[Pkg-samba-maint] [Git][samba-team/samba][experimental] 82 commits: VERSION: Bump version up to Samba 4.20.0rc3...
Michael Tokarev (@mjt)
gitlab at salsa.debian.org
Thu Mar 28 07:58:03 GMT 2024
Michael Tokarev pushed to branch experimental at Debian Samba Team / samba
Commits:
d998b68a by Jule Anger at 2024-02-12T14:05:12+01:00
VERSION: Bump version up to Samba 4.20.0rc3...
and re-enable GIT_SNAPSHOT.
Signed-off-by: Jule Anger <janger at samba.org>
- - - - -
bc89a069 by Stefan Metzmacher at 2024-02-19T14:31:13+00:00
ctdb/events: use 'service "$CTDB_SERVICE_NMB" status' in 48.netbios.script
We can easily monitor if the service is running at all,
that better than no monitoring at all...
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15577
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
(cherry picked from commit ff8f778e39af563d97b1d38f89368a3c148532f2)
- - - - -
f9c09687 by Stefan Metzmacher at 2024-02-19T14:31:13+00:00
ctdb/events: add 47.samba-dcerpcd.script
If someone wants to enable the witness service
samba-dcerpcd needs to be started as standalone service
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15577
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
(cherry picked from commit f1f68108cc303b92b8a88728d12c2b699fdfc731)
- - - - -
c4e4d41f by Stefan Metzmacher at 2024-02-19T14:31:13+00:00
s3:utils: fix help string for 'net witness force-response'
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15577
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
(cherry picked from commit 7a23429ed6a04bb14509758492bfaee5db6dbd0d)
- - - - -
87e56ada by Stefan Metzmacher at 2024-02-19T14:31:13+00:00
docs-xml: add details for 'net witness'
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15577
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
(cherry picked from commit 1d0938d6fe46c06432ae5fda9e7491b908a9ac56)
- - - - -
3a8a86ad by Stefan Metzmacher at 2024-02-19T14:31:13+00:00
smb2_tcon: only announce SMB2_SHARE_CAP_CLUSTER if rpcd_witness can run
rpcd_witness needs ncacn_ip_tcp support and that's only
available if samba-dcerpcd is not started on demand.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15577
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
(cherry picked from commit d8bfdaaaa737032c6a8623512fcb2cd01850628a)
- - - - -
d8e056d8 by Stefan Metzmacher at 2024-02-19T14:31:13+00:00
smb2_tcon: only announce SMB3 related share capabilities if SMB3 is used
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15577
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
(cherry picked from commit 32b84c5bce00c4f91191596dc00d9824e82e0f24)
- - - - -
85809091 by Stefan Metzmacher at 2024-02-19T14:31:13+00:00
docs-xml: document "smb3 share cap:{CONTINUOUS AVAILABILITY,SCALE OUT,CLUSTER,ASYMMETRIC}"
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15577
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
Autobuild-User(master): Günther Deschner <gd at samba.org>
Autobuild-Date(master): Tue Feb 13 21:06:24 UTC 2024 on atb-devel-224
(cherry picked from commit 7a674ee9ffeca047ceed7ac046db1b168d4025a6)
- - - - -
9366f554 by Rob van der Linde at 2024-02-19T14:31:13+00:00
python: do not make use of typing.Final for python 3.6
Python 3.6 does not have typing.Final yet
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15575
Signed-off-by: Rob van der Linde <rob at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit ecc84aa448a962f1a224144bbb65f0cef36a4279)
- - - - -
22e56d9e by Jo Sutton at 2024-02-19T15:35:39+00:00
python: Remove ‘typing.Final’
This is only present in Python 3.8 and above.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15575
Signed-off-by: Jo Sutton <josutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit d6fe66ddeeb99c550fa9a0f1abb845e6daf71f8a)
Autobuild-User(v4-20-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-20-test): Mon Feb 19 15:35:39 UTC 2024 on atb-devel-224
- - - - -
7107b233 by Martin Schwenke at 2024-02-20T13:46:47+00:00
ctdb-protocol: Add missing push support for new controls
CTDB_CONTROL_TCP_CLIENT_DISCONNECTED and
CTDB_CONTROL_TCP_CLIENT_PASSED were added in commits
c6602b686b4e50d93272667ef86d3904181fb1ab and
037e8e449deb136ad5ed5e4de05439411b545b6d. They were missing test
