IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
This aims to minimise usage of the error-prone pattern of searching for
a just-added message element in order to make modifications to it (and
potentially finding the wrong element).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15009
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Currently, there are many places where we use ldb_msg_add_empty() to add
an empty element to a message, and then call ldb_msg_add_value() or
similar to add values to that element. However, this performs an
unnecessary search of the message's elements to locate the new element.
Moreover, if an element with the same attribute name already exists
earlier in the message, the values will be added to that element,
instead of to the intended newly added element.
A similar pattern exists where we add values to a message, and then call
ldb_msg_find_element() to locate that message element and sets its flags
to (e.g.) LDB_FLAG_MOD_REPLACE. This also performs an unnecessary
search, and may locate the wrong message element for setting the flags.
To avoid these problems, add functions for appending a value to a
message, so that a particular value can be added to the end of a message
in a single operation.
For ADD requests, it is important that no two message elements share the
same attribute name, otherwise things will break. (Normally,
ldb_msg_normalize() is called before processing the request to help
ensure this.) Thus, we must be careful not to append an attribute to an
ADD message, unless we are sure (e.g. through ldb_msg_find_element())
that an existing element for that attribute is not present.
These functions will be used in the next commit.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15009
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Using the newly added ldb flag, we can now detect when a message has
been shallow-copied so that its elements share their values with the
original message elements. Then when adding values to the copied
message, we now make a copy of the shared values array first.
This should prevent a use-after-free that occurred in LDB modules when
new values were added to a shallow copy of a message by calling
talloc_realloc() on the original values array, invalidating the 'values'
pointer in the original message element. The original values pointer can
later be used in the database audit logging module which logs database
requests, and potentially cause a crash.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15009
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
When making a shallow copy of an ldb message, mark the message elements
of the copy as sharing their values with the message elements in the
original message.
This flag value will be heeded in the next commit.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15009
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
The first time round we maybe didn't know which files we wanted to log to.
Suppose, for example, we had an smb.conf with
log level = 1 dsdb_group_json_audit:5@/var/log/group_json.log
we wouldn't see anything in "/var/log/group_json.log", while the level
5 dsdb_group_json_audit messages would go into the main log.
Note that the named file would still be opened by winbindd and others
that use the s3 code, but would remain empty as they don't have anything
to say about dsdb_group_json_audit.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15076
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 9537ac723cfdc43e718fdd08dc28883e7057a372)
Autobuild-User(v4-15-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-15-test): Sat Jun 18 09:46:47 UTC 2022 on sn-devel-184
This partly reverts commit 620de975f147ac9427b51ea0e1e3eabda443d4b6.
Drop chunk including system/nis.h, drop wscript_build modifications,
use getdomainname() from glibc instead of yp_get_default_domain() from
libnsl.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15087
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit b3034f1209a6c45873882415c4291dde7eee76db)
Autobuild-User(v4-15-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-15-test): Sun Jun 12 08:40:15 UTC 2022 on sn-devel-184
* Fix build problems
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15071
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(v4-15-test): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(v4-15-test): Thu Jun 9 15:02:57 UTC 2022 on sn-devel-184
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15069
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jun 3 21:53:31 UTC 2022 on sn-devel-184
(cherry picked from commit 3bd753983c8dac33b483affa859984b7e3350d65)
Autobuild-User(v4-15-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-15-test): Thu Jun 9 09:53:47 UTC 2022 on sn-devel-184
Adds handle based version of gpfswrap_getacl().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15069
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
(cherry picked from commit d373ff3c01c2c50cd539b78494c0673974a0f046)
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 1b5b4107a5081f15ba215f3025056d509fcfcf2a)
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit ed14513be055cc56eb39785323df2c538a813865)
That will make it easy to see the difference
between two memory buffers.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14956
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit b489b7feda19b3c0f0fe2300f2c76d416776355b)
This simplifies the logic a lot for me.
It also fixes some corner cases regarding whitespaces in the
output, that's why we have to mark a few tests as knownfail,
they will be fixed in the next commit.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14956
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 58b09e107cadd7fb8191822d4e7e42657b1ed4c7)
CVE-2021-3670 ldb: Confirm the request has not yet timed out in ldb filter processing
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14694
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(v4-15-test): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(v4-15-test): Mon Jan 24 12:44:54 UTC 2022 on sn-devel-184
Not yet used. Does no checks on the converted values.
