[SCM] Samba Shared Repository - branch master updated
Jeremy Allison
jra at samba.org
Fri Oct 27 22:32:03 UTC 2017
The branch, master has been updated
via e5251ee winbindd: Remove a misleading comment
via 61176a6 printing: Avoid an "extern current_user"
via e03e947 printing: Avoid an "extern current_user"
via e62253a smbd: Fix the memory hierarchy in the unix token
via 7e4908d lib: Use all_zero where appropriate
via dea1881 smbd: Remove an indentation level in smb2_negprot
via 6475293 samba: Fix CID 1420179 Code maintainability issues UNUSED_VALUE
via e7a4c31 samba: Fix CID 1420180 Null pointer dereferences
via e56626e s4:pyparam: Fix resource leaks on error
via b012f15 s4:torture: Avoid useless strdup in libsmbclient test
via 9f3151a libsmbclient: Use const for the user
from 0a796f5 testprogs: Update the kpasswd setpassword test
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit e5251ee188e948f37e76d4071d435496c5be27d7
Author: Volker Lendecke <vl at samba.org>
Date: Fri Oct 27 14:01:41 2017 +0200
winbindd: Remove a misleading comment
The reality is a bit more complex than this comment indicates. We should never
suggest anywhere that we can connect to domains that we don't have a direct
trust account to. For the member case, it's "our" domain, and for the DC case,
it's the direct trusts. Everything else is pure luck.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Sat Oct 28 00:31:58 CEST 2017 on sn-devel-144
commit 61176a66cc8d9daacad4470a9977ab0e4e8afa51
Author: Volker Lendecke <vl at samba.org>
Date: Wed Oct 4 13:30:13 2017 +0200
printing: Avoid an "extern current_user"
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit e03e947e0c4319af6521cf50b201cca6da21a0cb
Author: Volker Lendecke <vl at samba.org>
Date: Wed Oct 4 13:27:43 2017 +0200
printing: Avoid an "extern current_user"
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit e62253a52a10be8719369325a5b1e146f8405c7c
Author: Volker Lendecke <vl at samba.org>
Date: Wed Oct 4 15:04:01 2017 +0200
smbd: Fix the memory hierarchy in the unix token
"groups" should hang off the token itself, not its parent
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 7e4908d72b4e3bd662bdc2da18e8b5272c15c13e
Author: Volker Lendecke <vl at samba.org>
Date: Thu Oct 19 17:52:31 2017 +0200
lib: Use all_zero where appropriate
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit dea1881fc5e53b5d1750c16b4d7f7d0ddd971875
Author: Volker Lendecke <vl at samba.org>
Date: Thu Oct 19 08:13:59 2017 +0200
smbd: Remove an indentation level in smb2_negprot
Do an early return. Best viewed with "git show -b"
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 6475293bc800a343464955fe8027aa8033c5513d
Author: Volker Lendecke <vl at samba.org>
Date: Thu Oct 26 21:13:52 2017 +0200
samba: Fix CID 1420179 Code maintainability issues UNUSED_VALUE
I don't think pid is used at all here.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit e7a4c31047f55a5bd0160f5b4fb614bff9c3c421
Author: Volker Lendecke <vl at samba.org>
Date: Thu Oct 26 21:08:14 2017 +0200
samba: Fix CID 1420180 Null pointer dereferences
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit e56626e864492831a3dbbca2d4fb8f3281547a90
Author: Andreas Schneider <asn at samba.org>
Date: Wed Oct 25 19:25:20 2017 +0200
s4:pyparam: Fix resource leaks on error
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13101
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit b012f1589b3e0cb482e14ca76b5d150792d30643
Author: Andreas Schneider <asn at samba.org>
Date: Wed Oct 25 19:23:02 2017 +0200
s4:torture: Avoid useless strdup in libsmbclient test
