| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|
|
|
|
|
| |
This reverts commit ad450870eacb114b3f15941a4478ba25701e035a.
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
|
|
|
|
| |
This reverts commit 36ea03bbe28122ce03de4969e254dd276cfe5a79.
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
|
|
| |
Karolin
|
|
|
|
| |
Karolin
|
|
|
|
| |
Karolin
|
|
|
|
| |
(cherry picked from commit 2167ac2cd42c9ed5aaae0086dbd27e29d1d77686)
|
|
|
|
| |
Karolin
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Make sure we use a timeout of 60 seconds, not 60 milliseconds...
This prevented us from successfully using the ncacn_ip_tcp client in a lot of
places, I guess.
Guenther
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Wed Apr 13 18:59:19 CEST 2011 on sn-devel-104
(cherry picked from commit 4b3fe5247a6e16b1ad9f05269e9aa00e3120e36a)
Fix bug #8085 - incorrect timeout handling in ncacn_ip_tcp client code.
(cherry picked from commit d7d39c723e1855a3d18813e8a79fcca9770b0142)
|
|
|
|
| |
Fix bug #8086 - null pointer reference crashes winbind.
|
|
|
|
|
| |
Karolin
(cherry picked from commit c32b64f22e0ed14d686cb88554e618f2d63acebe)
|
|
|
|
|
| |
Karolin
(cherry picked from commit 7afb216d1d25c1269dcf63f845bebde9a989caa2)
|
|
|
|
|
| |
Karolin
(cherry picked from commit 2aa648e4e9c530a4c9e8d1389fa16e775ac91e54)
|
|
|
|
|
| |
Karolin
(cherry picked from commit 8da98df066bcfc8a47a83615788a55206075ad2b)
|
|
|
|
|
| |
Karolin
(cherry picked from commit da478595190a4a6634b6fc1654fcac58c73e66de)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CVE-2011-0719
Fix bug #7949 (DoS in Winbind and smbd with many file descriptors open).
All current released versions of Samba are vulnerable to
a denial of service caused by memory corruption. Range
checks on file descriptors being used in the FD_SET macro
were not present allowing stack corruption. This can cause
the Samba code to crash or to loop attempting to select
on a bad file descriptor set.
A connection to a file share, or a local account is needed
to exploit this problem, either authenticated or unauthenticated
(guest connection).
Currently we do not believe this flaw is exploitable
beyond a crash or causing the code to loop, but on the
advice of our security reviewers we are releasing fixes
in case an exploit is discovered at a later date.
(cherry picked from commit 43babef991feedbe2acb77d27254d302ab107fa8)
|
|
|
|
| |
Karolin
|
|
|
|
| |
Karolin
|
|
|
|
|
|
|
|
| |
When the TCP RST came before the 5 msecs timeout kicked in, we
viewed this as final, as state->req_139 was not set yet.
Fix bug introduced by a fix for bug #7881 (winbind flaky against w2k8).
(cherry picked from commit f2a19b87725f9318e983dff6358a3eee721bff08)
|
|
|
|
| |
Karolin
|
|
|
|
| |
Karolin
|
|
|
|
| |
Karolin
|
|
|
|
| |
Karolin
|
|
|
|
| |
This reverts commit 2c2ce9caead5a13edb582313b7d36c7eb12a09fb.
|
|
|
|
|
|
| |
This reverts commit 9bc0cd243ac66126d42905dd8710d078094e0cd7.
This commit seems to break 'make test'.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
checking all architectures.
Continues now with next architecture if no driver is available.
Because of the broken behavior of the rpccli_*() functions,
we need special error code handling.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit f5af66e67d7c6d62315671c0cf57f47973316226)
(cherry picked from commit dc63f45b523deb5c3d0c4be4239507e5fc4f6a40)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If a client connects to a samba share and while connected a printer is
added, the client will see the new printer share after a maximum of
'printcap cache time' seconds.
smbd's forked for new client connections inherit printcap information
from the parent (listener) smbd, which does not perform updates on
printcap cache time expiry. Therefore newly connected clients may
initially be presented with stale printer shares.
Add a housekeeping function to the parent smbd to ensure newly connected
clients see up to date printer shares.
