[SCM] Samba Shared Repository - branch v4-6-test updated
Karolin Seeger
kseeger at samba.org
Thu Mar 23 09:17:28 UTC 2017
The branch, v4-6-test has been updated
via c47fee6 VERSION: Bump version up to 4.6.2.
via 0cfe9fa Merge tag 'samba-4.6.1' into v4-6-test
via 1a8f3cf VERSION: Disable GIT_SNAPSHOTS for the 4.6.1 release.
via 2d44083 WHATSNEW: Add release notes for Samba 4.6.1.
via d9475c9 CVE-2017-2619: s3: smbd: Use the new non_widelink_open() function.
via 22a8d4e CVE-2017-2619: s3: smbd: Add the core functions to prevent symlink open races.
via 86b913f CVE-2017-2619: s3: smbd: Move special handling of symlink errno's into a utility function.
via 49edefe CVE-2017-2619: s3: smbd: Remove O_NOFOLLOW guards. We insist on O_NOFOLLOW existing.
via 7a61eb2 CVE-2017-2619: s3: smbd: Correctly fallback to open_dir_safely if FDOPENDIR not supported on system.
via 16de606 CVE-2017-2619: s3: smbd: Move the reference counting and destructor setup to just before retuning success.
via e558347 CVE-2017-2619: s3: smbd: OpenDir_fsp() - Fix memory leak on error.
via a98b3a1 CVE-2017-2619: s3: smbd: OpenDir_fsp() use early returns.
via 556f7dd CVE-2017-2619: s3: smbd: Create and use open_dir_safely(). Use from OpenDir().
via a028e01 CVE-2017-2619: s3: smbd: Opendir_internal() early return if SMB_VFS_OPENDIR failed.
via 0eae801 CVE-2017-2619: s3: smbd: Create wrapper function for OpenDir in preparation for making robust.
via 7609944 CVE-2017-2619: s4/torture: add SMB2_FIND tests with SMB2_CONTINUE_FLAG_REOPEN flag
via d7644e3 CVE-2017-2619: s3/smbd: re-open directory after dptr_CloseDir()
via 1325da1 VERSION: Bump version up to 4.6.1...
via bef5582 s4:kdc: disable principal based autodetected referral detection
via b84c967 HEIMDAL:kdc: make it possible to disable the principal based referral detection
via f8ae8e8 s3:gse: Correctly handle external trusts with MIT
via 73d13c0 s3:gse: Check if we have a target_princpal set we should use
via c2b3115 s3:gse: Move setup of service_principal to update function
via 3f67876 s3:gse: Pass down the gensec_security pointer
via 38f3e64 krb5_wrap: Remove obsolete smb_krb5_get_principal_from_service_hostname()
via bc50ac4 s3:gse: Use smb_krb5_get_realm_from_hostname()
via 82898b8 s4:gensec_gssapi: Correctly handle external trusts with MIT
via be1e158 s4:gensec_gssapi: Use smb_krb5_get_realm_from_hostname()
via 43bc67a s4:gensec_gssapi: Move setup of service_principal to update function
via 825bfed s4:gensec-gssapi: Create a helper function to setup server_principal
via 97fa6c2 krb5_wrap: Make smb_krb5_get_realm_from_hostname() public
via f3940ac krb5_wrap: pass client_realm to smb_krb5_get_realm_from_hostname()
via ec8cf1c krb5_wrap: Try to guess the correct realm from the service hostname
via eaebcde krb5_wrap: Do not return an empty realm from smb_krb5_get_realm_from_hostname()
via 8899995 testprogs: Add kinit_trusts tests with smbclient4
via 9b10b35 testprogs: Use smbclient by default in test_kinit_trusts
via 202604d s4:gensec_gssapi: require a realm in gensec_gssapi_client_start()
via 22e473e s4:gensec_gssapi: the value gensec_get_target_principal() should overwrite gensec_get_target_hostname()
via c6e5b84 replace: Include sysmacros.h
via cc03f50 manpages/vfs_fruit: document global options
via 5acfa04 s4/torture: some tests for kernel oplocks
via 48a346f s3/selftest: adopt config.h check from source4
via b6cddc1 s3/smbd: fix deferred open with streams and kernel oplocks
via b375bae s3/smbd: all callers of defer_open() pass a lck
via eeed4ff s3/smbd: remove async_open arg from defer_open()
via dcde5b1 s3/smbd: fix schedule_async_open() timer
via 1d16e5f s3/smbd: add and use retry_open() instead of defer_open() in two places
via dc328aa s3/smbd: simplify defer_open()
via 93b789c s3/smbd: req is already validated at the beginning of open_file_ntcreate()
via 26f7b6f s3/smbd: add comments and some reformatting to open_file_ntcreate()
via d15c966 s3/smbd: add const to get_lease_type() args
via 30495b1 s3/wscript: fix Linux kernel oplock detection
from 1ad29ae lib/pthreadpool: fix a memory leak
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-6-test
- Log -----------------------------------------------------------------
commit c47fee64a6419894713fde18907aff68c7d4c000
Author: Karolin Seeger <kseeger at samba.org>
Date: Thu Mar 23 10:17:00 2017 +0100
VERSION: Bump version up to 4.6.2.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
