[Samba] windows users can login but OS X users cannot
Hello, having spent many hours scouring archives, docs, books and googling without finding an answer I need to ask your help on this. running samba 3.4.0-3ubuntu5.3 on ubuntu 9.10 server, client users can login to the share from windows clients but the same users is denied access when connecting from OS X via GO/Connect To Server in format smb://fqdnofserver user authentication is to active directory using kerberos and LDAP and am not running winbind pam.d/samba is set to allow smb logins, that is shell logins are not permitted for active directory authenticated users. here's that snippet: # /etc/pam.d/samba auth sufficient pam_krb5.so minimum_uid=1000 use_first_pass account sufficient pam_ldap.so use_first_pass session sufficient pam_ldap.so I have tested my configs on samba 3.0.33 on CENTOS and it works fine there for both OS X and windows the share is setup on /shares/asgs with these permissions: drwxrwsrwx 8 root root 87 2010-02-20 00:17 shares drwxrws--- 2 grant ASGSFileUsers 18 2010-02-20 00:21 asgs here's smb.conf: [global] unix extensions = no disable spoolss = Yes disable netbios = yes name resolve order = hosts workgroup = AD realm = AD.UCSD.EDU server string = %h server (Samba, Ubuntu) dns proxy = no log file = /var/log/samba/log.%m max log size = 1000 syslog = 0 log level = 3 panic action = /usr/share/samba/panic-action %d security = ads encrypt passwords = true passdb backend = tdbsam obey pam restrictions = yes unix password sync = yes pam password change = no map to guest = bad user usershare allow guests = no [asgs] comment = ASGS path = /shares/asgs browsable = Yes valid users = @ad\ASGSFileUsers write list = @ad\ASGSFileUsers create mask = 2660 directory mask = 2770 The tail n20 of the log of the conecting ip shows this for an OS X attempt: [2010/02/20 00:56:16, 3] smbd/oplock_linux.c:219(linux_init_kernel_oplocks) Linux kernel oplocks enabled [2010/02/20 00:56:16, 3] smbd/process.c:1453(process_smb) Transaction 0 of length 51 (0 toread) [2010/02/20 00:56:16, 3] smbd/process.c:1272(switch_message) switch message SMBnegprot (pid 5658) conn 0x0 [2010/02/20 00:56:16, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2010/02/20 00:56:16, 3] smbd/negprot.c:567(reply_negprot) Requested protocol [NT LM 0.12] [2010/02/20 00:56:16, 3] smbd/negprot.c:387(reply_nt1) using SPNEGO [2010/02/20 00:56:16, 3] smbd/negprot.c:672(reply_negprot) Selected protocol NT LM 0.12 [2010/02/20 00:56:18, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2010/02/20 00:56:18, 3] smbd/connection.c:31(yield_connection) Yielding connection to [2010/02/20 00:56:18, 3] smbd/server.c:848(exit_server_common) Server exit (failed to receive smb request) Hope someone can give me a pointer where to look next or what to tweak. Let me know if you need other log snippets. Thanks, Grant -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] samba cannot find cups printcap
Hi, I just upgraded from cups-1.3.8/samba-3.4.1 to cups-1.4.1/samba-3.4.3 After upgrading, the samba log showed that it could not find the printcap file - previously cups was not generating a printcap file, but things worked fine. I changed cupsd.conf to produce a printcap file, but the samba log shows it cannot find it, even though I placed it in /etc, /etc/cups, /usr/local/etc, /usr/local/etc/cups. Where does samba look by default? If I change printcap name = cups to printcap name = /usr/local/etc/cups/printcap, then the windows machines can print, but at the end of each print job, two extra pages are printed: Additional page 1 - blank Additional page 2 ERROR: rangecheck OFFENDING COMMAND: .installpagedevice STACK: -null- -dictionary- -savelevel- I'm assuming this happens because samba does not realize the printcap file is in cups format, is there a way around this problem? Regards John smb.conf [global] workgroup = WORKGROUP netbios name = DSLKAYAK hosts allow = 192.168.1.