IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Signed-off-by: Jule Anger <ja@sernet.de>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue May 5 11:24:52 UTC 2020 on sn-devel-184
We want to keep going down the module stack, and not start from the top again.
ASQ is above the ACL modules, but below paged_results and we do not wish to
re-trigger that work.
Thanks to Andrei Popa <andrei.popa@next-gen.ro> for finding,
reporting and working with us to diagnose this issue!
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14331
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Check the search request lengths against the limits passed to
ldap_decode.
Credit to OSS-Fuzz
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Gary Lockyer <gary@samba.org>
Autobuild-Date(master): Mon May 4 04:40:10 UTC 2020 on sn-devel-184
Add search request size limits to ldap_decode calls.
The ldap server uses the smb.conf variable
"ldap max search request size" which defaults to 250Kb.
For cldap the limit is hard coded as 4096.
Credit to OSS-Fuzz
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
I just came across this failure with a new test:
==16654== Invalid read of size 4
==16654== at 0x4950947: tevent_req_is_in_progress (tevent_req.c:270)
==16654== by 0x5AEEE8F: writev_trigger (async_sock.c:375)
==16654== by 0x494F9E7: tevent_queue_immediate_trigger (tevent_queue.c:149)
==16654== by 0x494F53C: tevent_common_invoke_immediate_handler (tevent_immediate.c:166)
==16654== by 0x494F642: tevent_common_loop_immediate (tevent_immediate.c:203)
==16654== by 0x4959E5E: epoll_event_loop_once (tevent_epoll.c:918)
==16654== by 0x495665A: std_event_loop_once (tevent_standard.c:110)
==16654== by 0x494DFCE: _tevent_loop_once (tevent.c:772)
==16654== by 0x4950A6A: tevent_req_poll (tevent_req.c:300)
==16654== by 0x4D166C9: tevent_req_poll_ntstatus (tevent_ntstatus.c:109)
==16654== by 0x18C98B: run_readdir_timestamp (test_readdir_timestamp.c:489)
==16654== by 0x161BC5: run_test (torture.c:14896)
==16654== by 0x162726: main (torture.c:15136)
==16654== Address 0x91bb878 is 216 bytes inside a block of size 853 free'd
==16654== at 0x48369AB: free (vg_replace_malloc.c:530)
==16654== by 0x49B405E: _tc_free_internal (talloc.c:1221)
==16654== by 0x49B4116: _talloc_free_internal (talloc.c:1247)
==16654== by 0x49B547C: _talloc_free (talloc.c:1789)
==16654== by 0x50ECE3B: smb2cli_req_writev_done (smbXcli_base.c:3468)
==16654== by 0x4950648: _tevent_req_notify_callback (tevent_req.c:141)
==16654== by 0x49507A9: tevent_req_finish (tevent_req.c:193)
==16654== by 0x49507D6: _tevent_req_done (tevent_req.c:199)
==16654== by 0x5AEEE28: writev_do (async_sock.c:363)
==16654== by 0x5AEEE83: writev_trigger (async_sock.c:374)
==16654== by 0x494F9E7: tevent_queue_immediate_trigger (tevent_queue.c:149)
==16654== by 0x494F53C: tevent_common_invoke_immediate_handler (tevent_immediate.c:166)
==16654== by 0x494F642: tevent_common_loop_immediate (tevent_immediate.c:203)
==16654== by 0x4959E5E: epoll_event_loop_once (tevent_epoll.c:918)
==16654== by 0x495665A: std_event_loop_once (tevent_standard.c:110)
==16654== by 0x494DFCE: _tevent_loop_once (tevent.c:772)
==16654== by 0x4950A6A: tevent_req_poll (tevent_req.c:300)
==16654== by 0x4D166C9: tevent_req_poll_ntstatus (tevent_ntstatus.c:109)
==16654== by 0x18C98B: run_readdir_timestamp (test_readdir_timestamp.c:489)
==16654== by 0x161BC5: run_test (torture.c:14896)
==16654== by 0x162726: main (torture.c:15136)
==16654== Block was alloc'd at
==16654== at 0x483577F: malloc (vg_replace_malloc.c:299)
==16654== by 0x49B300F: __talloc_with_prefix (talloc.c:782)
==16654== by 0x49B31E6: _talloc_pool (talloc.c:837)
==16654== by 0x49B3394: _talloc_pooled_object (talloc.c:905)
==16654== by 0x49501A6: _tevent_req_create (tevent_req.c:79)
==16654== by 0x5AEE956: writev_send (async_sock.c:266)
==16654== by 0x50ECBCA: smb2cli_req_compound_submit (smbXcli_base.c:3396)
==16654== by 0x50ECD49: smb2cli_req_send (smbXcli_base.c:3447)
==16654== by 0x50FE34F: smb2cli_create_send (smb2cli_create.c:153)
==16654== by 0x490325E: cli_smb2_create_fnum_send (cli_smb2_fnum.c:273)
==16654== by 0x48D0146: cli_ntcreate_send (clifile.c:2504)
==16654== by 0x18B737: create_ts_send (test_readdir_timestamp.c:59)
==16654== by 0x18BF77: create_ts_files_send (test_readdir_timestamp.c:253)
==16654== by 0x18C35C: create_files_send (test_readdir_timestamp.c:336)
==16654== by 0x18C953: run_readdir_timestamp (test_readdir_timestamp.c:482)
==16654== by 0x161BC5: run_test (torture.c:14896)
==16654== by 0x162726: main (torture.c:15136)
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Apr 23 21:53:38 UTC 2020 on sn-devel-184
Initilalise "stale" to zero before passing a pointer to it to
mdb_reader_check.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Apr 7 12:29:00 UTC 2020 on sn-devel-184
In use process failures and Bind9 shut downs leave stale entries in the
lmdb reader table. This can result in lmdb filling it's database file, as
the free list can not be reclaimed due to the stale reader.
