[SCM] Samba Shared Repository - branch v4-12-stable updated
The branch, v4-12-stable has been updated via 703c6301013 VERSION: Disable GIT_SNAPSHOT for the 4.12.15 release. via 05214a24860 WHATSNEW: Add release notes for Samba 4.12.15. via 6a6a33274c0 CVE-2021-20254 passdb: Simplify sids_to_unixids() via 80c8c8552ed VERSION: Enable GIT_SNAPSHOT. via 70a4b0269e9 VERSION: Bump version up to 4.12.15... from 94c36535bfd WHATSNEW: Add release notes for Samba 4.12.14. https://git.samba.org/?p=samba.git;a=shortlog;h=v4-12-stable - Log - commit 703c6301013f78e80882abfe8375d6a45a176b7f Author: Karolin Seeger Date: Mon Apr 26 13:38:31 2021 +0200 VERSION: Disable GIT_SNAPSHOT for the 4.12.15 release. BUG 14571: CVE-2021-20254: Buffer overrun in sids_to_unixids(). Signed-off-by: Karolin Seeger commit 05214a2486061a3bf6c06a70a2016a2994bb37e3 Author: Karolin Seeger Date: Mon Apr 26 13:37:22 2021 +0200 WHATSNEW: Add release notes for Samba 4.12.15. Signed-off-by: Karolin Seeger commit 6a6a33274c0829bb48c280f65c06213a185bee81 Author: Volker Lendecke Date: Sat Feb 20 15:50:12 2021 +0100 CVE-2021-20254 passdb: Simplify sids_to_unixids() Best reviewed with "git show -b", there's a "continue" statement that changes subsequent indentation. Decouple lookup status of ids from ID_TYPE_NOT_SPECIFIED Bug: https://bugzilla.samba.org/show_bug.cgi?id=14571 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison (backported from patch from master) [backport by npo...@samba.org as master commit 493f5d6b078e0b0f80d1ef25043e2834cb4fcb87 and 58e9b6ad62c81cdf11d704859a227cb2902b creates conflicts due to rename of WBC_ID_TYPE_* -> ID_TYPE_*] [backport by j...@samba.org to work around a compiler bug showing this error on gcc 5.6 -> 6.x, seen on Debian 9 and Ubuntu 16.04 under -O3: ../../source3/passdb/lookup_sid.c:1246:6: error: assuming pointer wraparound does not occur when comparing P +- C1 with P +- C2 [-Werror=strict-overflow]] commit 80c8c8552ed7522fadad7a861fda6594b47d02fa Author: Karolin Seeger Date: Mon Apr 26 13:20:37 2021 +0200 VERSION: Enable GIT_SNAPSHOT. Signed-off-by: Karolin Seeger commit 70a4b0269e9573560d319591813f4e5ee4513fa2 Author: Stefan Metzmacher Date: Wed Mar 24 11:32:11 2021 +0100 VERSION: Bump version up to 4.12.15... GIT_SNAPSHOT is already 'yes'. Signed-off-by: Stefan Metzmacher (cherry picked from commit deb7b32b4372625211a4d6ba26e3d00223e903ca) --- Summary of changes: VERSION | 2 +- WHATSNEW.txt| 68 - source3/passdb/lookup_sid.c | 140 +--- 3 files changed, 185 insertions(+), 25 deletions(-) Changeset truncated at 500 lines: diff --git a/VERSION b/VERSION index b3cc915133d..01596d8c954 100644 --- a/VERSION +++ b/VERSION @@ -25,7 +25,7 @@ SAMBA_VERSION_MAJOR=4 SAMBA_VERSION_MINOR=12 -SAMBA_VERSION_RELEASE=14 +SAMBA_VERSION_RELEASE=15 # If a official release has a serious bug # diff --git a/WHATSNEW.txt b/WHATSNEW.txt index f3c64a7050c..d77b074f2a7 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,3 +1,68 @@ + === + Release Notes for Samba 4.12.15 + April 29, 2021 + === + + +This is a security release in order to address the following defect: + +o CVE-2021-20254: Negative idmap cache entries can cause incorrect group entries + in the Samba file server process token. + + +=== +Details +=== + +o CVE-2021-20254: + The Samba smbd file server must map Windows group identities (SIDs) into unix + group ids (gids). The code that performs this had a flaw that could allow it + to read data beyond the end of the array in the case where a negative cache + entry had been added to the mapping cache. This could cause the calling code + to return those values into the process token that stores the group + membership for a user. + + Most commonly this flaw caused the calling code to crash, but an alert user + (Peter Eriksson, IT Department, Linköping University) found this flaw by + noticing an unprivileged user was able to delete a file within a network + share that they should have been disallowed access to. + + Analysis of the code paths has not allowed us to discover a way for a + remote user to be able to trigger this flaw reproducibly or on demand, + but this CVE has been issued out of an abundance of caution. + + +Changes since 4.12.14 +- + +o Volker Lendecke
[SCM] Samba Shared Repository - branch v4-12-stable updated
The branch, v4-12-stable has been updated via 94c36535bfd WHATSNEW: Add release notes for Samba 4.12.14. from c7627de2c65 VERSION: Bump version for Samba 4.12.14 release. https://git.samba.org/?p=samba.git;a=shortlog;h=v4-12-stable - Log - commit 94c36535bfd4d25654cea80e1296a78f22cc2e71 Author: Karolin Seeger Date: Wed Mar 24 11:15:31 2021 +0100 WHATSNEW: Add release notes for Samba 4.12.14. Signed-off-by: Karolin Seeger --- Summary of changes: WHATSNEW.txt | 64 ++-- 1 file changed, 62 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 21db21b8de0..f3c64a7050c 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,3 +1,64 @@ + === + Release Notes for Samba 4.12.14 + March 24, 2021 + === + + +This is a follow-up release to depend on the correct ldb version. This is only +needed when building against a system ldb library. + +This is a security release in order to address the following defects: + +o CVE-2020-27840: Heap corruption via crafted DN strings. +o CVE-2021-20277: Out of bounds read in AD DC LDAP server. + + +=== +Details +=== + +o CVE-2020-27840: + An anonymous attacker can crash the Samba AD DC LDAP server by sending easily + crafted DNs as part of a bind request. More serious heap corruption is likely + also possible. + +o CVE-2021-20277: + User-controlled LDAP filter strings against the AD DC LDAP server may crash + the LDAP server. + +For more details, please refer to the security advisories. + + +Changes since 4.12.13 +- + +o Release with dependency on ldb version 2.1.5. + + +### +Reporting bugs & Development Discussion +### + +Please discuss this release on the samba-technical mailing list or by +joining the #samba-technical IRC channel on irc.freenode.net. + +If you do report problems then please try to send high quality +feedback. If you don't provide vital information to help us track down +the problem then you will probably be ignored. All bug reports should +be filed under the Samba 4.1 and newer product in the project's Bugzilla +database (https://bugzilla.samba.org/). + + +== +== Our Code, Our Bugs, Our Responsibility. +== The Samba Team +== + + +Release notes for older releases follow: + + + === Release Notes for Samba 4.12.13 March 24, 2021 @@ -58,8 +119,7 @@ database (https://bugzilla.samba.org/). == -Release notes for older releases follow: - +-- === -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-12-stable updated
The branch, v4-12-stable has been updated via c7627de2c65 VERSION: Bump version for Samba 4.12.14 release. via 6e82957b969 ldb: version 2.1.5 from bb2f64babf1 VERSION: Disable GIT_SNAPSHOT for the Samba 4.12.13 release. https://git.samba.org/?p=samba.git;a=shortlog;h=v4-12-stable - Log - commit c7627de2c654eee34126011f3fe5174b6143486d Author: Stefan Metzmacher Date: Wed Mar 24 10:24:47 2021 +0100 VERSION: Bump version for Samba 4.12.14 release. o BUG #14595: CVE-2020-27840: Heap corruption via crafted DN strings. o BUG #14655: CVE-2021-20277: Out of bounds read in AD DC LDAP server. Note this is exactly the same as 4.12.13, except that it has a dependency on ldb version 2.1.5, which is needed if someone builds against a system libldb. Signed-off-by: Stefan Metzmacher Signed-off-by: Karolin Seeger commit 6e82957b969036fc4670d2d7e500c09e5b880112 Author: Stefan Metzmacher Date: Wed Mar 24 10:19:53 2021 +0100 ldb: version 2.1.5 o BUG #14595: CVE-2020-27840: Heap corruption via crafted DN strings. o BUG #14655: CVE-2021-20277: Out of bounds read in AD DC LDAP server. Signed-off-by: Stefan Metzmacher Signed-off-by: Karolin Seeger --- Summary of changes: VERSION | 2 +- lib/ldb/ABI/{ldb-2.0.5.sigs => ldb-2.1.5.sigs} | 0 lib/ldb/ABI/{pyldb-util-2.1.0.sigs => pyldb-util-2.1.5.sigs} | 0 lib/ldb/wscript | 2 +- 4 files changed, 2 insertions(+), 2 deletions(-) copy lib/ldb/ABI/{ldb-2.0.5.sigs => ldb-2.1.5.sigs} (100%) copy lib/ldb/ABI/{pyldb-util-2.1.0.sigs => pyldb-util-2.1.5.sigs} (100%) Changeset truncated at 500 lines: diff --git a/VERSION b/VERSION index 94138794cdc..b3cc915133d 100644 --- a/VERSION +++ b/VERSION @@ -25,7 +25,7 @@ SAMBA_VERSION_MAJOR=4 SAMBA_VERSION_MINOR=12 -SAMBA_VERSION_RELEASE=13 +SAMBA_VERSION_RELEASE=14 # If a official release has a serious bug # diff --git a/lib/ldb/ABI/ldb-2.0.5.sigs b/lib/ldb/ABI/ldb-2.1.5.sigs similarity index 100% copy from lib/ldb/ABI/ldb-2.0.5.sigs copy to lib/ldb/ABI/ldb-2.1.5.sigs diff --git a/lib/ldb/ABI/pyldb-util-2.1.0.sigs b/lib/ldb/ABI/pyldb-util-2.1.5.sigs similarity index 100% copy from lib/ldb/ABI/pyldb-util-2.1.0.sigs copy to lib/ldb/ABI/pyldb-util-2.1.5.sigs diff --git a/lib/ldb/wscript b/lib/ldb/wscript index 33265da373a..493fd7c5d77 100644 --- a/lib/ldb/wscript +++ b/lib/ldb/wscript @@ -1,7 +1,7 @@ #!/usr/bin/env python APPNAME = 'ldb' -VERSION = '2.1.4' +VERSION = '2.1.5' import sys, os -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-12-stable updated
