1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
Commit Graph

36715 Commits

Author SHA1 Message Date
David Mulder
914ebe666b Convert samba4.base.deny* tests to smb2
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Noel Power <noel.power@suse.com>
2020-06-24 20:50:24 +00:00
David Mulder
c96347f293 s4:torture: Convert samba4.base.vuid test to smb2
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Noel Power <noel.power@suse.com>
2020-06-24 20:50:24 +00:00
David Mulder
fc9f64184e s4:torture: Convert samba4.base.secleak test to smb2
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Noel Power <noel.power@suse.com>
2020-06-24 20:50:24 +00:00
David Mulder
e32f4602ed Add python binding for DATADIR build path
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2020-06-23 16:32:30 +00:00
David Mulder
a9d1ccc569 gpo: Run Group Policy Scripts
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2020-06-23 16:32:30 +00:00
Christof Schmitt
315271f81f source4/smb_server: Use NT_STATUS_PENDING instead of STATUS_PENDING
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2020-06-22 12:07:38 +00:00
Christof Schmitt
7fe581874a source4/libcli: Use NT_STATUS_PENDING instead of STATUS_PENDING
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2020-06-22 12:07:38 +00:00
Christof Schmitt
0a877e9b47 smbtorture: Use NT_STATUS_PENDING instead of STATUS_PENDING
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2020-06-22 12:07:38 +00:00
Christof Schmitt
73d452305f ntvfs: Use NT_STATUS_NOTIFY_ENUM_DIR instead of STATUS_NOTIFY_ENUM_DIR
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2020-06-22 12:07:38 +00:00
Christof Schmitt
eec333daf4 smbtorture: Use NT_STATUS_NOTIFY_ENUM_DIR instead of STATUS_NOTIFY_ENUM_DIR
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2020-06-22 12:07:38 +00:00
Christof Schmitt
85380ab9da torture: Use NT_STATUS_NOTIFY_CLEANUP instead of STATUS_NOTIFY_CLEANUP
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2020-06-22 12:07:37 +00:00
Andreas Schneider
53e3a959b9 s3:lib:tls: Use better priority lists for modern GnuTLS
We should use the default priority list. That is a good practice,
because TLS protocol hardening and phasing out of legacy algorithms,
is easier to co-ordinate when happens at a single place. See crypto
policies of Fedora.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14408

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Jun 17 17:42:02 UTC 2020 on sn-devel-184
2020-06-17 17:42:02 +00:00
Andreas Schneider
e7204f3c9e s4:torture: Make sure that ctx is initialized to NULL
If we go to done and call smbc_free_context() the pointer should be
initialized.

Found by clang.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
2020-06-16 09:08:34 +00:00
Douglas Bagnall
d827392f2a replmd: slightly clarify a comment
it has been a long time since we introduced "control", so lets remind
ourselves which control it was.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sat Jun 13 06:50:12 UTC 2020 on sn-devel-184
2020-06-13 06:50:11 +00:00
Douglas Bagnall
0f6c8a75e6 dsdb/mod/acl_util: do not deref NULL sd_flags control
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-06-13 05:25:31 +00:00
Isaac Boukris
7655a0298e db-glue.c: set forwardable flag on cross-realm tgt tickets
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14233

Match Windows behavior and allow the forwardable flag to be
set in cross-realm tickets. We used to allow forwardable to
any server, but now that we apply disallow-forwardable policy
in heimdal we need to explicitly allow in the corss-realm case
(and remove the workaround we have for it the MIT plugin).

Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jun 12 22:10:34 UTC 2020 on sn-devel-184
2020-06-12 22:10:34 +00:00
Isaac Boukris
fb7dfdbe8f selftest: test forwardable flag in cross-realm with s4u2proxy
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-06-12 20:42:38 +00:00
Isaac Boukris
9b302a57ff selftest: test forwardable flag in cross-realm tgt tickets
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14233

Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-06-12 20:42:38 +00:00
Isaac Boukris
8fdff19c54 heimdal: apply disallow-forwardable on server in TGS request
upstream commit: 839b073facd2aecda6740224d73e560bc79965dc

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14233

Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-06-12 20:42:38 +00:00
Isaac Boukris
6095a4f0d5 kdc: allow checksum of PA-FOR-USER to be HMAC_MD5
even if the tgt session key uses different hmac.

Per [MS-SFU] 2.2.1 PA-FOR-USER the checksum is
always HMAC_MD5, and that's what windows 7 client
and MIT client send.

In heimdal both the client and kdc use the checksum of
the tgt key instead and therefore work with each other
but windows and MIT clients fail against heimdal KDC.

Windows KDC allows either checksum (HMAC_MD5 or from
tgt) so we should do the same to support all clients.

Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Jun 11 02:48:58 UTC 2020 on sn-devel-184
2020-06-11 02:48:58 +00:00
Stefan Metzmacher
05e1417396 s4:torture:smb2: use delete-on-close in test_rw_invalid()
We test the limits here and leave a 16TB file with zeros.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14361

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Jun  5 13:17:55 UTC 2020 on sn-devel-184
2020-06-05 13:17:55 +00:00
Björn Baumbach
d72a512e0f pyauth: add python binding for auth_session_info_set_unix()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14400

Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-06-05 10:32:31 +00:00
Björn Baumbach
bde136a280 s4-auth/unix_token: add new function auth_session_info_set_unix()
Used to fill the unix info in a struct auth_session_info similar to
auth_session_info_fill_unix().

