| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
| |
Summary:
Specially crafted SMB requests on
authenticated SMB connections can send smbd
into a 100% CPU loop, causing a DoS on the
Samba server.
|
|
|
|
| |
Karolin
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
===========================================================
== Subject: Misconfigured /etc/passwd file may share folders unexpectedly
==
== CVE ID#: CVE-2009-2813
==
== Versions: All versions of Samba later than 3.0.11
==
== Summary: If a user in /etc/passwd is misconfigured to have
== an empty home directory then connecting to the home
== share of this user will use the root of the filesystem
== as the home directory.
===========================================================
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When running mount.cifs with the --verbose option, it'll print out the
option string that it passes to the kernel...including the mount
password if there is one. Print a placeholder string instead to help
ensure that this info can't be used for nefarious purposes.
Also, the --verbose option printed the option string before it was
completely assembled anyway. This patch should also make sure that
the complete option string is printed out.
Finally, strndup passwords passed in on the command line to ensure that
they aren't shown by --verbose as well. Passwords used this way can
never be truly kept private from other users on the machine of course,
but it's simple enough to do it this way for completeness sake.
Reported-by: Ronald Volgers <r.c.volgers@student.utwente.nl>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Acked-by: Steve French <sfrench@us.ibm.com>
Part 2/2 of a fix for CVE-2009-2948.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It's possible for an unprivileged user to pass a setuid mount.cifs a
credential or password file to which he does not have access. This can cause
mount.cifs to open the file on his behalf and possibly leak the info in the
first few lines of the file.
Check the access permissions of the file before opening it.
Reported-by: Ronald Volgers <r.c.volgers@student.utwente.nl>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Acked-by: Steve French <sfrench@us.ibm.com>
Part 1/2 of a fix for CVE-2009-2948.
|
|
|
|
| |
Karolin
|
|
|
|
| |
Karolin
|
|
|
|
|
|
|
| |
INSTALLPERMS_BIN does not exist.
Karolin
(cherry picked from commit 3bcbe4a70ee07c688c3b6a286aeeacc634659545)
|
|
|
|
|
| |
Karolin
(cherry picked from commit 0fd1c6370f8d163edd9d3a99f00e2a6e5e322ba9)
|
|
|
|
|
| |
Karolin
(cherry picked from commit d6c81c70c45348c86433dd64297e1a659535c155)
|
|
|
|
| |
(cherry picked from commit a15c816ba5fd4dcedd68beb1fcb0540de325c1cb)
|
|
|
|
|
| |
Karolin
(cherry picked from commit ccded3263ad1135cc707e24cc78d0fd95e2e88d3)
|
|
|
|
|
|
|
|
| |
Karolin
(cherry picked from commit c2eb0d87a2436614741119ebd14fda05b42a2ddd)
(cherry picked from commit 98c238a54dbe3e64262252a9fb38b382c53c1bcf)
(cherry picked from commit b118a70a9fc96e8ae5e51ebc8abc9076b07fdf27)
(cherry picked from commit 4d569a5bcdf7549daa5f8be7a7006c296f8a35ea)
|
|
|
|
|
|
|
|
|
|
|
| |
That fixes bug #4247. Thanks to David McNeill <davemc [at] mcpond.co.nz>
for reporting!
Karolin
(cherry picked from commit eaf949947c2eb03363c4b6f588f87b70110d6ff7)
(cherry picked from commit cea79d1fbf44b0d5bff5aa12962fb3d3cb61c367)
(cherry picked from commit 226620d0ed221da983b4f662fcef14906588f1bd)
(cherry picked from commit e0eb78298e63c8dafbee9dea27a4e5f2150a4807)
|
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes bug #4245. Thanks to David McNeill <davemc [at] mcpond.co.nz>
for reporting!
Karolin
(cherry picked from commit 579c91581f5b6d5341a12923fe6cde377223caff)
(cherry picked from commit 49caab4044e47236594c6688f202aed555b9da61)
(cherry picked from commit 139f95c85f96e7ccba024283608f9ee5990f6676)
(cherry picked from commit 148aa12c89df78718addd7b72c79a8005e680509)
(cherry picked from commit c36d3dae4740529427ea5ee5b77ad687de371d9c)
|
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes bug #4315.
Thanks to Felipe Augusto van de Wiel <faw [at] cathedrallabs [dot] org>!
Karolin
(cherry picked from commit 3422b9c546cdd262bd747e1e737c2b6479b4d21e)
(cherry picked from commit 3da62734fffa99cde1084beeb69e94a7bc623dde)
(cherry picked from commit b487a48c876fcaf88ec3fb4b05bacdd9b0bd8cd0)
(cherry picked from commit ccea7f24879265291615802982b67451ddb818ad)
(cherry picked from commit 3ba226109c01ee7f96be1592874aff4b930e2793)
|
|
|
|
|
|
| |
By-hand merge error :-).