commit 0cfe9fa893a6be61137855904bd2324438925965
Merge: bef5582 1a8f3cf
Author: Karolin Seeger <kseeger at samba.org>
Date: Thu Mar 23 10:16:34 2017 +0100
Merge tag 'samba-4.6.1' into v4-6-test
samba: tag release samba-4.6.1
commit bef55822f054e7c82bb9093821438b936c8703bf
Author: Stefan Metzmacher <metze at samba.org>
Date: Sun Jan 29 17:20:09 2017 +0100
s4:kdc: disable principal based autodetected referral detection
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12554
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 3314bf52aaef60ef5cc1110587b53064df7c475d)
commit b84c967eaef553cf995cbe743959941472495aca
Author: Stefan Metzmacher <metze at samba.org>
Date: Sun Jan 29 17:19:14 2017 +0100
HEIMDAL:kdc: make it possible to disable the principal based referral detection
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12554
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 209886e95c3afe1e4e50bacc30b40a543856a7a0)
commit f8ae8e808853e5ccc3b8a08f694b32c63c08aa23
Author: Andreas Schneider <asn at samba.org>
Date: Thu Mar 9 08:18:27 2017 +0100
s3:gse: Correctly handle external trusts with MIT
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12554
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit b8bca7d08fe05758e536767b1146cdcdd8b9fee3)
commit 73d13c0b092eaeca875284514e826e22d74ba439
Author: Andreas Schneider <asn at samba.org>
Date: Thu Mar 9 08:11:07 2017 +0100
s3:gse: Check if we have a target_princpal set we should use
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12554
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit ada31d65d6c5929d2fbddfea5611a5f5fe5a0d74)
commit c2b3115f953fcdd1be34b849f0f1ad3f587f889d
Author: Andreas Schneider <asn at samba.org>
Date: Thu Mar 9 08:05:26 2017 +0100
s3:gse: Move setup of service_principal to update function
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12554
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 3ba1ad1f8c7871070d0ecbe5d49c5c44afe98bbf)
commit 3f67876ca3357866026fc89d9f1b8ba0480cb440
Author: Andreas Schneider <asn at samba.org>
Date: Mon Mar 6 08:16:11 2017 +0100
s3:gse: Pass down the gensec_security pointer
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12554
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit e6b1e58874de30d094f9bce474479cfddb39d3fc)
commit 38f3e64b090ecf5d4c9131a370454f58b2eb7571
Author: Andreas Schneider <asn at samba.org>
Date: Thu Mar 9 09:10:12 2017 +0100
krb5_wrap: Remove obsolete smb_krb5_get_principal_from_service_hostname()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12554
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 804e828d52ec922f3970e847652ab1ee5538b9b0)
commit bc50ac45792e542cda94cbf33237074a223b8269
Author: Andreas Schneider <asn at samba.org>
Date: Thu Mar 9 07:54:29 2017 +0100
s3:gse: Use smb_krb5_get_realm_from_hostname()
With credentials for administrator at FOREST1.EXAMPLE.COM
this patch changes the target_principal for
the ldap service of host dc2.forest2.example.com
from
ldap/dc2.forest2.example.com at FOREST1.EXAMPLE.COM
to
ldap/dc2.forest2.example.com at FOREST2.EXAMPLE.COM
Typically ldap/dc2.forest2.example.com at FOREST1.EXAMPLE.COM
should be used in order to allow the KDC of FOREST1.EXAMPLE.COM
to generate a referral ticket for
krbtgt/FOREST2.EXAMPLE.COM at FOREST1.EXAMPLE.COM.
The problem is that KDCs only return such referral tickets
if there's a forest trust between FOREST1.EXAMPLE.COM
and FOREST2.EXAMPLE.COM. If there's only an external domain
trust between FOREST1.EXAMPLE.COM and FOREST2.EXAMPLE.COM
the KDC of FOREST1.EXAMPLE.COM will respond with S_PRINCIPAL_UNKNOWN
when being asked for ldap/dc2.forest2.example.com at FOREST1.EXAMPLE.COM.
In the case of an external trust the client can still ask
explicitly for krbtgt/FOREST2.EXAMPLE.COM at FOREST1.EXAMPLE.COM
and the KDC of FOREST1.EXAMPLE.COM will generate it.
From there the client can use the
krbtgt/FOREST2.EXAMPLE.COM at FOREST1.EXAMPLE.COM
ticket and ask a KDC of FOREST2.EXAMPLE.COM for a
service ticket for ldap/dc2.forest2.example.com at FOREST2.EXAMPLE.COM.
With Heimdal we'll get the fallback on S_PRINCIPAL_UNKNOWN behavior
when we pass ldap/dc2.forest2.example.com at FOREST2.EXAMPLE.COM as
target principal. As _krb5_get_cred_kdc_any() first calls
get_cred_kdc_referral() (which always starts with the client realm)
and falls back to get_cred_kdc_capath() (which starts with the given realm).
