summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* WHATSNEW: Update release date.samba-3.5.5Karolin Seeger2010-09-091-1/+1
| | | | Karolin
* WHATSNEW: Prepare 3.5.5 release notes.Karolin Seeger2010-09-091-5/+18
| | | | Karolin
* Fix bug #7669.Jeremy Allison2010-09-096-5/+31
| | | | | | | | | | | | | | | | | | | | | | | | Fix bug #7669 (buffer overflow in sid_parse() in Samba3 and dom_sid_parse in Samba4). CVE-2010-3069: =========== Description =========== All current released versions of Samba are vulnerable to a buffer overrun vulnerability. The sid_parse() function (and related dom_sid_parse() function in the source4 code) do not correctly check their input lengths when reading a binary representation of a Windows SID (Security ID). This allows a malicious client to send a sid that can overflow the stack variable that is being used to store the SID in the Samba smbd server. A connection to a file share is needed to exploit this vulnerability, either authenticated or unauthenticated (guest connection).
* WHATSNEW: Start release notes for 3.5.5.Karolin Seeger2010-06-241-2/+44
| | | | | Karolin (cherry picked from commit 28f6e4144b092bd21f49ca989d36df19ce002231)
* VERSION: Bump version number up to 3.5.5.Karolin Seeger2010-06-241-1/+1
| | | | | Karolin (cherry picked from commit 6e2b68fef3e0851e1564921d1c4285c8d4a9b550)
* s3-docs: Add missing whitespace.samba-3.5.4Karolin Seeger2010-06-211-1/+1
| | | | | | Karolin (cherry picked from commit 2352538362977e456e8d05783f2732ff650cea41) (cherry picked from commit 9d9a9a0f79ad6fa894f72a4678f59fb40c9fce94)
* WHATSNEW: Update changes since 3.5.3.Karolin Seeger2010-06-181-2/+54
| | | | | Karolin (cherry picked from commit 656160ef0643aeba28c7db499ddb1e840c78e4bb)
* s3-docs: Fix some of ntlm_auth ntlm-server-1 protocol documentation.Günther Deschner2010-06-181-3/+3
| | | | | | Guenther (cherry picked from commit cfb67b1a169350a8316532eb5d53de4a3f2bacb3) (cherry picked from commit b3ccbcb83650cea627ad97e920d3f73659ffa6a0)
* s3:configure: use cc for linking on IRIX and fix shlib usageBjörn Jacke2010-06-181-3/+2
| | | | | The last two patches address bug #7504 (numerous build glitches to be fixed). (cherry picked from commit fe9dde3a629db9ae98ff6d94be145aa7e7c2d9ce)
* s3:vfs_scannedonly: fix a build issue on IRIX and HP-UXBjörn Jacke2010-06-181-0/+6
| | | | | this is a cherry-pick of ae95e8028c294ee1e2dc66a7a62d006572142629 (cherry picked from commit 4a7f1c92f7a1471f5edf06736835a5dc979af3f7)
* check if LD_AS_NEEDED breaks linking with libreadline fixes #7209Olaf Flebbe2010-06-181-0/+20
| | | | | | Signed-off-by: Simo Sorce <idra@samba.org> (cherry picked from commit 7aa8af144efc6d57f33b90ac856096aa7089468d) (cherry picked from commit f2330cc029243c70043b18554241363d890c96e7)
* s3-auth: in make_user_info_for_reply_enc make sure to check length and data ↵Günther Deschner2010-06-181-2/+2
| | | | | | | | | | | | | pointer of nt and lm hash. This fixes kernel cifs client with sec=ntlmv2. Guenther (cherry picked from commit b4364add896d1657263a66c55d867d28bf5ceb1b) Fix bug #7517 (session setup from linux kernel cifs client fails with sec=ntlmv2). (cherry picked from commit a95df865d474b0ba59ad95dcb8c20c923c66f4ba)
* s3-spoolss: fix some crash bugs and missing error codes in AddDriver paths.Günther Deschner2010-06-182-2/+12
| | | | | | | | | | | Found by torture test. Guenther (cherry picked from commit 413ffe9adb8eea488133da0249dcb2eca08fd69d) Addresses bug #7459 (after upgrade to samba 3.4 and 3.5 lose ability to control duplex for normal domain user). (cherry picked from commit 286f4b53993fab0ffc53e5619e2987dfb13b0ec2)
* s3:Makefile: fix a typo in flag variable nameBjörn Jacke2010-06-181-2/+2