Jeremy.
(cherry picked from commit 869b56a24a1408ea798682b45f9c297341f88ad5)
|
|
|
|
|
|
|
| |
LDAP_SUCCESS but not returning a result.
Jeremy
(cherry picked from commit 448d6cd32c793d04c3c509200bfaa75f466a0ee5)
|
|
|
|
|
|
|
|
| |
Thanks to Jeffrey Riaboy <dakusan@castledragmire.com>.
Guenther
(cherry picked from commit 2b1fe2c98f4e0013dee4cbae62dc36cdd4085c7d)
(cherry picked from commit cb29ca98bb1c166ecd806e82c9d13865ae502a65)
|
|
|
|
|
|
| |
For a detailed explanation, see
http://lists.samba.org/archive/samba-technical/2009-March/063626.html
(cherry picked from commit a92280537071b5a9a9bc56fbeead14c6874d5a55)
|
|
|
|
|
| |
Jeremy.
(cherry picked from commit bdf46ea491801cdf8ff6f42c0a1ef51080cfc410)
|
|
|
|
|
|
| |
also check for an upper one (integer wrap).
Jeremy.
(cherry picked from commit f03bacbf695f877d27186a39755ae726a22a61c8)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
According to [MS-RPCE].pdf, section 2.2.2.11:
----
A client or a server that (during composing of a PDU) has allocated more space
for the authentication token than the security provider fills in SHOULD fill in
the rest of the allocated space with zero octets. These zero octets are still
considered to belong to the authentication token part of the PDU.<36>
----
RPC implementations are allowed to send padding bytes at the end of an auth
footer. Windows 7 makes use of this.
Thanks to Nick Meier <nmeier@microsoft.com>
Volker
(cherry picked from commit 7274d5691a339087f2770acf2f954830506f5cdc)
|
|
|
|
|
|
|
|
|
|
|
| |
Was missing case of "If file exists open. If file doesn't exist error."
Damn damn damn. CIFSFS client will have to have fallback cases
for this error for a long time.
Make test for open modes more robust against other bits.
Jeremy.
(cherry picked from commit ac11d94f36e1878f3f5d86f2e7197fd8ecdd196b)
|
|
|
|
|
|
|
|
|
|
| |
guest session setup, login (user id) as anonymous.
This patch is for samba bugzilla bug 4640.
Signed-off-by: Shirish Pargaonkar <shirishp@us.ibm.com>
Acked-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@samba.org>
(cherry picked from commit a8f10f4469b31565e33669560657c2b3df68c13b)
|
|
|
|
|
|
|
|
| |
Also sync with current mount.cifs
Acked-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@samba.org>
(cherry picked from commit 510619be1897f1610d1a033c4e318002e077fdb2)
|
|
|
|
|
|
|
| |
this fixes some compile time noise on FreeBSD 7
(cherry picked from commit 1bfdbb093f7c5e434ea3e653d389e1ccec578af6)
(cherry picked from commit de96e1a82d6e92c00a0ab3020db8d7c0284aadb1)
(cherry picked from commit b4fc28ddffa4f9a74ca72ee6c2d30f544de5360c)
|
|
|
|
|
|
|
|
|
|
| |
Thanks to Tobias Stoeckmann for reporting!
Karolin
(cherry picked from commit 09a7f93f6be66a8f2a124e49b4effe2b5863f01d)
(cherry picked from commit fdb5c65fc51784b6a159748ec4df3953b7d2c1cb)
(cherry picked from commit b19f58ccd088a10e487a1261cadb4f3f41987391)
(cherry picked from commit eebc7e7ff0e6580b55ca0964a1f38096e11caa78)
|
|
|
|
|
|
|
|
|
|
|
| |
Windows 7 looks at the negotiate_flags
returned in this structure *even if the
call fails with access denied ! So in order
to allow Win7 to connect to a Samba NT style
PDC we set the flags before we know if it's
an error or not.
Jeremy.
(cherry picked from commit 194fdee65f91e8ea88196d2cff1c678f868bb3df)
|
|
|
|
|
| |
Jeremy.
(cherry picked from commit 3086400b61ee3dda639c5520b539d4ff76e4d9c5)
|
|
|
|
|
|
|
|
|
|
|
|
| |
work correctly with "security = domain"
1. If DNS server is invalid, the get_sorted_dc_list() is called with
realm(FQDN) and it fails.
2. On the next step, the get_sorted_dc_list() is called with realm(FQDN) again.
I think "again" is wrong place.
On the 2nd step, get_sorted_dc_list() should be called with realm(WORKGROUP).
(cherry picked from commit 58331a118dd6a7fb56e70afe6cf93ef7cfff7e81)
|
|
|
|
|
|
| |
Was missed in the last maintenence release.
Jeremy.