support for the packet push/pull. While adding the testing (for
completeness, before adding another new control) I noticed that the
push functionality was absent. This adds that, along with the test
support.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15580
Signed-off-by: Martin Schwenke <mschwenke at ddn.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Mon Feb 19 10:21:48 UTC 2024 on atb-devel-224
(cherry picked from commit dd9b11acbc4fbde1941719968aeb463b853b0ffb)
Autobuild-User(v4-20-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-20-test): Tue Feb 20 13:46:47 UTC 2024 on atb-devel-224
- - - - -
2bc5aaaa by Michael Tokarev at 2024-02-21T12:54:42+03:00
time64_t changes: libsmbclient=>libsmbclient0 rename
- - - - -
3d47cae7 by Noel Power at 2024-02-26T09:34:15+00:00
s3/rpc_client: change type of offset to uint64_t
Offset can be a 32 or 64 bit address depending on the indexing addressing
mode negotiated by the client
With a 32 bit param we can only specify a 32 bit base address. This change
alone doesn't affect anything as it is the client itself that choses and
passes the base address offset and wspsearch is the only current user of
this code.
In this case even with 64bit addressing negotiated the address passed
represents only the lower 32-bits part of the address.
However, for coverage purposes it would be better for the client to use an
address that covers the full 64bit range of the address (when 64 bit
addressing is negotiated).
This change will alow the wspsearch client in a future commit to pass a
base address value with both the hi and low 32 bits values set to make up
the full 64 bit address.
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit a61eb7032896265eaef3ba225aafd6f293e7569d)
- - - - -
ec239d16 by Noel Power at 2024-02-26T09:34:15+00:00
s3/rpc_client: Remove stray unnecessary comment
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit efa60ff3105ac80ffff6d2a5d82dd0615ddb7578)
- - - - -
77cbdf34 by Noel Power at 2024-02-26T09:34:15+00:00
s3/utils: use full 64 bit address for getrows (with 64bit offsets)
if 64bit offsets are used the hi 32-bits of address are stored in
the ulreserved2 member of the message header field and the low 32-bits
are stored in the ulclientbase member of the cpmgetrows message
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 6ecb614b8ec6953ba15e8061fce9b395615b035a)
- - - - -
c1016224 by Noel Power at 2024-02-26T09:34:15+00:00
s3/rpc_client: cleanup unmarshalling of variant types from row columns
Prior to this change fn 'extract_variant_addresses' actually returns offsets
to the variant stored not the addresses, additionally the param in the
signature of the method is named offset where the param in reality is a
base address.
This change makes fn 'extract_variant_addresses' actually return addresses
instead of offsets and also changes the name of the incoming param. The
resulting changes are propaged to callers which hopefully makes what the
code is actually doing a little clearer
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Noel Power <npower at samba.org>
Autobuild-Date(master): Tue Jan 30 17:22:37 UTC 2024 on atb-devel-224
(cherry picked from commit 9b2f2302ee4828ae54f5903a3bf649ffd255fb4a)
- - - - -
3e226dd1 by Noel Power at 2024-02-26T09:34:15+00:00
idl: Add constant for max rows buffer size
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15579
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit 01e901ef869a1a87fba0e67bce311dbeb199b717)
- - - - -
1ab3de6f by Noel Power at 2024-02-26T09:34:15+00:00
s3/rpc_client: Ensure max possible row buffer size is not exceeded
The max buf size of rows buffer should not exceed 0x00004000.
Ensuring this value is within limits means we can safely use
uint32_t offsets.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15579
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit f487211706a74d516bf447ed393222b4c0dce7b0)
- - - - -
253c5585 by Noel Power at 2024-02-26T10:37:37+00:00
s3/rpc_client: Fix array offset check
Previous to this commit we were modifying the offset before
the array offset check. This was causing a spurious debug
message indicating the offset was out of bounds. An second
problem is that upon detecting the error we don't exit the loop.
