[SCM] Samba Shared Repository - branch v3-2-stable updated -
release-3-2-10-18-g47311ed
Karolin Seeger
kseeger at samba.org
Fri Apr 17 09:58:44 GMT 2009
The branch, v3-2-stable has been updated
via 47311ed9f3ed39c02ffbdf7b958135065ab7f0c2 (commit)
via 5eb947acf6b34f32b97f16d8357cb0a815d1e0c7 (commit)
via 53ad0364f153ca986c4ed92f102970d7b9f5695d (commit)
via c47f27001fded2c3c8965b7a8539abe02d958292 (commit)
via 18e2a7a2a3134d49208a0adc9530c87e0bca3eb1 (commit)
via 5d755974d300cd3914e3152d51b1c4ee42817bdc (commit)
via 94b4eb9525a8d0829066891fb64923021c5ffd6e (commit)
via a54a868180b4545244ae0fc037c7d7b6daa3a2e8 (commit)
via b50a19e20aaaf70cb2e222624f41b2c7450c7e76 (commit)
via 96ed6b631fbe690ae6292b13a5a2e2478d932aca (commit)
via 4f87bcbf8a7c453200cb9d0159e0c6e233d64282 (commit)
via 143e418c36969d1cd2c9495698aecd4aed3c45f3 (commit)
via 427e8f4780d276ee6c2c3506f5322bb327b65d6e (commit)
via 70919570f1df031937f596df5e87468e77dac772 (commit)
via cdb9382d1ee36639fc26556806d6c5bd4fc66cd4 (commit)
via 7ce5e3ea4d692e0800931d24a791469a8e6b97d4 (commit)
via dd7ec1c933cf325a8826cd524f691c61311367f7 (commit)
via c9334fc37155f27a653f7b3d81e178ecf503e226 (commit)
from 1b9151271f45a3d95e4aefbe11eb5f737f7c542f (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-stable
- Log -----------------------------------------------------------------
commit 47311ed9f3ed39c02ffbdf7b958135065ab7f0c2
Author: Karolin Seeger <kseeger at samba.org>
Date: Fri Apr 17 11:57:41 2009 +0200
WHATSNEW: Rewording.
Karolin
(cherry picked from commit 642afabf26dbb7d0f73c15c5502a90020f65a914)
commit 5eb947acf6b34f32b97f16d8357cb0a815d1e0c7
Author: Karolin Seeger <kseeger at samba.org>
Date: Fri Apr 17 11:52:02 2009 +0200
VERSION: Raise version number upt to 3.2.11.
Karolin
(cherry picked from commit aaf5c25489b916d4892ce757bb5c0f32f9910c59)
commit 53ad0364f153ca986c4ed92f102970d7b9f5695d
Author: Karolin Seeger <kseeger at samba.org>
Date: Fri Apr 17 10:42:31 2009 +0200
WHATSNEW: Update changes since 3.2.10.
Karolin
(cherry picked from commit c63dc9866e84461a7a8359958d6bcf753c51d125)
commit c47f27001fded2c3c8965b7a8539abe02d958292
Author: Jeremy Allison <jra at samba.org>
Date: Thu Apr 16 15:14:37 2009 -0700
When doing a cli_ulogoff don't invalidate the cnum, invalidate the vuid.
Jeremy.
(cherry picked from commit 72f55ca71c2d9b4c24866b7e1418fa4c17948db6)
commit 18e2a7a2a3134d49208a0adc9530c87e0bca3eb1
Author: Jim McDonough <jmcd at samba.org>
Date: Thu Apr 16 16:42:59 2009 +0200
Don't look up local user for remote changes, even when root.
(cherry picked from commit 1c47bcb5b24ab360d5e632bbf3dcbc7d1d9f6fc4)
commit 5d755974d300cd3914e3152d51b1c4ee42817bdc
Author: Günther Deschner <gd at samba.org>
Date: Thu Apr 16 01:42:35 2009 +0200
s3-lsa: Fix Bug #6263. Unexpected LookupSids reply crashes XP pre-SP3.
LookupSids needs to bounce back string sids in case of NT_STATUS_NONE_MAPPED.
