[Pkg-samba-maint] [Git][samba-team/samba][upstream_4.20] 163 commits: VERSION: Bump version up to Samba 4.20.2...

Michael Tokarev (@mjt) gitlab at salsa.debian.org
Wed Jun 19 22:04:32 BST 2024



Michael Tokarev pushed to branch upstream_4.20 at Debian Samba Team / samba


Commits:
9b6bc912 by Jule Anger at 2024-05-08T10:00:33+02:00
VERSION: Bump version up to Samba 4.20.2...

and re-enable GIT_SNAPSHOT.

Signed-off-by: Jule Anger <janger at samba.org>

- - - - -
d5638013 by Andrew Bartlett at 2024-05-30T09:47:15+00:00
.gitlab-ci: Remove tags no longer provided by gitlab.com

GitLab.com removed a number of tags from their hosted
runners and this meant our CI was being redirected to
our private runners at a larger cost to the Samba Team.

The new infrastructure is much larger than when we last
selected runners so we can just use the default, even for
the code coverage build.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15638

Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Tue May  7 13:40:55 UTC 2024 on atb-devel-224

(cherry picked from commit d58a72c572f63619111f43f6ea39ff84ae0df16e)

- - - - -
1b21c09d by Stefan Metzmacher at 2024-05-30T09:47:15+00:00
.gitlab-ci-main.yml: debug kernel details of the current runner

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 380d9c5a7392741ff2134ef1e83df45a29293db3)

- - - - -
dfcbd885 by Stefan Metzmacher at 2024-05-30T09:47:15+00:00
tests/ntacls: unblock failing gitlab pipelines because test_setntacl_forcenative

This expects PermissionError: [Errno 1] Operation not permitted,
but it seems that setxattr() for security.NTACL works on gitlab
runners without being root.

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 237d9d0228cfed6d2e08b41b888d30aac5ab89e3)

- - - - -
b7606714 by Stefan Metzmacher at 2024-05-30T09:47:15+00:00
smbXcli_base: add hacks to test anonymous signing and encryption

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15412

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
(cherry picked from commit 14d6e2672126adee85997dc3d3c64607c987e8b9)

- - - - -
b945f645 by Stefan Metzmacher at 2024-05-30T09:47:15+00:00
s4:libcli/smb2: add hack to test anonymous signing and encryption

This will be used in torture tests.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15412

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
(cherry picked from commit 6a89615d78119c0bff2fb07bd0c62e4c31ea8441)

- - - - -
cd05e7ed by Stefan Metzmacher at 2024-05-30T09:47:15+00:00
s4:torture/smb2: add smb2.session.anon-{encryption{1,2,},signing{1,2}}

These demonstrate how anonymous encryption and signing work.
They pass against Windows 2022 as ad dc.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15412

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
(cherry picked from commit 6c5781b5f154857f1454f41133687fba8c4c9df9)

- - - - -
716a0443 by Stefan Metzmacher at 2024-05-30T09:47:15+00:00
s3:utils: remove unused signing_flags in connections_forall()

We never use the signing flags from the session, as the tcon
has its own signing flags.

https://bugzilla.samba.org/show_bug.cgi?id=15412

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
(cherry picked from commit a9f84593f44f15a19c4cdde1e7ad53cd5e03b4d9)

- - - - -
fe91ed78 by Stefan Metzmacher at 2024-05-30T09:47:15+00:00
s3:lib: let sessionid_traverse_read() report if the session was authenticated

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15412

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
(cherry picked from commit 596a10d1079f5c4a954108c81efc862c22a11f28)

- - - - -
c547e0c0 by Stefan Metzmacher at 2024-05-30T09:47:15+00:00
s3:utils: let connections_forall_read() report if the session was authenticated

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15412

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
(cherry picked from commit 5089d8550640f72b1e0373f8ac321378ccaa8bd5)

- - - - -
6fbf5deb by Stefan Metzmacher at 2024-05-30T09:47:15+00:00
s3:utils: let smbstatus also report AES-256 encryption types for tcons

We already do that for sessions.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15412

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
(cherry picked from commit 8119fd6d6a49b869bd9e8ff653b500e194b070de)

- - - - -
610e11af by Stefan Metzmacher at 2024-05-30T09:47:15+00:00
s3:utils: let smbstatus also report partial tcon signing/encryption

We already do that for sessions and also for the json output,
but it was missing in the non-json output for tcons.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15412

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
(cherry picked from commit 551756abd2c9e4922075bc3037db645355542363)

- - - - -
9530c418 by Stefan Metzmacher at 2024-05-30T09:47:15+00:00
s3:smbd: allow anonymous encryption after one authenticated session setup

I have captures where a client tries smb3 encryption on an anonymous session,
we used to allow that before commit da7dcc443f45d07d9963df9daae458fbdd991a47
was released with samba-4.15.0rc1.

Testing against Windows Server 2022 revealed that anonymous signing is always
allowed (with the session key derived from 16 zero bytes) and
anonymous encryption is allowed after one authenticated session setup on
the tcp connection.

https://bugzilla.samba.org/show_bug.cgi?id=15412

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
(cherry picked from commit f3ddfb828e66738ca461c3284c423defb774547c)

- - - - -
2954489b by Stefan Metzmacher at 2024-05-30T09:47:15+00:00
s3:utils: let smbstatus report anonymous signing/encryption explicitly

We should mark sessions/tcons with anonymous encryption or signing
in a special way, as the value of it is void, all based on a
session key with 16 zero bytes.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15412

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>

Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Thu May 23 13:37:09 UTC 2024 on atb-devel-224

(cherry picked from commit 5a54c9b28abb1464c84cb4be15a49718d8ae6795)

- - - - -
0d0fbf2b by Stefan Metzmacher at 2024-05-30T09:47:15+00:00
s4:dsdb/repl: let drepl_out_helpers.c always go via dreplsrv_out_drsuapi_send()

I have customer backtraces showing that 'drsuapi' is NULL in
dreplsrv_op_pull_source_get_changes_trigger() called from the
WERR_DS_DRA_SCHEMA_MISMATCH retry case of
dreplsrv_op_pull_source_apply_changes_trigger(), while 'drsuapi' was
a valid pointer there.

>From reading the code I don't understand how this can happen,
but it does very often on RODCs. And this fix prevents the problem.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15573

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 83030780285290ecf64b57c1744634379b68ea01)

- - - - -
ba361b11 by Stefan Metzmacher at 2024-05-30T09:47:15+00:00
s3:libsmb: allow store_cldap_reply() to work with a ipv6 response

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15642

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Fri May 10 01:35:18 UTC 2024 on atb-devel-224

(cherry picked from commit 712ffbffc03c7dcd551c1e22815ebe7c0b9b45d2)

- - - - -
4257e3b8 by Stefan Metzmacher at 2024-05-30T09:47:15+00:00
s3:libads: avoid changing ADS->server.workgroup

ads_find_dc() uses c_domain = ads->server.workgroup and
don't expect it to get out of scope deep in resolve_and_ping_dns().

The result are corrupted domain values in the debug output.

Valgrind shows this:

 Invalid read of size 1
    at 0x483EF46: strlen (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
    by 0x608BE94: __vfprintf_internal (vfprintf-internal.c:1688)
    by 0x609ED49: __vasprintf_internal (vasprintf.c:57)
    by 0x5D2EC0F: __dbgtext_va (debug.c:1860)
    by 0x5D2ED3F: dbgtext (debug.c:1881)
    by 0x4BFFB50: ads_find_dc (ldap.c:570)
    by 0x4C001F4: ads_connect (ldap.c:704)
    by 0x4C1DC12: ads_dc_name (namequery_dc.c:84)
  Address 0xb69f6f0 is 0 bytes inside a block of size 11 free'd
    at 0x483CA3F: free (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
    by 0x4BFF0AF: ads_try_connect (ldap.c:299)
    by 0x4BFF40E: cldap_ping_list (ldap.c:367)
    by 0x4BFF75F: resolve_and_ping_dns (ldap.c:468)
    by 0x4BFFA91: ads_find_dc (ldap.c:556)
    by 0x4C001F4: ads_connect (ldap.c:704)
    by 0x4C1DC12: ads_dc_name (namequery_dc.c:84)
  Block was alloc'd at
    at 0x483B7F3: malloc (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
    by 0x60B250E: strdup (strdup.c:42)
    by 0x4FF1492: smb_xstrdup (util.c:743)
    by 0x4C10E62: ads_init (ads_struct.c:148)
    by 0x4C1DB68: ads_dc_name (namequery_dc.c:73)

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14981

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit ca859e55d28f421196bc2660cfa84595ec5b57c6)

- - - - -
260d1bba by Stefan Metzmacher at 2024-05-30T09:47:15+00:00
s3:include: let nameserv.h be useable on its own

A lot of stuff is private to nmbd and can
be moved from nameserv.h.

