[SCM] Samba Shared Repository - branch v4-1-test updated
Karolin Seeger
kseeger at samba.org
Mon Sep 1 15:47:03 MDT 2014
The branch, v4-1-test has been updated
via 391b29a s3: winbindd: On new client connect, prune idle or hung connections older than "winbind request timeout"
via fa781e2 s3: winbindd: Add new parameter "winbind request timeout" set to 60 seconds with man page.
via 121cad3 dosmode: fix FSCTL_SET_SPARSE request validation
via a5f0ec0 smbd: Properly initialize mangle_hash
via 708986f Don't discard result of checking grouptype
via 7a58844 docs: Fix typos in smb.conf (inherit acls)
via df9396a samba: Retain case sensitivity of cifs client
via c556d3e lib: strings: Simplify strcasecmp
via 7c54339 s4: tests: Added local.charset test for Bug 10716 - smbd constantly crashes when filename contains non-ascii character
via 2765daa lib: strings: Fix the behavior of strncasecmp_m_handle() in the face of bad conversions.
via a8cbd5a lib: strings: Fix the behavior of strcasecmp_m_handle() in the face of bad conversions.
via 5df60b2 printing: reload printer shares on OpenPrinter
via 00a0c2d smbd: split printer reload processing
via 44a3d3f server: remove duplicate snum_is_shared_printer()
via 728e951 smbd: only reprocess printer_list.tdb if it changed
via 5a647c5 printing: return last change time with pcap_cache_loaded()
via b8042f8 printing: remove pcap_cache_add()
via 62df2fd printing: reload printer_list.tdb from in memory list
via 0fae4d3 printing: only reload printer shares on client enum
via 83f448d printing: traverse_read the printer list for share updates
via b95dbbe s3: smbd : SMB2 - fix SMB2_SEARCH when searching non wildcard string with a case-canonicalized share.
via 925a98d s3: smbd - SMB[2|3]. Ensure a \ or / can't be found anywhere in a search path, not just at the start.
via 3e6e260 s3: enforce a positive allocation_file_size for non-empty files (bug #10543)
via 834d1f6 passdb: fix NT_STATUS_NO_SUCH_GROUP
via 9bac84f s3:libsmb: Set a max charge for SMB2 connections
via 3a0ee0a s3: smbd: POSIX ACLs. Remove incorrect check for SECINFO_PROTECTED_DACL in incoming security_information flags in posix_get_nt_acl_common().
via 42149a9 libcli/security: add better detection of SECINFO_[UN]PROTECTED_[D|S]ACL in get_sec_info()
via 83c039c s3:smbd: mask security_information input values with SMB_SUPPORTED_SECINFO_FLAGS
via f5d7b2d security.idl: add SMB_SUPPORTED_SECINFO_FLAGS
via 1c92a1a Fixed a memory leak in cli_set_mntpoint().
via 99f8ca1 lib: Remove unused nstrcpy
via c78ff84 build: fix configure to honour --without-dmapi
from 93c30e2 tests: dnsserver: Add a update test with name set to '.'
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-1-test
- Log -----------------------------------------------------------------
commit 391b29a597cd68091fbfc88c0f5471c3198c43da
Author: Jeremy Allison <jra at samba.org>
Date: Fri Jul 25 12:46:46 2014 -0700
s3: winbindd: On new client connect, prune idle or hung connections older than "winbind request timeout"
Bug 3204 winbindd: Exceeding 200 client connections, no idle connection found
https://bugzilla.samba.org/show_bug.cgi?id=3204
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ira Cooper <ira at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Jul 29 23:31:14 CEST 2014 on sn-devel-104
(cherry picked from commit f9588675ea3cb2f1fabd07a4ea8b2138d65aee83)
Autobuild-User(v4-1-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-1-test): Mon Sep 1 23:46:50 CEST 2014 on sn-devel-104
commit fa781e279b0bc11c69d05ca8dcb1ccf321b018ff
Author: Jeremy Allison <jra at samba.org>
Date: Tue Jul 29 14:53:11 2014 -0700
s3: winbindd: Add new parameter "winbind request timeout" set to 60 seconds with man page.
"This parameter specifies the number of seconds the winbindd
daemon will wait before disconnecting either a client connection
with no outstanding requests (idle) or a client connection with a
request that has remained outstanding (hung) for longer than this
number of seconds."
Bug 3204 winbindd: Exceeding 200 client connections, no idle connection found
https://bugzilla.samba.org/show_bug.cgi?id=3204
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ira Cooper <ira at samba.org>
commit 121cad350d1ce45558e082b4b504a5aa72bf767c
Author: David Disseldorp <ddiss at samba.org>
Date: Wed Aug 27 15:42:00 2014 +0200
dosmode: fix FSCTL_SET_SPARSE request validation
Check that FSCTL_SET_SPARSE requests does not refer to directories. Also
reject such requests when issued over IPC or printer share connections.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10787
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Aug 28 04:22:37 CEST 2014 on sn-devel-104
(cherry picked from commit 0751495b1327d002b79482632b7c590cae6e3f9d)
commit a5f0ec0a6bbc747b5d368c98d2692c6c579c7b15
Author: Volker Lendecke <vl at samba.org>
Date: Tue Aug 19 14:32:15 2014 +0000
smbd: Properly initialize mangle_hash
[Bug 10782] mangle_hash() can fail to initialize charset (smbd crash).
https://bugzilla.samba.org/show_bug.cgi?id=10782
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Aug 26 01:30:38 CEST 2014 on sn-devel-104
commit 708986f68b497ad8aa2bf2c84337a1d4c75a1e2d
Author: Roel van Meer <roel at 1afa.com>
Date: Fri Aug 22 15:11:04 2014 +0200
Don't discard result of checking grouptype
The pdb_samba_dsdb_getgrfilter() function first determines the security type
of a group and sets map->sid_name_use accordingly. A little later, this
variable is set again, undoing the previous work.
