The branch, v4-2-stable has been updated
via f03201a VERSION: Disable git snapshots for the 4.2.13 release.
via 1ff9b09 WHATSNEW: Add release notes for Samba 4.2.13.
via 3af9006 s3: krb5: keytab - The done label can be jumped to with
context == NULL.
via 4759f64 smbd: Fix an assert
via 0ab3ef3 s3: auth: Move the declaration of struct dom_sid tmp_sid to
function level scope.
via 615516b s3:rpcclient: make use of SMB_SIGNING_IPC_DEFAULT
via b6c9438 s3:smbd: fix anonymous authentication if signing is
mandatory
via 93155fa s3:ntlm_auth: make ntlm_auth_generate_session_info() more
complete
via e410d79 libcli/auth: let msrpc_parse() return talloc'ed empty
strings
via 0ef06ee VERSION: Bump version up to 4.2.12...
from e4e16a1 VERSION: Disable git snapshots for the 4.2.12 release.
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-2-stable
- Log -----------------------------------------------------------------
-----------------------------------------------------------------------
Summary of changes:
VERSION | 2 +-
WHATSNEW.txt | 58 ++++++++++++++++++++++++++++++++++++++--
libcli/auth/msrpc_parse.c | 24 ++++++++++++++---
source3/auth/token_util.c | 2 +-
source3/libads/kerberos_keytab.c | 18 ++++++-------
source3/rpcclient/rpcclient.c | 13 ++++++++-
source3/smbd/oplock.c | 1 +
source3/smbd/sesssetup.c | 8 ++++--
source3/utils/ntlm_auth.c | 51 +++++++++++++++++++++++++++++++----
9 files changed, 151 insertions(+), 26 deletions(-)
Changeset truncated at 500 lines:
diff --git a/VERSION b/VERSION
index 9c39699..fb30286 100644
--- a/VERSION
+++ b/VERSION
@@ -25,7 +25,7 @@
########################################################
SAMBA_VERSION_MAJOR=4
SAMBA_VERSION_MINOR=2
-SAMBA_VERSION_RELEASE=12
+SAMBA_VERSION_RELEASE=13
########################################################
# If a official release has a serious bug #
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 8b3fcc8..d061b6c 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,4 +1,59 @@
==============================
+ Release Notes for Samba 4.2.13
+ June 17, 2016
+ ==============================
+
+
+Although Samba 4.2 is in the security only mode, the Samba Team decided to ship
+this very last bug fix release to address some important issues.
+
+
+Changes since 4.2.12:
+---------------------
+
+o Jeremy Allison <j...@samba.org>
+ * BUG 10618: s3: auth: Move the declaration of struct dom_sid tmp_sid to
+ function level scope.
+ * BUG 11959: s3: krb5: keytab - The done label can be jumped to with
+ context == NULL.
+
+
+o Volker Lendecke <v...@samba.org>
+ * BUG 11844: smbd: Fix an assert.
+
+
+o Stefan Metzmacher <me...@samba.org>
+ * BUG 11910: s3:smbd: Fix anonymous authentication if signing is mandatory.
+ * BUG 11912: libcli/auth: Let msrpc_parse() return talloc'ed empty strings.
+ * BUG 11914: s3:ntlm_auth: Make ntlm_auth_generate_session_info() more
+ complete.
+ * BUG 11927: s3:rpcclient: Make use of SMB_SIGNING_IPC_DEFAULT.
+
+
+#######################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the "Samba 4.1 and newer" product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+Release notes for older releases follow:
+----------------------------------------
+
+ ==============================
Release Notes for Samba 4.2.12
May 02, 2016
==============================
@@ -124,8 +179,7 @@ database (https://bugzilla.samba.org/).
