IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Only remove the unsupported flags from local_negotiate_flags for
the next try...
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
If LogonGetCapabilities was downgraded by an DCERPC Fault, we
rely on the schannel message ordering to detect failures.
Instead of letting any real winbindd request trigger this,
we do it directly in netlogon_creds_cli_check() with
a LogonControl that is also used for 'wbinfo --ping-dc'.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
But we can send arcfour and strong key on the wire and don't need to
remove them from the proposed flags.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Only remove the unsupported flags from state->current_flags for
the next try...
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
With SAMBA_WEAK_CRYPTO_DISALLOWED dcesrv_netr_ServerAuthenticate3_check_downgrade()
will return DOWNGRADE_DETECTED with negotiate_flags = 0, if AES was not
negotiated...
And if AES was negotiated there's no harm in returning the ARCFOUR
flag...
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
With SAMBA_WEAK_CRYPTO_DISALLOWED we will return DOWNGRADE_DETECTED with negotiate_flags = 0,
if AES was not negotiated...
And if AES was negotiated there's no harm in returning the ARCFOUR
flag...
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
We should check that we can actually negotiated the strong AES
crypto instead of just checking that NETLOGON_NEG_ARCFOUR is not
there...
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
This was missing from commit 6140c3177a and causes
all opens of directories to be handled as stat opens, bypassing the sharemode
check.
Not adding a test at this time, as my (hopefully) soon to be merged Directory
Leases branch has a test which actually detected this problem.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15732
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Oct 29 12:44:49 UTC 2024 on atb-devel-224
Essentially FSP_POSIX_FLAGS_OPEN implies FSP_POSIX_FLAGS_PATHNAMES, so we can
just remove FSP_POSIX_FLAGS_PATHNAMES and simplify things.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
This option of the vfs_fruit VFS module that could be used to enable POSIX
directory rename behaviour for OS X clients has been removed as it could result
in severe problems for Windows clients.
As a possible workaround it is possible to prevent creation of .DS_Store files
(a Finder thingy to store directory view settings) on network mounts by running
$ defaults write com.apple.desktopservices DSDontWriteNetworkStores true
on the Mac.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Prefer a safe version of ceph_readdir, where the directory entry struct
is allocated by the caller. Use a dynamic-allocated 'struct dirent'
which is associated with a directory vfs_ceph_fh (optional), which is
allocated on-the-fly upon start of READDIR and released at the end or
CLOSEDIR (or unlikely readdir error).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15703
Signed-off-by: Shachar Sharon <ssharon@redhat.com>
Reviewed-by: John Mulligan <jmulligan@redhat.com>
Reviewed-by: Anoop C S <anoopcs@samba.org>
Autobuild-User(master): Anoop C S <anoopcs@samba.org>
Autobuild-Date(master): Fri Oct 25 10:29:44 UTC 2024 on atb-devel-224
Follow recent convention to write sync wrappers
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Oct 25 09:04:11 UTC 2024 on atb-devel-224
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Thu Oct 24 12:05:10 UTC 2024 on atb-devel-224
==36258==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x51300000b096 at pc 0x7fb6b4880b46 bp 0x7ffc67d44b40 sp 0x7ffc67d44300
READ of size 1 at 0x51300000b096 thread T0
