summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Fix for CVE-2009-2906.samba-3.4.2Jeremy Allison2009-09-302-5/+26
| | | | | | | | Summary: Specially crafted SMB requests on authenticated SMB connections can send smbd into a 100% CPU loop, causing a DoS on the Samba server.
* WHATSNEW: Update release notes.Karolin Seeger2009-09-301-2/+8
| | | | Karolin
* WHATSNEW: Update release date.Karolin Seeger2009-09-291-1/+1
| | | | Karolin
* Fix for CVE-2009-2813.Jeremy Allison2009-09-282-2/+11
| | | | | | | | | | | | | | | =========================================================== == Subject: Misconfigured /etc/passwd file may share folders unexpectedly == == CVE ID#: CVE-2009-2813 == == Versions: All versions of Samba later than 3.0.11 == == Summary: If a user in /etc/passwd is misconfigured to have == an empty home directory then connecting to the home == share of this user will use the root of the filesystem == as the home directory. ===========================================================
* mount.cifs: don't leak passwords with verbose optionJeff Layton2009-09-281-20/+34
| | | | | | | | | | | | | | | | | | | | | | When running mount.cifs with the --verbose option, it'll print out the option string that it passes to the kernel...including the mount password if there is one. Print a placeholder string instead to help ensure that this info can't be used for nefarious purposes. Also, the --verbose option printed the option string before it was completely assembled anyway. This patch should also make sure that the complete option string is printed out. Finally, strndup passwords passed in on the command line to ensure that they aren't shown by --verbose as well. Passwords used this way can never be truly kept private from other users on the machine of course, but it's simple enough to do it this way for completeness sake. Reported-by: Ronald Volgers <r.c.volgers@student.utwente.nl> Signed-off-by: Jeff Layton <jlayton@redhat.com> Acked-by: Steve French <sfrench@us.ibm.com> Part 2/2 of a fix for CVE-2009-2948.
* mount.cifs: check access of credential files before openingJeff Layton2009-09-281-0/+11
| | | | | | | | | | | | | | | It's possible for an unprivileged user to pass a setuid mount.cifs a credential or password file to which he does not have access. This can cause mount.cifs to open the file on his behalf and possibly leak the info in the first few lines of the file. Check the access permissions of the file before opening it. Reported-by: Ronald Volgers <r.c.volgers@student.utwente.nl> Signed-off-by: Jeff Layton <jlayton@redhat.com> Acked-by: Steve French <sfrench@us.ibm.com> Part 1/2 of a fix for CVE-2009-2948.
* WHATSNEW: Prepare release notes for 3.4.2.Karolin Seeger2009-09-281-3/+61
| | | | Karolin
* Raise version number up to 3.4.2.Karolin Seeger2009-09-241-1/+1
| | | | Karolin
* WHATSNEW: Update changes.samba-3.4.1Karolin Seeger2009-09-091-1/+2
| | | | | Karolin (cherry picked from commit a87116873bdbb4301f35b1d3f6bc8596f96be975)
* s3:libsmb: Correctly chew keepalive packetsVolker Lendecke2009-09-091-0/+6
| | | | | | | | | | | | Thanks a *lot* to Günther to send me the relevant traces! Volker Signed-off-by: Günther Deschner <gd@samba.org> Fixes bug #6646 (Winbind authentication issue on 3.2.13/14 and 3.4.0 (was: [Samba] Crazied NTLM_AUTH on samba 3.4.0)). (cherry picked from commit a4f9583ce364fad963cc154f0229cb57ec0043d2)
* WHATSNEW: Update changes since 3.4.0.Karolin Seeger2009-09-091-0/+11
| | | | | Karolin (cherry picked from commit abc676bcd5eec40946c2e851345a6e973bf2cbea)
* Fix bug 6496 - libsmbclient: MS-DFS: cannot follow multibyte char link name. ↵SATOH Fumiyasu2009-09-092-15/+39
| | | | | | A server returns a byte of consumed path in UCS2, not UNIX charset. (cherry picked from commit ee70079d08acf23cf7c342f09a7db4f5fc7ca95e)
