Karolin Seeger
2018-04-17 07:44:15 UTC
The branch, v4-7-stable has been updated
via 19a46b0 WHATSNEW: Add release notes for Samba 4.7.7.
via 5a2066f torture: Test compound request request counters
via bb15458 s3:smb2_server: correctly maintain request counters for compound requests
via 686b2ba winbindd: Do not ignore domain in the LOOKUPNAME request
via 81c3e2d Add test for wbinfo name lookup
via ccbdb3c nsswitch: Fix wbcListGroups test
via af5d75d nsswitch: Fix wbcListUsers test
via 705b1fa test_smbclient_s3.sh: Use correct separator in "list with backup privilege" test
via d7f84b6 s3: smbd: Unix extensions attempts to change wrong field in fchown call.
via 00428e8 s3: smbd: Fix memory leak in vfswrap_getwd()
via d217375 s3: lib: messages: Don't use the result of sec_init() before calling sec_init().
via c62c1c9 dsdb: Fix CID 1034966 Uninitialized scalar variable
via 119c28b s3:smbd: don't use the directory cache for SMB2/3
via 4de5e3b ctdb-scripts: Drop "net serverid wipe" from 50.samba event script
via 8ac2ffa s4: torture: Test all combinations of directory open with existing directory to ensure behavior is the same.
via 2500fe7 s4: torture: Test all combinations of directory create to ensure behavior is the same.
via ada7126 s4: torture: Test all combinations of file open with existing file to ensure behavior is the same.
via 1d8c67f s4: torture: Test all combinations of file create to ensure behavior is the same.
via 052ca44 s4: torture: Ensure a failed file create doesn't create the file.
via bd2c850 s3: smbd: Files or directories can't be opened DELETE_ON_CLOSE without delete access.
via 9f2bae3 Allow AESNI to be used on all processor supporting AESNI, not just Intel's This improves performance/reduced CPU usage. Tests performed: - Ran on Ivy Bridge and Ryzen and verified that AESNI is detected (crypto tests) - Ran on Ryzen, and observed 50% increased speed.
via b44b079 smbc_opendir should not return EEXIST with invalid login credentials
via 214291f s3: docs: Add documentation for "smb2" and "smb2_credits" debug classes.
via 2546926 s3: smbd: SMB2: Add DBGC_SMB2_CREDITS class to specifically debug credit issues.
via 465f3a3 lib: debug: Add DBGC_XXX versions of the macros to allow class-specific messages.
via 8bfe55e s3: debug: smb2: Create a new DBGC_SMB2 debug class and mark all smbd/smb2_*.c files with it.
via fe02c78 s3:smbd: map nterror on smb2_flush errorpath
via 62388a0 s3: smbd: Fruit. Make the use of dom_sid_compare_domain() much clearer.
via 8b9e15b s4: vfs: fruit tests: Add regression test for dealing with NFS ACE entries.
via 8df51e5 selftest: vfs.fruit: add xattr_tdb where possible
via bb8bbed selftest: run vfs.fruit_netatalk test against seperate share
via 3893417 s3: smbd: vfs_fruit: Replace code in fruit_fget_nt_acl() with remove_virtual_nfs_aces().
via 85553b7 s3: smbd: vfs_fruit: Replace code in check_ms_nfs() with remove_virtual_nfs_aces().
via bf3e904 s3: smbd: vfs_fruit: Add remove_virtual_nfs_aces() a generic NFS ACE remover.
via db293b8 s3: vfs_fruit. Change check_ms_nfs() to remove the virtual ACE's generated by fruit_fget_nt_acl().
via a37fad5 s3: vfs_fruit. If the security descriptor was modified, ensure we set the flags correctly to reflect the ACE's left.
via 9b5d24d s3: vfs_fruit: Ensure we operate on a copy of the incoming security descriptor.
via 15391e3 s3: vfs_fruit. Ensure we only return one set of the 'virtual' UNIX ACE entries.
via ea6c0ae vfs_glusterfs: Fix the wrong pointer being sent in glfs_fsync_async
via 6d4906c s3: smbd: Fix possible directory fd leak if the underlying OS doesn't support fdopendir()
via 520672e s3: ldap: Ensure the ADS_STRUCT pointer doesn't get freed on error, we don't own it here.
via 7a49112 s4:auth_sam: allow logons with an empty domain name
via 7ea5588 tests/bind.py: Add a bind test with NTLMSSP with no domain
via 35c8220 tests/py_creds: Add a SamLogonEx test with an empty string domain
via 04cc893 s3:cliconnect.c: remove useless ';'
via 4c087a0 s3:libsmb: allow -U"\administrator" to work
via 6c1dde6 s3:auth: make use of make_{server,session}_info_anonymous()
via 47b1336 s3:rpc_server: make use of make_session_info_anonymous()
via 8f69498 s3:auth: add make_{server,session}_info_anonymous()
via c3fdc61 s3:auth: pass the whole auth_session_info from copy_session_info_serverinfo_guest() to create_local_token()
via 1902652 s3:auth: base make_new_session_info_system() on auth_system_user_info_dc() and auth3_create_session_info()
via b8c518d s3:auth: add auth3_user_info_dc_add_hints() and auth3_session_info_create()
via 104de61 auth: add auth_user_info_copy() function
via 8b5253e s3:auth: remove static from finalize_local_nt_token()
via 627a86b s3:auth: pass AUTH_SESSION_INFO_* flags to finalize_local_nt_token()
via ecee945 s3:auth: don't try to expand system or anonymous tokens in finalize_local_nt_token()
via 7687d26 s3:auth: add add_builtin_guests() handling to finalize_local_nt_token()
via e0e4aa1 s3:auth: only call secrets_fetch_domain_sid() once in finalize_local_nt_token()
via c1f61c0 s3:passdb: handle dom_sid=NULL in create_builtin_{users,administrators}()
via 85097b1 s3:auth: move add_local_groups() out of finalize_local_nt_token()
via 1258f28 s3:auth: add the "Unix Groups" sid for the primary gid
via b991dca s3:auth: remove unused auth_serversupplied_info->system
via ff7a8e4 libcli/security: only announce a session as GUEST if 'Builtin\Guests' is there without 'Authenticated User'
via e39a5bd s3:selftest: run SMB2-ANONYMOUS
via 23d1850 s3:torture: add SMB2-ANONYMOUS which asserts no GUEST bit for anonymous
via 17977a9 Merge tag 'samba-4.7.6' into v4-7-test
via cc04ea1 VERSION: Bump version up to 4.7.7.
via 2f57b6d VERSION: Disable GIT_SNAPSHOT for the 4.7.6 release.
via f17ddb9 WHATSNEW: Add release notes for Samba 4.7.6.
via 49b49f1 CVE-2018-1057: s4:dsdb/acl: changing dBCSPwd is only allowed with a control
via 7d8de68 CVE-2018-1057: s4:dsdb: use DSDB_CONTROL_PASSWORD_ACL_VALIDATION_OID
via f797e86 CVE-2018-1057: s4:dsdb/samdb: define DSDB_CONTROL_PASSWORD_ACL_VALIDATION_OID control
via c5a663f CVE-2018-1057: s4:dsdb/acl: run password checking only once
via 7cc3749 CVE-2018-1057: s4/dsdb: correctly detect password resets
via a192242 CVE-2018-1057: s4:dsdb/acl: add a NULL check for talloc_new() in acl_check_password_rights()
via fd1817c CVE-2018-1057: s4:dsdb/acl: add check for DSDB_CONTROL_PASSWORD_HASH_VALUES_OID control
via 0820307 CVE-2018-1057: s4:dsdb/acl: check for internal controls before other checks
via 0bb68f5 CVE-2018-1057: s4:dsdb/acl: remove unused else branches in acl_check_password_rights()
via b3746a4 CVE-2018-1057: s4:dsdb/acl: only call dsdb_acl_debug() if we checked the acl in acl_check_password_rights()
via 7ee55ea CVE-2018-1057: s4:dsdb/password_hash: add a helper variable for passwordAttr->num_values
via 43a5d96 CVE-2018-1057: s4:dsdb/password_hash: add a helper variable for LDB_FLAG_MOD_TYPE
via d15b66c CVE-2018-1057: s4:dsdb/tests: add a test for password change with empty delete
via b59ca4d CVE-2018-1050: s3: RPC: spoolss server. Protect against null pointer derefs.
via af47cdb s3:smbd: Do not crash if we fail to init the session table
via 1efaec6 libsmb: Use smb2 tcon if conn_protocol >= SMB2_02
via e8a69b9 torture: Add test for channel sequence number handling
via 164b38c smbXcli: Add "force_channel_sequence"
via f2d311e smbd: Fix channel sequence number checks for long-running requests
via d5c0ad6 smbd: Remove a "!" from an if-condition for easier readability
via caca68c torture4: Fix typos
via 09200da smbd: Fix a typo
via b276495 build: fix libceph-common detection
via 4978ee1 subnet: Avoid a segfault when renaming subnet objects
via 1fa65b4 build: fix ceph_statx check when configured with libcephfs_dir
via 5c782d5 VERSION: Bump version up to 4.7.6...
from 5cfa947 VERSION: Disable GIT_SNAPSHOT for the 4.7.6 release.
