Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found

Target

Select target project
  • lts-team/packages/samba
  • thctlo/samba-lintianfix
  • arnaudr/samba
  • jrwren/samba
  • paride/samba
  • athos/samba
  • henrich/samba
  • cnotin/samba
  • mimi89999/samba
  • samba-team/samba
  • ahasenack/samba
  • jrtc27/samba
  • noel/samba
13 results
Show changes
Commits on Source (69)
Showing
with 295 additions and 72 deletions
......@@ -25,7 +25,7 @@
########################################################
SAMBA_VERSION_MAJOR=4
SAMBA_VERSION_MINOR=18
SAMBA_VERSION_RELEASE=5
SAMBA_VERSION_RELEASE=6
########################################################
# If a official release has a serious bug #
......
==============================
Release Notes for Samba 4.18.6
August 16, 2023
==============================
This is the latest stable release of the Samba 4.18 release series.
Changes since 4.18.5
--------------------
o Jeremy Allison <jra@samba.org>
* BUG 15420: reply_sesssetup_and_X() can dereference uninitialized tmp
pointer.
* BUG 15430: Missing return in reply_exit_done().
o Andrew Bartlett <abartlet@samba.org>
* BUG 15289: post-exec password redaction for samba-tool is more reliable for
fully random passwords as it no longer uses regular expressions
containing the password value itself.
* BUG 9959: Windows client join fails if a second container CN=System exists
somewhere.
o Ralph Boehme <slow@samba.org>
* BUG 15342: Spotlight sometimes returns no results on latest macOS.
* BUG 15417: Renaming results in NT_STATUS_SHARING_VIOLATION if previously
attempted to remove the destination.
* BUG 15427: Spotlight results return wrong date in result list.
o Günther Deschner <gd@samba.org>
* BUG 15414: "net offlinejoin provision" does not work as non-root user.
o Pavel Filipenský <pfilipensky@samba.org>
* BUG 15400: rpcserver no longer accepts double backslash in dfs pathname.
* BUG 15433: cm_prepare_connection() calls close(fd) for the second time.
o Stefan Metzmacher <metze@samba.org>
* BUG 15346: 2-3min delays at reconnect with smb2_validate_sequence_number:
bad message_id 2.
* BUG 15441: samba-tool ntacl get segfault if aio_pthread appended.
* BUG 15446: DCERPC_PKT_CO_CANCEL and DCERPC_PKT_ORPHANED can't be parsed.
o Noel Power <noel.power@suse.com>
* BUG 15390: Python tarfile extraction needs change to avoid a warning
(CVE-2007-4559 mitigation).
* BUG 15435: Regression DFS not working with widelinks = true.
o Arvid Requate <requate@univention.de>
* BUG 9959: Windows client join fails if a second container CN=System exists
somewhere.
o Jones Syue <jonessyue@qnap.com>
* BUG 15441: samba-tool ntacl get segfault if aio_pthread appended.
* BUG 15449: mdssvc: Do an early talloc_free() in _mdssvc_open().
#######################################
Reporting bugs & Development Discussion
#######################################
Please discuss this release on the samba-technical mailing list or by
joining the #samba-technical:matrix.org matrix room, or
#samba-technical IRC channel on irc.libera.chat.
If you do report problems then please try to send high quality
feedback. If you don't provide vital information to help us track down
the problem then you will probably be ignored. All bug reports should
be filed under the Samba 4.1 and newer product in the project's Bugzilla
database (https://bugzilla.samba.org/).
======================================================================
== Our Code, Our Bugs, Our Responsibility.
== The Samba Team
======================================================================
Release notes for older releases follow:
----------------------------------------
==============================
Release Notes for Samba 4.18.5
July 19, 2023
......@@ -70,8 +150,7 @@ database (https://bugzilla.samba.org/).
======================================================================
Release notes for older releases follow:
----------------------------------------
----------------------------------------------------------------------
==============================
Release Notes for Samba 4.18.4
July 05, 2023
......
