VERSION: Disable GIT_SNAPSHOT for the 4.13.2 release.

Signed-off-by: Karolin Seeger <kseeger@samba.org>

WHATSNEW: Add relase notes for Samba 4.13.2.

Signed-off-by: Karolin Seeger <kseeger@samba.org>

s3: modules: vfs_glusterfs: Fix leak of char **lines onto mem_ctx on return.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14486

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Nov  3 01:56:59 UTC 2020 on sn-devel-184

(cherry picked from commit 7d846cd178d653600c71ee4bd6a491a9e48a56da)

Autobuild-User(v4-13-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-13-test): Tue Nov  3 10:16:27 UTC 2020 on sn-devel-184

s3-vfs_glusterfs: refuse connection when write-behind xlator is present

s3-vfs_glusterfs: refuse connection when write-behind xlator is present

Once the new glusterfs api is available we will programmtically disable
the translator, for now we just refuse the connection as there is
a potential for serious data damage.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14486

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Pair-Programmed-With: Sachin Prabhu <sprabhu@redhat.com>
Pair-Programmed-With: Anoop C S <anoopcs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Nov  2 21:40:33 UTC 2020 on sn-devel-184

(cherry picked from commit 2a49ccbcf5e3ff0f6833bcb7f04b800125f1783f)

docs-xml/manpages: Add warning about write-behind translator for vfs_glusterfs

Add warning about data corruption with the write-behind translator.

The data corruption is highlighted by the smbtorture test smb2.rw.rw1.
More information about this data corruption issue is available in the
bz.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14486

Signed-off-by: Sachin Prabhu <sprabhu@redhat.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit 08f8f665d409ee7b93840c25a8142f2ce8bacfa1)

s4:torture: Pass buffer correctly to write()

../../source4/torture/basic/denytest.c: In function ‘torture_createx_specific.isra’:
../../source4/torture/basic/denytest.c:2372:9: error: ‘write’ reading 56 bytes from a region of size 8 [-Werror=stringop-overflow=]
 2372 |   res = write(data_file_fd, &cxd, cxd_len);
      |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14555

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 5f92ec6988d2f4c20eab9449cbe17317588f6634)

Autobuild-User(v4-13-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-13-test): Fri Oct 30 13:53:37 UTC 2020 on sn-devel-184

DNS Resolver: support both dnspython before and after 2.0.0

`dnspython` 2.0.0 has many changes and several deprecations like:

```
> dns.resolver.resolve() has been added, allowing control of whether
search lists are used. dns.resolver.query() is retained for backwards
compatibility, but deprecated. The default for search list behavior can
be set at in the resolver object with the use_search_by_default
parameter. The default is False.

> dns.resolver.resolve_address() has been added, allowing easy
address-to-name lookups.
```

The new class `DNSResolver`:
- provides the compatibility layer
- defaults the previous behavior (the search list configured in the
  system's resolver configuration is used for relative names)
- defaults lifetime to 15sec (determines the number of seconds
  to spend trying to get an answer to the question)

The compatibility shim was developed by Stanislav Levin for FreeIPA and
adopted for Samba by Alexander Bokovoy.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14553

Signed-off-by: Stanislav Levin <slev@altlinux.org>
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 183d5d63f4b40accda3b3ffc980fea391612f964)

ctdb-common: Avoid aliasing errors during code optimization

When compiling with GCC 10.x and -O3 optimization, the IP checksum
calculation code generates wrong checksum.  The function uint16_checksum
gets inlined during optimization and ip4pkt->tcp data gets wrongly
aliased.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14537

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Wed Oct 21 05:52:28 UTC 2020 on sn-devel-184

(cherry picked from commit 6aa396b0cd1f83f45cb76a4f3123d99135e8dd8c)

vfs_zfsacl: only grant DELETE_CHILD if ACL tag is special

When ZFS aclmode is set to "passthrough" chmod(2)/fchmod(2) will result
in special entries being modified in a way such that delete, delete_child,
write_named_attr, write_attribute are stripped from the returned ACL entry,
and the kernel / ZFS treats this as having rights equivalent to the desired
POSIX mode. Historically, samba has added delete_child to the NFSv4 ACL, but
this is only really called for in the case of special entries in this
particular circumstance.