Guenther
(cherry picked from commit 597be402e40ff880b595ae49a8600b932365cbcb)
(cherry picked from commit f049fb5643f93cc4806ada5db8e591bbe4cb9204)
commit 94b4eb9525a8d0829066891fb64923021c5ffd6e
Author: Jeremy Allison <jra at samba.org>
Date: Wed Apr 15 14:09:32 2009 -0700
Fix bug #6089 - Winbind samr_OpenDomain not possible with Samba 3.2.6+
What a difference a name makes... :-). Just because something is missnamed
SA_RIGHT_SAM_OPEN_DOMAIN, when it should actually be SA_RIGHT_SAM_LOOKUP_DOMAIN,
don't automatically use it for a security check in _samr_OpenDomain().
Jeremy.
(cherry picked from commit 3591c95beaed3abfa10b1579e377b0103647a177)
commit a54a868180b4545244ae0fc037c7d7b6daa3a2e8
Author: Michael Adam <obnox at samba.org>
Date: Mon Sep 8 15:51:57 2008 +0200
packaging(RHEL): add cifs.upcall binary and manpage to client package
Michael
(cherry picked from commit f1b80bcb58b8aa5c586835dc201ce674b3417835)
(cherry picked from commit b4c58d49902d62f25aa0c9289d1857aa2636c028)
(cherry picked from commit 6d308951c5b0fec988685f64f040f0770b537efb)
commit b50a19e20aaaf70cb2e222624f41b2c7450c7e76
Author: Guenther Deschner <gd at samba.org>
Date: Mon Apr 13 09:44:54 2009 -0700
s3-loadparm: Fix resume command typo for "printing = vlp".
(cherry picked from commit 8203f5f3890afec3ec631f822b0f2e5ddd262b9a)
commit 96ed6b631fbe690ae6292b13a5a2e2478d932aca
Author: Volker Lendecke <vl at samba.org>
Date: Sat Apr 11 13:54:06 2009 -0700
Fix a memleak in an unlikely error path in change_notify_create()
(cherry picked from commit 7284b7bb226990abce91d40782bf4e592e2f7b4d)
commit 4f87bcbf8a7c453200cb9d0159e0c6e233d64282
Author: Jeremy Allison <jra at samba.org>
Date: Thu Apr 9 22:46:31 2009 -0700
Fix bug #6254 - PUT/GET produces an error in IPv6 to a smb-server(3.3)
has parameter "msdfs root = yes"
This was broken by the refactoring around create_file().
MSDFS pathname processing must be done FIRST.
MSDFS pathnames containing IPv6 addresses can
be confused with NTFS stream names (they contain
":" characters.
Jeremy.
(cherry picked from commit eb29aa406f14397e3c55e559e2c02da6eb6c4cbd)
commit 143e418c36969d1cd2c9495698aecd4aed3c45f3
Author: Karolin Seeger <kseeger at samba.org>
Date: Tue Apr 7 20:01:27 2009 +0200
s3/popt.h: Fix typo.
This used to be commit 8da2fa36 in master.
Karolin
(cherry picked from commit 3df28fce45ce552df2c0815597fc1808ea08b363)
(cherry picked from commit 89542c9dc4fede1547886b480791322f0497f277)
commit 427e8f4780d276ee6c2c3506f5322bb327b65d6e
Author: Karolin Seeger <kseeger at samba.org>
Date: Tue Apr 7 20:00:47 2009 +0200
s3/loadparm: Fiy typos.
This used to be commit 44588095 in master.
Karolin
(cherry picked from commit 7648c51afaf844e576935dadc0d66a94e2cad28b)
(cherry picked from commit a3081c94e64d226328885191212bd1ba46add09e)
commit 70919570f1df031937f596df5e87468e77dac772
Author: Karolin Seeger <kseeger at samba.org>
Date: Tue Apr 7 19:58:47 2009 +0200
s3/gpo_ldap: Fix typo.
This used to be commit a103222e in master.
