[Pkg-samba-maint] [Git][samba-team/samba][debian_4.16] 43 commits: VERSION: Bump version up to Samba 4.16.9...

Michael Tokarev (@mjt) gitlab at salsa.debian.org
Thu Feb 16 17:13:26 GMT 2023



Michael Tokarev pushed to branch debian_4.16 at Debian Samba Team / samba


Commits:
cb4cbfc8 by Jule Anger at 2022-12-15T17:04:23+01:00
VERSION: Bump version up to Samba 4.16.9...

and re-enable GIT_SNAPSHOT.

Signed-off-by: Jule Anger <janger at samba.org>

- - - - -
0ee261b6 by Michael Tokarev at 2023-01-02T23:46:57+03:00
d/samba.postinst: move /var/spool/samba => /var/tmp handling to before restart (#DEBHELPER#)

- - - - -
6e5733bd by Michael Tokarev at 2023-01-02T23:47:06+03:00
d/samba.postinst: fix /var/spool/samba => /var/tmp handling

1. Fix the "obvious" smb.conf cases automatically, instead of just warning
   (in smb.conf only)
2. Do not restrict just to [printers] section (path= setting could have
   been replicated to other sections too).
3. Check for the same path in include files too
   (check whole testparam -s output)
4. Allow for subdirs of /var/spool/samba too, just in case
5. Handle upgrades from recent versions as well, to fix removal
   of the spool dir while other sections are still referring to it

- - - - -
079adbb6 by Michael Tokarev at 2023-01-02T23:49:13+03:00
update changelog

- - - - -
104fcaa8 by Volker Lendecke at 2023-01-03T18:21:10+00:00
ctdb: Fix a use-after-free in run_proc

If you happen to talloc_free(run_ctx) before all the tevent_req's
hanging off it, you run into the following:

==495196== Invalid read of size 8
==495196==    at 0x10D757: run_proc_state_destructor (run_proc.c:413)
==495196==    by 0x488F736: _tc_free_internal (talloc.c:1158)
==495196==    by 0x488FBDD: _talloc_free_internal (talloc.c:1248)
==495196==    by 0x4890F41: _talloc_free (talloc.c:1792)
==495196==    by 0x48538B1: tevent_req_received (tevent_req.c:293)
==495196==    by 0x4853429: tevent_req_destructor (tevent_req.c:129)
==495196==    by 0x488F736: _tc_free_internal (talloc.c:1158)
==495196==    by 0x4890AF6: _tc_free_children_internal (talloc.c:1669)
==495196==    by 0x488F967: _tc_free_internal (talloc.c:1184)
==495196==    by 0x488FBDD: _talloc_free_internal (talloc.c:1248)
==495196==    by 0x4890F41: _talloc_free (talloc.c:1792)
==495196==    by 0x10DE62: main (run_proc_test.c:86)
==495196==  Address 0x55b77f8 is 152 bytes inside a block of size 160 free'd
==495196==    at 0x48399AB: free (vg_replace_malloc.c:538)
==495196==    by 0x488FB25: _tc_free_internal (talloc.c:1222)
==495196==    by 0x488FBDD: _talloc_free_internal (talloc.c:1248)
==495196==    by 0x4890F41: _talloc_free (talloc.c:1792)
==495196==    by 0x10D315: run_proc_context_destructor (run_proc.c:329)
==495196==    by 0x488F736: _tc_free_internal (talloc.c:1158)
==495196==    by 0x488FBDD: _talloc_free_internal (talloc.c:1248)
==495196==    by 0x4890F41: _talloc_free (talloc.c:1792)
==495196==    by 0x10DE62: main (run_proc_test.c:86)
==495196==  Block was alloc'd at
==495196==    at 0x483877F: malloc (vg_replace_malloc.c:307)
==495196==    by 0x488EAD9: __talloc_with_prefix (talloc.c:783)
==495196==    by 0x488EC73: __talloc (talloc.c:825)
==495196==    by 0x488F0FC: _talloc_named_const (talloc.c:982)
==495196==    by 0x48925B1: _talloc_zero (talloc.c:2421)
==495196==    by 0x10C8F2: proc_new (run_proc.c:61)
==495196==    by 0x10D4C9: run_proc_send (run_proc.c:381)
==495196==    by 0x10DDF6: main (run_proc_test.c:79)