* security = share client ntlmv2 auth = no load printers = yes printing = cups printcap name = cups [later set to printcap name = /usr/local/etc/cups/printcap] [share] path = /mnt/sdb4/dslshare read only = no browseable = yes guest ok = yes [printers] comment = All Printers path = /var/spool/samba browseable = yes public = yes guest ok = yes writable = no printable = yes [print$] comment = Printer Drivers path = /usr/local/share/cups/drivers browseable = yes guest ok = no read only = yes write list = root -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba 3.4.5 - rights for /etc/samba/private and smbusermap
Hallo, compiling 3.4.5 worked. Installing it was no problem. But now I get the message can't open username map /etc/samba/private/smbusermap Error Keine Berechtigung The rights were 700 for dir /etc/samba/private 644 for file smbusermap When I change the dir private to 711 no error is reported. What are the minimal rights for directory and file? Viele Gruesse! Helmut -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] windows users can login but OS X users cannot
I have seen this behaviour recently using Samba 3.4.5 from the Lucid tree on Ubuntu 9.10 Try using domain\username for the username To me, it appears to be a bug in winbind not using the default domain, but I could be wrong. Sent from my iPhone On 20/02/2010, at 8:29 PM, grant little grantlid...@gmail.com wrote: Hello, having spent many hours scouring archives, docs, books and googling without finding an answer I need to ask your help on this. running samba 3.4.0-3ubuntu5.3 on ubuntu 9.10 server, client users can login to the share from windows clients but the same users is denied access when connecting from OS X via GO/Connect To Server in format smb://fqdnofserver user authentication is to active directory using kerberos and LDAP and am not running winbind pam.d/samba is set to allow smb logins, that is shell logins are not permitted for active directory authenticated users. here's that snippet: # /etc/pam.d/samba auth sufficient pam_krb5.so minimum_uid=1000 use_first_pass account sufficient pam_ldap.so use_first_pass session sufficient pam_ldap.so I have tested my configs on samba 3.0.33 on CENTOS and it works fine there for both OS X and windows the share is setup on /shares/asgs with these permissions: drwxrwsrwx 8 root root 87 2010-02-20 00:17 shares drwxrws--- 2 grant ASGSFileUsers 18 2010-02-20 00:21 asgs here's smb.conf: [global] unix extensions = no disable spoolss = Yes disable netbios = yes name resolve order = hosts workgroup = AD realm = AD.UCSD.EDU server string = %h server (Samba, Ubuntu) dns proxy = no log file = /var/log/samba/log.%m max log size = 1000 syslog = 0 log level = 3 panic action = /usr/share/samba/panic-action %d security = ads encrypt passwords = true passdb backend = tdbsam obey pam restrictions = yes unix password sync = yes pam password change = no map to guest = bad user usershare allow guests = no [asgs] comment = ASGS path = /shares/asgs browsable = Yes valid users = @ad\ASGSFileUsers write list = @ad\ASGSFileUsers create mask = 2660 directory mask = 2770 The tail n20 of the log of the conecting ip shows this for an OS X attempt: [2010/02/20 00:56:16, 3] smbd/oplock_linux.c:219 (linux_init_kernel_oplocks) Linux kernel oplocks enabled [2010/02/20 00:56:16, 3] smbd/process.c:1453(process_smb) Transaction 0 of length 51 (0 toread) [2010/02/20 00:56:16, 3] smbd/process.c:1272(switch_message) switch message SMBnegprot (pid 5658) conn 0x0 [2010/02/20 00:56:16, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2010/02/20 00:56:16, 3] smbd/negprot.c:567(reply_negprot) Requested protocol [NT LM 0.12] [2010/02/20 00:56:16, 3] smbd/negprot.c:387(reply_nt1) using SPNEGO [2010/02/20 00:56:16, 3] smbd/negprot.c:672(reply_negprot) Selected protocol NT LM 0.12 [2010/02/20 00:56:18, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2010/02/20 00:56:18, 3] smbd/connection.c:31(yield_connection) Yielding connection to [2010/02/20 00:56:18, 3] smbd/server.c:848(exit_server_common) Server exit (failed to receive smb request) Hope someone can give me a pointer where to look next or what to tweak. Let me know if you need other log snippets. Thanks, Grant -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] windows users can login but OS X users cannot
