diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/examples/libsmbclient/Makefile samba-3.0.25a/examples/libsmbclient/Makefile --- samba-3.0.25/examples/libsmbclient/Makefile 2007-04-09 12:31:01.000000000 -0500 +++ samba-3.0.25a/examples/libsmbclient/Makefile 2007-05-23 10:29:21.000000000 -0500 @@ -17,6 +17,7 @@ TESTS= testsmbc \ tree \ testacl \ + testacl2 \ testbrowse \ testbrowse2 \ teststat \ @@ -39,6 +40,10 @@ @echo Linking testacl $(CC) `gtk-config --cflags` $(CFLAGS) $(LDFLAGS) -o $@ $< `gtk-config --libs` $(LIBSMBCLIENT) -lpopt +testacl2: testacl2.o + @echo Linking testacl2 + $(CC) `gtk-config --cflags` $(CFLAGS) $(LDFLAGS) -o $@ $< `gtk-config --libs` $(LIBSMBCLIENT) -lpopt + testbrowse: testbrowse.o @echo Linking testbrowse $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $< $(LIBSMBCLIENT) -lpopt diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/examples/libsmbclient/testacl2.c samba-3.0.25a/examples/libsmbclient/testacl2.c --- samba-3.0.25/examples/libsmbclient/testacl2.c 1969-12-31 18:00:00.000000000 -0600 +++ samba-3.0.25a/examples/libsmbclient/testacl2.c 2007-05-23 10:29:21.000000000 -0500 @@ -0,0 +1,78 @@ +#include +#include +#include +#include +#include "libsmbclient.h" +#include "get_auth_data_fn.h" + +enum acl_mode +{ + SMB_ACL_GET, + SMB_ACL_SET, + SMB_ACL_DELETE, + SMB_ACL_MODIFY, + SMB_ACL_ADD, + SMB_ACL_CHOWN, + SMB_ACL_CHGRP +}; + + +int main(int argc, const char *argv[]) +{ + int i; + int opt; + int flags; + int debug = 0; + int numeric = 0; + int full_time_names = 0; + enum acl_mode mode = SMB_ACL_GET; + static char *the_acl = NULL; + int ret; + char *p; + char *debugstr; + char value[1024]; + + if (smbc_init(get_auth_data_fn, debug) != 0) + { + printf("Could not initialize smbc_ library\n"); + return 1; + } + + SMBCCTX *context = smbc_set_context(NULL); + smbc_option_set(context, "full_time_names", 1); + + the_acl = strdup("system.nt_sec_desc.*"); + ret = smbc_getxattr(argv[1], the_acl, value, sizeof(value)); + if (ret < 0) + { + printf("Could not get attributes for [%s] %d: %s\n", + argv[1], errno, strerror(errno)); + return 1; + } + + printf("Attributes for [%s] are:\n%s\n", argv[1], value); + + flags = 0; + debugstr = "set attributes (1st time)"; + + ret = smbc_setxattr(argv[1], the_acl, value, strlen(value), flags); + if (ret < 0) + { + printf("Could not %s for [%s] %d: %s\n", + debugstr, argv[1], errno, strerror(errno)); + return 1; + } + + flags = 0; + debugstr = "set attributes (2nd time)"; + + ret = smbc_setxattr(argv[1], the_acl, value, strlen(value), flags); + if (ret < 0) + { + printf("Could not %s for [%s] %d: %s\n", + debugstr, argv[1], errno, strerror(errno)); + return 1; + } + + return 0; +} diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/packaging/RHEL/makerpms.sh samba-3.0.25a/packaging/RHEL/makerpms.sh --- samba-3.0.25/packaging/RHEL/makerpms.sh 2007-05-13 07:16:29.000000000 -0500 +++ samba-3.0.25a/packaging/RHEL/makerpms.sh 2007-05-24 23:09:58.000000000 -0500 @@ -20,7 +20,7 @@ USERID=`id -u` GRPID=`id -g` -VERSION='3.0.25' +VERSION='3.0.25a' REVISION='' SPECFILE="samba.spec" RPMVER=`rpm --version | awk '{print $3}'` diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/packaging/RHEL/samba.spec samba-3.0.25a/packaging/RHEL/samba.spec --- samba-3.0.25/packaging/RHEL/samba.spec 2007-05-13 07:16:29.000000000 -0500 +++ samba-3.0.25a/packaging/RHEL/samba.spec 2007-05-24 23:09:58.000000000 -0500 @@ -5,8 +5,8 @@ Vendor: Samba Team Packager: Samba Team Name: samba -Version: 3.0.25 -Release: 7 +Version: 3.0.25a +Release: 1 Epoch: 0 License: GNU GPL version 2 Group: System Environment/Daemons diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/REVISION samba-3.0.25a/REVISION --- samba-3.0.25/REVISION 2007-05-13 07:16:36.000000000 -0500 +++ samba-3.0.25a/REVISION 2007-05-24 23:10:04.000000000 -0500 @@ -2,10 +2,10 @@ URL: svn+ssh://svn.samba.org/home/svn/samba/branches/SAMBA_3_0_RELEASE Repository Root: svn+ssh://svn.samba.org/home/svn/samba Repository UUID: 0c0555d6-39d7-0310-84fc-f1cc0bd64818 -Revision: 22823 +Revision: 23130 Node Kind: directory Schedule: normal Last Changed Author: jerry -Last Changed Rev: 22823 -Last Changed Date: 2007-05-13 06:56:25 -0500 (Sun, 13 May 2007) +Last Changed Rev: 23130 +Last Changed Date: 2007-05-24 23:02:25 -0500 (Thu, 24 May 2007) diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/source/auth/auth_server.c samba-3.0.25a/source/auth/auth_server.c --- samba-3.0.25/source/auth/auth_server.c 2007-02-28 22:54:11.000000000 -0600 +++ samba-3.0.25a/source/auth/auth_server.c 2007-05-23 10:29:16.000000000 -0500 @@ -230,17 +230,6 @@ NTSTATUS nt_status = NT_STATUS_NOT_IMPLEMENTED; BOOL locally_made_cli = False; - /* - * Check that the requested domain is not our own machine name. - * If it is, we should never check the PDC here, we use our own local - * password file. - */ - - if(is_myname(user_info->domain)) { - DEBUG(3,("check_smbserver_security: Requested domain was for this machine.\n")); - return nt_status; - } - cli = (struct cli_state *)my_private_data; if (cli) { diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/source/client/mount.cifs.c samba-3.0.25a/source/client/mount.cifs.c --- samba-3.0.25/source/client/mount.cifs.c 2007-05-10 17:09:38.000000000 -0500 +++ samba-3.0.25a/source/client/mount.cifs.c 2007-05-23 10:29:19.000000000 -0500 @@ -621,6 +621,7 @@ nocopy: data = next_keyword; } + free(*optionsp); *optionsp = out; return 0; } @@ -882,8 +883,8 @@ char * ipaddr = NULL; char * uuid = NULL; char * mountpoint = NULL; - char * options; - char * resolved_path; + char * options = NULL; + char * resolved_path = NULL; char * temp; int rc; int rsize = 0; @@ -1079,12 +1080,15 @@ get_password_from_file(0, getenv("PASSWD_FILE")); } - if (orgoptions && parse_options(&orgoptions, &flags)) - return -1; + if (orgoptions && parse_options(&orgoptions, &flags)) { + rc = -1; + goto mount_exit; + } ipaddr = parse_server(&share_name); if((ipaddr == NULL) && (got_ip == 0)) { printf("No ip address specified and hostname not found\n"); - return -1; + rc = -1; + goto mount_exit; } /* BB save off path and pop after mount returns? */ @@ -1098,17 +1102,20 @@ } if(chdir(mountpoint)) { printf("mount error: can not change directory into mount target %s\n",mountpoint); - return -1; + rc = -1; + goto mount_exit; } if(stat (".", &statbuf)) { printf("mount error: mount point %s does not exist\n",mountpoint); - return -1; + rc = -1; + goto mount_exit; } if (S_ISDIR(statbuf.st_mode) == 0) { printf("mount error: mount point %s is not a directory\n",mountpoint); - return -1; + rc = -1; + goto mount_exit; } if((getuid() != 0) && (geteuid() == 0)) { @@ -1154,6 +1161,8 @@ optlen += strlen(ipaddr) + 4; if(mountpassword) optlen += strlen(mountpassword) + 6; + if(options) + free(options); options = (char *)malloc(optlen + 10 + 64 /* space for commas in password */ + 8 /* space for domain= , domain name itself was counted as part of the length username string above */); if(options == NULL) { @@ -1236,14 +1245,11 @@ } } default: - printf("mount error %d = %s\n",errno,strerror(errno)); } printf("Refer to the mount.cifs(8) manual page (e.g.man mount.cifs)\n"); - if(mountpassword) { - memset(mountpassword,0,64); - } - return -1; + rc = -1; + goto mount_exit; } else { pmntfile = setmntent(MOUNTED, "a+"); if(pmntfile) { @@ -1273,7 +1279,7 @@ strcat(mountent.mnt_opts,",user="); strcat(mountent.mnt_opts,mount_user); } - free(mount_user); + /* free(mount_user); do not free static mem */ } } mountent.mnt_freq = 0; @@ -1286,6 +1292,8 @@ printf("could not update mount table\n"); } } + rc = 0; +mount_exit: if(mountpassword) { int len = strlen(mountpassword); memset(mountpassword,0,len); @@ -1308,6 +1316,6 @@ if(free_share_name) { free(share_name); } - return 0; + return rc; } diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/source/configure samba-3.0.25a/source/configure --- samba-3.0.25/source/configure 2007-05-13 07:17:37.000000000 -0500 +++ samba-3.0.25a/source/configure 2007-05-24 23:11:18.000000000 -0500 @@ -757,6 +757,7 @@ TERMLDFLAGS LIBUNWIND_PTRACE ROFF +SMB_FAM_LIBS SMBLDAP SMBLDAPUTIL LDBLDAP @@ -18652,6 +18653,7 @@ save_LIBS="$LIBS" LIBS="" +libreplace_cv_dlfcn=no { echo "$as_me:$LINENO: checking for library containing dlopen" >&5 echo $ECHO_N "checking for library containing dlopen... $ECHO_C" >&6; } if test "${ac_cv_search_dlopen+set}" = set; then @@ -18736,7 +18738,9 @@ fi -if test "$ac_cv_search_dlopen" != no; then +if test x"${ac_cv_search_dlopen}" = x"no"; then + libreplace_cv_dlfcn=yes +else for ac_header in dlfcn.h do @@ -18878,8 +18882,6 @@ done - libreplace_cv_dlfcn=no - @@ -18978,10 +18980,10 @@ fi done +fi - if test x"${libreplace_cv_dlfcn}" = x"yes";then - LIBREPLACEOBJ="${LIBREPLACEOBJ} dlfcn.o" - fi +if test x"${libreplace_cv_dlfcn}" = x"yes";then + LIBREPLACEOBJ="${LIBREPLACEOBJ} dlfcn.o" fi LIBDL="$LIBS" @@ -39861,6 +39863,68 @@ fi +{ echo "$as_me:$LINENO: checking for 64 bit time_t" >&5 +echo $ECHO_N "checking for 64 bit time_t... $ECHO_C" >&6; } +if test "${samba_cv_SIZEOF_TIME_T+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + +if test "$cross_compiling" = yes; then + samba_cv_SIZEOF_TIME_T=cross +else + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#include +main() { exit((sizeof(time_t) == 8) ? 0 : 1); } +_ACEOF +rm -f conftest$ac_exeext +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && { ac_try='./conftest$ac_exeext' + { (case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_try") 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + samba_cv_SIZEOF_TIME_T=yes +else + echo "$as_me: program exited with status $ac_status" >&5 +echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +( exit $ac_status ) +samba_cv_SIZEOF_TIME_T=no +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext +fi + + +fi +{ echo "$as_me:$LINENO: result: $samba_cv_SIZEOF_TIME_T" >&5 +echo "${ECHO_T}$samba_cv_SIZEOF_TIME_T" >&6; } +if test x"$samba_cv_SIZEOF_TIME_T" = x"yes"; then + +cat >>confdefs.h <<\_ACEOF +#define SIZEOF_TIME_T 8 +_ACEOF + +fi + { echo "$as_me:$LINENO: checking for 64 bit off_t" >&5 echo $ECHO_N "checking for 64 bit off_t... $ECHO_C" >&6; } if test "${samba_cv_SIZEOF_OFF_T+set}" = set; then @@ -40829,10 +40893,7 @@ echo $ECHO_N "(cached) $ECHO_C" >&6 else -if test "$cross_compiling" = yes; then - samba_cv_HAVE_GETTIMEOFDAY_TZ=cross -else - cat >conftest.$ac_ext <<_ACEOF +cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext @@ -40841,41 +40902,42 @@ #include #include -main() { struct timeval tv; exit(gettimeofday(&tv, NULL));} +int +main () +{ +struct timeval tv; return gettimeofday(&tv, NULL); + ; + return 0; +} _ACEOF -rm -f conftest$ac_exeext +rm -f conftest.$ac_objext conftest$ac_exeext if { (ac_try="$ac_link" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 + (eval "$ac_link") 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && + $as_test_x conftest$ac_exeext; then samba_cv_HAVE_GETTIMEOFDAY_TZ=yes else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 + echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 -( exit $ac_status ) -samba_cv_HAVE_GETTIMEOFDAY_TZ=no -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext + samba_cv_HAVE_GETTIMEOFDAY_TZ=no fi - +rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ + conftest$ac_exeext conftest.$ac_ext fi { echo "$as_me:$LINENO: result: $samba_cv_HAVE_GETTIMEOFDAY_TZ" >&5 echo "${ECHO_T}$samba_cv_HAVE_GETTIMEOFDAY_TZ" >&6; } @@ -44011,7 +44073,7 @@ { echo "$as_me:$LINENO: result: $ac_cv_lib_fam_FAMOpen2" >&5 echo "${ECHO_T}$ac_cv_lib_fam_FAMOpen2" >&6; } if test $ac_cv_lib_fam_FAMOpen2 = yes; then - samba_cv_HAVE_LIBFAM=yes; samba_fam_libs="-lfam" + samba_cv_HAVE_LIBFAM=yes; SMB_FAM_LIBS="-lfam" else samba_cv_HAVE_LIBFAM=no fi @@ -44099,7 +44161,7 @@ LIBS=$ac_check_lib_ext_save_LIBS if test $ac_cv_lib_ext_fam = yes; then - samba_cv_HAVE_LIBFAM=yes; samba_fam_libs="-lfam -lC" + samba_cv_HAVE_LIBFAM=yes; SMB_FAM_LIBS="-lfam -lC" else @@ -44166,6 +44228,8 @@ fi fi + + ################################################# # Check for DMAPI interfaces in libdm/libjfsdm/libxsdm @@ -60260,6 +60324,7 @@ #define HAVE_ACL_GET_PERM_NP 1 _ACEOF + default_static_modules="$default_static_modules vfs_posixacl" ;; *linux*) { echo "$as_me:$LINENO: checking for getxattr in -lattr" >&5 @@ -66514,7 +66579,7 @@ # Stuff the smbd-only libraries at the end of the smbd link # path (if we have them). -SMBD_LIBS="$samba_fam_libs $samba_dmapi_libs" +SMBD_LIBS="$samba_dmapi_libs" ac_config_files="$ac_config_files include/stamp-h Makefile script/findsmb smbadduser script/gen-8bit-gap.sh script/installbin.sh script/uninstallbin.sh" @@ -67342,6 +67407,7 @@ TERMLDFLAGS!$TERMLDFLAGS$ac_delim LIBUNWIND_PTRACE!$LIBUNWIND_PTRACE$ac_delim ROFF!$ROFF$ac_delim +SMB_FAM_LIBS!$SMB_FAM_LIBS$ac_delim SMBLDAP!$SMBLDAP$ac_delim SMBLDAPUTIL!$SMBLDAPUTIL$ac_delim LDBLDAP!$LDBLDAP$ac_delim @@ -67378,7 +67444,7 @@ LTLIBOBJS!$LTLIBOBJS$ac_delim _ACEOF - if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 80; then + if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 81; then break elif $ac_last_try; then { { echo "$as_me:$LINENO: error: could not make $CONFIG_STATUS" >&5 diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/source/configure.in samba-3.0.25a/source/configure.in --- samba-3.0.25/source/configure.in 2007-05-10 17:09:38.000000000 -0500 +++ samba-3.0.25a/source/configure.in 2007-05-23 10:29:20.000000000 -0500 @@ -1936,6 +1936,14 @@ fi +AC_CACHE_CHECK([for 64 bit time_t],samba_cv_SIZEOF_TIME_T,[ +AC_TRY_RUN([#include +main() { exit((sizeof(time_t) == 8) ? 