This patch merges some missing code from 1.2.4.4 on APPLIANCE_HEAD
into head, fixing a bug in the parser for lpq output.
Basically we're trying to concatenate several fields into a single
string, but the calculation of the amount of space remaining is wrong.
This causes a crash when there are
This patch backports LPRng_time() from HEAD to APPLIANCE_HEAD without
modification. As the comment says, it allows Samba to parse LPRng
output that supplies either just a time, or a date and time.
(I believe this fixes HP CR 594, because the lpr on that box supplies
a date.)
I'm not committing
I found these while investigating a distcc portability bug. Anyone
interested in getting stuff running on HP/UX might find it
interesting.
http://devrsrc1.external.hp.com/STKL/inhibitors.html
--
Martin
You see, in the unix world, system means a bunch of unrelated programs.
-- Steve
I'll write up a short page describing how to use them, unless Jerry
particularly wants to do it.
- Forwarded message from [EMAIL PROTECTED] -
From: [EMAIL PROTECTED]
Subject: Suggestion: describe (or link to) how to verify your distributions
Date: Fri, 22 Nov 2002 20:21:38 GMT
To:
On 22 Nov 2002, Steve Langasek [EMAIL PROTECTED] wrote:
On Fri, Nov 22, 2002 at 12:56:39PM -0800, Martin Pool wrote:
I'll write up a short page describing how to use them, unless Jerry
particularly wants to do it.
In five words or less, from the gpg manpage:
$ gpg --verify samba-2.2.7
- Forwarded message from [EMAIL PROTECTED] -
From: [EMAIL PROTECTED]
Subject: security suggestion continued...
Date: Fri, 22 Nov 2002 21:01:35 GMT
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Following up my prior message, I actually found a nice reference on
how to verify samba
On 22 Nov 2002, Martin Pool [EMAIL PROTECTED] wrote:
On 22 Nov 2002, Steve Langasek [EMAIL PROTECTED] wrote:
On Fri, Nov 22, 2002 at 12:56:39PM -0800, Martin Pool wrote:
I'll write up a short page describing how to use them, unless Jerry
particularly wants to do it.
In five words
On 22 Nov 2002, Steve Langasek [EMAIL PROTECTED] wrote:
Hmm. I see nine signatures already, and I have a full trust relationship
to the key which traverses multiple paths through the keyring, the
shortest of which is only three hops long, despite never having met a
member of the Samba Team.
Incidentally, this form is pretty useful when trying to establish the
validity of a key. It would be nice if it were available from a GUI.
gpg --list-sig A0B3E88B|awk '/id not found/ { print $2 }' |sort -u |xargs gpg
--recv-key
--
Martin
msg04563/pgp0.pgp
Description: PGP signature
On 22 Nov 2002, Steve Langasek [EMAIL PROTECTED] wrote:
On Fri, Nov 22, 2002 at 03:16:09PM -0600, David W. Chapman Jr. wrote:
On Fri, Nov 22, 2002 at 01:08:39PM -0800, Martin Pool wrote:
Yeah, sure, but:
What does this all mean? Why should I care?
Where do I get GPG?
Where
From: J Schroeder [EMAIL PROTECTED]
Subject: Urgent Unix Support Requirement for Frankfurt
Date: Wed, 27 Nov 2002 13:21:37 +0100
Hi.
If any of you guys are looking (or know of anyone looking) for a new
position in Frankfurt, I have a colleague looking for several Unix
Support people there.
I found a data-corruption bug in ccache a few weeks ago relating to
incorrect handling of wait() status codes, so I thought I would do a
quick check for similar things in Samba.
A patch is included:
- several cases where child process failure is not detected
- one inverted boolean
- better
On 9 Jan 2003, [EMAIL PROTECTED] wrote:
Thanks for checking it.
Part of this (the smbd/chgpasswd.c patch) is incorrect I think.
You have changed the line :
if (WIFEXITED(wstat) == 0) {
...
return False;
}
to
if (WIFEXITED(wstat)) {
...
return False;
}
I'm looking at jra's 1.33.2.16 change to winbindd_cmd.c in relation to
hp CR1501.
