Karolin Seeger [Tue, 10 Apr 2018 19:21:39 +0000 (21:21 +0200)]
VERSION: Disable GIT_SNAPSHOT for the 4.6.15 release.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Tue, 10 Apr 2018 19:21:09 +0000 (21:21 +0200)]
WHATSNEW: Add release notes for Samba 4.6.15.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Volker Lendecke [Wed, 11 Apr 2018 13:11:10 +0000 (15:11 +0200)]
torture: Test compound request request counters
This will send an unfixed smbd into the
SMB_ASSERT(op->request_count > 0);
in smbd_smb2_request_reply_update_counts
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13215
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Apr 12 14:38:39 CEST 2018 on sn-devel-144
(cherry picked from commit
40edd1bc273f664d5567ef5be169033899acee1f)
Autobuild-User(v4-6-test): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(v4-6-test): Thu Apr 12 21:56:31 CEST 2018 on sn-devel-144
Stefan Metzmacher [Wed, 11 Apr 2018 10:14:59 +0000 (12:14 +0200)]
s3:smb2_server: correctly maintain request counters for compound requests
If a session expires during a compound request chain,
we exit smbd_smb2_request_dispatch() with
'return smbd_smb2_request_error(req, ...)' before
calling smbd_smb2_request_dispatch_update_counts().
As req->request_counters_updated was only reset
within smbd_smb2_request_dispatch_update_counts(),
smbd_smb2_request_reply_update_counts() was called
twice on the same request, which triggers
SMB_ASSERT(op->request_count > 0);
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13215
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
87e25cd1e45bfe57292b62ffc44ddafc01c61ca0)
Jeremy Allison [Mon, 9 Apr 2018 16:32:23 +0000 (09:32 -0700)]
s3: smbd: Unix extensions attempts to change wrong field in fchown call.
Cut and paste error.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13375
Reported-by: Rungta, Vandana <vrungta@amazon.com>
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Tue Apr 10 00:45:56 CEST 2018 on sn-devel-144
(cherry picked from commit
3227b110d065500ed84fc70063da70ab35823a2e)
Autobuild-User(v4-6-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-6-test): Wed Apr 11 16:55:21 CEST 2018 on sn-devel-144
Anton Nefedov via samba-technical [Thu, 15 Mar 2018 11:38:41 +0000 (14:38 +0300)]
s3:smbd: map nterror on smb2_flush errorpath
smbd_smb2_flush_recv() expects nterror in tevent_req, and otherwise
aborts in tevent_req_is_nterror()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13338
Signed-off-by: Anton Nefedov <anton.nefedov@virtuozzo.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
98623129446672521b7fa41d3457b8ce95db828c)
Poornima G [Thu, 22 Feb 2018 10:51:35 +0000 (16:21 +0530)]
vfs_glusterfs: Fix the wrong pointer being sent in glfs_fsync_async
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13297
Pair-Programmed-With: Anoop C S <anoopcs@redhat.com>
Signed-off-by: Poornima G <pgurusid@redhat.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Mon Feb 26 20:17:50 CET 2018 on sn-devel-144
(cherry picked from commit
46e6626f73f42c84f254507c3ec2b591e2e732ba)
Jeremy Allison [Wed, 14 Feb 2018 21:23:12 +0000 (13:23 -0800)]
s3: smbd: Fix possible directory fd leak if the underlying OS doesn't support fdopendir()
HPUX has this problem.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13270
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Feb 23 22:56:35 CET 2018 on sn-devel-144
(cherry picked from commit
5ad5e7966f555b1d2b39d276646934a2cd2535e6)
Jeremy Allison [Wed, 24 Jan 2018 22:09:43 +0000 (14:09 -0800)]
s3: ldap: Ensure the ADS_STRUCT pointer doesn't get freed on error, we don't own it here.
