[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via e8e5afd krb5samba: Add smb_krb5_make_pac_checksum.
via 7f9e4d7 s4-auth: Use smb_krb5_make_pac_checksum.
via 3ef95a0 krb5samba: Add krb5_free_checksum_contents wrapper
from 470cfb3 lib/util: Map 0x7fffLL as 0x7fffLL
in time conversion
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit e8e5afd4d4038043f1125c5e2afc41e9e87ebfde
Author: Andreas Schneider
Date: Thu May 3 17:10:27 2012 +0200
krb5samba: Add smb_krb5_make_pac_checksum.
Signed-off-by: Simo Sorce
Autobuild-User: Simo Sorce
Autobuild-Date: Tue May 8 08:30:52 CEST 2012 on sn-devel-104
commit 7f9e4d70b9a2db7400791fbfef284dd63e79f078
Author: Andreas Schneider
Date: Thu May 3 17:10:53 2012 +0200
s4-auth: Use smb_krb5_make_pac_checksum.
Signed-off-by: Simo Sorce
commit 3ef95a0b59fa2a9ec5d01398d702bd107f290422
Author: Simo Sorce
Date: Fri May 4 11:02:48 2012 -0400
krb5samba: Add krb5_free_checksum_contents wrapper
---
Summary of changes:
lib/krb5_wrap/krb5_samba.c | 83 +++
lib/krb5_wrap/krb5_samba.h | 14 +
source3/configure.in|2 +
source4/auth/kerberos/kerberos_pac.c| 78 +
source4/heimdal_build/wscript_configure |2 +
wscript_configure_krb5 |3 +-
6 files changed, 127 insertions(+), 55 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/krb5_wrap/krb5_samba.c b/lib/krb5_wrap/krb5_samba.c
index ddebdd8..16c6901 100644
--- a/lib/krb5_wrap/krb5_samba.c
+++ b/lib/krb5_wrap/krb5_samba.c
@@ -2175,6 +2175,89 @@ krb5_error_code smb_krb5_cc_get_lifetime(krb5_context
context,
}
#endif /* HAVE_KRB5_CC_GET_LIFETIME */
+#if !defined(HAVE_KRB5_FREE_CHECKSUM_CONTENTS) && defined(HAVE_FREE_CHECKSUM)
+void smb_krb5_free_checksum_contents(krb5_context ctx, krb5_checksum *cksum)
+{
+ free_Checksum(cksum);
+}
+#endif
+
+krb5_error_code smb_krb5_make_pac_checksum(TALLOC_CTX *mem_ctx,
+ DATA_BLOB *pac_data,
+ krb5_context context,
+ const krb5_keyblock *keyblock,
+ uint32_t *sig_type,
+ DATA_BLOB *sig_blob)
+{
+ krb5_error_code ret;
+ krb5_checksum cksum;
+#if defined(HAVE_KRB5_CRYPTO_INIT) && defined(HAVE_KRB5_CREATE_CHECKSUM)
+ krb5_crypto crypto;
+
+
+ ret = krb5_crypto_init(context,
+ keyblock,
+ 0,
+ &crypto);
+ if (ret) {
+ DEBUG(0,("krb5_crypto_init() failed: %s\n",
+ smb_get_krb5_error_message(context, ret, mem_ctx)));
+ return ret;
+ }
+ ret = krb5_create_checksum(context,
+ crypto,
+ KRB5_KU_OTHER_CKSUM,
+ 0,
+ pac_data->data,
+ pac_data->length,
+ &cksum);
+ if (ret) {
+ DEBUG(2, ("PAC Verification failed: %s\n",
+ smb_get_krb5_error_message(context, ret, mem_ctx)));
+ }
+
+ krb5_crypto_destroy(context, crypto);
+
+ if (ret) {
+ return ret;
+ }
+
+ *sig_type = cksum.cksumtype;
+ *sig_blob = data_blob_talloc(mem_ctx,
+ cksum.checksum.data,
+ cksum.checksum.length);
+#elif defined(HAVE_KRB5_C_MAKE_CHECKSUM)
+ krb5_data input;
+
+ input.data = (char *)pac_data->data;
+ input.length = pac_data->length;
+
+ ret = krb5_c_make_checksum(context,
+ 0,
+ keyblock,
+ KRB5_KEYUSAGE_APP_DATA_CKSUM,
+ &input,
+ &cksum);
+ if (ret) {
+ DEBUG(2, ("PAC Verification failed: %s\n",
+ smb_get_krb5_error_message(context, ret, mem_ctx)));
+ return ret;
+ }
+
+ *sig_type = cksum.checksum_type;
+ *sig_blob = data_blob_talloc(mem_ctx,
+ cksum.contents,
+ cksum.length);
+
+#else
+#error krb5_create_checksum or krb5_c_make_checksum not available
+#endif /* HAVE_KRB5_C_MAKE_CHECKSUM */
+ smb_krb5_free_checksum_contents(context, &cksum);
+
+ return 0;
+}
+
+
/*
* smb_krb5_principal_get_realm
*
diff --git a/lib/krb5_wrap/krb5
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 470cfb3 lib/util: Map 0x7fffLL as 0x7fffLL
in time conversion
via 0678eb6 s4-provision Ensure we have posix ACLs before we permit a
s3fs-based Samba4 to be configured
via 859aa43 s3-python: Add python bindings for posix ACL layer
from 5d4d8fe s4:torture/raw/context: add subtests as torture testcases
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 470cfb34aea693cdb774b648d51ceccda130f329
Author: Andrew Bartlett
Date: Mon May 7 19:21:10 2012 +1000
lib/util: Map 0x7fffLL as 0x7fffLL in time
conversion
TIME_T_MAX is not actually INT64_MAX at the moment, so check both
values and set to the magic end-of-time value.
Andrew Bartlett
Autobuild-User: Andrew Bartlett
Autobuild-Date: Tue May 8 06:41:43 CEST 2012 on sn-devel-104
commit 0678eb6cdfa19f27de8093eee2a15b7493bbce67
Author: Andrew Bartlett
Date: Mon May 7 17:06:23 2012 +1000
s4-provision Ensure we have posix ACLs before we permit a s3fs-based Samba4
to be configured
commit 859aa43f7348e721a6ce0417d300d9db8086fc7b
Author: Andrew Bartlett
Date: Mon May 7 16:24:03 2012 +1000
s3-python: Add python bindings for posix ACL layer
This will allow us to check that posix ACLs work in the s4 provision, and
avoid
--use-s3fs if they do not.
Andrew Bartlett
---
Summary of changes:
lib/util/time.c|2 +-
source3/smbd/pysmbd.c | 203
source3/wscript_build |6 +
.../scripting/python/samba/provision/__init__.py | 14 ++
4 files changed, 224 insertions(+), 1 deletions(-)
create mode 100644 source3/smbd/pysmbd.c
Changeset truncated at 500 lines:
diff --git a/lib/util/time.c b/lib/util/time.c
index dc3ca68..d5a429a 100644
--- a/lib/util/time.c
+++ b/lib/util/time.c
@@ -148,7 +148,7 @@ _PUBLIC_ void unix_to_nt_time(NTTIME *nt, time_t t)
return;
}
- if (t == TIME_T_MAX) {
+ if (t == TIME_T_MAX || t == INT64_MAX) {
*nt = 0x7fffLL;
return;
}
diff --git a/source3/smbd/pysmbd.c b/source3/smbd/pysmbd.c
new file mode 100644
index 000..76167e1
--- /dev/null
+++ b/source3/smbd/pysmbd.c
@@ -0,0 +1,203 @@
+/*
+ Unix SMB/CIFS implementation.
