[SCM] Samba Shared Repository - branch master updated
Jeremy Allison
jra at samba.org
Sat Apr 22 07:17:03 UTC 2017
The branch, master has been updated
via 5d288a9 tdbtool: Add "storehex" command
via 4ceba0e secrets: Protect against a non-0-terminated ldap password
via 3661272 vfs_fruit: lp_case_sensitive() does not return a bool
from 52349a7 selftest: Do not enable inbound replication during replica_sync
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 5d288a9b1705b75e7e8dcf93a93b7fd6715ad5ef
Author: Volker Lendecke <vl at samba.org>
Date: Fri Apr 21 14:10:33 2017 +0200
tdbtool: Add "storehex" command
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Sat Apr 22 09:16:16 CEST 2017 on sn-devel-144
commit 4ceba0e18f7ba8f2b32ba24864095683f2168db0
Author: Volker Lendecke <vl at samba.org>
Date: Fri Apr 21 13:05:12 2017 +0200
secrets: Protect against a non-0-terminated ldap password
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>
commit 36612723b2b18675116b6197183bdfe5e1d9e06f
Author: Ralph Boehme <slow at samba.org>
Date: Wed Apr 19 13:12:55 2017 +0200
vfs_fruit: lp_case_sensitive() does not return a bool
lp_case_sensitive() returns an int, not a bool, so with the default
setting of "Auto" by default we set the AAPL flag
SMB2_CRTCTX_AAPL_CASE_SENSITIVE.
This caused the client to believe the volume is case sensitive where it
wasn't, leading to an error when trying to rename files changing only
the case of the name.
Also fix the existing torture test that verifies AAPL context
negotiation and actually expected the server to return "case sensitive",
while the Samba default is really "case insensitive".
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12749
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
-----------------------------------------------------------------------
Summary of changes:
lib/tdb/man/tdbtool.8.xml | 10 ++++++
lib/tdb/tools/tdbtool.c | 87 +++++++++++++++++++++++++++++++++++++++++++++
source3/modules/vfs_fruit.c | 20 +++++++++--
source3/passdb/secrets.c | 7 ++++
source4/torture/vfs/fruit.c | 4 +--
5 files changed, 123 insertions(+), 5 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/tdb/man/tdbtool.8.xml b/lib/tdb/man/tdbtool.8.xml
index 9a9b95e..045cbde 100644
--- a/lib/tdb/man/tdbtool.8.xml
+++ b/lib/tdb/man/tdbtool.8.xml
@@ -160,6 +160,16 @@
</varlistentry>
<varlistentry>
+ <term><option>storehex</option>
+ <replaceable>KEY</replaceable>
+ <replaceable>DATA</replaceable>
+ </term>
+ <listitem><para>Store (replace) a record in the
+ current database where key and data are in hex format.
+ </para></listitem>
+ </varlistentry>
+
+ <varlistentry>
<term><option>show</option>
<replaceable>KEY</replaceable>
</term>
diff --git a/lib/tdb/tools/tdbtool.c b/lib/tdb/tools/tdbtool.c
index beb3af1..e3535b9 100644
--- a/lib/tdb/tools/tdbtool.c
+++ b/lib/tdb/tools/tdbtool.c
@@ -48,6 +48,7 @@ enum commands {
CMD_DUMP,
CMD_INSERT,
CMD_MOVE,
+ CMD_STOREHEX,
CMD_STORE,
CMD_SHOW,
CMD_KEYS,
@@ -83,6 +84,7 @@ COMMAND_TABLE cmd_table[] = {
{"dump", CMD_DUMP},
{"insert", CMD_INSERT},
{"move", CMD_MOVE},
+ {"storehex", CMD_STOREHEX},
{"store", CMD_STORE},
{"show", CMD_SHOW},
{"keys", CMD_KEYS},
@@ -229,6 +231,7 @@ static void help(void)
" info : print summary info about the database\n"
" insert key data : insert a record\n"
" move key file : move a record to a destination tdb\n"
+" storehex key data : store a record (replace), key/value in hex format\n"
" store key data : store a record (replace)\n"
" show key : show a record by key\n"
" delete key : delete a record by key\n"
@@ -346,6 +349,86 @@ static void store_tdb(char *keyname, size_t keylen, char* data, size_t datalen)
}
}
