[SCM] Samba Shared Repository - branch v3-4-stable updated - release-3-4-0-61-gc84c8a4

Karolin Seeger kseeger at samba.org
Tue Sep 8 06:40:14 MDT 2009 

The branch, v3-4-stable has been updated
       via  c84c8a4dbb680c0348e4816478fc2e7ad866c065 (commit)
       via  7abfab8b1e41929884ee9210150d0a956c215ed2 (commit)
       via  6cf7b6c25949e59594218e05dbda425204ac99b4 (commit)
       via  92215b3dc8e314cded25497432e1173b595f4692 (commit)
       via  08353855c22128676df0fbd4ed5a5d22daabe54d (commit)
       via  219868a4b5ed114b3b7c87b6c5c776c8f6b2e530 (commit)
      from  857d92c8d5812e348b7375d3acac1983c80688f4 (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-4-stable


- Log -----------------------------------------------------------------
commit c84c8a4dbb680c0348e4816478fc2e7ad866c065
Author: Karolin Seeger <kseeger at samba.org>
Date:   Tue Sep 8 14:39:01 2009 +0200

    WHATSNEW: Update changes since 3.4.0.
    
    Karolin
    (cherry picked from commit d5098d7372fb3ab5991df5ce6daa994372934b39)

commit 7abfab8b1e41929884ee9210150d0a956c215ed2
Author: Günther Deschner <gd at samba.org>
Date:   Tue Sep 8 11:57:52 2009 +0200

    s3-schannel: Fix Bug #6697. Interdomain trusts with Windows 2008 R2 DCs.
    
    The Schannel verifier (aka NL_AUTH_SIGNATURE) structure (32 byte) sent from a
    W2k8r2 DC is passed in a buffer with the size of a NL_AUTH_SHA2_SIGNATURE (56
    byte). We should just ignore the remaining 12 zeroed bytes and proceed.
    
    Guenther
    (cherry picked from commit ebd5019ef422a85119a7ea25025ff22d5a3bd757)

commit 6cf7b6c25949e59594218e05dbda425204ac99b4
Author: Simo Sorce <idra at samba.org>
Date:   Sat Sep 5 10:18:12 2009 -0400

    Check we read off the compelte event from inotify
    
    The kernel may return a short read, so we must use read_data() to make sure we
    read off the full buffer. If somethign bad happens we also need to kill the
    inotify watch because the filedescriptor will return out of sync structures if
    we read only part of the data.
    
    Fixes bug #6693.
    (cherry picked from commit ada543569f498ef526ea9602eb19850e37f62fe2)

commit 92215b3dc8e314cded25497432e1173b595f4692
Author: Bo Yang <boyang at samba.org>
Date:   Sat Jul 18 08:01:56 2009 +0800

    s3: Fix crsh in net usershare list
    
    Signed-off-by: Bo Yang <boyang at samba.org>
    (cherry picked from commit 726762c3793adc4e404dc12420c450a71519bbce)

commit 08353855c22128676df0fbd4ed5a5d22daabe54d
Author: Björn Jacke <bj at sernet.de>
Date:   Wed Jul 15 17:24:14 2009 +0200

    s3: make linking of rpcclient --as-needed safe
    
    Second part of a fix for bug #6105.
    
    (cherry picked from commit 5236b3699da2b5cc55d55310de76e4ab65a8bb46)
    (cherry picked from commit 5839491d9d9e270e807048a4a505ce42bd99ea18)

commit 219868a4b5ed114b3b7c87b6c5c776c8f6b2e530
Author: Peter Volkov <pva at gentoo.org>
Date:   Wed Jul 15 17:36:25 2009 +0200

    s3: make linking of cifs.upcall --as-needed safe
    
    Part of a fix for bug #6105.
    