MIT krb5 only tries the given realm of the target principal,
if we want to autodetect support for transitive forest trusts,
we'll have to do the fallback ourself.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12554
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit a3d95ed9037fb8b14a451da02dcadf011485ae34)
commit 82898b87a5f4db3f4d1df792a1046e0fb4e6c90a
Author: Andreas Schneider <asn at samba.org>
Date: Wed Mar 8 13:10:05 2017 +0100
s4:gensec_gssapi: Correctly handle external trusts with MIT
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12554
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 2dd4887648bf006a577e03fc027e881738ca04ab)
commit be1e1586ebe57bae64ede7623e4b317935351516
Author: Andreas Schneider <asn at samba.org>
Date: Wed Mar 8 11:03:17 2017 +0100
s4:gensec_gssapi: Use smb_krb5_get_realm_from_hostname()
With credentials for administrator at FOREST1.EXAMPLE.COM
this patch changes the target_principal for
the ldap service of host dc2.forest2.example.com
from
ldap/dc2.forest2.example.com at FOREST1.EXAMPLE.COM
to
ldap/dc2.forest2.example.com at FOREST2.EXAMPLE.COM
Typically ldap/dc2.forest2.example.com at FOREST1.EXAMPLE.COM
should be used in order to allow the KDC of FOREST1.EXAMPLE.COM
to generate a referral ticket for
krbtgt/FOREST2.EXAMPLE.COM at FOREST1.EXAMPLE.COM.
The problem is that KDCs only return such referral tickets
if there's a forest trust between FOREST1.EXAMPLE.COM
and FOREST2.EXAMPLE.COM. If there's only an external domain
trust between FOREST1.EXAMPLE.COM and FOREST2.EXAMPLE.COM
the KDC of FOREST1.EXAMPLE.COM will respond with S_PRINCIPAL_UNKNOWN
when being asked for ldap/dc2.forest2.example.com at FOREST1.EXAMPLE.COM.
In the case of an external trust the client can still ask
explicitly for krbtgt/FOREST2.EXAMPLE.COM at FOREST1.EXAMPLE.COM
and the KDC of FOREST1.EXAMPLE.COM will generate it.
From there the client can use the
krbtgt/FOREST2.EXAMPLE.COM at FOREST1.EXAMPLE.COM
ticket and ask a KDC of FOREST2.EXAMPLE.COM for a
service ticket for ldap/dc2.forest2.example.com at FOREST2.EXAMPLE.COM.
With Heimdal we'll get the fallback on S_PRINCIPAL_UNKNOWN behavior
when we pass ldap/dc2.forest2.example.com at FOREST2.EXAMPLE.COM as
target principal. As _krb5_get_cred_kdc_any() first calls
get_cred_kdc_referral() (which always starts with the client realm)
and falls back to get_cred_kdc_capath() (which starts with the given realm).
MIT krb5 only tries the given realm of the target principal,
if we want to autodetect support for transitive forest trusts,
we'll have to do the fallback ourself.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12554
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 3781eb250173981a8890b82d1ff9358f144034cd)
commit 43bc67a79b8c56209e9601458235cf0fa53591d7
Author: Andreas Schneider <asn at samba.org>
Date: Wed Mar 8 12:34:59 2017 +0100
s4:gensec_gssapi: Move setup of service_principal to update function
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12554
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit bf6358bf035e7ad48bd15cc2164afab2a19e7ad6)
commit 825bfed5cb1b3f9474e68629e54d390e72cd2d4d
Author: Andreas Schneider <asn at samba.org>
Date: Mon Mar 6 09:19:13 2017 +0100
s4:gensec-gssapi: Create a helper function to setup server_principal
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12554
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 8f7c4529420316b553c80cd3d19b6996525b029a)
commit 97fa6c2e38e5434780add64a640edc08317f1ee1
Author: Andreas Schneider <asn at samba.org>
Date: Wed Mar 8 11:56:30 2017 +0100
krb5_wrap: Make smb_krb5_get_realm_from_hostname() public
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12554
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 339a2ecb3f05d0c9e860a5dd59b8bdbc51d4ffa7)
commit f3940acc43901e9bff1cacd8c3a11a891ec2cc79
Author: Andreas Schneider <asn at samba.org>
Date: Wed Mar 8 11:56:30 2017 +0100
krb5_wrap: pass client_realm to smb_krb5_get_realm_from_hostname()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12554
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit f0c4fcace586197d5c170f6a9dcc175df23e3802)
commit ec8cf1c0c42df3c36ae6647777b9a71bbf621546
Author: Andreas Schneider <asn at samba.org>
Date: Wed Mar 8 10:48:52 2017 +0100
krb5_wrap: Try to guess the correct realm from the service hostname
If we do not get a realm mapping from the krb5.conf or from the Kerberos
library try to guess it from the service hostname. The guessing of the
realm from the service hostname is already implemented in Heimdal. This
makes the behavior of smb_krb5_get_realm_from_hostname() consistent
with both MIT and Heimdal.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12554
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 65228925ab3c4da4ae299f77cae219fc7d37cc68)
commit eaebcdeaffd8bbc9790c93c63a77179651c8ad8c
Author: Andreas Schneider <asn at samba.org>
Date: Wed Mar 8 10:40:08 2017 +0100
krb5_wrap: Do not return an empty realm from smb_krb5_get_realm_from_hostname()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12554
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 946f9dd1170be63b91e31ce825ea123f3c07329b)
commit 8899995dea82171880cd6e8454f645eb2edebb0d
Author: Andreas Schneider <asn at samba.org>
Date: Mon Mar 6 09:15:45 2017 +0100
testprogs: Add kinit_trusts tests with smbclient4
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12554
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 42bd003f468ab95b6ac97c774e2cd217d06c05ed)
