[SCM] Samba Shared Repository - branch master updated
Jeremy Allison
jra at samba.org
Tue Jun 6 20:41:03 UTC 2017
The branch, master has been updated
via df3844f s3/utils: Add warning to testparm for "client ipc signing" param values
via 61f827b unittest: Add testsuite for smb_probe_module()
via eaf8e3a lib:util: Make loading of modules more secure
via 91ef234 lib:util: Make probing of modules more secure
via da9de19 lib:util: Rename smb_load_modules()
via 700914b lib:util: Add new function to load modules from absolute path
via 90b69ba unittest: Add testsuite for is_known_pipename()
via 0aadb50 wafsamba: Pass down the install argument for samba modules
via 74b3dd4 lib: Fix illegal use of 0-length arrays
from 7b50ddd wscript: Fix some typos
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit df3844f4df14ea2143ba1856710c00b5ab856c44
Author: Noel Power <noel.power at suse.com>
Date: Fri Jun 2 15:50:48 2017 +0100
s3/utils: Add warning to testparm for "client ipc signing" param values
We should warn about security sensitive settings where we can,
client ipc signing has 2 values that can allow connections to proceed
without SMB signing. This may be unavoidable (e.g. connecting to legacy
systems) but nevertheless it is worthwhile to warn.
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Jun 6 22:40:12 CEST 2017 on sn-devel-144
commit 61f827bcdde494d3b4a094d6816ff7556f0ff608
Author: Andreas Schneider <asn at samba.org>
Date: Fri May 12 14:13:42 2017 +0200
unittest: Add testsuite for smb_probe_module()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12780
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit eaf8e3a88889bed2bcd0932c9642bb7a5a26abe4
Author: Andreas Schneider <asn at samba.org>
Date: Mon May 15 11:08:19 2017 +0200
lib:util: Make loading of modules more secure
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12780
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 91ef234a0ad0edfdefeb38cf0ad1de3b3e548f1e
Author: Andreas Schneider <asn at samba.org>
Date: Mon May 15 11:05:59 2017 +0200
lib:util: Make probing of modules more secure
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12780
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit da9de19cf9a0b543eec9003f10624fa2ba5becd3
Author: Andreas Schneider <asn at samba.org>
Date: Mon May 15 10:49:07 2017 +0200
lib:util: Rename smb_load_modules()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12780
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 700914b45d9cfb8d14cc81fa4fdde0b59bbba798
Author: Andreas Schneider <asn at samba.org>
Date: Mon May 15 09:06:51 2017 +0200
lib:util: Add new function to load modules from absolute path
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12780
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 90b69ba95d5ea53f5aadf3e3c271e8c4d50d21b5
Author: Andreas Schneider <asn at samba.org>
Date: Thu May 11 11:29:25 2017 +0200
unittest: Add testsuite for is_known_pipename()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12780
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 0aadb5068f7565c0c05837c577003c5f9d6667a3
Author: Andreas Schneider <asn at samba.org>
Date: Thu May 11 11:29:50 2017 +0200
wafsamba: Pass down the install argument for samba modules
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 74b3dd4630ff57fb3b7a6ffa49d1fba678169fbb
Author: Volker Lendecke <vl at samba.org>
Date: Mon May 29 21:13:16 2017 +0200
lib: Fix illegal use of 0-length arrays
Found and confirmed to work by albert chin (china at thewrittenword.com)
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
-----------------------------------------------------------------------
Summary of changes:
buildtools/wafsamba/wafsamba.py | 6 +-
lib/util/modules.c | 179 ++++++++++++++++++++--------
lib/util/msghdr.c | 10 +-
lib/util/samba_modules.h | 3 +-
selftest/tests.py | 4 +
source3/smbd/perfcount.c | 2 +-
source3/smbd/process.c | 2 +-
source3/utils/testparm.c | 12 ++
testsuite/unittests/rpc_test_dummy_module.c | 20 ++++
testsuite/unittests/test_lib_util_modules.c | 76 ++++++++++++
testsuite/unittests/test_sambafs_srv_pipe.c | 76 ++++++++++++
testsuite/unittests/wscript | 25 ++++
12 files changed, 361 insertions(+), 54 deletions(-)
create mode 100644 testsuite/unittests/rpc_test_dummy_module.c
create mode 100644 testsuite/unittests/test_lib_util_modules.c
create mode 100644 testsuite/unittests/test_sambafs_srv_pipe.c
Changeset truncated at 500 lines:
diff --git a/buildtools/wafsamba/wafsamba.py b/buildtools/wafsamba/wafsamba.py
index 137cb0e..1bdabf6 100644
--- a/buildtools/wafsamba/wafsamba.py
+++ b/buildtools/wafsamba/wafsamba.py
@@ -465,7 +465,8 @@ def SAMBA_MODULE(bld, modname, source,
pyembed=False,
manpages=None,
allow_undefined_symbols=False,
- allow_warnings=False
+ allow_warnings=False,
+ install=True
):
'''define a Samba module.'''
