[Pkg-samba-maint] [Git][samba-team/samba][bookworm] 2 commits: dnsserver-rename-dns_name_equal.patch (#1036587, #927747)
Michael Tokarev (@mjt)
gitlab at salsa.debian.org
Wed May 24 21:02:29 BST 2023
Michael Tokarev pushed to branch bookworm at Debian Samba Team / samba
Commits:
335a2480 by Michael Tokarev at 2023-05-24T22:59:54+03:00
dnsserver-rename-dns_name_equal.patch (#1036587, #927747)
(forgotten) patch from upstream targetting next stable
- - - - -
5e0afb3f by Michael Tokarev at 2023-05-24T23:00:01+03:00
update changelog; upload version 4.17.8+dfsg-2 to unstable
- - - - -
3 changed files:
- debian/changelog
- + debian/patches/dnsserver-rename-dns_name_equal.patch
- debian/patches/series
Changes:
=====================================
debian/changelog
=====================================
@@ -1,3 +1,16 @@
+samba (2:4.17.8+dfsg-2) unstable; urgency=medium
+
+ * dnsserver-rename-dns_name_equal.patch
+ (forgotten) patch from upstream targetting next stable
+ Fixes crashes of named with samba DLZ plugin due to
+ symbol name conflict (dns_name_equal() function).
+ There's no resulting code changes, just a symbol
+ rename.
+ https://bugzilla.samba.org/show_bug.cgi?id=14030
+ Closes: #1036587, #927747
+
+ -- Michael Tokarev <mjt at tls.msk.ru> Wed, 24 May 2023 22:54:43 +0300
+
samba (2:4.17.8+dfsg-1) unstable; urgency=medium
* upstream stable/security/bugfix release, fixing the following issues:
=====================================
debian/patches/dnsserver-rename-dns_name_equal.patch
=====================================
@@ -0,0 +1,255 @@
+Commit-Id: fcecdfa8e5c651d4a27f8fcd5df6e9bce37ed8a7
+From: Samuel Cabrero <scabrero at samba.org>
+Date: Wed, 18 Jan 2023 17:25:29 +0100
+Subject: s4:dnsserver: Rename dns_name_equal() to samba_dns_name_equal()
+Bug-Debian: https://bugs.debian.org/1036587
+Bug-Debian: https://bugs.debian.org/927747
+Bug: https://bugzilla.samba.org/show_bug.cgi?id=14030
+
+This function already exists in bind9 but takes different arguments, so when
+the DLZ is loaded and this function is called bind crashes:
+
+ named[1523]: samba_dlz: allowing update of signer=DESKTOP-8BUKMBK\$\@AFOREST.AD name=118.101.168.192.in-addr.arpa tcpaddr=192.168.101.118 type=PTR key=1264-ms-7.1-2ac9.9ef238e1-9747-11ed-9f95-525400dc6981/159/0
+ named[1523]: samba_dlz: allowing update of signer=DESKTOP-8BUKMBK\$\@AFOREST.AD name=118.101.168.192.in-addr.arpa tcpaddr=192.168.101.118 type=PTR key=1264-ms-7.1-2ac9.9ef238e1-9747-11ed-9f95-525400dc6981/159/0
+ named[1523]: client @0x7f26caa90f68 192.168.101.118#58223/key DESKTOP-8BUKMBK\$\@AFOREST.AD: updating zone '101.168.192.in-addr.arpa/NONE': deleting rrset at '118.101.168.192.in-addr.ar
+ named[1523]: name.c:664: REQUIRE(((name1) != ((void *)0) && ((const isc__magic_t *)(name1))->magic == ((('D') << 24 | ('N') << 16 | ('S') << 8 | ('n'))))) failed, back trace
+
+Backtrace:
+
+ #0 0x00007f2716c957ec in __pthread_kill_implementation () from /lib64/libc.so.6
+ #1 0x00007f2716c42816 in raise () from /lib64/libc.so.6
+ #2 0x00007f2716c2b81c in abort () from /lib64/libc.so.6
+ #3 0x000055d4de847995 in assertion_failed (file=<optimized out>, line=<optimized out>,
+ type=<optimized out>, cond=<optimized out>) at /usr/src/debug/bind-9.18.10/bin/named/main.c:237
