[SCM] Samba Shared Repository - branch v4-2-test updated
Karolin Seeger
kseeger at samba.org
Wed Apr 8 18:07:10 MDT 2015
The branch, v4-2-test has been updated
via be7b660 s3-passdb: Fix 'force user' with winbind default domain
via 57f54da s4-process_model: Do not close random fds while forking.
via fad13d7 s3: libsmbclient: Add missing talloc stackframe.
via 100cd28 lib: tdb: Use sigaction when testing for robust mutexes.
via 6cab690 s4:auth/gensec_gssapi: let gensec_gssapi_update() return NT_STATUS_LOGON_FAILURE for unknown errors
via f4525a5 s3: client - "client use spnego principal = yes" code checks wrong name.
via faaf9af docs: Mark 'client use spnego principal' as deprecated and also a bad idea.
via c286a17 vfs_fruit: enhance handling of malformed AppleDouble files
via f93f74c s3:winbind:grent: don't stop group enumeration when a group has no gid
via 903dfd6 backupkey: Use ndr_pull_struct_blob_all()
via 1dca6ee Ensure we always initialise the winbind context
from 84782d4 replace: Remove superfluous check for gcrypt header.
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-2-test
- Log -----------------------------------------------------------------
commit be7b660be30510ebaeb4dbb590ea9e33e4f985e5
Author: Andreas Schneider <asn at samba.org>
Date: Tue Mar 31 18:15:51 2015 +0200
s3-passdb: Fix 'force user' with winbind default domain
If we set 'winbind use default domain' and specify 'force user = user'
without a domain name we fail to log in. In this case we need to try a
lookup with the domain name.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11185
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit cd4442c7ac93e165862c9195a7c345472646aa59)
Autobuild-User(v4-2-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-2-test): Thu Apr 9 02:06:13 CEST 2015 on sn-devel-104
commit 57f54da9ed0d2fd3b2d0e1866e00d256cd739b3c
Author: Andreas Schneider <asn at samba.org>
Date: Thu Mar 26 10:48:31 2015 +0100
s4-process_model: Do not close random fds while forking.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11180
The issue has been found with nss_wrapper debug output running:
samba4.ntvfs.cifs.krb5.base.lock
In the case here, we fork a child and close the fd without resetting
the pipe fd variable. Then the fd was used to open the nss_wrapper
hosts file which got the same fd. We forked again in the process model
called close() on the re-used fd (of the pipe variable) again without
nss_wrapper noticing. Now Samba opened the secrets tdb and got
the same fd as nss_wrapper was using for the hosts file and next
nss_wrapper tried to parse a TDB ...
Pair-Programmed-With: Michael Adam <obnox at samba.org>
Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Michael Adam <obnox at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit f75182841d4a7d63bd070022270926e324631fa9)
commit fad13d73dabcf85c0a5bbdb8468d19341002f273
Author: Jeremy Allison <jra at samba.org>
Date: Thu Mar 26 10:09:46 2015 -0700
s3: libsmbclient: Add missing talloc stackframe.
Bug 11177 - no talloc stackframe at ../source3/libsmb/clifsinfo.c:444, leaking memory
https://bugzilla.samba.org/show_bug.cgi?id=11177
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Michael Adam <obnox at samba.org>
Autobuild-User(master): Michael Adam <obnox at samba.org>
Autobuild-Date(master): Thu Mar 26 22:21:30 CET 2015 on sn-devel-104
(cherry picked from commit 32cbbed979b931eeb5127629248a94d7e6f3fcfb)
commit 100cd28d1fca47dceb0f05d9b825835a2f7ecf34
Author: Jeremy Allison <jra at samba.org>
Date: Fri Mar 20 10:59:08 2015 -0700
lib: tdb: Use sigaction when testing for robust mutexes.
Working fix that copes with oldact.sa_handler == NULL
if no handler initially set.
Fixes bug #11175 - Lots of winbindd zombie processes on Solaris platform.
https://bugzilla.samba.org/show_bug.cgi?id=11175
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Michael Adam <obnox at samba.org>
Autobuild-User(master): Michael Adam <obnox at samba.org>
Autobuild-Date(master): Thu Mar 26 04:29:42 CET 2015 on sn-devel-104
commit 6cab6903b16b4cd9f7145d5a75021ac7d33f3be9
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Mar 13 14:39:10 2015 +0100
s4:auth/gensec_gssapi: let gensec_gssapi_update() return NT_STATUS_LOGON_FAILURE for unknown errors
The 'nt_status' variable is set to NT_STATUS_OK before.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11164
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 09b3e42e70b35bfa1985e70780a67085644b9914)
commit f4525a554fe686bed9cf856b47528936bd66a3c2
Author: Jeremy Allison <jra at samba.org>
Date: Thu Mar 19 13:10:33 2015 -0700
s3: client - "client use spnego principal = yes" code checks wrong name.
