Karolin Seeger [Mon, 2 May 2016 07:42:22 +0000 (09:42 +0200)]
VERSION: Disable git snapshots for the 4.3.9 release.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Mon, 2 May 2016 07:41:27 +0000 (09:41 +0200)]
WHATSNEW: Add release date.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Fri, 29 Apr 2016 09:16:16 +0000 (11:16 +0200)]
WHATSNEW: Update release notes.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Autobuild-User(v4-3-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-3-test): Fri Apr 29 16:26:53 CEST 2016 on sn-devel-104
Stefan Metzmacher [Mon, 25 Apr 2016 14:12:47 +0000 (16:12 +0200)]
s3:selftest: add smbclient_ntlm tests
We test all combinations of NT1 with and without spnego and SMB3
for user, anonymous and guest authentication.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11849
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Apr 28 20:16:45 CEST 2016 on sn-devel-144
(cherry picked from commit
eee88e07b3e68efb467b390536eea4155b5ced7e)
Autobuild-User(v4-3-test): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(v4-3-test): Fri Apr 29 13:02:37 CEST 2016 on sn-devel-104
Stefan Metzmacher [Mon, 25 Apr 2016 14:02:22 +0000 (16:02 +0200)]
selftest:Samba4: let fl2000dc use Windows2000 style SPNEGO/NTLMSSP
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11849
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
(cherry picked from commit
4de43387235cb17a185fdd1afd658972e8c174ef)
Stefan Metzmacher [Tue, 26 Apr 2016 23:00:14 +0000 (01:00 +0200)]
selftest:Samba4: let fl2000dc use Windows2000 supported_enctypes
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11849
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
(cherry picked from commit
587b5db7979c1ca1055f5bfd81ab79606cd3c2dd)
Stefan Metzmacher [Tue, 26 Apr 2016 09:33:52 +0000 (11:33 +0200)]
s3:test_smbclient_auth.sh: this script reqiures 5 arguments
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11849
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
(cherry picked from commit
70910334caa176bf98fece7d638ed599979dc173)
Stefan Metzmacher [Tue, 26 Apr 2016 06:50:00 +0000 (08:50 +0200)]
selftest:Samba4: provide DC_* variables for fl2000dc and fl2008r2dc
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11849
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
(cherry picked from commit
b8055cb42cadf48367867213a35635f3391c9b8d)
Stefan Metzmacher [Mon, 25 Apr 2016 13:58:27 +0000 (15:58 +0200)]
auth/ntlmssp: add ntlmssp_{client,server}:force_old_spnego option for testing
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11849
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
(cherry picked from commit
7a2cb2c97611171613fc677a534277839348c56f)
Stefan Metzmacher [Mon, 25 Apr 2016 12:45:55 +0000 (14:45 +0200)]
auth/spnego: add spnego:simulate_w2k option for testing
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11849
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
(cherry picked from commit
db9c01a51975a0a3ec2564357617958c2f466091)
Stefan Metzmacher [Wed, 20 Apr 2016 16:27:34 +0000 (18:27 +0200)]
auth/ntlmssp: do map to guest checking after the authentication
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11847
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
(cherry picked from commit
d667520568996471b55007a42b503edbabb1eee0)
Stefan Metzmacher [Wed, 20 Apr 2016 14:34:28 +0000 (16:34 +0200)]
s3:smbd: only mark real guest sessions with the GUEST flag
Real anonymous sessions don't get it.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11847
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
(similar to commit
79a71545bfc87525c6ba6c8fe9fa7d8a9da33441)
Stefan Metzmacher [Mon, 18 Apr 2016 15:36:56 +0000 (17:36 +0200)]
s3:smbd: make use SMB_SETUP_GUEST constant
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11847
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
(cherry picked from commit
25ce97892ad3ce5028e4dbbbdd844ef6619ac396)
Stefan Metzmacher [Wed, 20 Apr 2016 14:29:42 +0000 (16:29 +0200)]
libcli/security: implement SECURITY_GUEST
SECURITY_GUEST is not exactly the same as SECURITY_ANONYMOUS.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11847
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
(cherry picked from commit
837e6176329330893d5a1e4ce4ac67dbac758e56)
Stefan Metzmacher [Tue, 26 Apr 2016 23:48:32 +0000 (01:48 +0200)]
s3:auth_builtin: anonymous authentication doesn't allow a password
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11847
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
(cherry picked from commit
ead483b0c0ec746c0869162024c97f2e08df7f4b)
Stefan Metzmacher [Tue, 26 Apr 2016 23:44:56 +0000 (01:44 +0200)]
s4:auth_anonymous: anonymous authentication doesn't allow a password
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11847
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
(cherry picked from commit
d247dceaaab24b568425f2360e40f5e91be452cc)
Stefan Metzmacher [Fri, 22 Apr 2016 08:04:38 +0000 (10:04 +0200)]
auth/spnego: only try to verify the mechListMic if signing was negotiated.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11847
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
(cherry picked from commit
65462958522baee6eedcedd4193cfcc8cf0f510e)
Stefan Metzmacher [Tue, 19 Apr 2016 05:33:03 +0000 (07:33 +0200)]
