The branch, v4-6-test has been updated
via f69814f g_lock: fix cleanup of stale entries in g_lock_trylock()
via e39dcec s4:kdc: only map SDB_ERR_NOT_FOUND_HERE to
HDB_ERR_NOT_FOUND_HERE
from 51fb772 VERSION: Bump version up to 4.6.13...
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-6-test
- Log -----------------------------------------------------------------
commit f69814f0350396a3d7aac1324c2eb71bc8068f69
Author: Stefan Metzmacher <[email protected]>
Date: Wed Dec 20 08:25:19 2017 +0100
g_lock: fix cleanup of stale entries in g_lock_trylock()
g_lock_trylock() always incremented the counter 'i', even after cleaning a
stale
entry at position 'i', which means it skipped checking for a conflict
against
the new entry at position 'i'.
As result a process could get a write lock, while there're still
some read lock holders. Once we get into that problem, also more than
one write lock are possible.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13195
Signed-off-by: Stefan Metzmacher <[email protected]>
Reviewed-by: Volker Lendecke <[email protected]>
Autobuild-User(master): Volker Lendecke <[email protected]>
Autobuild-Date(master): Wed Dec 20 20:31:48 CET 2017 on sn-devel-144
(similar to commit 576fb4fb5dc506bf55e5cf87973999dca444149b)
Autobuild-User(v4-6-test): Karolin Seeger <[email protected]>
Autobuild-Date(v4-6-test): Fri Dec 22 22:11:00 CET 2017 on sn-devel-144
commit e39dcec5e146dafaa47fbf64cfee96356a3ee8c1
Author: Stefan Metzmacher <[email protected]>
Date: Thu Sep 21 12:02:25 2017 +0200
s4:kdc: only map SDB_ERR_NOT_FOUND_HERE to HDB_ERR_NOT_FOUND_HERE
HDB_ERR_NOT_FOUND_HERE indicated a very specific error on an RODC.
We should not map any error to HDB_ERR_NOT_FOUND_HERE,
we should just pass errors along unmapped.
Otherwise we'll hit the logic bug in:
if (ret == KDC_PROXY_REQUEST) {
uint16_t port;
if (!sock->kdc_socket->kdc->am_rodc) {
DEBUG(0,("kdc_udp_call_loop: proxying requested when not
RODC"));
talloc_free(call);
goto done;
}
And just don't send an error message to the client.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13132
Signed-off-by: Stefan Metzmacher <[email protected]>
Reviewed-by: Andreas Schneider <[email protected]>
Autobuild-User(master): Andreas Schneider <[email protected]>
Autobuild-Date(master): Wed Dec 6 23:16:54 CET 2017 on sn-devel-144
(cherry picked from commit aaa946bb9eb8088389b8ffdec460023f1961616c)
-----------------------------------------------------------------------
Summary of changes:
source3/lib/g_lock.c | 6 +++++-
source4/kdc/hdb-samba4.c | 24 ++++++++++++++++++------
2 files changed, 23 insertions(+), 7 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/lib/g_lock.c b/source3/lib/g_lock.c
index f954978..6a661cd 100644
--- a/source3/lib/g_lock.c
+++ b/source3/lib/g_lock.c
@@ -133,7 +133,9 @@ static NTSTATUS g_lock_trylock(struct db_record *rec,
struct server_id self,
return NT_STATUS_INTERNAL_ERROR;
}
- for (i=0; i<num_locks; i++) {
+ i=0;
+
+ while (i < num_locks) {
if (serverid_equal(&self, &locks[i].pid)) {
status = NT_STATUS_INTERNAL_ERROR;
goto done;
@@ -160,7 +162,9 @@ static NTSTATUS g_lock_trylock(struct db_record *rec,
struct server_id self,
locks[i] = locks[num_locks-1];
num_locks -= 1;
modified = true;
+ continue;
}
+ i++;
}
tmp = talloc_realloc(talloc_tos(), locks, struct g_lock_rec,
diff --git a/source4/kdc/hdb-samba4.c b/source4/kdc/hdb-samba4.c
index 85d166f..47eaa1c 100644
--- a/source4/kdc/hdb-samba4.c
+++ b/source4/kdc/hdb-samba4.c
@@ -114,8 +114,10 @@ static krb5_error_code hdb_samba4_fetch_kvno(krb5_context
context, HDB *db,
break;
case SDB_ERR_NOENTRY:
return HDB_ERR_NOENTRY;
- default:
+ case SDB_ERR_NOT_FOUND_HERE:
return HDB_ERR_NOT_FOUND_HERE;
+ default:
+ return ret;
}
ret = sdb_entry_ex_to_hdb_entry_ex(context, &sdb_entry_ex, entry_ex);
@@ -146,8 +148,10 @@ static krb5_error_code hdb_samba4_firstkey(krb5_context
context, HDB *db, unsign
return HDB_ERR_WRONG_REALM;
case SDB_ERR_NOENTRY:
return HDB_ERR_NOENTRY;
- default:
+ case SDB_ERR_NOT_FOUND_HERE:
return HDB_ERR_NOT_FOUND_HERE;
+ default:
+ return ret;
}
ret = sdb_entry_ex_to_hdb_entry_ex(context, &sdb_entry_ex, entry);
@@ -173,8 +177,10 @@ static krb5_error_code hdb_samba4_nextkey(krb5_context
context, HDB *db, unsigne
return HDB_ERR_WRONG_REALM;
case SDB_ERR_NOENTRY:
return HDB_ERR_NOENTRY;
- default:
+ case SDB_ERR_NOT_FOUND_HERE:
return HDB_ERR_NOT_FOUND_HERE;
+ default:
+ return ret;
}
ret = sdb_entry_ex_to_hdb_entry_ex(context, &sdb_entry_ex, entry);
@@ -214,9 +220,11 @@ hdb_samba4_check_constrained_delegation(krb5_context
context, HDB *db,
case SDB_ERR_NOENTRY:
ret = HDB_ERR_NOENTRY;
break;
- default:
+ case SDB_ERR_NOT_FOUND_HERE:
ret = HDB_ERR_NOT_FOUND_HERE;
break;
+ default:
+ break;
}
return ret;
@@ -248,9 +256,11 @@ hdb_samba4_check_pkinit_ms_upn_match(krb5_context context,
HDB *db,
case SDB_ERR_NOENTRY:
ret = HDB_ERR_NOENTRY;
break;
- default:
+ case SDB_ERR_NOT_FOUND_HERE:
ret = HDB_ERR_NOT_FOUND_HERE;
break;
+ default:
+ break;
}
return ret;
@@ -282,9 +292,11 @@ hdb_samba4_check_s4u2self(krb5_context context, HDB *db,
case SDB_ERR_NOENTRY:
ret = HDB_ERR_NOENTRY;
break;
- default:
+ case SDB_ERR_NOT_FOUND_HERE:
ret = HDB_ERR_NOT_FOUND_HERE;
break;
+ default:
+ break;
}
return ret;
--
Samba Shared Repository
