[SCM] Samba Shared Repository - branch v3-6-stable updated
Karolin Seeger
kseeger at samba.org
Fri Nov 29 01:09:15 MST 2013
The branch, v3-6-stable has been updated
via 20cbf46 WHATSNEW: Add release notes for Samba 3.6.21.
via b1a57fd spoolss: accept XPS_PASS datatype used by Windows 8
via 4a8e46d xattr: fix listing EAs on *BSD for non-root users
via 358366f Fix bug #10118 - Samba is chatty about being unable to open a printer. (cherry picked from commit 906db4fe8e6de2de67afa4655603e67d887c370b)
via 47bd5f0 nsswitch: Fix short writes in winbind_write_sock
via 81ce51d s3-winbind: Send online/offline message of the domain to the parent.
via c70ff54 s3-winbind: Register handlers for domain online/offline messages.
via 084f367 s3-winbind: Add functions for domain online/offline handling.
via 543013a idl: Add a new message for winbind domain states.
via b8da65a Fix bug #10187 - Missing talloc_free can leak stackframe in error path.
via a70e6b9 Fix is_legal_name() to not emit character conversion error messages.
via 2f9c9b7 s3: smb2 server - fix bug 10167 smb2 breaks "smb encryption = mandatory
from f9dd9ce VERSION: Bump version up to 3.6.21.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-stable
- Log -----------------------------------------------------------------
commit 20cbf46fd8cb1a9a32d73d1c4071b6eb74c7ff84
Author: Karolin Seeger <kseeger at samba.org>
Date: Thu Nov 28 10:40:40 2013 +0100
WHATSNEW: Add release notes for Samba 3.6.21.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
(cherry picked from commit c458263e352328db49becec65157e9ec477bdacc)
commit b1a57fd6ebcd303e5b30b652afbe2baf8ee1d091
Author: Arvid Requate <requate at univention.de>
Date: Thu Nov 21 12:35:20 2013 +0100
spoolss: accept XPS_PASS datatype used by Windows 8
The new v4 driver model used in Windows 8 declares print jobs
intended to bypass the XPS processing layer by setting datatype to
"XPS_PASS" instead of "RAW".
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10267
Reviewed-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit b2815b4c8c3e436a79fb7f07be285a417fd6e8cb)
(cherry picked from commit 4cfd6597bceeb0ef10d14bb7a48badd2264e85a6)
commit 4a8e46d173923381861195b7f17801afc27c0c01
Author: Jeremy Allison <jra at samba.org>
Date: Tue Nov 12 12:17:26 2013 -0800
xattr: fix listing EAs on *BSD for non-root users
Thanks to Stefan Rompf for reporting.
This fixes bug #10247
Back-ported to 3.6.next from master commit 374b2cfde74e0c61f4b2da724b30d0e430596092
Signed-off-by: Bjoern Jacke <bj at sernet.de>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit d984e764073df34729e5410026d6fa618699126f)
commit 358366fe7de8e3891ff39405d5038e53a2acec23
Author: Korobkin <korobkin+samba at gmail.com>
Date: Tue Oct 29 11:25:12 2013 +0100
Fix bug #10118 - Samba is chatty about being unable to open a printer.
(cherry picked from commit 906db4fe8e6de2de67afa4655603e67d887c370b)
commit 47bd5f0d7b677e9806770b3ba4dc162923c8f073
Author: Volker Lendecke <vl at samba.org>
Date: Tue Oct 15 08:23:10 2013 +0000
nsswitch: Fix short writes in winbind_write_sock
We set the socket to nonblocking and don't handle EAGAIN right. We do
a poll anyway, so wait for writability, which should fix this.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10195
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit c6909887c26d4e827633acd50b11cf08c6aee0f7)
Signed-off-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 3dfbea723553b268008063b280c808bb30951fdc)
commit 81ce51dd4f3d657ab3b4f6295db6efe6c9315d88
Author: Andreas Schneider <asn at cryptomilk.org>
Date: Thu Oct 10 10:03:32 2013 +0200
s3-winbind: Send online/offline message of the domain to the parent.