+ SMB NT Security Descriptor / Unix permission conversion.
+ Copyright (C) Jeremy Allison 1994-2009.
+ Copyright (C) Andreas Gruenbacher 2002.
+ Copyright (C) Simo Sorce 2009.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 5d4d8fe s4:torture/raw/context: add subtests as torture testcases
via dd804dd s4:torture/raw/context: INVALID_PARAMETER vs.
LOGON_FAILURE...
via 7c0c1fa s4:torture/raw: make torture_raw_context a test suite
via 05bed62 s4:torture/raw/context: make use of torture_* macros and
avoid 'printf'
via 27efeab s4:torture/raw/context: pass tctx to
test_pid_exit_only_sees_open()
from 75494f7 selftest: samba4 doesn't support reauth
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 5d4d8fefe28051ace587494bff5e16b4e4211773
Author: Stefan Metzmacher
Date: Thu May 3 14:41:21 2012 +0200
s4:torture/raw/context: add subtests as torture testcases
TODO: add test_session with 'use spnego = false'.
We need a way to do set an option just for one test case.
Note: the 'use spnego = false' was ignored before as it's
only used on the first session setup on a connection.
metze
Autobuild-User: Stefan Metzmacher
Autobuild-Date: Tue May 8 04:50:39 CEST 2012 on sn-devel-104
commit dd804dd8caf2744aba5968b86724a538159708eb
Author: Stefan Metzmacher
Date: Tue May 1 12:38:06 2012 +0200
s4:torture/raw/context: INVALID_PARAMETER vs. LOGON_FAILURE...
If the try a session setup without EXTENDED_SECURITY after
one with EXTENDED_SECURITY Windows 2008 R2 returns INVALID_PARAMETER,
while Windows 2000 sp4 returns LOGON_FAILURE...
metze
commit 7c0c1fabd08cac83f306240f00a98901543a367f
Author: Stefan Metzmacher
Date: Wed May 2 13:46:34 2012 +0200
s4:torture/raw: make torture_raw_context a test suite
metze
commit 05bed62371e3acfb1813024ae45bd563e3a1d749
Author: Stefan Metzmacher
Date: Tue May 1 12:39:21 2012 +0200
s4:torture/raw/context: make use of torture_* macros and avoid 'printf'
metze
commit 27efeabab47694cb2f147d4c964c62213cc03fef
Author: Stefan Metzmacher
Date: Tue May 1 12:35:28 2012 +0200
s4:torture/raw/context: pass tctx to test_pid_exit_only_sees_open()
metze
---
Summary of changes:
source4/torture/raw/context.c | 262 +++--
source4/torture/raw/raw.c |2 +-
2 files changed, 121 insertions(+), 143 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/torture/raw/context.c b/source4/torture/raw/context.c
index 45e7482..af53453 100644
--- a/source4/torture/raw/context.c
+++ b/source4/torture/raw/context.c
@@ -30,35 +30,23 @@
#define BASEDIR "\\rawcontext"
-#define CHECK_STATUS(status, correct) do { \
- if (!NT_STATUS_EQUAL(status, correct)) { \
- printf("(%s) Incorrect status %s - should be %s\n", \
- __location__, nt_errstr(status), nt_errstr(correct)); \
- ret = false; \
- goto done; \
- }} while (0)
-
-#define CHECK_VALUE(v, correct) do { \
- if ((v) != (correct)) { \
- printf("(%s) Incorrect value %s=%d - should be %d\n", \
- __location__, #v, v, correct); \
- ret = false; \
- goto done; \
- }} while (0)
-
-#define CHECK_NOT_VALUE(v, correct) do { \
- if ((v) == (correct)) { \
- printf("(%s) Incorrect value %s=%d - should not be %d\n", \
- __location__, #v, v, correct); \
- ret = false; \
- goto done; \
- }} while (0)
+#define CHECK_STATUS(status, correct) \
+ torture_assert_ntstatus_equal_goto(tctx, status, correct, ret, done,
__location__)
+
+#define CHECK_VALUE(v, correct) \
+ torture_assert_int_equal_goto(tctx, v, correct, ret, done, __location__)
+
+#define CHECK_NOT_VALUE(v, correct) \
+ torture_assert_goto(tctx, ((v) != (correct)), ret, done, \
+ talloc_asprintf(tctx, "(%s) Incorrect value %s=%d - should not
be %d\n", \
+ __location__, #v, v, correct));
/*
test session ops
*/
-static bool test_session(struct smbcli_state *cli, struct torture_context
*tctx)
+static bool test_session(struct torture_context *tctx,
+struct smbcli_state *cli)
{
NTSTATUS status;
bool ret = true;
@@ -82,13 +70,13 @@ static bool test_session(struct smbcli_state *cli, struct
torture_context *tctx)
int i;
struct smbcli_session_options options;
- printf("TESTING SESSION HANDLING\n");
+ torture_comment(tctx, "TESTING SESSION HANDLING\n");
if (!torture_setup_dir(cli, BASEDIR)) {
return false;
}
- printf("create a second security context on the same transport\n");
+ torture_comment(tctx, "create a second security context on the same
transport\n");
lpcfg_smbcli_session_options(tctx->lp_c
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 75494f7 selftest: samba4 doesn't support reauth via c68cba3 s4:torture/raw/session: make sure we got a reauth of the existing session via 0ded6f9 selftest: mark ^samba4.raw.session.reauth as flapping from 5909188 talloc: Update doxygen config. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 75494f75fa27ded7b9d3c8c7342c8aa682c2949b Author: Stefan Metzmacher Date: Mon May 7 11:50:59 2012 +0200 selftest: samba4 doesn't support reauth metze Autobuild-User: Stefan Metzmacher Autobuild-Date: Tue May 8 02:43:49 CEST 2012 on sn-devel-104 commit c68cba36aabd816fcf70fc800eb36e54a3164d55 Author: Stefan Metzmacher Date: Mon May 7 11:32:32 2012 +0200 s4:torture/raw/session: make sure we got a reauth of the existing session metze commit 0ded6f9cb71719605e06abea0883d2e59a1e8d39 Author: Stefan Metzmacher Date: Mon May 7 12:07:30 2012 +0200 selftest: mark ^samba4.raw.session.reauth as flapping Because the test is wrong... metze --- Summary of changes: selftest/knownfail|1 + source4/torture/raw/session.c |2 ++ 2 files changed, 3 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/selftest/knownfail b/selftest/knownfail index 1fa11e9..35da8b3 100644 --- a/selftest/knownfail +++ b/selftest/knownfail @@ -47,6 +47,7 @@ ^samba4..*base.delete.*.deltest17 ^samba4..*base.delete.*.deltest20a ^samba4..*base.delete.*.deltest20b +^samba4.raw.session.reauth ^samba4.raw.rename.*.osxrename ^samba4.raw.rename.*.directory rename ^samba4.rpc.winreg.