summaryrefslogtreecommitdiff
path: root/source3
Commit message (Collapse)AuthorAgeFilesLines
* Fix for CVE-2009-2906.samba-3.4.2Jeremy Allison2009-09-302-5/+26
| | | | | | | | Summary: Specially crafted SMB requests on authenticated SMB connections can send smbd into a 100% CPU loop, causing a DoS on the Samba server.
* Fix for CVE-2009-2813.Jeremy Allison2009-09-282-2/+11
| | | | | | | | | | | | | | | =========================================================== == Subject: Misconfigured /etc/passwd file may share folders unexpectedly == == CVE ID#: CVE-2009-2813 == == Versions: All versions of Samba later than 3.0.11 == == Summary: If a user in /etc/passwd is misconfigured to have == an empty home directory then connecting to the home == share of this user will use the root of the filesystem == as the home directory. ===========================================================
* mount.cifs: don't leak passwords with verbose optionJeff Layton2009-09-281-20/+34
| | | | | | | | | | | | | | | | | | | | | | When running mount.cifs with the --verbose option, it'll print out the option string that it passes to the kernel...including the mount password if there is one. Print a placeholder string instead to help ensure that this info can't be used for nefarious purposes. Also, the --verbose option printed the option string before it was completely assembled anyway. This patch should also make sure that the complete option string is printed out. Finally, strndup passwords passed in on the command line to ensure that they aren't shown by --verbose as well. Passwords used this way can never be truly kept private from other users on the machine of course, but it's simple enough to do it this way for completeness sake. Reported-by: Ronald Volgers <r.c.volgers@student.utwente.nl> Signed-off-by: Jeff Layton <jlayton@redhat.com> Acked-by: Steve French <sfrench@us.ibm.com> Part 2/2 of a fix for CVE-2009-2948.
* mount.cifs: check access of credential files before openingJeff Layton2009-09-281-0/+11
| | | | | | | | | | | | | | | It's possible for an unprivileged user to pass a setuid mount.cifs a credential or password file to which he does not have access. This can cause mount.cifs to open the file on his behalf and possibly leak the info in the first few lines of the file. Check the access permissions of the file before opening it. Reported-by: Ronald Volgers <r.c.volgers@student.utwente.nl> Signed-off-by: Jeff Layton <jlayton@redhat.com> Acked-by: Steve French <sfrench@us.ibm.com> Part 1/2 of a fix for CVE-2009-2948.
* Raise version number up to 3.4.2.Karolin Seeger2009-09-241-1/+1
| | | | Karolin
* s3:libsmb: Correctly chew keepalive packetsVolker Lendecke2009-09-091-0/+6
| | | | | | | | | | | | Thanks a *lot* to Günther to send me the relevant traces! Volker Signed-off-by: Günther Deschner <gd@samba.org> Fixes bug #6646 (Winbind authentication issue on 3.2.13/14 and 3.4.0 (was: [Samba] Crazied NTLM_AUTH on samba 3.4.0)). (cherry picked from commit a4f9583ce364fad963cc154f0229cb57ec0043d2)
* Fix bug 6496 - libsmbclient: MS-DFS: cannot follow multibyte char link name. ↵SATOH Fumiyasu2009-09-092-15/+39
| | | | | | A server returns a byte of consumed path in UCS2, not UNIX charset. (cherry picked from commit ee70079d08acf23cf7c342f09a7db4f5fc7ca95e)
* Fix bug 6673 - smbpasswd does not work with "unix password sync = yes". ↵Jeremy Allison2009-09-095-22/+30
| | | | | | Revert change from 3.3 -> 3.4 with read_socket_with_timeout changed from sys_read() to sys_recv(). read_socket_with_timeout() is called with non-fd's (with a pty in chgpasswd.c and with a disk file in lib/dbwrap_file.c via read_data()). recv works for the disk file, but not the pty. Change the name of read_socket_with_timeout() to read_fd_with_timeout() to make this clear (and add comments). Jeremy. (cherry picked from commit 91a5b8561e2f13f77fa5648f7cc373aff1701954)