......@@ -134,8 +134,9 @@ void samba_cmdline_set_machine_account_fn(
cli_credentials_set_machine_account_fn = fn;
}
void samba_cmdline_burn(int argc, char *argv[])
bool samba_cmdline_burn(int argc, char *argv[])
{
bool burnt = false;
bool found = false;
bool is_user = false;
char *p = NULL;
......@@ -145,9 +146,13 @@ void samba_cmdline_burn(int argc, char *argv[])
for (i = 0; i < argc; i++) {
p = argv[i];
if (p == NULL) {
return;
return false;
}
/*
* Take care that this list must be in longest-match
* first order
*/
if (strncmp(p, "-U", 2) == 0) {
ulen = 2;
found = true;
......@@ -156,9 +161,15 @@ void samba_cmdline_burn(int argc, char *argv[])
ulen = 6;
found = true;
is_user = true;
} else if (strncmp(p, "--password2", 11) == 0) {
ulen = 11;
found = true;
} else if (strncmp(p, "--password", 10) == 0) {
ulen = 10;
found = true;
} else if (strncmp(p, "--newpassword", 13) == 0) {
ulen = 13;
found = true;
}
if (found) {
......@@ -180,8 +191,10 @@ void samba_cmdline_burn(int argc, char *argv[])
memset_s(p, strlen(p), '\0', strlen(p));
found = false;
is_user = false;
burnt = true;
}
}
return burnt;
}
static bool is_popt_table_end(const struct poptOption *o)
......
......@@ -147,8 +147,10 @@ void samba_cmdline_set_machine_account_fn(
* @param[in] argc The number of arguments.
*
* @param[in] argv[] The argument array we should remove secrets from.
*
* @return true if a password was removed, false otherwise.
*/
void samba_cmdline_burn(int argc, char *argv[]);
bool samba_cmdline_burn(int argc, char *argv[]);
/**
* @brief Sanity check the command line options.
......
......@@ -276,12 +276,10 @@ interface dcerpc
} dcerpc_auth3;
typedef [public] struct {
[value(0)] uint32 _pad;
[flag(NDR_REMAINING)] DATA_BLOB auth_info;
} dcerpc_orphaned;
typedef [public] struct {
[value(0)] uint32 _pad;
[flag(NDR_REMAINING)] DATA_BLOB auth_info;
} dcerpc_co_cancel;
......
......@@ -565,9 +565,14 @@ static int dcerpc_read_ncacn_packet_next_vector(struct tstream_context *stream,
ofs = state->buffer.length;
if (frag_len < ofs) {
if (frag_len <= ofs) {
/*
* something is wrong, let the caller deal with it
* With frag_len == ofs, we are done, this is likely
* a DCERPC_PKT_CO_CANCEL and DCERPC_PKT_ORPHANED
* without any payload.
*
* Otherwise it's a broken packet and we
* let the caller deal with it.
*/
*_vector = NULL;
*_count = 0;
......
......@@ -71,3 +71,38 @@ error:
Py_XDECREF(mod_sys);
return false;
}
char **PyList_AsStringList(TALLOC_CTX *mem_ctx, PyObject *list,
const char *paramname)
{
char **ret;
Py_ssize_t i;
if (!PyList_Check(list)) {
PyErr_Format(PyExc_TypeError, "%s is not a list", paramname);
return NULL;
}
ret = talloc_array(NULL, char *, PyList_Size(list)+1);
if (ret == NULL) {
PyErr_NoMemory();
return NULL;
}
for (i = 0; i < PyList_Size(list); i++) {
const char *value;
Py_ssize_t size;
PyObject *item = PyList_GetItem(list, i);
if (!PyUnicode_Check(item)) {
PyErr_Format(PyExc_TypeError, "%s should be strings", paramname);
return NULL;
}
value = PyUnicode_AsUTF8AndSize(item, &size);
if (value == NULL) {
talloc_free(ret);
return NULL;
}
ret[i] = talloc_strndup(ret, value, size);
}
ret[i] = NULL;
return ret;
}
......@@ -20,7 +20,14 @@
#ifndef __SAMBA_PYTHON_MODULES_H__
#define __SAMBA_PYTHON_MODULES_H__
#include <talloc.h>
bool py_update_path(void);
/* discard signature of 'func' in favour of 'target_sig' */
#define PY_DISCARD_FUNC_SIG(target_sig, func) (target_sig)(void(*)(void))func
char **PyList_AsStringList(TALLOC_CTX *mem_ctx, PyObject *list,
const char *paramname);
#endif /* __SAMBA_PYTHON_MODULES_H__ */
......@@ -20,11 +20,13 @@
#include <Python.h>
