summaryrefslogtreecommitdiff
path: root/lib
Commit message (Collapse)AuthorAgeFilesLines
* util: Fix a signed/unsigned comparisonMartin Schwenke2020-07-161-1/+1
| | | | | | | | | | | | | | [107/390] Compiling lib/util/time.c ../../../lib/util/time.c: In function ‘timespec_string_buf’: ../../../lib/util/time.c:416:10: warning: comparison of integer expressions of different signedness: ‘size_t’ {aka ‘long unsigned int’} and ‘int’ [-Wsign-compare] 416 | if (len == -1) { | ^~ Signed-off-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Thu Jul 16 04:00:52 UTC 2020 on sn-devel-184
* tdb: Fix some signed/unsigned comparisonsMartin Schwenke2020-07-161-2/+3
| | | | | | | | | | | | | | | [207/389] Compiling lib/tdb/tools/tdbdump.c ../../../lib/tdb/tools/tdbrestore.c: In function ‘read_linehead’: ../../../lib/tdb/tools/tdbrestore.c:43:13: warning: comparison of integer expressions of different signedness: ‘int’ and ‘long unsigned int’ [-Wsign-compare] 43 | for (i=0; i<sizeof(prefix); i++) { | ^ ../../../lib/tdb/tools/tdbrestore.c: In function ‘read_data’: ../../../lib/tdb/tools/tdbrestore.c:95:13: warning: comparison of integer expressions of different signedness: ‘int’ and ‘size_t’ {aka ‘long unsigned int’} [-Wsign-compare] 95 | for (i=0; i<size; i++) { | ^ Signed-off-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Volker Lendecke <vl@samba.org>
* s3: lib: Fix missing TALLOC_FREE in error code path.Jeremy Allison2020-07-141-1/+1
| | | | | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=14441 Reported by Alexander Pyhalov <apyhalov@gmail.com> Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Tue Jul 14 07:42:54 UTC 2020 on sn-devel-184
* lib/util: allow to set TCP_USER_TIMEOUT socket optionGünther Deschner2020-07-081-0/+3
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897 Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* lib/util: add generate_unique_u64() helper functionStefan Metzmacher2020-07-082-1/+51
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* lib/torture: fix subunit names of nested suitesStefan Metzmacher2020-07-072-2/+79
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | E.g. passing 'smb2.multichannel.generic' to smbtorture results in - interface_info - num_channels While passing 'smb2.multichannel' to smbtorture results in: - generic.interface_info - genetic.num_channels - oplocks.test1 ... - leases.test1 ... Before we got this: - interface_info - num_channels - test1 ... - test1 That made it impossible to add knownfail entries for leases.test1 vs. oplocks.test1 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* lib/torture: add back links to the parent objectsStefan Metzmacher2020-07-072-0/+7
| | | | | | | This makes would allow the full name of a test to be constructed if needed in future. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* lib/torture: make torture_subunit_test_name() publicStefan Metzmacher2020-07-073-18/+16
| | | | | | This makes it easier to modify. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* lib/debug: set the correct default backend loglevel to MAX_DEBUG_LEVELRalph Boehme2020-07-021-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | This fixed a regression introduced by commit c83ce5f4f99aef94530411ec82cc03e9935b352d for bug #14345. The backend loglevel globally restricts logging of a particular backend. If this value is smaller then any explicitly configured logging class, logging for this class is skipped. Eg, given the following logging config in smb.conf: log level = 1 auth_json_audit:3@/var/log/samba/samba_auth_audit.log the default class loglevel of 1 (dbgc_config[DBGC_ALL].loglevel) will be assigned to the backend loglevel. So even though the logging class auth_json_audit is configured at level 3, this doesn't become effective as the file backend drops all log messages with a level below 1. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14426 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Thu Jul 2 13:25:29 UTC 2020 on sn-devel-184
* lib/debug: assert file backendRalph Boehme2020-07-021-6/+6
| | | | | | | | | The debug file backend is a built-in default, if it's missing we're totally screwed. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14426 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* ldb_ldap: Fix a memleakldb-2.2.0Volker Lendecke2020-07-021-1/+1