A third problem was that when reading the offset the check
didn't cater for the size of the integer address about to be read.
This commit moves the offset check to before the first read,
additionally when an error is detected now we actually exit the loop
and the offset have been corrected to include the size of the
integer to be read
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15579
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Sat Feb 17 17:58:43 UTC 2024 on atb-devel-224
(cherry picked from commit 885850b6aaabf089f422b1b015481a0ccff4f90e)
Autobuild-User(v4-20-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-20-test): Mon Feb 26 10:37:37 UTC 2024 on atb-devel-224
- - - - -
f3da62a2 by Jule Anger at 2024-02-26T12:35:56+01:00
WHATSNEW: Add release notes for Samba 4.20.0rc3.
Signed-off-by: Jule Anger <janger at samba.org>
- - - - -
17bab5c0 by Jule Anger at 2024-02-26T12:36:25+01:00
VERSION: Disable GIT_SNAPSHOT for the 4.20.0rc3 release.
Signed-off-by: Jule Anger <janger at samba.org>
- - - - -
a09d0ba6 by Jule Anger at 2024-02-26T12:36:59+01:00
VERSION: Bump version up to Samba 4.20.0rc4...
and re-enable GIT_SNAPSHOT.
Signed-off-by: Jule Anger <janger at samba.org>
- - - - -
5a34df9d by Michael Tokarev at 2024-02-26T17:21:39+03:00
+edns0.patch: enable EDNS0 support in internal UDP-only DNS client
https://bugzilla.samba.org/show_bug.cgi?id=15536
- - - - -
59a9fd73 by Michael Tokarev at 2024-02-26T17:21:46+03:00
+passchange-error-message.patch - fix password change error message
- - - - -
ff9c5594 by Michael Tokarev at 2024-02-28T19:39:01+03:00
update changelog; upload version 4.19.5+dfsg-2 to unstable
- - - - -
8e067ecd by Michael Tokarev at 2024-02-29T13:05:50+03:00
Revert "time64_t changes: libsmbclient=>libsmbclient0 rename"
This reverts commit 2bc5aaaa24c19802d6b1e09bf8ef30b31082c0e5.
Reverting this commit to reorganize it.
- - - - -
cc73dbb3 by Michael Tokarev at 2024-02-29T13:08:50+03:00
time64_t changes: libsmbclient=>libsmbclient0 rename
Also add Build-Depends on versioned dpkg-dev to prevent
accidential build on older releases.
- - - - -
3111cd27 by Michael Tokarev at 2024-02-29T13:09:44+03:00
d/control: add Breaks for older (before-rebuild) sssd
- - - - -
e51e72dd by Andreas Schneider at 2024-03-01T07:43:08+00:00
librpc:idl: Make netlogon_samlogon_response public
This is required that we can use it with ndrdump or in python to decode
a NETLOGON_SAM_LOGON_RESPONSE_EX ldap response.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15588
Signed-off-by: Andreas Schneider <asn at samba.org>
Pair-Programmed-With: Guenther Deschner <gd at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit e758425869729a43136ae51e6baecb2061d1525b)
- - - - -
03b6dae6 by Andreas Schneider at 2024-03-01T09:01:06+00:00
python:gp: Implement client site lookup in site_dn_for_machine()
This is [MS-GPOL] 3.2.5.1.4 Site Search.
