| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
systemd service files run in no-forking mode (--foreground) since
8b6f58194da7e849cdb9d20712dff49b17a93a77.
Rearrange sd_notify() call in become_daemon() to only send status to systemd
in this mode (Type=notify is not designed to monitor forking). Drop READY=0
(it does nothing) and MAINPID= (unnecessary because the process spawned by
systemd is already the main PID).
Also remove STATUS= prefix from debug messages.
Signed-off-by: Marcos Mello <marcosfrm@gmail.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 440ddf8470b11a46066d282bf8945201d547c192)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11568
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If you connnect to a host with smbclient this gets always printed.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13823
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit c71334ec0c92e791022a9b7c900aa0dd649226c2)
Autobuild-User(v4-8-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-8-test): Tue Mar 12 17:01:14 UTC 2019 on sn-devel-144
|
|
|
|
|
|
|
|
|
|
|
| |
* CVE-2019-3824 out of bounds read in wildcard compare (bug 13773)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13773
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Autobuild-User(v4-8-test): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(v4-8-test): Tue Feb 26 12:58:03 CET 2019 on sn-devel-144
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add cmocka tests for ldb_wildcard_match.
Running test_wildcard_match under valgrind reproduces
CVE-2019-3824 out of bounds read in wildcard compare (bug 13773)
valgrind --suppressions=lib/ldb/tests/ldb_match_test.valgrind\
bin/ldb_match_test
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13773
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
|
|
|
|
|
|
|
|
|
|
|
|
| |
ldb_handler_copy and ldb_val_dup over allocate by one and add a trailing '\0'
to the data, to make them safe to use the C string functions on.
However testing for the trailing '\0' is not the correct way to test for
the end of a value, the length should be checked instead.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13773
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Check the operation type of the passed parse tree, and return
LDB_INAPPROPRIATE_MATCH if the operation is not LDB_OP_SUBSTRING.
A query of "attribute=*" gets parsed as LDB_OP_PRESENT, checking the
operation and failing ldb_wildcard_match should help prevent confusion
writing tests.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13773
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
|
|
|
|
|
|
|
|
|
|
| |
Initialise the created ldb_parse_tree with talloc_zero, this ensures
that it is correctly initialised if inadvertently passed to a function
expecting a different operation type.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13773
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
|
|
|
|
|
|
| |
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13773
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
|
|
|
|
| |
processing
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13773
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There is valgrind error in few tests tests/test-generic.sh
91 echo "Test wildcard match"
92 $VALGRIND ldbadd $LDBDIR/tests/test-wildcard.ldif || exit 1
93 $VALGRIND ldbsearch '(cn=test*multi)' || exit 1
95 $VALGRIND ldbsearch '(cn=*test_multi)' || exit 1
97 $VALGRIND ldbsearch '(cn=test*multi*test*multi)' || exit 1
e.g.
==3098== Memcheck, a memory error detector
==3098== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==3098== Using Valgrind-3.14.0 and LibVEX; rerun with -h for copyright info
==3098== Command: ./bin/ldbsearch (cn=test*multi)
==3098==
==3098== Invalid read of size 1
==3098== at 0x483CEE7: memchr (vg_replace_strmem.c:890)
==3098== by 0x49A9073: memmem (in /usr/lib64/libc-2.28.9000.so)
==3098== by 0x485DFE9: ldb_wildcard_compare (ldb_match.c:313)
==3098== by 0x485DFE9: ldb_match_substring (ldb_match.c:360)
==3098== by 0x485DFE9: ldb_match_message (ldb_match.c:572)
==3098== by 0x558F8FA: search_func (ldb_kv_search.c:549)