commit 9b10b357198b7ccfd7f470bb143b4233d32b07c9
Author: Andreas Schneider <asn at samba.org>
Date: Mon Mar 6 09:13:09 2017 +0100
testprogs: Use smbclient by default in test_kinit_trusts
This is the tool we use by default and we should test with it.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12554
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 9b3ff90dbc5cc1017dfc89831a1081272e6c2356)
commit 202604daaa26880af5ddc5c9c78c47d1bba8081b
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Dec 29 15:20:00 2016 +0100
s4:gensec_gssapi: require a realm in gensec_gssapi_client_start()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 3a870baee8d9dbe5359f04a108814afc27e57d46)
commit 22e473e2e5924e9480bdd2519c5f9f1ba0519830
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Dec 29 14:00:36 2016 +0100
s4:gensec_gssapi: the value gensec_get_target_principal() should overwrite gensec_get_target_hostname()
If gensec_get_target_principal() has a value, we no longer have to verify
the gensec_get_target_hostname() value, it can be just an ipadress.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 48bcca566ebb3a5385b15b0525d7fbdd06361e04)
commit c6e5b844fbde519741b6ede5248c517ccf9fd1fe
Author: Andreas Schneider <asn at samba.org>
Date: Thu Jan 5 09:34:36 2017 +0100
replace: Include sysmacros.h
In the GNU C Library, "makedev" is defined by <sys/sysmacros.h>. For
historical compatibility, it is currently defined by <sys/types.h> as
well, but it is planned to remove this soon.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12686
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit 0127bdd33b251a52c6ffc44b6cb3b82b16a80741)
commit cc03f5043b381752ca02c57d1c1e2275f1b6011e
Author: Ralph Boehme <slow at samba.org>
Date: Tue Mar 7 18:10:56 2017 +0100
manpages/vfs_fruit: document global options
Some options MUST be set in the global section, better document that.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12615
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 0c212c50b59081583572f807cf5214037d1517c4)
commit 5acfa04814a278002c054b61fab72e972ba0a0e7
Author: Ralph Boehme <slow at samba.org>
Date: Wed Mar 1 18:13:35 2017 +0100
s4/torture: some tests for kernel oplocks
Bug: https://bugzilla.samba.org/show_bug.cgi?id=7537
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(backported from commit fd03420c4f59d3248b80d07a302d1404ce78b09f)
commit 48a346fec6262c3dc2890fb9101457bf7b465e98
Author: Ralph Boehme <slow at samba.org>
Date: Wed Mar 8 07:18:36 2017 +0100
s3/selftest: adopt config.h check from source4
No change in behaviour.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=7537
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 6e54d8d2bda2c9232676f8c08c626f22de50f52b)
commit b6cddc1e8e9931f84206a86ab6416697f7b2f32f
Author: Ralph Boehme <slow at samba.org>
Date: Tue Mar 7 16:27:39 2017 +0100
s3/smbd: fix deferred open with streams and kernel oplocks
I noticed smbd can get stuck in an open() call with kernel oplocks
enabled and named streams (provided by vfs_streams_xattr):
- client opens a file and with an exclusive oplock
- client starts writing to the file
- client opens an existing stream of the file
- the smbd process gets stuck in an open()
What happens is:
we had setup a locking.tdb record watch in defer_open(), the watch was
triggered, we reattempted the open and got stuck in a blocking open
because the oplock holder (ourselves) hadn't given up the oplock yet.
Cf e576bf5310bc9de9686a71539e9a1b60b4fba5cc for the commit that added
the kernel oplock retry logic. tldr: with kernel oplocks the first open
is non-blocking, but the second one is blocking.
Detailed analysis follows.
When opening a named stream of a file, Samba internally opens the
underlying "base" file first. This internal open of the basefile suceeds
and does *not* trigger an oplock break (because it is an internal open
that doesn't call open() at all) but it is added as an entry to the
locking.tdb record of the file.
Next, the stream open ends up in streams_xattr where a non-blocking
open() on the base file is called. This open fails with EWOULDBLOCK
because we have another fd with a kernel oplock on the file.
So we call defer_open() which sets up a watch on the locking.tdb record.
In the subsequent error unwinding code in open_file_ntcreate() and
callers we close the internal open file handle of the basefile which
also removes the entry from the locking.tdb record and so *changes the
record*.
This fires the record watch and in the callback defer_open_done() we
don't check whether the condition (oplock gone) we're interested in is
actually met. The callback blindly reschedules the open request with
schedule_deferred_open_message_smb().
schedule_deferred_open_message_smb() schedules an immediate tevent event
which has precedence over the IPC fd events in messaging, so the open is
always (!) reattempted before processing the oplock break message.
As explained above, this second open will be a blocking one so we get
stuck in a blocking open.
It doesn't help to make all opens non-blocking, that would just result
in a busy loop failing the open, as we never process the oplock break
message (remember, schedule_deferred_open_message_smb() used immediate
tevent events).
To fix this we must add some logic to the record watch callback to check
whether the record watch was done for a kernel oplock file and if yes,
check if the oplock state changed. If not, simply reschedule the
deferred open and keep waiting.