The netr_DsRGetSiteName() needs to run over local rpc, however we do not
have the call implemented in our rpc_server. What netr_DsRGetSiteName()
actually does is an ldap query to get the sitename, we can just do the
same.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15588
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit e4c3c61302b12419f041867b58350f11dc800318)
Autobuild-User(v4-20-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-20-test): Fri Mar 1 09:01:06 UTC 2024 on atb-devel-224
- - - - -
59705603 by Michael Tokarev at 2024-03-01T16:18:36+03:00
+lower-dns-lookup-mismatch-messages.patch (reduce log noise)
- - - - -
d29da77d by Michael Tokarev at 2024-03-01T19:15:45+03:00
d/control: add libtirpc-dev to Build-Depends-Arch (#1065188)
- - - - -
caaced0a by Michael Tokarev at 2024-03-01T19:16:51+03:00
d/control: add rpcsvc-proto to Build-Depend-Arch (#1065188)
- - - - -
1096ab1f by Michael Tokarev at 2024-03-01T20:23:16+03:00
update changelog; upload version 4.19.5+dfsg-3 to unstable
- - - - -
911e67db by Michael Tokarev at 2024-03-01T20:36:47+03:00
stop shipping python3/dist-packages/samba/tests (#1064512, #1063149)
- - - - -
c63b7d19 by Michael Tokarev at 2024-03-01T22:26:47+03:00
add Debian-Specific tag to debian-specific patches
- - - - -
e2149105 by Michael Tokarev at 2024-03-03T15:27:25+03:00
d/genshlibs: run dh_makeshlibs on libsmbclient0 (#1065349)
Since we don't run dh_makeshlibs, we're missing t64:Provides
information on libsmbclient0 for it after t64 rename. Since
this package contains just one (public) library file with
.symbols, run dh_makeshlibs on it directly instead of doing
it with dpkg-gensymbols et al.
- - - - -
224e1caa by Michael Tokarev at 2024-03-03T15:37:20+03:00
update changelog; upload version 4.19.5+dfsg-4 to unstable
- - - - -
f485def8 by Jule Anger at 2024-03-11T15:53:16+01:00
WHATSNEW: Add release notes for Samba 4.20.0rc4.
Signed-off-by: Jule Anger <janger at samba.org>
- - - - -
964c0e97 by Jule Anger at 2024-03-11T15:53:57+01:00
VERSION: Disable GIT_SNAPSHOT for the 4.20.0rc4 release.
Signed-off-by: Jule Anger <janger at samba.org>
- - - - -
4d1536f8 by Jule Anger at 2024-03-11T15:54:24+01:00
VERSION: Bump version up to Samba 4.20.0rc5...
and re-enable GIT_SNAPSHOT.
Signed-off-by: Jule Anger <janger at samba.org>
- - - - -
72bd247c by Andreas Schneider at 2024-03-15T09:18:10+00:00
libgpo: Fix trailing spaces in pygpo.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: David Mulder <dmulder at samba.org>
(cherry picked from commit 6fb86a0fa62d93c1c84c2000f01c381a9e8217e1)
- - - - -
69b69bb2 by Andreas Schneider at 2024-03-15T10:29:54+00:00
libgpo: Do not segfault if we don't have a valid security descriptor
Program received signal SIGSEGV, Segmentation fault.
ndr_push_security_descriptor (ndr=ndr at entry=0x555555bf41b0, ndr_flags=ndr_flags at entry=768, r=r at entry=0x0) at librpc/gen_ndr/ndr_security.c:713
713 NDR_CHECK(ndr_push_security_descriptor_revision(ndr, NDR_SCALARS, r->revision));
Thread 1 (Thread 0x7ffff7ece740 (LWP 21460) "python3"):
#0 ndr_push_security_descriptor (ndr=ndr at entry=0x555555bf41b0, ndr_flags=ndr_flags at entry=768, r=r at entry=0x0) at librpc/gen_ndr/ndr_security.c:713
_flags_save_STRUCT = 0
_status = <optimized out>
_status = <optimized out>
_status = <optimized out>
_status = <optimized out>
_status = <optimized out>
_status = <optimized out>
_status = <optimized out>
_status = <optimized out>
_status = <optimized out>
_status = <optimized out>
_status = <optimized out>
_status = <optimized out>
_status = <optimized out>
_status = <optimized out>
_status = <optimized out>
_status = <optimized out>
_status = <optimized out>
_status = <optimized out>
_status = <optimized out>
_status = <optimized out>
__FUNCTION__ = "ndr_push_security_descriptor"
#1 0x00007ffff617237f in ndr_push_struct_blob (blob=blob at entry=0x7fffffffdb20, mem_ctx=0x555555aa3bd0, p=0x0, fn=0x7ffff6074ad0 <ndr_push_security_descriptor>, fn at entry=0x7ffff60706c8 <ndr_push_security_descriptor at plt>) at ../../librpc/ndr/ndr.c:1438
_status = <optimized out>
ndr = 0x555555bf41b0
