[Pkg-samba-maint] [Git][samba-team/samba][master] 73 commits: smbd: call exit_server_cleanly() to avoid panicking
Michael Tokarev (@mjt)
gitlab at salsa.debian.org
Wed Aug 16 18:46:30 BST 2023
Michael Tokarev pushed to branch master at Debian Samba Team / samba
Commits:
36bb9480 by Ralph Boehme at 2023-07-06T11:56:19+00:00
smbd: call exit_server_cleanly() to avoid panicking
The parent smdb forwards SIGTERM to its process group in order to kill all
children like the scavenger. This happens from a function registered via
atexit() which means the signal forwarding is happening very briefly before the
main smbd process exits. When exiting the pipe between smbd and scavenger is
closed which triggers a file event in the scavenger.
However, due to kernel sheduling it is possible that the file descriptor event
is received before the signal, where we call exit_server() which call
smb_panic() at the end.
Change the exit to exit_server_cleanly() and just log this event at level 2
which we already do.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15275
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Wed Jul 5 13:14:08 UTC 2023 on atb-devel-224
(cherry picked from commit 083fe1c28c6ec69cbd15d8cc2f7f06b1b630f2bc)
- - - - -
bdaf1b1c by Stefan Metzmacher at 2023-07-06T11:56:19+00:00
s3:libads: re-initialize num_requests to 0 for cldap_ping_list retries
Commit 8132edf119757ee91070facffef016c93de9c2a6 introduced a retry loop
arround cldap_multi_netlogon(), but it forgot to reset num_requests to 0
for the retries.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15416
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Wed Jul 5 11:17:43 UTC 2023 on atb-devel-224
(cherry picked from commit 6965e77268e1abfc21f1793c7cd006444938ac03)
- - - - -
3b2f3cf8 by Stefan Metzmacher at 2023-07-06T11:56:19+00:00
s3:winbindd: call reset_cm_connection_on_error() in wb_cache_query_user_list()
This is mostly for consistency, every remote call should call
reset_cm_connection_on_error(). Note this is more than
a simple invalidate_cm_connection() as it may set
domain->conn.netlogon_force_reauth = true.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15413
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit cb59fd43bbf758e4bad774cfc19ef87b157052c2)
- - - - -
156bafb2 by Stefan Metzmacher at 2023-07-06T11:56:19+00:00
s3:winbindd: make use of reset_cm_connection_on_error() for winbindd_lookup_{names,sids}()
Note this is more than a simple invalidate_cm_connection() as it may set
domain->conn.netlogon_force_reauth = true.
This is not strictly needed as the callers call
reset_cm_connection_on_error() via reconnect_need_retry().
But it might avoid one roundtrip.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15413
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit 4ad5a35a3f67860aa7a1345efcfc92fe40578e31)
- - - - -
12043529 by Stefan Metzmacher at 2023-07-06T11:56:19+00:00
s3:winbindd: let winbind_samlogon_retry_loop() always start with authoritative = 1
Otherwise we could treat a local problem as non-authoritative.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15413
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit 0cb6de4b1d5410f3699172952be81c6eb75c2c86)
- - - - -
ddd61699 by Stefan Metzmacher at 2023-07-06T11:56:19+00:00
s3:winbindd: make use of reset_cm_connection_on_error() in winbind_samlogon_retry_loop()
Note this is more than a simple invalidate_cm_connection() as it may set
domain->conn.netlogon_force_reauth = true, which is important in order
to recover from NT_STATUS_RPC_SEC_PKG_ERROR errors.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15413
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit b317b10dffd99d1add3ff0b85b958edd9639abc8)
- - - - -
9b25d901 by Stefan Metzmacher at 2023-07-06T13:01:55+00:00
s3:winbindd: let winbind_samlogon_retry_loop() fallback to NT_STATUS_NO_LOGON_SERVERS
When we were not able to get a valid response from any DC we should
report NT_STATUS_NO_LOGON_SERVERS with authoritative = 1.
This matches what windows does. In a chain of transitive
trusts the ACCESS_DENIED/authoritative=0 is not propagated,
instead NT_STATUS_NO_LOGON_SERVERS/authoritative=1 is
passed along the chain if there's no other DC is available.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15413
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit 50e771c12f84f9268c2e9ddeef0965f79f85de3d)
Autobuild-User(v4-18-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-18-test): Thu Jul 6 13:01:55 UTC 2023 on atb-devel-224
- - - - -
10828732 by Jule Anger at 2023-07-19T17:01:18+02:00
Merge tag 'samba-4.18.5' into v4-18-test
samba: tag release samba-4.18.5
- - - - -
9100d5ac by Jule Anger at 2023-07-19T17:04:23+02:00
VERSION: Bump version up to Samba 4.18.6...
and re-enable GIT_SNAPSHOT.
