Karolin Seeger [Mon, 31 May 2021 09:17:22 +0000 (11:17 +0200)]
VERSION: Disable GIT_SNAPSHOT for the 4.14.5 release.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Mon, 31 May 2021 09:07:52 +0000 (11:07 +0200)]
WHATSNEW: Add release notes for Samba 4.14.5.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Jeremy Allison [Thu, 27 May 2021 05:41:53 +0000 (22:41 -0700)]
s3: smbd: Fix uninitialized memory read in process_symlink_open() when used with vfs_shadow_copy2().
Valgrind trace follows.
==
3627798== Invalid read of size 1
==
3627798== at 0x483FF46: strlen (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
==
3627798== by 0x55DE412: strdup (strdup.c:41)
==
3627798== by 0x4F4657E: smb_xstrdup (util.c:660)
==
3627798== by 0x4C62C2E: vfs_ChDir (vfs.c:988)
==
3627798== by 0x4C4A51C: process_symlink_open (open.c:656)
==
3627798== by 0x4C4ADE7: non_widelink_open (open.c:862)
==
3627798== by 0x4C4AFB7: fd_openat (open.c:918)
==
3627798== by 0x4BBE895: openat_pathref_fsp (files.c:506)
==
3627798== by 0x4C48A00: filename_convert_internal (filename.c:2027)
==
3627798== by 0x4C48B77: filename_convert (filename.c:2067)
==
3627798== by 0x4C32408: call_trans2qfilepathinfo (trans2.c:6173)
==
3627798== by 0x4C3C5DA: handle_trans2 (trans2.c:10143)
==
3627798== Address 0xda8bc90 is 96 bytes inside a block of size 217 free'd
==
3627798== at 0x483DA3F: free (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
==
3627798== by 0x4FCA3C9: _tc_free_internal (talloc.c:1222)
==
3627798== by 0x4FCA481: _talloc_free_internal (talloc.c:1248)
==
3627798== by 0x4FCB825: _talloc_free (talloc.c:1792)
==
3627798== by 0xDB248DD: store_cwd_data (vfs_shadow_copy2.c:1473)
==
3627798== by 0xDB24BEF: shadow_copy2_chdir (vfs_shadow_copy2.c:1542)
==
3627798== by 0x4C662A4: smb_vfs_call_chdir (vfs.c:2257)
==
3627798== by 0x4C62B48: vfs_ChDir (vfs.c:940)
==
3627798== by 0x4C4A51C: process_symlink_open (open.c:656)
==
3627798== by 0x4C4ADE7: non_widelink_open (open.c:862)
==
3627798== by 0x4C4AFB7: fd_openat (open.c:918)
==
3627798== by 0x4BBE895: openat_pathref_fsp (files.c:506)
==
3627798== Block was alloc'd at
==
3627798== at 0x483C7F3: malloc (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
==
3627798== by 0x4FC9365: __talloc_with_prefix (talloc.c:783)
==
3627798== by 0x4FC94FF: __talloc (talloc.c:825)
==
3627798== by 0x4FCCFDC: __talloc_strlendup (talloc.c:2454)
==
3627798== by 0x4FCD096: talloc_strdup (talloc.c:2470)
==
3627798== by 0xDB24977: store_cwd_data (vfs_shadow_copy2.c:1476)
==
3627798== by 0xDB24BEF: shadow_copy2_chdir (vfs_shadow_copy2.c:1542)
==
3627798== by 0x4C662A4: smb_vfs_call_chdir (vfs.c:2257)
==
3627798== by 0x4C62B48: vfs_ChDir (vfs.c:940)
==
3627798== by 0x4C4A92D: non_widelink_open (open.c:755)
==
3627798== by 0x4C4AFB7: fd_openat (open.c:918)
==
3627798== by 0x4BBE895: openat_pathref_fsp (files.c:506)
==
3627798==
Even though SMB_VFS_CONNECTPATH() returns a const char,
vfs_shadow_copy2() can free and reallocate this whilst
in use inside process_symlink_open().
Take a copy to make sure we don't reference free'd memory.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14721
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu May 27 17:25:43 UTC 2021 on sn-devel-184
(cherry picked from commit
2f0cfe82907516ecf23cc385d41b8d29ed6b8c96)
Autobuild-User(v4-14-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-14-test): Fri May 28 08:55:50 UTC 2021 on sn-devel-184
Pavel Filipenský [Wed, 19 May 2021 11:12:31 +0000 (13:12 +0200)]
docs: Update list of available commands in rpcclient
The list of available commands in rpcclient.1 manpage is updated to
match the current state, which is visible via help commnad of rpcclient.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14719
Signed-off-by: Pavel Filipenský <pfilipen@redhat.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
2d7740f65c69497de665043051228f6315de4f5c)
Autobuild-User(v4-14-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-14-test): Wed May 26 12:45:16 UTC 2021 on sn-devel-184
Pavel Filipenský [Wed, 19 May 2021 12:51:00 +0000 (14:51 +0200)]
s3:rpcclient: Document command of witness protocol
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14719
Signed-off-by: Pavel Filipenský <pfilipen@redhat.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
139cefceca20bd21ad557830f551eb51b343c660)
Pavel Filipenský [Wed, 19 May 2021 13:10:36 +0000 (15:10 +0200)]
docs-xml: Update smbcacls manpage
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14718
Signed-off-by: Pavel Filipenský <pfilipen@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
9d9ed421b26f733c59f9fac44e2034df704cef6a)
Ralph Boehme [Mon, 24 May 2021 10:03:28 +0000 (12:03 +0200)]
smbd: correctly initialize close timestamp fields
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14714
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon May 24 16:56:22 UTC 2021 on sn-devel-184
(cherry picked from commit
f96cc29711181b5237a5b92c4bfb5e75fe2a73b9)
Ralph Boehme [Mon, 24 May 2021 10:21:38 +0000 (12:21 +0200)]
torture: add a test that verifies SMB2 close fields without postqueryattrib
The server must set all fields to 0 if postqueryattrib is not set.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14714
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
ac9042ff4dc6c892764abd23a9445116ad40e62a)
Volker Lendecke [Tue, 18 May 2021 06:32:45 +0000 (08:32 +0200)]
ctdb: Fix a crash in run_proc_signal_handler()
If a script times out the caller can talloc_free() the script_list
output of run_event_recv, which talloc_free's proc->output from
run_proc.c as well. If the script generates further output after the
timeout and then exits after a while, the SIGCHLD handler in the
eventd tries to read into proc->output, which was already free'ed.
Fix this by not doing just a talloc_steal but a talloc_move. This way
proc_read_handler() called from run_proc_signal_handler() does not try
to realloc the stale reference to proc->output but gets a NULL
reference.