I think there are some problems with the way the mutex reference count
is handled. I'm not sure what is the cleanest way to fix it.
The mutexes are implemented on top of fcntl locks, which cannot be
nested.
This patch is meant to fix the case where we repeatedly fail to
acquire the mutex for opening the connection. At the moment the code
proceeds with neither the new_conn- or result variables initialized,
which I'm pretty sure is a bug.
I don't know if this is the most appropriate status code but
Here's my idea for fixing this in appliance-head, without reworking
the mutex reference count.
Basically it tries to
- avoid undefined behaviour in the case where we fail to acquire the
mutex
- avoid leaking locks in the case where we fail to connect to the
server
- avoid releasing
Re-running ./configure (e.g. to change --disable options) in a build
directory seems to cause builds to fail with these errors:
lib/username.o(.text+0x654): In function `user_in_netgroup_list':
: undefined reference to `yp_get_default_domain'
lib/access.o(.text+0x163): In function `string_match':
This is the patch adapted to APPLIANCE_HEAD.
Index: configure.in
===
RCS file: /data/cvs/samba/source/configure.in,v
retrieving revision 1.130.2.21
diff -u -u -p -r1.130.2.21 configure.in
--- configure.in13 Jan 2003 04:57:01
By the way, these both work with autoconf2.13 and 2.57.
--
Martin
On 14 Jan 2003, [EMAIL PROTECTED] wrote:
get_mutex:
ServerReqChallenge
ServerAuthenticate2
release_mutex:
Yes, that's what we meant.
I hypothesized to ab that in NT there is some kind of table
indexed by IP (or client name?) holding the challenges. I wonder why?
speculation
On 10 Jan 2003, Andrew Bartlett [EMAIL PROTECTED] wrote:
I think that the connection mutex should be sorted out in
cli_full_connection(), rather than in individual apps. Then we can grab
the mutex for netlogon when operating on that pipe, but I really think
that end should be separate.
Yes,
On 16 Jan 2003, Andrew Bartlett [EMAIL PROTECTED] wrote:
Win2k has a bug (feature?) where there is a connection reset if there is
a second connection from the SAME IP, before the first
session-setup.
So an unprivileged process on the client can cause a local denial of
service just by
hp CR 1548
This patch fixes a problem I observed where there were error messages
relating to getpwent /usr/bin/passwd, which is obviously a pretty
unlikely username. Investigation showed that the problem comes from
the 1.247.2.52 patch to loadparm.c (appliance_head only), which
replaces some
On 17 Jan 2003, Martin Pool [EMAIL PROTECTED] wrote:
It seems that in the current code any caller to the lp_*_dos()
functions will get the wrong value!
Correction: only the global lp_*dos parameters.
Specfically:
1583:FN_GLOBAL_STRING_DOS(lp_serverstring_dos, Globals.szServerString
On 19 Jan 2003, Christian Jaeger [EMAIL PROTECTED] wrote:
Hello
I don't have the time to pursue this further at the moment, just
wanted to note it:
The arguments syntax of smbmount 2.2.3a (smbfs of Debian stable)
requires that one gives -o before further options like username=...
.
hp CR1501 and friends
This patch tries to make winbindd cope with the security option
'restrict anonymous=1' on NT4 and W2kS. When this option is set, the
DC disallows SAMR calls on unauthenticated connections, but does allow
LSA translations between names and sids.
Obviously winbindd can't
On 16 Jan 2003, [EMAIL PROTECTED] wrote:
On Thu, Jan 16, 2003 at 01:07:34AM -0500, Michael Bennett wrote:
[setregid() fails]
So... comments? Does the patch Do The Right Thing? Think this patch or
something similar could get merged sometime? :)
A patch like that would get accepted
Because of the enormous amount of traffic being generated by Windows
viruses[0] I have turned on Mailman attachment filtering on the
high-traffic samba.org lists.
Lists will now pass only text/plain MIME parts through to the list.
multipart/alternative messages with both text and html forms will
Following on from the bug in winbindd this morning I did a quick grep
for umask.
In HEAD/client/client.c main(), there is a pair of calls to umask. It
looks to me like they're trying to retrieve the current umask without
changing it. However, the retrieved value is never used. (Did I miss
In addition, wrepld sets its umask to 0. Is that really necessary?