Thanks to Isaac Boukris <iboukris@gmail.com> for finding the
issue and testing this fix.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13244
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jan 26 02:25:20 CET 2018 on sn-devel-144
(cherry picked from commit
e7425bd5245ffea68b7e8f794c9b5f864d103769)
Garming Sam [Mon, 8 Jan 2018 03:34:02 +0000 (16:34 +1300)]
tests/bind.py: Add a bind test with NTLMSSP with no domain
Confirmed to pass against Windows 2012 R2.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13206
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
2e49a97777ebf5bffbeadca03517b4a21bca24c0)
Autobuild-User(v4-6-test): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(v4-6-test): Tue Mar 20 21:20:00 CET 2018 on sn-devel-144
Stefan Metzmacher [Tue, 9 Jan 2018 07:57:05 +0000 (08:57 +0100)]
s3:cliconnect.c: remove useless ';'
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13206
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
e039e9b0d2a16b21ace019b028e5c8244486b8a3)
Stefan Metzmacher [Tue, 9 Jan 2018 07:55:48 +0000 (08:55 +0100)]
s3:libsmb: allow -U"\\administrator" to work
cli_credentials_get_principal() returns NULL in that case.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13206
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
0786a65cabb92a812cf1c692d0d26914f74a6f87)
Stefan Metzmacher [Tue, 13 Mar 2018 10:11:55 +0000 (11:11 +0100)]
Merge tag 'samba-4.6.14' into v4-6-test
samba: tag release samba-4.6.14
Karolin Seeger [Tue, 13 Mar 2018 09:40:24 +0000 (10:40 +0100)]
VERSION: Bump version up to 4.6.15...
and re-enable GIT_SNAPSHOT.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Günther Deschner [Mon, 15 Jan 2018 22:20:39 +0000 (23:20 +0100)]
build: fix libceph-common detection
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13277
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Thu Feb 22 19:30:12 CET 2018 on sn-devel-144
(cherry picked from commit
6a59619844e0def505a6bfa778c17721c062e0ee)
Karolin Seeger [Mon, 12 Mar 2018 09:10:53 +0000 (10:10 +0100)]
VERSION: Disable GIT_SNAPSHOT for the 4.6.14 release.
CVE-2018-1050 (Denial of Service Attack on external print server.)
CVE-2018-1057 (Authenticated users can change other users' password.)
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Mon, 12 Mar 2018 09:10:07 +0000 (10:10 +0100)]
WHATSNEW: Add release notes for Samba 4.6.14.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Ralph Boehme [Thu, 15 Feb 2018 22:11:38 +0000 (23:11 +0100)]
CVE-2018-1057: s4:dsdb/acl: changing dBCSPwd is only allowed with a control
This is not strictly needed to fig bug 13272, but it makes sense to also
fix this while fixing the overall ACL checking logic.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Fri, 16 Feb 2018 14:38:19 +0000 (15:38 +0100)]
CVE-2018-1057: s4:dsdb: use DSDB_CONTROL_PASSWORD_ACL_VALIDATION_OID
This is used to pass information about which password change operation (change
or reset) the acl module validated, down to the password_hash module.
It's very important that both modules treat the request identical.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Fri, 16 Feb 2018 14:30:13 +0000 (15:30 +0100)]
CVE-2018-1057: s4:dsdb/samdb: define DSDB_CONTROL_PASSWORD_ACL_VALIDATION_OID control
Will be used to pass "user password change" vs "password reset" from the
ACL to the password_hash module, ensuring both modules treat the request
identical.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Wed, 14 Feb 2018 18:15:49 +0000 (19:15 +0100)]
CVE-2018-1057: s4:dsdb/acl: run password checking only once
This is needed, because a later commit will let the acl module add a
control to the change request msg and we must ensure that this is only
done once.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Thu, 22 Feb 2018 09:54:37 +0000 (10:54 +0100)]
CVE-2018-1057: s4/dsdb: correctly detect password resets
This change ensures we correctly treat the following LDIF
dn: cn=testuser,cn=users,...
changetype: modify
delete: userPassword
add: userPassword
userPassword: thatsAcomplPASS1
as a password reset. Because delete and add element counts are both
one, the ACL module wrongly treated this as a password change
request.