0 : 1); }], +samba_cv_SIZEOF_TIME_T=yes,samba_cv_SIZEOF_TIME_T=no,samba_cv_SIZEOF_TIME_T=cross)]) +if test x"$samba_cv_SIZEOF_TIME_T" = x"yes"; then + AC_DEFINE(SIZEOF_TIME_T,8,[The size of the 'time_t' type]) +fi + AC_CACHE_CHECK([for 64 bit off_t],samba_cv_SIZEOF_OFF_T,[ AC_TRY_RUN([#include #include @@ -2107,13 +2115,13 @@ fi AC_CACHE_CHECK([if gettimeofday takes tz argument],samba_cv_HAVE_GETTIMEOFDAY_TZ,[ -AC_TRY_RUN([ +AC_TRY_LINK([ #include -#include -main() { struct timeval tv; exit(gettimeofday(&tv, NULL));}], - samba_cv_HAVE_GETTIMEOFDAY_TZ=yes,samba_cv_HAVE_GETTIMEOFDAY_TZ=no,samba_cv_HAVE_GETTIMEOFDAY_TZ=cross)]) +#include ], [struct timeval tv; return gettimeofday(&tv, NULL);], + samba_cv_HAVE_GETTIMEOFDAY_TZ=yes, + samba_cv_HAVE_GETTIMEOFDAY_TZ=no)]) if test x"$samba_cv_HAVE_GETTIMEOFDAY_TZ" = x"yes"; then - AC_DEFINE(HAVE_GETTIMEOFDAY_TZ,1,[Whether gettimeofday() is available]) + AC_DEFINE(HAVE_GETTIMEOFDAY_TZ,1,[Whether gettimeofday takes a tz argument]) fi if test x"$samba_cv_WITH_PROFILE" = x"yes"; then @@ -2538,13 +2546,13 @@ # On IRIX, libfam requires libC, but other FAM implementations # might not need it. AC_CHECK_LIB(fam, FAMOpen2, - [samba_cv_HAVE_LIBFAM=yes; samba_fam_libs="-lfam"], + [samba_cv_HAVE_LIBFAM=yes; SMB_FAM_LIBS="-lfam"], [samba_cv_HAVE_LIBFAM=no]) if test x"$samba_cv_HAVE_LIBFAM" = x"no" ; then samba_fam_xtra=-lC AC_CHECK_LIB_EXT(fam, samba_fam_xtra, FAMOpen2, - [samba_cv_HAVE_LIBFAM=yes; samba_fam_libs="-lfam -lC"], + [samba_cv_HAVE_LIBFAM=yes; SMB_FAM_LIBS="-lfam -lC"], [samba_cv_HAVE_LIBFAM=no]) unset samba_fam_xtra fi @@ -2564,6 +2572,8 @@ fi fi +AC_SUBST(SMB_FAM_LIBS) + ################################################# # Check for DMAPI interfaces in libdm/libjfsdm/libxsdm @@ -5140,6 +5150,7 @@ AC_MSG_RESULT(Using FreeBSD posix ACLs) AC_DEFINE(HAVE_POSIX_ACLS,1,[Whether FreeBSD POSIX ACLs are available]) AC_DEFINE(HAVE_ACL_GET_PERM_NP,1,[Whether acl_get_perm_np() is available]) + default_static_modules="$default_static_modules vfs_posixacl" ;; *linux*) AC_CHECK_LIB(attr,getxattr,[ACL_LIBS="$ACL_LIBS -lattr"]) @@ -6203,7 +6214,7 @@ # Stuff the smbd-only libraries at the end of the smbd link # path (if we have them). -SMBD_LIBS="$samba_fam_libs $samba_dmapi_libs" +SMBD_LIBS="$samba_dmapi_libs" AC_SUBST(SMBD_LIBS) AC_OUTPUT(include/stamp-h Makefile script/findsmb smbadduser script/gen-8bit-gap.sh script/installbin.sh script/uninstallbin.sh) diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/source/include/ads_cldap.h samba-3.0.25a/source/include/ads_cldap.h --- samba-3.0.25/source/include/ads_cldap.h 2007-02-28 22:54:51.000000000 -0600 +++ samba-3.0.25a/source/include/ads_cldap.h 2007-05-23 10:29:18.000000000 -0500 @@ -58,4 +58,4 @@ #define ADS_GOOD_TIMESERV 0x00000200 /* DC has hardware clock (and running time) */ #define ADS_NDNC 0x00000400 /* DomainName is non-domain NC serviced by LDAP server */ -#endif /* _INCLUDE_CLDAP_H_ */ +#endif /* _INCLUDE_ADS_CLDAP_H_ */ diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/source/include/ads.h samba-3.0.25a/source/include/ads.h --- samba-3.0.25/source/include/ads.h 2007-02-28 22:54:51.000000000 -0600 +++ samba-3.0.25a/source/include/ads.h 2007-05-23 10:29:18.000000000 -0500 @@ -321,4 +321,4 @@ int val; int critical; } ads_control; -#endif +#endif /* _INCLUDE_ADS_H_ */ diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/source/include/config.h.in samba-3.0.25a/source/include/config.h.in --- samba-3.0.25/source/include/config.h.in 2007-05-13 07:17:35.000000000 -0500 +++ samba-3.0.25a/source/include/config.h.in 2007-05-24 23:11:16.000000000 -0500 @@ -598,7 +598,7 @@ /* Whether getspnam is available */ #undef HAVE_GETSPNAM -/* Whether gettimeofday() is available */ +/* Whether gettimeofday takes a tz argument */ #undef HAVE_GETTIMEOFDAY_TZ /* Define to 1 if you have the `getutmpx' function. */ @@ -2336,6 +2336,9 @@ /* The size of `ssize_t', as computed by sizeof. */ #undef SIZEOF_SSIZE_T +/* The size of the 'time_t' type */ +#undef SIZEOF_TIME_T + /* Use socket wrapper library */ #undef SOCKET_WRAPPER diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/source/include/nterr.h samba-3.0.25a/source/include/nterr.h --- samba-3.0.25/source/include/nterr.h 2007-02-28 22:54:51.000000000 -0600 +++ samba-3.0.25a/source/include/nterr.h 2007-05-24 23:09:18.000000000 -0500 @@ -30,6 +30,9 @@ #define STATUS_NO_MORE_FILES NT_STATUS(0x80000006) #define NT_STATUS_NO_MORE_ENTRIES NT_STATUS(0x8000001a) +/* Vista Status codes. */ +#define STATUS_INACCESSIBLE_SYSTEM_SHORTCUT NT_STATUS(0x8000002d) + #define STATUS_MORE_ENTRIES NT_STATUS(0x0105) #define STATUS_SOME_UNMAPPED NT_STATUS(0x0107) #define ERROR_INVALID_PARAMETER NT_STATUS(0x0057) diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/source/include/smb.h samba-3.0.25a/source/include/smb.h --- samba-3.0.25/source/include/smb.h 2007-04-20 20:48:08.000000000 -0500 +++ samba-3.0.25a/source/include/smb.h 2007-05-24 08:27:21.000000000 -0500 @@ -748,6 +748,7 @@ }; #define SHARE_MODE_FLAG_POSIX_OPEN 0x1 +#define SHARE_MODE_ALLOW_INITIAL_DELETE_ON_CLOSE 0x2 /* struct returned by get_share_modes */ struct share_mode_entry { @@ -765,7 +766,7 @@ SMB_INO_T inode; unsigned long share_file_id; uint32 uid; /* uid of file opener. */ - uint16 flags; /* POSIX_OPEN only defined so far... */ + uint16 flags; /* See SHARE_MODE_XX above. */ }; /* oplock break message definition - linearization of share_mode_entry. diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/source/include/version.h samba-3.0.25a/source/include/version.h --- samba-3.0.25/source/include/version.h 2007-05-13 07:17:23.000000000 -0500 +++ samba-3.0.25a/source/include/version.h 2007-05-24 23:11:04.000000000 -0500 @@ -2,5 +2,6 @@ #define SAMBA_VERSION_MAJOR 3 #define SAMBA_VERSION_MINOR 0 #define SAMBA_VERSION_RELEASE 25 -#define SAMBA_VERSION_OFFICIAL_STRING "3.0.25" +#define SAMBA_VERSION_REVISION "a" +#define SAMBA_VERSION_OFFICIAL_STRING "3.0.25a" #define SAMBA_VERSION_STRING samba_version_string() diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/source/lib/replace/dlfcn.m4 samba-3.0.25a/source/lib/replace/dlfcn.m4 --- samba-3.0.25/source/lib/replace/dlfcn.m4 2007-02-28 22:54:24.000000000 -0600 +++ samba-3.0.25a/source/lib/replace/dlfcn.m4 2007-05-23 10:29:16.000000000 -0500 @@ -2,17 +2,18 @@ save_LIBS="$LIBS" LIBS="" +libreplace_cv_dlfcn=no AC_SEARCH_LIBS(dlopen, dl) -if test "$ac_cv_search_dlopen" != no; then +if test x"${ac_cv_search_dlopen}" = x"no"; then + libreplace_cv_dlfcn=yes +else AC_CHECK_HEADERS(dlfcn.h) - - libreplace_cv_dlfcn=no AC_CHECK_FUNCS([dlopen dlsym dlerror dlclose],[],[libreplace_cv_dlfcn=yes]) +fi - if test x"${libreplace_cv_dlfcn}" = x"yes";then - LIBREPLACEOBJ="${LIBREPLACEOBJ} dlfcn.o" - fi +if test x"${libreplace_cv_dlfcn}" = x"yes";then + LIBREPLACEOBJ="${LIBREPLACEOBJ} dlfcn.o" fi LIBDL="$LIBS" diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/source/lib/time.c samba-3.0.25a/source/lib/time.c --- samba-3.0.25/source/lib/time.c 2007-03-20 17:25:38.000000000 -0500 +++ samba-3.0.25a/source/lib/time.c 2007-05-23 10:29:16.000000000 -0500 @@ -95,7 +95,13 @@ if (t == (time_t)-1) { *nt = (NTTIME)-1LL; return; - } + } + + if (t == TIME_T_MAX) { + *nt = 0x7fffffffffffffffLL; + return; + } + if (t == 0) { *nt = 0; return; @@ -301,7 +307,9 @@ static fstring buf; struct tm *tm = localtime(&t); - if (!tm) { + if (t == TIME_T_MAX) { + slprintf(buf,sizeof(buf)-1,"never"); + } else if (!tm) { slprintf(buf,sizeof(buf)-1,"%ld seconds since the Epoch",(long)t); } else { #ifndef HAVE_STRFTIME @@ -554,6 +562,37 @@ ((TIME_FIXUP_CONSTANT_INT + (uint64_t)tv->tv_sec) * 1000000)); } +/************************************************************** + Handle conversions between time_t and uint32, taking care to + preserve the "special" values. +**************************************************************/ + +uint32 convert_time_t_to_uint32(time_t t) +{ +#if (defined(SIZEOF_TIME_T) && (SIZEOF_TIME_T == 8)) + /* time_t is 64-bit. */ + if (t == 0x8000000000000000LL) { + return 0x80000000; + } else if (t == 0x7FFFFFFFFFFFFFFFLL) { + return 0x7FFFFFFF; + } +#endif + return (uint32)t; +} + +time_t convert_uint32_to_time_t(uint32 u) +{ +#if (defined(SIZEOF_TIME_T) && (SIZEOF_TIME_T == 8)) + /* time_t is 64-bit. */ + if (u == 0x80000000) { + return (time_t)0x8000000000000000LL; + } else if (u == 0x7FFFFFFF) { + return (time_t)0x7FFFFFFFFFFFFFFFLL; + } +#endif + return (time_t)u; +} + /******************************************************************* Yield the difference between *A and *B, in seconds, ignoring leap seconds. ********************************************************************/ diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/source/libads/authdata.c samba-3.0.25a/source/libads/authdata.c --- samba-3.0.25/source/libads/authdata.c 2007-02-28 22:54:56.000000000 -0600 +++ samba-3.0.25a/source/libads/authdata.c 2007-05-23 10:29:18.000000000 -0500 @@ -120,10 +120,14 @@ return False; if (UNMARSHALLING(ps)) { - array->krb_sid_and_attrs = PRS_ALLOC_MEM(ps, KRB_SID_AND_ATTRS, num); - if (!array->krb_sid_and_attrs) { - DEBUG(3, ("No memory available\n")); - return False; + if (num) { + array->krb_sid_and_attrs = PRS_ALLOC_MEM(ps, KRB_SID_AND_ATTRS, num); + if (!array->krb_sid_and_attrs) { + DEBUG(3, ("No memory available\n")); + return False; + } + } else { + array->krb_sid_and_attrs = NULL; } } @@ -184,10 +188,14 @@ return False; if (UNMARSHALLING(ps)) { - array->group_membership = PRS_ALLOC_MEM(ps, GROUP_MEMBERSHIP, num); - if (!array->group_membership) { - DEBUG(3, ("No memory available\n")); - return False; + if (num) { + array->group_membership = PRS_ALLOC_MEM(ps, GROUP_MEMBERSHIP, num); + if (!array->group_membership) { + DEBUG(3, ("No memory available\n")); + return False; + } + } else { + array->group_membership = NULL; } } @@ -456,10 +464,14 @@ return False; if (UNMARSHALLING(ps) && length) { - data->signature.buffer = PRS_ALLOC_MEM(ps, uint8, siglen); - if (!data->signature.buffer) { - DEBUG(3, ("No memory available\n")); - return False; + if (siglen) { + data->signature.buffer = PRS_ALLOC_MEM(ps, uint8, siglen); + if (!data->signature.buffer) { + DEBUG(3, ("No memory available\n")); + return False; + } + } else { + data->signature.buffer = NULL; } } diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/source/libsmb/clierror.c samba-3.0.25a/source/libsmb/clierror.c --- samba-3.0.25/source/libsmb/clierror.c 2007-02-28 22:54:37.000000000 -0600 +++ samba-3.0.25a/source/libsmb/clierror.c 2007-05-24 23:09:18.000000000 -0500 @@ -380,6 +380,15 @@ return cli_errno_from_nt(status); } + /* + * Yuck! A special case for this Vista error. Since its high-order + * byte isn't 0xc0, it doesn't match cli_is_nt_error() above. + */ + status = cli_nt_error(cli); + if (NT_STATUS_V(status) == NT_STATUS_V(STATUS_INACCESSIBLE_SYSTEM_SHORTCUT)) { + return EACCES; + } + /* for other cases */ return EINVAL; } diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/source/libsmb/clitrans.c samba-3.0.25a/source/libsmb/clitrans.c --- samba-3.0.25/source/libsmb/clitrans.c 2007-02-28 22:54:38.000000000 -0600 +++ samba-3.0.25a/source/libsmb/clitrans.c 2007-05-24 23:09:18.000000000 -0500 @@ -197,7 +197,9 @@ */ status = cli_nt_error(cli); - if (NT_STATUS_IS_ERR(status) || NT_STATUS_EQUAL(status,STATUS_NO_MORE_FILES)) { + if (NT_STATUS_IS_ERR(status) || + NT_STATUS_EQUAL(status,STATUS_NO_MORE_FILES) || + NT_STATUS_EQUAL(status,STATUS_INACCESSIBLE_SYSTEM_SHORTCUT)) { goto out; } diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/source/libsmb/libsmbclient.c samba-3.0.25a/source/libsmb/libsmbclient.c --- samba-3.0.25/source/libsmb/libsmbclient.c 2007-04-09 12:30:58.000000000 -0500 +++ samba-3.0.25a/source/libsmb/libsmbclient.c 2007-05-23 10:29:17.000000000 -0500 @@ -500,7 +500,7 @@ smbc_check_server(SMBCCTX * context, SMBCSRV * server) { - size_t size; + socklen_t size; struct sockaddr addr; /* @@ -4556,7 +4556,7 @@ return -1; } n = strlen(p); - } else { + } else if (sidstr[0] != '\0') { n = snprintf(buf, bufsize, ",OWNER:%s", sidstr); } @@ -4601,7 +4601,7 @@ return -1; } n = strlen(p); - } else { + } else if (sidstr[0] != '\0') { n = snprintf(buf, bufsize, ",GROUP:%s", sidstr); } @@ -4709,7 +4709,7 @@ ace->access_mask); } } - if (n > bufsize) { + if (!determine_size && n > bufsize) { errno = ERANGE; return -1; } @@ -5327,7 +5327,9 @@ ipc_srv = smbc_attr_server(context, server, share, workgroup, user, password, &pol); - srv->no_nt_session = True; + if (! ipc_srv) { + srv->no_nt_session = True; + } } else { ipc_srv = NULL; } @@ -5752,7 +5754,9 @@ ipc_srv = smbc_attr_server(context, server, share, workgroup, user, password, &pol); - srv->no_nt_session = True; + if (! ipc_srv) { + srv->no_nt_session = True; + } } else { ipc_srv = NULL; } diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/source/locking/brlock.c samba-3.0.25a/source/locking/brlock.c --- samba-3.0.25/source/locking/brlock.c 2007-05-10 17:09:36.000000000 -0500 +++ samba-3.0.25a/source/locking/brlock.c 2007-05-23 10:29:18.000000000 -0500 @@ -313,7 +313,7 @@ ****************************************************************************/ static NTSTATUS brl_lock_windows(struct byte_range_lock *br_lck, - const struct lock_struct *plock, BOOL blocking_lock) + struct lock_struct *plock, BOOL blocking_lock) { unsigned int i; files_struct *fsp = br_lck->fsp; @@ -322,6 +322,8 @@ for (i=0; i < br_lck->num_locks; i++) { /* Do any Windows or POSIX locks conflict ? */ if (brl_conflict(&locks[i], plock)) { + /* Remember who blocked us. */ + plock->context.smbpid = locks[i].context.smbpid; return brl_lock_failed(fsp,plock,blocking_lock); } #if ZERO_ZERO @@ -346,6 +348,10 @@ locks, br_lck->num_locks, &errno_ret)) { + + /* We don't know who blocked us. */ + plock->context.smbpid = 0xFFFFFFFF; + if (errno_ret == EACCES || errno_ret == EAGAIN) { return NT_STATUS_FILE_LOCK_CONFLICT; } else { @@ -585,7 +591,7 @@ ****************************************************************************/ static NTSTATUS brl_lock_posix(struct byte_range_lock *br_lck, - const struct lock_struct *plock) + struct lock_struct *plock) { unsigned int i, count; struct lock_struct *locks = (struct lock_struct *)br_lck->lock_data; @@ -629,6 +635,8 @@ if (brl_conflict(curr_lock, plock)) { /* No games with error messages. */ SAFE_FREE(tp); + /* Remember who blocked us. */ + plock->context.smbpid = curr_lock->context.smbpid; return NT_STATUS_FILE_LOCK_CONFLICT; } /* Just copy the Windows lock into the new array. */ @@ -640,6 +648,8 @@ /* Can't block ourselves with POSIX locks. */ /* No games with error messages. */ SAFE_FREE(tp); + /* Remember who blocked us. */ + plock->context.smbpid = curr_lock->context.smbpid; return NT_STATUS_FILE_LOCK_CONFLICT; } @@ -669,6 +679,10 @@ plock->size, plock->lock_type, &errno_ret)) { + + /* We don't know who blocked us. */ + plock->context.smbpid = 0xFFFFFFFF; + if (errno_ret == EACCES || errno_ret == EAGAIN) { SAFE_FREE(tp); return NT_STATUS_FILE_LOCK_CONFLICT; @@ -729,7 +743,8 @@ br_off size, enum brl_type lock_type, enum