sfrench/samba-autobuild/.git
4 years agolib: dns: Clean up allocated structure on error exit.
Jeremy Allison [Fri, 22 Apr 2016 00:35:37 +0000 (17:35 -0700)]
lib: dns: Clean up allocated structure on error exit.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Richard Sharpe <rsharpe@samba.org>
4 years agopdb_ldap: Don't use autofree if "mods" still changes
Volker Lendecke [Fri, 4 Mar 2016 09:51:33 +0000 (10:51 +0100)]
pdb_ldap: Don't use autofree if "mods" still changes

This will prevent some use-after-free's, potentially it might for example fix
bugzilla 11851. Not directly related, but it's a crash related to ldap-backed
user creation.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
4 years agonss_wins: Fix the hostent setup
Tom Mortensen [Sat, 16 Apr 2016 08:57:12 +0000 (10:57 +0200)]
nss_wins: Fix the hostent setup

This can never have been tested....

Signed-off-by: Tom Mortensen <tomm@lime-technology.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
4 years agonss_wins: ip_pton expects the raw IP address
Tom Mortensen [Sat, 16 Apr 2016 08:57:12 +0000 (10:57 +0200)]
nss_wins: ip_pton expects the raw IP address

Signed-off-by: Tom Mortensen <tomm@lime-technology.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
4 years agodbcheck: Avoid pathological behaviour in operational module
Garming Sam [Wed, 20 Apr 2016 03:25:45 +0000 (15:25 +1200)]
dbcheck: Avoid pathological behaviour in operational module

Because replPropertyMetadata was repeated for every object in the
database, the attrs list became very long.

This single line saves 20% of the time for make test TESTS=dbcheck.

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Wed Apr 20 09:12:47 CEST 2016 on sn-devel-144

4 years agocleanupd: restart as needed
Ralph Boehme [Tue, 19 Apr 2016 10:55:19 +0000 (12:55 +0200)]
cleanupd: restart as needed

Bug: https://bugzilla.samba.org/show_bug.cgi?id=11855

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Apr 19 20:35:33 CEST 2016 on sn-devel-144

4 years agolibads: record session expiry for spnego sasl binds
Uri Simchoni [Mon, 18 Apr 2016 20:08:38 +0000 (23:08 +0300)]
libads: record session expiry for spnego sasl binds

With the move to gensec-based spnego, record the session expiry
in tgs_expire, so that libads users such as winbindd can use this info
to determine how long to keep the connection.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11852

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Uri Simchoni <uri@samba.org>
Autobuild-Date(master): Tue Apr 19 16:53:57 CEST 2016 on sn-devel-144

4 years agoprinting: handle "printcap cache time" change on HUP
David Disseldorp [Mon, 18 Apr 2016 16:48:43 +0000 (18:48 +0200)]
printing: handle "printcap cache time" change on HUP

Reschedule the housekeeping event on SIGHUP and conf reload.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Apr 19 13:14:20 CEST 2016 on sn-devel-144

4 years agoprinting: use housekeeping period that matches cache time
David Disseldorp [Mon, 18 Apr 2016 16:48:42 +0000 (18:48 +0200)]
printing: use housekeeping period that matches cache time

The printcap housekeeping callback is scheduled to run every 60 seconds,
and invokes pcap_cache_reload() to reload of the printcap cache *if* the
"printcap cache time" period has expired.

Given that pcap_cache_reload() invocation is the only job of the
housekeeping callback, it makes much more sense to schedule it every
"printcap cache time" seconds, rather than every 60 seconds.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
4 years agos4:libcli:smb2: Use constant time memcmp() to verify the signature
Andreas Schneider [Fri, 1 Apr 2016 08:16:25 +0000 (10:16 +0200)]
s4:libcli:smb2: Use constant time memcmp() to verify the signature

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
4 years agolibcli:smb2: Use constant time memcmp() to verify the signature
Andreas Schneider [Fri, 1 Apr 2016 08:15:39 +0000 (10:15 +0200)]
libcli:smb2: Use constant time memcmp() to verify the signature

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
4 years agoutil: Add memcmp_const_time()
Andreas Schneider [Fri, 1 Apr 2016 08:09:45 +0000 (10:09 +0200)]
util: Add memcmp_const_time()

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
4 years agotests/passwords: fix a typo
Garming Sam [Wed, 13 Apr 2016 04:35:53 +0000 (16:35 +1200)]
tests/passwords: fix a typo

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Tue Apr 19 07:54:35 CEST 2016 on sn-devel-144

4 years agotests/dsdb: Verify that only a new ldb affects reads of userPassword
Garming Sam [Mon, 22 Feb 2016 00:33:01 +0000 (13:33 +1300)]
tests/dsdb: Verify that only a new ldb affects reads of userPassword

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11853

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
4 years agodsdb: Only re-query dSHeuristics for userPassword support on modifies
Andrew Bartlett [Fri, 12 Feb 2016 02:53:37 +0000 (15:53 +1300)]
dsdb: Only re-query dSHeuristics for userPassword support on modifies

We keep the database startup value for search behaviour, as to re-check
is too expensive.  It caused every search to have an additional
search to the database.

