[SCM] Samba Shared Repository - branch v4-4-test updated
Karolin Seeger
kseeger at samba.org
Tue May 31 10:36:09 UTC 2016
The branch, v4-4-test has been updated
via 3454590 s3-smbd: Support systemd 230
via 0242e2a s3-smbspool: Log to stderr
via 37fa8a6 Fix memory leak in share mode locking.
via 98b9ea2 s3-quotas: fix sysquotas_4B quota fetching for BSD
via c4c8606 notifyd: prevent NULL deref segfault in notifyd_peer_destructor
via 730ec25 s3-net: Convert the key_name to UTF8 during migration
via abe1808 packaging: Set default limit for core file size in service files
via 2bf48c3 packaging: Set default limit for core file size in init scripts
via e1b7363 packaging: Remove ulimit usage for setting core file size limit
via 211938f s3: auth: Move the declaration of struct dom_sid tmp_sid to function level scope.
via 6a10012 s3:rpcclient: make use of SMB_SIGNING_IPC_DEFAULT
via 8ac105e smbd:close: only remove kernel share modes if they had been taken at open
via 68249a7 s3:vfs: add 'kernel_share_modes_taken' to files_struct
via 290541a s3:client:smbspool_krb5_wrapper: fix the non clearenv build.
via 5a2464b Provide fallback code for non-portable clearenv(3)
via bc3751b smbd: Fix an assert
via da98554 s3:ntlm_auth: make ntlm_auth_generate_session_info() more complete
via 90dd993 s3:smbd: fix anonymous authentication if signing is mandatory
from 8b3fbe1 libcli/auth: let msrpc_parse() return talloc'ed empty strings
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-4-test
- Log -----------------------------------------------------------------
commit 34545900fac8b547c02d7f724226b5ce5bf9341f
Author: Alexander Bokovoy <ab at samba.org>
Date: Wed May 25 15:41:52 2016 +0300
s3-smbd: Support systemd 230
systemd 230 version finally deprecated libsystemd-daemon/libsystemd-journal split
and put everything in libsystemd library.
Make sure HAVE_LIBSYSTEMD define is supported in the code (we already
have it defined by the waf).
Patch is based on the code proposed by Zbigniew Jędrzejewski-Szmek
from systemd project.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11936
Signed-off-by: Zbigniew Jędrzejewski-Szmek <zbyszek at in.waw.pl>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Wed May 25 20:25:44 CEST 2016 on sn-devel-144
(cherry picked from commit 92b4b6b3c58e6c8bc39e5693ad30ba6f8442ca99)
Autobuild-User(v4-4-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-4-test): Tue May 31 12:35:41 CEST 2016 on sn-devel-144
commit 0242e2aa5d6d27759b32d857b9b37e5306e9fb9b
Author: Andreas Schneider <asn at samba.org>
Date: Wed May 25 13:39:29 2016 +0200
s3-smbspool: Log to stderr
This way we will be able to see the log in the cups logs and are able to
debug issues.
https://bugzilla.samba.org/show_bug.cgi?id=11935
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Michael Adam <obnox at samba.org>
(cherry picked from commit e59e0a5481196b1ddda0393306c514b8c32d6ea0)
commit 37fa8a6470066fde2317bf76a7385f31135df737
Author: Hemanth Thummala <hemanth.thummala at nutanix.com>
Date: Tue May 24 23:15:04 2016 -0700
Fix memory leak in share mode locking.
Not freeing up(and reparenting to NULL context) ndr buffer
used for TDB updates resulting in huge memory leak when there
in high volume of opens and closes happening on same object.
Free the buffer before reparenting its parent to NULL context.
https://bugzilla.samba.org/show_bug.cgi?id=11934
Signed-off-by: Hemanth Thummala <hemanth.thummala at nutanix.com>
Signed-off-by: Saji VR <saji.vr at nutanix.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Fri May 27 18:43:31 CEST 2016 on sn-devel-144
(cherry picked from commit 7a725eea25f905fc5f611e8f3d7cfe414d5cf913)
commit 98b9ea21cba0598dcd203a8f0a5fb42164f2f197
Author: Uri Simchoni <uri at samba.org>
Date: Sat May 21 22:25:32 2016 +0300
s3-quotas: fix sysquotas_4B quota fetching for BSD
Correctly copy block hard/soft limits from the OS-specific structure
to samba structure.