Bug 10888 - smbclient doesn't ignore "not_defined_in_RFC4178 at please_ignore"
https://bugzilla.samba.org/show_bug.cgi?id=10888
Code patch from <martin.wilck at ts.fujitsu.com>
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Stefan (metze) Metzmacher <metze at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Mar 26 00:56:25 CET 2015 on sn-devel-104
(cherry picked from commit e8932b92016fc7ece3169635fbe3d98cb0caa36b)
commit faaf9af2fcf163245befada84e1fc23572c8d6ed
Author: Jeremy Allison <jra at samba.org>
Date: Thu Mar 19 13:09:21 2015 -0700
docs: Mark 'client use spnego principal' as deprecated and also a bad idea.
Bug 10888 - smbclient doesn't ignore "not_defined_in_RFC4178 at please_ignore"
https://bugzilla.samba.org/show_bug.cgi?id=10888
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Stefan (metze) Metzmacher <metze at samba.org>
(cherry picked from commit c9299bd6a4e86dbec10ab7741056f331a18c44a0)
commit c286a17aaa49421a2b3e5edd667c3d1eeaaee80f
Author: Ralph Boehme <slow at samba.org>
Date: Mon Mar 2 18:15:06 2015 +0100
vfs_fruit: enhance handling of malformed AppleDouble files
Trying for fixup a broken AppleDouble file with a resourcefork entry
offset + length > filesystem resulted in a crashing memmove() in
ad_convert().
Add a specific safety check that stats the ._ file and limits the
resource fork length to the filesize.
While we're at it, now that we know the filesize in ad_unpack(), add
additional checks that verify this.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11125
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Thu Mar 26 12:39:01 CET 2015 on sn-devel-104
(cherry picked from commit 4cc51f905cb5cd80d2e289a124c0fe1630d945b5)
commit f93f74c878b530cce78710272d2fb3ecd5c365d5
Author: Michael Adam <obnox at samba.org>
Date: Mon Jan 19 13:51:55 2015 +0100
s3:winbind:grent: don't stop group enumeration when a group has no gid
simply continue with the next group
Note: this patch introduces some code duplication to make it
easier to create minimal backport patch. Subsequent patches
will provide some refactoring to reduce the duplication.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=8905
Signed-off-by: Michael Adam <obnox at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
(cherry picked from commit 24015224da1f363019d9d2da81ce533463a16abb)
commit 903dfd6c804bd37bba3cc480f8d6364fdc9358ed
Author: Andrew Bartlett <abartlet at samba.org>
Date: Fri Mar 20 14:32:00 2015 +1300
backupkey: Use ndr_pull_struct_blob_all()
This avoids bad decrypts from falling down to later code and getting
the error code wrong, by strictly requiring the NDR parse to use all the
data. A bad decyrpt is very unlikely to get the length correct, and
so fall down to the other checks.
This should fix:
UNEXPECTED(failure): samba4.rpc.backupkey with seal.backupkey.server_wrap_decrypt_wrong_r2(ad_dc_ntvfs)
REASON: Exception: Exception: ../source4/torture/rpc/backupkey.c:1926: r.out.result was WERR_INVALID_ACCESS, expected WERR_INVALID_PARAM: decrypt should fail with WERR_INVALID_PARAM
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11174
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan (metze) Metzmacher <metze at samba.org>
(cherry picked from commit e617e3e74b7ea13bcf3ce385f3926e50e38dbe44)
commit 1dca6ee61be33617351315b6865ea23e7c238e77
Author: Matthew Newton <matthew-git at newtoncomputing.co.uk>
Date: Tue Mar 17 00:56:12 2015 +0000
Ensure we always initialise the winbind context
Stops segfault when a context is passed. Internal Samba code will
currently always call this with NULL so won't trigger the bug.
