[SCM] Samba Shared Repository - branch v4-1-test updated
Karolin Seeger
kseeger at samba.org
Wed Apr 8 15:43:03 MDT 2015
The branch, v4-1-test has been updated
via 05284b8 s3: Fix fsctl_validate_neg_info to pass MS compliance suite.
via 8628ae2 s3: Refactor smbd_smb2_request_process_negprot
via fc4bdf5 s3-passdb: Fix 'force user' with winbind default domain
via c2ea207 s4-process_model: Do not close random fds while forking.
via ef714b3 s3: libsmbclient: Add missing talloc stackframe.
via 58deb20 s4:auth/gensec_gssapi: let gensec_gssapi_update() return NT_STATUS_LOGON_FAILURE for unknown errors
from af95423 s3: client - "client use spnego principal = yes" code checks wrong name.
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-1-test
- Log -----------------------------------------------------------------
commit 05284b811896da5f4f5a3d9051e7c2707b9712d0
Author: Jeremy Allison <jra at samba.org>
Date: Tue Mar 31 16:20:51 2015 -0700
s3: Fix fsctl_validate_neg_info to pass MS compliance suite.
It turns out that all the client and server need to agree on is what
protocol should have been negotiated. If they disagree, they should
disconnect. The contents of the list of protocols used during
negotiate and during FSCTL_VALIDATE_NEGOTIATE_INFO do not need to match.
Back-port of patch 439de096ae0e1c1b8812fa202f5eba7a891d7a0a written
by Ira Cooper <ira at samba.org> and reviewed by Stefan Metzmacher <metze at samba.org>.
Fixes bug #11187 - Mac OS X 10.10.x fails Validate Negotiate Request to 4.1.x
https://bugzilla.samba.org/show_bug.cgi?id=11187
Signed-off-by: Jeremy Allison <jra at samba.org>
Autobuild-User(v4-1-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-1-test): Wed Apr 8 23:42:50 CEST 2015 on sn-devel-104
commit 8628ae2004665bf278a830f744fcba54eddd5db7
Author: Jeremy Allison <jra at samba.org>
Date: Tue Mar 31 16:15:59 2015 -0700
s3: Refactor smbd_smb2_request_process_negprot
Breakout smb2_protocol_dialect_match to support future work in
fsctl_validate_neg_info.
Back port of 6221937acac7017dee397d1c9846236d9fd5f613
written by Ira Cooper <ira at samba.org> and signed off
by Stefan Metzmacher <metze at samba.org>
Fixes bug #11187 - Mac OS X 10.10.x fails Validate Negotiate Request to 4.1.x
https://bugzilla.samba.org/show_bug.cgi?id=11187
Signed-off-by: Jeremy Allison <jra at samba.org>
commit fc4bdf5a6024eed64ea96aa974c8d253a9a35ebc
Author: Andreas Schneider <asn at samba.org>
Date: Tue Mar 31 18:15:51 2015 +0200
s3-passdb: Fix 'force user' with winbind default domain
If we set 'winbind use default domain' and specify 'force user = user'
without a domain name we fail to log in. In this case we need to try a
lookup with the domain name.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11185
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit cd4442c7ac93e165862c9195a7c345472646aa59)
commit c2ea20726f316b0c232ec26f46258a53628885a6
Author: Andreas Schneider <asn at samba.org>
Date: Thu Mar 26 10:48:31 2015 +0100
s4-process_model: Do not close random fds while forking.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11180
The issue has been found with nss_wrapper debug output running:
samba4.ntvfs.cifs.krb5.base.lock
In the case here, we fork a child and close the fd without resetting
the pipe fd variable. Then the fd was used to open the nss_wrapper
hosts file which got the same fd. We forked again in the process model
called close() on the re-used fd (of the pipe variable) again without
nss_wrapper noticing. Now Samba opened the secrets tdb and got
the same fd as nss_wrapper was using for the hosts file and next
nss_wrapper tried to parse a TDB ...
