summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* VERSION: Disable GIT_SNAPSHOT for the 4.6.16 release.v4-5-testv4-5-stableKarolin Seeger2018-03-131-1/+1
| | | | | | | CVE-2018-1050 (Denial of Service Attack on external print server.) CVE-2018-1057 (Authenticated users can change other users' password.) Signed-off-by: Karolin Seeger <kseeger@samba.org>
* Merge tag 'samba-4.5.16' into v4-5-testStefan Metzmacher2018-03-138-25/+320
|\ | | | | | | samba: tag release samba-4.5.16
| * VERSION: Disable GIT_SNAPSHOT for the 4.6.16 release.samba-4.5.16Karolin Seeger2018-03-121-1/+1
| | | | | | | | | | | | | | CVE-2018-1050 (Denial of Service Attack on external print server.) CVE-2018-1057 (Authenticated users can change other users' password.) Signed-off-by: Karolin Seeger <kseeger@samba.org>
| * WHATSNEW: Add release notes for Samba 4.6.16.Karolin Seeger2018-03-121-2/+78
| | | | | | | | Signed-off-by: Karolin Seeger <kseeger@samba.org>
| * CVE-2018-1057: s4:dsdb/acl: changing dBCSPwd is only allowed with a controlRalph Boehme2018-03-121-1/+10
| | | | | | | | | | | | | | | | | | | | This is not strictly needed to fig bug 13272, but it makes sense to also fix this while fixing the overall ACL checking logic. Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
| * CVE-2018-1057: s4:dsdb: use DSDB_CONTROL_PASSWORD_ACL_VALIDATION_OIDRalph Boehme2018-03-122-4/+67
| | | | | | | | | | | | | | | | | | | | | | | | This is used to pass information about which password change operation (change or reset) the acl module validated, down to the password_hash module. It's very important that both modules treat the request identical. Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
| * CVE-2018-1057: s4:dsdb/samdb: define ↵Ralph Boehme2018-03-123-0/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | DSDB_CONTROL_PASSWORD_ACL_VALIDATION_OID control Will be used to pass "user password change" vs "password reset" from the ACL to the password_hash module, ensuring both modules treat the request identical. Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
| * CVE-2018-1057: s4:dsdb/acl: run password checking only onceRalph Boehme2018-03-121-0/+5
| | | | | | | | | | | | | | | | | | | | | | This is needed, because a later commit will let the acl module add a control to the change request msg and we must ensure that this is only done once. Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
| * CVE-2018-1057: s4/dsdb: correctly detect password resetsRalph Boehme2018-03-122-3/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This change ensures we correctly treat the following LDIF dn: cn=testuser,cn=users,... changetype: modify delete: userPassword add: userPassword userPassword: thatsAcomplPASS1 as a password reset. Because delete and add element counts are both one, the ACL module wrongly treated this as a password change request. For a password change we need at least one value to delete and one value to add. This patch ensures we correctly check attributes and their values. Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
| * CVE-2018-1057: s4:dsdb/acl: add a NULL check for talloc_new() in ↵Ralph Boehme2018-03-121-0/+4
| | | | | | | | | | | | | | | | | | acl_check_password_rights() Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
| * CVE-2018-1057: s4:dsdb/acl: add check for ↵Ralph Boehme2018-03-121-0/+20
| | | | | | | | | | | | | | | | | | DSDB_CONTROL_PASSWORD_HASH_VALUES_OID control Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
| * CVE-2018-1057: s4:dsdb/acl: check for internal controls before other checksRalph Boehme2018-03-121-14/+23
| | | | | | | | | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
| * CVE-2018-1057: s4:dsdb/acl: remove unused else branches in ↵Ralph Boehme2018-03-121-2/+12
| | | | | | | | | | | | | | | | | | acl_check_password_rights() Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
| * CVE-2018-1057: s4:dsdb/acl: only call dsdb_acl_debug() if we checked the acl ↵Ralph Boehme2018-03-121-0/+8
| | | | | | | | | | | | | | | | | | in acl_check_password_rights() Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
| * CVE-2018-1057: s4:dsdb/password_hash: add a helper variable for ↵Ralph Boehme2018-03-121-6/+3
| | | | | | | | | | | | | | | | | | passwordAttr->num_values Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
| * CVE-2018-1057: s4:dsdb/password_hash: add a helper variable for ↵Ralph Boehme2018-03-121-5/+9
| | | | | | | | | | | | | | | | | | LDB_FLAG_MOD_TYPE Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
| * CVE-2018-1057: s4:dsdb/tests: add a test for password change with empty deleteRalph Boehme2018-03-122-0/+51
| | | | | | | | | | | | | | | | | | | | Note that the request using the clearTextPassword attribute for the password change is already correctly rejected by the server. Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
| * CVE-2018-1050: s3: RPC: spoolss server. Protect against null pointer derefs.Jeremy Allison2018-03-121-0/+13
| | | | | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=11343 Signed-off-by: Jeremy Allison <jra@samba.org>
| * VERSION: Re-enable GIT_SNAPSHOT.Karolin Seeger2018-03-121-1/+1
| | | | | | | | Signed-off-by: Karolin Seeger <kseeger@samba.org>
| * VERSION: Bump version up to 4.5.16.Karolin Seeger2018-03-121-1/+1
| | | | | | | | | | Signed-off-by: Karolin Seeger <kseeger@samba.org> (cherry picked from commit 8376a89e40b82c0b4b365b8daf155159f59945cb)
* | VERSION: Bump version up to 4.5.16.Karolin Seeger2017-11-221-1/+1
| | | | | | | | Signed-off-by: Karolin Seeger <kseeger@samba.org>
* | Merge tag 'samba-4.5.15' into v4-5-testKarolin Seeger2017-11-224-5/+96
|\ \ | |/ | | | | samba: tag release samba-4.5.15
| * VERSION: Disable GIT_SNAPSHOT for the 4.5.15 release.samba-4.5.15Karolin Seeger2017-11-172-3/+18
| | | | | | | | Signed-off-by: Karolin Seeger <kseeger@samba.org>
| * WHATSNEW: Add release notes for Samba 4.5.15.Karolin Seeger2017-11-171-2/+58
| | | | | | | | Signed-off-by: Karolin Seeger <kseeger@samba.org>
| * s3: smbd: Chain code can return uninitialized memory when talloc buffer is ↵Jeremy Allison2017-11-171-0/+14
| | | | | | | | | | | | | | | | | | | | | | | | grown. Ensure we zero out unused grown area. CVE-2017-15275 BUG: https://bugzilla.samba.org/show_bug.cgi?id=13077 Signed-off-by: Jeremy Allison <jra@samba.org>
| * s3: smbd: Fix SMB1 use-after-free crash bug. CVE-2017-14746Jeremy Allison2017-11-172-3/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | When setting up the chain, always use 'next->' variables not the 'req->' one. Bug discovered by 连一汉 <lianyihan@360.cn> CVE-2017-14746 BUG: https://bugzilla.samba.org/show_bug.cgi?id=13041 Signed-off-by: Jeremy Allison <jra@samba.org>
| * python: use communicate to fix Popen deadlockJoe Guo2017-11-171-6/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | `Popen.wait()` will deadlock when using stdout=PIPE and/or stderr=PIPE and the child process generates large output to a pipe such that it blocks waiting for the OS pipe buffer to accept more data. Use communicate() to avoid that. Signed-off-by: Joe Guo <joeg@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Thu Oct 19 09:27:16 CEST 2017 on sn-devel-144 (cherry picked from commit 5dc773a5b00834c7a53130a73a48f49048bd55e8) Autobuild-User(v4-5-test): Stefan Metzmacher <metze@samba.org> Autobuild-Date(v4-5-test): Tue Nov 14 14:35:22 CET 2017 on sn-devel-144
