1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-12 09:18:10 +03:00
Commit Graph

81864 Commits

Author SHA1 Message Date
Andrew Bartlett
5630e25a35 s4-dsdb: Allow dbcheck to correct an incorrect instanceType 2012-07-18 09:32:53 +02:00
Andrew Bartlett
96db13405b s4-dsdb: Ensure we never write read-only objects onto a read-write replica
We should prevent this much further up the stack, but at least add a choke
at this point for now.

Additionally, this avoids administrator-forced replications causing
considerable damange to the directory.

Andrew Bartlett
2012-07-18 09:32:53 +02:00
Rusty Russell
127352c78c source4/torture: add talloc_stackframe()
We need a stackframe to call lp_load().

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>

Autobuild-User(master): Rusty Russell <rusty@rustcorp.com.au>
Autobuild-Date(master): Wed Jul 18 09:31:07 CEST 2012 on sn-devel-104
2012-07-18 09:31:07 +02:00
Rusty Russell
06731bc28f source3/netapi: fix only caller which doesn't set up a talloc_stackframe()
libnetapi_free() needs a stackframe too; looked like Andrew and Günther
missed this in a37de9a959.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18 15:07:28 +09:30
Rusty Russell
d54ebd36cc source3/passdb/py_passdb.c: wrap all calls in talloc_stackframe()
dbwrap needs it.  Some calls were already wrapped, but they checked the 
talloc_stackframe() return unnecessarily: it can never be NULL.

This is the coccinelle patch I used:

// Add in a stackframe to every function: be sure to free it on (every) return
@rule0@
identifier func;
@@
func(...) {
+TALLOC_CTX *frame = talloc_stackframe();
<...
+talloc_free(frame);
return ...;
...>
}

// Get rid of tframe allocation/frees, replace usage with frame.
@rule1@
identifier func;
identifier oldframe;
@@
func(...) {
...
-TALLOC_CTX *oldframe;
...
-if ((oldframe = talloc_stackframe()) == NULL) {
- 	...
-}
<...
-talloc_free(oldframe);
...>
}

// Get rid of tframe (variant 2)
@rule2@
identifier func;
identifier oldframe;
@@
func(...) {
...
-TALLOC_CTX *oldframe;
...
-oldframe = talloc_stackframe();
-if (oldframe == NULL) {
- 	...
-}
<...
-talloc_free(oldframe);
...>
}

// Change tframe to frame
@rule3@
identifier func;
@@
func(...) {
<...
-tframe
+frame
...>
}

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18 15:07:28 +09:30
Rusty Russell
99272331c6 source3/passdb/py_passdb.c: don't steal from talloc_stackframe().
If you want a stack-style allocation, use talloc_stackframe().  If you
don't, don't use it.  In particular, talloc_stackframe() here is actually
inside a pool, and stealing from pools is a bad idea.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18 15:07:28 +09:30
Rusty Russell
51ec59db10 source3/torture/pdbtest: allocate talloc_stackframe()
Avoid talloc_tos() without a stackframe.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18 15:07:28 +09:30
Rusty Russell
1f8b574adb talloc_stack: abort in developer me if no stackframe on talloc_tos()
Don't tolerate leaks in developer mode.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18 15:07:27 +09:30
Rusty Russell
fe72740e82 loadparm: make the source3/ lp_ functions take an explicit TALLOC_CTX *.
They use talloc_tos() internally: hoist that up to the callers, some
of whom don't want to us talloc_tos().