This allows move required types from smb.h to
nameserv.h, so that this can be standalone.
Including it from smb.h is not a huge problem
as nmbd internals are gone from nameserv.h.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15620

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 7f96c21029e3b94d38bd871c79cabf872ad77fae)

- - - - -
27e4297f by Stefan Metzmacher at 2024-05-30T09:47:15+00:00
s3:include: split out fstring.h

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15620

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 105247c90007474947e2314b63be72fb21f09811)

- - - - -
2f73d251 by Stefan Metzmacher at 2024-05-30T09:47:16+00:00
s3:wscript: LIBNMB requires lp_ functions

We need to make this explicit in order to let LIBNMB be used
in source4 code.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15620

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 011f68ae5ddc3fae8b453744aeb95766d885915e)

- - - - -
234df77a by Stefan Metzmacher at 2024-05-30T09:47:16+00:00
s3:libsmb/unexpected: don't use talloc_tos() in async code

It's not needed and it requires the caller to setup a
stackframe...

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15620

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit f90cf0822d6e66426d72f92bd585119066e2a9c3)

- - - - -
b0c2389c by Stefan Metzmacher at 2024-05-30T09:47:16+00:00
s3:libsmb/unexpected: pass nmbd_socket_dir from the callers of nb_packet_{server_create,reader_send}()

This will allow source4/nbt_server to make use of
nb_packet_server_create().

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15620

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 696505a1efbcc9803a287d8c267fed9d04bf8885)

- - - - -
b440c11e by Stefan Metzmacher at 2024-05-30T09:47:16+00:00
s3:libsmb/dsgetdcname: use NETLOGON_NT_VERSION_AVOID_NT4EMUL

In 2024 we always want an active directory response...

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15620

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 2b66663c75cdb3bc1b6bc5b1736dd9d35b094b42)

- - - - -
cf37f9f5 by Stefan Metzmacher at 2024-05-30T09:47:16+00:00
libcli/nbt: add nbt_name_send_raw()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15620

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit cca373b806e01fc57bd5316d3f8a17578b4b6531)

- - - - -
40fe6480 by Stefan Metzmacher at 2024-05-30T09:47:16+00:00
s4:libcli/dgram: let the generic incoming handler also get unexpected mailslot messages

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15620

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 11861bcfc3054894bc445e631ae03befb4865db8)

- - - - -
82f73dc2 by Stefan Metzmacher at 2024-05-30T09:47:16+00:00
s4:libcli/dgram: make use of socket_address_copy()

This avoids talloc_reference...

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15620

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 77f4f1c7dbaa2bb04d59d908923f6d11fd514da2)

- - - - -
6a673a35 by Stefan Metzmacher at 2024-05-30T09:47:16+00:00
s4:libcli/dgram: add nbt_dgram_send_raw() to send raw blobs

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15620

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit bfb10774b65af65f9c438a5d3e87529b1fcf46a1)

- - - - -
9d80c928 by Stefan Metzmacher at 2024-05-30T10:57:04+00:00
s4:nbt_server: simulate nmbd and provide unexpected handling

This is needed in order to let nbt_getdc() work against
another AD DC and get back a modern response with
DNS based names. Instead of falling back to
the ugly name_status_find() that simulates just
an NETLOGON_SAM_LOGON_RESPONSE_NT40 response.

This way dsgetdcname() can work with just the netbios
domain name given and still return an active directory
response.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15620

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 796f33c05a0ca337b675b5d4d127f7c53b22528f)

Autobuild-User(v4-20-test): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(v4-20-test): Thu May 30 10:57:04 UTC 2024 on atb-devel-224

- - - - -
1917b7f0 by Andreas Schneider at 2024-06-05T13:55:28+00:00
python: Fix NtVer check for site_dn_for_machine()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15633

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: David Mulder <dmulder at samba.org>
(cherry picked from commit 7a5e7b821259890dd2978e6f113f4a3dad110ea4)

- - - - -
06972920 by Andreas Schneider at 2024-06-05T13:55:28+00:00
s3:libads: Allow get_kdc_ip_string() to lookup the KDCs IP

Remove the requirement to provide an IP address. We should look up the
IP of the KDC and use it for the specified realm/workgroup.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15653

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 28aa0b815baf4668e3df01d52597c40fd430e2fb)

- - - - -
fb4c338f by Andreas Schneider at 2024-06-05T13:55:28+00:00
s3:libads: Do not fail if we don't get an IP passed down

The IP should be optional and we should look it up if not provided.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15653

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 9dcc52d2a57314ec9ddaae82b3c49da051d1f1d2)

- - - - -
65e781a3 by Andreas Schneider at 2024-06-05T15:01:54+00:00
s3:winbind: Fix idmap_ad creating an invalid local krb5.conf

In case of a trusted domain, we are providing the realm of the primary
trust but specify the KDC IP of the trusted domain. This leads to
Kerberos ticket requests to the trusted domain KDC which doesn't know
about the machine account. However we need a ticket from our primary
trust KDC.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15653

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(backported from commit 8989aa47b7493e6b7978c2efc4a40c781e9a2aee)

Autobuild-User(v4-20-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-20-test): Wed Jun  5 15:01:54 UTC 2024 on atb-devel-224

- - - - -
eb480df1 by Douglas Bagnall at 2024-06-10T13:24:16+00:00
pidl:Typelist: resolveType(): don't mistake a reference for a name

This function is only used by Python.pm, and was assuming any argument
unrecognised by hasType is a name. It sometimes isn't, resulting in
structures like this:

	{
	  'DATA' => {
		      'TYPE' => 'STRUCT'
		    },
	  'NAME' => {
		      'TYPE' => 'STRUCT',
		      'ALIGN' => undef,
		      'SURROUNDING_ELEMENT' => undef,
		      'ORIGINAL' => {
				      'TYPE' => 'STRUCT',
				      'FILE' => 'source3/librpc/idl/smbXsrv.idl',
				      'LINE' => 101,
				      'NAME' => 'tevent_context'
				    },
		      'ELEMENTS' => undef,
		      'NAME' => 'tevent_context',
		      'PROPERTIES' => undef
		    },
	  'TYPE' => 'TYPEDEF'
      };

The problem with that is we end up with the HASH reference as a name
in Python bindings, like this

      PyErr_SetString(PyExc_TypeError, "Can not convert C Type struct HASH(0x5e2dfe5ee278) from Python");

which makes the build nondeterministic (as well as making the message
a little mysterious).

I think all the structures for which this happens are marked
'[ignore]' in IDL, meaning they are not transmitted on the wire. They
should perhaps also not have useless Python getsetters, but let's call
that a different problem.

Thanks to Freexian and the Debian LTS project for sponsoring this work.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13213

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit f3433f60b8ee83fc785a6e6838513de31bff5a6a)

- - - - -
e7c132a4 by Douglas Bagnall at 2024-06-10T13:24:16+00:00
buildtools:pidl: avoid hash randomisation in pidl

Like many languages, Perl uses has randomisation to prevent nasty
users using crafted values that hash to the same number to effect a
denial of service. This means the traversal order of perl HASH tables
is different every time.

The IDL handed to pidl is trusted, so we don't really need
randomisation, but we do want to be sure the build is the same every
time.

I am not aware of hash randomisation causing problems, but it seems
prudent to avoid it.

We do a similar thing with PYTHONHASHSEED for the entire build.