We do not need to check as_system when setting ac->userPassword
as this is checked when all password attributes are stripped

As userPassword is not written to after fUserPwdSupport is set
we do not expose any data that was not already visible.

The database overhead was an oversight when this was
originally added with 7f171a9e0f9b5945bd16a1330ba0908090659030
in 2010.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11853

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
4 years agotests/rodc: Check that preload will skip broken users
Garming Sam [Thu, 14 Apr 2016 22:45:05 +0000 (10:45 +1200)]
tests/rodc: Check that preload will skip broken users

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Mon Apr 18 07:40:07 CEST 2016 on sn-devel-144

4 years agorodc: Allow RODC preload to continue with invalid users
Garming Sam [Thu, 14 Apr 2016 21:59:11 +0000 (09:59 +1200)]
rodc: Allow RODC preload to continue with invalid users

Either the user may be missing from the database, or the user is not
included in the RODC password replication group.

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
4 years agoctdb-tools: Remove simple uses of strcpy(3)
Martin Schwenke [Fri, 15 Apr 2016 04:52:45 +0000 (14:52 +1000)]
ctdb-tools: Remove simple uses of strcpy(3)

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Sun Apr 17 17:37:06 CEST 2016 on sn-devel-144

4 years agoctdb-scripts: Use ss instead of netstat for finding TCP connections
Martin Schwenke [Thu, 27 Aug 2015 03:22:49 +0000 (13:22 +1000)]
ctdb-scripts: Use ss instead of netstat for finding TCP connections

ss with a filter is much faster than post-processing output from
netstat.  CTDB already has a hard dependency on iproute2 for IP
address handling, so depending on ss is no big deal.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
4 years agoctdb-scripts: Missing NFS thread count file should just produce warning
Martin Schwenke [Wed, 9 Mar 2016 22:12:33 +0000 (09:12 +1100)]
ctdb-scripts: Missing NFS thread count file should just produce warning

This currently causes monitor failure.

Log a warning instead.  If there is a transient issue, such as NFS
being restarted in the background, then the thread count file should
be there the next time around so the count can be adjusted if
necessary.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
4 years agoctdb-daemon: Log a message when fork(2) fails
Martin Schwenke [Fri, 1 Apr 2016 09:01:51 +0000 (20:01 +1100)]
ctdb-daemon: Log a message when fork(2) fails

It is useful to know what error occurred.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
4 years agowinbind: Base idmap_ad on tldap
Volker Lendecke [Sun, 27 Dec 2015 15:22:22 +0000 (16:22 +0100)]
winbind: Base idmap_ad on tldap

The main reason for this is to do proper connection management. I tried hard,
but I failed trying to slowly migrate the ads_struct based code to something
saner. So I polished tldap, which thanks to metze does proper sasl.

This patch is pretty much a complete rewrite, so looking at it in diff -u
format does not really make sense. Look at the final output.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Apr 15 19:13:39 CEST 2016 on sn-devel-144

4 years agowinbind: handle DC_NOT_FOUND in wb_xids2sids
Volker Lendecke [Tue, 12 Jan 2016 20:21:17 +0000 (21:21 +0100)]
winbind: handle DC_NOT_FOUND in wb_xids2sids

The idmap_ad child is designed to connect to domain controllers on
its own.  Finding a DC is a nontrivial task that the child should not
do on its own, in particular it should not have to connect to "our"
DC's NETLOGON pipe separately. So when idmap_ad finds that it needs to
connect to a DC, it returns NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND. The
parent then asynchronously does the lookup and stores the DC info in
gencache. After that the parent re-does the idmap child call, during
which the child will find the DC-info in gencache.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
4 years agowinbind: handle DC_NOT_FOUND in wb_sids2xids
Volker Lendecke [Tue, 12 Jan 2016 20:21:17 +0000 (21:21 +0100)]
winbind: handle DC_NOT_FOUND in wb_sids2xids

The idmap_ad child is designed to connect to domain controllers on
its own.  Finding a DC is a nontrivial task that the child should not
do on its own, in particular it should not have to connect to "our"
DC's NETLOGON pipe separately. So when idmap_ad finds that it needs to
connect to a DC, it returns NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND. The
parent then asynchronously does the lookup and stores the DC info in
gencache. After that the parent re-does the idmap child call, during
which the child will find the DC-info in gencache.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
4 years agowinbind: Add wb_dsgetdcname_gencache_[gs]et
Volker Lendecke [Thu, 17 Mar 2016 13:27:32 +0000 (14:27 +0100)]
winbind: Add wb_dsgetdcname_gencache_[gs]et

This is a sneaky way to pass the DC info from the parent winbind to children
and other users.