*security diff --git a/source4/torture/raw/session.c b/source4/torture/raw/session.c index 66092d2..3402693 100644 --- a/source4/torture/raw/session.c +++ b/source4/torture/raw/session.c @@ -38,6 +38,7 @@ static bool test_session_reauth(struct torture_context *tctx, char fname[256]; char buf[dlen+1]; bool ok = true; + uint16_t vuid1 = cli->session->vuid; data = generate_random_str(tctx, dlen); torture_assert(tctx, (data != NULL), "memory allocation failed"); @@ -65,6 +66,7 @@ static bool test_session_reauth(struct torture_context *tctx, io.in.gensec_settings = lpcfg_gensec_settings(tctx, tctx->lp_ctx); status = smb_composite_sesssetup(cli->session, &io); torture_assert_ntstatus_ok_goto(tctx, status, ok, done, "setup2"); + torture_assert_int_equal_goto(tctx, io.out.vuid, vuid1, ok, done, "setup2"); num = smbcli_read(cli->tree, fnum, &buf, 0, dlen); torture_assert_int_equal_goto(tctx, num, dlen, ok, done, "read file"); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 5909188 talloc: Update doxygen config. via 2040828 doc: Remove latex to doxygen conversion leftovers in talloc. via 6952699 doc: Fixes for the talloc best practices tutorial. via c1c9ab1 doc: Fixes for the talloc debugging tutorial. via 5a758f4 doc: Fixes for the talloc pool tutorial. via 79efc9d doc: Fixes for the talloc destructor tutorial. via 7d5565e doc: Fixes for the talloc dynamic type system tutorial. via dc112dc doc: Fixes for the talloc stealing tutorial. via 9423ac0 doc: Fixes for the talloc context tutorial. via d99b7d0 doc: Add talloc tutorial. from 890485b heimdal: Cope with newer Heimdal versions accepting a keyset argument to hdb_enctype2key. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 59091884922eda5a1524ad97fa1a5d7477cb5b96 Author: Andreas Schneider Date: Mon May 7 11:57:34 2012 +0200 talloc: Update doxygen config. Autobuild-User: Andreas Schneider Autobuild-Date: Mon May 7 21:13:15 CEST 2012 on sn-devel-104 commit 20408286e2845ebca64b28e7e8ec0ed8dc9130c2 Author: Pavel Březina Date: Mon May 7 12:30:44 2012 +0200 doc: Remove latex to doxygen conversion leftovers in talloc. Signed-off-by: Andreas Schneider commit 69526997e5636211824f8c041a9e57d039cc62f4 Author: Andreas Schneider Date: Mon May 7 11:56:39 2012 +0200 doc: Fixes for the talloc best practices tutorial. commit c1c9ab1c79571dfa1ae0a9f92f401ea89a50ca0e Author: Andreas Schneider Date: Mon May 7 11:42:44 2012 +0200 doc: Fixes for the talloc debugging tutorial. commit 5a758f448d61f327aa510b9b4506a509e346c5df Author: Andreas Schneider Date: Mon May 7 11:36:37 2012 +0200 doc: Fixes for the talloc pool tutorial. commit 79efc9d6e2c57c6acd8216be4b3387180032addd Author: Andreas Schneider Date: Mon May 7 11:30:06 2012 +0200 doc: Fixes for the talloc destructor tutorial. commit 7d5565e22d0ad8994225da18ef025bfdfa56c245 Author: Andreas Schneider Date: Mon May 7 11:25:50 2012 +0200 doc: Fixes for the talloc dynamic type system tutorial. commit dc112dcee058f2f1a211a50790f659a629ab2978 Author: Andreas Schneider Date: Mon May 7 11:18:26 2012 +0200 doc: Fixes for the talloc stealing tutorial. commit 9423ac06aa2a88a1cf64d5256e948bbec33ecb91 Author: Andreas Schneider Date: Mon May 7 11:09:56 2012 +0200 doc: Fixes for the talloc context tutorial. commit d99b7d0220d8bd694c0d997622a7a87eb09c5570 Author: Pavel Březina Date: Sun May 6 14:34:48 2012 +0200 doc: Add talloc tutorial. Signed-off-by: Andreas Schneider --- Summary of changes: lib/talloc/doc/context.png| Bin 0 -> 4715 bytes lib/talloc/doc/context_tree.png | Bin 0 -> 6158 bytes lib/talloc/doc/mainpage.dox |5 + lib/talloc/doc/stealing.png | Bin 0 -> 6994 bytes lib/talloc/doc/tutorial_bestpractices.dox | 192 +++ lib/talloc/doc/tutorial_context.dox | 198 +++ lib/talloc/doc/tutorial_debugging.dox | 116 +++ lib/talloc/doc/tutorial_destructors.dox | 82 + lib/talloc/doc/tutorial_dts.dox | 109 ++ lib/talloc/doc/tutorial_introduction.dox | 43 +++ lib/talloc/doc/tutorial_pools.dox | 93 ++ lib/talloc/doc/tutorial_stealing.dox | 55 +++ lib/talloc/doxy.config| 512 ++--- 13 files changed, 1285 insertions(+), 120 deletions(-) create mode 100644 lib/talloc/doc/context.png create mode 100644 lib/talloc/doc/context_tree.png create mode 100644 lib/talloc/doc/stealing.png create mode 100644 lib/talloc/doc/tutorial_bestpractices.dox create mode 100644 lib/talloc/doc/tutorial_context.dox create mode 100644 lib/talloc/doc/tutorial_debugging.dox create mode 100644 lib/talloc/doc/tutorial_destructors.dox create mode 100644 lib/talloc/doc/tutorial_dts.dox create mode 100644 lib/talloc/doc/tutorial_introduction.dox create mode 100644 lib/talloc/doc/tutorial_pools.dox create mode 100644 lib/talloc/doc/tutorial_stealing.dox Changeset truncated at 500 lines: diff --git a/lib/talloc/doc/context.png b/lib/talloc/doc/context.png new file mode 100644 index 000..48a6ca0 Binary files /dev/null and b/lib/talloc/doc/context.png differ diff --git a/lib/talloc/doc/context_tree.png b/lib/talloc/doc/context_tree.png new file mode 100644 index 000..9723459 Binary files /dev/null and b/lib/talloc/doc/context_tree.png differ diff --git a/lib/talloc/doc/mainpage.dox b/lib/talloc/doc/mainpage.dox index 3204e8a..3b56898 100644 --- a/lib/talloc/doc/mainpage.dox +++ b/lib/talloc/doc/mainpage.dox @@ -10,6 +10,11 @@ * http://samba.org/ftp/talloc"; target="_blank">talloc directory * on the samba public source archive.
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated
via 50973b9 Fix bug #8877 - Syslog broken owing to mistyping of
debug_settings.syslog.
from faafade Bugfix for #8857 - Setting traverse rights fails to enable
directory traversal when acl_xattr in use.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test
- Log -
commit 50973b96e2e5bf1f8a434a8be986e359a9e3b3e5
Author: Joseph Tam
Date: Thu Apr 19 11:46:16 2012 -0700
Fix bug #8877 - Syslog broken owing to mistyping of debug_settings.syslog.