https://bugzilla.samba.org/show_bug.cgi?id=10194
Signed-off-by: Andreas Schneider <asn at cryptomilk.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Fri Oct 11 13:37:56 CEST 2013 on sn-devel-104
(cherry picked from commit 275f6586c4d4547978c6ff2f04670b0d8f89fd4b)
(cherry picked from commit 80a5575849c903a3cb4a9bd74f029e5b7c293aa3)
commit c70ff54d091138a6351a43404d843b2a2dcf8292
Author: Andreas Schneider <asn at cryptomilk.org>
Date: Thu Oct 10 10:02:27 2013 +0200
s3-winbind: Register handlers for domain online/offline messages.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10194
Signed-off-by: Andreas Schneider <asn at cryptomilk.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit fc5941622010843d823b5c245eccc68d1d3bce19)
(cherry picked from commit 920f8013ad5c57aaa941d5c7aea335726ed0bbae)
commit 084f367d2b3a25295ac050eab5bf9132e5d6f176
Author: Andreas Schneider <asn at cryptomilk.org>
Date: Thu Oct 10 10:01:40 2013 +0200
s3-winbind: Add functions for domain online/offline handling.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10194
Signed-off-by: Andreas Schneider <asn at cryptomilk.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit 447ec17a6bec814a2ac5cadb74dbef5789f07c52)
(cherry picked from commit 2d226b2717d0a30186636d17a8d890e1b7de8151)
commit 543013a6aba56b1efa2414fadc988a787c77ca71
Author: Andreas Schneider <asn at cryptomilk.org>
Date: Thu Oct 10 09:15:57 2013 +0200
idl: Add a new message for winbind domain states.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10194
Signed-off-by: Andreas Schneider <asn at cryptomilk.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit 1a884636542ba0e54c6d209662a5d1613d727a85)
(cherry picked from commit 272a22e2dba836f60a1f628206c14fe1a24f49c5)
commit b8da65a8b777a449e9ead8bfc55c98ac60384b91
Author: Jeremy Allison <jra at samba.org>
Date: Tue Oct 8 15:01:38 2013 -0700
Fix bug #10187 - Missing talloc_free can leak stackframe in error path.
Fix error path.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>
Autobuild-User(master): David Disseldorp <ddiss at samba.org>
Autobuild-Date(master): Wed Oct 9 03:50:56 CEST 2013 on sn-devel-104
(cherry picked from commit 63f370bdbad94d6aba7a4783d4238fcfc524b055)
commit a70e6b944455c2c24319cc68b8cb15746a469640
Author: Jeremy Allison <jra at samba.org>
Date: Thu Sep 12 14:44:58 2013 -0700
Fix is_legal_name() to not emit character conversion error messages.
Using next_codepoint() does the same check, but without the conversion
message.
Signed-off-by: Jeremy Allison <jra at samba.org>
Fix bug #10139 - valid utf8 filenames cause "invalid conversion error" messages.
(cherry picked from commit ee0ef2a5b4b06fdb723a5232f90212fda5e853d1)
commit 2f9c9b7bb5a1b7c25d1c588fcc0e25ec2b0d9906
Author: Jeremy Allison <jra at samba.org>
Date: Thu Sep 26 02:55:19 2013 -0700
s3: smb2 server - fix bug 10167 smb2 breaks "smb encryption = mandatory
Refuse an SMB2 tcon on a share wher eencryption is required.
SMB2 doesn't support this.
Signed-off-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit e00a2c90847b3c85f089b4f3c96ec6c66b949576)
-----------------------------------------------------------------------
Summary of changes:
WHATSNEW.txt | 64 ++++++++++++++++++++++++++-
nsswitch/wb_common.c | 4 +-
source3/lib/system.c | 4 ++
source3/librpc/idl/messaging.idl | 2 +
source3/rpc_server/spoolss/srv_spoolss_nt.c | 10 +++-
source3/smbd/mangle_hash2.c | 9 ++--
source3/smbd/smb2_tcon.c | 9 ++++
source3/winbindd/winbindd.c | 6 +++
source3/winbindd/winbindd_cm.c | 62 ++++++++++++++++++++++++++
source3/winbindd/winbindd_dual.c | 5 ++
source3/winbindd/winbindd_msrpc.c | 5 +-
source3/winbindd/winbindd_proto.h | 10 ++++
12 files changed, 178 insertions(+), 12 deletions(-)
Changeset truncated at 500 lines:
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index d6b1ebd..d3c4661 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,4 +1,63 @@
==============================
+ Release Notes for Samba 3.6.21
+ November 29, 2013
+ ==============================
+
+
+This is is the latest stable release of Samba 3.6.
+
+
+Changes since 3.6.20:
+---------------------
+
+o Jeremy Allison <jra at samba.org>
+ * BUG 10139: Valid utf8 filenames cause "invalid conversion error"
+ messages.
+ * BUG 10167: s3-smb2 server: smb2 breaks "smb encryption = mandatory".
+ * BUG 10187: Missing talloc_free can leak stackframe in error path.
+ * BUG 10247: xattr: Fix listing EAs on *BSD for non-root users.