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-7-stable
- Log -----------------------------------------------------------------
-----------------------------------------------------------------------
Summary of changes:
VERSION | 2 +-
WHATSNEW.txt | 109 ++-
auth/auth_sam_reply.c | 35 +
auth/auth_sam_reply.h | 3 +
auth/credentials/tests/bind.py | 26 +-
ctdb/config/events.d/50.samba | 2 -
docs-xml/smbdotconf/logging/loglevel.xml | 2 +
.../smbdotconf/misc/directorynamecachesize.xml | 5 +-
lib/crypto/aes.c | 16 -
lib/util/debug.c | 2 +
lib/util/debug.h | 32 +
libcli/security/session.c | 18 +-
libcli/smb/smbXcli_base.c | 15 +-
libcli/smb/smbXcli_base.h | 4 +
nsswitch/libwbclient/tests/wbclient.c | 66 +-
nsswitch/tests/test_wbinfo_name_lookup.sh | 40 +
python/samba/subnets.py | 33 +
python/samba/tests/py_credentials.py | 27 +
selftest/target/Samba3.pm | 18 +-
source3/auth/auth_builtin.c | 2 +-
source3/auth/auth_ntlmssp.c | 5 +-
source3/auth/auth_util.c | 852 ++++++++++++++++++---
source3/auth/proto.h | 38 +
source3/auth/token_util.c | 251 ++++--
source3/include/auth.h | 6 +-
source3/lib/messages.c | 9 +-
source3/libads/ldap_utils.c | 9 +
source3/librpc/idl/smbXsrv.idl | 3 +-
source3/libsmb/cliconnect.c | 9 +-
source3/libsmb/clientgen.c | 2 +-
source3/libsmb/libsmb_server.c | 4 +-
source3/modules/vfs_default.c | 9 +-
source3/modules/vfs_fruit.c | 93 ++-
source3/modules/vfs_glusterfs.c | 2 +-
source3/passdb/pdb_util.c | 10 +-
source3/rpc_server/rpc_server.c | 9 +-
source3/script/tests/test_smbclient_s3.sh | 10 +-
source3/selftest/tests.py | 7 +-
source3/smbd/dir.c | 32 +-
source3/smbd/globals.h | 1 +
source3/smbd/negprot.c | 23 +-
source3/smbd/open.c | 12 +
source3/smbd/smb2_break.c | 3 +
source3/smbd/smb2_close.c | 3 +
source3/smbd/smb2_create.c | 3 +
source3/smbd/smb2_flush.c | 5 +-
source3/smbd/smb2_getinfo.c | 3 +
source3/smbd/smb2_glue.c | 3 +
source3/smbd/smb2_ioctl.c | 3 +
source3/smbd/smb2_ioctl_dfs.c | 3 +
source3/smbd/smb2_ioctl_filesys.c | 3 +
source3/smbd/smb2_ioctl_named_pipe.c | 3 +
source3/smbd/smb2_ioctl_network_fs.c | 3 +
source3/smbd/smb2_keepalive.c | 3 +
source3/smbd/smb2_lock.c | 3 +
source3/smbd/smb2_negprot.c | 3 +
source3/smbd/smb2_notify.c | 3 +
source3/smbd/smb2_query_directory.c | 12 +-
source3/smbd/smb2_read.c | 3 +
source3/smbd/smb2_server.c | 84 +-
source3/smbd/smb2_sesssetup.c | 3 +
source3/smbd/smb2_setinfo.c | 3 +
source3/smbd/smb2_tcon.c | 3 +
source3/smbd/smb2_write.c | 3 +
source3/smbd/trans2.c | 4 +-
source3/torture/proto.h | 1 +
source3/torture/test_smb2.c | 42 +
source3/torture/torture.c | 1 +
source3/winbindd/winbindd_lookupname.c | 33 +-
source3/wscript | 11 +-
source4/auth/ntlm/auth_sam.c | 16 +-
source4/dsdb/samdb/ldb_modules/samldb.c | 9 +-
source4/dsdb/tests/python/sites.py | 45 ++
source4/torture/basic/delete.c | 257 ++++++-
source4/torture/smb2/compound.c | 77 ++
source4/torture/smb2/replay.c | 117 ++-
source4/torture/vfs/fruit.c | 171 +++++
77 files changed, 2489 insertions(+), 306 deletions(-)
create mode 100755 nsswitch/tests/test_wbinfo_name_lookup.sh
Changeset truncated at 500 lines:
diff --git a/VERSION b/VERSION
index 57dfd64..f9f4813 100644
--- a/VERSION
+++ b/VERSION
@@ -25,7 +25,7 @@
########################################################
SAMBA_VERSION_MAJOR=4
SAMBA_VERSION_MINOR=7
-SAMBA_VERSION_RELEASE=6
+SAMBA_VERSION_RELEASE=7
########################################################
# If a official release has a serious bug #
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 021f2e7..3eea285 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,4 +1,109 @@
=============================
+ Release Notes for Samba 4.7.7
+ April 12, 2018
+ =============================
+
+
+This is the latest stable release of the Samba 4.7 release series.
+
+
+Changes since 4.7.6:
+--------------------
+
+o Jeremy Allison <***@samba.org>
+ * BUG 13206: s4:auth_sam: Allow logons with an empty domain name.
+ * BUG 13244: s3: ldap: Ensure the ADS_STRUCT pointer doesn't get freed on
+ error, we don't own it here.
+ * BUG 13270: s3: smbd: Fix possible directory fd leak if the underlying
+ OS doesn't support fdopendir().
+ * BUG 13319: Round-tripping ACL get/set through vfs_fruit will increase
+ the number of ACE entries without limit.
+ * BUG 13347: s3: smbd: SMB2: Add DBGC_SMB2_CREDITS class to specifically
+ debug credit issues.
+ * BUG 13358: s3: smbd: Files or directories can't be opened DELETE_ON_CLOSE
+ without delete access.
+ * BUG 13372: s3: smbd: Fix memory leak in vfswrap_getwd().
+ * BUG 13375: s3: smbd: Unix extensions attempts to change wrong field
+ in fchown call.
+
+o Ralph Boehme <***@samba.org>
+ * BUG 13363: s3:smbd: Don't use the directory cache for SMB2/3.
+
+o Günther Deschner <***@samba.org>
+ * BUG 13277: build: Fix libceph-common detection.
+
+o David Disseldorp <***@suse.de>
+ * BUG 13250: build: Fix ceph_statx check when configured with libcephfs_dir.
+
+o Poornima G <***@redhat.com>
+ * BUG 13297: vfs_glusterfs: Fix the wrong pointer being sent in
+ glfs_fsync_async.
+
+o Amitay Isaacs <***@gmail.com>
+ * BUG 13359: ctdb-scripts: Drop 'net serverid wipe' from 50.samba event
+ script.
+
+o Lutz Justen <***@google.com>
+ * BUG 13368: s3: lib: messages: Don't use the result of sec_init() before
+ calling sec_init().
+
+o Volker Lendecke <***@samba.org>
+ * BUG 13215: smbd can panic if the client-supplied channel sequence number
+ wraps.
+ * BUG 13367: dsdb: Fix CID 1034966 Uninitialized scalar variable.
+
+o Stefan Metzmacher <***@samba.org>
+ * BUG 13206: s3:libsmb: Allow -U"\\administrator" to work.
+ * BUG 13328: Windows 10 cannot logon on Samba NT4 domain.
+
+o David Mulder <***@suse.com>
+ * BUG 13050: smbc_opendir should not return EEXIST with invalid login
+ credentials.
+
+o Anton Nefedov
+ * BUG 13338: s3:smbd: map nterror on smb2_flush errorpath.
+
+o Dan Robertson <***@tripwire.com>
+ * BUG 13310: libsmb: Use smb2 tcon if conn_protocol >= SMB2_02.
+
+o Garming Sam <***@catalyst.net.nz>
+ * BUG 13031: subnet: Avoid a segfault when renaming subnet objects.
+
+o Christof Schmitt <***@samba.org>
+ * BUG 13312: 'wbinfo --name-to-sid' returns misleading result on invalid
+ query.
+
+o Andreas Schneider <***@samba.org>
+ * BUG 13315: s3:smbd: Do not crash if we fail to init the session table.
+
+o Eric Vannier <***@google.com>
+ * BUG 13302: Allow AESNI to be used on all processor supporting AESNI.
