[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 6206e15b4de winbind: Fix "wbinfo -u" on a Samba AD DC with >1000
users
via f633389f36e winbind: Test wbinfo -u with more than 1000 users
via 5ac65fdf9ac build:wafsamba: Fix TypeError in read_submodule_status()
via 1dbdeaa8d7f gp: get_gpo() should re-raise the Exception, not return
via 9755206f6dd s4:ntvfs:posix: avoid parsing empty blob in
posix_eadb_add_list()
via 46ae5568fa7 lib:ldb: do not offset against NULL pointer in
ldb_ldif_read()
from 5fcb675a8b0 s4/scripting: fix % len(res) was in the wrong place
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 6206e15b4de0ba67d713124c2be353dabf3878c8
Author: Volker Lendecke
Date: Wed Apr 26 17:19:29 2023 +0200
winbind: Fix "wbinfo -u" on a Samba AD DC with >1000 users
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15366
Signed-off-by: Volker Lendecke
Reviewed-by: Andrew Bartlett
Autobuild-User(master): Andrew Bartlett
Autobuild-Date(master): Tue May 9 02:58:45 UTC 2023 on atb-devel-224
commit f633389f36e79d3e772777ad7ca13012e3616273
Author: Volker Lendecke
Date: Thu Apr 27 12:25:24 2023 +0200
winbind: Test wbinfo -u with more than 1000 users
winbind asks dcerpc_samr_LookupRids in one batch, where samr.idl has
NTSTATUS samr_LookupRids(
[in,ref] policy_handle *domain_handle,
[in,range(0,1000)] uint32 num_rids,
[in,size_is(1000),length_is(num_rids)] uint32 rids[],
[out,ref] lsa_Strings *names,
[out,ref] samr_Ids *types
);
limiting num_rids to 1000 entries. Test this.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15366
Signed-off-by: Volker Lendecke
Reviewed-by: Andrew Bartlett
commit 5ac65fdf9acb286a152032cc8913b5ce28fe30fc
Author: Joseph Sutton
Date: Thu May 4 15:25:31 2023 +1200
build:wafsamba: Fix TypeError in read_submodule_status()
parts = l.split(" ")
TypeError: a bytes-like object is required, not 'str'
Signed-off-by: Joseph Sutton
Reviewed-by: Andrew Bartlett
commit 1dbdeaa8d7fcfa4b620bbd24e457ee7f2e6c132d
Author: David Mulder
Date: Fri Apr 28 07:37:31 2023 -0600
gp: get_gpo() should re-raise the Exception, not return
If we return from this failure, then `new_gpo` is
set to `None` and we will fail in some obscure
way within a CSE later (since we append `None` to
the GPO list). Instead, re-raise the Exception so
we see that an error happened when fetching the
GPO.
Signed-off-by: David Mulder
Reviewed-by: Andrew Bartlett
commit 9755206f6dde7ee4f9852bbd81cb79f4457faf86
Author: Dmitry Antipov
Date: Tue May 2 13:45:01 2023 +0300
s4:ntvfs:posix: avoid parsing empty blob in posix_eadb_add_list()
Strictly speaking, this is not a bug because parsing loop will just skip
an empty ({NULL}, 0) blob. But it's better to avoid this case because
UBSan (as of clang-17 at least) may complain on such a parsing attempt:
source4/ntvfs/posix/posix_eadb.c:56:62: runtime error: applying zero offset
to null pointer
#0 0x7f9d71ce7b2a in posix_eadb_add_list
source4/ntvfs/posix/posix_eadb.c:56
#1 0x7f9d71ce7b2a in push_xattr_blob_tdb_raw
source4/ntvfs/posix/posix_eadb.c:178
#2 0x7f9d71cec1f5 in py_wrap_setxattr
source4/ntvfs/posix/python/pyposix_eadb.c:64
#3 0x7f9d88bd4507 in cfunction_call
(/lib64/libpython3.11.so.1.0+0x1d4507)
[... a lot of Python calls skipped...]
