[SCM] Samba Shared Repository - branch v4-15-stable updated
Jule Anger
janger at samba.org
Tue Mar 15 13:21:45 UTC 2022
The branch, v4-15-stable has been updated
via 8942e18adc4 VERSION: Disable GIT_SNAPSHOT for the 4.15.6 release.
via 0470185d992 WHATSNEW: Add release notes for Samba 4.15.6.
via 7417480d160 s3: smbd: Fix our leases code to return the correct error in the non-dynamic share case.
via 58605094f14 s4: torture: Add new SMB2 lease test test_lease_duplicate_open().
via 0fd20764df1 s4: torture: Add new SMB2 lease test test_lease_duplicate_create().
via 08def753517 s3:trusts_utils: use a password length of 120 for machine accounts
via 36caaa10339 upgradehelpers.py: add a comment to update_krbtgt_account_password()
via 8321b9c0ed6 provision: add a comment that the value of krbtgtpass is ignored in the backend
via 748130b3bd4 upgradehelpers.py: let update_machine_account_password() use 120 character passwords
via eb5855341a1 provision: use 120 characters for the dns account password
via ca3a09a4fe4 samba-tool/join_member: let py_net_join_member() choose the password
via ba466f403e4 s3:py_net: allow machinepass=None to py_net_join_member()
via 078088833a4 s4/auth/simple_bind: correctly report TLS state
via 8fbb56bdb42 pytest:auth_log: expect TLS connections when using ldaps
via c4b2930a837 smbd: Fix a use-after-free
via e19d287cef3 s4:sam: Don't use talloc_steal for msg attributes in authsam_make_user_info_dc()
via f7e31127e7f waf: re-add missing readlink test
via 7ce02fab320 readlink test: inverse return code
via 0128222daf0 vfs_aixacl: add proper header file
via 1507981e027 wscript: s/default/required/ _static_modules for the acl modules
via ea5edbbe83f acl: fix function arguments for AIX' and Solaris' sys_acl_get_fd()
via 4d91f6dafd1 s3:winbind: Use the canonical principal name to renew the credentials
via d0d70d9f630 s3:winbind: Store canonical principal and realm in ccache entry
via 29218c61b0a s3:libads: Return canonical principal and realm from kerberos_return_pac()
via 66568436d27 lib:krb5_wrap: Fix wrong debug message and use newer debug macro
via 696c3e46397 lib:krb5_wrap: Improve debug message and use newer debug macro
via 4aa677729cc s3:libads: Fix memory leak in kerberos_return_pac() error path
via 49779a9f86f docs-xml: Fix idmap_autorid documentation
via 8d35177370c s3:utils: Add a testparm check for idmap autorid
via 25778ada3ad s3:winbindd: Add a sanity check for the range
via 3bb0efcdded smbd: Safeguards for getpwuid
via 1d0ba388223 s3:modules: Fix virusfilter_vfs_openat
via a47cc216156 s3:selftest: Add test for virus scanner
via a117fca9196 selftest: Fix trailing whitespace in Samba3.pm
via 517266c75d0 docs-xml:manpages: Document 'dummy' virusfilter and 'virusfilter:infected files'
via b78a62a1f9f s3:modules: Implement dummy virus scanner that uses filename matching
via 11fadec1ca5 selftest: Do not force -d0 for smbd/nmbd/winbindd
via 62d33564f73 libcli/smb: let smb2_signing_decrypt_pdu() cope with gnutls_aead_cipher_decrypt() ptext_len bug
via 8cf62b3f86f libcli/smb: fix error checking in smb2_signing_decrypt_pdu() invalid ptext_len
via d623b454aa8 selftest/quick: add smb2.session
via ca94bad07bc s3/libads: ensure a sockaddr variable is correctly zero initialized
via a2fe8bf5a5d s3/libads: simplify storing existing ads->ldap.ss
via 36189b0be18 s3: libsmb: Call cli_dfs_target_check() from cli_smb2_rename_send().