+
+
+#######################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the "Samba 4.1 and newer" product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+Release notes for older releases follow:
+----------------------------------------
+
+ =============================
Release Notes for Samba 4.7.6
March 13, 2018
=============================
@@ -71,8 +176,8 @@ database (https://bugzilla.samba.org/).
======================================================================
-Release notes for older releases follow:
-----------------------------------------
+----------------------------------------------------------------------
+
=============================
Release Notes for Samba 4.7.5
diff --git a/auth/auth_sam_reply.c b/auth/auth_sam_reply.c
index 15d17b0..bd69515 100644
--- a/auth/auth_sam_reply.c
+++ b/auth/auth_sam_reply.c
@@ -333,6 +333,41 @@ NTSTATUS make_user_info_SamBaseInfo(TALLOC_CTX *mem_ctx,
return NT_STATUS_OK;
}
+struct auth_user_info *auth_user_info_copy(TALLOC_CTX *mem_ctx,
+ const struct auth_user_info *src)
+{
+ struct auth_user_info *dst = NULL;
+
+ dst = talloc_zero(mem_ctx, struct auth_user_info);
+ if (dst == NULL) {
+ return NULL;
+ }
+
+ *dst = *src;
+#define _COPY_STRING(_mem, _str) do { \
+ if ((_str) != NULL) { \
+ (_str) = talloc_strdup((_mem), (_str)); \
+ if ((_str) == NULL) { \
+ TALLOC_FREE(dst); \
+ return NULL; \
+ } \
+ } \
+} while(0)
+ _COPY_STRING(dst, dst->account_name);
+ _COPY_STRING(dst, dst->user_principal_name);
+ _COPY_STRING(dst, dst->domain_name);
+ _COPY_STRING(dst, dst->dns_domain_name);
+ _COPY_STRING(dst, dst->full_name);
+ _COPY_STRING(dst, dst->logon_script);
+ _COPY_STRING(dst, dst->profile_path);
+ _COPY_STRING(dst, dst->home_directory);
+ _COPY_STRING(dst, dst->home_drive);
+ _COPY_STRING(dst, dst->logon_server);
+#undef _COPY_STRING
+
+ return dst;
+}
+
/**
* Make a user_info_dc struct from the info3 returned by a domain logon
*/
diff --git a/auth/auth_sam_reply.h b/auth/auth_sam_reply.h
index 4aa3096..e4b26e9 100644
--- a/auth/auth_sam_reply.h
+++ b/auth/auth_sam_reply.h
@@ -38,6 +38,9 @@ NTSTATUS make_user_info_SamBaseInfo(TALLOC_CTX *mem_ctx,
bool authenticated,
struct auth_user_info **_user_info);
+struct auth_user_info *auth_user_info_copy(TALLOC_CTX *mem_ctx,
+ const struct auth_user_info *src);
+
NTSTATUS auth_convert_user_info_dc_saminfo6(TALLOC_CTX *mem_ctx,
const struct auth_user_info_dc *user_info_dc,
struct netr_SamInfo6 **_sam6);
diff --git a/auth/credentials/tests/bind.py b/auth/credentials/tests/bind.py
index 91e493d..4aa4498 100755
--- a/auth/credentials/tests/bind.py
+++ b/auth/credentials/tests/bind.py
@@ -43,6 +43,7 @@ creds_machine = copy.deepcopy(creds)
creds_user1 = copy.deepcopy(creds)
creds_user2 = copy.deepcopy(creds)
creds_user3 = copy.deepcopy(creds)
+creds_user4 = copy.deepcopy(creds)
class BindTests(samba.tests.TestCase):
@@ -64,7 +65,7 @@ class BindTests(samba.tests.TestCase):
self.config_dn = self.info_dc["configurationNamingContext"][0]
self.computer_dn = "CN=centos53,CN=Computers,%s" % self.domain_dn
self.password = "***@ssw0rd"
- self.username = "BindTestUser_" + time.strftime("%s", time.gmtime())
+ self.username = "BindTestUser"
def tearDown(self):
super(BindTests, self).tearDown()
@@ -113,6 +114,7 @@ unicodePwd:: """ + base64.b64encode("\"***@ssw0rd\"".encode('utf-16-le')) + """
expression="(samAccountName=%s)" % self.username)
self.assertEquals(len(ldb_res), 1)
user_dn = ldb_res[0]["dn"]
+ self.addCleanup(delete_force, self.ldb, user_dn)
# do a simple bind and search with the user account in format ***@realm
creds_user1.set_bind_dn(self.username + "@" + creds.get_realm())
@@ -138,5 +140,27 @@ unicodePwd:: """ + base64.b64encode("\"***@ssw0rd\"".encode('utf-16-le')) + """
lp=lp, ldap_only=True)
res = ldb_user3.search(base="", expression="", scope=SCOPE_BASE, attrs=["*"])
+ def test_user_account_bind_no_domain(self):
+ # create user
+ self.ldb.newuser(username=self.username, password=self.password)
+ ldb_res = self.ldb.search(base=self.domain_dn,
+ scope=SCOPE_SUBTREE,
+ expression="(samAccountName=%s)" % self.username)
+ self.assertEquals(len(ldb_res), 1)
+ user_dn = ldb_res[0]["dn"]
+ self.addCleanup(delete_force, self.ldb, user_dn)
+
+ creds_user4.set_username(self.username)
+ creds_user4.set_password(self.password)
+ creds_user4.set_domain('')
+ creds_user4.set_workstation('')
+ print "BindTest (no domain) with: " + self.username
+ try:
+ ldb_user4 = samba.tests.connect_samdb(host, credentials=creds_user4,
+ lp=lp, ldap_only=True)
+ except:
+ self.fail("Failed to connect without the domain set")
+
+ res = ldb_user4.search(base="", expression="", scope=SCOPE_BASE, attrs=["*"])
TestProgram(module=__name__, opts=subunitopts)
diff --git a/ctdb/config/events.d/50.samba b/ctdb/config/events.d/50.samba
index 4c32e4e..f0d8e84 100755
--- a/ctdb/config/events.d/50.samba
+++ b/ctdb/config/events.d/50.samba
@@ -53,8 +53,6 @@ service_start ()
# start Samba service. Start it reniced, as under very heavy load
# the number of smbd processes will mean that it leaves few cycles
# for anything else
- net serverid wipe
-
if [ -n "$CTDB_SERVICE_NMB" ] ; then
nice_service "$CTDB_SERVICE_NMB" start || die "Failed to start nmbd"
fi
diff --git a/docs-xml/smbdotconf/logging/loglevel.xml b/docs-xml/smbdotconf/logging/loglevel.xml
index 1a3767d..d3b5c45 100644
--- a/docs-xml/smbdotconf/logging/loglevel.xml
+++ b/docs-xml/smbdotconf/logging/loglevel.xml
@@ -22,6 +22,8 @@
<listitem><para><parameter moreinfo="none">printdrivers</parameter></para></listitem>
<listitem><para><parameter moreinfo="none">lanman</parameter></para></listitem>
<listitem><para><parameter moreinfo="none">smb</parameter></para></listitem>
+ <listitem><para><parameter moreinfo="none">smb2</parameter></para></listitem>
+ <listitem><para><parameter moreinfo="none">smb2_credits</parameter></para></listitem>
<listitem><para><parameter moreinfo="none">rpc_parse</parameter></para></listitem>
<listitem><para><parameter moreinfo="none">rpc_srv</parameter></para></listitem>
<listitem><para><parameter moreinfo="none">rpc_cli</parameter></para></listitem>
diff --git a/docs-xml/smbdotconf/misc/directorynamecachesize.xml b/docs-xml/smbdotconf/misc/directorynamecachesize.xml
index 7a89bf2..22999a6 100644
--- a/docs-xml/smbdotconf/misc/directorynamecachesize.xml
+++ b/docs-xml/smbdotconf/misc/directorynamecachesize.xml
@@ -4,8 +4,9 @@
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>
- This parameter specifies the size of the directory name cache.
- It will be needed to turn this off for *BSD systems.
+ This parameter specifies the size of the directory name cache for SMB1
+ connections. It is not used for SMB2. It will be needed to turn this off
+ for *BSD systems.
