The branch, master has been updated
via 024571a7a85 waf: Add support for MemorySanitizer
via b3d7df58a03 s3:torture: Remove unused variable
via e57fa881199 s3:utils: Remove unused variable
via a94adedd0ef s3:netapi: Remove unused variables
via 5447d7fb75f s3:modules: Initialize pointer with NULL
via c462a0b78da s4:modules: Move structs with dynamic arrays to end of
struct
via ea723fb7099 s3:modules: Ignore -Wunused-but-set-variable for
autogenerated code
via 54413a49f5a s3:printing: Remove unused variable
via a77c56e4ed6 s3:printing: Remove trailing whitespaces in vlp.c
via 1379b0e13c0 lib:ldb-samba: Correctly handle search scope
via 981dcccfd9d nsswitch: Fix getting data out of pam_get_data()
via d7bc74afcc1 s4:samdb: Remove unused variable
via e0b46f3ca64 s4:samdb: Remove trailing whitespaces
via 8b7fcfa5771 s3:winbind: Remove unused variable
via f266e9e2dca s3:rpcsrv:eventlog: Remove unused variable
via 91e7351db39 s3:smbd: Don't assign variable to itself
via bd5b093cc02 s3:libsmb: Remove unused variable 'i'
via 2cc5b0745a9 auth/credentials: Fix unitialized data
via 7f123bbd4ed auth/credentials: Fix trailing whitespaces
from e26a01a48c4 pidl: avoid py compile issues with --pidl-developer
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 024571a7a85a7c4a81e0ee6bf9f228477275365e
Author: Andreas Schneider <a...@samba.org>
Date: Fri Feb 3 13:43:16 2023 +0100
waf: Add support for MemorySanitizer
This currently only works with binaries. As there is no shared library for
MSAN it only is statically linked against binaries. This means if we have
e.g.
a python script trying to load ldb, it will fail with undefined symbols.
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Jeremy Allison <j...@samba.org>
Autobuild-User(master): Jeremy Allison <j...@samba.org>
Autobuild-Date(master): Mon Feb 6 23:49:04 UTC 2023 on atb-devel-224
commit b3d7df58a03e2b5419431cde510ae85c25d909c2
Author: Andreas Schneider <a...@samba.org>
Date: Fri Feb 3 20:37:58 2023 +0100
s3:torture: Remove unused variable
source3/torture/test_smb1_dfs.c:3264:11: error: variable 'accessmode' set
but
not used [-Werror,-Wunused-but-set-variable]
uint16_t accessmode = 0;
^
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Jeremy Allison <j...@samba.org>
commit e57fa88119920c5608a5096e5beaa910d117c644
Author: Andreas Schneider <a...@samba.org>
Date: Fri Feb 3 20:35:20 2023 +0100
s3:utils: Remove unused variable
source3/utils/log2pcaphex.c:138:13: error: variable 'i' set but not used
[-Werror,-Wunused-but-set-variable]
static int i = 0;
^
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Jeremy Allison <j...@samba.org>
commit a94adedd0ef335b1ee037cc2e666a5b39d57d3bc
Author: Andreas Schneider <a...@samba.org>
Date: Fri Feb 3 20:32:54 2023 +0100
s3:netapi: Remove unused variables
source3/lib/netapi/tests/netfile.c:40:22: error: variable 'i2' set but not
used
[-Werror,-Wunused-but-set-variable]
struct FILE_INFO_2 *i2 = NULL;
^
source3/lib/netapi/tests/netfile.c:41:22: error: variable 'i3' set but not
used
[-Werror,-Wunused-but-set-variable]
struct FILE_INFO_3 *i3 = NULL;
^
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Jeremy Allison <j...@samba.org>
commit 5447d7fb75fc00b17cde4dd0ecccd89e8b6f8545
Author: Andreas Schneider <a...@samba.org>
Date: Fri Feb 3 20:29:33 2023 +0100
s3:modules: Initialize pointer with NULL
source3/modules/vfs_glusterfs.c:827:6: error: variable 'glfd' is used
uninitialized whenever 'if' condition is false
[-Werror,-Wsometimes-uninitialized]
if (pglfd == NULL) {
^~~~~~~~~~~~~