| * blackbox tests: method to check specific exit codesGary Lockyer2017-11-171-3/+12
| | | | | | | | | | | | | | Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Garming Sam <garming@catalyst.net.nz> (cherry picked from commit 74ebcf6dfc84b6aab6838fa99e12808eb6b913d9)
| * VERSION: Bump version up to 4.5.15...Karolin Seeger2017-11-171-2/+2
| | | | | | | | | | | | and re-enable GIT_SNAPSHOTS. Signed-off-by: Karolin Seeger <kseeger@samba.org>
* | python: use communicate to fix Popen deadlockJoe Guo2017-11-141-6/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | `Popen.wait()` will deadlock when using stdout=PIPE and/or stderr=PIPE and the child process generates large output to a pipe such that it blocks waiting for the OS pipe buffer to accept more data. Use communicate() to avoid that. Signed-off-by: Joe Guo <joeg@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Thu Oct 19 09:27:16 CEST 2017 on sn-devel-144 (cherry picked from commit 5dc773a5b00834c7a53130a73a48f49048bd55e8) Autobuild-User(v4-5-test): Stefan Metzmacher <metze@samba.org> Autobuild-Date(v4-5-test): Tue Nov 14 14:35:22 CET 2017 on sn-devel-144
* | blackbox tests: method to check specific exit codesGary Lockyer2017-11-141-3/+12
| | | | | | | | | | | | | | Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Garming Sam <garming@catalyst.net.nz> (cherry picked from commit 74ebcf6dfc84b6aab6838fa99e12808eb6b913d9)
* | VERSION: Bump version up to 4.5.15...Karolin Seeger2017-09-201-2/+2
| | | | | | | | | | | | and re-enable GIT_SNAPSHOTS. Signed-off-by: Karolin Seeger <kseeger@samba.org>
* | Merge tag 'samba-4.5.14' into v4-5-testKarolin Seeger2017-09-2014-8/+174
|\ \ | |/ | | | | samba: tag release samba-4.5.14
| * VERSION: Disable GIT_SNAPSHOTS for the 4.5.14 release.samba-4.5.14Karolin Seeger2017-09-131-1/+1
| | | | | | | | Signed-off-by: Karolin Seeger <kseeger@samba.org>
| * WHATSNEW: Add release notes for Samba 4.5.14.Karolin Seeger2017-09-131-2/+76
| | | | | | | | Signed-off-by: Karolin Seeger <kseeger@samba.org>
| * selftest: make samba3.blackbox.smbclient_s3.*follow.symlinks.*no as flappingStefan Metzmacher2017-09-121-0/+1
| | | | | | | | | | | | | | | | | | This is fixed in master and 4.7. For the backports we can just ignore failures. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12914 Signed-off-by: Stefan Metzmacher <metze@samba.org>
| * CVE-2017-12163: s3:smbd: Prevent client short SMB1 write from writing server ↵Jeremy Allison2017-09-121-0/+50
| | | | | | | | | | | | | | | | | | memory to file. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13020 Signed-off-by: Jeremy Allison <jra@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
| * CVE-2017-12151: s3:libsmb: make use of cli_state_is_encryption_on()Stefan Metzmacher2017-09-042-3/+3
| | | | | | | | | | | | | | | | This will keep enforced encryption across dfs referrals. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12996 Signed-off-by: Stefan Metzmacher <metze@samba.org>
| * CVE-2017-12151: s3:libsmb: add cli_state_is_encryption_on() helper functionStefan Metzmacher2017-09-042-0/+14
| | | | | | | | | | | | | | | | | | This allows to check if the current cli_state uses encryption (either via unix extentions or via SMB3). BUG: https://bugzilla.samba.org/show_bug.cgi?id=12996 Signed-off-by: Stefan Metzmacher <metze@samba.org>
