[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 06d673a1a0c third_party/heimdal: Import lorikeet-heimdal-202308030152 (commit 2a036a6fd80833799316b8a85623cdea3a1135df) from 00316255984 dsdb: Make a shallow copy of ldb_parse_tree in operational module https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 06d673a1a0c54e78773cc951124486b547ca880d Author: Joseph Sutton Date: Thu Aug 3 13:57:20 2023 +1200 third_party/heimdal: Import lorikeet-heimdal-202308030152 (commit 2a036a6fd80833799316b8a85623cdea3a1135df) This import fixes the build on 32-bit FreeBSD. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15443 Signed-off-by: Joseph Sutton Reviewed-by: Andrew Bartlett Autobuild-User(master): Joseph Sutton Autobuild-Date(master): Thu Aug 3 05:40:28 UTC 2023 on atb-devel-224 --- Summary of changes: third_party/heimdal/kdc/pkinit.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/third_party/heimdal/kdc/pkinit.c b/third_party/heimdal/kdc/pkinit.c index 080ead541b4..495dfa7a7e5 100644 --- a/third_party/heimdal/kdc/pkinit.c +++ b/third_party/heimdal/kdc/pkinit.c @@ -1978,10 +1978,10 @@ _kdc_pk_validate_freshness_token(astgs_request_t r, token_time, sizeof(token_time), TRUE); kdc_log(r->context, r->config, 4, "Freshness token has too large time skew: " - "time in token %s is out by %ld > %ld seconds — %s", + "time in token %s is out by %ld > %jd seconds — %s", token_time, time_diff, - r->context->max_skew, + (intmax_t)(r->context->max_skew), r->cname); r->e_text = NULL; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 00316255984 dsdb: Make a shallow copy of ldb_parse_tree in operational module via 3b51091c20a dsdb: Replace talloc_steal() with a shallow copy and reference in dsdb_paged_results via 1b68bd977af paged_results: add no memory checks in paged_search() via c67534fe3ff selftest: Add test for combination of anr and paged_results via 8f4c1c67b4f vfs_aio_pthread: fix segfault if samba-tool ntacl get from d23dd3e26c5 dsdb: Add tracing to dsdb_search_dn() similar to gendb_search_v() https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 003162559848ce45d4f5bd3fb66642960538120f Author: Andrew Bartlett Date: Wed Aug 2 14:13:00 2023 +1200 dsdb: Make a shallow copy of ldb_parse_tree in operational module We should not be making modifications to caller memory. In particular, this causes problems for logging of requests if the original request becomes modified. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15442 Signed-off-by: Andrew Bartlett Reviewed-by: Stefan Metzmacher Autobuild-User(master): Stefan Metzmacher Autobuild-Date(master): Wed Aug 2 12:10:20 UTC 2023 on atb-devel-224 commit 3b51091c20a3c807932bcc986ebb8a676e0ffe6a Author: Andrew Bartlett Date: Wed Aug 2 14:12:07 2023 +1200 dsdb: Replace talloc_steal() with a shallow copy and reference in dsdb_paged_results We should not be stealing caller memory like this, and while a talloc_reference() is not much better, this combined with a shallow copy should be a little better in terms of polite memory management. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15442 Signed-off-by: Andrew Bartlett Reviewed-by: Stefan Metzmacher commit 1b68bd977af39263a71af2c6a314c5ccb29e348c Author: Stefan Metzmacher Date: Tue Feb 8 00:41:54 2022 +0100 paged_results: add no memory checks in paged_search() BUG: https://bugzilla.samba.org/show_bug.cgi?id=15442 Signed-off-by: Arvid Requate Signed-off-by: Stefan Metzmacher Signed-off-by: Andrew Bartlett [abart...@samba.org combination of two patches by the above authors] commit c67534fe3ff1652dcf95eac2030778b066cdf7a4 Author: Andrew Bartlett Date: Wed Aug 2 13:40:03 2023 +1200 selftest: Add test for combination of anr and paged_results This combination was known to cause a segfault in Samba 4.13, fixed by 5f0590362c5c0c5ee20503a67467f9be2d50e73b in later versions. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14970 Signed-off-by: Andrew Bartlett Reviewed-by: Stefan Metzmacher commit 8f4c1c67b4f118a9a47b09ac7908cd3d969b19c2 Author: Jones Syue Date: Wed Aug 2 09:48:40 2023 +0800 vfs_aio_pthread: fix segfault if samba-tool ntacl get If configured as AD DC and aio_pthread appended into 'vfs objects'[1], run these commands would get segfault: 1. sudo samba-tool ntacl get . 2. sudo net vfs getntacl sysvol . gdb said it goes through aio_pthread_openat_fn() @ vfs_aio_pthread.c[2], and the fsp->conn->sconn->client is null (0x0). 'sconn->client' memory is allocated when a new connection is accpeted: smbd_accept_connection > smbd_process > smbXsrv_client_create While running local commands looks like it would not go through smbXsrv_client_create so the 'client' is null, segfault might happen. We should not dereference 'client->server_multi_channel_enabled', if 'client' is null. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15441 [1] smb.conf example, samba-4.18.5, ubuntu 22.04.2 [global] dns forwarder = 127.0.0.53 netbios name = U22-JONES-88X1 realm = U22-JONES-88X1.X88X1.JONES server role = active directory domain controller workgroup = X88X1 idmap_ldb:use rfc2307 = yes vfs objects = dfs_samba4 acl_xattr aio_pthread [sysvol] path = /var/lib/samba/sysvol read only = No [netlogon] path = /var/lib/samba/sysvol/u22-jones-88x1.x88x1.jones/scripts read only = No [2] gdb (gdb) run /usr/local/samba/bin/samba-tool ntacl get . Starting program: /usr/local/Python3/bin/python3 /usr/local/samba/bin/samba-tool ntacl get . [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/libthread_db.so.1". Program received signal SIGSEGV, Segmentation fault. 0x7fffd0eb809e in aio_pthread_openat_fn (handle=0x8d5cc0, dirfsp=0x8c3070, smb_fname=0x18ab4f0, fsp=0x1af3550, flags=196608, mode=0) at ../../source3/modules/vfs_aio_pthread.c:467 warning: Source file is more recent than executable. 467 if (fsp->conn->sconn->client->server_multi_channel_enabled) {
[SCM] Samba Shared Repository - branch v4-17-test updated
The branch, v4-17-test has been updated via d94cbb10b88 s3/utils: avoid erronous NO MEMORY detection from 9313ebba32b dsdb: Use samdb_system_container_dn() in pdb_samba_dsdb_*() https://git.samba.org/?p=samba.git;a=shortlog;h=v4-17-test - Log - commit d94cbb10b882d52782cbabc1328c751cea4cb86f Author: Noel Power Date: Fri Jun 2 14:27:55 2023 +0100 s3/utils: avoid erronous NO MEMORY detection since 5cc3c1b5f6b0289f91c01b20989558badc28fd61 if we don't have a realm specified either on cmdline or in conf file we try to copy (talloc_strdup) a NULL variable which triggers a NO_MEMORY error when we check the result of the copy BUG: https://bugzilla.samba.org/show_bug.cgi?id=15384 Signed-off-by: Noel Power Reviewed-by: Stefan Metzmacher Autobuild-User(master): Stefan Metzmacher Autobuild-Date(master): Sun Jun 4 12:42:16 UTC 2023 on atb-devel-224 (cherry picked from commit 22ab42c1007775abca0b578744d4c18a85cda627) Autobuild-User(v4-17-test): Jule Anger Autobuild-Date(v4-17-test): Wed Aug 2 11:45:00 UTC 2023 on sn-devel-184 --- Summary of changes: source3/utils/net_ads.c | 10 ++ 1 file changed, 6 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c index dd9341f3637..70d05dc541a 100644 --- a/source3/utils/net_ads.c +++ b/source3/utils/net_ads.c @@ -713,10 +713,12 @@ retry: } else if (ads->auth.realm == NULL) { const char *c_realm = cli_credentials_get_realm(c->creds); - ads->auth.realm = talloc_strdup(ads, c_realm); - if (ads->auth.realm == NULL) { - TALLOC_FREE(ads); - return ADS_ERROR(LDAP_NO_MEMORY); + if (c_realm != NULL) { + ads->auth.realm = talloc_strdup(ads, c_realm); + if (ads->auth.realm == NULL) { + TALLOC_FREE(ads); + return ADS_ERROR(LDAP_NO_MEMORY); + } } } -- Samba Shared Repository