source3/modules/vfs_glusterfs.c:853:6: note: uninitialized use occurs here
if (glfd == NULL) {
^~~~
source3/modules/vfs_glusterfs.c:827:2: note: remove the 'if' if its
condition is
always true
if (pglfd == NULL) {
^~~~~~~~~~~~~~~~~~~
source3/modules/vfs_glusterfs.c:763:17: note: initialize the variable
'glfd' to
silence this warning
glfs_fd_t *glfd;
^
= NULL
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Jeremy Allison <j...@samba.org>
commit c462a0b78da674514a70896fbb6f08295808015b
Author: Andreas Schneider <a...@samba.org>
Date: Fri Feb 3 15:27:22 2023 +0100
s4:modules: Move structs with dynamic arrays to end of struct
source3/modules/vfs_io_uring.c:70:22: error: field 'cqe' with variable sized
type 'struct io_uring_cqe' not at the end of a struct or class is a GNU
extension [-Werror,-Wgnu-variable-sized-type-not-at-end]
struct io_uring_cqe cqe;
^
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Jeremy Allison <j...@samba.org>
commit ea723fb7099a97dead787c6398bda49ac94d4891
Author: Andreas Schneider <a...@samba.org>
Date: Fri Feb 3 15:22:34 2023 +0100
s3:modules: Ignore -Wunused-but-set-variable for autogenerated code
source3/modules/getdate.c:1192:9: error: variable 'yynerrs' set but not used
[-Werror,-Wunused-but-set-variable]
int yynerrs;
^
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Jeremy Allison <j...@samba.org>
commit 54413a49f5a44ce50429af3b3a4fdfd385b7d3ae
Author: Andreas Schneider <a...@samba.org>
Date: Fri Feb 3 15:14:12 2023 +0100
s3:printing: Remove unused variable
source3/printing/tests/vlp.c:144:19: error: variable 'job_count' set but not
used [-Werror,-Wunused-but-set-variable]
int i, num_jobs, job_count = 0;
^
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Jeremy Allison <j...@samba.org>
commit a77c56e4ed6a8cc7646e13a6939b69da3697ae88
Author: Andreas Schneider <a...@samba.org>
Date: Fri Feb 3 15:13:56 2023 +0100
s3:printing: Remove trailing whitespaces in vlp.c
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Jeremy Allison <j...@samba.org>
commit 1379b0e13c02a95954da64a7c8619c2a2111f52a
Author: Andreas Schneider <a...@samba.org>
Date: Fri Feb 3 15:07:49 2023 +0100
lib:ldb-samba: Correctly handle search scope
lib/ldb-samba/ldb_ildap.c:482:47: error: implicit conversion from
enumeration
type 'enum ldb_scope' to different enumeration type 'enum ldap_scope'
[-Werror,-Wenum-conversion]
msg->r.SearchRequest.scope = req->op.search.scope;
~ ~~~~~~~~~~~~~~~^~~~~
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Jeremy Allison <j...@samba.org>
commit 981dcccfd9dd6ee40fe3c700cf6383df062038ea
Author: Andreas Schneider <a...@samba.org>
Date: Fri Feb 3 14:59:21 2023 +0100
nsswitch: Fix getting data out of pam_get_data()
nsswitch/pam_winbind.c:3360:24: error: cast from 'time_t **' (aka 'long
**') to
'const void **' must have all intermediate pointers const qualified to
be safe
[-Werror,-Wcast-qual]
(const void **)&pwdlastset_update);
^
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Jeremy Allison <j...@samba.org>
commit d7bc74afcc1aa1afd125385e3a8e7e9446d20917
Author: Andreas Schneider <a...@samba.org>
Date: Fri Feb 3 14:45:45 2023 +0100
s4:samdb: Remove unused variable
source4/dsdb/samdb/ldb_modules/acl.c:1646:49: error: variable 'rep_val_cnt'
set
but not used [-Werror,-Wunused-but-set-variable]
unsigned int del_val_cnt = 0, add_val_cnt = 0, rep_val_cnt = 0;
^
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Jeremy Allison <j...@samba.org>
commit e0b46f3ca64259613e87c04d5aed237f89d6ab17
Author: Andreas Schneider <a...@samba.org>
Date: Fri Feb 3 14:45:21 2023 +0100