Signed-off-by: Matthew Newton <matthew-git at newtoncomputing.co.uk>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11149
libwbclient uses global variables and is not thread safe
-----------------------------------------------------------------------
Summary of changes:
.../security/clientusepsnegoprincipal.xml | 7 ++
lib/param/param_table.c | 2 +-
lib/tdb/common/mutex.c | 35 ++++++++--
nsswitch/wb_common.c | 2 +-
source3/libsmb/cliconnect.c | 2 +-
source3/libsmb/libsmb_stat.c | 8 +++
source3/modules/vfs_fruit.c | 79 ++++++++++++++++++++--
source3/passdb/lookup_sid.c | 24 +++++++
source3/winbindd/wb_next_grent.c | 51 +++++++++++++-
source4/auth/gensec/gensec_gssapi.c | 4 +-
source4/rpc_server/backupkey/dcesrv_backupkey.c | 8 +--
source4/smbd/process_standard.c | 12 +++-
12 files changed, 211 insertions(+), 23 deletions(-)
Changeset truncated at 500 lines:
diff --git a/docs-xml/smbdotconf/security/clientusepsnegoprincipal.xml b/docs-xml/smbdotconf/security/clientusepsnegoprincipal.xml
index 6ec1eb1..792a738 100644
--- a/docs-xml/smbdotconf/security/clientusepsnegoprincipal.xml
+++ b/docs-xml/smbdotconf/security/clientusepsnegoprincipal.xml
@@ -14,6 +14,10 @@
servers known only by IP address. Kerberos relies on names, so
ordinarily cannot function in this situation. </para>
+ <para>This is a VERY BAD IDEA for security reasons, and so this
+ parameter SHOULD NOT BE USED. It will be removed in a future
+ version of Samba.</para>
+
<para>If disabled, Samba will use the name used to look up the
server when asking the KDC for a ticket. This avoids situations
where a server may impersonate another, soliciting authentication
@@ -23,6 +27,9 @@
<para>Note that Windows XP SP2 and later versions already follow
this behaviour, and Windows Vista and later servers no longer
supply this 'rfc4178 hint' principal on the server side.</para>
+
+ <para>This parameter is deprecated in Samba 4.2.1 and will be removed
+ (along with the functionality) in a later release of Samba.</para>
</description>
<value type="default">no</value>
</samba:parameter>
diff --git a/lib/param/param_table.c b/lib/param/param_table.c
index c57f783..1b9656b 100644
--- a/lib/param/param_table.c
+++ b/lib/param/param_table.c
@@ -760,7 +760,7 @@ struct parm_struct parm_table[] = {
.offset = GLOBAL_VAR(client_use_spnego_principal),
.special = NULL,
.enum_list = NULL,
- .flags = FLAG_ADVANCED,
+ .flags = FLAG_ADVANCED | FLAG_DEPRECATED,
},
{
.label = "username",
diff --git a/lib/tdb/common/mutex.c b/lib/tdb/common/mutex.c
index 12f89d3..fae43d4 100644
--- a/lib/tdb/common/mutex.c
+++ b/lib/tdb/common/mutex.c
@@ -713,6 +713,31 @@ cleanup_ma:
static void (*tdb_robust_mutext_old_handler)(int) = SIG_ERR;
static pid_t tdb_robust_mutex_pid = -1;
+static bool tdb_robust_mutex_setup_sigchild(void (*handler)(int),
+ void (**p_old_handler)(int))
+{
+#ifdef HAVE_SIGACTION
+ struct sigaction act;
+ struct sigaction oldact;
+
+ memset(&act, '\0', sizeof(act));
+
+ act.sa_handler = handler;
+#ifdef SA_RESTART
+ act.sa_flags = SA_RESTART;
+#endif
+ sigemptyset(&act.sa_mask);
+ sigaddset(&act.sa_mask, SIGCHLD);
+ sigaction(SIGCHLD, &act, &oldact);
+ if (p_old_handler) {
+ *p_old_handler = oldact.sa_handler;
+ }
+ return true;