* Fix bug 6673 - smbpasswd does not work with "unix password sync = yes". ↵Jeremy Allison2009-09-095-22/+30
| | | | | | Revert change from 3.3 -> 3.4 with read_socket_with_timeout changed from sys_read() to sys_recv(). read_socket_with_timeout() is called with non-fd's (with a pty in chgpasswd.c and with a disk file in lib/dbwrap_file.c via read_data()). recv works for the disk file, but not the pty. Change the name of read_socket_with_timeout() to read_fd_with_timeout() to make this clear (and add comments). Jeremy. (cherry picked from commit 91a5b8561e2f13f77fa5648f7cc373aff1701954)
* Hopefully last part of the fix for bug 6651 - smbd SIGSEGV when breaking ↵Jeremy Allison2009-09-091-2/+2
| | | | | | oplocks. This one is subtle. There is a race condition where a signal can be queued for oplock break, and then the file can be closed by the client before the signal can be processed. Currently if this occurs we panic (we can't match an incoming signal fd with a fsp pointer). Simply log the error (at debug level 10 right now, might be too much) and then return without processing the break request. It looks like there is another race condition with this fix, but here's why it won't happen. If the signal was pending (caused by a kernel oplock break from a local file open), and the client closed the file and then re-opened another file which happened to use the same file descriptor as the file just closed, then theoretically the oplock break requests could be processed on the wrong fd. Here's why this should be very rare.. Processing a pending signal always take precedence over an incoming network request, so as long as the client close request is non-chained then the break signal should always be harmlessly processed *before* the open can be called. If the open is chained onto the close, and the fd on the new open is the same as the old closed fd, then it's possible this race will occur. However, all that will happen is that we'll lose the oplock on this file. A shame, but not a fatal event. Jeremy. (cherry picked from commit bdc7bdb0d3e02d04477906dbda8995bc5789ce22) (cherry picked from commit 95cc5af5fd6150f3c54cd344b66393dbc186c2df)
* Help debug for bug 6651 - smbd SIGSEGV when breaking oplocks. Should help ↵Jeremy Allison2009-09-091-0/+4
| | | | | | track if we get invoked with an invalid fd from the signal handler. Jeremy. (cherry picked from commit 213546103749c30dbb3ad8472872b9a8fad34205) (cherry picked from commit 6b9d518b9f1244c99fbaa2812886d02635caff14)
* tevent: change version to 0.9.8 after some critical bugs have been fixedStefan Metzmacher2009-09-091-1/+1
| | | | | | metze (cherry picked from commit 1bb68402a2e37f39118eaaaa039ac69e03ba66f2) (cherry picked from commit a9890fb49d2372edbf2050134bb21450d98ff7f6)
* Another part of the fix for bug 6651 - smbd SIGSEGV when breaking oplocks. ↵Jeremy Allison2009-09-091-2/+6
| | | | | | SA_INFO_QUEUE_COUNT *MUST* be a power of 2, in order for the ring buffer wrap to work correctly at the 32 bit boundary. Thanks to Petr Vandrovec <petr@vandrovec.name> for this. (cherry picked from commit c97698e762b1ea8d7133f04ae822225676a6f135) (cherry picked from commit 161e20843054ecc5745e967da2a9d08ed09229d0)
* tevent: Fix a segfault upon the first signalVolker Lendecke2009-09-091-0/+6
| | | | | | | | | | | | | | | When the first signal arrives, tevent_common_signal_handler() crashed: "ev" is initialized to NULL, so the first "write(ev->pipe_fds[1], &c, 1);" dereferences NULL. Rusty, Tridge, please check. Also, can you tell me a bit more about the environment you tested this in? I'd be curious to see where this survived. Thanks, Volker (cherry picked from commit 23abcd2318c69753aa2a144e1dc0f9cf9efdb705) (cherry picked from commit 1108225c1316521bf2bb59c9b99b030440af0002)