BUG:https://bugzilla.samba.org/show_bug.cgi?id=11931
Signed-off-by: Uri Simchoni <uri at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 59133295bbfd3b51953d9c86e3b533ff1d4861e3)
commit c4c86063c9fa789809cf88ac1ed56ab8deb2f737
Author: Michael Adam <obnox at samba.org>
Date: Fri May 20 12:57:48 2016 +0200
notifyd: prevent NULL deref segfault in notifyd_peer_destructor
It seems it could happen that p->db == NULL in the list
from notifyd_clean_peers_next(). This has been seen in
a ctdb cluster when an node-internal ctdb interface is
brought down.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11930
Signed-off-by: Michael Adam <obnox at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Fri May 20 17:32:55 CEST 2016 on sn-devel-144
(cherry picked from commit 1c76746b637bc1867f85ba94786b89f22d1b0c32)
commit 730ec25f3b11d421888714d3c86273f81b844fde
Author: Andreas Schneider <asn at samba.org>
Date: Wed May 18 16:51:45 2016 +0200
s3-net: Convert the key_name to UTF8 during migration
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11922
Pair-Programmed-With: Guenther Deschner <gd at samba.org>
Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Guenther Deschner <gd at samba.org>
(cherry picked from commit 858e1eaa64858790888b42d97ae4d6962a09756b)
commit abe1808337cec2d3f2d1d81d5881004d6d673258
Author: Anoop C S <anoopcs at redhat.com>
Date: Tue May 10 15:08:07 2016 +0530
packaging: Set default limit for core file size in service files
This change adds the missing LimitCORE variable setting in nmb and
winbind service files to have no limit for coredumps by default.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11907
Signed-off-by: Anoop C S <anoopcs at redhat.com>
Reviewed-by: Jose A. Rivera <jarrpa at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
Autobuild-User(master): Günther Deschner <gd at samba.org>
Autobuild-Date(master): Wed May 18 19:26:49 CEST 2016 on sn-devel-144
(cherry picked from commit f15b23f8358d7b2f60b1df0f81bb93a2c8789af4)
commit 2bf48c391340b0119a33de30d0adb9d9b9cb5235
Author: Anoop C S <anoopcs at redhat.com>
Date: Tue May 10 21:07:01 2016 +0530
packaging: Set default limit for core file size in init scripts
SysV init scripts used for initiating smb and winbind services
determines the value for default limit of coredump from variable
named DAEMON_COREFILE_LIMIT within a bash env. Therefore this
patch explicitly sets this variable to 'unlimited' so as to have
no limit for core file size by default.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11907
Signed-off-by: Anoop C S <anoopcs at redhat.com>
Reviewed-by: Jose A. Rivera <jarrpa at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
(cherry picked from commit ba9ccc6be48e8541748afbf31d5e5dba7d1baf8e)
commit e1b736379afbebf7f54dae573cb50a1cc54c2198
Author: Anoop C S <anoopcs at redhat.com>
Date: Tue May 10 14:50:14 2016 +0530
packaging: Remove ulimit usage for setting core file size limit
Recent commit ebd139c4db7e51a2d7843a773991f15cadf504dd modified smb.init
to set core file size to 'unlimited' by default using the ulimit command.
But when smb and winbind services are initiated via sysv init scripts,
another variable named DAEMON_COREFILE_LIMIT takes higher priority in
deciding the core file size. Therefore setting default value using ulimit
command is useless.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11907
Signed-off-by: Anoop C S <anoopcs at redhat.com>
Reviewed-by: Jose A. Rivera <jarrpa at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
(cherry picked from commit 46524b4543acc9d104d85136c0a4a9e006fc099c)
commit 211938fc6bb869f6ca7e2fd70e9c7e09afa7124d
Author: Jeremy Allison <jra at samba.org>
Date: Thu May 26 16:31:55 2016 -0700
s3: auth: Move the declaration of struct dom_sid tmp_sid to function level scope.
It's referred to outside of the {} brace scope it was defined in by
the following code:
uid_to_unix_users_sid(*uid, &tmp_sid);
user_sid = &tmp_sid;
As tmp_sid was going out of scope, user_sid was
being incorrectly set in the token sid list.
I think this *may* be the root cause of:
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10618
But even if not this is an obvious error that must
be fixed.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Fri May 27 11:28:18 CEST 2016 on sn-devel-144
(cherry picked from commit 1b3b89345480d16222da00753f973e36e2e0f92d)
commit 6a10012e5233e1ca2d77b4e12d0219b8d63da7ba
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu May 19 11:47:18 2016 +0200
s3:rpcclient: make use of SMB_SIGNING_IPC_DEFAULT
This means we'll use the "client ipc min protocol", "client ipc max protocol"
and "client ipc signing" options. But "--signing=no" or "--signing=required"
still overwrite "client ipc signing".