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13101
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 9f3151a4e240480f2ed66115314b2f19a06967bf
Author: Andreas Schneider <asn at samba.org>
Date: Wed Oct 25 19:22:34 2017 +0200
libsmbclient: Use const for the user
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13101
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
-----------------------------------------------------------------------
Summary of changes:
lib/util/util.c | 5 +-
source3/auth/auth_util.c | 3 +-
source3/include/libsmbclient.h | 2 +-
.../{smbclient-0.2.3.sigs => smbclient-0.3.0.sigs} | 2 +-
source3/libsmb/libsmb_setget.c | 2 +-
source3/libsmb/wscript | 2 +-
source3/printing/print_generic.c | 4 +-
source3/printing/printing.c | 7 +-
source3/smbd/smb2_negprot.c | 147 +++++++++++----------
source3/winbindd/winbindd_cache.c | 18 ---
source4/param/pyparam.c | 6 +
source4/smbd/process_prefork.c | 3 +-
source4/torture/libsmbclient/libsmbclient.c | 4 +-
13 files changed, 96 insertions(+), 109 deletions(-)
copy source3/libsmb/ABI/{smbclient-0.2.3.sigs => smbclient-0.3.0.sigs} (99%)
Changeset truncated at 500 lines:
diff --git a/lib/util/util.c b/lib/util/util.c
index ef148e9..4291bfa 100644
--- a/lib/util/util.c
+++ b/lib/util/util.c
@@ -434,7 +434,6 @@ void dump_data_cb(const uint8_t *buf, int len,
void *private_data)
{
int i=0;
- static const uint8_t empty[16] = { 0, };
bool skipped = false;
char tmp[16];
@@ -446,7 +445,7 @@ void dump_data_cb(const uint8_t *buf, int len,
if ((omit_zero_bytes == true) &&
(i > 0) &&
(len > i+16) &&
- (memcmp(&buf[i], &empty, 16) == 0))
+ all_zero(&buf[i], 16))
{
i +=16;
continue;
@@ -473,7 +472,7 @@ void dump_data_cb(const uint8_t *buf, int len,
if ((omit_zero_bytes == true) &&
(len > i+16) &&
- (memcmp(&buf[i], &empty, 16) == 0)) {
+ all_zero(&buf[i], 16)) {
if (!skipped) {
cb("skipping zero buffer bytes\n",
private_data);
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 1021f2a..8e7fa91 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -639,7 +639,8 @@ NTSTATUS create_local_token(TALLOC_CTX *mem_ctx,
sid_string_dbg(&t->sids[i])));
continue;
}
- if (!add_gid_to_array_unique(session_info, ids[i].id,
+ if (!add_gid_to_array_unique(session_info->unix_token,
+ ids[i].id,
&session_info->unix_token->groups,
&session_info->unix_token->ngroups)) {
return NT_STATUS_NO_MEMORY;
diff --git a/source3/include/libsmbclient.h b/source3/include/libsmbclient.h
index cf67b1d..b41a292 100644
--- a/source3/include/libsmbclient.h
+++ b/source3/include/libsmbclient.h
@@ -491,7 +491,7 @@ smbc_getUser(SMBCCTX *c);
/** Set the username used for making connections */
void
-smbc_setUser(SMBCCTX *c, char * user);
+smbc_setUser(SMBCCTX *c, const char *user);
/**
* Get the timeout used for waiting on connections and response data
diff --git a/source3/libsmb/ABI/smbclient-0.2.3.sigs b/source3/libsmb/ABI/smbclient-0.3.0.sigs
similarity index 99%
copy from source3/libsmb/ABI/smbclient-0.2.3.sigs
copy to source3/libsmb/ABI/smbclient-0.3.0.sigs
index cda537c..736f32a 100644
--- a/source3/libsmb/ABI/smbclient-0.2.3.sigs
+++ b/source3/libsmb/ABI/smbclient-0.3.0.sigs
@@ -160,7 +160,7 @@ smbc_setOptionUserData: void (SMBCCTX *, void *)
smbc_setPort: void (SMBCCTX *, uint16_t)
smbc_setServerCacheData: void (SMBCCTX *, struct smbc_server_cache *)
smbc_setTimeout: void (SMBCCTX *, int)
-smbc_setUser: void (SMBCCTX *, char *)
+smbc_setUser: void (SMBCCTX *, const char *)
smbc_setWorkgroup: void (SMBCCTX *, char *)
smbc_set_context: SMBCCTX *(SMBCCTX *)
smbc_set_credentials: void (const char *, const char *, const char *, smbc_bool, const char *)