Alter circumstances in which delete_child is granted so that it only
is added to special entries. This preserves the intend post-chmod behavior,
but avoids unnecessarily increasing permissions in cases where it's not
intended. Further modification of this behavior may be required so that
we grant a general read or general write permissions set in case of
POSIX read / POSIX write on special entries.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14471
RN: vfs_zfsacl: only grant DELETE_CHILD if ACL tag is special

Signed-off-by: Andrew Walker <awalker@ixsystems.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit c1a37b4f31d5252ce074d41f69e526aa84b0d3b3)

vfs_zfsacl: use a helper variable in zfs_get_nt_acl_common()

No change in behaviour.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14471

Pair-Programmed-With: Andrew Walker <awalker@ixsystems.com>
Signed-off-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Andrew Walker <awalker@ixsystems.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 13b4f913b06457d8e1f7cf71c85722bbecabd990)

vfs_zfsacl: README.Coding fix

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14471

Pair-Programmed-With: Andrew Walker <awalker@ixsystems.com>
Signed-off-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Andrew Walker <awalker@ixsystems.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit a182f2e6cdded739812e209430d340097acc0031)

vfs_zfsacl: Add new parameter to stop automatic addition of special entries

Prevent ZFS from automatically adding NFSv4 special entries (owner@, group@,
everyone@). ZFS will automatically add these these entries when calculating the
inherited ACL of new files if the ACL of the parent directory lacks an
inheriting special entry. This may result in user confusion and unexpected
change in permissions of files and directories as the inherited ACL is
generated. Blocking this behavior is achieved by setting an inheriting
everyone@ that grants no permissions and not adding the entry to the file's
Security Descriptor.

This change also updates behavior so that the fd-based syscall facl() is
used where possible.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14470
RN: vfs_zfsacl: Add new parameter to stop automatic addition of special entries

Signed-off-by: Andrew Walker <awalker@ixsystems.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit c10ae30c1185463eb937f69c1fc9914558087167)

vfs_zfsacl: use handle based facl() call to query ZFS filesytem ACL

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14470

Pair-Programmed-With: Andrew Walker <awalker@ixsystems.com>
Signed-off-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Andrew Walker <awalker@ixsystems.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit f763b1e43640082af80c855a4a519f7747a6c87c)

libndr: Avoid assigning duplicate versions to symbols

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14541

Symbols _ndr_push_error and _ndr_pull_error keep getting redefined as
they are included without wildcard in abi_match.  Apparently on linux ld
does not complain about duplicate symbols, but on freebsd ld fails to
link with following error:

  [ 918/3912] Linking bin/default/librpc/libndr.so
  ld: error: duplicate symbol '_ndr_pull_error' in version script
  ld: error: duplicate symbol '_ndr_push_error' in version script
  clang: error: linker command failed with exit code 1 (use -v to see invocation)

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 4cd195aafefb02b6921ea8439dd3897f8c74b012)

smb.conf.5: add clarification how configuration changes reflected by Samba

Users of Linux distributions know to read smb.conf(5) manual page but
apparently not many of them read smbd(8) and winbindd(8) to understand
how changes to smb.conf file are reflected in the running processes.

Add a small section that makes it clear where to find relevant
information. Also correct the information in smbd, nmbd, and winbindd
manual pages.

The interval at which smbd does check for smb.conf changes was increased
from 60 seconds to 180 seconds in 1999 with commit 3db52feb1f3b.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14538

Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
Autobuild-User(master): Alexander Bokovoy <ab@samba.org>
Autobuild-Date(master): Tue Oct 20 08:50:13 UTC 2020 on sn-devel-184

(cherry picked from commit e32846f0692df44b4ee929c5ed6ba1de88ec4bd2)

VERSION: Bump version up to 4.13.2.

Signed-off-by: Karolin Seeger <kseeger@samba.org>

Merge tag 'samba-4.13.1' into v4-13-test

samba: tag release samba-4.13.1

daemons: report status to systemd even when running in foreground

When systemd launches samba services, the configuration we have in
systemd service files expects that the main process (/usr/sbin/*)
would use sd_notify() to report back its status. However, we only use
sd_notify() when running become_daemon().

