Swen Schillig [Mon, 26 Nov 2018 19:14:21 +0000 (20:14 +0100)]
waf: Utils package not defined
Fix the package name for the WafError routine.
Signed-off-by: Swen Schillig <swen@linux.ibm.com>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Alexander Bokovoy <ab@samba.org>
Autobuild-Date(master): Tue Dec 4 18:45:38 CET 2018 on sn-devel-144
Tim Beale [Tue, 27 Nov 2018 00:50:32 +0000 (13:50 +1300)]
traffic_replay: Add a max-members option to cap group size
traffic_replay tries to distribute the users among the groups in a
realistic manner - some groups will have almost all users in them.
However, this becomes a problem when testing a really large database,
e.g. we may want 100K users, but no more than 5K users in each group.
This patch adds a max-member option so we can limit how big the groups
actually get.
If we detect that a group exceeds the max-members, we reset the group's
probability (of getting selected) to zero, and then recalculate the
cumulative distribution. The means that the group should no longer get
selected by generate_random_membership(). (Note we can't completely
remove the group from the list because that changes the
list-index-to-group-ID mapping).
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Dec 4 12:22:50 CET 2018 on sn-devel-144
Tim Beale [Mon, 26 Nov 2018 21:47:48 +0000 (10:47 +1300)]
traffic: Rework how assignments are generated slightly
We want to cap the number of members that can be in a group. But first,
we need to tweak how the assignment dict gets generated, so that we get
rid of the intermediary set.
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Tim Beale [Mon, 26 Nov 2018 22:51:51 +0000 (11:51 +1300)]
tests: Add test-case for 'group list --verbose'
Check that the number of members reported is correct.
(This change somehow got left off the
ca570bd4827aa commit that was
actually delivered).
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Tim Beale [Mon, 26 Nov 2018 22:45:51 +0000 (11:45 +1300)]
netcmd: Minor changes to 'group stats' command
These changes were inadvertently left off
0c910245fca70948a3.
(They were made to the 2nd patch-set iteration posted to the
mailing-list, but for some reason the first patch-set got delivered).
Changes are:
+ rework some variable names for better readability
+ Average members defaulted to int, so lost any floating point
precision.
+ Replace 'Min members' (which was fairly meaningless) with 'Median
members per group'.
+ Fix flake8 long line warnings
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Wed, 28 Nov 2018 14:21:56 +0000 (15:21 +0100)]
CVE-2018-14629 dns: fix CNAME loop prevention using counter regression
The loop prevention should only be done for CNAME records!
Otherwise we truncate the answer records for A, AAAA or
SRV queries, which is a bad idea if you have more than 20 DCs.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13600
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Dec 4 08:52:29 CET 2018 on sn-devel-144
Aaron Haslett [Fri, 30 Nov 2018 05:37:27 +0000 (18:37 +1300)]
CVE-2018-14629: Tests to expose regression from dns cname loop fix
These tests expose the regression described by Stefan Metzmacher in
discussion on the bugzilla paged linked below.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13600
Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andreas Schneider [Tue, 27 Nov 2018 07:23:25 +0000 (08:23 +0100)]
s3:lib: Fix undefined behavior in tdb_unpack()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Autobuild-User(master): Gary Lockyer <gary@samba.org>
Autobuild-Date(master): Tue Dec 4 00:23:03 CET 2018 on sn-devel-144
Andreas Schneider [Thu, 22 Nov 2018 12:33:11 +0000 (13:33 +0100)]
s3:lib: Fix undefined behavior in tdb_pack()
util_tdb.c:98:5: runtime error: null pointer passed as argument 2, which
is declared to never be null
This means the second argument of memcpy() can't be NULL.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Andreas Schneider [Fri, 23 Nov 2018 11:00:36 +0000 (12:00 +0100)]
s3:lib: Fix uninitialized variable
util_tdb.c:116:7: error: ‘len’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
buf += len;
^~
../../source3/lib/util_tdb.c:44:6: note: ‘len’ was declared here
int len;
^~~
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Martin Schwenke [Fri, 30 Nov 2018 01:44:26 +0000 (12:44 +1100)]
ctdb-daemon: Exit with error if a database directory does not exist
Since 4.9.0, the log messages can be confusing if a required database
directory does not exist. Explicitly check for database directories,
logging a clear error and exiting if one is missing.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13696
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Mon Dec 3 06:56:41 CET 2018 on sn-devel-144
Ralph Boehme [Fri, 30 Nov 2018 09:27:19 +0000 (10:27 +0100)]
vfs_fruit: avoid dereferencing fsp->base_fsp in fruit_fstat_meta_stream()
This helps avoiding a NULL dereference on systems where additional
patches modify the following condition in open_file()
if ((open_access_mask & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ||
(!file_existed && (local_flags & O_CREAT)) ||
((local_flags & O_TRUNC) == O_TRUNC) ) {
to
if ((open_access_mask & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE|DELETE_ACCESS)) ||
(!file_existed && (local_flags & O_CREAT)) ||
((local_flags & O_TRUNC) == O_TRUNC) ) {
Ie addtionally check open_access_mask against DELETE_ACCESS. As a result
opens with DELETE_ACCESS go through the code that does an fd_open() plus
a subsequent fstat().
