[SCM] Samba Shared Repository - branch v3-3-stable updated -
release-3-3-0pre1-123-g6250672
Karolin Seeger
kseeger at samba.org
Mon Sep 8 12:16:47 GMT 2008
The branch, v3-3-stable has been updated
via 6250672a4ced773c921a9696352173f59a8fd1e6 (commit)
via f692ca29e7aed788fc78f1f00abad5afcc2de7b8 (commit)
via aabd9385beae2650c507d06cc3c24a0415e26fd2 (commit)
via 6d8616a4351ec3d0ebd71b3d7c97f818e688993d (commit)
via 264116d614a7c4fc03fd63c2b9b2ba1559b2cb41 (commit)
via 6a02c88b90994736fa22754f9c14dd4ff61fc46c (commit)
via deeceef67a3c7dcd376d439e4652ae4d3f813217 (commit)
via d15d5d86384122f20e9a0e045d0052be83676abb (commit)
via 8e31d36cda61a40b61ed27919e1ea8e0e1e0e7f1 (commit)
via 1240e055dbc8cfe5d1ab9505c9950facbed8d797 (commit)
via fdd4abfb65ce7aeffa949a23b13e95497e79522d (commit)
via 52ff2f58811622263d6acc52a1d86887244ff15b (commit)
via 791e93006da8ee9088d172855338b4200df313c3 (commit)
via 78b2e1b3e334192ee9f6002e458f3884a0d6578f (commit)
via 2075e99b29b0b035f3699c92ae942b0c40fb7e2a (commit)
via 0365508e1d4c9942f1653b214e717c74a4b9f356 (commit)
via bc7c1351f68e522884b25c965dc61de27486fa27 (commit)
via ff23a124923669f3b8572d7ae1eb44db3a76d608 (commit)
via f7ed9a12e6d54bed41606cc6f011f59befc92c98 (commit)
via 05528e203056263a78a7cdac6a731e871857490f (commit)
via 8cffc5b6677dacede24ce08d495be93d7bf52151 (commit)
via 760fded972bc18cdaf846e8e372be7547a7201bd (commit)
via 85dc4e7f4da77c329051c3de4ab0a23b321181e5 (commit)
via 0b7e88066a765a975c69079d4c62b1545fb9e2aa (commit)
via 376b3e6f9ef82845b6a1b28226e2cc2af96ef52f (commit)
from bdb0a5d5fdbc331e11391f7b6e0aae963cebd3fc (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-stable
- Log -----------------------------------------------------------------
commit 6250672a4ced773c921a9696352173f59a8fd1e6
Author: Jeremy Allison <jra at samba.org>
Date: Fri Sep 5 15:33:40 2008 -0700
Remove unecessary msync.
Jeremy.
(cherry picked from commit 24ea36f2c772468d4906145520b48f4857d4eeb7)
commit f692ca29e7aed788fc78f1f00abad5afcc2de7b8
Author: Qiao Yang <geoyang at ironport.com>
Date: Fri Sep 5 14:08:09 2008 +0200
Fix a memleak
request.extra_data is not freed if there is no extra_data in response or
when there is some error happens in processing. This patch will free the
buffer right after processing a request before sending back a response.
(cherry picked from commit be6f12273f171a3eb1967d2299064e57d737f6a4)
(cherry picked from commit c1fcc41bd96652b175b41421a5f6a9396c75e67f)
commit aabd9385beae2650c507d06cc3c24a0415e26fd2
Author: Volker Lendecke <vl at sernet.de>
Date: Fri Sep 5 11:48:36 2008 +0200
Do proper error handling if the socket is closed
This is a step in fixing bug 5707.
Thanks to Igor Galić <i.galic at brainsware.org> for reporting!
Volker
(cherry picked from commit 1558a5c1977b1f87600ec487238fa8db009f41fd)
(cherry picked from commit 6a561d311496569dd5db0c6d6461ce9c4896f142)
commit 6d8616a4351ec3d0ebd71b3d7c97f818e688993d
Author: Michael Adam <obnox at samba.org>
Date: Fri Sep 5 11:39:38 2008 +0200
configure: fix typo in GNU ld version-script test.
Michael
(cherry picked from commit 0d9f3dfc4c139938ee57b6cf60c29cf4ce404be7)
(cherry picked from commit a943b154c6f86b22e77e56640d6dbe9a040f15e8)
commit 264116d614a7c4fc03fd63c2b9b2ba1559b2cb41
Author: James Ding <ding_cc at hotmail.com>
Date: Thu Sep 4 15:15:56 2008 -0700
Fix winbindd crash bug with trusted domains. Bug #5736
(cherry picked from commit ea4d67cc7ba4eb05f0761208d70849a42bf25864)
commit 6a02c88b90994736fa22754f9c14dd4ff61fc46c
Author: Herb Lewis <herb at samba.org>
Date: Thu Sep 4 14:35:27 2008 -0700
get rid of unneeded argument in get_methods and get_alloc_methods
(cherry picked from commit 89347b57d57e287e0762e97f7870323279802c92)
commit deeceef67a3c7dcd376d439e4652ae4d3f813217
Author: Steven Danneman <steven.danneman at isilon.com>
Date: Wed Sep 3 15:31:39 2008 -0700
Cleanup of DC enumeration in get_dcs()
This is a fix for a few small inefficiencies/bugs in the get_dcs() path.
