1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00
Commit Graph

119637 Commits

Author SHA1 Message Date
Samuel Cabrero
076ec9173e s4:rpc_server: Move core structures and prototypes to core library
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-10-18 16:07:37 +00:00
Samuel Cabrero
3f33fdf2e3 librpc: Add new dcerpc server core library
Next commits will move the core of s4 rpc server to this library.

Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-10-18 16:07:37 +00:00
Samuel Cabrero
480dd6163b s4:rpc_server: Make functions public
These functions will be moved to core dcerpc library and called from
s4 and s3 implementations.

Signed-off-by: Samuel Cabrero <scabrero@suse.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-10-18 16:07:37 +00:00
Samuel Cabrero
0523f0b4d2 s4:rpc_server: Add public function dcesrv_connection_loop_start
This function starts the server loop and will be called from s3 and s4
implementations.

Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-10-18 16:07:37 +00:00
Samuel Cabrero
85de73354d s4:rpc_server: Add transport termination function pointer
As the dcesrv_terminate_connection function will be moved to the shared
rpc server core library, hide the stream_terminate_connection call behind
a function pointer.

The s3 implementation will define its own termination function.

Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-10-18 16:07:37 +00:00
Samuel Cabrero
55ad4ae7ff s4:rpc_server: Find association groups through context callbacks
Split the association group management from the server code, the s3 and
s4 implementation will handle differently.

Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-10-18 16:07:37 +00:00
Samuel Cabrero
b0ecc8ef55 s4:rpc_server: inline the dcesrv_assoc_group_find function
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-10-18 16:07:37 +00:00
Samuel Cabrero
6fe23fa071 s4:rpc_server: Hide gensec prepare behind function pointer
This function will be different for s3 and s4

Signed-off-by: Samuel Cabrero <scabrero@suse.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-10-18 16:07:36 +00:00
Samuel Cabrero
bf09771953 s4:rpc_server: Add dcesrv_context_callbacks to dcesrv_context
Add a new struct dcesrv_context_callbacks in dcesrv_context to hold pointers
to functions whose implementation will differ between S3 and S4.

The log_successful_dcesrv_authz_event implementation will differ as it
requires an imessaging_context.

Signed-off-by: Samuel Cabrero <scabrero@suse.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-10-18 16:07:36 +00:00
Samuel Cabrero
6fcf8038e4 s4:rpc_server: Do not include s4 librpc headers in dcerpc core
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-10-18 16:07:36 +00:00
Samuel Cabrero
63b7889461 librpc: Move dcerpc_log_packet from s4 librpc to common librpc
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-10-18 16:07:36 +00:00
Samuel Cabrero
ae9956a65e librpc: Move dcerpc_ncacn_push_auth from s4 librpc to common librpc
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-10-18 16:07:36 +00:00
Samuel Cabrero
b6c8afa98c s4:librpc: Rename ncacn_push_auth to dcerpc_ncacn_push_auth
Next commit will move this function to common librpc

Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-10-18 16:07:36 +00:00
Samuel Cabrero
83def9a945 s4:rpc_server: Split dcerpc_generic_session_key for server and client
Split the common bits of dcerpc_generic_session_key to librpc and rename
client the specific part to dcecli_generic_session_key.

Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-10-18 16:07:36 +00:00
Samuel Cabrero
f402b937f4 s4:rpc_server: Remove server_id from dcerpc core structs
Add a helper function to retrieve it from the stream connection.

Signed-off-by: Samuel Cabrero <scabrero@suse.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-10-18 16:07:36 +00:00
Samuel Cabrero
3d7167f4f4 s4:rpc_server: Remove imessaging_context from dcerpc core structs
Add a helper function to retrieve the imessaging_context from the
stream connection.

