sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-10-24 15:33:20 +03:00
Code Activity
139,524 Commits 64 Branches 1,177 Tags
34be8ef596291686e35e90e00c4da99de6cd55f3
Commit Graph

5245 Commits

Author SHA1 Message Date
Douglas Bagnall
367e58c321 s3:printing and spoolss: s/the the\b/the/ in comments 
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Volker Lendecke <vl@samba.org>
 2024-11-06 10:57:35 +00:00
Ralph Boehme
79d7d26fd1 s3/locking: add share_entry_forall_read() and share_entry_forall() varients 
All existing callers use share_entry_forall_read, so no change in behaviour.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15608

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
 2024-11-05 14:39:30 +00:00
Stefan Metzmacher
a359b4139c s3:rpc_server/netlogon: make use of netlogon_creds_decrypt_samr_CryptPassword() 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
 2024-10-30 23:08:36 +00:00
Stefan Metzmacher
550d20fd3d s3:rpc_server/netlogon: make use of netlogon_creds_{de,en}crypt_samr_Password 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
 2024-10-30 23:08:36 +00:00
Stefan Metzmacher
3d4ea276bd libcli/auth: pass auth_{type,level} to netlogon_creds_{de,en}crypt_samlogon_logon() 
This will be needed when we implement netr_ServerAuthenticateKerberos...

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
 2024-10-30 23:08:36 +00:00
Stefan Metzmacher
a56356e399 libcli/auth: pass auth_{type,level} to netlogon_creds_{de,en}crypt_samlogon_validation() 
This will be needed when we implement netr_ServerAuthenticateKerberos...

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
 2024-10-30 23:08:36 +00:00
Stefan Metzmacher
de8de55a5f netlogon.idl: add netr_ServerAuthenticateKerberos() and related stuff 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
 2024-10-30 23:08:36 +00:00
Stefan Metzmacher
62afadb3eb s3:rpc_server: add DCESRV_COMPAT_NOT_USED_ON_WIRE() helper macro 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
 2024-10-30 23:08:36 +00:00
Stefan Metzmacher
484a046d8e s3:rpc_server/netlogon: implement netr_LogonGetCapabilities query_level=2 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
 2024-10-30 23:08:36 +00:00
Stefan Metzmacher
dfbc5e5a19 libcli/auth: remember client_requested_flags and auth_time in netlogon_creds_server_init() 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
 2024-10-30 23:08:36 +00:00
Stefan Metzmacher
88a84d9330 s3:rpc_server/netlogon: make use of creds->ex->client_sid 
creds->sid will be removed soon...

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
 2024-10-30 23:08:36 +00:00
Stefan Metzmacher
c2ef866fca libcli/auth: pass client_sid to netlogon_creds_server_init() 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
 2024-10-30 23:08:36 +00:00
Stefan Metzmacher
eda3728a40 s3:rpc_server/netlogon: add client_sid helper variables 
This will make the following changes simpler...

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
 2024-10-30 23:08:36 +00:00
Stefan Metzmacher
e5bc5ee3e0 s3:rpc_server/netlogon: if we require AES there's no need to remove the ARCFOUR flag 
With SAMBA_WEAK_CRYPTO_DISALLOWED we will return DOWNGRADE_DETECTED with negotiate_flags = 0,
if AES was not negotiated...

And if AES was negotiated there's no harm in returning the ARCFOUR
flag...

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
 2024-10-30 23:08:35 +00:00
Stefan Metzmacher
b27661f832 s3:rpc_server/netlogon: correctly negotiate flags in ServerAuthenticate2/3 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
 2024-10-30 23:08:35 +00:00
Volker Lendecke
e9538317d8 rpc_host: Fix max_workers calculation 
To limit max_workers into 16 bits, cap it at UINT16_MAX (65535, not 65536)

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Noel Power <noel.power@suse.com>
 2024-09-20 17:13:37 +00:00
Volker Lendecke
658b78a048 rpc_server: Fix a comment 
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Noel Power <noel.power@suse.com>
 2024-09-20 17:13:37 +00:00
Volker Lendecke
4f3a6dc8b0 samr: Avoid a "ret == false" for a bool 
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2024-08-20 09:34:39 +00:00
Andreas Schneider
26c56ae51e s3:rpc_server: Initialize array 
"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source3/rpc_server/svcctl/srv_svcctl_nt.c:163: var_decl: Declaring variable ""ace"" without initializer.
samba-4.20.0rc2/source3/rpc_server/svcctl/srv_svcctl_nt.c:182: uninit_use_in_call: Using uninitialized value ""*ace"". Field ""ace->object"" is uninitialized when calling ""make_sec_acl"".
  180|   	/* create the security descriptor */
  181|
  182|-> 	if ( !(theacl = make_sec_acl(ctx, NT4_ACL_REVISION, i, ace)) )
  183|   		return NULL;
  184|"