Not sure where exactly to put these routines. For now, put them into the parent
code to find the dcinfo from "our" dc.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
4 years agotldap: Add tldap_gensec_bind
Volker Lendecke [Fri, 18 Dec 2015 15:41:41 +0000 (16:41 +0100)]
tldap: Add tldap_gensec_bind

This enables sasl sign/sealed connections via tldap

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
4 years agotldap: Add tldap_get/set_stream
Volker Lendecke [Sun, 27 Dec 2015 11:37:25 +0000 (12:37 +0100)]
tldap: Add tldap_get/set_stream

This will be used to replace a nonencrypted socket with a sasl sealed one.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
4 years agoidmap_ad: Separate out the nss functions
Volker Lendecke [Tue, 29 Mar 2016 14:03:04 +0000 (16:03 +0200)]
idmap_ad: Separate out the nss functions

The nss functions technically right now are part of the idmap modules. However,
there is no intrinsic reason for this mixture of concerns. I would like to
heavily modify the idmap_ad idmapping functions without modifying the nss
functions (yet!!). So as a first step this patch moves the nss functions
textually out of the way.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
4 years agoMask general purpose signals for notifyd.
Hemanth Thummala [Thu, 14 Apr 2016 20:09:37 +0000 (13:09 -0700)]
Mask general purpose signals for notifyd.

Currently there is no signal handling available for notify daemon.
Signals like SIGHUP and SIGUSR1 can lead to terminate the notify
daemon. Masking these signals for notifyd as we are not handling them.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11840

Signed-off-by: Hemanth Thummala <hemanth.thummala@nutanix.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Apr 15 15:31:19 CEST 2016 on sn-devel-144

4 years agoctdb-daemon: Drop --lvs option and support for CTDB_CAP_LVS
Martin Schwenke [Sun, 10 Apr 2016 22:10:23 +0000 (08:10 +1000)]
ctdb-daemon: Drop --lvs option and support for CTDB_CAP_LVS

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Fri Apr 15 09:35:51 CEST 2016 on sn-devel-144

4 years agoctdb-daemon: Drop --single-public-ip option and related code
Martin Schwenke [Sun, 10 Apr 2016 22:02:36 +0000 (08:02 +1000)]
ctdb-daemon: Drop --single-public-ip option and related code

This has been replaced by scripts.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
4 years agoctdb-scripts: Simplify "ctdb lvs ..." output
Martin Schwenke [Wed, 13 Apr 2016 07:47:45 +0000 (17:47 +1000)]
ctdb-scripts: Simplify "ctdb lvs ..." output

For "master", if there is a master then print the PNN, otherwise print
nothing.

For "list", print the PNN and IP addresses without a colon in between.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
4 years agoctdb-tools: Change ctdb CLI to have a single "lvs" command
Martin Schwenke [Tue, 12 Apr 2016 01:31:41 +0000 (11:31 +1000)]
ctdb-tools: Change ctdb CLI to have a single "lvs" command

This simply calls out to the wrapper, so that commands are changed as
follows:

  ctdb lvsmaster -> ctdb lvs master
  ctdb lvs       -> ctdb lvs list

This provides a simple, extensible interface and means that "ctdb lvs
status" is also available.

Unit tests are streamlined so that there is a single test for each
CTDB state.  Each test does "master", "list" and "status" sub-tests.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
4 years agoctdb-tool: Change ctdb lvs/lvsmaster CLI commands to use ctdb_lvs helper
Martin Schwenke [Fri, 8 Apr 2016 07:14:44 +0000 (17:14 +1000)]
ctdb-tool: Change ctdb lvs/lvsmaster CLI commands to use ctdb_lvs helper

Update tests accordingly.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
4 years agoctdb-scripts: Add monitoring of CTDB_LVS_PUBLIC_IFACE
Martin Schwenke [Thu, 14 Apr 2016 03:35:07 +0000 (13:35 +1000)]
ctdb-scripts: Add monitoring of CTDB_LVS_PUBLIC_IFACE

... and unit tests.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
4 years agoctdb-doc: Add sample LVS configuration
Amitay Isaacs [Thu, 14 Apr 2016 06:30:38 +0000 (16:30 +1000)]
ctdb-doc: Add sample LVS configuration

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
4 years agoctdb-scripts: Call out to ctdb_lvs helper from 91.lvs
Martin Schwenke [Fri, 8 Apr 2016 06:21:08 +0000 (16:21 +1000)]
ctdb-scripts: Call out to ctdb_lvs helper from 91.lvs

To keep this commit comprehensible, 91.lvs and the CTDB CLI tool are
temporarily inconsistent.  The tool will be made consistent in a
subsequent commit.

LVS now uses a configuration file specified by CTDB_LVS_NODES and
supports the same slave-only syntax as CTDB_NATGW_NODES.  LVS also
uses new variable CTDB_LVS_PUBLIC_IFACE instead of
CTDB_PUBLIC_INTERFACE.

Update unit tests and documentation.