As a result, samba/smbd/winbindd/nmbd processes never report back its
status and the status updates from other childs (smbd, winbindd, etc)
are not accepted as we now have implied NotifyAccess=main since commit
d1740fb3d5a72cb49e30b330bb0b01e7ef3e09cc

This leads to a timeout and killing samba process by systemd. Situation
is reproducible in Fedora 33, for example.

Make sure that we have required status updates for all daemons in case
we aren't runnning in interactive mode.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14552

Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Oct 26 19:58:18 UTC 2020 on sn-devel-184

(cherry picked from commit 3e27dc4847bd35ca8914be087d5a8ca096510399)

Autobuild-User(v4-13-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-13-test): Tue Oct 27 10:50:29 UTC 2020 on sn-devel-184

VERSION: Disable GIT_SNAPSHOT for the 4.13.1 release.

o CVE-2020-14318: Missing handle permissions check in SMB1/2/3 ChangeNotify.
o CVE-2020-14323: Unprivileged user can crash winbind.
o CVE-2020-14383: An authenticated user can crash the DCE/RPC DNS with easily
                  crafted records.

Signed-off-by: Karolin Seeger <kseeger@samba.org>

WHATSNEW: Add release notes for Samba 4.13.1.

Signed-off-by: Karolin Seeger <kseeger@samba.org>

docs: fix default value of spoolss:architecture

"Windows x64" is the default here since a couple of years already.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14522

Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Oct  6 23:06:50 UTC 2020 on sn-devel-184

(cherry picked from commit c587685dde2448d1f68ada47ce5ad42b02a118ce)

provision: BIND 9.17.x is not supported

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14487

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Rowland Penny <rpenny@samba.org>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Thu Sep 24 05:55:43 UTC 2020 on sn-devel-184

(cherry picked from commit 1bccc67ce7c6364a95fbfeb095938522671578a8)

provision: Add support for BIND 9.16.x

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14487

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Rowland Penny <rpenny@samba.org>
(cherry picked from commit 5b2ccb1c7cad5cded5dad37a18a7d42c1680b2f7)

bind9-dlz: Add support for BIND 9.16.x

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14487

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Rowland Penny <rpenny@samba.org>
(cherry picked from commit ca3c18a236dedfdfbf225dcfcd0418f1634d8759)

provision: BIND 9.15.x is not supported

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14487

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Rowland Penny <rpenny@samba.org>
(cherry picked from commit 4d09797652059c3ed5b2a4f94f2181ce14d39972)

provision: Add support for BIND 9.14.x

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14487

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Rowland Penny <rpenny@samba.org>
(cherry picked from commit 016c1174ef783990f93e348ee82f5c989c43cbbf)

bind9-dlz: Add support for BIND 9.14.x

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14487

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Rowland Penny <rpenny@samba.org>
(cherry picked from commit a167a2154d4909e8e1f97d9f36d0e4c947f2d944)

provision: BIND 9.13.x is not supported

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14487

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Rowland Penny <rpenny@samba.org>
(cherry picked from commit 95278618829227632b2bcb29fc272e600607ea41)

bind9-dlz: Bind 9.13.x switched to using bool as isc_boolean_t instead of int.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14487

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Rowland Penny <rpenny@samba.org>
(cherry picked from commit cdb6c5d1eca1c0f6967941dbd1da07be6b53d302)

examples:auth: Do not install example plugin

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14550

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Oct 23 15:32:08 UTC 2020 on sn-devel-184

(cherry picked from commit 3b5b23ea848d82ec0a6d01d4e1cbb62c4c3cbb3b)

s3:modules: Do not install vfs modules only used for testing

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14550

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit 6e25613a3141000ac1b7e8edb146dfc320972e8b)

unittests: Mark test binaries for selftest

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14550

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit 2d89ddb012d1d84871da10a61a0449f88d4eba5e)

buildtools: Do not install binaries which are for selftest

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14550

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit 8fa0d3331b2b2c450d86bffec0a6f39320fcb8c0)

s3:script: Fix test_dfree_quota.sh

source3/script/tests/test_dfree_quota.sh: line 200: [: missing `]'

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14550

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit 9bc9f8ce66ef02d7d77cfd31dc2a72102d546d75)

third_party: Update resolv_wrapper to version 1.1.7

This fixes some Samba tests which redirect stderr to stdout and then get
more messages than expected.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14547

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit fbe58531a20cbbe0906f13e370329f3030d4ce96)

testprogs: Fix and improve upgradeprovision-oldrelease test

This fixes running `make test` in a release tarball!