(cherry picked from commit db4a435d235bedf48d668a0f4418dd46f38044ed)
|
|
|
|
|
| |
...so that these options work correctly when passed in by mount(8).
(cherry picked from commit a894bd4504f070233dd2785a62483090581f5bf3)
|
|
|
|
|
|
|
|
| |
Michael
(cherry picked from commit 145fe37766cf1ecffb16a03b58b44d08f7ed7558)
Signed-off-by: Michael Adam <obnox@samba.org>
(cherry picked from commit 45699a287d27cce24e883384a72441d310c8ee28)
|
|
|
|
| |
(cherry picked from commit 04fc826efb290ba4b1f173752efb37a4b87281f2)
|
|
|
|
|
|
|
|
|
| |
This patch removes the remaining entry in /etc/mtab after a filesystem
is unmounted by canonicalizing the mountpoint supplied on the command
line.
Please refer to bug 4370 in samba bugzilla.
(cherry picked from commit df341bd2b83cc67e31d5b91ae39b4f4f7619ffd0)
|
|
|
|
| |
(cherry picked from commit 7a1408f89f1addff993d1e2dfb7462d12d0a2f48)
|
|
|
|
|
|
| |
and libc segfaults if printf is passed NULL for a "%s" arg
(eg. Solaris).
(cherry picked from commit d3220d9d58477f2a6ef7a78c3cf05cb232b57aff)
|
|
|
|
|
|
| |
This is required to get the CIFSUPCALL_PROGS setting extracted from
config.log.
(cherry picked from commit dbfdfd047e8e69942b3289733d300d716cdbec53)
|
|
|
|
|
|
| |
Only install the cifs.upcall man page if CIFSUPCALL_PROGS was set while
configure.
(cherry picked from commit fda450e4d6f9d2661235a3422c0db644a6c686b3)
|
|
|
|
|
| |
Guenther
(cherry picked from commit 5202fa31b227d8dd9a3ddfab26f7933bfd349281)
|
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes bug #5346.
Thanks to the Debian Samba package maintainers for reporting and providing a
patch!
Karolin
(cherry picked from commit 73f4fc1f802f31459b70dba4777d142d00fcdd92)
(cherry picked from commit ab4768452811e67f6606253b5a79101184f777d0)
(cherry picked from commit 876b0b001976226a7c1887570c08178d72842a48)
(cherry picked from commit 72655775487617e2f76836a7b16bee81e430f6f1)
|
|
|
|
|
|
|
| |
(The test needs to additionally include <netinet/in_systm.h>.)
Michael
(cherry picked from commit 1868bfd40f7bf4caf9a31116111fa3a5169f4735)
|
|
|
|
|
|
|
| |
under solaris
Michael
(cherry picked from commit d09c9b459638242b9df53cc82a8849699d572486)
|
|
|
|
|
|
|
|
|
|
| |
exit in the directory where it was called using pushd/popd.
Michael
(cherry picked from commit b319549f129b1c79afc9bfd4a84f2730b96d69a3)
Signed-off-by: Michael Adam <obnox@samba.org>
(cherry picked from commit 84433b32a9339662ddad9443b90beafdcd8a2044)
|
|
|
|
|
|
|
|
| |
Michael
(cherry picked from commit 5e21fc3506f2ba7b1135b1acad2697dfb86b5df0)
Signed-off-by: Michael Adam <obnox@samba.org>
(cherry picked from commit 12116d757e2d9e3472dcccecc83ba77e09767d52)
|
|
|
|
|
|
|
|
| |
Michael
(cherry picked from commit 9b32e839bec8611c30745607a3a6b124d5b34c01)
Signed-off-by: Michael Adam <obnox@samba.org>
(cherry picked from commit c6c1ab779c50c24c362132d4a5f26bee198a8a1a)
|
|
|
|
|
|
|
|
| |
Michael
(cherry picked from commit 37412017c5dd2f05a7f4bbe0410a6e00ce4805e5)
Signed-off-by: Michael Adam <obnox@samba.org>
(cherry picked from commit 892ab9ce709a478fad31f552a70a4b5992a386ed)
|
|
|
|
|
|
|
|
| |
Michael
(cherry picked from commit ce3e34d37ce5592e0268be5d16240387d971585a)
Signed-off-by: Michael Adam <obnox@samba.org>
(cherry picked from commit 347cc7f911cdbbe04aa3254444f7060cb0d2038e)
|
|
|
|
|
|
|
|
|
|
|
| |
- remove stuff created by configure in distclean
- remove stuff created by autoconf in realdistclean
Michael
(cherry picked from commit 65c92fea3d18c3520ff2a1e53a0c5c8825c9788f)
Signed-off-by: Michael Adam <obnox@samba.org>
(cherry picked from commit 4976a8737700aff1772126375b60566046f29ec4)
|