Re: [Samba] Samba 4 Slow Performance

[Matthieu Patou]

On 07/27/2013 08:20 AM, Kinglok, Fong wrote:

Dear all,

After using samba 3 for two years, I have just spent totally one week finishing 
setting up a samba 4 file system in my working school.  There are about 200 
computers, 80+ staff, 1000 students and 10 printers.  The AD was properly 
setup, mandatory profile and one GPO policy (which is printer download trust) 
is effective for all users.  Logon script is for mapping four shares and 10 
printers from the file server.   Also, I have setup two additional DCs (with AD 
replication and DHCP server) for two other subnets in the hope to speed up the 
logon process.

The benefits of Samba 4 are clear: more robust file serving (supporting the 
windows ACL), speedy printing (with the help of point and printer driver) and 
administration of AD through with windows remote admin tool.  However, logon 
speed is just far from good.

In the days of Samba 3.6, users can logon the system within 20 seconds, even 
with more than 80 users logon in the same time (two classes students login 
during computer lesson).  Now, with only one user logging in (who is me), it 
takes nearly 60 seconds to do the logon.  I have tried disabling drive and 
printer mapping in logon script and applying a registry hack (note 1) shorten 
the profile waiting time in windows 7 client side but it makes no difference in 
logon speed.

I have taken a look on the document in sambaXP 2013:
http://sambaxp.org/fileadmin/user_upload/SambaXP2013-DATA/thu/track1/Matthieu_Patou-Smaller_Faster_Scalier.pdf

and two thread in samba-technical mailing list:
https://lists.samba.org/archive/samba-technical/2013-January/089755.html
https://lists.samba.org/archive/samba-technical/2013-May/092332.html

It seems that samba team is doing some great work in spotting the unindexed 
search in LDB as one of block in performance.  Certainly, I can wait for the 
new version 4.0.X for the boost of performance.  However, I am in deep panic 
when lessons are going to be launched on 1st September 2013 here in Hong Kong.  
Are there any patches so that I can a hot / dirty fix?

I don't think the problem is in the database in your case, can you do a 
tcpdump trace starting just before the client is logging on and stopping 
it after the logon (ie the 60 sec or so), see 
https://wiki.samba.org/index.php/Capture_Packets on how to the tcpdump 
capture.


With this trace we should be able to see where is the delay.
Matthieu.

--
Matthieu Patou
Samba Team
http://samba.org

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Managing a Samba4 AD DC using a Win7 workstation

[Emmanuel Lesouef]

Le Fri, 2 Aug 2013 16:52:56 +0200,
Georg Bretschneider georg+mailinglists.sa...@georgb.de a écrit :

 Hi,
 
 are you sure you started the management software as a domain admin?
 (You know, right click and then start as.) Since you joined your
 client to the AD, there shouldn't be a problem. Can you resolve the
 domain name?
 
 
 Bye
 Georg

Hi Georg.

Yes I launched the management software as a domain admin because I'm
logged in the Win7 workstation as the domain administrator account.

I can also resole and ping the domain controller.

Thanks for your help.

-- 
Emmanuel Lesouef
CRBN/DSI/SITI
e: e.leso...@crbn.fr
gpg keyid : FCAB0C55


signature.asc
Description: PGP signature
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Joining DC

[Andrew Bartlett]

On Mon, 2013-08-05 at 16:03 +1200, Andrew Bartlett wrote:
 On Fri, 2013-08-02 at 13:58 +1000, Alex Ferrara wrote:
  I am having some trouble joining a new samba4 server as a DC. I am pretty 
  sure this stems from trying to use OpenChange and subsequently removing it. 
  The new samba4 machine is running 4.0.7 and the existing is running 4.0.1. 
  I am a little hesitant to do an in-place upgrade of the last working DC, so 
  I wanted a replica to fall back on in case things go bad.
 
  On the existing DC logs
  
  [2013/08/02 13:53:04,  0] 
  ../source4/rpc_server/drsuapi/getncchanges.c:220(get_nc_changes_build_object)
../source4/rpc_server/drsuapi/getncchanges.c:220: Failed to find 
  attribute in schema for attrid 2786216 mentioned in replPropertyMetaData of 
  CN=Recipient Update Service 
  (DOMAIN)\0ADEL:cbf078d9-a0ff-4609-a05b-743816af619d,CN=Deleted 
  Objects,CN=Configuration,DC=domain,DC=local
 
 This is really interesting.  We are fighting with this in our automated
 testing, but we assumed it was due to runtime schema changes.  Presuming
 you have restarted Samba since the last schema change, this points as a
 more sinister issue.  
 
 Can you take a clone of this sever, and on an isolated network upgrade
 this to git master, and try to join another git master server to it? 
 
 If that fails in the same way, we may wish to get a dump of this object
 (and potentially the database via a secure route) so we can investigate
 further. 

Can you show me the output of 'dbcheck --cross-ncs' with this patch?  

Please do this on a backup of the domain.

Don't run dbcheck --fix because I know the test and fix is at least
partially bogus, but I'm just curious to see what this shows up. 

Thanks,

Andrew Bartlett

-- 
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team   http://samba.org
Samba Developer, Catalyst IT   http://catalyst.net.nz

From 172888cf867739bd69f17789c49a2e1710ffe478 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett abart...@samba.org
Date: Mon, 5 Aug 2013 19:13:15 +1200
Subject: [PATCH] dbcheck: FIXME Try and find replication metadata that does
 not match the sent objects

The issue with the test is that if an attribute is deleted, then it needs to be in the metadata, but not have any
values.  The important test should actually be that we can at least translate each metadata entry.

Andrew Bartlett
---
 python/samba/dbchecker.py |   52 +++--
 1 file changed, 46 insertions(+), 6 deletions(-)

diff --git a/python/samba/dbchecker.py b/python/samba/dbchecker.py
index 8b175c2..0317824 100644
--- a/python/samba/dbchecker.py
+++ b/python/samba/dbchecker.py
@@ -606,6 +606,19 @@ newSuperior: %s % (str(from_dn), str(to_rdn), str(to_base)))
   Failed to fix metadata for attribute %s % attr):
 self.report(Fixed metadata for attribute %s % attr)
 
+def fix_extra_metadata(self, dn, attr):
+'''remove replPropertyMetaData elements for a single attribute for a
+object. This is used to fix extra replPropertyMetaData elements'''
+res = self.samdb.search(base = dn, scope=ldb.SCOPE_BASE, attrs = [attr],
+controls = [search_options:1:2, show_recycled:1])
+msg = res[0]
+nmsg = ldb.Message()
+nmsg.dn = dn
+nmsg[attr] = ldb.MessageElement([], ldb.FLAG_MOD_REPLACE, attr)
+if self.do_modify(nmsg, [relax:0, provision:0, show_recycled:1],
+  Failed to remove extra metadata for not-existing attribute %s % attr):
+self.report(Removed extra metadata for attribute %s % attr)
+
 def ace_get_effective_inherited_type(self, ace):
 if ace.flags  security.SEC_ACE_FLAG_INHERIT_ONLY:
 return None
@@ -900,6 +913,12 @@ newSuperior: %s % (str(from_dn), str(to_rdn), str(to_base)))
 if attrname == 'dn':
 continue
 
+flag = self.samdb_schema.get_systemFlags_from_lDAPDisplayName(attrname)
+if (not flag  dsdb.DS_FLAG_ATTR_NOT_REPLICATED
+and not flag  dsdb.DS_FLAG_ATTR_IS_CONSTRUCTED
+and not self.samdb_schema.get_linkId_from_lDAPDisplayName(attrname)):
+list_attrs_seen.append(str(attrname).lower())
+
 if str(attrname).lower() == 'replpropertymetadata':
 list_attrs_from_md = self.process_metadata(obj[attrname])
 got_repl_property_meta_data = True
@@ -956,12 +975,6 @@ newSuperior: %s % (str(from_dn), str(to_rdn), str(to_base)))
 error_count += 1
 continue
 
-flag = self.samdb_schema.get_systemFlags_from_lDAPDisplayName(attrname)
-if (not flag  dsdb.DS_FLAG_ATTR_NOT_REPLICATED
-and not flag  dsdb.DS_FLAG_ATTR_IS_CONSTRUCTED
-and not self.samdb_schema.get_linkId_from_lDAPDisplayName(attrname)):
-

[Samba] [Announce] Samba 4.0.8, 3.6.17 and 3.5.22 Security Releases Available for Download

[Karolin Seeger]

Release Announcements
-

Samba 4.0.8, 3.6.17 and 3.5.22 have been issued as security releases in order
to address CVE-2013-4124 (Denial of service - CPU loop and memory allocation).

o  CVE-2013-4124:
   All current released versions of Samba are vulnerable to a denial of
   service on an authenticated or guest connection. A malformed packet
   can cause the smbd server to loop the CPU performing memory
   allocations and preventing any further service.

   A connection to a file share, or a local account is needed to exploit
   this problem, either authenticated or unauthenticated if guest
   connections are allowed.

   This flaw is not exploitable beyond causing the code to loop
   allocating memory, which may cause the machine to exceed memory
   limits.


Changes:


o   Jeremy Allison j...@samba.org
* BUG 10010: CVE-2013-4124: Missing integer wrap protection in EA list
  reading can cause server to loop with DOS.


###
Reporting bugs  Development Discussion
###

Please discuss this release on the samba-technical mailing list or by
joining the #samba-technical IRC channel on irc.freenode.net.

If you do report problems then please try to send high quality
feedback. If you don't provide vital information to help us track down
the problem then you will probably be ignored.  All bug reports should
be filed under the Samba 4.0 product in the project's Bugzilla
database (https://bugzilla.samba.org/).


==
== Our Code, Our Bugs, Our Responsibility.
== The Samba Team
==


Download Details


The uncompressed tarballs and patch files have been signed
using GnuPG (ID 6568B7EA).  The source code can be downloaded
from:

http://download.samba.org/samba/ftp/stable/

The release notes are available online at:

http://www.samba.org/samba/history/samba-4.0.8.html
http://www.samba.org/samba/history/samba-3.6.17.html
http://www.samba.org/samba/history/samba-3.5.22.html

Binary packages will be made available on a volunteer basis from

http://download.samba.org/samba/ftp/Binary_Packages/

Our Code, Our Bugs, Our Responsibility.
(https://bugzilla.samba.org/)

--Enjoy
The Samba Team
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] winbind sometimes only get partial groups

[d tbsky]

hi:
I setup samba4  DC server with windows client and 6 linux
workstations.windows client works fine, but linux samba client is strange.
I have one user, which belongs to 21 AD groups. but groups my-user only
return some of them. at one workstation, it may return all the 21 groups,
but others retrun 18 or 19 groups. and at one specific workstation, only
return 1 group!!

   I backup /var/lib/samba/*.tdb and issue command: service winbind
stop; rm -f /var/lib/samba/*; service winbind start. then I get all 21
groups with groups my-user. after that I restore the backup of
/var/lib/samba/*.tdb. I only get a few groups as before.

  the most strange part is if I delete the tdb file at var/lib/samba one
by one, the returned information of groups my-user won't change. only
when I remove all the tdb files at once, then I get different result of
groups my-user.

  I have good and broken /var/lib/samba/*.tdb files in hand if someone
want to check.
  my server and client environment below. thanks a lot for help!!

server enviroment: scientific linux 6.4 64bit with samba 4.0.5, 4.0.7
(I compiled and test these two versions).
client environment: scientific linux 6.4 64bit with samba  3.6.9 (come
with the linux distribution).

samba4 server configuration:
[global]
workgroup = MY-DOMAIN
realm = AD.MY-DOMAIN.COM
netbios name = DC
server role = active directory domain controller
dns forwarder = 10.11.1.3
idmap_ldb:use rfc2307 = yes
# resolve interface bug
interfaces = 127.0.0.1 10.11.1.2
bind interfaces only = Yes
strict allocate = yes
# disable printing
load printers = no
printing = bsd
printcap name = /dev/null
disable spoolss = yes
winbind use default domain = yes
# winbind nss info = rfc2307
# DC won't read rfc2307 shell and home
# template homedir = /share/samba/home/%U
template shell = /sbin/nologin
[netlogon]
path = /usr/local/samba/var/locks/sysvol/ad.my-domain.com/scripts
read only = No
[sysvol]
path = /usr/local/samba/var/locks/sysvol
read only = No


samba3 client workstation configuration. all 6 clients are the same:

[global]
   workgroup = MY-DOMAIN
   realm = AD.MY-DOMAIN.COM
   security = ads
   idmap config *:backend = tdb
   idmap config *:range = 3001-4000
   idmap config MY-DOMAIN:backend = ad
   idmap config MY-DOMAIN:default = yes
   idmap config MY-DOMAIN:range = 1000-3000
   idmap config MY-DOMAIN:schema_mode = rfc2307
   winbind nss info = rfc2307
   winbind enum users = yes
   winbind enum groups = yes
   winbind nested groups = no
   winbind use default domain = yes
   winbind offline logon = yes
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] TLS between winbind and openldap

[thierry DeTheGeek]

Hi,

I'm working hard to setup winbind and openLDAP work together with TLS

My networks contains:
- a windows server 2008 R2 domain controller
- a debian 6 based file server (openmediavault v0.4) running OpenLDAP
2.4.23 and Samba v3.5.6
- a debian 7 computer running winbind 3.6.6

I want to let OpenLDAP store SID = uig/gid mapping to ensure constant uid
and gid for users on all linux based computers and then use both CIFS and
NFS.

I'm trying to solve my issue on openmediavault (debian 6) only for now,
because I get the exact same issue when trying to establish communication
between winbind 3.6.6 (on debian 7) and OpenLDAP (on Debian 6).

