summaryrefslogtreecommitdiff
path: root/source4
AgeCommit message (Collapse)AuthorFilesLines
2013-12-05CVE-2013-4408:s4:dcerpc_smb2: check for invalid frag_len in ↵Stefan Metzmacher1-0/+6
send_read_request_continue() Bug: https://bugzilla.samba.org/show_bug.cgi?id=10185 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-12-05CVE-2013-4408:s4:dcerpc_smb: check for invalid frag_len in ↵Stefan Metzmacher1-0/+6
send_read_request_continue() Bug: https://bugzilla.samba.org/show_bug.cgi?id=10185 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-12-05CVE-2013-4408:s4:dcerpc: check for invalid frag_len in ncacn_pull()Stefan Metzmacher1-0/+4
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10185 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-11-22docs: remove duplicate mention of "smbtorture" in smbtorture manpage.Günther Deschner1-4/+0
Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> (cherry picked from commit 6a0b75f901052234f35d4ba596754e7714af7e87)
2013-11-22docs: remove duplicate arguments listing in regdiff manpage.Günther Deschner1-3/+0
Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> (cherry picked from commit e320d57ed6a4d732980656eb01a5f777357f9715)
2013-11-17Imported Upstream version 4.1.1+dfsgupstream/4.1.1+dfsgJelmer Vernooij222-3120/+162891
2013-11-11Imported Upstream version 4.0.11+dfsgupstream/4.0.11+dfsgIvo De Decker4-1/+215
2013-11-11Merge tag 'samba-4.1.1' into v4-1-testKarolin Seeger4-1/+215
samba: tag release samba-4.1.1
2013-11-08CVE-2013-4476: s4:libtls: check for safe permissions of tls private key file ↵Björn Baumbach2-0/+33
(key.pem) If the tls key is not owned by root or has not mode 0600 samba will not start up. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10234 Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Björn Baumbach <bb@sernet.de> Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-11-08CVE-2013-4476: s4:libtls: Create tls private key file (key.pem) with mode 0600Björn Baumbach1-1/+1
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10234 Signed-off-by: Björn Baumbach <bb@sernet.de> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-11-08Add regression test for bug #10229 - No access check verification on stream ↵Jeremy Allison1-0/+181
files. Checks against a file with attribute READONLY, and a security descriptor denying WRITE_DATA access. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: David Disseldorp <ddiss@suse.de> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Mon Nov 4 23:10:10 CET 2013 on sn-devel-104 (cherry picked from commit 65882152cc7ccaba0e7903862b99ca93594ed080) The last two patches address bug #10235 - CVE-2013-4475: No access check verification on stream files. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10235
2013-10-15s4:dsdb/rootdse: report 'dnsHostName' instead of 'dNSHostName'Stefan Metzmacher1-1/+1
The attribute on the RootDSE object is called 'dnsHostName' instead of 'dNSHostName' (which is used in the schema and on all other directory objects). Bug: https://bugzilla.samba.org/show_bug.cgi?id=10193 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit 295b4de7215f3326f9a403973547eb6ed4339f9b) Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org> Autobuild-Date(v4-1-test): Tue Oct 15 11:06:15 CEST 2013 on sn-devel-104
2013-10-15dsdb/tests/ldap: fix test_ldapServiceName against w2k8r2Stefan Metzmacher1-4/+8
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10193 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit ca173923a3937a9ed08f71bfd4ba177a6aeeaeba)
2013-10-09Imported Upstream version 4.0.10+dfsgupstream/4.0.10+dfsgIvo De Decker10-23/+118
2013-09-27dsdb: Convert the full string from UTF16 to UTF8, including embedded NULLsAndrew Bartlett1-1/+1
Bug: https://bugzilla.samba.org/show_bug.cgi?id=8077 Note that this doesn't fix the userParameters problem completely, but it doesn't truncate the userParameters value anymore. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Thu Sep 26 22:05:12 CEST 2013 on sn-devel-104 (cherry picked from commit 89200c227f36a063612eb38927ac8dee18e044d5) Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org> Autobuild-Date(v4-1-test): Fri Sep 27 11:28:09 CEST 2013 on sn-devel-104
2013-09-27pydsdb: Raise a more useful exception when dsdb_wellknown_dn fails.Andrew Bartlett1-0/+5
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> (cherry picked from commit d787f7af4979ed80aad07db928d1ae84eaaef35a)
2013-09-27pydsdb: Give KeyError when we fail a schema lookup in pythonAndrew Bartlett1-8/+8
This allows sensible exception handling. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> (cherry picked from commit 51101b310adedb4eeb4c4382e631594ffa679ff2)
2013-09-27selftest: Add release-4-1-0rc3 saved provisionAndrew Bartlett32-0/+155536
This version has the regression where we would, on join, write an all-zero invocationID in the replPropertyMetaData attribute, on Deleted Objects in particular. To demonstrate this regression, this is based on the promoted_dc environment from make test, with the domain altered to match the pattern used in these trees. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> (cherry picked from commit 038a9a7c5ec964e5b42e1329eab0573e50a9d3b0)
2013-09-27selftest: Add script to assist in writing out a tree undump.sh can restoreAndrew Bartlett1-0/+48
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> (cherry picked from commit 9b8e174fe8cac61cfcfa1c76e8cab2450e4a0af5)
2013-09-27dsdb: Refuse to replicate an all-zero invocationID GUID in replPropertyMetaDataAndrew Bartlett1-0/+9