* lib/tevent: close pipe_fds on event_context destructionRusty Russell2009-09-091-0/+2
| | | | | | | | | The "hack_fds" were never closed before; now they're inside event_context they should be closed when that is destroyed. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> (cherry picked from commit 76d91156c82e20bbd68c752376cb814d71759033) (cherry picked from commit 5cc105ac513164d66d4661a41d1daa99f28ab928)
* lib/tevent: handle tevent_common_add_signal on different event contexts.Rusty Russell2009-09-092-14/+31
| | | | | | | | | | | | I don't know if this is a problem in real life. The code assumes there's only one tevent_context; all signals will notify the first event context. That's counter-intuitive if you ever use more than one, and there's nothing else in this code which prevents it AFAICT. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> (cherry picked from commit be4ac227842530d484659f2db683453366326d8b) (cherry picked from commit 792ab5c34a20bd2b292b642dc96cae62e5ad1ce0)
* lib/tevent: fix race with signals and tevent_common_add_signalRusty Russell2009-09-091-20/+20
| | | | | | | | | | | | | We carefully preserve the old signal handler, but we replace it before we've set up everything; in particular, if we fail setting up the pipe_hack we could write a NUL char to stdout (fd 0), instead of calling the old signal handler. Replace the signal handler as the very last thing we do. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> (cherry picked from commit 6abb637e3e0d23635fdbbb91c163731b325d696d) (cherry picked from commit bd28ae54a635667096e4a0d1010a1c3cce59712f)
* lib/tevent: remove spectacularly complicated manual subtractionRusty Russell2009-09-091-4/+1
| | | | | | | | | | | | | To be completely honest, I don't quite know whether to laugh or cry at this one: 1 + (0xFFFFFFFF & ~(s.seen - s.count)) == 1 + (~(s.seen - s.count)) # s.seen, s.count are uint32_t == s.count - s.seen # -A == ~A + 1 Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> (cherry picked from commit 4279879c9847ca069527e11ca934b8906009cad8) (cherry picked from commit fdcc157d51cce8561df37fa9eed39332772bacb9)
* tevent: avoid using reserved c++ word.Günther Deschner2009-09-091-1/+1
| | | | | | Guenther (cherry picked from commit 965a079535bd11a7870d45991a0d0628d6579b3b) (cherry picked from commit c78d2a86f7410b6e09d0c326233e06f09dfc6ddb)
* Fix for bug 6651 - smbd SIGSEGV when breaking oplocks. Based on a patch ↵Jeremy Allison2009-09-091-17/+54
| | | | | | submitted by Petr Vandrovec <petr@vandrovec.name>. Multiple pending signals with siginfo_t's weren't being handled correctly leading to smbd abort with kernel oplock signals. Jeremy (cherry picked from commit ba52f18bfecfd7b0ba22c4ad9e9b5bfd18f34c93) (cherry picked from commit 4c63af17eda7e22fd6c258524204a44879006db7)
* tevent: fix a commentMichael Adam2009-09-091-1/+1
| | | | | | Michael (cherry picked from commit 5270efab1a8dd06158aa45467958939b677e4b7b) (cherry picked from commit 1157ff3353b528d285f456d8e946d98bf202a560)
* tevent: change version to 0.9.7 after adding tevent_req_cancel infrastructureStefan Metzmacher2009-09-091-1/+1
| | | | | | metze (cherry picked from commit 97a1ed53ca4255ac7fc5643292019ad30c276de5) (cherry picked from commit 6e8becce900e7686dcd81307722105d175103c06)
* tevent: add tevent_req_cancel() infrastructureStefan Metzmacher2009-09-093-0/+70
| | | | | | | | | This offers a generic way for callers to cancel an async request. metze (cherry picked from commit 45e4be0d96abdc729252df1e97bb9a56302e5a4a) (cherry picked from commit 0a14a3daa8c1f6d402865b8b1f24d91c64085176)
* tevent: add some more doxygen comments for tevent_req functionsStefan Metzmacher2009-09-091-0/+38
| | | | | | metze (cherry picked from commit 95c3d3b5d8fdc05f20c826a48312f1230f036029) (cherry picked from commit f6d54b0db737f3474820b491488c68de41e8e659)