</para>
</description>
diff --git a/lib/crypto/aes.c b/lib/crypto/aes.c
index c226ac1..d16d715 100644
--- a/lib/crypto/aes.c
+++ b/lib/crypto/aes.c
@@ -66,22 +66,6 @@ static bool has_intel_aes_instructions(void)
return (bool)has_aes_instructions;
}
- __cpuid(cpuid_results, 0);
- /*
- * MSB LSB
- * EBX = 'u' 'n' 'e' 'G'
- * EDX = 'I' 'e' 'n' 'i'
- * ECX = 'l' 'e' 't' 'n'
- */
- if (memcmp((unsigned char *)&cpuid_results[1], "Genu", 4) != 0 ||
- memcmp((unsigned char *)&cpuid_results[3],
- "ineI", 4) != 0 ||
- memcmp((unsigned char *)&cpuid_results[2],
- "ntel", 4) != 0) {
- has_aes_instructions = 0;
- return (bool)has_aes_instructions;
- }
-
__cpuid(cpuid_results, 1);
has_aes_instructions = !!(cpuid_results[2] & (1 << 25));
return (bool)has_aes_instructions;
diff --git a/lib/util/debug.c b/lib/util/debug.c
index 8b28002..135cdb6 100644
--- a/lib/util/debug.c
+++ b/lib/util/debug.c
@@ -541,6 +541,8 @@ static const char *default_classname_table[] = {
[DBGC_AUTH_AUDIT_JSON] = "auth_json_audit",
[DBGC_KERBEROS] = "kerberos",
[DBGC_DRS_REPL] = "drs_repl",
+ [DBGC_SMB2] = "smb2",
+ [DBGC_SMB2_CREDITS] = "smb2_credits",
};
/*
diff --git a/lib/util/debug.h b/lib/util/debug.h
index e82553a..1e184b4 100644
--- a/lib/util/debug.h
+++ b/lib/util/debug.h
@@ -93,6 +93,8 @@ bool dbghdr( int level, const char *location, const char *func);
#define DBGC_AUTH_AUDIT_JSON 25
#define DBGC_KERBEROS 26
#define DBGC_DRS_REPL 27
+#define DBGC_SMB2 28
+#define DBGC_SMB2_CREDITS 29
/* So you can define DBGC_CLASS before including debug.h */
#ifndef DBGC_CLASS
@@ -216,6 +218,14 @@ extern int *DEBUGLEVEL_CLASS;
&& (dbgtext("%s: ", __func__)) \
&& (dbgtext body) )
+/* Prefix messages with the function name - class specific */
+#define DBGC_PREFIX(dbgc_class, level, body ) \
+ (void)( ((level) <= MAX_DEBUG_LEVEL) && \
+ unlikely(DEBUGLEVEL_CLASS[ dbgc_class ] >= (level)) \
+ && (dbghdrclass(level, dbgc_class, __location__, __func__ )) \
+ && (dbgtext("%s: ", __func__)) \
+ && (dbgtext body) )
+
/*
* Debug levels matching RFC 3164
*/
@@ -231,12 +241,34 @@ extern int *DEBUGLEVEL_CLASS;
#define DBG_INFO(...) DBG_PREFIX(DBGLVL_INFO, (__VA_ARGS__))
#define DBG_DEBUG(...) DBG_PREFIX(DBGLVL_DEBUG, (__VA_ARGS__))
+#define DBGC_ERR(dbgc_class, ...) DBGC_PREFIX(dbgc_class, \
+ DBGLVL_ERR, (__VA_ARGS__))
+#define DBGC_WARNING(dbgc_class, ...) DBGC_PREFIX(dbgc_class, \
+ DBGLVL_WARNING, (__VA_ARGS__))
+#define DBGC_NOTICE(dbgc_class, ...) DBGC_PREFIX(dbgc_class, \
+ DBGLVL_NOTICE, (__VA_ARGS__))
+#define DBGC_INFO(dbgc_class, ...) DBGC_PREFIX(dbgc_class, \
+ DBGLVL_INFO, (__VA_ARGS__))
+#define DBGC_DEBUG(dbgc_class, ...) DBGC_PREFIX(dbgc_class, \
+ DBGLVL_DEBUG, (__VA_ARGS__))
+
#define D_ERR(...) DEBUG(DBGLVL_ERR, (__VA_ARGS__))
#define D_WARNING(...) DEBUG(DBGLVL_WARNING, (__VA_ARGS__))
#define D_NOTICE(...) DEBUG(DBGLVL_NOTICE, (__VA_ARGS__))
#define D_INFO(...) DEBUG(DBGLVL_INFO, (__VA_ARGS__))
#define D_DEBUG(...) DEBUG(DBGLVL_DEBUG, (__VA_ARGS__))
+#define DC_ERR(...) DEBUGC(dbgc_class, \
+ DBGLVL_ERR, (__VA_ARGS__))
+#define DC_WARNING(...) DEBUGC(dbgc_class, \
+ DBGLVL_WARNING, (__VA_ARGS__))
+#define DC_NOTICE(...) DEBUGC(dbgc_class, \
+ DBGLVL_NOTICE, (__VA_ARGS__))
+#define DC_INFO(...) DEBUGC(dbgc_class, \
+ DBGLVL_INFO, (__VA_ARGS__))
+#define DC_DEBUG(...) DEBUGC(dbgc_class, \
+ DBGLVL_DEBUG, (__VA_ARGS__))
+
/* The following definitions come from lib/debug.c */
/** Possible destinations for the debug log (in order of precedence -
diff --git a/libcli/security/session.c b/libcli/security/session.c
index 0fbb87d..f17e884 100644
--- a/libcli/security/session.c
+++ b/libcli/security/session.c
@@ -26,6 +26,9 @@
enum security_user_level security_session_user_level(struct auth_session_info *session_info,
const struct dom_sid *domain_sid)
{
+ bool authenticated = false;
+ bool guest = false;
+
if (!session_info) {
return SECURITY_ANONYMOUS;
}
@@ -38,8 +41,13 @@ enum security_user_level security_session_user_level(struct auth_session_info *s
return SECURITY_ANONYMOUS;
}
- if (security_token_has_builtin_guests(session_info->security_token)) {
- return SECURITY_GUEST;
+ authenticated = security_token_has_nt_authenticated_users(session_info->security_token);
+ guest = security_token_has_builtin_guests(session_info->security_token);
+ if (!authenticated) {
+ if (guest) {
+ return SECURITY_GUEST;
+ }
+ return SECURITY_ANONYMOUS;
}
if (security_token_has_builtin_administrators(session_info->security_token)) {
@@ -60,9 +68,5 @@ enum security_user_level security_session_user_level(struct auth_session_info *s
return SECURITY_DOMAIN_CONTROLLER;
}
- if (security_token_has_nt_authenticated_users(session_info->security_token)) {
- return SECURITY_USER;
- }
-
- return SECURITY_ANONYMOUS;
+ return SECURITY_USER;
}
diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c
index 7322380..f1f90d9 100644
--- a/libcli/smb/smbXcli_base.c
+++ b/libcli/smb/smbXcli_base.c
@@ -138,6 +138,8 @@ struct smbXcli_conn {
uint8_t io_priority;
+ bool force_channel_sequence;
+
uint8_t preauth_sha512[64];
} smb2;
@@ -549,6 +551,17 @@ const struct GUID *smbXcli_conn_server_guid(struct smbXcli_conn *conn)
return &conn->smb1.server.guid;
}
+bool smbXcli_conn_get_force_channel_sequence(struct smbXcli_conn *conn)
+{
+ return conn->smb2.force_channel_sequence;
+}
+
+void smbXcli_conn_set_force_channel_sequence(struct smbXcli_conn *conn,
+ bool v)
+{
+ conn->smb2.force_channel_sequence = v;
+}
+
struct smbXcli_conn_samba_suicide_state {
struct smbXcli_conn *conn;
struct iovec iov;
@@ -2899,7 +2912,7 @@ struct tevent_req *smb2cli_req_create(TALLOC_CTX *mem_ctx,
uint32_t flags = 0;
uint32_t tid = 0;
uint64_t uid = 0;
- bool use_channel_sequence = false;
+ bool use_channel_sequence = conn->smb2.force_channel_sequence;
uint16_t channel_sequence = 0;
bool use_replay_flag = false;
diff --git a/libcli/smb/smbXcli_base.h b/libcli/smb/smbXcli_base.h
index 6d9198a..2532084 100644
--- a/libcli/smb/smbXcli_base.h
+++ b/libcli/smb/smbXcli_base.h
@@ -59,6 +59,10 @@ uint16_t smbXcli_conn_max_requests(struct smbXcli_conn *conn);
NTTIME smbXcli_conn_server_system_time(struct smbXcli_conn *conn);
const DATA_BLOB *smbXcli_conn_server_gss_blob(struct smbXcli_conn *conn);
const struct GUID *smbXcli_conn_server_guid(struct smbXcli_conn *conn);
+bool smbXcli_conn_get_force_channel_sequence(struct smbXcli_conn *conn);
+void smbXcli_conn_set_force_channel_sequence(struct smbXcli_conn *conn,
+ bool v);
+
struct tevent_req *smbXcli_conn_samba_suicide_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
diff --git a/nsswitch/libwbclient/tests/wbclient.c b/nsswitch/libwbclient/tests/wbclient.c
index e80afc4..d107942 100644
--- a/nsswitch/libwbclient/tests/wbclient.c
+++ b/nsswitch/libwbclient/tests/wbclient.c
via 19a46b0 WHATSNEW: Add release notes for Samba 4.7.7.