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14542

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Oct 22 17:28:39 UTC 2020 on sn-devel-184

(cherry picked from commit 1432d225b0426e366649cde4837eff58ee95b0c8)

testprogs: Fix and improve dbcheck-oldrelease test

This fixes running `make test` in a release tarball!

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14542

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit 32305d607f43a84fa862f9f97c0dc1ea51b45ab7)

testprogs: Fix and improve functionalprep test

This fixes running `make test` in a release tarball!

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14542

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit 28720d66df017bfaadd44378dfffaaab4e30cf22)

testprogs: Fix and improve dbcheck-links test

This fixes running `make test` in a release tarball!

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14542

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit d8fe4315c85811ef3c5a1cfa42bf416bc1c8109e)

testprogs: Fix and improve runtime-links test

This fixes running `make test` in a release tarball!

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14542

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit a9765084f11eae991516f150d1cd1c2370854ec7)

testprogs: Fix and improve tombstones-expunge test

This fixes running `make test` in a release tarball!

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14542

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit e4194355f4c346179ceafe5086897c0c50c108d6)

testprogs: Fix and improve demote-saveddb test

This fixes running `make test` in a release tarball!

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14542

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit e58ccdaa1a1e5943aa02ecba88d1de0323777041)

testprogs: Add remove_directory to common test functions

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14542

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit 3770f28c6289a9328b81968a4548bfaeb8bd40aa)

python: Create targetdir recursively

This fixes `make test` in a release tarball.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14542

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit 76db796181419967a483bcd71fe0cca313ccaf82)

nsswitch/nsstest.c: Avoid nss function conflicts with glibc nss.h

glibc 2.32 will define these varibles [1] which results in conflicts
with these static function names, therefore prefix these function names
with samba_ to avoid it

[1] https://sourceware.org/git/?p=glibc.git;a=commit;h=499a92df8b9fc64a054cf3b7f728f8967fc1da7d

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
Autobuild-User(master): Noel Power <npower@samba.org>
Autobuild-Date(master): Tue Jul 28 10:52:00 UTC 2020 on sn-devel-184

(cherry picked from commit 6e496aa3635557b59792e469f7c7f8eccd822322)

s4:dsdb:acl_read: Implement "List Object" mode feature

See [MS-ADTS] 5.1.3.3.6 Checking Object Visibility

I tried to avoid any possible overhead for the common cases:

- SEC_ADS_LIST (List Children) is already granted by default
- fDoListObject is off by default

Overhead is only added if the administrator turned on
the fDoListObject feature and removed SEC_ADS_LIST (List Children)
from a parent object.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14531

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Oct 21 08:48:02 UTC 2020 on sn-devel-184

(cherry picked from commit 7223f6453b1b38c933c9480c637ffd06d9f39b97)

s4:dsdb:util: add dsdb_do_list_object() helper

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14531

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
(cherry picked from commit ffc0bdc6d49e88da1ee408956365da163ff3e1b2)

s4:dsdb:acl_read: defer LDB_ERR_NO_SUCH_OBJECT

We may need to return child objects even if the base dn
is invisible.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14531

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
(cherry picked from commit e1529bedb2b6c8553e69a42537ac0cffd03af6d6)

s4:dsdb:acl_read: make use of aclread_check_object_visible() for the search base

We should only have one place to do access checks.

Use 'git show -w' to see the minimal diff.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14531

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
(cherry picked from commit faff8e6c89777c38443e561235073c336cfb2e9c)

s4:dsdb:acl_read: fully set up 'struct aclread_context' before the search base acl check

This makes further change much easier.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14531

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
(cherry picked from commit c4a3028de726d6708f57d02f9162a4d62d1b6ae7)

s4:dsdb:acl_read: introduce aclread_check_object_visible() helper

In future this will do more than aclread_check_parent(),
if we implement fDoListObject and SEC_ADS_LIST_OBJECT handling.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14531

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
(cherry picked from commit d2dd7c2a5c1f8ee30f0f3b41f933d082b0c75f7c)

s4:dsdb:tests: add AclVisibiltyTests

This tests a sorts of combinations in order to
demonstrate the visibility of objects depending on:

- with or without fDoListObject
- with or without explicit DENY ACEs
- A hierachy of objects with 4 levels from the base dn
- SEC_ADS_LIST (List Children)
- SEC_ADS_LIST_LIST_OBJECT (List Object)
- SEC_ADS_READ_PROP
- all possible scopes and basedns

This demonstrates that NO_SUCH_OBJECT doesn't depend purely
on the visibility of the base dn, it's still possible to
get children returned und an invisible base dn.