@@ -535,7 +536,8 @@ def SAMBA_MODULE(bld, modname, source,
pyembed=pyembed,
manpages=manpages,
allow_undefined_symbols=allow_undefined_symbols,
- allow_warnings=allow_warnings
+ allow_warnings=allow_warnings,
+ install=install
)
diff --git a/lib/util/modules.c b/lib/util/modules.c
index c3c05f2..cf52594 100644
--- a/lib/util/modules.c
+++ b/lib/util/modules.c
@@ -147,73 +147,53 @@ init_module_fn *load_samba_modules(TALLOC_CTX *mem_ctx, const char *subsystem)
return ret;
}
-
-/* Load a dynamic module. Only log a level 0 error if we are not checking
- for the existence of a module (probling). */
-
-static NTSTATUS do_smb_load_module(const char *subsystem,
- const char *module_name, bool is_probe)
+static NTSTATUS load_module_absolute_path(const char *module_path,
+ bool is_probe)
{
void *handle;
init_module_fn init;
NTSTATUS status;
- char *full_path = NULL;
- TALLOC_CTX *ctx = talloc_stackframe();
-
- if (module_name == NULL) {
- TALLOC_FREE(ctx);
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- /* Check for absolute path */
-
- DEBUG(5, ("%s module '%s'\n", is_probe ? "Probing" : "Loading", module_name));
-
- if (subsystem && module_name[0] != '/') {
- full_path = talloc_asprintf(ctx,
- "%s/%s.%s",
- modules_path(ctx, subsystem),
- module_name,
- shlib_ext());
- if (!full_path) {
- TALLOC_FREE(ctx);
- return NT_STATUS_NO_MEMORY;
- }
-
- DEBUG(5, ("%s module '%s': Trying to load from %s\n",
- is_probe ? "Probing": "Loading", module_name, full_path));
- init = load_module(full_path, is_probe, &handle);
- } else {
- init = load_module(module_name, is_probe, &handle);
- }
+ DBG_INFO("%s module '%s'\n",
+ is_probe ? "Probing" : "Loading",
+ module_path);
- if (!init) {
- TALLOC_FREE(ctx);
+ init = load_module(module_path, is_probe, &handle);
+ if (init == NULL) {
return NT_STATUS_UNSUCCESSFUL;
}
- DEBUG(2, ("Module '%s' loaded\n", module_name));
+ DBG_NOTICE("Module '%s' loaded\n", module_path);
status = init(NULL);
if (!NT_STATUS_IS_OK(status)) {
- DEBUG(0, ("Module '%s' initialization failed: %s\n",
- module_name, get_friendly_nt_error_msg(status)));
+ DBG_ERR("Module '%s' initialization failed: %s\n",
+ module_path,
+ get_friendly_nt_error_msg(status));
dlclose(handle);
+ return status;
}
- TALLOC_FREE(ctx);
- return status;
+
+ return NT_STATUS_OK;
}
/* Load all modules in list and return number of
* modules that has been successfully loaded */
-int smb_load_modules(const char **modules)
+int smb_load_all_modules_absoute_path(const char **modules)
{
int i;
int success = 0;
- for(i = 0; modules[i]; i++){
- if(NT_STATUS_IS_OK(do_smb_load_module(NULL, modules[i], false))) {
+ for(i = 0; modules[i] != NULL; i++) {
+ const char *module = modules[i];
+ NTSTATUS status;
+
+ if (module[0] != '/') {
+ continue;
+ }
+
+ status = load_module_absolute_path(module, false);
+ if (NT_STATUS_IS_OK(status)) {
success++;
}
}
@@ -223,12 +203,117 @@ int smb_load_modules(const char **modules)
return success;
}
+/**
+ * @brief Check if a module exist and load it.