Karolin
(cherry picked from commit a33677c8a80925965a4023785fc3a221d2ed9585)
(cherry picked from commit 7038846d514b9ea25d991bc72b807921ab1ee158)
commit cdb9382d1ee36639fc26556806d6c5bd4fc66cd4
Author: Karolin Seeger <kseeger at samba.org>
Date: Tue Apr 7 19:58:14 2009 +0200
s3/smbconf_reg: Fix typo.
This used to be commit 6343cab3 in master.
Karolin
(cherry picked from commit 56e877662dd6da64b348803c24e85f60ee6b3d85)
(cherry picked from commit 36cb36581208f754b14e2a955fbd886e6c82cfaa)
commit 7ce5e3ea4d692e0800931d24a791469a8e6b97d4
Author: Günther Deschner <gd at samba.org>
Date: Mon Apr 6 12:45:46 2009 +0200
s3-examples: Fix Bug #6205. Correct sample smb.conf share configuration.
Thanks to Jeffrey Riaboy <dakusan at castledragmire.com>.
Guenther
(cherry picked from commit 2b1fe2c98f4e0013dee4cbae62dc36cdd4085c7d)
(cherry picked from commit d3d4baecb89ddac6d460269e126a60b99f687a5b)
commit dd7ec1c933cf325a8826cd524f691c61311367f7
Author: Volker Lendecke <vl at samba.org>
Date: Sat Mar 28 19:58:45 2009 +0100
Fix smbd crash for close_on_completion
handle_trans() can talloc_free "conn" if the client requests
close_on_completion. "state" is a talloc_child of conn, so it will be gone when
we later free state->data et al.
(cherry picked from commit 51ecc77eeabe5fc89e4d1b1fb8a15c71614d4049)
commit c9334fc37155f27a653f7b3d81e178ecf503e226
Author: Jeremy Allison <jra at samba.org>
Date: Wed Apr 1 20:14:35 2009 -0700
Allow pdbedit to change a user rid/sid. Based on a fix from Alexander
Zagrebin <alexz at visp.ru>.
Jeremy.
(cherry picked from commit 5b43fff78081541f642b07a70b03c6d5902e42dd)
-----------------------------------------------------------------------
Summary of changes:
WHATSNEW.txt | 41 +++++++++++++++++++-------
examples/smb.conf.default | 2 +-
packaging/RHEL/samba.spec.tmpl | 2 +
source/VERSION | 2 +-
source/include/rpc_secdes.h | 4 +-
source/lib/smbconf/smbconf_reg.c | 2 +-
source/libgpo/gpo_ldap.c | 2 +-
source/libsmb/cliconnect.c | 2 +-
source/param/loadparm.c | 6 ++--
source/passdb/pdb_tdb.c | 60 ++++++++++++++++++++++++++++++++++++--
source/popt/popt.h | 2 +-
source/rpc_server/srv_lsa_nt.c | 10 ++++++-
source/rpc_server/srv_samr_nt.c | 13 ++------
source/smbd/ipc.c | 4 ++
source/smbd/notify.c | 1 +
source/smbd/open.c | 41 ++++++++++++++-----------
source/utils/net_rpc.c | 2 +-
source/utils/smbpasswd.c | 16 ++++++----
18 files changed, 151 insertions(+), 61 deletions(-)
Changeset truncated at 500 lines:
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index e7a0fa5..4137597 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,28 +1,47 @@
==============================
- Release Notes for Samba 3.2.10
- April 1, 2009
+ Release Notes for Samba 3.2.11
+ April 17, 2009
==============================
This is a maintenance release of the Samba 3.2 series.
-In Samba 3.2.9, there is an issue while migrating passdb.tdb files from older
-Samba versions (e.g. 3.2.8). That causes panics of smbd child processes until
-the parent smbd is restarted once after converting the passdb.tdb file. This
-issue is fixed in Samba 3.2.10.
+Major enhancements in 3.2.11 include:
+
+ o Fix domain logins for WinXP clients pre SP3 (bug #6263).
+ o Fix samr_OpenDomain access checks (bug #6089).
+ o Fix smbd crash for close_on_completion.
-Sorry for the inconveniences!
######################################################################
Changes
#######
-Changes since 3.2.9
--------------------
+Changes since 3.2.10
+--------------------
+
+
+o Jeremy Allison <jra at samba.org>
+ * BUG 6089: Fix samr_OpenDomain access checks.