This happens because run_proc_context_destructor() directly does a
talloc_free() on the struct proc_context's and not the enclosing
tevent_req's. run_proc_kill() makes sure that we don't follow
proc->req, but it forgets the "state->proc", which is free()'ed, but
later dereferenced in run_proc_state_destructor().

This is an attempt at a quick fix, I believe we should convert
run_proc_context->plist into an array of tevent_req's, so that we can
properly TALLOC_FREE() according to the "natural" hierarchy and not
just pull an arbitrary thread out of that heap.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15269

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Thu Oct  6 15:10:20 UTC 2022 on sn-devel-184

(cherry picked from commit 688be0177b04d04709813a02ae6da1e983ac25dd)

- - - - -
b9d02e85 by Andrew at 2023-01-03T18:21:10+00:00
rpc_server:srvsvc - retrieve share ACL via root context

share_info.tdb has permissions of 0o600 and so we need
to become_root() prior to retrieving the security info.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15265

Signed-off-by: Andrew Walker <awalker at ixsystems.com>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Mon Dec 19 20:41:15 UTC 2022 on sn-devel-184

(cherry picked from commit 80c0b416892bfacc0d919fe032461748d7962f05)

- - - - -
810ae90a by Andrew Walker at 2023-01-03T18:21:10+00:00
s3:params:lp_do_section - protect against NULL deref

iServiceIndex may indicate an empty slot in the ServicePtrs
array. In this case, lpcfg_serivce_ok(ServicePtrs[iServiceIndex])
may trigger a NULL deref and crash. Skipping the check
here will cause a scan of the array in add_a_service() and the
NULL slot will be used safely.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15267

Signed-off-by: Andrew Walker <awalker at ixsystems.com>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Dec 20 18:49:54 UTC 2022 on sn-devel-184

(cherry picked from commit 5b19288949e97a5af742ff2719992d56f21e364a)

- - - - -
4f9430f1 by Andreas Schneider at 2023-01-03T18:21:10+00:00
s3:tests: Reformat test_chdir_cache.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
eeeb1a47 by Andreas Schneider at 2023-01-03T18:21:10+00:00
s3:script: Improve test_chdir_cache.sh

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15268

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 0d1961267cd9e8f1158a407c5d135514c363f37e)

- - - - -
78848f21 by Andreas Schneider at 2023-01-03T19:19:57+00:00
s3:client: Fix a use-after-free issue in smbclient

Detected by

    make test TESTS="samba3.blackbox.chdir-cache"

with an optimized build or with AddressSanitizer.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15268

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 9c707b4be27e2a6f79886d3ec8b5066c922b99bd)

Autobuild-User(v4-16-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-16-test): Tue Jan  3 19:19:57 UTC 2023 on sn-devel-184

- - - - -
6c5bc776 by Andreas Schneider at 2023-01-13T09:27:09+00:00
testprogs: Reformat subunit.sh

shfmt -w -p -i 0 -fn testprogs/blackbox/subunit.sh

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Pavel Filipenský <pfilipensky at samba.org>
(cherry picked from commit 561e9256551ae3fe1d6ff4974884714d69d91898)

- - - - -
cf2643e0 by Volker Lendecke at 2023-01-13T09:27:09+00:00
testprogs: Add testit_grep_count() helper

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 55feb593012fc5b24e795a00081666fca740429c)

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15243
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15266

- - - - -
ccb8abb0 by Stefan Metzmacher at 2023-01-13T09:27:09+00:00
selftest: add samba3.blackbox.registry_share

This demonstrates the regression introduced by
f03665bb7e8ea97699062630f2aa1bac4c5dfc7f, where
registry shares are no longer listed.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15243
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15266

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Walker <awalker at ixsystems.com>
(cherry picked from commit a00c7395fbc7974a61a70ae54ea6ae6349933de2)

- - - - -
6434e2df by Stefan Metzmacher at 2023-01-13T09:27:09+00:00
s3:rpc_server/srvsvc: make sure we (re-)load all shares as root.