via 5a2066f torture: Test compound request request counters
via bb15458 s3:smb2_server: correctly maintain request counters for compound requests
via 686b2ba winbindd: Do not ignore domain in the LOOKUPNAME request
via 81c3e2d Add test for wbinfo name lookup
via ccbdb3c nsswitch: Fix wbcListGroups test
via af5d75d nsswitch: Fix wbcListUsers test
via 705b1fa test_smbclient_s3.sh: Use correct separator in "list with backup privilege" test
via d7f84b6 s3: smbd: Unix extensions attempts to change wrong field in fchown call.
via 00428e8 s3: smbd: Fix memory leak in vfswrap_getwd()
via d217375 s3: lib: messages: Don't use the result of sec_init() before calling sec_init().
via c62c1c9 dsdb: Fix CID 1034966 Uninitialized scalar variable
via 119c28b s3:smbd: don't use the directory cache for SMB2/3
via 4de5e3b ctdb-scripts: Drop "net serverid wipe" from 50.samba event script
via 8ac2ffa s4: torture: Test all combinations of directory open with existing directory to ensure behavior is the same.
via 2500fe7 s4: torture: Test all combinations of directory create to ensure behavior is the same.
via ada7126 s4: torture: Test all combinations of file open with existing file to ensure behavior is the same.
via 1d8c67f s4: torture: Test all combinations of file create to ensure behavior is the same.
via 052ca44 s4: torture: Ensure a failed file create doesn't create the file.
via bd2c850 s3: smbd: Files or directories can't be opened DELETE_ON_CLOSE without delete access.
via 9f2bae3 Allow AESNI to be used on all processor supporting AESNI, not just Intel's This improves performance/reduced CPU usage. Tests performed: - Ran on Ivy Bridge and Ryzen and verified that AESNI is detected (crypto tests) - Ran on Ryzen, and observed 50% increased speed.
via b44b079 smbc_opendir should not return EEXIST with invalid login credentials
via 214291f s3: docs: Add documentation for "smb2" and "smb2_credits" debug classes.
via 2546926 s3: smbd: SMB2: Add DBGC_SMB2_CREDITS class to specifically debug credit issues.
via 465f3a3 lib: debug: Add DBGC_XXX versions of the macros to allow class-specific messages.
via 8bfe55e s3: debug: smb2: Create a new DBGC_SMB2 debug class and mark all smbd/smb2_*.c files with it.
via fe02c78 s3:smbd: map nterror on smb2_flush errorpath
via 62388a0 s3: smbd: Fruit. Make the use of dom_sid_compare_domain() much clearer.
via 8b9e15b s4: vfs: fruit tests: Add regression test for dealing with NFS ACE entries.
via 8df51e5 selftest: vfs.fruit: add xattr_tdb where possible
via bb8bbed selftest: run vfs.fruit_netatalk test against seperate share
via 3893417 s3: smbd: vfs_fruit: Replace code in fruit_fget_nt_acl() with remove_virtual_nfs_aces().
via 85553b7 s3: smbd: vfs_fruit: Replace code in check_ms_nfs() with remove_virtual_nfs_aces().
via bf3e904 s3: smbd: vfs_fruit: Add remove_virtual_nfs_aces() a generic NFS ACE remover.
via db293b8 s3: vfs_fruit. Change check_ms_nfs() to remove the virtual ACE's generated by fruit_fget_nt_acl().
via a37fad5 s3: vfs_fruit. If the security descriptor was modified, ensure we set the flags correctly to reflect the ACE's left.
via 9b5d24d s3: vfs_fruit: Ensure we operate on a copy of the incoming security descriptor.
via 15391e3 s3: vfs_fruit. Ensure we only return one set of the 'virtual' UNIX ACE entries.
via ea6c0ae vfs_glusterfs: Fix the wrong pointer being sent in glfs_fsync_async
via 6d4906c s3: smbd: Fix possible directory fd leak if the underlying OS doesn't support fdopendir()
via 520672e s3: ldap: Ensure the ADS_STRUCT pointer doesn't get freed on error, we don't own it here.
via 7a49112 s4:auth_sam: allow logons with an empty domain name
via 7ea5588 tests/bind.py: Add a bind test with NTLMSSP with no domain
via 35c8220 tests/py_creds: Add a SamLogonEx test with an empty string domain
via 04cc893 s3:cliconnect.c: remove useless ';'
via 4c087a0 s3:libsmb: allow -U"\administrator" to work
via 6c1dde6 s3:auth: make use of make_{server,session}_info_anonymous()
via 47b1336 s3:rpc_server: make use of make_session_info_anonymous()
via 8f69498 s3:auth: add make_{server,session}_info_anonymous()
via c3fdc61 s3:auth: pass the whole auth_session_info from copy_session_info_serverinfo_guest() to create_local_token()
via 1902652 s3:auth: base make_new_session_info_system() on auth_system_user_info_dc() and auth3_create_session_info()
via b8c518d s3:auth: add auth3_user_info_dc_add_hints() and auth3_session_info_create()
via 104de61 auth: add auth_user_info_copy() function
via 8b5253e s3:auth: remove static from finalize_local_nt_token()
via 627a86b s3:auth: pass AUTH_SESSION_INFO_* flags to finalize_local_nt_token()
via ecee945 s3:auth: don't try to expand system or anonymous tokens in finalize_local_nt_token()
via 7687d26 s3:auth: add add_builtin_guests() handling to finalize_local_nt_token()
via e0e4aa1 s3:auth: only call secrets_fetch_domain_sid() once in finalize_local_nt_token()
via c1f61c0 s3:passdb: handle dom_sid=NULL in create_builtin_{users,administrators}()
via 85097b1 s3:auth: move add_local_groups() out of finalize_local_nt_token()
via 1258f28 s3:auth: add the "Unix Groups" sid for the primary gid
via b991dca s3:auth: remove unused auth_serversupplied_info->system
via ff7a8e4 libcli/security: only announce a session as GUEST if 'Builtin\Guests' is there without 'Authenticated User'
via e39a5bd s3:selftest: run SMB2-ANONYMOUS
via 23d1850 s3:torture: add SMB2-ANONYMOUS which asserts no GUEST bit for anonymous
via 17977a9 Merge tag 'samba-4.7.6' into v4-7-test
via cc04ea1 VERSION: Bump version up to 4.7.7.
via 2f57b6d VERSION: Disable GIT_SNAPSHOT for the 4.7.6 release.
via f17ddb9 WHATSNEW: Add release notes for Samba 4.7.6.
via 49b49f1 CVE-2018-1057: s4:dsdb/acl: changing dBCSPwd is only allowed with a control
via 7d8de68 CVE-2018-1057: s4:dsdb: use DSDB_CONTROL_PASSWORD_ACL_VALIDATION_OID
via f797e86 CVE-2018-1057: s4:dsdb/samdb: define DSDB_CONTROL_PASSWORD_ACL_VALIDATION_OID control
via c5a663f CVE-2018-1057: s4:dsdb/acl: run password checking only once
via 7cc3749 CVE-2018-1057: s4/dsdb: correctly detect password resets
via a192242 CVE-2018-1057: s4:dsdb/acl: add a NULL check for talloc_new() in acl_check_password_rights()
via fd1817c CVE-2018-1057: s4:dsdb/acl: add check for DSDB_CONTROL_PASSWORD_HASH_VALUES_OID control
via 0820307 CVE-2018-1057: s4:dsdb/acl: check for internal controls before other checks
via 0bb68f5 CVE-2018-1057: s4:dsdb/acl: remove unused else branches in acl_check_password_rights()
via b3746a4 CVE-2018-1057: s4:dsdb/acl: only call dsdb_acl_debug() if we checked the acl in acl_check_password_rights()
via 7ee55ea CVE-2018-1057: s4:dsdb/password_hash: add a helper variable for passwordAttr->num_values
via 43a5d96 CVE-2018-1057: s4:dsdb/password_hash: add a helper variable for LDB_FLAG_MOD_TYPE
via d15b66c CVE-2018-1057: s4:dsdb/tests: add a test for password change with empty delete
via b59ca4d CVE-2018-1050: s3: RPC: spoolss server. Protect against null pointer derefs.
via af47cdb s3:smbd: Do not crash if we fail to init the session table
via 1efaec6 libsmb: Use smb2 tcon if conn_protocol >= SMB2_02
via e8a69b9 torture: Add test for channel sequence number handling
via 164b38c smbXcli: Add "force_channel_sequence"
via f2d311e smbd: Fix channel sequence number checks for long-running requests
via d5c0ad6 smbd: Remove a "!" from an if-condition for easier readability
via caca68c torture4: Fix typos
via 09200da smbd: Fix a typo
via b276495 build: fix libceph-common detection
via 4978ee1 subnet: Avoid a segfault when renaming subnet objects
via 1fa65b4 build: fix ceph_statx check when configured with libcephfs_dir
via 5c782d5 VERSION: Bump version up to 4.7.6...
from 5cfa947 VERSION: Disable GIT_SNAPSHOT for the 4.7.6 release.
