The branch, v4-19-stable has been updated
via bce5c475d12 VERSION: Disable GIT_SNAPSHOT for the 4.19.7 release.
via e71f7441c9e WHATSNEW: Add release notes for Samba 4.19.7.
via 6ca4df63741 BUG 15569 ldb: Release LDB 2.8.1
via d4f9272b7e9 s3:smbcacls: fix ace_compare
via 123f458dda6 ldb:attrib_handlers: reduce non-transitive behaviour in
ldb_comparison_fold
via 00000382d17 ldb:attrib_handlers: use NUMERIC_CMP in
ldb_comparison_fold
via ae8eb3d2b09 s4:dsdb:mod: repl_md: message sort uses NUMERIC_CMP()
via 2a53574e07e s4:dsdb:mod: repl_md: make message_sort transitive
via 92daa0a7801 ldb: avoid NULL deref in ldb_db_compare
via ca905ccbf1e ldb:attrib_handlers: make ldb_comparison_Boolean more
consistent
via 50bfb065e01 ldb-samba:ldif_handlers: dn_link_comparison: sort
invalid DNs
via 5c5c652db7c ldb-samba:ldif_handlers: dn_link_comparison leaks less
via 96f3db39522 ldb-samba:ldif_handlers: dn_link_comparison correctly
sorts deleted objects
via 2b3416384ae ldb-samba:ldif_handlers: dn_link_comparison semi-sorts
invalid DNs
via fae4e0b16aa ldb-samba:ldif_handlers: dn_link_comparison semi-sorts
deleted objects
via 108f687cf22 ldb-samba: ldif-handlers: make
ldif_comparison_objectSid() accurate
via 5bf176b5692 s4:rpcsrv:samr: improve a comment in compare_msgRid
via 24d362e62d4 s4:rpcsrv:dnsserver: make dns_name_compare transitive
with NULLs
via 9314eaaba91 s3:libsmb:nmblib: use NUMERIC_CMP in status_compare
via f0f9598d5d1 lib/socket: rearrange iface_comp() to use NUMERIC_CMP
via c1819217c0a gensec: sort_gensec uses NUMERIC_CMP
via 4066451f6e8 s3:rpc:wkssvc_nt: dom_user_cmp uses NUMERIC_CMP
via 16288b40eb9 dsdb:schema: use NUMERIC_CMP in place of uint32_cmp
via 069e651d4b8 s3:mod:vfs_vxfs: use NUMERIC_CMP in vxfs_ace_cmp
via f58d857d722 s3:mod:posixacl_xattr: use NUMERIC_CMP in
posixacl_xattr_entry_compare
via 13645e1131b s3:brlock: use NUMERIC_CMP in #ifdef-zeroed lock_compare
via aa255148bbb ldb:dn: make ldb_dn_compare() self-consistent
via 867dce05d21 ldb:sort: generalise both-NULL check to equality check
via 87a6fe0058a ldb:sort: check that elements have values
via 71d2c9093cf ldb:mod:sort: rearrange NULL checks
via d4477eab44a s3:libsmb_xattr: ace_compare() uses NUMERIC_CMP()
via 075aae1d1a0 s3:util:sharesec ace_compare() uses NUMERIC_CMP()
via 32f4e0c7f5a s3:smbcacls: use NUMERIC_CMP in ace_compare
via 26e08f8fc7d s3:util:net_registry: registry_value_cmp() uses
NUMERIC_CMP()
via 30f0a2fb131 s4:wins: use NUMERIC_CMP in
nbtd_wins_randomize1Clist_sort()
via 91dd5024010 s4:wins: winsdb_addr_sort_list() uses NUMERIC_CMP()
via 0f8e25b897f s4:wins: use NUMERIC_CMP in winsdb_addr_sort_list()
via f14a1370f48 s4:dns_server: use NUMERIC_CMP in rec_cmp()
via 622bf82fb32 s4:rpc_server: compare_SamEntry() uses NUMERIC_CMP()
via 6b07ce82a58 s3:lib:util_tdb: use NUMERIC_CMP() in tdb_data_cmp()
via b7f581fb61f libcli/security: use NUMERIC_CMP in
dom_sid_compare_auth()
via 60c318fc66b libcli/security: use NUMERIC_CMP in dom_sid_compare()
via 23d792875f9 ldb: reduce non-transitive comparisons in
ldb_msg_element_compare()
via b2dbe57c977 ldb: avoid non-transitive comparison in ldb_val_cmp()
via fe804401b9b util:datablob: avoid non-transitive comparison in
data_blob_cmp()
via ad50158af05 ldb:attrib_handlers: ldb_comparison_binary uses
NUMERIC_CMP()
via 9de4a5d3bbc ldb:attrib_handlers: ldb_comparison_Boolean uses
NUMERIC_CMP()
via c85cb252af0 util: charset:util_str: use NUMERIC_CMP in
strncasecmp_m_handle
via 5847e53de2f lib/torture: add assert_int_{less,greater} macros