#2 0x00007ffff607cccf in marshall_sec_desc (mem_ctx=<optimized out>, secdesc=<optimized out>, data=data at entry=0x7fffffffdb80, len=len at entry=0x7fffffffdb78) at ../../libcli/security/secdesc.c:241
blob = {data = 0x7fffffffdb40 "`\333\377\377\377\177", length = 140737352374299}
ndr_err = <optimized out>
__FUNCTION__ = "marshall_sec_desc"
#3 0x00007ffff29edd94 in GPO_marshall_get_sec_desc_buf (self=<optimized out>, args=<optimized out>, kwds=<optimized out>) at ../../libgpo/pygpo.c:119
gpo_ptr = <optimized out>
status = <optimized out>
data = 0x0
len = 0
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15599
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: David Mulder <dmulder at samba.org>
(cherry picked from commit b13d4359f2f16e391763d1dc6a5718def973fabb)
Autobuild-User(v4-20-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-20-test): Fri Mar 15 10:29:54 UTC 2024 on atb-devel-224
- - - - -
99b6feac by Stefan Metzmacher at 2024-03-19T13:30:31+00:00
WHATSNEW: announce Service Witness Protocol [MS-SWN] and related options
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
Autobuild-User(v4-20-test): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(v4-20-test): Tue Mar 19 13:30:31 UTC 2024 on atb-devel-224
- - - - -
ce78896e by Douglas Bagnall at 2024-03-20T10:56:16+00:00
libcli/security: claims_conversions: check for NULL in claims array
If by mistake we end up with a NULL in our array of claims pointers,
it is better to return an error than crash.
There can be NULLs in the array if a resource attribute ACE has a
claim that uses 0 as a relative data pointer. Samba assumes this means
a NULL pointer, rather than a zero offset.
Credit to OSS-Fuzz.
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66777
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15606
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 78f728063a1e510966a45f7f1d9515ea3bd16214)
- - - - -
28fc1850 by Douglas Bagnall at 2024-03-20T12:03:45+00:00
libcli/security: check again for NULL values
BUG: https://bugzilla.samba.org/show_bug.cgi?id=156067
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Mon Mar 18 02:51:08 UTC 2024 on atb-devel-224
(cherry picked from commit b815abe77991d7929717ea3ed4b9d7bef7179715)
Autobuild-User(v4-20-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-20-test): Wed Mar 20 12:03:45 UTC 2024 on atb-devel-224
- - - - -
1273cb7e by Jo Sutton at 2024-03-22T11:06:51+00:00
tests/krb5: Add tests for AllowedToAuthenticateTo with an AS-REQ
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15607
Signed-off-by: Jo Sutton <josutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Thu Mar 21 04:19:18 UTC 2024 on atb-devel-224
(cherry picked from commit 4f0ed9b00389fa641a423b88ab5462b32dd7bbca)
Autobuild-User(v4-20-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-20-test): Fri Mar 22 11:06:51 UTC 2024 on atb-devel-224
- - - - -
3be368ff by Douglas Bagnall at 2024-03-26T11:17:58+00:00
ndr: always attempt ACE coda pull if ACE type suggests a coda
We were skipping the pull in cases where the coda size was calculated
to be zero. This has the right result for empty conditional ACEs, but
not for Resource Attribute ACEs where the
CLAIM_SECURITY_ATTRIBUTE_RELATIVE_V1 coda was not intialised.
The situation is made a bit worse, because the function that
calculates the coda size (ndr_subcontext_size_of_ace_coda()) can
return zero in conditions that are not exactly errors, but in which
the would-be calculated value makes so little sense that zero is
thought to be a safer default.
Credit to OSS-Fuzz.
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66577
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15613
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Mon Mar 25 06:00:21 UTC 2024 on atb-devel-224
(cherry picked from commit 6fb98f70c6274e172787c8d5f73aa93920171e7c)
Autobuild-User(v4-20-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-20-test): Tue Mar 26 11:17:58 UTC 2024 on atb-devel-224
- - - - -
72f70868 by Ralph Boehme at 2024-03-27T14:24:13+00:00
smbd: simplify handling of failing fstat() after unlinking file
close_remove_share_mode() already called vfs_stat_fsp(), so we can skip the
fstat() triggered in fd_close() by fsp->fsp_flags.fstat_before_close being true.