That will trigger a crash in fruit_fstat_meta_stream() when a client
wants to delete a file for deletion. When we open base file for delete,
we call open_streams_for_delete() which internally calls create-file
with NTCREATEX_OPTIONS_PRIVATE_STREAM_DELETE which prevents opening of
the base_fsp. Voila, combined with the change described above you get a
NULL deref.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sun Dec 2 07:52:34 CET 2018 on sn-devel-144
Gary Lockyer [Wed, 19 Sep 2018 03:52:15 +0000 (15:52 +1200)]
WHATSNEW: standard process limits
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Nov 30 15:05:04 CET 2018 on sn-devel-144
Gary Lockyer [Thu, 6 Sep 2018 19:04:48 +0000 (07:04 +1200)]
s4 smdb standard: Limit processes forked on accept.
Limit the number of processes started by the standard model on accept.
For those services that support fork on accept, the standard model forks
a new process for each new connection. This patch limits the number of
processes to the value specified in 'max smbd processes', a value of
zero indicates that there is no limit on the number of processes that
can be forked.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Gary Lockyer [Mon, 17 Sep 2018 23:21:40 +0000 (11:21 +1200)]
s4 smbd standard tests: limit forked processes
Tests to confirm the standard process model honours the smbd.conf
variable "max smbd processes", when forking a new process on accept.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 29 Nov 2018 07:12:06 +0000 (08:12 +0100)]
replace: Correctly check for 'extern char **environ' in unistd.h
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Nov 30 11:41:44 CET 2018 on sn-devel-144
Martin Schwenke [Fri, 30 Nov 2018 05:58:47 +0000 (16:58 +1100)]
util: Fix include file order
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Andreas Schneider <asn@samba.org>
Daniel Southward-Ellis [Thu, 29 Nov 2018 22:25:42 +0000 (11:25 +1300)]
Converted README to markdown
Signed-off-by: Daniel Southward-Ellis <danielsouthwardellis@catalyst.net.nz>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Fri Nov 30 07:07:36 CET 2018 on sn-devel-144
Olly Betts [Tue, 27 Nov 2018 20:09:51 +0000 (09:09 +1300)]
Add simple tests for net rpc share allowedusers
Signed-off-by: Olly Betts <olly@survex.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Olly Betts [Tue, 23 Oct 2018 00:46:38 +0000 (13:46 +1300)]
Fix net rpc share allowedusers short description
This command allows one to list allowed users, not modify them.
Signed-off-by: Olly Betts <olly@survex.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Olly Betts [Tue, 1 May 2018 02:37:08 +0000 (14:37 +1200)]
net rpc share allowedusers: Allow restricting shares
The help already implies that you can specify "targets" for net rpc
share allowedusers, but actually the tail end of the command line
is just ignored.
This patch allows a list of shares to be specified, and only those
shares are checked, which can be much faster if you're only interested
in a few shares on a server which exports lots.
This subcommand already accepts an optional filename for the output
of net usersidlist, with a default of stdin. Typically you'd just pipe
one command to the other so stdin is most likely what you want. This
patch adds support for a filename of "-" to mean stdin so that you can
specify stdin explicitly when you provide a list of shares, since in
this case the filename can't be omitted.