Thanks Alex. I'm not using winbind, just kerberos and LDAP and I have in all cases tried both domain\username as well as username. Here's a better dump of the ip log that appens on a failed login attempt that seems to show that the authentication is OK from os x: [2010/02/20 13:13:17, 3] smbd/process.c:1453(process_smb) Transaction 2 of length 366 (0 toread) [2010/02/20 13:13:17, 3] smbd/process.c:1272(switch_message) switch message SMBsesssetupX (pid 6039) conn 0x0 [2010/02/20 13:13:17, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2010/02/20 13:13:17, 3] smbd/sesssetup.c:1404(reply_sesssetup_and_X) wct=12 flg2=0xc801 [2010/02/20 13:13:17, 3] smbd/sesssetup.c:1160(reply_sesssetup_and_X_spnego) Doing spnego session setup [2010/02/20 13:13:17, 3] smbd/sesssetup.c:1202(reply_sesssetup_and_X_spnego) NativeOS=[Mac OS X 10.6] NativeLanMan=[SMBFS 1.6.0] PrimaryDomain=[] [2010/02/20 13:13:17, 3] libsmb/ntlmssp.c:745(ntlmssp_server_auth) Got user=[grant] domain=[AD] workstation=[GRANT] len1=24 len2=126 [2010/02/20 13:13:19, 3] smbd/oplock.c:911(init_oplocks) init_oplocks: initializing messages. [2010/02/20 13:13:19, 3] smbd/oplock_linux.c:219(linux_init_kernel_oplocks) Linux kernel oplocks enabled [2010/02/20 13:13:19, 3] smbd/process.c:1453(process_smb) Transaction 0 of length 51 (0 toread) [2010/02/20 13:13:19, 3] smbd/process.c:1272(switch_message) switch message SMBnegprot (pid 6040) conn 0x0 [2010/02/20 13:13:19, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2010/02/20 13:13:19, 3] smbd/negprot.c:567(reply_negprot) Requested protocol [NT LM 0.12] [2010/02/20 13:13:19, 3] smbd/negprot.c:387(reply_nt1) using SPNEGO [2010/02/20 13:13:19, 3] smbd/negprot.c:672(reply_negprot) Selected protocol NT LM 0.12 [2010/02/20 13:13:21, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2010/02/20 13:13:21, 3] smbd/connection.c:31(yield_connection) Yielding connection to [2010/02/20 13:13:21, 3] smbd/server.c:848(exit_server_common) Server exit (failed to receive smb request) -- what's weird is that there's no sign of the login in auth.log only the test via windows cleint a few seconds before: Feb 20 13:12:14 servername smbd[6033]: pam_unix(samba:session): session opened for user grant by (uid=0) Feb 20 13:12:24 servername smbd[6033]: pam_unix(samba:session): session closed for user grant after that nothing... On Sat, Feb 20, 2010 at 11:17 AM, Alex Ferrara a...@receptiveit.com.auwrote: I have seen this behaviour recently using Samba 3.4.5 from the Lucid tree on Ubuntu 9.10 Try using domain\username for the username To me, it appears to be a bug in winbind not using the default domain, but I could be wrong. Sent from my iPhone On 20/02/2010, at 8:29 PM, grant little grantlid...@gmail.com wrote: Hello, having spent many hours scouring archives, docs, books and googling without finding an answer I need to ask your help on this. running samba 3.4.0-3ubuntu5.3 on ubuntu 9.10 server, client users can login to the share from windows clients but the same users is denied access when connecting from OS X via GO/Connect To Server in format smb://fqdnofserver user authentication is to active directory using kerberos and LDAP and am not running winbind pam.d/samba is set to allow smb logins, that is shell logins are not permitted for active directory authenticated users. here's that snippet: # /etc/pam.d/samba auth sufficient pam_krb5.so minimum_uid=1000 use_first_pass account sufficient pam_ldap.so use_first_pass session sufficient pam_ldap.so I have tested my configs on samba 3.0.33 on CENTOS and it works fine there for both OS X and windows the share is setup on /shares/asgs with these permissions: drwxrwsrwx 8 root root 87 2010-02-20 00:17 shares drwxrws--- 2 grant ASGSFileUsers 18 2010-02-20 00:21 asgs here's smb.conf: [global] unix extensions = no disable spoolss = Yes disable netbios = yes name resolve order = hosts workgroup = AD realm = AD.UCSD.EDU server string = %h server (Samba, Ubuntu) dns proxy = no log file = /var/log/samba/log.