+
+
+o Korobkin <korobkin+samba at gmail.com>
+ * BUG 10118: Raise debug level for being unable to open a printer.
+
+
+o Volker Lendecke <vl at samba.org>
+ * BUG 10195: nsswitch: Fix short writes in winbind_write_sock.
+
+
+o Arvid Requate <requate at univention.de>
+ * BUG 10267: Fix Windows 8 printing via local printer drivers.
+
+
+o Andreas Schneider <asn at cryptomilk.org>
+ * BUG 10194: Make offline logon cache updating for cross child domain
+ group membership.
+
+
+######################################################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 3.6 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+Release notes for older releases follow:
+----------------------------------------
+
+ ==============================
Release Notes for Samba 3.6.20
November 11, 2013
==============================
@@ -57,8 +116,9 @@ database (https://bugzilla.samba.org/).
== The Samba Team
======================================================================
-Release notes for older releases follow:
-----------------------------------------
+
+----------------------------------------------------------------------
+
==============================
Release Notes for Samba 3.6.19
diff --git a/nsswitch/wb_common.c b/nsswitch/wb_common.c
index dcfc8a5..3ba2bb5 100644
--- a/nsswitch/wb_common.c
+++ b/nsswitch/wb_common.c
@@ -392,9 +392,9 @@ static int winbind_write_sock(void *buffer, int count, int recursing,
call would not block by calling poll(). */
pfd.fd = winbindd_fd;
- pfd.events = POLLIN|POLLHUP;
+ pfd.events = POLLIN|POLLOUT|POLLHUP;
- ret = poll(&pfd, 1, 0);
+ ret = poll(&pfd, 1, -1);
if (ret == -1) {
winbind_close_sock();
return -1; /* poll error */
diff --git a/source3/lib/system.c b/source3/lib/system.c
index 1ca2f5e..d0e34bc 100644
--- a/source3/lib/system.c
+++ b/source3/lib/system.c
@@ -1801,6 +1801,10 @@ static ssize_t bsd_attr_list (int type, extattr_arg arg, char *list, size_t size
char *buf;
/* Iterate through extattr(2) namespaces */
for(t = 0; t < (sizeof(extattr)/sizeof(extattr[0])); t++) {
+ if (t != EXTATTR_NAMESPACE_USER && geteuid() != 0) {
+ /* ignore all but user namespace when we are not root, see bug 10247 */
+ continue;
+ }
switch(type) {
#if defined(HAVE_EXTATTR_LIST_FILE)
case 0:
diff --git a/source3/librpc/idl/messaging.idl b/source3/librpc/idl/messaging.idl
index 8618d53..df99063 100644
--- a/source3/librpc/idl/messaging.idl
+++ b/source3/librpc/idl/messaging.idl
@@ -91,6 +91,8 @@ interface messaging
MSG_WINBIND_VALIDATE_CACHE = 0x0408,
MSG_WINBIND_DUMP_DOMAIN_LIST = 0x0409,
MSG_WINBIND_IP_DROPPED = 0x040A,
+ MSG_WINBIND_DOMAIN_ONLINE = 0x040B,
+ MSG_WINBIND_DOMAIN_OFFLINE = 0x040C,
/* event messages */
MSG_DUMP_EVENT_LIST = 0x0500,
diff --git a/source3/rpc_server/spoolss/srv_spoolss_nt.c b/source3/rpc_server/spoolss/srv_spoolss_nt.c
index 0f74a44..8372c43 100644
--- a/source3/rpc_server/spoolss/srv_spoolss_nt.c
+++ b/source3/rpc_server/spoolss/srv_spoolss_nt.c
@@ -1744,7 +1744,7 @@ WERROR _spoolss_OpenPrinterEx(struct pipes_struct *p,
result = open_printer_hnd(p, r->out.handle, r->in.printername, 0);
if (!W_ERROR_IS_OK(result)) {
- DEBUG(0,("_spoolss_OpenPrinterEx: Cannot open a printer handle "
+ DEBUG(3,("_spoolss_OpenPrinterEx: Cannot open a printer handle "
"for printer %s\n", r->in.printername));
ZERO_STRUCTP(r->out.handle);
return result;
@@ -5769,7 +5769,13 @@ WERROR _spoolss_StartDocPrinter(struct pipes_struct *p,
*/
if (info_1->datatype) {
- if (strcmp(info_1->datatype, "RAW") != 0) {
+ /*
+ * The v4 driver model used in Windows 8 declares print jobs
+ * intended to bypass the XPS processing layer by setting
+ * datatype to "XPS_PASS" instead of "RAW".