via 12c6c305fb1 s3:libsmb:namequery: use NUMERIC_CMP in addr_compare
via 74befdb1387 s3:libsmb:namequery: note intransitivity in
addr_compare()
via 2557ab23014 util:charset:codepoints: codepoint_cmpi warning about
non-transitivity
via 120479e4e02 util:charset:codepoints: condepoint_cmpi uses
NUMERIC_CMP()
via 388b11b6dc1 util:test: test_ms_fn_match_protocol_no_wildcard: allow
-1
via 59f6652aeee util:charset:util_str: use NUMERIC_CMP in
strcasecmp_m_handle
via 3f8063530d2 torture:charset: test more of strcasecmp_m
via 6b08f2ed860 torture:charset: use < and > assertions for
strncasecmp_m
via 5082378df18 torture:charset: use < and > assertions for strcasecmp_m
via 1a45f172070 util:binsearch: user NUMERIC_CMP()
via ea27699bcd2 s4: use numeric_cmp in dns_common_sort_zones()
via 792f8d40e1c s4:dsdb:mod:operational: use NUMERIC_CMP in pso_compare
via 25e97cd7dba s4:ntvfs: use NUMERIC_CMP in stream_name_cmp
via 6c9119371cd ldb:ldb_dn: use safe NUMERIC_CMP in ldb_dn_compare()
via 8a706fa32be ldb:ldb_dn: use safe NUMERIC_CMP in
ldb_dn_compare_base()
via 20a8eaa8b86 ldb: add NUMERIC_CMP macro to ldb.h
via d386c57d68b util:tsort.h: add a macro for safely comparing numbers
via 22d8332e1b9 lib/fuzzing/decode_ndr_X_crash: guess the pipe from
filename
via 241ebc607b2 ldb: avoid out of bounds read and write in ldb_qsort()
via fab04efa325 s3:libads: avoid changing ADS->server.workgroup
via b6253028b30 s3:libsmb: allow store_cldap_reply() to work with a
ipv6 response
via 3b922dd5759 s4:dsdb/repl: let drepl_out_helpers.c always go via
dreplsrv_out_drsuapi_send()
via 92a0533a9ea s3:utils: let smbstatus report anonymous
signing/encryption explicitly
via 45b9b63283d s3:smbd: allow anonymous encryption after one
authenticated session setup
via 1925abda4c4 s3:utils: let smbstatus also report partial tcon
signing/encryption
via 70969d8da5a s3:utils: let smbstatus also report AES-256 encryption
types for tcons
via 8cc6ccb54a3 s3:utils: let connections_forall_read() report if the
session was authenticated
via 8b6b837eb7d s3:lib: let sessionid_traverse_read() report if the
session was authenticated
via c9c83fb691f s3:utils: remove unused signing_flags in
connections_forall()
via a6c549db3d8 s4:torture/smb2: add
smb2.session.anon-{encryption{1,2,},signing{1,2}}
via 3f476fd8bf3 s4:libcli/smb2: add hack to test anonymous signing and
encryption
via 7a75e6bdaf0 smbXcli_base: add hacks to test anonymous signing and
encryption
via 98adde991bf tests/ntacls: unblock failing gitlab pipelines because
test_setntacl_forcenative
via 11edf47d3c3 .gitlab-ci-main.yml: debug kernel details of the
current runner
via 5502aa893cc .gitlab-ci: Remove tags no longer provided by gitlab.com
via b00c09bee3b s3:utils: Fix Inherit-Only flag being automatically
propagated to children
via e703c0c3914 python/samba/tests/blackbox: Add tests for Inherit-only
flag propagation
via 2930a1955bf libcli/http: Detect unsupported Transfer-encoding type
via 65bb329e166 selftest: Add new test for testing non-chunk transfer
encoding
via a269412c71e selftest: fix potential reference before assigned error
via cbd4a6633c6 libcli/http: Handle http chunked transfer encoding
via 57757be4dfd tests: add test for chunked encoding with http cli
library
via a05d96e4b96 libcli/http: Optimise reading for content-length
via c27ad381b39 selftest: Add basic content-lenght http tests
via 6636ec3bb2a Add simple http_client for use in black box tests (in
following commits)
via 4b7785226ad VERSION: Bump version up to Samba 4.19.7...
