From 73fa1aba94f5cf566007ac18cee3ef08b3ae64bc Mon Sep 17 00:00:00 2001 From: Rosen Penev Date: Sat, 31 Aug 2019 18:50:48 -0700 Subject: samba36: Remove Samba 3.6 is completely unsupported, in addition to having tons of patches It also causes kernel panics on some platforms when sendfile is enabled. Example: https://github.com/gnubee-git/GnuBee_Docs/issues/45 I have reproduced on ramips as well as mvebu in the past. Samba 4 is an alternative available in the packages repo. cifsd is a lightweight alternative available in the packages repo. It is also a faster alternative to both Samba versions (lower CPU usage). It was renamed to ksmbd. To summarize, here are the alternatives: - ksmbd + luci-app-cifsd - samba4 + luci-app-samba4 Signed-off-by: Rosen Penev [drop samba36-server from GEMINI_NAS_PACKAGES, ksmbd rename + summary] Signed-off-by: Stijn Tintel --- .../samba36/patches/015-patch-cve-2015-7560.patch | 172 --------------------- 1 file changed, 172 deletions(-) delete mode 100644 package/network/services/samba36/patches/015-patch-cve-2015-7560.patch (limited to 'package/network/services/samba36/patches/015-patch-cve-2015-7560.patch') diff --git a/package/network/services/samba36/patches/015-patch-cve-2015-7560.patch b/package/network/services/samba36/patches/015-patch-cve-2015-7560.patch deleted file mode 100644 index 6ce8e2f9b7..0000000000 --- a/package/network/services/samba36/patches/015-patch-cve-2015-7560.patch +++ /dev/null @@ -1,172 +0,0 @@ -From eb27f9b7bf9c1dc902d9545eecf805831bd4e46c Mon Sep 17 00:00:00 2001 -From: Jeremy Allison -Date: Tue, 5 Jan 2016 11:18:12 -0800 -Subject: [PATCH 1/8] CVE-2015-7560: s3: smbd: Add refuse_symlink() function - that can be used to prevent operations on a symlink. - -BUG: https://bugzilla.samba.org/show_bug.cgi?id=11648 - -Signed-off-by: Jeremy Allison -Reviewed-by: Michael Adam ---- - source3/smbd/trans2.c | 28 ++++++++++++++++++++++++++++ - 1 file changed, 28 insertions(+) - ---- a/source3/smbd/trans2.c -+++ b/source3/smbd/trans2.c -@@ -51,6 +51,34 @@ static char *store_file_unix_basic_info2 - files_struct *fsp, - const SMB_STRUCT_STAT *psbuf); - -+/**************************************************************************** -+ Check if an open file handle or pathname is a symlink. -+****************************************************************************/ -+ -+static NTSTATUS refuse_symlink(connection_struct *conn, -+ const files_struct *fsp, -+ const char *name) -+{ -+ SMB_STRUCT_STAT sbuf; -+ const SMB_STRUCT_STAT *pst = NULL; -+ -+ if (fsp) { -+ pst = &fsp->fsp_name->st; -+ } else { -+ int ret = vfs_stat_smb_fname(conn, -+ name, -+ &sbuf); -+ if (ret == -1) { -+ return map_nt_error_from_unix(errno); -+ } -+ pst = &sbuf; -+ } -+ if (S_ISLNK(pst->st_ex_mode)) { -+ return NT_STATUS_ACCESS_DENIED; -+ } -+ return NT_STATUS_OK; -+} -+ - /******************************************************************** - Roundup a value to the nearest allocation roundup size boundary. - Only do this for Windows clients. -@@ -181,12 +209,22 @@ NTSTATUS