The branch, master has been updated
via 5bba8c3 s3:smb2_tcon: Add check to prevent non-DFS clients from
connecting to an msdfs proxy.
via de48619 pdb_nds: Fix CID 1273401 Unused value
via e29eaa4 idmap: Fix CID 1363261 Resource leak
via ad90835 idmap: Use TALLOC_FREE instead of explicit code
via 7def556 s4/torture: spelling fix in vfs_fruit test
via 0c73ddf s4/torture: spelling fix in vfs_fruit test
via 11589a2 s4/test: fix AAPL size check
from 1775ac8 winbindd: Do not ignore domain in the LOOKUPNAME request
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 5bba8c393d78235111cc5d744bb393847ca16283
Author: Ralph Wuerthner <[email protected]>
Date: Thu Mar 29 10:00:41 2018 +0200
s3:smb2_tcon: Add check to prevent non-DFS clients from connecting to an
msdfs proxy.
Signed-off-by: Ralph Wuerthner <[email protected]>
Reviewed-by: David Disseldorp <[email protected]>
Reviewed-by: Jeremy Allison <[email protected]>
Autobuild-User(master): Jeremy Allison <[email protected]>
Autobuild-Date(master): Sat Apr 7 05:05:22 CEST 2018 on sn-devel-144
commit de48619c15e19d8e79fcd7dea01b62f03fab6b4c
Author: Volker Lendecke <[email protected]>
Date: Fri Apr 6 15:57:36 2018 +0200
pdb_nds: Fix CID 1273401 Unused value
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Jeremy Allison <[email protected]>
commit e29eaa43f511750cc1670b7154ef936496b46a39
Author: Volker Lendecke <[email protected]>
Date: Fri Apr 6 11:04:24 2018 +0200
idmap: Fix CID 1363261 Resource leak
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Jeremy Allison <[email protected]>
commit ad90835c2bdf954622935139ec64ce640aa49b4b
Author: Volker Lendecke <[email protected]>
Date: Fri Apr 6 11:02:48 2018 +0200
idmap: Use TALLOC_FREE instead of explicit code
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Jeremy Allison <[email protected]>
commit 7def556d020523d66b01dd358cc9e9adcdd40380
Author: Ralph Boehme <[email protected]>
Date: Fri Jan 12 12:29:17 2018 +0100
s4/torture: spelling fix in vfs_fruit test
Signed-off-by: Ralph Boehme <[email protected]>
Reviewed-by: Jeremy Allison <[email protected]>
commit 0c73ddfaaef7688762dab866e3af53359e09fc62
Author: Ralph Boehme <[email protected]>
Date: Fri Jan 12 12:28:18 2018 +0100
s4/torture: spelling fix in vfs_fruit test
Signed-off-by: Ralph Boehme <[email protected]>
Reviewed-by: Jeremy Allison <[email protected]>
commit 11589a26ba40e9da90822a85b21327f49a69afda
Author: Ralph Boehme <[email protected]>
Date: Thu Jan 11 12:25:49 2018 +0100
s4/test: fix AAPL size check
A recent commit changed the ModelString from "Samba" to "MacSamba".
Signed-off-by: Ralph Boehme <[email protected]>
Reviewed-by: Jeremy Allison <[email protected]>
-----------------------------------------------------------------------
Summary of changes:
source3/passdb/pdb_nds.c | 18 +++++++++++-------
source3/smbd/smb2_tcon.c | 15 +++++++++++++++
source3/winbindd/idmap_ad_nss.c | 10 +++++-----
source4/torture/vfs/fruit.c | 25 +++++++++++++++----------
4 files changed, 46 insertions(+), 22 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/passdb/pdb_nds.c b/source3/passdb/pdb_nds.c
index 6245ecb..349ea0b 100644
--- a/source3/passdb/pdb_nds.c
+++ b/source3/passdb/pdb_nds.c
@@ -183,15 +183,19 @@ static int berEncodeLoginData(
err = (ber_printf(requestBer, "}}", 0) < 0) ?