The new auth_session_info_set_unix() receives the uid and gid for
the unix token as an parameter. It does not query the unix token from
winbind (via security_token_to_unix_token()).
This is useful to fill a user session info manually if winbind is not
available.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14400

Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-06-05 10:32:31 +00:00
Björn Baumbach
d159b4c0a5 s4-auth/unix_token: separate out filling the unix_info elements in a struct session_info
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14400

Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-06-05 10:32:31 +00:00
Samuel Cabrero
72f73efd7f librpc: core: Move the s4 handles implementation to the RPC server core
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-05-24 23:55:36 +00:00
Samuel Cabrero
ebdacf187d selftest: Add test for handle types
The test is written for SAMR, but as the handle type is verified by the
server core library it also applies to other RPC services.

Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-05-24 23:55:36 +00:00
Andreas Schneider
55cbdac15e selftest: Run some tests against ad_member_fips
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2020-05-18 14:43:40 +00:00
Michael Adam
dbfc197f65 s4/torture: Unlink test file at the beginning of smb2.read.position
Pair-Programmed-With: Anoop C S <anoopcs@redhat.com>
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Fri May 15 16:02:47 UTC 2020 on sn-devel-184
2020-05-15 16:02:47 +00:00
Isaac Boukris
8b5e764413 selftest: add python S4U2Self tests including unkeyed checksums
To test the CRC32 I reverted the unkeyed-checksum fix (43958af1)
and the weak-crypto fix (389d1b97). Note that the unkeyed-md5
still worked even with weak-crypto disabled, and that the
unkeyed-sha1 never worked but I left it anyway.

Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri May 15 12:25:40 UTC 2020 on sn-devel-184
2020-05-15 12:25:40 +00:00
Isaac Boukris
19875a3731 Revert "CVE-2018-16860 selftest: Add test for S4U2Self with unkeyed checksum"
This reverts commit 5639e973c1.

This is no longer needed as the next commit includes a Python
test for this, without the complexity of being inside krb5.kdc.canon.

Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-05-15 10:27:41 +00:00
Isaac Boukris
b5adc11277 Revert "selftest: mitm-s4u2self: use zlib for CRC32_checksum calc"
This reverts commit 151f8c0f31.

This allows a clean revert (and so removal) of the test.

Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-05-15 10:27:41 +00:00
Isaac Boukris
ce65e8979d Revert "selftest: allow any kdc error in mitm-s4u2self test"
This reverts commit a53fa8ffe3.

This allows a clean revert (and so removal) of the test.

Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-05-15 10:27:41 +00:00
Andrew Bartlett
004e7a1fee s4/rpc_server/dnsserver: Allow parsing of dnsProperty to fail gracefully
On (eg) the

DC=_msdcs.X.Y,CN=MicrosoftDNS,DC=ForestDnsZones,DC=X,DC=Y

record, in domains that have had a Microsoft Windows DC an attribute:

dNSProperty:: AAAAAAAAAAAAAAAAAQAAAJIAAAAAAAAA

000000 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00  >................<
000010 92 00 00 00 00 00 00 00                          >........<
000018

We, until samba 4.12, would parse this as:

pull returned Success
    dnsp_DnsProperty: struct dnsp_DnsProperty
        wDataLength              : 0x00000000 (0)
        namelength               : 0x00000000 (0)
        flag                     : 0x00000000 (0)
        version                  : 0x00000001 (1)
        id                       : DSPROPERTY_ZONE_NS_SERVERS_DA (146)
        data                     : union dnsPropertyData(case 0)
        name                     : 0x00000000 (0)
dump OK

However, the wDataLength is 0.  There is not anything in
[MS-DNSP] 2.3.2.1 dnsProperty to describe any special behaviour
for when the id suggests that there is a value, but wDataLength is 0.

https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-dnsp/445c7843-e4a1-4222-8c0f-630c230a4c80

We now fail to parse it, because we expect an entry with id DSPROPERTY_ZONE_NS_SERVERS_DA
to therefore have a valid DNS_ADDR_ARRAY (section 2.2.3.2.3).

As context we changed it in our commit fee5c6a424
because of bug https://bugzilla.samba.org/show_bug.cgi?id=14206
which was due to the artificial environment of the fuzzer.

Microsoft advises that Windows also fails to parse this, but
instead of failing the operation, the value is ignored.

Reported by Alex MacCuish.  Many thanks for your assistance in
tracking down the issue.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14310

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri May 15 07:29:17 UTC 2020 on sn-devel-184
2020-05-15 07:29:16 +00:00
Ralph Boehme
f0df11ce9d s4/torture: add a *real* root_dir_fid test
raw.samba3rootdirfid tests with the share root directory as root_dir_fid handle,
that doesn't cover the case where the relative name has more then one path
component. It only works because in unix_convert() we run into the creating file
optimasation.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14380

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-05-14 18:07:39 +00:00
Andreas Schneider
ab70153c20 testprogs: Add 'net ads join' test for fips
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Thu May 14 14:27:26 UTC 2020 on sn-devel-184
2020-05-14 14:27:26 +00:00
Stefan Metzmacher
54de0e4a3e s4:torture: add tests to test the SMB2 read/write offset/length boundaries
[MS-FSA] 2.1.5.2 Server Requests a Read and
2.1.5.3 Server Requests a Write define some contraints.

These tests demonstrate that ((int64_t)offset) < 0) is
not allowed for both reads and writes for SMB.
Also the special case for writes at offset -2 is not possible
nor the append mode with offset < 0.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14361

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-05-12 19:53:43 +00:00
Ralph Boehme
2ace545a63 s4/torture: reproducer for bug 14375
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14375

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2020-05-12 18:15:30 +00:00
Gary Lockyer
e907f002a7 Fix clang 9 for-loop-analysis warnings
Review-note: The for loop increment operation was changed and the
             trailing i++ was removed from the loop body.
             The resulting for statement is equivalent to the original