s3:libsmb: use anonymous authentication via spnego if possible
This makes the authentication consistent between
SMB1 with CAP_EXTENDED_SECURITY (introduced in Windows 2000)
and SNB2.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11841
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
(cherry picked from commit
e72ad193a53e20b769f798d02c0610f91859bd38)
Stefan Metzmacher [Tue, 19 Apr 2016 05:20:28 +0000 (07:20 +0200)]
s3:libsmb: don't finish the gensec handshake for guest logins
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11841
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
(cherry picked from commit
fa5799207e55ee8e329f36f784d027845eaf0e34)
Stefan Metzmacher [Tue, 19 Apr 2016 05:19:19 +0000 (07:19 +0200)]
s3:libsmb: record the session setup action flags
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11841
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
(cherry picked from commit
02c902103521e5a2b1d221db83e6c59d0ce31099)
Stefan Metzmacher [Mon, 18 Apr 2016 15:38:46 +0000 (17:38 +0200)]
libcli/smb: add smbXcli_session_is_guest() helper function
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11841
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
(cherry picked from commit
8f4a4bec089b46bbeb0e0f37bb682acb88702bf2)
Stefan Metzmacher [Mon, 18 Apr 2016 15:34:21 +0000 (17:34 +0200)]
libcli/smb: add SMB1 session setup action flags
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11841
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
(cherry picked from commit
cceaa61cf064926baca6db4b303d34ea90d40d52)
Stefan Metzmacher [Mon, 18 Apr 2016 15:33:11 +0000 (17:33 +0200)]
libcli/smb: add smb1cli_session_set_action() helper function
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11841
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
(cherry picked from commit
e6f9e176f2bb0e3e7451ac58e84ff55328219fcd)
Günther Deschner [Wed, 20 Apr 2016 18:09:53 +0000 (20:09 +0200)]
libcli/smb: fix NULL pointer derreference in smbXcli_session_is_authenticated().
Guenther
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11841
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
8e016ffeb01167bb8dec66cf9e4bc8605461c15a)
Stefan Metzmacher [Tue, 19 Apr 2016 05:31:50 +0000 (07:31 +0200)]
s3:libsmb: use password = NULL for anonymous connections
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11858
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
(cherry picked from commit
53be47410236ef7c90fe895f49f300e3fe47a8bf)
Stefan Metzmacher [Wed, 20 Apr 2016 16:44:21 +0000 (18:44 +0200)]
auth/ntlmssp: don't require NTLMSSP_SIGN for smb connections
Enforcement of SMB signing is done at the SMB layer.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11850
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
(cherry picked from commit
d97b347d041f9b5c0aa71f35526cbefd56f3500b)
Stefan Metzmacher [Wed, 20 Apr 2016 16:44:21 +0000 (18:44 +0200)]
auth/ntlmssp: don't require any flags in the ccache_resume code
ntlmssp_client_challenge() already checks for required flags
before asking winbindd.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11850
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
(cherry picked from commit
5041adb6657596399049a33e6a739a040b4df0db)
Stefan Metzmacher [Sat, 23 Apr 2016 03:17:25 +0000 (05:17 +0200)]
auth/spnego: handle broken mechListMIC response from Windows 2000
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11870
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
(cherry picked from commit
032c2733dea834e2c95178cdd0deb73e7bb13621)
Stefan Metzmacher [Thu, 28 Apr 2016 10:26:16 +0000 (12:26 +0200)]
auth/spnego: change log level for 'Failed to setup SPNEGO negTokenInit request: NT_STATUS_INTERNAL_ERROR'
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11872
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
(cherry picked from commit
9930bd17f2d39e4be1e125f83f7de489a94ea1d1)
Günther Deschner [Thu, 28 Apr 2016 10:58:33 +0000 (12:58 +0200)]
s3:librpc:crypto:gse: increase debug level for gse_init_client().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11872
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
b6595037f3fcaafb957d9c08edfb89c72cded987)
Günther Deschner [Thu, 28 Apr 2016 10:58:10 +0000 (12:58 +0200)]
lib:krb5_wrap:krb5_samba: increase debug level for smb_krb5_get_default_realm_from_ccache().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11872
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
95b8b020626ba58a77a21e3da804bac2f0cf90b1)
Stefan Metzmacher [Fri, 22 Apr 2016 14:31:55 +0000 (16:31 +0200)]
s3:libads/sasl: allow wrapped messages up to a size of 0xfffffff
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11872
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
(cherry picked from commit
795e796658e6da0149c9c00ece7cca4ccc457717)
Stefan Metzmacher [Fri, 22 Apr 2016 14:18:24 +0000 (16:18 +0200)]
s4:gensec_tstream: allow wrapped messages up to a size of 0xfffffff
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11872
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
(cherry picked from commit
8704958fb3b212b401a8e7d94fdd9c627adbde0d)
Hemanth Thummala [Thu, 14 Apr 2016 20:09:37 +0000 (13:09 -0700)]
Mask general purpose signals for notifyd.
