[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated via 5d5fa9a6c4c VERSION: Bump version up to Samba 4.16.12... via 225a003a043 VERSION: Disable GIT_SNAPSHOT for the 4.16.11 release. via 40053373794 WHATSNEW: Add release notes for Samba 4.16.11. via caf21883fa8 s3:rpc_server:netlogon: generate FAULT_INVALID_TAG for invalid netr_LogonGetCapabilities levels via 585df7e0220 s4:rpc_server:netlogon: generate FAULT_INVALID_TAG for invalid netr_LogonGetCapabilities levels via 5d48ea23dec s4:torture/rpc: let rpc.schannel also check netr_LogonGetCapabilities with different levels via 6e87858185f netlogon.idl: add support for netr_LogonGetCapabilities response level 2 via 1809843614b CVE-2023-34968: mdssvc: return a fake share path via cecd415a0ab CVE-2023-34968: mdscli: return share relative paths via d6b9c5234ff CVE-2023-34968: mdssvc: introduce an allocating wrapper to sl_pack() via 0fdfc85f28a CVE-2023-34968: mdssvc: switch to doing an early return via 34f9f1b37ec CVE-2023-34968: mdssvc: remove response blob allocation via 739f72a0703 CVE-2023-34968: rpcclient: remove response blob allocation via 7bbaa191be6 CVE-2023-34968: smbtorture: remove response blob allocation in mdssvc.c via 82cc2a422db CVE-2023-34968: mdscli: remove response blob allocation via 3636b54616e CVE-2023-34968: mdscli: use correct TALLOC memory context when allocating spotlight_blob via 8c95f7ae6b3 CVE-2023-34968: mdssvc: add missing "kMDSStoreMetaScopes" dict key in slrpc_fetch_properties() via b09e22cfc79 CVE-2023-34968: mdssvc: cache and reuse stat info in struct sl_inode_path_map via 843ec381de3 CVE-2023-34968: lib: Move subdir_of() to source3/lib/util_path.c via 5b4353cc60b CVE-2023-34967: mdssvc: add type checking to dalloc_value_for_key() via 92d014bc44b CVE-2023-34967: CI: add a test for type checking of dalloc_value_for_key() via cb6f3e22024 CVE-2023-34966: mdssvc: harden sl_unpack_loop() via 01cf3cf7a83 CVE-2023-34966: CI: test for sl_unpack_loop() via 2eabbe31f64 CVE-2022-2127: ntlm_auth: cap lanman response length value via 5c6fe5a491b CVE-2022-2127: winbindd: Fix WINBINDD_PAM_AUTH_CRAP length checks via 1dd3ae281b9 CVE-2022-2127: s3:winbind: Move big NTLMv2 blob checks to parent process from 76fc517cc54 VERSION: Bump version up to Samba 4.16.11... https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test - Log - commit 5d5fa9a6c4c46152785b4c3d1a42ae5172ccbf6f Author: Jule Anger Date: Wed Jul 19 16:50:00 2023 +0200 VERSION: Bump version up to Samba 4.16.12... and re-enable GIT_SNAPSHOT. Signed-off-by: Jule Anger --- Summary of changes: VERSION | 2 +- WHATSNEW.txt | 74 +++- librpc/idl/netlogon.idl | 1 + python/samba/tests/blackbox/mdsearch.py | 8 +- python/samba/tests/dcerpc/mdssvc.py | 26 +-- source3/lib/util_path.c | 52 ++ source3/lib/util_path.h | 4 + source3/rpc_client/cli_mdssvc.c | 191 source3/rpc_client/cli_mdssvc_private.h | 4 + source3/rpc_client/cli_mdssvc_util.c | 148 --- source3/rpc_client/cli_mdssvc_util.h | 4 + source3/rpc_server/mdssvc/dalloc.c| 14 +- source3/rpc_server/mdssvc/marshalling.c | 45 +++-- source3/rpc_server/mdssvc/marshalling.h | 9 +- source3/rpc_server/mdssvc/mdssvc.c| 142 ++- source3/rpc_server/mdssvc/mdssvc.h| 7 +- source3/rpc_server/mdssvc/srv_mdssvc_nt.c | 32 ++-- source3/rpc_server/netlogon/srv_netlog_nt.c | 29 ++- source3/rpcclient/cmd_spotlight.c | 48 + source3/utils/ntlm_auth.c | 8 +- source3/winbindd/winbindd_pam.c | 12 -- source3/winbindd/winbindd_pam_auth_crap.c | 23 +++ source4/rpc_server/netlogon/dcerpc_netlogon.c | 28 ++- source4/torture/rpc/mdssvc.c | 250 +++--- source4/torture/rpc/netlogon.c| 77 +++- 25 files changed, 945 insertions(+), 293 deletions(-) Changeset truncated at 500 lines: diff --git a/VERSION b/VERSION index 22fca36686e..ad4024f1e17 100644 --- a/VERSION +++ b/VERSION @@ -25,7 +25,7 @@ SAMBA_VERSION_MAJOR=4 SAMBA_VERSION_MINOR=16 -SAMBA_VERSION_RELEASE=11 +SAMBA_VERSION_RELEASE=12 # If a official release has a serious bug # diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 4ddfe2db83c..2b6da8e411c 100644 ---
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated
via 76fc517cc54 VERSION: Bump version up to Samba 4.16.11...
via 32d0bb89272 VERSION: Disable GIT_SNAPSHOT for the 4.16.10 release.
via 62390bac925 WHATSNEW: Add release notes for Samba 4.16.10.
via 6736fc0cff0 CVE-2023-0922 set default ldap client sasl wrapping to
seal
via 4acabb3c285 CVE-2023-0614 ldb: Release LDB 2.5.3
via 3a38d702397 CVE-2023-0614 lib/ldb-samba Ensure ACLs are evaluated
on SAMBA_LDAP_MATCH_RULE_TRANSITIVE_EVAL / LDAP_MATCHING_RULE_IN_CHAIN
via 19785d023e3 CVE-2023-0614 lib/ldb-samba: Add test for
SAMBA_LDAP_MATCH_RULE_TRANSITIVE_EVAL / LDAP_MATCHING_RULE_IN_CHAIN with and
ACL hidden attributes
via 979997992a4 CVE-2023-0614 dsdb: Add pre-cleanup and
self.addCleanup() of OU created in match_rules tests
via c64b48b2b26 CVE-2023-0614 dsdb: Add DSDB_MARK_REQ_UNTRUSTED
via 1cfaa078ffc CVE-2023-0614 s4-dsdb: Treat confidential attributes as
unindexed
via a74571b49f5 CVE-2023-0614 ldb: Filter on search base before
redacting message
via d60683e5e9d CVE-2023-0614 ldb: Centralise checking for inaccessible
matches
via 58b4a0e3eb7 CVE-2023-0614 ldb: Use binary search to check whether
attribute is secret
via 353d3df3dd5 CVE-2023-0614 s4-acl: Avoid calling
dsdb_module_am_system() if we can help it
via 9447c4e81e0 CVE-2023-0614 ldb: Prevent disclosure of confidential
attributes
via 134c659d402 CVE-2023-0614 s4-acl: Split out function to set up
access checking variables
via e46739cb897 CVE-2023-0614 s4-dsdb: Add samdb_result_dom_sid_buf()
via 95be170f997 CVE-2023-0614 s4-acl: Split out logic to remove access
checking attributes
via 0b0d8a8ece6 CVE-2023-0614 ldb: Add ldb_parse_tree_get_attr()
via 1c9736510f3 CVE-2023-0614 tests/krb5: Add test for confidential
attributes timing differences
via e3b8d0a650b CVE-2023-0614 schema_samba4.ldif: Allocate previously
added OID
via f8a674088ac schema_samba4.ldif: Allocate previously added OIDs
via a4193a79035 CVE-2023-0614 s4:dsdb:tests: Fix search in
confidential attributes test
via d096cd4ed92 CVE-2023-0614 s4:dsdb/extended_dn_in: Don't modify a
search tree we don't own
via 4bbdd6709bf CVE-2023-0614 ldb: Make use of
ldb_filter_attrs_in_place()
via 4addeaaf5da CVE-2023-0614 ldb: Make ldb_filter_attrs_in_place()
work in place
via 7c2d0e0a06e CVE-2023-0614 ldb: Add function to filter message in
place
via 7982090641e CVE-2023-0614 ldb: Add function to add
distinguishedName to message
via 873d4e465f3 CVE-2023-0614 ldb: Add function to remove excess
capacity from an ldb message
via 891ffeaf99d CVE-2023-0614 ldb: Add function to take ownership of an
ldb message
via 6519d1d8fa1 CVE-2023-0614 ldb:tests: Ensure all tests are accounted
for
via 7153af801e5 CVE-2023-0614 ldb:tests: Ensure ldb_val data is
zero-terminated
via c3419c288c6 CVE-2023-0614 s4-acl: Use ldb functions for handling
inaccessible message elements
via 0f8a3344501 CVE-2023-0614 ldb: Add functions for handling
inaccessible message elements
via 9469c41895a CVE-2023-0614 s4-acl: Make some parameters const
via c91b81ecc92 CVE-2023-0614 s4:dsdb: Use talloc_get_type_abort() more
consistently
via 26b79d2749b CVE-2023-0614 libcli/security: Make some parameters
const
via 8712a2dc972 CVE-2023-0614 dsdb: Alter timeout test in large_ldap.py
to be slower by matching on large objects
via bf7b9d9d5e4 CVE-2023-0614 selftest: Use setUpClass() to reduce
"make test TESTS=large_ldap" time
via ae3d2737949 CVE-2023-0614 lib/ldb: Avoid allocation and memcpy()
for every wildcard match candidate
from f2461834bbc VERSION: Bump version up to Samba 4.16.10...
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test
- Log -
commit 76fc517cc547a55586e22beffc17e0e17d7b0482
Author: Jule Anger
Date: Wed Mar 29 16:33:02 2023 +0200
VERSION: Bump version up to Samba 4.16.11...
and re-enable GIT_SNAPSHOT.
Signed-off-by: Jule Anger
---
Summary of changes:
VERSION|2 +-
WHATSNEW.txt | 63 +-
.../smbdotconf/ldap/clientldapsaslwrapping.xml | 27 +-
lib/ldb-samba/ldb_matching_rules.c | 17 +-
lib/ldb-samba/tests/match_rules.py | 135 +--
lib/ldb-samba/tests/match_rules_remote.py | 104 ++
lib/ldb/ABI/{ldb-2.5.2.sigs => ldb-2.5.3.sigs} | 10 +
...pyldb-util-2.1.0.sigs => pyldb-util-2.5.3.sigs} |0
lib/ldb/common/ldb_match.c | 111 ++-
lib/ldb/common/ldb_msg.c | 42 +
lib/ldb/common/ldb_pack.c
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated via f2461834bbc VERSION: Bump version up to Samba 4.16.10... via 63f92a37f02 VERSION: Disable GIT_SNAPSHOT for the 4.16.9 release. via f50ab3415cb WHATSNEW: Add release notes for Samba 4.16.9. from 2b1d412f552 mdssvc: fix kMDScopeArray parsing https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test - Log - commit f2461834bbc5266fe48fd32bd3aa14bd721604da Author: Jule Anger Date: Thu Feb 16 17:30:41 2023 +0100 VERSION: Bump version up to Samba 4.16.10... and re-enable GIT_SNAPSHOT. Signed-off-by: Jule Anger commit 63f92a37f026647afc324bb718fa24d0a989e903 Author: Jule Anger Date: Thu Feb 16 17:30:12 2023 +0100 VERSION: Disable GIT_SNAPSHOT for the 4.16.9 release. Signed-off-by: Jule Anger commit f50ab3415cb67b0ba9872ae8fbb56ae3473babe1 Author: Jule Anger Date: Thu Feb 16 17:28:06 2023 +0100 WHATSNEW: Add release notes for Samba 4.16.9. Signed-off-by: Jule Anger --- Summary of changes: VERSION | 2 +- WHATSNEW.txt | 79 ++-- 2 files changed, 78 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/VERSION b/VERSION index 1109ccfc4e4..0cac5f9d6ab 100644 --- a/VERSION +++ b/VERSION @@ -25,7 +25,7 @@ SAMBA_VERSION_MAJOR=4 SAMBA_VERSION_MINOR=16 -SAMBA_VERSION_RELEASE=9 +SAMBA_VERSION_RELEASE=10 # If a official release has a serious bug # diff --git a/WHATSNEW.txt b/WHATSNEW.txt index c2aeab4afbe..b5b57e856d9 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,3 +1,79 @@ + == + Release Notes for Samba 4.16.9 + February 16, 2023 + == + + +This is the latest stable release of the Samba 4.16 release series. + + +Changes since 4.16.8 + + +o Jeremy Allison + * BUG 14808: smbc_getxattr() return value is incorrect. + * BUG 15172: Compound SMB2 FLUSH+CLOSE requests from MacOSX are not handled + correctly. + * BUG 15210: synthetic_pathref AFP_AfpInfo failed errors. + * BUG 15226: samba-tool gpo listall fails IPv6 only - finddcs() fails to find + DC when there is only an record for the DC in DNS. + * BUG 15236: smbd crashes if an FSCTL request is done on a stream handle. + +o Ralph Boehme + * BUG 15299: Spotlight doesn't work with latest macOS Ventura. + +o Samuel Cabrero + * BUG 15240: CVE-2022-38023 [SECURITY] Samba should refuse RC4 (aka md5) + based SChannel on NETLOGON. + +o Volker Lendecke + * BUG 15243: %U for include directive doesn't work for share listing + (netshareenum). + * BUG 15266: Shares missing from netshareenum response in samba 4.17.4. + * BUG 15269: ctdb: use-after-free in run_proc. + +o Stefan Metzmacher + * BUG 15243: %U for include directive doesn't work for share listing + (netshareenum). + * BUG 15266: Shares missing from netshareenum response in samba 4.17.4. + * BUG 15280: irpc_destructor may crash during shutdown. + * BUG 15286: auth3_generate_session_info_pac leaks wbcAuthUserInfo. + +o Andreas Schneider + * BUG 15268: smbclient segfaults with use after free on an optimized build. + +o Andrew Walker + * BUG 15164: Leak in wbcCtxPingDc2. + * BUG 15265: Access based share enum does not work in Samba 4.16+. + * BUG 15267: Crash during share enumeration. + * BUG 15271: rep_listxattr on FreeBSD does not properly check for reads off + end of returned buffer. + + +### +Reporting bugs & Development Discussion +### + +Please discuss this release on the samba-technical mailing list or by +joining the #samba-technical:matrix.org matrix room, or +#samba-technical IRC channel on irc.libera.chat. + + +If you do report problems then please try to send high quality +feedback. If you don't provide vital information to help us track down +the problem then you will probably be ignored. All bug reports should +be filed under the Samba 4.1 and newer product in the project's Bugzilla +database (https://bugzilla.samba.org/). + + +== +== Our Code, Our Bugs, Our Responsibility. +== The Samba Team +== + + +Release notes for older releases follow: + == Release Notes for Samba 4.16.8 December 15, 2022 @@ -145,8 +221,7 @@ database (https://bugzilla.samba.org/).
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated
via 2b1d412f552 mdssvc: fix kMDScopeArray parsing
from eddd14cedbf lib/replace - add extra check to bsd_attr_list
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test
- Log -
commit 2b1d412f552c7724dc2464793ad60e0108443436
Author: Ralph Boehme
Date: Wed Jan 18 16:21:16 2023 +0100
mdssvc: fix kMDScopeArray parsing
In macOS Ventura marshalling of kMDScopeArray in the "openQueryWithParams"
request has changed from
string: kMDScopeArray
sl_array_t(#1): {
string: /foo/bar
}
to:
string: kMDScopeArray
sl_array_t(#1): {
sl_array_t(#1): {
string: /foo/bar
}
}
With this patch we check both encodings. Bug fixed according to user
feedback.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15299
RN: Spotlight doesn't work with latest macOS Ventura
Signed-off-by: Ralph Boehme
Reviewed-by: Jeremy Allison
(cherry picked from commit 1dd0cd2f4e644ad43b0e7ee2aaae19799e859585)
Autobuild-User(v4-16-test): Jule Anger
Autobuild-Date(v4-16-test): Fri Feb 10 12:15:02 UTC 2023 on sn-devel-184
---
Summary of changes:
source3/rpc_server/mdssvc/mdssvc.c | 6 ++
1 file changed, 6 insertions(+)
Changeset truncated at 500 lines:
diff --git a/source3/rpc_server/mdssvc/mdssvc.c
b/source3/rpc_server/mdssvc/mdssvc.c
index a4b082b3274..4f1629b2b4d 100644
--- a/source3/rpc_server/mdssvc/mdssvc.c
+++ b/source3/rpc_server/mdssvc/mdssvc.c
@@ -932,6 +932,12 @@ static bool slrpc_open_query(struct mds_ctx *mds_ctx,
scope = dalloc_get(path_scope, "char *", 0);
if (scope == NULL) {
+ scope = dalloc_get(path_scope,
+ "DALLOC_CTX", 0,
+ "char *", 0);
+ }
+ if (scope == NULL) {
+ DBG_ERR("Failed to parse kMDScopeArray\n");
goto error;
}
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated via eddd14cedbf lib/replace - add extra check to bsd_attr_list via 11896049957 s3: smbd: Always use metadata_fsp() when processing fsctls. via c6733cbe872 s3: smbd: Add test to show smbd crashes when doing an FSCTL on a named stream handle. via 44ec3e4f292 s3:auth: call wbcFreeMemory(info) in auth3_generate_session_info_pac() via 02e56ac1bb5 CVE-2022-38023 s3:rpc_server/netlogon: Avoid unnecessary loadparm_context allocations via 3e7bbe047fe CVE-2022-38023 docs-xml/smbdotconf: The "server schannel require seal[:COMPUTERACCOUNT]" options are also honoured by s3 netlogon server. via 55900577757 CVE-2022-38023 s3:rpc_server/netlogon: Check for global "server schannel require seal" via 7f4f9a3277b CVE-2022-38023 s3:rpc_server/netlogon: make sure all _netr_LogonSamLogon*() calls go through dcesrv_netr_check_schannel() via 080ff2cd284 CVE-2022-38023 s3:rpc_server/netlogon: Use dcesrv_netr_creds_server_step_check() via 0d27e4b4598 CVE-2022-38023 s4:rpc_server/netlogon: Move schannel and credentials check functions to librpc via 538dcc38faa CVE-2022-38023 s4:rpc_server:wscript: Reformat following pycodestyle via 71b22920a6c CVE-2022-38023 selftest:Samba3: avoid global 'server schannel = auto' via cc787d0becb CVE-2022-38023 s3:rpc_server/netlogon: 'server schannel != yes' warning to dcesrv_interface_netlogon_bind from 7b49569afcb s4: libcli: Ignore errors when getting A records after fetching records. https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test - Log - commit eddd14cedbf6cc0a8c32f0e00e138c94aa941541 Author: Andrew Walker Date: Tue Dec 27 10:59:14 2022 -0500 lib/replace - add extra check to bsd_attr_list The FreeBSD extattr API may return success and truncated namelist. We need to check for this in bsd_attr_list to ensure that we don't accidentally read off the end of the buffer. In the case of a truncated value, the pascal strings for attr names will reflect the lengths as if the value were not truncated. For example: `58DosStrea` In case of short read we now set error to ERANGE and fail. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15271 Signed-off-by: Andrew Walker Reviewed-by: Ralph Boehme Autobuild-User(master): Ralph Böhme Autobuild-Date(master): Mon Jan 2 14:27:23 UTC 2023 on sn-devel-184 (cherry picked from commit 01cdc5e00be78a51f0766634cc7fe50de2088203) Autobuild-User(v4-16-test): Jule Anger Autobuild-Date(v4-16-test): Mon Jan 23 10:59:28 UTC 2023 on sn-devel-184 commit 1189604995793b1b5345ffad570688388f9248a8 Author: Jeremy Allison Date: Thu Nov 10 14:43:15 2022 -0800 s3: smbd: Always use metadata_fsp() when processing fsctls. Currently all fsctls we implement need the base fsp, not an alternate data stream fsp. We may revisit this later if we implement fsctls that operate on an ADS. Remove knownfail. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15236 Signed-off-by: Jeremy Allison Reviewed-by: Andrew Walker Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Mon Nov 14 18:13:31 UTC 2022 on sn-devel-184 (cherry picked from commit fa4eba131b882c3858b28f5fd9864998e19a4510) commit c6733cbe872d07825033b084a0f0cb9240459872 Author: Jeremy Allison Date: Thu Nov 10 14:41:15 2022 -0800 s3: smbd: Add test to show smbd crashes when doing an FSCTL on a named stream handle. Add knownfail. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15236 Signed-off-by: Andrew Walker Reviewed-by: Jeremy Allison (back-ported from commit abc4495e4591964bb4625c2669a1f84213faab77) commit 44ec3e4f29208406ae6f73416b092d8754adfb0b Author: Stefan Metzmacher Date: Thu Dec 16 18:24:16 2021 +0100 s3:auth: call wbcFreeMemory(info) in auth3_generate_session_info_pac() BUG: https://bugzilla.samba.org/show_bug.cgi?id=15286 Signed-off-by: Stefan Metzmacher Reviewed-by: Jeremy Allison (cherry picked from commit e27084f5d8c3a151c5d0b266118f0d71b641dc85) commit 02e56ac1bb5c97e10b57c76c0f14fc9b3b06779d Author: Samuel Cabrero Date: Thu Dec 22 16:32:40 2022 +0100 CVE-2022-38023 s3:rpc_server/netlogon: Avoid unnecessary loadparm_context allocations After s3 and s4 rpc servers merge the loadparm_context is available in the dcesrv_context structure. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15240 Signed-off-by: Samuel Cabrero Reviewed-by: Andreas Schneider Autobuild-User(master): Andreas Schneider Autobuild-Date(master): Mon Jan 9 15:17:14 UTC 2023 on sn-devel-184 (cherry picked from commit 56837f3d3169a02d0d92bd085d9c8250415ce29b) commit
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated via 7b49569afcb s4: libcli: Ignore errors when getting A records after fetching records. via 627a9886da8 s3: smbd: In synthetic_pathref() change DBG_ERR -> DBG_NOTICE to avoid spamming the logs. via e5e39bbc77f s3: smbd: Cause SMB2_OP_FLUSH to go synchronous in a compound anywhere but the last operation in the list. via bfadcc893e6 s3: smbd: Add utility function smbd_smb2_is_last_in_compound(). via 9b357c947fd s4: torture: Add an async SMB2_OP_FLUSH + SMB2_OP_FLUSH test to smb2.compound_async. via c9ed55b39ef s4: torture: Add an async SMB2_OP_FLUSH + SMB2_OP_CLOSE test to smb2.compound_async. via d7bcdfa6b88 nsswitch:libwbclient - fix leak in wbcCtxPingDc2 via 113536e0d73 s3: libsmbclient: Fix smbc_getxattr() to return 0 on success. via 628a1c33827 s4: torture: Show return value for smbc_getxattr() is incorrect (returns >0 for success, should return zero). from a1fa2c18e56 s4:lib/messaging: fix interaction between imessaging_context_destructor and irpc_destructor https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test - Log - commit 7b49569afcb968a5ac4b4fdd96480bb7b8ab01b7 Author: Jeremy Allison Date: Tue Nov 8 10:13:18 2022 -0800 s4: libcli: Ignore errors when getting A records after fetching records. The target may only be available over IPv6. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15226 Signed-off-by: Jeremy Allison Reviewed-by: Stefan Metzmacher Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Wed Nov 9 20:34:07 UTC 2022 on sn-devel-184 (cherry picked from commit 10537a89bb0b461ba31d614b7c9ed56a842422e7) Autobuild-User(v4-16-test): Jule Anger Autobuild-Date(v4-16-test): Mon Jan 16 10:47:49 UTC 2023 on sn-devel-184 commit 627a9886da8fa8c2dbd0aa4cf273a5ebc70879ed Author: Jeremy Allison Date: Tue Nov 15 13:29:46 2022 -0800 s3: smbd: In synthetic_pathref() change DBG_ERR -> DBG_NOTICE to avoid spamming the logs. Can easily be seen by doing make test TESTS=fruit and looking in st/nt4_dc/smbd_test.log. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15210 Signed-off-by: Jeremy Allison Reviewed-by: Ralph Boehme Autobuild-User(master): Ralph Böhme Autobuild-Date(master): Wed Nov 16 06:00:56 UTC 2022 on sn-devel-184 (cherry picked from commit f0ca9546102acf09f1834c03f8907ed26bfc80f8) commit e5e39bbc77f5f842b69f0789f3dbfa58bfbdd010 Author: Jeremy Allison Date: Thu Oct 20 15:19:05 2022 -0700 s3: smbd: Cause SMB2_OP_FLUSH to go synchronous in a compound anywhere but the last operation in the list. Async read and write go synchronous in the same case, so do the same here. Remove knownfail. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15172 Signed-off-by: Jeremy Allison Reviewed-by: Ralph Boehme Autobuild-User(master): Ralph Böhme Autobuild-Date(master): Thu Nov 17 05:55:42 UTC 2022 on sn-devel-184 (cherry picked from commit 26adf3344337f4e8d5d2107e6ba42e5ea7656372) commit bfadcc893e6ff2cd7f34896a194e7029fd6a76f5 Author: Jeremy Allison Date: Thu Oct 20 15:08:14 2022 -0700 s3: smbd: Add utility function smbd_smb2_is_last_in_compound(). Not yet used. Returns true if we're processing the last SMB2 request in a compound. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15172 Signed-off-by: Jeremy Allison Reviewed-by: Ralph Boehme (cherry picked from commit e668c3a82cd566b405c976d45659dd79786948de) commit 9b357c947fd6c36779f49dc37f9c81392c9c81fb Author: Jeremy Allison Date: Thu Oct 20 14:22:25 2022 -0700 s4: torture: Add an async SMB2_OP_FLUSH + SMB2_OP_FLUSH test to smb2.compound_async. Shows we fail sending an SMB2_OP_FLUSH + SMB2_OP_FLUSH compound if we immediately close the file afterward. Internally the flushes go async and we free the req, then we process the close. When the flushes complete they try to access already freed data. Extra test which will allow me to test when the final component (flush) of the compound goes async and returns NT_STATUS_PENDING. Add knownfail. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15172 Signed-off-by: Jeremy Allison Reviewed-by: Ralph Boehme (cherry picked from commit 6f149dfd9d8d2619a9e18975ebcf5e69df2b7766) commit c9ed55b39efc7638b898db6df8352b10950c6c93 Author: Jeremy Allison Date: Tue Oct 18 16:22:33 2022 -0700 s4: torture: Add an async SMB2_OP_FLUSH + SMB2_OP_CLOSE test to smb2.compound_async. Shows we fail sending an SMB2_OP_FLUSH + SMB2_OP_CLOSE compound. Internally the flush goes async and we free the req, then we process the close. When the
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated
via a1fa2c18e56 s4:lib/messaging: fix interaction between
imessaging_context_destructor and irpc_destructor
via 6434e2df11e s3:rpc_server/srvsvc: make sure we (re-)load all shares
as root.
via ccb8abb0e72 selftest: add samba3.blackbox.registry_share
via cf2643e0209 testprogs: Add testit_grep_count() helper
via 6c5bc77653f testprogs: Reformat subunit.sh
from 78848f21a3e s3:client: Fix a use-after-free issue in smbclient
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test
- Log -
commit a1fa2c18e566c8bfd670365ec2d875ad62648d77
Author: Stefan Metzmacher
Date: Sat Dec 31 01:24:57 2022 +0100
s4:lib/messaging: fix interaction between imessaging_context_destructor and
irpc_destructor
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15280
Signed-off-by: Stefan Metzmacher
Reviewed-by: Ralph Boehme
(cherry picked from commit 0d096931196524a2d1bf59470bc629dc9231131e)
Autobuild-User(v4-16-test): Jule Anger
Autobuild-Date(v4-16-test): Fri Jan 13 10:31:22 UTC 2023 on sn-devel-184
commit 6434e2df11e7b5ee1d3dc11f35575808a1e6b50a
Author: Stefan Metzmacher
Date: Wed Dec 28 13:50:45 2022 +0100
s3:rpc_server/srvsvc: make sure we (re-)load all shares as root.
This fixes a regression in commit f03665bb7e8ea97699062630f2aa1bac4c5dfc7f
The use of reload_services() has a lot of side effects, e.g. reopen of
log files and other things, which are only useful in smbd, but not in
rpcd_classic.
It was also unloading the user and registry shares we loaded a few lines
above.
We need to do all (re-)loading as root, otherwise we won't be able
to read root only smb.conf files, access registry shares, ...
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15243
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15266
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andrew Walker
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Thu Dec 29 21:14:02 UTC 2022 on sn-devel-184
(cherry picked from commit f28553105be7465026bcc0fcbbed6a1a8c2133dd)
commit ccb8abb0e727941cb0b22cc55b2190644df81396
Author: Stefan Metzmacher
Date: Wed Dec 28 16:18:40 2022 +0100
selftest: add samba3.blackbox.registry_share
This demonstrates the regression introduced by
f03665bb7e8ea97699062630f2aa1bac4c5dfc7f, where
registry shares are no longer listed.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15243
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15266
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andrew Walker
(cherry picked from commit a00c7395fbc7974a61a70ae54ea6ae6349933de2)
commit cf2643e0209a080801daa6feb00a21a9bd5825b7
Author: Volker Lendecke
Date: Wed Nov 9 14:04:23 2022 +0100
testprogs: Add testit_grep_count() helper
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
(cherry picked from commit 55feb593012fc5b24e795a00081666fca740429c)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15243
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15266
commit 6c5bc77653f27d2c3edb5248b81d4192b01fe644
Author: Andreas Schneider
Date: Fri Apr 22 15:46:04 2022 +0200
testprogs: Reformat subunit.sh
shfmt -w -p -i 0 -fn testprogs/blackbox/subunit.sh
Signed-off-by: Andreas Schneider
Reviewed-by: Pavel Filipenský
(cherry picked from commit 561e9256551ae3fe1d6ff4974884714d69d91898)
---
Summary of changes:
selftest/target/Samba3.pm | 30 ++
source3/rpc_server/srvsvc/srv_srvsvc_nt.c | 28 +++---
source3/script/tests/test_registry_share.sh | 39
source3/selftest/tests.py | 5 +
source4/lib/messaging/messaging.c | 13 +++
source4/lib/messaging/messaging_internal.h | 3 +
testprogs/blackbox/subunit.sh | 144 ++--
7 files changed, 197 insertions(+), 65 deletions(-)
create mode 100755 source3/script/tests/test_registry_share.sh
Changeset truncated at 500 lines:
diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm
index 0b720a68927..cb17408e398 100755
--- a/selftest/target/Samba3.pm
+++ b/selftest/target/Samba3.pm
@@ -529,6 +529,36 @@ sub setup_clusteredmember
return undef;
}
+ my $registry_share_template =
"$node_ret->{SERVERCONFFILE}.registry_share_template";
+ unless (open(REGISTRYCONF, ">$registry_share_template")) {
+ warn("Unable to open $registry_share_template");
+ teardown_env($self, $node_ret);
+ teardown_env($self, $ctdb_data);
+ return undef;
+ }
+
+
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated via 78848f21a3e s3:client: Fix a use-after-free issue in smbclient via eeeb1a476f6 s3:script: Improve test_chdir_cache.sh via 4f9430f1260 s3:tests: Reformat test_chdir_cache.sh via 810ae90aa6c s3:params:lp_do_section - protect against NULL deref via b9d02e857b2 rpc_server:srvsvc - retrieve share ACL via root context via 104fcaa89f8 ctdb: Fix a use-after-free in run_proc from cb4cbfc83fc VERSION: Bump version up to Samba 4.16.9... https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test - Log - commit 78848f21a3ecefdc6689c2794b166981eb517205 Author: Andreas Schneider Date: Thu Dec 22 10:31:11 2022 +0100 s3:client: Fix a use-after-free issue in smbclient Detected by make test TESTS="samba3.blackbox.chdir-cache" with an optimized build or with AddressSanitizer. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15268 Signed-off-by: Andreas Schneider Reviewed-by: Ralph Boehme (cherry picked from commit 9c707b4be27e2a6f79886d3ec8b5066c922b99bd) Autobuild-User(v4-16-test): Jule Anger Autobuild-Date(v4-16-test): Tue Jan 3 19:19:57 UTC 2023 on sn-devel-184 commit eeeb1a476f60b55f27083cdbe51c540ed4d86cc6 Author: Andreas Schneider Date: Thu Dec 22 10:36:02 2022 +0100 s3:script: Improve test_chdir_cache.sh BUG: https://bugzilla.samba.org/show_bug.cgi?id=15268 Signed-off-by: Andreas Schneider Reviewed-by: Ralph Boehme (cherry picked from commit 0d1961267cd9e8f1158a407c5d135514c363f37e) commit 4f9430f1260b9bd72a4d8f6a0030f6d139331449 Author: Andreas Schneider Date: Fri Apr 22 15:34:08 2022 +0200 s3:tests: Reformat test_chdir_cache.sh shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn Signed-off-by: Andreas Schneider Reviewed-by: Andrew Bartlett commit 810ae90aa6c34694c692015bb9f47f56ada811d2 Author: Andrew Walker Date: Mon Dec 19 08:17:47 2022 -0500 s3:params:lp_do_section - protect against NULL deref iServiceIndex may indicate an empty slot in the ServicePtrs array. In this case, lpcfg_serivce_ok(ServicePtrs[iServiceIndex]) may trigger a NULL deref and crash. Skipping the check here will cause a scan of the array in add_a_service() and the NULL slot will be used safely. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15267 Signed-off-by: Andrew Walker Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Tue Dec 20 18:49:54 UTC 2022 on sn-devel-184 (cherry picked from commit 5b19288949e97a5af742ff2719992d56f21e364a) commit b9d02e857b2cd95a207e06e5c29daa23c45d180d Author: Andrew Date: Fri Dec 16 08:16:10 2022 -0800 rpc_server:srvsvc - retrieve share ACL via root context share_info.tdb has permissions of 0o600 and so we need to become_root() prior to retrieving the security info. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15265 Signed-off-by: Andrew Walker Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Mon Dec 19 20:41:15 UTC 2022 on sn-devel-184 (cherry picked from commit 80c0b416892bfacc0d919fe032461748d7962f05) commit 104fcaa89f81d1a66735c1b85830e2e85460d1e0 Author: Volker Lendecke Date: Fri Sep 30 17:02:41 2022 +0200 ctdb: Fix a use-after-free in run_proc If you happen to talloc_free(run_ctx) before all the tevent_req's hanging off it, you run into the following: ==495196== Invalid read of size 8 ==495196==at 0x10D757: run_proc_state_destructor (run_proc.c:413) ==495196==by 0x488F736: _tc_free_internal (talloc.c:1158) ==495196==by 0x488FBDD: _talloc_free_internal (talloc.c:1248) ==495196==by 0x4890F41: _talloc_free (talloc.c:1792) ==495196==by 0x48538B1: tevent_req_received (tevent_req.c:293) ==495196==by 0x4853429: tevent_req_destructor (tevent_req.c:129) ==495196==by 0x488F736: _tc_free_internal (talloc.c:1158) ==495196==by 0x4890AF6: _tc_free_children_internal (talloc.c:1669) ==495196==by 0x488F967: _tc_free_internal (talloc.c:1184) ==495196==by 0x488FBDD: _talloc_free_internal (talloc.c:1248) ==495196==by 0x4890F41: _talloc_free (talloc.c:1792) ==495196==by 0x10DE62: main (run_proc_test.c:86) ==495196== Address 0x55b77f8 is 152 bytes inside a block of size 160 free'd ==495196==at 0x48399AB: free (vg_replace_malloc.c:538) ==495196==by 0x488FB25: _tc_free_internal (talloc.c:1222) ==495196==by 0x488FBDD: _talloc_free_internal (talloc.c:1248) ==495196==by 0x4890F41: _talloc_free (talloc.c:1792) ==495196==by 0x10D315: run_proc_context_destructor (run_proc.c:329) ==495196==by 0x488F736:
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated via cb4cbfc83fc VERSION: Bump version up to Samba 4.16.9... via 6cc6e233b5c VERSION: Disable GIT_SNAPSHOT for the 4.16.8 release. via 64d7270f282 WHATSNEW: Add release notes for Samba 4.16.8. from d5a8e41313d CVE-2022-37966 python:/tests/krb5: call sys.path.insert(0, "bin/python") before any other imports https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test - Log - commit cb4cbfc83fc6b69a4e47f382aac3e66d1bb851d1 Author: Jule Anger Date: Thu Dec 15 17:04:23 2022 +0100 VERSION: Bump version up to Samba 4.16.9... and re-enable GIT_SNAPSHOT. Signed-off-by: Jule Anger commit 6cc6e233b5ceb2a579400f020b61c67ca7bbeb78 Author: Jule Anger Date: Thu Dec 15 17:03:50 2022 +0100 VERSION: Disable GIT_SNAPSHOT for the 4.16.8 release. Signed-off-by: Jule Anger commit 64d7270f282ffaa64d8f016b00f46cd4ac827020 Author: Jule Anger Date: Thu Dec 15 17:03:15 2022 +0100 WHATSNEW: Add release notes for Samba 4.16.8. Signed-off-by: Jule Anger --- Summary of changes: VERSION | 2 +- WHATSNEW.txt | 152 ++- 2 files changed, 151 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/VERSION b/VERSION index f277d2b2850..1109ccfc4e4 100644 --- a/VERSION +++ b/VERSION @@ -25,7 +25,7 @@ SAMBA_VERSION_MAJOR=4 SAMBA_VERSION_MINOR=16 -SAMBA_VERSION_RELEASE=8 +SAMBA_VERSION_RELEASE=9 # If a official release has a serious bug # diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 4f085269066..c2aeab4afbe 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,3 +1,152 @@ + == + Release Notes for Samba 4.16.8 + December 15, 2022 + == + + +This is the latest stable release of the Samba 4.16 release series. +It also contains security changes in order to address the following defects + +o CVE-2022-37966: This is the Samba CVE for the Windows Kerberos + RC4-HMAC Elevation of Privilege Vulnerability + disclosed by Microsoft on Nov 8 2022. + + A Samba Active Directory DC will issue weak rc4-hmac + session keys for use between modern clients and servers + despite all modern Kerberos implementations supporting + the aes256-cts-hmac-sha1-96 cipher. + + On Samba Active Directory DCs and members + 'kerberos encryption types = legacy' would force + rc4-hmac as a client even if the server supports + aes128-cts-hmac-sha1-96 and/or aes256-cts-hmac-sha1-96. + + https://www.samba.org/samba/security/CVE-2022-37966.html + +o CVE-2022-37967: This is the Samba CVE for the Windows + Kerberos Elevation of Privilege Vulnerability + disclosed by Microsoft on Nov 8 2022. + + A service account with the special constrained + delegation permission could forge a more powerful + ticket than the one it was presented with. + + https://www.samba.org/samba/security/CVE-2022-37967.html + +o CVE-2022-38023: The "RC4" protection of the NetLogon Secure channel uses the + same algorithms as rc4-hmac cryptography in Kerberos, + and so must also be assumed to be weak. + + https://www.samba.org/samba/security/CVE-2022-38023.html + +Note that there are several important behavior changes +included in this release, which may cause compatibility problems +interacting with system still expecting the former behavior. +Please read the advisories of CVE-2022-37966, +CVE-2022-37967 and CVE-2022-38023 carefully! + +samba-tool got a new 'domain trust modify' subcommand +- + +This allows "msDS-SupportedEncryptionTypes" to be changed +on trustedDomain objects. Even against remote DCs (including Windows) +using the --local-dc-ipaddress= (and other --local-dc-* options). +See 'samba-tool domain trust modify --help' for further details. + +smb.conf changes + + + Parameter Name Description Default + -- --- --- + allow nt4 crypto Deprecated no + allow nt4 crypto:COMPUTERACCOUNT New + kdc default domain supported enctypesNew (see manpage) + kdc supported enctypes New (see manpage) + kdc force
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated
via d5a8e41313d CVE-2022-37966 python:/tests/krb5: call
sys.path.insert(0, "bin/python") before any other imports
via 160e566d590 CVE-2022-37966 samba-tool: add 'domain trust modify'
command
via cdc71cfd273 CVE-2022-37966 s4:kdc: apply restrictions of "kdc
supported enctypes"
via 4477651a0de CVE-2022-37966 param: Add support for new option "kdc
supported enctypes"
via be57176c3ab CVE-2022-37966 param: let "kdc default domain
supportedenctypes = 0" mean the default
via e7d3998bcc8 CVE-2022-37966 param: don't explicitly initialize "kdc
force enable rc4 weak session keys" to false/"no"
via 906dbd0a4bd CVE-2022-37966 s4:kdc: announce PA-SUPPORTED-ETYPES
like windows.
via c8afae7869a CVE-2022-37966 python:tests/krb5: test much more etype
combinations
via 8e6d2953ba1 CVE-2022-37966 python:tests/krb5: add better
PADATA_SUPPORTED_ETYPES assert message
via f4dc5721be3 CVE-2022-37966 python:tests/krb5: add 'force_nt4_hash'
for account creation of KDCBaseTest
via aeb7c646bb0 CVE-2022-37966 python:tests/krb5: ignore empty
supplementalCredentials attributes
via b20acd876c8 CVE-2022-37966 python:tests/krb5: allow
ticket/supported_etypes to be passed KdcTgsBaseTests._{as,tgs}_req()
via 3ea9946f652 CVE-2022-37966 python:tests/krb5: fix some tests
running against Windows 2022
via dd69e432ee8 CVE-2022-37966 s4:libnet: allow python bindings to
force setting an nthash via SAMR level 18
via 55476d01ffc CVE-2022-37966 s4:libnet: add support
LIBNET_SET_PASSWORD_SAMR_HANDLE_18 to set nthash only
via f11edc1741e CVE-2022-37966 s4:libnet: initialize
libnet_SetPassword() arguments explicitly to zero by default.
