IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
This will make it possible to alter pdus before sending them to the
server.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14356
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
The aim is to keep testing the code paths, which are no longer
testing because allow_bind_auth_pad is false now, which
means the existing tests fail directly at the BIND,
but we also want to test the error handling on
ALTER_CONTEXT (and AUTH3).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14356
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Test works against Windows 2022 and works like this:
SMB_CONF_PATH=/dev/null SERVER=172.31.9.118 \
TARGET_HOSTNAME=w2022-118.w2022-l7.base IGNORE_RANDOM_PAD=1 \
DOMAIN=W2022-L7 REALM=W2022-L7.BASE \
USERNAME=administrator PASSWORD=A1b2C3d4 \
python/samba/tests/dcerpc/raw_protocol.py -v -f TestDCERPC_BIND
Against a legacy Windows2012R2 server this still works:
SMB_CONF_PATH=/dev/null SERVER=172.31.9.188 \
TARGET_HOSTNAME=w2012r2-188.w2012r2-l6.base ALLOW_BIND_AUTH_PAD=1 \
LEGACY_BIND_NACK_NO_REASON=1 AUTH_LEVEL_CONNECT_LSA=1 \
IGNORE_RANDOM_PAD=1 DOMAIN=W2012R2-L6 REALM=W2012R2-L6.BASE \
USERNAME=administrator PASSWORD=A1b2C3d4 \
python/samba/tests/dcerpc/raw_protocol.py -v -f TestDCERPC_BIND
Currently Samba behaves like 2012R2, but the next commits
will change that...
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14356
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15692
Signed-off-by: Andréas Leroux <aleroux@tranquil.it>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Fri Oct 4 04:01:22 UTC 2024 on atb-devel-224
pylibsmb is supposed to be used only internally, at least I hope this
has not made it into an API that is perceived to be publically used.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Thu Sep 26 16:35:55 UTC 2024 on atb-devel-224
GPOs containing GPWL (Wireless/Wired Protocol Extension) policies could not be deleted with samba-tool
as those policies were stored as subentries of the GPO and only the main root was deleted.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15387
RN: Fix for inability to delete GPOs containing GPWL policies using samba-tool
Signed-off-by: Kacper Boström <kacper@kacper.se>
Reviewed-by: David Mulder <dmulder@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Sep 24 17:11:53 UTC 2024 on atb-devel-224
Print the faulty character for easier finding it.
I did not find out how to split the format string into two lines such
that self.fail would properly print the whole thing in its exception,
so we have a long line here.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Fix typo in "samba-tool user add" error message when adding a user with
NIS features : the argument for the uid number is --uid-number and not
--uidNumber.
RN: Fix typo in samba-tool error message.
Signed-off-by: Lyanis Souidi <lyanis.souidi@u-pec.fr>
Reviewed-by: Jennifer Sutton <josutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
assertMatch() returns None, which isn’t very useful.
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
This makes our intent clear, and avoids accidental attempts to use these
objects after they have been ‘disconnect()’ed.
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
In AD_DS_Classes_Windows_Server_v1903.ldf from
https://www.microsoft.com/en-us/download/details.aspx?id=23782, we see
defaultSecurityDescriptor: O:BAG:BAD: (A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPLCLORC;;;AU)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15685
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Thu Jul 25 06:27:27 UTC 2024 on atb-devel-224
net.export_keytab() includes the current timestamp into the resulting
keytab. So we need to make sure the two compared exports actually
run within the same second.
And klist may also print the keytab filename...
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Jul 17 14:21:30 UTC 2024 on atb-devel-224
Updating things like the bad pwd count should not clear the
stored LM HASH with 'lanman auth = no'.
This allows testing with 'lanman auth = no' and 'lanman auth = yes'.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9705
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
When not equal a diff of the two strings highlighting the differences
will be included this way.
This is a flapping test.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Jul 16 07:40:41 UTC 2024 on atb-devel-224
When not equal a diff of the two strings highlighting the differences
will be included this way.
This is a flapping test.
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Jul 15 13:51:03 UTC 2024 on atb-devel-224
Patch updated for recent samba versions in merge request #3295 by kvvloten
Initial patch created by Jeremy Allison (https://www.spinics.net/lists/samba/msg161128.html) to log LDAP server queries/functions in a separate file
Signed-off-by: Andréas Leroux <aleroux@tranquil.it>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Jul 9 08:37:22 UTC 2024 on atb-devel-224
Heimdal matches Windows in the no‐FAST case, but produces NTSTATUS codes
when it shouldn’t in the FAST case.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15655
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
This augments the PKINIT based tests to show this is correctly handled
for the fare more usual case.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: David Mulder <dmulder@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Jun 13 00:45:36 UTC 2024 on atb-devel-224
8944a10b145e99eb6372cace8225e4c5e9d6160e broke password expiry
checking on NTLM, but that is fixed after CID 1603594 triggered
815d696d4471f1b3a4267eb774eb80b07576031b. In the past we could
not have password expiry times small enough to test expiry
(unlike "must change now"), but having no test was not good.
As we are already doing the sleep() here, add a test to the
password rotation test.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: David Mulder <dmulder@samba.org>
This was a useful function during the Python 2 -> 3 migration, but it
is not used any more. In all the cases it was used, we knew we already
had a bytes object, and this was just an inefficient way of confirming
that.
In cases where we actually want to cast a string into a mutable list
of byte-sized ints, the builtin bytearray() function will do a better
job than this, because it will encode high unicode characters as utf-8
bytes, rather than adding them as out-of-range values in the list.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Jun 12 09:16:39 UTC 2024 on atb-devel-224
We have bindings for stringifying GUIDs, so I intended to replace this
rather complicated code with that, but it turns out that this method
has been unused since 5d42260eec in 2013.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
The old test
x if ((len(repr(chr(x))) == 3) and (x < 127)) else ord('.')
went through some contortions to see if the character was printable, and
it got it slightly wrong. The idea was that `repr(chr(97)` is "'a'",
while `repr(chr(167)` is "'\xa7'", which we can distinguish using the
length. But that miscategorised the backslash character, which is
represented as "'\\'", a string of length 4, so it was show as '.'
instead.
Instead we notice that the characters we want to print in a hexdump
are exactly those between 32 and 126, inclusive.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
`pw.encode('utf-16-le')` is always bytes.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
`pw.encode('utf-16-le')` is always bytes.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This was a workaround for the migration to Python 3, but is now just
extra work for the computer and cognitive load for us.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>