    See http://www.gentoo.org/proj/en/qa/asneeded.xml for details.
    (cherry picked from commit 2df4550aae1e326511fe4e7e0d2d98be3e578caf)
    (cherry picked from commit b9c07dd26d5177d25b4e136b790ee279aeb63887)

-----------------------------------------------------------------------

Summary of changes:
 WHATSNEW.txt                  |   16 ++++++++++++++++
 source3/Makefile.in           |    6 +++---
 source3/include/rpc_dce.h     |    2 +-
 source3/rpc_client/cli_pipe.c |    2 +-
 source3/smbd/notify_inotify.c |   10 ++++++++--
 source3/utils/net_usershare.c |    1 +
 6 files changed, 30 insertions(+), 7 deletions(-)


Changeset truncated at 500 lines:

diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 165fe11..6e3a393 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -12,6 +12,8 @@ Major enhancements in Samba 3.4.1 include:
    o Fix authentication on member servers without Winbind (bug #6650).
    o Nautilus fails to copy files from an SMB share (bug #6649).
    o Fix connections of Win98 clients (bug #6551).
+   o Fix interdomain trusts with Windows 2008 R2 DCs (bug #6697).
+
 
 
 ######################################################################
@@ -45,12 +47,17 @@ o   Günther Deschner <gd at samba.org>
     * BUG 6568: Fix _spoolss_GetPrintProcessorDirectory() implementation.
     * BUG 6607: Fix crash bug in spoolss_addprinterex_level_2.
     * BUG 6680: Fix authentication failure from Windows 7 when domain joined.
+    * BUG 6697: Fix interdomain trusts with Windows 2008 R2 DCs.
 
 
 o   Olaf Flebbe <flebbe at nix.science-computing.de>
     * BUG 6655: Fix 'smbcontrol smbd ping'.
 
 
+o   Björn Jacke <bj at sernet.de>
+    * BUG 6105: Make linking of rpcclient --as-needed safe.
+
+
 o   Matt Kraai <mkraai at beckman.com>
     * BUG 6630: Fix opening of sockets on QNX.
 
@@ -78,6 +85,14 @@ o   Rusty Russell <rusty at rustcorp.com.au>
     * BUG 6601: Avoid global fd limits.
 
 
+o   Simo Sorce <idra at samba.org>
+    * BUG 6693: Check we read off the complete event from inotify.
+
+
+o   Peter Volkov <pva at gentoo.org>
+    * BUG 6105: Make linking of cifs.upcall --as-needed safe.
+
+
 o   TAKEDA Yasuma <yasuma at osstech.co.jp>
     * BUG 5879: Update LDAP schema for Netscape DS 5.
 
@@ -85,6 +100,7 @@ o   TAKEDA Yasuma <yasuma at osstech.co.jp>
 o   Bo Yang <boyang at samba.org>
     * BUG 6560: Fix lookupname.
     * BUG 6615: Fix browsing of DFS when using kerberos in libsmbclient.
+    * BUG 6688: Fix crash in 'net usershare list'.
 
 
 ######################################################################
diff --git a/source3/Makefile.in b/source3/Makefile.in
index 4001eda..6ac9571 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -1427,10 +1427,10 @@ bin/swat at EXEEXT@: $(BINARY_PREREQS) $(SWAT_OBJ) @BUILD_POPT@ @LIBTALLOC_TARGET@
 
 bin/rpcclient at EXEEXT@: $(BINARY_PREREQS) $(RPCCLIENT_OBJ) @BUILD_POPT@ @LIBTALLOC_TARGET@ @LIBTDB_TARGET@ @LIBWBCLIENT_TARGET@
 	@echo Linking $@
-	@$(CC) -o $@ $(LDFLAGS) $(PASSDB_LIBS) $(RPCCLIENT_OBJ) \
+	@$(CC) -o $@ $(LDFLAGS) $(RPCCLIENT_OBJ) \
 		$(DYNEXP) $(TERMLDFLAGS) $(TERMLIBS) $(LIBS) $(POPT_LIBS) \
 		$(KRB5LIBS) $(LDAP_LIBS) $(LIBTALLOC_LIBS) $(LIBTDB_LIBS) \
-		$(LIBWBCLIENT_LIBS) $(ZLIB_LIBS)
+		$(LIBWBCLIENT_LIBS) $(ZLIB_LIBS) $(PASSDB_LIBS)
 
