aboutsummaryrefslogtreecommitdiffstats
path: root/meta-networking/recipes-connectivity/samba/samba
diff options
context:
space:
mode:
authorYi Zhao <yi.zhao@windriver.com>2020-10-14 15:04:07 +0800
committerArmin Kuster <akuster808@gmail.com>2020-11-09 18:58:37 -0800
commit9c012d9aafdd3870e5cbd5795da7749d433f9a34 (patch)
tree8b4e2c9e1d2a8d77a9d0f13914e6aa25c32f77f1 /meta-networking/recipes-connectivity/samba/samba
parenta5be386125d36c92ccd4fe6568d8f6a2928fad1c (diff)
downloadmeta-openembedded-contrib-9c012d9aafdd3870e5cbd5795da7749d433f9a34.tar.gz
meta-openembedded-contrib-9c012d9aafdd3870e5cbd5795da7749d433f9a34.tar.bz2
meta-openembedded-contrib-9c012d9aafdd3870e5cbd5795da7749d433f9a34.zip
samba: upgrade 4.10.17 -> 4.10.18
This is security release in order to address CVE-2020-1472 (Unauthenticated domain takeover via netlogon ("ZeroLogon")). See: https://www.samba.org/samba/history/samba-4.10.18.html Also remove 3 backported patches. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit bebdea8530652ff698885a3f55b0a650de319379) Signed-off-by: Armin Kuster <akuster808@gmail.com>
Diffstat (limited to 'meta-networking/recipes-connectivity/samba/samba')
-rw-r--r--meta-networking/recipes-connectivity/samba/samba/0001-util-Simplify-input-validation.patch59
-rw-r--r--meta-networking/recipes-connectivity/samba/samba/0002-util-Fix-build-on-FreeBSD-by-avoiding-NSS_BUFLEN_PAS.patch79
-rw-r--r--meta-networking/recipes-connectivity/samba/samba/0003-util-Reallocate-larger-buffer-if-getpwuid_r-returns-.patch50
3 files changed, 0 insertions, 188 deletions
diff --git a/meta-networking/recipes-connectivity/samba/samba/0001-util-Simplify-input-validation.patch b/meta-networking/recipes-connectivity/samba/samba/0001-util-Simplify-input-validation.patch
deleted file mode 100644
index e724c04bcd..0000000000
--- a/meta-networking/recipes-connectivity/samba/samba/0001-util-Simplify-input-validation.patch
+++ /dev/null
@@ -1,59 +0,0 @@
-From f9d9ba6cd06aca053c747c399ba700db80b1623c Mon Sep 17 00:00:00 2001
-From: Martin Schwenke <martin@meltin.net>
-Date: Tue, 9 Jun 2020 11:52:50 +1000
-Subject: [PATCH 1/3] util: Simplify input validation
-
-It appears that snprintf(3) is being used for input validation.
-However, this seems like overkill because it causes szPath to be
-copied an extra time. The mostly likely protections being sought
-here, according to https://cwe.mitre.org/data/definitions/20.html,
-look to be DoS attacks involving CPU and memory usage. A simpler
-check that uses strnlen(3) can mitigate against both of these and is
-simpler.