This logic is only needed for kernel oplocks, not for Samba-level
oplocks, because there's no risk of deadlocking, the worst that can
happen is a rescheduled open that fails again in the oplock checks and
gets deferred again.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=7537
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit b35a296a27a0807c780f2a9e7af2f2e93feefaa8)
commit b375bae8798cf0054318409b4ab81358e4f458f0
Author: Ralph Boehme <slow at samba.org>
Date: Tue Mar 7 15:48:05 2017 +0100
s3/smbd: all callers of defer_open() pass a lck
No change in behaviour. Update the function comment explaining how it
works and relies on lck for a record watch.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=7537
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 1a6c82e5d5a3462827ee3fe1edab01f535f831a9)
commit eeed4ffd126d26393f6d495d10627bac8f0f2b2e
Author: Ralph Boehme <slow at samba.org>
Date: Tue Mar 7 19:11:20 2017 +0100
s3/smbd: remove async_open arg from defer_open()
All remaining callers pass false.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=7537
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 7fa2f1159437c9f1aa47f51e65655b4d9afa5c0a)
commit dcde5b114d39f92d31a73993ed6b0d5fffb6c33e
Author: Ralph Boehme <slow at samba.org>
Date: Tue Mar 7 15:33:55 2017 +0100
s3/smbd: fix schedule_async_open() timer
schedule_async_open() was calling defer_open with sharemode lock = NULL,
as a result there was never an active 20 s timeout.
This has been broken since the commits in
$ git log --reverse -p -10 8283fd0e0090ed12b0b12d5acb550642d621b026
Just roll our own deferred record instead of calling defer_open() and
also set up timer that, as a last resort, catches stuck opens and just
exits for now.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=7537
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit ad8c36125f72e0d5f9ebfc94037a4ae9e7608aad)
commit 1d16e5fca1dd8416dcf520885b6ff90ce0d5993a
Author: Ralph Boehme <slow at samba.org>
Date: Tue Mar 7 15:03:12 2017 +0100
s3/smbd: add and use retry_open() instead of defer_open() in two places
Add a new function that does an immediate open rescheduling.
The first deferred open this commit changes was never scheduled, as the
scheduling relies on a timeout of the watch on the sharemode lock.
This has been broken since the commits in
$ git log --reverse -p -10 8283fd0e0090ed12b0b12d5acb550642d621b026
That patchset added the dbwrap watch record logic to defer_open() and
removed the timers.
I'm doing this mainly to untangle the defer_open() logic which is
complicated by the lck arg.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=7537
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit beaba6222848fb4ff4392b2247c5be1094b1d65b)
commit dc328aa2fd17b844ee81211895138b424dd27e8a
Author: Ralph Boehme <slow at samba.org>
Date: Tue Mar 7 14:37:54 2017 +0100
s3/smbd: simplify defer_open()
Add a helper function deferred_open_record_create() that creates a
deferred_open_record and let all callers pass all needed arguments
individually.
While we're at it, enhance the debug message in defer_open() to print
all variables.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=7537
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit b17ff9b181b7b9730d32534e720c45faabfa6799)
commit 93b789c9694bbd8311b782f15ab5b114ba0c6e1e
Author: Ralph Boehme <slow at samba.org>
Date: Tue Mar 7 14:10:39 2017 +0100
s3/smbd: req is already validated at the beginning of open_file_ntcreate()
req can't be NULL because the if condition surrounding this code checks
!(oplock_request & INTERNAL_OPEN_ONLY).
Bug: https://bugzilla.samba.org/show_bug.cgi?id=7537
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 8580adc1d968304b69237f289d13950972394b48)
commit 26f7b6fc8b0dfb5fcd2343b40f5dfa3a67189b3d
Author: Ralph Boehme <slow at samba.org>
Date: Mon Mar 6 11:43:08 2017 +0100
s3/smbd: add comments and some reformatting to open_file_ntcreate()
No change in behaviour.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=7537
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit f5631f6b3520326d4c9a6bae5636fd8d53e66b29)
commit d15c966cd76745e0918cce691a5a0b963d04a82c
Author: Ralph Boehme <slow at samba.org>
Date: Sat Mar 4 13:55:55 2017 +0100
s3/smbd: add const to get_lease_type() args
Bug: https://bugzilla.samba.org/show_bug.cgi?id=7537
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 6924e72ade20e98ac470fcb6ba7120c61b06bb0f)
commit 30495b1fbd2a1e42a570096197f6558108c78464
Author: Ralph Boehme <slow at samba.org>
Date: Mon Mar 6 12:09:53 2017 +0100
s3/wscript: fix Linux kernel oplock detection
Fix a copy/paste error, the Linux kernel oplocks check was copied from
the change notify support check.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=7537
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit fe473f805af885a23bb16046c9d26d756e164f30)
-----------------------------------------------------------------------
Summary of changes:
VERSION | 2 +-
WHATSNEW.txt | 78 ++-
docs-xml/manpages/vfs_fruit.8.xml | 155 ++++--
lib/krb5_wrap/krb5_samba.c | 164 ++----
lib/krb5_wrap/krb5_samba.h | 7 +-
lib/replace/replace.h | 4 +
selftest/target/Samba3.pm | 4 +
source3/librpc/crypto/gse.c | 224 ++++++--
source3/selftest/tests.py | 37 +-
source3/smbd/dir.c | 161 ++++--
source3/smbd/open.c | 701 +++++++++++++++++++-----
source3/smbd/oplock.c | 3 +-
source3/smbd/proto.h | 3 +-
source3/smbd/smb2_query_directory.c | 17 +
source3/wscript | 6 +-
source4/auth/gensec/gensec_gssapi.c | 230 +++++++-
source4/auth/gensec/gensec_gssapi.h | 2 +-
source4/heimdal/kdc/default_config.c | 1 +
source4/heimdal/kdc/kdc.h | 2 +
source4/heimdal/kdc/krb5tgs.c | 4 +-
source4/kdc/kdc-heimdal.c | 2 +
source4/selftest/tests.py | 2 +-
source4/torture/smb2/dir.c | 12 +-
source4/torture/smb2/oplock.c | 140 +++++
source4/torture/smb2/smb2.c | 1 +
testprogs/blackbox/test_kinit_trusts_heimdal.sh | 10 +-
26 files changed, 1530 insertions(+), 442 deletions(-)
Changeset truncated at 500 lines:
diff --git a/VERSION b/VERSION
index 4e4b204..3a831c8 100644
--- a/VERSION
+++ b/VERSION
@@ -25,7 +25,7 @@
########################################################
SAMBA_VERSION_MAJOR=4
SAMBA_VERSION_MINOR=6
-SAMBA_VERSION_RELEASE=1
+SAMBA_VERSION_RELEASE=2
########################################################
# If a official release has a serious bug #
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 66597bf..02935d7 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,5 +1,79 @@
-Release Announcements
-=====================
+ =============================
+ Release Notes for Samba 4.6.1
+ March 23, 2017
+ =============================
+
+
+This is a security release in order to address the following defect:
+
+o CVE-2017-2619 (Symlink race allows access outside share definition)
+
+=======
+Details
+=======
+
+o CVE-2017-2619:
+ All versions of Samba prior to 4.6.1, 4.5.7, 4.4.11 are vulnerable to
+ a malicious client using a symlink race to allow access to areas of
+ the server file system not exported under the share definition.