A later cleanup will allow us to move nt_time_to_unix_timespec()
and nt_time_to_full_timespec() to use common code.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14928
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
(cherry picked from commit 29d69c22a0d945193ce3dac27e1083dbc5c53f03)
The LDB filter processing is where the time is spent in the LDB stack
but the timeout event will not get run while this is ongoing, so we
must confirm we have not yet timed out manually.
RN: Ensure that the LDB request has not timed out during filter processing
as the LDAP server MaxQueryDuration is otherwise not honoured.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14694
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
(cherry picked from commit 1d5b155619bc532c46932965b215bd73a920e56f)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14908
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Nov 17 18:29:09 UTC 2021 on sn-devel-184
(cherry picked from commit cdc0268c1987f36ab400ea01df88d55c02dccfdb)
Autobuild-User(v4-15-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-15-test): Fri Nov 19 08:11:05 UTC 2021 on sn-devel-184
source3 clients need to work in clustered mode, the default
cli_credentials_set_machine_account() only looks at the local
secrets.tdb file
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14908
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 63c80f25da8829a7bd3244afea29c13f699efac1)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14897
RN: samba process doesn't log to logfile
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Thu Nov 11 14:42:13 UTC 2021 on sn-devel-184
(cherry picked from commit 06ed4ccba6cfe08aef061866f98b1d1da26682b8)
Autobuild-User(v4-15-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-15-test): Tue Nov 16 16:56:19 UTC 2021 on sn-devel-184
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14897
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 97592f16bfb8590efbd2ed31fc9883d747ec650f)
This simplifies the logging API for callers that typically would want to set
logging by just setup_logging() once without bothering that typically
configuration is loaded (via some lpcfg_load*() or lp_load*() varient) which
will only then pick up the configured logfile from smb.conf without actually
applying the new logifle to the logging subsytem.
Therefor our daemons will additionally call reopen_logs() explicitly in their
startup code after config is loaded, eg
setup_logging(getprogname(), DEBUG_FILE);
...
lpcfg_load(lp_ctx, config_file);
...
reopen_logs();
By calling reopen_logs_internal() implicitly from debug_set_logfile() there's no
need to call reopen_logs() explicitly anymore to apply the logfile.
As reopen_logs() will also apply other logging configuration options, we have to
keep the explicit calls in the daemon code. But at least this allows consistent
logging setup wrt to the logfile in the new cmdline library.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14897
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit fa9d9974d068897d35539e5316f606a15e8b38de)
Before I added per-class logfile and we had only one fd for the logfile the code
looked like this:
/* Take over stderr to catch output into logs */
if (state.fd > 0) {
if (dup2(state.fd, 2) == -1) {
/* Close stderr too, if dup2 can't point it -
at the logfile. There really isn't much
that can be done on such a fundamental
failure... */
close_low_fd(2);
}
}
In the current code the equivalent to state.fd is dbgc_config[DBGC_ALL].fd.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14897
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 948a82bd2651e73e4e669a89dc77ba93abbb9b2f)
This allows the calling the following sequence of dbwrap functions:
dbwrap_delete_record(rec);
data = dbwrap_record_get_value(rec);
without triggering the assert rec->value_valid inside dbwrap_record_get_value().
Note that dbwrap_record_storev() continues to invalidate the record, so this
change somewhat blurs our semantics.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14882
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Nov 4 19:49:47 UTC 2021 on sn-devel-184
(cherry picked from commit 8082e2eb7e33c0993135791c03823886f5aa8496)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14846
RN: Fix -k legacy option for client tools like smbclient, rpcclient, net, etc.
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 16d43ccfddf0e67a0ae87e3f13b3114c858d64ac)
Preliminary handling of NTTIME_THAW to avoid NTTIME_THAW is passed as some
mangled value down to the VFS set timestamps function.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14127
RN: Avoid storing NTTIME_THAW (-2) as value on disk
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 6ed71ad7e6aa98a34cfde95d7d62c46694d58469)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14127
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 194faa76161a12ae1eae2b471d6f159d97ef75a8)
NTTIME_FREEZE is not a nil sentinel value, instead it implies special, yet
unimplemented semantics. Callers must deal with those values specifically and
null_nttime() must not lie about their nature.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14127
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 5503bde93bddf3634b183e665773399c110251d4)
No change in behaviour.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14127
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit e2740e4868f2a49877a86a8666d26226b5657317)
The test was checking -1 twice:
torture_assert(tctx, null_nttime(-1), "-1");
torture_assert(tctx, null_nttime(-1), "-1");
The first line was likely supposed to test the value "0".
