r1835: sync up logon hours changes with 3.0 tree (and update release notes)

7 files changed, 396 insertions, 411 deletions

diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index b53ffe549aa..558656aec02 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,31 +1,71 @@
-                ================================
-                Release Notes for Samba 3.0.6rc2
-                            Aug 5, 2004
-                ================================
-
-This is a release candidate snapshot of the Samba 3.0.5 code
-base and should be considered for testing only.  A release
-candidate (RC) means that we are close to the final, stable
-release and in provided for Quality Assurance (QA) purposes.
-This release is *not* intended for production servers.  Use
-at your own risk.
+                  =============================
+                  Release Notes for Samba 3.0.6
+                            Aug XX, 2004
+                  =============================
 
-There have been several bug fixes since the 3.0.4 release that
-we feel are important to make available to the Samba community
-for wider testings.  See the "Changes" section for details on
-exact updates.
+This is the latest stable release of Samba. This is the version
+that production Samba servers should be running for all
+current bug-fixes.  There have been several issues fixes since
+the 3.0.4/5 release and new features have been added as well.
+See the "Changes" section for details on exact updates.
 
-Common bugs fixed in 3.0.6rc2 include:
+Common bugs fixed in 3.0.6 include:
 
+  o Schannel failure in winbindd.
+  o Numerous memory leaks.
+  o Incompatibilities between the 'write list' and 'force user'
+    smb.conf options.
+  o Premature optimization of the open_directory() internal 
+    function that broke tools such as the ArcServe backup 
+    agent, Macromedia HomeSite, and Robocopy.
+  o Corrupt workgroup names in nmbd's browse.dat.
+  o Sharing violation errors commonly seen when opening
+    when serving Microsoft Office documents from a Samba 
+    file share.
+  o Browsing problems caused by an apostrophe (') in the 
+    computer's description field.
+  o Problems creating special file types from UNIX CIFS 
+    clients and enabling 'unix extensions'.
   o Fix stalls in smbd caused by inaccessible LDAP servers.
   o Remove various memory leaks.
   o Fix issues in the password lockout feature.
-  o Merge security fixes for CAN-2004-0600, CAN-2004-0686 
-    from 3.0.5.
 
 New features introduced in this release include:
 
+  O Support symlinks created by CIFS clients which 
+    can be followed on the server.
+  o Using a cups server other than localhost.
+  o Maintaining the service principal entry in the system 
+    keytab for integration with other kerberized services.
+    Please refer to the 'use kerberos keytab' entry in 
+    smb.conf(5).  When using the heimdal kerberos libraries,
+    you must also specify the following in /etc/krb5.conf:
+    [libdefaults]
+       default_keytab_name = FILE:/etc/krb5.keytab
+  o Support for maintaining individual printer names
+    stored separately from the printer's sharename.
   o Support for maintaining user password history.
+  o Support for honoring the logon times for user in a 
+    Samba domain.
+
+--------------------------------------------
+unix extensions = yes (default) and symlinks
+--------------------------------------------
+
+Beginning with Samba 3.0.6pre1 (formally known as 3.0.5pre1), 
+clients supporting the UNIX extensions to the CIFS protocol 
+can create symlinks to absolute paths which will be **followed** 
+by the server.  This functionality has been requested in order 
+to correctly support certain applications when the user's home 
+directory is mounted using some type of CIFS client (e.g. the 
+cifsvfs in the Linux 2.6 kernel).
+
+If this behavior is not acceptable for your production environment
+you can set 'wide links = no' in the specific share declaration in 
+the server's smb.conf.  Be aware that disabling wide link support 
+out of a share in Samba may impact the server's performance due 
+to the fact that smbd will now have to check each path additional 
+times before traversing it.
   
 ------------------------
 Password History Support 
@@ -33,14 +73,13 @@ Password History Support
 
 The new password history feature allows smbd to check the new 
 password in password change requests against a list of the user's
-previous passwords.  The number of previous passwords to save can be 
-set using pdbedit (4 in this example):
+previous passwords.  The number of previous passwords to save can 
+be set using pdbedit (4 in this example):
 
    root# pdbedit -P "password history" -C 4
 
-When using the ldapsam passdb backend, it is vital to secure 
-the following attributes from access by non-administrative 
-users:
+When using the ldapsam passdb backend, it is vital to secure the 
+following attributes from access by non-administrative users:
 
    * sambaNTPassword
    * sambaLMPassword
@@ -48,249 +87,14 @@ users:
 
 You should refer to your directory server's documentation on how 
 to implement this restriction).
+  
 
 ######################################################################
 Changes
 #######
 