I don't really know how to do a knownfail in ctdb, so this commit
actually activates catching the signal by waiting long enough for
22.bar to exit and generate the SIGCHLD.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14475
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
adef87a621b17baf746d12f991c60a8a3ffcfcd3)
Autobuild-User(v4-14-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-14-test): Tue May 25 09:51:20 UTC 2021 on sn-devel-184
Volker Lendecke [Tue, 18 May 2021 06:28:16 +0000 (08:28 +0200)]
ctdb: Introduce output before and after the 10-second timeout
This will lead to a crash in run_event_test.c soon
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14475
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
f320d1a7ab0f81eefdb28b36bfe346eacb8980de)
Volker Lendecke [Tue, 18 May 2021 06:23:05 +0000 (08:23 +0200)]
ctdb: Wait for SIGCHLD if script timed out
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14475
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
19290f10c7d39e055847eb45affd9e229a116b18)
Volker Lendecke [Tue, 18 May 2021 06:18:25 +0000 (08:18 +0200)]
ctdb: Introduce a helper variable in run_event_test.c
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14475
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
07ab9b7a71d59f3ff2b9dee662632315062213ab)
Volker Lendecke [Tue, 18 May 2021 06:01:06 +0000 (08:01 +0200)]
ctdb: Call run_event_recv() in a callback function
Triggers a different code path in run_event_* and aligns it more what
the ctdb eventd really does.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14475
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
9398d4b912387be8cde0c2ca30734eca7d547d19)
Volker Lendecke [Fri, 7 May 2021 15:36:58 +0000 (17:36 +0200)]
ctdb: fix typos
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14475
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
f188c9d732e4b9b3d37c4cb09608aba747845997)
Jeremy Allison [Mon, 17 May 2021 22:34:55 +0000 (15:34 -0700)]
s3: smbd: Ensure POSIX default ACL is mapped into returned Windows ACL for directory handles.
Remove knownfail.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14708
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
Autobuild-User(master): Noel Power <npower@samba.org>
Autobuild-Date(master): Wed May 19 09:22:56 UTC 2021 on sn-devel-184
(cherry picked from commit
b7f62e13933da14c381f70cd46ad13849b108e68)
Autobuild-User(v4-14-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-14-test): Fri May 21 07:59:08 UTC 2021 on sn-devel-184
Andreas Schneider [Thu, 6 May 2021 17:07:04 +0000 (19:07 +0200)]
lib:replace: Do not build strndup test with gcc 11 or newer
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14699
gcc11 with -O3 detects that the size is incorrect:
lib/replace/tests/testsuite.c:286:13: error: ‘strndup’ specified bound 10 exceeds source size 4 [-Werror=stringop-overread]
286 | x = strndup("bla", 10);
| ^~~~~~~~~~~~~~~~~~
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit
8f12793ca5e7c9aa7c23a17400986878ae110e70)
Autobuild-User(v4-14-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-14-test): Wed May 12 09:07:45 UTC 2021 on sn-devel-184
Günther Deschner [Mon, 3 May 2021 19:27:58 +0000 (21:27 +0200)]
Fix gcc11 compiler issue "-Werror=stringop-overflow="
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14699
[3548/3991] Compiling source3/winbindd/winbindd_pam.c
../../source3/winbindd/winbindd_pam.c: In function ‘winbindd_dual_pam_auth_cached’:
../../source3/winbindd/winbindd_pam.c:1069:18: error: ‘winbindd_get_creds’ accessing 128 bytes in a region of size 8 [-Werror=stringop-overflow=]
1069 | result = winbindd_get_creds(domain,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~
1070 | state->mem_ctx,
| ~~~~~~~~~~~~~~~
1071 | &sid,
| ~~~~~
1072 | &my_info3,
| ~~~~~~~~~~
1073 | &cached_nt_pass,
| ~~~~~~~~~~~~~~~~
1074 | &cached_salt);
| ~~~~~~~~~~~~~
../../source3/winbindd/winbindd_pam.c:1069:18: note: referencing argument 5 of type ‘const uint8_t **’ {aka ‘const unsigned char **’}
../../source3/winbindd/winbindd_pam.c:1069:18: error: ‘winbindd_get_creds’ accessing 128 bytes in a region of size 8 [-Werror=stringop-overflow=]
../../source3/winbindd/winbindd_pam.c:1069:18: note: referencing argument 6 of type ‘const uint8_t **’ {aka ‘const unsigned char **’}
In file included from ../../source3/winbindd/winbindd.h:359,
from ../../source3/winbindd/winbindd_pam.c:26:
../../source3/winbindd/winbindd_proto.h:251:10: note: in a call to function ‘winbindd_get_creds’
251 | NTSTATUS winbindd_get_creds(struct winbindd_domain *domain,
| ^~~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
17ae9974f36ce8929f0c50c357dd4f88fbf37d7c)
Günther Deschner [Mon, 3 May 2021 19:27:43 +0000 (21:27 +0200)]
Fix gcc11 compiler issue "-Werror=maybe-uninitialized"
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14699
../../source4/dsdb/common/util_links.c: In function ‘ndr_guid_compare’:
../../source4/dsdb/common/util_links.c:38:29: error: ‘v1_data’ may be used uninitialized [-Werror=maybe-uninitialized]
38 | struct ldb_val v1 = data_blob_const(v1_data, sizeof(v1_data));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../../source4/../lib/util/samba_util.h:48,
from ../../source4/include/includes.h:62,
from ../../source4/dsdb/common/util_links.c:22:
../../lib/util/data_blob.h:116:20: note: by argument 1 of type ‘const void *’ to ‘data_blob_const’ declared here
116 | _PUBLIC_ DATA_BLOB data_blob_const(const void *p, size_t length);
| ^~~~~~~~~~~~~~~
../../source4/dsdb/common/util_links.c:37:17: note: ‘v1_data’ declared here
37 | uint8_t v1_data[16];
| ^~~~~~~
cc1: all warnings being treated as errors
../../libcli/auth/smbencrypt.c: In function ‘decode_wkssvc_join_password_buffer’:
../../libcli/auth/smbencrypt.c:1045:32: error: ‘_confounder’ may be used uninitialized [-Werror=maybe-uninitialized]
1045 | DATA_BLOB confounder = data_blob_const(_confounder, 8);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../../source4/../lib/util/samba_util.h:48,
from ../../source4/include/includes.h:62,
from ../../libcli/auth/smbencrypt.c:24:
../../lib/util/data_blob.h:116:20: note: by argument 1 of type ‘const void *’ to ‘data_blob_const’ declared here
116 | _PUBLIC_ DATA_BLOB data_blob_const(const void *p, size_t length);