https://bugzilla.samba.org/show_bug.cgi?id=10777
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Simo Sorce <idra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Sat Aug 23 02:48:52 CEST 2014 on sn-devel-104
commit 7a588447a88acf03e749284a8f99b6053efc537f
Author: Marc Muehlfeld <mmuehlfeld at samba.org>
Date: Wed Aug 6 21:36:26 2014 +0200
docs: Fix typos in smb.conf (inherit acls)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10761
Signed-off-by: Marc Muehlfeld <mmuehlfeld at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>
Autobuild-User(master): David Disseldorp <ddiss at samba.org>
Autobuild-Date(master): Thu Aug 7 00:52:42 CEST 2014 on sn-devel-104
(cherry picked from commit 4639f6d7bab9d8d6ee46bf5c65ff73a17a56cb17)
commit df9396a9c779bdf620c0940c67947e6d2ab5394a
Author: Shirish Pargaonkar <spargaonkar at suse.com>
Date: Sat Jul 26 10:41:25 2014 -0500
samba: Retain case sensitivity of cifs client
When a client supports extended security but server does not,
and that client, in Flags2 field of smb header indicates that
- it supports extended security negotiation
- it does not support security signatures
- it does not require security signatures
Samba server treats a client as a Vista client.
That turns off case sensitivity and that is a problem for cifs vfs client.
So include remote cifs client along with remote samba client
to not do so otherwise.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10755
Signed-off-by: Shirish Pargaonkar <spargaonkar at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>
Autobuild-User(master): David Disseldorp <ddiss at samba.org>
Autobuild-Date(master): Fri Aug 1 16:11:43 CEST 2014 on sn-devel-104
(cherry picked from commit a0583976da2ba09da0fd94f739ed4f5851e2a858)
commit c556d3e4f253bf2161787ce435228aa70ec2fc96
Author: Volker Lendecke <vl at samba.org>
Date: Tue Aug 5 09:21:07 2014 +0000
lib: strings: Simplify strcasecmp
This makes us fallback to strcasecmp early if any INVALID_CODEPOINT
appears. Without this patch we just continue to compare if both strings
happen to have an INVALID_CODEPOINT in the same spot.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10716
smbd constantly crashes when filename contains non-ascii character
commit 7c54339555fde4e3703b22c40076c71746454d3e
Author: Jeremy Allison <jra at samba.org>
Date: Mon Aug 4 13:36:42 2014 -0700
s4: tests: Added local.charset test for Bug 10716 - smbd constantly crashes when filename contains non-ascii character
https://bugzilla.samba.org/show_bug.cgi?id=10716
Signed-off-by: Jeremy Allison <jra at samba.org>
commit 2765daab0a662ba7a3fb75eb0ea09185c9f11891
Author: Jeremy Allison <jra at samba.org>
Date: Fri Aug 1 21:38:59 2014 -0700
lib: strings: Fix the behavior of strncasecmp_m_handle() in the face of bad conversions.
When either string has a bad conversion, we fall back to
doing raw ascii byte comparisons using strcasecmp(). This
is wrong - we should fall back to strncasecmp.
The problem is we've already stepped past the character
that failed the conversion, so we're not re-testing those
characters for comparison. This can have the effect of
causing strncasecmp_m_handle() to report that two strings
are identical when they are not, if the failed conversion
takes place at the end of the string.
The correct behavior is to step back to the point of
the string(s) that failed the conversion, and continue
the test from there.
This is a litle trickier than the previous fix, as
it requires converting the incoming n variable from
remaining characters to compare to remaining bytes to
compare.
As bytes are always the smallest character size
(1 byte) then it's safe to convert the remaining
characters to check by decrementing the source string
by the last character length (in bytes) and incrementing
the remaining bytes to scan by the same value, then
calling strncasecmp() with the stepped back strings
remaining.
Signed-off-by: Jeremy Allison <jra at samba.org>
commit a8cbd5a9997920b267e94a3070aef0afa94aa8bf
Author: Jeremy Allison <jra at samba.org>
Date: Fri Aug 1 21:29:21 2014 -0700
lib: strings: Fix the behavior of strcasecmp_m_handle() in the face of bad conversions.
When either string has a bad conversion, we fall back to
doing raw ascii byte comparisons using strcasecmp().
The problem is we've already stepped past the character
that failed the conversion, so we're not re-testing those
characters for comparison. This can have the effect of
causing strcasecmp_m_handle() to report that two strings
are identical when they are not, if the failed conversion
takes place at the end of the string.
The correct behavior is to step back to the point of
the string(s) that failed the conversion, and continue
the test from there.
Found by <lev at zadarastorage.com> when investigating bug
10716 - smbd constantly crashes when filename contains non-ascii character.
Given the normal character set of utf-8, and an on
disk filename of ISO-8859-1 of file-é on disk hex
value: 66 69 6c 65 2d e9, an incoming open given the
correct utf8 name of file-é will collide when it
should not.
Fixes:
Bug 10716 - smbd constantly crashes when filename contains non-ascii character
https://bugzilla.samba.org/show_bug.cgi?id=10716
Signed-off-by: Jeremy Allison <jra at samba.org>
commit 5df60b233e7d66da662ba4ccea6b28cd0cae85ec
Author: David Disseldorp <ddiss at samba.org>
Date: Tue Aug 5 17:33:33 2014 +0200
printing: reload printer shares on OpenPrinter
The printer share inventory should be reloaded on open _and_
enumeration, as there are some clients, such as cupsaddsmb, that do not
perform an enumeration prior to access.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10652
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Fri Aug 8 16:33:50 CEST 2014 on sn-devel-104
(cherry picked from commit 1ad71f79eb473822d36d9629cf52c2fca4c53752)
commit 00a0c2d04839e628e1e557648862161a796208a0
Author: David Disseldorp <ddiss at samba.org>
Date: Fri Aug 1 16:25:59 2014 +0200
smbd: split printer reload processing
All printer inventory updates are currently done via
delete_and_reload_printers(), which handles registry.tdb updates for
added or removed printers, AD printer unpublishing on removal, as well
as share service creation and deletion.