| | | | | | | | This is the backport of 60cba59ff8ee75e3d476c1b293ca2f545b7f9e49 and fixes another build error on AIX. see also bug #7504 (numerous build glitches to be fixed) (cherry picked from commit be585bb0cd81f5ddd3345f04990eaddfa1e13eda)
* s3:build: remove CFLAGS from Solaris LDSHFLAGS, SHLD has them alreadyBjörn Jacke2010-06-181-4/+1
| | | | | The last 9 patches address bug #7504 (numerous build glitches to be fixed). (cherry picked from commit 6c78aca691a9951a5a5c27e538df8c8376a74db1)
* s3: final test for working shlib support requires PICFLAGBjörn Jacke2010-06-181-1/+1
| | | | (cherry picked from commit 85cbb1a6b371e2282f0115e87e803c6fdc03c07c)
* s3: use autoconf macro to get some debug output in config.logBjörn Jacke2010-06-181-4/+7
| | | | (cherry picked from commit 87a0f216eb6929e48b1c3c234426d29fdab38dc8)
* s3: fix check for pie compiler flagsBjörn Jacke2010-06-181-2/+2
| | | | | | | some compilers (HP and Sun e.g.) output warning messages on stderr for unknown options and we ended up partly using some unwanted random compile flags we did't intend to use. (cherry picked from commit e8468ab02b201885b6a211c4b27913014ee9a5a2)
* s3: add m4 macro to check if stderr is empty or notBjörn Jacke2010-06-181-0/+13
| | | | (cherry picked from commit 6f2bf6cf9d2b5ed3ca2992e26f442035764e0762)
* s3:configure: add Werror_FLAGS for IBM's xlcBjörn Jacke2010-06-181-2/+14
| | | | (cherry picked from commit 8c4cdf30ae254b4c5ff9eff221529abc98855857)
* s3:Makefile: add missing linker flags for smbfilterBjörn Jacke2010-06-181-1/+1
| | | | | this should fix the AIX build (cherry picked from commit 634577b29d8eea085c79e35d34d6e242a0a9f5a2)
* s3:Makefile: position independency is also needed for shared libsBjörn Jacke2010-06-181-4/+4
| | | | (cherry picked from commit 6a9aa4c2b3bebe06de97524a5c5ca577aaa3d14c)
* s3:build: don't use pieflags twice - ldflags already have themBjörn Jacke2010-06-181-2/+2
| | | | (cherry picked from commit 60ad93f074d83a65df080b85e43ea61722340a1c)
* s3:configure: turn "error warnings" into errorsBjörn Jacke2010-06-181-1/+1
| | | | | | | | | By default "Missing argument(s)" is just an "error warning" for xlc :-) The change to turn "error warnings" into errors should fix bug #7427. (cherry picked from commit ff0872d59d78ad42212c88313ef924ea4eb7a8a1) Fix bug #7427 (Using IBM xl_C compiler produces wrong results in configure). (cherry picked from commit 08c1c5f87e249a6f42dc5d78d8429689e1ec7274)
* s3: fix calculation of st_blocks in streams_xattrBjörn Jacke2010-06-181-3/+3
| | | | | | | | Thanks to Joachim Schmitz for finding that miscalculation. (cherry picked from commit 6a6bb768c6542d738a8b2b6da282159a65ed611d) Fix bug #7503 (vfs_stream_xattr calculates st_blocks wrong). (cherry picked from commit 3f8a03cfdaa29e54b50738df4e7b782228e2d931)
* s3: Fix EnumDomainAliases when no aliases are in LDAPVolker Lendecke2010-06-181-6/+4
| | | | | | | | | | | We used to return NT_STATUS_ACCESS_DENIED, now we just return 0 entries, just like W2k8 does. usrmgr.exe was pretty unhappy with the NT_STATUS_ACCESS_DENIED (cherry picked from commit f66cc827096c53d4d16b8c850c83a3b5664e9725) Fix bug #7262 (Unable to maintain users' groups via UsrMgr). (cherry picked from commit 1439a1d7ff406dd5dce885100349751151c14bf6)
* s3:pdb_ldap: fix bug 7507 - init_sam_from_ldap stores group in sid2uid cacheMichael Adam2010-06-181-1/+1
| | | | | (cherry picked from commit ba809ecb8ab217e4376bf75d2300e146b62b88eb) (cherry picked from commit cc740fb5eb56a0875703753d4a116d2fe33ec186)
* s3: Fix bug 7253Volker Lendecke2010-06-181-1/+8