+ #4 0x00007f27176388fc in isc_assertion_failed (file=file at entry=0x7f27173b0df6 "name.c",
+ line=line at entry=664, type=type at entry=isc_assertiontype_require,
+ cond=cond at entry=0x7f27173b0268 "((name1) != ((void *)0) && ((const isc__magic_t *)(name1))->magic == ((('D') << 24 | ('N') << 16 | ('S') << 8 | ('n'))))")
+ at /usr/src/debug/bind-9.18.10/lib/isc/assertions.c:48
+ #5 0x00007f27172946f9 in dns_name_equal (name1=<optimized out>, name2=<optimized out>)
+ at /usr/src/debug/bind-9.18.10/lib/dns/name.c:664
+
+ **** Here bind's dns_name_equal() is called instead of samba's dns_name_equal() ****
+
+ #6 0x00007f27077ad6f2 in dns_record_match (rec1=0x7f26f8042d70, rec2=0x7f26f8044d10)
+ at ../../source4/dns_server/dnsserver_common.c:1346
+ #7 0x00007f271404732c in b9_record_match (rec1=0x7f26f8042d70, rec2=0x7f26f8044d10)
+ at ../../source4/dns_server/dlz_bind9.c:1830
+ #8 0x00007f2714047daa in dlz_subrdataset (name=0x7f2706ff82f0 "118.101.168.192.in-addr.arpa",
+ rdatastr=0x7f26c9c10000 "118.101.168.192.in-addr.arpa.\t1200\tIN\tPTR\tDESKTOP-8BUKMBK.aforest.ad.",
+ dbdata=0x7f271003d300, version=0x7f26f8044b20) at ../../source4/dns_server/dlz_bind9.c:2077
+ #9 0x000055d4de84afb4 in dlopen_dlz_subrdataset (name=0x7f2706ff82f0 "118.101.168.192.in-addr.arpa",
+ rdatastr=<optimized out>, driverarg=<optimized out>, dbdata=0x7f270430f680, version=<optimized out>)
+ at /usr/src/debug/bind-9.18.10/bin/named/dlz_dlopen_driver.c:483
+ #10 0x00007f271738e734 in modrdataset.constprop.0 (db=0x7f2704291740, node=0x7f26c9c006e0,
+ version=0x7f26f8044b20, rdataset=0x7f2706ff8830,
+ mod_function=0x55d4de84af80 <dlopen_dlz_subrdataset>, options=<optimized out>)
+ at /usr/src/debug/bind-9.18.10/lib/dns/sdlz.c:1107
+ #11 0x00007f2717251855 in diff_apply (diff=diff at entry=0x7f2706ff8df0, db=db at entry=0x7f2704291740,
+ ver=ver at entry=0x7f26f8044b20, warn=warn at entry=true) at /usr/src/debug/bind-9.18.10/lib/dns/diff.c:370
+ #12 0x00007f2717251c8a in dns_diff_apply (diff=diff at entry=0x7f2706ff8df0, db=db at entry=0x7f2704291740,
+ ver=ver at entry=0x7f26f8044b20) at /usr/src/debug/bind-9.18.10/lib/dns/diff.c:465
+ #13 0x00007f2717d105aa in do_one_tuple (tuple=tuple at entry=0x7f2706ff8e50, db=db at entry=0x7f2704291740,
+ ver=ver at entry=0x7f26f8044b20, diff=diff at entry=0x7f2706ff9400)
+ at /usr/src/debug/bind-9.18.10/lib/ns/update.c:454
+ #14 0x00007f2717d10fff in update_one_rr (rdata=0x7f2706ff8ee8, ttl=<optimized out>,
+ name=<optimized out>, op=DNS_DIFFOP_DEL, diff=0x7f2706ff9400, ver=0x7f26f8044b20, db=0x7f2704291740)
+ at /usr/src/debug/bind-9.18.10/lib/ns/update.c:505
+ #15 delete_if_action (data=<optimized out>, rr=0x7f2706ff8ee0)
+ at /usr/src/debug/bind-9.18.10/lib/ns/update.c:1427
+ #16 0x00007f2717d10ccd in foreach_rr (db=0x7f2704291740, ver=<optimized out>, name=0x7f26caa61d00,
+ type=<optimized out>, covers=<optimized out>,
+ rr_action=rr_action at entry=0x7f2717d10f60 <delete_if_action>, rr_action_data=0x7f2706ff9280)
+ at /usr/src/debug/bind-9.18.10/lib/ns/update.c:736
+ #17 0x00007f2717d10e76 in delete_if (predicate=predicate at entry=0x7f2717d0fb10 <true_p>,
+ db=<optimized out>, ver=<optimized out>, name=<optimized out>, type=<optimized out>,