%m max log size = 1000 syslog = 0 log level = 3 panic action = /usr/share/samba/panic-action %d security = ads encrypt passwords = true passdb backend = tdbsam obey pam restrictions = yes unix password sync = yes pam password change = no map to guest = bad user usershare allow guests = no [asgs] comment = ASGS path = /shares/asgs browsable = Yes valid users = @ad\ASGSFileUsers write list = @ad\ASGSFileUsers create mask = 2660 directory mask = 2770 The tail n20 of the log of the conecting ip shows this for an OS X attempt: [2010/02/20 00:56:16, 3] smbd/oplock_linux.c:219(linux_init_kernel_oplocks) Linux kernel oplocks enabled [2010/02/20 00:56:16, 3] smbd/process.c:1453(process_smb) Transaction 0 of length 51 (0
Re: [Samba] [Announce] Samba 3.5.0rc3 Available for Download
Quoting Karolin Seeger (ksee...@samba.org): Release Announcements = This is the third release candidate of Samba 3.5. This is *not* intended for production environments and is designed for testing purposes only. Please report any defects via the Samba bug reporting system at https://bugzilla.samba.org/. A Debian package has been uploaded to Debian experimental today. No specific problem in building the package. We seem to be ready to have 3.5.0 soon in Debian. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] BartPE cannot access samba share after upgrade
We recently upgraded a fileserver from Rh 9 to RHELS 5.4 and samba 3.0.3 to Version 3.3.8-0.46.el5. After doing so all windows clients are able to authenticate (from a different samba server) but we are unable to access shares from a ghost boot disk made with BartPE. After being prompted for the username and password it authenticates but when trying to map to a share you get invalid password \\server\share. Any ideas? Young Peter Griffin: ”Why did all the dinosaurs die? Museum Curator: Because you touch yourself at night! Send instant messages to your online friends http://uk.messenger.yahoo.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] rlimit_max errors
Running Samba 3.4.5 on Solaris 10 Sparc platform. I can't seem to get rid of the following errors: log.b104d1:rlimit_max: rlimit_max (10020) below minimum Windows limit (16384) I've tried adding ulimit -n 16384 to the samba start scripts, but still getting these errors. Anyone know what I should do about this. Could these errors cause slowness to the samba share for clients? -- C. J. Keist Email: cj.ke...@colostate.edu UNIX/Network ManagerPhone: 970-491-0630 Engineering Network ServicesFax: 970-491-5569 College of Engineering, CSU Ft. Collins, CO 80523-1301 All I want is a chance to prove 'Money can't buy happiness' -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] AD 2008 R2 vs. samba 3.4.5
Hi there, I almot exlusively use samba for printing in a semi large scale (2.000 windows hosts 500 printers). I have been running 3.0.20 for a long time and was quite happy with it. Unfortunately my windows fellows have now updated to AD 2008 R2 and I experienced some immediate problems with encryptions types so I updated to 3.4.5 which is not really working for me. I see a lot of connection rests and also the load is significantly higher than before, looks a bit like a denial of service attack ;) Also the shares don't show up constantly in the domain but disappear from time to time. My clients are 32bit windowsxp domain members and to make things a bit more complicated they received a MS security update at the same time which mainly concerns SMB (MS10-06 SMB Update). Are there any advices or experiences, I'm really in need ? :( cheers ~christoph PS: Of couse I am also waiting for a samba based solution for windows 7 64 bit printing ;) -- /* Christoph Beyer | Office: Building 2b / 23 *\ * DESY|Phone: 040-8998-2317* * - IT - | Fax: 040-8998-4060* \* 22603 Hamburg | http://www.desy.de */ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Hiding dot files from Windows