The branch, v4-12-stable has been updated via bb2f64babf1 VERSION: Disable GIT_SNAPSHOT for the Samba 4.12.13 release. via 48b89864efa WHATSNEW: Add release notes for Samba 4.12.13. via 4d40e9ce9c7 CVE-2020-27840: pytests: move Dn.validate test to ldb via 4caf1ebc7a0 CVE-2020-27840 ldb_dn: avoid head corruption in ldb_dn_explode via d59379853d8 CVE-2020-27840: pytests:segfault: add ldb.Dn validate test via 719c8484bf5 CVE-2021-20277 ldb/attrib_handlers casefold: stay in bounds via 93d0e1cbc27 CVE-2021-20277 ldb: Remove tests from ldb_match_test that do not pass via bc967501aeb CVE-2021-20277 ldb tests: ldb_match tests with extra spaces via c99c29e1e34 ldb: add tests for ldb_wildcard_compare via 0f911f85a8e WHATSNEW: Fix typo. via 1965283812e VERSION: Bump version up to 4.12.13... from f8b775d9620 VERSION: Disable GIT_SNAPSHOT for the 4.12.12 release. https://git.samba.org/?p=samba.git;a=shortlog;h=v4-12-stable - Log - commit bb2f64babf1a2bfb780d0325e859f796d0ce1647 Author: Karolin Seeger Date: Tue Mar 23 11:11:31 2021 +0100 VERSION: Disable GIT_SNAPSHOT for the Samba 4.12.13 release. o BUG #14595: CVE-2020-27840: Heap corruption via crafted DN strings. o BUG #14655: CVE-2021-20277: Out of bounds read in AD DC LDAP server. Signed-off-by: Karolin Seeger commit 48b89864efa1176703774c54e1fb220f9827e934 Author: Karolin Seeger Date: Tue Mar 23 11:10:55 2021 +0100 WHATSNEW: Add release notes for Samba 4.12.13. Signed-off-by: Karolin Seeger commit 4d40e9ce9c7c36d8cd07cc79440811f97428bb80 Author: Douglas Bagnall Date: Thu Feb 11 16:28:43 2021 +1300 CVE-2020-27840: pytests: move Dn.validate test to ldb We had the test in the Samba Python segfault suite because a) the signal catching infrastructure was there, and b) the ldb tests lack Samba's knownfail mechanism, which allowed us to assert the failure. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14595 Signed-off-by: Douglas Bagnall Reviewed-by: Andrew Bartlett commit 4caf1ebc7a09d2743757da31db7e88b0321a3533 Author: Douglas Bagnall Date: Fri Dec 11 16:32:25 2020 +1300 CVE-2020-27840 ldb_dn: avoid head corruption in ldb_dn_explode A DN string with lots of trailing space can cause ldb_dn_explode() to put a zero byte in the wrong place in the heap. When a DN string has a value represented with trailing spaces, like this "CN=foo ,DC=bar" the whitespace is supposed to be ignored. We keep track of this in the `t` pointer, which is NULL when we are not walking through trailing spaces, and points to the first space when we are. We are walking with the `p` pointer, writing the value to `d`, and keeping the length in `l`. "CN=foo ,DC= " ==> "foo " ^ ^ ^ t p d --l--- The value is finished when we encounter a comma or the end of the string. If `t` is not NULL at that point, we assume there are trailing spaces and wind `d and `l` back by the correct amount. Then we switch to expecting an attribute name (e.g. "CN"), until we get to an "=", which puts us back into looking for a value. Unfortunately, we forget to immediately tell `t` that we'd finished the last value, we can end up like this: "CN=foo ,DC= " ==>"" ^ ^^ t pd l=0 where `p` is pointing to a new value that contains only spaces, while `t` is still referring to the old value. `p` notices the value ends, and we subtract `p - t` from `d`: "CN=foo ,DC= " ==> ? "" ^ ^^ t pd l ~= SIZE_MAX - 8 At that point `d` wants to terminate its string with a '\0', but instead it terminates someone else's byte. This does not crash if the number of trailing spaces is small, as `d` will point into a previous value (a copy of "foo" in this example). Corrupting that value will ultimately not matter, as we will soon try to allocate a buffer `l` long, which will be greater than the available memory and the whole operation will fail properly. However, with more spaces, `d` will point into memory before the beginning of the allocated buffer, with the exact offset depending on the length of the earlier attributes and the number of spaces. What about a longer DN with more attributes? For example, "CN=foo ,DC= ,DC=example,DC=com" -- sinc
[SCM] Samba Shared Repository - branch v4-12-stable updated
The branch, v4-12-stable has been updated via f8b775d9620 VERSION: Disable GIT_SNAPSHOT for the 4.12.12 release. via f0aa59ea0a9 WHATSNEW: Add release notes for Samba 4.12.12. via 8e1fe1eba3a Revert "wscript: use --as-needed only if tested successfully" via 5dd17586cd6 g_lock: Fix uninitalized variable reads via df832cb62c0 locking: Fix an uninitialized variable read via 88ee4160e88 s3:modules:vfs_virusfilter: Recent talloc changes cause infinite start-up failure via c63f00801ca wscript: use --as-needed only if tested successfully via 1c37606163e s3: VFS: nfs4_acls. Add missing TALLOC_FREE(frame) in error path. via bebe69c3525 script/autobuild.py: let cleanup() ignore errors from rmdir_force() by default via 00df0473da5 script/autobuild.py: split out a rmdir_force() helper function via f31f1e75d7f script/autobuild.py: allow write_system_info commands to fail via a4ab7d474f2 script/autobuild.py: use more portable 'cp -R -a -l' via 833739c1e8f script/autobuild.py: add support git worktree via 237a51d926e classicupgrade: treat old never expires value right via 6382ca85682 s3:pysmbd: fix fd leak in py_smbd_create_file() via e80ef35f935 HEIMDAL: krb5_storage_free(NULL) should work via 40e503732dc lib:util: Avoid free'ing our own pointer via 65b3648c553 lib:util: Add cache oversize test for memcache via a658dd19627 lib:util: Add basic memcache unit test via 6e6aa90b87b s3: libsmb: cli_state_save_tcon(). Don't deepcopy tcon struct when temporarily swapping out a connection on a cli_state. via bab7f2ae28e s3: torture: Change the SMB1-only UID-REGRESSION-TEST to do an explicit copy of the tcon struct in use. via a19f94c644d s3: smbtorture3: Ensure run_tcon_test() always replaces any saved tcon and shuts down correctly even in error paths. via 80d2c3e4725 s3: smbtorture3: Ensure we *always* replace the saved saved_tcon even in an error condition. via a00ff434515 s3: tests: Add regression test for bug 13992. via 8c846741a45 s3/auth: implement "winbind:ignore domains" via 7362b5b31cd winbind: check for allowed domains in winbindd_pam_auth_pac_verify() via 3505998d0a7 winbind: check for allowed domains in winbindd_dual_pam_chauthtok() via cf410814e25 winbind: check for allowed domains in winbindd_dual_pam_chng_pswd_auth_crap() via 2a73dfcf27a winbind: check for allowed domains in winbindd_dual_pam_auth_crap() via 56d9705ca76 winbind: check for allowed domains in winbindd_dual_pam_auth() via f3c47cdc1d3 winbind: move "winbind:ignore domain" logic to a seperate function via 6b9669863b8 winbind: handle MSG_SMB_CONF_UPDATED in the winbinds children via 32c2b3cf610 winbind: set logfile after reloading config via aaa8dac1550 winbind: move config-reloading code to winbindd_dual.c via e9700e67719 script/release.sh: always select the GPG key by it's ID via baea20039ab ReleaseKey: add GnuPG key transition statement for the Samba release key via 9d4a5c8fe97 script/release.sh: Use new GPG key. via 50c2ea410b4 s3: smbd: Add call to conn_setup_case_options() to create_conn_struct_as_root(). via d89ccfc1c7d s3: smbd: Factor out setting up case parameters for a share to a function - conn_setup_case_options(). via 7ec45672a30 build: remove smbd_conn private library via 552548ff00e libcli/smb: allow unexpected padding in SMB2 IOCTL responses via c0a7b8c7bd2 libcli/smb: split out smb2cli_ioctl_parse_buffer() via a5efe544353 libcli/smb: Allow smb2cli_validate_negotiate_info_done() to ignore NT_STATUS_INVALID_PARAMETER. via 2f8b1fb8aec libcli/smb: Change some checks to SMB_ASSERTS via f972e3a70c2 WHATSNEW: Remove superfluous line. via 5d5ab7c50ed VERSION: Bump version up to 4.12.12... from 34813fdbf9a VERSION: Disable GIT_SNAPSHOT for the 4.12.11 release. https://git.samba.org/?p=samba.git;a=shortlog;h=v4-12-stable - Log - --- Summary of changes: GPG_AA99442FB680B620_replaces_6F33915B6568B7EA.txt | 27 +++ VERSION| 2 +- WHATSNEW.txt | 77 +++- lib/util/memcache.c| 19 +- lib/util/tests/test_memcache.c | 161 lib/util/wscript_build | 8 +- libcli/smb/smb2_signing.c | 9 +- libcli/smb/smb2cli_ioctl.c | 207 + libcli/smb/smbXcli_base.c | 25 +++ python/samba/upgrade.py| 2 +- script/autobuild.py
[SCM] Samba Shared Repository - branch v4-12-stable updated
The branch, v4-12-stable has been updated via 34813fdbf9a VERSION: Disable GIT_SNAPSHOT for the 4.12.11 release. via c146eae3b4f WHATSNEW: Add release notes for Samba 4.11.11. via 121fbf80523 vfs_fruit: fix close for fake_fd via 8a77dcd6935 vfs_fruit: check fake_fd in fruit_pread_meta_stream() via 00b37ef3cdf vfs_fruit: use "fake_fd" instead of "created" via 1bd5ffc109b vfs_streams_xattr: make use of vfs_fake_fd_close() via cbdd15c13aa vfs_fruit: make use of vfs_fake_fd_close() via 83bd07f3806 s3:smbd: add vfs_fake_fd_close() helper via 6da2e77cf81 s3:lib: Create the cache path of user gencache recursively via 83e0a8cdd13 lib:util: Add directory_create_or_exists_recursive() via 6adf3619069 vfs_virusfilter: Allocate separate memory for config char* via 578c5805ac7 Do not create an empty DB when accessing a sam.ldb via 9b5dd480590 bootstrap: Cope with case changes in CentOS 8 repo names via d24a1173c9a lib: Avoid declaring zero-length VLAs in various messaging functions via 86d4448396b vfs_zfsacl: add missing inherited flag on hidden "magic" everyone@ ACE via eaa736faf67 vfs_zfsacl: reformatting via 20480f70ce0 s4/samba: call force_check_log_size() in standard_new_task() via 91f2f2dedb7 s4/samba: call force_check_log_size() in standard_accept_connection() via 4e6fdf5d8d9 s4/samba: call force_check_log_size() in prefork_reload_after_fork() via b50ef6fa897 s4: call reopen_logs_internal() in the SIGHUP handler of the prefork process model via 1a6f2871036 s4: replace low-level SIGUP handler with a tevent handler via 7299ebb1215 s4: install tevent tracing hooks to trigger logfile rotation via 5b838f5075c s4: add samba server tevent trace helper stuff via 6c881025bfa debug: detect logrotation by checking inode number via 5cd1e3c5a4a debug: pass struct debug_class *config to do_one_check_log_size() via f6bd782cb3b