s4:samdb: Remove trailing whitespaces
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Jeremy Allison <j...@samba.org>
commit 8b7fcfa57717c90f36d2b9e135ef50f54ac95c7d
Author: Andreas Schneider <a...@samba.org>
Date: Fri Feb 3 14:38:48 2023 +0100
s3:winbind: Remove unused variable
source3/winbindd/winbindd_ads.c:1399:6: error: variable 'ret_count' set but
not
used [-Werror,-Wunused-but-set-variable]
int ret_count;
^
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Jeremy Allison <j...@samba.org>
commit f266e9e2dca1bd052bfd781af788dc685c242be5
Author: Andreas Schneider <a...@samba.org>
Date: Fri Feb 3 14:36:41 2023 +0100
s3:rpcsrv:eventlog: Remove unused variable
source3/rpc_server/eventlog/srv_eventlog_nt.c:634:11: error: variable
'num_records_read' set but not used [-Werror,-Wunused-but-set-variable]
uint32_t num_records_read = 0;
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Jeremy Allison <j...@samba.org>
commit 91e7351db396acda03d0c7f75e57a7285e62f118
Author: Andreas Schneider <a...@samba.org>
Date: Fri Feb 3 14:30:49 2023 +0100
s3:smbd: Don't assign variable to itself
source3/smbd/msdfs.c:367:14: error: explicitly assigning value of variable
of
type 'char *' to itself [-Werror,-Wself-assign]
servicename = servicename;
~~~~~~~~~~~ ^ ~~~~~~~~~~~
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Jeremy Allison <j...@samba.org>
commit bd5b093cc02f3990bb14e3c4ff89c78a16c6d3fc
Author: Andreas Schneider <a...@samba.org>
Date: Fri Feb 3 14:25:33 2023 +0100
s3:libsmb: Remove unused variable 'i'
namecache.c:129:9: error: variable 'i' set but not used
[-Werror,-Wunused-but-set-variable]
size_t i, count;
^
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Jeremy Allison <j...@samba.org>
commit 2cc5b0745a971653553928442a3cab0ba0a0be70
Author: Pavel Filipenský <pfilipen...@samba.org>
Date: Fri Feb 3 18:52:55 2023 +0100
auth/credentials: Fix unitialized data
Fixing Red Hat internal covscan report:
Field "salt_data.magic" is uninitialized when calling
"smb_krb5_create_key_from_string".
Signed-off-by: Pavel Filipenský <pfilipen...@samba.org>
Reviewed-by: Jeremy Allison <j...@samba.org>
commit 7f123bbd4ed5a455b102bd6182840b24bfffa076
Author: Pavel Filipenský <pfilipen...@samba.org>
Date: Fri Feb 3 18:52:04 2023 +0100
auth/credentials: Fix trailing whitespaces
Signed-off-by: Pavel Filipenský <pfilipen...@samba.org>
Reviewed-by: Jeremy Allison <j...@samba.org>
-----------------------------------------------------------------------
Summary of changes:
auth/credentials/credentials_krb5.c | 92 ++++++++++++++-------------
buildtools/wafsamba/samba_autoconf.py | 15 ++++-
buildtools/wafsamba/wscript | 5 ++
lib/ldb-samba/ldb_ildap.c | 13 +++-
lib/replace/wscript | 3 +
nsswitch/pam_winbind.c | 5 +-
source3/lib/netapi/tests/netfile.c | 7 --
source3/libsmb/namecache.c | 8 ++-
source3/modules/vfs_glusterfs.c | 2 +-
source3/modules/vfs_io_uring.c | 8 +--
source3/modules/wscript_build | 5 +-
source3/printing/tests/vlp.c | 21 +++---
source3/rpc_server/eventlog/srv_eventlog_nt.c | 3 -
source3/smbd/msdfs.c | 2 -
source3/torture/test_smb1_dfs.c | 4 --
source3/utils/log2pcaphex.c | 2 -
source3/winbindd/winbindd_ads.c | 5 --
source4/dsdb/samdb/ldb_modules/acl.c | 5 +-
18 files changed, 106 insertions(+), 99 deletions(-)
Changeset truncated at 500 lines:
diff --git a/auth/credentials/credentials_krb5.c
b/auth/credentials/credentials_krb5.c
index bd47113e60c..58926bc8723 100644
--- a/auth/credentials/credentials_krb5.c
+++ b/auth/credentials/credentials_krb5.c
@@ -1,4 +1,4 @@
-/*
+/*
Unix SMB/CIFS implementation.