Signed-off-by: Jule Anger <janger at samba.org>
- - - - -
5ac859e9 by Günther Deschner at 2023-07-19T15:14:13+00:00
s3-net: no secrets access required when processing a ODJ provisioning
It should be possible to call "net offlinejoin provision" as non-root,
no access to secrets.tdb required in that case.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15414
Guenther
Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Günther Deschner <gd at samba.org>
Autobuild-Date(master): Wed Jul 5 09:23:22 UTC 2023 on atb-devel-224
(cherry picked from commit bf7fbf7e2b675145e25ce7bffc29abbf44c35540)
- - - - -
96793d42 by Ralph Boehme at 2023-07-19T16:23:17+00:00
smbd: don't leak the fsp if close_file_smb() fails
This can happen if DELETE-ON-CLOSE is set, but the deletion fails for some
reason.
The bug was introduced by 1808e5c133474eabc9d3cf91c2a92ec4d92d9fdd.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15417
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Mon Jul 10 21:32:32 UTC 2023 on atb-devel-224
(cherry picked from commit 4da50463e1b75c06d5f8c066e8b4eff48186afb0)
Autobuild-User(v4-18-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-18-test): Wed Jul 19 16:23:17 UTC 2023 on atb-devel-224
- - - - -
14ce7756 by Noel Power at 2023-07-24T10:19:13+00:00
python/samba: Adjust tarfile extraction filter
The 'data_filter' is far too restrictive, this filter doesn't apply any
mode bits to directories which in turn will result in unexpected
directory permissions of the amongst others msg.[ls]ock directories.
With 'data_filter' and a 'patched' python at best we experience
CI failures with samba-ad-back1 & samba-ad-back2 CI jobs due to server
startup failures, at worst user/admins will need to adjust directory
permissions post backup.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15390
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit e401ae44b2f952fc2686065fbfb3a563e3d4066a)
Autobuild-User(v4-18-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-18-test): Mon Jul 24 10:19:13 UTC 2023 on atb-devel-224
- - - - -
c052d8bd by Pavel Filipenský at 2023-07-28T12:41:12+00:00
s3:tests: Add rpcclient 'dfsgetinfo' test
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15400
Signed-off-by: Pavel Filipenský <pfilipensky at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 2af9c65f2a17ace4e1021b5c8fd6df636c904cfe)
- - - - -
19e110d7 by Pavel Filipenský at 2023-07-28T12:41:12+00:00
s3:rpc_server: Initialize consumedcnt to 0 in _dfs_GetInfo()
Signed-off-by: Pavel Filipenský <pfilipensky at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 8c10f53928653d02bbb75d6ab05510e87ee97420)
- - - - -
aa2af3c0 by Pavel Filipenský at 2023-07-28T12:41:12+00:00
s3:rpc_server: Fix double blackslash issue in dfs path
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15400
Signed-off-by: Pavel Filipenský <pfilipensky at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Jul 5 20:24:35 UTC 2023 on atb-devel-224
(cherry picked from commit 6f073f258f1f4f03a8eb568ea05be78fdbec49eb)
- - - - -
c1c2a0ec by Pavel Filipenský at 2023-07-28T13:37:01+00:00
s3:winbindd: Fix double close(fd)
Reported by Red Hat internal coverity
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15433
Signed-off-by: Pavel Filipenský <pfilipensky at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Pavel Filipensky <pfilipensky at samba.org>
Autobuild-Date(master): Tue Jul 25 12:08:49 UTC 2023 on atb-devel-224
(cherry picked from commit dd998cc163358edd6c748e40900247877f91eb1f)
Autobuild-User(v4-18-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-18-test): Fri Jul 28 13:37:01 UTC 2023 on atb-devel-224
- - - - -
160b7dc0 by Ralph Boehme at 2023-07-31T08:05:13+00:00
mdssvc: set query state for continued queries to SLQ_STATE_RUNNING
SLQ_STATE_RESULTS implies that there are already results attached to the slq
which is not the case. Instead the backend will start processing from where it
left off when it hits the maximum result limit and had set the state to
SLQ_STATE_FULL.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15342
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 4149ef97e5906604be1587622f390f121db183e2)
- - - - -
7d5e9f5f by Ralph Boehme at 2023-07-31T08:05:13+00:00
mdssvc: fix long running backend queries
If a query is still running in the backend and we have no results yet, returning
0 triggers a search termination by the client in latest macOS releases. macOS
returns 0x23 in this case.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15342
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 925fefae20e52a3c89a56bdd0cd5b98cc951db5f)
- - - - -
60fdb3ad by Ralph Boehme at 2023-07-31T08:05:13+00:00
mdssvc: add and use SL_PAGESIZE
SL_PAGESIZE is the number of entries we want to process per paged search result
set. This is different from MAX_SL_RESULTS which ought to be a default maximum
value for total number of results returned for a search query.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15342
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 086c2602d074d4dc0d44f5534857e5f59a8690b2)
- - - - -
39c2b556 by Ralph Boehme at 2023-07-31T08:05:14+00:00
mdssvc: fix enforcement of "elasticsearch:max results"
This wasn't enforced at all thus a query would return all available matches
without limit.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15342
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit d8fa5c8e2a1794ea8dc663485315ebd9401b2628)
- - - - -
3036f3cb by Ralph Boehme at 2023-07-31T08:05:14+00:00
tests/mdssvc: match hits:total:value to be the actual amount of entries in hits
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15342
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 7f5e4edf64f7e4175f652bf8762d4edc110ad6b1)
- - - - -
590c9164 by Ralph Boehme at 2023-07-31T08:05:14+00:00
mdssvc: reduce pagesize to 50
Lastest macOS queries additional file metadata per search result, which causes
the mashalled paged result set including metadata to exceed the 64 KB result
fragment buffer.