from b400092dd0a VERSION: Disable GIT_SNAPSHOT for the 4.19.6 release.
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-19-stable
- Log -----------------------------------------------------------------
-----------------------------------------------------------------------
Summary of changes:
.gitlab-ci-coverage-runners.yml | 8 +-
.gitlab-ci-default-runners.yml | 46 +-
.gitlab-ci-main.yml | 6 +
VERSION | 2 +-
WHATSNEW.txt | 66 ++-
auth/gensec/gensec_start.c | 2 +-
lib/fuzzing/decode_ndr_X_crash | 12 +-
lib/ldb-samba/ldif_handlers.c | 94 +--
lib/ldb/ABI/{ldb-2.8.0.sigs => ldb-2.8.1.sigs} | 0
lib/ldb/common/attrib_handlers.c | 53 +-
lib/ldb/common/ldb_dn.c | 30 +-
lib/ldb/common/ldb_msg.c | 13 +-
lib/ldb/common/qsort.c | 2 +-
lib/ldb/include/ldb.h | 16 +
lib/ldb/modules/sort.c | 19 +-
lib/ldb/wscript | 2 +-
lib/socket/interfaces.c | 22 +-
lib/torture/torture.h | 20 +
lib/util/charset/codepoints.c | 15 +-
lib/util/charset/tests/charset.c | 31 +-
lib/util/charset/util_str.c | 9 +-
lib/util/data_blob.c | 5 +-
lib/util/tests/binsearch.c | 6 +-
lib/util/tests/test_ms_fnmatch.c | 2 +-
lib/util/tsort.h | 19 +
libcli/http/http.c | 309 +++++++++-
libcli/http/http_internal.h | 4 +
libcli/security/dom_sid.c | 25 +-
libcli/smb/smbXcli_base.c | 104 +++-
libcli/smb/smbXcli_base.h | 5 +
python/samba/tests/blackbox/http_chunk.py | 129 +++++
python/samba/tests/blackbox/http_content.py | 95 ++++
.../blackbox/smbcacls_propagate_inhertance.py | 108 ++++
python/samba/tests/ntacls.py | 2 +-
selftest/flapping.d/gitlab-setxattr-security | 18 +
selftest/knownfail-32bit | 8 -
selftest/knownfail.d/smbcacls | 0
selftest/tests.py | 2 +
source3/include/session.h | 1 +
source3/lib/sessionid_tdb.c | 8 +
source3/lib/util_tdb.c | 4 +-
source3/libads/ldap.c | 16 +-
source3/librpc/idl/ads.idl | 1 +
source3/libsmb/dsgetdcname.c | 24 +-
source3/libsmb/libsmb_xattr.c | 14 +-
source3/libsmb/namequery.c | 14 +-
source3/libsmb/nmblib.c | 6 +-
source3/locking/brlock.c | 7 +-
source3/modules/posixacl_xattr.c | 6 +-
source3/modules/vfs_vxfs.c | 6 +-
source3/rpc_server/wkssvc/srv_wkssvc_nt.c | 2 +-
source3/smbd/globals.h | 5 +
source3/smbd/smb2_server.c | 11 +
source3/smbd/smb2_sesssetup.c | 18 +-
source3/smbd/smb2_tcon.c | 4 +
source3/utils/conn_tdb.c | 12 +-
source3/utils/conn_tdb.h | 1 +
source3/utils/net_ads.c | 6 +
source3/utils/net_registry.c | 2 +-
source3/utils/sharesec.c | 8 +-
source3/utils/smbcacls.c | 19 +-
source3/utils/status.c | 82 ++-
source3/utils/status.h | 1 +
source3/utils/status_json.c | 2 +
source4/client/http_test.c | 401 +++++++++++++
source4/dns_server/dnsserver_common.c | 6 +-
source4/dsdb/repl/drepl_out_helpers.c | 26 +-
source4/dsdb/samdb/ldb_modules/operational.c | 2 +-
source4/dsdb/samdb/ldb_modules/repl_meta_data.c | 17 +-
source4/dsdb/schema/schema_set.c | 14 +-
source4/libcli/smb2/session.c | 16 +-
source4/libcli/smb2/smb2.h | 2 +
source4/nbt_server/wins/winsdb.c | 5 +-
source4/nbt_server/wins/winsserver.c | 3 +-