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14127
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit d84779302cc54a7b84c05ccc458e04b27fd142f4)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14127
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit f73aff502cadabb7fe6b94a697f0a2256d1d4aca)
As we want to reduce use of 'classic domain controller' role but FreeIPA
relies on it internally, add a separate role to mark FreeIPA domain
controller role.
It means that role won't result in ROLE_STANDALONE.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14801
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14556
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* Corrected python behaviour for 'in' for LDAP attributes
contained as part of ldb.Message (bug 14845)
* Fix memory handling in ldb.msg_diff (bug 14836)
* Corrected python docstrings
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14845
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14836
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14848
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 76899e236149ff3b86cd9032a3c6bdafe3a2f036)
Autobuild-User(v4-15-test): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(v4-15-test): Tue Oct 26 15:09:58 UTC 2021 on sn-devel-184
Previously, containment testing using the 'in' operator was handled by
performing an equality comparison between the chosen object and each of
the message's keys in turn. This behaviour was prone to errors due to
not considering differences in case between otherwise equal elements, as
the indexing operations do.
Containment testing should now be more consistent with the indexing
operations and with the get() method of ldb.Message.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14845
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 860d8902a9c502d4be83396598cf4a53c80fea69)
These tests verify that the 'in' operator on ldb.Message is consistent
with indexing and the get() method. This means that the 'dn' element
should always be present, lookups should be case-insensitive, and use of
an invalid type should result in a TypeError.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14845
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 865fe238599a732360b77e06e592cb85d459acf8)
Previously, a TypeError was raised and subsequently overridden by a
KeyError.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14845
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 22353767ca75af9d9e8fa1e7da372dcb5eddfcb7)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14845
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit b018e51d2725a23b2fedd3058644b8021f6a6a06)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14845
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 9d25a21d6024c6c2f8e4634f45e3944d8acbf8b8)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14845
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit d7af772de88885f46708329ff7bb5798da91d2c7)
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Sep 4 00:55:32 UTC 2021 on sn-devel-184
(cherry picked from commit 02b187303369d3ce0c19dfb72ffa78f86a3911f0)
CID 1492905: Control flow issues (DEADCODE)
This was a regression in 5eeb441b771a1ffe1ba1c69b72e8795f525a58ed.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14874
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sat Oct 23 08:07:13 UTC 2021 on sn-devel-184
(cherry picked from commit 5094d986b7686f057195dcb10764295b88967019)
Autobuild-User(v4-15-test): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(v4-15-test): Mon Oct 25 13:05:31 UTC 2021 on sn-devel-184
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14874
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Oct 20 12:54:54 UTC 2021 on sn-devel-184
(cherry picked from commit 5eeb441b771a1ffe1ba1c69b72e8795f525a58ed)
The only writer to this variable left with c377845d27d4dcd7. The
closest match for override_logfile is is_default_dyn_LOGFILEBASE()
with the opposite logic.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Sep 18 00:53:28 UTC 2021 on sn-devel-184
(cherry picked from commit cf4a868be50e795889b76b59f7fbe1cca51bcbfa)
On macOS tv_usec is an int so failus the build with -Werror,-Wformat.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14862
Signed-off-by: Alex Richardson <Alexander.Richardson@cl.cam.ac.uk>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit d3675e66fe8eec15076c6b88e47b627ee80c6f9e)
The DEBUG macro was missing and the CFStringGetBytes() was triggering a
-Werror,-Wpointer-sign build failure.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14862
Signed-off-by: Alex Richardson <Alexander.Richardson@cl.cam.ac.uk>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 2564e96e8319b4cb4c987dd2a03cf8a293db985a)
Make a deep copy of the message elements in msg_diff() so that if either
of the input messages are deallocated early, the result does not refer
to non-existing elements.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14642
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14836
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
(cherry picked from commit 19a2af02f57d99db8ed3c6b028c3abdf4b553700)
Autobuild-User(v4-15-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-15-test): Wed Sep 29 11:46:33 UTC 2021 on sn-devel-184