This change splits this functionality into two functions such that
per-client smbd processes do not perform registry.tdb updates or printer
unpublishing. This is now only performed by the process that performs
the printcap cache update.
This change is similar to ac6604868d1325dd4c872dc0f6ab056d10ebaecf from
the 3.6 branch.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10652
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 2706af4d78fc9a47a4ac45b373edf276e3a9b354)
commit 44a3d3fa33fdc213fd38bc502cd29fe966d315e6
Author: David Disseldorp <ddiss at samba.org>
Date: Tue Aug 5 18:45:24 2014 +0200
server: remove duplicate snum_is_shared_printer()
Only keep a single definition in server_reload.c
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10652
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 2685df1177ffd39b1af34eb116bd7b24d4b12974)
commit 728e951923ab7a3f8a9e3dcf2179ef9132e668d1
Author: David Disseldorp <ddiss at samba.org>
Date: Wed Jul 23 14:42:00 2014 +0200
smbd: only reprocess printer_list.tdb if it changed
The per-client smbd printer share inventory is currently updated from
printer_list.tdb when a client enumerates printers, via EnumPrinters or
NetShareEnum.
printer_list.tdb is populated by the background print process, based on
the latest printcap values retrieved from the printing backend (e.g.
CUPS) at regular intervals.
This change ensures that per-client smbd processes don't reparse
printer_list.tdb if it hasn't been updated since the last enumeration.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10652
Suggested-by: Volker Lendecke <vl at samba.org>
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit a2182e03a061de6c1f111ce083cb5f668fe75e4e)
commit 5a647c5258f57c93563a4e962aa712221874bf2d
Author: David Disseldorp <ddiss at samba.org>
Date: Wed Jul 23 12:12:34 2014 +0200
printing: return last change time with pcap_cache_loaded()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10652
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 30ce835670a6aeca6fb960ea7c4fe1b982bdd5b0)
commit b8042f8cd59197887013ad23efd3ebb7d6138aff
Author: David Disseldorp <ddiss at samba.org>
Date: Fri Jul 25 12:18:54 2014 +0200
printing: remove pcap_cache_add()
All print list updates are now done via pcap_cache_replace(), which can
call into the print_list code directly.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10652
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 6d75e20ca8acf1a55838694ac77940e21e9a1e6a)
commit 62df2fd3cfe07e3dd03688a3be0719755a2739ff
Author: David Disseldorp <ddiss at samba.org>
Date: Tue Jul 22 20:17:38 2014 +0200
printing: reload printer_list.tdb from in memory list
This will allow in future for a single atomic printer_list.tdb update.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10652
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit e5e6e2c796f026ee6b04f99b327941d57b9bd026)
commit 0fae4d37ab6f11496b4e2297871050dbc769f005
Author: David Disseldorp <ddiss at samba.org>
Date: Fri Jul 11 17:00:05 2014 +0200
printing: only reload printer shares on client enum
Currently, automatic printer share updates are handled in the following
way:
- Background printer process (BPP) forked on startup
- Parent smbd and per-client children await MSG_PRINTER_PCAP messages
- BPP periodically polls the printing backend for printcap data
- printcap data written to printer_list.tdb
- MSG_PRINTER_PCAP sent to all smbd processes following update
- smbd processes all read the latest printer_list.tdb data, and update
their share listings
This procedure is not scalable, as all smbd processes hit
printer_list.tdb in parallel, resulting in a large spike in CPU usage.
This change sees smbd processes only update their printer share lists
only when a client asks for this information, e.g. via NetShareEnum or
EnumPrinters.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10652
Suggested-by: Volker Lendecke <vl at samba.org>
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 4f4501ac1f35ab15f25d207c0d33e7c4d1abdf38)
commit 83f448d7f3e6cce42a4b3070f45c84b85ec23ec0
Author: David Disseldorp <ddiss at samba.org>
Date: Thu Jul 10 00:18:10 2014 +0200
printing: traverse_read the printer list for share updates
The printcap update procedure involves the background printer process
obtaining the printcap information from the printing backend, writing
this to printer_list.tdb, and then notifying all smbd processes of the
new list. The processes then all attempt to simultaneously traverse
printer_list.tdb, in order to update their local share lists.
With a large number of printers, and a large number of per-client smbd
processes, this traversal results in significant lock contention, mostly
due to the fact that the traversal is unnecessarily done with an
exclusive (write) lock on the printer_list.tdb database.
This commit changes the share update code path to perform a read-only
traversal.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10652
Reported-by: Alex K <korobkin+samba at gmail.com>
Reported-by: Franz Pförtsch <franz.pfoertsch at brose.com>
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 1e83435eac2cef03fccb4cf69ef5e0bfbd710410)
commit b95dbbeab9c03b354d9c8cff9ebb9f66411af851
Author: Jeremy Allison <jra at samba.org>
Date: Tue Jun 10 15:58:15 2014 -0700
s3: smbd : SMB2 - fix SMB2_SEARCH when searching non wildcard string with a case-canonicalized share.
We need to go through filename_convert() in order for the filename
canonicalization to be done on a non-wildcard search string (as is
done in the SMB1 findfirst code path).
Fixes Bug #10650 - "case sensitive = True" option doesn't work with "max protocol = SMB2" or higher in large directories.
https://bugzilla.samba.org/show_bug.cgi?id=10650
Signed-off-by: Jeremy Allison <jra at samba.org>
commit 925a98da0ce84cbfa3101834cc1aa58f2d0dc89b
Author: Jeremy Allison <jra at samba.org>
Date: Tue Jun 10 14:41:45 2014 -0700
s3: smbd - SMB[2|3]. Ensure a \ or / can't be found anywhere in a search path, not just at the start.
Signed-off-by: Jeremy Allison <jra at samba.org>
commit 3e6e260cef8182df1aaefaf09a4d6b064ea6e501
Author: Björn Baumbach <bb at sernet.de>
Date: Thu Mar 27 11:17:30 2014 +0100
s3: enforce a positive allocation_file_size for non-empty files (bug #10543)
Some file systems do not allocate a block for very
small files. But for non-empty file should report a
positive size.