-Changes since 3.0.6rc1
-(formally referred to as 3.0.5rc1)
-----------------------------------
-
-smb.conf changes
-----------------
-
-    Parameter Name              Action
-    --------------              ------
-    ldap timeout                New
-
-    
-commits
--------
-o   Jeremy Allison <jra@samba.org> 
-    * Add support for storing a user's password history.
-      LDAP portion of the code was based on a patch from 
-      Jianliang Lu <j.lu@tiesse.com>.
-    * Correct memory leaks found in the password change code.
-    * Fix support for the mknod command with the Linux CIFS client.
-    * Remove support for passing the new password to smbpasswd 
-      on the command line without using the -s option.
-    * Ensure home directory service number is correctly reused
-      (inspired by patches from Michael Collin Nielsen 
-      <michael@hum.aau.dk>).
-    * Fix to stop printing accounts from resetting the bas 
-      password and account lockout flags.
-    * If a account was locked out by an admin (and has a bad 
-      password count of zero) leave it locked out until an admin 
-      unlocks it (but log a message).
-
-
-o   Tom Alsberg <alsbergt@cs.huji.ac.il>
-    * Allow pdbedit to export a single user from a passdb backend.
-    
-
-o   Andrew Bartlett <abartlet@samba.org>  
-    * Improve smbd's internal random number generation.
-    * Fix a few outstanding long password changes in smbd.
-    * Fix LANMAN2 session setup code.
-
-
-o   Gerald Carter <jerry@samba.org>
-    * BUG 1520: Work around bug in Windows XP SP2 RC2 where the 
-      client sends a FindNextPrintChangeNotify() request without 
-      previously sending a FindFirstPrintChangeNotify().  Return 
-      the same error code as Windows 2000 SP4.
-    * BUG 1516: Manually declare ldap_open_with_timeout() to 
-      workaround compiler errors on IRIX (or other systems without 
-      LDAP headers).
-    * Merge security fixes for CAN-2004-0600, CAN-2004-0686 from 
-      3.0.5.
-    * Corrected syntax error in the OID for sambaUnixIdPool, 
-      sambaSidEntry, & sambaIdmapEntry object classes.
-
-
-
-o   Fabien Chevalier <fabien.chevalier@supelec.fr>
-    * Debian BUG 252591: Ensure that the return value from the 
-      number of available interfaces is initialized in case no 
-      interfaces are actually available.
-
-
-o   Guenther Deschner <gd@sernet.de> 
-    * Display share ACL entries from rpcclient.
-
-
-o   Steve French <sfrench@us.ibm.com>
-    * Fix user unmount of shares mount with suid mount.cifs.
-
-
-o   Volker Lendecke <vl@samba.org>
-    * Allow the 'idmap backend' parameter to accept a list of 
-      LDAP servers for failover purposes.
-    * Revert code in smbd to remove a tdb when it has become 
-      corrupted.
-    * Add paranoid checks when mapping SIDs to a uid/gid to 
-      ensure that the type is correct.
-    * Initial work on getting client support for sending mailslot 
-      datagrams.
-    * Add 'ldap timeout' parameter.
-    * Dont always uppercase 'afs username map'.
-    * Expand aliases for getusersids as well.
-
-
-o   James Peach <jpeach@sgi.com>
-    * More iconv detection fixes for IRIX.
-    * Compile fixed for systems that do not have C99/UNIX98 compliant 
-      vsnprintf by default.
-
-
-o   Tim Potter <tpot@samba.org>
-    * BUG 1360: Use -Bsymbolic when creating shared libraries to 
-      avoid conflicts with identical symbols in the global namespace 
-      when loading libnss_wins.so.
-
-
-o   Richard Renard <rrenard@idealx.com>
-    * Save the current password as it is being changed into the 
-      password history list.
-
-
-o   Simo Source <idra@samba.org>
-    * Tidy up parametric options in testparm output.
-
-
-o   Richard Sharpe <rsharpe@samba.org>
-    * Add sigchild handling to winbindd to restart the child 
-      daemon if necessary.
-
-
-o   Tom Shaw <tomisfaraway@gmail.com>
-    * Use winbindd_fill_pwent() consistently.
-
-
-o   Nick Thompson <nickthompson@agere.com>
-    * Protect smbd against broken filesystems which return zero 
-      blocksize.
-      
-      
-Changes for older versions follow below:
-
-      --------------------------------------------------
-    
-                 =============================
-                 Release Notes for Samba 3.0.5
-                         July 20, 2004
-                 =============================
-
-Please note that Samba 3.0.5 is identical to Samba 3.0.4 with 
-the exception of correcting the two security issues outlined 
-below.
-
-######################## SECURITY RELEASE ########################
-
-Summary:       Multiple Potential Buffer Overruns in Samba 3.0.x
-CVE ID:        CAN-2004-0600, CAN-2004-0686
-               (http://cve.mitre.org/)
-
-
-This is the latest stable release of Samba. This is the version
-that production Samba servers should be running for all current
-bug-fixes.
-
-It has been confirmed that versions of Samba 3 prior to v3.0.4
-are vulnerable to two potential buffer overruns.  The individual
-details are given below.
-
--------------
-CAN-2004-0600
--------------
-
-Affected Versions:      Samba 3.0.2 and later
-
-The internal routine used by the Samba Web Administration
-Tool (SWAT v3.0.2 and later) to decode the base64 data
-during HTTP basic authentication is subject to a buffer
-overrun caused by an invalid base64 character.  It is
-recommended that all Samba v3.0.2 or later installations
-running SWAT either (a) upgrade to v3.0.5, or (b) disable
-the swat administration service as a temporary workaround.
-
-This same code is used internally to decode the
-sambaMungedDial attribute value when using the ldapsam
-passdb backend. While we do not believe that the base64
-decoding routines used by the ldapsam passdb backend can
-be exploited, sites using an LDAP directory service with
-Samba are strongly encouraged to verify that the DIT only
-allows write access to sambaSamAccount attributes by a
-sufficiently authorized user.
-
-The Samba Team would like to heartily thank Evgeny Demidov
-for analyzing and reporting this bug.
-
--------------
-CAN-2004-0686
--------------
-
-Affected Versions:      Samba 3.0.0 and later
-
-A buffer overrun has been located in the code used to support
-the 'mangling method = hash' smb.conf option.  Please be aware
-that the default setting for this parameter is 'mangling method
-= hash2' and therefore not vulnerable.
-
-Affected Samba 3 installations can avoid this possible security
-bug by using the default hash2 mangling method.  Server
-installations requiring the hash mangling method are encouraged
-to upgrade to Samba 3.0.5.
-
-
-##################################################################
-
-    
-     --------------------------------------------------
-    
-                ================================
-                Release Notes for Samba 3.0.5rc1
-                            July 8, 2004
-                ================================
-
-Common bugs fixed in this 3.0.5rc1 include:
-
-  o Corrupt workgroup names in nmbd's browse.dat.
-
-  o Sharing violation errors commonly seen when opening
-    when serving Microsoft Office documents from a Samba 
-    file share.
-
-  o Browsing problems caused by an apostrophe (') in the 
-    computer's description field.
-
-  o Problems creating special file types from UNIX CIFS 
-    clients and enabling 'unix extensions'.
-
-
-New features introduced in this release include:
-
-  o Using a cups server other than localhost.
-
-  o Maintaining the service principal entry in the system 
-    keytab for integration with other kerberized services.
-    Please refer to the 'use kerberos keytab' entry in 
-    smb.conf(5).  When using the heimdal kerberos libraries,
-    you must also specify the following in /etc/krb5.conf:
-    [libdefaults]
-       default_keytab_name = FILE:/etc/krb5.keytab
-
-  o Support for maintaining individual printer names
-    stored separately from the printer's sharename.
-
-
-######################################################################
-Changes
-#######
-
-Changes since 3.0.5pre1
------------------------
+Changes since 3.0.5
+-------------------
 