+#else /* !HAVE_SIGACTION */
+ return false;
+#endif
+}
+
static void tdb_robust_mutex_handler(int sig)
{
if (tdb_robust_mutex_pid != -1) {
@@ -803,8 +828,10 @@ _PUBLIC_ bool tdb_runtime_check_for_robust_mutexes(void)
goto cleanup_ma;
}
- tdb_robust_mutext_old_handler = signal(SIGCHLD,
- tdb_robust_mutex_handler);
+ if (tdb_robust_mutex_setup_sigchild(tdb_robust_mutex_handler,
+ &tdb_robust_mutext_old_handler) == false) {
+ goto cleanup_ma;
+ }
tdb_robust_mutex_pid = fork();
if (tdb_robust_mutex_pid == 0) {
@@ -869,7 +896,7 @@ _PUBLIC_ bool tdb_runtime_check_for_robust_mutexes(void)
goto cleanup_child;
}
}
- signal(SIGCHLD, tdb_robust_mutext_old_handler);
+ tdb_robust_mutex_setup_sigchild(tdb_robust_mutext_old_handler, NULL);
ret = pthread_mutex_trylock(m);
if (ret != EOWNERDEAD) {
@@ -915,7 +942,7 @@ cleanup_child:
}
}
cleanup_sig_child:
- signal(SIGCHLD, tdb_robust_mutext_old_handler);
+ tdb_robust_mutex_setup_sigchild(tdb_robust_mutext_old_handler, NULL);
cleanup_m:
pthread_mutex_destroy(m);
cleanup_ma:
diff --git a/nsswitch/wb_common.c b/nsswitch/wb_common.c
index 1bccfda..95569b2 100644
--- a/nsswitch/wb_common.c
+++ b/nsswitch/wb_common.c
@@ -745,7 +745,7 @@ NSS_STATUS winbindd_priv_request_response(struct winbindd_context *ctx,
{
NSS_STATUS status = NSS_STATUS_UNAVAIL;
int count = 0;
- struct winbindd_context *wb_ctx;
+ struct winbindd_context *wb_ctx = ctx;
if (ctx == NULL) {
wb_ctx = &wb_global_ctx;
diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c
index 7292805..46d3da3 100644
--- a/source3/libsmb/cliconnect.c
+++ b/source3/libsmb/cliconnect.c
@@ -1664,7 +1664,7 @@ static char *cli_session_setup_get_principal(
char *principal = NULL;
if (!lp_client_use_spnego_principal() ||
- strequal(principal, ADS_IGNORE_PRINCIPAL)) {
+ strequal(spnego_principal, ADS_IGNORE_PRINCIPAL)) {
spnego_principal = NULL;
}
if (spnego_principal != NULL) {
diff --git a/source3/libsmb/libsmb_stat.c b/source3/libsmb/libsmb_stat.c
index 94449e0..3c895ce 100644
--- a/source3/libsmb/libsmb_stat.c
+++ b/source3/libsmb/libsmb_stat.c
@@ -312,9 +312,11 @@ SMBC_statvfs_ctx(SMBCCTX *context,
bool bIsDir;
struct stat statbuf;
SMBCFILE * pFile;
+ TALLOC_CTX *frame = talloc_stackframe();
/* Determine if the provided path is a file or a folder */
if (SMBC_stat_ctx(context, path, &statbuf) < 0) {
+ TALLOC_FREE(frame);
return -1;
}
@@ -322,6 +324,7 @@ SMBC_statvfs_ctx(SMBCCTX *context,
if (S_ISDIR(statbuf.st_mode)) {
/* It's a directory. */
if ((pFile = SMBC_opendir_ctx(context, path)) == NULL) {
+ TALLOC_FREE(frame);
return -1;
}
bIsDir = true;
@@ -329,11 +332,13 @@ SMBC_statvfs_ctx(SMBCCTX *context,
/* It's a file. */
if ((pFile = SMBC_open_ctx(context, path,
O_RDONLY, 0)) == NULL) {
+ TALLOC_FREE(frame);
return -1;
}
bIsDir = false;
} else {
/* It's neither a file nor a directory. Not supported. */
+ TALLOC_FREE(frame);
errno = ENOSYS;
return -1;
}
@@ -348,6 +353,7 @@ SMBC_statvfs_ctx(SMBCCTX *context,
SMBC_close_ctx(context, pFile);
}
+ TALLOC_FREE(frame);
return ret;
}
@@ -365,6 +371,7 @@ SMBC_fstatvfs_ctx(SMBCCTX *context,
uint32 fs_attrs = 0;
struct cli_state *cli = file->srv->cli;
struct smbXcli_tcon *tcon;
+ TALLOC_CTX *frame = talloc_stackframe();
if (smbXcli_conn_protocol(cli->conn) >= PROTOCOL_SMB2_02) {