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-7-stable
- Log -----------------------------------------------------------------
-----------------------------------------------------------------------
Summary of changes:
VERSION | 2 +-
WHATSNEW.txt | 109 ++-
auth/auth_sam_reply.c | 35 +
auth/auth_sam_reply.h | 3 +
auth/credentials/tests/bind.py | 26 +-
ctdb/config/events.d/50.samba | 2 -
docs-xml/smbdotconf/logging/loglevel.xml | 2 +
.../smbdotconf/misc/directorynamecachesize.xml | 5 +-
lib/crypto/aes.c | 16 -
lib/util/debug.c | 2 +
lib/util/debug.h | 32 +
libcli/security/session.c | 18 +-
libcli/smb/smbXcli_base.c | 15 +-
libcli/smb/smbXcli_base.h | 4 +
nsswitch/libwbclient/tests/wbclient.c | 66 +-
nsswitch/tests/test_wbinfo_name_lookup.sh | 40 +
python/samba/subnets.py | 33 +
python/samba/tests/py_credentials.py | 27 +
selftest/target/Samba3.pm | 18 +-
source3/auth/auth_builtin.c | 2 +-
source3/auth/auth_ntlmssp.c | 5 +-
source3/auth/auth_util.c | 852 ++++++++++++++++++---
source3/auth/proto.h | 38 +
source3/auth/token_util.c | 251 ++++--
source3/include/auth.h | 6 +-
source3/lib/messages.c | 9 +-
source3/libads/ldap_utils.c | 9 +
source3/librpc/idl/smbXsrv.idl | 3 +-
source3/libsmb/cliconnect.c | 9 +-
source3/libsmb/clientgen.c | 2 +-
source3/libsmb/libsmb_server.c | 4 +-
source3/modules/vfs_default.c | 9 +-
source3/modules/vfs_fruit.c | 93 ++-
source3/modules/vfs_glusterfs.c | 2 +-
source3/passdb/pdb_util.c | 10 +-
source3/rpc_server/rpc_server.c | 9 +-
source3/script/tests/test_smbclient_s3.sh | 10 +-
source3/selftest/tests.py | 7 +-
source3/smbd/dir.c | 32 +-
source3/smbd/globals.h | 1 +
source3/smbd/negprot.c | 23 +-
source3/smbd/open.c | 12 +
source3/smbd/smb2_break.c | 3 +
source3/smbd/smb2_close.c | 3 +
source3/smbd/smb2_create.c | 3 +
source3/smbd/smb2_flush.c | 5 +-
source3/smbd/smb2_getinfo.c | 3 +
source3/smbd/smb2_glue.c | 3 +
source3/smbd/smb2_ioctl.c | 3 +
source3/smbd/smb2_ioctl_dfs.c | 3 +
source3/smbd/smb2_ioctl_filesys.c | 3 +
source3/smbd/smb2_ioctl_named_pipe.c | 3 +
source3/smbd/smb2_ioctl_network_fs.c | 3 +
source3/smbd/smb2_keepalive.c | 3 +
source3/smbd/smb2_lock.c | 3 +
source3/smbd/smb2_negprot.c | 3 +
source3/smbd/smb2_notify.c | 3 +
source3/smbd/smb2_query_directory.c | 12 +-
source3/smbd/smb2_read.c | 3 +
source3/smbd/smb2_server.c | 84 +-
source3/smbd/smb2_sesssetup.c | 3 +
source3/smbd/smb2_setinfo.c | 3 +
source3/smbd/smb2_tcon.c | 3 +
source3/smbd/smb2_write.c | 3 +
source3/smbd/trans2.c | 4 +-
source3/torture/proto.h | 1 +
source3/torture/test_smb2.c | 42 +
source3/torture/torture.c | 1 +
source3/winbindd/winbindd_lookupname.c | 33 +-
source3/wscript | 11 +-
source4/auth/ntlm/auth_sam.c | 16 +-
source4/dsdb/samdb/ldb_modules/samldb.c | 9 +-
source4/dsdb/tests/python/sites.py | 45 ++
source4/torture/basic/delete.c | 257 ++++++-
source4/torture/smb2/compound.c | 77 ++
source4/torture/smb2/replay.c | 117 ++-
source4/torture/vfs/fruit.c | 171 +++++
77 files changed, 2489 insertions(+), 306 deletions(-)
create mode 100755 nsswitch/tests/test_wbinfo_name_lookup.sh
Changeset truncated at 500 lines:
diff --git a/VERSION b/VERSION
index 57dfd64..f9f4813 100644
--- a/VERSION
+++ b/VERSION
@@ -25,7 +25,7 @@
########################################################
SAMBA_VERSION_MAJOR=4
SAMBA_VERSION_MINOR=7
-SAMBA_VERSION_RELEASE=6
+SAMBA_VERSION_RELEASE=7
########################################################
# If a official release has a serious bug #
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 021f2e7..3eea285 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,4 +1,109 @@
=============================
+ Release Notes for Samba 4.7.7
+ April 12, 2018
+ =============================
+
+
+This is the latest stable release of the Samba 4.7 release series.
+
+
+Changes since 4.7.6:
+--------------------
+
+o Jeremy Allison <***@samba.org>
+ * BUG 13206: s4:auth_sam: Allow logons with an empty domain name.
+ * BUG 13244: s3: ldap: Ensure the ADS_STRUCT pointer doesn't get freed on
+ error, we don't own it here.
+ * BUG 13270: s3: smbd: Fix possible directory fd leak if the underlying
+ OS doesn't support fdopendir().
+ * BUG 13319: Round-tripping ACL get/set through vfs_fruit will increase
+ the number of ACE entries without limit.
+ * BUG 13347: s3: smbd: SMB2: Add DBGC_SMB2_CREDITS class to specifically
+ debug credit issues.
+ * BUG 13358: s3: smbd: Files or directories can't be opened DELETE_ON_CLOSE
+ without delete access.
+ * BUG 13372: s3: smbd: Fix memory leak in vfswrap_getwd().
+ * BUG 13375: s3: smbd: Unix extensions attempts to change wrong field
+ in fchown call.
+
+o Ralph Boehme <***@samba.org>
+ * BUG 13363: s3:smbd: Don't use the directory cache for SMB2/3.
+
+o Günther Deschner <***@samba.org>
+ * BUG 13277: build: Fix libceph-common detection.
+
+o David Disseldorp <***@suse.de>
+ * BUG 13250: build: Fix ceph_statx check when configured with libcephfs_dir.
+
+o Poornima G <***@redhat.com>
+ * BUG 13297: vfs_glusterfs: Fix the wrong pointer being sent in
+ glfs_fsync_async.
+
+o Amitay Isaacs <***@gmail.com>
+ * BUG 13359: ctdb-scripts: Drop 'net serverid wipe' from 50.samba event
+ script.
+
+o Lutz Justen <***@google.com>
+ * BUG 13368: s3: lib: messages: Don't use the result of sec_init() before
+ calling sec_init().
+
+o Volker Lendecke <***@samba.org>
+ * BUG 13215: smbd can panic if the client-supplied channel sequence number
+ wraps.
+ * BUG 13367: dsdb: Fix CID 1034966 Uninitialized scalar variable.
+
+o Stefan Metzmacher <***@samba.org>
+ * BUG 13206: s3:libsmb: Allow -U"\\administrator" to work.
+ * BUG 13328: Windows 10 cannot logon on Samba NT4 domain.
+
+o David Mulder <***@suse.com>
+ * BUG 13050: smbc_opendir should not return EEXIST with invalid login
+ credentials.
+
+o Anton Nefedov
+ * BUG 13338: s3:smbd: map nterror on smb2_flush errorpath.
+
+o Dan Robertson <***@tripwire.com>
+ * BUG 13310: libsmb: Use smb2 tcon if conn_protocol >= SMB2_02.
+
+o Garming Sam <***@catalyst.net.nz>
+ * BUG 13031: subnet: Avoid a segfault when renaming subnet objects.
+
+o Christof Schmitt <***@samba.org>
+ * BUG 13312: 'wbinfo --name-to-sid' returns misleading result on invalid
+ query.
+
+o Andreas Schneider <***@samba.org>
+ * BUG 13315: s3:smbd: Do not crash if we fail to init the session table.
+
+o Eric Vannier <***@google.com>
+ * BUG 13302: Allow AESNI to be used on all processor supporting AESNI.