* because the third add_one_dc_unique() loop was outside the ADS check all DCs
returned from the non-sitename lookup were being tacked onto the dc_name_ip
list twice.
* add_one_dc_unique() now checks if the given IP address already exists before
adding it to the list, making the returned list actually unique
* added more thorough doxygen comment headers
(cherry picked from commit 10996c444fcb7e2418c3e8f396cc631f6b325786)
commit d15d5d86384122f20e9a0e045d0052be83676abb
Author: Günther Deschner <gd at samba.org>
Date: Thu Sep 4 15:11:22 2008 +0200
kerberos: fix indent of enc type lines in generated krb5.conf files.
Guenther
(cherry picked from commit 18a26f08b6fab4119a1421a7ca59c32dde8bb8cb)
(cherry picked from commit b737b0869066eafe5af4518692ec0a1522387031)
commit 8e31d36cda61a40b61ed27919e1ea8e0e1e0e7f1
Author: Jeremy Allison <jra at samba.org>
Date: Wed Sep 3 13:05:45 2008 -0700
Fix bug #5729. Explicitly allow "-valid".
Jeremy
(cherry picked from commit 5349a1d373fb186cff1031077199070db2b6db90)
commit 1240e055dbc8cfe5d1ab9505c9950facbed8d797
Author: Simo Sorce <idra at samba.org>
Date: Wed Sep 3 10:44:09 2008 -0400
The msync manpage reports that msync *must* be called before munmap. Failure to do so may result in lost data. Fix an ifdef check, I really think we meant to check HAVE_MMAP here.
(cherry picked from commit de8f483254ec59c7cf678d8c03e07c0c241f6d7b)
commit fdd4abfb65ce7aeffa949a23b13e95497e79522d
Author: Simo Sorce <idra at samba.org>
Date: Sat Jul 12 22:44:15 2008 -0400
samu_set_unix() does not use the rid allocator, but forces to use the
algoritmic allocator unconditionally, this is wrong an inconsistent.
Use samu_alloc_rid_unix() instead.
(If we create a new user we should do it in a way consistent with all
other commands like pdbedit -a and net rpc user add.)
(cherry picked from commit e1d4db8f55b25c7e9c408cb334fb89ccfd4c6565)
commit 52ff2f58811622263d6acc52a1d86887244ff15b
Author: Jeremy Allison <jra at samba.org>
Date: Tue Aug 26 18:04:54 2008 -0700
Fix bug spotted by Simo - don't use legacy if expired entry.
Jeremy.
(cherry picked from commit d25c0bcfa85e2c5bf20334fd715cc52526f9c8bf)
commit 791e93006da8ee9088d172855338b4200df313c3
Author: Jeremy Allison <jra at samba.org>
Date: Tue Aug 26 16:13:49 2008 -0700
Don't ask winbindd if we got a -ve cache entry.
Jeremy.
(cherry picked from commit dc623f3923f3fd6561a629d52ad85e54e04a7af1)
commit 78b2e1b3e334192ee9f6002e458f3884a0d6578f
Author: Jeremy Allison <jra at samba.org>
Date: Tue Aug 26 15:51:05 2008 -0700
Fix the build :-(. Ask winbindd if we find a negative cache entry (or should
we just call the legacy function ?).
Jeremy.
(cherry picked from commit 8a66edd823d3daa49f2d1f429e9139449174d421)
commit 2075e99b29b0b035f3699c92ae942b0c40fb7e2a
Author: Jeremy Allison <jra at samba.org>
Date: Tue Aug 26 14:51:37 2008 -0700
Get smbd to look (read-only) into the winbindd cache for uid/gid <--> sid mappings.
Jeremy.
