[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via b919798f575 smbd: early out in is_visible_fsp()
via 3cb9f8f5ff2 vfs_fruit: remove a fsp check from ad_fset()
from bbdcd66c048 s3: smbd: dirfsp is being used uninitialized inside
rmdir_internals().
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit b919798f5758e3284ff7f6f7402312c0a4b24d03
Author: Ralph Boehme
Date: Wed Nov 3 14:40:01 2021 +0100
smbd: early out in is_visible_fsp()
This is used in a hot codepath (directory enumeration) so we should
avoiding the
string comparisions by adding an early exit.
Signed-off-by: Ralph Boehme
Reviewed-by: Jeremy Allison
Autobuild-User(master): Jeremy Allison
Autobuild-Date(master): Wed Nov 3 17:33:00 UTC 2021 on sn-devel-184
commit 3cb9f8f5ff29c14e117b57896c4540cc66510a1a
Author: Ralph Boehme
Date: Tue Nov 2 05:34:59 2021 +0100
vfs_fruit: remove a fsp check from ad_fset()
This comes from times before we had pathref fsps. Back then if you wanted to
check if fsp->fh->fd contained a valid value != -1, you'd also first check
that
the passed in fsp and fsp->fh are non NULL. With pathref fsps we don't need
this
anymore.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14890
RN: Crash in vfs_fruit asking for fsp_get_io_fd() for an XATTR call
Signed-off-by: Ralph Boehme
Reviewed-by: Jeremy Allison
---
Summary of changes:
source3/lib/adouble.c | 7 ---
source3/smbd/dir.c| 8
2 files changed, 8 insertions(+), 7 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/lib/adouble.c b/source3/lib/adouble.c
index fd435b6592d..f809a445081 100644
--- a/source3/lib/adouble.c
+++ b/source3/lib/adouble.c
@@ -2591,13 +2591,6 @@ int ad_fset(struct vfs_handle_struct *handle,
DBG_DEBUG("Path [%s]\n", fsp_str_dbg(fsp));
- if ((fsp == NULL)
- || (fsp->fh == NULL)
- || (fsp_get_io_fd(fsp) == -1))
- {
- smb_panic("bad fsp");
- }
-
ok = ad_pack(handle, ad, fsp);
if (!ok) {
return -1;
diff --git a/source3/smbd/dir.c b/source3/smbd/dir.c
index 4d61bb0d56d..856a3625a75 100644
--- a/source3/smbd/dir.c
+++ b/source3/smbd/dir.c
@@ -1356,6 +1356,14 @@ bool is_visible_fsp(struct files_struct *fsp)
hide_special = lp_hide_special_files(SNUM(fsp->conn));
hide_new_files_timeout = lp_hide_new_files_timeout(SNUM(fsp->conn));
+ if (!hide_unreadable &&
+ !hide_unwriteable &&
+ !hide_special &&
+ (hide_new_files_timeout == 0))
+ {
+ return true;
+ }
+
if (fsp->base_fsp != NULL) {
/* Only operate on non-stream files. */
fsp = fsp->base_fsp;
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via bbdcd66c048 s3: smbd: dirfsp is being used uninitialized inside
rmdir_internals().
from a8a0667263d s3:librpc: Improve calling of krb5_kt_end_seq_get()
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit bbdcd66c048fee39629aeff450b50d049806e2f7
Author: Jeremy Allison
Date: Tue Nov 2 10:44:44 2021 -0700
s3: smbd: dirfsp is being used uninitialized inside rmdir_internals().