Pair-Programmed-With: Michael Adam <obnox at samba.org>
Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Sat Apr 5 03:09:00 CEST 2014 on sn-devel-104
(cherry picked from commit c35b31f45244a8339684c3b83a7d86eefb80e0da)
commit 834d1f653fefa62ad212ee70c7cf793d17fb720b
Author: Arvid Requate <requate at univention.de>
Date: Thu Jan 17 16:44:28 2013 +0100
passdb: fix NT_STATUS_NO_SUCH_GROUP
Share options like "force group" and "valid users = @group1"
triggered a NT_STATUS_NO_SUCH_GROUP. While the group was found in
the SAM backend, its objectclass was not retrived.
This fix also revealed a talloc access after free in the group
branch of pdb_samba_dsdb_getgrfilter.
[Bug 9570] Access failure for shares with "force group" or "valid users = @group"
https://bugzilla.samba.org/show_bug.cgi?id=9570
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 9bac84f9fc2943a546099db04a8e0322493ae365
Author: Ross Lagerwall <rosslagerwall at gmail.com>
Date: Thu Aug 21 07:32:36 2014 +0100
s3:libsmb: Set a max charge for SMB2 connections
Set a max charge for SMB2 connections so that larger request sizes can
be used and more requests can be in flight.
Signed-off-by: Ross Lagerwall <rosslagerwall at gmail.com>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Thu Aug 21 17:31:11 CEST 2014 on sn-devel-104
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10778
libsmbclient with SMB2 doesn't pipeline or use large blocks
commit 3a0ee0aba0d49f1e35cc03ce1b1b9a29ec2fdcf6
Author: Jeremy Allison <jra at samba.org>
Date: Thu Aug 21 16:28:42 2014 -0700
s3: smbd: POSIX ACLs. Remove incorrect check for SECINFO_PROTECTED_DACL in incoming security_information flags in posix_get_nt_acl_common().
Tidy-up of code obsoleted by fixes for bug #10773 (SECINFO_PROTECTED_DACL is not ignored).
We now never pass SECINFO_PROTECTED_DACL in security_information flags to this layer.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10773
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Fri Aug 22 11:26:57 CEST 2014 on sn-devel-104
commit 42149a93978e8bab61746582477d8ce1f733e80f
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Aug 20 15:00:59 2014 +0200
libcli/security: add better detection of SECINFO_[UN]PROTECTED_[D|S]ACL in get_sec_info()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10773
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Fri Aug 22 02:52:50 CEST 2014 on sn-devel-104
commit 83c039ce721d38e6aa6b4b3e51b1fdbfecce2615
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Aug 20 13:58:38 2014 +0200
s3:smbd: mask security_information input values with SMB_SUPPORTED_SECINFO_FLAGS
Sometimes Windows clients doesn't filter SECINFO_[UN]PROTECTED_[D|S]ACL flags
before sending the security_information to the server.
security_information = SECINFO_PROTECTED_DACL| SECINFO_DACL
results in a NULL dacl being returned from an GetSecurityDecriptor
request. This happens because posix_get_nt_acl_common()
has the following logic:
if ((security_info & SECINFO_DACL) && !(security_info & SECINFO_PROTECTED_DACL)) {
... create DACL ...
}
I'm not sure if the logic is correct or wrong in this place (I guess it's
wrong...).
But what I know is that the SMB server should filter the given
security_information flags before passing to the filesystem.
[MS-SMB2] 3.3.5.20.3 Handling SMB2_0_INFO_SECURITY
...
The server MUST ignore any flag value in the AdditionalInformation field that
is not specified in section 2.2.37.
Section 2.2.37 lists:
OWNER_SECURITY_INFORMATION
GROUP_SECURITY_INFORMATION
DACL_SECURITY_INFORMATION
SACL_SECURITY_INFORMATION
LABEL_SECURITY_INFORMATION
ATTRIBUTE_SECURITY_INFORMATION
SCOPE_SECURITY_INFORMATION
BACKUP_SECURITY_INFORMATION
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10773
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit f5d7b2d5c7795cbcf07e483a7f880073765e3ede
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Aug 20 13:43:13 2014 +0200
security.idl: add SMB_SUPPORTED_SECINFO_FLAGS
A SMB server should only care about specific SECINFO flags
and ignore others e.g. SECINFO_PROTECTED_DACL.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10773
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 1c92a1a7da98d2463fbbd9bf02ad3726d0e5ab11
Author: Har Gagan Sahai <SHarGagan at novell.com>
Date: Wed Aug 6 14:32:35 2014 +0530
Fixed a memory leak in cli_set_mntpoint().
