[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via c8bf9495f43 vfs: fix the build of nfs4acl_xattr_ without rpc/xdr.h support from 3b9ccfa4ac7 net: use correct printf format, fi3_id is an uint32_t https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c8bf9495f43ed677f90e59937e1e805fc5e60d49 Author: Stefan Metzmacher Date: Wed Mar 27 04:34:12 2019 +0100 vfs: fix the build of nfs4acl_xattr_ without rpc/xdr.h support Signed-off-by: Stefan Metzmacher Reviewed-by: Ralph Boehme Autobuild-User(master): Ralph Böhme Autobuild-Date(master): Fri Nov 25 06:07:32 UTC 2022 on sn-devel-184 --- Summary of changes: source3/modules/nfs4acl_xattr_nfs.c | 1 + source3/modules/nfs4acl_xattr_util.c | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/source3/modules/nfs4acl_xattr_nfs.c b/source3/modules/nfs4acl_xattr_nfs.c index 59e02bf1577..698630f3e6f 100644 --- a/source3/modules/nfs4acl_xattr_nfs.c +++ b/source3/modules/nfs4acl_xattr_nfs.c @@ -874,6 +874,7 @@ NTSTATUS nfs4acl_nfs_blob_to_smb4(struct vfs_handle_struct *handle, } #else /* !HAVE_RPC_XDR_H */ +#include "nfs4_acls.h" #include "nfs4acl_xattr_nfs.h" NTSTATUS nfs4acl_nfs_blob_to_smb4(struct vfs_handle_struct *handle, TALLOC_CTX *mem_ctx, diff --git a/source3/modules/nfs4acl_xattr_util.c b/source3/modules/nfs4acl_xattr_util.c index 8ea1e76ad17..998dbf2df4d 100644 --- a/source3/modules/nfs4acl_xattr_util.c +++ b/source3/modules/nfs4acl_xattr_util.c @@ -29,7 +29,6 @@ #ifdef FALSE #undef FALSE #endif -#endif #include "nfs4_acls.h" #include "nfs41acl.h" @@ -71,3 +70,4 @@ uint16_t nfs4acl_to_smb4acl_flags(unsigned nfsacl41_flags) return smb4acl_flags; } +#endif /* HAVE_RPC_XDR_H */ -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 3b9ccfa4ac7 net: use correct printf format, fi3_id is an uint32_t from 95676825adb gitlab-ci: do some basic testing on ubuntu1804-32bit https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 3b9ccfa4ac73332f324426dec940579e5eac96bc Author: Ralph Boehme Date: Tue Jan 10 12:22:28 2017 +0100 net: use correct printf format, fi3_id is an uint32_t Signed-off-by: Ralph Boehme Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Thu Nov 24 16:39:12 UTC 2022 on sn-devel-184 --- Summary of changes: source3/utils/net_rpc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c index 1c89ffcd5e5..e1a0c491dd4 100644 --- a/source3/utils/net_rpc.c +++ b/source3/utils/net_rpc.c @@ -5644,7 +5644,7 @@ static int rpc_file_close(struct net_context *c, int argc, const char **argv) static void display_file_info_3(struct FILE_INFO_3 *r) { - d_printf("%-7.1d %-20.20s 0x%-4.2x %-6.1d %s\n", + d_printf("%-7.1" PRIu32 " %-20.20s 0x%-4.2x %-6.1u %s\n", r->fi3_id, r->fi3_username, r->fi3_permissions, r->fi3_num_locks, r->fi3_pathname); } -- Samba Shared Repository
[SCM] Priv Wrapper Repository - annotated tag priv_wrapper-1.0.1 created
The annotated tag, priv_wrapper-1.0.1 has been created at f6f92ffbf87b89741b21be455be18ddbd4eb315e (tag) tagging f387dadd971bcb90dd92b83cf4c1401aec3f4ab9 (commit) replaces priv_wrapper-1.0.0 tagged by Andreas Schneider on Thu Nov 24 15:09:16 2022 +0100 - Log - priv_wrapper-1.0.1 * Fixed dclose() with RTLD_NEXT * Fixed prctl() dlsym prototype -BEGIN PGP SIGNATURE- iQIzBAABCgAdFiEEjf9T4Y8qvI2PPJIjfuD8TcwBTj0FAmN/exkACgkQfuD8TcwB Tj10zw//Ytz889blhVXnIXDzM5wVeIklSZ5KHp9URo4bUsR9W1sYIOmYqh1NxjA2 F/FR7UzPfat6cX7H8rAmu3Icjzr+n1LIFXOkxr4AVCv40q3899TIAI4z8pPHhMa0 uB6X/3LnprKTTLPxdBZjcWbyn/P/XSH8Y2pHkb3egP0jkdNqmGvesNwYITaYr9+u DyEISNsMlOv7yOpVr2HdaFASUS3DLcLi9Zjm1s3feKjlOTTx4KAq3D2eet4ajBri V/xGEIjlAoR2jd1CpLxk9pIzsEfbUE9fGK8eP61rj9+dTujqfEJZF5gkFzgFn5gs fjHW25l+rtoGIYZmokadYycS0I5sbW5btl0GrYC9bGbCr8vrh31haui3YaKGqrLs Fia7y9vTFvy3JEwwb5hFM0uN/9FNplOl8L1GaBOUMc809KdO+VDEpV8FzZFKYIR6 LXclumWxi325gN6rBaC7ViTDpNuv7uWMgL/mwoWidFp9xifROh+53tgeJOCp1i3V Y9vfk3YNvjDt07OvyxrmS0aQ0muBSbAIsfVnjyduL3QjMHvYz02xRdNy58M+p6j+ A6lbbXgxQBULbTN9vxLmKCWxXlsdrxir0AJ4k2QGD0Al6+TnUxRwMzGsawNdmmWo CCIhlK/rH05lX13s8Iw92IxgdEj4hGadZnUfx3FxzEK/BGEtEoo= =VYip -END PGP SIGNATURE- Andreas Schneider (1): Bump version to 1.0.1 Pavel Filipenský (1): Fix prctl on ppc64le Samuel Thibault (1): Avoid dclose(RTLD_NEXT) --- -- Priv Wrapper Repository