In this fix we call mdb_reader_check at the start of each transaction,
to free any stale readers. As the default maximum number of readers is
127, this should not impact on performance to any great extent.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14330
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Mar 31 01:26:07 UTC 2020 on sn-devel-184
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Thu Mar 26 16:22:00 UTC 2020 on sn-devel-184
Every time I have to remove an element from within an array I have to
scratch my head about the memmove arguments. Make this easier to use.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
All callers now use nonblocking sockets, so that we can optimize by
doing early writes
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Mar 25 10:41:29 UTC 2020 on sn-devel-184
We can only reasonably cancel a writev request that is still
queued. Once writing has started, cancel is pointless. Simplify the
if-conditions.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
This allows us to end the use of Python 2/3 compatability macros.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
This will allow us to remove some unused code in the PIDL-generated
python bindings.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
Fix indentation of list members and fix lines > 79 characters to remove
PEP8 warnings.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Add cmocka tests to confirm lmdb's handling of the free list.
As a result of lmdb's MVCC (Multiversion Concurrency Control) long
running read transactions or stale readers (read transactions where the
process exited without ending the transaction) can cause the database to
run out of space.
Items in the free list are only reused when they would not be visible in
a read transaction. So long running read transactions prevent entries
in the free list being reused, and the database can run out of space.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
test_audit_get_timestamp used the "%Z" format specifier in strptime,
this is non-portable. Updated tests now explicitly set the time zone to
"UTC".
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sat Mar 7 06:37:09 UTC 2020 on sn-devel-184
ldb* tools, when passed a raw filename assume tdb://
By default, ldb_tdb will call tdb with O_CREAT.
TDB, when passed O_CREAT and a not-tdb file, will wipe the file.
This means that if you run ldbedit <path to mdb-format-ldb file> the file
will be wiped, which is unexpected. I noticed this while trying to
corrupt a sam.ldb backend file (for testing), but instead I wiped it!
Ideally tdb would not do that, but the behaviour has been this way for
decades. Ideally ldb would have had a "create db" command, but this
has been the job of ldbadd for over a decade.
So this just blunts the knife for ldbedit.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14302
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
This avoids using "ldb" as the memory context in most cases, and may avoid
a long-term memory leak if future changes cause dn_key not to be freed.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14299
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
We avoid bare if conditions in Samba.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14299
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
We need to ensure we TALLOC_FREE(tmp_ctx) in every error exit.
Reported by Alex Kolesnik, ABISoft Ltd., www.abisoft.biz. Thanks!
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14299
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Signed-off-by: Peter Eriksson <pen@lysator.liu.se>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Gary Lockyer <<gary@catalyst.net.nz>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Feb 27 21:43:29 UTC 2020 on sn-devel-184
We can diverged into the s3 and lib/fault panic action stuff once
we have printed the backtrace.
Our tests require we use the word PANIC, and some administrative scripts
might look for similar things, so keep those words.
The use of DEBUG(0, ... is deliberate to keep the output
of the PANIC line as consistent as possible with the historical smbd output.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Feb 27 05:09:44 UTC 2020 on sn-devel-184
The "why" string is now eg "Signal 11: Segmentation fault" and
so more descriptive, and hopefully this will encourage the
Samba version to be included in more error reports.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
This makes it easier to understand the process graph as there is
not a duplicate (eg) ldap[master] process for each tfork waiter.
when useing "ps -ef -o pid,comm"
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14287
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
This makes it easier to pass a small amount of variable information
into the buffer, to distinguish processes in the AD DC.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14287
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Feb 26 23:11:39 UTC 2020 on sn-devel-184
Now that open_socket_out*() doesn't do the strange reentrant calls,
we can remove support for this in async_connect_send(), so that we'll
never get any new users of this.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
While it is true that [e]poll() only needs POLLOUT
and POLLERR/POLLHUP are added implicitly.
For tevent we need TEVENT_FD_READ in order to see POLLERR/POLLHUP.
The socket becomes only readable when we hit an error.
Waiting for TEVENT_FD_WRITE is needed for getting success,
while TEVENT_FD_READ is required to get failures.
This matches what we have in tstream_bsd_connect_send().
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This is different compared to the raw usage of [e]poll
where [E]POLLOUT is enough to see errors via POLLERR/POLLHUP.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
* Bug 14270:
Samba 4.11 and later give incorrect results for SCOPE_ONE searches
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Tue Feb 25 12:59:02 UTC 2020 on sn-devel-184
This changes the LDB behaviour in the combination of a SCOPE_ONE search and
an index returning less than 10 results.
After b6b5b5fe355fee2a4096e9214831cb88c7a2a4c6 the list->strict flag
became set to false in all cases, rather than being left to the
value set by the caller.
This changes the ldb_kv_index_dn_one() code to force strict
mode on success instead.
Thanks to Marcus Granér, ICEYE Oy for reporting.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14270
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