debug: pass struct debug_class *config to reopen_one_log() via ccf971eef5c loadparm: setup debug subsystem setting max_log_size from config via a30aaa499db s3: smbd: Quiet log messages from usershares for an unknown share. via ece3c53 vfs_glusterfs: print exact cmdline for disabling write-behind translator via 9bcd19c42ae manpages/vfs_glusterfs: Mention silent skipping of write-behind translator via b3665f70109 vfs_shadow_copy2: Preserve all open flags assuming ROFS via 58eaf85bd92 s3: spoolss: Make parameters in call to user_ok_token() match all other uses. via dcce5e5bf67 s3: smbd: Don't overwrite contents of fsp->aio_requests[0] with NULL via TALLOC_FREE(). via 4873f377e75 interface: fix if_index is not parsed correctly via a6782e76046 s3: modules: gluster. Fix the error I made in preventing talloc leaks from a function. via 8136ade13f8 libcli: smb2: Never print length if smb2_signing_key_valid() fails for crypto blob. via 9215dc9dc69 s3-vfs_glusterfs: always disable write-behind translator via 15c35524a27 VERSION: Bump version up to 4.12.11... from e608cffa870 VERSION: Disable GIT_SNAPSHOT for the 4.12.10 release. https://git.samba.org/?p=samba.git;a=shortlog;h=v4-12-stable - Log - --- Summary of changes: .gitlab-ci.yml | 2 +- VERSION| 2 +- WHATSNEW.txt | 93 +++- bootstrap/config.py| 3 +- bootstrap/generated-dists/centos8/bootstrap.sh | 3 +- bootstrap/sha1sum.txt | 2 +- docs-xml/manpages/vfs_glusterfs.8.xml | 9 ++ lib/param/loadparm.c | 1 + lib/util/debug.c | 63 +++ lib/util/samba_util.h | 14 +++ lib/util/tests/test_util.c | 118 +++-- lib/util/util.c| 40 +++ libcli/smb/smb2_signing.c | 9 +- source3/lib/gencache.c | 2 +- source3/lib/interface.c| 2 +- source3/lib/messages.c | 6 +- source3/modules/vfs_fruit.c| 34 +++--- source3/modules/vfs_glusterfs.c| 47 +--- source3/modules/vfs_shadow_copy2.c | 4 +- source3/modules/vfs_streams_xattr.c| 4 +- source3/modules/vfs_virusfilter.c | 66 ++-- source3/modules/vfs_zfsacl.c | 6 +- source3/param/loadparm.c |
[SCM] Samba Shared Repository - branch v4-12-stable updated
The branch, v4-12-stable has been updated via e608cffa870 VERSION: Disable GIT_SNAPSHOT for the 4.12.10 release. via 3f64827fdb9 WHATSNEW: Add release notes for Samba 4.12.10. via 5d78ec76c86 s3: modules: vfs_glusterfs: Fix leak of char **lines onto mem_ctx on return. via 329c95136ff s3-vfs_glusterfs: refuse connection when write-behind xlator is present via 00040999380 docs-xml/manpages: Add warning about write-behind translator for vfs_glusterfs via 7e955ca5cf9 ctdb-common: Avoid aliasing errors during code optimization via e1f7e422bd5 vfs_zfsacl: only grant DELETE_CHILD if ACL tag is special via e14dfa439e7 vfs_zfsacl: use a helper variable in zfs_get_nt_acl_common() via b260c3003bb vfs_zfsacl: README.Coding fix via 1bf997aa244 vfs_zfsacl: Add new parameter to stop automatic addition of special entries via 78d843f4362 vfs_zfsacl: use handle based facl() call to query ZFS filesytem ACL via fe842a5412a smb.conf.5: add clarification how configuration changes reflected by Samba via 2b4c9b9baca VERSION: Bump version up to 4.12.10. via fe8d38f49e6 Merge tag 'samba-4.12.9' into v4-12-test via ae4d3932cfb docs: fix default value of spoolss:architecture via c3c95e07443 winexe: add configure option to control whether to build it (default: auto) via fd5ef942bad provision: BIND 9.17.x is not supported via 8a7fc998f09 provision: Add support for BIND 9.16.x via 7336a1c6755 bind9-dlz: Add support for BIND 9.16.x via 4ab29fb056a provision: BIND 9.15.x is not supported via 55d1f4e9f5e provision: Add support for BIND 9.14.x via 5400b928d42 bind9-dlz: Add support for BIND 9.14.x via 49eaec78a0b provision: BIND 9.13.x is not supported via 4cbeb5ca3c3 bind9-dlz: Bind 9.13.x switched to using bool as isc_boolean_t instead of int. via d5933bfdee2 nsswitch/nsstest.c: Avoid nss function conflicts with glibc nss.h via a127fb862b6 s4:dsdb:acl_read: Implement "List Object" mode feature via 66e64bf9a61 s4:dsdb:util: add dsdb_do_list_object() helper via 6073edb8c08 s4:dsdb:acl_read: defer LDB_ERR_NO_SUCH_OBJECT via 376fd7e1c0f s4:dsdb:acl_read: make use of aclread_check_object_visible() for the search base via f6af56ad68a s4:dsdb:acl_read: fully set up 'struct aclread_context' before the search base acl check via c1df795199c s4:dsdb:acl_read: introduce aclread_check_object_visible() helper via 1da871f7f24 s4:dsdb:tests: add AclVisibiltyTests via 62f7642b073 python/tests: add DynamicTestCase setUpDynamicTestCases() infrastructure via 3a1d5236678 ctdb-tests: Strengthen node state checking in ctdb disable/enable test via 3a4def14560 ctdb-recoverd: Drop unnecessary and broken code via 91a8a9a9850 ctdb-recoverd: Drop unnecessary code via f4ce7990607 VERSION: Bump version up to 4.12.9... from 43c7685056d VERSION: Disable GIT_SNAPSHOT for Samba 4.12.9. https://git.samba.org/?p=samba.git;a=shortlog;h=v4-12-stable - Log - --- Summary of changes: VERSION| 2 +- WHATSNEW.txt | 99 ++- ctdb/common/system_socket.c| 31 +- ctdb/server/ctdb_recoverd.c| 61 .../failover/pubips.030.disable_enable.sh | 4 +- docs-xml/manpages/nmbd.8.xml | 10 +- docs-xml/manpages/smb.conf.5.xml | 30 ++ docs-xml/manpages/smbd.8.xml | 13 +- docs-xml/manpages/vfs_glusterfs.8.xml | 22 ++ docs-xml/manpages/vfs_zfsacl.8.xml | 20 ++ docs-xml/manpages/winbindd.8.xml | 7 +- .../smbdotconf/printing/spoolssarchitecture.xml| 4 +- examples/winexe/wscript_build | 3 +- nsswitch/nsstest.c | 16 +- python/samba/provision/sambadns.py | 17 +- python/samba/tests/__init__.py | 27 ++ source3/modules/vfs_glusterfs.c| 91 ++ source3/modules/vfs_zfsacl.c | 203 ++--- source3/wscript| 17 ++ source4/dns_server/dlz_minimal.h | 24 +- source4/dns_server/wscript_build | 20 ++ source4/dsdb/samdb/ldb_modules/acl_read.c | 185 +--- source4/dsdb/samdb/ldb_modules/util.c | 21 ++ source4/dsdb/tests/python/acl.py | 321 - source4/selftest/tests.py | 2 +- source4/setup/named.conf.dlz | 6 + 26 files changed, 1076 insertions(+), 180 de
[SCM] Samba Shared Repository - branch v4-12-stable updated
The branch, v4-12-stable has been updated via 43c7685056d VERSION: Disable GIT_SNAPSHOT for Samba 4.12.9. via ba904c6999f WHATSNEW: Add release notes for Samba 4.12.9. via 425c31a599b CVE-2020-14383: s4/dns: do not crash when additional data not found via 2d7d1dff7d2 CVE-2020-14383: s4/dns: Ensure variable initialization with NULL. via d0ca2a63aae CVE-2020-14323 torture4: Add a simple test for invalid lookup_sids winbind call via f17967ad73e CVE-2020-14323 winbind: Fix invalid lookupsids DoS via f43ecce46a8 s3: smbd: Ensure change notifies can't get set unless the directory handle is open for SEC_DIR_LIST. via f100bd2f2e4 s4: torture: Add smb2.notify.handle-permissions test. via 2641a2e7d54 VERSION: Bump version up to 4.12.9... from 911e11ad4e3 VERSION: Disable GIT_SNAPSHOT for the 4.12.8 release. https://git.samba.org/?p=samba.git;a=shortlog;h=v4-12-stable - Log - commit 43c7685056db075f095676873a31d46a0c47a654 Author: Karolin Seeger Date: Tue Oct 27 12:24:47 2020 +0100 VERSION: Disable GIT_SNAPSHOT for Samba 4.12.9. o CVE-2020-14318: Missing handle permissions check in SMB1/2/3 ChangeNotify. o CVE-2020-14323: Unprivileged user can crash winbind. o CVE-2020-14383: An authenticated user can crash the DCE/RPC DNS with easily crafted records. Signed-off-by: Karolin Seeger commit ba904c6999f6695f3f21c0c540f2a828da8a2601 Author: Karolin Seeger Date: Tue Oct 27 12:24:13 2020 +0100 WHATSNEW: Add release notes for Samba 4.12.9. Signed-off-by: Karolin Seeger commit 425c31a599bb96c7d01273fc50b682bc42dbed57 Author: Douglas Bagnall Date: Fri Aug 21 17:23:17 2020 +1200 CVE-2020-14383: s4/dns: do not crash when additional data not found Found by Francis Brosnan Blázquez . BUG: https://bugzilla.samba.org/show_bug.cgi?id=14472 BUG: https://bugzilla.samba.org/show_bug.cgi?id=12795 Signed-off-by: Douglas Bagnall Reviewed-by: Jeremy Allison Autobuild-User(master): Douglas Bagnall Autobuild-Date(master): Mon Aug 24 00:21:41 UTC 2020 on sn-devel-184 (based on commit df98e7db04c901259dd089e20cd557bdbdeaf379) commit 2d7d1dff7d20d5b06ff50452e7f714af9f6a109e Author: Douglas Bagnall Date: Fri Aug 21 17:10:22 2020 +1200 CVE-2020-14383: s4/dns: Ensure variable initialization with NULL. Based on patches from Francis Brosnan Blázquez and Jeremy Allison BUG: https://bugzilla.samba.org/show_bug.cgi?id=14472 BUG: https://bugzilla.samba.org/show_bug.cgi?id=12795 Signed-off-by: Douglas Bagnall Reviewed-by: Jeremy Allison (based on commit 7afe449e7201be92bed8e53cbb37b74af720ef4e) commit d0ca2a63aaedf123205337aaa211426175ffcebf Author: Volker Lendecke Date: Thu Jul 9 21:48:57 2020 +0200 CVE-2020-14323 torture4: Add a simple test for invalid lookup_sids winbind call We can't add this test before the fix, add it to knownfail and have the fix remove the knownfail entry again. As this crashes winbind, many tests after this one will fail. Reported by Bas Alberts of the GitHub Security Lab Team as GHSL-2020-134 Bug: https://bugzilla.samba.org/show_bug.cgi?id=14436 Signed-off-by: Volker Lendecke commit f17967ad73e9c1d2bd6e0b7c181f08079d2a8214 Author: Volker Lendecke Date: Thu Jul 9 21:49:25 2020 +0200 CVE-2020-14323 winbind: Fix invalid lookupsids DoS A lookupsids request without extra_data will lead to "state->domain==NULL", which makes winbindd_lookupsids_recv trying to dereference it. Reported by Bas Alberts of the GitHub Security Lab Team as GHSL-2020-134 Bug: https://bugzilla.samba.org/show_bug.cgi?id=14436 Signed-off-by: Volker Lendecke commit f43ecce46a89c6380317fbb5f2ae38f48d3d42c8 Author: Jeremy Allison Date: Tue Jul 7 18:25:23 2020 -0700 s3: smbd: Ensure change notifies can't get set unless the directory handle is open for SEC_DIR_LIST. Remove knownfail entry. CVE-2020-14318 BUG: https://bugzilla.samba.org/show_bug.cgi?id=14434 Signed-off-by: Jeremy Allison commit f100bd2f2e4f047942002a992c99104227a17f81 Author: Jeremy Allison Date: Fri Jul 10 15:09:33 2020 -0700 s4: torture: Add smb2.notify.handle-permissions test. Add knownfail entry. CVE-2020-14318 BUG: https://bugzilla.samba.org/show_bug.cgi?id=14434 Signed-off-by: Jeremy Allison commit 2641a2e7d5416632be2de916663e6c262c417775 Author: Karolin Seeger Date: Wed Oct 7 10:13:02 2020 +0200 VERSION: Bump version up to 4.12.9... and re-enable GIT_SNAPSHOT. Signed-off-by: Karolin Seeger --- Summary of changes: VERSION | 2 +-