+
+ Samba uses the realpath() system call to ensure when a client requests
+ access to a pathname that it is under the exported share path on the
+ server file system.
+
+ Clients that have write access to the exported part of the file system
+ via SMB1 unix extensions or NFS to create symlinks can race the server
+ by renaming a realpath() checked path and then creating a symlink. If
+ the client wins the race it can cause the server to access the new
+ symlink target after the exported share path check has been done. This
+ new symlink target can point to anywhere on the server file system.
+
+ This is a difficult race to win, but theoretically possible. Note that
+ the proof of concept code supplied wins the race reliably only when
+ the server is slowed down using the strace utility running on the
+ server. Exploitation of this bug has not been seen in the wild.
+
+
+Changes since 4.6.0:
+--------------------
+
+o Jeremy Allison <jra at samba.org>
+ * BUG 12496: CVE-2017-2619: Symlink race permits opening files outside share
+ directory.
+
+o Ralph Boehme <slow at samba.org>
+ * BUG 12496: CVE-2017-2619: Symlink race permits opening files outside share
+ directory.
+
+
+#######################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the "Samba 4.1 and newer" product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+Release notes for older releases follow:
+----------------------------------------
+
+ ==============================
+ Release Notes for Samba 4.6.0
+ March 7, 2017
+ ==============================
+
This is the first stable release of Samba 4.6.
Please read the release notes carefully before upgrading.
diff --git a/docs-xml/manpages/vfs_fruit.8.xml b/docs-xml/manpages/vfs_fruit.8.xml
index fa86b6f..9f999da 100644
--- a/docs-xml/manpages/vfs_fruit.8.xml
+++ b/docs-xml/manpages/vfs_fruit.8.xml
@@ -79,8 +79,81 @@
</refsect1>
<refsect1>
+ <title>GLOBAL OPTIONS</title>
+
+ <para>The following options must be set in the global smb.conf section
+ and won't take effect when set per share.</para>
+
+ <variablelist>
+
+ <varlistentry>
+ <term>fruit:aapl = yes | no</term>
+ <listitem>
+ <para>A <emphasis>global</emphasis> option whether to enable Apple's SMB2+
+ extension codenamed AAPL. Default
+ <emphasis>yes</emphasis>. This extension enhances
+ several deficiencies when connecting from Macs:</para>
+
+ <itemizedlist>
+ <listitem><para>directory enumeration is enriched with
+ Mac relevant filesystem metadata (UNIX mode,
+ FinderInfo, resource fork size and effective
+ permission), as a result the Mac client doesn't need
+ to fetch this metadata individuallly per directory
+ entry resulting in an often tremendous performance
+ increase.</para></listitem>
+
+ <listitem><para>The ability to query and modify the
+ UNIX mode of directory entries.</para></listitem>
+ </itemizedlist>
+
+ <para>There's a set of per share options that come into play when
+ <emphasis>fruit:aapl</emphasis> is enabled. These opions, listed
+ below, can be used to disable the computation of specific Mac
+ metadata in the directory enumeration context, all are enabled by
+ default:</para>
+
+ <itemizedlist>
+ <listitem><para>readdir_attr:aapl_rsize = yes | no</para></listitem>
+ <listitem><para>readdir_attr:aapl_finder_info = yes | no</para></listitem>
+ <listitem><para>readdir_attr:aapl_max_access = yes | no</para></listitem>
+ </itemizedlist>
+
+ <para>See below for a description of these options.</para>
+
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>fruit:nfs_aces = yes | no</term>
+ <listitem>
+ <para>A <emphasis>global</emphasis> option whether support for
+ querying and modifying the UNIX mode of directory entries via NFS
+ ACEs is enabled, default <emphasis>yes</emphasis>.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>fruit:copyfile = yes | no</term>
+ <listitem>
+ <para>A <emphasis>global</emphasis> option whether to enable OS X
+ specific copychunk ioctl that requests a copy of a whole file
+ along with all attached metadata.</para>
+ <para>WARNING: the copyfile request is blocking the
+ client while the server does the copy.</para>.