I created a self signed certificate authority with openssl and created a
private key and a certificate for te file server. I used the same
certificate authority to create an other key and certificate for my debian
7 computer.

OpenLDAP uses his key and is configured to check clients certificates.
winbind on the same computer uses the same key and certificate to
communicate with openLDAP and is configured to check the openLDAP's
certificate.

When running winbind in interactive debug mode everything is running file
and wbinfo -i user is able to allocate an uid to the user. an other try
shows the uid assigned is effectively retrived from openLDAP. The command
line I'm using to test winbind is : winbindd -F -i -d idmap:10. I tried
also to run openLDAP in debug mode with the command line slapd -d 1.

the logs produced show that openLDAP and winbind work together with
encryption in both directions.

When I run winbind daemon with the command line service winbind start, the
TLS connection cannot be initiated and I cannot allocate a uid to any user
using wbinfo -i user.

Let's see the configuration files (domain name obsfucated) :

##cn=config.ldif

dn: cn=config
objectClass: olcGlobal
cn: config
olcArgsFile: /var/run/slapd/slapd.args
olcLogLevel: none
olcPidFile: /var/run/slapd/slapd.pid
olcToolThreads: 1
structuralObjectClass: olcGlobal
entryUUID: e61f99ae-9076-1032-9144-9f2ad5621c65
creatorsName: cn=config
createTimestamp: 20130803105505Z
olcTLSCACertificateFile: /etc/ssl/certs/ca-certificates.crt
olcTLSCertificateKeyFile: /etc/ssl/private/omv-domain-local.key
olcTLSCertificateFile: /etc/ssl/certs/omv-domain-local.crt
olcTLSVerifyClient: demand
entryCSN: 20130803125708.704922Z#00#000#00
modifiersName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
modifyTimestamp: 20130803125708Z

##smb.conf
#=== Global Settings ===
[global]
workgroup = DOMAIN
server string = %h server
include = /etc/samba/dhcp.conf
dns proxy = no
log level = 0
syslog = 0
log file = /var/log/samba/log.%m
max log size = 1000
syslog only = yes
panic action = /usr/share/samba/panic-action %d
encrypt passwords = true
passdb backend = tdbsam
obey pam restrictions = yes
unix password sync = no
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:*
%n\n *password\supdated\ssuccessfully* .
pam password change = yes
socket options = TCP_NODELAY IPTOS_LOWDELAY
guest account = nobody
load printers = no
disable spoolss = yes
printing = bsd
printcap name = /dev/null
unix extensions = yes
wide links = no
create mask = 0777
directory mask = 0777
use sendfile = no
null passwords = no
local master = yes
time server = no
wins support = no
password server = *
realm = DOMAIN.LOCAL
security = ads
allow trusted domains = no

;
; samba 3.5.6 idmap configuration
;

idmap backend = ldap:ldap://omv.domain.local
ldap admin dn = cn=winbind-idmap,dc=domain,dc=local
ldap idmap suffix = ou=Idmap
ldap suffix = dc=domain,dc=local
ldap ssl = start tls
ldap debug level = 4
ldap debug threshold = 1

idmap uid = 16777216-5000
idmap gid = 16777216-5000
idmap config * : backend = ldap
idmap config * : ldap_url = ldap://omv.domain.local
idmap config * : ldap_anon = no
idmap config * : ldap_base_dn = ou=Idmap,dc=domain,dc=local
idmap config * : ldap_user_dn = cn=winbind-idmap,dc=domain,dc=local
idmap config * : range = 16777216-5000

idmap alloc backend = ldap
idmap alloc config : ldap_url = ldap://omv.domain.local
idmap alloc config : ldap_base_dn = ou=Idmap,dc=domain,dc=local
idmap alloc config : ldap_user_dn = cn=winbind-idmap,dc=domain,dc=local

winbind use default domain = true
winbind offline logon = false

; disable enum users/groups on medium or large organization (affects
performance)
; if disabled this will disable domain users/groups enumeration with getent
winbind enum users = yes
winbind enum groups = yes

winbind separator = /
winbind nested groups = yes
;winbind normalize names = yes
winbind refresh tickets = yes
;template primary group = users
template shell = /bin/bash
template homedir = /home/%D/%U
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
client ntlmv2 auth = yes
client use spnego = yes

#=== Share Definitions ===
#=== Home 

Re: [Samba] Debian Package Updates

[Dominic Evans]

On 5 August 2013 01:28, Andrew Bartlett abart...@samba.org wrote:
 On Fri, 2013-08-02 at 14:41 +0100, Dominic Evans wrote:
 The debian package of samba4 is still sitting at 4.0.3 in
 experimental. Please could someone (Andrew?) upload an updated package
 now that we are up to 4.0.7?

 http://packages.qa.debian.org/s/samba4.html

 We have toiled mightily, and have new experimental packages.  They are
 stuck in the NEW queue, and have been for a month:
 http://ftp-master.debian.org/new.html

 (This is because we have additional package names, as part of the merge
 with the 'samba' package).

 Once that's in, I expect a 4.0.7 will follow shortly.


Wonderful news. Thanks very much Andrew. I look forward to testing.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] Windows 7 Dynamic DNS updates problem

[Federico Nan]

Hi list, I´m running Samba 4.0.7 updated from Samba 4 stable.
Running DNS updates with Windows Xp works ok.
When I want to do the same with W7 It doesn´t work. I run tshark and it
seems that windows 7 complains about the CNAME registry that is missing.
I have allowed signed and unsigned updates in my smb.conf

Any hel?

Thanks in advance!
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] Samba 4 as member server

[Klaus Rörig]

Hello list,

I'm trying to setup a small samba4 domain ( 1 DC, 1 member server, 12 Win7
clients) on Ubuntu with the packages shipped with Ubuntu 13.04 (Samba
4.0.0), I also tried on Ubuntu 13.10 (Samba 4.0.3).

DC seems to work fine, I can manage users an gpo, clients can join and
logon. But I cannot the member server working.

My smb.conf:

[global]
workgroup = VERWALTUNG
security = ads
realm = VERWALTUNG.LEIBNIZ-REMSCHEID.DE
encrypt passwords = true
server services = +smb -s3fs

idmap config *:backend = tdb
idmap config *:range = 70001-8
idmap config VERWALTUNG:backend = ad
idmap config VERWALTUNG:schema_mode = rfc2307
idmap config VERWALTUNG:range = 500-4

winbind nss info = rfc2307
winbind trusted domains only = no
winbind use default domain = yes
winbind enum users = yes
winbind enum groups = yes

  server role = domain controller
  dcerpc endpoint servers = -winreg -srvsvc
[verwaltung]
path = /srv/shares
read only = no

[sysvol]
  path = /var/lib/samba/sysvol
  read only = no

[netlogon]
  path = /var/lib/samba/sysvol/VERWALTUNG.LEIBNIZ-REMSCHEID.DE/scripts
  read only = no


I did 'samba-tool domain join VERWALTUNG -UAdministrator' with success:
Joined domain SID. The server is listet in AD Tools.

But 'samba -i -M single -d1' stops working with:

samba: /usr/lib/x86_64-linux-gnu/libwbclient.so.0: no version information
available (required by /usr/lib/x86_64-linux-gnu/samba/libauth4.so)
samba version 4.0.3 started.
Copyright Andrew Tridgell and the Samba Team 1992-2012
samba: using 'single' process model
task_server_terminate: [ldap_server: no LDAP server required in member
server configuration]
task_server_terminate: [cldap_server: no CLDAP server required in member
server configuration]
task_server_terminate: [kdc: no KDC required in member server configuration]
task_server_terminate: [dreplsrv: no DSDB replication required in domain
member configuration]
task_server_terminate: [Cannot start Winbind (domain member): Failed to
find record for VERWALTUNG in /var/lib/samba/private/secrets.ldb: No such
object: (null): Have you joined the VERWALTUNG domain?]
samba_terminate: Cannot start Winbind (domain member): Failed to find
record for VERWALTUNG in /var/lib/samba/private/secrets.ldb: No such
object: (null): Have you joined the VERWALTUNG domain?


root@server04:/var/lib/samba/private# ls -la
insgesamt 3784
drwxr-xr-x 3 root root4096 Aug  5 21:50 .
drwxr-xr-x 7 root root4096 Aug  5 21:47 ..
-rw--- 1 root root 1286144 Aug  5 21:50 privilege.ldb
-rw--- 1 root root 696 Aug  5 21:50 randseed.tdb
-rw--- 1 root root 1286144 Aug  5 21:50 sam.ldb
-rw--- 1 root root 1286144 Aug  5 21:50 secrets.ldb
drwxr-xr-x 3 root root4096 Aug  5 21:50 smbd.tmp


Please help!

Thx,

Klaus
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] [PATCH] Allow dbcheck to fix Rid Set records

[Achim Gottinger]

Am 05.08.2013 06:52, schrieb Andrew Bartlett
Thank you very much, applied the patch to sernet-samba 4.0.8 sources and 
deployed packages, now
samba-tool dbcheck reported an error but did not break. Afterwards 
samba-tool dbcheck --fix also managed to fix the rid issue.


Achim Gottinger


The attached patch should resolve this issue.  Let me know if it helps.

Thanks,

Andrew Bartlett



--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Samba 4 as member server

[steve]

On Mon, 2013-08-05 at 22:25 +0200, Klaus Rörig wrote:
  I cannot the member server working.
 
 My smb.conf:
 

Hi
Leave the domain and remove the .tdb files in /var/lib/smb. Then rejoin
with this:

 [global]
 workgroup = VERWALTUNG
 security = ads
 realm = VERWALTUNG.LEIBNIZ-REMSCHEID.DE
 encrypt passwords = true

 idmap config *:backend = tdb
 idmap config *:range = 70001-8
 idmap config VERWALTUNG:backend = ad
 idmap config VERWALTUNG:schema_mode = rfc2307
 idmap config VERWALTUNG:range = 500-4
 
 winbind nss info = rfc2307
 winbind trusted domains only = no
 winbind use default domain = yes
 winbind enum users = yes
 winbind enum groups = yes
 
 [verwaltung]
 path = /srv/shares
 read only = no

Start it with:
smbd; winbindd

Prolly not perfect, but should get you a bit close.
hth
Steve

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] XP network breaks when shares are accessed by Fedora 19 smbclient

[How_F19]

I'll try again with a (hopefully) simpler example.

I am having a strange problem when accessing XP shared folders.

My XP box connects to internet via dialup, hosts my ethernet lan and 
provides Internet Connection Sharing to the lan.


The XP lan base is 192.168.0.0 and the XP user Owner is on 192.168.0.1 
and hostname is WILLY.


My Fedora 19 laptop is dual boot win7/fedora19.
Booted to win7 I can see XP shares fine.
Booted to F19 I have problems.
That ends up on 192.168.0.148 with hostname f19.splurge.org.
I do have an initial smb.conf but I am just trying to connect to
xp via smbclient at this point.

---
So here's what happens:

If I try to use smbclient to access XP shares on willy an alert box 
comes up on xp and dialup is broken.


If XP machine is NOT dialed up I do not get willy and instead get 
listing for f19.


Example:
---

 Attempt to connect to XP box WILLY via samba.
 First with XP NOT connected to internet:

~  smbclient -L WILLY
Enter howdy's password:
Domain=[WORKGROUP] OS=[Unix] Server=[Samba 4.0.6]

Sharename   Type  Comment
-     ---
   Share   Disk
IPC$IPC   IPC Service (Samba Server Version 4.0.6)
Brother-HL-2240-series Printer   Brother HL-2240 series
howdyDisk  Home Directories
Domain=[WORKGROUP] OS=[Unix] Server=[Samba 4.0.6]

Server   Comment
----
f19  Samba Server Version 4.0.6

WorkgroupMaster
----
WORKGROUP

 I see NO mention of any shares I have on WILLY.
 Everything there relates to f19.splurg.org's samba server.
 Share is the name of a share I designated in /etc/samba/smb.conf
 howdy is my /home/howdy directory which is also designated to be 
shared.

 Why don't I see any WILLY stuff???

 Oddly, I think this is being sent to me from WILLY
 When WILLY is rebooting I get this until it is fully loaded:

~  smbclient -L WILLY
Enter howdy's password:
Connection to WILLY failed (Error NT_STATUS_UNSUCCESSFUL)



 NOW I start dial up on the XP machine and try same:

~  smbclient -L WILLY
Enter howdy's password:
Domain=[WILLY] OS=[Windows 5.1] Server=[Windows 2000 LAN Manager]

Sharename   Type  Comment
-     ---
PDFCreator  Printer   eDoc Printer
My DocumentsDisk
BrotherHPrinter   HL-2240
IPC$IPC   Remote IPC
SharedDocs  Disk
print$  Disk  Printer Drivers
testdir Disk
D- CD PlayerDisk
downloads   Disk
Buzzshare   Disk
cprogs  Disk
MightyFAX   Printer   MightyFAX Printer Driver
Printer Printer   HP PSC 1500 series
Domain=[WILLY] OS=[Windows 5.1] Server=[Windows 2000 LAN Manager]

Server   Comment
----

WorkgroupMaster
----

 This is where the XP alert box comes up.
 DNS is disabled for internet use but I can access files.
 Above is listing showing my new  user Buzz's shares as well as 
others.