+ * BUG 6254: Fix IPv6 PUT/GET errors to an SMB server (3.3) with
+ "msdfs root" set to "yes".
+ * Allow pdbedit to change a user rid/sid.
+ * When doing a cli_ulogoff don't invalidate the cnum, invalidate the vuid.
+
+
+o Günther Deschner <gd at samba.org>
+ * BUG 6205: Correct sample smb.conf share configuration.
+ * BUG 6263: Fix domain logins for WinXP clients pre SP3.
+ * Fix resume command typo for "printing = vlp".
+
+
+o Volker Lendecke <vl at samba.org>
+ * Fix smbd crash for close_on_completion.
+ * Fix a memleak in an unlikely error path in change_notify_create().
-o Michael Adam <obnox at samba.org>
- * BUG #6195: Don't let smbd child processes panic.
+o Jim McDonough <jmcd at samba.org>
+ * Don't look up local user for remote changes, even when root.
######################################################################
diff --git a/examples/smb.conf.default b/examples/smb.conf.default
index 971ca19..b4e3d63 100644
--- a/examples/smb.conf.default
+++ b/examples/smb.conf.default
@@ -204,7 +204,7 @@
; comment = Public Stuff
; path = /home/samba
; public = yes
-; writable = yes
+; writable = no
; printable = no
; write list = @staff
diff --git a/packaging/RHEL/samba.spec.tmpl b/packaging/RHEL/samba.spec.tmpl
index e0e772c..071fe87 100644
--- a/packaging/RHEL/samba.spec.tmpl
+++ b/packaging/RHEL/samba.spec.tmpl
@@ -404,6 +404,7 @@ fi
%defattr(-,root,root)
/sbin/mount.cifs
/sbin/umount.cifs
+%{_sbindir}/cifs.upcall
%{_bindir}/rpcclient
%{_bindir}/smbcacls
@@ -420,6 +421,7 @@ fi
%{_mandir}/man8/mount.cifs.8.*
%{_mandir}/man8/umount.cifs.8.*
+%{_mandir}/man8/cifs.upcall.8.*
%{_mandir}/man8/smbspool.8*
%{_mandir}/man1/smbget.1*
%{_mandir}/man5/smbgetrc.5*
diff --git a/source/VERSION b/source/VERSION
index 13dea23..b1413a5 100644
--- a/source/VERSION
+++ b/source/VERSION
@@ -25,7 +25,7 @@
########################################################
SAMBA_VERSION_MAJOR=3
SAMBA_VERSION_MINOR=2
-SAMBA_VERSION_RELEASE=10
+SAMBA_VERSION_RELEASE=11
########################################################
# Bug fix releases use a letter for the patch revision #
diff --git a/source/include/rpc_secdes.h b/source/include/rpc_secdes.h
index 649e806..bf5b85f 100644
--- a/source/include/rpc_secdes.h
+++ b/source/include/rpc_secdes.h
@@ -224,7 +224,7 @@ struct standard_mapping {
#define SA_RIGHT_SAM_INITIALISE_SERVER 0x00000004
#define SA_RIGHT_SAM_CREATE_DOMAIN 0x00000008
#define SA_RIGHT_SAM_ENUM_DOMAINS 0x00000010
-#define SA_RIGHT_SAM_OPEN_DOMAIN 0x00000020
+#define SA_RIGHT_SAM_LOOKUP_DOMAIN 0x00000020
#define SA_RIGHT_SAM_ALL_ACCESS 0x0000003F
@@ -244,7 +244,7 @@ struct standard_mapping {
#define GENERIC_RIGHTS_SAM_EXECUTE \
(STANDARD_RIGHTS_EXECUTE_ACCESS | \
- SA_RIGHT_SAM_OPEN_DOMAIN | \
+ SA_RIGHT_SAM_LOOKUP_DOMAIN | \
SA_RIGHT_SAM_CONNECT_SERVER)
diff --git a/source/lib/smbconf/smbconf_reg.c b/source/lib/smbconf/smbconf_reg.c
index dfce750..eb67781 100644
--- a/source/lib/smbconf/smbconf_reg.c
+++ b/source/lib/smbconf/smbconf_reg.c
@@ -265,7 +265,7 @@ static WERROR smbconf_reg_set_value(struct registry_key *key,
if (!strequal(subkeyname, GLOBAL_NAME) &&
lp_parameter_is_global(valname))
{