The following can be used to alter the max protocol
rpcclient --option="client ipc max protocol=SMB2_10" 172.31.9.163 -Uadministrator%A1b2C3d4 -c "getusername"
Account Name: Administrator, Authority Name: W4EDOM-L4
rpcclient --option="client ipc max protocol=NT1" 172.31.9.163 -Uadministrator%A1b2C3d4 -c "getusername"
Account Name: Administrator, Authority Name: W4EDOM-L4
rpcclient 172.31.9.163 -Uadministrator%A1b2C3d4 -c "getusername"
Account Name: Administrator, Authority Name: W4EDOM-L4
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11927
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Sat May 21 05:01:15 CEST 2016 on sn-devel-144
(cherry picked from commit 2eb824fbaf61dfc5e9c735589c80c41379dabe86)
commit 8ac105e900758c164a7bb223f7297b265b1189ee
Author: Michael Adam <obnox at samba.org>
Date: Sun May 15 23:24:08 2016 +0200
smbd:close: only remove kernel share modes if they had been taken at open
This avoids errors due to 'not implemented' for SMB_VFS_KERNEL_FLOCK
on some file systems like glusterfs (with the vfs module). The only
other code path where SMB_VFS_KERNEL_FLOCK is called, is already protected.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11919
Signed-off-by: Michael Adam <obnox at samba.org>
Reviewed-by: Christian Ambach <ambi at samba.org>
Autobuild-User(master): Christian Ambach <ambi at samba.org>
Autobuild-Date(master): Thu May 19 02:34:36 CEST 2016 on sn-devel-144
(cherry picked from commit 6b232b2720a3d71bc0b4b5603215b3f9d3de5ca6)
commit 68249a719ae99e3b23d098f7494a1c1f23225659
Author: Michael Adam <obnox at samba.org>
Date: Mon May 16 01:39:09 2016 +0200
s3:vfs: add 'kernel_share_modes_taken' to files_struct
This will allow to track whether kernel share modes have been
taken at open and correclty remove them again on close.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11919
Signed-off-by: Michael Adam <obnox at samba.org>
Reviewed-by: Christian Ambach <ambi at samba.org>
(cherry picked from commit 356487345724ce5dffdddf9c60735b2c965f30bc)
commit 290541a43a94d806ff13866439b0326763b468d4
Author: Günther Deschner <gd at samba.org>
Date: Fri Apr 29 13:28:42 2016 +0200
s3:client:smbspool_krb5_wrapper: fix the non clearenv build.
Guenther
Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Fri Apr 29 19:52:23 CEST 2016 on sn-devel-144
(cherry picked from commit e0d8c6b6b428819206fb6e96c47e952845af0874)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11864
commit 5a2464bd1d2034a9dcf1cf8e8dd477d9b2a96167
Author: Jérémie Courrèges-Anglas <jca at wxcvbn.org>
Date: Wed Apr 27 18:01:51 2016 +0200
Provide fallback code for non-portable clearenv(3)
clearenv(3) is a GNU extension that was rejected twice by POSIX,
without an easy, portable alternative.
As the dovecot project notes,
"""
environ = NULL crashes on OSX - and OpenBSD < 6.0
*environ = NULL doesn't work on FreeBSD 7.0
environ = emptyenv doesn't work on Haiku OS
environ = calloc should work everywhere
"""
(source: http://hg.dovecot.org/dovecot-2.0/file/48f90e7e92dc/src/lib/env-util.c)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11864
Signed-off-by: Jérémie Courrèges-Anglas <jca at wxcvbn.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Apr 29 00:12:02 CEST 2016 on sn-devel-144
(cherry picked from commit f198abcbb3f6e8b26c697d3ded2caa1076ae018b)
commit bc3751ba3c7cfbe062ec1eb6c44d8baba3b5149b
Author: Volker Lendecke <vl at samba.org>
Date: Wed Apr 20 13:13:38 2016 +0200
smbd: Fix an assert
This might stumble over stale entries
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11844
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit a5d49b7ce1cfbf8491bc3d29c1ae5b0960b5fe01)
commit da98554ba7bee77cd88f2a9018e06c094ecc0745
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed May 11 17:59:32 2016 +0200
s3:ntlm_auth: make ntlm_auth_generate_session_info() more complete
The generate_session_info() function maybe called more than once
per session.
