summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* s3-cli_pipe: fix timeout in rpc_pipe_open_tcp_port().Günther Deschner2011-04-141-1/+1
| | | | | | | | | | | | | | | | Make sure we use a timeout of 60 seconds, not 60 milliseconds... This prevented us from successfully using the ncacn_ip_tcp client in a lot of places, I guess. Guenther Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Wed Apr 13 18:59:19 CEST 2011 on sn-devel-104 (cherry picked from commit 4b3fe5247a6e16b1ad9f05269e9aa00e3120e36a) Fix bug #8085 - incorrect timeout handling in ncacn_ip_tcp client code. (cherry picked from commit d7d39c723e1855a3d18813e8a79fcca9770b0142)
* Allow NULL queue to writev_sendVolker Lendecke2011-04-141-6/+16
| | | | Fix bug #8086 - null pointer reference crashes winbind.
* WHATSNEW: Start 3.4.13 release notes.Karolin Seeger2011-02-281-2/+44
| | | | | Karolin (cherry picked from commit c32b64f22e0ed14d686cb88554e618f2d63acebe)
* VERSION: Bump version number up to 3.4.13.Karolin Seeger2011-02-281-1/+1
| | | | | Karolin (cherry picked from commit 7afb216d1d25c1269dcf63f845bebde9a989caa2)
* WHATSNEW: Fix typo.Karolin Seeger2011-02-281-1/+1
| | | | | Karolin (cherry picked from commit 2aa648e4e9c530a4c9e8d1389fa16e775ac91e54)
* VERSION: Bump version number up to 3.4.12.Karolin Seeger2011-02-281-1/+1
| | | | | Karolin (cherry picked from commit 8da98df066bcfc8a47a83615788a55206075ad2b)
* WHATSNEW: Prepare 3.4.12 release notes.Karolin Seeger2011-02-281-2/+51
| | | | | Karolin (cherry picked from commit da478595190a4a6634b6fc1654fcac58c73e66de)
* Fix denial of service - memory corruption.Jeremy Allison2011-02-2818-8/+149
| | | | | | | | | | | | | | | | | | | | | | | CVE-2011-0719 Fix bug #7949 (DoS in Winbind and smbd with many file descriptors open). All current released versions of Samba are vulnerable to a denial of service caused by memory corruption. Range checks on file descriptors being used in the FD_SET macro were not present allowing stack corruption. This can cause the Samba code to crash or to loop attempting to select on a bad file descriptor set. A connection to a file share, or a local account is needed to exploit this problem, either authenticated or unauthenticated (guest connection). Currently we do not believe this flaw is exploitable beyond a crash or causing the code to loop, but on the advice of our security reviewers we are releasing fixes in case an exploit is discovered at a later date. (cherry picked from commit 43babef991feedbe2acb77d27254d302ab107fa8)
* WHATSNEW: Fix typo.Karolin Seeger2011-01-231-1/+1
| | | | Karolin
* WHATSNEW: Add changes since 3.4.10.Karolin Seeger2011-01-231-4/+6
| | | | Karolin
* s3: Fix connecting to port-139 only serversVolker Lendecke2011-01-231-3/+5
| | | | | | | | When the TCP RST came before the 5 msecs timeout kicked in, we viewed this as final, as state->req_139 was not set yet. Fix bug introduced by a fix for bug #7881 (winbind flaky against w2k8). (cherry picked from commit f2a19b87725f9318e983dff6358a3eee721bff08)
* WHATSNEW: Start release notes for Samba 3.4.11.Karolin Seeger2011-01-221-2/+42
| | | | Karolin
* VERSION: Raise version number up to 3.4.11.Karolin Seeger2011-01-221-1/+1
| | | | Karolin
* WHATSNEW: Add major enhancements.Karolin Seeger2011-01-191-0/+3
| | | | Karolin
* WHATSNEW: Update changes since 3.4.9.Karolin Seeger2011-01-171-2/+30
| | | | Karolin
* Revert "s3-printing: update parent smbd pcap cache"Karolin Seeger2011-01-153-19/+2
| | | | This reverts commit 2c2ce9caead5a13edb582313b7d36c7eb12a09fb.
* Revert "s3-printing: reload shares after pcap cache fill"Karolin Seeger2011-01-156-50/+26
| | | | | | This reverts commit 9bc0cd243ac66126d42905dd8710d078094e0cd7. This commit seems to break 'make test'.