The user section of one of my smb.conf files looks like this yet when I bring up XP (a guest under VirtualBox) on my system, all linux dot files are visible. Am I missing somethng? [fred] comment = Alan's service path = /home/fred writeable = yes valid users = fred admin users = fred browseable = yes case sensitive = no printing = bsd #print command = /usr/share/samba/scripts/print-pdf file path win_path recipient IP print command = /usr/share/samba/scripts/print-pdf %s %H //%L/%u %m %I %J lpq command = /bin/true hide dot files = yes -- View this message in context: http://old.nabble.com/Hiding-dot-files-from-Windows-tp27667163p27667163.html Sent from the Samba - General mailing list archive at Nabble.com. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] rlimit_max errors
On Wed, Feb 17, 2010 at 9:57 AM, cjay c...@engr.colostate.edu wrote: Running Samba 3.4.5 on Solaris 10 Sparc platform. I can't seem to get rid of the following errors: log.b104d1:rlimit_max: rlimit_max (10020) below minimum Windows limit (16384) I've tried adding ulimit -n 16384 to the samba start scripts, but still getting these errors. Anyone know what I should do about this. Could these errors cause slowness to the samba share for clients? -- C. J. Keist Email: cj.ke...@colostate.edu UNIX/Network ManagerPhone: 970-491-0630 Engineering Network ServicesFax: 970-491-5569 College of Engineering, CSU Ft. Collins, CO 80523-1301 Don't know if it will help but that is mentioned here: http://lists.samba.org/archive/samba/2010-January/153320.html -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 2beaa19... s3: Slightly simplify the logic of
completion_remote_filter
via 48d6ed7... s3: Fix some nonempty blank lines
via 1f451d1... s3: Remove a typedef struct
via f27857e... s3: Fix a typo
via 8930a9c... s3: Convert cli_qpathinfo_basic to use cli_trans()
via b69a74e... s3: Convert cli_raw_ioctl to use cli_smb()
via 89e6a52... s3: Add cli_smb()
from a7036a9... librpc/ndr Remove unused macros
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 2beaa190295bc6e4c9e7f8a3768c74ad0a4359fe
Author: Volker Lendecke v...@samba.org
Date: Thu Feb 18 22:52:41 2010 +0100
s3: Slightly simplify the logic of completion_remote_filter
commit 48d6ed7cac1e948b604ff44eee3528c396d5ecef
Author: Volker Lendecke v...@samba.org
Date: Tue Feb 16 22:07:22 2010 +0100
s3: Fix some nonempty blank lines
commit 1f451d122e869ae7c880e6d347ff127aa9d87d72
Author: Volker Lendecke v...@samba.org
Date: Mon Feb 15 23:53:18 2010 +0100
s3: Remove a typedef struct
commit f27857e655c410559b8717ce03049b7d7be3aa1f
Author: Volker Lendecke v...@samba.org
Date: Mon Feb 15 23:52:51 2010 +0100
s3: Fix a typo
commit 8930a9c52008c7c9a755b213f857dfa2247f6823
Author: Volker Lendecke v...@samba.org
Date: Sun Feb 7 14:07:17 2010 +0100
s3: Convert cli_qpathinfo_basic to use cli_trans()
commit b69a74eeca6acbfb1be0ef3eb8f84e2f4700f2a9
Author: Volker Lendecke v...@samba.org
Date: Sun Feb 7 13:36:49 2010 +0100
s3: Convert cli_raw_ioctl to use cli_smb()
commit 89e6a5263e29759c4edd1a8e856443f59dff0c31
Author: Volker Lendecke v...@samba.org
Date: Sun Feb 7 13:24:41 2010 +0100
s3: Add cli_smb()
This is a sync wrapper around cli_smb_send/cli_smb_recv. This is a hack to
speed up converting libsmb/ away from cli_send_smb/cli_receive_smb. Some
routines in libsmb/ are only called in one place in smbtorture for example,
where making it async right now is not worth it. With
cli_smb_send/cli_smb_recv
in place, pushing the asynchronosity out one level is just boilerplate
code
that is easy to do should it become necessary.