Thanks to Freexian and the Debian LTS project for sponsoring this work.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13213

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 068b366709d005275727a0e8929d272c04cb7bd8)

- - - - -
b1173444 by Douglas Bagnall at 2024-06-10T13:24:16+00:00
examples:winexe: reproducible builds with zero timestamp

Windows Portable Executable files have a timestamp field and a
checksum field. By default the timestamp field is updated to the
current time, which consequently changes the checksum. This makes the
build nondeterministic. It looks like this:

  --- a/tmp/winexe-1/winexesvc64_exe_binary.c
  +++ b/tmp/winexe-2/winexesvc64_exe_binary.c
  @@ -23,7 +23,7 @@ const DATA_BLOB *winexesvc64_exe_binary(void)
                0x6D, 0x6F, 0x64, 0x65, 0x2E, 0x0D, 0x0D, 0x0A,
                0x24, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
                0x50, 0x45, 0x00, 0x00, 0x64, 0x86, 0x0A, 0x00,
  -             0xB2, 0x16, 0x55, 0x66, 0x00, 0x00, 0x00, 0x00,
  +             0xD3, 0x3B, 0x55, 0x66, 0x00, 0x00, 0x00, 0x00,
                0x00, 0x00, 0x00, 0x00, 0xF0, 0x00, 0x2E, 0x02,
                0x0B, 0x02, 0x02, 0x26, 0x00, 0x86, 0x00, 0x00,
                0x00, 0xBA, 0x00, 0x00, 0x00, 0x0C, 0x00, 0x00,
  @@ -33,7 +33,7 @@ const DATA_BLOB *winexesvc64_exe_binary(void)
                0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
                0x05, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00,
                0x00, 0x40, 0x01, 0x00, 0x00, 0x04, 0x00, 0x00,
  -             0x73, 0xD7, 0x00, 0x00, 0x03, 0x00, 0x60, 0x01,
  +             0x94, 0xFC, 0x00, 0x00, 0x03, 0x00, 0x60, 0x01,
                0x00, 0x00, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00,
                0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
                0x00, 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00,

https://learn.microsoft.com/en-us/windows/win32/debug/pe-format says
that a timestamp of zero can be used to represent a time that is not
"real or meaningful", so we do that.

As far as I can tell, the timestamp and checksum are only used in
DLLs, not directly executed .exe files.

Thanks to Freexian and the Debian LTS project for sponsoring this work.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13213

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit e604f7575167d3572e1b67c6e77ab7273508533d)

- - - - -
e2191933 by Douglas Bagnall at 2024-06-10T13:24:16+00:00
examples:winexe: embed Samba version as exe timestamp

It turns out the timestamp doesn't need to be real, and it isn't used,
but it might as well tell you something. So let's make it tell you what
version of Samba it came from, which could be useful for people who have
lots of old winexes lying around, the poor souls.

00000040  0e 1f ba 0e 00 b4 09 cd  21 b8 01 4c cd 21 54 68  |........!..L.!Th|
00000050  69 73 20 70 72 6f 67 72  61 6d 20 63 61 6e 6e 6f  |is program canno|
00000060  74 20 62 65 20 72 75 6e  20 69 6e 20 44 4f 53 20  |t be run in DOS |
00000070  6d 6f 64 65 2e 0d 0d 0a  24 00 00 00 00 00 00 00  |mode....$.......|
00000080  50 45 00 00 64 86 0a 00  00 15 04 00 00 00 00 00  |PE..d...........|
                                    |  |  |
                                    |  |  major  4.
                                    |  minor     21.
                                    release      0

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13213

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Autobuild-User(master): Douglas Bagnall <dbagnall at samba.org>
Autobuild-Date(master): Fri May 31 01:28:06 UTC 2024 on atb-devel-224

(cherry picked from commit 3a7dbf8b77b2a9e7cdc55bc5b339b9f501d037aa)

- - - - -
c206d3d2 by Douglas Bagnall at 2024-06-10T13:24:16+00:00
ldb: avoid out of bounds read and write in ldb_qsort()

If a compare function is non-transitive (for example, if it evaluates
A > B and B > C, but A < C), this implementation of qsort could access
out-of-bounds memory. This was found in glibc's qsort by Qualys, and
their write-up for OSS-Security explains it very well:

 https://www.openwall.com/lists/oss-security/2024/01/30/7

An example of a non-transitive compare is one in which does this

 int cmp(const void *_a, const void *_b)
 {
        int a = *(int *)_a;
        int b = *(int *)_b;
        return a - b;
 }

which does the right thing when the magnitude of the numbers is small,
but which will go wrong if a is INT_MIN and b is INT_MAX. Likewise, if
a and b are e.g. uint32_t, the value can wrap when cast to int.

We have functions that are non-transitive regardless of subtraction.
For example, here (which is not used with ldb_qsort):

 int codepoint_cmpi(codepoint_t c1, codepoint_t c2)
        if (c1 == c2 ||
            toupper_m(c1) == toupper_m(c2)) {
                return 0;
        }
        return c1 - c2;
 }

The toupper_m() is only called on equality case. Consider {'a', 'A', 'B'}.
     'a' == 'A'
     'a' >  'B'  (lowercase letters come after upper)
     'A' <  'B'

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15569
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 73e4f6026ad04b73074b413bd8c838ca48ffde7f)

- - - - -
3a840553 by Douglas Bagnall at 2024-06-10T13:24:16+00:00
lib/fuzzing/decode_ndr_X_crash: guess the pipe from filename

Usually we are dealing with a filename that tells you what the pipe is,
and there is no reason for this debug helper not to be convenient

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 8b6a584170eeb5082a188879be88e5f414b0be81)

- - - - -
b46af170 by Douglas Bagnall at 2024-06-10T13:24:16+00:00
util:tsort.h: add a macro for safely comparing numbers

In many places we use `return a - b;` in a comparison function. This can
be problematic if the comparison is used in a sort, as `a - b` is not
guaranteed to do what we expect. For example:

* if a and b are 2s-complement ints, a is INT_MIN and b is INT_MAX, then
  a - b = 1, which is wrong.

* if a and b are 64 bit pointers, a - b could wrap around many times in
  a cmp function returning 32 bit ints. (We do this often).

The issue is not just that a sort could go haywire.
Due to a bug in glibc, this could result in out-of-bounds access:

https://www.openwall.com/lists/oss-security/2024/01/30/7

(We have replicated this bug in ldb_qsort).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 5ab93f48c575db1a3c5a707258cc44f707a5eeb0)

- - - - -
9e19cc17 by Douglas Bagnall at 2024-06-10T13:24:16+00:00
ldb: add NUMERIC_CMP macro to ldb.h

In other places we tend to include tsort.h, which also has TYPESAFE_QSORT.

ldb.h already has TYPESAFE_QSORT, so it might as well have NUMERIC_CMP.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit de1b94f79ea8694ecdddab4b455d539caa7e77e2)

- - - - -
1b8ccbf0 by Douglas Bagnall at 2024-06-10T13:24:16+00:00
ldb:ldb_dn: use safe NUMERIC_CMP in ldb_dn_compare_base()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 5150b318f4894a8036b2a394c446afd513f8cb60)

- - - - -
696cca23 by Douglas Bagnall at 2024-06-10T13:24:16+00:00
ldb:ldb_dn: use safe NUMERIC_CMP in ldb_dn_compare()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 75e51bd99b7a029afd98b55283eddad835319ed6)

- - - - -
3071a4af by Douglas Bagnall at 2024-06-10T13:24:16+00:00
s4:ntvfs: use NUMERIC_CMP in stream_name_cmp

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit a6d76d6ee9f7cfcabe2c20b872b8b1cb598928a6)

- - - - -
f94b87da by Douglas Bagnall at 2024-06-10T13:24:16+00:00
s4:dsdb:mod:operational: use NUMERIC_CMP in pso_compare

prec_{1,2} are uint32_t, and if one is not set we are defaulting to
0xffffffff (a.k.a UINT32_MAX), so an overflow when cast to int seems
extremely likely.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 623adcf4aae00ac06e82d98a75ce4644890501e6)

- - - - -
51fa8c01 by Douglas Bagnall at 2024-06-10T13:24:16+00:00
s4: use numeric_cmp in dns_common_sort_zones()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit ee4ebcccd7d9d89dda59615b3653df2632fb1a5d)

- - - - -
be4965c6 by Douglas Bagnall at 2024-06-10T13:24:16+00:00
util:binsearch: user NUMERIC_CMP()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 09c98ff1263eb05933f1956e201655dd41e28a0c)

- - - - -
767344ee by Douglas Bagnall at 2024-06-10T13:24:16+00:00
torture:charset: use < and > assertions for strcasecmp_m

strcasecmp_m is supposed to return a negative, zero, or positive
number, depending on whether the first argument is less than, equal to,
or greater than the second argument (respectively).

We have been asserting that it returns exactly the difference between
the codepoints in the first character that differs.

This fixes a knownfail on 32 bit.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit ac0a8cd92ca4497bfcfad30e2b4d47547b582b92)

- - - - -
94b574cd by Douglas Bagnall at 2024-06-10T13:24:16+00:00
torture:charset: use < and > assertions for strncasecmp_m

strncasecmp_m is supposed to return a negative, zero, or positive
number, not necessarily the difference between the codepoints in
the first  character that differs, which we have been asserting up to
now.