Signed-off-by: Dmitry Antipov
Reviewed-by: Joseph Sutton
Reviewed-by: Andrew Bartlett
commit 46ae5568fa7b9a96018d0eedadee6400632112ba
Author: Dmitry Antipov
Date: Tue May 2 13:43:54 2023 +0300
lib:ldb: do not offset against NULL pointer in ldb_ldif_read()
Fix the following error observed running samba.test.registry
compiled with clang-17 and UBsan:
lib/ldb/common/ldb_ldif.c:881:9: runtime error: applying non-zero offset
137438953440 to null pointer
#0 0x7faa0eb3932f in ldb_ldif_read lib/ldb/common/ldb_ldif.c:881
#1 0x7faa0eb3aec6 in ldb_ldif_read_string lib/ldb/common/ldb_ldif.c:1004
#2 0x7faa077ed759 in dsdb_set_schema_from_ldif
source4/dsdb/schema/schema_set.c:1113
#3 0x7faa068fcbbf in py_dsdb_set_schema_from_ldif
source4/dsdb/pydsdb.c:929
#4 0x7faa1d1d4507 in cfunction_call
(/lib64/libpython3.11.so.1.0+0x1d4507)
[... a lot of Python calls skipped...]
I.e. number of elements should be checked against zero
before making an attempt to access an element by index.
Signed-off-by: Dmitry Antipov
Reviewed-by: Joseph Sutton
Reviewed-by: Andrew Bartlett
[SCM] Socket Wrapper Repository - branch master updated
The branch, master has been updated
via cb5d579 gitlab-ci: Add a 32bit build
via df91870 Add fix for incorrect mapping of fcntl64() -> fcntl(),
causing locking failures
via ceb139d Add test for F_SETLK as this is needs to be 64-bit aware on
32-bit userspace
from b15c02f tests: New test with poll
https://git.samba.org/?p=socket_wrapper.git;a=shortlog;h=master
- Log -
commit cb5d5790fff30e3be5a9465a85b1ac0aaaebfed2
Author: Andreas Schneider
Date: Fri May 5 07:14:26 2023 +0200
gitlab-ci: Add a 32bit build
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15367
Signed-off-by: Andreas Schneider
Reviewed-by: Andrew Bartlett
commit df918708717c084ec9048be2864edcde81816108
Author: Andrew Bartlett
Date: Fri May 5 13:34:00 2023 +1200
Add fix for incorrect mapping of fcntl64() -> fcntl(), causing locking
failures
We need to call fcntl64() if possible for 32-bit hosts
This is a strange case of socket_wrapper breaking normal file operation.
Newer glibc has introduced fcntl64 and symbol renaming but
the end function call was not caught by the automatic rename.
This means socket_wrapper would call fcntl(), not fcntl64 in libc
and this would do a "struct flock" -> "struct flock64" translation on the
supplied argument, despite this being already a flock64 from
the caller.