via 1d85a72d77e s3: libsmb: Call cli_dfs_target_check() from cli_cifs_rename_send().
via be0b115b8ae s3: libsmb: Call cli_dfs_target_check() from cli_smb1_rename_send().
via fd593ab3a0c s3: libsmb: Call cli_dfs_target_check() from cli_ntrename_internal_send().
via e7d0b7aa064 s3: libsmb: Call cli_dfs_target_check() from cli_smb2_hardlink_send().
via ce29aecbd96 s3: libsmb: Add cli_dfs_target_check() function.
via 88eee5c4743 s3: tests: Add a new test test_msdfs_rename() that does simple renames on MSDFS root shares.
via 235ecfbbe66 s3: tests: Add a new test test_msdfs_hardlink() that does simple hardlinks on MSDFS root shares.
via bbb7aacf490 lib: libsmbclient: Ensure cli_rename() always sets cli->raw_status.
via 641271eaa07 s4: test: Add samba4.libsmbclient.rename test. Currently fails for SMB3.
via 9d00a59761b pam_winbind: add new pwd_change_prompt option (defaults to off).
via 9cd1099bbea VERSION: Bump version up to Samba 4.15.6...
via 2a28e10dc2b Merge tag 'samba-4.15.5' into v4-15-test
via bab52ff3bf8 blackbox.ndrdump: fix test_ndrdump_fuzzed_NULL_struct_ntlmssp_CHALLENGE_MESSAGE test
via c0795f1a634 librpc/ndr: let ndr_push_string() let s_len == 0 result in d_len = 0
via cb7e6f0e7fb s4:torture/ndr: demonstrate the ndr_push_string(STR_NOTERM|REMAINING) of "" is wrong
via 3fcc39542da blackbox.ndrdump: adjust example files to the usage of dump_data_diff output.
via 318266fcedb ndrdump: make use of dump_data_file_diff() in order to show differences
via 205ebe24389 lib/util: add dump_data_diff*() helpers
via 4a6c8349c39 blackbox.ndrdump: adjust example files to changed dump_data() output.
via 85c3f4ad396 lib/util: split out a dump_data_block16() helper
via 82799c1f86d printing/bgqd: Disable systemd notifications
via e26270cbe58 dcesrv_core: wrap gensec_*() calls in [un]become_root() calls
via 13e621aea07 s3:libnet: Do not set ADS_AUTH_ALLOW_NTLMSSP in FIPS mode
via 8f346568007 s3:winbindd: Do not set ADS_AUTH_ALLOW_NTLMSSP in FIPS mode
via 4853125524a s3:winbindd: Remove trailing spaces from winbindd_ads.c
via c3c0bf8ec7c s4:selftest: plan test suite samba4.blackbox.test_weak_disable_ntlmssp_ldap
via 78d342fb604 tests: Add test for disabling NTLMSSP for ldap client connections
via 2dde53993e9 s3:libads: Disable NTLMSSP if not allowed (for builds without kerberos)
via 105e53250a9 s3:libads: Improve debug messages for SASL bind
via 130cde7b7b7 s3:libads: Disable NTLMSSP for FIPS
via 953b1027c7b s3:libads: Remove trailing spaces from sasl.c
via 3485e6ccbe5 s3:utils: set ads->auth.flags using krb5_state
via 911675da559 s4:dsdb/vlv_pagination: fix segfault in vlv_results()
via b9583585166 s4:dsdb/paged_results: fix segfault in paged_results()
via d123bc8be47 s4:rpc_server/netlogon: let CSDVersion="" wipe operatingSystemServicePack
via a45cf134829 s4:torture/rpc: test how CSDVersion="" wipes operatingSystemServicePack
via d93892d2e8e ldb: version 2.4.2
via cf1ee828aa1 waf: Fix resolv_wrapper with glibc 2.34
from 27bd8a32359 VERSION: Disable GIT_SNAPSHOT for the 4.15.5 release.
