| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
systemd service files run in no-forking mode (--foreground) since
8b6f58194da7e849cdb9d20712dff49b17a93a77.
Rearrange sd_notify() call in become_daemon() to only send status to systemd
in this mode (Type=notify is not designed to monitor forking). Drop READY=0
(it does nothing) and MAINPID= (unnecessary because the process spawned by
systemd is already the main PID).
Also remove STATUS= prefix from debug messages.
Signed-off-by: Marcos Mello <marcosfrm@gmail.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 440ddf8470b11a46066d282bf8945201d547c192)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11568
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If you connnect to a host with smbclient this gets always printed.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13823
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit c71334ec0c92e791022a9b7c900aa0dd649226c2)
Autobuild-User(v4-8-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-8-test): Tue Mar 12 17:01:14 UTC 2019 on sn-devel-144
|
|
|
|
|
|
| |
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13813
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Mar 6 01:53:16 UTC 2019 on sn-devel-144
(cherry picked from commit 4125ff89e44a3e98882cfc38c06e559a6e1e56a5)
|
|
|
|
|
|
|
|
|
| |
This fixes compile errors about missing prototypes with
--picky-developer and --without-winbind
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 4b1e4c22128bdefe549a58b181e9b755854f4c3e)
|
|
|
|
|
|
|
|
| |
This change is for the backport only. The change in master increased the
ABI version to 0.28.0 and removed some functions; this should not happen
in a backport.
Signed-off-by: Christof Schmitt <cs@samba.org>
|
|
|
|
|
|
| |
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit c5874b9b68e0795e9dc23b04efa5959ac03ec8dc)
|
|
|
|
|
|
|
| |
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13813
(cherry picked from commit 40de67f1fcc46b7a64a7364c91dcedb474826d51)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This explicitly avoids the legacy_[ug]id_to_sid calls, which create
long-term cache entries to S-1-22-x-y if anthing fails. We can't do
this, because this will turn temporary winbind communication failures
into long-term problems: A short hickup in winbind_uid_to_sid will
create a mapping to S-1-22-1-uid for a week. It should be up to the
lower layers to do the caching.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13813
(cherry picked from commit 92f27ebb14c0c18b1d0fd49544ad851aeb14781c)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is modeled after server_id_str_buf, which as an API to me is easier to
use: I can rely on the compiler to get the buffer size right.
It is designed to violate README.Coding's "Make use of helper variables", but
as this API is simple enough and the output should never be a surprise at all,
I think that's worth it.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Nov 2 20:11:11 CET 2018 on sn-devel-144
(cherry picked from commit 8b9d36221930a487ca5c51bf2e38ed04de9d50f7)
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This does not merge a winbind communication error into
"global_sid_NULL" (S-1-0-0), which by the way non-intuitively does not
go along with is_null_sid(). Instead, this just touches the output sid
when winbind returned success. This success might well be a negative
mapping indicated by S-0-0, which *is* is_null_sid()...
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13813
(cherry picked from commit ef706a3e63b3e25edd27e0f99c3e2d8ff7209cb6)
|
|
|
|
|
|
|
| |
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13813
(cherry picked from commit bc9824bd42d9370279819ea0d927e236f6041324)
|
|
|
|
|
|
|
| |
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13813
(cherry picked from commit e5a903bab6eda8f7ff2a7c8149d51022d9d8aede)
|
|
|
|
|
|
|
| |
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13813
(cherry picked from commit bb8122dd8c53bb307819a79b7888cc0940a7c13b)
|
|
|
|
|
|
|
|
|
| |
This now properly makes us use negative cache entries
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13813
(cherry picked from commit 95d33ca79cc315f1a2e41cd60859ef01d6548c77)
|
|
|
|
|
|
|
|
|
| |
The code in idmap_cache only touches its output parameters upon success
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13813
(cherry picked from commit 8c28c12702c0935a852c7fed6565987623f09fee)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Why? This makes the negative mapping condition (is_null_sid) more
explicit in the code.