[SCM] Samba Shared Repository - branch v4-12-stable updated
The branch, v4-12-stable has been updated via 911e11ad4e3 VERSION: Disable GIT_SNAPSHOT for the 4.12.8 release. via 1a216673b61 WHATSNEW: Add release notes for Samba 4.12.8. via 3af0ca2ee90 winbind: Fix a memleak via ba63dd8867f VERSION: Bump version up to 4.12.8... via 155e6c0b855 Merge tag 'samba-4.12.7' into v4-12-test via 02ee82f6e4d waf: Only use gnutls_aead_cipher_encryptv2() for GnuTLS > 3.6.14 via 60ddb7b2007 s3:smbd: Fix %U substitutions if it contains a domain name via 20d3cf455c6 s3:tests: Add test for 'valid users = DOMAIN\%U' via 2207bc89005 lib/replace: move lib/replace/closefrom.c from ROKEN_HOSTCC_SOURCE to REPLACE_HOSTCC_SOURCE via ea7c6bc9769 tldap: Receiving "msgid == 0" means the connection is dead via ffb843f1f6b test: Test winbind idmap_ad ticket expiry behaviour via 02a5b62be8d idmap_ad: Pass tldap debug messages on to DEBUG() via 96a67ce2b2f tldap: Add PRINTF_ATTRIBUTE declaration to tldap_debug() via 5db438e2263 tldap: Make sure all requests are cancelled on rundown via f83e351bafb tldap: Centralize connection rundown on error via 586f7b2 tldap: Maintain the ldap read request in tldap_context via 49afb56d4ad tldap: Always remove ourselves from ld->pending at cleanup time via 334152a291b tldap: Fix tldap_msg_received() via 2eef42e6908 tldap: Only free() ld->pending if "req" is part of it via a8dfc1ad59f ldap_server: Terminate LDAP connections on krb ticket expiry via 6026130628e ldap_server: Add the krb5 expiry to conn->limits via a15c4c5903c torture: Test ldap session expiry via 0f5759f7561 build: Wrap a long line via 4955925e912 ctdb-recoverd: Rename update_local_flags() -> update_flags() via 087f8868209 ctdb-recoverd: Change update_local_flags() to use already retrieved nodemaps via 99441077417 ctdb-recoverd: Get remote nodemaps earlier via 4820778cfbe ctdb-recoverd: Do not fetch the nodemap from the recovery master via 4c5fde56c30 ctdb-recoverd: Change get_remote_nodemaps() to use connected nodes via 4aae8adc718 ctdb-recoverd: Fix node_pnn check and assignment of nodemap into array via ad9780853ed ctdb-recoverd: Add fail callback to assign banning credits via db34c22ab12 ctdb-recoverd: Add an intermediate state struct for nodemap fetching via d360401282d ctdb-recoverd: Move memory allocation into get_remote_nodemaps() via bedd92b813c ctdb-recoverd: Change signature of get_remote_nodemaps() via 3b35541c13d ctdb-recoverd: Fix a local memory leak via 828807f52d3 ctdb-recoverd: Basic cleanups for get_remote_nodemaps() via 5f0f32ab639 ctdb-recoverd: Simplify calculation of new flags via 442d6b0b66e ctdb-recoverd: Correctly find nodemap entry for pnn via b3a3eeb4ba8 ctdb-recoverd: Do not retrieve nodemap from recovery master via fc489e5deaf ctdb-recoverd: Flatten update_flags_on_all_nodes() via 32dfcdb1bc4 ctdb-recoverd: Move ctdb_ctrl_modflags() to ctdb_recoverd.c via ba505c32e96 ctdb-recoverd: Improve a call to update_flags_on_all_nodes() via 90db66414a0 ctdb-recoverd: Use update_flags_on_all_nodes() via f96017bddcc ctdb-recoverd: Introduce some local variables to improve readability via e22268a7d7d ctdb-recoverd: Change update_flags_on_all_nodes() to take rec argument via 878c3b49f62 ctdb-recoverd: Drop unused nodemap argument from update_flags_on_all_nodes() via debb98b55a2 docs: Add missing winexe manpage via 492213aff41 util: Add cmocka unit test for directory_create_or_exists via 0797eef2901 util: Allow symlinks in directory_create_or_exist from 356c036ef15 VERSION: Disable GIT_SNAPSHOT for 4.12.7 release. https://git.samba.org/?p=samba.git;a=shortlog;h=v4-12-stable - Log - --- Summary of changes: VERSION| 2 +- WHATSNEW.txt | 68 +++- ctdb/include/ctdb_client.h | 5 - ctdb/server/ctdb_client.c | 65 --- ctdb/server/ctdb_recoverd.c| 264 - docs-xml/manpages/winexe.1.xml | 184 docs-xml/wscript_build | 5 + lib/replace/wscript| 3 + lib/util/tests/test_util.c | 234 + lib/util/util.c| 18 +- lib/util/wscript_build | 6 + nsswitch/tests/test_ticket_expiry.sh | 74 selftest/target/Samba3.pm | 5 + selftest/target/Samba4.pm | 6 +- selftest/tests.py
[SCM] Samba Shared Repository - branch v4-12-stable updated
The branch, v4-12-stable has been updated via 356c036ef15 VERSION: Disable GIT_SNAPSHOT for 4.12.7 release. via 527a5df295d WHATSNEW: Add release notes for Samba 4.12.7. via 04d316f3d51 CVE-2020-1472(ZeroLogon): s4 torture rpc: repeated bytes in client challenge via 3eeb5671b80 CVE-2020-1472(ZeroLogon): s4 torture rpc: Test empty machine acct pwd via 512060e37ee CVE-2020-1472(ZeroLogon): docs-xml: document 'server require schannel:COMPUTERACCOUNT' via a26ee2bf94a CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: log warnings about unsecure configurations via f3f792b8eab CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: support "server require schannel:WORKSTATION$ = no" via 2462fa5f30e CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: refactor dcesrv_netr_creds_server_step_check() via 8c5940223e1 CVE-2020-1472(ZeroLogon): s4:rpc_server/netlogon: log warnings about unsecure configurations via e4e0094fdbd CVE-2020-1472(ZeroLogon): s4:rpc_server/netlogon: support "server require schannel:WORKSTATION$ = no" via 1a03f011914 CVE-2020-1472(ZeroLogon): s4:rpc_server/netlogon: refactor dcesrv_netr_creds_server_step_check() via e75cfccb1c5 CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: protect netr_ServerPasswordSet2 against unencrypted passwords via dac81bdde6a CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: Fix mem leak onto p->mem_ctx in error path of _netr_ServerPasswordSet2(). via 0f4d98c1a2e CVE-2020-1472(ZeroLogon): s4:rpc_server/netlogon: protect netr_ServerPasswordSet2 against unencrypted passwords via e0e2d5911f5 CVE-2020-1472(ZeroLogon): libcli/auth: reject weak client challenges in netlogon_creds_server_init() via ef49b5d0911 CVE-2020-1472(ZeroLogon): libcli/auth: add netlogon_creds_is_random_challenge() to avoid weak values via 0371ca12772 CVE-2020-1472(ZeroLogon): s4:rpc_server:netlogon: make use of netlogon_creds_random_challenge() via 88d4e02c6b1 CVE-2020-1472(ZeroLogon): s3:rpc_server:netlogon: make use of netlogon_creds_random_challenge() via daeb1bebcea CVE-2020-1472(ZeroLogon): libcli/auth: make use of netlogon_creds_random_challenge() in netlogon_creds_cli.c via d92c031f69a CVE-2020-1472(ZeroLogon): s4:torture/rpc: make use of netlogon_creds_random_challenge() via e862b4ce567 CVE-2020-1472(ZeroLogon): libcli/auth: add netlogon_creds_random_challenge() via 6b8d52984e5 VERSION: Bump version up to 4.12.7... from 8d9dd75abca VERSION: Disable GIT_SNAPSHOT for the 4.12.6 release. https://git.samba.org/?p=samba.git;a=shortlog;h=v4-12-stable - Log - commit 356c036ef15b9790570e151cd1180910b4d35c18 Author: Karolin Seeger Date: Fri Sep 18 12:43:06 2020 +0200 VERSION: Disable GIT_SNAPSHOT for 4.12.7 release. Signed-off-by: Karolin Seeger commit 527a5df295d45ca72f0da002db0bb70332059672 Author: Karolin Seeger Date: Fri Sep 18 12:17:36 2020 +0200 WHATSNEW: Add release notes for Samba 4.12.7. CVE-2020-1472: Samba impact of "ZeroLogon". Signed-off-by: Karolin Seeger commit 04d316f3d510152c6ff052f62fa7eddd451a1b6b Author: Gary Lockyer Date: Fri Sep 18 15:57:34 2020 +1200 CVE-2020-1472(ZeroLogon): s4 torture rpc: repeated bytes in client challenge Ensure that client challenges with the first 5 bytes identical are rejected. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497 Signed-off-by: Gary Lockyer [abart...@samba.org: backported from master as test order was flipped] commit 3eeb5671b8076b22a67c34153d2f0899a02e7a88 Author: Gary Lockyer Date: Fri Sep 18 12:39:54 2020 +1200 CVE-2020-1472(ZeroLogon): s4 torture rpc: Test empty machine acct pwd Ensure that an empty machine account password can't be set by netr_ServerPasswordSet2 BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497 Signed-off-by: Gary Lockyer commit 512060e37ee996fc5a32dc374d7d47957c5081ef Author: Stefan Metzmacher Date: Thu Sep 17 17:27:54 2020 +0200 CVE-2020-1472(ZeroLogon): docs-xml: document 'server require schannel:COMPUTERACCOUNT' BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497 Signed-off-by: Stefan Metzmacher commit a26ee2bf94a2d13a7fd31edd6a8e5d33e55fb0e2 Author: Günther Deschner Date: Thu Sep 17 14:42:52 2020 +0200 CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: log warnings about unsecure configurations BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497 Pair-Programmed-With: Stefan Metzmacher Signed-off-by: Günther Deschner Signed-off-by: Stefan Metzmacher commit f3f792b8eabe4fc833363d1e8159ffd754279f1f Author: Günther Deschner Date: Thu Sep 17 14:23:16 2020 +0200 CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: support "server require scha
[SCM] Samba Shared Repository - branch v4-12-stable updated