Setting "syslog only = yes" did not divert log messages to syslog. The
test in
lib/util/debug.c:Debug1():747
if( syslog_level < state.settings.syslog )
produces wrong results since .syslog is typed "bool" rather than "int".
The attached patch fixes this by typing this field correctly as "int".
Autobuild-User: Jeremy Allison
Autobuild-Date: Fri Apr 20 00:06:12 CEST 2012 on sn-devel-104
(cherry picked from commit 00d5f32025bf13285ab3f8ffae914107c9eca275)
Signed-off-by: Jeremy Allison
---
Summary of changes:
lib/util/debug.h |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/util/debug.h b/lib/util/debug.h
index c01fa92..4117d3f 100644
--- a/lib/util/debug.h
+++ b/lib/util/debug.h
@@ -201,7 +201,7 @@ enum debug_logtype {DEBUG_DEFAULT_STDERR = 0, DEBUG_STDOUT
= 1, DEBUG_FILE = 2,
struct debug_settings {
size_t max_log_size;
- bool syslog;
+ int syslog;
bool syslog_only;
bool timestamp_logs;
bool debug_prefix_timestamp;
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated
via faafade Bugfix for #8857 - Setting traverse rights fails to enable
directory traversal when acl_xattr in use.
via bed05b8 Fix incorrect debug - parent_name is never set !
from 815ba9d Fix bug #8831 - Inconsistent (with manpage) command-line
switch for "help" in smbtree
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test
- Log -
commit faafade5dd948918a27284b82384340995d1bf55
Author: Jeremy Allison
Date: Mon Apr 16 18:17:25 2012 -0700
Bugfix for #8857 - Setting traverse rights fails to enable directory
traversal when acl_xattr in use.
We were incorrectly checking the parent directory ACL, instead
of the ACL of the directory we're trying to open.
commit bed05b8d6b10c77a98a73318ba483bafcccb8a34
Author: Jeremy Allison
Date: Mon Apr 16 18:04:51 2012 -0700
Fix incorrect debug - parent_name is never set !
---
Summary of changes:
source3/modules/vfs_acl_common.c | 39 +
1 files changed, 34 insertions(+), 5 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/modules/vfs_acl_common.c b/source3/modules/vfs_acl_common.c
index 016bb9f..097fd20 100644
--- a/source3/modules/vfs_acl_common.c
+++ b/source3/modules/vfs_acl_common.c
@@ -559,7 +559,6 @@ static NTSTATUS check_parent_acl_common(vfs_handle_struct
*handle,
uint32_t access_mask,
struct security_descriptor **pp_parent_desc)
{
- char *parent_name = NULL;
struct security_descriptor *parent_desc = NULL;
uint32_t access_granted = 0;
NTSTATUS status;
@@ -578,9 +577,8 @@ static NTSTATUS check_parent_acl_common(vfs_handle_struct
*handle,
&access_granted);
if(!NT_STATUS_IS_OK(status)) {
DEBUG(10,("check_parent_acl_common: access check "
- "on directory %s for "
+ "on parent directory of "
"path %s for mask 0x%x returned %s\n",
- parent_name,
path,
access_mask,
nt_errstr(status) ));
@@ -815,13 +813,44 @@ static NTSTATUS fset_nt_acl_common(vfs_handle_struct
*handle, files_struct *fsp,
static SMB_STRUCT_DIR *opendir_acl_common(vfs_handle_struct *handle,
const char *fname, const char *mask, uint32 attr)
{
- NTSTATUS status = check_parent_acl_common(handle, fname,
- SEC_DIR_LIST, NULL);
+ NTSTATUS status;
+ uint32_t access_granted = 0;
+ struct security_descriptor *sd = NULL;
+ status = get_nt_acl_internal(handle,
+ NULL,
+ fname,
+ (SECINFO_OWNER |
+SECINFO_GROUP |
+SECINFO_DACL |
+SECINFO_SACL),
+ &sd);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(10,("opendir_acl_common: "
+ "get_nt_acl_internal for dir %s "
+ "failed with error %s\n",
+ fname,
+ nt_errstr(status) ));
+ errno = map_errno_from_nt_status(status);
+ return NULL;
+ }
+
+ /* See if we can access it. */
+ status = smb1_file_se_access_check(handle->conn,
+ sd,
+ get_current_nttok(handle->conn),
+ SEC_DIR_LIST,
+ &access_granted);
if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(10,("opendir_acl_common: %s open "
+ "for access SEC_DIR_LIST "
+ "refused with error %s\n",
+ fname,
+ nt_errstr(status) ));
errno = map_errno_from_nt_status(status);
return NULL;
}
+
return SMB_VFS_NEXT_OPENDIR(handle, fname, mask, attr);
}
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-5-test updated
The branch, v3-5-test has been updated via 6692bd5 Fix bug #8831 - Inconsistent (with manpage) command-line switch for "help" in smbtree from cf39e01 Fix bug #8897 - winbind_krb5_locator only returns one IP address. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-5-test - Log - commit 6692bd5944bcc060453a8ae3424cef71b47d37f4 Author: Jeremy Allison Date: Fri Mar 30 12:23:07 2012 -0700 Fix bug #8831 - Inconsistent (with manpage) command-line switch for "help" in smbtree Autobuild-User: Jeremy Allison Autobuild-Date: Fri Mar 30 22:59:53 CEST 2012 on sn-devel-104 (cherry picked from commit efd94d159883cb0841d8ac83223a1e63098a8d72) (cherry picked from commit 815ba9db6f9ae405c6e8a590ee96a31cf30ba481) --- Summary of changes: docs-xml/build/DTD/samba.entities |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/build/DTD/samba.entities b/docs-xml/build/DTD/samba.entities index d204156..f5d8cd2 100644 --- a/docs-xml/build/DTD/samba.entities +++ b/docs-xml/build/DTD/samba.entities @@ -440,7 +440,7 @@ Try to use the credentials cached by winbind. --h|--help +-?|--help Print a summary of command line options. '> -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 890485b heimdal: Cope with newer Heimdal versions accepting a
keyset argument to hdb_enctype2key.
from 4754743 s3:registry: let reg_values_need_update() return true if
the backend does not implement the method
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 890485bd17142ac9bbaf71c24d3d3ec1fa4a6724
Author: Jelmer Vernooij
Date: Mon May 7 16:43:17 2012 +0200
heimdal: Cope with newer Heimdal versions accepting a keyset argument to
hdb_enctype2key.