 smb.conf changes
 ----------------
@@ -301,11 +105,25 @@ smb.conf changes
     defer sharing violations    New
     force unknown acl user      New
     ldap timeout                New
+    printcap cache time         New
     use kerberos keytab         New
     
 commits
 -------
-o   Jeremy Allison <jra@samba.org>
+o   Jeremy Allison <jra@samba.org> 
+    * Correct path parsing bug that broke DeletePrinterDriverEx().
+    * Fix bugs in check_path_syntax() caught by asserts.
+    * Internal change - rearrange internal global case setting 
+      variables to a per connection basis.
+    * BUG 1345: Fix premature optimization in unix_convert(). 
+    * Allow clients to truncate a locked file.
+    * BUG 1319: Always check to see if a user as write access
+      to a share, even when 'force user' is set.
+    * Fix specific case of open that doesn't cause oplock break, 
+      or share mode check.
+    * Correct sid type is WKN_GROUP, not alias. Added some 
+      more known types (inspired by patch from Jianliang Lu).
+    * Allow creation of absolute symlink paths via CIFS clients.
     * Fix charset bug in when invoking send_mailslot().
     * When using widelinks = no, use realpath to canonicalize 
       the connection path on connection create for the user. 
@@ -340,27 +158,62 @@ o   Jeremy Allison <jra@samba.org>
     * Turn on sendfile by default for non-Win9x clients.
     * Handle non-io opens that cause oplock breaks correctly.
     * Ensure ldap replication sleep time is not more than 5 seconds.
+    * Add support for storing a user's password history.
+      LDAP portion of the code was based on a patch from 
+      Jianliang Lu <j.lu@tiesse.com>.
+    * Correct memory leaks found in the password change code.
+    * Fix support for the mknod command with the Linux CIFS client.
+    * Remove support for passing the new password to smbpasswd 
+      on the command line without using the -s option.
+    * Ensure home directory service number is correctly reused
+      (inspired by patches from Michael Collin Nielsen 
+      <michael@hum.aau.dk>).
+    * Fix to stop printing accounts from resetting the bas 
+      password and account lockout flags.
+    * If a account was locked out by an admin (and has a bad 
+      password count of zero) leave it locked out until an admin 
+      unlocks it (but log a message).
 
 
+o   Tom Alsberg <alsbergt@cs.huji.ac.il>
+    * Allow pdbedit to export a single user from a passdb backend.
+    
+
 o   Andrew Bartlett <abartlet@samba.org>  
+    * Fix parsing bug in GetDomPwInfo().
+    * Fix segfault in 'ntlm_auth --diagnostics'.
     * Re-enable code to allow sid_to_gid() to perform a group 
       mapping lookup before checking with winbindd.
     * Fix memory leak in the trans2 signing code.
     * Allow more flexible GSS-SPENGO client and server operation 
       in ntlm_auth.
+    * Improve smbd's internal random number generation.
+    * Fix a few outstanding long password changes in smbd.
+    * Fix LANMAN2 session setup code.
 
 
 o   Eric Boehm <boehm@nortelnetworks.com>
     BUG 703: Final touches on netgroup case lookups.
     
     
-o   Jerome Borsboom" <j.borsboom@erasmusmc.nl>
+o   Jerome Borsboom <j.borsboom@erasmusmc.nl>
+    * Ensure error status codes don't get overwritten in 
+      lsa_lookup_sids() server code.
     * Correct bug that caused smbd to overwrite certain error 
       codes when returning up the call stack.
     * Ensure the correct sid type returned for builtin sids.
 
 
 o   Gerald Carter <jerry@samba.org>
+    * Fix a few bugs in the Fedora Packaging files.
+    * Fix for setting the called name to by our IP if the 
+      called name was *SMBSERVER and *SMBSERV.   Fixes issue 
+      with connecting to printers via \\ip.ad.dr.ess\printer 
+      UNC path.
+    * BUG 1315: fix for schannel client connections to servers
+      when we haven't specifically negotiated AUTH_PIPE_SEAL.
+    * Allow PrinterDriverData valuenames with embedded backslashes
+      (Fixes bug with one of the Konica Fiery drivers).
     * Fixed string length miscalculation in netbios names that 
       resulted in corrupt workgroup names in browse.dat.
     * When running smbd as a daemon, launch child smbd to update 
@@ -391,9 +244,26 @@ o   Gerald Carter <jerry@samba.org>
       value for LDAP SASL binds.
     * Ensure we remove the tdb entry when deleting a job that 
       is being spooled.
+    * BUG 1520: Work around bug in Windows XP SP2 RC2 where the 
+      client sends a FindNextPrintChangeNotify() request without 
+      previously sending a FindFirstPrintChangeNotify().  Return 
+      the same error code as Windows 2000 SP4.
+    * BUG 1516: Manually declare ldap_open_with_timeout() to 
+      workaround compiler errors on IRIX (or other systems without 
+      LDAP headers).
+    * Merge security fixes for CAN-2004-0600, CAN-2004-0686 from 
+      3.0.5.
+    * Corrected syntax error in the OID for sambaUnixIdPool, 
+      sambaSidEntry, & sambaIdmapEntry object classes.
 