The branch, v4-12-stable has been updated via 8d9dd75abca VERSION: Disable GIT_SNAPSHOT for the 4.12.6 release. via adfa3d161cb WHATSNEW: Add release notes for Samba 4.12.6. via 09298e198bd srvsvc: Move brl_get_locks() out of enum_file_fn() via 492dbc45c2f test: Show that netfileenum is broken via 92a0c1174bd rpcclient: Make netfileenum cmd print the path names via b2b72b3e795 rpcclient: Use struct initializers in cmd_srvsvc_net_file_enum() via 94328842997 srvsvc: Collect file ids in enum_file_fn() via 961d3e8baa5 srvsvc: Use a struct initializer in net_enum_files() via 05e0dfbb804 srvsvc: Directly use "ctr3->count" instead of "i" via 247d43c93cc srvsvc: Use a struct assignment in enum_file_fn() via f60ada1c9af srvsvc: Introduce ctx3 helper var in enum_file_fn() via 8c5d057d2d7 dbcheck: Allow a dangling forward link outside our known NCs via 25afe3463d9 ctdb-tests: Stop cat command failure from causing test failure via ecaa24765cd ctdb-scripts: Use nfsconf as a last resort get nfsd thread count via 6dcbb00fdfa ctdb-scripts: Use nfsconf as a last resort to set NFS_HOSTNAME via 8a3dcc8834a s3:smbd: check for stale pid in delay_for_oplock_fn() when leases_db_get() fails via 87bec8a4707 s3:leases: log errors with level 0 in leases_db_do_locked_fn() via 227d4784db2 smbd: check for stale pid in get_lease_type() via 423f8d7006f smbd: let get_lease_type() take a non-const share_mode_entry via 52bd010ac2d smbd: inverse if/else logic in get_lease_type() via b5a613b32be s3/leases: log NDR decoding failure with level 0 in leases_db_get_fn() via f27bc9aa6dd smbd: increase loglevel when leases_db_del() with anything then NT_STATUS_NOT_FOUND via 625769555ca docs: Fix documentation for require_membership_of of pam_winbind.conf via 81c240e8198 docs: Fix documentation for require_membership_of of pam_winbind via 4f6356a5bf8 kdc:db-glue: ignore KRB5_PROG_ETYPE_NOSUPP also for Primary:Kerberos via 9055634ddff Add a test with old msDS-SupportedEncryptionTypes via b0d00ee45c1 s3:smbd: make sure vfs_ChDir() always sets conn->cwd_fsp->fh->fd = AT_FDCWD via 33a160124a1 s3:smbd: reformat if statement for caching in vfs_ChDir() via a909b50c0ca s4:torture/smb2: add smb2.delete-on-close-perms.BUG14427 via 2eb07a97d2f s3:winbind:idmap_ad - make failure to get attrnames for schema mode fatal via e21b6f0ce2b lib/debug: set the correct default backend loglevel to MAX_DEBUG_LEVEL via b88952b3d67 lib/debug: assert file backend via b53b7fc274e selftest: Run test of how userPassword / crypt() style passwords are stored in quicktest via 3b9e5cae07b selftest: Split samba.tests.samba_tool.user_virtualCryptSHA into GPG and not GPG parts via 6eb3fba83cd dsdb: Allow "password hash userPassword schemes = CryptSHA256" to work on RHEL7 via 25f198a12b9 util: fix build on AIX by fixing the order of replace.h include via 8cffe254eda util: Reallocate larger buffer if getpwuid_r() returns ERANGE via 6e263432eef util: Fix build on FreeBSD by avoiding NSS_BUFLEN_PASSWD via 42ad8c2c480 util: Simplify input validation via 79f5d88663b s3: libsmb: Fix SMB2 client rename bug to a Windows server. via c160cfa9922 VERSION: Bump version up to 4.12.6... from 217bc17f1d2 VERSION: Disable GIT_SNAPSHOT for the 4.12.5 release. https://git.samba.org/?p=samba.git;a=shortlog;h=v4-12-stable - Log - --- Summary of changes: VERSION| 2 +- WHATSNEW.txt | 78 +- ctdb/config/nfs-linux-kernel-callout | 3 + ctdb/config/statd-callout | 21 +- ctdb/tests/UNIT/eventscripts/stubs/nfsconf | 5 + ctdb/tests/scripts/integration.bash| 2 +- docs-xml/manpages/pam_winbind.8.xml| 8 +- docs-xml/manpages/pam_winbind.conf.5.xml | 9 +- lib/replace/wscript| 1 + lib/util/debug.c | 12 +- lib/util/tests/test_util_paths.c | 2 +- lib/util/util_paths.c | 47 +++- python/samba/dbchecker.py | 24 +- .../tests/samba_tool/user_virtualCryptSHA_base.py | 118 ++ .../tests/samba_tool/user_virtualCryptSHA_gpg.py | 261 + .../user_virtualCryptSHA_userPassword.py | 185 +++ selftest/quick | 3 + selftest/target/Samba4.pm | 39 +++ source3/libsmb/cli_smb2_fnum.c
[SCM] Samba Shared Repository - branch v4-12-stable updated
The branch, v4-12-stable has been updated via 217bc17f1d2 VERSION: Disable GIT_SNAPSHOT for the 4.12.5 release. via c61cb94a463 WHATSNEW: Add release notes for Samba 4.12.5. via 8d47600f110 VERSION: Bump version up to 4.12.5. via 05b8919c7c2 Merge tag 'samba-4.12.4' into v4-12-test via 50badbae62f s3: msdfs: Fix missing struct stat return on msdfs links by doing an LSTAT call. via 54d6efeb917 s3: torture: Add test for getting attibutes on an MSDFS link. via 68c0b008bdd s3: torture: Add a MSDFS-ATTRIBUTE test. via 50ff83cb3e3 s3: libsmb: Info level SMB_FIND_EA_SIZE encodes attibutes as a uint16, not a uint8. via 7db0eb75680 s3: libsmb: Info level SMB_FIND_INFO_STANDARD encodes attibutes as a uint16, not a uint8. via bb210d6d29b s3: libsmb: Info level SMB_FIND_FILE_BOTH_DIRECTORY_INFO encodes attibutes as a uint32, not a uint8. via 10e8d8b4b13 s3: libsmb: Info level SMB2_FIND_ID_BOTH_DIRECTORY_INFO encodes attibutes as a uint32, not a uint8. via 1f8a77fe3aa s3: smbd: Allow a SHUTDOWN_CLOSE on a file with outstanding aio if there are no client connections alive. via 8666dc1eec6 s3: smbd: Add smbXsrv_client_valid_connections(). via 19c6e21cfd6 s3: selftest: Add samba3.blackbox.aio-outstanding test. via 3db89a6c880 ldb_ldap: fix off-by-one increment in lldb_add_msg_attr via 1049c5776f8 lib/ldb: add unit test for ldb_ldap internal code via 0ac77960440 Fix usage of ldap_get_values_len for msDS-AdditionalDnsHostName via 0e668997c83 Properly handle msDS-AdditionalDnsHostName returned from Windows DC via 60e73282191 selftest: add tests for binary msDS-AdditionalDnsHostName via 63c70acd4f4 Fix a typo in recent net man page changes via f50cb3a0fbf libcli ldap tests: remove use of zero length array via 7b1bac7d084 Add net-ads-join dnshostname=fqdn option via 71efed33f47 Add msDS-AdditionalDnsHostName entries to the keytab via 279e72fe334 Add a test for msDS-AdditionalDnsHostName entries in keytab via b3630d58e48 Refactor ads_keytab_add_entry() to make it iterable via 533a4be557b Fix accidental overwrite of dnsHostName by the last netbios alias via e25e574ba04 Add a test to check dNSHostName with netbios aliases via 5015bbbd701 s3:libads: prefer ENCTYPE_AES256_CTS_HMAC_SHA1_96 in ads_keytab_add_entry() via 2b15eee1bc0 docs-xml: update list of posible VFS operations for vfs_full_audit via c2051cdfda6 s3: libsmbclient: Finish unifing bad iconv behavior across CORE NT1 SMB2 protocols. via ea64f5fb2d8 s3: libsmb: In SMB2 return NT_STATUS_INVALID_NETWORK_RESPONSE if name conversion ended up with a NULL filename. via cc105695a60 s3: libsmb: In SMB1 old protocol - return NT_STATUS_INVALID_NETWORK_RESPONSE if name conversion ended up with a NULL filename. via 290ae67b24e s3: selftest: Add test_smbclient_iconv.sh to check client behavior on bad name conversion. via 701cbabc92e s3: selftest: Add share definition [bad_iconv] in fileserver. via f02893f5360 winbindd: Fix a use-after-free when winbind clients exit via 572eb426f3f s3: lib: Paranoia around use of snprintf copying into a fixed-size buffer from a getenv() pointer. via eae0ae3cae3 s3:gencache: Allow to open gencache as read-only via b91925075ef lib:util: Add test for path_expand_tilde() via f0654fa47e0 lib:util: Add path_expand_tilde() via 76c8a9deaa7 s4/rpc_server/dnsserver: Allow parsing of dnsProperty to fail gracefully via 0acfdab2a6a selftest: Add test for handling of "short" dnsProperty records via 50653906976 librpc/idl: Add dnsp_DnsProperty_short via 11abc955736 VERSION: Bump version up to 4.12.4... from 6ecd05dfbc2 VERSION: Disable GIT_SNAPSHOT for the 4.12.4 release. https://git.samba.org/?p=samba.git;a=shortlog;h=v4-12-stable - Log - --- Summary of changes: VERSION| 2 +- WHATSNEW.txt | 67 +- docs-xml/manpages/net.8.xml| 7 +- docs-xml/manpages/vfs_full_audit.8.xml | 70 +-- lib/ldb/ldb_ldap/ldb_ldap.c| 2 - lib/ldb/tests/lldb_ldap.c | 105 ++ lib/ldb/wscript| 14 ++ lib/util/tests/test_util_paths.c | 127 lib/util/util_paths.c | 76 +++ lib/util/util_paths.h | 9 + lib/util/wscript_build | 6 + libcli/ldap/tests/ldap_message_test.c | 2 +- librpc/idl/dnsp.idl| 16
[SCM] Samba Shared Repository - branch v4-12-stable updated
The branch, v4-12-stable has been updated via 6ecd05dfbc2 VERSION: Disable GIT_SNAPSHOT for the 4.12.4 release. via 86177f14ff9 WHATSNEW: Add release notes for Samba 4.12.4. via 565811f4f5f CVE-2020-10760 dsdb: Add tests for paged_results and VLV over the Global Catalog port via a6a3a9f59d4 CVE-2020-10760 dsdb: Ensure a proper talloc tree for saved controls via d7a32e815bf CVE-2020-14303: s4 nbt: fix busy loop on empty UDP packet via 795a25dc81b CVE-2020-14303 Ensure an empty packet will not DoS the NBT server via 3b98e807eb9 CVE-2020-10745: ndr/dns-utils: prepare for NBT compatibility via 0afc9f777a6 CVE-2020-10745: dns_util/push: forbid names longer than 255 bytes via a19660d1fea CVE-2020-10745: ndr_dns: do not allow consecutive dots via be20d15af13 CVE-2020-10745: ndr/dns_utils: correct a comment via a80dd6d1271 CVE-2020-10745: ndr_dns: move ndr_push_dns_string core into sharable function via ec640f93bc9 CVE-2020-10745: librpc/tests: cmocka tests of dns and ndr strings via 6e04e0b4944 CVE-2020-10745: pytests: hand-rolled invalid dns/nbt packet tests via 7cc5a5a35e9 ldb: Bump version to 2.1.4 via 9dd458956d7 CVE-2020-10730: lib ldb: Check if ldb_lock_backend_callback called twice via b2658b9432c CVE-2020-10730: s4 dsdb vlv_pagination: Prevent repeat call of ldb_module_done via c29319e91d0 CVE-2020-10730: s4 dsdb paged_results: Prevent repeat call of ldb_module_done via b1f72d2ce5e CVE-2020-10730: dsdb: Ban the combination of paged_results and VLV via 8103df54b18 CVE-2020-10730: dsdb: Fix crash when vlv and paged_results are combined via d6329e8ace7 CVE-2020-10730: selftest: Add test to show that