brl_flavour lock_flav, - BOOL blocking_lock) + BOOL blocking_lock, + uint32 *psmbpid) { NTSTATUS ret; struct lock_struct lock; @@ -760,6 +775,10 @@ qsort(br_lck->lock_data, (size_t)br_lck->num_locks, sizeof(lock), lock_compare); #endif + /* If we're returning an error, return who blocked us. */ + if (!NT_STATUS_IS_OK(ret) && psmbpid) { + *psmbpid = lock.context.smbpid; + } return ret; } diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/source/locking/locking.c samba-3.0.25a/source/locking/locking.c --- samba-3.0.25/source/locking/locking.c 2007-05-10 17:09:36.000000000 -0500 +++ samba-3.0.25a/source/locking/locking.c 2007-05-24 08:27:21.000000000 -0500 @@ -187,7 +187,8 @@ enum brl_type lock_type, enum brl_flavour lock_flav, BOOL blocking_lock, - NTSTATUS *perr) + NTSTATUS *perr, + uint32 *plock_pid) { struct byte_range_lock *br_lck = NULL; @@ -220,7 +221,8 @@ count, lock_type, lock_flav, - blocking_lock); + blocking_lock, + plock_pid); /* blocking ie. pending, locks also count here, * as this is an efficiency counter to avoid checking @@ -991,10 +993,13 @@ } void set_share_mode(struct share_mode_lock *lck, files_struct *fsp, - uid_t uid, uint16 mid, uint16 op_type) + uid_t uid, uint16 mid, uint16 op_type, BOOL initial_delete_on_close_allowed) { struct share_mode_entry entry; fill_share_mode_entry(&entry, fsp, uid, mid, op_type); + if (initial_delete_on_close_allowed) { + entry.flags |= SHARE_MODE_ALLOW_INITIAL_DELETE_ON_CLOSE; + } add_share_mode_entry(lck, &entry); } @@ -1194,6 +1199,22 @@ return NT_STATUS_OK; } +/**************************************************************************** + Do we have an open file handle that created this entry ? +****************************************************************************/ + +BOOL can_set_initial_delete_on_close(const struct share_mode_lock *lck) +{ + int i; + + for (i=0; inum_share_modes; i++) { + if (lck->share_modes[i].flags & SHARE_MODE_ALLOW_INITIAL_DELETE_ON_CLOSE) { + return True; + } + } + return False; +} + /************************************************************************* Return a talloced copy of a UNIX_USER_TOKEN. NULL on fail. (Should this be in locking.c.... ?). @@ -1294,6 +1315,31 @@ return True; } +/**************************************************************************** + Sets the allow initial delete on close flag for this share mode. +****************************************************************************/ + +BOOL set_allow_initial_delete_on_close(struct share_mode_lock *lck, files_struct *fsp, BOOL delete_on_close) +{ + struct share_mode_entry entry, *e; + + /* Don't care about the pid owner being correct here - just a search. */ + fill_share_mode_entry(&entry, fsp, (uid_t)-1, 0, NO_OPLOCK); + + e = find_share_mode_entry(lck, &entry); + if (e == NULL) { + return False; + } + + if (delete_on_close) { + e->flags |= SHARE_MODE_ALLOW_INITIAL_DELETE_ON_CLOSE; + } else { + e->flags &= ~SHARE_MODE_ALLOW_INITIAL_DELETE_ON_CLOSE; + } + lck->modified = True; + return True; +} + struct forall_state { void (*fn)(const struct share_mode_entry *entry, const char *sharepath, diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/source/Makefile.in samba-3.0.25a/source/Makefile.in --- samba-3.0.25/source/Makefile.in 2007-04-25 04:39:00.000000000 -0500 +++ samba-3.0.25a/source/Makefile.in 2007-05-23 10:29:19.000000000 -0500 @@ -1349,11 +1349,16 @@ @$(SHLD) $(LDSHFLAGS) -o $@ nsswitch/idmap_rid.o \ @SONAMEFLAG@`basename $@` -bin/ad.@SHLIBEXT@: nsswitch/idmap_ad.o +bin/ad.@SHLIBEXT@: proto_exists nsswitch/idmap_ad.o @echo "Building plugin $@" @$(SHLD) $(LDSHFLAGS) -o $@ nsswitch/idmap_ad.o \ @SONAMEFLAG@`basename $@` +bin/ldap.@SHLIBEXT@: proto_exists nsswitch/idmap_ldap.o + @echo "Building plugin $@" + @$(SHLD) $(LDSHFLAGS) -o $@ nsswitch/idmap_ldap.o \ + @SONAMEFLAG@`basename $@` + bin/weird.@SHLIBEXT@: proto_exists $(DEVEL_HELP_WEIRD_OBJ) @echo "Building plugin $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(DEVEL_HELP_WEIRD_OBJ) \ @@ -1500,7 +1505,7 @@ bin/notify_fam.@SHLIBEXT@: $(VFS_NOTIFY_FAM_OBJ) @echo "Building plugin $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_NOTIFY_FAM_OBJ) \ - @SONAMEFLAG@`basename $@` + @SONAMEFLAG@`basename $@` @SMB_FAM_LIBS@ bin/readahead.@SHLIBEXT@: $(VFS_READAHEAD_OBJ) @echo "Building plugin $@" diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/source/modules/vfs_hpuxacl.c samba-3.0.25a/source/modules/vfs_hpuxacl.c --- samba-3.0.25/source/modules/vfs_hpuxacl.c 2007-02-28 22:54:34.000000000 -0600 +++ samba-3.0.25a/source/modules/vfs_hpuxacl.c 2007-05-23 10:29:17.000000000 -0500 @@ -1,101 +1,1182 @@ /* - Unix SMB/Netbios implementation. - VFS module to get and set hpux acls - Copyright (C) Michael Adam 2006 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ + * Unix SMB/Netbios implementation. + * VFS module to get and set HP-UX ACLs + * Copyright (C) Michael Adam 2006 + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + */ + +/* + * This module supports JFS (POSIX) ACLs on VxFS (Veritas * Filesystem). + * These are available on HP-UX 11.00 if JFS 3.3 is installed. + * On HP-UX 11i (11.11 and above) these ACLs are supported out of + * the box. + * + * There is another form of ACLs on HFS. These ACLs have a + * completely different API and their own set of userland tools. + * Since HFS seems to be considered deprecated, HFS acls + * are not supported. (They could be supported through a separate + * vfs-module if there is demand.) + */ + +/* ================================================================= + * NOTE: + * + * The original hpux-acl code in lib/sysacls.c was based upon the + * solaris acl code in the same file. Now for the new modularized + * acl implementation, I have taken the code from vfs_solarisacls.c + * and did similar adaptations as were done before, essentially + * reusing the original internal aclsort functions. + * The check for the presence of the acl() call has been adopted, and + * a check for the presence of the aclsort() call has been added. + * + * Michael Adam + * + * ================================================================= */ + #include "includes.h" -/* prototypes for private functions first - for clarity */ +/* + * including standard header + * + * included here as a quick hack for the special HP-UX-situation: + * + * The problem is that, on HP-UX, jfs/posix acls are + * defined in , while the deprecated hfs acls + * are defined inside . + * + */ +/* GROUP is defined somewhere else so undef it here... */ +#undef GROUP +#include +/* dl.h: needed to check for acl call via shl_findsym */ +#include + +typedef struct acl HPUX_ACE_T; +typedef struct acl *HPUX_ACL_T; +typedef int HPUX_ACL_TAG_T; /* the type of an ACL entry */ +typedef ushort HPUX_PERM_T; + +/* Structure to capture the count for each type of ACE. + * (for hpux_internal_aclsort */ +struct hpux_acl_types { + int n_user; + int n_def_user; + int n_user_obj; + int n_def_user_obj; + + int n_group; + int n_def_group; + int n_group_obj; + int n_def_group_obj; + + int n_other; + int n_other_obj; + int n_def_other_obj; + + int n_class_obj; + int n_def_class_obj; + + int n_illegal_obj; +}; + +/* for convenience: check if hpux acl entry is a default entry? */ +#define _IS_DEFAULT(ace) ((ace).a_type & ACL_DEFAULT) +#define _IS_OF_TYPE(ace, type) ( \ + (((type) == SMB_ACL_TYPE_ACCESS) && !_IS_DEFAULT(ace)) \ + || \ + (((type) == SMB_ACL_TYPE_DEFAULT) && _IS_DEFAULT(ace)) \ +) + + +/* prototypes for private functions */ + +static HPUX_ACL_T hpux_acl_init(int count); +static BOOL smb_acl_to_hpux_acl(SMB_ACL_T smb_acl, + HPUX_ACL_T *solariacl, int *count, + SMB_ACL_TYPE_T type); +static SMB_ACL_T hpux_acl_to_smb_acl(HPUX_ACL_T hpuxacl, int count, + SMB_ACL_TYPE_T type); +static HPUX_ACL_TAG_T smb_tag_to_hpux_tag(SMB_ACL_TAG_T smb_tag); +static SMB_ACL_TAG_T hpux_tag_to_smb_tag(HPUX_ACL_TAG_T hpux_tag); +static BOOL hpux_add_to_acl(HPUX_ACL_T *hpux_acl, int *count, + HPUX_ACL_T add_acl, int add_count, SMB_ACL_TYPE_T type); +static BOOL hpux_acl_get_file(const char *name, HPUX_ACL_T *hpuxacl, + int *count); +static SMB_ACL_PERM_T hpux_perm_to_smb_perm(const HPUX_PERM_T perm); +static HPUX_PERM_T smb_perm_to_hpux_perm(const SMB_ACL_PERM_T perm); +#if 0 +static BOOL hpux_acl_check(HPUX_ACL_T hpux_acl, int count); +#endif +/* aclsort (internal) and helpers: */ +static BOOL hpux_acl_sort(HPUX_ACL_T acl, int count); +static int hpux_internal_aclsort(int acl_count, int calclass, HPUX_ACL_T aclp); +static void hpux_count_obj(int acl_count, HPUX_ACL_T aclp, + struct hpux_acl_types *acl_type_count); +static void hpux_swap_acl_entries(HPUX_ACE_T *aclp0, HPUX_ACE_T *aclp1); +static BOOL hpux_prohibited_duplicate_type(int acl_type); + +static BOOL hpux_acl_call_present(void); +static BOOL hpux_aclsort_call_present(void); + /* public functions - the api */ SMB_ACL_T hpuxacl_sys_acl_get_file(vfs_handle_struct *handle, - const char *path_p, - SMB_ACL_TYPE_T type) + const char *path_p, + SMB_ACL_TYPE_T type) { - errno = ENOTSUP; - return NULL; + SMB_ACL_T result = NULL; + int count; + HPUX_ACL_T hpux_acl; + + DEBUG(10, ("hpuxacl_sys_acl_get_file called for file '%s'.\n", + path_p)); + + if(hpux_acl_call_present() == False) { + /* Looks like we don't have the acl() system call on HPUX. + * May be the system doesn't have the latest version of JFS. + */ + goto done; + } + + if (type != SMB_ACL_TYPE_ACCESS && type != SMB_ACL_TYPE_DEFAULT) { + DEBUG(10, ("invalid SMB_ACL_TYPE given (%d)\n", type)); + errno = EINVAL; + goto done; + } + + DEBUGADD(10, ("getting %s acl\n", + ((type == SMB_ACL_TYPE_ACCESS) ? "access" : "default"))); + + if (!hpux_acl_get_file(path_p, &hpux_acl, &count)) { + goto done; + } + result = hpux_acl_to_smb_acl(hpux_acl, count, type); + if (result == NULL) { + DEBUG(10, ("conversion hpux_acl -> smb_acl failed (%s).\n", + strerror(errno))); + } + + done: + DEBUG(10, ("hpuxacl_sys_acl_get_file %s.\n", + ((result == NULL) ? "failed" : "succeeded" ))); + SAFE_FREE(hpux_acl); + return result; } + +/* + * get the access ACL of a file referred to by a fd + */ SMB_ACL_T hpuxacl_sys_acl_get_fd(vfs_handle_struct *handle, - files_struct *fsp, - int fd) + files_struct *fsp, + int fd) { - errno = ENOTSUP; - return NULL; + /* + * HPUX doesn't have the facl call. Fake it using the path.... JRA. + */ + /* For all I see, the info should already be in the fsp + * parameter, but get it again to be safe --- necessary? */ + files_struct *file_struct_p = file_find_fd(fd); + if (file_struct_p == NULL) { + errno = EBADF; + return NULL; + } + /* + * We know we're in the same conn context. So we + * can use the relative path. + */ + DEBUG(10, ("redirecting call of hpuxacl_sys_acl_get_fd to " + "hpuxacl_sys_acl_get_file (no facl syscall on HPUX).\n")); + + return hpuxacl_sys_acl_get_file(handle, file_struct_p->fsp_name, + SMB_ACL_TYPE_ACCESS); } + int hpuxacl_sys_acl_set_file(vfs_handle_struct *handle, - const char *name, - SMB_ACL_TYPE_T type, - SMB_ACL_T theacl) + const char *name, + SMB_ACL_TYPE_T type, + SMB_ACL_T theacl) { - errno = ENOTSUP; - return -1; + int ret = -1; + SMB_STRUCT_STAT s; + HPUX_ACL_T hpux_acl; + int count; + + DEBUG(10, ("hpuxacl_sys_acl_set_file called for file '%s'\n", + name)); + + + if(hpux_acl_call_present() == False) { + /* Looks like we don't have the acl() system call on HPUX. + * May be the system doesn't have the latest version of JFS. + */ + goto done; + } + + if ((type != SMB_ACL_TYPE_ACCESS) && (type != SMB_ACL_TYPE_DEFAULT)) { + errno = EINVAL; + DEBUG(10, ("invalid smb acl type given (%d).\n", type)); + goto done; + } + DEBUGADD(10, ("setting %s acl\n", + ((type == SMB_ACL_TYPE_ACCESS) ? "access" : "default"))); + + if(!smb_acl_to_hpux_acl(theacl, &hpux_acl, &count, type)) { + DEBUG(10, ("conversion smb_acl -> hpux_acl failed (%s).\n", + strerror(errno))); + goto done; + } + + /* + * if the file is a directory, there is extra work to do: + * since the hpux acl call stores both the access acl and + * the default acl as provided, we have to get the acl part + * that has _not_ been specified in "type" from the file first + * and concatenate it with the acl provided. + */ + if (SMB_VFS_STAT(handle->conn, name, &s) != 0) { + DEBUG(10, ("Error in stat call: %s\n", strerror(errno))); + goto done; + } + if (S_ISDIR(s.st_mode)) { + HPUX_ACL_T other_acl; + int other_count; + SMB_ACL_TYPE_T other_type; + + other_type = (type == SMB_ACL_TYPE_ACCESS) + ? SMB_ACL_TYPE_DEFAULT + : SMB_ACL_TYPE_ACCESS; + DEBUGADD(10, ("getting acl from filesystem\n")); + if (!hpux_acl_get_file(name, &other_acl, &other_count)) { + DEBUG(10, ("error getting acl from directory\n")); + goto done; + } + DEBUG(10, ("adding %s part of fs acl to given acl\n", + ((other_type == SMB_ACL_TYPE_ACCESS) + ? "access" + : "default"))); + if (!hpux_add_to_acl(&hpux_acl, &count, other_acl, + other_count, other_type)) + { + DEBUG(10, ("error adding other acl.\n")); + SAFE_FREE(other_acl); + goto done; + } + SAFE_FREE(other_acl); + } + else if (type != SMB_ACL_TYPE_ACCESS) { + errno = EINVAL; + goto done; + } + + if (!hpux_acl_sort(hpux_acl, count)) { + DEBUG(10, ("resulting acl is not valid!\n")); + goto done; + } + DEBUG(10, ("resulting acl is valid.\n")); + + ret = acl(CONST_DISCARD(char *, name), ACL_SET, count, hpux_acl); + if (ret != 0) { + DEBUG(0, ("ERROR calling acl: %s\n", strerror(errno))); + } + + done: + DEBUG(10, ("hpuxacl_sys_acl_set_file %s.