Lacking fragementation support in mdssvc (it's supported by the protocol), for
now just reduce the maximum number of results per search page.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15342
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 724a0518c901589fe1171d94648391832e056f4d)
- - - - -
aa4db8a3 by Ralph Boehme at 2023-07-31T08:05:14+00:00
mdssvc: prepare for returning timestamps with sub-seconds granularity
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15427
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 9dc66fecf7c1743d264c5c4f8978b77bab75ed86)
- - - - -
f4a33735 by Ralph Boehme at 2023-07-31T08:05:14+00:00
mdssvc: fix date marshalling
Did this ever work? Possible just copied over from Netatalk and was always
broken... The Mac client expects the timevalue as seconds relative to
2001-01-01 00:00:00 UTC, packed as IEEE float.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15427
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 620ca1e68d02be45a94aa41217a141d211fceb1f)
- - - - -
35573c04 by Ralph Boehme at 2023-07-31T09:11:21+00:00
mdssvc: fix returning file modification date for older Mac releases
Mac 10.10 uses kMDItemContentModificationDate instead of
kMDItemFSContentChangeDate.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15427
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Jul 26 23:42:44 UTC 2023 on atb-devel-224
(cherry picked from commit c2e83ebe726b7bc42b329198214c784936f19888)
Autobuild-User(v4-18-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-18-test): Mon Jul 31 09:11:21 UTC 2023 on atb-devel-224
- - - - -
3b3b92f5 by Arvid Requate at 2023-08-01T09:53:17+00:00
For Bug #9959: local talloc frame for next commit
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9959
Signed-off-by: Arvid Requate <requate at univention.de>
[abartlet at samba.org Added additional talloc_free() in failure paths]
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit b6e80733c3a589f9d784eec86fc713f1ec9c1049)
- - - - -
364730e9 by Arvid Requate at 2023-08-01T09:53:17+00:00
Bug #9959: Don't search for CN=System
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9959
Signed-off-by: Arvid Requate <requate at univention.de>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 2d461844a201fbca55ebc9a46a15e1d16048055b)
- - - - -
c14fbf24 by Andrew Bartlett at 2023-08-01T09:53:17+00:00
dsdb: Add new function samdb_system_container_dn()
This will replace many calls crafting or searching for this DN
elsewhere in the code.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9959
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 25b0e1102e1a502152d2695aeddf7c65555b16fb)
- - - - -
820752e3 by Andrew Bartlett at 2023-08-01T09:53:17+00:00
dsdb: Use samdb_system_container_dn() in samldb.c
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9959
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 97b682e0eb0450513dcecb74be672e18e84fe7a2)
- - - - -
8e45b202 by Andrew Bartlett at 2023-08-01T09:53:17+00:00
dsdb: Use samdb_get_system_container_dn() to get Password Settings Container
By doing this we use the common samdb_get_system_container_dn() routine and we
avoid doing a linerize and parse step on the main DN, instead using the
already stored parse of the DN. This is more hygenic.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9959
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 3669caa97f76d3e893ac6a1ab88341057929ee6a)
- - - - -
32704194 by Andrew Bartlett at 2023-08-01T09:53:17+00:00
s4-rpc_server/lsa: Use samdb_system_container_dn() in dcesrv_lsa_get_policy_state()
This is now exactly the same actions, but just uses common code to do it.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9959
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 4e18066fa243da1c505f782ba87187c3bb1078ee)
- - - - -
c3595310 by Andrew Bartlett at 2023-08-01T09:53:17+00:00
s4-rpc_server/netlogon: Use samdb_system_container_dn() in fill_trusted_domains_array()
This is now exactly the same actions, but just uses common code to do it.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9959
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit a900f6aa5d909d912ee3ca529baa4047c9c4da87)
- - - - -
ae64a438 by Andrew Bartlett at 2023-08-01T09:53:17+00:00
s4-rpc_server/backupkey: Use samdb_system_container_dn() in set_lsa_secret()
This is now exactly the same actions, but just uses common code to do it.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9959
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 13eed1e0e7d0bdef6b5cdb6b858f124b812adbea)
- - - - -
5f908aef by Andrew Bartlett at 2023-08-01T09:53:17+00:00
s4-rpc_server/backupkey: Use samdb_system_container_dn() in get_lsa_secret()
This is now exactly the same actions, but just uses common code to do it.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9959
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 9b4f3f3cb4ed17bb233d3b5ccd191be63f01f3f4)
- - - - -
da03582f by Andrew Bartlett at 2023-08-01T09:53:17+00:00
dsdb: Use samdb_system_container_dn() in dsdb_trust_*()
This is now exactly the same actions, but just uses common code to do it.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9959
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 4250d07e4dcd43bf7450b1ae603ff46fdc892d02)
- - - - -
ed62f4fa by Andrew Bartlett at 2023-08-01T10:57:04+00:00
dsdb: Use samdb_system_container_dn() in pdb_samba_dsdb_*()
This makes more calls to add children, but avoids the cn=system string in the
codebase which makes it easier to audit that this is always being built
correctly.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Mon Jul 31 07:20:21 UTC 2023 on atb-devel-224
(cherry picked from commit 5571ce9619d856d3c9545099366f4e0259aee8ef)
RN: A second container with name CN=System would disable the operation
of the Samba AD DC. Samba now finds the CN=System container by exact
DN and not a search.