VLV and paged_results are incompatible via 337f3e42841 CVE-2020-10730: vlv: Another workaround for mixing ASQ and VLV via 98a67d49137 CVE-2020-10730: selftest: Add test to confirm VLV interaction with ASQ via dd53faf4446 CVE-2020-10730: vlv: Do not re-ASQ search the results of an ASQ search with VLV via c61a5255d9e CVE-2020-10730: vlv: Use strcmp(), not strncmp() checking the NULL terminated control OIDs via 837ee4b1757 VERSION: Bump version up to 4.12.4... from 659c8c3d733 VERSION: Disable GIT_SNAPSHOT for the 4.12.3 release. https://git.samba.org/?p=samba.git;a=shortlog;h=v4-12-stable - Log - commit 6ecd05dfbc201c60346d2ae486663ae0dfc0c09c Author: Karolin Seeger Date: Thu Jun 25 12:57:04 2020 +0200 VERSION: Disable GIT_SNAPSHOT for the 4.12.4 release. This is a security release in order to address the following CVEs: o CVE-2020-10730: NULL pointer de-reference and use-after-free in Samba AD DC LDAP Server with ASQ, VLV and paged_results. o CVE-2020-10745: Parsing and packing of NBT and DNS packets can consume excessive CPU. o CVE-2020-10760: LDAP Use-after-free in Samba AD DC Global Catalog with paged_results and VLV. o CVE-2020-14303: Empty UDP packet DoS in Samba AD DC nbtd. Signed-off-by: Karolin Seeger commit 86177f14ff9be3aedd574a47b6733c7c8be6b01a Author: Karolin Seeger Date: Thu Jun 25 12:56:15 2020 +0200 WHATSNEW: Add release notes for Samba 4.12.4. Signed-off-by: Karolin Seeger commit 565811f4f5f16e072644a1a7c625ad1e60c89b10 Author: Andrew Bartlett Date: Mon Jun 8 16:32:14 2020 +1200 CVE-2020-10760 dsdb: Add tests for paged_results and VLV over the Global Catalog port This should avoid a regression. Signed-off-by: Andrew Bartlett commit a6a3a9f59d429ae01dc05aa412eab251cc842dcf Author: Andrew Bartlett Date: Fri Jun 5 22:14:48 2020 +1200 CVE-2020-10760 dsdb: Ensure a proper talloc tree for saved controls Otherwise a paged search on the GC port will fail as the ->data was not kept around for the second page of searches. An example command to produce this is bin/ldbsearch --paged -H ldap://$SERVER:3268 -U$USERNAME%$PASSWORD This shows up later in the partition module as: ERROR: AddressSanitizer: heap-use-after-free on address 0x60b00151ef20 at pc 0x7fec3f801aac bp 0x7ffe8472c270 sp 0x7ffe8472c260 READ of size 4 at 0x60b00151ef20 thread T0 (ldap(0)) #0 0x7fec3f801aab in talloc_chunk_from_ptr ../../lib/talloc/talloc.c:526 #1 0x7fec3f801aab in __talloc_get_name ../../lib/talloc/talloc.c:1559 #2 0x7fec3f801aab in talloc_check_name ../../lib/talloc/talloc.c:1582 #3 0x7fec1b86b2e1 in partition_search ../../source4/dsdb/samdb/ldb_modules/partition.c:780 or smb_panic_default: PANIC (pid 13287): Bad talloc magic value - unknown value (from source4/dsdb/samdb/ldb_modules/partition.c:780) BUG: https://bugzilla.samba.org/show_bug.cgi?id=14402
[SCM] Samba Shared Repository - branch v4-12-stable updated
The branch, v4-12-stable has been updated via 659c8c3d733 VERSION: Disable GIT_SNAPSHOT for the 4.12.3 release. via 53d94505055 WHATSNEW: Add release notes for Samba 4.12.3. via f1c602ea9c9 docs-xml: Fix usernames in pam_winbind manpages via 8d8549f571d libsmb: Protect cli_oem_change_password() from rprcnt<2 via 054e7de5b4b libsmb: Protect cli_RNetServerEnum against rprcnt<6 via 8dc3d1e4fb7 libsmb: Protect cli_RNetShareEnum() against rprcnt<6 via 848a1ad7c15 libsmb: Fix indentation in cli_RNetShareEnum() via 136a83c5a9f s3/locking: prime flags in a fresh sharemode data object via 6b650659ef6 smbd: fix for bug 14375 via 2b1525ca030 smbd: make conflicting_access available to other functions via 5c76c6f2d60 s4/torture: reproducer for bug 14375 via 31f91b59365 selftest: split a knownfail entry via 20d61b9c543 s3: RPC: Don't crash on trying to talloc_free(-1) if smb_iconv_open_ex() fails. via 43bc61b1c79 vfs_io_uring: retry after a short writes in vfs_io_uring_pwrite_completion() via 0baa1036c6f vfs_io_uring: retry after a short read in vfs_io_uring_pread_completion() via 8ed9668cefb vfs_io_uring: protect vfs_io_uring_fsync_completion() against invalid results via 9b1281a7062 vfs_io_uring: protect vfs_io_uring_pwrite_completion() against invalid results via dadb1698693 vfs_io_uring: protect vfs_io_uring_pread_completion() against invalid results via 0c3523d83cf vfs_io_uring: split out a vfs_io_uring_pwrite_submit() function via bd41e956fcd vfs_io_uring: split out a vfs_io_uring_pread_submit() function via adac9ae7017 vfs_io_uring: split out a vfs_io_uring_request_submit() function via 2ab5eaebc4c vfs_io_uring: avoid stack recursion of vfs_io_uring_queue_run() via efdcf63d939 vfs_io_uring: make use of sys_valid_io_range() in vfs_io_uring_pwrite_send() via 49847bada15 vfs_io_uring: make use of sys_valid_io_range() in vfs_io_uring_pread_send() via 2588cf0d711 vfs_io_uring: move error handling out of vfs_io_uring_fsync_recv() via d9e2acf9445 vfs_io_uring: move error handling out of vfs_io_uring_pwrite_recv() via 3dc60c54090 vfs_io_uring: move error handling out of vfs_io_uring_pread_recv() via a15861f6dd3 vfs_io_uring: introduce vfs_io_uring_request->completion_fn() via 5acc7ee7681 vfs_io_uring: replace vfs_io_uring_request->state with _tevent_req_data() via 7130e37d8f2 vfs_io_uring: fix the prefix for parametric options from 'vfs_io_uring' to 'io_uring' via 6b347a406de s3: VFS: default. Change pwrite() -> sys_pwrite_full() in SMB_VFS_PWRITE_SEND() to protect against short writes. via 00e0cf4241b s3: VFS: default. Change pread() -> sys_pread_full() in SMB_VFS_PREAD_SEND() to protect against short reads. via 838a52fa25e s3: VFS: default. Change sys_pwrite() -> sys_pwrite_full() in SMB_VFS_PWRITE() to protect against short writes. via aff82c00a05 s3: VFS: default. Change sys_pread() -> sys_pread_full() in SMB_VFS_PREAD() to protect against short reads. via b60d60bd505 s3: VFS: aio_fork: Change sys_pwrite() -> sys_pwrite_full() to protect against short writes. via f6baeeece8f s3: VFS: aio_fork: Change sys_pread() -> sys_pread_full() to protect against short reads. via 0d29e442b15 smbd: add vfs_valid_{pread,pwrite}_range() checks where needed via 3197bd27b35 s3:smbd: add vfs_valid_{pread,pwrite}_range() helper functions via 9b0aba40e83 s3:smbd: handle 0 length writes as no-op. via f3114c72a3f smb2_server: fix smbd_smb2_request_verify_sizes() for SMB2_OP_WRITE via 6c51b56282b lib: util: Add sys_pwrite_full(). via 442fa5a9782 lib: util: Add sys_pread_full(). via b171d8161d2 lib: util: Add sys_valid_io_range() via b50874309d2 s4:torture: add tests to test the SMB2 read/write offset/length boundaries via 392863d3d51 vfs_shadow_copy2: implement case canonicalisation in shadow_copy2_get_real_filename() via 105ed96add2 s3/lib: add is_gmt_token() via 6bf40566d88 smbd: make get_real_filename_full_scan() public via 3cedb9c9594 CI: add two tests for shadow_copy2 VFS module via f9f03c0a6f5 ldb: Bump version to 2.1.3 via 39742f3ffe8 lib ldb: lmdb init var before calling mdb_reader_check via d294eb47296 lib ldb: lmdb clear stale readers on write txn start via 2b8faefabb4 ldb tests: Confirm lmdb free list handling via f6468de046e lib:util: Fix smbclient -l basename dir via 6bc407b2860 Add a test for smbclient -l basename via 21cf1419c54 s3: pass DCE RPC handle type to create_policy_hnd via d2e0eafa92b dbwrap_watch: Set rec->value_valid while returning nested share_mode_do_locked() via d3eb8ef981e libsmb: Don't try to find posix stat info in SMBC_getatr()
[SCM] Samba Shared Repository - branch v4-12-stable updated
The branch, v4-12-stable has been updated via ee9600d8a8f VERSION: Disable GIT_SNAPSHOT for the 4.12.2 release. via 51b4bf0c873 WHATSNEW: Add release notes for Samba 4.12.2. via 71b92c9554d CVE-2020-10704 libcli ldap: Check search request lengths. via db78f2667eb CVE-2020-10704: libcli ldap_message: Add search size limits to ldap_decode via 8729c05b1cd CVE-2020-10704: S4 ldap server: Limit request sizes via 48a3bdd7703 CVE-2020-10704: smb.conf: Add max ldap request sizes via 4aeb07ef49e CVE-2020-10704: ldapserver tests: Limit search request sizes via 16da9c6e3d8 CVE-2020-10704: lib util asn1: Check parse tree depth via 74986c179ea CVE-2020-10704: libcli ldap: test recursion depth in ldap_decode_filter_tree via 109b128ec1d CVE-2020-10704: lib util asn1: Add ASN.1 max tree depth via fecb05c8980 CVE-2020-10700: ldb: Bump version up to 2.1.2. via fb3e51020ab CVE-2020-10700: dsdb: Do not permit the ASQ control for the GUID search in paged_results via b82544f CVE-2020-10700: ldb: Always use ldb_next_request() in ASQ module via 8e597aa1b9b CVE-2020-10700: dsdb: Add test for ASQ and ASQ in combination with paged_results via feb24fc1e51 VERSION: Bump version up to 4.12.2... from dcaa10c6e37 VERSION: Disable GIT_SNAPSHOT for the 4.12.1 release. https://git.samba.org/?p=samba.git;a=shortlog;h=v4-12-stable - Log - commit ee9600d8a8f244c9417f0819ee17b21ea84ed94a Author: Karolin Seeger Date: Wed Apr 22 12:55:18 2020 +0200 VERSION: Disable GIT_SNAPSHOT for the 4.12.2 release. o CVE-2020-10700: Use-after-free in Samba AD DC LDAP Server with ASQ o CVE-2020-10704: LDAP Denial of Service (stack overflow) in Samba AD DC Signed-off-by: Karolin Seeger commit 51b4bf0c873a790698fc1c4ee55bc7a1e8cfa82b Author: Karolin Seeger Date: Wed Apr 22 12:53:26 2020 +0200 WHATSNEW: Add release notes for Samba 4.12.2. Signed-off-by: Karolin Seeger commit 71b92c9554d2e92281c6ce7f0340def2e6c0623c Author: Gary Lockyer Date: Wed Apr 8 10:46:44 2020 +1200 CVE-2020-10704 libcli ldap: Check search request lengths. Check the search request lengths against the limits passed to ldap_decode. Credit to OSS-Fuzz REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454 BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334 Signed-off-by: Gary Lockyer Reviewed-by: Andrew Bartlett commit db78f2667eb51c106c66edebcf66914ea580bfc6 Author: Gary Lockyer Date: Wed Apr 8 08:49:23 2020 +1200 CVE-2020-10704: libcli ldap_message: Add search size limits to ldap_decode Add search request size limits to ldap_decode calls. The ldap server uses the smb.conf variable "ldap max search request size" which defaults to 250Kb. For cldap the limit is hard coded as 4096. Credit to OSS-Fuzz REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454 BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334 Signed-off-by: Gary Lockyer Reviewed-by: Andrew Bartlett commit 8729c05b1cd6a63d9f8e163b2e438007db3eb4f8 Author: Gary Lockyer Date: Wed Apr 8 15:32:22 2020 +1200 CVE-2020-10704: S4 ldap server: Limit request sizes Check the size of authenticated and anonymous ldap requests and reject them if they exceed the limits in smb.conf Credit to OSS-Fuzz REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454 BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334 Signed-off-by: Gary Lockyer Reviewed-by: Andrew Bartlett commit 48a3bdd7703ad3952f45e04c4f0a8d289ae74190 Author: Gary Lockyer Date: Tue Apr 7 09:09:01 2020 +1200 CVE-2020-10704: smb.conf: Add max ldap request sizes Add two new smb.conf parameters to control the maximum permitted ldap request size. Adds: ldap max anonymous request size default 250Kb ldap max authenticated request size default 16Mb Credit to OSS-Fuzz REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454 BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334 Signed-off-by: Gary Lockyer Reviewed-by: Andrew Bartlett commit 4aeb07ef49e4e8734fc5f5cd092bbf165e9cc9f3 Author: Gary Lockyer Date: Tue Apr 14 13:32:32 2020 +1200 CVE-2020-10704: ldapserver tests: Limit search request sizes Add tests to ensure that overly long (> 256000 bytes) LDAP search requests are rejected. Credit to OSS-Fuzz REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454 BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334 Signed-off-by: Gary Lockyer Reviewed-by: Andrew Bartlett commit 16da9c6e3d87d11e358441804dc7ff842eb5a9e7 Author: Gary Lockyer Date: Wed Apr 8 15:30:52 2020 +1
[SCM] Samba Shared Repository - branch v4-12-stable updated
The branch, v4-12-stable has been updated via dcaa10c6e37 VERSION: Disable GIT_SNAPSHOT for the 4.12.1 release. via 21095de9d96 WHATSNEW: Add release notes for Samba 4.12.1. via b82cec52708 s3/utils: Fix double free error with smbtree via 784e4266787 nsswitch: fix use-after-free causing segfault in _pam_delete_cred via 2dabb4c5cdd ctdb-recoverd: Avoid dereferencing NULL rec->nodemap via b1b41b88a5e ctdb-daemon: Don't allow attach from recovery if recovery is not active via 60dc3c3282d ctdb-daemon: Remove more unused old client database functions via 2049792ff78 ctdb-recovery: Remove old code for creating missing databases via c8354a9cb79 ctdb-recovery: Create database on nodes where it is missing via 63db9658e1e ctdb-recovery: Fetch database name from all nodes where it is attached via 71310819676 ctdb-recovery: Pass db structure for each database recovery via 58f83582821 ctdb-recovery: GET_DBMAP from all nodes via 808c7aabcbd ctdb-recovery: Replace use of ctdb_dbid_map with local db_list via 1e57e5c4e62 ctdb-daemon: Respect CTDB_CTRL_FLAG_ATTACH_RECOVERY when attaching databases via 05c2d86d075 ctdb-recovery: Use CTDB_CTRL_FLAG_ATTACH_RECOVERY to attach during recovery via 7c1f9bde013 ctdb-protocol: Add control flag CTDB_CTRL_FLAG_ATTACH_RECOVERY via aefd9b2e68d ctdb-daemon: Remove unused old client database functions via c9fa4fb0575 ctdb-daemon: Fix database attach deferral logic via b7f7f7b63e6 ctdb-recovery: Refactor banning a node into separate computation via f468f654078 ctdb-recovery: Don't trust nodemap obtained from local node via ad5c6f3a520 ctdb-recovery: Consolidate node state via be8d05f5978 ctdb-recovery: Fetched vnnmap is never used, so don't fetch it via ee06963cbb4 selftest: test samba-tool group commands with groupnames with brackets and spaces via f2dae546f22 samba-tool group edit: use binary encoded group name via fc8961c1562 samba-tool group delete: use binary encoded group name via ecd119fc6cf samba-tool group move: use binary encoded group name via 2dbe9c13d68 samba-tool group listmembers: use binary encoded group names via 88edeec6fc1 samba-tool group listmembers: find group members by groups SID via 439aeba45e9 samba-tool group listmembers: handle group-does-not-exist error via 20d4785856a samba-tool group listmembers: hide python backtracke on command error via a17de0ee683 WHATSNEW: Fix date. via 25642c7e960 ctdb-tcp: Do not stop outbound connection in ctdb_tcp_node_connect() via e9b727b4f2b ctdb-tcp: Factor out function ctdb_tcp_start_outgoing() via 3b5af720a4c ctdb-tcp: add ctdb_tcp_stop_incoming() via 26e29f72182 ctdb-tcp: rename ctdb_tcp_stop_connection() to ctdb_tcp_stop_outgoing() via 167ef355b34 ctdb-tcp: Remove redundant restart in ctdb_tcp_tnode_cb() via 2e619f51b05 ctdb-tcp: always call node_dead() upcall in ctdb_tcp_tnode_cb() via 5a51d36317d ctdb-tcp: move free of inbound queue to TCP restart via 6f6357c359c ctdb-daemon: more logical whitespace, debug modernisation via 0706d539417 ctdb-daemon: ensure restart() callback is called in half-connected state via f50790c1be7 nmblib: avoid undefined behaviour in handle_name_ptrs() via 8b86109e5de vfs_recycle: prevent flooding the log if we're called on non-existant paths via 1d226313e03 librpc: fix IDL for svcctl_ChangeServiceConfigW via ea4603fd5e5 s4-torture: add ndr svcctl testsuite via ea15a4bd189 s4-torture: add rpc test for ChangeServiceConfigW via b0f590055c1 VFS: default: add support for FILE_ATTRIBUTE_OFFLINE to async dosmode via 34f3476d560 VFS: default: use correct type for pathlen in vfswrap_getxattrat_do_sync() via cfaca1c0b7a VFS: default: avoid a crash in vfswrap_getxattrat_do_sync() via 69e66865203 VFS: default: remove unused arg from vfswrap_is_offline() via 8f4e8be8554 VFS: default: let vfswrap_is_offline() take conn, not handle via e98dcaa16d0 smbd: ignore set NTACL requests which contain S-1-5-88 NFS ACEs via b8ef341f6b5 vfs_fruit: tmsize prevent overflow Force the type during arithmetic in order to prevent overflow when summing the Time Machine folder size. Increase the precision to off_t (used for file sizes), leave the overflow error traps but with more precise wording. via fdc2f7d218a VERSION: Bump version up to 4.12.1... from 21679048604 VERSION: Disable GIT_SNAPSHOT for the 4.12.0 release... https://git.samba.org/?p=samba.git;a=shortlog;h=v4-12-stable - Log - --- Summary of changes: VERSION
[SCM] Samba Shared Repository - branch v4-12-stable updated
The branch, v4-12-stable has been updated via 21679048604 VERSION: Disable GIT_SNAPSHOT for the 4.12.0 release... via a1b4c4a0d9d WHATSNEW: Add release notes for Samba 4.12.0. via a99445e298c selftest: Test behaviour of DNS scavenge with an existing dNSTombstoned value via c6b90fbcee0 dsdb: Correctly handle memory in objectclass_attrs via 201489edf9d VERSION: Bump version up to 4.12.0rc5... from e629b9230ea VERSION: Disable GIT_SNAPSHOT for th Samba 4.12.0rc4 release. https://git.samba.org/?p=samba.git;a=shortlog;h=v4-12-stable - Log - --- Summary of changes: VERSION| 2 +- WHATSNEW.txt | 24 +++-- python/samba/tests/dns.py | 39 ++ source4/dsdb/samdb/ldb_modules/objectclass_attrs.c | 17 +- 4 files changed, 69 insertions(+), 13 deletions(-) Changeset truncated at 500 lines: diff --git a/VERSION b/VERSION index 42b5b48af5e..5fcdb65ffb9 100644 --- a/VERSION +++ b/VERSION @@ -87,7 +87,7 @@ SAMBA_VERSION_PRE_RELEASE= # e.g. SAMBA_VERSION_RC_RELEASE=1 # # -> "3.0.0rc1" # -SAMBA_VERSION_RC_RELEASE=4 +SAMBA_VERSION_RC_RELEASE= # To mark SVN snapshots this should be set to 'yes'# diff --git a/WHATSNEW.txt b/WHATSNEW.txt index b58cba6aebf..82525ebff0a 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,16 +1,11 @@ -Release Announcements -= + == + Release Notes for Samba 4.12.0 + March 03, 2019 + == -This is the fourth release candidate of Samba 4.12. This is *not* -intended for production environments and is designed for testing -purposes only. Please report any defects via the Samba bug reporting -system at https://bugzilla.samba.org/. -Samba 4.12 will be the next version of the Samba suite. - - -UPGRADING -= +This is the first stable release of the Samba 4.12 release series. +Please read the release notes carefully before upgrading. NEW FEATURES/CHANGES @@ -270,6 +265,13 @@ smb.conf changes spotlight backend Newnoindex +CHANGES SINCE 4.12.0rc4 +=== + +o Andrew Bartlett + * BUG 14258: dsdb: Correctly handle memory in objectclass_attrs. + + CHANGES SINCE 4.12.0rc3 === diff --git a/python/samba/tests/dns.py b/python/samba/tests/dns.py index 1dd1f549a33..bc05076c615 100644 --- a/python/samba/tests/dns.py +++ b/python/samba/tests/dns.py @@ -1523,26 +1523,51 @@ class TestZones(DNSTest): name, txt = 'agingtest', ['test txt'] name2, txt2 = 'agingtest2', ['test txt2'] name3, txt3 = 'agingtest3', ['test txt3'] +name4, txt4 = 'agingtest4', ['test txt4'] +name5, txt5 = 'agingtest5', ['test txt5'] self.dns_update_record(name, txt) self.dns_update_record(name2, txt) self.dns_update_record(name2, txt2) self.dns_update_record(name3, txt) self.dns_update_record(name3, txt2) + +# Create a tomb stoned record. +self.dns_update_record(name4, txt4) +self.dns_tombstone(name4, txt4, self.zone) +records = self.ldap_get_records(name4) +self.assertTrue("dNSTombstoned" in records[0]) +self.assertEqual(records[0]["dNSTombstoned"][0], b"TRUE") + +# Create an un-tombstoned record, with dnsTombstoned: FALSE +self.dns_update_record(name5, txt5) +self.dns_tombstone(name5, txt5, self.zone) +self.dns_update_record(name5, txt5) +records = self.ldap_get_records(name5) +self.assertTrue("dNSTombstoned" in records[0]) +self.assertEqual(records[0]["dNSTombstoned"][0], b"FALSE") + last_add = self.dns_update_record(name3, txt3) def mod_ts(rec): self.assertTrue(rec.dwTimeStamp > 0) if rec.data.str == txt: rec.dwTimeStamp -= interval * 5 + +def mod_ts_all(rec): +rec.dwTimeStamp -= interval * 5 self.ldap_modify_dnsrecs(name, mod_ts) self.ldap_modify_dnsrecs(name2, mod_ts) self.ldap_modify_dnsrecs(name3, mod_ts) +self.ldap_modify_dnsrecs(name5, mod_ts_all) self.assertTrue(callable(getattr(dsdb, '_scavenge_dns_records', None))) dsdb._scavenge_dns_records(self.samdb) recs = self.ldap_get_dns_records(name) self.assertEqual(len(recs), 1) self.assertEqual(recs[0].wType, dnsp.DNS_TYPE_TOMBSTONE) +records = self.ldap_get_records(name) +