---
Summary of changes:
source3/auth/auth_util.c | 116 +--
source3/client/client.c| 104 +--
source3/include/proto.h| 11 +++-
source3/libsmb/clidfs.c|4 +-
source3/libsmb/clientgen.c | 36 ++
source3/libsmb/clifile.c | 28 ---
source3/libsmb/clirap.c| 65 ++---
7 files changed, 198 insertions(+), 166 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 46b7af4..6ec19da 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -11,12 +11,12 @@
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
-
+
You should have received a copy of the GNU General Public License
along with this program. If not, see http://www.gnu.org/licenses/.
*/
@@ -136,7 +136,7 @@ static NTSTATUS make_user_info(struct
auth_usersupplied_info **user_info,
free_user_info(user_info);
return NT_STATUS_NO_MEMORY;
}
-
+
(*user_info)-internal_username = SMB_STRDUP(internal_username);
if ((*user_info)-internal_username == NULL) {
free_user_info(user_info);
@@ -305,40 +305,40 @@ bool make_user_info_netlogon_interactive(struct
auth_usersupplied_info **user_in
unsigned char local_lm_response[24];
unsigned char local_nt_response[24];
unsigned char key[16];
-
+
memcpy(key, dc_sess_key, 16);
-
+
if (lm_interactive_pwd)
memcpy(lm_pwd, lm_interactive_pwd, sizeof(lm_pwd));
if (nt_interactive_pwd)
memcpy(nt_pwd, nt_interactive_pwd, sizeof(nt_pwd));
-
+
#ifdef DEBUG_PASSWORD
DEBUG(100,(key:));
dump_data(100, key, sizeof(key));
-
+
DEBUG(100,(lm owf password:));
dump_data(100, lm_pwd, sizeof(lm_pwd));
-
+
DEBUG(100,(nt owf password:));
dump_data(100, nt_pwd, sizeof(nt_pwd));
#endif
-
+
if (lm_interactive_pwd)
arcfour_crypt(lm_pwd, key, sizeof(lm_pwd));
-
+
if (nt_interactive_pwd)
arcfour_crypt(nt_pwd, key, sizeof(nt_pwd));
-
+
#ifdef
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 77dd1b2... s3: Make string_to_sid survive the LOCAL-string_to_sid
test
via e38908e... s3: Rename LOCAL-dom_sid_parse to LOCAL-string_to_sid,
add some tests
via 1e8a84a... s3: Add printf why LOCAL-dom_sid_parse failed
from 2beaa19... s3: Slightly simplify the logic of
completion_remote_filter
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 77dd1b29bb34500c5643670dcca6094ab526ce44
Author: Volker Lendecke v...@samba.org
Date: Sat Feb 20 21:32:07 2010 +0100
s3: Make string_to_sid survive the LOCAL-string_to_sid test
commit e38908ea65966387076b59352fd1ac6bccf13e33
Author: Volker Lendecke v...@samba.org
Date: Sat Feb 20 21:31:16 2010 +0100
s3: Rename LOCAL-dom_sid_parse to LOCAL-string_to_sid, add some tests
commit 1e8a84aac73f02ac6eec53b5a13ec31347070210
Author: Volker Lendecke v...@samba.org
Date: Sat Feb 20 21:07:08 2010 +0100
s3: Add printf why LOCAL-dom_sid_parse failed
---
Summary of changes:
source3/lib/util_sid.c | 53 +---
source3/script/tests/test_smbtorture_s3.sh |2 +-
source3/torture/torture.c | 27 +++---
3 files changed, 62 insertions(+), 20 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/lib/util_sid.c b/source3/lib/util_sid.c
index 20c2663..7d5dc1b 100644
--- a/source3/lib/util_sid.c
+++ b/source3/lib/util_sid.c
@@ -225,27 +225,33 @@ bool string_to_sid(DOM_SID *sidout, const char *sidstr)
