Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Thu Jul 25 06:27:27 UTC 2024 on atb-devel-224
Jo Sutton [Wed, 17 Jul 2024 03:45:29 +0000 (15:45 +1200)]
selftest: Move MIT Kerberos knownfails to separate files in their own directory
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Jo Sutton <jsutton@samba.org>
Autobuild-Date(master): Tue Jul 23 23:47:43 UTC 2024 on atb-devel-224
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Jul 23 13:53:13 UTC 2024 on atb-devel-224
Martin Schwenke [Mon, 8 Jul 2024 07:57:27 +0000 (17:57 +1000)]
ctdb-daemon: Use ctdb_parse_node_address() in ctdbd
While here, fix a trivial memory leak (ctdbd will exit anyway if this
function fails).
Signed-off-by: Martin Schwenke <mschwenke@ddn.com> Reviewed-by: Anoop C S <anoopcs@samba.org>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Tue Jul 23 12:39:18 UTC 2024 on atb-devel-224
Martin Schwenke [Fri, 5 Jul 2024 08:07:36 +0000 (18:07 +1000)]
ctdb-daemon: Use ctdb_read_nodes() in ctdbd
ctdb_control_getnodesfile() calls ctdb_read_nodes(), which returns a
struct ctdb_node_map rather than the old version, so update associated
marshalling. While here modernise a debug message and wrap the
function arguments.
For ctdb_load_nodes_file() to use ctdb_read_nodes(), tweak
convert_node_map_to_list() to also use the modern node map structure.
Remove unused copy of ctdb_read_nodes_file().
Signed-off-by: Martin Schwenke <mschwenke@ddn.com> Reviewed-by: Anoop C S <anoopcs@samba.org>
Martin Schwenke [Fri, 5 Jul 2024 07:34:09 +0000 (17:34 +1000)]
ctdb-conf: Add a common node address handling module
These functions are intended to be used in ctdbd, the ctdb tool and
fake_ctdbd, replacing the different copies in each place.
ctdb_read_nodes() will replace ctdb_read_nodes_file(). The name
change is intentional - in future the location may be something other
than a simple filename.
The static copies of ctdb_read_nodes_file() and node_map_add() are
slightly sanitised versions of those in tools/ctdb.c, with a call to
ctdb_parse_node_address(). A bit more care is taken in node_map_add()
to avoid undefined behaviour if talloc_realloc() fails.
ctdb_parse_node_address() will replace ctdb_parse_address(). There is
an obvious argument change, since the ctdb context argument was
unused. It can only fail on an invalid node address, so return a
bool. This function might be changed later to allow the input address
string to include an optional port.
Where to put this module isn't entirely clear. It could go in common,
so be part of ctdb-util. However, if it later needs
ctdb-conf (e.g. to allow the node list location to be configurable)
then there would be a direct cyclic dependency. This is configuration
handling, so conf/ seems sane. However, I didn't want to put it into
the ctdb-conf target, since some code might need to parse a nodes list
but not need to parse ctdb.conf.
Signed-off-by: Martin Schwenke <mschwenke@ddn.com> Reviewed-by: Anoop C S <anoopcs@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Jul 19 11:13:28 UTC 2024 on atb-devel-224
"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source4/torture/ldap/cldapbench.c:40: var_decl: Declaring variable ""io"" without initializer.
samba-4.20.0rc2/source4/torture/ldap/cldapbench.c:45: uninit_use_in_call: Using uninitialized value ""io.in.map_response"" when calling ""cldap_netlogon_recv"".
43| TALLOC_CTX *tmp_ctx = talloc_new(NULL);
44| io.in.version = 6;
45|-> status = cldap_netlogon_recv(req, tmp_ctx, &io);
46| talloc_free(req);
47| if (NT_STATUS_IS_OK(status)) {"
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Jul 18 13:48:03 UTC 2024 on atb-devel-224
"Error: UNINIT (CWE-457):
samba-4.20.0rc2/examples/winexe/winexesvc.c:60: var_decl: Declaring variable ""ea"" without initializer.
samba-4.20.0rc2/examples/winexe/winexesvc.c:86: uninit_use_in_call: Using uninitialized value ""ea"". Field ""ea.Trustee.pMultipleTrustee"" is uninitialized when calling ""SetEntriesInAclA"".
84|
85| /* Create a new ACL that contains the new ACEs */
86|-> dwRes = SetEntriesInAcl(1, &ea, NULL, &pACL);
87| if (ERROR_SUCCESS != dwRes) {
88| dbg(""SetEntriesInAcl Error %lu\n"", GetLastError());"
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
s4:torture: Add new LSA test_query_forest_trust_info()
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Jul 18 12:36:25 UTC 2024 on atb-devel-224
selftest: Remove samba4.rpc.lsa.forest.trust from knownfail
The test needs --option="torture:Forest_Trust_Dom2_Binding=..." in order
to be useful, so the skip is correct, but the knownfail entry should
have been removed with e5163dfd57694351bf556565e92f74b71221db29.