* Hopefully last part of the fix for bug 6651 - smbd SIGSEGV when breaking ↵Jeremy Allison2009-09-091-2/+2
| | | | | | oplocks. This one is subtle. There is a race condition where a signal can be queued for oplock break, and then the file can be closed by the client before the signal can be processed. Currently if this occurs we panic (we can't match an incoming signal fd with a fsp pointer). Simply log the error (at debug level 10 right now, might be too much) and then return without processing the break request. It looks like there is another race condition with this fix, but here's why it won't happen. If the signal was pending (caused by a kernel oplock break from a local file open), and the client closed the file and then re-opened another file which happened to use the same file descriptor as the file just closed, then theoretically the oplock break requests could be processed on the wrong fd. Here's why this should be very rare.. Processing a pending signal always take precedence over an incoming network request, so as long as the client close request is non-chained then the break signal should always be harmlessly processed *before* the open can be called. If the open is chained onto the close, and the fd on the new open is the same as the old closed fd, then it's possible this race will occur. However, all that will happen is that we'll lose the oplock on this file. A shame, but not a fatal event. Jeremy. (cherry picked from commit bdc7bdb0d3e02d04477906dbda8995bc5789ce22) (cherry picked from commit 95cc5af5fd6150f3c54cd344b66393dbc186c2df)
* Help debug for bug 6651 - smbd SIGSEGV when breaking oplocks. Should help ↵Jeremy Allison2009-09-091-0/+4
| | | | | | track if we get invoked with an invalid fd from the signal handler. Jeremy. (cherry picked from commit 213546103749c30dbb3ad8472872b9a8fad34205) (cherry picked from commit 6b9d518b9f1244c99fbaa2812886d02635caff14)
* Update copies of config.guess and config.sub. (cherry picked from commit ↵Jelmer Vernooij2009-09-094-80/+290
| | | | | | 6230eb94af2305f479db3b76479a0dc841c3d1d5) (cherry picked from commit c20026a9afe1527f6442e8eedf669d199d8cdb26)
* s3-winbindd: Fix Bug #6700: Use dns domain name when needing to guess server ↵Günther Deschner2009-09-091-1/+1
| | | | | | | | | | | principal. Patch from Robert LeBlanc <robert@leblancnet.us>. Thanks! Guenther (cherry picked from commit 1f6f0fc92b1bb487fb99ac1e9c96f8f09adb9fbc)
* s3-schannel: Fix Bug #6697. Interdomain trusts with Windows 2008 R2 DCs.Günther Deschner2009-09-082-2/+2
| | | | | | | | | The Schannel verifier (aka NL_AUTH_SIGNATURE) structure (32 byte) sent from a W2k8r2 DC is passed in a buffer with the size of a NL_AUTH_SHA2_SIGNATURE (56 byte). We should just ignore the remaining 12 zeroed bytes and proceed. Guenther (cherry picked from commit ebd5019ef422a85119a7ea25025ff22d5a3bd757)
* Check we read off the compelte event from inotifySimo Sorce2009-09-081-2/+8
| | | | | | | | | | The kernel may return a short read, so we must use read_data() to make sure we read off the full buffer. If somethign bad happens we also need to kill the inotify watch because the filedescriptor will return out of sync structures if we read only part of the data. Fixes bug #6693. (cherry picked from commit ada543569f498ef526ea9602eb19850e37f62fe2)
* s3: Fix crsh in net usershare listBo Yang2009-09-081-0/+1
| | | | | Signed-off-by: Bo Yang <boyang@samba.org> (cherry picked from commit 726762c3793adc4e404dc12420c450a71519bbce)
* s3: make linking of rpcclient --as-needed safeBjörn Jacke2009-09-081-2/+2
| | | | | | | Second part of a fix for bug #6105. (cherry picked from commit 5236b3699da2b5cc55d55310de76e4ab65a8bb46) (cherry picked from commit 5839491d9d9e270e807048a4a505ce42bd99ea18)