+ *
+ * @param[in] subsystem The name of the subsystem the module belongs too.
+ *
+ * @param[in] module The name of the module
+ *
+ * @return A NTSTATUS code
+ */
NTSTATUS smb_probe_module(const char *subsystem, const char *module)
{
- return do_smb_load_module(subsystem, module, true);
+ NTSTATUS status;
+ char *module_path = NULL;
+ TALLOC_CTX *tmp_ctx = talloc_stackframe();
+
+ if (subsystem == NULL) {
+ status = NT_STATUS_INVALID_PARAMETER;
+ goto done;
+ }
+ if (module == NULL) {
+ status = NT_STATUS_INVALID_PARAMETER;
+ goto done;
+ }
+
+ if (strchr(module, '/')) {
+ status = NT_STATUS_INVALID_PARAMETER;
+ goto done;
+ }
+
+ module_path = talloc_asprintf(tmp_ctx,
+ "%s/%s.%s",
+ modules_path(tmp_ctx, subsystem),
+ module,
+ shlib_ext());
+ if (module_path == NULL) {
+ status = NT_STATUS_NO_MEMORY;
+ goto done;
+ }
+
+ status = load_module_absolute_path(module_path, true);
+
+done:
+ TALLOC_FREE(tmp_ctx);
+ return status;
+}
+
+/**
+ * @brief Check if a module exist and load it.
+ *
+ * Warning: Using this function can have security implecations!
+ *
+ * @param[in] subsystem The name of the subsystem the module belongs too.
+ *
+ * @param[in] module Load a module using an abolute path.
+ *
+ * @return A NTSTATUS code
+ */
+NTSTATUS smb_probe_module_absolute_path(const char *module)
+{
+ if (module == NULL) {
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+ if (module[0] != '/') {
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ return load_module_absolute_path(module, true);
}
+/**
+ * @brief Load a module.
+ *
+ * @param[in] subsystem The name of the subsystem the module belongs too.
+ *
+ * @param[in] module Check if a module exists and load it.
+ *
+ * @return A NTSTATUS code
+ */
NTSTATUS smb_load_module(const char *subsystem, const char *module)
{
- return do_smb_load_module(subsystem, module, false);
+ NTSTATUS status;
+ char *module_path = NULL;
+ TALLOC_CTX *tmp_ctx = talloc_stackframe();
+
+ if (subsystem == NULL) {
+ status = NT_STATUS_INVALID_PARAMETER;
+ goto done;
+ }
+ if (module == NULL) {
+ status = NT_STATUS_INVALID_PARAMETER;
+ goto done;
+ }
+
+ if (strchr(module, '/')) {
+ status = NT_STATUS_INVALID_PARAMETER;
+ goto done;
+ }
+
+ module_path = talloc_asprintf(tmp_ctx,
+ "%s/%s.%s",
+ modules_path(tmp_ctx, subsystem),
+ module,
+ shlib_ext());
+ if (module_path == NULL) {
+ status = NT_STATUS_NO_MEMORY;
+ goto done;
+ }
+
+ status = load_module_absolute_path(module_path, false);
+
+done:
+ TALLOC_FREE(tmp_ctx);
+ return status;
}
diff --git a/lib/util/msghdr.c b/lib/util/msghdr.c
index 4b88c1a..fec5446 100644
--- a/lib/util/msghdr.c
+++ b/lib/util/msghdr.c
@@ -37,13 +37,19 @@ ssize_t msghdr_prep_fds(struct msghdr *msg, uint8_t *buf, size_t bufsize,
msg->msg_control = NULL;
msg->msg_controllen = 0;
}
- return 0;
+ /*
+ * C99 doesn't allow 0-length arrays
+ */
+ return 1;
}
if (num_fds > INT8_MAX) {
return -1;
}
if ((msg == NULL) || (cmsg_space > bufsize)) {
- return cmsg_space;
+ /*