(cherry picked from commit 95d1d5941da703d39bec43c387a5e981294eb2e3)
commit 0365508e1d4c9942f1653b214e717c74a4b9f356
Author: Volker Lendecke <vl at sernet.de>
Date: Fri Aug 15 18:24:09 2008 +0200
Increase the default positive idmap cache time to a week
(cherry picked from commit 5caabdf64ea3d8ff0ff997a565b7708986c3d9d7)
commit bc7c1351f68e522884b25c965dc61de27486fa27
Author: Volker Lendecke <vl at sernet.de>
Date: Fri Aug 15 19:08:27 2008 +0200
Move idmap_cache.c from winbindd/ to lib/
(cherry picked from commit 6b25b938824c544beed9d4a3aca0bd548587936e)
commit ff23a124923669f3b8572d7ae1eb44db3a76d608
Author: Steve French <stevef at smfhomehp.(none)>
Date: Tue Aug 26 13:01:15 2008 -0500
mount.cifs: unclear error message with "credentials"
Thanks to Christophe Curis for the suggestion
(cherry picked from commit fbb78cfaa71e152c4840c92896f181926de8d58e)
commit f7ed9a12e6d54bed41606cc6f011f59befc92c98
Author: Michael Adam <obnox at samba.org>
Date: Tue Aug 26 16:09:50 2008 +0200
run make idl after idl change "Handle arbitrary new PAC types"
Michael
(cherry picked from commit 5de253ba1308f470a47f9e5f83c6eccd17e95c26)
(cherry picked from commit 02836d45bc15d546f765f4f95c84d9b3ac5d4b57)
commit 05528e203056263a78a7cdac6a731e871857490f
Author: Andrew Tridgell <tridge at samba.org>
Date: Sun Aug 24 14:00:58 2008 +1000
Handle arbitrary new PAC types
When MS introduces a new PAC type, we should just ignore it, not
generate a parse error. New PAC info structures are supposed to be
backwards compatible with old ones
(cherry picked from commit 2971b926c835412b02c93ad1e30f1471bc0a3612)
(cherry picked from commit de628055ff81ffd2f2ee3b8a4949a69c4c512570)
commit 8cffc5b6677dacede24ce08d495be93d7bf52151
Author: Andrew Tridgell <tridge at samba.org>
Date: Tue Aug 26 14:06:42 2008 +1000
EINVAL is also a valid error return, meaning "this filesystem
cannot do sendfile for this file"
(cherry picked from commit 737f664604b28f230be63bfc2f3d516fd9eb1c63)
(cherry picked from commit 1cd01dbd7aa98c5bf60a3dac77ee07e342f7f06b)
commit 760fded972bc18cdaf846e8e372be7547a7201bd
Author: Andrew Tridgell <tridge at samba.org>
Date: Sun Aug 24 13:58:05 2008 +1000
become root for AIO operations
We need to become root for AIO read and write to allow the AIO thread
to send a completion signal to the parent process when the IO
completes
(cherry picked from commit c548e5c69f9d8bc85a654f4d29d64c735a5e780b)
(cherry picked from commit 898f1d86b048bf457468b2af8191f4e86d72e438)
commit 85dc4e7f4da77c329051c3de4ab0a23b321181e5
Author: Andrew Tridgell <tridge at samba.org>
Date: Sun Aug 24 13:56:59 2008 +1000
Avoid a race condition in glibc between AIO and setresuid().
See this test: http://samba.org/~tridge/junkcode/aio_uid.c
The problem is that setresuid() tries to be clever about threads, and
tries to change the euid of any threads that are running. If a AIO read
or write completes while this is going on then the signal from the thread
where the IO completed is lost, as it gets -1/EPERM from rt_sigqueueinfo()
The simplest fix is to try to use setreuid() instead of setresuid(),
as setreuid() doesn't try to be clever. Unfortunately this also means
we must use become_root()/unbecome_root() in the aio code.
(cherry picked from commit 56c5a6f024875bb79b0104beb36f6b0ec1e1e9f9)
(cherry picked from commit 6b1291bdd4f8145c73684a679f895d0958df4e66)
commit 0b7e88066a765a975c69079d4c62b1545fb9e2aa
Author: Andrew Tridgell <tridge at samba.org>
Date: Sun Aug 24 13:53:19 2008 +1000
fixed an errno handling bug that could lead to an infinite loop
(cherry picked from commit 5ccdc58ce91ee40ca7171dd040191291aeb7fe02)
(cherry picked from commit 2cd7bedcb7d5d9c218dae2cc08b1131d844b738b)
commit 376b3e6f9ef82845b6a1b28226e2cc2af96ef52f
Author: Andrew Tridgell <tridge at samba.org>
Date: Sat Aug 23 11:36:27 2008 +1000
fixed tsmsm_sendfile(). The logic was totally broken.
