IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Also remove a TAB.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14171
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(backported from commit baaaf59e948df625b01fa8b6317ab5c3babb4e8f)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14171
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(backported from commit f0c8ac47a4608eabeae334d39885aab98198b753)
Reveals a bug where the resource fork size is capped at 65454 bytes.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14171
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit b63069db9fb6efb33b7b917cd5b0ee06b0da9cdc)
This was only needed as dbwrap_open() had a bug where it asked for the ctdb
connection before initializing messaging. The previous commit fixed that so we
can now safely remove the calls to cmdline_messaging_context() from all tools
that don't use messaging.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13925
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Oct 24 09:33:47 UTC 2019 on sn-devel-184
(cherry picked from commit 9471508391fd3bcf199b1e94f8d9ee2b956e8f8e)
This is a better fix for bug #13465.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13925
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit ca95d7f41b683b4d7ac59ed6ee709d44abfe2019)
and set msDS-AdditionalDnsHostName to the specified list.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14116
Signed-off-by: Isaac Boukris <iboukris@redhat.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Oct 25 10:43:08 UTC 2019 on sn-devel-184
Autobuild-User(v4-10-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-10-test): Tue Nov 5 14:31:48 UTC 2019 on sn-devel-144
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14116
Signed-off-by: Isaac Boukris <iboukris@redhat.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
and do not skip adding a fully qualified spn to netbios-aliases
in case a short spn already existed.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14116
Signed-off-by: Isaac Boukris <iboukris@redhat.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
and avoid a possible memory leak when passing null to
add_string_to_array() as mem_ctx.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14116
Signed-off-by: Isaac Boukris <iboukris@redhat.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14116
Signed-off-by: Isaac Boukris <iboukris@redhat.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
This make the join process much more reliable, and avoids "Constraint
violation" error when the fqdn returned from getaddrinfo has already
got assigned an SPN.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14116
Signed-off-by: Isaac Boukris <iboukris@redhat.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Azure AD connect reports discovery errors:
reference-value-not-ldap-conformant
for attributes member and manager.
The key is that it sends the LDAP_SERVER_EXTENDED_DN_OID without
an ExtendedDNRequestValue blob, which means the flag value should
be treated as 0 and the HEX string format should be used.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14153
RN: Prevent azure ad connect from reporting discovery errors:
reference-value-not-ldap-conformant
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Oct 24 11:06:58 UTC 2019 on sn-devel-184
(cherry picked from commit d0f566c4ad32d69a1cf896e2dde56fc2489bb7fc)
This demonstrates a problems that the extended_dn returned
by the dirsync module always uses the SDDL format for GUID/SID
components.
Azure AD connect reports discovery errors:
reference-value-not-ldap-conformant
for attributes member and manager.
The key is that it sends the LDAP_SERVER_EXTENDED_DN_OID without
an ExtendedDNRequestValue blob, which means the flag value should
be treated as 0 and the HEX string format should be used.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14153
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 6d43d82b49c8cd47da2f1489fe8b52d5a873a19c)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14168
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Oct 23 08:23:13 UTC 2019 on sn-devel-184
(cherry picked from commit 263bec1b8d0744da73dd92e4a361fb7430289ab3)
Autobuild-User(v4-10-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-10-test): Mon Nov 4 11:35:33 UTC 2019 on sn-devel-144
Piggyback on existing tests, ensure we don't regress on:
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14161
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 8e55a8562951924e4b1aad5a6d67fc8b309590c1)
The info level it uses doesn't return that, previously we
were using the field that is returned as the EA size as
the inode number (which is usually zero, so the code in
libsmbclient would then synthesize an inode number from
a hash of the pathname, which is all it can do for SMB1).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14161
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit d495074ee27a5f528d5156a69800ee58d799b1eb)
Commit 74a16a1094278 "s3:smbprofile: Replace sysv shmem with tdb"
removed the usage of the shared memory segment for profiling data. As
there are no other users of shared memory segments, remove the configure
check for these functions.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14140
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 94f2ed3eb35b94d5152578dbb6d5ee8f2fa2da69)
* Bug 14071: CVE-2019-10218: Client code can return filenames containing path
separators.
* Bug 12438: CVE-2019-14833: Samba AD DC check password script does not receive
the full password.
* Bug 14040: CVE-2019-14847: User with "get changes" permission can crash AD DC LDAP
server via dirsync.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
* Bug 14071: CVE-2019-10218: Client code can return filenames containing path
separators.
* Bug 12438: CVE-2019-14833: Samba AD DC check password script does not receive
the full password.
* Bug 14040: CVE-2019-14847: User with "get changes" permission can crash AD DC LDAP
server via dirsync.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Incremental results are provided by a flag on the dirsync control, not
by changing the attribute name.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14040
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14040
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
(cherry picked from commit 23f72c4d712f8d1fec3d67a66d477709d5b0abe2)
utf8_len represents the number of characters (not bytes) of the
password. If the password includes multi-byte characters it is required
to write the total number of bytes to the check password script.
Otherwise the last bytes of the password string would be ignored.
Therefore we rename utf8_len to be clear what it does and does
not represent.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12438
Signed-off-by: Björn Baumbach <bb@sernet.de>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
This partially reverts 303b7e59a286896888ee2473995fc50bb2b5ce5e.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14155
Pair-Programmed-With: Isaac Boukris <iboukris@redhat.com>
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Isaac Boukris <iboukris@redhat.com>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 123584294cfd153acc2d9a5be9d71c395c847a25)
Autobuild-User(v4-10-test): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(v4-10-test): Wed Oct 16 16:43:59 UTC 2019 on sn-devel-144
The autobuild cleanup script fails with:
The tree has 3 new uncommitted files!!!
git clean -n
Would remove MEMORY:tmp_smb_creds_SK98Lv
Would remove MEMORY:tmp_smb_creds_kornU6
Would remove MEMORY:tmp_smb_creds_ljR828
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit d888655244b4d8ec7a69a042e0ff3c074585b0de)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14106
Signed-off-by: Isaac Boukris <iboukris@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Sat Oct 12 15:51:42 UTC 2019 on sn-devel-184
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14106
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Signed-off-by: Isaac Boukris <iboukris@gmail.com>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14106
Signed-off-by: Isaac Boukris <iboukris@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14106
Signed-off-by: Isaac Boukris <iboukris@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14106
Signed-off-by: Isaac Boukris <iboukris@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
The list is not protected and this could be a downgrade attack.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14106
Pair-Programmed-With: Isaac Boukris <iboukris@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Isaac Boukris <iboukris@redhat.com>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
We should not use the mech list sent by the server in the last
'negotiate' packet in CIFS protocol, as it is not protected and
may be subject to downgrade attacks.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14106
Signed-off-by: Isaac Boukris <iboukris@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Oct 9 08:26:17 UTC 2019 on sn-devel-184
(cherry picked from commit 459b43e5776180dc1540cd845b72ff78747ecd6f)
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit 39b8c8b30a5d5bd70f8da3a02cf77f7592788b94)
This implements the same behaviour as Windows.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13884
Pair-Programmed-With: Guenther Deschner <gd@samba.org>
Signed-off-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit ce7762935051c862ecdd3e82d93096aac61dd292)
This is already handled by libnet_join_post_processing_ads_modify()
which calls libnet_join_set_etypes() if encrytion types should be set.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit b755a6438022579dab1a403c81d60b1ed7efca38)