The branch, master has been updated
via 7082902d56a ldap_client: Make ldap_parse_basic_url() IPv6-address
aware
via 61bc99362a3 ldap_client: Align integer types
via 011a2a82953 ldap_client: Make ldap_parse_basic_url take care of
ldapi as well
via 9d988ce090f pdb_dsdb: Fix typos
via 9f3d2ba7ee9 ldb_ldap: Fix a memleak
from 3cc0f1eeda5 CVE-2020-14303: s4 nbt: fix busy loop on empty UDP
packet
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 7082902d56ab1aa824e6b86bceaa7e1a14b6ef29
Author: Volker Lendecke <v...@samba.org>
Date: Wed Jul 1 16:10:17 2020 +0200
ldap_client: Make ldap_parse_basic_url() IPv6-address aware
Signed-off-by: Volker Lendecke <v...@samba.org>
Reviewed-by: Alexander Bokovoy <a...@samba.org>
Autobuild-User(master): Volker Lendecke <v...@samba.org>
Autobuild-Date(master): Thu Jul 2 12:01:06 UTC 2020 on sn-devel-184
commit 61bc99362a385fc8b59197c416f480a1054054b6
Author: Volker Lendecke <v...@samba.org>
Date: Fri Jun 26 08:31:30 2020 +0200
ldap_client: Align integer types
Signed-off-by: Volker Lendecke <v...@samba.org>
Reviewed-by: Alexander Bokovoy <a...@samba.org>
commit 011a2a82953fa910e1e7dee9862fbb5deaae8651
Author: Volker Lendecke <v...@samba.org>
Date: Thu Jun 25 21:20:04 2020 +0200
ldap_client: Make ldap_parse_basic_url take care of ldapi as well
SUSV4's sscanf has the %m modifier, which allocates the right
amount. Remove those SMB_ASSERTS for string buffers.
Signed-off-by: Volker Lendecke <v...@samba.org>
Reviewed-by: Alexander Bokovoy <a...@samba.org>
commit 9d988ce090fa1755ac203d74b759f210249966ed
Author: Volker Lendecke <v...@samba.org>
Date: Thu Jun 25 15:59:48 2020 +0200
pdb_dsdb: Fix typos
Signed-off-by: Volker Lendecke <v...@samba.org>
Reviewed-by: Alexander Bokovoy <a...@samba.org>
commit 9f3d2ba7ee9e41ddeee376aa74785199ef3dc8a2
Author: Volker Lendecke <v...@samba.org>
Date: Wed Jun 24 16:50:34 2020 +0200
ldb_ldap: Fix a memleak
Don't allocate a temporary value on a long-term context
Signed-off-by: Volker Lendecke <v...@samba.org>
Reviewed-by: David Mulder <dmul...@samba.org>
-----------------------------------------------------------------------
Summary of changes:
lib/ldb/ldb_ldap/ldb_ldap.c | 2 +-
source3/passdb/pdb_samba_dsdb.c | 6 +-
source4/libcli/ldap/ldap_client.c | 180 +++++++++++++++++++++++---------------
3 files changed, 114 insertions(+), 74 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/ldb/ldb_ldap/ldb_ldap.c b/lib/ldb/ldb_ldap/ldb_ldap.c
index 0531f8a62ae..7545a587c31 100644
--- a/lib/ldb/ldb_ldap/ldb_ldap.c
+++ b/lib/ldb/ldb_ldap/ldb_ldap.c
@@ -398,7 +398,7 @@ static int lldb_rename(struct lldb_context *lldb_ac)
if ((rdn_name != NULL) && (rdn_val != NULL)) {
newrdn = talloc_asprintf(lldb_ac, "%s=%s", rdn_name,
- rdn_val->length > 0 ?
ldb_dn_escape_value(lldb, *rdn_val) : "");
+ rdn_val->length > 0 ?