This fixes a knownfail on 32 bit.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit dda0bb6fc71bae91f3158f69462cb79fdad210fb)

- - - - -
d18a6283 by Douglas Bagnall at 2024-06-10T13:24:16+00:00
torture:charset: test more of strcasecmp_m

We now test cases:

1. where the first string compares less
2. one of the strings ends before the other
3. the strings differ on a character other than the first.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit a512759d7b216cacc0a780b3304549b7945f919c)

- - - - -
eb8fd60e by Douglas Bagnall at 2024-06-10T13:24:16+00:00
util:charset:util_str: use NUMERIC_CMP in strcasecmp_m_handle

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit f788a399996a73b2aa206ec2b15f5943b06660e0)

- - - - -
10c0087d by Douglas Bagnall at 2024-06-10T13:24:16+00:00
util:test: test_ms_fn_match_protocol_no_wildcard: allow -1

We have changed strcasecmp_m() to return -1 in a place where it used
to return -3. This upset a test, but it shouldn't have: the exact
value of the negative int is not guaranteed by the function.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit d4ce8231f986a359dc657cd1a6b416270a53c7d3)

- - - - -
64d55301 by Douglas Bagnall at 2024-06-10T13:24:16+00:00
util:charset:codepoints: condepoint_cmpi uses NUMERIC_CMP()

If these are truly unicode codepoints (< ~2m) there is no overflow,
but the type is defined as uint32_t.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 675fdeee3d6570fdf5a055890dc3386a8db5fd88)

- - - - -
77b78b45 by Douglas Bagnall at 2024-06-10T13:24:16+00:00
util:charset:codepoints: codepoint_cmpi warning about non-transitivity

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit f07ae6990702f8806c0c815454b80a5596b7219a)

- - - - -
f9a7ded2 by Douglas Bagnall at 2024-06-10T13:24:16+00:00
s3:libsmb:namequery: note intransitivity in addr_compare()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 4a9d274d43b1adac113419c649bbf530d180229d)

- - - - -
ccd94628 by Douglas Bagnall at 2024-06-10T13:24:16+00:00
s3:libsmb:namequery: use NUMERIC_CMP in addr_compare

This one was OK, as the numbers are tightly bound, but there is no
real reason not to do it safely.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 3414a894ad6640fa8e282d650b1cc5319991545f)

- - - - -
6a0daf68 by Douglas Bagnall at 2024-06-10T13:24:16+00:00
lib/torture: add assert_int_{less,greater} macros

In some situations, like comparison functions for qsort, we don't care
about the actual value, just whethger it was greater or less than
zero.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 6159b098cf35a8043682bfd4c4ea17ef0da6e8ee)

- - - - -
1c6f16cd by Douglas Bagnall at 2024-06-10T13:24:16+00:00
util: charset:util_str: use NUMERIC_CMP in strncasecmp_m_handle

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 997b72d79e651ddbc20e67006ae176229528dc6f)

- - - - -
4fa00be3 by Douglas Bagnall at 2024-06-10T13:24:16+00:00
ldb:attrib_handlers: ldb_comparison_Boolean uses NUMERIC_CMP()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit f78b964cd81db11097e78099c0699f571f20e126)

- - - - -
f7e192e8 by Douglas Bagnall at 2024-06-10T13:24:16+00:00
ldb:attrib_handlers: ldb_comparison_binary uses NUMERIC_CMP()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 838c68470299045c5b1c9bdbd527edbeedebf2d6)

- - - - -
7990f5a2 by Douglas Bagnall at 2024-06-10T13:24:16+00:00
util:datablob: avoid non-transitive comparison in data_blob_cmp()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit e1519c3667841ce27b15983eae378799ef9936f7)

- - - - -
e0468b5a by Douglas Bagnall at 2024-06-10T13:24:16+00:00
ldb: avoid non-transitive comparison in ldb_val_cmp()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 5c36bc82415b246fccec9eae693da82b7aa45b81)

- - - - -
c95b7301 by Douglas Bagnall at 2024-06-10T13:24:16+00:00
ldb: reduce non-transitive comparisons in ldb_msg_element_compare()

We can still have inconsistent comparisons, because two elements with
the same number of values will always return -1 if they are unequal,
which means they will sort differently depending on the order in which
they are compared.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 21a071e4864dd739840c2ad4adb0c71ec33f8427)

- - - - -
bd548a92 by Douglas Bagnall at 2024-06-10T13:24:16+00:00
libcli/security: use NUMERIC_CMP in dom_sid_compare()

sid->num_auths is always small (int8 < 16), so this is cosmetic only.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit cb94202c1cf990e871ee2e8e43c577a0e4b9ee6f)

- - - - -
886818f5 by Douglas Bagnall at 2024-06-10T13:24:16+00:00
libcli/security: use NUMERIC_CMP in dom_sid_compare_auth()

These numbers are all 8 bit, so overflow is unlikely.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 4641a97151783c2ae825582e91b4676d66dcb713)

- - - - -
39505028 by Douglas Bagnall at 2024-06-10T13:24:16+00:00
s3:lib:util_tdb: use NUMERIC_CMP() in tdb_data_cmp()

Although these are size_t, in practice TDB data is limited to 32 bit.
Even so, overflow of a signed int is possible.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit dd4a0c276813b2c8516061110a7e580aa9afcf40)

- - - - -
c6ed9351 by Douglas Bagnall at 2024-06-10T13:24:16+00:00
s4:rpc_server: compare_SamEntry() uses NUMERIC_CMP()

SamEntry.idx is uint32_t.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit ed3ab87bdb0f6c6a9ea6323ed240fe267220b759)

- - - - -
a326992c by Douglas Bagnall at 2024-06-10T13:24:16+00:00
s4:dns_server: use NUMERIC_CMP in rec_cmp()

dnsp_DnssrvRpcRecord.dwTimeStamp is uint32_t, making overflow possible.

dnsp_DnssrvRpcRecord.wType is an enum, which has the size of an int,
though it may be hard to set it to overflowing values.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 42ead213484840121ce6bc0db22941ea0a019105)

- - - - -
7acee3ae by Douglas Bagnall at 2024-06-10T13:24:16+00:00
s4:wins: use NUMERIC_CMP in winsdb_addr_sort_list()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 66d47537e42caa528c7fab670d9c35d27c513cce)

- - - - -
20648aaf by Douglas Bagnall at 2024-06-10T13:24:16+00:00
s4:wins: winsdb_addr_sort_list() uses NUMERIC_CMP()

expire_time is time_t, which is at least int-sized, so overflow is
possible (if this code ever runs).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit d8b97649ef4d3ccaf53878021be0e2d4824b982c)

- - - - -
27becb5a by Douglas Bagnall at 2024-06-10T13:24:16+00:00
s4:wins: use NUMERIC_CMP in nbtd_wins_randomize1Clist_sort()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit a197be2003d7e248b1e1294f4ad5473f48762bce)

- - - - -
48494283 by Douglas Bagnall at 2024-06-10T13:24:16+00:00
s3:util:net_registry: registry_value_cmp() uses NUMERIC_CMP()

v->type is an int-sized enum, so overflow might be possible if it could
be arbitrarily set.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 5e99262aaf5fc6601f3859c8b060b680b11bf6ea)

- - - - -
e3f491e3 by Douglas Bagnall at 2024-06-10T13:24:16+00:00
s3:smbcacls: use NUMERIC_CMP in ace_compare

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 31101a9fa1503be9d8137e42466f57d85136a156)

- - - - -
4d6f0ad6 by Douglas Bagnall at 2024-06-10T13:24:16+00:00
s3:util:sharesec ace_compare() uses NUMERIC_CMP()

ace->access_mask is uint32_t, so can overflow a signed int.
This would be easy to trigger, as it is a flags field rather than an
allocation count.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit e35d54fd4d381df67ab9b4f8390e2109b2142678)

- - - - -
faed55f4 by Douglas Bagnall at 2024-06-10T13:24:16+00:00
s3:libsmb_xattr: ace_compare() uses NUMERIC_CMP()

the access_mask is the easiest to overflow with subtraction -- other
fields are 8 or 16 bit.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Wed Apr 10 23:58:12 UTC 2024 on atb-devel-224

(cherry picked from commit 81598b42455d6758941da532c668b6d4e969cc40)

- - - - -
5f52991b by Douglas Bagnall at 2024-06-10T13:24:16+00:00
ldb:mod:sort: rearrange NULL checks

There are further changes coming here.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit d785c1991c922150bab38c36cef3a799448ac304)

- - - - -
a0a83539 by Douglas Bagnall at 2024-06-10T13:24:16+00:00
ldb:sort: check that elements have values

We assume no values is unlikely, since we have been dereferencing
->values[0] forever, with no known reports of trouble.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit d4e69734c65ade0bbb398447012513a7f27e98bd)