Autobuild-User(v4-18-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-18-test): Tue Aug 1 10:57:04 UTC 2023 on atb-devel-224
- - - - -
e50f377b by Noel Power at 2023-08-03T07:42:17+00:00
selftest: Add new dfs share (with widelinks enabled)
Adds share (to be used in later test) that has dfs node
but additionally has widelinks set to yes
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15435
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit b57cdfd7efb161cf96b3a39dc7a1652db817e602)
- - - - -
5db858c1 by Noel Power at 2023-08-03T07:42:17+00:00
sefltest: Add new regression test dfs with widelinks = yes
Adds a new test trying to cd into dfs path on share with
widelinks enabled, should generate an error (see BUG:)
Add a knownfail so CI continues
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15435
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 3d2e9db8b95f9f45d486f8272e53584975f177fa)
- - - - -
e949750d by Noel Power at 2023-08-03T07:42:17+00:00
s3/modules: Add flag indicating if connected share is a dfs share
Not used yet, will be used in the next commit to avoid testing
if the connected share is a dfs one.
Pair-Programmed-With: Jeremy Alison <jra at samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15435
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 2668dcd0968133cca4f8410bf8c41ed0483f5d87)
- - - - -
c40f1619 by Noel Power at 2023-08-03T08:44:47+00:00
s3/modules: Fix DFS links when widelinks = yes
In openat(), even if we fail to open the file,
propagate stat if and only if the object is a link in
a DFS share. This allows calling code to further process
the link.
Also remove knownfail
Pair-Programmed-With: Jeremy Alison <jra at samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15435
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Sat Jul 29 00:43:52 UTC 2023 on atb-devel-224
(cherry picked from commit 0bf8b25aacdf2f5c746922320b32e3f0886c81f5)
Autobuild-User(v4-18-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-18-test): Thu Aug 3 08:44:47 UTC 2023 on atb-devel-224
- - - - -
7f87d028 by Andrew Bartlett at 2023-08-04T07:02:15+00:00
lib/cmdline: Return if the commandline was redacted in samba_cmdline_burn()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15289
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
(cherry picked from commit 848fea1a01a4ddc1598150823d5d0784d3ef0be4)
- - - - -
2ed39136 by Andrew Bartlett at 2023-08-04T07:02:15+00:00
python: Move PyList_AsStringList to common code so we can reuse
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15289
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
(cherry picked from commit fd81759e2ed44cac3bc67243a39256f953969103)
- - - - -
534425ba by Andrew Bartlett at 2023-08-04T07:02:15+00:00
python: Remove const from PyList_AsStringList()
The returned strings are not owned by python, so need not be const.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15289
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
(cherry picked from commit 5afd206d1d8f0344a2f1fa7a238204d1fb164eda)
- - - - -
8c2c1b54 by Andrew Bartlett at 2023-08-04T07:02:15+00:00
python: Add glue.burn_commandline() method
This uses samba_cmdline_burn() to as to have common
command line redaction code.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15289
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
(cherry picked from commit 3f9e455898554b726bf1689f743b2d9cb6b59537)
- - - - -
e724909a by Andrew Bartlett at 2023-08-04T07:02:15+00:00
samba-tool: Use samba.glue.get_burnt_cmdline rather than regex
This use avoids having two different methods to match on command-line
passwords. We already have a dependency on the setproctitle python
module, and this does not change as the (C) libbsd setproctitle()
can't be run from within a python module.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15289
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
(cherry picked from commit a53ebc288f47329c997d52325eeeb5e91ce43b75)
- - - - -
c11b6d6b by Andrew Bartlett at 2023-08-04T07:02:15+00:00
lib/cmdline: Also burn the --password2 parameter if given
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15289
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
(cherry picked from commit 414b3803bb6a1b12c44b52ab1ff64a8b7f61fd03)
- - - - -
e9114241 by Andrew Bartlett at 2023-08-04T08:05:00+00:00
lib/cmdline: Also redact --newpassword in samba_cmdline_burn()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15289
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Fri Jul 21 06:16:30 UTC 2023 on atb-devel-224
(cherry picked from commit 76ad44f446c42832e87b2c60a4731a8de3a0018f)
RN: post-exec password redaction for samba-tool is more reliable for
fully random passwords as it no longer uses regular expressions
containing the password value itself.
Autobuild-User(v4-18-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-18-test): Fri Aug 4 08:05:00 UTC 2023 on atb-devel-224
- - - - -
cf7a0c9d by Stefan Metzmacher at 2023-08-08T11:43:09+00:00
vfs_aio_pthread: don't crash without a pthreadpool
During 'samba-tool ntacl sysvolreset' and similar.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15441
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 3694f2ce6205a647eb5dab2115785fb45decaf0b)
- - - - -
bace04c3 by Jones Syue at 2023-08-08T11:43:09+00:00
vfs_aio_pthread: fix segfault if samba-tool ntacl get
If configured as AD DC and aio_pthread appended into 'vfs objects'[1],
run these commands would get segfault:
1. sudo samba-tool ntacl get .