+
+
+#######################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the "Samba 4.1 and newer" product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+Release notes for older releases follow:
+----------------------------------------
+
+ =============================
Release Notes for Samba 4.7.6
March 13, 2018
=============================
@@ -71,8 +176,8 @@ database (https://bugzilla.samba.org/).
======================================================================
-Release notes for older releases follow:
-----------------------------------------
+----------------------------------------------------------------------
+
=============================
Release Notes for Samba 4.7.5
diff --git a/auth/auth_sam_reply.c b/auth/auth_sam_reply.c
index 15d17b0..bd69515 100644
--- a/auth/auth_sam_reply.c
+++ b/auth/auth_sam_reply.c
@@ -333,6 +333,41 @@ NTSTATUS make_user_info_SamBaseInfo(TALLOC_CTX *mem_ctx,
return NT_STATUS_OK;
}
+struct auth_user_info *auth_user_info_copy(TALLOC_CTX *mem_ctx,
+ const struct auth_user_info *src)
+{
+ struct auth_user_info *dst = NULL;
+
+ dst = talloc_zero(mem_ctx, struct auth_user_info);
+ if (dst == NULL) {
+ return NULL;
+ }
+
+ *dst = *src;
+#define _COPY_STRING(_mem, _str) do { \
+ if ((_str) != NULL) { \
+ (_str) = talloc_strdup((_mem), (_str)); \
+ if ((_str) == NULL) { \
+ TALLOC_FREE(dst); \
+ return NULL; \
+ } \
+ } \
+} while(0)
+ _COPY_STRING(dst, dst->account_name);
+ _COPY_STRING(dst, dst->user_principal_name);
+ _COPY_STRING(dst, dst->domain_name);
+ _COPY_STRING(dst, dst->dns_domain_name);
+ _COPY_STRING(dst, dst->full_name);
+ _COPY_STRING(dst, dst->logon_script);
+ _COPY_STRING(dst, dst->profile_path);
+ _COPY_STRING(dst, dst->home_directory);
+ _COPY_STRING(dst, dst->home_drive);
+ _COPY_STRING(dst, dst->logon_server);
+#undef _COPY_STRING
+
+ return dst;
+}
+
/**
* Make a user_info_dc struct from the info3 returned by a domain logon
*/
diff --git a/auth/auth_sam_reply.h b/auth/auth_sam_reply.h
index 4aa3096..e4b26e9 100644
--- a/auth/auth_sam_reply.h
+++ b/auth/auth_sam_reply.h
@@ -38,6 +38,9 @@ NTSTATUS make_user_info_SamBaseInfo(TALLOC_CTX *mem_ctx,
bool authenticated,
struct auth_user_info **_user_info);
+struct auth_user_info *auth_user_info_copy(TALLOC_CTX *mem_ctx,
+ const struct auth_user_info *src);
+
NTSTATUS auth_convert_user_info_dc_saminfo6(TALLOC_CTX *mem_ctx,
const struct auth_user_info_dc *user_info_dc,
struct netr_SamInfo6 **_sam6);
diff --git a/auth/credentials/tests/bind.py b/auth/credentials/tests/bind.py
index 91e493d..4aa4498 100755
--- a/auth/credentials/tests/bind.py
+++ b/auth/credentials/tests/bind.py
@@ -43,6 +43,7 @@ creds_machine = copy.deepcopy(creds)
creds_user1 = copy.deepcopy(creds)
creds_user2 = copy.deepcopy(creds)
creds_user3 = copy.deepcopy(creds)
+creds_user4 = copy.deepcopy(creds)
class BindTests(samba.tests.TestCase):
@@ -64,7 +65,7 @@ class BindTests(samba.tests.TestCase):
self.config_dn = self.info_dc["configurationNamingContext"][0]
self.computer_dn = "CN=centos53,CN=Computers,%s" % self.domain_dn
self.password = "***@ssw0rd"
- self.username = "BindTestUser_" + time.strftime("%s", time.gmtime())
+ self.username = "BindTestUser"
def tearDown(self):
super(BindTests, self).tearDown()
@@ -113,6 +114,7 @@ unicodePwd:: """ + base64.b64encode("\"***@ssw0rd\"".encode('utf-16-le')) + """
expression="(samAccountName=%s)" % self.username)
self.assertEquals(len(ldb_res), 1)
user_dn = ldb_res[0]["dn"]
+ self.addCleanup(delete_force, self.ldb, user_dn)
# do a simple bind and search with the user account in format ***@realm
creds_user1.set_bind_dn(self.username + "@" + creds.get_realm())
@@ -138,5 +140,27 @@ unicodePwd:: """ + base64.b64encode("\"***@ssw0rd\"".encode('utf-16-le')) + """
lp=lp, ldap_only=True)
res = ldb_user3.search(base="", expression="", scope=SCOPE_BASE, attrs=["*"])
+ def test_user_account_bind_no_domain(self):
+ # create user
+ self.ldb.newuser(username=self.username, password=self.password)
+ ldb_res = self.ldb.search(base=self.domain_dn,
+ scope=SCOPE_SUBTREE,
+ expression="(samAccountName=%s)" % self.username)
+ self.assertEquals(len(ldb_res), 1)
+ user_dn = ldb_res[0]["dn"]
+ self.addCleanup(delete_force, self.ldb, user_dn)
+
+ creds_user4.set_username(self.username)
+ creds_user4.set_password(self.password)
+ creds_user4.set_domain('')
+ creds_user4.set_workstation('')
+ print "BindTest (no domain) with: " + self.username
+ try:
+ ldb_user4 = samba.tests.connect_samdb(host, credentials=creds_user4,
+ lp=lp, ldap_only=True)
+ except:
+ self.fail("Failed to connect without the domain set")
+
+ res = ldb_user4.search(base="", expression="", scope=SCOPE_BASE, attrs=["*"])
TestProgram(module=__name__, opts=subunitopts)
diff --git a/ctdb/config/events.d/50.samba b/ctdb/config/events.d/50.samba
index 4c32e4e..f0d8e84 100755
--- a/ctdb/config/events.d/50.samba
+++ b/ctdb/config/events.d/50.samba
@@ -53,8 +53,6 @@ service_start ()
# start Samba service. Start it reniced, as under very heavy load
# the number of smbd processes will mean that it leaves few cycles
# for anything else
- net serverid wipe
-
if [ -n "$CTDB_SERVICE_NMB" ] ; then
nice_service "$CTDB_SERVICE_NMB" start || die "Failed to start nmbd"
fi
diff --git a/docs-xml/smbdotconf/logging/loglevel.xml b/docs-xml/smbdotconf/logging/loglevel.xml
index 1a3767d..d3b5c45 100644
--- a/docs-xml/smbdotconf/logging/loglevel.xml
+++ b/docs-xml/smbdotconf/logging/loglevel.xml
@@ -22,6 +22,8 @@
<listitem><para><parameter moreinfo="none">printdrivers</parameter></para></listitem>
<listitem><para><parameter moreinfo="none">lanman</parameter></para></listitem>
<listitem><para><parameter moreinfo="none">smb</parameter></para></listitem>
+ <listitem><para><parameter moreinfo="none">smb2</parameter></para></listitem>
+ <listitem><para><parameter moreinfo="none">smb2_credits</parameter></para></listitem>
<listitem><para><parameter moreinfo="none">rpc_parse</parameter></para></listitem>
<listitem><para><parameter moreinfo="none">rpc_srv</parameter></para></listitem>
<listitem><para><parameter moreinfo="none">rpc_cli</parameter></para></listitem>
diff --git a/docs-xml/smbdotconf/misc/directorynamecachesize.xml b/docs-xml/smbdotconf/misc/directorynamecachesize.xml
index 7a89bf2..22999a6 100644
--- a/docs-xml/smbdotconf/misc/directorynamecachesize.xml
+++ b/docs-xml/smbdotconf/misc/directorynamecachesize.xml
@@ -4,8 +4,9 @@
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>
- This parameter specifies the size of the directory name cache.
- It will be needed to turn this off for *BSD systems.
+ This parameter specifies the size of the directory name cache for SMB1
+ connections. It is not used for SMB2. It will be needed to turn this off
+ for *BSD systems.