* tevent: try to fix the build on QNX qnx18 6.4.1 it doesn't have SA_RESTART ↵Stefan Metzmacher2009-09-091-1/+11
| | | | | | | | defined metze (cherry picked from commit 39684d2cbe1c8c69dc9ca5c6e05861e24091bb83) (cherry picked from commit 80d62cc788211cf2783e315359f832a95b88cdc5)
* Change to talloc_zero_size instead of extra memset. Jeremy. (cherry picked ↵Jeremy Allison2009-09-091-2/+1
| | | | | | from commit 5927ca7067a0ead65c00042a62545b0d940f2b2a) (cherry picked from commit 5a66d5776923647169ab2ae816f6a632b0f4e8aa)
* When tallocing a memory block for the state in a tevent_req struct, ensure ↵Jeremy Allison2009-09-091-0/+1
| | | | | | it's zeroed out. Vl & Metze please check. Jeremy. (cherry picked from commit 7be1d727a31b34debbcf8faa1e0bea911112d145) (cherry picked from commit 620dde3a0fa246ebac35e64f1a99f56415b15e97)
* Sort the signature files (cherry picked from commit ↵Stefan Metzmacher2009-09-092-45/+45
| | | | | | 7119241c0d12768b31ebdb489aa0bbba6ca21e40) (cherry picked from commit be0191b0c416f2fbf03d2cdb0a5ea3e8ce3d58e9)
* Expose functions need by backend writersSimo Sorce2009-09-095-52/+67
| | | | | | | | | move publicly needed structures and functions in the public header. Stop installing internal headers. Update the signature and exports files with the new exposed function. (cherry picked from commit 30b2014a01b31d66dd76e0562c5d769dfacf167b) (cherry picked from commit 3ee857b058780fd3df915d8dab3e7d4ede682ce8)
* Revert "For tevent to install tevent_util.h"Simo Sorce2009-09-091-1/+0
| | | | | | | | This reverts commit b112cc5503350b248949bdbcce8072f5523ce877. tevent_util.h is a private header. Must not be installed. (cherry picked from commit c92505817d6453c100ed52c9c3ab289f5589ce25) (cherry picked from commit 1e460e95956e9c1352ad9879ed2a9833b96b8746)
* For tevent to install tevent_util.hEric Sandall2009-09-091-0/+1
| | | | | | | | | Patch for bug #6270 This patch is for the future when samba4 builds using external libraries. With this patch, tevent now installs tevent_util.h which is required by samba4. (cherry picked from commit b112cc5503350b248949bdbcce8072f5523ce877) (cherry picked from commit 6c002a988bd37cc04b488d78c910540b19cac88e)
* Add exports file and abi checker for teventSimo Sorce2009-09-097-2/+157
| | | | | | | | | | This is a first attempt at exporting symbols only for public functions We also provide a rudimentary ABI checker that tries to check that function signatures are not changed by mistake. Given our use of macros this is not an API checker. It's all based on tevent.h contents and the gcc -aux-info option (cherry picked from commit efccef09aec93180a06955b5e03f1ceb99dc39e8) (cherry picked from commit 5543fc2599b3ec7e3a676f95d8283d0f55113ec5)
* Increase tevent version for tevent_req_notify_callback() (cherry picked from ↵Stefan Metzmacher2009-09-092-2/+2
| | | | | | commit d0aedeb46e5d2da582b5c030114186f8d755b528) (cherry picked from commit 000d2835d78b6beb6db573a1946346e01de2ff7d)
* Add tevent_req_notify_callbackVolker Lendecke2009-09-092-4/+13
| | | | | | | This is necessary for requests that have multiple results. Examples would be SMBEcho and ldap_search. (cherry picked from commit c6f39b46a7b0505331612a1bee15a82f97009f0d) (cherry picked from commit 8d988b165d373d074b8be321bcc9c20a8e85a6fc)
* tevent/python: Makefile was still trying to build some non AC_SUBST python ↵Jelmer Vernooij2009-09-091-7/+1
| | | | | | | targets Signed-Off-By: Jelmer Vernooij <jelmer@samba.org>(cherry picked from commit cf9636ea99bb5063a8c7d771c1e29f684b4b753a) (cherry picked from commit d0ab357d3bae114bda2d678049e89272614da713)
* tevent: Define TALLOC_FREE() if it's not defined yet, to allow building with ↵Jelmer Vernooij2009-09-091-0/+6