======================================================================
-Release notes for older releases follow:
-----------------------------------------
+----------------------------------------------------------------------
==============================
diff --git a/libcli/auth/msrpc_parse.c b/libcli/auth/msrpc_parse.c
index d499d9e..74a7bcc 100644
--- a/libcli/auth/msrpc_parse.c
+++ b/libcli/auth/msrpc_parse.c
@@ -262,7 +262,11 @@ bool msrpc_parse(TALLOC_CTX *mem_ctx,
ps = va_arg(ap, char **);
if (len1 == 0 && len2 == 0) {
- *ps = (char *)discard_const("");
+ *ps = talloc_strdup(mem_ctx, "");
+ if (*ps == NULL) {
+ ret = false;
+ goto cleanup;
+ }
} else {
/* make sure its in the right format - be
strict */
if ((len1 != len2) || (ptr + len1 < ptr) ||
(ptr + len1 < len1) || (ptr + len1 > blob->length)) {
@@ -289,7 +293,11 @@ bool msrpc_parse(TALLOC_CTX *mem_ctx,
goto cleanup;
}
} else {
- (*ps) = (char *)discard_const("");
+ *ps = talloc_strdup(mem_ctx, "");
+ if (*ps == NULL) {
+ ret = false;
+ goto cleanup;
+ }
}
}
break;
@@ -302,7 +310,11 @@ bool msrpc_parse(TALLOC_CTX *mem_ctx,
ps = (char **)va_arg(ap, char **);
/* make sure its in the right format - be strict */
if (len1 == 0 && len2 == 0) {
- *ps = (char *)discard_const("");
+ *ps = talloc_strdup(mem_ctx, "");
+ if (*ps == NULL) {
+ ret = false;
+ goto cleanup;
+ }
} else {
if ((len1 != len2) || (ptr + len1 < ptr) ||
(ptr + len1 < len1) || (ptr + len1 > blob->length)) {
ret = false;
@@ -325,7 +337,11 @@ bool msrpc_parse(TALLOC_CTX *mem_ctx,
goto cleanup;
}
} else {
- (*ps) = (char *)discard_const("");
+ *ps = talloc_strdup(mem_ctx, "");
+ if (*ps == NULL) {
+ ret = false;
+ goto cleanup;
+ }
}
}
break;
diff --git a/source3/auth/token_util.c b/source3/auth/token_util.c
index 9bb014c..f6ce131 100644
--- a/source3/auth/token_util.c
+++ b/source3/auth/token_util.c
@@ -673,6 +673,7 @@ static NTSTATUS create_token_from_sid(TALLOC_CTX *mem_ctx,
gid_t *gids;
struct dom_sid *group_sids;
struct dom_sid unix_group_sid;
+ struct dom_sid tmp_sid;
uint32_t num_group_sids;
uint32_t num_gids;
uint32_t i;
@@ -756,7 +757,6 @@ static NTSTATUS create_token_from_sid(TALLOC_CTX *mem_ctx,
*uid = sam_acct->unix_pw->pw_uid;
} else if (sid_check_is_in_unix_users(user_sid)) {
- struct dom_sid tmp_sid;
uint32_t getgroups_num_group_sids;
/* This is a unix user not in passdb. We need to ask nss
* directly, without consulting passdb */
diff --git a/source3/libads/kerberos_keytab.c b/source3/libads/kerberos_keytab.c
index ae3d80e39..2068d03 100644
--- a/source3/libads/kerberos_keytab.c
+++ b/source3/libads/kerberos_keytab.c
@@ -742,26 +742,24 @@ done:
TALLOC_FREE(oldEntries);
TALLOC_FREE(frame);
- {
+ if (context) {
krb5_keytab_entry zero_kt_entry;
+ krb5_kt_cursor zero_csr;
+
ZERO_STRUCT(zero_kt_entry);
+ ZERO_STRUCT(zero_csr);
+
if (memcmp(&zero_kt_entry, &kt_entry,
sizeof(krb5_keytab_entry))) {
smb_krb5_kt_free_entry(context, &kt_entry);
}
- }
- {
- krb5_kt_cursor zero_csr;
- ZERO_STRUCT(zero_csr);
if ((memcmp(&cursor, &zero_csr,
sizeof(krb5_kt_cursor)) != 0) && keytab) {