* s3: make linking of cifs.upcall --as-needed safePeter Volkov2009-09-081-1/+1
| | | | | | | | Part of a fix for bug #6105. See http://www.gentoo.org/proj/en/qa/asneeded.xml for details. (cherry picked from commit 2df4550aae1e326511fe4e7e0d2d98be3e578caf) (cherry picked from commit b9c07dd26d5177d25b4e136b790ee279aeb63887)
* s3-pdb_ldap: Fix bug #4296: Clean up group membership while deleting a user.Günther Deschner2009-09-031-0/+46
| | | | | | | Note that this only is tried with editposix=yes. Guenther (cherry picked from commit 272e389ff63d929fc6b06305e00fa042d71dbec0)
* Fix an uninitialized variableVolker Lendecke2009-09-031-0/+2
| | | | | | | Fix bug #6684. (cherry picked from commit b8cd1cff2dfad726cf6dab368dfcc31a29952889) (cherry picked from commit 050ded0624a49f2ffb53dcd88a93fd1d8c17595e)
* s3-smbpasswd: Fix Bug #6584: allow DOM\user when changing passwords remotely.Simo Sorce2009-09-031-3/+16
| | | | | Signed-off-by: Günther Deschner <gd@samba.org> (cherry picked from commit 8cb103372be4eb3232e5e13b67f63562e5506c7e)
* make smbcontrol smbd ping work proper checking for arguments handle short ↵Olaf Flebbe2009-09-012-14/+21
| | | | | | | | | pid_t correctly Fixes bug #6655. (cherry picked from commit 5359e397ff190c35414f6961be61a5110e237dd5) (cherry picked from commit 86c1dbb473323ef9480cb57584be9e02363e80af)
* Fix bug 5886Volker Lendecke2009-09-011-8/+26
| | | | | | | | | | Ok, that's a very long-standing one. I finally got around to install a recent OpenLDAP and test the different variants of setting a NULL password etc. Thanks all for your patience! Volker (cherry picked from commit 6fb3222504a0d2b42cd9292f9e11b2ff246d5c19)
* s3:netlogon: replace cred_hash3 by des_crypt112_16Stefan Metzmacher2009-09-012-5/+4
| | | | | | | | This makes sure we don't truncate the session key to 8 bytes Fixes bug #6664 metze (cherry picked from commit 2467671ba55c5ac834a8aa7ae8ad736958baab1d)
* s3: fix bug #6650, authentication at member servers when winbindd is not runningMichael Adam2009-08-241-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Authentication of domain users on the member server fails when winbindd is not running. This is because the is_trusted_domain() check behaves differently when winbindd is running and when it isn't: Since wb_is_trusted_domain() calls wbcDomainInfo(), and this will also give a result for our own domain, this succeeds for the member server's own domain when winbindd is running. When winbindd is not running, is_trusted_domain() checks (and possibly updates) the trustdom cache, and this does the lsa_EnumTrustDom() rpc call to the DC which does not return its own domain. In case of winbindd not running, before 3.4, the domain part was _silently_ mapped to the workgroup in auth_util.c:make_user_info_map(), which effectively did nothing in the member case. But then the parameter "map untrusted to domain" was introduced and the mapping was made to the workstation name instead of the workgroup name by default unless "map untrusted to domain = yes". (Commits d8c54fddda2dba3cbc5fc13e93431b152813892e, 5cd4b7b7c03df6e896186d985b6858a06aa40b3f, and fbca26923915a70031f561b198cfe2cc0d9c3aa6) This was ok as long as winbindd was running, but with winbindd not running, these changes actually uncovered the above logic bug in the check. So the correct check is to treat the workgroup as trusted / or known in the member case. This is most easily achieved by not comparing the domain name against get_global_sam_name() which is the host name unless for a DC but against my_sam_name() which is the workgroup for a DC and for a member, too. (These names are not very intuitive...) I admit that this is a very long commit message for a one-liner, but this has needed some tracking down, and I think the change deserves some justification. Michael (cherry picked from commit 6afb02cb53f47e0fd7e7df3935b067e7e1f8a9de) (cherry picked from commit d4c82fcb106ba872a9987ae40e0fe2d58b7ef1bb)
