[SCM] Samba Shared Repository - branch v4-3-test updated
Karolin Seeger
kseeger at samba.org
Tue May 31 10:22:05 UTC 2016
The branch, v4-3-test has been updated
via 5f3cfc8 s3-smbd: Support systemd 230
via 4112991 s3-smbspool: Log to stderr
via 58ba260 Fix memory leak in share mode locking.
via 23663df s3-quotas: fix sysquotas_4B quota fetching for BSD
via 2261c23 s3-net: Convert the key_name to UTF8 during migration
via 40f1add packaging: Set default limit for core file size in service files
via fc385f3 packaging: Set default limit for core file size in init scripts
via 9b09d3d packaging: Remove ulimit usage for setting core file size limit
via 73c385c s3: auth: Move the declaration of struct dom_sid tmp_sid to function level scope.
via 0128c11 s3:rpcclient: make use of SMB_SIGNING_IPC_DEFAULT
via 6d9dbe9 smbd: Fix an assert
via ded212f s3:ntlm_auth: make ntlm_auth_generate_session_info() more complete
via f5eeb21 s3:smbd: fix anonymous authentication if signing is mandatory
from e44c9b6 libcli/auth: let msrpc_parse() return talloc'ed empty strings
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-3-test
- Log -----------------------------------------------------------------
commit 5f3cfc8a0ab54aeb1f07a423c85d88e32c3acd63
Author: Alexander Bokovoy <ab at samba.org>
Date: Wed May 25 15:41:52 2016 +0300
s3-smbd: Support systemd 230
systemd 230 version finally deprecated libsystemd-daemon/libsystemd-journal split
and put everything in libsystemd library.
Make sure HAVE_LIBSYSTEMD define is supported in the code (we already
have it defined by the waf).
Patch is based on the code proposed by Zbigniew Jędrzejewski-Szmek
from systemd project.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11936
Signed-off-by: Zbigniew Jędrzejewski-Szmek <zbyszek at in.waw.pl>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Wed May 25 20:25:44 CEST 2016 on sn-devel-144
(cherry picked from commit 92b4b6b3c58e6c8bc39e5693ad30ba6f8442ca99)
Autobuild-User(v4-3-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-3-test): Tue May 31 12:21:40 CEST 2016 on sn-devel-104
commit 411299181b7848cd9deae3c645b915477148fcd5
Author: Andreas Schneider <asn at samba.org>
Date: Wed May 25 13:39:29 2016 +0200
s3-smbspool: Log to stderr
This way we will be able to see the log in the cups logs and are able to
debug issues.
https://bugzilla.samba.org/show_bug.cgi?id=11935
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Michael Adam <obnox at samba.org>
(cherry picked from commit e59e0a5481196b1ddda0393306c514b8c32d6ea0)
commit 58ba260d97a96defadd75211341fef98c7da1954
Author: Hemanth Thummala <hemanth.thummala at nutanix.com>
Date: Tue May 24 23:15:04 2016 -0700
Fix memory leak in share mode locking.
Not freeing up(and reparenting to NULL context) ndr buffer
used for TDB updates resulting in huge memory leak when there
in high volume of opens and closes happening on same object.
Free the buffer before reparenting its parent to NULL context.
https://bugzilla.samba.org/show_bug.cgi?id=11934
Signed-off-by: Hemanth Thummala <hemanth.thummala at nutanix.com>
Signed-off-by: Saji VR <saji.vr at nutanix.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Fri May 27 18:43:31 CEST 2016 on sn-devel-144
(cherry picked from commit 7a725eea25f905fc5f611e8f3d7cfe414d5cf913)
commit 23663df06e63c4e51c9cc0289976a71586739395
Author: Uri Simchoni <uri at samba.org>
Date: Sat May 21 22:25:32 2016 +0300
s3-quotas: fix sysquotas_4B quota fetching for BSD
Correctly copy block hard/soft limits from the OS-specific structure
to samba structure.