 I can browse and transfer ok:

~  smbclient //WILLY/Buzzshare
Enter howdy's password:
Domain=[WILLY] OS=[Windows 5.1] Server=[Windows 2000 LAN Manager]
smb: \ LS
  .DR0  Mon Aug  5 12:05:15 2013
  ..   DR0  Mon Aug  5 12:05:15 2013
  desktop.ini  AHS   75  Mon Aug  5 11:52:29 2013
  My Music DR0  Mon Aug  5 11:52:29 2013
  My Pictures  DR0  Mon Aug  5 11:52:29 2013
  testdir  D0  Mon Aug  5 12:05:15 2013
  Visual Studio 2008   D0  Fri Oct  5 03:06:06 2012

38154 blocks of size 1048576. 16213 blocks available
smb: \ cd testdir
smb: \testdir\ ls
  .D0  Mon Aug  5 12:05:15 2013
  ..   D0  Mon Aug  5 12:05:15 2013
  test-1.txt   A   54  Mon Aug  5 11:56:16 2013

smb: \testdir\ quit

~  cat test-1.txt
test file to test sharing to samba on f19
blah blah

 but at this point XP internet connection is severely insulted.
 As said above an alert box pops up and dns lookup is disabled.
 The alert box remains open waiting for my input: file report y/n
 If I do not make a selection
 I can still ping and browse using numeric addresses.
 When I do make a selection I cannot get to internet on either
 machine and I can not disconnect the dialup manually.
 So I reboot.


Ideas Bones...

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] XP network breaks when shares are accessed by Fedora 19 smbclient

[Chris Weiss]

On Mon, Aug 5, 2013 at 4:21 PM, How_F19 how0...@freeshell.org wrote:
 The XP lan base is 192.168.0.0 and the XP user Owner is on 192.168.0.1 and
 hostname is WILLY.

I'm translating this all as:
XP box is named willy and has the IP 192.168.0.1.
what's the workgroup name?  appears to be workgroup which is fine.

also, smbclient will use smb.conf too.  what do you have set for the workgroup?

  Attempt to connect to XP box WILLY via samba.
  First with XP NOT connected to internet:

 ~  smbclient -L WILLY
 Enter howdy's password:

 Domain=[WORKGROUP] OS=[Unix] Server=[Samba 4.0.6]

this is extra extra weird.  something is very wrong with how the names
are being resolved.  at this point, can you ping willy and get the
192.168.0.1 address?
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] Samba 4 and DFS replication

[Kristofer Pettijohn]

I realize that Samba 4 doesn't yet support DFS replication. But my question is 
if Samba 4 as an AD server supports DFS replication within the environment. For 
example, if all we have are Samba 4 servers for AD domain controllers, and we 
have 2+ Windows servers doing DFS between each other (where the Samba 4 file 
server isn't involved at all), is that supported? 

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Samba 4 and DFS replication

[Andrew Bartlett]

On Mon, 2013-08-05 at 17:24 -0500, Kristofer Pettijohn wrote:
 I realize that Samba 4 doesn't yet support DFS replication. But my
 question is if Samba 4 as an AD server supports DFS replication within
 the environment. For example, if all we have are Samba 4 servers for
 AD domain controllers, and we have 2+ Windows servers doing DFS
 between each other (where the Samba 4 file server isn't involved at
 all), is that supported? 

That should be fine, we just don't implement that protocol yet. 

Andrew Bartlett

-- 
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team   http://samba.org
Samba Developer, Catalyst IT   http://catalyst.net.nz


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] XP network breaks when shares are accessed by Fedora 19 smbclient

[How_F19]

On 08/05/2013 05:34 PM, Chris Weiss wrote:

On Mon, Aug 5, 2013 at 4:21 PM, How_F19 how0...@freeshell.org wrote:

The XP lan base is 192.168.0.0 and the XP user Owner is on 192.168.0.1 and
hostname is WILLY.

I'm translating this all as:
XP box is named willy and has the IP 192.168.0.1.
what's the workgroup name?  appears to be workgroup which is fine.

also, smbclient will use smb.conf too.  what do you have set for the workgroup?


Thanks for reply.
Yes, xp box is willy and on 192.168.0.1 and:

~  cat /etc/samba/smb.conf
[global]
workgroup = WORKGROUP
server string = Samba Server Version %v
log file = /var/log/samba/log.%m
max log size = 50
;idmap config * : backend = tdb
cups options = raw

[homes]
comment = Home Directories
read only = No
browseable = No

[printers]
comment = All Printers
path = /var/spool/samba
printable = Yes
browseable = No

[Share]
path = /home/share
read only = No


 Attempt to connect to XP box WILLY via samba.
 First with XP NOT connected to internet:

~  smbclient -L WILLY
Enter howdy's password:

Domain=[WORKGROUP] OS=[Unix] Server=[Samba 4.0.6]

this is extra extra weird.  something is very wrong with how the names
are being resolved.  at this point, can you ping willy and get the
192.168.0.1 address?


When I ping willy I get nothing returned but it causes that same
alert box comes up on XP box and dns is disabled.

I can still ping numeric addresses including 192.168.0.1.

I need to reboot XP to reset.

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] XP network breaks when shares are accessed by Fedora 19 smbclient

[How_F19]

On 08/05/2013 10:32 PM, How_F19 wrote:
When I ping willy I get nothing returned 


So I added line in /etc/hosts

192.168.0.1  WILLY

Now I can ping, list and browse willy shares whether dialed up or not 
with no alert box!


Is that a good fix? or is it just patching something that is still 
messed up?

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] XP network breaks when shares are accessed by Fedora 19 smbclient

[How_F19]

I also added line for f19 in /etc/hosts.
So there I have:

--
127.0.0.1   f19.splurge.org localhost localhost.localdomain localhost4 
localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 
localhost6.localdomain6


192.168.0.1 WILLY
192.168.0.148   f19
--

Does any of that look problematic?


Also I wondered about these two things in the output below:

- WORKGROUP is listed as f19's domain
- values for Server, Comment, Workgroup and Master are missing at bottom 
of willy's output.


--
~  smbclient -L f19
Enter howdy's password:
Domain=[WORKGROUP] OS=[Unix] Server=[Samba 4.0.6]

Sharename   Type  Comment
-     ---
homes   Disk  Home Directories
Share   Disk  a repos for global files
IPC$IPC   IPC Service (Samba Server Version 4.0.6)
how2Disk  Home Directories
Domain=[WORKGROUP] OS=[Unix] Server=[Samba 4.0.6]

Server   Comment
----
F19  Samba Server Version 4.0.6

WorkgroupMaster
----
WORKGROUPF19


~  smbclient -L willy
Enter howdy's password:
Domain=[WILLY] OS=[Windows 5.1] Server=[Windows 2000 LAN Manager]

Sharename   Type  Comment
-     ---
My DocumentsDisk
testdir Disk
Domain=[WILLY] OS=[Windows 5.1] Server=[Windows 2000 LAN Manager]

Server   Comment
----

WorkgroupMaster
----
--
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Announce] Samba 4.0.8, 3.6.17 and 3.5.22 Security Releases Available for Download

[Karolin Seeger]

Release Announcements
-

Samba 4.0.8, 3.6.17 and 3.5.22 have been issued as security releases in order
to address CVE-2013-4124 (Denial of service - CPU loop and memory allocation).

o  CVE-2013-4124:
   All current released versions of Samba are vulnerable to a denial of
   service on an authenticated or guest connection. A malformed packet
   can cause the smbd server to loop the CPU performing memory
   allocations and preventing any further service.

   A connection to a file share, or a local account is needed to exploit
   this problem, either authenticated or unauthenticated if guest
   connections are allowed.

   This flaw is not exploitable beyond causing the code to loop
   allocating memory, which may cause the machine to exceed memory
   limits.


Changes:


o   Jeremy Allison j...@samba.org
* BUG 10010: CVE-2013-4124: Missing integer wrap protection in EA list
  reading can cause server to loop with DOS.


###
Reporting bugs  Development Discussion
###

Please discuss this release on the samba-technical mailing list or by
joining the #samba-technical IRC channel on irc.freenode.net.

If you do report problems then please try to send high quality
feedback. If you don't provide vital information to help us track down
the problem then you will probably be ignored.  All bug reports should
be filed under the Samba 4.0 product in the project's Bugzilla
database (https://bugzilla.samba.org/).


==
== Our Code, Our Bugs, Our Responsibility.
== The Samba Team
==


Download Details


The uncompressed tarballs and patch files have been signed
using GnuPG (ID 6568B7EA).  The source code can be downloaded
from:

http://download.samba.org/samba/ftp/stable/

The release notes are available online at:

http://www.samba.org/samba/history/samba-4.0.8.html
http://www.samba.org/samba/history/samba-3.6.17.html
http://www.samba.org/samba/history/samba-3.5.22.html

Binary packages will be made available on a volunteer basis from

http://download.samba.org/samba/ftp/Binary_Packages/

Our Code, Our Bugs, Our Responsibility.
(https://bugzilla.samba.org/)

--Enjoy
The Samba Team

[SCM] Samba Shared Repository - branch master updated

[Andrew Bartlett]

The branch, master has been updated
   via  b699d40 auth/credentials: use CRED_CALLBACK_RESULT after a callback
   via  8ea36a8 auth/credentials: simplify password_tries state
   via  26a7420 auth/credentials: get the old password from secrets.tdb
   via  9325bd9 auth/credentials: keep cli_credentials private
   via  bbd63dd s4:ntlm_auth: make use of 
cli_credentials_[set_]callback_data*
   via  d47bf46 s4:torture/rpc: make use of 
cli_credentials_set_netlogon_creds()
   via  d36fcaa s4:torture/gentest: make use of 
cli_credentials_get_username()
   via  36b3c95 s4:torture/shell: simplify cli_credentials_set_password() 
call
   via  cfeeb3c s3:ntlm_auth: remove pointless credentials-priv_data = 
NULL;
   via  b3cd44d auth/credentials: add cli_credentials_shallow_copy()
   via  6ff6778 auth/credentials: add cli_credentials_[set_]callback_data*
   via  b8f0922 auth/credentials: remove pointless talloc_reference() from 
cli_credentials_get_principal_and_obtained()
   via  9535029 auth/credentials: remove pointless talloc_reference() from 
cli_credentials_get_unparsed_name()
  from  cae48e9 tevent: Add echo server sample code

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit b699d404bb5d4385a757b5aa5d0e792cf9d5de59
Author: Stefan Metzmacher me...@samba.org
Date:   Wed Jul 31 14:32:36 2013 +0200

auth/credentials: use CRED_CALLBACK_RESULT after a callback

We only do this if it's still CRED_CALLBACK after the callback,
this allowes the callback to overwrite it.

Signed-off-by: Stefan Metzmacher me...@samba.org

Reviewed-by: Andrew Bartlett abart...@samba.org

Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Mon Aug  5 09:36:05 CEST 2013 on sn-devel-104

commit 8ea36a8e58d499aa7bf342b365ca00cb39f295b6
Author: Stefan Metzmacher me...@samba.org
Date:   Wed Jul 31 14:25:54 2013 +0200

auth/credentials: simplify password_tries state

Signed-off-by: Stefan Metzmacher me...@samba.org

Reviewed-by: Andrew Bartlett abart...@samba.org

commit 26a7420c1c4307023b22676cd85d95010ecbf603
Author: Stefan Metzmacher me...@samba.org
Date:   Wed Jul 31 13:39:17 2013 +0200

auth/credentials: get the old password from secrets.tdb

Signed-off-by: Stefan Metzmacher me...@samba.org

Reviewed-by: Andrew Bartlett abart...@samba.org

commit 9325bd9cb6bb942ea989f4e32799c76ea8af3d3e
Author: Stefan Metzmacher me...@samba.org
Date:   Wed Jul 31 12:41:40 2013 +0200

auth/credentials: keep cli_credentials private

Signed-off-by: Stefan Metzmacher me...@samba.org

Reviewed-by: Andrew Bartlett abart...@samba.org

commit bbd63dd8a17468d3e332969a30c06e2b2f1540fc
Author: Stefan Metzmacher me...@samba.org
Date:   Wed Jul 31 13:24:21 2013 +0200

s4:ntlm_auth: make use of cli_credentials_[set_]callback_data*

Signed-off-by: Stefan Metzmacher me...@samba.org

Reviewed-by: Andrew Bartlett abart...@samba.org

commit d47bf469b8a9064f4f7033918b1fe519adfa0c26
Author: Stefan Metzmacher me...@samba.org
Date:   Wed Jul 31 13:23:41 2013 +0200

s4:torture/rpc: make use of cli_credentials_set_netlogon_creds()

Signed-off-by: Stefan Metzmacher me...@samba.org

Reviewed-by: Andrew Bartlett abart...@samba.org

commit d36fcaa5f3c4d1ad54d767f4a7c5fa6c8d69c00e
Author: Stefan Metzmacher me...@samba.org
Date:   Wed Jul 31 13:23:08 2013 +0200

s4:torture/gentest: make use of cli_credentials_get_username()

Signed-off-by: Stefan Metzmacher me...@samba.org

Reviewed-by: Andrew Bartlett abart...@samba.org

commit 36b3c9506c1ac5549a38140e7ffd57644290069f
Author: Stefan Metzmacher me...@samba.org
Date:   Wed Jul 31 13:22:10 2013 +0200

s4:torture/shell: simplify cli_credentials_set_password() call

All we want is to avoid a possible callback...

Signed-off-by: Stefan Metzmacher me...@samba.org

Reviewed-by: Andrew Bartlett abart...@samba.org

commit cfeeb3ce3de5d1df07299fb83327ae258da0bf8d
Author: Stefan Metzmacher me...@samba.org
Date:   Wed Jul 31 13:20:13 2013 +0200

s3:ntlm_auth: remove pointless credentials-priv_data = NULL;

Signed-off-by: Stefan Metzmacher me...@samba.org

Reviewed-by: Andrew Bartlett abart...@samba.org

commit b3cd44d50cff99fa77611679d68d2d57434fefa4
Author: Stefan Metzmacher me...@samba.org
Date:   Wed Jul 31 13:21:14 2013 +0200

auth/credentials: add cli_credentials_shallow_copy()

This is useful for testing.