* Fix Red Hat bugzilla bug : https://bugzilla.redhat.com/show_bug.cgi?id=516165Jeremy Allison2009-08-241-1/+1
| | | | | | | | | | | | | | nautilus fails to copy files from an SMB share. This is a show-stopper for 3.4.1. Although gnome-vfs is doing *incredibly* stupid things by asking for a read size of 65535 - this translates on the wire to a 65534 byte read followed by a 1 byte read. Please send this back to the gnome developers that they will ge horrid on the wire performance for this. Jeremy. Fixes bug #6649. Fixed in master with commit 33d27797d3ae9ab3ff7e1aa940941cc450f5ad1d. (cherry picked from commit ef891070288cd13aff7c730de7c1baf54dddb90f)
* Fix bug 6638 - ADS Domain Member: Computer Mgr can not set share ACLs Add ↵Jeremy Allison2009-08-241-3/+19
| | | | | | good error message for share modification denial. Jeremy. (cherry picked from commit ed122f5e9d1e1287eb13efc99e4129492d34abbc)
* Fix unqualified "net join"Volker Lendecke2009-08-241-4/+1
| | | | | | | | | | | | Kai, please check! Fixes bug #6585. Thanks, Volker (cherry picked from commit d8543da9dad3286cd330b98374405edb9f976e77) (cherry picked from commit bf7d1758a77a462d9b30cc2549a960736884ee32)
* s3:configure: fix the build with external tallocStefan Metzmacher2009-08-171-8/+13
| | | | | | | Fixes bug #6532. metze (cherry picked from commit 7def4ab2da002e9ecc1feaed2916035c214add9f)
* Revert "Fix build with external talloc."Karolin Seeger2009-08-142-31/+2
| | | | | | | | This reverts commit bdec2d3bf3c69e0b0d8ff9aea4d234d0c2936743. (17ce6f9984b7d84534eecde007ae904e13bbfdfa) in v3-4-test With this patch, talloc.h is not found any longer. (cherry picked from commit b843551389e4f9dbbe984a4a9c376ebc11525267)
* VERSION: Raise version number up to 3.4.1.Karolin Seeger2009-08-131-1/+1
| | | | | Karolin (cherry picked from commit b1dd075c6819a3fb0f00bdb93104c307505ec8ba)
* Correctly implement SMB_INFO_STANDARD setfileinfo.Jeremy Allison2009-08-131-3/+3
| | | | | | | Fixes bug #6593. Jeremy. (cherry picked from commit c704e22806198a620d7e058c8d69c144ce096837)
* s3: Fix a bug in renames of directoriesTim Prouty2009-08-131-6/+18
| | | | | | | | | | | | Recently code was added to match windows semantics of denying the rename of a directory if there are open files underneath it. This does partly match windows semantics, but it turns out the rename should be allowed if the open file handle is for the directory being renamed, or for a stream on the directory being renamed. This patch refines the check to better follow these rename semantics. Addresses bug #6620. (cherry picked from commit 06ab965b72ba477505d297ab72156136ab981e93)
* s3:winbindd: raise the timeout for lsa_Lookup*() calls from 10 to 35 seconds.Stefan Metzmacher2009-08-132-1/+57
| | | | | | | | metze (cherry picked from commit 1e1445bc7672b17a1d689fa0f0732b05b6e04da5) Fixes bug #6627. (cherry picked from commit 536946c706b66d432d60c990f28ff0ed5861fa44)
* s3: Unable to browse DFS when using kerberos in libsmbclientBo Yang2009-08-131-8/+14
| | | | | | | Signed-off-by: Bo Yang <boyang@samba.org> Fixes bug #6615. (cherry picked from commit 13911afe5b167ae9d100c40d32e9286d902652a1)
* The solaris linker seems to require an extra mention of dependent libsVolker Lendecke2009-08-131-3/+8
| | | | | (cherry picked from commit 04e4d03868ea67f323bf008eb7b9af740a0467ac) (cherry picked from commit e4a26c94271409d58138391d523305d641105a05)
* s3/smbldap: Fix typo in debug message.Karolin Seeger2009-08-131-1/+1
| | | | | | Karolin (cherry picked from commit 54dffbea663ecf4542d6c5e30da6e346d5d60424) (cherry picked from commit bddd55fa8a20a7a2d6d521ec951d13f548950b26)
* Fix a valgrind error in chain_replyVolker Lendecke2009-08-132-3/+12