- DEBUG(5, ("Global paramter '%s' not allowed in "
+ DEBUG(5, ("Global parameter '%s' not allowed in "
"service definition ('%s').\n", canon_valname,
subkeyname));
werr = WERR_INVALID_PARAM;
diff --git a/source/libgpo/gpo_ldap.c b/source/libgpo/gpo_ldap.c
index 477832a..084017d 100644
--- a/source/libgpo/gpo_ldap.c
+++ b/source/libgpo/gpo_ldap.c
@@ -453,7 +453,7 @@ ADS_STATUS ads_delete_gpo_link(ADS_STRUCT *ads,
}
/****************************************************************
- get a GROUP_POLICY_OBJECT structure based on different input paramters
+ get a GROUP_POLICY_OBJECT structure based on different input parameters
****************************************************************/
ADS_STATUS ads_get_gpo(ADS_STRUCT *ads,
diff --git a/source/libsmb/cliconnect.c b/source/libsmb/cliconnect.c
index c0c39cf..2be220f 100644
--- a/source/libsmb/cliconnect.c
+++ b/source/libsmb/cliconnect.c
@@ -1096,7 +1096,7 @@ bool cli_ulogoff(struct cli_state *cli)
return False;
}
- cli->cnum = -1;
+ cli->vuid = -1;
return True;
}
diff --git a/source/param/loadparm.c b/source/param/loadparm.c
index aa41bf9..4556d0b 100644
--- a/source/param/loadparm.c
+++ b/source/param/loadparm.c
@@ -863,7 +863,7 @@ static const struct enum_list enum_config_backend[] = {
/* Note: We do not initialise the defaults union - it is not allowed in ANSI C
*
- * The FLAG_HIDE is explicit. Paramters set this way do NOT appear in any edit
+ * The FLAG_HIDE is explicit. Parameters set this way do NOT appear in any edit
* screen in SWAT. This is used to exclude parameters as well as to squash all
* parameters that have been duplicated by pseudonyms.
*
@@ -872,7 +872,7 @@ static const struct enum_list enum_config_backend[] = {
* Set FLAG_SHARE and FLAG_PRINT to specifically display parameters in
* respective views.
*
- * NOTE2: Handling of duplicated (synonym) paramters:
+ * NOTE2: Handling of duplicated (synonym) parameters:
* Only the first occurance of a parameter should be enabled by FLAG_BASIC
* and/or FLAG_ADVANCED. All duplicates following the first mention should be
* set to FLAG_HIDE. ie: Make you must place the parameter that has the preferred
@@ -4534,7 +4534,7 @@ static void init_printer_values(struct service *pService)
string_set(&pService->szLpqcommand, "vlp lpq %p");
string_set(&pService->szLprmcommand, "vlp lprm %p %j");
string_set(&pService->szLppausecommand, "vlp lppause %p %j");
- string_set(&pService->szLpresumecommand, "vlp lpresum %p %j");
+ string_set(&pService->szLpresumecommand, "vlp lpresume %p %j");
string_set(&pService->szQueuepausecommand, "vlp queuepause %p");
string_set(&pService->szQueueresumecommand, "vlp queueresume %p");
break;
diff --git a/source/passdb/pdb_tdb.c b/source/passdb/pdb_tdb.c
index 154ee62..9b2de1c 100644
--- a/source/passdb/pdb_tdb.c
+++ b/source/passdb/pdb_tdb.c
@@ -1406,12 +1406,17 @@ static bool tdb_update_ridrec_only( struct samu* newpwd, int flag )
static bool tdb_update_sam(struct pdb_methods *my_methods, struct samu* newpwd,
int flag)
{
- if (!pdb_get_user_rid(newpwd)) {
+ uint32_t oldrid;
+ uint32_t newrid;
+
+ if (!(newrid = pdb_get_user_rid(newpwd))) {
