1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
Commit Graph

628 Commits

Author SHA1 Message Date
Stefan Metzmacher
4baa7cc8e4 kdc:db-glue: ignore KRB5_PROG_ETYPE_NOSUPP also for Primary:Kerberos
Currently we only ignore KRB5_PROG_ETYPE_NOSUPP for
Primary:Kerberos-Newer-Keys, but not for Primary:Kerberos.

If a service account has msDS-SupportedEncryptionTypes: 31
and DES keys stored in Primary:Kerberos, we'll pass the
DES key to smb_krb5_keyblock_init_contents(), but may get
KRB5_PROG_ETYPE_NOSUPP.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14354

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Jul 28 14:04:26 UTC 2020 on sn-devel-184
2020-07-28 14:04:26 +00:00
Isaac Boukris
0739983179 Add a test with old msDS-SupportedEncryptionTypes
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14354

Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2020-07-28 12:40:26 +00:00
Isaac Boukris
39b293c2d0 ads: set sasl-wrapping to plain when over TLS
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14439

Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-07-13 10:41:38 +00:00
Isaac Boukris
10f61cd39b selftest: add tests for net-ads over TLS
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14439

Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-07-13 10:41:37 +00:00
Volker Lendecke
cd4122d91e winbind: Fix lookuprids cache problem
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14435
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Jul  9 21:40:52 UTC 2020 on sn-devel-184
2020-07-09 21:40:52 +00:00
Volker Lendecke
04eafce653 winbind: Add test for lookuprids cache problem
When reading entries from gencache, wb_cache_rids_to_names() can
return STATUS_SOME_UNMAPPED, which _wbint_LookupRids() does not handle
correctly.

This test enforces this situation by filling gencache with one wbinfo
-R and then erasing the winbindd_cache.tdb. This forces winbind to
enter the domain helper process, which will then read from gencache
filled with the previous wbinfo -R.

Without having the entries cached this does not happen because
wb_cache_rids_to_names() via the do_query: path calls deep inside
calls dcerpc_lsa_lookup_sids_noalloc(), which hides the
STATUS_SOME_UNMAPPED that came in as lsa_LookupSids result value.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14435
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-07-09 20:16:40 +00:00
Volker Lendecke
0bb1488d31 libcli/ldap: Fix decoding struct ldap_ExtendedResponse
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2020-07-09 20:16:40 +00:00
Volker Lendecke
60b0928945 libcli/ldap: Test decoding an exop response
ldap-starttls-response.dat is a reply to a starttls extended
operation. Right now ldap_decode() does not handle this correctly.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2020-07-09 20:16:40 +00:00
Stefan Metzmacher
883657a7cf selftest/Samba3: make use of 'smbd:FSCTL_SMBTORTURE = yes'
This makes sure the lease/oplock break retry logic based on
missing TCP acks is tested.

We're still not able to run multichannel tests automatically,
as socket wrapper doesn't support fd-passing yet.

But this testing this with single channels is a good start.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2020-07-08 15:54:40 +00:00
Stefan Metzmacher
31e2b7f04b s4:torture/smb2: split smb2.oplock.batch22 into a and b
batch22a tests the timeout on a valid connection
and batch22b tests the timeout on a broken/blocked connection.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2020-07-08 15:54:39 +00:00
Anubhav Rakshit
cd5a2d015b s3:smbcacls: Add support for DFS path
smbcacls does not handle DFS paths correctly. This is beacuse once the
command encounters a path which returns STATUS_PATH_NOT_COVERED, it does
not attempt a GET REFERRAL.

We use cli_resolve_path API to perform a DFS path resolution to solve
the above problem.

Additionally this removes the known fail against smbcacls tests
Signed-off-by: Anubhav Rakshit <anubhav.rakshit@gmail.com>
Reviewed-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jul  7 23:03:00 UTC 2020 on sn-devel-184
2020-07-07 23:03:00 +00:00
Noel Power
449259f6e1 selftest: run smbcacls test against a share with a DFS link
The commit creates a dfs link in existing 'fileserver' env
share msdfs_share. Additionally we create a new dfs target in
a new share (with associated directory)

Additionally add a known fail as smbcacls doesn't not yet navigate DFS links.
A subsequent commit will fix smcacls to handle DFS (and remove the
knownfail)

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-07-07 21:40:33 +00:00
Stefan Metzmacher
f3f330f61d s3:smbd: make sure vfs_ChDir() always sets conn->cwd_fsp->fh->fd = AT_FDCWD
This is what all consumers of conn->cwd_fsp->fh->fd expect!