Currently there is no signal handling available for notify daemon.
Signals like SIGHUP and SIGUSR1 can lead to terminate the notify
daemon. Masking these signals for notifyd as we are not handling them.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11840
Signed-off-by: Hemanth Thummala <hemanth.thummala@nutanix.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Apr 15 15:31:19 CEST 2016 on sn-devel-144
(cherry picked from commit
cade673f5fff8a578b8620149688ecc93e981205)
Karolin Seeger [Thu, 28 Apr 2016 09:11:43 +0000 (11:11 +0200)]
WHATSNEW: Start release notes for Samba 4.3.9.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Autobuild-User(v4-3-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-3-test): Fri Apr 29 01:45:30 CEST 2016 on sn-devel-104
Jorge Schrauwen [Sun, 3 Apr 2016 09:43:50 +0000 (11:43 +0200)]
configure: Don't check for inotify on illumos
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11816
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
94f31295b12b20a68d596929ea428eb36f8c0d82)
Volker Lendecke [Mon, 4 Apr 2016 11:43:02 +0000 (13:43 +0200)]
nwrap: Fix the build on Solaris
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11816
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Apr 5 08:57:06 CEST 2016 on sn-devel-144
(cherry picked from commit
ff6b49beeb5df30f4e243a97d2e6218ec497e9ad)
Volker Lendecke [Wed, 27 Apr 2016 10:15:37 +0000 (12:15 +0200)]
smbd: Avoid large reads beyond EOF
With unix extensions and oplocks=no mount.cifs from jessie reads beyond the
file end forever, and we are happy to return zeros....
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11878
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Apr 27 23:57:56 CEST 2016 on sn-devel-144
(cherry picked from commit
10b0a8baa25fab70df8e6c5f0048ce0963211517)
Partha Sarathi [Thu, 14 Apr 2016 12:39:05 +0000 (12:39 +0000)]
Fix the smb2_setinfo to handle FS info types and FSQUOTA infolevel
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11819
Signed-off-by: Partha Sarathi <partha@exablox.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
Autobuild-User(master): Uri Simchoni <uri@samba.org>
Autobuild-Date(master): Wed Apr 27 05:39:01 CEST 2016 on sn-devel-144
(cherry picked from commit
07e2f4731e5819a893c4675d93fede5ea261bed7)
Uri Simchoni [Mon, 18 Apr 2016 20:08:38 +0000 (23:08 +0300)]
libads: record session expiry for spnego sasl binds
With the move to gensec-based spnego, record the session expiry
in tgs_expire, so that libads users such as winbindd can use this info
to determine how long to keep the connection.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11852
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Uri Simchoni <uri@samba.org>
Autobuild-Date(master): Tue Apr 19 16:53:57 CEST 2016 on sn-devel-144
(cherry picked from commit
34482eb7cc3d74c8de510309332e8ab176d0f3c0)
Autobuild-User(v4-3-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-3-test): Tue Apr 26 15:33:37 CEST 2016 on sn-devel-104
Stefan Metzmacher [Tue, 15 Mar 2016 15:59:51 +0000 (16:59 +0100)]
s3:wscript: pylibsmb depends on pycredentials
The need for pytalloc-util was based on the fact that
pycredentials depends on pytalloc-util.