| | | | | | released versions of talloc. (cherry picked from commit 72b744f38ebb9f9576c05c7bb0a00de26697ec8f) (cherry picked from commit ce80afbe3ad7534d659109e60874540531738aaf)
* tevent: Remove python module.Stefan Metzmacher2009-09-097-220/+0
| | | | | | | | | | | This module didn't have any functionality that we actually used yet, and it was quite small. Tevent is quite low level and perhaps doesn't make much sense to expose directly as a Python module. It was also causing build problems when used with a system-tevent. We can always back later if necessary. (cherry picked from commit 5065cf70f8bf41193d6d33413f2285f62bba0502) (cherry picked from commit 1d0e302bc49c77542fa39a18d995268e8685d141)
* tevent: Install tevent_internal.h in the standalone build.Jelmer Vernooij2009-09-092-1/+4
| | | | | | | This is not ideal, but at least it fixes the build of samba-gtk for now. I've also added a warning about API guarantees at the top of the header. (cherry picked from commit 857c3f8322005efd460c2f516a9486a2de059e9f) (cherry picked from commit 30acc30ce5c01a30a96a6ce80ab99576574d8196)
* Update copies of config.guess and config.sub. (cherry picked from commit ↵Jelmer Vernooij2009-09-0916-536/+1982
| | | | | | 6230eb94af2305f479db3b76479a0dc841c3d1d5) (cherry picked from commit c20026a9afe1527f6442e8eedf669d199d8cdb26)
* tevent: Don't install headers, since we don't install a shared lib either ↵Jelmer Vernooij2009-09-091-5/+0
| | | | | | (from Samba). (cherry picked from commit 06864b4469f5f3d77637f8e6c97ec0558289cd29) (cherry picked from commit 49c97fb7a1bc49b160677fc7fae69b05bd6161a4)
* tevent: fix typo async_req_done() => tevent_req_done()Stefan Metzmacher2009-09-091-1/+1
| | | | | | metze (cherry picked from commit 6f7cd213dd38e770224cf131054862b76069aed8) (cherry picked from commit 915a516da4ef536d09075e14959cfa7e866f7e7b)
* tevent: fix the nesting logicStefan Metzmacher2009-09-091-7/+7
| | | | | | | | | | | | | | | Only tevent_loop_once and tevent_loop_until() should care about the nesting level. This fixes the samba3 printing code where we use tevent_loop_wait() and don't allow nested events. We still call the nesting hook for all levels, we need to decide if we really want this... metze (cherry picked from commit 36e7045340bbc7d6567008bdd87c4cdf717835bd) (cherry picked from commit 01a4ec433627fe36c9eef7a8f1a7f45b86eb8262)
* fixed a logic bug in the tevent nesting codeAndrew Tridgell2009-09-091-1/+13
| | | | | | | | | | | | The event nesting code never triggered as nesting.level was never greater than 1. The main event loop needs to increase the nesting level by 1. I also added a paranoia check to the nesting setup call. The API as currently written cannot support multiple nesting hooks, so we need to abort if multiple hooks are tried. (cherry picked from commit 13b6663e23a424473d14324ac229a21e1e90580a) (cherry picked from commit 6e968a6f12de83be431e6244c34bb3cecf52ee42)
* s3-winbindd: Fix Bug #6700: Use dns domain name when needing to guess server ↵Günther Deschner2009-09-091-1/+1
| | | | | | | | | | | principal. Patch from Robert LeBlanc <robert@leblancnet.us>. Thanks! Guenther (cherry picked from commit 1f6f0fc92b1bb487fb99ac1e9c96f8f09adb9fbc)
* WHATSNEW: Update changes since 3.4.0.Karolin Seeger2009-09-081-0/+16
| | | | | Karolin (cherry picked from commit d5098d7372fb3ab5991df5ce6daa994372934b39)
* s3-schannel: Fix Bug #6697. Interdomain trusts with Windows 2008 R2 DCs.Günther Deschner2009-09-082-2/+2
| | | | | | | | | The Schannel verifier (aka NL_AUTH_SIGNATURE) structure (32 byte) sent from a W2k8r2 DC is passed in a buffer with the size of a NL_AUTH_SHA2_SIGNATURE (56 byte). We should just ignore the remaining 12 zeroed bytes and proceed. Guenther (cherry picked from commit ebd5019ef422a85119a7ea25025ff22d5a3bd757)
View Lorry Controller Status