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14427

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-07-02 15:25:31 +00:00
Stefan Metzmacher
bcba4bb210 s4:torture/smb2: add smb2.delete-on-close-perms.BUG14427
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14427

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-07-02 15:25:31 +00:00
Gary Lockyer
3cc0f1eeda CVE-2020-14303: s4 nbt: fix busy loop on empty UDP packet
An empty UDP packet put the nbt server into a busy loop that consumes
100% of a cpu.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14417

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>

Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Thu Jul  2 10:26:24 UTC 2020 on sn-devel-184
2020-07-02 10:26:24 +00:00
Andrew Bartlett
b232a7bc54 CVE-2020-14303 Ensure an empty packet will not DoS the NBT server
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2020-07-02 09:01:41 +00:00
Andrew Bartlett
17fc8d2bfb CVE-2020-10760 dsdb: Add tests for paged_results and VLV over the Global Catalog port
This should avoid a regression.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2020-07-02 09:01:41 +00:00
Douglas Bagnall
cc3a67760c CVE-2020-10745: ndr/dns-utils: prepare for NBT compatibility
NBT has a funny thing where it sometimes needs to send a trailing dot as
part of the last component, because the string representation is a user
name. In DNS, "example.com", and "example.com." are the same, both
having three components ("example", "com", ""); in NBT, we want to treat
them differently, with the second form having the three components
("example", "com.", "").

This retains the logic of e6e2ec0001.

Also DNS compression cannot be turned off for NBT.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14378

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2020-07-02 09:01:41 +00:00
Douglas Bagnall
c3fa8ada43 CVE-2020-10745: dns_util/push: forbid names longer than 255 bytes
As per RFC 1035.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14378

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2020-07-02 09:01:41 +00:00
Douglas Bagnall
51a4571849 CVE-2020-10745: ndr_dns: do not allow consecutive dots
The empty subdomain component is reserved for the root domain, which we
should only (and always) see at the end of the list. That is, we expect
"example.com.", but never "example..com".

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14378

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2020-07-02 09:01:41 +00:00
Douglas Bagnall
bc896d7529 CVE-2020-10745: librpc/tests: cmocka tests of dns and ndr strings
These time the push and pull function in isolation.

Timing should be under 0.0001 seconds on even quite old hardware; we
assert it must be under 0.2 seconds.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14378

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2020-07-02 09:01:41 +00:00
Douglas Bagnall
f4b2fd00fe CVE-2020-10745: pytests: hand-rolled invalid dns/nbt packet tests
The client libraries don't allow us to make packets that are broken in
certain ways, so we need to construct them as byte strings.

These tests all fail at present, proving the server is rendered
unresponsive, which is the crux of CVE-2020-10745.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14378

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2020-07-02 09:01:41 +00:00
Stefan Metzmacher
db10b14c1b s3:smbd: fix the handling of the durable_v2_timeout
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Jun 27 05:42:05 UTC 2020 on sn-devel-184
2020-06-27 05:42:05 +00:00
Stefan Metzmacher
4ef206b02d s4:torture/smb2: adjust durable v2 tests to pass against Windows Server 2019
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-06-27 04:20:39 +00:00
Jeremy Allison
2056537320 s3: smbd: Allow a SHUTDOWN_CLOSE on a file with outstanding aio if there are no client connections alive.
The process is exiting now so pthreads will never complete to cause
problems.

Remove the knownfail.d/aio_outstanding entry.

Followup-bugfix for:

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jun 24 20:14:15 UTC 2020 on sn-devel-184
2020-06-24 20:14:15 +00:00
Jeremy Allison
f206d37f6e s3: selftest: Add samba3.blackbox.aio-outstanding test.
Shows smbd panics if connection is terminated (torn down)
by killing the client with outstanding aio requests in the
queue. As we're closing smbd we should cope with this.