The callers in lookup_sid initialized "psid" anyway before, and the ones
in wb_xids2sids now do as well. This is more in line with other APIs we
have: Only touch output parameters if you have something to say.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13813
(cherry picked from commit 4faf3e9f6da7515fc263d79f77226d105c2f8524)
|
|
|
|
|
|
|
|
|
|
| |
Without this we'd query non-existent mappings over and over
again.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13813
(cherry picked from commit d9303e8eb90d48f09f2e2e8bdf01f4a7c3c21d11)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Deny ACEs must always be evaluated against explicitly granted rights
from previous ACEs.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13812
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 8d355dd9769e8990ce998b4c9f28977669b43616)
Autobuild-User(v4-8-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-8-test): Mon Mar 11 13:04:13 UTC 2019 on sn-devel-144
|
|
|
|
|
|
|
|
|
|
|
|
| |
Creates a 2-element ALLOW + DENY ACE showing that when calculating
effective permissions and maximum access already seen allow bits are not
removed.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13812
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit b205d695d769e910a91bec87451dec189ec33740)
|
|
|
|
|
|
|
|
|
|
|
| |
Creates a 3-element ALLOW + ALLOW + DENY ACE showing that when
calculating maximum access already seen allow bits are not removed.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13812
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 0ebd8c99aed28a0ba43a22c429837f66f7e94409)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Owner Rights ACEs
We basically must process the Owner Rights ACEs as any other ACE wrt to the
order of adding granted permissions and checking denied permissions. According
to MS-DTYP 2.5.3.2 Owner Rights ACEs must be evaluated in the main loop over
the ACEs in an ACL and the corresponding access_mask must be directly applied
to bits_remaining. We currently defer this to after the loop over the ACEs in
ACL, this is wrong.
We just have to do some initial magic to determine if an ACL contains and
Owner Rights ACEs, and in case it doesn't we grant SEC_STD_WRITE_DAC |
SEC_STD_READ_CONTROL at the *beginning*. MS-DTYP:
-- the owner of an object is always granted READ_CONTROL and WRITE_DAC.
CALL SidInToken(Token, SecurityDescriptor.Owner, PrincipalSelfSubst)
IF SidInToken returns True THEN
IF DACL does not contain ACEs from object owner THEN
Remove READ_CONTROL and WRITE_DAC from RemainingAccess
Set GrantedAccess to GrantedAccess or READ_CONTROL or WRITE_OWNER
END IF
END IF
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13812
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 9722f75757c0e38c7f42c7cc310d56aa6eaf6392)
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Shows that owner and SID_OWNER_RIGHTS ACE
entries interact in max permissions requests.
Tested against Windows.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13812
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit fadc4c1bc5fcc3b2d9daea44ef8daf8a8ae0fbe2)
|
|
|
|
|
|
|
|
|
|
| |
Tested against Windows.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13812
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 2e181e34c48c879235c5dc64bd7ab2b59781810c)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This was missing in 44590c1b70c0a24f853c02d5fcdb3c609401e2ca.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13812
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Thu Feb 28 19:18:16 UTC 2019 on sn-devel-144
(cherry picked from commit 5cf0764bc4b65dbc59d8626760dbe946a2234833)
|
|
|
|
|
|
|
|
| |
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13812
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
(cherry picked from commit 3ca38d2cd1189a5040e13ddab016063280be2b4d)
|
|
|
|
|
|
|
|
| |
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13812
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
(cherry picked from commit 9f4ee05295827c9a607e1f63694a17906f777176)
|
|
|
|
|
|
|
|
|
|
|
|
| |
the correct filename is taken from the partition database before, we should not
unescape that because this can result in a new unescaped ldb file being created
and the script not to work at all.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13759
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit cd1ac3668cd164bd5f7cadf7b59df9541aaef83e)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Both libcephfs functions are supported and capable of extending files,
so fallback can be dropped.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13807
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit 155f1289ba7a4802fbb99fbc9ea90d8bc6cff0c9)
[ddiss@samba.org: rebase atop 48t without 532ff3a5b958]
Autobuild-User(v4-8-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-8-test): Tue Mar 5 13:01:15 UTC 2019 on sn-devel-144
|
|
|
|
|
|
|
|
|
|
|
| |
The vfs_ceph "strict allocate = yes" ftruncate wrapper may attempt
*local* filesystem ftruncate(). Fix this.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13807
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit 70329c36ed91dd0e50ff66f9b0a85c62ac8a621e)
|
|
|
|
|
|
|
|
|
|
|
|
| |
SMB_VFS_FALLOCATE() calls atop a vfs_ceph share currently fall through
to vfs_default, which results in a local filesystem I/O attempt using a
libcephfs file-descriptor. Add the missing fallocate hook to vfs_ceph.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13807
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit 5a7e7280813559fb70a9fc8e4238cb6015ee3b53)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
intermediate POSIX path.
