c branches/4.0-python/source/auth/session.c branches/4.0-python/source/auth/system_session.c branches/4.0-python/source/autogen.sh branches/4.0-python/source/build/smb_build/input.pm branches/4.0-python/source/build/smb_build/makefile.pm branches/4.0-python/source/build/smb_build/output.pm branches/4.0-python/source/cldap_server/cldap_server.c branches/4.0-python/source/cldap_server/netlogon.c branches/4.0-python/source/client/cifsdd.c branches/4.0-python/source/client/client.c branches/4.0-python/source/client/smbmount.c branches/4.0-python/source/client/smbspool.c branches/4.0-python/source/cluster/ctdb/ctdb_cluster.c branches/4.0-python/source/cluster/ctdb/ctdb_cluster.h branches/4.0-python/source/cluster/local.c branches/4.0-python/source/dsdb/common/sidmap.c branches/4.0-python/source/dsdb/config.mk branches/4.0-python/source/dsdb/repl/drepl_out_helpers.c
svn commit: samba r26368 - in branches/4.0-python: . source source/auth source/client source/dsdb/samdb/ldb_modules source/lib/socket source/torture/rpc
Author: jelmer Date: 2007-12-10 09:36:30 + (Mon, 10 Dec 2007) New Revision: 26368 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=26368 Log: Merge upstream. Added: branches/4.0-python/source/lib/socket/connect.h Modified: branches/4.0-python/ branches/4.0-python/source/auth/auth_anonymous.c branches/4.0-python/source/auth/auth_developer.c branches/4.0-python/source/auth/ntlm_check.c branches/4.0-python/source/client/client.c branches/4.0-python/source/dsdb/samdb/ldb_modules/partition.c branches/4.0-python/source/samba4-skip branches/4.0-python/source/torture/rpc/lsa.c Changeset: Property changes on: branches/4.0-python ___ Name: bzr:revision-info ...skipped... Name: bzr:ancestry:v3-trunk0 ...skipped... Name: bzr:file-ids ...skipped... Name: bzr:revision-id:v3-trunk0 ...skipped... Modified: branches/4.0-python/source/auth/auth_anonymous.c === --- branches/4.0-python/source/auth/auth_anonymous.c2007-12-10 09:35:38 UTC (rev 26367) +++ branches/4.0-python/source/auth/auth_anonymous.c2007-12-10 09:36:30 UTC (rev 26368) @@ -57,7 +57,7 @@ return auth_anonymous_server_info(mem_ctx, lp_netbios_name(ctx-auth_ctx-lp_ctx), _server_info); } -static struct auth_operations anonymous_auth_ops = { +static const struct auth_operations anonymous_auth_ops = { .name = anonymous, .get_challenge = auth_get_challenge_not_implemented, .want_check = anonymous_want_check, Modified: branches/4.0-python/source/auth/auth_developer.c === --- branches/4.0-python/source/auth/auth_developer.c2007-12-10 09:35:38 UTC (rev 26367) +++ branches/4.0-python/source/auth/auth_developer.c2007-12-10 09:36:30 UTC (rev 26368) @@ -130,7 +130,7 @@ return nt_status; } -static struct auth_operations name_to_ntstatus_auth_ops = { +static const struct auth_operations name_to_ntstatus_auth_ops = { .name = name_to_ntstatus, .get_challenge = auth_get_challenge_not_implemented, .want_check = name_to_ntstatus_want_check, @@ -180,7 +180,7 @@ return NT_STATUS_NO_SUCH_USER; } -static struct auth_operations fixed_challenge_auth_ops = { +static const struct auth_operations fixed_challenge_auth_ops = { .name = fixed_challenge, .get_challenge = fixed_challenge_get_challenge, .want_check = fixed_challenge_want_check, Modified: branches/4.0-python/source/auth/ntlm_check.c === --- branches/4.0-python/source/auth/ntlm_check.c2007-12-10 09:35:38 UTC (rev 26367) +++ branches/4.0-python/source/auth/ntlm_check.c2007-12-10 09:36:30 UTC (rev 26368) @@ -295,7 +295,7 @@ DATA_BLOB *user_sess_key, DATA_BLOB *lm_sess_key) { - static const uint8_t zeros[8]; + const static uint8_t zeros[8]; DATA_BLOB tmp_sess_key; if (stored_nt == NULL) { Modified: branches/4.0-python/source/client/client.c === --- branches/4.0-python/source/client/client.c 2007-12-10 09:35:38 UTC (rev 26367) +++ branches/4.0-python/source/client/client.c 2007-12-10 09:36:30 UTC (rev 26368) @@ -51,8 +51,6 @@ #include librpc/gen_ndr/ndr_nbt.h #include param/param.h -static int io_bufsize = 64512; - struct smbclient_context { char *remote_cur_dir; struct smbcli_state *cli; @@ -64,6 +62,7 @@ bool lowercase; int printmode; bool translation; + int io_bufsize; }; /* timing globals */ @@ -680,7 +679,7 @@ bool newhandle = false; uint8_t *data; struct timeval tp_start; - int read_size = io_bufsize; + int read_size = ctx-io_bufsize; uint16_t attr; size_t size; off_t start = 0; @@ -1074,7 +1073,7 @@ size_t start = 0; off_t nread = 0; uint8_t *buf = NULL; - int maxwrite = io_bufsize; + int maxwrite = ctx-io_bufsize; int rc = 0; struct timeval tp_start; @@ -3017,17 +3016,12 @@ /* return a connection to a server ***/ -static struct smbclient_context *do_connect(TALLOC_CTX *mem_ctx, +static bool do_connect(struct smbclient_context *ctx, const char *specified_server, const char *specified_share, struct cli_credentials *cred) { NTSTATUS status; - struct smbclient_context *ctx = talloc_zero(mem_ctx, struct smbclient_context); char *server, *share; - if (!ctx) { - return NULL; - } - rl_ctx = ctx; /*
svn commit: samba r26369 - in branches/SAMBA_4_0: . source/scripting/python/samba source/scripting/python/samba/tests
Author: jelmer Date: 2007-12-10 10:29:20 + (Mon, 10 Dec 2007) New Revision: 26369 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=26369 Log: Start on tests for the upgrade python code. Added: branches/SAMBA_4_0/source/scripting/python/samba/tests/ branches/SAMBA_4_0/source/scripting/python/samba/tests/upgrade.py Modified: branches/SAMBA_4_0/ branches/SAMBA_4_0/source/scripting/python/samba/upgrade.py Changeset: Property changes on: branches/SAMBA_4_0 ___ Name: bzr:revision-info ...skipped... Name: bzr:file-ids ...skipped... Name: bzr:revision-id:v3-trunk0 ...skipped... Added: branches/SAMBA_4_0/source/scripting/python/samba/tests/upgrade.py === --- branches/SAMBA_4_0/source/scripting/python/samba/tests/upgrade.py 2007-12-10 09:36:30 UTC (rev 26368) +++ branches/SAMBA_4_0/source/scripting/python/samba/tests/upgrade.py 2007-12-10 10:29:20 UTC (rev 26369) @@ -0,0 +1,28 @@ +#!/usr/bin/python + +# Unix SMB/CIFS implementation. +# Copyright (C) Jelmer Vernooij [EMAIL PROTECTED] 2007 +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see http://www.gnu.org/licenses/. +# + +from samba.upgrade import regkey_to_dn +from unittest import TestCase + +class RegkeyDnTests(TestCase): +def test_empty(self): +self.assertEquals(hive=NONE, regkey_to_dn()) + +def test_nested(self): +self.assertEquals(key=foo,key=bar,hive=NONE, regkey_to_dn(foo/bar)) Modified: branches/SAMBA_4_0/source/scripting/python/samba/upgrade.py === --- branches/SAMBA_4_0/source/scripting/python/samba/upgrade.py 2007-12-10 09:36:30 UTC (rev 26368) +++ branches/SAMBA_4_0/source/scripting/python/samba/upgrade.py 2007-12-10 10:29:20 UTC (rev 26369) @@ -15,6 +15,7 @@ from param import default_configuration def regkey_to_dn(name): +Convert a registry key to a DN. dn = hive=NONE for el in name.split(/)[1:]: @@ -191,6 +192,7 @@ return ldif def upgrade_wins(samba3): +Upgrade the WINS database. ldif = version_id = 0
svn commit: samba r26370 - in branches/SAMBA_4_0: . source/setup
Author: jelmer Date: 2007-12-10 10:29:26 + (Mon, 10 Dec 2007) New Revision: 26370 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=26370 Log: Import upgrade script in Python. Added: branches/SAMBA_4_0/source/setup/upgrade.py Modified: branches/SAMBA_4_0/ Changeset: Property changes on: branches/SAMBA_4_0 ___ Name: bzr:revision-info ...skipped... Name: bzr:file-ids ...skipped... Name: bzr:revision-id:v3-trunk0 ...skipped... Added: branches/SAMBA_4_0/source/setup/upgrade.py === --- branches/SAMBA_4_0/source/setup/upgrade.py 2007-12-10 10:29:20 UTC (rev 26369) +++ branches/SAMBA_4_0/source/setup/upgrade.py 2007-12-10 10:29:26 UTC (rev 26370) @@ -0,0 +1,61 @@ +#!/usr/bin/python +# +# Upgrade from Samba3 +# Copyright Jelmer Vernooij 2005-2007 +# Released under the GNU GPL v3 or later +# +import getopt +import optparse +import samba.options + +parser = optparse.OptionParser(upgrade [options]) +parser.add_option_group(options.SambaOptions(parser)) +parser.add_option_group(options.VersionOptions(parser)) +parser.add_option_group(options.CredentialsOptions(parser)) +parser.add_option(--realm, type=string, metavar=REALM, help=set realm) +parser.add_option(--quiet, help=Be quiet) +parser.add_option(--verify, help=Verify resulting configuration) +parser.add_option(--blank, + help=do not add users or groups, just the structure) +parser.add_option(--targetdir, type=string, metavar=DIR, + help=Set target directory) + +def message(text): +Print a message if quiet is not set. + if opts.quiet: + print text + +message(Reading Samba3 databases and smb.conf\n) +samba3 = samba3_read(options.ARGV[0], options.ARGV[1]) + +message(Provisioning\n) +subobj = upgrade_provision(samba3) +if options.targetdir is not None: + paths = ProvisionPaths() + paths.smbconf = os.path.join(options.targetdir, smb.conf) + ldbs = [hklm,hkcr,hku,hkcu,hkpd,hkpt,samdb,rootdse,secrets,wins] + for n in ldbs: + paths[n] = sprintf(tdb://%s/%s.ldb, options.targetdir, n) + paths.dns = os.path.join(options.targetdir, dns.zone) +else: + paths = provision_default_paths(subobj) + +creds = options.get_credentials() +system_session = system_session() +paths = provision_default_paths(subobj) + +if options.realm: + subobj.realm = options.realm + +provision(lp, subobj, message, options.blank, paths, system_session, creds, undefined) + +ret = upgrade(subobj,samba3,message,paths, system_session, creds) +if ret 0: + message(Failed to import %d entries\n, ret) +else: + provision_dns(subobj, message, paths, system_session, creds) + message(All OK\n) + +if options.verify: + message(Verifying...\n) + ret = upgrade_verify(subobj, samba3, paths, message) Property changes on: branches/SAMBA_4_0/source/setup/upgrade.py ___ Name: svn:executable + *
svn commit: samba r26371 - in branches/SAMBA_4_0: . source/lib/ldb/include
Author: jelmer Date: 2007-12-10 10:29:32 + (Mon, 10 Dec 2007) New Revision: 26371 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=26371 Log: Fix typo. Modified: branches/SAMBA_4_0/ branches/SAMBA_4_0/source/lib/ldb/include/ldb.h Changeset: Property changes on: branches/SAMBA_4_0 ___ Name: bzr:revision-info ...skipped... Name: bzr:file-ids ...skipped... Name: bzr:revision-id:v3-trunk0 ...skipped... Modified: branches/SAMBA_4_0/source/lib/ldb/include/ldb.h === --- branches/SAMBA_4_0/source/lib/ldb/include/ldb.h 2007-12-10 10:29:26 UTC (rev 26370) +++ branches/SAMBA_4_0/source/lib/ldb/include/ldb.h 2007-12-10 10:29:32 UTC (rev 26371) @@ -1217,7 +1217,7 @@ /** Check the attribute name is valid according to rfc2251 - \param s tthe string to check + \param s the string to check \return 1 if the name is ok */
svn commit: samba r26372 - in branches/SAMBA_4_0: . source/lib/registry
Author: jelmer Date: 2007-12-10 10:29:35 + (Mon, 10 Dec 2007) New Revision: 26372 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=26372 Log: Add include for external users. Modified: branches/SAMBA_4_0/ branches/SAMBA_4_0/source/lib/registry/hive.h Changeset: Property changes on: branches/SAMBA_4_0 ___ Name: bzr:revision-info ...skipped... Name: bzr:revision-id:v3-trunk0 ...skipped... Modified: branches/SAMBA_4_0/source/lib/registry/hive.h === --- branches/SAMBA_4_0/source/lib/registry/hive.h 2007-12-10 10:29:32 UTC (rev 26371) +++ branches/SAMBA_4_0/source/lib/registry/hive.h 2007-12-10 10:29:35 UTC (rev 26372) @@ -22,6 +22,7 @@ #define __REGISTRY_HIVE_H__ #include talloc.h +#include libcli/util/werror.h #include librpc/gen_ndr/security.h #include libcli/util/ntstatus.h
svn commit: samba r26373 - in branches/SAMBA_4_0: .