Note that the --lvs and --single-public-ip daemon options are no
longer used.  These will be removed and relevant documentation
updated in a subsequent commit.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
4 years agoctdb-scripts: Move ctdb_get_ip_address() to functions file
Martin Schwenke [Fri, 8 Apr 2016 05:53:47 +0000 (15:53 +1000)]
ctdb-scripts: Move ctdb_get_ip_address() to functions file

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
4 years agoctdb-tools: Add new ctdb_lvs helper
Martin Schwenke [Thu, 7 Apr 2016 07:30:28 +0000 (17:30 +1000)]
ctdb-tools: Add new ctdb_lvs helper

This will replace the ctdb CLI tool "lvs" and "lvsmaster" options.  It
also makes LVS daemon support unnecessary.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
4 years agoctdb-scripts: LVS eventscript cleanups
Martin Schwenke [Wed, 6 Apr 2016 20:11:49 +0000 (06:11 +1000)]
ctdb-scripts: LVS eventscript cleanups

Stylistic changes and cleaner code.  No functional changes.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
4 years agoctdb-tests: Add unit tests for LVS eventscript
Martin Schwenke [Wed, 6 Apr 2016 20:18:21 +0000 (06:18 +1000)]
ctdb-tests: Add unit tests for LVS eventscript

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
4 years agoctdb-tests: LVS support for ctdb tool stub
Martin Schwenke [Thu, 7 Apr 2016 03:54:37 +0000 (13:54 +1000)]
ctdb-tests: LVS support for ctdb tool stub

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
4 years agoctdb-tests: Add ipvsadm test stub
Martin Schwenke [Wed, 6 Apr 2016 11:19:37 +0000 (21:19 +1000)]
ctdb-tests: Add ipvsadm test stub

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
4 years agoctdb-tests: Add 32-bit netmask support to "ip addr show" stub
Martin Schwenke [Thu, 7 Apr 2016 02:06:52 +0000 (12:06 +1000)]
ctdb-tests: Add 32-bit netmask support to "ip addr show" stub

In this case do not show broadcast address.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
4 years agoctdb-tests: Add loopback support for "ip link show" stub
Martin Schwenke [Thu, 7 Apr 2016 02:05:33 +0000 (12:05 +1000)]
ctdb-tests: Add loopback support for "ip link show" stub

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
4 years agoctdb-tests: Allow scope to be specified in "ip addr add" stub
Martin Schwenke [Thu, 7 Apr 2016 00:02:09 +0000 (10:02 +1000)]
ctdb-tests: Allow scope to be specified in "ip addr add" stub

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
4 years agoctdb-scripts: Drop "recovered" event from 91.lvs
Martin Schwenke [Thu, 14 Apr 2016 06:26:39 +0000 (16:26 +1000)]
ctdb-scripts: Drop "recovered" event from 91.lvs

Having both "recovered" and "ipreallocated" means that everything
happens twice when there is a recovery.  No need for that.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
4 years agoctdb-scripts: LVS eventscript error redirection improvements
Martin Schwenke [Thu, 7 Apr 2016 03:55:08 +0000 (13:55 +1000)]
ctdb-scripts: LVS eventscript error redirection improvements

Basic error redirection improvements before writing tests.

Deleting the service during "startup" will usually fail because the
service has never been setup, so redirect output to avoid logging an
error.

Similarly, deleting the service in "ipreallocated" will always fail
the first time, which would cause an error to be logged.  Given the
simplicity of the script, there's no sane way to avoid the error
sometimes and log it if it actually matters.  This could potentially
be tidied up in the future by making 91.lvs stateful, in a similar way
to 11.natgw.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
4 years agoctdb-scripts: Drop hardcoded /sbin and /proc paths in LVS eventscript
Martin Schwenke [Wed, 6 Apr 2016 19:50:27 +0000 (05:50 +1000)]
ctdb-scripts: Drop hardcoded /sbin and /proc paths in LVS eventscript

It can now be unit tested.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
4 years agoctdb-scripts: die() should output to stderr
Martin Schwenke [Fri, 8 Apr 2016 07:14:23 +0000 (17:14 +1000)]
ctdb-scripts: die() should output to stderr

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
4 years agos3:libsmb: Fix illegal memory access after memory has been deleted.
Noel Power [Wed, 13 Apr 2016 16:57:31 +0000 (17:57 +0100)]
s3:libsmb: Fix illegal memory access after memory has been deleted.

smbtorture with the libsmbclient test suite produces the following valgrind
trace