#include "python/py3compat.h"
#include "includes.h"
#include "python/modules.h"
#include "version.h"
#include "param/pyparam.h"
#include "lib/socket/netif.h"
#include "lib/util/debug.h"
#include "librpc/ndr/ndr_private.h"
#include "lib/cmdline/cmdline.h"
void init_glue(void);
static PyObject *PyExc_NTSTATUSError;
......@@ -461,6 +463,62 @@ static PyObject *py_strstr_m(PyObject *self, PyObject *args)
return result;
}
static PyObject *py_get_burnt_commandline(PyObject *self, PyObject *args)
{
PyObject *cmdline_as_list, *ret;
char *burnt_cmdline = NULL;
Py_ssize_t i, argc;
char **argv = NULL;
TALLOC_CTX *frame = talloc_stackframe();
bool burnt;
if (!PyArg_ParseTuple(args, "O!", &PyList_Type, &cmdline_as_list))
{
TALLOC_FREE(frame);
return NULL;
}
argc = PyList_GET_SIZE(cmdline_as_list);
if (argc == 0) {
TALLOC_FREE(frame);
Py_RETURN_NONE;
}
argv = PyList_AsStringList(frame, cmdline_as_list, "sys.argv");
if (argv == NULL) {
return NULL;
}
burnt = samba_cmdline_burn(argc, argv);
if (!burnt) {
TALLOC_FREE(frame);
Py_RETURN_NONE;
}
for (i = 0; i < argc; i++) {
if (i == 0) {
burnt_cmdline = talloc_strdup(frame,
argv[i]);
} else {
burnt_cmdline
= talloc_asprintf_append(burnt_cmdline,
" %s",
argv[i]);
}
if (burnt_cmdline == NULL) {
PyErr_NoMemory();
TALLOC_FREE(frame);
return NULL;
}
}
ret = PyUnicode_FromString(burnt_cmdline);
TALLOC_FREE(frame);
return ret;
}
static PyMethodDef py_misc_methods[] = {
{ "generate_random_str", (PyCFunction)py_generate_random_str, METH_VARARGS,
"generate_random_str(len) -> string\n"
......@@ -520,6 +578,8 @@ static PyMethodDef py_misc_methods[] = {
METH_NOARGS, "is Samba built with selftest enabled?" },
{ "ndr_token_max_list_size", (PyCFunction)py_ndr_token_max_list_size,
METH_NOARGS, "How many NDR internal tokens is too many for this build?" },
{ "get_burnt_commandline", (PyCFunction)py_get_burnt_commandline,
METH_VARARGS, "Return a redacted commandline to feed to setproctitle (None if no redaction required)" },
{0}
};
......
......@@ -29,7 +29,7 @@ from samba.credentials import (
MUST_USE_KERBEROS,
)
import sys
from samba._glue import get_burnt_commandline
OptionError = optparse.OptionValueError
......@@ -40,6 +40,25 @@ class SambaOptions(optparse.OptionGroup):
def __init__(self, parser):
from samba import fault_setup
fault_setup()
# This removes passwords from the commandline via
# setproctitle() but makes no change to python sys.argv so we
# can continue to process as normal
#
# get_burnt_commandline returns None if no change is needed
new_proctitle = get_burnt_commandline(sys.argv)
if new_proctitle is not None:
try:
import setproctitle
setproctitle.setproctitle(new_proctitle)
except ModuleNotFoundError:
msg = ("WARNING: Using passwords on command line is insecure. "
"Installing the setproctitle python module will hide "
"these from shortly after program start.\n")
sys.stderr.write(msg)
sys.stderr.flush()
from samba.param import LoadParm
optparse.OptionGroup.__init__(self, parser, "Samba Common Options")
self.add_option("-s", "--configfile", action="callback",
......@@ -203,53 +222,6 @@ class CredentialsOptions(optparse.OptionGroup):
help="DEPRECATED: Migrate to --use-kerberos", callback=self._set_kerberos_legacy)
self.creds = Credentials()
def _ensure_secure_proctitle(self, opt_str, secret_data, data_type="password"):
""" Make sure no sensitive data (e.g. password) resides in proctitle. """
import re
try:
import setproctitle
except ModuleNotFoundError:
msg = ("WARNING: Using %s on command line is insecure. "
"Please install the setproctitle python module.\n"
% data_type)
sys.stderr.write(msg)
sys.stderr.flush()