via b40b03d0601 CVE-2022-37966 drsuapi.idl: add trustedDomain related
ATTID values
via ec1a2225a0f CVE-2022-37966 s4:kdc: use the strongest possible keys
via 679904dc0df CVE-2022-37966 s4:pydsdb: add ENC_HMAC_SHA1_96_AES256_SK
via 052cfe5a4a1 CVE-2022-37966 s3:net_ads: let 'net ads enctypes list'
pretty print AES256-SK and RESOURCE-SID-COMPRESSION-DISABLED
via 1d2318ec326 CVE-2022-37966 s3:net_ads: no longer reference des
encryption types
via f8839f39f0a CVE-2022-37966 s3:libnet: no longer reference des
encryption types
via 3e4a521a2aa CVE-2022-37966 s3:libads: no longer reference des
encryption types
via b2201628245 CVE-2022-37966 lib/krb5_wrap: no longer reference des
encryption types
via 0c7af9838fe CVE-2022-37966 s3:net_ads: remove unused ifdef
HAVE_ENCTYPE_AES*
via c0bbcc442b8 CVE-2022-37966 s3:libnet: remove unused ifdef
HAVE_ENCTYPE_AES*
via 836646d4a02 CVE-2022-37966 s3:libads: remove unused ifdef
HAVE_ENCTYPE_AES*
via 911750da81a CVE-2022-37966 lib/krb5_wrap: remove unused ifdef
HAVE_ENCTYPE_AES*
via 8842d0197d1 CVE-2022-37966 system_mitkrb5: require support for aes
enctypes
via 001ed425ea1 CVE-2022-37966 wafsamba: add support for
CHECK_VARIABLE(mandatory=True)
via c13c60ffbf7 CVE-2022-37966 kdc: Assume trust objects support AES by
default
via a836bcf22ce CVE-2022-37966 kdc: Implement new Kerberos session key
behaviour since ENC_HMAC_SHA1_96_AES256_SK was added
via da9da918f75 CVE-2022-37966 selftest: Run S4U tests against FL2003 DC
via f29efb011f6 CVE-2022-37966 selftest: Add tests for Kerberos session
key behaviour since ENC_HMAC_SHA1_96_AES256_SK was added
via 71fcd5366a0 CVE-2022-37966 samba-tool: Declare explicitly RC4
support of trust objects
via b8996509387 CVE-2022-37966 samba-tool: Fix 'domain trust create'
documentation
via 31543f2902e CVE-2022-37966 third_party/heimdal: Fix error message
typo
via 545c20fd321 CVE-2022-37966 param: Add support for new option "kdc
force enable rc4 weak session keys"
via 4c2dc48598d CVE-2022-37966 param: Add support for new option "kdc
default domain supportedenctypes"
via 0601bb94c62 CVE-2022-37967 Add new PAC checksum
via a9c836d0442 CVE-2022-37966 HEIMDAL: Look up the server keys to
combine with clients etype list to select a session key
via 8d208ab0616 CVE-2022-37966 tests/krb5: Add a test requesting
tickets with various encryption types
via 9ed5a352ca1 CVE-2022-37966 tests/krb5: Add 'etypes' parameter to
_tgs_req()
via cc2bea27a64 CVE-2022-37966 tests/krb5: Split out _tgs_req() into
base class
via 2408d405d31 CVE-2022-37966 selftest: Allow krb5 tests to run
against an IP by using the target_hostname binding string
via 91b74c701ac CVE-2022-37966 libcli/auth: let
netlogon_creds_cli_warn_options() about "kerberos encryption types=legacy"
via 12e4e94853f CVE-2022-37966 testparm: warn about 'kerberos
encryption types = legacy'
via 05206c09237 CVE-2022-37966 docs-xml/smbdotconf: "kerberos
encryption types = legacy"
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated
via a1136ed2e05 CVE-2021-20251: s4:auth: fix use after free in
authsam_logon_success_accounting()
from 2736d267aa9 CVE-2022-44640 HEIMDAL: asn1: invalid free in ASN.1
codec
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test
- Log -
commit a1136ed2e05a2adca83a57a0402a165de631be58
Author: Stefan Metzmacher
Date: Mon Nov 7 17:21:44 2022 +0100
CVE-2021-20251: s4:auth: fix use after free in
authsam_logon_success_accounting()
This fixes a use after free problem introduced by
commit 7b8e32efc336fb728e0c7e3dd6fbe2ed54122124,
which has msg = current; which means the lifetime
of the 'msg' memory is no longer in the scope of th
caller.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15253
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andrew Bartlett
(cherry picked from commit 1414269dccfd7cb831889cc92df35920b034457c)
Autobuild-User(v4-16-test): Stefan Metzmacher
Autobuild-Date(v4-16-test): Mon Dec 12 15:52:22 UTC 2022 on sn-devel-184
---
Summary of changes:
source4/auth/ntlm/auth_sam.c | 1 +
source4/auth/ntlm/auth_winbind.c | 2 +-
source4/auth/sam.c | 9 -
source4/auth/tests/sam.c | 24
source4/kdc/hdb-samba4.c | 2 +-
source4/kdc/mit_samba.c | 4 ++--
6 files changed, 25 insertions(+), 17 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/auth/ntlm/auth_sam.c b/source4/auth/ntlm/auth_sam.c
index 9c4790c7c3f..384f98a5b40 100644
--- a/source4/auth/ntlm/auth_sam.c
+++ b/source4/auth/ntlm/auth_sam.c
@@ -589,6 +589,7 @@ static NTSTATUS authsam_authenticate(struct auth4_context
*auth_context,
nt_status = authsam_logon_success_accounting(auth_context->sam_ctx,
msg, domain_dn,
interactive,
+tmp_ctx,
_to_sam);
if (send_to_sam != NULL) {
diff --git a/source4/auth/ntlm/auth_winbind.c b/source4/auth/ntlm/auth_winbind.c
index 6381f87..719d877a170 100644
--- a/source4/auth/ntlm/auth_winbind.c
+++ b/source4/auth/ntlm/auth_winbind.c
@@ -256,7 +256,7 @@ static void winbind_check_password_done(struct tevent_req
*subreq)
ctx->auth_ctx->sam_ctx, msg,
domain_dn,
user_info->flags & USER_INFO_INTERACTIVE_LOGON,
- NULL);
+ NULL, NULL);
if (tevent_req_nterror(req, status)) {
return;
}
diff --git a/source4/auth/sam.c b/source4/auth/sam.c
index 8b575a9bc51..8b8ae319c3f 100644
--- a/source4/auth/sam.c
+++ b/source4/auth/sam.c
@@ -1396,6 +1396,7 @@ NTSTATUS authsam_logon_success_accounting(struct
ldb_context *sam_ctx,
const struct ldb_message *msg,
struct ldb_dn *domain_dn,
bool interactive_or_kerberos,
+ TALLOC_CTX *send_to_sam_mem_ctx,
struct netr_SendToSamBase
**send_to_sam)
{
int ret;
@@ -1612,7 +1613,13 @@ get_transaction:
if (dbBadPwdCount != 0 && send_to_sam != NULL) {
struct netr_SendToSamBase *base_msg;
struct GUID guid = samdb_result_guid(msg, "objectGUID");
- base_msg = talloc_zero(msg, struct netr_SendToSamBase);
+
+ base_msg = talloc_zero(send_to_sam_mem_ctx,
+ struct netr_SendToSamBase);
+ if (base_msg == NULL) {
+ status = NT_STATUS_NO_MEMORY;
+ goto error;
+ }
base_msg->message_type = SendToSamResetBadPasswordCount;
base_msg->message_size = 16;
diff --git a/source4/auth/tests/sam.c b/source4/auth/tests/sam.c
index b39408c3699..e1e2c69b863 100644
--- a/source4/auth/tests/sam.c
+++ b/source4/auth/tests/sam.c
@@ -1446,7 +1446,7 @@ static void test_success_accounting_start_txn_failed(void
**state) {
ldb_transaction_start_ret = LDB_ERR_OPERATIONS_ERROR;
status = authsam_logon_success_accounting(
- ldb, msg, domain_dn, true, NULL);
+ ldb, msg, domain_dn, true, NULL, NULL);
assert_true(NT_STATUS_EQUAL(status, NT_STATUS_INTERNAL_ERROR));
/*
@@ -1502,7 +1502,7 @@
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated
via 2736d267aa9 CVE-2022-44640 HEIMDAL: asn1: invalid free in ASN.1
codec
via d7eccdbb028 CVE-2022-44640 selftest: Exclude Heimdal fuzz-inputs
from source_chars test
from 994464eee20 s3:utils: Fix stack smashing in net offlinejoin
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test
- Log -
commit 2736d267aa9cfd49bd1c9a934d4788a2b9c49809
Author: Nicolas Williams
Date: Wed Mar 10 16:49:04 2021 -0600
CVE-2022-44640 HEIMDAL: asn1: invalid free in ASN.1 codec
Heimdal's ASN.1 compiler generates code that allows specially
crafted DER encodings of CHOICEs to invoke the wrong free function
on the decoded structure upon decode error. This is known to impact
the Heimdal KDC, leading to an invalid free() of an address partly
or wholly under the control of the attacker, in turn leading to a
potential remote code execution (RCE) vulnerability.
This error affects the DER codec for all CHOICE types used in
Heimdal, though not all cases will be exploitable. We have not
completed a thorough analysis of all the Heimdal components
affected, thus the Kerberos client, the X.509 library, and other
parts, may be affected as well.
This bug has been in Heimdal since 2005. It was first reported by
Douglas Bagnall, though it had been found independently by the
Heimdal maintainers via fuzzing a few weeks earlier.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14929
(cherry-picked from Heimdal commit 9c9dac2b169255bad9071eea99fa90b980dde767)
Signed-off-by: Andrew Bartlett
Reviewed-by: Stefan Metzmacher
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Tue Dec 6 13:41:05 UTC 2022 on sn-devel-184
(cherry picked from commit 68fc909a7f4d69c254d34bec85cf8431bcb6e72f)
Autobuild-User(v4-16-test): Stefan Metzmacher
Autobuild-Date(v4-16-test): Tue Dec 6 15:28:49 UTC 2022 on sn-devel-184
commit d7eccdbb0285ee2c1b07377471215692e9c7f3d0
Author: Andrew Bartlett
Date: Tue Dec 6 15:11:05 2022 +1300
CVE-2022-44640 selftest: Exclude Heimdal fuzz-inputs from source_chars test
A new file will shorlty fail as it is binary input
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14929
Signed-off-by: Andrew Bartlett
Reviewed-by: Stefan Metzmacher
(cherry picked from commit 5a02915913a2410904886e186ada90a36492571f)
---
Summary of changes:
python/samba/tests/source_chars.py | 1 +
third_party/heimdal/lib/asn1/fuzz-inputs/KrbFastArmoredReq | Bin 0 -> 55 bytes
third_party/heimdal/lib/asn1/gen_decode.c | 12 ++--
third_party/heimdal/lib/asn1/gen_free.c| 7 +++
third_party/heimdal/lib/asn1/gen_template.c| 1 +
third_party/heimdal/lib/asn1/krb5.asn1 | 1 +
6 files changed, 16 insertions(+), 6 deletions(-)
create mode 100644 third_party/heimdal/lib/asn1/fuzz-inputs/KrbFastArmoredReq
Changeset truncated at 500 lines:
diff --git a/python/samba/tests/source_chars.py
b/python/samba/tests/source_chars.py
index 856a27b0d1a..c0e57cafb42 100644
--- a/python/samba/tests/source_chars.py
+++ b/python/samba/tests/source_chars.py
@@ -70,6 +70,7 @@ IGNORED_RE = (
r'^third_party/heimdal/lib/hx509/data/',
r'^third_party/heimdal/po',
r'^third_party/heimdal/tests/kdc/hdb-mitdb',
+r'^third_party/heimdal/lib/asn1/fuzz-inputs/',
)
IGNORED_EXTENSIONS = {
diff --git a/third_party/heimdal/lib/asn1/fuzz-inputs/KrbFastArmoredReq
b/third_party/heimdal/lib/asn1/fuzz-inputs/KrbFastArmoredReq
new file mode 100644
index 000..21ac3601bcc
Binary files /dev/null and
b/third_party/heimdal/lib/asn1/fuzz-inputs/KrbFastArmoredReq differ
diff --git a/third_party/heimdal/lib/asn1/gen_decode.c
b/third_party/heimdal/lib/asn1/gen_decode.c
index 93d412f6335..fa9d79a8ae5 100644
--- a/third_party/heimdal/lib/asn1/gen_decode.c
+++ b/third_party/heimdal/lib/asn1/gen_decode.c
@@ -694,14 +694,14 @@ decode_type(const char *name, const Type *t, int
optional, struct value *defval,
classname(cl),
ty ? "CONS" : "PRIM",
valuename(cl, tag));
+ fprintf(codefile,
+ "(%s)->element = %s;\n",
+ name, m->label);
if (asprintf (, "%s(%s)->u.%s", m->optional ? "" : "&",
name, m->gen_name) < 0 || s == NULL)
errx(1, "malloc");
decode_type(s, m->type, m->optional, NULL, forwstr, m->gen_name,
NULL, depth + 1);
- fprintf(codefile,
- "(%s)->element = %s;\n",
- name, m->label);
free(s);
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated
via 994464eee20 s3:utils: Fix stack smashing in net offlinejoin
from 885e3fc12de smbd: reject FILE_ATTRIBUTE_TEMPORARY on directories
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test
- Log -
commit 994464eee20aa6d2bba6f6e780d868d1a058d8bb
Author: Andreas Schneider
Date: Mon Dec 5 11:18:10 2022 +0100
s3:utils: Fix stack smashing in net offlinejoin
Cast from 'uint32_t *' (aka 'unsigned int *') to 'size_t *' (aka
'unsigned long *') increases required alignment from 4 to 8
==10343==ERROR: AddressSanitizer: stack-buffer-overflow on address
0x7ffdc6784fc0 at pc 0x7f339f1ea500 bp 0x7ffdc6784ed0 sp 0x7ffdc6784ec8
WRITE of size 8 at 0x7ffdc6784fc0 thread T0
#0 0x7f339f1ea4ff in fd_load ../../lib/util/util_file.c:220
#1 0x7f339f1ea5a4 in file_load ../../lib/util/util_file.c:245
#2 0x56363209a596 in net_offlinejoin_requestodj
../../source3/utils/net_offlinejoin.c:267
#3 0x56363209a9d0 in net_offlinejoin
../../source3/utils/net_offlinejoin.c:74
#4 0x56363208f61c in net_run_function ../../source3/utils/net_util.c:453
#5 0x563631fe8a9f in main ../../source3/utils/net.c:1358
#6 0x7f339b22c5af in __libc_start_call_main
../sysdeps/nptl/libc_start_call_main.h:58
#7 0x7f339b22c678 in __libc_start_main_impl ../csu/libc-start.c:381
#8 0x563631faf374 in _start ../sysdeps/x86_64/start.S:115
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15257
Signed-off-by: Andreas Schneider
Reviewed-by: Volker Lendecke
(cherry picked from commit ef8c8ac54cdf75ca4333223c1f3e580e31efca92)
Autobuild-User(v4-16-test): Jule Anger
Autobuild-Date(v4-16-test): Tue Dec 6 12:02:00 UTC 2022 on sn-devel-184
---
Summary of changes:
source3/utils/net_offlinejoin.c | 11 ---
1 file changed, 8 insertions(+), 3 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/utils/net_offlinejoin.c b/source3/utils/net_offlinejoin.c
index ef56ba9fce8..03e5df0eace 100644
--- a/source3/utils/net_offlinejoin.c
+++ b/source3/utils/net_offlinejoin.c
@@ -237,7 +237,7 @@ int net_offlinejoin_requestodj(struct net_context *c,
{
NET_API_STATUS status;
uint8_t *provision_bin_data = NULL;
- uint32_t provision_bin_data_size = 0;
+ size_t provision_bin_data_size = 0;
uint32_t options = NETSETUP_PROVISION_ONLINE_CALLER;
const char *loadfile = NULL;
const char *windows_path = NULL;
@@ -264,12 +264,17 @@ int net_offlinejoin_requestodj(struct net_context *c,
#endif
}
- provision_bin_data = (uint8_t *)file_load(loadfile,
- (size_t *)_bin_data_size, 0, c);
+ provision_bin_data =
+ (uint8_t *)file_load(loadfile, _bin_data_size, 0, c);
if (provision_bin_data == NULL) {
d_printf("Failed to read loadfile: %s\n", loadfile);
return -1;
}
+ if (provision_bin_data_size > UINT32_MAX) {
+ d_printf("provision binary data size too big: %zu\n",
+provision_bin_data_size);
+ return -1;
+ }
status = NetRequestOfflineDomainJoin(provision_bin_data,
provision_bin_data_size,
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated
via 885e3fc12de smbd: reject FILE_ATTRIBUTE_TEMPORARY on directories
via 8c2f27d442f torture: add a test trying to set
FILE_ATTRIBUTE_TEMPORARY on a directory
from 7edddbc684c CVE-2022-42898: HEIMDAL: lib/krb5: fix _krb5_get_int64
on systems where 'unsigned long' is just 32-bit
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test
- Log -
commit 885e3fc12de55e56e6170be4456101bda09d8a17
Author: Ralph Boehme
Date: Tue Nov 22 07:31:52 2022 +0100
smbd: reject FILE_ATTRIBUTE_TEMPORARY on directories
Cf MS-FSA 2.1.5.14.2
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15252
Signed-off-by: Ralph Boehme
Reviewed-by: Andrew Bartlett
Autobuild-User(master): Ralph Böhme
Autobuild-Date(master): Mon Nov 28 10:14:12 UTC 2022 on sn-devel-184
(cherry picked from commit 535a08dfc4c045d7b0c0ed335f76b5d560dd7bbd)
Autobuild-User(v4-16-test): Jule Anger
Autobuild-Date(v4-16-test): Mon Dec 5 11:03:30 UTC 2022 on sn-devel-184
commit 8c2f27d442f49453079f6037a54e6a02cc276573
Author: Ralph Boehme
Date: Tue Nov 22 10:45:35 2022 +0100
torture: add a test trying to set FILE_ATTRIBUTE_TEMPORARY on a directory
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15252
Signed-off-by: Ralph Boehme
Reviewed-by: Andrew Bartlett
(cherry picked from commit fdb19ce8aa189f6cfbd2d1fd7ed6fe809ba93cf3)
---
Summary of changes:
selftest/knownfail| 1 +
source3/smbd/dosmode.c| 7 +++
source4/torture/smb2/create.c | 47 +++
3 files changed, 55 insertions(+)
Changeset truncated at 500 lines:
diff --git a/selftest/knownfail b/selftest/knownfail
index a630270e5f0..7851ec397a0 100644
--- a/selftest/knownfail
+++ b/selftest/knownfail
@@ -146,6 +146,7 @@
^samba4.smb2.create.*.acldir
^samba4.smb2.create.*.impersonation
^samba4.smb2.create.quota-fake-file\(ad_dc_ntvfs\) # not supported by the NTVFS
+^samba4.smb2.create.dosattr_tmp_dir\(ad_dc_ntvfs\)
^samba4.smb2.acls.*.generic
^samba4.smb2.acls.*.inheritflags
^samba4.smb2.acls.*.owner
diff --git a/source3/smbd/dosmode.c b/source3/smbd/dosmode.c
index c97cdb65d93..0ae2c959220 100644
--- a/source3/smbd/dosmode.c
+++ b/source3/smbd/dosmode.c
@@ -940,6 +940,13 @@ int file_set_dosmode(connection_struct *conn,
return -1;
}
+ if ((S_ISDIR(smb_fname->st.st_ex_mode)) &&
+ (dosmode & FILE_ATTRIBUTE_TEMPORARY))
+ {
+ errno = EINVAL;
+ return -1;
+ }
+
dosmode &= SAMBA_ATTRIBUTES_MASK;
DEBUG(10,("file_set_dosmode: setting dos mode 0x%x on file %s\n",
diff --git a/source4/torture/smb2/create.c b/source4/torture/smb2/create.c
index 94dbae917fd..956224b5b08 100644
--- a/source4/torture/smb2/create.c
+++ b/source4/torture/smb2/create.c
@@ -3059,6 +3059,52 @@ static bool test_fileid_unique_dir(
return test_fileid_unique_object(tctx, tree, 100, true);
}
+static bool test_dosattr_tmp_dir(struct torture_context *tctx,
+struct smb2_tree *tree)
+{
+ bool ret = true;
+ NTSTATUS status;
+ struct smb2_create c;
+ struct smb2_handle h1 = {{0}};
+ const char *fname = DNAME;
+
+ smb2_deltree(tree, fname);
+ smb2_util_rmdir(tree, fname);
+
+ c = (struct smb2_create) {
+ .in.desired_access = SEC_RIGHTS_DIR_ALL,
+ .in.file_attributes = FILE_ATTRIBUTE_DIRECTORY,
+ .in.create_disposition = NTCREATEX_DISP_OPEN_IF,
+ .in.share_access = NTCREATEX_SHARE_ACCESS_READ |
+ NTCREATEX_SHARE_ACCESS_WRITE |
+ NTCREATEX_SHARE_ACCESS_DELETE,
+ .in.create_options = NTCREATEX_OPTIONS_DIRECTORY,
+ .in.fname = DNAME,
+ };
+
+ status = smb2_create(tree, tctx, );
+ torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
+ "smb2_create\n");
+ h1 = c.out.file.handle;
+
+ /* Try to set temporary attribute on directory */
+ SET_ATTRIB(FILE_ATTRIBUTE_TEMPORARY);
+
+ torture_assert_ntstatus_equal_goto(tctx, status,
+ NT_STATUS_INVALID_PARAMETER,
+ ret, done,
+ "Unexpected setinfo result\n");
+
+done:
+ if (!smb2_util_handle_empty(h1)) {
+ smb2_util_close(tree, h1);
+ }
+ smb2_util_unlink(tree, fname);
+ smb2_deltree(tree, fname);
+
+ return ret;
+}
+
/*
test opening quota fakefile handle and returned attributes
*/
@@ -3141,6 +3187,7 @@ struct torture_suite *torture_smb2_create_init(TALLOC_CTX
*ctx)
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated
via 7edddbc684c CVE-2022-42898: HEIMDAL: lib/krb5: fix _krb5_get_int64
on systems where 'unsigned long' is just 32-bit
from 33f74aea5d5 nsswitch: Fix uninitialized memory when allocating
pwdlastset_prelim
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test
- Log -
commit 7edddbc684c8098f15063732b9bf13b089e8fae4
Author: Stefan Metzmacher
Date: Wed Nov 16 12:08:45 2022 +0100
CVE-2022-42898: HEIMDAL: lib/krb5: fix _krb5_get_int64 on systems where
'unsigned long' is just 32-bit
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15203
Signed-off-by: Stefan Metzmacher
Reviewed-by: Ralph Boehme
Autobuild-User(v4-16-test): Jule Anger
Autobuild-Date(v4-16-test): Wed Nov 23 15:58:56 UTC 2022 on sn-devel-184
---
Summary of changes:
third_party/heimdal/lib/krb5/store-int.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Changeset truncated at 500 lines:
diff --git a/third_party/heimdal/lib/krb5/store-int.c
b/third_party/heimdal/lib/krb5/store-int.c
index 542b99abc08..6fe7eb37fc6 100644
--- a/third_party/heimdal/lib/krb5/store-int.c
+++ b/third_party/heimdal/lib/krb5/store-int.c
@@ -49,7 +49,7 @@ KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL
_krb5_get_int64(void *buffer, uint64_t *value, size_t size)
{
unsigned char *p = buffer;
-unsigned long v = 0;
+uint64_t v = 0;
size_t i;
for (i = 0; i < size; i++)
v = (v << 8) + p[i];
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated
via 33f74aea5d5 nsswitch: Fix uninitialized memory when allocating
pwdlastset_prelim
via 399522d048e nsswitch: Fix pam_set_data()/pam_get_data() to use
pointers to a time_t, not try and embedd it directly.
via b11ceb58fee s3:rpc_server: Fix include directive substitution when
enumerating shares
via ef39898066c s3:tests: Add substitution test for listing shares
via 5ade6d20f35 s3:tests: Add substitution test for include directive
via 450dd63bdf9 lib/replace: fix memory leak in snprintf replacements
from 83da21f4292 VERSION: Bump version up to Samba 4.16.8...
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test
- Log -
commit 33f74aea5d5d8096dfd71089a74a123161957197
Author: Noel Power
Date: Wed Nov 16 15:37:52 2022 +
nsswitch: Fix uninitialized memory when allocating pwdlastset_prelim
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15224
Signed-off-by: Noel Power
Reviewed-by: Jeremy Allison
Autobuild-User(master): Jeremy Allison
Autobuild-Date(master): Wed Nov 16 19:29:21 UTC 2022 on sn-devel-184
(cherry picked from commit f6284877ce07fc5ddf4f4e2d824013b645d6e12c)
Autobuild-User(v4-16-test): Jule Anger
Autobuild-Date(v4-16-test): Wed Nov 23 13:52:37 UTC 2022 on sn-devel-184
commit 399522d048e5f7effec31c67588fac722a970f8d
Author: Jeremy Allison
Date: Tue Nov 8 16:16:07 2022 -0800
nsswitch: Fix pam_set_data()/pam_get_data() to use pointers to a time_t,
not try and embedd it directly.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15224
Signed-off-by: Jeremy Allison
Reviewed-by: Noel Power
Autobuild-User(master): Noel Power
Autobuild-Date(master): Wed Nov 16 15:09:45 UTC 2022 on sn-devel-184
(cherry picked from commit 7cb50405515298b75dcc512633fb3877045aabc6)
commit b11ceb58fee9442f4a1f113d5375273fe4357913
Author: Andreas Schneider
Date: Wed Nov 16 11:24:12 2022 +0100
s3:rpc_server: Fix include directive substitution when enumerating shares
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15243
Signed-off-by: Andreas Schneider
Reviewed-by: Volker Lendecke
(cherry picked from commit f03665bb7e8ea97699062630f2aa1bac4c5dfc7f)
(cherry picked from commit 2b643c17d486ecbd0b46a9f31aeb3593ad19e464)
commit ef39898066c3dcdb5f11ca10ae037f2e404d514d
Author: Andreas Schneider
Date: Wed Nov 16 11:23:44 2022 +0100
s3:tests: Add substitution test for listing shares
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15243
Signed-off-by: Andreas Schneider
Reviewed-by: Volker Lendecke
(cherry picked from commit c213ead8c4c1b5287294a67e65f271fbb0b922b2)
(cherry picked from commit 8f1ba9193b0a11a320754cfbde2ab42b68d61ad4)
commit 5ade6d20f35b6dc70f2b4449c72ddf67f924ff82
Author: Andreas Schneider
Date: Tue Nov 15 16:35:15 2022 +0100
s3:tests: Add substitution test for include directive
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15243
Signed-off-by: Andreas Schneider
Reviewed-by: Volker Lendecke
(backported from commit ce3d27a9f5a98b4680af5fb5a595b0e7e94f8c30)
commit 450dd63bdf9d8f48701828c52990d3633e738e82
Author: Stefan Metzmacher
Date: Mon Oct 31 13:16:25 2022 +0100
lib/replace: fix memory leak in snprintf replacements
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15230
Signed-off-by: Stefan Metzmacher
Reviewed-by: Volker Lendecke
Autobuild-User(master): Volker Lendecke
Autobuild-Date(master): Wed Nov 9 11:18:02 UTC 2022 on sn-devel-184
(cherry picked from commit 76adda9d2fea9f93f4cf97536db5c0be6deeb98c)
---
Summary of changes:
lib/replace/snprintf.c | 2 ++
nsswitch/pam_winbind.c | 24 +---
selftest/target/Samba3.pm | 19 ++-
source3/rpc_server/srvsvc/srv_srvsvc_nt.c | 8
source3/script/tests/test_substitutions.sh | 27 +++
5 files changed, 72 insertions(+), 8 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/replace/snprintf.c b/lib/replace/snprintf.c
index 6e4424b0b31..de814af4164 100644
--- a/lib/replace/snprintf.c
+++ b/lib/replace/snprintf.c
@@ -751,6 +751,8 @@ done:
while (chunks) {
cnk = chunks->next;
+ if (chunks->min_star) free(chunks->min_star);
+ if (chunks->max_star) free(chunks->max_star);
free(chunks);
chunks = cnk;
}
diff --git a/nsswitch/pam_winbind.c b/nsswitch/pam_winbind.c
index e7ae605b341..06a8db21b69 100644
--- a/nsswitch/pam_winbind.c
+++ b/nsswitch/pam_winbind.c
@@ -3226,7 +3226,15 @@ int pam_sm_chauthtok(pam_handle_t * pamh, int
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated
via 83da21f4292 VERSION: Bump version up to Samba 4.16.8...
via 722abdcf35c Merge tag 'samba-4.16.7' into v4-16-test
via fc0f1090f4c VERSION: Disable GIT_SNAPSHOT for the 4.16.7 release.
via 2e1f66e3d9d WHATSNEW: Add release notes for Samba 4.16.7.
via a8ef840d436 CVE-2022-42898 third_party/heimdal: PAC parse integer
overflows
via b403ae70a05 VERSION: Bump version up to Samba 4.16.7...
from b57c2bb4725 heimdal: Fix the 32-bit build on FreeBSD
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test
- Log -
commit 83da21f42926a54736120880f2f9da561f19d921
Author: Jule Anger
Date: Sun Nov 13 18:41:00 2022 +0100
VERSION: Bump version up to Samba 4.16.8...
and re-enable GIT_SNAPSHOT.
Signed-off-by: Jule Anger
commit 722abdcf35c4850088ca2ec948dac83847071891
Merge: b57c2bb4725 fc0f1090f4c
Author: Jule Anger
Date: Tue Nov 15 15:54:55 2022 +0100
Merge tag 'samba-4.16.7' into v4-16-test
samba: tag release samba-4.16.7
Signed-off-by: Jule Anger
Signed-off-by: Stefan Metzmacher
---
Summary of changes:
VERSION | 2 +-
WHATSNEW.txt| 50 ++-
third_party/heimdal/lib/krb5/pac.c | 614 +---
third_party/heimdal/lib/krb5/test_pac.c | 48 ++-
4 files changed, 493 insertions(+), 221 deletions(-)
Changeset truncated at 500 lines:
diff --git a/VERSION b/VERSION
index cce829b6414..f277d2b2850 100644
--- a/VERSION
+++ b/VERSION
@@ -25,7 +25,7 @@
SAMBA_VERSION_MAJOR=4
SAMBA_VERSION_MINOR=16
-SAMBA_VERSION_RELEASE=7
+SAMBA_VERSION_RELEASE=8
# If a official release has a serious bug #
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index fc386e8fb05..4f085269066 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,3 +1,50 @@
+ ==
+ Release Notes for Samba 4.16.7
+ November 15, 2022
+ ==
+
+
+This is a security release in order to address the following defects:
+
+o CVE-2022-42898: Samba's Kerberos libraries and AD DC failed to guard against
+ integer overflows when parsing a PAC on a 32-bit system,
which
+ allowed an attacker with a forged PAC to corrupt the heap.
+ https://www.samba.org/samba/security/CVE-2022-42898.html
+
+Changes since 4.16.6
+
+
+o Joseph Sutton
+ * BUG 15203: CVE-2022-42898
+
+o Nicolas Williams
+ * BUG 15203: CVE-2022-42898
+
+
+###
+Reporting bugs & Development Discussion
+###
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical:matrix.org matrix room, or
+#samba-technical IRC channel on irc.libera.chat.
+
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 4.1 and newer product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+==
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+==
+
+
+Release notes for older releases follow:
+
==
Release Notes for Samba 4.16.6
October 25, 2022
@@ -39,8 +86,7 @@ database (https://bugzilla.samba.org/).
==
-Release notes for older releases follow:
-
+--
==
Release Notes for Samba 4.16.5
September 07, 2022
diff --git a/third_party/heimdal/lib/krb5/pac.c
b/third_party/heimdal/lib/krb5/pac.c
index c8f355c8179..c11990a1606 100644
--- a/third_party/heimdal/lib/krb5/pac.c
+++ b/third_party/heimdal/lib/krb5/pac.c
@@ -37,19 +37,34 @@
#include
#include
+/*
+ *
https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-pac/3341cfa2-6ef5-42e0-b7bc-4544884bf399
+ */
struct PAC_INFO_BUFFER {
-uint32_t type;
-uint32_t buffersize;
-uint32_t offset_hi;
-uint32_t offset_lo;
+uint32_t type; /* ULONG ulType in the original */
+uint32_t buffersize;
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated
via b57c2bb4725 heimdal: Fix the 32-bit build on FreeBSD
via eeea6587e92 third_party/heimdal: Introduce macro for common plugin
structure elements
from 618395a7eaf s3: libsmbclient: Fix smbc_stat() to return ENOENT on a
non-existent file.
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test
- Log -
commit b57c2bb47256903bf2b88f6c1b66d540578ba619
Author: Volker Lendecke
Date: Fri Jul 22 18:38:21 2022 +0200
heimdal: Fix the 32-bit build on FreeBSD
REF: https://github.com/heimdal/heimdal/pull/1004
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15220
Signed-off-by: Volker Lendecke
Reviewed-by: Andrew Bartlett
(cherry picked from commit ab4c7bda8daccdb99adaf6ec7fddf8b5f84be09a)
Autobuild-User(v4-16-test): Jule Anger
Autobuild-Date(v4-16-test): Tue Nov 8 14:09:47 UTC 2022 on sn-devel-184
commit eeea6587e92daf792c5ca382d7c03c40e6ccd621
Author: Joseph Sutton
Date: Sat Oct 22 10:11:53 2022 +1300
third_party/heimdal: Introduce macro for common plugin structure elements
Heimdal's HDB plugin interface, and hence Samba's KDC that depends upon
it, doesn't work on 32-bit builds due to structure fields being arranged
in the wrong order. This problem presents itself in the form of
segmentation faults on 32-bit systems, but goes unnoticed on 64-bit
builds thanks to extra structure padding absorbing the errant fields.
This commit reorders the HDB plugin structure fields to prevent crashes
and introduces a common macro to ensure every plugin presents a
consistent interface.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15110
Signed-off-by: Joseph Sutton
Reviewed-by: Andrew Bartlett
(cherry picked from commit 074e92849715ed3485703cfbba3771d405e4e78a)
---
Summary of changes:
third_party/heimdal/kdc/csr_authorizer_plugin.h| 4 +--
third_party/heimdal/kdc/gss_preauth.c | 2 +-
.../heimdal/kdc/gss_preauth_authorizer_plugin.h| 4 +--
third_party/heimdal/kdc/kdc-plugin.h | 4 +--
third_party/heimdal/kdc/token_validator_plugin.h | 4 +--
third_party/heimdal/lib/asn1/gen_encode.c | 4 +--
third_party/heimdal/lib/asn1/gen_template.c| 4 +--
third_party/heimdal/lib/base/common_plugin.h | 6 ++--
third_party/heimdal/lib/base/heimbase-svc.h| 5 +++
third_party/heimdal/lib/base/log.c | 2 +-
third_party/heimdal/lib/base/plugin.c | 2 +-
third_party/heimdal/lib/hdb/hdb-ldap.c | 3 +-
third_party/heimdal/lib/hdb/hdb.c | 40 +++---
third_party/heimdal/lib/hdb/hdb.h | 4 +--
third_party/heimdal/lib/hdb/test_namespace.c | 8 ++---
third_party/heimdal/lib/kadm5/kadm5-hook.h | 6 ++--
third_party/heimdal/lib/krb5/an2ln_plugin.h| 6 ++--
third_party/heimdal/lib/krb5/db_plugin.h | 6 ++--
third_party/heimdal/lib/krb5/kuserok_plugin.h | 6 ++--
third_party/heimdal/lib/krb5/locate_plugin.h | 6 ++--
third_party/heimdal/lib/krb5/send_to_kdc_plugin.h | 5 ++-
third_party/heimdal/lib/krb5/ticket.c | 2 +-
22 files changed, 64 insertions(+), 69 deletions(-)
Changeset truncated at 500 lines:
diff --git a/third_party/heimdal/kdc/csr_authorizer_plugin.h
b/third_party/heimdal/kdc/csr_authorizer_plugin.h
index 45f42014b60..022fedac0e1 100644
--- a/third_party/heimdal/kdc/csr_authorizer_plugin.h
+++ b/third_party/heimdal/kdc/csr_authorizer_plugin.h
@@ -62,9 +62,7 @@
* @ingroup krb5_support
*/
typedef struct krb5plugin_csr_authorizer_ftable_desc {
-intminor_version;
-krb5_error_code(KRB5_LIB_CALL *init)(krb5_context, void **);
-void (KRB5_LIB_CALL *fini)(void *);
+HEIM_PLUGIN_FTABLE_COMMON_ELEMENTS(krb5_context);
krb5_error_code(KRB5_LIB_CALL *authorize)(void *,
/*plug_ctx*/
krb5_context,
/*context*/
const char *,/*app*/
diff --git a/third_party/heimdal/kdc/gss_preauth.c
b/third_party/heimdal/kdc/gss_preauth.c
index d8a2a24fd94..24663deb03a 100644
--- a/third_party/heimdal/kdc/gss_preauth.c
+++ b/third_party/heimdal/kdc/gss_preauth.c
@@ -493,7 +493,7 @@ _kdc_gss_endtime(astgs_request_t r,
endtime = kdc_time + gcp->lifetime;
kdc_log(r->context, r->config, 10,
-"GSS pre-authentication endtime is %ld", endtime);
+"GSS pre-authentication endtime is %ld", (long)endtime);
return endtime;
}
diff --git a/third_party/heimdal/kdc/gss_preauth_authorizer_plugin.h
b/third_party/heimdal/kdc/gss_preauth_authorizer_plugin.h
index
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated
via 618395a7eaf s3: libsmbclient: Fix smbc_stat() to return ENOENT on a
non-existent file.
via efa48817d3c s4: torture: libsmbclient: Add a torture test to ensure
smbc_stat() returns ENOENT on a non-existent file.
via f7a84cffe9d s4:ldap_server: let ldapsrv_call_writev_start use
conn_idle_time to limit the time
via bc16a8abe3f lib/tsocket: avoid endless cpu-spinning in
tstream_bsd_fde_handler()
via aeb7dd2ca89 lib/tsocket: remember the first error as
tstream_bsd->error
via d8d5146d167 lib/tsocket: check for errors indicated by poll()
before getsockopt(fd, SOL_SOCKET, SO_ERROR)
via 119bf609985 lib/tsocket: split out tsocket_bsd_error() from
tsocket_bsd_pending()
via c805ccba339 lib/tsocket: Add tests for loop on EAGAIN
from c2095819c31 VERSION: Bump version up to Samba 4.16.7...
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test
- Log -
commit 618395a7eafbb6224047610659c2d343318a1d33
Author: Jeremy Allison
Date: Mon Oct 17 13:24:27 2022 -0700
s3: libsmbclient: Fix smbc_stat() to return ENOENT on a non-existent file.
Remove knownfail.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15195
Signed-off-by: Jeremy Allison
Reviewed-by: Pavel Filipenský
(backported from commit fd0c01da1c744ae6fd9d8675616d8b6d3531e469)
j...@samba.org: Older SMBC_getatr returns bool not NTSTATUS.
Autobuild-User(v4-16-test): Jule Anger
Autobuild-Date(v4-16-test): Mon Oct 31 15:31:53 UTC 2022 on sn-devel-184
commit efa48817d3c6fd3c64051bdf29648dff1702cf5d
Author: Jeremy Allison
Date: Mon Oct 17 13:14:41 2022 -0700
s4: torture: libsmbclient: Add a torture test to ensure smbc_stat() returns
ENOENT on a non-existent file.
Add knownfail.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15195
Signed-off-by: Jeremy Allison
Reviewed-by: Pavel Filipenský
(cherry picked from commit 9eda432836bfff3d3d4a365a08a5ecb54f0f2e34)
commit f7a84cffe9d9c61df7a7c5dd94e9caf3d18d9b3c
Author: Stefan Metzmacher
Date: Thu Oct 13 10:17:25 2022 +0200
s4:ldap_server: let ldapsrv_call_writev_start use conn_idle_time to limit
the time
If the client is not able to receive the results within connections idle
time, then we should treat it as dead. It's value is 15 minutes (900 s)
by default.
In order to limit that further an admin can use 'socket options'
and set TCP_KEEPCNT, TCP_KEEPIDLE, TCP_KEEPINTVL and/or TCP_USER_TIMEOUT
to useful values.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15202
Signed-off-by: Stefan Metzmacher
Reviewed-by: Ralph Boehme
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Wed Oct 19 17:13:39 UTC 2022 on sn-devel-184
(cherry picked from commit eb2f3526032803f34c88ef1619a832a741f71910)
commit bc16a8abe3f1446a0da7e672cdba469fcc8ef96a
Author: Stefan Metzmacher
Date: Wed Oct 12 17:26:16 2022 +0200
lib/tsocket: avoid endless cpu-spinning in tstream_bsd_fde_handler()
There were some reports that strace output an LDAP server socket is in
CLOSE_WAIT state, returning EAGAIN for writev over and over (after a call to
epoll() each time).
In the tstream_bsd code the problem happens when we have a pending
writev_send, while there's no readv_send pending. In that case
we still ask for TEVENT_FD_READ in order to notice connection errors
early, so we try to call writev even if the socket doesn't report
TEVENT_FD_WRITE.
And there are situations where we do that over and over again.
It happens like this with a Linux kernel:
tcp_fin() has this:
struct tcp_sock *tp = tcp_sk(sk);
inet_csk_schedule_ack(sk);
sk->sk_shutdown |= RCV_SHUTDOWN;
sock_set_flag(sk, SOCK_DONE);
switch (sk->sk_state) {
case TCP_SYN_RECV:
case TCP_ESTABLISHED:
/* Move to CLOSE_WAIT */
tcp_set_state(sk, TCP_CLOSE_WAIT);
inet_csk_enter_pingpong_mode(sk);
break;
It means RCV_SHUTDOWN gets set as well as TCP_CLOSE_WAIT, but
sk->sk_err is not changed to indicate an error.
tcp_sendmsg_locked has this:
...
err = -EPIPE;
if (sk->sk_err || (sk->sk_shutdown & SEND_SHUTDOWN))
goto do_error;
while (msg_data_left(msg)) {
int copy = 0;
skb = tcp_write_queue_tail(sk);
if (skb)
copy = size_goal - skb->len;
if (copy <= 0 || !tcp_skb_can_collapse_to(skb)) {
bool first_skb;
new_segment:
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated
via c2095819c31 VERSION: Bump version up to Samba 4.16.7...
via a9011093133 Merge tag 'samba-4.16.6' into v4-16-test
via dc74e56c03d VERSION: Disable GIT_SNAPSHOT for the 4.16.6 release.
via 620698353ba WHATSNEW: Add release notes for Samba 4.16.6.
via 5c31d5beb3b CVE-2022-3437 third_party/heimdal: Pass correct length
to _gssapi_verify_pad()
via 22dd9072c9f CVE-2022-3437 third_party/heimdal: Check for overflow
in _gsskrb5_get_mech()
via d16ac1f4057 CVE-2022-3437 third_party/heimdal: Check buffer length
against overflow for DES{,3} unwrap
via de77f015987 CVE-2022-3437 third_party/heimdal: Check the result of
_gsskrb5_get_mech()
via e1c2e2836ef CVE-2022-3437 third_party/heimdal: Avoid undefined
behaviour in _gssapi_verify_pad()
via c944773adc4 CVE-2022-3437 third_party/heimdal: Don't pass NULL
pointers to memcpy() in DES unwrap
via 9ca9408c5ed CVE-2022-3437 third_party/heimdal: Use constant-time
memcmp() in unwrap_des3()
via e3c314ed69f CVE-2022-3437 third_party/heimdal: Use constant-time
memcmp() for arcfour unwrap
via 03eefa45d38 CVE-2022-3437 s4/auth/tests: Add unit tests for
unwrap_des3()
via c5dd87f4888 CVE-2022-3437 third_party/heimdal_build: Add
gssapi-subsystem subsystem
via 0eaa68d1935 CVE-2022-3437 third_party/heimdal: Remove __func__
compatibility workaround
from c28d971b12b s4:messaging: let imessaging_client_init() use
imessaging_init_discard_incoming()
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test
- Log -
commit c2095819c31ca66fa8a0936cca79ff1e7973966b
Author: Jule Anger
Date: Tue Oct 25 11:56:55 2022 +0200
VERSION: Bump version up to Samba 4.16.7...
and re-enable GIT_SNAPSHOT.