This in turn changed the lock offset values (eg to 0, 0).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15367
Signed-off-by: Andrew Bartlett
Reviewed-by: Andreas Schneider
commit ceb139dc42c50275a11ca974ef8800032cf24b6f
Author: Andrew Bartlett
Date: Fri May 5 13:15:51 2023 +1200
Add test for F_SETLK as this is needs to be 64-bit aware on 32-bit userspace
If this is not correctly routed to fcntl64 (where that exists) then an
incorrect thunking could be applied breaking the functionality.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15367
Signed-off-by: Andrew Bartlett
Reviewed-by: Andreas Schneider
---
Summary of changes:
.gitlab-ci.yml | 20 ++
ConfigureChecks.cmake | 1 +
cmake/Toolchain-cross-m32.cmake | 23 +++
src/socket_wrapper.c| 25
tests/CMakeLists.txt| 1 +
tests/test_fcntl_lock.c | 86 +
6 files changed, 156 insertions(+)
create mode 100644 cmake/Toolchain-cross-m32.cmake
create mode 100644 tests/test_fcntl_lock.c
Changeset truncated at 500 lines:
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index d5dc461..ef98aeb 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -224,6 +224,26 @@ tumbleweed/x86_64/clang:
paths:
- obj/
+tumbleweed/x86/gcc:
+ stage: test
+ image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$TUMBLEWEED_BUILD
+ script:
+- mkdir -p obj && cd obj && cmake
+ -DCMAKE_TOOLCHAIN_FILE=../cmake/Toolchain-cross-m32.cmake
+ -DCMAKE_BUILD_TYPE=RelWithDebInfo
+ -DPICKY_DEVELOPER=ON
+ -DUNIT_TESTING=ON .. &&
+ make -j$(nproc) && ctest --output-on-failure
+ tags:
+- shared
+ except:
+- tags
+ artifacts:
+expire_in: 1 week
+when: on_failure
+paths:
+ - obj/
+
tumbleweed/static-analysis:
stage: analysis
image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$TUMBLEWEED_BUILD
diff --git a/ConfigureChecks.cmake b/ConfigureChecks.cmake
index b820a65..c99e2ae 100644
--- a/ConfigureChecks.cmake
+++ b/ConfigureChecks.cmake
@@ -80,6 +80,7 @@ check_function_exists(__close_nocancel HAVE___CLOSE_NOCANCEL)
check_function_exists(recvmmsg HAVE_RECVMMSG)
check_function_exists(sendmmsg HAVE_SENDMMSG)
check_function_exists(syscall HAVE_SYSCALL)
+check_function_exists(fcntl64 HAVE_FCNTL64)
if (UNIX)
find_library(DLFCN_LIBRARY dl)
diff --git a/cmake/Toolchain-cross-m32.cmake b/cmake/Toolchain-cross-m32.cmake
new file mode 100644
index 000..7918c60
--- /dev/null
+++ b/cmake/Toolchain-cross-m32.cmake
@@ -0,0 +1,23 @@
+set(CMAKE_C_FLAGS "-m32" CACHE STRING "C compiler flags" FORCE)
+set(CMAKE_CXX_FLAGS "-m32" CACHE STRING "C++ compiler flags" FORCE)
+
+set(LIB32 /usr/lib) # Fedora
+
+if(EXISTS /usr/lib32)
+set(LIB32 /usr/lib32) # Arch, Solus
+endif()
+
+set(CMAKE_SYSTEM_LIBRARY_PATH ${LIB32} CACHE STRING "system library search
path" FORCE)
+set(CMAKE_LIBRARY_PATH${LIB32} CACHE STRING "library search path"
FORCE)
+
+# this is probably unlikely to be needed, but just in case
+set(CMAKE_EXE_LINKER_FLAGS"-m32 -L${LIB32}" CACHE STRING "executable
linker flags" FORCE)
+set(CMAKE_SHARED_LINKER_FLAGS "-m32 -L${LIB32}" CACHE STRING "shared library
linker flags" FORCE)
+set(CMAKE_MODULE_LINKER_FLAGS "-m32 -L${LIB32}" CACHE STRING "module linker
flags" FORCE)
+
+# on Fedora and Arch and
[SCM] Samba Shared Repository - branch v4-18-test updated
The branch, v4-18-test has been updated
via 1ace31bc878 dsgetdcname: do not assume local system uses IPv4
from 49777b08ac2 s3:lib: Do not try to match '.' and '..' directories in
is_in_path()
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test
- Log -
commit 1ace31bc8787a72a923b1445192476cc8d71a0d8
Author: Nathaniel W. Turner
Date: Fri Sep 23 16:37:46 2022 -0400
dsgetdcname: do not assume local system uses IPv4
Return the first IPv4 and the first IPv6 address found for each DC.