| ^~~~~~~~~~~~~~~
../../libcli/auth/smbencrypt.c:1044:17: note: ‘_confounder’ declared here
1044 | uint8_t _confounder[8];
| ^~~~~~~~~~~
cc1: all warnings being treated as errors
[2624/3991] Compiling source4/torture/rpc/samr.c
../../source3/rpc_client/cli_samr.c: In function ‘dcerpc_samr_chgpasswd_user2’:
../../source3/rpc_client/cli_samr.c:158:33: error: ‘old_nt_hash’ may be used uninitialized [-Werror=maybe-uninitialized]
158 | DATA_BLOB session_key = data_blob_const(old_nt_hash, 16);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../../source3/../lib/util/samba_util.h:48,
from ../../source3/include/includes.h:256,
from ../../source3/rpc_client/cli_samr.c:24:
../../lib/util/data_blob.h:116:20: note: by argument 1 of type ‘const void *’ to ‘data_blob_const’ declared here
116 | _PUBLIC_ DATA_BLOB data_blob_const(const void *p, size_t length);
| ^~~~~~~~~~~~~~~
../../source3/rpc_client/cli_samr.c:152:17: note: ‘old_nt_hash’ declared here
152 | uint8_t old_nt_hash[16];
| ^~~~~~~~~~~
../../source3/rpc_client/cli_samr.c: In function ‘dcerpc_samr_chgpasswd_user3’:
../../source3/rpc_client/cli_samr.c:365:33: error: ‘old_nt_hash’ may be used uninitialized [-Werror=maybe-uninitialized]
365 | DATA_BLOB session_key = data_blob_const(old_nt_hash, 16);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../../source3/../lib/util/samba_util.h:48,
from ../../source3/include/includes.h:256,
from ../../source3/rpc_client/cli_samr.c:24:
../../lib/util/data_blob.h:116:20: note: by argument 1 of type ‘const void *’ to ‘data_blob_const’ declared here
116 | _PUBLIC_ DATA_BLOB data_blob_const(const void *p, size_t length);
| ^~~~~~~~~~~~~~~
../../source3/rpc_client/cli_samr.c:358:17: note: ‘old_nt_hash’ declared here
358 | uint8_t old_nt_hash[16];
| ^~~~~~~~~~~
cc1: all warnings being treated as errors
[3399/3991] Compiling source3/rpcclient/cmd_spotlight.c
../../source3/rpcclient/cmd_spotlight.c: In function ‘cmd_mdssvc_fetch_properties’:
../../source3/rpcclient/cmd_spotlight.c:60:18: error: ‘share_path’ may be used uninitialized [-Werror=maybe-uninitialized]
60 | status = dcerpc_mdssvc_open(b, mem_ctx,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
61 | &device_id,
| ~~~~~~~~~~~
62 | &unkn1,
| ~~~~~~~
63 | &unkn2,
| ~~~~~~~
64 | argv[2],
| ~~~~~~~~
65 | argv[1],
| ~~~~~~~~
66 | share_path,
| ~~~~~~~~~~~
67 | &share_handle);
| ~~~~~~~~~~~~~~
In file included from ../../source3/rpcclient/cmd_spotlight.c:24:
source3/../librpc/gen_ndr/ndr_mdssvc_c.h:26:10: note: by argument 8 of type ‘const char *’ to ‘dcerpc_mdssvc_open’ declared here
26 | NTSTATUS dcerpc_mdssvc_open(struct dcerpc_binding_handle *h,
| ^~~~~~~~~~~~~~~~~~
../../source3/rpcclient/cmd_spotlight.c:40:14: note: ‘share_path’ declared here
40 | char share_path[1025];
| ^~~~~~~~~~
cc1: all warnings being treated as errors
../../source4/torture/rpc/samr.c: In function ‘test_ChangePasswordUser2’:
../../source4/torture/rpc/samr.c:2266:19: error: ‘old_nt_hash’ may be used uninitialized [-Werror=maybe-uninitialized]
2266 | = data_blob_const(old_nt_hash, sizeof(old_nt_hash));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../../source4/../lib/util/samba_util.h:48,
from ../../source4/include/includes.h:62,
from ../../source4/torture/rpc/samr.c:24:
../../lib/util/data_blob.h:116:20: note: by argument 1 of type ‘const void *’ to ‘data_blob_const’ declared here
116 | _PUBLIC_ DATA_BLOB data_blob_const(const void *p, size_t length);
| ^~~~~~~~~~~~~~~
../../source4/torture/rpc/samr.c:2263:17: note: ‘old_nt_hash’ declared here
2263 | uint8_t old_nt_hash[16], new_nt_hash[16];
| ^~~~~~~~~~~
../../source4/torture/rpc/samr.c: In function ‘test_ChangePasswordUser2_ntstatus’:
../../source4/torture/rpc/samr.c:2371:19: error: ‘old_nt_hash’ may be used uninitialized [-Werror=maybe-uninitialized]
2371 | = data_blob_const(old_nt_hash, sizeof(old_nt_hash));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../../source4/../lib/util/samba_util.h:48,
from ../../source4/include/includes.h:62,
from ../../source4/torture/rpc/samr.c:24:
../../lib/util/data_blob.h:116:20: note: by argument 1 of type ‘const void *’ to ‘data_blob_const’ declared here
116 | _PUBLIC_ DATA_BLOB data_blob_const(const void *p, size_t length);
| ^~~~~~~~~~~~~~~
../../source4/torture/rpc/samr.c:2368:17: note: ‘old_nt_hash’ declared here
2368 | uint8_t old_nt_hash[16], new_nt_hash[16];
| ^~~~~~~~~~~
../../source4/torture/rpc/samr.c: In function ‘test_ChangePasswordUser3’:
../../source4/torture/rpc/samr.c:2478:38: error: ‘old_nt_hash’ may be used uninitialized [-Werror=maybe-uninitialized]
2478 | DATA_BLOB old_nt_hash_blob = data_blob_const(old_nt_hash, 16);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../../source4/../lib/util/samba_util.h:48,
from ../../source4/include/includes.h:62,
from ../../source4/torture/rpc/samr.c:24:
../../lib/util/data_blob.h:116:20: note: by argument 1 of type ‘const void *’ to ‘data_blob_const’ declared here
116 | _PUBLIC_ DATA_BLOB data_blob_const(const void *p, size_t length);
| ^~~~~~~~~~~~~~~
../../source4/torture/rpc/samr.c:2473:17: note: ‘old_nt_hash’ declared here
2473 | uint8_t old_nt_hash[16], new_nt_hash[16];
| ^~~~~~~~~~~
../../source4/torture/rpc/samr.c: In function ‘test_ChangePasswordRandomBytes’:
../../source4/torture/rpc/samr.c:2794:19: error: ‘old_nt_hash’ may be used uninitialized [-Werror=maybe-uninitialized]
2794 | = data_blob_const(old_nt_hash,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~
2795 | sizeof(old_nt_hash));
| ~~~~~~~~~~~~~~~~~~~~
In file included from ../../source4/../lib/util/samba_util.h:48,
from ../../source4/include/includes.h:62,
from ../../source4/torture/rpc/samr.c:24:
../../lib/util/data_blob.h:116:20: note: by argument 1 of type ‘const void *’ to ‘data_blob_const’ declared here
116 | _PUBLIC_ DATA_BLOB data_blob_const(const void *p, size_t length);
| ^~~~~~~~~~~~~~~
../../source4/torture/rpc/samr.c:2792:17: note: ‘old_nt_hash’ declared here
2792 | uint8_t old_nt_hash[16], new_nt_hash[16];
| ^~~~~~~~~~~
cc1: all warnings being treated as errors
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
0e1695df7fe8952b5c503cf7ab1ff31784736988)
Jeremy Allison [Thu, 29 Apr 2021 16:50:30 +0000 (09:50 -0700)]
s3: smbd: SMB1 SMBsplwr doesn't send a reply packet on success.