Previous regression test ensures we still return the correct
error code for POSIX pathname operations.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13803
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Feb 25 09:33:27 CET 2019 on sn-devel-144
(cherry picked from commit 3f1a13a94a753c5cb3b9f2cf795df5adb0f74205)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Ensure that if POSIX_foo exists as a file
we return the correct error code NT_STATUS_OBJECT_PATH_NOT_FOUND
if we try and traverse it as a directory.
Also ensure creation/deletion of POSIX_foo/foo fails
for directories and files with NT_STATUS_OBJECT_PATH_NOT_FOUND
if the directory POSIX_foo/ doesn't exist.
knownfail is back :-).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13803
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit 632d0db8c42d50f5eecd002d9573f739cd945960)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For posix_pathnames don't blunder into the name_has_wildcard OR
get_real_filename() codepaths as they may be doing case insensitive lookups.
So when creating a new POSIX directory 'Foo' they might
match on name 'foo'.
Remove POSIX-MKDIR from knownfail.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13803
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Sun Feb 24 14:04:14 CET 2019 on sn-devel-144
(cherry picked from commit 12da33e2bbce657f25abe9bc4cb936ca4615b30f)
|
|
|
|
|
|
|
|
|
|
| |
UCF_UNIX_NAME_LOOKUP flag.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13803
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit 980db8debde68f9edce13fc01bc45a904379cffd)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Test does:
mkdir POSIX_foo
mkdir POSIX_Foo
mkdir POSIX_foo/Foo
mkdir POSIX_foo/foo
mkdir POSIX_Foo/Foo
mkdir POSIX_Foo/foo
Which should pass a SMB1 POSIX extensions server
as posix mkdir should always be case sensitive
no matter what the share is set to.
Mark as knownfail for now.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13803
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit f0decb31fff24ceb57d23bebbfb87aa0e5103947)
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13802
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Sat Feb 23 09:23:22 CET 2019 on sn-devel-144
(cherry picked from commit 9b9565c3e69b92c298c7168e516387bb249c9e36)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is needed in preparation of moving the step to update the idmap
cache from the per-idmap-domain callback wb_xids2sids_dom_done() to the
top-level callback wb_xids2sids_done().
Currently the sequence of action is:
* check cache, if not found:
* ask backends
* cache result from backend
* return results
Iow, if we got something from the cache, we don't write the cache.
The next commit defers updating the cache to the top-level callback, so
the sequence becomes
* check cache, if not found:
* ask backends
* cache results
* return results
This has two problems:
* it needlessly writes to the cache what we just got from it
* it possibly overwrites the ID_TYPE_BOTH for a SID-to-xid mapping in
the following case:
- existing ID_TYPE_BOTH mapping in the cache, eg:
IDMAP/SID2XID/S-1-5-21-2180672342-2513613279-2566592647-512 -> Value: 3000000:B
- someone calls wb_xids2sids_send() with xid.id=3000000,xid.type=ID_TYPE_GID
- cache lookup with idmap_cache_find_gid2sid() succeeds
- when caching results we'd call idmap_cache_set_sid2unixid() with the
callers xid.type=ID_TYPE_GID, so idmap_cache_set_sid2unixid() will
overwrite the SID-to-xid mapping with ID_TYPE_GID
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13802
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit 62f54229fced20102e11ad1da02faef45c2a7c2e)
|
|
|
|
|
|
|
|
|
|
|
| |
In preparation of adding more logic to the done step. No change in
behaviour.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13802
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit 8e9c2a1f6ceb06d695a6572701b96a3e3821ac42)
|
|
|
|
|
|
|
|
|
|
|
|
| |
In preparation of priming the idmap cache in the top-level
wb_xids2sids_done(), not in the per-idmap-domain callback
wb_xids2sids_dom_done().