Signed-off-by: Stefan Metzmacher me...@samba.org

Reviewed-by: Andrew Bartlett abart...@samba.org

commit 6ff6778bdc60f1cd4d52cba83bd47d3398fe5a20
Author: Stefan Metzmacher me...@samba.org
Date:   Wed Jul 31 12:52:17 2013 +0200

auth/credentials: add cli_credentials_[set_]callback_data*

Signed-off-by: Stefan Metzmacher 

[SCM] Samba Website Repository - branch master updated

[Karolin Seeger]

The branch, master has been updated
   via  be8c916 Announce Samba 4.0.8, 3.6.17 and 3.5.22.
  from  70b8e7b Announce Samba 4.1.0rc1.

http://gitweb.samba.org/?p=samba-web.git;a=shortlog;h=master


- Log -
commit be8c91649d8c43db3d2429d567c48721707b5abf
Author: Karolin Seeger ksee...@samba.org
Date:   Mon Aug 5 10:35:06 2013 +0200

Announce Samba 4.0.8, 3.6.17 and 3.5.22.

Signed-off-by: Karolin Seeger ksee...@samba.org

---

Summary of changes:
 generated_news/latest_10_bodies.html|   57 ++--
 generated_news/latest_10_headlines.html |5 +-
 generated_news/latest_2_bodies.html |   47 ++--
 history/header_history.html |3 +
 history/samba-3.5.22.html   |   49 +
 history/samba-3.6.17.html   |   49 +
 history/samba-4.0.8.html|   49 +
 history/security.html   |   17 +++
 latest_stable_release.html  |6 +-
 security/CVE-2013-4124.html |   73 +++
 10 files changed, 324 insertions(+), 31 deletions(-)
 create mode 100755 history/samba-3.5.22.html
 create mode 100755 history/samba-3.6.17.html
 create mode 100755 history/samba-4.0.8.html
 create mode 100644 security/CVE-2013-4124.html


Changeset truncated at 500 lines:

diff --git a/generated_news/latest_10_bodies.html 
b/generated_news/latest_10_bodies.html
index 206cdcf..803edd0 100644
--- a/generated_news/latest_10_bodies.html
+++ b/generated_news/latest_10_bodies.html
@@ -1,3 +1,47 @@
+   h5a name=4.0.805 August 2013/a/h5
+   p class=headlineSamba 4.0.8, 3.6.17 and 3.5.22 bSecurity
+   Releases/b Available for Download/p
+   pThese are security releases in order to address
+   a
+   
href=http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4124;CVE-2013-4124/a
+   (Samba 3.0.x to 4.0.7 are affected by a bdenial of service attack on 
authenticated
+   or guest connections)/b./p
+
+   pThe uncompressed tarballs and patch files have been signed
+   using GnuPG (ID 6568B7EA)./p
+   p
+   The source code can be downloaded here:
+   lia 
href=http://samba.org/samba/ftp/stable/samba-4.0.8.tar.gz;download
+   Samba 4.0.8/a,/li
+   lia 
href=http://samba.org/samba/ftp/stable/samba-3.6.17.tar.gz;download
+   Samba 3.6.17/a,/li
+   lia 
href=http://samba.org/samba/ftp/stable/samba-3.5.22.tar.gz;download
+   Samba 3.5.22/a./li
+   /p
+
+   p
+   Patches against the parents are also available:
+   lia
+   
href=http://samba.org/samba/ftp/patches/patch-4.0.7-4.0.8.diffs.gz;patch
+   Samba 4.0.7/4.0.7/a,/li
+   lia
+   
href=http://samba.org/samba/ftp/patches/patch-3.6.16-3.6.17.diffs.gz;patch
+   Samba 3.6.16/3.6.17/a,/li
+   lia
+   
href=http://samba.org/samba/ftp/patches/patch-3.5.21-3.5.222.diffs.gz;patch
+   Samba 3.5.21/3.5.22/a./li
+/p
+
+p
+Please see the release notes for more info:
+lia href=http://samba.org/samba/history/samba-4.0.8.html;release notes
+   Samba 4.0.8/a,/li
+lia href=http://samba.org/samba/history/samba-3.6.17.html;release notes
+   Samba 3.6.17/a,/li
+lia href=http://samba.org/samba/history/samba-3.5.22.html;release notes
+   Samba 3.5.22/a./li
+/p
+
h5a name=4.1.0rc111 July 2013/a/h5
p class=headlineSamba 4.1.0rc1 Available for Download/p
pThis is the first release candidate of the upcoming Samba 4.1 
release series./p
@@ -112,16 +156,3 @@ now/a.  A a 
href=http://download.samba.org/samba/ftp/patches/patch-4.0.3-4.0
 patch against Samba 4.0.3/a is also available. See
 a href=http://samba.org/samba/history/samba-4.0.4.html;
 the release notes for more info/a./p
-
-
-   h5a name=3.6.1318 March 2013/a/h5
-   p class=headlineSamba 3.6.13 Available for Download/p
-   pThis is the latest stable release of the Samba 3.6 series./p
-
-pThe uncompressed tarballs and patch files have been signed
-using GnuPG (ID 6568B7EA).  The source code can be
-a href=http://samba.org/samba/ftp/stable/samba-3.6.13.tar.gz;downloaded
-now/a. A a 
href=http://samba.org/samba/ftp/patches/patch-3.6.12-3.6.13.diffs.gz;
-patch against Samba 3.6.12/a is also available.
-See a href=http://samba.org/samba/history/samba-3.6.13.html;
-the release notes for more info/a./p
diff --git a/generated_news/latest_10_headlines.html 
b/generated_news/latest_10_headlines.html
index 3dcbebe..476bad9 100644
--- a/generated_news/latest_10_headlines.html
+++ b/generated_news/latest_10_headlines.html
@@ -1,4 +1,7 @@
 ul
+   li 05 August 2013 a href=#4.0.8Samba 4.0.8, 3.6.17 and 3.5.22
+   Security Releases Available for Download (CVE-2013-4124)/a/li
+
li 02 July 2013 a href=#4.0.7Samba 4.0.7 Available for 
Download/a/li
 
li 

[SCM] Samba Shared Repository - branch v4-0-stable updated

[Karolin Seeger]

The branch, v4-0-stable has been updated
   via  dbf87d3 WHATSNEW: Add release notes for Samba 4.0.8.
   via  03656a7 Fix bug #10010 - Missing integer wrap protection in EA list 
reading can cause server to loop with DOS.
   via  b4bfcdf Fix bug #10010 - Missing integer wrap protection in EA list 
reading can cause server to loop with DOS.
   via  4df0ef0 VERSION: Bump version number up to 4.0.8.
  from  5e3a301 VERSION: Disable git snapshots for the 4.0.7 release.

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-stable


- Log -
commit dbf87d3867c1771a09029b733c8de1e134e270e4
Author: Karolin Seeger ksee...@samba.org
Date:   Thu Aug 1 20:41:57 2013 +0200

WHATSNEW: Add release notes for Samba 4.0.8.

Signed-off-by: Karolin Seeger ksee...@samba.org

commit 03656a7c1ea68d4cea585f0bd4a3720be7f1cc13
Author: Jeremy Allison j...@samba.org
Date:   Thu Jul 11 09:36:01 2013 -0700

Fix bug #10010 - Missing integer wrap protection in EA list reading can 
cause server to loop with DOS.

Fix client-side parsing also. Found by David Disseldorp dd...@suse.de
CVE-2013-4124

Signed-off-by: Jeremy Allison j...@samba.org

commit b4bfcdf921aeee05c4608d7b48618fdfb1f134dc
Author: Jeremy Allison j...@samba.org
Date:   Wed Jul 10 17:10:17 2013 -0700

Fix bug #10010 - Missing integer wrap protection in EA list reading can 
cause server to loop with DOS.

Ensure we never wrap whilst adding client provided input.

Signed-off-by: Jeremy Allison j...@samba.org

commit 4df0ef084be147c70f57e39d052f9c69c145d3b0
Author: Karolin Seeger ksee...@samba.org
Date:   Thu Aug 1 20:44:03 2013 +0200

VERSION: Bump version number up to 4.0.8.

Signed-off-by: Karolin Seeger ksee...@samba.org

---

Summary of changes:
 VERSION |2 +-
 WHATSNEW.txt|   60 +-
 source3/smbd/nttrans.c  |   12 
 source4/libcli/raw/raweas.c |7 +++-
 4 files changed, 76 insertions(+), 5 deletions(-)


Changeset truncated at 500 lines:

diff --git a/VERSION b/VERSION
index e98b7e8..68f3383 100644
--- a/VERSION
+++ b/VERSION
@@ -25,7 +25,7 @@
 
 SAMBA_VERSION_MAJOR=4
 SAMBA_VERSION_MINOR=0
-SAMBA_VERSION_RELEASE=7
+SAMBA_VERSION_RELEASE=8
 
 
 # If a official release has a serious bug  #
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 6ab15c8..503aff0 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,4 +1,60 @@
=
+   Release Notes for Samba 4.0.8
+  August 05, 2013
+   =
+
+
+This is a security release in order to address
+CVE-2013-4124 (Missing integer wrap protection in EA list reading can cause
+server to loop with DOS).
+
+o  CVE-2013-4124:
+   All current released versions of Samba are vulnerable to a denial of
+   service on an authenticated or guest connection. A malformed packet
+   can cause the smbd server to loop the CPU performing memory
+   allocations and preventing any further service.
+
+   A connection to a file share, or a local account is needed to exploit
+   this problem, either authenticated or unauthenticated if guest
+   connections are allowed.
+
+   This flaw is not exploitable beyond causing the code to loop
+   allocating memory, which may cause the machine to exceed memory
+   limits.
+
+
+Changes since 4.0.7:
+
+
+o   Jeremy Allison j...@samba.org
+* BUG 10010: CVE-2013-4124: Missing integer wrap protection in EA list
+  reading can cause server to loop with DOS.
+
+
+##
+Reporting bugs  Development Discussion
+###
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored.  All bug reports should
+be filed under the Samba 4.0 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+==
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+==
+
+
+Release notes for older releases follow:
+
+
+   =
Release Notes for Samba 4.0.7
July 2, 2013
=
@@ -103,8 

[SCM] Samba Shared Repository - branch v3-6-stable updated

[Karolin Seeger]

The branch, v3-6-stable has been updated
   via  e03ad14 WHATSNEW: Add release notes for Samba 3.6.17.
   via  efdbcab Fix bug #10010 - Missing integer wrap protection in EA list 
reading can cause server to loop with DOS.
  from  b45411c WHATSNEW: Start release notes for Samba 3.6.17.

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-stable


- Log -
commit e03ad1401fd1cca54f9f5c4c1e98ec9ad87b5565
Author: Karolin Seeger ksee...@samba.org
Date:   Mon Jul 29 20:55:18 2013 +0200

WHATSNEW: Add release notes for Samba 3.6.17.

Signed-off-by: Karolin Seeger ksee...@samba.org

commit efdbcabbe97a594572d71d714d258a5854c5d8ce
Author: Jeremy Allison j...@samba.org
Date:   Wed Jul 10 17:10:17 2013 -0700

Fix bug #10010 - Missing integer wrap protection in EA list reading can 
cause server to loop with DOS.

Ensure we never wrap whilst adding client provided input.
CVE-2013-4124

Signed-off-by: Jeremy Allison j...@samba.org

---

Summary of changes:
 WHATSNEW.txt   |   23 +++
 source3/smbd/nttrans.c |   12 
 2 files changed, 31 insertions(+), 4 deletions(-)


Changeset truncated at 500 lines:

diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index a921e4a..4291736 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,19 +1,34 @@
==
Release Notes for Samba 3.6.17
-  August 14, 2013
+  August 05, 2013
==
 
 
-This is is the latest stable release of Samba 3.6.
+This is a security release in order to address
+CVE-2013-4124 (Missing integer wrap protection in EA list reading can cause
+server to loop with DOS).
+
+o  CVE-2013-4124:
+   All current released versions of Samba are vulnerable to a denial of
+   service on an authenticated or guest connection. A malformed packet
+   can cause the smbd server to loop the CPU performing memory
+   allocations and preventing any further service.
+
+   A connection to a file share, or a local account is needed to exploit
+   this problem, either authenticated or unauthenticated if guest
+   connections are allowed.
 
-Major enhancements in Samba 3.6.17 include:
+   This flaw is not exploitable beyond causing the code to loop
+   allocating memory, which may cause the machine to exceed memory
+   limits.
 
-o  
 
 Changes since 3.6.16:
 -
 
 o   Jeremy Allison j...@samba.org
+* BUG 10010: CVE-2013-4124: Missing integer wrap protection in EA list
+  reading can cause server to loop with DOS.
 
 
 ##
diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c
index ea9d417..5fc3a09 100644
--- a/source3/smbd/nttrans.c
+++ b/source3/smbd/nttrans.c
@@ -989,7 +989,19 @@ struct ea_list *read_nttrans_ea_list(TALLOC_CTX *ctx, 
const char *pdata, size_t
if (next_offset == 0) {
break;
}
+
+   /* Integer wrap protection for the increment. */
+   if (offset + next_offset  offset) {
+   break;
+   }
+
offset += next_offset;
+
+   /* Integer wrap protection for while loop. */
+   if (offset + 4  offset) {
+   break;
+   }
+
}
 
return ea_list_head;


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v3-5-stable updated

[Karolin Seeger]

The branch, v3-5-stable has been updated
   via  eb18d5d WHATSNEW: Add release notes for Samba 3.5.22.
   via  6ef0e33 Fix bug #10010 - Missing integer wrap protection in EA list 
reading can cause server to loop with DOS.
  from  81aa6c38 VERSION: Bump Version number up to 3.5.22.