Fixes bug #10759 - Memory leak in libsmbclient in cli_set_mntpoint function
https://bugzilla.samba.org/show_bug.cgi?id=10759
Signed-off-by: Har Gagan Sahai <SHarGagan at novell.com>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Aug 13 04:36:50 CEST 2014 on sn-devel-104
commit 99f8ca106ada0007fca1b9c014427834cf460ef9
Author: Volker Lendecke <vl at samba.org>
Date: Mon Aug 4 07:29:14 2014 +0200
lib: Remove unused nstrcpy
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10758
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Mon Aug 4 09:58:16 CEST 2014 on sn-devel-104
Signed-off-by: Volker Lendecke <vl at samba.org>
commit c78ff84f7a8a2b2f4be280ea9d79ada114722f11
Author: Michael Adam <obnox at samba.org>
Date: Mon Aug 18 11:42:27 2014 +0200
build: fix configure to honour --without-dmapi
Previously, --without-dmapi would still autodetect and link a useable dmapi
library. This change allows to build without dmapi support even when a dmapi
library is found.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10369
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Michael Adam <obnox at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 2afacf940f21759c08bcc4a6e906428595966a19)
-----------------------------------------------------------------------
Summary of changes:
docs-xml/smbdotconf/security/inheritowner.xml | 6 +-
.../smbdotconf/winbind/winbindrequesttimeout.xml | 16 +++
lib/param/param_functions.c | 1 +
lib/param/param_table.c | 9 ++
lib/util/charset/tests/charset.c | 12 +++
lib/util/charset/util_str.c | 37 +++++---
lib/util/string_wrappers.h | 5 -
libcli/security/secdesc.c | 36 ++++---
librpc/idl/security.idl | 18 ++++
source3/include/proto.h | 1 +
source3/libsmb/clidfs.c | 6 +-
source3/libsmb/libsmb_server.c | 5 +
source3/modules/vfs_default.c | 12 +++
source3/param/loadparm.c | 1 +
source3/passdb/pdb_samba_dsdb.c | 6 +-
source3/printing/load.c | 4 +-
source3/printing/pcap.c | 54 +++++------
source3/printing/pcap.h | 13 +--
source3/printing/print_aix.c | 17 +++-
source3/printing/print_iprint.c | 16 ++-
source3/printing/print_standard.c | 8 +-
source3/printing/print_svid.c | 11 ++-
source3/printing/printer_list.c | 17 ++-
source3/printing/printer_list.h | 4 +-
source3/printing/queue_process.c | 102 +++++++++++++++++++-
source3/printing/spoolssd.c | 38 ++------
source3/rpc_server/spoolss/srv_spoolss_nt.c | 30 ++++--
source3/rpc_server/srvsvc/srv_srvsvc_nt.c | 1 +
source3/smbd/dosmode.c | 13 +++
source3/smbd/lanman.c | 1 +
source3/smbd/mangle_hash.c | 4 +
source3/smbd/negprot.c | 3 +-
source3/smbd/nttrans.c | 7 +-
source3/smbd/posix_acls.c | 2 +-
source3/smbd/proto.h | 1 +
source3/smbd/server.c | 20 ----
source3/smbd/server_reload.c | 74 ++++++---------
source3/smbd/smb2_find.c | 41 +++++++-
source3/smbd/smb2_getinfo.c | 3 +-
source3/smbd/smb2_setinfo.c | 3 +-
source3/winbindd/winbindd.c | 36 +++++++
source3/wscript | 72 +++++++++------
42 files changed, 514 insertions(+), 252 deletions(-)
create mode 100644 docs-xml/smbdotconf/winbind/winbindrequesttimeout.xml
Changeset truncated at 500 lines:
diff --git a/docs-xml/smbdotconf/security/inheritowner.xml b/docs-xml/smbdotconf/security/inheritowner.xml
index ba4fc61..0ed8285 100644
--- a/docs-xml/smbdotconf/security/inheritowner.xml
+++ b/docs-xml/smbdotconf/security/inheritowner.xml
@@ -10,9 +10,9 @@
by the ownership of the parent directory.</para>
<para>Common scenarios where this behavior is useful is in
- implementing drop-boxes where users can create and edit files but not
- delete them and to ensure that newly create files in a user's
- roaming profile directory are actually owner by the user.</para>
+ implementing drop-boxes, where users can create and edit files but
+ not delete them and ensuring that newly created files in a user's
+ roaming profile directory are actually owned by the user.</para>
</description>
<related>inherit permissions</related>
diff --git a/docs-xml/smbdotconf/winbind/winbindrequesttimeout.xml b/docs-xml/smbdotconf/winbind/winbindrequesttimeout.xml
new file mode 100644
index 0000000..3220871
--- /dev/null
+++ b/docs-xml/smbdotconf/winbind/winbindrequesttimeout.xml
@@ -0,0 +1,16 @@
+<samba:parameter name="winbind request timeout"
+ context="G"
+ type="integer"
+ advanced="1" developer="1"
+ xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
+<description>
+ <para>This parameter specifies the number of
+ seconds the <citerefentry><refentrytitle>winbindd</refentrytitle>
+ <manvolnum>8</manvolnum></citerefentry> daemon will wait before
+ disconnecting either a client connection with no outstanding
+ requests (idle) or a client connection with a request that has
+ remained outstanding (hung) for longer than this number of seconds.</para>
+</description>
+
+<value type="default">60</value>