Followup-bugfix for:

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2020-06-24 18:53:32 +00:00
Isaac Boukris
9a447fb7e0 Properly handle msDS-AdditionalDnsHostName returned from Windows DC
Windows DC adds short names for each specified msDS-AdditionalDnsHostName
attribute, but these have a suffix of "\0$" and thus fail with
ldap_get_values(), use ldap_get_values_len() instead.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14406

Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Isaac Boukris <iboukris@samba.org>
Autobuild-Date(master): Thu Jun 18 16:43:47 UTC 2020 on sn-devel-184
2020-06-18 16:43:47 +00:00
Isaac Boukris
4605d7aec5 selftest: add tests for binary msDS-AdditionalDnsHostName
Like the short names added implicitly by Windows DC.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14406

Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-06-18 15:20:40 +00:00
Isaac Boukris
7655a0298e db-glue.c: set forwardable flag on cross-realm tgt tickets
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14233

Match Windows behavior and allow the forwardable flag to be
set in cross-realm tickets. We used to allow forwardable to
any server, but now that we apply disallow-forwardable policy
in heimdal we need to explicitly allow in the corss-realm case
(and remove the workaround we have for it the MIT plugin).

Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jun 12 22:10:34 UTC 2020 on sn-devel-184
2020-06-12 22:10:34 +00:00
Isaac Boukris
fb7dfdbe8f selftest: test forwardable flag in cross-realm with s4u2proxy
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-06-12 20:42:38 +00:00
Isaac Boukris
9b302a57ff selftest: test forwardable flag in cross-realm tgt tickets
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14233

Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-06-12 20:42:38 +00:00
Isaac Boukris
8fdff19c54 heimdal: apply disallow-forwardable on server in TGS request
upstream commit: 839b073facd2aecda6740224d73e560bc79965dc

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14233

Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-06-12 20:42:38 +00:00
Isaac Boukris
197f97bc13 selftest: add test for disallowed-forwardable server
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14233

Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-06-12 20:42:38 +00:00
Jeremy Allison
ab018150e6 s3: VFS: default. Ensure read_dfs_pathat() returns stat info.
Remove the knownfail.d/msdfs-attr file.

Everything now passes.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14391

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Jun  3 06:19:21 UTC 2020 on sn-devel-184
2020-06-03 06:19:21 +00:00
Jeremy Allison
2a4705129d s3: torture: Add test for getting attibutes on an MSDFS link.
Mark as knownfail for now.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14391

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-06-03 04:54:38 +00:00
Isaac Boukris
2b62bd5137 Add msDS-AdditionalDnsHostName entries to the keytab
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14396

Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-05-29 12:11:29 +00:00
Isaac Boukris
97cd636dbc Add a test for msDS-AdditionalDnsHostName entries in keytab
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14396

Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-05-29 12:11:29 +00:00
Isaac Boukris
aa0985324a Fix accidental overwrite of dnsHostName by the last netbios alias
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14396

Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-05-29 12:11:29 +00:00
Isaac Boukris
b0b7325365 Add a test to check dNSHostName with netbios aliases
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14396

Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-05-29 12:11:28 +00:00
Volker Lendecke
d18c76666f smbd: Protect smbd_smb2_getinfo_send() against invalid quota files
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14367

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri May 29 09:55:10 UTC 2020 on sn-devel-184
2020-05-29 09:55:10 +00:00
Volker Lendecke
7f16ecc5ce torture3: Check error code for quotactl on a non-quota file handle
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14367

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2020-05-29 08:34:31 +00:00
Andrew Bartlett
004e7a1fee s4/rpc_server/dnsserver: Allow parsing of dnsProperty to fail gracefully
On (eg) the

DC=_msdcs.X.Y,CN=MicrosoftDNS,DC=ForestDnsZones,DC=X,DC=Y

record, in domains that have had a Microsoft Windows DC an attribute:

dNSProperty:: AAAAAAAAAAAAAAAAAQAAAJIAAAAAAAAA

000000 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00  >................<
000010 92 00 00 00 00 00 00 00                          >........<
000018

We, until samba 4.12, would parse this as:

pull returned Success
    dnsp_DnsProperty: struct dnsp_DnsProperty
        wDataLength              : 0x00000000 (0)
        namelength               : 0x00000000 (0)
        flag                     : 0x00000000 (0)
        version                  : 0x00000001 (1)
        id                       : DSPROPERTY_ZONE_NS_SERVERS_DA (146)
        data                     : union dnsPropertyData(case 0)
        name                     : 0x00000000 (0)
dump OK

