summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* VERSION: Disable GIT_SNAPSHOTS for the 4.5.7 release.samba-4.5.7Karolin Seeger2017-03-231-1/+1
| | | | | | | CVE-2017-2619: Symlink race allows access outside share definition. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12496 Signed-off-by: Karolin Seeger <kseeger@samba.org>
* WHATSNEW: Add release notes for Samba 4.5.7.Karolin Seeger2017-03-231-2/+73
| | | | | | | CVE-2017-2619: Symlink race allows access outside share definition. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12496 Signed-off-by: Karolin Seeger <kseeger@samba.org>
* CVE-2017-2619: s3: smbd: Use the new non_widelink_open() function.Jeremy Allison2017-03-221-1/+22
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12496 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org>
* CVE-2017-2619: s3: smbd: Add the core functions to prevent symlink open races.Jeremy Allison2017-03-221-0/+238
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12496 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org>
* CVE-2017-2619: s3: smbd: Move special handling of symlink errno's into a ↵Jeremy Allison2017-03-221-17/+26
| | | | | | | | | utility function. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12496 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org>
* CVE-2017-2619: s3: smbd: Remove O_NOFOLLOW guards. We insist on O_NOFOLLOW ↵Jeremy Allison2017-03-221-5/+1
| | | | | | | | | existing. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12496 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org>
* CVE-2017-2619: s3: smbd: Correctly fallback to open_dir_safely if FDOPENDIR ↵Jeremy Allison2017-03-221-10/+5
| | | | | | | | | not supported on system. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12496 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org>
* CVE-2017-2619: s3: smbd: Move the reference counting and destructor setup to ↵Jeremy Allison2017-03-221-5/+5
| | | | | | | | | just before retuning success. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12496 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org>
* CVE-2017-2619: s3: smbd: OpenDir_fsp() - Fix memory leak on error.Jeremy Allison2017-03-221-1/+1
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12496 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org>
* CVE-2017-2619: s3: smbd: OpenDir_fsp() use early returns.Jeremy Allison2017-03-221-13/+21
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12496 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org>
* CVE-2017-2619: s3: smbd: Create and use open_dir_safely(). Use from OpenDir().Jeremy Allison2017-03-221-7/+70
| | | | | | | | | Hardens OpenDir against TOC/TOU races. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12496 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org>
* CVE-2017-2619: s3: smbd: Opendir_internal() early return if SMB_VFS_OPENDIR ↵Jeremy Allison2017-03-221-9/+9
| | | | | | | | | failed. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12496 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org>
* CVE-2017-2619: s3: smbd: Create wrapper function for OpenDir in preparation ↵Jeremy Allison2017-03-221-1/+14
| | | | | | | | | for making robust. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12496 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org>
* CVE-2017-2619: s4/torture: add SMB2_FIND tests with ↵Ralph Boehme2017-03-221-2/+10
| | | | | | | | | SMB2_CONTINUE_FLAG_REOPEN flag Bug: https://bugzilla.samba.org/show_bug.cgi?id=12496 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org>
* CVE-2017-2619: s3/smbd: re-open directory after dptr_CloseDir()Ralph Boehme2017-03-221-0/+17
| | | | | | | | | | dptr_CloseDir() will close and invalidate the fsp's file descriptor, we have to reopen it. Bug: https://bugzilla.samba.org/show_bug.cgi?id=12496 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org>
* VERSION: Bump version up to 4.5.7...Karolin Seeger2017-03-171-2/+2
| | | | | | | and re-enable GIT_SNAPSHOTS. Signed-off-by: Karolin Seeger <kseeger@samba.org> (cherry picked from commit 520e1a58e1598f412698a38b7af2d6c2015ba056)
* VERSION: Disable GIT_SNAPSHOTS for the 4.5.6 release.samba-4.5.6Karolin Seeger2017-03-091-1/+1
| | | | Signed-off-by: Karolin Seeger <kseeger@samba.org>
* WHATSNEW: Add release notes for Samba 4.5.6.Karolin Seeger2017-03-091-2/+109
| | | | Signed-off-by: Karolin Seeger <kseeger@samba.org>
* WHATSNEW: Clarify entry.Karolin Seeger2017-03-081-1/+1
