[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via fdccaab ctdb/eventscripts: Do not reconfigure in "monitor" events from 970a6ef share_ldb: Fix a memleak http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit fdccaab2a9a1b9d7eebcd7a4d121dbf68ea48dcd Author: Martin Schwenke Date: Mon Dec 9 15:54:52 2013 +1100 ctdb/eventscripts: Do not reconfigure in "monitor" events "monitor" events can be cancelled. If a reconfigure action does a service restart then the "monitor" event can be cancelled at the inconvenient moment after the service is stopped. In this case the service stays down and the node may become unhealthy (depending on whether there are any repair actions in the monitor event). A long time ago we did service reconfiguration in "monitor" events following failovers. Service reconfiguration was then moved to the "ipreallocated" event. However, reconfiguration in "monitor" events has been kept as a last resort in case an "ipreallocate" event does not occur. The only important case that this covers is "ctdb deleteip", where "releaseip" events are generated without a corresponding "ipreallocated". Therefore, IPs can be deleted without running the required service reconfiguration. The supported way of removing IP addresses is now via "ctdb reloadips", which always causes a takeover run with a corresponding "ipreallocate" event. This means that service reconfiguration in "monitor" events is no longer required and should be removed because it is unsafe. Also update the associated tests. Make the first confirm that the monitor event no longer does reconfiguration. Change the others to test that monitor status is correctly replayed when something else is doing a reconfigure and currently holds the reconfigure lock. Signed-off-by: Martin Schwenke Reviewed-by: Amitay Isaacs Autobuild-User(master): Amitay Isaacs Autobuild-Date(master): Tue Dec 17 06:32:35 CET 2013 on sn-devel-104 --- Summary of changes: ctdb/config/functions | 10 -- ctdb/tests/eventscripts/60.nfs.multi.002.sh | 10 ++ ctdb/tests/eventscripts/60.nfs.multi.003.sh |5 +++-- ctdb/tests/eventscripts/60.nfs.multi.004.sh |5 +++-- ctdb/tests/eventscripts/60.nfs.multi.005.sh |5 +++-- 5 files changed, 11 insertions(+), 24 deletions(-) Changeset truncated at 500 lines: diff --git a/ctdb/config/functions b/ctdb/config/functions index aa31f89..4430d86 100755 --- a/ctdb/config/functions +++ b/ctdb/config/functions @@ -1195,16 +1195,6 @@ ctdb_service_check_reconfigure () ctdb_service_reconfigure fi ;; - monitor) - if ctdb_service_needs_reconfigure ; then - ctdb_service_reconfigure - # Given that the reconfigure might not have - # resulted in the service being stable yet, we - # replay the previous status since that's the best - # information we have. - ctdb_replay_monitor_status - fi - ;; esac else # Somebody else is running an event we don't want to collide diff --git a/ctdb/tests/eventscripts/60.nfs.multi.002.sh b/ctdb/tests/eventscripts/60.nfs.multi.002.sh index 350c1bc..29386c1 100755 --- a/ctdb/tests/eventscripts/60.nfs.multi.002.sh +++ b/ctdb/tests/eventscripts/60.nfs.multi.002.sh @@ -2,7 +2,7 @@ . "${TEST_SCRIPTS_DIR}/unit.sh" -define_test "takeip, monitor -> reconfigure" +define_test "takeip, monitor -> no reconfigure" setup_nfs @@ -12,12 +12,6 @@ ok_null simple_test_event "takeip" $public_address -# This currently assumes that ctdb scriptstatus will always return a -# good status (when replaying). That should change and we will need -# to split this into 2 tests. -ok < reconfigure, replay error" +define_test "takeip, take reconfigure lock, monitor -> replay error" setup_nfs @@ -16,8 +16,9 @@ simple_test_event "takeip" $public_address ctdb_fake_scriptstatus 1 "ERROR" "$err" +eventscript_call ctdb_reconfigure_try_lock + required_result 1 < reconfigure, replay timedout" +define_test "takeip, take reconfigure lock, monitor -> reconfigure, replay timedout" setup_nfs @@ -16,8 +16,9 @@ simple_test_event "takeip" $public_address ctdb_fake_scriptstatus -62 "TIMEDOUT" "$err" +eventscript_call ctdb_reconfigure_try_lock + required_result 1 < reconfigure, replay disabled" +define_test "takeip, take reconfigure lock, monitor -> reconfigure, replay disabled" setup_nfs @@ -16,8 +16,9 @@ simple_test_event "takeip" $public_address ctdb_fake_scriptstatus -8 "DISABLED" "$err" +eventscript_call ctdb_reconfigure_try_lock + o