This fixes a regression in commit f03665bb7e8ea97699062630f2aa1bac4c5dfc7f

The use of reload_services() has a lot of side effects, e.g. reopen of
log files and other things, which are only useful in smbd, but not in rpcd_classic.
It was also unloading the user and registry shares we loaded a few lines
above.

We need to do all (re-)loading as root, otherwise we won't be able
to read root only smb.conf files, access registry shares, ...

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15243
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15266

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Walker <awalker at ixsystems.com>

Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Thu Dec 29 21:14:02 UTC 2022 on sn-devel-184

(cherry picked from commit f28553105be7465026bcc0fcbbed6a1a8c2133dd)

- - - - -
a1fa2c18 by Stefan Metzmacher at 2023-01-13T10:31:22+00:00
s4:lib/messaging: fix interaction between imessaging_context_destructor and irpc_destructor

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15280

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 0d096931196524a2d1bf59470bc629dc9231131e)

Autobuild-User(v4-16-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-16-test): Fri Jan 13 10:31:22 UTC 2023 on sn-devel-184

- - - - -
628a1c33 by Jeremy Allison at 2023-01-16T09:40:17+00:00
s4: torture: Show return value for smbc_getxattr() is incorrect (returns >0 for success, should return zero).

Add torture test to show smbc_getxattr() should return -1 on
failure, 0 on success.

Add knownfail.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14808

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Mulder <dmulder at samba.org>
(cherry picked from commit 74636dfe24c15677261fc40c0a4ec62404898cf4)

- - - - -
113536e0 by Jeremy Allison at 2023-01-16T09:40:17+00:00
s3: libsmbclient: Fix smbc_getxattr() to return 0 on success.

Remove knownfail.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14808

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Mulder <dmulder at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Nov  1 18:31:22 UTC 2022 on sn-devel-184

(cherry picked from commit bdbb38d16c8eaff33484bb747efa639c4d8e7f35)

- - - - -
d7bcdfa6 by Andrew Walker at 2023-01-16T09:40:17+00:00
nsswitch:libwbclient - fix leak in wbcCtxPingDc2

Memory allocated for response is never freed.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15164

Signed-off-by: Andrew Walker <awalker at ixsystems.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Christof Schmitt <cs at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Sep  6 20:10:17 UTC 2022 on sn-devel-184

(cherry picked from commit aa9f3a2da97ae13cce3e50fe3d58f143200e9a17)

- - - - -
c9ed55b3 by Jeremy Allison at 2023-01-16T09:40:17+00:00
s4: torture: Add an async SMB2_OP_FLUSH + SMB2_OP_CLOSE test to smb2.compound_async.

Shows we fail sending an SMB2_OP_FLUSH + SMB2_OP_CLOSE
compound. Internally the flush goes async and
we free the req, then we process the close.
When the flush completes it tries to access
already freed data.

Found using the Apple MacOSX client at SNIA SDC 2022.

Add knownfail.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15172

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(back-ported from commit 17a110c1b58196eb8ecf3c76eb97e8508976c544)

- - - - -
9b357c94 by Jeremy Allison at 2023-01-16T09:40:17+00:00
s4: torture: Add an async SMB2_OP_FLUSH + SMB2_OP_FLUSH test to smb2.compound_async.

Shows we fail sending an SMB2_OP_FLUSH + SMB2_OP_FLUSH
compound if we immediately close the file afterward.