This avoids getting an EACCESS error when doing an fstat() on the removed file
which seems to happen with some FUSE filesystems.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15527
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 6e6324cff29089a636823786183222a73fe7cb28)
- - - - -
aee05f11 by Noel Power at 2024-03-27T15:41:37+00:00
s3/smbd: If we fail to close file_handle ensure we should reset the fd
if fsp_flags.fstat_before_close == true then close_file_smb will call
vfs_stat which can fail. If it does fail then the fd associated
with the file handle will still be set (and we will hit an assert
is the file handle destructor) when calling file_free.
We need to set fd to -1 to avoid that. To achieve that we capture and
return the vfs_stat_fsp failure status while still processing the rest
of the fd_close logic.
[2024/02/20 09:23:48.454671, 0, pid=9744] ../../source3/smbd/smb2_close.c:226(smbd_smb2_close)
smbd_smb2_close: close_file[]: NT_STATUS_ACCESS_DENIED
[2024/02/20 09:23:48.454757, 0, pid=9744] ../../source3/smbd/fd_handle.c:40(fd_handle_destructor)
PANIC: assert failed at ../../source3/smbd/fd_handle.c(40): (fh->fd == -1) || (fh->fd == AT_FDCWD)
[2024/02/20 09:23:48.454781, 0, pid=9744] ../../lib/util/fault.c:178(smb_panic_log)
===============================================================
[2024/02/20 09:23:48.454804, 0, pid=9744] ../../lib/util/fault.c:185(smb_panic_log)
INTERNAL ERROR: assert failed: (fh->fd == -1) || (fh->fd == AT_FDCWD) in smbd (smbd[192.168.10) (client [192.168.100.15]) pid 9744 (4.21.0pre1-DEVELOPERBUILD)
[2024/02/20 09:23:48.454844, 0, pid=9744] ../../lib/util/fault.c:190(smb_panic_log)
If you are running a recent Samba version, and if you think this problem is not yet fixed in the latest versions, please consider reporting this bug, see https://wiki.samba.org/index.php/Bug_Reporting
[2024/02/20 09:23:48.454869, 0, pid=9744] ../../lib/util/fault.c:191(smb_panic_log)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15527
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Noel Power <npower at samba.org>
Autobuild-Date(master): Wed Mar 13 10:34:45 UTC 2024 on atb-devel-224
(cherry picked from commit 6ee3f809a54d7b833ff798e68a93ada00a215d4d)
Autobuild-User(v4-20-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-20-test): Wed Mar 27 15:41:37 UTC 2024 on atb-devel-224
- - - - -
bb68b730 by Björn Jacke at 2024-03-27T15:45:13+00:00
Revert "dosmode: prefer capabilities over become_root"
This reverts commit 5e925f9755fad180863861157aa7548d83dd3fde.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15583
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 58ea952fd0c716f94b1b79b8ed1829bb72732ccc)
- - - - -
dc161626 by Björn Jacke at 2024-03-27T15:45:13+00:00
Revert "posix_acls.c: prefer capabilities over become_root"
This reverts commit 1edf9ecaf56f3312e199e633bff0804243042e33.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15583
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 87479544381e103ee2b1def574a5865a3f6a93d9)
- - - - -
4f38859f by Björn Jacke at 2024-03-27T15:45:13+00:00
Revert "open.c: prefer capabilities over become_root"
This reverts commit b250f25fe407f9a6269b804382de4854501f2d86.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15583
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 88eb58af6783ad23d2e2b602ee9fdbbdf556b354)
- - - - -
d0c295e5 by Björn Jacke at 2024-03-27T15:45:13+00:00
Revert "vfs_recycle.c: prefer capabilities over become_root"
This reverts commit 4227b011f6ada97a4cd72a440ed887ffdb3f219e.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15583
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 7f19afbd40d3ad3c8d186d0a2a64d07a2a8bd00a)
- - - - -
f6d549de by Björn Jacke at 2024-03-27T15:45:13+00:00
Revert "vfs_posix_eadb.c: prefer capabilities over become_root"
This reverts commit 92278418dc885ed411f545e73c800ce93f858090.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15583
