| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
| |
This one fixes together with 2eaf4ed62 bug #5715 and CVE-2008-3789.
Thanks to Steve Langasek <vorlon@debian.org> for reporting!
Karolin
|
|
|
|
| |
Karolin
|
|
|
|
| |
This one fixes bug #5715 and CVE-2008-3789.
|
|
|
|
| |
This reverts commit a7058ed1ef2622abdb75fe997ce4a5c570898929.
|
|
|
|
|
|
| |
an IPv4 address"
This reverts commit 435c10268bb6987ab7e8206cd6c45bd9961c5632.
|
|
|
|
| |
This reverts commit 64ebfe4b2e5b7e3e07a0af424b35000693148e48.
|
|
|
|
| |
This reverts commit ebd1f8f9297b31353d094ddccc320a83f02877ce.
|
|
|
|
| |
This reverts commit 15e8e23466ae959bd0efc540c287338dbcd0b7a6.
|
|
|
|
| |
This reverts commit e3ff1cb7709d93fb91602d3d25deca3f4ecce2ce.
|
|
|
|
| |
This reverts commit c48f247d76569bfdc844499cc64f504bce7085cd.
|
|
|
|
| |
This reverts commit eb892f90c9be0ebc2217fc459d4249190986c003.
|
|
|
|
|
|
| |
statically."
This reverts commit 8145b0a7d7bacb818b8dadadae65ecd0877b5ce2.
|
|
|
|
| |
This reverts commit ef801d12a309c4c9f6429739b835fb32f5c309b8.
|
|
|
|
|
|
| |
<Douglas_E_Wegscheid@whirlpool.com>."
This reverts commit 3c205320cd1eb19ed275572f975487e92c611f13.
|
|
|
|
| |
This reverts commit 7a53e1e83a070394f77da4a0f7b2ed480165c376.
|
|
|
|
| |
This reverts commit 94dd61a4e8e070e175339defce4da08eaf87429d.
|
|
|
|
| |
This reverts commit 6d42b1e372b67eba83dbd5200bfb131b74cac180.
|
|
|
|
| |
This reverts commit b3a8b823361d6144f14c2d800e956f26ff9ad6d6.
|
|
|
|
| |
This reverts commit 9bbd6ee5db03747499bd263bb1365c8cd352076d.
|
|
|
|
|
|
| |
build farm failures when winbindd connects as guest."
This reverts commit a90648e905aebc98c78897adf76729bea269cedf.
|
|
|
|
|
|
|
|
| |
farm failures when winbindd connects as guest.
This one took a *lot* of tracking down :-).
Jeremy.
(cherry picked from commit f845c95dcfa0b1630a0057c62941bb8a72ebdd83)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix segv when talking to parent DC (joined to child domain).
The root cause was
(a) storing the parent domain in the cli_state struct caused
the NTLMSSP pipe bind to fail which made us fallover to
the schannel code path
(b) the dcinfo pointer in cm_get_schannel_dcinfo() was returning
NULL even though the function indicated success.
(cherry picked from commit 5ce4a2ae6697970ea37d0078a506615b4b7a9a9c)
(cherry picked from commit 72d138adc200ab36e324721900af1a06d0879318)
|
|
|
|
|
| |
Signed-off-by: Jeff Layton <jlayton@redhat.com>
(cherry picked from commit dffb2d8eea03bb75224c3d8b4d0ab210993c645a)
|
|
|
|
|
|
|
|
|
|
| |
When we negotiated NETLOGON_NEG_PASSWORD_SET2 we need to use
NetrServerPasswordSet2 to change the machine password.
Tested with NT4, W2k, W2k3 and W2k8.
Guenther
(cherry picked from commit 8ae7040a5e64f1a1d2088aeca1dab90470455d8a)
|
|
|
|
|
|
| |
Guenther
(cherry picked from commit f24cef9fa7be45212744d39b7c66804e64147afd)
(cherry picked from commit 059979f8e7d7d0459f83184ad5b06a8e6281f558)
|
|
|
|
|
|
| |
Guenther
(cherry picked from commit 7b312a0abc6de5a51555ccfbde7f8f78fc11d043)
(cherry picked from commit d9fa27a079dde0ebd9c2d6dc1c1bff3ae570f9e8)
|
|
|
|
|
|
|
| |
<Douglas_E_Wegscheid@whirlpool.com>.
Jeremy.
(cherry picked from commit 02e260ab5254c9691846f7009f685e1b11032f80)
|
|
|
|
|
|
| |
Michael
(cherry picked from commit 6ad2090391a92ebe822b2d7b80e180c251dc8e7a)
(cherry picked from commit 24459c7eda080a4fed2d4f2a576c97f878f905f9)
|
|
|
|
|
|
| |
Michael
(cherry picked from commit 702c0bc04668117e3521d687b9b5a87fd7e0f1b1)
(cherry picked from commit f3ad03d0f909ff862411511d9f63e77047034c01)
|
|
|
|
|
|
| |
Michael
(cherry picked from commit ead9b9d7167d999d73cf4111f3b321236aac2a15)
(cherry picked from commit 8dd57f31b2ba621654f989e1ed58bd2dd80b7849)
|
|
|
|
|
|
| |
Guenther
(cherry picked from commit a75055be5ff7ebe3476cfac86c6597a56a843c23)
(cherry picked from commit d0a4b9f69984ca5da0007af91013f1bc78dcbf2b)
|
|
|
|
|
|
| |
Guenther
(cherry picked from commit 43693ce6c678b961fa516bbf502af92f87cd5346)
(cherry picked from commit 2a5ae59f77c05c41c97747dee9bc8c196dfe6b89)
|
|
|
|
|
|
|
|
|
|
|
|
| |
According to the GNU libc nss guide, we should always set
errno to ENOENT when returning NSS_UNAVAIL.
http://www.gnu.org/software/libtool/manual/libc/NSS-Modules-Interface.html#NSS-Modules-Interface
At least the MQ Series message queing service that runs
on WebSphere will fail if you return any other errno in this case.