2. sudo net vfs getntacl sysvol .
gdb said it goes through aio_pthread_openat_fn() @ vfs_aio_pthread.c[2],
and the fsp->conn->sconn->client is null (0x0).
'sconn->client' memory is allocated when a new connection is accpeted:
smbd_accept_connection > smbd_process > smbXsrv_client_create
While running local commands looks like it would not go through
smbXsrv_client_create so the 'client' is null, segfault might happen.
We should not dereference 'client->server_multi_channel_enabled',
if 'client' is null.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15441
[1] smb.conf example, samba-4.18.5, ubuntu 22.04.2
[global]
dns forwarder = 127.0.0.53
netbios name = U22-JONES-88X1
realm = U22-JONES-88X1.X88X1.JONES
server role = active directory domain controller
workgroup = X88X1
idmap_ldb:use rfc2307 = yes
vfs objects = dfs_samba4 acl_xattr aio_pthread
[sysvol]
path = /var/lib/samba/sysvol
read only = No
[netlogon]
path = /var/lib/samba/sysvol/u22-jones-88x1.x88x1.jones/scripts
read only = No
[2] gdb
(gdb) run /usr/local/samba/bin/samba-tool ntacl get .
Starting program: /usr/local/Python3/bin/python3 /usr/local/samba/bin/samba-tool ntacl get .
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/libthread_db.so.1".
Program received signal SIGSEGV, Segmentation fault.
0x00007fffd0eb809e in aio_pthread_openat_fn (handle=0x8d5cc0, dirfsp=0x8c3070, smb_fname=0x18ab4f0, fsp=0x1af3550, flags=196608, mode=0)
at ../../source3/modules/vfs_aio_pthread.c:467
warning: Source file is more recent than executable.
467 if (fsp->conn->sconn->client->server_multi_channel_enabled) {
(gdb) bt
at ../../source3/modules/vfs_aio_pthread.c:467
at ../../source3/smbd/pysmbd.c:320
---Type <return> to continue, or q <return> to quit---
(gdb) f
at ../../source3/modules/vfs_aio_pthread.c:467
467 if (fsp->conn->sconn->client->server_multi_channel_enabled) {
(gdb) p fsp->conn->sconn->client
$1 = (struct smbXsrv_client *) 0x0
(gdb)
Signed-off-by: Jones Syue <jonessyue at qnap.com>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 8f4c1c67b4f118a9a47b09ac7908cd3d969b19c2)
- - - - -
f2604db1 by Stefan Metzmacher at 2023-08-08T11:43:09+00:00
s4:torture/ndr: add tests for DCERPC_PKT_CO_CANCEL and DCERPC_PKT_ORPHANED
The PDUs were generated by Windows clients.
And we fail to parse them currently.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15446
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit c37adb762640b7df9731d6a60edce808aa8787f8)
- - - - -
30f317cf by Stefan Metzmacher at 2023-08-08T11:43:09+00:00
librpc/rpc: let dcerpc_read_ncacn_packet_next_vector() handle fragments without any payload
DCERPC_PKT_CO_CANCEL and DCERPC_PKT_ORPHANED don't have any payload by
default. In order to receive them via dcerpc_read_ncacn_packet_send/recv
we need to allow fragments with frag_len == DCERPC_NCACN_PAYLOAD_OFFSET.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15446
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit 5c724a3e156ae734e4d187bf9639d895bb011834)
- - - - -
1b3197ff by Stefan Metzmacher at 2023-08-08T12:56:30+00:00
dcerpc.idl: fix definitions for DCERPC_PKT_CO_CANCEL and DCERPC_PKT_ORPHANED payload
It seems commit 259129e8f4bc8cacd1850eba3f6551134835d079 was partly just
fantasy...
Windows clients just use 16 bytes for DCERPC_PKT_CO_CANCEL and
DCERPC_PKT_ORPHANED pdus.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15446
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Tue Aug 8 08:57:46 UTC 2023 on atb-devel-224
(cherry picked from commit 9ec22e680249cfde06fb1a0a34fcc94d1f47002d)
Autobuild-User(v4-18-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-18-test): Tue Aug 8 12:56:30 UTC 2023 on atb-devel-224
- - - - -
aec49671 by Stefan Metzmacher at 2023-08-11T08:48:12+00:00
s4:torture/smb2: let torture_smb2_con_sopt() use smb2_connect()
There's no need for smb2_connect_ext().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15346
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit ade663ee6ca1a2813b203ea667d933f4dab9e7b7)
- - - - -
208bece1 by Stefan Metzmacher at 2023-08-11T08:48:12+00:00
s4:torture/smb2: let us have a common torture_smb2_con_share()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15346
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit dc5a500f0a76720b2a5cb5b1142cf4c35cb6bdea)
- - - - -
76c6234a by Stefan Metzmacher at 2023-08-11T08:48:12+00:00
s4:torture/smb2: make it possible to pass existing_conn to smb2_connect_ext()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15346
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 2b93058be3f6e5eaee239ad3b0e707c62089d18e)
- - - - -
28e68be9 by Stefan Metzmacher at 2023-08-11T08:48:12+00:00
s4:torture/smb2: add smb2.multichannel.bugs.bug_15346
This demonstrates the race quite easily against
Samba and works fine against Windows Server 2022.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15346
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 4028d6582907cf582730ceec56872d8584ad02e6)
- - - - -
4dcefc01 by Stefan Metzmacher at 2023-08-11T08:48:12+00:00
s3:smbd: always clear filter_subreq in smb2srv_client_mc_negprot_next()
Commit 5d66d5b84f87267243dcd5223210906ce589af91 introduced a
'verify_again:' target, if we ever hit that, we would leak
the existing filter_subreq.
