1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00
Commit Graph

131688 Commits

Author SHA1 Message Date
Stefan Metzmacher
d60828f639 CVE-2022-38023 s3:winbindd: also allow per domain "winbind sealed pipes:DOMAIN" and "require strong key:DOMAIN"
This avoids advising insecure defaults for the global options.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15240

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2022-12-13 13:07:29 +00:00
Stefan Metzmacher
1fdf1d55a5 CVE-2022-38023 s3:net: add and use net_warn_member_options() helper
This makes sure domain member related 'net' commands print warnings
about unsecure smb.conf options.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15240

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2022-12-13 13:07:29 +00:00
Stefan Metzmacher
7e7adf86e5 CVE-2022-38023 libcli/auth: add/use netlogon_creds_cli_warn_options()
This warns the admin about insecure options

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15240

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2022-12-13 13:07:29 +00:00
Stefan Metzmacher
992f39a2c8 CVE-2022-38023 libcli/auth: pass lp_ctx to netlogon_creds_cli_set_global_db()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15240

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2022-12-13 13:07:29 +00:00
Ralph Boehme
830e865ba5 CVE-2022-38023 docs-xml: improve wording for several options: "yields precedence" -> "is over-riden"
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15240

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-12-13 13:07:29 +00:00
Ralph Boehme
8ec62694a9 CVE-2022-38023 docs-xml: improve wording for several options: "takes precedence" -> "overrides"
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15240

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-12-13 13:07:29 +00:00
Andrew Bartlett
22128c718c selftest: make filter-subunit much more efficient for large knownfail lists
By compiling the knownfail lists ahead of time we change a 20min test
into a 90sec test.

This could be improved further by combining this into a single regular expression,
but this is enough for now.  The 'reason' is thankfully not used.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15258

Pair-programmed-with: Joseph Sutton <josephsutton@catalyst.net.nz>

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2022-12-13 13:07:29 +00:00
Douglas Bagnall
5259926de7 s4/torture/smb2: avoid possibly closing undefined handle
From OSS-Fuzz compilation:

Step #3 - "compile-honggfuzz-address-x86_64": ../../source4/torture/smb2/dir.c:1456:2: error: variable 'dir_handle' is used uninitialized whenever 'if' condition is true [-Werror,-Wsometimes-uninitialized]
Step #3 - "compile-honggfuzz-address-x86_64":         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
Step #3 - "compile-honggfuzz-address-x86_64":         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Step #3 - "compile-honggfuzz-address-x86_64": ../../lib/torture/torture.h:748:3: note: expanded from macro 'torture_assert_ntstatus_ok_goto'
Step #3 - "compile-honggfuzz-address-x86_64":                 torture_assert_ntstatus_equal_goto(torture_ctx,expr,NT_STATUS_OK,ret,label,cmt)
Step #3 - "compile-honggfuzz-address-x86_64":                 ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Step #3 - "compile-honggfuzz-address-x86_64": ../../lib/torture/torture.h:316:6: note: expanded from macro 'torture_assert_ntstatus_equal_goto'
Step #3 - "compile-honggfuzz-address-x86_64":         if (!NT_STATUS_EQUAL(__got, __expected)) { \
Step #3 - "compile-honggfuzz-address-x86_64":             ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Step #3 - "compile-honggfuzz-address-x86_64": ../../source4/torture/smb2/dir.c:1582:24: note: uninitialized use occurs here
Step #3 - "compile-honggfuzz-address-x86_64":         smb2_util_close(tree, dir_handle);
Step #3 - "compile-honggfuzz-address-x86_64":                               ^~~~~~~~~~
Step #3 - "compile-honggfuzz-address-x86_64": ../../source4/torture/smb2/dir.c:1456:2: note: remove the 'if' if its condition is always false
Step #3 - "compile-honggfuzz-address-x86_64":         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
Step #3 - "compile-honggfuzz-address-x86_64":         ^
Step #3 - "compile-honggfuzz-address-x86_64": ../../lib/torture/torture.h:748:3: note: expanded from macro 'torture_assert_ntstatus_ok_goto'
Step #3 - "compile-honggfuzz-address-x86_64":                 torture_assert_ntstatus_equal_goto(torture_ctx,expr,NT_STATUS_OK,ret,label,cmt)
Step #3 - "compile-honggfuzz-address-x86_64":                 ^
Step #3 - "compile-honggfuzz-address-x86_64": ../../lib/torture/torture.h:316:2: note: expanded from macro 'torture_assert_ntstatus_equal_goto'
Step #3 - "compile-honggfuzz-address-x86_64":         if (!NT_STATUS_EQUAL(__got, __expected)) { \
Step #3 - "compile-honggfuzz-address-x86_64":         ^
Step #3 - "compile-honggfuzz-address-x86_64": ../../source4/torture/smb2/dir.c:1434:2: note: variable 'dir_handle' is declared here
Step #3 - "compile-honggfuzz-address-x86_64":         struct smb2_handle dir_handle;
Step #3 - "compile-honggfuzz-address-x86_64":         ^