Author: jelmer Date: 2007-12-10 10:29:38 + (Mon, 10 Dec 2007) New Revision: 26373 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=26373 Log: add note about shared libs being problematic with static data. Modified: branches/SAMBA_4_0/ branches/SAMBA_4_0/prog_guide.txt Changeset: Property changes on: branches/SAMBA_4_0 ___ Name: bzr:revision-info ...skipped... Name: bzr:revision-id:v3-trunk0 ...skipped... Modified: branches/SAMBA_4_0/prog_guide.txt === --- branches/SAMBA_4_0/prog_guide.txt 2007-12-10 10:29:35 UTC (rev 26372) +++ branches/SAMBA_4_0/prog_guide.txt 2007-12-10 10:29:38 UTC (rev 26373) @@ -146,6 +146,7 @@ - it makes code much less likely to be recursion-safe - it leads to subtle side effects when the same code is called from multiple places + - doesn't play well with shared libraries or plugins Static data is particularly evil in library code (such as our internal smb and rpc libraries). If you can get rid of all static data in
svn commit: samba r26374 - in branches/SAMBA_4_0: . source/lib/ldb
Author: jelmer Date: 2007-12-10 10:29:42 + (Mon, 10 Dec 2007) New Revision: 26374 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=26374 Log: Remove dependency on dynconfig. Modified: branches/SAMBA_4_0/ branches/SAMBA_4_0/source/lib/ldb/config.mk Changeset: Property changes on: branches/SAMBA_4_0 ___ Name: bzr:revision-info ...skipped... Name: bzr:revision-id:v3-trunk0 ...skipped... Modified: branches/SAMBA_4_0/source/lib/ldb/config.mk === --- branches/SAMBA_4_0/source/lib/ldb/config.mk 2007-12-10 10:29:38 UTC (rev 26373) +++ branches/SAMBA_4_0/source/lib/ldb/config.mk 2007-12-10 10:29:42 UTC (rev 26374) @@ -148,7 +148,6 @@ PUBLIC_DEPENDENCIES = \ LIBTALLOC PRIVATE_DEPENDENCIES = \ - DYNCONFIG \ SOCKET_WRAPPER MANPAGE = man/ldb.3 PUBLIC_HEADERS = include/ldb.h include/ldb_errors.h
svn commit: samba r26375 - in branches/SAMBA_4_0: . source/scripting/python/samba
Author: jelmer Date: 2007-12-10 10:29:45 + (Mon, 10 Dec 2007) New Revision: 26375 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=26375 Log: Move provision-independent utility function to main samba python module. Modified: branches/SAMBA_4_0/ branches/SAMBA_4_0/source/scripting/python/samba/__init__.py branches/SAMBA_4_0/source/scripting/python/samba/provision.py Changeset: Property changes on: branches/SAMBA_4_0 ___ Name: bzr:revision-info ...skipped... Name: bzr:revision-id:v3-trunk0 ...skipped... Modified: branches/SAMBA_4_0/source/scripting/python/samba/__init__.py === --- branches/SAMBA_4_0/source/scripting/python/samba/__init__.py 2007-12-10 10:29:42 UTC (rev 26374) +++ branches/SAMBA_4_0/source/scripting/python/samba/__init__.py 2007-12-10 10:29:45 UTC (rev 26375) @@ -55,3 +55,12 @@ return text + +def valid_netbios_name(name): +Check whether a name is valid as a NetBIOS name. +# FIXME: There are probably more constraints here. +# crh has a paragraph on this in his book (1.4.1.1) +if len(name) 13: +return False +return True + Modified: branches/SAMBA_4_0/source/scripting/python/samba/provision.py === --- branches/SAMBA_4_0/source/scripting/python/samba/provision.py 2007-12-10 10:29:42 UTC (rev 26374) +++ branches/SAMBA_4_0/source/scripting/python/samba/provision.py 2007-12-10 10:29:45 UTC (rev 26375) @@ -14,7 +14,7 @@ from socket import gethostname, gethostbyname import param import registry -from samba import Ldb, substitute_var +from samba import Ldb, substitute_var, valid_netbios_name from ldb import Dn, SCOPE_SUBTREE, SCOPE_ONELEVEL, SCOPE_BASE, LdbError, \ LDB_ERR_NO_SUCH_OBJECT, timestring @@ -191,14 +191,17 @@ % (res[0].dn, unixname) ldb.modify(ldb.parse_ldif(mod).next()[1]) + def hostip(): return first host IP. return gethostbyname(hostname()) + def hostname(): return first part of hostname. return gethostname().split(.)[0] + def ldb_delete(ldb): Delete a LDB file. @@ -805,15 +808,6 @@ ldb.transaction_commit() -def valid_netbios_name(name): -Check whether a name is valid as a NetBIOS name. -# FIXME: There are probably more constraints here. -# crh has a paragraph on this in his book (1.4.1.1) -if len(name) 13: -return False -return True - - def join_domain(domain, netbios_name, join_type, creds, message): ctx = NetContext(creds) joindom = object()
[SCM] Samba Shared Repository - branch v3-2-test updated - initial-v3-2-unstable-570-gf98082c
The branch, v3-2-test has been updated via f98082ccf048a2de6fea8d922264879305b3d2c8 (commit) via 4e6df5547167fc235971498cb296a5f74dec8b8b (commit) via 49f06a2fa70e469bcb5fe17852af011dac32994b (commit) via 874258195278bc8c6bb3011c153c5d646fff9e75 (commit) via 2f3c865707010bc7c463a02782dbee3dc2479da1 (commit) via 1f317f471af72f8bbc6c9fdd3e79a27c59e6fb6e (commit) via 8ee502e1e59960fd8db037f0adf1171b2a18cec5 (commit) via 0006b14d38b80562458b37f616c9b68a3168fe64 (commit) from 677ac6adc38b0747f825ee597e0502277a8f74b1 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit f98082ccf048a2de6fea8d922264879305b3d2c8 Author: Volker Lendecke [EMAIL PROTECTED] Date: Sun Dec 9 19:03:49 2007 +0100 Simplify add_session_user commit 4e6df5547167fc235971498cb296a5f74dec8b8b Author: Volker Lendecke [EMAIL PROTECTED] Date: Fri Dec 7 10:45:33 2007 +0100 Increase debug level commit 49f06a2fa70e469bcb5fe17852af011dac32994b Author: Volker Lendecke [EMAIL PROTECTED] Date: Wed Dec 5 21:09:57 2007 +0100 Move stuff from data to text commit 874258195278bc8c6bb3011c153c5d646fff9e75 Author: Volker Lendecke [EMAIL PROTECTED] Date: Wed Dec 5 20:58:25 2007 +0100 int-bool commit 2f3c865707010bc7c463a02782dbee3dc2479da1 Author: Volker Lendecke [EMAIL PROTECTED] Date: Wed Dec 5 20:53:22 2007 +0100 Tiny simplifications locking.c:open_read_only was unused don't export the silly boolean flag locking_init(bool read_only) commit 1f317f471af72f8bbc6c9fdd3e79a27c59e6fb6e Author: Volker Lendecke [EMAIL PROTECTED] Date: Wed Dec 5 20:41:24 2007 +0100 Remove a static commit 8ee502e1e59960fd8db037f0adf1171b2a18cec5 Author: Volker Lendecke [EMAIL PROTECTED] Date: Wed Dec 5 20:30:53 2007 +0100 Remove two statics commit 0006b14d38b80562458b37f616c9b68a3168fe64 Author: Volker Lendecke [EMAIL PROTECTED] Date: Wed Dec 5 18:46:53 2007 +0100 remove a static --- Summary of changes: source/locking/brlock.c|7 + source/locking/locking.c | 44 + source/locking/posix.c | 58 +-- source/printing/printing.c | 32 ++-- source/smbd/dfree.c|4 +- source/smbd/mangle_hash.c |4 +- source/smbd/open.c |2 +- source/smbd/password.c | 58 +++- source/smbd/server.c |2 +- source/torture/locktest2.c |2 +- source/utils/status.c |2 +- source/web/statuspage.c|2 +- 12 files changed, 96 insertions(+), 121 deletions(-) Changeset truncated at 500 lines: diff --git a/source/locking/brlock.c b/source/locking/brlock.c index f821761..eb42d08 100644 --- a/source/locking/brlock.c +++ b/source/locking/brlock.c @@ -258,7 +258,7 @@ static NTSTATUS brl_lock_failed(files_struct *fsp, const struct lock_struct *loc Open up the brlock.tdb database. / -void brl_init(int read_only) +void brl_init(bool read_only) { if (brlock_db) { return; @@ -279,11 +279,8 @@ void brl_init(int read_only) Close down the brlock.tdb database. / -void brl_shutdown(int read_only) +void brl_shutdown(void) { - if (!brlock_db) { - return; - } TALLOC_FREE(brlock_db); } diff --git a/source/locking/locking.c b/source/locking/locking.c index eb7531d..dab21e5 100644 --- a/source/locking/locking.c +++ b/source/locking/locking.c @@ -385,9 +385,7 @@ void locking_close_file(struct messaging_context *msg_ctx, Initialise the locking functions. / -static int open_read_only; - -bool locking_init(int read_only) +static bool locking_init_internal(bool read_only) { brl_init(read_only); @@ -408,36 +406,38 @@ bool locking_init(int read_only) if (!posix_locking_init(read_only)) return False; - open_read_only = read_only; - return True; } +bool locking_init(void) +{ + return locking_init_internal(false); +} + +bool locking_init_readonly(void) +{ + return locking_init_internal(true); +} + /*** Deinitialize the share_mode management. **/ bool locking_end(void) { - brl_shutdown(open_read_only); - if (lock_db) { - TALLOC_FREE(lock_db); - } - return True; + brl_shutdown(); + TALLOC_FREE(lock_db); + return true; }
[SCM] Samba Shared Repository - branch v3-0-test updated - release-3-0-27a-17-g9c0590c
The branch, v3-0-test has been updated via 9c0590cbca8128a76300d0e5b3f5b8e479d8080f (commit) via 191dc2bfd22a4a4d55779281c63e4b570ac6f24b (commit) from f62fe6ed60f1b9806d58c19df809ce85d596933f (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-0-test - Log - commit 9c0590cbca8128a76300d0e5b3f5b8e479d8080f Author: Volker Lendecke [EMAIL PROTECTED] Date: Mon Dec 10 11:47:17 2007 +0100 Correctly unbecome_root() on error commit 191dc2bfd22a4a4d55779281c63e4b570ac6f24b Author: Michael Adam [EMAIL PROTECTED] Date: Thu Dec 6 01:13:07 2007 +0100 Fix a debug message (add a newline). Michael --- Summary of changes: source/auth/auth_util.c |2 ++ source/nsswitch/idmap.c |2 +- 2 files changed, 3 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source/auth/auth_util.c b/source/auth/auth_util.c index 6fbec48..32224fa 100644 --- a/source/auth/auth_util.c +++ b/source/auth/auth_util.c @@ -956,6 +956,7 @@ static struct nt_user_token *create_local_nt_token(TALLOC_CTX *mem_ctx, status = add_aliases(get_global_sam_sid(), result); if (!NT_STATUS_IS_OK(status)) { + unbecome_root(); TALLOC_FREE(result); return NULL; } @@ -965,6 +966,7 @@ static struct nt_user_token *create_local_nt_token(TALLOC_CTX *mem_ctx, status = add_aliases(global_sid_Builtin, result); if (!NT_STATUS_IS_OK(status)) { + unbecome_root(); TALLOC_FREE(result); return NULL; } diff --git a/source/nsswitch/idmap.c b/source/nsswitch/idmap.c index 9c38f6b..676ab6e 100644 --- a/source/nsswitch/idmap.c +++ b/source/nsswitch/idmap.c @@ -906,7 +906,7 @@ static NTSTATUS idmap_can_map(const struct id_map *map, if ( (dom = find_idmap_domain_from_sid( map-sid )) == NULL ) { /* huh, couldn't find a suitable domain, * let's just leave it unmapped */ - DEBUG(10, (Could not find idmap backend for SID %s, + DEBUG(10, (Could not find idmap backend for SID %s\n, sid_string_static(map-sid))); return NT_STATUS_NO_SUCH_DOMAIN; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-2-test updated - initial-v3-2-unstable-571-gaec5f15
The branch, v3-2-test has been updated via aec5f1512660953168a2c55b2890cd6c076b8a92 (commit) from f98082ccf048a2de6fea8d922264879305b3d2c8 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit aec5f1512660953168a2c55b2890cd6c076b8a92 Author: Volker Lendecke [EMAIL PROTECTED] Date: Mon Dec 10 11:47:17 2007 +0100 Correctly unbecome_root() on error --- Summary of changes: source/auth/token_util.c |2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source/auth/token_util.c b/source/auth/token_util.c index bc6bea5..63672bc 100644 --- a/source/auth/token_util.c +++ b/source/auth/token_util.c @@ -395,6 +395,7 @@ struct nt_user_token *create_local_nt_token(TALLOC_CTX *mem_ctx, status = add_aliases(get_global_sam_sid(), result); if (!NT_STATUS_IS_OK(status)) { + unbecome_root(); TALLOC_FREE(result); return NULL; } @@ -404,6 +405,7 @@ struct nt_user_token *create_local_nt_token(TALLOC_CTX *mem_ctx, status = add_aliases(global_sid_Builtin, result); if (!NT_STATUS_IS_OK(status)) { + unbecome_root(); TALLOC_FREE(result); return NULL; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-2-test updated - initial-v3-2-unstable-578-ge816293
The branch, v3-2-test has been updated via e81629339589e2e7f464b3dca55730ff2d0877e4 (commit) via 66bd6837b593a7127bd5098afc990d3fb7a5a35a (commit) via 54e5d4404619443caed32e2acff8921cdbff9ed1 (commit) via c871fd802f3c0c5ef1f63b2d01a636c885f22b23 (commit) via 8a3289f913fc0432211b0e9937da1d71d4e18893 (commit) via efa8764c21edfbd09f535900ba37359d72903bf8 (commit) via 1e214b536b0628db299d701839e62a4ac52727c9 (commit) from aec5f1512660953168a2c55b2890cd6c076b8a92 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit e81629339589e2e7f464b3dca55730ff2d0877e4 Author: Volker Lendecke [EMAIL PROTECTED] Date: Sat Nov 24 21:42:46 2007 +0100 use dbwrap_rbt in loadparm.c commit 66bd6837b593a7127bd5098afc990d3fb7a5a35a Author: Volker Lendecke [EMAIL PROTECTED] Date: Sat Nov 24 19:56:41 2007 +0100 Convert ServiceHash to dbwrap commit 54e5d4404619443caed32e2acff8921cdbff9ed1 Author: Volker Lendecke [EMAIL PROTECTED] Date: Fri Nov 9 23:43:24 2007 +0100 dbwrap_rbt This is meant as a replacement for the internal tdb. To me it seems a bit silly that for in-memory structures we do our own memory management. With this rbt based approach we can make use of the system-supplied malloc. commit c871fd802f3c0c5ef1f63b2d01a636c885f22b23 Author: Volker Lendecke [EMAIL PROTECTED] Date: Mon Dec 10 13:20:24 2007 +0100 Make the Linux rbtrees compile within Samba commit 8a3289f913fc0432211b0e9937da1d71d4e18893 Author: Volker Lendecke [EMAIL PROTECTED] Date: Mon Dec 10 13:11:51 2007 +0100 Add rbtree.[ch] from the Linux kernel These are copies taken from 94545baded0bfbabdc30a3a4cb48b3db479dd6ef from Linus' kernel tree commit efa8764c21edfbd09f535900ba37359d72903bf8 Author: Volker Lendecke [EMAIL PROTECTED] Date: Sat Nov 24 20:21:19 2007 +0100 Add db_tdb_fetch commit 1e214b536b0628db299d701839e62a4ac52727c9 Author: Volker Lendecke [EMAIL PROTECTED] Date: Sat Nov 24 19:56:16 2007 +0100 Add dbwrap bystring service routines --- Summary of changes: source/Makefile.in |6 +- source/include/dbwrap.h |5 + source/include/rbtree.h | 132 +++ source/lib/dbwrap.c | 42 + source/lib/dbwrap_rbt.c | 303 + source/lib/dbwrap_tdb.c | 27 +++ source/lib/rbtree.c | 422 ++ source/param/loadparm.c | 73 +--- source/torture/torture.c | 83 + 9 files changed, 1063 insertions(+), 30 deletions(-) create mode 100644 source/include/rbtree.h create mode 100644 source/lib/dbwrap_rbt.c create mode 100644 source/lib/rbtree.c Changeset truncated at 500 lines: diff --git a/source/Makefile.in b/source/Makefile.in index f686ac0..e636a91 100644 --- a/source/Makefile.in +++ b/source/Makefile.in @@ -224,8 +224,8 @@ TDBBASE_OBJ = lib/tdb/common/tdb.o lib/tdb/common/dump.o lib/tdb/common/error.o lib/tdb/common/open.o lib/tdb/common/transaction.o \ lib/tdb/common/traverse.o -TDB_OBJ = $(TDBBASE_OBJ) lib/util_tdb.o\ - lib/dbwrap.o lib/dbwrap_tdb.o lib/dbwrap_ctdb.o +TDB_OBJ = $(TDBBASE_OBJ) lib/util_tdb.o \ + lib/dbwrap.o lib/dbwrap_tdb.o lib/dbwrap_ctdb.o lib/dbwrap_rbt.o SMBLDAP_OBJ = @SMBLDAP@ @SMBLDAPUTIL@ @@ -282,7 +282,7 @@ TALLOC_OBJ = lib/talloc/talloc.o LIB_WITHOUT_PROTO_OBJ = $(LIBREPLACE_OBJ) $(SOCKET_WRAPPER_OBJ) $(NSS_WRAPPER_OBJ) $(TALLOC_OBJ) \ lib/messages.o librpc/gen_ndr/ndr_messaging.o lib/messages_local.o \ lib/messages_ctdbd.o lib/packet.o lib/ctdbd_conn.o lib/talloc_stack.o \ - lib/interfaces.o + lib/interfaces.o lib/rbtree.o LIB_WITH_PROTO_OBJ = $(VERSION_OBJ) lib/charcnv.o lib/debug.o lib/fault.o \ lib/interface.o lib/md4.o \ diff --git a/source/include/dbwrap.h b/source/include/dbwrap.h index c175f69..3bb378c 100644 --- a/source/include/dbwrap.h +++ b/source/include/dbwrap.h @@ -50,5 +50,10 @@ struct db_context *db_open(TALLOC_CTX *mem_ctx, int hash_size, int tdb_flags, int open_flags, mode_t mode); +NTSTATUS dbwrap_delete_bystring(struct db_context *db, const char *key); +NTSTATUS dbwrap_store_bystring(struct db_context *db, const char *key, + TDB_DATA data, int flags); +TDB_DATA dbwrap_fetch_bystring(struct db_context *db, TALLOC_CTX *mem_ctx, + const char *key); #endif /* __DBWRAP_H__ */ diff --git a/source/include/rbtree.h b/source/include/rbtree.h new file mode 100644 index 000..1cfd346 --- /dev/null +++ b/source/include/rbtree.h @@ -0,0 +1,132 @@ +/* + Red Black Trees + (C) 1999 Andrea Arcangeli [EMAIL PROTECTED] + + This program is free software; you can redistribute it and/or modify + it