BUG:https://bugzilla.samba.org/show_bug.cgi?id=11931
Signed-off-by: Uri Simchoni <uri at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 59133295bbfd3b51953d9c86e3b533ff1d4861e3)
commit 2261c232867a06492b9e3130cd5096fdd398f4ca
Author: Andreas Schneider <asn at samba.org>
Date: Wed May 18 16:51:45 2016 +0200
s3-net: Convert the key_name to UTF8 during migration
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11922
Pair-Programmed-With: Guenther Deschner <gd at samba.org>
Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Guenther Deschner <gd at samba.org>
(cherry picked from commit 858e1eaa64858790888b42d97ae4d6962a09756b)
commit 40f1addbd04f92098c7438f0a290141248bf18bf
Author: Anoop C S <anoopcs at redhat.com>
Date: Tue May 10 15:08:07 2016 +0530
packaging: Set default limit for core file size in service files
This change adds the missing LimitCORE variable setting in nmb and
winbind service files to have no limit for coredumps by default.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11907
Signed-off-by: Anoop C S <anoopcs at redhat.com>
Reviewed-by: Jose A. Rivera <jarrpa at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
Autobuild-User(master): Günther Deschner <gd at samba.org>
Autobuild-Date(master): Wed May 18 19:26:49 CEST 2016 on sn-devel-144
(cherry picked from commit f15b23f8358d7b2f60b1df0f81bb93a2c8789af4)
commit fc385f36a312412d18d6e7afd2d441d51c2d645d
Author: Anoop C S <anoopcs at redhat.com>
Date: Tue May 10 21:07:01 2016 +0530
packaging: Set default limit for core file size in init scripts
SysV init scripts used for initiating smb and winbind services
determines the value for default limit of coredump from variable
named DAEMON_COREFILE_LIMIT within a bash env. Therefore this
patch explicitly sets this variable to 'unlimited' so as to have
no limit for core file size by default.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11907
Signed-off-by: Anoop C S <anoopcs at redhat.com>
Reviewed-by: Jose A. Rivera <jarrpa at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
(cherry picked from commit ba9ccc6be48e8541748afbf31d5e5dba7d1baf8e)
commit 9b09d3d61b6c0cd28d5f0f346360a77394b4986a
Author: Anoop C S <anoopcs at redhat.com>
Date: Tue May 10 14:50:14 2016 +0530
packaging: Remove ulimit usage for setting core file size limit
Recent commit ebd139c4db7e51a2d7843a773991f15cadf504dd modified smb.init
to set core file size to 'unlimited' by default using the ulimit command.
But when smb and winbind services are initiated via sysv init scripts,
another variable named DAEMON_COREFILE_LIMIT takes higher priority in
deciding the core file size. Therefore setting default value using ulimit
command is useless.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11907
Signed-off-by: Anoop C S <anoopcs at redhat.com>
Reviewed-by: Jose A. Rivera <jarrpa at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
(cherry picked from commit 46524b4543acc9d104d85136c0a4a9e006fc099c)
commit 73c385cc9846dddd9baf274d3fe2615b45081f16
Author: Jeremy Allison <jra at samba.org>
Date: Thu May 26 16:31:55 2016 -0700
s3: auth: Move the declaration of struct dom_sid tmp_sid to function level scope.
It's referred to outside of the {} brace scope it was defined in by
the following code:
uid_to_unix_users_sid(*uid, &tmp_sid);
user_sid = &tmp_sid;
As tmp_sid was going out of scope, user_sid was
being incorrectly set in the token sid list.
I think this *may* be the root cause of:
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10618
But even if not this is an obvious error that must
be fixed.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Fri May 27 11:28:18 CEST 2016 on sn-devel-144
(cherry picked from commit 1b3b89345480d16222da00753f973e36e2e0f92d)
commit 0128c11a6ebb05684efb0dcb8d1d8aaab9d2164f
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu May 19 11:47:18 2016 +0200
s3:rpcclient: make use of SMB_SIGNING_IPC_DEFAULT
This means we'll use the "client ipc min protocol", "client ipc max protocol"
and "client ipc signing" options. But "--signing=no" or "--signing=required"
still overwrite "client ipc signing".
