The branch, master has been updated via 38beef2 libads: Fix deadlock when re-joining a domain and updating keytab via df91bc5 libads: Fix free of uninitialized pointer via 9343386 s3: Fix pam_authenticate() when lp_null_passwords() is true via c3c820a s3: nmbd: Don't set work_changed = True inside update_server_ttl(). via db6572e s3: nmbd: Ensure we only set work_changed = true if we modify the record. from 20a7945 Revert "ctdb-recoverd: Abort when daemon can take recovery lock during recovery"
https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 38beef2ff63664d7d5805f1032bb9f69d0b965d7 Author: Uri Simchoni <urisimch...@gmail.com> Date: Sat May 2 13:44:53 2015 +0300 libads: Fix deadlock when re-joining a domain and updating keytab When updating the system keytab as a result of joining a domain, if the keytb had prior entries, ads_keytab_create_default tries to update those entries. However, it starts updating before freeing the cursor which was used for finding those entries, and hence causes an an attempt to write-lock the keytab while a read-lock exists. To reproduce configure smb.conf for ads domain member and run this twice: net ads join -U <credentials> '--option=kerberos method=secrets and keytab' Signed-off-by: Uri Simchoni <urisimch...@gmail.com> Reviewed-by: Jeremy Allison <j...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Mon May 4 21:01:41 CEST 2015 on sn-devel-104 commit df91bc5159b24f6f10fd9742b49192921d51f821 Author: Uri Simchoni <urisimch...@gmail.com> Date: Sat May 2 13:44:52 2015 +0300 libads: Fix free of uninitialized pointer In ads_keytab_creat_default(), if the keytab to be created cannot be opened, the bail-out code calls smb_krb5_kt_free_entry() on an uninitialized entry. To reproduce: 1. Join a domain 2. KRB5_KTNAME=FILE:/non-existant-path/krb5.keytab net ads keytab create -P Signed-off-by: Uri Simchoni <urisimch...@gmail.com> Reviewed-by: Jeremy Allison <j...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 9343386b91c3de6b5f238169d34390afc1ee069f Author: Maks Naumov <maksq...@ukr.net> Date: Sun May 3 13:34:49 2015 +0300 s3: Fix pam_authenticate() when lp_null_passwords() is true (PAM_SILENT | lp_null_passwords() ? 0 : PAM_DISALLOW_NULL_AUTHTOK) is always 0 when lp_null_passwords() == true. Signed-off-by: Maks Naumov <maksq...@ukr.net> Reviewed-by: Jeremy Allison <j...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit c3c820a661c092de31d56c16c8cd1ec57999d2f7 Author: Jeremy Allison <j...@samba.org> Date: Fri May 1 09:56:59 2015 -0700 s3: nmbd: Don't set work_changed = True inside update_server_ttl(). This is taken care of inside expire_servers() when it calls remove_server_from_workgroup(). Ensure the only functions in nmbd_serverlistdb.c that set subnet->work_changed are: remove_all_servers() add_server_to_workgroup() remove_server_from_workgroup() Fix inspired by a change from Volker. https://bugzilla.samba.org/show_bug.cgi?id=11254 Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit db6572ef80e20b0e577b9e9fb5d233f8bdd20713 Author: Jeremy Allison <j...@samba.org> Date: Thu Apr 30 12:05:17 2015 -0700 s3: nmbd: Ensure we only set work_changed = true if we modify the record. https://bugzilla.samba.org/show_bug.cgi?id=11254 Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> ----------------------------------------------------------------------- Summary of changes: source3/auth/pampass.c | 2 +- source3/libads/kerberos_keytab.c | 10 ++++++---- source3/nmbd/nmbd_incomingdgrams.c | 22 +++++++++++++++++----- source3/nmbd/nmbd_serverlistdb.c | 5 ----- 4 files changed, 24 insertions(+), 15 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/auth/pampass.c b/source3/auth/pampass.c index bde7c22..2a3195c 100644 --- a/source3/auth/pampass.c +++ b/source3/auth/pampass.c @@ -524,7 +524,7 @@ static NTSTATUS smb_pam_auth(pam_handle_t *pamh, const char *user) */ DEBUG(4,("smb_pam_auth: PAM: Authenticate User: %s\n", user)); - pam_error = pam_authenticate(pamh, PAM_SILENT | lp_null_passwords() ? 