+ * C99 doesn't allow 0-length arrays
+ */
+ return MAX(cmsg_space, 1);
}
msg->msg_control = buf;
diff --git a/lib/util/samba_modules.h b/lib/util/samba_modules.h
index 1ae9c6e..c698691 100644
--- a/lib/util/samba_modules.h
+++ b/lib/util/samba_modules.h
@@ -53,8 +53,9 @@ bool run_init_functions(TALLOC_CTX *ctx, init_module_fn *fns);
*/
init_module_fn *load_samba_modules(TALLOC_CTX *mem_ctx, const char *subsystem);
-int smb_load_modules(const char **modules);
+int smb_load_all_modules_absoute_path(const char **modules);
NTSTATUS smb_probe_module(const char *subsystem, const char *module);
+NTSTATUS smb_probe_module_absolute_path(const char *module);
NTSTATUS smb_load_module(const char *subsystem, const char *module);
#endif /* _SAMBA_MODULES_H */
diff --git a/selftest/tests.py b/selftest/tests.py
index e3dd914..b9c470c 100644
--- a/selftest/tests.py
+++ b/selftest/tests.py
@@ -145,3 +145,7 @@ if with_pam:
if with_cmocka:
plantestsuite("samba.unittests.krb5samba", "none",
[os.path.join(bindir(), "default/testsuite/unittests/test_krb5samba")])
+ plantestsuite("samba.unittests.sambafs_srv_pipe", "none",
+ [os.path.join(bindir(), "default/testsuite/unittests/test_sambafs_srv_pipe")])
+ plantestsuite("samba.unittests.lib_util_modules", "none",
+ [os.path.join(bindir(), "default/testsuite/unittests/test_lib_util_modules")])
diff --git a/source3/smbd/perfcount.c b/source3/smbd/perfcount.c
index a7c268a..1555ea2 100644
--- a/source3/smbd/perfcount.c
+++ b/source3/smbd/perfcount.c
@@ -144,7 +144,7 @@ static bool smb_load_perfcount_module(const char *name)
/* load the perfcounter module */
if((entry = smb_perfcount_find_module(module_name)) ||
- (NT_STATUS_IS_OK(smb_probe_module("perfcount", module_path)) &&
+ (NT_STATUS_IS_OK(smb_probe_module_absolute_path(module_path)) &&
(entry = smb_perfcount_find_module(module_name)))) {
DEBUG(3,("Successfully loaded perfcounter module [%s] \n", name));
diff --git a/source3/smbd/process.c b/source3/smbd/process.c
index 8f097ec..d5c03b9 100644
--- a/source3/smbd/process.c
+++ b/source3/smbd/process.c
@@ -4018,7 +4018,7 @@ void smbd_process(struct tevent_context *ev_ctx,
locaddr);
if (lp_preload_modules()) {
- smb_load_modules(lp_preload_modules());
+ smb_load_all_modules_absoute_path(lp_preload_modules());
}
smb_perfcount_init();
diff --git a/source3/utils/testparm.c b/source3/utils/testparm.c
index 7883bca..9589201 100644
--- a/source3/utils/testparm.c
+++ b/source3/utils/testparm.c
@@ -229,6 +229,18 @@ static int do_global_checks(void)
"must differ.\n\n");
}
+ if (lp_client_ipc_signing() == SMB_SIGNING_IF_REQUIRED
+ || lp_client_ipc_signing() == SMB_SIGNING_OFF) {
+ fprintf(stderr, "WARNING: The 'client ipc signing' value "
+ "%s SMB signing is not used when contacting a "
+ "domain controller or other server. "
+ "This setting is not recommended; please be "
+ "aware of the security implications when using "
+ "this configuration setting.\n\n",
+ lp_client_ipc_signing() == SMB_SIGNING_OFF ?