Handle user credentials (as regards krb5)
@@ -6,17 +6,17 @@
Copyright (C) Jelmer Vernooij 2005
Copyright (C) Tim Potter 2001
Copyright (C) Andrew Bartlett <abart...@samba.org> 2005
-
+
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
-
+
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
@@ -192,9 +192,9 @@ static uint32_t smb_gss_krb5_copy_ccache(uint32_t *min_stat,
ccc->ccache);
}
-_PUBLIC_ int cli_credentials_get_krb5_context(struct cli_credentials *cred,
+_PUBLIC_ int cli_credentials_get_krb5_context(struct cli_credentials *cred,
struct loadparm_context *lp_ctx,
- struct smb_krb5_context
**smb_krb5_context)
+ struct smb_krb5_context **smb_krb5_context)
{
int ret;
if (cred->smb_krb5_context) {
@@ -215,7 +215,7 @@ _PUBLIC_ int cli_credentials_get_krb5_context(struct
cli_credentials *cred,
/* For most predictable behaviour, this needs to be called directly after the
cli_credentials_init(),
* otherwise we may still have references to the old smb_krb5_context in a
credential cache etc
*/
-_PUBLIC_ NTSTATUS cli_credentials_set_krb5_context(struct cli_credentials
*cred,
+_PUBLIC_ NTSTATUS cli_credentials_set_krb5_context(struct cli_credentials
*cred,
struct smb_krb5_context
*smb_krb5_context)
{
if (smb_krb5_context == NULL) {
@@ -231,7 +231,7 @@ _PUBLIC_ NTSTATUS cli_credentials_set_krb5_context(struct
cli_credentials *cred,
return NT_STATUS_OK;
}
-static int cli_credentials_set_from_ccache(struct cli_credentials *cred,
+static int cli_credentials_set_from_ccache(struct cli_credentials *cred,
struct ccache_container *ccache,
enum credentials_obtained obtained,
const char **error_string)
@@ -246,7 +246,7 @@ static int cli_credentials_set_from_ccache(struct
cli_credentials *cred,
return 0;
}
- ret = krb5_cc_get_principal(ccache->smb_krb5_context->krb5_context,
+ ret = krb5_cc_get_principal(ccache->smb_krb5_context->krb5_context,
ccache->ccache, &princ);
if (ret) {
@@ -255,7 +255,7 @@ static int cli_credentials_set_from_ccache(struct
cli_credentials *cred,
ret, cred));
return ret;
}
-
+
ret = krb5_unparse_name(ccache->smb_krb5_context->krb5_context, princ,
&name);
if (ret) {
(*error_string) = talloc_asprintf(cred, "failed to unparse
principal from ccache: %s\n",
@@ -289,7 +289,7 @@ static int cli_credentials_set_from_ccache(struct
cli_credentials *cred,
return 0;
}
-_PUBLIC_ int cli_credentials_set_ccache(struct cli_credentials *cred,
+_PUBLIC_ int cli_credentials_set_ccache(struct cli_credentials *cred,
struct loadparm_context *lp_ctx,
const char *name,
enum credentials_obtained obtained,
@@ -594,7 +594,7 @@ _PUBLIC_ bool cli_credentials_failed_kerberos_login(struct
cli_credentials *cred
}
-static int cli_credentials_new_ccache(struct cli_credentials *cred,
+static int cli_credentials_new_ccache(struct cli_credentials *cred,
struct loadparm_context *lp_ctx,
char *ccache_name,
struct ccache_container **_ccc,
@@ -625,10 +625,10 @@ static int cli_credentials_new_ccache(struct
cli_credentials *cred,
must_free_cc_name = true;
if (lpcfg_parm_bool(lp_ctx, NULL, "credentials",
"krb5_cc_file", false)) {
- ccache_name = talloc_asprintf(ccc,
"FILE:/tmp/krb5_cc_samba_%u_%p",
+ ccache_name = talloc_asprintf(ccc,
"FILE:/tmp/krb5_cc_samba_%u_%p",
(unsigned int)getpid(),
ccc);
} else {
- ccache_name = talloc_asprintf(ccc, "MEMORY:%p",
+ ccache_name = talloc_asprintf(ccc, "MEMORY:%p",
ccc);
}
@@ -639,7 +639,7 @@ static int cli_credentials_new_ccache(struct
cli_credentials *cred,
}
}
- ret = krb5_cc_resolve(ccc->smb_krb5_context->krb5_context, ccache_name,
+ ret = krb5_cc_resolve(ccc->smb_krb5_context->krb5_context, ccache_name,
&ccc->ccache);