Not caught be the tests in bugs 14878, 14879 as can_delete_directory_fsp()
doesn't have the same bug.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14892
Signed-off-by: Jeremy Allison
Reviewed-by: Ralph Boehme
Autobuild-User(master): Ralph Böhme
Autobuild-Date(master): Wed Nov 3 14:33:49 UTC 2021 on sn-devel-184
---
Summary of changes:
source3/smbd/close.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
Changeset truncated at 500 lines:
diff --git a/source3/smbd/close.c b/source3/smbd/close.c
index eae276b2e9c..ad10215a4fa 100644
--- a/source3/smbd/close.c
+++ b/source3/smbd/close.c
@@ -1052,6 +1052,8 @@ static NTSTATUS rmdir_internals(TALLOC_CTX *ctx, struct
files_struct *fsp)
goto err;
}
+ dirfsp = dir_hnd_fetch_fsp(dir_hnd);
+
while ((dname = ReadDirName(dir_hnd, , , )) != NULL)
{
struct smb_filename *smb_dname_full = NULL;
struct smb_filename *direntry_fname = NULL;
@@ -1200,7 +1202,6 @@ static NTSTATUS rmdir_internals(TALLOC_CTX *ctx, struct
files_struct *fsp)
/* Do a recursive delete. */
RewindDir(dir_hnd,);
- dirfsp = dir_hnd_fetch_fsp(dir_hnd);
while ((dname = ReadDirName(dir_hnd, , , )) != NULL)
{
struct smb_filename *direntry_fname = NULL;
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via a8a0667263d s3:librpc: Improve calling of krb5_kt_end_seq_get()
from 5199eb14123 gp: Apply Firewalld Policy
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit a8a0667263dc635d67da3ca3f48b46f71ca12289
Author: Pavel Filipenský
Date: Thu Oct 21 15:01:48 2021 +0200
s3:librpc: Improve calling of krb5_kt_end_seq_get()
Remove indentation with early return, best reviewed with
git show -b
Signed-off-by: Pavel Filipenský
Reviewed-by: Jeremy Allison
Reviewed-by: Andreas Schneider
Autobuild-User(master): Andreas Schneider
Autobuild-Date(master): Wed Nov 3 08:36:00 UTC 2021 on sn-devel-184
---
Summary of changes:
source3/librpc/crypto/gse_krb5.c | 110 +--
1 file changed, 59 insertions(+), 51 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/librpc/crypto/gse_krb5.c b/source3/librpc/crypto/gse_krb5.c
index 804247e784d..83741c914a3 100644
--- a/source3/librpc/crypto/gse_krb5.c
+++ b/source3/librpc/crypto/gse_krb5.c
@@ -37,9 +37,8 @@ static krb5_error_code flush_keytab(krb5_context krbctx,
krb5_keytab keytab)
ZERO_STRUCT(kt_entry);
ret = krb5_kt_start_seq_get(krbctx, keytab, _cursor);
- if (ret == KRB5_KT_END || ret == ENOENT ) {
- /* no entries */
- return 0;
+ if (ret != 0) {
+ return ret;
}
ret = krb5_kt_next_entry(krbctx, keytab, _entry, _cursor);
@@ -48,7 +47,7 @@ static krb5_error_code flush_keytab(krb5_context krbctx,
krb5_keytab keytab)
/* we need to close and reopen enumeration because we modify
* the keytab */
ret = krb5_kt_end_seq_get(krbctx, keytab, _cursor);
- if (ret) {
+ if (ret != 0) {
DEBUG(1, (__location__ ": krb5_kt_end_seq_get() "
"failed (%s)\n", error_message(ret)));
goto out;
@@ -56,7 +55,7 @@ static krb5_error_code flush_keytab(krb5_context krbctx,
krb5_keytab keytab)
/* remove the entry */
ret = krb5_kt_remove_entry(krbctx, keytab, _entry);
- if (ret) {
+ if (ret != 0) {
DEBUG(1, (__location__ ": krb5_kt_remove_entry() "
"failed (%s)\n", error_message(ret)));
goto out;
@@ -66,7 +65,7 @@ static krb5_error_code flush_keytab(krb5_context krbctx,
krb5_keytab keytab)
/* now reopen */
ret = krb5_kt_start_seq_get(krbctx, keytab, _cursor);
- if (ret) {
+ if (ret != 0) {
DEBUG(1, (__location__ ": krb5_kt_start_seq() failed "
"(%s)\n", error_message(ret)));
goto out;
@@ -81,6 +80,12 @@ static krb5_error_code flush_keytab(krb5_context krbctx,
krb5_keytab keytab)
error_message(ret)));
}
+ ret = krb5_kt_end_seq_get(krbctx, keytab, _cursor);
+ if (ret != 0) {
+ DEBUG(1, (__location__ ": krb5_kt_end_seq_get() "
+ "failed (%s)\n", error_message(ret)));
+ goto out;
+ }
ret = 0;
out:
@@ -156,7 +161,7 @@ static krb5_error_code
fill_mem_keytab_from_secrets(krb5_context krbctx,
krb5_keytab *keytab)
{
TALLOC_CTX *frame = talloc_stackframe();
- krb5_error_code ret;
+ krb5_error_code ret, ret2;
const char *domain = lp_workgroup();
struct secrets_domain_info1 *info = NULL;
const char *realm = NULL;
@@ -198,55 +203,61 @@ static krb5_error_code
fill_mem_keytab_from_secrets(krb5_context krbctx,
/* check if the keytab already has any entry */
ret = krb5_kt_start_seq_get(krbctx, *keytab, _cursor);
- if (ret != KRB5_KT_END && ret != ENOENT ) {
- /* check if we have our special enctype used to hold
-* the clear text password. If so, check it out so that
-* we can verify if the keytab needs to be upgraded */
- while ((ret = krb5_kt_next_entry(krbctx, *keytab,
- _entry, _cursor)) == 0) {
- if (smb_krb5_kt_get_enctype_from_entry(_entry) ==
- CLEARTEXT_PRIV_ENCTYPE) {
- break;
- }
- smb_krb5_kt_free_entry(krbctx, _entry);
- ZERO_STRUCT(kt_entry);
- }
+ if (ret != 0) {
+ goto out;
+ }
- if (ret != 0 && ret != KRB5_KT_END && ret != ENOENT ) {
-