+static bool hexchar(char c, uint8_t *v)
+{
+ if ((c >= '0') && (c <= '9')) {
+ *v = (c - '0');
+ return true;
+ }
+ if ((c >= 'A') && (c <= 'F')) {
+ *v = (c - 'A' + 10);
+ return true;
+ }
+ if ((c >= 'a') && (c <= 'f')) {
+ *v = (c - 'a' + 10);
+ return true;
+ }
+ return false;
+}
+
+static bool parse_hex(const char *src, size_t srclen, uint8_t *dst)
+{
+ size_t i=0;
+
+ if ((srclen % 2) != 0) {
+ return false;
+ }
+
+ while (i<srclen) {
+ bool ok;
+ uint8_t hi,lo;
+
+ ok = (hexchar(src[i++], &hi) && hexchar(src[i++], &lo));
+ if (!ok) {
+ return false;
+ }
+ *dst = (hi<<4)|lo;
+ dst += 1;
+ }
+
+ return true;
+}
+
+static void store_hex_tdb(char *keystr, size_t keylen,
+ char *datastr, size_t datalen)
+{
+ if ((keystr == NULL) || (keylen == 0)) {
+ terror("need key");
+ return;
+ }
+ if ((datastr == NULL) || (datalen == 0)) {
+ terror("need data");
+ return;
+ }
+
+ {
+ uint8_t keybuf[keylen/2];
+ TDB_DATA key = { .dptr = keybuf, .dsize = sizeof(keybuf) };
+ uint8_t databuf[datalen/2];
+ TDB_DATA data = { .dptr = databuf, .dsize = sizeof(databuf) };
+ bool ok;
+
+ ok = parse_hex(keystr, keylen, keybuf);
+ if (!ok) {
+ terror("need hex key");
+ return;
+ }
+ ok = parse_hex(datastr, datalen, databuf);
+ if (!ok) {
+ terror("need hex data");
+ return;
+ }
+
+ printf("storing key/data:\n");
+ print_data((char *)key.dptr, key.dsize);
+ print_data((char *)data.dptr, data.dsize);
+
+ if (tdb_store(tdb, key, data, TDB_REPLACE) != 0) {
+ terror("store failed");
+ }
+ }
+}
+
static void show_tdb(char *keyname, size_t keylen)
{
TDB_DATA key, dbuf;
@@ -693,6 +776,10 @@ static int do_command(void)
bIterate = 0;
store_tdb(arg1,arg1len,arg2,arg2len);
return 0;
+ case CMD_STOREHEX:
+ bIterate = 0;
+ store_hex_tdb(arg1,arg1len,arg2,arg2len);
+ return 0;
case CMD_SHOW:
bIterate = 0;
show_tdb(arg1, arg1len);
diff --git a/source3/modules/vfs_fruit.c b/source3/modules/vfs_fruit.c
index 1c1b7d7..11d2071 100644
--- a/source3/modules/vfs_fruit.c
+++ b/source3/modules/vfs_fruit.c
@@ -2201,9 +2201,23 @@ static NTSTATUS check_aapl(vfs_handle_struct *handle,
}
if (req_bitmap & SMB2_CRTCTX_AAPL_VOLUME_CAPS) {
- SBVAL(p, 0,
- lp_case_sensitive(SNUM(handle->conn->tcon->compat)) ?
- SMB2_CRTCTX_AAPL_CASE_SENSITIVE : 0);
+ int val = lp_case_sensitive(SNUM(handle->conn->tcon->compat));
+ uint64_t caps = 0;
+
+ switch (val) {
+ case Auto:
+ break;
+
+ case True:
+ caps |= SMB2_CRTCTX_AAPL_CASE_SENSITIVE;
+ break;
+
+ default:
+ break;
+ }
+
+ SBVAL(p, 0, caps);
+
ok = data_blob_append(req, &blob, p, 8);
if (!ok) {
return NT_STATUS_UNSUCCESSFUL;
diff --git a/source3/passdb/secrets.c b/source3/passdb/secrets.c
index 4372c63..0ddee99 100644
--- a/source3/passdb/secrets.c
+++ b/source3/passdb/secrets.c
@@ -316,6 +316,13 @@ bool fetch_ldap_pw(char **dn, char** pw)
*pw=(char *)secrets_fetch(key, &size);
SAFE_FREE(key);
+ if ((size != 0) && ((*pw)[size-1] != '\0')) {
+ DBG_ERR("Non 0-terminated password for dn %s\n", *dn);
+ SAFE_FREE(*pw);
+ SAFE_FREE(*dn);
+ return false;
+ }
+
if (!size) {
/* Upgrade 2.2 style entry */
char *p;
diff --git a/source4/torture/vfs/fruit.c b/source4/torture/vfs/fruit.c
index 5182c00..bb8f36e 100644
--- a/source4/torture/vfs/fruit.c
+++ b/source4/torture/vfs/fruit.c
@@ -2068,9 +2068,9 @@ static bool test_aapl(struct torture_context *tctx,
}
aapl_vol_caps = BVAL(aapl->data.data, 24);
- if (aapl_vol_caps != SMB2_CRTCTX_AAPL_CASE_SENSITIVE) {
+ if (aapl_vol_caps != 0) {
/* this will fail on a case insensitive fs ... */
- torture_warning(tctx,
+ torture_result(tctx, TORTURE_FAIL,
"(%s) unexpected vol_caps: %d",
__location__, (int)aapl_vol_caps);
}
--
Samba Shared Repository
More information about the samba-cvs
mailing list