As pylibsmb only used pycredentials and not pytalloc-util directly,
we should depend on pycredentials.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11789
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
(cherry picked from commit
74ca470739e0128556d8d20010464df07f2f0ac8)
Günther Deschner [Mon, 1 Feb 2016 22:11:13 +0000 (23:11 +0100)]
libsmb/pysmb: add pytalloc-util dependency to fix the build.
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Tue Feb 2 15:49:14 CET 2016 on sn-devel-144
(cherry picked from commit
943e69ca8fd4491004eafbf29ed2ca748b0b7480)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11789
Garming Sam [Tue, 15 Mar 2016 00:29:54 +0000 (13:29 +1300)]
build: mark explicit dependencies on pytalloc-util
All subsystems that include pytalloc.h need to link against
pytalloc-util.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11789
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Tue Mar 15 07:08:16 CET 2016 on sn-devel-144
(similar to commit
7b431eba22444d2e0d872de781a8193dcfa6d252)
Backported to 4.3 by Andrew Bartlett
Andrew Bartlett [Tue, 16 Feb 2016 02:15:44 +0000 (15:15 +1300)]
pydsdb: Fix returning of ldb.MessageElement.
This object is not based on pytalloc_Object and so this causes
a segfault (later a failure) when the struct definitions diverge.
We must also not reuse the incoming ldb_message_element as a talloc
context and overwrite the values, instead we should create a new
object and return that.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from commit
b96b1e88f760c92c7d9bb7e732f72d7e73a68907)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11789
Andrew Bartlett [Tue, 22 Sep 2015 03:25:30 +0000 (15:25 +1200)]
pydsdb: Also accept ldb.MessageElement values to dsdb routines
This shows the correct way to accept a value that may be a list of strings
or a proper ldb.MessageElement.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from commit
b48776d78b446ad4abd4a6bc2ba6b488a29b11d2)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11789
Volker Lendecke [Sun, 10 Apr 2016 10:51:15 +0000 (12:51 +0200)]
vfs_catia: Fix bug 11827, memleak
add_srt should add the mappings to the linked list even if
mappings==NULL (the default)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11827
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Mon Apr 11 14:25:59 CEST 2016 on sn-devel-144
(cherry picked from commit
3e2af1568d150de1cb12fef40580f4880ac787ff)
Autobuild-User(v4-3-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-3-test): Mon Apr 18 16:24:45 CEST 2016 on sn-devel-104
Jeremy Allison [Tue, 5 Apr 2016 20:07:06 +0000 (13:07 -0700)]
s3: libsmb: Fix error where short name length was read as 2 bytes, should be 1.
Reported by Thomas Dvorachek <tdvorachek@yahoo.com> from a Windows 10 server.
Confirmed in MS-CIFS 2.2.8.1.7.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11822
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Apr 6 03:46:55 CEST 2016 on sn-devel-144
(cherry picked from commit
f63b9a73b03971f41947c694e6952cd1e49b67c3)
Uri Simchoni [Mon, 21 Mar 2016 21:04:24 +0000 (23:04 +0200)]
vfs_acl_common: avoid setting POSIX ACLs if "ignore system acls" is set
When "ignore system acls" is set, do not mess at all with POSIX ACLS,
do not even calculate the would-be POSIX-ACL-based security descriptor
(for performance reasons).
Instead, just store a V3 blob with zero hash. This means that if we
later read the ACL without ignoring system ACLs, the NT ACL shall be
reset to the info derivable from the POSIX ACL.
File ownership is still modified as it has bearing on disk quotas.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11806
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
765e5f1f2670d3d5d8d62a04b4ccf38a680bcb37)
Stefan Metzmacher [Fri, 19 Feb 2016 10:46:03 +0000 (11:46 +0100)]
tevent: version 0.9.28
* Fix memory leak when old signal action restored (bug #11742)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11771
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Feb 19 19:12:25 CET 2016 on sn-devel-144
(cherry picked from commit
da74d0c317be9ce67eb5d00d232167d466f68a1e)
The last 13 patches addressed bug #11771:
Backport tevent 0.9.28.