ldb_dn_escape_value(lldb_ac, *rdn_val) : "");
} else {
newrdn = talloc_strdup(lldb_ac, "");
}
diff --git a/source3/passdb/pdb_samba_dsdb.c b/source3/passdb/pdb_samba_dsdb.c
index c5f8d479fb6..276bda88efc 100644
--- a/source3/passdb/pdb_samba_dsdb.c
+++ b/source3/passdb/pdb_samba_dsdb.c
@@ -791,7 +791,7 @@ static NTSTATUS pdb_samba_dsdb_delete_user(struct
pdb_methods *m,
/* This interface takes a fully populated struct samu and places it in
* the database. This is not implemented at this time as we need to
- * be careful around the creation of arbitary SIDs (ie, we must ensrue
+ * be careful around the creation of arbitrary SIDs (ie, we must ensure
* they are not left in a RID pool */
static NTSTATUS pdb_samba_dsdb_add_sam_account(struct pdb_methods *m,
struct samu *sampass)
@@ -880,8 +880,8 @@ static NTSTATUS pdb_samba_dsdb_rename_sam_account(struct
pdb_methods *m,
return NT_STATUS_NOT_IMPLEMENTED;
}
-/* This is not implemented, as this module is exptected to be used
- * with auth_samba_dsdb, and this is responible for login counters etc
+/* This is not implemented, as this module is expected to be used
+ * with auth_samba_dsdb, and this is responsible for login counters etc
*
*/
static NTSTATUS pdb_samba_dsdb_update_login_attempts(struct pdb_methods *m,
diff --git a/source4/libcli/ldap/ldap_client.c
b/source4/libcli/ldap/ldap_client.c
index abe4e523585..8614ccdfd54 100644
--- a/source4/libcli/ldap/ldap_client.c
+++ b/source4/libcli/ldap/ldap_client.c
@@ -321,43 +321,102 @@ static void ldap_connection_recv_done(struct tevent_req
*subreq)
return;
}
-/*
- parse a ldap URL
-*/
-static NTSTATUS ldap_parse_basic_url(TALLOC_CTX *mem_ctx, const char *url,
- char **host, uint16_t *port, bool *ldaps)
+enum ldap_proto {
+ LDAP_PROTO_NONE,
+ LDAP_PROTO_LDAP,
+ LDAP_PROTO_LDAPS,
+ LDAP_PROTO_LDAPI
+};
+
+static int ldap_parse_basic_url(
+ const char *url,
+ enum ldap_proto *pproto,
+ TALLOC_CTX *mem_ctx,
+ char **pdest, /* path for ldapi, host for ldap[s] */
+ uint16_t *pport) /* Not set for ldapi */
{
- int tmp_port = 0;
- char protocol[11];
- char tmp_host[1025];
- int ret;
+ enum ldap_proto proto = LDAP_PROTO_NONE;
+ char *host = NULL;
+ int ret, port;
+
+ if (url == NULL) {
+ return EINVAL;
+ }
+
+ if (strncasecmp_m(url, "ldapi://", strlen("ldapi://")) == 0) {
+ char *path = NULL, *end = NULL;
+
+ path = talloc_strdup(mem_ctx, url+8);
+ if (path == NULL) {
+ return ENOMEM;
+ }
+ end = rfc1738_unescape(path);
+ if (end == NULL) {
+ TALLOC_FREE(path);
+ return EINVAL;
+ }
- /* Paranoia check */
- SMB_ASSERT(sizeof(protocol)>10 && sizeof(tmp_host)>254);
-
- ret = sscanf(url, "%10[^:]://%254[^:/]:%d", protocol, tmp_host,
&tmp_port);
- if (ret < 2) {
- return NT_STATUS_INVALID_PARAMETER;
+ *pproto = LDAP_PROTO_LDAPI;
+ *pdest = path;
+ return 0;
}
- if (strequal(protocol, "ldap")) {
- *port = 389;
- *ldaps = false;
- } else if (strequal(protocol, "ldaps")) {
- *port = 636;
- *ldaps = true;
- } else {
- DEBUG(0, ("unrecognised ldap protocol (%s)!\n", protocol));
- return NT_STATUS_PROTOCOL_UNREACHABLE;
+ if (strncasecmp_m(url, "ldap://";, strlen("ldap://";)) == 0) {
+ url += 7;
+ proto = LDAP_PROTO_LDAP;
+ port = 389;
+ }
+ if (strncasecmp_m(url, "ldaps://", strlen("ldaps://")) == 0) {
+ url += 8;
+ port = 636;
+ proto = LDAP_PROTO_LDAPS;
+ }
+
+ if (proto == LDAP_PROTO_NONE) {
+ return EPROTONOSUPPORT;
}
- if (tmp_port != 0)
- *port = tmp_port;
+ if (url[0] == '[') {
+ /*
+ * IPv6 with [aa:bb:cc..]:port
+ */
+ const char *end = NULL;
- *host = talloc_strdup(mem_ctx, tmp_host);
- NT_STATUS_HAVE_NO_MEMORY(*host);
+ url +=1;
- return NT_STATUS_OK;
+ end = strchr(url, ']');
+ if (end == NULL) {
+ return EINVAL;
+ }
+
+ ret = sscanf(end+1, ":%d", &port);
+ if (ret < 0) {
+ return EINVAL;
+ }
+
+ *pdest = talloc_strndup(mem_ctx, url, end-url);
+ if (*pdest == NULL) {
+ return ENOMEM;
+ }
+ *pproto = proto;
+ *pport = port;
+ return 0;
+ }
+
+ ret = sscanf(url, "%m[^:/]:%d", &host, &port);
+ if (ret < 1) {
+ return EINVAL;
+ }
+
