IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
tls_tstream can't properly handle 'New Session Ticket' messages
sent 'after' the client sends the 'Finished' message.
This is needed because some servers (at least elasticsearch) wait till
they get 'Finished' messgage from the client before sending the
"New Ticket" message.
Without this patch what typcially happens is when the application code
sends data it then tries to read the response, but, instead of the
response to the request it actually recieves the "New Session Ticket"
instead. The "New Session Ticket" message gets processed by the upper layer
logic e.g.
tstream_tls_readv_send
->tstream_tls_readv_crypt_next
->tstream_tls_retry_read
->gnutls_record_recv
instead of the core gnutls routines.
This results in the response processing failing due to the
currently 'unexpected' New Ticket message.
In order to avoid this scenario we can ensure the client doesn't
negotiate resumption with session tickets.
Signed-off-by: Noel Power <noel.power@suse.com>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Nov 16 09:58:45 UTC 2022 on sn-devel-184
popt1.19 fixes a leak that exposes a use as free,
make sure we duplicate return of poptGetArg if
poptFreeContext is called before we use it.
==6357== Command: ./bin/regpatch file
==6357==
Can't load /home/npower/samba-back/INSTALL_DIR/etc/smb.conf - run testparm to debug it
==6357== Syscall param openat(filename) points to unaddressable byte(s)
==6357== at 0x4BFE535: open (in /usr/lib64/libc.so.6)
==6357== by 0x4861432: reg_diff_load (patchfile.c:345)
==6357== by 0x4861CD3: reg_diff_apply (patchfile.c:542)
==6357== by 0x10ADF9: main (regpatch.c:114)
==6357== Address 0x70f79d0 is 0 bytes inside a block of size 5 free'd
==6357== at 0x484617B: free (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==6357== by 0x4AF38B8: poptResetContext (in /usr/lib64/libpopt.so.0.0.2)
==6357== by 0x4AF45D4: poptFreeContext (in /usr/lib64/libpopt.so.0.0.2)
==6357== by 0x10ADCF: main (regpatch.c:111)
==6357== Block was alloc'd at
==6357== at 0x48437B4: malloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==6357== by 0x4AF52EE: poptGetNextOpt (in /usr/lib64/libpopt.so.0.0.2)
==6357== by 0x10ACBD: main (regpatch.c:79)
==6357==
==6357== Invalid read of size 1
==6357== at 0x4849782: strlen (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==6357== by 0x4B5D50F: __vfprintf_internal (in /usr/lib64/libc.so.6)
==6357== by 0x4B7E719: __vasprintf_internal (in /usr/lib64/libc.so.6)
==6357== by 0x4AD32F0: __dbgtext_va (debug.c:1904)
==6357== by 0x4AD33F2: dbgtext (debug.c:1925)
==6357== by 0x4861515: reg_diff_load (patchfile.c:353)
==6357== by 0x4861CD3: reg_diff_apply (patchfile.c:542)
==6357== by 0x10ADF9: main (regpatch.c:114)
==6357== Address 0x70f79d0 is 0 bytes inside a block of size 5 free'd
==6357== at 0x484617B: free (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==6357== by 0x4AF38B8: poptResetContext (in /usr/lib64/libpopt.so.0.0.2)
==6357== by 0x4AF45D4: poptFreeContext (in /usr/lib64/libpopt.so.0.0.2)
==6357== by 0x10ADCF: main (regpatch.c:111)
==6357== Block was alloc'd at
==6357== at 0x48437B4: malloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==6357== by 0x4AF52EE: poptGetNextOpt (in /usr/lib64/libpopt.so.0.0.2)
==6357== by 0x10ACBD: main (regpatch.c:79)
==6357==
==6357== Invalid read of size 1
==6357== at 0x4849794: strlen (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==6357== by 0x4B5D50F: __vfprintf_internal (in /usr/lib64/libc.so.6)
==6357== by 0x4B7E719: __vasprintf_internal (in /usr/lib64/libc.so.6)
==6357== by 0x4AD32F0: __dbgtext_va (debug.c:1904)
==6357== by 0x4AD33F2: dbgtext (debug.c:1925)
==6357== by 0x4861515: reg_diff_load (patchfile.c:353)
==6357== by 0x4861CD3: reg_diff_apply (patchfile.c:542)
==6357== by 0x10ADF9: main (regpatch.c:114)
==6357== Address 0x70f79d1 is 1 bytes inside a block of size 5 free'd
==6357== at 0x484617B: free (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==6357== by 0x4AF38B8: poptResetContext (in /usr/lib64/libpopt.so.0.0.2)
==6357== by 0x4AF45D4: poptFreeContext (in /usr/lib64/libpopt.so.0.0.2)
==6357== by 0x10ADCF: main (regpatch.c:111)
==6357== Block was alloc'd at
==6357== at 0x48437B4: malloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==6357== by 0x4AF52EE: poptGetNextOpt (in /usr/lib64/libpopt.so.0.0.2)
==6357== by 0x10ACBD: main (regpatch.c:79)
==6357==
==6357== Invalid read of size 1
==6357== at 0x4B83DD0: _IO_default_xsputn (in /usr/lib64/libc.so.6)
==6357== by 0x4B5D39E: __vfprintf_internal (in /usr/lib64/libc.so.6)
==6357== by 0x4B7E719: __vasprintf_internal (in /usr/lib64/libc.so.6)
==6357== by 0x4AD32F0: __dbgtext_va (debug.c:1904)
==6357== by 0x4AD33F2: dbgtext (debug.c:1925)
==6357== by 0x4861515: reg_diff_load (patchfile.c:353)
==6357== by 0x4861CD3: reg_diff_apply (patchfile.c:542)
==6357== by 0x10ADF9: main (regpatch.c:114)
==6357== Address 0x70f79d0 is 0 bytes inside a block of size 5 free'd
==6357== at 0x484617B: free (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==6357== by 0x4AF38B8: poptResetContext (in /usr/lib64/libpopt.so.0.0.2)
==6357== by 0x4AF45D4: poptFreeContext (in /usr/lib64/libpopt.so.0.0.2)