 bin/smbclient at EXEEXT@: $(BINARY_PREREQS) $(CLIENT_OBJ) @BUILD_POPT@ @LIBTALLOC_TARGET@ @LIBTDB_TARGET@ @LIBWBCLIENT_TARGET@
 	@echo Linking $@
@@ -1468,7 +1468,7 @@ bin/umount.cifs at EXEEXT@: $(BINARY_PREREQS) $(CIFS_UMOUNT_OBJ)
 bin/cifs.upcall at EXEEXT@: $(BINARY_PREREQS) $(CIFS_UPCALL_OBJ) $(LIBSMBCLIENT_OBJ1) @LIBTALLOC_TARGET@ @LIBTDB_TARGET@ @LIBWBCLIENT_TARGET@
 	@echo Linking $@
 	@$(CC) -o $@ $(CIFS_UPCALL_OBJ) $(DYNEXP) $(LDFLAGS) \
-		-lkeyutils $(LIBS) $(LIBSMBCLIENT_OBJ1) $(KRB5LIBS) \
+		$(LIBSMBCLIENT_OBJ1) $(LIBS) -lkeyutils $(KRB5LIBS) \
 		$(LDAP_LIBS) $(LIBTALLOC_LIBS) $(LIBWBCLIENT_LIBS) \
 		$(LIBTDB_LIBS) $(NSCD_LIBS)
 
diff --git a/source3/include/rpc_dce.h b/source3/include/rpc_dce.h
index 580b14f..d3c5c42 100644
--- a/source3/include/rpc_dce.h
+++ b/source3/include/rpc_dce.h
@@ -150,7 +150,7 @@ enum schannel_direction {
 };
 
 /* Maximum size of the signing data in a fragment. */
-#define RPC_MAX_SIGN_SIZE 0x20 /* 32 */
+#define RPC_MAX_SIGN_SIZE 0x38 /* 56 */
 
 /* Maximum PDU fragment size. */
 /* #define MAX_PDU_FRAG_LEN 0x1630		this is what wnt sets */
diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c
index 57f49fb..9aba938 100644
--- a/source3/rpc_client/cli_pipe.c
+++ b/source3/rpc_client/cli_pipe.c
@@ -683,7 +683,7 @@ static NTSTATUS cli_pipe_verify_schannel(struct rpc_pipe_client *cli, RPC_HDR *p
 		return NT_STATUS_OK;
 	}
 
-	if (auth_len != RPC_AUTH_SCHANNEL_SIGN_OR_SEAL_CHK_LEN) {
+	if (auth_len < RPC_AUTH_SCHANNEL_SIGN_OR_SEAL_CHK_LEN) {
 		DEBUG(0,("cli_pipe_verify_schannel: auth_len %u.\n", (unsigned int)auth_len ));
 		return NT_STATUS_INVALID_PARAMETER;
 	}
diff --git a/source3/smbd/notify_inotify.c b/source3/smbd/notify_inotify.c
index 8237e4a..a12c0a6 100644
--- a/source3/smbd/notify_inotify.c
+++ b/source3/smbd/notify_inotify.c
@@ -232,6 +232,7 @@ static void inotify_handler(struct event_context *ev, struct fd_event *fde,
 	int bufsize = 0;
 	struct inotify_event *e0, *e;
 	uint32_t prev_cookie=0;
+	NTSTATUS status;
 
 	/*
 	  we must use FIONREAD as we cannot predict the length of the
@@ -247,9 +248,14 @@ static void inotify_handler(struct event_context *ev, struct fd_event *fde,
 	e0 = e = (struct inotify_event *)TALLOC_SIZE(in, bufsize);
 	if (e == NULL) return;
 
-	if (sys_read(in->fd, e0, bufsize) != bufsize) {
-		DEBUG(0,("Failed to read all inotify data\n"));
+	status = read_data(in->fd, (char *)e0, bufsize);
+	if (!NT_STATUS_IS_OK(status)) {
+		DEBUG(0,("Failed to read all inotify data - %s\n",
+			nt_errstr(status)));
 		talloc_free(e0);
+		/* the inotify fd will now be out of sync,
+		 * can't keep reading data off it */
+		TALLOC_FREE(fde);
 		return;
 	}
 
diff --git a/source3/utils/net_usershare.c b/source3/utils/net_usershare.c
index ce8e821..314f916 100644
--- a/source3/utils/net_usershare.c
+++ b/source3/utils/net_usershare.c
@@ -998,6 +998,7 @@ static int net_usershare_list(struct net_context *c, int argc,
 
 	pi.ctx = ctx;
 	pi.op = US_LIST_OP;
+	pi.c = c;
 
 	ret = process_share_list(info_fn, &pi);
 	talloc_destroy(ctx);


-- 
Samba Shared Repository

More information about the samba-cvs mailing list