if (ret) {
(*error_string) = talloc_asprintf(cred, "failed to resolve a
krb5 ccache (%s): %s\n",
@@ -666,7 +666,7 @@ static int cli_credentials_new_ccache(struct
cli_credentials *cred,
return 0;
}
-_PUBLIC_ int cli_credentials_get_named_ccache(struct cli_credentials *cred,
+_PUBLIC_ int cli_credentials_get_named_ccache(struct cli_credentials *cred,
struct tevent_context *event_ctx,
struct loadparm_context *lp_ctx,
char *ccache_name,
@@ -675,12 +675,12 @@ _PUBLIC_ int cli_credentials_get_named_ccache(struct
cli_credentials *cred,
{
krb5_error_code ret;
enum credentials_obtained obtained;
-
+
if (cred->machine_account_pending) {
cli_credentials_set_machine_account(cred, lp_ctx);
}
- if (cred->ccache_obtained >= cred->ccache_threshold &&
+ if (cred->ccache_obtained >= cred->ccache_threshold &&
cred->ccache_obtained > CRED_UNINITIALISED) {
time_t lifetime;
bool expired = false;
@@ -696,7 +696,7 @@ _PUBLIC_ int cli_credentials_get_named_ccache(struct
cli_credentials *cred,
cli_credentials_get_principal(cred,
cred)));
expired = true;
} else if (lifetime < 300) {
- DEBUG(3, ("Ticket in credentials cache for %s
will shortly expire (%u secs), will refresh\n",
+ DEBUG(3, ("Ticket in credentials cache for %s
will shortly expire (%u secs), will refresh\n",
cli_credentials_get_principal(cred,
cred), (unsigned int)lifetime));
expired = true;
}
@@ -707,9 +707,9 @@ _PUBLIC_ int cli_credentials_get_named_ccache(struct
cli_credentials *cred,
return ret;
}
- DEBUG(5, ("Ticket in credentials cache for %s will expire in %u
secs\n",
+ DEBUG(5, ("Ticket in credentials cache for %s will expire in %u
secs\n",
cli_credentials_get_principal(cred, cred), (unsigned
int)lifetime));
-
+
if (!expired) {
*ccc = cred->ccache;
return 0;
@@ -730,9 +730,9 @@ _PUBLIC_ int cli_credentials_get_named_ccache(struct
cli_credentials *cred,
return ret;
}
- ret = cli_credentials_set_from_ccache(cred, *ccc,
+ ret = cli_credentials_set_from_ccache(cred, *ccc,
obtained, error_string);
-
+
cred->ccache = *ccc;
cred->ccache_obtained = cred->principal_obtained;
if (ret) {
@@ -742,7 +742,7 @@ _PUBLIC_ int cli_credentials_get_named_ccache(struct
cli_credentials *cred,
return 0;
}
-_PUBLIC_ int cli_credentials_get_ccache(struct cli_credentials *cred,
+_PUBLIC_ int cli_credentials_get_ccache(struct cli_credentials *cred,
struct tevent_context *event_ctx,
struct loadparm_context *lp_ctx,
struct ccache_container **ccc,
@@ -761,7 +761,7 @@ static void
cli_credentials_unconditionally_invalidate_client_gss_creds(struct c
cred->client_gss_creds_obtained = CRED_UNINITIALISED;
}
-void cli_credentials_invalidate_client_gss_creds(struct cli_credentials *cred,
+void cli_credentials_invalidate_client_gss_creds(struct cli_credentials *cred,
enum credentials_obtained
obtained)
{
/* If the caller just changed the username/password etc, then
@@ -794,7 +794,7 @@ static void
cli_credentials_unconditionally_invalidate_ccache(struct cli_credent
cli_credentials_unconditionally_invalidate_client_gss_creds(cred);
}
-_PUBLIC_ void cli_credentials_invalidate_ccache(struct cli_credentials *cred,
+_PUBLIC_ void cli_credentials_invalidate_ccache(struct cli_credentials *cred,
enum credentials_obtained obtained)
{
/* If the caller just changed the username/password etc, then
@@ -814,7 +814,7 @@ _PUBLIC_ void cli_credentials_invalidate_ccache(struct
cli_credentials *cred,
cred->ccache_threshold = obtained;
}
- cli_credentials_invalidate_client_gss_creds(cred,
+ cli_credentials_invalidate_client_gss_creds(cred,
obtained);
}
@@ -825,7 +825,7 @@ static int free_gssapi_creds(struct gssapi_creds_container