It also demonstrates the additional behavior with "List Object" mode.
See [MS-ADTS] 5.1.3.3.6 Checking Object Visibility

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14531

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
(cherry picked from commit 06d134406739e76b97273db3023855150dbaebbc)

python/tests: add DynamicTestCase setUpDynamicTestCases() infrastructure

This can be used in order to run a sepcific test (coded just once)
with an autogenerated set of arguments.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14531

Pair-Programmed-With: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
(cherry picked from commit 80347deb544b38be6c6814e5d1b82e48ebe83fd1)

ctdb-tests: Strengthen node state checking in ctdb disable/enable test

Check that the desired state is set on all nodes instead of just the
test node.  This ensures that node flags have correctly propagated
across the cluster.

RN: Fix remaining ctdb disable/enable bug

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14513
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Tue Oct  6 04:32:06 UTC 2020 on sn-devel-184

(cherry picked from commit b68105b8f7c20692d23d457f2777edcf44f12bb8)
Signed-off-by: Martin Schwenke <martin@meltin.net>

ctdb-recoverd: Drop unnecessary and broken code

update_flags() has already updated the recovery master's canonical
node map, based on the flags from each remote node, and pushed out
these flags to all nodes.

If i == j then the node map has already been updated from this remote
node's flags, so simply drop this case.

Although update_flags() has updated flags for all nodes, it did not
update each node map in remote_nodemaps[] to reflect this.  This means
that remote_nodemaps[] may contain inconsistent flags for some nodes
so it should not be used to check consistency when i != j.

Further, a meaningful difference in flags can only really occur if
update_flags() failed.  In that case this code is never reached.

These observations combine to imply that this whole loop should be
dropped.

This leaves potential sub-second inconsistencies due to out-of-band
healthy/unhealthy flag changes pushed via CTDB_SRVID_PUSH_NODE_FLAGS.
These updates could be dropped (takeover run asks each node for
available IPs rather than making centralised decisions based on node
flags) but for now they will be fixed in the next iteration of
main_loop().

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14513
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit 4b01f54041dee469971f244e64064eed46de2ed5)

ctdb-recoverd: Drop unnecessary code

This has already been done in update_flags().

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14513
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit 3ab52b528673e08caa66f00e963528c591a84fe1)

vfs_shadow_copy2: Avoid closing snapsdir twice

As per man page for closedir(3):

. . .
The  closedir() function closes the directory stream associated with
dirp.  A successful call to closedir() also closes the underlying file
descriptor associated with dirp.
. . .

Therefore we don't have to attempt an additional close of file
descriptor after closedir().

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14530

Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Oct 14 10:08:24 UTC 2020 on sn-devel-184

(cherry picked from commit 74fbe0b987a0333cca28bb6a547e5b4b4f2e706d)

winbind: Fix a memleak

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14388
Signed-off-by: Laurent Menase <laurent.menase@hpe.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Noel Power <noel.power@suse.com>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Sep 14 13:33:13 UTC 2020 on sn-devel-184

(cherry picked from commit 8f868b0ea0b4795668f7bc0b028cd85686b249fb)

CVE-2020-14383: s4/dns: do not crash when additional data not found

Found by Francis Brosnan Blázquez <francis@aspl.es>.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14472
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12795

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Mon Aug 24 00:21:41 UTC 2020 on sn-devel-184

(based on commit df98e7db04c901259dd089e20cd557bdbdeaf379)

CVE-2020-14383: s4/dns: Ensure variable initialization with NULL.