Jeremy Allison [Tue, 16 Feb 2016 22:23:53 +0000 (14:23 -0800)]
lib: tevent: Fix memory leak reported by Pavel Březina <pbrezina@redhat.com> when old signal action restored.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11742
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11771
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Feb 18 01:42:50 CET 2016 on sn-devel-144
(cherry picked from commit
833a2f474367624dd9980abb28227850e95fe976)
Stefan Metzmacher [Mon, 15 Feb 2016 10:40:34 +0000 (11:40 +0100)]
tevent: version 0.9.27
* Fix bug in poll backend - poll_event_loop_poll()
exits the for loop on POLLNVAL instead of
continuing to find an event that is ready.
* Fix ETIME handling for Solaris event ports (bug #11728).
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11771
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Tue Feb 16 00:00:51 CET 2016 on sn-devel-144
(cherry picked from commit
2267faddfa9863b205dfad580fbd45182916cb32)
Nathan Huff [Fri, 5 Feb 2016 20:35:07 +0000 (13:35 -0700)]
Fix ETIME handling for Solaris event ports.
It is possible for port_getn to return -1 with errno set to ETIME and
still return events. If those events aren't processed the association is
lost by samba since the kernel dissacociated them and samba never
processed them so never reassociated them with the event port. The
patch checks the nget return value in the case of ETIME and if it is non
0 it doesn't return and goes through the event processing loop.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11771
Signed-off-by: Nathan Huff <nhuff@acm.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Sun Feb 7 11:26:35 CET 2016 on sn-devel-144
(cherry picked from commit
4953b1f73f8ec9387516be1058434d71937e1447)
Jelmer Vernooij [Mon, 4 Jan 2016 23:01:26 +0000 (23:01 +0000)]
tevent: Only set public headers field when installing as a public library.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11771
Signed-off-by: Jelmer Vernooij <jelmer@jelmer.uk>
(cherry picked from commit
2cba4918dbe82fb9d0455c73d35aa551dccc924f)
Jelmer Vernooij [Sat, 9 Jan 2016 20:25:17 +0000 (20:25 +0000)]
Simplify handling of dependencies on external libraries in test_headers.
Signed-off-by: Jelmer Vernooij <jelmer@jelmer.uk>
(cherry picked from commit
3123e2c66a29aaabad7408107bcf4a0e841a93ec)
Jelmer Vernooij [Wed, 18 Nov 2015 02:59:37 +0000 (02:59 +0000)]
Set LD_LIBRARY_PATH during tests.
Without this, tests fail ir libtevent is not installed on the system.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11771
Signed-Off-By: Jelmer Vernooij <jelmer@jelmer.uk>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Nov 18 21:40:26 CET 2015 on sn-devel-104
(cherry picked from commit
bf06a5166ed29e82c4efdb86cf2634f424c29931)
Jeremy Allison [Tue, 17 Nov 2015 17:13:41 +0000 (09:13 -0800)]
lib: tevent: Whitespace cleanup.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11771
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Nov 18 15:54:03 CET 2015 on sn-devel-104
(cherry picked from commit
39d0a81ed87c58836335ec10af22b36c9961f91e)
Jeremy Allison [Tue, 17 Nov 2015 18:28:50 +0000 (10:28 -0800)]
lib: tevent: Fix bug in poll backend - poll_event_loop_poll()
If the (pfd->revents & POLLNVAL) case is triggered,
we do DLIST_REMOVE(ev->fd_events, fde); and then
use fde->next in the loop above.
Save off fde->next for loop interation before
this so we can't use a deleted ->next value.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11771
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
2be3dd1407eabe3df360ede2eab178848e34733c)
Stefan Metzmacher [Mon, 24 Aug 2015 13:47:51 +0000 (15:47 +0200)]
tevent: version 0.9.26
* New tevent_thread_proxy API
* Minor build fixes
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11771
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
9884a8fa58ffc8ddff0977c069aedda3beb6415f)
Jeremy Allison [Wed, 22 Jul 2015 18:52:06 +0000 (11:52 -0700)]
lib: tevent: docs: Add tutorial on thread usage.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11771
Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
68077c617b0a456baea56349fbf502307318c487)
Jeremy Allison [Fri, 24 Jul 2015 16:27:21 +0000 (09:27 -0700)]
lib: tevent: tests: Add a second thread test that does request/reply.
Both tests run cleanly with valgrind --tool=drd and
valgrind --tool=helgrind
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11771
Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
a132320b4c434ae9c2188377951d092f7309e63c)
Jeremy Allison [Fri, 24 Jul 2015 15:50:31 +0000 (08:50 -0700)]
lib: tevent: Initial test of tevent threaded context code.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11771
Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
187aebb25b970a3679a72109def8e8b85622722e)
Jeremy Allison [Thu, 23 Jul 2015 22:23:50 +0000 (15:23 -0700)]
lib: tevent: Initial checkin of threaded tevent context calling code.