return False
# Regex to search and replace secret data + option with.
# .*[ ]+ -> Before the option must be one or more spaces.
# [= ] -> The option and the secret data might be separated by space
# or equal sign.
# [ ]*.* -> After the secret data might be one, many or no space.
pass_opt_re_str = "(.*[ ]+)(%s[= ]%s)([ ]*.*)" % (opt_str, secret_data)
pass_opt_re = re.compile(pass_opt_re_str)
# Get current proctitle.
cur_proctitle = setproctitle.getproctitle()
# Make sure we build the correct regex.
if not pass_opt_re.match(cur_proctitle):
msg = ("Unable to hide %s in proctitle. This is most likely "
"a bug!\n" % data_type)
sys.stderr.write(msg)
sys.stderr.flush()
return False
# String to replace secret data with.
secret_data_replacer = "xxx"
# Build string to replace secret data and option with. And as we dont
# want to change anything else than the secret data within the proctitle
# we have to check if the option was passed with space or equal sign as
# separator.
opt_pass_with_eq = "%s=%s" % (opt_str, secret_data)
opt_pass_part = re.sub(pass_opt_re_str, r'\2', cur_proctitle)
if opt_pass_part == opt_pass_with_eq:
replace_str = "%s=%s" % (opt_str, secret_data_replacer)
else:
replace_str = "%s %s" % (opt_str, secret_data_replacer)
# Build new proctitle:
new_proctitle = re.sub(pass_opt_re_str,
r'\1' + replace_str + r'\3',
cur_proctitle)
# Set new proctitle.
setproctitle.setproctitle(new_proctitle)
def _add_option(self, *args1, **kwargs):
if self.special_name is None:
return self.add_option(*args1, **kwargs)
......@@ -269,7 +241,6 @@ class CredentialsOptions(optparse.OptionGroup):
self.creds.set_domain(arg)
def _set_password(self, option, opt_str, arg, parser):
self._ensure_secure_proctitle(opt_str, arg, "password")
self.creds.set_password(arg)
self.ask_for_password = False
self.machine_pass = False
......
......@@ -31,7 +31,7 @@ class TarFile(UnsafeTarFile):
# New in version 3.11.4 (also has been backported)
# https://docs.python.org/3/library/tarfile.html#tarfile.TarFile.extraction_filter
# https://peps.python.org/pep-0706/
extraction_filter = staticmethod(tarfile.data_filter)
extraction_filter = staticmethod(tarfile.tar_filter)
except AttributeError:
def extract(self, member, path="", set_attrs=True, *,
numeric_owner=False):
......
......@@ -100,7 +100,7 @@ class MdfindBlackboxTests(BlackboxTestCase):
config = os.environ["SMB_CONF_PATH"]
json_in = r'''{
"from": 0, "size": 100, "_source": ["path.real"],
"from": 0, "size": 50, "_source": ["path.real"],
"query": {
"query_string": {
"query": "(samba*) AND path.real.fulltext:\"%BASEPATH%\""
......
......@@ -22,13 +22,13 @@
import optparse
import os
from contextlib import contextmanager
from samba.getopt import CredentialsOptions
from samba.getopt import CredentialsOptions, SambaOptions
import samba.tests
import setproctitle
import sys
password_opt = '--password=super_secret_password'
clear_password_opt = '--password=xxx'
clear_password_opt = '--password '
@contextmanager
def auth_fle_opt(auth_file_path, long_opt=True):
......@@ -48,11 +48,17 @@ class CredentialsOptionsTests(samba.tests.TestCase):
def setUp(self):
super(samba.tests.TestCase, self).setUp()
self.old_proctitle = setproctitle.getproctitle()
setproctitle.setproctitle('%s %s' % (self.old_proctitle, password_opt))
sys.argv.append(password_opt)
# We must append two options to get the " " we look for in the
# test after the redacted password
sys.argv.extend([password_opt, "--realm=samba.org"])
def test_clear_proctitle_password(self):
parser = optparse.OptionParser()
# The password burning is on the SambaOptions __init__()
sambaopts = SambaOptions(parser)
parser.add_option_group(sambaopts)
credopts = CredentialsOptions(parser)
parser.add_option_group(credopts)
(opts, args) = parser.parse_args()
......
......@@ -125,7 +125,7 @@ class MdssvcTests(RpcInterfaceTestCase):
def test_mdscli_search(self):
exp_json_query = r'''{
"from": 0, "size": 100, "_source": ["path.real"],
"from": 0, "size": 50, "_source": ["path.real"],
"query": {
"query_string": {
"query": "(samba*) AND path.real.fulltext:\"%BASEPATH%\""
......@@ -157,7 +157,7 @@ class MdssvcTests(RpcInterfaceTestCase):
r'kMDItemFSName=="x\\x"'
)
exp_json_query = r'''{
"from": 0, "size": 100, "_source": ["path.real"],
"from": 0, "size": 50, "_source": ["path.real"],
"query": {
"query_string": {
"query": "(file.filename:x\\+x OR file.filename:x\\*x OR file.filename:x=x OR file.filename:x'x OR file.filename:x\\?x OR file.filename:x\\ x OR file.filename:x\\(x OR file.filename:x\\\"x OR file.filename:x\\\\x) AND path.real.fulltext:\"%BASEPATH%\""
......@@ -166,7 +166,7 @@ class MdssvcTests(RpcInterfaceTestCase):
}'''
fake_json_response = r'''{
"hits" : {
"total" : {"value" : 2},
"total" : {"value" : 9},
"hits" : [
{"_source" : {"path" : {"real" : "%BASEPATH%/x+x"}}},
{"_source" : {"path" : {"real" : "%BASEPATH%/x*x"}}},
......