Signed-off-by: Jule Anger
commit a90110931331ff532d9a7034e258f1c959b6c57d
Merge: c28d971b12b dc74e56c03d
Author: Jule Anger
Date: Tue Oct 25 11:55:25 2022 +0200
Merge tag 'samba-4.16.6' into v4-16-test
samba: tag release samba-4.16.6
Signed-off-by: Jule Anger
---
Summary of changes:
VERSION |2 +-
WHATSNEW.txt | 46 +-
selftest/tests.py |5 +
source4/auth/tests/heimdal_unwrap_des.c | 1244 +
source4/auth/wscript_build| 21 +
third_party/heimdal/lib/gssapi/krb5/arcfour.c | 14 +-
third_party/heimdal/lib/gssapi/krb5/decapsulate.c | 12 +-
third_party/heimdal/lib/gssapi/krb5/unwrap.c | 34 +-
third_party/heimdal/lib/krb5/krb5_locl.h |4 -
third_party/heimdal_build/wscript_build | 18 +-
10 files changed, 1368 insertions(+), 32 deletions(-)
create mode 100644 source4/auth/tests/heimdal_unwrap_des.c
Changeset truncated at 500 lines:
diff --git a/VERSION b/VERSION
index f76d2919c7a..cce829b6414 100644
--- a/VERSION
+++ b/VERSION
@@ -25,7 +25,7 @@
SAMBA_VERSION_MAJOR=4
SAMBA_VERSION_MINOR=16
-SAMBA_VERSION_RELEASE=6
+SAMBA_VERSION_RELEASE=7
# If a official release has a serious bug #
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 08bb7086b27..fc386e8fb05 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,3 +1,46 @@
+ ==
+ Release Notes for Samba 4.16.6
+ October 25, 2022
+ ==
+
+
+This is a security release in order to address the following defect:
+
+o CVE-2022-3437: There is a limited write heap buffer overflow in the GSSAPI
+ unwrap_des() and unwrap_des3() routines of Heimdal (included
+ in Samba).
+ https://www.samba.org/samba/security/CVE-2022-3437.html
+
+Changes since 4.16.5
+-
+
+o Joseph Sutton
+ * BUG 15134: CVE-2022-3437.
+
+
+###
+Reporting bugs & Development Discussion
+###
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical:matrix.org matrix room, or
+#samba-technical IRC channel on irc.libera.chat.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 4.1 and newer product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+==
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated via c28d971b12b s4:messaging: let imessaging_client_init() use imessaging_init_discard_incoming() via 04d0d5a0366 s3:auth_samba4: make use of imessaging_init_discard_incoming() via 6ba44033e38 s4:messaging: add imessaging_init_discard_incoming() via 4d7e31b9816 s3/utils: check result of talloc_strdup via 9a18da112c4 s3/utils: Check return of talloc_strdup via e69d2b3f9d2 s3/param: Check return of talloc_strdup via 7480f9c01d6 s4/lib/registry: Fix use after free with popt 1.19 via 5383d625cbb s3/utils: Fix use after free with popt 1.19 via 4b35fa3f85e s3/utils: Fix use after free with popt 1.19 via 1efcc10c9d4 s3/utils: Add missing poptFreeContext via da11c48d9b6 s3/param: Fix use after free with popt-1.19 via 0503e0df3b6 s3/rpcclient: Duplicate string returned from poptGetArg from 3e0ce4513b0 vfs_fruit: add missing calls to tevent_req_received() https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test - Log - commit c28d971b12bab1342d9ad0a8475deef647e5aa1b Author: Stefan Metzmacher Date: Wed Sep 28 14:27:09 2022 +0200 s4:messaging: let imessaging_client_init() use imessaging_init_discard_incoming() imessaging_client_init() is for temporary stuff only, so we should drop (unexpected) incoming messages unless we expect irpc responses. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15201 Signed-off-by: Stefan Metzmacher Reviewed-by: Ralph Boehme Autobuild-User(master): Ralph Böhme Autobuild-Date(master): Thu Oct 13 13:32:30 UTC 2022 on sn-devel-184 (cherry picked from commit 266bcedc18efc52e29efde6bad220623a5423e30) Autobuild-User(v4-16-test): Jule Anger Autobuild-Date(v4-16-test): Wed Oct 19 09:45:53 UTC 2022 on sn-devel-184 commit 04d0d5a0366ec92a7cafcf56e0cf2c74780c0eed Author: Stefan Metzmacher Date: Wed Sep 28 14:14:41 2022 +0200 s3:auth_samba4: make use of imessaging_init_discard_incoming() Otherwise we'll generate a memory leak of imessaging_post_state/ tevent_immediate structures per incoming message! BUG: https://bugzilla.samba.org/show_bug.cgi?id=15201 Signed-off-by: Stefan Metzmacher Reviewed-by: Ralph Boehme (cherry picked from commit 32df5e4961cf064b72bb496157cc6092126d9b8e) commit 6ba44033e3869196982e67a8f757f34a5e1f2788 Author: Stefan Metzmacher Date: Wed Sep 28 13:47:13 2022 +0200 s4:messaging: add imessaging_init_discard_incoming() We often create imessaging contexts just for sending messages, but we'll never process incoming messages because a temporary event context was used and we just queue a lot of imessaging_post_state structures with immediate events. With imessaging_init_discard_incoming() we'll discard any incoming messages unless we have pending irpc requests. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15201 Signed-off-by: Stefan Metzmacher Reviewed-by: Ralph Boehme (cherry picked from commit a120fb1c724dfaed5a99e34aaf979502586f17c0) commit 4d7e31b98162a33702162b00cf40811dfeabe671 Author: Noel Power Date: Mon Oct 17 10:27:31 2022 +0100 s3/utils: check result of talloc_strdup follow to commit 4b15d8c2a5c8547b84e7926fed9890b5676b8bc3 BUG: https://bugzilla.samba.org/show_bug.cgi?id=15205 Signed-off-by: Noel Power Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Mon Oct 17 19:49:37 UTC 2022 on sn-devel-184 (cherry picked from commit 0326549a052c22e4929e3760fd5011c35e32fe33) commit 9a18da112c47055fb32291dfcde42f2ccca7aad7 Author: Noel Power Date: Mon Oct 17 10:25:00 2022 +0100 s3/utils: Check return of talloc_strdup followup to e82699fcca3716d9ed0450263fd83f948de8ffbe BUG: https://bugzilla.samba.org/show_bug.cgi?id=15205 Signed-off-by: Noel Power Reviewed-by: Jeremy Allison (cherry picked from commit 972127daddc7a32d23fb84d97102557035b06f5b) commit e69d2b3f9d2c8f38a4d93413d563ad5241d35383 Author: Noel Power Date: Mon Oct 17 10:17:34 2022 +0100 s3/param: Check return of talloc_strdup followup to commit ff003fc87b8164610dfd6572347c05308c4b2fd7 BUG: https://bugzilla.samba.org/show_bug.cgi?id=15205 Signed-off-by: Noel Power Reviewed-by: Jeremy Allison (cherry picked from commit 19eb88bc53e481327bbd437b0c145d5765c6dcec) commit 7480f9c01d6449e071784b04ea1f8e2a18906d75 Author: Noel Power Date: Fri Oct 14 11:53:53 2022 +0100 s4/lib/registry: Fix use after free with popt 1.19 popt1.19 fixes a leak that exposes a use as free, make sure we duplicate return of poptGetArg if poptFreeContext is called before we use it. ==6357== Command: ./bin/regpatch file
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated
via 3e0ce4513b0 vfs_fruit: add missing calls to tevent_req_received()
via 6c7af405580 s3: VFS: fruit. Implement fsync_send()/fsync_recv().
via 24bc377a0ec s4: smbtorture: Add fsync_resource_fork test to fruit
tests.
via b3e8e8185fc smbXsrv_client: handle NAME_NOT_FOUND from
smb2srv_client_connection_{pass,drop}()
via 0fa03f112f7 smbXsrv_client: make sure we only wait for
smb2srv_client_mc_negprot_filter once and only when needed
via 935f1ec476e smbXsrv_client: call
smb2srv_client_connection_{pass,drop}() before dbwrap_watched_watch_send()
via 68a233322bd smbXsrv_client: fix a debug message in
smbXsrv_client_global_verify_record()
via f806366dd4a smbXsrv_client: ignore NAME_NOT_FOUND from
smb2srv_client_connection_passed
via 52dd57d4b30 smbXsrv_client: notify a different node to drop a
connection by client guid.
via ada5ef9d847 smbXsrv_client: correctly check in
negotiate_request.length smbXsrv_client_connection_pass[ed]_*
from 1a4d3a2db79 python-drs: Add client-side debug and fallback for
GET_ANC
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test
- Log -
commit 3e0ce4513b06f17791c02ab0b4f787f63fe69b9f
Author: Ralph Boehme
Date: Thu Oct 6 14:31:08 2022 +0200
vfs_fruit: add missing calls to tevent_req_received()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15182
Signed-off-by: Ralph Boehme
Reviewed-by: Ralph Böhme
(cherry picked from commit a7fba3ff5996330158d3cc6bc24746a59492b690)
Autobuild-User(v4-16-test): Jule Anger
Autobuild-Date(v4-16-test): Tue Oct 18 09:41:37 UTC 2022 on sn-devel-184
commit 6c7af4055805041726c5735da5b89f2f7f067aef
Author: Jeremy Allison
Date: Tue Sep 20 13:25:22 2022 -0700
s3: VFS: fruit. Implement fsync_send()/fsync_recv().
For type == ADOUBLE_META, fio->fake_fd is true so
writes are already synchronous, just call tevent_req_post().
For type == ADOUBLE_RSRC we know we are configured
with FRUIT_RSRC_ADFILE (because fruit_must_handle_aio_stream()
returned true), so we can just call SMB_VFS_NEXT_FSYNC_SEND()
after replacing fsp with fio->ad_fsp.
Remove knownfail.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15182
Signed-off-by: Jeremy Allison
Reviewed-by: Ralph Böhme
(cherry picked from commit 35c637f2e6c671acf8fb9c2a67774bd5e74dd7d0)
commit 24bc377a0ec8fc23df22b396b6b30e6b60b39fb7
Author: Jeremy Allison
Date: Tue Sep 20 12:08:29 2022 -0700
s4: smbtorture: Add fsync_resource_fork test to fruit tests.
This shows we currently hang when sending an SMB2_OP_FLUSH on
an AFP_Resource fork.
Adds knownfail.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15182
Signed-off-by: Jeremy Allison
Reviewed-by: Ralph Böhme
(cherry picked from commit 1b8a8732848169c632af12b7c2b4cd3ee73be244)
commit b3e8e8185fcb740a780867e69e014d7b87e77afe
Author: Stefan Metzmacher
Date: Wed Oct 12 14:57:18 2022 +0200
smbXsrv_client: handle NAME_NOT_FOUND from
smb2srv_client_connection_{pass,drop}()
If we get NT_STATUS_OBJECT_NOT_FOUND from
smb2srv_client_connection_{pass,drop}()
we should just keep the connection and overwrite the stale record in
smbXsrv_client_global.tdb. It's basically a race with serverid_exists()
and a process that doesn't cleanly teardown.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15200
Signed-off-by: Stefan Metzmacher
Reviewed-by: Ralph Boehme
(cherry picked from commit 5d66d5b84f87267243dcd5223210906ce589af91)
commit 0fa03f112f75dbae7f3f63d245928668df57da45
Author: Stefan Metzmacher
Date: Wed Oct 12 14:15:53 2022 +0200
smbXsrv_client: make sure we only wait for smb2srv_client_mc_negprot_filter
once and only when needed
This will simplify the following changes...
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15200
Signed-off-by: Stefan Metzmacher
Reviewed-by: Ralph Boehme
(cherry picked from commit 8c8d8cf01e01c2726d03fa1c81e0ce9992ee736c)
commit 935f1ec476edd0688a5471d7a7486da5f92c8b3f
Author: Stefan Metzmacher
Date: Wed Oct 12 13:54:41 2022 +0200
smbXsrv_client: call smb2srv_client_connection_{pass,drop}() before
dbwrap_watched_watch_send()
dbwrap_watched_watch_send() should typically be the last thing to call
before the db record is unlocked, as it's not that easy to undo.
In future we want to recover from smb2srv_client_connection_{pass,drop}()
returning NT_STATUS_OBJECT_NAME_NOT_FOUND and it would add complexity if
would need to undo dbwrap_watched_watch_send() at that point.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15200
Signed-off-by: Stefan Metzmacher
Reviewed-by: Ralph Boehme
(cherry picked from commit
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated via 1a4d3a2db79 python-drs: Add client-side debug and fallback for GET_ANC via 0a8330ab7dc s4-libnet: Add messages to object count mismatch failures via 584a4c00575 selftest: Enable "old Samba" mode regarding GET_ANC/GET_TGT via a0e0c7e9894 s4-rpc_server:getncchanges Add "old Samba" mode regarding GET_ANC/GET_TGT via 997b8f8341f selftest: Add tests for GetNCChanges GET_ANC using samba-tool drs clone-dc-database via 2d2156b01de selftest: Prepare for "old Samba" mode regarding getncchanges GET_ANC/GET_TGT via dd2c5f96981 pytest/samba_tool_drs_no_dns: use TestCaseInTempDir.rm_files/.rm_dirs via 42b5bfa68e2 pytest/samba_tool_drs: use TestCaseInTempDir.rm_files/.rm_dirs via 6a6db20068f pytest/samdb: use TestCaseInTempDir.rm_files/.rm_dirs via fba1864d7a7 pytest/join: use TestCaseInTempDir.rm_files/dirs via 6e217c047d2 pytest/samdb_api: use TestCaseInTempDir.rm_files via 70de6108924 pytest/downgradedatabase: use TestCaseInTempDir.rm_files via 2003f7cf749 pytest: add file removal helpers for TestCaseInTempDir via 7c2697e9c84 s3:auth: Flush the GETPWSID in memory cache for NTLM auth from 2f71273a736 s3: smbd: Fix memory leak in smbd_server_connection_terminate_done(). https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test - Log - commit 1a4d3a2db79dbf48b772b7bbbcf5988a43958642 Author: Andrew Bartlett Date: Thu Sep 15 17:10:24 2022 +1200 python-drs: Add client-side debug and fallback for GET_ANC Samba 4.5 and earlier will fail to do GET_ANC correctly and will not replicate non-critical parents of objects with isCriticalSystemObject=TRUE when DRSUAPI_DRS_CRITICAL_ONLY is set. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15189 BUG: https://bugzilla.samba.org/show_bug.cgi?id=15189 Signed-off-by: Andrew Bartlett Reviewed-by: Douglas Bagnall (cherry picked from commit bff2bc9c7d69ec2fbe9339c2353a0a846182f1ea) Autobuild-User(v4-16-test): Jule Anger Autobuild-Date(v4-16-test): Fri Oct 7 09:56:12 UTC 2022 on sn-devel-184 commit 0a8330ab7dc2bad3b2ab24dc5e5e368b3979ea05 Author: Andrew Bartlett Date: Tue Sep 20 13:37:30 2022 +1200 s4-libnet: Add messages to object count mismatch failures This helps explain these better than WERR_GEN_FAILURE. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15189 BUG: https://bugzilla.samba.org/show_bug.cgi?id=15189 Signed-off-by: Andrew Bartlett Reviewed-by: Douglas Bagnall (cherry picked from commit 483c48f52d6ff5e8149ed12bfeb2b6608c946f01) commit 584a4c005751e3964d070e40573f8620706fc647 Author: Andrew Bartlett Date: Thu Sep 29 14:54:14 2022 +1300 selftest: Enable "old Samba" mode regarding GET_ANC/GET_TGT The chgdcpass server now emulates older verions of Samba that fail to implement DRSUAPI_DRS_GET_ANC correctly and totally fails to support DRSUAPI_DRS_GET_TGT. We now show this is in effect by the fact that tests now fail. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15189 BUG: https://bugzilla.samba.org/show_bug.cgi?id=15189 Signed-off-by: Andrew Bartlett Reviewed-by: Douglas Bagnall (cherry picked from commit b0bbc94d4124d63b1d5a35ccbc88ffd51d520ba0) commit a0e0c7e9894f8c3ff073dbff1a7e77e9a6b2f06b Author: Andrew Bartlett Date: Thu Sep 29 14:53:38 2022 +1300 s4-rpc_server:getncchanges Add "old Samba" mode regarding GET_ANC/GET_TGT This emulates older verions of Samba that fail to implement DRSUAPI_DRS_GET_ANC correctly and totally fails to support DRSUAPI_DRS_GET_TGT. This will allow testing of a client-side fallback, allowing migration from sites that run very old Samba versions over DRSUAPI (currently the only option is to attempt an in-place upgrade). BUG: https://bugzilla.samba.org/show_bug.cgi?id=15189 BUG: https://bugzilla.samba.org/show_bug.cgi?id=15189 Signed-off-by: Andrew Bartlett Reviewed-by: Douglas Bagnall (cherry picked from commit 314bc44fa9b8fc99c80bfcfff71f2cec67bbda36) commit 997b8f8341f27919b0ae24d24680637f14406d54 Author: Andrew Bartlett Date: Thu Sep 29 03:05:03 2022 + selftest: Add tests for GetNCChanges GET_ANC using samba-tool drs clone-dc-database This test, compared with the direct to RPC tests, will succeed, then fail once the server is changed to emulate Samba 4.5 and and again succeed once the python code changes to allow skipping the DRSUAPI_DRS_CRITICAL_ONLY step BUG: https://bugzilla.samba.org/show_bug.cgi?id=15189 BUG: https://bugzilla.samba.org/show_bug.cgi?id=15189 Signed-off-by: Andrew Bartlett Reviewed-by: Douglas Bagnall (cherry picked from commit
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated
via 2f71273a736 s3: smbd: Fix memory leak in
smbd_server_connection_terminate_done().
via 04e54799b2b vfs_gpfs: Protect against timestamps before the Unix
epoch
via 08383bedc3b lib: Map ERANGE to NT_STATUS_INTEGER_OVERFLOW
via 729bbca5e88 vfs_gpfs: Prevent mangling of GPFS timestamps after 2106
from 6a0280d9553 CVE-2021-20251 dsdb/common: Remove transaction logic
from samdb_set_password()
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test
- Log -
commit 2f71273a73673da7d2a12e61cbcc3242b2c9958a
Author: Jeremy Allison
Date: Wed Sep 14 17:05:05 2022 -0700
s3: smbd: Fix memory leak in smbd_server_connection_terminate_done().
The function smbd_server_connection_terminate_done() does not free subreq
which is allocated in smbXsrv_connection_shutdown_send, this can be a
memory leakage if multi-channel is enabled.
Suggested fix by haihua yang
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15174
Signed-off-by: Jeremy Allison
Reviewed-by: Noel Power
Autobuild-User(master): Noel Power
Autobuild-Date(master): Fri Sep 23 09:51:20 UTC 2022 on sn-devel-184
(cherry picked from commit b600b0c8d9690cb5eeded1e5925c8e667c11af04)
Autobuild-User(v4-16-test): Jule Anger
Autobuild-Date(v4-16-test): Wed Sep 28 20:10:04 UTC 2022 on sn-devel-184
commit 04e54799b2bc4666f69106fc7f1236237eae73a9
Author: Volker Lendecke
Date: Mon Aug 22 15:24:01 2022 +0200
vfs_gpfs: Protect against timestamps before the Unix epoch
In addition to b954d181cd2 we should also protect against timestamps
before the epoch.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=15151
Signed-off-by: Volker Lendecke
Reviewed-by: Christof Schmitt
Autobuild-User(master): Volker Lendecke
Autobuild-Date(master): Fri Sep 23 06:50:17 UTC 2022 on sn-devel-184
(cherry picked from commit f6b391e04a4d5974b908f4f375bd2876083aa7b2)
commit 08383bedc3be4807dc2b8fb018790de9e00c5606
Author: Volker Lendecke
Date: Tue Sep 1 13:24:55 2020 +0200
lib: Map ERANGE to NT_STATUS_INTEGER_OVERFLOW
Bug: https://bugzilla.samba.org/show_bug.cgi?id=15151
Signed-off-by: Volker Lendecke
Reviewed-by: Christof Schmitt
Autobuild-User(master): Volker Lendecke
Autobuild-Date(master): Fri Aug 19 12:43:06 UTC 2022 on sn-devel-184
(cherry picked from commit 06f35edaf129ce3195960905d38af73ec12fc716)
(cherry picked from commit e56c18d356bd3419abebd36e1fae39019cabbfaf)
commit 729bbca5e88d9c7bee4fccd2e3c9a8f14b9f8ae7
Author: Volker Lendecke
Date: Mon Aug 31 16:14:14 2020 +0200
vfs_gpfs: Prevent mangling of GPFS timestamps after 2106
gpfs_set_times as of August 2020 stores 32-bit unsigned tv_sec. We
should not silently garble time stamps but reject the attempt to set
an out-of-range timestamp.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=15151
Signed-off-by: Volker Lendecke
Reviewed-by: Christof Schmitt
(cherry picked from commit b954d181cd25d9029d3c222e8d97fe7a3b0b2400)
---
Summary of changes:
source3/lib/errmap_unix.c | 3 +++
source3/modules/vfs_gpfs.c | 43 +--
source3/smbd/smb2_server.c | 1 +
3 files changed, 37 insertions(+), 10 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/lib/errmap_unix.c b/source3/lib/errmap_unix.c
index 73b2f532a06..029efae0f51 100644
--- a/source3/lib/errmap_unix.c
+++ b/source3/lib/errmap_unix.c
@@ -119,6 +119,9 @@ static const struct {
{ EOVERFLOW, NT_STATUS_ALLOTTED_SPACE_EXCEEDED },
#endif
{ EINPROGRESS, NT_STATUS_MORE_PROCESSING_REQUIRED },
+#ifdef ERANGE
+ { ERANGE, NT_STATUS_INTEGER_OVERFLOW },
+#endif
};
/*
diff --git a/source3/modules/vfs_gpfs.c b/source3/modules/vfs_gpfs.c
index 6b084fd79a5..fc6e7a65b27 100644
--- a/source3/modules/vfs_gpfs.c
+++ b/source3/modules/vfs_gpfs.c
@@ -1706,15 +1706,27 @@ static int vfs_gpfs_lstat(struct vfs_handle_struct
*handle,
return ret;
}
-static void timespec_to_gpfs_time(struct timespec ts, gpfs_timestruc_t *gt,
- int idx, int *flags)
+static int timespec_to_gpfs_time(
+ struct timespec ts, gpfs_timestruc_t *gt, int idx, int *flags)
{
- if (!is_omit_timespec()) {
- *flags |= 1 << idx;
- gt[idx].tv_sec = ts.tv_sec;
- gt[idx].tv_nsec = ts.tv_nsec;
- DEBUG(10, ("Setting GPFS time %d, flags 0x%x\n", idx, *flags));
+ if (is_omit_timespec()) {
+ return 0;
}
+
+ if (ts.tv_sec < 0 || ts.tv_sec > UINT32_MAX) {
+ DBG_NOTICE("GPFS uses 32-bit
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated via 6a0280d9553 CVE-2021-20251 dsdb/common: Remove transaction logic from samdb_set_password() via d0cd367da4c s4:rpc_server: Add transaction for dcesrv_samr_SetUserInfo() via f7f1106b2ed s4:rpc_server: Use sam_ctx consistently in dcesrv_samr_SetUserInfo() via c56e2e2e700 s3:rpc_server: Use a done goto label for dcesrv_samr_SetUserInfo() via f78ff75c51f CVE-2021-20251 s4-rpc_server: Extend scope of transaction for ChangePasswordUser3 via 317d36710b5 s3:rpc_server: Use BURN_STR() to zero password via d9a144e8c4e lib:replace: Add macro BURN_STR() to zero memory of a string via 3cab9f6a34e libcli:auth: Keep passwords from convert_string_talloc() secret via a3aebea4893 lib:util: Check memset_s() error code in talloc_keep_secret_destructor() via ae3b615236c CVE-2021-20251 s3: Ensure bad password count atomic updates for SAMR password change via 69abe0c2b0a CVE-2021-20251 s3: ensure bad password count atomic updates via 05447dfb201 CVE-2021-20251 s4:auth_winbind: Check return status of authsam_logon_success_accounting() via 96c24b58b8c CVE-2021-20251 s4-rpc_server: Check badPwdCount update return status via 74d8c3d5843 CVE-2021-20251 s4:kdc: Check badPwdCount update return status via 5eb5daaa152 CVE-2021-20251 s4:kdc: Check return status of authsam_logon_success_accounting() via 29b31129fd3 CVE-2021-20251 s4:kdc: Move logon success accounting code into existing branch via f58d7e42009 CVE-2021-20251 s4:dsdb: Make badPwdCount update atomic via f725f2f2442 CVE-2021-20251 s4:dsdb: Update bad password count inside transaction via 2fe2485b93d CVE-2021-20251 s4-auth: Pass through error code from badPwdCount update via 6a70d006917 CVE-2021-20251 auth4: Avoid reading the database twice by precaculating some variables via dd38fae8c8d CVE-2021-20251 auth4: Inline samdb_result_effective_badPwdCount() in authsam_logon_success_accounting() via 0d6da5250be CVE-2021-20251 auth4: Split authsam_calculate_lastlogon_sync_interval() out via 6b826a375a1 CVE-2021-20251 auth4: Return only the result message and free the surrounding result via a9aae34d5a9 CVE-2021-20251 auth4: Add missing newline to debug message on PSO read failure via 79f791ff0eb CVE-2021-20251 s4 auth: make bad password count increment atomic via a1a440c1014 CVE-2021-20251 auth4: Detect ACCOUNT_LOCKED_OUT error for password change via 8580b90a87b CVE-2021-20251 s4 auth test: Unit tests for source4/auth/sam.c via 9dcf447d822 CVE-2021-20251 auth4: Reread the user record if a bad password is noticed. via 831335d CVE-2021-20251 s4 auth: Prepare to make bad password count increment atomic via 740c4c2b953 CVE-2021-20251 auth4: split samdb_result_msds_LockoutObservationWindow() out via bc30ca2117c CVE-2021-20251 s4-rpc_server: Use authsam_search_account() to find the user via 0e3ac110df7 CVE-2021-20251 tests/krb5: Convert password lockout tests to use os.fork() and os.pipe() via 63020bf13c0 CVE-2021-20251 tests/krb5: Add tests for password lockout race via b7351888e82 CVE-2021-20251 lib:crypto: Add md4_hash_blob() for hashing data with MD4 via 3542483de3f CVE-2021-20251 lib:crypto: Add des_crypt_blob_16() for encrypting data with DES via f0c44d9e53d CVE-2021-20251 tests/krb5: Add PasswordKey_from_creds() via d41566d1bd0 third_party: Update socket_wrapper to version 1.3.4 from 1b4f98ef870 VERSION: Bump version up to Samba 4.16.5... https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test - Log - commit 6a0280d9553db535601c71c1be475f85949d5b83 Author: Joseph Sutton Date: Tue Aug 2 14:40:01 2022 +1200 CVE-2021-20251 dsdb/common: Remove transaction logic from samdb_set_password() All of its callers, where necessary, take out a transaction covering the entire password set or change operation, so a transaction is no longer needed here. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611 Signed-off-by: Joseph Sutton Reviewed-by: Andreas Schneider Reviewed-by: Andrew Bartlett (cherry picked from commit 7981cba87e3a7256b12bfc5fdd89b136c12979ff) Autobuild-User(v4-16-test): Jule Anger Autobuild-Date(v4-16-test): Sun Sep 18 17:46:29 UTC 2022 on sn-devel-184 commit d0cd367da4c9a7041541315aa104309c6cb28e05 Author: Andreas Schneider Date: Tue Jul 26 11:04:29 2022 +0200 s4:rpc_server: Add transaction for dcesrv_samr_SetUserInfo() Signed-off-by: Andreas Schneider Reviewed-by: Stefan Metzmacher (cherry picked from commit 1aa403517ffc0d43df72ddc9fa2ce86ab5c33873) commit f7f1106b2edafc25ddd9c6f98b04c048e1c85dd4 Author: Andreas Schneider Date: Tue
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated
via 1761ad3dff2 smbd: check for streams support in unix_convert()
via 7c83b7788ec smbd: return NT_STATUS_OBJECT_NAME_INVALID if a share
doesn't support streams
via b807f3624d1 smbtorture: add a test trying to create a stream on
share without streams support
via bc81ebe3e39 smbd: implement access checks for SMB2-GETINFO as per
MS-SMB2 3.3.5.20.1
via 6e091cc59ac smbtorture: check required access for SMB2-GETINFO
via d89294ecfc7 s4/libcli/smb2: avoid using
smb2_composite_setpathinfo() in smb2_util_setatr()
via 1d244421838 smbd: directly pass fsp to SMB_VFS_FGETXATTR() in
fget_ea_dos_attribute()
via 5a9aa7aa84e smbd: add and use vfs_fget_dos_attributes()
via 3d54c1b6ebc smbtorture: add test smb2.stream.attributes2
via 6ee18ad9eaf smbtorture: rename smb2.streams.attributes to
smb2.streams.attributes1
via a13748d2427 vfs_default: assert all passed in fsp's and names are
non-stream type
via e661087a9e2 vfs_streams_xattr: restrict which fcntl's are allowed
on streams
via 06b5438132e smbd: skip access checks for stat-opens on streams in
open_file()
via 2ae309348ad smbd: use metadata_fsp() in get_acl_group_bits()
via 8d0581a8ab1 smbd: ignore request to set the SPARSE attribute on
streams
via 39129be4fef smbd: use metadata_fsp() with
SMB_VFS_FSET_DOS_ATTRIBUTES()
via eab9c65b075 smbd: use metadata_fsp() with
SMB_VFS_FGET_DOS_ATTRIBUTES()
via 11947a8e59a smbd: use metadata_fsp() with SMB_VFS_FSET_NT_ACL()
via 9823e919994 smbd: use metadata_fsp() with SMB_VFS_FGET_NT_ACL()
via 3e6566222c9 CI: add a test trying to delete a stream on a pathref
("stat open") handle
via 00ce839865c vfs_xattr_tdb: add "xattr_tdb:ignore_user_xattr" option
via 6d66f432297 vfs_xattr_tdb: add a module config
via b83ff1252ed vfs_xattr_tdb: move close_xattr_db()
via 56ab8361573 smdb: use fsp_is_alternate_stream() in open_file()
via 20a425fcde0 smbd: Introduce metadata_fsp()
via 3160ff28e87 smbd: Introduce fsp_is_alternate_stream()
from df7d6f0c486 lib:replace: Only include on non-Linux
systems
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test
- Log -
commit 1761ad3dff2e887593a06a9d9d47828427133bfd
Author: Ralph Boehme
Date: Thu Sep 1 18:55:52 2022 +0200
smbd: check for streams support in unix_convert()
Fixes a regression introduced by the fixes for bug 15126 where we crash in
vfs_default in vfswrap_stat():
assert failed: !is_named_stream(smb_fname)
The frontend calls into the VFS from build_stream_path() with a stream path
without checking if the share supports streams.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15161
Signed-off-by: Ralph Boehme
Reviewed-by: Volker Lendecke
[s...@samba.org: change from master adapted for unix_convert()]
Autobuild-User(v4-16-test): Jule Anger
Autobuild-Date(v4-16-test): Tue Sep 6 08:49:51 UTC 2022 on sn-devel-184
commit 7c83b7788ec022551a2fd9381a1a5ff8e4adf5bc
Author: Ralph Boehme
Date: Fri Sep 2 12:09:53 2022 +0200
smbd: return NT_STATUS_OBJECT_NAME_INVALID if a share doesn't support
streams
This is what a Windows server returns. Tested with a share residing on a FAT
formatted drive, a Windows filesystem that doesn't support streams.
Combinations tested:
file::$DATA
file:stream
file:stream:$DATA
All three fail with NT_STATUS_OBJECT_NAME_INVALID.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15161
Signed-off-by: Ralph Boehme
Reviewed-by: Volker Lendecke
(cherry picked from commit 201e1969bf31af07e8bd52876ff7f4d72b48a848)
commit b807f3624d1f720ad3d60c7ee51a69d89183633f
Author: Ralph Boehme
Date: Thu Sep 1 18:55:23 2022 +0200
smbtorture: add a test trying to create a stream on share without streams
support
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15161
Signed-off-by: Ralph Boehme
Reviewed-by: Volker Lendecke
(backported from commit 3dcdab86f13fabb7a8c6ce71c59a565287d11244)
[s...@samba.org: context changes from different tests]
commit bc81ebe3e393767c4275c6fb5a50599b00f858c4
Author: Ralph Boehme
Date: Sun Aug 14 18:46:24 2022 +0200
smbd: implement access checks for SMB2-GETINFO as per MS-SMB2 3.3.5.20.1
The spec lists the following as requiring special access:
- for requiring FILE_READ_ATTRIBUTES:
FileBasicInformation
FileAllInformation
FileNetworkOpenInformation
FileAttributeTagInformation
- for requiring
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated via df7d6f0c486 lib:replace: Only include on non-Linux systems via ce464a83c76 s3: smbd: Plumb close_type parameter through close_file_in_loop(), file_close_conn() via a5cf33d4041 s3: smbd: Add "enum file_close_type close_type" parameter to file_close_conn(). via 706c64c6f0e s3: smbd: Add "enum file_close_type close_type" parameter to close_cnum(). via d1bc0d0b51b s3/smbd: Use after free when iterating smbd_server_connection->connections via 56e1a9fc623 s3/smbd: Use after free when iterating smbd_server_connection->connections via 9cb40437278 s3:smbd: only clear LEASE_READ if there's no read lease is left via b910d9f6e00 s4:torture/smb2: add smb2.lease.v[1,2]_bug_15148 via 19f285e0809 s3:smbd: share_mode_flags_set() takes SMB2_LEASE_* values via f6afc5b35e7 libcli/smb: Set error status if 'iov' pointer is NULL via f33ad1c1725 libcli/smb: Ensure we call tevent_req_nterror() on failure from b75b5f60ba3 s3/util/py_net.c: fix samba-tool domain join segfault https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test - Log - commit df7d6f0c48612feea428643006d32c2292c662e2 Author: Andreas Schneider Date: Tue Aug 2 07:55:46 2022 +0200 lib:replace: Only include on non-Linux systems Details at: https://sourceware.org/glibc/wiki/Release/2.36#Usage_of_.3Clinux.2Fmount.h.3E_and_.3Csys.2Fmount.h.3E BUG: https://bugzilla.samba.org/show_bug.cgi?id=15132 Signed-off-by: Andreas Schneider Reviewed-by: Ralph Boehme (cherry picked from commit 766151bf5b7ef95ae4c8c98b8994e5c21c5bbec0) Autobuild-User(v4-16-test): Jule Anger Autobuild-Date(v4-16-test): Tue Aug 23 08:53:41 UTC 2022 on sn-devel-184 commit ce464a83c76ce612171f3df4933058695210915e Author: Jeremy Allison Date: Wed Aug 17 11:43:47 2022 -0700 s3: smbd: Plumb close_type parameter through close_file_in_loop(), file_close_conn() Allows close_file_in_loop() to differentiate between SHUTDOWN_CLOSE (previously it only used this close type) and ERROR_CLOSE - called on error from smbXsrv_tcon_disconnect() in the error path. In that case we want to close the fd, but not run any delete-on-close actions. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15128 Signed-off-by: Jeremy Allison Reivewed-by: Noel Power Autobuild-User(master): Noel Power Autobuild-Date(master): Thu Aug 18 14:10:18 UTC 2022 on sn-devel-184 (cherry picked from commit cf5f7b1489930f6d64c3e3512f116ccf286d4605) commit a5cf33d4041d44f1f8a80563b81f3bc6893bc7ce Author: Jeremy Allison Date: Wed Aug 17 11:39:36 2022 -0700 s3: smbd: Add "enum file_close_type close_type" parameter to file_close_conn(). Not yet used. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15128 Signed-off-by: Jeremy Allison Reviewed-by: Noel Power (cherry picked from commit 7005a6354df5522d9f665fb30052c458dfc93124) [npo...@samba.org Adjusted for 4.15 filename change smb2-service.c -> service.c] commit 706c64c6f0ee8cca24715cf4d591ed504432ce0f Author: Jeremy Allison Date: Wed Aug 17 11:35:29 2022 -0700 s3: smbd: Add "enum file_close_type close_type" parameter to close_cnum(). Not yet used, but needed so we can differentiate between SHUTDOWN_CLOSE and ERROR_CLOSE in smbXsrv_tcon_disconnect() if we fail to chdir. In that case we want to close the fd, but not run any delete-on-close actions. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15128 Signed-off-by: Jeremy Allison Reviewed-by: Noel Power (cherry picked from commit 9203d17106c0e55a30813ff1ed76869c7581a343) [npo...@samba.org Adjusted for 4.15 filename change smb2-service.c -> service.c] commit d1bc0d0b51bb8145c4d1597a39f72d85b28f8b35 Author: Jeremy Allison Date: Fri Jul 22 16:28:03 2022 +0100 s3/smbd: Use after free when iterating smbd_server_connection->connections Change conn_free() to just use a destructor. We now catch any other places where we may have forgetten to call conn_free() - it's implicit on talloc_free(conn). BUG: https://bugzilla.samba.org/show_bug.cgi?id=15128 Based on code from Noel Power . Signed-off-by: Jeremy Allison Reviewed-by: Noel Power Autobuild-User(master): Noel Power Autobuild-Date(master): Wed Aug 17 09:54:06 UTC 2022 on sn-devel-184 (cherry picked from commit f92bacbe216d2d74ea3ccf3fe0df5c1cc9860996) commit 56e1a9fc623ae184fefcf3214a6b1801b37e5fff Author: Jeremy Allison Date: Tue Aug 16 13:51:27 2022 -0700 s3/smbd: Use after free when iterating smbd_server_connection->connections In SMB2 smbd_smb2_tree_connect() we create a new conn struct inside make_connection_smb2()
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated
via b75b5f60ba3 s3/util/py_net.c: fix samba-tool domain join
segfault
from 529e86163a3 s3:rpcclient: Goto done in cmd_samr_setuserinfo_int()
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test
- Log -
commit b75b5f60ba35be279761bec9a0c3b4efa2c86625
Author: Michael Tokarev
Date: Tue May 24 16:25:41 2022 +0300
s3/util/py_net.c: fix samba-tool domain join segfault
We process python args using PyArg_ParseTupleAndKeywords(), and use "p"
type modifier there. According to documentation, this type modifier,
while works for a boolean type, expects an argument of type int. But in
py_net_join_member() and py_net_leave() we use argument of type uint8_t
(no_dns_update, keep_account, r->in.debug). So when
PyArg_ParseTupleAndKeywords()
tries to assign a value to _dns_update, it updates subsequent, unrelated
bytes
too, - which ones depends on the stack and structure layout used by the
compiler.
Fix this by using int type for all relevant variables, and by introducing
proxy
variable "debug" (of the same type) for r->in.debug.