source4/ntvfs/posix/pvfs_streams.c | 3 +-
source4/rpc_server/dnsserver/dnsdata.c | 16 +-
source4/rpc_server/samr/dcesrv_samr.c | 7 +-
source4/torture/smb2/session.c | 629 +++++++++++++++++++++
source4/wscript_build | 5 +
79 files changed, 2469 insertions(+), 272 deletions(-)
copy lib/ldb/ABI/{ldb-2.8.0.sigs => ldb-2.8.1.sigs} (100%)
create mode 100644 python/samba/tests/blackbox/http_chunk.py
create mode 100644 python/samba/tests/blackbox/http_content.py
create mode 100644 selftest/flapping.d/gitlab-setxattr-security
delete mode 100644 selftest/knownfail.d/smbcacls
create mode 100644 source4/client/http_test.c
Changeset truncated at 500 lines:
diff --git a/.gitlab-ci-coverage-runners.yml b/.gitlab-ci-coverage-runners.yml
index 0f6b2ec1581..331c5d2399c 100644
--- a/.gitlab-ci-coverage-runners.yml
+++ b/.gitlab-ci-coverage-runners.yml
@@ -1,10 +1,4 @@
include:
- /.gitlab-ci-default-runners.yml
-.shared_runner_test:
- # We need the more powerful n1-standard-2 runners
- # in order to handle the lcov overhead.
- #
- # See .gitlab-ci-default-runners.yml for more details
- tags:
- - gitlab-org-docker
+# Currently we're happy with the defaults
diff --git a/.gitlab-ci-default-runners.yml b/.gitlab-ci-default-runners.yml
index 2dea6e82c49..bdc504aff21 100644
--- a/.gitlab-ci-default-runners.yml
+++ b/.gitlab-ci-default-runners.yml
@@ -1,48 +1,26 @@
-# From https://docs.gitlab.com/ee/user/gitlab_com/#shared-runners:
+# From https://docs.gitlab.com/ee/ci/runners/hosted_runners/linux.html
#
# ...
#
-# All your CI/CD jobs run on n1-standard-1 instances with 3.75GB of RAM,
CoreOS
-# and the latest Docker Engine installed. Instances provide 1 vCPU and 25GB
of
-# HDD disk space. The default region of the VMs is US East1. Each instance is
-# used only for one job, this ensures any sensitive data left on the system
can’t
-# be accessed by other people their CI jobs.
-#
-# The gitlab-shared-runners-manager-X.gitlab.com fleet of runners are
dedicated
-# for GitLab projects as well as community forks of them. They use a slightly
-# larger machine type (n1-standard-2) and have a bigger SSD disk size. They
don’t
-# run untagged jobs and unlike the general fleet of shared runners, the
instances
-# are re-used up to 40 times.
-#
-# ...
-#
-# The n1-standard-1 runners seem to be tagged with 'docker' together with
'gce'.
-#
-# The more powerful n1-standard-2 runners seem to be tagged with
-# 'gitlab-org-docker' or some with just 'gitlab-org'.
-#
+# Runner Tag vCPUs Memory Storage
+# saas-linux-small-amd64 2 8 GB 25 GB
#
# Our current private runner 'docker', 'samba-ci-private', 'shared' and
-# 'ubuntu1804'. It runs with an ubuntu1804 kernel and privides an ext4
filesystem
-# and similar RAM as the n1-standard-2 runners.
+# 'ubuntu2204'. It runs with an ubuntu2204 kernel (5.15) and provides an
+# ext4 filesystem, 2 CPU and 4 GB (shared tag) 8G (samba-ci-private tag) RAM.
#
.shared_runner_build:
- # We use n1-standard-1 shared runners by default.