| | | | | | | | construct_reply() references the request after chain_reply has freed it. (cherry picked from commit 5135ebd6f099518f0a0b5796e8057210be824740) Addresses bug #6611. (cherry picked from commit 5c6aa5ce9fb0cc5d63d04b0777d296c82e61c0a5)
* s3-spoolss: fix crash bug in spoolss_addprinterex_level_2.Günther Deschner2009-08-131-1/+1
| | | | | | | | Fixes bug #6607. Guenther (cherry picked from commit 75030ff2b16a3ddb79367d970590da2375f7e3dc) (cherry picked from commit e7e1a6b3237550ef90db6a52a023885f616f722b)
* s3:net: Fix Bug #6222. Default to DRSUAPI replication for net rpc vampire keytabStefan Metzmacher2009-08-131-4/+7
| | | | | | | | metze Signed-off-by: Günther Deschner <gd@samba.org> (cherry picked from commit 8646b9521d267284a335aafba3df6039c41b8370) (cherry picked from commit 1a8294f1dc7953bd7f45e9b65fe6b5ec005634d0)
* s3-spoolss: Fix Bug #6568: _spoolss_GetPrintProcessorDirectory() implementation.Günther Deschner2009-08-131-1/+5
| | | | | | | | | We should always return a local path so that users are not forced to setup a [prnproc$] share on the server. This restores pre-3.4.0 spoolss behaviour. Guenther (cherry picked from commit 74454cc731f202361f1dce47fa850810bfeb36c8) (cherry picked from commit ffb6b4e6f7e47e8f22519d616e4e31444e417d16)
* Increase the max_grp value to 128 (AIX NGROUPS_MAX value) instead of 32 to ↵Yannick Bergeron2009-08-131-1/+1
| | | | | | | allow AIX to call sys_getgrouplist only once (cherry picked from commit c3e12444f57e24dcd6c9259537ed0489db4658e9) (cherry picked from commit 2666b3e27444ffcad3afc21e276f189ac238433f)
* s3: check in .po files for pam_winbind.Bo Yang2009-08-1318-0/+2850
| | | | | Signed-off-by: Bo Yang <boyang@samba.org> (cherry picked from commit 1c8a2e268a5d3968367f6984f23bb954fcb10edc)
* s3/cldap: Improve debug messages.Jeremy Allison2009-08-131-4/+11
| | | | | This patch was made to debug bug #6437. (cherry picked from commit 47baa5de907c0162dec079c3636e7728f93c8b2f)
* Fix bug #6506 - SMBD server doesn't set EAs when a file is overwritten in ↵Jeremy Allison2009-08-131-1/+2
| | | | | | | | | NT_TRANSACT_CREATE. Reported and verified by Long Li <longli@microsoft.com> Jeremy. (cherry picked from commit 9c48f5bf2dcc12e6eb6170ab3a2af5ca119cf008) (cherry picked from commit 92bb659e4340f22f855400e02e2a67474d2a048b)
* s3: To correctly handle upnBo Yang2009-08-132-1/+7
| | | | | | | | | | lookupname failed, cannot find domain when attempt to change password. This addresses bug #6560. Signed-off-by: Bo Yang <boyang@samba.org> (cherry picked from commit 9acc670541031414d0cb5df39d18866c4c96b37c)
* Fix bug #6564 - SetPrinter fails (panics) as non root. Missing ↵Jeremy Allison2009-08-132-0/+5
| | | | | | become_root()/unbecome_root() around reload_services. Jeremy. (cherry picked from commit d53cb77ab21cc6edc2f1767bb56a75901c4c1709)
* Fix bug #6551 - win98 clients cannot connect after server upgrade to ↵Jeremy Allison2009-08-132-0/+3
| | | | | | samba-3.4.0. The values of vuid and tid were not being correctly updated in the struct smb_request when passed to chain_reply inside sessionsetupX and tconX. Jeremy. (cherry picked from commit e7c5f7c924ae40ce3f36d352d55a92a906d92181)
* s3:smbd: cancel all locks that are made before the first failureStefan Metzmacher2009-08-131-6/+6
| | | | | | | | We never reached the cleanup code and directly returned the error. This addresses bug #6538 (Fail to back out lockingX calls on error). metze (cherry picked from commit 94303584b942135355f99d138f8dc375d8dfacfb)
* Fix build with external talloc.Jelmer Vernooij2009-08-132-2/+31
| | | | (cherry picked from commit 17ce6f9984b7d84534eecde007ae904e13bbfdfa)
* s3/util_sock: Make open_udp_socket() IPv6 clean.Jeremy Allison2009-08-131-10/+25
| | | | | This addresses bug #6437. (cherry picked from commit 27ddbcab378892dee0b69e8ba0ef03674e6e7075)
View Lorry Controller Status