Signed-off-by: Samuel Cabrero <scabrero@suse.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-10-18 16:07:36 +00:00
Samuel Cabrero
3d529762df s4:rpc_server: Rename common/reply.c to dcesrv_reply.c
Signed-off-by: Samuel Cabrero <scabrero@suse.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-10-18 16:07:36 +00:00
Samuel Cabrero
4d7a916189 s4:rpc_server: Cleanup includes
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-10-18 16:07:36 +00:00
Samuel Cabrero
d572219e1b s4:rpc_server: Fix debug string printing duplicated function name
Signed-off-by: Samuel Cabrero <scabrero@suse.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-10-18 16:07:35 +00:00
Samuel Cabrero
61aaebaa35 s4:torture: Assert connection
Signed-off-by: Samuel Cabrero <scabrero@suse.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-10-18 16:07:35 +00:00
Samuel Cabrero
e4b1354066 s4:torture: Fix torture comment
Signed-off-by: Samuel Cabrero <scabrero@suse.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-10-18 16:07:35 +00:00
Samuel Cabrero
f43e08259c s4:torture: Add braces
Signed-off-by: Samuel Cabrero <scabrero@suse.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-10-18 16:07:35 +00:00
Samuel Cabrero
27b01d0aa3 tstream_npa: Set local server name in auth requests
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-10-18 16:07:35 +00:00
Samuel Cabrero
e70dbe7d8a s3:printing: Add spoolssd header file
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-10-18 16:07:35 +00:00
Samuel Cabrero
8b761b126c s3:printing: Add header inclusion guards in queue_process.h
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-10-18 16:07:35 +00:00
Samuel Cabrero
8bc228900e s3:smbd: Add header inclusion guards in globals.h
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-10-18 16:07:35 +00:00
Andrew Bartlett
9a02c31deb lib: Explicitly refuse to truncate unix domain socket paths
This avoids creating a socket like:

.../winbindd_privileged/p

instead of

.../winbindd_privileged/pipe

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-10-18 16:07:35 +00:00
Jeremy Allison
8e55a85629 s3: torture: Ensure SMB1 cli_qpathinfo2() doesn't return an inode number.
Piggyback on existing tests, ensure we don't regress on:

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14161

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-10-18 16:07:35 +00:00
Jeremy Allison
d495074ee2 s3: libsmb: Ensure SMB1 cli_qpathinfo2() doesn't return an inode number.
The info level it uses doesn't return that, previously we
were using the field that is returned as the EA size as
the inode number (which is usually zero, so the code in
libsmbclient would then synthesize an inode number from
a hash of the pathname, which is all it can do for SMB1).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14161

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-10-18 16:07:35 +00:00
Andrew Bartlett
7c83b1ade7 dsdb: Change LDB_TYPESAFE_QSORT() to TYPESAFE_QSORT() in operational module
This call does not use the context argument so no additional parameter is needed.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: David Mulder <dmulder@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Oct 18 10:58:45 UTC 2019 on sn-devel-184
2019-10-18 10:58:44 +00:00
Andrew Bartlett
5bc3561425 s4-rpc_server: Change LDB_TYPESAFE_QSORT() to TYPESAFE_QSORT() in getncchanges
This call does not use the context argument so no additional parameter is needed.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: David Mulder <dmulder@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-10-18 09:26:41 +00:00
Andrew Bartlett
517342399c dsdb: Change LDB_TYPESAFE_QSORT() to TYPESAFE_QSORT() in repl_meta_data module
This call does not use the context argument so no additional parameter is needed.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: David Mulder <dmulder@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-10-18 09:26:41 +00:00
Anoop C S
25b1e478ec s3/dump_core: Have a newline towards the end of log message
Signed-off-by: Anoop C S <anoopcs@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>

Autobuild-User(master): Uri Simchoni <uri@samba.org>
Autobuild-Date(master): Fri Oct 18 08:54:04 UTC 2019 on sn-devel-184
2019-10-18 08:54:04 +00:00
Michael Hanselmann
c4e902be72 Add fuzzing binary for ldb_parse_tree
Signed-off-by: Michael Hanselmann <public@hansmi.ch>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
2019-10-18 07:31:45 +00:00
Michael Hanselmann
de7c78335d Add fuzzing binary for ldap_decode
Signed-off-by: Michael Hanselmann <public@hansmi.ch>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
2019-10-18 07:31:45 +00:00
Michael Hanselmann
f9c39237ad Add fuzzing binary for lzxpress
Signed-off-by: Michael Hanselmann <public@hansmi.ch>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
2019-10-18 07:31:45 +00:00
Michael Hanselmann
a42a5a42f7 Add fuzzing binary for regfio
Checksums are better ignored during fuzzing, hence a flag is added to
the regfio parser to disable checksums.

Signed-off-by: Michael Hanselmann <public@hansmi.ch>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
2019-10-18 07:31:45 +00:00
Michael Hanselmann
6b6df73b4c regfio: Allow ignoring of checksum
In order to get good coverage fuzzing code has to either calculate
checksums correctly or to disable their verification. This change
implements the latter for the "REGF_FILE" structure used by the
"regfio_*" family of functions.

Signed-off-by: Michael Hanselmann <public@hansmi.ch>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
2019-10-18 07:31:45 +00:00
Michael Hanselmann
e477a94ffd Add fuzzing binary for reg_parse
A temporary file is used to store the fuzzing input.