\n", + ((ret != 0) ? "failed" : "succeeded"))); + SAFE_FREE(hpux_acl); + return ret; } +/* + * set the access ACL on the file referred to by a fd + */ int hpuxacl_sys_acl_set_fd(vfs_handle_struct *handle, - files_struct *fsp, - int fd, SMB_ACL_T theacl) + files_struct *fsp, + int fd, SMB_ACL_T theacl) { - errno = ENOTSUP; - return -1; + /* + * HPUX doesn't have the facl call. Fake it using the path.... JRA. + */ + /* For all I see, the info should already be in the fsp + * parameter, but get it again to be safe --- necessary? */ + files_struct *file_struct_p = file_find_fd(fd); + if (file_struct_p == NULL) { + errno = EBADF; + return -1; + } + /* + * We know we're in the same conn context. So we + * can use the relative path. + */ + DEBUG(10, ("redirecting call of hpuxacl_sys_acl_set_fd to " + "hpuxacl_sys_acl_set_file (no facl syscall on HPUX)\n")); + + return hpuxacl_sys_acl_set_file(handle, file_struct_p->fsp_name, + SMB_ACL_TYPE_ACCESS, theacl); } + +/* + * delete the default ACL of a directory + * + * This is achieved by fetching the access ACL and rewriting it + * directly, via the hpux system call: the ACL_SET call on + * directories writes both the access and the default ACL as provided. + * + * XXX: posix acl_delete_def_file returns an error if + * the file referred to by path is not a directory. + * this function does not complain but the actions + * have no effect on a file other than a directory. + * But sys_acl_delete_default_file is only called in + * smbd/posixacls.c after having checked that the file + * is a directory, anyways. So implementing the extra + * check is considered unnecessary. --- Agreed? XXX + */ int hpuxacl_sys_acl_delete_def_file(vfs_handle_struct *handle, - const char *path) + const char *path) +{ + SMB_ACL_T smb_acl; + int ret = -1; + HPUX_ACL_T hpux_acl; + int count; + + DEBUG(10, ("entering hpuxacl_sys_acl_delete_def_file.\n")); + + smb_acl = hpuxacl_sys_acl_get_file(handle, path, + SMB_ACL_TYPE_ACCESS); + if (smb_acl == NULL) { + DEBUG(10, ("getting file acl failed!\n")); + goto done; + } + if (!smb_acl_to_hpux_acl(smb_acl, &hpux_acl, &count, + SMB_ACL_TYPE_ACCESS)) + { + DEBUG(10, ("conversion smb_acl -> hpux_acl failed.\n")); + goto done; + } + if (!hpux_acl_sort(hpux_acl, count)) { + DEBUG(10, ("resulting acl is not valid!\n")); + goto done; + } + ret = acl(CONST_DISCARD(char *, path), ACL_SET, count, hpux_acl); + if (ret != 0) { + DEBUG(10, ("settinge file acl failed!\n")); + } + + done: + DEBUG(10, ("hpuxacl_sys_acl_delete_def_file %s.\n", + ((ret != 0) ? "failed" : "succeeded" ))); + SAFE_FREE(smb_acl); + return ret; +} + + +/* + * private functions + */ + +static HPUX_ACL_T hpux_acl_init(int count) +{ + HPUX_ACL_T hpux_acl = + (HPUX_ACL_T)SMB_MALLOC(sizeof(HPUX_ACE_T) * count); + if (hpux_acl == NULL) { + errno = ENOMEM; + } + return hpux_acl; +} + +/* + * Convert the SMB acl to the ACCESS or DEFAULT part of a + * hpux ACL, as desired. + */ +static BOOL smb_acl_to_hpux_acl(SMB_ACL_T smb_acl, + HPUX_ACL_T *hpux_acl, int *count, + SMB_ACL_TYPE_T type) +{ + BOOL ret = False; + int i; + int check_which, check_rc; + + DEBUG(10, ("entering smb_acl_to_hpux_acl\n")); + + *hpux_acl = NULL; + *count = 0; + + for (i = 0; i < smb_acl->count; i++) { + const struct smb_acl_entry *smb_entry = &(smb_acl->acl[i]); + HPUX_ACE_T hpux_entry; + + ZERO_STRUCT(hpux_entry); + + hpux_entry.a_type = smb_tag_to_hpux_tag(smb_entry->a_type); + if (hpux_entry.a_type == 0) { + DEBUG(10, ("smb_tag to hpux_tag failed\n")); + goto fail; + } + switch(hpux_entry.a_type) { + case USER: + DEBUG(10, ("got tag type USER with uid %d\n", + smb_entry->uid)); + hpux_entry.a_id = (uid_t)smb_entry->uid; + break; + case GROUP: + DEBUG(10, ("got tag type GROUP with gid %d\n", + smb_entry->gid)); + hpux_entry.a_id = (uid_t)smb_entry->gid; + break; + default: + break; + } + if (type == SMB_ACL_TYPE_DEFAULT) { + DEBUG(10, ("adding default bit to hpux ace\n")); + hpux_entry.a_type |= ACL_DEFAULT; + } + + hpux_entry.a_perm = + smb_perm_to_hpux_perm(smb_entry->a_perm); + DEBUG(10, ("assembled the following hpux ace:\n")); + DEBUGADD(10, (" - type: 0x%04x\n", hpux_entry.a_type)); + DEBUGADD(10, (" - id: %d\n", hpux_entry.a_id)); + DEBUGADD(10, (" - perm: o%o\n", hpux_entry.a_perm)); + if (!hpux_add_to_acl(hpux_acl, count, &hpux_entry, + 1, type)) + { + DEBUG(10, ("error adding acl entry\n")); + goto fail; + } + DEBUG(10, ("count after adding: %d (i: %d)\n", *count, i)); + DEBUG(10, ("test, if entry has been copied into acl:\n")); + DEBUGADD(10, (" - type: 0x%04x\n", + (*hpux_acl)[(*count)-1].a_type)); + DEBUGADD(10, (" - id: %d\n", + (*hpux_acl)[(*count)-1].a_id)); + DEBUGADD(10, (" - perm: o%o\n", + (*hpux_acl)[(*count)-1].a_perm)); + } + + ret = True; + goto done; + + fail: + SAFE_FREE(*hpux_acl); + done: + DEBUG(10, ("smb_acl_to_hpux_acl %s\n", + ((ret == True) ? "succeeded" : "failed"))); + return ret; +} + +/* + * convert either the access or the default part of a + * soaris acl to the SMB_ACL format. + */ +static SMB_ACL_T hpux_acl_to_smb_acl(HPUX_ACL_T hpux_acl, int count, + SMB_ACL_TYPE_T type) +{ + SMB_ACL_T result; + int i; + + if ((result = sys_acl_init(0)) == NULL) { + DEBUG(10, ("error allocating memory for SMB_ACL\n")); + goto fail; + } + for (i = 0; i < count; i++) { + SMB_ACL_ENTRY_T smb_entry; + SMB_ACL_PERM_T smb_perm; + + if (!_IS_OF_TYPE(hpux_acl[i], type)) { + continue; + } + result = SMB_REALLOC(result, + sizeof(struct smb_acl_t) + + (sizeof(struct smb_acl_entry) * + (result->count + 1))); + if (result == NULL) { + DEBUG(10, ("error reallocating memory for SMB_ACL\n")); + goto fail; + } + smb_entry = &result->acl[result->count]; + if (sys_acl_set_tag_type(smb_entry, + hpux_tag_to_smb_tag(hpux_acl[i].a_type)) != 0) + { + DEBUG(10, ("invalid tag type given: 0x%04x\n", + hpux_acl[i].a_type)); + goto fail; + } + /* intentionally not checking return code here: */ + sys_acl_set_qualifier(smb_entry, (void *)&hpux_acl[i].a_id); + smb_perm = hpux_perm_to_smb_perm(hpux_acl[i].a_perm); + if (sys_acl_set_permset(smb_entry, &smb_perm) != 0) { + DEBUG(10, ("invalid permset given: %d\n", + hpux_acl[i].a_perm)); + goto fail; + } + result->count += 1; + } + goto done; + + fail: + SAFE_FREE(result); + done: + DEBUG(10, ("hpux_acl_to_smb_acl %s\n", + ((result == NULL) ? "failed" : "succeeded"))); + return result; +} + + + +static HPUX_ACL_TAG_T smb_tag_to_hpux_tag(SMB_ACL_TAG_T smb_tag) { - errno = ENOTSUP; - return -1; + HPUX_ACL_TAG_T hpux_tag = 0; + + DEBUG(10, ("smb_tag_to_hpux_tag\n")); + DEBUGADD(10, (" --> got smb tag 0x%04x\n", smb_tag)); + + switch (smb_tag) { + case SMB_ACL_USER: + hpux_tag = USER; + break; + case SMB_ACL_USER_OBJ: + hpux_tag = USER_OBJ; + break; + case SMB_ACL_GROUP: + hpux_tag = GROUP; + break; + case SMB_ACL_GROUP_OBJ: + hpux_tag = GROUP_OBJ; + break; + case SMB_ACL_OTHER: + hpux_tag = OTHER_OBJ; + break; + case SMB_ACL_MASK: + hpux_tag = CLASS_OBJ; + break; + default: + DEBUGADD(10, (" !!! unknown smb tag type 0x%04x\n", smb_tag)); + break; + } + + DEBUGADD(10, (" --> determined hpux tag 0x%04x\n", hpux_tag)); + + return hpux_tag; +} + +static SMB_ACL_TAG_T hpux_tag_to_smb_tag(HPUX_ACL_TAG_T hpux_tag) +{ + SMB_ACL_TAG_T smb_tag = 0; + + DEBUG(10, ("hpux_tag_to_smb_tag:\n")); + DEBUGADD(10, (" --> got hpux tag 0x%04x\n", hpux_tag)); + + hpux_tag &= ~ACL_DEFAULT; + + switch (hpux_tag) { + case USER: + smb_tag = SMB_ACL_USER; + break; + case USER_OBJ: + smb_tag = SMB_ACL_USER_OBJ; + break; + case GROUP: + smb_tag = SMB_ACL_GROUP; + break; + case GROUP_OBJ: + smb_tag = SMB_ACL_GROUP_OBJ; + break; + case OTHER_OBJ: + smb_tag = SMB_ACL_OTHER; + break; + case CLASS_OBJ: + smb_tag = SMB_ACL_MASK; + break; + default: + DEBUGADD(10, (" !!! unknown hpux tag type: 0x%04x\n", + hpux_tag)); + break; + } + + DEBUGADD(10, (" --> determined smb tag 0x%04x\n", smb_tag)); + + return smb_tag; +} + + +/* + * The permission bits used in the following two permission conversion + * functions are same, but the functions make us independent of the concrete + * permission data types. + */ +static SMB_ACL_PERM_T hpux_perm_to_smb_perm(const HPUX_PERM_T perm) +{ + SMB_ACL_PERM_T smb_perm = 0; + smb_perm |= ((perm & SMB_ACL_READ) ? SMB_ACL_READ : 0); + smb_perm |= ((perm & SMB_ACL_WRITE) ? SMB_ACL_WRITE : 0); + smb_perm |= ((perm & SMB_ACL_EXECUTE) ? SMB_ACL_EXECUTE : 0); + return smb_perm; +} + + +static HPUX_PERM_T smb_perm_to_hpux_perm(const SMB_ACL_PERM_T perm) +{ + HPUX_PERM_T hpux_perm = 0; + hpux_perm |= ((perm & SMB_ACL_READ) ? SMB_ACL_READ : 0); + hpux_perm |= ((perm & SMB_ACL_WRITE) ? SMB_ACL_WRITE : 0); + hpux_perm |= ((perm & SMB_ACL_EXECUTE) ? SMB_ACL_EXECUTE : 0); + return hpux_perm; +} + + +static BOOL hpux_acl_get_file(const char *name, HPUX_ACL_T *hpux_acl, + int *count) +{ + BOOL result = False; + static HPUX_ACE_T dummy_ace; + + DEBUG(10, ("hpux_acl_get_file called for file '%s'\n", name)); + + /* + * The original code tries some INITIAL_ACL_SIZE + * and only did the ACL_CNT call upon failure + * (for performance reasons). + * For the sake of simplicity, I skip this for now. + * + * NOTE: There is a catch here on HP-UX: acl with cmd parameter + * ACL_CNT fails with errno EINVAL when called with a NULL + * pointer as last argument. So we need to use a dummy acl + * struct here (we make it static so it does not need to be + * instantiated or malloced each time this function is + * called). Btw: the count parameter does not seem to matter... + */ + *count = acl(CONST_DISCARD(char *, name), ACL_CNT, 0, &dummy_ace); + if (*count < 0) { + DEBUG(10, ("acl ACL_CNT failed: %s\n", strerror(errno))); + goto done; + } + *hpux_acl = hpux_acl_init(*count); + if (*hpux_acl == NULL) { + DEBUG(10, ("error allocating memory for hpux acl...\n")); + goto done; + } + *count = acl(CONST_DISCARD(char *, name), ACL_GET, *count, *hpux_acl); + if (*count < 0) { + DEBUG(10, ("acl ACL_GET failed: %s\n", strerror(errno))); + goto done; + } + result = True; + + done: + DEBUG(10, ("hpux_acl_get_file %s.\n", + ((result == True) ? "succeeded" : "failed" ))); + return result; } -/* private functions */ + + + +/* + * Add entries to a hpux ACL. + * + * Entries are directly added to the hpuxacl parameter. + * if memory allocation fails, this may result in hpuxacl + * being NULL. if the resulting acl is to be checked and is + * not valid, it is kept in hpuxacl but False is returned. + * + * The type of ACEs (access/default) to be added to the ACL can + * be selected via the type parameter. + * I use the SMB_ACL_TYPE_T type here. Since SMB_ACL_TYPE_ACCESS + * is defined as "0", this means that one can only add either + * access or default ACEs from the given ACL, not both at the same + * time. If it should become necessary to add all of an ACL, one + * would have to replace this parameter by another type. + */ +static BOOL hpux_add_to_acl(HPUX_ACL_T *hpux_acl, int *count, + HPUX_ACL_T add_acl, int add_count, + SMB_ACL_TYPE_T type) +{ + int i; + + if ((type != SMB_ACL_TYPE_ACCESS) && (type != SMB_ACL_TYPE_DEFAULT)) + { + DEBUG(10, ("invalid acl type given: %d\n", type)); + errno = EINVAL; + return False; + } + for (i = 0; i < add_count; i++) { + if (!_IS_OF_TYPE(add_acl[i], type)) { + continue; + } + ADD_TO_ARRAY(NULL, HPUX_ACE_T, add_acl[i], + hpux_acl, count); + if (hpux_acl == NULL) { + DEBUG(10, ("error enlarging acl.\n")); + errno = ENOMEM; + return False; + } + } + return True; +} + + +/* + * sort the ACL and check it for validity + * + * [original comment from lib/sysacls.c:] + * + * if it's a minimal ACL with only 4 entries then we + * need to recalculate the mask permissions to make + * sure that they are the same as the GROUP_OBJ + * permissions as required by the UnixWare acl() system call. + * + * (note: since POSIX allows minimal ACLs which only contain + * 3 entries - ie there is no mask entry - we should, in theory, + * check for this and add a mask entry if necessary - however + * we "know" that the caller of this interface always specifies + * a mask, so in practice "this never happens" (tm) - if it *does* + * happen aclsort() will fail and return an error and someone will + * have to fix it...) + */ +static BOOL hpux_acl_sort(HPUX_ACL_T hpux_acl, int count) +{ + int fixmask = (count <= 4); + + if (hpux_internal_aclsort(count, fixmask, hpux_acl) != 0) { + errno = EINVAL; + return False; + } + return True; +} + + +/* + * Helpers for hpux_internal_aclsort: + * - hpux_count_obj + * - hpux_swap_acl_entries + * - hpux_prohibited_duplicate_type + * - hpux_get_needed_class_perm + */ + +/* hpux_count_obj: + * Counts the different number of objects in a given array of ACL + * structures. + * Inputs: + * + * acl_count - Count of ACLs in the array of ACL strucutres. + * aclp - Array of ACL structures. + * acl_type_count - Pointer to acl_types structure. Should already be + * allocated. + * Output: + * + * acl_type_count - This structure is filled up with counts of various + * acl types. + */ + +static void hpux_count_obj(int acl_count, HPUX_ACL_T aclp, struct hpux_acl_types *acl_type_count) +{ + int i; + + memset(acl_type_count, 0, sizeof(struct hpux_acl_types)); + + for(i=0;in_user++; + break; + case USER_OBJ: + acl_type_count->n_user_obj++; + break; + case DEF_USER_OBJ: + acl_type_count->n_def_user_obj++; + break; + case GROUP: + acl_type_count->n_group++; + break; + case GROUP_OBJ: + acl_type_count->n_group_obj++; + break; + case DEF_GROUP_OBJ: + acl_type_count->n_def_group_obj++; + break; + case OTHER_OBJ: + acl_type_count->n_other_obj++; + break; + case DEF_OTHER_OBJ: + acl_type_count->n_def_other_obj++; + break; + case CLASS_OBJ: + acl_type_count->n_class_obj++; + break; + case DEF_CLASS_OBJ: + acl_type_count->n_def_class_obj++; + break; + case DEF_USER: + acl_type_count->n_def_user++; + break; + case DEF_GROUP: + acl_type_count->n_def_group++; + break; + default: + acl_type_count->n_illegal_obj++; + break; + } + } +} + +/* hpux_swap_acl_entries: Swaps two ACL entries. + * + * Inputs: aclp0, aclp1 - ACL entries to be swapped. + */ + +static void hpux_swap_acl_entries(HPUX_ACE_T *aclp0, HPUX_ACE_T *aclp1) +{ + HPUX_ACE_T temp_acl; + + temp_acl.a_type = aclp0->a_type; + temp_acl.a_id = aclp0->a_id; + temp_acl.a_perm = aclp0->a_perm; + + aclp0->a_type = aclp1->a_type; + aclp0->a_id = aclp1->a_id; + aclp0->a_perm = aclp1->a_perm; + + aclp1->a_type = temp_acl.a_type; + aclp1->a_id = temp_acl.a_id; + aclp1->a_perm = temp_acl.a_perm; +} + +/* hpux_prohibited_duplicate_type + * Identifies if given ACL type can have duplicate entries or + * not. + * + * Inputs: acl_type - ACL Type. + * + * Outputs: + * + * Return.. + * + * True - If the ACL type matches any of the prohibited types. + * False - If the ACL type doesn't match any of the prohibited types. + */ + +static BOOL hpux_prohibited_duplicate_type(int acl_type) +{ + switch(acl_type) { + case USER: + case GROUP: + case DEF_USER: + case DEF_GROUP: + return True; + default: + return False; + } +} + +/* hpux_get_needed_class_perm + * Returns the permissions of a ACL structure only if the ACL + * type matches one of the pre-determined types for computing + * CLASS_OBJ permissions. + * + * Inputs: aclp - Pointer to ACL structure. + */ + +static int hpux_get_needed_class_perm(struct acl *aclp) +{ + switch(aclp->a_type) { + case USER: + case GROUP_OBJ: + case GROUP: + case DEF_USER_OBJ: + case DEF_USER: + case DEF_GROUP_OBJ: + case DEF_GROUP: + case DEF_CLASS_OBJ: + case DEF_OTHER_OBJ: + return aclp->a_perm; + default: + return 0; + } +} + +/* hpux_internal_aclsort: aclsort for HPUX. + * + * -> The aclsort() system call is availabe on the latest HPUX General + * -> Patch Bundles. So for HPUX, we developed our version of aclsort + * -> function. Because, we don't want to update to a new + * -> HPUX GR bundle just for aclsort() call. + * + * aclsort sorts the array of ACL structures as per the description in + * aclsort man page. Refer to aclsort man page for more details + * + * Inputs: + * + * acl_count - Count of ACLs in the array of ACL structures. + * calclass - If this is not zero, then we compute the CLASS_OBJ + * permissions. + * aclp - Array of ACL structures. + * + * Outputs: + * + * aclp - Sorted array of ACL structures. + * + * Outputs: + * + * Returns 0 for success -1 for failure. Prints a message to the Samba + * debug log in case of failure. + */ + +static int hpux_internal_aclsort(int acl_count, int calclass, HPUX_ACL_T aclp) +{ + struct hpux_acl_types acl_obj_count; + int n_class_obj_perm = 0; + int i, j; + + DEBUG(10,("Entering hpux_internal_aclsort. (calclass = %d)\n", calclass)); + + if (hpux_aclsort_call_present()) { + DEBUG(10, ("calling hpux aclsort\n")); + return aclsort(acl_count, calclass, aclp); + } + + DEBUG(10, ("using internal aclsort\n")); + + if(!acl_count) { + DEBUG(10,("Zero acl count passed. Returning Success\n")); + return 0; + } + + if(aclp == NULL) { + DEBUG(0,("Null ACL pointer in hpux_acl_sort. Returning Failure. \n")); + return -1; + } + + /* Count different types of ACLs in the ACLs array */ + + hpux_count_obj(acl_count, aclp, &acl_obj_count); + + /* There should be only one entry each of type USER_OBJ, GROUP_OBJ, + * CLASS_OBJ and OTHER_OBJ + */ + + if ( (acl_obj_count.n_user_obj != 1) || + (acl_obj_count.n_group_obj != 1) || + (acl_obj_count.n_class_obj != 1) || + (acl_obj_count.n_other_obj != 1) ) + { + DEBUG(0,("hpux_internal_aclsort: More than one entry or no entries for \ +USER OBJ or GROUP_OBJ or OTHER_OBJ or CLASS_OBJ\n")); + return -1; + } + + /* If any of the default objects are present, there should be only + * one of them each. + */ + + if ( (acl_obj_count.n_def_user_obj > 1) || + (acl_obj_count.n_def_group_obj > 1) || + (acl_obj_count.n_def_other_obj > 1) || + (acl_obj_count.n_def_class_obj > 1) ) + { + DEBUG(0,("hpux_internal_aclsort: More than one entry for DEF_CLASS_OBJ \ +or DEF_USER_OBJ or DEF_GROUP_OBJ or DEF_OTHER_OBJ\n")); + return -1; + } + + /* We now have proper number of OBJ and DEF_OBJ entries. Now sort the acl + * structures. + * + * Sorting crieteria - First sort by ACL type. If there are multiple entries of + * same ACL type, sort by ACL id. + * + * I am using the trival kind of sorting method here because, performance isn't + * really effected by the ACLs feature. More over there aren't going to be more + * than 17 entries on HPUX. + */ + + for(i=0; i aclp[j].a_type ) { + /* ACL entries out of order, swap them */ + hpux_swap_acl_entries((aclp+i), (aclp+j)); + } else if ( aclp[i].a_type == aclp[j].a_type ) { + /* ACL entries of same type, sort by id */ + if(aclp[i].a_id > aclp[j].a_id) { + hpux_swap_acl_entries((aclp+i), (aclp+j)); + } else if (aclp[i].a_id == aclp[j].a_id) { + /* We have a duplicate entry. */ + if(hpux_prohibited_duplicate_type(aclp[i].a_type)) { + DEBUG(0, ("hpux_internal_aclsort: Duplicate entry: Type(hex): %x Id: %d\n", + aclp[i].a_type, aclp[i].a_id)); + return -1; + } + } + } + } + } + + /* set the class obj permissions to the computed one. */ + if(calclass) { + int n_class_obj_index = -1; + + for(i=0;ia_perm = 0; +#ifdef HAVE_ACL_GET_PERM_NP + ace->a_perm |= (acl_get_perm_np(permset, ACL_READ) ? SMB_ACL_READ : 0); + ace->a_perm |= (acl_get_perm_np(permset, ACL_WRITE) ? SMB_ACL_WRITE : 0); + ace->a_perm |= (acl_get_perm_np(permset, ACL_EXECUTE) ? SMB_ACL_EXECUTE : 0); +#else ace->a_perm |= (acl_get_perm(permset, ACL_READ) ? SMB_ACL_READ : 0); ace->a_perm |= (acl_get_perm(permset, ACL_WRITE) ? SMB_ACL_WRITE : 0); ace->a_perm |= (acl_get_perm(permset, ACL_EXECUTE) ? SMB_ACL_EXECUTE : 0); +#endif return True; } diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/source/modules/vfs_solarisacl.c samba-3.0.25a/source/modules/vfs_solarisacl.c --- samba-3.0.25/source/modules/vfs_solarisacl.c 2007-02-28 22:54:33.000000000 -0600 +++ samba-3.0.25a/source/modules/vfs_solarisacl.c 2007-05-23 10:29:17.000000000 -0500 @@ -66,7 +66,7 @@ { SMB_ACL_T result = NULL; int count; - SOLARIS_ACL_T solaris_acl; + SOLARIS_ACL_T solaris_acl = NULL; DEBUG(10, ("solarisacl_sys_acl_get_file called for file '%s'.\n", path_p)); @@ -106,7 +106,7 @@ { SMB_ACL_T result = NULL; int count; - SOLARIS_ACL_T solaris_acl; + SOLARIS_ACL_T solaris_acl = NULL; DEBUG(10, ("entering solarisacl_sys_acl_get_fd.\n")); @@ -139,7 +139,7 @@ { int ret = -1; struct stat s; - SOLARIS_ACL_T solaris_acl; + SOLARIS_ACL_T solaris_acl = NULL; int count; DEBUG(10, ("solarisacl_sys_acl_set_file called for file '%s'\n", @@ -222,8 +222,8 @@ files_struct *fsp, int fd, SMB_ACL_T theacl) { - SOLARIS_ACL_T solaris_acl; - SOLARIS_ACL_T default_acl; + SOLARIS_ACL_T solaris_acl = NULL; + SOLARIS_ACL_T default_acl = NULL; int count, default_count; int ret = -1; @@ -293,7 +293,7 @@ { SMB_ACL_T smb_acl; int ret = -1; - SOLARIS_ACL_T solaris_acl; + SOLARIS_ACL_T solaris_acl = NULL; int count; DEBUG(10, ("entering solarisacl_sys_acl_delete_def_file.\n")); diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/source/modules/vfs_tru64acl.c samba-3.0.25a/source/modules/vfs_tru64acl.c --- samba-3.0.25/source/modules/vfs_tru64acl.c 2007-02-28 22:54:33.000000000 -0600 +++ samba-3.0.25a/source/modules/vfs_tru64acl.c 2007-05-23 10:29:17.000000000 -0500 @@ -28,8 +28,8 @@ static acl_t smb_acl_to_tru64_acl(const SMB_ACL_T smb_acl); static acl_tag_t smb_tag_to_tru64(SMB_ACL_TAG_T smb_tag); static SMB_ACL_TAG_T tru64_tag_to_smb(acl_tag_t tru64_tag); -static acl_perm_t smb_permset_to_tru64(smb_acl_permset_t smb_permset); -static smb_acl_permset_t tru64_permset_to_smb(const acl_perm_t tru64_permset); +static acl_perm_t smb_permset_to_tru64(SMB_ACL_PERM_T smb_permset); +static SMB_ACL_PERM_T tru64_permset_to_smb(const acl_perm_t tru64_permset); /* public functions - the api */ @@ -201,7 +201,7 @@ acl_tag_t tru64_tag; acl_permset_t permset; SMB_ACL_TAG_T smb_tag_type; - smb_acl_permset_t smb_permset; + SMB_ACL_PERM_T smb_permset; void *qualifier; if (acl_get_tag_type(tru64_ace, &tru64_tag) != 0) { @@ -437,7 +437,7 @@ return smb_tag_type; } -static acl_perm_t smb_permset_to_tru64(smb_acl_permset_t smb_permset) +static acl_perm_t smb_permset_to_tru64(SMB_ACL_PERM_T smb_permset) { /* originally, I thought that acl_clear_perm was the * proper way to reset the permset to 0. but without @@ -456,9 +456,9 @@ return tru64_permset; } -static smb_acl_permset_t tru64_permset_to_smb(const acl_perm_t tru64_permset) +static SMB_ACL_PERM_T tru64_permset_to_smb(const acl_perm_t tru64_permset) { - smb_acl_permset_t smb_permset = 0; + SMB_ACL_PERM_T smb_permset = 0; smb_permset |= ((tru64_permset & ACL_READ) ? SMB_ACL_READ : 0); smb_permset |= ((tru64_permset & ACL_WRITE) ? SMB_ACL_WRITE : 0); smb_permset |= ((tru64_permset & ACL_EXECUTE) ? SMB_ACL_EXECUTE : 0); diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/source/nsswitch/winbindd_group.c samba-3.0.25a/source/nsswitch/winbindd_group.c --- samba-3.0.25/source/nsswitch/winbindd_group.c 2007-05-10 17:09:34.000000000 -0500 +++ samba-3.0.25a/source/nsswitch/winbindd_group.c 2007-05-23 10:29:16.000000000 -0500 @@ -902,7 +902,7 @@ { struct getent_state *ent; struct winbindd_gr *group_list = NULL; - int num_groups, group_list_ndx = 0, i, gr_mem_list_len = 0; + int num_groups, group_list_ndx, gr_mem_list_len = 0; char *gr_mem_list = NULL; DEBUG(3, ("[%5lu]: getgrent\n", (unsigned long)state->pid)); @@ -916,6 +916,11 @@ num_groups = MIN(MAX_GETGRENT_GROUPS, state->request.data.num_entries); + if (num_groups == 0) { + request_error(state); + return; + } + if ((state->response.extra_data.data = SMB_MALLOC_ARRAY(struct winbindd_gr, num_groups)) == NULL) { request_error(state); return; @@ -938,7 +943,7 @@ /* Start sending back groups */ - for (i = 0; i < num_groups; i++) { + for (group_list_ndx = 0; group_list_ndx < num_groups; ) { struct acct_info *name_list = NULL; fstring domain_group_name; uint32 result; diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/source/nsswitch/winbindd_pam.c samba-3.0.25a/source/nsswitch/winbindd_pam.c --- samba-3.0.25/source/nsswitch/winbindd_pam.c 2007-03-20 17:25:37.000000000 -0500 +++ samba-3.0.25a/source/nsswitch/winbindd_pam.c 2007-05-23 10:29:16.000000000 -0500 @@ -288,7 +288,7 @@ } else { return domain; } - } + } return find_our_domain(); } @@ -579,6 +579,14 @@ http_timestring(ticket_lifetime), (int)ticket_lifetime, http_timestring(renewal_until), (int)renewal_until)); + /* we cannot continue with krb5 when UF_DONT_REQUIRE_PREAUTH is set, + * in that case fallback to NTLM - gd */ + + if ((ticket_lifetime == 0) && (renewal_until == 0)) { + result = NT_STATUS_INVALID_LOGON_TYPE; + goto failed; + } + client_princ = talloc_strdup(state->mem_ctx, global_myname()); if (client_princ == NULL) { result = NT_STATUS_NO_MEMORY; diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/source/nsswitch/winbindd_user.c samba-3.0.25a/source/nsswitch/winbindd_user.c --- samba-3.0.25/source/nsswitch/winbindd_user.c 2007-03-20 17:25:37.000000000 -0500 +++ samba-3.0.25a/source/nsswitch/winbindd_user.c 2007-05-23 10:29:16.000000000 -0500 @@ -631,7 +631,7 @@ { struct getent_state *ent; struct winbindd_pw *user_list; - int num_users, user_list_ndx = 0, i; + int num_users, user_list_ndx; DEBUG(3, ("[%5lu]: getpwent\n", (unsigned long)state->pid)); @@ -645,6 +645,11 @@ /* Allocate space for returning a chunk of users */ num_users = MIN(MAX_GETPWENT_USERS, state->request.data.num_entries); + + if (num_users == 0) { + request_error(state); + return; + } if ((state->response.extra_data.data = SMB_MALLOC_ARRAY(struct winbindd_pw, num_users)) == NULL) { request_error(state); @@ -666,7 +671,7 @@ /* Start sending back users */ - for (i = 0; i < num_users; i++) { + for (user_list_ndx = 0; user_list_ndx < num_users; ) { struct getpwent_user *name_list = NULL; uint32 result; @@ -709,8 +714,6 @@ name_list[ent->sam_entry_index].shell, &user_list[user_list_ndx]); - ent->sam_entry_index++; - /* Add user to return list */ if (result) { @@ -723,6 +726,9 @@ } else DEBUG(1, ("could not lookup domain user %s\n", name_list[ent->sam_entry_index].name)); + + ent->sam_entry_index++; + } /* Out of domains */ diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/source/passdb/lookup_sid.c samba-3.0.25a/source/passdb/lookup_sid.c --- samba-3.0.25/source/passdb/lookup_sid.c 2007-05-10 17:09:35.000000000 -0500 +++ samba-3.0.25a/source/passdb/lookup_sid.c 2007-05-23 10:29:17.000000000 -0500 @@ -1209,12 +1209,6 @@ enum lsa_SidType type; uint32 rid; - if (sid_peek_check_rid(&global_sid_Unix_Users, psid, &rid)) { - uid_t uid = rid; - *puid = uid; - goto done; - } - if (sid_peek_check_rid(get_global_sam_sid(), psid, &rid)) { union unid_t id; BOOL ret; @@ -1260,12 +1254,6 @@ union unid_t id; enum lsa_SidType type; - if (sid_peek_check_rid(&global_sid_Unix_Groups, psid, &rid)) { - gid_t gid = rid; - *pgid = gid; - goto done; - } - if ((sid_check_is_in_builtin(psid) || sid_check_is_in_wellknown_domain(psid))) { BOOL ret; @@ -1329,7 +1317,6 @@ if (!winbind_uid_to_sid(psid, uid)) { if (!winbind_ping()) { - DEBUG(2, ("WARNING: Winbindd not running, mapping ids with legacy code\n")); legacy_uid_to_sid(psid, uid); return; } @@ -1359,7 +1346,6 @@ if (!winbind_gid_to_sid(psid, gid)) { if (!winbind_ping()) { - DEBUG(2, ("WARNING: Winbindd not running, mapping ids with legacy code\n")); legacy_gid_to_sid(psid, gid); return; } @@ -1382,6 +1368,7 @@ BOOL sid_to_uid(const DOM_SID *psid, uid_t *puid) { + uint32 rid; gid_t gid; if (fetch_uid_from_cache(puid, psid)) @@ -1391,9 +1378,20 @@ return False; } + /* Optimize for the Unix Users Domain + * as the conversion is straightforward */ + if (sid_peek_check_rid(&global_sid_Unix_Users, psid, &rid)) { + uid_t uid = rid; + *puid = uid; + + /* return here, don't cache */ + DEBUG(10,("sid %s -> uid %u\n", sid_string_static(psid), + (unsigned int)*puid )); + return True; + } + if (!winbind_sid_to_uid(puid, psid)) { if (!winbind_ping()) { - DEBUG(2, ("WARNING: Winbindd not running, mapping ids with legacy code\n")); return legacy_sid_to_uid(psid, puid); } @@ -1419,6 +1417,7 @@ BOOL sid_to_gid(const DOM_SID *psid, gid_t *pgid) { + uint32 rid; uid_t uid; if (fetch_gid_from_cache(pgid, psid)) @@ -1427,12 +1426,23 @@ if (fetch_uid_from_cache(&uid, psid)) return False; + /* Optimize for the Unix Groups Domain + * as the conversion is straightforward */ + if (sid_peek_check_rid(&global_sid_Unix_Groups, psid, &rid)) { + gid_t gid = rid; + *pgid = gid; + + /* return here, don't cache */ + DEBUG(10,("sid %s -> gid %u\n", sid_string_static(psid), + (unsigned int)*pgid )); + return True; + } + /* Ask winbindd if it can map this sid to a gid. * (Idmap will check it is a valid SID and of the right type) */ if ( !winbind_sid_to_gid(pgid, psid) ) { if (!winbind_ping()) { - DEBUG(2, ("WARNING: Winbindd not running, mapping ids with legacy code\n")); return legacy_sid_to_gid(psid, pgid); } diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/source/passdb/passdb.c samba-3.0.25a/source/passdb/passdb.c --- samba-3.0.25/source/passdb/passdb.c 2007-04-09 12:30:58.000000000 -0500 +++ samba-3.0.25a/source/passdb/passdb.c 2007-05-23 10:29:17.000000000 -0500 @@ -914,13 +914,13 @@ goto done; } - pdb_set_logon_time(sampass, logon_time, PDB_SET); - pdb_set_logoff_time(sampass, logoff_time, PDB_SET); - pdb_set_kickoff_time(sampass, kickoff_time, PDB_SET); - pdb_set_bad_password_time(sampass, bad_password_time, PDB_SET); - pdb_set_pass_can_change_time(sampass, pass_can_change_time, PDB_SET); - pdb_set_pass_must_change_time(sampass, pass_must_change_time, PDB_SET); - pdb_set_pass_last_set_time(sampass, pass_last_set_time, PDB_SET); + pdb_set_logon_time(sampass, convert_uint32_to_time_t(logon_time), PDB_SET); + pdb_set_logoff_time(sampass, convert_uint32_to_time_t(logoff_time), PDB_SET); + pdb_set_kickoff_time(sampass, convert_uint32_to_time_t(kickoff_time), PDB_SET); + pdb_set_bad_password_time(sampass, convert_uint32_to_time_t(bad_password_time), PDB_SET); + pdb_set_pass_can_change_time(sampass, convert_uint32_to_time_t(pass_can_change_time), PDB_SET); + pdb_set_pass_must_change_time(sampass, convert_uint32_to_time_t(pass_must_change_time), PDB_SET); + pdb_set_pass_last_set_time(sampass, convert_uint32_to_time_t(pass_last_set_time), PDB_SET); pdb_set_username(sampass, username, PDB_SET); pdb_set_domain(sampass, domain, PDB_SET); @@ -1102,13 +1102,13 @@ *buf = NULL; buflen = 0; - logon_time = (uint32)pdb_get_logon_time(sampass); - logoff_time = (uint32)pdb_get_logoff_time(sampass); - kickoff_time = (uint32)pdb_get_kickoff_time(sampass); - bad_password_time = (uint32)pdb_get_bad_password_time(sampass); - pass_can_change_time = (uint32)pdb_get_pass_can_change_time_noncalc(sampass); - pass_must_change_time = (uint32)pdb_get_pass_must_change_time(sampass); - pass_last_set_time = (uint32)pdb_get_pass_last_set_time(sampass); + logon_time = convert_time_t_to_uint32(pdb_get_logon_time(sampass)); + logoff_time = convert_time_t_to_uint32(pdb_get_logoff_time(sampass)); + kickoff_time = convert_time_t_to_uint32(pdb_get_kickoff_time(sampass)); + bad_password_time = convert_time_t_to_uint32(pdb_get_bad_password_time(sampass)); + pass_can_change_time = convert_time_t_to_uint32(pdb_get_pass_can_change_time_noncalc(sampass)); + pass_must_change_time = convert_time_t_to_uint32(pdb_get_pass_must_change_time(sampass)); + pass_last_set_time = convert_time_t_to_uint32(pdb_get_pass_last_set_time(sampass)); user_rid = pdb_get_user_rid(sampass); group_rid = pdb_get_group_rid(sampass); @@ -1392,7 +1392,7 @@ LastBadPassword = pdb_get_bad_password_time(sampass); DEBUG(7, ("LastBadPassword=%d, resettime=%d, current time=%d.