#0 0x7fb6b4880b45 in strlen ../../../../libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:391
#1 0x560fe898cde3 in winbindd_wins_byip_done ../../source3/winbindd/winbindd_wins_byip.c:111
#2 0x7fb6b4ef8ae5 in _tevent_req_notify_callback ../../lib/tevent/tevent_req.c:177
#3 0x7fb6b4ef8d1c in tevent_req_finish ../../lib/tevent/tevent_req.c:234
#4 0x7fb6b4ef8d84 in _tevent_req_done ../../lib/tevent/tevent_req.c:240
#5 0x7fb6b1e24c80 in node_status_query_done ../../source3/libsmb/namequery.c:904
#6 0x7fb6b4ef8ae5 in _tevent_req_notify_callback ../../lib/tevent/tevent_req.c:177
#7 0x7fb6b4ef8d1c in tevent_req_finish ../../lib/tevent/tevent_req.c:234
#8 0x7fb6b4ef8d84 in _tevent_req_done ../../lib/tevent/tevent_req.c:240
#9 0x7fb6b1e250bc in nb_trans_done ../../source3/libsmb/namequery.c:756
#10 0x7fb6b4ef8ae5 in _tevent_req_notify_callback ../../lib/tevent/tevent_req.c:177
#11 0x7fb6b4ef8d1c in tevent_req_finish ../../lib/tevent/tevent_req.c:234
#12 0x7fb6b4ef8d84 in _tevent_req_done ../../lib/tevent/tevent_req.c:240
#13 0x7fb6b1e270af in sock_packet_read_got_socket ../../source3/libsmb/namequery.c:537
#14 0x7fb6b4ef8ae5 in _tevent_req_notify_callback ../../lib/tevent/tevent_req.c:177
#15 0x7fb6b4ef8d1c in tevent_req_finish ../../lib/tevent/tevent_req.c:234
#16 0x7fb6b4ef8d84 in _tevent_req_done ../../lib/tevent/tevent_req.c:240
#17 0x7fb6b33db183 in tdgram_recvfrom_done ../../lib/tsocket/tsocket.c:240
#18 0x7fb6b4ef8ae5 in _tevent_req_notify_callback ../../lib/tevent/tevent_req.c:177
#19 0x7fb6b4ef8d1c in tevent_req_finish ../../lib/tevent/tevent_req.c:234
#20 0x7fb6b4ef8d84 in _tevent_req_done ../../lib/tevent/tevent_req.c:240
#21 0x7fb6b33e0d99 in tdgram_bsd_recvfrom_handler ../../lib/tsocket/tsocket_bsd.c:1087
#22 0x7fb6b33e0263 in tdgram_bsd_fde_handler ../../lib/tsocket/tsocket_bsd.c:811
#23 0x7fb6b4ef5ac1 in tevent_common_invoke_fd_handler ../../lib/tevent/tevent_fd.c:174
#24 0x7fb6b4f0b185 in epoll_event_loop ../../lib/tevent/tevent_epoll.c:696
#25 0x7fb6b4f0b185 in epoll_event_loop_once ../../lib/tevent/tevent_epoll.c:926
#26 0x7fb6b4f037b8 in std_event_loop_once ../../lib/tevent/tevent_standard.c:110
#27 0x7fb6b4ef3549 in _tevent_loop_once ../../lib/tevent/tevent.c:820
#28 0x560fe8a15198 in main ../../source3/winbindd/winbindd.c:1729
#29 0x7fb6afe2a2ad in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
#30 0x7fb6afe2a378 in __libc_start_main_impl ../csu/libc-start.c:360
#31 0x560fe89454e4 in _start ../sysdeps/x86_64/start.S:115
0x51300000b096 is located 12 bytes after 330-byte region [0x51300000af40,0x51300000b08a)
allocated by thread T0 here:
#0 0x7fb6b48fc777 in malloc ../../../../libsanitizer/asan/asan_malloc_linux.cpp:69
#1 0x7fb6b3a64c57 in __talloc_with_prefix ../../lib/talloc/talloc.c:783
#2 0x7fb6b3a66acf in __talloc ../../lib/talloc/talloc.c:825
#3 0x7fb6b3a66acf in _talloc_named_const ../../lib/talloc/talloc.c:982
#4 0x7fb6b3a66acf in _talloc_array ../../lib/talloc/talloc.c:2784
#5 0x7fb6b1e2b43e in parse_node_status ../../source3/libsmb/namequery.c:337
#6 0x7fb6b1e2b43e in node_status_query_recv ../../source3/libsmb/namequery.c:921
#7 0x560fe898cc4f in winbindd_wins_byip_done ../../source3/winbindd/winbindd_wins_byip.c:87
#8 0x7fb6b4ef8ae5 in _tevent_req_notify_callback ../../lib/tevent/tevent_req.c:177
#9 0x7fb6b4ef8d1c in tevent_req_finish ../../lib/tevent/tevent_req.c:234
#10 0x7fb6b4ef8d84 in _tevent_req_done ../../lib/tevent/tevent_req.c:240
#11 0x7fb6b1e24c80 in node_status_query_done ../../source3/libsmb/namequery.c:904
#12 0x7fb6b4ef8ae5 in _tevent_req_notify_callback ../../lib/tevent/tevent_req.c:177
#13 0x7fb6b4ef8d1c in tevent_req_finish ../../lib/tevent/tevent_req.c:234