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-5-stable


- Log -
commit eb18d5d2492632fcccd71a5c3fc0364465def609
Author: Karolin Seeger ksee...@samba.org
Date:   Wed Jul 24 20:53:49 2013 +0200

WHATSNEW: Add release notes for Samba 3.5.22.

Signed-off-by: Karolin Seeger ksee...@samba.org

commit 6ef0e33fe8afa0ebb81652b9d42b42d20efadf04
Author: Jeremy Allison j...@samba.org
Date:   Wed Jul 10 17:10:17 2013 -0700

Fix bug #10010 - Missing integer wrap protection in EA list reading can 
cause server to loop with DOS.

Ensure we never wrap whilst adding client provided input.
CVE-2013-4124

Signed-off-by: Jeremy Allison j...@samba.org

---

Summary of changes:
 WHATSNEW.txt   |   60 ++-
 source3/smbd/nttrans.c |   12 +
 2 files changed, 70 insertions(+), 2 deletions(-)


Changeset truncated at 500 lines:

diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index a7766a9..7a36ab6 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,4 +1,60 @@
==
+   Release Notes for Samba 3.5.22
+ August 05, 2013
+   ==
+
+
+This is a security release in order to address
+CVE-2013-4124 (Missing integer wrap protection in EA list reading can cause
+server to loop with DOS).
+
+o  CVE-2013-4124:
+   All current released versions of Samba are vulnerable to a denial of
+   service on an authenticated or guest connection. A malformed packet
+   can cause the smbd server to loop the CPU performing memory
+   allocations and preventing any further service.
+
+   A connection to a file share, or a local account is needed to exploit
+   this problem, either authenticated or unauthenticated if guest
+   connections are allowed.
+
+   This flaw is not exploitable beyond causing the code to loop
+   allocating memory, which may cause the machine to exceed memory
+   limits.
+
+
+Changes since 3.5.21:
+-
+
+o   Jeremy Allison j...@samba.org
+* BUG 10010: CVE-2013-4124: Missing integer wrap protection in EA list
+  reading can cause server to loop with DOS.
+
+
+##
+Reporting bugs  Development Discussion
+###
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored.  All bug reports should
+be filed under the Samba 3.5 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+==
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+==
+
+
+Release notes for older releases follow:
+
+
+   ==
Release Notes for Samba 3.5.21
 January 30, 2013
==
@@ -61,8 +117,8 @@ database (https://bugzilla.samba.org/).
 ==
 
 
-Release notes for older releases follow:
-
+--
+
 
==
Release Notes for Samba 3.5.20
diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c
index 2ca14f4..2559769 100644
--- a/source3/smbd/nttrans.c
+++ b/source3/smbd/nttrans.c
@@ -934,7 +934,19 @@ struct ea_list *read_nttrans_ea_list(TALLOC_CTX *ctx, 
const char *pdata, size_t
if (next_offset == 0) {
break;
}
+
+   /* Integer wrap protection for the increment. */
+   if (offset + next_offset  offset) {
+   break;
+   }
+
offset += next_offset;
+
+   /* Integer wrap protection for while loop. */
+   if (offset + 4  offset) {
+   break;
+   }
+
}
 
return ea_list_head;


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - annotated tag samba-4.0.8 created

[Karolin Seeger]

The annotated tag, samba-4.0.8 has been created
at  1099bb0105ce5f5b2f31be0fc646c6eddeab2ccd (tag)
   tagging  dbf87d3867c1771a09029b733c8de1e134e270e4 (commit)
  replaces  samba-4.0.7
 tagged by  Karolin Seeger
on  Fri Aug 2 20:04:53 2013 +0200

- Log -
samba: tag release samba-4.0.8
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)

iD8DBQBR+/TFbzORW2Vot+oRAu/yAKCX9dr4zzgr9yyp5NEs3MRBsyFDwwCeIJte
z8bFdTtBE8R4gFZwmZyjVLg=
=c/SH
-END PGP SIGNATURE-

Jeremy Allison (2):
  Fix bug #10010 - Missing integer wrap protection in EA list reading can 
cause server to loop with DOS.
  Fix bug #10010 - Missing integer wrap protection in EA list reading can 
cause server to loop with DOS.

Karolin Seeger (2):
  VERSION: Bump version number up to 4.0.8.
  WHATSNEW: Add release notes for Samba 4.0.8.

---


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - annotated tag samba-3.6.17 created

[Karolin Seeger]

The annotated tag, samba-3.6.17 has been created
at  2af9f795c318ac2c31c3bc06223bcd4969a832e1 (tag)
   tagging  e03ad1401fd1cca54f9f5c4c1e98ec9ad87b5565 (commit)
  replaces  samba-3.6.16
 tagged by  Karolin Seeger
on  Mon Aug 5 09:29:40 2013 +0200

- Log -
tag samba-3.6.17
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)

iD8DBQBR/1RqbzORW2Vot+oRAjI+AJ9giT8XLm0DI9OiKcXPcd0M/Y84MgCfc+gy
dH0sGcFNKSwSBmg5qGsgo30=
=5D9x
-END PGP SIGNATURE-

Jeremy Allison (1):
  Fix bug #10010 - Missing integer wrap protection in EA list reading can 
cause server to loop with DOS.

Karolin Seeger (3):
  VERSION: Bump version number up to 3.6.17.
  WHATSNEW: Start release notes for Samba 3.6.17.
  WHATSNEW: Add release notes for Samba 3.6.17.

---


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - annotated tag samba-3.5.22 created

[Karolin Seeger]

The annotated tag, samba-3.5.22 has been created
at  3efcd1a538bd2bb9a758d3e045ccd46bb9ddda6c (tag)
   tagging  eb18d5d2492632fcccd71a5c3fc0364465def609 (commit)
  replaces  samba-3.5.21
 tagged by  Karolin Seeger
on  Mon Aug 5 09:31:18 2013 +0200

- Log -
tag samba-3.5.22
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)

iD8DBQBR/1TSbzORW2Vot+oRAlE6AJ9VrH5X9Os6MVg439RRjdCr2RLMmACfVNK9
weHdinayf3HWaq55Imdc8LQ=
=6zjL
-END PGP SIGNATURE-

Jeremy Allison (1):
  Fix bug #10010 - Missing integer wrap protection in EA list reading can 
cause server to loop with DOS.

Karolin Seeger (2):
  VERSION: Bump Version number up to 3.5.22.
  WHATSNEW: Add release notes for Samba 3.5.22.

---


-- 
Samba Shared Repository

[SCM] Samba Website Repository - branch master updated

[Karolin Seeger]

The branch, master has been updated
   via  33c92ee Fix typos.
  from  be8c916 Announce Samba 4.0.8, 3.6.17 and 3.5.22.

http://gitweb.samba.org/?p=samba-web.git;a=shortlog;h=master


- Log -
commit 33c92ee0ae51ab3fc63c10daaa1ace95198f5aa3
Author: Karolin Seeger ksee...@samba.org
Date:   Mon Aug 5 10:42:15 2013 +0200

Fix typos.

Signed-off-by: Karolin Seeger ksee...@samba.org

---

Summary of changes:
 generated_news/latest_10_bodies.html |4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)


Changeset truncated at 500 lines:

diff --git a/generated_news/latest_10_bodies.html 
b/generated_news/latest_10_bodies.html
index 803edd0..2e0351b 100644
--- a/generated_news/latest_10_bodies.html
+++ b/generated_news/latest_10_bodies.html
@@ -23,12 +23,12 @@
Patches against the parents are also available:
lia

href=http://samba.org/samba/ftp/patches/patch-4.0.7-4.0.8.diffs.gz;patch
-   Samba 4.0.7/4.0.7/a,/li
+   Samba 4.0.7/4.0.8/a,/li
lia

href=http://samba.org/samba/ftp/patches/patch-3.6.16-3.6.17.diffs.gz;patch
Samba 3.6.16/3.6.17/a,/li
lia
-   
href=http://samba.org/samba/ftp/patches/patch-3.5.21-3.5.222.diffs.gz;patch
+   
href=http://samba.org/samba/ftp/patches/patch-3.5.21-3.5.22.diffs.gz;patch
Samba 3.5.21/3.5.22/a./li
 /p
 


-- 
Samba Website Repository

[SCM] Samba Website Repository - branch master updated

[Karolin Seeger]

The branch, master has been updated
   via  ec801b7 Fix typos.
  from  33c92ee Fix typos.

http://gitweb.samba.org/?p=samba-web.git;a=shortlog;h=master


- Log -
commit ec801b746fa8fe65a825772a9a84e101708feda7
Author: Karolin Seeger ksee...@samba.org
Date:   Mon Aug 5 10:43:03 2013 +0200

Fix typos.

Signed-off-by: Karolin Seeger ksee...@samba.org

---

Summary of changes:
 generated_news/latest_2_bodies.html |4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)


Changeset truncated at 500 lines:

diff --git a/generated_news/latest_2_bodies.html 
b/generated_news/latest_2_bodies.html
index 38519a7..281199f 100644
--- a/generated_news/latest_2_bodies.html
+++ b/generated_news/latest_2_bodies.html
@@ -23,12 +23,12 @@
Patches against the parents are also available:
lia

href=http://samba.org/samba/ftp/patches/patch-4.0.7-4.0.8.diffs.gz;patch
-   Samba 4.0.7/4.0.7/a,/li
+   Samba 4.0.7/4.0.8/a,/li
lia

href=http://samba.org/samba/ftp/patches/patch-3.6.16-3.6.17.diffs.gz;patch
Samba 3.6.16/3.6.17/a,/li
lia
-   
href=http://samba.org/samba/ftp/patches/patch-3.5.21-3.5.222.diffs.gz;patch
+   
href=http://samba.org/samba/ftp/patches/patch-3.5.21-3.5.22.diffs.gz;patch
Samba 3.5.21/3.5.22/a./li
 /p
 


-- 
Samba Website Repository

[SCM] Samba Shared Repository - branch v4-0-test updated

[Karolin Seeger]

The branch, v4-0-test has been updated
   via  221cffa s4-lib/socket: Allocate a the larger sockaddr_un and not 
just a sockaddr_in in unixdom_get_my_addr()
   via  85db68b s4-lib/socket: Allocate a the larger sockaddr_un and not 
just a sockaddr_in in unixdom_get_peer_addr()
   via  93d4207 s4:server: avoid calling into nss_winbind from within 
'samba'
   via  45349be s4:rpc_server: make sure we don't terminate a connection 
with pending requests (bug #9820)
   via  a1a7349 s4-winbindd: Do not terminate a connection that is still 
pending (bug #9820)
   via  c257e3b service_stream: Log if the connection termination is 
deferred or not (bug #9820)
   via  a629507 s4-winbind: Add special case for BUILTIN domain
   via  7ded0ce pam_winbind: update documentation for DIR krb5ccname 
pragma.
   via  7ce7020 s3-winbindd: support the DIR pragma for raw kerberos user 
pam authentication.
   via  98393f9 wbinfo: allow to define a custom krb5ccname for kerberized 
pam auth.
  from  64dce3c s3-netlogon: enumerate UPN suffixes from PASSDB when 
available

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test


- Log -
commit 221cffa25510b6115490b5c48d60ec231357a068
Author: Stefan Metzmacher me...@samba.org
Date:   Wed Jul 24 10:19:26 2013 +1200

s4-lib/socket: Allocate a the larger sockaddr_un and not just a sockaddr_in 
in unixdom_get_my_addr()

This caused crashes in _tsocket_address_bsd_from_sockaddr() when we
read past the end of the allocation.

(similar to commit e9ae36e9683372b86f1efbd29904722a33fea083)

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10042

Signed-off-by: Stefan Metzmacher me...@samba.org

Reviewed-by: Andrew Bartlett abart...@samba.org

Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Wed Jul 24 14:37:43 CEST 2013 on sn-devel-104
(cherry picked from commit 077dfd0a89a854c21b91b0f871d034fd9fe82a9a)

Autobuild-User(v4-0-test): Karolin Seeger ksee...@samba.org
Autobuild-Date(v4-0-test): Mon Aug  5 11:54:46 CEST 2013 on sn-devel-104

commit 85db68b26c7572e7ea7bc820d14045658803f188
Author: Andrew Bartlett abart...@samba.org
Date:   Wed Jul 24 10:19:26 2013 +1200

s4-lib/socket: Allocate a the larger sockaddr_un and not just a sockaddr_in 
in unixdom_get_peer_addr()

This caused crashes in _tsocket_address_bsd_from_sockaddr() when we
read past the end of the allocation.

Andrew Bartlett

Signed-off-by: Andrew Bartlett abart...@samba.org
Reviewed-by: Jeremy Allison j...@samba.org
(cherry picked from commit e9ae36e9683372b86f1efbd29904722a33fea083)

commit 93d42071056980a9a438cfe4660154a6050226dc
Author: Stefan Metzmacher me...@samba.org
Date:   Wed Jul 10 14:48:18 2013 +0200

s4:server: avoid calling into nss_winbind from within 'samba'

The most important part is that the 'winbind_server' doesn't
recurse into itself. This could happen if the krb5 libraries
call getlogin().

As we may run in single process mode, we need to set
_NO_WINBINDD=1 everywhere, the only exception is the forked
'smbd'.

Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andrew Bartlett abart...@samba.org

The last 5 patches address bug #9820 - crash of winbind after ls -l
/usr/local/samba/var/locks/sysvol.

commit 45349be04011579f0a65ae687c13c90beaeda684
Author: Stefan Metzmacher me...@samba.org
Date:   Tue Jul 9 16:38:59 2013 +0200

s4:rpc_server: make sure we don't terminate a connection with pending 
requests (bug #9820)

Sadly we may have nested event loops, which won't work correctly with
broken connections, that's why we have to do this...

Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andrew Bartlett abart...@samba.org

Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Wed Jul 10 08:47:38 CEST 2013 on sn-devel-104
(cherry picked from commit e6a58d370403e818bc2cfb8389751b78adcc14fd)

commit a1a7349888e8f3709a6e98b2ca94be6a4dd13258
Author: Andrew Bartlett abart...@samba.org
Date:   Thu Jun 27 11:28:03 2013 +1000

s4-winbindd: Do not terminate a connection that is still pending (bug #9820)

Instead, wait until the call attempts to reply, and let it terminate then

(often this happens in the attempt to then write to the broken pipe).

Andrew Bartlett

Pair-Programmed-With: Stefan Metzmacher me...@samba.org

Signed-off-by: Andrew Bartlett abart...@samba.org
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andrew Bartlett abart...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
(cherry picked from commit 2505d48e4fbcd8a805a88ad0b05fb1a16a588197)

commit c257e3bdf5ff719652ac6e6683c889e2fe449ccd
Author: Andrew Bartlett 

[SCM] Samba Shared Repository - branch master updated

[Andreas Schneider]

The branch, master has been updated
   via  6659f01 s3-libads: Print a message if no realm has been specified.
   via  94be8d6 s3:rpc_client: rename same variables in 
cli_rpc_pipe_open_schannel_with_key()
   via  8a302fc s3:rpc_client: use the correct context for 
netlogon_creds_copy() in rpccli_schannel_bind_data()
   via  6ce645e s3:rpc_client: make rpccli_schannel_bind_data() static
   via  7b3ddd1 s3:netlogon: make use of 
netlogon_creds_decrypt_samlogon_logon()
   via  9d54831 s4:netlogon: make use of 
netlogon_creds_decrypt_samlogon_logon()
   via  2ea749a libcli/auth: add netlogon_creds_shallow_copy_logon()
   via  c7319fc libcli/auth: add 
netlogon_creds_[de|en]crypt_samlogon_logon()
   via  291f6a1 libcli/auth: fix shadowed declaration in 
netlogon_creds_crypt_samlogon_validation()
   via  39fedd2 libcli/auth: make netlogon_creds_crypt_samlogon_validation 
more robust
   via  d54c908 s3:rpcclient: use talloc_stackframe() in do_cmd()
   via  34fa794 s4:librpc: fix netlogon connections against servers without 
AES support
   via  05d9b41 s3-net: avoid confusing output in net_rpc_oldjoin() if 
NET_FLAGS_EXPECT_FALLBACK is passed
   via  3e4ded4 s3-net: use libnetjoin for net rpc join newstyle.
   via  9cfa625 s3-net: use libnetjoin for net rpc testjoin.
   via  1242ab0 s3:libnet: let the caller truncate the pw in 
libnet_join_joindomain_rpc_unsecure()
   via  d398a12 s3-libnetjoin: move net rpc oldjoin to use libnetjoin.
   via  c4d6d75 s3-libnetjoin: add machine_name length check.
   via  cc0cbd4 s3: libnet_join: use admin_domain in libnetjoin.
   via  c11a79c s3: libnet_join: add admin_domain.
   via  a9d5b2f libcli/auth: also set secure channel type in 
netlogon_creds_client_init().
   via  b19e7e6 s3-rpc_cli: pass down ndr_interface_table to 
rpc_transport_np_init_send().
   via  c41b6e5 s3-rpc_cli: pass down ndr_interface_table to 
rpc_transport_np_init().
   via  7bdcfcb s3-rpc_cli: pass down ndr_interface_table to 
rpc_pipe_open_tcp_port().
   via  0ff8c2d s3-rpc_cli: pass down ndr_interface_table to 
rpc_pipe_get_tcp_port().
   via  5c5cff0 s3-rpc_cli: pass down ndr_interface_table to 
rpc_pipe_open_tcp().
   via  8cd3a06 s3-rpc_cli: pass down ndr_interface_table to 
rpc_pipe_open_np().
   via  34cc4b4 s3-rpc_cli: pass down ndr_interface_table to 
cli_rpc_pipe_open().
   via  9aa99c3 s3-rpc_cli: pass down ndr_interface_table to 
cli_rpc_pipe_open_noauth_transport().
   via  9813fe2 s3-rpc_cli: pass down ndr_interface_table to 
cli_rpc_pipe_open_noauth().
   via  3dc3a6c s3-rpc_cli: pass down ndr_interface_table to 
cli_rpc_pipe_open_schannel_with_key().
   via  7f16947 s3-rpc_cli: pass down ndr_interface_table to 
cli_rpc_pipe_open_ntlmssp_auth_schannel().
   via  f6d61b5 s3-rpc_cli: pass down ndr_interface_table to 
cli_rpc_pipe_open_schannel().
   via  6886cff s3-rpc_cli: pass down ndr_interface_table to 
rpc_pipe_open_interface().
   via  9b4fb5b s3-rpc_cli: pass down ndr_interface_table to 
rpc_pipe_open_ncalrpc().
   via  0ce2178 s3-libnetapi: pass down ndr_interface_table to pipe_cm() 
and friends.
   via  77f7f2a s3-libnetapi: pass down ndr_interface_table to 
libnetapi_open_pipe().
   via  fa37bbd s3-libnetapi: pass down ndr_interface_table to 
libnetapi_get_binding_handle().
   via  a1368ca s3-rpc_cli: remove prototype of nonexisting 
cli_rpc_pipe_open_krb5().
   via  93e92fa s3-net: pass down ndr_interface_table to connect_dst_pipe().
   via  6dc7c63 s3-libads: Fail create_local_private_krb5_conf_for_domain() 
if parameters missing.
  from  b699d40 auth/credentials: use CRED_CALLBACK_RESULT after a callback

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit 6659f0164c6b8d7ad522bcd6c2c6748c3d9bca81
Author: Andreas Schneider a...@samba.org
Date:   Mon Aug 5 09:25:11 2013 +0200

s3-libads: Print a message if no realm has been specified.

Signed-off-by: Andreas Schneider a...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org

Autobuild-User(master): Andreas Schneider a...@cryptomilk.org
Autobuild-Date(master): Mon Aug  5 12:24:44 CEST 2013 on sn-devel-104

commit 94be8d63cd21fbb9e31bf7a92af82e19c596f94f
Author: Stefan Metzmacher me...@samba.org
Date:   Thu Apr 25 19:43:58 2013 +0200

s3:rpc_client: rename same variables in 
cli_rpc_pipe_open_schannel_with_key()

Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andreas Schneider a...@samba.org

commit 8a302fc353de8d373a0ec8544da4da6f305ec923
Author: Stefan Metzmacher me...@samba.org
Date:   Thu Apr 25 18:29:31 2013 +0200

s3:rpc_client: use the correct context for netlogon_creds_copy() in 
rpccli_schannel_bind_data()

Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andreas Schneider 

[SCM] Samba Shared Repository - branch v4-0-test updated

[Karolin Seeger]

The branch, v4-0-test has been updated
   via  f5bd128 VERSION: Bump version number up to 4.0.9.
   via  3b7e719 Merge tag 'samba-4.0.8' into v4-0-test
   via  dbf87d3 WHATSNEW: Add release notes for Samba 4.0.8.
   via  03656a7 Fix bug #10010 - Missing integer wrap protection in EA list 
reading can cause server to loop with DOS.
   via  b4bfcdf Fix bug #10010 - Missing integer wrap protection in EA list 
reading can cause server to loop with DOS.
   via  4df0ef0 VERSION: Bump version number up to 4.0.8.
  from  221cffa s4-lib/socket: Allocate a the larger sockaddr_un and not 
just a sockaddr_in in unixdom_get_my_addr()

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test


- Log -
commit f5bd1286f124dd03161dcd876681c3df1d4793f3
Author: Karolin Seeger ksee...@samba.org
Date:   Mon Aug 5 12:41:23 2013 +0200

VERSION: Bump version number up to 4.0.9.

Signed-off-by: Karolin Seeger ksee...@samba.org

commit 3b7e7196c6854cd549a0d2fab39165e0c13fa88f
Merge: 221cffa25510b6115490b5c48d60ec231357a068 
dbf87d3867c1771a09029b733c8de1e134e270e4
Author: Karolin Seeger ksee...@samba.org
Date:   Mon Aug 5 12:40:37 2013 +0200

Merge tag 'samba-4.0.8' into v4-0-test

samba: tag release samba-4.0.8

---

Summary of changes:
 VERSION |2 +-
 WHATSNEW.txt|   60 +-
 source3/smbd/nttrans.c  |   12 
 source4/libcli/raw/raweas.c |7 +++-
 4 files changed, 76 insertions(+), 5 deletions(-)


Changeset truncated at 500 lines:

diff --git a/VERSION b/VERSION
index be94a07..6cb5cba 100644
--- a/VERSION
+++ b/VERSION
@@ -25,7 +25,7 @@
 
 SAMBA_VERSION_MAJOR=4
 SAMBA_VERSION_MINOR=0
-SAMBA_VERSION_RELEASE=8
+SAMBA_VERSION_RELEASE=9
 
 
 # If a official release has a serious bug  #
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 6ab15c8..503aff0 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,4 +1,60 @@
=
+   Release Notes for Samba 4.0.8
+  August 05, 2013
+   =
+
+
+This is a security release in order to address
+CVE-2013-4124 (Missing integer wrap protection in EA list reading can cause
+server to loop with DOS).
+
+o  CVE-2013-4124:
+   All current released versions of Samba are vulnerable to a denial of
+   service on an authenticated or guest connection. A malformed packet
+   can cause the smbd server to loop the CPU performing memory
+   allocations and preventing any further service.
+
+   A connection to a file share, or a local account is needed to exploit
+   this problem, either authenticated or unauthenticated if guest
+   connections are allowed.
+
+   This flaw is not exploitable beyond causing the code to loop
+   allocating memory, which may cause the machine to exceed memory
+   limits.
+
+
+Changes since 4.0.7:
+
+
+o   Jeremy Allison j...@samba.org
+* BUG 10010: CVE-2013-4124: Missing integer wrap protection in EA list
+  reading can cause server to loop with DOS.
+
+
+##
+Reporting bugs  Development Discussion
+###
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored.  All bug reports should
+be filed under the Samba 4.0 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+==
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+==
+
+
+Release notes for older releases follow:
+
+
+   =
Release Notes for Samba 4.0.7
July 2, 2013
=
@@ -103,8 +159,8 @@ database (https://bugzilla.samba.org/).
 ==
 
 
-Release notes for older releases follow:
-
+--
+
 
=
Release Notes for Samba 4.0.6
diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c
index 54e475d..f70fb36 100644
--- a/source3/smbd/nttrans.c
+++ 

[SCM] Samba Shared Repository - branch v3-6-test updated

[Karolin Seeger]

The branch, v3-6-test has been updated
   via  cb48b06 WHATSNEW: Start release notes for Samba 3.6.18.
   via  dda0d8d VERSION: Bump version number up to 3.6.18.
   via  d69a4f7 WHATSNEW: Add release notes for Samba 3.6.17.
   via  6173b83 Fix bug #10010 - Missing integer wrap protection in EA list 
reading can cause server to loop with DOS.
  from  dbb52ee build:autoconf: fix output of syslog-facility check

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test


- Log -
commit cb48b067251c3a523b1bdc10bf4b3ff4fc8b104f
Author: Karolin Seeger ksee...@samba.org
Date:   Mon Aug 5 12:46:58 2013 +0200

WHATSNEW: Start release notes for Samba 3.6.18.

Signed-off-by: Karolin Seeger ksee...@samba.org

commit dda0d8da02a41be149af5b66e6b77dae2fd6f227
Author: Karolin Seeger ksee...@samba.org
Date:   Mon Aug 5 12:44:46 2013 +0200

VERSION: Bump version number up to 3.6.18.

Signed-off-by: Karolin Seeger ksee...@samba.org

commit d69a4f78b7faf020d3736e4d73848ef8b00ea832
Author: Karolin Seeger ksee...@samba.org
Date:   Mon Jul 29 20:55:18 2013 +0200

WHATSNEW: Add release notes for Samba 3.6.17.

Signed-off-by: Karolin Seeger ksee...@samba.org
(cherry picked from commit e03ad1401fd1cca54f9f5c4c1e98ec9ad87b5565)

commit 6173b83e7df39f222771bd71de7a92086387c293
Author: Jeremy Allison j...@samba.org
Date:   Wed Jul 10 17:10:17 2013 -0700

Fix bug #10010 - Missing integer wrap protection in EA list reading can 
cause server to loop with DOS.

Ensure we never wrap whilst adding client provided input.
CVE-2013-4124

Signed-off-by: Jeremy Allison j...@samba.org
(cherry picked from commit efdbcabbe97a594572d71d714d258a5854c5d8ce)

---

Summary of changes:
 WHATSNEW.txt   |   65 +---
 source3/VERSION|2 +-
 source3/smbd/nttrans.c |   12 +
 3 files changed, 74 insertions(+), 5 deletions(-)


Changeset truncated at 500 lines:

diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index a921e4a..125d793 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,16 +1,17 @@
==
-   Release Notes for Samba 3.6.17
+   Release Notes for Samba 3.6.18
   August 14, 2013
==
 
 
 This is is the latest stable release of Samba 3.6.
 
