Volker Lendecke [Fri, 9 Feb 2024 12:02:25 +0000 (13:02 +0100)]
smbd: Simplify smbXsrv_open_purge_replay_cache()
GUID_buf_string is supposed to never fail except if the guid passed in
is NULL. Our only current caller already checks
that. dbwrap_purge_bystring() could actually fail, so put the result
into a variable for the debugger.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Error: INTEGER_OVERFLOW (CWE-190):
ldb-2.9.0/common/ldb_ldif.c:84: tainted_data_return: Called function "read(f, buf, size)", and a possible return value may be less than zero.
ldb-2.9.0/common/ldb_ldif.c:84: cast_overflow: An assign that casts to a different type, which might trigger an overflow.
ldb-2.9.0/common/ldb_ldif.c:92: overflow: The expression "size" is considered to have possibly overflowed.
ldb-2.9.0/common/ldb_ldif.c:84: overflow_sink: "size", which might be negative, is passed to "read(f, buf, size)". [Note: The source code implementation of the function has been overridden by a builtin model.]
82| buf = (char *)value->data;
83| while (count < statbuf.st_size) {
84|-> bytes = read(f, buf, size);
85| if (bytes == -1) {
86| talloc_free(value->data);
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Apr 30 15:33:32 UTC 2024 on atb-devel-224
lib:ldb: Add missing overflow check in ldb_msg_normalize()
Error: INTEGER_OVERFLOW (CWE-190):
ldb-2.9.0/common/ldb_msg.c:1235: tainted_data_argument: The check "i < msg2->num_elements" contains the tainted expression "i" which causes "msg2->num_elements" to be considered tainted.
ldb-2.9.0/common/ldb_msg.c:1253: overflow: The expression "msg2->num_elements - (i + 1U)" is deemed underflowed because at least one of its arguments has underflowed.
ldb-2.9.0/common/ldb_msg.c:1253: overflow: The expression "32UL * (msg2->num_elements - (i + 1U))" is deemed underflowed because at least one of its arguments has underflowed.
ldb-2.9.0/common/ldb_msg.c:1253: overflow_sink: "32UL * (msg2->num_elements - (i + 1U))", which might have underflowed, is passed to "memmove(el2, el2 + 1, 32UL * (msg2->num_elements - (i + 1U)))". [Note: The source code implementation of the function has been overridden by a builtin model.]
1251| talloc_free(discard_const_p(char, el2->name));
1252| if ((i+1) < msg2->num_elements) {
1253|-> memmove(el2, el2+1, sizeof(struct ldb_message_element) *
1254| (msg2->num_elements - (i+1)));
1255| }
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
lib:tdb: Add missing overflow check for num_values in pytdb.c
Error: INTEGER_OVERFLOW (CWE-190):
tdb-1.4.10/pytdb.c:401: cast_overflow: Truncation due to cast operation on "num_values" from 64 to 32 bits.
tdb-1.4.10/pytdb.c:401: overflow_sink: "num_values", which might have overflowed, is passed to "tdb_storev(self->ctx, key, values, num_values, flag)".
399| }
400|
401|-> ret = tdb_storev(self->ctx, key, values, num_values, flag);
402| free(values);
403| PyErr_TDB_ERROR_IS_ERR_RAISE(ret, self->ctx);
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
Signed-off-by: Anna Popova <popova.anna235@gmail.com> Reviewed-by: Noel Power <noel.power@suse.com> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Mon Apr 29 10:56:48 UTC 2024 on atb-devel-224
s3:libnet: Fix memory leak in libnet_join_connect_dc_ipc()
Direct leak of 885 byte(s) in 1 object(s) allocated from:
#0 0x7f261b8dc03f in malloc (/lib64/libasan.so.8+0xdc03f) (BuildId: 3e1694ad218c99a8b1b69231666a27df63cf19d0)
#1 0x7f261b2c2bc2 in __talloc_with_prefix ../../lib/talloc/talloc.c:783
#2 0x7f261b2c543c in _talloc_pool ../../lib/talloc/talloc.c:838
#3 0x7f261b2c543c in _talloc_pooled_object ../../lib/talloc/talloc.c:906
#4 0x7f261a69cac9 in __tevent_req_create ../../lib/tevent/tevent_req.c:98
#5 0x7f261a75bf55 in cli_full_connection_creds_send ../../source3/libsmb/cliconnect.c:3455
#6 0x7f261a75c4b7 in cli_full_connection_creds ../../source3/libsmb/cliconnect.c:3818
#7 0x7f261b70d39f in libnet_join_connect_dc_ipc ../../source3/libnet/libnet_join.c:1146
#8 0x7f261b715794 in libnet_join_lookup_dc_rpc ../../source3/libnet/libnet_join.c:1188
#9 0x7f261b715794 in libnet_DomainJoin ../../source3/libnet/libnet_join.c:2812
#10 0x7f261b715794 in libnet_Join ../../source3/libnet/libnet_join.c:3040
#11 0x555bd93671ea in net_ads_join ../../source3/utils/net_ads.c:1855
#12 0x555bd9415ca9 in net_join ../../source3/utils/net_join.c:45
#13 0x555bd940b972 in net_run_function ../../source3/utils/net_util.c:464
#14 0x555bd9363129 in main ../../source3/utils/net.c:1372