[SCM] Samba Shared Repository - branch v4-12-stable updated
The branch, v4-12-stable has been updated via e629b9230ea VERSION: Disable GIT_SNAPSHOT for th Samba 4.12.0rc4 release. via 0f1d595cac3 WHATSNEW: Add release notes for Samba 4.12.0rc4. via 20195a35bbb ldb: version 2.1.1 via f83104fbfc4 ldb: Add tests aimed at the SCOPE_ONELEVEL bug in particular via 81bdcf9ee4e ldb: Fix search with scope ONE and small result sets via c521913e426 ldb: Ensure @IDXONE modes is tested in ldb.python (apy.py) tests via 71c072c385f ldb: Add tests aimed at the SCOPE_ONELEVEL particular via ea4c35f1d42 ldb: Add tests for one-level indexes in conjunction with other indexes via a21688e7d48 smbd: Separate aio_pthread indicator from normal EINTR via 1a47b0fd1d3 lib: Map EINPROGRESS->NT_STATUS_MORE_PROCESSING_REQUIRED via dcdfa4a752e test: Show that smbd does not handle EINTR from open() correctly via 670b83a1e6d test: Intercept open in vfs_error_inject via 9b6e4da57d7 WHATSNEW: Announce new Spotlight backend for Elasticsearch via 828b834706f WHATSNEW: samba-tool improvements via 0b964d99aa4 WHATSNEW: Add zlib and fuzzing notes via 537acf2a185 build: Do not check if system perl modules should be bundled via da44630885e pidl/wscript: configure should insist on Parse::Yapp::Driver via 339566feb72 s3: DFS: Don't allow link deletion on a read-only share. via 5a794f3bf8c s3: DFS: Don't allow link creation on a read-only share. via f72bb650ec3 VERSION: Bump version up to 4.12.0rc4... via 3a807493547 VERSION: Disable GIT_SNAPSHOT for the 4.12.0rc3 release. via 5987adfa00c VERSION: Add release notes for Samba 4.12.0rc3. via 19d74ce5f5b WHATSNEW.txt update explaining SMB_VFS_CREATE_DFS_PATHAT() / SMB_VFS_READ_DFS_PATHAT(). via 6c886973fa0 s3: DFS: Remove is_msdfs_link_internal() - no longer used. via bbbfc6b8acd s3: DFS: Change the last use of is_msdfs_link_internal() -> SMB_VFS_READ_DFS_PATHAT() inside form_junctions(). via 8690880313a s3: DFS: Replace calls to is_msdfs_link_internal() inside dfs_path_lookup() with SMB_VFS_READ_DFS_PATHAT(). via 92722a1b63a s3: DFS: Change dfs_path_lookup() to return struct referral list and count directly. via 007c96ab6e2 s3: DFS: Parse the returned target path in dfs_path_lookup(). via 967e0e15fc9 s3: DFS: Change simple is_msdfs_link() call to use SMB_VFS_READ_DFS_PATHAT(). via ce94b410867 s3: VFS: vfs_time_audit: Add read_dfs_pathat(). via 2633e182133 s3: VFS: vfs_full_audit: Add read_dfs_pathat(). via dfabe8e731e s3: VFS: catia: Add read_dfs_pathat(). via 895c06ccec2 s3: VFS: cap: Add cap_read_dfs_pathat(). via 13c6e747da1 s3: VFS: shadow_copy2: Add shadow_copy2_read_dfs_pathat(). via 5c8f5a48df7 s3: VFS: gluster: Add vfs_gluster_read_dfs_pathat(). via 7bbfc1c3a8c s3: VFS: ceph: Add vfswrap_ceph_read_dfs_pathat(). via 6fae0415d55 s3: VFS: Add SMB_VFS_READ_DFS_PATHAT(). via 6d5220f23cf s3: smbd: dfs: Clean up exits / talloc heirarchy in parse_msdfs_symlink(). via b4285b8d1b1 s3: smbd: dfs: Make parameter names consistent. via c13c6e44918 s3: smbd: dfs: Allow parse_msdfs_symlink() to be called with NULL pointers. via 2f2794a7241 s3: smbd: dfs: Apply some README.Coding to parse_msdfs_symlink(). via 9f87784686d s3: smbd: dfs: Make parse_msdfs_symlink() external. via 3ff14a2e5a3 s3: smbd: dfs: Move lp_msdfs_shuffle_referrals() call out of parse_msdfs_symlink(). via 7f034780869 s3: smbd: dfs: Cleanup, reformat calls to parse_msdfs_symlink() via 1ba9c318ae1 s3: VFS: Implement create_dfs_pathat() in cap via ce3bf591e2f s3: VFS: Implement create_dfs_pathat() in catia. via 59815861b2e WHATSNEW: announce vfs_io_uring via a1486fb2837 s3:modules: add vfs_io_uring module via ac78557df8e bootstrap: replace libaio-dev/libaio-devel with liburing-dev/liburing-devel via 40c84bfcdd2 lib/replace: remove unused check for aio.h via 9463a387831 lib: Fix a shutdown crash with "clustering = yes" via fd63e94a282 lib: Introduce messaging_context->per_process_talloc_ctx via 1b4db22b160 lib: Add a TALLOC_CTX to base register_msg_pool_usage() on via 60deff09d09 lib: Simplify register_msg_pool_usage() via 46ff9e1bca8 auth: Fix CID 1458418 Null pointer dereferences (REVERSE_INULL) via 1e61aa6d46f auth: Fix CID 1458420 Null pointer dereferences (REVERSE_INULL) via 3e222ac6b93 ctdb-tcp: Make error handling for outbound connection consistent via b1fba6c7a06 winbindd: handling missing idmap in getgrgid() via 7163ae8a772 bootstrap: Remove un-used dependency python3-crypto via 9c1b614e11a s3:auth_sam: map an empty domain or '.' to the local SAM name via 2b56b5a05af s3:selftest: test authent
[SCM] Samba Shared Repository - branch v4-12-stable updated
The branch, v4-12-stable has been updated via 773c5de6750 VERSION: Disable GIT_SNAPSHOT for the 4.12.0rc1 release... via e1e55a47419 WHATSNEW: Add release note for Samba 4.12.0rc1. via cf9850b4e06 samba-tool group addmembers: avoid python traceback on member add failure via 2697415239d selftest: add test for samba-tool groupmember --member-base-dn option via 8c5a266ef3f selftest: add tests for samba-tool group addmembers --object-types option via 347c65434ec selftest: add test for new samba-tool group addmembers --member-dn option via 557fa1d44b6 samba-tool group addmembers: add --member-base-dn option for group member search via 5b129bf12ba samba-tool group {add,remove}members: allow to use --member-dn in combination with listofmembers via 47f9ee91ed9 samba-tool group removemembers: adapt functionality to addmembers command via aedcf6a5274 samba-tool group addmembers: add --member-dn option via f2e2579926e samba-tool group addmembers: add new option --object-types via a4d77bfd90d python/samdb: validation of group member types for group member filter via f9bf6b7856e python/samdb: add type "all" to search for all common types of group members via c4e899d6b4b python/samdb: adapt search filter for group object type via 45abb4fd4f4 python/samdb: adapt search filter for user object type via 2baa301237f python/samdb: add 'computer' to the default group member types for group member filters via 2abebee1405 python/samdb: fetch specific error if there are more than one search results via e3099ac4072 python/samdb: add more object types for adding/remove group members via 662b7458aed python/samdb: add option to specify types of group members via b081bd977c8 samba-tool tests: add test-case for 'ou list --base-dn' via 2186c5a6a4c samba-tool: add -b/--base-dn option to OUs list command via 918d91bb843 samba-tool tests: add test-case for 'user list --base-dn' via d4de2e3192e samba-tool: add -b/--base-dn option to users list command via 55be0f1d2f7 samba-tool tests: add test-case for 'contact list --base-dn' via 8a45adb2b19 samba-tool: add -b/--base-dn option to contacts list command via 88f0a1390b8 samba-tool tests: add test-case for 'computer list --base-dn' via b292a266a8d samba-tool: add -b/--base-dn option to computer list command via bced03b0d1a samba-tool tests: add test-case for 'group list --base-dn' via 8f68236dc4e samba-tool: add -b/--base-dn option to groups list command via b545ab1a85d samba-tool tests: add test-case for 'user getgrouops --full-dn' via 41262d1d66c samba-tool: add --full-dn option for user getgroups command via d2d345103b2 samba-tool tests: add test-case for 'group listmembers --full-dn' via bb66b322546 samba-tool: add --full-dn option to group listmembers command via 08207f77f13 samba-tool tests: add test case for 'user list --full-dn' via 31060963956 samba-tool: add --full-dn option to user list command via 2e767e81be4 samba-tool tests: add test case for 'computer list --full-dn' via 29326e32645 samba-tool: add --full-dn option to computer list command via e64f7de31fd samba-tool tests: Add test-case for 'group list --full-dn' via 51d4c82f3c5 samba-tool: add --full-dn option to group list command via b813ef6ae7a Revert "vfs_glusterfs: Return fake fd from pipe() during open" via cc4a55d290c vfs_glusterfs: add .fcntl_fn hook via b56c56eecdf vfs_ceph: add .fcntl_fn hook via 0a77890bbc9 testenv: No "mktemp" for in_screen via 823e4de3094 testenv: Simplify "in_screen" via 1ca1c601989 testenv: Properly kill daemons via 4f1e4f9ce3f testenv: Be more careful deleting environment tmpfiles from 85478847a1f WHATSNEW: Add CTDB changes for 4.12 https://git.samba.org/?p=samba.git;a=shortlog;h=v4-12-stable - Log - --- Summary of changes: VERSION | 6 +- WHATSNEW.txt | 2 +- python/samba/netcmd/computer.py | 27 +- python/samba/netcmd/contact.py| 11 ++- python/samba/netcmd/group.py | 156 ++ python/samba/netcmd/ou.py | 19 +++- python/samba/netcmd/user.py | 46 - python/samba/samdb.py | 113 +- python/samba/tests/samba_tool/computer.py | 39 python/samba/tests/samba_tool/contact.py | 19 python/samba/tests/samba_tool/group.py| 66 + python/samba/tests/samba_tool/ou.py | 19 python/samba/tests/samba_tool/user.py |