The following can be used to alter the max protocol
rpcclient --option="client ipc max protocol=SMB2_10" 172.31.9.163 -Uadministrator%A1b2C3d4 -c "getusername"
Account Name: Administrator, Authority Name: W4EDOM-L4
rpcclient --option="client ipc max protocol=NT1" 172.31.9.163 -Uadministrator%A1b2C3d4 -c "getusername"
Account Name: Administrator, Authority Name: W4EDOM-L4
rpcclient 172.31.9.163 -Uadministrator%A1b2C3d4 -c "getusername"
Account Name: Administrator, Authority Name: W4EDOM-L4
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11927
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Sat May 21 05:01:15 CEST 2016 on sn-devel-144
(cherry picked from commit 2eb824fbaf61dfc5e9c735589c80c41379dabe86)
commit 6d9dbe9b59e84f77e2aa28fed05b00a181bd4250
Author: Volker Lendecke <vl at samba.org>
Date: Wed Apr 20 13:13:38 2016 +0200
smbd: Fix an assert
This might stumble over stale entries
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11844
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit a5d49b7ce1cfbf8491bc3d29c1ae5b0960b5fe01)
commit ded212f9906dffcb9bc274fe093eb263ba2c8b7e
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed May 11 17:59:32 2016 +0200
s3:ntlm_auth: make ntlm_auth_generate_session_info() more complete
The generate_session_info() function maybe called more than once
per session.
Some may try to look/dereference session_info->security_token,
so we provide simplified token.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11914
Signed-off-by: Stefan Metzmacher <metze at samba.org>
commit f5eeb218a09adc57e5a4aa631fdbf7b2efe4955e
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed May 18 09:56:02 2016 +0200
s3:smbd: fix anonymous authentication if signing is mandatory
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11910
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
-----------------------------------------------------------------------
Summary of changes:
lib/util/become_daemon.c | 10 ++--
packaging/RHEL-CTDB/setup/smb.init | 3 +-
packaging/RHEL-CTDB/setup/winbind.init | 2 +
packaging/RHEL/setup/smb.init | 3 +-
packaging/RHEL/setup/winbind.init | 2 +
packaging/systemd/nmb.service | 1 +
packaging/systemd/winbind.service | 1 +
source3/auth/token_util.c | 2 +-
source3/client/smbspool.c | 2 +-
source3/lib/sysquotas_4B.c | 6 +++
source3/locking/share_mode_lock.c | 5 ++
source3/rpcclient/rpcclient.c | 13 ++++-
source3/smbd/oplock.c | 1 +
source3/smbd/sesssetup.c | 8 ++-
source3/utils/net_printing.c | 90 +++++++++++++++++++++++++++++++---
source3/utils/ntlm_auth.c | 51 +++++++++++++++++--
16 files changed, 177 insertions(+), 23 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/util/become_daemon.c b/lib/util/become_daemon.c
index 4622971..9979fad 100644
--- a/lib/util/become_daemon.c
+++ b/lib/util/become_daemon.c