+ covers=<optimized out>, update_rr=0x7f2706ff94b0, diff=0x7f2706ff9400)
+ at /usr/src/debug/bind-9.18.10/lib/ns/update.c:1454
+ #18 0x00007f2717d1bccd in update_action (task=<optimized out>, event=<optimized out>)
+ at /usr/src/debug/bind-9.18.10/lib/ns/update.c:3299
+ #19 0x00007f271765eb4c in task_run (task=0x7f27155ccf00)
+ at /usr/src/debug/bind-9.18.10/lib/isc/task.c:823
+ #20 isc_task_run (task=0x7f27155ccf00) at /usr/src/debug/bind-9.18.10/lib/isc/task.c:904
+ #21 0x00007f271762cb12 in isc__nm_async_task (worker=0x7f2716236560, ev0=0x7f26caa07000)
+ at netmgr/netmgr.c:840
+ #22 process_netievent (worker=worker at entry=0x7f2716236560, ievent=0x7f26caa07000) at netmgr/netmgr.c:918
+ #23 0x00007f271762d197 in process_queue (worker=worker at entry=0x7f2716236560,
+ type=type at entry=NETIEVENT_TASK) at netmgr/netmgr.c:1011
+ #24 0x00007f271762d3b3 in process_all_queues (worker=0x7f2716236560) at netmgr/netmgr.c:765
+ #25 async_cb (handle=0x7f27162368c0) at netmgr/netmgr.c:794
+ #26 0x00007f2717c4cb0d in uv__async_io (loop=0x7f2716236570, w=<optimized out>, events=<optimized out>)
+ at src/unix/async.c:163
+ #27 0x00007f2717c6825d in uv__io_poll (loop=0x7f2716236570, timeout=<optimized out>)
+ at src/unix/epoll.c:374
+ #28 0x00007f2717c5247a in uv__io_poll (timeout=<optimized out>, loop=0x7f2716236570)
+ at src/unix/udp.c:122
+ #29 uv_run (loop=loop at entry=0x7f2716236570, mode=mode at entry=UV_RUN_DEFAULT) at src/unix/core.c:406
+ #30 0x00007f271762d834 in nm_thread (worker0=0x7f2716236560) at netmgr/netmgr.c:696
+ #31 0x00007f27176627f5 in isc__trampoline_run (arg=0x55d4dfe3ad70)
+ at /usr/src/debug/bind-9.18.10/lib/isc/trampoline.c:189
+ #32 0x00007f2716c9398d in start_thread () from /lib64/libc.so.6
+ #33 0x00007f2716d19344 in clone () from /lib64/libc.so.6
+
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=14030
+
+Signed-off-by: Samuel Cabrero <scabrero at samba.org>
+Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
+
+Autobuild-User(master): Samuel Cabrero <scabrero at samba.org>
+Autobuild-Date(master): Thu Jan 19 10:20:27 UTC 2023 on atb-devel-224
+---
+ source4/dns_server/dns_crypto.c | 2 +-
+ source4/dns_server/dns_update.c | 4 ++--
+ source4/dns_server/dnsserver_common.c | 21 +++++++++++++--------
+ source4/dns_server/dnsserver_common.h | 2 +-
+ source4/rpc_server/dnsserver/dnsutils.c | 2 +-
+ source4/torture/dns/dlz_bind9.c | 8 ++++----
+ 6 files changed, 22 insertions(+), 17 deletions(-)
+
+diff --git a/source4/dns_server/dns_crypto.c b/source4/dns_server/dns_crypto.c
+index 6d2b8648757..b38eb8b13bb 100644
+--- a/source4/dns_server/dns_crypto.c
++++ b/source4/dns_server/dns_crypto.c
+@@ -81,7 +81,7 @@ struct dns_server_tkey *dns_find_tkey(struct dns_server_tkey_store *store,
+ if (tmp_key == NULL) {
+ continue;
+ }
+- if (dns_name_equal(name, tmp_key->name)) {
++ if (samba_dns_name_equal(name, tmp_key->name)) {
+ tkey = tmp_key;
+ break;
+ }
+diff --git a/source4/dns_server/dns_update.c b/source4/dns_server/dns_update.c
+index 2d5f353671e..7b87dc6c6e3 100644
+--- a/source4/dns_server/dns_update.c
++++ b/source4/dns_server/dns_update.c
+@@ -593,7 +593,7 @@ static WERROR handle_one_update(struct dns_server *dns,
+ * work out if the node as a whole needs tombstoning.