tcon = cli->smb2.tcon;
@@ -488,5 +495,6 @@ SMBC_fstatvfs_ctx(SMBCCTX *context,
st->f_flags = flags;
#endif
+ TALLOC_FREE(frame);
return 0;
}
diff --git a/source3/modules/vfs_fruit.c b/source3/modules/vfs_fruit.c
index 3588d56..80e532a 100644
--- a/source3/modules/vfs_fruit.c
+++ b/source3/modules/vfs_fruit.c
@@ -568,7 +568,7 @@ static bool ad_pack(struct adouble *ad)
/**
* Unpack an AppleDouble blob into a struct adoble
**/
-static bool ad_unpack(struct adouble *ad, const int nentries)
+static bool ad_unpack(struct adouble *ad, const int nentries, size_t filesize)
{
size_t bufsize = talloc_get_size(ad->ad_data);
int adentries, i;
@@ -611,11 +611,26 @@ static bool ad_unpack(struct adouble *ad, const int nentries)
return false;
}
+ /*
+ * All entries other than the resource fork are
+ * expected to be read into the ad_data buffer, so
+ * ensure the specified offset is within that bound
+ */
if ((off > bufsize) && (eid != ADEID_RFORK)) {
DEBUG(1, ("bogus eid %d: off: %" PRIu32 ", len: %" PRIu32 "\n",
eid, off, len));
return false;
}
+
+ /*
+ * All entries besides FinderInfo and resource fork
+ * must fit into the buffer. FinderInfo is special as
+ * it may be larger then the default 32 bytes (if it
+ * contains marshalled xattrs), but we will fixup that
+ * in ad_convert(). And the resource fork is never
+ * accessed directly by the ad_data buf (also see
+ * comment above) anyway.
+ */
if ((eid != ADEID_RFORK) &&
(eid != ADEID_FINDERI) &&
((off + len) > bufsize)) {
@@ -624,6 +639,48 @@ static bool ad_unpack(struct adouble *ad, const int nentries)
return false;
}
+ /*
+ * That would be obviously broken
+ */
+ if (off > filesize) {
+ DEBUG(1, ("bogus eid %d: off: %" PRIu32 ", len: %" PRIu32 "\n",
+ eid, off, len));
+ return false;
+ }
+
+ /*
+ * Check for any entry that has its end beyond the
+ * filesize.
+ */
+ if (off + len < off) {
+ DEBUG(1, ("offset wrap in eid %d: off: %" PRIu32
+ ", len: %" PRIu32 "\n",
+ eid, off, len));
+ return false;
+
+ }
+ if (off + len > filesize) {
+ /*
+ * If this is the resource fork entry, we fix
+ * up the length, for any other entry we bail
+ * out.
+ */
+ if (eid != ADEID_RFORK) {
+ DEBUG(1, ("bogus eid %d: off: %" PRIu32
+ ", len: %" PRIu32 "\n",
+ eid, off, len));
+ return false;
+ }
+
+ /*
+ * Fixup the resource fork entry by limiting
+ * the size to entryoffset - filesize.
+ */
+ len = filesize - off;
+ DEBUG(1, ("Limiting ADEID_RFORK: off: %" PRIu32
+ ", len: %" PRIu32 "\n", off, len));
+ }
+
ad->ad_eid[eid].ade_off = off;
ad->ad_eid[eid].ade_len = len;
}
@@ -658,9 +715,11 @@ static int ad_convert(struct adouble *ad, int fd)
goto exit;
}
- memmove(map + ad_getentryoff(ad, ADEID_FINDERI) + ADEDLEN_FINDERI,
- map + ad_getentryoff(ad, ADEID_RFORK),
- ad_getentrylen(ad, ADEID_RFORK));
+ if (ad_getentrylen(ad, ADEID_RFORK) > 0) {
+ memmove(map + ad_getentryoff(ad, ADEID_FINDERI) + ADEDLEN_FINDERI,
+ map + ad_getentryoff(ad, ADEID_RFORK),
+ ad_getentrylen(ad, ADEID_RFORK));
+ }
ad_setentrylen(ad, ADEID_FINDERI, ADEDLEN_FINDERI);
ad_setentryoff(ad, ADEID_RFORK,
@@ -718,7 +777,7 @@ static ssize_t ad_header_read_meta(struct adouble *ad, const char *path)
}
/* Now parse entries */
- ok = ad_unpack(ad, ADEID_NUM_XATTR);