A simple patch, but hits a lot of files.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18 15:07:23 +09:30
Rusty Russell
c809eec53f source3/utils/net_conf.c: fix stackframe leak
net_conf_wrap_function() doesn't free its stackframe.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18 05:09:31 +09:30
Rusty Russell
aa2e02e684 source3/winbindd/winbindd_pam.c: fix stackframe leak
check_info3_in_group() doesn't always free its stackframe.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18 05:08:31 +09:30
Rusty Russell
f3001e808c source3/lib/smbconf/testsuite.c: fix stackframe leak
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18 05:07:31 +09:30
Rusty Russell
15faffc537 source3/registry/reg_backend_db.c: fix stackframe leak
regdb_store_values_internal() doesn't always free its stackframe.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18 05:06:31 +09:30
Rusty Russell
5716570cbc source3/winbindd/idmap_tdb_common.c: fix stackframe leak
idmap_tdb_common_sid_to_unixid() doesn't always free its stackframe.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18 05:05:31 +09:30
Rusty Russell
32c69e6e2a source3/rpc_server/svcctl/srv_svcctl_reg.c: fix stackframe leak
svcctl_init_winreg() doesn't free its stackframe.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18 05:04:31 +09:30
Rusty Russell
bdc59fb538 source3/modules/vfs_xattr_tdb.c: fix stackframe leak
xattr_tdb_getxattr() doesn't free its stackframe.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18 05:03:31 +09:30
Rusty Russell
a620fc0372 lib/util/modules.c: fix stackframe leak.
do_smb_load_module() doesn't free its stackframe on success.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18 05:02:31 +09:30
Rusty Russell
2314c60629 source3/winbindd/winbindd_util.c: fix stackframe leak
winbindd_can_contact_domain() doesn't always free its stackframe.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18 05:01:31 +09:30
Rusty Russell
7a6591037b nt_printing_tdb_migrate(): fix stackframe leak.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18 05:00:31 +09:30
Rusty Russell
dcec7c1f71 source3/client/client.c: fix stackframe leak.
do_message_op() doesn't free its stackframe in various paths.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18 04:59:31 +09:30
Rusty Russell
634a63d934 smbpasswd: always free frame.
We're about to exit, so it doesn't really matter, but might as well
unify the paths.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18 04:58:31 +09:30
Rusty Russell
84fb37fe37 talloc_stack: report lazy freeing (panic if DEVELOPER).
talloc_stackframe() stacks, so if you forget to free one, the outer
one will free it.  However, it's not a good idea to rely too heavily
on this behaviour: it can lead to delays in the release of memory or
destructors.

I had an elaborate hack to make sure every talloc_stackframe() was
freed in the exact same function it was allocated, however all bugs it
caught were simply lazy freeing, so this patch just checks for that.

This doesn't check for stackframes we don't free up on exit: that would
be nice, but uncovers some uncomfortable (but probably harmless) cases.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18 04:57:31 +09:30
Rusty Russell
f9b51ff33e talloc_stack: always include the location when creating a talloc_stackframe().
Much better for debugging.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18 04:56:31 +09:30
Rusty Russell
311281c2c5 talloc_stack: handle more than one talloc_stackframe_pool()
The only reason we make one stackframe parent of the next is so we use
our parent's pool.  That doesn't make sense if we're a new pool, and
wouldn't work anyway.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18 04:55:31 +09:30
Rusty Russell
4f331872bc talloc: don't allow a talloc_pool inside a talloc_pool.
We explicitly call free() on a pool which falls to zero, assuming it's
not inside another pool (we crash).  Check on creation and explicitly
document this case.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18 04:54:31 +09:30
Rusty Russell
8893215aaf talloc: use a struct for pool headers.
This neatens the code a bit (we should do a similar thing for all the
TALLOC_CHUNK macros).

Two subtler changes:
(1) As a result of the struct, we actually pack object_count into the 
    talloc header on 32-bit platforms (since the header is 40 bytes, but
    needs to be 16-byte aligned).
(2) I avoid VALGRIND_MAKE_MEM_UNDEFINED on memmove when we resize the
    only entry in a pool; that's done later anyway.

With -O2 on my 11.04 Ubuntu 32-bit x86 laptop, the talloc_pool speed as
measured by testsuite.c actually increases 10%.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18 04:53:31 +09:30
Volker Lendecke
d1a5a5bc80 s3-linux-aio: Fix error handling
Signed-off-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jul 17 21:22:31 CEST 2012 on sn-devel-104
2012-07-17 21:22:31 +02:00
Jeremy Allison
254e8c46c4 Add debug message when SD hash doesn't match. 2012-07-17 10:04:03 -07:00
Günther Deschner
2d1334e992 s3-autoconf: Fix the build.
Guenther

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Jul 17 16:17:06 CEST 2012 on sn-devel-104
2012-07-17 16:17:06 +02:00
Andreas Schneider
98b9ef54f2 Enable AES in winbind.
Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-17 13:53:38 +02:00
Andreas Schneider
33206b1e24 s3-rpc_client: Fix updating netlogon credentials.
Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-17 13:53:37 +02:00
Andreas Schneider
572b549063 s3-rpc_client: Add capabilities check for AES encrypted connections.
Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-17 13:53:37 +02:00
Andreas Schneider
18692b060f s4-auth: Make sure we use the correct credential state.
If we create a copy of the credential state we miss updates to the
credentials.