Moving it just above a possible messaging_filtered_read_send()
will allow us to only clear it if we actually create a new
request. That will help us in the next commits.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15346
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 50d61e5300250922bf36bb699306f82dff6a00b9)
- - - - -
cd866f5c by Stefan Metzmacher at 2023-08-11T09:49:53+00:00
s3:smbd: fix multichannel connection passing race
If a client opens multiple connection with the same
client guid in parallel, our connection passing is likely
to hit a race.
Assume we have 3 processes:
smbdA: This process already handles all connections for
a given client guid
smbdB: This just received a new connection with an
SMB2 neprot for the same client guid
smbdC: This also received a new connection with an
SMB2 neprot for the same client guid
Now both smbdB and smbdC send a MSG_SMBXSRV_CONNECTION_PASS
message to smbdA. These messages contain the socket fd
for each connection.
While waiting for a MSG_SMBXSRV_CONNECTION_PASSED message
from smbdA, both smbdB and smbdC watch the smbXcli_client.tdb
record for changes (that also verifies smbdA stays alive).
Once one of them say smbdB received the MSG_SMBXSRV_CONNECTION_PASSED
message, the dbwrap_watch logic will wakeup smbdC in order to
let it recheck the smbXcli_client.tdb record in order to
handle the case where smbdA died or deleted its record.
Now smbdC rechecks the smbXcli_client.tdb record, but it
was not woken because of a problem with smbdA. It meant
that smbdC sends a MSG_SMBXSRV_CONNECTION_PASS message
including the socket fd again.
As a result smbdA got the socket fd from smbdC twice (or even more),
and creates two (or more) smbXsrv_connection structures for the
same low level tcp connection. And it also sends more than one
SMB2 negprot response. Depending on the tevent logic, it will
use different smbXsrv_connection structures to process incoming
requests. And this will almost immediately result in errors.
The typicall error is:
smb2_validate_sequence_number: smb2_validate_sequence_number: bad message_id 2 (sequence id 2) (granted = 1, low = 1, range = 1)
But other errors would also be possible.
The detail that leads to the long delays on the client side is
that our smbd_server_connection_terminate_ex() code will close
only the fd of a single smbXsrv_connection, but the refcount
on the socket fd in the kernel is still not 0, so the tcp
connection is still alive...
Now we remember the server_id of the process that we send
the MSG_SMBXSRV_CONNECTION_PASS message to. And just keep
watching the smbXcli_client.tdb record if the server_id
don't change. As we just need more patience to wait for
the MSG_SMBXSRV_CONNECTION_PASSED message.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15346
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Tue Aug 8 13:59:58 UTC 2023 on atb-devel-224
(cherry picked from commit f348b84fbcf203ab1ba92840cf7aecd55dbf9aa0)
Autobuild-User(v4-18-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-18-test): Fri Aug 11 09:49:53 UTC 2023 on atb-devel-224
- - - - -
fd8324d5 by Michael Tokarev at 2023-08-11T13:07:45+03:00
d/control: python3-testtools is only needed for selftest, remove from Build-Depends for now
- - - - -
2b24bce2 by Michael Tokarev at 2023-08-14T08:34:11+03:00
d/rules: export PYTHONDONTWRITEBYTECODE=1 to stop python from generating .pyc caches (#1048754)
- - - - -
9e5f1a30 by Jones Syue at 2023-08-16T10:48:14+00:00
mdssvc: Do an early talloc_free() in _mdssvc_open()
Environment setup:
When macOS Finder connect to a samba server with 'spotlight = yes',
macOS would issue mdssvc open (mdssvc.opnum == 0) to samba and it goes
through api _mdssvc_open().
After applied 578e434a94147dc2d7dbfc006d2ab84807859c1d,
(this is reported by jaywei at qnap.com)
this line 'talloc_free(path);' is deleted if _mdssvc_open() normal exit,
so memory is lazy de-allocate: delayed to
smbd_tevent_trace_callback() @ smb2_process.c. [1]
Supposed to explicitly free 'path' in _mdssvc_open() @ srv_mdssvc_nt.c[2]
just like abnormal exit, do not wait for main loop to free 'path' which is
no longer used, this is more consistent while reading source code.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15449
[1] gdb tracing 'path' address 0x56204ccc67e0 to know how it is freed.