DEBUG(0,("tdb_update_sam: struct samu (%s) with no RID!\n",
pdb_get_username(newpwd)));
return False;
}
+ oldrid = newrid;
+
/* open the database */
if ( !tdbsam_open( tdbsam_filename ) ) {
@@ -1424,11 +1429,60 @@ static bool tdb_update_sam(struct pdb_methods *my_methods, struct samu* newpwd,
return false;
}
- if (!tdb_update_samacct_only(newpwd, flag)
- || !tdb_update_ridrec_only(newpwd, flag)) {
+ /* If we are updating, we may be changing this users RID. Retrieve the old RID
+ so we can check. */
+
+ if (flag == TDB_MODIFY) {
+ struct samu *account = samu_new(talloc_tos());
+ if (account == NULL) {
+ DEBUG(0,("tdb_update_sam: samu_new() failed\n"));
+ goto cancel;
+ }
+ if (!NT_STATUS_IS_OK(tdbsam_getsampwnam(my_methods, account, pdb_get_username(newpwd)))) {
+ DEBUG(0,("tdb_update_sam: tdbsam_getsampwnam() for %s failed\n",
+ pdb_get_username(newpwd)));
+ TALLOC_FREE(account);
+ goto cancel;
+ }
+ if (!(oldrid = pdb_get_user_rid(account))) {
+ DEBUG(0,("tdb_update_sam: pdb_get_user_rid() failed\n"));
+ TALLOC_FREE(account);
+ goto cancel;
+ }
+ TALLOC_FREE(account);
+ }
+
+ /* Update the new samu entry. */
+ if (!tdb_update_samacct_only(newpwd, flag)) {
goto cancel;
}
+ /* Now take care of the case where the RID changed. We need
+ * to delete the old RID key and add the new. */
+
+ if (flag == TDB_MODIFY && newrid != oldrid) {
+ fstring keystr;
+
+ /* Delete old RID key */
+ DEBUG(10, ("tdb_update_sam: Deleting key for RID %u\n", oldrid));
+ slprintf(keystr, sizeof(keystr) - 1, "%s%.8x", RIDPREFIX, oldrid);
+ if (!NT_STATUS_IS_OK(dbwrap_delete_bystring(db_sam, keystr))) {
+ DEBUG(0, ("tdb_update_sam: Can't delete %s\n", keystr));
+ goto cancel;
+ }
+ /* Insert new RID key */
+ DEBUG(10, ("tdb_update_sam: Inserting key for RID %u\n", newrid));
+ if (!tdb_update_ridrec_only(newpwd, TDB_INSERT)) {
+ goto cancel;
+ }
+ } else {
+ DEBUG(10, ("tdb_update_sam: %s key for RID %u\n",
+ flag == TDB_MODIFY ? "Updating" : "Inserting", newrid));
+ if (!tdb_update_ridrec_only(newpwd, flag)) {
+ goto cancel;
+ }
+ }
+
if (db_sam->transaction_commit(db_sam) != 0) {
DEBUG(0, ("Could not commit transaction\n"));
goto cancel;
diff --git a/source/popt/popt.h b/source/popt/popt.h
index 08701d7..7b94a98 100644
--- a/source/popt/popt.h
+++ b/source/popt/popt.h
@@ -83,7 +83,7 @@
#define POPT_ERROR_NOARG -10 /*!< missing argument */
#define POPT_ERROR_BADOPT -11 /*!< unknown option */
#define POPT_ERROR_OPTSTOODEEP -13 /*!< aliases nested too deeply */
-#define POPT_ERROR_BADQUOTE -15 /*!< error in paramter quoting */
+#define POPT_ERROR_BADQUOTE -15 /*!< error in parameter quoting */
#define POPT_ERROR_ERRNO -16 /*!< errno set, use strerror(errno) */
#define POPT_ERROR_BADNUMBER -17 /*!< invalid numeric value */
#define POPT_ERROR_OVERFLOW -18 /*!< number too large or too small */
diff --git a/source/rpc_server/srv_lsa_nt.c b/source/rpc_server/srv_lsa_nt.c
index 9d411ec..fd6cdfa 100644
--- a/source/rpc_server/srv_lsa_nt.c
+++ b/source/rpc_server/srv_lsa_nt.c
@@ -830,7 +830,15 @@ NTSTATUS _lsa_LookupSids(pipes_struct *p,
&names,
&mapped_count);
- if (NT_STATUS_IS_ERR(status)) {
+ /* Only return here when there is a real error.