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-15-stable
- Log -----------------------------------------------------------------
-----------------------------------------------------------------------
Summary of changes:
VERSION | 2 +-
WHATSNEW.txt | 86 +++++-
docs-xml/manpages/idmap_autorid.8.xml | 8 +-
docs-xml/manpages/pam_winbind.conf.5.xml | 7 +
docs-xml/manpages/vfs_virusfilter.8.xml | 12 +
lib/krb5_wrap/krb5_samba.c | 7 +-
lib/ldb/ABI/{ldb-2.0.5.sigs => ldb-2.4.2.sigs} | 0
...pyldb-util-2.1.0.sigs => pyldb-util-2.4.2.sigs} | 0
lib/ldb/wscript | 2 +-
lib/util/util.c | 203 +++++++++-----
lib/util/util.h | 28 ++
libcli/smb/smb2_signing.c | 24 +-
librpc/ndr/ndr_string.c | 5 +-
librpc/rpc/dcesrv_auth.c | 5 +
librpc/rpc/dcesrv_core.c | 18 ++
librpc/rpc/dcesrv_core.h | 2 +
librpc/tools/ndrdump.c | 10 +
nsswitch/pam_winbind.c | 12 +-
nsswitch/pam_winbind.h | 1 +
python/samba/netcmd/domain.py | 2 -
python/samba/provision/__init__.py | 5 +-
python/samba/tests/auth_log.py | 8 +-
python/samba/tests/blackbox/ndrdump.py | 19 +-
python/samba/upgradehelpers.py | 11 +-
selftest/knownfail.d/smb1-tests | 2 +
selftest/quick | 1 +
selftest/target/Samba3.pm | 20 +-
selftest/wscript | 2 +-
source3/lib/sysacls.c | 6 +-
source3/libads/authdata.c | 33 ++-
source3/libads/kerberos_proto.h | 2 +
source3/libads/ldap.c | 14 +-
source3/libads/sasl.c | 58 ++--
source3/libnet/libnet_join.c | 18 +-
source3/libsmb/cli_smb2_fnum.c | 14 +
source3/libsmb/clidfs.c | 57 ++++
source3/libsmb/clifile.c | 53 ++++
source3/libsmb/proto.h | 6 +
source3/libsmb/trusts_util.c | 14 +-
auth/auth_util.h => source3/modules/vfs_aixacl.h | 26 +-
source3/modules/vfs_solarisacl.h | 1 +
source3/modules/vfs_virusfilter.c | 18 +-
source3/modules/vfs_virusfilter_common.h | 4 +
source3/modules/vfs_virusfilter_dummy.c | 58 ++++
source3/modules/wscript_build | 1 +
source3/passdb/pdb_interface.c | 14 +-
source3/printing/samba-bgqd.c | 3 +
source3/rpc_server/rpc_config.c | 2 +
source3/script/tests/test_smbclient_s3.sh | 99 +++++++
source3/script/tests/test_virus_scanner.sh | 124 +++++++++
source3/selftest/ktest-krb5_ccache-2.txt | 4 +-
source3/selftest/ktest-krb5_ccache-3.txt | 4 +-
source3/selftest/tests.py | 9 +
source3/smbd/filename.c | 7 +
source3/smbd/open.c | 38 ++-
source3/utils/net_ads.c | 24 +-
source3/utils/py_net.c | 2 +-
source3/utils/testparm.c | 51 ++++
source3/winbindd/idmap_autorid.c | 7 +-
source3/winbindd/winbindd.h | 2 +
source3/winbindd/winbindd_ads.c | 57 ++--
source3/winbindd/winbindd_cred_cache.c | 18 +-
source3/winbindd/winbindd_pam.c | 12 +-
source3/winbindd/winbindd_proto.h | 4 +-
source3/wscript | 12 +-
source4/auth/ntlm/auth_simple.c | 4 +-
source4/auth/sam.c | 19 +-
source4/dsdb/samdb/ldb_modules/paged_results.c | 19 +-
source4/dsdb/samdb/ldb_modules/vlv_pagination.c | 21 +-
.../tests/dns-decode_dns_name_packet-hex.txt | 2 +-
.../librpc/tests/fuzzed_drsuapi_DsAddEntry_1.txt | 297 ++++++++++++++++++++-