Breakpoint 2, _tc_free_children_internal (tc=0x56204ccc6780, ptr=0x56204ccc67e0, location=0x7ff430d96410 "../../lib/talloc/talloc.c:1714") at ../../lib/talloc/talloc.c:1656
1656 while (tc->child) {
(gdb) bt
0 _tc_free_children_internal (tc=0x56204ccc6780, ptr=0x56204ccc67e0, location=0x7ff430d96410 "../../lib/talloc/talloc.c:1714") at ../../lib/talloc/talloc.c:1656
1 0x00007ff430d92b14 in _tc_free_internal (tc=0x56204ccc6780, location=0x7ff430d96410 "../../lib/talloc/talloc.c:1714") at ../../lib/talloc/talloc.c:1183
2 0x00007ff430d93b71 in _tc_free_children_internal (tc=0x56204ccc6720, ptr=0x56204ccc6780, location=0x7ff430d96410 "../../lib/talloc/talloc.c:1714") at ../../lib/talloc/talloc.c:1668
3 0x00007ff430d93d66 in talloc_free_children (ptr=0x56204ccc6780) at ../../lib/talloc/talloc.c:1714
4 0x00007ff432235aca in talloc_pop (frame=0x56204ccc6780) at ../../lib/util/talloc_stack.c:125
5 0x00007ff430d92959 in _tc_free_internal (tc=0x56204ccc6720, location=0x7ff431f358d0 "../../source3/smbd/process.c:3726") at ../../lib/talloc/talloc.c:1157
6 0x00007ff430d92cd5 in _talloc_free_internal (ptr=0x56204ccc6780, location=0x7ff431f358d0 "../../source3/smbd/process.c:3726") at ../../lib/talloc/talloc.c:1247
7 0x00007ff430d93f96 in _talloc_free (ptr=0x56204ccc6780, location=0x7ff431f358d0 "../../source3/smbd/process.c:3726") at ../../lib/talloc/talloc.c:1791
8 0x00007ff431d81292 in smbd_tevent_trace_callback (point=TEVENT_TRACE_AFTER_LOOP_ONCE, private_data=0x7ffe46591e30) at ../../source3/smbd/process.c:3726
<...cut...>
[2] gdb tracing 'path' address 0x55a6d66deed0 to know how it is freed.
Breakpoint 2, _tc_free_children_internal (tc=0x55a6d66deed0, ptr=0x55a6d66def30, location=0x7fc4cca84040 "../../source3/rpc_server/mdssvc/srv_mdssvc_nt.c:189") at ../../lib/talloc/talloc.c:1656
1656 while (tc->child) {
(gdb) bt
0 _tc_free_children_internal (tc=0x55a6d66deed0, ptr=0x55a6d66def30, location=0x7fc4cca84040 "../../source3/rpc_server/mdssvc/srv_mdssvc_nt.c:189") at ../../lib/talloc/talloc.c:1656
1 0x00007fc4cb892b14 in _tc_free_internal (tc=0x55a6d66deed0, location=0x7fc4cca84040 "../../source3/rpc_server/mdssvc/srv_mdssvc_nt.c:189") at ../../lib/talloc/talloc.c:1183
2 0x00007fc4cb892cd5 in _talloc_free_internal (ptr=0x55a6d66def30, location=0x7fc4cca84040 "../../source3/rpc_server/mdssvc/srv_mdssvc_nt.c:189") at ../../lib/talloc/talloc.c:1247
3 0x00007fc4cb893f96 in _talloc_free (ptr=0x55a6d66def30, location=0x7fc4cca84040 "../../source3/rpc_server/mdssvc/srv_mdssvc_nt.c:189") at ../../lib/talloc/talloc.c:1791
4 0x00007fc4cc9396e4 in _mdssvc_open (p=0x55a6d66d5600, r=0x55a6d66edc60) at ../../source3/rpc_server/mdssvc/srv_mdssvc_nt.c:189
<...cut...>
Signed-off-by: Jones Syue <jonessyue at qnap.com>
Reviewed-by: Noel Power <npower at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Noel Power <npower at samba.org>
Autobuild-Date(master): Mon Aug 14 18:11:37 UTC 2023 on atb-devel-224
(cherry picked from commit 044cb8f9d558bfcd7658cae0f05ff36330538748)
- - - - -
8e31fd2d by Jeremy Allison at 2023-08-16T10:48:14+00:00
s3: smbd: Deliberately currupt an uninitialized pointer.
We will need this to show smbd crashing in the test code.
This will be removed once we're passing the test.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15420
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit e7bf94b4e3a7f994aa6f0b859089c5add2ad380f)
- - - - -
6fef9767 by Jeremy Allison at 2023-08-16T10:48:14+00:00
s3: torture: Add SMB1-TRUNCATED-SESSSETUP test.
Shows that we indirect through an uninitialized pointer and the client crashes
it's own smbd.
Add knownfail.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15420
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit 963fd8aa9b76361ab9aeb63307773f2498b17879)
- - - - -
4c27dfe3 by Jeremy Allison at 2023-08-16T10:48:14+00:00
s3: smbd: Ensure srvstr_pull_req_talloc() always NULLs out *dest.