(cherry picked from commit 794e48b809036871287df8416a2c669b7e26f216)
(cherry picked from commit 44fcdd73b059b83f0dca86237881d76c95649714)
-----------------------------------------------------------------------
Summary of changes:
docs-xml/smbdotconf/winbind/idmapcachetime.xml | 2 +-
source/Makefile.in | 4 +-
source/client/mount.cifs.c | 5 +-
source/configure.in | 26 +++--
source/{winbindd => lib}/idmap_cache.c | 1 -
source/lib/tdb/common/io.c | 4 +-
source/lib/tdb/common/transaction.c | 2 +-
source/lib/util_sock.c | 21 +++-
source/libads/kerberos.c | 6 +-
source/librpc/gen_ndr/krb5pac.h | 2 +-
source/librpc/gen_ndr/ndr_krb5pac.c | 20 +---
source/librpc/idl/krb5pac.idl | 2 +-
source/libsmb/async_smb.c | 10 ++-
source/libsmb/conncache.c | 2 +-
source/modules/vfs_tsmsm.c | 15 ++-
source/param/loadparm.c | 4 +-
source/passdb/lookup_sid.c | 130 ++++++++++++++++++------
source/passdb/passdb.c | 2 +-
source/smbd/aio.c | 8 ++-
source/smbd/reply.c | 5 +-
source/winbindd/idmap.c | 23 ++---
source/winbindd/winbindd.c | 3 +-
source/winbindd/winbindd_ads.c | 2 +
source/winbindd/winbindd_cm.c | 98 ++++++++++++++-----
24 files changed, 265 insertions(+), 132 deletions(-)
rename source/{winbindd => lib}/idmap_cache.c (99%)
Changeset truncated at 500 lines:
diff --git a/docs-xml/smbdotconf/winbind/idmapcachetime.xml b/docs-xml/smbdotconf/winbind/idmapcachetime.xml
index 1636cdf..ba52610 100644
--- a/docs-xml/smbdotconf/winbind/idmapcachetime.xml
+++ b/docs-xml/smbdotconf/winbind/idmapcachetime.xml
@@ -9,5 +9,5 @@
</para>
</description>
-<value type="default">900</value>
+<value type="default">604800 (one week)</value>
</samba:parameter>
diff --git a/source/Makefile.in b/source/Makefile.in
index ab4fbb6..5793b5e 100644
--- a/source/Makefile.in
+++ b/source/Makefile.in
@@ -339,7 +339,7 @@ LIB_OBJ = $(LIBSAMBAUTIL_OBJ) \
lib/module.o lib/events.o lib/ldap_escape.o @CHARSET_STATIC@ \
lib/secdesc.o lib/util_seaccess.o lib/secace.o lib/secacl.o \
libads/krb5_errs.o lib/system_smbd.o lib/audit.o $(LIBNDR_OBJ) \
- lib/file_id.o
+ lib/file_id.o lib/idmap_cache.o
LIB_DUMMY_OBJ = lib/dummysmbd.o lib/dummyroot.o
LIB_NONSMBD_OBJ = $(LIB_OBJ) $(LIB_DUMMY_OBJ)
@@ -980,7 +980,7 @@ PAM_SMBPASS_OBJ = $(PAM_SMBPASS_OBJ_0) $(PARAM_OBJ) $(LIB_NONSMBD_OBJ) $(PASSDB_
$(SMBLDAP_OBJ) $(LIBSAMBA_OBJ) \
$(LDB_OBJ)
-IDMAP_OBJ = winbindd/idmap.o winbindd/idmap_cache.o winbindd/idmap_util.o @IDMAP_STATIC@
+IDMAP_OBJ = winbindd/idmap.o winbindd/idmap_util.o @IDMAP_STATIC@
NSS_INFO_OBJ = winbindd/nss_info.o @NSS_INFO_STATIC@
diff --git a/source/client/mount.cifs.c b/source/client/mount.cifs.c
index dd878aa..9d2b449 100644
--- a/source/client/mount.cifs.c
+++ b/source/client/mount.cifs.c
@@ -196,7 +196,7 @@ static int open_cred_file(char * file_name)
line_buf = (char *)malloc(4096);
if(line_buf == NULL) {
fclose(fs);
- return -ENOMEM;
+ return ENOMEM;
}
while(fgets(line_buf,4096,fs)) {
@@ -537,7 +537,8 @@ static int parse_options(char ** optionsp, int * filesys_flags)
if (value && *value) {
rc = open_cred_file(value);
if(rc) {
- printf("error %d opening credential file %s\n",rc, value);
+ printf("error %d (%s) opening credential file %s\n",
+ rc, strerror(rc), value);
return 1;
}
} else {
diff --git a/source/configure.in b/source/configure.in
index 7647594..240a44b 100644
--- a/source/configure.in
+++ b/source/configure.in
@@ -262,7 +262,7 @@ if test "$ac_cv_prog_gnu_ld" = "yes"; then
if test "$ac_cv_gnu_ld_vernr_major" -lt 2 || test "$ac_cv_gnu_ld_vernr_minor" -lt 14; then
ac_cv_gnu_ld_no_default_allow_shlib_undefined=yes
fi
- if test "$ac_cv_gnu_ld_vernr_major" -gt 2 || test "$ac_cv_gnu_l= d_vernr_major"=2 && test "$ac_cv_gnu_ld_vernr_minor" -ge 12; then
+ if test "$ac_cv_gnu_ld_vernr_major" -gt 2 || test "$ac_cv_gnu_ld_vernr_major"=2 && test "$ac_cv_gnu_ld_vernr_minor" -ge 12; then
ac_cv_gnu_ld_version_script=yes
fi
fi
@@ -2717,30 +2717,32 @@ AC_CHECK_FUNCS(getpagesize)
################################################
# look for a method of setting the effective uid
seteuid=no;
+
if test $seteuid = no; then
-AC_CACHE_CHECK([for setresuid],samba_cv_USE_SETRESUID,[
+AC_CACHE_CHECK([for setreuid],samba_cv_USE_SETREUID,[
AC_TRY_RUN([
#define AUTOCONF_TEST 1
-#define USE_SETRESUID 1
+#define USE_SETREUID 1
#include "confdefs.h"
#include "${srcdir-.}/lib/util_sec.c"],
- samba_cv_USE_SETRESUID=yes,samba_cv_USE_SETRESUID=no,samba_cv_USE_SETRESUID=cross)])
-if test x"$samba_cv_USE_SETRESUID" = x"yes"; then
- seteuid=yes;AC_DEFINE(USE_SETRESUID,1,[Whether setresuid() is available])
+ samba_cv_USE_SETREUID=yes,samba_cv_USE_SETREUID=no,samba_cv_USE_SETREUID=cross)])
+if test x"$samba_cv_USE_SETREUID" = x"yes"; then
+ seteuid=yes;AC_DEFINE(USE_SETREUID,1,[Whether setreuid() is available])
fi
fi
-
+# we check for setresuid second as it conflicts with AIO on Linux.