However, the wDataLength is 0.  There is not anything in
[MS-DNSP] 2.3.2.1 dnsProperty to describe any special behaviour
for when the id suggests that there is a value, but wDataLength is 0.

https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-dnsp/445c7843-e4a1-4222-8c0f-630c230a4c80

We now fail to parse it, because we expect an entry with id DSPROPERTY_ZONE_NS_SERVERS_DA
to therefore have a valid DNS_ADDR_ARRAY (section 2.2.3.2.3).

As context we changed it in our commit fee5c6a424
because of bug https://bugzilla.samba.org/show_bug.cgi?id=14206
which was due to the artificial environment of the fuzzer.

Microsoft advises that Windows also fails to parse this, but
instead of failing the operation, the value is ignored.

Reported by Alex MacCuish.  Many thanks for your assistance in
tracking down the issue.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14310

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri May 15 07:29:17 UTC 2020 on sn-devel-184
2020-05-15 07:29:16 +00:00
Andrew Bartlett
6eb2a48f5a selftest: Add test for handling of "short" dnsProperty records
These have been known to be given by Windows DCs that share the same domain
as while invalid, they are not format-checked inbound when set by the DNS
Manager MMC applet over the dnsserver pipe to Windows.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14310

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2020-05-15 06:05:30 +00:00
Volker Lendecke
01db877c77 srvsvc: Move brl_get_locks() out of enum_file_fn()
With share_infos.tdb this is a locking order violation:
share_infos.tdb is level 4, brlock.tdb is level 2. Avoid this by first
walking the share_infos.tdb and then fetching all the brlock entries.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14355

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu May 14 22:06:32 UTC 2020 on sn-devel-184
2020-05-14 22:06:32 +00:00
Volker Lendecke
8e4583f730 test: Show that netfileenum is broken
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14355

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2020-05-14 20:29:38 +00:00
Ralph Boehme
54883d4b3a smbd: move processing of root_dir_fid outside of SMB_VFS_CREATE_FILE()
The only two callers that pass a root_dir_fid != 0 are reply_ntcreate_and_X()
and call_nt_transact_create(). By moving root_dir_fid processing outside of
SMB_VFS_CREATE_FILE() we can avoid rewriting get_relative_fid_filename() to work
with *AT semantics and dirfsps.

Bonus points: the previous code in both functions passed fname to
filename_convert() which can't really have worked as it is relative to
root_dir_fid so filename_convert() will not be able to stat() the relative path
and it's components.

The only test I can find that uses a root dir_fid is raw.samba3rootdirfid and
that uses a handle on the share root which will work.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14380

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-05-14 18:07:39 +00:00
Ralph Boehme
f0df11ce9d s4/torture: add a *real* root_dir_fid test
raw.samba3rootdirfid tests with the share root directory as root_dir_fid handle,
that doesn't cover the case where the relative name has more then one path
component. It only works because in unix_convert() we run into the creating file
optimasation.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14380

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-05-14 18:07:39 +00:00
Jeremy Allison
393da520e4 s3: libsmbclient: Finish unifing bad iconv behavior across CORE NT1 SMB2 protocols.
On bad name conversion, exit the directory listing with an error, but leave the
connection intact. We were already checking for finfo->name == NULL here,
but were ignoring it and not reporting an error.

Remove the knownfail.d/bad_iconv file as we now
behave the same across CORE/NT1/SMB2.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14374

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue May 12 21:32:44 UTC 2020 on sn-devel-184
2020-05-12 21:32:44 +00:00
Jeremy Allison
753115a8d1 s3: libsmb: In SMB2 return NT_STATUS_INVALID_NETWORK_RESPONSE if name conversion ended up with a NULL filename.
Can happen if namelen == 0.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14374

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-05-12 19:53:46 +00:00
Jeremy Allison
e016671d34 s3: selftest: Add test_smbclient_iconv.sh to check client behavior on bad name conversion.
SMB2 and NT1 fail this, CORE already returns NT_STATUS_INVALID_NETWORK_RESPONSE
on bad conversion.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14374

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-05-12 19:53:46 +00:00