Internally the flushes go async and we free the req, then
we process the close. When the flushes complete they try to access
already freed data.

Extra test which will allow me to test when the final
component (flush) of the compound goes async and returns
NT_STATUS_PENDING.

Add knownfail.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15172

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 6f149dfd9d8d2619a9e18975ebcf5e69df2b7766)

- - - - -
bfadcc89 by Jeremy Allison at 2023-01-16T09:40:17+00:00
s3: smbd: Add utility function smbd_smb2_is_last_in_compound().

Not yet used. Returns true if we're processing the last SMB2 request in a
compound.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15172

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit e668c3a82cd566b405c976d45659dd79786948de)

- - - - -
e5e39bbc by Jeremy Allison at 2023-01-16T09:40:17+00:00
s3: smbd: Cause SMB2_OP_FLUSH to go synchronous in a compound anywhere but the last operation in the list.

Async read and write go synchronous in the same case,
so do the same here.

Remove knownfail.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15172

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Thu Nov 17 05:55:42 UTC 2022 on sn-devel-184

(cherry picked from commit 26adf3344337f4e8d5d2107e6ba42e5ea7656372)

- - - - -
627a9886 by Jeremy Allison at 2023-01-16T09:40:17+00:00
s3: smbd: In synthetic_pathref() change DBG_ERR -> DBG_NOTICE to avoid spamming the logs.

Can easily be seen by doing make test TESTS=fruit
and looking in st/nt4_dc/smbd_test.log.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15210

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Wed Nov 16 06:00:56 UTC 2022 on sn-devel-184

(cherry picked from commit f0ca9546102acf09f1834c03f8907ed26bfc80f8)

- - - - -
7b49569a by Jeremy Allison at 2023-01-16T10:47:49+00:00
s4: libcli: Ignore errors when getting A records after fetching AAAA records.

The target may only be available over IPv6.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15226

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Nov  9 20:34:07 UTC 2022 on sn-devel-184

(cherry picked from commit 10537a89bb0b461ba31d614b7c9ed56a842422e7)

Autobuild-User(v4-16-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-16-test): Mon Jan 16 10:47:49 UTC 2023 on sn-devel-184

- - - - -
cc787d0b by Samuel Cabrero at 2023-01-23T10:01:59+00:00
CVE-2022-38023 s3:rpc_server/netlogon: 'server schannel != yes' warning to dcesrv_interface_netlogon_bind

Follow s4 netlogon server changes and move the checks to the RPC bind
hook. Next commits will remove the s3 netr_creds_server_step_check()
function.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15240

Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 8141eae47aad849741beb138fae866c772e4ec4c)

- - - - -
71b22920 by Samuel Cabrero at 2023-01-23T10:01:59+00:00
CVE-2022-38023 selftest:Samba3: avoid global 'server schannel = auto'

Instead of using the generic deprecated option use the specific
server require schannel:COMPUTERACCOUNT = no in order to allow
legacy tests for pass.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15240

Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 3cd18690f83d2f85e847fc703ac127b4b04189fc)

- - - - -
538dcc38 by Samuel Cabrero at 2023-01-23T10:01:59+00:00
CVE-2022-38023 s4:rpc_server:wscript: Reformat following pycodestyle

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15240

Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit d9e6b490db3ead7e79bb3ff0c1f9ef8ab8bdc65b)

- - - - -
0d27e4b4 by Samuel Cabrero at 2023-01-23T10:01:59+00:00
CVE-2022-38023 s4:rpc_server/netlogon: Move schannel and credentials check functions to librpc

Will be used later by s3 netlogon server.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15240

Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 121e7b0e39478c5291100652ac92c263f406076b)

- - - - -
080ff2cd by Samuel Cabrero at 2023-01-23T10:01:59+00:00
CVE-2022-38023 s3:rpc_server/netlogon: Use dcesrv_netr_creds_server_step_check()

After s3 and s4 rpc servers merge we can avoid duplicated code.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15240

Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 25300d354c80995997d552581cd91dddaf4bbf48)

- - - - -
7f4f9a32 by Samuel Cabrero at 2023-01-23T10:01:59+00:00
CVE-2022-38023 s3:rpc_server/netlogon: make sure all _netr_LogonSamLogon*() calls go through dcesrv_netr_check_schannel()

Some checks are also required for _netr_LogonSamLogonEx().