For a password change we need at least one value to delete and one value
to add. This patch ensures we correctly check attributes and their
values.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Fri, 16 Feb 2018 14:17:26 +0000 (15:17 +0100)]
CVE-2018-1057: s4:dsdb/acl: add a NULL check for talloc_new() in acl_check_password_rights()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Thu, 15 Feb 2018 16:43:43 +0000 (17:43 +0100)]
CVE-2018-1057: s4:dsdb/acl: add check for DSDB_CONTROL_PASSWORD_HASH_VALUES_OID control
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Thu, 15 Feb 2018 21:59:24 +0000 (22:59 +0100)]
CVE-2018-1057: s4:dsdb/acl: check for internal controls before other checks
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Thu, 15 Feb 2018 16:38:31 +0000 (17:38 +0100)]
CVE-2018-1057: s4:dsdb/acl: remove unused else branches in acl_check_password_rights()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Thu, 15 Feb 2018 16:38:31 +0000 (17:38 +0100)]
CVE-2018-1057: s4:dsdb/acl: only call dsdb_acl_debug() if we checked the acl in acl_check_password_rights()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Thu, 15 Feb 2018 13:40:59 +0000 (14:40 +0100)]
CVE-2018-1057: s4:dsdb/password_hash: add a helper variable for passwordAttr->num_values
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Thu, 15 Feb 2018 09:56:06 +0000 (10:56 +0100)]
CVE-2018-1057: s4:dsdb/password_hash: add a helper variable for LDB_FLAG_MOD_TYPE
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Thu, 15 Feb 2018 11:43:09 +0000 (12:43 +0100)]
CVE-2018-1057: s4:dsdb/tests: add a test for password change with empty delete
Note that the request using the clearTextPassword attribute for the
password change is already correctly rejected by the server.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Jeremy Allison [Tue, 2 Jan 2018 23:56:03 +0000 (15:56 -0800)]
CVE-2018-1050: s3: RPC: spoolss server. Protect against null pointer derefs.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11343
Signed-off-by: Jeremy Allison <jra@samba.org>
Karolin Seeger [Mon, 12 Mar 2018 09:10:53 +0000 (10:10 +0100)]
VERSION: Disable GIT_SNAPSHOT for the 4.6.14 release.
CVE-2018-1050 (Denial of Service Attack on external print server.)
CVE-2018-1057 (Authenticated users can change other users' password.)
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Mon, 12 Mar 2018 09:10:07 +0000 (10:10 +0100)]
WHATSNEW: Add release notes for Samba 4.6.14.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Ralph Boehme [Thu, 15 Feb 2018 22:11:38 +0000 (23:11 +0100)]
CVE-2018-1057: s4:dsdb/acl: changing dBCSPwd is only allowed with a control
This is not strictly needed to fig bug 13272, but it makes sense to also
fix this while fixing the overall ACL checking logic.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Fri, 16 Feb 2018 14:38:19 +0000 (15:38 +0100)]
CVE-2018-1057: s4:dsdb: use DSDB_CONTROL_PASSWORD_ACL_VALIDATION_OID
This is used to pass information about which password change operation (change
or reset) the acl module validated, down to the password_hash module.
It's very important that both modules treat the request identical.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Fri, 16 Feb 2018 14:30:13 +0000 (15:30 +0100)]
CVE-2018-1057: s4:dsdb/samdb: define DSDB_CONTROL_PASSWORD_ACL_VALIDATION_OID control
Will be used to pass "user password change" vs "password reset" from the
ACL to the password_hash module, ensuring both modules treat the request
identical.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Wed, 14 Feb 2018 18:15:49 +0000 (19:15 +0100)]
CVE-2018-1057: s4:dsdb/acl: run password checking only once
This is needed, because a later commit will let the acl module add a
control to the change request msg and we must ensure that this is only
done once.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Thu, 22 Feb 2018 09:54:37 +0000 (10:54 +0100)]
CVE-2018-1057: s4/dsdb: correctly detect password resets
This change ensures we correctly treat the following LDIF
dn: cn=testuser,cn=users,...
changetype: modify
delete: userPassword
add: userPassword
userPassword: thatsAcomplPASS1
as a password reset. Because delete and add element counts are both
one, the ACL module wrongly treated this as a password change
request.