+ "ensures" : "may mean");
+ }
+
if (strlen(lp_netbios_name()) > 15) {
fprintf(stderr, "WARNING: The 'netbios name' is too long "
"(max. 15 chars).\n\n");
diff --git a/testsuite/unittests/rpc_test_dummy_module.c b/testsuite/unittests/rpc_test_dummy_module.c
new file mode 100644
index 0000000..d067b6e
--- /dev/null
+++ b/testsuite/unittests/rpc_test_dummy_module.c
@@ -0,0 +1,20 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <signal.h>
+#include <unistd.h>
+
+int samba_init_module(void);
+int samba_init_module(void)
+{
+ int rc;
+
+ fprintf(stderr, "Test dummy executed!\n");
+
+ rc = setenv("UNITTEST_DUMMY_MODULE_LOADED", "TRUE", 1);
+ if (rc < 0) {
+ kill(getpid(), SIGILL);
+ exit(-1);
+ }
+
+ return 0;
+}
diff --git a/testsuite/unittests/test_lib_util_modules.c b/testsuite/unittests/test_lib_util_modules.c
new file mode 100644
index 0000000..c92dafd
--- /dev/null
+++ b/testsuite/unittests/test_lib_util_modules.c
@@ -0,0 +1,76 @@
+#include <stdarg.h>
+#include <stddef.h>
+#include <setjmp.h>
+#include <cmocka.h>
+
+#include <errno.h>
+#include <stdio.h>
+#include <stdint.h>
+#include <stdbool.h>
+#include <unistd.h>
+#include <sys/stat.h>
+#include <talloc.h>
+
+#include "include/config.h"
+#include "libcli/util/ntstatus.h"
+#include "lib/util/samba_modules.h"
+
+static int teardown(void **state)
+{
+ unsetenv("UNITTEST_DUMMY_MODULE_LOADED");
+
+ return 0;
+}
+
+static void test_samba_module_probe(void **state)
+{
+ NTSTATUS status;
+
+ status = smb_probe_module("auth", "unix");
+ assert_true(NT_STATUS_IS_OK(status));
+}
+
+static void test_samba_module_probe_dummy(void **state)
+{
+ const char *module_env;
+ NTSTATUS status;
+
+ status = smb_probe_module("rpc", "test_dummy_module");
+ assert_true(NT_STATUS_IS_OK(status));
+
+ module_env = getenv("UNITTEST_DUMMY_MODULE_LOADED");
+ assert_non_null(module_env);
+ assert_string_equal(module_env, "TRUE");
+}
+
+static void test_samba_module_probe_slash(void **state)
+{
+ char dummy_module_path[4096] = {0};
+ const char *module_env;
+ NTSTATUS status;
+
+ snprintf(dummy_module_path,
+ sizeof(dummy_module_path),
+ "%s/bin/modules/rpc/test_dummy_module.so",
+ SRCDIR);
+
+ status = smb_probe_module("rpc", dummy_module_path);
+ assert_true(NT_STATUS_IS_ERR(status));
+
+ module_env = getenv("UNITTEST_DUMMY_MODULE_LOADED");
+ assert_null(module_env);
+}
+
+int main(void) {
+ const struct CMUnitTest tests[] = {
+ cmocka_unit_test_teardown(test_samba_module_probe,
+ teardown),
+ cmocka_unit_test_teardown(test_samba_module_probe_dummy,
+ teardown),
+ cmocka_unit_test_teardown(test_samba_module_probe_slash,
+ teardown),
+ };
+
+ cmocka_set_message_output(CM_OUTPUT_SUBUNIT);
+ return cmocka_run_group_tests(tests, NULL, NULL);
+}
diff --git a/testsuite/unittests/test_sambafs_srv_pipe.c b/testsuite/unittests/test_sambafs_srv_pipe.c
new file mode 100644
index 0000000..641e99d
--- /dev/null
+++ b/testsuite/unittests/test_sambafs_srv_pipe.c
@@ -0,0 +1,76 @@
+#include <errno.h>
+#include <stdarg.h>
+#include <stddef.h>
+#include <setjmp.h>
+#include <unistd.h>
+#include <sys/stat.h>
+#include <cmocka.h>
+
+#include "include/config.h"
+#include "librpc/gen_ndr/ndr_samr.h"
+#include "source3/rpc_server/srv_pipe.h"
+#include "librpc/gen_ndr/srv_samr.h"
+
+static int setup_samr(void **state)
+{
+ rpc_samr_init(NULL);
+
+ return 0;
+}
+
+static int teardown(void **state)
+{
+ unsetenv("UNITTEST_DUMMY_MODULE_LOADED");
+
+ return 0;
+}
+
+static int teardown_samr(void **state)
+{
+ rpc_samr_shutdown();
+
+ teardown(state);
+
+ return 0;
+}
+
+static void test_is_known_pipename(void **state)
--
Samba Shared Repository
More information about the samba-cvs
mailing list