Missing call to set up req->outbuf means no reply is sent.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14696
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Apr 29 21:27:58 UTC 2021 on sn-devel-184
(cherry picked from commit
47d79d7e7e406f7dd204ded7c72cfed3e0761ad5)
Autobuild-User(v4-14-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-14-test): Mon May 3 08:16:14 UTC 2021 on sn-devel-184
Andreas Schneider [Wed, 28 Apr 2021 10:25:42 +0000 (12:25 +0200)]
s3:winbind: For 'security = ADS' require realm/workgroup to be set
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14695
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
757c49f6dc52afd6ee39c0b282e9a787b6df7a12)
Andreas Schneider [Wed, 28 Apr 2021 10:09:21 +0000 (12:09 +0200)]
s3:utils: Tell users that workgroup/realm is required for ADS mode
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14695
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
328682860940679553831b6ff23acff4ce80a22f)
Andrew Bartlett [Thu, 15 Apr 2021 22:43:07 +0000 (10:43 +1200)]
docs: Expand the "log level" docs on audit logging
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14689
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
38fe888f95f8d22736080ed521939be932e7bca0)
Andrew Bartlett [Thu, 15 Apr 2021 02:40:30 +0000 (14:40 +1200)]
docs: underline special words in the audit logging part of "log level" in man smb.conf
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14689
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
d03e7ffcff32452bb92f2ced9f06cbeab9843e04)
Andrew Bartlett [Thu, 15 Apr 2021 02:45:07 +0000 (14:45 +1200)]
docs: Further discourage the use of the "event notification" options
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14689
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
364b8be9816b34b2a1b07c6259345c406d68c9f2)
Andrew Bartlett [Thu, 15 Apr 2021 02:44:22 +0000 (14:44 +1200)]
docs: Add proper explination on why transactions need to be audited.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14689
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
a778a3a6420f094a953563b87f84457fdebd20a3)
Andrew Bartlett [Thu, 15 Apr 2021 02:39:49 +0000 (14:39 +1200)]
docs: Add missing documentation on dsdb_group_audit and dsdb_group_audit_json
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14689
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
2e533664e756ccde8fc1b3e41e70437c9e7bafcd)
Andrew Bartlett [Thu, 15 Apr 2021 01:52:38 +0000 (13:52 +1200)]
debug: Synchronise "log level" in smb.conf with the code
This is done by pasting in the contents of default_classname_table[]
in lib/util/debug.c into
cut -f 2 -d \"| xargs -i sh -c 'echo "\t<listitem><para><parameter moreinfo=\"none\">{}</parameter></para></listitem>"'
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14689
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
0d30d74e89829cc7b4faa6ba835e3d90c1c410aa)
Karolin Seeger [Thu, 29 Apr 2021 09:09:46 +0000 (11:09 +0200)]
VERSION: Bump version up to 4.14.5.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Thu, 29 Apr 2021 09:09:10 +0000 (11:09 +0200)]
Merge tag 'samba-4.14.4' into v4-14-test
samba: tag release samba-4.14.4
Karolin Seeger [Mon, 26 Apr 2021 08:26:38 +0000 (10:26 +0200)]
VERSION: Disable GIT_SNAPSHOT for the 4.14.4 release.
BUG 14571: CVE-2021-20254: Buffer overrun in sids_to_unixids().
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Mon, 26 Apr 2021 08:26:10 +0000 (10:26 +0200)]
WHATSNEW: Add release notes for Samba 4.14.4.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Volker Lendecke [Sat, 20 Feb 2021 14:50:12 +0000 (15:50 +0100)]
CVE-2021-20254 passdb: Simplify sids_to_unixids()
Best reviewed with "git show -b", there's a "continue" statement that
changes subsequent indentation.
Decouple lookup status of ids from ID_TYPE_NOT_SPECIFIED
Add comments to explain the use of the three lookup
loops.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14571
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry-picked from commit for master)
Karolin Seeger [Mon, 19 Apr 2021 07:57:25 +0000 (09:57 +0200)]
VERSION: Bump version up to 4.14.4...
and re-enable GIT_SNAPSHOT.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
(cherry picked from commit
a8b9ea7e1aa4f526bd73baee45f0a3483c95381a)
Karolin Seeger [Mon, 19 Apr 2021 07:57:25 +0000 (09:57 +0200)]
VERSION: Bump version up to 4.14.4...
and re-enable GIT_SNAPSHOT.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Mon, 19 Apr 2021 07:56:47 +0000 (09:56 +0200)]
VERSION: Disable GIT_SNAPSHOT for the 4.14.3 release.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Mon, 19 Apr 2021 07:56:20 +0000 (09:56 +0200)]
WHATSNEW: Add release notes for Samba 4.14.3.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Andrew Bartlett [Fri, 26 Mar 2021 08:48:45 +0000 (21:48 +1300)]
build: Notice if flex is missing at configure time
This may also fix the coverage build by ensuring --noline
is always specified to flex.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14586
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Mar 29 02:12:23 UTC 2021 on sn-devel-184
(cherry picked from commit
942c0d2128cb8e64a9354dde6bdae82a1c1c3d88)
Autobuild-User(v4-14-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-14-test): Tue Apr 20 07:39:05 UTC 2021 on sn-devel-184
Samuel Cabrero [Thu, 8 Apr 2021 16:45:38 +0000 (18:45 +0200)]
s3-iremotewinspool: set the per-request memory context
The iremotewinspool service is not using the pidl autogenerated code.
Set the per-request memory context following the changes made is commit
5a7e9ade9a4cdfa68900c6a64b639f53c0da47ad.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14675
CI: https://gitlab.com/samba-team/samba/-/merge_requests/1890
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Apr 9 15:20:02 UTC 2021 on sn-devel-184
(cherry picked from commit
1efa9ffd7ae77ebf22b28c12dd642a89991b75d2)
Martin Schwenke [Mon, 29 Mar 2021 05:30:37 +0000 (16:30 +1100)]
build: Only add -Wl,--as-needed when supported
If -Wl,--as-needed is added to EXTRA_LDFLAGS (via ADD_LDFLAGS, as per
commit
996560191ac6bd603901dcd6c0de5d239e019ef4) then on some
platforms (at least CentOS 8 and Fedora 33), any indirect/recursive
dependencies (i.e. private libraries) are added to both the
binary (reqid_test in the CTDB case) and to samba-util.so. However,
only samba-util.so has rpath set to find private libraries.
When ld.so tries to resolve these dependencies for the binary it
fails. This may be a bug on those platforms, but it occurs reliably
and our users will also hit the bug. For binaries that have other
private library dependencies (e.g. bundled talloc) rpath will contain
the private library directory so the duplicate private library
dependencies are then found... that is, when it works, it works by
accident!
For some reason (deep in waf or wafsamba) if -Wl,--as-needed is added to
LINKFLAGS (as is done in conf.add_as_needed()) then it works: the direct
dependencies are only added to samba-util.so and the same depenencies
(indirect dependencies for binaries) are not added incorrectly to the
binaries.