+</samba:parameter>
diff --git a/lib/param/param_functions.c b/lib/param/param_functions.c
index 61f0044..d9d5df6 100644
--- a/lib/param/param_functions.c
+++ b/lib/param/param_functions.c
@@ -341,6 +341,7 @@ FN_GLOBAL_INTEGER(winbind_cache_time, winbind_cache_time)
FN_GLOBAL_INTEGER(winbind_expand_groups, winbind_expand_groups)
FN_GLOBAL_INTEGER(winbind_max_clients, winbind_max_clients)
FN_GLOBAL_INTEGER(winbind_reconnect_delay, winbind_reconnect_delay)
+FN_GLOBAL_INTEGER(winbind_request_timeout, winbind_request_timeout)
FN_GLOBAL_LIST(auth_methods, AuthMethods)
FN_GLOBAL_LIST(cluster_addresses, szClusterAddresses)
FN_GLOBAL_LIST(dcerpc_endpoint_servers, dcerpc_ep_servers)
diff --git a/lib/param/param_table.c b/lib/param/param_table.c
index 7b32998..8e3f952 100644
--- a/lib/param/param_table.c
+++ b/lib/param/param_table.c
@@ -4018,6 +4018,15 @@ static struct parm_struct parm_table[] = {
.flags = FLAG_ADVANCED,
},
{
+ .label = "winbind request timeout",
+ .type = P_INTEGER,
+ .p_class = P_GLOBAL,
+ .offset = GLOBAL_VAR(winbind_request_timeout),
+ .special = NULL,
+ .enum_list = NULL,
+ .flags = FLAG_ADVANCED,
+ },
+ {
.label = "winbind max clients",
.type = P_INTEGER,
.p_class = P_GLOBAL,
diff --git a/lib/util/charset/tests/charset.c b/lib/util/charset/tests/charset.c
index 70b6741..a47670e 100644
--- a/lib/util/charset/tests/charset.c
+++ b/lib/util/charset/tests/charset.c
@@ -50,12 +50,18 @@ static bool test_codepoint_cmpi(struct torture_context *tctx)
static bool test_strcasecmp_m(struct torture_context *tctx)
{
+ /* file.{accented e} in iso8859-1 */
+ const char file_iso8859_1[7] = { 0x66, 0x69, 0x6c, 0x65, 0x2d, 0xe9, 0 };
+ /* file.{accented e} in utf8 */
+ const char file_utf8[8] = { 0x66, 0x69, 0x6c, 0x65, 0x2d, 0xc3, 0xa9, 0 };
torture_assert(tctx, strcasecmp_m("foo", "bar") != 0, "different strings");
torture_assert(tctx, strcasecmp_m("foo", "foo") == 0, "same case strings");
torture_assert(tctx, strcasecmp_m("foo", "Foo") == 0, "different case strings");
torture_assert(tctx, strcasecmp_m(NULL, "Foo") != 0, "one NULL");
torture_assert(tctx, strcasecmp_m("foo", NULL) != 0, "other NULL");
torture_assert(tctx, strcasecmp_m(NULL, NULL) == 0, "both NULL");
+ torture_assert(tctx, strcasecmp_m(file_iso8859_1, file_utf8) != 0,
+ "file.{accented e} should differ");
return true;
}
@@ -102,6 +108,10 @@ static bool test_string_replace_m(struct torture_context *tctx)
static bool test_strncasecmp_m(struct torture_context *tctx)
{
+ /* file.{accented e} in iso8859-1 */
+ const char file_iso8859_1[7] = { 0x66, 0x69, 0x6c, 0x65, 0x2d, 0xe9, 0 };
+ /* file.{accented e} in utf8 */
+ const char file_utf8[8] = { 0x66, 0x69, 0x6c, 0x65, 0x2d, 0xc3, 0xa9, 0 };
torture_assert(tctx, strncasecmp_m("foo", "bar", 3) != 0, "different strings");
torture_assert(tctx, strncasecmp_m("foo", "foo", 3) == 0, "same case strings");
torture_assert(tctx, strncasecmp_m("foo", "Foo", 3) == 0, "different case strings");
@@ -111,6 +121,8 @@ static bool test_strncasecmp_m(struct torture_context *tctx)
torture_assert(tctx, strncasecmp_m(NULL, "Foo", 3) != 0, "one NULL");
torture_assert(tctx, strncasecmp_m("foo", NULL, 3) != 0, "other NULL");
torture_assert(tctx, strncasecmp_m(NULL, NULL, 3) == 0, "both NULL");
+ torture_assert(tctx, strncasecmp_m(file_iso8859_1, file_utf8, 6) != 0,
+ "file.{accented e} should differ");
return true;
}
diff --git a/lib/util/charset/util_str.c b/lib/util/charset/util_str.c
index 688ab5a..d2e6cbb 100644
--- a/lib/util/charset/util_str.c
+++ b/lib/util/charset/util_str.c
@@ -47,6 +47,11 @@ _PUBLIC_ int strcasecmp_m_handle(struct smb_iconv_handle *iconv_handle,
c1 = next_codepoint_handle(iconv_handle, s1, &size1);
c2 = next_codepoint_handle(iconv_handle, s2, &size2);
+ if (c1 == INVALID_CODEPOINT ||
+ c2 == INVALID_CODEPOINT) {
+ return strcasecmp(s1, s2);
+ }
+
s1 += size1;
s2 += size2;
@@ -54,12 +59,6 @@ _PUBLIC_ int strcasecmp_m_handle(struct smb_iconv_handle *iconv_handle,
continue;
}
- if (c1 == INVALID_CODEPOINT ||
- c2 == INVALID_CODEPOINT) {
- /* what else can we do?? */
- return strcasecmp(s1, s2);
- }
-
if (toupper_m(c1) != toupper_m(c2)) {
return c1 - c2;
}
@@ -97,6 +96,26 @@ _PUBLIC_ int strncasecmp_m_handle(struct smb_iconv_handle *iconv_handle,
c1 = next_codepoint_handle(iconv_handle, s1, &size1);
c2 = next_codepoint_handle(iconv_handle, s2, &size2);
+ if (c1 == INVALID_CODEPOINT ||
+ c2 == INVALID_CODEPOINT) {
+ /*
+ * n was specified in characters,
+ * now we must convert it to bytes.
+ * As bytes are the smallest
+ * character unit, the following
+ * increment and strncasecmp is always
+ * safe.
+ *
+ * The source string was already known
+ * to be n characters long, so we are
+ * guaranteed to be able to look at the
+ * (n remaining + size1) bytes from the
+ * s1 position).
