sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-07 17:18:11 +03:00
Code
52dd57d4b3
samba-mirror/source3
History
Stefan Metzmacher 52dd57d4b3 smbXsrv_client: notify a different node to drop a connection by client guid. 
If a client disconnected all its interfaces and reconnects when
the come back, it will likely start from any ip address returned
dns, which means it can try to connect to a different ctdb node.
The old node may not have noticed the disconnect and still holds
the client_guid based smbd.

Up unil now the new node returned NT_STATUS_NOT_SUPPORTED to
the SMB2 Negotiate request, as messaging_send_iov[_from]() will
return -1/ENOSYS if a file descriptor os passed to a process on
a different node.

Now we tell the other node to teardown all client connections
belonging to the client-guid.

Note that this is not authenticated, but if an attacker can
capture the client-guid, he can also inject TCP resets anyway,
to get the same effect.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15159

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Sep  2 20:59:15 UTC 2022 on sn-devel-184

(cherry picked from commit 8591d94243)
2022-10-18 08:34:17 +00:00
..
auth s3:auth: Flush the GETPWSID in memory cache for NTLM auth 2022-10-07 08:45:15 +00:00
build
client s3/client: fix dfs deltree, resolve dfs path 2022-06-20 10:56:52 +00:00
exports
groupdb lib: relicense smb_strtoul(l) under LGPLv3 2020-08-03 22:21:02 +00:00
include smbd: add and use vfs_fget_dos_attributes() 2022-09-06 07:54:13 +00:00
intl
lib lib: Map ERANGE to NT_STATUS_INTEGER_OVERFLOW 2022-09-28 19:13:18 +00:00
libads s3:libads: Check if we have a valid sockaddr 2022-07-11 11:33:49 +00:00
libgpo/gpext
libnet s3:libnet: Do not set ADS_AUTH_ALLOW_NTLMSSP in FIPS mode 2022-01-22 00:27:52 +00:00
librpc smbXsrv_client: notify a different node to drop a connection by client guid. 2022-10-18 08:34:17 +00:00
libsmb s3:libsmb: Fix errno for failed authentication in SMBC_server_internal() 2022-03-17 09:14:56 +00:00
locale pam_winbind/ro.po: fix error from previous patch merge 2020-10-29 20:49:16 +00:00
locking s3: smbd: Move implicit call to lp_posix_cifsu_locktype() out of init_strict_lock_struct(). 2022-01-06 15:11:38 +00:00
modules vfs_gpfs: Protect against timestamps before the Unix epoch 2022-09-28 19:13:18 +00:00
nmbd source3: move lib/substitute.c functions out of proto.h 2021-11-11 13:49:32 +00:00
param docs-xml: add 'kdc enable fast' option 2022-03-14 14:27:13 +00:00
passdb CVE-2022-32746 ldb: Make use of functions for appending to an ldb_message 2022-07-24 09:20:21 +02:00
printing s3:printing: Do not clear the printer-list.tdb 2022-07-11 10:27:17 +00:00
profile profile3: remove an unused include 2022-01-18 20:22:38 +00:00
registry CVE-2020-25717: Add FreeIPA domain controller role 2021-11-09 19:45:33 +00:00
rpc_client s3:rpc_client: let rpccli_netlogon_network_logon() fallback to workstation = lp_netbios_name() 2022-03-16 13:41:14 +00:00
rpc_server s3:rpc_server: Use BURN_STR() to zero password 2022-09-18 16:46:09 +00:00
rpcclient s3:rpcclient: Goto done in cmd_samr_setuserinfo_int() 2022-07-31 19:14:59 +00:00
script CI: add a test trying to delete a stream on a pathref ("stat open") handle 2022-09-06 07:54:13 +00:00
selftest smbtorture: add a test trying to create a stream on share without streams support 2022-09-06 07:54:14 +00:00
services s3:services: Disable rcinit-based service control code 2021-12-10 14:02:30 +00:00
smbd smbXsrv_client: notify a different node to drop a connection by client guid. 2022-10-18 08:34:17 +00:00
torture smbd: use metadata_fsp() with SMB_VFS_FSET_NT_ACL() 2022-09-06 07:54:13 +00:00
utils s3/util/py_net.c: fix samba-tool domain join&leave segfault 2022-08-08 10:32:22 +00:00
web
winbindd s3:winbind: Use the canonical realm name to renew the credentials 2022-07-18 09:40:12 +00:00
.clang_complete
.dmallocrc
.indent.pro
Doxyfile
mainpage.dox
smbadduser.in
wscript Revert "s3:smbd: Remove NIS support" 2022-06-12 09:19:16 +00:00
wscript_build s3:waf: Fix version number of public libsmbconf 2022-06-27 08:25:10 +00:00
wscript_configure_system_ncurses