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 970a6ef share_ldb: Fix a memleak via 20efaf9 share_ldb: Fix CID 1138336 Dereference null return value via b067f1e share_ldb: Fix a memleak via ec270cf share_ldb: Fix CID 1138337 Dereference null return value via e8b0726 ldb: Fix 1138330 Dereference null return value via f25e2b9 smbd: Fix CID 1138328 Logically dead code via 5677c63 scannedonly: Fix CID 242109 Unchecked return value from library via 65d0dce ntvfs: Fix CID 241291 Argument cannot be negative via 91ef262 tevent: Fix CID 1138326 Unchecked return value via c943937 Fix CID 1138340 Resource leak via b2937fd Fix CID 1138341 Resource leak via b263bfe tdb_util: Fix whitespace via 677056c tdb_util: Fix CID 1138343 Uninitialized scalar variable from 92257ee s3: Handle stat call with capability in vfs_gpfs http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 970a6efa3b5fc11aa4ff79049738bb971a129a62 Author: Volker Lendecke Date: Sun Dec 15 21:28:08 2013 +0100 share_ldb: Fix a memleak Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Tue Dec 17 03:50:58 CET 2013 on sn-devel-104 commit 20efaf9ea74f6c5ed7554aab2a0e687ed5a2f717 Author: Volker Lendecke Date: Sun Dec 15 21:28:08 2013 +0100 share_ldb: Fix CID 1138336 Dereference null return value False positive, but this way we avoid another strchr Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit b067f1e35bd3e3fa886aae3b0011e1585664f11e Author: Volker Lendecke Date: Sun Dec 15 21:29:59 2013 +0100 share_ldb: Fix a memleak Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit ec270cf6a81d0c9349649ce0945d4da1df320871 Author: Volker Lendecke Date: Sun Dec 15 21:28:08 2013 +0100 share_ldb: Fix CID 1138337 Dereference null return value False positive, but this way we avoid another strchr Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit e8b0726411213acb133a25c14ab42020e4a8de68 Author: Volker Lendecke Date: Sun Dec 15 21:23:59 2013 +0100 ldb: Fix 1138330 Dereference null return value Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit f25e2b93d30e9884dee30e97ca02fd35b0eb99d3 Author: Volker Lendecke Date: Sun Dec 15 21:18:07 2013 +0100 smbd: Fix CID 1138328 Logically dead code Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 5677c63f1cafec833aa2f77d1b20f575ec2f3eeb Author: Volker Lendecke Date: Sun Dec 15 21:07:00 2013 +0100 scannedonly: Fix CID 242109 Unchecked return value from library Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 65d0dceea53035d379eb125cdd78e43501709e4e Author: Volker Lendecke Date: Sun Dec 15 21:00:04 2013 +0100 ntvfs: Fix CID 241291 Argument cannot be negative getgroups can return -1, which talloc_array won't be happy about Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 91ef262c633aebd0da8ab7c4b51e2aa9d55b7ddb Author: Volker Lendecke Date: Sun Dec 15 20:40:06 2013 +0100 tevent: Fix CID 1138326 Unchecked return value For this case we explicitly have added tevent_req_oom Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit c943937ec69f6547533f34ae83a268960395b521 Author: Volker Lendecke Date: Sun Dec 15 20:28:53 2013 +0100 Fix CID 1138340 Resource leak Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit b2937fd6186003740f3bef3c2f4fd54a4d3cf335 Author: Volker Lendecke Date: Sun Dec 15 20:28:04 2013 +0100 Fix CID 1138341 Resource leak Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit b263bfef2f873637ff5d83f3e78fa98902abe5c5 Author: Volker Lendecke Date: Sun Dec 15 20:23:16 2013 +0100 tdb_util: Fix whitespace Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 677056c55bc7e5c182ccb146955bb1314ed6a1d5 Author: Volker Lendecke Date: Sun Dec 15 20:22:36 2013 +0100 tdb_util: Fix CID 1138343 Uninitialized scalar variable Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison --- Summary of changes: ctdb/lib/replace/test/testsuite.c |3 +++ lib/ldb/common/ldb.c |4 lib/tdb_wrap/tdb_wrap.c | 18 ++ lib/tevent/tevent_queue.c |2 +- source3/modules/vfs_scannedonly.c | 10 ++ source3/smbd/smb2_server.c|2 ++ source4/ntvfs/posix/pvfs_acl.c|2 +- source4/param/share_ldb.c | 20 8 files chang