Adds 2 new functions:
struct tevent_thread_proxy *tevent_thread_proxy_create(
struct tevent_context *dest_ev_ctx);
void tevent_thread_proxy_schedule(struct tevent_thread_proxy *tp,
struct tevent_immediate **pp_im,
tevent_immediate_handler_t handler,
void *pp_private_data);
Brief doc included. Tests, docs and tutorial to follow.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11771
Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
49bddd8e4756ef52b05b850aec4864749fcf31cb)
Stefan Metzmacher [Fri, 27 Nov 2015 17:19:38 +0000 (18:19 +0100)]
libcli/smb: fix BUFFER_OVERFLOW handling in tstream_smbXcli_np
The special error is not NT_STATUS_BUFFER_TOO_SMALL, but STATUS_BUFFER_OVERFLOW.
Tested using TSTREAM_SMBXCLI_NP_MAX_BUF_SIZE == 20 and running
the following commands against a Windows 2012R2 server:
bin/smbtorture ncacn_np:SERVER[] rpc.lsa-getuser
bin/smbtorture ncacn_np:SERVER[smb2] rpc.lsa-getuser
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11623
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Dec 1 03:42:52 CET 2015 on sn-devel-104
(cherry picked from commit
3bbd8d3614af641535ab0925303ad07c03c4e094)
Stefan Metzmacher [Fri, 27 Nov 2015 18:10:01 +0000 (19:10 +0100)]
libcli/smb: correctly handle STATUS_BUFFER_OVERFLOW in smb1cli_readx*
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11623
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
0e8d33fb5ffd6fdb0e503c5ff59e3635bbf10041)
Stefan Metzmacher [Fri, 27 Nov 2015 18:10:01 +0000 (19:10 +0100)]
libcli/smb: correctly handle STATUS_BUFFER_OVERFLOW in smb2cli_query_info*
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11623
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
68850f3f56e9b28b298c1bc3a6249f9c26602217)
Stefan Metzmacher [Fri, 27 Nov 2015 18:10:01 +0000 (19:10 +0100)]
libcli/smb: correctly handle STATUS_BUFFER_OVERFLOW in smb2cli_read*
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11623
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
b47bfce6781ea3be2b85cbef348107eda4f98860)
Stefan Metzmacher [Fri, 27 Nov 2015 16:31:04 +0000 (17:31 +0100)]
libcli/smb: make sure we have a body size of 0x31 before dereferencing an ioctl response
Found by valgrind, reported by Noel Power <nopower@suse.com>:
==7913== Invalid read of size 1
==7913== at 0xC4F23EE: smb2cli_ioctl_done (smb2cli_ioctl.c:245)
==7913== by 0x747A744: _tevent_req_notify_callback (tevent_req.c:112)
==7913== by 0x747A817: tevent_req_finish (tevent_req.c:149)
==7913== by 0x747A93C: tevent_req_trigger (tevent_req.c:206)
==7913== by 0x7479B2B: tevent_common_loop_immediate
(tevent_immediate.c:135)
==7913== by 0xA9CB4BE: run_events_poll (events.c:192)
==7913== by 0xA9CBB32: s3_event_loop_once (events.c:303)
==7913== by 0x7478C72: _tevent_loop_once (tevent.c:533)
==7913== by 0x747AACD: tevent_req_poll (tevent_req.c:256)
==7913== by 0x505315D: tevent_req_poll_ntstatus (tevent_ntstatus.c:109)
==7913== by 0xA7201F2: cli_tree_connect (cliconnect.c:2764)
==7913== by 0x165FF7: cm_prepare_connection (winbindd_cm.c:1276)
==7913== Address 0x16ce24ec is 764 bytes inside a block of size 813 alloc'd
==7913== at 0x4C29110: malloc (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==7913== by 0x768A0C1: __talloc_with_prefix (talloc.c:668)
==7913== by 0x768A27E: _talloc_pool (talloc.c:721)