*gcc)
return 0;
}
-_PUBLIC_ int cli_credentials_get_client_gss_creds(struct cli_credentials
*cred,
+_PUBLIC_ int cli_credentials_get_client_gss_creds(struct cli_credentials *cred,
struct tevent_context
*event_ctx,
struct loadparm_context
*lp_ctx,
struct gssapi_creds_container
**_gcc,
@@ -841,12 +841,12 @@ _PUBLIC_ int cli_credentials_get_client_gss_creds(struct
cli_credentials *cred,
#endif
krb5_enctype *etypes = NULL;
- if (cred->client_gss_creds_obtained >= cred->client_gss_creds_threshold
&&
+ if (cred->client_gss_creds_obtained >= cred->client_gss_creds_threshold
&&
cred->client_gss_creds_obtained > CRED_UNINITIALISED) {
bool expired = false;
OM_uint32 lifetime = 0;
gss_cred_usage_t usage = 0;
- maj_stat = gss_inquire_cred(&min_stat,
cred->client_gss_creds->creds,
+ maj_stat = gss_inquire_cred(&min_stat,
cred->client_gss_creds->creds,
NULL, &lifetime, &usage, NULL);
if (maj_stat == GSS_S_CREDENTIALS_EXPIRED) {
DEBUG(3, ("Credentials for %s expired, must refresh
credentials cache\n", cli_credentials_get_principal(cred, cred)));
@@ -862,9 +862,9 @@ _PUBLIC_ int cli_credentials_get_client_gss_creds(struct
cli_credentials *cred,
if (expired) {
cli_credentials_unconditionally_invalidate_client_gss_creds(cred);
} else {
- DEBUG(5, ("GSSAPI credentials for %s will expire in %u
secs\n",
+ DEBUG(5, ("GSSAPI credentials for %s will expire in %u
secs\n",
cli_credentials_get_principal(cred, cred),
(unsigned int)lifetime));
-
+
*_gcc = cred->client_gss_creds;
return 0;
}
@@ -994,13 +994,13 @@ _PUBLIC_ int cli_credentials_get_client_gss_creds(struct
cli_credentials *cred,
This grabs the credentials both 'intact' and getting the krb5
ccache out of it. This routine can be generalised in future for
- the case where we deal with GSSAPI mechs other than krb5.
+ the case where we deal with GSSAPI mechs other than krb5.
On sucess, the caller must not free gssapi_cred, as it now belongs
to the credentials system.
*/
- int cli_credentials_set_client_gss_creds(struct cli_credentials *cred,
+ int cli_credentials_set_client_gss_creds(struct cli_credentials *cred,
struct loadparm_context *lp_ctx,
gss_cred_id_t gssapi_cred,
enum credentials_obtained obtained,
@@ -1047,8 +1047,8 @@ _PUBLIC_ int cli_credentials_get_client_gss_creds(struct
cli_credentials *cred,
if (ret == 0) {
gcc->creds = gssapi_cred;
talloc_set_destructor(gcc, free_gssapi_creds);
-
- /* set the clinet_gss_creds_obtained here, as it just
+
+ /* set the clinet_gss_creds_obtained here, as it just
got set to UNINITIALISED by the calls above */
cred->client_gss_creds_obtained = obtained;
cred->client_gss_creds = gcc;
@@ -1146,7 +1146,7 @@ _PUBLIC_ struct cli_credentials
*cli_credentials_shallow_copy(TALLOC_CTX *mem_ct
* attached to this context. If this hasn't been done or set before,
* it will be generated from the password.
*/
-_PUBLIC_ int cli_credentials_get_keytab(struct cli_credentials *cred,
+_PUBLIC_ int cli_credentials_get_keytab(struct cli_credentials *cred,
struct loadparm_context *lp_ctx,
struct keytab_container **_ktc)
{
@@ -1162,7 +1162,7 @@ _PUBLIC_ int cli_credentials_get_keytab(struct
cli_credentials *cred,
char *salt_principal = NULL;
uint32_t uac_flags = 0;
- if (cred->keytab_obtained >= (MAX(cred->principal_obtained,
+ if (cred->keytab_obtained >= (MAX(cred->principal_obtained,
cred->username_obtained))) {
*_ktc = cred->keytab;
return 0;
@@ -1237,7 +1237,7 @@ _PUBLIC_ int cli_credentials_get_keytab(struct
cli_credentials *cred,
return ret;
}
- cred->keytab_obtained = (MAX(cred->principal_obtained,
+ cred->keytab_obtained = (MAX(cred->principal_obtained,