[SCM] Samba Website Repository - branch master updated
The branch, master has been updated via 4a89a7c consolidate Supported release information on the release planning wiki page from 2bd3978 Update list of current branches. http://gitweb.samba.org/?p=samba-web.git;a=shortlog;h=master - Log - commit 4a89a7c19454d8cdd94d533ff91d600a117e6bd8 Author: Andrew Bartlett Date: Tue Dec 17 14:15:50 2013 +1300 consolidate Supported release information on the release planning wiki page This avoids having multiple pages to update each time we make a major release, and tries to make searching for our supported release dates easier. Andrew Bartlett Signed-off-by: Andrew Bartlett --- Summary of changes: docs/FAQ/index.html | 25 - 1 files changed, 4 insertions(+), 21 deletions(-) Changeset truncated at 500 lines: diff --git a/docs/FAQ/index.html b/docs/FAQ/index.html index b4cd809..7b8aaea 100755 --- a/docs/FAQ/index.html +++ b/docs/FAQ/index.html @@ -62,31 +62,14 @@ and maintainability also have to be addressed. Generally, though, we try to include as much good work as we can. Which Samba version should I run? -The Samba 2.2 branch is no longer maintained. It's EOL was October 1, 2004. - -The Samba 3.0 branch is not supported any longer. - -The Samba 3.2 branch is not supported any longer. - -The Samba 3.3 branch is not supported any longer. - -The Samba 3.4 branch is not supported any longer. - -The Samba 3.5 branch is in the security fixes only mode. - -The Samba 3.6 branch is in the maintenance mode. That means, major issues -will be fixed on a as needed basis. - -The Samba 4.0 branch is in the bug fix mode. That means, bug fix releases -are available approximately every six weeks (on a as needed basis). - -The current stable, production Samba server is the Samba 4.0 branch. The -most recent release is always the recommended version for production use. +The most recent release is always the recommended version for production use. See the release history page for an overview of current and past releases or the http://wiki.samba.org/index.php/Samba_Release_Planning";>Release Planning Wiki page for more information on current and upcoming releases -and schedules. +and schedules, including information on +https://wiki.samba.org/index.php/Samba_Release_Planning#Samba_Release_Planning_and_Supported_Release_Lifetime";> +support lifetimes and EOL dates for each release. How do I verify a tarball with the GnuPG signature? -- Samba Website Repository
Re: [SCM] Samba Shared Repository - branch master updated
On Mon, 2013-12-16 at 13:05 -0800, Jeremy Allison wrote: > On Mon, Dec 16, 2013 at 03:56:16PM -0500, Simo wrote: > > On Mon, 2013-12-16 at 10:34 -0800, Jeremy Allison wrote: > > > On Sat, Dec 14, 2013 at 01:20:04PM +0100, Stefan Metzmacher wrote: > > > > > > > > commit 5baa7402ba8eebd9b2ddc6b259ae9bb2852b4bb1 > > > > Author: Volker Lendecke > > > > Date: Fri Dec 6 14:34:05 2013 + > > > > > > > > smbd: Implement and use full_path_tos > > > > > > > > Yes, this looks like a hack, but talloc_asprintf does show up high > > > > in > > > > profiles called from these routines > > > > > > > > Signed-off-by: Volker Lendecke > > > > Reviewed-by: Stefan Metzmacher > > > > > > Hahaha ! Coming this summer to a cinema near you : > > > > > > "Samba 4 - Revenge of the pstrings" :-) :-). > > > > Uhm, given this string is never passed anywhere and you want to use the > > stack, why didn't you simply use alloca() + snprintf() ? > > > > That would seem a lot simpler and as effective to me, am I missing > > something ? > > I don't think alloca is as portable as the code > Volker wrote. I see. Simo.