#14 0x7fb6b4ef8d84 in _tevent_req_done ../../lib/tevent/tevent_req.c:240
#15 0x7fb6b1e250bc in nb_trans_done ../../source3/libsmb/namequery.c:756
#16 0x7fb6b4ef8ae5 in _tevent_req_notify_callback ../../lib/tevent/tevent_req.c:177
#17 0x7fb6b4ef8d1c in tevent_req_finish ../../lib/tevent/tevent_req.c:234
#18 0x7fb6b4ef8d84 in _tevent_req_done ../../lib/tevent/tevent_req.c:240
#19 0x7fb6b1e270af in sock_packet_read_got_socket ../../source3/libsmb/namequery.c:537
#20 0x7fb6b4ef8ae5 in _tevent_req_notify_callback ../../lib/tevent/tevent_req.c:177
#21 0x7fb6b4ef8d1c in tevent_req_finish ../../lib/tevent/tevent_req.c:234
#22 0x7fb6b4ef8d84 in _tevent_req_done ../../lib/tevent/tevent_req.c:240
#23 0x7fb6b33db183 in tdgram_recvfrom_done ../../lib/tsocket/tsocket.c:240
#24 0x7fb6b4ef8ae5 in _tevent_req_notify_callback ../../lib/tevent/tevent_req.c:177
#25 0x7fb6b4ef8d1c in tevent_req_finish ../../lib/tevent/tevent_req.c:234
#26 0x7fb6b4ef8d84 in _tevent_req_done ../../lib/tevent/tevent_req.c:240
#27 0x7fb6b33e0d99 in tdgram_bsd_recvfrom_handler ../../lib/tsocket/tsocket_bsd.c:1087
#28 0x7fb6b33e0263 in tdgram_bsd_fde_handler ../../lib/tsocket/tsocket_bsd.c:811
#29 0x7fb6b4ef5ac1 in tevent_common_invoke_fd_handler ../../lib/tevent/tevent_fd.c:174
#30 0x7fb6b4f0b185 in epoll_event_loop ../../lib/tevent/tevent_epoll.c:696
#31 0x7fb6b4f0b185 in epoll_event_loop_once ../../lib/tevent/tevent_epoll.c:926
#32 0x7fb6b4f037b8 in std_event_loop_once ../../lib/tevent/tevent_standard.c:110
#33 0x7fb6b4ef3549 in _tevent_loop_once ../../lib/tevent/tevent.c:820
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Direct leak of 120 byte(s) in 1 object(s) allocated from:
#0 0x7f2f7f0fc777 in malloc ../../../../libsanitizer/asan/asan_malloc_linux.cpp:69
#1 0x7f2f7ee24c57 in __talloc_with_prefix ../../lib/talloc/talloc.c:783
#2 0x7f2f7ee26acf in __talloc ../../lib/talloc/talloc.c:825
#3 0x7f2f7ee26acf in _talloc_named_const ../../lib/talloc/talloc.c:982
#4 0x7f2f7ee26acf in _talloc_array ../../lib/talloc/talloc.c:2784
#5 0x7f2f7e3f6a99 in data_blob_talloc_named ../../lib/util/data_blob.c:58
#6 0x7f2f7e3f6b1b in data_blob_named ../../lib/util/data_blob.c:40
#7 0x5570b9e36100 in test_lm_ntlm_broken ../../source3/utils/ntlm_auth_diagnostics.c:56
#8 0x5570b9e36b5d in test_ntlm ../../source3/utils/ntlm_auth_diagnostics.c:180
#9 0x5570b9e387f3 in diagnose_ntlm_auth ../../source3/utils/ntlm_auth_diagnostics.c:707
#10 0x5570b9e34efd in main ../../source3/utils/ntlm_auth.c:2855
#11 0x7f2f7ba2a2ad in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
Reviewed-by: Martin Schwenke <martin@meltin.net>
Direct leak of 192 byte(s) in 1 object(s) allocated from:
#0 0x7fc5afefc777 in malloc ../../../../libsanitizer/asan/asan_malloc_linux.cpp:69
#1 0x7fc5afaefc57 in __talloc_with_prefix ../../lib/talloc/talloc.c:783
#2 0x7fc5afaf18cf in __talloc ../../lib/talloc/talloc.c:825
#3 0x7fc5afaf18cf in _talloc_named_const ../../lib/talloc/talloc.c:982
#4 0x7fc5afaf18cf in _talloc_zero ../../lib/talloc/talloc.c:2421
#5 0x7fc5aeac4809 in loadparm_init_s3 ../../lib/param/loadparm.c:3223
#6 0x560ee34b3949 in main ../../source3/utils/ntlm_auth.c:2806
#7 0x7fc5ac62a2ad in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
==375711==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 20 byte(s) in 1 object(s) allocated from:
#0 0x7f83838f6880 in strdup ../../../../libsanitizer/asan/asan_interceptors.cpp:578
#1 0x55a06cc7c244 in main ../../source4/client/client.c:3470
#2 0x7f837fe2a2ad in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Direct leak of 200 byte(s) in 1 object(s) allocated from:
#0 0x7f42972fc130 in calloc ../../../../libsanitizer/asan/asan_malloc_linux.cpp:77
#1 0x7f4296cf3054 in wbcAllocateMemory ../../nsswitch/libwbclient/wbclient.c:216
