1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
Commit Graph

4801 Commits

Author SHA1 Message Date
Ralph Boehme
e067c523b1 CVE-2022-2127: ntlm_auth: cap lanman response length value
We already copy at most sizeof(request.data.auth_crap.lm_resp) bytes to the
lm_resp buffer, but we don't cap the length indicator.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15072

Signed-off-by: Ralph Boehme <slow@samba.org>
2023-07-21 12:05:35 +00:00
Andreas Schneider
746ef717a7 s3:utils: Fix code spelling
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
2023-07-19 09:58:37 +00:00
Volker Lendecke
dbe95be8bb utils3: Remove the "split_tokens" utility
This is not tested as far as I can see, and as this is explicity meant
as a testing utility I think we can live without it.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2023-07-03 19:40:35 +00:00
Jones Syue
afbed65352 s3:utils: smbget fix a memory leak
Using smbget to download files recursively (-R).

If smbget found that a file is already existed in the destination,
smbget would said 'File exists', return early, and 'newname' allocated
memory is never freed, this is found by valgrind.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15403

Signed-off-by: Jones Syue <jonessyue@qnap.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Jun 28 07:02:34 UTC 2023 on atb-devel-224
2023-06-28 07:02:34 +00:00
Volker Lendecke
a4972336f1 lib: Add a few required #includes
You find them if you try to #include these files directly

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2023-06-16 16:14:30 +00:00
Volker Lendecke
3f3df7dd03 testparm: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2023-06-13 23:33:39 +00:00
Björn Jacke
fcedf5514b smbcacls/smbcquotas: check for valid UNC path
we used to strip the first two characters of the path and used that.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=2312

Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Jun  6 09:33:47 UTC 2023 on atb-devel-224
2023-06-06 09:33:47 +00:00
Noel Power
22ab42c100 s3/utils: avoid erronous NO MEMORY detection
since 5cc3c1b5f6 if we don't have
a realm specified either on cmdline or in conf file we try to
copy (talloc_strdup) a NULL variable which triggers a NO_MEMORY
error when we check the result of the copy

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15384

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Sun Jun  4 12:42:16 UTC 2023 on atb-devel-224
2023-06-04 12:42:16 +00:00
Joseph Sutton
e14b5974c6 net_ads: Handle new NBT_SERVER_* flags
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-05-29 22:32:28 +00:00
Joseph Sutton
80b3752052 s3:utils: Check return value of json_new_object()
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-05-24 00:50:31 +00:00
Joseph Sutton
f948f9cb66 s3:utils: Fix typo
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-05-18 01:03:37 +00:00
Joseph Sutton
6752bcaf4d s3:utils: Move error-handling code into more suitable spot (CID 1524680)
The loop above would only exit once ‘c’ was equal to −1, and thus this
code could never be reached.

Also set ‘ok’ to false to indicate failure.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu May  4 01:29:10 UTC 2023 on atb-devel-224
2023-05-04 01:29:10 +00:00
Joseph Sutton
11f3680462 s3:utils: Use ‘int’ for popt parameters
Previously we were handing the addresses of bool parameters to popt for
POPT_ARG_NONE parameters. This is not supported, and popt was returning
POPT_ERROR_BADOPERATION for these parameters (not bundled popt, though,
nor on Debian or Ubuntu). Using integers instead ensures that these
addresses are aligned and sized as popt expects.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Volker Lendecke <vl@samba.org>
2023-05-04 00:34:32 +00:00
Joseph Sutton
d2720a9e78 s3:utils: Use floating-point arithmetic when result is assigned to a double
This avoids any loss of precision from performing an integer division.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Volker Lendecke <vl@samba.org>
2023-05-04 00:34:32 +00:00
Andreas Schneider
092a6a62e1 s3:utils: Use smbc_set_credentials_with_fallback() for smbget
smbc_set_credentials() is deprecated.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
2023-04-20 11:59:31 +00:00
Joseph Sutton
e0db10cfc3 s3:net_usershare: Correctly escape newline in error message
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
2023-04-12 13:52:32 +00:00
Joseph Sutton
2de0e1dccd s3:net_usershare: Handle allocation failure
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
2023-04-12 13:52:31 +00:00
Stefan Metzmacher
0ef53b948e net_ads: fill ads->auth.realm from c->creds
We get the realm we use for authentication needs to
the realm belonging to the username we use.

We derive the username from c->creds, so we need to
do the same for the realm.