+# see http://samba.org/~tridge/junkcode/aio_uid.c
if test $seteuid = no; then
-AC_CACHE_CHECK([for setreuid],samba_cv_USE_SETREUID,[
+AC_CACHE_CHECK([for setresuid],samba_cv_USE_SETRESUID,[
AC_TRY_RUN([
#define AUTOCONF_TEST 1
-#define USE_SETREUID 1
+#define USE_SETRESUID 1
#include "confdefs.h"
#include "${srcdir-.}/lib/util_sec.c"],
- samba_cv_USE_SETREUID=yes,samba_cv_USE_SETREUID=no,samba_cv_USE_SETREUID=cross)])
-if test x"$samba_cv_USE_SETREUID" = x"yes"; then
- seteuid=yes;AC_DEFINE(USE_SETREUID,1,[Whether setreuid() is available])
+ samba_cv_USE_SETRESUID=yes,samba_cv_USE_SETRESUID=no,samba_cv_USE_SETRESUID=cross)])
+if test x"$samba_cv_USE_SETRESUID" = x"yes"; then
+ seteuid=yes;AC_DEFINE(USE_SETRESUID,1,[Whether setresuid() is available])
fi
fi
diff --git a/source/winbindd/idmap_cache.c b/source/lib/idmap_cache.c
similarity index 99%
rename from source/winbindd/idmap_cache.c
rename to source/lib/idmap_cache.c
index 496f70a..6377635 100644
--- a/source/winbindd/idmap_cache.c
+++ b/source/lib/idmap_cache.c
@@ -18,7 +18,6 @@
along with this program. If not, see <http://www.gnu.org/licenses/>.*/
#include "includes.h"
-#include "winbindd.h"
/**
* Find a sid2uid mapping
diff --git a/source/lib/tdb/common/io.c b/source/lib/tdb/common/io.c
index 172ab69..661f761 100644
--- a/source/lib/tdb/common/io.c
+++ b/source/lib/tdb/common/io.c
@@ -189,7 +189,9 @@ int tdb_munmap(struct tdb_context *tdb)
#ifdef HAVE_MMAP
if (tdb->map_ptr) {
- int ret = munmap(tdb->map_ptr, tdb->map_size);
+ int ret;
+
+ ret = munmap(tdb->map_ptr, tdb->map_size);
if (ret != 0)
return ret;
}
diff --git a/source/lib/tdb/common/transaction.c b/source/lib/tdb/common/transaction.c
index 4e2127b..7acda64 100644
--- a/source/lib/tdb/common/transaction.c
+++ b/source/lib/tdb/common/transaction.c
@@ -563,7 +563,7 @@ static int transaction_sync(struct tdb_context *tdb, tdb_off_t offset, tdb_len_t
TDB_LOG((tdb, TDB_DEBUG_FATAL, "tdb_transaction: fsync failed\n"));
return -1;
}
-#ifdef MS_SYNC
+#ifdef HAVE_MMAP
if (tdb->map_ptr) {
tdb_off_t moffset = offset & ~(tdb->page_size-1);
if (msync(moffset + (char *)tdb->map_ptr,
diff --git a/source/lib/util_sock.c b/source/lib/util_sock.c
index 7356b3e..e20768e 100644
--- a/source/lib/util_sock.c
+++ b/source/lib/util_sock.c
@@ -1379,11 +1379,22 @@ int open_socket_out(int type,
return res;
}
-/****************************************************************************
- Create an outgoing TCP socket to any of the addrs. This is for
- simultaneous connects to port 445 and 139 of a host or even a variety
- of DC's all of which are equivalent for our purposes.
-**************************************************************************/
+/*******************************************************************
+ Create an outgoing TCP socket to the first addr that connects.
+
+ This is for simultaneous connection attempts to port 445 and 139 of a host
+ or for simultatneous connection attempts to multiple DCs at once. We return
+ a socket fd of the first successful connection.