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri May  8 11:16:18 UTC 2020 on sn-devel-184
2020-05-08 11:16:18 +00:00
Gary Lockyer
8c17b6f82f Fix clang 9 format-nonliteral warnings
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-05-08 09:31:31 +00:00
Gary Lockyer
13a2f70a4d Fix clang 9 missing-field-initializer warnings
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-05-08 09:31:31 +00:00
Gary Lockyer
d55812e4ee Fix clang 9 enum-conversion warnings
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-05-08 09:31:31 +00:00
Gary Lockyer
5e44b7cdfc Fix clang 9 constant-conversion warnings
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-05-08 09:31:31 +00:00
Gary Lockyer
fa8332780d Fix clang 9 logical-not-parentheses warnings
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-05-08 09:31:31 +00:00
Gary Lockyer
79b371da80 s4 ldap_server: modernize debug calls
Replace DEBUG(0 with DBG_ERR(

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Volker Lendecke <vl@samba.org>
2020-05-06 21:15:42 +00:00
Amitay Isaacs
93408f60cb lib/messaging: Move messages_dgm out of source3
... so CTDB can also use it.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
2020-05-06 00:06:40 +00:00
Jeremy Allison
9881c3f9ab s4: torture: Add an SMB1-specific open root of share with @GMT-path test - base.smb1-twrp-openroot
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-05-05 19:18:43 +00:00
Jeremy Allison
2b8ea97709 s4: torture: Add smb2.twrp.openroot test.
Opens the root of a share over SMB2 with a zero-length
filename and a timewarp token.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-05-05 19:18:43 +00:00
Volker Lendecke
d0deaf90e5 torture4: Move a variable declaration closer to its use
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-05-05 11:48:38 +00:00
Andrew Bartlett
906aa7ddb8 CVE-2020-10700: dsdb: Do not permit the ASQ control for the GUID search in paged_results
ASQ is a very strange control and a BASE search can return multiple results
that are NOT the requested DN, but the DNs pointed to by it!

Thanks to Andrei Popa <andrei.popa@next-gen.ro> for finding,
reporting and working with us to diagnose this issue!

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14331

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>

Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Mon May  4 10:14:28 UTC 2020 on sn-devel-184
2020-05-04 10:14:28 +00:00
Andrew Bartlett
5603d26770 CVE-2020-10700: dsdb: Add test for ASQ and ASQ in combination with paged_results
Thanks to Andrei Popa <andrei.popa@next-gen.ro> for finding,
reporting and working with us to diagnose this issue!

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14331

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2020-05-04 08:19:41 +00:00
Gary Lockyer
3149ea0a8a CVE-2020-10704: libcli ldap_message: Add search size limits to ldap_decode
Add search request size limits to ldap_decode calls.

The ldap server uses the smb.conf variable
"ldap max search request size" which defaults to 250Kb.
For cldap the limit is hard coded as 4096.

Credit to OSS-Fuzz

REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-05-04 02:59:32 +00:00
Gary Lockyer
28ee4acc83 CVE-2020-10704: S4 ldap server: Limit request sizes
Check the size of authenticated and anonymous ldap requests and reject
them if they exceed the limits in smb.conf

Credit to OSS-Fuzz

REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-05-04 02:59:32 +00:00
Gary Lockyer
5d6bcef4b4 CVE-2020-10704: ldapserver tests: Limit search request sizes
Add tests to ensure that overly long (> 256000 bytes) LDAP search
requests are rejected.

Credit to OSS-Fuzz

REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-05-04 02:59:32 +00:00
Gary Lockyer
b0832d2016 CVE-2020-10704: libcli ldap: test recursion depth in ldap_decode_filter_tree
Add tests to check that ASN.1 ldap requests with deeply nested elements
are rejected.  Previously there was no check on the on the depth of
nesting and excessive nesting could cause a stack overflow.

Credit to OSS-Fuzz

REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-05-04 02:59:32 +00:00
Gary Lockyer
f467727db5 CVE-2020-10704: lib util asn1: Add ASN.1 max tree depth
Add maximum parse tree depth to the call to asn1_init, which will be
used to limit the depth of the ASN.1 parse tree.

Credit to OSS-Fuzz

REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-05-04 02:59:31 +00:00
Ralph Boehme
aa3b3e18a7 s4/torture: add a comprehensive "non-lease-break-trigger" access mask test case
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14357

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-04-30 19:32:45 +00:00
Ralph Boehme
4371c62f2c s4/torture: add a comprehensive "non-oplock-break-trigger" access mask test case
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14357

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-04-30 19:32:44 +00:00
Andreas Schneider
a454c9cd42 testprogs: Add client kerberos test
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Apr 29 11:53:41 UTC 2020 on sn-devel-184
2020-04-29 11:53:41 +00:00
Andreas Schneider
9596eefbd5 s4:torture: Print account and authority name
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2020-04-29 10:15:28 +00:00
David Mulder
dedb4f24af s4:torture: Convert samba3.raw.mkdir test to smb2
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 888abcaf8ffbec45fc47520bd3f544e3aa6f58f2)

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Apr 28 19:46:32 UTC 2020 on sn-devel-184
2020-04-28 19:46:32 +00:00
David Mulder
34311553d7 s4:torture: Convert samba4.base.tcon test to smb2
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit eb167bc43dbe196ef5b3bfd24160c72c74113dea)
2020-04-28 18:09:39 +00:00
David Mulder
c690428ebe Convert samba4.base.mangle test to smb2
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 9437b44668c9f7742d6d4fe0891ac4d9fda7c804)
2020-04-28 18:09:39 +00:00
David Mulder
18db8bd9c4 Implement alt name query for smb2
Implements smb2_qpathinfo_alt_name() and
RAW_FILEINFO_SMB2_ALT_NAME_INFORMATION.

Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 097df343ce21c8340aee7f42f233fe74b92b47e2)
2020-04-28 18:09:39 +00:00
David Mulder
67e589c111 Convert samba4.base.maximum_allowed to smb2
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit d9edfeea668362269d812f82b1957ed16ff56dd4)
2020-04-28 18:09:39 +00:00
David Mulder
a3ddd679d7 Add SMB2 lsa helper routines
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 3763052c2a95ac9bd60f00458389a5245cf5d58d)
2020-04-28 18:09:39 +00:00
Andrew Bartlett
54a3560498 provision: Remove final code for the LDAP backend
The LDAP backend for the Samba AD DC, aiming to store the AD DC in
an existing LDAP server was largely removed many years aga, but the
other parts were removed in 2b0fc74a09.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Apr 23 06:12:20 UTC 2020 on sn-devel-184
2020-04-23 06:12:20 +00:00
Andrew Bartlett
4ab753f0d1 source4/setup: Remove files unused since the LDAP backend was removed
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2020-04-23 04:36:29 +00:00
Jeremy Allison
72a57d377e s4: torture: SMB2. Fix smb2.winattr to actually read the SD from the server and check it.
We need READ_CONTROL, and actually have to ask for
the OWNER|GROUP|DACL bits if we're going to properly
check the SD.

Tested against Windows 10.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Apr 16 20:42:58 UTC 2020 on sn-devel-184
2020-04-16 20:42:58 +00:00
Jeremy Allison
cb59b75bee s4: torture: SMB2. Add a new test that exposes interesting SD query behavior.
If we open a file without READ_CONTROL, requesting a security
descriptor fails with ACCESS_DENIED if any of the requested
bits OWNER|GROUP|DACL are set.

However, if we send zero as the requested bits then a
security descriptor is returned containing no data,
even though reading an SD should fail based on the
access permissions we have on the handle.

This has been tested against Windows 10, and also
passes on Samba - although in smbd we actually
read the SD off disk first, before nulling out
all the data we read. We shouldn't (we have
no rights to do so) and a subsequent commit
will fix this.

This was discovered when investigating the
smb2.winattr test, which currently relies
on exactly this behavior. It shouldn't
and the next commit will fix that.

I wanted to preserve the current smb2.winattr
behavior in a test though.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-04-16 19:07:35 +00:00
Ralph Boehme
eab086c572 s4/torture: fix timeval wrap in torture_libsmbclient_utimes() test
Fixes the following flapping test:

UNEXPECTED(failure): samba4.libsmbclient.utimes.SMB3.utimes(nt4_dc)
REASON: Exception: Exception: ../../source4/torture/libsmbclient/libsmbclient.c:1249:
    st.st_mtim.tv_nsec / 1000 was 98181 (0x17F85),
    expected 1098181 (0x10C1C5): smbc_utimes did not update msec

https://gitlab.com/samba-team/devel/samba/-/jobs/506361470

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Sat Apr 11 12:24:00 UTC 2020 on sn-devel-184
2020-04-11 12:23:59 +00:00
Volker Lendecke
833303b8bd torture: Test smbc_utimes()
Prove that smbc_utimes throws away the tv_nsec field

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-04-08 14:46:40 +00:00
Volker Lendecke
f261d5f727 torture4: Allow DBG output in libsmbclient tests
smbc_new_context() overwrites the global DEBUGLEVEL to 0.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-04-08 14:46:39 +00:00
Andreas Schneider
ff67642dc2 tests: Add test to check the server doesn't allow NTLM
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2020-04-08 13:02:40 +00:00
Andreas Schneider
ab3394f9f5 s4:tls: Fix generating TLS RSA certs with FIPS140-2
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2020-04-08 13:02:39 +00:00
Andreas Schneider
ecdd17c536 s4:samdb: Do not create WDdigests for HTTP if weak crypto is disabled
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2020-04-08 13:02:39 +00:00
Noel Power
0463960488 s4/selftest: Move samba4.rpc.join tests to ad_dc_default_smb1
The following tests which fail when run against a test env that
doesn't support SMB1

samba4.rpc.join on ncacn_ip_tcp with bigendian(ad_dc_default)
samba4.rpc.join on ncacn_ip_tcp with seal,padcheck(ad_dc_default)
samba4.rpc.join on ncacn_ip_tcp with validate(ad_dc_default)
samba4.rpc.join on ncacn_np with bigendian(ad_dc_default)
samba4.rpc.join on ncacn_np with seal,padcheck(ad_dc_default)
samba4.rpc.join on ncacn_np with validate(ad_dc_default)
samba4.rpc.join on ncalrpc with bigendian(ad_dc_default:local)
samba4.rpc.join on ncalrpc with seal,padcheck(ad_dc_default:local)
samba4.rpc.join on ncalrpc with validate(ad_dc_default:local)

have been moved to ad_dc_default_smb1

results verified with

VALIDATE="validate" python3 source4/selftest/tests.py | grep "^samba4.rpc.join" | grep ad_dc_default | sort

corrosponding entries have been removed from skip_smb1_fail

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-04-03 15:08:32 +00:00
Noel Power
e362ad23ee s4/selftest: Move samba4.ldap.passwordsettings to ad_dc_default_smb1
Test samba4.ldap.passwordsettings fails when run against test env that
doesn't support SMB1 so move to ad_dc_default_smb1

Note: no skip entries to be removed as tests are known failures

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-04-03 15:08:32 +00:00
Noel Power
1553641724 s4/selftest: Move samba4.ldap.nested-search to ad_dc_default_smb1
Test samba4.ldap.nested-search fails when run against test env
that doesn't support SMB1 so move to ad_dc_default_smb1

Also remove entry from skip_smb1_fail

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-04-03 15:08:32 +00:00
Noel Power
c83fafacbb s4/selftest: Modify samba4.blackbox.chgdcpass to use smbclient(s3)
Test was using smbclient4 but this fails when used in environments that
don't support SMB1. We use smbclient(s3) instead. There remains one
failure due to behaviour differences between the smbclients.