Otherwise we try to authenticate as the wrong user.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15323

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2023-04-06 12:51:30 +00:00
Andreas Schneider
960fe1ca27 s3:utils: s3:utils: Correctly wire winbind ccache support for smbget
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-04-05 01:06:29 +00:00
Andreas Schneider
e22eccbe88 s3:utils: Correctly wire NT hash support for smbget
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-04-05 01:06:29 +00:00
Andreas Schneider
267ea54712 s3:utils: Correctly wire Kerberos support for smbget
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-04-05 01:06:29 +00:00
Andreas Schneider
ada8cd6a62 s3:utils: Correctly wire encryption for smbget
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-04-05 01:06:29 +00:00
Andreas Schneider
20b5d98ce5 s3:utils: Use common command line parser for smbget
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-04-05 01:06:29 +00:00
Andreas Schneider
0e07d0ac22 s3:utils: Add support for parsing domain/UPN in username for smbget
The smbget utility doesn't use the common command line parser, so it
doesn't support paring of DOMAIN/user or user@realm.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15345

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-04-05 01:06:29 +00:00
Andreas Schneider
34d4ac9907 s3:utils: Always cleanup when leaving smbget main()
This will not leak any memory. Also rename the bool to 'ok' for better
readability.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-04-05 01:06:29 +00:00
Andreas Schneider
71eb85bc25 s3:utils: Fix grammar in testparm
Best reviewed with: `git show --word-diff`

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Rowland Penny <rpenny@samba.org>
2023-03-28 09:33:31 +00:00
Björn Baumbach
e3cfb99d28 net: add hint which options can be used with net ads dns register command
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Björn Baumbach <bb@sernet.de>
Autobuild-Date(master): Fri Mar  3 12:52:00 UTC 2023 on atb-devel-224
2023-03-03 12:52:00 +00:00
Björn Baumbach
36ed126f4c net: add new --dns-ttl option to specify the ttl of dns records
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-03-03 11:58:34 +00:00
Andreas Schneider
a273ed89db s3:utils: Check if the autorid rangesize is a multiple of the range
We also have this in our documentation.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2023-02-28 13:24:33 +00:00
Volker Lendecke
cc4e11d028 smbd: Remove smbXsrv_open_global0->db_rec
The only user by now was net serverid wipedbs, and there it was easy to replace

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Feb 13 10:49:43 UTC 2023 on atb-devel-224
2023-02-13 10:49:43 +00:00
Andreas Schneider
e57fa88119 s3:utils: Remove unused variable
source3/utils/log2pcaphex.c:138:13: error: variable 'i' set but not used
[-Werror,-Wunused-but-set-variable]
        static int i = 0;
                   ^

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2023-02-06 22:51:32 +00:00
Pavel Filipenský
65e9b409a6 s3:utils: Fix UNUSED_VALUE
Reported by RedHat internal Covscan

Since cb8a0d9 we no longer stop traversing the list if encryption_flag
or signing_flags are unknown.

Assignment "result = -1;" is always overwritten by
"result = traverse_connections_*()" and is a dead code.

Signed-off-by: Pavel Filipenský <pfilipensky@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Thu Feb  2 15:46:52 UTC 2023 on atb-devel-224
2023-02-02 15:46:52 +00:00
Pavel Filipenský
4d83e9fcbd s3:utils: Fix trailing whitespaces
Signed-off-by: Pavel Filipenský <pfilipensky@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2023-02-02 14:53:38 +00:00
Volker Lendecke
425aaf6f7e lib: Fix a use-after-free in "net vfs getntacl"
Don't hang "sd" off "fsp", which is free'ed before printing

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Thu Jan 12 16:41:07 UTC 2023 on sn-devel-184
2023-01-12 16:41:07 +00:00
Volker Lendecke
6dcbea9e0f build: Don't compile source3/lib/util_sd.c four times
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2023-01-12 15:38:30 +00:00
Jones Syue
98d84192a0 s3:utils:mdsearch go to cmdline_messaging_context_free
mdsearch utility would exit earlier with failure in several cases like:
a. samba server is not running yet,
[~] # mdsearch -Uuser%password1 ${server} Public '*=="Samba"'
main: Cannot connect to server: NT_STATUS_CONNECTION_REFUSED

b. spotlight backend service is not ready yet,
[~] # mdsearch -Uuser%password1 ${server} Public '*=="Samba"'
Failed to connect mdssvc

c. mdsearch utility paramters is not as expecred,
[~] # mdsearch -Uuser%password1 ${server} share_not_exist '*=="Samba"'
mdscli_search failed

And in the mean while once mdsearch utility exit earlier with failure,
the lock files are left behind in the directory 'msg.sock' and 'msg.lock'.
If a script to run mdsearch utility in a loop,
this might result in used space slowly growing-up on underlying filesystem.

Supposed to add a new label 'fail_free_messaging',
make it go through the cmdline_messaging_context_free() which deletes the
lock files in the directory msg.sock and msg.lock before mdsearch utility
is exiting with failure.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15284

Signed-off-by: Jones Syue <jonessyue@qnap.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Jan 12 11:40:19 UTC 2023 on sn-devel-184
2023-01-12 11:40:19 +00:00
Jones Syue
de5d31f452 s3:smbstatus: go to cmdline_messaging_context_free
If the locking.tdb is not found,
(for example, fresh new installed samba server is not running yet)
smbstatus utility would exit earlier,
and lock files are left behind in the directory 'msg.sock' and 'msg.lock'.
Consider that a script to run smbstatus utility in a loop,
this might result in used space slowly growing-up on the underlying filesystem.
Since the samba server is not running yet,
there is no cleanupd daemon could delete these files to reclaim space.