diff --git a/source3/libsmb/libsmb_setget.c b/source3/libsmb/libsmb_setget.c
index 80ac673..591cb39 100644
--- a/source3/libsmb/libsmb_setget.c
+++ b/source3/libsmb/libsmb_setget.c
@@ -71,7 +71,7 @@ smbc_getUser(SMBCCTX *c)
/** Set the username used for making connections */
void
-smbc_setUser(SMBCCTX *c, char * user)
+smbc_setUser(SMBCCTX *c, const char *user)
{
SAFE_FREE(c->user);
if (user) {
diff --git a/source3/libsmb/wscript b/source3/libsmb/wscript
index 6d862f7..c6ad686 100644
--- a/source3/libsmb/wscript
+++ b/source3/libsmb/wscript
@@ -27,5 +27,5 @@ def build(bld):
public_headers='../include/libsmbclient.h',
abi_directory='ABI',
abi_match='smbc_*',
- vnum='0.2.3',
+ vnum='0.3.0',
pc_files='smbclient.pc')
diff --git a/source3/printing/print_generic.c b/source3/printing/print_generic.c
index d77fb21..b6b5006 100644
--- a/source3/printing/print_generic.c
+++ b/source3/printing/print_generic.c
@@ -19,8 +19,8 @@
#include "includes.h"
#include "printing.h"
+#include "smbd/proto.h"
-extern struct current_user current_user;
extern userdom_struct current_user_info;
/****************************************************************************
@@ -76,7 +76,7 @@ static int print_run_command(int snum, const char* printername, bool do_sub,
lp_servicename(talloc_tos(), snum),
current_user_info.unix_name,
"",
- current_user.ut.gid,
+ get_current_gid(NULL),
get_current_username(),
current_user_info.domain,
syscmd);
diff --git a/source3/printing/printing.c b/source3/printing/printing.c
index c6c42f3..e4bb1d8 100644
--- a/source3/printing/printing.c
+++ b/source3/printing/printing.c
@@ -38,7 +38,6 @@
#include "lib/param/loadparm.h"
#include "lib/util/sys_rw_data.h"
-extern struct current_user current_user;
extern userdom_struct current_user_info;
/* Current printer interface */
@@ -1722,7 +1721,7 @@ static void print_queue_update(struct messaging_context *msg_ctx,
lp_servicename(talloc_tos(), snum),
current_user_info.unix_name,
"",
- current_user.ut.gid,
+ get_current_gid(NULL),
get_current_username(),
current_user_info.domain,
lpqcommand);
@@ -1742,7 +1741,7 @@ static void print_queue_update(struct messaging_context *msg_ctx,
lp_servicename(talloc_tos(), snum),
current_user_info.unix_name,
"",
- current_user.ut.gid,
+ get_current_gid(NULL),
get_current_username(),
current_user_info.domain,
lprmcommand);
@@ -3026,7 +3025,7 @@ NTSTATUS print_job_end(struct messaging_context *msg_ctx, int snum,
lp_servicename(talloc_tos(), snum),
current_user_info.unix_name,
"",
- current_user.ut.gid,
+ get_current_gid(NULL),
get_current_username(),
current_user_info.domain,
lpq_cmd);
diff --git a/source3/smbd/smb2_negprot.c b/source3/smbd/smb2_negprot.c
index d9ccdbe..f8133b2 100644
--- a/source3/smbd/smb2_negprot.c
+++ b/source3/smbd/smb2_negprot.c
@@ -128,6 +128,7 @@ enum protocol_types smbd_smb2_protocol_dialect_match(const uint8_t *indyn,
NTSTATUS smbd_smb2_request_process_negprot(struct smbd_smb2_request *req)
{
struct smbXsrv_connection *xconn = req->xconn;
+ struct smbXsrv_client_global0 *global0 = NULL;
NTSTATUS status;
const uint8_t *inbody;
const uint8_t *indyn = NULL;
@@ -612,91 +613,91 @@ NTSTATUS smbd_smb2_request_process_negprot(struct smbd_smb2_request *req)
req->sconn->using_smb2 = true;
- if (dialect != SMB2_DIALECT_REVISION_2FF) {
- struct smbXsrv_client_global0 *global0 = NULL;
-
- status = smbXsrv_connection_init_tables(xconn, protocol);
- if (!NT_STATUS_IS_OK(status)) {
- return smbd_smb2_request_error(req, status);
- }
+ if (dialect == SMB2_DIALECT_REVISION_2FF) {
+ return smbd_smb2_request_done(req, outbody, &outdyn);
+ }