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15240

Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit ca07f4340ce58a7e940a1123888b7409176412f7)

- - - - -
55900577 by Samuel Cabrero at 2023-01-23T10:01:59+00:00
CVE-2022-38023 s3:rpc_server/netlogon: Check for global "server schannel require seal"

By default we'll now require schannel connections with privacy/sealing/encryption.

But we allow exceptions for specific computer/trust accounts.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15240

Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit a0b97e262318dc56fe663da89b0ee3172b2e7848)

- - - - -
3e7bbe04 by Samuel Cabrero at 2023-01-23T10:01:59+00:00
CVE-2022-38023 docs-xml/smbdotconf: The "server schannel require seal[:COMPUTERACCOUNT]" options are also honoured by s3 netlogon server..

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15240

Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 02fba22b8c9e9b33ab430555ef45500c45eaa9d1)

- - - - -
02e56ac1 by Samuel Cabrero at 2023-01-23T10:01:59+00:00
CVE-2022-38023 s3:rpc_server/netlogon: Avoid unnecessary loadparm_context allocations

After s3 and s4 rpc servers merge the loadparm_context is available in
the dcesrv_context structure.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15240

Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Mon Jan  9 15:17:14 UTC 2023 on sn-devel-184

(cherry picked from commit 56837f3d3169a02d0d92bd085d9c8250415ce29b)

- - - - -
44ec3e4f by Stefan Metzmacher at 2023-01-23T10:01:59+00:00
s3:auth: call wbcFreeMemory(info) in auth3_generate_session_info_pac()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15286

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit e27084f5d8c3a151c5d0b266118f0d71b641dc85)

- - - - -
c6733cbe by Jeremy Allison at 2023-01-23T10:01:59+00:00
s3: smbd: Add test to show smbd crashes when doing an FSCTL on a named stream handle.

Add knownfail.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15236

Signed-off-by: Andrew Walker <awalker at ixsystems.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
(back-ported from commit abc4495e4591964bb4625c2669a1f84213faab77)

- - - - -
11896049 by Jeremy Allison at 2023-01-23T10:01:59+00:00
s3: smbd: Always use metadata_fsp() when processing fsctls.

Currently all fsctls we implement need the base fsp, not
an alternate data stream fsp. We may revisit this later
if we implement fsctls that operate on an ADS.

Remove knownfail.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15236

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andrew Walker <awalker at ixsystems.com>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Mon Nov 14 18:13:31 UTC 2022 on sn-devel-184

(cherry picked from commit fa4eba131b882c3858b28f5fd9864998e19a4510)

- - - - -
eddd14ce by Andrew Walker at 2023-01-23T10:59:28+00:00
lib/replace - add extra check to bsd_attr_list

The FreeBSD extattr API may return success and truncated
namelist. We need to check for this in bsd_attr_list to
ensure that we don't accidentally read off the end of the
buffer. In the case of a truncated value, the pascal
strings for attr names will reflect the lengths as if
the value were not truncated. For example:
`58DosStrea`

In case of short read we now set error to ERANGE and
fail.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15271

Signed-off-by: Andrew Walker <awalker at ixsystems.com>
Reviewed-by: Ralph Boehme <slow at samba.org>

Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Mon Jan  2 14:27:23 UTC 2023 on sn-devel-184

(cherry picked from commit 01cdc5e00be78a51f0766634cc7fe50de2088203)

Autobuild-User(v4-16-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-16-test): Mon Jan 23 10:59:28 UTC 2023 on sn-devel-184