\n", (uint32) LastBadPassword, resettime, (uint32)time(NULL))); - if (time(NULL) > (LastBadPassword + (time_t)resettime*60)){ + if (time(NULL) > (LastBadPassword + convert_uint32_to_time_t(resettime)*60)){ pdb_set_bad_password_count(sampass, 0, PDB_CHANGED); pdb_set_bad_password_time(sampass, 0, PDB_CHANGED); if (updated) { @@ -1445,7 +1445,7 @@ return True; } - if ((time(NULL) > (LastBadPassword + (time_t) duration * 60))) { + if ((time(NULL) > (LastBadPassword + convert_uint32_to_time_t(duration) * 60))) { pdb_set_acct_ctrl(sampass, pdb_get_acct_ctrl(sampass) & ~ACB_AUTOLOCK, PDB_CHANGED); diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/source/python/setup.py samba-3.0.25a/source/python/setup.py --- samba-3.0.25/source/python/setup.py 2006-02-20 14:33:20.000000000 -0600 +++ samba-3.0.25a/source/python/setup.py 2007-05-23 10:29:15.000000000 -0500 @@ -67,6 +67,8 @@ libraries.append(lib[2:]) elif lib[0:8] == ("-pthread"): pass # Skip linker flags + elif lib[0:4] == ("-pie"): + pass # Skip linker flags elif lib[0:2] == "-L": library_dirs.append(lib[2:]) elif lib[0:2] in ("-W","-s"): diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/source/registry/regfio.c samba-3.0.25a/source/registry/regfio.c --- samba-3.0.25/source/registry/regfio.c 2007-05-10 17:09:37.000000000 -0500 +++ samba-3.0.25a/source/registry/regfio.c 2007-05-23 10:29:19.000000000 -0500 @@ -642,8 +642,12 @@ return False; if ( UNMARSHALLING(&hbin->ps) ) { - if ( !(lf->hashes = PRS_ALLOC_MEM( &hbin->ps, REGF_HASH_REC, lf->num_keys )) ) - return False; + if (lf->num_keys) { + if ( !(lf->hashes = PRS_ALLOC_MEM( &hbin->ps, REGF_HASH_REC, lf->num_keys )) ) + return False; + } else { + lf->hashes = NULL; + } } for ( i=0; inum_keys; i++ ) { diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/source/rpc_parse/parse_lsa.c samba-3.0.25a/source/rpc_parse/parse_lsa.c --- samba-3.0.25/source/rpc_parse/parse_lsa.c 2007-05-10 21:33:02.000000000 -0500 +++ samba-3.0.25a/source/rpc_parse/parse_lsa.c 2007-05-23 10:29:35.000000000 -0500 @@ -1178,7 +1178,7 @@ /* Mallocate memory if we're unpacking from the wire */ - if (UNMARSHALLING(ps)) { + if (UNMARSHALLING(ps) && sen->num_entries) { if ((sen->ptr_sid = PRS_ALLOC_MEM( ps, uint32, sen->num_entries)) == NULL) { DEBUG(3, ("init_lsa_sid_enum(): out of memory for " "ptr_sid\n")); @@ -1361,7 +1361,7 @@ return False; } - if (UNMARSHALLING(ps)) { + if (UNMARSHALLING(ps) && trn->num_entries2) { if ((trn->name = PRS_ALLOC_MEM(ps, LSA_TRANS_NAME, trn->num_entries2)) == NULL) { return False; } @@ -1423,7 +1423,7 @@ return False; } - if (UNMARSHALLING(ps)) { + if (UNMARSHALLING(ps) && trn->num_entries2) { if ((trn->name = PRS_ALLOC_MEM(ps, LSA_TRANS_NAME2, trn->num_entries2)) == NULL) { return False; } @@ -1700,7 +1700,7 @@ return False; } - if (UNMARSHALLING(ps)) { + if (UNMARSHALLING(ps) && out->num_entries2) { if ((out->dom_rid = PRS_ALLOC_MEM(ps, DOM_RID, out->num_entries2)) == NULL) { DEBUG(3, ("lsa_io_r_lookup_names(): out of memory\n")); @@ -1825,7 +1825,7 @@ return False; } - if (UNMARSHALLING(ps)) { + if (UNMARSHALLING(ps) && out->num_entries2) { if ((out->dom_rid = PRS_ALLOC_MEM(ps, DOM_RID2, out->num_entries2)) == NULL) { DEBUG(3, ("lsa_io_r_lookup_names2(): out of memory\n")); @@ -1978,7 +1978,7 @@ return False; } - if (UNMARSHALLING(ps)) { + if (UNMARSHALLING(ps) && out->num_entries2) { if ((out->trans_sids = PRS_ALLOC_MEM(ps, LSA_TRANSLATED_SID3, out->num_entries2)) == NULL) { DEBUG(3, ("lsa_io_r_lookup_names3(): out of memory\n")); @@ -2107,7 +2107,7 @@ return False; } - if (UNMARSHALLING(ps)) { + if (UNMARSHALLING(ps) && out->num_entries2) { if ((out->trans_sids = PRS_ALLOC_MEM(ps, LSA_TRANSLATED_SID3, out->num_entries2)) == NULL) { DEBUG(3, ("lsa_io_r_lookup_names4(): out of memory\n")); @@ -2346,7 +2346,7 @@ if(!prs_uint32("count1", ps, depth, &out->count1)) return False; - if (UNMARSHALLING(ps)) + if (UNMARSHALLING(ps) && out->count1) if (!(out->privs = PRS_ALLOC_MEM(ps, LSA_PRIV_ENTRY, out->count1))) return False; @@ -3908,7 +3908,7 @@ prs_debug(ps, depth, desc, "smb_io_lsa_data_buf"); depth++; - if ( UNMARSHALLING(ps) ) { + if ( UNMARSHALLING(ps) && length ) { if ( !(buf->data = PRS_ALLOC_MEM( ps, uint8, length )) ) return False; } @@ -3922,7 +3922,7 @@ if (!prs_uint32("length", ps, depth, &buf->length)) return False; - if(!prs_uint8s(False, "data", ps, depth, buf->data, size)) + if(!prs_uint8s(False, "data", ps, depth, buf->data, length)) return False; return True; diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/source/rpc_parse/parse_net.c samba-3.0.25a/source/rpc_parse/parse_net.c --- samba-3.0.25/source/rpc_parse/parse_net.c 2007-05-10 17:09:36.000000000 -0500 +++ samba-3.0.25a/source/rpc_parse/parse_net.c 2007-05-23 10:29:18.000000000 -0500 @@ -1729,9 +1729,13 @@ } if (UNMARSHALLING(ps)) { - usr->gids = PRS_ALLOC_MEM(ps, DOM_GID, usr->num_groups); - if (usr->gids == NULL) - return False; + if (usr->num_groups) { + usr->gids = PRS_ALLOC_MEM(ps, DOM_GID, usr->num_groups); + if (usr->gids == NULL) + return False; + } else { + usr->gids = NULL; + } } for (i = 0; i < usr->num_groups; i++) { @@ -1764,10 +1768,15 @@ return False; if (UNMARSHALLING(ps)) { - usr->other_sids = PRS_ALLOC_MEM(ps, DOM_SID2, usr->num_other_sids); - usr->other_sids_attrib = - PRS_ALLOC_MEM(ps, uint32, usr->num_other_sids); - + if (usr->num_other_sids) { + usr->other_sids = PRS_ALLOC_MEM(ps, DOM_SID2, usr->num_other_sids); + usr->other_sids_attrib = + PRS_ALLOC_MEM(ps, uint32, usr->num_other_sids); + } else { + usr->other_sids = NULL; + usr->other_sids_attrib = NULL; + } + if ((num_other_sids != 0) && ((usr->other_sids == NULL) || (usr->other_sids_attrib == NULL))) diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/source/rpc_parse/parse_prs.c samba-3.0.25a/source/rpc_parse/parse_prs.c --- samba-3.0.25/source/rpc_parse/parse_prs.c 2007-05-10 21:33:02.000000000 -0500 +++ samba-3.0.25a/source/rpc_parse/parse_prs.c 2007-05-23 10:29:35.000000000 -0500 @@ -644,8 +644,12 @@ return True; if (UNMARSHALLING(ps)) { - if ( !(*data = PRS_ALLOC_MEM(ps, char, data_size)) ) - return False; + if (data_size) { + if ( !(*data = PRS_ALLOC_MEM(ps, char, data_size)) ) + return False; + } else { + *data = NULL; + } } return prs_fn(name, ps, depth, *data); @@ -1016,16 +1020,16 @@ if (q == NULL) return False; + /* If the string is empty, we don't have anything to stream */ + if (str->buf_len==0) + return True; + if (UNMARSHALLING(ps)) { str->buffer = PRS_ALLOC_MEM(ps,uint16,str->buf_len); if (str->buffer == NULL) return False; } - /* If the string is empty, we don't have anything to stream */ - if (str->buf_len==0) - return True; - p = (char *)str->buffer; dbg_rw_punival(charmode, name, depth, ps, q, p, str->buf_len); @@ -1055,6 +1059,8 @@ buf->buffer = PRS_ALLOC_MEM(ps, uint16, buf->buf_max_len); if ( buf->buffer == NULL ) return False; + } else { + buf->buffer = NULL; } } @@ -1082,9 +1088,13 @@ if (str->str_str_len > str->str_max_len) { return False; } - str->buffer = PRS_ALLOC_MEM(ps,unsigned char, str->str_max_len); - if (str->buffer == NULL) - return False; + if (str->str_max_len) { + str->buffer = PRS_ALLOC_MEM(ps,unsigned char, str->str_max_len); + if (str->buffer == NULL) + return False; + } else { + str->buffer = NULL; + } } if (UNMARSHALLING(ps)) { @@ -1129,9 +1139,13 @@ if (str->uni_str_len > str->uni_max_len) { return False; } - str->buffer = PRS_ALLOC_MEM(ps,uint16,str->uni_max_len); - if (str->buffer == NULL) - return False; + if (str->uni_max_len) { + str->buffer = PRS_ALLOC_MEM(ps,uint16,str->uni_max_len); + if (str->buffer == NULL) + return False; + } else { + str->buffer = NULL; + } } p = (char *)str->buffer; @@ -1156,9 +1170,13 @@ return False; if (UNMARSHALLING(ps)) { - str->str.buffer = PRS_ALLOC_MEM(ps,uint16,str->uni_str_len); - if (str->str.buffer == NULL) - return False; + if (str->uni_str_len) { + str->str.buffer = PRS_ALLOC_MEM(ps,uint16,str->uni_str_len); + if (str->str.buffer == NULL) + return False; + } else { + str->str.buffer = NULL; + } } p = (char *)str->str.buffer; diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/source/rpc_parse/parse_samr.c samba-3.0.25a/source/rpc_parse/parse_samr.c --- samba-3.0.25/source/rpc_parse/parse_samr.c 2007-05-10 17:09:36.000000000 -0500 +++ samba-3.0.25a/source/rpc_parse/parse_samr.c 2007-05-23 10:29:18.000000000 -0500 @@ -3328,7 +3328,7 @@ if(!prs_uint32("num_entries3", ps, depth, &r_u->num_entries3)) return False; - if (UNMARSHALLING(ps)) { + if (UNMARSHALLING(ps) && r_u->num_entries2) { r_u->sam = PRS_ALLOC_MEM(ps,SAM_ENTRY,r_u->num_entries2); r_u->uni_dom_name = PRS_ALLOC_MEM(ps,UNISTR2,r_u->num_entries2); } @@ -3467,7 +3467,7 @@ if(!prs_uint32("num_entries3", ps, depth, &r_u->num_entries3)) return False; - if (UNMARSHALLING(ps)) { + if (UNMARSHALLING(ps) && r_u->num_entries2) { r_u->sam = PRS_ALLOC_MEM(ps,SAM_ENTRY,r_u->num_entries2); r_u->uni_grp_name = PRS_ALLOC_MEM(ps,UNISTR2,r_u->num_entries2); } @@ -4997,12 +4997,13 @@ return False; } - if (UNMARSHALLING(ps)) + if (UNMARSHALLING(ps) && r_u->num_rids2) { r_u->rids = PRS_ALLOC_MEM(ps, uint32, r_u->num_rids2); - if (!r_u->rids) { - DEBUG(0, ("NULL rids in samr_io_r_lookup_names\n")); - return False; + if (!r_u->rids) { + DEBUG(0, ("NULL rids in samr_io_r_lookup_names\n")); + return False; + } } for (i = 0; i < r_u->num_rids2; i++) { @@ -5026,12 +5027,13 @@ return False; } - if (UNMARSHALLING(ps)) + if (UNMARSHALLING(ps) && r_u->num_types2) { r_u->types = PRS_ALLOC_MEM(ps, uint32, r_u->num_types2); - if (!r_u->types) { - DEBUG(0, ("NULL types in samr_io_r_lookup_names\n")); - return False; + if (!r_u->types) { + DEBUG(0, ("NULL types in samr_io_r_lookup_names\n")); + return False; + } } for (i = 0; i < r_u->num_types2; i++) { diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/source/rpc_parse/parse_spoolss.c samba-3.0.25a/source/rpc_parse/parse_spoolss.c --- samba-3.0.25/source/rpc_parse/parse_spoolss.c 2007-05-10 21:33:02.000000000 -0500 +++ samba-3.0.25a/source/rpc_parse/parse_spoolss.c 2007-05-23 10:29:18.000000000 -0500 @@ -256,7 +256,7 @@ return False; /* reading */ - if (UNMARSHALLING(ps)) + if (UNMARSHALLING(ps) && ctr->count) if((ctr->type=PRS_ALLOC_MEM(ps,SPOOL_NOTIFY_OPTION_TYPE,ctr->count)) == NULL) return False; @@ -415,7 +415,7 @@ if(!prs_uint32("string length", ps, depth, &data->notify_data.data.length)) return False; - if (UNMARSHALLING(ps)) { + if (UNMARSHALLING(ps) && data->notify_data.data.length) { data->notify_data.data.string = PRS_ALLOC_MEM(ps, uint16, data->notify_data.data.length); @@ -434,7 +434,7 @@ case NOTIFY_POINTER: - if (UNMARSHALLING(ps)) { + if (UNMARSHALLING(ps) && data->notify_data.data.length) { data->notify_data.data.string = PRS_ALLOC_MEM(ps, uint16, data->notify_data.data.length); @@ -494,9 +494,13 @@ /* Tallocate memory for string */ - data->notify_data.data.string = PRS_ALLOC_MEM(ps, uint16, x * 2); - if (!data->notify_data.data.string) - return False; + if (x) { + data->notify_data.data.string = PRS_ALLOC_MEM(ps, uint16, x * 2); + if (!data->notify_data.data.string) + return False; + } else { + data->notify_data.data.string = NULL; + } if(!prs_uint16uni(True,"string",ps,depth,data->notify_data.data.string,x)) return False; @@ -6005,14 +6009,14 @@ case REG_BINARY: case REG_DWORD: case REG_MULTI_SZ: - if (q_u->max_len) { - if (UNMARSHALLING(ps)) - q_u->data=PRS_ALLOC_MEM(ps, uint8, q_u->max_len); - if(q_u->data == NULL) - return False; - if(!prs_uint8s(False,"data", ps, depth, q_u->data, q_u->max_len)) - return False; - } + if (q_u->max_len) { + if (UNMARSHALLING(ps)) + q_u->data=PRS_ALLOC_MEM(ps, uint8, q_u->max_len); + if(q_u->data == NULL) + return False; + if(!prs_uint8s(False,"data", ps, depth, q_u->data, q_u->max_len)) + return False; + } if(!prs_align(ps)) return False; break; @@ -7035,7 +7039,7 @@ /* first loop to write basic enum_value information */ - if (UNMARSHALLING(ps)) { + if (UNMARSHALLING(ps) && ctr->size_of_array) { ctr->values = PRS_ALLOC_MEM(ps, PRINTER_ENUM_VALUES, ctr->size_of_array); if (!ctr->values) return False; diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/source/rpc_parse/parse_srv.c samba-3.0.25a/source/rpc_parse/parse_srv.c --- samba-3.0.25/source/rpc_parse/parse_srv.c 2007-03-20 17:25:39.000000000 -0500 +++ samba-3.0.25a/source/rpc_parse/parse_srv.c 2007-05-23 10:29:18.000000000 -0500 @@ -783,7 +783,7 @@ int num_entries = ctr->num_entries; int i; - if (UNMARSHALLING(ps)) { + if (UNMARSHALLING(ps) && num_entries) { if (!