Pair-Programmed-With: Michael Adam <obnox at samba.org>
Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Michael Adam <obnox at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit f75182841d4a7d63bd070022270926e324631fa9)
commit ef714b3f607f8ab4b233cf0c9552f06bb95693db
Author: Jeremy Allison <jra at samba.org>
Date: Thu Mar 26 10:09:46 2015 -0700
s3: libsmbclient: Add missing talloc stackframe.
Bug 11177 - no talloc stackframe at ../source3/libsmb/clifsinfo.c:444, leaking memory
https://bugzilla.samba.org/show_bug.cgi?id=11177
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Michael Adam <obnox at samba.org>
Autobuild-User(master): Michael Adam <obnox at samba.org>
Autobuild-Date(master): Thu Mar 26 22:21:30 CET 2015 on sn-devel-104
(cherry picked from commit 32cbbed979b931eeb5127629248a94d7e6f3fcfb)
commit 58deb20fd401157b3fbb6f983a5e334f303bdb93
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Mar 13 14:39:10 2015 +0100
s4:auth/gensec_gssapi: let gensec_gssapi_update() return NT_STATUS_LOGON_FAILURE for unknown errors
The 'nt_status' variable is set to NT_STATUS_OK before.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11164
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 09b3e42e70b35bfa1985e70780a67085644b9914)
-----------------------------------------------------------------------
Summary of changes:
source3/libsmb/libsmb_stat.c | 8 +++
source3/passdb/lookup_sid.c | 24 ++++++++
source3/smbd/globals.h | 3 +
source3/smbd/smb2_ioctl_network_fs.c | 28 +++++----
source3/smbd/smb2_negprot.c | 114 ++++++++++++-----------------------
source4/auth/gensec/gensec_gssapi.c | 4 +-
source4/smbd/process_standard.c | 12 +++-
7 files changed, 103 insertions(+), 90 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/libsmb/libsmb_stat.c b/source3/libsmb/libsmb_stat.c
index 94449e0..3c895ce 100644
--- a/source3/libsmb/libsmb_stat.c
+++ b/source3/libsmb/libsmb_stat.c
@@ -312,9 +312,11 @@ SMBC_statvfs_ctx(SMBCCTX *context,
bool bIsDir;
struct stat statbuf;
SMBCFILE * pFile;
+ TALLOC_CTX *frame = talloc_stackframe();
/* Determine if the provided path is a file or a folder */
if (SMBC_stat_ctx(context, path, &statbuf) < 0) {
+ TALLOC_FREE(frame);
return -1;
}
@@ -322,6 +324,7 @@ SMBC_statvfs_ctx(SMBCCTX *context,
if (S_ISDIR(statbuf.st_mode)) {
/* It's a directory. */
if ((pFile = SMBC_opendir_ctx(context, path)) == NULL) {
+ TALLOC_FREE(frame);
return -1;
}
bIsDir = true;
@@ -329,11 +332,13 @@ SMBC_statvfs_ctx(SMBCCTX *context,
/* It's a file. */
if ((pFile = SMBC_open_ctx(context, path,
O_RDONLY, 0)) == NULL) {
+ TALLOC_FREE(frame);
return -1;
}
bIsDir = false;
} else {
/* It's neither a file nor a directory. Not supported. */
+ TALLOC_FREE(frame);
errno = ENOSYS;
return -1;
}
@@ -348,6 +353,7 @@ SMBC_statvfs_ctx(SMBCCTX *context,
SMBC_close_ctx(context, pFile);
}
+ TALLOC_FREE(frame);
return ret;
}
@@ -365,6 +371,7 @@ SMBC_fstatvfs_ctx(SMBCCTX *context,
