Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
This was fixed differently by commit 539f51f0dfbe4ce317a2978982fd0fc9a7fd6922 in master.
Autobuild-User(v4-7-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-7-test): Tue Jun 19 17:54:45 CEST 2018 on sn-devel-144
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jun 1 20:32:03 CEST 2018 on sn-devel-144
Günther Deschner [Wed, 30 May 2018 07:27:49 +0000 (09:27 +0200)]
s4-heimdal: Fix the format-truncation errors.
../source4/heimdal/lib/com_err/compile_et.c: In function ‘generate_h’:
../source4/heimdal/lib/com_err/compile_et.c:138:33: error: ‘%s’ directive output may be truncated writing up to 127 bytes into a region of size 126 [-Werror=format-truncation=]
snprintf(fn, sizeof(fn), "__%s__", hfn);
^~ ~~~
../source4/heimdal/lib/com_err/compile_et.c:138:5: note: ‘snprintf’ output between 5 and 132 bytes into a destination of size 128
snprintf(fn, sizeof(fn), "__%s__", hfn);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../source4/heimdal/lib/com_err/compile_et.c: In function ‘main’:
../source4/heimdal/lib/com_err/compile_et.c:234:35: error: ‘.h’ directive output may be truncated writing 2 bytes into a region of size between 1 and 128 [-Werror=format-truncation=]
snprintf(hfn, sizeof(hfn), "%s.h", Basename);
^~
../source4/heimdal/lib/com_err/compile_et.c:234:5: note: ‘snprintf’ output between 3 and 130 bytes into a destination of size 128
snprintf(hfn, sizeof(hfn), "%s.h", Basename);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../source4/heimdal/lib/com_err/compile_et.c:235:35: error: ‘.c’ directive output may be truncated writing 2 bytes into a region of size between 1 and 128 [-Werror=format-truncation=]
snprintf(cfn, sizeof(cfn), "%s.c", Basename);
^~
../source4/heimdal/lib/com_err/compile_et.c:235:5: note: ‘snprintf’ output between 3 and 130 bytes into a destination of size 128
snprintf(cfn, sizeof(cfn), "%s.c", Basename);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
cc1: some warnings being treated as errors
Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Jun 8 13:23:51 CEST 2018 on sn-devel-144
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri May 18 02:38:50 CEST 2018 on sn-devel-144
Christof Schmitt [Wed, 16 May 2018 20:17:52 +0000 (13:17 -0700)]
smbd: Cache dfree information based on query path
Sub directories in a SMB share can have different free space information
(e.g. when a different file system is mounted there). Caching the dfree
information per SMB share will return invalid data. Address this by
switching to memcache and store the cached data based on the query path.
Andrew Bartlett [Tue, 10 Apr 2018 04:35:07 +0000 (16:35 +1200)]
lib/util: Move log_stack_trace() to common code
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13454
(cherry picked from commit bf9551902afdb32310db4a3381964c435dd08bf0)
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13454
(cherry picked from commit 3acc00b6808d5d5ad035d9d43526204db1608c8a)
Andrew Bartlett [Tue, 10 Apr 2018 03:54:10 +0000 (15:54 +1200)]
s3-lib: Remove support for libexc for IRIX backtraces
IRIX is long dead, and this code needs become_root() which is not in
the top level code.
Additionally, the check for libexc never made it into waf, so this
has been dead code since Samba 4.1.
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13454
(cherry picked from commit 85dc9ee14023a8fb84b5c74555d43008bb6bb0c0)
auth/ntlmssp: fix handling of GENSEC_FEATURE_LDAP_STYLE as a server
This fixes "NTLMSSP NTLM2 packet check failed due to invalid signature!"
error messages, which were generated if the client only sends
NTLMSSP_NEGOTIATE_SIGN without NTLMSSP_NEGOTIATE_SEAL on an LDAP
connection.
We need to evaluate GENSEC_FEATURE_LDAP_STYLE at the end
of the authentication (as a server, while we already
do so at the beginning as a client).
As a reminder I introduced GENSEC_FEATURE_LDAP_STYLE
(as an internal flag) in order to let us work as a
Windows using NTLMSSP for LDAP. Even if only signing is
negotiated during the authentication the following PDUs
will still be encrypted if NTLMSSP is used. This is exactly the
same as if the client would have negotiated NTLMSSP_NEGOTIATE_SEAL.
I guess it's a bug in Windows, but we have to reimplement that
bug. Note this only applies to NTLMSSP and only to LDAP!