[SCM] Samba Shared Repository - branch v3-0-test updated - release-3-0-27a-27-g452e964
The branch, v3-0-test has been updated via 452e964995afe5a43040c8bdcadc9c45a1e1d007 (commit) via 5cc2baea238b49b99d69099a12c3c02ac4860a52 (commit) via 82bd5484ad502f2afdb771a27a12a39459cb2ec0 (commit) via f5afd08483dec2bd1c53c10550e512e12ebe4ab1 (commit) via e1abd8c2265dd63d5de388e7d8047c80204bb36e (commit) via 1f7b4c72d953d2fc9d18eb96a4c7739ae36b5a3d (commit) via 62197dd367e7c04759560f395f554b2bfda90d78 (commit) via 64547bd884668d801c3ac48ff3374bf02a2d0959 (commit) via b14aa30006033d9dbaa8120bc419406535d620b8 (commit) via 6a9610ba27f802136f1ca8a94816d552df17a166 (commit) from 9c0590cbca8128a76300d0e5b3f5b8e479d8080f (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-0-test - Log - commit 452e964995afe5a43040c8bdcadc9c45a1e1d007 Merge: f5afd08483dec2bd1c53c10550e512e12ebe4ab1 5cc2baea238b49b99d69099a12c3c02ac4860a52 Author: Gerald (Jerry) Carter [EMAIL PROTECTED] Date: Mon Dec 10 09:30:23 2007 -0600 Merge branch 'v3-0-stable' into v3-0-test commit f5afd08483dec2bd1c53c10550e512e12ebe4ab1 Merge: 9c0590cbca8128a76300d0e5b3f5b8e479d8080f e1abd8c2265dd63d5de388e7d8047c80204bb36e Author: Gerald (Jerry) Carter [EMAIL PROTECTED] Date: Mon Dec 10 08:34:15 2007 -0600 Merge branch 'v3-0-stable' into v3-0-test Resolved conflicts in source/VERSION. --- Summary of changes: WHATSNEW.txt | 39 +++ source/VERSION |4 ++-- source/lib/version.c |6 +++--- source/libsmb/clidgram.c |6 ++ source/nmbd/nmbd_packets.c |6 ++ 5 files changed, 52 insertions(+), 9 deletions(-) Changeset truncated at 500 lines: diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 9b5494c..bd4fe02 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,3 +1,38 @@ + == + Release Notes for Samba 3.0.28 +Dec 10, 2007 + == + +Samba 3.0.28 is a security release in order to address the following +defect: + + o CVS-2007-6015 +Boundary failure in GETDC mailslot processing can result in +a buffer overrun + +The original security announcement for this and past advisories can +be found http://www.samba.org/samba/security/ + +## +Changes +### + +Changes since 3.0.27a +- + +o Jeremy Allison [EMAIL PROTECTED] +* Fix for CVS-2007-0615. + +o Volker Lendecke [EMAIL PROTECTED] +* Fix for CVS-2007-0615. +* Add missing unbecome_root() calls in error path processing + when failing to add local groups in create_local_nt_token(). + + +Release notes for older releases follow: + + -- + === Release Notes for Samba 3.0.27a Nov 20, 2007 @@ -86,8 +121,6 @@ o Martin Zielinski [EMAIL PROTECTED] -Release notes for older releases follow: - -- == @@ -124,8 +157,6 @@ o Simo Sorce [EMAIL PROTECTED] * Additional fixes for CVS-2007-4572. -Release notes for older releases follow: - -- === Release Notes for Samba 3.0.26a diff --git a/source/VERSION b/source/VERSION index 1f38b98..4095e11 100644 --- a/source/VERSION +++ b/source/VERSION @@ -25,7 +25,7 @@ SAMBA_VERSION_MAJOR=3 SAMBA_VERSION_MINOR=0 -SAMBA_VERSION_RELEASE=27 +SAMBA_VERSION_RELEASE=28 # Bug fix releases use a letter for the patch revision # @@ -36,7 +36,7 @@ SAMBA_VERSION_RELEASE=27 # e.g. SAMBA_VERSION_REVISION=a# # - 2.2.8a# -SAMBA_VERSION_REVISION=b +SAMBA_VERSION_REVISION=a # For 'pre' releases the version will be # diff --git a/source/lib/version.c b/source/lib/version.c index ee8c3eb..93fd108 100644 --- a/source/lib/version.c +++ b/source/lib/version.c @@ -28,7 +28,7 @@ const char *samba_version_string(void) #else static fstring samba_version; static BOOL init_samba_version; -#ifdef SAMBA_VENDOR_PATCH +#ifdef SAMBA_VERSION_VENDOR_PATCH fstring tmp_version; size_t remaining; #endif @@ -40,9 +40,9 @@ const char *samba_version_string(void)
[SCM] Samba Shared Repository - branch v3-0-stable updated - release-3-0-27a-12-g5cc2bae
The branch, v3-0-stable has been updated via 5cc2baea238b49b99d69099a12c3c02ac4860a52 (commit) via 82bd5484ad502f2afdb771a27a12a39459cb2ec0 (commit) via e1abd8c2265dd63d5de388e7d8047c80204bb36e (commit) via 1f7b4c72d953d2fc9d18eb96a4c7739ae36b5a3d (commit) via 62197dd367e7c04759560f395f554b2bfda90d78 (commit) via 64547bd884668d801c3ac48ff3374bf02a2d0959 (commit) via b14aa30006033d9dbaa8120bc419406535d620b8 (commit) via 6a9610ba27f802136f1ca8a94816d552df17a166 (commit) from 2b4189175a4e54c922136dbfb35c276730a4039a (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-0-stable - Log - --- Summary of changes: WHATSNEW.txt | 39 +++ source/VERSION | 10 +- source/auth/auth_util.c|2 ++ source/lib/version.c |6 +++--- source/libsmb/clidgram.c |6 ++ source/nmbd/nmbd_packets.c |6 ++ 6 files changed, 57 insertions(+), 12 deletions(-) Changeset truncated at 500 lines: diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 9b5494c..bd4fe02 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,3 +1,38 @@ + == + Release Notes for Samba 3.0.28 +Dec 10, 2007 + == + +Samba 3.0.28 is a security release in order to address the following +defect: + + o CVS-2007-6015 +Boundary failure in GETDC mailslot processing can result in +a buffer overrun + +The original security announcement for this and past advisories can +be found http://www.samba.org/samba/security/ + +## +Changes +### + +Changes since 3.0.27a +- + +o Jeremy Allison [EMAIL PROTECTED] +* Fix for CVS-2007-0615. + +o Volker Lendecke [EMAIL PROTECTED] +* Fix for CVS-2007-0615. +* Add missing unbecome_root() calls in error path processing + when failing to add local groups in create_local_nt_token(). + + +Release notes for older releases follow: + + -- + === Release Notes for Samba 3.0.27a Nov 20, 2007 @@ -86,8 +121,6 @@ o Martin Zielinski [EMAIL PROTECTED] -Release notes for older releases follow: - -- == @@ -124,8 +157,6 @@ o Simo Sorce [EMAIL PROTECTED] * Additional fixes for CVS-2007-4572. -Release notes for older releases follow: - -- === Release Notes for Samba 3.0.26a diff --git a/source/VERSION b/source/VERSION index 4a0e3bd..d80ff13 100644 --- a/source/VERSION +++ b/source/VERSION @@ -25,7 +25,7 @@ SAMBA_VERSION_MAJOR=3 SAMBA_VERSION_MINOR=0 -SAMBA_VERSION_RELEASE=27 +SAMBA_VERSION_RELEASE=28 # Bug fix releases use a letter for the patch revision # @@ -36,7 +36,7 @@ SAMBA_VERSION_RELEASE=27 # e.g. SAMBA_VERSION_REVISION=a# # - 2.2.8a# -SAMBA_VERSION_REVISION=a +SAMBA_VERSION_REVISION= # For 'pre' releases the version will be # @@ -68,7 +68,7 @@ SAMBA_VERSION_RC_RELEASE= # e.g. SAMBA_VERSION_IS_SVN_SNAPSHOT=yes # # - 3.0.0-SVN-build-199 # -SAMBA_VERSION_IS_GIT_SNAPSHOT=yes +SAMBA_VERSION_IS_GIT_SNAPSHOT= # This can be set by vendors if they want... # @@ -95,5 +95,5 @@ SAMBA_VERSION_IS_GIT_SNAPSHOT=yes # e.g. SAMBA_VERSION_VENDOR_SUFFIX=vendor_version()# # - CVS 3.0.0rc2-VendorVersion# -SAMBA_VERSION_VENDOR_SUFFIX=stable -SAMBA_VENDOR_PATCH= +SAMBA_VERSION_VENDOR_SUFFIX= +SAMBA_VERSION_VENDOR_PATCH= diff --git a/source/auth/auth_util.c b/source/auth/auth_util.c index 6fbec48..32224fa 100644 --- a/source/auth/auth_util.c +++ b/source/auth/auth_util.c @@ -956,6 +956,7 @@ static struct nt_user_token *create_local_nt_token(TALLOC_CTX *mem_ctx, status = add_aliases(get_global_sam_sid(), result); if (!NT_STATUS_IS_OK(status)) { + unbecome_root();
[SCM] Samba Shared Repository - annotated tag release-3-0-28 created - release-3-0-28
The annotated tag, release-3-0-28 has been created at 4e73bbd9dd682db9d49b5a074d8dd8c78d81a2e2 (tag) tagging 5cc2baea238b49b99d69099a12c3c02ac4860a52 (commit) replaces release-3-0-27a tagged by Gerald (Jerry) Carter on Mon Dec 10 09:31:46 2007 -0600 - Log - Tagging Samba 3.0.28 release -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQBHXVvsIR7qMdg1EfYRAqLTAKDLXQzyGYXCSPMeyitMGPWT2zimhgCgpEBz VovsQ1GTD5h3Z/2CEJXYzxk= =ujU0 -END PGP SIGNATURE- Gerald (Jerry) Carter (10): Copy the full release notes from the 3.0.27 tag. Update release notes for the 3.0.27a release. Set version to 3.0.27a-GIT--stable Merge commit 'release-3-0-27a' into v3-0-stable Fix from Volker for CVE-2007-6015 (send_mailslot() buffer overrun). Fix from Jeremy for CVE-2007-6015 (send_mailslot() buffer overrun). Set release version to 3.0.28. Update release notes for 3.0.28 Remove -stable vendor suffix from release Additional fixes for SAMBA_VERSION_VENDOR_PATCH in lib/version.c Michael Adam (1): Adapt VERSION to use SAMBA_VERSION_VENDOR_PATCH instead of Volker Lendecke (1): Correctly unbecome_root() on error --- -- Samba Shared Repository
svn commit: samba-web r1158 - in trunk: . history
Author: jerry Date: 2007-12-10 15:33:46 + (Mon, 10 Dec 2007) New Revision: 1158 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-webrev=1158 Log: Announce Samba 3.0.28 Added: trunk/history/samba-3.0.28.html Modified: trunk/header_columns.html trunk/history/header_history.html trunk/history/security.html trunk/index.html Changeset: Modified: trunk/header_columns.html === --- trunk/header_columns.html 2007-11-23 13:26:41 UTC (rev 1157) +++ trunk/header_columns.html 2007-12-10 15:33:46 UTC (rev 1158) @@ -129,9 +129,9 @@ div class=releases h4Current Stable Release/h4 ul -lia href=/samba/ftp/stable/samba-3.0.27a.tar.gzSamba 3.0.27a (gzipped)/a/li -lia href=/samba/history/samba-3.0.27a.htmlRelease Notes/a/li -lia href=/samba/ftp/stable/samba-3.0.27a.tar.ascSignature/a/li +lia href=/samba/ftp/stable/samba-3.0.28.tar.gzSamba 3.0.28 (gzipped)/a/li +lia href=/samba/history/samba-3.0.28.htmlRelease Notes/a/li +lia href=/samba/ftp/stable/samba-3.0.28.tar.ascSignature/a/li /ul h4Historical/h4 Modified: trunk/history/header_history.html === --- trunk/history/header_history.html 2007-11-23 13:26:41 UTC (rev 1157) +++ trunk/history/header_history.html 2007-12-10 15:33:46 UTC (rev 1158) @@ -77,6 +77,7 @@ div class=notes h6Release Notes/h6 ul +lia href=samba-3.0.28.htmlsamba-3.0.28/a/li lia href=samba-3.0.27a.htmlsamba-3.0.27a/a/li lia href=samba-3.0.27.htmlsamba-3.0.27/a/li lia href=samba-3.0.26a.htmlsamba-3.0.26a/a/li Added: trunk/history/samba-3.0.28.html === --- trunk/history/samba-3.0.28.html 2007-11-23 13:26:41 UTC (rev 1157) +++ trunk/history/samba-3.0.28.html 2007-12-10 15:33:46 UTC (rev 1158) @@ -0,0 +1,51 @@ +!DOCTYPE html PUBLIC -//W3C//DTD XHTML 1.0 Transitional//EN +http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd; +html xmlns=http://www.w3.org/1999/xhtml; + +head +titleSamba - Release Notes Archive/title +/head + +body + + H2Samba 3.0.28 Available for Download/H2 + +p +pre + == + Release Notes for Samba 3.0.28 +Dec 10, 2007 + == + +Samba 3.0.28 is a security release in order to address the following +defect: + + o CVS-2007-6015 +Boundary failure in GETDC mailslot processing can result in +a buffer overrun + +The original security announcement for this and past advisories can +be found http://www.samba.org/samba/security/ + +## +Changes +### + +Changes since 3.0.27a +- + +o Jeremy Allison [EMAIL PROTECTED] +* Fix for CVS-2007-0615. + +o Volker Lendecke [EMAIL PROTECTED] +* Fix for CVS-2007-0615. +* Add missing unbecome_root() calls in error path processing + when failing to add local groups in create_local_nt_token(). +/pre + +pPlease refer to the original a href=/samba/history/samba-3.0.27a.htmlSamba +3.0.27a Release Notes/a for more details regarding changes in +previous releases./p +/body +/html + Property changes on: trunk/history/samba-3.0.28.html ___ Name: svn:executable + * Modified: trunk/history/security.html === --- trunk/history/security.html 2007-11-23 13:26:41 UTC (rev 1157) +++ trunk/history/security.html 2007-12-10 15:33:46 UTC (rev 1158) @@ -22,6 +22,15 @@ /tr tr +td10 Dec 2007/td +tda href=/samba/ftp/patches/security/samba-3.0.27a-CVE-2007-6015.patchpatch for Samba 3.0.27a/a/td +tdRemote Code Execution in Samba's nmbd (send_mailslot())/td +tdSamba 3.0.0 - 3.0.27a/td +tda href=http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0615;CVE-2007-6015/a/td +tda href=/samba/security/CVE-2007-6015.htmlAnnouncement/a/td +/tr + +tr td15 Nov 2007/td tda href=/samba/ftp/patches/security/samba-3.0.26a-CVE-2007-5398.patchpatch for Samba 3.0.26a/a/td tdRemote Code Execution in Samba's nmbd/td Modified: trunk/index.html === --- trunk/index.html2007-11-23 13:26:41 UTC (rev 1157) +++ trunk/index.html2007-12-10 15:33:46 UTC (rev 1158) @@ -19,18 +19,17 @@ h2Current Release/h2 -h4a name=latest20 Nov 2007/a/h4 -p class=headlineSamba 3.0.27a Available for Download/p +h4a name=latest10 Dec 2007/a/h4 +p class=headlineSamba 3.0.28 Available for Download/p -pSamba 3.0.27a is a bug fix release and is the current release - for production servers running the Samba 3.0
svn commit: samba-web r1159 - in trunk/security: .
Author: jerry Date: 2007-12-10 15:37:34 + (Mon, 10 Dec 2007) New Revision: 1159 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-webrev=1159 Log: Adding original security advisory for CVE-2007-6015 Added: trunk/security/CVE-2007-6015.html Changeset: Added: trunk/security/CVE-2007-6015.html === --- trunk/security/CVE-2007-6015.html 2007-12-10 15:33:46 UTC (rev 1158) +++ trunk/security/CVE-2007-6015.html 2007-12-10 15:37:34 UTC (rev 1159) @@ -0,0 +1,85 @@ +!DOCTYPE html PUBLIC -//W3C//DTD XHTML 1.0 Transitional//EN +http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd; +html xmlns=http://www.w3.org/1999/xhtml; + +head +titleSamba - Security Announcement Archive/title +/head + +body + + H2CVE-2007-6015 - Remote Code Execution in Samba's nmbd (send_mailslot())/H2 + +p +pre +== +== +== Subject: Boundary failure in GETDC mailslot +== processing can result in a buffer overrun +== +== CVE ID#: CVE-2007-6015 +== +== Versions:Samba 3.0.0 - 3.0.27a (inclusive) +== +== Summary: Specifically crafted GETDC mailslot requests +== can trigger a boundary error in the domain +== controller GETDC mail slot support which +== can be remotely exploited to execute arbitrary +== code. +== +== + +=== +Description +=== + +Secunia Research reported a vulnerability that allows for +the execution of arbitrary code in nmbd. This defect is +only be exploited when the quot;domain logonsquot; parameter has +been enabled in smb.conf. + + +== +Patch Availability +== + +A patch addressing this defect has been posted to + + http://www.samba.org/samba/security/ + +Additionally, Samba 3.0.28 has been issued as a security +release to correct the defect. + + +== +Workaround +== + +Samba administrators may avoid this security issue by disabling +both the quot;domain logonsquot; options in the server's smb.conf file. +Note that this will disable all domain controller features as +well. + + +=== +Credits +=== + +This vulnerability was reported to Samba developers by +Alin Rad Pop, Secunia Research. + +The time line is as follows: + +* Nov 22, 2007: Initial report to [EMAIL PROTECTED] +* Nov 22, 2007: First response from Samba developers confirming + the bug along with a proposed patch. +* Dec 10, 2007: Public security advisory made available. + + +== +== Our Code, Our Bugs, Our Responsibility. +== The Samba Team +== +/pre +/body +/html
svn commit: samba-web r1160 - in trunk/history: .