Supposed to use 'ret = 0; goto done;' instead of exit(0),
this would go through the cmdline_messaging_context_free() which deletes
the lock files in the directory msg.sock and msg.lock before smbstatus
utility is exiting.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15282

Signed-off-by: Jones Syue <jonessyue@qnap.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Jan 11 17:08:10 UTC 2023 on sn-devel-184
2023-01-11 17:08:10 +00:00
Volker Lendecke
6907db5cf0 lib: Make map_share_mode_to_deny_mode() static to smbstatus
At some point in the future this might disappear, we should really not
show DOS share modes in smbstatus. Maybe this can't be changed though.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2023-01-10 00:28:37 +00:00
Günther Deschner
39e8489dfc s3-librpc: add ads.idl and convert ads_struct to talloc.
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-12-16 20:38:32 +00:00
Stefan Metzmacher
b7260c89e0 CVE-2022-37966 s3:net_ads: let 'net ads enctypes list' pretty print AES256-SK and RESOURCE-SID-COMPRESSION-DISABLED
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15237

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-12-13 13:07:30 +00:00
Stefan Metzmacher
4cedaa643b CVE-2022-37966 s3:net_ads: no longer reference des encryption types
We no longer have support for des encryption types in the kerberos
libraries anyway.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15237

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-12-13 13:07:30 +00:00
Stefan Metzmacher
f3fe1f2ce6 CVE-2022-37966 s3:net_ads: remove unused ifdef HAVE_ENCTYPE_AES*
aes encryption types are always supported.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15237

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-12-13 13:07:30 +00:00
Stefan Metzmacher
c0c25cc021 CVE-2022-37966 testparm: warn about 'kerberos encryption types = legacy'
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15237

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2022-12-13 13:07:29 +00:00
Stefan Metzmacher
4d540473c3 CVE-2022-38023 testparm: warn about unsecure schannel related options
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15240

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2022-12-13 13:07:29 +00:00
Stefan Metzmacher
f964c0c357 CVE-2022-38023 testparm: warn about server/client schannel != yes
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15260

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2022-12-13 13:07:29 +00:00
Stefan Metzmacher
1fdf1d55a5 CVE-2022-38023 s3:net: add and use net_warn_member_options() helper
This makes sure domain member related 'net' commands print warnings
about unsecure smb.conf options.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15240

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2022-12-13 13:07:29 +00:00
Stefan Metzmacher
992f39a2c8 CVE-2022-38023 libcli/auth: pass lp_ctx to netlogon_creds_cli_set_global_db()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15240

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2022-12-13 13:07:29 +00:00
Andreas Schneider
ef8c8ac54c s3:utils: Fix stack smashing in net offlinejoin
Cast from 'uint32_t *' (aka 'unsigned int *') to 'size_t *' (aka
'unsigned long *') increases required alignment from 4 to 8

==10343==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7ffdc6784fc0 at pc 0x7f339f1ea500 bp 0x7ffdc6784ed0 sp 0x7ffdc6784ec8
WRITE of size 8 at 0x7ffdc6784fc0 thread T0
    #0 0x7f339f1ea4ff in fd_load ../../lib/util/util_file.c:220
    #1 0x7f339f1ea5a4 in file_load ../../lib/util/util_file.c:245
    #2 0x56363209a596 in net_offlinejoin_requestodj ../../source3/utils/net_offlinejoin.c:267
    #3 0x56363209a9d0 in net_offlinejoin ../../source3/utils/net_offlinejoin.c:74
    #4 0x56363208f61c in net_run_function ../../source3/utils/net_util.c:453
    #5 0x563631fe8a9f in main ../../source3/utils/net.c:1358
    #6 0x7f339b22c5af in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
    #7 0x7f339b22c678 in __libc_start_main_impl ../csu/libc-start.c:381
    #8 0x563631faf374 in _start ../sysdeps/x86_64/start.S:115

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15257

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Dec  5 12:05:24 UTC 2022 on sn-devel-184
2022-12-05 12:05:24 +00:00
Ralph Boehme
3b9ccfa4ac net: use correct printf format, fi3_id is an uint32_t
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Nov 24 16:39:12 UTC 2022 on sn-devel-184
2022-11-24 16:39:12 +00:00
vporpo
b3292b541e smbget: Adds a rate limiting option --limit-rate in KB/s
This patch implements a very simple rate limiter. It works by pausing the main
download loop whenever the bytes transferred are more than what we would get
with if it were transferred at the rate set by the user.
Please note that this may reduce the blocksize if the limit is too small.

Signed-off-by: Vasileios Porpodas <v.porpodas@gmail.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Nov  2 22:47:10 UTC 2022 on sn-devel-184
2022-11-02 22:47:10 +00:00