+ ok = ad_unpack(ad, ADEID_NUM_XATTR, AD_DATASZ_XATTR);
if (!ok) {
DEBUG(2, ("invalid AppleDouble metadata xattr\n"));
errno = EINVAL;
@@ -845,8 +904,16 @@ static ssize_t ad_header_read_rsrc(struct adouble *ad, const char *path)
goto exit;
}
+ /* FIXME: direct sys_fstat(), we don't have an fsp */
+ rc = sys_fstat(fd, &sbuf,
+ lp_fake_directory_create_times(
+ SNUM(ad->ad_handle->conn)));
+ if (rc != 0) {
+ goto exit;
+ }
+
/* Now parse entries */
- ok = ad_unpack(ad, ADEID_NUM_DOT_UND);
+ ok = ad_unpack(ad, ADEID_NUM_DOT_UND, sbuf.st_ex_size);
if (!ok) {
DEBUG(1, ("invalid AppleDouble ressource %s\n", path));
errno = EINVAL;
diff --git a/source3/passdb/lookup_sid.c b/source3/passdb/lookup_sid.c
index 494a840..fe07bea 100644
--- a/source3/passdb/lookup_sid.c
+++ b/source3/passdb/lookup_sid.c
@@ -395,6 +395,30 @@ bool lookup_name_smbconf(TALLOC_CTX *mem_ctx,
ret_sid, ret_type);
}
+ /* Try with winbind default domain name. */
+ if (lp_winbind_use_default_domain()) {
+ bool ok;
+
+ qualified_name = talloc_asprintf(mem_ctx,
+ "%s\\%s",
+ lp_workgroup(),
+ full_name);
+ if (qualified_name == NULL) {
+ return false;
+ }
+
+ ok = lookup_name(mem_ctx,
+ qualified_name,
+ flags,
+ ret_domain,
+ ret_name,
+ ret_sid,
+ ret_type);
+ if (ok) {
+ return true;
+ }
+ }
+
/* Try with our own SAM name. */
qualified_name = talloc_asprintf(mem_ctx, "%s\\%s",
get_global_sam_name(),
diff --git a/source3/winbindd/wb_next_grent.c b/source3/winbindd/wb_next_grent.c
index aea134b..58e161d 100644
--- a/source3/winbindd/wb_next_grent.c
+++ b/source3/winbindd/wb_next_grent.c
@@ -168,9 +168,58 @@ static void wb_next_grent_getgrsid_done(struct tevent_req *subreq)
status = wb_getgrsid_recv(subreq, talloc_tos(), &domname, &name,
&state->gr->gr_gid, &state->members);
TALLOC_FREE(subreq);
- if (tevent_req_nterror(req, status)) {
+
+ if (NT_STATUS_EQUAL(status, NT_STATUS_NONE_MAPPED)) {
+ state->gstate->next_group += 1;
+
+ if (state->gstate->next_group >= state->gstate->num_groups) {
+ TALLOC_FREE(state->gstate->groups);
+
+ if (state->gstate->domain == NULL) {
+ state->gstate->domain = domain_list();
+ } else {
+ state->gstate->domain = state->gstate->domain->next;
+ }
+
+ if ((state->gstate->domain != NULL) &&
+ sid_check_is_our_sam(&state->gstate->domain->sid))
+ {
+ state->gstate->domain = state->gstate->domain->next;
+ }
+
+ if (state->gstate->domain == NULL) {
+ tevent_req_nterror(req,
+ NT_STATUS_NO_MORE_ENTRIES);
+ return;
+ }
+
+ subreq = dcerpc_wbint_QueryGroupList_send(
+ state, state->ev,
+ dom_child_handle(state->gstate->domain),
+ &state->next_groups);
+ if (tevent_req_nomem(subreq, req)) {
+ return;
+ }
+
+ tevent_req_set_callback(subreq,
+ wb_next_grent_fetch_done, req);
+ return;
+ }
+
+ subreq = wb_getgrsid_send(
+ state, state->ev,
+ &state->gstate->groups[state->gstate->next_group].sid,
+ state->max_nesting);
+ if (tevent_req_nomem(subreq, req)) {
+ return;
+ }
+ tevent_req_set_callback(subreq, wb_next_grent_getgrsid_done,
+ req);
+ return;
+ } else if (tevent_req_nterror(req, status)) {
return;
}
+
if (!fill_grent(talloc_tos(), state->gr, domname, name,
state->gr->gr_gid)) {
DEBUG(5, ("fill_grent failed\n"));
diff --git a/source4/auth/gensec/gensec_gssapi.c b/source4/auth/gensec/gensec_gssapi.c