==31432== Invalid read of size 8
==31432==    at 0x99B8858: smbc_free_context (libsmb_context.c:260)
==31432==    by 0x5E6401: torture_libsmbclient_opendir (libsmbclient.c:136)
==31432==    by 0x9553F42: wrap_simple_test (torture.c:632)
==31432==    by 0x955366F: internal_torture_run_test (torture.c:442)
==31432==    by 0x95538C3: torture_run_tcase_restricted (torture.c:506)
==31432==    by 0x9553278: torture_run_suite_restricted (torture.c:357)
==31432==    by 0x95531D7: torture_run_suite (torture.c:339)
==31432==    by 0x25FEFF: run_matching (smbtorture.c:93)
==31432==    by 0x260195: torture_run_named_tests (smbtorture.c:143)
==31432==    by 0x261E14: main (smbtorture.c:665)
==31432==  Address 0x18864a70 is 80 bytes inside a block of size 96 free'd
==31432==    at 0x4C2A37C: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==31432==    by 0x99BCC46: SMBC_closedir_ctx (libsmb_dir.c:922)
==31432==    by 0x99C06CA: SMBC_close_ctx (libsmb_file.c:370)
==31432==    by 0x99B8853: smbc_free_context (libsmb_context.c:259)
==31432==    by 0x5E6401: torture_libsmbclient_opendir (libsmbclient.c:136)
==31432==    by 0x9553F42: wrap_simple_test (torture.c:632)
==31432==    by 0x955366F: internal_torture_run_test (torture.c:442)
==31432==    by 0x95538C3: torture_run_tcase_restricted (torture.c:506)
==31432==    by 0x9553278: torture_run_suite_restricted (torture.c:357)
==31432==    by 0x95531D7: torture_run_suite (torture.c:339)
==31432==    by 0x25FEFF: run_matching (smbtorture.c:93)
==31432==    by 0x260195: torture_run_named_tests (smbtorture.c:143)

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11836

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Apr 14 13:24:10 CEST 2016 on sn-devel-144

4 years agos3:libads: sasl wrapped LDAP connections against with kerberos and arcfour-hmac-md5
Stefan Metzmacher [Fri, 8 Apr 2016 08:05:38 +0000 (10:05 +0200)]
s3:libads: sasl wrapped LDAP connections against with kerberos and arcfour-hmac-md5

This fixes a regression in commit 2cb07ba50decdfd6d08271cd2b3d893ff95f5af9
(s3:libads: make use of ads_sasl_spnego_gensec_bind() for GSS-SPNEGO with Kerberos)
that prevents things like 'net ads join' from working against a Windows 2003 domain.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11804

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Apr 12 23:02:56 CEST 2016 on sn-devel-144

4 years agoCVE-2015-5370: s4:selftest: run samba.tests.dcerpc.raw_protocol against ad_dc
Stefan Metzmacher [Fri, 26 Jun 2015 19:05:53 +0000 (21:05 +0200)]
CVE-2015-5370: s4:selftest: run samba.tests.dcerpc.raw_protocol against ad_dc

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
4 years agoCVE-2015-5370: python/samba/tests: add some dcerpc raw_protocol tests
Stefan Metzmacher [Wed, 26 Mar 2014 21:42:19 +0000 (22:42 +0100)]
CVE-2015-5370: python/samba/tests: add some dcerpc raw_protocol tests

These are independent from our client library and allow
testing of invalid pdus.

It can be used like this in standalone mode:

SMB_CONF_PATH=/dev/null SERVER=172.31.9.188 python/samba/tests/dcerpc/raw_protocol.py
or
SMB_CONF_PATH=/dev/null SERVER=172.31.9.188 python/samba/tests/dcerpc/raw_protocol.py -v -f TestDCERPC_BIND.test_invalid_auth_noctx

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
4 years agoCVE-2015-5370: python/samba/tests: add infrastructure to do raw protocol tests for...
Stefan Metzmacher [Wed, 26 Mar 2014 21:42:19 +0000 (22:42 +0100)]
CVE-2015-5370: python/samba/tests: add infrastructure to do raw protocol tests for DCERPC

These are independent from our client library and allow
testing of invalid pdus.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
4 years agoCVE-2015-5370: s4:librpc/rpc: call dcerpc_connection_dead() on protocol errors
Stefan Metzmacher [Tue, 22 Dec 2015 20:13:41 +0000 (21:13 +0100)]
CVE-2015-5370: s4:librpc/rpc: call dcerpc_connection_dead() on protocol errors

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
4 years agoCVE-2015-5370: s3:rpc_client: disconnect connection on protocol errors
Stefan Metzmacher [Tue, 22 Dec 2015 20:23:14 +0000 (21:23 +0100)]
CVE-2015-5370: s3:rpc_client: disconnect connection on protocol errors

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
4 years agoCVE-2015-5370: libcli/smb: use a max timeout of 1 second in tstream_smbXcli_np_destru...
Stefan Metzmacher [Wed, 23 Dec 2015 10:05:45 +0000 (11:05 +0100)]
CVE-2015-5370: libcli/smb: use a max timeout of 1 second in tstream_smbXcli_np_destructor()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
4 years agoCVE-2015-5370: s3:rpc_server: verify auth_context_id in api_pipe_{bind_auth3,alter_co...
Stefan Metzmacher [Tue, 7 Jul 2015 22:01:37 +0000 (00:01 +0200)]
CVE-2015-5370: s3:rpc_server: verify auth_context_id in api_pipe_{bind_auth3,alter_context}