==3098== by 0x48C78CA: ??? (in /usr/lib64/libtdb.so.1.3.17)
==3098== by 0x48C7A60: tdb_traverse_read (in /usr/lib64/libtdb.so.1.3.17)
==3098== by 0x557B7C4: ltdb_traverse_fn (ldb_tdb.c:274)
==3098== by 0x558FBFA: ldb_kv_search_full (ldb_kv_search.c:594)
==3098== by 0x558FBFA: ldb_kv_search (ldb_kv_search.c:854)
==3098== by 0x558E497: ldb_kv_callback (ldb_kv.c:1713)
==3098== by 0x48FCD58: tevent_common_invoke_timer_handler (in /usr/lib64/libtevent.so.0.9.38)
==3098== by 0x48FCEFD: tevent_common_loop_timer_delay (in /usr/lib64/libtevent.so.0.9.38)
==3098== by 0x48FE14A: ??? (in /usr/lib64/libtevent.so.0.9.38)
==3098== Address 0x4b4ab81 is 0 bytes after a block of size 129 alloc'd
==3098== at 0x483880B: malloc (vg_replace_malloc.c:309)
==3098== by 0x491048B: talloc_strndup (in /usr/lib64/libtalloc.so.2.1.15)
==3098== by 0x48593CA: ldb_casefold_default (ldb_utf8.c:59)
==3098== by 0x485F68D: ldb_handler_fold (attrib_handlers.c:64)
==3098== by 0x485DB88: ldb_wildcard_compare (ldb_match.c:257)
==3098== by 0x485DB88: ldb_match_substring (ldb_match.c:360)
==3098== by 0x485DB88: ldb_match_message (ldb_match.c:572)
==3098== by 0x558F8FA: search_func (ldb_kv_search.c:549)
==3098== by 0x48C78CA: ??? (in /usr/lib64/libtdb.so.1.3.17)
==3098== by 0x48C7A60: tdb_traverse_read (in /usr/lib64/libtdb.so.1.3.17)
==3098== by 0x557B7C4: ltdb_traverse_fn (ldb_tdb.c:274)
==3098== by 0x558FBFA: ldb_kv_search_full (ldb_kv_search.c:594)
==3098== by 0x558FBFA: ldb_kv_search (ldb_kv_search.c:854)
==3098== by 0x558E497: ldb_kv_callback (ldb_kv.c:1713)
==3098== by 0x48FCD58: tevent_common_invoke_timer_handler (in /usr/lib64/libtevent.so.0.9.38)
==3098==
# record 1
dn: cn=test_multi_test_multi_test_multi,o=University of Michigan,c=TEST
cn: test_multi_test_multi_test_multi
description: test multi wildcards matching
objectclass: person
sn: multi_test
name: test_multi_test_multi_test_multi
distinguishedName: cn=test_multi_test_multi_test_multi,o=University of Michiga
n,c=TEST
# returned 1 records
# 1 entries
# 0 referrals
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13773
Signed-off-by: Lukas Slebodnik <lslebodn@fedoraproject.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* ldb: Avoid inefficient one-level searches
* dirsync: Allow arbitrary length cookies
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13686
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13762
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Autobuild-User(v4-8-test): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(v4-8-test): Wed Feb 13 17:56:32 CET 2019 on sn-devel-144
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Commit 88ae60ed186c9 introduced a problem that made one-level
searches inefficient if there were a lot of child objects in the same
level, and the requested object didn't exist. Basically, it ignored the
case where ldb_kv_index_dn() returned LDB_ERR_NO_SUCH_OBJECT, i.e. the
indexed lookup was successful, but didn't find a match. At which point,
there was no more processing we needed to do.
The behaviour after 88ae60ed186c9 was to fall-through and run the
ldb_kv_index_filter() function over *all* the children. This still
returned the correct result, but could be costly if there were a lot of
children.
The case 88ae60ed186c9 was trying to fix was where we could not do
an indexed search (e.g. trying to match on a 'attribute=*' filter). In
which case we want to ignore the LDB_ERR_OPERATIONS_ERROR and just run
ldb_kv_index_filter() over all the children. This is still more
efficient than the fallback of doing a full database scan.
This patch adds in a short-circuit for the NO_SUCH_OBJECT case, so we
can skip the unnecessary ldb_kv_index_filter() work.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13762
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(Manual merge of commit 9a893f9613bd6440ab in master)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If the final line of a file does not contain a newline then it isn't
included in the line count.
Change i to point to the next slot in the array instead of the current
one. This means that that the current line won't be thrown away if no
newline is seen.