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Jul  8 08:37:46 UTC 2024 on atb-devel-224
 2024-07-08 08:37:46 +00:00
Pavel Filipenský
c9c74d819a s3:rpc_server: Initialize array struct security_ace ace[] 
Error: UNINIT (CWE-457):
samba-4.20.0rc2/source4/torture/smb2/lease.c:567: var_decl: Declaring variable "h" without initializer.
samba-4.20.0rc2/source4/torture/smb2/lease.c:642: uninit_use_in_call: Using uninitialized value "h" when calling "smb2_util_close".
  640|
  641|    done:
  642|->         smb2_util_close(tree, h);
  643|           smb2_util_close(tree, h2);
  644|

Signed-off-by: Pavel Filipenský <pfilipensky@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Jul  5 08:53:08 UTC 2024 on atb-devel-224
 2024-07-05 08:53:07 +00:00
Jo Sutton
ec73e99792 s3:rpc_server: Fix code spelling 
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Martin Schwenke <martin@meltin.net>
 2024-07-02 03:39:35 +00:00
Jo Sutton
32cd94b1e4 s3:rpc_server: Update deprecated directives 
‘api.prefix’ and ‘parse.error’ have both been supported since Bison 3.0.

/data/samba/source3/rpc_server/mdssvc/es_parser.y:98.1-21: warning: deprecated directive: ‘%name-prefix "mdsyyl"’, use ‘%define api.prefix {mdsyyl}’ [-Wdeprecated]
   98 | %name-prefix "mdsyyl"
      | ^~~~~~~~~~~~~~~~~~~~~
      | %define api.prefix {mdsyyl}
/data/samba/source3/rpc_server/mdssvc/es_parser.y:100.1-14: warning: deprecated directive: ‘%error-verbose’, use ‘%define parse.error verbose’ [-Wdeprecated]
  100 | %error-verbose
      | ^~~~~~~~~~~~~~
      | %define parse.error verbose
/data/samba/source3/rpc_server/mdssvc/es_parser.y: warning: fix-its can be applied.  Rerun with option '--update'. [-Wother]

Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Martin Schwenke <martin@meltin.net>
 2024-07-02 03:39:35 +00:00
Andreas Schneider
a0b6d18a25 s3:rpc_server: Make sure struct security_ace is initialized 
Found by Covscan.

"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source3/rpc_server/samr/srv_samr_nt.c:235: var_decl: Declaring variable ""ace"" without initializer.
samba-4.20.0rc2/source3/rpc_server/samr/srv_samr_nt.c:269: uninit_use_in_call: Using uninitialized value ""*ace"". Field ""ace->object"" is uninitialized when calling ""make_sec_acl"".
  267|   	/* create the security descriptor */
  268|
  269|-> 	if ((psa = make_sec_acl(ctx, NT4_ACL_REVISION, i, ace)) == NULL)
  270|   		return NT_STATUS_NO_MEMORY;
  271|"

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
 2024-06-24 06:14:35 +00:00
Jo Sutton
747a7fec01 s3:rpc_server: Check query level according to MS-NRPC 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15465
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Noel Power <noel.power@suse.com>

Autobuild-User(master): Noel Power <npower@samba.org>
Autobuild-Date(master): Tue Jun  4 09:39:42 UTC 2024 on atb-devel-224
 2024-06-04 09:39:42 +00:00
Jo Sutton
8adbdbe50f s3:rpc_server: Check function code according to MS-NRPC 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15465
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Noel Power <noel.power@suse.com>
 2024-06-04 08:33:32 +00:00
Noel Power
0418b9fa92 s3/rpc_server: Fix dereference of client pointer 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15465
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
 2024-06-04 08:33:32 +00:00
Andreas Schneider
f3f8aa4964 s3:rpc_server: Use lpcfg_dns_hostname() in srv_witness_nt.c 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-05-22 20:33:36 +00:00
Stefan Metzmacher
2de585a978 s3:include: remove unused krb5_env.h 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2024-05-14 10:18:31 +00:00
Stefan Metzmacher
f4f31236c4 s3:libnet_join: pass down cli_credentials *admin_credentials to libnet_{Join,Unjoin}Ctx() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2024-05-14 10:18:31 +00:00
Volker Lendecke
037b9dac21 smbd: Use struct oplock_break_message for MSG_CLOSE_FILE 
We only need to transmit the file_id and share_file_id. Next patch
will show why :-)

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2024-04-30 22:44:32 +00:00
Andreas Schneider
d2297b41a2 s3:libsmb: Pass memory context to cli_full_connection_creds() 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
 2024-04-29 08:43:32 +00:00
Stefan Metzmacher
b8b874ef5e s3:rpc_server/mdssvc: make use of tstream_tls_params_client_lpcfg() 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15621