Signed-off-by: Olly Betts <olly@survex.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Olly Betts [Tue, 27 Nov 2018 22:10:17 +0000 (11:10 +1300)]
Fix spelling mistakes
Signed-off-by: Olly Betts <olly@survex.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Olly Betts [Tue, 23 Oct 2018 22:46:11 +0000 (11:46 +1300)]
New testcase samba3.blackbox.net_rpc_join_creds
Tests that you can now use a credentials file with net.
Signed-off-by: Olly Betts <olly@survex.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Olly Betts [Tue, 1 May 2018 01:19:58 +0000 (13:19 +1200)]
net: Add support for a credentials file
Add support for the same -A authfile/--authentication-file authfile
option that most of the other tools already do.
Signed-off-by: Olly Betts <olly@survex.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Anoop C S [Fri, 23 Nov 2018 08:41:45 +0000 (14:11 +0530)]
s3/testparm: Reduce debug level to 1
Adhere to what we document in manual page for testparm that default
debug level is set to reasonable value 1.
Signed-off-by: Anoop C S <anoopcs@redhat.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Nov 29 11:52:22 CET 2018 on sn-devel-144
Andreas Schneider [Wed, 21 Nov 2018 10:38:24 +0000 (11:38 +0100)]
s4:torture: Use #ifdef instead of #if for config.h definitions
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Autobuild-User(master): Gary Lockyer <gary@samba.org>
Autobuild-Date(master): Thu Nov 29 02:20:48 CET 2018 on sn-devel-144
Andreas Schneider [Wed, 21 Nov 2018 10:37:26 +0000 (11:37 +0100)]
s4:smbd: Use #ifdef instead of #if for config.h definitions
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Andreas Schneider [Wed, 21 Nov 2018 10:36:23 +0000 (11:36 +0100)]
s4:ntvfs: Use #ifdef instead of #if for config.h definitions
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Andreas Schneider [Wed, 21 Nov 2018 10:33:51 +0000 (11:33 +0100)]
s4:lib: Use #ifdef instead of #if for config.h definitions
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Andreas Schneider [Tue, 20 Nov 2018 14:58:28 +0000 (15:58 +0100)]
s3:winbindd: Use #ifdef instead of #if for config.h definitions
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Andreas Schneider [Tue, 20 Nov 2018 14:57:51 +0000 (15:57 +0100)]
s3:utils: Use #ifdef instead of #if for config.h definitions
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Andreas Schneider [Tue, 20 Nov 2018 14:57:09 +0000 (15:57 +0100)]
s3:smbd: Use #ifdef instead of #if for config.h definitions
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Andreas Schneider [Tue, 20 Nov 2018 14:56:14 +0000 (15:56 +0100)]
s3:rpc_server: Use #ifdef instead of #if for config.h definitions
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Andreas Schneider [Tue, 20 Nov 2018 14:55:43 +0000 (15:55 +0100)]
s3:nmbd: Use #ifdef instead of #if for config.h definitions
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Andreas Schneider [Tue, 20 Nov 2018 14:54:28 +0000 (15:54 +0100)]
s3:modules: Use #ifdef instead of #if for config.h definitions
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Andreas Schneider [Tue, 20 Nov 2018 14:53:23 +0000 (15:53 +0100)]
s3:libsmb: Use #ifdef instead of #if for config.h definitions
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Andreas Schneider [Tue, 20 Nov 2018 13:14:07 +0000 (14:14 +0100)]
s3:libads: Use #ifdef instead of #if for config.h definitions
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Andreas Schneider [Tue, 20 Nov 2018 13:12:49 +0000 (14:12 +0100)]
s3:lib: Use #ifdef instead of #if for config.h definitions
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Andreas Schneider [Tue, 20 Nov 2018 13:12:23 +0000 (14:12 +0100)]
s3:include: Use #ifdef instead of #if for config.h definitions
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Andreas Schneider [Tue, 20 Nov 2018 13:11:39 +0000 (14:11 +0100)]
s3:ldap: Use #ifdef instead of #if for config.h definitions
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Andreas Schneider [Tue, 20 Nov 2018 13:10:36 +0000 (14:10 +0100)]