Without changing i to unsigned int, the -O3 --picky -developer build
fails with:
[ 745/4136] Compiling lib/util/util_file.c
==> /builds/samba-team/devel/samba/samba-o3.stderr <==
../../lib/util/util_file.c: In function ‘file_lines_parse’:
../../lib/util/util_file.c:251:8: error: assuming signed overflow does not occur when simplifying conditional to constant [-Werror=strict-overflow]
while (i > 0 && ret[i-1][0] == 0) {
^
cc1: all warnings being treated as errors
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13717
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Dec 19 08:08:28 CET 2018 on sn-devel-144
(cherry picked from commit 5118985841aa0363147d552f243ab5a7d90dbdaf)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes a segfault in pyglue:
==10142== Process terminating with default action of signal 11 (SIGSEGV)
==10142== Bad permissions for mapped region at address 0x6F00A20
==10142== at 0x6F1074B: py_set_debug_level (pyglue.c:165)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13679
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 71ef09c1afdbf967b829cb66b33c3a5cb1c18ba0)
Autobuild-User(v4-8-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-8-test): Mon Nov 12 18:01:17 CET 2018 on sn-devel-144
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13362
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue May 15 09:37:21 CEST 2018 on sn-devel-144
(cherry picked from commit 9fbd4672b06de5333a9c44fc126b8edac0b9d31a)
Autobuild-User(v4-8-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-8-test): Thu Sep 27 15:32:11 CEST 2018 on sn-devel-144
|
|
|
|
|
|
|
| |
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13362
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 8063995a92fffc93aa9d6d1d92a75bf3f3c9592b)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Salt principal for the interdomain trust is krbtgt/DOMAIN@REALM where
DOMAIN is the sAMAccountName without the dollar sign ($)
The salt principal for the BLA$ user object was generated wrong.
dn: CN=bla.base,CN=System,DC=w4edom-l4,DC=base
securityIdentifier: S-1-5-21-4053568372-2049667917-3384589010
trustDirection: 3
trustPartner: bla.base
trustPosixOffset: -2147483648
trustType: 2
trustAttributes: 8
flatName: BLA
dn: CN=BLA$,CN=Users,DC=w4edom-l4,DC=base
userAccountControl: 2080
primaryGroupID: 513
objectSid: S-1-5-21-278041429-3399921908-1452754838-1597
accountExpires: 9223372036854775807
sAMAccountName: BLA$
sAMAccountType: 805306370
pwdLastSet: 131485652467995000
The salt stored by Windows in the package_PrimaryKerberosBlob
(within supplementalCredentials) seems to be
'W4EDOM-L4.BASEkrbtgtBLA' for the above trust
and Samba stores 'W4EDOM-L4.BASEBLA$'.
While the salt used when building the keys from
trustAuthOutgoing/trustAuthIncoming is
'W4EDOM-L4.BASEkrbtgtBLA.BASE', which we handle correct.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13539
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Sep 5 03:57:22 CEST 2018 on sn-devel-144
(cherry picked from commit f3e349bebc443133fdbe4e14b148ca8db8237060)
Autobuild-User(v4-8-test): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(v4-8-test): Wed Sep 5 18:32:05 CEST 2018 on sn-devel-144
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In case we don't have either a /var/log/samba directory, or pass a
non-existent log directory through '-l' option, all commands that are
daemonized with '-D' option hang when executed within a subshell.
An example on how to trigger that:
# rm -r /var/log/samba
# s=$(nmbd -D -s /etc/samba/smb.conf -l /foo123)
(never returns)
So, when the above command is executed within a subshell the following
happens:
(a) Parent shell creates a pipe, sets write side of it to fd 1
(stdout), call read() on read-side fd, forks off a new child process
and then executes nmbd in it.
(b) nmbd sets up initial logging to go through fd 1 (stdout) by
calling setup_logging(..., DEBUG_DEFAULT_STDOUT). 'state.fd' is now
set to 1.
(c) reopen_logs() is called by the first time which then calls
reopen_logs_internal()
(d) in reopen_logs_internal(), it attempts to create log.nmbd file in
/foo123 directory and fails because directory doesn't exist.
(e) Regardless whether the log file was created or not, it calls
dup2(state.fd, 2) which dups fd 1 into fd 2.