@@ -24,7 +24,7 @@
#include "includes.h"
#include "system/filesys.h"
#include "system/locale.h"
-#if HAVE_LIBSYSTEMD_DAEMON
+#if defined(HAVE_LIBSYSTEMD_DAEMON) || defined(HAVE_LIBSYSTEMD)
#include <systemd/sd-daemon.h>
#endif
#include "lib/util/close_low_fd.h"
@@ -69,7 +69,7 @@ _PUBLIC_ void become_daemon(bool do_fork, bool no_process_group, bool log_stdout
if (do_fork) {
newpid = fork();
if (newpid) {
-#if HAVE_LIBSYSTEMD_DAEMON
+#if defined(HAVE_LIBSYSTEMD_DAEMON) || defined(HAVE_LIBSYSTEMD)
sd_notifyf(0, "READY=0\nSTATUS=Starting process...\nMAINPID=%lu", (unsigned long) newpid);
#endif /* HAVE_LIBSYSTEMD_DAEMON */
_exit(0);
@@ -98,7 +98,7 @@ _PUBLIC_ void become_daemon(bool do_fork, bool no_process_group, bool log_stdout
_PUBLIC_ void exit_daemon(const char *msg, int error)
{
-#ifdef HAVE_LIBSYSTEMD_DAEMON
+#if defined(HAVE_LIBSYSTEMD_DAEMON) || defined(HAVE_LIBSYSTEMD)
if (msg == NULL) {
msg = strerror(error);
}
@@ -117,7 +117,7 @@ _PUBLIC_ void daemon_ready(const char *name)
if (name == NULL) {
name = "Samba";
}
-#ifdef HAVE_LIBSYSTEMD_DAEMON
+#if defined(HAVE_LIBSYSTEMD_DAEMON) || defined(HAVE_LIBSYSTEMD)
sd_notifyf(0, "READY=1\nSTATUS=%s: ready to serve connections...", name);
#endif
DEBUG(0, ("STATUS=daemon '%s' finished starting up and ready to serve "
@@ -129,7 +129,7 @@ _PUBLIC_ void daemon_status(const char *name, const char *msg)
if (name == NULL) {
name = "Samba";
}
-#ifdef HAVE_LIBSYSTEMD_DAEMON
+#if defined(HAVE_LIBSYSTEMD_DAEMON) || defined(HAVE_LIBSYSTEMD)
sd_notifyf(0, "\nSTATUS=%s: %s", name, msg);
#endif
DEBUG(0, ("STATUS=daemon '%s' : %s", name, msg));
diff --git a/packaging/RHEL-CTDB/setup/smb.init b/packaging/RHEL-CTDB/setup/smb.init
index 00984d2..39bf0a8 100644
--- a/packaging/RHEL-CTDB/setup/smb.init
+++ b/packaging/RHEL-CTDB/setup/smb.init
@@ -18,6 +18,8 @@ else
exit 0
fi
+DAEMON_COREFILE_LIMIT='unlimited'
+
# Avoid using root's TMPDIR
unset TMPDIR
@@ -51,7 +53,6 @@ RETVAL=0
start() {
KIND="SMB"
echo -n $"Starting $KIND services: "
- ulimit -c unlimited
daemon smbd $SMBDOPTIONS
RETVAL=$?
echo
diff --git a/packaging/RHEL-CTDB/setup/winbind.init b/packaging/RHEL-CTDB/setup/winbind.init
index a99038f..2a9dd82 100644
--- a/packaging/RHEL-CTDB/setup/winbind.init
+++ b/packaging/RHEL-CTDB/setup/winbind.init
@@ -16,6 +16,8 @@ else
exit 0
fi
+DAEMON_COREFILE_LIMIT='unlimited'
+
# Avoid using root's TMPDIR
unset TMPDIR
diff --git a/packaging/RHEL/setup/smb.init b/packaging/RHEL/setup/smb.init
index dff9cd8..96fb74a 100644
--- a/packaging/RHEL/setup/smb.init
+++ b/packaging/RHEL/setup/smb.init
@@ -18,6 +18,8 @@ else
exit 0
fi
+DAEMON_COREFILE_LIMIT='unlimited'
+
# Avoid using root's TMPDIR
unset TMPDIR
@@ -50,7 +52,6 @@ RETVAL=0
start() {
KIND="SMB"
echo -n $"Starting $KIND services: "
- ulimit -c unlimited
daemon smbd $SMBDOPTIONS
RETVAL=$?