</para>
</description>
diff --git a/lib/crypto/aes.c b/lib/crypto/aes.c
index c226ac1..d16d715 100644
--- a/lib/crypto/aes.c
+++ b/lib/crypto/aes.c
@@ -66,22 +66,6 @@ static bool has_intel_aes_instructions(void)
return (bool)has_aes_instructions;
}
- __cpuid(cpuid_results, 0);
- /*
- * MSB LSB
- * EBX = 'u' 'n' 'e' 'G'
- * EDX = 'I' 'e' 'n' 'i'
- * ECX = 'l' 'e' 't' 'n'
- */
- if (memcmp((unsigned char *)&cpuid_results[1], "Genu", 4) != 0 ||
- memcmp((unsigned char *)&cpuid_results[3],
- "ineI", 4) != 0 ||
- memcmp((unsigned char *)&cpuid_results[2],
- "ntel", 4) != 0) {
- has_aes_instructions = 0;
- return (bool)has_aes_instructions;
- }
-
__cpuid(cpuid_results, 1);
has_aes_instructions = !!(cpuid_results[2] & (1 << 25));
return (bool)has_aes_instructions;
diff --git a/lib/util/debug.c b/lib/util/debug.c
index 8b28002..135cdb6 100644
--- a/lib/util/debug.c
+++ b/lib/util/debug.c
@@ -541,6 +541,8 @@ static const char *default_classname_table[] = {
[DBGC_AUTH_AUDIT_JSON] = "auth_json_audit",
[DBGC_KERBEROS] = "kerberos",
[DBGC_DRS_REPL] = "drs_repl",
+ [DBGC_SMB2] = "smb2",
+ [DBGC_SMB2_CREDITS] = "smb2_credits",
};
/*
diff --git a/lib/util/debug.h b/lib/util/debug.h
index e82553a..1e184b4 100644
--- a/lib/util/debug.h
+++ b/lib/util/debug.h
@@ -93,6 +93,8 @@ bool dbghdr( int level, const char *location, const char *func);
#define DBGC_AUTH_AUDIT_JSON 25
#define DBGC_KERBEROS 26
#define DBGC_DRS_REPL 27
+#define DBGC_SMB2 28
+#define DBGC_SMB2_CREDITS 29
/* So you can define DBGC_CLASS before including debug.h */
#ifndef DBGC_CLASS
@@ -216,6 +218,14 @@ extern int *DEBUGLEVEL_CLASS;
&& (dbgtext("%s: ", __func__)) \
&& (dbgtext body) )
+/* Prefix messages with the function name - class specific */
+#define DBGC_PREFIX(dbgc_class, level, body ) \
+ (void)( ((level) <= MAX_DEBUG_LEVEL) && \
+ unlikely(DEBUGLEVEL_CLASS[ dbgc_class ] >= (level)) \
+ && (dbghdrclass(level, dbgc_class, __location__, __func__ )) \
+ && (dbgtext("%s: ", __func__)) \
+ && (dbgtext body) )
+
/*
* Debug levels matching RFC 3164
*/
@@ -231,12 +241,34 @@ extern int *DEBUGLEVEL_CLASS;
#define DBG_INFO(...) DBG_PREFIX(DBGLVL_INFO, (__VA_ARGS__))
#define DBG_DEBUG(...) DBG_PREFIX(DBGLVL_DEBUG, (__VA_ARGS__))
+#define DBGC_ERR(dbgc_class, ...) DBGC_PREFIX(dbgc_class, \
+ DBGLVL_ERR, (__VA_ARGS__))
+#define DBGC_WARNING(dbgc_class, ...) DBGC_PREFIX(dbgc_class, \
+ DBGLVL_WARNING, (__VA_ARGS__))
+#define DBGC_NOTICE(dbgc_class, ...) DBGC_PREFIX(dbgc_class, \
+ DBGLVL_NOTICE, (__VA_ARGS__))
+#define DBGC_INFO(dbgc_class, ...) DBGC_PREFIX(dbgc_class, \
+ DBGLVL_INFO, (__VA_ARGS__))
+#define DBGC_DEBUG(dbgc_class, ...) DBGC_PREFIX(dbgc_class, \
+ DBGLVL_DEBUG, (__VA_ARGS__))
+
#define D_ERR(...) DEBUG(DBGLVL_ERR, (__VA_ARGS__))
#define D_WARNING(...) DEBUG(DBGLVL_WARNING, (__VA_ARGS__))
#define D_NOTICE(...) DEBUG(DBGLVL_NOTICE, (__VA_ARGS__))
#define D_INFO(...) DEBUG(DBGLVL_INFO, (__VA_ARGS__))
#define D_DEBUG(...) DEBUG(DBGLVL_DEBUG, (__VA_ARGS__))
+#define DC_ERR(...) DEBUGC(dbgc_class, \
+ DBGLVL_ERR, (__VA_ARGS__))
+#define DC_WARNING(...) DEBUGC(dbgc_class, \
+ DBGLVL_WARNING, (__VA_ARGS__))
+#define DC_NOTICE(...) DEBUGC(dbgc_class, \
+ DBGLVL_NOTICE, (__VA_ARGS__))
+#define DC_INFO(...) DEBUGC(dbgc_class, \
+ DBGLVL_INFO, (__VA_ARGS__))
+#define DC_DEBUG(...) DEBUGC(dbgc_class, \
+ DBGLVL_DEBUG, (__VA_ARGS__))
+
/* The following definitions come from lib/debug.c */
/** Possible destinations for the debug log (in order of precedence -
diff --git a/libcli/security/session.c b/libcli/security/session.c
index 0fbb87d..f17e884 100644
--- a/libcli/security/session.c
+++ b/libcli/security/session.c
@@ -26,6 +26,9 @@
enum security_user_level security_session_user_level(struct auth_session_info *session_info,
const struct dom_sid *domain_sid)
{
+ bool authenticated = false;
+ bool guest = false;
+
if (!session_info) {
return SECURITY_ANONYMOUS;
}
@@ -38,8 +41,13 @@ enum security_user_level security_session_user_level(struct auth_session_info *s
return SECURITY_ANONYMOUS;
}
- if (security_token_has_builtin_guests(session_info->security_token)) {
- return SECURITY_GUEST;
+ authenticated = security_token_has_nt_authenticated_users(session_info->security_token);
+ guest = security_token_has_builtin_guests(session_info->security_token);
+ if (!authenticated) {
+ if (guest) {
+ return SECURITY_GUEST;
+ }
+ return SECURITY_ANONYMOUS;
}
if (security_token_has_builtin_administrators(session_info->security_token)) {
@@ -60,9 +68,5 @@ enum security_user_level security_session_user_level(struct auth_session_info *s
return SECURITY_DOMAIN_CONTROLLER;
}
- if (security_token_has_nt_authenticated_users(session_info->security_token)) {
- return SECURITY_USER;
- }
-
- return SECURITY_ANONYMOUS;
+ return SECURITY_USER;
}
diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c
index 7322380..f1f90d9 100644
--- a/libcli/smb/smbXcli_base.c
+++ b/libcli/smb/smbXcli_base.c
@@ -138,6 +138,8 @@ struct smbXcli_conn {
uint8_t io_priority;
+ bool force_channel_sequence;
+
uint8_t preauth_sha512[64];
} smb2;
@@ -549,6 +551,17 @@ const struct GUID *smbXcli_conn_server_guid(struct smbXcli_conn *conn)
return &conn->smb1.server.guid;
}
+bool smbXcli_conn_get_force_channel_sequence(struct smbXcli_conn *conn)
+{
+ return conn->smb2.force_channel_sequence;
+}
+
+void smbXcli_conn_set_force_channel_sequence(struct smbXcli_conn *conn,
+ bool v)
+{
+ conn->smb2.force_channel_sequence = v;
+}
+
struct smbXcli_conn_samba_suicide_state {
struct smbXcli_conn *conn;
struct iovec iov;
@@ -2899,7 +2912,7 @@ struct tevent_req *smb2cli_req_create(TALLOC_CTX *mem_ctx,
uint32_t flags = 0;
uint32_t tid = 0;
uint64_t uid = 0;
- bool use_channel_sequence = false;
+ bool use_channel_sequence = conn->smb2.force_channel_sequence;
uint16_t channel_sequence = 0;
bool use_replay_flag = false;
diff --git a/libcli/smb/smbXcli_base.h b/libcli/smb/smbXcli_base.h
index 6d9198a..2532084 100644
--- a/libcli/smb/smbXcli_base.h
+++ b/libcli/smb/smbXcli_base.h
@@ -59,6 +59,10 @@ uint16_t smbXcli_conn_max_requests(struct smbXcli_conn *conn);
NTTIME smbXcli_conn_server_system_time(struct smbXcli_conn *conn);
const DATA_BLOB *smbXcli_conn_server_gss_blob(struct smbXcli_conn *conn);
const struct GUID *smbXcli_conn_server_guid(struct smbXcli_conn *conn);
+bool smbXcli_conn_get_force_channel_sequence(struct smbXcli_conn *conn);
+void smbXcli_conn_set_force_channel_sequence(struct smbXcli_conn *conn,
+ bool v);
+
struct tevent_req *smbXcli_conn_samba_suicide_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
diff --git a/nsswitch/libwbclient/tests/wbclient.c b/nsswitch/libwbclient/tests/wbclient.c
index e80afc4..d107942 100644
--- a/nsswitch/libwbclient/tests/wbclient.c
+++ b/nsswitch/libwbclient/tests/wbclient.c
--
Samba Shared Repository
Samba Shared Repository