uint32 fs_attrs = 0;
struct cli_state *cli = file->srv->cli;
struct smbXcli_tcon *tcon;
+ TALLOC_CTX *frame = talloc_stackframe();
if (smbXcli_conn_protocol(cli->conn) >= PROTOCOL_SMB2_02) {
tcon = cli->smb2.tcon;
@@ -488,5 +495,6 @@ SMBC_fstatvfs_ctx(SMBCCTX *context,
st->f_flags = flags;
#endif
+ TALLOC_FREE(frame);
return 0;
}
diff --git a/source3/passdb/lookup_sid.c b/source3/passdb/lookup_sid.c
index e4d41c4..f10ebb7 100644
--- a/source3/passdb/lookup_sid.c
+++ b/source3/passdb/lookup_sid.c
@@ -395,6 +395,30 @@ bool lookup_name_smbconf(TALLOC_CTX *mem_ctx,
ret_sid, ret_type);
}
+ /* Try with winbind default domain name. */
+ if (lp_winbind_use_default_domain()) {
+ bool ok;
+
+ qualified_name = talloc_asprintf(mem_ctx,
+ "%s\\%s",
+ lp_workgroup(),
+ full_name);
+ if (qualified_name == NULL) {
+ return false;
+ }
+
+ ok = lookup_name(mem_ctx,
+ qualified_name,
+ flags,
+ ret_domain,
+ ret_name,
+ ret_sid,
+ ret_type);
+ if (ok) {
+ return true;
+ }
+ }
+
/* Try with our own SAM name. */
qualified_name = talloc_asprintf(mem_ctx, "%s\\%s",
get_global_sam_name(),
diff --git a/source3/smbd/globals.h b/source3/smbd/globals.h
index 1286ced..0942e46 100644
--- a/source3/smbd/globals.h
+++ b/source3/smbd/globals.h
@@ -258,6 +258,9 @@ NTSTATUS smbd_smb2_request_verify_creditcharge(struct smbd_smb2_request *req,
NTSTATUS smbd_smb2_request_verify_sizes(struct smbd_smb2_request *req,
size_t expected_body_size);
+enum protocol_types smbd_smb2_protocol_dialect_match(const uint8_t *indyn,
+ const int dialect_count,
+ uint16_t *dialect);
NTSTATUS smbd_smb2_request_process_negprot(struct smbd_smb2_request *req);
NTSTATUS smbd_smb2_request_process_sesssetup(struct smbd_smb2_request *req);
NTSTATUS smbd_smb2_request_process_logoff(struct smbd_smb2_request *req);
diff --git a/source3/smbd/smb2_ioctl_network_fs.c b/source3/smbd/smb2_ioctl_network_fs.c
index 49c2715..96d11fd 100644
--- a/source3/smbd/smb2_ioctl_network_fs.c
+++ b/source3/smbd/smb2_ioctl_network_fs.c
@@ -341,9 +341,10 @@ static NTSTATUS fsctl_validate_neg_info(TALLOC_CTX *mem_ctx,
struct GUID in_guid;
uint16_t in_security_mode;
uint16_t in_num_dialects;
- uint16_t i;
+ uint16_t dialect;
DATA_BLOB out_guid_blob;
NTSTATUS status;
+ enum protocol_types protocol = PROTOCOL_NONE;
if (in_input->length < 0x18) {
return NT_STATUS_INVALID_PARAMETER;
@@ -367,20 +368,25 @@ static NTSTATUS fsctl_validate_neg_info(TALLOC_CTX *mem_ctx,
return status;
}
- if (in_num_dialects != conn->smb2.client.num_dialects) {
+ /*
+ * From: [MS-SMB2]
+ * 3.3.5.15.12 Handling a Validate Negotiate Info Request
+ *
+ * The server MUST determine the greatest common dialect
+ * between the dialects it implements and the Dialects array
+ * of the VALIDATE_NEGOTIATE_INFO request. If no dialect is
+ * matched, or if the value is not equal to Connection.Dialect,
+ * the server MUST terminate the transport connection
+ * and free the Connection object.
