IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Tue Feb 2 15:49:14 CET 2016 on sn-devel-144
(cherry picked from commit 943e69ca8fd4491004eafbf29ed2ca748b0b7480)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11789
All subsystems that include pytalloc.h need to link against
pytalloc-util.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11789
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Tue Mar 15 07:08:16 CET 2016 on sn-devel-144
(similar to commit 7b431eba22444d2e0d872de781a8193dcfa6d252)
Backported to 4.3 by Andrew Bartlett
This object is not based on pytalloc_Object and so this causes
a segfault (later a failure) when the struct definitions diverge.
We must also not reuse the incoming ldb_message_element as a talloc
context and overwrite the values, instead we should create a new
object and return that.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from commit b96b1e88f760c92c7d9bb7e732f72d7e73a68907)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11789
This shows the correct way to accept a value that may be a list of strings
or a proper ldb.MessageElement.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from commit b48776d78b446ad4abd4a6bc2ba6b488a29b11d2)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11789
add_srt should add the mappings to the linked list even if
mappings==NULL (the default)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11827
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Mon Apr 11 14:25:59 CEST 2016 on sn-devel-144
(cherry picked from commit 3e2af1568d150de1cb12fef40580f4880ac787ff)
Autobuild-User(v4-3-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-3-test): Mon Apr 18 16:24:45 CEST 2016 on sn-devel-104
Reported by Thomas Dvorachek <tdvorachek@yahoo.com> from a Windows 10 server.
Confirmed in MS-CIFS 2.2.8.1.7.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11822
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Apr 6 03:46:55 CEST 2016 on sn-devel-144
(cherry picked from commit f63b9a73b03971f41947c694e6952cd1e49b67c3)
When "ignore system acls" is set, do not mess at all with POSIX ACLS,
do not even calculate the would-be POSIX-ACL-based security descriptor
(for performance reasons).
Instead, just store a V3 blob with zero hash. This means that if we
later read the ACL without ignoring system ACLs, the NT ACL shall be
reset to the info derivable from the POSIX ACL.
File ownership is still modified as it has bearing on disk quotas.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11806
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 765e5f1f2670d3d5d8d62a04b4ccf38a680bcb37)
* Fix memory leak when old signal action restored (bug #11742)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11771
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Feb 19 19:12:25 CET 2016 on sn-devel-144
(cherry picked from commit da74d0c317be9ce67eb5d00d232167d466f68a1e)
The last 13 patches addressed bug #11771:
Backport tevent 0.9.28.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11742
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11771
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Feb 18 01:42:50 CET 2016 on sn-devel-144
(cherry picked from commit 833a2f474367624dd9980abb28227850e95fe976)
* Fix bug in poll backend - poll_event_loop_poll()
exits the for loop on POLLNVAL instead of
continuing to find an event that is ready.
* Fix ETIME handling for Solaris event ports (bug #11728).
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11771
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Tue Feb 16 00:00:51 CET 2016 on sn-devel-144
(cherry picked from commit 2267faddfa9863b205dfad580fbd45182916cb32)
It is possible for port_getn to return -1 with errno set to ETIME and
still return events. If those events aren't processed the association is
lost by samba since the kernel dissacociated them and samba never
processed them so never reassociated them with the event port. The
patch checks the nget return value in the case of ETIME and if it is non
0 it doesn't return and goes through the event processing loop.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11771
Signed-off-by: Nathan Huff <nhuff@acm.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Sun Feb 7 11:26:35 CET 2016 on sn-devel-144
(cherry picked from commit 4953b1f73f8ec9387516be1058434d71937e1447)
Without this, tests fail ir libtevent is not installed on the system.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11771
Signed-Off-By: Jelmer Vernooij <jelmer@jelmer.uk>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Nov 18 21:40:26 CET 2015 on sn-devel-104
(cherry picked from commit bf06a5166ed29e82c4efdb86cf2634f424c29931)
If the (pfd->revents & POLLNVAL) case is triggered,
we do DLIST_REMOVE(ev->fd_events, fde); and then
use fde->next in the loop above.
Save off fde->next for loop interation before
this so we can't use a deleted ->next value.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11771
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit 2be3dd1407eabe3df360ede2eab178848e34733c)
* New tevent_thread_proxy API
* Minor build fixes
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11771
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 9884a8fa58ffc8ddff0977c069aedda3beb6415f)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11771
Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 68077c617b0a456baea56349fbf502307318c487)
Both tests run cleanly with valgrind --tool=drd and
valgrind --tool=helgrind
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11771
Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit a132320b4c434ae9c2188377951d092f7309e63c)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11771
Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 187aebb25b970a3679a72109def8e8b85622722e)
The special error is not NT_STATUS_BUFFER_TOO_SMALL, but STATUS_BUFFER_OVERFLOW.