Author: jerry Date: 2007-12-10 15:45:46 + (Mon, 10 Dec 2007) New Revision: 1160 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-webrev=1160 Log: Fix bad link in mitre.org link for CVE-2007-6015 Modified: trunk/history/security.html Changeset: Modified: trunk/history/security.html === --- trunk/history/security.html 2007-12-10 15:37:34 UTC (rev 1159) +++ trunk/history/security.html 2007-12-10 15:45:46 UTC (rev 1160) @@ -26,7 +26,7 @@ tda href=/samba/ftp/patches/security/samba-3.0.27a-CVE-2007-6015.patchpatch for Samba 3.0.27a/a/td tdRemote Code Execution in Samba's nmbd (send_mailslot())/td tdSamba 3.0.0 - 3.0.27a/td -tda href=http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0615;CVE-2007-6015/a/td +tda href=http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6015;CVE-2007-6015/a/td tda href=/samba/security/CVE-2007-6015.htmlAnnouncement/a/td /tr
svn commit: samba-web r1161 - in trunk/history: .
Author: jerry Date: 2007-12-10 15:57:19 + (Mon, 10 Dec 2007) New Revision: 1161 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-webrev=1161 Log: Fix typo in release notes for 3.0.28 Modified: trunk/history/samba-3.0.28.html Changeset: Modified: trunk/history/samba-3.0.28.html === --- trunk/history/samba-3.0.28.html 2007-12-10 15:45:46 UTC (rev 1160) +++ trunk/history/samba-3.0.28.html 2007-12-10 15:57:19 UTC (rev 1161) @@ -20,7 +20,7 @@ Samba 3.0.28 is a security release in order to address the following defect: - o CVS-2007-6015 + o CVE-2007-6015 Boundary failure in GETDC mailslot processing can result in a buffer overrun @@ -35,10 +35,10 @@ - o Jeremy Allison [EMAIL PROTECTED] -* Fix for CVS-2007-0615. +* Fix for CVE-2007-6015. o Volker Lendecke [EMAIL PROTECTED] -* Fix for CVS-2007-0615. +* Fix for CVE-2007-6015. * Add missing unbecome_root() calls in error path processing when failing to add local groups in create_local_nt_token(). /pre
[SCM] Samba Shared Repository - branch v3-0-test updated - release-3-0-28-17-g46a7806
The branch, v3-0-test has been updated via 46a780679b87132dbf76af3e684c2124b33a1edc (commit) via 06160682fba61e97c9837d1c074bb73d449f6e72 (commit) from 452e964995afe5a43040c8bdcadc9c45a1e1d007 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-0-test - Log - commit 46a780679b87132dbf76af3e684c2124b33a1edc Merge: 452e964995afe5a43040c8bdcadc9c45a1e1d007 06160682fba61e97c9837d1c074bb73d449f6e72 Author: Gerald (Jerry) Carter [EMAIL PROTECTED] Date: Mon Dec 10 09:59:46 2007 -0600 Merge branch 'v3-0-stable' into v3-0-test --- Summary of changes: WHATSNEW.txt | 12 ++-- 1 files changed, 6 insertions(+), 6 deletions(-) Changeset truncated at 500 lines: diff --git a/WHATSNEW.txt b/WHATSNEW.txt index bd4fe02..9e023d1 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -6,7 +6,7 @@ Samba 3.0.28 is a security release in order to address the following defect: - o CVS-2007-6015 + o CVE-2007-6015 Boundary failure in GETDC mailslot processing can result in a buffer overrun @@ -21,10 +21,10 @@ Changes since 3.0.27a - o Jeremy Allison [EMAIL PROTECTED] -* Fix for CVS-2007-0615. +* Fix for CVE-2007-6015. o Volker Lendecke [EMAIL PROTECTED] -* Fix for CVS-2007-0615. +* Fix for CVE-2007-6015. * Add missing unbecome_root() calls in error path processing when failing to add local groups in create_local_nt_token(). @@ -131,7 +131,7 @@ o Martin Zielinski [EMAIL PROTECTED] Samba 3.0.27 is a security release in order to address the following defects: - o CVS-2007-4572 + o CVE-2007-4572 Stack buffer overflow in nmbd's logon request processing. o CVE-2007-5398 @@ -149,12 +149,12 @@ Changes since 3.0.26a - o Jeremy Allison [EMAIL PROTECTED] -* Fix for CVS-2007-4572. +* Fix for CVE-2007-4572. * Fix for CVE-2007-5398. o Simo Sorce [EMAIL PROTECTED] -* Additional fixes for CVS-2007-4572. +* Additional fixes for CVE-2007-4572. -- -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-0-stable updated - release-3-0-28-1-g0616068
The branch, v3-0-stable has been updated via 06160682fba61e97c9837d1c074bb73d449f6e72 (commit) from 5cc2baea238b49b99d69099a12c3c02ac4860a52 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-0-stable - Log - --- Summary of changes: WHATSNEW.txt | 12 ++-- 1 files changed, 6 insertions(+), 6 deletions(-) Changeset truncated at 500 lines: diff --git a/WHATSNEW.txt b/WHATSNEW.txt index bd4fe02..9e023d1 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -6,7 +6,7 @@ Samba 3.0.28 is a security release in order to address the following defect: - o CVS-2007-6015 + o CVE-2007-6015 Boundary failure in GETDC mailslot processing can result in a buffer overrun @@ -21,10 +21,10 @@ Changes since 3.0.27a - o Jeremy Allison [EMAIL PROTECTED] -* Fix for CVS-2007-0615. +* Fix for CVE-2007-6015. o Volker Lendecke [EMAIL PROTECTED] -* Fix for CVS-2007-0615. +* Fix for CVE-2007-6015. * Add missing unbecome_root() calls in error path processing when failing to add local groups in create_local_nt_token(). @@ -131,7 +131,7 @@ o Martin Zielinski [EMAIL PROTECTED] Samba 3.0.27 is a security release in order to address the following defects: - o CVS-2007-4572 + o CVE-2007-4572 Stack buffer overflow in nmbd's logon request processing. o CVE-2007-5398 @@ -149,12 +149,12 @@ Changes since 3.0.26a - o Jeremy Allison [EMAIL PROTECTED] -* Fix for CVS-2007-4572. +* Fix for CVE-2007-4572. * Fix for CVE-2007-5398. o Simo Sorce [EMAIL PROTECTED] -* Additional fixes for CVS-2007-4572. +* Additional fixes for CVE-2007-4572. -- -- Samba Shared Repository
[SCM] Samba Shared Repository - annotated tag release-3-0-28 updated - release-3-0-28
The annotated tag, release-3-0-28 has been updated to 2823e00caae9aa7498e6f697cc7ec23db0974633 (tag) from 4e73bbd9dd682db9d49b5a074d8dd8c78d81a2e2 (which is now obsolete) tagging 06160682fba61e97c9837d1c074bb73d449f6e72 (commit) replaces release-3-0-27a tagged by Gerald (Jerry) Carter on Mon Dec 10 10:00:49 2007 -0600 - Log - Tagging Samba 3.0.28 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQBHXWK7IR7qMdg1EfYRAnCcAKCtacIxn/R2zgo69b0X8kQsAHvlHgCfaVWW jz1sPzvnQTbjmQw2BHVmFSg= =XcBh -END PGP SIGNATURE- Gerald (Jerry) Carter (11): Copy the full release notes from the 3.0.27 tag. Update release notes for the 3.0.27a release. Set version to 3.0.27a-GIT--stable Merge commit 'release-3-0-27a' into v3-0-stable Fix from Volker for CVE-2007-6015 (send_mailslot() buffer overrun). Fix from Jeremy for CVE-2007-6015 (send_mailslot() buffer overrun). Set release version to 3.0.28. Update release notes for 3.0.28 Remove -stable vendor suffix from release Additional fixes for SAMBA_VERSION_VENDOR_PATCH in lib/version.c Correct typos in the name of the CVE-2007-6015 references Michael Adam (1): Adapt VERSION to use SAMBA_VERSION_VENDOR_PATCH instead of Volker Lendecke (1): Correctly unbecome_root() on error --- -- Samba Shared Repository
svn commit: samba r26376 - in branches/SAMBA_4_0: . source/auth source/auth/kerberos source/client source/lib/socket source/libcli source/libcli/ldap source/libcli/raw source/libcli/resolve source/lib
Author: jelmer Date: 2007-12-10 18:41:19 + (Mon, 10 Dec 2007) New Revision: 26376 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=26376 Log: Add context for libcli_resolve. Modified: branches/SAMBA_4_0/ branches/SAMBA_4_0/source/auth/auth_server.c branches/SAMBA_4_0/source/auth/kerberos/krb5_init_context.c branches/SAMBA_4_0/source/client/client.c branches/SAMBA_4_0/source/lib/socket/connect.c branches/SAMBA_4_0/source/lib/socket/connect_multi.c branches/SAMBA_4_0/source/lib/socket/socket.h branches/SAMBA_4_0/source/lib/socket/testsuite.c branches/SAMBA_4_0/source/libcli/cliconnect.c branches/SAMBA_4_0/source/libcli/finddcs.c branches/SAMBA_4_0/source/libcli/ldap/ldap_client.c branches/SAMBA_4_0/source/libcli/raw/clisocket.c branches/SAMBA_4_0/source/libcli/raw/libcliraw.h branches/SAMBA_4_0/source/libcli/resolve/bcast.c branches/SAMBA_4_0/source/libcli/resolve/host.c branches/SAMBA_4_0/source/libcli/resolve/resolve.c branches/SAMBA_4_0/source/libcli/resolve/resolve.h branches/SAMBA_4_0/source/libcli/resolve/testsuite.c branches/SAMBA_4_0/source/libcli/resolve/wins.c branches/SAMBA_4_0/source/libcli/smb2/connect.c branches/SAMBA_4_0/source/libcli/smb2/smb2_calls.h branches/SAMBA_4_0/source/libcli/smb_composite/connect.c branches/SAMBA_4_0/source/libcli/wrepl/winsrepl.c branches/SAMBA_4_0/source/libnet/libnet.c branches/SAMBA_4_0/source/libnet/libnet.h branches/SAMBA_4_0/source/libnet/libnet_lookup.c branches/SAMBA_4_0/source/libnet/libnet_lookup.h branches/SAMBA_4_0/source/libnet/libnet_site.c branches/SAMBA_4_0/source/librpc/rpc/dcerpc.h branches/SAMBA_4_0/source/librpc/rpc/dcerpc_connect.c branches/SAMBA_4_0/source/librpc/rpc/dcerpc_secondary.c branches/SAMBA_4_0/source/librpc/rpc/dcerpc_sock.c branches/SAMBA_4_0/source/scripting/ejs/smbcalls_nbt.c branches/SAMBA_4_0/source/torture/basic/base.c branches/SAMBA_4_0/source/torture/ldap/cldapbench.c branches/SAMBA_4_0/source/torture/libnet/libnet_lookup.c branches/SAMBA_4_0/source/torture/nbt/dgram.c branches/SAMBA_4_0/source/torture/nbt/nbt.c branches/SAMBA_4_0/source/torture/smb2/scan.c branches/SAMBA_4_0/source/torture/smb2/util.c branches/SAMBA_4_0/source/winbind/wb_dom_info.c branches/SAMBA_4_0/source/winbind/wb_dom_info_trusted.c Changeset: Sorry, the patch is too large (1253 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=26376
svn commit: samba r26377 - in branches/SAMBA_4_0: . source/libcli source/libcli/nbt source/utils
Author: jelmer Date: 2007-12-10 18:41:29 + (Mon, 10 Dec 2007) New Revision: 26377 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=26377 Log: Specify port explicitly. Modified: branches/SAMBA_4_0/ branches/SAMBA_4_0/source/libcli/finddcs.c branches/SAMBA_4_0/source/libcli/nbt/libnbt.h branches/SAMBA_4_0/source/libcli/nbt/namequery.c branches/SAMBA_4_0/source/utils/nmblookup.c Changeset: Property changes on: branches/SAMBA_4_0 ___ Name: bzr:revision-info ...skipped... Name: bzr:revision-id:v3-trunk0 ...skipped... Modified: branches/SAMBA_4_0/source/libcli/finddcs.c === --- branches/SAMBA_4_0/source/libcli/finddcs.c 2007-12-10 18:41:19 UTC (rev 26376) +++ branches/SAMBA_4_0/source/libcli/finddcs.c 2007-12-10 18:41:29 UTC (rev 26377) @@ -189,6 +189,7 @@ state-node_status.in.name.type = NBT_NAME_CLIENT; state-node_status.in.name.scope = NULL; state-node_status.in.dest_addr = state-dcs[0].address; + state-node_status.in.dest_port = lp_nbt_port(global_loadparm); state-node_status.in.timeout = 1; state-node_status.in.retries = 2; Modified: branches/SAMBA_4_0/source/libcli/nbt/libnbt.h === --- branches/SAMBA_4_0/source/libcli/nbt/libnbt.h 2007-12-10 18:41:19 UTC (rev 26376) +++ branches/SAMBA_4_0/source/libcli/nbt/libnbt.h 2007-12-10 18:41:29 UTC (rev 26377) @@ -147,6 +147,7 @@ struct { struct nbt_name name; const char *dest_addr; + uint16_t dest_port; int timeout; /* in seconds */ int retries; } in; Modified: branches/SAMBA_4_0/source/libcli/nbt/namequery.c === --- branches/SAMBA_4_0/source/libcli/nbt/namequery.c2007-12-10 18:41:19 UTC (rev 26376) +++ branches/SAMBA_4_0/source/libcli/nbt/namequery.c2007-12-10 18:41:29 UTC (rev 26377) @@ -158,7 +158,7 @@ packet-questions[0].question_class = NBT_QCLASS_IP; dest = socket_address_from_strings(packet, nbtsock-sock-backend_name, - io-in.dest_addr, lp_nbt_port(global_loadparm)); + io-in.dest_addr, io-in.dest_port); if (dest == NULL) goto failed; req = nbt_name_request_send(nbtsock, dest, packet, io-in.timeout, io-in.retries, false); Modified: branches/SAMBA_4_0/source/utils/nmblookup.c === --- branches/SAMBA_4_0/source/utils/nmblookup.c 2007-12-10 18:41:19 UTC (rev 26376) +++ branches/SAMBA_4_0/source/utils/nmblookup.c 2007-12-10 18:41:29 UTC (rev 26377) @@ -104,7 +104,7 @@ /* do a single node status */ static bool do_node_status(struct nbt_name_socket *nbtsock, - const char *addr) + const char *addr, uint16_t port) { struct nbt_name_status io; NTSTATUS status; @@ -113,6 +113,7 @@ io.in.name.type = NBT_NAME_CLIENT; io.in.name.scope = NULL; io.in.dest_addr = addr; + io.in.dest_port = port; io.in.timeout = 1; io.in.retries = 2; @@ -172,7 +173,7 @@ io.out.name.type); } if (options.node_status io.out.num_addrs 0) { - do_node_status(nbtsock, io.out.reply_addrs[0]); + do_node_status(nbtsock, io.out.reply_addrs[0], port); } return status; @@ -229,7 +230,7 @@ } if (options.lookup_by_ip) { - ret = do_node_status(nbtsock, name); + ret = do_node_status(nbtsock, name, nbt_port); talloc_free(tmp_ctx); return ret; }
svn commit: samba r26378 - in branches/SAMBA_4_0: . source/libcli/resolve