+ *pdest = talloc_strdup(mem_ctx, host);
+ SAFE_FREE(host);
+ if (*pdest == NULL) {
+ return ENOMEM;
+ }
+ *pproto = proto;
+ *pport = port;
+
+ return 0;
}
/*
@@ -381,7 +440,9 @@ _PUBLIC_ struct composite_context *ldap_connect_send(struct
ldap_connection *con
{
struct composite_context *result, *ctx;
struct ldap_connect_state *state;
- char protocol[11];
+ enum ldap_proto proto;
+ char *dest = NULL;
+ uint16_t port;
int ret;
result = talloc_zero(conn, struct composite_context);
@@ -402,30 +463,21 @@ _PUBLIC_ struct composite_context
*ldap_connect_send(struct ldap_connection *con
if (conn->reconnect.url == NULL) goto failed;
}
- /* Paranoia check */
- SMB_ASSERT(sizeof(protocol)>10);
-
- ret = sscanf(url, "%10[^:]://", protocol);
- if (ret < 1) {
- return NULL;
+ ret = ldap_parse_basic_url(url, &proto, conn, &dest, &port);
+ if (ret != 0) {
+ composite_error(result, map_nt_error_from_unix_common(ret));
+ return result;
}
- if (strequal(protocol, "ldapi")) {
+ if (proto == LDAP_PROTO_LDAPI) {
struct socket_address *unix_addr;
- char path[1025];
- char *end = NULL;
NTSTATUS status = socket_create(state, "unix",
SOCKET_TYPE_STREAM,
&state->sock, 0);
if (!NT_STATUS_IS_OK(status)) {
return NULL;
}
- SMB_ASSERT(sizeof(protocol)>10);
- SMB_ASSERT(sizeof(path)>1024);
-
- /* LDAPI connections are to localhost, so give the
- * local host name as the target for gensec's
- * DIGEST-MD5 mechanism */
+
conn->host = talloc_asprintf(conn, "%s.%s",
lpcfg_netbios_name(conn->lp_ctx),
lpcfg_dnsdomain(conn->lp_ctx));
@@ -433,22 +485,8 @@ _PUBLIC_ struct composite_context
*ldap_connect_send(struct ldap_connection *con
return result;
}
- /* The %c specifier doesn't null terminate :-( */
- ZERO_STRUCT(path);
- ret = sscanf(url, "%10[^:]://%1025c", protocol, path);
- if (ret < 2) {
- composite_error(state->ctx,
NT_STATUS_INVALID_PARAMETER);
- return result;
- }
-
- end = rfc1738_unescape(path);
- if (end == NULL) {
- composite_error(state->ctx,
- NT_STATUS_INVALID_PARAMETER);
- return result;
- }
unix_addr = socket_address_from_strings(state,
state->sock->backend_name,
- path, 0);
+ dest, 0);
if (composite_nomem(unix_addr, result)) {
return result;
}
@@ -458,13 +496,14 @@ _PUBLIC_ struct composite_context
*ldap_connect_send(struct ldap_connection *con
ctx->async.fn = ldap_connect_recv_unix_conn;
ctx->async.private_data = state;
return result;
- } else {
- NTSTATUS status = ldap_parse_basic_url(conn, url, &conn->host,
- &conn->port,
&conn->ldaps);
- if (!NT_STATUS_IS_OK(status)) {
- composite_error(result, status);
- return result;
- }
+ }
+
+ if ((proto == LDAP_PROTO_LDAP) || (proto == LDAP_PROTO_LDAPS)) {
+
+ conn->ldaps = (proto == LDAP_PROTO_LDAPS);
+
+ conn->host = talloc_move(conn, &dest);
+ conn->port = port;
if (conn->ldaps) {
char *ca_file = lpcfg_tls_cafile(state, conn->lp_ctx);
@@ -472,6 +511,7 @@ _PUBLIC_ struct composite_context *ldap_connect_send(struct
ldap_connection *con
const char *tls_priority =
lpcfg_tls_priority(conn->lp_ctx);
enum tls_verify_peer_state verify_peer =
lpcfg_tls_verify_peer(conn->lp_ctx);
+ NTSTATUS status;
status = tstream_tls_params_client(state,
ca_file,
@@ -941,7 +981,7 @@ static const struct {
*/
_PUBLIC_ NTSTATUS ldap_check_response(struct ldap_connection *conn, struct
ldap_Result *r)
{
- int i;
+ size_t i;
const char *codename = "unknown";
if (r->resultcode == LDAP_SUCCESS) {
@@ -953,7 +993,7 @@ _PUBLIC_ NTSTATUS ldap_check_response(struct
ldap_connection *conn, struct ldap_
}
for (i=0;i<ARRAY_SIZE(ldap_code_map);i++) {
- if (r->resultcode == ldap_code_map[i].code) {
+ if ((enum ldap_result_code)r->resultcode ==
ldap_code_map[i].code) {
codename = ldap_code_map[i].str;
break;
}
@@ -1021,7 +1061,7 @@ _PUBLIC_ NTSTATUS ldap_result_one(struct ldap_request
*req, struct ldap_message
if (!NT_STATUS_IS_OK(status)) {
return status;
}
- if ((*msg) != NULL && (*msg)->type != type) {
+ if ((*msg) != NULL && (*msg)->type != (enum ldap_request_tag)type) {
*msg = NULL;
return NT_STATUS_UNEXPECTED_NETWORK_ERROR;
}
--
Samba Shared Repository