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 10c7a3e47c62dcb1dfe7e384960d60cafcb9e44e)
- - - - -
6e0986b2 by Björn Jacke at 2024-03-27T15:45:14+00:00
Revert "vfs_default.c: prefer capabilities over become_root"
This reverts commit 62464bd2db2a95b1253364f4493bbb6770b73193.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15583
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 52ad635b2705bcfc8166bd90b1ad35ebb9cbc986)
- - - - -
52b1d9d7 by Björn Jacke at 2024-03-27T15:45:14+00:00
Revert "vfs_acl_common.c: prefer capabilities over become_root"
This reverts commit 12734848dc9901b932644139aaa7e3f78e55c8dc.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15583
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit af7b930e2bfe2275cee14dc2154f2aea8875fa63)
- - - - -
6ca9461a by Björn Jacke at 2024-03-27T15:45:14+00:00
Revert "nfs4_acls.c: prefer capabilities over become_root"
This reverts commit 06e5c1e32ea7907523cc19f021225e7541e2075f.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15583
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 33e88911ee7a8974d52021632ca25c1ddfcb6f45)
- - - - -
f7491b29 by Björn Jacke at 2024-03-27T15:45:14+00:00
Revert "dosmode.c: prefer use of capabilities at two places over become_root"
This reverts commit c1e2fbb1b9a7551becf5caa0f08d434edf9ad862.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15583
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 32aa11e9b570ce1c0bec889b699bc4897c9d9843)
- - - - -
5cedf3b5 by Björn Jacke at 2024-03-27T16:51:00+00:00
Revert "token_util.c: prefer capabilities over become_root"
This reverts commit 944cb51506a94084d7ab52ee044fe6f66e1aaeb9.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15583
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Wed Mar 27 10:47:23 UTC 2024 on atb-devel-224
(cherry picked from commit 0dec2ef188a93504da873d927ca2b26f8c491fb8)
Autobuild-User(v4-20-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-20-test): Wed Mar 27 16:51:00 UTC 2024 on atb-devel-224
- - - - -
797464b7 by Jule Anger at 2024-03-27T18:07:29+01:00
WHATSNEW: Add release notes for Samba 4.20.0.
Signed-off-by: Jule Anger <janger at samba.org>
- - - - -
8fdd82c8 by Jule Anger at 2024-03-27T18:07:29+01:00
VERSION: Disable GIT_SNAPSHOT for the 4.20.0 release.
Signed-off-by: Jule Anger <janger at samba.org>
- - - - -
13ef9d2e by Michael Tokarev at 2024-03-28T10:45:54+03:00
prepare for 4.20
- - - - -
257fe66d by Michael Tokarev at 2024-03-28T10:46:15+03:00
New upstream version 4.20.0+dfsg
- - - - -
e3183484 by Michael Tokarev at 2024-03-28T10:46:27+03:00
Update upstream source from tag 'upstream/4.20.0+dfsg'
Update to upstream version '4.20.0+dfsg'
with Debian dir ba666fd8b102fd17bce0015c3ae138f5ec36a466
- - - - -
52e37c50 by Michael Tokarev at 2024-03-28T10:47:56+03:00
d/changelog: start 4.20
- - - - -
2a3320e6 by Michael Tokarev at 2024-03-28T10:48:10+03:00
d/control: bump tevent/talloc/tdb versions for Build-Depends
- - - - -
8f192bd0 by Michael Tokarev at 2024-03-28T10:48:13+03:00
d/libldb2.symbols, d/python3-ldb.symbols.in: add new version (2.9.0)
- - - - -
d7981ff3 by Michael Tokarev at 2024-03-28T10:48:17+03:00
d/patches/meaningful-error-if-no-python3-markdown.patch: fixup
- - - - -
47429510 by Michael Tokarev at 2024-03-28T10:48:22+03:00
d/*.install: internal library names changed, libfoo-samba4.so.0 => libfoo-private-samba.so.0
- - - - -
6d9b66bd by Michael Tokarev at 2024-03-28T10:48:27+03:00
d/samba-libs.install: update names for libdcerpc & libndr private libraries
- - - - -
4f8a2e57 by Michael Tokarev at 2024-03-28T10:48:31+03:00
d/{samba,samba-libs}.lintian-overrides: accomodate for private samba libs rename
- - - - -
d3253025 by Michael Tokarev at 2024-03-28T10:48:35+03:00
d/samba-libs.install, d/samba-libs.symbols, d/control: libndr3 => libndr4
This version isn't compatible with libndr3 anymore, due to different
types (uint32_t vs uint64_t) used for flags in various functions.