Signing only works fine for LDAP with Kerberos
or DCERPC and NTLMSSP.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed May 16 03:26:03 CEST 2018 on sn-devel-144
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit fc1c5bd3be2c3f90eab2f31e43cf053f7ff13782)
This will be used to similate a Windows client only
using NTLMSSP_NEGOTIATE_SIGN without NTLMSSP_NEGOTIATE_SEAL
on an LDAP connection, which is indicated internally by
GENSEC_FEATURE_LDAP_STYLE.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 7f2bebf09cd8056b3f901dd9ff1fc9e9525f3e9d)
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri May 11 23:30:32 CEST 2018 on sn-devel-144
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 2715f52f54e66a73131a92d752a8c2447da1fd33)
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 5319cae00096dcecc29aa9fa675a983352ad64d8)
nsswitch: Lookup the domain in tests with the wb seperator
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 4fa811ec7bc301e96f5e40ba281e8d4e8709b94f)
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 0aceca6a94e868f9c01a66f79624ca10d80560ab)
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 0d2f743d826b87b369e25fc6bb9ff61f2b0896aa)
Volker Lendecke [Sun, 6 Aug 2017 16:13:10 +0000 (18:13 +0200)]
winbindd: Move name<->sid cache to gencache
The mapping from name to sid and vice versa has nothing to
do with a specific domain. It is publically available. Thus put
it into gencache without referring to the domain this was
retrieved from
Vandana Rungta [Tue, 8 May 2018 18:27:47 +0000 (11:27 -0700)]
s3: VFS: Fix memory leak in vfs_ceph.
Centralize error handling.
https://bugzilla.samba.org/show_bug.cgi?id=13424
Signed-off-by: Vandana Rungta <vrungta@amazon.com> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed May 9 04:28:11 CEST 2018 on sn-devel-144
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit fc9150dcab231fe9beb72e198b0c2742d5f2505f)
Autobuild-User(v4-7-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-7-test): Mon May 14 14:58:22 CEST 2018 on sn-devel-144
Andrew Bartlett [Wed, 21 Mar 2018 07:43:10 +0000 (20:43 +1300)]
winbindd: Add a cache of the samr and lsa handles for the passdb domain
This domain is very close, in AD DC configurations over a internal ncacn_np pipe
and otherwise in the same process via C linking. It is however very expensive
to re-create the binding handle per SID->name lookup, so keep a cache.
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit d418d0ca33afb41a793a2fff19ca68871aa5e9ef)
As found by Jeremy, VFS modules that don't provide pread_send() or
pwrite_send() hooks result in vfs_default fallback, which is
catastrophic for VFS modules with non-mounted filesystems such as
vfs_ceph.
Reported-by: Jeremy Allison <jra@samba.org> Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit f0e6453b0420fe9d062936d4ddc05f44b40cf2ba)
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu May 3 02:42:20 CEST 2018 on sn-devel-144
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Mon Apr 30 21:48:55 CEST 2018 on sn-devel-144
Björn Jacke [Thu, 19 Apr 2018 14:14:38 +0000 (16:14 +0200)]
printing: return the same error code as windows does on upload failures
Some print drivers inf files are broken and cause driver installation to fail
on Samba servers. Windows returns WERR_APP_INIT_FAILURE in that case, we should
do the same. Windows machines are less unlucky with that.
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Böhme <slow@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Apr 12 02:04:28 CEST 2018 on sn-devel-144
Jeremy Allison [Wed, 11 Apr 2018 18:05:14 +0000 (11:05 -0700)]
s3: smbd. Generic fix for incorrect reporting of stream dos attributes on a directory
According to MS-FSA a stream name does not have
separate DOS attribute metadata, so we must return
the DOS attribute from the base filename. With one caveat,
a non-default stream name can never be a directory.
As this is common to all streams data stores, we handle
it here instead of inside all stream VFS modules.
Otherwise identical logic would have to be added to
all streams modules in their [f]get_dos_attribute_fn()
VFS calls.
Found in real-world use case by Andrew Walker <awalker@ixsystems.com>.
Jeremy Allison [Wed, 11 Apr 2018 15:41:00 +0000 (08:41 -0700)]
s3: vfs: vfs_streams_xattr: Don't blindly re-use the base file mode bits.
When returning the stat struct for an xattr stream,
we originally base the st_ex_mode field on the value
from the base file containing the xattr. If the base
file is a directory, it will have S_IFDIR set in st_ex_mode,
but streams can never be directories, they must be reported
as regular files.
The original code OR'ed in S_IFREG, but neglected to
AND out S_IFDIR.
Note this is not a complete to fix bug 13380 as
it doesn't fix the generic case with all streams
modules. See later fix and regression test.
Found in real-world use case by Andrew Walker <awalker@ixsystems.com>.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Thu Mar 15 20:57:44 CET 2018 on sn-devel-144
The calls were missing the negation operator, a retry should be
attempted is the binding handle got somehow disconnected behind the
scenes and is NOT connected.
Ralph Boehme [Mon, 12 Mar 2018 12:39:59 +0000 (13:39 +0100)]
winbindd: force netlogon reauth for certain errors in reset_cm_connection_on_error()
NT_STATUS_RPC_SEC_PKG_ERROR is returned by the server if the server
doesn't know the server-side netlogon credentials anymore, eg after a
reboot. If this happens we must force a full netlogon reauth.