Robert Morris <rtm at lcs.mit.edu> noticed that in the case
where srvstr_pull_req_talloc() is being called with
buffer remaining == 0, we don't NULL out the destination
pointed which is *always* done in the codepaths inside
pull_string_talloc(). This prevents a crash in the caller.
Remove knownfail.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15420
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit 9220c45cc191b34e293190f6a923ba463edd5db9)
- - - - -
f025f51a by Jeremy Allison at 2023-08-16T10:48:14+00:00
s3: smbd: Uncorrupt the pointer we were using to prove a crash.
Rather than restore to uninitialized, set to NULL as per
modern coding practices.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15420
Reviewed-by: Volker Lendecke <vl at samba.org>
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit 5bc50d2ea4444244721e72b4264311c7005d2f3c)
- - - - -
e6c0d4f1 by Jeremy Allison at 2023-08-16T10:48:14+00:00
s3: smbd: Ensure all callers to srvstr_pull_req_talloc() pass a zeroed-out dest pointer.
Now we've fixed srvstr_pull_req_talloc() this isn't
strictly needed, but ensuring pointers are initialized
is best practice to avoid future bugs.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15420
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Mon Aug 14 15:55:43 UTC 2023 on atb-devel-224
(cherry picked from commit 5379b8d557a9a16b81eafb87b60b81debc4bfccb)
- - - - -
122afc37 by Jeremy Allison at 2023-08-16T10:48:14+00:00
s3: torture: Add a test doing an SMB1 negotiate+exit.
Robert Morris <rtm at lcs.mit.edu> noticed a missing
return in reply_exit_done().
Adds knownfail.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15430
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
(cherry picked from commit 63895e03c4e8ed79a3b2cda928f58ec278cd6608)
- - - - -
320d6540 by Jeremy Allison at 2023-08-16T11:49:39+00:00
s3: smbd: Add missing 'return;'s in exit paths in reply_exit_done().
Remove knownfail.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15430
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
Autobuild-User(master): Noel Power <npower at samba.org>
Autobuild-Date(master): Mon Aug 14 19:52:49 UTC 2023 on atb-devel-224
(cherry picked from commit d79d0508a4b8bdc4582a350d109181ecae0bf1e2)
Autobuild-User(v4-18-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-18-test): Wed Aug 16 11:49:39 UTC 2023 on atb-devel-224
- - - - -
87e193d9 by Jule Anger at 2023-08-16T18:36:14+02:00
WHATSNEW: Add release notes for Samba 4.18.6.
Signed-off-by: Jule Anger <janger at samba.org>
- - - - -
2613f2b2 by Jule Anger at 2023-08-16T18:36:51+02:00
VERSION: Disable GIT_SNAPSHOT for the 4.18.6 release.
Signed-off-by: Jule Anger <janger at samba.org>
- - - - -
124758a0 by Michael Tokarev at 2023-08-16T20:06:52+03:00
New upstream version 4.18.6+dfsg
- - - - -
7f1e477b by Michael Tokarev at 2023-08-16T20:07:26+03:00
Update upstream source from tag 'upstream/4.18.6+dfsg'
Update to upstream version '4.18.6+dfsg'
with Debian dir 928ac93eb5074cfafd18152754a55a9c3c072389
- - - - -
a1bb3bd5 by Michael Tokarev at 2023-08-16T20:12:47+03:00
update changelog; upload version 4.18.6+dfsg-1 to unstable
- - - - -
30 changed files:
- VERSION
- WHATSNEW.txt
- debian/changelog
- debian/control
- debian/rules
- lib/cmdline/cmdline.c
- lib/cmdline/cmdline.h
- librpc/idl/dcerpc.idl
- librpc/rpc/dcerpc_util.c
- python/modules.c
- python/modules.h
- python/pyglue.c
- python/samba/getopt.py
- python/samba/safe_tarfile.py
- python/samba/tests/blackbox/mdsearch.py
- python/samba/tests/cred_opt.py
- python/samba/tests/dcerpc/mdssvc.py
- python/wscript
- selftest/target/Samba3.pm
- source3/libads/ldap.c
- source3/libnet/libnet_join.c
- source3/modules/vfs_aio_pthread.c
- source3/modules/vfs_widelinks.c
- source3/passdb/pdb_samba_dsdb.c
- source3/rpc_server/dfs/srv_dfs_nt.c
- source3/rpc_server/mdssvc/marshalling.c
- source3/rpc_server/mdssvc/mdssvc.c
- source3/rpc_server/mdssvc/mdssvc.h
- source3/rpc_server/mdssvc/mdssvc_es.c
- source3/rpc_server/mdssvc/srv_mdssvc_nt.c
The diff was not included because it is too large.
View it on GitLab: https://salsa.debian.org/samba-team/samba/-/compare/594f6c07383302574a8468c007c8d0c2e8fc10ed...a1bb3bd5c59d6e6c2a5a2b4b5483509558bd47ee
--
View it on GitLab: https://salsa.debian.org/samba-team/samba/-/compare/594f6c07383302574a8468c007c8d0c2e8fc10ed...a1bb3bd5c59d6e6c2a5a2b4b5483509558bd47ee
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-samba-maint/attachments/20230816/9dd9813d/attachment-0001.htm>
More information about the Pkg-samba-maint
mailing list