.../librpc/tests/fuzzed_drsuapi_DsGetNCChanges.txt | 2 +-
.../tests/fuzzed_drsuapi_DsReplicaAttribute.txt | 31 ++-
.../tests/fuzzed_ntlmssp-AUTHENTICATE_MESSAGE.txt | 33 +++
.../tests/fuzzed_ntlmssp-CHALLENGE_MESSAGE.txt | 52 +++-
source4/librpc/tests/krb5pac_upn_dns_info_ex.txt | 61 +++++
.../krb5pac_upn_dns_info_ex_not_supported.txt | 69 +++++
source4/rpc_server/netlogon/dcerpc_netlogon.c | 11 +-
source4/rpc_server/service_rpc.c | 10 +
source4/selftest/tests.py | 1 +
source4/torture/libsmbclient/libsmbclient.c | 112 ++++++++
source4/torture/ndr/string.c | 30 ++-
source4/torture/rpc/netlogon.c | 10 +-
source4/torture/smb2/lease.c | 124 +++++++++
...crypto.sh => test_weak_disable_ntlmssp_ldap.sh} | 30 +--
tests/readlink.c | 11 +-
third_party/resolv_wrapper/wscript | 13 +
wscript_configure_system_gnutls | 3 +
88 files changed, 2080 insertions(+), 263 deletions(-)
copy lib/ldb/ABI/{ldb-2.0.5.sigs => ldb-2.4.2.sigs} (100%)
copy lib/ldb/ABI/{pyldb-util-2.1.0.sigs => pyldb-util-2.4.2.sigs} (100%)
copy auth/auth_util.h => source3/modules/vfs_aixacl.h (54%)
create mode 100644 source3/modules/vfs_virusfilter_dummy.c
create mode 100755 source3/script/tests/test_virus_scanner.sh
copy testprogs/blackbox/{test_weak_crypto.sh => test_weak_disable_ntlmssp_ldap.sh} (52%)
Changeset truncated at 500 lines:
diff --git a/VERSION b/VERSION
index 8583d916565..d1329831b27 100644
--- a/VERSION
+++ b/VERSION
@@ -25,7 +25,7 @@
########################################################
SAMBA_VERSION_MAJOR=4
SAMBA_VERSION_MINOR=15
-SAMBA_VERSION_RELEASE=5
+SAMBA_VERSION_RELEASE=6
########################################################
# If a official release has a serious bug #
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 292c34457df..c2d172a5e68 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,3 +1,86 @@
+ ==============================
+ Release Notes for Samba 4.15.6
+ March 15, 2022
+ ==============================
+
+
+This is the latest stable release of the Samba 4.15 release series.
+
+
+Changes since 4.15.5
+--------------------
+
+o Jeremy Allison <jra at samba.org>
+ * BUG 14169: Renaming file on DFS root fails with
+ NT_STATUS_OBJECT_PATH_NOT_FOUND.
+ * BUG 14737: Samba does not response STATUS_INVALID_PARAMETER when opening 2
+ objects with same lease key.
+ * BUG 14938: NT error code is not set when overwriting a file during rename
+ in libsmbclient.
+
+o Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
+ * BUG 14996: Fix ldap simple bind with TLS auditing.
+
+o Ralph Boehme <slow at samba.org>
+ * BUG 14674: net ads info shows LDAP Server: 0.0.0.0 depending on contacted
+ server.
+
+o Samuel Cabrero <scabrero at suse.de>
+ * BUG 14979: Problem when winbind renews Kerberos.
+
+o Günther Deschner <gd at samba.org>
+ * BUG 8691: pam_winbind will not allow gdm login if password about to expire.
+
+o Pavel Filipenský <pfilipen at redhat.com>
+ * BUG 14971: virusfilter_vfs_openat: Not scanned: Directory or special file.