Author: jelmer Date: 2007-12-10 18:41:33 + (Mon, 10 Dec 2007) New Revision: 26378 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=26378 Log: Remove use of global_loadparm. Modified: branches/SAMBA_4_0/ branches/SAMBA_4_0/source/libcli/resolve/bcast.c branches/SAMBA_4_0/source/libcli/resolve/resolve.c Changeset: Property changes on: branches/SAMBA_4_0 ___ Name: bzr:revision-info ...skipped... Name: bzr:revision-id:v3-trunk0 ...skipped... Modified: branches/SAMBA_4_0/source/libcli/resolve/bcast.c === --- branches/SAMBA_4_0/source/libcli/resolve/bcast.c2007-12-10 18:41:29 UTC (rev 26377) +++ branches/SAMBA_4_0/source/libcli/resolve/bcast.c2007-12-10 18:41:33 UTC (rev 26378) @@ -33,7 +33,8 @@ void *userdata, struct nbt_name *name) { - int num_interfaces = iface_count(global_loadparm); + struct loadparm_context *lp_ctx = userdata; + int num_interfaces = iface_count(lp_ctx); const char **address_list; struct composite_context *c; int i, count=0; @@ -42,7 +43,7 @@ if (address_list == NULL) return NULL; for (i=0;inum_interfaces;i++) { - const char *bcast = iface_n_bcast(global_loadparm, i); + const char *bcast = iface_n_bcast(lp_ctx, i); if (bcast == NULL) continue; address_list[count] = talloc_strdup(address_list, bcast); if (address_list[count] == NULL) { @@ -79,8 +80,8 @@ return resolve_name_bcast_recv(c, mem_ctx, reply_addr); } -bool resolve_context_add_bcast_method(struct resolve_context *ctx) +bool resolve_context_add_bcast_method(struct resolve_context *ctx, struct loadparm_context *lp_ctx) { return resolve_context_add_method(ctx, resolve_name_bcast_send, resolve_name_bcast_recv, - NULL); + lp_ctx); } Modified: branches/SAMBA_4_0/source/libcli/resolve/resolve.c === --- branches/SAMBA_4_0/source/libcli/resolve/resolve.c 2007-12-10 18:41:29 UTC (rev 26377) +++ branches/SAMBA_4_0/source/libcli/resolve/resolve.c 2007-12-10 18:41:33 UTC (rev 26378) @@ -241,7 +241,7 @@ if (!strcmp(methods[i], wins)) { resolve_context_add_wins_method(ret, lp_wins_server_list(lp_ctx)); } else if (!strcmp(methods[i], bcast)) { - resolve_context_add_bcast_method(ret); + resolve_context_add_bcast_method(ret, lp_ctx); } else if (!strcmp(methods[i], host)) { resolve_context_add_host_method(ret); } else {
svn commit: samba r26379 - in branches/SAMBA_4_0: . source/auth source/auth/gensec source/auth/ntlmssp source/cluster/ctdb
Author: jelmer Date: 2007-12-10 18:41:38 + (Mon, 10 Dec 2007) New Revision: 26379 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=26379 Log: Remove more global_loadparm instances. Modified: branches/SAMBA_4_0/ branches/SAMBA_4_0/source/auth/auth.c branches/SAMBA_4_0/source/auth/gensec/gensec_krb5.c branches/SAMBA_4_0/source/auth/ntlmssp/ntlmssp.c branches/SAMBA_4_0/source/cluster/ctdb/opendb_ctdb.c Changeset: Property changes on: branches/SAMBA_4_0 ___ Name: bzr:revision-info ...skipped... Name: bzr:revision-id:v3-trunk0 ...skipped... Modified: branches/SAMBA_4_0/source/auth/auth.c === --- branches/SAMBA_4_0/source/auth/auth.c 2007-12-10 18:41:33 UTC (rev 26378) +++ branches/SAMBA_4_0/source/auth/auth.c 2007-12-10 18:41:38 UTC (rev 26379) @@ -512,27 +512,21 @@ return critical_sizes; } -NTSTATUS auth_init(struct loadparm_context *lp_ctx) +NTSTATUS auth_init(void) { static bool initialized = false; init_module_fn static_init[] = STATIC_auth_MODULES; - init_module_fn *shared_init; if (initialized) return NT_STATUS_OK; initialized = true; - shared_init = load_samba_modules(NULL, lp_ctx, auth); - run_init_functions(static_init); - run_init_functions(shared_init); - - talloc_free(shared_init); return NT_STATUS_OK; } NTSTATUS server_service_auth_init(void) { - return auth_init(global_loadparm); + return auth_init(); } Modified: branches/SAMBA_4_0/source/auth/gensec/gensec_krb5.c === --- branches/SAMBA_4_0/source/auth/gensec/gensec_krb5.c 2007-12-10 18:41:33 UTC (rev 26378) +++ branches/SAMBA_4_0/source/auth/gensec/gensec_krb5.c 2007-12-10 18:41:38 UTC (rev 26379) @@ -779,7 +779,7 @@ { NTSTATUS ret; - auth_init(global_loadparm); + auth_init(); ret = gensec_register(gensec_krb5_security_ops); if (!NT_STATUS_IS_OK(ret)) { Modified: branches/SAMBA_4_0/source/auth/ntlmssp/ntlmssp.c === --- branches/SAMBA_4_0/source/auth/ntlmssp/ntlmssp.c2007-12-10 18:41:33 UTC (rev 26378) +++ branches/SAMBA_4_0/source/auth/ntlmssp/ntlmssp.c2007-12-10 18:41:38 UTC (rev 26379) @@ -428,7 +428,7 @@ { NTSTATUS ret; - auth_init(global_loadparm); + auth_init(); ret = gensec_register(gensec_ntlmssp_security_ops); if (!NT_STATUS_IS_OK(ret)) { Modified: branches/SAMBA_4_0/source/cluster/ctdb/opendb_ctdb.c === --- branches/SAMBA_4_0/source/cluster/ctdb/opendb_ctdb.c2007-12-10 18:41:33 UTC (rev 26378) +++ branches/SAMBA_4_0/source/cluster/ctdb/opendb_ctdb.c2007-12-10 18:41:38 UTC (rev 26379) @@ -97,7 +97,7 @@ odb-ntvfs_ctx = ntvfs_ctx; /* leave oplocks disabled by default until the code is working */ - odb-oplocks = lp_parm_bool(global_loadparm, NULL, opendb, oplocks, false); + odb-oplocks = lp_parm_bool(ntvfs_ctx-lp_ctx, NULL, opendb, oplocks, false); return odb; }
svn commit: samba r26380 - in branches/SAMBA_4_0: . source/libcli/nbt source/torture/nbt
Author: jelmer Date: 2007-12-10 18:41:41 + (Mon, 10 Dec 2007) New Revision: 26380 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=26380 Log: Specify port number higher up the call stack. Modified: branches/SAMBA_4_0/ branches/SAMBA_4_0/source/libcli/nbt/libnbt.h branches/SAMBA_4_0/source/libcli/nbt/namerefresh.c branches/SAMBA_4_0/source/torture/nbt/register.c Changeset: Property changes on: branches/SAMBA_4_0 ___ Name: bzr:revision-info ...skipped... Name: bzr:revision-id:v3-trunk0 ...skipped... Modified: branches/SAMBA_4_0/source/libcli/nbt/libnbt.h === --- branches/SAMBA_4_0/source/libcli/nbt/libnbt.h 2007-12-10 18:41:38 UTC (rev 26379) +++ branches/SAMBA_4_0/source/libcli/nbt/libnbt.h 2007-12-10 18:41:41 UTC (rev 26380) @@ -215,6 +215,7 @@ struct { struct nbt_name name; const char *dest_addr; + uint16_t dest_port; const char *address; uint16_t nb_flags; bool broadcast; Modified: branches/SAMBA_4_0/source/libcli/nbt/namerefresh.c === --- branches/SAMBA_4_0/source/libcli/nbt/namerefresh.c 2007-12-10 18:41:38 UTC (rev 26379) +++ branches/SAMBA_4_0/source/libcli/nbt/namerefresh.c 2007-12-10 18:41:41 UTC (rev 26380) @@ -69,7 +69,7 @@ dest = socket_address_from_strings(nbtsock, nbtsock-sock-backend_name, - io-in.dest_addr, lp_nbt_port(global_loadparm)); + io-in.dest_addr, io-in.dest_port); if (dest == NULL) goto failed; req = nbt_name_request_send(nbtsock, dest, packet, io-in.timeout, io-in.retries, false); @@ -174,6 +174,7 @@ goto done; } state-io-in.dest_addr = state-wins_servers[0]; + state-io-in.dest_port = lp_nbt_port(global_loadparm); state-io-in.address = state-addresses[0]; state-req = nbt_name_refresh_send(state-nbtsock, state-io); if (state-req == NULL) { @@ -212,7 +213,7 @@ } } -/* +/** the async send call for a multi-server WINS refresh */ struct composite_context *nbt_name_refresh_wins_send(struct nbt_name_socket *nbtsock, @@ -240,6 +241,7 @@ state-io-in.name= io-in.name; state-io-in.dest_addr = state-wins_servers[0]; + state-io-in.dest_port = lp_nbt_port(global_loadparm); state-io-in.address = io-in.addresses[0]; state-io-in.nb_flags= io-in.nb_flags; state-io-in.broadcast = false; Modified: branches/SAMBA_4_0/source/torture/nbt/register.c === --- branches/SAMBA_4_0/source/torture/nbt/register.c2007-12-10 18:41:38 UTC (rev 26379) +++ branches/SAMBA_4_0/source/torture/nbt/register.c2007-12-10 18:41:41 UTC (rev 26380) @@ -26,6 +26,7 @@ #include lib/socket/netif.h #include torture/torture.h #include torture/nbt/proto.h +#include param/param.h #define CHECK_VALUE(tctx, v, correct) \ torture_assert_int_equal(tctx, v, correct, Incorrect value) @@ -132,6 +133,7 @@ io.in.name = name; io.in.dest_addr = address; + io.in.dest_port = lp_nbt_port(tctx-lp_ctx); io.in.address = myaddress; io.in.nb_flags = NBT_NODE_B | NBT_NM_ACTIVE; io.in.broadcast = false;
svn commit: samba r26381 - in branches/SAMBA_4_0: . source/libcli/nbt source/nbt_server source/torture/nbt
Author: jelmer Date: 2007-12-10 18:41:45 + (Mon, 10 Dec 2007) New Revision: 26381 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=26381 Log: Move global_loadparm higher up the call stack. Modified: branches/SAMBA_4_0/ branches/SAMBA_4_0/source/libcli/nbt/libnbt.h branches/SAMBA_4_0/source/libcli/nbt/nameregister.c branches/SAMBA_4_0/source/nbt_server/register.c branches/SAMBA_4_0/source/torture/nbt/register.c branches/SAMBA_4_0/source/torture/nbt/winsbench.c branches/SAMBA_4_0/source/torture/nbt/winsreplication.c Changeset: Property changes on: branches/SAMBA_4_0 ___ Name: bzr:revision-info ...skipped... Name: bzr:revision-id:v3-trunk0 ...skipped... Modified: branches/SAMBA_4_0/source/libcli/nbt/libnbt.h === --- branches/SAMBA_4_0/source/libcli/nbt/libnbt.h 2007-12-10 18:41:41 UTC (rev 26380) +++ branches/SAMBA_4_0/source/libcli/nbt/libnbt.h 2007-12-10 18:41:45 UTC (rev 26381) @@ -163,6 +163,7 @@ struct { struct nbt_name name; const char *dest_addr; + uint16_t dest_port; const char *address; uint16_t nb_flags; bool register_demand; Modified: branches/SAMBA_4_0/source/libcli/nbt/nameregister.c === --- branches/SAMBA_4_0/source/libcli/nbt/nameregister.c 2007-12-10 18:41:41 UTC (rev 26380) +++ branches/SAMBA_4_0/source/libcli/nbt/nameregister.c 2007-12-10 18:41:45 UTC (rev 26381) @@ -77,7 +77,7 @@ if (packet-additional[0].rdata.netbios.addresses[0].ipaddr == NULL) goto failed; dest = socket_address_from_strings(packet, nbtsock-sock-backend_name, - io-in.dest_addr, lp_nbt_port(global_loadparm)); + io-in.dest_addr, io-in.dest_port); if (dest == NULL) goto failed; req = nbt_name_request_send(nbtsock, dest, packet, io-in.timeout, io-in.retries, false); @@ -224,6 +224,7 @@ state-io-in.name= io-in.name; state-io-in.dest_addr = io-in.dest_addr; + state-io-in.dest_port = lp_nbt_port(global_loadparm); state-io-in.address = io-in.address; state-io-in.nb_flags= io-in.nb_flags; state-io-in.register_demand = false; @@ -311,6 +312,7 @@ goto done; } state-io-in.dest_addr = state-wins_servers[0]; + state-io-in.dest_port = lp_nbt_port(global_loadparm); state-io-in.address = state-addresses[0]; state-req = nbt_name_register_send(state-nbtsock, state-io); if (state-req == NULL) { @@ -377,6 +379,7 @@ state-io-in.name= io-in.name; state-io-in.dest_addr = state-wins_servers[0]; + state-io-in.dest_port = lp_nbt_port(global_loadparm); state-io-in.address = io-in.addresses[0]; state-io-in.nb_flags= io-in.nb_flags; state-io-in.broadcast = false; Modified: branches/SAMBA_4_0/source/nbt_server/register.c === --- branches/SAMBA_4_0/source/nbt_server/register.c 2007-12-10 18:41:41 UTC (rev 26380) +++ branches/SAMBA_4_0/source/nbt_server/register.c 2007-12-10 18:41:45 UTC (rev 26381) @@ -93,6 +93,7 @@ registration packets */ io.in.name= iname-name; io.in.dest_addr = iface-bcast_address; + io.in.dest_port = lp_nbt_port(iface-nbtsrv-task-lp_ctx); io.in.address = iface-ip_address; io.in.nb_flags= iname-nb_flags; io.in.ttl = iname-ttl; Modified: branches/SAMBA_4_0/source/torture/nbt/register.c === --- branches/SAMBA_4_0/source/torture/nbt/register.c2007-12-10 18:41:41 UTC (rev 26380) +++ branches/SAMBA_4_0/source/torture/nbt/register.c2007-12-10 18:41:45 UTC (rev 26381) @@ -67,6 +67,7 @@ io.in.name = name; io.in.dest_addr = address; + io.in.dest_port = lp_nbt_port(tctx-lp_ctx); io.in.address = myaddress; io.in.nb_flags = NBT_NODE_B | NBT_NM_ACTIVE; io.in.register_demand = false; Modified: branches/SAMBA_4_0/source/torture/nbt/winsbench.c === --- branches/SAMBA_4_0/source/torture/nbt/winsbench.c 2007-12-10 18:41:41 UTC (rev 26380) +++ branches/SAMBA_4_0/source/torture/nbt/winsbench.c 2007-12-10 18:41:45 UTC (rev 26381) @@ -87,6 +87,7 @@ io.in.name= generate_name(tmp_ctx, idx); io.in.dest_addr = state-wins_server; +
svn commit: samba r26382 - in branches/SAMBA_4_0: . source/auth/credentials source/libcli/wrepl source/librpc/rpc source/ntvfs/ipc source/param source/rpc_server/srvsvc source/smb_server source/tortur
Author: jelmer Date: 2007-12-10 18:41:55 + (Mon, 10 Dec 2007) New Revision: 26382 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=26382 Log: Remove more uses of global_loadparm. Modified: branches/SAMBA_4_0/ branches/SAMBA_4_0/source/auth/credentials/credentials.c branches/SAMBA_4_0/source/libcli/wrepl/winsrepl.c branches/SAMBA_4_0/source/libcli/wrepl/winsrepl.h branches/SAMBA_4_0/source/librpc/rpc/dcerpc_util.c branches/SAMBA_4_0/source/ntvfs/ipc/rap_server.c branches/SAMBA_4_0/source/param/share.c branches/SAMBA_4_0/source/rpc_server/srvsvc/dcesrv_srvsvc.c branches/SAMBA_4_0/source/rpc_server/srvsvc/srvsvc_ntvfs.c branches/SAMBA_4_0/source/smb_server/smb_server.c branches/SAMBA_4_0/source/torture/masktest.c branches/SAMBA_4_0/source/torture/nbt/winsreplication.c branches/SAMBA_4_0/source/wrepl_server/wrepl_out_helpers.c Changeset: Property changes on: branches/SAMBA_4_0 ___ Name: bzr:revision-info ...skipped... Name: bzr:revision-id:v3-trunk0 ...skipped... Modified: branches/SAMBA_4_0/source/auth/credentials/credentials.c === --- branches/SAMBA_4_0/source/auth/credentials/credentials.c2007-12-10 18:41:45 UTC (rev 26381) +++ branches/SAMBA_4_0/source/auth/credentials/credentials.c2007-12-10 18:41:55 UTC (rev 26382) @@ -82,7 +82,6 @@ struct cli_credentials *anon_credentials; anon_credentials = cli_credentials_init(mem_ctx); - cli_credentials_set_conf(anon_credentials, global_loadparm); cli_credentials_set_anonymous(anon_credentials); return anon_credentials; @@ -720,6 +719,7 @@ cli_credentials_set_username(cred, , CRED_SPECIFIED); cli_credentials_set_domain(cred, , CRED_SPECIFIED); cli_credentials_set_password(cred, NULL, CRED_SPECIFIED); + cli_credentials_set_realm(cred, NULL, CRED_SPECIFIED); } /** Modified: branches/SAMBA_4_0/source/libcli/wrepl/winsrepl.c === --- branches/SAMBA_4_0/source/libcli/wrepl/winsrepl.c 2007-12-10 18:41:45 UTC (rev 26381) +++ branches/SAMBA_4_0/source/libcli/wrepl/winsrepl.c 2007-12-10 18:41:55 UTC (rev 26382) @@ -313,6 +313,7 @@ connect a wrepl_socket to a WINS server */ struct composite_context *wrepl_connect_send(struct wrepl_socket *wrepl_socket, +struct resolve_context *resolve_ctx, const char *our_ip, const char *peer_ip) { struct composite_context *result; @@ -344,7 +345,7 @@ if (composite_nomem(peer, result)) return result; state-creq = socket_connect_send(wrepl_socket-sock, us, peer, - 0, lp_resolve_context(global_loadparm), + 0, resolve_ctx, wrepl_socket-event.ctx); composite_continue(result, state-creq, wrepl_connect_handler, state); return result; @@ -371,9 +372,10 @@ /* connect a wrepl_socket to a WINS server - sync API */ -NTSTATUS wrepl_connect(struct wrepl_socket *wrepl_socket, const char *our_ip, const char *peer_ip) +NTSTATUS wrepl_connect(struct wrepl_socket *wrepl_socket, struct resolve_context *resolve_ctx, + const char *our_ip, const char *peer_ip) { - struct composite_context *c_req = wrepl_connect_send(wrepl_socket, our_ip, peer_ip); + struct composite_context *c_req = wrepl_connect_send(wrepl_socket, resolve_ctx, our_ip, peer_ip); return wrepl_connect_recv(c_req); } Modified: branches/SAMBA_4_0/source/libcli/wrepl/winsrepl.h === --- branches/SAMBA_4_0/source/libcli/wrepl/winsrepl.h 2007-12-10 18:41:45 UTC (rev 26381) +++ branches/SAMBA_4_0/source/libcli/wrepl/winsrepl.h 2007-12-10 18:41:55 UTC (rev 26382) @@ -154,4 +154,6 @@ } out; }; +struct resolve_context; + #include libcli/wrepl/winsrepl_proto.h Modified: branches/SAMBA_4_0/source/librpc/rpc/dcerpc_util.c === --- branches/SAMBA_4_0/source/librpc/rpc/dcerpc_util.c 2007-12-10 18:41:45 UTC (rev 26381) +++ branches/SAMBA_4_0/source/librpc/rpc/dcerpc_util.c 2007-12-10 18:41:55 UTC (rev 26382) @@ -939,7 +939,6 @@ /* anonymous credentials for rpc connection used to get endpoint mapping */ anon_creds = cli_credentials_init(mem_ctx); cli_credentials_set_event_context(anon_creds, ev); - cli_credentials_set_conf(anon_creds, global_loadparm); cli_credentials_set_anonymous(anon_creds); /* Modified: branches/SAMBA_4_0/source/ntvfs/ipc/rap_server.c === ---