While at it, also ensure all variables have sensible default values.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15078
Signed-off-by: Michael Tokarev
Reviewed-by: Alexander Bokovoy
Reviewed-by: Andreas Schneider
Autobuild-User(master): Andreas Schneider
Autobuild-Date(master): Wed May 25 06:19:32 UTC 2022 on sn-devel-184
(backported from commit 976326fa2b6423ac5866af682605cf7584e4991a,
cherry-pick -x with BUG: line added)
Autobuild-User(v4-16-test): Jule Anger
Autobuild-Date(v4-16-test): Mon Aug 8 10:32:22 UTC 2022 on sn-devel-184
---
Summary of changes:
source3/utils/py_net.c | 10 ++
1 file changed, 6 insertions(+), 4 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/utils/py_net.c b/source3/utils/py_net.c
index 0d774bcb805..6f20fdb0890 100644
--- a/source3/utils/py_net.c
+++ b/source3/utils/py_net.c
@@ -68,7 +68,7 @@ static PyObject *py_net_join_member(py_net_Object *self,
PyObject *args, PyObjec
WERROR werr;
PyObject *result;
TALLOC_CTX *mem_ctx;
- uint8_t no_dns_updates;
+ int no_dns_updates = false, debug = false;
bool modify_config = lp_config_backend_is_registry();
const char *kwnames[] = { "dnshostname", "createupn", "createcomputer",
"osName", "osVer", "osServicePack",
@@ -97,7 +97,7 @@ static PyObject *py_net_join_member(py_net_Object *self,
PyObject *args, PyObjec
>in.os_version,
>in.os_servicepack,
>in.machine_password,
->in.debug,
+,
_dns_updates)) {
talloc_free(mem_ctx);
PyErr_FromString(_("Invalid arguments\n"));
@@ -126,6 +126,7 @@ static PyObject *py_net_join_member(py_net_Object *self,
PyObject *args, PyObjec
WKSSVC_JOIN_FLAGS_ACCOUNT_CREATE |
WKSSVC_JOIN_FLAGS_DOMAIN_JOIN_IF_JOINED;
r->in.msg_ctx =
cmdline_messaging_context(get_dyn_CONFIGFILE());
+ r->in.debug = debug;
c->opt_user_name = r->in.admin_account;
c->opt_password = r->in.admin_password;
c->opt_kerberos = r->in.use_kerberos;
@@ -184,7 +185,7 @@ static PyObject *py_net_leave(py_net_Object *self, PyObject
*args, PyObject *kwa
struct libnet_UnjoinCtx *r = NULL;
WERROR werr;
TALLOC_CTX *mem_ctx;
- bool keep_account = false;
+ int keep_account = false, debug = false;
const char *kwnames[] = { "keepAccount", "debug", NULL };
mem_ctx = talloc_new(self->mem_ctx);
@@ -207,7 +208,7 @@ static PyObject *py_net_leave(py_net_Object *self, PyObject
*args, PyObject *kwa
if (!PyArg_ParseTupleAndKeywords(args, kwargs, "|pp:Leave",
discard_const_p(char *, kwnames),
-_account, >in.debug)) {
+_account, )) {
talloc_free(mem_ctx);
PyErr_FromString(_("Invalid arguments\n"));
return NULL;
@@ -219,6 +220,7 @@ static PyObject *py_net_leave(py_net_Object *self, PyObject
*args, PyObject *kwa
r->in.admin_account = cli_credentials_get_username(self->creds);
r->in.admin_password= cli_credentials_get_password(self->creds);
r->in.modify_config = lp_config_backend_is_registry();
+ r->in.debug = debug;
/*
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated via 529e86163a3 s3:rpcclient: Goto done in cmd_samr_setuserinfo_int() via e10ce26dcbd mdssvc: return all-zero policy handle if spotlight is disabled via 5598ddaaf46 CI: fix check for correct mdsvc resonse when connecting to a share with Spotlight disabled via 5fd138ad809 mdssvc: convert mds_init_ctx() to return NTSTATUS from ae0977177bd VERSION: Bump version up to Samba 4.16.5... https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test - Log - commit 529e86163a34845502e89f56801be476ec35348c Author: Andreas Schneider Date: Thu Aug 19 12:09:28 2021 +0200 s3:rpcclient: Goto done in cmd_samr_setuserinfo_int() We need to free the frame or we will run into: smb_panic (why=0x7fa8c511aa88 "Frame not freed in order.") BUG: https://bugzilla.samba.org/show_bug.cgi?id=15124 Signed-off-by: Andreas Schneider Reviewed-by: Jeremy Allison (cherry picked from commit 2b32d932223e61935fc530eff1c05034ff817e21) Autobuild-User(v4-16-test): Jule Anger Autobuild-Date(v4-16-test): Sun Jul 31 19:14:59 UTC 2022 on sn-devel-184 commit e10ce26dcbd7fd61780366e8a3daee5b7f69e881 Author: Ralph Boehme Date: Wed May 25 17:37:22 2022 +0200 mdssvc: return all-zero policy handle if spotlight is disabled A Mac SMB server returns an all zero handle and an empty path if Spotlight is disabled on a share. We must return the exact same error return in order to trigger client-side searching. Bug: https://bugzilla.samba.org/show_bug.cgi?id=15086 pcap: https://www.samba.org/~slow/pcaps/mac-bigsur-smbserver-spotlight-disabled.pcapng.gz Signed-off-by: Ralph Boehme Reviewed-by: Noel Power Autobuild-User(master): Noel Power Autobuild-Date(master): Tue Jul 12 15:42:52 UTC 2022 on sn-devel-184 (cherry picked from commit 23e6e50c0f82b997dea4a67069f65252045514c0) commit 5598ddaaf46cd810980c2e5a2d5729a8ce17d4d4 Author: Ralph Boehme Date: Tue Jun 7 09:52:53 2022 +0200 CI: fix check for correct mdsvc resonse when connecting to a share with Spotlight disabled A Mac SMB server returns an all zero handle and an empty path if Spotlight is disabled on a share. We must return the exact same error return in order to trigger client-side searching. Bug: https://bugzilla.samba.org/show_bug.cgi?id=15086 pcap: https://www.samba.org/~slow/pcaps/mac-bigsur-smbserver-spotlight-disabled.pcapng.gz Signed-off-by: Ralph Boehme Reviewed-by: Noel Power (backported from commit 8e997bd6e9250499fd8e569d708edc29e304a0e8) [s...@samba.org: conflicts in tests.py caused by unrelated tests] commit 5fd138ad8096d4bd4bab99fdf184a4ef07b5f3aa Author: Ralph Boehme Date: Wed May 25 17:26:29 2022 +0200 mdssvc: convert mds_init_ctx() to return NTSTATUS No change in behavour. In preperation for returning a special error to signal the caller that spotlight is disabled for a share. Bug: https://bugzilla.samba.org/show_bug.cgi?id=15086 Signed-off-by: Ralph Boehme Reviewed-by: Noel Power (cherry picked from commit 72468166b250de26747071cbbf3613c016ebfd42) --- Summary of changes: source3/rpc_server/mdssvc/mdssvc.c| 40 --- source3/rpc_server/mdssvc/mdssvc.h| 15 ++-- source3/rpc_server/mdssvc/srv_mdssvc_nt.c | 28 ++ source3/rpcclient/cmd_samr.c | 22 ++--- source3/selftest/tests.py | 2 +- source4/torture/rpc/mdssvc.c | 17 +++-- 6 files changed, 75 insertions(+), 49 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/rpc_server/mdssvc/mdssvc.c b/source3/rpc_server/mdssvc/mdssvc.c index 956e097eaf4..a4b082b3274 100644 --- a/source3/rpc_server/mdssvc/mdssvc.c +++ b/source3/rpc_server/mdssvc/mdssvc.c @@ -1585,13 +1585,14 @@ static int mds_ctx_destructor_cb(struct mds_ctx *mds_ctx) * This ends up being called for every tcon, because the client does a * RPC bind for every tcon, so this is acually a per tcon context. **/ -struct mds_ctx *mds_init_ctx(TALLOC_CTX *mem_ctx, -struct tevent_context *ev, -struct messaging_context *msg_ctx, -struct auth_session_info *session_info, -int snum, -const char *sharename, -const char *path) +NTSTATUS mds_init_ctx(TALLOC_CTX *mem_ctx, + struct tevent_context *ev, + struct messaging_context *msg_ctx, + struct auth_session_info *session_info, + int snum, + const char *sharename, +
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated via ae0977177bd VERSION: Bump version up to Samba 4.16.5... via 9618af1b66a VERSION: Disable GIT_SNAPSHOT for the 4.16.4 release. via b0ad1276b5e WHATSNEW: Add release notes for Samba 4.16.4. via 74946420dd5 CVE-2022-32742: s3: smbd: Harden the smbreq_bufrem() macro. via ed3f82f4d70 CVE-2022-32742: s4: torture: Add raw.write.bad-write test. via e650b41ff90 CVE-2022-2031 testprogs: Add test for short-lived ticket across an incoming trust via a46dd2846f3 CVE-2022-2031 s4:kpasswd: Do not accept TGTs as kpasswd tickets via 8c0f421852d CVE-2022-2031 s4:auth: Use PAC to determine whether ticket is a TGT via 9895018b64c CVE-2022-2031 auth: Add ticket type field to auth_user_info_dc and auth_session_info via ff66f68a11c CVE-2022-2031 tests/krb5: Add test that we cannot provide a TGT to kpasswd via 7ee246ef9ca CVE-2022-32744 s4:kpasswd: Ensure we pass the kpasswd server principal into krb5_rd_req_ctx() via c9e1949fa8e CVE-2022-32744 s4:kdc: Modify HDB plugin to only look up kpasswd principal via fa198ce28f8 s4:kdc: Remove kadmin mode from HDB plugin via d03021791b8 CVE-2022-32744 s4:kdc: Rename keytab_name -> kpasswd_keytab_name via 0cb4100d16d CVE-2022-2031 s4:kdc: Don't use strncmp to compare principal components via 1f54e16cf1d CVE-2022-2031 tests/krb5: Test truncated forms of server principals via 8d8ffbfc7b5 CVE-2022-32744 s4:kdc: Don't allow HDB keytab iteration via 90e53b8eae9 CVE-2022-2031 s4:kdc: Reject tickets during the last two minutes of their life via b77fb6e636c CVE-2022-2031 third_party/heimdal: Add function to get current KDC time via f70ada5eb45 CVE-2022-2031 s4:kdc: Limit kpasswd ticket lifetime to two minutes or less via fb7391ca60e CVE-2022-2031 s4:kdc: Fix canonicalisation of kadmin/changepw principal via 2b63f021e59 CVE-2022-2031 s4:kdc: Refactor samba_kdc_get_entry_principal() via 9022a69aebf CVE-2022-2031 s4:kdc: Split out a samba_kdc_get_entry_principal() function via ada799129eb CVE-2022-2031 s4:kdc: Implement is_kadmin_changepw() helper function via 4aafa72991c CVE-2022-2031 testprogs: Add kadmin/changepw canonicalization test with MIT kpasswd via 3761a6e8713 CVE-2022-2031 testprogs: Fix auth with smbclient and krb5 ccache via 59d656406f5 s4:kpasswd: Restructure code for clarity via b8d97f5bd55 CVE-2022-2031 s4:kpasswd: Require an initial ticket via eade23880ec CVE-2022-2031 gensec_krb5: Add helper function to check if client sent an initial ticket via 393c18b53ec CVE-2022-2031 s4:kpasswd: Return a kpasswd error code in KRB-ERROR via 99bbd95a1d6 CVE-2022-2031 lib:krb5_wrap: Generate valid error codes in smb_krb5_mk_error() via 63d6af6ed70 CVE-2022-2031 s4:kpasswd: Don't return AP-REP on failure via 705e7ff46d6 CVE-2022-2031 s4:kpasswd: Correctly generate error strings via 8a4f07c2ca2 CVE-2022-2031 tests/krb5: Add tests for kpasswd service via 4af92867274 CVE-2022-32744 selftest: Specify Administrator kvno for Python krb5 tests via c84eb0e6736 CVE-2022-2031 tests/krb5: Add kpasswd_exchange() method via 06c7f3d3f67 CVE-2022-2031 tests/krb5: Allow requesting a TGT to a different sname and realm via 3e52255fd16 tests/krb5: Add option for creating accounts with expired passwords via a907564b698 tests/krb5: Fix enum typo via 5f32710d678 CVE-2022-2031 tests/krb5: Add methods to send and receive generic messages via 82bfffcdc3c CVE-2022-2031 tests/krb5: Add 'port' parameter to connect() via 7cc2b1ac553 CVE-2022-2031 tests/krb5: Add methods to create ASN1 kpasswd structures via a0efc5bc0ae CVE-2022-2031 tests/krb5: Add new definitions for kpasswd via 7c9faf1aacc CVE-2022-32744 tests/krb5: Correctly calculate salt for pre-existing accounts via 3034c1933c2 CVE-2022-2031 tests/krb5: Split out _make_tgs_request() via af53dbec65c CVE-2022-32744 tests/krb5: Correctly handle specifying account kvno via 3bd5df466cb CVE-2022-2031 s4:kpasswd: Add MIT fallback for decoding setpw structure via f706dcd5ddc CVE-2022-2031 s4:kpasswd: Account for missing target principal via 52b953bfc18 CVE-2022-2031 third_party/heimdal: Check generate_pac() return code via 628534b4dcf CVE-2022-2031 s4:kdc: Add MIT support for ATTRIBUTES_INFO and REQUESTER_SID PAC buffers via 06444c0d4ea selftest: Simplify krb5 test environments via 191adf2cf38 tests/krb5: Add helper function to modify ticket flags via 23f770ed910 s4:kdc: Also cannoicalize krbtgt principals when enforcing canonicalization via e0d25e172c4 CVE-2022-32745 s4/dsdb/util: Correctly copy values into message element via 701aef133fd CVE-2022-32745
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated via 89b914b3c51 s3:winbind: Use the canonical realm name to renew the credentials via e388fe2b701 s3:winbind: Create service principal inside add_ccache_to_list() via c5569b4f7a5 rpc_server3: Initialize mangle_fns in classic and spoolss via 17451c5a17a third_party/heimdal: Fix build with gcc version 12.1 via 3537ef5acbb replace: Check for -Wuse-after-free via 52ac4ce2326 nfs4_acls: Correctly skip chown when gid did not change from a708af36656 s3:libads: Check if we have a valid sockaddr https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test - Log - commit 89b914b3c515f4fc91f8870031c359652ebb77a7 Author: Samuel Cabrero Date: Thu Jul 7 11:32:39 2022 +0200 s3:winbind: Use the canonical realm name to renew the credentials Consider the following AD topology where all trusts are parent-child trusts: ADOM.AFOREST.AD | ACHILD.ADOM.AFOREST.AD | AGRANDCHILD.ACHILD.ADOM.AFOREST.AD <-- Samba joined When logging into the Samba machine using pam_winbind with kerberos enabled with user ACHILD\user1, the ccache content is: Default principal: us...@achild.adom.aforest.ad Valid starting Expires Service principal 07/06/2022 16:09:23 07/06/2022 16:14:23 krbtgt/achild.adom.aforest...@achild.adom.aforest.ad renew until 07/13/2022 16:09:23 --> 07/06/2022 16:09:23 07/06/2022 16:14:23 krbtgt/agrandchild.achild.adom.aforest...@achild.adom.aforest.ad <-- NOTE this TGT ticket renew until 07/13/2022 16:09:23 07/06/2022 16:09:23 07/06/2022 16:14:23 SAMBA$@AGRANDCHILD.ACHILD.ADOM.AFOREST.AD renew until 07/13/2022 16:09:23 But when logging in with user ADOM\user1, the ccache content is: Default principal: us...@adom.aforest.ad Valid starting Expires Service principal 07/06/2022 16:04:37 07/06/2022 16:09:37 krbtgt/adom.aforest...@adom.aforest.ad renew until 07/13/2022 16:04:37 07/06/2022 16:04:37 07/06/2022 16:09:37 SAMBA$@AGRANDCHILD.ACHILD.ADOM.AFOREST.AD renew until 07/13/2022 16:04:37 MIT does not store the intermediate TGTs when there is more than one hop: ads_krb5_cli_get_ticket: Getting ticket for service [SAMBA$@AGRANDCHILD.ACHILD.ADOM.AFOREST.AD] using creds from [FILE:/tmp/krb5cc_11105] and impersonating [(null)] Getting credentials us...@adom.aforest.ad -> SAMBA$@AGRANDCHILD.ACHILD.ADOM.AFOREST.AD using ccache FILE:/tmp/krb5cc_11105 Starting with TGT for client realm: us...@adom.aforest.ad -> krbtgt/adom.aforest...@adom.aforest.ad Requesting TGT krbtgt/agrandchild.achild.adom.aforest...@adom.aforest.ad using TGT krbtgt/adom.aforest...@adom.aforest.ad Sending request to ADOM.AFOREST.AD Received answer from stream 192.168.101.32:88 TGS reply is for us...@adom.aforest.ad -> krbtgt/achild.adom.aforest...@adom.aforest.ad with session key rc4-hmac/D88B --> Received TGT for offpath realm ACHILD.ADOM.AFOREST.AD <-- NOTE this TGT ticket is not stored Requesting TGT krbtgt/agrandchild.achild.adom.aforest...@achild.adom.aforest.ad using TGT krbtgt/achild.adom.aforest...@adom.aforest.ad Sending request (1748 bytes) to ACHILD.ADOM.AFOREST.AD Received answer (1628 bytes) from stream 192.168.101.33:88 TGS reply is for us...@adom.aforest.ad -> krbtgt/agrandchild.achild.adom.aforest...@achild.adom.aforest.ad with session key rc4-hmac/D015 --> Received TGT for service realm: krbtgt/agrandchild.achild.adom.aforest...@achild.adom.aforest.ad <-- NOTE this TGT is not stored Requesting tickets for SAMBA$@AGRANDCHILD.ACHILD.ADOM.AFOREST.AD, referrals on Sending request (1721 bytes) to AGRANDCHILD.ACHILD.ADOM.AFOREST.AD Received answer (1647 bytes) from stream 192.168.101.34:88 TGS reply is for us...@adom.aforest.ad -> SAMBA$@AGRANDCHILD.ACHILD.ADOM.AFOREST.AD with session key aes256-cts/345A Received creds for desired service SAMBA$@AGRANDCHILD.ACHILD.ADOM.AFOREST.AD Storing us...@adom.aforest.ad -> SAMBA$@AGRANDCHILD.ACHILD.ADOM.AFOREST.AD in FILE:/tmp/krb5cc_11105 In the case of ACHILD\user1: ads_krb5_cli_get_ticket: Getting ticket for service [SAMBA$@AGRANDCHILD.ACHILD.ADOM.AFOREST.AD] using creds from [FILE:/tmp/krb5cc_2000] and impersonating [(null)] Getting credentials us...@achild.adom.aforest.ad -> SAMBA$@AGRANDCHILD.ACHILD.ADOM.AFOREST.AD using ccache FILE:/tmp/krb5cc_2000 Starting with TGT for client realm: us...@achild.adom.aforest.ad ->
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated
via a708af36656 s3:libads: Check if we have a valid sockaddr
via 42edafd3ed7 s4:libads: Fix trailing whitespaces in ldap.c
via 54ad51cd3cc smbd: Make non_widelink_open() robust for non-cwd dirfsp
via cce25171f7e s3:printing: Do not clear the printer-list.tdb
from becccbae321 s3:waf: Fix version number of public libsmbconf
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test
- Log -
commit a708af36656329e0ca39f6f8ab355ea965707bdf
Author: Andreas Schneider
Date: Wed Jun 22 20:54:15 2022 +0200
s3:libads: Check if we have a valid sockaddr
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15106
Signed-off-by: Andreas Schneider
Reviewed-by: Jeremy Allison
(cherry picked from commit fbf134c8d9e2fe0615824eee6ae7ccdbef4b59dc)
Autobuild-User(v4-16-test): Jule Anger
Autobuild-Date(v4-16-test): Mon Jul 11 11:33:49 UTC 2022 on sn-devel-184
commit 42edafd3ed7a99f9a18d1612ea7525b11c43356d
Author: Andreas Schneider
Date: Wed Jun 22 20:53:42 2022 +0200
s4:libads: Fix trailing whitespaces in ldap.c
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15106
Signed-off-by: Andreas Schneider
Reviewed-by: Jeremy Allison
(cherry picked from commit d96a6cafe558eedc0419affc784049f915d0a6a2)
commit 54ad51cd3cc87bc77789821592b50aa1c3d0133c
Author: Volker Lendecke
Date: Wed Mar 9 12:58:40 2022 +0100
smbd: Make non_widelink_open() robust for non-cwd dirfsp
If you pass in dirfsp!=conn->cwd_fsp and a stream fsp, we don't chdir
to the parent pathname, and thus we also don't overwrite
fsp->base_fsp.
fsp->base_fsp!=NULL is thus the wrong condition to restore the
original base fsp name: If we open a stream with a non-cwd_fsp dirfsp,
we would overwrite fsp->base_fsp->fsp_name with NULL.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15105
Signed-off-by: Volker Lendecke
Reviewed-by: Jeremy Allison
(cherry picked from commit 280e9191cbf8a766e69ab138450f2beccbedd879)
commit cce25171f7e24ce39693677c9edcdc584f8d9db4
Author: Andreas Schneider
Date: Wed Jun 22 18:56:26 2022 +0200
s3:printing: Do not clear the printer-list.tdb
With the new dcerpc architecture we need to keep printer-list.tdb
around. A spoolss dcerpc call will start rpc-spoolssd which will then
start the background queue process. However in order to enum the
printers we need have a printer-list.tdb. Depending on the number of
printers this task can take several seconds. It is unlinkly that
the printer-list will change all the time, so we might provide outdated
data till it gets refreshed, but this is better than providing no
printer list at all.
If there are a lot of printers, the idle_seconds for the rpc-spoolssd
should be increased so that the background task can finish.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15082
Signed-off-by: Andreas Schneider
Reviewed-by: Jeremy Allison
(cherry picked from commit 9080cd30d517cb50954e440bb4475c2eeb678906)
---
Summary of changes:
source3/libads/ldap.c | 164 ++--
source3/printing/printer_list.c | 41 --
source3/printing/printer_list.h | 2 -
source3/printing/printing.c | 4 -
source3/smbd/open.c | 3 +-
5 files changed, 106 insertions(+), 108 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c
index 6caeebe6037..f1a1e036050 100755
--- a/source3/libads/ldap.c
+++ b/source3/libads/ldap.c
@@ -1,4 +1,4 @@
-/*
+/*
Unix SMB/CIFS implementation.
ads (active directory) utility library
Copyright (C) Andrew Tridgell 2001
@@ -41,7 +41,7 @@
*
* The routines contained here should do the necessary ldap calls for
* ads setups.
- *
+ *
* Important note: attribute names passed into ads_ routines must
* already be in UTF-8 format. We do not convert them because in almost
* all cases, they are just ascii (which is represented with the same
@@ -243,7 +243,7 @@ bool ads_closest_dc(ADS_STRUCT *ads)
return True;
}
- DEBUG(10,("ads_closest_dc: %s is not the closest DC\n",
+ DEBUG(10,("ads_closest_dc: %s is not the closest DC\n",
ads->config.ldap_server_name));
return False;
@@ -269,7 +269,7 @@ static bool ads_try_connect(ADS_STRUCT *ads, bool gc,
print_sockaddr(addr, sizeof(addr), ss);
- DEBUG(5,("ads_try_connect: sending CLDAP request to %s (realm: %s)\n",
+ DEBUG(5,("ads_try_connect: sending CLDAP request to %s (realm: %s)\n",
addr, ads->server.realm));
ZERO_STRUCT( cldap_reply );
@@ -357,6 +357,10 @@ static NTSTATUS
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated
via becccbae321 s3:waf: Fix version number of public libsmbconf
from 58bdf100b2b s3: VFS: streams_xattr: Add the same accommodation to
streams_xattr_unlinkat() as used in streams_xattr_renameat().
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test
- Log -
commit becccbae321afe9b4223781512a682100bd88e31
Author: Andreas Schneider
Date: Fri Jun 24 09:36:27 2022 +0200
s3:waf: Fix version number of public libsmbconf
Error: ldconfig: /lib64/libsmbconf.so.0 is not a symbolic link
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15108
Signed-off-by: Andreas Schneider
Reviewed-by: Ralph Boehme
(cherry picked from commit 8458449ddf1a5c939784116aa3f9d21edaf93a05)
Autobuild-User(v4-16-test): Jule Anger
Autobuild-Date(v4-16-test): Mon Jun 27 08:25:10 UTC 2022 on sn-devel-184
---
Summary of changes:
source3/wscript_build | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Changeset truncated at 500 lines:
diff --git a/source3/wscript_build b/source3/wscript_build
index acfc0c56f03..5cf965dc45d 100644
--- a/source3/wscript_build
+++ b/source3/wscript_build
@@ -572,7 +572,7 @@ bld.SAMBA3_LIBRARY('smbconf',
''',
public_headers='../lib/smbconf/smbconf.h',
pc_files=[],
- vnum='0')
+ vnum='0.0.1')
bld.SAMBA3_SUBSYSTEM('sysquotas',
source='''
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated
via 58bdf100b2b s3: VFS: streams_xattr: Add the same accommodation to
streams_xattr_unlinkat() as used in streams_xattr_renameat().
via 81dc0832eee s3: tests: Add test that shows smbd crashes using
vfs_fruit with fruit:resource = stream on deleting a file.
from 94a94383bbd s3/client: fix dfs deltree, resolve dfs path
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test
- Log -
commit 58bdf100b2bfc852a5d7f499771395bf4062ec74
Author: Jeremy Allison
Date: Fri Jun 17 17:51:35 2022 -0700
s3: VFS: streams_xattr: Add the same accommodation to
streams_xattr_unlinkat() as used in streams_xattr_renameat().
vfs_fruit passes a synthetic filename here where smb_fname->fsp==NULL
when configured to use "fruit:resource = stream" so we need to use
synthetic_pathref() to get an fsp on the smb_fname->base_name
in order to call SMB_VFS_FREMOVEXATTR().
This is the same change we already use in streams_xattr_renameat()
and streams_xattr_stat(), the other pathname operations we implement
here.
Remove knownfail.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15099
Signed-off-by: Jeremy Allison
Reviewed-by: Noel Power
Autobuild-User(master): Noel Power
Autobuild-Date(master): Mon Jun 20 14:24:20 UTC 2022 on sn-devel-184
(backported from commit 808a7b8b76dbcaac1db0508fd410d0bcf702af7a)
Autobuild-User(v4-16-test): Jule Anger
Autobuild-Date(v4-16-test): Thu Jun 23 08:43:30 UTC 2022 on sn-devel-184
commit 81dc0832eee7af5c7989c799c69b7845940b428e
Author: Jeremy Allison
Date: Fri Jun 17 17:49:43 2022 -0700
s3: tests: Add test that shows smbd crashes using vfs_fruit with
fruit:resource = stream on deleting a file.
Add knownfail.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15099
Signed-off-by: Jeremy Allison
Reviewed-by: Noel Power
(backported from commit 238b2cbb8f352375c448d86b462f13752640e16b)
---
Summary of changes:
selftest/target/Samba3.pm | 9 +
source3/modules/vfs_streams_xattr.c| 24 +++--
source3/script/tests/test_fruit_resource_stream.sh | 41 ++
source3/selftest/tests.py | 4 +++
4 files changed, 75 insertions(+), 3 deletions(-)
create mode 100755 source3/script/tests/test_fruit_resource_stream.sh
Changeset truncated at 500 lines:
diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm
index c7d22b20d99..595be223dce 100755
--- a/selftest/target/Samba3.pm
+++ b/selftest/target/Samba3.pm
@@ -2463,6 +2463,9 @@ sub provision($$)
my $local_symlinks_shrdir="$shrdir/local_symlinks";
push(@dirs,$local_symlinks_shrdir);
+ my $fruit_resource_stream_shrdir="$shrdir/fruit_resource_stream";
+ push(@dirs,$fruit_resource_stream_shrdir);
+
# this gets autocreated by winbindd
my $wbsockdir="$prefix_abs/wbsock";
@@ -3023,6 +3026,12 @@ sub provision($$)
fruit:metadata = stream
fruit:zero_file_id=yes
+[fruit_resource_stream]
+ path = $fruit_resource_stream_shrdir
+ vfs objects = fruit streams_xattr acl_xattr xattr_tdb
+ fruit:resource = stream
+ fruit:metadata = stream
+
[badname-tmp]
path = $badnames_shrdir
guest ok = yes
diff --git a/source3/modules/vfs_streams_xattr.c
b/source3/modules/vfs_streams_xattr.c
index 682d492fee3..8603db45d63 100644
--- a/source3/modules/vfs_streams_xattr.c
+++ b/source3/modules/vfs_streams_xattr.c
@@ -482,6 +482,8 @@ static int streams_xattr_unlink_internal(vfs_handle_struct
*handle,
NTSTATUS status;
int ret = -1;
char *xattr_name = NULL;
+ struct smb_filename *pathref = NULL;
+ struct files_struct *fsp = smb_fname->fsp;
if (!is_named_stream(smb_fname)) {
return SMB_VFS_NEXT_UNLINKAT(handle,
@@ -497,10 +499,25 @@ static int
streams_xattr_unlink_internal(vfs_handle_struct *handle,
goto fail;
}
- SMB_ASSERT(smb_fname->fsp != NULL);
- SMB_ASSERT(smb_fname->fsp->base_fsp != NULL);
+ if (fsp == NULL) {
+ status = synthetic_pathref(talloc_tos(),
+ handle->conn->cwd_fsp,
+ smb_fname->base_name,
+ NULL,
+ NULL,
+ smb_fname->twrp,
+ smb_fname->flags,
+ );
+ if (!NT_STATUS_IS_OK(status)) {
+ errno = ENOENT;
+ goto fail;
+ }
+ fsp = pathref->fsp;
+ } else {
+
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated via 94a94383bbd s3/client: fix dfs deltree, resolve dfs path via 659d6140f11 Add test smbclient 'delree' of dir (on DFS share) via 8bac5eedc79 s3/client: fix dfs delete, resolve dfs path via 2f105c9f541 Add test smbclient 'del' of file (on DFS share) via 8db232cb6a0 Add new dfs node msdfs-share pointing to new msdfs-share2 from a9f87b9278e s3:utils: Fix missing space in testparm output https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test - Log - commit 94a94383bbd4123f5606fca7536d29c201827c1d Author: Noel Power Date: Thu Jun 16 17:17:45 2022 +0100 s3/client: fix dfs deltree, resolve dfs path since 4cc4938a2866738aaff4dc91550bb7a5ad05d7fb do_list seems to deal with non dfs root path, hence we need to resolve the path before calling cli_unlink. Also remove the knownfail We additionally have to also remove the fallback to remove 'file3' int the smbcacls_dfs_propagate_inherit.teardown as the deltree that happens in the baseclass now succeeds. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15100 Signed-off-by: Noel Power Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Fri Jun 17 17:12:07 UTC 2022 on sn-devel-184 (cherry picked from commit 81fdcf95ae92a02f83501753dec0f29ddd555eeb) Autobuild-User(v4-16-test): Jule Anger Autobuild-Date(v4-16-test): Mon Jun 20 10:56:52 UTC 2022 on sn-devel-184 commit 659d6140f112ad12dca0e7cc1c7e59c481434c14 Author: Noel Power Date: Fri Jun 17 10:58:48 2022 +0100 Add test smbclient 'delree' of dir (on DFS share) deltree of a file on a DFS share results in NT_STATUS_OBJECT_PATH_NOT_FOUND Addionally add a knownfail for this (to be removed in subsequent patch to fix bug) We also need to add a knownfail (which will not be removed) for the new test which will fail in smb1 envs BUG: https://bugzilla.samba.org/show_bug.cgi?id=15100 Signed-off-by: Noel Power Reviewed-by: Jeremy Allison (cherry picked from commit 23a5a05db03a8f14ab701005a8bec9a3eeff3d77) commit 8bac5eedc79b022ec39c7ab1c45926d90a28a939 Author: Noel Power Date: Thu Jun 16 15:12:05 2022 +0100 s3/client: fix dfs delete, resolve dfs path since 4cc4938a2866738aaff4dc91550bb7a5ad05d7fb do_list seems to deal with non dfs root path, hence we need to resolve the path before calling cli_unlink. Also remove the knownfail BUG: https://bugzilla.samba.org/show_bug.cgi?id=15100 Signed-off-by: Noel Power Reviewed-by: Jeremy Allison (cherry picked from commit 7c4cb4982330cd2eda53950e977179920b1e3b04) commit 2f105c9f541963db4f94699fbc7060ff791a04ed Author: Noel Power Date: Fri Jun 17 10:25:49 2022 +0100 Add test smbclient 'del' of file (on DFS share) del of a file on a DFS share results in NT_STATUS_OBJECT_PATH_NOT_FOUND Addionally add a knownfail (will be removed in following patch to fix the bug) We also need to add a knownfail (which will not be removed) for the new test which will fail in smb1 envs BUG: https://bugzilla.samba.org/show_bug.cgi?id=15100 Signed-off-by: Noel Power Reviewed-by: Jeremy Allison (back-ported from commit db1b4df0ab3b18821da3c2dbe6d6058f0c3019b8) commit 8db232cb6a0750dc6c238df360b8ffb23e00bef8 Author: Noel Power Date: Fri Jun 17 10:15:42 2022 +0100 Add new dfs node msdfs-share pointing to new msdfs-share2 Also add another node within msdfs-share2 pointing to normal share This patch is in preperation for creating a test for 'del' & 'deltree' on DFS shares. The extra redirection is necessary to reproduce the bug BUG: https://bugzilla.samba.org/show_bug.cgi?id=15100 Signed-off-by: Noel Power Reviewed-by: Jeremy Allison (cherry picked from commit 39672a9676bff53d3ccc0ad7c1fa65a95cbceaab) --- Summary of changes: .../blackbox/smbcacls_dfs_propagate_inherit.py | 8 -- selftest/knownfail.d/smb1-tests| 2 + selftest/target/Samba3.pm | 9 ++ source3/client/client.c| 63 +++--- source3/script/tests/test_smbclient_s3.sh | 95 ++ 5 files changed, 158 insertions(+), 19 deletions(-) Changeset truncated at 500 lines: diff --git a/python/samba/tests/blackbox/smbcacls_dfs_propagate_inherit.py b/python/samba/tests/blackbox/smbcacls_dfs_propagate_inherit.py index 36c29c8ccca..42680df0d06 100644 --- a/python/samba/tests/blackbox/smbcacls_dfs_propagate_inherit.py +++ b/python/samba/tests/blackbox/smbcacls_dfs_propagate_inherit.py @@ -85,11 +85,3 @@ class
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated via a9f87b9278e s3:utils: Fix missing space in testparm output via edd5a851273 cmdline_s4: re-initialise logging once loadparm is ready via 1137957a13b s4/dlz: add support for bind 9.18 via 959d37e72cc ctdb-daemon: Use DEBUG() macro for child logging via c4e176e46cd ctdb-daemon: Drop unused prefix, logfn, logfn_private via 79706765035 ctdb-common: Tell file logging not to redirect stderr via a393eab06a7 util: Add new debug setting debug_no_stderr_redirect from ad60cbaf053 VERSION: Bump version up to Samba 4.16.3... https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test - Log - commit a9f87b9278e89c626c34c000af12559f33c1fd80 Author: Andreas Schneider Date: Mon Feb 21 14:34:06 2022 +0100 s3:utils: Fix missing space in testparm output BUG: https://bugzilla.samba.org/show_bug.cgi?id=15097 Signed-off-by: Andreas Schneider Reviewed-by: Alexander Bokovoy (cherry picked from commit 7009fb1a10c579262dfa62894ea674197fcee354) Autobuild-User(v4-16-test): Jule Anger Autobuild-Date(v4-16-test): Sat Jun 18 09:55:28 UTC 2022 on sn-devel-184 commit edd5a851273cdbece6aba3d22241e469e58bed9a Author: Douglas Bagnall Date: Thu May 26 15:46:08 2022 +1200 cmdline_s4: re-initialise logging once loadparm is ready The first time round we maybe didn't know which files we wanted to log to. Suppose, for example, we had an smb.conf with log level = 1 dsdb_group_json_audit:5@/var/log/group_json.log we wouldn't see anything in "/var/log/group_json.log", while the level 5 dsdb_group_json_audit messages would go into the main log. Note that the named file would still be opened by winbindd and others that use the s3 code, but would remain empty as they don't have anything to say about dsdb_group_json_audit. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15076 Signed-off-by: Douglas Bagnall Reviewed-by: Andrew Bartlett Reviewed-by: Andreas Schneider (cherry picked from commit 9537ac723cfdc43e718fdd08dc28883e7057a372) commit 1137957a13b733babd988831ce3e7cf67ac77526 Author: Douglas Bagnall Date: Thu Feb 24 12:17:00 2022 +1300 s4/dlz: add support for bind 9.18 It seems nothing has changed since 9.16 for our purposes. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14986 Signed-off-by: Douglas Bagnall Signed-off-by: Andreas Hasenack Pair-programmed-with: Andreas Hasenack Reviewed-by: Andrew Bartlett Autobuild-User(master): Douglas Bagnall Autobuild-Date(master): Mon May 23 00:53:09 UTC 2022 on sn-devel-184 (cherry picked from commit 03036442deac25f58be4119e6c9ce2586e0abf51) commit 959d37e72cc539cf76fb99dbe8fc99ae32e59b63 Author: Martin Schwenke Date: Mon Jun 6 18:02:31 2022 +1000 ctdb-daemon: Use DEBUG() macro for child logging Directly using dbgtext() with file logging results in a log entry with no header, which is wrong. This is a regression, introduced in commit 10d15c9e5dfe4e8595d0b322c96f474fc7078f46. Prior to this, CTDB's callback for file logging would always add a header. Use DEBUG() instead dbgtext(). Note that DEBUG() effectively compares the passed script_log_level with DEBUGLEVEL, so an explicit check is no longer necessary. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15090 Signed-off-by: Martin Schwenke Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Thu Jun 16 13:33:10 UTC 2022 on sn-devel-184 (cherry picked from commit e752f841e682cc571006c09249b03d82aea5f8cd) commit c4e176e46cd4a8392cc1de08ad90d62b3c114079 Author: Martin Schwenke Date: Mon Jun 6 17:57:51 2022 +1000 ctdb-daemon: Drop unused prefix, logfn, logfn_private These aren't set anywhere in the code. Drop the log argument because it is also no longer used. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15090 Signed-off-by: Martin Schwenke Reviewed-by: Volker Lendecke (cherry picked from commit 88f35cf86285b7a818282d5f465711de66dfad59) commit 79706765035fc1815795d61bcfb3e0d937b08f5d Author: Martin Schwenke Date: Tue Jun 7 14:00:49 2022 +1000 ctdb-common: Tell file logging not to redirect stderr This allows ctdb_set_child_logging() to work. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15090 Signed-off-by: Martin Schwenke Reviewed-by: Volker Lendecke (cherry picked from commit 1596a3e84babb8fdd86af0c4b98906b309be7907) commit a393eab06a74e3b8f32eee33d11bef510e137bf6 Author: Martin Schwenke Date: Tue Jun 7 13:54:20 2022 +1000 util: Add new debug setting debug_no_stderr_redirect CTDB doesn't want this redirection of stderr to
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated via 9bab57ae404 Revert "lib:util: Remove NIS support from string_match()" via 87f59494345 Revert "s3:smbd: Remove NIS support" via cdbd540b7cb Revert "docs-xml: Update documentation for removal of NIS support" via 16df1ed429d Revert "s3:auth: Fix user_in_list() for UNIX groups" from 56eca407415 ldb: version 2.5.1 https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test - Log - commit 9bab57ae404cb31a9714d371e87622cc098704ef Author: Samuel Cabrero Date: Fri Jun 3 17:48:21 2022 +0200 Revert "lib:util: Remove NIS support from string_match()" This partly reverts commit 620de975f147ac9427b51ea0e1e3eabda443d4b6. Drop chunk including system/nis.h, drop wscript_build modifications, use getdomainname() from glibc instead of yp_get_default_domain() from libnsl. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15087 Signed-off-by: Samuel Cabrero Reviewed-by: Jeremy Allison (cherry picked from commit b3034f1209a6c45873882415c4291dde7eee76db) Autobuild-User(v4-16-test): Jule Anger Autobuild-Date(v4-16-test): Sun Jun 12 10:17:00 UTC 2022 on sn-devel-184 commit 87f5949434512562e51fec1ff4fb84182ace7f0c Author: Samuel Cabrero Date: Fri Jun 3 15:07:18 2022 +0200 Revert "s3:smbd: Remove NIS support" This partly reverts commit edda7a329e5bed442418de9782cec9f567092aae. Revert the chunks related to netgroups and skip NIS support related ones. Use getdomainname() from glibc instead of yp_get_default_domain() from libnsl to get the NIS domain name. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15087 Signed-off-by: Samuel Cabrero Reviewed-by: Jeremy Allison (cherry picked from commit 21796ef8f807d88e01627dc993b757e251788980) commit cdbd540b7cbcc62930945c712bd6e384cec4ffcd Author: Samuel Cabrero Date: Fri Jun 3 14:12:01 2022 +0200 Revert "docs-xml: Update documentation for removal of NIS support" This partly reverts commit a72bc3e15d3ed62e9ad2c0a97ce5d6d653abb048. Revert only the chunks related to netgroups and skip NIS related ones. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15087 Signed-off-by: Samuel Cabrero Reviewed-by: Jeremy Allison (cherry picked from commit f74e284a9d7fa8dc45f22b70dcea27f1aa8bd232) commit 16df1ed429d8d36ba7eeb39c6020b65160036b4d Author: Samuel Cabrero Date: Fri Jun 3 14:01:36 2022 +0200 Revert "s3:auth: Fix user_in_list() for UNIX groups" This partly reverts commit 6dc463d3e2eb229df1c4f620cfcaf22ac71738d4. Reverted to allow next revert commits to apply cleanly. Do not recreate selftest/knownfail.d/usernamemap file. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15087 Signed-off-by: Samuel Cabrero Reviewed-by: Jeremy Allison (cherry picked from commit dbf3d217e3424fae64d9bd00e4762dc4d2bda6c2) --- Summary of changes: docs-xml/smbdotconf/security/hostsallow.xml | 7 ++ docs-xml/smbdotconf/security/invalidusers.xml| 15 ++- docs-xml/smbdotconf/security/usernamemap.xml | 5 + docs-xml/smbdotconf/security/validusers.xml | 7 +- docs-xml/smbdotconf/winbind/winbindseparator.xml | 4 +- lib/util/access.c| 56 + selftest/target/Samba3.pm| 4 + source3/auth/user_util.c | 139 +++ source3/script/tests/test_smbclient_s3.sh| 13 +++ source3/smbd/share_access.c | 21 ++-- source3/wscript | 4 + 11 files changed, 239 insertions(+), 36 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/smbdotconf/security/hostsallow.xml b/docs-xml/smbdotconf/security/hostsallow.xml index a052e7f79cd..8b4b62268a3 100644 --- a/docs-xml/smbdotconf/security/hostsallow.xml +++ b/docs-xml/smbdotconf/security/hostsallow.xml @@ -41,6 +41,13 @@ hosts allow = lapland, arvidsjaur +Example 4: allow only hosts in NIS netgroup foonet, but +deny access from one particular host + +hosts allow = @foonet + +hosts deny = pirate + Note that access still requires suitable user-level passwords. See testparm diff --git a/docs-xml/smbdotconf/security/invalidusers.xml b/docs-xml/smbdotconf/security/invalidusers.xml index 268cdfad560..b2fb2b9d293 100644 --- a/docs-xml/smbdotconf/security/invalidusers.xml +++ b/docs-xml/smbdotconf/security/invalidusers.xml @@ -7,8 +7,21 @@ to login to this service. This is really a paranoid check to absolutely ensure an improper setting does not breach your security. + +A name starting with a '@' is interpreted as an NIS +netgroup first (if your system
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated
via 56eca407415 ldb: version 2.5.1
from bb60c85153b s3:smbd: Out-by-4 error in smbd read reply max_send
clamp
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test
- Log -
commit 56eca407415dd7c69cde7e66f02f0c95d419721a
Author: Stefan Metzmacher
Date: Thu Jun 9 06:49:31 2022 +0200
ldb: version 2.5.1
* Fix build problems
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15071
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andreas Schneider
Autobuild-User(v4-16-test): Stefan Metzmacher
Autobuild-Date(v4-16-test): Thu Jun 9 12:14:04 UTC 2022 on sn-devel-184
---
Summary of changes:
lib/ldb/ABI/{ldb-2.0.5.sigs => ldb-2.5.1.sigs} | 0
lib/ldb/ABI/{pyldb-util-2.1.0.sigs => pyldb-util-2.5.1.sigs} | 0
lib/ldb/wscript | 2 +-
3 files changed, 1 insertion(+), 1 deletion(-)
copy lib/ldb/ABI/{ldb-2.0.5.sigs => ldb-2.5.1.sigs} (100%)
copy lib/ldb/ABI/{pyldb-util-2.1.0.sigs => pyldb-util-2.5.1.sigs} (100%)
Changeset truncated at 500 lines:
diff --git a/lib/ldb/ABI/ldb-2.0.5.sigs b/lib/ldb/ABI/ldb-2.5.1.sigs
similarity index 100%
copy from lib/ldb/ABI/ldb-2.0.5.sigs
copy to lib/ldb/ABI/ldb-2.5.1.sigs
diff --git a/lib/ldb/ABI/pyldb-util-2.1.0.sigs
b/lib/ldb/ABI/pyldb-util-2.5.1.sigs
similarity index 100%
copy from lib/ldb/ABI/pyldb-util-2.1.0.sigs
copy to lib/ldb/ABI/pyldb-util-2.5.1.sigs
diff --git a/lib/ldb/wscript b/lib/ldb/wscript
index b811b68861f..f483dd54748 100644
--- a/lib/ldb/wscript
+++ b/lib/ldb/wscript
@@ -2,7 +2,7 @@
APPNAME = 'ldb'
# For Samba 4.16.x
-VERSION = '2.5.0'
+VERSION = '2.5.1'
import sys, os
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated
via bb60c85153b s3:smbd: Out-by-4 error in smbd read reply max_send
clamp
from 1397656cebf s3:printing: Start samba-bgqd as soon as possible
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test
- Log -
commit bb60c85153b288b358d288b3ee9f4bceb1304e20
Author: Robert Sprowson
Date: Sun Jul 19 12:59:00 2020 +0100
s3:smbd: Out-by-4 error in smbd read reply max_send clamp
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14443
Signed-off-by: Robert Sprowson
Reviewed-by: Jeremy Allison
Reviewed-by: Noel Power
Autobuild-User(master): Jeremy Allison
Autobuild-Date(master): Wed Jun 8 19:50:08 UTC 2022 on sn-devel-184
(cherry picked from commit 174a76cc27f25120af5a86bee3f26d9afad87d8f)
Autobuild-User(v4-16-test): Jule Anger
Autobuild-Date(v4-16-test): Thu Jun 9 11:14:52 UTC 2022 on sn-devel-184
---
Summary of changes:
source3/smbd/reply.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index 40313f3209c..d4573d3da55 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -3853,7 +3853,7 @@ static void reply_lockread_locked(struct tevent_req
*subreq)
/*
* However the requested READ size IS affected by max_send.
Insanity JRA.
*/
- maxtoread = req->xconn->smb1.sessions.max_send - (smb_size + 5*2 + 3);
+ maxtoread = req->xconn->smb1.sessions.max_send - (MIN_SMB_SIZE + 5*2 +
3);
if (numtoread > maxtoread) {
DBG_WARNING("requested read size (%zu) is greater than "
@@ -3949,7 +3949,7 @@ void reply_read(struct smb_request *req)
/*
* The requested read size cannot be greater than max_send. JRA.