+
+ @param[in] addrs list of Internet addresses and ports to connect to
+ @param[in] num_addrs number of address/port pairs in the addrs list
+ @param[in] timeout time after which we stop waiting for a socket connection
+ to succeed, given in milliseconds
+ @param[out] fd_index the entry in addrs which we successfully connected to
+ @param[out] fd fd of the open and connected socket
+ @return true on a successful connection, false if all connection attempts
+ failed or we timed out
+*******************************************************************/
bool open_any_socket_out(struct sockaddr_storage *addrs, int num_addrs,
int timeout, int *fd_index, int *fd)
diff --git a/source/libads/kerberos.c b/source/libads/kerberos.c
index 31e5af4..501ef01 100644
--- a/source/libads/kerberos.c
+++ b/source/libads/kerberos.c
@@ -893,9 +893,9 @@ bool create_local_private_krb5_conf_for_domain(const char *realm,
file_contents = talloc_asprintf(fname,
"[libdefaults]\n\tdefault_realm = %s\n"
- "default_tgs_enctypes = RC4-HMAC DES-CBC-CRC DES-CBC-MD5\n"
- "default_tkt_enctypes = RC4-HMAC DES-CBC-CRC DES-CBC-MD5\n"
- "preferred_enctypes = RC4-HMAC DES-CBC-CRC DES-CBC-MD5\n\n"
+ "\tdefault_tgs_enctypes = RC4-HMAC DES-CBC-CRC DES-CBC-MD5\n"
+ "\tdefault_tkt_enctypes = RC4-HMAC DES-CBC-CRC DES-CBC-MD5\n"
+ "\tpreferred_enctypes = RC4-HMAC DES-CBC-CRC DES-CBC-MD5\n\n"
"[realms]\n\t%s = {\n"
"\t%s\t}\n",
realm_upper, realm_upper, kdc_ip_string);
diff --git a/source/librpc/gen_ndr/krb5pac.h b/source/librpc/gen_ndr/krb5pac.h
index 2d799ea..b3b29e5 100644
--- a/source/librpc/gen_ndr/krb5pac.h
+++ b/source/librpc/gen_ndr/krb5pac.h
@@ -76,7 +76,7 @@ union PAC_INFO {
struct PAC_SIGNATURE_DATA srv_cksum;/* [case(PAC_TYPE_SRV_CHECKSUM)] */
struct PAC_SIGNATURE_DATA kdc_cksum;/* [case(PAC_TYPE_KDC_CHECKSUM)] */
struct PAC_LOGON_NAME logon_name;/* [case(PAC_TYPE_LOGON_NAME)] */
- struct DATA_BLOB_REM unknown;/* [subcontext(0),case(PAC_TYPE_UNKNOWN_12)] */
+ struct DATA_BLOB_REM unknown;/* [subcontext(0),default] */
}/* [gensize,nodiscriminant,public] */;
struct PAC_BUFFER {
diff --git a/source/librpc/gen_ndr/ndr_krb5pac.c b/source/librpc/gen_ndr/ndr_krb5pac.c
index 70d63ae..6e06f90 100644
--- a/source/librpc/gen_ndr/ndr_krb5pac.c
+++ b/source/librpc/gen_ndr/ndr_krb5pac.c
@@ -319,7 +319,7 @@ _PUBLIC_ enum ndr_err_code ndr_push_PAC_INFO(struct ndr_push *ndr, int ndr_flags
NDR_CHECK(ndr_push_PAC_LOGON_NAME(ndr, NDR_SCALARS, &r->logon_name));
break; }
- case PAC_TYPE_UNKNOWN_12: {
+ default: {
{
struct ndr_push *_ndr_unknown;
NDR_CHECK(ndr_push_subcontext_start(ndr, &_ndr_unknown, 0, -1));
@@ -328,8 +328,6 @@ _PUBLIC_ enum ndr_err_code ndr_push_PAC_INFO(struct ndr_push *ndr, int ndr_flags
}
break; }
- default:
- return ndr_push_error(ndr, NDR_ERR_BAD_SWITCH, "Bad switch value %u", level);
}
}
if (ndr_flags & NDR_BUFFERS) {
@@ -348,11 +346,9 @@ _PUBLIC_ enum ndr_err_code ndr_push_PAC_INFO(struct ndr_push *ndr, int ndr_flags
case PAC_TYPE_LOGON_NAME:
break;
- case PAC_TYPE_UNKNOWN_12:
+ default:
break;
- default:
- return ndr_push_error(ndr, NDR_ERR_BAD_SWITCH, "Bad switch value %u", level);
}
}
return NDR_ERR_SUCCESS;
@@ -380,7 +376,7 @@ _PUBLIC_ enum ndr_err_code ndr_pull_PAC_INFO(struct ndr_pull *ndr, int ndr_flags
NDR_CHECK(ndr_pull_PAC_LOGON_NAME(ndr, NDR_SCALARS, &r->logon_name));
break; }
- case PAC_TYPE_UNKNOWN_12: {
+ default: {
{
struct ndr_pull *_ndr_unknown;
NDR_CHECK(ndr_pull_subcontext_start(ndr, &_ndr_unknown, 0, -1));