(cherry picked from commit ee26664602445fa7798e2061f6bcbef0756d6528)
(cherry picked from commit 29b39723b82f363d32dc4678d6b71a78485c65ce)
|
|
|
|
|
|
|
|
|
|
| |
Some of the bits generate INVALID_PARAMETER and some bits
are ignored when they come from a client, that's why we need
to use bits from the ignored range for our internal usage.
metze
(cherry picked from commit 7b4c8a4e39f310eb450918fa841b0ea1b4af19f7)
(cherry picked from commit 3366ac2857820d87fb36a1357786a3564d258da5)
|
|
|
|
|
|
|
|
|
|
|
| |
When the kernel sends the upcall a sec=mskrb5 parameter, that means
the the MSKRB5 OID is preferred by the server. This patch fixes the
upcall to use that OID in place of the "normal" krb5 OID when it
gets a sec=mskrb5 parameter.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Acked-by: Steve French <smfrench@gmail.com>
(cherry picked from commit 3d96409c115b3ad4ef29ff75e40b39a26e316afe)
|
|
|
|
|
|
|
|
| |
address
reported by Ted Percival <ted@midg3t.net>.
Jeremy.
(cherry picked from commit 4ac537d1b78c915fe25c219958312cf22f3cba80)
|
|
|
|
|
|
| |
Michael
(cherry picked from commit 661b7fdffda40a9ca7cb36627dbaf91cb4357cd0)
(cherry picked from commit 7401c6a5b74c9c82c02923e6eafa6072a5d5678f)
|
|
|
|
|
| |
Karolin
(cherry picked from commit efbd263131228281eca30d7834de52502d2806d6)
|
|
|
|
|
| |
Karolin
(cherry picked from commit 902349b956e26f4f9255045162ce5310c44a4166)
|
|
|
|
|
|
| |
(sorry).
(cherry picked from commit e2caa65a698ca7109aa44656ff9399104cf0663b)
|
|
|
|
|
| |
Karolin
(cherry picked from commit 9f74480cc6c4f1f41c1a4fe71580cd623ef41407)
|
|
|
|
|
| |
Karolin
(cherry picked from commit 986c52dca86cc82dd62d1b9f71ee2269d5ba5cb4)
|
|
|
|
|
| |
Karolin
(cherry picked from commit 25c354f8d194624d9ef8924d861af377cb89275d)
|
|
|
|
|
| |
Karolin
(cherry picked from commit d1738c966cc090fbe4bcd246bebb9c693235152a)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
was asking for a winbindd name to SID lookup of
"Unix Group\name" where "name" was also a valid username,
the winbindd passdb lookup of that name was losing the
domain string info before calling lookup name (ie. lookup_name()
was being called with just the string "name", not the
full string "Unix Group\name").
The passdb backend of winbindd has to cope with
not only names from it's own global SAM domain,
but it does lookups for BUILTIN and "Unix User"
and "Unix Group" also, so making it guess by
losing the domain string is "A Bad Idea" (tm) :-).
Note that as winbind globally calls winbind_off()
at startup, it's safe for winbind to call sys_getgrnam()
to do the "Unix Group" lookup from inside lookup_name().
Jeremy.
(cherry picked from commit 780a4ff80dfd03a2c422920dbd101e8f58f7136e)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When a request-key upcall exits without instantiating a key, the kernel
will negatively instantiate the key with a 60s timeout. Older kernels,
however seem to also link that key into the session keyring. This
behavior can interefere with subsequent mount attempts until the
key times out. The next request_key() call will get this negative key
even if the upcall would have worked the second time.
Fix this by having cifs.upcall negatively instantiate the key itself
with a 1s timeout and don't attach it to the session keyring.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
(cherry picked from commit 7e05ff65a7907bf34e2d422f7c941002cfb86971)
|
|
|
|
|
|
|
|
|
|
| |
client/cifs.upcall.c:205: warning: function declaration isn’t a prototype
This patch fixes this by properly declaring usage() args as void.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@samba.org>
(cherry picked from commit 7b25c4d2363ee772eed44174c882a7fbc59f0568)
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The "cifs.resolver" key type has been changed to "dns_resolver". Fix
the comments at the top of cifs.upcall and the manpage accordingly.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@samba.org>
---
docs-xml/manpages-3/cifs.upcall.8.xml | 4 ++--
source/client/cifs.upcall.c | 8 ++++----
2 files changed, 6 insertions(+), 6 deletions(-)
(cherry picked from commit 34cf3c012e463d0ea04616308738aadea438f48b)
|
|
|
|
|
|
|
|
| |
(as a synonym for the older "cifs.resolver" name) when resolving host
names to ip addresses for the kernel.
Acked-by: Jeff Layton
(cherry picked from commit 370722392d7f42f8094f574cac08a6a12e5893a3)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Steve French noticed these warnings when building cifs.upcall:
Compiling client/cifs.upcall.c
client/cifs.upcall.c: In function 'usage':
client/cifs.upcall.c:204: warning: declaration of 'prog' shadows a global declaration
client/cifs.upcall.c:33: warning: shadowed declaration is here
Change the usage function to not take and arg and have it just use the global
"prog" variable. Fix a typo in the log message generated when an unknown
option is specified. Also getopt() always returns '?' when it sees an unknown
option so there's no point in printing it out.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
(cherry picked from commit bd1cf48d7e20cb534bd672bacbf3ac4a87d1a7b4)
|