For a password change we need at least one value to delete and one value
to add. This patch ensures we correctly check attributes and their
values.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Fri, 16 Feb 2018 14:17:26 +0000 (15:17 +0100)]
CVE-2018-1057: s4:dsdb/acl: add a NULL check for talloc_new() in acl_check_password_rights()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Thu, 15 Feb 2018 16:43:43 +0000 (17:43 +0100)]
CVE-2018-1057: s4:dsdb/acl: add check for DSDB_CONTROL_PASSWORD_HASH_VALUES_OID control
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Thu, 15 Feb 2018 21:59:24 +0000 (22:59 +0100)]
CVE-2018-1057: s4:dsdb/acl: check for internal controls before other checks
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Thu, 15 Feb 2018 16:38:31 +0000 (17:38 +0100)]
CVE-2018-1057: s4:dsdb/acl: remove unused else branches in acl_check_password_rights()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Thu, 15 Feb 2018 16:38:31 +0000 (17:38 +0100)]
CVE-2018-1057: s4:dsdb/acl: only call dsdb_acl_debug() if we checked the acl in acl_check_password_rights()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Thu, 15 Feb 2018 13:40:59 +0000 (14:40 +0100)]
CVE-2018-1057: s4:dsdb/password_hash: add a helper variable for passwordAttr->num_values
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Thu, 15 Feb 2018 09:56:06 +0000 (10:56 +0100)]
CVE-2018-1057: s4:dsdb/password_hash: add a helper variable for LDB_FLAG_MOD_TYPE
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Thu, 15 Feb 2018 11:43:09 +0000 (12:43 +0100)]
CVE-2018-1057: s4:dsdb/tests: add a test for password change with empty delete
Note that the request using the clearTextPassword attribute for the
password change is already correctly rejected by the server.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Jeremy Allison [Tue, 2 Jan 2018 23:56:03 +0000 (15:56 -0800)]
CVE-2018-1050: s3: RPC: spoolss server. Protect against null pointer derefs.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11343
Signed-off-by: Jeremy Allison <jra@samba.org>
Karolin Seeger [Tue, 13 Feb 2018 10:45:24 +0000 (11:45 +0100)]
VERSION: Bump version up to 4.6.14...
and re-enable GIT_SNAPSHOT.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
(cherry picked from commit
2ed874196b73fce0e2376f0a4237f9986413e95f)
Andreas Schneider [Mon, 19 Feb 2018 17:07:50 +0000 (18:07 +0100)]
s3:smbd: Do not crash if we fail to init the session table
This should the following segfault with SMB1:
#6 sig_fault (sig=<optimized out>) at ../lib/util/fault.c:94
#7 <signal handler called>
#8 smbXsrv_session_create (conn=conn@entry=0x5654d3512af0, now=now@entry=
131594481900356690, _session=_session@entry=0x7ffc93a778e8)
at ../source3/smbd/smbXsrv_session.c:1212
#9 0x00007f7618aa21ef in reply_sesssetup_and_X (req=req@entry=0x5654d35174b0) at ../source3/smbd/sesssetup.c:961
#10 0x00007f7618ae17b0 in switch_message (type=<optimized out>, req=req@entry=0x5654d35174b0) at ../source3/smbd/process.c:1726
#11 0x00007f7618ae3550 in construct_reply (deferred_pcd=0x0, encrypted=false, seqnum=0, unread_bytes=0, size=140, inbuf=0x0, xconn=0x5654d35146d0)
at ../source3/smbd/process.c:1762
#12 process_smb (xconn=xconn@entry=0x5654d3512af0, inbuf=<optimized out>, nread=140, unread_bytes=0, seqnum=0, encrypted=<optimized out>,
deferred_pcd=deferred_pcd@entry=0x0) at ../source3/smbd/process.c:2008
#13 0x00007f7618ae4c41 in smbd_server_connection_read_handler (xconn=0x5654d3512af0, fd=40) at ../source3/smbd/process.c:2608
#14 0x00007f761587eedb in epoll_event_loop_once () from /lib64/libtevent.so.0
Inspection the core shows that:
conn->client-session_table is NULL
conn->protocol is PROTOCOL_NONE
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13315
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
a89a7146563f2d9eb8bc02f1c090158ee499c878)
Autobuild-User(v4-6-test): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(v4-6-test): Fri Mar 9 01:47:40 CET 2018 on sn-devel-144
Dan Robertson [Thu, 22 Feb 2018 20:47:11 +0000 (20:47 +0000)]
libsmb: Use smb2 tcon if conn_protocol >= SMB2_02
When the connection protocol is SMB2 the tid from the smb1 member is
used instead of smb2 in cli_state_set_tid which often results in a null
deref.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13310
Signed-off-by: Dan Robertson <drobertson@tripwire.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
b67ffaf518c971817b167b41bf6226cddfdcfd2f)
