[SCM] Samba Shared Repository - branch master updated
Jeremy Allison
jra at samba.org
Fri Mar 2 04:50:02 UTC 2018
The branch, master has been updated
via f59f6ce nsswitch: fix wbinfo -m --verbose trust type "Local"
via a89a714 s3:smbd: Do not crash if we fail to init the session table
via b67ffaf libsmb: Use smb2 tcon if conn_protocol >= SMB2_02
from 426e4a5 ctdb-pmda: Use modified API in pcp library 4.0
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit f59f6cefa11c4866d2ede47d9c9b415e3d5e233d
Author: Ralph Boehme <slow at samba.org>
Date: Thu Mar 1 11:43:39 2018 +0100
nsswitch: fix wbinfo -m --verbose trust type "Local"
Remove wrong "Local" strcmp(), there's another one, the correct one, a few lines
below. Since commit 95e3307917b5731ab883ee5fce530c5b559b4934
WBC_DOMINFO_TRUSTTYPE_NONE, which corresponded to the string "None" in the
winbindd response, is not used anymore.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13313
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Mar 2 05:49:18 CET 2018 on sn-devel-144
commit a89a7146563f2d9eb8bc02f1c090158ee499c878
Author: Andreas Schneider <asn at samba.org>
Date: Mon Feb 19 18:07:50 2018 +0100
s3:smbd: Do not crash if we fail to init the session table
This should the following segfault with SMB1:
#6 sig_fault (sig=<optimized out>) at ../lib/util/fault.c:94
#7 <signal handler called>
#8 smbXsrv_session_create (conn=conn at entry=0x5654d3512af0, now=now at entry=131594481900356690, _session=_session at entry=0x7ffc93a778e8)
at ../source3/smbd/smbXsrv_session.c:1212
#9 0x00007f7618aa21ef in reply_sesssetup_and_X (req=req at entry=0x5654d35174b0) at ../source3/smbd/sesssetup.c:961
#10 0x00007f7618ae17b0 in switch_message (type=<optimized out>, req=req at entry=0x5654d35174b0) at ../source3/smbd/process.c:1726
#11 0x00007f7618ae3550 in construct_reply (deferred_pcd=0x0, encrypted=false, seqnum=0, unread_bytes=0, size=140, inbuf=0x0, xconn=0x5654d35146d0)
at ../source3/smbd/process.c:1762
#12 process_smb (xconn=xconn at entry=0x5654d3512af0, inbuf=<optimized out>, nread=140, unread_bytes=0, seqnum=0, encrypted=<optimized out>,
deferred_pcd=deferred_pcd at entry=0x0) at ../source3/smbd/process.c:2008
#13 0x00007f7618ae4c41 in smbd_server_connection_read_handler (xconn=0x5654d3512af0, fd=40) at ../source3/smbd/process.c:2608
#14 0x00007f761587eedb in epoll_event_loop_once () from /lib64/libtevent.so.0
Inspection the core shows that:
conn->client-session_table is NULL
conn->protocol is PROTOCOL_NONE
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13315
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit b67ffaf518c971817b167b41bf6226cddfdcfd2f
Author: Dan Robertson <drobertson at tripwire.com>
Date: Thu Feb 22 20:47:11 2018 +0000
libsmb: Use smb2 tcon if conn_protocol >= SMB2_02
When the connection protocol is SMB2 the tid from the smb1 member is
used instead of smb2 in cli_state_set_tid which often results in a null
deref.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13310
Signed-off-by: Dan Robertson <drobertson at tripwire.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
-----------------------------------------------------------------------
Summary of changes:
nsswitch/libwbclient/wbc_util.c | 4 +---
source3/libsmb/clientgen.c | 2 +-
source3/smbd/negprot.c | 23 ++++++++++++++++++++---
3 files changed, 22 insertions(+), 7 deletions(-)
Changeset truncated at 500 lines:
diff --git a/nsswitch/libwbclient/wbc_util.c b/nsswitch/libwbclient/wbc_util.c
