1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
Commit Graph

114958 Commits

Author SHA1 Message Date
Andreas Schneider
99a9b092ca s3:ldap: Use #ifdef instead of #if for config.h definitions
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2018-11-28 23:19:23 +01:00
Andreas Schneider
be04480e08 s3:auth: Use #ifdef instead of #if for config.h definitions
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2018-11-28 23:19:22 +01:00
Andreas Schneider
0433576dfd nss_winbind: Use #ifdef instead of #if for config.h definitions
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2018-11-28 23:19:22 +01:00
Andreas Schneider
4dd2349c11 wins: Use #ifdef instead of #if for config.h definitions
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2018-11-28 23:19:22 +01:00
Andreas Schneider
c56b16906c wbclient: Use #ifdef instead of #if for config.h definitions
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2018-11-28 23:19:22 +01:00
Andreas Schneider
d035f2492e krb5_plugin: Use #ifdef instead of #if for config.h definitions
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2018-11-28 23:19:22 +01:00
Andreas Schneider
b51e8b9808 libcli:smbreadline: Use #ifdef instead of #if for config.h definitions
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2018-11-28 23:19:22 +01:00
Andreas Schneider
aee760cdc9 libcli:smb: Use #ifdef instead of #if for config.h definitions
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2018-11-28 23:19:22 +01:00
Andreas Schneider
e7f0b6e41f lib:util: Avoid name confusion with config.h
The HAVE_* is normally used for config.h definitions, so rename it to
USE_ASM_BYTEORDER.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2018-11-28 23:19:22 +01:00
Andreas Schneider
8075025303 lib:util: Use #ifdef instead of #if for config.h definitions
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2018-11-28 23:19:22 +01:00
Andreas Schneider
4e8e172090 tdb: Use #ifdef instead of #if for config.h definitions
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2018-11-28 23:19:21 +01:00
Andreas Schneider
9f2cd92c8e replace: Use #ifdef instead of #if for config.h definitions
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2018-11-28 23:19:21 +01:00
Andreas Schneider
ded788bccb krb5_wrap: Use #ifdef instead of #if for config.h definitions
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2018-11-28 23:19:21 +01:00
Andreas Schneider
ab5f26f3f3 ctdb: Use #ifdef instead of #if for config.h definitions
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2018-11-28 23:19:21 +01:00
Andreas Schneider
a9477eb3bd autobuild: Add _FORTIFY_SOURCE=2 to the -O3 build
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2018-11-28 23:19:21 +01:00
Andreas Schneider
bebab07609 wafsamba: Do not always set _FORTIFY_SOURCE=2
This requires to be compiled with optimization (-O).

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2018-11-28 23:19:21 +01:00
Andreas Schneider
9f28d8e896 s3: Remove unsused MMAP_BLACKLIST ifdef checks
This doesn't get defined by anything.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2018-11-28 23:19:21 +01:00
Andreas Schneider
63a48e6487 lib:replace: Check if HAVE_DECL_ENVIRON is defined first
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2018-11-28 23:19:20 +01:00
Volker Lendecke
3be9ffe445 krb5_wrap: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Nov 28 21:15:31 CET 2018 on sn-devel-144
2018-11-28 21:15:31 +01:00
Volker Lendecke
130e034fbb auth: Align integer types
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-11-28 17:44:15 +01:00
Volker Lendecke
899bbb4407 lib: Align integer types
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-11-28 17:44:15 +01:00
Volker Lendecke
a167014554 krb5_wrap: Add a talloc_ctx to smb_krb5_principal_get_realm()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-11-28 17:44:15 +01:00
Volker Lendecke
c39526eb7d credentials: Remove an unnecessary talloc_steal()
ccc was already allocated off cred, this talloc_steal was a no-op.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-11-28 17:44:14 +01:00
Volker Lendecke
730beac162 credentials: Fix set_ccache with empty creds cache
This is an extension of bb2f7e3aee: Without this fix in the
"empty ccache" case we never set cred->ccache, so the whole call to
cli_credentials_set_ccache became pointless

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-11-28 17:44:14 +01:00
Volker Lendecke
c59f5f2977 credentials: Fix an error path memleak
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-11-28 17:44:14 +01:00
Volker Lendecke
f43ac073b2 credentials: Only do shallow copies of valid ccaches
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-11-28 17:44:14 +01:00
Ralph Boehme
8bde5ea169 tfork: add a README how to run test torture test under valgrind
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Nov 28 15:57:43 CET 2018 on sn-devel-144
2018-11-28 15:57:43 +01:00
Ralph Boehme
0a0daebaab tfork: add a suppresssions file for drd
drd reports:

 initialized twice: cond 0x514f188
    at 0x4C3A399: pthread_cond_init_intercept (drd_pthread_intercepts.c:1022)
    by 0x4C3A399: pthread_cond_init@* (drd_pthread_intercepts.c:1030)
    by 0x50F3FF3: tfork_atfork_child (tfork.c:250)
    by 0x9A4B95D: fork (fork.c:204)
    by 0x50F4834: tfork_start_waiter_and_worker (tfork.c:581)
    by 0x50F4CDB: tfork_create (tfork.c:780)
    by 0x2F7469: tfork_thread (tfork.c:431)
    by 0x4C358F8: vgDrd_thread_wrapper (drd_pthread_intercepts.c:444)
    by 0x8D46593: start_thread (pthread_create.c:463)
    by 0x9A7EE6E: clone (clone.S:95)
 cond 0x514f188 was first observed at:
    at 0x4C3A399: pthread_cond_init_intercept (drd_pthread_intercepts.c:1022)
    by 0x4C3A399: pthread_cond_init@* (drd_pthread_intercepts.c:1030)
    by 0x50F413A: tfork_global_initialize (tfork.c:287)
    by 0x8D4DEA6: __pthread_once_slow (pthread_once.c:116)
    by 0x4C377FD: pthread_once_intercept (drd_pthread_intercepts.c:800)
    by 0x4C377FD: pthread_once (drd_pthread_intercepts.c:806)
    by 0x50F4C0E: tfork_create (tfork.c:743)
    by 0x2F7469: tfork_thread (tfork.c:431)
    by 0x4C358F8: vgDrd_thread_wrapper (drd_pthread_intercepts.c:444)
    by 0x8D46593: start_thread (pthread_create.c:463)
    by 0x9A7EE6E: clone (clone.S:95)

This is intentional, the reinit is in a child process. Cf the comment in
tfork.c.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2018-11-28 12:59:28 +01:00
Ralph Boehme
b92d790515 tfork: add a suppresssions file for helgrind
tfork_atexit_unknown[1|2]:

  No idea what triggers this, definitely not tfork itself.

tfork_pthread_get_specific:

 Helgrind reports:

 Possible data race during read of size 4 at 0x5141304 by thread #3
 Locks held: none
    at 0x50E602E: tfork_global_get (tfork.c:301)
    by 0x50E69B1: tfork_create (tfork.c:737)
    by 0x2F7419: tfork_thread (tfork.c:431)
    by 0x4C35AC5: mythread_wrapper (hg_intercepts.c:389)
    by 0x8D38593: start_thread (pthread_create.c:463)
    by 0x9A70E6E: clone (clone.S:95)

 This conflicts with a previous write of size 4 by thread #2
 Locks held: none
    at 0x8D3F7B7: pthread_key_create (pthread_key_create.c:41)
    by 0x50E5F79: tfork_global_initialize (tfork.c:280)
    by 0x8D3FEA6: __pthread_once_slow (pthread_once.c:116)
    by 0x50E6999: tfork_create (tfork.c:728)
    by 0x2F7419: tfork_thread (tfork.c:431)
    by 0x4C35AC5: mythread_wrapper (hg_intercepts.c:389)
    by 0x8D38593: start_thread (pthread_create.c:463)
    by 0x9A70E6E: clone (clone.S:95)
  Location 0x5141304 is 0 bytes inside global var "tfork_global_key"
  declared at tfork.c:122

  This is nonsense, tfork_global_get() calls pthread_getspecific, so
  we're looking at the pthread_key_create()/pthread_[g|s]etspecific()
  API here which works with threads by design.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2018-11-28 12:59:28 +01:00
Ralph Boehme
b6cd7f8c2c tfork: TFORK_ANNOTATE_BENIGN_RACE
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2018-11-28 12:59:27 +01:00
Ralph Boehme
f8e24596d5 tfork/test: ensure all threads start with SIGCHLD unblocked
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2018-11-28 12:59:27 +01:00
Tim Beale
fde9f7c81b CVE-2018-16857 dsdb/util: Add better default lockOutObservationWindow
Clearly the lockOutObservationWindow value is important, and using a
default value of zero doesn't work very well.

This patch adds a better default value (the domain default setting of 30
minutes).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13683

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Wed Nov 28 11:31:14 CET 2018 on sn-devel-144
2018-11-28 11:31:14 +01:00
Tim Beale
13014aea13 CVE-2018-16857 dsdb/util: Fix lockOutObservationWindow for PSOs
Fix a remaining place where we were trying to read the
msDS-LockoutObservationWindow as an int instead of an int64.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13683

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-11-28 08:22:25 +01:00
Tim Beale
c7b937c5aa CVE-2018-16857 dsdb/util: Correctly treat lockOutObservationWindow as 64-bit int
Commit 442a38c918 refactored some code into a new
get_lockout_observation_window() function. However, in moving the code,
an ldb_msg_find_attr_as_int64() inadvertently got converted to a
ldb_msg_find_attr_as_int().

ldb_msg_find_attr_as_int() will only work for values up to -2147483648
(about 3.5 minutes in MS timestamp form). Unfortunately, the automated
tests used a low enough timeout that they still worked, however,
password lockout would not work with the Samba default settings.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13683

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-11-28 08:22:25 +01:00
Tim Beale
77de8278e4 CVE-2018-16857 tests: Sanity-check password lockout works with default values
Sanity-check that when we use the default lockOutObservationWindow that
user lockout actually works.