Autobuild-User: Jelmer Vernooij
Autobuild-Date: Mon May 7 18:33:10 CEST 2012 on sn-devel-104
---
Summary of changes:
source4/heimdal_build/wscript_configure | 26 ++
source4/kdc/pac-glue.c |4
2 files changed, 26 insertions(+), 4 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/heimdal_build/wscript_configure
b/source4/heimdal_build/wscript_configure
index a350a8b..619944d 100755
--- a/source4/heimdal_build/wscript_configure
+++ b/source4/heimdal_build/wscript_configure
@@ -213,15 +213,33 @@ check_system_heimdal_lib("gssapi", "gss_oid_to_name",
"gssapi.h",
onlyif="hcrypto asn1 roken krb5 com_err wind")
check_system_heimdal_lib("heimntlm", "heim_ntlm_ntlmv2_key", "heimntlm.h",
onlyif="roken hcrypto krb5")
-check_system_heimdal_lib("hdb", "hdb_db_dir", "krb5.h hdb.h",
-onlyif="roken krb5 hcrypto com_err wind")
+if check_system_heimdal_lib("hdb", "hdb_db_dir", "krb5.h hdb.h",
+onlyif="roken krb5 hcrypto com_err wind"):
+CCDEFINES = list(conf.env.CCDEFINES)
+conf.undefine("HAVE_CONFIG_H")
+while "HAVE_CONFIG_H=1" in conf.env.CCDEFINES:
+conf.env.CCDEFINES.remove("HAVE_CONFIG_H=1")
+try:
+conf.CHECK_CODE('''
+#include
+int main(void) { hdb_enctype2key(NULL, NULL, NULL, 0, NULL); }
+''',
+define='HDB_ENCTYPE2KEY_TAKES_KEYSET',
+addmain=False,
+lib='hdb',
+msg='Checking whether hdb_enctype2key takes a keyset argument',
+local_include=False)
+finally:
+conf.env.CCDEFINES = CCDEFINES
+conf.define("HAVE_CONFIG_H", "1")
+
check_system_heimdal_lib("kdc", "kdc_log", "kdc.h",
onlyif="roken krb5 hdb asn1 heimntlm hcrypto com_err wind heimbase")
# With the proper checks in place we should be able to build against the
system libtommath.
-# conf.CHECK_BUNDLED_SYSTEM('tommath', checkfunctions='mp_init',
headers='tommath.h')
-# conf.define('USING_SYSTEM_TOMMATH', 1)
+#if conf.CHECK_BUNDLED_SYSTEM('tommath', checkfunctions='mp_init',
headers='tommath.h'):
+#conf.define('USING_SYSTEM_TOMMATH', 1)
check_system_heimdal_binary("compile_et")
check_system_heimdal_binary("asn1_compile")
diff --git a/source4/kdc/pac-glue.c b/source4/kdc/pac-glue.c
index d654dc3..cca74d8 100644
--- a/source4/kdc/pac-glue.c
+++ b/source4/kdc/pac-glue.c
@@ -482,7 +482,11 @@ int kdc_check_pac(krb5_context context,
}
}
+#if HDB_ENCTYPE2KEY_TAKES_KEYSET
+ ret = hdb_enctype2key(context, &ent->entry, NULL, etype, &key);
+#else
ret = hdb_enctype2key(context, &ent->entry, etype, &key);
+#endif
if (ret != 0) {
return ret;
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via 815ba9d Fix bug #8831 - Inconsistent (with manpage) command-line switch for "help" in smbtree from b2f7288 Wrong assertion/comparison: Compare value not pointer http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit 815ba9db6f9ae405c6e8a590ee96a31cf30ba481 Author: Jeremy Allison Date: Fri Mar 30 12:23:07 2012 -0700 Fix bug #8831 - Inconsistent (with manpage) command-line switch for "help" in smbtree Autobuild-User: Jeremy Allison Autobuild-Date: Fri Mar 30 22:59:53 CEST 2012 on sn-devel-104 (cherry picked from commit efd94d159883cb0841d8ac83223a1e63098a8d72) --- Summary of changes: docs-xml/build/DTD/samba.entities |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/build/DTD/samba.entities b/docs-xml/build/DTD/samba.entities index d204156..f5d8cd2 100644 --- a/docs-xml/build/DTD/samba.entities +++ b/docs-xml/build/DTD/samba.entities @@ -440,7 +440,7 @@ Try to use the credentials cached by winbind. --h|--help +-?|--help Print a summary of command line options. '> -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated
via b2f7288 Wrong assertion/comparison: Compare value not pointer
from 56b0ec0 Fix bug #8897 - winbind_krb5_locator only returns one IP
address.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test
- Log -
commit b2f728823e8976e2ce5a2e630134ae8e01d83e82
Author: Olaf Flebbe
Date: Thu Apr 12 11:29:41 2012 +0200
Wrong assertion/comparison: Compare value not pointer
Fix bug #8859 (Wrong assertion: Checks pointer not value).
---
Summary of changes:
source3/registry/reg_parse.c |4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/registry/reg_parse.c b/source3/registry/reg_parse.c
index 908faca..b8ad4d7 100644
--- a/source3/registry/reg_parse.c
+++ b/source3/registry/reg_parse.c
@@ -793,12 +793,12 @@ handle_iconv_errno(int err, const char* obuf, size_t
linenum,
DEBUG(0, ("Illegal multibyte sequence at line %lu: %s",
(long unsigned)(linenum+1), pos));
- assert(ilen > 0);
+ assert((*ilen) > 0);
do {
size_t il = 1;
DEBUGADD(0, ("<%02x>", (unsigned char)**iptr));
- if (olen > 0) {
+ if ((*olen) > 0) {
*(*optr)++ = '\?';
(*iptr)++;
/* Todo: parametrize, e.g. skip: *optr++ = *iptr++; */
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-5-test updated
The branch, v3-5-test has been updated
via cf39e01 Fix bug #8897 - winbind_krb5_locator only returns one IP
address.
from d9377cc WHATSNEW: Start release notes for 3.5.16.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-5-test
- Log -
commit cf39e013930d29574826f6ad3a259fe47203c000
Author: Jeremy Allison
Date: Wed Apr 25 15:17:09 2012 -0700
Fix bug #8897 - winbind_krb5_locator only returns one IP address.
Reported by dina_f...@dell.com.
Don't ask the DC for an IP list when locating kdc's. Ask for the
name and use getaddrinfo to get all possible addresses instead.