--
Martin
On 7 Feb 2003, Boyce, Nick [EMAIL PROTECTED] wrote:
Thanks - that was it. I now have a script /usr/local/bin/winbind, which
does
umask 000
/etc/init.d/winbind $1
umask 027
and everything is working ok now - I can stop restart winbind to my
heart's content without any problem
On 11 Feb 2003, Pierre Belanger [EMAIL PROTECTED] wrote:
What is it? I have my own comments at the end ...
From the documentation I wrote (even if I'm French I think it's not
that bad!?!?!?):
This looks good to me.
Would it be possible to do this as a PAM module called by Samba?
(Possibly
The Samba 3.0 roadmap mentions this as a wishlist item for 3.x. I'm
interested in looking at it.
Has anybody else already worked on it?
It seemed like it would involve a separate smbd process repeatedly
parsing the output of lpq and feeding it into a database, rather than
this being done
On 11 Feb 2003, Gerald (Jerry) Carter [EMAIL PROTECTED] wrote:
It seemed like it would involve a separate smbd process repeatedly
parsing the output of lpq and feeding it into a database, rather than
this being done on-demand from a regular smbd child. I suppose when
some change is
On 12 Feb 2003, Tim Potter [EMAIL PROTECTED] wrote:
My idea which I've probably told a couple of you is to use kernel
dnotify stuff to work out when jobs are spooled or removed. So a
daemon would get a signal when a spool file is created and add that to
printing.tdb. When the file completes
On 12 Feb 2003, Andrew Bartlett [EMAIL PROTECTED] wrote:
Because we don't have the old password, doing this via PAM doesn't
work. The pam_cracklib module doesn't apply the test if it's run as
root, and won't run without the old password as a normal user.
I know it won't work with the
I've set up a cron script to autogenerate Doxygen from HEAD, 2_2 and
APPLIANCE_HEAD on samba.org:
http://samba.org/doxygen/
This rebuilds every day from the anoncvs checkout.
Thanks to Andrew for reminding me to do this.
--
Martin
On 12 Feb 2003, Michael Steffens [EMAIL PROTECTED] wrote:
It's 60 by default after installation, but is tunable (with reboot).
Maybe hp should sell per-fd licences :-/
The solution (and this should also work on other platforms) was to
have winbindd housekeep its client connections by
rpcclient.c/process_cmd has
if (cmd[strlen(cmd) - 1] == '\n')
cmd[strlen(cmd) - 1] = '\0';
if (!next_token(p, buf, , sizeof(buf))) {
return NT_STATUS_OK;
}
/* strip the trainly \n if it exsists */
len =
On 12 Feb 2003, [EMAIL PROTECTED] wrote:
$ cvs log -r1.9.2.14 tdb/tdbutil.c
revision 1.9.2.14
date: 2002/11/27 01:51:43; author: jra; state: Exp; lines: +21 -25
SMBencrypt needs dos codepage also. Change tdb_pack/unpack to take a
function pointer applied to all strings if it
On 12 Feb 2003, Ronan Waide [EMAIL PROTECTED] wrote:
Samba HEAD
Looks like it's triggered by not closing quotes:
[root@workst1 root]# rpcclient -U admin%passwd -W GROUP workst1 -d2
added interface ip=192.168.168.250 bcast=192.168.168.255 nmask=255.255.255.0
rpcclient $ adddriver Windows
On 13 Feb 2003, Gerald (Jerry) Carter [EMAIL PROTECTED] wrote:
Hash: SHA1
On Thu, 13 Feb 2003, Martin Pool wrote:
rpcclient.c/process_cmd has
if (cmd[strlen(cmd) - 1] == '\n')
cmd[strlen(cmd) - 1] = '\0';
if (!next_token(p, buf, , sizeof(buf
On 14 Feb 2003, Andrew Bartlett [EMAIL PROTECTED] wrote:
a) If we want the password-quality script to handle this,
I think we'll all agree, storing clear text password is really
not a good idea. Perhaps the interface should provide the new
encrypted passwords to the external
On 14 Feb 2003, Andrew Bartlett [EMAIL PROTECTED] wrote:
Do we even need to save the decrypted password?