#2 0x7f4296cf386c in wbc_create_auth_info ../../nsswitch/libwbclient/wbc_pam.c:96
#3 0x7f4296cf59a1 in wbcCtxAuthenticateUserEx ../../nsswitch/libwbclient/wbc_pam.c:561
#4 0x7f4296cf5d98 in wbcAuthenticateUserEx ../../nsswitch/libwbclient/wbc_pam.c:578
#5 0x55f8ff6023f1 in torture_decode_compare_pac ../../source4/torture/winbind/winbind.c:120
#6 0x55f8ff6023f1 in torture_winbind_pac ../../source4/torture/winbind/winbind.c:291
#7 0x55f8ff603c98 in torture_winbind_pac_gss_spnego ../../source4/torture/winbind/winbind.c:303
#8 0x7f4295ff560c in wrap_simple_test ../../lib/torture/torture.c:712
#9 0x7f4295ff748d in internal_torture_run_test ../../lib/torture/torture.c:520
#10 0x7f4295ff7904 in torture_run_tcase_restricted ../../lib/torture/torture.c:585
#11 0x7f4295ff7e69 in torture_run_suite_restricted ../../lib/torture/torture.c:439
#12 0x55f8ff7980ba in run_matching ../../source4/torture/smbtorture.c:96
#13 0x55f8ff798141 in run_matching ../../source4/torture/smbtorture.c:106
#14 0x55f8ff798e41 in torture_run_named_tests ../../source4/torture/smbtorture.c:173
#15 0x55f8ff79cf03 in main ../../source4/torture/smbtorture.c:754
#16 0x7f4291a2a2ad in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
==379167==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 44 byte(s) in 2 object(s) allocated from:
#0 0x7f54522f6880 in strdup ../../../../libsanitizer/asan/asan_interceptors.cpp:578
#1 0x7f54520d5a95 in process_domain_info_string ../../nsswitch/libwbclient/wbc_util.c:471
#2 0x7f54520d5a95 in wbcCtxListTrusts ../../nsswitch/libwbclient/wbc_util.c:612
#3 0x7f54520d6426 in wbcListTrusts ../../nsswitch/libwbclient/wbc_util.c:632
#4 0x558c48799cf7 in wbinfo_list_domains ../../nsswitch/wbinfo.c:515
#5 0x558c487a72db in main ../../nsswitch/wbinfo.c:3300
#6 0x7f544f42a2ad in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Direct leak of 832 byte(s) in 13 object(s) allocated from:
#0 0x7efc8e0fc777 in malloc ../../../../libsanitizer/asan/asan_malloc_linux.cpp:69
#1 0x562cb6e96d44 in nss_test_initgroups ../../nsswitch/nsstest.c:381
#2 0x562cb6e96d44 in nss_test_users ../../nsswitch/nsstest.c:424
#3 0x562cb6e96d44 in main ../../nsswitch/nsstest.c:493
#4 0x7efc8dc2a2ad in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Direct leak of 48 byte(s) in 1 object(s) allocated from:
#0 0x7ff206afc130 in calloc ../../../../libsanitizer/asan/asan_malloc_linux.cpp:77
#1 0x7ff206837054 in wbcAllocateMemory ../../nsswitch/libwbclient/wbclient.c:216
#2 0x7ff20683c76a in wbc_create_password_policy_info ../../nsswitch/libwbclient/wbc_pam.c:295
#3 0x7ff20683c76a in wbcCtxLogonUser ../../nsswitch/libwbclient/wbc_pam.c:1290
#4 0x7ff20683caec in wbcLogonUser ../../nsswitch/libwbclient/wbc_pam.c:1307
#5 0x556ea348db12 in wbinfo_auth_krb5 ../../nsswitch/wbinfo.c:1723
#6 0x556ea348db12 in main ../../nsswitch/wbinfo.c:3238
#7 0x7ff203c2a2ad in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Signed-off-by: David Mulder <dmulder@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): David Mulder <dmulder@samba.org>
Autobuild-Date(master): Wed Oct 23 15:39:09 UTC 2024 on atb-devel-224
The 'samba' build excludes the 'none' tests,
which is where the Rust tests are located.
Signed-off-by: David Mulder <dmulder@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
We need to do this to prevent CI systems which
are missing cargo (Debian) from attempting to
configure with Rust.
Signed-off-by: David Mulder <dmulder@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Add configure checks to determine if rust or
specifically himmelblau sources can be compiled.
Signed-off-by: David Mulder <dmulder@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