This is slightly inelegant, but resolves an issue where IPv6-only
systems were unable to run "net ads join" against domain controllers
that have both A and records in DNS.
While this impacts performance due to the additional LDAP ping attempts,
in practice an attempt to connect to an IPv6 address on an IPv4-only
system (or vice versa) will fail immediately with
NT_STATUS_NETWORK_UNREACHABLE, and thus the performance impact should be
negligible.
The alternative approach, using an smb.conf setting to control whether
the logic prefers a single address of one family or the other ends up
being a bit awkward, as it pushes the problem onto admins and tools such
as "realm join" that want to dynamically synthesize an smb.conf on the
fly.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15325
Signed-off-by: Nathaniel W. Turner
Reviewed-by: Jeremy Allison
Reviewed-by: David Mulder
Autobuild-User(master): Jeremy Allison
Autobuild-Date(master): Thu Mar 9 19:12:15 UTC 2023 on atb-devel-224
(cherry picked from commit f55a357c6b9387883a7628a1b1083263a10121a6)
Autobuild-User(v4-18-test): Jule Anger
Autobuild-Date(v4-18-test): Mon May 8 10:17:16 UTC 2023 on atb-devel-224
---
Summary of changes:
source3/libsmb/dsgetdcname.c | 49 +++-
1 file changed, 26 insertions(+), 23 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/libsmb/dsgetdcname.c b/source3/libsmb/dsgetdcname.c
index 42714fcb2a1..e0462d5fb24 100644
--- a/source3/libsmb/dsgetdcname.c
+++ b/source3/libsmb/dsgetdcname.c
@@ -551,14 +551,20 @@ static NTSTATUS discover_dc_dns(TALLOC_CTX *mem_ctx,
return NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND;
}
+ /* Check for integer wrap. */
+ if (numdcs + numdcs < numdcs) {
+ TALLOC_FREE(dcs);
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
/*
-* We're only returning one address per
-* DC name, so just allocate size numdcs.
+* We're only returning up to 2 addresses per
+* DC name, so just allocate size numdcs x 2.
*/
dclist = talloc_zero_array(mem_ctx,
struct ip_service_name,
- numdcs);
+ numdcs * 2);
if (!dclist) {
TALLOC_FREE(dcs);
return NT_STATUS_NO_MEMORY;
@@ -571,17 +577,16 @@ static NTSTATUS discover_dc_dns(TALLOC_CTX *mem_ctx,
ret_count = 0;
for (i = 0; i < numdcs; i++) {
size_t j;
+ bool have_v4_addr = false;
+ bool have_v6_addr = false;
if (dcs[i].num_ips == 0) {
continue;
}
- dclist[ret_count].hostname =
- talloc_move(dclist, [i].hostname);
-
/*
-* Pick the first IPv4 address,
-* if none pick the first address.
+* Pick up to 1 address from each address
+* family (IPv4, IPv6).
*
* This is different from the previous
* code which picked a 'next ip' address
@@ -589,8 +594,11 @@ static NTSTATUS discover_dc_dns(TALLOC_CTX *mem_ctx,
* Too complex to maintain :-(.
*/
for (j = 0; j < dcs[i].num_ips; j++) {
- if (dcs[i].ss_s[j].ss_family == AF_INET) {
+ if ((dcs[i].ss_s[j].ss_family == AF_INET &&
!have_v4_addr) ||
+ (dcs[i].ss_s[j].ss_family == AF_INET6 &&
!have_v6_addr)) {
bool ok;
+ dclist[ret_count].hostname =
+ talloc_strdup(dclist, dcs[i].hostname);
ok = sockaddr_storage_to_samba_sockaddr(
[ret_count].sa,
[i].ss_s[j]);
@@ -599,22 +607,17 @@ static NTSTATUS discover_dc_dns(TALLOC_CTX *mem_ctx,
TALLOC_FREE(dclist);
return