- - - - -
2b1d412f by Ralph Boehme at 2023-02-10T12:15:02+00:00
mdssvc: fix kMDScopeArray parsing

In macOS Ventura marshalling of kMDScopeArray in the "openQueryWithParams"
request has changed from

  string: kMDScopeArray
  sl_array_t(#1): {
    string: /foo/bar
  }

to:

  string: kMDScopeArray
  sl_array_t(#1): {
    sl_array_t(#1): {
      string: /foo/bar
    }
  }

With this patch we check both encodings. Bug fixed according to user feedback.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15299
RN: Spotlight doesn't work with latest macOS Ventura

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 1dd0cd2f4e644ad43b0e7ee2aaae19799e859585)

Autobuild-User(v4-16-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-16-test): Fri Feb 10 12:15:02 UTC 2023 on sn-devel-184

- - - - -
f50ab341 by Jule Anger at 2023-02-16T17:28:06+01:00
WHATSNEW: Add release notes for Samba 4.16.9.

Signed-off-by: Jule Anger <janger at samba.org>

- - - - -
63f92a37 by Jule Anger at 2023-02-16T17:30:12+01:00
VERSION: Disable GIT_SNAPSHOT for the 4.16.9 release.

Signed-off-by: Jule Anger <janger at samba.org>

- - - - -
f8cc3071 by Michael Tokarev at 2023-02-16T19:54:02+03:00
New upstream version 4.16.9+dfsg
- - - - -
f90ea040 by Michael Tokarev at 2023-02-16T19:54:33+03:00
Update upstream source from tag 'upstream/4.16.9+dfsg'

Update to upstream version '4.16.9+dfsg'
with Debian dir 381c2854a4b2379f0cc9d4d13cb9edf30b14759c
- - - - -
e7a4a1de by Michael Tokarev at 2023-02-16T20:02:48+03:00
update changelog; upload version 4.16.9+dfsg-1 to unstable

- - - - -


30 changed files:

- VERSION
- WHATSNEW.txt
- ctdb/common/run_proc.c
- ctdb/doc/ctdb-etcd.7
- ctdb/doc/ctdb-script.options.5
- ctdb/doc/ctdb-statistics.7
- ctdb/doc/ctdb-tunables.7
- ctdb/doc/ctdb.1
- ctdb/doc/ctdb.7
- ctdb/doc/ctdb.conf.5
- ctdb/doc/ctdb.sysconfig.5
- ctdb/doc/ctdb_diagnostics.1
- ctdb/doc/ctdb_mutex_ceph_rados_helper.7
- ctdb/doc/ctdbd.1
- ctdb/doc/ctdbd_wrapper.1
- ctdb/doc/ltdbtool.1
- ctdb/doc/onnode.1
- ctdb/doc/ping_pong.1
- debian/changelog
- debian/samba.postinst
- docs-xml/smbdotconf/security/serverschannelrequireseal.xml
- docs/manpages/cifsdd.8
- docs/manpages/dbwrap_tool.1
- docs/manpages/eventlogadm.8
- docs/manpages/idmap_ad.8
- docs/manpages/idmap_autorid.8
- docs/manpages/idmap_hash.8
- docs/manpages/idmap_ldap.8
- docs/manpages/idmap_nss.8
- docs/manpages/idmap_rfc2307.8


The diff was not included because it is too large.


View it on GitLab: https://salsa.debian.org/samba-team/samba/-/compare/ee3dd2e9af84f7963dedbe4658e8eb71885798e7...e7a4a1de2ffe32cb46a4578dff98027f82236934

-- 
View it on GitLab: https://salsa.debian.org/samba-team/samba/-/compare/ee3dd2e9af84f7963dedbe4658e8eb71885798e7...e7a4a1de2ffe32cb46a4578dff98027f82236934
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-samba-maint/attachments/20230216/0795f060/attachment-0001.htm>


More information about the Pkg-samba-maint mailing list