echo
diff --git a/packaging/RHEL/setup/winbind.init b/packaging/RHEL/setup/winbind.init
index a99038f..2a9dd82 100644
--- a/packaging/RHEL/setup/winbind.init
+++ b/packaging/RHEL/setup/winbind.init
@@ -16,6 +16,8 @@ else
exit 0
fi
+DAEMON_COREFILE_LIMIT='unlimited'
+
# Avoid using root's TMPDIR
unset TMPDIR
diff --git a/packaging/systemd/nmb.service b/packaging/systemd/nmb.service
index 3d71a7d..992c0cd 100644
--- a/packaging/systemd/nmb.service
+++ b/packaging/systemd/nmb.service
@@ -9,6 +9,7 @@ PIDFile=/run/nmbd.pid
EnvironmentFile=-/etc/sysconfig/samba
ExecStart=/usr/sbin/nmbd $NMBDOPTIONS
ExecReload=/usr/bin/kill -HUP $MAINPID
+LimitCORE=infinity
[Install]
WantedBy=multi-user.target
diff --git a/packaging/systemd/winbind.service b/packaging/systemd/winbind.service
index f711a17..c511488 100644
--- a/packaging/systemd/winbind.service
+++ b/packaging/systemd/winbind.service
@@ -9,6 +9,7 @@ PIDFile=/run/winbindd.pid
EnvironmentFile=-/etc/sysconfig/samba
ExecStart=/usr/sbin/winbindd "$WINBINDOPTIONS"
ExecReload=/usr/bin/kill -HUP $MAINPID
+LimitCORE=infinity
[Install]
WantedBy=multi-user.target
diff --git a/source3/auth/token_util.c b/source3/auth/token_util.c
index c7319ad..375905a 100644
--- a/source3/auth/token_util.c
+++ b/source3/auth/token_util.c
@@ -672,6 +672,7 @@ static NTSTATUS create_token_from_sid(TALLOC_CTX *mem_ctx,
TALLOC_CTX *tmp_ctx = talloc_stackframe();
gid_t *gids;
struct dom_sid *group_sids;
+ struct dom_sid tmp_sid;
uint32_t num_group_sids;
uint32_t num_gids;
uint32_t i;
@@ -753,7 +754,6 @@ static NTSTATUS create_token_from_sid(TALLOC_CTX *mem_ctx,
*uid = sam_acct->unix_pw->pw_uid;
} else if (sid_check_is_in_unix_users(user_sid)) {
- struct dom_sid tmp_sid;
uint32_t getgroups_num_group_sids;
/* This is a unix user not in passdb. We need to ask nss
* directly, without consulting passdb */
diff --git a/source3/client/smbspool.c b/source3/client/smbspool.c
index 7161e86..ded14bf 100644
--- a/source3/client/smbspool.c
+++ b/source3/client/smbspool.c
@@ -250,7 +250,7 @@ main(int argc, /* I - Number of command-line arguments */
* Setup the SAMBA server state...
*/
- setup_logging("smbspool", DEBUG_STDOUT);
+ setup_logging("smbspool", DEBUG_STDERR);
smb_init_locale();
diff --git a/source3/lib/sysquotas_4B.c b/source3/lib/sysquotas_4B.c
index e3adc35..ee56432 100644
--- a/source3/lib/sysquotas_4B.c
+++ b/source3/lib/sysquotas_4B.c
@@ -81,6 +81,12 @@ static void xlate_qblk_to_smb(const struct dqblk * const qblk,
dp->hardlimit = XLATE_TO_BLOCKS(qblk->dqb_bhardlimit);
dp->curblocks = XLATE_TO_BLOCKS(qblk->dqb_curbytes);
#undef XLATE_TO_BLOCKS
+#else
+ dp->bsize = DEV_BSIZE;
+
+ dp->softlimit = qblk->dqb_bsoftlimit;
+ dp->hardlimit = qblk->dqb_bhardlimit;
+ dp->curblocks = qblk->dqb_curblocks;
#endif
dp->ihardlimit = qblk->dqb_ihardlimit;
diff --git a/source3/locking/share_mode_lock.c b/source3/locking/share_mode_lock.c
index fe105e3..4e9de03 100644
--- a/source3/locking/share_mode_lock.c
+++ b/source3/locking/share_mode_lock.c
@@ -441,6 +441,11 @@ static int share_mode_data_destructor(struct share_mode_data *d)
TALLOC_FREE(d->record);
/*
+ * Release the dptr as well before reparenting to NULL
+ * (in-memory cache) context.