The last 2 patches address bug #7836 (A newly added printer isn't visbile to
clients).
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since commit eada8f8a, updates to the cups pcap cache are performed
asynchronously - cups_cache_reload() forks a child process to request
cups printer information and notify the parent smbd on completion.
Currently printer shares are reloaded immediately following the call to
cups_cache_reload(), this occurs prior to smbd receiving new cups pcap
information from the child process. Such behaviour can result in stale
print shares as outlined in bug 7836.
This fix ensures print shares are only reloaded after new pcap data has
been received.
Pair-Programmed-With: Lars Müller <lars@samba.org>
|
|
|
|
|
|
|
|
| |
(cherry picked from commit 280caa6b3bb1199939f9349ea5a436a491c81791)
The last 2 patches address bug #7356 (net ads dns register fails in 2008 R2
domain).
(cherry picked from commit 6857b749229cc72c604ab5646a4bae5f09b72e11)
|
|
|
|
|
|
| |
Andrew Bartlett
(cherry picked from commit 0f1cc889a26477e9a98629f120fe5890b2e106fa)
(cherry picked from commit 2b463484cc7bb80cdfb6727ab9e5a873faff5ec8)
|
|
|
|
| |
Karolin
|
|
|
|
| |
Karolin
|
|
|
|
| |
Karolin
|
|
|
|
|
| |
nmbd --port didn't work
(cherry picked from commit 79280c99f67c3a3bfb1873b373ec181fa402f18c)
|
|
|
|
|
|
|
|
|
|
|
| |
account name (bug #7896)
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Thu Dec 30 18:09:13 CET 2010 on sn-devel-104
(cherry picked from commit f1d15ea54c313e71fc032b2ed191bdecad868858)
(cherry picked from commit c6a0971b3790253a906b370562237479d273bb94)
|
|
|
|
|
|
| |
We might eventually want to change this, but right now we get unix times
out of the winbind pipe struct
(cherry picked from commit 993923880e213136de89b5b8d59f6f32a51b94b7)
|
|
|
|
|
|
|
|
|
| |
-fPIC made shared library builds fail there
Fixes #7821
(cherry picked from commit dbcf73c45782c310cb7ff1f2177d410399e2f06d)
(cherry picked from commit 83eb2e9aef40e5e838d2654298e281ad3ec98af3)
|
| |
|
|
|
|
| |
The last 8 patches address bug #7881 (winbind flaky against w2k8).
|
| |
|
| |
|
|
|
|
|
|
| |
This connects to 445 and after 5 milliseconds also to 139. It treats a netbios
session setup failure as equivalent as a TCP connect failure. So if 139 is
faster but fails the nb session setup, the 445 still has the chance to succeed.
|
| |
|
|
|
|
| |
This does not do the redirects, but I think that might be obsolete anyway
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
When winbind sees a signing error on the smb connection to a DC (for whatever
reason, our bug, network glitch, etc) it should recover properly. The "old"
code in clientgen.c just closed the socket in this case. This is the right
thing to do, this connection is spoiled anyway. The new, async code did not do
this so far, which led to the code in winbindd_cm.c not detect that we need to
reconnect.
Fix bug #7800 (winbind does not recover from smb signing errors).
|
|
|
|
|
| |
Fix bug #7715 (Setting Samba Write Cache Size Can Cause File Corruption).
(cherry picked from commit 9f8292e5f765dff586bfbb261b54da4d4b27a837)
|
|
|
|
| |
Karolin
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix bug #7669 (buffer overflow in sid_parse() in Samba3 and dom_sid_parse in
Samba4).
CVE-2010-3069:
===========
Description
===========
All current released versions of Samba are vulnerable to
a buffer overrun vulnerability. The sid_parse() function
(and related dom_sid_parse() function in the source4 code)
do not correctly check their input lengths when reading a
binary representation of a Windows SID (Security ID). This
allows a malicious client to send a sid that can overflow
the stack variable that is being used to store the SID in the
Samba smbd server.
A connection to a file share is needed to exploit this
vulnerability, either authenticated or unauthenticated
(guest connection).
(cherry picked from commit df20a300758bc12286820e31fcf573bdfc2147bc)
|
|
|
|
| |
Jeremy.
|