==7913== by 0x768A41E: _talloc_pooled_object (talloc.c:790)
==7913== by 0x747A594: _tevent_req_create (tevent_req.c:66)
==7913== by 0xCF6E2FA: read_packet_send (async_sock.c:414)
==7913== by 0xCF6EB54: read_smb_send (read_smb.c:54)
==7913== by 0xC4DA146: smbXcli_conn_receive_next (smbXcli_base.c:1027)
==7913== by 0xC4DA02D: smbXcli_req_set_pending (smbXcli_base.c:978)
==7913== by 0xC4DF776: smb2cli_req_compound_submit (smbXcli_base.c:3166)
==7913== by 0xC4DFC1D: smb2cli_req_send (smbXcli_base.c:3268)
==7913== by 0xC4F2210: smb2cli_ioctl_send (smb2cli_ioctl.c:149)
==7913==
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11622
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
91e12e04fc05a0b09b70ca2986aab9b96a8a035c)
Stefan Metzmacher [Tue, 12 Apr 2016 19:13:35 +0000 (21:13 +0200)]
VERSION: Bump version up to 4.3.9
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Tue, 12 Apr 2016 19:12:44 +0000 (21:12 +0200)]
Merge tag 'samba-4.3.8' into v4-3-test
samba: tag release samba-4.3.8
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Mon, 11 Apr 2016 07:19:58 +0000 (09:19 +0200)]
VERSION: Disable git snapshots for the 4.3.8 release.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Mon, 11 Apr 2016 07:13:21 +0000 (09:13 +0200)]
WHATSNEW: Add release notes for Samba 4.3.8.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11744
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Fri, 8 Apr 2016 08:05:38 +0000 (10:05 +0200)]
s3:libads: sasl wrapped LDAP connections against with kerberos and arcfour-hmac-md5
This fixes a regression in commit
2cb07ba50decdfd6d08271cd2b3d893ff95f5af9
(s3:libads: make use of ads_sasl_spnego_gensec_bind() for GSS-SPNEGO with Kerberos)
that prevents things like 'net ads join' from working against a Windows 2003 domain.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11804
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Fri, 8 Apr 2016 11:56:50 +0000 (13:56 +0200)]
VERSION: Bump version up to 4.3.8...
and re-enable git snapshots.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Mon, 28 Mar 2016 22:36:56 +0000 (00:36 +0200)]
VERSION: Disable git snapshots for the 4.3.7 release.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Mon, 28 Mar 2016 22:26:48 +0000 (00:26 +0200)]
WHATSNEW: Add release notes for Samba 4.3.7.
o CVE-2015-5370 (Multiple errors in DCE-RPC code)
o CVE-2016-2110 (Man in the middle attacks possible with NTLMSSP)
o CVE-2016-2111 (NETLOGON Spoofing Vulnerability)
o CVE-2016-2112 (LDAP client and server don't enforce integrity)
o CVE-2016-2113 (Missing TLS certificate validation)
o CVE-2016-2114 ("server signing = mandatory" not enforced)
o CVE-2016-2115 (SMB IPC traffic is not integrity protected)
o CVE-2016-2118 (SAMR and LSA man in the middle attacks possible)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11744
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Fri, 26 Jun 2015 19:05:53 +0000 (21:05 +0200)]
CVE-2015-5370: s4:selftest: run samba.tests.dcerpc.raw_protocol against ad_dc
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Wed, 26 Mar 2014 21:42:19 +0000 (22:42 +0100)]
CVE-2015-5370: python/samba/tests: add some dcerpc raw_protocol tests
These are independent from our client library and allow
testing of invalid pdus.