Volker Lendecke [Thu, 11 Jan 2018 10:55:39 +0000 (11:55 +0100)]
torture: Add test for channel sequence number handling
We run into an assert when the csn wraps
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13215
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Sun Jan 14 14:47:15 CET 2018 on sn-devel-144
(cherry picked from commit
0abe16a5343de9a69bb5cccbad9809b28b642f45)
Volker Lendecke [Thu, 11 Jan 2018 10:25:49 +0000 (11:25 +0100)]
smbXcli: Add "force_channel_sequence"
This enables use of the channel sequence number even for
non-multi-channel servers. This makes our client invalid, but we need to
protect against broken clients with tests.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13215
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
cd288a08500b1cc38ef26e5cb8ef754b4da658b6)
Volker Lendecke [Thu, 11 Jan 2018 14:34:45 +0000 (15:34 +0100)]
smbd: Fix channel sequence number checks for long-running requests
When the client's supplied csn overflows and hits a pending, long-running
request's csn, we panic. Fix this by counting the overflows in
smbXsrv_open_global0->channel_generation
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13215
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
0b57434151a8334a6e9b9b7542824ce4915421a2)
Volker Lendecke [Wed, 10 Jan 2018 13:59:08 +0000 (14:59 +0100)]
smbd: Remove a "!" from an if-condition for easier readability
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13215
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
03f65a7cdc91091a171269cfebc9916f2f678388)
Volker Lendecke [Wed, 10 Jan 2018 14:51:56 +0000 (15:51 +0100)]
torture4: Fix typos
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
71cee27962cba53da3249bd3f5ece32a1d10071d)
Volker Lendecke [Wed, 10 Jan 2018 13:29:01 +0000 (14:29 +0100)]
smbd: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
e8636e7ab75f89e89ef054b5d4aa6c07fddcbe2a)
Stefan Metzmacher [Wed, 20 Dec 2017 13:05:54 +0000 (14:05 +0100)]
s3:smb2_server: allow logoff, close, unlock, cancel and echo on expired sessions
Windows client at least doesn't have code to replay
a SMB2 Close after getting NETWORK_SESSION_EXPIRED,
which locks out a the client and generates an endless
loop around NT_STATUS_SHARING_VIOLATION.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13197
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Thu, 21 Dec 2017 13:47:06 +0000 (14:47 +0100)]
s3:smbd: return the correct error for cancelled SMB2 notifies on expired sessions
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13197
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Thu, 21 Dec 2017 11:53:02 +0000 (12:53 +0100)]
s4:torture: add smb2.session.expire2 test
This demonstrates the interaction of NT_STATUS_NETWORK_SESSION_EXPIRED
and various SMB2 opcodes.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13197
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Karolin Seeger [Wed, 21 Feb 2018 09:15:23 +0000 (10:15 +0100)]
Revert "HEIMDAL:kdc: fix memory leak when decryption AuthorizationData"
This reverts commit
678a7a32473b1f64421cd905b7d535878eb11cab.
Autobuild-User(v4-6-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-6-test): Wed Feb 21 15:14:49 CET 2018 on sn-devel-144
Karolin Seeger [Wed, 21 Feb 2018 09:15:23 +0000 (10:15 +0100)]
Revert "HEIMDAL:kdc: decrypt b->enc_authorization_data in tgs_build_reply()"
This reverts commit
e8988e614aaf269b24b072e483047bdcd80fef33.
Karolin Seeger [Wed, 21 Feb 2018 09:15:23 +0000 (10:15 +0100)]
Revert "HEIMDAL:kdc: if we don't have an authenticator subkey for S4U2Proxy we need to use the additional tickets key"
This reverts commit
ec57c13dc378d15dad98efd59e86bcc2775c5b0a.
Karolin Seeger [Wed, 21 Feb 2018 09:15:22 +0000 (10:15 +0100)]
Revert "s4:kdc: fix the principal names in samba_kdc_update_delegation_info_blob"
This reverts commit
2557d5c6235f7d24866163124fc254cfe81d3871.
Karolin Seeger [Wed, 21 Feb 2018 09:15:22 +0000 (10:15 +0100)]
Revert "HEIMDAL:kdc: let _kdc_encode_reply() use the encryption type based on the server key"
This reverts commit
03484706e4ff546fc7fe41124d896e9f7840fe80.
Karolin Seeger [Wed, 21 Feb 2018 09:15:22 +0000 (10:15 +0100)]
Revert "HEIMDAL:hdb: export a hdb_enctype_supported() helper function"
This reverts commit
18d7cf191718b3a30165a43271e503cc07ca5b50.
Karolin Seeger [Wed, 21 Feb 2018 09:15:22 +0000 (10:15 +0100)]
Revert "s4:kdc: use the strongest possible tgs session key"
This reverts commit
9fdf175905efde803941a5876ce7e060013fc9a0.