+
+o Björn Jacke <bj at sernet.de>
+ * BUG 13631: DFS fix for AIX broken.
+ * BUG 14974: Solaris and AIX acl modules: wrong function arguments.
+ * BUG 7239: Function aixacl_sys_acl_get_file not declared / coredump.
+
+o Volker Lendecke <vl at samba.org>
+ * BUG 14900: Regression: Samba 4.15.2 on macOS segfaults intermittently
+ during strcpy in tdbsam_getsampwnam.
+ * BUG 14989: Fix a use-after-free in SMB1 server.
+
+o Stefan Metzmacher <metze at samba.org>
+ * BUG 14968: smb2_signing_decrypt_pdu() may not decrypt with
+ gnutls_aead_cipher_decrypt() from gnutls before 3.5.2.
+ * BUG 14984: changing the machine password against an RODC likely destroys
+ the domain join.
+ * BUG 14993: authsam_make_user_info_dc() steals memory from its struct
+ ldb_message *msg argument.
+ * BUG 14995: Use Heimdal 8.0 (pre) rather than an earlier snapshot.
+
+o Andreas Schneider <asn at samba.org>
+ * BUG 14967: Samba autorid fails to map AD users if id rangesize fits in the
+ id range only once.
+
+
+#######################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.libera.chat or the
+#samba-technical:matrix.org matrix channel.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 4.1 and newer product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+Release notes for older releases follow:
+----------------------------------------
==============================
Release Notes for Samba 4.15.5
January 31, 2022
@@ -51,8 +134,7 @@ database (https://bugzilla.samba.org/).
======================================================================
-Release notes for older releases follow:
-----------------------------------------
+----------------------------------------------------------------------
==============================
Release Notes for Samba 4.15.4
January 19, 2022
diff --git a/docs-xml/manpages/idmap_autorid.8.xml b/docs-xml/manpages/idmap_autorid.8.xml
index 6c4da1cad8a..980718f0bd4 100644
--- a/docs-xml/manpages/idmap_autorid.8.xml
+++ b/docs-xml/manpages/idmap_autorid.8.xml
@@ -48,7 +48,13 @@
and the corresponding map is discarded. It is
intended as a way to avoid accidental UID/GID
overlaps between local and remotely defined
- IDs.
+ IDs. Note that the range should be a multiple
+ of the rangesize and needs to be at least twice
+ as large in order to have sufficient id range
+ space for the mandatory BUILTIN domain.
+ With a default rangesize of 100000 the range
+ needs to span at least 200000.
+ This would be: range = 100000 - 299999.
</para></listitem>
</varlistentry>
diff --git a/docs-xml/manpages/pam_winbind.conf.5.xml b/docs-xml/manpages/pam_winbind.conf.5.xml
index 0bc288f91a1..bae9298fc32 100644
--- a/docs-xml/manpages/pam_winbind.conf.5.xml
+++ b/docs-xml/manpages/pam_winbind.conf.5.xml
@@ -194,6 +194,13 @@
</para></listitem>
</varlistentry>
+ <varlistentry>
+ <term>pwd_change_prompt = yes|no</term>
+ <listitem><para>
+ Generate prompt for changing an expired password. Defaults to "no".
+ </para></listitem>
+ </varlistentry>
+
</variablelist>
</para>
diff --git a/docs-xml/manpages/vfs_virusfilter.8.xml b/docs-xml/manpages/vfs_virusfilter.8.xml
index 329a35af68a..88f91d73a42 100644
--- a/docs-xml/manpages/vfs_virusfilter.8.xml
+++ b/docs-xml/manpages/vfs_virusfilter.8.xml
@@ -48,6 +48,10 @@
scanner</para></listitem>
<listitem><para><emphasis>clamav</emphasis>, the ClamAV
scanner</para></listitem>
+ <listitem><para><emphasis>dummy</emphasis>, dummy scanner used in
+ tests. Checks against the <emphasis>infected files</emphasis>
+ parameter and flags any name that matches as infected.
