From 1fcb5ed30f9a2b2fd7e02be66ab6052ae960aeed Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Tue, 8 Mar 2022 22:46:02 +1300 Subject: [PATCH 1/2] s4-kdc: Fix memory leak in FAST cookie handling The call to sdb_free_entry() was forgotten. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15000 Signed-off-by: Andrew Bartlett Autobuild-User(master): Stefan Metzmacher Autobuild-Date(master): Fri Mar 11 11:05:55 UTC 2022 on sn-devel-184 (cherry picked from commit b7bc1f6dddc1c5fee8a39422823f167db1f24bb2) Autobuild-User(v4-16-test): Jule Anger Autobuild-Date(v4-16-test): Mon Mar 14 15:24:28 UTC 2022 on sn-devel-184 --- source4/kdc/hdb-samba4.c | 1 + 1 file changed, 1 insertion(+) diff --git a/source4/kdc/hdb-samba4.c b/source4/kdc/hdb-samba4.c index 3f573f297f8..96e88423528 100644 --- a/source4/kdc/hdb-samba4.c +++ b/source4/kdc/hdb-samba4.c @@ -229,6 +229,7 @@ static krb5_error_code hdb_samba4_fetch_fast_cookie(krb5_context context, ret = sdb_entry_ex_to_hdb_entry_ex(context, &sdb_entry_ex, entry_ex); + sdb_free_entry(&sdb_entry_ex); TALLOC_FREE(mem_ctx); return ret; -- 2.25.1 From e28e24d7861fae1c82f116bd8cea8b1c78ebe5cd Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Thu, 17 Mar 2022 07:53:37 +1300 Subject: [PATCH 2/2] WHATSNEW: older SMB1 command removal/simpliciation and deprecation Signed-off-by: Andrew Bartlett --- WHATSNEW.txt | 74 +++++++++++++++++++++++++++++++++++++++++----------- 1 file changed, 59 insertions(+), 15 deletions(-) diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 83d77b5c028..dd384b1b0b7 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -135,21 +135,65 @@ CTDB changes REMOVED FEATURES ================ -SMB1 CORE and LANMAN1 protocol wildcard copy, unlink and rename removed -======================================================================= - -In preparation for the removal of the SMB1 server, the unused -SMB1 command SMB_COM_COPY (SMB1 command number 0x29) has been -removed from the Samba smbd server. In addition, the ability -to process file name wildcards in requests using the SMB1 commands -SMB_COM_COPY (SMB1 command number 0x2A), SMB_COM_RENAME (SMB1 command -number 0x7), SMB_COM_NT_RENAME (SMB1 command number 0xA5) and -SMB_COM_DELETE (SMB1 command number 0x6) have been removed. - -This only affects clients using MS-DOS based versions of -SMB1, the last release of which was Windows 98. Users requiring -support for these features will need to use older versions -of Samba. +Older SMB1 protocol SMBCopy command removed +------------------------------------------- + +SMB is a nearly 30-year old protocol, and some protocol commands that +while supported in all versions, have not seen widespread use. + +One of those is SMBCopy, a feature for a server-side copy of a file. +This feature has been so unmaintained that Samba has no testsuite for +it. + +The SMB1 command SMB_COM_COPY (SMB1 command number 0x29) was +introduced in the LAN Manager 1.0 dialect and it was rendered obsolete +in the NT LAN Manager dialect. + +Therefore it has been removed from the Samba smbd server. + +We do note that a fully supported and tested server-side copy is +present in SMB2, and can be accessed with "scopy" subcommand in +smbclient) + +SMB1 server-side wildcard expansion removed +------------------------------------------- + +Server-side wildcard expansion is another feature that sounds useful, +but is also rarely used and has become problematic - imposing extra +work on the server (both in terms of code and CPU time). + +In actual OS design, wildcard expansion is handled in the local shell, +not at the remote server using SMB wildcard syntax (which is not shell +syntax). + +In Samba 4.16 the ability to process file name wildcards in requests +using the SMB1 commands SMB_COM_RENAME (SMB1 command number 0x7), +SMB_COM_NT_RENAME (SMB1 command number 0xA5) and SMB_COM_DELETE (SMB1 +command number 0x6) has been removed. + +SMB1 protocol has been deprecated, particularly older dialects +-------------------------------------------------------------- + +We take this opportunity to remind that we have deprecated and +disabled by default, but not removed, the whole SMB1 protocol since +Samba 4.11. We make a warning that we will continue to remove older +protocol commands and dialects that are unused or replaced in more +modern commands SMB1 versions. + +We specifically deprecate the older dialects before NT LM 0.12, as +used by software as old as Windows 95, Windows NT and Samba. + +We do reassure that that 'simple' operation of older clients than +these (eg DOS) will, while untested, continue for the near future, our +purpose is not to cripple use of Samba in unique situations, but to +reduce the maintaince burden. + +Eventually SMB1 as a whole will be removed, but no broader change is +announced for 4.16. + +In the rare case where the above changes cause incompatibilities, +users requiring support for these features will need to use older +versions of Samba. No longer using Linux mandatory locks for sharemodes ==================================================== -- 2.25.1