Karolin Seeger [Wed, 21 Feb 2018 09:15:22 +0000 (10:15 +0100)]
Revert "TODO s4:kdc: msDS-SupportedEncryptionTypes only on computers"
This reverts commit
fe146338f304a52f861777ada5774887fe0776e3.
Karolin Seeger [Wed, 21 Feb 2018 09:15:22 +0000 (10:15 +0100)]
Revert "TODO s4:kdc: indicate support for new encryption types by adding empty keys"
This reverts commit
bf07697273017014516010475f79be3e59a2ce07.
Karolin Seeger [Wed, 21 Feb 2018 09:15:22 +0000 (10:15 +0100)]
Revert "HEIMDAL:kdc: use the correct authtime from addtitional ticket for S4U2Proxy tickets"
This reverts commit
9ecdf21e174ba7525b77035664428fbdcbf53690.
Volker Lendecke [Thu, 4 Jan 2018 20:06:02 +0000 (21:06 +0100)]
samba: Only use async signal-safe functions in signal handler
Otherwise shutdown can hang
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13240
Signed-off-by: Björn Baumbach <bb@sernet.de>
(similar to commit
361ea743576cf125d7957a97ed78a0446dab1a19)
Autobuild-User(v4-6-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-6-test): Tue Feb 20 17:03:44 CET 2018 on sn-devel-144
Garming Sam [Wed, 20 Sep 2017 02:55:11 +0000 (14:55 +1200)]
subnet: Avoid a segfault when renaming subnet objects
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13031
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Stefan Metzmacher [Wed, 8 Nov 2017 12:18:29 +0000 (13:18 +0100)]
HEIMDAL:kdc: use the correct authtime from addtitional ticket for S4U2Proxy tickets
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13137
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Tue, 7 Nov 2017 11:23:31 +0000 (12:23 +0100)]
TODO s4:kdc: indicate support for new encryption types by adding empty keys
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13135
Stefan Metzmacher [Tue, 7 Nov 2017 11:23:31 +0000 (12:23 +0100)]
TODO s4:kdc: msDS-SupportedEncryptionTypes only on computers
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13135
Stefan Metzmacher [Tue, 7 Nov 2017 17:03:45 +0000 (18:03 +0100)]
s4:kdc: use the strongest possible tgs session key
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13135
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Tue, 7 Nov 2017 14:47:25 +0000 (15:47 +0100)]
HEIMDAL:hdb: export a hdb_enctype_supported() helper function
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13135
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Wed, 8 Nov 2017 10:57:08 +0000 (11:57 +0100)]
HEIMDAL:kdc: let _kdc_encode_reply() use the encryption type based on the server key
Currently the value is the same anyway as the session key is always of the
same type as server key up to now, but that will change shortly.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13135
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Thu, 28 Sep 2017 12:51:43 +0000 (14:51 +0200)]
s4:kdc: fix the principal names in samba_kdc_update_delegation_info_blob
We need the target service without realm, but the proxy services with realm.
I have a domain with an w2008r2 server and a samba and now both generate
the same S4U_DELEGATION_INFO.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13133
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Wed, 20 Sep 2017 21:05:09 +0000 (23:05 +0200)]
HEIMDAL:kdc: if we don't have an authenticator subkey for S4U2Proxy we need to use the additional tickets key
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13131
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Wed, 20 Sep 2017 21:05:09 +0000 (23:05 +0200)]
HEIMDAL:kdc: decrypt b->enc_authorization_data in tgs_build_reply()
We do this after checking for constraint delegation (S4U2Proxy).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13131
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Wed, 20 Sep 2017 21:05:09 +0000 (23:05 +0200)]
HEIMDAL:kdc: fix memory leak when decryption AuthorizationData
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13131
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Karolin Seeger [Tue, 13 Feb 2018 10:44:18 +0000 (11:44 +0100)]
VERSION: Disable GIT_SNAPSHOT for the 4.6.13 release.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Tue, 13 Feb 2018 10:45:24 +0000 (11:45 +0100)]
VERSION: Bump version up to 4.6.14...
and re-enable GIT_SNAPSHOT.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Tue, 13 Feb 2018 10:43:43 +0000 (11:43 +0100)]
WHATSNEW: Add release notes for Samba 4.6.13.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
David Disseldorp [Thu, 20 Jul 2017 09:10:57 +0000 (11:10 +0200)]
build: fix ceph_statx check when configured with libcephfs_dir
When configured with a custom libcephfs_dir, the ceph_statx check fails
to link. This is due to the location of the ceph-common dependency,
which is installed under a ceph subdirectory.