To establish a netlogon schannel connection we create client credentials
and authenticate with them using

dcerpc_netr_ServerAuthenticate2()

For this we call netlogon_creds_client_authenticator() which increases
the sequence number and steps the credentials. Lets assume the sequence
number is 1002.

After a successful authentication we get the server credentials and we
send bind a auth request with the received creds. This sets up gensec
and the gensec schannel module created a copy of the client creds and
stores it in the schannel auth state. So the creds stored in gensec have
the sequence number 1002.

After that we continue and need the client credentials to call

dcerpc_netr_LogonGetCapabilities()

to verify the connection. So we need to increase the sequence number of
the credentials to 1004 and step the credentials to the next state. The
server always does the same and everything is just fine here.

The connection is established and we want to do another netlogon call.
So we get the creds from gensec and want to do a netlogon call e.g.

dcerpc_netr_SamLogonWithFlags.

We get the needed creds from gensec. The sequence number is 1002 and
we talk to the server. The server is already ahead cause we are already
at sequence number 1004 and the server expects it to be 1006. So the
server gives us ACCESS_DENIED cause we use a copy in gensec.

Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-17 13:26:37 +02:00
Andreas Schneider
197781a651 s4-librpc: Add capabilities check for AES encrypted connections.
Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-17 13:26:34 +02:00
Andreas Schneider
a3e835635c s4-torture: Improve samlogon test. 2012-07-17 10:58:39 +02:00
Andreas Schneider
2c3dc04be2 s4-torture: Add DCERPC_SCHANNEL_AES tests.
Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-17 10:58:39 +02:00
Stefan Metzmacher
5e25fc6686 s3:rpc_server: add support for AES bases netlogon schannel
metze

Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-17 10:58:39 +02:00
Stefan Metzmacher
04d770adac s4:rpc_server/netlogon: add support for AES based netlogon schannel
metze

Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-17 10:58:39 +02:00
Stefan Metzmacher
780006db9d s4:librpc/rpc: add DCERPC_SCHANNEL_AES support
metze

Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-17 10:58:39 +02:00
Stefan Metzmacher
a7208de06a libcli/auth: add support for AES/HMAC-SHA256 to the netlogon schannel sign/seal
metze

Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-17 10:58:39 +02:00
Stefan Metzmacher
99e5241d36 libcli/auth: add support for AES/HMAC-SHA256 schannel session key support
metze

Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-17 10:58:39 +02:00
Stefan Metzmacher
99231181e3 s4:rpc_server/netlogon: only return STRONG_KEYS if the client asked for it
metze

Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-17 10:58:38 +02:00
Stefan Metzmacher
e48aabc006 s4:rpc_server/netlogon: implement netr_LogonGetCapabilities
This is also needed to support AES.

metze

Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-17 10:58:38 +02:00
Stefan Metzmacher
342a2e6181 s4:librpc/rpc/dcerpc_schannel: just append NETLOGON_NEG_RODC_PASSTHROUGH as rodc
The RODC stuff doesn't depend on the schannel algorithm.

metze

Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-17 10:58:38 +02:00
Stefan Metzmacher
e7c7a91130 s4:librpc/rpc/dcerpc_schannel: rework downgrade logic
metze

Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-17 10:58:38 +02:00
Andrew Bartlett
db33ef7be9 VERSION: Move on to beta5!
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Jul 17 06:10:52 CEST 2012 on sn-devel-104
2012-07-17 06:10:52 +02:00
Andrew Bartlett
3a6f1f9ac5 VERSION: Mark as the beta4 release 2012-07-17 12:17:07 +10:00
Andrew Bartlett
4b44002414 WHATSNEW: prepare for 4.0 beta4 2012-07-17 12:17:07 +10:00
Jelmer Vernooij
a7d5d08191 Revert "Remove XSLT script to generate image dependencies, instead rely on make"
This reverts commit c4493c22f1.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=7562

Conflicts:
	docs-xml/Makefile

Autobuild-User(master): Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date(master): Mon Jul 16 16:18:46 CEST 2012 on sn-devel-104
2012-07-16 16:18:46 +02:00
Andrew Bartlett
c92a5670e3 pytdb: Check if the database is closed before we touch it
If .close() has already been called, we have to play dead - the
self->ctx is just not valid any more, as we have been shut down to
allow some other part of Samba to open the tdb.

Andrew Bartlett

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Jul 16 13:51:52 CEST 2012 on sn-devel-104
2012-07-16 13:51:51 +02:00