-    
-o   Guenther Deschner <gd@sernet.de>
+
+o   Fabien Chevalier <fabien.chevalier@supelec.fr>
+    * Debian BUG 252591: Ensure that the return value from the 
+      number of available interfaces is initialized in case no 
+      interfaces are actually available.
+
+
+o   Guenther Deschner <gd@sernet.de> 
     * Implement 'rpcclient setprintername'.
     * Add local groups to the user's NT_TOKEN since they are 
       actually supported now.
@@ -407,12 +277,18 @@ o   Guenther Deschner <gd@sernet.de>
     * Ensure that REG_SZ values in the SetPrinterData actually 
       get written in UNICODE strings rather than ASCII.
     * Ensure that the last kerberos error return is not invalid.
+    * Display share ACL entries from rpcclient.
 
 
 o   Fabian Franz <FabianFranz@gmx.de>
     * Support specifying a port in the device URL passed to smbspool.
     
     
+o   Steve French <sfrench@us.ibm.com>
+    * Handle -S and user mount parms in mount.cifs.
+    * Fix user unmount of shares mount with suid mount.cifs.
+
+
 o   Bjoern Jacke <bj@sernet.de>
     * Install libsmbclient into $(LIBDIR), not into hard coded 
       ${prefix}/lib. This helps amd64 systems with /lib and /lib64 
@@ -420,10 +296,23 @@ o   Bjoern Jacke <bj@sernet.de>
 
 
 o   <kawasa_r@itg.hitachi.co.jp>
+    * Correct more memory leaks and initialization bugs.
+    * Fix bug that prevented core dumps from being generated 
+      even if you tried.
+    * Connect to the winbind pipe in non-blocking mode to 
+      prevent processes from hanging.
     * Memory leak fixes.
 
 
+o   Stephan Kulow <coolo@suse.de>
+    * Fix crash bug in libsmbclient.
+
+
 o   Volker Lendecke <vl@samba.org>
+    * Added vfs_full_audit module.
+    * Add vfs_afsacl.c which can display & set AFS acls via 
+      the NT security editor.
+    * Fix crash bug caused by trying to Base64 encode a NULL string.
     * Fix DOS error code bug in reply_chkpath().
     * Correct misunderstanding of the max_size field in 
       cli_samr_enum_als_groups;  it is more like an account_control 
@@ -453,19 +342,41 @@ o   Volker Lendecke <vl@samba.org>
       'read only' smb.conf option.
     * Fix bug that caused _samr_lookupsids() with more than 32 (
       MAX_REF_DOMAINS) SIDs to fail.
+    * Allow the 'idmap backend' parameter to accept a list of 
+      LDAP servers for failover purposes.
+    * Revert code in smbd to remove a tdb when it has become 
+      corrupted.
+    * Add paranoid checks when mapping SIDs to a uid/gid to 
+      ensure that the type is correct.
+    * Initial work on getting client support for sending mailslot 
+      datagrams.
+    * Add 'ldap timeout' parameter.
+    * Dont always uppercase 'afs username map'.
+    * Expand aliases for getusersids as well.
 
 
 o   Herb Lewis <herb@samba.org>
+    * Add the acls debug class.
+    * Fix logic bug in netbios name truncate routine.
+    * Fix smbd crash caused by smbtorture IOCTL test.
     * Fix errno tromping before calling iconv to reset the 
       conversion state.
     * need to leave empty dacl so we can remove last ACE.
 
 
 o    Jianliang Lu <Jianliang.Lu@getronics.com>
+    * Fix to stop smbd hanging on missing group member in 
+      get_memberuids().
+    * Make sure Samba returns the correct group types.
      * Reset the bad password count password counts upon a successful login.
      
      
-o   Joe Meadows "Joe Meadows" <jameadows@webopolis.com>
+o   Jim McDonough <jmcd@us.ibm.com>
+    * BUG 1279: SMBjobid fix for Samba print servers running on 
+      Big-Endian platforms.
+
+
+o   Joe Meadows <jameadows@webopolis.com>
     * Add optional timeout parameter to ldap open calls.
     * Allow get_dc_list() to check the negative cache.
 
@@ -475,195 +386,165 @@ o   Jason Mader <jason@ncac.gwu.edu>
     
 
 o   Stefan Metzmacher <metze@samba.org>    
+    * fix a configure logic bug for linux/XFS quotas when 
+      using --with-sys-quotas.
+    * Use quota debug class in quota code.
     * print out the SVN revision by configure,
     
 
 o   Lars Mueller <lmuelle@suse.de>
+    * BUG 1279: Added 'printcap cache time' parameter.
     * Fix afs related build issues on SuSE.
 
 
-o   Dan Peterson
-    * Implement NFS quota support on FreeBSD.
+o   James Peach <jpeach@sgi.com>
+    * More iconv detection fixes for IRIX.
+    * Compile fixed for systems that do not have C99/UNIX98 compliant 
+      vsnprintf by default.
 
