[Samba] Practicality of fixing samba's case mangling problems?

Linda Walsh samba at tlinx.org
Wed Dec 28 19:58:10 MST 2011 




Christopher R. Hertel wrote:
> Linda,
>
> If you have filed a bugzilla report,
Date            Title                                                    
   
2011-07-27   *Bug 8325* 
<https://bugzilla.samba.org/show_bug.cgi?id=8325> - WINS should no 
longer be changing 'case' on hostnames' inconsistent with domain practice
2011-08-17    *Bug 8380* 
<https://bugzilla.samba.org/show_bug.cgi?id=8380> - Samba needs to 
preserve casename on user/group/host to be MS-compat (all versions)
2011-08-29   *Bug 8417* 
<https://bugzilla.samba.org/show_bug.cgi?id=8417> - Samba needs to not 
mess with case of domain and host names
2011-09-05   *Bug 8435* 
<https://bugzilla.samba.org/show_bug.cgi?id=8435> - NMBD altering case 
of file names causes other subsystems to fail.


 --- I've filed a few.

> ... and can identify the code that needs review, that would help.
Well, that's why I'm whining in public... it's a bit too much for me to 
handle:

The files (just looked at samba3 code):

./auth/auth_builtin.c
./auth/auth_server.c
./auth/auth_util.c
- ./auth/pampass.c
- ./auth/pass_check.c
./client/client.c
?./client/clitar.c
./include/includes.h
./include/proto.h
./lib/afs.c
-./lib/charcnv.c
./lib/eventlog/eventlog.c
./lib/substitute.c
./lib/username.c
./lib/util.c
-./lib/util_str.c
-./lib/util_unistr.c
./libads/ads_struct.c
./libads/dns.c
./libads/kerberos.c
./libads/kerberos_keytab.c
./libads/kerberos_verify.c
./libads/ldap.c
./libads/util.c
./libnet/libnet_join.c
./libsmb/cliconnect.c
./libsmb/clifsinfo.c
./libsmb/clirap.c
./libsmb/clirap2.c
./libsmb/dsgetdcname.c
./libsmb/namecache.c
./libsmb/namequery.c
./libsmb/namequery_dc.c
./libsmb/nmblib.c
./libsmb/nmblib.c
./libsmb/ntlmssp.c
./libsmb/trustdom_cache.c
./modules/vfs_afsacl.c
./modules/vfs_streams_depot.c
./modules/vfs_streams_xattr.c
./nmbd/nmbd_browserdb.c
./nmbd/nmbd_browsesync.c
./nmbd/nmbd_elections.c
?./nmbd/nmbd_incomingdgrams.c
./nmbd/nmbd_incomingdgrams.c
./nmbd/nmbd_incomingrequests.c
./nmbd/nmbd_namelistdb.c
./nmbd/nmbd_sendannounce.c
./nmbd/nmbd_serverlistdb.c
./nmbd/nmbd_winsserver.c
./param/loadparm.c
./passdb/lookup_sid.c
./passdb/pdb_interface.c
./passdb/pdb_ldap.c
./passdb/pdb_tdb.c
./passdb/secrets.c
./printing/lpq_parse.c
./printing/nt_printing.c
./registry/reg_util.c
./rpc_client/cli_pipe.c
./rpc_server/srv_dfs_nt.c
./rpc_server/srv_dssetup_nt.c
./rpc_server/srv_wkssvc_nt.c
./rpcclient/cmd_spoolss.c
./smbd/filename.c
./smbd/lanman.c
-./smbd/mangle_hash.c
./smbd/mangle_hash2.c
./smbd/negprot.c
./smbd/password.c
./smbd/seal.c
./smbd/service.c
./smbd/service.c
./smbd/sesssetup.c
./smbd/smb2_tcon.c
./torture/masktest.c
./torture/torture.c
./utils/net_ads.c
./utils/net_conf.c
./utils/net_idmap.c
./utils/net_rpc.c
./utils/net_rpc_join.c
./utils/net_usershare.c
./utils/ntlm_auth.c
./utils/ntlm_auth_diagnostics.c
./utils/pdbedit.c
./utils/smbcontrol.c
-./utils/smbpasswd.c
./winbindd/idmap_adex/gc_util.c
./winbindd/idmap_ldap.c
./winbindd/wb_fill_pwent.c
./winbindd/winbindd_ads.c
./winbindd/winbindd_cache.c
./winbindd/winbindd_cm.c
./winbindd/winbindd_pam.c
./winbindd/winbindd_util.c


---
Ones with a "-" in front of them mention strup/lo, but don't use it for 
user or dom mangling.
There are a few.

Not really sure about how good the case mangling that is in there is...
as it tries to handle unicode, w/out knowing that max UTF-8 len for 
current unicode (up through
bit plane 17), takes 4 bytes , not 5 as a the code comments.

Also this made me wonder about making modifications, as I don't know 
what I' might
be trying to base code on...
 

use_as_is:
    /*
     * Conversion not supported. This is actually an error, but there are so
     * many misconfigured iconv systems and smb.conf's out there we 
can't just
     * fail. Do a very bad conversion instead.... JRA.
     */
====
So not sure what one would end up with or what types of 
incompatibilities one might
introduce if one were to try to introduce changes to code to code that 
passes through
errors...  how does one define case for erroneous charset usage?
> How are you at digging into the code? 
----
    Not ALOT of 'endurance', easily distracted....


> and can identify the code that needs review, that would help.  Patches are
> even better.  

Last patch of mine got modified into a personal statement by someone 
about their bad experiences
w/the security 'community'[sic]...  *ahem*...

> The more specific details that you can provide the better able
> one of us will be to work with you on resolving the problems you are seeing.
>
> Chris -)-----
>   


Well, I have raised the issue a few times...

More information about the samba mailing list