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
python:tests: make test_export_keytab_nochange_update() more reliable
net.export_keytab() includes the current timestamp into the resulting
keytab. So we need to make sure the two compared exports actually
run within the same second.
And klist may also print the keytab filename...
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Jul 17 14:21:30 UTC 2024 on atb-devel-224
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Jul 17 11:17:54 UTC 2024 on atb-devel-224
Pavel Filipenský [Tue, 23 Jan 2024 09:01:35 +0000 (10:01 +0100)]
s3:lib: Fix a typo in MACRO
DEBUG_PASSWORDS --> DEBUG_PASSWORD
Signed-off-by: Pavel Filipenský <pfilipensky@samba.org> Reviewed-by: Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Pavel Filipensky <pfilipensky@samba.org>
Autobuild-Date(master): Wed Jul 17 08:49:46 UTC 2024 on atb-devel-224
Martin Schwenke [Thu, 11 Jul 2024 02:14:07 +0000 (12:14 +1000)]
ctdb-tests: Correctly handle adding a deleted node at the end
The current fake_ctdbd code for reloading the nodes file overruns the
allocation when adding a deleted node at the end. This is a very
unlikely case, but it might as well work.
Check the size of the internal node map when marking a node deleted.
Also, update the code that adds a node to correctly set the deleted
flag when appropriate.
The included test case tests this.
Signed-off-by: Martin Schwenke <mschwenke@ddn.com> Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Wed Jul 17 00:06:53 UTC 2024 on atb-devel-224
s3:modules: Make nread a size_t and check for possible overflow
"Error: INTEGER_OVERFLOW (CWE-190):
samba-4.20.0rc2/source3/modules/vfs_preopen.c:215: tainted_data_return: Called function ""read(sock_fd, namebuf + nread, talloc_get_size(namebuf) - nread)"", and a possible return value may be less than zero.
samba-4.20.0rc2/source3/modules/vfs_preopen.c:215: assign: Assigning: ""thistime"" = ""read(sock_fd, namebuf + nread, talloc_get_size(namebuf) - nread)"".
samba-4.20.0rc2/source3/modules/vfs_preopen.c:221: overflow: The expression ""nread"" is considered to have possibly overflowed.
samba-4.20.0rc2/source3/modules/vfs_preopen.c:215: overflow: The expression ""talloc_get_size(namebuf) - nread"" is deemed overflowed because at least one of its arguments has overflowed.
samba-4.20.0rc2/source3/modules/vfs_preopen.c:215: overflow_sink: ""talloc_get_size(namebuf) - nread"", which might have underflowed, is passed to ""read(sock_fd, namebuf + nread, talloc_get_size(namebuf) - nread)"". [Note: The source code implementation of the function has been overridden by a builtin model.]
213| ssize_t thistime;
214|
215|-> thistime = read(sock_fd, namebuf + nread,
216| talloc_get_size(namebuf) - nread);
217| if (thistime <= 0) {"
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
lib:util: Move open() of /dev/null into the if-clause
"Error: RESOURCE_LEAK (CWE-772):
samba-4.20.0rc2/lib/util/close_low_fd.c:40: open_fn: Returning handle opened by ""open"". [Note: The source code implementation of the function has been overridden by a user model.]
samba-4.20.0rc2/lib/util/close_low_fd.c:40: var_assign: Assigning: ""dev_null"" = handle returned from ""open(""/dev/null"", 2, 0)"".
samba-4.20.0rc2/lib/util/close_low_fd.c:52: overwrite_var: Overwriting handle ""dev_null"" in ""dev_null = open(""/dev/null"", 2, 0)"" leaks the handle.
50| }
51|
52|-> dev_null = open(""/dev/null"", O_RDWR, 0);
53| if (dev_null == -1) {
54| dev_null = open(""/dev/null"", O_WRONLY, 0);"
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
python:tests: pass bytes.decode() instead of str(bytes) to assertMultiLineEqual() to get better failure output
When not equal a diff of the two strings highlighting the differences
will be included this way.
This is a flapping test.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Jul 16 07:40:41 UTC 2024 on atb-devel-224
python:tests: Use assertMultiLineEqual() to get better failure output
When not equal a diff of the two strings highlighting the differences
will be included this way.
This is a flapping test.
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Jul 15 13:51:03 UTC 2024 on atb-devel-224
smbd: Show blk and chr devices as nfs reparse points
Can't test these in selftest, we can't create devices and I don't want
us to depend on /dev to exist. Tested manually on a system where
/dev/null exists:
Try "help" to get a list of possible commands.
smb: \> allinfo null
altname: null
create_time: Fri Jun 21 02:45:59 PM 2024 CEST
access_time: Fri Jun 21 02:45:59 PM 2024 CEST
write_time: Fri Jun 21 02:45:59 PM 2024 CEST
change_time: Fri Jun 21 02:45:59 PM 2024 CEST
attributes: (480)
stream: [::$DATA], 0 bytes
0x80000014 (IO_REPARSE_TAG_NFS)
0x524843 (NFS_SPECFILE_CHR)
1/3
smb: \>
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jul 12 21:36:16 UTC 2024 on atb-devel-224
Change an automated sizeof() call in the pidl dissector generation from
prefixing a "g" to getting the actual C type.