- #
- # There are currently 5 shared runners with 'docker' and 'gce',
- # while there are only 2 provising 'docker' together with 'shared'.
+ # We use saas-linux-small-amd64 shared runners by default.
+ # We avoid adding explicit tags for them in order
+ # to work with potential changes in future
#
- # We used to fallback to our private runner if the docker+shared runners
- # were busy, but now that we use the 5 docker+gce runners, we try to only
- # use shared runners without a fallback to our private runner!
- # Lets see how that will work out.
- tags:
- - docker
- - gce
+ # In order to generate valid yaml, we define a dummy variable...
+ variables:
+ SAMBA_SHARED_RUNNER_BUILD_DUMMY_VARIABLE: shared_runner_build
.shared_runner_test:
- # Currently we're fine using the n1-standard-1 runners also for testing
+ # We use saas-linux-small-amd64 shared runners by default.
extends: .shared_runner_build
.private_runner_test:
diff --git a/.gitlab-ci-main.yml b/.gitlab-ci-main.yml
index 779eedb8255..4e4addf5d1a 100644
--- a/.gitlab-ci-main.yml
+++ b/.gitlab-ci-main.yml
@@ -112,8 +112,14 @@ include:
before_script:
- uname -a
+ - ls -l /sys/module/
+ - ls -l /sys/kernel/security/
+ - if [ -e /sys/kernel/security/lsm ]; then cat /sys/kernel/security/lsm ;
echo; fi
+ - if [ -e /proc/config.gz ]; then sudo zcat /proc/config.gz; echo; fi
- lsb_release -a
- cat /etc/os-release
+ - id
+ - cat /proc/self/status
- lscpu
- cat /proc/cpuinfo
- mount
diff --git a/VERSION b/VERSION
index 066af506941..44318cde503 100644
--- a/VERSION
+++ b/VERSION
@@ -27,7 +27,7 @@ SAMBA_COPYRIGHT_STRING="Copyright Andrew Tridgell and the
Samba Team 1992-2023"
########################################################
SAMBA_VERSION_MAJOR=4
SAMBA_VERSION_MINOR=19
-SAMBA_VERSION_RELEASE=6
+SAMBA_VERSION_RELEASE=7
########################################################
# If a official release has a serious bug #
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index be2edfb6ac4..fa27ad5083b 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,3 +1,66 @@
+ ==============================
+ Release Notes for Samba 4.19.7
+ June 10, 2024
+ ==============================
+
+
+This is the latest stable release of the Samba 4.19 release series.
+
+
+Changes since 4.19.6
+--------------------
+
+o Douglas Bagnall <douglas.bagn...@catalyst.net.nz>
+ * BUG 15569: ldb qsort might r/w out of bounds with an intransitive compare
+ function (ldb 2.8.1 is already released).
+ * BUG 15625: Many qsort() comparison functions are non-transitive, which can
+ lead to out-of-bounds access in some circumstances (ldb 2.8.1 is already
+ released).
+
+o Andrew Bartlett <abart...@samba.org>
+ * BUG 15638: Need to change gitlab-ci.yml tags in all branches to avoid CI
+ bill.
+
+o Stefan Metzmacher <me...@samba.org>
+ * BUG 14981: netr_LogonSamLogonEx returns NR_STATUS_ACCESS_DENIED with
+ SysvolReady=0.
+ * BUG 15412: Anonymous smb3 signing/encryption should be allowed (similar to
+ Windows Server 2022).
+ * BUG 15573: Panic in dreplsrv_op_pull_source_apply_changes_trigger.
+ * BUG 15642: winbindd, net ads join and other things don't work on an ipv6
+ only host.
+
+o Anna Popova <popova.anna...@gmail.com>
+ * BUG 15636: Smbcacls incorrectly propagates inheritance with Inherit-Only
+ flag.
+
+o Noel Power <noel.po...@suse.com>
+ * BUG 15611: http library doesn't support 'chunked transfer encoding'.
+
+
+#######################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical:matrix.org matrix room, or
+#samba-technical IRC channel on irc.libera.chat.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 4.1 and newer product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+Release notes for older releases follow:
+----------------------------------------
==============================
Release Notes for Samba 4.19.6
April 08, 2024
@@ -52,8 +115,7 @@ database (https://bugzilla.samba.org/).