+ */
+ if ((strcmp(info_1->datatype, "RAW") != 0)
+ && (strcmp(info_1->datatype, "XPS_PASS") != 0)) {
*r->out.job_id = 0;
return WERR_INVALID_DATATYPE;
}
diff --git a/source3/smbd/mangle_hash2.c b/source3/smbd/mangle_hash2.c
index 5aafe2f..90d9498 100644
--- a/source3/smbd/mangle_hash2.c
+++ b/source3/smbd/mangle_hash2.c
@@ -626,7 +626,8 @@ static bool is_legal_name(const char *name)
while (*name) {
if (((unsigned int)name[0]) > 128 && (name[1] != 0)) {
/* Possible start of mb character. */
- char mbc[2];
+ size_t size = 0;
+ (void)next_codepoint(name, &size);
/*
* Note that if CH_UNIX is utf8 a string may be 3
* bytes, but this is ok as mb utf8 characters don't
@@ -634,9 +635,9 @@ static bool is_legal_name(const char *name)
* for mb UNIX asian characters like Japanese (SJIS) here.
* JRA.
*/
- if (convert_string(CH_UNIX, CH_UTF16LE, name, 2, mbc, 2, False) == 2) {
- /* Was a good mb string. */
- name += 2;
+ if (size > 1) {
+ /* Was a mb string. */
+ name += size;
continue;
}
}
diff --git a/source3/smbd/smb2_tcon.c b/source3/smbd/smb2_tcon.c
index 5f0e3a9..8b955ff 100644
--- a/source3/smbd/smb2_tcon.c
+++ b/source3/smbd/smb2_tcon.c
@@ -207,6 +207,15 @@ static NTSTATUS smbd_smb2_tree_connect(struct smbd_smb2_request *req,
return NT_STATUS_BAD_NETWORK_NAME;
}
+ /* Don't allow connection if encryption is required. */
+ if (lp_smb_encrypt(snum) == Required) {
+ DEBUG(0,("Connection refused on share %s as encryption is"
+ " required on this share and SMB2 does not support"
+ " this.\n",
+ lp_servicename(snum)));
+ return NT_STATUS_ACCESS_DENIED;
+ }
+
/* create a new tcon as child of the session */
tcon = talloc_zero(req->session, struct smbd_smb2_tcon);
if (tcon == NULL) {
diff --git a/source3/winbindd/winbindd.c b/source3/winbindd/winbindd.c
index 30771eb..f447059 100644
--- a/source3/winbindd/winbindd.c
+++ b/source3/winbindd/winbindd.c
@@ -1078,6 +1078,12 @@ void winbindd_register_handlers(void)
messaging_register(winbind_messaging_context(), NULL,
MSG_WINBIND_ONLINESTATUS, winbind_msg_onlinestatus);
+ /* Handle domain online/offline messages for domains */
+ messaging_register(winbind_messaging_context(), NULL,
+ MSG_WINBIND_DOMAIN_OFFLINE, winbind_msg_domain_offline);
+ messaging_register(winbind_messaging_context(), NULL,
+ MSG_WINBIND_DOMAIN_ONLINE, winbind_msg_domain_online);
+
messaging_register(winbind_messaging_context(), NULL,
MSG_DUMP_EVENT_LIST, winbind_msg_dump_event_list);
diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c
index c502e83..8271279 100644
--- a/source3/winbindd/winbindd_cm.c
+++ b/source3/winbindd/winbindd_cm.c
@@ -337,6 +337,46 @@ static void calc_new_online_timeout_check(struct winbindd_domain *domain)
}
}
+void winbind_msg_domain_offline(struct messaging_context *msg_ctx,
+ void *private_data,
+ uint32_t msg_type,
+ struct server_id server_id,
+ DATA_BLOB *data)
+{
+ const char *domain_name = (const char *)data->data;
+ struct winbindd_domain *domain;
+
+ domain = find_domain_from_name_noinit(domain_name);
+ if (domain == NULL) {
+ return;
+ }
+
+ domain->online = false;
+
+ DEBUG(10, ("Domain %s is marked as offline now.\n",
+ domain_name));
+}
+
+void winbind_msg_domain_online(struct messaging_context *msg_ctx,
+ void *private_data,
+ uint32_t msg_type,
+ struct server_id server_id,
+ DATA_BLOB *data)
+{
+ const char *domain_name = (const char *)data->data;
+ struct winbindd_domain *domain;
+
+ domain = find_domain_from_name_noinit(domain_name);
+ if (domain == NULL) {
+ return;
+ }
+
+ domain->online = true;
+
+ DEBUG(10, ("Domain %s is marked as online now.\n",
+ domain_name));
+}
+
/****************************************************************
Set domain offline and also add handler to put us back online
if we detect a DC.