Some may try to look/dereference session_info->security_token,
so we provide simplified token.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11914
Signed-off-by: Stefan Metzmacher <metze at samba.org>
commit 90dd99301765d33536b183b91069c9271e46d41a
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed May 18 09:56:02 2016 +0200
s3:smbd: fix anonymous authentication if signing is mandatory
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11910
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
-----------------------------------------------------------------------
Summary of changes:
lib/util/become_daemon.c | 10 ++--
packaging/RHEL-CTDB/setup/smb.init | 3 +-
packaging/RHEL-CTDB/setup/winbind.init | 2 +
packaging/RHEL/setup/smb.init | 3 +-
packaging/RHEL/setup/winbind.init | 2 +
packaging/systemd/nmb.service | 1 +
packaging/systemd/winbind.service | 1 +
source3/auth/token_util.c | 2 +-
source3/client/smbspool.c | 2 +-
source3/client/smbspool_krb5_wrapper.c | 10 ++++
source3/include/vfs.h | 2 +
source3/lib/sysquotas_4B.c | 6 +++
source3/locking/share_mode_lock.c | 5 ++
source3/rpcclient/rpcclient.c | 13 ++++-
source3/smbd/close.c | 17 ++++---
source3/smbd/notifyd/notifyd.c | 5 +-
source3/smbd/open.c | 2 +
source3/smbd/oplock.c | 1 +
source3/smbd/sesssetup.c | 8 ++-
source3/utils/net_printing.c | 90 +++++++++++++++++++++++++++++++---
source3/utils/ntlm_auth.c | 51 +++++++++++++++++--
source3/wscript | 2 +-
22 files changed, 206 insertions(+), 32 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/util/become_daemon.c b/lib/util/become_daemon.c
index 4622971..9979fad 100644
--- a/lib/util/become_daemon.c
+++ b/lib/util/become_daemon.c
@@ -24,7 +24,7 @@
#include "includes.h"
#include "system/filesys.h"
#include "system/locale.h"
-#if HAVE_LIBSYSTEMD_DAEMON
+#if defined(HAVE_LIBSYSTEMD_DAEMON) || defined(HAVE_LIBSYSTEMD)
#include <systemd/sd-daemon.h>
#endif
#include "lib/util/close_low_fd.h"
@@ -69,7 +69,7 @@ _PUBLIC_ void become_daemon(bool do_fork, bool no_process_group, bool log_stdout
if (do_fork) {
newpid = fork();
if (newpid) {
-#if HAVE_LIBSYSTEMD_DAEMON
+#if defined(HAVE_LIBSYSTEMD_DAEMON) || defined(HAVE_LIBSYSTEMD)
sd_notifyf(0, "READY=0\nSTATUS=Starting process...\nMAINPID=%lu", (unsigned long) newpid);
#endif /* HAVE_LIBSYSTEMD_DAEMON */
_exit(0);
@@ -98,7 +98,7 @@ _PUBLIC_ void become_daemon(bool do_fork, bool no_process_group, bool log_stdout
_PUBLIC_ void exit_daemon(const char *msg, int error)
{
-#ifdef HAVE_LIBSYSTEMD_DAEMON
+#if defined(HAVE_LIBSYSTEMD_DAEMON) || defined(HAVE_LIBSYSTEMD)
if (msg == NULL) {
msg = strerror(error);
}
@@ -117,7 +117,7 @@ _PUBLIC_ void daemon_ready(const char *name)
if (name == NULL) {
name = "Samba";
}
-#ifdef HAVE_LIBSYSTEMD_DAEMON
+#if defined(HAVE_LIBSYSTEMD_DAEMON) || defined(HAVE_LIBSYSTEMD)
sd_notifyf(0, "READY=1\nSTATUS=%s: ready to serve connections...", name);
#endif
DEBUG(0, ("STATUS=daemon '%s' finished starting up and ready to serve "
@@ -129,7 +129,7 @@ _PUBLIC_ void daemon_status(const char *name, const char *msg)
if (name == NULL) {
name = "Samba";
}
-#ifdef HAVE_LIBSYSTEMD_DAEMON
+#if defined(HAVE_LIBSYSTEMD_DAEMON) || defined(HAVE_LIBSYSTEMD)
sd_notifyf(0, "\nSTATUS=%s: %s", name, msg);
#endif
DEBUG(0, ("STATUS=daemon '%s' : %s", name, msg));
diff --git a/packaging/RHEL-CTDB/setup/smb.init b/packaging/RHEL-CTDB/setup/smb.init
index 00984d2..39bf0a8 100644
--- a/packaging/RHEL-CTDB/setup/smb.init
+++ b/packaging/RHEL-CTDB/setup/smb.init
@@ -18,6 +18,8 @@ else
exit 0
fi
+DAEMON_COREFILE_LIMIT='unlimited'
+
# Avoid using root's TMPDIR
unset TMPDIR
@@ -51,7 +53,6 @@ RETVAL=0
start() {
KIND="SMB"
echo -n $"Starting $KIND services: "
- ulimit -c unlimited
daemon smbd $SMBDOPTIONS
RETVAL=$?