======================================================================
-Release notes for older releases follow:
-----------------------------------------
+----------------------------------------------------------------------
==============================
Release Notes for Samba 4.19.5
February 19, 2024
diff --git a/auth/gensec/gensec_start.c b/auth/gensec/gensec_start.c
index b6979812ac0..4511674c8eb 100644
--- a/auth/gensec/gensec_start.c
+++ b/auth/gensec/gensec_start.c
@@ -1103,7 +1103,7 @@ _PUBLIC_ const struct gensec_critical_sizes
*gensec_interface_version(void)
}
static int sort_gensec(const struct gensec_security_ops **gs1, const struct
gensec_security_ops **gs2) {
- return (*gs2)->priority - (*gs1)->priority;
+ return NUMERIC_CMP((*gs2)->priority, (*gs1)->priority);
}
int gensec_setting_int(struct gensec_settings *settings, const char
*mechanism, const char *name, int default_value)
diff --git a/lib/fuzzing/decode_ndr_X_crash b/lib/fuzzing/decode_ndr_X_crash
index 63c3cd747d7..d90e7efe122 100755
--- a/lib/fuzzing/decode_ndr_X_crash
+++ b/lib/fuzzing/decode_ndr_X_crash
@@ -61,8 +61,9 @@ def process_one_file(f):
def main():
parser = argparse.ArgumentParser()
- parser.add_argument('-p', '--pipe', default='$PIPE',
- help='pipe name (for output command line)')
+ parser.add_argument('-p', '--pipe', default=None,
+ help=('pipe name (for output command line, '
+ 'default is a guess or "$PIPE")'))
parser.add_argument('-t', '--type', default=None, choices=TYPES,
help='restrict to this type')
parser.add_argument('-o', '--opnum', default=None, type=int,
@@ -91,6 +92,13 @@ def main():
sys.exit(1)
for fn in args.FILES:
+ if pipe is None:
+ m = re.search(r'clusterfuzz-testcase.+-fuzz_ndr_([a-z]+)', fn)
+ if m is None:
+ pipe = '$PIPE'
+ else:
+ pipe = m.group(1)
+
if args.crash_filter is not None:
if not re.search(args.crash_filter, fn):
print_if_verbose(f"skipping {fn}")
diff --git a/lib/ldb-samba/ldif_handlers.c b/lib/ldb-samba/ldif_handlers.c
index f77a268c1a8..e339c1c8b10 100644
--- a/lib/ldb-samba/ldif_handlers.c
+++ b/lib/ldb-samba/ldif_handlers.c
@@ -150,36 +150,47 @@ bool ldif_comparision_objectSid_isString(const struct
ldb_val *v)
/*
compare two objectSids
+
+ If the SIDs seem to be strings, they are converted to binary form.
*/
static int ldif_comparison_objectSid(struct ldb_context *ldb, void *mem_ctx,
const struct ldb_val *v1, const struct
ldb_val *v2)
{
- if (ldif_comparision_objectSid_isString(v1) &&
ldif_comparision_objectSid_isString(v2)) {
- return ldb_comparison_binary(ldb, mem_ctx, v1, v2);
- } else if (ldif_comparision_objectSid_isString(v1)
- && !ldif_comparision_objectSid_isString(v2)) {
- struct ldb_val v;
- int ret;
- if (ldif_read_objectSid(ldb, mem_ctx, v1, &v) != 0) {
- /* Perhaps not a string after all */
- return ldb_comparison_binary(ldb, mem_ctx, v1, v2);
+ bool v1_is_string = ldif_comparision_objectSid_isString(v1);
+ bool v2_is_string = ldif_comparision_objectSid_isString(v2);
+ struct ldb_val parsed_1 = {};
+ struct ldb_val parsed_2 = {};
+ int ret;
+ /*
+ * If the ldb_vals look like SID strings (i.e. start with "S-"
+ * or "s-"), we try to parse them as such. If that fails, we
+ * assume they are binary SIDs, even though that's not really
+ * possible -- the first two bytes of a struct dom_sid are the
+ * version (1), and the number of sub-auths (<= 15), neither
+ * of which are close to 'S' or '-'.