* s3-rpcclient: Fix bug #7880: cmd_spoolss_deletedriver() returned without ↵Björn Baumbach2011-01-151-1/+5
| | | | | | | | | | | | | checking all architectures. Continues now with next architecture if no driver is available. Because of the broken behavior of the rpccli_*() functions, we need special error code handling. Signed-off-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit f5af66e67d7c6d62315671c0cf57f47973316226) (cherry picked from commit dc63f45b523deb5c3d0c4be4239507e5fc4f6a40)
* s3-printing: update parent smbd pcap cacheDavid Disseldorp2011-01-153-2/+19
| | | | | | | | | | | | | | | | | If a client connects to a samba share and while connected a printer is added, the client will see the new printer share after a maximum of 'printcap cache time' seconds. smbd's forked for new client connections inherit printcap information from the parent (listener) smbd, which does not perform updates on printcap cache time expiry. Therefore newly connected clients may initially be presented with stale printer shares. Add a housekeeping function to the parent smbd to ensure newly connected clients see up to date printer shares. The last 2 patches address bug #7836 (A newly added printer isn't visbile to clients).
* s3-printing: reload shares after pcap cache fillDavid Disseldorp2011-01-156-26/+50
| | | | | | | | | | | | | | | | Since commit eada8f8a, updates to the cups pcap cache are performed asynchronously - cups_cache_reload() forks a child process to request cups printer information and notify the parent smbd on completion. Currently printer shares are reloaded immediately following the call to cups_cache_reload(), this occurs prior to smbd receiving new cups pcap information from the child process. Such behaviour can result in stale print shares as outlined in bug 7836. This fix ensures print shares are only reloaded after new pcap data has been received. Pair-Programmed-With: Lars Müller <lars@samba.org>
* s3-dns Don't use DELEG_FLAG in DNS update, Windows 2008R2 does not like it ↵Andrew Bartlett2011-01-151-1/+1
| | | | | | | | (cherry picked from commit 280caa6b3bb1199939f9349ea5a436a491c81791) The last 2 patches address bug #7356 (net ads dns register fails in 2008 R2 domain). (cherry picked from commit 6857b749229cc72c604ab5646a4bae5f09b72e11)
* s3-dns Don't use SEQUENCE_FLAG in DNS update, Windows 2008R2 does not like itAndrew Bartlett2011-01-151-1/+1
| | | | | | Andrew Bartlett (cherry picked from commit 0f1cc889a26477e9a98629f120fe5890b2e106fa) (cherry picked from commit 2b463484cc7bb80cdfb6727ab9e5a873faff5ec8)
* WHATSNEW: Start to add changes since 3.4.9.Karolin Seeger2011-01-131-0/+36
| | | | Karolin
* WHATSNEW: Start release notes for Samba 3.4.10.Karolin Seeger2011-01-111-2/+44
| | | | Karolin
* VERSION: Bump version number.Karolin Seeger2011-01-111-1/+1
| | | | Karolin
* s3-nmbd: Fix bug #7875Björn Baumbach2011-01-111-2/+2
| | | | | nmbd --port didn't work (cherry picked from commit 79280c99f67c3a3bfb1873b373ec181fa402f18c)
* s3:lib/netapi: don't set SAMR_FIELD_FULL_NAME if we just want to set the ↵Stefan Metzmacher2011-01-081-3/+0
| | | | | | | | | | | account name (bug #7896) metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Thu Dec 30 18:09:13 CET 2010 on sn-devel-104 (cherry picked from commit f1d15ea54c313e71fc032b2ed191bdecad868858) (cherry picked from commit c6a0971b3790253a906b370562237479d273bb94)
* s3: Fix bug 7066 -- wbcAuthenticateEx gives unix timesVolker Lendecke2010-12-311-3/+3
| | | | | | We might eventually want to change this, but right now we get unix times out of the winbind pipe struct (cherry picked from commit 993923880e213136de89b5b8d59f6f32a51b94b7)
* ѕ3/configue: set Tru64 cc's PIC switch right (none)Björn Jacke2010-12-311-1/+3
| | | | | | | | | -fPIC made shared library builds fail there Fixes #7821 (cherry picked from commit dbcf73c45782c310cb7ff1f2177d410399e2f06d) (cherry picked from commit 83eb2e9aef40e5e838d2654298e281ad3ec98af3)
* Fix bug #7892 - open_file_fchmod() leaves a stale lock.Jeremy Allison2010-12-314-47/+11
|
* s3: Use smbsock_any_connect in winbindVolker Lendecke2010-12-261-45/+13
| | | | The last 8 patches address bug #7881 (winbind flaky against w2k8).
* s3: Retry *SMBSERVER in nb_connectVolker Lendecke2010-12-261-2/+47
|
* s3: Add smbsock_any_connectVolker Lendecke2010-12-262-1/+232
|
* s3: Add an async smbsock_connectVolker Lendecke2010-12-263-0/+320
| | | | | | This connects to 445 and after 5 milliseconds also to 139. It treats a netbios session setup failure as equivalent as a TCP connect failure. So if 139 is faster but fails the nb session setup, the 445 still has the chance to succeed.