The behavioural changes are related not to SMB1/SMB2 but
commits d4ea637eb8 &
fce66b22ea

Perhaps we need to modify s3 smbclient in a similar way? This is however
something that deserves further discussion.

Move this failing part to a knownfail for the moment.

Also the corrosponding entry in skip_smb1_fail has been removed

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-04-03 15:08:32 +00:00
Noel Power
aa688a8de6 s4/selftest: Move samba.tests.libsmb to nt4_dc_smb1
Also remove associated entry from skip_smb1_fail

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-04-03 15:08:32 +00:00
Noel Power
572bc3e643 s4/selftest: Adjust samba4.blackbox.pkinit to use (s3) smbclient
samba4.blackbox.pkinit falls to pass in environments that don't support
SMB2 because of use (s4) smbclient4. Change test to use (s3) smbclient

Additionally a test within the test script test_kinit_trusts_heimdal.sh
explicitly uses smbclient4 which can't negotiate SMB1 in environments
that don't support it. Add knownfail to cater for this & also remove entry
from the skip file

Further reference the smbclient4 specific test is associated with
https://bugzilla.samba.org/show_bug.cgi?id=12554 so maybe we should
keep it for the moment

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-04-03 15:08:30 +00:00
Noel Power
4c92489383 s4/selftest: Move samba.tests.net_join_no_spnego to ad_dc_smb1
Test samba.tests.net_join_no_spnego when run in environment
doesn't support SMB1 so move it to ad_dc_smb1 and remove
skip_smb1_fail entry

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-04-03 15:08:30 +00:00
Noel Power
6edb46682d s4/selftest: Move samba.tests.auth_log_pass_change to ad_dc_smb1
Test samba.tests.auth_log_pass_change  will fail when run against
environments that don't support SMB1 so move this test to ad_dc_smb1
and remove entry from skip_smb1_fail

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-04-03 15:08:30 +00:00
Noel Power
fc1121bc6b s4/selftest: Move samba.tests.auth_log to ad_dc_smb1
Test samba.tests.auth_log will fail when run against environments that
don't support SMB1 so move this test to ad_dc_smb1 and removing
entry from skip_smb1_fail

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-04-03 15:08:29 +00:00
Noel Power
a166ddc740 s4/selftest: Move samba4.smb.spnego to ad_dc_smb1
Moving

samba4.smb.spnego.krb5.no_optimistic(ad_dc)
samba4.smb.spnego.ntlmssp.no_optimistic(ad_dc)

and additionally removing the entries from skip_smb1_fails

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-04-03 15:08:29 +00:00
Noel Power
ed3b15b33c s4/selftest: Move samba4.rpc.join tests from ad_dc to ad_dc_smb1
Move the following tests from ad_dc to ad_dc_smb1

samba4.rpc.join with bigendian(ad_dc)
samba4.rpc.join with seal,padcheck(ad_dc)
samba4.rpc.join with validate(ad_dc)

and additionally remove the corrosponding entries from skip_smb1_fails

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-04-03 15:08:29 +00:00
Noel Power
b056425340 s4/selftest: Move failing samba4.rpc.authcontext.* (ad_dc) to ad_dc_smb1
Move
samba4.rpc.authcontext with bigendian(ad_dc)
samba4.rpc.authcontext with seal,padcheck(ad_dc)
samba4.rpc.authcontext with validate(ad_dc)

to ad_dc_smb1 environment and remove the corrosponding entries in
skip_smb1_fail

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-04-03 15:08:29 +00:00
Noel Power
1c8974b421 s4/selftest: run samba4.libsmbclient.*.NT1.* tests in ad_dc_smb1
additionally remove those related entries from skip_smb1_fails

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-04-03 15:08:29 +00:00
Noel Power
0aa44c88d2 s4/selftest: move samba4.dfs.domain to ad_dc_smb1
Additionally remove the test entry from skip_smb1_fails

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-04-03 15:08:29 +00:00
Noel Power
422e6c5a79 s4/selftest: adjust samba.blackbox.pdbtest to use (s3) smbclient
smbclient4 only negotiates smb1, this test should use smbclient(s3)
instead.

Signed-off-by: Noel Power <npower@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-04-03 15:08:28 +00:00
Noel Power
7e04d84b5f s4/selftest: Adjust samba4.blackbox.samba_tool to use (s3) smbclient
(s4) smbclient doesn't negotiate smb2, (s3) smbclient is what
is used and what we really should be testing.

Additionally remove entry from ski_smb1_fails file

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-04-03 15:08:28 +00:00
Noel Power
1c3f954ab4 s4/selftest: Use (s3) smbclient for test samba4.blackbox.kinit
Additionally we remove the entry from skip_smb1_fails as it is
no longer relevant

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-04-03 15:08:28 +00:00
Noel Power
3558332228 s4/selftest: Use s3 smbclient for samba4.blackbox.bogusdomain
Additionally remove the test from skip_smb1_fails

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-04-03 15:08:28 +00:00
Noel Power
87d77b3ea9 s4/selftest: Add smbclient (s3 version) binary to s4/tests
smbclient4 only negotiates smb1, tests probably should use smbclient
instead (except for tests that intentionally are testing smbclient4
itself)

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-04-03 15:08:28 +00:00
Andrew Bartlett
9f9b80c79a dlz_bind9: Avoid talloc_new(NULL), use a parent variable
This will help provide a better memory tree if we ever suspect a problem
here.  The tmp_ctx varaible is always freed before the end of this
function.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-04-01 08:51:31 +00:00
Stefan Metzmacher
c4ccdf4b30 s4:selftest: run samba.tests.krb5.simple_tests against ad_dc_default
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Mar 27 19:54:25 UTC 2020 on sn-devel-184
2020-03-27 19:54:25 +00:00
Stefan Metzmacher
7010a1311d s4:selftest: run samba.tests.krb5.kcrypto test
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
2020-03-27 18:17:35 +00:00
Stefan Metzmacher
05d3a909d5 selftest: use 10.53.57.0/8 instead of 127.0.0.1/8
This makes our testing much more realistic and allows
the removal of some knowfail entries.