So, without changing 1/2 of waf/wafsamba the simplest fix is to revert
to adding -Wl,--as-needed to LINKFLAGS, which was the case before
commit
996560191ac6bd603901dcd6c0de5d239e019ef4.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14288
RN: Fix the build on OmniOS
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Bjoern Jacke <bj@sernet.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(backported from commit
ff1c3af603b47a7e8f9faad8d1c2e4a489559155)
Autobuild-User(v4-14-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-14-test): Wed Apr 14 07:34:20 UTC 2021 on sn-devel-184
Ralph Boehme [Mon, 29 Mar 2021 10:24:39 +0000 (12:24 +0200)]
s3: smbd: fix deferred renames
This was broken by
c7a9e0e4cdfb22e66533b5c8e20af3cfdb8ae78c.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14679
CI: https://gitlab.com/samba-team/samba/-/merge_requests/1875
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@amba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Mar 31 06:13:39 UTC 2021 on sn-devel-184
(cherry picked from commit
10d753868e810604d8f60673bbd48f55aaff0797)
Autobuild-User(v4-14-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-14-test): Thu Apr 1 11:26:31 UTC 2021 on sn-devel-184
Jeremy Allison [Tue, 30 Mar 2021 22:05:47 +0000 (15:05 -0700)]
s4: torture. Add smb2.lease.rename_wait test to reproduce regression in delay rename for lease break code.
Passes against Windows 10. Add to knownfail, the
next commit will fix this.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14679
CI: https://gitlab.com/samba-team/samba/-/merge_requests/1875
Back-ported from
8d9a0b8d57713781c72440c7e91746b5d89e6f6a.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Tue, 23 Mar 2021 16:06:15 +0000 (17:06 +0100)]
rpc_server3: Fix a memleak for internal pipes
state->call should not be talloc'ed off a long-lived context
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14675
CI: https://gitlab.com/samba-team/samba/-/merge_requests/1861
RN: Memory leak in the RPC server
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Mar 31 12:14:01 UTC 2021 on sn-devel-184
(cherry picked from commit
12f516e4680753460e7fe8811e6c6ff70057580c)
Ralph Boehme [Mon, 22 Mar 2021 11:06:39 +0000 (12:06 +0100)]
spools: avoid leaking memory into the callers mem_ctx
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14675
CI: https://gitlab.com/samba-team/samba/-/merge_requests/1861
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
481176ec745c14b78fca68e01a61c83405a4b97b)
Ralph Boehme [Tue, 23 Mar 2021 10:40:21 +0000 (11:40 +0100)]
pidl: set the per-request memory context in the pidl generator
The talloc memory context referenced by the pipe_struct mem_ctx member is used
as talloc parent for RPC response data by the RPC service implementations.
In Samba versions up to 4.10 all talloc children of p->mem_ctx were freed after
a RPC response was delivered by calling talloc_free_children(p->mem_ctx). Commit
60fa8e255254d38e9443bf96f2c0f31430be6ab8 removed this call which resulted in all
memory allocations on this context not getting released, which can consume
significant memory in long running RPC connections.
Instead of putting the talloc_free_children(p->mem_ctx) back, just use the
mem_ctx argument of the ${pipename}_op_dispatch_internal() function which is a
dcesrv_call_state object created by dcesrv_process_ncacn_packet() and released
by the RPC server when the RPC request processing is finished.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14675
CI: https://gitlab.com/samba-team/samba/-/merge_requests/1861
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
4c3fb2a5912966a61e7ebdb05eb3231a0e1d6033)
Ralph Boehme [Tue, 16 Mar 2021 17:18:46 +0000 (18:18 +0100)]
smbd: free open_rec state in remove_deferred_open_message_smb2_internal()
The lifetime of open_rec (struct deferred_open_record) ojects is the time
processing the SMB open request every time the request is scheduled, ie once we
reschedule we must wipe the slate clean. In case the request gets deferred
again, a new open_rec will be created by the schedule functions.
This ensures any timer-event tied to the open_rec gets cancelled and doesn't
fire unexpectedly.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14672
CI: https://gitlab.com/samba-team/samba/-/merge_requests/1843
RN: smbd panic when two clients open same file
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Mar 18 18:04:09 UTC 2021 on sn-devel-184
(cherry picked from commit
591c9196962b695b01c0d86918b8f8a263e9665c)
Autobuild-User(v4-14-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-14-test): Wed Mar 31 11:10:29 UTC 2021 on sn-devel-184
Ralph Boehme [Wed, 17 Mar 2021 15:24:28 +0000 (16:24 +0100)]
smbd: cancel pending poll open timer in poll_open_done()
The retry of the open is scheduled below, avoid rescheduling it a second time in
the open retry timeout function.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14672
CI: https://gitlab.com/samba-team/samba/-/merge_requests/1843
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
171a58ff3e8ee07cf5d7af08eabcb4a7379e7ce5)
Ralph Boehme [Wed, 17 Mar 2021 15:22:37 +0000 (16:22 +0100)]
smbd: reset dangling watch_req pointer in poll_open_done
We just freed subreq and a pointer to subreq is stored in open_rec->watch_req,
so we must invalidate the pointer.
Otherwise if the poll open timer fires it will do a
TALLOC_FREE(open_rec->watch_req);
on the dangling pointer which may crash or do something worse like freeing some
other random talloc memory.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14672
CI: https://gitlab.com/samba-team/samba/-/merge_requests/1843
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
065ed088b3d5710c288e46a5bf1e063f9a29c8cc)
Trever L. Adams [Sat, 13 Mar 2021 19:47:21 +0000 (12:47 -0700)]
s3:modules:vfs_virusfilter: Recent New_VFS changes break vfs_virusfilter_openat.
The_New_VFS introduces several changes that broke vfs_virusfilter_openat. The assert to make sure certain checks would work broke.
This patch fixes those breaks and converts to the SMB_VFS_FSTAT_NEXT instead of SMB_VFS_STAT_NEXT.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14671
RN: vfs_virusfilter_openat support New_VFS FSTAT, avoid SMB_ASSERT(fsp_get_pathref_fd(dirfsp) == AT_FDCWD); problem.
Signed-off-by: Trever L. Adams" <trever.adams@gmail.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
Autobuild-User(master): Noel Power <npower@samba.org>
Autobuild-Date(master): Mon Mar 22 19:44:30 UTC 2021 on sn-devel-184
(cherry picked from commit
d6a16ad00e426a6f815215af71c071dd8e85a50a)
David Mulder [Tue, 9 Mar 2021 18:13:40 +0000 (11:13 -0700)]
samba-gpupdate: Check sysvol download paths in case-insensitive way
https://bugzilla.samba.org/show_bug.cgi?id=14665
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Björn Baumbach <bb@sernet.de>
(cherry picked from commit
2d6bed495e14349e19ba680bd72c3f110f1c397b)
David Mulder [Tue, 9 Mar 2021 19:30:14 +0000 (12:30 -0700)]
samba-gpupdate: Test that sysvol paths download in case-insensitive way
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14665
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Björn Baumbach <bb@sernet.de>
(cherry picked from commit
554f2134a9f9638ebd8ac2500e5b6c94b74c27d5)
Christof Schmitt [Fri, 5 Mar 2021 23:07:54 +0000 (16:07 -0700)]
idmap_nss: Do not return SID from unixids_to_sids on type mismatch
The call to winbind_lookup_name already wrote the result in the id_map
array. The later check for the type detected a mismatch, but that did
not remove the SID from the result struct.