cred->username_obtained));
/* We make this keytab up based on a password. Therefore
@@ -1255,7 +1255,7 @@ _PUBLIC_ int cli_credentials_get_keytab(struct
cli_credentials *cred,
/* Given the name of a keytab (presumably in the format
* FILE:/etc/krb5.keytab), open it and attach it */
-_PUBLIC_ int cli_credentials_set_keytab_name(struct cli_credentials *cred,
+_PUBLIC_ int cli_credentials_set_keytab_name(struct cli_credentials *cred,
struct loadparm_context *lp_ctx,
const char *keytab_name,
enum credentials_obtained obtained)
@@ -1296,7 +1296,7 @@ _PUBLIC_ int cli_credentials_set_keytab_name(struct
cli_credentials *cred,
/* Get server gss credentials (in gsskrb5, this means the keytab) */
-_PUBLIC_ int cli_credentials_get_server_gss_creds(struct cli_credentials
*cred,
+_PUBLIC_ int cli_credentials_get_server_gss_creds(struct cli_credentials *cred,
struct loadparm_context
*lp_ctx,
struct gssapi_creds_container
**_gcc)
{
@@ -1375,7 +1375,7 @@ _PUBLIC_ int cli_credentials_get_server_gss_creds(struct
cli_credentials *cred,
return ret;
}
-/**
+/**
* Set Kerberos KVNO
*/
@@ -1395,12 +1395,12 @@ _PUBLIC_ int cli_credentials_get_kvno(struct
cli_credentials *cred)
}
-const char *cli_credentials_get_salt_principal(struct cli_credentials *cred)
+const char *cli_credentials_get_salt_principal(struct cli_credentials *cred)
{
return cred->salt_principal;
}
-_PUBLIC_ void cli_credentials_set_salt_principal(struct cli_credentials *cred,
const char *principal)
+_PUBLIC_ void cli_credentials_set_salt_principal(struct cli_credentials *cred,
const char *principal)
{
talloc_free(cred->salt_principal);
cred->salt_principal = talloc_strdup(cred, principal);
@@ -1475,7 +1475,9 @@ _PUBLIC_ int cli_credentials_get_aes256_key(struct
cli_credentials *cred,
int ret;
const char *password = NULL;
krb5_data cleartext_data;
- krb5_data salt_data;
+ krb5_data salt_data = {
+ .length = 0,
+ };
krb5_keyblock key;
if (cred->password_will_be_nt_hash) {
diff --git a/buildtools/wafsamba/samba_autoconf.py
b/buildtools/wafsamba/samba_autoconf.py
index 2e00f52230f..b047fe421b4 100644
--- a/buildtools/wafsamba/samba_autoconf.py
+++ b/buildtools/wafsamba/samba_autoconf.py
@@ -830,8 +830,10 @@ int main(void) {
if (Options.options.address_sanitizer or
Options.options.undefined_sanitizer):
conf.ADD_CFLAGS('-g -O1', testflags=True)
- if Options.options.address_sanitizer:
+ if (Options.options.address_sanitizer
+ or Options.options.memory_sanitizer):
conf.ADD_CFLAGS('-fno-omit-frame-pointer', testflags=True)
+ if Options.options.address_sanitizer:
conf.ADD_CFLAGS('-fsanitize=address', testflags=True)
conf.ADD_LDFLAGS('-fsanitize=address', testflags=True)
conf.env['ADDRESS_SANITIZER'] = True
@@ -842,6 +844,13 @@ int main(void) {
conf.ADD_LDFLAGS('-fsanitize=undefined', testflags=True)
conf.env['UNDEFINED_SANITIZER'] = True
+ # MemorySanitizer is only available if you build with clang
+ if Options.options.memory_sanitizer:
+ conf.ADD_CFLAGS('-g -O2', testflags=True)
+ conf.ADD_CFLAGS('-fsanitize=memory', testflags=True)
+ conf.ADD_CFLAGS('-fsanitize-memory-track-origins=2', testflags=True)
+ conf.ADD_LDFLAGS('-fsanitize=memory')
+ conf.env['MEMORY_SANITIZER'] = True
# Let people pass an additional ADDITIONAL_{CFLAGS,LDFLAGS}
# environment variables which are only used the for final build.
@@ -986,7 +995,9 @@ def SETUP_CONFIGURE_CACHE(conf, enable):
@conf
def SAMBA_CHECK_UNDEFINED_SYMBOL_FLAGS(conf):
- if Options.options.address_sanitizer or Options.options.enable_libfuzzer:
+ if (Options.options.address_sanitizer
+ or Options.options.memory_sanitizer
+ or Options.options.enable_libfuzzer):