+ */
+ protocol = smbd_smb2_protocol_dialect_match(in_input->data + 0x18,
+ in_num_dialects,
+ &dialect);
+ if (conn->protocol != protocol) {
*disconnect = true;
return NT_STATUS_ACCESS_DENIED;
}
- for (i=0; i < in_num_dialects; i++) {
- uint16_t v = SVAL(in_input->data, 0x18 + i*2);
-
- if (conn->smb2.client.dialects[i] != v) {
- *disconnect = true;
- return NT_STATUS_ACCESS_DENIED;
- }
- }
-
if (GUID_compare(&in_guid, &conn->smb2.client.guid) != 0) {
*disconnect = true;
return NT_STATUS_ACCESS_DENIED;
diff --git a/source3/smbd/smb2_negprot.c b/source3/smbd/smb2_negprot.c
index 963a557..0cf5c8d 100644
--- a/source3/smbd/smb2_negprot.c
+++ b/source3/smbd/smb2_negprot.c
@@ -82,6 +82,43 @@ void reply_smb20ff(struct smb_request *req, uint16_t choice)
reply_smb20xx(req, SMB2_DIALECT_REVISION_2FF);
}
+enum protocol_types smbd_smb2_protocol_dialect_match(const uint8_t *indyn,
+ const int dialect_count,
+ uint16_t *dialect)
+{
+ struct {
+ enum protocol_types proto;
+ uint16_t dialect;
+ } pd[] = {
+ { PROTOCOL_SMB3_00, SMB3_DIALECT_REVISION_300 },
+ { PROTOCOL_SMB2_24, SMB2_DIALECT_REVISION_224 },
+ { PROTOCOL_SMB2_22, SMB2_DIALECT_REVISION_222 },
+ { PROTOCOL_SMB2_10, SMB2_DIALECT_REVISION_210 },
+ { PROTOCOL_SMB2_02, SMB2_DIALECT_REVISION_202 },
+ };
+ size_t i;
+
+ for (i = 0; i < ARRAY_SIZE(pd); i ++) {
+ size_t c = 0;
+
+ if (lp_srv_maxprotocol() < pd[i].proto) {
+ continue;
+ }
+ if (lp_srv_minprotocol() > pd[i].proto) {
+ continue;
+ }
+
+ for (c = 0; c < dialect_count; c++) {
+ *dialect = SVAL(indyn, c*2);
+ if (*dialect == pd[i].dialect) {
+ return pd[i].proto;
+ }
+ }
+ }
+
+ return PROTOCOL_NONE;
+}
+
NTSTATUS smbd_smb2_request_process_negprot(struct smbd_smb2_request *req)
{
NTSTATUS status;
@@ -138,80 +175,9 @@ NTSTATUS smbd_smb2_request_process_negprot(struct smbd_smb2_request *req)
}
indyn = SMBD_SMB2_IN_DYN_PTR(req);
- for (c=0; protocol == PROTOCOL_NONE && c < dialect_count; c++) {
- if (lp_srv_maxprotocol() < PROTOCOL_SMB3_00) {
- break;
- }
- if (lp_srv_minprotocol() > PROTOCOL_SMB3_00) {
- break;
- }
-
- dialect = SVAL(indyn, c*2);
- if (dialect == SMB3_DIALECT_REVISION_300) {
- protocol = PROTOCOL_SMB3_00;
- break;
- }
- }
-
- for (c=0; protocol == PROTOCOL_NONE && c < dialect_count; c++) {
- if (lp_srv_maxprotocol() < PROTOCOL_SMB2_24) {
- break;
- }
- if (lp_srv_minprotocol() > PROTOCOL_SMB2_24) {
- break;
- }
-
- dialect = SVAL(indyn, c*2);
- if (dialect == SMB2_DIALECT_REVISION_224) {
- protocol = PROTOCOL_SMB2_24;
- break;
- }
- }
-
- for (c=0; protocol == PROTOCOL_NONE && c < dialect_count; c++) {
- if (lp_srv_maxprotocol() < PROTOCOL_SMB2_22) {
- break;
- }
- if (lp_srv_minprotocol() > PROTOCOL_SMB2_22) {
- break;
- }
-
- dialect = SVAL(indyn, c*2);
- if (dialect == SMB2_DIALECT_REVISION_222) {
- protocol = PROTOCOL_SMB2_22;
- break;
- }
- }
-
- for (c=0; protocol == PROTOCOL_NONE && c < dialect_count; c++) {
- if (lp_srv_maxprotocol() < PROTOCOL_SMB2_10) {