-
-Signed-off-by: Martin Schwenke <martin@meltin.net>
-Reviewed-by: Volker Lendecke <vl@samba.org>
-Reviewed-by: Bjoern Jacke <bjacke@samba.org>
-(cherry picked from commit 922bce2668994dd2a5988c17060f977e9bb0c229)
-
-Upstream-Status:Backport
-[https://gitlab.com/samba-team/samba/-/commit/f9d9ba6cd06aca053c747c399ba700db80b1623c]
-
-Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
----
- lib/util/util_paths.c | 9 ++++-----
- 1 file changed, 4 insertions(+), 5 deletions(-)
-
-diff --git a/lib/util/util_paths.c b/lib/util/util_paths.c
-index c0ee5c32c30..dec91772d9e 100644
---- a/lib/util/util_paths.c
-+++ b/lib/util/util_paths.c
-@@ -69,21 +69,20 @@ static char *get_user_home_dir(TALLOC_CTX *mem_ctx)
- struct passwd pwd = {0};
- struct passwd *pwdbuf = NULL;
- char buf[NSS_BUFLEN_PASSWD] = {0};
-+ size_t len;
- int rc;
-
- rc = getpwuid_r(getuid(), &pwd, buf, NSS_BUFLEN_PASSWD, &pwdbuf);
- if (rc != 0 || pwdbuf == NULL ) {
-- int len_written;
- const char *szPath = getenv("HOME");
- if (szPath == NULL) {
- return NULL;
- }
-- len_written = snprintf(buf, sizeof(buf), "%s", szPath);
-- if (len_written >= sizeof(buf) || len_written < 0) {
-- /* Output was truncated or an error. */
-+ len = strnlen(szPath, PATH_MAX);
-+ if (len >= PATH_MAX) {
- return NULL;
- }
-- return talloc_strdup(mem_ctx, buf);
-+ return talloc_strdup(mem_ctx, szPath);
- }
-
- return talloc_strdup(mem_ctx, pwd.pw_dir);
---
-2.17.1
-
diff --git a/meta-networking/recipes-connectivity/samba/samba/0002-util-Fix-build-on-FreeBSD-by-avoiding-NSS_BUFLEN_PAS.patch b/meta-networking/recipes-connectivity/samba/samba/0002-util-Fix-build-on-FreeBSD-by-avoiding-NSS_BUFLEN_PAS.patch
deleted file mode 100644
index dcd79044ae..0000000000
--- a/meta-networking/recipes-connectivity/samba/samba/0002-util-Fix-build-on-FreeBSD-by-avoiding-NSS_BUFLEN_PAS.patch
+++ /dev/null
@@ -1,79 +0,0 @@
-From 57bd719af1f138f44f71b2078995452582da0da6 Mon Sep 17 00:00:00 2001
-From: Martin Schwenke <martin@meltin.net>
-Date: Fri, 5 Jun 2020 21:52:23 +1000
-Subject: [PATCH 2/3] util: Fix build on FreeBSD by avoiding NSS_BUFLEN_PASSWD
-
-NSS_BUFLEN_PASSWD is not defined on FreeBSD. Use
-sysconf(_SC_GETPW_R_SIZE_MAX) instead, as per POSIX.
-
-Use a dynamically allocated buffer instead of trying to cram all of
-the logic into the declarations. This will come in useful later
-anyway.
-
-Signed-off-by: Martin Schwenke <martin@meltin.net>
-Reviewed-by: Volker Lendecke <vl@samba.org>
-Reviewed-by: Bjoern Jacke <bjacke@samba.org>
-(cherry picked from commit 847208cd8ac68c4c7d1dae63767820db1c69292b)
-
-Upstream-Status:Backport
-[https://gitlab.com/samba-team/samba/-/commit/57bd719af1f138f44f71b2078995452582da0da6]
-
-Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
----
- lib/util/util_paths.c | 27 ++++++++++++++++++++++-----
- 1 file changed, 22 insertions(+), 5 deletions(-)
-
-diff --git a/lib/util/util_paths.c b/lib/util/util_paths.c
-index dec91772d9e..9bc6df37e5d 100644
---- a/lib/util/util_paths.c
-+++ b/lib/util/util_paths.c
-@@ -68,24 +68,41 @@ static char *get_user_home_dir(TALLOC_CTX *mem_ctx)