+ */
+ TALLOC_FREE(data.dptr);
+ /*
* Reparent d into the in-memory cache so it can be reused if the
* sequence number matches. See parse_share_modes()
* for details.
diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c
index c32fbc7..a4edbe8 100644
--- a/source3/rpcclient/rpcclient.c
+++ b/source3/rpcclient/rpcclient.c
@@ -904,6 +904,7 @@ out_free:
const char *binding_string = NULL;
char *user, *domain, *q;
const char *host;
+ int signing_state = SMB_SIGNING_IPC_DEFAULT;
/* make sure the vars that get altered (4th field) are in
a fixed location or certain compilers complain */
@@ -1077,6 +1078,16 @@ out_free:
}
}
+ signing_state = get_cmdline_auth_info_signing_state(rpcclient_auth_info);
+ switch (signing_state) {
+ case SMB_SIGNING_OFF:
+ lp_set_cmdline("client ipc signing", "no");
+ break;
+ case SMB_SIGNING_REQUIRED:
+ lp_set_cmdline("client ipc signing", "required");
+ break;
+ }
+
if (get_cmdline_auth_info_use_kerberos(rpcclient_auth_info)) {
flags |= CLI_FULL_CONNECTION_USE_KERBEROS |
CLI_FULL_CONNECTION_FALLBACK_AFTER_KERBEROS;
@@ -1104,7 +1115,7 @@ out_free:
get_cmdline_auth_info_domain(rpcclient_auth_info),
get_cmdline_auth_info_password(rpcclient_auth_info),
flags,
- get_cmdline_auth_info_signing_state(rpcclient_auth_info));
+ SMB_SIGNING_IPC_DEFAULT);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0,("Cannot connect to server. Error was %s\n", nt_errstr(nt_status)));
diff --git a/source3/smbd/oplock.c b/source3/smbd/oplock.c
index 4f108d9..4ce3a1d 100644
--- a/source3/smbd/oplock.c
+++ b/source3/smbd/oplock.c
@@ -190,6 +190,7 @@ bool update_num_read_oplocks(files_struct *fsp, struct share_mode_lock *lck)
/*
* If we're the only one, we don't need a brlock entry
*/
+ remove_stale_share_mode_entries(d);
SMB_ASSERT(d->num_share_modes == 1);
SMB_ASSERT(EXCLUSIVE_OPLOCK_TYPE(d->share_modes[0].op_type));
return true;
diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c
index 7774b66..e00704c 100644
--- a/source3/smbd/sesssetup.c
+++ b/source3/smbd/sesssetup.c
@@ -135,6 +135,7 @@ static void reply_sesssetup_and_X_spnego(struct smb_request *req)
struct smbXsrv_connection *xconn = req->xconn;
struct smbd_server_connection *sconn = req->sconn;
uint16_t action = 0;
+ bool is_authenticated = false;
NTTIME now = timeval_to_nttime(&req->request_time);
struct smbXsrv_session *session = NULL;
uint16_t smb_bufsize = SVAL(req->vwv+2, 0);
@@ -328,12 +329,13 @@ static void reply_sesssetup_and_X_spnego(struct smb_request *req)
sconn->num_users++;
if (security_session_user_level(session_info, NULL) >= SECURITY_USER) {
+ is_authenticated = true;
session->compat->homes_snum =
register_homes_share(session_info->unix_info->unix_name);
}
if (srv_is_signing_negotiated(xconn) &&
- action == 0 &&
+ is_authenticated &&
session->global->signing_key.length > 0)
{
/*