| | | | Signed-off-by: Karolin Seeger <kseeger@samba.org>
* s4:ldap_server: match windows in the error messages of failing LDAP Bind ↵Stefan Metzmacher2017-03-071-2/+35
| | | | | | | | | | | | | | | | requests This is important for some applications to detect the NT_STATUS_PASSWORD_MUST_CHANGE condition correctly. BUG: https://bugzilla.samba.org/show_bug.cgi?id=9048 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit 81ccdad9d045a7a6d6a569d1685bb0bf4e64d12a) Autobuild-User(v4-5-test): Stefan Metzmacher <metze@samba.org> Autobuild-Date(v4-5-test): Tue Mar 7 12:29:45 CET 2017 on sn-devel-144
* ldb-samba: remember the error string of a failing bind in ildb_connect()Stefan Metzmacher2017-03-071-0/+1
| | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=9048 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit 4738754e7d7216f6acf790827459bb5da6b0a110)
* s3: smbd: Restart reading the incoming SMB2 fd when the send queue is drained.Jeremy Allison2017-03-071-1/+13
| | | | | | | | | | | | | | | | | | | | | | | | When the send queue grows greater than xconn->smb2.credits.max/16, smbd_smb2_request_next_incoming() doesn't allocate a new request in state->req. After smbd_smb2_io_handler() is called, it marks the fd not readable as state->req == NULL, and never marks it readable again. Fix by calling smbd_smb2_request_next_incoming() to restart reads inside smbd_smb2_flush_send_queue() which drains the send queue. Reported by <chen.yehua@h3c.com> BUG: https://bugzilla.samba.org/show_bug.cgi?id=12608 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> Autobuild-User(master): Ralph Böhme <slow@samba.org> Autobuild-Date(master): Fri Mar 3 02:23:20 CET 2017 on sn-devel-144 (cherry picked from commit 1e0c79ddb34be9a2b9fa92d35387c443c4a381ae)
* s3:winbindd: fix endless forest trust scanStefan Metzmacher2017-03-072-0/+30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Commit 0392ebcd1d48e9f472f2148b85316a77d9cc953b effectively disabled the enumeration of trusts in other forests. The fixes for https://bugzilla.samba.org/show_bug.cgi?id=11691 changed the way we fill domain->domain_flags for domains in other forests. Commit fffefe72fcc62d9688b45f53a5327667dc0b2fe6 readded the ability to enumerate trusts of other forests again, in order to fix https://bugzilla.samba.org/show_bug.cgi?id=11830 Now we have the problem that multiple domains (even outside of our forest) are considert to be our forest root, as they have the following flags: NETR_TRUST_FLAG_TREEROOT and NETR_TRUST_FLAG_IN_FOREST. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12605 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> Autobuild-User(master): Ralph Böhme <slow@samba.org> Autobuild-Date(master): Thu Mar 2 17:53:14 CET 2017 on sn-devel-144 (cherry picked from commit f9aaddcdd8f9ea648c9c5ea804f56ee3ff6c4c67)
* vfs_fruit: enabling AAPL extensions must be a global switchRalph Boehme2017-03-071-4/+8
| | | | | | | | | | | | | | | | | | Apple's SMB2 AAPL extension is enabled once per SMB2 connection. Unfortunately the (per se correct) fix for bug #12541 results in vfs_fruit checking a per tcon config state variable to determine whether AAPL has been negotiated. This variable will be false for all but the first tcon. We must make it a global variable. Bug: https://bugzilla.samba.org/show_bug.cgi?id=12604 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org> Autobuild-User(master): Uri Simchoni <uri@samba.org> Autobuild-Date(master): Thu Mar 2 04:34:10 CET 2017 on sn-devel-144 (cherry picked from commit 41204a4972ea62b7b656ad81e24bd052990f7e87)
* vfs_fruit: only veto AppleDouble files with fruit:resource=fileRalph Boehme2017-03-072-7/+14
| | | | | | | | | | | | | vfs_fruit only creates AppleDouble files itself when "fruit:resource" is set to "file" (the default). It is only then the these AppleDouble files should be treated as an internal representation and should be inaccessible from clients. Bug: https://bugzilla.samba.org/show_bug.cgi?id=12526> Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org> (cherry picked from commit 708767da8c366c021d6d15a3ae71d009357c3320)
* s4/torture: vfs_fruit: add stream with illegal ntfs characters to copyile testRalph Boehme2017-03-071-0/+11
| | | | | | | | | | | | | | | | | | | | This ensures a stream with illegal NTFS characters mapped to the Unicode private range like :foo\xef\x80\xa2bar:$DATA that is stored as an xattr name user.DosStream.foo:bar:$DATA if "fruit:encoding = native" is set, is copied by the special fruit copy_chunk request. Bug: https://bugzilla.samba.org/show_bug.cgi?id=12427 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org> (cherry picked from commit c7a79a9b35225f41eeae961ab340882c7d49f0c4)