index 2bc6422..514d423 100644
--- a/source4/auth/gensec/gensec_gssapi.c
+++ b/source4/auth/gensec/gensec_gssapi.c
@@ -648,14 +648,14 @@ static NTSTATUS gensec_gssapi_update(struct gensec_security *gensec_security,
gensec_security->gensec_role == GENSEC_CLIENT ? "client" : "server",
gensec_gssapi_state->gss_exchange_count,
gssapi_error_string(out_mem_ctx, maj_stat, min_stat, gensec_gssapi_state->gss_oid)));
- return nt_status;
+ return NT_STATUS_LOGON_FAILURE;
}
} else {
DEBUG(1, ("GSS %s Update(%d) failed: %s\n",
gensec_security->gensec_role == GENSEC_CLIENT ? "client" : "server",
gensec_gssapi_state->gss_exchange_count,
gssapi_error_string(out_mem_ctx, maj_stat, min_stat, gensec_gssapi_state->gss_oid)));
- return nt_status;
+ return NT_STATUS_LOGON_FAILURE;
}
break;
}
diff --git a/source4/rpc_server/backupkey/dcesrv_backupkey.c b/source4/rpc_server/backupkey/dcesrv_backupkey.c
index 5270360..9dea3d6 100644
--- a/source4/rpc_server/backupkey/dcesrv_backupkey.c
+++ b/source4/rpc_server/backupkey/dcesrv_backupkey.c
@@ -1492,8 +1492,8 @@ static WERROR bkrp_server_wrap_decrypt_data(struct dcesrv_call_state *dce_call,
return WERR_INVALID_PARAM;
}
- ndr_err = ndr_pull_struct_blob(&blob, mem_ctx, &decrypt_request,
- (ndr_pull_flags_fn_t)ndr_pull_bkrp_server_side_wrapped);
+ ndr_err = ndr_pull_struct_blob_all(&blob, mem_ctx, &decrypt_request,
+ (ndr_pull_flags_fn_t)ndr_pull_bkrp_server_side_wrapped);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
return WERR_INVALID_PARAM;
}
@@ -1530,8 +1530,8 @@ static WERROR bkrp_server_wrap_decrypt_data(struct dcesrv_call_state *dce_call,
arcfour_crypt_blob(encrypted_blob.data, encrypted_blob.length, &symkey_blob);
- ndr_err = ndr_pull_struct_blob(&encrypted_blob, mem_ctx, &rc4payload,
- (ndr_pull_flags_fn_t)ndr_pull_bkrp_rc4encryptedpayload);
+ ndr_err = ndr_pull_struct_blob_all(&encrypted_blob, mem_ctx, &rc4payload,
+ (ndr_pull_flags_fn_t)ndr_pull_bkrp_rc4encryptedpayload);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
return WERR_INVALID_PARAM;
}
diff --git a/source4/smbd/process_standard.c b/source4/smbd/process_standard.c
index c5377b3..cbc63b6 100644
--- a/source4/smbd/process_standard.c
+++ b/source4/smbd/process_standard.c
@@ -34,7 +34,7 @@ NTSTATUS process_model_standard_init(void);
/* we hold a pipe open in the parent, and the any child
processes wait for EOF on that pipe. This ensures that
children die when the parent dies */
-static int child_pipe[2];
+static int child_pipe[2] = { -1, -1 };
/*
called when the process model is selected
@@ -112,7 +112,10 @@ static void standard_accept_connection(struct tevent_context *ev,
tevent_add_fd(ev, ev, child_pipe[0], TEVENT_FD_READ,
standard_pipe_handler, NULL);
- close(child_pipe[1]);
+ if (child_pipe[1] != -1) {
+ close(child_pipe[1]);
+ child_pipe[1] = -1;
+ }
/* Ensure that the forked children do not expose identical random streams */
set_need_random_reseed();
@@ -170,7 +173,10 @@ static void standard_new_task(struct tevent_context *ev,
tevent_add_fd(ev, ev, child_pipe[0], TEVENT_FD_READ,
standard_pipe_handler, NULL);
- close(child_pipe[1]);
+ if (child_pipe[1] != -1) {
--
Samba Shared Repository
More information about the samba-cvs
mailing list