*/
- maxtoread = xconn->smb1.sessions.max_send - (smb_size + 5*2 + 3);
+ maxtoread = xconn->smb1.sessions.max_send - (MIN_SMB_SIZE + 5*2 + 3);
if (numtoread > maxtoread) {
DEBUG(0,("reply_read: requested read size (%u) is greater than
maximum allowed (%u/%u). \
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated via 1397656cebf s3:printing: Start samba-bgqd as soon as possible via 8507fa6fc7d s3:printing: Initialize the printcap cache as soon as the bgqd starts via c3ce1fec590 lib/util/gpfswrap: remove unused gpfswrap_get_winattrs_path() via b8cc300d226 vfs_gpfs: use handle based gpfswrap_get_winattrs() via 72ef38a9747 lib/util/gpfswrap: remove unused gpfswrap_getacl() via bdb2714671f vfs_gpfs: finally: use gpfswrap_fgetacl() instead of gpfswrap_getacl() via 1d4f8f3e472 lib/util/gpfswrap: add gpfswrap_fgetacl() via 069354e7480 vfs_gpfs: pass fsp to gpfs_getacl_with_capability() via bce1de5580f vfs_gpfs: pass fsp to vfs_gpfs_getacl() via a039780c01c vfs_gpfs: use fsp in gpfsacl_get_posix_acl() via d9222188190 vfs_gpfs: pass fsp to gpfsacl_get_posix_acl() via f752c389740 vfs_gpfs: pass fsp to gpfs_get_nfs4_acl() via 2a50ba5ae19 vfs_gpfs: pass fsp to gpfsacl_emu_chmod() via ea39a8894a2 vfs_gpfs: indentation and README.Coding fixes from e3de2bdb859 s3/client: Restore '-E' handling https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test - Log - commit 1397656cebf2cdd00a28727ec8f4b65308106440 Author: Andreas Schneider Date: Tue May 31 08:35:00 2022 +0200 s3:printing: Start samba-bgqd as soon as possible We need some time to fill the printcap cache. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15081 Signed-off-by: Andreas Schneider Reviewed-by: Jeremy Allison (cherry picked from commit ac16351ff5a0c5b46f461c26516b85e8483bba83) Autobuild-User(v4-16-test): Jule Anger Autobuild-Date(v4-16-test): Thu Jun 9 10:03:29 UTC 2022 on sn-devel-184 commit 8507fa6fc7daa29746ed81578669070a32bd0427 Author: Andreas Schneider Date: Mon May 30 17:22:21 2022 +0200 s3:printing: Initialize the printcap cache as soon as the bgqd starts As soon as the background daemon starts, we need to initialize the printcap cache so that rpcd-spoolssd can serve printers. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15081 Signed-off-by: Andreas Schneider Reviewed-by: Jeremy Allison (cherry picked from commit 3b5b80e99603e4c1d4d1080ed45bd75116a9fa8e) commit c3ce1fec590d95a2d848bce52b059784eeda430a Author: Ralph Boehme Date: Tue May 17 16:52:21 2022 +0200 lib/util/gpfswrap: remove unused gpfswrap_get_winattrs_path() BUG: https://bugzilla.samba.org/show_bug.cgi?id=15069 Signed-off-by: Ralph Boehme Reviewed-by: Christof Schmitt Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Fri Jun 3 21:53:31 UTC 2022 on sn-devel-184 (cherry picked from commit 3bd753983c8dac33b483affa859984b7e3350d65) commit b8cc300d226fe6a04ce26d6f91fcd484e4f0403a Author: Ralph Boehme Date: Tue May 17 16:32:23 2022 +0200 vfs_gpfs: use handle based gpfswrap_get_winattrs() Fixes detecting offline flag for files in snapshot – no idea if this is actually expected. Replaces path based gpfswrap_get_winattrs_path() with handle based version gpfswrap_get_winattrs(). When dealing with files in snapshots fsp->fsp_name points to the active dataset, which will cause ENOENT failures if files are deleted there any only present in the snapshot. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15069 Signed-off-by: Ralph Boehme Reviewed-by: Christof Schmitt (cherry picked from commit 8ae672f955bf07bb97f38b7d2f965f14e8315e9e) commit 72ef38a9747b576c6640e9b43f7b70e37f5839cb Author: Ralph Boehme Date: Tue May 17 16:27:58 2022 +0200 lib/util/gpfswrap: remove unused gpfswrap_getacl() BUG: https://bugzilla.samba.org/show_bug.cgi?id=15069 Signed-off-by: Ralph Boehme Reviewed-by: Christof Schmitt (cherry picked from commit 9172c5ff6a419e4daef451564650d4a3ce96bfae) commit bdb2714671f5ee168c07d9ab3c549fd7532a5a45 Author: Ralph Boehme Date: Tue May 17 16:02:10 2022 +0200 vfs_gpfs: finally: use gpfswrap_fgetacl() instead of gpfswrap_getacl() Replaces path based gpfswrap_getacl() with handle based version gpfswrap_fgetacl(). When dealing with files in snapshots fsp->fsp_name points to the active dataset, which will cause ENOENT failures if files are deleted there any only present in the snapshot: [2022/05/06 11:32:55.233435, 4, pid=12962, effective(1460548, 273710), real(1460548, 0)] calling open_file with flags=0x0 flags2=0x800 mode=0644, access_mask = 0x80, open_access_mask = 0x80 [2022/05/06 11:32:55.233460, 10, pid=12962, effective(1460548, 273710), real(1460548, 0), class=vfs] gpfs_get_nfs4_acl invoked for dir/subdir/file.txt [2022/05/06 11:32:55.233495, 5, pid=12962, effective(1460548, 273710), real(1460548, 0), class=vfs]
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated via e3de2bdb859 s3/client: Restore '-E' handling via 239e0759db3 s3/script/tests: Test smbclient -E redirects output to stderr via 53ac81eef24 s3:libads: Clear previous CLDAP ping flags when reusing the ADS_STRUCT via b09a37cd821 third_party: Update waf to version 2.0.24 via 32a573463e8 third_party: Update waf to verison 2.0.23 via 8385893f4c6 third_party:waf: Print the version of waf at the end of the update script from f23f9132f7c srvsvc: Announce [username] in NetShareEnum https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test - Log - commit e3de2bdb8590684dfffa9974f1b45a571845e72b Author: Noel Power Date: Mon May 23 17:23:41 2022 +0100 s3/client: Restore '-E' handling Sometimes we really do need to redirect output to stderr e.g. when using the tar command to output the archive to stdout we don't want debug or cmdline status messages straying into stdout. was removed with commit: e4474ac0a540c56548b4d15e38f2e234455e19b6 remove known fail for the test BUG: https://bugzilla.samba.org/show_bug.cgi?id=15075 Signed-off-by: Noel Power Reviewed-by: Andreas Schneider Autobuild-User(master): Noel Power Autobuild-Date(master): Tue May 24 10:29:27 UTC 2022 on sn-devel-184 (cherry picked from commit 56e179817123b40c3646476563d345d8f97efff9) Autobuild-User(v4-16-test): Jule Anger Autobuild-Date(v4-16-test): Mon May 30 09:10:47 UTC 2022 on sn-devel-184 commit 239e0759db3d3b52ff78b326b779635900b7551e Author: Noel Power Date: Mon May 23 20:11:13 2022 +0100 s3/script/tests: Test smbclient -E redirects output to stderr Add new test to ensure smbclient is writing to stderr (with '-E') Add knownfail for this test (will be removed when issue is fixed in later commit) BUG: https://bugzilla.samba.org/show_bug.cgi?id=15075 Signed-off-by: Noel Power Reviewed-by: Andreas Schneider (cherry picked from commit 5b6493043fc90a2bed5aaedad3b4511621d0b9fd) commit 53ac81eef24f1c60d2d9cdc9c5f21ade32275d81 Author: Samuel Cabrero Date: Mon May 23 14:11:24 2022 +0200 s3:libads: Clear previous CLDAP ping flags when reusing the ADS_STRUCT Before commit 1d066f37b9217a475b6b84a935ad51fbec88fe04, when the LDAP connection wasn't established yet (ads->ldap.ld == NULL), the ads_current_time() function always allocated and initialized a new ADS_STRUCT even when ads->ldap.ss had a good address after having called ads_find_dc(). After that commit, when the ADS_STRUCT is reused and passed to the ads_connect() call, ads_try_connect() may fail depending on the contacted DC because ads->config.flags field can contain the flags returned by the previous CLDAP call. For example, when having 5 DCs: * 192.168.101.31 has PDC FSMO role * 192.168.101.32 * 192.168.101.33 * 192.168.101.34 * 192.168.101.35 $> net ads info -S 192.168.101.35 net_ads_info() ads_startup_nobind() ads_startup_int() ads_init() ads_connect() ads_try_connect(192.168.101.35) check_cldap_reply_required_flags(returned=0xF1FC, required=0x0) ads_current_time() ads_connect() ads_try_connect(192.168.101.35) check_cldap_reply_required_flags(returned=0xF1FC, required=0xF1FC) The check_cldap_reply_required_flags() call fails because ads->config.flags contain the flags returned by the previous CLDAP call, even when the returned and required values match because they have different semantics: if (req_flags & DS_PDC_REQUIRED) RETURN_ON_FALSE(ret_flags & NBT_SERVER_PDC); translates to: if (0xF1FC & 0x80) RETURN_ON_FALSE(0xF1FC & 0x01); which returns false because 192.168.101.35 has no PDC FSMO role. The easiest fix for now is to reset ads->config.flags in ads_current_time() when reusing an ADS_STRUCT before calling ads_connect(), but we should consider storing the required and returned flags in different fields or at least use the same bitmap for them because check_cldap_reply_required_flags() is checking a netr_DsRGetDCName_flags value using the nbt_server_type bitmap. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14674 Signed-off-by: Samuel Cabrero Reviewed-by: Ralph Boehme Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Mon May 23 19:18:38 UTC 2022 on sn-devel-184 (cherry picked from commit a26f535dedc651afa2a25dd37113ac71787197ff) commit b09a37cd821afcc8acf4a6e71d13dadf7ffb1d0a Author: Andreas Schneider Date: Mon May 23 07:54:06 2022 +0200 third_party: Update waf to version 2.0.24
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated
via f23f9132f7c srvsvc: Announce [username] in NetShareEnum
via 344ff937f20 srvsvc: Add a central return point to
init_srv_share_info_ctr()
via 807ce67629d selftest: Test for bug 15062 -- list "username" in
netshareenum
from 25b7144283f s3: smbd: Allow a durable handle on a leased stat-open.
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test
- Log -
commit f23f9132f7c0205220e11732ee5b0c69ea8467dd
Author: Volker Lendecke
Date: Wed May 18 16:01:08 2022 +0200
srvsvc: Announce [username] in NetShareEnum
This patch has two flaws: First, it does not cover api_RNetShareEnum()
for SMB1, and the second one is: To make this elegant, we would have
to restructure our share handling. It is really only listing shares
for which we have to pull in everything from smb.conf, registry,
usershares and potentially printers. What we should do is modify our
loadparm handling to only load share definitions on demand and for
listing shares handle all the potential sources specially. Add code
that walks the registry shares without adding them to our services
list and so on.
This patch is the quick way to fix the bug, the alternative
would be weeks or more. And hopefully nobody notices the SMB1
problem...
Bug: https://bugzilla.samba.org/show_bug.cgi?id=15062
Signed-off-by: Volker Lendecke
Reviewed-by: Jeremy Allison
Autobuild-User(master): Jeremy Allison
Autobuild-Date(master): Wed May 18 17:42:20 UTC 2022 on sn-devel-184
(cherry picked from commit 04e0e02c6951e327130210e44deb87b9a303cdb3)
Autobuild-User(v4-16-test): Jule Anger
Autobuild-Date(v4-16-test): Fri May 20 09:10:43 UTC 2022 on sn-devel-184
commit 344ff937f203a9545ab8a56710499bf2c25691ee
Author: Volker Lendecke
Date: Wed May 18 15:39:23 2022 +0200
srvsvc: Add a central return point to init_srv_share_info_ctr()
Soon there will be cleanup work to do.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=15062
Signed-off-by: Volker Lendecke
Reviewed-by: Jeremy Allison
(cherry picked from commit 20cbade5b164c0e9eec744bd5a564110923a0c61)
commit 807ce67629deb17b97d55eadde09fb5881023bcd
Author: Volker Lendecke
Date: Wed May 18 14:40:49 2022 +
selftest: Test for bug 15062 -- list "username" in netshareenum
Bug: https://bugzilla.samba.org/show_bug.cgi?id=15062
Signed-off-by: Volker Lendecke
Reviewed-by: Jeremy Allison
(cherry picked from commit 3145131809269a33ad07261f94ee6e09e1850365)
---
Summary of changes:
source3/rpc_server/srvsvc/srv_srvsvc_nt.c | 114 +++--
source3/script/tests/test_user_in_sharelist.sh | 22 +
source3/selftest/tests.py | 6 ++
3 files changed, 116 insertions(+), 26 deletions(-)
create mode 100755 source3/script/tests/test_user_in_sharelist.sh
Changeset truncated at 500 lines:
diff --git a/source3/rpc_server/srvsvc/srv_srvsvc_nt.c
b/source3/rpc_server/srvsvc/srv_srvsvc_nt.c
index ea296eaa6ab..0bd79b595a9 100644
--- a/source3/rpc_server/srvsvc/srv_srvsvc_nt.c
+++ b/source3/rpc_server/srvsvc/srv_srvsvc_nt.c
@@ -610,6 +610,9 @@ static WERROR init_srv_share_info_ctr(struct pipes_struct
*p,
uint32_t *total_entries,
bool all_shares)
{
+ struct dcesrv_call_state *dce_call = p->dce_call;
+ struct auth_session_info *session_info =
+ dcesrv_call_session_info(dce_call);
const struct loadparm_substitution *lp_sub =
loadparm_s3_global_substitution();
uint32_t num_entries = 0;
@@ -622,6 +625,10 @@ static WERROR init_srv_share_info_ctr(struct pipes_struct
*p,
bool *allowed = 0;
union srvsvc_NetShareCtr ctr;
uint32_t resume_handle = resume_handle_p ? *resume_handle_p : 0;
+ const char *unix_name = session_info->unix_info->unix_name;
+ int existing_home = lp_servicenumber(unix_name);
+ int added_home = -1;
+ WERROR ret = WERR_OK;
DEBUG(5,("init_srv_share_info_ctr\n"));
@@ -630,11 +637,18 @@ static WERROR init_srv_share_info_ctr(struct pipes_struct
*p,
delete_and_reload_printers();
load_usershare_shares(NULL, connections_snum_used);
load_registry_shares();
- num_services = lp_numservices();
unbecome_root();
+ if (existing_home == -1) {
+ added_home = register_homes_share(unix_name);
+ }
+
+ num_services = lp_numservices();
+
allowed = talloc_zero_array(ctx, bool, num_services);
-W_ERROR_HAVE_NO_MEMORY(allowed);
+ if (allowed == NULL) {
+ goto nomem;
+ }
/* Count the number of
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated
via 25b7144283f s3: smbd: Allow a durable handle on a leased stat-open.
via c7e2b4c3e90 s4: torture: Add a new test -
samba3.smb2.durable-open.stat-open.
from 43a4e018ff0 VERSION: Bump version up to Samba 4.16.2...
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test
- Log -
commit 25b7144283f7871ffba3c3adccbaa7313c4753ca
Author: Jeremy Allison
Date: Wed Apr 27 14:08:13 2022 -0700
s3: smbd: Allow a durable handle on a leased stat-open.
Remove knownfail.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15042
Signed-off-by: Jeremy Allison
Reviewed-by: Ralph Boehme
(back-ported from commit fe7daae8c4692b99ff08d4e3e48034d59ddee245)
Autobuild-User(v4-16-test): Jule Anger
Autobuild-Date(v4-16-test): Mon May 9 08:18:05 UTC 2022 on sn-devel-184
commit c7e2b4c3e90ca90be265ea6ee518e980ea6a4364
Author: Jeremy Allison
Date: Wed Apr 27 12:50:59 2022 -0700
s4: torture: Add a new test - samba3.smb2.durable-open.stat-open.
Passes against Windows. Shows that Windows allows a durable handle
on a leased open for READ_ATTRUBUTES only (a stat open).
Mark as knownfail for now.
NB. Not sure why we are testing smb2.durable-open against ad_dc
as that provisioning has "smb2 leases = no" which precludes
granting durable handles. Not changing for this bug but this
should be looked at in future.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15042
Signed-off-by: Jeremy Allison
Reviewed-by: Ralph Boehme
(cherry picked from commit bb329d4de505d2c01ba45a06311c9dc6d87f8dec)
---
Summary of changes:
selftest/knownfail | 1 +
source3/smbd/durable.c | 4 ---
source4/torture/smb2/durable_open.c | 63 +
3 files changed, 64 insertions(+), 4 deletions(-)
Changeset truncated at 500 lines:
diff --git a/selftest/knownfail b/selftest/knownfail
index 7e897dd026d..4c5d03147d2 100644
--- a/selftest/knownfail
+++ b/selftest/knownfail
@@ -194,6 +194,7 @@
^samba3.smb2.durable-open.delete_on_close2
^samba3.smb2.durable-v2-open.app-instance
^samba3.smb2.durable-open.reopen1a-lease\(ad_dc\)$
+^samba3.smb2.durable-open.stat-open\(ad_dc\)$
^samba3.smb2.durable-v2-open.reopen1a-lease\(ad_dc\)$
^samba4.smb2.ioctl.req_resume_key\(ad_dc_ntvfs\) # not supported by s4 ntvfs
server
^samba4.smb2.ioctl.req_two_resume_keys\(ad_dc_ntvfs\) # not supported by s4
ntvfs server
diff --git a/source3/smbd/durable.c b/source3/smbd/durable.c
index a49bca6fd61..75c63c10ea2 100644
--- a/source3/smbd/durable.c
+++ b/source3/smbd/durable.c
@@ -75,10 +75,6 @@ NTSTATUS vfs_default_durable_cookie(struct files_struct *fsp,
return NT_STATUS_NOT_SUPPORTED;
}
- if (fsp_get_io_fd(fsp) == -1) {
- return NT_STATUS_NOT_SUPPORTED;
- }
-
if (is_ntfs_stream_smb_fname(fsp->fsp_name)) {
/*
* We do not support durable handles
diff --git a/source4/torture/smb2/durable_open.c
b/source4/torture/smb2/durable_open.c
index 3d78a35d92c..9cd4d88af39 100644
--- a/source4/torture/smb2/durable_open.c
+++ b/source4/torture/smb2/durable_open.c
@@ -2751,6 +2751,67 @@ done:
return ret;
}
+/**
+ * durable stat open with lease.
+ */
+static bool test_durable_open_stat_open(struct torture_context *tctx,
+ struct smb2_tree *tree)
+{
+ TALLOC_CTX *mem_ctx = talloc_new(tctx);
+ struct smb2_create io;
+ struct smb2_handle _h;
+ struct smb2_handle *h = NULL;
+ struct smb2_lease ls;
+ NTSTATUS status;
+ char fname[256];
+ bool ret = true;
+ uint64_t lease;
+
+ snprintf(fname, 256, "durable_open_stat_open_%s.dat",
+generate_random_str(mem_ctx, 8));
+
+ /* Ensure file doesn't exist. */
+ smb2_util_unlink(tree, fname);
+
+ /* Create a normal file. */
+ smb2_oplock_create(, fname, SMB2_OPLOCK_LEVEL_NONE);
+ status = smb2_create(tree, mem_ctx, );
+ CHECK_STATUS(status, NT_STATUS_OK);
+ _h = io.out.file.handle;
+ h = &_h;
+ CHECK_CREATED(, CREATED, FILE_ATTRIBUTE_ARCHIVE);
+ /* Close. */
+ smb2_util_close(tree, *h);
+ h = NULL;
+
+ /* Now try a leased, durable handle stat open. */
+ lease = random();
+ /* Create with lease */
+ smb2_lease_create(,
+ ,
+ false /* dir */,
+ fname,
+ lease,
+ smb2_util_lease_state("RH"));
+ io.in.durable_open = true;
+ io.in.desired_access = SEC_FILE_READ_ATTRIBUTE;
+ io.in.create_disposition = NTCREATEX_DISP_OPEN;
+
+ status
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated
via 09b07aec702 vfs_gpfs: Ignore pathref fds for gpfs:recalls check
from 82d86282ca6 s4:kdc: strictly have 2 16-bit parts in krbtgt kvnos
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test
- Log -
commit 09b07aec70265812d4628097b8df3eec68294a16
Author: Christof Schmitt
Date: Wed Apr 27 15:37:18 2022 -0700
vfs_gpfs: Ignore pathref fds for gpfs:recalls check
Setting gpfs:recalls=no should prevent data access to offline files.
Since Samba 4.14, the VFS openat function is also called with O_PATH to
get a reference to the path. These accesses should not be blocked,
otherwise this would prevent offline files from being included in
directory listings.
Fix this by skipping the check for pathref fds.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15055
Signed-off-by: Christof Schmitt
Reviewed-by: Ralph Boehme
Autobuild-User(master): Ralph Böhme
Autobuild-Date(master): Thu Apr 28 07:59:47 UTC 2022 on sn-devel-184
(cherry picked from commit 03d0dd2651c9e6552d6c3d9513810e581339ac08)
Autobuild-User(v4-16-test): Jule Anger
Autobuild-Date(v4-16-test): Mon May 2 08:23:01 UTC 2022 on sn-devel-184
---
Summary of changes:
source3/modules/vfs_gpfs.c | 1 +
1 file changed, 1 insertion(+)
Changeset truncated at 500 lines:
diff --git a/source3/modules/vfs_gpfs.c b/source3/modules/vfs_gpfs.c
index 7642c647afb..e6b2a5d142b 100644
--- a/source3/modules/vfs_gpfs.c
+++ b/source3/modules/vfs_gpfs.c
@@ -2370,6 +2370,7 @@ static int vfs_gpfs_openat(struct vfs_handle_struct
*handle,
return -1);
if (config->hsm && !config->recalls &&
+ !fsp->fsp_flags.is_pathref &&
vfs_gpfs_fsp_is_offline(handle, fsp))
{
DBG_DEBUG("Refusing access to offline file %s\n",
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated
via 82d86282ca6 s4:kdc: strictly have 2 16-bit parts in krbtgt kvnos
from 6cbaa31fe0a s3:passdb: Also allow to handle UPNs in
lookup_name_smbconf()
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test
- Log -
commit 82d86282ca64177fe65cb5ab017a475a95d67cf3
Author: Stefan Metzmacher
Date: Wed Feb 16 14:11:10 2022 +0100
s4:kdc: strictly have 2 16-bit parts in krbtgt kvnos
Even if the msDS-KeyVersionNumber of the main krbtgt
account if larger than 65535, we need to have
the 16 upper bits all zero in order to avoid
mixing the keys with an RODC.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14951
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andrew Bartlett
(cherry picked from commit ab0946a75d51b8f4826d98c61c3ad503615009fe)
Autobuild-User(v4-16-test): Stefan Metzmacher
Autobuild-Date(v4-16-test): Thu Apr 28 15:42:38 UTC 2022 on sn-devel-184
---
Summary of changes:
source4/kdc/db-glue.c | 51 +++
1 file changed, 43 insertions(+), 8 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/kdc/db-glue.c b/source4/kdc/db-glue.c
index bdadc1278c3..3e1f7a6b4dc 100644
--- a/source4/kdc/db-glue.c
+++ b/source4/kdc/db-glue.c
@@ -45,6 +45,9 @@
#define SAMBA_KVNO_GET_KRBTGT(kvno) \
((uint16_t)(((uint32_t)kvno) >> 16))
+#define SAMBA_KVNO_GET_VALUE(kvno) \
+ ((uint16_t)(((uint32_t)kvno) & 0x))
+
#define SAMBA_KVNO_AND_KRBTGT(kvno, krbtgt) \
((krb5_kvno)uint32_t)kvno) & 0x) | \
uint32_t)krbtgt) << 16) & 0x)))
@@ -427,6 +430,7 @@ static krb5_error_code
samba_kdc_message2entry_keys(krb5_context context,
struct sdb_entry_ex
*entry_ex,
uint32_t
*supported_enctypes_out)
{
+ struct sdb_entry *entry = _ex->entry;
krb5_error_code ret = 0;
enum ndr_err_code ndr_err;
struct samr_Password *hash;
@@ -437,10 +441,12 @@ static krb5_error_code
samba_kdc_message2entry_keys(krb5_context context,
struct package_PrimaryKerberosBlob _pkb;
struct package_PrimaryKerberosCtr3 *pkb3 = NULL;
struct package_PrimaryKerberosCtr4 *pkb4 = NULL;
+ bool is_krbtgt = false;
+ int krbtgt_number = 0;
+ uint32_t current_kvno;
+ uint32_t returned_kvno = 0;
uint16_t i;
uint16_t allocated_keys = 0;
- int rodc_krbtgt_number = 0;
- int kvno = 0;
uint32_t supported_enctypes
= ldb_msg_find_attr_as_uint(msg,
"msDS-SupportedEncryptionTypes",
@@ -452,6 +458,7 @@ static krb5_error_code
samba_kdc_message2entry_keys(krb5_context context,
/* KDCs (and KDCs on RODCs) use AES */
supported_enctypes |= ENC_HMAC_SHA1_96_AES128 |
ENC_HMAC_SHA1_96_AES256;
+ is_krbtgt = true;
enable_fast = lpcfg_kdc_enable_fast(kdc_db_ctx->lp_ctx);
if (enable_fast) {
@@ -481,9 +488,12 @@ static krb5_error_code
samba_kdc_message2entry_keys(krb5_context context,
/* Is this the krbtgt or a RODC krbtgt */
if (is_rodc) {
- rodc_krbtgt_number = ldb_msg_find_attr_as_int(msg,
"msDS-SecondaryKrbTgtNumber", -1);
+ krbtgt_number = ldb_msg_find_attr_as_int(msg,
"msDS-SecondaryKrbTgtNumber", -1);
- if (rodc_krbtgt_number == -1) {
+ if (krbtgt_number == -1) {
+ return EINVAL;
+ }
+ if (krbtgt_number == 0) {
return EINVAL;
}
}
@@ -503,11 +513,20 @@ static krb5_error_code
samba_kdc_message2entry_keys(krb5_context context,
goto out;
}
- kvno = ldb_msg_find_attr_as_int(msg, "msDS-KeyVersionNumber", 0);
- if (is_rodc) {
- kvno = SAMBA_KVNO_AND_KRBTGT(kvno, rodc_krbtgt_number);
+ current_kvno = ldb_msg_find_attr_as_int(msg, "msDS-KeyVersionNumber",
0);
+ if (is_krbtgt) {
+ /*
+* Even for the main krbtgt account
+* we have to strictly split the kvno into
+* two 16-bit parts and the upper 16-bit
+* need to be all zero, even if
+* the msDS-KeyVersionNumber has a value
+* larger than 65535.
+*
+* See https://bugzilla.samba.org/show_bug.cgi?id=14951
+*/
+ current_kvno = SAMBA_KVNO_GET_VALUE(current_kvno);
}
- entry_ex->entry.kvno = kvno;
/* Get keys from the db */
@@ -773,6 +792,22 @@ static krb5_error_code
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated
via 6cbaa31fe0a s3:passdb: Also allow to handle UPNs in
lookup_name_smbconf()
via 944ee14c512 s3:passdb: Refactor lookup_name_smbconf()
via 0b9a9c3a984 s3:passdb: Use already defined pointer in
lookup_name_smbconf()
via e6cc5f94658 s3:passdb: Add support to handle UPNs in lookup_name()
via 80d3e7d45c8 s3:passdb: Remove trailing spaces in lookup_sid.c
from b444d0f7fee s3:winbind: Remove no longer used domain's private_data
pointer
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test
- Log -
commit 6cbaa31fe0a04825f1a7011d6c2ecb50c91861bf
Author: Andreas Schneider
Date: Tue Apr 26 07:39:12 2022 +0200
s3:passdb: Also allow to handle UPNs in lookup_name_smbconf()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15054
Signed-off-by: Andreas Schneider
Reviewed-by: Jeremy Allison
(cherry picked from commit 28fc44f2852046d03cada161ed1001d04d9e1554)
Autobuild-User(v4-16-test): Jule Anger
Autobuild-Date(v4-16-test): Thu Apr 28 09:03:34 UTC 2022 on sn-devel-184
commit 944ee14c512832d1ffc3aa342d7de4592adfa52d
Author: Andreas Schneider
Date: Tue Apr 26 07:24:10 2022 +0200
s3:passdb: Refactor lookup_name_smbconf()
This will be changed to support UPNs too in the next patch.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15054
Signed-off-by: Andreas Schneider
Reviewed-by: Jeremy Allison
(cherry picked from commit 2690310743920dfe20ac235c1e3617e0f421eddc)
commit 0b9a9c3a9847a201dd9c50082b3c66380d2cc55f
Author: Andreas Schneider
Date: Tue Apr 26 12:26:25 2022 +0200
s3:passdb: Use already defined pointer in lookup_name_smbconf()
Signed-off-by: Andreas Schneider
Reviewed-by: Jeremy Allison
(cherry picked from commit ed8e466854d6d8d6120388716a7b604df7a4db27)
commit e6cc5f946586190a2e761fd491498c1991d4a937
Author: Andreas Schneider
Date: Tue Apr 26 07:12:02 2022 +0200
s3:passdb: Add support to handle UPNs in lookup_name()
This address an issue if sssd is running and handling nsswitch. If we look
up
a user with getpwnam("DOMAIN\user") it will return user@REALM in the passwd
structure. We need to be able to deal with that.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15054
Signed-off-by: Andreas Schneider
Reviewed-by: Jeremy Allison
(cherry picked from commit 2a03fb91c1120718ada9d4b8421044cb7eae7b83)
commit 80d3e7d45c8b3b3402bf778070cadc3325ddc441
Author: Andreas Schneider
Date: Tue Apr 26 07:10:56 2022 +0200
s3:passdb: Remove trailing spaces in lookup_sid.c
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15054
Signed-off-by: Andreas Schneider
Reviewed-by: Jeremy Allison
(cherry picked from commit 756cd0eed30322ae6dbd5402ec11441387475884)
---
Summary of changes:
source3/passdb/lookup_sid.c | 52 +++--
1 file changed, 31 insertions(+), 21 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/passdb/lookup_sid.c b/source3/passdb/lookup_sid.c
index a551bcfd24a..426ea3f81bd 100644
--- a/source3/passdb/lookup_sid.c
+++ b/source3/passdb/lookup_sid.c
@@ -1,4 +1,4 @@
-/*
+/*
Unix SMB/CIFS implementation.
uid/user handling
Copyright (C) Andrew Tridgell 1992-1998
@@ -72,7 +72,7 @@ static bool lookup_unix_group_name(const char *name, struct
dom_sid *sid)
If an explicit domain name was given in the form domain\user, it
has to try that. If no explicit domain name was given, we have
to do guesswork.
-*/
+*/
bool lookup_name(TALLOC_CTX *mem_ctx,
const char *full_name, int flags,
@@ -100,8 +100,18 @@ bool lookup_name(TALLOC_CTX *mem_ctx,
PTR_DIFF(p, full_name));
name = talloc_strdup(tmp_ctx, p+1);
} else {
- domain = talloc_strdup(tmp_ctx, "");
- name = talloc_strdup(tmp_ctx, full_name);
+ char *q = strchr_m(full_name, '@');
+
+ /* Set the domain for UPNs */
+ if (q != NULL) {
+ name = talloc_strndup(tmp_ctx,
+ full_name,
+ PTR_DIFF(q, full_name));
+ domain = talloc_strdup(tmp_ctx, q + 1);
+ } else {
+ domain = talloc_strdup(tmp_ctx, "");
+ name = talloc_strdup(tmp_ctx, full_name);
+ }
}
if ((domain == NULL) || (name == NULL)) {
@@ -300,7 +310,7 @@ bool lookup_name(TALLOC_CTX *mem_ctx,
goto ok;
}
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated
via b444d0f7fee s3:winbind: Remove no longer used domain's private_data
pointer
via 12e6a16911d s3:winbind: Do not use domain's private data to store
the ADS_STRUCT
via be6712bd615 s3:winbind: Simplify open_cached_internal_pipe_conn()
via 621b80645a4 s3:winbind: Do not use domain's private data to store
the SAMR pipes
via 41a2825ea57 s3: smbget: Fix auth_fn, order of //server/share
parameters is mixed in prompt.
from ef77abc2c49 s3:auth: Fix user_in_list() for UNIX groups
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test
- Log -
commit b444d0f7feef430dbcbbcbc626bf988ab867c2b8
Author: Samuel Cabrero
Date: Wed Apr 13 11:34:18 2022 +0200
s3:winbind: Remove no longer used domain's private_data pointer
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15046
Signed-off-by: Samuel Cabrero
Reviewed-by: Stefan Metzmacher
Reviewed-by: Andreas Schneider
(cherry picked from commit a6d6ae3cfcd64a85f82ec5b12253ca0e237d95bb)
Autobuild-User(v4-16-test): Jule Anger
Autobuild-Date(v4-16-test): Fri Apr 15 14:45:44 UTC 2022 on sn-devel-184
commit 12e6a16911dee92e20290bb4dec7959cb9de30f6
Author: Samuel Cabrero
Date: Wed Apr 13 11:31:45 2022 +0200
s3:winbind: Do not use domain's private data to store the ADS_STRUCT
The ADS_STRUCT is not allocated using talloc and there are many places
casting this pointer directly so use a typed pointer.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15046
Signed-off-by: Samuel Cabrero
Reviewed-by: Stefan Metzmacher
Reviewed-by: Andreas Schneider
(cherry picked from commit 3cb256439e9ceece26c2de82293c43486543e0cb)
commit be6712bd6151548168bd77a670c7576383c3c7f6
Author: Samuel Cabrero
Date: Wed Apr 13 11:15:35 2022 +0200
s3:winbind: Simplify open_cached_internal_pipe_conn()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15046
Signed-off-by: Samuel Cabrero
Reviewed-by: Stefan Metzmacher
Reviewed-by: Andreas Schneider
(cherry picked from commit 91395e660a2b1b69bf74ca0b77aee416e2ac1db3)
commit 621b80645a47dc41b53217785b835706a1677468
Author: Samuel Cabrero
Date: Wed Apr 13 11:01:00 2022 +0200
s3:winbind: Do not use domain's private data to store the SAMR pipes
The domain's private_data pointer is also used to store a ADS_STRUCT,
which is not allocated using talloc and there are many places casting
this pointer directly.
The recently added samba.tests.pam_winbind_setcred was randomly failing
and after debugging it the problem was that kerberos authentication was
failing because the time_offset passed to kerberos_return_pac() was
wrong. This time_offset was retrieved from ads->auth.time_offset, where
the ads pointer was directly casted from domain->private_data but
private_data was pointing to a winbind_internal_pipes struct.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15046
Signed-off-by: Samuel Cabrero
Reviewed-by: Stefan Metzmacher
Reviewed-by: Andreas Schneider
(cherry picked from commit e1f29b0970f4cac52a9cd517be6862cf69a1433a)
commit 41a2825ea5790296359aa069e19a55da7bf64be0
Author: Jeremy Allison
Date: Tue Apr 5 13:24:19 2022 -0700
s3: smbget: Fix auth_fn, order of //server/share parameters is mixed in
prompt.
Found by
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14831
Signed-off-by: Jeremy Allison
Reviewed-by: Andreas Schneider
(cherry picked from commit f1765f91b015d64122e74c01c7c6d0984cc7af87)
---
Summary of changes:
source3/utils/smbget.c | 2 +-
source3/winbindd/winbindd.h | 10 +++---
source3/winbindd/winbindd_ads.c | 10 +-
source3/winbindd/winbindd_ndr.c | 7 ++-
source3/winbindd/winbindd_pam.c | 6 ++
source3/winbindd/winbindd_samr.c | 27 +--
6 files changed, 30 insertions(+), 32 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/utils/smbget.c b/source3/utils/smbget.c
index 19958f35afa..3e7c5687d83 100644
--- a/source3/utils/smbget.c
+++ b/source3/utils/smbget.c
@@ -129,7 +129,7 @@ static void get_auth_data(const char *srv, const char *shr,
char *wg, int wglen,
rc = asprintf(,
"Password for [%s] connecting to //%s/%s: ",
- un, shr, srv);
+ un, srv, shr);
if (rc == -1) {
return;
}
diff --git a/source3/winbindd/winbindd.h b/source3/winbindd/winbindd.h
index dac4a1fa927..fe286a9a686 100644
--- a/source3/winbindd/winbindd.h
+++ b/source3/winbindd/winbindd.h
@@ -43,6 +43,9 @@
#define WB_REPLACE_CHAR'_'
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated via ef77abc2c49 s3:auth: Fix user_in_list() for UNIX groups via 5e59bd41a8c s3:tests Test "username map" for UNIX groups via 2b9d29ceb8a selftest: Add to "username.map" mapping for jackthemappergroup via 16038d75b2c selftest: Create groups "jackthemappergroup" and "jacknomappergroup" via f09dfc53fd5 selftest: Create users "jackthemapper" and "jacknomapper" via bf221a9b207 vfs_shadow_copy2: implement readdir() via d6b48ec3795 CI: add a test listing a snapshotted directory via 829f203c2f3 CI: avoid smb2.twrp being run by plansmbtorture4testsuite() directly via 414d890b65e s3: smbd: Preserve the fsp->fsp_name->st buf across a MSG_SMB_FILE_RENAME message. via a68c572869d s3: smbd: Preserve the fsp->fsp_name->st bufs across rename_open_files() via 96a8922639d s4: torture: Add test_smb2_close_full_information() test to smb2.rename. via 140670f6c05 s4: torture: Add CHECK_CREATED macro to smb2/rename.c. Not yet used. via 60386712349 s4: torture: Add CHECK_VAL macro to smb2/rename.c. Not yet used. via 552e0867848 s3: tests.py: Only run smb2.rename against fileserver. via 0f0c12b64fd s3: smbd: smbd_smb2_setinfo_send(). All calls to SMB_VFS_FSTAT(fsp, >fsp_name->st) clobber fsp->fsp_name->st.st_ex_iflags. via c8b6ddb08c3 s3: smbd: smbd_smb2_getinfo_send(). All calls to SMB_VFS_FSTAT(fsp, >fsp_name->st) clobber fsp->fsp_name->st.st_ex_iflags. via c9763e71bc7 s3: cmd_vfs: cmd_set_nt_acl(). All calls to SMB_VFS_FSTAT(fsp, >fsp_name->st) clobber fsp->fsp_name->st.st_ex_iflags. via b88c1f1bc2f s3: cmd_vfs: cmd_open(). All calls to SMB_VFS_FSTAT(fsp, >fsp_name->st) clobber fsp->fsp_name->st.st_ex_iflags. via bbf4e324f73 s3: pysmbd.c: init_files_struct(). All calls to SMB_VFS_FSTAT(fsp, >fsp_name->st) clobber fsp->fsp_name->st.st_ex_iflags. via 6d66132ed26 s3: smbd: call_trans2setfilepathinfo(). All calls to SMB_VFS_FSTAT(fsp, >fsp_name->st) clobber fsp->fsp_name->st.st_ex_iflags. via c48414de71f s3: smbd: call_trans2qfilepathinfo(). All calls to SMB_VFS_FSTAT(fsp, >fsp_name->st) clobber fsp->fsp_name->st.st_ex_iflags. via 386325da318 s3: smbd: rename_internals_fsp(). All calls to SMB_VFS_FSTAT(fsp, >fsp_name->st) clobber fsp->fsp_name->st.st_ex_iflags. via 640b6a01bd8 s3: smbd: mkdir_internal(). 2 of 2. All calls to SMB_VFS_FSTAT(fsp, >fsp_name->st) clobber fsp->fsp_name->st.st_ex_iflags. via 2d7568cd415 s3: smbd: mkdir_internal(). 1 of 2. All calls to SMB_VFS_FSTAT(fsp, >fsp_name->st) clobber fsp->fsp_name->st.st_ex_iflags. via c2d6b29cf3a s3: smbd: open_file(). All calls to SMB_VFS_FSTAT(fsp, >fsp_name->st) clobber fsp->fsp_name->st.st_ex_iflags. via 09bc8b2bb82 s3: smbd: non_widelink_open(). All calls to SMB_VFS_FSTAT(fsp, >fsp_name->st) clobber fsp->fsp_name->st.st_ex_iflags. via f46dad0a2b9 s3: smbd: open_internal_dirfsp(). All calls to SMB_VFS_FSTAT(fsp, >fsp_name->st) clobber fsp->fsp_name->st.st_ex_iflags. via f1030ba8db3 s3: smbd: open_internal_dirfsp() add missing file_free() in error path. via 061c2f52f30 s3: smbd: mdssvc: All calls to SMB_VFS_FSTAT(fsp, >fsp_name->st) clobber fsp->fsp_name->st.st_ex_iflags. via 008999b0cab s3: VFS: vxfs: All calls to SMB_VFS_FSTAT(fsp, >fsp_name->st) clobber fsp->fsp_name->st.st_ex_iflags. via 513ca8e0e57 s3: smbd: In set_ea_dos_attribute(), if we've stored btime and set XATTR_DOSINFO_CREATE_TIME successfully, we need to clear ST_EX_IFLAG_CALCULATED_BTIME. via fff4845206e s3: smbd: In set_ea_dos_attribute() cause root fallback code to exit via the same place. via 96bf06efad9 s4: torture: Add regression test for re-opening a durable handle after calling SMB2 setinfo (end of file). from 19705602653 vfs_gpfs: Initialize litemask to 0 https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test - Log - commit ef77abc2c4903b62da501dddc1e9e0c75b979899 Author: Pavel Filipenský Date: Fri Mar 25 11:11:50 2022 +0100 s3:auth: Fix user_in_list() for UNIX groups BUG: https://bugzilla.samba.org/show_bug.cgi?id=15041 Signed-off-by: Pavel Filipenský Reviewed-by: Jeremy Allison Reviewed-by: Noel Power Autobuild-User(master): Noel Power Autobuild-Date(master): Thu Apr 7 09:49:44 UTC 2022 on sn-devel-184 (cherry picked from commit 6dc463d3e2eb229df1c4f620cfcaf22ac71738d4) Autobuild-User(v4-16-test): Jule Anger Autobuild-Date(v4-16-test): Mon Apr 11 08:51:01 UTC 2022 on sn-devel-184 commit 5e59bd41a8cce710bee8199951dd30b1792ec7b7 Author: Pavel Filipenský Date: Tue Apr 5 14:04:52 2022 +0200 s3:tests Test "username map" for UNIX groups BUG: https://bugzilla.samba.org/show_bug.cgi?id=15041
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated
via 19705602653 vfs_gpfs: Initialize litemask to 0
from ac73a58d751 builtools: Make abi_gen.sh less prone to errors
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test
- Log -
commit 19705602653298c8335df8bf20ed10f601f572da
Author: Christof Schmitt
Date: Mon Mar 21 09:26:41 2022 -0700
vfs_gpfs: Initialize litemask to 0
The change from commit fb13c7c94f to query exact values for atime,
mtime, ctime and size is not necessary, as none of these are used in
this codepath. Initiale litemask to 0 instead.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15027
Signed-off-by: Christof Schmitt
Reviewed-by: Ralph Boehme
Autobuild-User(master): Ralph Böhme
Autobuild-Date(master): Mon Mar 28 09:10:58 UTC 2022 on sn-devel-184
(cherry picked from commit 127f728d58e79a42f8826500e3b15c486e88e556)
Autobuild-User(v4-16-test): Jule Anger
Autobuild-Date(v4-16-test): Wed Mar 30 11:12:52 UTC 2022 on sn-devel-184
---
Summary of changes:
source3/modules/vfs_gpfs.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/modules/vfs_gpfs.c b/source3/modules/vfs_gpfs.c
index f6f162b3b57..7642c647afb 100644
--- a/source3/modules/vfs_gpfs.c
+++ b/source3/modules/vfs_gpfs.c
@@ -1474,7 +1474,7 @@ static NTSTATUS vfs_gpfs_fget_dos_attributes(struct
vfs_handle_struct *handle,
char buf[PATH_MAX];
const char *p = NULL;
struct gpfs_iattr64 iattr = { };
- unsigned int litemask;
+ unsigned int litemask = 0;
struct timespec ts;
uint64_t file_id;
NTSTATUS status;
@@ -1980,7 +1980,7 @@ static int vfs_gpfs_check_pathref_fstat_x(struct
gpfs_config_data *config,
struct connection_struct *conn)
{
struct gpfs_iattr64 iattr = {0};
- unsigned int litemask;
+ unsigned int litemask = 0;
int saved_errno;
int fd;
int ret;
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated via ac73a58d751 builtools: Make abi_gen.sh less prone to errors from 15035d82a58 vfs_shadow_copy2: remove async getxattrat https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test - Log - commit ac73a58d75183cd479326ca4b1a1e58cca3e0466 Author: Andreas Schneider Date: Mon Feb 14 07:59:52 2022 +0100 builtools: Make abi_gen.sh less prone to errors The mold linker has more hidden symbols and we would need to filter them out with nm, where objdump tells us which symbols are actually hidden. So we just need to filter out whatever is hidden. The use of awk makes it also easier to get what we want. Signed-off-by: Andreas Schneider Reviewed-by: Alexander Bokovoy (cherry picked from commit 2b9917d7a3cb88cf48517e4a93a94fa3ca6ff3d9) Autobuild-User(v4-16-test): Jule Anger Autobuild-Date(v4-16-test): Tue Mar 29 16:07:13 UTC 2022 on sn-devel-184 --- Summary of changes: buildtools/scripts/abi_gen.sh | 9 +++-- 1 file changed, 7 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/buildtools/scripts/abi_gen.sh b/buildtools/scripts/abi_gen.sh index 6dd6d321f77..ddb0a7cc36f 100755 --- a/buildtools/scripts/abi_gen.sh +++ b/buildtools/scripts/abi_gen.sh @@ -10,9 +10,14 @@ cat < $GDBSCRIPT -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated via 15035d82a58 vfs_shadow_copy2: remove async getxattrat via e644e783060 CI: add a test for async dosmode on a file in a shadow_copy2 snapshot via d67d5bd74f0 CI: enable "smbd async dosmode" on shadow_write share via de314f93375 smbd: also check for NT_STATUS_NOT_SUPPORTED via 310e334a59e CI: add test "smb2.async_dosmode" via 16be7d70450 smbd: check "store dos attributes" settings in the async dosmode code via 84504306f1d CI: remove shares referencing removed functionality via 337301252b6 waf: Document the confusing --nonshared-binary, --builtin-libraries, --private-libraries and --bundled-libraries from 7676cb51450 s3: smbd: Don't allow setting the delete on close bit on a directory if it contains non-visible files and "delete veto files = no". https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test - Log - commit 15035d82a58821d1f54291a111e8a43a9ad3b82e Author: Ralph Boehme Date: Wed Feb 23 11:36:29 2022 +0100 vfs_shadow_copy2: remove async getxattrat vfswrap_getxattrat_send() is handle based using smb_fname->fsp. As the open of smb_fname->fsp was processed by this module, the handle is already correctly opened on the file in the snapshot. In the end this means we can just call directly call the next function here. Note that the same reasoning might apply to other modules that use vfs_not_implemented_getxattrat_send(), but checking and adjusting those is a job for another day. Currently they will continue to go via the sync fallback of the caller. Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Mon Feb 28 20:53:35 UTC 2022 on sn-devel-184 (cherry picked from commit afc2103da0fe947afc027b3e25c5e82aa5d3f1fb) Autobuild-User(v4-16-test): Jule Anger Autobuild-Date(v4-16-test): Tue Mar 29 10:21:03 UTC 2022 on sn-devel-184 commit e644e783060fc44082f683a7d36384173a79e899 Author: Ralph Boehme Date: Wed Feb 23 18:10:59 2022 +0100 CI: add a test for async dosmode on a file in a shadow_copy2 snapshot Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison (cherry picked from commit 1097b1d0776661d873861672ca38e5892014725d) commit d67d5bd74f0715fe8e5684aa655c4863b1558936 Author: Ralph Boehme Date: Wed Feb 23 18:14:38 2022 +0100 CI: enable "smbd async dosmode" on shadow_write share Existing tests don't care, upcoming new test needs it. Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison (cherry picked from commit 48f81b4e7216e4dad0a86aca75890c32117a342e) commit de314f9337547bf26dbb10268ce455e9a6bcc8da Author: Ralph Boehme Date: Fri Dec 17 15:02:06 2021 +0100 smbd: also check for NT_STATUS_NOT_SUPPORTED If a VFS module fails SMB_VFS_GETXATTRAT_SEND/RECV with ENOSYS like currently vfs_shadow_copy2 or any other module that uses vfs_not_implemented_getxattrat_send() the ENOSYS error that vfs_not_implemented_getxattrat_send() sets gets mapped to NT_STATUS_NOT_SUPPORTED by map_nt_error_from_unix(). Unfortunately when checking whether the async SMB_VFS_GETXATTRAT_SEND() failed and to determine if the sync fallback should be triggered, we currently only check for NT_STATUS_NOT_IMPLEMENTED which is the error we get when "store dos attributes" is disabled. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14957 Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison (cherry picked from commit 97caec07ffd18f247134d21c3ba07c31591863bc) commit 310e334a59e8ddbaa2ad661ea709bdb77db35d2f Author: Ralph Boehme Date: Tue Jan 25 17:59:37 2022 +0100 CI: add test "smb2.async_dosmode" Verifies async-dosmode sync fallback works with shadow_copy2 which returns ENOSYS for SMB_VFS_GET_DOS_ATTRIBUTES_SEND(). BUG: https://bugzilla.samba.org/show_bug.cgi?id=14957 Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison (cherry picked from commit ffdb1c3e00c233efc99e8f1a66a5f83beb4e07f3) commit 16be7d70450b234daebdfd2dc4813655d73e547c Author: Ralph Boehme Date: Mon Jan 24 16:45:11 2022 +0100 smbd: check "store dos attributes" settings in the async dosmode code BUG: https://bugzilla.samba.org/show_bug.cgi?id=14957 Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison (cherry picked from commit ecf56c1d9b6b898ed4060e3bba341392ddcc9b5a) commit 84504306f1df79a08e5efe0839800a121988 Author: Ralph Boehme Date: Mon Jan 24 16:54:29 2022 +0100 CI: remove shares referencing removed functionality The whole "smbd:force sync [user|root] [path|chdir] safe threadpool" stuff was removed long ago by 29dd6f3e59055a17fa3d6a63619773f940e63374.