| | | | | | | | | | acct_ctrl is 32 bit in LOGIN_CACHE, but "w" as a format specifier for tdb_unpack only writes 16 bits. Okay on x86, not okay on Solaris. Thanks to Vladimir.Marek@Sun.COM! Volker (cherry picked from commit 556b6f83d66d7268651ac7ba153fa47ff6a5e776)
* s3-netdomjoin-gui: Fix Bug #7500. Fix 'not a string literal' warning in ↵Günther Deschner2010-06-181-1/+1
| | | | | | | | | | | | netdomjoin-gui. Patch from Buchan Milne <bgmilne@mandriva.org>. Thanks! Guenther (cherry picked from commit 575b1018c65312e9eab562cf4851524cf2f8f24a) (cherry picked from commit 1419c154d67b8ffaf0d6e2e3ba103121ab3736f5)
* s3: Allow previous password to be stored and use it to check ticketsMatthieu Patou2010-06-184-41/+137
| | | | | | | | | | | | This patch is to fix bug 7099. It stores the current password in the previous password key when the password is changed. It also check the user ticket against previous password. Signed-off-by: Günther Deschner <gd@samba.org> Fix bug #7099 (Every Thursday at 11:08-11:15am Windows Client Connections break with Kerberos errors). (cherry picked from commit 89eea1fa9154c67ae4d3e729a8db7ad17ec9b9d7)
* s3-samr: Fix crash bug in _samr_QueryUserInfo{2} level 18.Günther Deschner2010-06-181-4/+13
| | | | | | | Guenther Fix bug #7479 (Crash bug in _samr_QueryUserInfo{2} level 18.) (cherry picked from commit 386a4621b8c9e8f7956320a44679789b731d7b10)
* s3-selftest: enable RPC-WINREG against s3.Günther Deschner2010-06-181-1/+1
| | | | | | | | Guenther The last 4 patches address bug #7453 (winreg: QueryValue crashes on NULL pointer dereference). (cherry picked from commit 73d413524e62796fdcfa4ac06a6499ecd6b9978f)
* s3-winreg_nt: Fixed QueryValue with data=NULL to get the length. (cherry ↵Andreas Schneider2010-06-181-1/+3
| | | | | | picked from commit 4567bf9df53e62c0f30279235d56d13cb38de190) (cherry picked from commit b541fb1500aad87aee46ef48036f3b4a05b119cd)
* s3-winreg: change notify call has no meaning when called remotely.Günther Deschner2010-06-181-4/+0
| | | | | | | | Just return not supported to make smbtorture happy. Guenther (cherry picked from commit e46d3d9475c59af8ba6810aeb1403c1aa9e37d9d) (cherry picked from commit 5d9f173d28fab6ea1afc36978c88f881bb7da52e)
* s3-winreg: make QueryValue pass RPC-WINREG test again.Günther Deschner2010-06-181-0/+4
| | | | | | Guenther (cherry picked from commit 24a7f8f2dbae73e862b9b3d4c6f0692054c354b3) (cherry picked from commit 4f527cf96a2c208c32f97073b6453386b4a1825c)
* Fix bug #7448 - smbd crash when sambaLMPassword and sambaNTPassword entries ↵Roel van Meer2010-06-181-0/+3
| | | | | | | missing from ldap. Protect SMBsesskeygen_ntv1() from a NULL pointer. (cherry picked from commit 4c5a1b6b17b5575ea943eaf0472453222579365a)
* s3-selftest: deal with changed samba3 test names.Günther Deschner2010-06-181-2/+2
| | | | | Guenther (cherry picked from commit 144b973cc4d0afa4df6ada9243922206437b5fa1)
* Fix what looks like a cut-and-paste error in our read_negTokenInit() function.Jeremy Allison2010-06-181-4/+4
| | | | | | | | | | | | | | We should never be calling asn1_push_XXX functions inside an asn1 reading function. Change asn1_push_tag() -> asn1_start_tag() and asn1_pop_tag() -> asn1_end_tag(). This allows us to connect to a NetApp filer at the Microsoft plugfest. Andrew PLEASE CHECK ! Jeremy. Fix bug #7449 (spnego data mis-parsed - returns incorrect mechListMIC string). (cherry picked from commit 70098b751c10e632738f687976e6ef5e5fb2fc7b)
* Fix bug #7410 - samba sends "raw" inode number as uniqueid with unix extensions.Jeremy Allison2010-06-185-10/+39