- xconn->smb2.client.capabilities = in_capabilities;
- xconn->smb2.client.security_mode = in_security_mode;
- xconn->smb2.client.guid = in_guid;
- xconn->smb2.client.num_dialects = dialect_count;
- xconn->smb2.client.dialects = talloc_array(xconn,
- uint16_t,
- dialect_count);
- if (xconn->smb2.client.dialects == NULL) {
- return smbd_smb2_request_error(req, NT_STATUS_NO_MEMORY);
- }
- for (c=0; c < dialect_count; c++) {
- xconn->smb2.client.dialects[c] = SVAL(indyn, c*2);
- }
+ status = smbXsrv_connection_init_tables(xconn, protocol);
+ if (!NT_STATUS_IS_OK(status)) {
+ return smbd_smb2_request_error(req, status);
+ }
- xconn->smb2.server.capabilities = capabilities;
- xconn->smb2.server.security_mode = security_mode;
- xconn->smb2.server.guid = out_guid;
- xconn->smb2.server.dialect = dialect;
- xconn->smb2.server.max_trans = max_trans;
- xconn->smb2.server.max_read = max_read;
- xconn->smb2.server.max_write = max_write;
+ xconn->smb2.client.capabilities = in_capabilities;
+ xconn->smb2.client.security_mode = in_security_mode;
+ xconn->smb2.client.guid = in_guid;
+ xconn->smb2.client.num_dialects = dialect_count;
+ xconn->smb2.client.dialects = talloc_array(xconn,
+ uint16_t,
+ dialect_count);
+ if (xconn->smb2.client.dialects == NULL) {
+ return smbd_smb2_request_error(req, NT_STATUS_NO_MEMORY);
+ }
+ for (c=0; c < dialect_count; c++) {
+ xconn->smb2.client.dialects[c] = SVAL(indyn, c*2);
+ }
- if (xconn->protocol < PROTOCOL_SMB2_10) {
- /*
- * SMB2_02 doesn't support client guids
- */
- return smbd_smb2_request_done(req, outbody, &outdyn);
- }
+ xconn->smb2.server.capabilities = capabilities;
+ xconn->smb2.server.security_mode = security_mode;
+ xconn->smb2.server.guid = out_guid;
+ xconn->smb2.server.dialect = dialect;
+ xconn->smb2.server.max_trans = max_trans;
+ xconn->smb2.server.max_read = max_read;
+ xconn->smb2.server.max_write = max_write;
- if (!xconn->client->server_multi_channel_enabled) {
- /*
- * Only deal with the client guid database
- * if multi-channel is enabled.
- */
- return smbd_smb2_request_done(req, outbody, &outdyn);
- }
+ if (xconn->protocol < PROTOCOL_SMB2_10) {
+ /*
+ * SMB2_02 doesn't support client guids
+ */
+ return smbd_smb2_request_done(req, outbody, &outdyn);
+ }
- if (xconn->smb2.client.guid_verified) {
- /*
- * The connection was passed from another
- * smbd process.
- */
- return smbd_smb2_request_done(req, outbody, &outdyn);
- }
+ if (!xconn->client->server_multi_channel_enabled) {
+ /*
+ * Only deal with the client guid database
+ * if multi-channel is enabled.
+ */
+ return smbd_smb2_request_done(req, outbody, &outdyn);
+ }
- status = smb2srv_client_lookup_global(xconn->client,
- xconn->smb2.client.guid,
- req, &global0);
+ if (xconn->smb2.client.guid_verified) {
/*
- * TODO: check for races...
+ * The connection was passed from another
+ * smbd process.
*/
- if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECTID_NOT_FOUND)) {
- /*
- * This stores the new client information in
- * smbXsrv_client_global.tdb
- */
- xconn->client->global->client_guid =
- xconn->smb2.client.guid;
- status = smbXsrv_client_update(xconn->client);
- if (!NT_STATUS_IS_OK(status)) {
- return status;
- }
+ return smbd_smb2_request_done(req, outbody, &outdyn);
+ }
- xconn->smb2.client.guid_verified = true;
- } else if (NT_STATUS_IS_OK(status)) {
- status = smb2srv_client_connection_pass(req,
- global0);
- if (!NT_STATUS_IS_OK(status)) {
- return smbd_smb2_request_error(req, status);
- }
+ status = smb2srv_client_lookup_global(xconn->client,
+ xconn->smb2.client.guid,
+ req, &global0);
+ /*
+ * TODO: check for races...