- - - - -
3f7fe944 by Michael Tokarev at 2024-03-28T10:48:39+03:00
d/samba-libs.links: remove, was for libndr links only
- - - - -
7d0d9dff by Michael Tokarev at 2024-03-28T10:48:43+03:00
d/samba-libs.symbols: update with new ndr4 symbols
- - - - -
686eaaa6 by Michael Tokarev at 2024-03-28T10:48:47+03:00
d/samba-libs.symbols: update min.versions of all libndr symbols changed in 4.20
libndr4 changed prototypes of many functions by extending flags argument
from int (uint32_t) to uint64_t and changing ndr_pull and ndr_push
structures the same way. Bump min versions for all these symbols to
current.
- - - - -
7ff6a665 by Michael Tokarev at 2024-03-28T10:48:53+03:00
d/libsmbclient.symbols: update with new symbols
- - - - -
64cf0262 by Michael Tokarev at 2024-03-28T10:48:57+03:00
d/samba-dev.install: add smb3posix.h
- - - - -
23f492d5 by Michael Tokarev at 2024-03-28T10:54:09+03:00
d/control: bump minimum mit-krb5 version to 1.21 (for pkg.samba.mitkrb5 build profile)
- - - - -
871407da by Michael Tokarev at 2024-03-28T10:54:41+03:00
d/not-installed: add usr/bin/wspsearch (+manpage) experimental windows search client
- - - - -
9c8288be by Michael Tokarev at 2024-03-28T10:54:41+03:00
d/control: libperl-json is not needed for build anymore
- - - - -
cf39f9cf by Michael Tokarev at 2024-03-28T10:55:02+03:00
update changelog; upload version 4.20.0+dfsg-1~exp1 to experimental
- - - - -
30 changed files:
- .clang-format
- + .codespellignore
- + .codespellrc
- .gitattributes
- .gitlab-ci-default-runners.yml
- .gitlab-ci-main.yml
- Makefile
- SECURITY.md
- VERSION
- WHATSNEW.txt
- auth/auth_sam_reply.c
- auth/common_auth.h
- auth/credentials/credentials.c
- auth/credentials/credentials.h
- auth/credentials/credentials_internal.h
- auth/credentials/credentials_krb5.c
- auth/credentials/credentials_ntlm.c
- auth/credentials/pycredentials.c
- auth/credentials/wscript_build
- auth/gensec/gensec_start.c
- auth/gensec/schannel.c
- auth/kerberos/kerberos_pac.c
- auth/ntlmssp/ntlmssp_sign.c
- bootstrap/.gitlab-ci.yml
- bootstrap/config.py
- bootstrap/generated-dists/Vagrantfile
- bootstrap/generated-dists/centos7/bootstrap.sh
- bootstrap/generated-dists/centos7/packages.yml
- bootstrap/generated-dists/centos8s/bootstrap.sh
- bootstrap/generated-dists/centos8s/packages.yml
The diff was not included because it is too large.
View it on GitLab: https://salsa.debian.org/samba-team/samba/-/compare/8b473c98385da09a6696fcadb20e1c686aa48960...cf39f9cf2b8164d7cef8426fa834294247427393
--
View it on GitLab: https://salsa.debian.org/samba-team/samba/-/compare/8b473c98385da09a6696fcadb20e1c686aa48960...cf39f9cf2b8164d7cef8426fa834294247427393
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-samba-maint/attachments/20240328/690f4be6/attachment-0001.htm>
More information about the Pkg-samba-maint
mailing list