+ */
+ if (update->rr_type == DNS_QTYPE_ALL) {
+- if (dns_name_equal(update->name, zone->name)) {
++ if (samba_dns_name_equal(update->name, zone->name)) {
+ for (i = first; i < rcount; i++) {
+
+ if (recs[i].wType == DNS_TYPE_SOA) {
+@@ -617,7 +617,7 @@ static WERROR handle_one_update(struct dns_server *dns,
+ }
+ }
+
+- } else if (dns_name_equal(update->name, zone->name)) {
++ } else if (samba_dns_name_equal(update->name, zone->name)) {
+
+ if (update->rr_type == DNS_QTYPE_SOA) {
+ return WERR_OK;
+diff --git a/source4/dns_server/dnsserver_common.c b/source4/dns_server/dnsserver_common.c
+index 03f76d4a871..0481b0715c7 100644
+--- a/source4/dns_server/dnsserver_common.c
++++ b/source4/dns_server/dnsserver_common.c
+@@ -1331,7 +1331,8 @@ bool dns_record_match(struct dnsp_DnssrvRpcRecord *rec1,
+ return memcmp(&rec1_in_addr6, &rec2_in_addr6, sizeof(rec1_in_addr6)) == 0;
+ }
+ case DNS_TYPE_CNAME:
+- return dns_name_equal(rec1->data.cname, rec2->data.cname);
++ return samba_dns_name_equal(rec1->data.cname,
++ rec2->data.cname);
+ case DNS_TYPE_TXT:
+ if (rec1->data.txt.count != rec2->data.txt.count) {
+ return false;
+@@ -1343,23 +1344,27 @@ bool dns_record_match(struct dnsp_DnssrvRpcRecord *rec1,
+ }
+ return true;
+ case DNS_TYPE_PTR:
+- return dns_name_equal(rec1->data.ptr, rec2->data.ptr);
++ return samba_dns_name_equal(rec1->data.ptr, rec2->data.ptr);
+ case DNS_TYPE_NS:
+- return dns_name_equal(rec1->data.ns, rec2->data.ns);
++ return samba_dns_name_equal(rec1->data.ns, rec2->data.ns);
+
+ case DNS_TYPE_SRV:
+ return rec1->data.srv.wPriority == rec2->data.srv.wPriority &&
+ rec1->data.srv.wWeight == rec2->data.srv.wWeight &&
+ rec1->data.srv.wPort == rec2->data.srv.wPort &&
+- dns_name_equal(rec1->data.srv.nameTarget, rec2->data.srv.nameTarget);
++ samba_dns_name_equal(rec1->data.srv.nameTarget,
++ rec2->data.srv.nameTarget);
+
+ case DNS_TYPE_MX:
+ return rec1->data.mx.wPriority == rec2->data.mx.wPriority &&
+- dns_name_equal(rec1->data.mx.nameTarget, rec2->data.mx.nameTarget);
++ samba_dns_name_equal(rec1->data.mx.nameTarget,
++ rec2->data.mx.nameTarget);
+
+ case DNS_TYPE_SOA:
+- return dns_name_equal(rec1->data.soa.mname, rec2->data.soa.mname) &&
+- dns_name_equal(rec1->data.soa.rname, rec2->data.soa.rname) &&
++ return samba_dns_name_equal(rec1->data.soa.mname,
++ rec2->data.soa.mname) &&
++ samba_dns_name_equal(rec1->data.soa.rname,
++ rec2->data.soa.rname) &&
+ rec1->data.soa.serial == rec2->data.soa.serial &&
+ rec1->data.soa.refresh == rec2->data.soa.refresh &&
+ rec1->data.soa.retry == rec2->data.soa.retry &&
+@@ -1485,7 +1490,7 @@ exit:
+ /*
+ see if two DNS names are the same
+ */
+-bool dns_name_equal(const char *name1, const char *name2)
++bool samba_dns_name_equal(const char *name1, const char *name2)
+ {
+ size_t len1 = strlen(name1);
+ size_t len2 = strlen(name2);