It also means the testing with network namespaces on Linux
can use the same addresses as our socket wrapper testing.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-03-27 09:02:38 +00:00
Stefan Metzmacher
4d6864e08e samba_dnsupdate: fix delete (samba-tool) message
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-03-27 09:02:37 +00:00
Stefan Metzmacher
88500f7326 samba_dnsupdate: fix --no-credentials handling
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-03-27 09:02:37 +00:00
Stefan Metzmacher
bc94d9878d s4:torture/ldb: fix the build on FreeBSD
clock_t is 'int' instead' of 'long' there.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-03-27 09:02:37 +00:00
Volker Lendecke
e74e85ee66 dsdb: Use ARRAY_DEL_ELEMENT() in dirsync_filter_entry()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-03-26 14:43:31 +00:00
Volker Lendecke
f52f531771 lib: Remove unused SOCKET_FLAG_BLOCK
Nobody in the code set this flag, so remove it

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2020-03-25 09:04:28 +00:00
Andrew Bartlett
4d65e3ad21 s4-librpc: Simplify bytes or unicode input checking in python GUID() bindings
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
2020-03-23 19:12:43 +00:00
Andrew Bartlett
a7633deb89 py3: Remove #define IsPy3BytesOrString(pystr)
This was

  (PyUnicode_Check(pystr) || PyBytes_Check(pystr))

This allows us to end the use of Python 2/3 compatability macros.

The one caller will be simplified in the next commit

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Noel Power <nopower@samba.org>
2020-03-23 19:12:43 +00:00
Andrew Bartlett
675ab9d6ae py3: Remove #define IsPy3Bytes PyBytes_Check
This allows us to end the use of Python 2/3 compatability macros.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
2020-03-23 19:12:43 +00:00
Andrew Bartlett
5c1867ba45 py3: Remove #define PyInt_FromLong PyLong_FromLong
This allows us to end the use of Python 2/3 compatability macros.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Noel Power
2020-03-23 19:12:43 +00:00
Andrew Bartlett
4764e8b4c7 py3: Remove #define PyInt_AsLong PyLong_AsLong
This allows us to end the use of Python 2/3 compatability macros.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
2020-03-23 19:12:43 +00:00
Andrew Bartlett
3aea3b1538 py3: Remove #define PyInt_Check PyLong_Check
This will allow us to remove some unused code in the PIDL-generated
python bindings.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
2020-03-23 19:12:43 +00:00
Andrew Bartlett
a4cdfbd167 dsdb: Allow delete (directly and over DRS) of an object with a link to itself
Previously this would fail with Unsupported critical extension 1.3.6.1.4.1.7165.4.3.2

Reported by Alexander Harm.  Many thanks for helping make Samba better
and for your patience with patches and providing debugging information.

REF: https://lists.samba.org/archive/samba/2020-February/228153.html
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14306

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-03-22 04:39:36 +00:00
Andrew Bartlett
ad750ed10f dsdb: Add test for the case of a link pointing back at its own object
This type of object was not possible to delete in Samba without first removing
the link.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14306

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-03-22 04:39:36 +00:00
Samuel Cabrero
9331772e4c selftests: Tests only appropiate RPC interfaces are available in smb pipes
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-03-20 15:36:31 +00:00
Samuel Cabrero
3bcbad0c57 selftests: Test lsa over netlogon in nt4 dc environment
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-03-20 15:36:31 +00:00
Samuel Cabrero
d809da3ace selftest: Run python.samba.tests.dcerpc.raw_protocol against S3 ad_member
The goal is to pass the raw protocol testsuite against s3 RPC server.
To do so we need to enable epmd and lsasd daemons, as the testsuite
connects to the endpoint mapper and lsa endpoints using NCACN_IP_TCP
and NCACN_NP transports.

Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-03-20 15:36:31 +00:00
Noel Power
2321b11f1f s4/param: py_sid shouldn't be decref'ed after insertion into dict
This was causing samba.tests.net_join_no_spnego(ad_dc) to
core dumps sometimes on tumbleweed with python3.8

with...

===============================================================
INTERNAL ERROR: Signal 11 in pid 1781 (4.12.0)
If you are running a recent Samba version, and if you think this problem is not yet fixed in the latest versions, please consider reporting this bug, see https://wiki.samba.org/index.php/Bug_Reporting
===============================================================
smb_panic_default: PANIC (pid 1781): internal error
BACKTRACE: 64 stack frames:

7128  #0 bin/shared/libsamba-util.so.0(log_stack_trace+0x1f) [0x7fa541c5b220]
7129  #1 bin/shared/libsamba-util.so.0(+0x1efc8) [0x7fa541c5afc8]
7130  #2 bin/shared/libsamba-util.so.0(log_stack_trace+0) [0x7fa541c5b201]
7131  #3 bin/shared/libsamba-util.so.0(+0x1eed9) [0x7fa541c5aed9]
7132  #4 bin/shared/libsamba-util.so.0(+0x1eeee) [0x7fa541c5aeee]
7133  #5 /lib64/libc.so.6(+0x3bf20) [0x7fa542631f20]
7134  #6 /usr/lib64/libpython3.8.so.1.0(PyObject_GC_UnTrack+0xd) [0x7fa542386c1d]
7135  #7 /usr/lib64/libpython3.8.so.1.0(+0x12d599) [0x7fa542387599]
7136  #8 /usr/lib64/libpython3.8.so.1.0(_PyEval_EvalFrameDefault+0x4d6d) [0x7fa5424269ed]
7137  #9 /usr/lib64/libpython3.8.so.1.0(_PyEval_EvalCodeWithName+0x30c) [0x7fa5423eaf5c]
7138  #10 /usr/lib64/libpython3.8.so.1.0(_PyFunction_Vectorcall+0x18e) [0x7fa5423ebcbe]
7139  #11 /usr/lib64/libpython3.8.so.1.0(_PyEval_EvalFrameDefault+0x4a3a) [0x7fa5424266ba]
etc....