+ </para></listitem>
</itemizedlist>
</listitem>
</varlistentry>
@@ -264,6 +268,14 @@
</listitem>
</varlistentry>
+ <varlistentry>
+ <term>virusfilter:infected files = empty</term>
+ <listitem>
+ <para>Files that virusfilter <emphasis>dummy</emphasis> flags as infected.</para>
+ <para>If this option is not set, the default is empty.</para>
+ </listitem>
+ </varlistentry>
+
<varlistentry>
<term>virusfilter:block access on error = false</term>
<listitem>
diff --git a/lib/krb5_wrap/krb5_samba.c b/lib/krb5_wrap/krb5_samba.c
index fff5b4e2a22..76c2dcd2126 100644
--- a/lib/krb5_wrap/krb5_samba.c
+++ b/lib/krb5_wrap/krb5_samba.c
@@ -1079,7 +1079,7 @@ krb5_error_code smb_krb5_renew_ticket(const char *ccache_string,
goto done;
}
- DEBUG(10,("smb_krb5_renew_ticket: using %s as ccache\n", ccache_string));
+ DBG_DEBUG("Using %s as ccache for '%s'\n", ccache_string, client_string);
/* FIXME: we should not fall back to defaults */
ret = krb5_cc_resolve(context, discard_const_p(char, ccache_string), &ccache);
@@ -1101,7 +1101,10 @@ krb5_error_code smb_krb5_renew_ticket(const char *ccache_string,
ret = krb5_get_renewed_creds(context, &creds, client, ccache, discard_const_p(char, service_string));
if (ret) {
- DEBUG(10,("smb_krb5_renew_ticket: krb5_get_kdc_cred failed: %s\n", error_message(ret)));
+ DBG_DEBUG("krb5_get_renewed_creds using ccache '%s' "
+ "for client '%s' and service '%s' failed: %s\n",
+ ccache_string, client_string, service_string,
+ error_message(ret));
goto done;
}
diff --git a/lib/ldb/ABI/ldb-2.0.5.sigs b/lib/ldb/ABI/ldb-2.4.2.sigs
similarity index 100%
copy from lib/ldb/ABI/ldb-2.0.5.sigs
copy to lib/ldb/ABI/ldb-2.4.2.sigs
diff --git a/lib/ldb/ABI/pyldb-util-2.1.0.sigs b/lib/ldb/ABI/pyldb-util-2.4.2.sigs
similarity index 100%
copy from lib/ldb/ABI/pyldb-util-2.1.0.sigs
copy to lib/ldb/ABI/pyldb-util-2.4.2.sigs
diff --git a/lib/ldb/wscript b/lib/ldb/wscript
index 986690181ec..c470f854b99 100644
--- a/lib/ldb/wscript
+++ b/lib/ldb/wscript
@@ -2,7 +2,7 @@
APPNAME = 'ldb'
# For Samba 4.15.x
-VERSION = '2.4.1'
+VERSION = '2.4.2'
import sys, os
diff --git a/lib/util/util.c b/lib/util/util.c
index 7eee60b85cd..c066406d320 100644
--- a/lib/util/util.c
+++ b/lib/util/util.c
@@ -481,6 +481,48 @@ void print_asc(int level, const uint8_t *buf,int len)
print_asc_cb(buf, len, debugadd_cb, &level);
}
+static void dump_data_block16(const char *prefix, size_t idx,
+ const uint8_t *buf, size_t len,
+ void (*cb)(const char *buf, void *private_data),
+ void *private_data)
+{
+ char tmp[16];
+ size_t i;
+
+ SMB_ASSERT(len >= 0 && len <= 16);
+
+ snprintf(tmp, sizeof(tmp), "%s[%04zX]", prefix, idx);
+ cb(tmp, private_data);
+
+ for (i=0; i<16; i++) {
+ if (i == 8) {
+ cb(" ", private_data);
+ }
+ if (i < len) {
+ snprintf(tmp, sizeof(tmp), " %02X", (int)buf[i]);
