samba-mirror

mirror of https://github.com/samba-team/samba.git synced 2024-12-27 03:21:53 +03:00

Author	SHA1	Message	Date
Jeremy Allison	7e435d3cce	nsswitch: linux: Remove use of strcpy(). The previous use was safe, but having any use of strcpy inside our code sets off security flags. Replace with an explicit length calculation and memcpy. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Martin Schwenke <martin@meltin.net>	2016-03-22 04:38:24 +01:00
Michael Adam	e9586a653c	torture:smb2: add durable-v2-open.reopen1a-lease Lease variant of the reopen1a test which tests the relevance of the client guid. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Mar 22 03:47:02 CET 2016 on sn-devel-144	2016-03-22 03:47:02 +01:00
Michael Adam	b853040d5f	torture:smb2: for oplocks, durable reconnect works with different client-guid for durable-v2-open.reopen1a Try both different and original client guid. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-03-22 00:23:22 +01:00
Michael Adam	cd22980875	torture:smb2: get rid of supefluous io2 var in durable-v2-open.reopen1a Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-03-22 00:23:22 +01:00
Michael Adam	b0f592d05f	torture:smb2: fix crashes in smb2.durable-v2-open.reopen1a test If the test failed too early, we dereferenced tree2 which was still NULL. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-03-22 00:23:22 +01:00
Michael Adam	186cd70829	torture:smb2: use assert, not warning in error case in durable-v2-open.reopen1a Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-03-22 00:23:22 +01:00
Michael Adam	3e90abe670	torture:smb2: add durable-open.reopen1a-lease Lease variant of the reopen1a test which tests the relevance of the client guid. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-03-22 00:23:22 +01:00
Michael Adam	7b557617e4	torture:smb2: for oplocks, durable reconnect works with different client guid in durabble-open.reopen1a test Try both original and a different client guid. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-03-22 00:23:22 +01:00
Michael Adam	505546be57	torture:smb2: durable-open.reopen1a only needs one io struct Using two is confusing. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-03-22 00:23:21 +01:00
Michael Adam	37c05f4ade	torture:smb2: fix crashes in smb2.durable-open.reopen1a test If the test failed too early, we dereferenced tree2 which was still NULL. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-03-22 00:23:21 +01:00
Michael Adam	b7186a00bb	torture:smb2: use assert, not warning in error case in durable-open.reopen1a Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-03-22 00:23:21 +01:00
Anubhav Rakshit	e095a61c4b	torture:smb2: Add test replay6 to verify Error Codes for DurableHandleReqV2 replay Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Pair-Programmed-With: Guenther Deschner <gd@samba.org> Pair-Programmed-With: Michael Adam <obnox@samba.org> Signed-off-by: Anubhav Rakshit <anubhav.rakshit@gmail.com> Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Guenther Deschner <gd@samba.org> Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-03-22 00:23:21 +01:00
Günther Deschner	c5c3f91c6f	lib/torture: add torture_assert_u64_not_equal_goto macro Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-03-22 00:23:21 +01:00
Günther Deschner	2b799880b9	torture:smb2: add test for checking sequence number wrap around. Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-03-22 00:23:21 +01:00
Günther Deschner	ccda60ed9b	libcli:smb:smbXcli_base: add smb2cli_session_current_channel_sequence() call. Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-03-22 00:23:21 +01:00
Michael Adam	f81f3a2d78	smbd:smb2: add some asserts before decrementing the counters Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-03-22 00:23:21 +01:00
Michael Adam	7dbb1707d9	smbd:smb2: update outstanding request counters before sending a reply This is part of the channel sequence number treatment of multi-channel. Pair-Programmed-With: Guenther Deschner <gd@samba.org> Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-03-22 00:23:21 +01:00
Michael Adam	71d2b19064	smbd:smb2: implement channel sequence checks and request counters in dispatch Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Pair-Programmed-With: Guenther Deschner <gd@samba.org> Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-03-22 00:23:21 +01:00
Michael Adam	ae6967ea3e	smbd:smb2: add request_counters_updated to the smbd_smb2_request struct This will be used to keep track of whether the outstanding request counters have been updated in the dispatch, so that the reply code can act accordingly. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-03-22 00:23:21 +01:00
Michael Adam	088468195b	smbd:smb2: add a modify flag to dispatch table This indicates that an operation is a modifying operation. Some parts of the upcoming channel sequence number logic only applies to modify operations. Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-03-22 00:23:21 +01:00
Günther Deschner	31f33a3f39	s3:smbXsrv.idl: add 8 byte channel_sequence number and request counters to IDL. Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-03-22 00:23:21 +01:00
Andreas Schneider	b9d93e7187	lib: Update nss_wrapper to version 1.1.3 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-03-22 00:23:20 +01:00
Andreas Schneider	9e8876a9d7	lib: Update uid_wrapper to version 1.2.1 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-03-22 00:23:20 +01:00
Andreas Schneider	092d6f9ec1	lib: Update socket_wrapper to version 1.1.6 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-03-22 00:23:20 +01:00
Martin Schwenke	e4f592539d	ctdb-daemon: Replace an unsafe strcpy(3) call Tweak another strncpy(3) call. Signed-off-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-03-22 00:23:20 +01:00