Change this by first assigning the SID to a temporary variable and only
write it to the id_map array after the type checks.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14663
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Mar 11 08:38:41 UTC 2021 on sn-devel-184
(cherry picked from commit
0e789ba1802ca22e5a01abd6e93ef66cd45566a7)
Christof Schmitt [Fri, 5 Mar 2021 23:01:13 +0000 (16:01 -0700)]
idmap_rfc2307: Do not return SID from unixids_to_sids on type mismatch
The call to winbind_lookup_name already wrote the result in the id_map
array. The later check for the type detected a mismatch, but that did
not remove the SID from the result struct.
Change this by first assigning the SID to a temporary variable and only
write it to the id_map array after the type checks.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14663
Signed-off-by: Christof Schmitt <cs@samba.org>
(cherry picked from commit
79dd4b133c37451c98fe7f7c45da881e89e91ffc)
Christof Schmitt [Fri, 5 Mar 2021 22:48:29 +0000 (15:48 -0700)]
winbind: Only use unixid2sid mapping when module reports ID_MAPPED
Only consider a mapping to be valid when the idmap module reports
ID_MAPPED. Otherwise return the null SID.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14663
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
db2afa57e4aa926b478db1be4d693edbdf4d2a23)
Sachin Prabhu [Wed, 10 Mar 2021 12:22:07 +0000 (12:22 +0000)]
smbd: Ensure errno is preserved across fsp destructor
The errno can be overwritten by the calls made by the fsp destructor.
This can cause problems if the original errno was required by subsequent
calls.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14662
Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Sachin Prabhu <sprabhu@redhat.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Mar 10 22:55:17 UTC 2021 on sn-devel-184
(cherry picked from commit
65510204d4123b1825ea57607e84ba50f8ce3baf)
Stefan Metzmacher [Wed, 17 Feb 2021 11:57:01 +0000 (12:57 +0100)]
third_party: Update socket_wrapper to version 1.3.3
This fixes a deadlock abort() when SOCKET_WRAPPER_KEEP_PCAP=1
is used.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14640
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Mar 17 23:53:04 UTC 2021 on sn-devel-184
(cherry picked from commit
10c198827d977e07b411897556578d3aedce2184)
Stefan Metzmacher [Tue, 9 Feb 2021 07:56:42 +0000 (08:56 +0100)]
third_party: Update socket_wrapper to version 1.3.2
This brings support for fd-passing of INET sockets.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11899
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
ab943babc3eb454186558f6e863996dfcf7a20ea)
Stefan Metzmacher [Wed, 24 Mar 2021 10:55:22 +0000 (11:55 +0100)]
VERSION: Bump version up to 4.14.2...
GIT_SNAPSHOT is already 'yes'.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Wed, 24 Mar 2021 10:55:04 +0000 (11:55 +0100)]
Merge tag 'samba-4.14.2' into v4-14-test
samba: tag release samba-4.14.2
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Karolin Seeger [Wed, 24 Mar 2021 10:07:42 +0000 (11:07 +0100)]
WHATSNEW: Add release notes for Samba 4.14.2.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Stefan Metzmacher [Wed, 24 Mar 2021 09:24:47 +0000 (10:24 +0100)]
VERSION: Bump version for Samba 4.14.2 release.
o BUG #14595: CVE-2020-27840: Heap corruption via crafted DN strings.
o BUG #14655: CVE-2021-20277: Out of bounds read in AD DC LDAP server.
Note this is exactly the same as 4.14.1, except that it
has a dependency on ldb version 2.3.0, which is needed if
someone builds against a system libldb.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Stefan Metzmacher [Wed, 24 Mar 2021 09:23:06 +0000 (10:23 +0100)]
ldb: version 2.3.0
o BUG #14595: CVE-2020-27840: Heap corruption via crafted DN strings.
o BUG #14655: CVE-2021-20277: Out of bounds read in AD DC LDAP server.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Tue, 23 Mar 2021 08:29:08 +0000 (09:29 +0100)]
VERSION: Disable GIT_SNAPSHOT for the 4.14.1 release.
o BUG #14595: CVE-2020-27840: Heap corruption via crafted DN strings.
o BUG #14655: CVE-2021-20277: Out of bounds read in AD DC LDAP server.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Tue, 23 Mar 2021 08:28:00 +0000 (09:28 +0100)]
WHATSNEW: Add release notes for Samba 4.14.1.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Douglas Bagnall [Thu, 11 Feb 2021 03:28:43 +0000 (16:28 +1300)]
CVE-2020-27840: pytests: move Dn.validate test to ldb
We had the test in the Samba Python segfault suite because
a) the signal catching infrastructure was there, and
b) the ldb tests lack Samba's knownfail mechanism, which allowed us to
assert the failure.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14595
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Fri, 11 Dec 2020 03:32:25 +0000 (16:32 +1300)]
CVE-2020-27840 ldb_dn: avoid head corruption in ldb_dn_explode
A DN string with lots of trailing space can cause ldb_dn_explode() to
put a zero byte in the wrong place in the heap.
When a DN string has a value represented with trailing spaces,
like this
"CN=foo ,DC=bar"
the whitespace is supposed to be ignored. We keep track of this in the
`t` pointer, which is NULL when we are not walking through trailing
spaces, and points to the first space when we are. We are walking with
the `p` pointer, writing the value to `d`, and keeping the length in
`l`.
"CN=foo ,DC= " ==> "foo "
^ ^ ^
t p d
--l---
The value is finished when we encounter a comma or the end of the
string. If `t` is not NULL at that point, we assume there are trailing
spaces and wind `d and `l` back by the correct amount. Then we switch
to expecting an attribute name (e.g. "CN"), until we get to an "=",
which puts us back into looking for a value.
Unfortunately, we forget to immediately tell `t` that we'd finished
the last value, we can end up like this:
"CN=foo ,DC= " ==> ""
^ ^ ^
t p d
l=0
where `p` is pointing to a new value that contains only spaces, while
`t` is still referring to the old value. `p` notices the value ends,
and we subtract `p - t` from `d`:
"CN=foo ,DC= " ==> ? ""
^ ^ ^
t p d
l ~= SIZE_MAX - 8
At that point `d` wants to terminate its string with a '\0', but
instead it terminates someone else's byte. This does not crash if the
number of trailing spaces is small, as `d` will point into a previous
value (a copy of "foo" in this example). Corrupting that value will
ultimately not matter, as we will soon try to allocate a buffer `l`
long, which will be greater than the available memory and the whole
operation will fail properly.
However, with more spaces, `d` will point into memory before the
beginning of the allocated buffer, with the exact offset depending on
the length of the earlier attributes and the number of spaces.