@@ -593,6 +595,7 @@ void reply_sesssetup_and_X(struct smb_request *req)
struct auth_session_info *session_info = NULL;
uint16_t smb_flag2 = req->flags2;
uint16_t action = 0;
+ bool is_authenticated = false;
NTTIME now = timeval_to_nttime(&req->request_time);
struct smbXsrv_session *session = NULL;
NTSTATUS nt_status;
@@ -1030,12 +1033,13 @@ void reply_sesssetup_and_X(struct smb_request *req)
sconn->num_users++;
if (security_session_user_level(session_info, NULL) >= SECURITY_USER) {
+ is_authenticated = true;
session->compat->homes_snum =
register_homes_share(session_info->unix_info->unix_name);
}
if (srv_is_signing_negotiated(xconn) &&
- action == 0 &&
+ is_authenticated &&
session->global->signing_key.length > 0)
{
/*
diff --git a/source3/utils/net_printing.c b/source3/utils/net_printing.c
index 6f805eb..cc82e51 100644
--- a/source3/utils/net_printing.c
+++ b/source3/utils/net_printing.c
@@ -264,27 +264,66 @@ static int net_printing_dump(struct net_context *c, int argc,
}
if (strncmp((const char *)kbuf.dptr, FORMS_PREFIX, strlen(FORMS_PREFIX)) == 0) {
- dump_form(ctx, (const char *)kbuf.dptr+strlen(FORMS_PREFIX), dbuf.dptr, dbuf.dsize);
+ char *key_name = NULL;
+ size_t converted_size = 0;
+ bool ok;
+
+ ok = pull_ascii_talloc(ctx,
+ &key_name,
+ (const char *) kbuf.dptr + strlen(FORMS_PREFIX),
+ &converted_size);
+ if (!ok) {
+ continue;
+ }
+
+ dump_form(ctx, key_name, dbuf.dptr, dbuf.dsize);
+ TALLOC_FREE(key_name);
SAFE_FREE(dbuf.dptr);
continue;
}
if (strncmp((const char *)kbuf.dptr, DRIVERS_PREFIX, strlen(DRIVERS_PREFIX)) == 0) {
+ char *key_name = NULL;
+ size_t converted_size = 0;
+ bool ok;
+
+ ok = pull_ascii_talloc(ctx,
+ &key_name,
+ (const char *) kbuf.dptr + strlen(DRIVERS_PREFIX),
+ &converted_size);
+ if (!ok) {
+ continue;
+ }
+
dump_driver(ctx,
- (const char *)kbuf.dptr+strlen(DRIVERS_PREFIX),
+ key_name,
dbuf.dptr,
dbuf.dsize,
do_string_conversion);
+ TALLOC_FREE(key_name);
SAFE_FREE(dbuf.dptr);
continue;
}
if (strncmp((const char *)kbuf.dptr, PRINTERS_PREFIX, strlen(PRINTERS_PREFIX)) == 0) {
+ char *key_name = NULL;
+ size_t converted_size = 0;
+ bool ok;
+
+ ok = pull_ascii_talloc(ctx,
+ &key_name,
+ (const char *) kbuf.dptr + strlen(PRINTERS_PREFIX),
+ &converted_size);
+ if (!ok) {
+ continue;
+ }
+
dump_printer(ctx,
- (const char *)kbuf.dptr+strlen(PRINTERS_PREFIX),
+ key_name,
dbuf.dptr,
dbuf.dsize,
do_string_conversion);
+ TALLOC_FREE(key_name);
SAFE_FREE(dbuf.dptr);
continue;
}
@@ -357,33 +396,72 @@ static NTSTATUS printing_migrate_internal(struct net_context *c,
}
if (strncmp((const char *) kbuf.dptr, FORMS_PREFIX, strlen(FORMS_PREFIX)) == 0) {
+ char *key_name = NULL;
+ size_t converted_size = 0;
+ bool ok;
+
+ ok = pull_ascii_talloc(tmp_ctx,
+ &key_name,
+ (const char *) kbuf.dptr + strlen(FORMS_PREFIX),
+ &converted_size);
+ if (!ok) {
+ continue;
+ }
+
printing_tdb_migrate_form(tmp_ctx,