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated
via 7676cb51450 s3: smbd: Don't allow setting the delete on close bit
on a directory if it contains non-visible files and "delete veto files = no".
via 5242660aa14 s3: torture: Add 2 new tests
SMB2-DEL-ON-CLOSE-NONWRITE-DELETE-NO, SMB2-DEL-ON-CLOSE-NONWRITE-DELETE-YES.
from 7e410e4883f VERSION: Bump version up to Samba 4.16.1...
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test
- Log -
commit 7676cb51450c7559806fc20158dcd73925ccc0b9
Author: Jeremy Allison
Date: Mon Mar 21 13:50:56 2022 -0700
s3: smbd: Don't allow setting the delete on close bit on a directory if it
contains non-visible files and "delete veto files = no".
Remove knownfail.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15023
Signed-off-by: Jeremy Allison
Reviewed-by: Noel Power
Autobuild-User(master): Jeremy Allison
Autobuild-Date(master): Tue Mar 22 17:48:25 UTC 2022 on sn-devel-184
(cherry picked from commit 80503b46e7238d0796f5cc9eb6104958c3b3fcc7)
Autobuild-User(v4-16-test): Jule Anger
Autobuild-Date(v4-16-test): Thu Mar 24 11:55:43 UTC 2022 on sn-devel-184
commit 5242660aa14a66d5cdecf2b2916b6c44999f58ab
Author: Jeremy Allison
Date: Mon Mar 21 13:45:25 2022 -0700
s3: torture: Add 2 new tests SMB2-DEL-ON-CLOSE-NONWRITE-DELETE-NO,
SMB2-DEL-ON-CLOSE-NONWRITE-DELETE-YES.
We currently allow setting the delete on close bit for
a directory containing only explicitly hidden/vetoed files
in the case where "delete veto files = yes" *and*
"delete veto files = no". For the "delete veto files = no"
case we should be denying setting the delete on close bit
when the client tries to set it (that's the only time Windows
looks at the bit and returns an error to the user). We
already do the in the dangling symlink case, we just
missed it in the !is_visible_fsp() case.
Mark SMB2-DEL-ON-CLOSE-NONWRITE-DELETE-NO as knownfail
for now.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15023
Signed-off-by: Jeremy Allison
Reviewed-by: Noel Power
(cherry picked from commit 5fe341d2d67afb7088edcb772b058c747ab341b1)
---
Summary of changes:
selftest/target/Samba3.pm | 25 +
source3/selftest/tests.py | 28 +
source3/smbd/dir.c | 16 ++-
source3/torture/proto.h | 2 +
source3/torture/test_smb2.c | 244
source3/torture/torture.c | 8 ++
6 files changed, 318 insertions(+), 5 deletions(-)
Changeset truncated at 500 lines:
diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm
index 2cc2d13d9e0..2c2eed09441 100755
--- a/selftest/target/Samba3.pm
+++ b/selftest/target/Samba3.pm
@@ -1697,6 +1697,11 @@ sub setup_fileserver
my $virusfilter_sharedir="$share_dir/virusfilter";
push(@dirs,$virusfilter_sharedir);
+ my $delete_unwrite_sharedir="$share_dir/delete_unwrite";
+ push(@dirs,$delete_unwrite_sharedir);
+ push(@dirs, "$delete_unwrite_sharedir/delete_veto_yes");
+ push(@dirs, "$delete_unwrite_sharedir/delete_veto_no");
+
my $ip4 = Samba::get_ipv4_addr("FILESERVER");
my $fileserver_options = "
kernel change notify = yes
@@ -1821,6 +1826,18 @@ sub setup_fileserver
path = $veto_sharedir
delete veto files = yes
+[delete_yes_unwrite]
+ read only = no
+ path = $delete_unwrite_sharedir
+ hide unwriteable files = yes
+ delete veto files = yes
+
+[delete_no_unwrite]
+ read only = no
+ path = $delete_unwrite_sharedir
+ hide unwriteable files = yes
+ delete veto files = no
+
[virusfilter]
path = $virusfilter_sharedir
vfs objects = acl_xattr virusfilter
@@ -1907,6 +1924,14 @@ sub setup_fileserver
##
create_file_chmod("$bad_iconv_sharedir/\xED\x9F\xBF", 0644) or return
undef;
+ ##
+ ## create unwritable files inside inside the delete unwrite veto share
dirs.
+ ##
+ unlink("$delete_unwrite_sharedir/delete_veto_yes/file_444");
+ create_file_chmod("$delete_unwrite_sharedir/delete_veto_yes/file_444",
0444) or return undef;
+ unlink("$delete_unwrite_sharedir/delete_veto_no/file_444");
+ create_file_chmod("$delete_unwrite_sharedir/delete_veto_no/file_444",
0444) or return undef;
+
return $vars;
}
diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py
index 95192ae19ae..03f144489b0 100755
--- a/source3/selftest/tests.py
+++ b/source3/selftest/tests.py
@@ -271,7 +271,35 @@ plantestsuite("samba3.smbtorture_s3.plain.%s" %
"SMB2-DEL-ON-CLOSE-NONEMPTY",
"",
"-l $LOCAL_PATH"])
+#
+# SMB2-DEL-ON-CLOSE-NONWRITE-DELETE-YES needs to run against a special
fileserver
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated via e79f04a3179 WHATSNEW for Heimdal upgrade via f4236271500 WHATSNEW: older SMB1 command removal/simpliciation and deprecation from 41054b61231 s4:kdc: tunnel the check_client_access status to hdb_samba4_audit() https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test - Log - commit e79f04a317906b1fbd9a53c831800088e2aab680 Author: Andrew Bartlett Date: Wed Mar 16 12:53:47 2022 +1300 WHATSNEW for Heimdal upgrade Signed-off-by: Andrew Bartlett Signed-off-by: Stefan Metzmacher Reviewed-by: Jeremy Allison commit f42362715008716ed8508645329a9b16995e7db9 Author: Andrew Bartlett Date: Thu Mar 17 07:53:37 2022 +1300 WHATSNEW: older SMB1 command removal/simpliciation and deprecation Signed-off-by: Andrew Bartlett Reviewed-by: Jeremy Allison --- Summary of changes: WHATSNEW.txt | 118 +++ 1 file changed, 103 insertions(+), 15 deletions(-) Changeset truncated at 500 lines: diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 83d77b5c028..31f656e4095 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -52,6 +52,46 @@ samba-dcerpcd can also be useful for use outside of the Samba framework, for example, use with the Linux kernel SMB2 server ksmbd or possibly other SMB2 server implementations. +Heimdal-8.0pre used for Samba Internal Kerberos, adds FAST support +-- + +Samba has since Samba 4.0 included a snapshot of the Heimdal Kerberos +implementation. This snapshot has now been updated and will closely +match what will be released as Heimdal 8.0 shortly. + +This is a major update, previously we used a snapshot of Heimdal from +2011, and brings important new Kerberos security features such as +Kerberos request armoring, known as FAST. This tunnels ticket +requests and replies that might be encrypted with a weak password +inside a wrapper built with a stronger password, say from a machine +account. + +In Heimdal and MIT modes Samba's KDC now supports FAST, for the +support of non-Windows clients. + +Windows clients will not use this feature however, as they do not +attempt to do so against a server not advertising domain Functional +Level 2012. Samba users are of course free to modify how Samba +advertises itself, but use with Windows clients is not supported "out +of the box". + +Finally, Samba also uses a per-KDC, not per-realm 'cookie' to secure part of +the FAST protocol. A future version will align this more closely with +Microsoft AD behaviour. + +If FAST needs to be disabled on your Samba KDC, set + + kdc enable fast = no + +in the smb.conf. + +The Samba project wishes to thank the numerous developers who have put +in a massive effort to make this possible over many years. In +particular we thank Stefan Metzmacher, Joseph Sutton, Gary Lockyer, +Isaac Boukris and Andrew Bartlett. Samba's developers in turn thank +their employers and in turn their customers who have supported this +effort over many years. + Certificate Auto Enrollment --- @@ -135,21 +175,69 @@ CTDB changes REMOVED FEATURES -SMB1 CORE and LANMAN1 protocol wildcard copy, unlink and rename removed -=== - -In preparation for the removal of the SMB1 server, the unused -SMB1 command SMB_COM_COPY (SMB1 command number 0x29) has been -removed from the Samba smbd server. In addition, the ability -to process file name wildcards in requests using the SMB1 commands -SMB_COM_COPY (SMB1 command number 0x2A), SMB_COM_RENAME (SMB1 command -number 0x7), SMB_COM_NT_RENAME (SMB1 command number 0xA5) and -SMB_COM_DELETE (SMB1 command number 0x6) have been removed. - -This only affects clients using MS-DOS based versions of -SMB1, the last release of which was Windows 98. Users requiring -support for these features will need to use older versions -of Samba. +Older SMB1 protocol SMBCopy command removed +--- + +SMB is a nearly 30-year old protocol, and some protocol commands that +while supported in all versions, have not seen widespread use. + +One of those is SMBCopy, a feature for a server-side copy of a file. +This feature has been so unmaintained that Samba has no testsuite for +it. + +The SMB1 command SMB_COM_COPY (SMB1 command number 0x29) was +introduced in the LAN Manager 1.0 dialect and it was rendered obsolete +in the NT LAN Manager dialect. + +Therefore it has been removed from the Samba smbd server. + +We do note that a fully supported and tested server-side copy is +present in SMB2, and can be accessed with "scopy" subcommand in +smbclient) + +SMB1 server-side wildcard expansion removed +---
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated via 41054b61231 s4:kdc: tunnel the check_client_access status to hdb_samba4_audit() via 507ececf03d s4-kdc: Handle previously unhandled auth event types via 9272ec1a245 s3:libads: Fix creating local krb5.conf via abe01ca6b21 s3:libads: Check print_canonical_sockaddr_with_port() for NULL in get_kdc_ip_string() via 3c5d0c379d7 s3:libads: Remove obsolete free's of kdc_str via 3c98408be7d s3:libads: Allocate all memory on the talloc stackframe via cfbd47d7b48 s3:libads: Use talloc_asprintf_append() in get_kdc_ip_string() via cce13c772f1 s3:libads: Improve debug messages for get_kdc_ip_string() via 2599f5313bd s3:libads: Leave early on error in get_kdc_ip_string() via c20ca210fb8 s3:libads: Remove trailing spaces in kerberos.c via dd6c50b82ee testprogs: Add test that local krb5.conf has been created via 34771e19315 s3:libsmb: Fix errno for failed authentication in SMBC_server_internal() from bf8f8c592b0 s4:auth: let authenticate_ldap_simple_bind() pass down the mapped nt4names https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test - Log - commit 41054b612311e624fa6a673808118fc319e758d8 Author: Stefan Metzmacher Date: Wed Mar 16 09:21:03 2022 +0100 s4:kdc: tunnel the check_client_access status to hdb_samba4_audit() Otherwise useful information gets lost while converting from NTSTATUS to krb5_error and back to NTSTATUS again. E.g. NT_STATUS_ACCOUNT_DISABLED would be audited as NT_STATUS_ACCOUNT_LOCKED_OUT. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15015 Signed-off-by: Stefan Metzmacher Reviewed-by: Andrew Bartlett (cherry picked from commit 5294dc80090482d5669126802672eb2c89e269cf) Autobuild-User(v4-16-test): Jule Anger Autobuild-Date(v4-16-test): Thu Mar 17 10:12:38 UTC 2022 on sn-devel-184 commit 507ececf03d8644b93a9ea953f6ab1c4aefb8e47 Author: Joseph Sutton Date: Tue Mar 15 15:34:34 2022 +1300 s4-kdc: Handle previously unhandled auth event types Cases to handle KDC_AUTH_EVENT_VALIDATED_LONG_TERM_KEY and KDC_AUTH_EVENT_PREAUTH_SUCCEEDED were removed in: commit 791be84c3eecb95e03611458e2305bae272ba267 Author: Stefan Metzmacher Date: Wed Mar 2 10:10:08 2022 +1300 s4:kdc: hdb_samba4_audit() is only called once per request Normally these auth event types are overwritten with the KDC_AUTH_EVENT_CLIENT_AUTHORIZED event type, but if a client passes the pre-authentication check, and happens to fail the client access check (e.g. because the account is disabled), we get error messages of the form: hdb_samba4_audit: Unhandled hdb_auth_status=9 => INTERNAL_ERROR To avoid such errors, use the error code provided in the request structure to obtain a relevant status code in cases not handled explicitly. For unexpected values we return KRB5KRB_ERR_GENERIC in order to hopefully prevent success. And within make test we panic in order let a ci run fail. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15015 Pair-Programmed-With: Stefan Metzmacher Signed-off-by: Joseph Sutton Signed-off-by: Stefan Metzmacher Reviewed-by: Andrew Bartlett (cherry picked from commit b01388da8a72c11c46bb27e773b354520bc6ac88) commit 9272ec1a2452ecea60b894f649c18d870cf9e2aa Author: Andreas Schneider Date: Tue Mar 15 13:10:06 2022 +0100 s3:libads: Fix creating local krb5.conf We create an KDC ip string entry directly at the beginning, use it if we don't have any additional DCs. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15016 Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Wed Mar 16 14:26:36 UTC 2022 on sn-devel-184 (cherry picked from commit 68d181ee676e17a5cdcfc12c5cc7eef242fdfa6c) commit abe01ca6b215e51dea8328869731d88956bfb2dc Author: Andreas Schneider Date: Tue Mar 15 13:02:05 2022 +0100 s3:libads: Check print_canonical_sockaddr_with_port() for NULL in get_kdc_ip_string() BUG: https://bugzilla.samba.org/show_bug.cgi?id=15016 Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner (cherry picked from commit 12c843ad0a97fcbaaea738b82941533e5d2aec99) commit 3c5d0c379d7882d8c3c45a0dde53a68c7ec8a2a7 Author: Andreas Schneider Date: Tue Mar 15 12:57:18 2022 +0100 s3:libads: Remove obsolete free's of kdc_str This is allocated on the stackframe now! BUG: https://bugzilla.samba.org/show_bug.cgi?id=15016 Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner (cherry picked from commit cca189d0934790418e27d9d01282370b1e6a057f) commit
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated
via bf8f8c592b0 s4:auth: let authenticate_ldap_simple_bind() pass down
the mapped nt4names
via 7bb17ee5134 auth: let auth logging prefer
user_info->orig_client.{account,domain}_name if available
via f4e39095450 s4:auth: rename user_info->mapped_state to
user_info->cracknames_called
via 1e617128adb winbindd: don't set mapped_state in
winbindd_dual_auth_passdb()
via cd29a661e0f nsswitch: let test_wbinfo.sh also test wbinfo -a
$USERNAME@$DOMAIN
via c46c341016d s3:auth: make_user_info_map() should not set
mapped_state
via a219a81ff89 s4:auth: fix confusing DEBUG message in
authsam_want_check()
via e691165b4de s4:auth: check for user_info->mapped.account_name if it
needs to be filled
via 03996701fb5 s4:rpc_server/samr: don't set mapped_state in
auth_usersupplied_info for audit logging
via b353567acf0 s4:kdc: don't set mapped_state in
auth_usersupplied_info for audit logging
via 20be02ecfde s4:dsdb: don't set mapped_state in
auth_usersupplied_info for audit logging
via 7b31dcbd704 s4:smb_server: don't set mapped_state explicitly in
auth_usersupplied_info
via 27a8698ced5 auth/ntlmssp: don't set mapped_state explicitly in
auth_usersupplied_info
via 6841fdef65b s4:auth: encrypt_user_info() should set password_state
instead of mapped_state
via 9898afd747f s4:auth: a simple bind uses the DCs name as workstation
via 80f35f7ab6a s3:rpc_client: let rpccli_netlogon_network_logon()
fallback to workstation = lp_netbios_name()
via fcec3b21d9a rodc: Add tests for simple BIND alongside NTLMSSP binds
via 64b2075c119 s4:auth_sam: use USER_INFO_INTERACTIVE_LOGON as
inducation for an interactive logon
via cafbb3e7307 s3:auth: let make_user_info_netlogon_interactive() set
USER_INFO_INTERACTIVE_LOGON
via d92b46a4c04 dsdb/tests: add test_login_basics_simple()
via 54bb3569e5d dsdb/tests: prepare BasePasswordTestCase for simple
bind tests
via 4b245891416 dsdb/tests: introduce assertLoginSuccess
via c35de738dad dsdb/tests: make use of assertLoginFailure helper
via ff7ffbdf612 dsdb/tests: let all BasePasswordTestCase tests provide
self.host_url[_ldaps]
via 43c4dc75e21 dsdb/tests: passwords.py don't need to import
BasePasswordTestCase
via 528ed90d03a python:tests: let insta_creds() also copy the bind_dn
from the template
from 1fcb5ed30f9 s4-kdc: Fix memory leak in FAST cookie handling
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test
- Log -
commit bf8f8c592b0395562a7bd296505c24ec09f65e4b
Author: Stefan Metzmacher
Date: Thu Mar 3 11:10:00 2022 +0100
s4:auth: let authenticate_ldap_simple_bind() pass down the mapped nt4names
authenticate_ldap_simple_bind*() needs to pass the
result of the cracknames operation into the auth stack
as user_info->client.{account,domain}_name, because
user_info->client.{account,domain}_name is also used
when forwarding the request via netrLogonSamLogon*
to a remote server, for exactly that the values are
also used in order to map a AUTH_PASSWORD_PLAIN into
AUTH_PASSWORD_RESPONSE, where the NTLMv2 response
contains the account and domain names passed in the
netr_IdentityInfo value.
Otherwise it would not be possible to forward the
LDAP simple bind authentication request to a remote
DC.
Currently this only applies to an RODC that forwards
the request to an RWDC.
But note that LDAP simple binds (as on Windows) only
work for users in the DCs forest, as the DsCrackNames
need to work and it can't work for users of remote
forests. I tested that in a DC of a forest root domain,
if rejected the LDAP simple bind against a different forest,
but allowed it for a users of a child domain in the
same forest. The NTLMSSP bind worked in both cases.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13879
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andrew Bartlett
Autobuild-User(master): Andrew Bartlett
Autobuild-Date(master): Thu Mar 10 04:10:54 UTC 2022 on sn-devel-184
(cherry picked from commit 40f2070d3b2b1b13cc08f7844bfe4945e9f0cd86)
Autobuild-User(v4-16-test): Jule Anger
Autobuild-Date(v4-16-test): Wed Mar 16 14:40:08 UTC 2022 on sn-devel-184
commit 7bb17ee5134fa8cbcc2278da142defa4834bd2b3
Author: Stefan Metzmacher
Date: Thu Mar 3 11:10:00 2022 +0100
auth: let auth logging prefer user_info->orig_client.{account,domain}_name
if available
The optional user_info->orig_client.{account,domain}_name are
the once really used by the client and should be used in
audit logging. But we still fallback to
user_info->client.{account,domain}_name.
This will be important for the
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated via 1fcb5ed30f9 s4-kdc: Fix memory leak in FAST cookie handling via 9d819c9359f third_party/heimdal: import lorikeet-heimdal-202203101710 (commit df8d801544144949931cd742169be1207b239c3d) via e6196c456c1 selftest: use 'kdc enable fast = no' for fl2000 fl2003 via 46435367394 s4:kdc: make use of the 'kdc enable fast' option via 9aa78f15fd6 docs-xml: add 'kdc enable fast' option via 2aa95f78203 third_party/heimdal: import lorikeet-heimdal-202203101709 (commit 47863866da25cc21d292ce335a976b8b33fa1864) from 8ac427eed2c VERSION: Bump version up to Samba 4.16.0rc6... https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test - Log - commit 1fcb5ed30f9a2b2fd7e02be66ab6052ae960aeed Author: Andrew Bartlett Date: Tue Mar 8 22:46:02 2022 +1300 s4-kdc: Fix memory leak in FAST cookie handling The call to sdb_free_entry() was forgotten. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15000 Signed-off-by: Andrew Bartlett Autobuild-User(master): Stefan Metzmacher Autobuild-Date(master): Fri Mar 11 11:05:55 UTC 2022 on sn-devel-184 (cherry picked from commit b7bc1f6dddc1c5fee8a39422823f167db1f24bb2) Autobuild-User(v4-16-test): Jule Anger Autobuild-Date(v4-16-test): Mon Mar 14 15:24:28 UTC 2022 on sn-devel-184 commit 9d819c9359f35758219ee78ef0ade3828a9d8135 Author: Stefan Metzmacher Date: Thu Mar 10 17:49:52 2022 +0100 third_party/heimdal: import lorikeet-heimdal-202203101710 (commit df8d801544144949931cd742169be1207b239c3d) This fixes the regressions against KDCs without FAST support. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15002 BUG: https://bugzilla.samba.org/show_bug.cgi?id=15005 Signed-off-by: Stefan Metzmacher Reviewed-by: Joseph Sutton Autobuild-User(master): Stefan Metzmacher Autobuild-Date(master): Fri Mar 11 18:06:47 UTC 2022 on sn-devel-184 (cherry picked from commit 9b48e7f7eda5e368c1192d562c268885c1f68d8b) commit e6196c456c1d9635376fcc5565b9f67e2e7cf65a Author: Stefan Metzmacher Date: Wed Mar 9 12:53:18 2022 +0100 selftest: use 'kdc enable fast = no' for fl2000 fl2003 This makes sure we still run tests against KDCs without FAST support and it already found a few regressions. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15002 BUG: https://bugzilla.samba.org/show_bug.cgi?id=15005 Signed-off-by: Stefan Metzmacher Reviewed-by: Joseph Sutton (cherry picked from commit f1a71e24864367a55a30813dd642e7ef392b5ac9) commit 4643536739464a1f1c49ca780ae34a1c8f6df360 Author: Stefan Metzmacher Date: Wed Mar 9 12:39:07 2022 +0100 s4:kdc: make use of the 'kdc enable fast' option This will useful to test against a KDC without FAST support and find/prevent regressions. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15002 BUG: https://bugzilla.samba.org/show_bug.cgi?id=15005 Signed-off-by: Stefan Metzmacher Reviewed-by: Joseph Sutton (cherry picked from commit 2db7589d69abebad16b66d933114367f815d5fc3) commit 9aa78f15fd6f4796657246d09dab883a717de6f6 Author: Stefan Metzmacher Date: Wed Mar 9 12:39:07 2022 +0100 docs-xml: add 'kdc enable fast' option This will be useful to test against a KDC without FAST support and find/prevent regressions. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15002 BUG: https://bugzilla.samba.org/show_bug.cgi?id=15005 Signed-off-by: Stefan Metzmacher Reviewed-by: Joseph Sutton (cherry picked from commit 12b623088cf48cf9e4a046441810ef20e1f079b8) commit 2aa95f782037be279b093df5b3f9cbe4f1c44ab3 Author: Stefan Metzmacher Date: Thu Mar 10 16:12:43 2022 +0100 third_party/heimdal: import lorikeet-heimdal-202203101709 (commit 47863866da25cc21d292ce335a976b8b33fa1864) BUG: https://bugzilla.samba.org/show_bug.cgi?id=15002 BUG: https://bugzilla.samba.org/show_bug.cgi?id=15005 Signed-off-by: Stefan Metzmacher Reviewed-by: Joseph Sutton (cherry picked from commit 67bdc922f9836779f1b37805575c5c4eea9ba3e6) --- Summary of changes: docs-xml/smbdotconf/security/kdcenablefast.xml | 15 +++ lib/param/loadparm.c | 2 + selftest/target/Samba4.pm | 2 + source3/param/loadparm.c | 2 + source4/kdc/db-glue.c | 8 +- source4/kdc/hdb-samba4.c | 1 + source4/kdc/kdc-heimdal.c | 7 + source4/selftest/tests.py | 5 +- third_party/heimdal/.github/workflows/coverity.yml | 68 ++ third_party/heimdal/.github/workflows/linux.yml| 146
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated via 8ac427eed2c VERSION: Bump version up to Samba 4.16.0rc6... via 3a2c1b12f84 VERSION: Disable GIT_SNAPSHOT for the 4.16.0rc5 release. via c3ee2db15a8 WHATSNEW: Add release notes for Samba 4.16.0rc5. from 4b6a6af868c s4:kdc: redirect pre-authentication failures to an RWDC https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test - Log - commit 8ac427eed2c6d200105d199c4695a304f17c76a5 Author: Jule Anger Date: Tue Mar 8 15:48:22 2022 +0100 VERSION: Bump version up to Samba 4.16.0rc6... and re-enable GIT_SNAPSHOT. Signed-off-by: Jule Anger commit 3a2c1b12f841f6ab2e3d2208fa9f46a55d5129f3 Author: Jule Anger Date: Tue Mar 8 15:47:32 2022 +0100 VERSION: Disable GIT_SNAPSHOT for the 4.16.0rc5 release. Signed-off-by: Jule Anger commit c3ee2db15a8f7c879ccbf1b6f1326621e7072c08 Author: Jule Anger Date: Tue Mar 8 15:46:47 2022 +0100 WHATSNEW: Add release notes for Samba 4.16.0rc5. Signed-off-by: Jule Anger --- Summary of changes: VERSION | 2 +- WHATSNEW.txt | 33 - 2 files changed, 33 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/VERSION b/VERSION index afc3c64af35..f37d4c2db1b 100644 --- a/VERSION +++ b/VERSION @@ -87,7 +87,7 @@ SAMBA_VERSION_PRE_RELEASE= # e.g. SAMBA_VERSION_RC_RELEASE=1 # # -> "3.0.0rc1" # -SAMBA_VERSION_RC_RELEASE=5 +SAMBA_VERSION_RC_RELEASE=6 # To mark SVN snapshots this should be set to 'yes'# diff --git a/WHATSNEW.txt b/WHATSNEW.txt index e511e17c4c8..83d77b5c028 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,7 +1,7 @@ Release Announcements = -This is the fourth release candidate of Samba 4.16. This is *not* +This is the fifth release candidate of Samba 4.16. This is *not* intended for production environments and is designed for testing purposes only. Please report any defects via the Samba bug reporting system at https://bugzilla.samba.org/. @@ -174,6 +174,37 @@ smb.conf changes rpc start on demand helpers Added true +CHANGES SINCE 4.16.0rc4 +=== + +o Jeremy Allison + * BUG 14737: Samba does not response STATUS_INVALID_PARAMETER when opening 2 + objects with same lease key. + +o Jule Anger + * BUG 14999: Listing shares with smbstatus no longer works. + +o Douglas Bagnall + * BUG 14996: Fix ldap simple bind with TLS auditing. + +o Andrew Bartlett + * BUG 14995: Use Heimdal 8.0 (pre) rather than an earlier snapshot. + +o Volker Lendecke + * BUG 14989: Fix a use-after-free in SMB1 server. + +o Stefan Metzmacher + * BUG 14865: Uncached logon on RODC always fails once. + * BUG 14984: Changing the machine password against an RODC likely destroys + the domain join. + * BUG 14993: authsam_make_user_info_dc() steals memory from its struct + ldb_message *msg argument. + * BUG 14995: Use Heimdal 8.0 (pre) rather than an earlier snapshot. + +o Joseph Sutton + * BUG 14995: Use Heimdal 8.0 (pre) rather than an earlier snapshot. + + CHANGES SINCE 4.16.0rc3 === -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated via 4b6a6af868c s4:kdc: redirect pre-authentication failures to an RWDC via b8e20583b05 s4:kdc: let pac functions in wdc-samba4.c take astgs_request_t via 302f9acb4a0 third_party/heimdal: import lorikeet-heimdal-202203031927 (commit 7abc451ddd74d0c2e57dbb32f3198bde8def73ab) from 9df5283f3d9 s3:utils: assign ids to struct to list shares correctly https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test - Log - commit 4b6a6af868c03407d41dd978e8a72b1acbc87720 Author: Stefan Metzmacher Date: Mon Feb 21 10:29:12 2022 +0100 s4:kdc: redirect pre-authentication failures to an RWDC The most important case is that we still have a previous password cached at the RODC and the inbound replication hasn't wiped the cache yet and we also haven't triggered a new replication yet. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14865 Signed-off-by: Stefan Metzmacher Reviewed-by: Andrew Bartlett (cherry picked from commit 0f5d7ff1a9fd14fd412b09883d413d1d660fa7be) Autobuild-User(v4-16-test): Jule Anger Autobuild-Date(v4-16-test): Tue Mar 8 14:30:45 UTC 2022 on sn-devel-184 commit b8e20583b052aeb8f1bda381f7a0dab420325e8d Author: Stefan Metzmacher Date: Thu Feb 24 21:31:52 2022 +0100 s4:kdc: let pac functions in wdc-samba4.c take astgs_request_t NOTE: This commit finally works again! This aligns us with the following Heimdal change: commit 11d8a053f50c88256b4d49c7e482c2eb8f6bde33 Author: Stefan Metzmacher AuthorDate: Thu Feb 24 18:27:09 2022 +0100 Commit: Luke Howard CommitDate: Thu Mar 3 09:58:48 2022 +1100 kdc-plugin: also pass astgs_request_t to the pac related functions This is more consistent and allows the pac hooks to be more flexible. Signed-off-by: Stefan Metzmacher Reviewed-by: Andrew Bartlett BUG: https://bugzilla.samba.org/show_bug.cgi?id=14865 Signed-off-by: Stefan Metzmacher (cherry picked from commit 27ee5ad713b760e8226537d79c529ace1efb07bf) commit 302f9acb4a0c689a572b157f4947333485d05724 Author: Stefan Metzmacher Date: Thu Mar 3 19:17:06 2022 +0100 third_party/heimdal: import lorikeet-heimdal-202203031927 (commit 7abc451ddd74d0c2e57dbb32f3198bde8def73ab) NOTE: THIS COMMIT WON'T COMPILE/WORK ON ITS OWN! BUG: https://bugzilla.samba.org/show_bug.cgi?id=14865 Signed-off-by: Stefan Metzmacher Reviewed-by: Andrew Bartlett (cherry picked from commit f33f73f82fb2d5d96928ce5910e2d0d939c2ff57) --- Summary of changes: selftest/knownfail | 1 - source4/dsdb/tests/python/rodc_rwdc.py | 3 +- source4/kdc/hdb-samba4.c | 93 ++ source4/kdc/wdc-samba4.c | 10 ++- third_party/heimdal/kdc/fast.c | 20 +++-- third_party/heimdal/kdc/kdc-accessors.h| 20 + third_party/heimdal/kdc/kdc-plugin.c | 28 +++ third_party/heimdal/kdc/kdc-plugin.h | 6 +- third_party/heimdal/kdc/kdc_locl.h | 5 ++ third_party/heimdal/kdc/kerberos5.c| 17 +++- third_party/heimdal/kdc/krb5tgs.c | 25 -- third_party/heimdal/kdc/libkdc-exports.def | 3 + third_party/heimdal/kdc/mssfu.c| 5 +- third_party/heimdal/kdc/version-script.map | 3 + third_party/heimdal/lib/asn1/krb5.asn1 | 54 - third_party/heimdal/lib/asn1/libasn1-exports.def | 25 ++ third_party/heimdal/lib/krb5/krb5.h| 4 + third_party/heimdal/lib/krb5/pac.c | 2 +- third_party/heimdal/lib/krb5/principal.c | 9 ++- third_party/heimdal/tests/plugin/kdc_test_plugin.c | 8 +- 20 files changed, 219 insertions(+), 122 deletions(-) Changeset truncated at 500 lines: diff --git a/selftest/knownfail b/selftest/knownfail index 2a5287cba2d..7e897dd026d 100644 --- a/selftest/knownfail +++ b/selftest/knownfail @@ -377,7 +377,6 @@ ^samba.tests.auth_log_pass_change.samba.tests.auth_log_pass_change.AuthLogPassChangeTests.test_rap_change_password\(ad_dc_ntvfs\) # We currently don't send referrals for LDAP modify of non-replicated attrs ^samba4.ldap.rodc.python\(rodc\).__main__.RodcTests.test_modify_nonreplicated.* -^samba4.ldap.rodc_rwdc.python.*.__main__.RodcRwdcTests.test_change_password_reveal_on_demand_kerberos # NETLOGON is disabled in any non-DC environments ^samba.tests.netlogonsvc.python\(ad_member\) ^samba.tests.netlogonsvc.python\(simpleserver\) diff --git a/source4/dsdb/tests/python/rodc_rwdc.py b/source4/dsdb/tests/python/rodc_rwdc.py index 74e0773abc3..beea26e8e1a
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated
via 9df5283f3d9 s3:utils: assign ids to struct to list shares correctly
via 364b16068b1 s3:tests: Add a test to check the output of smbstatus.
from de8fc990b21 s3: smbd: Fix our leases code to return the correct
error in the non-dynamic share case.
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test
- Log -
commit 9df5283f3d99ef6627843c223141040bfe263cf1
Author: Jule Anger
Date: Fri Mar 4 09:02:28 2022 +0100
s3:utils: assign ids to struct to list shares correctly
The commit "99d1f1fa10d smbd: Remove unused "struct connections_key""
removes
also the assignment of information to connections_data, which are needed to
list
shares.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14999
Signed-off-by: Jule Anger
Reviewed-by: Volker Lendecke
Autobuild-User(master): Jule Anger
Autobuild-Date(master): Mon Mar 7 15:27:48 UTC 2022 on sn-devel-184
(cherry picked from commit 9e9e6955ba93691545ea35e39ebdc285cd484406)
Autobuild-User(v4-16-test): Jule Anger
Autobuild-Date(v4-16-test): Tue Mar 8 11:31:47 UTC 2022 on sn-devel-184
commit 364b16068b1e46ba6aeffe321dd20840c35c2ab7
Author: Jule Anger
Date: Mon Mar 7 10:13:33 2022 +0100
s3:tests: Add a test to check the output of smbstatus.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14999
Signed-off-by: Jule Anger
Reviewed-by: Volker Lendecke
(cherry picked from commit b108e039ab13ee9f8f2c629c5b57085a462d14db)
---
Summary of changes:
source3/script/tests/test_smbstatus.sh | 98 ++
source3/utils/conn_tdb.c | 2 +
2 files changed, 100 insertions(+)
Changeset truncated at 500 lines:
diff --git a/source3/script/tests/test_smbstatus.sh
b/source3/script/tests/test_smbstatus.sh
index b29ba15c377..20846f6d4ed 100755
--- a/source3/script/tests/test_smbstatus.sh
+++ b/source3/script/tests/test_smbstatus.sh
@@ -144,6 +144,100 @@ EOF
return 0
}
+test_smbstatus_output()
+{
+local cmdfile=$PREFIX/smbclient_commands
+local tmpfile=$PREFIX/smbclient_lock_file
+local file=smbclient_lock_file
+local status_shares=smbstatus_output_shares
+local status_processes=smbstatus_output_processes
+local status_locks=smbstatus_output_locks
+
+cat > $tmpfile < $cmdfile <
$status_shares
+!UID_WRAPPER_INITIAL_RUID=0 UID_WRAPPER_INITIAL_EUID=0 $SMBSTATUS --processes
> $status_processes
+!UID_WRAPPER_INITIAL_RUID=0 UID_WRAPPER_INITIAL_EUID=0 $SMBSTATUS --locks >
$status_locks
+close 1
+rm $file
+quit
+EOF
+
+
+cmd="CLI_FORCE_INTERACTIVE=yes $SMBCLIENT -U$USERNAME%$PASSWORD
//$SERVER/tmp -I $SERVER_IP $ADDARGS --quiet < $cmdfile 2>&1"
+eval echo "$cmd"
+out=$(eval $cmd)
+ret=$?
+
+rm -f $cmpfile
+rm -f $tmpfile
+
+if [ $ret -ne 0 ] ; then
+ echo "Failed to run smbclient with error $ret"
+ echo "$out"
+ return 1
+fi
+
+out=$(cat $PREFIX/$status_processes)
+echo "$out" | grep -c 'PID *Username'
+ret=$?
+if [ $ret -eq 1 ] ; then
+ echo "Failed: Could not start smbstatus"
+ echo "$out"
+ return 1
+fi
+echo "$out" | grep -c "$USERNAME"
+ret=$?
+if [ $ret -eq 1 ] ; then
+ echo "Failed: open connection not found"
+ echo "$out"
+ return 1
+fi
+
+out=$(cat $PREFIX/$status_shares)
+echo "$out" | grep -c 'Service *pid'
+ret=$?
+if [ $ret -eq 1 ] ; then
+ echo "Failed: Could not start smbstatus"
+ echo "$out"
+ return 1
+fi
+echo "$out" | grep -c "tmp"
+ret=$?
+if [ $ret -eq 1 ] ; then
+ echo "Failed: shares not found"
+ echo "$out"
+ return 1
+fi
+
+out=$(cat $PREFIX/$status_locks)
+echo "$out" | grep -c "Locked files:"
+ret=$?