get_ea_names_from_file(TALLOC_C - char **names, **tmp; - size_t num_names; - ssize_t sizeret = -1; -+ NTSTATUS status; -+ -+ if (pnames) { -+ *pnames = NULL; -+ } -+ *pnum_names = 0; - - if (!lp_ea_support(SNUM(conn))) { -- if (pnames) { -- *pnames = NULL; -- } -- *pnum_names = 0; -+ return NT_STATUS_OK; -+ } -+ -+ status = refuse_symlink(conn, fsp, fname); -+ if (!NT_STATUS_IS_OK(status)) { -+ /* -+ * Just return no EA's on a symlink. -+ */ - return NT_STATUS_OK; - } - -@@ -236,10 +274,6 @@ NTSTATUS get_ea_names_from_file(TALLOC_C - - if (sizeret == 0) { - TALLOC_FREE(names); -- if (pnames) { -- *pnames = NULL; -- } -- *pnum_names = 0; - return NT_STATUS_OK; - } - -@@ -550,6 +584,7 @@ NTSTATUS set_ea(connection_struct *conn, - const struct smb_filename *smb_fname, struct ea_list *ea_list) - { - char *fname = NULL; -+ NTSTATUS status; - - if (!lp_ea_support(SNUM(conn))) { - return NT_STATUS_EAS_NOT_SUPPORTED; -@@ -559,6 +594,12 @@ NTSTATUS set_ea(connection_struct *conn, - return NT_STATUS_ACCESS_DENIED; - } - -+ status = refuse_symlink(conn, fsp, smb_fname->base_name); -+ if (!NT_STATUS_IS_OK(status)) { -+ return status; -+ } -+ -+ - /* For now setting EAs on streams isn't supported. */ - fname = smb_fname->base_name; - -@@ -4931,6 +4972,13 @@ NTSTATUS smbd_do_qfilepathinfo(connectio - uint16 num_file_acls = 0; - uint16 num_def_acls = 0; - -+ status = refuse_symlink(conn, -+ fsp, -+ smb_fname->base_name); -+ if (!NT_STATUS_IS_OK(status)) { -+ return status; -+ } -+ - if (fsp && fsp->fh->fd != -1) { - file_acl = SMB_VFS_SYS_ACL_GET_FD(fsp); - } else { -@@ -6452,6 +6500,7 @@ static NTSTATUS smb_set_posix_acl(connec - uint16 num_def_acls; - bool valid_file_acls = True; - bool valid_def_acls = True; -+ NTSTATUS status; - - if (total_data < SMB_POSIX_ACL_HEADER_SIZE) { - return NT_STATUS_INVALID_PARAMETER; -@@ -6479,6 +6528,11 @@ static NTSTATUS smb_set_posix_acl(connec - return NT_STATUS_INVALID_PARAMETER; - } - -+ status = refuse_symlink(conn, fsp, smb_fname->base_name); -+ if (!NT_STATUS_IS_OK(status)) { -+ return status; -+ } -+ - DEBUG(10,("smb_set_posix_acl: file %s num_file_acls = %u, num_def_acls = %u\n", - smb_fname ? smb_fname_str_dbg(smb_fname) : fsp_str_dbg(fsp), - (unsigned int)num_file_acls, ---- a/source3/smbd/nttrans.c -+++ b/source3/smbd/nttrans.c -@@ -877,6 +877,12 @@ NTSTATUS set_sd(files_struct *fsp, struc - return NT_STATUS_OK; - } - -+ if (S_ISLNK(fsp->fsp_name->st.st_ex_mode)) { -+ DEBUG(10, ("ACL set on symlink %s denied.\n", -+ fsp_str_dbg(fsp))); -+ return NT_STATUS_ACCESS_DENIED; -+ } -+ - if (psd->owner_sid == NULL) { - security_info_sent &= ~SECINFO_OWNER; - } -@@ -1925,6 +1931,12 @@ NTSTATUS smbd_do_query_security_desc(con - return NT_STATUS_ACCESS_DENIED; - } - -+ if (S_ISLNK(fsp->fsp_name->st.st_ex_mode)) { -+ DEBUG(10, ("ACL get on symlink %s denied.\n", -+ fsp_str_dbg(fsp))); -+ return NT_STATUS_ACCESS_DENIED; -+ } -+ - if (security_info_wanted & (SECINFO_DACL|SECINFO_OWNER| - SECINFO_GROUP|SECINFO_SACL)) { - /* Don't return SECINFO_LABEL if anything else was -- cgit v1.2.3