@@ -344,6 +384,8 @@ static void calc_new_online_timeout_check(struct winbindd_domain *domain)
void set_domain_offline(struct winbindd_domain *domain)
{
+ pid_t parent_pid = getppid();
+
DEBUG(10,("set_domain_offline: called for domain %s\n",
domain->name ));
@@ -391,6 +433,15 @@ void set_domain_offline(struct winbindd_domain *domain)
DEBUG(10,("set_domain_offline: added event handler for domain %s\n",
domain->name ));
+ /* Send a message to the parent that the domain is offline. */
+ if (parent_pid > 1 && !domain->internal) {
+ messaging_send_buf(winbind_messaging_context(),
+ pid_to_procid(parent_pid),
+ MSG_WINBIND_DOMAIN_OFFLINE,
+ (uint8 *)domain->name,
+ strlen(domain->name) + 1);
+ }
+
/* Send an offline message to the idmap child when our
primary domain goes offline */
@@ -415,6 +466,8 @@ void set_domain_offline(struct winbindd_domain *domain)
static void set_domain_online(struct winbindd_domain *domain)
{
+ pid_t parent_pid = getppid();
+
DEBUG(10,("set_domain_online: called for domain %s\n",
domain->name ));
@@ -466,6 +519,15 @@ static void set_domain_online(struct winbindd_domain *domain)
domain->online = True;
+ /* Send a message to the parent that the domain is online. */
+ if (parent_pid > 1 && !domain->internal) {
+ messaging_send_buf(winbind_messaging_context(),
+ pid_to_procid(parent_pid),
+ MSG_WINBIND_DOMAIN_ONLINE,
+ (uint8 *)domain->name,
+ strlen(domain->name) + 1);
+ }
+
/* Send an online message to the idmap child when our
primary domain comes online */
diff --git a/source3/winbindd/winbindd_dual.c b/source3/winbindd/winbindd_dual.c
index f4edf1d..12dd8eb 100644
--- a/source3/winbindd/winbindd_dual.c
+++ b/source3/winbindd/winbindd_dual.c
@@ -1223,6 +1223,11 @@ NTSTATUS winbindd_reinit_after_fork(const struct winbindd_child *myself,
messaging_deregister(winbind_messaging_context(),
MSG_DEBUG, NULL);
+ messaging_deregister(winbind_messaging_context(),
+ MSG_WINBIND_DOMAIN_OFFLINE, NULL);
+ messaging_deregister(winbind_messaging_context(),
+ MSG_WINBIND_DOMAIN_ONLINE, NULL);
+
/* We have destroyed all events in the winbindd_event_context
* in reinit_after_fork(), so clean out all possible pending
* event pointers. */
diff --git a/source3/winbindd/winbindd_msrpc.c b/source3/winbindd/winbindd_msrpc.c
index b14a4f8..b426884 100644
--- a/source3/winbindd/winbindd_msrpc.c
+++ b/source3/winbindd/winbindd_msrpc.c
@@ -944,8 +944,9 @@ static NTSTATUS msrpc_trusted_domains(struct winbindd_domain *domain,
}
status = cm_connect_lsa(domain, tmp_ctx, &lsa_pipe, &lsa_policy);
- if (!NT_STATUS_IS_OK(status))
- return status;
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
status = rpc_trusted_domains(tmp_ctx,
lsa_pipe,
diff --git a/source3/winbindd/winbindd_proto.h b/source3/winbindd/winbindd_proto.h
index a38d54c..82176b2 100644
--- a/source3/winbindd/winbindd_proto.h
+++ b/source3/winbindd/winbindd_proto.h
@@ -150,6 +150,16 @@ enum winbindd_result winbindd_dual_ccache_ntlm_auth(struct winbindd_domain *doma
void winbindd_ccache_save(struct winbindd_cli_state *state);
/* The following definitions come from winbindd/winbindd_cm.c */
+void winbind_msg_domain_offline(struct messaging_context *msg_ctx,
+ void *private_data,
+ uint32_t msg_type,
+ struct server_id server_id,
+ DATA_BLOB *data);
+void winbind_msg_domain_online(struct messaging_context *msg_ctx,
+ void *private_data,
+ uint32_t msg_type,
+ struct server_id server_id,
+ DATA_BLOB *data);
void set_domain_offline(struct winbindd_domain *domain);
void set_domain_online_request(struct winbindd_domain *domain);
--
Samba Shared Repository
More information about the samba-cvs
mailing list