 
-o   Nick Wellnhofer <wellnhofer@aevum.de>    
-    * Prevent lp_interfaces() list from being corrupted.  Fixes
-      bug where nmbd would lose the list of network interfaces 
-      on the system and consequently shutdown.
-
-      
-o   James Wilkinson <jwilk@alumni.cse.ucsc.edu>
-    * Fix ntlm_auth memory leaks.
+o   Dan Peterson
+    * Implement NFS quota support on FreeBSD.
 
 
-o   Jelmer Vernooij <jelmer@samba.org>
-    * BUG 478: Rename vsnprintf to smb_vsnprintf so we don't 
-     get duplicate symbol errors.
-   * Return an error when the last command read from stdin 
-     fails in smbclient.
-   * Prepare for better error checking in tar.
-   
+o   Tim Potter <tpot@samba.org>
+    * BUG 1360: Use -Bsymbolic when creating shared libraries to 
+      avoid conflicts with identical symbols in the global namespace 
+      when loading libnss_wins.so.
 
-    --------------------------------------------------
 
-                =================================
-                Release Notes for Samba 3.0.5pre1
-                            May 25, 2004
-                =================================
+o   Richard Renard <rrenard@idealx.com>
+    * Save the current password as it is being changed into the 
+      password history list.
 
-Common bugs fixed in this preview release include:
 
-  o Schannel failure in winbindd.
-  o Numerous memory leaks.
-  o Incompatibilities between the 'write list' and 'force user'
-    smb.conf options.
-  o Premature optimization of the open_directory() internal 
-    function that broke tools such as the ArcServe backup 
-    agent, Macromedia HomeSite, and Robocopy.
+o   Richard Sharpe <rsharpe@samba.org>
+    * Fix error return codes on some lock messages.
+    * BUG 1178: Make the libsmbclient routines callable 
+      by C++ programs.
+    * BUG 1333: Make sure we return an error code when 
+      things go wrong.
+    * BUG 1301: Return NT_STATUS_SHARING_VIOLATION when 
+      share mode locking requests fail.
 
 
-ATTENTION! NEW BEHAVIOR!
--------------------------
+o   Simo Source <idra@samba.org>
+    * Update Debian stable & unstable packaging.
+    * Tidy up parametric options in testparm output.
 
-Beginning with Samba 3.0.5pre1, clients supporting the UNIX 
-extensions to the CIFS protocol can create symlinks to 
-absolute paths which will be **followed** by the server.  This 
-functionality has been requested in order to correctly support 
-certain applications when the user's home directory is mounted 
-using some type of CIFS client (e.g. the cifsvfs in the Linux 
-2.6 kernel).
 
-If this behavior is not acceptable for your production environment
-you can set 'wide links = no' in the specific share declaration in 
-the server's smb.conf.  Be aware that disabling wide link support 
-out of a share in Samba may impact the server's performance due 
-to the fact that smbd will now have to check each path additional 
-times before traversing it.
+o   Richard Sharpe <rsharpe@samba.org>
+    * Add sigchild handling to winbindd to restart the child 
+      daemon if necessary.
 
-Changes since 3.0.4
---------------------
 
-smb.conf changes
-----------------
+o   Tom Shaw <tomisfaraway@gmail.com>
+    * Use winbindd_fill_pwent() consistently.
 
-    Parameter Name              Action
-    --------------              ------
-    printcap cache time         New
-    
-    
-commits
--------
-o   Jeremy Allison <jra@samba.org>
-    * Correct path parsing bug that broke DeletePrinterDriverEx().
-    * Fix bugs in check_path_syntax() caught by asserts.
-    * Internal change - rearrange internal global case setting 
-      variables to a per connection basis.
-    * BUG 1345: Fix premature optimization in unix_convert(). 
-    * Allow clients to truncate a locked file.
-    * BUG 1319: Always check to see if a user as write access
-      to a share, even when 'force user' is set.
-    * Fix specific case of open that doesn't cause oplock break, 
-      or share mode check.
-    * Correct sid type is WKN_GROUP, not alias. Added some 
-      more known types (inspired by patch from Jianliang Lu).
-    * Allow creation of absolute symlink paths via CIFS clients.
-    
 
-o   Andrew Bartlett <abartlet@samba.org>
-    * Fix parsing bug in GetDomPwInfo().
-    * Fix segfault in 'ntlm_auth --diagnostics'.
+o   Nick Thompson <nickthompson@agere.com>
+    * Protect smbd against broken filesystems which return zero 
+      blocksize.
 
 
-o   Jerome Borsboom <j.borsboom@erasmusmc.nl> 
-    * Ensure error status codes don't get overwritten in 
-      lsa_lookup_sids() server code.
+o   Andrew Tridgell <tridge@samba.org>
+    * Fixed bug in handling of timeout in socket connections.
+     
 
+o   Nick Wellnhofer <wellnhofer@aevum.de>    
+    * Prevent lp_interfaces() list from being corrupted.  Fixes
+      bug where nmbd would lose the list of network interfaces 
+      on the system and consequently shutdown.
 
-o   Gerald Carter <jerry@samba.org>
-    * Fix a few bugs in the Fedora Packaging files.
-    * Fix for setting the called name to by our IP if the 
-      called name was *SMBSERVER and *SMBSERV.   Fixes issue 
-      with connecting to printers via \\ip.ad.dr.ess\printer 
-      UNC path.
-    * BUG 1315: fix for schannel client connections to servers
-      when we haven't specifically negotiated AUTH_PIPE_SEAL.
-    * Allow PrinterDriverData valuenames with embedded backslashes
-      (Fixes bug with one of the Konica Fiery drivers).
+      
+o   James Wilkinson <jwilk@alumni.cse.ucsc.edu>
+    * Fix ntlm_auth memory leaks.
 