Based on patches from Francis Brosnan Blázquez <francis@aspl.es>
and Jeremy Allison <jra@samba.org>

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14472
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12795

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jeremy Allison <jra@samba.org>
(based on commit 7afe449e7201be92bed8e53cbb37b74af720ef4e)

CVE-2020-14323 torture4: Add a simple test for invalid lookup_sids winbind call

We can't add this test before the fix, add it to knownfail and have the fix
remove the knownfail entry again. As this crashes winbind, many tests after
this one will fail.

Reported by Bas Alberts of the GitHub Security Lab Team as GHSL-2020-134

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14436
Signed-off-by: Volker Lendecke <vl@samba.org>

CVE-2020-14323 winbind: Fix invalid lookupsids DoS

A lookupsids request without extra_data will lead to "state->domain==NULL",
which makes winbindd_lookupsids_recv trying to dereference it.

Reported by Bas Alberts of the GitHub Security Lab Team as GHSL-2020-134

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14436
Signed-off-by: Volker Lendecke <vl@samba.org>

s3: smbd: Ensure change notifies can't get set unless the directory handle is open for SEC_DIR_LIST.

Remove knownfail entry.

CVE-2020-14318

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14434

Signed-off-by: Jeremy Allison <jra@samba.org>

s4: torture: Add smb2.notify.handle-permissions test.

Add knownfail entry.

CVE-2020-14318

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14434

Signed-off-by: Jeremy Allison <jra@samba.org>

VERSION: Bump version up to 4.13.1...

and re-enable GIT_SNAPSHOT.

Signed-off-by: Karolin Seeger <kseeger@samba.org>

WHATSNEW: Fix release notes.

"server schannel" has not been removed.

Signed-off-by: Karolin Seeger <kseeger@samba.org>

VERSION: Bump version up to 4.13.1...

and re-enable GIT_SNAPSHOT.

Signed-off-by: Karolin Seeger <kseeger@samba.org>

VERSION: Disable GIT_SNAPSHOT for the 4.13.0 release.

Signed-off-by: Karolin Seeger <kseeger@samba.org>

WHATSNEW: Add release notes for Samba 4.13.0.

Signed-off-by: Karolin Seeger <kseeger@samba.org>

VERSION: Bump version up to 4.13.0rc7...

and re-enable GIT_SNAPSHOT.

Signed-off-by: Stefan Metzmacher <metze@samba.org>

VERSION: Disable GIT_SNAPSHOT for the 4.13.0rc6 release.

Signed-off-by: Stefan Metzmacher <metze@samba.org>

WHATSNEW: Add release notes for Samba 4.13.0rc6.

CVE-2020-1472: Samba impact of "ZeroLogon".

Signed-off-by: Stefan Metzmacher <metze@samba.org>

WHATSNEW: document the planed removal of "server schannel"

Also add "server require schannel:COMPUTER"

Signed-off-by: Stefan Metzmacher <metze@samba.org>

WHATSNEW: document the 'smb2 disable oplock break retry' option

Signed-off-by: Stefan Metzmacher <metze@samba.org>

CVE-2020-1472(ZeroLogon): s4 torture rpc: repeated bytes in client challenge

Ensure that client challenges with the first 5 bytes identical are
rejected.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
[abartlet@samba.org: backported from master as test order was flipped]

CVE-2020-1472(ZeroLogon): s4 torture rpc: Test empty machine acct pwd

Ensure that an empty machine account password can't be set by
netr_ServerPasswordSet2

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>

CVE-2020-1472(ZeroLogon): docs-xml: document 'server require schannel:COMPUTERACCOUNT'

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497

Signed-off-by: Stefan Metzmacher <metze@samba.org>

CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: log warnings about unsecure configurations

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Günther Deschner <gd@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>

CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: support "server require schannel:WORKSTATION$ = no"

This allows to add expections for individual workstations, when using "server schannel = yes".
"server schannel = auto" is very insecure and will be removed soon.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Günther Deschner <gd@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>

CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: refactor dcesrv_netr_creds_server_step_check()

We should debug more details about the failing request.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Günther Deschner <gd@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>

CVE-2020-1472(ZeroLogon): s4:rpc_server/netlogon: log warnings about unsecure configurations

This should give admins wawrnings until they have a secure
configuration.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>

CVE-2020-1472(ZeroLogon): s4:rpc_server/netlogon: support "server require schannel:WORKSTATION$ = no"

This allows to add expections for individual workstations, when using "server schannel = yes".
"server schannel = auto" is very insecure and will be removed soon.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497

Signed-off-by: Stefan Metzmacher <metze@samba.org>

CVE-2020-1472(ZeroLogon): s4:rpc_server/netlogon: refactor dcesrv_netr_creds_server_step_check()

We should debug more details about the failing request.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497

Signed-off-by: Stefan Metzmacher <metze@samba.org>

CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: protect netr_ServerPasswordSet2 against unencrypted passwords

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>

CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: Fix mem leak onto p->mem_ctx in error path of _netr_ServerPasswordSet2().