- - - - -
f3b6ec04 by Douglas Bagnall at 2024-06-10T13:24:16+00:00
ldb:sort: generalise both-NULL check to equality check

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 531f31df99341b2cb1afc42538022451ca771983)

- - - - -
f61aabdb by Douglas Bagnall at 2024-06-10T13:24:16+00:00
ldb:dn: make ldb_dn_compare() self-consistent

We were returning -1 in all these cases:

   ldb_dn_compare(dn, NULL);
   ldb_dn_compare(NULL, dn);
   ldb_dn_compare(NULL, NULL);

which would give strange results in sort, where this is often used.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 5fe488d515a8bb719bdeafb8b64d8479732b5ac8)

- - - - -
94f38553 by Douglas Bagnall at 2024-06-10T13:24:16+00:00
s3:brlock: use NUMERIC_CMP in #ifdef-zeroed lock_compare

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 9b73235d4957a487fbb3214fdfda6461a2cf0b21)

- - - - -
6893310b by Douglas Bagnall at 2024-06-10T13:24:16+00:00
s3:mod:posixacl_xattr: use NUMERIC_CMP in posixacl_xattr_entry_compare

The first subtraction was between uint16_t, so is safe with 32 bit
int, but the second compared uint32_t, so was not safe.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 8b2605a5d9cc14f9e6ddf2db704cdca2f523d74e)

- - - - -
29b17d29 by Douglas Bagnall at 2024-06-10T13:24:16+00:00
s3:mod:vfs_vxfs: use NUMERIC_CMP in vxfs_ace_cmp

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 386216d4a158d8bafb0879a0a753da096a939b93)

- - - - -
835594de by Douglas Bagnall at 2024-06-10T13:24:16+00:00
dsdb:schema: use NUMERIC_CMP in place of uint32_cmp

uint32_cmp (introduced in 0c362597c0f933b3612bb17328c0a13b73d72e43
"fixed the sorting of schema attributes") was doing what NUMERIC_CMP
does, but it was adding an extra function call. This results in less
code.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 8317a6173646d425dc99e08bbf3d6086b0086bc5)

- - - - -
2f6c5b66 by Douglas Bagnall at 2024-06-10T13:24:16+00:00
s3:rpc:wkssvc_nt: dom_user_cmp uses NUMERIC_CMP

usr->login_time is time_t, which is often bigger than int.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 75682e397b9cf22d04a5d80252554c6b2e376793)

- - - - -
1d527c49 by Douglas Bagnall at 2024-06-10T13:24:16+00:00
gensec: sort_gensec uses NUMERIC_CMP

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit acaa1323d0337ae9339dfff9f856ea54725a86ac)

- - - - -
de865f6c by Douglas Bagnall at 2024-06-10T13:24:16+00:00
lib/socket: rearrange iface_comp() to use NUMERIC_CMP

We rearrange rather than just replacing the subtraction, because that
would call ntohl() more than necessary, and I think the flow is a bit
clearer this way.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 7ba6fcb93656e5e88e1d5bcd6002747aa64f0a3a)

- - - - -
d2aaed5d by Douglas Bagnall at 2024-06-10T13:24:16+00:00
s3:libsmb:nmblib: use NUMERIC_CMP in status_compare

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 31c322874b8b65518cec945e05a42fd014e6390b)

- - - - -
8f049015 by Douglas Bagnall at 2024-06-10T13:24:16+00:00
s4:rpcsrv:dnsserver: make dns_name_compare transitive with NULLs

Returning 0 on `(name1 == NULL || name2 == NULL)` made NULL equal to
everything, which confuses a sort (consider {A, B, NULL} where A > B,
but A == NULL == B).

The only caller is dnsserver_enumerate_records() which fails if it
finds a NULL in the sorted list. We make the happen more quickly by
sorting NULLs to the front.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 7be535315a5eed5d5b7eaea025ecf9f55e772e8e)

- - - - -
dcf393af by Douglas Bagnall at 2024-06-10T13:24:17+00:00
s4:rpcsrv:samr: improve a comment in compare_msgRid

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 6229feab74a734190c302ee9b1cc36960669743d)

- - - - -
da5c625e by Douglas Bagnall at 2024-06-10T13:24:17+00:00
ldb-samba: ldif-handlers: make ldif_comparison_objectSid() accurate

This function compares blobs that might be SID strings or might be SID
structures. Until now, if they were both (seemingly) strings, they were
compared as strings, otherwise if either was a string it was converted to
a structure blob, then the blobs were compared. This had two big problems:

1. There is variety in the way a SID can be stringified. For example,
   "s-1-02-3" means the same SID as "S-1-2-3", but those wouldn't compare
   equal.

2. SID comparison was crazily non-transitive. Consider the three values
     a = "S-1-2-3-4-5",
     b = "S-1-9-1",
     c = SID("S-1-11-1"), where c is a struct and the others are string.

   then we had,
     a < b, because the 5th character '2' < '9'.
     a > c, because when converted to a structure, the number of sub-auths
            is the first varying byte. a has 3, c has 0.
     b < c, because after the sub-auth count comes the id_auth value
            (big-endian, which doesn't matter in this case).

That made the function unreliable for sorting, AND for simple equality
tests. Also it leaked.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 6722e80d1b3a252a1ed714be4a35185cd99971e3)

- - - - -
956bff1d by Douglas Bagnall at 2024-06-10T13:24:17+00:00
ldb-samba:ldif_handlers: dn_link_comparison semi-sorts deleted objects

We were always returning -1 for a deleted object, which works for an
equality test, but not a relative comparison.

This sorts deleted DNs toward the end of the list -- except when both
DNs are deleted. What should happen there is yet to be determined.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit db963b1674ede357d4edba578e0e0372dcb2f287)

- - - - -
ae770139 by Douglas Bagnall at 2024-06-10T13:24:17+00:00
ldb-samba:ldif_handlers: dn_link_comparison semi-sorts invalid DNs

these tend to go to the end of the sorted array.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 11d5a809325369b48d14023adf109e418bb1c7af)

- - - - -
d819b214 by Douglas Bagnall at 2024-06-10T13:24:17+00:00
ldb-samba:ldif_handlers: dn_link_comparison correctly sorts deleted objects

This changes the behaviour of the DN syntax .comparison_fn when being
used in a search, if the search key is a deleted DN.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 70356592563bf758dbe509413445b77bb0d7da14)

- - - - -
586c0f3d by Douglas Bagnall at 2024-06-10T13:24:17+00:00
ldb-samba:ldif_handlers: dn_link_comparison leaks less

dn1 and dn2 can be invalid but still occupying memory.
(ldb_dn_validate(dn2) does contain a NULL check, but a lot more besides).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 341b8fb60e291ad598fafd7a09a75e9b249de07f)

- - - - -
3d62269d by Douglas Bagnall at 2024-06-10T13:24:17+00:00
ldb-samba:ldif_handlers: dn_link_comparison: sort invalid DNs

If both DNs are invalid, we can say they are equal.

This means invalid or NULL DNs will sort to the end of the array,
before deleted DNs:

[ valid DNs, sorted | invalid/NULL DNs | deleted DNs, sorted ]

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 7280c8e53f463108fe3de443ce63572dde689a30)

- - - - -
7d295cb6 by Douglas Bagnall at 2024-06-10T13:24:17+00:00
ldb:attrib_handlers: make ldb_comparison_Boolean more consistent

This isn't supposed to be used for sorting, but it is hard to say it
won't be, so we might as well make it sort properly.

Following long-standing behaviour, we try to sort "FALSE" > "TRUE", by
length, then switch to using strncasecmp().

strncasecmp would sort the other way, so we swap the operands. This is
to make e.g. "TRUE\0" sort the same as "TRUE".

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit a75c98ad688415aec8afc617a759ba90cfd9f23b)

- - - - -
21a01b3b by Douglas Bagnall at 2024-06-10T13:24:17+00:00
ldb: avoid NULL deref in ldb_db_compare

This also sorts NULLs after invalid DNs, which matches the comment
above.

CID 1596622.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit af7654331fb6a2d9cc41cf5bdffa74c81ff4ffee)

- - - - -
7ae866c6 by Douglas Bagnall at 2024-06-10T13:24:17+00:00
s4:dsdb:mod: repl_md: make message_sort transitive

Before we had (with a TODO of regret):

       if (!a1 || !a2) {
               return strcasecmp(e1->name, e2->name);
       }

so, given {name:"A", id 2}, {name:"B", NO id}, {name:"C", id 1},

 A < B by name
 B < C by name
 A > C by id

Now the sort order is always A > C > B.