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Mar 19 22:23:52 UTC 2020 on sn-devel-184
2020-03-19 22:23:52 +00:00
Noel Power
9e84f1e576 s4/param: treat NULL value passed to dict_insert as error
insert_dict is used as a convenience to decrement the values to
prevent leaks with orpahaned PyObjects and avoid excessive creation of
temp variables.

        if (!dict_insert(parameters,
                         "rootdn",
                         PyUnicode_FromString(settings->root_dn_str))) {
                status = NT_STATUS_UNSUCCESSFUL;
                goto out;
        }

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-03-19 20:46:42 +00:00
Noel Power
32d56271eb s4/param: don't decref object we don't own
provision_fn is a borrowed reference we should not
call Py_CLEAR on it

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-03-19 20:46:42 +00:00
Andreas Schneider
ff70d7cc3a tests: Add test for weak crypto
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-03-19 20:46:42 +00:00
Ralph Boehme
60aecca9a7 torture/smb2: delayed timestamp updates test: more then one write
Verify a close updates the write-time for subsequent writes after an initial
write started the delayed update logic.

This covers a scenario that will become relevant with the two subsequent
commits. The next commit:

  smbd: let mark_file_modified() always call trigger_write_time_update()

ensures that trigger_write_time_update() is not only called for the first write
on a file. Without that preaparatory change, the second commit:

  smbd: let delayed update handler also update on-disk timestamps

alone would cause this test to fail.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14320

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-03-19 01:20:34 +00:00
Ralph Boehme
58fa7b4fd7 torture/smb2: delayed timestamp update test: single write
Verify close only updates write-time when a delayed update is actually pending.

This scenario is not covered by basic.delaywrite.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14320

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-03-19 01:20:34 +00:00
Ralph Boehme
6f7d1d8a37 torture/smb2: Windows 2019 15 ms timestamp resolution
This test demonstrates that Windows has a timestamp resolution of ~15ms.

When a smaller amount of time than that has passed between modifying operations
on a file, it's not necessarily detectable on a Windows 2019 server that
implements immediate timestamp updates (no delayed magic).

Note that this test relies on a low latency SMB connection. Even with a low
latency connection of eg 1m there's a chance of 1/15 that the first part of the
test expecting no timestamp change fails as the writetime is updated.

Due to this timing dependency this test is skipped in Samba CI, but it is
preserved here for future SMB2 timestamps behaviour archealogists.

See also: https://lists.samba.org/archive/cifs-protocol/2019-December/003358.html

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-03-19 01:20:34 +00:00
Ralph Boehme
4e3c2afbd6 torture/smb2: add a test verifying a setinfo(basicinfo) flushes a pending writetime update
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14150

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-03-19 01:20:34 +00:00
Ralph Boehme
c63d6c9e25 torture/smb2: add a test verifying a flush flushes a pending writetime update
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14150

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-03-19 01:20:34 +00:00
Ralph Boehme
47508c5ecf torture/smb2: mtime update logic with 2 handles: write io on handle 1, then set mtime on handle 2
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14150

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-03-19 01:20:34 +00:00
Ralph Boehme
73fedf014b s4/torture: fix a timestamps test to work on ext filesystem
ext filesystem has a time_t limit of 15032385535 (0x0x37fffffff). From
Documentation/filesystems/ext4/inodes.rst:

  If the inode structure size ``sb->s_inode_size`` is larger than 128 bytes and
  the ``i_inode_extra`` field is large enough to encompass the respective
  ``i_[cma]time_extra`` field, the ctime, atime, and mtime inode fields are
  widened to 64 bits. Within this “extra” 32-bit field, the lower two bits are
  used to extend the 32-bit seconds field to be 34 bit wide; the upper 30 bits
  are used to provide nanosecond timestamp accuracy. Therefore, timestamps
  should not overflow until May 2446. ...

Changing the test to use the value 0x37fffffff instead of 100000000000 allows
running the test locally on ext filesytems.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-03-19 01:20:34 +00:00
Volker Lendecke
9653a10738 libsmbclient: Put it back to a known, well-working state
For adapting unix extensions in our client libraries, we need a fresh start
with additional APIs. We can't change existing application behaviour.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-03-10 21:25:33 +00:00
Isaac Boukris
0982980dc6 mit-kdc: Explicitly reject S4U requests
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Isaac Boukris <iboukris@samba.org>
Autobuild-Date(master): Tue Mar 10 14:46:04 UTC 2020 on sn-devel-184
2020-03-10 14:46:04 +00:00
Isaac Boukris
3434758637 Sign and verify PAC with ticket principal instead of canon principal
With MIT library 1.18 the KDC no longer set
KRB5_KDB_FLAG_CANONICALIZE for enterprise principals which allows
us to not canonicalize them (like in Windows / Heimdal).

However, it now breaks the PAC signature verification as it was
wrongly done using canonical client rather than ticket client name.

Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2020-03-10 13:02:27 +00:00
Isaac Boukris
bebad45b29 Adapt sign_authdata in our KDB module for krb5 v1.18
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-03-10 13:02:27 +00:00
Günther Deschner
ebda529b59 librpc: fix IDL for svcctl_ChangeServiceConfigW
Found while trying to run winexe against Windows Server 2019.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14313

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-03-09 15:00:31 +00:00
Günther Deschner
c3fa0b2df9 s4-torture: add ndr svcctl testsuite
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14313

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-03-09 15:00:31 +00:00
Günther Deschner
0825324bc7 s4-torture: add rpc test for ChangeServiceConfigW
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14313

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-03-09 15:00:31 +00:00
Jonathon Reinhart
a4ed6ada50 Remove unnecessary/incorrect talloc_steal() calls
The talloc_steal() in dsdb_enum_group_mem() is unnecessary, because
members was already allocated from the same mem_ctx.