s3:auth: Use #ifdef instead of #if for config.h definitions
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Andreas Schneider [Tue, 20 Nov 2018 13:08:31 +0000 (14:08 +0100)]
nss_winbind: Use #ifdef instead of #if for config.h definitions
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Andreas Schneider [Tue, 20 Nov 2018 13:08:05 +0000 (14:08 +0100)]
wins: Use #ifdef instead of #if for config.h definitions
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Andreas Schneider [Tue, 20 Nov 2018 13:07:39 +0000 (14:07 +0100)]
wbclient: Use #ifdef instead of #if for config.h definitions
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Andreas Schneider [Tue, 20 Nov 2018 13:06:48 +0000 (14:06 +0100)]
krb5_plugin: Use #ifdef instead of #if for config.h definitions
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Andreas Schneider [Tue, 20 Nov 2018 13:06:21 +0000 (14:06 +0100)]
libcli:smbreadline: Use #ifdef instead of #if for config.h definitions
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Andreas Schneider [Tue, 20 Nov 2018 13:05:39 +0000 (14:05 +0100)]
libcli:smb: Use #ifdef instead of #if for config.h definitions
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Andreas Schneider [Wed, 21 Nov 2018 17:24:59 +0000 (18:24 +0100)]
lib:util: Avoid name confusion with config.h
The HAVE_* is normally used for config.h definitions, so rename it to
USE_ASM_BYTEORDER.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Andreas Schneider [Tue, 20 Nov 2018 13:01:20 +0000 (14:01 +0100)]
lib:util: Use #ifdef instead of #if for config.h definitions
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Andreas Schneider [Tue, 20 Nov 2018 13:00:39 +0000 (14:00 +0100)]
tdb: Use #ifdef instead of #if for config.h definitions
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Andreas Schneider [Tue, 20 Nov 2018 12:57:48 +0000 (13:57 +0100)]
replace: Use #ifdef instead of #if for config.h definitions
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Andreas Schneider [Tue, 20 Nov 2018 12:57:13 +0000 (13:57 +0100)]
krb5_wrap: Use #ifdef instead of #if for config.h definitions
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Andreas Schneider [Tue, 20 Nov 2018 12:55:49 +0000 (13:55 +0100)]
ctdb: Use #ifdef instead of #if for config.h definitions
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Andreas Schneider [Tue, 20 Nov 2018 11:11:43 +0000 (12:11 +0100)]
autobuild: Add _FORTIFY_SOURCE=2 to the -O3 build
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Andreas Schneider [Tue, 20 Nov 2018 11:09:31 +0000 (12:09 +0100)]
wafsamba: Do not always set _FORTIFY_SOURCE=2
This requires to be compiled with optimization (-O).
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Andreas Schneider [Tue, 20 Nov 2018 11:06:13 +0000 (12:06 +0100)]
s3: Remove unsused MMAP_BLACKLIST ifdef checks
This doesn't get defined by anything.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Andreas Schneider [Tue, 20 Nov 2018 11:01:32 +0000 (12:01 +0100)]
lib:replace: Check if HAVE_DECL_ENVIRON is defined first
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Volker Lendecke [Wed, 21 Nov 2018 13:55:10 +0000 (14:55 +0100)]
krb5_wrap: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Nov 28 21:15:31 CET 2018 on sn-devel-144
Volker Lendecke [Tue, 20 Nov 2018 16:03:17 +0000 (17:03 +0100)]
auth: Align integer types
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Tue, 20 Nov 2018 12:38:05 +0000 (13:38 +0100)]
lib: Align integer types
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Tue, 20 Nov 2018 16:45:11 +0000 (17:45 +0100)]
krb5_wrap: Add a talloc_ctx to smb_krb5_principal_get_realm()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 21 Nov 2018 14:30:29 +0000 (15:30 +0100)]
credentials: Remove an unnecessary talloc_steal()
ccc was already allocated off cred, this talloc_steal was a no-op.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 21 Nov 2018 14:28:42 +0000 (15:28 +0100)]
credentials: Fix set_ccache with empty creds cache