(f) At some point, fd 0 and 1 are closed and set to /dev/null
The problem with that is because parent shell in (a) is still blocked in
read() call and the new write side of the pipe is now fd 2 -- after
dup2() in (e) -- and remains unclosed.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13578
Signed-off-by: Paulo Alcantara <palcantara@suse.de>
Reviewed-by: Jim McDonough <jmcd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Aug 18 01:32:25 CEST 2018 on sn-devel-144
(cherry picked from commit 41aa55f49233ea7682cf14e5a7062617274434ce)
|
|
|
|
|
|
| |
* make test fails on ldb 1.3.4 due to missing NULL terminator in tests (bug 13575)
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
|
|
|
|
| |
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13575
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
(cherry picked from commit f8b368c9f0c2a34b6d15303a9d6facd762e1a517)
|
|\
| |
| |
| | |
samba: tag release samba-4.8.4
|
| |
| |
| |
| |
| |
| |
| | |
* Security fix for CVE-2018-1140 (NULL pointer de-reference, bug 13374)
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
|
| |
| |
| |
| |
| |
| | |
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13374
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This ensures we fail with a good error code before an eventual ldb_dn_get_casefold() which
would otherwise fail.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13374
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
ldb_dn_from_ldb_val() does not validate this untrusted input, so a later
call to ldb_dn_get_casefold() can fail if the input is not valid.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13374
|
| |
| |
| |
| |
| |
| | |
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13374
|
| |
| |
| |
| |
| |
| |
| | |
Signed-off-by: Andrej Gessel <Andrej.Gessel@janztec.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13374
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Samba is not compatible with new versions of ldb (except release versions)
Other users would not notice the breakages, but Samba makes many
more assuptions about the LDB internals than any other package.
(Specifically, LDB 1.2 and 1.4 broke builds against released
Samba versions)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13519
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
(cherry picked from commit 52efa796538ae004ca62ea32fc8c833472991be6)
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
talloc_stackframe_internal() calls SMB_THREAD_GET_TLS(global_ts) which
calls smb_get_tls_pthread() in the POSIX pthread wrapper implementation.
If SMB_THREAD_SET_TLS() hasn't been called before, global_ts is NULL and
smb_get_tls_pthread dereferences it so it crashes.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13505
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit e311801e0e7171a2b50e39d3e0c2d2137f8b3d7e)
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13493
Here is the build error on AIX 7.1.
../../lib/tdb/tools/tdbtool.c:39:12: error: 'disable_lock' redeclared as different kind of symbol
static int disable_lock;
^~~~~~~~~~~~
In file included from /usr/include/sys/gfs.h:24:0,
from /usr/include/sys/vfs.h:27,
from ../../lib/replace/system/filesys.h:48,
from ../../lib/tdb/tools/tdbtool.c:26:
/usr/include/sys/lock_def.h:314:5: note: previous declaration of 'disable_lock' was here
int disable_lock(int,simple_lock_t);
^~~~~~~~~~~~
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit edffe4d16514fa0c87655e040842f6c20d89791c)
|
|/
|
|
|
|
|
|
| |
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13493
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit 7eeba9c5a4541e581b062fb9ee26f13b7373c541)
|
|
|
|
|
|
|
|
|
|
|
| |
* Fix memory leaks and missing error checks (bug 13459, 13471, 13475)
* Fix fallback to full scan (performance regression) on
one-level search (bug 13448)
* Fix read corruption (missing results) during writes, particularly
during a Samba subtree rename (bug 13452)
Autobuild-User(v4-8-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-8-test): Tue Jun 26 13:31:53 CEST 2018 on sn-devel-144
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13475
Signed-off-by: Andrej Gessel <Andrej.Gessel@janztec.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jun 15 23:07:25 CEST 2018 on sn-devel-144
(cherry picked from commit 3ca1c09f686fbfa9257cd95710dba4a98c3eeb8f)
|
|
|
|
|
|
|
|
|
|
|
| |
there are also mem leaks in this function
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13475
Signed-off-by: Andrej Gessel <Andrej.Gessel@janztec.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit f75e8f58cd2390c092631803d333adadb475306a)
|
|
|
|
|
|
|
|
|
| |
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13475
Signed-off-by: Andrej Gessel <Andrej.Gessel@janztec.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 6b52d21e6040699a72aff12fd6ebb34534dcb457)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
After a duplicated add a small amount of memory can be leaked onto a
long-term context.