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
4 years agoCVE-2015-5370: s3:rpc_client: verify auth_context_id in rpc_pipe_bind_step_one_done()
Stefan Metzmacher [Tue, 7 Jul 2015 20:51:18 +0000 (22:51 +0200)]
CVE-2015-5370: s3:rpc_client: verify auth_context_id in rpc_pipe_bind_step_one_done()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
4 years agoCVE-2015-5370: s3:librpc/rpc: verify auth_context_id in dcerpc_check_auth()
Stefan Metzmacher [Tue, 7 Jul 2015 22:01:37 +0000 (00:01 +0200)]
CVE-2015-5370: s3:librpc/rpc: verify auth_context_id in dcerpc_check_auth()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
4 years agoCVE-2015-5370: s3:librpc/rpc: make use of auth->auth_context_id in dcerpc_add_auth_fo...
Stefan Metzmacher [Tue, 7 Jul 2015 22:01:37 +0000 (00:01 +0200)]
CVE-2015-5370: s3:librpc/rpc: make use of auth->auth_context_id in dcerpc_add_auth_footer()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
4 years agoCVE-2015-5370: s3:rpc_server: make use of pipe_auth_data->auth_context_id
Stefan Metzmacher [Tue, 7 Jul 2015 22:01:37 +0000 (00:01 +0200)]
CVE-2015-5370: s3:rpc_server: make use of pipe_auth_data->auth_context_id

This is better than using hardcoded values.
We need to use the value the client used in the BIND request.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
4 years agoCVE-2015-5370: s3:rpc_client: make use of pipe_auth_data->auth_context_id
Stefan Metzmacher [Tue, 7 Jul 2015 22:01:37 +0000 (00:01 +0200)]
CVE-2015-5370: s3:rpc_client: make use of pipe_auth_data->auth_context_id

This is better than using hardcoded values.
We need to use auth_context_id = 1 for authenticated
connections, as old Samba server (before this patchset)
will use a hardcoded value of 1.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
4 years agoCVE-2015-5370: s3:librpc/rpc: add auth_context_id to struct pipe_auth_data
Stefan Metzmacher [Tue, 7 Jul 2015 22:01:37 +0000 (00:01 +0200)]
CVE-2015-5370: s3:librpc/rpc: add auth_context_id to struct pipe_auth_data

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
4 years agoCVE-2015-5370: s3:rpc_client: pass struct pipe_auth_data to create_rpc_{bind_auth3...
Stefan Metzmacher [Tue, 7 Jul 2015 22:01:37 +0000 (00:01 +0200)]
CVE-2015-5370: s3:rpc_client: pass struct pipe_auth_data to create_rpc_{bind_auth3,alter_context}()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
4 years agoCVE-2015-5370: s3:rpc_server: don't allow an existing context to be changed in check_...
Stefan Metzmacher [Tue, 7 Jul 2015 11:05:01 +0000 (13:05 +0200)]
CVE-2015-5370: s3:rpc_server: don't allow an existing context to be changed in check_bind_req()

An alter context can't change the syntax of an existing context,
a new context_id will be used for that.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
4 years agoCVE-2015-5370: s3:rpc_server: check the transfer syntax in check_bind_req() first
Stefan Metzmacher [Tue, 7 Jul 2015 11:05:01 +0000 (13:05 +0200)]
CVE-2015-5370: s3:rpc_server: check the transfer syntax in check_bind_req() first

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
4 years agoCVE-2015-5370: s3:librpc/rpc: remove unused dcerpc_pull_dcerpc_auth()
Stefan Metzmacher [Sat, 11 Jul 2015 08:58:07 +0000 (10:58 +0200)]
CVE-2015-5370: s3:librpc/rpc: remove unused dcerpc_pull_dcerpc_auth()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
4 years agoCVE-2015-5370: s3:rpc_server: use DCERPC_NCA_S_PROTO_ERROR FAULTs for protocol errors
Stefan Metzmacher [Wed, 23 Dec 2015 11:38:55 +0000 (12:38 +0100)]
CVE-2015-5370: s3:rpc_server: use DCERPC_NCA_S_PROTO_ERROR FAULTs for protocol errors

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
4 years agoCVE-2015-5370: s3:rpc_server: let a failing BIND mark the connection as broken
Stefan Metzmacher [Wed, 23 Dec 2015 11:38:55 +0000 (12:38 +0100)]
CVE-2015-5370: s3:rpc_server: let a failing BIND mark the connection as broken

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
4 years agoCVE-2015-5370: s3:rpc_server: disconnect the connection after a fatal FAULT pdu
Stefan Metzmacher [Wed, 23 Dec 2015 11:40:58 +0000 (12:40 +0100)]
CVE-2015-5370: s3:rpc_server: disconnect the connection after a fatal FAULT pdu

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
4 years agoCVE-2015-5370: s3:rpc_server: make use of dcerpc_verify_ncacn_packet_header() to...
Stefan Metzmacher [Tue, 7 Jul 2015 14:06:59 +0000 (16:06 +0200)]
CVE-2015-5370: s3:rpc_server: make use of dcerpc_verify_ncacn_packet_header() to verify incoming pdus