echo
diff --git a/packaging/RHEL-CTDB/setup/winbind.init b/packaging/RHEL-CTDB/setup/winbind.init
index a99038f..2a9dd82 100644
--- a/packaging/RHEL-CTDB/setup/winbind.init
+++ b/packaging/RHEL-CTDB/setup/winbind.init
@@ -16,6 +16,8 @@ else
exit 0
fi
+DAEMON_COREFILE_LIMIT='unlimited'
+
# Avoid using root's TMPDIR
unset TMPDIR
diff --git a/packaging/RHEL/setup/smb.init b/packaging/RHEL/setup/smb.init
index dff9cd8..96fb74a 100644
--- a/packaging/RHEL/setup/smb.init
+++ b/packaging/RHEL/setup/smb.init
@@ -18,6 +18,8 @@ else
exit 0
fi
+DAEMON_COREFILE_LIMIT='unlimited'
+
# Avoid using root's TMPDIR
unset TMPDIR
@@ -50,7 +52,6 @@ RETVAL=0
start() {
KIND="SMB"
echo -n $"Starting $KIND services: "
- ulimit -c unlimited
daemon smbd $SMBDOPTIONS
RETVAL=$?
echo
diff --git a/packaging/RHEL/setup/winbind.init b/packaging/RHEL/setup/winbind.init
index a99038f..2a9dd82 100644
--- a/packaging/RHEL/setup/winbind.init
+++ b/packaging/RHEL/setup/winbind.init
@@ -16,6 +16,8 @@ else
exit 0
fi
+DAEMON_COREFILE_LIMIT='unlimited'
+
# Avoid using root's TMPDIR
unset TMPDIR
diff --git a/packaging/systemd/nmb.service b/packaging/systemd/nmb.service
index 3d71a7d..992c0cd 100644
--- a/packaging/systemd/nmb.service
+++ b/packaging/systemd/nmb.service
@@ -9,6 +9,7 @@ PIDFile=/run/nmbd.pid
EnvironmentFile=-/etc/sysconfig/samba
ExecStart=/usr/sbin/nmbd $NMBDOPTIONS
ExecReload=/usr/bin/kill -HUP $MAINPID
+LimitCORE=infinity
[Install]
WantedBy=multi-user.target
diff --git a/packaging/systemd/winbind.service b/packaging/systemd/winbind.service
index f711a17..c511488 100644
--- a/packaging/systemd/winbind.service
+++ b/packaging/systemd/winbind.service
@@ -9,6 +9,7 @@ PIDFile=/run/winbindd.pid
EnvironmentFile=-/etc/sysconfig/samba
ExecStart=/usr/sbin/winbindd "$WINBINDOPTIONS"
ExecReload=/usr/bin/kill -HUP $MAINPID
+LimitCORE=infinity
[Install]
WantedBy=multi-user.target
diff --git a/source3/auth/token_util.c b/source3/auth/token_util.c
index c7319ad..375905a 100644
--- a/source3/auth/token_util.c
+++ b/source3/auth/token_util.c
@@ -672,6 +672,7 @@ static NTSTATUS create_token_from_sid(TALLOC_CTX *mem_ctx,
TALLOC_CTX *tmp_ctx = talloc_stackframe();
gid_t *gids;
struct dom_sid *group_sids;
+ struct dom_sid tmp_sid;
uint32_t num_group_sids;
uint32_t num_gids;
uint32_t i;
@@ -753,7 +754,6 @@ static NTSTATUS create_token_from_sid(TALLOC_CTX *mem_ctx,
*uid = sam_acct->unix_pw->pw_uid;
} else if (sid_check_is_in_unix_users(user_sid)) {
- struct dom_sid tmp_sid;
uint32_t getgroups_num_group_sids;
/* This is a unix user not in passdb. We need to ask nss
* directly, without consulting passdb */
diff --git a/source3/client/smbspool.c b/source3/client/smbspool.c
index e381822..9dbb233 100644
--- a/source3/client/smbspool.c
+++ b/source3/client/smbspool.c
@@ -250,7 +250,7 @@ main(int argc, /* I - Number of command-line arguments */
* Setup the SAMBA server state...