| * CVE-2017-12150: s3:libsmb: only fallback to anonymous if authentication was ↵Stefan Metzmacher2017-09-041-0/+2
| | | | | | | | | | | | | | | | | | | | not requested With forced encryption or required signing we should also don't fallback. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12997 Signed-off-by: Stefan Metzmacher <metze@samba.org>
| * CVE-2017-12150: libcli/smb: add smbXcli_conn_signing_mandatory()Stefan Metzmacher2017-09-042-0/+6
| | | | | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12997 Signed-off-by: Stefan Metzmacher <metze@samba.org>
| * CVE-2017-12150: auth/credentials: cli_credentials_authentication_requested() ↵Stefan Metzmacher2017-09-041-0/+16
| | | | | | | | | | | | | | | | should check for NTLM_CCACHE/SIGN/SEAL BUG: https://bugzilla.samba.org/show_bug.cgi?id=12997 Signed-off-by: Stefan Metzmacher <metze@samba.org>
| * CVE-2017-12150: libgpo: make use of SMB_SIGNING_REQUIRED in gpo_connect_server()Stefan Metzmacher2017-09-041-1/+1
| | | | | | | | | | | | | | | | It's important that we use a signed connection to get the GPOs! BUG: https://bugzilla.samba.org/show_bug.cgi?id=12997 Signed-off-by: Stefan Metzmacher <metze@samba.org>
| * CVE-2017-12150: s3:pylibsmb: make use of SMB_SIGNING_DEFAULT for ↵Stefan Metzmacher2017-09-041-1/+1
| | | | | | | | | | | | | | | | 'samba.samba3.libsmb_samba_internal' BUG: https://bugzilla.samba.org/show_bug.cgi?id=12997 Signed-off-by: Stefan Metzmacher <metze@samba.org>
| * CVE-2017-12150: s3:lib: get_cmdline_auth_info_signing_state smb_encrypt ↵Stefan Metzmacher2017-09-041-0/+3
|/ | | | | | | | | | | | SMB_SIGNING_REQUIRED This is an addition to the fixes for CVE-2015-5296. It applies to smb2mount -e, smbcacls -e and smbcquotas -e. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12997 Signed-off-by: Stefan Metzmacher <metze@samba.org>
* VERSION: Bump version up to 4.5.14...Karolin Seeger2017-08-301-2/+2
| | | | | | and re-enable GIT_SNAPSHOTS. Signed-off-by: Karolin Seeger <kseeger@samba.org>
* VERSION: Disable GIT_SNAPSHOTS for the 4.5.13 release.samba-4.5.13Karolin Seeger2017-08-301-1/+1
| | | | Signed-off-by: Karolin Seeger <kseeger@samba.org>
* WHATSNEW: Add release notes for Samba 4.5.13.Karolin Seeger2017-08-301-2/+68
| | | | Signed-off-by: Karolin Seeger <kseeger@samba.org>
* vfs_fruit: factor out common code from ad_get() and ad_fget()Ralph Boehme2017-08-141-60/+30
| | | | | | | | | | | | | | | | | | | As a result of the previous changes ad_get() and ad_fget() do completey the same, so factor out the common code to a new helper function. No change in behaviour. Bug: https://bugzilla.samba.org/show_bug.cgi?id=12791 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Wed Aug 9 22:33:36 CEST 2017 on sn-devel-144 (backported from commit d55c27abc5a7357f740c7065bbe12e7f36b57125) Autobuild-User(v4-5-test): Karolin Seeger <kseeger@samba.org> Autobuild-Date(v4-5-test): Mon Aug 14 14:52:17 CEST 2017 on sn-devel-144
* vfs_fruit: return fake pipe fd in fruit_open_meta_netatalk()Ralph Boehme2017-08-141-57/+16
| | | | | | | | | | | | | | Do not open the basefile, that conflict with "kernel oplocks = yes". We just return a fake file fd based on dup'ing a pipe fd and ensure all VFS functions that go through vfs_fruit and work on the metadata stream can deal with it. Bug: https://bugzilla.samba.org/show_bug.cgi?id=12791 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com> Reviewed-by: Volker Lendecke <vl@samba.org> (backported from commit 7583ee6e1c558067e4c7a7351085fcc0e4240366)
View Lorry Controller Status