The easiest way to do this is to reuse the _test_login_lockout()
test-case, but stop at the point where we wait for the lockout duration
to expire (because we don't want the test to wait 30 mins).

This highlights a problem currently where the default values don't work.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13683

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-11-28 08:22:25 +01:00
Isaac Boukris
6ab51b2af9 CVE-2018-16853: fix crash in expired passowrd case
When calling encode_krb5_padata_sequence() make sure to
pass a null terminated array as required.

Fixes expired passowrd case in samba4.blackbox.kinit test.

Signed-off-by: Isaac Boukris <iboukris@gmail.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2018-11-28 08:22:25 +01:00
Andreas Schneider
7cddbcf039 CVE-2018-16853: Do not segfault if client is not set
This can be triggered with FAST but we don't support this yet.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13571

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2018-11-28 08:22:24 +01:00
Isaac Boukris
c556ac5c66 CVE-2018-16853: Add a test to verify s4u2self doesn't crash
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13571

Signed-off-by: Isaac Boukris <iboukris@gmail.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2018-11-28 08:22:24 +01:00
Isaac Boukris
6c453aeb0c CVE-2018-16853: The ticket in check_policy_as can actually be a TGS
This happens when we are called from S4U2Self flow, and in that case
kdcreq->client is NULL.  Use the name from client entry instead.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13571

Signed-off-by: Isaac Boukris <iboukris@gmail.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2018-11-28 08:22:24 +01:00
Isaac Boukris
bf0e9041be CVE-2018-16853: Fix kinit test on system lacking ldbsearch
By fixing bindir variable name.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13571

Signed-off-by: Isaac Boukris <iboukris@gmail.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2018-11-28 08:22:24 +01:00
Andrew Bartlett
c5370a4349 CVE-2018-16853 WHATSNEW: The Samba AD DC, when build with MIT Kerberos is experimental
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13678

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2018-11-28 08:22:24 +01:00
Andrew Bartlett
07c49d25cd CVE-2018-16853 build: The Samba AD DC, when build with MIT Kerberos is experimental
This matches https://wiki.samba.org/index.php/Running_a_Samba_AD_DC_with_MIT_Kerberos_KDC

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13678

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2018-11-28 08:22:24 +01:00
Gary Lockyer
9a12a00146 CVE-2018-16852 dcerpc dnsserver: refactor common properties handling
dnsserver_common.c and dnsutils.c both share similar code to process
zone properties.  This patch extracts the common code and moves it to
dnsserver_common.c.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13669

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-11-28 08:22:24 +01:00
Gary Lockyer
2b00f8fa9f CVE-2018-16852 dcerpc dnsserver: Ensure properties are handled correctly
Fixes for
Bug 13669 - (CVE-2018-16852) NULL
            pointer de-reference in Samba AD DC DNS management

The presence of the ZONE_MASTER_SERVERS property or the
ZONE_SCAVENGING_SERVERS property in a zone record causes the server to
follow a null pointer and terminate.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13669

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-11-28 08:22:24 +01:00
Gary Lockyer
c1d4033e09 CVE-2018-16852 dcerpc dnsserver: Verification tests
Tests to verify
Bug 13669 - (CVE-2018-16852) NULL
            pointer de-reference in Samba AD DC DNS management

The presence of the ZONE_MASTER_SERVERS property or the
ZONE_SCAVENGING_SERVERS property in a zone record causes the server to
follow a null pointer and terminate.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13669

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-11-28 08:22:24 +01:00
Garming Sam
d2c98abde1 CVE-2018-16851 ldap_server: Check ret before manipulating blob
In the case of hitting the talloc ~256MB limit, this causes a crash in
the server.

Note that you would actually need to load >256MB of data into the LDAP.
Although there is some generated/hidden data which would help you reach that
limit (descriptors and RMD blobs).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13674

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-11-28 08:22:24 +01:00
Andrew Bartlett
c835e27a99 CVE-2018-16841 selftest: Check for mismatching principal in certficate compared with principal in AS-REQ
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13628
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2018-11-28 08:22:24 +01:00
Andrew Bartlett
b6e9c4b8bb CVE-2018-16841 heimdal: Fix segfault on PKINIT with mis-matching principal
In Heimdal KRB5_KDC_ERR_CLIENT_NAME_MISMATCH is an enum, so we tried to double-free
mem_ctx.

This was introduced in 9a0263a7c3 for the
MIT KDC effort.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13628

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2018-11-28 08:22:23 +01:00
Aaron Haslett
97b426baba CVE-2018-14629 dns: CNAME loop prevention using counter
Count number of answers generated by internal DNS query routine and stop at
20 to match Microsoft's loop prevention mechanism.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13600

Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2018-11-28 08:22:23 +01:00
Aaron Haslett
c3f6085991 dns: prevent self-referencing CNAME
Stops the user from adding a self-referencing CNAME over RPC, which is an easy
mistake to make with samba-tool.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13600

Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2018-11-28 08:22:23 +01:00