# Sanitizers can rely on symbols undefined at library link time and the
# symbols used for fuzzers are only defined by compiler wrappers.
return
diff --git a/buildtools/wafsamba/wscript b/buildtools/wafsamba/wscript
index 8729b0829da..a33d26706a5 100644
--- a/buildtools/wafsamba/wscript
+++ b/buildtools/wafsamba/wscript
@@ -189,6 +189,11 @@ Currently the only tested value is 'smbtorture,smbd/smbd'
for Samba'''),
action="store_true",
dest='undefined_sanitizer',
default=False)
+ gr.add_option('--memory-sanitizer',
+ help=("Enable memory behaviour sanitizer compile and linker flags"),
+ action="store_true",
+ dest='memory_sanitizer',
+ default=False)
gr.add_option('--enable-libfuzzer',
help=("Build fuzzing binaries (use ADDITIONAL_CFLAGS to
specify compiler options for libFuzzer or use CC=honggfuzz/hfuzz-cc)"),
action="store_true", dest='enable_libfuzzer', default=False)
diff --git a/lib/ldb-samba/ldb_ildap.c b/lib/ldb-samba/ldb_ildap.c
index b15f38b3843..d738d1da0cf 100644
--- a/lib/ldb-samba/ldb_ildap.c
+++ b/lib/ldb-samba/ldb_ildap.c
@@ -476,10 +476,17 @@ static int ildb_search(struct ildb_context *ac)
return LDB_ERR_OPERATIONS_ERROR;
}
- if (req->op.search.scope == LDB_SCOPE_DEFAULT) {
+ switch (req->op.search.scope) {
+ case LDB_SCOPE_DEFAULT:
+ case LDB_SCOPE_SUBTREE:
msg->r.SearchRequest.scope = LDAP_SEARCH_SCOPE_SUB;
- } else {
- msg->r.SearchRequest.scope = req->op.search.scope;
+ break;
+ case LDB_SCOPE_BASE:
+ msg->r.SearchRequest.scope = LDAP_SEARCH_SCOPE_BASE;
+ break;
+ case LDB_SCOPE_ONELEVEL:
+ msg->r.SearchRequest.scope = LDAP_SEARCH_SCOPE_SINGLE;
+ break;
}
msg->r.SearchRequest.deref = LDAP_DEREFERENCE_NEVER;
diff --git a/lib/replace/wscript b/lib/replace/wscript
index 5c2b750832b..d6625817e02 100644
--- a/lib/replace/wscript
+++ b/lib/replace/wscript
@@ -131,6 +131,9 @@ def configure(conf):
if conf.CHECK_CFLAGS('-Wno-strict-overflow'):
conf.define('HAVE_WNO_STRICT_OVERFLOW', '1')
+ if conf.CHECK_CFLAGS('-Wno-unused-but-set-variable'):
+ conf.define('HAVE_WNO_UNUSED_BUT_SET_VARIABLE', '1')
+
if conf.CHECK_CFLAGS('-Wuse-after-free=1'):
conf.define('HAVE_WUSE_AFTER_FREE_1', '1')
diff --git a/nsswitch/pam_winbind.c b/nsswitch/pam_winbind.c
index 87aa79de82c..5e5cf0af8b8 100644
--- a/nsswitch/pam_winbind.c
+++ b/nsswitch/pam_winbind.c
@@ -3291,8 +3291,7 @@ int pam_sm_chauthtok(pam_handle_t * pamh, int flags,
"failed to set PAM_OLDAUTHTOK");
}
} else if (flags & PAM_UPDATE_AUTHTOK) {
-
- time_t *pwdlastset_update = NULL;
+ const time_t *pwdlastset_update = NULL;
/*
* obtain the proposed password
@@ -3357,7 +3356,7 @@ int pam_sm_chauthtok(pam_handle_t * pamh, int flags,
*/
pam_get_data(pamh,
PAM_WINBIND_PWD_LAST_SET,
- (const void **)&pwdlastset_update);
+ (const void **)(&pwdlastset_update));
/*
* if cached creds were enabled, make sure to set the
diff --git a/source3/lib/netapi/tests/netfile.c
b/source3/lib/netapi/tests/netfile.c
index bee3c2ed5eb..87aff029320 100644
--- a/source3/lib/netapi/tests/netfile.c
+++ b/source3/lib/netapi/tests/netfile.c
@@ -37,9 +37,6 @@ static NET_API_STATUS test_netfileenum(const char *hostname,
uint8_t *buffer = NULL;
int i;
- struct FILE_INFO_2 *i2 = NULL;
- struct FILE_INFO_3 *i3 = NULL;
-
printf("testing NetFileEnum level %d\n", level);
do {
@@ -55,10 +52,8 @@ static NET_API_STATUS test_netfileenum(const char *hostname,
if (status == 0 || status == ERROR_MORE_DATA) {
switch (level) {
case 2:
- i2 = (struct FILE_INFO_2 *)buffer;
break;
case 3:
- i3 = (struct FILE_INFO_3 *)buffer;
break;
default:
return -1;
@@ -76,10 +71,8 @@ static NET_API_STATUS test_netfileenum(const char *hostname,
--
Samba Shared Repository