krb5_kt_end_seq_get(context, keytab, &cursor);
}
- }
- if (keytab) {
- krb5_kt_close(context, keytab);
- }
- if (context) {
+ if (keytab) {
+ krb5_kt_close(context, keytab);
+ }
krb5_free_context(context);
}
return ret;
diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c
index a35e422..ebe72b9 100644
--- a/source3/rpcclient/rpcclient.c
+++ b/source3/rpcclient/rpcclient.c
@@ -944,6 +944,7 @@ out_free:
const char *binding_string = NULL;
char *user, *domain, *q;
const char *host;
+ int signing_state = SMB_SIGNING_IPC_DEFAULT;
/* make sure the vars that get altered (4th field) are in
a fixed location or certain compilers complain */
@@ -1116,6 +1117,16 @@ out_free:
}
}
+ signing_state =
get_cmdline_auth_info_signing_state(rpcclient_auth_info);
+ switch (signing_state) {
+ case SMB_SIGNING_OFF:
+ lp_set_cmdline("client ipc signing", "no");
+ break;
+ case SMB_SIGNING_REQUIRED:
+ lp_set_cmdline("client ipc signing", "required");
+ break;
+ }
+
if (get_cmdline_auth_info_use_kerberos(rpcclient_auth_info)) {
flags |= CLI_FULL_CONNECTION_USE_KERBEROS |
CLI_FULL_CONNECTION_FALLBACK_AFTER_KERBEROS;
@@ -1143,7 +1154,7 @@ out_free:
get_cmdline_auth_info_domain(rpcclient_auth_info),
get_cmdline_auth_info_password(rpcclient_auth_info),
flags,
-
get_cmdline_auth_info_signing_state(rpcclient_auth_info));
+ SMB_SIGNING_IPC_DEFAULT);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0,("Cannot connect to server. Error was %s\n",
nt_errstr(nt_status)));
diff --git a/source3/smbd/oplock.c b/source3/smbd/oplock.c
index f50d3b9..9996b8b 100644
--- a/source3/smbd/oplock.c
+++ b/source3/smbd/oplock.c
@@ -190,6 +190,7 @@ bool update_num_read_oplocks(files_struct *fsp, struct
share_mode_lock *lck)
/*
* If we're the only one, we don't need a brlock entry
*/
+ remove_stale_share_mode_entries(d);
SMB_ASSERT(d->num_share_modes == 1);
SMB_ASSERT(EXCLUSIVE_OPLOCK_TYPE(d->share_modes[0].op_type));
return true;
diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c
index 77b8077..5d92af1 100644
--- a/source3/smbd/sesssetup.c
+++ b/source3/smbd/sesssetup.c
@@ -135,6 +135,7 @@ static void reply_sesssetup_and_X_spnego(struct smb_request
*req)
struct smbXsrv_connection *xconn = req->xconn;
struct smbd_server_connection *sconn = req->sconn;
uint16_t action = 0;
+ bool is_authenticated = false;
NTTIME now = timeval_to_nttime(&req->request_time);
struct smbXsrv_session *session = NULL;
uint16_t smb_bufsize = SVAL(req->vwv+2, 0);
@@ -328,12 +329,13 @@ static void reply_sesssetup_and_X_spnego(struct
smb_request *req)
sconn->num_users++;
if (security_session_user_level(session_info, NULL) >=
SECURITY_USER) {
+ is_authenticated = true;
session->compat->homes_snum =
register_homes_share(session_info->unix_info->unix_name);
}
if (srv_is_signing_negotiated(xconn) &&
- action == 0 &&
+ is_authenticated &&
session->global->signing_key.length > 0)
{
/*
@@ -592,6 +594,7 @@ void reply_sesssetup_and_X(struct smb_request *req)
struct auth_session_info *session_info = NULL;
uint16 smb_flag2 = req->flags2;
uint16_t action = 0;