+if [ $ret -eq 1 ] ; then
+ echo "Failed: locked file not found"
+ echo "$out"
+ return 1
+fi
+echo "$out" | grep -c "$file"
+ret=$?
+if [ $ret -eq 1 ] ; then
+ echo "Failed: wrong file locked"
+ echo "$out"
+ return 1
+fi
+
+rm $PREFIX/$status_shares
+rm $PREFIX/$status_processes
+rm $PREFIX/$status_locks
+
+return 0
+}
+
testit "plain" \
test_smbstatus || \
failed=`expr $failed + 1`
@@ -152,4 +246,8 @@ testit "resolve_uids" \
test_smbstatus || \
failed=`expr $failed + 1`
+testit "test_output" \
+test_smbstatus_output || \
+failed=`expr $failed + 1`
+
testok $0 $failed
diff --git a/source3/utils/conn_tdb.c b/source3/utils/conn_tdb.c
index 24fd460c081..1d19d04f1aa 100644
--- a/source3/utils/conn_tdb.c
+++ b/source3/utils/conn_tdb.c
@@ -120,6 +120,8 @@ static int traverse_tcon_fn(struct smbXsrv_tcon_global0
*global,
ZERO_STRUCT(data);
+ data.pid =
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated via de8fc990b21 s3: smbd: Fix our leases code to return the correct error in the non-dynamic share case. via 7995e03b39e s4: torture: Add new SMB2 lease test test_lease_duplicate_open(). via 423bbea002e s4: torture: Add new SMB2 lease test test_lease_duplicate_create(). via 5caac70d8d4 s3:trusts_utils: use a password length of 120 for machine accounts via a31721982fe upgradehelpers.py: add a comment to update_krbtgt_account_password() via 8c9bb2cafd6 provision: add a comment that the value of krbtgtpass is ignored in the backend via 66d8622b646 upgradehelpers.py: let update_machine_account_password() use 120 character passwords via 4872e1af2c1 provision: use 120 characters for the dns account password via e13a72df5f2 samba-tool/join_member: let py_net_join_member() choose the password via ac61afa5022 s3:py_net: allow machinepass=None to py_net_join_member() from c240b977dbe s4/auth/simple_bind: correctly report TLS state https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test - Log - commit de8fc990b21aeb6741e76bfd33772384b66682d9 Author: Jeremy Allison Date: Thu Feb 17 11:12:39 2022 -0800 s3: smbd: Fix our leases code to return the correct error in the non-dynamic share case. We now return INVALID_PARAMETER when trying to open a different file with a duplicate lease key on the same (non-dynamic) share. This will enable us to pass another Windows test suite leases test. We now behave the same as Windows10. Remove knownfail.d/smb2-lease-duplicateopen BUG: https://bugzilla.samba.org/show_bug.cgi?id=14737 Signed-off-by: Jeremy Allison Reviewed-by: David Mulder Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Fri Feb 18 20:12:12 UTC 2022 on sn-devel-184 (cherry picked from commit 408be54323861c24b6377b804be4428cf45b471e) Autobuild-User(v4-16-test): Jule Anger Autobuild-Date(v4-16-test): Mon Mar 7 11:49:31 UTC 2022 on sn-devel-184 commit 7995e03b39e7cb972dc76be574d25eed7c8c2da7 Author: Jeremy Allison Date: Thu Feb 17 10:58:32 2022 -0800 s4: torture: Add new SMB2 lease test test_lease_duplicate_open(). Checks we return INVALID_PARAMETER when trying to open a different file with a duplicate lease key on the same share. Checked against Windows10. Currently fails against smbd so add knownfail.d/smb2-lease-duplicateopen BUG: https://bugzilla.samba.org/show_bug.cgi?id=14737 Signed-off-by: Jeremy Allison Reviewed-by: David Mulder (cherry picked from commit ca3896b6f8bbcad68f042720feceedfa29ddbd83) commit 423bbea002e6877c7d7cffde69fe66d52dcf0d96 Author: Jeremy Allison Date: Thu Feb 17 09:58:27 2022 -0800 s4: torture: Add new SMB2 lease test test_lease_duplicate_create(). Checks we return INVALID_PARAMETER when trying to create a new file with a duplicate lease key on the same share. Checked against Windows10. Samba already passes this but we didn't have a test before. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14737 Signed-off-by: Jeremy Allison Reviewed-by: David Mulder (cherry picked from commit bf22548d11fe67ea3f4ec10dff81773d626e4703) commit 5caac70d8d426e1f3afa40d05515d96669f24569 Author: Stefan Metzmacher Date: Mon Feb 21 15:28:53 2022 +0100 s3:trusts_utils: use a password length of 120 for machine accounts This is important when we change the machine password against an RODC that proxies the request to an RWDC. An RODC using NetrServerPasswordSet2() to proxy PasswordUpdateForward via NetrLogonSendToSam() ignores a return of NT_STATUS_INVALID_PARAMETER and reports NT_STATUS_OK as result of NetrServerPasswordSet2(). This hopefully found the last hole in our very robust machine account password handling logic inside of trust_pw_change(). The lesson is: try to be as identical to how windows works as possible, everything else may use is untested code paths on Windows. A similar problem was fixed by this commit: commit 609ca657652862fd9c81fd11f818efb74f72ff55 Author: Joseph Sutton Date: Wed Feb 24 02:03:25 2021 +1300 provision: Decrease the length of random machine passwords The current length of 128-255 UTF-16 characters currently causes generation of crypt() passwords to typically fail. This commit decreases the length to 120 UTF-16 characters, which is the same as that used by Windows. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14621 Signed-off-by: Joseph Sutton Reviewed-by: Douglas Bagnall Reviewed-by: Andrew Bartlett
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated
via c240b977dbe s4/auth/simple_bind: correctly report TLS state
via 5dee3a6834c pytest:auth_log: expect TLS connections when using ldaps
from 5b6ca18e020 s4:kdc: hdb_samba4_audit() is only called once per
request
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test
- Log -
commit c240b977dbea2976ad2567f349b05c29755c037b
Author: Douglas Bagnall
Date: Thu Dec 23 14:37:29 2021 +1300
s4/auth/simple_bind: correctly report TLS state
It went wrong in 366f8cf0903e3583fda42696df62a5337f22131f
Signed-off-by: Douglas Bagnall
Reviewed-by: Volker Lendecke
Autobuild-User(master): Volker Lendecke
Autobuild-Date(master): Wed Jan 26 12:39:52 UTC 2022 on sn-devel-184
(cherry picked from commit 309f1982263677045d407463eb19a2444c165a63)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14996
Autobuild-User(v4-16-test): Jule Anger
Autobuild-Date(v4-16-test): Mon Mar 7 10:11:23 UTC 2022 on sn-devel-184
commit 5dee3a6834ca69f8623cd270028922818270d5ab
Author: Douglas Bagnall
Date: Wed Jan 26 15:53:45 2022 +1300
pytest:auth_log: expect TLS connections when using ldaps
Signed-off-by: Douglas Bagnall
Reviewed-by: Volker Lendecke
(cherry picked from commit f37682747898591b37405f9e96a8135c15638637)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14996
---
Summary of changes:
python/samba/tests/auth_log.py | 8
source4/auth/ntlm/auth_simple.c | 4 ++--
2 files changed, 6 insertions(+), 6 deletions(-)
Changeset truncated at 500 lines:
diff --git a/python/samba/tests/auth_log.py b/python/samba/tests/auth_log.py
index d1e102bdcab..9949b0abe4d 100644
--- a/python/samba/tests/auth_log.py
+++ b/python/samba/tests/auth_log.py
@@ -565,7 +565,7 @@ class
AuthLogTests(samba.tests.auth_log_base.AuthLogTestBase):
self.assertEqual("NT_STATUS_OK", msg["Authentication"]["status"])
self.assertEqual("LDAP",
msg["Authentication"]["serviceDescription"])
-self.assertEqual("simple bind",
+self.assertEqual("simple bind/TLS",
msg["Authentication"]["authDescription"])
self.assertEqual(
EVT_ID_SUCCESSFUL_LOGON, msg["Authentication"]["eventId"])
@@ -579,7 +579,7 @@ class
AuthLogTests(samba.tests.auth_log_base.AuthLogTestBase):
(msg["Authentication"]["status"] ==
"NT_STATUS_WRONG_PASSWORD") and
(msg["Authentication"]["authDescription"] ==
-"simple bind") and
+"simple bind/TLS") and
(msg["Authentication"]["eventId"] ==
EVT_ID_UNSUCCESSFUL_LOGON) and
(msg["Authentication"]["logonType"] ==
@@ -611,7 +611,7 @@ class
AuthLogTests(samba.tests.auth_log_base.AuthLogTestBase):
(msg["Authentication"]["status"] ==
"NT_STATUS_NO_SUCH_USER") and
(msg["Authentication"]["authDescription"] ==
-"simple bind") and
+"simple bind/TLS") and
(msg["Authentication"]["eventId"] ==
EVT_ID_UNSUCCESSFUL_LOGON) and
(msg["Authentication"]["logonType"] ==
@@ -641,7 +641,7 @@ class
AuthLogTests(samba.tests.auth_log_base.AuthLogTestBase):
(msg["Authentication"]["status"] ==
"NT_STATUS_NO_SUCH_USER") and
(msg["Authentication"]["authDescription"] ==
-"simple bind") and
+"simple bind/TLS") and
(msg["Authentication"]["eventId"] ==
EVT_ID_UNSUCCESSFUL_LOGON) and
(msg["Authentication"]["logonType"] ==
diff --git a/source4/auth/ntlm/auth_simple.c b/source4/auth/ntlm/auth_simple.c
index 8301aec519c..b2e76381395 100644
--- a/source4/auth/ntlm/auth_simple.c
+++ b/source4/auth/ntlm/auth_simple.c
@@ -88,9 +88,9 @@ _PUBLIC_ struct tevent_req
*authenticate_ldap_simple_bind_send(TALLOC_CTX *mem_c
user_info->service_description = "LDAP";
if (using_tls) {
- user_info->auth_description = "simple bind";
- } else {
user_info->auth_description = "simple bind/TLS";
+ } else {
+ user_info->auth_description = "simple bind";
}
user_info->password_state = AUTH_PASSWORD_PLAIN;
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated via 5b6ca18e020 s4:kdc: hdb_samba4_audit() is only called once per request via 794c717ba75 s4-kdc: Adapt to move from HDB auditing to KDC auditing constants via 71912b630e9 s4:kdc: Adapt to removal of publicly accessible request structure members via 12a61bb7416 s4:kdc: Adapt to hdb_entry_ex removal via f90e729e01e s4:kdc: Increment plugin minor version via 8ae5ce46e57 third_party/heimdal_build: Don't generate .x source files via 5493c1a5df6 s4:kdc: Explicitly set plugin minor version via 0918e692fac third_party/heimdal_build: Add SFU source file via b6e2028f277 s4:kdc: Adapt to removal of auth audit event types via 9e763005266 s4:kdc: Rename windc to kdc plugin via b88d8924980 s4:kdc: Add referral policy callback via cef9e6f8514 s4:kdc: Add 'not authorised' auth events via 115d8e493fe s4:kdc: Adapt to removal of auth event details via 9627ee616b5 s4:kdc: Refactor HDB API via 26880578a5f third_party/heimdal_build: Add source files to build via e26fbf420e4 third_party/heimdal: import lorikeet-heimdal-202203010107 (commit 0e7a12404c388e831fe6933fcc3c86e7eb334825) via c9a77ff43e0 third_party/heimdal_build: Define fallthrough macro for switch statements via 947ad1581a6 third_party/heimdal_build: Determine whether time_t is signed via 97011aa3ce1 s4:kdc: Don't pass empty PAC buffers to krb5_pac_add_buffer() via 77ed10e2ff8 third_party/heimdal_build: Add KDC_LIB macro definitions via 635c8b730f7 auth: Cope with NULL upn_name in PAC via b668c076722 s4:sam: Don't use talloc_steal for msg attributes in authsam_make_user_info_dc() via 9fd10105530 smbd: Fix a use-after-free from 91c7a2cb662 VERSION: Bump version up to Samba 4.16.0rc5... https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test - Log - commit 5b6ca18e020416aef105fa13d2e35bbd03c4da45 Author: Stefan Metzmacher Date: Wed Mar 2 10:10:08 2022 +1300 s4:kdc: hdb_samba4_audit() is only called once per request So we need to restructure the logic a bit. NOTE: This commit finally works again! BUG: https://bugzilla.samba.org/show_bug.cgi?id=14995 Signed-off-by: Stefan Metzmacher Reviewed-by: Andrew Bartlett Autobuild-User(master): Joseph Sutton Autobuild-Date(master): Tue Mar 1 23:28:22 UTC 2022 on sn-devel-184 (cherry picked from commit 791be84c3eecb95e03611458e2305bae272ba267) Autobuild-User(v4-16-test): Jule Anger Autobuild-Date(v4-16-test): Wed Mar 2 11:24:26 UTC 2022 on sn-devel-184 commit 794c717ba75c15e96bdc3a651ddd0715bcd4f92e Author: Andrew Bartlett Date: Wed Mar 2 10:00:17 2022 +1300 s4-kdc: Adapt to move from HDB auditing to KDC auditing constants This is to adapt to: commit 6530021f09a5cab631be19a1b5898a0ba6b32f16 Author: Luke Howard Date: Thu Jan 13 14:37:29 2022 +1100 kdc: move auth event definitions into KDC header Move KDC auth event macro definitions out of hdb.h and into a new KDC header, kdc-audit.h. NOTE: THIS COMMIT WON'T COMPILE/WORK ON ITS OWN! BUG: https://bugzilla.samba.org/show_bug.cgi?id=14995 Signed-off-by: Andrew Bartlett Reviewed-by: Joseph Sutton (cherry picked from commit c9b0b4bfc4e2e0b08b21f39bf56fd5395d66d66f) commit 71912b630e945ab554d2f36f94d879c4ec87cfb9 Author: Joseph Sutton Date: Wed Feb 23 09:53:27 2022 +1300 s4:kdc: Adapt to removal of publicly accessible request structure members We now have to use the accessor functions instead. This is an adaptation to Heimdal: commit ec24edf7005c340018450a202d27ca75fcf322d4 Author: Luke Howard Date: Thu Jan 20 09:15:24 2022 +1100 kdc: add accessor functions for KDC request structure Add accessor functions for use by Samba and other plugin developers. Documentation is in kdc/kdc-accessors.h. NOTE: THIS COMMIT WON'T COMPILE/WORK ON ITS OWN! BUG: https://bugzilla.samba.org/show_bug.cgi?id=14995 Signed-off-by: Joseph Sutton Reviewed-by: Stefan Metzmacher Reviewed-by: Andrew Bartlett (cherry picked from commit 9399a15fabb5a1b8470b1069a098132e2fdb7f0f) commit 12a61bb7416eed3b7fa261791eea926f683ee5f1 Author: Joseph Sutton Date: Tue Feb 22 19:41:14 2022 +1300 s4:kdc: Adapt to hdb_entry_ex removal Rather than having a 'free_entry' member that can be called to free an hdb_entry, we now implement the free function in HDB. We perform the free only if the context pointer is non-NULL. We also remove the ZERO_STRUCTP() in sdb_entry_to_hdb_entry(), as the context pointer is now part of the 'hdb_entry' structure itself,
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated via 91c7a2cb662 VERSION: Bump version up to Samba 4.16.0rc5... via 3b4041236d1 VERSION: Disable GIT_SNAPSHOT for the 4.16.0rc4 release. via d89d82bdde4 WHATSNEW: Add release notes for Samba 4.16.0rc4. from 2d87ade08a6 waf: re-add missing readlink test https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test - Log - commit 91c7a2cb662c91fde271315d6abbc584dd63639b Author: Jule Anger Date: Tue Mar 1 08:58:07 2022 +0100 VERSION: Bump version up to Samba 4.16.0rc5... and re-enable GIT_SNAPSHOT. Signed-off-by: Jule Anger commit 3b4041236d18e48db6fe4c521b0c267ae08b15a6 Author: Jule Anger Date: Tue Mar 1 08:57:23 2022 +0100 VERSION: Disable GIT_SNAPSHOT for the 4.16.0rc4 release. Signed-off-by: Jule Anger commit d89d82bdde43e93aa545bc30876159495ff35b59 Author: Jule Anger Date: Tue Mar 1 08:56:14 2022 +0100 WHATSNEW: Add release notes for Samba 4.16.0rc4. Signed-off-by: Jule Anger --- Summary of changes: VERSION | 2 +- WHATSNEW.txt | 21 - 2 files changed, 21 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/VERSION b/VERSION index c7313ceeb98..afc3c64af35 100644 --- a/VERSION +++ b/VERSION @@ -87,7 +87,7 @@ SAMBA_VERSION_PRE_RELEASE= # e.g. SAMBA_VERSION_RC_RELEASE=1 # # -> "3.0.0rc1" # -SAMBA_VERSION_RC_RELEASE=4 +SAMBA_VERSION_RC_RELEASE=5 # To mark SVN snapshots this should be set to 'yes'# diff --git a/WHATSNEW.txt b/WHATSNEW.txt index cdd911d40b1..e511e17c4c8 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,7 +1,7 @@ Release Announcements = -This is the third release candidate of Samba 4.16. This is *not* +This is the fourth release candidate of Samba 4.16. This is *not* intended for production environments and is designed for testing purposes only. Please report any defects via the Samba bug reporting system at https://bugzilla.samba.org/. @@ -174,6 +174,25 @@ smb.conf changes rpc start on demand helpers Added true +CHANGES SINCE 4.16.0rc3 +=== + +o Samuel Cabrero + * BUG 14979: Problem when winbind renews Kerberos. + +o Björn Jacke + * BUG 13631: DFS fix for AIX broken. + * BUG 14974: Solaris and AIX acl modules: wrong function arguments. + * BUG 7239: Function aixacl_sys_acl_get_file not declared / coredump. + +o Andreas Schneider + * BUG 14967: Samba autorid fails to map AD users if id rangesize fits in the + id range only once. + +o Martin Schwenke + * BUG 14958: CTDB can get stuck in election and recovery. + + CHANGES SINCE 4.16.0rc2 === -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated
via 2d87ade08a6 waf: re-add missing readlink test
via 76463193044 readlink test: inverse return code
via e82833a1078 vfs_aixacl: add proper header file
via 821e16c077c wscript: s/default/required/ _static_modules for the
acl modules
via 9016cb5c643 acl: fix function arguments for AIX' and Solaris'
sys_acl_get_fd()
from 4346dac73a4 s3:winbind: Use the canonical principal name to renew
the credentials
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test
- Log -
commit 2d87ade08a6f03e34428c8ff0793be8f1552b685
Author: Björn Jacke
Date: Wed Dec 26 01:03:29 2018 +0100
waf: re-add missing readlink test
this was another portability regression that came with the moving to waf
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13631
Signed-off-by: Bjoern Jacke
Reviewed-by: Jeremy Allison
Autobuild-User(master): Jeremy Allison
Autobuild-Date(master): Fri Feb 18 23:12:51 UTC 2022 on sn-devel-184
(cherry picked from commit 45cb14ac80889ac913f7f76dbfaebcb4d5ee14fd)
Autobuild-User(v4-16-test): Jule Anger
Autobuild-Date(v4-16-test): Sun Feb 27 20:03:27 UTC 2022 on sn-devel-184
commit 76463193044cdbcf96a7199fa4bf4ef45a5b2513
Author: Björn Jacke
Date: Wed Dec 26 01:01:14 2018 +0100
readlink test: inverse return code
We need to return 0 in case readlink is *broken* here - this is because our
waf
CHECK_CODE function does only allow generating defines in case the test
succeeds
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13631
Signed-off-by: Bjoern Jacke
Reviewed-by: Jeremy Allison
(cherry picked from commit e225ab70db0cc01454d319eaca5265d7e33f396c)
commit e82833a107834cdfaef72e5a2c805a780ef2cba5
Author: Bjoern Jacke
Date: Fri Feb 11 00:45:00 2022 +
vfs_aixacl: add proper header file
BUG: https://bugzilla.samba.org/show_bug.cgi?id=7239
Signed-off-by: Bjoern Jacke
Reviewed-by: Jeremy Allison
(cherry picked from commit 396c17160c19c6df43123074bf62268c6ed0f9e4)
commit 821e16c077c98ea4d792a4a788be68c2fbb21264
Author: Björn Jacke
Date: Tue Feb 15 14:25:41 2022 +0100
wscript: s/default/required/ _static_modules for the acl modules
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14974
Signed-off-by: Bjoern Jacke
Reviewed-by: Jeremy Allison
(cherry picked from commit 89e903985b6968c5becc69b757b23144b1aba66e)
commit 9016cb5c64351ff267d8deb43451370d6dcbba64
Author: Björn Jacke
Date: Fri Feb 11 03:38:31 2022 +0100
acl: fix function arguments for AIX' and Solaris' sys_acl_get_fd()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14974
Signed-off-by: Bjoern Jacke
Reviewed-by: Jeremy Allison
(cherry picked from commit 183ab5ced8377b63ad07d2e810396d3b414f4a7d)
---
Summary of changes:
source3/lib/sysacls.c| 6 +-
auth/auth_util.h => source3/modules/vfs_aixacl.h | 26 +---
source3/modules/vfs_solarisacl.h | 1 +
source3/wscript | 12 ---
tests/readlink.c | 11 ++
5 files changed, 36 insertions(+), 20 deletions(-)
copy auth/auth_util.h => source3/modules/vfs_aixacl.h (54%)
Changeset truncated at 500 lines:
diff --git a/source3/lib/sysacls.c b/source3/lib/sysacls.c
index d42337190c3..891fabea21e 100644
--- a/source3/lib/sysacls.c
+++ b/source3/lib/sysacls.c
@@ -34,6 +34,10 @@
#include "modules/vfs_hpuxacl.h"
#endif
+#if defined(HAVE_AIX_ACLS)
+#include "modules/vfs_aixacl.h"
+#endif
+
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_ACLS
@@ -410,7 +414,7 @@ SMB_ACL_T sys_acl_get_fd(vfs_handle_struct *handle,
SMB_ACL_TYPE_T type,
TALLOC_CTX *mem_ctx)
{
- return solarisacl_sys_acl_get_fd(handle, fsp,
+ return solarisacl_sys_acl_get_fd(handle, fsp, type,
mem_ctx);
}
diff --git a/auth/auth_util.h b/source3/modules/vfs_aixacl.h
similarity index 54%
copy from auth/auth_util.h
copy to source3/modules/vfs_aixacl.h
index 0af6ff5ec6c..f9fe3f85dc6 100644
--- a/auth/auth_util.h
+++ b/source3/modules/vfs_aixacl.h
@@ -1,8 +1,5 @@
/*
- Unix SMB/CIFS implementation.
- Authentication utility functions
-
- Copyright (C) Andrew Bartlett 2017
+ Copyright (C) Bjoern Jacke 2022
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -18,15 +15,20 @@
along with this program. If not, see
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated
via 4346dac73a4 s3:winbind: Use the canonical principal name to renew
the credentials
via e3efe2d0de2 s3:winbind: Store canonical principal and realm in
ccache entry
via 85fdd88e3ca s3:libads: Return canonical principal and realm from
kerberos_return_pac()
via a4b9a9ce8ef lib:krb5_wrap: Fix wrong debug message and use newer
debug macro
via 7db685f8422 lib:krb5_wrap: Improve debug message and use newer
debug macro
via 3fef25f2e62 s3:libads: Fix memory leak in kerberos_return_pac()
error path
from 48929ba6634 docs-xml: Fix idmap_autorid documentation
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test
- Log -
commit 4346dac73a4e74b1e286346f1e6d867a8369f5fd
Author: Samuel Cabrero
Date: Tue Feb 22 14:28:44 2022 +0100
s3:winbind: Use the canonical principal name to renew the credentials
The principal name stored in the winbindd ccache entry might be an
enterprise principal name if enterprise principals are enabled. Use
the canonical name to renew the credentials.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14979
Signed-off-by: Samuel Cabrero
Reviewed-by: Stefan Metzmacher
Reviewed-by: Andreas Schneider
(cherry picked from commit 8246ccc23d064147412bb3475e6431a9fffc0d27)
Autobuild-User(v4-16-test): Jule Anger
Autobuild-Date(v4-16-test): Fri Feb 25 18:08:19 UTC 2022 on sn-devel-184
commit e3efe2d0de20216ea7ecbc8e41ae8c6968507d29
Author: Samuel Cabrero
Date: Tue Feb 22 13:19:02 2022 +0100
s3:winbind: Store canonical principal and realm in ccache entry
They will be used later to refresh the tickets.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14979
Signed-off-by: Samuel Cabrero
Reviewed-by: Stefan Metzmacher
Reviewed-by: Andreas Schneider
(cherry picked from commit 0f4f330773d272b4d28ff3ba5a41bdd4ba569c8b)
commit 85fdd88e3cabbd405ddfda32b0b2b4e7673e
Author: Samuel Cabrero
Date: Tue Feb 22 13:08:56 2022 +0100
s3:libads: Return canonical principal and realm from kerberos_return_pac()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14979
Signed-off-by: Samuel Cabrero
Reviewed-by: Stefan Metzmacher
Reviewed-by: Andreas Schneider
(cherry picked from commit 00b1f44a7e8f66976757535bcbc6bea97fb1c29f)
commit a4b9a9ce8ef9c8947a7cd45044033a2aa3d7e40f
Author: Samuel Cabrero
Date: Tue Feb 22 14:28:28 2022 +0100
lib:krb5_wrap: Fix wrong debug message and use newer debug macro
Signed-off-by: Samuel Cabrero
Reviewed-by: Stefan Metzmacher
Reviewed-by: Andreas Schneider
(cherry picked from commit 1b5b4107a5081f15ba215f3025056d509fcfcf2a)
commit 7db685f8422af2e77ad3dda743ea606537c6
Author: Samuel Cabrero
Date: Tue Feb 22 13:00:05 2022 +0100
lib:krb5_wrap: Improve debug message and use newer debug macro
Signed-off-by: Samuel Cabrero
Reviewed-by: Stefan Metzmacher
Reviewed-by: Andreas Schneider
(cherry picked from commit ed14513be055cc56eb39785323df2c538a813865)
commit 3fef25f2e62ac2e835abb97b9b1d6f63d8ac0edc
Author: Samuel Cabrero
Date: Tue Feb 22 12:59:44 2022 +0100
s3:libads: Fix memory leak in kerberos_return_pac() error path
Signed-off-by: Samuel Cabrero
Reviewed-by: Stefan Metzmacher
Reviewed-by: Andreas Schneider
(cherry picked from commit 3dbcd20de98cd28683a9c248368e5082b6388111)
---
Summary of changes:
lib/krb5_wrap/krb5_samba.c | 7 +--
source3/libads/authdata.c | 33 +
source3/libads/kerberos_proto.h| 2 ++
source3/utils/net_ads.c| 2 ++
source3/winbindd/winbindd.h| 2 ++
source3/winbindd/winbindd_cred_cache.c | 18 --
source3/winbindd/winbindd_pam.c| 12 ++--
source3/winbindd/winbindd_proto.h | 4 +++-
8 files changed, 69 insertions(+), 11 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/krb5_wrap/krb5_samba.c b/lib/krb5_wrap/krb5_samba.c
index 61d651b4d5f..99809ffea27 100644
--- a/lib/krb5_wrap/krb5_samba.c
+++ b/lib/krb5_wrap/krb5_samba.c
@@ -1084,7 +1084,7 @@ krb5_error_code smb_krb5_renew_ticket(const char
*ccache_string,
goto done;
}
- DEBUG(10,("smb_krb5_renew_ticket: using %s as ccache\n",
ccache_string));
+ DBG_DEBUG("Using %s as ccache for '%s'\n", ccache_string,
client_string);
/* FIXME: we should not fall back to defaults */
ret = krb5_cc_resolve(context, discard_const_p(char, ccache_string),
);
@@ -1106,7 +1106,10 @@ krb5_error_code smb_krb5_renew_ticket(const char
*ccache_string,
ret = krb5_get_renewed_creds(context, , client, ccache,
discard_const_p(char,
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated via 48929ba6634 docs-xml: Fix idmap_autorid documentation via be4e42f01fb s3:utils: Add a testparm check for idmap autorid via 0d27228e75c s3:winbindd: Add a sanity check for the range from 79b42f0f2bf ctdb-tests: Add a test for stalled node triggering election https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test - Log - commit 48929ba6634c93174f9f863d9e9f59d2add4d720 Author: Andreas Schneider Date: Tue Feb 1 10:05:19 2022 +0100 docs-xml: Fix idmap_autorid documentation What we want to avoid: $ ./bin/testparm -s | grep "idmap config" idmap config * : rangesize = 1 idmap config * : range = 1-1 idmap config * : backend = autorid $ ./bin/wbinfo --name-to-sid BUILTIN/Administrators S-1-5-32-544 SID_ALIAS (4) $ ./bin/wbinfo --sid-to-gid S-1-5-32-544 1 $ ./bin/wbinfo --name-to-sid ADDOMAIN/alice S-1-5-21-4058748110-895691256-3682847423-1107 SID_USER (1) $ ./bin/wbinfo --sid-to-gid S-1-5-21-984165912-589366285-3903095728-1107 failed to call wbcSidToGid: WBC_ERR_DOMAIN_NOT_FOUND Could not convert sid S-1-5-21-984165912-589366285-3903095728-1107 to gid If only one range is configured we are either not able to map users/groups from our primary *and* the BUILTIN domain. We need at least two ranges to also cover the BUILTIN domain! BUG: https://bugzilla.samba.org/show_bug.cgi?id=14967 Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner (cherry picked from commit 7e5afd8f1f7e5cfab1a8ef7f4293ac465b7cd8de) Autobuild-User(v4-16-test): Jule Anger Autobuild-Date(v4-16-test): Fri Feb 18 09:07:13 UTC 2022 on sn-devel-184 commit be4e42f01fb958a0b7dbcd2d4ebc89991773ce49 Author: Andreas Schneider Date: Tue Feb 1 10:07:50 2022 +0100 s3:utils: Add a testparm check for idmap autorid What we want to avoid: $ ./bin/testparm -s | grep "idmap config" idmap config * : rangesize = 1 idmap config * : range = 1-1 idmap config * : backend = autorid $ ./bin/wbinfo --name-to-sid BUILTIN/Administrators S-1-5-32-544 SID_ALIAS (4) $ ./bin/wbinfo --sid-to-gid S-1-5-32-544 1 $ ./bin/wbinfo --name-to-sid ADDOMAIN/alice S-1-5-21-4058748110-895691256-3682847423-1107 SID_USER (1) $ ./bin/wbinfo --sid-to-gid S-1-5-21-984165912-589366285-3903095728-1107 failed to call wbcSidToGid: WBC_ERR_DOMAIN_NOT_FOUND Could not convert sid S-1-5-21-984165912-589366285-3903095728-1107 to gid If only one range is configured we are either not able to map users/groups from our primary *and* the BUILTIN domain. We need at least two ranges to also cover the BUILTIN domain! BUG: https://bugzilla.samba.org/show_bug.cgi?id=14967 Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner (cherry picked from commit db6d4da3411a910e7ce45fe1fecfabf2864eb9f4) commit 0d27228e75c6cb30394306dff1d5764e8183ae4c Author: Andreas Schneider Date: Tue Feb 1 10:06:30 2022 +0100 s3:winbindd: Add a sanity check for the range What we want to avoid: $ ./bin/testparm -s | grep "idmap config" idmap config * : rangesize = 1 idmap config * : range = 1-1 idmap config * : backend = autorid $ ./bin/wbinfo --name-to-sid BUILTIN/Administrators S-1-5-32-544 SID_ALIAS (4) $ ./bin/wbinfo --sid-to-gid S-1-5-32-544 1 $ ./bin/wbinfo --name-to-sid ADDOMAIN/alice S-1-5-21-4058748110-895691256-3682847423-1107 SID_USER (1) $ ./bin/wbinfo --sid-to-gid S-1-5-21-984165912-589366285-3903095728-1107 failed to call wbcSidToGid: WBC_ERR_DOMAIN_NOT_FOUND Could not convert sid S-1-5-21-984165912-589366285-3903095728-1107 to gid If only one range is configured we are either not able to map users/groups from our primary *and* the BUILTIN domain. We need at least two ranges to also cover the BUILTIN domain! BUG: https://bugzilla.samba.org/show_bug.cgi?id=14967 Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner (cherry picked from commit fe84ae5547313e482ea0eba8ddca5b38a033dc8f) --- Summary of changes: docs-xml/manpages/idmap_autorid.8.xml | 8 +- source3/utils/testparm.c | 51 +++ source3/winbindd/idmap_autorid.c | 7 ++--- 3 files changed, 62 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/manpages/idmap_autorid.8.xml b/docs-xml/manpages/idmap_autorid.8.xml index 6c4da1cad8a..980718f0bd4 100644 --- a/docs-xml/manpages/idmap_autorid.8.xml
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated via 79b42f0f2bf ctdb-tests: Add a test for stalled node triggering election via f3047e90a86 ctdb-tests: Factor out functions to detect when generation changes via d0133dd3a54 ctdb-recoverd: Consistently log start of election via ddda97dc146 ctdb-recoverd: Always send unknown leader broadcast when starting election via 758e953ee07 ctdb-recoverd: Consistently have caller set election-in-progress via 07540a8cf45 ctdb-recoverd: Always cancel election in progress from caa6785eff0 VERSION: Bump version up to Samba 4.16.0rc4... https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test - Log - commit 79b42f0f2bfa539c66ca46adba8383e2465af783 Author: Martin Schwenke Date: Sun Jan 23 07:08:02 2022 +1100 ctdb-tests: Add a test for stalled node triggering election A stalled node probably continues to hold the cluster lock, so confirm elections work in this case. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14958 Signed-off-by: Martin Schwenke Reviewed-by: Amitay Isaacs Autobuild-User(master): Amitay Isaacs Autobuild-Date(master): Mon Feb 14 02:46:01 UTC 2022 on sn-devel-184 (cherry picked from commit 331c435ce520bef1274e076e6ed491400db3b5ad) Autobuild-User(v4-16-test): Jule Anger Autobuild-Date(v4-16-test): Tue Feb 15 09:55:38 UTC 2022 on sn-devel-184 commit f3047e90a8653284f19ef7138ddbe9ada3b7a303 Author: Martin Schwenke Date: Sun Jan 23 06:42:52 2022 +1100 ctdb-tests: Factor out functions to detect when generation changes BUG: https://bugzilla.samba.org/show_bug.cgi?id=14958 Signed-off-by: Martin Schwenke Reviewed-by: Amitay Isaacs (cherry picked from commit 265e44abc42e1f5b7fef6550cd748459dbef80cb) commit d0133dd3a54acc29949e8351702b0996ba8d66c6 Author: Martin Schwenke Date: Sun Jan 23 06:21:51 2022 +1100 ctdb-recoverd: Consistently log start of election Elections should now be quite rare, so always log when one begins. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14958 Signed-off-by: Martin Schwenke Reviewed-by: Amitay Isaacs (cherry picked from commit 0e74e03c9cf83d5dc2d97fa9f38ff8fbaa3d2685) commit ddda97dc146179a035485219bca6af2338b360e9 Author: Martin Schwenke Date: Sun Jan 23 06:18:51 2022 +1100 ctdb-recoverd: Always send unknown leader broadcast when starting election This is currently missed when the cluster lock is lost. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14958 Signed-off-by: Martin Schwenke Reviewed-by: Amitay Isaacs (cherry picked from commit bf55a0117d045e8ca888f7e01591cc2a2bce9223) commit 758e953ee07343e1e3fd0389eb2d82c0654be61c Author: Martin Schwenke Date: Sun Jan 23 05:49:18 2022 +1100 ctdb-recoverd: Consistently have caller set election-in-progress The problem here is that election-in-progress must be set to potentially avoid restarting the election broadcast timeout in main_loop(), so this is already done by leader_handler(). Have force_election() set election-in-progress for all election types and do not bother setting it in cluster_lock_election(). BUG: https://bugzilla.samba.org/show_bug.cgi?id=14958 Signed-off-by: Martin Schwenke Reviewed-by: Amitay Isaacs (cherry picked from commit 9b3fab052bd2dccf2fc3fe9bd2b4354dff0b9ebb) commit 07540a8cf4597f683e6661cc4418b858f59d7312 Author: Martin Schwenke Date: Fri Jan 21 18:09:47 2022 +1100 ctdb-recoverd: Always cancel election in progress Election-in-progress is set by unknown leader broadcast, so needs to be cleared in all cases when election completes. This was seen in a case where the leader node stalled, so didn't send leader broadcasts for some time. The node continued to hold the cluster lock, so another node could not become leader. However, after the node returned to normal it still did not send leader broadcasts because election-in-progress was never cleared. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14958 Signed-off-by: Martin Schwenke Reviewed-by: Amitay Isaacs (cherry picked from commit 188a9021565bc2c1bec1d7a4830d6f47cdbc44a9) --- Summary of changes: ctdb/server/ctdb_recoverd.c| 17 .../simple/cluster.015.reclock_remove_lock.sh | 14 +-- .../cluster.030.node_stall_leader_timeout.sh | 48 ++ ctdb/tests/scripts/integration.bash| 44 4 files changed, 103 insertions(+), 20 deletions(-) create mode 100755 ctdb/tests/INTEGRATION/simple/cluster.030.node_stall_leader_timeout.sh Changeset truncated at 500 lines: diff --git
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated via caa6785eff0 VERSION: Bump version up to Samba 4.16.0rc4... via 2517bca6b10 VERSION: Disable GIT_SNAPSHOT for the 4.16.0rc3 release. via 5f8796ea630 WHATSNEW: Add release notes for Samba 4.16.0rc3. from 1bbb3677ae5 smbd: Safeguards for getpwuid https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test - Log - commit caa6785eff0dee455f2f9a0125f9a6c069b2cadd Author: Jule Anger Date: Tue Feb 15 08:12:02 2022 +0100 VERSION: Bump version up to Samba 4.16.0rc4... and re-enable GIT_SNAPSHOT. Signed-off-by: Jule Anger commit 2517bca6b10fb2ff5b2a2381a04c0ef957663a96 Author: Jule Anger Date: Tue Feb 15 08:11:16 2022 +0100 VERSION: Disable GIT_SNAPSHOT for the 4.16.0rc3 release. Signed-off-by: Jule Anger commit 5f8796ea63014be2031428c79ff5e57503ceb9a8 Author: Jule Anger Date: Tue Feb 15 08:10:19 2022 +0100 WHATSNEW: Add release notes for Samba 4.16.0rc3. Signed-off-by: Jule Anger --- Summary of changes: VERSION | 2 +- WHATSNEW.txt | 32 +++- 2 files changed, 32 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/VERSION b/VERSION index c7035db0fb1..c7313ceeb98 100644 --- a/VERSION +++ b/VERSION @@ -87,7 +87,7 @@ SAMBA_VERSION_PRE_RELEASE= # e.g. SAMBA_VERSION_RC_RELEASE=1 # # -> "3.0.0rc1" # -SAMBA_VERSION_RC_RELEASE=3 +SAMBA_VERSION_RC_RELEASE=4 # To mark SVN snapshots this should be set to 'yes'# diff --git a/WHATSNEW.txt b/WHATSNEW.txt index acf91910706..cdd911d40b1 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,7 +1,7 @@ Release Announcements = -This is the second release candidate of Samba 4.16. This is *not* +This is the third release candidate of Samba 4.16. This is *not* intended for production environments and is designed for testing purposes only. Please report any defects via the Samba bug reporting system at https://bugzilla.samba.org/. @@ -174,6 +174,36 @@ smb.conf changes rpc start on demand helpers Added true +CHANGES SINCE 4.16.0rc2 +=== + +o Jeremy Allison + * BUG 14169: Renaming file on DFS root fails with + NT_STATUS_OBJECT_PATH_NOT_FOUND. + * BUG 14938: NT error code is not set when overwriting a file during rename + in libsmbclient. + +o Ralph Boehme + * BUG 14674: net ads info shows LDAP Server: 0.0.0.0 depending on contacted + server. + +o Pavel Filipenský + * BUG 14971: virusfilter_vfs_openat: Not scanned: Directory or special file. + +o Volker Lendecke + * BUG 14900: Regression: Samba 4.15.2 on macOS segfaults intermittently + during strcpy in tdbsam_getsampwnam. + * BUG 14975: Fix a crash in vfs_full_audit - CREATE_FILE can free a used fsp. + +o Stefan Metzmacher + * BUG 14968: smb2_signing_decrypt_pdu() may not decrypt with + gnutls_aead_cipher_decrypt() from gnutls before 3.5.2. + +o Andreas Schneider + * BUG 14960: SDB uses HDB flags directly which can lead to unwanted side + effects. + + CHANGES SINCE 4.16.0rc1 === -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated
via 1bbb3677ae5 smbd: Safeguards for getpwuid
from cdc5e9e4dbe smbd: Only file_free() a self-created fsp in
create_file_unixpath()
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test
- Log -
commit 1bbb3677ae5b95ea12bf9037b3a74725452382dc
Author: Volker Lendecke
Date: Thu Feb 3 13:20:11 2022 +0100
smbd: Safeguards for getpwuid
Attempt to fix
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14900
Signed-off-by: Volker Lendecke
Reviewed-by: Jeremy Allison
(cherry picked from commit 929ccd3d1afb864ea715fa4d3d8af8f997e5d2aa)
Autobuild-User(v4-16-test): Jule Anger
Autobuild-Date(v4-16-test): Mon Feb 14 22:18:31 UTC 2022 on sn-devel-184
---
Summary of changes:
source3/passdb/pdb_interface.c | 14 --
1 file changed, 12 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 3c4499a4459..b83cef1de37 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -1402,6 +1402,7 @@ static bool pdb_default_uid_to_sid(struct pdb_methods
*methods, uid_t uid,
{
struct samu *sampw = NULL;
struct passwd *unix_pw;
+ fstring pw_name = { 0 };
bool ret;
unix_pw = getpwuid( uid );
@@ -1412,14 +1413,23 @@ static bool pdb_default_uid_to_sid(struct pdb_methods
*methods, uid_t uid,
return False;
}
+ if (unix_pw->pw_name == NULL) {
+ DBG_DEBUG("No pw_name for uid %d\n", (int)uid);
+ return false;
+ }
+
+ /*
+* Make a copy, "unix_pw" might go away soon.