(info0 = PRS_ALLOC_MEM(ps, SRV_SHARE_INFO_0, num_entries))) return False; ctr->share.info0 = info0; @@ -809,7 +809,7 @@ int num_entries = ctr->num_entries; int i; - if (UNMARSHALLING(ps)) { + if (UNMARSHALLING(ps) && num_entries) { if (!(info1 = PRS_ALLOC_MEM(ps, SRV_SHARE_INFO_1, num_entries))) return False; ctr->share.info1 = info1; @@ -835,7 +835,7 @@ int num_entries = ctr->num_entries; int i; - if (UNMARSHALLING(ps)) { + if (UNMARSHALLING(ps) && num_entries) { if (!(info2 = PRS_ALLOC_MEM(ps,SRV_SHARE_INFO_2,num_entries))) return False; ctr->share.info2 = info2; @@ -860,7 +860,7 @@ int num_entries = ctr->num_entries; int i; - if (UNMARSHALLING(ps)) { + if (UNMARSHALLING(ps) && num_entries) { if (!(info501 = PRS_ALLOC_MEM(ps, SRV_SHARE_INFO_501, num_entries))) return False; ctr->share.info501 = info501; @@ -885,7 +885,7 @@ int num_entries = ctr->num_entries; int i; - if (UNMARSHALLING(ps)) { + if (UNMARSHALLING(ps) && num_entries) { if (!(info502 = PRS_ALLOC_MEM(ps,SRV_SHARE_INFO_502,num_entries))) return False; ctr->share.info502 = info502; @@ -911,7 +911,7 @@ int num_entries = ctr->num_entries; int i; - if (UNMARSHALLING(ps)) { + if (UNMARSHALLING(ps) && num_entries) { if (!(info1004 = PRS_ALLOC_MEM(ps,SRV_SHARE_INFO_1004,num_entries))) return False; ctr->share.info1004 = info1004; @@ -937,7 +937,7 @@ int num_entries = ctr->num_entries; int i; - if (UNMARSHALLING(ps)) { + if (UNMARSHALLING(ps) && num_entries) { if (!(info1005 = PRS_ALLOC_MEM(ps,SRV_SHARE_INFO_1005,num_entries))) return False; ctr->share.info1005 = info1005; @@ -957,7 +957,7 @@ int num_entries = ctr->num_entries; int i; - if (UNMARSHALLING(ps)) { + if (UNMARSHALLING(ps) && num_entries) { if (!(info1006 = PRS_ALLOC_MEM(ps,SRV_SHARE_INFO_1006,num_entries))) return False; ctr->share.info1006 = info1006; @@ -977,7 +977,7 @@ int num_entries = ctr->num_entries; int i; - if (UNMARSHALLING(ps)) { + if (UNMARSHALLING(ps) && num_entries) { if (!(info1007 = PRS_ALLOC_MEM(ps,SRV_SHARE_INFO_1007,num_entries))) return False; ctr->share.info1007 = info1007; @@ -1003,7 +1003,7 @@ int num_entries = ctr->num_entries; int i; - if (UNMARSHALLING(ps)) { + if (UNMARSHALLING(ps) && num_entries) { if (!(info1501 = PRS_ALLOC_MEM(ps,SRV_SHARE_INFO_1501,num_entries))) return False; ctr->share.info1501 = info1501; @@ -2404,7 +2404,7 @@ if(!prs_uint32("num_locks ", ps, depth, &fl3->num_locks)) return False; - uni_p = fl3->path ? (uint32)fl3->path : 0; + uni_p = fl3->path ? 1 : 0; if(!prs_uint32("ptr", ps, depth, &uni_p)) return False; if (UNMARSHALLING(ps)) { @@ -2413,7 +2413,7 @@ } } - uni_p = fl3->user ? (uint32)fl3->user : 0; + uni_p = fl3->user ? 1 : 0; if(!prs_uint32("ptr", ps, depth, &uni_p)) return False; if (UNMARSHALLING(ps)) { @@ -2466,7 +2466,7 @@ int num_entries = ctr->num_entries; int i; - if (UNMARSHALLING(ps)) { + if (UNMARSHALLING(ps) && num_entries) { if (!(info3 = PRS_ALLOC_MEM(ps, FILE_INFO_3, num_entries))) return False; ctr->file.info3 = info3; @@ -3246,7 +3246,7 @@ r_n->disk_enum_ctr.entries_read = entries_read3; - if(UNMARSHALLING(ps)) { + if(UNMARSHALLING(ps) && entries_read3) { DISK_INFO *dinfo; @@ -3255,7 +3255,7 @@ r_n->disk_enum_ctr.disk_info = dinfo; } - for(i=0; i < r_n->disk_enum_ctr.entries_read; i++) { + for(i=0; i < entries_read3; i++) { if(!prs_uint32("unknown", ps, depth, &r_n->disk_enum_ctr.disk_info[i].unknown)) return False; diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/source/rpc_server/srv_lsa_ds_nt.c samba-3.0.25a/source/rpc_server/srv_lsa_ds_nt.c --- samba-3.0.25/source/rpc_server/srv_lsa_ds_nt.c 2007-04-09 12:30:58.000000000 -0500 +++ samba-3.0.25a/source/rpc_server/srv_lsa_ds_nt.c 2007-05-23 10:29:17.000000000 -0500 @@ -84,16 +84,16 @@ basic->dnsname_ptr = 1; init_unistr2( &basic->dns_domain, dnsdomain, UNI_STR_TERMINATE); + + /* FIXME!! We really should fill in the correct forest + name. Should get this information from winbindd. */ basic->forestname_ptr = 1; init_unistr2( &basic->forest_domain, dnsdomain, UNI_STR_TERMINATE); } else { - get_mydnsdomname(dnsdomain); - strlower_m(dnsdomain); - - basic->dnsname_ptr = 1; - init_unistr2( &basic->dns_domain, dnsdomain, UNI_FLAGS_NONE); - basic->forestname_ptr = 1; - init_unistr2( &basic->forest_domain, dnsdomain, UNI_FLAGS_NONE); + /* security = domain should not fill in the dns or + forest name */ + basic->dnsname_ptr = 0; + basic->forestname_ptr = 0; } *info = basic; diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/source/script/tests/gdb_backtrace samba-3.0.25a/source/script/tests/gdb_backtrace --- samba-3.0.25/source/script/tests/gdb_backtrace 2007-02-28 22:55:01.000000000 -0600 +++ samba-3.0.25a/source/script/tests/gdb_backtrace 2007-05-23 10:29:19.000000000 -0500 @@ -33,7 +33,7 @@ esac for DB in ${DB_LIST}; do - DB_BIN=`which ${DB} 2>/dev/null` + DB_BIN=`which ${DB} 2>/dev/null | grep '^/'` test x"${DB_BIN}" != x"" && { break } diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/source/smbd/blocking.c samba-3.0.25a/source/smbd/blocking.c --- samba-3.0.25/source/smbd/blocking.c 2007-02-28 22:54:06.000000000 -0600 +++ samba-3.0.25a/source/smbd/blocking.c 2007-05-23 10:29:15.000000000 -0500 @@ -39,6 +39,7 @@ SMB_BIG_UINT offset; SMB_BIG_UINT count; uint32 lock_pid; + uint32 blocking_pid; /* PID that blocks us. */ enum brl_flavour lock_flav; enum brl_type lock_type; char *inbuf; @@ -86,7 +87,9 @@ uint32 lock_pid, enum brl_type lock_type, enum brl_flavour lock_flav, - SMB_BIG_UINT offset, SMB_BIG_UINT count) + SMB_BIG_UINT offset, + SMB_BIG_UINT count, + uint32 blocking_pid) { static BOOL set_lock_msg; blocking_lock_record *blr; @@ -127,6 +130,7 @@ } blr->lock_num = lock_num; blr->lock_pid = lock_pid; + blr->blocking_pid = blocking_pid; blr->lock_flav = lock_flav; blr->lock_type = lock_type; blr->offset = offset; @@ -142,7 +146,8 @@ count, lock_type == READ_LOCK ? PENDING_READ_LOCK : PENDING_WRITE_LOCK, blr->lock_flav, - lock_timeout ? True : False); /* blocking_lock. */ + lock_timeout ? True : False, /* blocking_lock. */ + NULL); if (!NT_STATUS_IS_OK(status)) { DEBUG(0,("push_blocking_lock_request: failed to add PENDING_LOCK record.\n")); @@ -380,7 +385,8 @@ READ_LOCK : WRITE_LOCK), WINDOWS_LOCK, True, - &status); + &status, + &blr->blocking_pid); TALLOC_FREE(br_lck); @@ -440,7 +446,8 @@ blr->lock_type, blr->lock_flav, True, - &status); + &status, + &blr->blocking_pid); TALLOC_FREE(br_lck); if (!NT_STATUS_IS_OK(status)) { @@ -598,7 +605,7 @@ { unsigned int timeout_ms = default_timeout_ms; struct timeval tv_curr; - SMB_BIG_INT min_tv_dif_us = 0x7FFFFFFF; /* A large +ve number. */ + SMB_BIG_INT min_tv_dif_us = default_timeout_ms * 1000; blocking_lock_record *blr = blocking_lock_queue; /* note that we avoid the GetTimeOfDay() syscall if there are no blocking locks */ @@ -612,6 +619,15 @@ SMB_BIG_INT tv_dif_us; if (timeval_is_zero(&blr->expire_time)) { + /* + * If we're blocked on pid 0xFFFFFFFF this is + * a POSIX lock, so calculate a timeout of + * 10 seconds. + */ + if (blr->blocking_pid == 0xFFFFFFFF) { + tv_dif_us = 10 * 1000 * 1000; + min_tv_dif_us = MIN(min_tv_dif_us, tv_dif_us); + } continue; /* Never timeout. */ } diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/source/smbd/close.c samba-3.0.25a/source/smbd/close.c --- samba-3.0.25/source/smbd/close.c 2007-03-20 17:25:37.000000000 -0500 +++ samba-3.0.25a/source/smbd/close.c 2007-05-23 10:29:15.000000000 -0500 @@ -287,6 +287,10 @@ status = map_nt_error_from_unix(errno); } + notify_fname(conn, NOTIFY_ACTION_REMOVED, + FILE_NOTIFY_CHANGE_FILE_NAME, + fsp->fsp_name); + /* As we now have POSIX opens which can unlink * with other open files we may have taken * this code path with more than one share mode diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/source/smbd/open.c samba-3.0.25a/source/smbd/open.c --- samba-3.0.25/source/smbd/open.c 2007-03-20 17:25:37.000000000 -0500 +++ samba-3.0.25a/source/smbd/open.c 2007-05-24 08:27:21.000000000 -0500 @@ -47,7 +47,12 @@ NTSTATUS status = NT_STATUS_OK; #ifdef O_NOFOLLOW - if (!lp_symlinks(SNUM(conn))) { + /* + * Never follow symlinks on a POSIX client. The + * client should be doing this. + */ + + if (fsp->posix_open || !lp_symlinks(SNUM(conn))) { flags |= O_NOFOLLOW; } #endif @@ -1120,6 +1125,7 @@ BOOL file_existed = VALID_STAT(*psbuf); BOOL def_acl = False; BOOL posix_open = False; + BOOL new_file_created = False; SMB_DEV_T dev = 0; SMB_INO_T inode = 0; NTSTATUS fsp_open = NT_STATUS_ACCESS_DENIED; @@ -1760,28 +1766,31 @@ fsp->oplock_type = NO_OPLOCK; } } - set_share_mode(lck, fsp, current_user.ut.uid, 0, fsp->oplock_type); - if (info == FILE_WAS_OVERWRITTEN || info == FILE_WAS_CREATED || - info == FILE_WAS_SUPERSEDED) { + if (info == FILE_WAS_OVERWRITTEN || info == FILE_WAS_CREATED || info == FILE_WAS_SUPERSEDED) { + new_file_created = True; + } - /* Handle strange delete on close create semantics. */ - if (create_options & FILE_DELETE_ON_CLOSE) { - status = can_set_delete_on_close(fsp, True, new_dos_attributes); + set_share_mode(lck, fsp, current_user.ut.uid, 0, fsp->oplock_type, new_file_created); - if (!NT_STATUS_IS_OK(status)) { - /* Remember to delete the mode we just added. */ - del_share_mode(lck, fsp); - TALLOC_FREE(lck); - fd_close(conn,fsp); - file_free(fsp); - return status; - } - /* Note that here we set the *inital* delete on close flag, - not the regular one. The magic gets handled in close. */ - fsp->initial_delete_on_close = True; + /* Handle strange delete on close create semantics. */ + if ((create_options & FILE_DELETE_ON_CLOSE) && can_set_initial_delete_on_close(lck)) { + status = can_set_delete_on_close(fsp, True, new_dos_attributes); + + if (!NT_STATUS_IS_OK(status)) { + /* Remember to delete the mode we just added. */ + del_share_mode(lck, fsp); + TALLOC_FREE(lck); + fd_close(conn,fsp); + file_free(fsp); + return status; } + /* Note that here we set the *inital* delete on close flag, + not the regular one. The magic gets handled in close. */ + fsp->initial_delete_on_close = True; + } + if (new_file_created) { /* Files should be initially set as archive */ if (lp_map_archive(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) { @@ -2139,7 +2148,7 @@ return status; } - set_share_mode(lck, fsp, current_user.ut.uid, 0, NO_OPLOCK); + set_share_mode(lck, fsp, current_user.ut.uid, 0, NO_OPLOCK, True); /* For directories the delete on close bit at open time seems always to be honored on close... See test 19 in Samba4 BASE-DELETE. */ diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/source/smbd/reply.c samba-3.0.25a/source/smbd/reply.c --- samba-3.0.25/source/smbd/reply.c 2007-05-10 17:09:34.000000000 -0500 +++ samba-3.0.25a/source/smbd/reply.c 2007-05-24 08:27:21.000000000 -0500 @@ -1790,7 +1790,7 @@ Check if a user is allowed to rename a file. ********************************************************************/ -static NTSTATUS can_rename(connection_struct *conn, char *fname, uint16 dirtype, SMB_STRUCT_STAT *pst) +static NTSTATUS can_rename(connection_struct *conn, char *fname, uint16 dirtype, SMB_STRUCT_STAT *pst, BOOL self_open) { files_struct *fsp; uint32 fmode; @@ -1811,7 +1811,10 @@ status = open_file_ntcreate(conn, fname, pst, DELETE_ACCESS, - FILE_SHARE_READ|FILE_SHARE_WRITE, + /* If we're checking our fsp don't deny for delete. */ + self_open ? + FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE : + FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_OPEN, 0, FILE_ATTRIBUTE_NORMAL, @@ -2421,7 +2424,8 @@ WRITE_LOCK, WINDOWS_LOCK, False, /* Non-blocking lock. */ - &status); + &status, + NULL); TALLOC_FREE(br_lck); if (NT_STATUS_V(status)) { @@ -3426,7 +3430,8 @@ WRITE_LOCK, WINDOWS_LOCK, False, /* Non-blocking lock. */ - &status); + &status, + NULL); TALLOC_FREE(br_lck); @@ -4190,7 +4195,10 @@ ZERO_STRUCT(sbuf); status = unix_convert(conn, newname, False, newname_last_component, &sbuf); - if (!NT_STATUS_IS_OK(status)) { + + /* If an error we expect this to be NT_STATUS_OBJECT_PATH_NOT_FOUND */ + + if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(NT_STATUS_OBJECT_PATH_NOT_FOUND, status)) { return status; } @@ -4258,10 +4266,21 @@ return NT_STATUS_OBJECT_NAME_COLLISION; } - status = can_rename(conn,newname,attrs,&sbuf); + /* Ensure we have a valid stat struct for the source. */ + if (fsp->fh->fd != -1) { + if (SMB_VFS_FSTAT(fsp,fsp->fh->fd,&sbuf) == -1) { + return map_nt_error_from_unix(errno); + } + } else { + if (SMB_VFS_STAT(conn,fsp->fsp_name,&sbuf) == -1) { + return map_nt_error_from_unix(errno); + } + } + + status = can_rename(conn,fsp->fsp_name,attrs,&sbuf,True); - if (dest_exists && !NT_STATUS_IS_OK(status)) { - DEBUG(3,("rename_internals: Error %s rename %s -> %s\n", + if (!NT_STATUS_IS_OK(status)) { + DEBUG(3,("rename_internals_fsp: Error %s rename %s -> %s\n", nt_errstr(status), fsp->fsp_name,newname)); if (NT_STATUS_EQUAL(status,NT_STATUS_SHARING_VIOLATION)) status = NT_STATUS_ACCESS_DENIED; @@ -4275,9 +4294,33 @@ lck = get_share_mode_lock(NULL, fsp->dev, fsp->inode, NULL, NULL); if(SMB_VFS_RENAME(conn,fsp->fsp_name, newname) == 0) { + uint32 create_options = fsp->fh->private_options; + DEBUG(3,("rename_internals_fsp: succeeded doing rename on %s -> %s\n", fsp->fsp_name,newname)); + rename_open_files(conn, lck, fsp->dev, fsp->inode, newname); + + /* + * A rename acts as a new file create w.r.t. allowing an initial delete + * on close, probably because in Windows there is a new handle to the + * new file. If initial delete on close was requested but not + * originally set, we need to set it here. This is probably not 100% correct, + * but will work for the CIFSFS client which in non-posix mode + * depends on these semantics. JRA. + */ + + set_allow_initial_delete_on_close(lck, fsp, True); + + if (create_options & FILE_DELETE_ON_CLOSE) { + status = can_set_delete_on_close(fsp, True, 0); + + if (NT_STATUS_IS_OK(status)) { + /* Note that here we set the *inital* delete on close flag, + * not the regular one. The magic gets handled in close. */ + fsp->initial_delete_on_close = True; + } + } TALLOC_FREE(lck); return NT_STATUS_OK; } @@ -4528,7 +4571,7 @@ return status; } - status = can_rename(conn,directory,attrs,&sbuf1); + status = can_rename(conn,directory,attrs,&sbuf1,False); if (!NT_STATUS_IS_OK(status)) { DEBUG(3,("rename_internals: Error %s rename %s -> " @@ -4656,7 +4699,7 @@ fname, nt_errstr(status))); continue; } - status = can_rename(conn,fname,attrs,&sbuf1); + status = can_rename(conn,fname,attrs,&sbuf1,False); if (!NT_STATUS_IS_OK(status)) { DEBUG(6, ("rename %s refused\n", fname)); continue; @@ -5524,6 +5567,7 @@ BOOL blocking_lock = lock_timeout ? True : False; BOOL defer_lock = False; struct byte_range_lock *br_lck; + uint32 block_smbpid; br_lck = do_lock(fsp, lock_pid, @@ -5532,7 +5576,8 @@ lock_type, WINDOWS_LOCK, blocking_lock, - &status); + &status, + &block_smbpid); if (br_lck && blocking_lock && ERROR_WAS_LOCK_DENIED(status)) { /* Windows internal resolution for blocking locks seems @@ -5569,7 +5614,8 @@ lock_type, WINDOWS_LOCK, offset, - count)) { + count, + block_smbpid)) { TALLOC_FREE(br_lck); END_PROFILE(SMBlockingX); return -1; diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/source/smbd/trans2.c samba-3.0.25a/source/smbd/trans2.c --- samba-3.0.25/source/smbd/trans2.c 2007-05-10 17:09:34.000000000 -0500 +++ samba-3.0.25a/source/smbd/trans2.c 2007-05-24 08:27:21.000000000 -0500 @@ -4507,10 +4507,11 @@ pstrcpy(base_name, fname); p = strrchr_m(base_name, '/'); if (p) { - *p = '\0'; + p[1] = '\0'; + } else { + pstrcpy(base_name, "./"); } /* Append the new name. */ - pstrcat(base_name, "/"); pstrcat(base_name, newname); if (fsp) { @@ -4671,6 +4672,8 @@ offset, POSIX_LOCK); } else { + uint32 block_smbpid; + struct byte_range_lock *br_lck = do_lock(fsp, lock_pid, count, @@ -4678,7 +4681,8 @@ lock_type, POSIX_LOCK, blocking_lock, - &status); + &status, + &block_smbpid); if (br_lck && blocking_lock && ERROR_WAS_LOCK_DENIED(status)) { /* @@ -4695,7 +4699,8 @@ lock_type, POSIX_LOCK, offset, - count)) { + count, + block_smbpid)) { TALLOC_FREE(br_lck); return status; } @@ -5628,9 +5633,17 @@ * to do this call. JRA. */ pstrcpy(fname, fsp->fsp_name); - if (SMB_VFS_STAT(conn,fname,&sbuf) != 0) { - DEBUG(3,("call_trans2setfilepathinfo: fileinfo of %s failed (%s)\n",fname,strerror(errno))); - return UNIXERROR(ERRDOS,ERRbadpath); + if (INFO_LEVEL_IS_UNIX(info_level)) { + /* Always do lstat for UNIX calls. */ + if (SMB_VFS_LSTAT(conn,fname,&sbuf)) { + DEBUG(3,("call_trans2setfilepathinfo: SMB_VFS_LSTAT of %s failed (%s)\n",fname,strerror(errno))); + return UNIXERROR(ERRDOS,ERRbadpath); + } + } else { + if (SMB_VFS_STAT(conn,fname,&sbuf) != 0) { + DEBUG(3,("call_trans2setfilepathinfo: fileinfo of %s failed (%s)\n",fname,strerror(errno))); + return UNIXERROR(ERRDOS,ERRbadpath); + } } } else if (fsp && fsp->print_file) { /* @@ -5689,14 +5702,18 @@ return ERROR_NT(status); } - /* - * For CIFS UNIX extensions the target name may not exist. - */ + if (INFO_LEVEL_IS_UNIX(info_level)) { + /* + * For CIFS UNIX extensions the target name may not exist. + */ - if(!VALID_STAT(sbuf) && !INFO_LEVEL_IS_UNIX(info_level)) { - DEBUG(3,("call_trans2setfilepathinfo: stat of %s failed (%s)\n", fname, strerror(errno))); + /* Always do lstat for UNIX calls. */ + SMB_VFS_LSTAT(conn,fname,&sbuf); + + } else if (!VALID_STAT(sbuf) && SMB_VFS_STAT(conn,fname,&sbuf)) { + DEBUG(3,("call_trans2setfilepathinfo: SMB_VFS_STAT of %s failed (%s)\n",fname,strerror(errno))); return UNIXERROR(ERRDOS,ERRbadpath); - } + } } if (!CAN_WRITE(conn)) { diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/source/smbd/uid.c samba-3.0.25a/source/smbd/uid.c --- samba-3.0.25/source/smbd/uid.c 2007-02-28 22:54:07.000000000 -0600 +++ samba-3.0.25a/source/smbd/uid.c 2007-05-23 10:29:15.000000000 -0500 @@ -156,7 +156,9 @@ char group_c; BOOL must_free_token = False; NT_USER_TOKEN *token = NULL; - + int num_groups = 0; + gid_t *group_list = NULL; + if (!conn) { DEBUG(2,("change_to_user: Connection not open\n")); return(False); @@ -195,14 +197,14 @@ if (conn->force_user) /* security = share sets this too */ { uid = conn->uid; gid = conn->gid; - current_user.ut.groups = conn->groups; - current_user.ut.ngroups = conn->ngroups; + group_list = conn->groups; + num_groups = conn->ngroups; token = conn->nt_user_token; } else if (vuser) { uid = conn->admin_user ? 0 : vuser->uid; gid = vuser->gid; - current_user.ut.ngroups = vuser->n_groups; - current_user.ut.groups = vuser->groups; + num_groups = vuser->n_groups; + group_list = vuser->groups; token = vuser->nt_user_token; } else { DEBUG(2,("change_to_user: Invalid vuid used %d in accessing " @@ -235,8 +237,8 @@ */ int i; - for (i = 0; i < current_user.ut.ngroups; i++) { - if (current_user.ut.groups[i] == conn->gid) { + for (i = 0; i < num_groups; i++) { + if (group_list[i] == conn->gid) { gid = conn->gid; gid_to_sid(&token->user_sids[1], gid); break; @@ -248,6 +250,12 @@ } } + /* Now set current_user since we will immediately also call + set_sec_ctx() */ + + current_user.ut.ngroups = num_groups; + current_user.ut.groups = group_list; + set_sec_ctx(uid, gid, current_user.ut.ngroups, current_user.ut.groups, token); diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/source/tdb/tools/tdbtool.c samba-3.0.25a/source/tdb/tools/tdbtool.c --- samba-3.0.25/source/tdb/tools/tdbtool.c 2007-02-28 22:55:07.000000000 -0600 +++ samba-3.0.25a/source/tdb/tools/tdbtool.c 2007-05-23 10:29:19.000000000 -0500 @@ -116,7 +116,7 @@ int cnum; uid_t uid; gid_t gid; - char name[24]; + char servicename[FSTRING_LEN]; char addr[24]; char machine[FSTRING_LEN]; time_t start; @@ -373,7 +373,7 @@ printf( "\ndata %d bytes\n", (int)dbuf.dsize); printf( "pid =%5d ", ((connections_data*)dbuf.dptr)->pid); printf( "cnum =%10d ", ((connections_data*)dbuf.dptr)->cnum); - printf( "name =[%s]\n", ((connections_data*)dbuf.dptr)->name); + printf( "name =[%s]\n", ((connections_data*)dbuf.dptr)->servicename); printf( "uid =%5d ", ((connections_data*)dbuf.dptr)->uid); printf( "addr =[%s]\n", ((connections_data*)dbuf.dptr)->addr); diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/source/utils/net_rap.c samba-3.0.25a/source/utils/net_rap.c --- samba-3.0.25/source/utils/net_rap.c 2007-02-28 22:54:59.000000000 -0600 +++ samba-3.0.25a/source/utils/net_rap.c 2007-05-23 10:29:18.000000000 -0500 @@ -435,10 +435,14 @@ int ret; if (argc > 0) { - if (!strequal(argv[0], "name")) { + if (strequal(argv[0], "name")) { + return net_rap_server_name(argc, argv); + } + /* smb4k uses 'net [rap|rpc] server domain' to query servers in a domain */ + /* Fall through for 'domain', any other forms will cause to show usage message */ + if (!strequal(argv[0], "domain")) { return net_rap_server_usage(argc-1, argv+1); } - return net_rap_server_name(argc, argv); } if (!(cli = net_make_ipc_connection(0))) diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/source/utils/net_rpc.c samba-3.0.25a/source/utils/net_rpc.c --- samba-3.0.25/source/utils/net_rpc.c 2007-03-20 17:25:40.000000000 -0500 +++ samba-3.0.25a/source/utils/net_rpc.c 2007-05-23 10:29:19.000000000 -0500 @@ -3113,7 +3113,7 @@ if (opt_long_list_entries) { d_printf("%-12s %-8.8s %-50s\n", - netname, share_type[info1->info_1.type], remark); + netname, share_type[info1->info_1.type & ~(STYPE_TEMPORARY|STYPE_HIDDEN)], remark); } else { d_printf("%s\n", netname); } diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/source/utils/pdbedit.c samba-3.0.25a/source/utils/pdbedit.c --- samba-3.0.25/source/utils/pdbedit.c 2007-03-20 17:25:40.000000000 -0500 +++ samba-3.0.25a/source/utils/pdbedit.c 2007-05-23 10:29:19.000000000 -0500 @@ -96,7 +96,7 @@ return 1; } - printf("Importing accout for %s...", user->username); + printf("Importing account for %s...", user->username); if ( !NT_STATUS_IS_OK(out->getsampwnam( out, account, user->username )) ) { status = out->add_sam_account(out, user); } else { @@ -285,14 +285,14 @@ lm_passwd, nt_passwd, pdb_encode_acct_ctrl(pdb_get_acct_ctrl(sam_pwent),NEW_PW_FORMAT_SPACE_PADDED_LEN), - (uint32)pdb_get_pass_last_set_time(sam_pwent)); + (uint32)convert_time_t_to_uint32(pdb_get_pass_last_set_time(sam_pwent))); } else { uid = nametouid(pdb_get_username(sam_pwent)); printf ("%s:%lu:%s\n", pdb_get_username(sam_pwent), (unsigned long)uid, pdb_get_fullname(sam_pwent)); } - return 0; + return 0; } /********************************************************* diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/source/VERSION samba-3.0.25a/source/VERSION --- samba-3.0.25/source/VERSION 2007-05-10 21:29:05.000000000 -0500 +++ samba-3.0.25a/source/VERSION 2007-05-23 10:29:19.000000000 -0500 @@ -36,7 +36,7 @@ # e.g. SAMBA_VERSION_REVISION=a # # -> "2.2.8a" # ######################################################## -SAMBA_VERSION_REVISION= +SAMBA_VERSION_REVISION=a ######################################################## # For 'pre' releases the version will be # diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.25/WHATSNEW.txt samba-3.0.25a/WHATSNEW.txt --- samba-3.0.25/WHATSNEW.txt 2007-05-13 07:15:19.000000000 -0500 +++ samba-3.0.25a/WHATSNEW.txt 2007-05-24 23:09:18.000000000 -0500 @@ -1,12 +1,139 @@ + =============================== + Release Notes for Samba 3.0.25a + May 25, 2007 + =============================== + +This is the second production release of the Samba 3.0.25 code +base and is the version that servers should be run for for all +current bug fixes. + +Major bug fixes included in Samba 3.0.25a are: + + o Missing supplementary Unix group membership when using "force + group". + o Premature expiration of domain user passwords when using a + Samba domain controller. + o Failure to open the Windows object picker against a server + configured to use "security = domain". + * Authentication failures when using security = server. + + +Changes to MS-DFS Root Share Behavior +===================================== + +Please be aware that the initial value for the "msdfs root" share +parameter was changed in the 3.0.25 release series and that this +option is now disabled by default. Windows clients frequently require +a reboot in order to clear any cached information about MS-DFS +root shares on a server and you may experience failures accessing +file services on Samba 3.0.25 servers until the client reboot +is performed. Alternately, you may explicitly re-enable the +parameter in smb.conf. Please refer to the smb.conf(5) man page +for more details. + + + +###################################################################### +Changes +####### + +Changes since 3.0.25 +-------------------- + +o Michael Adam + * Fix logic in detection of the need to replace dlopen, et. al. + * Add HP-UX ACL VFS module. + * Fix build of Tru64 ACL VFS module. + + +o Jeremy Allison + * BUG 4622: Fix authentication failures in security = server. + * Fix pointer marshalling in srvsvc parsing code. + * BUG 4630: Fix conversion of 8 byte time_t and NT_TIME values. + * Ensure that if we're blocked on a POSIX lock we know nothing + about that we retry the lock every 10 seconds instead of waiting + for the standard select timeout. + * BUG 4637: Fix samlogon reply regression that broke domain logons. + * Fix rename on open files and improved cdelete-on-close semantics. + * Fix POSIX setfilepathinfo to use lstat. + + +o Alexander Bokovoy + * Add -pie support to Python's setup.py. + * Strip STYPE_TEMPORARY and STYPE_HIDDEN when printing share + listing from 'net rap shares". + * Fix argument parsing in "net rap server domain". + + +o Gerald (Jerry) Carter + * BUG 4616: Don't return a dns or forest name when replying to the + DsGetPrimaryRoleInfo() and configured for security = domain. + * Trim noise by removing redundant WARNING log message that would + flood at log level 2. + * Fix truncation of supplementary Unix groups when using "force group". + + +o Guenther Deschner + * Always fallback to NTLM authentication in pam_winbind when the + user's account has UF_DONT_REQUIRE_PREAUTH set. + + +o Steve French + * Valgrind fixes in mount.cifs. + + +o Volker Lendecke + * Fix crash bug in the Solaria ACL VFS module caused by + uninitialized variables. + + +o Herb Lewis + * Update connection structure definition for tdbtool display + output. + + +o Derrell Lipman + * BUG 4601: Fix smbc_getxattr() to properly return the required + size of the buffer needed to contain the extended attributes. + * BUG 4599: Fix failure when setting attributes. + * BUG 4634: Type of the size parameter to getpeername in + libsmbclient code was wrong. + * Fix libsmbclient interaction with links on Vista and properly + detect non-NTSTATUS errors. + + +o Jim McDonough + * BUG 4630: Fix special case of unix_to_nt_time() for TIME_T_MAX + and the output from http_timestring(). + + +o Stefan Metzmacher + * Merge gdb_backtrace script changes form SAMBA_4_0. + + +o Lars Mueller + * Allow idmap_ldap to be built as a shared lib. + + +o James Peach + * BUG 4426: Move FAM libraries from smbd to vfs_fam_notify. + * BUG 2287: Replace unnecessary AC_TRY_RUN with AC_TRY_LINK. + * BUG 4589: Fix typo in pdbedit output. + + +o Simo Sorce + * Short circuit Unix Users and Unix Groups Domain SID checks + in smbd to avoid unnecessary calls to winbindd. + + +Release notes for older releases follow: + + -------------------------------------------------- ============================== Release Notes for Samba 3.0.25 May 14, 2007 ============================== -This is the first production release of the Samba 3.0.25 code -base and is the version that servers should be run for for all -current bug fixes. - The 3.0.25 release is an upgrade release over the 3.0.23/3.0.24 series which means that a substantial amount of development has occurred and many new features have been added since the last @@ -142,6 +269,7 @@ kernel change notify Per share Yes lock spin count Removed n/a max stat cache size Modified 1024KB + msdfs root Modified no printjob username New %U winbind normalize names New no @@ -208,7 +336,7 @@ o Simo Sorce - * Memory allocation cleanups and sanity checks after the malloc(0) + * Memory allocation cleanups and sanity checks after the malloc(0) == NULL crusade. * Fix socket leak in idmap_ldap.c. * Fix failure in "net idmap restore". @@ -706,8 +834,6 @@ * Printing fixes for Windows Vista clients. -Release notes for older releases follow: - -------------------------------------------------- ============================== Release Notes for Samba 3.0.24 @@ -746,9 +872,6 @@ * Fix for CVE-2007-0452 - -Release Notes for older release follow: - -------------------------------------------------- =============================== Release Notes for Samba 3.0.23d