+ <para>The default is <emphasis>no</emphasis>.</para>
+ </listitem>
+ </varlistentry>
+
+ </variablelist>
+</refsect1>
+
+<refsect1>
<title>OPTIONS</title>
+ <para>The following options can be set either in the global smb.conf section
+ or per share.</para>
+
<variablelist>
<varlistentry>
@@ -178,50 +251,6 @@
</varlistentry>
<varlistentry>
- <term>fruit:aapl = yes | no</term>
- <listitem>
- <para>A global option whether to enable Apple's SMB2+
- extension codenamed AAPL. Default
- <emphasis>yes</emphasis>. This extension enhances
- several deficiencies when connecting from Macs:</para>
-
- <itemizedlist>
- <listitem><para>directory enumeration is enriched with
- Mac relevant filesystem metadata (UNIX mode,
- FinderInfo, resource fork size and effective
- permission), as a result the Mac client doesn't need
- to fetch this metadata individuallly per directory
- entry resulting in an often tremendous performance
- increase.</para></listitem>
-
- <listitem><para>The ability to query and modify the
- UNIX mode of directory entries.</para></listitem>
- </itemizedlist>
-
- <para>There's a set of per share options that can be
- used to disable the computation of specific Mac metadata
- in the directory enumeration context, all are enabled by
- default:</para>
-
- <itemizedlist>
- <listitem><para>readdir_attr:aapl_rsize = true | false</para></listitem>
- <listitem><para>readdir_attr:aapl_finder_info = true | false</para></listitem>
- <listitem><para>readdir_attr:aapl_max_access = true | false</para></listitem>
- </itemizedlist>
-
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term>fruit:nfs_aces = yes | no</term>
- <listitem>
- <para>Whether support for querying and modifying the
- UNIX mode of directory entries via NFS ACEs is enabled,
- default <emphasis>yes</emphasis>.</para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
<term>fruit:veto_appledouble = yes | no</term>
<listitem>
<para><emphasis>Note:</emphasis> this option only applies when
@@ -243,18 +272,6 @@
</varlistentry>
<varlistentry>
- <term>fruit:copyfile = yes | no</term>
- <listitem>
- <para>Whether to enable OS X specific copychunk ioctl
- that requests a copy of a whole file along with all
- attached metadata.</para>
- <para>WARNING: the copyfile request is blocking the
- client while the server does the copy.</para>.
- <para>The default is <emphasis>no</emphasis>.</para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
<term>fruit:posix_rename = yes | no</term>
<listitem>
<para>Whether to enable POSIX directory rename behaviour
@@ -265,6 +282,32 @@
</listitem>
</varlistentry>
+ <varlistentry>
+ <term>readdir_attr:aapl_rsize = yes | no</term>
+ <listitem>
+ <para>Return resource fork size in SMB2 FIND responses.</para>
+ <para>The default is <emphasis>yes</emphasis>.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>readdir_attr:aapl_finder_info = yes | no</term>
+ <listitem>
+ <para>Return FinderInfo in SMB2 FIND responses.</para>
+ <para>The default is <emphasis>yes</emphasis>.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>readdir_attr:aapl_max_access = yes | no</term>
+ <listitem>
+ <para>Return the user's effective maximum permissions in SMB2 FIND
+ responses. This is an expensive computation, setting this to off
+ pretends the use has maximum effective permissions.</para>
+ <para>The default is <emphasis>yes</emphasis>.</para>
+ </listitem>
+ </varlistentry>
+
</variablelist>
</refsect1>
diff --git a/lib/krb5_wrap/krb5_samba.c b/lib/krb5_wrap/krb5_samba.c
index 10b42de..0b67ea5 100644
--- a/lib/krb5_wrap/krb5_samba.c
+++ b/lib/krb5_wrap/krb5_samba.c
@@ -2604,67 +2604,27 @@ krb5_error_code smb_krb5_principal_set_realm(krb5_context context,
}
-/************************************************************************
- Routine to get the default realm from the kerberos credentials cache.
- Caller must free if the return value is not NULL.
-************************************************************************/
-
-static char *smb_krb5_get_default_realm_from_ccache(TALLOC_CTX *mem_ctx)
-{
- char *realm = NULL;
- krb5_context ctx = NULL;
- krb5_ccache cc = NULL;
- krb5_principal princ = NULL;
-
- initialize_krb5_error_table();
- if (krb5_init_context(&ctx)) {
- return NULL;
- }
-
- DEBUG(5,("kerberos_get_default_realm_from_ccache: "
- "Trying to read krb5 cache: %s\n",
- krb5_cc_default_name(ctx)));
- if (krb5_cc_default(ctx, &cc)) {
- DEBUG(5,("kerberos_get_default_realm_from_ccache: "
- "failed to read default cache\n"));
- goto out;
- }
- if (krb5_cc_get_principal(ctx, cc, &princ)) {
- DEBUG(5,("kerberos_get_default_realm_from_ccache: "
- "failed to get default principal\n"));
- goto out;
- }
-
-#if defined(HAVE_KRB5_PRINCIPAL_GET_REALM)
- realm = talloc_strdup(mem_ctx, krb5_principal_get_realm(ctx, princ));
-#elif defined(HAVE_KRB5_PRINC_REALM)
- {
- krb5_data *realm_data = krb5_princ_realm(ctx, princ);
- realm = talloc_strndup(mem_ctx, realm_data->data, realm_data->length);
- }
-#endif
-
- out:
-
- if (ctx) {
- if (princ) {
- krb5_free_principal(ctx, princ);
- }
- if (cc) {
- krb5_cc_close(ctx, cc);
- }
- krb5_free_context(ctx);
- }
-
- return realm;
-}
-
-/************************************************************************
- Routine to get the realm from a given DNS name.