What about a longer DN with more attributes? For example,
"CN=foo ,DC= ,DC=example,DC=com" -- since `d` has moved out of
bounds, won't we continue to use it and write more DN values into
mystery memory? Fortunately not, because the aforementioned allocation
of `l` bytes must happen first, and `l` is now huge. The allocation
happens in a talloc_memdup(), which is by default restricted to
allocating 256MB.
So this allows a person who controls a string parsed by ldb_dn_explode
to corrupt heap memory by placing a single zero byte at a chosen
offset before the allocated buffer.
An LDAP bind request can send a string DN as a username. This DN is
necessarily parsed before the password is checked, so an attacker does
not need proper credentials. The attacker can easily cause a denial of
service and we cannot rule out more subtle attacks.
The immediate solution is to reset `t` to NULL when a comma is
encountered, indicating that we are no longer looking at trailing
whitespace.
Found with the help of Honggfuzz.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14595
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Thu, 11 Feb 2021 04:05:14 +0000 (17:05 +1300)]
CVE-2020-27840: pytests:segfault: add ldb.Dn validate test
ldb.Dn.validate wraps ldb_dn_explode.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14595
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Tue, 8 Dec 2020 08:32:09 +0000 (21:32 +1300)]
CVE-2021-20277 ldb/attrib_handlers casefold: stay in bounds
For a string that had N spaces at the beginning, we would
try to move N bytes beyond the end of the string.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14655
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry-picked from commit for master)
Andrew Bartlett [Thu, 11 Mar 2021 22:51:56 +0000 (11:51 +1300)]
CVE-2021-20277 ldb: Remove tests from ldb_match_test that do not pass
This reverts some of the backport of
33a95a1e75b85e9795c4490b78ead2162e2a1f47
This is done here rather than squashed in the cherry-pick of the expanded testsuite
because it allows this commit to be simply reverted for the backport of bug 14044
if this lands first, or to be dropped if bug 14044 lands first.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14655
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Douglas Bagnall [Fri, 5 Mar 2021 07:13:01 +0000 (20:13 +1300)]
CVE-2021-20277 ldb tests: ldb_match tests with extra spaces
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14655
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry-picked from commit for master)
Douglas Bagnall [Fri, 5 Mar 2021 02:47:56 +0000 (15:47 +1300)]
ldb: add tests for ldb_wildcard_compare
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14044
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Björn Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry-picked from commit
33a95a1e75b85e9795c4490b78ead2162e2a1f47)
Karolin Seeger [Tue, 9 Mar 2021 12:31:47 +0000 (13:31 +0100)]
VERSION: Bump version up to 4.14.1...
and-re-enable GIT_SNAPSHOT.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
(cherry picked from commit
3fa3608e8f00df81ae7504f26459b42da069d322)
Karolin Seeger [Tue, 9 Mar 2021 12:31:47 +0000 (13:31 +0100)]
VERSION: Bump version up to 4.14.1...
and-re-enable GIT_SNAPSHOT.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Tue, 9 Mar 2021 12:30:50 +0000 (13:30 +0100)]
VERSION: Bump version up to 4.14.0...
and disable GIT_SNAPSHOT for the release.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Tue, 9 Mar 2021 12:27:49 +0000 (13:27 +0100)]
WHATSNEW: Add release notes for Samba 4.14.0.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Tue, 9 Mar 2021 08:18:16 +0000 (09:18 +0100)]
Revert "wscript: use --as-needed only if tested successfully"
This reverts commit
4d1ed9c319deac5cba1682611dcefdf002cb9d48.
Volker Lendecke [Wed, 3 Mar 2021 18:15:31 +0000 (19:15 +0100)]
g_lock: Fix uninitalized variable reads
If dbwrap_watched_watch_recv() returns IO_TIMEOUT, "blockerdead" might
be an uninitialized non-false, and further down we'll remove the wrong
exclusive locker.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14636
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Mar 5 11:22:07 UTC 2021 on sn-devel-184
(cherry picked from commit
654c18a244f060d81280493a324b98602a69dbbf)
Autobuild-User(v4-14-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-14-test): Mon Mar 8 10:58:06 UTC 2021 on sn-devel-184
Volker Lendecke [Wed, 3 Mar 2021 18:19:23 +0000 (19:19 +0100)]
locking: Fix an uninitialized variable read
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14636
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
84b634c613352fc1da8e1525d72597c526d534d2)
Trever L. Adams [Fri, 26 Feb 2021 22:52:03 +0000 (14:52 -0800)]
s3:modules:vfs_virusfilter: Recent talloc changes cause infinite start-up failure
Recent talloc changes cause the current check for failure to allocate to be incorrectly triggered.
This patch checks to see if the original parameter to be checked for NULL if the talloc returns NULL. This allows for rapid passing in the ca
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14634
RN: Fix failure of vfs_virusfilter starting due to talloc changes
Signed-off-by: Trever L. Adams" <trever.adams@gmail.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Noel Power <noel.power@suse.com>
(cherry picked from commit
5a92810082c9a9d2833946ae0d83ce05a6bde597)
Autobuild-User(v4-14-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-14-test): Fri Mar 5 14:25:49 UTC 2021 on sn-devel-184
Björn Jacke [Tue, 2 Mar 2021 21:47:35 +0000 (22:47 +0100)]
wscript: use --as-needed only if tested successfully
Some OSes like Solaris based OmiOS don't support this.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14288
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
996560191ac6bd603901dcd6c0de5d239e019ef4)
Peter Eriksson [Tue, 23 Feb 2021 20:13:37 +0000 (12:13 -0800)]
s3: VFS: nfs4_acls. Add missing TALLOC_FREE(frame) in error path.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14648
Signed-off-by: Peter Eriksson <pen@lysator.liu.se>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Mulder <dmulder@samba.org>
Autobuild-User(master): David Mulder <dmulder@samba.org>
Autobuild-Date(master): Thu Feb 25 20:46:02 UTC 2021 on sn-devel-184
(cherry picked from commit
3d91fe071a29e2e0c54a10ba081a46cb5c324585)
Autobuild-User(v4-14-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-14-test): Wed Mar 3 10:12:36 UTC 2021 on sn-devel-184
Karolin Seeger [Mon, 1 Mar 2021 11:25:31 +0000 (12:25 +0100)]
WHATSNEW: Remove some old stuff.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Autobuild-User(v4-14-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-14-test): Mon Mar 1 20:35:12 UTC 2021 on sn-devel-184
Karolin Seeger [Mon, 1 Mar 2021 09:27:24 +0000 (10:27 +0100)]
VERSION: Bump version up to 4.14.0rc5...