+ */
+ if (v1_is_string) {
+ int r = ldif_read_objectSid(ldb, mem_ctx, v1, &parsed_1);
+ if (r == 0) {
+ v1 = &parsed_1;
}
- ret = ldb_comparison_binary(ldb, mem_ctx, &v, v2);
- talloc_free(v.data);
- return ret;
- } else if (!ldif_comparision_objectSid_isString(v1)
- && ldif_comparision_objectSid_isString(v2)) {
- struct ldb_val v;
- int ret;
- if (ldif_read_objectSid(ldb, mem_ctx, v2, &v) != 0) {
- /* Perhaps not a string after all */
- return ldb_comparison_binary(ldb, mem_ctx, v1, v2);
+ }
+ if (v2_is_string) {
+ int r = ldif_read_objectSid(ldb, mem_ctx, v2, &parsed_2);
+ if (r == 0) {
+ v2 = &parsed_2;
}
- ret = ldb_comparison_binary(ldb, mem_ctx, v1, &v);
- talloc_free(v.data);
- return ret;
}
- return ldb_comparison_binary(ldb, mem_ctx, v1, v2);
+
+ ret = ldb_comparison_binary(ldb, mem_ctx, v1, v2);
+
+ if (v1_is_string) {
+ TALLOC_FREE(parsed_1.data);
+ }
+ if (v2_is_string) {
+ TALLOC_FREE(parsed_2.data);
+ }
+ return ret;
}
/*
@@ -1148,22 +1159,41 @@ static int samba_ldb_dn_link_comparison(struct
ldb_context *ldb, void *mem_ctx,
struct ldb_dn *dn1 = NULL, *dn2 = NULL;
int ret;
+ /*
+ * In a sort context, Deleted DNs get shifted to the end.
+ * They never match in an equality
+ */
if (dsdb_dn_is_deleted_val(v1)) {
- /* If the DN is deleted, then we can't search for it */
- return -1;
- }
-
- if (dsdb_dn_is_deleted_val(v2)) {
- /* If the DN is deleted, then we can't search for it */
+ if (! dsdb_dn_is_deleted_val(v2)) {
+ return 1;
+ }
+ /*
+ * They are both deleted!
+ *
+ * The soundest thing to do at this point is carry on
+ * and compare the DNs normally. This matches the
+ * behaviour of samba_dn_extended_match() below.
+ */
+ } else if (dsdb_dn_is_deleted_val(v2)) {
return -1;
}
dn1 = ldb_dn_from_ldb_val(mem_ctx, ldb, v1);
- if ( ! ldb_dn_validate(dn1)) return -1;
-
dn2 = ldb_dn_from_ldb_val(mem_ctx, ldb, v2);
+
+ if ( ! ldb_dn_validate(dn1)) {
+ TALLOC_FREE(dn1);
+ if ( ! ldb_dn_validate(dn2)) {
+ TALLOC_FREE(dn2);
+ return 0;
+ }
+ TALLOC_FREE(dn2);
+ return 1;
+ }
+
if ( ! ldb_dn_validate(dn2)) {
- talloc_free(dn1);
+ TALLOC_FREE(dn1);
+ TALLOC_FREE(dn2);
return -1;
}
diff --git a/lib/ldb/ABI/ldb-2.8.0.sigs b/lib/ldb/ABI/ldb-2.8.1.sigs
similarity index 100%
copy from lib/ldb/ABI/ldb-2.8.0.sigs
copy to lib/ldb/ABI/ldb-2.8.1.sigs
diff --git a/lib/ldb/common/attrib_handlers.c b/lib/ldb/common/attrib_handlers.c
index 15470cfcc74..3d13e4bd9fd 100644
--- a/lib/ldb/common/attrib_handlers.c
+++ b/lib/ldb/common/attrib_handlers.c
@@ -281,15 +281,36 @@ static int ldb_canonicalise_Boolean(struct ldb_context
*ldb, void *mem_ctx,
}
/*
- compare two Booleans
-*/
+ * compare two Booleans.
+ *
+ * According to RFC4517 4.2.2, "the booleanMatch rule is an equality matching
+ * rule", meaning it isn't used for ordering.
+ *
+ * However, it seems conceivable that Samba could be coerced into sorting on a
+ * field with Boolean syntax, so we might as well have consistent behaviour in
+ * that case.
+ *
+ * The most probably values are {"FALSE", 5} and {"TRUE", 4}. To save time we
+ * compare first by length, which makes FALSE > TRUE. This is somewhat
+ * contrary to convention, but is how Samba has worked forever.