The talloc_steal() in pdb_samba_dsdb_enum_aliasmem() is also unnecessary
for the same reason, but also incorrect, because it should be
dereferencing pmembers:

    talloc_steal(mem_ctx, *pmembers);

Furthermore, we should only assign to *pnum_members on success; otherwise
num_members is used uninitialized.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14264

Signed-off-by: Jonathon Reinhart <Jonathon.Reinhart@gmail.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Mar  5 18:40:16 UTC 2020 on sn-devel-184
2020-03-05 18:40:16 +00:00
Swen Schillig
4d784590a9 [s4] possible memleak in torture vfs-fruit
The allocated memory for "full_name" must be free'd
before returning to caller.

Signed-off-by: Swen Schillig <swen@linux.ibm.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Mar  4 10:43:54 UTC 2020 on sn-devel-184
2020-03-04 10:43:54 +00:00
Volker Lendecke
c2387f13c6 selftest: Adapt libsmbclient.readdirplus2 to unix extensions
A few lines above the mode check we created a file with mode
0666. With unix exensions we expect this back 1:1, without them the
server changes them on the fly.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-03-03 17:48:38 +00:00
Volker Lendecke
a7bdb2936f selftest: Inform smbtorture about running with unix extensions
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-03-03 17:48:38 +00:00
Volker Lendecke
dfa01af749 selftest: run libsmbclient unix ext tests against "posix_share"
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-03-03 17:48:38 +00:00
Andrew Bartlett
84172ae7cb dsdb: Add debugging for a contrived situation where a non-schema attribute is on the record
I had to modify the backend DB to produce this error, but
I would like a clear error anyway.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Mar  2 04:14:22 UTC 2020 on sn-devel-184
2020-03-02 04:14:21 +00:00
Andrew Bartlett
1a0d43bbcc dsdb: Add very verbose debugging if a delete fails in repl_meta_data
The modification into a tombstone should be a pretty reliable operation
so if it fails print lots of info for debugging.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2020-03-02 02:47:30 +00:00
Andrew Bartlett
a3fc18f679 dsdb: Rewrite comment to remove refernece to LDAP backends
This is required despire the demise of the LDAP backend.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Feb 28 04:42:23 UTC 2020 on sn-devel-184
2020-02-28 04:42:23 +00:00
Andrew Bartlett
dc308d1c29 dsdb: Remove dead code in partition_prep_request()
The partition variable is never NULL.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2020-02-28 03:08:46 +00:00
Andrew Bartlett
01a3cf8e1e dsdb: Do not use ldb_save_controls() in partitions module for domain_scope
The LDAP backend is long-removed so we do not need this workaround
for a confused server any longer.

This avoids references to old (but valid) memory after a new ldb_control array is
allocated in ldb_save_controls() and keeps the controls pointer as
constant as possible given the multiple ldb_request structures it
will appear in.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2020-02-28 03:08:46 +00:00
Andrew Bartlett
47b6c4b8f5 dsdb: Improve clarity by adding a comment in replmd_delete_internals()
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2020-02-28 03:08:46 +00:00
Andrew Bartlett
7ad56d4174 dsdb: Simplifiy VANISH_LINKS handling: The variable "parent" is always non-NULL
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2020-02-28 03:08:46 +00:00
Swen Schillig
3b95125187 prevent NULL reference from being used as '%s' argument.
The two string arguments to torture_comment() can be NULL
as the succeeding checks suggest. This is not wanted because a compile
with --enable-developer throws an error of [-Werror=format-overflow=]
in those situations.

Signed-off-by: Swen Schillig <swen@linux.ibm.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-02-28 03:08:46 +00:00
Volker Lendecke
cb37caaa56 selftest: Run libsmbclient with and without unix extensions
The libsmbclient readdir tests are broken just for the unix extension
case. For example they assume our "map archive" behaviour. This will
have to be parameterized once unix extensions become better
implemented in libsmbclient

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Feb 27 19:34:36 UTC 2020 on sn-devel-184
2020-02-27 19:34:36 +00:00
Volker Lendecke
bb5cf67476 selftest: Introduce planlibsmbclienttest()
Small refactoring

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-02-27 18:07:29 +00:00
Andrew Bartlett
3136d2fd95 s4-smbd: Make use of prctl_set_comment()
This makes it possible to tell different child tasks apart on linux systems
that have not compiled against libsetproctitle or libbsd-setproctitle.

Use "ps -ef -o pid,comm" to see the tree with these titles.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14287

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2020-02-27 03:42:35 +00:00
Gary Lockyer
ba518a1deb librpc ndr: add recursion check macros
Add macros to check the recursion depth.

Credit to OSS-Fuzz

REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19280
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14254

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-02-27 01:02:32 +00:00
Gary Lockyer
23d285d349 librpc ndr: Stack-overflow in ndr_pull_drsuapi_DsaAddressListItem_V1
Reproducer for oss-fuzz Issue 19280

Project: samba
Fuzzing Engine: libFuzzer
Fuzz Target: fuzz_ndr_drsuapi_TYPE_OUT
Job Type: libfuzzer_asan_samba
Platform Id: linux

Crash Type: Stack-overflow
Crash Address: 0x7ffcb4cc2ff8
Crash State:
  ndr_pull_drsuapi_DsaAddressListItem_V1

Sanitizer: address (ASAN)

Credit to OSS-Fuzz

REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19280
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14254

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-02-27 01:02:32 +00:00