[SCM] Priv Wrapper Repository - branch main updated
The branch, main has been updated via f387dad Bump version to 1.0.1 from 9429f65 Avoid dclose(RTLD_NEXT) https://git.samba.org/?p=priv_wrapper.git;a=shortlog;h=main - Log - commit f387dadd971bcb90dd92b83cf4c1401aec3f4ab9 Author: Andreas Schneider Date: Tue Nov 15 13:08:13 2022 +0100 Bump version to 1.0.1 Signed-off-by: Andreas Schneider Reviewed-by: Pavel Filipenský --- Summary of changes: CHANGELOG.md | 4 CMakeLists.txt | 4 ++-- 2 files changed, 6 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/CHANGELOG.md b/CHANGELOG.md index bb2007c..ff497b3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,9 @@ CHANGELOG = +## Version 1.0.1 (released 2022-11-24) +* Fixed dclose() with RTLD_NEXT +* Fixed prctl() dlsym prototype + ## Version 1.0.0 (released 2022-10-24) * Initial release diff --git a/CMakeLists.txt b/CMakeLists.txt index 2c83373..01c2c1d 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -11,7 +11,7 @@ list(APPEND CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/cmake/Modules") include(DefineCMakeDefaults) include(DefineCompilerFlags) -project(priv_wrapper VERSION 1.0.0 LANGUAGES C) +project(priv_wrapper VERSION 1.0.1 LANGUAGES C) # global needed variables set(APPLICATION_NAME ${PROJECT_NAME}) @@ -25,7 +25,7 @@ set(APPLICATION_NAME ${PROJECT_NAME}) # Increment PATCH. set(LIBRARY_VERSION_MAJOR 0) set(LIBRARY_VERSION_MINOR 0) -set(LIBRARY_VERSION_PATCH 1) +set(LIBRARY_VERSION_PATCH 2) set(LIBRARY_VERSION "${LIBRARY_VERSION_MAJOR}.${LIBRARY_VERSION_MINOR}.${LIBRARY_VERSION_PATCH}") set(LIBRARY_SOVERSION ${LIBRARY_VERSION_MAJOR}) -- Priv Wrapper Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 95676825adb gitlab-ci: do some basic testing on ubuntu1804-32bit via 98c1e357a7f selftest: add --default-ldb-backend option via 9ba10b97d3a selftest: samba-ktest-mit also needs $ENV{KRB5RCACHETYPE} = "none" via dce639f8bd7 CVE-2022-42898: HEIMDAL: lib/krb5: fix _krb5_get_int64 on systems where 'unsigned long' is just 32-bit via 838f6207879 third_party: Update socket_wrapper to version 1.3.5 via 6dddb268df0 lib/replace: let rep_openat2() inject O_LARGEFILE as needed via 4c2e1d6259c s3:locking: relax __SHARE_MODE_LOCK_SPACE check for 32bit platforms via 44192d5f2ca s4:kdc: make sure reset_bad_password_netlogon() stops subreq before return via 73ec7253139 s4:messaging: add irpc_bh_do_ndr_print() in order to debug irpc calls via 1414269dccf CVE-2021-20251: s4:auth: fix use after free in authsam_logon_success_accounting() via 2dcd8369fe7 bootstrap: Remove duplicate line from CentOS 8 powertools install via 3dbe8fd66ca bootstrap: Spelling fix in bootstrap from Michael Tokarev via f738842adba tests: Replace OpenSSL MD4 invocation with a python3 call from 09f8d4ac81a tests: Start testing smb2 symlink error returns https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 95676825adbb13ab2a0e24983780125218c17265 Author: Stefan Metzmacher Date: Tue Nov 22 10:41:39 2022 +0100 gitlab-ci: do some basic testing on ubuntu1804-32bit For now we allow build warnings and only do some basic testing. We also ignore timestamp related