 
-o   Steve French <sfrench@us.ibm.com>
-    * Handle -S and user mount parms in mount.cifs.
-    
-    
-o   kawasa_r@itg.hitachi.co.jp
-    * Correct more memory leaks and initialization bugs.
-    * Fix bug that prevented core dumps from being generated 
-      even if you tried.
-    * Connect to the winbind pipe in non-blocking mode to 
-      prevent processes from hanging.
+o   Jelmer Vernooij <jelmer@samba.org>
+    * Additional NT status to unix error mappings.
+    * BUG 478: Rename vsnprintf to smb_vsnprintf so we don't 
+     get duplicate symbol errors.
+   * Return an error when the last command read from stdin 
+     fails in smbclient.
+   * Prepare for better error checking in tar.
+      
 
+Changes for older versions follow below:
 
-o   Stephan Kulow <coolo@suse.de>
-    * Fix crash bug in libsmbclient.
+      --------------------------------------------------
+      
+                 =============================
+                 Release Notes for Samba 3.0.5
+                         July 20, 2004
+                 =============================
 
+Please note that Samba 3.0.5 is identical to Samba 3.0.4 with 
+the exception of correcting the two security issues outlined 
+below.
 
-o   Volker Lendecke <vl@samba.org>
-    * Added vfs_full_audit module.
-    * Add vfs_afsacl.c which can display & set AFS acls via 
-      the NT security editor.
-    * Fix crash bug caused by trying to Base64 encode a NULL string.
+######################## SECURITY RELEASE ########################
 
+Summary:       Multiple Potential Buffer Overruns in Samba 3.0.x
+CVE ID:        CAN-2004-0600, CAN-2004-0686
+               (http://cve.mitre.org/)
 
-o   Herb Lewis <herb@samba.org>
-    * Add the acls debug class.
-    * Fix logic bug in netbios name truncate routine.
-    * Fix smbd crash caused by smbtorture IOCTL test.
 
+This is the latest stable release of Samba. This is the version
+that production Samba servers should be running for all current
+bug-fixes.
 
-o   Jianliang Lu <j.lu@tiesse.com>
-    * Fix to stop smbd hanging on missing group member in 
-      get_memberuids().
-    * Make sure Samba returns the correct group types.
+It has been confirmed that versions of Samba 3 prior to v3.0.4
+are vulnerable to two potential buffer overruns.  The individual
+details are given below.
 
+-------------
+CAN-2004-0600
+-------------
 
-o   Jim McDonough <jmcd@us.ibm.com>
-    * BUG 1279: SMBjobid fix for Samba print servers running on 
-      Big-Endian platforms.
+Affected Versions:      Samba 3.0.2 and later
 
+The internal routine used by the Samba Web Administration
+Tool (SWAT v3.0.2 and later) to decode the base64 data
+during HTTP basic authentication is subject to a buffer
+overrun caused by an invalid base64 character.  It is
+recommended that all Samba v3.0.2 or later installations
+running SWAT either (a) upgrade to v3.0.5, or (b) disable
+the swat administration service as a temporary workaround.
 
-o   Stefan Metzmacher <metze@samba.org>
-    * fix a configure logic bug for linux/XFS quotas when 
-      using --with-sys-quotas.
-    * Use quota debug class in quota code.
+This same code is used internally to decode the
+sambaMungedDial attribute value when using the ldapsam
+passdb backend. While we do not believe that the base64
+decoding routines used by the ldapsam passdb backend can
+be exploited, sites using an LDAP directory service with
+Samba are strongly encouraged to verify that the DIT only
+allows write access to sambaSamAccount attributes by a
+sufficiently authorized user.
 
-      
-o   Lars Müller <lmuelle@suse.de>
-    * BUG 1279: Added 'printcap cache time' parameter.
+The Samba Team would like to heartily thank Evgeny Demidov
+for analyzing and reporting this bug.
 
+-------------
+CAN-2004-0686
+-------------
 
-o   Richard Sharpe <rsharpe@samba.org>
-    * Fix error return codes on some lock messages.
-    * BUG 1178: Make the libsmbclient routines callable 
-      by C++ programs.
-    * BUG 1333: Make sure we return an error code when 
-      things go wrong.
-    * BUG 1301: Return NT_STATUS_SHARING_VIOLATION when 
-      share mode locking requests fail.
+Affected Versions:      Samba 3.0.0 and later
 
+A buffer overrun has been located in the code used to support
+the 'mangling method = hash' smb.conf option.  Please be aware
+that the default setting for this parameter is 'mangling method
+= hash2' and therefore not vulnerable.
 
-o   Simo Source <idra@samba.org>
-    * Update Debian stable & unstable packaging.
-    
+Affected Samba 3 installations can avoid this possible security
+bug by using the default hash2 mangling method.  Server
+installations requiring the hash mangling method are encouraged
+to upgrade to Samba 3.0.5.
 
-o   Andrew Tridgell <tridge@samba.org>
-    * Fixed bug in handling of timeout in socket connections.
-    
-    
-o   Jelmer Vernooij <jelmer@samba.org>
-    * Additional NT status to unix error mappings.
 