This sort could have caused mysterious crashes in repl_meta_data if
the schema is out of sync.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 5335f122fb551231a02a58f88f6a0aa23b5e02cb)

- - - - -
d12f3cce by Douglas Bagnall at 2024-06-10T13:24:17+00:00
s4:dsdb:mod: repl_md: message sort uses NUMERIC_CMP()

No change at all in the result, just saving lines and branches.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 827b0c39ed0497407bfcfc5683735a165b1b0f0a)

- - - - -
3f9d9f83 by Douglas Bagnall at 2024-06-10T13:24:17+00:00
ldb:attrib_handlers: use NUMERIC_CMP in ldb_comparison_fold

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit f81b7c7eb206a447d799a25cc2da26304dc7567a)

- - - - -
e2125192 by Douglas Bagnall at 2024-06-10T13:24:17+00:00
ldb:attrib_handlers: reduce non-transitive behaviour in ldb_comparison_fold

If two strings are invalid UTF-8, the string is first compared with
memcmp(), which compares as unsigned char.

If the strings are of different lengths and one is a substring of the
other, the memcmp() returns 0 and a second comparison is made which
assumes the next character in the shorter string is '\0' -- but this
comparison was done using SIGNED chars (on most systems). That leads
to non-transitive comparisons.

Consider the strings {"a\xff", "a", "ab\xff"} under that system.

   "a\xff"  < "a",      because (char)0xff == -1.

   "ab\xff" > "a",     because  'b' == 98.

   "ab\xff" < "a\xff", because memcmp("ab\xff", "a\xff", 2) avoiding the
                       signed char tiebreaker.

(Before c49c48afe09a1a78989628bbffd49dd3efc154dd, the final character
might br arbitrarily cast into another character -- in latin-1, for
example, the 0xff here would have been seen as 'ÿ', which would be
uppercased to 'Ÿ', which is U+0178, which would be truncated to
'\x78', a positive char.

On the other hand e.g. 0xfe, 'þ', would have mapped to 0xde, 'Þ',
remaining negative).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit e2051eebd492a419f840280336eb242d0b4a26ac)

- - - - -
50d4451b by Douglas Bagnall at 2024-06-10T14:43:44+00:00
s3:smbcacls: fix ace_compare

We got this wrong in commit 31101a9fa1503be9d8137e42466f57d85136a156.

In fact, we should probably not reorder the inherited ACLs, but that
is for another patch series.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 5abeb724d74af2b861f2ee6bc27762bb5bf07bca)

Autobuild-User(v4-20-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-20-test): Mon Jun 10 14:43:44 UTC 2024 on atb-devel-224

- - - - -
f681ee3b by Jeremy Allison at 2024-06-12T09:20:11+00:00
s3/torture: Add test for widelink case insensitivity on a MSDFS share.

Add knownfail.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15662

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
(cherry picked from commit e37e4f474935819c75c078e52715cf3212f77359)

- - - - -
e57e3590 by Jeremy Allison at 2024-06-12T10:22:36+00:00
s3: vfs_widelinks: Allow case insensitivity to work on DFS widelinks shares.

Remove knownfail.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15662

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Jun 11 17:00:38 UTC 2024 on atb-devel-224

(cherry picked from commit e535bcc698bd5eb31f5c5e0c144692988a044e79)

Autobuild-User(v4-20-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-20-test): Wed Jun 12 10:22:36 UTC 2024 on atb-devel-224

- - - - -
e8dc4bb0 by Andreas Schneider at 2024-06-14T11:10:15+00:00
bootstrap: Fix runner tags

See https://docs.gitlab.com/ee/ci/runners/hosted_runners/linux.html

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15660

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 84fb5cc8451c0af354850f39ae6debf388849ebb)

- - - - -
7edef3c7 by Andreas Schneider at 2024-06-14T11:10:15+00:00
bootstrap: Set git safe.directory

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15660

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit d00e9482a50b5a756f4847cde977c40c80e179c5)

- - - - -
95c59655 by Andreas Schneider at 2024-06-14T11:10:15+00:00
bootstrap: Fix building CentOS 8 Stream container images

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15660

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit f3af6e860800d0f837cdf6c2d16d1cd12feb08df)

- - - - -
e5293b11 by Andreas Schneider at 2024-06-14T11:10:15+00:00
gitlab-ci: Set git safe.directory for devel repo

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15660

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 54fed589cca245c716492bcc78b574c30378b19c)

- - - - -
87ac580b by Andreas Schneider at 2024-06-14T11:10:15+00:00
third_party: Update uid_wrapper to version 1.3.1

This fixes issues with bind compiled with jemalloc.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15660

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit f88e60644e76c6310088934439f9c0da0f63905f)

- - - - -
8b8fef4c by Andreas Schneider at 2024-06-14T12:17:55+00:00
third_party: Update socket_wrapper to version 1.4.3

This fixes issues with bind compiled with jemalloc.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15660

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Thu Jun 13 08:41:39 UTC 2024 on atb-devel-224

(cherry picked from commit 8ae180e1678fc8565b8074d4886f7d3676a0f950)

Autobuild-User(v4-20-test): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(v4-20-test): Fri Jun 14 12:17:55 UTC 2024 on atb-devel-224

- - - - -
19fc5bb6 by Stefan Metzmacher at 2024-06-18T07:30:11+00:00
python:tests/dns_base: generate a real signature in bad_sign_packet()

We just destroy the signature bytes but keep the header unchanged.

This makes it easier to look at it in wireshark.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13019

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit ae23d512a724650ae2de1178ac43deff8266aa56)

- - - - -
3bd80a25 by Stefan Metzmacher at 2024-06-18T07:30:11+00:00
python:tests/dns_base: use ndr_deepcopy() and ndr_pack() in verify_packet()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13019

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit c594cbad4af97031bb7b5b0eb2fb228b00acf646)

- - - - -
c00749ed by Stefan Metzmacher at 2024-06-18T07:30:11+00:00
python:tests/dns_base: let dns_transaction_tcp() handle short receives

With socket_wrapper we only get 1500 byte chunks...

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13019

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit c741d0f3969abe821e8ee2a10f848159eb2749fe)

- - - - -
f7f0518b by Stefan Metzmacher at 2024-06-18T07:30:11+00:00
python:tests/dns_base: add self.assert_echoed_dns_error()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13019

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit ce591464cb12ab00a5d5752a7cea5f909c3c3f1b)

- - - - -
9cfc2e24 by Stefan Metzmacher at 2024-06-18T07:30:11+00:00
python:tests/dns_tkey: make use of self.assert_echoed_dns_error()

Failed DNS updates just echo the request flaged as response,
all other elements are unchanged.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13019

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 6e997f93d53ac45af79aec030bad73f51bdc5629)

- - - - -
12d4e452 by Stefan Metzmacher at 2024-06-18T07:30:11+00:00
python:tests/dns_base: let tkey_trans() and sign_packet() take algorithm_name as argument

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13019

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit f8dfa9b33bdedffbe2e3b6e229ffae4beb3c712e)

- - - - -
e58fe908 by Stefan Metzmacher at 2024-06-18T07:30:11+00:00
python:tests/dns_base: let tkey_trans() take tkey_req_in_answers

It's possible to put the additional into the answers section,
so we should be able to test that.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13019

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit cd747307d845f3cff723a7916aeeb31458f19202)

- - - - -
85784854 by Stefan Metzmacher at 2024-06-18T07:30:11+00:00
python:tests/dns_base: pass tkey_trans(expected_rcode)

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13019

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 27d92fa808c6617353c36fdb230504e880f4925b)

- - - - -
da7c3137 by Stefan Metzmacher at 2024-06-18T07:30:11+00:00
python:tests/dns_base: let dns_transaction_udp() take allow_{remaining,truncated}=True

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13019

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 1b1e7e06cf6ebd283de73c351267d53b42663d2f)

- - - - -
c7a936ec by Stefan Metzmacher at 2024-06-18T07:30:11+00:00
python:tests/dns_base: maintain a dict with tkey related state

This will allow tests to backup the whole state
and mix them.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13019

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit b0af60e7850e656ef98edeac657c66b853080dab)

- - - - -
501a25a1 by Stefan Metzmacher at 2024-06-18T07:30:11+00:00
python:tests/dns_tkey: test TKEY with gss-tsig, gss.microsoft.com and invalid algorithms

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13019

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 740bda87a80b97816d892e8f7aae28759f6916ec)

- - - - -
6438249c by Stefan Metzmacher at 2024-06-18T07:30:11+00:00
python:tests/dns_tkey: let us have test_update_gss_tsig_tkey_req_{additional,answers}()