uint32 conv;
if ((sidstr[0] != 'S' sidstr[0] != 's') || sidstr[1] != '-') {
- DEBUG(3,(string_to_sid: Sid %s does not start with 'S-'.\n,
sidstr));
- return False;
+ goto format_error;
}
ZERO_STRUCTP(sidout);
/* Get the revision number. */
p = sidstr + 2;
+
+ if (!isdigit(*p)) {
+ goto format_error;
+ }
+
conv = (uint32) strtoul(p, q, 10);
if (!q || (*q != '-')) {
- DEBUG(3,(string_to_sid: Sid %s is not in a valid format.\n,
sidstr));
- return False;
+ goto format_error;
}
sidout-sid_rev_num = (uint8) conv;
q++;
+ if (!isdigit(*q)) {
+ goto format_error;
+ }
+
/* get identauth */
conv = (uint32) strtoul(q, q, 10);
if (!q || (*q != '-')) {
- DEBUG(0,(string_to_sid: Sid %s is not in a valid format.\n,
sidstr));
- return False;
+ goto format_error;
}
/* identauth in decimal should be 2^32 */
/* NOTE - the conv value is in big-endian format. */
@@ -259,16 +265,37 @@ bool string_to_sid(DOM_SID *sidout, const char *sidstr)
q++;
sidout-num_auths = 0;
- for(conv = (uint32) strtoul(q, q, 10);
- q (*q =='-' || *q =='\0') (sidout-num_auths MAXSUBAUTHS);
- conv = (uint32) strtoul(q, q, 10)) {
- sid_append_rid(sidout, conv);
- if (*q == '\0')
+ while (true) {
+ char *end;
+
+ if (!isdigit(*q)) {
+ goto format_error;
+ }
+
+ conv = strtoul(q, end, 10);
+ if (end == q) {
+ goto format_error;
+ }
+
+ if (!sid_append_rid(sidout, conv)) {
+ DEBUG(3, (Too many sid auths in %s\n, sidstr));
+ return false;
+ }
+
+ q = end;
+ if (*q == '\0') {
break;
- q++;
+ }
+ if (*q != '-') {
+ goto format_error;
+ }
+ q += 1;
}
+ return true;
- return True;
+format_error:
+ DEBUG(3, (string_to_sid: SID %s is not in a valid format\n, sidstr));
+ return false;
}
/*
diff --git a/source3/script/tests/test_smbtorture_s3.sh
b/source3/script/tests/test_smbtorture_s3.sh
index 3e0e3de..851e58a 100755
--- a/source3/script/tests/test_smbtorture_s3.sh
+++ b/source3/script/tests/test_smbtorture_s3.sh
@@ -33,7 +33,7 @@ tests=$tests OPEN XCOPY RENAME DELETE PROPERTIES W2K
tests=$tests TCON2 IOCTL CHKPATH FDSESS LOCAL-SUBSTITUTE CHAIN1
tests=$tests GETADDRINFO POSIX UID-REGRESSION-TEST SHORTNAME-TEST
tests=$tests LOCAL-BASE64 LOCAL-GENCACHE POSIX-APPEND
-tests=$tests LOCAL-dom_sid_parse
+tests=$tests LOCAL-string_to_sid
skipped1=RANDOMIPC NEGNOWAIT NBENCH ERRMAPEXTRACT TRANS2SCAN NTTRANSSCAN
skipped2=DENY1 DENY2 OPENATTR CASETABLE EATEST
diff --git a/source3/torture/torture.c b/source3/torture/torture.c
index ae17173..24aea3c 100644
---
Build status as of Sun Feb 21 07:00:04 2010
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2010-02-20 00:00:06.0 -0700 +++ /home/build/master/cache/broken_results.txt 2010-02-21 00:00:05.0 -0700 @@ -1,4 +1,4 @@ -Build status as of Sat Feb 20 07:00:04 2010 +Build status as of Sun Feb 21 07:00:04 2010 Build counts: Tree Total Broken Panic @@ -13,9 +13,9 @@ samba-docs 0 0 0 samba-web0 0 0 samba_3_current 33 32 2 -samba_3_master 33 32 3 -samba_3_next 29 28 4 -samba_4_0_test 35 33 0 +samba_3_master 33 31 3 +samba_3_next 29 29 4 +samba_4_0_test 35 34 1 talloc 35 11 0 tdb 33 21 0