Ping #19116
Signed-off-by: John Thacker <johnthacker@gmail.com> Reviewed-by: Jo Sutton <josutton@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Jul 12 11:08:03 UTC 2024 on atb-devel-224
pidl: Don't assign hash undef, assign it an empty array
Perl works, but complains if warnings are on, if a hash is
initialized to undef instead of to empty. Upstream Samba turned on
warnings in the next commit to catch things like this.
Signed-off-by: John Thacker <johnthacker@gmail.com> Reviewed-by: Jo Sutton <josutton@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org>
This moves about 56 kBytes of data from a read-write data section to read-only.
The various dissectors were _not_ regenerated for this commit. Instead, this
commit was produced using the following command:
find * -type f -exec sed -i -e 's/\(["'\'']\|^\)static dcerpc_sub_dissector/\1static const dcerpc_sub_dissector/' \{\} \;
This updates the generator script and its test, as well as making an identical
change to all of the dissectors, regardless of whether or not those dissectors
were produced by the generator script.
Signed-off-by: John Thacker <johnthacker@gmail.com> Reviewed-by: Jo Sutton <josutton@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Remove init of proto, header field, expert info and subtree variables.
This will reduces the binary size by approximate 1266320 bytes due to
using .bss to zero-initialize the fields.
The conversion is done using the tools/convert-proto-init.py script
Signed-off-by: John Thacker <johnthacker@gmail.com> Reviewed-by: Jo Sutton <josutton@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org>
This is to fix the error when pushing to personal gitlab repo:
2024-07-04 08:16:05,460 Running: 'git clone --recursive --shared /builds/pfilipen/samba /builds/samba-testbase/master' in '/builds/pfilipen/samba'
Cloning into '/builds/samba-testbase/master'...
fatal: detected dubious ownership in repository at '/builds/pfilipen/samba/.git'
To add an exception for this directory, call:
git config --global --add safe.directory /builds/pfilipen/samba/.git
fatal: Could not read from remote repository.
Instead of adding more and more explicit repositories
we should just allow any, we're in an isolated environment...
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Pavel Filipenský <pfilipensky@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Jul 10 10:35:00 UTC 2024 on atb-devel-224
Douglas Bagnall [Fri, 5 Jul 2024 02:31:58 +0000 (14:31 +1200)]
cmdline:burn: list commands to always burn; warn on unknown
We burn arguments to all unknown options containing "pass" (e.g.
"--passionate=false") in case they are a password option, but is bad
in the case where the unknown option takes no argument but the next
option *is* a password (like "--overpass --password2 barney". In that
case "--password2" would be burnt and not "barney".
The burning behaviour doesn't change with this commit, but users will now
see an error message explaining that the option was unknown. This is not
so much aimed at end users -- for who an invalid option will hopefully
lead to --help like output -- but to developers who add a new "pass"
option.
This also slightly speeds up the processing of known password options,
which is a little bit important because we are in a race to replace the
command line in /proc before an attacker sees it.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Wed Jul 10 06:28:08 UTC 2024 on atb-devel-224
Anoop C S [Mon, 8 Jul 2024 07:24:06 +0000 (12:54 +0530)]
vfs_ceph: Disable the module on unsupported Ceph versions
For the last major release(v4.20) we had a warning issued(fe16ae1fe834)
to inform about the plan to disable building vfs_ceph in the absence of
certain required APIs. This is now due to make the changes and further
disable building the module if minimum required libcephfs APIs are not
present. As we speak this requirement includes ceph_select_filesystem()
and *at() variants of libcephfs APIs. These were around since v17(even
earlier for ceph_select_filesystem) which is the lowest non-EOL version
of Ceph available[1] at the moment.
Signed-off-by: Anoop C S <anoopcs@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): Anoop C S <anoopcs@samba.org>
Autobuild-Date(master): Tue Jul 9 13:05:47 UTC 2024 on atb-devel-224
ldap_server: Add a ldapsrv debug class to log LDAP queries
Patch updated for recent samba versions in merge request #3295 by kvvloten
Initial patch created by Jeremy Allison (https://www.spinics.net/lists/samba/msg161128.html) to log LDAP server queries/functions in a separate file
Signed-off-by: Andréas Leroux <aleroux@tranquil.it> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Jul 9 08:37:22 UTC 2024 on atb-devel-224
"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source3/rpc_server/svcctl/srv_svcctl_nt.c:163: var_decl: Declaring variable ""ace"" without initializer.
samba-4.20.0rc2/source3/rpc_server/svcctl/srv_svcctl_nt.c:182: uninit_use_in_call: Using uninitialized value ""*ace"". Field ""ace->object"" is uninitialized when calling ""make_sec_acl"".
180| /* create the security descriptor */
181|
182|-> if ( !(theacl = make_sec_acl(ctx, NT4_ACL_REVISION, i, ace)) )
183| return NULL;
184|"
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Jul 8 08:37:46 UTC 2024 on atb-devel-224
projects / thirdparty / samba.git / log
