1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
Commit Graph

135717 Commits

Author SHA1 Message Date
Joseph Sutton
0071a60fb6 dcerpc.idl: Use simple boolean value instead of flag
One advantage of this is that the type of the switch value is no longer
tied to the type of the NDR flags.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-01 20:10:45 +00:00
Joseph Sutton
bea9958b60 s4:kdc: Call kdc_request_set_e_data() instead of kdc_set_e_data()
NOTE: This commit finally works again!

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-01 20:10:45 +00:00
Joseph Sutton
57c543a1d9 third_party/heimdal: Import lorikeet-heimdal-202310310018 (commit 3a433861903ff7c35f3a42c2e88aef2fab7bb5b4) (CID 1544591, CID 1544617)
NOTE: THIS COMMIT WON’T COMPILE/WORK ON ITS OWN!

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-01 20:10:45 +00:00
Joseph Sutton
b06751389d s4:auth: Comment about claims in the security token
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-01 20:10:45 +00:00
Joseph Sutton
ebbba22cfb s4:auth: Remove trailing whitespace
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-01 20:10:45 +00:00
Joseph Sutton
0733ea3663 s4:kdc: Have samba_kdc_get_device_info_blob() call samba_kdc_get_user_info_dc() instead of adding special SIDs itself
samba_kdc_get_user_info_dc() will add the Asserted Identity and Claims
Valid SIDs as appropriate.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-01 20:10:45 +00:00
Joseph Sutton
f8bfd607ca tests/krb5: Test device info generated from RODC‐issued tickets without certain SIDs
These tests crash Windows, but we can assume reasonable behaviour for
Samba.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-01 20:10:45 +00:00
Joseph Sutton
6760dd48ad s4:kdc: Do not add Claims Valid SID twice
samba_kdc_get_user_info_dc() now adds the SID itself.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-01 20:10:45 +00:00
Joseph Sutton
54eb175816 tests/krb5: Rename ‘krbtgt_creds’ to ‘rodc_krbtgt_creds’
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-01 20:10:45 +00:00
Joseph Sutton
66b4597862 tests/krb5: Don’t pass unnecessary parameter
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-01 20:10:45 +00:00
Joseph Sutton
2b69e1e7c3 tests/krb5: Use __slots__ to indicate which attributes are used by classes
These should help to catch mistaken attempts to set invalid attributes.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-01 20:10:45 +00:00
Joseph Sutton
b0da50b5b0 s4:kdc: Add the Asserted Identity SID to the PAC only if the original RODC‐issued PAC contained it
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-01 20:10:45 +00:00
Joseph Sutton
915b40521e s4:auth: Check that the PAC is not NULL before dereferencing it
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-01 20:10:45 +00:00
Joseph Sutton
76e27c3ab1 libcli/security: Add sid_attrs_contains_sid()
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-01 20:10:45 +00:00
Joseph Sutton
69edfd7b11 libcli/security: Make use of sids_contains_sid()
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-01 20:10:45 +00:00
Joseph Sutton
04611d9ebc libcli/security: Add sids_contains_sid()
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-01 20:10:45 +00:00
Joseph Sutton
ce3f04dca9 libcli/security: Make use of sids_contains_sid_attrs()
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-01 20:10:45 +00:00
Joseph Sutton
5ff72d0e04 libcli/security: Rename sids_contains_sid() to sids_contains_sid_attrs()
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-01 20:10:45 +00:00
Joseph Sutton
487e21ec89 s4:dsdb: Make sids_contains_sid() usable by other Samba modules
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-01 20:10:45 +00:00
Joseph Sutton
ce9fbceadb libcli/security: Correct function documentation
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-01 20:10:45 +00:00
Joseph Sutton
01b8966993 libcli/security: Remove unnecessary return statement
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-01 20:10:45 +00:00
Joseph Sutton
12b0c9d043 s4:dsdb: Align integer type
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-01 20:10:45 +00:00
Joseph Sutton
3b936623a4 s4:kdc: Add Claims Valid SID to info regenerated from RODC‐issued PACs
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-01 20:10:45 +00:00
Joseph Sutton
7ba4bb8164 tests/krb5: Add tests to see how SIDs are conveyed from PACs
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-01 20:10:45 +00:00
Joseph Sutton
dc1e2b41ca tests/krb5: Test that the Claims Valid SID is added to RODC‐issued PACs
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-01 20:10:45 +00:00
Joseph Sutton
947d3e5932 tests/krb5: Test that the Service Asserted Identity SID is not regarded from an RODC‐issued PAC
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-01 20:10:45 +00:00
Volker Lendecke
1862561d1a smbd: Open file as REPARSE_POINT in unlink_internals()
In the future we'll block opening symlinks as such in
SMB_VFS_CREATE_FILE() unless we open as reparse points.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Nov  1 19:56:33 UTC 2023 on atb-devel-224
2023-11-01 19:56:33 +00:00