ceph/build > make DESTDIR=./inst install
...
ceph/build > find inst/|grep -e /libcephfs -e /libceph-common
inst/usr/local/lib64/ceph/libceph-common.so.0
inst/usr/local/lib64/ceph/libceph-common.so
inst/usr/local/lib64/libcephfs.so.2.0.0
inst/usr/local/lib64/libcephfs.so.2
inst/usr/local/lib64/libcephfs.so
inst/usr/local/include/cephfs/libcephfs.h
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13250
Signed-off-by: David Disseldorp <ddiss@suse.de>
Reviewed-by: Jeff Layton <jlayton@samba.org>
(cherry picked from commit
ff7df3d3f5259362a6bb6780d6b532e57e89681d)
Autobuild-User(v4-6-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-6-test): Tue Feb 13 13:36:13 CET 2018 on sn-devel-144
Ralph Boehme [Wed, 6 Dec 2017 21:09:52 +0000 (22:09 +0100)]
vfs_fruit: set delete-on-close for empty finderinfo
We previously removed the stream from the underlying filesystem stream
backing store when the client zeroes out FinderInfo in the AFP_AfpInfo
stream, but this causes certain operations to fail (eg stat) when trying
to access the stream over any file-handle open on that stream.
So instead of deleting, set delete-on-close on the stream. The previous
commit already implemented not to list list streams with delete-on-close
set which is necessary to implemenent correct macOS semantics for this
particular stream.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13181
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Jan 9 17:09:12 CET 2018 on sn-devel-144
(backported from commit
e61e9e98e9ff461055daae2fe78f0202f7ed8663)
Autobuild-User(v4-6-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-6-test): Thu Jan 25 19:25:24 CET 2018 on sn-devel-144
Ralph Boehme [Thu, 7 Dec 2017 16:32:35 +0000 (17:32 +0100)]
vfs_fruit: filter out AFP_AfpInfo streams with pending delete-on-close
This is in preperation of fixing the implementation of removing the
AFP_AfpInfo stream by zeroing the FinderInfo out.
We currently remove the stream blob from the underyling filesystem
backing store, but that results in certain operations to fail on any
still open file-handle.
The fix comes in the next commit which will convert to backing store
delete operation to a set delete-on-close on the stream.
This commit adds filtering on streams that have the delete-on-close
set. It is only needed for the fruit:metadata=stream case, as with
fruit:metadata=netatalk the filtering is already done in
fruit_streaminfo_meta_netatalk().
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13181
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
70d8f7c5d25f35b58620c2db8f57c7c0758267b3)
Ralph Boehme [Thu, 7 Dec 2017 13:56:36 +0000 (14:56 +0100)]
vfs_fruit: factor out delete_invalid_meta_stream() from fruit_streaminfo_meta_stream()
No change in behaviour, just some refactoring before adding more code to
fruit_streaminfo_meta_stream() in the next commit.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13181
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(backported from commit
c41e1ea9247611473d30184efd953c61955ead15)
Ralph Boehme [Thu, 7 Dec 2017 12:43:02 +0000 (13:43 +0100)]
s4/torture/fruit: enhance zero AFP_AfpInfo stream test
This test more operations in the zeroed out FinderInfo test, ensuring
after zeroing out FinderInfo, operations on the filehandle still work
and that enumerating streams doesn't return the stream anymore.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13181
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(backported from commit
df31e94eb6241f5e5594f6fd0ec1ad7896e02e27)
Ralph Boehme [Wed, 6 Dec 2017 21:05:23 +0000 (22:05 +0100)]
s4/torture/fruit: ensure AFP_AfpInfo blobs are 0-initialized
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13181
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
a22833c2971dc7234b32741305f40ed62e232e0b)
David Disseldorp [Wed, 10 Jan 2018 13:03:09 +0000 (14:03 +0100)]
vfs_default: use VFS statvfs macro in fs_capabilities
Currently the vfs_default fs_capabilities handler calls statvfs
directly, rather than calling the vfs macro. This behaviour may cause
issues for VFS modules that delegate fs_capabilities handling to
vfs_default but offer their own statvfs hook.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13208
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
4b25c9f4a4d336a16894452862ea059701b025de)
Autobuild-User(v4-6-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-6-test): Mon Jan 22 13:14:03 CET 2018 on sn-devel-144
David Disseldorp [Wed, 10 Jan 2018 00:37:14 +0000 (01:37 +0100)]
vfs_ceph: add fs_capabilities hook to avoid local statvfs
Adding the fs_capabilities() hook to the CephFS VFS module avoids
fallback to the vfs_default code-path, which calls statvfs() against the
share path on the *local* filesystem.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13208
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
2724e0cac29cd1632ea28075a740fcc888affb36)
Jeremy Allison [Wed, 3 Jan 2018 17:52:33 +0000 (09:52 -0800)]
s3: smbd: Use identical logic to test for kernel oplocks on a share.