+*/
+ fstrcpy(pw_name, unix_pw->pw_name);
+
if ( !(sampw = samu_new( NULL )) ) {
DEBUG(0,("pdb_default_uid_to_sid: samu_new() failed!\n"));
return False;
}
become_root();
- ret = NT_STATUS_IS_OK(
- methods->getsampwnam(methods, sampw, unix_pw->pw_name ));
+ ret = NT_STATUS_IS_OK(methods->getsampwnam(methods, sampw, pw_name));
unbecome_root();
if (!ret) {
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated via cdc5e9e4dbe smbd: Only file_free() a self-created fsp in create_file_unixpath() via d44c45cbdbc smbd: Introduce close_file_smb() via 521178327e4 smbd: Factor out fsp_unbind_smb() from file_free() via 4cc60cbdb70 torture: Add a test to show that full_audit uses a ptr after free via a61a91d427f smbd: Simplify the flow in close_file_free() via e8d165da42a smbd: No base fsps to close_file_free() from file_close_user() via 9794341b29e smbd: Factor out close_file_in_loop() from file_close_conn_fn() via c0e02d8e879 smbd: No base fsps to close_file_free() from file_close_conn() via d088caa4002 smbd: NULL out "fsp" in close_file() via 4f9bada50af smbd: Call file_free() just once in close_file() via b48431f4783 smbd: Move the call to file_free() out of close_fake_file() via 3500cb49764 smbd: Move the call to file_free() out of close_normal_file() via 692fb63a1ac smbd: Move the call to file_free() out of close_directory() via a260463481a smbd: Slightly simplify create_file_unixpath() from e1e2bae551e s3:modules: Fix virusfilter_vfs_openat https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test - Log - commit cdc5e9e4dbeb3e63e00db2afc3a8c48152885d40 Author: Volker Lendecke Date: Thu Feb 3 17:17:07 2022 +0100 smbd: Only file_free() a self-created fsp in create_file_unixpath() This fixes a use-after-free in smb_full_audit_create_file() when calling SMB_VFS_CREATE_FILE with fsp->fsp_name as smb_fname. create_file_unixpath() has this comment: * This is really subtle. If someone passes in an smb_fname * where smb_fname actually is taken from fsp->fsp_name, then * the lifetime of these objects is meant to be the same. so it seems legitimate to call CREATE_FILE this way. When CREATE_FILE runs into an error, create_file_unixpath() does a file_free, which also takes fsp->fsp_name with it. smb_full_audit_create_file() wants to log the failure including the smb_fname after NEXT_CREATE_FILE has exited, but this will then use the already free'ed data. Fix by only doing the file_free() on an fsp that create_file_unixpath() created itself. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14975 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Thu Feb 10 19:11:33 UTC 2022 on sn-devel-184 (cherry picked from commit 434e6d4b4b45757878642d229d26d146792a3878) Autobuild-User(v4-16-test): Jule Anger Autobuild-Date(v4-16-test): Mon Feb 14 18:36:26 UTC 2022 on sn-devel-184 commit d44c45cbdbc7e13047ce127ea7ebcac2810a7891 Author: Volker Lendecke Date: Wed Feb 9 18:03:33 2022 +0100 smbd: Introduce close_file_smb() This does almost everything that close_file_free() does, but it leaves the fsp around. A normal close_file() now calls fsp_unbind_smb() twice. Functionally this is not a problem, fsp_unbind_smb() is idempotent. The only potential performance penalty might come from the loops in remove_smb2_chained_fsp(), but those only are potentially large with deeply queued smb2 requests. If that turns out to be a problem, we'll cope with it later. The alternative would be to split up file_free() into even more routines and make it more difficult to figure out which of the "rundown/unbind/free" routines to call in any particular situation. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14975 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison (cherry picked from commit e91b59c4dfb2b35661dbecbc5769584109e23571) commit 521178327e4ca5581d741966e8c288253be3d8f3 Author: Volker Lendecke Date: Wed Feb 9 17:23:03 2022 +0100 smbd: Factor out fsp_unbind_smb() from file_free() For example, remove our entry from smbXsrv_open_global.tdb BUG: https://bugzilla.samba.org/show_bug.cgi?id=14975 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison (cherry picked from commit e751c6237b750adb4cb59df4a42bb9f39354e7e4) commit 4cc60cbdb70172e3b996fe55968003320bd10f2c Author: Volker Lendecke Date: Thu Feb 3 15:25:11 2022 +0100 torture: Add a test to show that full_audit uses a ptr after free Run vfstest with this vfstest.cmd under valgrind and you'll see what happens. Exact explanation a few patches further down... BUG: https://bugzilla.samba.org/show_bug.cgi?id=14975 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison (cherry picked from commit 5f1ceead7094aefc6ad1f209468e9ea8f009716c) commit a61a91d427fef0b29fbe4983ee2b9dd4d9f0c074 Author: Volker Lendecke Date: Wed Feb 2 12:42:08 2022 +0100 smbd:
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated via e1e2bae551e s3:modules: Fix virusfilter_vfs_openat via 63f6fac589e s3:selftest: Add test for virus scanner via e95306ed8e3 selftest: Fix trailing whitespace in Samba3.pm via db32ea07caa docs-xml:manpages: Document 'dummy' virusfilter and 'virusfilter:infected files' via 174fcd9f6b3 s3:modules: Implement dummy virus scanner that uses filename matching via 2fd16c0cbf6 selftest: Do not force -d0 for smbd/nmbd/winbindd from bc72fb438fe s4:kdc: Translate HDB flags to SDB flags https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test - Log - commit e1e2bae551ebf031634c3b33a7fe3cb9fad7e8ee Author: Pavel Filipenský Date: Mon Feb 7 23:06:10 2022 +0100 s3:modules: Fix virusfilter_vfs_openat Bug: https://bugzilla.samba.org/show_bug.cgi?id=14971 Signed-off-by: Pavel Filipenský Pair-Programmed-With: Andreas Schneider Reviewed-by: Jeremy Allison Reviewed-by: Andreas Schneider Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Thu Feb 10 22:09:06 UTC 2022 on sn-devel-184 (cherry picked from commit 3f1c958f6fa9d2991185f4e281a377a295d09f9c) Autobuild-User(v4-16-test): Jule Anger Autobuild-Date(v4-16-test): Mon Feb 14 14:26:30 UTC 2022 on sn-devel-184 commit 63f6fac589e0fb210521e80111f53a8914a5f1a0 Author: Pavel Filipenský Date: Tue Feb 8 15:35:48 2022 +0100 s3:selftest: Add test for virus scanner Bug: https://bugzilla.samba.org/show_bug.cgi?id=14971 Signed-off-by: Pavel Filipenský Pair-Programmed-With: Andreas Schneider Reviewed-by: Jeremy Allison Reviewed-by: Andreas Schneider (cherry picked from commit a25c714c34d3e00e0f3c29d2acfa98cf9cdbc544) commit e95306ed8e3023419bef683264d7232a17d3eb8d Author: Pavel Filipenský Date: Tue Feb 8 15:34:56 2022 +0100 selftest: Fix trailing whitespace in Samba3.pm Bug: https://bugzilla.samba.org/show_bug.cgi?id=14971 Signed-off-by: Pavel Filipenský Reviewed-by: Jeremy Allison Reviewed-by: Andreas Schneider (cherry picked from commit 547b4c595a8513a4be99177edbaa39ce43840f7a) commit db32ea07caa75623d0e4e82cd7971e50dc53dc99 Author: Pavel Filipenský Date: Tue Feb 8 22:35:29 2022 +0100 docs-xml:manpages: Document 'dummy' virusfilter and 'virusfilter:infected files' Bug: https://bugzilla.samba.org/show_bug.cgi?id=14971 Signed-off-by: Pavel Filipenský Reviewed-by: Jeremy Allison Reviewed-by: Andreas Schneider (cherry picked from commit 2fd518e5cc63221c162c9b3f8526b9b7c9e34969) commit 174fcd9f6b34fcbb7dfe1571097118bdc82ae2f6 Author: Pavel Filipenský Date: Tue Feb 8 12:07:03 2022 +0100 s3:modules: Implement dummy virus scanner that uses filename matching Bug: https://bugzilla.samba.org/show_bug.cgi?id=14971 Signed-off-by: Pavel Filipenský Reviewed-by: Jeremy Allison Reviewed-by: Andreas Schneider (cherry picked from commit 9f34babec7c6aca3d91f226705d3b3996792e5f1) commit 2fd16c0cbf6bbf8ec9ca349b7a30a7eb1dc49f72 Author: Andreas Schneider Date: Wed Feb 9 16:33:10 2022 +0100 selftest: Do not force -d0 for smbd/nmbd/winbindd We have the env variable SERVER_LOG_LEVEL which allows you to change the log level on the command line. If we force -d0 this will not work. make test TESTS="samba" SERVER_LOG_LEVEL=10 Signed-off-by: Andreas Schneider Reviewed-by: Jeremy Allison (cherry picked from commit 9693f7ea7383c6a51ab58b7c8255b30206f18a3b) --- Summary of changes: docs-xml/manpages/vfs_virusfilter.8.xml| 12 +++ selftest/target/Samba3.pm | 20 - source3/modules/vfs_virusfilter.c | 18 - source3/modules/vfs_virusfilter_common.h | 4 + source3/modules/vfs_virusfilter_dummy.c| 58 ++ source3/modules/wscript_build | 1 + source3/script/tests/test_virus_scanner.sh | 124 + source3/selftest/tests.py | 9 +++ 8 files changed, 239 insertions(+), 7 deletions(-) create mode 100644 source3/modules/vfs_virusfilter_dummy.c create mode 100755 source3/script/tests/test_virus_scanner.sh Changeset truncated at 500 lines: diff --git a/docs-xml/manpages/vfs_virusfilter.8.xml b/docs-xml/manpages/vfs_virusfilter.8.xml index 329a35af68a..88f91d73a42 100644 --- a/docs-xml/manpages/vfs_virusfilter.8.xml +++ b/docs-xml/manpages/vfs_virusfilter.8.xml @@ -48,6 +48,10 @@ scanner clamav, the ClamAV scanner + dummy, dummy scanner used in + tests. Checks against the infected files + parameter and flags any name that matches as infected. +
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated
via bc72fb438fe s4:kdc: Translate HDB flags to SDB flags
via 27c6ad1f9b6 s4:kdc: Remove trailing spaces in hdb-samba4.c
via 6628357976b s4:kdc: Add a HDB to SDB mask
from fe8bf1d8aa6 libcli/smb: let smb2_signing_decrypt_pdu() cope with
gnutls_aead_cipher_decrypt() ptext_len bug
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test
- Log -
commit bc72fb438fe72d4403ba30f8e1a394a92507b88b
Author: Andreas Schneider
Date: Wed Jan 26 08:44:13 2022 +0100
s4:kdc: Translate HDB flags to SDB flags
We used to have a 1 to 1 mapping, but now we have
a conflict with these:
#define SDB_F_FORCE_CANON 16384
#define HDB_F_PRECHECK16384
We currently don't really care about HDB_F_PRECHECK,
so we can just filter it out.
In the long run we may change the SDB flags space to uint64...
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14960
Signed-off-by: Andreas Schneider
Reviewed-by: Stefan Metzmacher
(cherry picked from commit 6063e8016fccbefd1c3fe378e3807c77bc04e4ec)
Autobuild-User(v4-16-test): Jule Anger
Autobuild-Date(v4-16-test): Mon Feb 14 09:58:46 UTC 2022 on sn-devel-184
commit 27c6ad1f9b6dc75bf21efe54895acde160c99bcf
Author: Andreas Schneider
Date: Wed Jan 26 08:43:41 2022 +0100
s4:kdc: Remove trailing spaces in hdb-samba4.c
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14960
Signed-off-by: Andreas Schneider
Reviewed-by: Stefan Metzmacher
(cherry picked from commit 2a0d6c11330c40f5692dc07ed6482c7107035bd4)
commit 6628357976bbef265bd0785c40a7607642a25a54
Author: Andreas Schneider
Date: Wed Jan 26 08:39:50 2022 +0100
s4:kdc: Add a HDB to SDB mask
For most flags the mapping is 1 to 1, but it's not always
the case anymore.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14960
Signed-off-by: Andreas Schneider
Reviewed-by: Stefan Metzmacher
(cherry picked from commit 63e00f81b5dd05b50e6ac286e87b8637a4ecd7e0)
---
Summary of changes:
source4/kdc/hdb-samba4.c | 12
source4/kdc/sdb.h| 12
2 files changed, 20 insertions(+), 4 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/kdc/hdb-samba4.c b/source4/kdc/hdb-samba4.c
index c0ec4bd3cd8..71260d3ed0a 100644
--- a/source4/kdc/hdb-samba4.c
+++ b/source4/kdc/hdb-samba4.c
@@ -223,6 +223,8 @@ static krb5_error_code hdb_samba4_fetch_kvno(krb5_context
context, HDB *db,
struct samba_kdc_db_context *kdc_db_ctx;
struct sdb_entry_ex sdb_entry_ex = {};
krb5_error_code code, ret;
+ uint32_t sflags;
+
kdc_db_ctx = talloc_get_type_abort(db->hdb_db,
struct samba_kdc_db_context);
@@ -232,10 +234,12 @@ static krb5_error_code hdb_samba4_fetch_kvno(krb5_context
context, HDB *db,
entry_ex);
}
+ sflags = (flags & SDB_F_HDB_MASK);
+
ret = samba_kdc_fetch(context,
kdc_db_ctx,
principal,
- flags,
+ sflags,
kvno,
_entry_ex);
switch (ret) {
@@ -486,12 +490,12 @@ static void send_bad_password_netlogon(TALLOC_CTX
*mem_ctx,
req.in.validation_level = 3;
- /*
+ /*
* The memory in identity_info and user_info only needs to be
* valid until the end of this function call, as it will be
-* pushed to NDR during this call
+* pushed to NDR during this call
*/
-
+
dcerpc_winbind_SamLogon_r_send(mem_ctx, kdc_db_ctx->ev_ctx,
irpc_handle, );
}
diff --git a/source4/kdc/sdb.h b/source4/kdc/sdb.h
index 19d9b920278..cf7060bd169 100644
--- a/source4/kdc/sdb.h
+++ b/source4/kdc/sdb.h
@@ -116,6 +116,18 @@ struct sdb_entry_ex {
#define SDB_F_KVNO_SPECIFIED 128 /* we want a particular KVNO */
#define SDB_F_FOR_AS_REQ 4096/* fetch is for a AS REQ */
#define SDB_F_FOR_TGS_REQ 8192/* fetch is for a TGS REQ */
+
+#define SDB_F_HDB_MASK (SDB_F_DECRYPT | \
+SDB_F_GET_CLIENT| \
+SDB_F_GET_SERVER | \
+SDB_F_GET_KRBTGT | \
+SDB_F_CANON | \
+SDB_F_ADMIN_DATA | \
+SDB_F_KVNO_SPECIFIED | \
+SDB_F_FOR_AS_REQ | \
+SDB_F_FOR_TGS_REQ)
+
+/* This is not supported by HDB */
#define SDB_F_FORCE_CANON 16384 /* force canonicalition */
void
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated
via fe8bf1d8aa6 libcli/smb: let smb2_signing_decrypt_pdu() cope with
gnutls_aead_cipher_decrypt() ptext_len bug
via f400eef07a4 libcli/smb: fix error checking in
smb2_signing_decrypt_pdu() invalid ptext_len
via 8deee49cda0 selftest/quick: add smb2.session
from 188b96164c5 s3/libads: ensure a sockaddr variable is correctly zero
initialized
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test
- Log -
commit fe8bf1d8aa61fddf853e60f23750cc240ed8dcc6
Author: Stefan Metzmacher
Date: Mon Jan 31 20:33:43 2022 +0100
libcli/smb: let smb2_signing_decrypt_pdu() cope with
gnutls_aead_cipher_decrypt() ptext_len bug
The initial implementation of gnutls_aead_cipher_decrypt() had a bug and
used:
*ptext_len = ctext_len;
instead of:
*ptext_len = ctext_len - tag_size;
This got fixed with gnutls 3.5.2.
As we only require gnutls 3.4.7 we need to cope with this...
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14968
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andreas Schneider
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Wed Feb 2 18:29:08 UTC 2022 on sn-devel-184
(cherry picked from commit 735f3d7dde3daf5d0af2e8a1de60422b88663992)
Autobuild-User(v4-16-test): Jule Anger
Autobuild-Date(v4-16-test): Sun Feb 13 10:18:29 UTC 2022 on sn-devel-184
commit f400eef07a4e844e04affc0078c116b64cce897b
Author: Stefan Metzmacher
Date: Mon Jan 31 20:33:43 2022 +0100
libcli/smb: fix error checking in smb2_signing_decrypt_pdu() invalid
ptext_len
When the ptext_size != m_total check fails, we call this:
status = gnutls_error_to_ntstatus(rc, NT_STATUS_INTERNAL_ERROR);
goto out;
As rc is 0 at that point we'll exit smb2_signing_decrypt_pdu()
with NT_STATUS_OK, but without copying the decrypted data
back into the callers buffer. Which leads to strange errors
in the caller.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14968
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andreas Schneider
(cherry picked from commit 99182af4ab5a3413311e27c2a193e09babceb01c)
commit 8deee49cda04907202e3b0ce1fda5211bed7154e
Author: Stefan Metzmacher
Date: Tue Feb 1 10:52:27 2022 +0100
selftest/quick: add smb2.session
We run the quicktest on each linux distro as part of samba-o3 builds.
We should make sure smb2 signing/enctyption works on all of them
and all different system libraries.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14968
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andreas Schneider
(cherry picked from commit 68e62962b08497da8359ddbe4324443818c05cd1)
---
Summary of changes:
libcli/smb/smb2_signing.c | 24 +++-
selftest/quick | 1 +
wscript_configure_system_gnutls | 3 +++
3 files changed, 27 insertions(+), 1 deletion(-)
Changeset truncated at 500 lines:
diff --git a/libcli/smb/smb2_signing.c b/libcli/smb/smb2_signing.c
index 4a94b026ccc..6efb87801cb 100644
--- a/libcli/smb/smb2_signing.c
+++ b/libcli/smb/smb2_signing.c
@@ -1251,9 +1251,31 @@ NTSTATUS smb2_signing_decrypt_pdu(struct
smb2_signing_key *decryption_key,
ctext_size,
ptext,
_size);
- if (rc < 0 || ptext_size != m_total) {
+ if (rc < 0) {
+ TALLOC_FREE(ptext);
+ TALLOC_FREE(ctext);
+ status = gnutls_error_to_ntstatus(rc,
NT_STATUS_INTERNAL_ERROR);
+ goto out;
+ }
+#ifdef HAVE_GNUTLS_AEAD_CIPHER_DECRYPT_PTEXT_LEN_BUG
+ /*
+* Note that gnutls before 3.5.2 had a bug and returned
+* *ptext_len = ctext_len, instead of
+* *ptext_len = ctext_len - tag_size
+*/
+ if (ptext_size != ctext_size) {
+ TALLOC_FREE(ptext);
+ TALLOC_FREE(ctext);
+ rc = GNUTLS_E_SHORT_MEMORY_BUFFER;
+ status = gnutls_error_to_ntstatus(rc,
NT_STATUS_INTERNAL_ERROR);
+ goto out;
+ }
+ ptext_size -= tag_size;
+#endif /* HAVE_GNUTLS_AEAD_CIPHER_DECRYPT_PTEXT_LEN_BUG */
+ if (ptext_size != m_total) {
TALLOC_FREE(ptext);
TALLOC_FREE(ctext);
+ rc = GNUTLS_E_SHORT_MEMORY_BUFFER;
status = gnutls_error_to_ntstatus(rc,
NT_STATUS_INTERNAL_ERROR);
goto out;
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated via 188b96164c5 s3/libads: ensure a sockaddr variable is correctly zero initialized via 8cbf38a1b2b s3/libads: simplify storing existing ads->ldap.ss via cdcf23aac2f s3: libsmb: Call cli_dfs_target_check() from cli_smb2_rename_send(). via 35a250f49ee s3: libsmb: Call cli_dfs_target_check() from cli_cifs_rename_send(). via 1304041a4fd s3: libsmb: Call cli_dfs_target_check() from cli_smb1_rename_send(). via 01b06586f19 s3: libsmb: Call cli_dfs_target_check() from cli_ntrename_internal_send(). via 96122869594 s3: libsmb: Call cli_dfs_target_check() from cli_smb2_hardlink_send(). via 62ce0c8f55b s3: libsmb: Add cli_dfs_target_check() function. via 738fbcca544 s3: tests: Add a new test test_msdfs_rename() that does simple renames on MSDFS root shares. via 95aca464c7c s3: tests: Add a new test test_msdfs_hardlink() that does simple hardlinks on MSDFS root shares. from 64aea70f9f8 lib: libsmbclient: Ensure cli_rename() always sets cli->raw_status. https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test - Log - commit 188b96164c5849e28d0349adac6472e2bc4bd000 Author: Ralph Boehme Date: Fri Jan 28 17:51:10 2022 +0100 s3/libads: ensure a sockaddr variable is correctly zero initialized is_zero_addr() doesn't work with addresses that have been zero-initialized. This fixes the logic added in c863cc2ba34025731a18ac735f714b5b888504da. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14674 MR: https://gitlab.com/samba-team/samba/-/merge_requests/2354 Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Tue Feb 8 20:24:12 UTC 2022 on sn-devel-184 (cherry picked from commit 3ee690455eb963dedc7955b79316481387d4ac8c) Autobuild-User(v4-16-test): Jule Anger Autobuild-Date(v4-16-test): Wed Feb 9 12:03:17 UTC 2022 on sn-devel-184 commit 8cbf38a1b2ba83cde9529d7e9d71bc8fce449293 Author: Ralph Boehme Date: Mon Jan 31 12:54:12 2022 +0100 s3/libads: simplify storing existing ads->ldap.ss We just need temporal storage for ads->ldap.ss, no need to store it as a struct samba_sockaddr. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14674 MR: https://gitlab.com/samba-team/samba/-/merge_requests/2354 Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison (cherry picked from commit c266ed40aeb1b1f59a1811cd4511e32e44a4a719) commit cdcf23aac2f979d1ffa33a3a7b3fe98aa47c83d7 Author: Jeremy Allison Date: Thu Feb 3 15:59:51 2022 -0800 s3: libsmb: Call cli_dfs_target_check() from cli_smb2_rename_send(). Strips off any DFS prefix from the target if passed in. Remove knownfail selftest/knownfail.d/msdfs-rename. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14169 Signed-off-by: Jeremy Allison Reviewed-by: Noel Power Autobuild-User(master): Noel Power Autobuild-Date(master): Fri Feb 4 12:02:36 UTC 2022 on sn-devel-184 (cherry picked from commit b9b82f3611c56e837e9189f5275ae9a78e647262) commit 35a250f49ee8ae49fc8a9dfbb704211b189c9435 Author: Jeremy Allison Date: Thu Feb 3 15:56:51 2022 -0800 s3: libsmb: Call cli_dfs_target_check() from cli_cifs_rename_send(). Strips off any DFS prefix from the target if passed in. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14169 Signed-off-by: Jeremy Allison Reviewed-by: Noel Power (cherry picked from commit 4473aea926fe4ddd23a6e0913009bb1a0a1eaa90) commit 1304041a4fd2fbd5c35b5f5235345b40b5f17bf0 Author: Jeremy Allison Date: Thu Feb 3 15:54:55 2022 -0800 s3: libsmb: Call cli_dfs_target_check() from cli_smb1_rename_send(). Strips off any DFS prefix from the target if passed in. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14169 Signed-off-by: Jeremy Allison Reviewed-by: Noel Power (cherry picked from commit dd0317f6ecb572a80893405daa83e079dbcdf113) commit 01b06586f195a7eb592f18e5f5657ca9f2fa031d Author: Jeremy Allison Date: Thu Feb 3 14:54:26 2022 -0800 s3: libsmb: Call cli_dfs_target_check() from cli_ntrename_internal_send(). Currently we don't pass MSDFS names as targets here, but a caller may erroneously do this later, and for non-DFS names this is a no-op. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14169 Signed-off-by: Jeremy Allison Reviewed-by: Noel Power (cherry picked from commit cf3e5724422d8becd045542be196dfea6ac9ec2b) commit 96122869594760360b2ae26d194c7908bd900bd4 Author: Jeremy Allison Date: Thu Feb 3 14:51:13 2022 -0800 s3: libsmb: Call cli_dfs_target_check() from cli_smb2_hardlink_send(). Currently we don't pass MSDFS names as targets here, but a
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated
via 64aea70f9f8 lib: libsmbclient: Ensure cli_rename() always sets
cli->raw_status.
via 5c55418c25e s4: test: Add samba4.libsmbclient.rename test.
Currently fails for SMB3.
from 29355d0a2d4 VERSION: Bump version up to Samba 4.16.0rc3...
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test
- Log -
commit 64aea70f9f80acec2ba4f5da44e413f2f91c75c0
Author: Jeremy Allison
Date: Wed Feb 2 10:52:09 2022 -0800
lib: libsmbclient: Ensure cli_rename() always sets cli->raw_status.
Identical change as used in cli_unlink(), cli_mkdir(), cli_rmdir()
cli_chkpath() to ensure SMB2 calls correctly set raw_status for
libsmbclient uses.
Remove knownfail.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14938
Signed-off-by: Jeremy Allison
Reviewed-by: Ralph Boehme
Autobuild-User(master): Jeremy Allison
Autobuild-Date(master): Wed Feb 2 21:50:31 UTC 2022 on sn-devel-184
(cherry picked from commit ca60f6350d566b7ecc822bcbb44fb65a1d150bbe)
Autobuild-User(v4-16-test): Jule Anger
Autobuild-Date(v4-16-test): Fri Feb 4 08:41:09 UTC 2022 on sn-devel-184
commit 5c55418c25eb18d44416f486d1468ca6ccce0ab7
Author: Jeremy Allison
Date: Wed Feb 2 10:49:17 2022 -0800
s4: test: Add samba4.libsmbclient.rename test. Currently fails for SMB3.
Add knownfail.d/libsmbclient_rename
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14938
Signed-off-by: Jeremy Allison
Reviewed-by: Ralph Boehme
(cherry picked from commit 0ecc58858360bcc0181a02e52ada3e8327f97c5b)
---
Summary of changes:
source3/libsmb/clifile.c| 1 +
source4/torture/libsmbclient/libsmbclient.c | 112
2 files changed, 113 insertions(+)
Changeset truncated at 500 lines:
diff --git a/source3/libsmb/clifile.c b/source3/libsmb/clifile.c
index f1d0a9483f6..3c3f44923fc 100644
--- a/source3/libsmb/clifile.c
+++ b/source3/libsmb/clifile.c
@@ -1489,6 +1489,7 @@ NTSTATUS cli_rename(struct cli_state *cli,
}
status = cli_rename_recv(req);
+ cli->raw_status = status; /* cli_smb2_rename_recv doesn't set this */
fail:
TALLOC_FREE(frame);
diff --git a/source4/torture/libsmbclient/libsmbclient.c
b/source4/torture/libsmbclient/libsmbclient.c
index fd770e5002f..b04dbde04ac 100644
--- a/source4/torture/libsmbclient/libsmbclient.c
+++ b/source4/torture/libsmbclient/libsmbclient.c
@@ -1303,6 +1303,115 @@ out:
return ok;
}
+static bool torture_libsmbclient_rename(struct torture_context *tctx)
+{
+ SMBCCTX *ctx = NULL;
+ int fhandle = -1;
+ bool success = false;
+ const char *filename_src = NULL;
+ const char *filename_dst = NULL;
+ int ret;
+ const char *smburl = torture_setting_string(tctx, "smburl", NULL);
+
+ if (smburl == NULL) {
+ torture_fail(tctx,
+ "option --option=torture:smburl="
+ "smb://user:password@server/share missing\n");
+ }
+
+ torture_assert_goto(tctx,
+ torture_libsmbclient_init_context(tctx, ),
+ success,
+ done,
+ "");
+
+ smbc_set_context(ctx);
+
+ filename_src = talloc_asprintf(tctx,
+ "%s/src",
+ smburl);
+ if (filename_src == NULL) {
+ torture_fail_goto(tctx, done, "talloc fail\n");
+ }
+
+ filename_dst = talloc_asprintf(tctx,
+ "%s/dst",
+ smburl);
+ if (filename_dst == NULL) {
+ torture_fail_goto(tctx, done, "talloc fail\n");
+ }
+
+ /* Ensure the files don't exist. */
+ smbc_unlink(filename_src);
+ smbc_unlink(filename_dst);
+
+ /* Create them. */
+ fhandle = smbc_creat(filename_src, 0666);
+ if (fhandle < 0) {
+ torture_fail_goto(tctx,
+ done,
+ talloc_asprintf(tctx,
+ "failed to create file '%s': %s",
+ filename_src,
+ strerror(errno)));
+ }
+ ret = smbc_close(fhandle);
+ torture_assert_int_equal_goto(tctx,
+ ret,
+ 0,
+ success,
+ done,
+ talloc_asprintf(tctx,
+ "failed to close handle for '%s'",
+ filename_src));
+
+ fhandle = smbc_creat(filename_dst, 0666);
+ if (fhandle < 0) {
+ torture_fail_goto(tctx,
+ done,
+ talloc_asprintf(tctx,
+
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated
via 29355d0a2d4 VERSION: Bump version up to Samba 4.16.0rc3...
via a4763bd9d87 VERSION: Disable GIT_SNAPSHOT for the 4.16.0rc2 release.
via 4c3863633d3 WHATSNEW: Add release notes for Samba 4.16.0rc2.
via c278515c492 s3/rpc_server: install elasticsearch_mappings.json
via b88d24e33b2 CVE-2021-44141: s3: smbd: Inside
rename_internals_fsp(), we must use vfs_stat() for existence, not
SMB_VFS_STAT().
via 239e915b8f7 CVE-2021-44141: s3: torture: Add a test
samba3.blackbox.test_symlink_rename.SMB1.posix that shows we still leak target
info across a SMB1+POSIX rename.
via 86157b3c7bf CVE-2021-44141: s3: smbd: Fix a subtle bug in the error
returns from filename_convert().
via f4202a0bccd CVE-2021-44141: s3: smbd: Inside check_reduced_name()
ensure we return the correct error codes when failing symlinks.
via 4106af6d620 CVE-2021-44141: s3: smbd: For SMB1+POSIX clients trying
to open a symlink, always return NT_STATUS_OBJECT_NAME_NOT_FOUND.
via b8da8b72205 CVE-2021-44141: s3: torture: Change expected error
return for samba3.smbtorture_s3.plain.POSIX.smbtorture.
via c6d70dad3a2 CVE-2021-44141: s3: torture: In test_smbclient_s3,
change the error codes expected for test_widelinks() and test_nosymlinks() from
ACCESS_DENIED to NT_STATUS_OBJECT_NAME_NOT_FOUND.
via ea20599ff17 CVE-2021-44141: s3: torture: Add
samba3.blackbox.test_symlink_traversal.SMB1.posix
via e6ccaced533 CVE-2021-44141: s3: torture: Add
samba3.blackbox.test_symlink_traversal.SMB1.
via 1dcd818303b CVE-2021-44141: s3: torture: Add
samba3.blackbox.test_symlink_traversal.SMB2.
via ef822984360 CVE-2021-44142: libadouble: harden parsing code
via 03c6ba0054b CVE-2021-44142: libadouble: add basic cmocka tests
via 39eb60d97a4 CVE-2021-44142: libadouble: harden ad_unpack_xattrs()
via 36f847861bc CVE-2021-44142: smbd: add Netatalk xattr used by
vfs_fruit to the list of private Samba xattrs
via 9d7dd721b81 CVE-2021-44142: libadouble: add defines for icon lengths
via e4f18bfaec8 CVE-2022-0336: s4/dsdb/samldb: Don't return early when
an SPN is re-added to an object
via eaede91afd6 CVE-2022-0336: pytest: Add a test for an SPN conflict
with a re-added SPN
from 4d3054261df blackbox.ndrdump: fix
test_ndrdump_fuzzed_NULL_struct_ntlmssp_CHALLENGE_MESSAGE test
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test
- Log -
commit 29355d0a2d4e2b64a0cd1b8d16067f94f1594114
Author: Jule Anger
Date: Mon Jan 31 12:56:33 2022 +0100
VERSION: Bump version up to Samba 4.16.0rc3...
and re-enable GIT_SNAPSHOT.
Signed-off-by: Jule Anger
Autobuild-User(v4-16-test): Stefan Metzmacher
Autobuild-Date(v4-16-test): Mon Jan 31 15:26:29 UTC 2022 on sn-devel-184
commit a4763bd9d87f9efe93fa6d3ffc0ae9588663f8ef
Author: Jule Anger
Date: Mon Jan 31 12:56:06 2022 +0100
VERSION: Disable GIT_SNAPSHOT for the 4.16.0rc2 release.
Signed-off-by: Jule Anger
commit 4c3863633d31a3a45e5259e495c970e71df32732
Author: Jule Anger
Date: Mon Jan 31 12:55:04 2022 +0100
WHATSNEW: Add release notes for Samba 4.16.0rc2.
Signed-off-by: Jule Anger
Signed-off-by: Stefan Metzmacher
commit c278515c492a1b9ca842e809120ecf3a1328d112
Author: Ralph Boehme
Date: Thu Jan 27 12:06:55 2022 +0100
s3/rpc_server: install elasticsearch_mappings.json
This was removed accidentally remvoed by
a7c65958a15149918415b7456d6f20ee8c9669d2 because the original code
only installed the json file if the mdssvc was built as module:
if bld.SAMBA3_IS_ENABLED_MODULE('rpc_mdssvc_module'):
bld.INSTALL_FILES(bld.env.SAMBA_DATADIR,
'mdssvc/elasticsearch_mappings.json')
Installing the json file should just depend on Elasticsearch support
being enabled, regardless of the removed module support.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14961
Signed-off-by: Ralph Boehme
Reviewed-by: Noel Power
Autobuild-User(master): Noel Power
Autobuild-Date(master): Fri Jan 28 10:22:31 UTC 2022 on sn-devel-184
(cherry picked from commit 0eecfddd071ea54844c56516dd7adc761be03c27)
commit b88d24e33b2f4a2a540698520d76f1b8a2fe3e4d
Author: Jeremy Allison
Date: Tue Dec 7 22:19:29 2021 -0800
CVE-2021-44141: s3: smbd: Inside rename_internals_fsp(), we must use
vfs_stat() for existence, not SMB_VFS_STAT().
We need to take SMB1+POSIX into account here and do an LSTAT if it's
a POSIX name.
Remove knownfail.d/posix_sylink_rename
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14911
Signed-off-by: Jeremy Allison
commit 239e915b8f721bab820ffba6ff355d828a34ffe9
Author: Jeremy Allison
Date: Tue Dec 7 22:15:46 2021
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated via 4d3054261df blackbox.ndrdump: fix test_ndrdump_fuzzed_NULL_struct_ntlmssp_CHALLENGE_MESSAGE test via 7734584c4fd librpc/ndr: let ndr_push_string() let s_len == 0 result in d_len = 0 via 9be924f907c s4:torture/ndr: demonstrate the ndr_push_string(STR_NOTERM|REMAINING) of "" is wrong via a55de23fb05 blackbox.ndrdump: adjust example files to the usage of dump_data_diff output. via c1bd0f0d5e3 ndrdump: make use of dump_data_file_diff() in order to show differences via 1538a574a22 lib/util: add dump_data_diff*() helpers via f1cbfdc43c8 blackbox.ndrdump: adjust example files to changed dump_data() output. via 8097c9b3885 lib/util: split out a dump_data_block16() helper via c4132ef482b printing/bgqd: Disable systemd notifications via 20f84f11651 dcesrv_core: wrap gensec_*() calls in [un]become_root() calls from 3fdc553c981 VERSION: Bump version up to 4.16.0rc2... https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test - Log - commit 4d3054261df3b8726a4db943b0734071ad151423 Author: Stefan Metzmacher Date: Fri Jan 21 20:42:45 2022 +0100 blackbox.ndrdump: fix test_ndrdump_fuzzed_NULL_struct_ntlmssp_CHALLENGE_MESSAGE test This actually reveals that ndr_push_string() for TargetName="" was failing before because it resulted in 1 byte for a subcontext with TargetLen=0. This is fixed now and we no longer expect ndrdump to exit with 1. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14956 Signed-off-by: Stefan Metzmacher Reviewed-by: Andreas Schneider Autobuild-User(master): Stefan Metzmacher Autobuild-Date(master): Mon Jan 24 16:18:34 UTC 2022 on sn-devel-184 (cherry picked from commit 12464bd4c222d996aac6d6250b7945d63f20f4bc) Autobuild-User(v4-16-test): Jule Anger Autobuild-Date(v4-16-test): Sun Jan 30 11:52:27 UTC 2022 on sn-devel-184 commit 7734584c4fd5bee49ed564771a16d63f2b005937 Author: Stefan Metzmacher Date: Wed Nov 3 13:57:50 2021 +0100 librpc/ndr: let ndr_push_string() let s_len == 0 result in d_len = 0 convert_string_talloc_handle() tries to play an the safe side and always returns a null terminated array. But for NDR we need to be correct on the wire... BUG: https://bugzilla.samba.org/show_bug.cgi?id=14956 Signed-off-by: Stefan Metzmacher Reviewed-by: Andreas Schneider (cherry picked from commit 43648e95a514020da4c7efa62df55d0882e3db85) commit 9be924f907c5215d9452db1cb407c83f39df67a5 Author: Stefan Metzmacher Date: Fri Jan 21 01:09:23 2022 +0100 s4:torture/ndr: demonstrate the ndr_push_string(STR_NOTERM|REMAINING) of "" is wrong convert_string_talloc() never returns a string with len=0 and always implies zero termination byte(s). For ndr_push_string this is unexpected as we need to be compatible on the wire and push 0 bytes for an empty string. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14956 Signed-off-by: Stefan Metzmacher Reviewed-by: Andreas Schneider (cherry picked from commit 8da26cb6725b5d853ab481a348a3a672966715b5) commit a55de23fb057d1bf431f20225529e2eadbbccfdf Author: Stefan Metzmacher Date: Fri Jan 21 20:28:59 2022 +0100 blackbox.ndrdump: adjust example files to the usage of dump_data_diff output. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14956 Signed-off-by: Stefan Metzmacher Reviewed-by: Andreas Schneider (cherry picked from commit 1dc385cb648f0c37b04f4ede6b1c96916e379b23) commit c1bd0f0d5e3cc6da66e9241832ae29048c4cda40 Author: Stefan Metzmacher Date: Wed Nov 3 13:32:48 2021 +0100 ndrdump: make use of dump_data_file_diff() in order to show differences This makes it much easier to detect differences in the given and generated buffers. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14956 Signed-off-by: Stefan Metzmacher Reviewed-by: Andreas Schneider (cherry picked from commit d1a7f392a8ceef111a5d6c3d2a3bdb9dcb90db5e) commit 1538a574a22c2762ed322ffbf34f63ca872f034b Author: Stefan Metzmacher Date: Wed Nov 3 11:40:13 2021 +0100 lib/util: add dump_data_diff*() helpers That will make it easy to see the difference between two memory buffers. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14956 Signed-off-by: Stefan Metzmacher Reviewed-by: Andreas Schneider (cherry picked from commit b489b7feda19b3c0f0fe2300f2c76d416776355b) commit f1cbfdc43c8e940c6d2667eccc7545e39be49468 Author: Stefan Metzmacher Date: Fri Jan 21 20:06:40 2022 +0100 blackbox.ndrdump: adjust example files to changed dump_data() output. The cleanup using dump_data_block16() fixed the space handling. BUG:
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated via 3fdc553c981 VERSION: Bump version up to 4.16.0rc2... from 401df670af4 VERSION: Disable GIT_SNAPSHOT for the Samba 4.16.0rc1 release. https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test - Log - commit 3fdc553c9812f1d857abc7ed328e21ec7b56796d Author: Stefan Metzmacher Date: Fri Jan 28 11:18:06 2022 +0100 VERSION: Bump version up to 4.16.0rc2... and re-enable GIT_SNAPSHOT. Signed-off-by: Stefan Metzmacher Autobuild-User(v4-16-test): Stefan Metzmacher Autobuild-Date(v4-16-test): Fri Jan 28 11:17:33 UTC 2022 on sn-devel-184 --- Summary of changes: VERSION | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/VERSION b/VERSION index ddecf60a1f0..89dddc40217 100644 --- a/VERSION +++ b/VERSION @@ -87,7 +87,7 @@ SAMBA_VERSION_PRE_RELEASE= # e.g. SAMBA_VERSION_RC_RELEASE=1 # # -> "3.0.0rc1" # -SAMBA_VERSION_RC_RELEASE=1 +SAMBA_VERSION_RC_RELEASE=2 # To mark SVN snapshots this should be set to 'yes'# @@ -99,7 +99,7 @@ SAMBA_VERSION_RC_RELEASE=1 # e.g. SAMBA_VERSION_IS_SVN_SNAPSHOT=yes # # -> "3.0.0-SVN-build-199" # -SAMBA_VERSION_IS_GIT_SNAPSHOT=no +SAMBA_VERSION_IS_GIT_SNAPSHOT=yes # This is for specifying a release nickname# -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-16-test updated
The branch, v4-16-test has been updated
via 401df670af4 VERSION: Disable GIT_SNAPSHOT for the Samba 4.16.0rc1
release.
via c6bc927ac8f WHATSNEW: Up to Samba 4.16.0rc1.
via 1c776e54cf3 tdb: version 1.4.6
from 809f4fe2c78 s4:librpc: raise log level for failed connection
attempts
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test
- Log -
---
Summary of changes:
VERSION | 6 +++---
WHATSNEW.txt| 2 +-
lib/tdb/ABI/{tdb-1.3.17.sigs => tdb-1.4.6.sigs} | 0
lib/tdb/wscript | 2 +-
4 files changed, 5 insertions(+), 5 deletions(-)
copy lib/tdb/ABI/{tdb-1.3.17.sigs => tdb-1.4.6.sigs} (100%)
Changeset truncated at 500 lines:
diff --git a/VERSION b/VERSION
index ec3b043eaaa..ddecf60a1f0 100644
--- a/VERSION
+++ b/VERSION
@@ -77,7 +77,7 @@ SAMBA_VERSION_BETA_RELEASE=
# e.g. SAMBA_VERSION_PRE_RELEASE=1 #
# -> "2.2.9pre1" #
-SAMBA_VERSION_PRE_RELEASE=1
+SAMBA_VERSION_PRE_RELEASE=
# For 'rc' releases the version will be#
@@ -87,7 +87,7 @@ SAMBA_VERSION_PRE_RELEASE=1
# e.g. SAMBA_VERSION_RC_RELEASE=1 #
# -> "3.0.0rc1" #
-SAMBA_VERSION_RC_RELEASE=
+SAMBA_VERSION_RC_RELEASE=1
# To mark SVN snapshots this should be set to 'yes'#
@@ -99,7 +99,7 @@ SAMBA_VERSION_RC_RELEASE=
# e.g. SAMBA_VERSION_IS_SVN_SNAPSHOT=yes #
# -> "3.0.0-SVN-build-199" #
-SAMBA_VERSION_IS_GIT_SNAPSHOT=yes
+SAMBA_VERSION_IS_GIT_SNAPSHOT=no
# This is for specifying a release nickname#
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index a65439c43da..71a8d9a103e 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,7 +1,7 @@
Release Announcements
=
-This is the first pre release of Samba 4.16. This is *not*
+This is the first release candidate of Samba 4.16. This is *not*
intended for production environments and is designed for testing
purposes only. Please report any defects via the Samba bug reporting
system at https://bugzilla.samba.org/.
diff --git a/lib/tdb/ABI/tdb-1.3.17.sigs b/lib/tdb/ABI/tdb-1.4.6.sigs
similarity index 100%
copy from lib/tdb/ABI/tdb-1.3.17.sigs
copy to lib/tdb/ABI/tdb-1.4.6.sigs
diff --git a/lib/tdb/wscript b/lib/tdb/wscript
index 81132dc3276..2eb25b7f235 100644
--- a/lib/tdb/wscript
+++ b/lib/tdb/wscript
@@ -1,7 +1,7 @@
#!/usr/bin/env python
APPNAME = 'tdb'
-VERSION = '1.4.5'
+VERSION = '1.4.6'
import sys, os
--
Samba Shared Repository