It can be used like this in standalone mode:
SMB_CONF_PATH=/dev/null SERVER=172.31.9.188 python/samba/tests/dcerpc/raw_protocol.py
or
SMB_CONF_PATH=/dev/null SERVER=172.31.9.188 python/samba/tests/dcerpc/raw_protocol.py -v -f TestDCERPC_BIND.test_invalid_auth_noctx
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Wed, 26 Mar 2014 21:42:19 +0000 (22:42 +0100)]
CVE-2015-5370: python/samba/tests: add infrastructure to do raw protocol tests for DCERPC
These are independent from our client library and allow
testing of invalid pdus.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Tue, 22 Dec 2015 20:13:41 +0000 (21:13 +0100)]
CVE-2015-5370: s4:librpc/rpc: call dcerpc_connection_dead() on protocol errors
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Tue, 22 Dec 2015 20:23:14 +0000 (21:23 +0100)]
CVE-2015-5370: s3:rpc_client: disconnect connection on protocol errors
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Wed, 23 Dec 2015 10:05:45 +0000 (11:05 +0100)]
CVE-2015-5370: libcli/smb: use a max timeout of 1 second in tstream_smbXcli_np_destructor()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Tue, 7 Jul 2015 22:01:37 +0000 (00:01 +0200)]
CVE-2015-5370: s3:rpc_server: verify auth_context_id in api_pipe_{bind_auth3,alter_context}
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Tue, 7 Jul 2015 20:51:18 +0000 (22:51 +0200)]
CVE-2015-5370: s3:rpc_client: verify auth_context_id in rpc_pipe_bind_step_one_done()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Tue, 7 Jul 2015 22:01:37 +0000 (00:01 +0200)]
CVE-2015-5370: s3:librpc/rpc: verify auth_context_id in dcerpc_check_auth()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Tue, 7 Jul 2015 22:01:37 +0000 (00:01 +0200)]
CVE-2015-5370: s3:librpc/rpc: make use of auth->auth_context_id in dcerpc_add_auth_footer()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Tue, 7 Jul 2015 22:01:37 +0000 (00:01 +0200)]
CVE-2015-5370: s3:rpc_server: make use of pipe_auth_data->auth_context_id
This is better than using hardcoded values.
We need to use the value the client used in the BIND request.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Tue, 7 Jul 2015 22:01:37 +0000 (00:01 +0200)]
CVE-2015-5370: s3:rpc_client: make use of pipe_auth_data->auth_context_id
This is better than using hardcoded values.
We need to use auth_context_id = 1 for authenticated
connections, as old Samba server (before this patchset)
will use a hardcoded value of 1.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Tue, 7 Jul 2015 22:01:37 +0000 (00:01 +0200)]
CVE-2015-5370: s3:librpc/rpc: add auth_context_id to struct pipe_auth_data
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Tue, 7 Jul 2015 22:01:37 +0000 (00:01 +0200)]
CVE-2015-5370: s3:rpc_client: pass struct pipe_auth_data to create_rpc_{bind_auth3,alter_context}()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Tue, 7 Jul 2015 11:05:01 +0000 (13:05 +0200)]
CVE-2015-5370: s3:rpc_server: don't allow an existing context to be changed in check_bind_req()
An alter context can't change the syntax of an existing context,
a new context_id will be used for that.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Tue, 7 Jul 2015 11:05:01 +0000 (13:05 +0200)]
CVE-2015-5370: s3:rpc_server: check the transfer syntax in check_bind_req() first
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Sat, 11 Jul 2015 08:58:07 +0000 (10:58 +0200)]
CVE-2015-5370: s3:librpc/rpc: remove unused dcerpc_pull_dcerpc_auth()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Wed, 23 Dec 2015 11:38:55 +0000 (12:38 +0100)]
CVE-2015-5370: s3:rpc_server: use DCERPC_NCA_S_PROTO_ERROR FAULTs for protocol errors
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Wed, 23 Dec 2015 11:38:55 +0000 (12:38 +0100)]
CVE-2015-5370: s3:rpc_server: let a failing BIND mark the connection as broken
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Wed, 23 Dec 2015 11:40:58 +0000 (12:40 +0100)]
CVE-2015-5370: s3:rpc_server: disconnect the connection after a fatal FAULT pdu
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Tue, 7 Jul 2015 14:06:59 +0000 (16:06 +0200)]
CVE-2015-5370: s3:rpc_server: make use of dcerpc_verify_ncacn_packet_header() to verify incoming pdus
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Tue, 7 Jul 2015 14:06:59 +0000 (16:06 +0200)]
CVE-2015-5370: s3:rpc_server: verify presentation context arrays
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Tue, 7 Jul 2015 14:06:59 +0000 (16:06 +0200)]
CVE-2015-5370: s3:rpc_server: use 'alter' instead of 'bind' for variables in api_pipe_alter_context()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Jeremy Allison [Tue, 7 Jul 2015 07:15:39 +0000 (09:15 +0200)]
CVE-2015-5370: s3:rpc_server: ensure that the message ordering doesn't violate the spec
The first pdu is always a BIND.
REQUEST pdus are only allowed once the authentication
is finished.
A simple anonymous authentication is finished after the BIND.
Real authentication may need additional ALTER or AUTH3 exchanges.
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Tue, 7 Jul 2015 11:05:01 +0000 (13:05 +0200)]
CVE-2015-5370: s3:rpc_server: make sure auth_level isn't changed by alter_context or auth3
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>