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Dec 13 07:45:20 UTC 2022 on sn-devel-184
2022-12-13 07:45:20 +00:00
Volker Lendecke
5d82af05f3 smbd: Remove a few "extern userdom_struct current_user_info"
get_current_username() returns current_user_info.smb_name

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Dec 12 22:14:20 UTC 2022 on sn-devel-184
2022-12-12 22:14:20 +00:00
Volker Lendecke
8cc0489c80 lib: Add get_current_user_info_domain()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-12-12 21:16:33 +00:00
Volker Lendecke
46ce8a4710 lib: Make substitute.c's "remote_proto" static
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-12-12 21:16:33 +00:00
Volker Lendecke
06408707a2 vfs: Remove an unnecessary if statement
get_local_machine_name() already does exactly this

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-12-12 21:16:33 +00:00
Volker Lendecke
0b070db63b lib: Remove unused octal_string()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-12-12 21:16:33 +00:00
Volker Lendecke
3f7c646774 lib: Remove fstring_sub() that was used just once
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-12-12 21:16:33 +00:00
Volker Lendecke
f9c982b5a9 smbd: Simplify dos_mode_msdfs()
Use ISDOT[DOT]

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-12-12 21:16:33 +00:00
Volker Lendecke
080ded0910 cldap_server: Align integer types
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-12-12 21:16:33 +00:00
Volker Lendecke
f30f5dd245 smbd: Simplify is_visible_fsp()
We don't need the wrapping if-statement, we check for the individual
flags. The compiler should be smart enough so that this is not a
difference in execution speed.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-12-12 21:16:33 +00:00
Volker Lendecke
1625dc4b56 tsocket: Fix the build on FreeBSD
FreeBSD does not have TCP_USER_TIMEOUT

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-12-12 21:16:33 +00:00
Volker Lendecke
6d36577715 nsswitch: Align integer types
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-12-12 21:16:33 +00:00
Volker Lendecke
c8a37a24f7 smbd: Fix whitespace
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-12-12 21:16:33 +00:00
Ralph Boehme
4bb3e4df3e torture: test that a find with a mangled name works
This was spawned by https://bugzilla.samba.org/show_bug.cgi?id=13472 back
then. Samba implement this correctly, just add this test found in the attic.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Dec 10 00:07:09 UTC 2022 on sn-devel-184
2022-12-10 00:07:09 +00:00
Ralph Boehme
08997ac1a7 torture: convert mangling test to a suite
More tests to come...

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-12-09 23:11:38 +00:00
Ralph Boehme
0fa7c3f70c torture: add an interactive test that works out maximum name and path lenghts
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-12-09 23:11:38 +00:00
Ralph Boehme
3ece2cb807 smbd: remove oplock paranoia check from file_find_dif()
Since 4.16 stat opens will have a real fd, the only case where currently the fd
can still be -1 is a POSIX request on a symlink.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-12-09 23:11:38 +00:00
Ralph Boehme
6e1f58ab7c torture: add a test veryfing timestamps across rename
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-12-09 23:11:38 +00:00
Ralph Boehme
8d58174cdd lib/torture: fix tctx arg usage in torture_assert_nttime_equal() macro
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-12-09 23:11:38 +00:00
Ralph Boehme
6c997c7fb5 torture: add another large directory enumeration performance test
This one renames one file per iteration and can also be used to torture any
directory caching the server may employ.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-12-09 23:11:38 +00:00
Ralph Boehme
cac95c3bba torture: print duration of smb2.dir.test_large_files
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-12-09 23:11:38 +00:00
Ralph Boehme
c0be0b6873 torture: increase find buffer to 1 MB in multiple_smb2_search()
This is used by performance tests that don't want to measure network latency but
fileserver IO latency.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-12-09 23:11:38 +00:00
Ralph Boehme
9e1c2fedb8 torture: add another simple DOS attributes test
- create file with ARCHIVE
- open file with ARCHIVE+HIDDEN+...
- check DOS attrs are still only ARCHIVE from the initial create

