The branch, v4-18-test has been updated
via 96793d42907 smbd: don't leak the fsp if close_file_smb() fails
via 5ac859e96e8 s3-net: no secrets access required when processing a
ODJ provisioning
from 9100d5ac2e2 VERSION: Bump version up to Samba 4.18.6...
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test
- Log -----------------------------------------------------------------
commit 96793d42907e28446e093285966d4102b37d08dc
Author: Ralph Boehme <s...@samba.org>
Date: Mon Jul 10 16:34:23 2023 +0200
smbd: don't leak the fsp if close_file_smb() fails
This can happen if DELETE-ON-CLOSE is set, but the deletion fails for some
reason.
The bug was introduced by 1808e5c133474eabc9d3cf91c2a92ec4d92d9fdd.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15417
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Jeremy Allison <j...@samba.org>
Autobuild-User(master): Jeremy Allison <j...@samba.org>
Autobuild-Date(master): Mon Jul 10 21:32:32 UTC 2023 on atb-devel-224
(cherry picked from commit 4da50463e1b75c06d5f8c066e8b4eff48186afb0)
Autobuild-User(v4-18-test): Jule Anger <jan...@samba.org>
Autobuild-Date(v4-18-test): Wed Jul 19 16:23:17 UTC 2023 on atb-devel-224
commit 5ac859e96e83566c7748b6247770fde90fd694a7
Author: Günther Deschner <g...@samba.org>
Date: Tue Jun 6 11:14:01 2023 +0200
s3-net: no secrets access required when processing a ODJ provisioning
It should be possible to call "net offlinejoin provision" as non-root,
no access to secrets.tdb required in that case.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15414
Guenther
Signed-off-by: Guenther Deschner <g...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
Autobuild-User(master): Günther Deschner <g...@samba.org>
Autobuild-Date(master): Wed Jul 5 09:23:22 UTC 2023 on atb-devel-224
(cherry picked from commit bf7fbf7e2b675145e25ce7bffc29abbf44c35540)
-----------------------------------------------------------------------
Summary of changes:
source3/libnet/libnet_join.c | 8 ++++++++
source3/smbd/smb2_close.c | 2 ++
2 files changed, 10 insertions(+)
Changeset truncated at 500 lines:
diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c
index 3bff7ec1412..b60eb112d0a 100644
--- a/source3/libnet/libnet_join.c
+++ b/source3/libnet/libnet_join.c
@@ -2369,6 +2369,14 @@ static WERROR libnet_join_pre_processing(TALLOC_CTX
*mem_ctx,
r->in.admin_account = admin_account;
}
+ if (r->in.provision_computer_account_only) {
+ /*
+ * When in the "provision_computer_account_only" path we do not
+ * need to have access to secrets.tdb at all - gd
+ */
+ return WERR_OK;
+ }
+
if (!secrets_init()) {
libnet_join_set_error_string(mem_ctx, r,
"Unable to open secrets database");
diff --git a/source3/smbd/smb2_close.c b/source3/smbd/smb2_close.c
index ed2b21dc5bc..7812c32afa4 100644
--- a/source3/smbd/smb2_close.c
+++ b/source3/smbd/smb2_close.c
@@ -225,6 +225,8 @@ static NTSTATUS smbd_smb2_close(struct smbd_smb2_request
*req,
if (!NT_STATUS_IS_OK(status)) {
DEBUG(5,("smbd_smb2_close: close_file[%s]: %s\n",
smb_fname_str_dbg(smb_fname), nt_errstr(status)));
+ file_free(smbreq, fsp);
+ *_fsp = fsp = NULL;
return status;
}
--
Samba Shared Repository