winreg_pipe,
- (const char *) kbuf.dptr + strlen(FORMS_PREFIX),
+ key_name,
dbuf.dptr,
dbuf.dsize);
+ TALLOC_FREE(key_name);
SAFE_FREE(dbuf.dptr);
continue;
}
if (strncmp((const char *) kbuf.dptr, DRIVERS_PREFIX, strlen(DRIVERS_PREFIX)) == 0) {
+ char *key_name = NULL;
+ size_t converted_size = 0;
+ bool ok;
+
+ ok = pull_ascii_talloc(tmp_ctx,
+ &key_name,
+ (const char *) kbuf.dptr + strlen(DRIVERS_PREFIX),
+ &converted_size);
+ if (!ok) {
+ continue;
+ }
+
printing_tdb_migrate_driver(tmp_ctx,
winreg_pipe,
- (const char *) kbuf.dptr + strlen(DRIVERS_PREFIX),
+ key_name,
dbuf.dptr,
dbuf.dsize,
do_string_conversion);
+ TALLOC_FREE(key_name);
SAFE_FREE(dbuf.dptr);
continue;
}
if (strncmp((const char *) kbuf.dptr, PRINTERS_PREFIX, strlen(PRINTERS_PREFIX)) == 0) {
+ char *key_name = NULL;
+ size_t converted_size = 0;
+ bool ok;
+
+ ok = pull_ascii_talloc(tmp_ctx,
+ &key_name,
+ (const char *) kbuf.dptr + strlen(PRINTERS_PREFIX),
+ &converted_size);
+ if (!ok) {
+ continue;
+ }
+
printing_tdb_migrate_printer(tmp_ctx,
winreg_pipe,
- (const char *) kbuf.dptr + strlen(PRINTERS_PREFIX),
+ key_name,
dbuf.dptr,
dbuf.dsize,
do_string_conversion);
+ TALLOC_FREE(key_name);
SAFE_FREE(dbuf.dptr);
continue;
}
diff --git a/source3/utils/ntlm_auth.c b/source3/utils/ntlm_auth.c
index 1ac6881..bbb0be4 100644
--- a/source3/utils/ntlm_auth.c
+++ b/source3/utils/ntlm_auth.c
@@ -27,6 +27,7 @@
#include "includes.h"
#include "lib/param/param.h"
#include "popt_common.h"
+#include "libcli/security/security.h"
#include "utils/ntlm_auth.h"
#include "../libcli/auth/libcli_auth.h"
#include "auth/ntlmssp/ntlmssp.h"
@@ -705,18 +706,58 @@ static NTSTATUS ntlm_auth_generate_session_info(struct auth4_context *auth_conte
uint32_t session_info_flags,
struct auth_session_info **session_info_out)
{
- char *unix_username = (char *)server_returned_info;
- struct auth_session_info *session_info = talloc_zero(mem_ctx, struct auth_session_info);
- if (!session_info) {
+ const char *unix_username = (const char *)server_returned_info;
+ bool ok;
+ struct dom_sid *sids = NULL;
+ struct auth_session_info *session_info = NULL;
+
+ session_info = talloc_zero(mem_ctx, struct auth_session_info);
+ if (session_info == NULL) {
return NT_STATUS_NO_MEMORY;
}
session_info->unix_info = talloc_zero(session_info, struct auth_user_info_unix);
- if (!session_info->unix_info) {
+ if (session_info->unix_info == NULL) {
+ TALLOC_FREE(session_info);
+ return NT_STATUS_NO_MEMORY;
+ }
+ session_info->unix_info->unix_name = talloc_strdup(session_info->unix_info,
+ unix_username);
+ if (session_info->unix_info->unix_name == NULL) {
+ TALLOC_FREE(session_info);
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ session_info->security_token = talloc_zero(session_info, struct security_token);
--
Samba Shared Repository
More information about the samba-cvs
mailing list