This is an extension of
bb2f7e3aee7e9b8: Without this fix in the
"empty ccache" case we never set cred->ccache, so the whole call to
cli_credentials_set_ccache became pointless
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 21 Nov 2018 14:24:24 +0000 (15:24 +0100)]
credentials: Fix an error path memleak
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 21 Nov 2018 16:36:35 +0000 (17:36 +0100)]
credentials: Only do shallow copies of valid ccaches
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Tue, 20 Nov 2018 14:50:52 +0000 (15:50 +0100)]
tfork: add a README how to run test torture test under valgrind
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Nov 28 15:57:43 CET 2018 on sn-devel-144
Ralph Boehme [Tue, 20 Nov 2018 15:03:03 +0000 (16:03 +0100)]
tfork: add a suppresssions file for drd
drd reports:
initialized twice: cond 0x514f188
at 0x4C3A399: pthread_cond_init_intercept (drd_pthread_intercepts.c:1022)
by 0x4C3A399: pthread_cond_init@* (drd_pthread_intercepts.c:1030)
by 0x50F3FF3: tfork_atfork_child (tfork.c:250)
by 0x9A4B95D: fork (fork.c:204)
by 0x50F4834: tfork_start_waiter_and_worker (tfork.c:581)
by 0x50F4CDB: tfork_create (tfork.c:780)
by 0x2F7469: tfork_thread (tfork.c:431)
by 0x4C358F8: vgDrd_thread_wrapper (drd_pthread_intercepts.c:444)
by 0x8D46593: start_thread (pthread_create.c:463)
by 0x9A7EE6E: clone (clone.S:95)
cond 0x514f188 was first observed at:
at 0x4C3A399: pthread_cond_init_intercept (drd_pthread_intercepts.c:1022)
by 0x4C3A399: pthread_cond_init@* (drd_pthread_intercepts.c:1030)
by 0x50F413A: tfork_global_initialize (tfork.c:287)
by 0x8D4DEA6: __pthread_once_slow (pthread_once.c:116)
by 0x4C377FD: pthread_once_intercept (drd_pthread_intercepts.c:800)
by 0x4C377FD: pthread_once (drd_pthread_intercepts.c:806)
by 0x50F4C0E: tfork_create (tfork.c:743)
by 0x2F7469: tfork_thread (tfork.c:431)
by 0x4C358F8: vgDrd_thread_wrapper (drd_pthread_intercepts.c:444)
by 0x8D46593: start_thread (pthread_create.c:463)
by 0x9A7EE6E: clone (clone.S:95)
This is intentional, the reinit is in a child process. Cf the comment in
tfork.c.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Mon, 19 Nov 2018 14:18:34 +0000 (15:18 +0100)]
tfork: add a suppresssions file for helgrind
tfork_atexit_unknown[1|2]:
No idea what triggers this, definitely not tfork itself.
tfork_pthread_get_specific:
Helgrind reports:
Possible data race during read of size 4 at 0x5141304 by thread #3
Locks held: none
at 0x50E602E: tfork_global_get (tfork.c:301)
by 0x50E69B1: tfork_create (tfork.c:737)
by 0x2F7419: tfork_thread (tfork.c:431)
by 0x4C35AC5: mythread_wrapper (hg_intercepts.c:389)
by 0x8D38593: start_thread (pthread_create.c:463)
by 0x9A70E6E: clone (clone.S:95)
This conflicts with a previous write of size 4 by thread #2
Locks held: none
at 0x8D3F7B7: pthread_key_create (pthread_key_create.c:41)
by 0x50E5F79: tfork_global_initialize (tfork.c:280)
by 0x8D3FEA6: __pthread_once_slow (pthread_once.c:116)
by 0x50E6999: tfork_create (tfork.c:728)
by 0x2F7419: tfork_thread (tfork.c:431)
by 0x4C35AC5: mythread_wrapper (hg_intercepts.c:389)
by 0x8D38593: start_thread (pthread_create.c:463)
by 0x9A70E6E: clone (clone.S:95)
Location 0x5141304 is 0 bytes inside global var "tfork_global_key"
declared at tfork.c:122
This is nonsense, tfork_global_get() calls pthread_getspecific, so
we're looking at the pthread_key_create()/pthread_[g|s]etspecific()
API here which works with threads by design.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Mon, 19 Nov 2018 22:07:55 +0000 (23:07 +0100)]
tfork: TFORK_ANNOTATE_BENIGN_RACE
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Mon, 19 Nov 2018 15:47:33 +0000 (16:47 +0100)]
tfork/test: ensure all threads start with SIGCHLD unblocked
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Tim Beale [Tue, 13 Nov 2018 00:22:41 +0000 (13:22 +1300)]
CVE-2018-16857 dsdb/util: Add better default lockOutObservationWindow
Clearly the lockOutObservationWindow value is important, and using a
default value of zero doesn't work very well.