| | | | | | | Don't allocate a temporary value on a long-term context Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: David Mulder <dmulder@samba.org>
* CVE-2020-10730: lib ldb: Check if ldb_lock_backend_callback called twiceGary Lockyer2020-07-021-1/+8
| | | | | | | | | | | | Prevent use after free issues if ldb_lock_backend_callback is called twice, usually due to ldb_module_done being called twice. This can happen if a module ignores the return value from function a function that calls ldb_module_done as part of it's error handling. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14364 Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* tls: Use NORMAL:-VERS-SSL3.0 as the default configurationAndreas Schneider2020-07-011-6/+0
| | | | | | | | | | | | | | | This seems to be really broken in GnuTLS and the documentation is also not correct. This partially reverts 53e3a959b958a3b099df6ecc5f6e294e96bd948e BUG: https://bugzilla.samba.org/show_bug.cgi?id=14408 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Jul 1 14:56:33 UTC 2020 on sn-devel-184
* dsdb: Allow "password hash userPassword schemes = CryptSHA256" to work on RHEL7Andrew Bartlett2020-07-011-0/+1
| | | | | | | | | | | | | On RHEL7 crypt_r() will set errno. This is a problem because the implementation of crypt_r() in RHEL8 and elsewhere in libcrypt will return non-NULL but set errno on failure. The workaround is to use crypt_rn(), provided only by libcrypt, which will return NULL on failure, and so avoid checking errno in the non-failure case. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14424 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
* util: fix build on AIX by fixing the order of replace.h includeBjoern Jacke2020-06-291-1/+1
| | | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=14422 Signed-off-by: Bjoern Jacke <bjacke@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> Autobuild-User(master): Björn Jacke <bjacke@samba.org> Autobuild-Date(master): Mon Jun 29 18:19:04 UTC 2020 on sn-devel-184
* ldb_ldap: fix off-by-one increment in lldb_add_msg_attrAlexander Bokovoy2020-06-191-2/+0
| | | | | | | | | | | | | | | | | | Fix regression introduced by commit ce2bf5c72b6423fff680b3d6a9042103a6cdda55 lldb_add_msg_attr() calls ldb_msg_add_empty() which, in turn, calls calls _ldb_msg_add_el() which already increments msg->num_elements by one. As a result, msg->num_elements is bigger than the actual number of elements and any iteration over elements would step over elements array boundary. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14413 Signed-off-by: Alexander Bokovoy <ab@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Fri Jun 19 08:35:33 UTC 2020 on sn-devel-184
* lib/ldb: add unit test for ldb_ldap internal codeAlexander Bokovoy2020-06-192-0/+119
| | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=14413 Signed-off-by: Alexander Bokovoy <ab@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3:lib:tls: Use better priority lists for modern GnuTLSAndreas Schneider2020-06-171-1/+9
| | | | | | | | | | | | | | | We should use the default priority list. That is a good practice, because TLS protocol hardening and phasing out of legacy algorithms, is easier to co-ordinate when happens at a single place. See crypto policies of Fedora. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14408 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Wed Jun 17 17:42:02 UTC 2020 on sn-devel-184
* ldb: Avoid a cast (unsigned long long) in ldbmodify.cVolker Lendecke2020-06-151-3/+6
| | | | | | | We have %zu for size_t Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* tsocket: Fix a typoVolker Lendecke2020-06-151-1/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* ldb commandline: don't crash if a received control contains no dataDouglas Bagnall2020-06-131-4/+41
| | | | | Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* ldb/controls: avoid stealing our own stuffDouglas Bagnall2020-06-131-1/+1
| | | | | Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* ldb/mod/paged_searches: cope with NULL control dataDouglas Bagnall2020-06-131-2/+2
| | | | | | | We won't get NULL data over ldap, but it can be set via 'local_oid:'. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* dbwrap_rbt: support TDB_INSERT and TDB_MODIFY store flagsDavid Disseldorp2020-06-101-0/+8
