[SCM] Samba Shared Repository - branch master updated
Andreas Schneider
asn at samba.org
Mon Nov 4 14:20:02 UTC 2019
The branch, master has been updated
via 831796b2d7c gitlab-ci: Run 'samba' tests also with MIT Kerberos
via 176d0f0364b libcli:smb: Do not use gnutls_aead_cipher_encryptv2() with GnuTLS 3.6.10
from 03205663b3e CVE-2019-14847 dsdb: Correct behaviour of ranged_results when combined with dirsync
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 831796b2d7c1ee13d17238b5b4a2c3d56ab6eaaf
Author: Andreas Schneider <asn at samba.org>
Date: Mon Nov 4 07:47:15 2019 +0100
gitlab-ci: Run 'samba' tests also with MIT Kerberos
This runs the tests of the ktest environment.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Mon Nov 4 14:19:17 UTC 2019 on sn-devel-184
commit 176d0f0364bc1deb3c8df2f3bb928e01f89f216b
Author: Andreas Schneider <asn at samba.org>
Date: Mon Nov 4 08:40:34 2019 +0100
libcli:smb: Do not use gnutls_aead_cipher_encryptv2() with GnuTLS 3.6.10
The gnutls_aead_cipher_encryptv2() implementation was released with a
bug. This wont be fixed before 3.6.11.
See https://gitlab.com/gnutls/gnutls/merge_requests/1085
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
-----------------------------------------------------------------------
Summary of changes:
.gitlab-ci.yml | 3 +++
libcli/smb/smb2_signing.c | 8 ++++++--
script/autobuild.py | 52 +++++++++++++++++++++++++++++++++++++++++++++++
3 files changed, 61 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index c3b99db9952..3d26c956fde 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -110,6 +110,9 @@ others:
samba:
extends: .shared_template
+samba-mitkrb5:
+ extends: .shared_template
+
samba-none-env:
extends: .shared_template
diff --git a/libcli/smb/smb2_signing.c b/libcli/smb/smb2_signing.c
index 166ab9d83ff..7561a7a858d 100644
--- a/libcli/smb/smb2_signing.c
+++ b/libcli/smb/smb2_signing.c
@@ -478,7 +478,9 @@ NTSTATUS smb2_signing_encrypt_pdu(struct smb2_signing_key *encryption_key,
0,
16 - iv_size);
-#ifdef HAVE_GNUTLS_AEAD_CIPHER_ENCRYPTV2
+/* gnutls_aead_cipher_encryptv2() has a bug in version 3.6.10 */
+#if defined(HAVE_GNUTLS_AEAD_CIPHER_ENCRYPTV2) && \
+ GNUTLS_VERSION_NUMBER > 0x03060a
{
uint8_t tag[tag_size];
giovec_t auth_iov[1];
@@ -679,7 +681,9 @@ NTSTATUS smb2_signing_decrypt_pdu(struct smb2_signing_key *decryption_key,
}
}
-#ifdef HAVE_GNUTLS_AEAD_CIPHER_ENCRYPTV2
+/* gnutls_aead_cipher_encryptv2() has a bug in version 3.6.10 */
+#if defined(HAVE_GNUTLS_AEAD_CIPHER_ENCRYPTV2) && \
+ GNUTLS_VERSION_NUMBER > 0x03060a
{
giovec_t auth_iov[1];
diff --git a/script/autobuild.py b/script/autobuild.py
index 14a8b218dae..adeea22a34d 100755
--- a/script/autobuild.py
+++ b/script/autobuild.py
@@ -122,6 +122,7 @@ cleanup_list = []
builddirs = {
"ctdb": "ctdb",
"samba": ".",
+ "samba-mitkrb5": ".",
"samba-nt4": ".",
"samba-fileserver": ".",
"samba-admem": ".",
@@ -267,6 +268,57 @@ tasks = {
("clean", "make clean"),
],
+ # We have 'test' before 'install' because, 'test' should work without 'install (runs all the other envs)'
+ "samba-mitkrb5": [
+ ("random-sleep", random_sleep(300, 900)),
+ ("configure", "./configure.developer --with-selftest-prefix=./bin/ab --with-system-mitkrb5 --with-experimental-mit-ad-dc" + samba_configure_params),
+ ("make", "make -j"),
+ ("test", make_test(exclude_envs=[
+ "none",
+ "nt4_dc",
+ "nt4_dc_schannel",
+ "nt4_member",
+ "ad_dc",
+ "ad_dc_backup",
+ "ad_dc_ntvfs",
+ "ad_dc_default",
+ "ad_dc_slowtests",
+ "ad_dc_no_nss",
+ "ad_dc_no_ntlm",
+ "fl2003dc",
+ "fl2008dc",
+ "fl2008r2dc",
+ "ad_member",
+ "ad_member_idmap_rid",
+ "ad_member_idmap_ad",
+ "ad_member_rfc2307",
+ "chgdcpass",
+ "vampire_2000_dc",
+ "fl2000dc",
+ "fileserver",
+ "maptoguest",
+ "simpleserver",
+ "backupfromdc",
+ "restoredc",
+ "renamedc",
+ "offlinebackupdc",
+ "labdc",
+ "preforkrestartdc",
+ "proclimitdc",
+ "promoted_dc",
+ "vampire_dc",
+ "rodc",
+ "ad_dc_default",
+ "ad_dc_slowtests",
+ "schema_pair_dc",
+ "schema_dc",
+ ])),
+ ("lcov", LCOV_CMD),
+ ("install", "make install"),
+ ("check-clean-tree", "script/clean-source-tree.sh"),
+ ("clean", "make clean"),
+ ],
+
"samba-nt4": [
("random-sleep", random_sleep(300, 900)),
("configure", "./configure.developer --without-ads --with-selftest-prefix=./bin/ab" + samba_configure_params),
--
Samba Shared Repository
More information about the samba-cvs
mailing list