This patch adds a better default value (the domain default setting of 30
minutes).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13683
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Wed Nov 28 11:31:14 CET 2018 on sn-devel-144
Tim Beale [Tue, 13 Nov 2018 00:19:04 +0000 (13:19 +1300)]
CVE-2018-16857 dsdb/util: Fix lockOutObservationWindow for PSOs
Fix a remaining place where we were trying to read the
msDS-LockoutObservationWindow as an int instead of an int64.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13683
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Tim Beale [Mon, 12 Nov 2018 23:24:16 +0000 (12:24 +1300)]
CVE-2018-16857 dsdb/util: Correctly treat lockOutObservationWindow as 64-bit int
Commit
442a38c918ae1666b35 refactored some code into a new
get_lockout_observation_window() function. However, in moving the code,
an ldb_msg_find_attr_as_int64() inadvertently got converted to a
ldb_msg_find_attr_as_int().
ldb_msg_find_attr_as_int() will only work for values up to -
2147483648
(about 3.5 minutes in MS timestamp form). Unfortunately, the automated
tests used a low enough timeout that they still worked, however,
password lockout would not work with the Samba default settings.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13683
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Tim Beale [Mon, 12 Nov 2018 22:49:56 +0000 (11:49 +1300)]
CVE-2018-16857 tests: Sanity-check password lockout works with default values
Sanity-check that when we use the default lockOutObservationWindow that
user lockout actually works.
The easiest way to do this is to reuse the _test_login_lockout()
test-case, but stop at the point where we wait for the lockout duration
to expire (because we don't want the test to wait 30 mins).
This highlights a problem currently where the default values don't work.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13683
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Isaac Boukris [Wed, 7 Nov 2018 20:53:35 +0000 (22:53 +0200)]
CVE-2018-16853: fix crash in expired passowrd case
When calling encode_krb5_padata_sequence() make sure to
pass a null terminated array as required.
Fixes expired passowrd case in samba4.blackbox.kinit test.
Signed-off-by: Isaac Boukris <iboukris@gmail.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andreas Schneider [Wed, 28 Sep 2016 05:22:32 +0000 (07:22 +0200)]
CVE-2018-16853: Do not segfault if client is not set
This can be triggered with FAST but we don't support this yet.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13571
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Isaac Boukris [Sat, 18 Aug 2018 13:01:59 +0000 (16:01 +0300)]
CVE-2018-16853: Add a test to verify s4u2self doesn't crash
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13571
Signed-off-by: Isaac Boukris <iboukris@gmail.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Isaac Boukris [Fri, 17 Aug 2018 21:40:30 +0000 (00:40 +0300)]
CVE-2018-16853: The ticket in check_policy_as can actually be a TGS
This happens when we are called from S4U2Self flow, and in that case
kdcreq->client is NULL. Use the name from client entry instead.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13571
Signed-off-by: Isaac Boukris <iboukris@gmail.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Isaac Boukris [Sat, 18 Aug 2018 12:32:43 +0000 (15:32 +0300)]
CVE-2018-16853: Fix kinit test on system lacking ldbsearch
By fixing bindir variable name.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13571
Signed-off-by: Isaac Boukris <iboukris@gmail.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Tue, 6 Nov 2018 00:40:48 +0000 (13:40 +1300)]
CVE-2018-16853 WHATSNEW: The Samba AD DC, when build with MIT Kerberos is experimental
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13678
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Andrew Bartlett [Tue, 6 Nov 2018 00:32:05 +0000 (13:32 +1300)]
CVE-2018-16853 build: The Samba AD DC, when build with MIT Kerberos is experimental
This matches https://wiki.samba.org/index.php/Running_a_Samba_AD_DC_with_MIT_Kerberos_KDC
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13678
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Gary Lockyer [Wed, 7 Nov 2018 02:08:04 +0000 (15:08 +1300)]
CVE-2018-16852 dcerpc dnsserver: refactor common properties handling
dnsserver_common.c and dnsutils.c both share similar code to process
zone properties. This patch extracts the common code and moves it to
