idmap_nss: Do not return SID from unixids_to_sids on type mismatch
The call to winbind_lookup_name already wrote the result in the id_map
array. The later check for the type detected a mismatch, but that did
not remove the SID from the result struct.
Change this by first assigning the SID to a temporary variable and only
write it to the id_map array after the type checks.
idmap_rfc2307: Do not return SID from unixids_to_sids on type mismatch
The call to winbind_lookup_name already wrote the result in the id_map
array. The later check for the type detected a mismatch, but that did
not remove the SID from the result struct.
Change this by first assigning the SID to a temporary variable and only
write it to the id_map array after the type checks.
Sachin Prabhu [Wed, 10 Mar 2021 12:22:07 +0000 (12:22 +0000)]
smbd: Ensure errno is preserved across fsp destructor
The errno can be overwritten by the calls made by the fsp destructor.
This can cause problems if the original errno was required by subsequent
calls.
Signed-off-by: Jeremy Allison <jra@samba.org> Signed-off-by: Sachin Prabhu <sprabhu@redhat.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Mar 10 22:55:17 UTC 2021 on sn-devel-184
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Björn Jacke <bjacke@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Mar 10 09:51:25 UTC 2021 on sn-devel-184
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Björn Jacke <bjacke@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Björn Jacke <bjacke@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Wed, 3 Mar 2021 06:17:36 +0000 (19:17 +1300)]
ldb_match: trailing chunk must match end of string
A wildcard search is divided into chunks by the asterisks. While most
chunks match the first suitable string, the last chunk matches the
last possible string (unless there is a trailing asterisk, in which
case this distinction is moot).
We always knew this in our hearts, but we tried to do it in a funny
complicated way that stepped through the string, comparing here and
there, leading to CVE-2019-3824 and missed matches (bug 14044).
With this patch, we just jump to the end of the string and compare it.
As well as being correct, this should also improve performance, as the
previous algorithm involved a quadratic loop of erroneous memmem()s.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Björn Jacke <bjacke@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Volker Lendecke [Tue, 23 Feb 2021 15:27:44 +0000 (16:27 +0100)]
winbindd: Apply some const to normalize_name_map()
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Mar 9 23:45:51 UTC 2021 on sn-devel-184
Volker Lendecke [Tue, 9 Mar 2021 07:50:26 +0000 (08:50 +0100)]
srvsrvc: Reload conf after changing a share
The call to messaging_send_all() skips ourselves. This is tested in
source3/script/tests/test_rpcclientsrvsvc.sh, which right now we only
survive because the rpcclient call spawns a new smbd, which reloads
smb.conf. Once you start running srvsvcd in a long-running daemon,
this fails.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 13 Feb 2021 10:40:34 +0000 (11:40 +0100)]
lib: Fix file_ploadv_send/recv cleanup
We have to first TALLOC_FREE() the waiting event before closing the
pipe. Otherwise EPOLL_CTL_DEL is unhappy and might remove an unrelated
file descriptor.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 27 Jan 2021 13:59:16 +0000 (14:59 +0100)]
librpc: Simplify struct dcesrv_handle
This saves a tiny bit of memory: dom_sid_dup() allocates a full struct
dom_sid, although it might not have to. Save the additional talloc
object and the pointer, be more cache-friendly
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
David Mulder [Fri, 19 Feb 2021 19:36:50 +0000 (12:36 -0700)]
samba-tool: Add a gpo command for setting VGP Issue Group Policy
Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Mar 8 20:57:50 UTC 2021 on sn-devel-184
David Mulder [Fri, 26 Feb 2021 22:02:02 +0000 (15:02 -0700)]
gpo: Don't free talloc pointer held elsewhere
Freeing this pointer produces the following error:
ERROR: talloc_free with references at ../../libgpo/pygpo.c:481
reference at ../../pytalloc_util.c:164
reference at ../../pytalloc_util.c:164
Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Mar 8 19:08:07 UTC 2021 on sn-devel-184
David Mulder [Wed, 24 Feb 2021 17:53:17 +0000 (10:53 -0700)]
gpo: Test to ensure that samba-gpupdate doesn't require ad-dc
Running samba-gpupdate on a client is causing an
error in gp_access_ext, due to it attempting to
access sam.ldb before detecting whether we are on
an ad-dc.
Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org>
smbXsrv_client: move the connection passing to smb2srv_client_mc_negprot_send/recv
We need a full request/response pair in order to avoid races in
the multichannel connection passing.
smb2srv_client_mc_negprot_send/recv locks the
db record for the given client_guid.
If there's no entry found, we add ourself and
return NT_STATUS_OK.
If there's an existing process for that client guid
we start messaging_filtered_read_send()
dbwrap_watched_watch_send() before calling
smb2srv_client_connection_pass().
Then we release the lock and wait for either
MSG_SMBXSRV_CONNECTION_PASSED to arrive or
retry if dbwrap_watched_watch_recv signaled
a change in the database.
If we got MSG_SMBXSRV_CONNECTION_PASSED we'll
return NT_STATUS_MESSAGE_RETRIEVED in order to
signal that the other process will take care of
the connection and we terminate the current process.
All that is done completely async, which means that
the IDLE_CLOSED_TIMEOUT (60 seconds) may trigger
deadtime_fn(), which will send itself a MSG_SHUTDOWN.