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
4 years agoCVE-2015-5370: s3:rpc_server: verify presentation context arrays
Stefan Metzmacher [Tue, 7 Jul 2015 14:06:59 +0000 (16:06 +0200)]
CVE-2015-5370: s3:rpc_server: verify presentation context arrays

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
4 years agoCVE-2015-5370: s3:rpc_server: use 'alter' instead of 'bind' for variables in api_pipe...
Stefan Metzmacher [Tue, 7 Jul 2015 14:06:59 +0000 (16:06 +0200)]
CVE-2015-5370: s3:rpc_server: use 'alter' instead of 'bind' for variables in api_pipe_alter_context()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
4 years agoCVE-2015-5370: s3:rpc_server: ensure that the message ordering doesn't violate the...
Jeremy Allison [Tue, 7 Jul 2015 07:15:39 +0000 (09:15 +0200)]
CVE-2015-5370: s3:rpc_server: ensure that the message ordering doesn't violate the spec

The first pdu is always a BIND.

REQUEST pdus are only allowed once the authentication
is finished.

A simple anonymous authentication is finished after the BIND.
Real authentication may need additional ALTER or AUTH3 exchanges.

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
4 years agoCVE-2015-5370: s3:rpc_server: make sure auth_level isn't changed by alter_context...
Stefan Metzmacher [Tue, 7 Jul 2015 11:05:01 +0000 (13:05 +0200)]
CVE-2015-5370: s3:rpc_server: make sure auth_level isn't changed by alter_context or auth3

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
4 years agoCVE-2015-5370: s3:rpc_server: let a failing auth3 mark the authentication as invalid
Stefan Metzmacher [Tue, 14 Jul 2015 14:18:45 +0000 (16:18 +0200)]
CVE-2015-5370: s3:rpc_server: let a failing auth3 mark the authentication as invalid

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
4 years agoCVE-2015-5370: s3:rpc_server: don't allow auth3 if the authentication was already...
Stefan Metzmacher [Tue, 7 Jul 2015 11:05:01 +0000 (13:05 +0200)]
CVE-2015-5370: s3:rpc_server: don't allow auth3 if the authentication was already finished

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
4 years agoCVE-2015-5370: s3:rpc_server: don't ignore failures of dcerpc_push_ncacn_packet()
Stefan Metzmacher [Tue, 7 Jul 2015 11:05:01 +0000 (13:05 +0200)]
CVE-2015-5370: s3:rpc_server: don't ignore failures of dcerpc_push_ncacn_packet()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
4 years agoCVE-2015-5370: s3:rpc_server: just call pipe_auth_generic_bind() in api_pipe_bind_req()
Stefan Metzmacher [Tue, 7 Jul 2015 11:05:01 +0000 (13:05 +0200)]
CVE-2015-5370: s3:rpc_server: just call pipe_auth_generic_bind() in api_pipe_bind_req()

pipe_auth_generic_bind() does all the required checks already
and an explicit DCERPC_AUTH_TYPE_NONE is not supported.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
4 years agoCVE-2015-5370: s3:rpc_server: let a failing sec_verification_trailer mark the connect...
Stefan Metzmacher [Wed, 23 Dec 2015 11:38:55 +0000 (12:38 +0100)]
CVE-2015-5370: s3:rpc_server: let a failing sec_verification_trailer mark the connection as broken

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
4 years agoCVE-2015-5370: s3:rpc_server: make use of dcerpc_pull_auth_trailer() in api_pipe_...
Stefan Metzmacher [Tue, 7 Jul 2015 11:05:01 +0000 (13:05 +0200)]
CVE-2015-5370: s3:rpc_server: make use of dcerpc_pull_auth_trailer() in api_pipe_{bind_req,alter_context,bind_auth3}()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
4 years agoCVE-2015-5370: s3:rpc_client: verify auth_{type,level} in rpc_pipe_bind_step_one_done()
Stefan Metzmacher [Tue, 7 Jul 2015 20:51:18 +0000 (22:51 +0200)]
CVE-2015-5370: s3:rpc_client: verify auth_{type,level} in rpc_pipe_bind_step_one_done()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
4 years agoCVE-2015-5370: s3:rpc_client: protect rpc_api_pipe_got_pdu() against too large payloads
Stefan Metzmacher [Fri, 10 Jul 2015 12:48:38 +0000 (14:48 +0200)]
CVE-2015-5370: s3:rpc_client: protect rpc_api_pipe_got_pdu() against too large payloads

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
4 years agoCVE-2015-5370: s3:rpc_client: make use of dcerpc_verify_ncacn_packet_header() in...
Stefan Metzmacher [Tue, 7 Jul 2015 11:05:01 +0000 (13:05 +0200)]
CVE-2015-5370: s3:rpc_client: make use of dcerpc_verify_ncacn_packet_header() in cli_pipe_validate_current_pdu()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
4 years agoCVE-2015-5370: s3:rpc_client: make use of dcerpc_pull_auth_trailer()
Stefan Metzmacher [Tue, 7 Jul 2015 11:05:01 +0000 (13:05 +0200)]
CVE-2015-5370: s3:rpc_client: make use of dcerpc_pull_auth_trailer()

The does much more validation than dcerpc_pull_dcerpc_auth().