(cherry picked from commit 56b0ec0e91f9af0eb6c109fc1cc300ad5fee3fe6)
---
Summary of changes:
nsswitch/winbind_krb5_locator.c | 35 +++
1 files changed, 19 insertions(+), 16 deletions(-)
Changeset truncated at 500 lines:
diff --git a/nsswitch/winbind_krb5_locator.c b/nsswitch/winbind_krb5_locator.c
index e921cae..385a156 100644
--- a/nsswitch/winbind_krb5_locator.c
+++ b/nsswitch/winbind_krb5_locator.c
@@ -182,7 +182,8 @@ static krb5_error_code smb_krb5_locator_call_cbfunc(const
char *name,
void *cbdata)
{
struct addrinfo *out = NULL;
- int ret;
+ int ret = 0;
+ struct addrinfo *res = NULL;
int count = 3;
while (count) {
@@ -206,16 +207,25 @@ static krb5_error_code smb_krb5_locator_call_cbfunc(const
char *name,
return KRB5_PLUGIN_NO_HANDLE;
}
- ret = cbfunc(cbdata, out->ai_socktype, out->ai_addr);
+ for (res = out; res; res = res->ai_next) {
+ if (!res->ai_addr || res->ai_addrlen == 0) {
+ continue;
+ }
+
+ ret = cbfunc(cbdata, res->ai_socktype, res->ai_addr);
+ if (ret) {
#ifdef DEBUG_KRB5
- if (ret) {
- fprintf(stderr, "[%5u]: smb_krb5_locator_lookup: "
- "failed to call callback: %s (%d)\n",
- (unsigned int)getpid(), error_message(ret), ret);
- }
+ fprintf(stderr, "[%5u]: smb_krb5_locator_lookup: "
+ "failed to call callback: %s (%d)\n",
+ (unsigned int)getpid(), error_message(ret),
ret);
#endif
+ break;
+ }
+ }
- freeaddrinfo(out);
+ if (out) {
+ freeaddrinfo(out);
+ }
return ret;
}
@@ -257,8 +267,7 @@ static bool ask_winbind(const char *realm, char **dcname)
flags = WBC_LOOKUP_DC_KDC_REQUIRED |
WBC_LOOKUP_DC_IS_DNS_NAME |
- WBC_LOOKUP_DC_RETURN_DNS_NAME |
- WBC_LOOKUP_DC_IP_REQUIRED;
+ WBC_LOOKUP_DC_RETURN_DNS_NAME;
wbc_status = wbcLookupDomainControllerEx(realm, NULL, NULL, flags,
&dc_info);
@@ -270,12 +279,6 @@ static bool ask_winbind(const char *realm, char **dcname)
return false;
}
- if (dc_info->dc_address) {
- dc = dc_info->dc_address;
- if (dc[0] == '\\') dc++;
- if (dc[0] == '\\') dc++;
- }
-
if (!dc && dc_info->dc_unc) {
dc = dc_info->dc_unc;
if (dc[0] == '\\') dc++;
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated
via 56b0ec0 Fix bug #8897 - winbind_krb5_locator only returns one IP
address.
from 3d9a8dd Final back port of fix for bug #8837 - smbd crashes when
deleting directory and veto files are enabled.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test
- Log -
commit 56b0ec0e91f9af0eb6c109fc1cc300ad5fee3fe6
Author: Jeremy Allison
Date: Wed Apr 25 15:17:09 2012 -0700
Fix bug #8897 - winbind_krb5_locator only returns one IP address.
Reported by dina_f...@dell.com.
Don't ask the DC for an IP list when locating kdc's. Ask for the
name and use getaddrinfo to get all possible addresses instead.
---
Summary of changes:
nsswitch/winbind_krb5_locator.c | 35 +++
1 files changed, 19 insertions(+), 16 deletions(-)
Changeset truncated at 500 lines:
diff --git a/nsswitch/winbind_krb5_locator.c b/nsswitch/winbind_krb5_locator.c
index e921cae..385a156 100644
--- a/nsswitch/winbind_krb5_locator.c
+++ b/nsswitch/winbind_krb5_locator.c
@@ -182,7 +182,8 @@ static krb5_error_code smb_krb5_locator_call_cbfunc(const
char *name,
void *cbdata)
{
struct addrinfo *out = NULL;
- int ret;
+ int ret = 0;
+ struct addrinfo *res = NULL;
int count = 3;
while (count) {
@@ -206,16 +207,25 @@ static krb5_error_code smb_krb5_locator_call_cbfunc(const
char *name,
return KRB5_PLUGIN_NO_HANDLE;
}
- ret = cbfunc(cbdata, out->ai_socktype, out->ai_addr);
+ for (res = out; res; res = res->ai_next) {
+ if (!res->ai_addr || res->ai_addrlen == 0) {
+ continue;
+ }
+
+ ret = cbfunc(cbdata, res->ai_socktype, res->ai_addr);
+ if (ret) {
#ifdef DEBUG_KRB5
- if (ret) {
- fprintf(stderr, "[%5u]: smb_krb5_locator_lookup: "
- "failed to call callback: %s (%d)\n",
- (unsigned int)getpid(), error_message(ret), ret);
- }
+ fprintf(stderr, "[%5u]: smb_krb5_locator_lookup: "
+ "failed to call callback: %s (%d)\n",
+ (unsigned int)getpid(), error_message(ret),
ret);
#endif
+ break;
+ }
+ }
- freeaddrinfo(out);
+ if (out) {
+ freeaddrinfo(out);
+ }
return ret;
}
@@ -257,8 +267,7 @@ static bool ask_winbind(const char *realm, char **dcname)
flags = WBC_LOOKUP_DC_KDC_REQUIRED |
WBC_LOOKUP_DC_IS_DNS_NAME |
- WBC_LOOKUP_DC_RETURN_DNS_NAME |
- WBC_LOOKUP_DC_IP_REQUIRED;
+ WBC_LOOKUP_DC_RETURN_DNS_NAME;
wbc_status = wbcLookupDomainControllerEx(realm, NULL, NULL, flags,
&dc_info);
@@ -270,12 +279,6 @@ static bool ask_winbind(const char *realm, char **dcname)
return false;
}
- if (dc_info->dc_address) {
- dc = dc_info->dc_address;
- if (dc[0] == '\\') dc++;
- if (dc[0] == '\\') dc++;
- }
-
if (!dc && dc_info->dc_unc) {
dc = dc_info->dc_unc;
if (dc[0] == '\\') dc++;
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated
via 3d9a8dd Final back port of fix for bug #8837 - smbd crashes when
deleting directory and veto files are enabled.
via 5b53510 Convert parse_delete_tokens_list() and
unparse_share_modes() to use ndr encoding for the struct security_unix_token.
We can do this as libsmb_share_modes never looks inside the delete tokens list,
only implicitly gets the length.
via a66a725 The delete tokens are unique to each name hash representing
a pathname, if we don't correctly return here we'll add duplicate tokens for a
given pasname hash.
via e691385 Fix the talloc heirarchy when adding the unix delete token.
via 483c25e Third part of fix for bug #8837 - smbd crashes when
deleting directory and veto files are enabled.
via dd2246f First part of fix for bug 8837 - smbd crashes when deleting
directory and veto files are enabled.
from e686621 s3: Fix bug 8904 -- wbinfo --lookup-sids "" crashes winbind
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test
- Log -
commit 3d9a8dd1a97f68df7d91cef5afe4dda80cc03454
Author: Jeremy Allison
Date: Mon Apr 9 14:15:22 2012 -0700
Final back port of fix for bug #8837 - smbd crashes when deleting directory
and veto files are enabled.
Use ndr encoding to add the NT security token into the stored data when
delete on close is set.
commit 5b5351022fb81da09d28ab3e7c8c2e2a8956c45e
Author: Jeremy Allison
Date: Mon Apr 9 11:47:27 2012 -0700
Convert parse_delete_tokens_list() and unparse_share_modes() to use ndr
encoding for the struct security_unix_token. We can do this as
libsmb_share_modes never looks inside the delete tokens list, only implicitly
gets the length.
commit a66a725f6190fe48b6c83dc7f0e65bac6fa4bbac
Author: Jeremy Allison
Date: Fri Apr 6 15:39:03 2012 -0700
The delete tokens are unique to each name hash representing a pathname, if
we don't correctly return here we'll add duplicate tokens for a given pasname
hash.
commit e691385e25804c744fc820fdd6e039c3cf6b6128
Author: Jeremy Allison
Date: Fri Apr 6 14:53:48 2012 -0700
Fix the talloc heirarchy when adding the unix delete token.
commit 483c25eb0c88178012cec11f713b714c3c54f8d6
Author: Jeremy Allison
Date: Wed Apr 4 14:57:12 2012 -0700
Third part of fix for bug #8837 - smbd crashes when deleting directory and
veto files are enabled.
