[SCM] Samba Shared Repository - branch master updated
Jeremy Allison
jra at samba.org
Mon May 23 19:19:01 UTC 2022
The branch, master has been updated
via a26f535dedc s3:libads: Clear previous CLDAP ping flags when reusing the ADS_STRUCT
via 4dde5e747d2 s3:libnet: Fix talloc frame not freed in order
via 11e0eb6f938 s3:libads: Print 'gc' and 'no_fallback' fields in ndr_print_ads_struct()
via 02a9a160e2d python/gp_cert_auto_enroll: Fix bitwise test in expression
via 3bb6b05781f s3:lib: Fix use_after_free: Using freed pointer "p"
from d19dfe1efb2 third_party: Update waf to version 2.0.24
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit a26f535dedc651afa2a25dd37113ac71787197ff
Author: Samuel Cabrero <scabrero at suse.de>
Date: Mon May 23 14:11:24 2022 +0200
s3:libads: Clear previous CLDAP ping flags when reusing the ADS_STRUCT
Before commit 1d066f37b9217a475b6b84a935ad51fbec88fe04, when the LDAP
connection wasn't established yet (ads->ldap.ld == NULL), the
ads_current_time() function always allocated and initialized a new
ADS_STRUCT even when ads->ldap.ss had a good address after having called
ads_find_dc().
After that commit, when the ADS_STRUCT is reused and passed to the
ads_connect() call, ads_try_connect() may fail depending on the
contacted DC because ads->config.flags field can contain the flags
returned by the previous CLDAP call. For example, when having 5 DCs:
* 192.168.101.31 has PDC FSMO role
* 192.168.101.32
* 192.168.101.33
* 192.168.101.34
* 192.168.101.35
$> net ads info -S 192.168.101.35
net_ads_info()
ads_startup_nobind()
ads_startup_int()
ads_init()
ads_connect()
ads_try_connect(192.168.101.35)
check_cldap_reply_required_flags(returned=0xF1FC, required=0x0)
ads_current_time()
ads_connect()
ads_try_connect(192.168.101.35)
check_cldap_reply_required_flags(returned=0xF1FC, required=0xF1FC)
The check_cldap_reply_required_flags() call fails because
ads->config.flags contain the flags returned by the previous CLDAP call,
even when the returned and required values match because they have
different semantics:
if (req_flags & DS_PDC_REQUIRED)
RETURN_ON_FALSE(ret_flags & NBT_SERVER_PDC);
translates to:
if (0xF1FC & 0x80)
RETURN_ON_FALSE(0xF1FC & 0x01);
which returns false because 192.168.101.35 has no PDC FSMO role.
The easiest fix for now is to reset ads->config.flags in
ads_current_time() when reusing an ADS_STRUCT before calling
ads_connect(), but we should consider storing the required and returned
flags in different fields or at least use the same bitmap for them
because check_cldap_reply_required_flags() is checking a
netr_DsRGetDCName_flags value using the nbt_server_type bitmap.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14674
Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Mon May 23 19:18:38 UTC 2022 on sn-devel-184
commit 4dde5e747d2633f88eb4cc17d81f6dc4218b32be
Author: Samuel Cabrero <scabrero at suse.de>
Date: Mon May 23 11:51:32 2022 +0200
s3:libnet: Fix talloc frame not freed in order
Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 11e0eb6f938002d93169c0293d7ec5e0488df307
Author: Samuel Cabrero <scabrero at suse.de>
Date: Mon May 23 11:43:29 2022 +0200
s3:libads: Print 'gc' and 'no_fallback' fields in ndr_print_ads_struct()
Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 02a9a160e2d6d14b6dc04dcda1a136484f5edd95
Author: Pavel Filipenský <pfilipen at redhat.com>
Date: Mon May 23 13:10:31 2022 +0200
python/gp_cert_auto_enroll: Fix bitwise test in expression
Found by covscan.
result_independent_of_operands: "(e.data & 4) == 1" is always false regardless of the values of its operands. This occurs as the operand of assignment.