-Major enhancements in Samba 3.6.17 include:
+Major enhancements in Samba 3.6.18 include:
 
-o  
+o
 
-Changes since 3.6.16:
+
+Changes since 3.6.17:
 -
 
 o   Jeremy Allison j...@samba.org
@@ -39,6 +40,62 @@ Release notes for older releases follow:
 
 
==
+   Release Notes for Samba 3.6.17
+  August 05, 2013
+   ==
+
+
+This is a security release in order to address
+CVE-2013-4124 (Missing integer wrap protection in EA list reading can cause
+server to loop with DOS).
+
+o  CVE-2013-4124:
+   All current released versions of Samba are vulnerable to a denial of
+   service on an authenticated or guest connection. A malformed packet
+   can cause the smbd server to loop the CPU performing memory
+   allocations and preventing any further service.
+
+   A connection to a file share, or a local account is needed to exploit
+   this problem, either authenticated or unauthenticated if guest
+   connections are allowed.
+
+   This flaw is not exploitable beyond causing the code to loop
+   allocating memory, which may cause the machine to exceed memory
+   limits.
+
+
+Changes since 3.6.16:
+-
+
+o   Jeremy Allison j...@samba.org
+* BUG 10010: CVE-2013-4124: Missing integer wrap protection in EA list
+  reading can cause server to loop with DOS.
+
+
+##
+Reporting bugs  Development Discussion
+###
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored.  All bug reports should
+be filed under the Samba 3.6 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+==
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+==
+
+
+--
+
+
+   ==
  

[SCM] Samba Shared Repository - branch v3-6-stable updated

[Karolin Seeger]

The branch, v3-6-stable has been updated
   via  0694139 WHATSNEW: Start release notes for Samba 3.6.18.
   via  1798688 VERSION: Bump version number up to 3.6.18.
  from  e03ad14 WHATSNEW: Add release notes for Samba 3.6.17.

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-stable


- Log -
commit 0694139cc6e64197eefaa78f1148daa63ad6d165
Author: Karolin Seeger ksee...@samba.org
Date:   Mon Aug 5 12:46:58 2013 +0200

WHATSNEW: Start release notes for Samba 3.6.18.

Signed-off-by: Karolin Seeger ksee...@samba.org
(cherry picked from commit cb48b067251c3a523b1bdc10bf4b3ff4fc8b104f)

commit 1798688069494255ab7d7e96d9c6e08883e1b569
Author: Karolin Seeger ksee...@samba.org
Date:   Mon Aug 5 12:44:46 2013 +0200

VERSION: Bump version number up to 3.6.18.

Signed-off-by: Karolin Seeger ksee...@samba.org
(cherry picked from commit dda0d8da02a41be149af5b66e6b77dae2fd6f227)

---

Summary of changes:
 WHATSNEW.txt|   46 --
 source3/VERSION |2 +-
 2 files changed, 45 insertions(+), 3 deletions(-)


Changeset truncated at 500 lines:

diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 4291736..125d793 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,4 +1,45 @@
==
+   Release Notes for Samba 3.6.18
+  August 14, 2013
+   ==
+
+
+This is is the latest stable release of Samba 3.6.
+
+Major enhancements in Samba 3.6.18 include:
+
+o
+
+
+Changes since 3.6.17:
+-
+
+o   Jeremy Allison j...@samba.org
+
+
+##
+Reporting bugs  Development Discussion
+###
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored.  All bug reports should
+be filed under the Samba 3.6 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+==
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+==
+
+Release notes for older releases follow:
+
+
+   ==
Release Notes for Samba 3.6.17
   August 05, 2013
==
@@ -50,8 +91,9 @@ database (https://bugzilla.samba.org/).
 == The Samba Team
 ==
 
-Release notes for older releases follow:
-
+
+--
+
 
==
Release Notes for Samba 3.6.16
diff --git a/source3/VERSION b/source3/VERSION
index 2410272..ea6a68d 100644
--- a/source3/VERSION
+++ b/source3/VERSION
@@ -25,7 +25,7 @@
 
 SAMBA_VERSION_MAJOR=3
 SAMBA_VERSION_MINOR=6
-SAMBA_VERSION_RELEASE=17
+SAMBA_VERSION_RELEASE=18
 
 
 # Bug fix releases use a letter for the patch revision #


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch master updated

[Karolin Seeger]

The branch, master has been updated
   via  c4cba82 Fix bug #10010 - Missing integer wrap protection in EA list 
reading can cause server to loop with DOS.
   via  c8d8bb2 Fix bug #10010 - Missing integer wrap protection in EA list 
reading can cause server to loop with DOS.
  from  6659f01 s3-libads: Print a message if no realm has been specified.

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit c4cba824d9e4bb31e1b6a901e994ffdfd3ad522e
Author: Jeremy Allison j...@samba.org
Date:   Thu Jul 11 09:36:01 2013 -0700

Fix bug #10010 - Missing integer wrap protection in EA list reading can 
cause server to loop with DOS.

Fix client-side parsing also. Found by David Disseldorp dd...@suse.de

Signed-off-by: Jeremy Allison j...@samba.org

Autobuild-User(master): Karolin Seeger ksee...@samba.org
Autobuild-Date(master): Mon Aug  5 14:39:04 CEST 2013 on sn-devel-104

commit c8d8bb257ac390c89c4238ed86dfef02750b6049
Author: Jeremy Allison j...@samba.org
Date:   Wed Jul 10 17:10:17 2013 -0700

Fix bug #10010 - Missing integer wrap protection in EA list reading can 
cause server to loop with DOS.

Ensure we never wrap whilst adding client provided input.

Signed-off-by: Jeremy Allison j...@samba.org

---

Summary of changes:
 source3/smbd/nttrans.c  |   12 
 source4/libcli/raw/raweas.c |7 +--
 2 files changed, 17 insertions(+), 2 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c
index 800e2fd..bcba29a 100644
--- a/source3/smbd/nttrans.c
+++ b/source3/smbd/nttrans.c
@@ -990,7 +990,19 @@ struct ea_list *read_nttrans_ea_list(TALLOC_CTX *ctx, 
const char *pdata, size_t
if (next_offset == 0) {
break;
}
+
+   /* Integer wrap protection for the increment. */
+   if (offset + next_offset  offset) {
+   break;
+   }
+
offset += next_offset;
+
+   /* Integer wrap protection for while loop. */
+   if (offset + 4  offset) {
+   break;
+   }
+
}
 
return ea_list_head;
diff --git a/source4/libcli/raw/raweas.c b/source4/libcli/raw/raweas.c
index 5f06e70..b626b31 100644
--- a/source4/libcli/raw/raweas.c
+++ b/source4/libcli/raw/raweas.c
@@ -243,9 +243,12 @@ NTSTATUS ea_pull_list_chained(const DATA_BLOB *blob,
return NT_STATUS_INVALID_PARAMETER;
}
 
-   ofs += next_ofs;
+   if (ofs + next_ofs  ofs) {
+   return NT_STATUS_INVALID_PARAMETER;
+   }
 
-   if (ofs+4  blob-length) {
+   ofs += next_ofs;
+   if (ofs+4  blob-length || ofs+4  ofs) {
return NT_STATUS_INVALID_PARAMETER;
}
n++;


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v3-6-test updated

[Karolin Seeger]

The branch, v3-6-test has been updated
   via  b085c39 Fix bug 9678 - Windows 8 Roaming profiles fail
   via  326ebbd security.idl: add new security_secinfo bits
  from  cb48b06 WHATSNEW: Start release notes for Samba 3.6.18.

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test


- Log -
commit b085c39d9e39d305b715fd73c267eff0fc5fd4c4
Author: Gregor Beck gb...@sernet.de
Date:   Thu Aug 1 14:16:24 2013 +0200

Fix bug 9678 - Windows 8 Roaming profiles fail

Windows 8 tries to set 'ATTRIBUTE_SECURITY_INFORMATION' on some
dirs. Ignoring it makes roaming profiles work again.
Just like w2k3 gracefully ignore all the other bits.

Signed-off-by: Gregor Beck gb...@sernet.de

commit 326ebbdaca4d13fa498779f960a202955531576b
Author: Gregor Beck gb...@sernet.de
Date:   Wed Jul 31 15:28:51 2013 +0200

security.idl: add new security_secinfo bits

[MS-DTYP].pdf 2.4.7

Signed-off-by: Gregor Beck gb...@sernet.de

---

Summary of changes:
 librpc/idl/security.idl |3 +++
 source3/smbd/nttrans.c  |9 ++---
 2 files changed, 5 insertions(+), 7 deletions(-)


Changeset truncated at 500 lines:

diff --git a/librpc/idl/security.idl b/librpc/idl/security.idl
index 696d5a5..0ea79a3 100644
--- a/librpc/idl/security.idl
+++ b/librpc/idl/security.idl
@@ -593,6 +593,9 @@ interface security
SECINFO_DACL = 0x0004,
SECINFO_SACL = 0x0008,
SECINFO_LABEL= 0x0010,
+   SECINFO_ATTRIBUTE= 0x0020,
+   SECINFO_SCOPE= 0x0040,
+   SECINFO_BACKUP   = 0x0001,
SECINFO_UNPROTECTED_SACL = 0x1000,
SECINFO_UNPROTECTED_DACL = 0x2000,
SECINFO_PROTECTED_SACL   = 0x4000,
diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c
index 5fc3a09..a884b2f 100644
--- a/source3/smbd/nttrans.c
+++ b/source3/smbd/nttrans.c
@@ -885,13 +885,8 @@ NTSTATUS set_sd(files_struct *fsp, struct 
security_descriptor *psd,
 
/* Ensure we have at least one thing set. */
if ((security_info_sent  
(SECINFO_OWNER|SECINFO_GROUP|SECINFO_DACL|SECINFO_SACL)) == 0) {
-   if (security_info_sent  SECINFO_LABEL) {
-   /* Only consider SECINFO_LABEL if no other
-  bits are set. Just like W2K3 we don't
-  store this. */
-   return NT_STATUS_OK;
-   }
-   return NT_STATUS_INVALID_PARAMETER;
+   /* Just like W2K3 */
+   return NT_STATUS_OK;
}
 
/* Ensure we have the rights to do this. */


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v4-0-test updated

[Karolin Seeger]

The branch, v4-0-test has been updated
   via  c358417 Fix bug 9678 - Windows 8 Roaming profiles fail
   via  2d6b4f0 security.idl: add new security_secinfo bits
  from  f5bd128 VERSION: Bump version number up to 4.0.9.

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test


- Log -
commit c358417214920a85736ffaaa8f4c8101ef26b0d3
Author: Gregor Beck gb...@sernet.de
Date:   Thu Aug 1 14:16:24 2013 +0200

Fix bug 9678 - Windows 8 Roaming profiles fail

Windows 8 tries to set 'ATTRIBUTE_SECURITY_INFORMATION' on some
dirs. Ignoring it makes roaming profiles work again.
Just like w2k3 gracefully ignore all the other bits.

Signed-off-by: Gregor Beck gb...@sernet.de

Autobuild-User(v4-0-test): Karolin Seeger ksee...@samba.org
Autobuild-Date(v4-0-test): Mon Aug  5 22:00:52 CEST 2013 on sn-devel-104

commit 2d6b4f0525966050c9f028a82c74a1da3c60658a
Author: Gregor Beck gb...@sernet.de
Date:   Wed Jul 31 15:28:51 2013 +0200

security.idl: add new security_secinfo bits

[MS-DTYP].pdf 2.4.7

Signed-off-by: Gregor Beck gb...@sernet.de

---

Summary of changes:
 librpc/idl/security.idl |3 +++
 source3/smbd/nttrans.c  |9 ++---
 2 files changed, 5 insertions(+), 7 deletions(-)


Changeset truncated at 500 lines:

diff --git a/librpc/idl/security.idl b/librpc/idl/security.idl
index 33085c4..4f0e900 100644
--- a/librpc/idl/security.idl
+++ b/librpc/idl/security.idl
@@ -600,6 +600,9 @@ interface security
SECINFO_DACL = 0x0004,
SECINFO_SACL = 0x0008,
SECINFO_LABEL= 0x0010,
+   SECINFO_ATTRIBUTE= 0x0020,
+   SECINFO_SCOPE= 0x0040,
+   SECINFO_BACKUP   = 0x0001,
SECINFO_UNPROTECTED_SACL = 0x1000,
SECINFO_UNPROTECTED_DACL = 0x2000,
SECINFO_PROTECTED_SACL   = 0x4000,
diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c
index f70fb36..5595af2 100644
--- a/source3/smbd/nttrans.c
+++ b/source3/smbd/nttrans.c
@@ -889,13 +889,8 @@ NTSTATUS set_sd(files_struct *fsp, struct 
security_descriptor *psd,
 
/* Ensure we have at least one thing set. */
if ((security_info_sent  
(SECINFO_OWNER|SECINFO_GROUP|SECINFO_DACL|SECINFO_SACL)) == 0) {
-   if (security_info_sent  SECINFO_LABEL) {
-   /* Only consider SECINFO_LABEL if no other
-  bits are set. Just like W2K3 we don't
-  store this. */
-   return NT_STATUS_OK;
-   }
-   return NT_STATUS_INVALID_PARAMETER;
+   /* Just like W2K3 */
+   return NT_STATUS_OK;
}
 
/* Ensure we have the rights to do this. */


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v4-1-test updated

[Karolin Seeger]