+ } else {
+ snprintf(tmp, sizeof(tmp), " ");
+ }
+ cb(tmp, private_data);
+ }
+
+ cb(" ", private_data);
+
+ if (len == 0) {
+ cb("EMPTY BLOCK\n", private_data);
+ return;
+ }
+
+ for (i=0; i<len; i++) {
+ if (i == 8) {
+ cb(" ", private_data);
+ }
+ print_asc_cb(&buf[i], 1, cb, private_data);
+ }
+
+ cb("\n", private_data);
+}
+
/**
* Write dump of binary data to a callback
*/
@@ -491,73 +533,30 @@ void dump_data_cb(const uint8_t *buf, int len,
{
int i=0;
bool skipped = false;
- char tmp[16];
if (len<=0) return;
- for (i=0;i<len;) {
-
- if (i%16 == 0) {
- if ((omit_zero_bytes == true) &&
- (i > 0) &&
- (len > i+16) &&
- all_zero(&buf[i], 16))
- {
- i +=16;
- continue;
- }
-
- if (i<len) {
- snprintf(tmp, sizeof(tmp), "[%04X] ", i);
- cb(tmp, private_data);
+ for (i=0;i<len;i+=16) {
+ size_t remaining_len = len - i;
+ size_t this_len = MIN(remaining_len, 16);
+ const uint8_t *this_buf = &buf[i];
+
+ if ((omit_zero_bytes == true) &&
+ (i > 0) && (remaining_len > 16) &&
+ (this_len == 16) && all_zero(this_buf, 16))
+ {
+ if (!skipped) {
+ cb("skipping zero buffer bytes\n",
+ private_data);
+ skipped = true;
}
+ continue;
}
- snprintf(tmp, sizeof(tmp), "%02X ", (int)buf[i]);
- cb(tmp, private_data);
- i++;
- if (i%8 == 0) {
- cb(" ", private_data);
- }
- if (i%16 == 0) {
-
- print_asc_cb(&buf[i-16], 8, cb, private_data);
- cb(" ", private_data);
- print_asc_cb(&buf[i-8], 8, cb, private_data);
- cb("\n", private_data);
-
- if ((omit_zero_bytes == true) &&
- (len > i+16) &&
- all_zero(&buf[i], 16)) {
- if (!skipped) {
- cb("skipping zero buffer bytes\n",
- private_data);
- skipped = true;
- }
- }
- }
+ skipped = false;
+ dump_data_block16("", i, this_buf, this_len,
+ cb, private_data);
}
-
- if (i%16) {
- int n;
- n = 16 - (i%16);
- cb(" ", private_data);
- if (n>8) {
- cb(" ", private_data);
- }
- while (n--) {
- cb(" ", private_data);
- }
- n = MIN(8,i%16);
- print_asc_cb(&buf[i-(i%16)], n, cb, private_data);
- cb(" ", private_data);
- n = (i%16) - n;
- if (n>0) {
- print_asc_cb(&buf[i-n], n, cb, private_data);
- }
- cb("\n", private_data);
- }
-
}
/**
@@ -615,6 +614,90 @@ void dump_data_file(const uint8_t *buf, int len, bool omit_zero_bytes,
dump_data_cb(buf, len, omit_zero_bytes, fprintf_cb, f);
}
+/**
+ * Write dump of compared binary data to a callback
+ */
+void dump_data_diff_cb(const uint8_t *buf1, size_t len1,
+ const uint8_t *buf2, size_t len2,
+ bool omit_zero_bytes,
+ void (*cb)(const char *buf, void *private_data),
+ void *private_data)
+{
+ size_t len = MAX(len1, len2);
+ size_t i;
+ bool skipped = false;
+
+ for (i=0; i<len; i+=16) {
+ size_t remaining_len = len - i;
+ size_t remaining_len1 = 0;
+ size_t this_len1 = 0;
+ const uint8_t *this_buf1 = NULL;
+ size_t remaining_len2 = 0;
+ size_t this_len2 = 0;
