[SCM] Samba Shared Repository - branch v3-3-test updated -
release-3-2-0pre2-5250-ge5f0f6b
Karolin Seeger
kseeger at samba.org
Wed May 6 07:26:31 GMT 2009
The branch, v3-3-test has been updated
via e5f0f6b7fb428e4cc8e5e782a0038a847d74edcc (commit)
via 65fe7c42c6c229a99b7cffc0515fc7a1ed30c43c (commit)
via 1921d77fa2490bd19aded05924a62795641231ea (commit)
via 1d345210381b1f543c2ccaa6e66f52532916413e (commit)
via a100a9c48d73df69851099e15253a65f2dbc9f65 (commit)
from 02368626a273368a3b731d2b413e90d91ed15c5c (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test
- Log -----------------------------------------------------------------
commit e5f0f6b7fb428e4cc8e5e782a0038a847d74edcc
Author: Volker Lendecke <vl at samba.org>
Date: Mon May 4 14:39:56 2009 +0200
Do not crash in ctdbd_traverse if ctdbd is not around
commit 65fe7c42c6c229a99b7cffc0515fc7a1ed30c43c
Author: Volker Lendecke <vl at samba.org>
Date: Mon May 4 12:36:13 2009 +0200
3.3: Increase debug level of "create_connection_server_info failed" message
I don't think we should unconditionally send every refused connection attempt
to a share to syslog, that's where all debug level 0 messages end up.
commit 1921d77fa2490bd19aded05924a62795641231ea
Author: Michael Adam <obnox at samba.org>
Date: Tue May 5 17:02:46 2009 +0200
s3:mark registry shares without path unavailable in the server, too
This prevents users from getting access to "/" in misconfigured setups.
Michael
commit 1d345210381b1f543c2ccaa6e66f52532916413e
Author: Michael Adam <obnox at samba.org>
Date: Tue Apr 28 01:24:27 2009 +0200
s3:loadparm: mark registry shares without path unavailable
...just as with text config.
This applies to testparm and friends.
smbd is fixed in a second patch.
Michael
commit a100a9c48d73df69851099e15253a65f2dbc9f65
Author: Michael Adam <obnox at samba.org>
Date: Mon Apr 27 18:10:14 2009 +0200
s3:loadparm: prevent infinite include nesting.
This introduces a hard coded MAX_INCLUDE_DEPTH of 100.
When this is exceeded, handle_include (and hence lp_load) fails.
One could of course implement a more intelligent loop detection
in the include-tree, but this would require some restructuring
of the internal loadparm housekeeping. Maybe as a second improvement
step.
Michael
-----------------------------------------------------------------------
Summary of changes:
source/lib/ctdbd_conn.c | 5 +++++
source/param/loadparm.c | 24 ++++++++++++++++++++++--
source/smbd/service.c | 6 +++++-
3 files changed, 32 insertions(+), 3 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/lib/ctdbd_conn.c b/source/lib/ctdbd_conn.c
index 7c32d57..465c09a 100644
--- a/source/lib/ctdbd_conn.c
+++ b/source/lib/ctdbd_conn.c
@@ -1094,6 +1094,11 @@ NTSTATUS ctdbd_traverse(uint32 db_id,
struct ctdbd_traverse_state state;
status = ctdbd_init_connection(NULL, &conn);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(0, ("ctdbd_init_connection failed: %s\n",
+ nt_errstr(status)));
+ return status;
+ }
t.db_id = db_id;
t.srvid = conn->rand_srvid;
diff --git a/source/param/loadparm.c b/source/param/loadparm.c
index 5cb9476..c7b06a4 100644
--- a/source/param/loadparm.c
+++ b/source/param/loadparm.c
@@ -6585,6 +6585,9 @@ static bool process_registry_service(struct smbconf_service *service)
return false;
}
}
+ if (iServiceIndex >= 0) {
+ return service_ok(iServiceIndex);
+ }
return true;
}
@@ -6672,6 +6675,10 @@ done:
return ret;
}
+#define MAX_INCLUDE_DEPTH 100
+
+static uint8_t include_depth;
+
static struct file_lists {
struct file_lists *next;
char *name;
@@ -6859,12 +6866,22 @@ static bool handle_include(int snum, const char *pszParmValue, char **ptr)
{
char *fname;
+ if (include_depth >= MAX_INCLUDE_DEPTH) {
+ DEBUG(0, ("Error: Maximum include depth (%u) exceeded!\n",
+ include_depth));
+ return false;
+ }
+
if (strequal(pszParmValue, INCLUDE_REGISTRY_NAME)) {
if (!bAllowIncludeRegistry) {
return true;
}
if (bInGlobalSection) {
- return process_registry_globals();
+ bool ret;
+ include_depth++;
+ ret = process_registry_globals();
+ include_depth--;
+ return ret;
} else {
DEBUG(1, ("\"include = registry\" only effective "
"in %s section\n", GLOBAL_NAME));
@@ -6881,7 +6898,10 @@ static bool handle_include(int snum, const char *pszParmValue, char **ptr)
string_set(ptr, fname);
if (file_exist(fname, NULL)) {
- bool ret = pm_process(fname, do_section, do_parameter, NULL);
+ bool ret;
+ include_depth++;
+ ret = pm_process(fname, do_section, do_parameter, NULL);
+ include_depth--;
SAFE_FREE(fname);
return ret;
}
diff --git a/source/smbd/service.c b/source/smbd/service.c
index 5e75fce..4724dd7 100644
--- a/source/smbd/service.c
+++ b/source/smbd/service.c
@@ -286,6 +286,10 @@ static int load_registry_service(const char *servicename)
TALLOC_FREE(value);
}
+ if (!service_ok(res)) {
+ res = -1;
+ }
+
error:
TALLOC_FREE(key);
@@ -736,7 +740,7 @@ static connection_struct *make_connection_snum(int snum, user_struct *vuser,
&conn->server_info);
if (!NT_STATUS_IS_OK(status)) {
- DEBUG(0, ("create_connection_server_info failed: %s\n",
+ DEBUG(1, ("create_connection_server_info failed: %s\n",
nt_errstr(status)));
*pstatus = status;
conn_free(conn);
--
Samba Shared Repository
More information about the samba-cvs
mailing list