......@@ -117,6 +117,7 @@ def build(bld):
samba-util
netif
ndr
cmdline
%s
''' % (pyparam_util, pytalloc_util),
realname='samba/_glue.so')
......
......@@ -3030,6 +3030,11 @@ sub provision($$)
msdfs root = yes
msdfs shuffle referrals = yes
guest ok = yes
[msdfs-share-wl]
path = $msdfs_shrdir
msdfs root = yes
wide links = yes
guest ok = yes
[msdfs-share2]
path = $msdfs_shrdir2
msdfs root = yes
......
......@@ -446,6 +446,7 @@ again:
* The retry loop is bound by the timeout
*/
retry = false;
num_requests = 0;
for (i = 0; i < count; i++) {
char server[INET6_ADDRSTRLEN];
......
......@@ -2369,6 +2369,14 @@ static WERROR libnet_join_pre_processing(TALLOC_CTX *mem_ctx,
r->in.admin_account = admin_account;
}
if (r->in.provision_computer_account_only) {
/*
* When in the "provision_computer_account_only" path we do not
* need to have access to secrets.tdb at all - gd
*/
return WERR_OK;
}
if (!secrets_init()) {
libnet_join_set_error_string(mem_ctx, r,
"Unable to open secrets database");
......
......@@ -468,7 +468,15 @@ static int aio_pthread_openat_fn(vfs_handle_struct *handle,
return -1;
}
if (fsp->conn->sconn->client->server_multi_channel_enabled) {
if (fsp->conn->sconn->pool == NULL) {
/*
* a threadpool is required for async support
*/
aio_allow_open = false;
}
if (fsp->conn->sconn->client != NULL &&
fsp->conn->sconn->client->server_multi_channel_enabled) {
/*
* This module is not compatible with multi channel yet.
*/
......
......@@ -106,6 +106,7 @@
struct widelinks_config {
bool active;
bool is_dfs_share;
char *cwd;
};
......@@ -134,7 +135,8 @@ static int widelinks_connect(struct vfs_handle_struct *handle,
DBG_ERR("vfs_widelinks module loaded with "
"widelinks = no\n");
}
config->is_dfs_share =
(lp_host_msdfs() && lp_msdfs_root(SNUM(handle->conn)));
SMB_VFS_HANDLE_SET_DATA(handle,
config,
NULL, /* free_fn */
......@@ -346,7 +348,7 @@ static int widelinks_openat(vfs_handle_struct *handle,
{
struct vfs_open_how how = *_how;
struct widelinks_config *config = NULL;
int ret;
SMB_VFS_HANDLE_GET_DATA(handle,
config,
struct widelinks_config,
......@@ -363,11 +365,33 @@ static int widelinks_openat(vfs_handle_struct *handle,
how.flags = (how.flags & ~O_NOFOLLOW);
}
return SMB_VFS_NEXT_OPENAT(handle,
ret = SMB_VFS_NEXT_OPENAT(handle,
dirfsp,
smb_fname,
fsp,
&how);
if (config->is_dfs_share && ret == -1 && errno == ENOENT) {
struct smb_filename *full_fname = NULL;
int lstat_ret;
full_fname = full_path_from_dirfsp_atname(talloc_tos(),
dirfsp,
smb_fname);
if (full_fname == NULL) {
errno = ENOMEM;
return -1;
}
lstat_ret = SMB_VFS_NEXT_LSTAT(handle,
full_fname);
if (lstat_ret != -1 &&
VALID_STAT(full_fname->st) &&
S_ISLNK(full_fname->st.st_ex_mode)) {
fsp->fsp_name->st = full_fname->st;
}
TALLOC_FREE(full_fname);
errno = ENOENT;
}
return ret;
}
static struct dirent *widelinks_readdir(vfs_handle_struct *handle,
......