Due to inconsistent use of lp_kernel_oplocks() we could miss kernel
oplocks being on/off in some of our oplock handling code, and thus
use the wrong logic.
Ensure all logic around koplocks and lp_kernel_oplocks() is consistent.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13193
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Jan 4 16:03:38 CET 2018 on sn-devel-144
(cherry picked from commit
114f5da2fab6f587de77e792274b396fb3d7ce71)
Autobuild-User(v4-6-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-6-test): Fri Jan 5 13:40:55 CET 2018 on sn-devel-144
Christof Schmitt [Wed, 13 Dec 2017 18:34:23 +0000 (11:34 -0700)]
smbd: Fix coredump on failing chdir during logoff
server_exit does an internal tree disconnect which requires a chdir to
the share directory. In case the file system encountered a problem and
the chdir call returns an error, this triggers a SERVER_EXIT_ABNORMAL
which in turn results in a panic and a coredump. As the log already
indicates the problem (chdir returned an error), avoid the
SERVER_EXIT_ABNORMAL in this case and not trigger a coredump.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13189
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Dec 16 01:56:06 CET 2017 on sn-devel-144
(cherry picked from commit
7fa91fc4791d076c609eaf119753e38dd3c50a1c)
Autobuild-User(v4-6-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-6-test): Tue Jan 2 14:01:29 CET 2018 on sn-devel-144
Christof Schmitt [Wed, 13 Dec 2017 19:58:18 +0000 (12:58 -0700)]
selftest: Add test for failing chdir call in smbd
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13189
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
0d3000be2af8f8c4a37892d95ae694ad834d7b3a)
Christof Schmitt [Wed, 13 Dec 2017 19:47:31 +0000 (12:47 -0700)]
selftest: Make location of log file available in tests
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13189
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
b0e1fc74fdacecb86f46b47e527b3fdf1906d27b)
Christof Schmitt [Wed, 13 Dec 2017 18:34:05 +0000 (11:34 -0700)]
selftest: Add share for error injection testing
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13189
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
8b6402f3e5ff98c2701e626e47246b2400f76e5f)
Christof Schmitt [Fri, 8 Dec 2017 22:29:07 +0000 (15:29 -0700)]
vfs_error_inject: Add new module
This module allow injecting errors in vfs calls. It only implements one
case (return ESTALE from chdir), but the idea is to extend this to more
vfs functions and more errors when needed.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13189
Signed-off-by: Christof Schmitt <cs@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
24623d53256c2424563709dedc19af1a106ccc73)
Amitay Isaacs [Wed, 13 Dec 2017 05:12:09 +0000 (16:12 +1100)]
ctdb-recovery-helper: Deregister message handler in error paths
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13188
If PULL_DB control times out but the remote node is still sending the
data, then the tevent_req for pull_database_send will be freed without
removing the message handler. So when the data is received, srvid
handler will be called and it will try to access tevent_req which will
result in use-after-free and abort.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Uri Simchoni [Tue, 5 Dec 2017 18:56:49 +0000 (20:56 +0200)]
sysacls: change datatypes to 32 bits
The SMB_ACL_PERMSET_T and SMB_ACL_PERM_T were defined as
mode_t, which is 16-bits on some (non-Linux) systems. However,
pidl *always* encodes mode_t as uint32_t. That created a bug on
big-endian systems as sys_acl_get_permset() returns a SMB_ACL_PERMSET_T
pointer to an internal a_perm structure member defined in IDL as a mode_t,
which pidl turns into a uin32_t in the emitted header file.
Changing to 32 bits fixes that.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13176
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(back-ported from commit
75e7da9741c529f96fa409655ac5b326a6c071c5)