+ */
+ if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECTID_NOT_FOUND)) {
+ /*
+ * This stores the new client information in
+ * smbXsrv_client_global.tdb
+ */
+ xconn->client->global->client_guid =
+ xconn->smb2.client.guid;
+ status = smbXsrv_client_update(xconn->client);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
- smbd_server_connection_terminate(xconn,
- "passed connection");
- return NT_STATUS_OBJECTID_EXISTS;
- } else {
+ xconn->smb2.client.guid_verified = true;
+ } else if (NT_STATUS_IS_OK(status)) {
+ status = smb2srv_client_connection_pass(req,
+ global0);
+ if (!NT_STATUS_IS_OK(status)) {
return smbd_smb2_request_error(req, status);
}
+
+ smbd_server_connection_terminate(xconn,
+ "passed connection");
+ return NT_STATUS_OBJECTID_EXISTS;
+ } else {
+ return smbd_smb2_request_error(req, status);
}
return smbd_smb2_request_done(req, outbody, &outdyn);
diff --git a/source3/winbindd/winbindd_cache.c b/source3/winbindd/winbindd_cache.c
index 93501e4..faea764 100644
--- a/source3/winbindd/winbindd_cache.c
+++ b/source3/winbindd/winbindd_cache.c
@@ -147,24 +147,6 @@ static struct winbind_cache *get_cache(struct winbindd_domain *domain)
init_dc_connection(domain, false);
}
- /*
- OK. Listen up because I'm only going to say this once.
- We have the following scenarios to consider
- (a) trusted AD domains on a Samba DC,
- (b) trusted AD domains and we are joined to a non-kerberos domain
- (c) trusted AD domains and we are joined to a kerberos (AD) domain
-
- For (a) we can always contact the trusted domain using krb5
- since we have the domain trust account password
-
- For (b) we can only use RPC since we have no way of
- getting a krb5 ticket in our own domain
-
- For (c) we can always use krb5 since we have a kerberos trust
-
- --jerry
- */
-
#ifdef HAVE_ADS
if (domain->backend == NULL) {
struct winbindd_domain *our_domain = domain;
diff --git a/source4/param/pyparam.c b/source4/param/pyparam.c
index 713e608..f16c2c0 100644
--- a/source4/param/pyparam.c
+++ b/source4/param/pyparam.c
@@ -331,6 +331,9 @@ static PyObject *py_lp_dump_a_parameter(PyObject *self, PyObject *args)
if (!ret) {
PyErr_Format(PyExc_RuntimeError, "Parameter %s unknown for section %s", param_name, section_name);
+ if (f != stdout) {
+ fclose(f);
+ }
return NULL;
}
@@ -479,6 +482,9 @@ static PyObject *py_lp_service_dump(PyObject *self, PyObject *args)
if (!PyObject_TypeCheck(py_default_service, &PyLoadparmService)) {
PyErr_SetNone(PyExc_TypeError);
+ if (f != stdout) {
+ fclose(f);
+ }
return NULL;
}
diff --git a/source4/smbd/process_prefork.c b/source4/smbd/process_prefork.c
index 8e4d624..f6fb80b 100644
--- a/source4/smbd/process_prefork.c
+++ b/source4/smbd/process_prefork.c
@@ -318,7 +318,7 @@ static void prefork_new_task(
struct tfork* w = NULL;
w = tfork_create();
- if (t == NULL) {
+ if (w == NULL) {
smb_panic("failure in tfork\n");
}
@@ -339,7 +339,6 @@ static void prefork_new_task(
free(w);
TALLOC_FREE(ev);
- pid = getpid();
setproctitle("task[%s] pre-forked worker",
service_name);
prefork_reload_after_fork();
diff --git a/source4/torture/libsmbclient/libsmbclient.c b/source4/torture/libsmbclient/libsmbclient.c
index f6cd810..16ad351 100644
--- a/source4/torture/libsmbclient/libsmbclient.c
+++ b/source4/torture/libsmbclient/libsmbclient.c
@@ -38,8 +38,8 @@ bool torture_libsmbclient_init_context(struct torture_context *tctx,
/* yes, libsmbclient API frees the username when freeing the context, so
* have to pass malloced data here */
- smbc_setUser(ctx, strdup(cli_credentials_get_username(
- popt_get_cmdline_credentials())));
+ smbc_setUser(ctx,
+ cli_credentials_get_username(popt_get_cmdline_credentials()));
*ctx_p = ctx;
--
Samba Shared Repository
More information about the samba-cvs
mailing list