| | | | | | | | | | | | | | Move to a consistent get_FileIndex() function for all inode returns, that checks if st_dev on the file is identical to the top directory dev_t of the exported share, and if so uses the raw 64-bit inode number. If it isn't (we've traversed a mount point) - return what we used to do for Windows which is the concatination of the bottom 32-bits of the inode with the 32-bit device number. We can get more creative with this over time (hashing?) if we want as now all inode returns go through this single function. Jeremy. (cherry picked from commit 920ffe49290cacd30d9bc582c1c3fee38308c260)
* s3: Fix a typo found by ITPFS oota <t-oota@dh.jp.nec.com>Volker Lendecke2010-06-181-1/+1
| | | | | | Thanks! (cherry picked from commit d12768cc0ae52d95ffd83070948c83af4ce8704b) (cherry picked from commit 167c082c1eb18f8360d094c96cbcef4ce48d935b)
* Fix bug #7188 - Logic error in check of total_data for call_trans2mkdir()Jeremy Allison2010-06-181-16/+13
| | | | | | | | Make ea data checks identical for trans2open and trans2mkdir. Jeremy. (cherry picked from commit 704a607e3c3a5c3e727b386fab9dbcdff56b5ac4) (cherry picked from commit 0c20af069105befe8cf530050b5f948cde5391fe)
* s3-kerberos: temporary fix for ipv6 in print_kdc_line().Günther Deschner2010-06-181-5/+20
| | | | | | | | | | | | | | Currently no krb5 lib supports "kdc = ipv6 address" at all, so for now just fill in just the kdc_name if we have it and let the krb5 lib figure out the appropriate ipv6 address ipv6 gurus, please check. Guenther (cherry picked from commit dd5a4e23f8c24564d3fd21bb8d01172321087362) The last 3 patches fix bug #7341 (winbind not working over IPv6). (cherry picked from commit 5ab33bec40739c7c86b17536fd6cdc04fc0f91b2)
* s3-kerberos: pass down kdc_name to create_local_private_krb5_conf_for_domain().Günther Deschner2010-06-184-12/+22
| | | | | | Guenther (cherry picked from commit e3bdff3d67b46277ee59685218bd90f3788b487d) (cherry picked from commit 2ce299f16cb2ff292755186894284d6efb296d08)
* s3-winbind: make the getpeername() checks in cm_prepare_connection IPv6 aware.Günther Deschner2010-06-181-5/+25
| | | | | | | | | | | | | Note that this failure was hard to track, as winbind did only log a super helpful "cm_prepare_connection: Success" debug message. IPv6 gurus, please check Successfully tested in two independent IPv6 networks now. Guenther (cherry picked from commit 14ac2bb36ee22be6133ca1d069dc5de6c1891f47) (cherry picked from commit 72d635514d9c00a09b00ed0d9928cab6a3a2f6f7)
* s3-spoolss: Added EN ISO 216, A0 and A1 to builtin forms.Andreas Schneider2010-06-181-0/+2
| | | | | | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Signed-off-by: Günther Deschner <gd@samba.org> (cherry picked from commit 0953087f82ddbd580e9807e0e8d780e78686c03c) Fix bug #7423 (Large Formats at printing not available). (cherry picked from commit 73bec197a91a15aa9a69c9a3868ed51bdd3674ea)
* WHATSNEW: Prepare Samba 3.5.4 release notes.Karolin Seeger2010-05-191-2/+43
| | | | | Karolin (cherry picked from commit 61aacde86c09d6757165d4f8bf737ee1626e4631)
* VERSION: Bump version number up to 3.5.4.Karolin Seeger2010-05-191-1/+1
| | | | | Karolin (cherry picked from commit b75441b74920724a359d635d0393841db8535c95)
* WHATSNEW: Add major enhancements in 3.5.3.samba-3.5.3Karolin Seeger2010-05-171-1/+3
| | | | | Karolin (cherry picked from commit 813cfd7cb1f069ea622724e01d4b75b18bfcf482)
* WHATSNEW: Update changes since 3.5.2.Karolin Seeger2010-05-171-0/+52
| | | | | Karolin (cherry picked from commit ffd5a0f90fd43d1e3a995e60acade1a07d8ef1c8)
* mount.cifs: check for NULL addr pointer before handling scopeidJeff Layton2010-05-171-1/+1
| | | | | | | Signed-off-by: Jeff Layton <jlayton@redhat.com> Fix bug #7315 (mount.cifs segfaults after upgrade to 2.6.33). (cherry picked from commit 78a6eb582d28d92db5ffab6ded40785be54cf540)
View Lorry Controller Status