Signed-off-by: Pavel Filipenský <pfilipen at redhat.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 3bb6b05781fa79de697d859d18c4fc252831fdef
Author: Pavel Filipenský <pfilipen at redhat.com>
Date: Mon May 23 12:57:42 2022 +0200
s3:lib: Fix use_after_free: Using freed pointer "p"
Found by covscan.
Signed-off-by: Pavel Filipenský <pfilipen at redhat.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
-----------------------------------------------------------------------
Summary of changes:
python/samba/gp_cert_auto_enroll_ext.py | 6 +++---
source3/lib/netapi/examples/common.c | 1 +
source3/libads/ldap.c | 7 +++++++
source3/libads/ndr.c | 2 ++
source3/libnet/libnet_join.c | 2 +-
5 files changed, 14 insertions(+), 4 deletions(-)
Changeset truncated at 500 lines:
diff --git a/python/samba/gp_cert_auto_enroll_ext.py b/python/samba/gp_cert_auto_enroll_ext.py
index 680525c9ced..585dc560550 100644
--- a/python/samba/gp_cert_auto_enroll_ext.py
+++ b/python/samba/gp_cert_auto_enroll_ext.py
@@ -358,9 +358,9 @@ class gp_cert_auto_enroll_ext(gp_pol_ext):
# This policy applies as specified in [MS-CAESO] 4.4.5.1
if e.data == 0x8000:
continue # The policy is disabled
- enroll = e.data & 0x1 == 1
- manage = e.data & 0x2 == 1
- retrive_pending = e.data & 0x4 == 1
+ enroll = e.data & 0x1 == 0x1
+ manage = e.data & 0x2 == 0x2
+ retrive_pending = e.data & 0x4 == 0x4
if enroll:
self.__enroll(pol_conf.entries, trust_dir,
private_dir)
diff --git a/source3/lib/netapi/examples/common.c b/source3/lib/netapi/examples/common.c
index 66b2bd3b6d0..72d7150b4ea 100644
--- a/source3/lib/netapi/examples/common.c
+++ b/source3/lib/netapi/examples/common.c
@@ -140,6 +140,7 @@ char *netapi_read_file(const char *filename, uint32_t *psize)
tmp = realloc(p, sizeof(char) * newbufsize);
if (tmp == NULL) {
free(p);
+ p = NULL;
goto fail;
}
p = tmp;
diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c
index 647cdbd0459..6caeebe6037 100755
--- a/source3/libads/ldap.c
+++ b/source3/libads/ldap.c
@@ -3305,6 +3305,13 @@ ADS_STATUS ads_current_time(ADS_STRUCT *ads)
goto done;
}
}
+
+ /*
+ * Reset ads->config.flags as it can contain the flags
+ * returned by the previous CLDAP ping when reusing the struct.
+ */
+ ads_s->config.flags = 0;
+
ads_s->auth.flags = ADS_AUTH_ANON_BIND;
status = ads_connect( ads_s );
if ( !ADS_ERR_OK(status))
diff --git a/source3/libads/ndr.c b/source3/libads/ndr.c
index 1b586c34282..07f0f7e948a 100644
--- a/source3/libads/ndr.c
+++ b/source3/libads/ndr.c
@@ -51,6 +51,8 @@ void ndr_print_ads_struct(struct ndr_print *ndr, const char *name, const struct
ndr_print_string(ndr, "realm", r->server.realm);
ndr_print_string(ndr, "workgroup", r->server.workgroup);
ndr_print_string(ndr, "ldap_server", r->server.ldap_server);
+ ndr_print_bool(ndr, "gc", r->server.gc);
+ ndr_print_bool(ndr, "no_fallback", r->server.no_fallback);
ndr->depth--;
ndr_print_struct(ndr, name, "auth");
ndr->depth++;
diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c
index 5069e7546ef..f59fea992b8 100644
--- a/source3/libnet/libnet_join.c
+++ b/source3/libnet/libnet_join.c
@@ -543,7 +543,7 @@ static ADS_STATUS libnet_join_set_machine_spn(TALLOC_CTX *mem_ctx,
status = libnet_join_find_machine_acct(mem_ctx, r);
if (!ADS_ERR_OK(status)) {
- return status;
+ goto done;
}
status = libnet_join_get_machine_spns(frame,
--
Samba Shared Repository
More information about the samba-cvs
mailing list