- {
- struct passwd pwd = {0};
- struct passwd *pwdbuf = NULL;
-- char buf[NSS_BUFLEN_PASSWD] = {0};
-+ char *buf = NULL;
-+ char *out = NULL;
-+ long int initlen;
- size_t len;
- int rc;
-
-- rc = getpwuid_r(getuid(), &pwd, buf, NSS_BUFLEN_PASSWD, &pwdbuf);
-+ initlen = sysconf(_SC_GETPW_R_SIZE_MAX);
-+ if (initlen == -1) {
-+ len = 1024;
-+ } else {
-+ len = (size_t)initlen;
-+ }
-+ buf = talloc_size(mem_ctx, len);
-+ if (buf == NULL) {
-+ return NULL;
-+ }
-+
-+ rc = getpwuid_r(getuid(), &pwd, buf, len, &pwdbuf);
- if (rc != 0 || pwdbuf == NULL ) {
- const char *szPath = getenv("HOME");
- if (szPath == NULL) {
-- return NULL;
-+ goto done;
- }
- len = strnlen(szPath, PATH_MAX);
- if (len >= PATH_MAX) {
- return NULL;
- }
-- return talloc_strdup(mem_ctx, szPath);
-+ out = talloc_strdup(mem_ctx, szPath);
-+ goto done;
- }
-
-- return talloc_strdup(mem_ctx, pwd.pw_dir);
-+ out = talloc_strdup(mem_ctx, pwd.pw_dir);
-+done:
-+ TALLOC_FREE(buf);
-+ return out;
- }
-
- char *path_expand_tilde(TALLOC_CTX *mem_ctx, const char *d)
---
-2.17.1
-
diff --git a/meta-networking/recipes-connectivity/samba/samba/0003-util-Reallocate-larger-buffer-if-getpwuid_r-returns-.patch b/meta-networking/recipes-connectivity/samba/samba/0003-util-Reallocate-larger-buffer-if-getpwuid_r-returns-.patch
deleted file mode 100644
index 53a3f67814..0000000000
--- a/meta-networking/recipes-connectivity/samba/samba/0003-util-Reallocate-larger-buffer-if-getpwuid_r-returns-.patch
+++ /dev/null
@@ -1,50 +0,0 @@
-From 016e08ca07f86af9e0131a908a2df116bcb9a48e Mon Sep 17 00:00:00 2001
-From: Martin Schwenke <martin@meltin.net>
-Date: Fri, 5 Jun 2020 22:05:42 +1000
-Subject: [PATCH 3/3] util: Reallocate larger buffer if getpwuid_r() returns
- ERANGE
-
-Signed-off-by: Martin Schwenke <martin@meltin.net>
-Reviewed-by: Volker Lendecke <vl@samba.org>
-Reviewed-by: Bjoern Jacke <bjacke@samba.org>
-
-Autobuild-User(master): Martin Schwenke <martins@samba.org>
-Autobuild-Date(master): Tue Jun 9 21:07:24 UTC 2020 on sn-devel-184
-
-(cherry picked from commit ddac6b2eb4adaec8fc5e25ca07387d2b9417764c)
-
-Upstream-Status:Backport
-[https://gitlab.com/samba-team/samba/-/commit/016e08ca07f86af9e0131a908a2df116bcb9a48e]
-
-Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
----
- lib/util/util_paths.c | 13 +++++++++++++
- 1 file changed, 13 insertions(+)
-
-diff --git a/lib/util/util_paths.c b/lib/util/util_paths.c
-index 9bc6df37e5d..72cc0aab8de 100644
---- a/lib/util/util_paths.c
-+++ b/lib/util/util_paths.c
-@@ -86,6 +86,19 @@ static char *get_user_home_dir(TALLOC_CTX *mem_ctx)
- }
-
- rc = getpwuid_r(getuid(), &pwd, buf, len, &pwdbuf);
-+ while (rc == ERANGE) {
-+ size_t newlen = 2 * len;
-+ if (newlen < len) {
-+ /* Overflow */
-+ goto done;
-+ }
-+ len = newlen;
-+ buf = talloc_realloc_size(mem_ctx, buf, len);
-+ if (buf == NULL) {
-+ goto done;
-+ }
-+ rc = getpwuid_r(getuid(), &pwd, buf, len, &pwdbuf);
-+ }
- if (rc != 0 || pwdbuf == NULL ) {
- const char *szPath = getenv("HOME");
- if (szPath == NULL) {
---
-2.17.1
-