| | | | | | | | These flags provide insert-new and overwrite-existing record semantics respectively. Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* util: Reallocate larger buffer if getpwuid_r() returns ERANGEMartin Schwenke2020-06-091-0/+13
| | | | | | | | Signed-off-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Martin Schwenke <martins@samba.org> Autobuild-Date(master): Tue Jun 9 21:07:24 UTC 2020 on sn-devel-184
* util: Fix build on FreeBSD by avoiding NSS_BUFLEN_PASSWDMartin Schwenke2020-06-091-5/+22
| | | | | | | | | | | NSS_BUFLEN_PASSWD is not defined on FreeBSD. Use sysconf(_SC_GETPW_R_SIZE_MAX) instead, as per POSIX. Use a dynamically allocated buffer instead of trying to cram all of the logic into the declarations. This will come in useful later anyway. Signed-off-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Volker Lendecke <vl@samba.org>
* util: Simplify input validationMartin Schwenke2020-06-091-5/+4
| | | | | | | | | | | | It appears that snprintf(3) is being used for input validation. However, this seems like overkill because it causes szPath to be copied an extra time. The mostly likely protections being sought here, according to https://cwe.mitre.org/data/definitions/20.html, look to be DoS attacks involving CPU and memory usage. A simpler check that uses strnlen(3) can mitigate against both of these and is simpler. Signed-off-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Volker Lendecke <vl@samba.org>
* talloc: Mark ptr of talloc_unlink() not as a tainted scalarAndreas Schneider2020-06-091-0/+2
| | | | | | This should address a lot of issues reported by Coverity. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* lib/util: Allow gdb to be started by samba_start_debugger() under the ↵Andrew Bartlett2020-05-271-0/+10
| | | | | | | | | | | default Ubuntu restrictions Ubuntu (in particular) restricts ptrace by default for security reasons but the processe to be traced can allow tracing by a child process using prctl(). This matches what is done for panic action = Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
* ldb: also use portable __has_attribute macro to check for attribute supportBjörn Jacke2020-05-241-1/+1
| | | | | Signed-off-by: Bjoern Jacke <bjacke@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* talloc: also use portable __has_attribute macro to check for attribute supportBjörn Jacke2020-05-241-1/+6
| | | | | Signed-off-by: Bjoern Jacke <bjacke@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* tdb: also use __has_attribute macro to check for attribute supportBjörn Jacke2020-05-241-1/+1
| | | | | Signed-off-by: Bjoern Jacke <bjacke@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* replace, attr.: use function attributes only if supported by feature macro ↵Björn Jacke2020-05-242-10/+19
| | | | | | | | | (or old gcc) BUG: https://bugzilla.samba.org/show_bug.cgi?id=12296 Signed-off-by: Bjoern Jacke <bjacke@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* tevent: Fix a tevent tutorial errorVolker Lendecke2020-05-191-1/+1
| | | | | | | | | | We don't pass a tevent_req but a tevent_context to the _send function Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Tue May 19 12:07:42 UTC 2020 on sn-devel-184
* s3: lib: Paranoia around use of snprintf copying into a fixed-size buffer ↵Jeremy Allison2020-05-181-2/+6
| | | | | | | | | | | | from a getenv() pointer. Post checks for overflow/error. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Mon May 18 23:42:57 UTC 2020 on sn-devel-184
* lib:util: Add test for path_expand_tilde()Andreas Schneider2020-05-152-0/+133
| | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=14370 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* lib:util: Add path_expand_tilde()Andreas Schneider2020-05-152-0/+81
| | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=14370 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* dbwrap: Make dbwrap_lock_order_[un]lock() publicVolker Lendecke2020-05-152-4/+9
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* dbwrap: Simplify dbwrap_lock_order_[un]lock()Volker Lendecke2020-05-151-34/+49