+##################################################################
 
     --------------------------------------------------
+                 
                  =============================
                  Release Notes for Samba 3.0.4
                           May 8, 2004
diff --git a/examples/LDAP/samba.schema b/examples/LDAP/samba.schema
index d87815b3abc..8c6b8cb4e39 100644
--- a/examples/LDAP/samba.schema
+++ b/examples/LDAP/samba.schema
@@ -212,6 +212,10 @@ attributetype ( 1.3.6.1.4.1.7165.2.1.49 NAME 'sambaBadPasswordTime'
 	EQUALITY integerMatch
 	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
 
+attributetype ( 1.3.6.1.4.1.7165.2.1.50 NAME 'sambaLogonHours'
+	DESC 'Logon Hours'
+	EQUALITY caseIgnoreIA5Match
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{42} SINGLE-VALUE )
 
 ##
 ## string settings
@@ -334,7 +338,8 @@ objectclass ( 1.3.6.1.4.1.7165.2.2.6 NAME 'sambaSamAccount' SUP top AUXILIARY
                displayName $ sambaHomePath $ sambaHomeDrive $ sambaLogonScript $
 	       sambaProfilePath $ description $ sambaUserWorkstations $
 	       sambaPrimaryGroupSID $ sambaDomainName $ sambaMungedDial $
-	       sambaBadPasswordCount $ sambaBadPasswordTime $ sambaPasswordHistory))
+	       sambaBadPasswordCount $ sambaBadPasswordTime $
+	       sambaPasswordHistory $ sambaLogonHours))
 
 ##
 ## Group mapping info
diff --git a/source/include/smbldap.h b/source/include/smbldap.h
index 6046af464e6..953937fb75d 100644
--- a/source/include/smbldap.h
+++ b/source/include/smbldap.h
@@ -96,6 +96,7 @@
 #define LDAP_ATTR_PWD_HISTORY		39
 #define LDAP_ATTR_SID_LIST		40
 #define LDAP_ATTR_MOD_TIMESTAMP		41
+#define LDAP_ATTR_LOGON_HOURS		42
 
 typedef struct _attrib_map_entry {
 	int		attrib;
diff --git a/source/lib/smbldap.c b/source/lib/smbldap.c
index 0980b763adb..e66fb3640cf 100644
--- a/source/lib/smbldap.c
+++ b/source/lib/smbldap.c
@@ -102,6 +102,7 @@ ATTRIB_MAP_ENTRY attrib_map_v30[] = {
 	{ LDAP_ATTR_BAD_PASSWORD_TIME,	"sambaBadPasswordTime" 	},
 	{ LDAP_ATTR_PWD_HISTORY,	"sambaPasswordHistory"  },
 	{ LDAP_ATTR_MOD_TIMESTAMP,	"modifyTimestamp"	},
+	{ LDAP_ATTR_LOGON_HOURS,	"sambaLogonHours"	},
 	{ LDAP_ATTR_LIST_END,		NULL 			}
 };
 
diff --git a/source/passdb/passdb.c b/source/passdb/passdb.c
index e404f5af3f9..0905d816920 100644
--- a/source/passdb/passdb.c
+++ b/source/passdb/passdb.c
@@ -583,6 +583,57 @@ BOOL pdb_gethexpwd(const char *p, unsigned char *pwd)
 	return (True);
 }
 
+/*************************************************************
+ Routine to set 42 hex hours characters from a 21 byte array.
+**************************************************************/
+
+void pdb_sethexhours(char *p, const unsigned char *hours)
+{
+	if (hours != NULL) {
+		int i;
+		for (i = 0; i < 21; i++) {
+			slprintf(&p[i*2], 3, "%02X", hours[i]);
+		}
+	} else {
+		safe_strcpy(p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", 43);
+	}
+}
+
+/*************************************************************
+ Routine to get the 42 hex characters and turn them
+ into a 21 byte array.
+**************************************************************/
+
+BOOL pdb_gethexhours(const char *p, unsigned char *hours)
+{
+	int i;
+	unsigned char   lonybble, hinybble;
+	const char      *hexchars = "0123456789ABCDEF";
+	char           *p1, *p2;
+
+	if (!p) {
+		return (False);
+	}
+
+	for (i = 0; i < 42; i += 2) {
+		hinybble = toupper(p[i]);
+		lonybble = toupper(p[i + 1]);
+
+		p1 = strchr(hexchars, hinybble);
+		p2 = strchr(hexchars, lonybble);
+
+		if (!p1 || !p2) {
+			return (False);
+		}
+
+		hinybble = PTR_DIFF(p1, hexchars);
+		lonybble = PTR_DIFF(p2, hexchars);
+
+		hours[i / 2] = (hinybble << 4) | lonybble;
+	}
+	return (True);
+}
+
 int algorithmic_rid_base(void)
 {
 	static int rid_offset = 0;
diff --git a/source/passdb/pdb_ldap.c b/source/passdb/pdb_ldap.c
index 37cc0c79029..9af34705df5 100644
--- a/source/passdb/pdb_ldap.c
+++ b/source/passdb/pdb_ldap.c
@@ -782,7 +782,15 @@ static BOOL init_sam_from_ldap (struct ldapsam_privates *ldap_state,
 
 	/* pdb_set_unknown_6(sampass, unknown6, PDB_SET); */
 
-	pdb_set_hours(sampass, hours, PDB_SET);
+	if(!smbldap_get_single_pstring(ldap_state->smbldap_state->ldap_struct, entry,
+		get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_LOGON_HOURS), temp)) {
+			/* leave as default */
+	} else {
+		pdb_gethexhours(temp, hours);
+		memset((char *)temp, '\0', strlen(temp) +1);
+		pdb_set_hours(sampass, hours, PDB_SET);
+		ZERO_STRUCT(hours);
+	}
 
 	/* check the timestamp of the cache vs ldap entry */
 	if (!(ldap_entry_time = ldapsam_get_entry_timestamp(ldap_state, 
@@ -1065,7 +1073,18 @@ static BOOL init_ldap_from_sam (struct ldapsam_privates *ldap_state,
 		}
 	}
 