Found by Andrej Gessel https://github.com/andiges
https://github.com/samba-team/samba/commit/e8fb45125e6a279b918694668e0d4fbddac10aee#commitcomment-29334102
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13471
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jun 15 04:39:41 CEST 2018 on sn-devel-144
(cherry picked from commit f4f3abfa0e18bb4968b37b1cac40cd8c185c8d7b)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Introduced in e8cdacc509016d9273d63faf334d9f827585c3eb
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13459
Signed-off-by: Lukas Slebodnik <lslebodn@fedoraproject.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jun 1 11:10:24 CEST 2018 on sn-devel-144
(cherry picked from commit d161aa3522576545d269208426bb0014ee2ab35f)
|
|
|
|
|
|
|
|
|
| |
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13448
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from commit e99c199d811e607e7867e7b40d82a1642226c647)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When no search filter is specified, the code falls back to using
'(|(objectClass=*)(distinguishedName=*)'. ltdb_index_dn() then failed
because matching against '*' is not indexed. The error return then
caused the code to fallback to a full-scan of the DB, which could have a
considerable performance hit.
Instead, we want to continue on and do the ltdb_index_filter() over the
indexed results that were returned.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13448
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from commit 88ae60ed186c9c479722ad62d65a07d0c2e71469)
|
|
|
|
|
|
|
| |
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from commit 9e143ee9b9f7be53c193cee3153f64c4dedc07e9)
|
|
|
|
|
|
|
| |
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from commit 3632775d7ad31e06437ed76b8731d9895930caa1)
|
|
|
|
|
|
|
|
|
|
|
| |
Otherwise Samba modules like subtree_rename can fail as they modify the
index during the callback.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13452
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from commit d02cd236dcbd8a44ecc85d1f7e95a48c95c0a479)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
MIT kerberos 1.13 and older only stores 8 bits of the KVNO. The change
from commit 35b2fb4ff32 resulted in breakage for these kerberos
versions: 'net ads keytab create' reads a large KVNO from AD, and only
the lower 8 bits are stored. The next check then removed the entry again
as the 8 bit value did not match the currently valid KVNO.
Fix this by limiting the check to only 8 bits.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13478
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Christof Schmitt <cs@samba.org>
Autobuild-Date(master): Sat Jun 23 00:57:47 CEST 2018 on sn-devel-144
(cherry picked from commit 97eaeea6a130871cfac5be42459380c0c4e0fae6)
|
|
|
|
|
|
|
|
| |
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit fb6cd9c44ac6fcc9f6abe3b63fc742aeac42969a)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
../lib/util/tests/tfork.c:483:24: error: passing argument 1 to
restrict-qualified parameter aliases with argument 4 [-Werror=restrict]
ret = pthread_create(&threads[i],
^~~~~~~~~~~
../lib/util/tests/tfork.c:486:10:
(void *)&threads[i]);
~~~~~~~~~~~~~~~~~~~
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit 6f06a0154f5769cb85f6e189eecd78cd7805090a)
|
|
|
|
|
|
|
|
| |
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit 7cec343a89a0862c09f5ddd4707eb442157a4af2)
|
|
|
|
|
|
|
|
| |
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13446
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit f5d05562679f6aa691b98b4a75952f7dda7ed343)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This matches the AD DC with the behaviour in smbd.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13454
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Apr 11 04:03:07 CEST 2018 on sn-devel-144
(cherry picked from commit 462eb4a44cc51dc17aebbcd5c609c9ff7f088554)
Autobuild-User(v4-8-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-8-test): Mon Jun 4 14:30:55 CEST 2018 on sn-devel-144
|
|
|
|
|
|
|
| |
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13454
(cherry picked from commit bf9551902afdb32310db4a3381964c435dd08bf0)
|
|
|
|
|
|
|
|
|
|
| |
This is like the changes made in s3 by
4fa555980070d78b39711ef21d77628d26055bc2
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13454
(cherry picked from commit 3acc00b6808d5d5ad035d9d43526204db1608c8a)
|