+ NT_STATUS_NONE_MAPPED is a special case as it indicates that none of
+ the requested sids could be resolved. Older versions of XP (pre SP3)
+ rely that we return with the string representations of those SIDs in
+ that case. If we don't, XP crashes - Guenther
+ */
+
+ if (NT_STATUS_IS_ERR(status) &&
+ !NT_STATUS_EQUAL(status, NT_STATUS_NONE_MAPPED)) {
return status;
}
diff --git a/source/rpc_server/srv_samr_nt.c b/source/rpc_server/srv_samr_nt.c
index 6e37ea5..f14c53b 100644
--- a/source/rpc_server/srv_samr_nt.c
+++ b/source/rpc_server/srv_samr_nt.c
@@ -620,13 +620,6 @@ NTSTATUS _samr_OpenDomain(pipes_struct *p,
if ( !find_policy_by_hnd(p, r->in.connect_handle, (void**)(void *)&info) )
return NT_STATUS_INVALID_HANDLE;
- status = access_check_samr_function(info->acc_granted,
- SA_RIGHT_SAM_OPEN_DOMAIN,
- "_samr_OpenDomain" );
-
- if ( !NT_STATUS_IS_OK(status) )
- return status;
-
/*check if access can be granted as requested by client. */
map_max_allowed_access(p->pipe_user.nt_user_token, &des_access);
@@ -2957,7 +2950,7 @@ NTSTATUS _samr_QueryDomainInfo(pipes_struct *p,
}
status = access_check_samr_function(info->acc_granted,
- SA_RIGHT_SAM_OPEN_DOMAIN,
+ SA_RIGHT_SAM_LOOKUP_DOMAIN,
"_samr_QueryDomainInfo" );
if ( !NT_STATUS_IS_OK(status) )
@@ -3357,7 +3350,7 @@ NTSTATUS _samr_Connect(pipes_struct *p,
map_max_allowed_access(p->pipe_user.nt_user_token, &des_access);
se_map_generic( &des_access, &sam_generic_mapping );
- info->acc_granted = des_access & (SA_RIGHT_SAM_ENUM_DOMAINS|SA_RIGHT_SAM_OPEN_DOMAIN);
+ info->acc_granted = des_access & (SA_RIGHT_SAM_ENUM_DOMAINS|SA_RIGHT_SAM_LOOKUP_DOMAIN);
/* get a (unique) handle. open a policy on it. */
if (!create_policy_hnd(p, r->out.connect_handle, free_samr_info, (void *)info))
@@ -3544,7 +3537,7 @@ NTSTATUS _samr_LookupDomain(pipes_struct *p,
Reverted that change so we will work with RAS servers again */
status = access_check_samr_function(info->acc_granted,
- SA_RIGHT_SAM_OPEN_DOMAIN,
+ SA_RIGHT_SAM_LOOKUP_DOMAIN,
"_samr_LookupDomain");
if (!NT_STATUS_IS_OK(status)) {
return status;
diff --git a/source/smbd/ipc.c b/source/smbd/ipc.c
index a53bc5b..8e40c30 100644
--- a/source/smbd/ipc.c
+++ b/source/smbd/ipc.c
@@ -658,6 +658,8 @@ void reply_trans(struct smb_request *req)
return;
}
+ talloc_steal(talloc_tos(), state);
+
handle_trans(conn, req, state);
SAFE_FREE(state->data);
@@ -787,6 +789,8 @@ void reply_transs(struct smb_request *req)
*/
SCVAL(req->inbuf,smb_com,SMBtrans);
+ talloc_steal(talloc_tos(), state);
+
handle_trans(conn, req, state);
DLIST_REMOVE(conn->pending_trans, state);
diff --git a/source/smbd/notify.c b/source/smbd/notify.c
index 55a5e69..d1cd8df 100644
--- a/source/smbd/notify.c
+++ b/source/smbd/notify.c
@@ -231,6 +231,7 @@ NTSTATUS change_notify_create(struct files_struct *fsp, uint32 filter,
if (asprintf(&fullpath, "%s/%s", fsp->conn->connectpath,
fsp->fsp_name) == -1) {
DEBUG(0, ("asprintf failed\n"));
+ TALLOC_FREE(fsp->notify);
return NT_STATUS_NO_MEMORY;
}
diff --git a/source/smbd/open.c b/source/smbd/open.c
index 58d1f6d..535abcc 100644
--- a/source/smbd/open.c
+++ b/source/smbd/open.c
@@ -3055,6 +3055,29 @@ NTSTATUS create_file(connection_struct *conn,
(unsigned int)root_dir_fid,
ea_list, sd, fname));
+ /* MSDFS pathname processing must be done FIRST.