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497

Signed-off-by: Jeremy Allison <jra@samba.org>

CVE-2020-1472(ZeroLogon): s4:rpc_server/netlogon: protect netr_ServerPasswordSet2 against unencrypted passwords

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497

Signed-off-by: Stefan Metzmacher <metze@samba.org>

CVE-2020-1472(ZeroLogon): libcli/auth: reject weak client challenges in netlogon_creds_server_init()

This implements the note from MS-NRPC 3.1.4.1 Session-Key Negotiation:

 7. If none of the first 5 bytes of the client challenge is unique, the
    server MUST fail session-key negotiation without further processing of
    the following steps.

It lets ./zerologon_tester.py from
https://github.com/SecuraBV/CVE-2020-1472.git
report: "Attack failed. Target is probably patched."

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497

Signed-off-by: Stefan Metzmacher <metze@samba.org>

CVE-2020-1472(ZeroLogon): libcli/auth: add netlogon_creds_is_random_challenge() to avoid weak values

This is the check Windows is using, so we won't generate challenges,
which are rejected by Windows DCs (and future Samba DCs).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497

Signed-off-by: Stefan Metzmacher <metze@samba.org>

CVE-2020-1472(ZeroLogon): s4:rpc_server:netlogon: make use of netlogon_creds_random_challenge()

This is not strictly needed, but makes things more clear.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497

Signed-off-by: Stefan Metzmacher <metze@samba.org>

CVE-2020-1472(ZeroLogon): s3:rpc_server:netlogon: make use of netlogon_creds_random_challenge()

This is not strictly needed, but makes things more clear.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497

Signed-off-by: Stefan Metzmacher <metze@samba.org>

CVE-2020-1472(ZeroLogon): libcli/auth: make use of netlogon_creds_random_challenge() in netlogon_creds_cli.c

This will avoid getting rejected by the server if we generate
a weak challenge.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497

Signed-off-by: Stefan Metzmacher <metze@samba.org>

CVE-2020-1472(ZeroLogon): s4:torture/rpc: make use of netlogon_creds_random_challenge()

This will avoid getting flakey tests once our server starts to
reject weak challenges.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497

Signed-off-by: Stefan Metzmacher <metze@samba.org>

CVE-2020-1472(ZeroLogon): libcli/auth: add netlogon_creds_random_challenge()

It's good to have just a single isolated function that will generate
random challenges, in future we can add some logic in order to
avoid weak values, which are likely to be rejected by a server.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497

Signed-off-by: Stefan Metzmacher <metze@samba.org>

VERSION: Bump version up to 4.13.0rc5...

and re-enable GIT_SNAPSHOT.

Signed-off-by: Karolin Seeger <kseeger@samba.org>

VERSION: Disable GIT_SNAPSHOT for the 4.13.0rc5 release.

Signed-off-by: Karolin Seeger <kseeger@samba.org>

WHATSNEW: Add release notes for Samba 4.13.0rc5.

Signed-off-by: Karolin Seeger <kseeger@samba.org>

waf: Only use gnutls_aead_cipher_encryptv2() for GnuTLS > 3.6.14

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14399

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 94808cc50e4350a8c3bc250a886e8d4e7802dd12)

s3:smbd: Fix %U substitutions if it contains a domain name

'valid users = DOMAIN\%U' worked with Samba 3.6 and broke in a newer
version.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14467

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 5de7c91e6d4e98f438157a7675c8582cabdd828d)

s3:tests: Add test for 'valid users = DOMAIN\%U'

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14467

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 53b6dd951249052772e1ffcf651b7efd0963b931)

Revert "Add vfs_ring."

This reverts commit b29103ef46a9f80a0184d4d999f22512b7fdcd89.