==6357== by 0x10ADCF: main (regpatch.c:111)
==6357== Block was alloc'd at
==6357== at 0x48437B4: malloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==6357== by 0x4AF52EE: poptGetNextOpt (in /usr/lib64/libpopt.so.0.0.2)
==6357== by 0x10ACBD: main (regpatch.c:79)
==6357==
==6357== Invalid read of size 1
==6357== at 0x4B83DDF: _IO_default_xsputn (in /usr/lib64/libc.so.6)
==6357== by 0x4B5D39E: __vfprintf_internal (in /usr/lib64/libc.so.6)
==6357== by 0x4B7E719: __vasprintf_internal (in /usr/lib64/libc.so.6)
==6357== by 0x4AD32F0: __dbgtext_va (debug.c:1904)
==6357== by 0x4AD33F2: dbgtext (debug.c:1925)
==6357== by 0x4861515: reg_diff_load (patchfile.c:353)
==6357== by 0x4861CD3: reg_diff_apply (patchfile.c:542)
==6357== by 0x10ADF9: main (regpatch.c:114)
==6357== Address 0x70f79d2 is 2 bytes inside a block of size 5 free'd
==6357== at 0x484617B: free (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==6357== by 0x4AF38B8: poptResetContext (in /usr/lib64/libpopt.so.0.0.2)
==6357== by 0x4AF45D4: poptFreeContext (in /usr/lib64/libpopt.so.0.0.2)
==6357== by 0x10ADCF: main (regpatch.c:111)
==6357== Block was alloc'd at
==6357== at 0x48437B4: malloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==6357== by 0x4AF52EE: poptGetNextOpt (in /usr/lib64/libpopt.so.0.0.2)
==6357== by 0x10ACBD: main (regpatch.c:79)
==6357==
Error reading registry patch file `file'
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15205
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Oct 14 13:38:55 UTC 2022 on sn-devel-184
imessaging_client_init() is for temporary stuff only, so we should drop
(unexpected) incoming messages unless we expect irpc responses.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15201
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Thu Oct 13 13:32:30 UTC 2022 on sn-devel-184
We often create imessaging contexts just for sending messages,
but we'll never process incoming messages because a temporary event
context was used and we just queue a lot of imessaging_post_state
structures with immediate events.
With imessaging_init_discard_incoming() we'll discard any incoming messages
unless we have pending irpc requests.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15201
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
SEC_ACE_TYPE_ values are not flags, so this comparison does not behave
as intended. Modify the check to more closely match the comment.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Move of strcasecmp redefine to lib/util/safe_string.h in
https://gitlab.com/samba-team/samba/-/merge_requests/1507 broke build on
Fedora 33 with GCC 10.2.1 for those compilation units that use
ldb_att_cmp().
The reason for that is that ldb_attr_cmp() defined as
#define ldb_attr_cmp(a, b) strcasecmp(a, b)
because attribute names restricted to be ASCII by RFC2251 (LDAPv3 spec).
A solution is to add
#undef strcasecmp
to all source code files which use ldb_attr_cmp().
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Oct 1 22:45:29 UTC 2020 on sn-devel-184
lib/util/safe_string.h is similar to source3/include/safe_string.h, but
the former has fewer checks. It is missing bcopy, strcasecmp, and
strncasecmp.
Add the missing elements to lib/util/safe_string.h remove the other
safe_string.h which is in the source3-specific path. To accomodate
existing uses of str(n?)casecmp, add #undef lines to source files where
they are used.
Signed-off-by: Matthew DeVore <matvore@google.com>
Reviewed-by: David Mulder <dmulder@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Aug 28 02:18:40 UTC 2020 on sn-devel-184
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Swen Schillig <swen@linux.ibm.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Aug 3 22:21:04 UTC 2020 on sn-devel-184
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
We should use the default priority list. That is a good practice,
because TLS protocol hardening and phasing out of legacy algorithms,
is easier to co-ordinate when happens at a single place. See crypto
policies of Fedora.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14408
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Jun 17 17:42:02 UTC 2020 on sn-devel-184
This allows us to end the use of Python 2/3 compatability macros.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
This will allow us to remove some unused code in the PIDL-generated
python bindings.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
Found by covscan.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This is handled by the gnutls library constructor/destructor.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This makes debugging run-away processes much more efficient and even
possible at all: If the pool-usage output is more than 256MB, the
previous code could not realloc it and threw it away. Also, it is not
helpful for an already huge process to allocate even more.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Sep 18 21:27:30 UTC 2019 on sn-devel-184
Found during torture test runs with enable address-sanitizer.
Signed-off-by: Swen Schillig <swen@linux.ibm.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Aug 8 06:44:12 UTC 2019 on sn-devel-184