A colleague once saved old encrypted passwords
to allow the do they really know the old one
test to be done via challange-response.
Different scripts might want to
In several cases, the return code from string_to_sid is not checked.
So if the user enters a syntactically invalid SID, the program will
proceed to use uninitialized data.
This patch checks for a few such cases that I found. Can somebody
please review it?
Index: groupdb/mapping.c
On 17 Feb 2003, Boyce, Nick [EMAIL PROTECTED] wrote:
OK - I've been trying to apply the patch that Tim posted (to supersede
Martin's first cut) to the Samba 2.2.7a source file for util_sock.c, but get
errors applying the patch no matter what I do.
Thanks for trying that.
I guess the posted
On 17 Feb 2003, Boyce, Nick [EMAIL PROTECTED] wrote:
Here's what I get if I apply the posted patch :
As I said I'll send you an update just for 2.2. But in general, in
case you're interested, here are some tips on applying mismatched
patches:
MYBOX:/usr/local/src/samba-2.2.7a/source/lib#
StrCaseCmp (and strequal) in HEAD has the interesting side-effect that it only
compares the first PSTRING_LEN (1024) bytes of the strings.
I suppose comparing strings longer than that is probably a bit
unlikely, but it still seems kind of dangerous.
Would it be OK to change it to use dynamic
On 18 Feb 2003, Andrew Bartlett [EMAIL PROTECTED] wrote:
Possibly only for long strings? But then that is probably
micro-optimization.
If we really cared about optimizing this function, then we would
compare character-by-character rather than converting both strings to
uppercase first.
On 17 Feb 2003, [EMAIL PROTECTED] wrote:
Does anyone know how to detect a truu64 system in configure.in ?
I'm going through my patchlist and there is a big optimisation that
can be done on systems where the getgrnam() call works (True64 is
listed as the only broken system) and I'd like to add
Is there any kind of consensus (he says, hopefully) that Doxygen is a
good idea? If I'm looking at code is it OK to cleanup comments into
standard form?
--
Martin
On 18 Feb 2003, [EMAIL PROTECTED] wrote:
What exactly do you want to do here ? I'm not clear what
you mean?
The thing I noticed is that StrCaseCmp (and indeed many charcnv
function) truncate strings to 1024 characters.
I got here following a Valgrind assertion which may or may not be
On 18 Feb 2003, Boyce, Nick [EMAIL PROTECTED] wrote:
I'm sorry - I'm probably doing something dumb, but I still get failures even
with this patch - first, if I save the patch as it appeared in my Outlook
window, then line 25 consists of a single left brace char, which results in
:
You can
On 20 Feb 2003, Stefan (metze) Metzmacher [EMAIL PROTECTED] wrote:
and the backtrace:
#0 0x40325079 in wait4 () from /lib/libc.so.6
#1 0x4039d944 in __DTOR_END__ () from /lib/libc.so.6
#2 0x402c80e6 in system () from /lib/libc.so.6
#3 0x08183e8c in smb_panic (why=0x8221974 internal
What is the commit policy for 3.0? Should all changes be moved from
HEAD except ones that are explicitly too risky? Or only bug fixes?
What about documentation?
--
Martin
After talking to Tim, I wanted to start committing to HEAD some test
harnesses that will exercise internal bits of Samba, such as
StrCaseCmp to start with.
These will be small C files that link to -lbigballofmud and allow
particular functions to be exercised from the command line, with a
view
On 19 Feb 2003, HAKIZIMANA Claude [EMAIL PROTECTED] wrote:
Can you help me?
You need to ask this kind of question on the users list,
[EMAIL PROTECTED]
--
Martin
util_unistr.c/init_valid_table in HEAD and 3.0 causes a 64k leak every
time the configuration is loaded if there is no valid.dat file
installed. (The pointer to the malloc'd valid_table is clobbered by
the call to map_file.)