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
4 years agoCVE-2015-5370: s3:librpc/rpc: let dcerpc_check_auth() auth_{type,level} against the...
Stefan Metzmacher [Thu, 9 Jul 2015 05:59:24 +0000 (07:59 +0200)]
CVE-2015-5370: s3:librpc/rpc: let dcerpc_check_auth() auth_{type,level} against the expected values.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
4 years agoCVE-2015-5370: s3:librpc/rpc: remove auth trailer and possible padding within dcerpc_...
Stefan Metzmacher [Thu, 9 Jul 2015 05:59:24 +0000 (07:59 +0200)]
CVE-2015-5370: s3:librpc/rpc: remove auth trailer and possible padding within dcerpc_check_auth()

This simplifies the callers a lot.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
4 years agoCVE-2015-5370: librpc/rpc: don't allow pkt->auth_length == 0 in dcerpc_pull_auth_trai...
Stefan Metzmacher [Sat, 27 Jun 2015 23:19:57 +0000 (01:19 +0200)]
CVE-2015-5370: librpc/rpc: don't allow pkt->auth_length == 0 in dcerpc_pull_auth_trailer()

All callers should have already checked that.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
4 years agoCVE-2015-5370: s4:rpc_server: reject DCERPC_PFC_FLAG_PENDING_CANCEL with DCERPC_FAULT...
Stefan Metzmacher [Wed, 15 Jul 2015 08:18:13 +0000 (10:18 +0200)]
CVE-2015-5370: s4:rpc_server: reject DCERPC_PFC_FLAG_PENDING_CANCEL with DCERPC_FAULT_NO_CALL_ACTIVE

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
4 years agoCVE-2015-5370: s4:rpc_server: the assoc_group is relative to the connection (association)
Stefan Metzmacher [Wed, 15 Jul 2015 08:18:13 +0000 (10:18 +0200)]
CVE-2015-5370: s4:rpc_server: the assoc_group is relative to the connection (association)

All presentation contexts of a connection use the same association group.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
4 years agoCVE-2015-5370: s4:rpc_server: only allow one fragmented call_id at a time
Stefan Metzmacher [Fri, 17 Jul 2015 03:01:26 +0000 (05:01 +0200)]
CVE-2015-5370: s4:rpc_server: only allow one fragmented call_id at a time

It's a protocol error if the client doesn't send all fragments of
a request in one go.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
4 years agoCVE-2015-5370: s4:rpc_server: limit allocation and alloc_hint to 4 MByte
Stefan Metzmacher [Mon, 29 Jun 2015 12:18:09 +0000 (14:18 +0200)]
CVE-2015-5370: s4:rpc_server: limit allocation and alloc_hint to 4 MByte

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
4 years agoCVE-2015-5370: s4:rpc_server: check frag_length for requests
Stefan Metzmacher [Wed, 15 Jul 2015 15:21:05 +0000 (17:21 +0200)]
CVE-2015-5370: s4:rpc_server: check frag_length for requests

Note this is not the negotiated fragment size, but a hardcoded maximum.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
4 years agoCVE-2015-5370: s4:rpc_server: give the correct reject reasons for invalid auth_level...
Stefan Metzmacher [Fri, 10 Jul 2015 11:55:27 +0000 (13:55 +0200)]
CVE-2015-5370: s4:rpc_server: give the correct reject reasons for invalid auth_level values

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
4 years agoCVE-2015-5370: s4:rpc_server: disconnect after a failing dcesrv_auth_request()
Stefan Metzmacher [Fri, 26 Jun 2015 06:10:46 +0000 (08:10 +0200)]
CVE-2015-5370: s4:rpc_server: disconnect after a failing dcesrv_auth_request()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
4 years agoCVE-2015-5370: s4:rpc_server: let a failing auth3 mark the authentication as invalid
Stefan Metzmacher [Tue, 14 Jul 2015 14:18:45 +0000 (16:18 +0200)]
CVE-2015-5370: s4:rpc_server: let a failing auth3 mark the authentication as invalid

Following requests will generate a fault with ACCESS_DENIED.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
4 years agoCVE-2015-5370: s4:rpc_server: failing authentication should generate a SEC_PKG_ERROR
Stefan Metzmacher [Fri, 26 Jun 2015 06:10:46 +0000 (08:10 +0200)]
CVE-2015-5370: s4:rpc_server: failing authentication should generate a SEC_PKG_ERROR

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
4 years agoCVE-2015-5370: s4:rpc_server: fix the order of error checking in dcesrv_alter()
Stefan Metzmacher [Fri, 26 Jun 2015 06:10:46 +0000 (08:10 +0200)]
CVE-2015-5370: s4:rpc_server: fix the order of error checking in dcesrv_alter()

The basically matches Windows 2012R2, it's not 100%
but it's enough for our raw protocol tests to pass.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>