+ const uint8_t *this_buf2 = NULL;
+
+ if (i < len1) {
+ remaining_len1 = len1 - i;
+ this_len1 = MIN(remaining_len1, 16);
+ this_buf1 = &buf1[i];
+ }
+ if (i < len2) {
+ remaining_len2 = len2 - i;
+ this_len2 = MIN(remaining_len2, 16);
+ this_buf2 = &buf2[i];
+ }
+
+ if ((omit_zero_bytes == true) &&
+ (i > 0) && (remaining_len > 16) &&
+ (this_len1 == 16) && all_zero(this_buf1, 16) &&
+ (this_len2 == 16) && all_zero(this_buf2, 16))
+ {
+ if (!skipped) {
+ cb("skipping zero buffer bytes\n",
+ private_data);
+ skipped = true;
+ }
+ continue;
+ }
+
+ skipped = false;
+
+ if ((this_len1 == this_len2) &&
+ (memcmp(this_buf1, this_buf2, this_len1) == 0))
+ {
+ dump_data_block16(" ", i, this_buf1, this_len1,
+ cb, private_data);
+ continue;
+ }
+
+ dump_data_block16("-", i, this_buf1, this_len1,
+ cb, private_data);
+ dump_data_block16("+", i, this_buf2, this_len2,
+ cb, private_data);
+ }
+}
+
+_PUBLIC_ void dump_data_diff(int dbgc_class, int level,
+ bool omit_zero_bytes,
+ const uint8_t *buf1, size_t len1,
+ const uint8_t *buf2, size_t len2)
+{
+ struct debug_channel_level dcl = { dbgc_class, level };
+
+ if (!DEBUGLVLC(dbgc_class, level)) {
+ return;
+ }
+ dump_data_diff_cb(buf1, len1, buf2, len2, true, debugadd_channel_cb, &dcl);
+}
+
+_PUBLIC_ void dump_data_file_diff(FILE *f,
+ bool omit_zero_bytes,
+ const uint8_t *buf1, size_t len1,
+ const uint8_t *buf2, size_t len2)
+{
+ dump_data_diff_cb(buf1, len1, buf2, len2, omit_zero_bytes, fprintf_cb, f);
+}
+
/**
malloc that aborts with smb_panic on fail or zero size.
**/
diff --git a/lib/util/util.h b/lib/util/util.h
index a7acad56880..072f0486234 100644
--- a/lib/util/util.h
+++ b/lib/util/util.h
@@ -51,4 +51,32 @@ _PUBLIC_ void dump_data(int level, const uint8_t *buf,int len);
*/
_PUBLIC_ void dump_data_dbgc(int dbgc_class, int level, const uint8_t *buf, int len);
+/**
+ * Write dump of compared binary data to a callback
+ */
+void dump_data_diff_cb(const uint8_t *buf1, size_t len1,
+ const uint8_t *buf2, size_t len2,
+ bool omit_zero_bytes,
+ void (*cb)(const char *buf, void *private_data),
+ void *private_data);
+
+/**
+ * Write dump of compared binary data to the log file.
+ *
+ * The data is only written if the log level is at least level for
+ * debug class dbgc_class.
+ */
+_PUBLIC_ void dump_data_diff(int dbgc_class, int level,
+ bool omit_zero_bytes,
+ const uint8_t *buf1, size_t len1,
+ const uint8_t *buf2, size_t len2);
+
+/**
+ * Write dump of compared binary data to the given file handle
+ */
+_PUBLIC_ void dump_data_file_diff(FILE *f,
+ bool omit_zero_bytes,
+ const uint8_t *buf1, size_t len1,
+ const uint8_t *buf2, size_t len2);
+
#endif
diff --git a/libcli/smb/smb2_signing.c b/libcli/smb/smb2_signing.c
--
Samba Shared Repository
More information about the samba-cvs
mailing list