This matches Windows 2008R2. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> (cherry picked from commit 25d4bafca7245e3f8291e5f0f304b1b4f8ce5600)
2013-09-27Remove NEWS file containing confusing informationAndrew Bartlett1-496/+0
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> (cherry picked from commit 334d83e4e7821b3f2ac54ef11f67aefaa564b00b)
2013-09-27Remove confusing TODO fileAndrew Bartlett1-276/+0
This makes no sense in the merged tree, and only confuses users. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> (cherry picked from commit 8d9986a6e9cb8c633c57c84c4d6aefd21e181c40)
2013-09-27dsdb: Use WERR_DS_ATT_NOT_DEF_IN_SCHEMA for failed schema lookupsAndrew Bartlett1-28/+28
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> (cherry picked from commit 53c06d03a880319cf67a99250958cce16147f181)
2013-09-27dsdb-repl_meta_data: Make handling of Deleted Objects DN clearer in deleteAndrew Bartlett1-5/+10
This code no longer needs to handle not renaming Deleted Objects during a re-delete, because it is no longer called in that case. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit aa07b5caf9ac13fc517c4c9d21f16ebff5415544)
2013-09-27dsdb-repl_meta_data: Do not re-delete the Deleted Objects DN during replicationAndrew Bartlett1-3/+5
We need to ensure we do not re-delete the Deleted Objects DN during replication. It itself not entirely a deleted object, but has isDeleted set. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit c42db8975f8f84ce576c97ad95ca59ba5170d596)
2013-09-27dsdb: Refuse to return an all-zero invocationIDAndrew Bartlett1-0/+8
This could cause an all-zero GUID to be entered into the replPropertyMetaData, which will then fail to be replicated to other DCs. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit 4022d8632cc092f4f43fae69cc3cfb58d0d000dd)
2013-09-27dsdb-repl_meta_data: Check for a NULL invocationID and do not proceedAndrew Bartlett1-0/+4
This can happen if we do not find the invocationID, with later patches. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit 40f99625ee4447aa36c0fa5631ffa13b7003569f)
2013-09-27python/drs: Ensure to pass in the local invocationID during the domain joinAndrew Bartlett3-4/+20
This ensures (and asserts) that we never write an all-zero GUID as an invocationID to the database in replPropertyMetaData. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit a623359fb8a54083b81436d14b7ba022c11efb18)
2013-09-20libcli: continue to read from the socket even if the size is 0Matthieu Patou1-1/+1
This is an issue found by Codenomicon, with a malicious packet with 0 bytes UDP payload we will continiously be looping trying to react from the socket event and continiously do nothing as we will bail out thinking that we had a memory allocation error. Original fix comes from Volker Lendecke <vl@samba.org> Signed-off-by: Matthieu Patou <mat@matws.net> Fix bug #10158 - netbios related samba process consume 100% CPU.
2013-09-06torture: Ensure that GSSAPI and SPNEGO packets are accepted by dlz_bind9Andrew Bartlett3-1/+80
This exercises some more of the dlz_bind9 code outside BIND, by sending in a ticket to be access checked, wrapped either in SPNEGO or just in GSSAPI. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed Sep 4 11:25:10 CEST 2013 on sn-devel-104 (cherry picked from commit 38e43961c01f6f491b069e7106fe2a2ec80bd840) The last 6 patches address bug #9091 - When replicating DNS for bind9_dlz we need to create the server-DNS account remotely.
2013-09-06selftest: Add a basic test of samba_upgradednsAndrew Bartlett1-0/+1
This does not check that the command runs correctly, but does at least check that the command runs to completion without errors. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit 16b26eafa75280e576333975cff5dd1505c118fa)
2013-09-06scripting/samba_upgradedns: Tighten up exception and attribute list handlingAndrew Bartlett1-9/+10
This avoids asking for attributes that will not be used, and looks only for the expected exceptions, rather than all exceptions. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit d19c437a36b26e71c24bc25e672d714e21ba50bd)
2013-09-06scripting/join.py: Handle creating the dns-NAME account during a DC joinAndrew Bartlett2-2/+11
This will ensure that the DLZ plugin works out of the box when joining a second Samba DC to the domain. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit b106d9090e8f8f44f02059d2ced3d10066787060)
2013-09-02s4:samba_upgradedns: don't pass linklocal=False to interface_ips_v6()Stefan Metzmacher1-1/+1
This is the default... Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Bjoern Jacke <bj@sernet.de> (cherry picked from commit 9edc0276c742194ec381c266acedf3216ccf1c69)
2013-08-30libcli/smb: pass max_dyn_len to smb2cli_req_send()Stefan Metzmacher1-3/+6
This way we can calculate the correct credit charge for requests with large output buffers. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> (cherry picked from commit 44b53937d59842a63e2cbfa92219f4f519530b0a)
2013-08-20Imported Upstream version 4.0.9+dfsgupstream/4.0.9+dfsgIvo De Decker13-31/+293
2013-08-20waf: replace dependency to libintl with samba_intlChristian Ambach1-2/+2
Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Christian Ambach <ambi@samba.org> Autobuild-Date(master): Mon Aug 12 00:46:34 CEST 2013 on sn-devel-104 (cherry picked from commit 20b64eae75b8809d67b8c2824616996bb4722612) The last 5 patches address bug #9911 - Build Samba 4.0.x on AIX with IBM XL C/C++.