Volker Lendecke
0fc160c667 smbd: Open file as REPARSE_POINT in reply_rmdir()
In the future we'll block opening symlinks as such in
SMB_VFS_CREATE_FILE() unless we open as reparse points.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2023-11-01 18:55:32 +00:00
Volker Lendecke
93f0a36712 smbd: Open file as REPARSE_POINT in rename_internals()
In the future we'll block opening symlinks as such in
SMB_VFS_CREATE_FILE() unless we open as reparse points.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2023-11-01 18:55:32 +00:00
Volker Lendecke
879db14ff6 smbd: Open file as REPARSE_POINT in smb_posix_unlink()
In the future we'll block opening symlinks as such in
SMB_VFS_CREATE_FILE() unless we open as reparse points.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2023-11-01 18:55:32 +00:00
Volker Lendecke
bdc6d3be4c smbd: Remove unused FAKE_FILE_TYPE_NAMED_PIPE enum
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2023-11-01 18:55:32 +00:00
Volker Lendecke
92606a46b3 smbd: Move filename_convert_smb1_search_path() to smb1-only code
Just general cleanup.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2023-11-01 18:55:32 +00:00
Volker Lendecke
ea16870545 smbd: Fix previous_slash()
Untested code is broken code... previous_slash() did not return a
pointer to the slash but after it. This went undetected because so far
we never call symlink_target_path() with "unparsed==0". Once we
started doing that, we would find that the "unparsed==0" case actually
puts parent on the "previous slash", not the character behind it.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2023-11-01 18:55:32 +00:00
Volker Lendecke
170b67b3b0 manpages: Add a missing space
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2023-11-01 18:55:32 +00:00
Volker Lendecke
45ec0f61fd libcli: SMBntcreateX can return STOPPED_ON_SYMLINK
This does not count as NT_STATUS_IS_ERR, as it starts with 0x8 instead
of 0xC. So we return NT_STATUS_INVALID_NETWORK_RESPONSE, which is
wrong.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2023-11-01 18:55:32 +00:00
Volker Lendecke
9e5d752591 smbd: "have_proc_fds" can only work for a real fd
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2023-11-01 18:55:32 +00:00
Volker Lendecke
a181283f5c smbd: Remove code #ifdef'ed out >23years ago
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2023-11-01 18:55:32 +00:00
Volker Lendecke
ba2bc30785 smbd: Fix some whitespace
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2023-11-01 18:55:32 +00:00
Volker Lendecke
846adcb259 smbd: Save errno around unbecome_root()
Probably not required, but better safe than sorry.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2023-11-01 18:55:32 +00:00
Volker Lendecke
252d2cc76a smbd: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2023-11-01 18:55:32 +00:00
Volker Lendecke
d2afaf21c5 smbd: Fix whitespace
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2023-11-01 18:55:32 +00:00
Volker Lendecke
28873a84d2 smbd: Fix whitespace
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2023-11-01 18:55:32 +00:00
Volker Lendecke
32d15770da smbd: Simplify reopen_from_fsp()
Add the checks in reopen_from_procfd() into an if-condition, remove
the MORE_PROCESSING_REQUIRED logic that confused me.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2023-11-01 18:55:32 +00:00
Volker Lendecke
3c20ea9df2 smbd: Simplify reopen_from_fsp()
Pass down a dummy "file_created" variable in open_directory(), remove
a unneeded if-condition.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2023-11-01 18:55:32 +00:00
Volker Lendecke
9f63fad392 smbd: Simplify sys_proc_fd_path()
We know the buffer size up-front, create a struct for that. Also, I
think if we ever hit another /proc pattern this is very likely on a
different OS that could be handled by an #ifdef.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2023-11-01 18:55:32 +00:00
Samuel Cabrero
de20ee1ada WHATSNEW: Mention logged on users list removal
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Nov  1 12:52:13 UTC 2023 on atb-devel-224
2023-11-01 12:52:13 +00:00
Ralph Boehme
7a5228ffce CI: smb3unix.py: check basic CreateContexts response
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: David Mulder <dmulder@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Oct 31 05:41:17 UTC 2023 on atb-devel-224
2023-10-31 05:41:17 +00:00
Ralph Boehme
b6301fd0d7 libsmb: add all fields from SMB2_FIND_POSIX_INFORMATION in list_posix_helper()
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: David Mulder <dmulder@samba.org>
2023-10-31 04:38:42 +00:00
Ralph Boehme
d6c8b709ed libsmb: remove mode from struct file_info
There's already the "attr" member and this is even used in list_posix_helper()
in pylibsmb.c. While at it, remove the cast in list_posix_helper() by using "I"
instead of "i" format.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: David Mulder <dmulder@samba.org>
2023-10-31 04:38:42 +00:00
Ralph Boehme
3dc1911f7c libsmb: use K format for parsing unsigned long long
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: David Mulder <dmulder@samba.org>
2023-10-31 04:38:42 +00:00