Ralph Boehme [Mon, 12 Mar 2018 11:20:04 +0000 (12:20 +0100)]
winbindd: call reset_cm_connection_on_error() from reconnect_need_retry()
This ensures we use the same disconnect logic in the reconnect backend,
which calls reconnect_need_retry(), and in the dual_srv frontend which
calls reset_cm_connection_on_error.
Both reset_cm_connection_on_error() and reconnect_need_retry() are very
similar, both return a bool indicating whether a retry should be
attempted, unfortunately the functions have a different default return,
so I don't dare unifying them, but instead just call one from the other.
Volker Lendecke [Wed, 28 Feb 2018 15:09:28 +0000 (15:09 +0000)]
winbind: Keep "force_reauth" in invalidate_cm_connection
Right now I don't see a way to actually force a re-serverauth
from the client side as long as an entry in netlogon_creds_cli.tdb
exists. cm_connect_netlogon goes through invalidate_cm_connection, and
this wipes our wish to force a reauthenticatoin. Keep this intact until
we actually did reauthenticate.
Volker Lendecke [Wed, 28 Feb 2018 07:59:08 +0000 (07:59 +0000)]
utils: Add destroy_netlogon_creds_cli
This is a pure testing utility that will garble the netlogon_creds_cli
session_key. This creates a similar effect to our schannel credentials
as does a domain controller reboot.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Feb 21 19:02:56 CET 2018 on sn-devel-144
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 65e8edb382fbc7450919aad8b42cfcae9e779d11)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit b5ffa0e21f74fa0c452df38cf50e542eb278562d)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 17c48f26dea5701feed1c24769348f332695391c)
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 99859479fc6e12b2f74ce2dfa83da56d8b8f3d26)
Autobuild-User(v4-7-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-7-test): Fri Apr 20 16:43:11 CEST 2018 on sn-devel-144
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit f2ff61ce9e8ab56d8a69fce29c9f214d5d98f89e)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Feb 23 09:04:23 CET 2018 on sn-devel-144
Instead of doing a WINBINDD_GETDCNAME request (which would caused an error
because the implementation was removed in commit 958fdaf5c3ba17969a5110e6b2b08babb9096d7e), we sent the callers request
and interpreted the result as WINBINDD_GETDCNAME response, which
led to an empty dcname variable. As result the domain child
opened a connection to the primary domain in order to lookup
a dc.
If we want to connect the primary domain from the parent via
a domain child of the primary domain.
winbind: protect a pending wb_child_request against a talloc_free()
If the (winbind) client gave up we call TALLOC_FREE(state->mem_ctx)
in remove_client(). This triggers a recursive talloc_free() for all
in flight requests.
In order to maintain the winbindd parent-child protocol, we need
to keep the orphaned wb_simple_trans request until the parent
got the response from the child.
Volker Lendecke [Fri, 9 Feb 2018 09:27:55 +0000 (10:27 +0100)]
winbind: Improve child selection
This improves the situation when a client request blocks a winbind
child. This might be a slow samlogon or lookupnames to a domain that's
far away. With random selection of the child for new request coming in
we could end up with a long queue when other, non-blocked children
could serve those new requests. Choose the shortest queue.
This is an immediate and simple fix. Step two will be to have a
per-domain and not a per-child queue. Right now we're pre-selecting
the check-out queue at Fry's randomly without looking at the queue
length. With this change we're picking the shortest queue. The better
change will be what Fry's really does: One central queue and red/green
lights on the busy/free checkout counters.
which means that we take strlen_m(r->FileName1) before we pull
it off the wire. Not sure how to fix this, but that is clearly
broken pidl output. Once that is fixed, we can convert this
to ndr_pull_struct.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13382 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 18011343d80a28fb46894d712b22c84dce067342)
* Minor cleanup. wakeup_fd can always be gotten from the event context.
* Use smb_set_close_on_exec() in example code.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 6dd0a8c1a67922d1f893d5ef500861ec5e7c5a36)
Gary Lockyer [Sun, 10 Dec 2017 20:31:33 +0000 (09:31 +1300)]
lib/async_req/async_sock.c set socket close on exec
Set SOCKET_CLOEXEC on the sockets returned by accept. This ensures that
the socket is unavailable to any child process created by system().
Making it harder for malicious code to set up a command channel,
as seen in the exploit for CVE-2015-0240
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 8b3c58251146d2e982a6c9fdb3828ca65e307a96)
Gary Lockyer [Sun, 10 Dec 2017 20:17:49 +0000 (09:17 +1300)]
lib/tevent/echo_server.c set socket close on exec
Set SOCKET_CLOEXEC on the sockets returned by accept. This ensures that
the socket is unavailable to any child process created by system().
Making it harder for malicious code to set up a command channel,
as seen in the exploit for CVE-2015-0240
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 954eddd0b8c25424fd44bbd002ba36873fe2c8d4)
projects / thirdparty / samba.git / log