-************************************************************************/
-
-static char *smb_krb5_get_realm_from_hostname(TALLOC_CTX *mem_ctx,
- const char *hostname)
+/**
+ * @brief Get the realm from the service hostname.
+ *
+ * This function will look for a domain realm mapping in the [domain_realm]
+ * section of the krb5.conf first and fallback to extract the realm from
+ * the provided service hostname. As a last resort it will return the
+ * provided client_realm.
+ *
+ * @param[in] mem_ctx The talloc context
+ *
+ * @param[in] hostname The service hostname
+ *
+ * @param[in] client_realm If we can not find a mapping, fall back to
+ * this realm.
+ *
+ * @return The realm to use for the service hostname, NULL if a fatal error
+ * occured.
+ */
+char *smb_krb5_get_realm_from_hostname(TALLOC_CTX *mem_ctx,
+ const char *hostname,
+ const char *client_realm)
{
#if defined(HAVE_KRB5_REALM_TYPE)
/* Heimdal. */
@@ -2691,8 +2651,33 @@ static char *smb_krb5_get_realm_from_hostname(TALLOC_CTX *mem_ctx,
goto out;
}
- if (realm_list && realm_list[0]) {
+ if (realm_list != NULL &&
+ realm_list[0] != NULL &&
+ realm_list[0][0] != '\0') {
realm = talloc_strdup(mem_ctx, realm_list[0]);
+ if (realm == NULL) {
+ goto out;
+ }
+ } else {
+ const char *p = NULL;
+
+ /*
+ * "dc6.samba2003.example.com"
+ * returns a realm of "SAMBA2003.EXAMPLE.COM"
+ *
+ * "dc6." returns realm as NULL
+ */
+ p = strchr_m(hostname, '.');
+ if (p != NULL && p[1] != '\0') {
+ realm = talloc_strdup_upper(mem_ctx, p + 1);
+ if (realm == NULL) {
+ goto out;
+ }
+ }
+ }
+
+ if (realm == NULL) {
+ realm = talloc_strdup(mem_ctx, client_realm);
}
out:
@@ -2709,61 +2694,6 @@ static char *smb_krb5_get_realm_from_hostname(TALLOC_CTX *mem_ctx,
}
/**
- * @brief Get the principal as a string from the service hostname.
- *
- * @param[in] mem_ctx The talloc context
- *
- * @param[in] service The service name
- *
- * @param[in] remote_name The remote name
- *
- * @param[in] default_realm The default_realm if we cannot get it from the
- * hostname or netbios name.
- *
- * @return A talloc'ed principal string or NULL if an error occured.
- *
- * The caller needs to free the principal with talloc_free() if it isn't needed
- * anymore.
- */
-char *smb_krb5_get_principal_from_service_hostname(TALLOC_CTX *mem_ctx,
- const char *service,
- const char *remote_name,
- const char *default_realm)
-{
- char *realm = NULL;
- char *host = NULL;
- char *principal;
- host = strchr_m(remote_name, '.');
- if (host) {
- /* DNS name. */
- realm = smb_krb5_get_realm_from_hostname(talloc_tos(),
- remote_name);
- } else {
- /* NetBIOS name - use our realm. */
- realm = smb_krb5_get_default_realm_from_ccache(talloc_tos());
- }
-
- if (realm == NULL || *realm == '\0') {
- realm = talloc_strdup(talloc_tos(), default_realm);
- if (!realm) {
- return NULL;
- }
- DEBUG(3,("Cannot get realm from, "
- "desthost %s or default ccache. Using default "
- "smb.conf realm %s\n",
- remote_name,
- realm));
- }
-
- principal = talloc_asprintf(mem_ctx,
- "%s/%s@%s",
- service, remote_name,
- realm);
- TALLOC_FREE(realm);
- return principal;
-}
-
-/**
* @brief Get an error string from a Kerberos error code.
*
* @param[in] context The library context.
diff --git a/lib/krb5_wrap/krb5_samba.h b/lib/krb5_wrap/krb5_samba.h
index 71e81ea..c921538 100644
--- a/lib/krb5_wrap/krb5_samba.h
+++ b/lib/krb5_wrap/krb5_samba.h
@@ -314,10 +314,9 @@ krb5_error_code smb_krb5_principal_set_realm(krb5_context context,
krb5_principal principal,
const char *realm);
-char *smb_krb5_get_principal_from_service_hostname(TALLOC_CTX *mem_ctx,
- const char *service,
- const char *remote_name,
- const char *default_realm);
+char *smb_krb5_get_realm_from_hostname(TALLOC_CTX *mem_ctx,
+ const char *hostname,
+ const char *client_realm);
char *smb_get_krb5_error_message(krb5_context context,
krb5_error_code code,
diff --git a/lib/replace/replace.h b/lib/replace/replace.h
index c69a069..1dbeacf 100644
--- a/lib/replace/replace.h
+++ b/lib/replace/replace.h
--
Samba Shared Repository
More information about the samba-cvs
mailing list