*/
- setup_logging("smbspool", DEBUG_STDOUT);
+ setup_logging("smbspool", DEBUG_STDERR);
smb_init_locale();
diff --git a/source3/client/smbspool_krb5_wrapper.c b/source3/client/smbspool_krb5_wrapper.c
index e19fd92..d26a7a6 100644
--- a/source3/client/smbspool_krb5_wrapper.c
+++ b/source3/client/smbspool_krb5_wrapper.c
@@ -24,12 +24,15 @@
#include "system/passwd.h"
#include <errno.h>
+#include <stdlib.h>
#include <string.h>
#include <cups/backend.h>
#include "dynconfig/dynconfig.h"
+#undef calloc
+
enum cups_smb_dbglvl_e {
CUPS_SMB_LOG_DEBUG = 0,
CUPS_SMB_LOG_ERROR,
@@ -195,7 +198,14 @@ int main(int argc, char *argv[])
* Make sure we do not have LD_PRELOAD or other security relevant
* environment variables set.
*/
+#ifdef HAVE_CLEARENV
clearenv();
+#else
+ {
+ extern char **environ;
+ environ = calloc(1, sizeof(*environ));
+ }
+#endif
CUPS_SMB_DEBUG("Setting KRB5CCNAME to '%s'", gen_cc);
setenv("KRB5CCNAME", gen_cc, 1);
diff --git a/source3/include/vfs.h b/source3/include/vfs.h
index c18ea59..fb3b8aa 100644
--- a/source3/include/vfs.h
+++ b/source3/include/vfs.h
@@ -237,6 +237,8 @@ typedef struct files_struct {
uint32_t access_mask; /* NTCreateX access bits (FILE_READ_DATA etc.) */
uint32_t share_access; /* NTCreateX share constants (FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE). */
+ bool kernel_share_modes_taken;
+
bool update_write_time_triggered;
struct tevent_timer *update_write_time_event;
bool update_write_time_on_close;
diff --git a/source3/lib/sysquotas_4B.c b/source3/lib/sysquotas_4B.c
index e3adc35..ee56432 100644
--- a/source3/lib/sysquotas_4B.c
+++ b/source3/lib/sysquotas_4B.c
@@ -81,6 +81,12 @@ static void xlate_qblk_to_smb(const struct dqblk * const qblk,
dp->hardlimit = XLATE_TO_BLOCKS(qblk->dqb_bhardlimit);
dp->curblocks = XLATE_TO_BLOCKS(qblk->dqb_curbytes);
#undef XLATE_TO_BLOCKS
+#else
+ dp->bsize = DEV_BSIZE;
+
+ dp->softlimit = qblk->dqb_bsoftlimit;
+ dp->hardlimit = qblk->dqb_bhardlimit;
+ dp->curblocks = qblk->dqb_curblocks;
#endif
dp->ihardlimit = qblk->dqb_ihardlimit;
diff --git a/source3/locking/share_mode_lock.c b/source3/locking/share_mode_lock.c
index fe105e3..4e9de03 100644
--- a/source3/locking/share_mode_lock.c
+++ b/source3/locking/share_mode_lock.c
@@ -441,6 +441,11 @@ static int share_mode_data_destructor(struct share_mode_data *d)
TALLOC_FREE(d->record);
/*
+ * Release the dptr as well before reparenting to NULL
+ * (in-memory cache) context.
+ */
+ TALLOC_FREE(data.dptr);
+ /*
* Reparent d into the in-memory cache so it can be reused if the
* sequence number matches. See parse_share_modes()
* for details.
diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c
index c32fbc7..a4edbe8 100644
--- a/source3/rpcclient/rpcclient.c
+++ b/source3/rpcclient/rpcclient.c
@@ -904,6 +904,7 @@ out_free:
const char *binding_string = NULL;
char *user, *domain, *q;
const char *host;
+ int signing_state = SMB_SIGNING_IPC_DEFAULT;
/* make sure the vars that get altered (4th field) are in
a fixed location or certain compilers complain */
@@ -1077,6 +1078,16 @@ out_free:
}
}
+ signing_state = get_cmdline_auth_info_signing_state(rpcclient_auth_info);
+ switch (signing_state) {
+ case SMB_SIGNING_OFF:
+ lp_set_cmdline("client ipc signing", "no");
+ break;
+ case SMB_SIGNING_REQUIRED:
+ lp_set_cmdline("client ipc signing", "required");
+ break;
+ }
+
if (get_cmdline_auth_info_use_kerberos(rpcclient_auth_info)) {
flags |= CLI_FULL_CONNECTION_USE_KERBEROS |
CLI_FULL_CONNECTION_FALLBACK_AFTER_KERBEROS;
@@ -1104,7 +1115,7 @@ out_free:
get_cmdline_auth_info_domain(rpcclient_auth_info),
get_cmdline_auth_info_password(rpcclient_auth_info),
flags,
- get_cmdline_auth_info_signing_state(rpcclient_auth_info));
+ SMB_SIGNING_IPC_DEFAULT);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0,("Cannot connect to server. Error was %s\n", nt_errstr(nt_status)));
diff --git a/source3/smbd/close.c b/source3/smbd/close.c
index 1cb5460..3ab04b7 100644
--- a/source3/smbd/close.c
+++ b/source3/smbd/close.c
@@ -246,7 +246,6 @@ static NTSTATUS close_remove_share_mode(files_struct *fsp,
const struct security_token *del_nt_token = NULL;
bool got_tokens = false;
bool normal_close;
- int ret_flock;
/* Ensure any pending write time updates are done. */
if (fsp->update_write_time_event) {
@@ -470,12 +469,16 @@ static NTSTATUS close_remove_share_mode(files_struct *fsp,
pop_sec_ctx();
}
- /* remove filesystem sharemodes */
- ret_flock = SMB_VFS_KERNEL_FLOCK(fsp, 0, 0);
- if (ret_flock == -1) {
- DEBUG(2, ("close_remove_share_mode: removing kernel flock for "
- "%s failed: %s\n", fsp_str_dbg(fsp),
- strerror(errno)));
+ if (fsp->kernel_share_modes_taken) {
+ int ret_flock;
+
+ /* remove filesystem sharemodes */
+ ret_flock = SMB_VFS_KERNEL_FLOCK(fsp, 0, 0);
+ if (ret_flock == -1) {
+ DEBUG(2, ("close_remove_share_mode: removing kernel "
+ "flock for %s failed: %s\n",
+ fsp_str_dbg(fsp), strerror(errno)));
+ }
}
if (!del_share_mode(lck, fsp)) {
diff --git a/source3/smbd/notifyd/notifyd.c b/source3/smbd/notifyd/notifyd.c
index 49fb9c9..45b029b 100644
--- a/source3/smbd/notifyd/notifyd.c
+++ b/source3/smbd/notifyd/notifyd.c
@@ -1246,7 +1246,10 @@ static int notifyd_peer_destructor(struct notifyd_peer *p)
struct notifyd_state *state = p->state;
size_t i;
- dbwrap_traverse_read(p->db, notifyd_db_del_syswatches, NULL, NULL);
+ if (p->db != NULL) {
+ dbwrap_traverse_read(p->db, notifyd_db_del_syswatches,
+ NULL, NULL);
+ }
for (i = 0; i<state->num_peers; i++) {
if (p == state->peers[i]) {
diff --git a/source3/smbd/open.c b/source3/smbd/open.c
index 0d90c99..61b7145 100644
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -3084,6 +3084,8 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn,
return NT_STATUS_SHARING_VIOLATION;
}
+
+ fsp->kernel_share_modes_taken = true;
}
/*
diff --git a/source3/smbd/oplock.c b/source3/smbd/oplock.c
index 4f108d9..4ce3a1d 100644
--- a/source3/smbd/oplock.c
+++ b/source3/smbd/oplock.c
@@ -190,6 +190,7 @@ bool update_num_read_oplocks(files_struct *fsp, struct share_mode_lock *lck)
/*
* If we're the only one, we don't need a brlock entry
*/
+ remove_stale_share_mode_entries(d);
SMB_ASSERT(d->num_share_modes == 1);
SMB_ASSERT(EXCLUSIVE_OPLOCK_TYPE(d->share_modes[0].op_type));
return true;
diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c