* vfs_fruit: use stat info from base_fspRalph Boehme2017-03-071-9/+3
| | | | | | | | | | | This is also supposed to be valid in the VFS stack, so there's no need to re-stat here. Bug: https://bugzilla.samba.org/show_bug.cgi?id=12427 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org> (cherry picked from commit ffa727f33b06e71403303b53797a068f455b22f8)
* s4/torture: vfs_fruit: test invalid AFPINFO_STREAM_NAMERalph Boehme2017-03-071-0/+60
| | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12427 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org> (cherry picked from commit 8b7e88f368ce793699fc57272e74d0815219a250)
* vfs_fruit: ignore or delete invalid AFP_AfpInfo streamsRalph Boehme2017-03-071-1/+88
| | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12427 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org> (cherry picked from commit a2afd61906fbf36f75b2054abfd7384f220a14e3)
* selftest: add shares without vfs_fruit for the vfs_fruit testsRalph Boehme2017-03-072-3/+13
| | | | | | | | | | | Not used for now, but the next commit will add a test that makes use of this. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12427 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org> (cherry picked from commit bac79eac093e042f22a77fa8e468f8c92bb3c113)
* s4/torture: change shares in used torture_suite_add_2ns_smb2_test()Ralph Boehme2017-03-071-17/+19
| | | | | | | | | | | | torture_suite_add_2ns_smb2_test wan't used, change it to use the default share as share 1 and a second share taken from torture option "torture:share2". BUG: https://bugzilla.samba.org/show_bug.cgi?id=12427 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org> (cherry picked from commit 08dc5b4673a955f365095824275e67b2ea8fc31e)
* docs/vfs_fruit: document known limitations with fruit:encoding=nativeRalph Boehme2017-03-071-2/+6
| | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12427 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org> (cherry picked from commit b302444f5b0675f0cb0f26fa2ad53e298067f7ab)
* s4/torture: add test for AAPL find with name with illegal NTFS charactersRalph Boehme2017-03-071-0/+109
| | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12427 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org> (cherry picked from commit c8baf2760ad51a7739084a8e2617c58c287b651e)
* lib/torture: add torture_assert_mem_equal_gotoRalph Boehme2017-03-071-0/+10
| | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12427 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org> (cherry picked from commit 49723151b2107553559c397adadda90f7c4806f7)
* s4/torture: add a vfs_fruit renaming test with open rsrc forkRalph Boehme2017-03-071-0/+95
| | | | | | | | | | Verify IO on the resource fork works after a rename of the basefile. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12427 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org> (cherry picked from commit 8ae4539e47bcaa37d5a052eaf443a95287d851e1)
* s4/torture: vfs_fruit: test deleting a file with resource forkRalph Boehme2017-03-071-0/+33
| | | | | | | | | | All the other tests ignore the return value of smb2_util_unlink(). BUG: https://bugzilla.samba.org/show_bug.cgi?id=12427 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org> (cherry picked from commit f555c2318eb06d1ceef32423dba9cd1a7c76f956)
* s4/torture: vfs_fruit: add test_null_afpinfo testRalph Boehme2017-03-071-0/+86
| | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12427 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org> (cherry picked from commit 3227b891fcdd912b0c09398fed751fe8b53d01c9)
* selftest: add description to vfs_fruit testsuitesRalph Boehme2017-03-071-3/+3
| | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12427 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org> (cherry picked from commit 9975c7569cf5af74c25ac03985a7c409164ac2ce)
* selftest: also run vfs_fruit tests with streams_depotRalph Boehme2017-03-072-0/+8
| | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12427 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org> (cherry picked from commit f7b0982826b58cfcdaf8782e15c2440f31a45ba2)
* selftest: run vfs_fruit tests against share with fruit:metadata=streamRalph Boehme2017-03-072-0/+8
| | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12427 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org> (cherry picked from commit d9ab40e0834c074ea26460347b035c52eb5eb0d7)
* selftest: move vfs_fruit tests that require "fruit:metadata=netatalk" to ↵Ralph Boehme2017-03-073-3/+17
| | | | | | | | | | vfs.fruit_netatalk BUG: https://bugzilla.samba.org/show_bug.cgi?id=12427 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org> (cherry picked from commit cc885223d79a7e8eb2177a351b745dceec0c9f5a)
* selftest: reenable vfs_fruit testsRalph Boehme2017-03-071-1/+1
| | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12427 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org> (cherry picked from commit 51189bd4758a140bad6abf3300c931302432a687)
* vfs_fruit: refactor fruit_ftruncate and use new adouble APIRalph Boehme2017-03-071-27/+38
| | | | | | | | | | Use struct fio to denote a fsp handle is for a stream we care about. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12427 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org> (cherry picked from commit cc88132854ed47510e056ed451ed376770ee301e)
* vfs_fruit: use fio in fruit_fallocateRalph Boehme2017-03-071-3/+2
| | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12427 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org> (cherry picked from commit b3c0f785d753b26404f67acf8061be1cafde79a9)
* vfs_fruit: refactor fruit_fstat and use new adouble APIRalph Boehme2017-03-071-47/+106
| | | | | | | | | | Use struct fio to denote a fsp handle is for a stream we care about. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12427 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org> (cherry picked from commit ae6199c5ef9022518a709bb9aff20b8b2d83e456)
* vfs_fruit: refactor fruit_pread and fruit_pwrite and use new adouble APIRalph Boehme2017-03-071-175/+349
| | | | | | | | | | Use struct fio to denote a fsp handle is for a stream we care about. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12427 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org> (cherry picked from commit fcb9c840d7d082457c3136a44a23b489c98b0327)
* vfs_fruit: refactor fruit_open and use new adouble APIRalph Boehme2017-03-071-21/+44
| | | | | | | | | | Use struct fio to denote a fsp handle is for a stream we care about. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12427 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org> (cherry picked from commit 6537c56de5dae8a1d193a949910296aea1cb6a4e)
* vfs_fruit: rework struct adouble APIRalph Boehme2017-03-071-290/+423
| | | | | | | | | | | | | | | | | | | | | | | | o factor out ad_open(), opens an fd to be used with IO on the metadata streams o rename ad_write() to ad_set() as this aligns nicely with the existing ad_get. This is the pathname based version used to solely set metadata on a file, there's also a handle based version: o add ad_fset(), a handle based version that can be used to set metadata and to update the AppleDouble header in a ._ AppleDouble file o remove fruit_fsp_recheck(), looking at it more closely, it is not needed This commit *compiles*, but all callers in the VFS ops must now be updated to use the new semantics, this comes next... BUG: https://bugzilla.samba.org/show_bug.cgi?id=12427 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org> (backported from commit 1d1203574328570288806fffefabb550ecc4e95d)
* selftest: disable vfs_fruit testsRalph Boehme2017-03-071-1/+1
| | | | | | | | | | | | | | | | The next commits will completely change handle based VFS ops. This couldn't be done in a piecemeal fashion, I had to wipe the slate clean. Disabling tests in order to not break git bisects. Tests will be reenabled after a few commits that apply the larger change in a somewhat digestible fashion. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12427 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org> (cherry picked from commit 8703b8ef9d54c841d9da3f94b81195f247873dea)
* vfs_fruit: fix fruit_check_access()Ralph Boehme2017-03-071-4/+26
| | | | | | | | | | | | | | | Applying fcntl read locks requires an fd opened for reading. This means we have to check the open flags of an fd and if the fd is not opened for reading, we can't use it to set shared fctnl locks. Iow we won't be applying interop locks with Netatalk for files openend write-only. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12427 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org> (cherry picked from commit 41a2b2f5cdf751e17bde60e5cfbe395450e67485)
View Lorry Controller Status