2013-08-20waf: consolidate libintl related checksChristian Ambach1-3/+1
consolidate the dealing with functions from libintl and the handling of checking if libiconv is required or not to a common place in lib/replace also add a new samba_intl subsystem that has dependencies on the appropriate set of libraries (libintl, libintl+libiconv or none) that can be used as a general dependency by code that depends on the internationalization libraries Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit 07b3a048724a6b41282e1f673aea5ce2c1202a5e)
2013-08-11Imported Upstream version 4.0.8+dfsgupstream/4.0.8+dfsgIvo De Decker1-2/+5
2013-08-07Add torture tests to raw.eas to check sending Windows invalid names in the ↵Jeremy Allison1-0/+114
middle of an EA list. Add torture tests to probe the set of invalid Windows EA names. Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing ":" Signed-off-by: Jeremy Allison <jra@samba.org>
2013-08-05s4:server: avoid calling into nss_winbind from within 'samba'Stefan Metzmacher1-0/+7
The most important part is that the 'winbind_server' doesn't recurse into itself. This could happen if the krb5 libraries call getlogin(). As we may run in single process mode, we need to set _NO_WINBINDD=1 everywhere, the only exception is the forked 'smbd'. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed Jul 10 23:18:06 CEST 2013 on sn-devel-104 (cherry picked from commit 596b51c666e549fb518d92931d8837922154a2fe) The last 4 patches address bug #9820 - crash of winbind after "ls -l /usr/local/samba/var/locks/sysvol".
2013-08-05s4:rpc_server: make sure we don't terminate a connection with pending ↵Stefan Metzmacher2-3/+60
requests (bug #9820) Sadly we may have nested event loops, which won't work correctly with broken connections, that's why we have to do this... Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed Jul 10 08:47:38 CEST 2013 on sn-devel-104 (cherry picked from commit e6a58d370403e818bc2cfb8389751b78adcc14fd)
2013-08-05s4-winbindd: Do not terminate a connection that is still pending (bug #9820)Andrew Bartlett3-2/+64
Instead, wait until the call attempts to reply, and let it terminate then (often this happens in the attempt to then write to the broken pipe). Andrew Bartlett Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit 2505d48e4fbcd8a805a88ad0b05fb1a16a588197)
2013-08-05service_stream: Log if the connection termination is deferred or not (bug #9820)Andrew Bartlett1-1/+5
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit df929d6feb857668ad9da277213e9fae1480ff63)
2013-08-05dsdb: Include MS-ADTS doc references on deleted object contstraintsAndrew Bartlett1-0/+16
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit f2afdb61698c37389be286f9443471d4aeba49b8)
2013-08-05dsdb tests: Add member/memberOf checking to delete_objects testingAndrew Bartlett1-21/+257
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit a9e565a5a4478f7b923f35311e170de2044ff848)
2013-08-05dsdb: Improve DRS deleted link source/target handing in repl_meta_dataAndrew Bartlett1-8/+97
We now correctly ignore the link updates if the source or target is deleted locally. This fixes the long-standing failure in the vampire_dc dbcheck test. Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit 0162be32ab4f9716a4300d1f1a0caae8b0133f7c)
2013-08-05dsdb: Ensure we always force deleted objects back under the deleted objects DNAndrew Bartlett1-26/+65
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit 32955a1dec3a97ab4550869dbeb5034247f3b1bc) The last 12 patches address bug #10056 - dsdb improvements from 4.1.
2013-08-05dsdb/repl_meta_data: split out replmd_deletion_state()Stefan Metzmacher1-31/+71
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit a796cad90f1028ccc54a3539e34dc0728b990a96)
2013-08-05dsdb: Prune deleted objects of links and extra attributes of replicated deletesAndrew Bartlett1-71/+199
When an object is deleted, the links to be removed are not propogated, you have to watch out for them manually! We do this by calling back into the originating update delete code (ie what is called if you ldb_delete() locally) so that any extra attribute found locally and not on the remote server becomes removed remotely too. We currently do the same with links, but that isn't strictly correct, but for now our getNCChanges server code filters these out, so only the usn is bumped. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit d3aad891c5759f66bd891cb47866d908a0562a8a)