svn commit: samba r26383 - in branches/SAMBA_4_0: . source/lib/socket
Author: jelmer Date: 2007-12-10 18:42:01 + (Mon, 10 Dec 2007) New Revision: 26383 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=26383 Log: Make interfaces argument explicit. Modified: branches/SAMBA_4_0/ branches/SAMBA_4_0/source/lib/socket/interface.c Changeset: Property changes on: branches/SAMBA_4_0 ___ Name: bzr:revision-info ...skipped... Name: bzr:revision-id:v3-trunk0 ...skipped... Modified: branches/SAMBA_4_0/source/lib/socket/interface.c === --- branches/SAMBA_4_0/source/lib/socket/interface.c2007-12-10 18:41:55 UTC (rev 26382) +++ branches/SAMBA_4_0/source/lib/socket/interface.c2007-12-10 18:42:01 UTC (rev 26383) @@ -47,12 +47,13 @@ / Try and find an interface that matches an ip. If we cannot, return NULL **/ -static struct interface *iface_find(struct in_addr ip, bool CheckMask) +static struct interface *iface_find(struct interface *interfaces, + struct in_addr ip, bool CheckMask) { struct interface *i; - if (is_zero_ip(ip)) return local_interfaces; + if (is_zero_ip(ip)) return interfaces; - for (i=local_interfaces;i;i=i-next) + for (i=interfaces;i;i=i-next) if (CheckMask) { if (same_net(i-ip,ip,i-nmask)) return i; } else if (i-ip.s_addr == ip.s_addr) return i; @@ -64,18 +65,19 @@ / add an interface to the linked list of interfaces / -static void add_interface(struct in_addr ip, struct in_addr nmask) +static void add_interface(struct in_addr ip, struct in_addr nmask, struct interface **interfaces) { struct interface *iface; struct in_addr bcast; - if (iface_find(ip, false)) { + if (iface_find(*interfaces, ip, false)) { DEBUG(3,(not adding duplicate interface %s\n,inet_ntoa(ip))); return; } - iface = talloc(local_interfaces == NULL ? talloc_autofree_context() : local_interfaces, struct interface); - if (!iface) return; + iface = talloc(*interfaces == NULL ? talloc_autofree_context() : *interfaces, struct interface); + if (iface == NULL) + return; ZERO_STRUCTPN(iface); @@ -92,7 +94,7 @@ iface-bcast_s = talloc_strdup(iface, inet_ntoa(bcast)); } - DLIST_ADD_END(local_interfaces, iface, struct interface *); + DLIST_ADD_END(*interfaces, iface, struct interface *); DEBUG(2,(added interface ip=%s nmask=%s\n, iface-ip_s, iface-nmask_s)); } @@ -125,7 +127,8 @@ for (i=0;itotal_probed;i++) { if (gen_fnmatch(token, probed_ifaces[i].name) == 0) { add_interface(probed_ifaces[i].ip, - probed_ifaces[i].netmask); + probed_ifaces[i].netmask, + local_interfaces); added = 1; } } @@ -142,7 +145,8 @@ for (i=0;itotal_probed;i++) { if (ip.s_addr == probed_ifaces[i].ip.s_addr) { add_interface(probed_ifaces[i].ip, - probed_ifaces[i].netmask); + probed_ifaces[i].netmask, + local_interfaces); return; } } @@ -166,7 +170,8 @@ ip.s_addr == MKNETADDR(ip.s_addr, nmask.s_addr)) { for (i=0;itotal_probed;i++) { if (same_net(ip, probed_ifaces[i].ip, nmask)) { - add_interface(probed_ifaces[i].ip, nmask); + add_interface(probed_ifaces[i].ip, nmask, + local_interfaces); return; } } @@ -174,7 +179,7 @@ return; } - add_interface(ip, nmask); + add_interface(ip, nmask, local_interfaces); } @@ -207,7 +212,7 @@ for (i=0;itotal_probed;i++) { if (ifaces[i].ip.s_addr != loopback_ip.s_addr) { add_interface(ifaces[i].ip, - ifaces[i].netmask); + ifaces[i].netmask, local_interfaces); } } } @@ -313,7 +318,7 @@
svn commit: samba r26384 - in branches/SAMBA_4_0: . source/libcli
Author: jelmer Date: 2007-12-10 18:42:04 + (Mon, 10 Dec 2007) New Revision: 26384 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=26384 Log: Fix another global_loadparm instance. Modified: branches/SAMBA_4_0/ branches/SAMBA_4_0/source/libcli/cliconnect.c Changeset: Property changes on: branches/SAMBA_4_0 ___ Name: bzr:revision-info ...skipped... Name: bzr:revision-id:v3-trunk0 ...skipped... Modified: branches/SAMBA_4_0/source/libcli/cliconnect.c === --- branches/SAMBA_4_0/source/libcli/cliconnect.c 2007-12-10 18:42:01 UTC (rev 26383) +++ branches/SAMBA_4_0/source/libcli/cliconnect.c 2007-12-10 18:42:04 UTC (rev 26384) @@ -66,7 +66,8 @@ /* wrapper around smb_raw_sesssetup() */ NTSTATUS smbcli_session_setup(struct smbcli_state *cli, - struct cli_credentials *credentials) + struct cli_credentials *credentials, + const char *workgroup) { struct smb_composite_sesssetup setup; NTSTATUS status; @@ -77,7 +78,7 @@ setup.in.sesskey = cli-transport-negotiate.sesskey; setup.in.capabilities = cli-transport-negotiate.capabilities; setup.in.credentials = credentials; - setup.in.workgroup = lp_workgroup(global_loadparm); + setup.in.workgroup = workgroup; status = smb_composite_sesssetup(cli-session, setup);
svn commit: samba r26385 - in branches/SAMBA_4_0: . source/auth/credentials source/auth/gensec source/ldap_server source/libcli/ldap source/libcli/nbt
Author: jelmer Date: 2007-12-10 18:42:07 + (Mon, 10 Dec 2007) New Revision: 26385 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=26385 Log: Integrate gensec-socket into gensec. Removed: branches/SAMBA_4_0/source/auth/gensec/socket.h Modified: branches/SAMBA_4_0/ branches/SAMBA_4_0/source/auth/credentials/credentials.c branches/SAMBA_4_0/source/auth/gensec/config.mk branches/SAMBA_4_0/source/auth/gensec/gensec.h branches/SAMBA_4_0/source/auth/gensec/spnego.c branches/SAMBA_4_0/source/ldap_server/config.mk branches/SAMBA_4_0/source/ldap_server/ldap_bind.c branches/SAMBA_4_0/source/libcli/ldap/ldap_bind.c branches/SAMBA_4_0/source/libcli/nbt/namerefresh.c Changeset: Property changes on: branches/SAMBA_4_0 ___ Name: bzr:revision-info ...skipped... Name: bzr:revision-id:v3-trunk0 ...skipped... Modified: branches/SAMBA_4_0/source/auth/credentials/credentials.c === --- branches/SAMBA_4_0/source/auth/credentials/credentials.c2007-12-10 18:42:04 UTC (rev 26384) +++ branches/SAMBA_4_0/source/auth/credentials/credentials.c2007-12-10 18:42:07 UTC (rev 26385) @@ -720,6 +720,7 @@ cli_credentials_set_domain(cred, , CRED_SPECIFIED); cli_credentials_set_password(cred, NULL, CRED_SPECIFIED); cli_credentials_set_realm(cred, NULL, CRED_SPECIFIED); + cli_credentials_set_workstation(cred, , CRED_UNINITIALISED); } /** Modified: branches/SAMBA_4_0/source/auth/gensec/config.mk === --- branches/SAMBA_4_0/source/auth/gensec/config.mk 2007-12-10 18:42:04 UTC (rev 26384) +++ branches/SAMBA_4_0/source/auth/gensec/config.mk 2007-12-10 18:42:07 UTC (rev 26385) @@ -6,9 +6,9 @@ DESCRIPTION = Generic Security Library PUBLIC_HEADERS = gensec.h spnego.h PUBLIC_PROTO_HEADER = gensec_proto.h -OBJ_FILES = gensec.o +OBJ_FILES = gensec.o socket.o PUBLIC_DEPENDENCIES = \ - CREDENTIALS LIBSAMBA-UTIL LIBCRYPTO ASN1_UTIL + CREDENTIALS LIBSAMBA-UTIL LIBCRYPTO ASN1_UTIL samba-socket LIBPACKET # End SUBSYSTEM gensec # @@ -48,7 +48,7 @@ SUBSYSTEM = gensec INIT_FUNCTION = gensec_spnego_init PRIVATE_PROTO_HEADER = spnego_proto.h -PRIVATE_DEPENDENCIES = ASN1_UTIL GENSEC_SOCKET CREDENTIALS +PRIVATE_DEPENDENCIES = ASN1_UTIL CREDENTIALS OBJ_FILES = spnego.o spnego_parse.o # End MODULE gensec_spnego @@ -61,7 +61,7 @@ INIT_FUNCTION = gensec_schannel_init OBJ_FILES = schannel.o \ schannel_sign.o -PRIVATE_DEPENDENCIES = SCHANNELDB NDR_SCHANNEL CREDENTIALS +PRIVATE_DEPENDENCIES = SCHANNELDB NDR_SCHANNEL CREDENTIALS LIBNDR OUTPUT_TYPE = INTEGRATED # End MODULE gensec_schannel @@ -72,19 +72,8 @@ PRIVATE_PROTO_HEADER = schannel_state.h OBJ_FILES = \ schannel_state.o -PRIVATE_DEPENDENCIES = LDB_WRAP +PRIVATE_DEPENDENCIES = LDB_WRAP SAMDB # # End SUBSYSTEM SCHANNELDB - -# Start SUBSYSTEM GENSEC_SOCKET -[SUBSYSTEM::GENSEC_SOCKET] -OBJ_FILES = \ - socket.o -PUBLIC_DEPENDENCIES = samba-socket LIBPACKET -#PUBLIC_DEPENDENCIES = gensec -# -# End SUBSYSTEM GENSEC_SOCKET - - Modified: branches/SAMBA_4_0/source/auth/gensec/gensec.h === --- branches/SAMBA_4_0/source/auth/gensec/gensec.h 2007-12-10 18:42:04 UTC (rev 26384) +++ branches/SAMBA_4_0/source/auth/gensec/gensec.h 2007-12-10 18:42:07 UTC (rev 26385) @@ -166,6 +166,37 @@ int sizeof_gensec_security; }; +/* Socket wrapper */ + +struct gensec_security; +struct socket_context; + +NTSTATUS gensec_socket_init(struct gensec_security *gensec_security, + struct socket_context *current_socket, + struct event_context *ev, + void (*recv_handler)(void *, uint16_t), + void *recv_private, + struct socket_context **new_socket); +/* These functions are for use here only (public because SPNEGO must + * use them for recursion) */ +NTSTATUS gensec_wrap_packets(struct gensec_security *gensec_security, +TALLOC_CTX *mem_ctx, +const DATA_BLOB *in, +DATA_BLOB *out, +size_t *len_processed); +/* These functions are for use here only (public because SPNEGO must + * use them for recursion) */ +NTSTATUS gensec_unwrap_packets(struct gensec_security *gensec_security, + TALLOC_CTX *mem_ctx, +
[SCM] Samba Shared Repository - branch v3-2-test updated - initial-v3-2-unstable-579-g52dc5ea
The branch, v3-2-test has been updated via 52dc5eaef2106015b3a8b659e818bdb15ad94b05 (commit) from e81629339589e2e7f464b3dca55730ff2d0877e4 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit 52dc5eaef2106015b3a8b659e818bdb15ad94b05 Author: Jeremy Allison [EMAIL PROTECTED] Date: Mon Dec 10 11:30:37 2007 -0800 Remove the char[1024] strings from dynconfig. Replace them with malloc'ing accessor functions. Should save a lot of static space :-). Jeremy. --- Summary of changes: source/client/client.c |4 +- source/client/smbmount.c|8 +- source/client/smbspool.c|4 +- source/dynconfig.c | 251 --- source/include/dynconfig.h | 51 +++- source/lib/fault.c |2 +- source/lib/ldb/common/ldb_modules.c |2 +- source/lib/pidfile.c|8 +- source/lib/popt_common.c| 26 ++-- source/lib/util.c | 10 +- source/libsmb/libsmbclient.c|6 +- source/libsmb/namequery.c |2 +- source/nmbd/nmbd.c | 17 ++- source/nmbd/nmbd_winsserver.c |2 +- source/nsswitch/wbinfo.c|4 +- source/nsswitch/wins.c |2 +- source/pam_smbpass/support.c|4 +- source/param/loadparm.c | 10 +- source/passdb/pdb_tdb.c |2 +- source/rpc_client/cli_pipe.c|2 +- source/rpc_server/srv_srvsvc_nt.c |6 +- source/rpcclient/rpcclient.c|4 +- source/services/services_db.c |6 +- source/services/svc_rcinit.c|6 +- source/smbd/lanman.c|2 +- source/smbd/server.c|6 +- source/torture/locktest.c |2 +- source/torture/locktest2.c |2 +- source/torture/masktest.c |2 +- source/torture/msgtest.c|2 +- source/torture/pdbtest.c|2 +- source/torture/torture.c|2 +- source/torture/vfstest.c|6 +- source/utils/eventlogadm.c |2 +- source/utils/net.c |2 +- source/utils/net_ads.c |8 +- source/utils/nmblookup.c|4 +- source/utils/ntlm_auth.c|4 +- source/utils/pdbedit.c |4 +- source/utils/sharesec.c |2 +- source/utils/smbcacls.c |2 +- source/utils/smbcontrol.c |2 +- source/utils/smbcquotas.c |2 +- source/utils/smbfilter.c|2 +- source/utils/smbpasswd.c|2 +- source/utils/smbtree.c |2 +- source/utils/smbw_sample.c |4 +- source/utils/status.c |6 +- source/utils/testparm.c |2 +- source/web/startstop.c |6 +- source/web/swat.c | 18 ++-- source/winbindd/idmap.c |2 +- source/winbindd/winbindd.c |8 +- source/winbindd/winbindd_cm.c |2 +- source/winbindd/winbindd_dual.c |4 +- 55 files changed, 406 insertions(+), 149 deletions(-) Changeset truncated at 500 lines: diff --git a/source/client/client.c b/source/client/client.c index 80e906d..d59af9e 100644 --- a/source/client/client.c +++ b/source/client/client.c @@ -4705,9 +4705,9 @@ static int do_message_op(void) if ( override_logfile ) setup_logging( lp_logfile(), false ); - if (!lp_load(dyn_CONFIGFILE,true,false,false,true)) { + if (!lp_load(get_dyn_CONFIGFILE(),true,false,false,true)) { fprintf(stderr, %s: Can't load %s - run testparm to debug it\n, - argv[0], dyn_CONFIGFILE); + argv[0], get_dyn_CONFIGFILE()); } load_interfaces(); diff --git a/source/client/smbmount.c b/source/client/smbmount.c index 2e8d554..98c61a3 100644 --- a/source/client/smbmount.c +++ b/source/client/smbmount.c @@ -535,7 +535,7 @@ static void init_mount(void) if (sys_fork() == 0) { char *smbmnt_path; - asprintf(smbmnt_path, %s/smbmnt, dyn_BINDIR); + asprintf(smbmnt_path, %s/smbmnt, get_dyn_BINDIR()); if (file_exist(smbmnt_path, NULL)) { execv(smbmnt_path, (char * const *)args); @@ -586,7 +586,7 @@ static void get_password_file(void) int fd = -1; char *p; bool close_it = False; - char *spec; + char *spec = NULL; TALLOC_CTX *ctx = talloc_tos(); char pass[128]; @@ -1012,9 +1012,9 @@ static void parse_mount_smb(int argc, char **argv) } } - if (!lp_load(dyn_CONFIGFILE,True,False,False,True)) { + if