+diff --git a/source4/dns_server/dnsserver_common.h b/source4/dns_server/dnsserver_common.h
+index c3ba369e3bf..a0c1065ae58 100644
+--- a/source4/dns_server/dnsserver_common.h
++++ b/source4/dns_server/dnsserver_common.h
+@@ -76,7 +76,7 @@ WERROR dns_common_name2dn(struct ldb_context *samdb,
+ TALLOC_CTX *mem_ctx,
+ const char *name,
+ struct ldb_dn **_dn);
+-bool dns_name_equal(const char *name1, const char *name2);
++bool samba_dns_name_equal(const char *name1, const char *name2);
+
+ bool dns_record_match(struct dnsp_DnssrvRpcRecord *rec1,
+ struct dnsp_DnssrvRpcRecord *rec2);
+diff --git a/source4/rpc_server/dnsserver/dnsutils.c b/source4/rpc_server/dnsserver/dnsutils.c
+index 56b2690aa95..2c56946b0f6 100644
+--- a/source4/rpc_server/dnsserver/dnsutils.c
++++ b/source4/rpc_server/dnsserver/dnsutils.c
+@@ -311,7 +311,7 @@ struct dnsserver_zone *dnsserver_find_zone(struct dnsserver_zone *zones, const c
+ struct dnsserver_zone *z = NULL;
+
+ for (z = zones; z; z = z->next) {
+- if (dns_name_equal(zone_name, z->name)) {
++ if (samba_dns_name_equal(zone_name, z->name)) {
+ break;
+ }
+ }
+diff --git a/source4/torture/dns/dlz_bind9.c b/source4/torture/dns/dlz_bind9.c
+index 1f330106a98..f15671e370c 100644
+--- a/source4/torture/dns/dlz_bind9.c
++++ b/source4/torture/dns/dlz_bind9.c
+@@ -414,18 +414,18 @@ static bool dlz_bind9_putnamedrr_torture_hook(struct test_expected_rr *expected,
+ } else if (strcmp(type, "cname") == 0 ||
+ strcmp(type, "ptr") == 0 ||
+ strcmp(type, "ns") == 0) {
+- if (! dns_name_equal(data, data2)) {
++ if (!samba_dns_name_equal(data, data2)) {
+ continue;
+ }
+ } else if (strcmp(type, "mx") == 0) {
+ /*
+- * dns_name_equal works for MX records because
+- * the space in "10 example.com." is
++ * samba_dns_name_equal works for MX records
++ * because the space in "10 example.com." is
+ * theoretically OK as a DNS character. And we
+ * need it because dlz will add the trailing
+ * dot.
+ */
+- if (! dns_name_equal(data, data2)) {
++ if (!samba_dns_name_equal(data, data2)) {
+ continue;
+ }
+ } else if (strcmp(data, data2) != 0) {
+--
+2.39.2
+
=====================================
debian/patches/series
=====================================
@@ -23,3 +23,4 @@ fruit-disable-useless-size_t-overflow-check.patch
meaningful-error-if-no-samba-ad-provision.patch
meaningful-error-if-no-python3-markdown.patch
ctdb-use-run-instead-of-var-run.patch
+dnsserver-rename-dns_name_equal.patch
View it on GitLab: https://salsa.debian.org/samba-team/samba/-/compare/b1f8a40d8ad0c330bd37ce7373c7c3b0ff1040f9...5e0afb3f364a274df1db86e76e689e80487b6e48
--
View it on GitLab: https://salsa.debian.org/samba-team/samba/-/compare/b1f8a40d8ad0c330bd37ce7373c7c3b0ff1040f9...5e0afb3f364a274df1db86e76e689e80487b6e48
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-samba-maint/attachments/20230524/58db2409/attachment-0001.htm>
More information about the Pkg-samba-maint
mailing list