Re: [SCM] Samba Shared Repository - branch master updated
On Mon, Dec 16, 2013 at 03:56:16PM -0500, Simo wrote: > On Mon, 2013-12-16 at 10:34 -0800, Jeremy Allison wrote: > > On Sat, Dec 14, 2013 at 01:20:04PM +0100, Stefan Metzmacher wrote: > > > > > > commit 5baa7402ba8eebd9b2ddc6b259ae9bb2852b4bb1 > > > Author: Volker Lendecke > > > Date: Fri Dec 6 14:34:05 2013 + > > > > > > smbd: Implement and use full_path_tos > > > > > > Yes, this looks like a hack, but talloc_asprintf does show up high in > > > profiles called from these routines > > > > > > Signed-off-by: Volker Lendecke > > > Reviewed-by: Stefan Metzmacher > > > > Hahaha ! Coming this summer to a cinema near you : > > > > "Samba 4 - Revenge of the pstrings" :-) :-). > > Uhm, given this string is never passed anywhere and you want to use the > stack, why didn't you simply use alloca() + snprintf() ? > > That would seem a lot simpler and as effective to me, am I missing > something ? I don't think alloca is as portable as the code Volker wrote.
Re: [SCM] Samba Shared Repository - branch master updated
On Mon, 2013-12-16 at 10:34 -0800, Jeremy Allison wrote: > On Sat, Dec 14, 2013 at 01:20:04PM +0100, Stefan Metzmacher wrote: > > > > commit 5baa7402ba8eebd9b2ddc6b259ae9bb2852b4bb1 > > Author: Volker Lendecke > > Date: Fri Dec 6 14:34:05 2013 + > > > > smbd: Implement and use full_path_tos > > > > Yes, this looks like a hack, but talloc_asprintf does show up high in > > profiles called from these routines > > > > Signed-off-by: Volker Lendecke > > Reviewed-by: Stefan Metzmacher > > Hahaha ! Coming this summer to a cinema near you : > > "Samba 4 - Revenge of the pstrings" :-) :-). Uhm, given this string is never passed anywhere and you want to use the stack, why didn't you simply use alloca() + snprintf() ? That would seem a lot simpler and as effective to me, am I missing something ? Simo.
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 92257ee s3: Handle stat call with capability in vfs_gpfs via 47175f5 s3: Add DAC_OVERRIDE capability support from 04297e8 gencache: Fix a type-punned warning http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 92257ee41fd5d47b4248ae582bb48b71a13c7174 Author: Abhidnya Joshi Date: Tue Dec 10 11:01:43 2013 +0100 s3: Handle stat call with capability in vfs_gpfs Reviewed-by: Volker Lendecke Reviewed-by: Christof Schmitt Autobuild-User(master): Christof Schmitt Autobuild-Date(master): Mon Dec 16 20:05:23 CET 2013 on sn-devel-104 commit 47175f5760f485e447bb24966627a4ab80af30f9 Author: Abhidnya Joshi Date: Tue Dec 10 09:10:21 2013 +0100 s3: Add DAC_OVERRIDE capability support Reviewed-by: Volker Lendecke Reviewed-by: Christof Schmitt --- Summary of changes: source3/include/smb.h |3 +- source3/lib/system.c |4 +++ source3/modules/vfs_gpfs.c | 56 3 files changed, 62 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/include/smb.h b/source3/include/smb.h index 16aef87..9fe0533 100644 --- a/source3/include/smb.h +++ b/source3/include/smb.h @@ -743,7 +743,8 @@ minimum length == 24. enum smbd_capability { KERNEL_OPLOCK_CAPABILITY, DMAPI_ACCESS_CAPABILITY, -LEASE_CAPABILITY +LEASE_CAPABILITY, +DAC_OVERRIDE_CAPABILITY }; /* diff --git a/source3/lib/system.c b/source3/lib/system.c index f251290..af72b2a 100644 --- a/source3/lib/system.c +++ b/source3/lib/system.c @@ -785,6 +785,10 @@ static bool set_process_capability(enum smbd_capability capability, cap_vals[num_cap_vals++] = CAP_LEASE; #endif break; + case DAC_OVERRIDE_CAPABILITY: +#ifdef CAP_DAC_OVERRIDE + cap_vals[num_cap_vals++] = CAP_DAC_OVERRIDE; +#endif } SMB_ASSERT(num_cap_vals <= ARRAY_SIZE(cap_vals)); diff --git a/source3/modules/vfs_gpfs.c b/source3/modules/vfs_gpfs.c index 4a53bf8..c374957 100644 --- a/source3/modules/vfs_gpfs.c +++ b/source3/modules/vfs_gpfs.c @@ -1411,6 +1411,46 @@ static ssize_t gpfs_get_xattr(struct vfs_handle_struct *handle, const char *pat return 4; } +#if defined(HAVE_FSTATAT) +static int stat_with_capability(struct vfs_handle_struct *handle, + struct smb_filename *smb_fname, int flag) +{ + int fd = -1; + bool b; + char *dir_name; + const char *rel_name = NULL; + struct stat st; + int ret = -1; + + b = parent_dirname(talloc_tos(), smb_fname->base_name, + &dir_name, &rel_name); + if (!b) { + errno = ENOMEM; + return -1; + } + + fd = open(dir_name, O_RDONLY, 0); + TALLOC_FREE(dir_name); + if (fd == -1) { + return -1; + } + + set_effective_capability(DAC_OVERRIDE_CAPABILITY); + ret = fstatat(fd, rel_name, &st, flag); + drop_effective_capability(DAC_OVERRIDE_CAPABILITY); + + close(fd); + + if (ret == 0) { + init_stat_ex_from_stat( + &smb_fname->st, &st, + lp_fake_dir_create_times(SNUM(handle->conn))); + } + + return ret; +} +#endif + static int vfs_gpfs_stat(struct vfs_handle_struct *handle, struct smb_filename *smb_fname) { @@ -1425,6 +1465,13 @@ static int vfs_gpfs_stat(struct vfs_handle_struct *handle, return -1); ret = SMB_VFS_NEXT_STAT(handle, smb_fname); +#if defined(HAVE_FSTATAT) + if (ret == -1 && errno == EACCES) { + DEBUG(10, ("Trying stat with capability for %s\n", + smb_fname->base_name)); + ret = stat_with_capability(handle, smb_fname, 0); + } +#endif if (ret == -1) { return -1; } @@ -1494,6 +1541,15 @@ static int vfs_gpfs_lstat(struct vfs_handle_struct *handle, return -1); ret = SMB_VFS_NEXT_LSTAT(handle, smb_fname); +#if defined(HAVE_FSTATAT) + if (ret == -1 && errno == EACCES) { + DEBUG(10, ("Trying lstat with capability for %s\n", + smb_fname->base_name)); + ret = stat_with_capability(handle, smb_fname, + AT_SYMLINK_NOFOLLOW); + } +#endif + if (ret == -1) { return -1; } -- Samba Shared Repository
Re: [SCM] Samba Shared Repository - branch master updated
On Sat, Dec 14, 2013 at 01:20:04PM +0100, Stefan Metzmacher wrote: > > commit 5baa7402ba8eebd9b2ddc6b259ae9bb2852b4bb1 > Author: Volker Lendecke > Date: Fri Dec 6 14:34:05 2013 + > > smbd: Implement and use full_path_tos > > Yes, this looks like a hack, but talloc_asprintf does show up high in > profiles called from these routines > > Signed-off-by: Volker Lendecke > Reviewed-by: Stefan Metzmacher Hahaha ! Coming this summer to a cinema near you : "Samba 4 - Revenge of the pstrings" :-) :-). Great work though. I take it this was a cachegrind find ? Cheers, Jeremy.