| | | | | | | | | | | | | | | | | Directly pass the database name and lock order to the core functions, avoid passing struct db_context. In the next steps these functions will become public: locking.tdb will be based on g_lock.c to avoid holding a tdb-level locking.tdb mutex while doing complex file system operations like unlink() which can take ages on FAT for example. This means that g_lock.c will participate in the dbwrap lock order protection and needs access to dbwrap_lock_order_[un]lock() without providing a direct db_context. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* lib:param: Fix memory leak in lpcfg_load_internal()awalker2020-05-131-2/+5
| | | | | | | | | Signed-off-by: awalker <awalker@ixsystems.com> Reviewed-by: Ralph Boehme <slow@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Wed May 13 17:34:43 UTC 2020 on sn-devel-184
* lib: util: Add sys_pwrite_full().Jeremy Allison2020-05-122-0/+50
| | | | | | | | | | | | | | | | | A pwrite wrapper that will deal with EINTR and never return a short write unless the file system returns an error. Copes with the unspecified edge condition of pwrite returning zero by changing the return to -1, errno = ENOSPC. Thread-safe so may be used as a replacement for pwrite inside pwrite_do() thread functions. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14361 Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Jeremy Allison <jra@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
* lib: util: Add sys_pread_full().Jeremy Allison2020-05-122-0/+49
| | | | | | | | | | | | | | | A pread wrapper that will deal with EINTR and never return a short read unless pread returns zero meaning EOF. Thread-safe so may be used as a replacement for pread inside pread_do() thread functions. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14361 Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Jeremy Allison <jra@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
* lib: util: Add sys_valid_io_range()Stefan Metzmacher2020-05-122-0/+25
| | | | | | | | | | | | | | This implements the contraints of [MS-FSA] 2.1.5.2 Server Requests a Read. The special handling of [MS-FSA] 2.1.5.3 Server Requests a Write with offset < 0, should be handled by higher layers! Which means the check can also be used for writes. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14361 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* lib ldb: Limit depth of ldb_parse_treeGary Lockyer2020-05-102-15/+140
| | | | | | | | | | | | | | | Limit the number of nested conditionals allowed by ldb_parse tree to 128, to avoid potential stack overflow issues. Credit Oss-Fuzz REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19508 Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Gary Lockyer <gary@samba.org> Autobuild-Date(master): Sun May 10 23:21:08 UTC 2020 on sn-devel-184
* lib util ASN.1: Panic on ASN.1 tag mismatchGary Lockyer2020-05-101-2/+3
| | | | | | | | If the ASN.1 depth is zero in asn1_end_tag, call smb_panic. Rather than ignoring the condition. Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* Fix clang 9 format-nonliteral warningsGary Lockyer2020-05-081-2/+4
| | | | Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andreas Schneider <asn@samba.org>
* Fix clang 9 missing-field-initializer warningsGary Lockyer2020-05-089-24/+24
| | | | Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andreas Schneider <asn@samba.org>
* Fix clang 9 parentheses-equality warningsGary Lockyer2020-05-081-1/+1
| | | | Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andreas Schneider <asn@samba.org>
* lib/socket: autodetect RSS using ETHTOOL_GRXRINGSStefan Metzmacher2020-05-071-0/+41
| | | | | | | | | | | | | | | | | | | | | | | | This is also used as part of 'ethtool -n rdma14' and 'ethtool -x rdma14'. ;#> ethtool -n rdma14 8 RX rings available rxclass: Cannot get RX class rule count: Operation not supported RX classification rule retrieval failed ;#> ethtool -x rdma14 RX flow hash indirection table for rdma14 with 8 RX ring(s): 0: 0 1 2 3 4 5 6 7 8: 0 1 2 3 4 5 6 7 RSS hash key: Operation not supported RSS hash function: toeplitz: on xor: off crc32: off Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* lib/socket: let query_iface_speed_from_name() initialize memory passed to ↵Stefan Metzmacher2020-05-071-0/+2
| | | | | | | | | | syscalls I'm not sure if struct initializers would take care of padding, so I use ZERO_STRUCT(). Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
View Lorry Controller Status