+ bool is_authenticated = false;
NTTIME now = timeval_to_nttime(&req->request_time);
struct smbXsrv_session *session = NULL;
NTSTATUS nt_status;
@@ -1029,12 +1032,13 @@ void reply_sesssetup_and_X(struct smb_request *req)
sconn->num_users++;
if (security_session_user_level(session_info, NULL) >= SECURITY_USER) {
+ is_authenticated = true;
session->compat->homes_snum =
register_homes_share(session_info->unix_info->unix_name);
}
if (srv_is_signing_negotiated(xconn) &&
- action == 0 &&
+ is_authenticated &&
session->global->signing_key.length > 0)
{
/*
diff --git a/source3/utils/ntlm_auth.c b/source3/utils/ntlm_auth.c
index d01c522..0fa8997 100644
--- a/source3/utils/ntlm_auth.c
+++ b/source3/utils/ntlm_auth.c
@@ -27,6 +27,7 @@
#include "includes.h"
#include "lib/param/param.h"
#include "popt_common.h"
+#include "libcli/security/security.h"
#include "utils/ntlm_auth.h"
#include "../libcli/auth/libcli_auth.h"
#include "auth/ntlmssp/ntlmssp.h"
@@ -705,18 +706,58 @@ static NTSTATUS ntlm_auth_generate_session_info(struct
auth4_context *auth_conte
uint32_t session_info_flags,
struct auth_session_info
**session_info_out)
{
- char *unix_username = (char *)server_returned_info;
- struct auth_session_info *session_info = talloc_zero(mem_ctx, struct
auth_session_info);
- if (!session_info) {
+ const char *unix_username = (const char *)server_returned_info;
+ bool ok;
+ struct dom_sid *sids = NULL;
+ struct auth_session_info *session_info = NULL;
+
+ session_info = talloc_zero(mem_ctx, struct auth_session_info);
+ if (session_info == NULL) {
return NT_STATUS_NO_MEMORY;
}
session_info->unix_info = talloc_zero(session_info, struct
auth_user_info_unix);
- if (!session_info->unix_info) {
+ if (session_info->unix_info == NULL) {
+ TALLOC_FREE(session_info);
+ return NT_STATUS_NO_MEMORY;
+ }
+ session_info->unix_info->unix_name =
talloc_strdup(session_info->unix_info,
+ unix_username);
+ if (session_info->unix_info->unix_name == NULL) {
+ TALLOC_FREE(session_info);
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ session_info->security_token = talloc_zero(session_info, struct
security_token);
+ if (session_info->security_token == NULL) {
TALLOC_FREE(session_info);
return NT_STATUS_NO_MEMORY;
}
- session_info->unix_info->unix_name =
talloc_steal(session_info->unix_info, unix_username);
+
+ sids = talloc_zero_array(session_info->security_token,
+ struct dom_sid, 3);
+ if (sids == NULL) {
+ TALLOC_FREE(session_info);
+ return NT_STATUS_NO_MEMORY;
+ }
+ ok = dom_sid_parse(SID_WORLD, &sids[0]);
+ if (!ok) {
+ TALLOC_FREE(session_info);
+ return NT_STATUS_INTERNAL_ERROR;
+ }
+ ok = dom_sid_parse(SID_NT_NETWORK, &sids[1]);
+ if (!ok) {
+ TALLOC_FREE(session_info);
+ return NT_STATUS_INTERNAL_ERROR;
+ }
+ ok = dom_sid_parse(SID_NT_AUTHENTICATED_USERS, &sids[2]);
+ if (!ok) {
+ TALLOC_FREE(session_info);
+ return NT_STATUS_INTERNAL_ERROR;
+ }
+
+ session_info->security_token->num_sids = talloc_array_length(sids);
+ session_info->security_token->sids = sids;
*session_info_out = session_info;
--
Samba Shared Repository