- break;
- }
- if (lp_srv_minprotocol() > PROTOCOL_SMB2_10) {
- break;
- }
-
- dialect = SVAL(indyn, c*2);
- if (dialect == SMB2_DIALECT_REVISION_210) {
- protocol = PROTOCOL_SMB2_10;
- break;
- }
- }
-
- for (c=0; protocol == PROTOCOL_NONE && c < dialect_count; c++) {
- if (lp_srv_maxprotocol() < PROTOCOL_SMB2_02) {
- break;
- }
- if (lp_srv_minprotocol() > PROTOCOL_SMB2_02) {
- break;
- }
-
- dialect = SVAL(indyn, c*2);
- if (dialect == SMB2_DIALECT_REVISION_202) {
- protocol = PROTOCOL_SMB2_02;
- break;
- }
- }
+ protocol = smbd_smb2_protocol_dialect_match(indyn,
+ dialect_count,
+ &dialect);
for (c=0; protocol == PROTOCOL_NONE && c < dialect_count; c++) {
if (lp_srv_maxprotocol() < PROTOCOL_SMB2_10) {
diff --git a/source4/auth/gensec/gensec_gssapi.c b/source4/auth/gensec/gensec_gssapi.c
index 4fc544f..11fea2a 100644
--- a/source4/auth/gensec/gensec_gssapi.c
+++ b/source4/auth/gensec/gensec_gssapi.c
@@ -642,14 +642,14 @@ static NTSTATUS gensec_gssapi_update(struct gensec_security *gensec_security,
gensec_security->gensec_role == GENSEC_CLIENT ? "client" : "server",
gensec_gssapi_state->gss_exchange_count,
gssapi_error_string(out_mem_ctx, maj_stat, min_stat, gensec_gssapi_state->gss_oid)));
- return nt_status;
+ return NT_STATUS_LOGON_FAILURE;
}
} else {
DEBUG(1, ("GSS %s Update(%d) failed: %s\n",
gensec_security->gensec_role == GENSEC_CLIENT ? "client" : "server",
gensec_gssapi_state->gss_exchange_count,
gssapi_error_string(out_mem_ctx, maj_stat, min_stat, gensec_gssapi_state->gss_oid)));
- return nt_status;
+ return NT_STATUS_LOGON_FAILURE;
}
break;
}
diff --git a/source4/smbd/process_standard.c b/source4/smbd/process_standard.c
index c5377b3..cbc63b6 100644
--- a/source4/smbd/process_standard.c
+++ b/source4/smbd/process_standard.c
@@ -34,7 +34,7 @@ NTSTATUS process_model_standard_init(void);
/* we hold a pipe open in the parent, and the any child
processes wait for EOF on that pipe. This ensures that
children die when the parent dies */
-static int child_pipe[2];
+static int child_pipe[2] = { -1, -1 };
/*
called when the process model is selected
@@ -112,7 +112,10 @@ static void standard_accept_connection(struct tevent_context *ev,
tevent_add_fd(ev, ev, child_pipe[0], TEVENT_FD_READ,
standard_pipe_handler, NULL);
- close(child_pipe[1]);
+ if (child_pipe[1] != -1) {
+ close(child_pipe[1]);
+ child_pipe[1] = -1;
+ }
/* Ensure that the forked children do not expose identical random streams */
set_need_random_reseed();
@@ -170,7 +173,10 @@ static void standard_new_task(struct tevent_context *ev,
tevent_add_fd(ev, ev, child_pipe[0], TEVENT_FD_READ,
standard_pipe_handler, NULL);
- close(child_pipe[1]);
+ if (child_pipe[1] != -1) {
+ close(child_pipe[1]);
+ child_pipe[1] = -1;
+ }
/* Ensure that the forked children do not expose identical random streams */
set_need_random_reseed();
--
Samba Shared Repository
More information about the samba-cvs
mailing list