It looks like it is intended that the valid table be recreated on each
On 21 Feb 2003, Marco Eyzaguirre [EMAIL PROTECTED] wrote:
I have a win2000 domain controller in subnet 172.17.0.x and a linux
server in 172.17.20.x (DHCP assign) The DC not solve the ip /
netbiosname relation (A record i think..) like a win98 / NT /2000
If i ping the linux server from
I was thinking about Andrew's fstring-overflow patch from a few weeks
ago: for developer builds, it touches the last byte of a string buffer
to check that it's as long as it should be.
This should be reasonably helpful in catching string overflows on the
heap, but not so good on the stack,
On 8 Mar 2003, Andrew Bartlett [EMAIL PROTECTED] wrote:
On Sat, 2003-03-08 at 21:20, Tim Potter wrote:
On Sat, Mar 08, 2003 at 09:10:23PM +1100, Andrew Bartlett wrote:
Is there any reason I should not apply this patch to Samba HEAD?
I think the patch was eaten by Mailman. Please
On 9 Mar 2003, Scott Prive [EMAIL PROTECTED] wrote:
Thanks Tim. So far, most of the tests I've seen in CVS are unit- or
small-tests, but as a software tester I'm more interested in integration
tests... which it sounds like you and Martin are working on.
Our framework is intended to
I've been testing injection of many jobs (thousands) into a print
queue, and am noticing that appliance_head samba seems to spend heaps
of time in print_queue_update, trying to reconcile the output of lpq
with samba's database.
In particular, this is causing smbspool to give warnings because
tdb (all branches) has the behaviour that when opening an existing
database, if you don't specify the right hash size, the open will fail
with EIO.
This means for example that tdbtool can't open printing tdbs after
jra's change to increase their has size to 5000.
Wouldn't it be reasonable to
On 11 Mar 2003, [EMAIL PROTECTED] wrote:
Doh ! Yeah, that's a really good idea. Wish I'd thought of it :-).
Good, I'll send you a patch then.
It would make the stress tests of a certain person in Roseville
much harder to destroy Samba :-).
I imagine her work as being similar to somebody
If you use tdbs under valgrind, and in particular if you run
tdbtorture, you may get spurious uninitialized value warnings. I
think this is because valgrind doesn't understand that the mmap'd area
may be written to by other processes. Memory can, from the point of
view of the grinded process,
Some files have a little valgrind_strlen function in there, I suppose
to work around a Valgrind bug. Does anyone know what the bug was?
There might be a cleaner solution.
--
Martin
Please let's have this conversation on the list.
I have Martin's notes.txt (Notes on Samba Testing Framework for
Unittests). I think I misunderstood, and assumed there was a working (if
immature) basic framework that hadn't been checked in yet.
OK, we're at the planning stage? Some
On 13 Mar 2003, [EMAIL PROTECTED] wrote:
2 - Use IO not mmap when running under valgrind. Not so nice.
thats why we have the 'use mmap = no' smb.conf option. It seems to
work quite well and is fast enough for testing.
OK, thanks.
--
Martin
Does anyone know about this?
- Forwarded message from Larry Urquhart [EMAIL PROTECTED] -
From: Larry Urquhart [EMAIL PROTECTED]
Subject: amigasamba
Date: Wed, 12 Mar 2003 21:28:49 -0800
To: [EMAIL PROTECTED]
User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en-US; rv:1.0.2)
On 17 Mar 2003, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
checking whether to use included popt... ./popt
checking configure summary... configure: error: summary failure.
Aborting config
Have a look in config.log. If you can't work out what's wrong from
that, post the *relevant*
For developer mode, this seems to be the same as safe_strcpy: we
clobber the specified region at runtime. Otherwise, it skips the
static CHECK_STRING_SIZE call.
I think this is meant to allow you to call it passing the address of
an array whose size is less than the maxlength passed to
I just noticed this in the libc manual.
http://www.gnu.org/manual/glibc-2.2.5/html_node/Backtraces.html
It could be pretty cool to have this built in to smb_panic().
--
Martin
On 20 Mar 2003, Richard Sharpe [EMAIL PROTECTED] wrote:
On Fri, 21 Mar 2003, Martin Pool wrote:
I just noticed this in the libc manual.
http://www.gnu.org/manual/glibc-2.2.5/html_node/Backtraces.html
It could be pretty cool to have this built in to smb_panic
74 matches
Mail list logo