-	/* FIXME: Hours stuff goes in LDAP  */
+	if (need_update(sampass, PDB_HOURS)) {
+		const char *hours = pdb_get_hours(sampass);
+		if (hours) {
+			pdb_sethexhours(temp, hours);
+			smbldap_make_mod(ldap_state->smbldap_state->ldap_struct,
+				existing,
+				mods,
+				get_userattr_key2string(ldap_state->schema_ver,
+						LDAP_ATTR_LOGON_HOURS),
+				temp);
+		}
+	}
 
 	if (need_update(sampass, PDB_ACCTCTRL))
 		smbldap_make_mod(ldap_state->smbldap_state->ldap_struct, existing, mods,
diff --git a/source/utils/pdbedit.c b/source/utils/pdbedit.c
index 1201cf88fcf..1eb6a135c51 100644
--- a/source/utils/pdbedit.c
+++ b/source/utils/pdbedit.c
@@ -49,6 +49,7 @@
 #define BIT_EXPORT	0x02000000
 #define BIT_FIX_INIT    0x04000000
 #define BIT_BADPWRESET	0x08000000
+#define BIT_LOGONHOURS	0x10000000
 
 #define MASK_ALWAYS_GOOD	0x0000001F
 #define MASK_USER_GOOD		0x00401F00
@@ -130,6 +131,9 @@ static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdst
 	if (!sam_pwent) return -1;
 	
 	if (verbosity) {
+		pstring temp;
+		const uint8 *hours;
+		
 		printf ("Unix username:        %s\n", pdb_get_username(sam_pwent));
 		printf ("NT username:          %s\n", pdb_get_nt_username(sam_pwent));
 		printf ("Account Flags:        %s\n", pdb_encode_acct_ctrl(pdb_get_acct_ctrl(sam_pwent), NEW_PW_FORMAT_SPACE_PADDED_LEN));
@@ -170,6 +174,10 @@ static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdst
 		printf ("Bad password count  : %d\n", 
 			pdb_get_bad_password_count(sam_pwent));
 		
+		hours = pdb_get_hours(sam_pwent);
+		pdb_sethexhours(temp, (const char *)hours);
+		printf ("Logon hours         : %s\n", temp);
+		
 	} else if (smbpwdstyle) {
 		char lm_passwd[33];
 		char nt_passwd[33];
@@ -294,7 +302,7 @@ static int set_user_info (struct pdb_context *in, const char *username,
 			  const char *drive, const char *script, 
 			  const char *profile, const char *account_control,
 			  const char *user_sid, const char *group_sid,
-			  const BOOL badpw)
+			  const BOOL badpw, const BOOL hours)
 {
 	BOOL updated_autolock = False, updated_badpw = False;
 	SAM_ACCOUNT *sam_pwent=NULL;
@@ -308,6 +316,16 @@ static int set_user_info (struct pdb_context *in, const char *username,
 		pdb_free_sam(&sam_pwent);
 		return -1;
 	}
+
+	if (hours) {
+		uint8 hours_array[MAX_HOURS_LEN];
+		uint32 hours_len;
+		
+		hours_len = pdb_get_hours_len(sam_pwent);
+		memset(hours_array, 0xff, hours_len);
+		
+		pdb_set_hours(sam_pwent, hours_array, PDB_CHANGED);
+	}
 	
 	if (!pdb_update_autolock_flag(sam_pwent, &updated_autolock)) {
 		DEBUG(2,("pdb_update_autolock_flag failed.\n"));
@@ -631,6 +649,7 @@ int main (int argc, char **argv)
 	static long int account_policy_value = 0;
 	BOOL account_policy_value_set = False;
 	static BOOL badpw_reset = False;
+	static BOOL hours_reset = False;
 
 	struct pdb_context *bin;
 	struct pdb_context *bout;
@@ -662,6 +681,7 @@ int main (int argc, char **argv)
 		{"account-control",	'c', POPT_ARG_STRING, &account_control, 0, "Values of account control", NULL},
 		{"force-initialized-passwords", 0, POPT_ARG_NONE, &force_initialised_password, 0, "Force initialization of corrupt password strings in a passdb backend", NULL},
 		{"bad-password-count-reset", 'z', POPT_ARG_NONE, &badpw_reset, 0, "reset bad password count", NULL},
+		{"logon-hours-reset", 'Z', POPT_ARG_NONE, &hours_reset, 0, "reset logon hours", NULL},
 		POPT_COMMON_SAMBA
 		POPT_TABLEEND
 	};
@@ -715,7 +735,8 @@ int main (int argc, char **argv)
 			(account_policy_value_set ? BIT_ACCPOLVAL : 0) +
 			(backend_in ? BIT_IMPORT : 0) +
 			(backend_out ? BIT_EXPORT : 0) +
-			(badpw_reset ? BIT_BADPWRESET : 0);
+			(badpw_reset ? BIT_BADPWRESET : 0) +
+			(hours_reset ? BIT_LOGONHOURS : 0);
 
 	if (setparms & BIT_BACKEND) {
 		if (!NT_STATUS_IS_OK(make_pdb_context_string(&bdef, backend))) {
@@ -829,6 +850,12 @@ int main (int argc, char **argv)
 		checkparms |= BIT_MODIFY;
 		checkparms &= ~BIT_BADPWRESET;
 	}
+
+	/* if logon hours is reset, must modify */
+	if (checkparms & BIT_LOGONHOURS) {
+		checkparms |= BIT_MODIFY;
+		checkparms &= ~BIT_LOGONHOURS;
+	}
 	
 	/* account operation */
 	if ((checkparms & BIT_CREATE) || (checkparms & BIT_MODIFY) || (checkparms & BIT_DELETE)) {
@@ -866,7 +893,7 @@ int main (int argc, char **argv)
 					      logon_script,
 					      profile_path, account_control,
 					      user_sid, group_sid,
-					      badpw_reset);
+					      badpw_reset, hours_reset);
 		}
 	}