+ */
+ n += size1;
+ return strncasecmp(s1, s2, n);
+ }
+
s1 += size1;
s2 += size2;
@@ -104,12 +123,6 @@ _PUBLIC_ int strncasecmp_m_handle(struct smb_iconv_handle *iconv_handle,
continue;
}
- if (c1 == INVALID_CODEPOINT ||
- c2 == INVALID_CODEPOINT) {
- /* what else can we do?? */
- return strcasecmp(s1, s2);
- }
-
if (toupper_m(c1) != toupper_m(c2)) {
return c1 - c2;
}
diff --git a/lib/util/string_wrappers.h b/lib/util/string_wrappers.h
index 243fafc..fcc088c 100644
--- a/lib/util/string_wrappers.h
+++ b/lib/util/string_wrappers.h
@@ -43,11 +43,6 @@ do { \
const char *_fstrcat_src = (const char *)(s); \
strlcat((d),_fstrcat_src ? _fstrcat_src : "",sizeof(fstring)); \
} while (0)
-#define nstrcpy(d,s) \
-do { \
- const char *_nstrcpy_src = (const char *)(s); \
- strlcpy((d),_nstrcpy_src ? _nstrcpy_src : "",sizeof(fstring)); \
-} while (0)
#define unstrcpy(d,s) \
do { \
const char *_unstrcpy_src = (const char *)(s); \
diff --git a/libcli/security/secdesc.c b/libcli/security/secdesc.c
index 8570334..62207a0 100644
--- a/libcli/security/secdesc.c
+++ b/libcli/security/secdesc.c
@@ -24,13 +24,6 @@
#include "librpc/gen_ndr/ndr_security.h"
#include "libcli/security/security.h"
-#define ALL_SECURITY_INFORMATION (SECINFO_OWNER|SECINFO_GROUP|\
- SECINFO_DACL|SECINFO_SACL|\
- SECINFO_UNPROTECTED_SACL|\
- SECINFO_UNPROTECTED_DACL|\
- SECINFO_PROTECTED_SACL|\
- SECINFO_PROTECTED_DACL)
-
/* Map generic permissions to file object specific permissions */
const struct generic_mapping file_generic_mapping = {
@@ -46,21 +39,32 @@ const struct generic_mapping file_generic_mapping = {
uint32_t get_sec_info(const struct security_descriptor *sd)
{
- uint32_t sec_info = ALL_SECURITY_INFORMATION;
+ uint32_t sec_info = 0;
SMB_ASSERT(sd);
- if (sd->owner_sid == NULL) {
- sec_info &= ~SECINFO_OWNER;
+ if (sd->owner_sid != NULL) {
+ sec_info |= SECINFO_OWNER;
+ }
+ if (sd->group_sid != NULL) {
+ sec_info |= SECINFO_GROUP;
}
- if (sd->group_sid == NULL) {
- sec_info &= ~SECINFO_GROUP;
+ if (sd->sacl != NULL) {
+ sec_info |= SECINFO_SACL;
}
- if (sd->sacl == NULL) {
- sec_info &= ~SECINFO_SACL;
+ if (sd->dacl != NULL) {
+ sec_info |= SECINFO_DACL;
+ }
+
+ if (sd->type & SEC_DESC_SACL_PROTECTED) {
+ sec_info |= SECINFO_PROTECTED_SACL;
+ } else if (sd->type & SEC_DESC_SACL_AUTO_INHERITED) {
+ sec_info |= SECINFO_UNPROTECTED_SACL;
}
- if (sd->dacl == NULL) {
- sec_info &= ~SECINFO_DACL;
+ if (sd->type & SEC_DESC_DACL_PROTECTED) {
+ sec_info |= SECINFO_PROTECTED_DACL;
+ } else if (sd->type & SEC_DESC_DACL_AUTO_INHERITED) {
+ sec_info |= SECINFO_UNPROTECTED_DACL;
}
return sec_info;
diff --git a/librpc/idl/security.idl b/librpc/idl/security.idl
index 381d6e5..eb80a86 100644
--- a/librpc/idl/security.idl
+++ b/librpc/idl/security.idl
@@ -630,6 +630,24 @@ interface security
SECINFO_PROTECTED_DACL = 0x80000000
} security_secinfo;
+ /*
+ * a SMB server should only support the following flags
+ * and ignore all others.
+ *
+ * See AdditionalInformation in [MS-SMB2] 2.2.37 SMB2 QUERY_INFO Request
+ * and 2.2.39 SMB2 SET_INFO Request.
+ */
+ const int SMB_SUPPORTED_SECINFO_FLAGS = (
+ SECINFO_OWNER |
+ SECINFO_GROUP |
+ SECINFO_DACL |
+ SECINFO_SACL |
+ SECINFO_LABEL |
+ SECINFO_ATTRIBUTE |
+ SECINFO_SCOPE |
+ SECINFO_BACKUP |
+ 0);
+
typedef [public,bitmap32bit] bitmap {
KERB_ENCTYPE_DES_CBC_CRC = 0x00000001,
KERB_ENCTYPE_DES_CBC_MD5 = 0x00000002,
diff --git a/source3/include/proto.h b/source3/include/proto.h
index a42faf8..cbad7ac 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -1357,6 +1357,7 @@ int lp_smb_encrypt(int );
char lp_magicchar(const struct share_params *p );
int lp_winbind_cache_time(void);
int lp_winbind_reconnect_delay(void);
+int lp_winbind_request_timeout(void);
int lp_winbind_max_clients(void);
const char **lp_winbind_nss_info(void);
int lp_algorithmic_rid_base(void);
diff --git a/source3/libsmb/clidfs.c b/source3/libsmb/clidfs.c
index ff48719..840084f 100644
--- a/source3/libsmb/clidfs.c
+++ b/source3/libsmb/clidfs.c
@@ -280,13 +280,15 @@ static NTSTATUS do_connect(TALLOC_CTX *ctx,
static void cli_set_mntpoint(struct cli_state *cli, const char *mnt)
{
- char *name = clean_name(NULL, mnt);
+ TALLOC_CTX *frame = talloc_stackframe();
+ char *name = clean_name(frame, mnt);
if (!name) {
+ TALLOC_FREE(frame);
return;
}
TALLOC_FREE(cli->dfs_mountpoint);
cli->dfs_mountpoint = talloc_strdup(cli, name);
- TALLOC_FREE(name);
+ TALLOC_FREE(frame);
}
/********************************************************************
diff --git a/source3/libsmb/libsmb_server.c b/source3/libsmb/libsmb_server.c
index 517753d..d4254da 100644
--- a/source3/libsmb/libsmb_server.c
+++ b/source3/libsmb/libsmb_server.c
@@ -459,6 +459,11 @@ SMBC_server_internal(TALLOC_CTX *ctx,
return NULL;
}
+ if (smbXcli_conn_protocol(c->conn) >= PROTOCOL_SMB2_02) {
+ /* Ensure we ask for some initial credits. */
+ smb2cli_conn_set_max_credits(c->conn, DEFAULT_SMB2_MAX_CREDITS);
+ }
+
username_used = *pp_username;
if (!NT_STATUS_IS_OK(cli_session_setup(c, username_used,
diff --git a/source3/modules/vfs_default.c b/source3/modules/vfs_default.c
index 7fda4b8..ed14c67 100644
--- a/source3/modules/vfs_default.c
+++ b/source3/modules/vfs_default.c
@@ -1530,6 +1530,18 @@ static uint64_t vfswrap_get_alloc_size(vfs_handle_struct *handle,
#else
#error SIZEOF_BLKCNT_T_NOT_A_SUPPORTED_VALUE
#endif
+ if (result == 0) {
+ /*
+ * Some file systems do not allocate a block for very
+ * small files. But for non-empty file should report a
+ * positive size.