0 : PAM_DISALLOW_NULL_AUTHTOK); + pam_error = pam_authenticate(pamh, PAM_SILENT | (lp_null_passwords() ? 0 : PAM_DISALLOW_NULL_AUTHTOK)); switch( pam_error ){ case PAM_AUTH_ERR: DEBUG(2, ("smb_pam_auth: PAM: Authentication Error for user %s\n", user)); diff --git a/source3/libads/kerberos_keytab.c b/source3/libads/kerberos_keytab.c index bbd981c..309e614 100644 --- a/source3/libads/kerberos_keytab.c +++ b/source3/libads/kerberos_keytab.c @@ -520,6 +520,9 @@ int ads_keytab_create_default(ADS_STRUCT *ads) size_t i; ADS_STATUS status; + ZERO_STRUCT(kt_entry); + ZERO_STRUCT(cursor); + frame = talloc_stackframe(); if (frame == NULL) { ret = -1; @@ -575,8 +578,6 @@ int ads_keytab_create_default(ADS_STRUCT *ads) #endif memset(princ_s, '\0', sizeof(princ_s)); - ZERO_STRUCT(kt_entry); - ZERO_STRUCT(cursor); initialize_krb5_error_table(); ret = krb5_init_context(&context); @@ -730,13 +731,14 @@ int ads_keytab_create_default(ADS_STRUCT *ads) smb_krb5_kt_free_entry(context, &kt_entry); ZERO_STRUCT(kt_entry); } + krb5_kt_end_seq_get(context, keytab, &cursor); + ZERO_STRUCT(cursor); + ret = 0; for (i = 0; oldEntries[i]; i++) { ret |= ads_keytab_add_entry(ads, oldEntries[i]); TALLOC_FREE(oldEntries[i]); } - krb5_kt_end_seq_get(context, keytab, &cursor); - ZERO_STRUCT(cursor); done: TALLOC_FREE(oldEntries); diff --git a/source3/nmbd/nmbd_incomingdgrams.c b/source3/nmbd/nmbd_incomingdgrams.c index b728c13..9a69252 100644 --- a/source3/nmbd/nmbd_incomingdgrams.c +++ b/source3/nmbd/nmbd_incomingdgrams.c @@ -327,12 +327,25 @@ a local master browser for workgroup %s and we think we are master. Forcing elec ttl, comment); } else { /* Update the record. */ - servrec->serv.type = servertype|SV_TYPE_LOCAL_LIST_ONLY; + if (servrec->serv.type != + (servertype|SV_TYPE_LOCAL_LIST_ONLY)) { + servrec->serv.type = + servertype|SV_TYPE_LOCAL_LIST_ONLY; + subrec->work_changed = true; + } + if (!strequal(servrec->serv.comment,comment)) { + strlcpy(servrec->serv.comment, + comment, + sizeof(servrec->serv.comment)); + subrec->work_changed = true; + } update_server_ttl(servrec, ttl); - strlcpy(servrec->serv.comment,comment,sizeof(servrec->serv.comment)); } - - set_workgroup_local_master_browser_name( work, server_name ); + + if (!strequal(work->local_master_browser_name, server_name)) { + set_workgroup_local_master_browser_name( work, server_name ); + subrec->work_changed = true; + } } else { /* * This server is announcing it is going down. Remove it from the @@ -344,7 +357,6 @@ a local master browser for workgroup %s and we think we are master. Forcing elec } } - subrec->work_changed = True; done: return; } diff --git a/source3/nmbd/nmbd_serverlistdb.c b/source3/nmbd/nmbd_serverlistdb.c index b405719..cd84bdf 100644 --- a/source3/nmbd/nmbd_serverlistdb.c +++ b/source3/nmbd/nmbd_serverlistdb.c @@ -133,8 +133,6 @@ workgroup %s. This is a bug.\n", name, work->work_group)); DEBUG(3,("create_server_on_workgroup: Created server entry %s of type %x (%s) on \ workgroup %s.\n", name,servertype,comment, work->work_group)); - work->subnet->work_changed = True; - return(servrec); } @@ -151,8 +149,6 @@ void update_server_ttl(struct server_record *servrec, int ttl) servrec->death_time = PERMANENT_TTL; else servrec->death_time = (ttl != PERMANENT_TTL) ? time(NULL)+(ttl*3) : PERMANENT_TTL; - - servrec->subnet->work_changed = True; } /******************************************************************* @@ -172,7 +168,6 @@ void expire_servers(struct work_record *work, time_t t) if ((servrec->death_time != PERMANENT_TTL) && ((t == -1) || (servrec->death_time < t))) { DEBUG(3,("expire_old_servers: Removing timed out server %s\n",servrec->serv.name)); remove_server_from_workgroup(work, servrec); - work->subnet->work_changed = True; } } } -- Samba Shared Repository