Also test using the additional record in the answers section.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13019

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 3c7cb85eaf8371be55a371601cc354440dab7a94)

- - - - -
7dabac46 by Stefan Metzmacher at 2024-06-18T07:30:11+00:00
python:tests/dns_tkey: add gss.microsoft.com tsig updates

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13019

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit b9b03ca503c43c7ee06df6c331839bd47f9eac8c)

- - - - -
fdfd4e8a by Stefan Metzmacher at 2024-06-18T07:30:11+00:00
python:tests/dns_tkey: test bad and changing tsig algorithms

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13019

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit de4ed363d378f2065a4634f94af80ea0e3965c96)

- - - - -
bda80382 by Stefan Metzmacher at 2024-06-18T07:30:11+00:00
python:tests/dns_base: let verify_packet() work against Windows

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13019

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 8324d0739dfdd0a081c403e298a9038ee7df681f)

- - - - -
ff0afdd1 by Stefan Metzmacher at 2024-06-18T07:30:11+00:00
python:tests/dns_tkey: let test_update_tsig_windows() actually pass against windows 2022

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13019

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 848318338b2972f331e067bf1c8d6c7dac0748c8)

- - - - -
5a98bc50 by Stefan Metzmacher at 2024-06-18T07:30:11+00:00
python:tests/dns_base: add get_unpriv_creds() helper

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13019

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 88457da00d4110b419f7a7ccabcd542fa77e463f)

- - - - -
9137bb66 by Stefan Metzmacher at 2024-06-18T07:30:11+00:00
s4:selftest/tests: pass USERNAME_UNPRIV=$DOMAIN_USER to samba.tests.dns_tkey

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13019

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 753428a3b6c488c4aacea04d2ddb9ea73244695a)

- - - - -
a7f3293d by Stefan Metzmacher at 2024-06-18T07:30:11+00:00
python:tests/dns_tkey: add test_update_tsig_record_access_denied()

This demonstrates that access_denied is only generated if the client
really generates a change in the database.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13019

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 708a6fae6978e1462e1a53f4ee08f11b51a5637a)

- - - - -
ed8ef00c by Stefan Metzmacher at 2024-06-18T07:30:11+00:00
s4:dns_server: failed dns updates should result in REFUSED for ACCESS_DENIED

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13019

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit a56627b0d125ef7b456bebe307087f324f1f0422)

- - - - -
6e395cab by Stefan Metzmacher at 2024-06-18T07:30:11+00:00
s4:dns_server: only allow gss-tsig and gss.microsoft.com for TKEY

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13019

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit fa0f23e69eaf4f475bc9dc9aa0e23c7bd5208250)

- - - - -
7ddd758d by Stefan Metzmacher at 2024-06-18T07:30:11+00:00
s4:dns_server: only allow gss-tsig and gss.microsoft.com for TSIG

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13019

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 3467d1491490830d61d16cb6278051daf48466fc)

- - - - -
29981856 by Stefan Metzmacher at 2024-06-18T07:30:11+00:00
s4:dns_server: use the client provided algorithm for the fake TSIG structure

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13019

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit bd0235cd515d5602ed9501bfc810a2487364ea10)

- - - - -
3b36f447 by Stefan Metzmacher at 2024-06-18T07:30:11+00:00
s4:dns_server: use tkey->algorithm if available in dns_sign_tsig()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13019

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit ae7538af04435658d2ba6dcab109beecb6c5f13e)

- - - - -
f663b386 by Stefan Metzmacher at 2024-06-18T07:30:11+00:00
s4:dns_server: also search DNS_QTYPE_TKEY in the answers section if it's the last section

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13019

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 5906ed94f2c5c68e83c63e7c201534eeb323cfe7)

- - - - -
fdd61d60 by Stefan Metzmacher at 2024-06-18T07:30:11+00:00
s4:dns_server: dns_verify_tsig should return REFUSED on error

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13019

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit db350bc573b378fb0615bdd8592cc9c62f6db146)

- - - - -
89817ed2 by Stefan Metzmacher at 2024-06-18T07:30:11+00:00
s4:dns_server: correctly sign dns update responses with gss-tsig like Windows

This means we no longer generate strange errors/warnings
in the Windows event log nor in the nsupdate -g output.

Note: this is a only difference between gss-tsig and
the legacy gss.microsoft.com algorithms.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13019

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 76fec2668e73b9d15447abee551d5c04148aaf27)

- - - - -
df54d3fd by Stefan Metzmacher at 2024-06-18T07:30:11+00:00
s4:dns_server: no-op dns updates with ACCESS_DENIED should be ignored

If the client does not have permissions to update the record,
but the record already has the data the update tries to apply,
it's a no-op that should result in success instead of failing.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13019

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Thu Jun  6 03:18:16 UTC 2024 on atb-devel-224

(cherry picked from commit ed61c57e02309b738e73fb12877a0a565b627724)

- - - - -
9110627b by Günther Deschner at 2024-06-18T07:30:11+00:00
ctdb/ceph: Add optional namespace support for mutex helper

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15665

RADOS objects within a pool can be associated to a namespace for
logical separation. librados already provides an API to configure
such a namespace with respect to a context. Make use of it as an
optional argument to the helper binary.

Pair-Programmed-With: Anoop C S <anoopcs at samba.org>
Signed-off-by: Günther Deschner <gd at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>
(cherry picked from commit d8c52995f68fe088dd2174562faee69ed1c95edd)

- - - - -
f46facea by Günther Deschner at 2024-06-18T07:30:11+00:00
ctdb/docs: Include ceph rados namespace support in man page

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15665

Document the new optional argument to specify the namespace to be
associated with RADOS objects in a pool.

Pair-Programmed-With: Anoop C S <anoopcs at samba.org>
Signed-off-by: Günther Deschner <gd at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>

Autobuild-User(master): Anoop C S <anoopcs at samba.org>
Autobuild-Date(master): Fri Jun 14 07:42:25 UTC 2024 on atb-devel-224

(cherry picked from commit 35f6c3f3d4a5521e6576fcc0dd7dd3bbcea041b2)

- - - - -
5d593a73 by Andrew Bartlett at 2024-06-18T07:30:11+00:00
build: Add --vendor-name --vendor-patch-revision options to ./configure

These options are for packagers and vendors to set so that when
Samba developers are debugging an issue, we know exactly which
package is in use, and so have an idea if any patches have been
applied.

This is included in the string that a Samba backtrace gives,
as part of the PANIC message.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15654
REF: https://lists.samba.org/archive/samba-technical/2024-May/138992.html

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
(cherry picked from commit 651fb94c374c7f84405d960a9e0a0fd7fcb285dd)

- - - - -
dceb2e56 by Andrew Bartlett at 2024-06-18T07:30:11+00:00
script/autobuild.py: Add test for --vendor-name and --vendor-patch-revision

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15654

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

RN: We have added new options --vendor-name and --vendor-patch-revision arguments
to ./configure to allow distributions and packagers to put their name in the Samba
version string so that when debugging Samba the source of the binary is obvious.

[abartlet at samba.org adapted to 4.20 still having the seperate LDB build system
 from commit 72112d4814eb3872016c1168c477531be835a1f9]

- - - - -
4b4b0152 by Noel Power at 2024-06-18T07:30:11+00:00
selftest: Add a python blackbox test for some misc (widelink) DFS tests

On master attempting to chdir into a nested dfs link

e.g. cd dfslink (works)
     cd dfslink/another_dfslink (fails)

[1] Add a test for this scenario (nested chdir)
[2] Add test for enumerating a dfs link in root of dfs share
[3] Add a test to check case insensitive chdir into dfs link on widelink
  enabled share

Add knownfails for tests 1 and 3

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15435
(cherry picked from commit 7f1de90f72d6e8287aec6ab1d9f7776b7df624e5)

- - - - -
5b90acbe by Noel Power at 2024-06-18T08:33:30+00:00
s3/smbd: fix nested chdir into msdfs links on (widelinks = yes) share

This patch also removes known fail for existing test

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15435

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Jun 11 19:31:40 UTC 2024 on atb-devel-224

(cherry picked from commit 788ef8f07c75d5e6eca5b8f18d93d96f31574267)
[noel.power at suse.com backported to Samba 4.20 minor change to use
   4.20 create_open_symlink_err fn instead of read_symlink_reparse]

Autobuild-User(v4-20-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-20-test): Tue Jun 18 08:33:30 UTC 2024 on atb-devel-224

- - - - -
d7e0b593 by Stefan Metzmacher at 2024-06-19T13:00:11+00:00
s4:torture/smb2: add smb2.ioctl.copy_chunk_bug15644