[SCM] Samba Shared Repository - branch v3-2-test updated - initial-v3-2-unstable-580-gd78e081
The branch, v3-2-test has been updated via d78e081043124bbd80cf56d4a991ddf24ff46ef6 (commit) from 52dc5eaef2106015b3a8b659e818bdb15ad94b05 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit d78e081043124bbd80cf56d4a991ddf24ff46ef6 Author: Jeremy Allison [EMAIL PROTECTED] Date: Mon Dec 10 11:37:20 2007 -0800 Forgot build options was generated... fix. Jeremy. --- Summary of changes: source/script/mkbuildoptions.awk | 24 1 files changed, 12 insertions(+), 12 deletions(-) Changeset truncated at 500 lines: diff --git a/source/script/mkbuildoptions.awk b/source/script/mkbuildoptions.awk index 21c4bfa..c4e257f 100644 --- a/source/script/mkbuildoptions.awk +++ b/source/script/mkbuildoptions.awk @@ -75,22 +75,22 @@ BEGIN { print/* Output various paths to files and directories */; printoutput(screen,\\\nPaths:\\n\);; - printoutput(screen,\ SBINDIR: %s\\n\, dyn_SBINDIR);; - printoutput(screen,\ BINDIR: %s\\n\, dyn_BINDIR);; - printoutput(screen,\ SWATDIR: %s\\n\, dyn_SWATDIR);; + printoutput(screen,\ SBINDIR: %s\\n\, get_dyn_SBINDIR());; + printoutput(screen,\ BINDIR: %s\\n\, get_dyn_BINDIR());; + printoutput(screen,\ SWATDIR: %s\\n\, get_dyn_SWATDIR());; - printoutput(screen,\ CONFIGFILE: %s\\n\, dyn_CONFIGFILE);; - printoutput(screen,\ LOGFILEBASE: %s\\n\, dyn_LOGFILEBASE);; - printoutput(screen,\ LMHOSTSFILE: %s\\n\,dyn_LMHOSTSFILE);; + printoutput(screen,\ CONFIGFILE: %s\\n\, get_dyn_CONFIGFILE());; + printoutput(screen,\ LOGFILEBASE: %s\\n\, get_dyn_LOGFILEBASE());; + printoutput(screen,\ LMHOSTSFILE: %s\\n\,get_dyn_LMHOSTSFILE());; - printoutput(screen,\ LIBDIR: %s\\n\,dyn_LIBDIR);; - printoutput(screen,\ SHLIBEXT: %s\\n\,dyn_SHLIBEXT);; + printoutput(screen,\ LIBDIR: %s\\n\,get_dyn_LIBDIR());; + printoutput(screen,\ SHLIBEXT: %s\\n\,get_dyn_SHLIBEXT());; - printoutput(screen,\ LOCKDIR: %s\\n\,dyn_LOCKDIR);; - printoutput(screen,\ PIDDIR: %s\\n\, dyn_PIDDIR);; + printoutput(screen,\ LOCKDIR: %s\\n\,get_dyn_LOCKDIR());; + printoutput(screen,\ PIDDIR: %s\\n\, get_dyn_PIDDIR());; - printoutput(screen,\ SMB_PASSWD_FILE: %s\\n\,dyn_SMB_PASSWD_FILE);; - printoutput(screen,\ PRIVATE_DIR: %s\\n\,dyn_PRIVATE_DIR);; + printoutput(screen,\ SMB_PASSWD_FILE: %s\\n\,get_dyn_SMB_PASSWD_FILE());; + printoutput(screen,\ PRIVATE_DIR: %s\\n\,get_dyn_PRIVATE_DIR());; print ; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-2-test updated - initial-v3-2-unstable-582-g068e8de
The branch, v3-2-test has been updated via 068e8de72ceb49ef2e02cca1913b6d2197bab5e0 (commit) via bb8c044d425cf62b76e487103c8fb0b6cd4c83c2 (commit) from d78e081043124bbd80cf56d4a991ddf24ff46ef6 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit 068e8de72ceb49ef2e02cca1913b6d2197bab5e0 Author: Volker Lendecke [EMAIL PROTECTED] Date: Sun Dec 9 17:40:48 2007 +0100 Remove two completely unnecessary globals Can someone look over this? To me it looks as if bufr was only made static to save a malloc during an included smb.conf file. I think that's pretty much pointless. commit bb8c044d425cf62b76e487103c8fb0b6cd4c83c2 Author: Jeremy Allison [EMAIL PROTECTED] Date: Mon Dec 10 12:11:45 2007 -0800 Fix return values for invalid printers. Found by kblin spoolss test. Jeremy. --- Summary of changes: source/param/params.c | 112 --- source/rpc_server/srv_spoolss_nt.c | 19 +-- 2 files changed, 65 insertions(+), 66 deletions(-) Changeset truncated at 500 lines: diff --git a/source/param/params.c b/source/param/params.c index 24bef0a..44b44d9 100644 --- a/source/param/params.c +++ b/source/param/params.c @@ -99,9 +99,6 @@ extern bool in_client; * bSize - The size of the global buffer bufr. */ -static char *bufr = NULL; -static int bSize = 0; - /* we can't use FILE* due to the 256 fd limit - use this cheap hack instead */ typedef struct { @@ -212,7 +209,7 @@ static int EatComment( myFILE *InFile ) * */ -static int Continuation(char *line, int pos ) +static int Continuation(uint8_t *line, int pos ) { pos--; while( (pos = 0) isspace((int)line[pos])) @@ -235,7 +232,7 @@ static int Continuation(char *line, int pos ) * ** */ -static bool Section( myFILE *InFile, bool (*sfunc)(const char *) ) +static bool Section( DATA_BLOB *buf, myFILE *InFile, bool (*sfunc)(const char *) ) { int c; int i; @@ -260,37 +257,37 @@ static bool Section( myFILE *InFile, bool (*sfunc)(const char *) ) while( (EOF != c) (c 0) ) { /* Check that the buffer is big enough for the next character. */ - if( i (bSize - 2) ) { - char *tb = (char *)SMB_REALLOC_KEEP_OLD_ON_ERROR( bufr, bSize +BUFR_INC ); + if( i (buf-length - 2) ) { + uint8_t *tb = (uint8_t *)SMB_REALLOC_KEEP_OLD_ON_ERROR(buf-data, buf-length+BUFR_INC ); if(!tb) { DEBUG(0, (%s Memory re-allocation failure., func) ); return False; } - bufr = tb; - bSize += BUFR_INC; + buf-data = tb; + buf-length += BUFR_INC; } /* Handle a single character other than section end. */ switch( c ) { case '\n': /* Got newline before closing ']'.*/ - i = Continuation( bufr, i );/* Check for line continuation. */ + i = Continuation( buf-data, i );/* Check for line continuation. */ if( i 0 ) { - bufr[end] = '\0'; - DEBUG(0, (%s Badly formed line in configuration file: %s\n, func, bufr )); + buf-data[end] = '\0'; + DEBUG(0, (%s Badly formed line in configuration file: %s\n, func, buf-data )); return False; } - end = ( (i 0) (' ' == bufr[i - 1]) ) ? (i - 1) : (i); + end = ( (i 0) (' ' == buf-data[i - 1]) ) ? (i - 1) : (i); c = mygetc( InFile ); /* Continue with next line. */ break; default: /* All else are a valid name chars. */ if(isspace( c )) { /* One space per whitespace region. */ - bufr[end] = ' '; + buf-data[end] = ' '; i = end + 1; c = EatWhitespace( InFile ); } else { - bufr[i++] = c; +
[SCM] Samba Shared Repository - branch v3-2-test updated - initial-v3-2-unstable-583-g70950b4
The branch, v3-2-test has been updated via 70950b419a57465c38bb36722644b95b1d14f76d (commit) from 068e8de72ceb49ef2e02cca1913b6d2197bab5e0 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit 70950b419a57465c38bb36722644b95b1d14f76d Author: Jeremy Allison [EMAIL PROTECTED] Date: Mon Dec 10 13:43:12 2007 -0800 Fix bug leftover from pstring conversion noticed by ceez on irc. Jeremy. --- Summary of changes: source/printing/print_aix.c |4 +--- 1 files changed, 1 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/source/printing/print_aix.c b/source/printing/print_aix.c index bb12553..fd85ca0 100644 --- a/source/printing/print_aix.c +++ b/source/printing/print_aix.c @@ -32,15 +32,13 @@ bool aix_cache_reload(void) int iEtat; XFILE *pfile; char *line = NULL, *p; - char *name; + char *name = NULL; TALLOC_CTX *ctx = talloc_init(aix_cache_reload); if (!ctx) { return false; } - *name = 0; - DEBUG(5, (reloading aix printcap cache\n)); if ((pfile = x_fopen(lp_printcapname(), O_RDONLY, 0)) == NULL) { -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-2-test updated - initial-v3-2-unstable-584-gb40efc2
The branch, v3-2-test has been updated via b40efc2fe63a3420b62fbf1ea8936112c5a24bdc (commit) from 70950b419a57465c38bb36722644b95b1d14f76d (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit b40efc2fe63a3420b62fbf1ea8936112c5a24bdc Author: Jeremy Allison [EMAIL PROTECTED] Date: Mon Dec 10 14:21:28 2007 -0800 Fix errors from next_token conversion. Spotted by Andreas Schneider [EMAIL PROTECTED]. Jeremy. --- Summary of changes: source/libsmb/namequery.c | 14 +- 1 files changed, 5 insertions(+), 9 deletions(-) Changeset truncated at 500 lines: diff --git a/source/libsmb/namequery.c b/source/libsmb/namequery.c index 0decc59..c0d6b6e 100644 --- a/source/libsmb/namequery.c +++ b/source/libsmb/namequery.c @@ -791,12 +791,12 @@ bool getlmhostsent(TALLOC_CTX *ctx, XFILE *fp, char **pp_name, int *name_type, *pp_name = NULL; while(!x_feof(fp) !x_ferror(fp)) { - char *ip; - char *flags; - char *extra; - char *name; + char *ip = NULL; + char *flags = NULL; + char *extra = NULL; + char *name = NULL; const char *ptr; - char *ptr1; + char *ptr1 = NULL; int count = 0; *name_type = -1; @@ -809,10 +809,6 @@ bool getlmhostsent(TALLOC_CTX *ctx, XFILE *fp, char **pp_name, int *name_type, continue; } - ip[0] = '\0'; - name[0] = '\0'; - flags[0] = '\0'; - ptr = line; if (next_token_talloc(ctx, ptr, ip, NULL)) -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-2-test updated - initial-v3-2-unstable-585-gcafde6c
The branch, v3-2-test has been updated via cafde6c37259de587d3775a2d229abd253d2376d (commit) from b40efc2fe63a3420b62fbf1ea8936112c5a24bdc (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit cafde6c37259de587d3775a2d229abd253d2376d Author: Jeremy Allison [EMAIL PROTECTED] Date: Mon Dec 10 15:06:31 2007 -0800 Ensure we have a non-null flags. Pointed out by Andreas Schneider [EMAIL PROTECTED]. Jeremy. --- Summary of changes: source/libsmb/namequery.c |7 +++ 1 files changed, 7 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source/libsmb/namequery.c b/source/libsmb/namequery.c index c0d6b6e..819147d 100644 --- a/source/libsmb/namequery.c +++ b/source/libsmb/namequery.c @@ -835,6 +835,13 @@ bool getlmhostsent(TALLOC_CTX *ctx, XFILE *fp, char **pp_name, int *name_type, continue; } + if (!flags) { + flags = talloc_strdup(ctx, ); + if (!flags) { + continue; + } + } + DEBUG(4, (getlmhostsent: lmhost entry: %s %s %s\n, ip, name, flags)); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-2-test updated - initial-v3-2-unstable-586-g3f6cc82
The branch, v3-2-test has been updated via 3f6cc826378729c9157ea68e7cf5c7b584bbb585 (commit) from cafde6c37259de587d3775a2d229abd253d2376d (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit 3f6cc826378729c9157ea68e7cf5c7b584bbb585 Author: Jeremy Allison [EMAIL PROTECTED] Date: Mon Dec 10 15:31:05 2007 -0800 Don't need an fstring here, we can talloc. Jeremy. --- Summary of changes: source/include/smb.h |2 +- source/smbd/ipc.c| 17 - 2 files changed, 9 insertions(+), 10 deletions(-) Changeset truncated at 500 lines: diff --git a/source/include/smb.h b/source/include/smb.h index 763f955..d58c124 100644 --- a/source/include/smb.h +++ b/source/include/smb.h @@ -563,7 +563,7 @@ struct trans_state { uint8 cmd; /* SMBtrans or SMBtrans2 */ - fstring name; /* for trans requests */ + char *name; /* for trans requests */ uint16 call;/* for trans2 and nttrans requests */ bool close_on_completion; diff --git a/source/smbd/ipc.c b/source/smbd/ipc.c index eed293d..f28016c 100644 --- a/source/smbd/ipc.c +++ b/source/smbd/ipc.c @@ -374,7 +374,7 @@ static void api_fd_reply(connection_struct *conn, uint16 vuid, static void named_pipe(connection_struct *conn, uint16 vuid, struct smb_request *req, - char *name, uint16 *setup, + const char *name, uint16 *setup, char *data, char *params, int suwcnt, int tdscnt,int tpscnt, int msrcnt, int mdrcnt, int mprcnt) @@ -452,7 +452,7 @@ static void handle_trans(connection_struct *conn, struct smb_request *req, reply_nterror(req, NT_STATUS_NOT_SUPPORTED); return; } - + name_offset += strlen(\\PIPE); /* Win9x weirdness. When talking to a unicode server Win9x @@ -538,12 +538,11 @@ void reply_trans(connection_struct *conn, struct smb_request *req) state-close_on_completion = BITSETW(req-inbuf+smb_vwv5,0); state-one_way = BITSETW(req-inbuf+smb_vwv5,1); - memset(state-name, '\0',sizeof(state-name)); - srvstr_pull_buf(req-inbuf, req-flags2, state-name, - smb_buf(req-inbuf), sizeof(state-name), - STR_TERMINATE); - - if ((dscnt state-total_data) || (pscnt state-total_param)) + srvstr_pull_buf_talloc(state, req-inbuf, req-flags2, state-name, + smb_buf(req-inbuf), STR_TERMINATE); + + if ((dscnt state-total_data) || (pscnt state-total_param) || + !state-name) goto bad_param; if (state-total_data) { @@ -557,7 +556,7 @@ void reply_trans(connection_struct *conn, struct smb_request *req) reply_nterror(req, NT_STATUS_NO_MEMORY); END_PROFILE(SMBtrans); return; - } + } /* null-terminate the slack space */ memset(state-data[state-total_data], 0, 100); if ((dsoff+dscnt dsoff) || (dsoff+dscnt dscnt)) -- Samba Shared Repository
Build status as of Tue Dec 11 00:00:02 2007
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2007-12-10 00:01:08.0 + +++ /home/build/master/cache/broken_results.txt 2007-12-11 00:01:19.0 + @@ -1,25 +1,25 @@ -Build status as of Mon Dec 10 00:00:01 2007 +Build status as of Tue Dec 11 00:00:02 2007 Build counts: Tree Total Broken Panic SOC 0 0 0 build_farm 0 0 0 -ccache 28 9 0 +ccache 29 9 0 ctdb 0 0 0 distcc 1 0 0 -ldb 28 11 0 -libreplace 27 10 0 -lorikeet-heimdal 24 14 0 +ldb 29 11 0 +libreplace 28 11 0 +lorikeet-heimdal 24 15 0 pidl 18 5 0 ppp 10 8 0 python 0 0 0 -rsync28 12 0 +rsync29 11 0 samba-docs 0 0 0 samba-gtk4 4 0 -samba4 26 16 0 -samba_3_21 0 0 -samba_3_2_test 26 20 0 -smb-build26 25 0 -talloc 28 7 0 -tdb 28 5 0 +samba4 25 19 0 +samba_3_21 1 0 +samba_3_2_test 27 17 0 +smb-build27 26 0 +talloc 29 7 0 +tdb 29 5 0
svn commit: samba r26386 - in branches/SAMBA_4_0/source/lib/util: .