LDAP_ENCODING_ERROR : 0;
}
- if(putData)
- {
+ if (!err) {
+ if (putData) {
/* BER Encode the the tag and data */
- err = (ber_printf(requestBer, "oio}", utf8TagPtr, utf8TagSize,
putDataLen, putData, putDataLen) < 0) ? LDAP_ENCODING_ERROR : 0;
- }
- else
- {
+ err = (ber_printf(requestBer, "oio}", utf8TagPtr,
+ utf8TagSize, putDataLen, putData,
+ putDataLen) < 0)
+ ? LDAP_ENCODING_ERROR : 0;
+ } else {
/* BER Encode the the tag */
- err = (ber_printf(requestBer, "o}", utf8TagPtr, utf8TagSize) <
0) ? LDAP_ENCODING_ERROR : 0;
+ err = (ber_printf(requestBer, "o}", utf8TagPtr,
+ utf8TagSize) < 0)
+ ? LDAP_ENCODING_ERROR : 0;
+ }
}
if (err)
diff --git a/source3/smbd/smb2_tcon.c b/source3/smbd/smb2_tcon.c
index 07e01cd..ebd3160 100644
--- a/source3/smbd/smb2_tcon.c
+++ b/source3/smbd/smb2_tcon.c
@@ -270,6 +270,21 @@ static NTSTATUS smbd_smb2_tree_connect(struct
smbd_smb2_request *req,
return NT_STATUS_BAD_NETWORK_NAME;
}
+ /* Handle non-DFS clients attempting connections to msdfs proxy */
+ if (lp_host_msdfs()) {
+ char *proxy = lp_msdfs_proxy(talloc_tos(), snum);
+
+ if ((proxy != NULL) && (*proxy != '\0')) {
+ DBG_NOTICE("refusing connection to dfs proxy share "
+ "'%s' (pointing to %s)\n",
+ service,
+ proxy);
+ TALLOC_FREE(proxy);
+ return NT_STATUS_BAD_NETWORK_NAME;
+ }
+ TALLOC_FREE(proxy);
+ }
+
if ((lp_smb_encrypt(snum) >= SMB_SIGNING_DESIRED) &&
(conn->smb2.server.cipher != 0))
{
diff --git a/source3/winbindd/idmap_ad_nss.c b/source3/winbindd/idmap_ad_nss.c
index d65e1e9..0fd2b51 100644
--- a/source3/winbindd/idmap_ad_nss.c
+++ b/source3/winbindd/idmap_ad_nss.c
@@ -290,7 +290,7 @@ static NTSTATUS nss_ad_map_from_alias( TALLOC_CTX *mem_ctx,
LDAPMessage *msg = NULL;
ADS_STATUS ads_status = ADS_ERROR_NT(NT_STATUS_UNSUCCESSFUL);
NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
- char *username;
+ char *username = NULL;
struct idmap_domain *dom;
struct idmap_ad_context *ctx = NULL;
@@ -339,7 +339,8 @@ static NTSTATUS nss_ad_map_from_alias( TALLOC_CTX *mem_ctx,
username = ads_pull_string(ctx->ads, mem_ctx, msg,
"sAMAccountName");
if (!username) {
- return NT_STATUS_OBJECT_NAME_NOT_FOUND;
+ nt_status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
+ goto done;
}
*name = talloc_asprintf(mem_ctx, "%s\\%s",
@@ -353,9 +354,8 @@ static NTSTATUS nss_ad_map_from_alias( TALLOC_CTX *mem_ctx,
nt_status = NT_STATUS_OK;
done:
- if (filter) {
- talloc_destroy(filter);
- }
+ TALLOC_FREE(username);
+ TALLOC_FREE(filter);
if (msg) {
ads_msgfree(ctx->ads, msg);
}
diff --git a/source4/torture/vfs/fruit.c b/source4/torture/vfs/fruit.c
index 65109cc..9310d05 100644
--- a/source4/torture/vfs/fruit.c
+++ b/source4/torture/vfs/fruit.c
@@ -1264,7 +1264,7 @@ static bool enable_aapl(struct torture_context *tctx,
DATA_BLOB data;
struct smb2_create_blob *aapl = NULL;
uint32_t aapl_server_caps;
- uint32_t expexted_scaps = (SMB2_CRTCTX_AAPL_UNIX_BASED |
+ uint32_t expected_scaps = (SMB2_CRTCTX_AAPL_UNIX_BASED |
SMB2_CRTCTX_AAPL_SUPPORTS_READ_DIR_ATTR |
SMB2_CRTCTX_AAPL_SUPPORTS_NFS_ACE |
SMB2_CRTCTX_AAPL_SUPPORTS_OSX_COPYFILE);
@@ -1313,17 +1313,17 @@ static bool enable_aapl(struct torture_context *tctx,
torture_assert_goto(tctx, aapl != NULL, ret, done, "missing AAPL
context");
if (!is_osx_server) {
- size_t exptected_aapl_ctx_size;
+ size_t expected_aapl_ctx_size;
- exptected_aapl_ctx_size = strlen("MacSamba") * 2 + 40;
+ expected_aapl_ctx_size = strlen("MacSamba") * 2 + 40;
torture_assert_goto(
- tctx, aapl->data.length == exptected_aapl_ctx_size,
+ tctx, aapl->data.length == expected_aapl_ctx_size,
ret, done, "bad AAPL size");
}
aapl_server_caps = BVAL(aapl->data.data, 16);
- torture_assert_goto(tctx, aapl_server_caps == expexted_scaps,
+ torture_assert_goto(tctx, aapl_server_caps == expected_scaps,
ret, done, "bad AAPL caps");
done:
@@ -2044,6 +2044,7 @@ static bool test_aapl(struct torture_context *tctx,
unsigned int count;
union smb_search_data *d;
uint64_t rfork_len;
+ bool is_osx_server = torture_setting_bool(tctx, "osx", false);
smb2_deltree(tree, BASEDIR);
@@ -2100,7 +2101,10 @@ static bool test_aapl(struct torture_context *tctx,
goto done;
}
- if (aapl->data.length != 50) {
+ if (!is_osx_server) {
+ size_t expected_aapl_ctx_size;
+ bool size_ok;
+
/*
* uint32_t CommandCode = kAAPL_SERVER_QUERY
* uint32_t Reserved = 0;
@@ -2113,11 +2117,12 @@ static bool test_aapl(struct torture_context *tctx,
* kAAPL_CASE_SENSITIVE;
* uint32_t Pad2 = 0;
* uint32_t ModelStringLen = 10;
- * ucs2_t ModelString[5] = "Samba";
+ * ucs2_t ModelString[5] = "MacSamba";
*/
- torture_warning(tctx,
- "(%s) unexpected AAPL context length: %zd,
expected 50",
- __location__, aapl->data.length);
+ expected_aapl_ctx_size = strlen("MacSamba") * 2 + 40;
+
+ size_ok = aapl->data.length == expected_aapl_ctx_size;
+ torture_assert_goto(tctx, size_ok, ret, done, "bad AAPL size");
}
aapl_cmd = IVAL(aapl->data.data, 0);
--
Samba Shared Repository