@@ -389,8 +385,6 @@ _PUBLIC_ enum ndr_err_code ndr_pull_PAC_INFO(struct ndr_pull *ndr, int ndr_flags
}
break; }
- default:
- return ndr_pull_error(ndr, NDR_ERR_BAD_SWITCH, "Bad switch value %u", level);
}
}
if (ndr_flags & NDR_BUFFERS) {
@@ -408,11 +402,9 @@ _PUBLIC_ enum ndr_err_code ndr_pull_PAC_INFO(struct ndr_pull *ndr, int ndr_flags
case PAC_TYPE_LOGON_NAME:
break;
- case PAC_TYPE_UNKNOWN_12:
+ default:
break;
- default:
- return ndr_pull_error(ndr, NDR_ERR_BAD_SWITCH, "Bad switch value %u", level);
}
}
return NDR_ERR_SUCCESS;
@@ -440,12 +432,10 @@ _PUBLIC_ void ndr_print_PAC_INFO(struct ndr_print *ndr, const char *name, const
ndr_print_PAC_LOGON_NAME(ndr, "logon_name", &r->logon_name);
break;
- case PAC_TYPE_UNKNOWN_12:
+ default:
ndr_print_DATA_BLOB_REM(ndr, "unknown", &r->unknown);
break;
- default:
- ndr_print_bad_level(ndr, name, level);
}
}
diff --git a/source/librpc/idl/krb5pac.idl b/source/librpc/idl/krb5pac.idl
index 7c2f72d..c039502 100644
--- a/source/librpc/idl/krb5pac.idl
+++ b/source/librpc/idl/krb5pac.idl
@@ -70,7 +70,7 @@ interface krb5pac
[case(PAC_TYPE_SRV_CHECKSUM)] PAC_SIGNATURE_DATA srv_cksum;
[case(PAC_TYPE_KDC_CHECKSUM)] PAC_SIGNATURE_DATA kdc_cksum;
[case(PAC_TYPE_LOGON_NAME)] PAC_LOGON_NAME logon_name;
- [case(PAC_TYPE_UNKNOWN_12)] [subcontext(0)] DATA_BLOB_REM unknown;
+ [default] [subcontext(0)] DATA_BLOB_REM unknown;
/* [case(PAC_TYPE_UNKNOWN_12)] PAC_UNKNOWN_12 unknown; */
} PAC_INFO;
diff --git a/source/libsmb/async_smb.c b/source/libsmb/async_smb.c
index 58bba2b..9346264 100644
--- a/source/libsmb/async_smb.c
+++ b/source/libsmb/async_smb.c
@@ -319,6 +319,7 @@ static void cli_state_handler(struct event_context *event_ctx,
{
struct cli_state *cli = (struct cli_state *)p;
struct cli_request *req;
+ NTSTATUS status;
DEBUG(11, ("cli_state_handler called with flags %d\n", flags));
@@ -331,11 +332,13 @@ static void cli_state_handler(struct event_context *event_ctx,
if (res == -1) {
DEBUG(10, ("ioctl(FIONREAD) failed: %s\n",
strerror(errno)));
+ status = map_nt_error_from_unix(errno);
goto sock_error;
}
if (available == 0) {
/* EOF */
+ status = NT_STATUS_END_OF_FILE;
goto sock_error;
}
@@ -344,6 +347,7 @@ static void cli_state_handler(struct event_context *event_ctx,
if (new_size < old_size) {
/* wrap */
+ status = NT_STATUS_UNEXPECTED_IO_ERROR;
goto sock_error;
}
@@ -351,6 +355,7 @@ static void cli_state_handler(struct event_context *event_ctx,
new_size);
if (tmp == NULL) {
/* nomem */
+ status = NT_STATUS_NO_MEMORY;
goto sock_error;
}
cli->evt_inbuf = tmp;
@@ -358,6 +363,7 @@ static void cli_state_handler(struct event_context *event_ctx,
res = recv(cli->fd, cli->evt_inbuf + old_size, available, 0);
if (res == -1) {
DEBUG(10, ("recv failed: %s\n", strerror(errno)));
+ status = map_nt_error_from_unix(errno);
goto sock_error;
}
@@ -402,6 +408,7 @@ static void cli_state_handler(struct event_context *event_ctx,
to_send - req->sent, 0);
if (sent < 0) {
+ status = map_nt_error_from_unix(errno);
goto sock_error;
}
@@ -415,8 +422,7 @@ static void cli_state_handler(struct event_context *event_ctx,
sock_error:
for (req = cli->outstanding_requests; req; req = req->next) {
- req->async->state = ASYNC_REQ_ERROR;
- req->async->status = map_nt_error_from_unix(errno);
+ async_req_error(req->async, status);
}
TALLOC_FREE(cli->fd_event);
close(cli->fd);
diff --git a/source/libsmb/conncache.c b/source/libsmb/conncache.c
index 05344f4..b440d61 100644
--- a/source/libsmb/conncache.c
+++ b/source/libsmb/conncache.c