* v3-4-test: Pull in tevent_req_poll_ntstatus from masterVolker Lendecke2010-12-262-0/+14
|
* s3: Add async cli_session_requestVolker Lendecke2010-12-262-0/+132
| | | | This does not do the redirects, but I think that might be obsolete anyway
* v3-4-test: Pull in read_smb_send from masterVolker Lendecke2010-12-261-0/+87
|
* s3: Add some const to name_mangle()Volker Lendecke2010-12-262-2/+2
|
* s3: Make winbind recover from a signing errorVolker Lendecke2010-11-241-0/+2
| | | | | | | | | | | When winbind sees a signing error on the smb connection to a DC (for whatever reason, our bug, network glitch, etc) it should recover properly. The "old" code in clientgen.c just closed the socket in this case. This is the right thing to do, this connection is spoiled anyway. The new, async code did not do this so far, which led to the code in winbindd_cm.c not detect that we need to reconnect. Fix bug #7800 (winbind does not recover from smb signing errors).
* s3: Stop using the write cache after an oplock breakVolker Lendecke2010-10-071-0/+1
| | | | | Fix bug #7715 (Setting Samba Write Cache Size Can Cause File Corruption). (cherry picked from commit 9f8292e5f765dff586bfbb261b54da4d4b27a837)
* WHATSNEW: Prepare 3.4.9 release notes.Karolin Seeger2010-09-151-4/+18
| | | | Karolin
* Fix bug #7669.Jeremy Allison2010-09-156-5/+31
| | | | | | | | | | | | | | | | | | | | | | | | | Fix bug #7669 (buffer overflow in sid_parse() in Samba3 and dom_sid_parse in Samba4). CVE-2010-3069: =========== Description =========== All current released versions of Samba are vulnerable to a buffer overrun vulnerability. The sid_parse() function (and related dom_sid_parse() function in the source4 code) do not correctly check their input lengths when reading a binary representation of a Windows SID (Security ID). This allows a malicious client to send a sid that can overflow the stack variable that is being used to store the SID in the Samba smbd server. A connection to a file share is needed to exploit this vulnerability, either authenticated or unauthenticated (guest connection). (cherry picked from commit df20a300758bc12286820e31fcf573bdfc2147bc)
* Fix bug 7636 - winbind internal error, backtrace.Jeremy Allison2010-09-061-0/+1
| | | | Jeremy.
* s3-printing: fix BUG 7280 - auto printers not loading with registry configJim McDonough2010-08-231-0/+4
|
* Fix bug 7590 - offline login fails because winbind deletes cache on every ↵Jeremy Allison2010-08-161-1/+1
| | | | | | | | | | | | startup. Sync lib/tdb_validate.c with the change in current master. Change tdb_validate_open() to always use O_RDWR instead of O_RDONLY, as (from the bug report): "db_check() will always return failure for a read-only database. Silently, without any log output, when _tdb_lockall() fails." Jeremy. (cherry picked from commit 39cb903463d8a3fcabd9e148112bf5cf81744130)
* rerun: make samba3-idlStefan Metzmacher2010-08-163-7/+34
| | | | metze
* pidl: Samba3/ClientNDR - Correctly copy arrays, if r.out.size < r.in.size.Stefan Metzmacher2010-08-161-6/+32
| | | | | | | | | metze Signed-off-by: Andreas Schneider <asn@samba.org> (similar to commit 33d1879d5b50e2d98c1bb13b835e7cfb178e3336) (similar to commit d1e92cd2944983ecabd0511ff7c8221c1033a3a8) Fixes bug #7607.
* Fix bug #7617 - smbd coredump due to uninitialized variables in the ↵Jeremy Allison2010-08-161-2/+2
| | | | | | | | | | | | | | | | | | | | performance counter code. In the file rpc_server.c, function _winreg_QueryValue() uint8_t *outbuf Should be : uint8_t *outbuf = NULL; As it is later freed by if (free_buf) SAFE_FREE(outbuf); in some cases, this frees the unintialized outbuf, which causes a coredump. (cherry picked from commit 84fd910c347ddfad6f01edbe7f6e25546c8382ee) (cherry picked from commit 80e65236158d6f1690bf9f153c0eb12d81d56b8a)
* s3-winbind: Fix Bug #7568: Make sure cm_connect_lsa_tcp does not reset the ↵Günther Deschner2010-08-111-7/+13
| | | | | | | | | | | | | | | | | | | | secure channel. This is an important fix as the following could and is happening: * winbind authenticates a user via schannel secured netlogon samlogonex call, current secure channel cred state is stored in winbind state, winbind sucessfully decrypts session key from the info3 * winbind sets up a new schannel ncacn_ip_tcp lsa pipe (and thereby resets the secure channel on the dc) * subsequent samlogonex calls use the new secure channel creds on the dc to encrypt info3 session key, while winbind tries to use old schannel creds for decryption Guenther (cherry picked from commit be396411a4e1f3a174f8a44b6c062d834135e70a)
* s3-libsmb: Fix bug #7577.Jeremy Allison2010-07-271-2/+42
| | | | | SPNEGO auth fails when contacting Win7 system using Microsoft Live Sign-in Assistant.
View Lorry Controller Status