The branch, v4-1-test has been updated
   via  4bf25ec nsswitch: Add OPT_KRB5CCNAME to avoid an error message.
   via  597846c s3: Remove old mode special substitution.
   via  1ed811b s4:server: avoid calling into nss_winbind from within 
'samba'
   via  8925c93 s4:rpc_server: make sure we don't terminate a connection 
with pending requests (bug #9820)
   via  3f86c28 s4-winbindd: Do not terminate a connection that is still 
pending (bug #9820)
   via  8e4d407 service_stream: Log if the connection termination is 
deferred or not (bug #9820)
   via  30b8af7 Fix bug 9678 - Windows 8 Roaming profiles fail
   via  2b6a6fd security.idl: add new security_secinfo bits
   via  34e6d50 samba-tool dbcheck: Correctly remove deleted DNs in dbcheck
   via  d0e3791 dsdb: Include MS-ADTS doc references on deleted object 
contstraints
   via  0a2a985 dsdb tests: Add member/memberOf checking to delete_objects 
testing
   via  7004a3d dsdb: Improve DRS deleted link source/target handing in 
repl_meta_data
   via  d6e1e12 dsdb: Ensure we always force deleted objects back under the 
deleted objects DN
   via  042b3e5 dsdb/repl_meta_data: split out replmd_deletion_state()
   via  20d8a33 dsdb: Prune deleted objects of links and extra attributes 
of replicated deletes
   via  a0a3b58 torture/drs: Expand an error message to aid debugging
   via  071b36b dsdb/samdb: use RECYCLED it implies DELETED...
   via  55f0779 selftest: ensure samba4.rpc.samr.large-dc.two.samr.many is 
always tested
   via  8cbc577 rpc_server-drsuapi: Improve comments and DEBUG lines
   via  5acbbd7 dsdb: Add assert in drepl_take_FSMO_role
   via  498c92d selftest: Ensure the DC has started and and got a RID set 
before we proceed
   via  6287ac3 dsdb-ridalloc: Rework ridalloc to return error strings 
where RID allocation fails
   via  e97dfe2 dsdb: Rework subtree_rename module to use recursive 
LDB_SCOPE_ONELEVEL searches
   via  75ef73f dsdb-descriptor: Do not do a subtree search unless we have 
child entries
   via  c4c3d7f Fix bug #10010 - Missing integer wrap protection in EA list 
reading can cause server to loop with DOS.
   via  2036f25 Fix bug #10010 - Missing integer wrap protection in EA list 
reading can cause server to loop with DOS.
  from  216b3f4 s4-lib/socket: Allocate a the larger sockaddr_un and not 
just a sockaddr_in in unixdom_get_my_addr()

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-1-test


- Log -
commit 4bf25ec6a10a458e29e98341a97848c9590502ad
Author: Andreas Schneider a...@samba.org
Date:   Fri Jul 26 15:36:02 2013 +0200

nsswitch: Add OPT_KRB5CCNAME to avoid an error message.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=10048

Reviewed-by: Günther Deschner g...@samba.org

Autobuild-User(master): Andreas Schneider a...@cryptomilk.org
Autobuild-Date(master): Fri Jul 26 17:40:26 CEST 2013 on sn-devel-104

Autobuild-User(v4-1-test): Karolin Seeger ksee...@samba.org
Autobuild-Date(v4-1-test): Mon Aug  5 22:14:36 CEST 2013 on sn-devel-104

commit 597846ca89fe83dbd9c7875e31db185fb34e7e41
Author: Alexander Werth alexander.we...@de.ibm.com
Date:   Tue Jul 9 17:14:08 2013 +0200

s3: Remove old mode special substitution.

The mode special substitution now happens in a separate function.
The substitution at this point is unnecessary.

Reviewed-by: Andrew Bartlett abart...@samba.org
Reviewed-by: Christian Ambach a...@samba.org

Autobuild-User(master): Christian Ambach a...@samba.org
Autobuild-Date(master): Tue Jul 16 00:52:26 CEST 2013 on sn-devel-104
(cherry picked from commit 9b2aa351ceb756d6ea63f3158f0e983ae7262da8)

Fix bug #10045 - Remove a redundant inlined substitution of ACLs.

commit 1ed811b598618421fb4ce4ba0677802fb52a65f9
Author: Stefan Metzmacher me...@samba.org
Date:   Wed Jul 10 14:48:18 2013 +0200

s4:server: avoid calling into nss_winbind from within 'samba'

The most important part is that the 'winbind_server' doesn't
recurse into itself. This could happen if the krb5 libraries
call getlogin().

As we may run in single process mode, we need to set
_NO_WINBINDD=1 everywhere, the only exception is the forked
'smbd'.

Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andrew Bartlett abart...@samba.org

Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Wed Jul 10 23:18:06 CEST 2013 on sn-devel-104
(cherry picked from commit 596b51c666e549fb518d92931d8837922154a2fe)

The last 4 patches address bug #9820 - crash of winbind after ls -l
/usr/local/samba/var/locks/sysvol.

commit 8925c93f3e1df4886554340ef2edd3d3c81d5ecf
Author: Stefan Metzmacher me...@samba.org
Date:   Tue Jul 9 16:38:59 2013 +0200

s4:rpc_server: make sure we don't 

[SCM] Samba Shared Repository - branch master updated

[Matthieu Patou]

The branch, master has been updated
   via  0602009 pyldb: decrement ref counters on py_results and quiet 
warnings
  from  c4cba82 Fix bug #10010 - Missing integer wrap protection in EA list 
reading can cause server to loop with DOS.

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit 0602009b999142187d74b74be13de8c7f64c7b24
Author: Matthieu Patou m...@matws.net
Date:   Wed Dec 26 21:36:50 2012 -0800

pyldb: decrement ref counters on py_results and quiet warnings

Signed-off-by: Matthieu Patou m...@matws.net
Reviewed-by: Jelmer Vernooij jel...@samba.org

Autobuild-User(master): Matthieu Patou m...@samba.org
Autobuild-Date(master): Tue Aug  6 00:32:46 CEST 2013 on sn-devel-104

---

Summary of changes:
 lib/ldb/pyldb.c |4 
 1 files changed, 4 insertions(+), 0 deletions(-)


Changeset truncated at 500 lines:

diff --git a/lib/ldb/pyldb.c b/lib/ldb/pyldb.c
index 8c9d6b9..ec6c7d0 100644
--- a/lib/ldb/pyldb.c
+++ b/lib/ldb/pyldb.c
@@ -3088,6 +3088,8 @@ static int py_module_request(struct ldb_module *mod, 
struct ldb_request *req)
py_result = PyObject_CallMethod(py_ldb, discard_const_p(char, 
request),
discard_const_p(char, ));
 
+   Py_XDECREF(py_result);
+
return LDB_ERR_OPERATIONS_ERROR;
 }
 
@@ -3099,6 +3101,8 @@ static int py_module_extended(struct ldb_module *mod, 
struct ldb_request *req)
py_result = PyObject_CallMethod(py_ldb, discard_const_p(char, 
extended),
discard_const_p(char, ));
 
+   Py_XDECREF(py_result);
+
return LDB_ERR_OPERATIONS_ERROR;
 }
 


-- 
Samba Shared Repository

autobuild: intermittent test failure detected

[autobuild]

The autobuild test system has detected an intermittent failing test in 
the current master tree.

The autobuild log of the failure is available here:

   http://git.samba.org/autobuild.flakey/2013-08-06-0138/flakey.log

The samba3 build logs are available here:

   http://git.samba.org/autobuild.flakey/2013-08-06-0138/samba3.stderr
   http://git.samba.org/autobuild.flakey/2013-08-06-0138/samba3.stdout

The source4 build logs are available here:

   http://git.samba.org/autobuild.flakey/2013-08-06-0138/samba.stderr
   http://git.samba.org/autobuild.flakey/2013-08-06-0138/samba.stdout
  
The top commit at the time of the failure was:

commit c4cba824d9e4bb31e1b6a901e994ffdfd3ad522e
Author: Jeremy Allison j...@samba.org
Date:   Thu Jul 11 09:36:01 2013 -0700

Fix bug #10010 - Missing integer wrap protection in EA list reading can 
cause server to loop with DOS.

Fix client-side parsing also. Found by David Disseldorp dd...@suse.de

Signed-off-by: Jeremy Allison j...@samba.org

Autobuild-User(master): Karolin Seeger ksee...@samba.org
Autobuild-Date(master): Mon Aug  5 14:39:04 CEST 2013 on sn-devel-104

[SCM] Samba Shared Repository - branch master updated

[Jeremy Allison]

The branch, master has been updated
   via  eb50fb8 FSCTL_GET_SHADOW_COPY_DATA: Don't return 4 extra bytes at 
end
   via  30e724c FSCTL_GET_SHADOW_COPY_DATA: Initialize output array to zero
   via  270d29a s3:smbd: allow info class SMB_QUERY_FS_ATTRIBUTE_INFO to 
return partial data
   via  ec46f6b s3:smbd: allow info class SMB_QUERY_FS_VOLUME_INFO to 
return partial data
   via  616777f s3:smbd: allow status code in smbd_do_qfsinfo() to be set 
by information class handler
   via  a91d2b0 s3:smbd: allow GetInfo responses with 
STATUS_BUFFER_OVERFLOW to return partial, but valid data
   via  a93f9c3 s3:smbd: return NT_STATUS_INFO_LENGTH_MISMATCH for GetInfo 
in case output_buffer_length is too small
  from  0602009 pyldb: decrement ref counters on py_results and quiet 
warnings

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit eb50fb8f3bf670bd7d1cf8fd4368ef4a73083696
Author: Christof Schmitt christof.schm...@us.ibm.com
Date:   Mon Aug 5 11:21:59 2013 -0700

FSCTL_GET_SHADOW_COPY_DATA: Don't return 4 extra bytes at end

labels_data_count already accounts for the unicode null character at the
end of the array. There is no need in adding space for it again.

Signed-off-by: Christof Schmitt christof.schm...@us.ibm.com
Reviewed-by: Jeremy Allison j...@samba.org
Reviewed-by: Simo Sorce i...@samba.org

Autobuild-User(master): Jeremy Allison j...@samba.org
Autobuild-Date(master): Tue Aug  6 04:03:17 CEST 2013 on sn-devel-104

commit 30e724cbff1ecd90e5a676831902d1e41ec1b347
Author: Christof Schmitt christof.schm...@us.ibm.com
Date:   Mon Aug 5 11:16:22 2013 -0700

FSCTL_GET_SHADOW_COPY_DATA: Initialize output array to zero

Otherwise num_volumes and the end marker can return uninitialized data
to the client.

Signed-off-by: Christof Schmitt christof.schm...@us.ibm.com
Reviewed-by: Jeremy Allison j...@samba.org
Reviewed-by: Simo Sorce i...@samba.org

commit 270d29a743a030653037cb176f3764bec3c79b6c
Author: Ralph Wuerthner ralph.wuerth...@de.ibm.com
Date:   Wed Jul 10 16:43:39 2013 +0200

s3:smbd: allow info class SMB_QUERY_FS_ATTRIBUTE_INFO to return partial data

Reviewed-by: Jeremy Allison j...@samba.org
Reviewed-by: Volker Lendecke volker.lende...@sernet.de

commit ec46f6b91941e38dd92f8e0fb0f278592e3157b6
Author: Ralph Wuerthner ralph.wuerth...@de.ibm.com
Date:   Wed Jul 10 15:52:06 2013 +0200

s3:smbd: allow info class SMB_QUERY_FS_VOLUME_INFO to return partial data

Reviewed-by: Jeremy Allison j...@samba.org
Reviewed-by: Volker Lendecke volker.lende...@sernet.de

commit 616777f029e462f53c5118d79de8c6405a5fb7c1
Author: Ralph Wuerthner ralph.wuerth...@de.ibm.com
Date:   Fri Jul 5 11:32:27 2013 +0200

s3:smbd: allow status code in smbd_do_qfsinfo() to be set by information 
class handler

Reviewed-by: Jeremy Allison j...@samba.org
Reviewed-by: Volker Lendecke volker.lende...@sernet.de

commit a91d2b05bab329a8a9772c2c79a3b1e02933182e
Author: Ralph Wuerthner ralph.wuerth...@de.ibm.com
Date:   Fri Jul 5 11:03:16 2013 +0200

s3:smbd: allow GetInfo responses with STATUS_BUFFER_OVERFLOW to return 
partial, but valid data

Reviewed-by: Jeremy Allison j...@samba.org
Reviewed-by: Volker Lendecke volker.lende...@sernet.de

commit a93f9c3d33e442c84d0c9da7eb5d25ca4b54fc33
Author: Ralph Wuerthner ralph.wuerth...@de.ibm.com
Date:   Wed Jul 10 08:59:58 2013 +0200

s3:smbd: return NT_STATUS_INFO_LENGTH_MISMATCH for GetInfo in case 
output_buffer_length is too small

Reviewed-by: Jeremy Allison j...@samba.org
Reviewed-by: Volker Lendecke volker.lende...@sernet.de

---

Summary of changes:
 source3/modules/vfs_default.c |6 +++---
 source3/smbd/smb2_getinfo.c   |   18 +++---
 source3/smbd/trans2.c |   15 ++-
 3 files changed, 32 insertions(+), 7 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/modules/vfs_default.c b/source3/modules/vfs_default.c
index 82d059c..304ef37 100644
--- a/source3/modules/vfs_default.c
+++ b/source3/modules/vfs_default.c
@@ -1141,7 +1141,7 @@ static NTSTATUS vfswrap_fsctl(struct vfs_handle_struct 
*handle,
if (!labels) {
*out_len = 16;
} else {
-   *out_len = 12 + labels_data_count + 4;
+   *out_len = 12 + labels_data_count;
}
 
if (max_out_len  *out_len) {
@@ -1151,7 +1151,7 @@ static NTSTATUS vfswrap_fsctl(struct vfs_handle_struct 
*handle,
return NT_STATUS_BUFFER_TOO_SMALL;
}
 
-   cur_pdata = talloc_array(ctx, char, *out_len);
+   cur_pdata = talloc_zero_array(ctx, char, *out_len);
if (cur_pdata ==