index 62dc49e..c058eac 100644
--- a/source3/smbd/sesssetup.c
+++ b/source3/smbd/sesssetup.c
@@ -130,6 +130,7 @@ static void reply_sesssetup_and_X_spnego(struct smb_request *req)
struct smbXsrv_connection *xconn = req->xconn;
struct smbd_server_connection *sconn = req->sconn;
uint16_t action = 0;
+ bool is_authenticated = false;
NTTIME now = timeval_to_nttime(&req->request_time);
struct smbXsrv_session *session = NULL;
uint16_t smb_bufsize = SVAL(req->vwv+2, 0);
@@ -336,12 +337,13 @@ static void reply_sesssetup_and_X_spnego(struct smb_request *req)
sconn->num_users++;
if (security_session_user_level(session_info, NULL) >= SECURITY_USER) {
+ is_authenticated = true;
session->compat->homes_snum =
register_homes_share(session_info->unix_info->unix_name);
}
if (srv_is_signing_negotiated(xconn) &&
- action == 0 &&
+ is_authenticated &&
session->global->signing_key.length > 0)
{
/*
@@ -601,6 +603,7 @@ void reply_sesssetup_and_X(struct smb_request *req)
struct auth_session_info *session_info = NULL;
uint16_t smb_flag2 = req->flags2;
uint16_t action = 0;
+ bool is_authenticated = false;
NTTIME now = timeval_to_nttime(&req->request_time);
struct smbXsrv_session *session = NULL;
NTSTATUS nt_status;
@@ -1038,12 +1041,13 @@ void reply_sesssetup_and_X(struct smb_request *req)
sconn->num_users++;
if (security_session_user_level(session_info, NULL) >= SECURITY_USER) {
+ is_authenticated = true;
session->compat->homes_snum =
register_homes_share(session_info->unix_info->unix_name);
}
if (srv_is_signing_negotiated(xconn) &&
- action == 0 &&
+ is_authenticated &&
session->global->signing_key.length > 0)
{
/*
diff --git a/source3/utils/net_printing.c b/source3/utils/net_printing.c
index 6f805eb..cc82e51 100644
--- a/source3/utils/net_printing.c
+++ b/source3/utils/net_printing.c
@@ -264,27 +264,66 @@ static int net_printing_dump(struct net_context *c, int argc,
}
if (strncmp((const char *)kbuf.dptr, FORMS_PREFIX, strlen(FORMS_PREFIX)) == 0) {
- dump_form(ctx, (const char *)kbuf.dptr+strlen(FORMS_PREFIX), dbuf.dptr, dbuf.dsize);
+ char *key_name = NULL;
+ size_t converted_size = 0;
+ bool ok;
+
+ ok = pull_ascii_talloc(ctx,
+ &key_name,
+ (const char *) kbuf.dptr + strlen(FORMS_PREFIX),
+ &converted_size);
+ if (!ok) {
+ continue;
+ }
+
+ dump_form(ctx, key_name, dbuf.dptr, dbuf.dsize);
+ TALLOC_FREE(key_name);
SAFE_FREE(dbuf.dptr);
continue;
}
if (strncmp((const char *)kbuf.dptr, DRIVERS_PREFIX, strlen(DRIVERS_PREFIX)) == 0) {
+ char *key_name = NULL;
+ size_t converted_size = 0;
+ bool ok;
+
+ ok = pull_ascii_talloc(ctx,
+ &key_name,
+ (const char *) kbuf.dptr + strlen(DRIVERS_PREFIX),
+ &converted_size);
+ if (!ok) {
+ continue;
+ }
+
dump_driver(ctx,
- (const char *)kbuf.dptr+strlen(DRIVERS_PREFIX),
+ key_name,
dbuf.dptr,
dbuf.dsize,
do_string_conversion);
+ TALLOC_FREE(key_name);
SAFE_FREE(dbuf.dptr);
continue;
}
if (strncmp((const char *)kbuf.dptr, PRINTERS_PREFIX, strlen(PRINTERS_PREFIX)) == 0) {
+ char *key_name = NULL;
+ size_t converted_size = 0;
+ bool ok;
+
+ ok = pull_ascii_talloc(ctx,
+ &key_name,
+ (const char *) kbuf.dptr + strlen(PRINTERS_PREFIX),
+ &converted_size);
+ if (!ok) {
+ continue;
+ }
+
dump_printer(ctx,
- (const char *)kbuf.dptr+strlen(PRINTERS_PREFIX),
+ key_name,
dbuf.dptr,
dbuf.dsize,
do_string_conversion);
+ TALLOC_FREE(key_name);
SAFE_FREE(dbuf.dptr);
continue;
}
@@ -357,33 +396,72 @@ static NTSTATUS printing_migrate_internal(struct net_context *c,
}
if (strncmp((const char *) kbuf.dptr, FORMS_PREFIX, strlen(FORMS_PREFIX)) == 0) {
+ char *key_name = NULL;
+ size_t converted_size = 0;
+ bool ok;
--
Samba Shared Repository
More information about the samba-cvs
mailing list