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 04297e8 gencache: Fix a type-punned warning from ef5a3be s3: smbpasswd - fix crashes on invalid input. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 04297e8914548fc5cadb912901305c75ee662154 Author: Volker Lendecke Date: Mon Dec 16 12:42:46 2013 +0100 gencache: Fix a type-punned warning Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider Autobuild-User(master): Andreas Schneider Autobuild-Date(master): Mon Dec 16 17:11:13 CET 2013 on sn-devel-104 --- Summary of changes: source3/lib/gencache.c |6 +- 1 files changed, 5 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/lib/gencache.c b/source3/lib/gencache.c index 835f5e1..168b511 100644 --- a/source3/lib/gencache.c +++ b/source3/lib/gencache.c @@ -723,7 +723,11 @@ bool gencache_get(const char *keystr, TALLOC_CTX *mem_ctx, char **value, return false; } if (value) { - *value = talloc_move(mem_ctx, (char **)&blob.data); + /* +* talloc_move generates a type-punned warning here. As we +* leave the function immediately, do a simple talloc_steal. +*/ + *value = (char *)talloc_steal(mem_ctx, blob.data); return true; } data_blob_free(&blob); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via ef5a3be s3: smbpasswd - fix crashes on invalid input. from 5ac5e33 auth_samba4: Describe the slightly unusual role of auth_samba4 http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit ef5a3bedab74420baf0c653cf8e304fe6c2a13b4 Author: Jeremy Allison Date: Thu Dec 12 09:37:25 2013 -0800 s3: smbpasswd - fix crashes on invalid input. get_pass can return NULL on error. Ensure that this is always the case and fix all callers to cope (some already did). Reported by Joonas Kuorilehto BUG: https://bugzilla.samba.org/show_bug.cgi?id=10320 Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Mon Dec 16 15:17:58 CET 2013 on sn-devel-104 --- Summary of changes: source3/utils/net.c |5 + source3/utils/passwd_util.c | 14 +- source3/utils/smbpasswd.c | 14 ++ 3 files changed, 28 insertions(+), 5 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/utils/net.c b/source3/utils/net.c index 3473641..1308d94 100644 --- a/source3/utils/net.c +++ b/source3/utils/net.c @@ -105,6 +105,11 @@ static int net_changesecretpw(struct net_context *c, int argc, } trust_pw = get_pass(_("Enter machine password: "), c->opt_stdin); + if (trust_pw == NULL) { + d_fprintf(stderr, + _("Error in reading machine password\n")); + return 1; + } if (!secrets_store_machine_password(trust_pw, lp_workgroup(), sec_channel_type)) { d_fprintf(stderr, diff --git a/source3/utils/passwd_util.c b/source3/utils/passwd_util.c index 5716c17..4884d63 100644 --- a/source3/utils/passwd_util.c +++ b/source3/utils/passwd_util.c @@ -42,11 +42,12 @@ char *stdin_new_passwd( void) * the newline that ends the password, then replace the newline with * a null terminator. */ - if ( fgets(new_pw, sizeof(new_pw), stdin) != NULL) { - if ((len = strlen(new_pw)) > 0) { - if(new_pw[len-1] == '\n') - new_pw[len - 1] = 0; - } + if ( fgets(new_pw, sizeof(new_pw), stdin) == NULL) { + return NULL; + } + if ((len = strlen(new_pw)) > 0) { + if(new_pw[len-1] == '\n') + new_pw[len - 1] = 0; } return(new_pw); } @@ -64,6 +65,9 @@ char *get_pass( const char *prompt, bool stdin_get) if (stdin_get) { p = stdin_new_passwd(); + if (p == NULL) { + return NULL; + } } else { rc = samba_getpass(prompt, pwd, sizeof(pwd), false, false); if (rc < 0) { diff --git a/source3/utils/smbpasswd.c b/source3/utils/smbpasswd.c index d93261e..67780ff 100644 --- a/source3/utils/smbpasswd.c +++ b/source3/utils/smbpasswd.c @@ -217,11 +217,17 @@ static char *prompt_for_new_password(bool stdin_get) ZERO_ARRAY(new_pw); p = get_pass("New SMB password:", stdin_get); + if (p == NULL) { + return NULL; + } fstrcpy(new_pw, p); SAFE_FREE(p); p = get_pass("Retype new SMB password:", stdin_get); + if (p == NULL) { + return NULL; + } if (strcmp(p, new_pw)) { fprintf(stderr, "Mismatch - password unchanged.\n"); @@ -311,6 +317,10 @@ static int process_root(int local_flags) printf("Setting stored password for \"%s\" in secrets.tdb\n", ldap_admin_dn); if ( ! *ldap_secret ) { new_passwd = prompt_for_new_password(stdin_passwd_get); + if (new_passwd == NULL) { + fprintf(stderr, "Failed to read new password!\n"); + exit(1); + } fstrcpy(ldap_secret, new_passwd); } if (!store_ldap_admin_pw(ldap_secret)) { @@ -538,6 +548,10 @@ static int process_nonroot(int local_flags) if (remote_machine != NULL) { old_pw = get_pass("Old SMB password:",stdin_passwd_get); + if (old_pw == NULL) { + fprintf(stderr, "Unable to get old password.\n"); + exit(1); + } } if (!new_passwd) { -- Samba Shared Repository