#15 0x7f2616a281af in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
Jo Sutton [Wed, 24 Apr 2024 01:34:27 +0000 (13:34 +1200)]
python:tests: Store keys as bytes rather than as lists of ints
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Apr 24 06:20:58 UTC 2024 on atb-devel-224
Jo Sutton [Sun, 21 Apr 2024 23:10:00 +0000 (11:10 +1200)]
lib:crypto: Fix Coverity build
The Coverity build is failing with the following errors:
[1936/5164] Compiling lib/crypto/gkdi.c
In file included from /usr/lib64/gcc/x86_64-suse-linux/7/include/stdint.h:9:0,
from /usr/include/inttypes.h:27,
from ../../lib/crypto/../replace/replace.h:64,
from ../../source4/include/includes.h:23,
from ../../lib/crypto/gkdi.c:21:
../../lib/crypto/gkdi.c: In function ‘gkdi_get_key_start_time’:
../../lib/crypto/gkdi.c:197:4: error: initializer element is not constant
UINT64_MAX /
^
../../lib/crypto/gkdi.c:197:4: note: (near initialization for ‘max_gkid.l0_idx’)
../../lib/crypto/gkdi.c:200:4: error: initializer element is not constant
UINT64_MAX /
^
../../lib/crypto/gkdi.c:200:4: note: (near initialization for ‘max_gkid.l1_idx’)
../../lib/crypto/gkdi.c:204:4: error: initializer element is not constant
UINT64_MAX / gkdi_key_cycle_duration %
^
../../lib/crypto/gkdi.c:204:4: note: (near initialization for ‘max_gkid.l2_idx’)
Fix the build by removing the ‘static’ specifier on this constant.
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Wed, 24 Apr 2024 02:26:35 +0000 (14:26 +1200)]
ctdb: Ensure ‘ret’ is always initialized
This avoids a compilation error:
../../ctdb/protocol/protocol_util.c: In function ‘ctdb_connection_list_read’:
../../ctdb/protocol/protocol_util.c:787:9: error: ‘ret’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
787 | return ret;
| ^~~
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz> Reviewed-by: Martin Schwenke <martin@meltin.net>
WHATSNEW: document ldaps/tls related option changes
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Apr 24 00:59:53 UTC 2024 on atb-devel-224
In order to use SASL authentitation within a TLS connection
we now provide "client ldap sasl wrapping = starttls" or
"client ldap sasl wrapping = ldaps".
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This operates in a non-async fashion and may block
in the push and pull function.
It will be used to plug into openldap transport
layer, this is needed in order to have access
to the channel bindings. And also use the same
configuration for all our gnutls based tls code.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
s3:libads: directly use kerberos without asking the server
Every AD DC supports kerberos so we can just use it without
asking the server (in an untrusted way) if kerberos is supported.
So remove another useless roundtrip.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
s3:tldap: simplify read_ldap_more() by using asn1_peek_full_tag()
An LDAP pdu is at least 7 bytes long, so we read at least 7 bytes,
then it's easy to use asn1_peek_full_tag() in order to find out the
whole length of the pdu on one go.
As a side effect it's now possible that wireshark can reassemble
the fragments in a socket_wrapper generated pcap file.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
s4:libcli/ldap: add tls channel binding support for ldap_bind_sasl()
We still allow 'ldap_testing:tls_channel_bindings = no' and
'ldap_testing:channel_bound = no' for testing
the old behavior in order to have expected failures in our tests.
And we have 'ldap_testing:forced_channel_binding = somestring'
in order to force invalid bindings.
s4:ldap_server: add support for tls channel bindings
ldap server require strong auth = allow_sasl_over_tls
is now an alias for 'allow_sasl_without_tls_channel_bindings'
and should be avoided and changed to 'yes' or
'allow_sasl_without_tls_channel_bindings'.
This is based on GNUTLS_CB_TLS_SERVER_END_POINT
and is the value that is required for channel bindings
in LDAP of active directory domain controllers.
For gnutls versions before 3.7.2 we basically
copied the code from the GNUTLS_CB_TLS_SERVER_END_POINT
implementation as it only uses public gnutls functions
and it was easy to re-implement.
lib/crypto: add legacy_gnutls_server_end_point_cb() if needed
gnutls_session_channel_binding(GNUTLS_CB_TLS_SERVER_END_POINT)
is only available with gnutls 3.7.2, but we still want to
support older gnutls versions and that's easily doable...