dnsserver_common.c.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13669
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Gary Lockyer [Mon, 5 Nov 2018 23:16:30 +0000 (12:16 +1300)]
CVE-2018-16852 dcerpc dnsserver: Ensure properties are handled correctly
Fixes for
Bug 13669 - (CVE-2018-16852) NULL
pointer de-reference in Samba AD DC DNS management
The presence of the ZONE_MASTER_SERVERS property or the
ZONE_SCAVENGING_SERVERS property in a zone record causes the server to
follow a null pointer and terminate.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13669
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Gary Lockyer [Mon, 5 Nov 2018 23:10:07 +0000 (12:10 +1300)]
CVE-2018-16852 dcerpc dnsserver: Verification tests
Tests to verify
Bug 13669 - (CVE-2018-16852) NULL
pointer de-reference in Samba AD DC DNS management
The presence of the ZONE_MASTER_SERVERS property or the
ZONE_SCAVENGING_SERVERS property in a zone record causes the server to
follow a null pointer and terminate.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13669
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Garming Sam [Mon, 5 Nov 2018 03:18:18 +0000 (16:18 +1300)]
CVE-2018-16851 ldap_server: Check ret before manipulating blob
In the case of hitting the talloc ~256MB limit, this causes a crash in
the server.
Note that you would actually need to load >256MB of data into the LDAP.
Although there is some generated/hidden data which would help you reach that
limit (descriptors and RMD blobs).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13674
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Wed, 24 Oct 2018 02:41:28 +0000 (15:41 +1300)]
CVE-2018-16841 selftest: Check for mismatching principal in certficate compared with principal in AS-REQ
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13628
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Andrew Bartlett [Tue, 23 Oct 2018 04:33:46 +0000 (17:33 +1300)]
CVE-2018-16841 heimdal: Fix segfault on PKINIT with mis-matching principal
In Heimdal KRB5_KDC_ERR_CLIENT_NAME_MISMATCH is an enum, so we tried to double-free
mem_ctx.
This was introduced in
9a0263a7c316112caf0265237bfb2cfb3a3d370d for the
MIT KDC effort.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13628
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Aaron Haslett [Tue, 23 Oct 2018 04:25:51 +0000 (17:25 +1300)]
CVE-2018-14629 dns: CNAME loop prevention using counter
Count number of answers generated by internal DNS query routine and stop at
20 to match Microsoft's loop prevention mechanism.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13600
Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Aaron Haslett [Mon, 22 Oct 2018 22:52:07 +0000 (11:52 +1300)]
dns: prevent self-referencing CNAME
Stops the user from adding a self-referencing CNAME over RPC, which is an easy
mistake to make with samba-tool.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13600
Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Volker Lendecke [Mon, 26 Nov 2018 15:21:16 +0000 (16:21 +0100)]
notifyd: Improve a debug message
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Nov 27 21:42:24 CET 2018 on sn-devel-144
Volker Lendecke [Sat, 24 Nov 2018 12:25:25 +0000 (13:25 +0100)]
winbind: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Nov 27 10:38:11 CET 2018 on sn-devel-144
Volker Lendecke [Sat, 24 Nov 2018 12:16:56 +0000 (13:16 +0100)]
libcli: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 24 Nov 2018 12:16:56 +0000 (13:16 +0100)]
libcli: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 24 Nov 2018 12:14:23 +0000 (13:14 +0100)]
idmap_cache: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 23 Nov 2018 08:03:13 +0000 (09:03 +0100)]
winbind: Fix "wbint_Principals" definition
A signed integer does not make any sense for an IDL array length
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 23 Nov 2018 07:58:59 +0000 (08:58 +0100)]
winbind: Use dom_sid_str_buf
Also fix a DBG format string specifier
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 23 Nov 2018 07:55:13 +0000 (08:55 +0100)]
winbind: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 23 Nov 2018 07:53:45 +0000 (08:53 +0100)]
winbind: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 23 Nov 2018 07:50:47 +0000 (08:50 +0100)]
libgpo: Align integer types
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 23 Nov 2018 07:49:44 +0000 (08:49 +0100)]
libgpo: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>