index ecfcaa0..fc6a840 100644
--- a/nsswitch/libwbclient/wbc_util.c
+++ b/nsswitch/libwbclient/wbc_util.c
@@ -455,9 +455,7 @@ static wbcErr process_domain_info_string(struct wbcDomainInfo *info,
*s = '\0';
s++;
- if (strcmp(r, "Local") == 0) {
- info->trust_type = WBC_DOMINFO_TRUSTTYPE_NONE;
- } else if (strncmp(r, "Routed", strlen("Routed")) == 0) {
+ if (strncmp(r, "Routed", strlen("Routed")) == 0) {
info->trust_type = WBC_DOMINFO_TRUSTTYPE_NONE;
info->trust_routing = strdup(r);
BAIL_ON_PTR_ERROR(info->trust_routing, wbc_status);
diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c
index 44afee1..2e4dd15 100644
--- a/source3/libsmb/clientgen.c
+++ b/source3/libsmb/clientgen.c
@@ -371,7 +371,7 @@ uint32_t cli_state_set_tid(struct cli_state *cli, uint32_t tid)
uint32_t ret;
if (smbXcli_conn_protocol(cli->conn) >= PROTOCOL_SMB2_02) {
ret = smb2cli_tcon_current_id(cli->smb2.tcon);
- smb2cli_tcon_set_id(cli->smb1.tcon, tid);
+ smb2cli_tcon_set_id(cli->smb2.tcon, tid);
} else {
ret = smb1cli_tcon_current_id(cli->smb1.tcon);
smb1cli_tcon_set_id(cli->smb1.tcon, tid);
diff --git a/source3/smbd/negprot.c b/source3/smbd/negprot.c
index 3a9363d..a36822e 100644
--- a/source3/smbd/negprot.c
+++ b/source3/smbd/negprot.c
@@ -65,6 +65,8 @@ static void reply_lanman1(struct smb_request *req, uint16_t choice)
time_t t = time(NULL);
struct smbXsrv_connection *xconn = req->xconn;
uint16_t raw;
+ NTSTATUS status;
+
if (lp_async_smb_echo_handler()) {
raw = 0;
} else {
@@ -88,7 +90,11 @@ static void reply_lanman1(struct smb_request *req, uint16_t choice)
SSVAL(req->outbuf,smb_vwv11, 8);
}
- smbXsrv_connection_init_tables(xconn, PROTOCOL_LANMAN1);
+ status = smbXsrv_connection_init_tables(xconn, PROTOCOL_LANMAN1);
+ if (!NT_STATUS_IS_OK(status)) {
+ reply_nterror(req, status);
+ return;
+ }
/* Reply, SMBlockread, SMBwritelock supported. */
SCVAL(req->outbuf,smb_flg, FLAG_REPLY|FLAG_SUPPORT_LOCKREAD);
@@ -115,6 +121,8 @@ static void reply_lanman2(struct smb_request *req, uint16_t choice)
time_t t = time(NULL);
struct smbXsrv_connection *xconn = req->xconn;
uint16_t raw;
+ NTSTATUS status;
+
if (lp_async_smb_echo_handler()) {
raw = 0;
} else {
@@ -140,7 +148,11 @@ static void reply_lanman2(struct smb_request *req, uint16_t choice)
SSVAL(req->outbuf,smb_vwv11, 8);
}
- smbXsrv_connection_init_tables(xconn, PROTOCOL_LANMAN2);
+ status = smbXsrv_connection_init_tables(xconn, PROTOCOL_LANMAN2);
+ if (!NT_STATUS_IS_OK(status)) {
+ reply_nterror(req, status);
+ return;
+ }
/* Reply, SMBlockread, SMBwritelock supported. */
SCVAL(req->outbuf,smb_flg,FLAG_REPLY|FLAG_SUPPORT_LOCKREAD);
@@ -260,6 +272,7 @@ static void reply_nt1(struct smb_request *req, uint16_t choice)
struct smbXsrv_connection *xconn = req->xconn;
bool signing_desired = false;
bool signing_required = false;
+ NTSTATUS status;
xconn->smb1.negprot.encrypted_passwords = lp_encrypt_passwords();
@@ -336,7 +349,11 @@ static void reply_nt1(struct smb_request *req, uint16_t choice)
SSVAL(req->outbuf,smb_vwv0,choice);
SCVAL(req->outbuf,smb_vwv1,secword);
- smbXsrv_connection_init_tables(xconn, PROTOCOL_NT1);
+ status = smbXsrv_connection_init_tables(xconn, PROTOCOL_NT1);
+ if (!NT_STATUS_IS_OK(status)) {
+ reply_nterror(req, status);
+ return;
+ }
SSVAL(req->outbuf,smb_vwv1+1, lp_max_mux()); /* maxmpx */
SSVAL(req->outbuf,smb_vwv2+1, 1); /* num vcs */
--
Samba Shared Repository
More information about the samba-cvs
mailing list