+ *
+ * If somehow we are comparing incompletely normalised values where the length
+ * is the same (for example {"false", 5} and {"TRUE\0", 5}), the length is the
+ * same, and we fall back to a strncasecmp. In this case, since "FALSE" is
+ * alphabetically lower, we swap the order, so that "TRUE\0" again comes
+ * before "FALSE".
+ *
+ * ldb_canonicalise_Boolean (just above) gives us a clue as to what we might
+ * expect to cope with by way of invalid values.
+ */
static int ldb_comparison_Boolean(struct ldb_context *ldb, void *mem_ctx,
const struct ldb_val *v1, const struct ldb_val *v2)
{
if (v1->length != v2->length) {
- return v1->length - v2->length;
+ return NUMERIC_CMP(v2->length, v1->length);
}
- return strncasecmp((char *)v1->data, (char *)v2->data, v1->length);
+ /* reversed, see long comment above */
+ return strncasecmp((char *)v2->data, (char *)v1->data, v1->length);
}
@@ -300,7 +321,7 @@ int ldb_comparison_binary(struct ldb_context *ldb, void
*mem_ctx,
const struct ldb_val *v1, const struct ldb_val *v2)
{
if (v1->length != v2->length) {
- return v1->length - v2->length;
+ return NUMERIC_CMP(v1->length, v2->length);
}
return memcmp(v1->data, v2->data, v1->length);
}
@@ -372,17 +393,27 @@ utf8str:
b2 = ldb_casefold(ldb, mem_ctx, s2, n2);
if (!b1 || !b2) {
- /* One of the strings was not UTF8, so we have no
- * options but to do a binary compare */
+ /*
+ * One of the strings was not UTF8, so we have no
+ * options but to do a binary compare.
+ */
talloc_free(b1);
talloc_free(b2);
ret = memcmp(s1, s2, MIN(n1, n2));
if (ret == 0) {
- if (n1 == n2) return 0;
+ if (n1 == n2) {
+ return 0;
+ }
if (n1 > n2) {
- return (int)ldb_ascii_toupper(s1[n2]);
+ if (s1[n2] == '\0') {
+ return 0;
+ }
+ return 1;
} else {
- return -(int)ldb_ascii_toupper(s2[n1]);
+ if (s2[n1] == '\0') {
+ return 0;
+ }
+ return -1;
}
}
return ret;
@@ -404,7 +435,7 @@ utf8str:
while (*u1 == ' ') u1++;
while (*u2 == ' ') u2++;
}
- ret = (int)(*u1 - *u2);
+ ret = NUMERIC_CMP(*u1, *u2);
talloc_free(b1);
talloc_free(b2);
diff --git a/lib/ldb/common/ldb_dn.c b/lib/ldb/common/ldb_dn.c
index 601da57a1b1..8388fdb7318 100644
--- a/lib/ldb/common/ldb_dn.c
+++ b/lib/ldb/common/ldb_dn.c
@@ -1111,7 +1111,7 @@ int ldb_dn_compare_base(struct ldb_dn *base, struct
ldb_dn *dn)
/* compare attr.cf_value. */
if (b_vlen != dn_vlen) {
- return b_vlen - dn_vlen;
+ return NUMERIC_CMP(b_vlen, dn_vlen);
}
ret = strncmp(b_vdata, dn_vdata, b_vlen);
if (ret != 0) return ret;
@@ -1132,8 +1132,32 @@ int ldb_dn_compare(struct ldb_dn *dn0, struct ldb_dn
*dn1)
{
unsigned int i;
int ret;
+ /*
+ * If used in sort, we shift NULL and invalid DNs to the end.
+ *
+ * If ldb_dn_casefold_internal() fails, that goes to the end too, so
+ * we end up with:
+ *
+ * | normal DNs, sorted | casefold failed DNs | invalid DNs | NULLs |
+ */
- if (( ! dn0) || dn0->invalid || ! dn1 || dn1->invalid) {
+ if (dn0 == dn1) {
+ /* this includes the both-NULL case */
+ return 0;
+ }
+ if (dn0 == NULL) {
+ return 1;
+ }
+ if (dn1 == NULL) {
+ return -1;
+ }
--
Samba Shared Repository