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-12-09 23:11:38 +00:00
Ralph Boehme
fba4b29085 s4:torture: remove remaining checks if alloc_size is 0 on empty files
commit 55b2f247f9 already remove a few of these,
but a few remained.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-12-09 23:11:38 +00:00
Ralph Boehme
043ce404ca vfs_zfsacl: fix mixed declaration and code error
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-12-09 23:11:38 +00:00
Ralph Boehme
09a844c69e vfs_zfsacl: remove unused function
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-12-09 23:11:38 +00:00
Ralph Boehme
8a2c763d26 lib/cmdline/tests: add missing includes
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-12-09 23:11:38 +00:00
Stefan Metzmacher
8ccbbbd4ba s3:locking: split out del_share_mode_open_id()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-12-09 23:11:38 +00:00
Ralph Boehme
6cc866b590 smbd: introduce 'delete_on_close' helper variables
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-12-09 23:11:38 +00:00
Ralph Boehme
0db39fad9e g_lock: check for zero timeout in g_lock_lock()
If the record is already locked check if the requested timeout is zero
and fail directly with NT_STATUS_LOCK_NOT_GRANTED.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-12-09 23:11:38 +00:00
Ralph Boehme
aa8b0ef8b9 smbd: debug in smbd_smb2_close_send()
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-12-09 23:11:38 +00:00
Ralph Boehme
19a017496d s3/locking: Revert "s3:locking: Remove dead code"
This reverts commit de493a3e3b:

    s3:locking: Remove dead code

    Found by Coverity.

    Signed-off-by: Andreas Schneider <asn@samba.org>
    Reviewed-by: Isaac Boukris <iboukris@samba.org>

dbwrap_do_locked() correctly returns saved_errno which is a possible
errno returned by close() inside fd_close_posix_fn().

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-12-09 23:11:38 +00:00
Stefan Metzmacher
a9c6a329a2 s3:locking: re-add saved_errno handling to fd_close_posix()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-12-09 23:11:37 +00:00
Ralph Boehme
46ac8daa79 smbd: use fsp_getinfo_ask_sharemode() in open_file_ntcreate()
Note: this is a behaviour change in the non-default case when the user
has disabled "getinfo ask sharemode".

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-12-09 23:11:37 +00:00
Ralph Boehme
f0e0fc17d3 smbd: use fsp_search_ask_sharemode() and fsp_getinfo_ask_sharemode()
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-12-09 23:11:37 +00:00
Ralph Boehme
0226e0c31e smbd: add fsp_search_ask_sharemode() and fsp_getinfo_ask_sharemode()
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-12-09 23:11:37 +00:00
Ralph Boehme
7f20625f98 smbd: use reference_smb_fname_fsp_link() in rename_internals_fsp()
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-12-09 23:11:37 +00:00
Ralph Boehme
d1dd3f3d73 smbd: factor out reference_smb_fname_fsp_link() from parent_pathref()
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-12-09 23:11:37 +00:00
Sushmita Bhattacharya
67042d95bb Fix memleak in _nss_winbind_initgroups_dyn
Free the response at the end of _nss_winbind_initgroups_dyn

Signed-off-by: Sushmita Bhattacharya <sushmita.bhattacharya@oracle.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-12-09 23:11:37 +00:00
Pavel Filipenský
70e8da4291 s3:libads: Fix debug message
652c8ce1 has introduced talloc_move() which zeroes kdc_str

Signed-off-by: Pavel Filipenský <pfilipensky@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Dec  8 16:06:48 UTC 2022 on sn-devel-184
2022-12-08 16:06:48 +00:00
Volker Lendecke
99480c50ca smbd: Close the opened file in smbd_smb2_create_after_exec() error case
smbd_smb2_create_after_exec() is only called when the file has
successfully been opened. When this fails in the middle, we can't
leave the fsp around. Hard to test with current code, but with reparse
point handling we'll have a reproducable case soon.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Dec  6 23:37:52 UTC 2022 on sn-devel-184
2022-12-06 23:37:52 +00:00
Volker Lendecke
9e9c5c1435 smbd: Centralize error handling in smbd_smb2_create_after_exec()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-12-06 22:37:30 +00:00
Nicolas Williams
68fc909a7f CVE-2022-44640 HEIMDAL: asn1: invalid free in ASN.1 codec
Heimdal's ASN.1 compiler generates code that allows specially
crafted DER encodings of CHOICEs to invoke the wrong free function
on the decoded structure upon decode error.  This is known to impact
the Heimdal KDC, leading to an invalid free() of an address partly
or wholly under the control of the attacker, in turn leading to a
potential remote code execution (RCE) vulnerability.

This error affects the DER codec for all CHOICE types used in
Heimdal, though not all cases will be exploitable.  We have not
completed a thorough analysis of all the Heimdal components
affected, thus the Kerberos client, the X.509 library, and other
parts, may be affected as well.

This bug has been in Heimdal since 2005.  It was first reported by
Douglas Bagnall, though it had been found independently by the
Heimdal maintainers via fuzzing a few weeks earlier.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14929

(cherry-picked from Heimdal commit 9c9dac2b169255bad9071eea99fa90b980dde767)

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Dec  6 13:41:05 UTC 2022 on sn-devel-184
2022-12-06 13:41:05 +00:00