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13802
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit 7f23ef7b2cf7bd6e8dc087aa15137292b421a689)
|
|
|
|
|
|
|
|
|
|
| |
No change in behaviour.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13802
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit f8bf4fc608639695651f75c52b31f95e796a5a26)
|
|
|
|
|
|
|
|
|
|
|
|
| |
The previous commit made an internal copy of xids, this commit makes it
more obvious that we must not mess with the xids argument but treat it as
an in-parameter and don't write to it.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13802
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit 5d277ea7ea258676b9ea5081a451a5874af115f6)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is in preparation of setting the result of the mapping in the top-
level callback wb_xids2sids_done(), not in the per-idmap-domain callback
wb_xids2sids_dom_done().
When caching the mapping we need the id-type from the backend, so we
need a way to pass up that information from wb_xids2sids_dom_done() up
to wb_xids2sids_done()
The xids array copy gets passed from wb_xids2sids_send() to
wb_xids2sids_dom_send(), so wb_xids2sids_dom_done() can then directly
update the top-level copy.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13802
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit f5a8bc2f945be45cdade5f70d4f975bae8337f67)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This only properly covers the small-message nonblocking case. Covering
the large-message and the blocking case is a much larger effort assuming
we want to re-send the failed message if parts of the message has gone
through properly. Don't do that for now.
This was found by sanba_dnsupdate constantly recreating its irpc handle to
winbindd in the RODC case.
The messaging_dgm code cached connected datagram sockets based on the
destination pid for 1 second. Which means the IRPC responses from
winbindd are never delivered to samba_dnsupdate,
which will then hit a timeout.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13786
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 2543bba0364d8054e9ad316f5611621841bc061d)
|
|
|
|
|
|
|
|
|
|
|
| |
Do ping_pong a hundred times, re-initializing the msg_ctx every time.
https://bugzilla.samba.org/show_bug.cgi?id=13786
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 8d8f62c4b9dea381ce9f5833bc794553ae358173)
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In this case this is just a cleanup, the value has just been set by
messaging_dgm_sendmsg. But as that already saves errno into a local
variable, use that.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13786
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit c27afc098398274abaed6dc9bef2019091c1b635)
|
|
|
|
|
|
|
|
|
|
| |
Problem is the structure "struct notify_instance" can lay in message buffer on
address not dividable by 8 but this structure begins by uint_64 (secs in
time-stamp). Structure should be re-packed to standalone buffer before the use.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13704
Signed-off-by: jiri.sasek@oracle.com
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
|
|
|
|
|
|
|
|
|
| |
* CVE-2019-3824 out of bounds read in wildcard compare (bug 13773)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13773
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Autobuild-User(v4-8-test): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(v4-8-test): Tue Feb 26 12:58:03 CET 2019 on sn-devel-144
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add cmocka tests for ldb_wildcard_match.
Running test_wildcard_match under valgrind reproduces
CVE-2019-3824 out of bounds read in wildcard compare (bug 13773)
valgrind --suppressions=lib/ldb/tests/ldb_match_test.valgrind\
bin/ldb_match_test
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13773
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
|
|
|
|
|
|
|
|
|
|
|
|
| |
ldb_handler_copy and ldb_val_dup over allocate by one and add a trailing '\0'
to the data, to make them safe to use the C string functions on.
However testing for the trailing '\0' is not the correct way to test for
the end of a value, the length should be checked instead.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13773
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
|