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-23 23:50:33 +00:00
Douglas Bagnall
75682e397b s3:rpc:wkssvc_nt: dom_user_cmp uses NUMERIC_CMP 
usr->login_time is time_t, which is often bigger than int.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-23 01:33:29 +00:00
Volker Lendecke
b6f4acb9b4 rpc_server3: Use fdopen_keepfd() 
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <mschwenke@ddn.com>
 2024-04-16 23:51:45 +00:00
Volker Lendecke
0baae61e42 lib: Give lib/util/util_file.c its own header file 
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <mschwenke@ddn.com>
 2024-04-16 23:51:45 +00:00
Andreas Schneider
50f424e8d3 s3:rpc_server: Implement _lsa_CreateTrustedDomainEx3() 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-09 22:52:38 +00:00
Andreas Schneider
8df1728e12 s3:rpc_server: Implement lsa_CreateTrustedDomain_common() 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-09 22:52:38 +00:00
Andreas Schneider
3385c2fe44 s3:rpc_server: Implement and use lsa_CreateTrustedDomain_precheck() 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-09 22:52:38 +00:00
Andreas Schneider
8f52b64979 s3:rpc_server: Log error in _lsa_CreateTrustedDomainEx2() 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-09 22:52:38 +00:00
Stefan Metzmacher
4fba5bcaad s3:rpc_server/witness: add handling of MSG_RPCD_WITNESS_REGISTRATION_UPDATE messages 
This implements the server side features for the
'net witness [client-move,...]' commands in the end.

These are administrator driven notifications for the witness client.

RPCD_WITNESS_REGISTRATION_UPDATE_FORCE_RESPONSE and
RPCD_WITNESS_REGISTRATION_UPDATE_FORCE_UNREGISTER will be very useful
for later automated testing.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
 2024-01-26 17:00:33 +00:00
Stefan Metzmacher
fcc8e0978b s3:rpc_server/witness: let Register[Ex] store rpcd_witness_registration.tdb records 
This will allow 'net witness list' to be implemented in the end.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
 2024-01-26 17:00:33 +00:00
Stefan Metzmacher
cb1d711e25 s3:rpc_server/witness: add implementation based on CTDB_SRVID_IPREALLOCATED and ctdbd_all_ip_foreach() 
The design is relatively simple in the end:

- We use ctdbd_all_ip_foreach() in order to build an
  in memory list of interfaces(ip addresses) and
  record if:
  - they are currently available or not
  - if they node local or not

- The current list is would we use for the
  GetInterfaceList() call.

- Register[Ex] will create an in memory structure
  holding a queue for pending AsyncNotify requests.

- Unregister() will cancel pending AsyncNotify requests and
  let them return NOT_FOUND.

- CTDB_SRVID_IPREALLOCATED messages will cause we refresh
  with ctdbd_all_ip_foreach():
  - this will detect changes in the interface state
    and remove stale interfaces.
  - for each change the list of registrations is checked
    for a matching ip address and a RESOURCE_CHANGE
    will be scheduled in the queue of the registration,
    the started queue will trigger AsyncNotify responses

- We also register the connections with ctdb in order
  to give other nodes a chance to generate tickle-acks
  for the witness tcp connections.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
 2024-01-26 17:00:33 +00:00
Stefan Metzmacher
85f30bcf0b s3:rpc_server: add basic rpcd_witness template 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
 2024-01-26 17:00:32 +00:00
Volker Lendecke
ebb8084c67 samr_server: Modernize a DBG statement 
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2024-01-23 23:28:31 +00:00
Volker Lendecke
73a2793967 samr_server: Avoid a DEBUGADD() 
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2024-01-23 23:28:31 +00:00
Andreas Schneider
e9c9615a2f s3:rpc_server: Mark _lsa_CreateTrustedDomainEx as NOT_IMPLMENTED 
There is no PDB backend supporting this.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Jan  9 14:17:40 UTC 2024 on atb-devel-224
 2024-01-09 14:17:40 +00:00
Andreas Schneider
179641bfbe s3:rpc_server: Mark _lsa_CreateTrustedDomain as NOT_IMPLMENTED 
There is no PDB backend which is supporting this.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
 2024-01-09 13:17:34 +00:00
Volker Lendecke
8cfc6ea923 Revert "rpc_server:srvsvc - retrieve share ACL via root context" 
This reverts commit 80c0b41689.

With the previous patch it is no longer required. We open
share_info.tdb as root when starting up rpcd_classic and keep it open.

Commit 80c0b41689 only fixed the
problem in one place, but we had it in a lot more places...

Bug: https://bugzilla.samba.org/show_bug.cgi?id=15265
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Dec 20 11:20:51 UTC 2023 on atb-devel-224
 2023-12-20 11:20:51 +00:00
Volker Lendecke
ff3b50034e rpcd_classic: Open share_info.tdb as root 
srvsvc needs it, but for example NetShareGetInfo() runs as a
user. Opening share_info.tdb at that point is too late.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=15265
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
 2023-12-20 10:15:29 +00:00
Stefan Metzmacher
d23d6145bf VERSION: move COPYRIGHT_STARTUP_MESSAGE as SAMBA_COPYRIGHT_STRING into version.h 
We also prodive a samba_copyright_string() helper similar to
samba_version_string().

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15377

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Björn Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Dec 15 10:44:42 UTC 2023 on atb-devel-224
 2023-12-15 10:44:42 +00:00