+ */
+
+ uint64_t filesize = get_file_size_stat(sbuf);
+ if (filesize > 0) {
+ result = MIN((uint64_t)STAT_ST_BLOCKSIZE, filesize);
+ }
+ }
#else
result = get_file_size_stat(sbuf);
#endif
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index a339a1d..4b31023 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -978,6 +978,7 @@ static void init_globals(bool reinit_globals)
Globals.winbind_cache_time = 300; /* 5 minutes */
Globals.winbind_reconnect_delay = 30; /* 30 seconds */
+ Globals.winbind_request_timeout = 60; /* 60 seconds */
Globals.winbind_max_clients = 200;
Globals.bWinbindEnumUsers = false;
Globals.bWinbindEnumGroups = false;
diff --git a/source3/passdb/pdb_samba_dsdb.c b/source3/passdb/pdb_samba_dsdb.c
index 4cd7a4b..49b7cf0 100644
--- a/source3/passdb/pdb_samba_dsdb.c
+++ b/source3/passdb/pdb_samba_dsdb.c
@@ -882,7 +882,7 @@ static NTSTATUS pdb_samba_dsdb_getgrfilter(struct pdb_methods *m, GROUP_MAP *map
{
struct pdb_samba_dsdb_state *state = talloc_get_type_abort(
m->private_data, struct pdb_samba_dsdb_state);
- const char *attrs[] = { "objectSid", "description", "samAccountName", "groupType",
+ const char *attrs[] = { "objectClass", "objectSid", "description", "samAccountName", "groupType",
NULL };
struct ldb_message *msg;
va_list ap;
@@ -941,15 +941,13 @@ static NTSTATUS pdb_samba_dsdb_getgrfilter(struct pdb_methods *m, GROUP_MAP *map
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
- map->sid_name_use = SID_NAME_DOM_GRP;
-
ZERO_STRUCT(id_map);
id_map.sid = sid;
id_maps[0] = &id_map;
id_maps[1] = NULL;
status = idmap_sids_to_xids(state->idmap_ctx, tmp_ctx, id_maps);
- talloc_free(tmp_ctx);
+
if (!NT_STATUS_IS_OK(status)) {
talloc_free(tmp_ctx);
return status;
diff --git a/source3/printing/load.c b/source3/printing/load.c
index 136d055..238998d 100644
--- a/source3/printing/load.c
+++ b/source3/printing/load.c
@@ -65,11 +65,11 @@ load automatic printer services from pre-populated pcap cache
void load_printers(struct tevent_context *ev,
struct messaging_context *msg_ctx)
{
- SMB_ASSERT(pcap_cache_loaded());
+ SMB_ASSERT(pcap_cache_loaded(NULL));
add_auto_printers();
/* load all printcap printers */
if (lp_load_printers() && lp_servicenumber(PRINTERS_NAME) >= 0)
- pcap_printer_fn(lp_add_one_printer, NULL);
+ pcap_printer_read_fn(lp_add_one_printer, NULL);
}
diff --git a/source3/printing/pcap.c b/source3/printing/pcap.c
index dd7ba62..c5524ad 100644
--- a/source3/printing/pcap.c
+++ b/source3/printing/pcap.c
@@ -83,28 +83,26 @@ void pcap_cache_destroy_specific(struct pcap_cache **pp_cache)
*pp_cache = NULL;
}
-bool pcap_cache_add(const char *name, const char *comment, const char *location)
-{
- NTSTATUS status;
- time_t t = time_mono(NULL);
-
- status = printer_list_set_printer(talloc_tos(), name, comment, location, t);
- return NT_STATUS_IS_OK(status);
-}
-
-bool pcap_cache_loaded(void)
+bool pcap_cache_loaded(time_t *_last_change)
{
NTSTATUS status;
time_t last;
status = printer_list_get_last_refresh(&last);
- return NT_STATUS_IS_OK(status);
+ if (!NT_STATUS_IS_OK(status)) {
+ return false;
+ }
+ if (_last_change != NULL) {
+ *_last_change = last;
+ }
+ return true;
}
bool pcap_cache_replace(const struct pcap_cache *pcache)
{
const struct pcap_cache *p;
NTSTATUS status;
+ time_t t = time_mono(NULL);
status = printer_list_mark_reload();
if (!NT_STATUS_IS_OK(status)) {
@@ -113,7 +111,11 @@ bool pcap_cache_replace(const struct pcap_cache *pcache)
}
for (p = pcache; p; p = p->next) {
- pcap_cache_add(p->name, p->comment, p->location);
+ status = printer_list_set_printer(talloc_tos(), p->name,
+ p->comment, p->location, t);
+ if (!NT_STATUS_IS_OK(status)) {
+ return false;
+ }
}
status = printer_list_clean_old();
@@ -132,8 +134,8 @@ void pcap_cache_reload(struct tevent_context *ev,
{
const char *pcap_name = lp_printcapname();
bool pcap_reloaded = False;
- NTSTATUS status;
bool post_cache_fill_fn_handled = false;
+ struct pcap_cache *pcache = NULL;
DEBUG(3, ("reloading printcap cache\n"));
@@ -143,12 +145,6 @@ void pcap_cache_reload(struct tevent_context *ev,
return;
}
- status = printer_list_mark_reload();
- if (!NT_STATUS_IS_OK(status)) {
- DEBUG(0, ("Failed to mark printer list for reload!\n"));
- return;
- }
-
#ifdef HAVE_CUPS
if (strequal(pcap_name, "cups")) {
pcap_reloaded = cups_cache_reload(ev, msg_ctx,
@@ -164,26 +160,26 @@ void pcap_cache_reload(struct tevent_context *ev,
--
Samba Shared Repository
More information about the samba-cvs
mailing list