So the process that accepted the tcp connection
exists if there was no MSG_SMBXSRV_CONNECTION_PASSED
within 60 seconds.
However the fd may still exists in the kernel (and
the new connection may still be handed to the other
process. If that process somehow exists before
there's no way to prevent a connection termination
for the client.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Mar 6 03:30:06 UTC 2021 on sn-devel-184
smbXsrv_session: set session->db_rec = NULL after session->db_rec = local_rec
This actually fixes crashes due to stale pointers.
With multi-channel and with 2 (or more) connections,
we'll call smbXsrv_session_disconnect_xconn() when a connection
gets disconnected, but we'll leave smbXsrv_client and all other
connections in place.
However smbXsrv_session_disconnect_xconn_callback() left
a stale session->db_rec pointer in place, which means
a following smbXsrv_session_logoff() will call
dbwrap_record_delete(local_rec) on a stale pointer.
s4:torture/smb2: add a smb2.session.two_logoff test
This reproduces a bug where two SMB2_LOGOFF messages kill the whole
client smbd when multi-channel is used, instead of just removing the
logical session.
Samuel Cabrero [Mon, 1 Mar 2021 16:26:24 +0000 (17:26 +0100)]
librpc: Lower dcesrv_call_dispatch_local() errors from DBG_ERR to DBG_INFO
Before merging the s3 and s4 RPC servers the rpcint_dispatch function
was not logging any error.
This commit lowers from DBG_ERR to DBG_INFO the importance of error
messages when dispatching local RPC calls. There are some situations
where RPC functions return RPC faults and this is not a fatal condition.
One example is _lsa_QueryInfoPolicy2.
This change prevents a noisy error logged when winbindd tries to connect to
its primary domain in the nt4_member and ad_member test environments:
Samuel Cabrero [Mon, 1 Mar 2021 14:56:06 +0000 (15:56 +0100)]
winbind: Remove noisy error message in wb_open_internal_pipe()
Before merging the s4 and s3 RPC servers the make_internal_rpc_pipe_p()
function did not fail when the requested interface was not registered in
the calling process because it did not check the return value of
rpc_srv_get_pipe_cmds(). If the interface was not registed, the pointer
to the interface functions was NULL and later, when dispatching a call,
rpcint_dispatch() returned NT_STATUS_RPC_PROCNUM_OUT_OF_RANGE in this
case.
After merging the RPC servers, the rpc_pipe_open_internal() function
will return NT_STATUS_RPC_INTERFACE_NOT_FOUND if the interface is not
registered in the calling process. This causes a noisy error message in
winbind when it tries to open the dssetup pipe to the primary domain and
it is not an AD domain.
The callers of wb_open_internal_pipe() when connecting to the domain
already logs the error at level greather or equal to five. This commit
moves the dupplicated and noisy error message at level zero from
wb_open_internal_pipe() to its callers outside winbindd_cm.c.
This error can be seen in winbindd logs of ad_member and nt4_member test
environments.
[2021/03/01 16:49:38.486004, 0, pid=12456] ../../source3/winbindd/winbindd_cm.c:1893(wb_open_internal_pipe)
open_internal_pipe: Could not connect to dssetup pipe: NT_STATUS_RPC_INTERFACE_NOT_FOUND
Signed-off-by: Samuel Cabrero <scabrero@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 3 Mar 2021 18:15:31 +0000 (19:15 +0100)]
g_lock: Fix uninitalized variable reads
If dbwrap_watched_watch_recv() returns IO_TIMEOUT, "blockerdead" might
be an uninitialized non-false, and further down we'll remove the wrong
exclusive locker.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14636 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Mar 5 11:22:07 UTC 2021 on sn-devel-184
Volker Lendecke [Wed, 3 Mar 2021 10:20:51 +0000 (11:20 +0100)]
vfs_aixacl2: Fix "mem_ctx" and "ppdesc" smb_fget_nt_acl_nfs4 args
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Björn Jacke <bjacke@samba.org>
Autobuild-User(master): Björn Jacke <bjacke@samba.org>
Autobuild-Date(master): Wed Mar 3 12:36:13 UTC 2021 on sn-devel-184
Trever L. Adams [Fri, 26 Feb 2021 22:52:03 +0000 (14:52 -0800)]
s3:modules:vfs_virusfilter: Recent talloc changes cause infinite start-up failure
Recent talloc changes cause the current check for failure to allocate to be incorrectly triggered.
This patch ensures the original parameter is not NULL before attempting any talloc or strstr.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14634
RN: Fix failure of vfs_virusfilter starting due to talloc changes
Signed-off-by: Trever L. Adams" <trever.adams@gmail.com> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Noel Power <npower@samba.org>
Autobuild-User(master): Noel Power <npower@samba.org>
Autobuild-Date(master): Mon Mar 1 21:44:55 UTC 2021 on sn-devel-184
Jelmer Vernooij [Sat, 27 Feb 2021 16:49:38 +0000 (16:49 +0000)]
Suggest running './configure' rather than 'waf configure'.
waf actively discourages system-wide waf installs, so the latter is unlikely
to work.
Signed-off-by: Jelmer Vernooij <jelmer@jelmer.uk> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Mar 1 04:56:15 UTC 2021 on sn-devel-184
projects / thirdparty / samba.git / log