problems, as well as some charset failures. Over time we should try to address the situation by not allowing warnings and verify if expected failures are harmless or not. But it's already much better then having no 32bit testing at all! Signed-off-by: Stefan Metzmacher Reviewed-by: Andrew Bartlett Autobuild-User(master): Stefan Metzmacher Autobuild-Date(master): Thu Nov 24 12:05:26 UTC 2022 on sn-devel-184 commit 98c1e357a7fd25b6706b4341b3407c03369501fc Author: Stefan Metzmacher Date: Tue Nov 22 10:31:19 2022 +0100 selftest: add --default-ldb-backend option Signed-off-by: Stefan Metzmacher Reviewed-by: Andrew Bartlett commit 9ba10b97d3aa50f89f01bb038d98a8086d409c3e Author: Stefan Metzmacher Date: Fri Nov 4 10:23:07 2022 + selftest: samba-ktest-mit also needs $ENV{KRB5RCACHETYPE} = "none" We need to pass --mitkrb5 to selftest.pl in all cases we use system mit kerberos not only when we also test the kdc. We can't use a replay cache in selftest verifies the stat.st_uid against getuid(). BTW: while debugging this on ubuntu 22.04 I exported KRB5_TRACE="/dev/stderr", which means we get tracing into the servers log file and into selftest_prefix/subunit for the client... Signed-off-by: Stefan Metzmacher Reviewed-by: Andrew Bartlett commit dce639f8bd75ecdca261d1dc8b97ce6a8ebb4eb0 Author: Stefan Metzmacher Date: Wed Nov 16 12:08:45 2022 +0100 CVE-2022-42898: HEIMDAL: lib/krb5: fix _krb5_get_int64 on systems where 'unsigned long' is just 32-bit BUG: https://bugzilla.samba.org/show_bug.cgi?id=15203 Signed-off-by: Stefan Metzmacher Reviewed-by: Ralph Boehme Reviewed-by: Volker Lendecke Reviewed-by: Andrew Bartlett commit 838f62078795150bb7ec9ec1b4690a1d6a8991ae Author: Stefan Metzmacher Date: Wed Nov 23 12:14:12 2022 +0100 third_party: Update socket_wrapper to version 1.3.5 This injects O_LARGEFILE as needed. Signed-off-by: Stefan Metzmacher Reviewed-by: Andreas Schneider commit 6dddb268df08fd91f8e0f189f948ad76e5805dca Author: Stefan Metzmacher Date: Wed Nov 23 11:38:20 2022 +0100 lib/replace: let rep_openat2() inject O_LARGEFILE as needed BUG: https://bugzilla.samba.org/show_bug.cgi?id=15251 Signed-off-by: Stefan Metzmacher Reviewed-by: Ralph Boehme commit 4c2e1d6259c4c06fce5d1333553b611ffd8f0ef4 Author: Stefan Metzmacher Date: Tue Nov 22 10:47:33 2022 +0100 s3:locking: relax __SHARE_MODE_LOCK_SPACE check for 32bit platforms sizeof(struct share_mode_lock) is only 28 bytes instead of 32 bytes on 32bit systems... Signed-off-by: Stefan Metzmacher Reviewed-by: Volker Lendecke commit 44192d5f2cae2350d7de109690799dea1a2a2e16 Author: Stefan Metzmacher Date: Mon Nov 7 17:40:07 2022 +0100 s4:kdc: make sure reset_bad_password_netlogon() stops subreq before return We pass the stack variable 'req' to dcerpc_winbind_SendToSam_r_send(), so we need to make sure the runtime of the subreq in not longer than the stack variable. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15253 Signed-off-by: Stefan Metzmacher Reviewed-by:
[SCM] Socket Wrapper Repository - branch master updated
The branch, master has been updated via f88fe92 Bump version to 1.3.5 via c562535 socket_wrapper: inject O_LARGEFILE to open[64|at]() if needed via f0a511f Avoid dclose(RTLD_NEXT) from 6854835 pkgconfig: Fix path to libsocket_wrapper.so https://git.samba.org/?p=socket_wrapper.git;a=shortlog;h=master - Log - commit f88fe92249b156d90ecff78d3a5ef0e5bbcaa6b0 Author: Stefan Metzmacher Date: Wed Nov 23 12:12:12 2022 +0100 Bump version to 1.3.5 Signed-off-by: Stefan Metzmacher Reviewed-by: Andreas Schneider commit c562535f1efef204f553ed793cfd9c7efada8b3f Author: Stefan Metzmacher Date: Wed Nov 23 11:46:45 2022 +0100 socket_wrapper: inject O_LARGEFILE to open[64|at]() if needed On 32bit systems this is normally done by glibc if _FILE_OFFSET_BITS is 64, but with socket wrapper we don't want to define _FILE_OFFSET_BITS=64, as we need to overload open64 explicitly. But we need to inject O_LARGEFILE for being transparent to the application. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15251 Signed-off-by: Stefan Metzmacher Reviewed-by: Andreas Schneider commit f0a511f6a4b60b63efcf0ddeec889672bd6d6a76 Author: Samuel Thibault Date: Thu Nov 10 18:36:29 2022 + Avoid dclose(RTLD_NEXT) In case the libc was not found and RTLD_NEXT is used instead, we should not dlclose it, otherwise mayhem happens. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15228 Signed-off-by: Samuel Thibault Reviewed-by: Andreas Schneider Reviewed-by: Stefan Metzmacher --- Summary of changes: CHANGELOG| 6 ++ CMakeLists.txt | 4 ++-- src/socket_wrapper.c | 31 +-- 3 files changed, 37 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/CHANGELOG b/CHANGELOG index 8c29ec1..31954d6 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,6 +1,12 @@ ChangeLog == +version 1.3.5 (released 2022-11-23) + * Inject O_LARGEFILE as needed on 32bit + * pkgconfig: Fix path to libsocket_wrapper.so + * Fix -Wcast-qual warnings + * Fix dclose(RTLD_NEXT) + version 1.3.4 (released 2022-07-21) * Fixed TOCTOU issue with udp auto binding * Fixed running on FreeBSD diff --git a/CMakeLists.txt b/CMakeLists.txt index c6a34b0..8a0c129 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -11,7 +11,7 @@ list(APPEND CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/cmake/Modules") include(DefineCMakeDefaults) include(DefineCompilerFlags) -project(socket_wrapper VERSION 1.3.4 LANGUAGES C) +project(socket_wrapper VERSION 1.3.5 LANGUAGES C) # global needed variables set(APPLICATION_NAME ${PROJECT_NAME}) @@ -25,7 +25,7 @@ set(APPLICATION_NAME ${PROJECT_NAME}) # Increment PATCH. set(LIBRARY_VERSION_MAJOR 0) set(LIBRARY_VERSION_MINOR 3) -set(LIBRARY_VERSION_PATCH 1) +set(LIBRARY_VERSION_PATCH 2) set(LIBRARY_VERSION "${LIBRARY_VERSION_MAJOR}.${LIBRARY_VERSION_MINOR}.${LIBRARY_VERSION_PATCH}") set(LIBRARY_SOVERSION ${LIBRARY_VERSION_MAJOR}) diff --git a/src/socket_wrapper.c b/src/socket_wrapper.c index ec8321f..bedda07 100644 --- a/src/socket_wrapper.c +++ b/src/socket_wrapper.c @@ -984,6 +984,19 @@ static FILE *libc_fopen64(const char *name, const char *mode) } #endif /* HAVE_FOPEN64 */ +static void swrap_inject_o_largefile(int *flags) +{ + (void)*flags; /* maybe unused */ +#if SIZE_MAX == 0xUL && defined(O_LARGEFILE) +#ifdef O_PATH + if (((*flags) & O_PATH) == 0) +#endif + { + *flags |= O_LARGEFILE; + } +#endif +} + static int libc_vopen(const char *pathname, int flags, va_list ap) { int mode = 0; @@ -991,6 +1004,8 @@ static int libc_vopen(const char *pathname, int flags, va_list ap) swrap_bind_symbol_all(); + swrap_inject_o_largefile(); + if (flags & O_CREAT) { mode = va_arg(ap, int); } @@ -1019,6 +1034,8 @@ static int libc_vopen64(const char *pathname, int flags, va_list ap) swrap_bind_symbol_all(); + swrap_inject_o_largefile(); + if (flags & O_CREAT) { mode = va_arg(ap, int); } @@ -1035,6 +1052,8 @@ static int libc_vopenat(int dirfd, const char *path, int flags, va_list ap) swrap_bind_symbol_all(); + swrap_inject_o_largefile(); + if (flags & O_CREAT) { mode = va_arg(ap, int); } @@ -7831,10 +7850,18 @@ void swrap_destructor(void) SAFE_FREE(sockets); - if (swrap.libc.handle != NULL) { + if (swrap.libc.handle != NULL +#ifdef RTLD_NEXT + && swrap.libc.handle != RTLD_NEXT +#endif + ) { dlclose(swrap.libc.handle); } - if (swrap.libc.socket_handle) { + if (swrap.libc.socket_handle