Use correct check to see if veto files has been enabled. Even if not
set lp_veto_files() returns a valid string address (to a '\0' character).
Autobuild-User: Jeremy Allison
Autobuild-Date: Thu Apr 5 01:36:04 CEST 2012 on sn-devel-104
(cherry picked from commit 704ea4729b499ae2716cfe6ad5d952bcb1251a3b)
commit dd2246f0262ef1002bf9e348d6097734596ce100
Author: Jeremy Allison
Date: Wed Apr 4 14:53:10 2012 -0700
First part of fix for bug 8837 - smbd crashes when deleting directory and
veto files are enabled.
Add some const to the sec_ctx code.
(cherry picked from commit f042de2f346c98a852957cdbb09a7f8ac871b69c)
---
Summary of changes:
librpc/idl/security.idl |4 +-
source3/include/smb.h |1 +
source3/locking/locking.c | 231 +++--
source3/locking/proto.h | 10 ++-
source3/smbd/close.c | 25 +++--
source3/smbd/proto.h |2 +-
source3/smbd/reply.c |8 +-
source3/smbd/sec_ctx.c|2 +-
source3/smbd/trans2.c |1 +
9 files changed, 174 insertions(+), 110 deletions(-)
Changeset truncated at 500 lines:
diff --git a/librpc/idl/security.idl b/librpc/idl/security.idl
index 3378367..696d5a5 100644
--- a/librpc/idl/security.idl
+++ b/librpc/idl/security.idl
@@ -570,7 +570,7 @@ interface security
} sec_desc_buf;
/* This is not yet sent over the network, but is simply defined in IDL
*/
- typedef [public] struct {
+ typedef [public,gensize] struct {
uint32 num_sids;
[size_is(num_sids)] dom_sid sids[*];
se_privilege privilege_mask;
@@ -578,7 +578,7 @@ interface security
} security_token;
/* This is not yet sent over the network, but is simply defined in IDL
*/
- typedef [public] struct {
+ typedef [public,gensize] struct {
uid_t uid;
uid_t gid;
uint32 ngroups;
diff --git a/source3/include/smb.h b/source3/include/smb.h
index 549ebb2..873657a 100644
--- a/source3/include/smb.h
+++ b/source3/include/smb.h
@@ -637,6 +637,7 @@ struct delete_token_list {
struct delete_token_list *next, *prev;
uint32_t name_hash;
struct security_unix_token *delete_token;
+ struct security_token *delete_nt_token;
};
struct share_mode_lock {
diff --git a/source3/locking/locking.c b/source3/locking/locking.c
inde
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 4754743 s3:registry: let reg_values_need_update() return true if the backend does not implement the method via fb58951 s3:registry: let reg_subkeys_need_update() return true if the backend does not implement the method from 246409e s4-dns: Build BIND DLZ modules with correct private library http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 4754743860b4601465aa122021a8ae7ddb42f6a1 Author: Michael Adam Date: Mon May 7 14:09:28 2012 +0200 s3:registry: let reg_values_need_update() return true if the backend does not implement the method Otherwise the value cache might become outdated. Autobuild-User: Michael Adam Autobuild-Date: Mon May 7 16:11:05 CEST 2012 on sn-devel-104 commit fb58951f93909e95504eebc06119b96d864c8425 Author: Michael Adam Date: Mon May 7 14:08:13 2012 +0200 s3:registry: let reg_subkeys_need_update() return true if the backend does not implement the method Otherwise the subkey cache might become outdated. --- Summary of changes: source3/registry/reg_dispatcher.c |4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/registry/reg_dispatcher.c b/source3/registry/reg_dispatcher.c index 765954e..e9ed14b 100644 --- a/source3/registry/reg_dispatcher.c +++ b/source3/registry/reg_dispatcher.c @@ -244,7 +244,7 @@ bool reg_subkeys_need_update(struct registry_key_handle *key, return key->ops->subkeys_need_update(subkeys); } - return false; + return true; } /** @@ -259,6 +259,6 @@ bool reg_values_need_update(struct registry_key_handle *key, return key->ops->values_need_update(values); } - return false; + return true; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated
via e686621 s3: Fix bug 8904 -- wbinfo --lookup-sids "" crashes winbind
from 237d4da s3: Fix a segfault with debug level 3 on Solaris
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test
- Log -
commit e68662130c6c4c081d23f1a24cc3e9a3d2993224
Author: Volker Lendecke
Date: Sat Apr 28 19:51:46 2012 +0200
s3: Fix bug 8904 -- wbinfo --lookup-sids "" crashes winbind
Much of the code further down and up the call chain expects the
structures wb_lookupsids returns to be allocated. Do that despite
we have nothing to look up.
---
Summary of changes:
source3/winbindd/wb_lookupsids.c | 10 +-
1 files changed, 5 insertions(+), 5 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/winbindd/wb_lookupsids.c b/source3/winbindd/wb_lookupsids.c
index cdca7c7..2fd735d 100644
--- a/source3/winbindd/wb_lookupsids.c
+++ b/source3/winbindd/wb_lookupsids.c
@@ -123,11 +123,6 @@ struct tevent_req *wb_lookupsids_send(TALLOC_CTX *mem_ctx,
state->sids = sids;
state->num_sids = num_sids;
- if (num_sids == 0) {
- tevent_req_done(req);
- return tevent_req_post(req, ev);
- }
-
state->single_sids = TALLOC_ARRAY(state, uint32_t, num_sids);
if (tevent_req_nomem(state->single_sids, req)) {
return tevent_req_post(req, ev);
@@ -153,6 +148,11 @@ struct tevent_req *wb_lookupsids_send(TALLOC_CTX *mem_ctx,
return tevent_req_post(req, ev);
}
+ if (num_sids == 0) {
+ tevent_req_done(req);
+ return tevent_req_post(req, ev);
+ }
+
for (i=0; i
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated
via 237d4da s3: Fix a segfault with debug level 3 on Solaris
from 3882e0a WHATSNEW: Start release notes for 3.6.6.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test
- Log -
commit 237d4dacfed478ce7f23a5f46b609189215259d3
Author: Volker Lendecke
Date: Thu Apr 12 12:15:50 2012 +0200
s3: Fix a segfault with debug level 3 on Solaris
printf can not deal with NULL strings
Fix bug #8861 (smbd crashes on high debug level with anonymous logins).
---
Summary of changes:
source3/smbd/password.c |3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/smbd/password.c b/source3/smbd/password.c
index ddc7ad1..f032a56 100644
--- a/source3/smbd/password.c
+++ b/source3/smbd/password.c
@@ -294,7 +294,8 @@ int register_existing_vuid(struct smbd_server_connection
*sconn,
DEBUG(3, ("register_existing_vuid: User name: %s\t"
"Real name: %s\n", vuser->session_info->unix_name,
- vuser->session_info->info3->base.full_name.string));
+ vuser->session_info->info3->base.full_name.string ?