Tested using TSTREAM_SMBXCLI_NP_MAX_BUF_SIZE == 20 and running
the following commands against a Windows 2012R2 server:
bin/smbtorture ncacn_np:SERVER[] rpc.lsa-getuser
bin/smbtorture ncacn_np:SERVER[smb2] rpc.lsa-getuser
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11623
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Dec 1 03:42:52 CET 2015 on sn-devel-104
(cherry picked from commit 3bbd8d3614af641535ab0925303ad07c03c4e094)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11623
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 0e8d33fb5ffd6fdb0e503c5ff59e3635bbf10041)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11623
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 68850f3f56e9b28b298c1bc3a6249f9c26602217)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11623
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit b47bfce6781ea3be2b85cbef348107eda4f98860)
Found by valgrind, reported by Noel Power <nopower@suse.com>:
==7913== Invalid read of size 1
==7913== at 0xC4F23EE: smb2cli_ioctl_done (smb2cli_ioctl.c:245)
==7913== by 0x747A744: _tevent_req_notify_callback (tevent_req.c:112)
==7913== by 0x747A817: tevent_req_finish (tevent_req.c:149)
==7913== by 0x747A93C: tevent_req_trigger (tevent_req.c:206)
==7913== by 0x7479B2B: tevent_common_loop_immediate
(tevent_immediate.c:135)
==7913== by 0xA9CB4BE: run_events_poll (events.c:192)
==7913== by 0xA9CBB32: s3_event_loop_once (events.c:303)
==7913== by 0x7478C72: _tevent_loop_once (tevent.c:533)
==7913== by 0x747AACD: tevent_req_poll (tevent_req.c:256)
==7913== by 0x505315D: tevent_req_poll_ntstatus (tevent_ntstatus.c:109)
==7913== by 0xA7201F2: cli_tree_connect (cliconnect.c:2764)
==7913== by 0x165FF7: cm_prepare_connection (winbindd_cm.c:1276)
==7913== Address 0x16ce24ec is 764 bytes inside a block of size 813 alloc'd
==7913== at 0x4C29110: malloc (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==7913== by 0x768A0C1: __talloc_with_prefix (talloc.c:668)
==7913== by 0x768A27E: _talloc_pool (talloc.c:721)
==7913== by 0x768A41E: _talloc_pooled_object (talloc.c:790)
==7913== by 0x747A594: _tevent_req_create (tevent_req.c:66)
==7913== by 0xCF6E2FA: read_packet_send (async_sock.c:414)
==7913== by 0xCF6EB54: read_smb_send (read_smb.c:54)
==7913== by 0xC4DA146: smbXcli_conn_receive_next (smbXcli_base.c:1027)
==7913== by 0xC4DA02D: smbXcli_req_set_pending (smbXcli_base.c:978)
==7913== by 0xC4DF776: smb2cli_req_compound_submit (smbXcli_base.c:3166)
==7913== by 0xC4DFC1D: smb2cli_req_send (smbXcli_base.c:3268)
==7913== by 0xC4F2210: smb2cli_ioctl_send (smb2cli_ioctl.c:149)
==7913==
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11622
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 91e12e04fc05a0b09b70ca2986aab9b96a8a035c)
This fixes a regression in commit 2cb07ba50decdfd6d08271cd2b3d893ff95f5af9
(s3:libads: make use of ads_sasl_spnego_gensec_bind() for GSS-SPNEGO with Kerberos)
that prevents things like 'net ads join' from working against a Windows 2003 domain.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11804
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
o CVE-2015-5370 (Multiple errors in DCE-RPC code)
o CVE-2016-2110 (Man in the middle attacks possible with NTLMSSP)
o CVE-2016-2111 (NETLOGON Spoofing Vulnerability)
o CVE-2016-2112 (LDAP client and server don't enforce integrity)
o CVE-2016-2113 (Missing TLS certificate validation)
o CVE-2016-2114 ("server signing = mandatory" not enforced)
o CVE-2016-2115 (SMB IPC traffic is not integrity protected)
o CVE-2016-2118 (SAMR and LSA man in the middle attacks possible)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11744
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
These are independent from our client library and allow
testing of invalid pdus.
It can be used like this in standalone mode:
SMB_CONF_PATH=/dev/null SERVER=172.31.9.188 python/samba/tests/dcerpc/raw_protocol.py
or
SMB_CONF_PATH=/dev/null SERVER=172.31.9.188 python/samba/tests/dcerpc/raw_protocol.py -v -f TestDCERPC_BIND.test_invalid_auth_noctx
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
This is better than using hardcoded values.
We need to use the value the client used in the BIND request.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
This is better than using hardcoded values.
We need to use auth_context_id = 1 for authenticated
connections, as old Samba server (before this patchset)
will use a hardcoded value of 1.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
An alter context can't change the syntax of an existing context,
a new context_id will be used for that.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