@@ -177,7 +177,7 @@ void delete_negative_conn_cache(const char *domain, const char *server)
/**
- * Add an entry to the failed conneciton cache
+ * Add an entry to the failed connection cache
*
* @param[in] domain
* @param[in] server may be a FQDN or an IP addr in printable form
diff --git a/source/modules/vfs_tsmsm.c b/source/modules/vfs_tsmsm.c
index 4a732bc..ee958b1 100644
--- a/source/modules/vfs_tsmsm.c
+++ b/source/modules/vfs_tsmsm.c
@@ -200,9 +200,9 @@ static bool tsmsm_is_offline(struct vfs_handle_struct *handle,
goto done;
}
- lerrno = 0;
-
do {
+ lerrno = 0;
+
ret = dm_get_dmattr(*dmsession_id, dmhandle, dmhandle_len,
DM_NO_TOKEN, &dmname, buflen, buf, &rlen);
if (ret == -1 && errno == EINVAL) {
@@ -279,10 +279,13 @@ static ssize_t tsmsm_aio_return(struct vfs_handle_struct *handle, struct files_s
static ssize_t tsmsm_sendfile(vfs_handle_struct *handle, int tofd, files_struct *fsp, const DATA_BLOB *hdr,
SMB_OFF_T offset, size_t n)
{
- bool file_online = tsmsm_aio_force(handle, fsp);
+ bool file_offline = tsmsm_aio_force(handle, fsp);
- if(!file_online)
- return ENOSYS;
+ if (file_offline) {
+ DEBUG(10,("tsmsm_sendfile on offline file - rejecting\n"));
+ errno = ENOSYS;
+ return -1;
+ }
return SMB_VFS_NEXT_SENDFILE(handle, tofd, fsp, hdr, offset, n);
}
@@ -333,7 +336,7 @@ static int tsmsm_set_offline(struct vfs_handle_struct *handle,
if (tsmd->hsmscript == NULL) {
/* no script enabled */
- DEBUG(1, ("tsmsm_set_offline: No tsmsm:hsmscript configured\n"));
+ DEBUG(1, ("tsmsm_set_offline: No 'tsmsm:hsm script' configured\n"));
return 0;
}
diff --git a/source/param/loadparm.c b/source/param/loadparm.c
index 84c2c7f..60a1fa4 100644
--- a/source/param/loadparm.c
+++ b/source/param/loadparm.c
@@ -4850,7 +4850,7 @@ static void init_globals(bool first_time_only)
Globals.bWinbindRefreshTickets = False;
Globals.bWinbindOfflineLogon = False;
- Globals.iIdmapCacheTime = 900; /* 15 minutes by default */
+ Globals.iIdmapCacheTime = 86400 * 7; /* a week by default */
Globals.iIdmapNegativeCacheTime = 120; /* 2 minutes by default */
Globals.bPassdbExpandExplicit = False;
@@ -6102,7 +6102,7 @@ static int map_parameter(const char *pszParmName)
{
int iIndex;
- if (*pszParmName == '-')
+ if (*pszParmName == '-' && !strequal(pszParmName, "-valid"))
return (-1);
for (iIndex = 0; parm_table[iIndex].label; iIndex++)
diff --git a/source/passdb/lookup_sid.c b/source/passdb/lookup_sid.c
index a7175b9..3861c8e 100644
--- a/source/passdb/lookup_sid.c
+++ b/source/passdb/lookup_sid.c
@@ -1286,22 +1286,39 @@ static bool legacy_sid_to_gid(const DOM_SID *psid, gid_t *pgid)
void uid_to_sid(DOM_SID *psid, uid_t uid)
{
+ bool expired = true;
+ bool ret;
ZERO_STRUCTP(psid);
if (fetch_sid_from_uid_cache(psid, uid))
return;
- if (!winbind_uid_to_sid(psid, uid)) {
- if (!winbind_ping()) {
- legacy_uid_to_sid(psid, uid);
- return;
- }
+ /* Check the winbindd cache directly. */
+ ret = idmap_cache_find_uid2sid(uid, psid, &expired);
- DEBUG(5, ("uid_to_sid: winbind failed to find a sid for uid %u\n",
- uid));
+ if (ret && !expired && is_null_sid(psid)) {
+ /*
+ * Negative cache entry, we already asked.
+ * do legacy.
+ */
+ legacy_uid_to_sid(psid, uid);
return;
}
+ if (!ret || expired) {
+ /* Not in cache. Ask winbindd. */
+ if (!winbind_uid_to_sid(psid, uid)) {
+ if (!winbind_ping()) {
+ legacy_uid_to_sid(psid, uid);
+ return;
+ }
+
+ DEBUG(5, ("uid_to_sid: winbind failed to find a sid for uid %u\n",
+ uid));
--
Samba Shared Repository
More information about the samba-cvs
mailing list