Author: abartlet Date: 2007-12-11 00:22:05 + (Tue, 11 Dec 2007) New Revision: 26386 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=26386 Log: We need to test in more than just 'interactive' mode... Fix segfault found when running smbd without options. Andrew Bartlett Modified: branches/SAMBA_4_0/source/lib/util/debug.c Changeset: Modified: branches/SAMBA_4_0/source/lib/util/debug.c === --- branches/SAMBA_4_0/source/lib/util/debug.c 2007-12-10 18:42:07 UTC (rev 26385) +++ branches/SAMBA_4_0/source/lib/util/debug.c 2007-12-11 00:22:05 UTC (rev 26386) @@ -137,7 +137,7 @@ break; case DEBUG_FILE: - if ((*logfile) == '/') { + if (logfile (*logfile) == '/') { fname = strdup(logfile); } else { asprintf(fname, %s/%s.log, dyn_LOGFILEBASE, state.prog_name);
svn commit: samba r26387 - in branches/SAMBA_4_0_RELEASE/source/lib/util: .
Author: abartlet Date: 2007-12-11 00:23:08 + (Tue, 11 Dec 2007) New Revision: 26387 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=26387 Log: Merge logfile segfault into alpha2 branch. Andrew Bartlett Modified: branches/SAMBA_4_0_RELEASE/source/lib/util/debug.c Changeset: Modified: branches/SAMBA_4_0_RELEASE/source/lib/util/debug.c === --- branches/SAMBA_4_0_RELEASE/source/lib/util/debug.c 2007-12-11 00:22:05 UTC (rev 26386) +++ branches/SAMBA_4_0_RELEASE/source/lib/util/debug.c 2007-12-11 00:23:08 UTC (rev 26387) @@ -137,7 +137,7 @@ break; case DEBUG_FILE: - if ((*logfile) == '/') { + if (logfile (*logfile) == '/') { fname = strdup(logfile); } else { asprintf(fname, %s/%s.log, dyn_LOGFILEBASE, state.prog_name);
svn commit: samba r26388 - in branches/SAMBA_4_0_RELEASE/swat/install: .
Author: abartlet Date: 2007-12-11 02:09:37 + (Tue, 11 Dec 2007) New Revision: 26388 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=26388 Log: Fix up SWAT provision (again...), after changes I made to the command-line version a while back. Andrew Bartlett Modified: branches/SAMBA_4_0_RELEASE/swat/install/provision.esp branches/SAMBA_4_0_RELEASE/swat/install/vampire.esp Changeset: Modified: branches/SAMBA_4_0_RELEASE/swat/install/provision.esp === --- branches/SAMBA_4_0_RELEASE/swat/install/provision.esp 2007-12-11 00:23:08 UTC (rev 26387) +++ branches/SAMBA_4_0_RELEASE/swat/install/provision.esp 2007-12-11 02:09:37 UTC (rev 26388) @@ -11,7 +11,6 @@ var f = FormObj(Provisioning, 0, 2); var i; var lp = loadparm_init(); - if ((session.authinfo.user_class == ADMINISTRATOR) || (session.authinfo.user_class == SYSTEM)) { @@ -56,6 +55,9 @@ lp.reload(); var goodpass = (subobj.CONFIRM == subobj.ADMINPASS); + var paths = provision_default_paths(subobj); + provision_fix_subobj(subobj, paths); + if (!goodpass) { write(h3Passwords don't match. Please try again./h3); f.display(); @@ -65,7 +67,6 @@ } else if (!provision_validate(subobj, writefln)) { f.display(); } else { - var paths = provision_default_paths(subobj); if (!provision(subobj, writefln, false, paths, session.authinfo.session_info, session.authinfo.credentials, false)) { writefln(Provision failed!); Modified: branches/SAMBA_4_0_RELEASE/swat/install/vampire.esp === --- branches/SAMBA_4_0_RELEASE/swat/install/vampire.esp 2007-12-11 00:23:08 UTC (rev 26387) +++ branches/SAMBA_4_0_RELEASE/swat/install/vampire.esp 2007-12-11 02:09:37 UTC (rev 26388) @@ -76,7 +76,8 @@ var session_info = session.authinfo.session_info; var credentials = session.authinfo.credentials; - info.credentials = credentials; + provision_fix_subobj(subobj, paths); + info.session_info = session_info; info.message = writefln; info.subobj = subobj;
svn commit: samba r26389 - in branches/SAMBA_4_0/swat/install: .
Author: abartlet Date: 2007-12-11 02:10:46 + (Tue, 11 Dec 2007) New Revision: 26389 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=26389 Log: Merge SWAT changes from alpha2 back into main Samba4 tree. Andrew Bartlett Modified: branches/SAMBA_4_0/swat/install/index.esp branches/SAMBA_4_0/swat/install/provision.esp branches/SAMBA_4_0/swat/install/samba3.esp branches/SAMBA_4_0/swat/install/vampire.esp Changeset: Modified: branches/SAMBA_4_0/swat/install/index.esp === --- branches/SAMBA_4_0/swat/install/index.esp 2007-12-11 02:09:37 UTC (rev 26388) +++ branches/SAMBA_4_0/swat/install/index.esp 2007-12-11 02:10:46 UTC (rev 26389) @@ -1,7 +1,7 @@ % page_header(columns, Server Installation, install); -if (session.authinfo.user_class == ADMINISTRATOR -|| session.authinfo.user_class == SYSTEM) { +if ((session.authinfo.user_class == ADMINISTRATOR) +|| (session.authinfo.user_class == SYSTEM)) { % Modified: branches/SAMBA_4_0/swat/install/provision.esp === --- branches/SAMBA_4_0/swat/install/provision.esp 2007-12-11 02:09:37 UTC (rev 26388) +++ branches/SAMBA_4_0/swat/install/provision.esp 2007-12-11 02:10:46 UTC (rev 26389) @@ -11,10 +11,9 @@ var f = FormObj(Provisioning, 0, 2); var i; var lp = loadparm_init(); +if ((session.authinfo.user_class == ADMINISTRATOR) +|| (session.authinfo.user_class == SYSTEM)) { -if (session.authinfo.user_class == ADMINISTRATOR -|| session.authinfo.user_class == SYSTEM) { - if (lp.get(realm) == ) { lp.set(realm, lp.get(workgroup) + .example.com); } @@ -56,6 +55,9 @@ lp.reload(); var goodpass = (subobj.CONFIRM == subobj.ADMINPASS); + var paths = provision_default_paths(subobj); + provision_fix_subobj(subobj, paths); + if (!goodpass) { write(h3Passwords don't match. Please try again./h3); f.display(); @@ -65,7 +67,6 @@ } else if (!provision_validate(subobj, writefln)) { f.display(); } else { - var paths = provision_default_paths(subobj); if (!provision(subobj, writefln, false, paths, session.authinfo.session_info, session.authinfo.credentials, false)) { writefln(Provision failed!); Modified: branches/SAMBA_4_0/swat/install/samba3.esp === --- branches/SAMBA_4_0/swat/install/samba3.esp 2007-12-11 02:09:37 UTC (rev 26388) +++ branches/SAMBA_4_0/swat/install/samba3.esp 2007-12-11 02:10:46 UTC (rev 26389) @@ -15,8 +15,8 @@ h1Import from Samba3/h1 % -if (session.authinfo.user_class == ADMINISTRATOR -|| session.authinfo.user_class == SYSTEM) { +if ((session.authinfo.user_class == ADMINISTRATOR) +|| (session.authinfo.user_class == SYSTEM)) { if (form['submit'] == Cancel) { redirect(/); Modified: branches/SAMBA_4_0/swat/install/vampire.esp === --- branches/SAMBA_4_0/swat/install/vampire.esp 2007-12-11 02:09:37 UTC (rev 26388) +++ branches/SAMBA_4_0/swat/install/vampire.esp 2007-12-11 02:10:46 UTC (rev 26389) @@ -14,8 +14,8 @@ var i; var lp = loadparm_init(); -if (session.authinfo.user_class == ADMINISTRATOR -|| session.authinfo.user_class == SYSTEM) { +if ((session.authinfo.user_class == ADMINISTRATOR) +|| (session.authinfo.user_class == SYSTEM)) { if (lp.get(realm) == ) { lp.set(realm, lp.get(workgroup) + .example.com); @@ -76,7 +76,8 @@ var session_info = session.authinfo.session_info; var credentials = session.authinfo.credentials; - info.credentials = credentials; + provision_fix_subobj(subobj, paths); + info.session_info = session_info; info.message = writefln; info.subobj = subobj;
svn commit: samba-web r1162 - in trunk: devel history
Author: deryck Date: 2007-12-11 02:37:39 + (Tue, 11 Dec 2007) New Revision: 1162 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-webrev=1162 Log: Move old release announcement to history page, and updated latest release links. Modified: trunk/devel/index.html trunk/history/index.html Changeset: Modified: trunk/devel/index.html === --- trunk/devel/index.html 2007-12-10 15:57:19 UTC (rev 1161) +++ trunk/devel/index.html 2007-12-11 02:37:39 UTC (rev 1162) @@ -14,8 +14,8 @@ pAs of 4 April 2004, the Samba Team converted from CVS to Subversion for maintaining the Samba source code. All current development is done in a Subversion repository. All older code is in the original CVS tree; this would include 2.2.x versions of Samba, which are no longer in active development./p -pThe latest production release is emSamba 3.0.27a/em (a -href=/samba/history/samba-3.0.27.htmlrelease notes/a and a +pThe latest production release is emSamba 3.0.28/em (a +href=/samba/history/samba-3.0.28.htmlrelease notes/a and a href=/samba/download/download/a)./p pWith the release of version 3 of the GPL, the Samba Team has decided to Modified: trunk/history/index.html === --- trunk/history/index.html2007-12-10 15:57:19 UTC (rev 1161) +++ trunk/history/index.html2007-12-11 02:37:39 UTC (rev 1162) @@ -6,8 +6,8 @@ div class=latest ul - liLatest Release mdash; a href=/samba/#latestSamba 3.0.27a/a/li - liCurrent Stable Release mdash; a href=/samba/#latestSamba 3.0.27a/a/li + liLatest Release mdash; a href=/samba/#latestSamba 3.0.28/a/li + liCurrent Stable Release mdash; a href=/samba/#latestSamba 3.0.28/a/li !-- Second link will point to #stable on this page when current release is a development release -- /ul /div @@ -17,6 +17,25 @@ h2Previous Release Announcments/h2 +h4a20 Nov 2007/a/h4 +p class=headlineSamba 3.0.27a Available for Download/p + +pSamba 3.0.27a is a bug fix release and is the current release +for production servers running the Samba 3.0 series./p + +pThe a href=/samba/ftp/stable/samba-3.0.27a.tar.gzSamba 3.0.27a/a source code +(a href=/samba/ftp/stable/samba-3.0.27a.tar.ascGPG +signature/a) can be downloaded now. If you prefer, the +a href=/samba/ftp/patches/patch-3.0.27-3.0.27a.diffs.gzpatch +file against previous releases/a +(a href=/samba/ftp/patches/patch-3.0.27-3.0.27a.diffs.ascGPG +signature/a) is also available for download. +Please read these a href=/samba/download/instructions on +how to verify the gpg signature/a. Precompiled packages will +be made available on a volunteer basis and can be found in the +a href=/samba/ftp/Binary_Packages/Binary_Packages download area/a./p + + h4a15 Nov 2007/a/h4 p class=headlineSamba 3.0.27 Available for Download/p @@ -237,49 +256,5 @@ download area/a./p -h4a10 Jul 2006/a/h4 -p class=headlineSamba 3.0.23 Available for Download/p -pAfter four months of development, the Samba Team is pleased to -announce the general availability of Samba 3.0.23. -This is the latest stable release of Samba. This is the version -that production Samba servers should be running for all current -bug-fixes. Please read the changes in the -a href=http://www.samba.org/samba/history/samba-3.0.23.html;Release Notes/a -for details on new features and difference in behavior -from previous releases./p - -pThere has been a substantial amount of cleanup work done during -this development cycle. We would like to thank both -a href=http://www.coverity.com/;Coverity/a and -a href=http://www.klocwork.com/;Klocwork/a -for analyzing the Samba source code. As a result, this release -includes fixes for over 400 defects. The coverage was approximately -even with over 200 defects reported by each tool./p - -pNew features in 3.0.23 include:/p -ul -liImproved 'make test'/li -liNew offline mode in winbindd/li -liNew Kerberos support for pam_winbind.so/li -liNew handling of unmapped users and groups/li -liNew non-root share management tools/li -liImproved support for local and BUILTIN groups/li -liWinbind IDMAP integration with RFC2307 schema objects -supported by Windows 2003 R2/li -liRewritten 'net ads join' to mimic Windows XP without -requiring administrative rights to join a domain/li -/ul - -pThe a href=/samba/ftp/samba-3.0.23.tar.gzSamba 3.0.23 -source code/a can be downloaded now. The a -href=/samba/ftp/samba-3.0.23.tar.ascGnuPG -signature for the emun/emcompressed tarball/a is also -available. Precompiled packages for RedHat 9, Fedora Core -5, amp; Solaris 9 are available in the -a href=/samba/ftp/Binary_Packages/Binary_Packages -download area/a. Packages for other platforms will be available -shortly./p - - !--#include virtual=footer_history.html --
svn commit: samba r26390 - in branches/SAMBA_4_0_RELEASE: .
Author: abartlet Date: 2007-12-11 02:53:40 + (Tue, 11 Dec 2007) New Revision: 26390 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=26390 Log: Start on a WHATSNEW for the alpah2 release. Andrew Bartlett Modified: branches/SAMBA_4_0_RELEASE/WHATSNEW.txt Changeset: Modified: branches/SAMBA_4_0_RELEASE/WHATSNEW.txt === --- branches/SAMBA_4_0_RELEASE/WHATSNEW.txt 2007-12-11 02:10:46 UTC (rev 26389) +++ branches/SAMBA_4_0_RELEASE/WHATSNEW.txt 2007-12-11 02:53:40 UTC (rev 26390) @@ -70,24 +70,24 @@ CHANGES SINCE TP5 = -In the time since TP5 was released in June 2007, Samba has +In the time since Sama4 Alpha1 was released in September 2007, Samba has continued to evolve, but you may particularly notice these areas: - Group Policy Support: Basic group policies may be defined, and are - enforced by Windows clients - MMC Support: The Active Directory Users and Computers console now - works, supporting most operations. + handles group membership correctly. - Winbind: Kai Blin has been working hard on his Google Summer of - Code project, creating a winbind implementation for Samba4. + member/memberOf: These and other linked attributes are now kept in + sync - Heimdal update: A Heimdal 1.0 snapshot is now included as the - internal Kerberos library in Samba4. + subtree renames: Renaming a subtree of LDAP objects is now possible, + with all linked attributes being kept consistant. - In the past few weeks, many small but significant bugs have been - fixed, particularly thanks to Matthias Dieter Wallnöfer [EMAIL PROTECTED] + Python Bindings: Bindings for a future move to python as the + internal scripting language have been created. + Shared library use: In support of projects such as OpenChange, + which depend on Samba4, more of Samba4 is built as shared libraries. + These are just some of the highlights of the work done in the past few months. More details can be found in our SVN history. @@ -106,12 +106,6 @@ - There is no printing support in the current release. -- Support for managing groups is currently poor (as the - memberOf/member linked attributes are not kept in sync). - -- Renaming and deleting subtrees (containers) in the the LDB tree will - have unexpected results. - - The Samba4 port of the CTDB clustering support is not yet complete - Clock Synchronisation is critical. Many 'wrong password' errors are