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15664

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
(cherry picked from commit 372476aeb003e9c608cd2c0a78a9c577b57ba8f4)

- - - - -
b3ce5a86 by Stefan Metzmacher at 2024-06-19T13:00:11+00:00
vfs_default: also call vfs_offload_token_ctx_init in vfswrap_offload_write_send

If a client for whatever reason calls FSCTL_SRV_COPYCHUNK[_WRITE] without
FSCTL_SRV_REQUEST_RESUME_KEY, we call vfswrap_offload_write_send
before vfswrap_offload_read_send.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15664

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>

Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Mon Jun 17 18:02:27 UTC 2024 on atb-devel-224

(cherry picked from commit 462b74da79c51f9ba6dbd24e603aa904485d5123)

- - - - -
7d277c42 by Stefan Metzmacher at 2024-06-19T13:00:11+00:00
test_recycle.sh: make sure we don't see panics on the log files

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15659

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Noel Power <noel.power at suse.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit 2916b6096e16fb44d659b7e60d3f3a569d037279)

- - - - -
cf22968a by Stefan Metzmacher at 2024-06-19T13:00:11+00:00
TMP-REPRODUCE: vfs_recycle: demonstrate memory corruption in recycle_unlink_internal()

Forcing a reload of the smb.conf option values means the pointer learned
in vfs_recycle_connect() become stale.

This will be reverted at the end of the patset again.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15659

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Noel Power <noel.power at suse.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit 6467c47cbe562e99e970dbb895e1068f54e6295b)

- - - - -
db098ff1 by Stefan Metzmacher at 2024-06-19T13:00:11+00:00
vfs_recycle: don't unlink on allocation failure

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15659

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Noel Power <noel.power at suse.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit 691564f6ca7d206939558b8e69b5fb86a3e68650)

- - - - -
69b9c140 by Stefan Metzmacher at 2024-06-19T13:00:11+00:00
vfs_recycle: directly allocate smb_fname_final->base_name

We can use talloc_asprintf() instead of asprintf() followed
by talloc_strdup().

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15659

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Noel Power <noel.power at suse.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit 220b0e977e2e25f2033cfd62c17d998c750992fc)

- - - - -
a5d5d83c by Stefan Metzmacher at 2024-06-19T13:00:11+00:00
vfs_recycle: use a talloc_stackframe() in recycle_unlink_internal()

That makes the cleanup more clear...

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15659

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Noel Power <noel.power at suse.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit cf7a6b521ac0bb903dabbd1af208d1af4fbe9a8b)

- - - - -
4bb5f8a9 by Stefan Metzmacher at 2024-06-19T13:00:11+00:00
vfs_recycle: use the correct return in SMB_VFS_HANDLE_GET_DATA()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15659

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Noel Power <noel.power at suse.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit b38241da3dd73386c4f41a56d95d33d4e1e3d2de)

- - - - -
64d7108c by Stefan Metzmacher at 2024-06-19T13:00:11+00:00
vfs_recycle: fix memory hierarchy

If the configuration is reloaded strings and string lists
in recycle_config_data could become stale pointers
leading to segmentation faults...

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15659

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Noel Power <noel.power at suse.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit 2175856fef17964cef7cf8618b39736168219eec)

- - - - -
f464a85c by Stefan Metzmacher at 2024-06-19T13:00:11+00:00
Revert "TMP-REPRODUCE: vfs_recycle: demonstrate memory corruption in recycle_unlink_internal()"

This was only added to demonstrate the problem more reliable.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15659

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Noel Power <noel.power at suse.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit c229a84b449b8ba326ee0f6f702d91f101b99ee4)

- - - - -
7d69ec93 by Stefan Metzmacher at 2024-06-19T13:00:11+00:00
vfs_recycle: remember resolved config->repository in vfs_recycle_connect()

This should not change during the lifetime of the tcon.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15659

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Noel Power <noel.power at suse.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit 53b72ea4d25d4aa6cf8de1c7555456d4cc03b809)

- - - - -
694605f5 by Stefan Metzmacher at 2024-06-19T13:00:11+00:00
testprogs/blackbox: let test_trust_token.sh check for S-1-18-1 with kerberos

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15666

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit cda8beea45303a77080c64bb2391d22c59672deb)

- - - - -
cccd9c95 by Stefan Metzmacher at 2024-06-19T13:00:11+00:00
testprogs/blackbox: add test_ldap_token.sh to test "client use kerberos" and --use-kerberos

This shows that they are ignored for machine accounts as domain member.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15666

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit db2c576f329675e8d66e19c336fe04ccba918b4a)

- - - - -
46ebf66f by Stefan Metzmacher at 2024-06-19T13:00:11+00:00
auth/credentials: add cli_credentials_get_kerberos_state_obtained() helper

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15666

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit c715ac5e496ddde119212d3b880ff0e68c2da67b)

- - - - -
212b0146 by Stefan Metzmacher at 2024-06-19T13:00:11+00:00
auth/credentials: add tests for cli_credentials_get_kerberos_state[_obtained]()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15666

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit eeb60574b6bf1a5209b85a8af843b93300550ba7)

- - - - -
fc318c63 by Stefan Metzmacher at 2024-06-19T14:07:17+00:00
auth/credentials: don't ignore "client use kerberos" and --use-kerberos for machine accounts

We only turn desired into off in the NT4 domain member case.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15666

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Wed Jun 19 10:17:28 UTC 2024 on atb-devel-224

(cherry picked from commit 5b40cdf6e8885c9db6c5ffa972112f3516e4130a)

Autobuild-User(v4-20-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-20-test): Wed Jun 19 14:07:17 UTC 2024 on atb-devel-224

- - - - -
3dd39600 by Jule Anger at 2024-06-19T16:19:36+02:00
BUG 15569 ldb: Release LDB 2.9.1

* BUG 15569: Many qsort() comparison functions are non-transitive, which
  can lead to out-of-bounds access in some circumstances.

Signed-off-by: Jule Anger <janger at samba.org>

- - - - -
55cd97df by Jule Anger at 2024-06-19T16:19:36+02:00
WHATSNEW: Add release notes for Samba 4.20.2.

Signed-off-by: Jule Anger <janger at samba.org>

- - - - -
569d541c by Jule Anger at 2024-06-19T16:19:36+02:00
VERSION: Disable GIT_SNAPSHOT for the 4.20.2 release.

Signed-off-by: Jule Anger <janger at samba.org>

- - - - -
734ed1bf by Michael Tokarev at 2024-06-19T23:20:30+03:00
New upstream version 4.20.2+dfsg
- - - - -


30 changed files:

- .gitlab-ci-coverage-runners.yml
- .gitlab-ci-default-runners.yml
- .gitlab-ci-main.yml
- VERSION
- WHATSNEW.txt
- auth/credentials/credentials.c
- auth/credentials/credentials.h
- auth/credentials/credentials_secrets.c
- auth/credentials/tests/test_creds.c
- auth/gensec/gensec_start.c
- bootstrap/.gitlab-ci.yml
- bootstrap/config.py
- bootstrap/generated-dists/centos8s/bootstrap.sh
- bootstrap/sha1sum.txt
- buildtools/wafsamba/samba_pidl.py
- buildtools/wafsamba/samba_third_party.py
- buildtools/wafsamba/samba_version.py
- ctdb/doc/ctdb_mutex_ceph_rados_helper.7.xml
- ctdb/utils/ceph/ctdb_mutex_ceph_rados_helper.c
- examples/winexe/wscript
- examples/winexe/wscript_build
- lib/fuzzing/decode_ndr_X_crash
- lib/ldb-samba/ldif_handlers.c
- + lib/ldb/ABI/ldb-2.9.1.sigs
- + lib/ldb/ABI/pyldb-util-2.9.1.sigs
- lib/ldb/common/attrib_handlers.c
- lib/ldb/common/ldb_dn.c
- lib/ldb/common/ldb_msg.c
- lib/ldb/common/qsort.c
- lib/ldb/include/ldb.h


The diff was not included because it is too large.


View it on GitLab: https://salsa.debian.org/samba-team/samba/-/compare/2667fd06a42bf95e7bf5cae2c8499de940b29211...734ed1bfb4781e4f225112b9fa6c7e9dc9819409

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/samba-team/samba/-/compare/2667fd06a42bf95e7bf5cae2c8499de940b29211...734ed1bfb4781e4f225112b9fa6c7e9dc9819409
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-samba-maint/attachments/20240619/3c53e019/attachment-0001.htm>


More information about the Pkg-samba-maint mailing list