+ vuser->session_info->info3->base.full_name.string : ""));
if (!vuser->session_info->security_token) {
DEBUG(1, ("register_existing_vuid: session_info does not "
--
Samba Shared Repository
[SCM] CTDB repository - annotated tag ctdb-1.0.114.5 created - ctdb-1.0.114.5
The annotated tag, ctdb-1.0.114.5 has been created at 4660de10d208ccab73382cf8f1122b65cd65bfc7 (tag) tagging 44e540648477217e37ba43f664124e0996b4496b (commit) replaces ctdb-1.0.114.4 tagged by Michael Adam on Mon May 7 11:52:15 2012 +0200 - Log - Release 1.0.114.5 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iEYEABECAAYFAk+nm1YACgkQyU9JOBhPkDQZUQCdGL22QR195EVQtEpSrVUIcHee wXIAnj9zjvCNgPVxBIbtfi9ClbMkj8l1 =R+2W -END PGP SIGNATURE- Michael Adam (14): persistent_callback: ignore the update-recordreturn code of remote node in recovery persistent_store_timout: do not really time out the trans3_commit control in recovery persistent: if a node failed to update_record, trigger a recovery persistent: reduce indentation for the finishing moves in ctdb_persistent_callback persistent_callback: print "no error message given" instead of "(null)" persistent: add a ctdb_persistent_state member to the ctdb_db context. persistent: add a ctdb_db context to the ctdb_persistent_state struct. persistent: allocate the persistent state in the ctdb_db struct in trans3_commit persistent: reject trans3_control when a commit is already active. persistent: add a client context to the persistent_stat and track the db_id daemon: correctly end a running trans3_commit if the client disconnects. persistent: add ctdb_persistent_finish_trans3_commits(). recover: finish pending trans3 commits when a recovery is finished. New version 1.0.114.5. Rusty Russell (1): config: wrap iptables in flock to avoid concurrancy. --- -- CTDB repository
[SCM] CTDB repository - branch 1.0.114 updated - ctdb-1.0.114.4-15-g44e5406
The branch, 1.0.114 has been updated via 44e540648477217e37ba43f664124e0996b4496b (commit) via e14a771817182547c6b72cab81f33c1469fad925 (commit) via 2a6e17e75f73e492d0da118ef00e8d37d6a7fa07 (commit) via 2bbf862517e10f38a4271bfd1a62e788ce7b81a5 (commit) via 57d4c6c50082603e8ddbe77f969dc0bffe8452f5 (commit) via 839e59a153f176089dc38e73ffdce8c05bf3d09b (commit) via bf26780c46a2fb9ce799bec6ea5e80abd0c1644e (commit) via 86d02ccdac9873fff646c0aec1b7d9719332ba37 (commit) via 8070ab284e311d4eea9e46e0121944d4b7139b07 (commit) via dce8248b16ea51a19026fb8d1256a06af13af786 (commit) via 41a5e9b5f51633b6c20f3ab08977f2004d95bde5 (commit) via f730da217c0ec2e72c37f4cc4f69ce7373c81791 (commit) via 821af530cfffe8573c97b4c98490dc4b2d2db931 (commit) via badde008663e15e7d43c98b1a1fd14338922dd8f (commit) via ae5ef4997e474092e1a07ef52ca2f02fb9368bf6 (commit) from 10dce70bf8a238702a5b81ffa8ea89edea9fc61f (commit) http://gitweb.samba.org/?p=ctdb.git;a=shortlog;h=1.0.114 - Log - commit 44e540648477217e37ba43f664124e0996b4496b Author: Michael Adam Date: Mon May 7 11:51:28 2012 +0200 New version 1.0.114.5. commit e14a771817182547c6b72cab81f33c1469fad925 Author: Michael Adam Date: Wed Feb 23 17:39:57 2011 +0100 recover: finish pending trans3 commits when a recovery is finished. When the end_recovery control is received, pending trans3 commits are finished. During the recovery, all the actions like persistent_callback and persistent_store_timeout had been disabled to let the recovery do its job. After the recover is completed, send the reply to the waiting clients. (cherry picked from commit f7dfeb7143f574c2434f7dd16917380dfd1f4f64) Signed-off-by: Michael Adam commit 2a6e17e75f73e492d0da118ef00e8d37d6a7fa07 Author: Michael Adam Date: Wed Feb 23 17:38:40 2011 +0100 persistent: add ctdb_persistent_finish_trans3_commits(). This function walks all databases and checks for running trans3 commits. It sends replies to all of them (with error code) and ends them. To be called when a recovery finishes. (cherry picked from commit 70ba153b532528bdccea70c5ea28972257f384c1) Signed-off-by: Michael Adam commit 2bbf862517e10f38a4271bfd1a62e788ce7b81a5 Author: Michael Adam Date: Wed Feb 23 17:37:42 2011 +0100 daemon: correctly end a running trans3_commit if the client disconnects. (cherry picked from commit 9e0898db6df52d9bc799dd87bfea8c72d5f70ba0) Signed-off-by: Michael Adam commit 57d4c6c50082603e8ddbe77f969dc0bffe8452f5 Author: Michael Adam Date: Wed Feb 23 17:35:27 2011 +0100 persistent: add a client context to the persistent_stat and track the db_id The db_id is tracked in the client context as an indication that a transaction commit is in progress. This is cleared in the persistent_state talloc destructor. This is in order to properly treat running trans3_commits if the client disconnects. (cherry picked from commit e886ff24f4e3e250944289db95916b948893d26c) Signed-off-by: Michael Adam commit 839e59a153f176089dc38e73ffdce8c05bf3d09b Author: Michael Adam Date: Wed Feb 23 00:03:07 2011 +0100 persistent: reject trans3_control when a commit is already active. This should actually never happen. (cherry picked from commit f416e76838fe2adf629d4356d1cc87054b1af164) Signed-off-by: Michael Adam commit bf26780c46a2fb9ce799bec6ea5e80abd0c1644e Author: Michael Adam Date: Wed Feb 23 00:01:13 2011 +0100 persistent: allocate the persistent state in the ctdb_db struct in trans3_commit Make sure that ctdb_db->persistent_state is correctly NULL-ed when the state is freed. This way, we can use ctdb_db->persistent_state as an indication for whether a transaction commit is currently running. (cherry picked from commit 761cb235193564a0f337d0308f0a9e6de0ef2710) Signed-off-by: Michael Adam commit 86d02ccdac9873fff646c0aec1b7d9719332ba37 Author: Michael Adam Date: Wed Feb 23 00:23:18 2011 +0100 persistent: add a ctdb_db context to the ctdb_persistent_state struct. (cherry picked from commit a14917c983c3b9bbbf38f5ddeecdbbe5bde32364) Signed-off-by: Michael Adam commit 8070ab284e311d4eea9e46e0121944d4b7139b07 Author: Michael Adam Date: Wed Feb 23 00:00:04 2011 +0100 persistent: add a ctdb_persistent_state member to the ctdb_db context. To be used for tracking running transaction commits through recoveries. (Backported from commit 1237e15df4af58a3d220eea42a4b75e21e65029f) commit dce8248b16ea51a19026fb8d1256a06af13af786 Author: Michael Adam Date: Tue Feb 22 22:49:52 2011 +0100 persistent_callback: print "no error message given" instead of "(null)" (cherry picked from commit d871a389