+ MSDFS pathnames containing IPv6 addresses can
+ be confused with NTFS stream names (they contain
+ ":" characters. JRA. */
+
+ if ((req != NULL) && (req->flags2 & FLAGS2_DFS_PATHNAMES)) {
+ char *resolved_fname;
+
+ status = resolve_dfspath(talloc_tos(), conn, true, fname,
+ &resolved_fname);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ /*
+ * For PATH_NOT_COVERED we had
+ * reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
+ * ERRSRV, ERRbadpath);
+ * Need to fix in callers
+ */
+ goto fail;
+ }
+ fname = resolved_fname;
+ }
+
/*
* Get the file name.
*/
@@ -3182,24 +3205,6 @@ NTSTATUS create_file(connection_struct *conn,
}
}
- if ((req != NULL) && (req->flags2 & FLAGS2_DFS_PATHNAMES)) {
- char *resolved_fname;
-
- status = resolve_dfspath(talloc_tos(), conn, true, fname,
- &resolved_fname);
-
- if (!NT_STATUS_IS_OK(status)) {
- /*
- * For PATH_NOT_COVERED we had
- * reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
- * ERRSRV, ERRbadpath);
- * Need to fix in callers
- */
- goto fail;
- }
- fname = resolved_fname;
- }
-
/*
* Check if POSIX semantics are wanted.
*/
diff --git a/source/utils/net_rpc.c b/source/utils/net_rpc.c
index 0476394..1eaa1c6 100644
--- a/source/utils/net_rpc.c
+++ b/source/utils/net_rpc.c
@@ -6280,7 +6280,7 @@ static int rpc_trustdom_list(int argc, const char **argv)
/* SamrConnect2 */
nt_status = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
pipe_hnd->cli->desthost,
- SA_RIGHT_SAM_OPEN_DOMAIN,
+ SA_RIGHT_SAM_LOOKUP_DOMAIN,
&connect_hnd);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0, ("Couldn't open SAMR policy handle. Error was %s\n",
diff --git a/source/utils/smbpasswd.c b/source/utils/smbpasswd.c
index 041b02a..47377e1 100644
--- a/source/utils/smbpasswd.c
+++ b/source/utils/smbpasswd.c
@@ -430,14 +430,18 @@ static int process_root(int local_flags)
}
if((local_flags & LOCAL_SET_PASSWORD) && (new_passwd == NULL)) {
- struct passwd *passwd = getpwnam_alloc(NULL, user_name);
+ struct passwd *passwd;
- if (!passwd) {
- fprintf(stderr, "Cannot locate Unix account for "
- "'%s'!\n", user_name);
- exit(1);
+ if (remote_machine == NULL) {
+ passwd = getpwnam_alloc(NULL, user_name);
+
+ if (!passwd) {
+ fprintf(stderr, "Cannot locate Unix account for "
+ "'%s'!\n", user_name);
+ exit(1);
+ }
+ TALLOC_FREE(passwd);
}
- TALLOC_FREE(passwd);
new_passwd = prompt_for_new_password(stdin_passwd_get);
--
Samba Shared Repository
More information about the samba-cvs
mailing list