Martin Schwenke	0ffa5d8d9e	ctdb-daemon: Validate length of new interface names Interface names that are too long will be truncated by strncpy(3) later on. It is better to validate the length of each new interface name to ensure it will be usable. Signed-off-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-03-22 00:23:20 +01:00
Douglas Bagnall	e806824fc8	ldb client controls: avoid talloc_memdup(x, y, (size_t)-1); ldb_base64_decode() returns -1 if a string can't be parsed as base64, and this is not the kind of value you want to use in talloc_memdup(). In these cases it can happen innocently if the strings are truncated to fit in their buffers. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat Mar 19 00:56:42 CET 2016 on sn-devel-144	2016-03-19 00:56:42 +01:00
Shyamsunder Rathi	ac4dc0c678	s3/vfs:stream_depots: Parse substitutions in streams-depot-directory path At present, substitutions in the streams directory path are ignored. Fix it by modifying 'stream_dir' function to call 'lp_parm_talloc_string' which internally calls 'lp_string' on the path. Signed-off-by: Shyamsunder Rathi <shyam.rathi@nutanix.com> Reviewed-by: Uri Simchoni <uri@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-03-18 21:34:30 +01:00
Stefan Metzmacher	e8e2386bf6	s4:selftest: run rpc.netlogon.admin also over ncalrpc and ncacn_ip_tcp Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri Mar 18 12:39:51 CET 2016 on sn-devel-144	2016-03-18 12:39:51 +01:00
Ralph Boehme	3563d79a8c	s3:mdssvc: older glib2 versions require g_type_init() Older glib2 versions will crash if g_type_init is not called: (process:6712): GLib-GObject-CRITICAL **: ... ./gobject/gtype.c:2722: You forgot to call g_type_init() Bug: https://bugzilla.samba.org/show_bug.cgi?id=11801 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Mar 18 03:52:55 CET 2016 on sn-devel-144	2016-03-18 03:52:55 +01:00
Volker Lendecke	f50c3fb1c5	libsmb: Fix CID 1356312 Explicit null dereferenced Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-03-18 00:29:14 +01:00
Volker Lendecke	deaab95b8d	ctdb: Fix CID 1356313 Explicit null dereferenced Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-03-18 00:29:14 +01:00
Volker Lendecke	a243a9012f	lib: Fix CID 1356315 Dereference before null check Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-03-18 00:29:14 +01:00
Volker Lendecke	3940d4e386	crypto: Fix CID 1356314 Resource leak Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-03-18 00:29:13 +01:00
Volker Lendecke	dcaa88158e	libads: Fix CID 1356316 Uninitialized pointer read Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2016-03-18 00:29:13 +01:00
Günther Deschner	c06058a99b	s3-auth: check for return code of cli_credentials_set_machine_account(). Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Thu Mar 17 20:43:19 CET 2016 on sn-devel-144	2016-03-17 20:43:17 +01:00
Günther Deschner	fe93a09889	s4-smb_server: check for return code of cli_credentials_set_machine_account(). We keep anonymous server_credentials structure in order to let the rpc.spoolss.notify start it's test server. Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>	2016-03-17 17:17:16 +01:00
Stefan Metzmacher	31f07d0562	s4:rpc_server: require access to the machine account credentials Even a standalone server should be selfjoined. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>	2016-03-17 17:17:16 +01:00
Stefan Metzmacher	57946ac7c1	auth/gensec: split out a gensec_verify_dcerpc_auth_level() function We only need this logic once. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>	2016-03-17 17:17:16 +01:00
Stefan Metzmacher	cc3dea5a81	auth/gensec: make sure gensec_security_by_auth_type() returns NULL for AUTH_TYPE_NONE ops->auth_type == 0, means the backend doesn't support DCERPC. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>	2016-03-17 17:17:16 +01:00
Stefan Metzmacher	733ccd1320	s4:torture/rpc/schannel: don't use validation level 6 without privacy Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>	2016-03-17 17:17:16 +01:00
Stefan Metzmacher	50581689d9	s4:torture/rpc: correctly use torture_skip() for test_ManyGetDCName() without NCACN_NP Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>	2016-03-17 17:17:16 +01:00
Stefan Metzmacher	050a1d0653	s4:torture/rpc/samlogon: use DCERPC_SEAL for netr_LogonSamLogonEx and validation level 6 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>	2016-03-17 17:17:16 +01:00
Stefan Metzmacher	26e5ef6818	s4:torture/rpc/samr: use DCERPC_SEAL in setup_schannel_netlogon_pipe() Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>	2016-03-17 17:17:16 +01:00
Stefan Metzmacher	1a7d8b8602	s4:torture/netlogon: add/use test_SetupCredentialsPipe() helper function This create a schannel connection to netlogon, this makes the tests more realistic. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>	2016-03-17 17:17:16 +01:00
Stefan Metzmacher	f9a1915238	s3:test_rpcclient_samlogon.sh: test samlogon with schannel Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>	2016-03-17 17:17:16 +01:00
Stefan Metzmacher	2c36501640	s3:selftest: rpc.samr.passwords.validate should run with [seal] in order to be realistic Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>	2016-03-17 17:17:16 +01:00
Stefan Metzmacher	b00c38afc6	selftest: setup information of new samba.example.com CA in the client environment Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>	2016-03-17 17:17:16 +01:00
Stefan Metzmacher	b2c0f71db0	selftest: set tls crlfile if it exist Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>	2016-03-17 17:17:16 +01:00
Stefan Metzmacher	c321a59f26	selftest: use Samba::prepare_keyblobs() and use the certs from the new CA Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>	2016-03-17 17:17:15 +01:00

1 2 3 4 5 ...

102414 Commits