Signed-off-by: Michael Hanselmann <public@hansmi.ch>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
2019-10-18 07:31:45 +00:00
Michael Hanselmann
799a1f65f6 Build registry parsing code into subsystem
Fuzzing code will make use of the "reg_parse_fd" function. By building
it into the "SMBREGISTRY" subsystem it can just be linked and
"reg_parse.c" doesn't need to be explicitly included.

Signed-off-by: Michael Hanselmann <public@hansmi.ch>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
2019-10-18 07:31:45 +00:00
Rowland Penny
68155811ab samba-tool: Add facility to add rfc2307 attributes to an already created user or group
Signed-off-by: Rowland Penny <rpenny@samba.org>
Reviewed-by: David Mulder <dmulder@suse.com>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Oct 17 12:21:55 UTC 2019 on sn-devel-184
2019-10-17 12:21:55 +00:00
Amit Kumar
aacbd383b9 samba-tool: Update 'samba-tool gpo list <>' description
We have a command to get gpo listing from Active Directory.
samba-tool gpo list <username>

This command can list GPOs for both username and machinename,
But command help only shows 'username'.

This PR
- Updates the option presented in help.
- Updates name of variable used to retrieve GPO so that it's
 not misleading if someone reads code later on

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14016

Signed-off-by: Amit Kumar <amitkuma@redhat.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Oct 17 09:21:20 UTC 2019 on sn-devel-184
2019-10-17 09:21:20 +00:00
Amit Kumar
6bd2f0e9c4 docs: modifies 'net ads dns gethostbyname -h' Changes server to nameserver and name to hostname.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14009

Signed-off-by: Amit Kumar amitkuma@redhat.com
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2019-10-17 07:58:39 +00:00
Amit Kumar
dd43bb96fd docs: Add 'ads dns command' text in man net
This change adds contents to man net for 'ads dns' command set.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14009

Signed-off-by: Amit Kumar <amitkuma@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2019-10-17 07:58:39 +00:00
Gary Lockyer
aed4d06376 libcli smb smb1cli_trans: fix ubsan warning
Fix ubsan warning null pointer passed as argument 2 when the source
pointer is NULL.  The calls to memcpy are now guarded by an
if (len > 0)

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Oct 16 18:00:31 UTC 2019 on sn-devel-184
2019-10-16 18:00:31 +00:00
Amit Kumar
50cce842a2 docs: Add 'net gpo command' text in man net
This change adds contents to man net for 'net ads gpo' command
set based on results got after executing:
'# net ads gpo help' and subcommands

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13986

Signed-off-by: Amit Kumar <amitkuma@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2019-10-16 16:39:42 +00:00
Amit Kumar
eb093c5d2a s3:winbind: Don't abort when receiving a NULL SID
Source code in winbind_rpc.c states that if the trusted domain
has no SID, winbindd just aborts the session. This happens with
MIT Kerberos realm added as trust to AD and winbindd just returns
without processing further as there is no SID returned for the
Linux system having kerberos support.

This fix makes winbindd to skip the domain having NULL SID instead
of aborting the request completely.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13913

Signed-off-by: Amit Kumar <amitkuma@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2019-10-16 16:39:42 +00:00
Gary Lockyer
d023b29876 selftest: Disable RTLD_DEEPBIND if running with ASAN
Disable the RTLD_DEEPBIND option for dlopen in LDB and Socket Wrapper when
running with  AddressSanitizer. The RTLD_DEEPBIND option is not compatible
with Address Sanitizer see
https://github.com/google/sanitizers/issues/611

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Oct 16 15:41:41 UTC 2019 on sn-devel-184
2019-10-16 15:41:41 +00:00
Bryan Mason
f0abf62adc s3:tests: Add smbspool test for CUPS-like "sanitized" Device URI in argv[0]
Before calling a backend like smbspool, CUPS will set argv[0] to the
"sanitized" Device URI (the Device URI with username/password
information removed).  These changes are intended to catch problems
with smbspool that may be created by this behavior (like
https://bugzilla.samba.org/show_bug.cgi?id=14128).

source3/script/tests/smbspool_argv_wrapper.c: added to emulate
CUPS-like behavior by setting argv[0] to the device URI before
exec()ing smbspool.

source3/script/tests/test_smbspool.sh: updated to use
smbspool_argv_wrapper to test the CUPS-like behavior described above.

Signed-off-by: Bryan Mason <bmason@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Oct 16 10:55:04 UTC 2019 on sn-devel-184
2019-10-16 10:55:04 +00:00
Isaac Boukris
7259197bf7 s3:libsmb: Link libsmb against pthread
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14140

Signed-off-by: Isaac Boukris <iboukris@gmail.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2019-10-16 09:33:32 +00:00