and re-enable GIT_SNAPSHOT.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Mon, 1 Mar 2021 09:25:56 +0000 (10:25 +0100)]
VERSION: Disable GIT_SNAPSHOT for the 4.14.0rc4 release.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Mon, 1 Mar 2021 09:25:19 +0000 (10:25 +0100)]
WHATSNEW: Add release notes for Samba 4.14.0rc4.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Ralph Boehme [Mon, 1 Feb 2021 11:37:10 +0000 (12:37 +0100)]
smbd: don't overwrite _mode if neither a msdfs symlink nor get_dosmode is requested
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14629
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
d78964c40b5ca5ee0658c46d492b3dcd6f6b4b94)
Autobuild-User(v4-14-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-14-test): Fri Feb 26 10:00:59 UTC 2021 on sn-devel-184
Ralph Boehme [Mon, 1 Feb 2021 13:44:03 +0000 (14:44 +0100)]
CI: verify a symlink has FILE_ATTRIBUTE_NORMAL set
Not that it really makes sense to set FILE_ATTRIBUTE_NORMAL for symlinks in
POSIX client context, but that's what we had before 4.14.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14629
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
5572ae296e720a00ab438d7b50cfc458af631f69)
Ralph Boehme [Tue, 26 Jan 2021 09:55:42 +0000 (10:55 +0100)]
vfs_aixacl: fix regression from
f4c2f867f035fcbe3d547d5635d058b0aec7636a
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14620
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Björn Jacke <bjacke@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Jan 26 20:05:39 UTC 2021 on sn-devel-184
(cherry picked from commit
7114150f43751ab869323b91da83705b1e1ab465)
Ralph Boehme [Tue, 26 Jan 2021 14:50:00 +0000 (15:50 +0100)]
vfs: restore platform specific POSIX sys_acl_set_file() functions
92b149954237a445594c993b79a860c63113d54b removed SMB_VFS_SYS_ACL_SET_FILE() and
all the VFS module implementations. But sys_acl_set_file() in vfs_default calls
into sys_acl_set_file() in sysacls.c which calls back into platform specific
modules.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14619
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Björn Jacke <bjacke@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Thu Jan 28 15:21:02 UTC 2021 on sn-devel-184
(cherry picked from commit
c8c2aef0ac613849d641e39193448f3e512caccf)
Jeremy Allison [Wed, 27 Jan 2021 05:29:58 +0000 (21:29 -0800)]
smbd: In conn_force_tdis_done() when forcing a connection closed force a full reload of services.
Prevents reload_services() caching the fact it might be
called multiple times in a row.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14604
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
e4c8cd0781aef2a29bb4db1314c9fcd4f6edcecd)
Andrew Bartlett [Thu, 10 Dec 2020 03:03:49 +0000 (16:03 +1300)]
dbcheck: Check Deleted Objects and reduce noise in reports about expired tombstones
These reports (about recently deleted objects)
create concern about a perfectly normal part of DB operation.
We must not operate on objects that are expired or we might reanimate them,
but we must fix "Deleted Objects" if it is wrong (mostly it is set as being
deleted in 9999, but in alpha19 we got this wrong).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14593
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Feb 3 05:29:11 UTC 2021 on sn-devel-184
(cherry picked from commit
da627106cdbf8d375b25fa3338a717447f3dbb6e)
Autobuild-User(v4-14-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-14-test): Mon Feb 22 12:00:43 UTC 2021 on sn-devel-184
Andrew Bartlett [Fri, 11 Dec 2020 02:37:04 +0000 (15:37 +1300)]
selftest: Confirm that we fix any errors on the Deleted Objects container itself
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14593
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
(cherry picked from commit
1ec1c35a3ae422720df491f5555c9bc787c9944c)
Ralph Boehme [Tue, 16 Feb 2021 13:24:05 +0000 (14:24 +0100)]
printing: use correct error out in get_correct_cversion() when openat_pathref_fsp() fails
Fixes a regression introduced by
a74f0af1a91fe0bbc68e4d41d65f43ec383ae8bf: if
there's no existing file, openat_pathref_fsp() will fail with
NT_STATUS_OBJECT_NAME_NOT_FOUND which must be handled the same way it is done by
the SMB_VFS_CREATE_FILE() call below.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14635
RN: Printerdriver upload 4.14rc1 not working
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Wed Feb 17 19:53:00 UTC 2021 on sn-devel-184
(cherry picked from commit
718f7b1a84f1c6eb35d52232a8573370f45add56)
Ralph Boehme [Tue, 16 Feb 2021 13:23:02 +0000 (14:23 +0100)]
printing: use correct error out in file_version_is_newer() when openat_pathref_fsp() fails
Fixes a regression introduced by
ef5e913bca584f0232d5bfff14df4ccba2dda35c: if
there's no existing file, openat_pathref_fsp() will fail with
NT_STATUS_OBJECT_NAME_NOT_FOUND which must be handled the same way it is done by
the SMB_VFS_CREATE_FILE() call below.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14635
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit
70063c523bff5e471eac2b011b243c5aa0c4bee1)
Ralph Boehme [Tue, 16 Feb 2021 13:19:51 +0000 (14:19 +0100)]
printing: use correct error out in file_version_is_newer() when openat_pathref_fsp() fails
Fixes a regression introduced by
cbe25e1777d0c43c21e8acc2cea79fd03fdaf2ea: if
there's no existing file, openat_pathref_fsp() will fail with
NT_STATUS_OBJECT_NAME_NOT_FOUND which must be handled the same way it is done by
the SMB_VFS_CREATE_FILE() call below.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14635
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit
8c1fd86db873f0326faf1cefa731a03709f8ac7f)
Karolin Seeger [Thu, 18 Feb 2021 08:57:15 +0000 (09:57 +0100)]
VERSION: Bump version up to 4.14.0rc4...
and re-enable GIT_SNAPSHOT.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Thu, 18 Feb 2021 08:56:00 +0000 (09:56 +0100)]
VERSION: Bump version up to 4.14.0rc3.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Thu, 18 Feb 2021 08:55:28 +0000 (09:55 +0100)]
WHATSNEW: Add release notes for Samba 4.14.0rc3.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Björn Jacke [Fri, 5 Feb 2021 11:47:01 +0000 (12:47 +0100)]
classicupgrade: treat old never expires value right
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14624
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Feb 10 15:06:49 UTC 2021 on sn-devel-184
(cherry picked from commit
df75d82c9de6977c466ee9f01886cb012a9c5fef)
Autobuild-User(v4-14-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-14-test): Tue Feb 16 18:27:20 UTC 2021 on sn-devel-184
Stefan Metzmacher [Tue, 9 Feb 2021 12:48:36 +0000 (13:48 +0100)]
s3:pysmbd: fix fd leak in py_smbd_create_file()
Various 'samba-tool domain backup' commands use this and will
fail if there's over ~1000 files in the sysvol folder.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13898
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
d8fa464a2dfb11df4e1db4ebffe8bd28ff118c75)
Paul Wise [Mon, 29 Feb 2016 17:58:45 +0000 (11:58 -0600)]
HEIMDAL: krb5_storage_free(NULL) should work
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12505
Signed-off-by: Paul Wise <pabs3@bonedaddy.net>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Original-author: Nicolas Williams <nico@twosigma.com>
(cherry-picked from heimdal commit
b3db07d5f0e03f6a1a0a392e70f9675e19a6d6af)
(cherry picked from commit
f9ed4f7028a5ed29026ac8ef1b47b63755ba98f8)